219065 – REGRESSION(r269614): [iOS] WebContent crashes when entering Full Screen video with text captions

Bug 219065 - REGRESSION(r269614): [iOS] WebContent crashes when entering Full Screen video with text captions

Summary: REGRESSION(r269614): [iOS] WebContent crashes when entering Full Screen video...

Status:	RESOLVED FIXED

Alias:	None

Product:	WebKit
Classification:	Unclassified
Component:	Media (show other bugs)
Version:	WebKit Nightly Build
Hardware:	Unspecified Unspecified

Importance:	P2 Normal
Assignee:	Said Abou-Hallawa

URL:
Keywords:	InRadar

Depends on:
Blocks:

Reported:	2020-11-17 20:19 PST by Said Abou-Hallawa
Modified:	2020-11-17 22:27 PST (History)
CC List:	2 users (show)

See Also:

Attachments
Patch (1.73 KB, patch) 2020-11-17 20:23 PST, Said Abou-Hallawa	no flags	Details \| Formatted Diff \| Diff
View All Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description Said Abou-Hallawa 2020-11-17 20:19:08 PST

Web process crashes with the following backtrace:

#0	0x00000001a105fc90 in objc_retain ()
#1	0x000000018f8392c8 in -[CALayer setContents:] ()
#2	0x0000000109771598 in WebCore::TextTrackRepresentationCocoa::update() at /Volumes/Data/webkit/OpenSource/Source/WebCore/platform/graphics/cocoa/TextTrackRepresentationCocoa.mm:133
#3	0x000000010a049aac in WebCore::HTMLMediaElement::updateTextTrackRepresentationImageIfNeeded() at /Volumes/Data/webkit/OpenSource/Source/WebCore/html/HTMLMediaElement.cpp:6260
#4	0x000000010a40c96c in WTF::Function<void (WebCore::Document&)>::operator()(WebCore::Document&) const [inlined] at /Volumes/Data/webkit/OpenSource/WebKitBuild/Release-iphoneos/usr/local/include/wtf/Function.h:83
#5	0x000000010a40c958 in WebCore::Page::forEachDocument(WTF::Function<void (WebCore::Document&)> const&) const at /Volumes/Data/webkit/OpenSource/Source/WebCore/page/Page.cpp:3171
#6	0x000000010a411fb4 in WebCore::Page::doAfterUpdateRendering() at /Volumes/Data/webkit/OpenSource/Source/WebCore/page/Page.cpp:1599
#7	0x000000010a411cb8 in WebCore::Page::updateRendering() at /Volumes/Data/webkit/OpenSource/Source/WebCore/page/Page.cpp:1553
#8	0x00000001045eaaf8 in WebKit::RemoteLayerTreeDrawingArea::updateRendering() at /Volumes/Data/webkit/OpenSource/Source/WebKit/WebProcess/WebPage/RemoteLayerTree/RemoteLayerTreeDrawingArea.mm:327
#9	0x000000010a4c1f4c in WebCore::ThreadTimers::sharedTimerFiredInternal() at /Volumes/Data/webkit/OpenSource/Source/WebCore/platform/ThreadTimers.cpp:127
#10	0x000000010a4e8a84 in WebCore::timerFired(__CFRunLoopTimer*, void*) at /Volumes/Data/webkit/OpenSource/Source/WebCore/platform/cf/MainThreadSharedTimerCF.cpp:74

When introducing the NativeImage class, the following function was left as is:

void TextTrackRepresentationCocoa::update()
{
    if (auto representation = m_client.createTextTrackRepresentationImage())
        [m_layer.get() setContents:(__bridge id)representation->nativeImage().get()];
}

[CALayer setContents] used to take an id of a CGImageRef. With r269614, we are now passing to it a NativeImage casted to an id.

Comment 1 Said Abou-Hallawa 2020-11-17 20:23:15 PST

Created attachment 414403 [details]
Patch

Comment 2 Said Abou-Hallawa 2020-11-17 20:23:51 PST

<rdar://problem/71494591>

Comment 3 EWS 2020-11-17 22:27:53 PST

Committed r269944: <https://trac.webkit.org/changeset/269944>

All reviewed patches have been landed. Closing bug and clearing flags on attachment 414403 [details].