228688 2021-08-01 06:26:13 -0700 RealtimeMediaSource::audioSamplesAvailable is calling malloc as part of locking in audio thread 2021-08-03 10:14:04 -0700 1 1 1 Unclassified WebKit WebRTC WebKit Nightly Build Unspecified Unspecified RESOLVED FIXED InRadar P2 Normal --- 1 youennf youennf benjamin cdumez cmarcelo eric.carlson ews-watchlist sam webkit-bug-importer youennf oldest_to_newest 1781137 0 youennf 2021-08-01 06:26:13 -0700 As per https://ews-build.s3-us-west-2.amazonaws.com/macOS-AppleSilicon-Big-Sur-Debug-WK2-Tests-EWS/r434702-9076/results.html, Thread 16 Crashed:: RemoteAudioDestinationProxy render thread 0 com.apple.JavaScriptCore 0x0000000135394554 WTFCrash + 20 (Assertions.cpp:321) 1 com.apple.JavaScriptCore 0x0000000136645510 WTFCrashWithInfo(int, char const*, char const*, int) + 32 2 com.apple.JavaScriptCore 0x00000001353d33e4 WTF::fastMalloc(unsigned long) + 260 (FastMalloc.cpp:524) 3 com.apple.JavaScriptCore 0x000000013542e994 WTF::ThreadSpecific<WTF::RefPtr<WTF::(anonymous namespace)::ThreadData, WTF::RawPtrTraits<WTF::(anonymous namespace)::ThreadData>, WTF::DefaultRefDerefTraits<WTF::(anonymous namespace)::ThreadData> >, (WTF::CanBeGCThread)1>::Data::operator new(unsigned long) + 24 (ThreadSpecific.h:75) 4 com.apple.JavaScriptCore 0x000000013542e8ec WTF::ThreadSpecific<WTF::RefPtr<WTF::(anonymous namespace)::ThreadData, WTF::RawPtrTraits<WTF::(anonymous namespace)::ThreadData>, WTF::DefaultRefDerefTraits<WTF::(anonymous namespace)::ThreadData> >, (WTF::CanBeGCThread)1>::set() + 112 (ThreadSpecific.h:186) 5 com.apple.JavaScriptCore 0x000000013542e81c WTF::ThreadSpecific<WTF::RefPtr<WTF::(anonymous namespace)::ThreadData, WTF::RawPtrTraits<WTF::(anonymous namespace)::ThreadData>, WTF::DefaultRefDerefTraits<WTF::(anonymous namespace)::ThreadData> >, (WTF::CanBeGCThread)1>::operator WTF::RefPtr<WTF::(anonymous namespace)::ThreadData, WTF::RawPtrTraits<WTF::(anonymous namespace)::ThreadData>, WTF::DefaultRefDerefTraits<WTF::(anonymous namespace)::ThreadData> >*() + 64 (ThreadSpecific.h:202) 6 com.apple.JavaScriptCore 0x000000013542e1b4 WTF::ThreadSpecific<WTF::RefPtr<WTF::(anonymous namespace)::ThreadData, WTF::RawPtrTraits<WTF::(anonymous namespace)::ThreadData>, WTF::DefaultRefDerefTraits<WTF::(anonymous namespace)::ThreadData> >, (WTF::CanBeGCThread)1>::operator*() + 24 (ThreadSpecific.h:214) 7 com.apple.JavaScriptCore 0x000000013542cbf4 WTF::(anonymous namespace)::myThreadData() + 40 (ParkingLot.cpp:456) 8 com.apple.JavaScriptCore 0x000000013542c89c WTF::ParkingLot::parkConditionallyImpl(void const*, WTF::ScopedLambda<bool ()> const&, WTF::ScopedLambda<void ()> const&, WTF::TimeWithDynamicClockType const&) + 32 (ParkingLot.cpp:570) 9 com.apple.JavaScriptCore 0x00000001353fc8a0 WTF::ParkingLot::ParkResult WTF::ParkingLot::parkConditionally<WTF::ParkingLot::ParkResult WTF::ParkingLot::compareAndPark<unsigned char, unsigned char>(WTF::Atomic<unsigned char> const*, unsigned char)::'lambda'(), WTF::ParkingLot::ParkResult WTF::ParkingLot::compareAndPark<unsigned char, unsigned char>(WTF::Atomic<unsigned char> const*, unsigned char)::'lambda0'()>(void const*, unsigned char const&, unsigned char const&, WTF::TimeWithDynamicClockType const&) + 104 (ParkingLot.h:82) 10 com.apple.JavaScriptCore 0x00000001370b4220 WTF::ParkingLot::ParkResult WTF::ParkingLot::compareAndPark<unsigned char, unsigned char>(WTF::Atomic<unsigned char> const*, unsigned char) + 104 11 com.apple.JavaScriptCore 0x00000001353fbf10 WTF::LockAlgorithm<unsigned char, (unsigned char)1, (unsigned char)2, WTF::EmptyLockHooks<unsigned char> >::lockSlow(WTF::Atomic<unsigned char>&) + 372 (LockAlgorithmInlines.h:84) 12 com.apple.JavaScriptCore 0x00000001353fbd90 WTF::Lock::lockSlow() + 24 (Lock.cpp:46) 13 com.apple.WebCore 0x000000011455bdd0 WTF::Lock::lock() + 64 14 com.apple.WebCore 0x000000011504fb14 WTF::Locker<WTF::Lock>::Locker(WTF::Lock&) + 68 15 com.apple.WebCore 0x000000011455bd78 WTF::Locker<WTF::Lock>::Locker(WTF::Lock&) + 40 16 com.apple.WebCore 0x0000000118602428 WebCore::RealtimeMediaSource::audioSamplesAvailable(WTF::MediaTime const&, WebCore::PlatformAudioData const&, WebCore::AudioStreamDescription const&, unsigned long) + 80 17 com.apple.WebCore 0x00000001143fee90 WebCore::MediaStreamAudioSource::consumeAudio(WebCore::AudioBus&, unsigned long) + 812 18 com.apple.WebCore 0x00000001163f3ea4 WebCore::MediaStreamAudioDestinationNode::process(unsigned long) + 92 19 com.apple.WebCore 0x0000000116321744 WebCore::AudioNode::processIfNecessary(unsigned long) + 388 20 com.apple.WebCore 0x0000000116375a84 WebCore::BaseAudioContext::processAutomaticPullNodes(unsigned long) + 184 21 com.apple.WebCore 0x000000011631cd38 WebCore::AudioDestinationNode::renderQuantum(WebCore::AudioBus*, unsigned long, WebCore::AudioIOPosition const&) + 456 22 com.apple.WebCore 0x00000001163c9488 WebCore::DefaultAudioDestinationNode::render(WebCore::AudioBus*, WebCore::AudioBus*, unsigned long, WebCore::AudioIOPosition const&) + 60 1781138 1 youennf 2021-08-01 06:27:51 -0700 Lock::unlockSlow() is using DisableMallocRestrictionsForCurrentThreadScope disableMallocRestrictions. Maybe Lock::slow()should do the same. 1781139 2 434720 youennf 2021-08-01 06:39:02 -0700 Created attachment 434720 Patch 1781641 3 ews-feeder 2021-08-03 10:05:24 -0700 Committed r280600 (?): <https://commits.webkit.org/r280600> All reviewed patches have been landed. Closing bug and clearing flags on attachment 434720. 1781644 4 webkit-bug-importer 2021-08-03 10:14:04 -0700 <rdar://problem/81467792> 434720 2021-08-01 06:39:02 -0700 2021-08-03 10:05:25 -0700 Patch bug-228688-20210801153900.patch text/plain 3019 youennf U3VidmVyc2lvbiBSZXZpc2lvbjogMjgwNDgxCmRpZmYgLS1naXQgYS9Tb3VyY2UvV1RGL0NoYW5n ZUxvZyBiL1NvdXJjZS9XVEYvQ2hhbmdlTG9nCmluZGV4IDVkYTdhMDhjZjc2ODk4ZDk2ZmQ0ODc1 NGY1NWY3NmVjMjFhMTJjNWIuLjk1NTE5OTQzZjY4YThlMDIzNzFkNTQ5MDI2NjFmMTY2ZWQ0MzY2 OTQgMTAwNjQ0Ci0tLSBhL1NvdXJjZS9XVEYvQ2hhbmdlTG9nCisrKyBiL1NvdXJjZS9XVEYvQ2hh bmdlTG9nCkBAIC0xLDMgKzEsMTcgQEAKKzIwMjEtMDgtMDEgIFlvdWVubiBGYWJsZXQgIDx5b3Vl bm5AYXBwbGUuY29tPgorCisgICAgICAgIFJlYWx0aW1lTWVkaWFTb3VyY2U6OmF1ZGlvU2FtcGxl c0F2YWlsYWJsZSBpcyBjYWxsaW5nIG1hbGxvYyBhcyBwYXJ0IG9mIGxvY2tpbmcgaW4gYXVkaW8g dGhyZWFkCisgICAgICAgIGh0dHBzOi8vYnVncy53ZWJraXQub3JnL3Nob3dfYnVnLmNnaT9pZD0y Mjg2ODgKKworICAgICAgICBSZXZpZXdlZCBieSBOT0JPRFkgKE9PUFMhKS4KKworICAgICAgICBB bGxvdyBhbGxvY2F0aW9ucyBpbiBsb2NrU2xvdyBzaW5jZSBhbGxvY2F0aW9ucyBtaWdodCBoYXBw ZW4gaW4gcmFyZSBjYXNlIGFuZCBub3QgZm9yIGVhY2ggbG9ja1Nsb3cgY2FsbC4KKworICAgICAg ICAqIHd0Zi9Mb2NrLmNwcDoKKyAgICAgICAgKFdURjo6TG9jazo6bG9ja1Nsb3cpOgorICAgICAg ICAoV1RGOjpMb2NrOjp1bmxvY2tTbG93KToKKyAgICAgICAgKFdURjo6TG9jazo6dW5sb2NrRmFp cmx5U2xvdyk6CisKIDIwMjEtMDgtMDEgIFlvdWVubiBGYWJsZXQgIDx5b3Vlbm5AYXBwbGUuY29t PgogCiAgICAgICAgIEludHJvZHVjZSBhbiBleHBlcmltZW50YWwgZmVhdHVyZSB0byB0b2dnbGUg V2ViUlRDIHNvY2tldCBwcm94eWluZwpkaWZmIC0tZ2l0IGEvU291cmNlL1dURi93dGYvTG9jay5j cHAgYi9Tb3VyY2UvV1RGL3d0Zi9Mb2NrLmNwcAppbmRleCA1MGVmMmVhZjU3OTJhOTBlMDI5YmY4 YWUwYWVmOGQwMWU1OWM0Y2IzLi5hYjIxNDBjMmU1NmM2NDJlODU4MjQ3Mjk4MTRkMGNhZGYwY2I3 NjhlIDEwMDY0NAotLS0gYS9Tb3VyY2UvV1RGL3d0Zi9Mb2NrLmNwcAorKysgYi9Tb3VyY2UvV1RG L3d0Zi9Mb2NrLmNwcApAQCAtNDMsMTMgKzQzLDE4IEBAIHZvaWQgTG9jazo6bG9ja1Nsb3coKQog ewogICAgIGlmIChwcm9maWxlTG9ja0NvbnRlbnRpb24pCiAgICAgICAgIFNUQUNLX1NIT1RfUFJP RklMRSg0LCAyLCA1KTsKKworICAgIC8vIEhlYXAgYWxsb2NhdGlvbnMgYXJlIGZvcmJpZGRlbiBv biBjZXJ0YWluIHRocmVhZHMgKGUuZy4gYXVkaW8gcmVuZGVyaW5nIHRocmVhZCkgZm9yIHBlcmZv cm1hbmNlIHJlYXNvbnMgc28gd2UgbmVlZCB0bworICAgIC8vIGV4cGxpY2l0bHkgYWxsb3cgdGhl IGZvbGxvd2luZyBhbGxvY2F0aW9uKHMpLiBJbiBzb21lIHJhcmUgY2FzZXMsIHRoZSBsb2NrU2xv dygpIGFsZ29yaXRobSBtYXkgY2F1c2UgYWxsb2NhdGlvbnMuCisgICAgRGlzYWJsZU1hbGxvY1Jl c3RyaWN0aW9uc0ZvckN1cnJlbnRUaHJlYWRTY29wZSBkaXNhYmxlTWFsbG9jUmVzdHJpY3Rpb25z OworCiAgICAgRGVmYXVsdExvY2tBbGdvcml0aG06OmxvY2tTbG93KG1fYnl0ZSk7CiB9CiAKIHZv aWQgTG9jazo6dW5sb2NrU2xvdygpCiB7Ci0gICAgLy8gSGVhcCBhbGxvY2F0aW9ucyBhcmUgZm9y YmlkZGVuIG9uIHRoZSBjZXJ0YWluIHRocmVhZHMgKGUuZy4gYXVkaW8gcmVuZGVyaW5nIHRocmVh ZCkgZm9yIHBlcmZvcm1hbmNlIHJlYXNvbnMgc28gd2UgbmVlZCB0bwotICAgIC8vIGV4cGxpY2l0 bHkgYWxsb3cgdGhlIGZvbGxvd2luZyBhbGxvY2F0aW9uKHMpLiBJbiBzb21lIHJhcmUgY2FzZXMs IHRoZSB1bmxvY2tTbG93KCkgYWxnb3JpdGggbWF5IGNhdXNlIGFsbG9jYXRpb25zLgorICAgIC8v IEhlYXAgYWxsb2NhdGlvbnMgYXJlIGZvcmJpZGRlbiBvbiBjZXJ0YWluIHRocmVhZHMgKGUuZy4g YXVkaW8gcmVuZGVyaW5nIHRocmVhZCkgZm9yIHBlcmZvcm1hbmNlIHJlYXNvbnMgc28gd2UgbmVl ZCB0bworICAgIC8vIGV4cGxpY2l0bHkgYWxsb3cgdGhlIGZvbGxvd2luZyBhbGxvY2F0aW9uKHMp LiBJbiBzb21lIHJhcmUgY2FzZXMsIHRoZSB1bmxvY2tTbG93KCkgYWxnb3JpdGhtIG1heSBjYXVz ZSBhbGxvY2F0aW9ucy4KICAgICBEaXNhYmxlTWFsbG9jUmVzdHJpY3Rpb25zRm9yQ3VycmVudFRo cmVhZFNjb3BlIGRpc2FibGVNYWxsb2NSZXN0cmljdGlvbnM7CiAKICAgICBEZWZhdWx0TG9ja0Fs Z29yaXRobTo6dW5sb2NrU2xvdyhtX2J5dGUsIERlZmF1bHRMb2NrQWxnb3JpdGhtOjpVbmZhaXIp OwpAQCAtNTcsOCArNjIsOCBAQCB2b2lkIExvY2s6OnVubG9ja1Nsb3coKQogCiB2b2lkIExvY2s6 OnVubG9ja0ZhaXJseVNsb3coKQogewotICAgIC8vIEhlYXAgYWxsb2NhdGlvbnMgYXJlIGZvcmJp ZGRlbiBvbiB0aGUgY2VydGFpbiB0aHJlYWRzIChlLmcuIGF1ZGlvIHJlbmRlcmluZyB0aHJlYWQp IGZvciBwZXJmb3JtYW5jZSByZWFzb25zIHNvIHdlIG5lZWQgdG8KLSAgICAvLyBleHBsaWNpdGx5 IGFsbG93IHRoZSBmb2xsb3dpbmcgYWxsb2NhdGlvbihzKS4gSW4gc29tZSByYXJlIGNhc2VzLCB0 aGUgdW5sb2NrU2xvdygpIGFsZ29yaXRoIG1heSBjYXVzZSBhbGxvY2F0aW9ucy4KKyAgICAvLyBI ZWFwIGFsbG9jYXRpb25zIGFyZSBmb3JiaWRkZW4gb24gY2VydGFpbiB0aHJlYWRzIChlLmcuIGF1 ZGlvIHJlbmRlcmluZyB0aHJlYWQpIGZvciBwZXJmb3JtYW5jZSByZWFzb25zIHNvIHdlIG5lZWQg dG8KKyAgICAvLyBleHBsaWNpdGx5IGFsbG93IHRoZSBmb2xsb3dpbmcgYWxsb2NhdGlvbihzKS4g SW4gc29tZSByYXJlIGNhc2VzLCB0aGUgdW5sb2NrU2xvdygpIGFsZ29yaXRobSBtYXkgY2F1c2Ug YWxsb2NhdGlvbnMuCiAgICAgRGlzYWJsZU1hbGxvY1Jlc3RyaWN0aW9uc0ZvckN1cnJlbnRUaHJl YWRTY29wZSBkaXNhYmxlTWFsbG9jUmVzdHJpY3Rpb25zOwogCiAgICAgRGVmYXVsdExvY2tBbGdv cml0aG06OnVubG9ja1Nsb3cobV9ieXRlLCBEZWZhdWx0TG9ja0FsZ29yaXRobTo6RmFpcik7Cg==