RESOLVED FIXED 256151
REGRESSION(261130@main): Canvas putImageData draws onto wrong canvas 
https://bugs.webkit.org/show_bug.cgi?id=256151
Summary REGRESSION(261130@main): Canvas putImageData draws onto wrong canvas
bitbof
Reported 2023-04-30 10:51:58 PDT
Created attachment 466149 [details] demo of bug Observed on: - MacBook Air M1: MacOS 12.4 Safari 15.5, MacOS 13.3.1 Safari 16.4 - iPad 2019: iPadOS 15.4.1, iPadOS 16.4.1 - iPhone SE 2022: iOS 16.3 (non-WebKit browsers not affected) Steps: - Create 2 canvases: canvas A, and canvas B. - Draw canvas A on canvas B. - Create ImageData with any data (here it's noise). - putImageData onto canvas A. Expected: - ImageData is only drawn onto canvas A. Actual: - It is also drawn on canvas B. Demo page: https://bitbof.github.io/browser-bug-demos/2023-04-30-safari-putimagedata/
Attachments
demo of bug (1.38 KB, text/html)
2023-04-30 10:51 PDT, bitbof 		no flags
Details
View All Add attachment proposed patch, testcase, etc.
Simon Fraser (smfr)
Comment 1 2023-05-01 09:46:42 PDT
I can reproduce (only when UI-side compositing is disabled).
Radar WebKit Bug Importer
Comment 2 2023-05-01 09:46:56 PDT
<rdar://problem/108741153>
Said Abou-Hallawa
Comment 3 2023-05-01 10:42:59 PDT
This is a regression of 261130@main. Commenting this if-statement in RemoteImageBufferProxy::putPixelBuffer() fixes the issue. if (canMapBackingStore()) { const_cast<RemoteImageBufferProxy&>(*this).flushDrawingContext(); ImageBuffer::putPixelBuffer(pixelBuffer, srcRect, destPoint, destFormat); // Simulate a write so that read caches are cleared. // FIXME: This should not be done via the context draw, as that induces a flush. context().fillRect({ }); return; }
Kimmo Kinnunen
Comment 4 2023-05-02 06:21:43 PDT
Thanks for the investigation. I'll fix it unless Said has started..
Kimmo Kinnunen
Comment 5 2023-05-10 05:10:50 PDT
Pull request: https://github.com/WebKit/WebKit/pull/13689
EWS
Comment 6 2023-05-11 12:05:22 PDT
Committed 263978@main (a658f97638bf): <https://commits.webkit.org/263978@main> Reviewed commits have been landed. Closing PR #13689 and removing active labels.
Note You need to log in before you can comment on or make changes to this bug.