Bug 314087
| Summary: | REGRESSION(308116@main): Crash in WebKit::AcceleratedSurface::sendFrame | ||
|---|---|---|---|
| Product: | WebKit | Reporter: | Michael Catanzaro <mcatanzaro> |
| Component: | WebKitGTK | Assignee: | Carlos Garcia Campos <cgarcia> |
| Status: | RESOLVED FIXED | ||
| Severity: | Normal | CC: | bugs-noreply, jan.brummer, mcatanzaro |
| Priority: | P2 | ||
| Version: | WebKit Nightly Build | ||
| Hardware: | PC | ||
| OS: | Linux | ||
Michael Catanzaro
We have a non-public email client application, which sometimes crashes when creating a web view. Carlos Garcia requested that I create this bug report even though I do not have a reproducer to share:
(gdb) bt
#0 WTFCrash () at /home/mcatanzaro/Projects/WebKit/Source/WTF/wtf/Assertions.cpp:380
#1 0x00007ff9ce8e8aa9 in WTF::CrashOnOverflow::crash () at WTF/Headers/wtf/OverflowHandler.h:66
#2 0x00007ff9ce8e8a99 in WTF::CrashOnOverflow::overflowed () at WTF/Headers/wtf/OverflowHandler.h:59
#3 0x00007ff9cf47c3b4 in WTF::Vector<std::pair<WebKit::AcceleratedSurface::RenderTarget*, WTF::Vector<WebCore::IntRect, 1, WTF::CrashOnOverflow, 16, WTF::FastMalloc> >, 1, WTF::CrashOnOverflow, 16, WTF::FastMalloc>::takeLast (this=<optimized out>)
at WTF/Headers/wtf/Vector.h:826
#4 0x00007ff9cf47c1e8 in WebKit::AcceleratedSurface::sendFrame (this=<optimized out>)
at /home/mcatanzaro/Projects/WebKit/Source/WebKit/WebProcess/WebPage/CoordinatedGraphics/AcceleratedSurface.cpp:1079
#5 0x00007ff9cf48e728 in WebKit::NonCompositedFrameRenderer::finishRenderingUpdate (this=0x7ff9a60287e0)
at /home/mcatanzaro/Projects/WebKit/Source/WebKit/WebProcess/WebPage/CoordinatedGraphics/NonCompositedFrameRenderer.cpp:279
#6 WebKit::NonCompositedFrameRenderer::updateRendering (this=0x7ff9a60287e0)
at /home/mcatanzaro/Projects/WebKit/Source/WebKit/WebProcess/WebPage/CoordinatedGraphics/NonCompositedFrameRenderer.cpp:273
#7 0x00007ff9cf48398b in WebKit::DrawingAreaCoordinatedGraphics::updateGeometry (this=this@entry=0x7ff9a6024300, size=...,
completionHandler=...)
at /home/mcatanzaro/Projects/WebKit/Source/WebKit/WebProcess/WebPage/CoordinatedGraphics/DrawingAreaCoordinatedGraphicsGLib.cpp:261
#8 0x00007ff9cea76f0c in IPC::callMemberFunction<WebKit::DrawingArea, WebKit::DrawingArea, void (WebCore::IntSize const&, WTF::CompletionHandler<void ()>&&), std::tuple<WebCore::IntSize>, void ()>(WebKit::DrawingArea*, void (WebKit::DrawingArea::*)(WebCore::IntSize const&, WTF::CompletionHandler<void ()>&&), std::tuple<WebCore::IntSize>&&, WTF::CompletionHandler<void ()>&&)::{lambda((auto:1&&)...)#1}::operator()<WebCore::IntSize>(WebCore::IntSize&&) const (args=..., this=<optimized out>)
at /home/mcatanzaro/Projects/WebKit/Source/WebKit/Platform/IPC/HandleMessage.h:150
#9 std::__invoke_impl<void, IPC::callMemberFunction<WebKit::DrawingArea, WebKit::DrawingArea, void (WebCore::IntSize const&, WTF::CompletionHandler<void ()>&&), std::tuple<WebCore::IntSize>, void ()>(WebKit::DrawingArea*, void (WebKit::DrawingArea::*)(WebCore::IntSize const&, WTF::CompletionHandler<void ()>&&), std::tuple<WebCore::IntSize>&&, WTF::CompletionHandler<void ()>&&)::{lambda((auto:1&&)...)#1}, WebCore::IntSize>(std::__invoke_other, IPC::callMemberFunction<WebKit::DrawingArea, WebKit::DrawingArea, void (WebCore::IntSize const&, WTF::CompletionHandler<void ()>&&), std::tuple<WebCore::IntSize>, void ()>(WebKit::DrawingArea*, void (WebKit::DrawingArea::*)(WebCore::IntSize const&, WTF::CompletionHandler<void ()>&&), std::tuple<WebCore::IntSize>&&, WTF::CompletionHandler<void ()>&&)::{lambda((auto:1&&)...)#1}&&, WebCore::IntSize&&) (__args=..., __f=...) at /usr/bin/../lib/gcc/x86_64-redhat-linux/16/../../../../include/c++/16/bits/invoke.h:63
#10 std::__invoke<IPC::callMemberFunction<WebKit::DrawingArea, WebKit::DrawingArea, void (WebCore::IntSize const&, WTF::CompletionHandler<void ()>&&), std::tuple<WebCore::IntSize>, void ()>(WebKit::DrawingArea*, void (WebKit::DrawingArea::*)(WebCore::IntSize const&, WTF::CompletionHandler<void ()>&&), std::tuple<WebCore::IntSize>&&, WTF::CompletionHandler<void ()>&&)::{lambda((auto:1&&)...)#1}, WebCore::IntSize>(IPC::callMemberFunction<WebKit::DrawingArea, WebKit::DrawingArea, void (WebCore::IntSize const&, WTF::CompletionHandler<void ()>&&), std::tuple<WebCore::IntSize>, void ()>(WebKit::DrawingArea*, void (WebKit::DrawingArea::*)(WebCore::IntSize const&, WTF::CompletionHandler<void ()>&&), std::tuple<WebCore::IntSize>&&, WTF::CompletionHandler<void ()>&&)::{lambda((auto:1&&)...)#1}&&, WebCore::IntSize&&) (__args=...,
__fn=...) at /usr/bin/../lib/gcc/x86_64-redhat-linux/16/../../../../include/c++/16/bits/invoke.h:98
#11 std::__apply_impl<IPC::callMemberFunction<WebKit::DrawingArea, WebKit::DrawingArea, void (WebCore::IntSize const&, WTF::CompletionHandler<void ()>&&), std::tuple<WebCore::IntSize>, void ()>(WebKit::DrawingArea*, void (WebKit::DrawingArea::*)(WebCore::IntSize const&, WTF::CompletionHandler<void ()>&&), std::tuple<WebCore::IntSize>&&, WTF::CompletionHandler<void ()>&&)::{lambda((auto:1&&)...)#1}, std::tuple<WebCore::IntSize>, 0ul>(IPC::callMemberFunction<WebKit::DrawingArea, WebKit::DrawingArea, void (WebCore::IntSize const&, WTF::CompletionHandler<void ()>&&), std::tuple<WebCore::IntSize>, void ()>(WebKit::DrawingArea*, void (WebKit::DrawingArea::*)(WebCore::IntSize const&, WTF::CompletionHandler<void ()>&&), std::tuple<WebCore::IntSize>&&, WTF::CompletionHandler<void ()>&&)::{lambda((auto:1&&)...)#1}&&, std::tuple<WebCore::IntSize>&&, std::integer_sequence<unsigned long, 0ul>) (__t=..., __f=...)
at /usr/bin/../lib/gcc/x86_64-redhat-linux/16/../../../../include/c++/16/tuple:2976
#12 apply<(lambda at /home/mcatanzaro/Projects/WebKit/Source/WebKit/Platform/IPC/HandleMessage.h:148:9), std::tuple<WebCore::IntSize> > (
__t=..., __f=...) at /usr/bin/../lib/gcc/x86_64-redhat-linux/16/../../../../include/c++/16/tuple:2991
#13 IPC::callMemberFunction<WebKit::DrawingArea, WebKit::DrawingArea, void(WebCore::IntSize const&, WTF::CompletionHandler<void()>&&), std::tuple<WebCore::IntSize>, void()> (object=<optimized out>, function=<optimized out>, tuple=..., completionHandler=...)
at /home/mcatanzaro/Projects/WebKit/Source/WebKit/Platform/IPC/HandleMessage.h:147
#14 IPC::handleMessageAsync<Messages::DrawingArea::UpdateGeometry, IPC::Connection, WebKit::DrawingArea, WebKit::DrawingArea, void(WebCore::IntSize const&, WTF::CompletionHandler<void()>&&)> (connection=..., decoder=..., object=object@entry=0x7ff9a6024300,
function=<optimized out>) at /home/mcatanzaro/Projects/WebKit/Source/WebKit/Platform/IPC/HandleMessage.h:553
#15 0x00007ff9cea76c71 in WebKit::DrawingArea::didReceiveMessage (this=0x7ff9a6024300, connection=..., decoder=...)
at /home/mcatanzaro/Projects/WebKit/WebKitBuild/gtk4/DerivedSources/WebKit/DrawingAreaMessageReceiver.cpp:71
#16 0x00007ff9ceea755c in IPC::MessageReceiverMap::dispatchMessage (this=<optimized out>, connection=..., decoder=...)
at WTF/Headers/wtf/Ref.h:54
#17 0x00007ff9ceeb0d1c in WebKit::AuxiliaryProcess::dispatchMessage (this=this@entry=0x7ff9a6018460, connection=..., decoder=...)
at /home/mcatanzaro/Projects/WebKit/Source/WebKit/Shared/AuxiliaryProcess.cpp:154
#18 0x00007ff9ce9ecb96 in WebKit::AuxiliaryProcess::didReceiveMessage (this=0x7ff9a6018460, connection=..., decoder=...)
at /home/mcatanzaro/Projects/WebKit/WebKitBuild/gtk4/DerivedSources/WebKit/AuxiliaryProcessMessageReceiver.cpp:74
#19 0x00007ff9cee9e7bb in IPC::Connection::dispatchMessage (this=this@entry=0x7ff9a6054100, decoder=...)
at /home/mcatanzaro/Projects/WebKit/Source/WebKit/Platform/IPC/Connection.cpp:1421
#20 0x00007ff9cee9ea22 in IPC::Connection::dispatchMessage (this=0x7ff9a6054100, message=...)
--Type <RET> for more, q to quit, c to continue without paging--c
at /home/mcatanzaro/Projects/WebKit/Source/WebKit/Platform/IPC/Connection.cpp:1481
#21 0x00007ff9cee9eb31 in IPC::Connection::dispatchOneIncomingMessage (this=<optimized out>)
at /home/mcatanzaro/Projects/WebKit/Source/WebKit/Platform/IPC/Connection.cpp:1555
#22 0x00007ff9ca9f2925 in WTF::Function<void()>::operator() (this=0x7ffda93ae090)
at /home/mcatanzaro/Projects/WebKit/Source/WTF/wtf/Function.h:103
#23 WTF::RunLoop::performWork (this=this@entry=0x7ff9a6018110) at /home/mcatanzaro/Projects/WebKit/Source/WTF/wtf/RunLoop.cpp:145
#24 0x00007ff9caab71e9 in WTF::RunLoop::RunLoop()::$_0::operator()(void*) const (userData=0x7ffda93ad8c8, userData@entry=0x7ff9a6018110,
this=<optimized out>) at /home/mcatanzaro/Projects/WebKit/Source/WTF/wtf/glib/RunLoopGLib.cpp:153
#25 __invoke (userData=0x7ffda93ad8c8, userData@entry=0x7ff9a6018110)
at /home/mcatanzaro/Projects/WebKit/Source/WTF/wtf/glib/RunLoopGLib.cpp:152
#26 0x00007ff9caab5d29 in WTF::RunLoop::$_3::operator() (source=0x2322f640, callback=0x7ff9caab71e0 <__invoke()>, userData=0x7ff9a6018110,
this=<optimized out>) at /home/mcatanzaro/Projects/WebKit/Source/WTF/wtf/glib/RunLoopGLib.cpp:116
#27 __invoke (source=0x2322f640, callback=0x7ff9caab71e0 <__invoke()>, userData=0x7ff9a6018110)
at /home/mcatanzaro/Projects/WebKit/Source/WTF/wtf/glib/RunLoopGLib.cpp:89
#28 0x00007ff9cad7362c in g_main_dispatch (context=0x2322f6e0) at ../../../../Projects/glib/glib/gmain.c:3591
#29 0x00007ff9cad74a77 in g_main_context_dispatch_unlocked (context=0x2322f6e0) at ../../../../Projects/glib/glib/gmain.c:4451
#30 0x00007ff9cad74a41 in g_main_context_dispatch (context=0x2322f6e0) at ../../../../Projects/glib/glib/gmain.c:4439
#31 0x00007ff9caab63c3 in WTF::RunLoop::runGLibMainLoopIteration (this=this@entry=0x7ff9a6018110,
mayBlock=mayBlock@entry=WTF::RunLoop::MayBlock::Yes) at /home/mcatanzaro/Projects/WebKit/Source/WTF/wtf/glib/RunLoopGLib.cpp:191
#32 0x00007ff9caab66ca in WTF::RunLoop::runGLibMainLoop (this=0x7ff9a6018110)
at /home/mcatanzaro/Projects/WebKit/Source/WTF/wtf/glib/RunLoopGLib.cpp:200
#33 WTF::RunLoop::run () at /home/mcatanzaro/Projects/WebKit/Source/WTF/wtf/glib/RunLoopGLib.cpp:213
#34 0x00007ff9cf499913 in WebKit::AuxiliaryProcessMainBase<WebKit::WebProcess, true>::run (this=0x7ffda93ae2a0, argc=<optimized out>,
argv=<optimized out>) at /home/mcatanzaro/Projects/WebKit/Source/WebKit/Shared/AuxiliaryProcessMain.h:77
#35 WebKit::AuxiliaryProcessMain<WebKit::WebProcessMainGtk> (argc=3, argv=<optimized out>)
at /home/mcatanzaro/Projects/WebKit/Source/WebKit/Shared/AuxiliaryProcessMain.h:103
#36 0x00007ff9c5e08681 in __libc_start_call_main (main=main@entry=0x201890 <main(int, char**)>, argc=argc@entry=3,
argv=argv@entry=0x7ffda93ae448) at ../sysdeps/nptl/libc_start_call_main.h:59
#37 0x00007ff9c5e08798 in __libc_start_main_impl (main=0x201890 <main(int, char**)>, argc=3, argv=0x7ffda93ae448, init=<optimized out>,
fini=<optimized out>, rtld_fini=<optimized out>, stack_end=0x7ffda93ae438) at ../csu/libc-start.c:360
#38 0x00000000002017c5 in _start ()
(gdb) bt full
#0 WTFCrash () at /home/mcatanzaro/Projects/WebKit/Source/WTF/wtf/Assertions.cpp:380
No locals.
#1 0x00007ff9ce8e8aa9 in WTF::CrashOnOverflow::crash () at WTF/Headers/wtf/OverflowHandler.h:66
No locals.
#2 0x00007ff9ce8e8a99 in WTF::CrashOnOverflow::overflowed () at WTF/Headers/wtf/OverflowHandler.h:59
No locals.
#3 0x00007ff9cf47c3b4 in WTF::Vector<std::pair<WebKit::AcceleratedSurface::RenderTarget*, WTF::Vector<WebCore::IntRect, 1, WTF::CrashOnOverflow, 16, WTF::FastMalloc> >, 1, WTF::CrashOnOverflow, 16, WTF::FastMalloc>::takeLast (this=<optimized out>)
at WTF/Headers/wtf/Vector.h:826
result = <optimized out>
#4 0x00007ff9cf47c1e8 in WebKit::AcceleratedSurface::sendFrame (this=<optimized out>)
at /home/mcatanzaro/Projects/WebKit/Source/WebKit/WebProcess/WebPage/CoordinatedGraphics/AcceleratedSurface.cpp:1079
target = <optimized out>
damageRects = <optimized out>
#5 0x00007ff9cf48e728 in WebKit::NonCompositedFrameRenderer::finishRenderingUpdate (this=0x7ff9a60287e0)
at /home/mcatanzaro/Projects/WebKit/Source/WebKit/WebProcess/WebPage/CoordinatedGraphics/NonCompositedFrameRenderer.cpp:279
No locals.
#6 WebKit::NonCompositedFrameRenderer::updateRendering (this=0x7ff9a60287e0)
at /home/mcatanzaro/Projects/WebKit/Source/WebKit/WebProcess/WebPage/CoordinatedGraphics/NonCompositedFrameRenderer.cpp:273
scaledSize = {m_width = 815, m_height = 0}
reentrancyProtector = {m_scopedVariable = @0x7ff9a60287f2, m_valueToRestore = false}
webPage = {static isRef = <optimized out>, m_ptr = 0x7ff9a60c8680}
drawingArea = <optimized out>
#7 0x00007ff9cf48398b in WebKit::DrawingAreaCoordinatedGraphics::updateGeometry (this=this@entry=0x7ff9a6024300, size=...,
completionHandler=...)
at /home/mcatanzaro/Projects/WebKit/Source/WebKit/WebProcess/WebPage/CoordinatedGraphics/DrawingAreaCoordinatedGraphicsGLib.cpp:261
inUpdateGeometry = {m_scopedVariable = @0x7ff9a6024343, m_valueToRestore = false}
webPage = {static isRef = <optimized out>, m_ptr = 0x7ff9a60c8680}
#8 0x00007ff9cea76f0c in IPC::callMemberFunction<WebKit::DrawingArea, WebKit::DrawingArea, void (WebCore::IntSize const&, WTF::CompletionHandler<void ()>&&), std::tuple<WebCore::IntSize>, void ()>(WebKit::DrawingArea*, void (WebKit::DrawingArea::*)(WebCore::IntSize const&, WTF::CompletionHandler<void ()>&&), std::tuple<WebCore::IntSize>&&, WTF::CompletionHandler<void ()>&&)::{lambda((auto:1&&)...)#1}::operator()<WebCore::IntSize>(WebCore::IntSize&&) const (args=..., this=<optimized out>)
at /home/mcatanzaro/Projects/WebKit/Source/WebKit/Platform/IPC/HandleMessage.h:150
No locals.
#9 std::__invoke_impl<void, IPC::callMemberFunction<WebKit::DrawingArea, WebKit::DrawingArea, void (WebCore::IntSize const&, WTF::CompletionHandler<void ()>&&), std::tuple<WebCore::IntSize>, void ()>(WebKit::DrawingArea*, void (WebKit::DrawingArea::*)(WebCore::IntSize const&, WTF::CompletionHandler<void ()>&&), std::tuple<WebCore::IntSize>&&, WTF::CompletionHandler<void ()>&&)::{lambda((auto:1&&)...)#1}, WebCore::IntSize>(std::__invoke_other, IPC::callMemberFunction<WebKit::DrawingArea, WebKit::DrawingArea, void (WebCore::IntSize const&, WTF::CompletionHandler<void ()>&&), std::tuple<WebCore::IntSize>, void ()>(WebKit::DrawingArea*, void (WebKit::DrawingArea::*)(WebCore::IntSize const&, WTF::CompletionHandler<void ()>&&), std::tuple<WebCore::IntSize>&&, WTF::CompletionHandler<void ()>&&)::{lambda((auto:1&&)...)#1}&&, WebCore::IntSize&&) (__args=..., __f=...) at /usr/bin/../lib/gcc/x86_64-redhat-linux/16/../../../../include/c++/16/bits/invoke.h:63
No locals.
#10 std::__invoke<IPC::callMemberFunction<WebKit::DrawingArea, WebKit::DrawingArea, void (WebCore::IntSize const&, WTF::CompletionHandler<void ()>&&), std::tuple<WebCore::IntSize>, void ()>(WebKit::DrawingArea*, void (WebKit::DrawingArea::*)(WebCore::IntSize const&, WTF::CompletionHandler<void ()>&&), std::tuple<WebCore::IntSize>&&, WTF::CompletionHandler<void ()>&&)::{lambda((auto:1&&)...)#1}, WebCore::IntSize>(IPC::callMemberFunction<WebKit::DrawingArea, WebKit::DrawingArea, void (WebCore::IntSize const&, WTF::CompletionHandler<void ()>&&), std::tuple<WebCore::IntSize>, void ()>(WebKit::DrawingArea*, void (WebKit::DrawingArea::*)(WebCore::IntSize const&, WTF::CompletionHandler<void ()>&&), std::tuple<WebCore::IntSize>&&, WTF::CompletionHandler<void ()>&&)::{lambda((auto:1&&)...)#1}&&, WebCore::IntSize&&) (__args=...,
__fn=...) at /usr/bin/../lib/gcc/x86_64-redhat-linux/16/../../../../include/c++/16/bits/invoke.h:98
No locals.
#11 std::__apply_impl<IPC::callMemberFunction<WebKit::DrawingArea, WebKit::DrawingArea, void (WebCore::IntSize const&, WTF::CompletionHandler<void ()>&&), std::tuple<WebCore::IntSize>, void ()>(WebKit::DrawingArea*, void (WebKit::DrawingArea::*)(WebCore::IntSize const&, WTF::CompletionHandler<void ()>&&), std::tuple<WebCore::IntSize>&&, WTF::CompletionHandler<void ()>&&)::{lambda((auto:1&&)...)#1}, std::tuple<WebCore::IntSize>, 0ul>(IPC::callMemberFunction<WebKit::DrawingArea, WebKit::DrawingArea, void (WebCore::IntSize const&, WTF::CompletionHandler<void ()>&&), std::tuple<WebCore::IntSize>, void ()>(WebKit::DrawingArea*, void (WebKit::DrawingArea::*)(WebCore::IntSize const&, WTF::CompletionHandler<void ()>&&), std::tuple<WebCore::IntSize>&&, WTF::CompletionHandler<void ()>&&)::{lambda((auto:1&&)...)#1}&&, std::tuple<WebCore::IntSize>&&, std::integer_sequence<unsigned long, 0ul>) (__t=..., __f=...)
at /usr/bin/../lib/gcc/x86_64-redhat-linux/16/../../../../include/c++/16/tuple:2976
No locals.
#12 apply<(lambda at /home/mcatanzaro/Projects/WebKit/Source/WebKit/Platform/IPC/HandleMessage.h:148:9), std::tuple<WebCore::IntSize> > (
__t=..., __f=...) at /usr/bin/../lib/gcc/x86_64-redhat-linux/16/../../../../include/c++/16/tuple:2991
--Type <RET> for more, q to quit, c to continue without paging--c
No locals.
#13 IPC::callMemberFunction<WebKit::DrawingArea, WebKit::DrawingArea, void(WebCore::IntSize const&, WTF::CompletionHandler<void()>&&), std::tuple<WebCore::IntSize>, void()> (object=<optimized out>, function=<optimized out>, tuple=..., completionHandler=...)
at /home/mcatanzaro/Projects/WebKit/Source/WebKit/Platform/IPC/HandleMessage.h:147
No locals.
#14 IPC::handleMessageAsync<Messages::DrawingArea::UpdateGeometry, IPC::Connection, WebKit::DrawingArea, WebKit::DrawingArea, void(WebCore::IntSize const&, WTF::CompletionHandler<void()>&&)> (connection=..., decoder=..., object=object@entry=0x7ff9a6024300,
function=<optimized out>) at /home/mcatanzaro/Projects/WebKit/Source/WebKit/Platform/IPC/HandleMessage.h:553
arguments = std::optional containing std::tuple containing = {[0] = {m_width = 815, m_height = 0}}
completionHandler = {m_function = {m_callableWrapper = std::unique_ptr<WTF::Detail::CallableWrapperBase<UNKNOWN_TYPE>> = {
get() = 0x7ff9a61f5fe0}}, m_callThread = {<No data fields>}}
replyID = Python Exception <class 'gdb.error'>: value has been optimized out
{<std::_Optional_base<WTF::ObjectIdentifierGeneric<IPC::AsyncReplyIDType, WTF::ObjectIdentifierThreadSafeAccessTraits<unsigned long>, unsigned long>, 1, 1>> = {
_M_payload = {<std::_Optional_payload_base<WTF::ObjectIdentifierGeneric<IPC::AsyncReplyIDType, WTF::ObjectIdentifierThreadSafeAccessTraits<unsigned long>, unsigned long> >> = {_M_payload = {_M_empty = {<No data fields>},
_M_value = {<WTF::ObjectIdentifierGenericBase<unsigned long>> = {
static safeToCompareToHashTableEmptyOrDeletedValue = true, m_identifier = 106},
static m_generationProtected = false}},
_M_engaged = <optimized out>}, <No data fields>}}, <std::_Enable_copy_move<1, 1, 1, 1, std::optional<WTF::ObjectIdentifierGeneric<IPC::AsyncReplyIDType, WTF::ObjectIdentifierThreadSafeAccessTraits<unsigned long>, unsigned long> > >> = {<No data fields>}, <No data fields>}
#15 0x00007ff9cea76c71 in WebKit::DrawingArea::didReceiveMessage (this=0x7ff9a6024300, connection=..., decoder=...)
at /home/mcatanzaro/Projects/WebKit/WebKitBuild/gtk4/DerivedSources/WebKit/DrawingAreaMessageReceiver.cpp:71
protectedThis = {static isRef = <optimized out>, m_ptr = 0x7ff9a6024300}
#16 0x00007ff9ceea755c in IPC::MessageReceiverMap::dispatchMessage (this=<optimized out>, connection=..., decoder=...)
at WTF/Headers/wtf/Ref.h:54
No locals.
#17 0x00007ff9ceeb0d1c in WebKit::AuxiliaryProcess::dispatchMessage (this=this@entry=0x7ff9a6018460, connection=..., decoder=...)
at /home/mcatanzaro/Projects/WebKit/Source/WebKit/Shared/AuxiliaryProcess.cpp:154
No locals.
#18 0x00007ff9ce9ecb96 in WebKit::AuxiliaryProcess::didReceiveMessage (this=0x7ff9a6018460, connection=..., decoder=...)
at /home/mcatanzaro/Projects/WebKit/WebKitBuild/gtk4/DerivedSources/WebKit/AuxiliaryProcessMessageReceiver.cpp:74
protectedThis = {static isRef = <optimized out>, m_ptr = 0x7ff9a6018460}
#19 0x00007ff9cee9e7bb in IPC::Connection::dispatchMessage (this=this@entry=0x7ff9a6054100, decoder=...)
at /home/mcatanzaro/Projects/WebKit/Source/WebKit/Platform/IPC/Connection.cpp:1421
client = {static isRefPtr = <optimized out>, m_ptr = 0x7ff9a6018460}
#20 0x00007ff9cee9ea22 in IPC::Connection::dispatchMessage (this=0x7ff9a6054100, message=...)
at /home/mcatanzaro/Projects/WebKit/Source/WebKit/Platform/IPC/Connection.cpp:1481
oldDidReceiveInvalidMessage = false
isDispatchingMessageWhileWaitingForSyncReply = <optimized out>
didReceiveInvalidMessage = <optimized out>
#21 0x00007ff9cee9eb31 in IPC::Connection::dispatchOneIncomingMessage (this=<optimized out>)
at /home/mcatanzaro/Projects/WebKit/Source/WebKit/Platform/IPC/Connection.cpp:1555
message = std::unique_ptr<IPC::Decoder> = {get() = 0x0}
#22 0x00007ff9ca9f2925 in WTF::Function<void()>::operator() (this=0x7ffda93ae090)
at /home/mcatanzaro/Projects/WebKit/Source/WTF/wtf/Function.h:103
No locals.
#23 WTF::RunLoop::performWork (this=this@entry=0x7ff9a6018110) at /home/mcatanzaro/Projects/WebKit/Source/WTF/wtf/RunLoop.cpp:145
function = <optimized out>
didSuspendFunctions = false
#24 0x00007ff9caab71e9 in WTF::RunLoop::RunLoop()::$_0::operator()(void*) const (userData=0x7ffda93ad8c8, userData@entry=0x7ff9a6018110,
this=<optimized out>) at /home/mcatanzaro/Projects/WebKit/Source/WTF/wtf/glib/RunLoopGLib.cpp:153
No locals.
#25 __invoke (userData=0x7ffda93ad8c8, userData@entry=0x7ff9a6018110)
at /home/mcatanzaro/Projects/WebKit/Source/WTF/wtf/glib/RunLoopGLib.cpp:152
No locals.
#26 0x00007ff9caab5d29 in WTF::RunLoop::$_3::operator() (source=0x2322f640, callback=0x7ff9caab71e0 <__invoke()>, userData=0x7ff9a6018110,
this=<optimized out>) at /home/mcatanzaro/Projects/WebKit/Source/WTF/wtf/glib/RunLoopGLib.cpp:116
readyTime = <optimized out>
name = 0x23205f10 "[WebKit] RunLoop work"
runLoopSource = @0x2322f640: {source = {callback_data = 0x2322f900, callback_funcs = 0x7ff9caeb4ba0 <g_source_callback_funcs>,
source_funcs = 0x7ff9cab9cb30 <WTF::RunLoop::s_runLoopSourceFunctions>, ref_count = 3, context = 0x2322f6e0, priority = 100,
flags = 35, source_id = 1, poll_fds = 0x0, prev = 0x0, next = 0x23233e30, name = 0x23205f10 "[WebKit] RunLoop work",
priv = 0x2322f880}, runLoop = 0x7ff9a6018110, timerFd = -1, timerFdSpec = {it_interval = {tv_sec = 0, tv_nsec = 0},
it_value = {tv_sec = 0, tv_nsec = 0}}}
returnValue = <optimized out>
shouldEnableSourceDispatchSignposts = false
#27 __invoke (source=0x2322f640, callback=0x7ff9caab71e0 <__invoke()>, userData=0x7ff9a6018110)
at /home/mcatanzaro/Projects/WebKit/Source/WTF/wtf/glib/RunLoopGLib.cpp:89
No locals.
#28 0x00007ff9cad7362c in g_main_dispatch (context=0x2322f6e0) at ../../../../Projects/glib/glib/gmain.c:3591
dispatch = 0x7ff9caab5c70 <__invoke()>
prev_source = 0x0
begin_time_nsec = 30214578368426
was_in_call = 0
user_data = 0x7ff9a6018110
callback = 0x7ff9caab71e0 <__invoke()>
cb_funcs = 0x7ff9caeb4ba0 <g_source_callback_funcs>
cb_data = 0x2322f900
need_destroy = 0
source = 0x2322f640
current = 0x23201bf0
i = 0
__func__ = "g_main_dispatch"
#29 0x00007ff9cad74a77 in g_main_context_dispatch_unlocked (context=0x2322f6e0) at ../../../../Projects/glib/glib/gmain.c:4451
No locals.
#30 0x00007ff9cad74a41 in g_main_context_dispatch (context=0x2322f6e0) at ../../../../Projects/glib/glib/gmain.c:4439
No locals.
#31 0x00007ff9caab63c3 in WTF::RunLoop::runGLibMainLoopIteration (this=this@entry=0x7ff9a6018110,
mayBlock=mayBlock@entry=WTF::RunLoop::MayBlock::Yes) at /home/mcatanzaro/Projects/WebKit/Source/WTF/wtf/glib/RunLoopGLib.cpp:191
maxPriority = 100
timeoutInMilliseconds = 0
numFDs = <optimized out>
#32 0x00007ff9caab66ca in WTF::RunLoop::runGLibMainLoop (this=0x7ff9a6018110)
at /home/mcatanzaro/Projects/WebKit/Source/WTF/wtf/glib/RunLoopGLib.cpp:200
No locals.
#33 WTF::RunLoop::run () at /home/mcatanzaro/Projects/WebKit/Source/WTF/wtf/glib/RunLoopGLib.cpp:213
runLoop = {static isRef = <optimized out>, m_ptr = 0x7ff9a6018110}
#34 0x00007ff9cf499913 in WebKit::AuxiliaryProcessMainBase<WebKit::WebProcess, true>::run (this=0x7ffda93ae2a0, argc=<optimized out>,
argv=<optimized out>) at /home/mcatanzaro/Projects/WebKit/Source/WebKit/Shared/AuxiliaryProcessMain.h:77
No locals.
#35 WebKit::AuxiliaryProcessMain<WebKit::WebProcessMainGtk> (argc=3, argv=<optimized out>)
at /home/mcatanzaro/Projects/WebKit/Source/WebKit/Shared/AuxiliaryProcessMain.h:103
auxiliaryMain = {m_storage = {m_storage = {data = {224, 38, 43, 210, 249, 127, 0 <repeats 26 times>, 10, 0, 0, 0, 0, 0, 0, 0, 1,
0, 0, 0, 0, 0, 0, 0, 255, 255, 255, 255, 1, 0 <repeats 19 times>}}}}
#36 0x00007ff9c5e08681 in __libc_start_call_main (main=main@entry=0x201890 <main(int, char**)>, argc=argc@entry=3,
argv=argv@entry=0x7ffda93ae448) at ../sysdeps/nptl/libc_start_call_main.h:59
self = <optimized out>
result = <optimized out>
unwind_buf = {cancel_jmp_buf = {{jmp_buf = {0, -3814188971436946901, 140727442662472, 3, 140710954594304, 2107648,
-3814188971449529813, -3811840915947664853}, mask_was_saved = 0}}, priv = {pad = {0x0, 0x0, 0x0, 0x7ffda93ae448}, data = {
prev = 0x0, cleanup = 0x0, canceltype = 0}}}
not_first_call = <optimized out>
#37 0x00007ff9c5e08798 in __libc_start_main_impl (main=0x201890 <main(int, char**)>, argc=3, argv=0x7ffda93ae448, init=<optimized out>,
fini=<optimized out>, rtld_fini=<optimized out>, stack_end=0x7ffda93ae438) at ../csu/libc-start.c:360
No locals.
#38 0x00000000002017c5 in _start ()
No symbol table info available.
| Attachments | ||
|---|---|---|
| Add attachment proposed patch, testcase, etc. |
Michael Catanzaro
Good news! It was easy to bisect.
603ace503c08e9f648f95eb6dde1d3a638f21616 is the first bad commit
commit 603ace503c08e9f648f95eb6dde1d3a638f21616
Author: Carlos Garcia Campos <cgarcia@igalia.com>
Date: Tue Feb 24 03:27:12 2026 -0800
[GTK][WPE] Non-composited renderer should not wait for UI process frame done notification to start rendering the next frame
https://bugs.webkit.org/show_bug.cgi?id=308464
Reviewed by Nikolas Zimmermann.
We need to wait until frame done notification from UI process to send the next
frame message, but it can be rendered already. This patch splits didRenderFrame()
moving the Frame message notification to sendFrame() method. This
allows the non-composited renderer to render the next frame and notify
later when waiting for previous frame done.
* Source/WebKit/WebProcess/WebPage/CoordinatedGraphics/AcceleratedSurface.cpp:
(WebKit::AcceleratedSurface::RenderTargetShareableBuffer::sendFrame):
(WebKit::AcceleratedSurface::RenderTargetSHMImage::didRenderFrame):
(WebKit::AcceleratedSurface::RenderTargetSHMImageWithoutGL::sendFrame):
(WebKit::AcceleratedSurface::RenderTargetWPEBackend::didRenderFrame):
(WebKit::AcceleratedSurface::SwapChain::handleBufferFormatChangeIfNeeded):
(WebKit::AcceleratedSurface::SwapChain::nextTarget):
(WebKit::AcceleratedSurface::willDestroyGLContext):
(WebKit::AcceleratedSurface::willRenderFrame):
(WebKit::AcceleratedSurface::didRenderFrame):
(WebKit::AcceleratedSurface::sendFrame):
(WebKit::AcceleratedSurface::frameDone):
(WebKit::AcceleratedSurface::RenderTargetShareableBuffer::didRenderFrame): Deleted.
(WebKit::AcceleratedSurface::RenderTargetSHMImageWithoutGL::didRenderFrame): Deleted.
* Source/WebKit/WebProcess/WebPage/CoordinatedGraphics/AcceleratedSurface.h:
* Source/WebKit/WebProcess/WebPage/CoordinatedGraphics/NonCompositedFrameRenderer.cpp:
(WebKit::NonCompositedFrameRenderer::sizeDidChange):
(WebKit::NonCompositedFrameRenderer::scheduleRenderingUpdate):
(WebKit::NonCompositedFrameRenderer::canUpdateRendering const):
(WebKit::NonCompositedFrameRenderer::updateRendering):
(WebKit::NonCompositedFrameRenderer::finishRenderingUpdate):
(WebKit::NonCompositedFrameRenderer::frameComplete):
(WebKit::NonCompositedFrameRenderer::updateRenderingWithForcedRepaint):
* Source/WebKit/WebProcess/WebPage/CoordinatedGraphics/NonCompositedFrameRenderer.h:
* Source/WebKit/WebProcess/WebPage/CoordinatedGraphics/ThreadedCompositor.cpp:
(WebKit::ThreadedCompositor::renderLayerTree):
Canonical link: https://commits.webkit.org/308116@main
Source/WebKit/WebProcess/WebPage/CoordinatedGraphics/AcceleratedSurface.cpp | 57 ++++++++++++++++++++++++++++++++++---------------
Source/WebKit/WebProcess/WebPage/CoordinatedGraphics/AcceleratedSurface.h | 14 +++++++-----
Source/WebKit/WebProcess/WebPage/CoordinatedGraphics/NonCompositedFrameRenderer.cpp | 39 +++++++++++++++++++++++----------
Source/WebKit/WebProcess/WebPage/CoordinatedGraphics/NonCompositedFrameRenderer.h | 4 +++-
Source/WebKit/WebProcess/WebPage/CoordinatedGraphics/ThreadedCompositor.cpp | 1 +
5 files changed, 81 insertions(+), 34 deletions(-)
Carlos Garcia Campos
Pull request: https://github.com/WebKit/WebKit/pull/64341
EWS
Committed 312680@main (cf5c74d947a1): <https://commits.webkit.org/312680@main>
Reviewed commits have been landed. Closing PR #64341 and removing active labels.