Bug 167545

Summary: [Threaded Compositor] Crash when deleting the compositor run loop
Product: WebKit Reporter: Carlos Garcia Campos <cgarcia>
Component: WebKitGTKAssignee: Nobody <webkit-unassigned>
Status: RESOLVED FIXED    
Severity: Normal CC: bugs-noreply, commit-queue
Priority: P2 Keywords: Gtk
Version: WebKit Local Build   
Hardware: Unspecified   
OS: Unspecified   
Attachments:
Description Flags
Patch mcatanzaro: review+

Carlos Garcia Campos
Reported 2017-01-28 01:01:55 PST
I've seen this in bots: Thread 1 (Thread 0x7ff68447c940 (LWP 18142)): #0 0x00007ff68a721067 in __GI_raise (sig=sig@entry=6) at ../nptl/sysdeps/unix/sysv/linux/raise.c:56 #1 0x00007ff68a722448 in __GI_abort () at abort.c:89 #2 0x00007ff68ccc1105 in g_assertion_message () at /home/slave/webkitgtk/gtk-linux-64-release-tests/build/WebKitBuild/DependenciesGTK/Source/glib-2.44.1/glib/gtestutils.c:2356 #3 0x00007ff68ccc118a in g_assertion_message_expr () at /home/slave/webkitgtk/gtk-linux-64-release-tests/build/WebKitBuild/DependenciesGTK/Source/glib-2.44.1/glib/gtestutils.c:2371 #4 0x00007ff68cc8b1be in g_hash_table_lookup_node () at /home/slave/webkitgtk/gtk-linux-64-release-tests/build/WebKitBuild/DependenciesGTK/Source/glib-2.44.1/glib/ghash.c:373 #5 g_hash_table_remove_internal () at /home/slave/webkitgtk/gtk-linux-64-release-tests/build/WebKitBuild/DependenciesGTK/Source/glib-2.44.1/glib/ghash.c:1352 #6 0x00007ff68cc991a8 in g_source_unref_internal () at /home/slave/webkitgtk/gtk-linux-64-release-tests/build/WebKitBuild/DependenciesGTK/Source/glib-2.44.1/glib/gmain.c:2009 #7 0x00007ff6936e2b9d in WebKit::CompositingRunLoop::~CompositingRunLoop() () from /home/slave/webkitgtk/gtk-linux-64-release/build/WebKitBuild/Release/lib/libwebkit2gtk-4.0.so.37 #8 0x00007ff6936e4734 in WebKit::ThreadedCompositor::invalidate() () from /home/slave/webkitgtk/gtk-linux-64-release/build/WebKitBuild/Release/lib/libwebkit2gtk-4.0.so.37 #9 0x00007ff6936ee350 in WebKit::ThreadedCoordinatedLayerTreeHost::invalidate() () from /home/slave/webkitgtk/gtk-linux-64-release/build/WebKitBuild/Release/lib/libwebkit2gtk-4.0.so.37 #10 0x00007ff6936d09bb in WebKit::DrawingAreaImpl::exitAcceleratedCompositingMode() () from /home/slave/webkitgtk/gtk-linux-64-release/build/WebKitBuild/Release/lib/libwebkit2gtk-4.0.so.37 #11 0x00007ff6913718aa in WTF::RunLoop::TimerBase::TimerBase(WTF::RunLoop&)::{lambda(void*)#1}::_FUN(void*) () from /home/slave/webkitgtk/gtk-linux-64-release/build/WebKitBuild/Release/lib/libjavascriptcoregtk-4.0.so.18 #12 0x00007ff68cc9becd in g_main_dispatch () at /home/slave/webkitgtk/gtk-linux-64-release-tests/build/WebKitBuild/DependenciesGTK/Source/glib-2.44.1/glib/gmain.c:3122 #13 g_main_context_dispatch () at /home/slave/webkitgtk/gtk-linux-64-release-tests/build/WebKitBuild/DependenciesGTK/Source/glib-2.44.1/glib/gmain.c:3737 #14 0x00007ff68cc9c268 in g_main_context_iterate () at /home/slave/webkitgtk/gtk-linux-64-release-tests/build/WebKitBuild/DependenciesGTK/Source/glib-2.44.1/glib/gmain.c:3808 #15 0x00007ff68cc9c582 in g_main_loop_run () at /home/slave/webkitgtk/gtk-linux-64-release-tests/build/WebKitBuild/DependenciesGTK/Source/glib-2.44.1/glib/gmain.c:4002 #16 0x00007ff691371c50 in WTF::RunLoop::run() () from /home/slave/webkitgtk/gtk-linux-64-release/build/WebKitBuild/Release/lib/libjavascriptcoregtk-4.0.so.18 #17 0x00007ff6936d71e2 in WebProcessMainUnix () from /home/slave/webkitgtk/gtk-linux-64-release/build/WebKitBuild/Release/lib/libwebkit2gtk-4.0.so.37 #18 0x00007ff68a70db45 in __libc_start_main (main=0x400bf0 <main>, argc=2, argv=0x7fff81f67e88, init=<optimized out>, fini=<optimized out>, rtld_fini=<optimized out>, stack_end=0x7fff81f67e78) at libc-start.c:287 #19 0x0000000000400c45 in _start () The problem is that we are releasing the WorkQueue before the update timer that keeps a reference to the run loop, destroyed by the WorkQueue
Attachments
Patch (1.99 KB, patch)
2017-01-28 01:13 PST, Carlos Garcia Campos 		mcatanzaro: review+
DetailsFormatted DiffDiff
View All Add attachment proposed patch, testcase, etc.
Carlos Garcia Campos
Comment 1 2017-01-28 01:13:56 PST
Created attachment 300012 [details] Patch
WebKit Commit Bot
Comment 2 2017-01-28 01:15:56 PST
Attachment 300012 [details] did not pass style-queue: ERROR: Source/WebKit2/Shared/CoordinatedGraphics/threadedcompositor/CompositingRunLoop.cpp:126: More than one command on the same line [whitespace/newline] [4] Total errors found: 1 in 2 files If any of these errors are false positives, please file a bug against check-webkit-style.
Michael Catanzaro
Comment 3 2017-01-28 12:38:33 PST
Comment on attachment 300012 [details] Patch :/
Carlos Garcia Campos
Comment 4 2017-01-28 23:17:05 PST
Committed r211347: <http://trac.webkit.org/changeset/211347>
Note You need to log in before you can comment on or make changes to this bug.