[Webkit-unassigned] [Bug 254117] [GTK] UI process crash in AcceleratedBackingStoreWayland::tryEnsureTexture
bugzilla-daemon at webkit.org
bugzilla-daemon at webkit.org
Wed Mar 22 13:03:32 PDT 2023
https://bugs.webkit.org/show_bug.cgi?id=254117
--- Comment #11 from Pablo Saavedra <psaavedra at igalia.com> ---
OK I was able to reproduce it (or one similar to the one reported by Michael in comment#1 ).
I got the crash by closing epiphany with the https://webkit.org/blog-files/3d-transforms/poster-circle.html open in one tab:
```
Using host libthread_db library "/lib/x86_64-linux-gnu/libthread_db.so.1".
Core was generated by `./bin/epiphany'.
Program terminated with signal SIGBUS, Bus error.
#0 0x00007f350554e2bd in wl_resource_post_event () from /lib/x86_64-linux-gnu/libwayland-server.so.0
[Current thread is 1 (Thread 0x7f35021ccd40 (LWP 2356518))]
(gdb) bt
#0 0x00007f350554e2bd in wl_resource_post_event () at /lib/x86_64-linux-gnu/libwayland-server.so.0
#1 0x00007f3505f51c98 in wl_buffer_send_release(wl_resource*) (resource_=0x2d6e692d6e6f6974) at /usr/include/wayland-server-protocol.h:1713
#2 0x00007f3505f522f6 in ViewBackend::releaseBuffer(wl_resource*) (this=0x5629de7f0250, buffer_resource=0x2d6e692d6e6f6974) at ../src/view-backend-private.cpp:115
#3 0x00007f3505f50c4a in (anonymous namespace)::ClientBundleEGL::releaseImage(wpe_fdo_egl_exported_image*) (this=0x5629de7f1e90, image=0x5629dea25c70) at ../src/view-backend-exportable-fdo-egl.cpp:251
#4 0x00007f3505f50f64 in wpe_view_backend_exportable_fdo_egl_dispatch_release_exported_image(wpe_view_backend_exportable_fdo*, wpe_fdo_egl_exported_image*) (exportable=0x5629de7f1ec0, image=0x5629dea25c70)
at ../src/view-backend-exportable-fdo-egl.cpp:330
#5 0x00007f35099847b4 in WebKit::AcceleratedBackingStoreWayland::~AcceleratedBackingStoreWayland() () at /home/psaavedra/install/lib/libwebkit2gtk-4.1.so.0
#6 0x00007f35098e90d7 in webkitWebViewBaseDispose(_GObject*) () at /home/psaavedra/install/lib/libwebkit2gtk-4.1.so.0
#7 0x00007f350ee3d943 in ephy_web_view_dispose (object=0x5629dcd4a610) at ../embed/ephy-web-view.c:3908
#8 0x00007f350ec96011 in g_object_run_dispose () at /lib/x86_64-linux-gnu/libgobject-2.0.so.0
#9 0x00007f350e681e04 in () at /lib/x86_64-linux-gnu/libgtk-3.so.0
#10 0x00007f350e57702a in () at /lib/x86_64-linux-gnu/libgtk-3.so.0
#11 0x00007f350ec87c6c in g_closure_invoke () at /lib/x86_64-linux-gnu/libgobject-2.0.so.0
#12 0x00007f350eca3ba0 in () at /lib/x86_64-linux-gnu/libgobject-2.0.so.0
#13 0x00007f350eca5614 in g_signal_emit_valist () at /lib/x86_64-linux-gnu/libgobject-2.0.so.0
#14 0x00007f350eca5863 in g_signal_emit () at /lib/x86_64-linux-gnu/libgobject-2.0.so.0
#15 0x00007f350e7a7600 in () at /lib/x86_64-linux-gnu/libgtk-3.so.0
#16 0x00007f350ec96011 in g_object_run_dispose () at /lib/x86_64-linux-gnu/libgobject-2.0.so.0
#17 0x00007f350e52c6f0 in () at /lib/x86_64-linux-gnu/libgtk-3.so.0
#18 0x00007f350e57702a in () at /lib/x86_64-linux-gnu/libgtk-3.so.0
#19 0x00007f350ec87c6c in g_closure_invoke () at /lib/x86_64-linux-gnu/libgobject-2.0.so.0
#20 0x00007f350eca3ba0 in () at /lib/x86_64-linux-gnu/libgobject-2.0.so.0
#21 0x00007f350eca5614 in g_signal_emit_valist () at /lib/x86_64-linux-gnu/libgobject-2.0.so.0
#22 0x00007f350eca5863 in g_signal_emit () at /lib/x86_64-linux-gnu/libgobject-2.0.so.0
#23 0x00007f350e7a7600 in () at /lib/x86_64-linux-gnu/libgtk-3.so.0
#24 0x00007f350ee221a2 in ephy_embed_dispose (object=0x5629dd263040) at ../embed/ephy-embed.c:373
#25 0x00007f350ec95ed1 in g_object_unref () at /lib/x86_64-linux-gnu/libgobject-2.0.so.0
#26 0x00007f3508b99c9e in () at /lib/x86_64-linux-gnu/libhandy-1.so.0
#27 0x00007f350ec95f9d in g_object_unref () at /lib/x86_64-linux-gnu/libgobject-2.0.so.0
#28 0x00007f3508ba401d in () at /lib/x86_64-linux-gnu/libhandy-1.so.0
#29 0x00007f350ec96011 in g_object_run_dispose () at /lib/x86_64-linux-gnu/libgobject-2.0.so.0
#30 0x00007f350e57702a in () at /lib/x86_64-linux-gnu/libgtk-3.so.0
#31 0x00007f350ec87c6c in g_closure_invoke () at /lib/x86_64-linux-gnu/libgobject-2.0.so.0
#32 0x00007f350eca3ba0 in () at /lib/x86_64-linux-gnu/libgobject-2.0.so.0
#33 0x00007f350eca5614 in g_signal_emit_valist () at /lib/x86_64-linux-gnu/libgobject-2.0.so.0
#34 0x00007f350eca5863 in g_signal_emit () at /lib/x86_64-linux-gnu/libgobject-2.0.so.0
#35 0x00007f350e7a7600 in () at /lib/x86_64-linux-gnu/libgtk-3.so.0
#36 0x00007f350ec96011 in g_object_run_dispose () at /lib/x86_64-linux-gnu/libgobject-2.0.so.0
#37 0x00007f350e52c6f0 in () at /lib/x86_64-linux-gnu/libgtk-3.so.0
#38 0x00007f350e57702a in () at /lib/x86_64-linux-gnu/libgtk-3.so.0
#39 0x00007f350ec87c6c in g_closure_invoke () at /lib/x86_64-linux-gnu/libgobject-2.0.so.0
#40 0x00007f350eca3ba0 in () at /lib/x86_64-linux-gnu/libgobject-2.0.so.0
#41 0x00007f350eca5614 in g_signal_emit_valist () at /lib/x86_64-linux-gnu/libgobject-2.0.so.0
#42 0x00007f350eca5863 in g_signal_emit () at /lib/x86_64-linux-gnu/libgobject-2.0.so.0
#43 0x00007f350e7a7600 in () at /lib/x86_64-linux-gnu/libgtk-3.so.0
#44 0x00007f350ec96011 in g_object_run_dispose () at /lib/x86_64-linux-gnu/libgobject-2.0.so.0
#45 0x00007f3508b80788 in () at /lib/x86_64-linux-gnu/libhandy-1.so.0
#46 0x00007f350edc712c in ephy_fullscreen_box_forall (container=0x5629dd0214a0, include_internals=0, callback=0x7f350e7976b0 <gtk_widget_destroy>, callback_data=0x0) at ../src/ephy-fullscreen-box.c:282
#47 0x00007f350e57702a in () at /lib/x86_64-linux-gnu/libgtk-3.so.0
#48 0x00007f350ec87c6c in g_closure_invoke () at /lib/x86_64-linux-gnu/libgobject-2.0.so.0
#49 0x00007f350eca3ba0 in () at /lib/x86_64-linux-gnu/libgobject-2.0.so.0
#50 0x00007f350eca5614 in g_signal_emit_valist () at /lib/x86_64-linux-gnu/libgobject-2.0.so.0
#51 0x00007f350eca5863 in g_signal_emit () at /lib/x86_64-linux-gnu/libgobject-2.0.so.0
#52 0x00007f350e7a7600 in () at /lib/x86_64-linux-gnu/libgtk-3.so.0
#53 0x00007f350edc74ee in ephy_fullscreen_box_dispose (object=0x5629dd0214a0) at ../src/ephy-fullscreen-box.c:360
#54 0x00007f350ec96011 in g_object_run_dispose () at /lib/x86_64-linux-gnu/libgobject-2.0.so.0
#55 0x00007f3508bc4b3b in () at /lib/x86_64-linux-gnu/libhandy-1.so.0
--Type <RET> for more, q to quit, c to continue without paging--c
#56 0x00007f350e57702a in () at /lib/x86_64-linux-gnu/libgtk-3.so.0
#57 0x00007f350ec87c6c in g_closure_invoke () at /lib/x86_64-linux-gnu/libgobject-2.0.so.0
#58 0x00007f350eca3ba0 in () at /lib/x86_64-linux-gnu/libgobject-2.0.so.0
#59 0x00007f350eca5614 in g_signal_emit_valist () at /lib/x86_64-linux-gnu/libgobject-2.0.so.0
#60 0x00007f350eca5863 in g_signal_emit () at /lib/x86_64-linux-gnu/libgobject-2.0.so.0
#61 0x00007f350e7a7600 in () at /lib/x86_64-linux-gnu/libgtk-3.so.0
#62 0x00007f350ec96011 in g_object_run_dispose () at /lib/x86_64-linux-gnu/libgobject-2.0.so.0
#63 0x00007f3508bc4b3b in () at /lib/x86_64-linux-gnu/libhandy-1.so.0
#64 0x00007f350e57702a in () at /lib/x86_64-linux-gnu/libgtk-3.so.0
#65 0x00007f350ec87c6c in g_closure_invoke () at /lib/x86_64-linux-gnu/libgobject-2.0.so.0
#66 0x00007f350eca3ba0 in () at /lib/x86_64-linux-gnu/libgobject-2.0.so.0
#67 0x00007f350eca5614 in g_signal_emit_valist () at /lib/x86_64-linux-gnu/libgobject-2.0.so.0
#68 0x00007f350eca5863 in g_signal_emit () at /lib/x86_64-linux-gnu/libgobject-2.0.so.0
#69 0x00007f350e7a7600 in () at /lib/x86_64-linux-gnu/libgtk-3.so.0
#70 0x00007f350ec95ed1 in g_object_unref () at /lib/x86_64-linux-gnu/libgobject-2.0.so.0
#71 0x00007f350e5277b8 in () at /lib/x86_64-linux-gnu/libgtk-3.so.0
#72 0x00007f3508bbf8b9 in () at /lib/x86_64-linux-gnu/libhandy-1.so.0
#73 0x00007f350ede8926 in ephy_window_destroy (widget=0x5629dd0b62c0) at ../src/ephy-window.c:3230
#74 0x00007f350ec87d2f in g_closure_invoke () at /lib/x86_64-linux-gnu/libgobject-2.0.so.0
#75 0x00007f350eca3ba0 in () at /lib/x86_64-linux-gnu/libgobject-2.0.so.0
#76 0x00007f350eca5614 in g_signal_emit_valist () at /lib/x86_64-linux-gnu/libgobject-2.0.so.0
#77 0x00007f350eca5863 in g_signal_emit () at /lib/x86_64-linux-gnu/libgobject-2.0.so.0
#78 0x00007f350e7a7600 in () at /lib/x86_64-linux-gnu/libgtk-3.so.0
#79 0x00007f350e7b70ee in () at /lib/x86_64-linux-gnu/libgtk-3.so.0
#80 0x00007f350e52126f in () at /lib/x86_64-linux-gnu/libgtk-3.so.0
#81 0x00007f350ede80b1 in ephy_window_dispose (object=0x5629dd0b62c0) at ../src/ephy-window.c:3064
#82 0x00007f350ec96011 in g_object_run_dispose () at /lib/x86_64-linux-gnu/libgobject-2.0.so.0
#83 0x00007f350edeb426 in finish_window_close_after_modified_forms_check (data=0x5629dcd9e500) at ../src/ephy-window.c:4125
#84 0x00007f350edeb5c8 in continue_window_close_after_modified_forms_check (data=0x5629dcd9e500) at ../src/ephy-window.c:4172
#85 0x00007f350edeb679 in window_has_modified_forms_cb (view=0x5629dd9bf900, result=0x5629de978700, data=0x5629dcd9e500) at ../src/ephy-window.c:4197
#86 0x00007f350e2d9e39 in () at /lib/x86_64-linux-gnu/libgio-2.0.so.0
#87 0x00007f350e2da05b in () at /lib/x86_64-linux-gnu/libgio-2.0.so.0
#88 0x00007f350ee3bff7 in has_modified_forms_cb (view=0x5629dd9bf900, result=0x5629de9816f0, task=0x5629de978700) at ../embed/ephy-web-view.c:3263
#89 0x00007f350e2d9e39 in () at /lib/x86_64-linux-gnu/libgio-2.0.so.0
#90 0x00007f350e2da05b in () at /lib/x86_64-linux-gnu/libgio-2.0.so.0
#91 0x00007f350e2dc014 in g_task_return_new_error () at /lib/x86_64-linux-gnu/libgio-2.0.so.0
#92 0x00007f35097b5d61 in WTF::Detail::CallableWrapper<IPC::Connection::makeAsyncReplyHandler<Messages::WebPage::RunJavaScriptInFrameInScriptWorld, WebKit::WebPageProxy::runJavaScriptInFrameInScriptWorld(WebCore::RunJavaScriptParameters&&, std::optional<WebCore::ProcessQualified<WTF::ObjectIdentifier<WebCore::FrameIdentifierType> > >, API::ContentWorld&, WTF::CompletionHandler<void (std::experimental::fundamentals_v3::expected<WTF::RefPtr<API::SerializedScriptValue, WTF::RawPtrTraits<API::SerializedScriptValue>, WTF::DefaultRefDerefTraits<API::SerializedScriptValue> >, WebCore::ExceptionDetails>&&)>&&)::{lambda(WTF::Span<unsigned char const, 18446744073709551615ul> const&, std::optional<WebCore::ExceptionDetails>&&)#1}>(WebKit::WebPageProxy::runJavaScriptInFrameInScriptWorld(WebCore::RunJavaScriptParameters&&, std::optional<WebCore::ProcessQualified<WTF::ObjectIdentifier<WebCore::FrameIdentifierType> > >, API::ContentWorld&, WTF::CompletionHandler<void (std::experimental::fundamentals_v3::expected<WTF::RefPtr<API::SerializedScriptValue, WTF::RawPtrTraits<API::SerializedScriptValue>, WTF::DefaultRefDerefTraits<API::SerializedScriptValue> >, WebCore::ExceptionDetails>&&)>&&)::{lambda(WTF::Span<unsigned char const, 18446744073709551615ul> const&, std::optional<WebCore::ExceptionDetails>&&)#1}&&, WTF::ThreadLikeAssertion)::{lambda(IPC::Decoder*)#1}, void, IPC::Decoder*>::call(IPC::Decoder*) () at /home/psaavedra/install/lib/libwebkit2gtk-4.1.so.0
#93 0x00007f350974562b in WTF::Detail::CallableWrapper<WebKit::AuxiliaryProcessProxy::sendMessage(WTF::UniqueRef<IPC::Encoder>&&, WTF::OptionSet<IPC::SendOption>, std::optional<IPC::Connection::AsyncReplyHandler>, WebKit::AuxiliaryProcessProxy::ShouldStartProcessThrottlerActivity)::{lambda(IPC::Decoder*)#2}, void, IPC::Decoder*>::call(IPC::Decoder*) () at /home/psaavedra/install/lib/libwebkit2gtk-4.1.so.0
#94 0x00007f35096c110d in IPC::Connection::cancelAsyncReplyHandlers() () at /home/psaavedra/install/lib/libwebkit2gtk-4.1.so.0
#95 0x00007f35096c51ad in IPC::Connection::invalidate() () at /home/psaavedra/install/lib/libwebkit2gtk-4.1.so.0
#96 0x00007f350974cfb7 in WebKit::AuxiliaryProcessProxy::shutDownProcess() () at /home/psaavedra/install/lib/libwebkit2gtk-4.1.so.0
#97 0x00007f350980dda7 in WebKit::WebProcessProxy::shutDown() () at /home/psaavedra/install/lib/libwebkit2gtk-4.1.so.0
#98 0x00007f350980f2fd in WebKit::WebProcessProxy::processDidTerminateOrFailedToLaunch(WebKit::ProcessTerminationReason) () at /home/psaavedra/install/lib/libwebkit2gtk-4.1.so.0
#99 0x00007f35096c52db in WTF::Detail::CallableWrapper<IPC::Connection::dispatchDidCloseAndInvalidate()::{lambda()#1}, void>::call() () at /home/psaavedra/install/lib/libwebkit2gtk-4.1.so.0
#100 0x00007f350853bf22 in WTF::RunLoop::performWork() () at /home/psaavedra/install/lib/libjavascriptcoregtk-4.1.so.0
#101 0x00007f35085b661d in WTF::RunLoop::RunLoop()::{lambda(void*)#1}::_FUN(void*) () at /home/psaavedra/install/lib/libjavascriptcoregtk-4.1.so.0
#102 0x00007f35085b70b3 in WTF::RunLoop::{lambda(_GSource*, int (*)(void*), void*)#1}::_FUN(_GSource*, int (*)(void*), void*) () at /home/psaavedra/install/lib/libjavascriptcoregtk-4.1.so.0
#103 0x00007f350e143c44 in g_main_context_dispatch () at /lib/x86_64-linux-gnu/libglib-2.0.so.0
#104 0x00007f350e1986c8 in () at /lib/x86_64-linux-gnu/libglib-2.0.so.0
#105 0x00007f350e1413e3 in g_main_context_iteration () at /lib/x86_64-linux-gnu/libglib-2.0.so.0
#106 0x00007f350e308fb5 in g_application_run () at /lib/x86_64-linux-gnu/libgio-2.0.so.0
#107 0x00005629dc20b737 in main (argc=1, argv=0x7ffd9358a998) at ../src/ephy-main.c:434
```
--
You are receiving this mail because:
You are the assignee for the bug.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.webkit.org/pipermail/webkit-unassigned/attachments/20230322/f2d6152e/attachment-0001.htm>
More information about the webkit-unassigned
mailing list