[Webkit-unassigned] [Bug 196902] [GStreamer][MSE] Invalid free in MediaPlayerPrivateGStreamerMSE::sourceSetup

bugzilla-daemon at webkit.org bugzilla-daemon at webkit.org
Wed Jan 15 08:35:46 PST 2020 

https://bugs.webkit.org/show_bug.cgi?id=196902

--- Comment #13 from Michael Catanzaro <mcatanzaro at gnome.org> ---
Maybe? I tried playing that video in Tech Preview and it crashed almost immediately, but the backtrace is different:

#0  0x00007f5f7c479354 in <lambda()>::operator()(void) const (__closure=0x7f5d7ba200f8)
    at DerivedSources/ForwardingHeaders/wtf/DumbPtrTraits.h:43
#1  0x00007f5f79ed282c in WTF::Function<void ()>::operator()() const (this=<synthetic pointer>)
    at ../Source/WTF/wtf/Function.h:76
#2  0x00007f5f79ed282c in WTF::RunLoop::performWork() (this=0x7f5f749f5000) at ../Source/WTF/wtf/RunLoop.cpp:124
#3  0x00007f5f79f1ee1d in WTF::RunLoop::<lambda(gpointer)>::operator() (__closure=0x0, userData=<optimized out>)
    at ../Source/WTF/wtf/glib/RunLoopGLib.cpp:68
#4  0x00007f5f79f1ee1d in WTF::RunLoop::<lambda(gpointer)>::_FUN(gpointer) ()
    at ../Source/WTF/wtf/glib/RunLoopGLib.cpp:70
#5  0x00007f5f7a5a1b3e in g_main_dispatch (context=0x55f53e811cf0) at ../glib/gmain.c:3272
#6  0x00007f5f7a5a1b3e in g_main_context_dispatch (context=context at entry=0x55f53e811cf0) at ../glib/gmain.c:3937
#7  0x00007f5f7a5a1ef0 in g_main_context_iterate
    (context=0x55f53e811cf0, block=block at entry=1, dispatch=dispatch at entry=1, self=<optimized out>)
    at ../glib/gmain.c:4010
#8  0x00007f5f7a5a21e3 in g_main_loop_run (loop=0x55f53e82a100) at ../glib/gmain.c:4204
#9  0x00007f5f79f1f8b0 in WTF::RunLoop::run() () at ../Source/WTF/wtf/glib/RunLoopGLib.cpp:96
#10 0x00007f5f7c47151f in WebKit::AuxiliaryProcessMain<WebKit::WebProcess, WebKit::WebProcessMain>(int, char**)
    (argc=3, argv=<optimized out>) at ../Source/WebKit/Shared/unix/AuxiliaryProcessMain.h:47
#11 0x00007f5f7b4f4173 in __libc_start_main (main=
    0x55f53cdb8780 <main(int, char**)>, argc=3, argv=0x7ffdd785aed8, init=<optimized out>, fini=<optimized out>, rtld_fini=<optimized out>, stack_end=0x7ffdd785aec8) at ../csu/libc-start.c:308
#12 0x000055f53cdb87fe in _start () at ../sysdeps/x86_64/start.S:120

It's a WebKitWebSrc bug:

#0  0x00007f5f7c479354 in <lambda()>::operator()(void) const (__closure=0x7f5d7ba200f8)
    at DerivedSources/ForwardingHeaders/wtf/DumbPtrTraits.h:43
        priv = 0x55f5404c50e0
        loadOptions = 0
        notifyAsyncCompletion = false
        src = 0x55f5404c5280 [WebKitWebSrc]
        request = 
                {<WebCore::ResourceRequestBase> = {m_url = {m_string = {static MaxLength = 2147483647, m_impl = {static isRefPtr = <error reading variable: Missing ELF symbol "WTF::RefPtr<WTF::StringImpl, WTF::DumbPtrTraits<WTF::StringImpl> >::isRefPtr".>, m_ptr = 0x7f5d62074400}}, m_isValid = 1, m_protocolIsInHTTPFamily = 1, m_cannotBeABaseURL = 0, m_portLength = 0, static maxPortLength = 7, static maxSchemeLength = 67108863, m_schemeEnd = 5, m_userStart = 8, m_userEnd = 8, m_passwordEnd = 8, m_hostEnd = 17, m_pathAfterLastSlash = 32, m_pathEnd = 40, m_queryEnd = 40}, m_timeoutInterval = 0, m_firstPartyForCookies = {m_string = {static MaxLength = 2147483647, m_impl = {static isRefPtr = <error reading variable: Missing ELF symbol "WTF::RefPtr<WTF::StringImpl, WTF::DumbPtrTraits<WTF::StringImpl> >::isRefPtr".>, m_ptr = 0x7f5d62074400}}, m_isValid = 1, m_protocolIsInHTTPFamily = 1, m_cannotBeABaseURL = 0, m_portLength = 0, static maxPortLength = 7, static maxSchemeLength = 67108863, m_schemeEnd = 5, m_userStart = 8, m_userEnd = 8, m_passwordEnd = 8, m_hostEnd = 17, m_pathAfterLastSlash = 32, m_pathEnd = 40, m_queryEnd = 40}, m_httpMethod = {static MaxLength = 2147483647, m_impl = {static isRefPtr = <error reading variable: Missing ELF symbol "WTF::RefPtr<WTF::StringImpl, WTF::DumbPtrTraits<WTF::StringImpl> >::isRefPtr".>, m_ptr = 0x7f5d76b83300}}, m_initiatorIdentifier = {static MaxLength = 2147483647, m_impl = {static isRefPtr = <error reading variable: Missing ELF symbol "WTF::RefPtr<WTF::StringImpl, WTF::DumbPtrTraits<WTF::StringImpl> >::isRefPtr".>, m_ptr = 0x0}}, m_cachePartition = {static MaxLength = 2147483647, m_impl = {static isRefPtr = <error reading variable: Missing ELF symbol "WTF::RefPtr<WTF::StringImpl, WTF::DumbPtrTraits<WTF::StringImpl> >::isRefPtr".>, m_ptr = 0x7f5f7a250b00 <WTF::StringImpl::s_emptyAtomString>}}, m_httpHeaderFields = {m_commonHeaders = {<WTF::VectorBuffer<WebCore::HTTPHeaderMap::CommonHeader, 0>> = {<WTF::VectorBufferBase<WebCore::HTTPHeaderMap::CommonHeader>> = {m_buffer = 0x7f5d620726c0, m_capacity = 6, m_size = 4}, <No data fields>}, <No data fields>}, m_uncommonHeaders = {<WTF::VectorBuffer<WebCore::HTTPHeaderMap::UncommonHeader, 0>> = {<WTF::VectorBufferBase<WebCore::HTTPHeaderMap::UncommonHeader>> = {m_buffer = 0x0, m_capacity = 0, m_size = 0}, <No data fields>}, <No data fields>}}, m_responseContentDispositionEncodingFallbackArray = {<WTF::VectorBuffer<WTF::String, 0>> = {<WTF::VectorBufferBase<WTF::String>> = {m_buffer = 0x0, m_capacity = 0, m_size = 0}, <No data fields>}, <No data fields>}, m_httpBody = {static isRefPtr = <error reading variable: Missing ELF symbol "WTF::RefPtr<WebCore::FormData, WTF::DumbPtrTraits<WebCore::FormData> >::isRefPtr".>, m_ptr = 0x0}, m_cachePolicy = WebCore::ResourceRequestCachePolicy::UseProtocolCachePolicy, m_sameSiteDisposition = WebCore::ResourceRequestBase::SameSiteDisposition::Unspecified, m_priority = WebCore::ResourceLoadPriority::Low, m_requester = WebCore::ResourceRequestBase::Requester::Unspecified, m_inspectorInitiatorNodeIdentifier = {<WTF::constexpr_Optional_base<int>> = {init_ = false, storage_ = {dummy_ = 0 '\000', value_ = -1600039936}}, <No data fields>}, m_allowCookies = true, m_resourceRequestUpdated = true, m_platformRequestUpdated = false, m_resourceRequestBodyUpdated = true, m_platformRequestBodyUpdated = false, m_hiddenFromInspector = false, m_isTopSite = false, static s_defaultTimeoutInterval = 0}, m_acceptEncoding = false, m_soupFlags = (unknown: 0), m_initiatingPageID = {<WTF::constexpr_Optional_base<unsigned long>> = {init_ = false, storage_ = {dummy_ = 0 '\000', value_ = 140040083070464}}, <No data fields>}}
        protector = {m_ptr = 0x55f5404c5280 [WebKitWebSrc]}

-- 
You are receiving this mail because:
You are the assignee for the bug.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.webkit.org/pipermail/webkit-unassigned/attachments/20200115/fdc42459/attachment-0001.htm>

More information about the webkit-unassigned mailing list