[Webkit-unassigned] [Bug 167559] New: [Threaded Compositor] Crash on WebCore::GLContext::version()

bugzilla-daemon at webkit.org bugzilla-daemon at webkit.org
Sun Jan 29 01:42:11 PST 2017


https://bugs.webkit.org/show_bug.cgi?id=167559

            Bug ID: 167559
           Summary: [Threaded Compositor] Crash on
                    WebCore::GLContext::version()
    Classification: Unclassified
           Product: WebKit
           Version: WebKit Local Build
          Hardware: Unspecified
                OS: Unspecified
            Status: NEW
          Keywords: Gtk
          Severity: Normal
          Priority: P2
         Component: WebKit2
          Assignee: webkit-unassigned at lists.webkit.org
          Reporter: cgarcia at igalia.com
                CC: bugs-noreply at webkitgtk.org

This is happening because TextureMapperPlatformLayerProxy::compositorThreadUpdateTimerFired() is fired after the threaded compositor is deleted. CoordinatedGraphicsScene::purgeGLResources() should invalidate the proxies before clearing the map, and TextureMapperPlatformLayerProxy::invalidate( should delete the timer.

Thread 1 (Thread 0x7f1169316700 (LWP 11064)):
#0  0x00007f1207af67e0 in WebCore::GLContext::version() () from /home/slave/webkitgtk/gtk-linux-64-release/build/WebKitBuild/Release/lib/libwebkit2gtk-4.0.so.37
#1  0x00007f1207afa074 in WebCore::GraphicsContext3D::getExtensions() () from /home/slave/webkitgtk/gtk-linux-64-release/build/WebKitBuild/Release/lib/libwebkit2gtk-4.0.so.37
#2  0x00007f1207b0dba7 in WebCore::GraphicsContext3D::validateDepthStencil(char const*) () from /home/slave/webkitgtk/gtk-linux-64-release/build/WebKitBuild/Release/lib/libwebkit2gtk-4.0.so.37
#3  0x00007f1207af9adf in WebCore::GraphicsContext3D::GraphicsContext3D(WebCore::GraphicsContext3DAttributes, WebCore::HostWindow*, WebCore::GraphicsContext3D::RenderStyle) () from /home/slave/webkitgtk/gtk-linux-64-release/build/WebKitBuild/Release/lib/libwebkit2gtk-4.0.so.37
#4  0x00007f1207af9fcc in WebCore::GraphicsContext3D::create(WebCore::GraphicsContext3DAttributes, WebCore::HostWindow*, WebCore::GraphicsContext3D::RenderStyle) () from /home/slave/webkitgtk/gtk-linux-64-release/build/WebKitBuild/Release/lib/libwebkit2gtk-4.0.so.37
#5  0x00007f1207a86d9b in WebCore::MediaPlayerPrivateGStreamerBase::pushTextureToCompositor() () from /home/slave/webkitgtk/gtk-linux-64-release/build/WebKitBuild/Release/lib/libwebkit2gtk-4.0.so.37
#6  0x00007f1207ad4e80 in WebCore::TextureMapperPlatformLayerProxy::compositorThreadUpdateTimerFired() () from /home/slave/webkitgtk/gtk-linux-64-release/build/WebKitBuild/Release/lib/libwebkit2gtk-4.0.so.37
#7  0x00007f12047bb85a in WTF::RunLoop::TimerBase::TimerBase(WTF::RunLoop&)::{lambda(void*)#1}::_FUN(void*) () from /home/slave/webkitgtk/gtk-linux-64-release/build/WebKitBuild/Release/lib/libjavascriptcoregtk-4.0.so.18
#8  0x00007f12000e5ecd in g_main_dispatch () at /home/slave/webkitgtk/gtk-linux-64-release-tests/build/WebKitBuild/DependenciesGTK/Source/glib-2.44.1/glib/gmain.c:3122
#9  g_main_context_dispatch () at /home/slave/webkitgtk/gtk-linux-64-release-tests/build/WebKitBuild/DependenciesGTK/Source/glib-2.44.1/glib/gmain.c:3737
#10 0x00007f12000e6268 in g_main_context_iterate () at /home/slave/webkitgtk/gtk-linux-64-release-tests/build/WebKitBuild/DependenciesGTK/Source/glib-2.44.1/glib/gmain.c:3808
#11 0x00007f12000e6582 in g_main_loop_run () at /home/slave/webkitgtk/gtk-linux-64-release-tests/build/WebKitBuild/DependenciesGTK/Source/glib-2.44.1/glib/gmain.c:4002
#12 0x00007f12047bbc00 in WTF::RunLoop::run() () from /home/slave/webkitgtk/gtk-linux-64-release/build/WebKitBuild/Release/lib/libjavascriptcoregtk-4.0.so.18
#13 0x00007f12047baa63 in std::_Function_handler<void (), WTF::WorkQueue::platformInitialize(char const*, WTF::WorkQueue::Type, WTF::WorkQueue::QOS)::{lambda()#1}>::_M_invoke(std::_Any_data const&) () from /home/slave/webkitgtk/gtk-linux-64-release/build/WebKitBuild/Release/lib/libjavascriptcoregtk-4.0.so.18
#14 0x00007f1204784345 in WTF::threadEntryPoint(void*) () from /home/slave/webkitgtk/gtk-linux-64-release/build/WebKitBuild/Release/lib/libjavascriptcoregtk-4.0.so.18
#15 0x00007f12047b90ba in WTF::wtfThreadEntryPoint(void*) () from /home/slave/webkitgtk/gtk-linux-64-release/build/WebKitBuild/Release/lib/libjavascriptcoregtk-4.0.so.18
#16 0x00007f12019300a4 in start_thread (arg=0x7f1169316700) at pthread_create.c:309
#17 0x00007f11fdc1e87d in clone () at ../sysdeps/unix/sysv/linux/x86_64/clone.S:111

-- 
You are receiving this mail because:
You are the assignee for the bug.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.webkit.org/pipermail/webkit-unassigned/attachments/20170129/5ef0d73d/attachment.html>


More information about the webkit-unassigned mailing list