Bug 42826

Summary: Crash in thread pool because WorkQueue keeps waiting on closed HANDLEs
Product: WebKit Reporter: Adam Roben (:aroben) <aroben>
Component: WebKit2Assignee: Nobody <webkit-unassigned>
Status: RESOLVED FIXED    
Severity: Normal CC: abarth, andersca, eric, sam, webkit.review.bot
Priority: P2 Keywords: InRadar, PlatformOnly
Version: 528+ (Nightly build)   
Hardware: PC   
OS: Windows XP   
Bug Depends on: 43150    
Bug Blocks:    
Attachments:
Description Flags
Teach WorkQueue how to stop waiting on objects on Windows
none
Teach WorkQueue how to stop waiting on objects on Windows andersca: review+

Adam Roben (:aroben)
Reported 2010-07-22 08:17:04 PDT
There's no way to tell WorkQueue to stop waiting on a particular HANDLE. This means that users of WorkQueue either have to leak their HANDLEs (yuck) or close their HANDLEs while WorkQueue is still waiting on them, which leads to crashes in WaitForMultipleObjects (also yuck). We should add a way to tell WorkQueue to stop waiting on a particular handle so that it can be closed.
Attachments
Teach WorkQueue how to stop waiting on objects on Windows (8.48 KB, patch)
2010-08-27 12:35 PDT, Adam Roben (:aroben) 		no flags
DetailsFormatted DiffDiff
Teach WorkQueue how to stop waiting on objects on Windows (10.85 KB, patch)
2010-09-08 13:50 PDT, Adam Roben (:aroben) 		andersca: review+
DetailsFormatted DiffDiff
Show Obsolete (1) View All Add attachment proposed patch, testcase, etc.
Adam Roben (:aroben)
Comment 1 2010-07-22 08:30:42 PDT
It's possible that this is a cause of bug 42785. See discussion in that bug for more details.
Adam Roben (:aroben)
Comment 2 2010-07-22 08:31:49 PDT
<rdar://problem/8222253>
Adam Roben (:aroben)
Comment 3 2010-07-22 08:39:15 PDT
See bug 42785 comments 1 through 8.
Adam Roben (:aroben)
Comment 4 2010-07-22 08:40:41 PDT
(In reply to bug 42785 comment #8) > I think using a pair of events will work. The first event will be used to tell the work queue thread to stop waiting. The second event will be used to tell the main thread that waiting has stopped. Anders informed me that this is not a good strategy. Waiting on the work queue thread is dangerous because the work queue thread might wait on the first thread, resulting in a deadlock. I think adding an unregisterAndCloseHandle function to WorkQueue might be the way to go. We'd add the handle to a m_handlesToClose Vector and signal m_performWorkEvent. Then the work queue thread would close all handles in m_handlesToClose when it wakes up.
Adam Roben (:aroben)
Comment 5 2010-07-26 14:00:45 PDT
Fixing this doesn't seem to fix bug 42785.
Adam Roben (:aroben)
Comment 6 2010-08-18 10:16:08 PDT
*** Bug 43148 has been marked as a duplicate of this bug. ***
Adam Roben (:aroben)
Comment 7 2010-08-18 14:56:00 PDT
I've been working on switching over to using an I/O completion port in WorkQueue. This would make it unnecessary to unregister a HANDLE; you can just close it and stop worrying. However, I'm seeing spurious reads in the web process. I.e., the web process will request 1 byte of the next message from the pipe, and then will be told that 207 bytes were read. This doesn't make any sense! Windows shouldn't be reading more than we asked it to; where would it store the data?
Adam Roben (:aroben)
Comment 8 2010-08-27 12:26:32 PDT
I'm going to base the fix for this on the fix for bug 43150.
Adam Roben (:aroben)
Comment 9 2010-08-27 12:35:47 PDT
Created attachment 65752 [details] Teach WorkQueue how to stop waiting on objects on Windows
Adam Roben (:aroben)
Comment 10 2010-08-27 14:41:07 PDT
Comment on attachment 65752 [details] Teach WorkQueue how to stop waiting on objects on Windows This patch introduces a crash due to WorkItemWin being destroyed when it is currently being used in handleCallback. To fix this we shouldn't destroy the WorkItemWin until we've unregistered the wait.
Adam Roben (:aroben)
Comment 11 2010-09-08 13:50:32 PDT
Created attachment 66933 [details] Teach WorkQueue how to stop waiting on objects on Windows
Adam Roben (:aroben)
Comment 12 2010-09-08 14:19:03 PDT
Committed r67013: <http://trac.webkit.org/changeset/67013>
WebKit Review Bot
Comment 13 2010-09-08 14:45:52 PDT
http://trac.webkit.org/changeset/67013 might have broken Qt Linux Release The following changes are on the blame list: http://trac.webkit.org/changeset/67013 http://trac.webkit.org/changeset/67014
Note You need to log in before you can comment on or make changes to this bug.