Closed
Bug 1342694
Opened 7 years ago
Closed 3 years ago
[OffscreenCanvas] Crash in mozilla::WebGLContext::FromDomElem when uploading canvas as WebGL texture
Categories
(Core :: Graphics: CanvasWebGL, defect, P5)
Tracking
()
RESOLVED
INVALID
People
(Reporter: ashley, Assigned: mtseng)
References
Details
(Keywords: crash, testcase)
Crash Data
Attachments
(1 file)
59 bytes,
text/x-review-board-request
|
Details |
User Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:54.0) Gecko/20100101 Firefox/54.0 Build ID: 20170225030208 Steps to reproduce: 1. Visit https://www.scirra.com/labs/bugs/offscreencanvas-texture/ 2. Click 'Crash' Actual results: The page creates an OffscreenCanvas with a WebGL context. When you click the button it creates a temporary DOM canvas and tries to upload it to a WebGL texture via texImage2D(). The texImage2D call crashes the whole browser tab. Expected results: The call to texImage2D should succeed.
I tested the latest Nightly (32/64b, Win 7), I'm not able to crash with the testcase.
Still crashes for me with Nightly 54.0a1 (2017-02-27) (64-bit) on Windows 10. Although I had to flip the flag gfx.offscreencanvas.enabled to true this time for it to crash but I didn't have to previously - maybe the default was changed on that recently?
Indeed, it crashes with gfx.offscreencanvas.enabled=true. https://crash-stats.mozilla.com/report/index/59a946f3-d1b1-4af8-8939-ce3632170227 Even 51 crashes or old versions. NI? Morris who worked on implementation of OffscreenCanvas.
Status: UNCONFIRMED → NEW
Crash Signature: [@ mozilla::WebGLContext::FromDomElem ]
Ever confirmed: true
Flags: needinfo?(mtseng)
Summary: [OffscreenCanvas] Crash uploading canvas as WebGL texture → [OffscreenCanvas] Crash in mozilla::WebGLContext::FromDomElem when uploading canvas as WebGL texture
Assignee | ||
Comment 5•7 years ago
|
||
I can reproduce this.
Comment hidden (mozreview-request) |
Comment 7•7 years ago
|
||
mozreview-review |
Comment on attachment 8842297 [details] Bug 1342694 - Get correct principal when using OffscreenCanvas. https://reviewboard.mozilla.org/r/116164/#review118032 ::: dom/canvas/WebGLTextureUpload.cpp:361 (Diff revision 1) > auto& srcPrincipal = sfer.mPrincipal; > - nsIPrincipal* dstPrincipal = GetCanvas()->NodePrincipal(); > + nsIPrincipal* dstPrincipal; > + if (mOffscreenCanvas) { > + MOZ_ASSERT(NS_IsMainThread()); > + nsCOMPtr<nsIGlobalObject> global = mOffscreenCanvas->GetParentObject(); > + nsCOMPtr<nsPIDOMWindowInner> window = do_QueryInterface(global); Why do we pull from the window, and not the offscreen canvas?
Assignee | ||
Comment 8•7 years ago
|
||
OffscreenCanvas doesn't have any principal info. But the OffscreenCanvas's parent object, which is window, has principal info. So I get the principal from the window instead of OffscreenCanvas.
Updated•7 years ago
|
Blocks: offscreen-canvas
Updated•6 years ago
|
Priority: -- → P3
Updated•6 years ago
|
Attachment #8842297 -
Flags: review?(jgilbert)
Comment 10•3 years ago
|
||
I believe the code that caused this crash was deleted. I wrote a working implementation for WebRender in bug 1736177.
Status: NEW → RESOLVED
Closed: 3 years ago
Resolution: --- → INVALID
You need to log in
before you can comment on or make changes to this bug.
Description
•