[Webkit-unassigned] [Bug 254117] [GTK] UI process crash in AcceleratedBackingStoreWayland::tryEnsureTexture
bugzilla-daemon at webkit.org
bugzilla-daemon at webkit.org
Wed Mar 22 10:46:31 PDT 2023
https://bugs.webkit.org/show_bug.cgi?id=254117
--- Comment #10 from Alejandro G. Castro <alex at igalia.com> ---
(In reply to Michael Catanzaro from comment #9)
>
> [...]
>
> Unfortunately we don't really know what's going on when freening the "16
> bytes inside a block of size 48 free'd" due to all the ??? frames due to
> broken debuginfo. However, that's the dispatch callback of
> WS::ServerSource::s_sourceFuncs, so surely it's being deleted during the
> call to wl_event_loop_dispatch. That doesn't really tell us as much as I had
> hoped, though. :/
Thanks for the information Michael! I think it kind of goes in the direction that we suspected, the gtk code that runs in the loop waiting to generate a new snapshot is not protected for the situation where the export is already gone because wayland decided to destroy it. Hopefully we can write a patch where we can check if the export is there or even stop the previous rendering signals if the destruction happens. We have a very similar code in cog gtk4 backend, so we should try to check both.
I hope we can confirm this sooner than later.
--
You are receiving this mail because:
You are the assignee for the bug.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.webkit.org/pipermail/webkit-unassigned/attachments/20230322/7e880746/attachment.htm>
More information about the webkit-unassigned
mailing list