Bug 241429 - REGRESSION(r295372): [Win, WinCairo] 30 tests crash when creating ImageData
Summary: REGRESSION(r295372): [Win, WinCairo] 30 tests crash when creating ImageData
Status: RESOLVED FIXED
Alias: None
Product: WebKit
Classification: Unclassified
Component: Layout and Rendering (show other bugs)
Version: WebKit Nightly Build
Hardware: Unspecified Unspecified
: P2 Normal
Assignee: Said Abou-Hallawa
URL:
Keywords: InRadar
Depends on:
Blocks:
 
Reported: 2022-06-08 12:15 PDT by Said Abou-Hallawa
Modified: 2022-06-08 17:20 PDT (History)
5 users (show)

See Also:


Attachments

Note You need to log in before you can comment on or make changes to this bug.
Description Said Abou-Hallawa 2022-06-08 12:15:27 PDT
This is an example for the failed tests from the Windows bots https://ews-build.webkit.org/#/builders/10/builds/137204. And these are the crash logs from the WinCairo bots https://build.webkit.org/results/WinCairo-64-bit-WKL-Release-Tests/251390@main%20(6948)/. 

EXCEPTION_RECORD:  (.exr -1)
.exr -1
ExceptionAddress: 00007ffd74e5405b (WebKit!WebCore::ImageData::{ctor}+0x0000000000000006)
   ExceptionCode: c0000005 (Access violation)
  ExceptionFlags: 00000000
NumberParameters: 2
   Parameter[0]: 0000000000000000
   Parameter[1]: 0000000000000010
Attempt to read from address 0000000000000010

.  0  Id: 1c84.10f0 Suspend: 1 Teb: 000000bd`d6b44000 Unfrozen
 # Child-SP          RetAddr           Call Site
00 (Inline Function) --------`-------- WebKit!WebCore::ImageData::{ctor}+0x6 [C:\BW\WinCairo-64-bit-WKL-Release-Build\build\Source\WebCore\html\ImageData.cpp @ 148]
01 000000bd`d6cfc770 00007ffd`74e84da1 WebKit!WebCore::ImageData::create(class WTF::Ref<WebCore::ByteArrayPixelBuffer,WTF::RawPtrTraits<WebCore::ByteArrayPixelBuffer> > * pixelBuffer = 0x000000bd`d6cfc800)+0x7b [C:\BW\WinCairo-64-bit-WKL-Release-Build\build\Source\WebCore\html\ImageData.cpp @ 56]
02 000000bd`d6cfc7d0 00007ffd`74360dc9 WebKit!WebCore::CanvasRenderingContext2DBase::getImageData(int sx = <Value unavailable error>, int sy = <Value unavailable error>, int sw = 0n1, int sh = 0n1, class std::optional<WebCore::ImageDataSettings> * settings = 0x000000bd`d6cfc910)+0x251 [C:\BW\WinCairo-64-bit-WKL-Release-Build\build\Source\WebCore\html\canvas\CanvasRenderingContext2DBase.cpp @ 2199]
03 000000bd`d6cfc890 00007ffd`74360a9a WebKit!WebCore::jsCanvasRenderingContext2DPrototypeFunction_getImageDataBody(class JSC::JSGlobalObject * lexicalGlobalObject = 0x00000282`f68c8758, class JSC::CallFrame * callFrame = <Value unavailable error>, class WebCore::JSCanvasRenderingContext2D * castedThis = 0x00000282`f75cc278)+0x309 [C:\BW\WinCairo-64-bit-WKL-Release-Build\build\WebKitBuild\Release\WebCore\DerivedSources\JSCanvasRenderingContext2D.cpp @ 2348]
04 (Inline Function) --------`-------- WebKit!WebCore::IDLOperation<WebCore::JSCanvasRenderingContext2D>::call+0x41 [C:\BW\WinCairo-64-bit-WKL-Release-Build\build\Source\WebCore\bindings\js\JSDOMOperation.h @ 63]
05 000000bd`d6cfca30 00000282`b64e11be WebKit!WebCore::jsCanvasRenderingContext2DPrototypeFunction_getImageData(class JSC::JSGlobalObject * lexicalGlobalObject = 0x00000282`f68c8758, class JSC::CallFrame * callFrame = 0x000000bd`d6cfca90)+0x5a [C:\BW\WinCairo-64-bit-WKL-Release-Build\build\WebKitBuild\Release\WebCore\DerivedSources\JSCanvasRenderingContext2D.cpp @ 2354]
06 000000bd`d6cfca70 00000282`b64e1180 0x00000282`b64e11be
07 000000bd`d6cfca78 00000000`00000000 0x00000282`b64e1180
Comment 1 Said Abou-Hallawa 2022-06-08 13:59:37 PDT
Pull request: https://github.com/WebKit/WebKit/pull/1391
Comment 2 Fujii Hironori 2022-06-08 14:18:47 PDT
WTFMove(pixelBuffer) was evaluated before evaluating pixelBuffer->size().
Comment 3 EWS 2022-06-08 17:19:11 PDT
Committed r295402 (251408@main): <https://commits.webkit.org/251408@main>

Reviewed commits have been landed. Closing PR #1391 and removing active labels.
Comment 4 Radar WebKit Bug Importer 2022-06-08 17:20:14 PDT
<rdar://problem/94677774>