198522 2019-06-04 02:48:54 -0700 [GTK] Crash when re-entering AC mode after r245957 2019-06-04 03:04:26 -0700 1 1 1 Unclassified WebKit WebKitGTK WebKit Nightly Build Unspecified Unspecified RESOLVED FIXED Gtk P2 Normal --- 1 cgarcia webkit-unassigned bugs-noreply magomez zan oldest_to_newest 1541494 0 cgarcia 2019-06-04 02:48:54 -0700 When AcceleratedBackingStoreWayland::displayBuffer() is called and we have already left AC mode, we early dispatch the image and release it. The problem is that images are reused, so the given image can be the committed one. In that case we end up freeing it again in the next AcceleratedBackingStoreWayland::paint() call. Thread 1 "MiniBrowser" received signal SIGSEGV, Segmentation fault. 0x00007fffeccbc497 in wl_list_remove (elm=0x55555563a7e0) at ../src/wayland-util.c:55 55 ../src/wayland-util.c: No existe el fichero o el directorio. (gdb) bt #0 0x00007fffeccbc497 in wl_list_remove (elm=0x55555563a7e0) at ../src/wayland-util.c:55 #1 0x00007fffec797819 in wpe_fdo_egl_exported_image_destroy(wpe_fdo_egl_exported_image*) () from /home/cgarcia/gnome/lib/libWPEBackend-fdo-1.0.so.1 #2 0x00007fffec7a039c in wpe_view_backend_exportable_fdo_egl_dispatch_release_exported_image () from /home/cgarcia/gnome/lib/libWPEBackend-fdo-1.0.so.1 #3 0x00007ffff51e87a7 in WebKit::AcceleratedBackingStoreWayland::paint(_cairo*, WebCore::IntRect const&) () from /home/cgarcia/src/git/gnome/WebKit/WebKitBuild/Release/lib/libwebkit2gtk-4.0.so.37 #4 0x00007ffff51862c8 in webkitWebViewBaseDraw(_GtkWidget*, _cairo*) () from /home/cgarcia/src/git/gnome/WebKit/WebKitBuild/Release/lib/libwebkit2gtk-4.0.so.37 1541495 1 371259 cgarcia 2019-06-04 02:51:07 -0700 Created attachment 371259 Patch 1541501 2 cgarcia 2019-06-04 03:04:26 -0700 Committed r246058: <https://trac.webkit.org/changeset/246058> 371259 2019-06-04 02:51:07 -0700 2019-06-04 02:59:45 -0700 Patch wkgtk-wl-ac-crash.diff text/plain 1890 cgarcia ZGlmZiAtLWdpdCBhL1NvdXJjZS9XZWJLaXQvQ2hhbmdlTG9nIGIvU291cmNlL1dlYktpdC9DaGFu Z2VMb2cKaW5kZXggMDlkZjEwMjIyNjcuLjg3ZTExMTVhOGZjIDEwMDY0NAotLS0gYS9Tb3VyY2Uv V2ViS2l0L0NoYW5nZUxvZworKysgYi9Tb3VyY2UvV2ViS2l0L0NoYW5nZUxvZwpAQCAtMSwzICsx LDE4IEBACisyMDE5LTA2LTA0ICBDYXJsb3MgR2FyY2lhIENhbXBvcyAgPGNnYXJjaWFAaWdhbGlh LmNvbT4KKworICAgICAgICBbR1RLXSBDcmFzaCB3aGVuIHJlLWVudGVyaW5nIEFDIG1vZGUgYWZ0 ZXIgcjI0NTk1NworICAgICAgICBodHRwczovL2J1Z3Mud2Via2l0Lm9yZy9zaG93X2J1Zy5jZ2k/ aWQ9MTk4NTIyCisKKyAgICAgICAgUmV2aWV3ZWQgYnkgTk9CT0RZIChPT1BTISkuCisKKyAgICAg ICAgV2hlbiBBY2NlbGVyYXRlZEJhY2tpbmdTdG9yZVdheWxhbmQ6OmRpc3BsYXlCdWZmZXIoKSBp cyBjYWxsZWQgYW5kIHdlIGhhdmUgYWxyZWFkeSBsZWZ0IEFDIG1vZGUsIHdlIGVhcmx5CisgICAg ICAgIGRpc3BhdGNoIHRoZSBpbWFnZSBhbmQgcmVsZWFzZSBpdC4gVGhlIHByb2JsZW0gaXMgdGhh dCBpbWFnZXMgYXJlIHJldXNlZCwgc28gdGhlIGdpdmVuIGltYWdlIGNhbiBiZSB0aGUKKyAgICAg ICAgY29tbWl0dGVkIG9uZS4gSW4gdGhhdCBjYXNlIHdlIGVuZCB1cCBmcmVlaW5nIGl0IGFnYWlu IGluIHRoZSBuZXh0IEFjY2VsZXJhdGVkQmFja2luZ1N0b3JlV2F5bGFuZDo6cGFpbnQoKQorICAg ICAgICBjYWxsLgorCisgICAgICAgICogVUlQcm9jZXNzL2d0ay9BY2NlbGVyYXRlZEJhY2tpbmdT dG9yZVdheWxhbmQuY3BwOgorICAgICAgICAoV2ViS2l0OjpBY2NlbGVyYXRlZEJhY2tpbmdTdG9y ZVdheWxhbmQ6OmRpc3BsYXlCdWZmZXIpOiBEbyBub3QgcmVsZWFzZSB0aGUgZ2l2ZW4gaW1hZ2Ug aWYgaXQncyB0aGUgY29tbWl0dGVkIG9uZS4KKwogMjAxOS0wNi0wMyAgQ2FybG9zIEdhcmNpYSBD YW1wb3MgIDxjZ2FyY2lhQGlnYWxpYS5jb20+CiAKICAgICAgICAgUkVHUkVTU0lPTihyMjQ0MTgy KTogW0Nvb3JkaW5hdGVkR3JhcGhpY3NdIFJlbGF0ZWQgdmlldyBkb2Vzbid0IHJlY2VpdmUgZ3Jh cGhpYyB1cGRhdGVzCmRpZmYgLS1naXQgYS9Tb3VyY2UvV2ViS2l0L1VJUHJvY2Vzcy9ndGsvQWNj ZWxlcmF0ZWRCYWNraW5nU3RvcmVXYXlsYW5kLmNwcCBiL1NvdXJjZS9XZWJLaXQvVUlQcm9jZXNz L2d0ay9BY2NlbGVyYXRlZEJhY2tpbmdTdG9yZVdheWxhbmQuY3BwCmluZGV4IDU3ZjY3OTUxYTRj Li4wMjU3OGRiNDZjYSAxMDA2NDQKLS0tIGEvU291cmNlL1dlYktpdC9VSVByb2Nlc3MvZ3RrL0Fj Y2VsZXJhdGVkQmFja2luZ1N0b3JlV2F5bGFuZC5jcHAKKysrIGIvU291cmNlL1dlYktpdC9VSVBy b2Nlc3MvZ3RrL0FjY2VsZXJhdGVkQmFja2luZ1N0b3JlV2F5bGFuZC5jcHAKQEAgLTIwNCw3ICsy MDQsOCBAQCB2b2lkIEFjY2VsZXJhdGVkQmFja2luZ1N0b3JlV2F5bGFuZDo6ZGlzcGxheUJ1ZmZl cihzdHJ1Y3Qgd3BlX2Zkb19lZ2xfZXhwb3J0ZWRfaQogewogICAgIGlmICghbV9zdXJmYWNlSUQp IHsKICAgICAgICAgd3BlX3ZpZXdfYmFja2VuZF9leHBvcnRhYmxlX2Zkb19kaXNwYXRjaF9mcmFt ZV9jb21wbGV0ZShtX2V4cG9ydGFibGUpOwotICAgICAgICB3cGVfdmlld19iYWNrZW5kX2V4cG9y dGFibGVfZmRvX2VnbF9kaXNwYXRjaF9yZWxlYXNlX2V4cG9ydGVkX2ltYWdlKG1fZXhwb3J0YWJs ZSwgaW1hZ2UpOworICAgICAgICBpZiAoaW1hZ2UgIT0gbV9jb21taXR0ZWRJbWFnZSkKKyAgICAg ICAgICAgIHdwZV92aWV3X2JhY2tlbmRfZXhwb3J0YWJsZV9mZG9fZWdsX2Rpc3BhdGNoX3JlbGVh c2VfZXhwb3J0ZWRfaW1hZ2UobV9leHBvcnRhYmxlLCBpbWFnZSk7CiAgICAgICAgIHJldHVybjsK ICAgICB9CiAK