[Webkit-unassigned] [Bug 135348] [GTK] WebkitWebProcess crashing navigating away from ogg video element

bugzilla-daemon at webkit.org bugzilla-daemon at webkit.org
Thu Aug 7 08:35:02 PDT 2014 

https://bugs.webkit.org/show_bug.cgi?id=135348





--- Comment #4 from Víctor M. Jáquez L. <vjaquez at igalia.com>  2014-08-07 08:35:13 PST ---
I can reproduce it in WebKitGTK+-2.4.4, but the test case is wrong: simply modify the a.html and change the link to b.html instead of a.html.

An the resulting backtrace is not related with fastMalloc at all, but with the TextureMapper

Program received signal SIGSEGV, Segmentation fault.
0xf37da44c in WebCore::TextureMapperLayer::paintSelf (this=0x9d51e00, options=...) at ../../../opt/webkit/WebKit/Source/WebCore/platform/graphics/texmap/TextureMapperLayer.cpp:157
157         m_contentsLayer->paintToTextureMapper(options.textureMapper, m_state.contentsRect, transform, options.opacity);
(gdb) bt
#0  0xf37da44c in WebCore::TextureMapperLayer::paintSelf (this=0x9d51e00, options=...) at ../../../opt/webkit/WebKit/Source/WebCore/platform/graphics/texmap/TextureMapperLayer.cpp:157
#1  0xf37da5da in WebCore::TextureMapperLayer::paintSelfAndChildren (this=0x9d51e00, options=...) at ../../../opt/webkit/WebKit/Source/WebCore/platform/graphics/texmap/TextureMapperLayer.cpp:176
#2  0xf37daa3a in WebCore::TextureMapperLayer::paintSelfAndChildrenWithReplica (this=0x9d51e00, options=...) at ../../../opt/webkit/WebKit/Source/WebCore/platform/graphics/texmap/TextureMapperLayer.cpp:231
#3  0xf37dbf6a in WebCore::TextureMapperLayer::paintRecursive (this=0x9d51e00, options=...) at ../../../opt/webkit/WebKit/Source/WebCore/platform/graphics/texmap/TextureMapperLayer.cpp:455
#4  0xf37da74c in WebCore::TextureMapperLayer::paintSelfAndChildren (this=0x9dbf118, options=...) at ../../../opt/webkit/WebKit/Source/WebCore/platform/graphics/texmap/TextureMapperLayer.cpp:191
#5  0xf37daa3a in WebCore::TextureMapperLayer::paintSelfAndChildrenWithReplica (this=0x9dbf118, options=...) at ../../../opt/webkit/WebKit/Source/WebCore/platform/graphics/texmap/TextureMapperLayer.cpp:231
#6  0xf37dbf6a in WebCore::TextureMapperLayer::paintRecursive (this=0x9dbf118, options=...) at ../../../opt/webkit/WebKit/Source/WebCore/platform/graphics/texmap/TextureMapperLayer.cpp:455
#7  0xf37da74c in WebCore::TextureMapperLayer::paintSelfAndChildren (this=0x987b3f8, options=...) at ../../../opt/webkit/WebKit/Source/WebCore/platform/graphics/texmap/TextureMapperLayer.cpp:191
#8  0xf37daa3a in WebCore::TextureMapperLayer::paintSelfAndChildrenWithReplica (this=0x987b3f8, options=...) at ../../../opt/webkit/WebKit/Source/WebCore/platform/graphics/texmap/TextureMapperLayer.cpp:231
#9  0xf37dbf6a in WebCore::TextureMapperLayer::paintRecursive (this=0x987b3f8, options=...) at ../../../opt/webkit/WebKit/Source/WebCore/platform/graphics/texmap/TextureMapperLayer.cpp:455
#10 0xf37da74c in WebCore::TextureMapperLayer::paintSelfAndChildren (this=0x991bcc8, options=...) at ../../../opt/webkit/WebKit/Source/WebCore/platform/graphics/texmap/TextureMapperLayer.cpp:191
#11 0xf37daa3a in WebCore::TextureMapperLayer::paintSelfAndChildrenWithReplica (this=0x991bcc8, options=...) at ../../../opt/webkit/WebKit/Source/WebCore/platform/graphics/texmap/TextureMapperLayer.cpp:231
#12 0xf37dbf6a in WebCore::TextureMapperLayer::paintRecursive (this=0x991bcc8, options=...) at ../../../opt/webkit/WebKit/Source/WebCore/platform/graphics/texmap/TextureMapperLayer.cpp:455
#13 0xf37da74c in WebCore::TextureMapperLayer::paintSelfAndChildren (this=0x991b858, options=...) at ../../../opt/webkit/WebKit/Source/WebCore/platform/graphics/texmap/TextureMapperLayer.cpp:191
#14 0xf37daa3a in WebCore::TextureMapperLayer::paintSelfAndChildrenWithReplica (this=0x991b858, options=...) at ../../../opt/webkit/WebKit/Source/WebCore/platform/graphics/texmap/TextureMapperLayer.cpp:231
#15 0xf37dbf6a in WebCore::TextureMapperLayer::paintRecursive (this=0x991b858, options=...) at ../../../opt/webkit/WebKit/Source/WebCore/platform/graphics/texmap/TextureMapperLayer.cpp:455
#16 0xf37da74c in WebCore::TextureMapperLayer::paintSelfAndChildren (this=0x987a480, options=...) at ../../../opt/webkit/WebKit/Source/WebCore/platform/graphics/texmap/TextureMapperLayer.cpp:191
#17 0xf37daa3a in WebCore::TextureMapperLayer::paintSelfAndChildrenWithReplica (this=0x987a480, options=...) at ../../../opt/webkit/WebKit/Source/WebCore/platform/graphics/texmap/TextureMapperLayer.cpp:231
#18 0xf37dbf6a in WebCore::TextureMapperLayer::paintRecursive (this=0x987a480, options=...) at ../../../opt/webkit/WebKit/Source/WebCore/platform/graphics/texmap/TextureMapperLayer.cpp:455
#19 0xf37da74c in WebCore::TextureMapperLayer::paintSelfAndChildren (this=0x973a768, options=...) at ../../../opt/webkit/WebKit/Source/WebCore/platform/graphics/texmap/TextureMapperLayer.cpp:191
#20 0xf37daa3a in WebCore::TextureMapperLayer::paintSelfAndChildrenWithReplica (this=0x973a768, options=...) at ../../../opt/webkit/WebKit/Source/WebCore/platform/graphics/texmap/TextureMapperLayer.cpp:231
#21 0xf37dbf6a in WebCore::TextureMapperLayer::paintRecursive (this=0x973a768, options=...) at ../../../opt/webkit/WebKit/Source/WebCore/platform/graphics/texmap/TextureMapperLayer.cpp:455
#22 0xf37da74c in WebCore::TextureMapperLayer::paintSelfAndChildren (this=0x98a6ab8, options=...) at ../../../opt/webkit/WebKit/Source/WebCore/platform/graphics/texmap/TextureMapperLayer.cpp:191
#23 0xf37daa3a in WebCore::TextureMapperLayer::paintSelfAndChildrenWithReplica (this=0x98a6ab8, options=...) at ../../../opt/webkit/WebKit/Source/WebCore/platform/graphics/texmap/TextureMapperLayer.cpp:231
#24 0xf37dbf6a in WebCore::TextureMapperLayer::paintRecursive (this=0x98a6ab8, options=...) at ../../../opt/webkit/WebKit/Source/WebCore/platform/graphics/texmap/TextureMapperLayer.cpp:455
#25 0xf37d9d31 in WebCore::TextureMapperLayer::paint (this=0x98a6ab8) at ../../../opt/webkit/WebKit/Source/WebCore/platform/graphics/texmap/TextureMapperLayer.cpp:92
#26 0xf2bb2439 in WebKit::LayerTreeHostGtk::compositeLayersToContext (this=0x9672148, purpose=WebKit::LayerTreeHostGtk::NotForResize)
    at ../../../opt/webkit/WebKit/Source/WebKit2/WebProcess/WebPage/gtk/LayerTreeHostGtk.cpp:341
#27 0xf2bb254d in WebKit::LayerTreeHostGtk::flushAndRenderLayers (this=0x9672148) at ../../../opt/webkit/WebKit/Source/WebKit2/WebProcess/WebPage/gtk/LayerTreeHostGtk.cpp:366
#28 0xf2bb20cc in WebKit::LayerTreeHostGtk::layerFlushTimerFired (this=0x9672148) at ../../../opt/webkit/WebKit/Source/WebKit2/WebProcess/WebPage/gtk/LayerTreeHostGtk.cpp:301
#29 0xf2bb2061 in WebKit::LayerTreeHostGtk::layerFlushTimerFiredCallback (layerTreeHost=0x9672148) at ../../../opt/webkit/WebKit/Source/WebKit2/WebProcess/WebPage/gtk/LayerTreeHostGtk.cpp:292
#30 0xee8eed11 in ?? () from /lib/i386-linux-gnu/libglib-2.0.so.0
#31 0xee8ee1d7 in g_main_context_dispatch () from /lib/i386-linux-gnu/libglib-2.0.so.0
#32 0xee8ee598 in ?? () from /lib/i386-linux-gnu/libglib-2.0.so.0
#33 0xee8ee89b in g_main_loop_run () from /lib/i386-linux-gnu/libglib-2.0.so.0
#34 0xf064d369 in WTF::RunLoop::run () at ../../../opt/webkit/WebKit/Source/WTF/wtf/gtk/RunLoopGtk.cpp:59
#35 0xf2a9e5e7 in WebKit::WebProcessMainGtk (argc=2, argv=0xffb19894) at ../../../opt/webkit/WebKit/Source/WebKit2/WebProcess/gtk/WebProcessMainGtk.cpp:75
#36 0x08048668 in main (argc=2, argv=0xffb19894) at ../../../opt/webkit/WebKit/Source/WebKit2/gtk/MainGtk.cpp:31

It looks like if the m_contentLayer got invalid at some point.

-- 
Configure bugmail: https://bugs.webkit.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug.

More information about the webkit-unassigned mailing list