Bug 219066 - [WebRTC] webrtc/audio-sframe.html is flaky crashing since added in r269830
Summary: [WebRTC] webrtc/audio-sframe.html is flaky crashing since added in r269830
Status: RESOLVED FIXED
Alias: None
Product: WebKit
Classification: Unclassified
Component: WebRTC (show other bugs)
Version: WebKit Nightly Build
Hardware: Unspecified Unspecified
: P2 Normal
Assignee: youenn fablet
URL:
Keywords: InRadar
Depends on:
Blocks:
 
Reported: 2020-11-17 20:52 PST by Lauro Moura
Modified: 2020-11-27 00:52 PST (History)
3 users (show)

See Also:

Attachments
GTK crash log (89.74 KB, text/plain)
2020-11-17 20:52 PST, Lauro Moura 		no flags Details
Patch (2.83 KB, patch)
2020-11-27 00:25 PST, youenn fablet 		no flags Details | Formatted Diff | Diff
View All Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description Lauro Moura 2020-11-17 20:52:11 PST 
Created attachment 414407 [details]
GTK crash log

webrtc/audio-sframe.html

Crashing frequently on GTK/WPE, and less often on iOs 14 on iPhone SE 1st gen, and Catalina/Mojave Release on Mac Mini.

Full GTK crash log attached. Crashing stack below:

Thread 1 (Thread 0x7f812a10f9c0 (LWP 19256)):
#0  0x00007f8130ba1e0e in WTFCrash () at /app/webkit/WebKitBuild/Release/lib/libjavascriptcoregtk-4.0.so.18
#1  0x00007f8133cecdfd in WebCore::toJSNewlyCreated(JSC::JSGlobalObject*, WebCore::JSDOMGlobalObject*, WTF::Ref<WebCore::RTCRtpTransform, WTF::RawPtrTraits<WebCore::RTCRtpTransform> >&&) () at /app/webkit/WebKitBuild/Release/lib/libwebkit2gtk-4.0.so.37
#2  0x00007f8133cecf12 in WebCore::toJS(JSC::JSGlobalObject*, WebCore::JSDOMGlobalObject*, WebCore::RTCRtpTransform&) () at /app/webkit/WebKitBuild/Release/lib/libwebkit2gtk-4.0.so.37
#3  0x00007f8133cb5bf1 in WebCore::jsRTCRtpReceiver_transform(JSC::JSGlobalObject*, long, JSC::PropertyName) () at /app/webkit/WebKitBuild/Release/lib/libwebkit2gtk-4.0.so.37
#4  0x00007f813090373c in JSC::PropertySlot::customGetter(JSC::JSGlobalObject*, JSC::PropertyName) const () at /app/webkit/WebKitBuild/Release/lib/libjavascriptcoregtk-4.0.so.18
#5  0x00007f81304df330 in JSC::operationGetByIdOptimize(JSC::JSGlobalObject*, JSC::StructureStubInfo*, long, unsigned long) () at /app/webkit/WebKitBuild/Release/lib/libjavascriptcoregtk-4.0.so.18
#6  0x00007f80e941a34e in  ()
#7  0x00007f80ac6c6d00 in  ()
#8  0x000000000000000a in  ()
#9  0x00007f80e2a00000 in  ()
#10 0x00007f81300451ba in void* JSC::allocateCell<JSC::JSLexicalEnvironment>(JSC::Heap&, unsigned long) () at /app/webkit/WebKitBuild/Release/lib/libjavascriptcoregtk-4.0.so.18
#11 0x00007f81307236dc in slow_path_create_lexical_environment () at /app/webkit/WebKitBuild/Release/lib/libjavascriptcoregtk-4.0.so.18
#12 0xfffe000000000002 in  ()
#13 0x00007ffd0a7d1780 in  ()
#14 0x00007f812fa88503 in llint_op_call () at /app/webkit/WebKitBuild/Release/lib/libjavascriptcoregtk-4.0.so.18
#15 0x00007f80ac6c3840 in  ()
#16 0x00007f80e087bde0 in  ()
#17 0x0000034c00000006 in  ()
#18 0x00007f80284c77a0 in  ()
#19 0x00007f80c4282f88 in  ()
#20 0xfffe000000000005 in  ()
#21 0x000000000000000a in  ()
#22 0xfffe000000000000 in  ()
#23 0x00007f80ac6df930 in  ()
#24 0x0000000000000000 in  ()
Comment 1 Lauro Moura 2020-11-17 20:55:13 PST 
Clarification: The iOS failures are on Simulator.

Link to results history:

https://results.webkit.org/?suite=layout-tests&test=webrtc%2Faudio-sframe.html
Comment 2 Lauro Moura 2020-11-17 21:01:34 PST 
Gardened in r269941
Comment 3 Radar WebKit Bug Importer 2020-11-26 03:23:18 PST 
<rdar://problem/71747778>
Comment 4 youenn fablet 2020-11-27 00:25:24 PST 
Created attachment 414918 [details]
Patch
Comment 5 EWS 2020-11-27 00:52:09 PST 
Committed r270183: <https://trac.webkit.org/changeset/270183>

All reviewed patches have been landed. Closing bug and clearing flags on attachment 414918 [details].