RESOLVED FIXED 224696
[ BigSur wk2 ARM64 ] http/wpt/webrtc/change-encoded-transform.html is a flakey crash 
https://bugs.webkit.org/show_bug.cgi?id=224696
Summary [ BigSur wk2 ARM64 ] http/wpt/webrtc/change-encoded-transform.html is a flake...
Robert Jenner
Reported 2021-04-16 14:47:02 PDT
http/wpt/webrtc/change-encoded-transform.html is a flakey crash on Big Sur wk2 on Apple Silicon Macs only. HISTORY: https://results.webkit.org/?suite=layout-tests&test=http%2Fwpt%2Fwebrtc%2Fchange-encoded-transform.html CRASH URL: https://build.webkit.org/results/Apple-BigSur-Release-AppleSilicon-WK2-Tests/r276149%20(930)/http/wpt/webrtc/change-encoded-transform-crash-log.txt CRASH TEXT: Crashed Thread: 14 WebCore: Worker Exception Type: EXC_BAD_ACCESS (SIGSEGV) Exception Codes: KERN_INVALID_ADDRESS at 0x0000000000000000 Exception Note: EXC_CORPSE_NOTIFY Termination Signal: Segmentation fault: 11 Termination Reason: Namespace SIGNAL, Code 0xb Terminating Process: exc handler [98394] Thread 14 Crashed:: WebCore: Worker 0 libwebrtc.dylib 0x00000001076ae598 webrtc::RTPSenderVideoFrameTransformerDelegate::OnTransformedFrame(std::__1::unique_ptr<webrtc::TransformableFrameInterface, std::__1::default_delete<webrtc::TransformableFrameInterface> >) + 108 1 libwebrtc.dylib 0x00000001076ae584 webrtc::RTPSenderVideoFrameTransformerDelegate::OnTransformedFrame(std::__1::unique_ptr<webrtc::TransformableFrameInterface, std::__1::default_delete<webrtc::TransformableFrameInterface> >) + 88 2 com.apple.WebCore 0x000000010395b020 WebCore::LibWebRTCRtpTransformBackend::processTransformedFrame(WebCore::RTCRtpTransformableFrame&) + 88 (LibWebRTCRtpTransformBackend.cpp:58) 3 com.apple.WebCore 0x00000001039530dc operator()<WebCore::ScriptExecutionContext, JSC::JSValue> + 64 (RTCRtpScriptTransformer.cpp:107) [inlined] 4 com.apple.WebCore 0x00000001039530dc WTF::Detail::CallableWrapper<WebCore::RTCRtpScriptTransformer::writable()::$_6, WebCore::ExceptionOr<void>, WebCore::ScriptExecutionContext&, JSC::JSValue>::call(WebCore::ScriptExecutionContext&, JSC::JSValue) + 280 (Function.h:52) 5 com.apple.WebCore 0x000000010394f748 operator() + 20 (Function.h:83) [inlined] 6 com.apple.WebCore 0x000000010394f748 WebCore::SimpleWritableStreamSink::write(WebCore::ScriptExecutionContext&, JSC::JSValue, WebCore::DOMPromiseDeferred<void>&&) + 40 (WritableStreamSink.h:70) 7 com.apple.WebCore 0x00000001036cbf44 operator() + 32 (JSWritableStreamSink.cpp:161) [inlined] 8 com.apple.WebCore 0x00000001036cbf44 toJS<WebCore::IDLPromise<WebCore::IDLUndefined>, (lambda at /Volumes/Data/worker/bigsur-release/build/WebKitBuild/Release/DerivedSources/WebCore/JSWritableStreamSink.cpp:161:5)> + 32 (JSDOMConvertBase.h:195) [inlined] 9 com.apple.WebCore 0x00000001036cbf44 jsWritableStreamSinkPrototypeFunction_writeBody + 132 (JSWritableStreamSink.cpp:161) [inlined] 10 com.apple.WebCore 0x00000001036cbf44 operator() + 136 (JSDOMOperationReturningPromise.h:52) [inlined] 11 com.apple.WebCore 0x00000001036cbf44 callPromiseFunction<(lambda at /Volumes/Data/worker/bigsur-release/build/Source/WebCore/bindings/js/JSDOMOperationReturningPromise.h:41:89)> + 424 (JSDOMPromiseDeferred.h:337) [inlined] 12 com.apple.WebCore 0x00000001036cbf44 call<&WebCore::jsWritableStreamSinkPrototypeFunction_writeBody, WebCore::CastedThisErrorBehavior::RejectPromise> + 424 (JSDOMOperationReturningPromise.h:41) [inlined] 13 com.apple.WebCore 0x00000001036cbf44 WebCore::jsWritableStreamSinkPrototypeFunction_write(JSC::JSGlobalObject*, JSC::CallFrame*) + 456 (JSWritableStreamSink.cpp:166) 14 ??? 0x0000000280049c9c 0 + 10737720476 15 com.apple.JavaScriptCore 0x00000001082f438c llint_entry + 146620 16 com.apple.JavaScriptCore 0x00000001082f2d90 llint_entry + 140992 17 com.apple.JavaScriptCore 0x00000001082f2d90 llint_entry + 140992 18 com.apple.JavaScriptCore 0x00000001082f2e38 llint_entry + 141160 19 com.apple.JavaScriptCore 0x00000001082f2d90 llint_entry + 140992 20 com.apple.JavaScriptCore 0x00000001082f2d90 llint_entry + 140992 21 com.apple.JavaScriptCore 0x00000001082f2d90 llint_entry + 140992 22 com.apple.JavaScriptCore 0x00000001082f2d90 llint_entry + 140992 23 com.apple.JavaScriptCore 0x00000001082f2e38 llint_entry + 141160 24 com.apple.JavaScriptCore 0x00000001082d03f8 vmEntryToJavaScript + 264 25 com.apple.JavaScriptCore 0x00000001089334c8 execute + 36 (JITCodeInlines.h:42) [inlined] 26 com.apple.JavaScriptCore 0x00000001089334c8 JSC::Interpreter::executeCall(JSC::JSGlobalObject*, JSC::JSObject*, JSC::CallData const&, JSC::JSValue, JSC::ArgList const&) + 452 (Interpreter.cpp:901) 27 com.apple.JavaScriptCore 0x0000000108b4b010 call + 36 (CallData.cpp:57) [inlined] 28 com.apple.JavaScriptCore 0x0000000108b4b010 JSC::profiledCall(JSC::JSGlobalObject*, JSC::ProfilingReason, JSC::JSValue, JSC::CallData const&, JSC::JSValue, JSC::ArgList const&) + 156 (CallData.cpp:78) 29 com.apple.JavaScriptCore 0x0000000108c4aaa0 JSC::JSMicrotask::run(JSC::JSGlobalObject*) + 388 (JSMicrotask.cpp:93) 30 com.apple.WebCore 0x0000000103b8de48 runTask + 56 (JSExecState.h:91) [inlined] 31 com.apple.WebCore 0x0000000103b8de48 WebCore::JSMicrotaskCallback::call() + 136 (JSMicrotaskCallback.h:46) 32 com.apple.WebCore 0x0000000103e53e54 WebCore::MicrotaskQueue::performMicrotaskCheckpoint() + 124 (Microtasks.cpp:64) 33 com.apple.WebCore 0x0000000103e3acb4 WebCore::EventLoop::run() + 696 (EventLoop.cpp:134) 34 com.apple.WebCore 0x0000000104ac4658 operator() + 20 (Function.h:83) [inlined] 35 com.apple.WebCore 0x0000000104ac4658 performTask + 20 (ScriptExecutionContext.h:203) [inlined] 36 com.apple.WebCore 0x0000000104ac4658 performTask + 36 (WorkerRunLoop.cpp:270) [inlined] 37 com.apple.WebCore 0x0000000104ac4658 WebCore::WorkerRunLoop::runInMode(WebCore::WorkerOrWorkletGlobalScope*, WebCore::ModePredicate const&, WebCore::WorkerRunLoop::WaitMode) + 444 (WorkerRunLoop.cpp:209) 38 com.apple.WebCore 0x0000000104ac3ad8 WebCore::WorkerRunLoop::run(WebCore::WorkerOrWorkletGlobalScope*) + 100 (WorkerRunLoop.cpp:143) 39 com.apple.WebCore 0x0000000104ac3e14 WebCore::WorkerOrWorkletThread::workerOrWorkletThread() + 728 (WorkerOrWorkletThread.cpp:146) 40 com.apple.JavaScriptCore 0x000000010809fc70 operator() + 16 (Function.h:83) [inlined] 41 com.apple.JavaScriptCore 0x000000010809fc70 WTF::Thread::entryPoint(WTF::Thread::NewThreadContext*) + 136 (Threading.cpp:183) 42 com.apple.JavaScriptCore 0x00000001080a2020 WTF::wtfThreadEntryPoint(void*) + 12 (ThreadingPOSIX.cpp:241) 43 libsystem_pthread.dylib 0x0000000186e8e06c _pthread_start + 320 44 libsystem_pthread.dylib 0x0000000186e88da0 thread_start + 8
Attachments
Full crashlog (98.94 KB, text/plain)
2021-04-16 14:49 PDT, Robert Jenner 		no flags
Details
Patch (6.56 KB, patch)
2021-04-19 08:22 PDT, youenn fablet 		no flags
DetailsFormatted DiffDiff
View All Add attachment proposed patch, testcase, etc.
Robert Jenner
Comment 1 2021-04-16 14:49:01 PDT
Created attachment 426279 [details] Full crashlog Attaching full crashlog to bug.
Robert Jenner
Comment 2 2021-04-16 14:57:25 PDT
The crashes only occur on Apple Silicon Macs. As such, I cannot reproduce the crash as I do not have access to said system. I have updated the expectations for Apple Silicon Macs only to Pass Crash here: https://trac.webkit.org/changeset/276172/webkit
Radar WebKit Bug Importer
Comment 3 2021-04-16 14:58:26 PDT
<rdar://problem/76780020>
youenn fablet
Comment 4 2021-04-19 07:51:58 PDT
It reproes on Intel Macs as well with: Tools/Scripts/run-webkit-tests --no-retry http/wpt/webrtc/change-encoded-transform.html --iterations=10000 -f --child-processes=19 --exit-after-n-failures=1
youenn fablet
Comment 5 2021-04-19 08:22:00 PDT
Created attachment 426422 [details] Patch
youenn fablet
Comment 6 2021-04-19 11:39:28 PDT
Comment on attachment 426422 [details] Patch IOS failure unrelated
EWS
Comment 7 2021-04-21 00:33:07 PDT
Committed r276349 (236827@main): <https://commits.webkit.org/236827@main> All reviewed patches have been landed. Closing bug and clearing flags on attachment 426422 [details].
Note You need to log in before you can comment on or make changes to this bug.