WebKit Bugzilla
New
Browse
Log In
×
Sign in with GitHub
or
Remember my login
Create Account
·
Forgot Password
Forgotten password account recovery
RESOLVED FIXED
229228
REGRESSION(
r281102
): ASSERTION FAILED: !isInAcceleratedCompositingMode() in DrawingAreaProxyCoordinatedGraphics::incorporateUpdate
https://bugs.webkit.org/show_bug.cgi?id=229228
Summary
REGRESSION(r281102): ASSERTION FAILED: !isInAcceleratedCompositingMode() in D...
Fujii Hironori
Reported
2021-08-17 23:27:39 PDT
[WinCairo][GraphicsLayerTextureMapper] REGRESSION(
r281102
): ASSERTION FAILED: !isInAcceleratedCompositingMode() in incorporateUpdate WinCairo Debug WK2 is reporting assertion failure since
r281102
. ASSERTION FAILED: !isInAcceleratedCompositingMode() ..\..\Source\WebKit\UIProcess\CoordinatedGraphics\DrawingAreaProxyCoordinatedGraphics.cpp(256) : incorporateUpdate Regressions: Unexpected crashes (7) animations/animation-direction-reverse-non-hardware.html [ Crash ] animations/animation-direction-reverse-timing-functions.html [ Crash ] animations/animation-hit-test.html [ Crash ] animations/keyframe-timing-functions.html [ Crash ] animations/lineheight-animation.html [ Crash ] animations/missing-from-to.html [ Crash ] animations/multiple-animations-timing-function.html [ Crash ] Callstack:
> WTF!WTFCrash(void)+0xe [C:\jenkins_slave\WinCairo-master\Source\WTF\wtf\Assertions.cpp @ 321] > WebKit2!WTFCrashWithInfo(void)+0x1d [C:\jenkins_slave\WinCairo-master\WebKitBuild\Debug\WTF\Headers\wtf\Assertions.h @ 703] > WebKit2!WebKit::DrawingAreaProxyCoordinatedGraphics::incorporateUpdate(class WebKit::UpdateInfo * updateInfo = 0x00000040`53afdb38)+0x8c [C:\jenkins_slave\WinCairo-master\Source\WebKit\UIProcess\CoordinatedGraphics\DrawingAreaProxyCoordinatedGraphics.cpp @ 256] > WebKit2!WebKit::DrawingAreaProxyCoordinatedGraphics::update(unsigned int64 backingStoreStateID = 1, class WebKit::UpdateInfo * updateInfo = 0x00000040`53afdb38)+0x9f [C:\jenkins_slave\WinCairo-master\Source\WebKit\UIProcess\CoordinatedGraphics\DrawingAreaProxyCoordinatedGraphics.cpp @ 176] > WebKit2!IPC::callMemberFunctionImpl<WebKit::DrawingAreaProxy,void (class WebKit::DrawingAreaProxy * object = 0x00000170`0e2ab300, <function> * function = 0x00007ffd`75183940, class std::tuple<unsigned long long,WebKit::UpdateInfo> * args = 0x00000040`53afdb38)+0x80 [C:\jenkins_slave\WinCairo-master\Source\WebKit\Platform\IPC\HandleMessage.h @ 44] > WebKit2!IPC::callMemberFunction<WebKit::DrawingAreaProxy,void (class std::tuple<unsigned long long,WebKit::UpdateInfo> * args = 0x00000040`53afdb38, class WebKit::DrawingAreaProxy * object = 0x00000170`0e2ab300, <function> * function = 0x00007ffd`75183940)+0x61 [C:\jenkins_slave\WinCairo-master\Source\WebKit\Platform\IPC\HandleMessage.h @ 49] > WebKit2!IPC::handleMessage<Messages::DrawingAreaProxy::Update,WebKit::DrawingAreaProxy,void (class IPC::Decoder * decoder = 0x00000170`0e2af390, class WebKit::DrawingAreaProxy * object = 0x00000170`0e2ab300, <function> * function = 0x00007ffd`75183940)+0xc0 [C:\jenkins_slave\WinCairo-master\Source\WebKit\Platform\IPC\HandleMessage.h @ 120] > WebKit2!WebKit::DrawingAreaProxy::didReceiveMessage(class IPC::Connection * connection = 0x00000170`0e228b20, class IPC::Decoder * decoder = 0x00000170`0e2af390)+0x1f4 [C:\jenkins_slave\WinCairo-master\WebKitBuild\Debug\WebKit\DerivedSources\DrawingAreaProxyMessageReceiver.cpp @ 57] > WebKit2!IPC::MessageReceiverMap::dispatchMessage(class IPC::Connection * connection = 0x00000170`0e228b20, class IPC::Decoder * decoder = 0x00000170`0e2af390)+0x1c6 [C:\jenkins_slave\WinCairo-master\Source\WebKit\Platform\IPC\MessageReceiverMap.cpp @ 130] > WebKit2!WebKit::AuxiliaryProcessProxy::dispatchMessage(class IPC::Connection * connection = 0x00000170`0e228b20, class IPC::Decoder * decoder = 0x00000170`0e2af390)+0x2e [C:\jenkins_slave\WinCairo-master\Source\WebKit\UIProcess\AuxiliaryProcessProxy.cpp @ 247] > WebKit2!WebKit::WebProcessProxy::didReceiveMessage(class IPC::Connection * connection = 0x00000170`0e228b20, class IPC::Decoder * decoder = 0x00000170`0e2af390)+0x3a [C:\jenkins_slave\WinCairo-master\Source\WebKit\UIProcess\WebProcessProxy.cpp @ 843] > WebKit2!IPC::Connection::dispatchMessage(class IPC::Decoder * decoder = 0x00000170`0e2af390)+0x14e [C:\jenkins_slave\WinCairo-master\Source\WebKit\Platform\IPC\Connection.cpp @ 1059] > WebKit2!IPC::Connection::dispatchMessage(class std::unique_ptr<IPC::Decoder,std::default_delete<IPC::Decoder> > * message = 0x00000040`53afdfb8 unique_ptr {...})+0x2be [C:\jenkins_slave\WinCairo-master\Source\WebKit\Platform\IPC\Connection.cpp @ 1105] > WebKit2!IPC::Connection::dispatchIncomingMessages(void)+0x249 [C:\jenkins_slave\WinCairo-master\Source\WebKit\Platform\IPC\Connection.cpp @ 1209] > WebKit2!IPC::Connection::enqueueIncomingMessage::<unnamed-tag>::operator()(void)+0x3f [C:\jenkins_slave\WinCairo-master\Source\WebKit\Platform\IPC\Connection.cpp @ 1025] > WebKit2!WTF::Detail::CallableWrapper<`lambda at ..\..\Source\WebKit\Platform\IPC\Connection.cpp:1023:30',void>::call(void)+0x17 [C:\jenkins_slave\WinCairo-master\WebKitBuild\Debug\WTF\Headers\wtf\Function.h @ 53] > WTF!WTF::Function<void (void)+0x84 [C:\jenkins_slave\WinCairo-master\Source\WTF\wtf\Function.h @ 82] > WTF!WTF::RunLoop::performWork(void)+0x14a [C:\jenkins_slave\WinCairo-master\Source\WTF\wtf\RunLoop.cpp @ 134] > WTF!WTF::RunLoop::wndProc(struct HWND__ * hWnd = 0x00000000`262f1f90, unsigned int message = 0x401, unsigned int64 wParam = 0x00000170`0e23fd00, int64 lParam = 0n0)+0x60 [C:\jenkins_slave\WinCairo-master\Source\WTF\wtf\win\RunLoopWin.cpp @ 57] > WTF!WTF::RunLoop::RunLoopWndProc(struct HWND__ * hWnd = 0x00000000`262f1f90, unsigned int message = 0x401, unsigned int64 wParam = 0x00000170`0e23fd00, int64 lParam = 0n0)+0x57 [C:\jenkins_slave\WinCairo-master\Source\WTF\wtf\win\RunLoopWin.cpp @ 39] > USER32!UserCallWinProcCheckWow+0x2f8 > USER32!DispatchMessageWorker+0x249 > WebKitTestRunnerLib!WTR::runRunLoopUntil(bool * condition = 0x00000170`0e24c423, void * object = 0x00000000`00000078, double timeout = -1)+0x242 [C:\jenkins_slave\WinCairo-master\Tools\WebKitTestRunner\win\TestControllerWin.cpp @ 86] > WebKitTestRunnerLib!WTR::TestController::platformRunUntil(bool * condition = 0x00000170`0e24c423, class WTF::Seconds timeout = class WTF::Seconds)+0x4a [C:\jenkins_slave\WinCairo-master\Tools\WebKitTestRunner\win\TestControllerWin.cpp @ 147] > WebKitTestRunnerLib!WTR::TestController::runUntil(bool * done = 0x00000170`0e24c423, class WTF::Seconds timeout = class WTF::Seconds)+0x63 [C:\jenkins_slave\WinCairo-master\Tools\WebKitTestRunner\TestController.cpp @ 1515] > WebKitTestRunnerLib!WTR::TestInvocation::invoke(void)+0x1bd [C:\jenkins_slave\WinCairo-master\Tools\WebKitTestRunner\TestInvocation.cpp @ 169] > WebKitTestRunnerLib!WTR::TestController::runTest(char * inputLine = 0x00000040`53afe9b0 "C:\jenkins_slave\WinCairo-master\LayoutTests\animations\animation-direction-reverse-timing-functions.html'--timeout'30000")+0x219 [C:\jenkins_slave\WinCairo-master\Tools\WebKitTestRunner\TestController.cpp @ 1445] > WebKitTestRunnerLib!WTR::TestController::runTestingServerLoop(void)+0xbe [C:\jenkins_slave\WinCairo-master\Tools\WebKitTestRunner\TestController.cpp @ 1491] > WebKitTestRunnerLib!WTR::TestController::run(void)+0x27 [C:\jenkins_slave\WinCairo-master\Tools\WebKitTestRunner\TestController.cpp @ 1499] > WebKitTestRunnerLib!WTR::TestController::TestController(int argc = 0n2, char ** argv = 0x00000170`0e1f6600)+0x2c3 [C:\jenkins_slave\WinCairo-master\Tools\WebKitTestRunner\TestController.cpp @ 194] > WebKitTestRunnerLib!dllLauncherEntryPoint(int argc = 0n2, char ** argv = 0x00000170`0e1f6600)+0x35 [C:\jenkins_slave\WinCairo-master\Tools\WebKitTestRunner\win\main.cpp @ 34] > WebKitTestRunner!main(int argc = 0n2, char ** argv = 0x00000170`0e1f6600)+0x416 [C:\jenkins_slave\WinCairo-master\Tools\win\DLLLauncher\DLLLauncherMain.cpp @ 223] > WebKitTestRunner!invoke_main+0x22 [D:\agent\_work\13\s\src\vctools\crt\vcstartup\src\startup\exe_common.inl @ 78] > WebKitTestRunner!__scrt_common_main_seh(void)+0x10c [D:\agent\_work\13\s\src\vctools\crt\vcstartup\src\startup\exe_common.inl @ 288] > KERNEL32!BaseThreadInitThunk+0x14 > ntdll!RtlUserThreadStart+0x21
Attachments
debugging patch
(2.96 KB, patch)
2021-08-18 21:16 PDT
,
Fujii Hironori
no flags
Details
Formatted Diff
Diff
the callstack to dispatch Update message before exiting AC mode
(7.13 KB, text/plain)
2021-08-18 21:19 PDT
,
Fujii Hironori
no flags
Details
Patch
(3.26 KB, patch)
2021-08-26 18:52 PDT
,
Fujii Hironori
no flags
Details
Formatted Diff
Diff
Show Obsolete
(2)
View All
Add attachment
proposed patch, testcase, etc.
Fujii Hironori
Comment 1
2021-08-18 21:13:34 PDT
This assertion ensures DrawingAreaProxy::Update message is dispatched only if AC mode. However, DrawingAreaProxy::Update message is dispatched while in AC mod in the following scenario. 1. DrawingAreaCoordinatedGraphics::exitAcceleratedCompositingMode calls DrawingAreaCoordinatedGraphics::display(WebKit::UpdateInfo&) 2. DrawingAreaCoordinatedGraphics::display(WebKit::UpdateInfo&) calls WebPage::updateRendering() 3. WebPage::updateRendering() executes JavaScript 4. JavaScript calls notifyDone 5. WTR::TestRunner::notifyDone calls WKBundlePageForceRepaint 6. DrawingAreaCoordinatedGraphics::display() dispatches the message
Fujii Hironori
Comment 2
2021-08-18 21:16:35 PDT
Created
attachment 435840
[details]
debugging patch This debugging patch * Disables JIT and enables LLInt to show the callstack under JSC. * Adds RELEASE_ASSERT checking DrawingAreaCoordinatedGraphics::display() isn't called while DrawingAreaCoordinatedGraphics::exitAcceleratedCompositingMode().
Fujii Hironori
Comment 3
2021-08-18 21:19:04 PDT
Created
attachment 435842
[details]
the callstack to dispatch Update message before exiting AC mode With the debugging patch (
attachment#435840
[details]
), I got the this callstack.
Radar WebKit Bug Importer
Comment 4
2021-08-26 18:04:16 PDT
<
rdar://problem/82416053
>
Fujii Hironori
Comment 5
2021-08-26 18:52:17 PDT
Created
attachment 436601
[details]
Patch
Fujii Hironori
Comment 6
2021-08-29 13:04:22 PDT
Comment on
attachment 436601
[details]
Patch Clearing flags on attachment: 436601 Committed
r281747
(
241089@main
): <
https://commits.webkit.org/241089@main
>
Fujii Hironori
Comment 7
2021-08-29 13:04:26 PDT
All reviewed patches have been landed. Closing bug.
Note
You need to
log in
before you can comment on or make changes to this bug.
Top of Page
Format For Printing
XML
Clone This Bug