[Webkit-unassigned] [Bug 198184] New: [GStreamer] Crash in PlaybackPipeline::setWebKitMediaSrc
bugzilla-daemon at webkit.org
bugzilla-daemon at webkit.org
Thu May 23 10:51:16 PDT 2019
https://bugs.webkit.org/show_bug.cgi?id=198184
Bug ID: 198184
Summary: [GStreamer] Crash in
PlaybackPipeline::setWebKitMediaSrc
Product: WebKit
Version: WebKit Nightly Build
Hardware: PC
OS: Linux
Status: NEW
Severity: Normal
Priority: P2
Component: Media
Assignee: webkit-unassigned at lists.webkit.org
Reporter: mcatanzaro at igalia.com
CC: bugs-noreply at webkitgtk.org
With 2.24.2:
* Play the video in https://www.reddit.com/r/WTF/comments/bs0vkd/whatwas_the_plan_here/
* Click the replay button
* Crash
Program terminated with signal SIGSEGV, Segmentation fault.
#0 0x00007f6c4be0666f in webKitMediaSrcFreeStream (
source=source at entry=0x5562bde7e140, stream=0x5562bde95550)
at ../Source/WebCore/platform/graphics/gstreamer/mse/WebKitMediaSourceGStreamer.cpp:512
512 if (GST_IS_APP_SRC(stream->appsrc)) {
[Current thread is 1 (Thread 0x7f6c45342ec0 (LWP 16458))]
(gdb) bt
#0 0x00007f6c4be0666f in webKitMediaSrcFreeStream (source=source at entry=0x5562bde7e140, stream=0x5562bde95550)
at ../Source/WebCore/platform/graphics/gstreamer/mse/WebKitMediaSourceGStreamer.cpp:512
#1 0x00007f6c4be06e17 in webKitMediaSrcFinalize (object=0x5562bde7e140)
at ../Source/WebCore/platform/graphics/gstreamer/mse/WebKitMediaSourceGStreamer.cpp:278
#2 0x00007f6c4a3ccf1d in g_object_unref (_object=<optimized out>) at ../gobject/gobject.c:3368
#3 g_object_unref (_object=0x5562bde7e140) at ../gobject/gobject.c:3260
#4 0x00007f6c482f87d9 in gst_object_unref (object=<optimized out>) at ../gst/gstobject.c:266
#5 0x00007f6c4be0709e in WTF::derefGPtr<_WebKitMediaSrc> (ptr=<optimized out>)
at ../Source/WebCore/platform/graphics/gstreamer/mse/WebKitMediaSourceGStreamer.cpp:750
#6 0x00007f6c4d1fa448 in WTF::GRefPtr<_WebKitMediaSrc>::operator= (optr=<optimized out>, this=<optimized out>)
at DerivedSources/ForwardingHeaders/wtf/glib/GRefPtr.h:150
#7 WebCore::PlaybackPipeline::setWebKitMediaSrc (this=<optimized out>, webKitMediaSrc=<optimized out>)
at ../Source/WebCore/platform/graphics/gstreamer/mse/PlaybackPipeline.cpp:96
#8 0x00007f6c4d1f374c in WebCore::MediaPlayerPrivateGStreamerMSE::sourceSetup (this=0x5562bde7e140,
sourceElement=<optimized out>) at DerivedSources/ForwardingHeaders/wtf/DumbPtrTraits.h:41
#9 0x00007f6c47462bae in ffi_call_unix64 () at ../src/x86/unix64.S:76
#10 0x00007f6c4746256f in ffi_call (cif=cif at entry=0x7ffdb6da0f50, fn=fn at entry=
0x7f6c4d1dbc90 <WebCore::MediaPlayerPrivateGStreamer::sourceSetupCallback(WebCore::MediaPlayerPrivateGStreamer*, _GstElement*)>, rvalue=<optimized out>, avalue=avalue at entry=0x7ffdb6da0ea0) at ../src/x86/ffi64.c:525
#11 0x00007f6c4a3c8245 in g_cclosure_marshal_generic (closure=<optimized out>, return_gvalue=<optimized out>,
n_param_values=<optimized out>, param_values=<optimized out>, invocation_hint=<optimized out>,
marshal_data=<optimized out>) at ../gobject/gclosure.c:1500
#12 0x00007f6c4a3c777d in g_closure_invoke (closure=0x5562bde67040, return_value=0x0, n_param_values=2,
param_values=0x7ffdb6da1180, invocation_hint=0x7ffdb6da1100) at ../gobject/gclosure.c:810
#13 0x00007f6c4a3db865 in signal_emit_unlocked_R (node=node at entry=0x5562bdd40e70, detail=detail at entry=0,
instance=instance at entry=0x5562bde66040, emission_return=emission_return at entry=0x0,
instance_and_params=instance_and_params at entry=0x7ffdb6da1180) at ../gobject/gsignal.c:3635
#14 0x00007f6c4a3e4b7e in g_signal_emit_valist (instance=<optimized out>, signal_id=<optimized out>,
detail=<optimized out>, var_args=var_args at entry=0x7ffdb6da1350) at ../gobject/gsignal.c:3391
#15 0x00007f6c4a3e5233 in g_signal_emit (instance=instance at entry=0x5562bde66040, signal_id=<optimized out>,
detail=detail at entry=0) at ../gobject/gsignal.c:3447
#16 0x00007f57887a719f in notify_source_cb (uridecodebin=<optimized out>, pspec=<optimized out>,
group=<optimized out>) at ../../../gst/playback/gstplaybin2.c:5164
#17 0x00007f6c4a3c777d in g_closure_invoke (closure=0x5562bcf273d0, return_value=0x0, n_param_values=2,
param_values=0x7ffdb6da1620, invocation_hint=0x7ffdb6da15a0) at ../gobject/gclosure.c:810
#18 0x00007f6c4a3db865 in signal_emit_unlocked_R (node=node at entry=0x5562bce7bdd0, detail=detail at entry=3138,
instance=instance at entry=0x5562bdd5d350, emission_return=emission_return at entry=0x0,
instance_and_params=instance_and_params at entry=0x7ffdb6da1620) at ../gobject/gsignal.c:3635
#19 0x00007f6c4a3e4b7e in g_signal_emit_valist (instance=<optimized out>, signal_id=<optimized out>,
detail=<optimized out>, var_args=var_args at entry=0x7ffdb6da17f0) at ../gobject/gsignal.c:3391
#20 0x00007f6c4a3e5233 in g_signal_emit (instance=instance at entry=0x5562bdd5d350, signal_id=<optimized out>,
detail=<optimized out>) at ../gobject/gsignal.c:3447
#21 0x00007f6c4a3cc384 in g_object_dispatch_properties_changed (object=0x5562bdd5d350, n_pspecs=<optimized out>,
pspecs=<optimized out>) at ../gobject/gobject.c:1110
#22 0x00007f6c482f91a8 in gst_object_dispatch_properties_changed (object=0x5562bdd5d350, n_pspecs=1,
pspecs=0x7ffdb6da1960) at ../gst/gstobject.c:430
#23 0x00007f6c4a3ce9c1 in g_object_notify_by_spec_internal (pspec=<optimized out>, object=0x5562bdd5d350)
at ../gobject/gobject.c:1203
#24 g_object_notify (object=object at entry=0x5562bdd5d350, property_name=property_name at entry=0x7f57887d8eb4 "source")
at ../gobject/gobject.c:1251
#25 0x00007f5788792740 in setup_source (decoder=<optimized out>) at ../../../gst/playback/gsturidecodebin.c:2200
#26 gst_uri_decode_bin_change_state (element=0x5562bdd5d350, transition=<optimized out>)
at ../../../gst/playback/gsturidecodebin.c:2812
#27 0x00007f6c483258d2 in gst_element_change_state (element=element at entry=0x5562bdd5d350, transition=transition at entry=GST_STATE_CHANGE_READY_TO_PAUSED) at ../gst/gstelement.c:2952
#28 0x00007f6c48325ffe in gst_element_set_state_func (element=0x5562bdd5d350, state=GST_STATE_PAUSED) at ../gst/gstelement.c:2906
#29 0x00007f57887aea7d in activate_group (target=GST_STATE_PAUSED, group=0x5562bde664c8, playbin=0x5562bde66040) at ../../../gst/playback/gstplaybin2.c:5405
#30 setup_next_source (playbin=playbin at entry=0x5562bde66040, target=GST_STATE_PAUSED) at ../../../gst/playback/gstplaybin2.c:5629
#31 0x00007f57887af72b in gst_play_bin_change_state (element=0x5562bde66040, transition=<optimized out>) at ../../../gst/playback/gstplaybin2.c:5758
#32 0x00007f6c483258d2 in gst_element_change_state (element=element at entry=0x5562bde66040, transition=transition at entry=GST_STATE_CHANGE_READY_TO_PAUSED) at ../gst/gstelement.c:2952
#33 0x00007f6c48325ffe in gst_element_set_state_func (element=0x5562bde66040, state=GST_STATE_PLAYING) at ../gst/gstelement.c:2906
#34 0x00007f6c4d1dbf2c in WebCore::MediaPlayerPrivateGStreamer::changePipelineState (this=0x7f570646f780, newState=GST_STATE_PLAYING) at ../Source/WebCore/platform/graphics/gstreamer/MediaPlayerPrivateGStreamer.cpp:427
#35 0x00007f6c4d1e09a7 in WebCore::MediaPlayerPrivateGStreamer::play (this=0x7f570646f780) at ../Source/WebCore/platform/graphics/gstreamer/MediaPlayerPrivateGStreamer.cpp:464
#36 0x00007f6c4c8c6813 in WebCore::HTMLMediaElement::updatePlayState (this=0x7f57120007e0) at DerivedSources/ForwardingHeaders/wtf/DumbPtrTraits.h:41
#37 WebCore::HTMLMediaElement::updatePlayState (this=0x7f57120007e0) at ../Source/WebCore/html/HTMLMediaElement.cpp:5401
#38 0x00007f6c4c8c6a15 in WebCore::HTMLMediaElement::playInternal (this=0x7f57120007e0) at ../Source/WebCore/html/HTMLMediaElement.cpp:3603
#39 WebCore::HTMLMediaElement::playInternal (this=0x7f57120007e0) at ../Source/WebCore/html/HTMLMediaElement.cpp:3528
#40 0x00007f6c4c8c6bcd in WebCore::HTMLMediaElement::play (this=0x7f57120007e0, promise=...) at ../Source/WebCore/html/HTMLMediaElement.cpp:3509
#41 0x00007f6c4bf8e780 in WebCore::jsHTMLMediaElementPrototypeFunctionPlayBody (state=0x7ffdb6da1dc0, throwScope=<synthetic pointer>..., promise=..., castedThis=<optimized out>) at DerivedSources/ForwardingHeaders/wtf/Ref.h:130
#42 WebCore::IDLOperationReturningPromise<WebCore::JSHTMLMediaElement>::<lambda(JSC::ExecState&, WTF::Ref<WebCore::DeferredPromise, WTF::DumbPtrTraits<WebCore::DeferredPromise> >&&)>::operator() (this=<synthetic pointer>, promise=..., state=...) at ../Source/WebCore/bindings/js/JSDOMOperationReturningPromise.h:52
#43 WebCore::callPromiseFunction<(WebCore::PromiseExecutionScope)0, WebCore::IDLOperationReturningPromise<JSClass>::call(JSC::ExecState&, char const*) [with JSC::EncodedJSValue (* operation)(JSC::ExecState*, WebCore::IDLOperationReturningPromise<JSClass>::ClassParameter, WTF::Ref<WebCore::DeferredPromise>&&, JSC::ThrowScope&) = WebCore::jsHTMLMediaElementPrototypeFunctionPlayBody; WebCore::PromiseExecutionScope executionScope = (WebCore::PromiseExecutionScope)0; WebCore::CastedThisErrorBehavior shouldThrow = (WebCore::CastedThisErrorBehavior)2; JSClass = WebCore::JSHTMLMediaElement]::<lambda(JSC::ExecState&, WTF::Ref<WebCore::DeferredPromise>&&)> > (functor=..., state=...) at ../Source/WebCore/bindings/js/JSDOMPromiseDeferred.h:299
#44 WebCore::IDLOperationReturningPromise<WebCore::JSHTMLMediaElement>::call<WebCore::jsHTMLMediaElementPrototypeFunctionPlayBody, (WebCore::PromiseExecutionScope)0> (operationName=0x7f6c4d44729e "play", state=...) at ../Source/WebCore/bindings/js/JSDOMOperationReturningPromise.h:41
#45 WebCore::jsHTMLMediaElementPrototypeFunctionPlay (state=0x7ffdb6da1dc0) at DerivedSources/WebCore/JSHTMLMediaElement.cpp:1548
#46 0x00007f57bffff16b in ?? ()
#47 0x00007ffdb6da1e50 in ?? ()
#48 0x00007f57c0022c1f in ?? ()
#49 0x0000000000000000 in ?? ()
--
You are receiving this mail because:
You are the assignee for the bug.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.webkit.org/pipermail/webkit-unassigned/attachments/20190523/a37eaec1/attachment-0001.html>
More information about the webkit-unassigned
mailing list