Bug 202079

Summary:

REGRESSION(r249205?): [GStreamer] Crash in WebCore::VideoTrackPrivate::setSelected on youtube.com

Product:

WebKit

Reporter:

Michael Catanzaro <mcatanzaro>

Component:

Media

Assignee:

Nobody <webkit-unassigned>

Status:

RESOLVED FIXED

Severity:

Normal

CC:

aboya, pnormand

Priority:

Version:

WebKit Nightly Build

Hardware:

OS:

Linux

Attachments:

Description	Flags
Backtrace	none

Michael Catanzaro

Reported 2019-09-21 14:24:03 PDT

Created attachment 379321 [details] Backtrace Crash when trying to play youtube videos: Program terminated with signal SIGSEGV, Segmentation fault. #0 WebCore::VideoTrackPrivate::setSelected (selected=true, this=0x0) at ../Source/WebCore/platform/graphics/VideoTrackPrivate.h:46 46 if (m_selected == selected) [Current thread is 1 (Thread 0x7fc9f9b9a9c0 (LWP 23127))] (gdb) bt #0 0x00007fca022bee74 in WebCore::VideoTrackPrivate::setSelected(bool) (selected=true, this=0x0) at ../Source/WebCore/platform/graphics/VideoTrackPrivate.h:46 #1 0x00007fca022bee74 in WebCore::VideoTrackPrivateGStreamer::markAsActive() (this=0x0) at ../Source/WebCore/platform/graphics/gstreamer/VideoTrackPrivateGStreamer.cpp:80 #2 0x00007fca022b45cd in WebCore::MediaPlayerPrivateGStreamer::handleMessage(_GstMessage*) (this= 0x7fc8920693c0, message=0x55c3c20b3a00 [GstMessage]) at ../Source/WebCore/platform/graphics/gstreamer/MediaPlayerPrivateGStreamer.cpp:1445 #3 0x00007fc9fbd10b78 in ffi_call_unix64 () at ../src/x86/unix64.S:76 #4 0x00007fc9fbd10374 in ffi_call (cif=cif@entry=0x7ffcce12f8e0, fn=fn@entry=0x7fca022b4f10 <WebCore::busMessageCallback(GstBus*, GstMessage*, WebCore::MediaPlayerPrivateGStreamer*)>, rvalue=<optimized out>, avalue=avalue@entry=0x7ffcce12f830) at ../src/x86/ffi64.c:525 #9 0x00007fc9feea69e3 in <emit signal message:streams-selected on instance 0x55c3c1bc3390 [GstBus]> (instance=instance@entry=0x55c3c1bc3390, signal_id=<optimized out>, detail=<optimized out>) at ../gobject/gsignal.c:3457 #5 0x00007fc9fee8a22d in g_cclosure_marshal_generic (closure=closure@entry=0x55c3c12174d0, return_gvalue=return_gvalue@entry=0x0, n_param_values=n_param_values@entry=2, param_values=param_values@entry=0x7ffcce12fb10, invocation_hint=invocation_hint@entry=0x7ffcce12fa90, marshal_data=marshal_data@entry=0x0) at ../gobject/gclosure.c:1500 #6 0x00007fc9fee89722 in g_closure_invoke (closure=0x55c3c12174d0, return_value=0x0, n_param_values=2, param_values=0x7ffcce12fb10, invocation_hint=0x7ffcce12fa90) at ../gobject/gclosure.c:810 #7 0x00007fc9fee9d584 in signal_emit_unlocked_R (node=node@entry=0x55c3c1af95e0, detail=detail@entry=1426, instance=instance@entry=0x55c3c1bc3390, emission_return=emission_return@entry=0x0, instance_and_params=instance_and_params@entry=0x7ffcce12fb10) at ../gobject/gsignal.c:3645 #8 0x00007fc9feea6357 in g_signal_emit_valist (instance=<optimized out>, signal_id=<optimized out>, detail=<optimized out>, var_args=var_args@entry=0x7ffcce12fce0) at ../gobject/gsignal.c:3401 #10 0x00007fc9fcc9b8ec in gst_bus_async_signal_func (bus=0x55c3c1bc3390 [GstBus], message=0x55c3c20b3a00 [GstMessage], data=<optimized out>) at ../gst/gstbus.c:1261 #11 0x00007fc9fcc9c772 in gst_bus_source_dispatch (source=0x55c3c1217410, callback=0x7fc9fcc9b890 <gst_bus_async_signal_func>, user_data=0x0) at ../gst/gstbus.c:839 #12 0x00007fc9fed9e4be in g_main_dispatch (context=0x55c3c0fdbd90) at ../glib/gmain.c:3180 #13 0x00007fc9fed9e4be in g_main_context_dispatch (context=context@entry=0x55c3c0fdbd90) at ../glib/gmain.c:3845 #14 0x00007fc9fed9e870 in g_main_context_iterate (context=0x55c3c0fdbd90, block=block@entry=1, dispatch=dispatch@entry=1, self=<optimized out>) at ../glib/gmain.c:3918 #15 0x00007fc9fed9eb63 in g_main_loop_run (loop=0x55c3c1086470) at ../glib/gmain.c:4112 #16 0x00007fc9fe7492b0 in WTF::RunLoop::run() () at ../Source/WTF/wtf/glib/RunLoopGLib.cpp:96 #17 0x00007fca00b8a76a in WebKit::AuxiliaryProcessMain<WebKit::WebProcess, WebKit::WebProcessMain>(int, char**) (argc=3, argv=<optimized out>) at ../Source/WebKit/Shared/unix/AuxiliaryProcessMain.h:47 #18 0x00007fc9ffcea173 in __libc_start_main (main= 0x55c3bfd057e0 <main(int, char**)>, argc=3, argv=0x7ffcce1300b8, init=<optimized out>, fini=<optimized out>, rtld_fini=<optimized out>, stack_end=0x7ffcce1300a8) at ../csu/libc-start.c:308 #19 0x000055c3bfd0586e in _start () at ../sysdeps/x86_64/start.S:120 Full backtrace attached

Attachments
Backtrace (10.34 KB, text/plain) 2019-09-21 14:24 PDT, Michael Catanzaro	no flags	Details
View All Add attachment proposed patch, testcase, etc.

Alicia Boya García

Comment 1 2019-10-24 01:53:04 PDT

The bug should not happen anymore with the revert, and the next version of the patch should avoid it.

Note You need to log in before you can comment on or make changes to this bug.