[Webkit-unassigned] [Bug 262949] New: [GTK] Crash closing window that was using multimedia

bugzilla-daemon at webkit.org bugzilla-daemon at webkit.org
Tue Oct 10 03:43:56 PDT 2023 

https://bugs.webkit.org/show_bug.cgi?id=262949

            Bug ID: 262949
           Summary: [GTK] Crash closing window that was using multimedia
           Product: WebKit
           Version: WebKit Nightly Build
          Hardware: Unspecified
                OS: Unspecified
            Status: NEW
          Severity: Normal
          Priority: P2
         Component: WebKitGTK
          Assignee: webkit-unassigned at lists.webkit.org
          Reporter: alex at igalia.com
                CC: bugs-noreply at webkitgtk.org

Apparently some of the connected signals should be stopped before reseting the pipeline to make sure the signal handlers are not executed in the main thread:

#0  0x00007f6e5c06d924 in WTFCrash () from /usr/local/lib/libjavascriptcoregtk-6.0.so.1
[Current thread is 1 (Thread 0x7f6e526ccb80 (LWP 82521))]
(gdb) bt
#0  0x00007f6e5c06d924 in WTFCrash () at /usr/local/lib/libjavascriptcoregtk-6.0.so.1
#1  0x00007f6e5fcae455 in WebCore::AbortableTaskQueue::enqueueTask(WTF::Function<void ()>&&) () at /usr/local/lib/libwebkitgtk-6.0.so.4
#2  0x00007f6e5fcab8a4 in WebCore::TrackPrivateBaseGStreamer::installUpdateConfigurationHandlers()::{lambda(WebCore::TrackPrivateBaseGStreamer*)#1}::_FUN(WebCore::TrackPrivateBaseGStreamer*) () at /usr/local/lib/libwebkitgtk-6.0.so.4
#3  0x00007f6e58005010 in g_closure_invoke (closure=0x561f4ba45300, return_value=0x0, n_param_values=2, param_values=0x7ffcfdd0aa20, invocation_hint=0x7ffcfdd0a9a0) at ../../../gobject/gclosure.c:832
#4  0x00007f6e580323d6 in signal_emit_unlocked_R.isra.0
    (node=node at entry=0x561f4b1a3b70, detail=detail at entry=949, instance=instance at entry=0x561f4ba3ced0, emission_return=emission_return at entry=0x0, instance_and_params=instance_and_params at entry=0x7ffcfdd0aa20)
    at ../../../gobject/gsignal.c:3802
#5  0x00007f6e5802269a in g_signal_emit_valist (instance=<optimized out>, signal_id=<optimized out>, detail=<optimized out>, var_args=var_args at entry=0x7ffcfdd0abe0) at ../../../gobject/gsignal.c:3555
#6  0x00007f6e58022923 in g_signal_emit (instance=<optimized out>, signal_id=<optimized out>, detail=<optimized out>) at ../../../gobject/gsignal.c:3612
#7  0x00007f6e5800fdc4 in g_object_dispatch_properties_changed (object=0x561f4ba3ced0, n_pspecs=<optimized out>, pspecs=<optimized out>) at ../../../gobject/gobject.c:1428
#8  0x00007f6e58ef9688 in gst_object_dispatch_properties_changed (object=0x561f4ba3ced0, n_pspecs=1, pspecs=0x7ffcfdd0ad50) at ../../checkout/gstreamer/subprojects/gstreamer/gst/gstobject.c:455
#9  0x00007f6e58013137 in g_object_notify_by_spec_internal (pspec=<optimized out>, object=0x561f4ba3ced0) at ../../../gobject/gobject.c:1552
#10 g_object_notify_by_pspec (object=object at entry=0x561f4ba3ced0, pspec=<optimized out>) at ../../../gobject/gobject.c:1658
#11 0x00007f6e58f4294a in remove_events (pad=pad at entry=0x561f4ba3ced0) at ../../checkout/gstreamer/subprojects/gstreamer/gst/gstpad.c:457
#12 0x00007f6e58f4a36f in post_activate (new_mode=<optimized out>, pad=<optimized out>) at ../../checkout/gstreamer/subprojects/gstreamer/gst/gstpad.c:1053
#13 activate_mode_internal (pad=pad at entry=0x561f4ba3ced0, parent=parent at entry=0x561f4ba3d840, mode=mode at entry=GST_PAD_MODE_PUSH, active=active at entry=0) at ../../checkout/gstreamer/subprojects/gstreamer/gst/gstpad.c:1228
#14 0x00007f6e58f4a9c6 in gst_pad_set_active (pad=pad at entry=0x561f4ba3ced0, active=0) at ../../checkout/gstreamer/subprojects/gstreamer/gst/gstpad.c:1119
#15 0x00007f6e58f22a15 in activate_pads (vpad=<optimized out>, ret=0x7ffcfdd0af00, active=0x7ffcfdd0af5c) at ../../checkout/gstreamer/subprojects/gstreamer/gst/gstelement.c:3181
#16 0x00007f6e58f3997c in gst_iterator_fold (it=it at entry=0x561f4ba94190, func=func at entry=0x7f6e58f229f0 <activate_pads>, ret=ret at entry=0x7ffcfdd0af00, user_data=user_data at entry=0x7ffcfdd0af5c)
    at ../../checkout/gstreamer/subprojects/gstreamer/gst/gstiterator.c:617
#17 0x00007f6e58f23196 in iterator_activate_fold_with_resync (iter=iter at entry=0x561f4ba94190, user_data=user_data at entry=0x7ffcfdd0af5c, func=0x7f6e58f229f0 <activate_pads>)
    at ../../checkout/gstreamer/subprojects/gstreamer/gst/gstelement.c:3205
#18 0x00007f6e58f25486 in gst_element_pads_activate (element=element at entry=0x561f4ba3d840, active=<optimized out>, active at entry=0) at ../../checkout/gstreamer/subprojects/gstreamer/gst/gstelement.c:3249
#19 0x00007f6e58f256b9 in gst_element_change_state_func (element=0x561f4ba3d840, transition=GST_STATE_CHANGE_PAUSED_TO_READY) at ../../checkout/gstreamer/subprojects/gstreamer/gst/gstelement.c:3315
#20 0x00007f6e590485a9 in gst_base_sink_change_state (element=0x561f4ba3d840, transition=GST_STATE_CHANGE_PAUSED_TO_READY) at ../../checkout/gstreamer/subprojects/gstreamer/libs/gst/base/gstbasesink.c:5756
#21 0x00007f6e58f27934 in gst_element_change_state (element=element at entry=0x561f4ba3d840, transition=transition at entry=GST_STATE_CHANGE_PAUSED_TO_READY) at ../../checkout/gstreamer/subprojects/gstreamer/gst/gstelement.c:3093
#22 0x00007f6e58f27f9f in gst_element_set_state_func (element=0x561f4ba3d840, state=GST_STATE_READY) at ../../checkout/gstreamer/subprojects/gstreamer/gst/gstelement.c:3047
#23 0x00007f6e58f0459b in gst_bin_element_set_state (next=GST_STATE_READY, current=GST_STATE_PAUSED, start_time=0, base_time=47482716357748, element=0x561f4ba3d840, bin=0x561f4ba2b550)
    at ../../checkout/gstreamer/subprojects/gstreamer/gst/gstbin.c:2582
#24 gst_bin_change_state_func (element=0x561f4ba2b550, transition=GST_STATE_CHANGE_PAUSED_TO_READY) at ../../checkout/gstreamer/subprojects/gstreamer/gst/gstbin.c:2931
#25 0x00007f6e58f53349 in gst_pipeline_change_state (element=0x561f4ba2b550, transition=GST_STATE_CHANGE_PAUSED_TO_READY) at ../../checkout/gstreamer/subprojects/gstreamer/gst/gstpipeline.c:529
#26 0x00007f6e58f27934 in gst_element_change_state (element=element at entry=0x561f4ba2b550, transition=GST_STATE_CHANGE_PAUSED_TO_READY) at ../../checkout/gstreamer/subprojects/gstreamer/gst/gstelement.c:3093
#27 0x00007f6e58f283b4 in gst_element_continue_state (element=element at entry=0x561f4ba2b550, ret=ret at entry=GST_STATE_CHANGE_SUCCESS) at ../../checkout/gstreamer/subprojects/gstreamer/gst/gstelement.c:2801
#28 0x00007f6e58f2797b in gst_element_change_state (element=element at entry=0x561f4ba2b550, transition=transition at entry=GST_STATE_CHANGE_PLAYING_TO_PAUSED) at ../../checkout/gstreamer/subprojects/gstreamer/gst/gstelement.c:3132
#29 0x00007f6e58f27f9f in gst_element_set_state_func (element=0x561f4ba2b550, state=GST_STATE_READY) at ../../checkout/gstreamer/subprojects/gstreamer/gst/gstelement.c:3047
#30 0x00007f6e5fcaef57 in WebCore::assertedElementSetState(_GstElement*, GstState) () at /usr/local/lib/libwebkitgtk-6.0.so.4
#31 0x00007f6e5fcb452b in WebCore::AppendPipeline::resetParserState() () at /usr/local/lib/libwebkitgtk-6.0.so.4
#32 0x00007f6e5fbcfb9c in WebCore::SourceBufferPrivate::processPendingOperations() () at /usr/local/lib/libwebkitgtk-6.0.so.4
#33 0x00007f6e5fbd034a in WebCore::SourceBufferPrivate::resetParserState() () at /usr/local/lib/libwebkitgtk-6.0.so.4
#34 0x00007f6e5ea4703c in WebCore::SourceBuffer::abort() () at /usr/local/lib/libwebkitgtk-6.0.so.4
#35 0x00007f6e5e610a77 in WebCore::jsSourceBufferPrototypeFunction_abort(JSC::JSGlobalObject*, JSC::CallFrame*) () at /usr/local/lib/libwebkitgtk-6.0.so.4
#36 0x00007f6df00081b8 in  ()
#37 0x00007ffcfdd0b5e0 in  ()
#38 0x00007f6e5a9c63d3 in op_call_slow_return_location () at /usr/local/lib/libjavascriptcoregtk-6.0.so.1
#39 0x0000000000000000 in  ()

-- 
You are receiving this mail because:
You are the assignee for the bug.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.webkit.org/pipermail/webkit-unassigned/attachments/20231010/219072a7/attachment-0001.htm>

More information about the webkit-unassigned mailing list