[Webkit-unassigned] [Bug 242031] New: [GPU Process] RemoteRenderingBackend has to explicitly stop IOSurfacePool::m_collectionTimer before destruction

Mon Jun 27 09:57:43 PDT 2022

https://bugs.webkit.org/show_bug.cgi?id=242031

            Bug ID: 242031
           Summary: [GPU Process] RemoteRenderingBackend has to explicitly
                    stop IOSurfacePool::m_collectionTimer before
                    destruction
           Product: WebKit
           Version: WebKit Nightly Build
          Hardware: Unspecified
                OS: Unspecified
            Status: NEW
          Severity: Normal
          Priority: P2
         Component: Layout and Rendering
          Assignee: webkit-unassigned at lists.webkit.org
          Reporter: sabouhallawa at apple.com
                CC: bfulgham at webkit.org, simon.fraser at apple.com,
                    zalan at apple.com

RemoteRenderingBackend can be destroyed by RemoteGraphicsContextGL on the StreamConnection WorkQueue. Because RemoteRenderingBackend now owns an IOSurfacePool, this IOSurfacePool can be destroyed on the StreamConnection WorkQueue also. At the same time the handler of IOSurfacePool::m_collectionTimer can be called on the main thread. This leads to accessing null IOSurfaces in IOSurfacePool::collectionTimerFired().

-- 
You are receiving this mail because:
You are the assignee for the bug.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.webkit.org/pipermail/webkit-unassigned/attachments/20220627/9bc037a5/attachment.htm>