WebKit Bugzilla
New
Browse
Log In
×
Sign in with GitHub
or
Remember my login
Create Account
·
Forgot Password
Forgotten password account recovery
RESOLVED FIXED
223529
Avoid heap allocation under AudioNodeInput::disable() / AudioNodeInput::enable()
https://bugs.webkit.org/show_bug.cgi?id=223529
Summary
Avoid heap allocation under AudioNodeInput::disable() / AudioNodeInput::enable()
Chris Dumez
Reported
2021-03-19 11:43:28 PDT
Avoid heap allocation under AudioNodeInput::disable() / AudioNodeInput::enable(): Thread 10 Crashed:: offline renderer 0 com.apple.JavaScriptCore 0x0000000177be026e WTFCrash + 14 (Assertions.cpp:295) 1 com.apple.JavaScriptCore 0x0000000179382cfb WTFCrashWithInfo(int, char const*, char const*, int) + 27 (Assertions.h:671) 2 com.apple.JavaScriptCore 0x0000000177c1d9ab WTF::fastMalloc(unsigned long) + 235 (FastMalloc.cpp:524) 3 com.apple.JavaScriptCore 0x0000000177c1d895 WTF::fastZeroedMalloc(unsigned long) + 21 (FastMalloc.cpp:114) 4 com.apple.WebCore 0x0000000158917e85 WTF::FastMalloc::zeroedMalloc(unsigned long) + 21 (FastMalloc.h:284) 5 com.apple.WebCore 0x000000015ab37c53 WTF::HashTable<WebCore::AudioNodeOutput*, WebCore::AudioNodeOutput*, WTF::IdentityExtractor, WTF::DefaultHash<WebCore::AudioNodeOutput*>, WTF::HashTraits<WebCore::AudioNodeOutput*>, WTF::HashTraits<WebCore::AudioNodeOutput*> >::allocateTable(unsigned int) + 35 (HashTable.h:1215) 6 com.apple.WebCore 0x000000015ab3795a WTF::HashTable<WebCore::AudioNodeOutput*, WebCore::AudioNodeOutput*, WTF::IdentityExtractor, WTF::DefaultHash<WebCore::AudioNodeOutput*>, WTF::HashTraits<WebCore::AudioNodeOutput*>, WTF::HashTraits<WebCore::AudioNodeOutput*> >::rehash(unsigned int, WebCore::AudioNodeOutput**) + 74 (HashTable.h:1327) 7 com.apple.WebCore 0x000000015ab37358 WTF::HashTable<WebCore::AudioNodeOutput*, WebCore::AudioNodeOutput*, WTF::IdentityExtractor, WTF::DefaultHash<WebCore::AudioNodeOutput*>, WTF::HashTraits<WebCore::AudioNodeOutput*>, WTF::HashTraits<WebCore::AudioNodeOutput*> >::expand(WebCore::AudioNodeOutput**) + 120 (HashTable.h:1249) 8 com.apple.WebCore 0x000000015ab522f3 WTF::HashTableAddResult<WTF::HashTableIterator<WebCore::AudioNodeOutput*, WebCore::AudioNodeOutput*, WTF::IdentityExtractor, WTF::DefaultHash<WebCore::AudioNodeOutput*>, WTF::HashTraits<WebCore::AudioNodeOutput*>, WTF::HashTraits<WebCore::AudioNodeOutput*> > > WTF::HashTable<WebCore::AudioNodeOutput*, WebCore::AudioNodeOutput*, WTF::IdentityExtractor, WTF::DefaultHash<WebCore::AudioNodeOutput*>, WTF::HashTraits<WebCore::AudioNodeOutput*>, WTF::HashTraits<WebCore::AudioNodeOutput*> >::add<WTF::IdentityHashTranslator<WTF::HashTraits<WebCore::AudioNodeOutput*>, WTF::DefaultHash<WebCore::AudioNodeOutput*> >, WebCore::AudioNodeOutput* const&, WebCore::AudioNodeOutput* const&>(WebCore::AudioNodeOutput* const&, WebCore::AudioNodeOutput* const&) + 115 (HashTable.h:934) 9 com.apple.WebCore 0x000000015ab5226a WTF::HashTable<WebCore::AudioNodeOutput*, WebCore::AudioNodeOutput*, WTF::IdentityExtractor, WTF::DefaultHash<WebCore::AudioNodeOutput*>, WTF::HashTraits<WebCore::AudioNodeOutput*>, WTF::HashTraits<WebCore::AudioNodeOutput*> >::add(WebCore::AudioNodeOutput* const&) + 74 (HashTable.h:466) 10 com.apple.WebCore 0x000000015ab3223b WTF::HashSet<WebCore::AudioNodeOutput*, WTF::DefaultHash<WebCore::AudioNodeOutput*>, WTF::HashTraits<WebCore::AudioNodeOutput*> >::add(WebCore::AudioNodeOutput* const&) + 43 (HashSet.h:239) 11 com.apple.WebCore 0x000000015ab3217a WebCore::AudioNodeInput::disable(WebCore::AudioNodeOutput*) + 298 (AudioNodeInput.cpp:97) 12 com.apple.WebCore 0x000000015ab30eda WebCore::AudioNodeOutput::disable() + 346 (AudioNodeOutput.cpp:230) 13 com.apple.WebCore 0x000000015ab30d62 WebCore::AudioNode::disableOutputs() + 98 (AudioNode.cpp:553) 14 com.apple.WebCore 0x000000015ab30cf1 WebCore::AudioNode::disableOutputsIfNecessary() + 97 (AudioNode.cpp:545) 15 com.apple.WebCore 0x000000015ab31228 WebCore::AudioNode::decrementConnectionCountWithLock() + 312 (AudioNode.cpp:616) 16 com.apple.WebCore 0x000000015ab31014 WebCore::AudioNode::decrementConnectionCount() + 132 (AudioNode.cpp:587) 17 com.apple.WebCore 0x000000015ab4f17e WebCore::AudioNodeConnectionRefDerefTraits<WebCore::AudioNode>::derefIfNotNull(WebCore::AudioNode*) + 46 (AudioNode.h:284) 18 com.apple.WebCore 0x000000015ab4f149 WTF::RefPtr<WebCore::AudioNode, WTF::RawPtrTraits<WebCore::AudioNode>, WebCore::AudioNodeConnectionRefDerefTraits<WebCore::AudioNode> >::~RefPtr() + 41 (RefPtr.h:73) 19 com.apple.WebCore 0x000000015ab4f115 WTF::RefPtr<WebCore::AudioNode, WTF::RawPtrTraits<WebCore::AudioNode>, WebCore::AudioNodeConnectionRefDerefTraits<WebCore::AudioNode> >::~RefPtr() + 21 (RefPtr.h:73) 20 com.apple.WebCore 0x000000015ab8c8d7 unsigned int WTF::Vector<WTF::RefPtr<WebCore::AudioNode, WTF::RawPtrTraits<WebCore::AudioNode>, WebCore::AudioNodeConnectionRefDerefTraits<WebCore::AudioNode> >, 0ul, WTF::CrashOnOverflow, 16ul, WTF::FastMalloc>::removeAllMatching<bool (WTF::RefPtr<WebCore::AudioNode, WTF::RawPtrTraits<WebCore::AudioNode>, WebCore::AudioNodeConnectionRefDerefTraits<WebCore::AudioNode> > const&)>(bool const(&)(WTF::RefPtr<WebCore::AudioNode, WTF::RawPtrTraits<WebCore::AudioNode>, WebCore::AudioNodeConnectionRefDerefTraits<WebCore::AudioNode> > const&), unsigned long) + 263 (Vector.h:1512) 21 com.apple.WebCore 0x000000015ab89cf6 WebCore::BaseAudioContext::derefFinishedSourceNodes() + 278 (BaseAudioContext.cpp:586) 22 com.apple.WebCore 0x000000015ab8d77c WebCore::BaseAudioContext::handlePostRenderTasks() + 156 (BaseAudioContext.cpp:734) 23 com.apple.WebCore 0x000000015ab2ad00 WebCore::AudioDestinationNode::render(WebCore::AudioBus*, WebCore::AudioBus*, unsigned long, WebCore::AudioIOPosition const&) + 576 (AudioDestinationNode.cpp:107) 24 com.apple.WebCore 0x000000015abe66fd WebCore::OfflineAudioDestinationNode::offlineRender() + 877 (OfflineAudioDestinationNode.cpp:163)
Attachments
Patch
(21.33 KB, patch)
2021-03-19 12:56 PDT
,
Chris Dumez
no flags
Details
Formatted Diff
Diff
Patch
(21.63 KB, patch)
2021-03-19 13:39 PDT
,
Chris Dumez
no flags
Details
Formatted Diff
Diff
Patch
(21.58 KB, patch)
2021-03-19 15:38 PDT
,
Chris Dumez
no flags
Details
Formatted Diff
Diff
Show Obsolete
(2)
View All
Add attachment
proposed patch, testcase, etc.
Chris Dumez
Comment 1
2021-03-19 12:56:56 PDT
Created
attachment 423762
[details]
Patch
Chris Dumez
Comment 2
2021-03-19 13:39:06 PDT
Created
attachment 423769
[details]
Patch
Peng Liu
Comment 3
2021-03-19 14:30:36 PDT
Comment on
attachment 423769
[details]
Patch View in context:
https://bugs.webkit.org/attachment.cgi?id=423769&action=review
> Source/WebCore/Modules/webaudio/AudioSummingJunction.cpp:135 > + m_pendingRenderingOutputs->updatedEnabledState(output);
Nit. Regarding "m_pendingRenderingOutputs." and "m_pendingRenderingOutputs->", I believe they are working. But they look strange at first glance. :-)
> Source/WebCore/Modules/webaudio/AudioSummingJunction.h:69 > + bool operator==(AudioNodeOutput* other) const { return output == other; }
const AudioNodeOutput* other?
Chris Dumez
Comment 4
2021-03-19 14:44:01 PDT
(In reply to Peng Liu from
comment #3
)
> Comment on
attachment 423769
[details]
> Patch > > View in context: >
https://bugs.webkit.org/attachment.cgi?id=423769&action=review
> > > Source/WebCore/Modules/webaudio/AudioSummingJunction.cpp:135 > > + m_pendingRenderingOutputs->updatedEnabledState(output); > > Nit. Regarding "m_pendingRenderingOutputs." and > "m_pendingRenderingOutputs->", I believe they are working. But they look > strange at first glance. :-)
What looks strange? It is an Optional<> now so I need to `->` instead of `.`
> > > Source/WebCore/Modules/webaudio/AudioSummingJunction.h:69 > > + bool operator==(AudioNodeOutput* other) const { return output == other; } > > const AudioNodeOutput* other?
OK.
Peng Liu
Comment 5
2021-03-19 14:52:43 PDT
Comment on
attachment 423769
[details]
Patch View in context:
https://bugs.webkit.org/attachment.cgi?id=423769&action=review
>>> Source/WebCore/Modules/webaudio/AudioSummingJunction.cpp:135 >>> + m_pendingRenderingOutputs->updatedEnabledState(output); >> >> Nit. Regarding "m_pendingRenderingOutputs." and "m_pendingRenderingOutputs->", I believe they are working. But they look strange at first glance. :-) > > What looks strange? It is an Optional<> now so I need to `->` instead of `.`
At first glance I was surprised by the "m_pendingRenderingOutputs." in the "if" branch and "m_pendingRenderingOutputs->" in the "else" branch. But it is not an issue actually. :-)
Chris Dumez
Comment 6
2021-03-19 15:38:54 PDT
Created
attachment 423789
[details]
Patch
EWS
Comment 7
2021-03-22 04:58:34 PDT
commit-queue failed to commit
attachment 423789
[details]
to WebKit repository. To retry, please set cq+ flag again.
EWS
Comment 8
2021-03-22 11:51:48 PDT
Committed
r274767
: <
https://commits.webkit.org/r274767
> All reviewed patches have been landed. Closing bug and clearing flags on
attachment 423789
[details]
.
Radar WebKit Bug Importer
Comment 9
2021-03-22 11:52:16 PDT
<
rdar://problem/75701704
>
Note
You need to
log in
before you can comment on or make changes to this bug.
Top of Page
Format For Printing
XML
Clone This Bug