[Webkit-unassigned] [Bug 219065] New: REGRESSION(r269614): [iOS] WebContent crashes when entering Full Screen video with text captions

bugzilla-daemon at webkit.org bugzilla-daemon at webkit.org
Tue Nov 17 20:19:08 PST 2020 

https://bugs.webkit.org/show_bug.cgi?id=219065

            Bug ID: 219065
           Summary: REGRESSION(r269614): [iOS] WebContent crashes when
                    entering Full Screen video with text captions
           Product: WebKit
           Version: WebKit Nightly Build
          Hardware: Unspecified
                OS: Unspecified
            Status: NEW
          Severity: Normal
          Priority: P2
         Component: Media
          Assignee: webkit-unassigned at lists.webkit.org
          Reporter: sabouhallawa at apple.com

Web process crashes with the following backtrace:

#0      0x00000001a105fc90 in objc_retain ()
#1      0x000000018f8392c8 in -[CALayer setContents:] ()
#2      0x0000000109771598 in WebCore::TextTrackRepresentationCocoa::update() at /Volumes/Data/webkit/OpenSource/Source/WebCore/platform/graphics/cocoa/TextTrackRepresentationCocoa.mm:133
#3      0x000000010a049aac in WebCore::HTMLMediaElement::updateTextTrackRepresentationImageIfNeeded() at /Volumes/Data/webkit/OpenSource/Source/WebCore/html/HTMLMediaElement.cpp:6260
#4      0x000000010a40c96c in WTF::Function<void (WebCore::Document&)>::operator()(WebCore::Document&) const [inlined] at /Volumes/Data/webkit/OpenSource/WebKitBuild/Release-iphoneos/usr/local/include/wtf/Function.h:83
#5      0x000000010a40c958 in WebCore::Page::forEachDocument(WTF::Function<void (WebCore::Document&)> const&) const at /Volumes/Data/webkit/OpenSource/Source/WebCore/page/Page.cpp:3171
#6      0x000000010a411fb4 in WebCore::Page::doAfterUpdateRendering() at /Volumes/Data/webkit/OpenSource/Source/WebCore/page/Page.cpp:1599
#7      0x000000010a411cb8 in WebCore::Page::updateRendering() at /Volumes/Data/webkit/OpenSource/Source/WebCore/page/Page.cpp:1553
#8      0x00000001045eaaf8 in WebKit::RemoteLayerTreeDrawingArea::updateRendering() at /Volumes/Data/webkit/OpenSource/Source/WebKit/WebProcess/WebPage/RemoteLayerTree/RemoteLayerTreeDrawingArea.mm:327
#9      0x000000010a4c1f4c in WebCore::ThreadTimers::sharedTimerFiredInternal() at /Volumes/Data/webkit/OpenSource/Source/WebCore/platform/ThreadTimers.cpp:127
#10     0x000000010a4e8a84 in WebCore::timerFired(__CFRunLoopTimer*, void*) at /Volumes/Data/webkit/OpenSource/Source/WebCore/platform/cf/MainThreadSharedTimerCF.cpp:74

When introducing the NativeImage class, the following function was left as is:

void TextTrackRepresentationCocoa::update()
{
    if (auto representation = m_client.createTextTrackRepresentationImage())
        [m_layer.get() setContents:(__bridge id)representation->nativeImage().get()];
}

[CALayer setContents] used to take an id of a CGImageRef. With r269614, we are now passing to it a NativeImage casted to an id.

-- 
You are receiving this mail because:
You are the assignee for the bug.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.webkit.org/pipermail/webkit-unassigned/attachments/20201118/8b52ee48/attachment.htm>

More information about the webkit-unassigned mailing list