Bug 242677

Summary: [Alternate WebM Player] Assertion when playing file when player is enabled.
Product: WebKit Reporter: Jean-Yves Avenard [:jya] <jean-yves.avenard>
Component: MediaAssignee: Youssef Soliman <youssefdevelops>
Status: RESOLVED FIXED    
Severity: Normal CC: webkit-bug-importer, y_soliman
Priority: P2 Keywords: InRadar
Version: Other   
Hardware: Unspecified   
OS: Unspecified   

Description Jean-Yves Avenard [:jya] 2022-07-13 00:29:34 PDT 
STR:
1- Open a webm with only an audio track such as:
https://jyavenard.github.io/htmltests/mediatest/webm/test-vorbis.webm

2- Wait for the file to start playing

Results: Assertion/Crash in
void MediaPlayerPrivateWebM::provideMediaData(uint64_t trackId)
https://searchfox.org/wubkat/rev/ff139c1ca782df139cc6ec5afefb707877720cb0/Source/WebCore/platform/graphics/cocoa/MediaPlayerPrivateWebM.mm#884


```
(lldb) bt
* thread #1, queue = ‘com.apple.main-thread’, stop reason = EXC_BAD_ACCESS (code=1, address=0xbbadbeef)
  frame #0: 0x000000013075ab38 JavaScriptCore`::WTFCrash() at Assertions.cpp:328:35
  frame #1: 0x00000002805a0fb4 WebCore`WTFCrashWithInfo((null)=659, (null)=“/Users/jyavenard/Work/webkit/OpenSource/WebKitBuild/Debug/usr/local/include/wtf/HashTable.h”, (null)=“void WTF::HashTable<unsigned long long, WTF::KeyValuePair<unsigned long long, WTF::UniqueRef<WebCore::TrackBuffer>>, WTF::KeyValuePairKeyExtractor<WTF::KeyValuePair<unsigned long long, WTF::UniqueRef<WebCore::TrackBuffer>>>, WTF::DefaultHash<unsigned long long>, WTF::HashMap<unsigned long long, WTF::UniqueRef<WebCore::TrackBuffer>, WTF::DefaultHash<unsigned long long>, WTF::UnsignedWithZeroKeyHashTraits<unsigned long long>>::KeyValuePairTraits, WTF::UnsignedWithZeroKeyHashTraits<unsigned long long>>::checkKey(const T &) [Key = unsigned long long, Value = WTF::KeyValuePair<unsigned long long, WTF::UniqueRef<WebCore::TrackBuffer>>, Extractor = WTF::KeyValuePairKeyExtractor<WTF::KeyValuePair<unsigned long long, WTF::UniqueRef<WebCore::TrackBuffer>>>, HashFunctions = WTF::DefaultHash<unsigned long long>, Traits = WTF::HashMap<unsigned long long, WTF::UniqueRef<WebCore::TrackBuffer>, WTF::DefaultHash<unsigned long long>, WTF::UnsignedWithZeroKeyHashTraits<unsigned long long>>::KeyValuePairTraits, KeyTraits = WTF::“..., (null)=62) at Assertions.h:754:5
  frame #2: 0x00000002820cb368 WebCore`void WTF::HashTable<unsigned long long, WTF::KeyValuePair<unsigned long long, WTF::UniqueRef<WebCore::TrackBuffer> >, WTF::KeyValuePairKeyExtractor<WTF::KeyValuePair<unsigned long long, WTF::UniqueRef<WebCore::TrackBuffer> > >, WTF::DefaultHash<unsigned long long>, WTF::HashMap<unsigned long long, WTF::UniqueRef<WebCore::TrackBuffer>, WTF::DefaultHash<unsigned long long>, WTF::UnsignedWithZeroKeyHashTraits<unsigned long long>, WTF::HashTraits<WTF::UniqueRef<WebCore::TrackBuffer> >, WTF::HashTableTraits>::KeyValuePairTraits, WTF::UnsignedWithZeroKeyHashTraits<unsigned long long> >::checkKey<WTF::IdentityHashTranslator<WTF::HashMap<unsigned long long, WTF::UniqueRef<WebCore::TrackBuffer>, WTF::DefaultHash<unsigned long long>, WTF::UnsignedWithZeroKeyHashTraits<unsigned long long>, WTF::HashTraits<WTF::UniqueRef<WebCore::TrackBuffer> >, WTF::HashTableTraits>::KeyValuePairTraits, WTF::DefaultHash<unsigned long long> >, unsigned long long>(this=0x00000001130382a0, key=0x000000016b141fe0) at HashTable.h:659:9
  frame #3: 0x00000002820cb1e8 WebCore`WTF::KeyValuePair<unsigned long long, WTF::UniqueRef<WebCore::TrackBuffer> >* WTF::HashTable<unsigned long long, WTF::KeyValuePair<unsigned long long, WTF::UniqueRef<WebCore::TrackBuffer> >, WTF::KeyValuePairKeyExtractor<WTF::KeyValuePair<unsigned long long, WTF::UniqueRef<WebCore::TrackBuffer> > >, WTF::DefaultHash<unsigned long long>, WTF::HashMap<unsigned long long, WTF::UniqueRef<WebCore::TrackBuffer>, WTF::DefaultHash<unsigned long long>, WTF::UnsignedWithZeroKeyHashTraits<unsigned long long>, WTF::HashTraits<WTF::UniqueRef<WebCore::TrackBuffer> >, WTF::HashTableTraits>::KeyValuePairTraits, WTF::UnsignedWithZeroKeyHashTraits<unsigned long long> >::inlineLookup<WTF::IdentityHashTranslator<WTF::HashMap<unsigned long long, WTF::UniqueRef<WebCore::TrackBuffer>, WTF::DefaultHash<unsigned long long>, WTF::UnsignedWithZeroKeyHashTraits<unsigned long long>, WTF::HashTraits<WTF::UniqueRef<WebCore::TrackBuffer> >, WTF::HashTableTraits>::KeyValuePairTraits, WTF::DefaultHash<unsigned long long> >, unsigned long long>(this=0x00000001130382a0, key=0x000000016b141fe0) at HashTable.h:681:9
  frame #4: 0x00000002820cb1b4 WebCore`WTF::KeyValuePair<unsigned long long, WTF::UniqueRef<WebCore::TrackBuffer> >* WTF::HashTable<unsigned long long, WTF::KeyValuePair<unsigned long long, WTF::UniqueRef<WebCore::TrackBuffer> >, WTF::KeyValuePairKeyExtractor<WTF::KeyValuePair<unsigned long long, WTF::UniqueRef<WebCore::TrackBuffer> > >, WTF::DefaultHash<unsigned long long>, WTF::HashMap<unsigned long long, WTF::UniqueRef<WebCore::TrackBuffer>, WTF::DefaultHash<unsigned long long>, WTF::UnsignedWithZeroKeyHashTraits<unsigned long long>, WTF::HashTraits<WTF::UniqueRef<WebCore::TrackBuffer> >, WTF::HashTableTraits>::KeyValuePairTraits, WTF::UnsignedWithZeroKeyHashTraits<unsigned long long> >::lookup<WTF::IdentityHashTranslator<WTF::HashMap<unsigned long long, WTF::UniqueRef<WebCore::TrackBuffer>, WTF::DefaultHash<unsigned long long>, WTF::UnsignedWithZeroKeyHashTraits<unsigned long long>, WTF::HashTraits<WTF::UniqueRef<WebCore::TrackBuffer> >, WTF::HashTableTraits>::KeyValuePairTraits, WTF::DefaultHash<unsigned long long> >, unsigned long long>(this=0x00000001130382a0, key=0x000000016b141fe0) at HashTable.h:673:16
  frame #5: 0x00000002820cb150 WebCore`WTF::HashTableIterator<WTF::HashTable<unsigned long long, WTF::KeyValuePair<unsigned long long, WTF::UniqueRef<WebCore::TrackBuffer> >, WTF::KeyValuePairKeyExtractor<WTF::KeyValuePair<unsigned long long, WTF::UniqueRef<WebCore::TrackBuffer> > >, WTF::DefaultHash<unsigned long long>, WTF::HashMap<unsigned long long, WTF::UniqueRef<WebCore::TrackBuffer>, WTF::DefaultHash<unsigned long long>, WTF::UnsignedWithZeroKeyHashTraits<unsigned long long>, WTF::HashTraits<WTF::UniqueRef<WebCore::TrackBuffer> >, WTF::HashTableTraits>::KeyValuePairTraits, WTF::UnsignedWithZeroKeyHashTraits<unsigned long long> >, unsigned long long, WTF::KeyValuePair<unsigned long long, WTF::UniqueRef<WebCore::TrackBuffer> >, WTF::KeyValuePairKeyExtractor<WTF::KeyValuePair<unsigned long long, WTF::UniqueRef<WebCore::TrackBuffer> > >, WTF::DefaultHash<unsigned long long>, WTF::HashMap<unsigned long long, WTF::UniqueRef<WebCore::TrackBuffer>, WTF::DefaultHash<unsigned long long>, WTF::UnsignedWithZeroKeyHashTraits<unsigned long long>, WTF::HashTraits<WTF::UniqueRef<WebCore::TrackBuffer> >, WTF::HashTableTraits>::KeyValuePairTraits, WTF::UnsignedWithZeroKeyHashTraits<unsigned long long> > WTF::HashTable<unsigned long long, WTF::KeyValuePair<unsigned long long, WTF::UniqueRef<WebCore::TrackBuffer> >, WTF::KeyValuePairKeyExtractor<WTF::KeyValuePair<unsigned long long, WTF::UniqueRef<WebCore::TrackBuffer> > >, WTF::DefaultHash<unsigned long long>, WTF::HashMap<unsigned long long, WTF::UniqueRef<WebCore::TrackBuffer>, WTF::DefaultHash<unsigned long long>, WTF::UnsignedWithZeroKeyHashTraits<unsigned long long>, WTF::HashTraits<WTF::UniqueRef<WebCore::TrackBuffer> >, WTF::HashTableTraits>::KeyValuePairTraits, WTF::UnsignedWithZeroKeyHashTraits<unsigned long long> >::find<WTF::IdentityHashTranslator<WTF::HashMap<unsigned long long, WTF::UniqueRef<WebCore::TrackBuffer>, WTF::DefaultHash<unsigned long long>, WTF::UnsignedWithZeroKeyHashTraits<unsigned long long>, WTF::HashTraits<WTF::UniqueRef<WebCore::TrackBuffer> >, WTF::HashTableTraits>::KeyValuePairTraits, WTF::DefaultHash<unsigned long long> >, unsigned long long>(this=0x00000001130382a0, key=0x000000016b141fe0) at HashTable.h:1077:28
  frame #6: 0x00000002820cb0f0 WebCore`WTF::HashTable<unsigned long long, WTF::KeyValuePair<unsigned long long, WTF::UniqueRef<WebCore::TrackBuffer> >, WTF::KeyValuePairKeyExtractor<WTF::KeyValuePair<unsigned long long, WTF::UniqueRef<WebCore::TrackBuffer> > >, WTF::DefaultHash<unsigned long long>, WTF::HashMap<unsigned long long, WTF::UniqueRef<WebCore::TrackBuffer>, WTF::DefaultHash<unsigned long long>, WTF::UnsignedWithZeroKeyHashTraits<unsigned long long>, WTF::HashTraits<WTF::UniqueRef<WebCore::TrackBuffer> >, WTF::HashTableTraits>::KeyValuePairTraits, WTF::UnsignedWithZeroKeyHashTraits<unsigned long long> >::find(this=0x00000001130382a0, key=0x000000016b141fe0) at HashTable.h:498:52
  frame #7: 0x00000002820b6fe4 WebCore`WTF::HashMap<unsigned long long, WTF::UniqueRef<WebCore::TrackBuffer>, WTF::DefaultHash<unsigned long long>, WTF::UnsignedWithZeroKeyHashTraits<unsigned long long>, WTF::HashTraits<WTF::UniqueRef<WebCore::TrackBuffer> >, WTF::HashTableTraits>::find(this=0x00000001130382a0, key=0x000000016b141fe0) at HashMap.h:310:19
 * frame #8: 0x00000002820b6ed8 WebCore`WebCore::MediaPlayerPrivateWebM::provideMediaData(this=0x0000000113038210, trackId=18446744073709551615) at MediaPlayerPrivateWebM.mm:884:32
  frame #9: 0x00000002820b6948 WebCore`WebCore::MediaPlayerPrivateWebM::didBecomeReadyForMoreSamples(this=0x0000000113038210, trackId=18446744073709551615) at MediaPlayerPrivateWebM.mm:879:5
  frame #10: 0x00000002820ba1bc WebCore`invocation function for block in WebCore::MediaPlayerPrivateWebM::ensureLayer(.block_descriptor=0x0000600002294380) at MediaPlayerPrivateWebM.mm:1256:23
  frame #11: 0x0000000198107c8c AVFCore`-[AVMediaDataRequester _requestMediaDataIfReady] + 88
  frame #12: 0x0000000105150f40 libdispatch.dylib`_dispatch_call_block_and_release + 32
  frame #13: 0x0000000105152a48 libdispatch.dylib`_dispatch_client_callout + 20
  frame #14: 0x0000000105165ea4 libdispatch.dylib`_dispatch_main_queue_drain + 1220
  frame #15: 0x00000001051659d0 libdispatch.dylib`_dispatch_main_queue_callback_4CF + 44
  frame #16: 0x0000000184a5883c CoreFoundation`__CFRUNLOOP_IS_SERVICING_THE_MAIN_DISPATCH_QUEUE__ + 16
  frame #17: 0x0000000184a16564 CoreFoundation`__CFRunLoopRun + 2036
  frame #18: 0x0000000184a1561c CoreFoundation`CFRunLoopRunSpecific + 612
  frame #19: 0x000000018590ffb4 Foundation`-[NSRunLoop(NSRunLoop) runMode:beforeDate:] + 212
  frame #20: 0x0000000185988640 Foundation`-[NSRunLoop(NSRunLoop) run] + 64
  frame #21: 0x00000001846b24d4 libxpc.dylib`_xpc_objc_main + 860
  frame #22: 0x00000001846b1df4 libxpc.dylib`xpc_main + 108
  frame #23: 0x000000011ba06d70 WebKit`WebKit::XPCServiceMain((null)=1, (null)=0x000000016b143648) at XPCServiceMain.mm:217:5
  frame #24: 0x000000011dd4ef54 WebKit`WKXPCServiceMain(argc=1, argv=0x000000016b143648) at WKMain.mm:35:12
  frame #25: 0x0000000104cbff9c com.apple.WebKit.GPU.Development`main(argc=1, argv=0x000000016b143648) at AuxiliaryProcessMain.cpp:30:12
  frame #26: 0x0000000211740c14 dyld`start + 2372
```

Reason for the crash, there's no video track but we attempt to create a video layer and look for trackId -1 ; which is a reserved value for HashMap (used to detect if entry is empty)
Comment 1 Radar WebKit Bug Importer 2022-07-13 00:29:52 PDT 
<rdar://problem/96935749>
Comment 2 Youssef Soliman 2022-07-13 11:49:17 PDT 
Pull request: https://github.com/WebKit/WebKit/pull/2375
Comment 3 EWS 2022-07-13 15:30:29 PDT 
Committed 252424@main (b4d9eee5f23a): <https://commits.webkit.org/252424@main>

Reviewed commits have been landed. Closing PR #2375 and removing active labels.