167547 2017-01-28 01:48:59 -0800 [Threaded Compositor] Crash when detaching the CoordinatedGraphicsScene 2017-01-28 23:18:22 -0800 1 1 1 Unclassified WebKit WebKitGTK WebKit Local Build Unspecified Unspecified RESOLVED FIXED Gtk P2 Normal --- 1 cgarcia webkit-unassigned bugs-noreply oldest_to_newest 1270952 0 cgarcia 2017-01-28 01:48:59 -0800 Seen in the bots too, but I couldn't reproduce it. Thread 1 (Thread 0x7f3f56ffd700 (LWP 3664)): #0 0x00007f3ff49eb032 in WebKit::CoordinatedGraphicsScene::commitSceneState(WebCore::CoordinatedGraphicsState const&) () from /home/slave/webkitgtk/gtk-linux-64-release/build/WebKitBuild/Release/lib/libwebkit2gtk-4.0.so.37 #1 0x00007f3ff49e7541 in WebKit::CoordinatedGraphicsScene::syncRemoteContent() () from /home/slave/webkitgtk/gtk-linux-64-release/build/WebKitBuild/Release/lib/libwebkit2gtk-4.0.so.37 #2 0x00007f3ff49e7a10 in WebKit::CoordinatedGraphicsScene::paintToCurrentGLContext(WebCore::TransformationMatrix const&, float, WebCore::FloatRect const&, WebCore::Color const&, bool, WebCore::FloatPoint const&, unsigned int) () from /home/slave/webkitgtk/gtk-linux-64-release/build/WebKitBuild/Release/lib/libwebkit2gtk-4.0.so.37 #3 0x00007f3ff49f0c1e in WebKit::ThreadedCompositor::renderLayerTree() () from /home/slave/webkitgtk/gtk-linux-64-release/build/WebKitBuild/Release/lib/libwebkit2gtk-4.0.so.37 #4 0x00007f3ff49ed942 in WebKit::CompositingRunLoop::updateTimerFired() () from /home/slave/webkitgtk/gtk-linux-64-release/build/WebKitBuild/Release/lib/libwebkit2gtk-4.0.so.37 #5 0x00007f3ff267d8aa in WTF::RunLoop::TimerBase::TimerBase(WTF::RunLoop&)::{lambda(void*)#1}::_FUN(void*) () from /home/slave/webkitgtk/gtk-linux-64-release/build/WebKitBuild/Release/lib/libjavascriptcoregtk-4.0.so.18 #6 0x00007f3fedfa8ecd in g_main_dispatch () at /home/slave/webkitgtk/gtk-linux-64-release-tests/build/WebKitBuild/DependenciesGTK/Source/glib-2.44.1/glib/gmain.c:3122 #7 g_main_context_dispatch () at /home/slave/webkitgtk/gtk-linux-64-release-tests/build/WebKitBuild/DependenciesGTK/Source/glib-2.44.1/glib/gmain.c:3737 #8 0x00007f3fedfa9268 in g_main_context_iterate () at /home/slave/webkitgtk/gtk-linux-64-release-tests/build/WebKitBuild/DependenciesGTK/Source/glib-2.44.1/glib/gmain.c:3808 #9 0x00007f3fedfa9582 in g_main_loop_run () at /home/slave/webkitgtk/gtk-linux-64-release-tests/build/WebKitBuild/DependenciesGTK/Source/glib-2.44.1/glib/gmain.c:4002 #10 0x00007f3ff267dc50 in WTF::RunLoop::run() () from /home/slave/webkitgtk/gtk-linux-64-release/build/WebKitBuild/Release/lib/libjavascriptcoregtk-4.0.so.18 #11 0x00007f3ff267cab3 in std::_Function_handler<void (), WTF::WorkQueue::platformInitialize(char const*, WTF::WorkQueue::Type, WTF::WorkQueue::QOS)::{lambda()#1}>::_M_invoke(std::_Any_data const&) () from /home/slave/webkitgtk/gtk-linux-64-release/build/WebKitBuild/Release/lib/libjavascriptcoregtk-4.0.so.18 #12 0x00007f3ff2646395 in WTF::threadEntryPoint(void*) () from /home/slave/webkitgtk/gtk-linux-64-release/build/WebKitBuild/Release/lib/libjavascriptcoregtk-4.0.so.18 #13 0x00007f3ff267b10a in WTF::wtfThreadEntryPoint(void*) () from /home/slave/webkitgtk/gtk-linux-64-release/build/WebKitBuild/Release/lib/libjavascriptcoregtk-4.0.so.18 #14 0x00007f3fef7f30a4 in start_thread (arg=0x7f3f56ffd700) at pthread_create.c:309 #15 0x00007f3febae187d in clone () at ../sysdeps/unix/sysv/linux/x86_64/clone.S:111 Thread 21 (Thread 0x7f3fe5789940 (LWP 3029)): #0 pthread_cond_wait@@GLIBC_2.3.2 () at ../nptl/sysdeps/unix/sysv/linux/x86_64/pthread_cond_wait.S:185 #1 0x00007f3ff267b77b in WTF::ThreadCondition::timedWait(WTF::Mutex&, double) () from /home/slave/webkitgtk/gtk-linux-64-release/build/WebKitBuild/Release/lib/libjavascriptcoregtk-4.0.so.18 #2 0x00007f3ff2642f43 in WTF::ParkingLot::parkConditionallyImpl(void const*, WTF::ScopedLambda<bool ()> const&, WTF::ScopedLambda<void ()> const&, WTF::TimeWithDynamicClockType const&) () from /home/slave/webkitgtk/gtk-linux-64-release/build/WebKitBuild/Release/lib/libjavascriptcoregtk-4.0.so.18 #3 0x00007f3ff49ef09b in WebKit::CompositingRunLoop::performTaskSync(WTF::Function<void ()>&&) () from /home/slave/webkitgtk/gtk-linux-64-release/build/WebKitBuild/Release/lib/libwebkit2gtk-4.0.so.37 #4 0x00007f3ff49f070c in WebKit::ThreadedCompositor::invalidate() () from /home/slave/webkitgtk/gtk-linux-64-release/build/WebKitBuild/Release/lib/libwebkit2gtk-4.0.so.37 #5 0x00007f3ff49fa350 in WebKit::ThreadedCoordinatedLayerTreeHost::invalidate() () from /home/slave/webkitgtk/gtk-linux-64-release/build/WebKitBuild/Release/lib/libwebkit2gtk-4.0.so.37 #6 0x00007f3ff49dc9bb in WebKit::DrawingAreaImpl::exitAcceleratedCompositingMode() () from /home/slave/webkitgtk/gtk-linux-64-release/build/WebKitBuild/Release/lib/libwebkit2gtk-4.0.so.37 #7 0x00007f3ff267d8aa in WTF::RunLoop::TimerBase::TimerBase(WTF::RunLoop&)::{lambda(void*)#1}::_FUN(void*) () from /home/slave/webkitgtk/gtk-linux-64-release/build/WebKitBuild/Release/lib/libjavascriptcoregtk-4.0.so.18 #8 0x00007f3fedfa8ecd in g_main_dispatch () at /home/slave/webkitgtk/gtk-linux-64-release-tests/build/WebKitBuild/DependenciesGTK/Source/glib-2.44.1/glib/gmain.c:3122 #9 g_main_context_dispatch () at /home/slave/webkitgtk/gtk-linux-64-release-tests/build/WebKitBuild/DependenciesGTK/Source/glib-2.44.1/glib/gmain.c:3737 #10 0x00007f3fedfa9268 in g_main_context_iterate () at /home/slave/webkitgtk/gtk-linux-64-release-tests/build/WebKitBuild/DependenciesGTK/Source/glib-2.44.1/glib/gmain.c:3808 #11 0x00007f3fedfa9582 in g_main_loop_run () at /home/slave/webkitgtk/gtk-linux-64-release-tests/build/WebKitBuild/DependenciesGTK/Source/glib-2.44.1/glib/gmain.c:4002 #12 0x00007f3ff267dc50 in WTF::RunLoop::run() () from /home/slave/webkitgtk/gtk-linux-64-release/build/WebKitBuild/Release/lib/libjavascriptcoregtk-4.0.so.18 #13 0x00007f3ff49e31e2 in WebProcessMainUnix () from /home/slave/webkitgtk/gtk-linux-64-release/build/WebKitBuild/Release/lib/libwebkit2gtk-4.0.so.37 #14 0x00007f3feba1ab45 in __libc_start_main (main=0x400bf0 <main>, argc=2, argv=0x7ffccae14558, init=<optimized out>, fini=<optimized out>, rtld_fini=<optimized out>, stack_end=0x7ffccae14548) at libc-start.c:287 #15 0x0000000000400c45 in _start () 1270953 1 300014 cgarcia 2017-01-28 01:52:50 -0800 Created attachment 300014 Patch Speculative fix, since I couldn't reproduce it. 1271097 2 cgarcia 2017-01-28 23:18:22 -0800 Committed r211348: <http://trac.webkit.org/changeset/211348> 300014 2017-01-28 01:52:50 -0800 2017-01-28 12:31:44 -0800 Patch wk2-commit-scene-crash.diff text/plain 2093 cgarcia ZGlmZiAtLWdpdCBhL1NvdXJjZS9XZWJLaXQyL0NoYW5nZUxvZyBiL1NvdXJjZS9XZWJLaXQyL0No YW5nZUxvZwppbmRleCA2ZTUzMWRmZTBjOC4uOTczMWNkMjI3Y2UgMTAwNjQ0Ci0tLSBhL1NvdXJj ZS9XZWJLaXQyL0NoYW5nZUxvZworKysgYi9Tb3VyY2UvV2ViS2l0Mi9DaGFuZ2VMb2cKQEAgLTEs NSArMSwxOCBAQAogMjAxNy0wMS0yOCAgQ2FybG9zIEdhcmNpYSBDYW1wb3MgIDxjZ2FyY2lhQGln YWxpYS5jb20+CiAKKyAgICAgICAgW1RocmVhZGVkIENvbXBvc2l0b3JdIENyYXNoIHdoZW4gZGV0 YWNoaW5nIHRoZSBDb29yZGluYXRlZEdyYXBoaWNzU2NlbmUKKyAgICAgICAgaHR0cHM6Ly9idWdz LndlYmtpdC5vcmcvc2hvd19idWcuY2dpP2lkPTE2NzU0NworCisgICAgICAgIFJldmlld2VkIGJ5 IE5PQk9EWSAoT09QUyEpLgorCisgICAgICAgIEl0IHNlZW1zIHRoYXQgY29tbWl0U2NlbmVTdGF0 ZSgpIGNhbiBiZSBjYWxsZWQgYWZ0ZXIgdGhlIENvb3JkaW5hdGVkR3JhcGhpY3NTY2VuZSBoYXMg YmVlbiBkZXRhY2hlZC4KKworICAgICAgICAqIFNoYXJlZC9Db29yZGluYXRlZEdyYXBoaWNzL0Nv b3JkaW5hdGVkR3JhcGhpY3NTY2VuZS5jcHA6CisgICAgICAgIChXZWJLaXQ6OkNvb3JkaW5hdGVk R3JhcGhpY3NTY2VuZTo6Y29tbWl0U2NlbmVTdGF0ZSk6IFJldHVybiBlYXJseSBpZiBzY2VuZSBo YXMgYmVlbiBkZXRhY2hlZC4KKyAgICAgICAgKFdlYktpdDo6Q29vcmRpbmF0ZWRHcmFwaGljc1Nj ZW5lOjpkZXRhY2gpOiBUYWtlIHRoZSByZW5kZXIgcXVldWUgbG9jayBiZWZvcmUgY2xlYXJpbmcg dGhlIHJlbmRlciBxdWV1ZS4KKworMjAxNy0wMS0yOCAgQ2FybG9zIEdhcmNpYSBDYW1wb3MgIDxj Z2FyY2lhQGlnYWxpYS5jb20+CisKICAgICAgICAgW1RocmVhZGVkIENvbXBvc2l0b3JdIENyYXNo IHdoZW4gZGVsZXRpbmcgdGhlIGNvbXBvc2l0b3IgcnVuIGxvb3AKICAgICAgICAgaHR0cHM6Ly9i dWdzLndlYmtpdC5vcmcvc2hvd19idWcuY2dpP2lkPTE2NzU0NQogCmRpZmYgLS1naXQgYS9Tb3Vy Y2UvV2ViS2l0Mi9TaGFyZWQvQ29vcmRpbmF0ZWRHcmFwaGljcy9Db29yZGluYXRlZEdyYXBoaWNz U2NlbmUuY3BwIGIvU291cmNlL1dlYktpdDIvU2hhcmVkL0Nvb3JkaW5hdGVkR3JhcGhpY3MvQ29v cmRpbmF0ZWRHcmFwaGljc1NjZW5lLmNwcAppbmRleCA4YzQ2NmQzZjY1MC4uMThlNzM4NDJkMWIg MTAwNjQ0Ci0tLSBhL1NvdXJjZS9XZWJLaXQyL1NoYXJlZC9Db29yZGluYXRlZEdyYXBoaWNzL0Nv b3JkaW5hdGVkR3JhcGhpY3NTY2VuZS5jcHAKKysrIGIvU291cmNlL1dlYktpdDIvU2hhcmVkL0Nv b3JkaW5hdGVkR3JhcGhpY3MvQ29vcmRpbmF0ZWRHcmFwaGljc1NjZW5lLmNwcApAQCAtNTk4LDYg KzU5OCw5IEBAIHZvaWQgQ29vcmRpbmF0ZWRHcmFwaGljc1NjZW5lOjpjb21taXRQZW5kaW5nQmFj a2luZ1N0b3JlT3BlcmF0aW9ucygpCiAKIHZvaWQgQ29vcmRpbmF0ZWRHcmFwaGljc1NjZW5lOjpj b21taXRTY2VuZVN0YXRlKGNvbnN0IENvb3JkaW5hdGVkR3JhcGhpY3NTdGF0ZSYgc3RhdGUpCiB7 CisgICAgaWYgKCFtX2NsaWVudCkKKyAgICAgICAgcmV0dXJuOworCiAgICAgbV9yZW5kZXJlZENv bnRlbnRzU2Nyb2xsUG9zaXRpb24gPSBzdGF0ZS5zY3JvbGxQb3NpdGlvbjsKIAogICAgIGNyZWF0 ZUxheWVycyhzdGF0ZS5sYXllcnNUb0NyZWF0ZSk7CkBAIC03MDcsOSArNzEwLDEwIEBAIHZvaWQg Q29vcmRpbmF0ZWRHcmFwaGljc1NjZW5lOjpzZXRMYXllckFuaW1hdGlvbnNJZk5lZWRlZChUZXh0 dXJlTWFwcGVyTGF5ZXIqIGxhCiB2b2lkIENvb3JkaW5hdGVkR3JhcGhpY3NTY2VuZTo6ZGV0YWNo KCkKIHsKICAgICBBU1NFUlQoaXNNYWluVGhyZWFkKCkpOwotICAgIG1fcmVuZGVyUXVldWUuY2xl YXIoKTsKICAgICBtX2lzQWN0aXZlID0gZmFsc2U7CiAgICAgbV9jbGllbnQgPSBudWxscHRyOwor ICAgIExvY2tIb2xkZXIgbG9ja2VyKG1fcmVuZGVyUXVldWVNdXRleCk7CisgICAgbV9yZW5kZXJR dWV1ZS5jbGVhcigpOwogfQogCiB2b2lkIENvb3JkaW5hdGVkR3JhcGhpY3NTY2VuZTo6YXBwZW5k VXBkYXRlKHN0ZDo6ZnVuY3Rpb248dm9pZCgpPiYmIGZ1bmN0aW9uKQo=