GNOME Bugzilla – Bug 787293
glimagesink: met segment fault when exit app on wayland
Last modified: 2017-12-06 19:26:04 UTC
I notice that there will be Segmentation fault when stop glimagesink in wayland. The root cause is that eglTerminate call is integrated into GstGLDisplyEGL, GstGLDisplayWayland will hold an instance of GstGLDisplyEGL when egl context call to gst_gl_display_egl_from_gl_display. When we unref GstGLDisplayWayland, seems that it will destroy GstGLDisplayWayland first and the destroy the hold instance of GstGLDisplyEGL. This will cause eglTerminate be called after wl_display_disconnect which lead to Segmentation fault.
Created attachment 359157 [details] [review] glimagesink: fix segmentation fault when stop glimagesink wayland
Review of attachment 359157 [details] [review]: This introduces a use-after-free case as calling the superclass ->finalize() will free() the instance. Accessing any variables in the instance is thus undefined behaviour.
(In reply to Matthew Waters (ystreet00) from comment #2) > Review of attachment 359157 [details] [review] [review]: > > This introduces a use-after-free case as calling the superclass ->finalize() > will free() the instance. Accessing any variables in the instance is thus > undefined behaviour. Yes, This is just a workaround. Do you have any ideal to fix this issue?
Created attachment 359161 [details] [review] gl/wayland: call eglTerminate() before wl_display_disconnect() Like this?
(In reply to Matthew Waters (ystreet00) from comment #4) > Created attachment 359161 [details] [review] [review] > gl/wayland: call eglTerminate() before wl_display_disconnect() > > Like this? Yes, I have a similar solution with yours
commit 3f2a3d0db928e47c1b2f1074ff7c72a69396147a Author: Matthew Waters <matthew@centricular.com> Date: Tue Sep 5 16:14:02 2017 +1000 gl/wayland: call eglTerminate() before wl_display_disconnect() Calling these two functions in the wrong order will result in use-after-free inside wayland. https://bugzilla.gnome.org/show_bug.cgi?id=787293
Should we get this into 1.12? See IRC backlog: <seb128> is the fix for https://bugzilla.gnome.org/show_bug.cgi?id=787293 something that would make sense to backport to 1.12? <seb128> I think the issue we see in ubuntu artful on wayland due to that <seb128> e.g https://bugs.launchpad.net/ubuntu/+source/shotwell/+bug/1718595
(In reply to Sebastian Dröge (slomo) from comment #7) > Should we get this into 1.12? See IRC backlog: > > <seb128> is the fix for https://bugzilla.gnome.org/show_bug.cgi?id=787293 > something that would make sense to backport to 1.12? > <seb128> I think the issue we see in ubuntu artful on wayland due to that > <seb128> e.g https://bugs.launchpad.net/ubuntu/+source/shotwell/+bug/1718595 Hi Sebastian, I think 1.12 need this bugfix. I have backport this fix to my project based on 1.12.2
Backported, I kept hitting that one, so I thought maybe I should find back how we fixed it ;-P commit bfce027d81e60d02fdd1ed64516587c9fd67d953 (HEAD -> 1.12) Author: Matthew Waters <matthew@centricular.com> Date: Tue Sep 5 16:14:02 2017 +1000 gl/wayland: call eglTerminate() before wl_display_disconnect() Calling these two functions in the wrong order will result in use-after-free inside wayland. https://bugzilla.gnome.org/show_bug.cgi?id=787293