Bug 254025 - REGRESSION(261684@main): [GStreamer] Crash in webkit_media_stream_src_class_init() when logging into Google account
Summary: REGRESSION(261684@main): [GStreamer] Crash in webkit_media_stream_src_class_i...
Status: RESOLVED FIXED
Alias: None
Product: WebKit
Classification: Unclassified
Component: Media (show other bugs)
Version: WebKit Nightly Build
Hardware: PC Linux
: P2 Normal
Assignee: Philippe Normand
URL:
Keywords: InRadar
Depends on:
Blocks:
 
Reported: 2023-03-16 08:47 PDT by Michael Catanzaro
Modified: 2023-03-17 06:03 PDT (History)
5 users (show)

See Also:

Attachments
Full backtrace (352.20 KB, text/plain)
2023-03-16 08:47 PDT, Michael Catanzaro 		no flags Details
View All Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description Michael Catanzaro 2023-03-16 08:47:13 PDT 
Created attachment 465459 [details]
Full backtrace

I cannot log into my Google account due to some GStreamer crash when loading account.google.com, using WebKit git main and GStreamer 1.22.0 from F38:

#0  0x00007f81f6e5d4da in gst_value_deserialize_with_pspec (dest=0x7ffee5ef61e8, src=0x1b18550 "video", pspec=0x0)
    at ../gst/gstvalue.c:6701
#1  0x00007f81f6e5f052 in _priv_gst_value_parse_value (str=<optimized out>, after=0x7ffee5ef61d8, 
    value=0x7ffee5ef61e8, default_type=<optimized out>, pspec=0x0) at ../gst/gstvalue.c:2872
#2  0x00007f81f6e3b2d4 in gst_structure_parse_field (field=0x7ffee5ef61e0, after=<synthetic pointer>, 
    str=0x1a6bf34 "media=(string)video") at ../gst/gststructure.c:2263
#3  priv_gst_structure_parse_fields (str=<optimized out>, end=0x7ffee5ef6278, structure=0x1b18f50)
    at ../gst/gststructure.c:2351
#4  0x00007f81f6dd80af in gst_caps_from_string_inplace (string=0x1b18f50 "", caps=0x1b00f80 [None])
    at ../gst/gstcaps.c:2492
#5  gst_caps_from_string (
    string=string@entry=0x7f81ff906add "video/x-raw;video/x-h264;video/x-vp8;video/x-vp9;application/x-rtp, media=(string)video") at ../gst/gstcaps.c:2531
#6  0x00007f81f6dd82c1 in gst_static_caps_get (static_caps=0x7f8200a918f0 <videoSrcTemplate+16>)
    at ../gst/gstcaps.c:438
#7  0x00007f81f6e1631d in gst_static_pad_template_get (pad_template=0x7f8200a918e0 <videoSrcTemplate>)
    at ../gst/gstpadtemplate.c:316
#8  0x00007f81fd96c34d in webkit_media_stream_src_class_init (klass=0x1b18590)
    at /home/mcatanzaro/Projects/WebKit/Source/WebCore/platform/mediastream/gstreamer/GStreamerMediaStreamSource.cpp:702
#9  webkit_media_stream_src_class_intern_init (klass=0x1b18590)
    at /home/mcatanzaro/Projects/WebKit/Source/WebCore/platform/mediastream/gstreamer/GStreamerMediaStreamSource.cpp:561
#10 0x00007f8200b494ad in type_class_init_Wm (node=0x1b24710, pclass=0x1b16f20)
    at ../../../../Projects/gobject-introspection/subprojects/glib/gobject/gtype.c:2351
#11 0x00007f8200b4ad92 in g_type_class_ref (type=28460816)
    at ../../../../Projects/gobject-introspection/subprojects/glib/gobject/gtype.c:3066
#12 0x00007f81f6def7dd in gst_element_register (plugin=0x0 [GstPlugin], name=0x7f81ff906b80 "mediastreamsrc", 
    rank=256, type=28460816) at ../gst/gstelementfactory.c:245
#13 0x00007f81fd90ba08 in WebCore::registerWebKitGStreamerElements()::$_2::operator()() const (this=0x7ffee5ef65a0)
    at /home/mcatanzaro/Projects/WebKit/Source/WebCore/platform/graphics/gstreamer/GStreamerCommon.cpp:350
#14 std::__invoke_impl<void, WebCore::registerWebKitGStreamerElements()::$_2>(std::__invoke_other, WebCore::registerWebKitGStreamerElements()::$_2&&) (__f=...)
    at /usr/bin/../lib/gcc/x86_64-redhat-linux/13/../../../../include/c++/13/bits/invoke.h:61
#15 std::__invoke<WebCore::registerWebKitGStreamerElements()::$_2>(WebCore::registerWebKitGStreamerElements()::$_2&&)
    (__fn=...) at /usr/bin/../lib/gcc/x86_64-redhat-linux/13/../../../../include/c++/13/bits/invoke.h:96
#16 std::call_once<WebCore::registerWebKitGStreamerElements()::$_2>(std::once_flag&, WebCore::registerWebKitGStreamerElements()::$_2&&)::{lambda()#1}::operator()() const (this=<optimized out>)
    at /usr/bin/../lib/gcc/x86_64-redhat-linux/13/../../../../include/c++/13/mutex:900
#17 std::once_flag::_Prepare_execution::_Prepare_execution<std::call_once<WebCore::registerWebKitGStreamerElements()::$_2>(std::once_flag&, WebCore::registerWebKitGStreamerElements()::$_2&&)::{lambda()#1}>(WebCore::registerWebKitGStreamerElements()::$_2&)::{lambda()#1}::operator()() const (this=<optimized out>)
    at /usr/bin/../lib/gcc/x86_64-redhat-linux/13/../../../../include/c++/13/mutex:836
#18 std::once_flag::_Prepare_execution::_Prepare_execution<std::call_once<WebCore::registerWebKitGStreamerElements()::$_2>(std::once_flag&, WebCore::registerWebKitGStreamerElements()::$_2&&)::{lambda()#1}>(WebCore::registerWebKitGStreamerElements()::$_2&)::{lambda()#1}::__invoke() ()
    at /usr/bin/../lib/gcc/x86_64-redhat-linux/13/../../../../include/c++/13/mutex:836
#19 0x00007f81f72b2e43 in __pthread_once_slow (
    once_control=0x7f8200ad5178 <WebCore::registerWebKitGStreamerElements()::onceFlag>, 
    init_routine=0x7f81f74e1f40 <std::__once_proxy()>) at pthread_once.c:116
#20 0x00007f81fd909d23 in __gthread_once (__once=0x40, __func=0x1b18550)
    at /usr/bin/../lib/gcc/x86_64-redhat-linux/13/../../../../include/c++/13/x86_64-redhat-linux/bits/gthr-default.h:7--Type <RET> for more, q to quit, c to continue without paging--c
00
#21 std::call_once<WebCore::registerWebKitGStreamerElements()::$_2>(std::once_flag&, WebCore::registerWebKitGStreamerElements()::$_2&&) (__once=..., __f=...) at /usr/bin/../lib/gcc/x86_64-redhat-linux/13/../../../../include/c++/13/mutex:907
#22 WebCore::registerWebKitGStreamerElements () at /home/mcatanzaro/Projects/WebKit/Source/WebCore/platform/graphics/gstreamer/GStreamerCommon.cpp:335
#23 0x00007f81fd92624b in WebCore::MediaPlayerPrivateGStreamer::supportsType (parameters=...) at /home/mcatanzaro/Projects/WebKit/Source/WebCore/platform/graphics/gstreamer/MediaPlayerPrivateGStreamer.cpp:2681
#24 0x00007f81fef15fa9 in WebCore::bestMediaEngineForSupportParameters (parameters=..., attemptedEngines=..., current=current@entry=0x0) at /home/mcatanzaro/Projects/WebKit/Source/WebCore/platform/graphics/MediaPlayer.cpp:392
#25 0x00007f81fef1691e in WebCore::MediaPlayer::supportsType (parameters=...) at /home/mcatanzaro/Projects/WebKit/Source/WebCore/platform/graphics/MediaPlayer.cpp:1161
#26 0x00007f81fe9371d2 in WebCore::HTMLMediaElement::canPlayType (this=0x7f8186165400, mimeType=...) at /home/mcatanzaro/Projects/WebKit/Source/WebCore/html/HTMLMediaElement.cpp:1155
#27 0x00007f81fdce8251 in WebCore::jsHTMLMediaElementPrototypeFunction_canPlayTypeBody (lexicalGlobalObject=0x7f8186011068, callFrame=<optimized out>, castedThis=<optimized out>) at WebCore/DerivedSources/JSHTMLMediaElement.cpp:1465
#28 WebCore::IDLOperation<WebCore::JSHTMLMediaElement>::call<&WebCore::jsHTMLMediaElementPrototypeFunction_canPlayTypeBody, (WebCore::CastedThisErrorBehavior)0> (lexicalGlobalObject=..., callFrame=..., operationName=<optimized out>) at /home/mcatanzaro/Projects/WebKit/Source/WebCore/bindings/js/JSDOMOperation.h:63
#29 WebCore::jsHTMLMediaElementPrototypeFunction_canPlayType (lexicalGlobalObject=0x7f8186011068, callFrame=<optimized out>) at WebCore/DerivedSources/JSHTMLMediaElement.cpp:1470
#30 0x00007f8188008038 in ?? ()
#31 0x00007ffee5ef68b0 in ?? ()
#32 0x00007f818815b424 in ?? ()
#33 0x0000000000000000 in ?? ()

I'll attach a full backtrace.
Comment 1 Michael Catanzaro 2023-03-16 08:49:46 PDT 
I just tried to take a GStreamer log too, but I think it's crashing before it can log anything.

I wonder why accounts.google.com is creating an HTMLMediaElement.
Comment 2 Philippe Normand 2023-03-16 09:12:05 PDT 
I suspect the crash happens because we attempt to register the GStreamer elements  without any previous initialization of GStreamer.
Comment 3 Philippe Normand 2023-03-16 09:14:51 PDT 
(In reply to Michael Catanzaro from comment #1)
> I wonder why accounts.google.com is creating an HTMLMediaElement.

It's likely not. It's calling the JS canPlayType API.
Comment 4 Philippe Normand 2023-03-16 09:59:48 PDT 
Pull request: https://github.com/WebKit/WebKit/pull/11612
Comment 5 EWS 2023-03-17 03:08:15 PDT 
Committed 261786@main (18e688d4e90d): <https://commits.webkit.org/261786@main>

Reviewed commits have been landed. Closing PR #11612 and removing active labels.
Comment 6 Radar WebKit Bug Importer 2023-03-17 03:09:18 PDT 
<rdar://problem/106851302>
Comment 7 Jim Mason 2023-03-17 06:03:37 PDT 
I was also experiencing this same failure (bt below), and can confirm 261786@main resolves the issue.  Thank you!



Thread 10 received signal SIGSEGV, Segmentation fault.
[Switching to Thread 1 (LWP 1)]
0x00007ffdf0c4ab46 in gst_value_deserialize_with_pspec (dest=0xffff80eaa8c919f8, src=0x13378f80 "video", pspec=0x0) at ../../gstreamer-1.20.4/gst/gstvalue.c:6682
6682        len = gst_value_table->len;
(gdb) bt
#0  0x00007ffdf0c4ab46 in gst_value_deserialize_with_pspec
    (dest=0xffff80eaa8c919f8, src=0x13378f80 "video", pspec=0x0)
    at ../../gstreamer-1.20.4/gst/gstvalue.c:6682
#1  0x00007ffdf0c4b25f in _priv_gst_value_parse_value
    (str=<optimized out>, after=after@entry=0xffff80eaa8c919e8, value=value@entry=0xffff80eaa8c919f8, default_type=default_type@entry=0x0, pspec=pspec@entry=0x0) at ../../gstreamer-1.20.4/gst/gstvalue.c:2853
#2  0x00007ffdf0c1f7b4 in gst_structure_parse_field
    (field=0xffff80eaa8c919f0, after=<synthetic pointer>, str=0x12a617b4 "media=(string)video") at ../../gstreamer-1.20.4/gst/gststructure.c:2261
#3  priv_gst_structure_parse_fields
    (str=<optimized out>, end=end@entry=0xffff80eaa8c91a88, structure=structure@entry=0x133df500) at ../../gstreamer-1.20.4/gst/gststructure.c:2349
#4  0x00007ffdf0bb764f in gst_caps_from_string_inplace
    (string=<optimized out>, caps=0x12ac48a0 [None])
    at ../../gstreamer-1.20.4/gst/gstcaps.c:2482
#5  gst_caps_from_string (string=<optimized out>)
    at ../../gstreamer-1.20.4/gst/gstcaps.c:2521
#6  0x00007ffdf0bb78d2 in gst_static_caps_get
    (static_caps=static_caps@entry=0x7ffdfd29d650 <videoSrcTemplate+16>)
    at ../../gstreamer-1.20.4/gst/gstcaps.c:428
#7  0x00007ffdf0bf7f4e in gst_static_pad_template_get
    (pad_template=0x7ffdfd29d640 <videoSrcTemplate>)
    at ../../gstreamer-1.20.4/gst/gstpadtemplate.c:316
#8  0x00007ffdfa6a13f5 in webkit_media_stream_src_class_intern_init(void*, void*) () at /usr/lib/64/libwebkit2gtk-4.0.so.37
#9  0x00007ffdf6a78b12 in g_type_class_ref () at /usr/lib/64/libgobject-2.0.so.0
#10 0x00007ffdf0bcf13e in gst_element_register (plugin=0x0, name=0x7ffdf975bd4d "mediastreamsrc", rank=256, type=Python Exception <class 'gdb.error'> No type named TypeNode.:
) at ../../gstreamer-1.20.4/gst/gstelementfactory.c:245
#11 0x00007ffdfa614aca in std::call_once<WebCore::registerWebKitGStreamerElements()::{lambda()#1}>(std::once_flag&, WebCore::registerWebKitGStreamerElements()::{lambda()#1}&&)::{lambda()#2}::_FUN() () at /usr/lib/64/libwebkit2gtk-4.0.so.37
#12 0x00007ffdfd6a3b68 in pthread_once () at /lib/64/libc.so.1
#13 0x00007ffdfa616352 in WebCore::registerWebKitGStreamerElements() () at /usr/lib/64/libwebkit2gtk-4.0.so.37
#14 0x00007ffdfa645875 in WebCore::MediaPlayerFactoryGStreamer::supportsTypeAndCodecs(WebCore::MediaEngineSupportParameters const&) const () at /usr/lib/64/libwebkit2gtk-4.0.so.37
#15 0x00007ffdfc3f1c03 in WebCore::bestMediaEngineForSupportParameters(WebCore::MediaEngineSupportParameters const&, WTF::HashSet<WebCore::MediaPlayerFactory const*, WTF::DefaultHash<WebCore::MediaPlayerFactory const*>, WTF::HashTraits<WebCore::MediaPlayerFactory const*>, WTF::HashTableTraits> const&, WebCore::MediaPlayerFactory const*) () at /usr/lib/64/libwebkit2gtk-4.0.so.37
#16 0x00007ffdfc3f4e02 in WebCore::MediaPlayer::supportsType(WebCore::MediaEngineSupportParameters const&) () at /usr/lib/64/libwebkit2gtk-4.0.so.37
#17 0x00007ffdfbc84be8 in WebCore::HTMLMediaElement::canPlayType(WTF::String const&) const () at /usr/lib/64/libwebkit2gtk-4.0.so.37
#18 0x00007ffdfab75e0c in WebCore::jsHTMLMediaElementPrototypeFunction_canPlayType(JSC::JSGlobalObject*, JSC::CallFrame*) () at /usr/lib/64/libwebkit2gtk-4.0.so.37
#19 0x00007ffd800011d8 in  ()
#20 0xffff80eaa8c92050 in  ()
#21 0x00007ffd802210dd in  ()
#22 0x0000000000000000 in  ()
(gdb)