213891 2020-07-02 10:43:31 -0700 Crash under WebKit::NetworkProcessProxy::updateProcessAssertion() 2020-07-02 11:45:40 -0700 1 1 1 Unclassified WebKit WebKit2 WebKit Nightly Build Unspecified Unspecified RESOLVED FIXED InRadar P2 Normal --- 1 cdumez cdumez achristensen ggaren webkit-bug-importer oldest_to_newest 1668288 0 cdumez 2020-07-02 10:43:31 -0700 Crash under WebKit::NetworkProcessProxy::updateProcessAssertion(): Thread 0 name: Dispatch queue: com.apple.main-thread Thread 0 Crashed: 0 WebKit 0x000000018c95be14 WebKit::NetworkProcessProxy::updateProcessAssertion() + 184 (ProcessThrottler.h:80) 1 WebKit 0x000000018c89d9c8 WebKit::WebProcessPool::updateProcessAssertions() + 32 (WebProcessPool.cpp:2109) 2 WebKit 0x000000018c89d9c8 WebKit::WebProcessPool::updateProcessAssertions() + 32 (WebProcessPool.cpp:2109) 3 WebKit 0x000000018c8a3634 WebKit::WebProcessProxy::didSetAssertionType(WebKit::ProcessAssertionType) + 1124 (Function.h:84) 4 WebKit 0x000000018c817044 WebKit::ProcessThrottler::setAssertionType(WebKit::ProcessAssertionType) + 396 (ProcessThrottler.cpp:135) 5 WebKit 0x000000018c816d54 WebKit::ProcessThrottler::updateAssertionIfNeeded() + 412 (ProcessThrottler.cpp:163) 6 WebKit 0x000000018c7d8cdc WebKit::ProcessThrottler::Activity<(WebKit::ProcessThrottler::ActivityType)0>::Activity(WebKit::ProcessThrottler&, WTF::ASCIILiteral) + 76 (ProcessThrottler.cpp:64) 7 WebKit 0x000000018c7fa9b4 WebKit::AuxiliaryProcessProxy::sendMessage(std::__1::unique_ptr<IPC::Encoder, std::__1::default_delete<IPC::Encoder> >, WTF::OptionSet<IPC::SendOption>, WTF::Optional<std::__1::pair<WTF::CompletionHandler<void (IPC::Decoder*)>, unsigned long long> >&&, WebKit::AuxiliaryProcessProxy::ShouldStartProcessThrottlerActivity) + 152 (ProcessThrottler.h:66) 8 WebKit 0x000000018c84001c WebKit::WebBackForwardCacheEntry::~WebBackForwardCacheEntry() + 324 (AuxiliaryProcessProxy.h:187) 9 WebKit 0x000000018c7821e0 std::__1::unique_ptr<WebKit::WebBackForwardCacheEntry, std::__1::default_delete<WebKit::WebBackForwardCacheEntry> >::reset(WebKit::WebBackForwardCacheEntry*) + 28 (WebBackForwardCacheEntry.cpp:50) 10 WebKit 0x000000018c83f6a0 WebKit::WebBackForwardCache::removeEntry(WebKit::WebBackForwardListItem&) + 132 (memory:2517) 11 WebKit 0x000000018c83fccc WebKit::WebBackForwardCache::pruneToSize(unsigned int) + 136 (WebBackForwardCache.cpp:54) 12 WebKit 0x000000018c836dd4 WebKit::WebProcessPool::applicationIsAboutToSuspend() + 124 (WebProcessPoolCocoa.mm:892) 13 WebKit 0x000000018c836e40 WebKit::WebProcessPool::notifyProcessPoolsApplicationIsAboutToSuspend() + 56 (WebProcessPoolCocoa.mm:899) 14 WebKit 0x000000018c8e3df8 -[WKProcessAssertionBackgroundTaskManager _releaseBackgroundTask] + 140 (ProcessAssertionIOS.mm:257) 15 WebKit 0x000000018c8e4bb0 WebKit::ProcessAndUIAssertion::~ProcessAndUIAssertion() + 72 (ProcessAssertionIOS.mm:496) 16 WebKit 0x000000018c8e4be8 WebKit::ProcessAndUIAssertion::~ProcessAndUIAssertion() + 12 (ProcessAssertionIOS.mm:494) 17 WebKit 0x000000018c81700c WebKit::ProcessThrottler::setAssertionType(WebKit::ProcessAssertionType) + 340 (ProcessThrottler.cpp:0) 18 WebKit 0x000000018c8174b8 WebKit::ProcessThrottler::sendPrepareToSuspendIPC(WebKit::IsSuspensionImminent) + 588 (ProcessThrottler.cpp:217) 19 WebKit 0x000000018c816e70 WebKit::ProcessThrottler::removeActivity(WebKit::ProcessThrottler::Activity<(WebKit::ProcessThrottler::ActivityType)0>&) + 112 (ProcessThrottler.cpp:76) 20 WebKit 0x000000018c650f74 WebKit::ProcessThrottler::Activity<(WebKit::ProcessThrottler::ActivityType)0>::invalidate() + 196 (ProcessThrottler.h:94) 21 WebKit 0x000000018c650e94 std::__1::unique_ptr<WebKit::ProcessThrottler::Activity<(WebKit::ProcessThrottler::ActivityType)0>, std::__1::default_delete<WebKit::ProcessThrottler::Activity<(WebKit::ProcessThrottler::ActivityType)0> > >::reset(WebKit::ProcessThrottler::Activity<(WebKit::ProcessThrottler::ActivityType)0>*) + 40 (ProcessThrottler.h:77) 22 WebKit 0x000000018c95be9c WebKit::NetworkProcessProxy::updateProcessAssertion() + 320 (Variant.h:1471) 23 WebKit 0x000000018c89d9c8 WebKit::WebProcessPool::updateProcessAssertions() + 32 (WebProcessPool.cpp:2109) 24 WebKit 0x000000018c8a3364 WebKit::WebProcessProxy::didSetAssertionType(WebKit::ProcessAssertionType) + 404 (Function.h:84) 25 WebKit 0x000000018c817044 WebKit::ProcessThrottler::setAssertionType(WebKit::ProcessAssertionType) + 396 (ProcessThrottler.cpp:135) 26 WebKit 0x000000018c81692c WebKit::ProcessThrottler::prepareToSuspendTimeoutTimerFired() + 144 (ProcessThrottler.cpp:181) 27 JavaScriptCore 0x00000001958fa568 WTF::RunLoop::TimerBase::timerFired(__CFRunLoopTimer*, void*) + 40 (RunLoopCF.cpp:91) 1668289 1 cdumez 2020-07-02 10:43:42 -0700 <rdar://problem/65017909> 1668291 2 403377 cdumez 2020-07-02 10:47:40 -0700 Created attachment 403377 Patch 1668292 3 403377 achristensen 2020-07-02 10:50:30 -0700 Comment on attachment 403377 Patch View in context: https://bugs.webkit.org/attachment.cgi?id=403377&action=review > Source/WebKit/ChangeLog:12 > + to get call again, in which case we may dereference m_activityFromWebProcesses and called > Source/WebKit/UIProcess/Network/NetworkProcessProxy.cpp:1529 > + // function while in the middle of the assignment. during the destructor before setting m_activityFromWebProcesses 1668308 4 cdumez 2020-07-02 11:45:40 -0700 Committed r263852: <https://trac.webkit.org/changeset/263852> 403377 2020-07-02 10:47:40 -0700 2020-07-02 10:50:30 -0700 Patch bug-213891-20200702104740.patch text/plain 2318 cdumez U3VidmVyc2lvbiBSZXZpc2lvbjogMjYzODQ3CmRpZmYgLS1naXQgYS9Tb3VyY2UvV2ViS2l0L0No YW5nZUxvZyBiL1NvdXJjZS9XZWJLaXQvQ2hhbmdlTG9nCmluZGV4IGE2MDRkNTQ4NmJjNWIxYWQy YzU3OWYxOGUyZGNhZjBlYzAyOTI5OWQuLjY3Yzg2NDMwMmJmODdiNmQwYjFhOTViODc4OGEzMGFh ZjlhZDMxNDggMTAwNjQ0Ci0tLSBhL1NvdXJjZS9XZWJLaXQvQ2hhbmdlTG9nCisrKyBiL1NvdXJj ZS9XZWJLaXQvQ2hhbmdlTG9nCkBAIC0xLDMgKzEsMjQgQEAKKzIwMjAtMDctMDIgIENocmlzIER1 bWV6ICA8Y2R1bWV6QGFwcGxlLmNvbT4KKworICAgICAgICBDcmFzaCB1bmRlciBXZWJLaXQ6Ok5l dHdvcmtQcm9jZXNzUHJveHk6OnVwZGF0ZVByb2Nlc3NBc3NlcnRpb24oKQorICAgICAgICBodHRw czovL2J1Z3Mud2Via2l0Lm9yZy9zaG93X2J1Zy5jZ2k/aWQ9MjEzODkxCisgICAgICAgIDxyZGFy Oi8vcHJvYmxlbS82NTAxNzkwOT4KKworICAgICAgICBSZXZpZXdlZCBieSBOT0JPRFkgKE9PUFMh KS4KKworICAgICAgICBUaGUgY3Jhc2ggd2FzIGR1ZSB0byBOZXR3b3JrUHJvY2Vzc1Byb3h5Ojp1 cGRhdGVQcm9jZXNzQXNzZXJ0aW9uKCkgcmUtZW50ZXJpbmcgd2hpbGUKKyAgICAgICAgaW4gdGhl IG1pZGRsZSBvZiB0aGUgYG1fYWN0aXZpdHlGcm9tV2ViUHJvY2Vzc2VzID0gbnVsbHB0cjtgIGFz c2lnbm1lbnQuIENhbGxpbmcKKyAgICAgICAgdGhlIFByb2Nlc3NUaHJvdHRsZXI6OkJhY2tncm91 bmRBY3Rpdml0eSBkZXN0cnVjdG9yLCBjb3VsZCBjYXVzZSB1cGRhdGVQcm9jZXNzQXNzZXJ0aW9u KCkKKyAgICAgICAgdG8gZ2V0IGNhbGwgYWdhaW4sIGluIHdoaWNoIGNhc2Ugd2UgbWF5IGRlcmVm ZXJlbmNlIG1fYWN0aXZpdHlGcm9tV2ViUHJvY2Vzc2VzIGFuZAorICAgICAgICBjcmFzaC4gVG8g YWRkcmVzcyB0aGUgaXNzdWUsIHVzZSBgc3RkOjpleGNoYW5nZShtX2FjdGl2aXR5RnJvbVdlYlBy b2Nlc3NlcywgbnVsbHB0cik7YAorICAgICAgICBpbnN0ZWFkLCBzbyB0aGF0IG1fYWN0aXZpdHlG cm9tV2ViUHJvY2Vzc2VzIGJlY29tZXMgbnVsbCBCRUZPUkUgdGhlIEJhY2tncm91bmRBY3Rpdml0 eQorICAgICAgICBkZXN0cnVjdG9yIGdldHMgY2FsbGVkLiB1cGRhdGVQcm9jZXNzQXNzZXJ0aW9u KCkgd2lsbCBzdGlsbCByZS1lbnRlciBidXQKKyAgICAgICAgbV9hY3Rpdml0eUZyb21XZWJQcm9j ZXNzZXMgd2lsbCBiZSBudWxscHRyIGFuZCB1cGRhdGVQcm9jZXNzQXNzZXJ0aW9uKCkgd2lsbCBk byB0aGUKKyAgICAgICAgcmlnaHQgdGhpbmcuCisKKyAgICAgICAgKiBVSVByb2Nlc3MvTmV0d29y ay9OZXR3b3JrUHJvY2Vzc1Byb3h5LmNwcDoKKyAgICAgICAgKFdlYktpdDo6TmV0d29ya1Byb2Nl c3NQcm94eTo6dXBkYXRlUHJvY2Vzc0Fzc2VydGlvbik6CisKIDIwMjAtMDctMDIgIENhcmxvcyBH YXJjaWEgQ2FtcG9zICA8Y2dhcmNpYUBpZ2FsaWEuY29tPgogCiAgICAgICAgIFVucmV2aWV3ZWQu IEZpeCBHVEs0IGJ1aWxkCmRpZmYgLS1naXQgYS9Tb3VyY2UvV2ViS2l0L1VJUHJvY2Vzcy9OZXR3 b3JrL05ldHdvcmtQcm9jZXNzUHJveHkuY3BwIGIvU291cmNlL1dlYktpdC9VSVByb2Nlc3MvTmV0 d29yay9OZXR3b3JrUHJvY2Vzc1Byb3h5LmNwcAppbmRleCA4ZWUyMjBkYjQyOGVhN2FmZGViMTY0 YjUwODJiNDljMWU0MGE5NGViLi45ZjNhNmQyMWJhZWVhOTM2ZDEwZWQwYWYyYzVmZDgxMGEyZmU5 MGEyIDEwMDY0NAotLS0gYS9Tb3VyY2UvV2ViS2l0L1VJUHJvY2Vzcy9OZXR3b3JrL05ldHdvcmtQ cm9jZXNzUHJveHkuY3BwCisrKyBiL1NvdXJjZS9XZWJLaXQvVUlQcm9jZXNzL05ldHdvcmsvTmV0 d29ya1Byb2Nlc3NQcm94eS5jcHAKQEAgLTE1MjUsNyArMTUyNSw5IEBAIHZvaWQgTmV0d29ya1By b2Nlc3NQcm94eTo6dXBkYXRlUHJvY2Vzc0Fzc2VydGlvbigpCiAgICAgICAgIH0KICAgICAgICAg cmV0dXJuOwogICAgIH0KLSAgICBtX2FjdGl2aXR5RnJvbVdlYlByb2Nlc3NlcyA9IG51bGxwdHI7 CisgICAgLy8gVXNlIHN0ZDo6ZXhjaGFuZ2UoKSBpbnN0ZWFkIG9mIGEgc2ltcGxlIG51bGxwdHIg YXNzaWdubWVudCB0byBhdm9pZCByZS1lbnRlcmluZyB0aGlzCisgICAgLy8gZnVuY3Rpb24gd2hp bGUgaW4gdGhlIG1pZGRsZSBvZiB0aGUgYXNzaWdubWVudC4KKyAgICBzdGQ6OmV4Y2hhbmdlKG1f YWN0aXZpdHlGcm9tV2ViUHJvY2Vzc2VzLCBudWxscHRyKTsKIH0KIAogdm9pZCBOZXR3b3JrUHJv Y2Vzc1Byb3h5OjpyZXNldFF1b3RhKFBBTDo6U2Vzc2lvbklEIHNlc3Npb25JRCwgQ29tcGxldGlv bkhhbmRsZXI8dm9pZCgpPiYmIGNvbXBsZXRpb25IYW5kbGVyKQo=