WorkQueue::handleCallback was called after WorkQueue::unregisterAndCloseHandle.
Created attachment 342080 [details] WIP - first trial
It's easy to reproduce this crash by using TestWebKit.
Fujihiro> Question about your patch. This removes the consideration mentioned here: // We're going to make a blocking call to ::UnregisterWaitEx before closing the handle. (The // blocking version of ::UnregisterWaitEx is much simpler than the non-blocking version.) If we // do this on the current thread, we'll deadlock if we're currently in a callback function for // the wait we're unregistering. So instead we do it asynchronously on some other worker thread. I'm not sure this happens in actual use case, but it seems possible. To solve that, how about adding a invalid flag to WorkItemContext? Then we can avoid invocation in a handleCallback after unregisterAndCloseHandle.
Year. My patch doesn't do thinkgs right. But, it works for me at least for running WinCairo WK2 stably.
This bug will be handled in https://bugs.webkit.org/show_bug.cgi?id=186582 .