167545 – [Threaded Compositor] Crash when deleting the compositor run loop

RESOLVED FIXED Bug 167545

[Threaded Compositor] Crash when deleting the compositor run loop

https://bugs.webkit.org/show_bug.cgi?id=167545

Summary [Threaded Compositor] Crash when deleting the compositor run loop

Carlos Garcia Campos

Reported 2017-01-28 01:01:55 PST

I've seen this in bots: Thread 1 (Thread 0x7ff68447c940 (LWP 18142)): #0 0x00007ff68a721067 in __GI_raise (sig=sig@entry=6) at ../nptl/sysdeps/unix/sysv/linux/raise.c:56 #1 0x00007ff68a722448 in __GI_abort () at abort.c:89 #2 0x00007ff68ccc1105 in g_assertion_message () at /home/slave/webkitgtk/gtk-linux-64-release-tests/build/WebKitBuild/DependenciesGTK/Source/glib-2.44.1/glib/gtestutils.c:2356 #3 0x00007ff68ccc118a in g_assertion_message_expr () at /home/slave/webkitgtk/gtk-linux-64-release-tests/build/WebKitBuild/DependenciesGTK/Source/glib-2.44.1/glib/gtestutils.c:2371 #4 0x00007ff68cc8b1be in g_hash_table_lookup_node () at /home/slave/webkitgtk/gtk-linux-64-release-tests/build/WebKitBuild/DependenciesGTK/Source/glib-2.44.1/glib/ghash.c:373 #5 g_hash_table_remove_internal () at /home/slave/webkitgtk/gtk-linux-64-release-tests/build/WebKitBuild/DependenciesGTK/Source/glib-2.44.1/glib/ghash.c:1352 #6 0x00007ff68cc991a8 in g_source_unref_internal () at /home/slave/webkitgtk/gtk-linux-64-release-tests/build/WebKitBuild/DependenciesGTK/Source/glib-2.44.1/glib/gmain.c:2009 #7 0x00007ff6936e2b9d in WebKit::CompositingRunLoop::~CompositingRunLoop() () from /home/slave/webkitgtk/gtk-linux-64-release/build/WebKitBuild/Release/lib/libwebkit2gtk-4.0.so.37 #8 0x00007ff6936e4734 in WebKit::ThreadedCompositor::invalidate() () from /home/slave/webkitgtk/gtk-linux-64-release/build/WebKitBuild/Release/lib/libwebkit2gtk-4.0.so.37 #9 0x00007ff6936ee350 in WebKit::ThreadedCoordinatedLayerTreeHost::invalidate() () from /home/slave/webkitgtk/gtk-linux-64-release/build/WebKitBuild/Release/lib/libwebkit2gtk-4.0.so.37 #10 0x00007ff6936d09bb in WebKit::DrawingAreaImpl::exitAcceleratedCompositingMode() () from /home/slave/webkitgtk/gtk-linux-64-release/build/WebKitBuild/Release/lib/libwebkit2gtk-4.0.so.37 #11 0x00007ff6913718aa in WTF::RunLoop::TimerBase::TimerBase(WTF::RunLoop&)::{lambda(void*)#1}::_FUN(void*) () from /home/slave/webkitgtk/gtk-linux-64-release/build/WebKitBuild/Release/lib/libjavascriptcoregtk-4.0.so.18 #12 0x00007ff68cc9becd in g_main_dispatch () at /home/slave/webkitgtk/gtk-linux-64-release-tests/build/WebKitBuild/DependenciesGTK/Source/glib-2.44.1/glib/gmain.c:3122 #13 g_main_context_dispatch () at /home/slave/webkitgtk/gtk-linux-64-release-tests/build/WebKitBuild/DependenciesGTK/Source/glib-2.44.1/glib/gmain.c:3737 #14 0x00007ff68cc9c268 in g_main_context_iterate () at /home/slave/webkitgtk/gtk-linux-64-release-tests/build/WebKitBuild/DependenciesGTK/Source/glib-2.44.1/glib/gmain.c:3808 #15 0x00007ff68cc9c582 in g_main_loop_run () at /home/slave/webkitgtk/gtk-linux-64-release-tests/build/WebKitBuild/DependenciesGTK/Source/glib-2.44.1/glib/gmain.c:4002 #16 0x00007ff691371c50 in WTF::RunLoop::run() () from /home/slave/webkitgtk/gtk-linux-64-release/build/WebKitBuild/Release/lib/libjavascriptcoregtk-4.0.so.18 #17 0x00007ff6936d71e2 in WebProcessMainUnix () from /home/slave/webkitgtk/gtk-linux-64-release/build/WebKitBuild/Release/lib/libwebkit2gtk-4.0.so.37 #18 0x00007ff68a70db45 in __libc_start_main (main=0x400bf0 <main>, argc=2, argv=0x7fff81f67e88, init=<optimized out>, fini=<optimized out>, rtld_fini=<optimized out>, stack_end=0x7fff81f67e78) at libc-start.c:287 #19 0x0000000000400c45 in _start () The problem is that we are releasing the WorkQueue before the update timer that keeps a reference to the run loop, destroyed by the WorkQueue

Attachments
Patch (1.99 KB, patch) 2017-01-28 01:13 PST, Carlos Garcia Campos	mcatanzaro: review+	Details Formatted Diff Diff
View All Add attachment proposed patch, testcase, etc.

Carlos Garcia Campos

Comment 1 2017-01-28 01:13:56 PST

Created attachment 300012 [details] Patch

WebKit Commit Bot

Comment 2 2017-01-28 01:15:56 PST

Attachment 300012 [details] did not pass style-queue: ERROR: Source/WebKit2/Shared/CoordinatedGraphics/threadedcompositor/CompositingRunLoop.cpp:126: More than one command on the same line [whitespace/newline] [4] Total errors found: 1 in 2 files If any of these errors are false positives, please file a bug against check-webkit-style.

Michael Catanzaro

Comment 3 2017-01-28 12:38:33 PST

Comment on attachment 300012 [details] Patch :/

Carlos Garcia Campos

Comment 4 2017-01-28 23:17:05 PST

Committed r211347: <http://trac.webkit.org/changeset/211347>

Note You need to log in before you can comment on or make changes to this bug.

Status RESOLVED

Resolution FIXED

Priority P2

Severity Normal

Classification Unclassified

Version WebKit Local Build

Hardware Unspecified

OS Unspecified

Product WebKit

Component WebKitGTK

Assignee

Nobody

Reported

2017-01-28 01:01 PST

Modified

2017-01-28 23:17 PST History

CC List

2 users Show

URL

Keywords Gtk

Depends on

Blocks