Bug 200547

Summary:

Fix thread safety issue in AudioSampleDataSource() constructor

Product:

WebKit

Reporter:

Chris Dumez <cdumez>

Component:

Media

Assignee:

Chris Dumez <cdumez>

Status:

RESOLVED FIXED

Severity:

Normal

CC:

achristensen, benjamin, cmarcelo, commit-queue, dbates, eric.carlson, ews-watchlist, ggaren, jer.noble, rniwa, webkit-bug-importer, youennf

Priority:

Keywords:

InRadar

Version:

WebKit Nightly Build

Hardware:

Unspecified

OS:

Unspecified

Bug Depends on:

Bug Blocks:

200507

Attachments:

Description	Flags
Patch	none

Description Chris Dumez 2019-08-08 15:10:19 PDT

Fix thread safety issue in AudioSampleDataSource() constructor:
Thread 9 Crashed:: WebKitWebRTCAudioModule
0   com.apple.WebCore             	0x000000010850ef83 WTFCrashWithInfo(int, char const*, char const*, int) + 19
1   com.apple.WebCore             	0x0000000108758b21 WebCore::AudioSampleDataSource::AudioSampleDataSource(unsigned long, WebCore::MediaStreamTrackPrivate&) + 289
2   com.apple.WebCore             	0x00000001087589cf WebCore::AudioSampleDataSource::create(unsigned long, WebCore::MediaStreamTrackPrivate&) + 47
3   com.apple.WebCore             	0x0000000108931557 WebCore::WebAudioSourceProviderAVFObjC::prepare(AudioStreamBasicDescription const&) + 855
4   com.apple.WebCore             	0x0000000108931a1c WebCore::WebAudioSourceProviderAVFObjC::audioSamplesAvailable(WebCore::MediaStreamTrackPrivate&, WTF::MediaTime const&, WebCore::PlatformAudioData const&, WebCore::AudioStreamDescription const&, unsigned long) + 92
5   com.apple.WebCore             	0x0000000109a85cec WebCore::MediaStreamTrackPrivate::forEachObserver(WTF::Function<void (WebCore::MediaStreamTrackPrivate::Observer&)> const&) const + 732
6   com.apple.WebCore             	0x0000000109a86926 WebCore::MediaStreamTrackPrivate::audioSamplesAvailable(WTF::MediaTime const&, WebCore::PlatformAudioData const&, WebCore::AudioStreamDescription const&, unsigned long) + 102
7   com.apple.WebCore             	0x0000000109a887cc WebCore::RealtimeMediaSource::forEachObserver(WTF::Function<void (WebCore::RealtimeMediaSource::Observer&)> const&) const + 748
8   com.apple.WebCore             	0x0000000109a88b5c WebCore::RealtimeMediaSource::audioSamplesAvailable(WTF::MediaTime const&, WebCore::PlatformAudioData const&, WebCore::AudioStreamDescription const&, unsigned long) + 92
9   com.apple.WebCore             	0x0000000109aa775e WebCore::RealtimeIncomingAudioSourceCocoa::OnData(void const*, int, int, unsigned long, unsigned long) + 558
10  libwebrtc.dylib               	0x000000010650287d webrtc::RemoteAudioSource::AudioDataProxy::OnData(webrtc::AudioSinkInterface::Data const&) + 77
11  libwebrtc.dylib               	0x0000000106395726 webrtc::voe::(anonymous namespace)::ChannelReceive::GetAudioFrameWithInfo(int, webrtc::AudioFrame*) + 246
12  libwebrtc.dylib               	0x0000000106358574 webrtc::AudioMixerImpl::GetAudioFromSources() + 164
13  libwebrtc.dylib               	0x00000001063582a7 webrtc::AudioMixerImpl::Mix(unsigned long, webrtc::AudioFrame*) + 71
14  libwebrtc.dylib               	0x000000010636a79a webrtc::AudioTransportImpl::PullRenderData(int, int, unsigned long, unsigned long, void*, long long*, long long*) + 58
15  com.apple.WebCore             	0x00000001085d1e4d WebCore::LibWebRTCAudioModule::PollFromSource() + 189
16  com.apple.WebCore             	0x00000001085d1cb8 non-virtual thunk to WebCore::LibWebRTCAudioModule::OnMessage(rtc::Message*) + 40
17  libwebrtc.dylib               	0x0000000106442154 rtc::MessageQueue::Dispatch(rtc::Message*) + 212
18  libwebrtc.dylib               	0x00000001065bcfdc rtc::Thread::ProcessMessages(int) + 284
19  libwebrtc.dylib               	0x00000001065bce2d rtc::Thread::PreRun(void*) + 173
20  libsystem_pthread.dylib       	0x00000001045682eb _pthread_body + 126
21  libsystem_pthread.dylib       	0x000000010456b249 _pthread_start + 66
22  libsystem_pthread.dylib       	0x000000010456740d thread_start + 13

I think the Logger is getting ref'd / deref'd from several thread and is not ThreadSafeRefCounted. I am in the process of confirming.

Comment 1 Chris Dumez 2019-08-08 15:18:08 PDT

Created attachment 375845 [details]
Patch

Comment 2 Chris Dumez 2019-08-08 15:57:14 PDT

Comment on attachment 375845 [details]
Patch

Clearing flags on attachment: 375845

Committed r248446: <https://trac.webkit.org/changeset/248446>

Comment 3 Chris Dumez 2019-08-08 15:57:16 PDT

All reviewed patches have been landed.  Closing bug.

Comment 4 Radar WebKit Bug Importer 2019-08-08 15:58:20 PDT

<rdar://problem/54100643>