[Webkit-unassigned] [Bug 224260] New: [MSE][GStreamer] Crash in WebCore::PlaybackPipeline::addSourceBuffer when loading particular vimeo video

bugzilla-daemon at webkit.org bugzilla-daemon at webkit.org
Tue Apr 6 20:05:24 PDT 2021


https://bugs.webkit.org/show_bug.cgi?id=224260

            Bug ID: 224260
           Summary: [MSE][GStreamer] Crash in
                    WebCore::PlaybackPipeline::addSourceBuffer when
                    loading particular vimeo video
           Product: WebKit
           Version: WebKit Nightly Build
          Hardware: PC
                OS: Linux
            Status: NEW
          Severity: Normal
          Priority: P2
         Component: Media
          Assignee: webkit-unassigned at lists.webkit.org
          Reporter: mcatanzaro at gnome.org

Created attachment 425344

  --> https://bugs.webkit.org/attachment.cgi?id=425344&action=review

GStreamer debug log

Visit https://msdprojectclear.org/msd-ballot-issues-townhalls/ in Ephy Tech Preview (WebKitGTK 2.32.0) and scroll down the page, crash is guaranteed:

#0  0x00007f39188eec79 in WebCore::PlaybackPipeline::addSourceBuffer(WTF::RefPtr<WebCore::SourceBufferPrivateGStreamer, WTF::RawPtrTraits<WebCore::SourceBufferPrivateGStreamer>, WTF::DefaultRefDerefTraits<WebCore::SourceBufferPrivateGStreamer> >) (this=0x7f373869ade0, sourceBufferPrivate=...) at DerivedSources/ForwardingHeaders/wtf/glib/GRefPtr.h:106
#1  0x00007f39188ec499 in WebCore::MediaSourcePrivateGStreamer::addSourceBuffer(WebCore::ContentType const&, bool, WTF::RefPtr<WebCore::SourceBufferPrivate, WTF::RawPtrTraits<WebCore::SourceBufferPrivate>, WTF::DefaultRefDerefTraits<WebCore::SourceBufferPrivate> >&) (this=this at entry=0x7f373b858380, contentType=..., sourceBufferPrivate=...)
    at DerivedSources/ForwardingHeaders/wtf/RefCounted.h:49
#2  0x00007f391769525b in WebCore::MediaSource::createSourceBufferPrivate(WebCore::ContentType const&)
    (this=this at entry=0x7f38642f09c0, incomingType=...) at ../Source/WebCore/page/RuntimeEnabledFeatures.h:255
#3  0x00007f3917699abd in WebCore::MediaSource::addSourceBuffer(WTF::String const&)
    (this=this at entry=0x7f38642f09c0, type=...) at ../Source/WebCore/Modules/mediasource/MediaSource.cpp:734
#4  0x00007f39171f34e7 in WebCore::jsMediaSourcePrototypeFunction_addSourceBufferBody
    (castedThis=0x7f37e06429f8, callFrame=<optimized out>, lexicalGlobalObject=0x7f37a0608068)
    at DerivedSources/WebCore/JSMediaSource.cpp:467
#5  WebCore::IDLOperation<WebCore::JSMediaSource>::call<WebCore::jsMediaSourcePrototypeFunction_addSourceBufferBody>
    (operationName=0x7f3918bcf89f "addSourceBuffer", callFrame=..., lexicalGlobalObject=...)
    at ../Source/WebCore/bindings/js/JSDOMOperation.h:53
#6  WebCore::jsMediaSourcePrototypeFunction_addSourceBuffer(JSC::JSGlobalObject*, JSC::CallFrame*)
    (lexicalGlobalObject=0x7f37a0608068, callFrame=<optimized out>) at DerivedSources/WebCore/JSMediaSource.cpp:472
#7  0x00007f38bffff1d8 in  ()
#8  0x00007ffdee2ba740 in  ()
#9  0x00007f3914736b6c in llint_op_call ()
    at /usr/lib/debug/source/sdk/webkitgtk.bst/Source/JavaScriptCore/llint/LowLevelInterpreter.asm:1093
#10 0x0000000000000000 in  ()

Before it crashes, it hits this critical:

GStreamer-CRITICAL **: 21:57:36.023: gst_element_post_message: assertion 'GST_IS_ELEMENT (element)' failed

I'll attach a full backtrace for this critical and a debug log.

-- 
You are receiving this mail because:
You are the assignee for the bug.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.webkit.org/pipermail/webkit-unassigned/attachments/20210407/c31735ba/attachment.htm>


More information about the webkit-unassigned mailing list