Bug 179656

Summary: REGRESSION(r224799): WebKit crashes at launch on macOS Sierra due to a sandbox violation
Product: WebKit Reporter: Ryosuke Niwa <rniwa>
Component: Layout and RenderingAssignee: Nobody <webkit-unassigned>
Status: RESOLVED FIXED    
Severity: Normal CC: bfulgham, dewei_zhu, ryanhaddad, simon.fraser, webkit-bug-importer, zalan
Priority: P2 Keywords: InRadar
Version: WebKit Nightly Build   
Hardware: Unspecified   
OS: Unspecified   
Bug Depends on: 179548    
Bug Blocks:    

Ryosuke Niwa
Reported 2017-11-13 21:40:20 PST
At r224801, Safari crashes upon launch: ASSERTION FAILED: m_process->state() == WebProcessProxy::State::Running /Volumes/Data/webkit2/Source/WebKit/UIProcess/WebPageProxy.cpp(4062) : void WebKit::WebPageProxy::processDidFinishLaunching() 1 0x1029dad0d WTFCrash 2 0x10693f7db WebKit::WebPageProxy::processDidFinishLaunching() 3 0x106b5c90c WebKit::WebProcessProxy::didFinishLaunching(WebKit::ProcessLauncher*, IPC::Connection::Identifier) 4 0x106440869 WebKit::ProcessLauncher::didFinishLaunchingProcess(int, IPC::Connection::Identifier) 5 0x1064424f1 WebKit::ProcessLauncher::launchProcess()::$_0::operator()(NSObject<OS_xpc_object>*) const 6 0x1064423a1 invocation function for block in WebKit::ProcessLauncher::launchProcess() 7 0x7fffabd05f96 _xpc_connection_call_event_handler 8 0x7fffabd07b98 do_mach_notify_port_destroyed 9 0x7fffabd07ad4 _Xmach_notify_port_destroyed 10 0x7fffabd07a76 notify_server 11 0x7fffabd10bdc _xpc_connection_pass2mig 12 0x7fffabd0492d _xpc_connection_mach_event 13 0x7fffaba82726 _dispatch_client_callout4 14 0x7fffaba82999 _dispatch_mach_msg_invoke 15 0x7fffaba927db _dispatch_queue_serial_drain 16 0x7fffaba81497 _dispatch_mach_invoke 17 0x7fffaba89908 _dispatch_main_queue_callback_4CF 18 0x7fff9633dbc9 __CFRUNLOOP_IS_SERVICING_THE_MAIN_DISPATCH_QUEUE__ 19 0x7fff962fec0d __CFRunLoopRun 20 0x7fff962fe114 CFRunLoopRunSpecific 21 0x7fff9585eebc RunCurrentEventLoopInMode 22 0x7fff9585ecf1 ReceiveNextEventCommon 23 0x7fff9585eb26 _BlockUntilNextEventMatchingListInModeWithFilter 24 0x7fff93df7a54 _DPSNextEvent 25 0x7fff945737ee -[NSApplication(NSEvent) _nextEventMatchingEventMask:untilDate:inMode:dequeue:] 26 0x1007ad578 -[BrowserApplication nextEventMatchingMask:untilDate:inMode:dequeue:] 27 0x7fff93dec3db -[NSApplication run] 28 0x7fff93db6e0e NSApplicationMain 29 0x7fffabab2235 start
Attachments
Add attachment proposed patch, testcase, etc.
Ryosuke Niwa
Comment 1 2017-11-13 23:07:03 PST
Actually, I'm hitting the following sandbox violation: com.apple.WebKit.WebContent.Development: Couldn't initialize sandbox profile [/Volumes/Data/webkit2/WebKitBuild/Debug/WebKit.framework/Resources/com.apple.WebProcess.sb], error '/Volumes/Data/webkit2/WebKitBuild/Debug/WebKit.framework/Resources/com.apple.WebProcess.sb:40:21: unbound variable: xpc-service-name-prefix '
Ryosuke Niwa
Comment 2 2017-11-13 23:07:52 PST
This crash only reproduces on Sierra, not High Sierra.
Alexey Proskuryakov
Comment 3 2017-11-13 23:24:51 PST
Ryosuke, can you roll back (or fix) now? Better to not have a broken WebKit overnight.
Ryosuke Niwa
Comment 4 2017-11-13 23:26:37 PST
Committed r224805: <https://trac.webkit.org/changeset/224805>
Ryosuke Niwa
Comment 5 2017-11-13 23:28:14 PST
(In reply to Ryosuke Niwa from comment #4) > Committed r224805: <https://trac.webkit.org/changeset/224805> Temporarily reverted the sandbox change in macOS Sierra as follows: Index: /trunk/Source/WebKit/WebProcess/com.apple.WebProcess.sb.in =================================================================== --- /trunk/Source/WebKit/WebProcess/com.apple.WebProcess.sb.in (revision 224804) +++ /trunk/Source/WebKit/WebProcess/com.apple.WebProcess.sb.in (revision 224805) @@ -26,5 +26,5 @@ (allow system-audit file-read-metadata) -#if __MAC_OS_X_VERSION_MIN_REQUIRED < 101200 +#if __MAC_OS_X_VERSION_MIN_REQUIRED <= 101200 (import "system.sb") #else Please either come up with a proper fix or close the bug based on what you want.
Brent Fulgham
Comment 6 2017-11-14 08:21:48 PST
(In reply to Ryosuke Niwa from comment #5) > (In reply to Ryosuke Niwa from comment #4) > > Committed r224805: <https://trac.webkit.org/changeset/224805> > > Temporarily reverted the sandbox change in macOS Sierra as follows: > > Index: /trunk/Source/WebKit/WebProcess/com.apple.WebProcess.sb.in > =================================================================== > --- /trunk/Source/WebKit/WebProcess/com.apple.WebProcess.sb.in (revision > 224804) > +++ /trunk/Source/WebKit/WebProcess/com.apple.WebProcess.sb.in (revision > 224805) > @@ -26,5 +26,5 @@ > (allow system-audit file-read-metadata) > > -#if __MAC_OS_X_VERSION_MIN_REQUIRED < 101200 > +#if __MAC_OS_X_VERSION_MIN_REQUIRED <= 101200 > (import "system.sb") > #else > > > Please either come up with a proper fix or close the bug based on what you > want. This change is correct -- I should have used <= in the comparison, as we don't want to change behavior pre-High Sierra. Sorry for the inconvenience, and thank you for fixing this.
Ryosuke Niwa
Comment 7 2017-11-14 08:25:17 PST
I think we need to fix the condition per Dan's comment.
Brent Fulgham
Comment 8 2017-11-14 08:37:31 PST
Committed r224816: <https://trac.webkit.org/changeset/224816>
Radar WebKit Bug Importer
Comment 9 2017-11-15 09:32:09 PST
<rdar://problem/35561887>
Note You need to log in before you can comment on or make changes to this bug.