[Webkit-unassigned] [Bug 257456] New: [GTK][WPE] fast/mediastream/RTCRtpSender-outlives-RTCPeerConnection.html crashing

bugzilla-daemon at webkit.org bugzilla-daemon at webkit.org
Mon May 29 08:23:17 PDT 2023 

https://bugs.webkit.org/show_bug.cgi?id=257456

            Bug ID: 257456
           Summary: [GTK][WPE]
                    fast/mediastream/RTCRtpSender-outlives-RTCPeerConnecti
                    on.html crashing
           Product: WebKit
           Version: WebKit Nightly Build
          Hardware: Unspecified
                OS: Unspecified
            Status: NEW
          Severity: Normal
          Priority: P2
         Component: Media
          Assignee: webkit-unassigned at lists.webkit.org
          Reporter: csaavedra at igalia.com

There are several crashes in the bots, I can also reproduce them, both in Release and Debug, WPE and GTK:

See: https://results.webkit.org/?suite=layout-tests&test=fast%2Fmediastream%2FRTCRtpSender-outlives-RTCPeerConnection.html

Some stacktraces:

GTK Release / WPE Release:
#0  0x00007f2cb6024ecf in void WebCore::ActiveDOMObject::queueTaskKeepingObjectAlive<WebCore::RTCPeerConnection>(WebCore::RTCPeerConnection&, WebCore::TaskSource, WTF::Function<void ()>&&) ()
    at /app/webkit/WebKitBuild/Release/lib/libwebkit2gtk-4.1.so.0
#1  0x00007f2cb6035a4c in WebCore::RTCPeerConnection::updateNegotiationNeededFlag(std::optional<unsigned int>) () at /app/webkit/WebKitBuild/Release/lib/libwebkit2gtk-4.1.so.0
#2  0x00007f2cb1e7e97a in WTF::RunLoop::performWork() () at /app/webkit/WebKitBuild/Release/lib/libjavascriptcoregtk-4.1.so.0
#3  0x00007f2cb1ef7779 in WTF::RunLoop::RunLoop()::{lambda(void*)#1}::_FUN(void*) () at /app/webkit/WebKitBuild/Release/lib/libjavascriptcoregtk-4.1.so.0
#4  0x00007f2cb1ef81ef in WTF::RunLoop::{lambda(_GSource*, int (*)(void*), void*)#1}::_FUN(_GSource*, int (*)(void*), void*) () at /app/webkit/WebKitBuild/Release/lib/libjavascriptcoregtk-4.1.so.0
#5  0x00007f2cb20f1c37 in g_main_dispatch (context=0x5575f1bb9930) at ../glib/gmain.c:3419
#6  g_main_context_dispatch (context=0x5575f1bb9930) at ../glib/gmain.c:4137
#7  0x00007f2cb2148028 in g_main_context_iterate.constprop.0 (context=0x5575f1bb9930, block=block at entry=1, dispatch=dispatch at entry=1, self=<optimized out>) at ../glib/gmain.c:4213
#8  0x00007f2cb20f12af in g_main_loop_run (loop=0x5575f1be7620) at ../glib/gmain.c:4413
#9  0x00007f2cb1ef8320 in WTF::RunLoop::run() () at /app/webkit/WebKitBuild/Release/lib/libjavascriptcoregtk-4.1.so.0
#10 0x00007f2cb506904e in int WebKit::AuxiliaryProcessMain<WebKit::WebProcessMainGtk>(int, char**) () at /app/webkit/WebKitBuild/Release/lib/libwebkit2gtk-4.1.so.0
#11 0x00007f2cad42954a in __libc_start_call_main (main=main at entry=0x5575f0c2f920 <main>, argc=argc at entry=4, argv=argv at entry=0x7ffc753a7f48) at ../sysdeps/nptl/libc_start_call_main.h:58
#12 0x00007f2cad42960b in __libc_start_main_impl (main=0x5575f0c2f920 <main>, argc=4, argv=0x7ffc753a7f48, init=<optimized out>, fini=<optimized out>, rtld_fini=<optimized out>, stack_end=<optimized out>)

GTK Debug:
#0  WTFCrash() () at /app/webkit/Source/WTF/wtf/Assertions.cpp:327
#1  0x00007fca471ff64d in WTFCrashWithInfo(int, char const*, char const*, int) () at /app/webkit/WebKitBuild/Debug/WTF/Headers/wtf/Assertions.h:762
#2  0x00007fca471ff92d in WTF::RefCountedBase::hasOneRef() const (this=0x7fc9c2005470) at /app/webkit/WebKitBuild/Debug/WTF/Headers/wtf/RefCounted.h:55
#3  0x00007fca471ff955 in WTF::RefCountedBase::applyRefDerefThreadingCheck() const (this=0x7fc9c2005470) at /app/webkit/WebKitBuild/Debug/WTF/Headers/wtf/RefCounted.h:106
#4  0x00007fca47225642 in WTF::RefCountedBase::ref() const (this=0x7fc9c2005470) at /app/webkit/WebKitBuild/Debug/WTF/Headers/wtf/RefCounted.h:43
#5  0x00007fca4a127bc1 in WTF::Ref<WebCore::RTCPeerConnection, WTF::RawPtrTraits<WebCore::RTCPeerConnection> >::Ref(WebCore::RTCPeerConnection&) (this=0x7fca281c55e8, object=...)
    at /app/webkit/WebKitBuild/Debug/WTF/Headers/wtf/Ref.h:67
#6  0x00007fca4ae16c03 in WebCore::ActiveDOMObject::PendingActivity<WebCore::RTCPeerConnection>::PendingActivity(WebCore::RTCPeerConnection&) (this=0x7fca281c55e0, thisObject=...)
    at /app/webkit/Source/WebCore/dom/ActiveDOMObject.h:82
#7  0x00007fca4ae117b7 in WebCore::ActiveDOMObject::makePendingActivity<WebCore::RTCPeerConnection>(WebCore::RTCPeerConnection&) (this=0x7fc9c2005478, thisObject=...)
    at /app/webkit/Source/WebCore/dom/ActiveDOMObject.h:100
#8  0x00007fca4ae0e365 in WebCore::ActiveDOMObject::queueTaskKeepingObjectAlive<WebCore::RTCPeerConnection>(WebCore::RTCPeerConnection&, WebCore::TaskSource, WTF::Function<void ()>&&)
    (object=..., source=WebCore::TaskSource::Networking, task=...) at /app/webkit/Source/WebCore/dom/ActiveDOMObject.h:110
#9  0x00007fca4ae3896d in WebCore::RTCPeerConnection::updateNegotiationNeededFlag(std::optional<unsigned int>) (this=0x7fc9c2005450, eventId=std::optional<unsigned int> = {...})
    at /app/webkit/Source/WebCore/Modules/mediastream/RTCPeerConnection.cpp:831
#10 0x00007fca4adf5bbc in WebCore::PeerConnectionBackend::markAsNeedingNegotiation(unsigned int) (this=0x7fca28016340, eventId=2) at /app/webkit/Source/WebCore/Modules/mediastream/PeerConnectionBackend.cpp:599
#11 0x00007fca48e1affa in operator()() const (__closure=0x7fca282380c8) at /app/webkit/Source/WebCore/Modules/mediastream/gstreamer/GStreamerMediaEndpoint.cpp:1351
#12 0x00007fca48e2c0bc in WTF::Detail::CallableWrapper<WebCore::GStreamerMediaEndpoint::onNegotiationNeeded()::<lambda()>, void>::call(void) (this=0x7fca282380c0)
    at /app/webkit/WebKitBuild/Debug/WTF/Headers/wtf/Function.h:53
#13 0x00007fca3bace61b in WTF::Function<void ()>::operator()() const (this=0x7ffe99c5a330) at /app/webkit/WebKitBuild/Debug/WTF/Headers/wtf/Function.h:82
#14 0x00007fca3d12b5bb in WTF::RunLoop::performWork() (this=0x7fca280140c0) at /app/webkit/Source/WTF/wtf/RunLoop.cpp:147
#15 0x00007fca3d1e15ee in operator()(gpointer) const (__closure=0x0, userData=0x7fca280140c0) at /app/webkit/Source/WTF/wtf/glib/RunLoopGLib.cpp:80
#16 0x00007fca3d1e1612 in _FUN(gpointer) () at /app/webkit/Source/WTF/wtf/glib/RunLoopGLib.cpp:82
#17 0x00007fca3d1e1581 in operator()(GSource*, GSourceFunc, gpointer) const (__closure=0x0, source=0x55b496878d80, callback=0x7fca3d1e15f5 <_FUN(gpointer)>, userData=0x7fca280140c0)
    at /app/webkit/Source/WTF/wtf/glib/RunLoopGLib.cpp:53
#18 0x00007fca3d1e15cf in _FUN(GSource*, GSourceFunc, gpointer) () at /app/webkit/Source/WTF/wtf/glib/RunLoopGLib.cpp:56
#19 0x00007fca36920c37 in g_main_dispatch (context=0x55b496849fc0) at ../glib/gmain.c:3419
#20 g_main_context_dispatch (context=0x55b496849fc0) at ../glib/gmain.c:4137
#21 0x00007fca36977028 in g_main_context_iterate.constprop.0 (context=0x55b496849fc0, block=block at entry=1, dispatch=dispatch at entry=1, self=<optimized out>) at ../glib/gmain.c:4213
#22 0x00007fca369202af in g_main_loop_run (loop=0x55b496878d60) at ../glib/gmain.c:4413
#23 0x00007fca3d1e1c3a in WTF::RunLoop::run() () at /app/webkit/Source/WTF/wtf/glib/RunLoopGLib.cpp:108
#24 0x00007fca48c507a1 in WebKit::AuxiliaryProcessMainBase<WebKit::WebProcess, true>::run(int, char**) (this=0x7ffe99c5a600, argc=4, argv=0x7ffe99c5a7c8)
    at /app/webkit/Source/WebKit/Shared/AuxiliaryProcessMain.h:72
#25 0x00007fca48c505d0 in WebKit::AuxiliaryProcessMain<WebKit::WebProcessMainGtk>(int, char**) (argc=4, argv=0x7ffe99c5a7c8) at /app/webkit/Source/WebKit/Shared/AuxiliaryProcessMain.h:98
#26 0x00007fca48c50402 in WebKit::WebProcessMain(int, char**) (argc=4, argv=0x7ffe99c5a7c8) at /app/webkit/Source/WebKit/WebProcess/gtk/WebProcessMainGtk.cpp:98
#27 0x000055b495b75979 in main(int, char**) (argc=4, argv=0x7ffe99c5a7c8) at /app/webkit/Source/WebKit/WebProcess/EntryPoint/unix/WebProcessMain.cpp:31

WPE Debug (from 263997 at main, so a bit old):
Thread 1 (Thread 0x7fe4d0c7b9c0 (LWP 96186)):
#0  WTFCrash() () at /app/webkit/Source/WTF/wtf/Assertions.cpp:327
#1  0x00007fe4e1a9d2d1 in WTFCrashWithInfo(int, char const*, char const*, int) () at /app/webkit/WebKitBuild/Debug/WTF/Headers/wtf/Assertions.h:758
#2  0x00007fe4e5985e83 in WTF::Ref<WTF::Logger const, WTF::RawPtrTraits<WTF::Logger const> >::get() const (this=0x7fe41d004120) at /app/webkit/WebKitBuild/Debug/WTF/Headers/wtf/Ref.h:117
#3  0x00007fe4e7967af0 in WebCore::RTCPeerConnection::logger() const (this=0x7fe41d0040b0) at /app/webkit/Source/WebCore/Modules/mediastream/RTCPeerConnection.h:205
#4  0x00007fe4e79aada0 in WebCore::RTCPeerConnection::~RTCPeerConnection() (this=0x7fe41d0040b0, __in_chrg=<optimized out>) at /app/webkit/Source/WebCore/Modules/mediastream/RTCPeerConnection.cpp:137
#5  0x00007fe4e79aafb6 in WebCore::RTCPeerConnection::~RTCPeerConnection() (this=0x7fe41d0040b0, __in_chrg=<optimized out>) at /app/webkit/Source/WebCore/Modules/mediastream/RTCPeerConnection.cpp:140
#6  0x00007fe4e6c4472d in std::default_delete<WebCore::RTCPeerConnection>::operator()(WebCore::RTCPeerConnection*) const (this=0x7fff6cfbbfa7, __ptr=0x7fe41d0040b0) at /usr/include/c++/12.2.0/bits/unique_ptr.h:95
#7  0x00007fe4e6c41074 in WTF::RefCounted<WebCore::RTCPeerConnection, std::default_delete<WebCore::RTCPeerConnection> >::deref() const (this=0x7fe41d0040d0) at /app/webkit/WebKitBuild/Debug/WTF/Headers/wtf/RefCounted.h:190
#8  0x00007fe4e6c411e7 in WTF::Ref<WebCore::RTCPeerConnection, WTF::RawPtrTraits<WebCore::RTCPeerConnection> >::~Ref() (this=0x7fe4c7122f28, __in_chrg=<optimized out>) at /app/webkit/WebKitBuild/Debug/WTF/Headers/wtf/Ref.h:61
#9  0x00007fe4e796a5ca in WebCore::ActiveDOMObject::queueTaskKeepingObjectAlive<WebCore::RTCPeerConnection>(WebCore::RTCPeerConnection&, WebCore::TaskSource, WTF::Function<void ()>&&)::{lambda()#1}::~Function() (this=0x7fe4c7122f28, __in_chrg=<optimized out>) at /app/webkit/Source/WebCore/dom/ActiveDOMObject.h:111
#10 0x00007fe4e7977aaa in WTF::Detail::CallableWrapper<WebCore::ActiveDOMObject::queueTaskKeepingObjectAlive<WebCore::RTCPeerConnection>(WebCore::RTCPeerConnection&, WebCore::TaskSource, WTF::Function<void ()>&&)::{lambda()#1}, void>::~CallableWrapper() (this=0x7fe4c7122f20, __in_chrg=<optimized out>) at /app/webkit/WebKitBuild/Debug/WTF/Headers/wtf/Function.h:47
#11 0x00007fe4e7977ad2 in WTF::Detail::CallableWrapper<WebCore::ActiveDOMObject::queueTaskKeepingObjectAlive<WebCore::RTCPeerConnection>(WebCore::RTCPeerConnection&, WebCore::TaskSource, WTF::Function<void ()>&&)::{lambda()#1}, void>::~CallableWrapper() (this=0x7fe4c7122f20, __in_chrg=<optimized out>) at /app/webkit/WebKitBuild/Debug/WTF/Headers/wtf/Function.h:47
#12 0x00007fe4e1b40fb6 in std::default_delete<WTF::Detail::CallableWrapperBase<void> >::operator()(WTF::Detail::CallableWrapperBase<void>*) const (this=0x7fff6cfbc108, __ptr=0x7fe4c7122f20) at /usr/include/c++/12.2.0/bits/unique_ptr.h:95
#13 0x00007fe4e1b3f05a in std::unique_ptr<WTF::Detail::CallableWrapperBase<void>, std::default_delete<WTF::Detail::CallableWrapperBase<void> > >::~unique_ptr() (this=0x7fff6cfbc108, __in_chrg=<optimized out>) at /usr/include/c++/12.2.0/bits/unique_ptr.h:396
#14 0x00007fe4e1b3eb18 in WTF::Function<void ()>::~Function() (this=0x7fff6cfbc108, __in_chrg=<optimized out>) at /app/webkit/WebKitBuild/Debug/WTF/Headers/wtf/Function.h:63
#15 0x00007fe4e796a69d in WebCore::ActiveDOMObject::queueTaskKeepingObjectAlive<WebCore::RTCPeerConnection>(WebCore::RTCPeerConnection&, WebCore::TaskSource, WTF::Function<void ()>&&) (object=..., source=WebCore::TaskSource::Networking, task=...) at /app/webkit/Source/WebCore/dom/ActiveDOMObject.h:111
#16 0x00007fe4e79af833 in WebCore::RTCPeerConnection::updateNegotiationNeededFlag(std::optional<unsigned int>) (this=0x7fe41d0040b0, eventId=std::optional<unsigned int> = {...}) at /app/webkit/Source/WebCore/Modules/mediastream/RTCPeerConnection.cpp:831
#17 0x00007fe4e795951c in WebCore::PeerConnectionBackend::markAsNeedingNegotiation(unsigned int) (this=0x7fe4c7015800, eventId=2) at /app/webkit/Source/WebCore/Modules/mediastream/PeerConnectionBackend.cpp:599
#18 0x00007fe4e5972bd6 in operator()() const (__closure=0x7fe4c72840c8) at /app/webkit/Source/WebCore/Modules/mediastream/gstreamer/GStreamerMediaEndpoint.cpp:1318
#19 0x00007fe4e5983c42 in WTF::Detail::CallableWrapper<WebCore::GStreamerMediaEndpoint::onNegotiationNeeded()::<lambda()>, void>::call(void) (this=0x7fe4c72840c0) at /app/webkit/WebKitBuild/Debug/WTF/Headers/wtf/Function.h:53
#20 0x00007fe4e2342bfd in WTF::Function<void ()>::operator()() const (this=0x7fff6cfbc2a0) at /app/webkit/WebKitBuild/Debug/WTF/Headers/wtf/Function.h:82
#21 0x00007fe4e56e7659 in WTF::RunLoop::performWork() (this=0x7fe4c70140c0) at /app/webkit/Source/WTF/wtf/RunLoop.cpp:147
#22 0x00007fe4e579b88a in operator()(gpointer) const (__closure=0x0, userData=0x7fe4c70140c0) at /app/webkit/Source/WTF/wtf/glib/RunLoopGLib.cpp:80
#23 0x00007fe4e579b8ae in _FUN(gpointer) () at /app/webkit/Source/WTF/wtf/glib/RunLoopGLib.cpp:82
#24 0x00007fe4e579b81d in operator()(GSource*, GSourceFunc, gpointer) const (__closure=0x0, source=0x55ce346d1d20, callback=0x7fe4e579b891 <_FUN(gpointer)>, userData=0x7fe4c70140c0) at /app/webkit/Source/WTF/wtf/glib/RunLoopGLib.cpp:53
#25 0x00007fe4e579b86b in _FUN(GSource*, GSourceFunc, gpointer) () at /app/webkit/Source/WTF/wtf/glib/RunLoopGLib.cpp:56
#26 0x00007fe4d76bac37 in g_main_dispatch (context=0x55ce346d0b50) at ../glib/gmain.c:3419
#27 g_main_context_dispatch (context=0x55ce346d0b50) at ../glib/gmain.c:4137
#28 0x00007fe4d7711028 in g_main_context_iterate.constprop.0 (context=0x55ce346d0b50, block=block at entry=1, dispatch=dispatch at entry=1, self=<optimized out>) at ../glib/gmain.c:4213
#29 0x00007fe4d76ba2af in g_main_loop_run (loop=0x55ce346d1d00) at ../glib/gmain.c:4413
#30 0x00007fe4e579bed6 in WTF::RunLoop::run() () at /app/webkit/Source/WTF/wtf/glib/RunLoopGLib.cpp:108
#31 0x00007fe4e3303063 in WebKit::AuxiliaryProcessMainBase<WebKit::WebProcess, true>::run(int, char**) (this=0x7fff6cfbc570, argc=4, argv=0x7fff6cfbc738) at /app/webkit/Source/WebKit/Shared/AuxiliaryProcessMain.h:72
#32 0x00007fe4e32fe399 in WebKit::AuxiliaryProcessMain<WebKit::WebProcessMainWPE>(int, char**) (argc=4, argv=0x7fff6cfbc738) at /app/webkit/Source/WebKit/Shared/AuxiliaryProcessMain.h:98
#33 0x00007fe4e32f4559 in WebKit::WebProcessMain(int, char**) (argc=4, argv=0x7fff6cfbc738) at /app/webkit/Source/WebKit/WebProcess/wpe/WebProcessMainWPE.cpp:75
#34 0x000055ce326c58d9 in main(int, char**) (argc=4, argv=0x7fff6cfbc738) at /app/webkit/Source/WebKit/WebProcess/EntryPoint/unix/WebProcessMain.cpp:31

-- 
You are receiving this mail because:
You are the assignee for the bug.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.webkit.org/pipermail/webkit-unassigned/attachments/20230529/758cdab7/attachment-0001.htm>

More information about the webkit-unassigned mailing list