<html>
    <head>
      <base href="https://bugs.webkit.org/" />
    </head>
    <body><table border="1" cellspacing="0" cellpadding="8">
        <tr>
          <th>Bug ID</th>
          <td><a class="bz_bug_link 
          bz_status_NEW "
   title="NEW - WorkQueueGeneric's platformInvalidate() can deadlock when called on the RunLoop's thread"
   href="https://bugs.webkit.org/show_bug.cgi?id=166645">166645</a>
          </td>
        </tr>

        <tr>
          <th>Summary</th>
          <td>WorkQueueGeneric's platformInvalidate() can deadlock when called on the RunLoop's thread
          </td>
        </tr>

        <tr>
          <th>Classification</th>
          <td>Unclassified
          </td>
        </tr>

        <tr>
          <th>Product</th>
          <td>WebKit
          </td>
        </tr>

        <tr>
          <th>Version</th>
          <td>WebKit Nightly Build
          </td>
        </tr>

        <tr>
          <th>Hardware</th>
          <td>Unspecified
          </td>
        </tr>

        <tr>
          <th>OS</th>
          <td>Unspecified
          </td>
        </tr>

        <tr>
          <th>Status</th>
          <td>NEW
          </td>
        </tr>

        <tr>
          <th>Severity</th>
          <td>Normal
          </td>
        </tr>

        <tr>
          <th>Priority</th>
          <td>P2
          </td>
        </tr>

        <tr>
          <th>Component</th>
          <td>Web Template Framework
          </td>
        </tr>

        <tr>
          <th>Assignee</th>
          <td>webkit-unassigned&#64;lists.webkit.org
          </td>
        </tr>

        <tr>
          <th>Reporter</th>
          <td>zan&#64;falconsigh.net
          </td>
        </tr>

        <tr>
          <th>CC</th>
          <td>cgarcia&#64;igalia.com
          </td>
        </tr></table>
      <p>
        <div>
        <pre>It's possible that a WorkQueue object is destroyed on its own thread. In case of the WorkQueueGeneric implementation, that is the thread of the underlying RunLoop object.

When that occurs, platformInvalidate() in WorkQueueGeneric.cpp stops the RunLoop and then waits for a signal on the m_terminateRunLoopCondition indefinitely. That doesn't occur because the signal is supposed to be launched on the same thread after the RunLoop is stopped.
<a href="https://trac.webkit.org/browser/trunk/Source/WTF/wtf/generic/WorkQueueGeneric.cpp#L68">https://trac.webkit.org/browser/trunk/Source/WTF/wtf/generic/WorkQueueGeneric.cpp#L68</a>

One solution is to not wait on m_terminateRunLoopCondition if we detect that we're on the RunLoop's thread. Another solution is to remove both m_terminateRunLoopCondition and the accompanying mutex.

First reported at <a href="https://github.com/Metrological/WebKitForWayland/pull/170">https://github.com/Metrological/WebKitForWayland/pull/170</a></pre>
        </div>
      </p>
      <hr>
      <span>You are receiving this mail because:</span>
      
      <ul>
          <li>You are the assignee for the bug.</li>
      </ul>
    </body>
</html>