Bug 220467

Summary: REGRESSION (r271273): Crash in WebCore::HTMLMediaElement::setVideoFullscreenGravity
Product: WebKit Reporter: Ryan Haddad <ryanhaddad>
Component: MediaAssignee: Peng Liu <peng.liu6>
Status: RESOLVED FIXED    
Severity: Normal CC: darin, eric.carlson, ews-watchlist, glenn, jer.noble, peng.liu6, philipj, sergio, webkit-bot-watchers-bugzilla, webkit-bug-importer
Priority: P2 Keywords: InRadar
Version: WebKit Nightly Build   
Hardware: Unspecified   
OS: Unspecified   
See Also: https://bugs.webkit.org/show_bug.cgi?id=220435
Attachments:
Description Flags
crash log
none
Patch none

Ryan Haddad
Reported 2021-01-08 09:53:50 PST
Created attachment 417275 [details] crash log Seeing the following crash on macOS bots with media/controls/pip-placeholder-without-video-controls.html and media/element-containing-pip-video-going-into-fullscreen.html Thread 0 Crashed:: Dispatch queue: com.apple.main-thread 0 com.apple.WebCore 0x00000007c1289004 WebCore::HTMLMediaElement::setVideoFullscreenGravity(WebCore::MediaPlayerEnums::VideoGravity) + 4 (HTMLMediaElement.cpp:6182) 1 com.apple.WebKit 0x000000010df8c585 callMemberFunctionImpl<WebKit::VideoFullscreenManager, void (WebKit::VideoFullscreenManager::*)(WTF::ObjectIdentifier<WebKit::PlaybackSessionContextIdentifierType>, unsigned int), std::__1::tuple<WTF::ObjectIdentifier<WebKit::PlaybackSessionContextIdentifierType>, unsigned int>, 0, 1> + 15 (HandleMessage.h:42) [inlined] 2 com.apple.WebKit 0x000000010df8c585 callMemberFunction<WebKit::VideoFullscreenManager, void (WebKit::VideoFullscreenManager::*)(WTF::ObjectIdentifier<WebKit::PlaybackSessionContextIdentifierType>, unsigned int), std::__1::tuple<WTF::ObjectIdentifier<WebKit::PlaybackSessionContextIdentifierType>, unsigned int>, std::__1::integer_sequence<unsigned long, 0, 1> > + 15 (HandleMessage.h:48) [inlined] 3 com.apple.WebKit 0x000000010df8c585 handleMessage<Messages::VideoFullscreenManager::SetVideoLayerGravityEnum, WebKit::VideoFullscreenManager, void (WebKit::VideoFullscreenManager::*)(WTF::ObjectIdentifier<WebKit::PlaybackSessionContextIdentifierType>, unsigned int)> + 38 (HandleMessage.h:120) [inlined] 4 com.apple.WebKit 0x000000010df8c585 WebKit::VideoFullscreenManager::didReceiveMessage(IPC::Connection&, IPC::Decoder&) + 755 (VideoFullscreenManagerMessageReceiver.cpp:130) 5 com.apple.WebKit 0x000000010d9e1889 IPC::MessageReceiverMap::dispatchMessage(IPC::Connection&, IPC::Decoder&) + 125 (MessageReceiverMap.cpp:123) 6 com.apple.WebKit 0x000000010de8bbba WebKit::WebProcess::didReceiveMessage(IPC::Connection&, IPC::Decoder&) + 28 (WebProcess.cpp:788) 7 com.apple.WebKit 0x000000010d9c52e9 IPC::Connection::dispatchMessage(std::__1::unique_ptr<IPC::Decoder, std::__1::default_delete<IPC::Decoder> >) + 151 (Connection.cpp:1138) 8 com.apple.WebKit 0x000000010d9c5538 IPC::Connection::dispatchOneIncomingMessage() + 190 (Connection.cpp:1207) 9 com.apple.JavaScriptCore 0x00000007c5c81421 operator() + 9 (Function.h:83) [inlined] 10 com.apple.JavaScriptCore 0x00000007c5c81421 WTF::RunLoop::performWork() + 545 (RunLoop.cpp:128) 11 com.apple.JavaScriptCore 0x00000007c5c81c22 WTF::RunLoop::performWork(void*) + 34 (RunLoopCF.cpp:46) 12 com.apple.CoreFoundation 0x00007fff20450a0c __CFRUNLOOP_IS_CALLING_OUT_TO_A_SOURCE0_PERFORM_FUNCTION__ + 17 13 com.apple.CoreFoundation 0x00007fff20450974 __CFRunLoopDoSource0 + 180 14 com.apple.CoreFoundation 0x00007fff204506ef __CFRunLoopDoSources0 + 248 15 com.apple.CoreFoundation 0x00007fff2044f121 __CFRunLoopRun + 890 16 com.apple.CoreFoundation 0x00007fff2044e6ce CFRunLoopRunSpecific + 563 17 com.apple.Foundation 0x00007fff211dbfa1 -[NSRunLoop(NSRunLoop) runMode:beforeDate:] + 212 18 com.apple.Foundation 0x00007fff2126a384 -[NSRunLoop(NSRunLoop) run] + 76 19 libxpc.dylib 0x00007fff200a53dd _xpc_objc_main + 825 20 libxpc.dylib 0x00007fff200a4e65 xpc_main + 437 21 com.apple.WebKit 0x000000010db7c2c4 WebKit::XPCServiceMain(int, char const**) + 310 (XPCServiceMain.mm:208) 22 libdyld.dylib 0x00007fff20373621 start + 1 https://results.webkit.org/?suite=layout-tests&suite=layout-tests&test=media%2Fcontrols%2Fpip-placeholder-without-video-controls.html&test=media%2Felement-containing-pip-video-going-into-fullscreen.html
Attachments
crash log (124.57 KB, text/plain)
2021-01-08 09:53 PST, Ryan Haddad 		no flags
Details
Patch (1.80 KB, patch)
2021-01-08 12:12 PST, Peng Liu 		no flags
DetailsFormatted DiffDiff
View All Add attachment proposed patch, testcase, etc.
Ryan Haddad
Comment 1 2021-01-08 09:54:49 PST
I think this started with https://trac.webkit.org/changeset/271273/webkit
Radar WebKit Bug Importer
Comment 2 2021-01-08 09:54:57 PST
<rdar://problem/72933994>
Peng Liu
Comment 3 2021-01-08 12:12:53 PST
Created attachment 417290 [details] Patch
EWS
Comment 4 2021-01-08 14:18:30 PST
Committed r271321: <https://trac.webkit.org/changeset/271321> All reviewed patches have been landed. Closing bug and clearing flags on attachment 417290 [details].
Note You need to log in before you can comment on or make changes to this bug.