| Summary: | Crash under JSAudioWorkletProcessorConstructor::~JSAudioWorkletProcessorConstructor() | ||||||
|---|---|---|---|---|---|---|---|
| Product: | WebKit | Reporter: | Chris Dumez <cdumez> | ||||
| Component: | Web Audio | Assignee: | Chris Dumez <cdumez> | ||||
| Status: | RESOLVED FIXED | ||||||
| Severity: | Normal | CC: | cdumez, darin, eric.carlson, ews-watchlist, ggaren, glenn, jer.noble, philipj, sam, sergio, webkit-bug-importer | ||||
| Priority: | P2 | Keywords: | InRadar | ||||
| Version: | WebKit Nightly Build | ||||||
| Hardware: | Unspecified | ||||||
| OS: | Unspecified | ||||||
| Attachments: |
|
||||||
Created attachment 410779 [details]
Patch
Comment on attachment 410779 [details]
Patch
r=me
Committed r268159: <https://trac.webkit.org/changeset/268159> All reviewed patches have been landed. Closing bug and clearing flags on attachment 410779 [details]. |
Crash under JSAudioWorkletProcessorConstructor::~JSAudioWorkletProcessorConstructor(): ==30091==ERROR: AddressSanitizer: heap-use-after-free on address 0x62500062f010 at pc 0x000605bbbe6b bp 0x7000053f07a0 sp 0x7000053f0798 READ of size 8 at 0x62500062f010 thread T81 ==30091==WARNING: invalid path to external symbolizer! ==30091==WARNING: Failed to use and restart external symbolizer! #0 0x605bbbe6a in JSC::HandleBlock::handleSet() (/Volumes/Data/worker/trunk-catalina-asan-release-wk2-tests/build/buildToTest/WebCore.framework/Versions/A/WebCore:x86_64+0x598e6a) #1 0x605bd9173 in JSC::Strong<JSC::JSObject, (JSC::ShouldStrongDestructorGrabLock)0>::clear() (/Volumes/Data/worker/trunk-catalina-asan-release-wk2-tests/build/buildToTest/WebCore.framework/Versions/A/WebCore:x86_64+0x5b6173) #2 0x605bbbe81 in WebCore::JSCallbackDataStrong::~JSCallbackDataStrong() (/Volumes/Data/worker/trunk-catalina-asan-release-wk2-tests/build/buildToTest/WebCore.framework/Versions/A/WebCore:x86_64+0x598e81) #3 0x605b99659 in WebCore::JSAudioWorkletProcessorConstructor::~JSAudioWorkletProcessorConstructor() (/Volumes/Data/worker/trunk-catalina-asan-release-wk2-tests/build/buildToTest/WebCore.framework/Versions/A/WebCore:x86_64+0x576659) #4 0x605b997dd in WebCore::JSAudioWorkletProcessorConstructor::~JSAudioWorkletProcessorConstructor() (/Volumes/Data/worker/trunk-catalina-asan-release-wk2-tests/build/buildToTest/WebCore.framework/Versions/A/WebCore:x86_64+0x5767dd) #5 0x605c29bc4 in WTF::RefCounted<WebCore::AudioWorkletProcessorConstructor, std::__1::default_delete<WebCore::AudioWorkletProcessorConstructor> >::deref() const (/Volumes/Data/worker/trunk-catalina-asan-release-wk2-tests/build/buildToTest/WebCore.framework/Versions/A/WebCore:x86_64+0x606bc4) #6 0x607e3bcf8 in WTF::KeyValuePair<WTF::String, WTF::RefPtr<WebCore::JSAudioWorkletProcessorConstructor, WTF::DumbPtrTraits<WebCore::JSAudioWorkletProcessorConstructor>, WTF::DefaultRefDerefTraits<WebCore::JSAudioWorkletProcessorConstructor> > >::~KeyValuePair() (/Volumes/Data/worker/trunk-catalina-asan-release-wk2-tests/build/buildToTest/WebCore.framework/Versions/A/WebCore:x86_64+0x2818cf8) #7 0x607e3bb9c in WTF::HashTable<WTF::String, WTF::KeyValuePair<WTF::String, WTF::RefPtr<WebCore::JSAudioWorkletProcessorConstructor, WTF::DumbPtrTraits<WebCore::JSAudioWorkletProcessorConstructor>, WTF::DefaultRefDerefTraits<WebCore::JSAudioWorkletProcessorConstructor> > >, WTF::KeyValuePairKeyExtractor<WTF::KeyValuePair<WTF::String, WTF::RefPtr<WebCore::JSAudioWorkletProcessorConstructor, WTF::DumbPtrTraits<WebCore::JSAudioWorkletProcessorConstructor>, WTF::DefaultRefDerefTraits<WebCore::JSAudioWorkletProcessorConstructor> > > >, WTF::DefaultHash<WTF::String>, WTF::HashMap<WTF::String, WTF::RefPtr<WebCore::JSAudioWorkletProcessorConstructor, WTF::DumbPtrTraits<WebCore::JSAudioWorkletProcessorConstructor>, WTF::DefaultRefDerefTraits<WebCore::JSAudioWorkletProcessorConstructor> >, WTF::DefaultHash<WTF::String>, WTF::HashTraits<WTF::String>, WTF::HashTraits<WTF::RefPtr<WebCore::JSAudioWorkletProcessorConstructor, WTF::DumbPtrTraits<WebCore::JSAudioWorkletProcessorConstructor>, WTF::DefaultRefDerefTraits<WebCore::JSAudioWorkletProcessorConstructor> > > >::KeyValuePairTraits, WTF::HashTraits<WTF::String> >::deallocateTable(WTF::KeyValuePair<WTF::String, WTF::RefPtr<WebCore::JSAudioWorkletProcessorConstructor, WTF::DumbPtrTraits<WebCore::JSAudioWorkletProcessorConstructor>, WTF::DefaultRefDerefTraits<WebCore::JSAudioWorkletProcessorConstructor> > >*) (/Volumes/Data/worker/trunk-catalina-asan-release-wk2-tests/build/buildToTest/WebCore.framework/Versions/A/WebCore:x86_64+0x2818b9c) #8 0x607e37779 in WebCore::AudioWorkletGlobalScope::~AudioWorkletGlobalScope() (/Volumes/Data/worker/trunk-catalina-asan-release-wk2-tests/build/buildToTest/WebCore.framework/Versions/A/WebCore:x86_64+0x2814779) #9 0x607e3781d in WebCore::AudioWorkletGlobalScope::~AudioWorkletGlobalScope() (/Volumes/Data/worker/trunk-catalina-asan-release-wk2-tests/build/buildToTest/WebCore.framework/Versions/A/WebCore:x86_64+0x281481d) #10 0x605c2a194 in WTF::RefCounted<WebCore::WorkletGlobalScope, std::__1::default_delete<WebCore::WorkletGlobalScope> >::deref() const (/Volumes/Data/worker/trunk-catalina-asan-release-wk2-tests/build/buildToTest/WebCore.framework/Versions/A/WebCore:x86_64+0x607194) #11 0x607e5c406 in WTF::RefPtr<WebCore::AudioWorkletGlobalScope, WTF::DumbPtrTraits<WebCore::AudioWorkletGlobalScope>, WTF::DefaultRefDerefTraits<WebCore::AudioWorkletGlobalScope> >::operator=(std::nullptr_t) (/Volumes/Data/worker/trunk-catalina-asan-release-wk2-tests/build/buildToTest/WebCore.framework/Versions/A/WebCore:x86_64+0x2839406) #12 0x607e5bd20 in WebCore::AudioWorkletThread::workletThread() (/Volumes/Data/worker/trunk-catalina-asan-release-wk2-tests/build/buildToTest/WebCore.framework/Versions/A/WebCore:x86_64+0x2838d20) #13 0x623496803 in WTF::Thread::entryPoint(WTF::Thread::NewThreadContext*) (/Volumes/Data/worker/trunk-catalina-asan-release-wk2-tests/build/buildToTest/JavaScriptCore.framework/Versions/A/JavaScriptCore:x86_64+0x116803) #14 0x6234a1bd8 in WTF::wtfThreadEntryPoint(void*) (/Volumes/Data/worker/trunk-catalina-asan-release-wk2-tests/build/buildToTest/JavaScriptCore.framework/Versions/A/JavaScriptCore:x86_64+0x121bd8) #15 0x7fff69705108 in _pthread_start (/usr/lib/system/libsystem_pthread.dylib:x86_64+0x6108) #16 0x7fff69700b8a in thread_start (/usr/lib/system/libsystem_pthread.dylib:x86_64+0x1b8a)