[Webkit-unassigned] [Bug 257488] New: [JSC] Heap allocation during WebAudio rendering
bugzilla-daemon at webkit.org
bugzilla-daemon at webkit.org
Tue May 30 08:26:48 PDT 2023
https://bugs.webkit.org/show_bug.cgi?id=257488
Bug ID: 257488
Summary: [JSC] Heap allocation during WebAudio rendering
Product: WebKit
Version: WebKit Nightly Build
Hardware: Unspecified
OS: Unspecified
Status: NEW
Severity: Normal
Priority: P2
Component: Web Audio
Assignee: webkit-unassigned at lists.webkit.org
Reporter: philn at igalia.com
CC: cdumez at apple.com
(gdb) bt
#0 0x00007f7c7753790e in WTFCrash() () at /var/home/phil/WebKit/Source/WTF/wtf/Assertions.cpp:327
#1 0x00007f7c7523803b in WTFCrashWithInfo(int, char const*, char const*, int) () at WTF/Headers/wtf/Assertions.h:762
#2 0x00007f7c775531ce in WTF::fastMalloc(unsigned long) (size=8) at /var/home/phil/WebKit/Source/WTF/wtf/FastMalloc.cpp:532
#3 0x00007f7c7523d265 in WTF::FastMalloc::malloc(unsigned long) (size=8) at WTF/Headers/wtf/FastMalloc.h:218
#4 0x00007f7c76f3a031 in WTF::VectorBufferBase<WTF::Ref<JSC::Wasm::Instance, WTF::RawPtrTraits<JSC::Wasm::Instance> >, WTF::FastMalloc>::allocateBuffer<(WTF::FailureAction)0>(unsigned long)
(this=0x7f7ac5ffa120, newCapacity=1) at WTF/Headers/wtf/Vector.h:320
#5 0x00007f7c76f39f55 in WTF::Vector<WTF::Ref<JSC::Wasm::Instance, WTF::RawPtrTraits<JSC::Wasm::Instance> >, 0ul, WTF::CrashOnOverflow, 16ul, WTF::FastMalloc>::reserveInitialCapacity<(WTF::FailureAction)0>(unsign
ed long) (this=0x7f7ac5ffa120, initialCapacity=1) at WTF/Headers/wtf/Vector.h:1320
#6 0x00007f7c76f39dad in WTF::Vector<WTF::Ref<JSC::Wasm::Instance, WTF::RawPtrTraits<JSC::Wasm::Instance> >, 0ul, WTF::CrashOnOverflow, 16ul, WTF::FastMalloc>::reserveInitialCapacity(unsigned long)
(this=0x7f7ac5ffa120, initialCapacity=1) at WTF/Headers/wtf/Vector.h:832
#7 0x00007f7c76f23173 in WTF::ThreadSafeWeakHashSet<JSC::Wasm::Instance>::values() (this=0x7f7c0d4d01b8) at WTF/Headers/wtf/ThreadSafeWeakHashSet.h:88
#8 0x00007f7c76f176d1 in JSC::VM::updateStackLimits() (this=0x7f7c0d4c2000) at /var/home/phil/WebKit/Source/JavaScriptCore/runtime/VM.cpp:995
#9 0x00007f7c76f17534 in JSC::VM::setStackPointerAtVMEntry(void*) (this=0x7f7c0d4c2000, sp=0x7f7ac5ffa190) at /var/home/phil/WebKit/Source/JavaScriptCore/runtime/VM.cpp:920
#10 0x00007f7c76c8d1dc in JSC::JSLock::didAcquireLock() (this=0x7f7c6355c180) at /var/home/phil/WebKit/Source/JavaScriptCore/runtime/JSLock.cpp:152
#11 0x00007f7c76c8cfdb in JSC::JSLock::lock(long) (this=0x7f7c6355c180, lockCount=1) at /var/home/phil/WebKit/Source/JavaScriptCore/runtime/JSLock.cpp:127
#12 0x00007f7c76c8ccba in JSC::JSLock::lock() (this=0x7f7c6355c180) at /var/home/phil/WebKit/Source/JavaScriptCore/runtime/JSLock.cpp:97
#13 0x00007f7c76c8cc6a in JSC::JSLockHolder::JSLockHolder(JSC::VM&) (this=0x7f7ad20109e0, vm=...) at /var/home/phil/WebKit/Source/JavaScriptCore/runtime/JSLock.cpp:67
#14 0x00007f7c7e3a21ad in std::_Construct<JSC::JSLockHolder, JSC::VM&>(JSC::JSLockHolder*, JSC::VM&) (__p=0x7f7ad20109e0, __args=...)
at /usr/bin/../lib/gcc/x86_64-redhat-linux/13/../../../../include/c++/13/bits/stl_construct.h:119
#15 0x00007f7c7e3a2181 in std::_Optional_payload_base<JSC::JSLockHolder>::_M_construct<JSC::VM&>(JSC::VM&) (this=0x7f7ad20109e0, __args=...)
at /usr/bin/../lib/gcc/x86_64-redhat-linux/13/../../../../include/c++/13/optional:278
#16 0x00007f7c7e3a211d in std::_Optional_base_impl<JSC::JSLockHolder, std::_Optional_base<JSC::JSLockHolder, false, false> >::_M_construct<JSC::VM&>(JSC::VM&) (this=0x7f7ad20109e0, __args=...)
at /usr/bin/../lib/gcc/x86_64-redhat-linux/13/../../../../include/c++/13/optional:457
#17 0x00007f7c7e39c90a in std::optional<JSC::JSLockHolder>::emplace<JSC::VM&>(JSC::VM&) (this=0x7f7ad20109e0, __args=...) at /usr/bin/../lib/gcc/x86_64-redhat-linux/13/../../../../include/c++/13/optional:918
#18 0x00007f7c7e38c560 in WebCore::AudioWorkletGlobalScope::handlePreRenderTasks() (this=0x7f7ad20104b0) at /var/home/phil/WebKit/Source/WebCore/Modules/webaudio/AudioWorkletGlobalScope.cpp:188
#19 0x00007f7c7e3537d8 in WebCore::AudioDestinationNode::renderQuantum(WebCore::AudioBus*, unsigned long, WebCore::AudioIOPosition const&)
(this=0x7f7ad20103d0, destinationBus=0x7f7c63508200, numberOfFrames=128, outputPosition=...) at /var/home/phil/WebKit/Source/WebCore/Modules/webaudio/AudioDestinationNode.cpp:93
#20 0x00007f7c7e3c80d5 in WebCore::DefaultAudioDestinationNode::render(WebCore::AudioBus*, WebCore::AudioBus*, unsigned long, WebCore::AudioIOPosition const&)
(this=0x7f7ad20103d0, destinationBus=0x7f7c63508200, numberOfFrames=128, outputPosition=...) at /var/home/phil/WebKit/Source/WebCore/Modules/webaudio/DefaultAudioDestinationNode.cpp:254
#21 0x00007f7c7c486207 in WebCore::AudioDestination::callRenderCallback(WebCore::AudioBus*, WebCore::AudioBus*, unsigned long, WebCore::AudioIOPosition const&)
(this=0x7f7c6366c120, sourceBus=0x0, destinationBus=0x7f7c63508200, framesToProcess=128, outputPosition=...) at /var/home/phil/WebKit/Source/WebCore/platform/audio/AudioDestination.h:105
#22 0x00007f7c7c485312 in webKitWebAudioSrcRenderAndPushFrames(WTF::GRefPtr<_GstElement> const&, WTF::GRefPtr<_GstBuffer>&&) (element=..., buffer=...)
at /var/home/phil/WebKit/Source/WebCore/platform/audio/gstreamer/WebKitWebAudioSourceGStreamer.cpp:358
#23 0x00007f7c7c485a5f in webKitWebAudioSrcRenderIteration(_WebKitWebAudioSrc*)::$_0::operator()() (this=0x7f7c63604808)
at /var/home/phil/WebKit/Source/WebCore/platform/audio/gstreamer/WebKitWebAudioSourceGStreamer.cpp:406
#24 0x00007f7c7c485a19 in WTF::Detail::CallableWrapper<webKitWebAudioSrcRenderIteration(_WebKitWebAudioSrc*)::$_0, void>::call() (this=0x7f7c63604800) at WTF/Headers/wtf/Function.h:53
#25 0x00007f7c7b0353b2 in WTF::Function<void ()>::operator()() const (this=0x7f7c636c02b8) at WTF/Headers/wtf/Function.h:82
#26 0x00007f7c7e3ca499 in WebCore::DefaultAudioDestinationNode::dispatchToRenderThreadFunction()::$_0::operator()(WTF::Function<void ()>&&) const::{lambda(WebCore::ScriptExecutionContext&)#1}::operator()(WebCore::
ScriptExecutionContext&) (this=0x7f7c636c02b8) at /var/home/phil/WebKit/Source/WebCore/Modules/webaudio/DefaultAudioDestinationNode.cpp:151
#27 0x00007f7c7e3ca471 in WTF::Detail::CallableWrapper<WebCore::DefaultAudioDestinationNode::dispatchToRenderThreadFunction()::$_0::operator()(WTF::Function<void ()>&&) const::{lambda(WebCore::ScriptExecutionConte
xt&)#1}, void, WebCore::ScriptExecutionContext&>::call(WebCore::ScriptExecutionContext&) (this=0x7f7c636c02b0, in=...) at WTF/Headers/wtf/Function.h:53
#28 0x00007f7c7e48370a in WTF::Function<void (WebCore::ScriptExecutionContext&)>::operator()(WebCore::ScriptExecutionContext&) const (this=0x7f7c63604820, in=...) at WTF/Headers/wtf/Function.h:82
#29 0x00007f7c7e48115d in WebCore::ScriptExecutionContext::Task::performTask(WebCore::ScriptExecutionContext&) (this=0x7f7c63604820, context=...)
at /var/home/phil/WebKit/Source/WebCore/dom/ScriptExecutionContext.h:219
#30 0x00007f7c80a9cde9 in WebCore::WorkerDedicatedRunLoop::Task::performTask(WebCore::WorkerOrWorkletGlobalScope*) (this=0x7f7c63604820, context=0x7f7ad20104b0)
at /var/home/phil/WebKit/Source/WebCore/workers/WorkerRunLoop.cpp:285
#31 0x00007f7c80a9c893 in WebCore::WorkerDedicatedRunLoop::runInMode(WebCore::WorkerOrWorkletGlobalScope*, WebCore::ModePredicate const&) (this=0x7f7c635fe0a0, context=0x7f7ad20104b0, predicate=...)
at /var/home/phil/WebKit/Source/WebCore/workers/WorkerRunLoop.cpp:220
#32 0x00007f7c80a9b415 in WebCore::WorkerDedicatedRunLoop::run(WebCore::WorkerOrWorkletGlobalScope*) (this=0x7f7c635fe0a0, context=0x7f7ad20104b0)
#33 0x00007f7c80a9b3b4 in WebCore::WorkerOrWorkletThread::runEventLoop() (this=0x7f7c63612630) at /var/home/phil/WebKit/Source/WebCore/workers/WorkerOrWorkletThread.cpp:122
#34 0x00007f7c80a9b77f in WebCore::WorkerOrWorkletThread::workerOrWorkletThread() (this=0x7f7c63612630) at /var/home/phil/WebKit/Source/WebCore/workers/WorkerOrWorkletThread.cpp:196
#35 0x00007f7c7e3998a8 in WebCore::AudioWorkletThread::createThread()::$_0::operator()() const (this=0x7f7c633c2878) at /var/home/phil/WebKit/Source/WebCore/Modules/webaudio/AudioWorkletThread.cpp:68
#36 0x00007f7c7e399889 in WTF::Detail::CallableWrapper<WebCore::AudioWorkletThread::createThread()::$_0, void>::call() (this=0x7f7c633c2870) at WTF/Headers/wtf/Function.h:53
#37 0x00007f7c75fc49d2 in WTF::Function<void ()>::operator()() const (this=0x7f7ac5ffa9d0) at /var/home/phil/WebKit/Source/WTF/wtf/Function.h:82
#38 0x00007f7c777dc7e8 in WTF::Thread::entryPoint(WTF::Thread::NewThreadContext*) (newThreadContext=0x7f7c6360d850) at /var/home/phil/WebKit/Source/WTF/wtf/Threading.cpp:250
#39 0x00007f7c7788eb65 in WTF::wtfThreadEntryPoint(void*) (context=0x7f7c6360d850) at /var/home/phil/WebKit/Source/WTF/wtf/posix/ThreadingPOSIX.cpp:242
#40 0x00007f7c72463907 in start_thread (arg=<optimized out>) at pthread_create.c:444
#41 0x00007f7c724e9870 in clone3 () at ../sysdeps/unix/sysv/linux/x86_64/clone3.S:81
Looks like a regression introduced by 264531 at main ... I got this when running a GTK Debug build on the http/wpt tests.
--
You are receiving this mail because:
You are the assignee for the bug.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.webkit.org/pipermail/webkit-unassigned/attachments/20230530/26435e9e/attachment-0001.htm>
More information about the webkit-unassigned
mailing list