RESOLVED WORKSFORME310304
Crash in CoordinatedPlatformLayer::setContentsImage 
https://bugs.webkit.org/show_bug.cgi?id=310304
Summary Crash in CoordinatedPlatformLayer::setContentsImage
Michael Catanzaro
Reported 2026-03-19 12:55:58 PDT
Created attachment 478725 [details] Full backtrace I checked out webkitgtk-2.51.93 in my jhbuild environment. It crashes 100% of the time when loading https://כולנו.ישראל/. However, it never crashes in Ephy Tech Preview even though that also has 2.51.93. I wonder what the different between environments is. #0 WTFCrash () at /home/mcatanzaro/Projects/WebKit/Source/WTF/wtf/Assertions.cpp:380 #1 0x00007f8c7fb5b07b in WTFCrashWithInfo () at WTF/Headers/wtf/Assertions.h:985 #2 0x00007f8c806aad29 in WTF::HashTable<unsigned long, WTF::KeyValuePair<unsigned long, WTF::Ref<WebCore::CoordinatedImageBackingStore, WTF::RawPtrTraits<WebCore::CoordinatedImageBackingStore>, WTF::DefaultRefDerefTraits<WebCore::CoordinatedImageBackingStore> > >, WTF::KeyValuePairKeyExtractor<WTF::KeyValuePair<unsigned long, WTF::Ref<WebCore::CoordinatedImageBackingStore, WTF::RawPtrTraits<WebCore::CoordinatedImageBackingStore>, WTF::DefaultRefDerefTraits<WebCore::CoordinatedImageBackingStore> > > >, WTF::DefaultHash<unsigned long>, WTF::HashMap<unsigned long, WTF::Ref<WebCore::CoordinatedImageBackingStore, WTF::RawPtrTraits<WebCore::CoordinatedImageBackingStore>, WTF::DefaultRefDerefTraits<WebCore::CoordinatedImageBackingStore> >, WTF::DefaultHash<unsigned long>, WTF::HashTraits<unsigned long>, WTF::HashTraits<WTF::Ref<WebCore::CoordinatedImageBackingStore, WTF::RawPtrTraits<WebCore::CoordinatedImageBackingStore>, WTF::DefaultRefDerefTraits<WebCore::CoordinatedImageBackingStore> > >, WTF::HashTableTraits, (WTF::ShouldValidateKey)1, WTF::FastMalloc>::KeyValuePairTraits, WTF::HashTraits<unsigned long>, WTF::FastMalloc>::validateKey<(WTF::ShouldValidateKey)1> (this=0x7f8c680107f8, value=...) at WTF/Headers/wtf/HashTable.h:534 #3 add<WTF::HashMapEnsureTranslator<WTF::HashMap<unsigned long, WTF::Ref<WebCore::CoordinatedImageBackingStore, WTF::RawPtrTraits<WebCore::CoordinatedImageBackingStore>, WTF::DefaultRefDerefTraits<WebCore::CoordinatedImageBackingStore> >, WTF::DefaultHash<unsigned long>, WTF::HashTraits<unsigned long>, WTF::HashTraits<WTF::Ref<WebCore::CoordinatedImageBackingStore, WTF::RawPtrTraits<WebCore::CoordinatedImageBackingStore>, WTF::DefaultRefDerefTraits<WebCore::CoordinatedImageBackingStore> > >, WTF::HashTableTraits, (WTF::ShouldValidateKey)1, WTF::FastMalloc>::KeyValuePairTraits, WTF::DefaultHash<unsigned long> >, (WTF::ShouldValidateKey)1, const unsigned long &, (lambda at /home/mcatanzaro/Projects/WebKit/Source/WebKit/WebProcess/WebPage/CoordinatedGraphics/LayerTreeHost.cpp:446:65)> (this=0x7f8c680107f8, key=<optimized out>, functor=...) at WTF/Headers/wtf/HashTable.h:936 #4 inlineEnsure<const unsigned long &, (lambda at /home/mcatanzaro/Projects/WebKit/Source/WebKit/WebProcess/WebPage/CoordinatedGraphics/LayerTreeHost.cpp:446:65)> (this=0x7f8c680107f8, key=<optimized out>, functor=...) at WTF/Headers/wtf/HashMap.h:456 #5 ensure<(lambda at /home/mcatanzaro/Projects/WebKit/Source/WebKit/WebProcess/WebPage/CoordinatedGraphics/LayerTreeHost.cpp:446:65)> (this=0x7f8c680107f8, key=<optimized out>, functor=...) at WTF/Headers/wtf/HashMap.h:518 #6 WebKit::LayerTreeHost::imageBackingStore (this=<optimized out>, nativeImage=...) at /home/mcatanzaro/Projects/WebKit/Source/WebKit/WebProcess/WebPage/CoordinatedGraphics/LayerTreeHost.cpp:446 #7 0x00007f8c806aad82 in non-virtual thunk to WebKit::LayerTreeHost::imageBackingStore(WTF::Ref<WebCore::NativeImage, WTF::RawPtrTraits<WebCore::NativeImage>, WTF::DefaultRefDerefTraits<WebCore::NativeImage> >&&) () from /home/mcatanzaro/Projects/GNOME/install/lib/libwebkitgtk-6.0.so.4 #8 0x00007f8c80736b35 in WebCore::CoordinatedPlatformLayer::setContentsImage (this=this@entry=0x7f8c68b69d80, image=0x7f8c68ec9900) at /home/mcatanzaro/Projects/WebKit/Source/WebCore/platform/graphics/texmap/coordinated/CoordinatedPlatformLayer.cpp:525 #9 0x00007f8c80737337 in WebCore::CoordinatedPlatformLayer::setContentsScrollbarImageForScrolling (this=0x7f8c68b69d80, image=<optimized out>) at /home/mcatanzaro/Projects/WebKit/Source/WebCore/platform/graphics/texmap/coordinated/CoordinatedPlatformLayer.cpp:587 #10 0x00007f8c8072b7bc in WebCore::ScrollerCoordinated::updateValues (this=<optimized out>) at /home/mcatanzaro/Projects/WebKit/Source/WebCore/page/scrolling/coordinated/ScrollerCoordinated.cpp:121 #11 0x00007f8c8072bf68 in WebCore::ScrollerPairCoordinated::updateValues (this=<optimized out>) at /home/mcatanzaro/Projects/WebKit/Source/WebCore/page/scrolling/coordinated/ScrollerPairCoordinated.cpp:58 #12 0x00007f8c8072dd96 in WebCore::ScrollingTreeFrameScrollingNodeCoordinated::repositionRelatedLayers (this=0x7f8c683c1660) at /home/mcatanzaro/Projects/WebKit/Source/WebCore/page/scrolling/coordinated/ScrollingTreeFrameScrollingNodeCoordinated.cpp:155 #13 0x00007f8c8230946a in WebCore::ScrollingTree::applyLayerPositionsRecursive (this=0x7f8c680f8480, node=...) at /home/mcatanzaro/Projects/WebKit/Source/WebCore/page/scrolling/ScrollingTree.cpp:601 #14 0x00007f8c823093c2 in WebCore::ScrollingTree::applyLayerPositionsInternal (this=<optimized out>) at /home/mcatanzaro/Projects/WebKit/Source/WebCore/page/scrolling/ScrollingTree.cpp:596 #15 0x00007f8c8072c5c4 in WebCore::ScrollingTreeCoordinated::applyLayerPositionsInternal (this=0x216) at /home/mcatanzaro/Projects/WebKit/Source/WebCore/page/scrolling/coordinated/ScrollingTreeCoordinated.cpp:88 #16 0x00007f8c82309335 in WebCore::ScrollingTree::applyLayerPositions (this=0x7f8c680f8480) at /home/mcatanzaro/Projects/WebKit/Source/WebCore/page/scrolling/ScrollingTree.cpp:589 #17 0x00007f8c82254700 in WebCore::Page::finalizeRenderingUpdateForRootFrame (this=this@entry=0x7f8c680acd80, rootFrame=..., flags=flags@entry=...) at /home/mcatanzaro/Projects/WebKit/Source/WebCore/page/Page.cpp:2525 #18 0x00007f8c822545a5 in WebCore::Page::finalizeRenderingUpdate (this=0x7f8c680acd80, flags=...) at /home/mcatanzaro/Projects/WebKit/Source/WebCore/page/Page.cpp:2500 #19 0x00007f8c80674772 in WebKit::WebPage::finalizeRenderingUpdate (this=0x7f8c680a9200, flags=...) at /home/mcatanzaro/Projects/WebKit/Source/WebKit/WebProcess/WebPage/WebPage.cpp:5096 #20 0x00007f8c806aa0a5 in WebKit::LayerTreeHost::updateRendering (this=0x7f8c68010780) at /home/mcatanzaro/Projects/WebKit/Source/WebKit/WebProcess/WebPage/CoordinatedGraphics/LayerTreeHost.cpp:210 #21 0x00007f8c7c2ca99a in WTF::Function<void()>::operator() (this=0x7f8c68b5f440) at /home/mcatanzaro/Projects/WebKit/Source/WTF/wtf/Function.h:103 #22 WTF::ActivityObserver::notify (this=0x7f8c68b5f420) at /home/mcatanzaro/Projects/WebKit/Source/WTF/wtf/glib/ActivityObserver.h:78 #23 WTF::RunLoop::notifyActivity (this=this@entry=0x7f8c68018180, activity=activity@entry=WTF::RunLoop::Activity::BeforeWaiting) at /home/mcatanzaro/Projects/WebKit/Source/WTF/wtf/glib/RunLoopGLib.cpp:293 #24 0x00007f8c7c2ca71c in WTF::RunLoop::runGLibMainLoopIteration (this=this@entry=0x7f8c68018180, mayBlock=mayBlock@entry=WTF::RunLoop::MayBlock::Yes) at /home/mcatanzaro/Projects/WebKit/Source/WTF/wtf/glib/RunLoopGLib.cpp:180 #25 0x00007f8c7c2caafa in WTF::RunLoop::runGLibMainLoop (this=0x7f8c68018180) at /home/mcatanzaro/Projects/WebKit/Source/WTF/wtf/glib/RunLoopGLib.cpp:200 #26 WTF::RunLoop::run () at /home/mcatanzaro/Projects/WebKit/Source/WTF/wtf/glib/RunLoopGLib.cpp:213 #27 0x00007f8c806bc8c3 in WebKit::AuxiliaryProcessMainBase<WebKit::WebProcess, true>::run (this=0x7ffc1ef034a0, argc=<optimized out>, argv=<optimized out>) --Type <RET> for more, q to quit, c to continue without paging--c at /home/mcatanzaro/Projects/WebKit/Source/WebKit/Shared/AuxiliaryProcessMain.h:77 #28 WebKit::AuxiliaryProcessMain<WebKit::WebProcessMainGtk> (argc=3, argv=<optimized out>) at /home/mcatanzaro/Projects/WebKit/Source/WebKit/Shared/AuxiliaryProcessMain.h:103 #29 0x00007f8c77808681 in __libc_start_call_main (main=main@entry=0x201840 <main(int, char**)>, argc=argc@entry=3, argv=argv@entry=0x7ffc1ef03648) at ../sysdeps/nptl/libc_start_call_main.h:59 #30 0x00007f8c77808798 in __libc_start_main_impl (main=0x201840 <main(int, char**)>, argc=3, argv=0x7ffc1ef03648, init=<optimized out>, fini=<optimized out>, rtld_fini=<optimized out>, stack_end=0x7ffc1ef03638) at ../csu/libc-start.c:360 #31 0x0000000000201775 in _start ()
Attachments
Full backtrace (11.92 KB, text/plain)
2026-03-19 12:55 PDT, Michael Catanzaro 		no flags
Details
View All Add attachment proposed patch, testcase, etc.
Michael Catanzaro
Comment 1 2026-03-19 15:12:38 PDT
This is fortunately already fixed in main. I still need to test webkitglib/2.52 to see whether it is fixed there, though.
Michael Catanzaro
Comment 2 2026-03-20 13:42:25 PDT
Yes, already fixed.
Note You need to log in before you can comment on or make changes to this bug.