Bug 167559

Summary: [Threaded Compositor] Crash on WebCore::GLContext::version()
Product: WebKit Reporter: Carlos Garcia Campos <cgarcia>
Component: WebKit2Assignee: Nobody <webkit-unassigned>
Status: RESOLVED FIXED    
Severity: Normal CC: bugs-noreply
Priority: P2 Keywords: Gtk
Version: WebKit Local Build   
Hardware: Unspecified   
OS: Unspecified   
Attachments:
Description Flags
Patch
none
Patch mcatanzaro: review+

Carlos Garcia Campos
Reported 2017-01-29 01:42:11 PST
This is happening because TextureMapperPlatformLayerProxy::compositorThreadUpdateTimerFired() is fired after the threaded compositor is deleted. CoordinatedGraphicsScene::purgeGLResources() should invalidate the proxies before clearing the map, and TextureMapperPlatformLayerProxy::invalidate( should delete the timer. Thread 1 (Thread 0x7f1169316700 (LWP 11064)): #0 0x00007f1207af67e0 in WebCore::GLContext::version() () from /home/slave/webkitgtk/gtk-linux-64-release/build/WebKitBuild/Release/lib/libwebkit2gtk-4.0.so.37 #1 0x00007f1207afa074 in WebCore::GraphicsContext3D::getExtensions() () from /home/slave/webkitgtk/gtk-linux-64-release/build/WebKitBuild/Release/lib/libwebkit2gtk-4.0.so.37 #2 0x00007f1207b0dba7 in WebCore::GraphicsContext3D::validateDepthStencil(char const*) () from /home/slave/webkitgtk/gtk-linux-64-release/build/WebKitBuild/Release/lib/libwebkit2gtk-4.0.so.37 #3 0x00007f1207af9adf in WebCore::GraphicsContext3D::GraphicsContext3D(WebCore::GraphicsContext3DAttributes, WebCore::HostWindow*, WebCore::GraphicsContext3D::RenderStyle) () from /home/slave/webkitgtk/gtk-linux-64-release/build/WebKitBuild/Release/lib/libwebkit2gtk-4.0.so.37 #4 0x00007f1207af9fcc in WebCore::GraphicsContext3D::create(WebCore::GraphicsContext3DAttributes, WebCore::HostWindow*, WebCore::GraphicsContext3D::RenderStyle) () from /home/slave/webkitgtk/gtk-linux-64-release/build/WebKitBuild/Release/lib/libwebkit2gtk-4.0.so.37 #5 0x00007f1207a86d9b in WebCore::MediaPlayerPrivateGStreamerBase::pushTextureToCompositor() () from /home/slave/webkitgtk/gtk-linux-64-release/build/WebKitBuild/Release/lib/libwebkit2gtk-4.0.so.37 #6 0x00007f1207ad4e80 in WebCore::TextureMapperPlatformLayerProxy::compositorThreadUpdateTimerFired() () from /home/slave/webkitgtk/gtk-linux-64-release/build/WebKitBuild/Release/lib/libwebkit2gtk-4.0.so.37 #7 0x00007f12047bb85a in WTF::RunLoop::TimerBase::TimerBase(WTF::RunLoop&)::{lambda(void*)#1}::_FUN(void*) () from /home/slave/webkitgtk/gtk-linux-64-release/build/WebKitBuild/Release/lib/libjavascriptcoregtk-4.0.so.18 #8 0x00007f12000e5ecd in g_main_dispatch () at /home/slave/webkitgtk/gtk-linux-64-release-tests/build/WebKitBuild/DependenciesGTK/Source/glib-2.44.1/glib/gmain.c:3122 #9 g_main_context_dispatch () at /home/slave/webkitgtk/gtk-linux-64-release-tests/build/WebKitBuild/DependenciesGTK/Source/glib-2.44.1/glib/gmain.c:3737 #10 0x00007f12000e6268 in g_main_context_iterate () at /home/slave/webkitgtk/gtk-linux-64-release-tests/build/WebKitBuild/DependenciesGTK/Source/glib-2.44.1/glib/gmain.c:3808 #11 0x00007f12000e6582 in g_main_loop_run () at /home/slave/webkitgtk/gtk-linux-64-release-tests/build/WebKitBuild/DependenciesGTK/Source/glib-2.44.1/glib/gmain.c:4002 #12 0x00007f12047bbc00 in WTF::RunLoop::run() () from /home/slave/webkitgtk/gtk-linux-64-release/build/WebKitBuild/Release/lib/libjavascriptcoregtk-4.0.so.18 #13 0x00007f12047baa63 in std::_Function_handler<void (), WTF::WorkQueue::platformInitialize(char const*, WTF::WorkQueue::Type, WTF::WorkQueue::QOS)::{lambda()#1}>::_M_invoke(std::_Any_data const&) () from /home/slave/webkitgtk/gtk-linux-64-release/build/WebKitBuild/Release/lib/libjavascriptcoregtk-4.0.so.18 #14 0x00007f1204784345 in WTF::threadEntryPoint(void*) () from /home/slave/webkitgtk/gtk-linux-64-release/build/WebKitBuild/Release/lib/libjavascriptcoregtk-4.0.so.18 #15 0x00007f12047b90ba in WTF::wtfThreadEntryPoint(void*) () from /home/slave/webkitgtk/gtk-linux-64-release/build/WebKitBuild/Release/lib/libjavascriptcoregtk-4.0.so.18 #16 0x00007f12019300a4 in start_thread (arg=0x7f1169316700) at pthread_create.c:309 #17 0x00007f11fdc1e87d in clone () at ../sysdeps/unix/sysv/linux/x86_64/clone.S:111
Attachments
Patch (2.94 KB, patch)
2017-01-29 01:45 PST, Carlos Garcia Campos 		no flags
DetailsFormatted DiffDiff
Patch (3.56 KB, patch)
2017-01-29 03:29 PST, Carlos Garcia Campos 		mcatanzaro: review+
DetailsFormatted DiffDiff
Show Obsolete (1) View All Add attachment proposed patch, testcase, etc.
Carlos Garcia Campos
Comment 1 2017-01-29 01:45:04 PST
Created attachment 300063 [details] Patch
Carlos Garcia Campos
Comment 2 2017-01-29 03:29:22 PST
Created attachment 300065 [details] Patch
Carlos Garcia Campos
Comment 3 2017-01-29 21:57:08 PST
Committed r211357: <http://trac.webkit.org/changeset/211357>
Note You need to log in before you can comment on or make changes to this bug.