WebKit Bugzilla
Attachment 342095 Details for
Bug 186370
: Crash in lambda function WTF::Function<void ()>::CallableWrapper<WebKit::DisplayLink::displayLinkCallback
Home
|
New
|
Browse
|
Search
|
[?]
|
Reports
|
Requests
|
Help
|
New Account
|
Log In
Remember
[x]
|
Forgot Password
Login:
[x]
[patch]
Patch
bug-186370-20180606164711.patch (text/plain), 2.57 KB, created by
Per Arne Vollan
on 2018-06-06 16:47:12 PDT
(
hide
)
Description:
Patch
Filename:
MIME Type:
Creator:
Per Arne Vollan
Created:
2018-06-06 16:47:12 PDT
Size:
2.57 KB
patch
obsolete
>Index: Source/WebKit/ChangeLog >=================================================================== >--- Source/WebKit/ChangeLog (revision 232543) >+++ Source/WebKit/ChangeLog (working copy) >@@ -1,3 +1,23 @@ >+2018-06-06 Per Arne Vollan <pvollan@apple.com> >+ >+ Crash in lambda function WTF::Function<void ()>::CallableWrapper<WebKit::DisplayLink::displayLinkCallback >+ https://bugs.webkit.org/show_bug.cgi?id=186370 >+ <rdar://problem/39791647> >+ >+ Reviewed by NOBODY (OOPS!). >+ >+ When the display link is firing, the callback function is called on the display link thread, where a lambda function >+ is created to be executed on the main thread. The WebPageProxy object is captured as a RefPtr in the lambda. This >+ might crash when executing on the main thread, since the WebPageProxy object is possibly deleted then. Capturing >+ the WebPageProxy will not prevent the object from being deleted if the destruction of the WebPageProxy object already >+ has started on the main thread when the object is captured, which sometimes is the case. Instead, we can create a >+ weak pointer to the object, which will work as intended, even if the WebPageProxy object is in the process of being >+ deleted. This also matches the display link implementation used when the WebContent process has access to the >+ WindowServer. This is not a frequent crash. I have not been able to reproduce it. >+ >+ * UIProcess/mac/DisplayLink.cpp: >+ (WebKit::DisplayLink::displayLinkCallback): >+ > 2018-06-05 Per Arne Vollan <pvollan@apple.com> > > Move OpenGL display mask to screen data struct. >Index: Source/WebKit/UIProcess/mac/DisplayLink.cpp >=================================================================== >--- Source/WebKit/UIProcess/mac/DisplayLink.cpp (revision 232543) >+++ Source/WebKit/UIProcess/mac/DisplayLink.cpp (working copy) >@@ -98,8 +98,9 @@ void DisplayLink::resume() > CVReturn DisplayLink::displayLinkCallback(CVDisplayLinkRef displayLinkRef, const CVTimeStamp*, const CVTimeStamp*, CVOptionFlags, CVOptionFlags*, void* data) > { > WebPageProxy* webPageProxy = reinterpret_cast<WebPageProxy*>(data); >- callOnMainThread([webPageProxy = makeRefPtr(webPageProxy)] { >- webPageProxy->process().send(Messages::DrawingArea::DisplayWasRefreshed(), webPageProxy->pageID()); >+ RunLoop::main().dispatch([weakPtr = webPageProxy->createWeakPtr()] { >+ if (auto* proxy = weakPtr.get()) >+ proxy->process().send(Messages::DrawingArea::DisplayWasRefreshed(), proxy->pageID()); > }); > return kCVReturnSuccess; > }
<b>You cannot view the attachment while viewing its details because your browser does not support IFRAMEs. <a href="attachment.cgi?id=342095">View the attachment on a separate page</a>.</b>
View Attachment As Diff
View Attachment As Raw
Actions:
View
|
Formatted Diff
|
Diff
Attachments on
bug 186370
: 342095