[Webkit-unassigned] [Bug 256641] New: [GStreamer] Crash when destroying GstGLContext

bugzilla-daemon at webkit.org bugzilla-daemon at webkit.org
Thu May 11 05:50:38 PDT 2023 

https://bugs.webkit.org/show_bug.cgi?id=256641

            Bug ID: 256641
           Summary: [GStreamer] Crash when destroying GstGLContext
           Product: WebKit
           Version: WebKit Nightly Build
          Hardware: Unspecified
                OS: Unspecified
            Status: NEW
          Severity: Normal
          Priority: P2
         Component: Media
          Assignee: webkit-unassigned at lists.webkit.org
          Reporter: mcatanzaro at redhat.com
                CC: bugs-noreply at webkitgtk.org

I've hit this SIGSEGV crash three times in the past two days:

(gdb) bt
#0  0x00007effb5dd9e7d in gst_object_unref (object=0x100000010) at ../gst/gstobject.c:260
#1  0x00007effbbaca8fa in WTF::GRefPtr<_GstGLContext>::operator=(_GstGLContext*)
    (this=0x7effa9010650, optr=0x0 [_GstGLContext]) at WTF/Headers/wtf/glib/GRefPtr.h:162
#2  WebCore::PlatformDisplay::terminateEGLDisplay() (this=0x7effa90105e0)
    at /buildstream/gnome/sdk/webkitgtk-6.0.bst/Source/WebCore/platform/graphics/PlatformDisplay.cpp:347
#3  0x00007effbbacb848 in WebCore::PlatformDisplay::initializeEGLDisplay()::$_4::operator()() const
    (this=<optimized out>)
    at /buildstream/gnome/sdk/webkitgtk-6.0.bst/Source/WebCore/platform/graphics/PlatformDisplay.cpp:336
#4  WebCore::PlatformDisplay::initializeEGLDisplay()::$_4::__invoke() ()
    at /buildstream/gnome/sdk/webkitgtk-6.0.bst/Source/WebCore/platform/graphics/PlatformDisplay.cpp:333
#5  0x00007effb90418e6 in __run_exit_handlers
    (status=0, listp=0x7effb91fe658 <__exit_funcs>, run_list_atexit=run_list_atexit at entry=true, run_dtors=run_dtors at entry=true) at exit.c:113
#6  0x00007effb9041a4e in __GI_exit (status=<optimized out>) at exit.c:143
#7  0x00007effb9029551 in __libc_start_call_main
     (main=main at entry=0x558f84428150 <main>, argc=argc at entry=3, argv=argv at entry=0x7fffb0798598)
    at ../sysdeps/nptl/libc_start_call_main.h:74
#8  0x00007effb902960b in __libc_start_main_impl
     (main=0x558f84428150 <main>, argc=3, argv=0x7fffb0798598, init=<optimized out>, fini=<optimized out>, rtld_fini=<optimized out>, stack_end=<optimized out>) at ../csu/libc-start.c:389
#9  0x0000558f84428085 in _start ()

This backtrace is using 2.41.3 (Epiphany Tech Preview). The crash occurs when setting m_gstGLContext = nullptr; at the top of PlatformDisplay::terminateEGLDisplay. Notice that m_gstGLContext contains 0x100000010 which is suspicious and probably garbage?

-- 
You are receiving this mail because:
You are the assignee for the bug.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.webkit.org/pipermail/webkit-unassigned/attachments/20230511/acf26008/attachment.htm>

More information about the webkit-unassigned mailing list