217773 2020-10-15 11:42:30 -0700 v2: WebKit::XPCServiceEventHandler block should call exit() on the main thread 2020-10-15 18:54:46 -0700 1 1 1 Unclassified WebKit WebKit2 Other Unspecified Unspecified RESOLVED FIXED InRadar P2 Normal --- 216594 1 ddkilzer ddkilzer cdumez ggaren webkit-bug-importer oldest_to_newest 1698211 0 ddkilzer 2020-10-15 11:42:30 -0700 WebKit::XPCServiceEventHandler block should call exit() on the main thread. The fix in Bug 216594 / r267206 didn't work because apparently libdispatch thought the main thread was the current thread (maybe since this happened during exit(): Thread 0:: Dispatch queue: com.apple.main-thread 0 libSC.dylib 0x00007fff5df818f5 void std::__1::__tree_remove<std::__1::__tree_node_base<void*>*>(std::__1::__tree_node_base<void*>*, std::__1::__tree_node_base<void*>*) + 565 1 libSC.dylib 0x00007fff5df81296 boost::serialization::typeid_system::extended_type_info_typeid_0::type_unregister() + 598 2 libSC.dylib 0x00007fff5e116a1f boost::serialization::detail::singleton_wrapper<boost::serialization::extended_type_info_typeid<_SC_CI_TRANSFORM_SHADER_DESC> >::~singleton_wrapper() + 47 3 libsystem_c.dylib 0x00007fff20324ca7 __cxa_finalize_ranges + 316 4 libsystem_c.dylib 0x00007fff20324f92 exit + 53 5 com.apple.WebKit 0x00007fff3c627bcc invocation function for block in WebKit::AuxiliaryProcess::stopNSRunLoop() + 11 6 com.apple.CoreFoundation 0x00007fff204f05a2 __CFRUNLOOP_IS_CALLING_OUT_TO_A_BLOCK__ + 12 7 com.apple.CoreFoundation 0x00007fff204f044c __CFRunLoopDoBlocks + 437 8 com.apple.CoreFoundation 0x00007fff204ef132 __CFRunLoopRun + 907 9 com.apple.CoreFoundation 0x00007fff204ee6ce CFRunLoopRunSpecific + 563 10 com.apple.Foundation 0x00007fff212786d1 -[NSRunLoop(NSRunLoop) runMode:beforeDate:] + 212 11 com.apple.Foundation 0x00007fff21306ab4 -[NSRunLoop(NSRunLoop) run] + 76 12 libxpc.dylib 0x00007fff201473dd _xpc_objc_main + 825 13 libxpc.dylib 0x00007fff20146e65 xpc_main + 437 14 com.apple.WebKit 0x00007fff3c5dc3d2 WebKit::XPCServiceMain(int, char const**) + 629 15 libdyld.dylib 0x00007fff20413591 start + 1 [...] Thread 3 Crashed:: Dispatch queue: com.apple.root.default-qos 0 libSC.dylib 0x00007fff5df80e65 boost::serialization::typeid_system::extended_type_info_typeid_0::is_less_than(boost::serialization::extended_type_info const&) const + 21 1 libSC.dylib 0x00007fff5df810dc boost::serialization::typeid_system::extended_type_info_typeid_0::type_unregister() + 156 2 libSC.dylib 0x00007fff5e1165bf boost::serialization::detail::singleton_wrapper<boost::serialization::extended_type_info_typeid<_SC_PRIMSHADER_VPORT_CONTROLS_LUT> >::~singleton_wrapper() + 47 3 libsystem_c.dylib 0x00007fff20324ca7 __cxa_finalize_ranges + 316 4 libsystem_c.dylib 0x00007fff20324f92 exit + 53 5 com.apple.WebKit 0x00007fff3c5dd755 invocation function for block in WebKit::XPCServiceEventHandler(NSObject<OS_xpc_object>*) + 616 6 libxpc.dylib 0x00007fff2013ec28 _xpc_connection_call_event_handler + 56 7 libxpc.dylib 0x00007fff2013d90c _xpc_connection_mach_event + 535 8 libdispatch.dylib 0x00007fff2024c867 _dispatch_client_callout4 + 9 9 libdispatch.dylib 0x00007fff20266ec0 _dispatch_mach_cancel_invoke + 65 10 libdispatch.dylib 0x00007fff202647f4 _dispatch_mach_invoke + 1070 11 libdispatch.dylib 0x00007fff2025cc5d _dispatch_workloop_worker_thread + 819 12 libsystem_pthread.dylib 0x00007fff203f4499 _pthread_wqthread + 314 13 libsystem_pthread.dylib 0x00007fff203f3467 start_wqthread + 15 1698214 1 ddkilzer 2020-10-15 11:46:08 -0700 <rdar://problem/70275659> 1698216 2 411471 ddkilzer 2020-10-15 12:00:55 -0700 Created attachment 411471 Patch v1 1698355 3 ggaren 2020-10-15 16:27:38 -0700 Yes, during exit libdispatch somewhat randomly picks a new thread to be the "main queue" thread. I have seen many cases where this behavior confused someone and no cases where it helped someone. Oh well. To clarify, it's not that the *current* thread became the main queue thread; that would have caused a deadlock. Instead, some *other* thread became the main queue thread, and we called exit() on that thread. 1698357 4 411471 ggaren 2020-10-15 16:31:38 -0700 Comment on attachment 411471 Patch v1 r=me 1698420 5 ddkilzer 2020-10-15 18:45:34 -0700 Committed r268570: <https://trac.webkit.org/changeset/268570> 1698429 6 ddkilzer 2020-10-15 18:54:46 -0700 (In reply to David Kilzer (:ddkilzer) from comment #5) > Committed r268570: <https://trac.webkit.org/changeset/268570> Just modified the commit log message to reflect Geoff's comments in Comment #3. 411471 2020-10-15 12:00:55 -0700 2020-10-15 16:56:56 -0700 Patch v1 bug-217773-20201015120428.patch text/plain 2872 ddkilzer U3VidmVyc2lvbiBSZXZpc2lvbjogMjY4NDYwCmRpZmYgLS1naXQgYS9Tb3VyY2UvV2ViS2l0L0No YW5nZUxvZyBiL1NvdXJjZS9XZWJLaXQvQ2hhbmdlTG9nCmluZGV4IGM3NmNiN2Y0MWQ0Y2ZiMWFh ZTY4M2Q2ZmQ5YWMzMDI2NjFmMGU3NzcuLmZlNGY2NThjMzY0NWMxNzIxNDRiYWRlYzY5NjdkYTA5 NWE1MGMxNGIgMTAwNjQ0Ci0tLSBhL1NvdXJjZS9XZWJLaXQvQ2hhbmdlTG9nCisrKyBiL1NvdXJj ZS9XZWJLaXQvQ2hhbmdlTG9nCkBAIC0xLDMgKzEsMTcgQEAKKzIwMjAtMTAtMTUgIERhdmlkIEtp bHplciAgPGRka2lsemVyQGFwcGxlLmNvbT4KKworICAgICAgICB2MjogV2ViS2l0OjpYUENTZXJ2 aWNlRXZlbnRIYW5kbGVyIGJsb2NrIHNob3VsZCBjYWxsIGV4aXQoKSBvbiB0aGUgbWFpbiB0aHJl YWQKKyAgICAgICAgPGh0dHBzOi8vd2Via2l0Lm9yZy9iLzIxNzc3Mz4KKyAgICAgICAgPHJkYXI6 Ly9wcm9ibGVtLzcwMjc1NjU5PgorCisgICAgICAgIFJldmlld2VkIGJ5IE5PQk9EWSAoT09QUyEp LgorCisgICAgICAgICogU2hhcmVkL0VudHJ5UG9pbnRVdGlsaXRpZXMvQ29jb2EvWFBDU2Vydmlj ZS9YUENTZXJ2aWNlTWFpbi5tbToKKyAgICAgICAgKFdlYktpdDo6WFBDU2VydmljZUV2ZW50SGFu ZGxlcik6CisgICAgICAgIC0gVXNlIE5TUnVuTG9vcCBpbnN0ZWFkIG9mIGxpYmRpc3BhdGNoIHRv IHJ1biBjb2RlIG9uIHRoZSBtYWluIHRocmVhZAorICAgICAgICAgIGF0IGV4aXQoKSBzaW5jZSBs aWJkaXNwYXRjaCBzZWVtcyB0byB0aGluayB0aGUgY3VycmVudCBiYWNrZ3JvdW5kCisgICAgICAg ICAgdGhyZWFkIGlzIHRoZSBtYWluIHRocmVhZC4KKwogMjAyMC0xMC0xNCAgS2F0ZSBDaGVuZXkg IDxrYXRoZXJpbmVfY2hlbmV5QGFwcGxlLmNvbT4KIAogICAgICAgICBSZW1vdmUgUmVzb3VyY2VM b2FkU3RhdGlzdGljcyB0ZWxlbWV0cnkKZGlmZiAtLWdpdCBhL1NvdXJjZS9XZWJLaXQvU2hhcmVk L0VudHJ5UG9pbnRVdGlsaXRpZXMvQ29jb2EvWFBDU2VydmljZS9YUENTZXJ2aWNlTWFpbi5tbSBi L1NvdXJjZS9XZWJLaXQvU2hhcmVkL0VudHJ5UG9pbnRVdGlsaXRpZXMvQ29jb2EvWFBDU2Vydmlj ZS9YUENTZXJ2aWNlTWFpbi5tbQppbmRleCA5M2I3ZjQ1MjE4NjBmODJiN2U3NDI2Zjc1NzE0MjFl ZjIxYTQzMGE5Li40OGMzMGQ1ZjEyMGRhNDhkNTY0MmM0ZDIzNjRmNTM3ZmE3ZGI1YmI2IDEwMDY0 NAotLS0gYS9Tb3VyY2UvV2ViS2l0L1NoYXJlZC9FbnRyeVBvaW50VXRpbGl0aWVzL0NvY29hL1hQ Q1NlcnZpY2UvWFBDU2VydmljZU1haW4ubW0KKysrIGIvU291cmNlL1dlYktpdC9TaGFyZWQvRW50 cnlQb2ludFV0aWxpdGllcy9Db2NvYS9YUENTZXJ2aWNlL1hQQ1NlcnZpY2VNYWluLm1tCkBAIC01 MCw5ICs1MCw5IEBAIHN0YXRpYyB2b2lkIFhQQ1NlcnZpY2VFdmVudEhhbmRsZXIoeHBjX2Nvbm5l Y3Rpb25fdCBwZWVyKQogICAgICAgICAgICAgaWYgKGV2ZW50ID09IFhQQ19FUlJPUl9DT05ORUNU SU9OX0lOVkFMSUQgfHwgZXZlbnQgPT0gWFBDX0VSUk9SX1RFUk1JTkFUSU9OX0lNTUlORU5UKSB7 CiAgICAgICAgICAgICAgICAgUkVMRUFTRV9MT0dfRkFVTFQoSVBDLCAiRXhpdGluZzogUmVjZWl2 ZWQgWFBDIGV2ZW50IHR5cGU6ICVzIiwgZXZlbnQgPT0gWFBDX0VSUk9SX0NPTk5FQ1RJT05fSU5W QUxJRCA/ICJYUENfRVJST1JfQ09OTkVDVElPTl9JTlZBTElEIiA6ICJYUENfRVJST1JfVEVSTUlO QVRJT05fSU1NSU5FTlQiKTsKICAgICAgICAgICAgICAgICAvLyBGSVhNRTogSGFuZGxlIHRoaXMg Y2FzZSBtb3JlIGdyYWNlZnVsbHkuCi0gICAgICAgICAgICAgICAgZGlzcGF0Y2hfc3luYyhkaXNw YXRjaF9nZXRfbWFpbl9xdWV1ZSgpLCBeeworICAgICAgICAgICAgICAgIFtbTlNSdW5Mb29wIG1h aW5SdW5Mb29wXSBwZXJmb3JtQmxvY2s6XnsKICAgICAgICAgICAgICAgICAgICAgZXhpdChFWElU X0ZBSUxVUkUpOwotICAgICAgICAgICAgICAgIH0pOworICAgICAgICAgICAgICAgIH1dOwogICAg ICAgICAgICAgfQogICAgICAgICB9IGVsc2UgewogICAgICAgICAgICAgYXNzZXJ0KHR5cGUgPT0g WFBDX1RZUEVfRElDVElPTkFSWSk7CkBAIC03Nyw5ICs3Nyw5IEBAIHN0YXRpYyB2b2lkIFhQQ1Nl cnZpY2VFdmVudEhhbmRsZXIoeHBjX2Nvbm5lY3Rpb25fdCBwZWVyKQogICAgICAgICAgICAgICAg IEluaXRpYWxpemVyRnVuY3Rpb24gaW5pdGlhbGl6ZXJGdW5jdGlvblB0ciA9IHJlaW50ZXJwcmV0 X2Nhc3Q8SW5pdGlhbGl6ZXJGdW5jdGlvbj4oQ0ZCdW5kbGVHZXRGdW5jdGlvblBvaW50ZXJGb3JO YW1lKHdlYktpdEJ1bmRsZSwgZW50cnlQb2ludEZ1bmN0aW9uTmFtZSkpOwogICAgICAgICAgICAg ICAgIGlmICghaW5pdGlhbGl6ZXJGdW5jdGlvblB0cikgewogICAgICAgICAgICAgICAgICAgICBS RUxFQVNFX0xPR19GQVVMVChJUEMsICJFeGl0aW5nOiBVbmFibGUgdG8gZmluZCBlbnRyeSBwb2lu dCBpbiBXZWJLaXQuZnJhbWV3b3JrIHdpdGggbmFtZTogJXMiLCBbKF9fYnJpZGdlIE5TU3RyaW5n ICopZW50cnlQb2ludEZ1bmN0aW9uTmFtZSBVVEY4U3RyaW5nXSk7Ci0gICAgICAgICAgICAgICAg ICAgIGRpc3BhdGNoX3N5bmMoZGlzcGF0Y2hfZ2V0X21haW5fcXVldWUoKSwgXnsKKyAgICAgICAg ICAgICAgICAgICAgW1tOU1J1bkxvb3AgbWFpblJ1bkxvb3BdIHBlcmZvcm1CbG9jazpeewogICAg ICAgICAgICAgICAgICAgICAgICAgZXhpdChFWElUX0ZBSUxVUkUpOwotICAgICAgICAgICAgICAg ICAgICB9KTsKKyAgICAgICAgICAgICAgICAgICAgfV07CiAgICAgICAgICAgICAgICAgfQogCiAg ICAgICAgICAgICAgICAgYXV0byByZXBseSA9IGFkb3B0T1NPYmplY3QoeHBjX2RpY3Rpb25hcnlf Y3JlYXRlX3JlcGx5KGV2ZW50KSk7Cg==