[Webkit-unassigned] [Bug 240283] [GTK] Crash in WebCore::TextureMapperLayer::paintSelf

bugzilla-daemon at webkit.org bugzilla-daemon at webkit.org
Wed May 25 01:11:31 PDT 2022 

https://bugs.webkit.org/show_bug.cgi?id=240283

--- Comment #5 from Adrian Perez <aperez at igalia.com> ---
I managed to get this to happen with a debug build, so I can dump variables
and inspect things; but I am not sure what to try to look at -- hints welcome!

What I did to hit this was opening https://www.youtube.com/watch?v=fmfR0XI5czI
then pressing “t” to put the video in theatre mode, and started playing it.
While the video was playing, I switched two or three times between fullscreen
and windowed mode using the “f” key shortcut. Some seconds after switching
back from fullscreen to windowed mode the crash happened.

#0  0x00007f53ef220a4a in WebCore::TextureMapperLayer::paintSelf (this=0x7f528fbfe000, options=...) at ../Source/WebCore/platform/graphics/texmap/TextureMapperLayer.cpp:201
201         contentsLayer->paintToTextureMapper(options.textureMapper, m_state.contentsRect, transform, options.opacity);

I cannot print “contentsLayer”, GDB says:

 (gdb) p contentsLayer
 $7 = <optimized out>

But I can see that the %rdi register is non-NULL (0x7f5296a073f0), and IIRC
that is the pointer value of what's to the left of “->” in a “foo->bar()” call
because the target instance is passed as implicit first argument to functions
and the first argument gets passed in %rdi in the SysV ABI.

The “options.textureMapper” is valid, too:

 (gdb) p options.textureMapper                                                                                                                                                                                                                  
 $8 = (WebCore::TextureMapperGL &) @0x7f53d83e4000: {                                                                                                                                                                                           
   <WebCore::TextureMapper> = {                                                                                                                                                                                                                 
     _vptr$TextureMapper = 0x7f53f111e888 <vtable for WebCore::TextureMapperGL+16>,
     m_texturePool = std::unique_ptr<WebCore::BitmapTexturePool> = {
  ...lots of stuff...

-- 
You are receiving this mail because:
You are the assignee for the bug.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.webkit.org/pipermail/webkit-unassigned/attachments/20220525/cec870db/attachment.htm>

More information about the webkit-unassigned mailing list