Bug 180369

Summary: REGRESSION(r??????): Crash in ~TextureMapperGLData
Product: WebKit Reporter: Michael Catanzaro <mcatanzaro>
Component: WebKitGTKAssignee: Nobody <webkit-unassigned>
Status: RESOLVED DUPLICATE    
Severity: Normal CC: bugs-noreply, magomez, mcatanzaro
Priority: P2    
Version: Other   
Hardware: PC   
OS: Linux   
See Also: https://bugzilla.redhat.com/show_bug.cgi?id=1569539
Attachments:
Description Flags
Backtrace none

Description Michael Catanzaro 2017-12-04 12:42:19 PST 
Layout test http/tests/security/mixedContent/insecure-xhr-in-main-frame.html is a flaky crash. First recorded crash is 224934, three weeks ago. It's happening frequently, so we can assume it's going to be a problem. Updating expectations accordingly. Backtrace:

Thread 1 (Thread 0x2b174041d700 (LWP 31834)):
#0  0x00002b13bb309410 in _ZN7WebCore9GLContext7versionEv () from /home/slave/webkitgtk/gtk-linux-64-release/build/WebKitBuild/Release/lib/libwebkit2gtk-4.0.so.37
#1  0x00002b13ba5ea915 in _ZN7WebCore19TextureMapperGLDataD2Ev () from /home/slave/webkitgtk/gtk-linux-64-release/build/WebKitBuild/Release/lib/libwebkit2gtk-4.0.so.37
#2  0x00002b13ba5eabab in _ZN7WebCore15TextureMapperGLD2Ev () from /home/slave/webkitgtk/gtk-linux-64-release/build/WebKitBuild/Release/lib/libwebkit2gtk-4.0.so.37
#3  0x00002b13ba5eabf9 in _ZN7WebCore15TextureMapperGLD0Ev () from /home/slave/webkitgtk/gtk-linux-64-release/build/WebKitBuild/Release/lib/libwebkit2gtk-4.0.so.37
#4  0x00002b13ba3f5b22 in _ZN6WebKit24CoordinatedGraphicsScene16purgeGLResourcesEv () from /home/slave/webkitgtk/gtk-linux-64-release/build/WebKitBuild/Release/lib/libwebkit2gtk-4.0.so.37
#5  0x00002b13ba3fc3b1 in _ZN3WTF8FunctionIFvvEE15CallableWrapperIZN6WebKit18ThreadedCompositor10invalidateEvEUlvE_E4callEv () from /home/slave/webkitgtk/gtk-linux-64-release/build/WebKitBuild/Release/lib/libwebkit2gtk-4.0.so.37
#6  0x00002b13ba3fad53 in _ZN3WTF8FunctionIFvvEE15CallableWrapperIZN6WebKit18CompositingRunLoop15performTaskSyncEOS2_EUlvE_E4callEv () from /home/slave/webkitgtk/gtk-linux-64-release/build/WebKitBuild/Release/lib/libwebkit2gtk-4.0.so.37
#7  0x00002b13be231690 in _ZN3WTF7RunLoop11performWorkEv () from /home/slave/webkitgtk/gtk-linux-64-release/build/WebKitBuild/Release/lib/libjavascriptcoregtk-4.0.so.18
#8  0x00002b13be266af9 in _ZZN3WTF7RunLoopC4EvENUlPvE_4_FUNES1_ () from /home/slave/webkitgtk/gtk-linux-64-release/build/WebKitBuild/Release/lib/libjavascriptcoregtk-4.0.so.18
#9  0x00002b13c021181a in g_main_dispatch () at /home/slave/webkitgtk/gtk-linux-64-release-tests/build/WebKitBuild/DependenciesGTK/Source/glib-2.54.2/glib/gmain.c:3148
#10 g_main_context_dispatch () at /home/slave/webkitgtk/gtk-linux-64-release-tests/build/WebKitBuild/DependenciesGTK/Source/glib-2.54.2/glib/gmain.c:3813
#11 0x00002b13c0211ba8 in g_main_context_iterate () at /home/slave/webkitgtk/gtk-linux-64-release-tests/build/WebKitBuild/DependenciesGTK/Source/glib-2.54.2/glib/gmain.c:3886
#12 0x00002b13c0211ec2 in g_main_loop_run () at /home/slave/webkitgtk/gtk-linux-64-release-tests/build/WebKitBuild/DependenciesGTK/Source/glib-2.54.2/glib/gmain.c:4082
#13 0x00002b13be2674a0 in _ZN3WTF7RunLoop3runEv () from /home/slave/webkitgtk/gtk-linux-64-release/build/WebKitBuild/Release/lib/libjavascriptcoregtk-4.0.so.18
#14 0x00002b13be2664d4 in _ZN3WTF8FunctionIFvvEE15CallableWrapperIZNS_9WorkQueue18platformInitializeEPKcNS4_4TypeENS4_3QOSEEUlvE_E4callEv () from /home/slave/webkitgtk/gtk-linux-64-release/build/WebKitBuild/Release/lib/libjavascriptcoregtk-4.0.so.18
#15 0x00002b13be232dab in _ZN3WTF6Thread10entryPointEPNS0_16NewThreadContextE () from /home/slave/webkitgtk/gtk-linux-64-release/build/WebKitBuild/Release/lib/libjavascriptcoregtk-4.0.so.18
#16 0x00002b13be265749 in _ZN3WTFL19wtfThreadEntryPointEPv () from /home/slave/webkitgtk/gtk-linux-64-release/build/WebKitBuild/Release/lib/libjavascriptcoregtk-4.0.so.18
#17 0x00002b13c346f494 in start_thread (arg=0x2b174041d700) at pthread_create.c:333
#18 0x00002b13c464b93f in clone () at ../sysdeps/unix/sysv/linux/x86_64/clone.S:97
Comment 1 Michael Catanzaro 2018-04-19 07:42:12 PDT 
Created attachment 338323 [details]
Backtrace

Full backtrace, note:

#0  WebCore::GLContext::version (this=0x0) at /usr/src/debug/webkitgtk4-2.20.1-1.fc27.x86_64/Source/WebCore/platform/graphics/GLContext.cpp:172
[Current thread is 1 (Thread 0x7f61dcff9700 (LWP 3206))]

Calling a member function on a NULL GLContext seems bad
Comment 2 Michael Catanzaro 2018-04-19 08:01:40 PDT 
Looks like the GLContext::current is required to be destroyed before all TextureMapperGLData objects, but that didn't happen for some reason.
Comment 3 Miguel Gomez 2018-04-19 08:14:11 PDT 
This is the same as https://bugs.webkit.org/show_bug.cgi?id=184040, which has more detailed backtrace. I have the latter on my TODO when I have a moment, can we close this as duplicated of that one?
Comment 4 Michael Catanzaro 2018-04-19 09:23:59 PDT 
Sure, though the backtrace in attachment #338323 [details] looks more detailed to me.

*** This bug has been marked as a duplicate of bug 184040 ***