[Webkit-unassigned] [Bug 142333] New: [GTK] WebCore::TransformationMatrix::multiply segfaults when loading last.fm

bugzilla-daemon at webkit.org bugzilla-daemon at webkit.org
Thu Mar 5 03:07:08 PST 2015 

https://bugs.webkit.org/show_bug.cgi?id=142333

            Bug ID: 142333
           Summary: [GTK] WebCore::TransformationMatrix::multiply
                    segfaults when loading last.fm
    Classification: Unclassified
           Product: WebKit
           Version: 528+ (Nightly build)
          Hardware: Unspecified
                OS: Unspecified
            Status: NEW
          Severity: Normal
          Priority: P2
         Component: Layout and Rendering
          Assignee: webkit-unassigned at lists.webkit.org
          Reporter: jdiggs at igalia.com

9 times out of 10, when I load last.fm in MiniBrowser I see the following crash:

Program received signal SIGSEGV, Segmentation fault.
0x00007ffa9758a143 in WebCore::TransformationMatrix::multiply(WebCore::TransformationMatrix const&) ()
   from /home/jd/checkout/WebKitGtk/WebKitBuild/Release/lib/libwebkit2gtk-4.0.so.37
(gdb) bt
#0  0x00007ffa9758a143 in WebCore::TransformationMatrix::multiply(WebCore::TransformationMatrix const&) ()
    at /home/jd/checkout/WebKitGtk/WebKitBuild/Release/lib/libwebkit2gtk-4.0.so.37
#1  0x00007ffa97534228 in WebCore::GraphicsLayerTransform::combineTransforms(WebCore::TransformationMatrix const&) () at /home/jd/checkout/WebKitGtk/WebKitBuild/Release/lib/libwebkit2gtk-4.0.so.37
#2  0x00007ffa9757b814 in WebCore::TextureMapperLayer::computeTransformsRecursive() ()
    at /home/jd/checkout/WebKitGtk/WebKitBuild/Release/lib/libwebkit2gtk-4.0.so.37
#3  0x00007ffa9757efc0 in WebCore::TextureMapperLayer::paint() ()
    at /home/jd/checkout/WebKitGtk/WebKitBuild/Release/lib/libwebkit2gtk-4.0.so.37
#4  0x00007ffa96d48904 in WebKit::LayerTreeHostGtk::compositeLayersToContext(WebKit::LayerTreeHostGtk::CompositePurpose) () at /home/jd/checkout/WebKitGtk/WebKitBuild/Release/lib/libwebkit2gtk-4.0.so.37
#5  0x00007ffa96d4901d in WebKit::LayerTreeHostGtk::flushAndRenderLayers() ()
    at /home/jd/checkout/WebKitGtk/WebKitBuild/Release/lib/libwebkit2gtk-4.0.so.37
#6  0x00007ffa96d49094 in WebKit::LayerTreeHostGtk::layerFlushTimerFired() ()
    at /home/jd/checkout/WebKitGtk/WebKitBuild/Release/lib/libwebkit2gtk-4.0.so.37
#7  0x00007ffa95618599 in WTF::GMainLoopSource::voidCallback() ()
    at /home/jd/checkout/WebKitGtk/WebKitBuild/Release/lib/libjavascriptcoregtk-4.0.so.18
#8  0x00007ffa9561684a in WTF::GMainLoopSource::voidSourceCallback(WTF::GMainLoopSource*) ()
    at /home/jd/checkout/WebKitGtk/WebKitBuild/Release/lib/libjavascriptcoregtk-4.0.so.18
#9  0x00007ffa924cc23a in g_main_context_dispatch (context=0xd3f470) at gmain.c:3122
#10 0x00007ffa924cc23a in g_main_context_dispatch (context=context at entry=0xd3f470) at gmain.c:3737
#11 0x00007ffa924cc5d0 in g_main_context_iterate (context=0xd3f470, block=block at entry=1, dispatch=dispatch at entry=1, self=<optimized out>) at gmain.c:3808
#12 0x00007ffa924cc8f2 in g_main_loop_run (loop=0xf5d7e0) at gmain.c:4002
#13 0x00007ffa96d47512 in int WebKit::ChildProcessMain<WebKit::WebProcess, WebKit::WebProcessMain>(int, char**) () at /home/jd/checkout/WebKitGtk/WebKitBuild/Release/lib/libwebkit2gtk-4.0.so.37
#14 0x00007ffa8c886790 in __libc_start_main (main=
    0x400ab0 <main>, argc=2, argv=0x7ffc15f4bd88, init=<optimized out>, fini=<optimized out>, rtld_fini=<optimized out>, stack_end=0x7ffc15f4bd78) at libc-start.c:289
#15 0x0000000000400b09 in _start ()

The remaining 1 time, I see bug 142309. I'll try to come up with a stand-alone (independent of last.fm) test case for this bug as I work on the accessibility one.

-- 
You are receiving this mail because:
You are the assignee for the bug.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.webkit.org/pipermail/webkit-unassigned/attachments/20150305/60c7240c/attachment-0002.html>

More information about the webkit-unassigned mailing list