[Webkit-unassigned] [Bug 273178] New: [WPE] Platform: Crash on Wayland in DMA-BUF feedback handling

bugzilla-daemon at webkit.org bugzilla-daemon at webkit.org
Wed Apr 24 03:57:44 PDT 2024 

https://bugs.webkit.org/show_bug.cgi?id=273178

            Bug ID: 273178
           Summary: [WPE] Platform: Crash on Wayland in DMA-BUF feedback
                    handling
           Product: WebKit
           Version: WebKit Nightly Build
          Hardware: Unspecified
                OS: Unspecified
            Status: NEW
          Severity: Normal
          Priority: P2
         Component: WPE WebKit
          Assignee: webkit-unassigned at lists.webkit.org
          Reporter: aperez at igalia.com
                CC: bugs-noreply at webkitgtk.org

This was with an AMD GPU, open source Mesa driver, and the Labwc compositor:

Program terminated with signal SIGSEGV, Segmentation fault.
#0  DMABufFeedback::FormatTable::FormatTable (this=0x7a56f60100e0, other=...) at ../Source/WebKit/WPEPlatform/wpe/wayland/WPEViewWayland.cpp:73
73                  : size(other.size)
[Current thread is 1 (Thread 0x7a575cf0a140 (LWP 1507287))]
(gdb) bt
#0  DMABufFeedback::FormatTable::FormatTable (this=0x7a56f60100e0, other=...) at ../Source/WebKit/WPEPlatform/wpe/wayland/WPEViewWayland.cpp:73
#1  DMABufFeedback::DMABufFeedback (this=0x7a56f60100e0, table=...) at ../Source/WebKit/WPEPlatform/wpe/wayland/WPEViewWayland.cpp:106
#2  std::make_unique<DMABufFeedback, DMABufFeedback::FormatTable> (__args=...) at /usr/bin/../lib64/gcc/x86_64-pc-linux-gnu/13.2.1/../../../../include/c++/13.2.1/bits/unique_ptr.h:1070
#3  WTF::makeUnique<DMABufFeedback, DMABufFeedback::FormatTable> (args=...) at WTF/Headers/wtf/StdLibExtras.h:602
...


There's some issue inside the main_device event callback of the DMA-BUF
feedback protocol:

#4  $_11::operator() (data=<optimized out>, device=0x5cf134b1cc80, this=<optimized out>) at ../Source/WebKit/WPEPlatform/wpe/wayland/WPEViewWayland.cpp:426
(gdb) p priv->committedDMABufFeedback 
$5 = std::unique_ptr<DMABufFeedback> = {
  get() = 0x0
}

-- 
You are receiving this mail because:
You are the assignee for the bug.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.webkit.org/pipermail/webkit-unassigned/attachments/20240424/daa3fa0e/attachment.htm>

More information about the webkit-unassigned mailing list