Firefox Nightly 81.0a1 (2020-7-30) on Wayland with WebRender and opengl acceleration enabled in Plasma 5.19.3 in Fedora Rawhide crashed when I clicked on the Privacy Badger icon at the top right. The crash report showed the segmentation fault was at libEGL_mesa.so.0@0x2a24d in mesa-libEGL-20.1.4-1.fc33.x86_64 at a crash address of 0x8 in the Renderer thread.
gdb showed that libEGL_mesa.so.0@0x2a24d was in update buffers in platform_wayland.c:675 as in the original crash I reported here.
(gdb) info line *0x2a24d
Line 675 of "../src/egl/drivers/dri2/platform_wayland.c" starts at address 0x2a246 <update_buffers+38>
and ends at 0x2a257 <update_buffers+55>.
(gdb) info line *0x2a7c7
Line 810 of "../src/egl/drivers/dri2/platform_wayland.c"
starts at address 0x2a7b4 <image_get_buffers+4> and ends at 0x2a7d2 <image_get_buffers+34>.
This crash has been infrequent. I guess that a race condition between when the Wayland buffer for the popup was created by Firefox and when it was used by update_buffers in libEGL_mesa.so.0 after occasionally being changed to an invalid pointer might have happened.