Skip to content

OpenGL / Windows: Crash when closing gtk4-widget-factory

The issue reproduces only when the GtkVideo widget is not able to play the video. That can be tested by running gtk4-widget-factory with the environment variable GST_PLUGIN_FEATURE_RANK=matroskademux:0

How to reproduce:

  • Run GST_PLUGIN_FEATURE_RANK=matroskademux:0 gtk4-widget-factory
  • Close the window

What happens:

Thread "GstPlay" causes an access violation with the following stacktrace:

* thread #38, stop reason = Exception 0xc0000005 encountered at address 0x000000: User-mode data execution prevention (DEP) violation at location 0x00000000
    frame #0: 0x0000000000000000
error: Only part of a ReadProcessMemory or WriteProcessMemory request was completed. 
(lldb) bt
* thread #38, stop reason = Exception 0xc0000005 encountered at address 0x000000: User-mode data execution prevention (DEP) violation at location 0x00000000
  * frame #0: 0x0000000000000000
    frame #1: 0x00007ffecf0f9098 libgtk-4-1.dll`gdk_win32_display_get_wgl_version + 2760
    frame #2: 0x00007ffef80aedf3 libgobject-2.0-0.dll`g_object_unref + 291
    frame #3: 0x00007ffee5b72e18 libmedia-gstreamer.dll`g_io_module_query + 6344        
    frame #4: 0x00007ffef80aedf3 libgobject-2.0-0.dll`g_object_unref + 291
    frame #5: 0x00007ffecdcc6df9 libgstopengl.dll`gst_plugin_opengl_register + 23033    
    frame #6: 0x00007ffef80aeec7 libgobject-2.0-0.dll`g_object_unref + 503
    frame #7: 0x00007ffecdb60749 libgstplayback.dll`gst_plugin_playback_register + 13993
    frame #8: 0x00007ffef80aeec7 libgobject-2.0-0.dll`g_object_unref + 503
    frame #9: 0x00007ffee211907e libgstplay-1.0-0.dll`gst_play_message_parse_muted_changed + 10926
    frame #10: 0x00007ffed1980cc1 libglib-2.0-0.dll`g_thread_unref + 113
    frame #11: 0x00007ffed19b4e47 libglib-2.0-0.dll`g_private_replace + 663
    frame #12: 0x00007fff0ce91bb2 ucrtbase.dll`_configthreadlocale + 146
    frame #13: 0x00007fff0d417614 kernel32.dll`BaseThreadInitThunk + 20
    frame #14: 0x00007fff0f4026a1 ntdll.dll`RtlUserThreadStart + 33

It looks like a GObject is finalized in a background thread (GdkGLContext?) and I'm not sure if the finalize code is made to be called outside of the UI thread.

Actually the access violation is caused by gdk_win32_display_get_wgl_version calling a NULL function pointer, most likely a GL procedure returned by libepoxy. If no OpenGL context is current, libepoxy returns NULL (on Windows).

Edited by Luca Bacci