[Webkit-unassigned] [Bug 258129] New: REGRESSION(264515 at main): [GStreamer] Use of WeakPtr for m_player in MediaPlayerPrivateGStreamer looks unsafe
bugzilla-daemon at webkit.org
bugzilla-daemon at webkit.org
Thu Jun 15 07:02:02 PDT 2023
https://bugs.webkit.org/show_bug.cgi?id=258129
Bug ID: 258129
Summary: REGRESSION(264515 at main): [GStreamer] Use of WeakPtr
for m_player in MediaPlayerPrivateGStreamer looks
unsafe
Product: WebKit
Version: WebKit Nightly Build
Hardware: Unspecified
OS: Unspecified
Status: NEW
Severity: Normal
Priority: P2
Component: Media
Assignee: webkit-unassigned at lists.webkit.org
Reporter: mcatanzaro at redhat.com
Moving this from bug #254954. I'm not sure that changing m_player to be a WeakPtr is actually safe to do without auditing its usage further. For example, in MediaPlayerPrivateGStreamer::handleNeedContextMessage, we have:
gst_structure_set(contextStructure, "player", G_TYPE_POINTER, m_player.get(), nullptr);
gst_element_set_context(GST_ELEMENT(GST_MESSAGE_SRC(message)), context.get());
So now it's stored dereferenced for what I assume is the lifetime of this GstMessage, and the WeakPtr provides no protection against invalidation. So probably it's not safe to use WeakPtr.
This should be looked at more closely.
--
You are receiving this mail because:
You are the assignee for the bug.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.webkit.org/pipermail/webkit-unassigned/attachments/20230615/474c83d1/attachment-0001.htm>
More information about the webkit-unassigned
mailing list