[Webkit-unassigned] [Bug 246460] New: Crash in Nicosia::CompositionLayer::updateState
bugzilla-daemon at webkit.org
bugzilla-daemon at webkit.org
Thu Oct 13 08:10:32 PDT 2022
https://bugs.webkit.org/show_bug.cgi?id=246460
Bug ID: 246460
Summary: Crash in Nicosia::CompositionLayer::updateState
Product: WebKit
Version: WebKit Nightly Build
Hardware: PC
OS: Linux
Status: NEW
Severity: Normal
Priority: P2
Component: WebKitGTK
Assignee: webkit-unassigned at lists.webkit.org
Reporter: mcatanzaro at gnome.org
CC: bugs-noreply at webkitgtk.org, magomez at igalia.com,
zdobersek at igalia.com
Blocks: 210100
I think this SIGSEGV is somehow a GTK 4 regression, because I don't remember seeing this with GTK 3:
(gdb) bt
#0 std::__atomic_base<unsigned char>::compare_exchange_weak(unsigned char&, unsigned char, std::memory_order, std::memory_order)
(__m2=std::memory_order::acquire, __m1=std::memory_order::acquire, __i2=1 '\001', __i1=<synthetic pointer>: 0 '\000', this=0x18) at /usr/include/c++/12.1.0/bits/atomic_base.h:521
#1 std::__atomic_base<unsigned char>::compare_exchange_weak(unsigned char&, unsigned char, std::memory_order)
(__m=std::memory_order::acquire, __i2=1 '\001', __i1=<synthetic pointer>: 0 '\000', this=0x18)
at /usr/include/c++/12.1.0/bits/atomic_base.h:542
#2 WTF::Atomic<unsigned char>::compareExchangeWeak(unsigned char, unsigned char, std::memory_order)
(order=std::memory_order::acquire, desired=1 '\001', expected=0 '\000', this=0x18)
at /usr/lib/debug/source/sdk/webkit2gtk-5.0.bst/_builddir/WTF/Headers/wtf/Atomics.h:89
#3 WTF::LockAlgorithm<unsigned char, (unsigned char)1, (unsigned char)2, WTF::EmptyLockHooks<unsigned char> >::lockFastAssumingZero(WTF::Atomic<unsigned char>&) (lock=...)
at /usr/lib/debug/source/sdk/webkit2gtk-5.0.bst/_builddir/WTF/Headers/wtf/LockAlgorithm.h:53
#4 WTF::Lock::lock() (this=0x18) at /usr/lib/debug/source/sdk/webkit2gtk-5.0.bst/_builddir/WTF/Headers/wtf/Lock.h:65
#5 WTF::Locker<WTF::Lock>::Locker(WTF::Lock&) (lock=..., this=<synthetic pointer>)
at /usr/lib/debug/source/sdk/webkit2gtk-5.0.bst/_builddir/WTF/Headers/wtf/Lock.h:158
#6 Nicosia::CompositionLayer::updateState<WebCore::ScrollingTreeFixedNode::applyLayerPositions()::<lambda(Nicosia::CompositionLayer::LayerState&)> > (functor=<optimized out>, this=0x0)
at /usr/lib/debug/source/sdk/webkit2gtk-5.0.bst/Source/WebCore/platform/graphics/nicosia/NicosiaPlatformLayer.h:212
#7 WebCore::ScrollingTreeFixedNode::applyLayerPositions() (this=<optimized out>)
at /usr/lib/debug/source/sdk/webkit2gtk-5.0.bst/Source/WebCore/page/scrolling/nicosia/ScrollingTreeFixedNode.cpp:135
#8 0x00007f89a3dbd0f5 in WebCore::ScrollingTree::applyLayerPositionsRecursive(WebCore::ScrollingTreeNode&)
(this=0x7f8992104640, node=...)
at /usr/lib/debug/source/sdk/webkit2gtk-5.0.bst/Source/WebCore/page/scrolling/ScrollingTree.cpp:467
#9 0x00007f89a3dbd43f in WebCore::ScrollingTree::applyLayerPositionsRecursive(WebCore::ScrollingTreeNode&)
(node=<optimized out>, this=0x7f8992104640)
at /usr/lib/debug/source/sdk/webkit2gtk-5.0.bst/Source/WebCore/page/scrolling/ScrollingTree.cpp:470
#10 WebCore::ScrollingTree::applyLayerPositionsInternal() (this=0x7f8992104640)
at /usr/lib/debug/source/sdk/webkit2gtk-5.0.bst/Source/WebCore/page/scrolling/ScrollingTree.cpp:462
#11 WebCore::ScrollingTree::applyLayerPositions() (this=0x7f8992104640)
at /usr/lib/debug/source/sdk/webkit2gtk-5.0.bst/Source/WebCore/page/scrolling/ScrollingTree.cpp:453
#12 0x00007f89a3d2f585 in WebCore::Page::finalizeRenderingUpdate(WTF::OptionSet<WebCore::FinalizeRenderingUpdateFlags>) (this=0x7f89920e4680, flags=...) at /usr/lib/debug/source/sdk/webkit2gtk-5.0.bst/Source/WebCore/page/Page.cpp:1851
#13 0x00007f89a2704abd in WebKit::WebPage::finalizeRenderingUpdate(WTF::OptionSet<WebCore::FinalizeRenderingUpdateFlags>) (this=<optimized out>, flags=..., flags at entry=...)
at /usr/lib/debug/source/sdk/webkit2gtk-5.0.bst/Source/WebKit/WebProcess/WebPage/WebPage.cpp:4457
#14 0x00007f89a273b103 in WebKit::CompositingCoordinator::flushPendingLayerChanges(WTF::OptionSet<WebCore::FinalizeRenderingUpdateFlags>) (this=0x7f8992157620, flags=...)
at /usr/lib/debug/source/sdk/webkit2gtk-5.0.bst/Source/WebKit/WebProcess/WebPage/CoordinatedGraphics/CompositingCoordinator.cpp:134
#15 0x00007f89a2740d3b in WebKit::LayerTreeHost::layerFlushTimerFired() (this=0x7f8992157520)
at /usr/lib/debug/source/sdk/webkit2gtk-5.0.bst/Source/WebKit/WebProcess/WebPage/CoordinatedGraphics/LayerTreeHost.cpp:157
#16 WebKit::LayerTreeHost::layerFlushTimerFired() (this=0x7f8992157520)
at /usr/lib/debug/source/sdk/webkit2gtk-5.0.bst/Source/WebKit/WebProcess/WebPage/CoordinatedGraphics/LayerTreeHost.cpp:136
#17 0x00007f89a126b545 in operator() (__closure=0x0, userData=0x7f89921575f0)
at /usr/lib/debug/source/sdk/webkit2gtk-5.0.bst/Source/WTF/wtf/glib/RunLoopGLib.cpp:177
#18 _FUN(gpointer) () at /usr/lib/debug/source/sdk/webkit2gtk-5.0.bst/Source/WTF/wtf/glib/RunLoopGLib.cpp:181
#19 0x00007f89a126bd4d in operator()
(__closure=0x0, userData=0x7f89921575f0, callback=0x7f89a126b4d0 <_FUN(gpointer)>, source=0x55b2eadb6830) at /usr/lib/debug/source/sdk/webkit2gtk-5.0.bst/Source/WTF/wtf/glib/RunLoopGLib.cpp:53
#20 _FUN(GSource*, GSourceFunc, gpointer) () at /usr/lib/debug/source/sdk/webkit2gtk-5.0.bst/Source/WTF/wtf/glib/RunLoopGLib.cpp:56
#21 0x00007f899dcaf661 in g_main_dispatch (context=<optimized out>) at ../glib/gmain.c:3444
#22 g_main_context_dispatch (context=<optimized out>) at ../glib/gmain.c:4162
#23 0x00007f899dcafbb8 in g_main_context_iterate (context=0x55b2eab6b870, block=block at entry=1, dispatch=dispatch at entry=1, self=<optimized out>) at ../glib/gmain.c:4238
#24 0x00007f899dcafe9f in g_main_loop_run (loop=0x55b2eab666a0) at ../glib/gmain.c:4438
#25 0x00007f89a126beb0 in WTF::RunLoop::run() () at /usr/lib/debug/source/sdk/webkit2gtk-5.0.bst/Source/WTF/wtf/glib/RunLoopGLib.cpp:108
#26 0x00007f89a274cc6f in WebKit::AuxiliaryProcessMainBase<WebKit::WebProcess, true>::run(int, char**) (argc=3, argv=0x7ffedd33e4e8, this=0x7ffedd33e350) at /usr/lib/debug/source/sdk/webkit2gtk-5.0.bst/Source/WebKit/Shared/AuxiliaryProcessMain.h:71
#27 WebKit::AuxiliaryProcessMainBase<WebKit::WebProcess, true>::run(int, char**) (argv=0x7ffedd33e4e8, argc=3, this=0x7ffedd33e350) at /usr/lib/debug/source/sdk/webkit2gtk-5.0.bst/Source/WebKit/Shared/AuxiliaryProcessMain.h:58
#28 WebKit::AuxiliaryProcessMain<WebKit::WebProcessMainGtk>(int, char**) (argc=3, argv=0x7ffedd33e4e8) at /usr/lib/debug/source/sdk/webkit2gtk-5.0.bst/Source/WebKit/Shared/AuxiliaryProcessMain.h:97
#29 0x00007f89a16e454a in __libc_start_call_main (main=main at entry=0x55b2ea596060 <main>, argc=argc at entry=3, argv=argv at entry=0x7ffedd33e4e8) at ../sysdeps/nptl/libc_start_call_main.h:58
#30 0x00007f89a16e460b in __libc_start_main_impl (main=0x55b2ea596060 <main>, argc=3, argv=0x7ffedd33e4e8, init=<optimized out>, fini=<optimized out>, rtld_fini=<optimized out>, stack_end=<optimized out>) at ../csu/libc-start.c:389
#31 0x000055b2ea596095 in _start ()
Referenced Bugs:
https://bugs.webkit.org/show_bug.cgi?id=210100
[Bug 210100] [META][GTK][GTK4] Support GTK4
--
You are receiving this mail because:
You are the assignee for the bug.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.webkit.org/pipermail/webkit-unassigned/attachments/20221013/172a25fe/attachment-0001.htm>
More information about the webkit-unassigned
mailing list