Crash in fast_composite_scaled_bilinear_sse2_8888_8888_cover_SRC
Submitted by Michael Catanzaro
Assigned to Chris Wilson @ickle
Description
Created attachment 121403 Full backtrace
WebKitGTK+ crashes 100% in cairo (actually in pixman) when visiting https://camo.githubusercontent.com/d0aad8bda1ffca6c06210c1c5edf2bacc5e23ff5/687474703a2f2f672e7265636f726469742e636f2f74644c664c59573443662e676966 in Epiphany.
Using cairo-1.14.2-2.fc23, pixman-0.33.6-1.fc23, and webkitgtk4-2.10.4-1.fc23.
Short backtrace:
#0 0x00007fc3f90a3e34 in fast_composite_scaled_bilinear_sse2_8888_8888_cover_SRC (__q0=<optimized out>, __q1=<optimized out>)
at /usr/lib/gcc/x86_64-redhat-linux/5.3.1/include/emmintrin.h:587
#1 0x00007fc3f90a3e34 in fast_composite_scaled_bilinear_sse2_8888_8888_cover_SRC (__q0=..., __q1=...)
at /usr/lib/gcc/x86_64-redhat-linux/5.3.1/include/emmintrin.h:593
#2 0x00007fc3f90a3e34 in fast_composite_scaled_bilinear_sse2_8888_8888_cover_SRC (__P=<optimized out>)
at /usr/lib/gcc/x86_64-redhat-linux/5.3.1/include/emmintrin.h:704
#3 0x00007fc3f90a3e34 in fast_composite_scaled_bilinear_sse2_8888_8888_cover_SRC (zero_src=0, max_vx=2147483647, unit_x_=78655, vx_=<optimized out>, wb=<optimized out>, wt=<optimized out>, w=<optimized out>, src_bottom=0x7fc363401484, src_top=0x7fc363400000, mask=<synthetic pointer>, dst=0x7fc3639de000)
at pixman-sse2.c:5715
#4 0x00007fc3f90a3e34 in fast_composite_scaled_bilinear_sse2_8888_8888_cover_SRC (imp=<optimized out>, info=<optimized out>) at pixman-sse2.c:5736
#5 0x00007fc3f902aa41 in pixman_image_composite32 (op=op@entry=PIXMAN_OP_SRC, src=src@entry=0x55f405d5f7e0, mask=mask@entry=0x0, dest=dest@entry=0x55f405d5ecd0, src_x=0, src_y=0, mask_x=0, mask_y=0, dest_x=0, dest_y=0, width=1094, height=509) at pixman.c:700
#6 0x00007fc404cfd4b4 in composite_boxes (_dst=<optimized out>, op=<optimized out>, abstract_src=<optimized out>, abstract_mask=<optimized out>, src_x=0, src_y=0, mask_x=0, mask_y=0, dst_x=0, dst_y=0, boxes=0x7ffd248fd990, extents=0x7ffd248fdc5c) at cairo-image-compositor.c:538
#7 0x00007fc404d3719a in clip_and_composite_boxes (boxes=0x7ffd248fd990, extents=0x7ffd248fdc20, compositor=0x7fc404ff1b60 <spans>)
at cairo-spans-compositor.c:683
#8 0x00007fc404d3719a in clip_and_composite_boxes (compositor=compositor@entry=0x7fc404ff1b60 <spans>, extents=extents@entry=0x7ffd248fdc20, boxes=boxes@entry=0x7ffd248fd990) at cairo-spans-compositor.c:882
#9 0x00007fc404d3775e in clip_and_composite_boxes (compositor=0x7fc404ff1b60 <spans>, extents=0x7ffd248fdc20, boxes=0x7ffd248fd990)
at cairo-spans-compositor.c:901
#10 0x00007fc404d37a79 in _cairo_spans_compositor_mask (_compositor=0x7fc404ff1b60 <spans>, extents=0x7ffd248fdc20) at cairo-spans-compositor.c:999
#11 0x00007fc404cf2429 in _cairo_compositor_paint (compositor=0x7fc404ff1b60 <spans>, surface=0x55f405d5f110, op=<optimized out>, source=<optimized out>, clip=<optimized out>) at cairo-compositor.c:65
#12 0x00007fc404d3a8b1 in _cairo_surface_paint (surface=0x55f405d5f110, op=CAIRO_OPERATOR_SOURCE, source=0x7ffd248fdf70, clip=0x55f40775b450)
at cairo-surface.c:2117
#13 0x00007fc404cfab1f in _cairo_gstate_fill (gstate=0x55f405d5f4e0, path=path@entry=0x55f4059dd368) at cairo-gstate.c:1312
#14 0x00007fc404cf3f19 in _cairo_default_context_fill (abstract_cr=<optimized out>) at cairo-default-context.c:1055
#15 0x00007fc404ced065 in cairo_fill (cr=<optimized out>) at cairo.c:2205
#16 0x00007fc4081cdbb9 in WebCore::PlatformContextCairo::drawSurfaceToContext(_cairo_surface*, WebCore::FloatRect const&, WebCore::FloatRect const&, WebCore::GraphicsContext*) (this=0x55f405d5ec50, surface=surface@entry=0x55f405d5ef80, destRect=..., originalSrcRect=..., context=context@entry=0x7fc3f477fe00)
at /usr/src/debug/webkitgtk-2.10.4/Source/WebCore/platform/graphics/cairo/PlatformContextCairo.cpp:228
Full backtrace attached.
Attachment 121403, "Full backtrace":
gdb.txt