203775 – Crash in ~TrackPrivateBase on iOS 13.2 when using WebRTC to call multiple times

Bug 203775 - Crash in ~TrackPrivateBase on iOS 13.2 when using WebRTC to call multiple times

Summary: Crash in ~TrackPrivateBase on iOS 13.2 when using WebRTC to call multiple times

Status:	RESOLVED FIXED

Alias:	None

Product:	WebKit
Classification:	Unclassified
Component:	WebRTC (show other bugs)
Version:	Safari 13
Hardware:	iPhone / iPad iOS 13

Importance:	P2 Major
Assignee:	Nobody

URL:
Keywords:

Depends on:
Blocks:

Reported:	2019-11-01 20:36 PDT by Adrian
Modified:	2019-12-12 10:08 PST (History)
CC List:	1 user (show)

See Also:

Attachments
crash report (93.92 KB, text/plain) 2019-11-01 20:36 PDT, Adrian	no flags	Details
View All Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description Adrian 2019-11-01 20:36:20 PDT

Created attachment 382667 [details]
crash report

Since iOS 13.2 I experience a lot of crashes in WebRTC with stack trace:

Exception Type:  EXC_BREAKPOINT (SIGTRAP)
Exception Codes: 0x0000000000000001, 0x00000001b0b8cf80
Termination Signal: Trace/BPT trap: 5
Termination Reason: Namespace SIGNAL, Code 0x5
Terminating Process: exc handler [957]
Triggered by Thread:  0

Thread 0 name:  Dispatch queue: com.apple.main-thread
Thread 0 Crashed:
0   WebCore                       	0x00000001b0b8cf80 WebCore::TrackPrivateBase::~TrackPrivateBase+ 1539968 () + 0
1   JavaScriptCore                	0x00000001b7bc66bc WTF::dispatchFunctionsFromMainThread+ 157372 () + 316
2   Foundation                    	0x00000001a92e224c __NSThreadPerformPerform + 232
3   CoreFoundation                	0x00000001a8e777c4 __CFRUNLOOP_IS_CALLING_OUT_TO_A_SOURCE0_PERFORM_FUNCTION__ + 24
4   CoreFoundation                	0x00000001a8e7771c __CFRunLoopDoSource0 + 80
5   CoreFoundation                	0x00000001a8e76eb4 __CFRunLoopDoSources0 + 180
6   CoreFoundation                	0x00000001a8e72000 __CFRunLoopRun + 1080
7   CoreFoundation                	0x00000001a8e718a0 CFRunLoopRunSpecific + 464
8   Foundation                    	0x00000001a91b1824 -[NSRunLoop+ 30756 (NSRunLoop) runMode:beforeDate:] + 228
9   Foundation                    	0x00000001a91eb238 -[NSRunLoop+ 266808 (NSRunLoop) run] + 88
10  libxpc.dylib                  	0x00000001a8acf1f8 _xpc_objc_main + 304
11  libxpc.dylib                  	0x00000001a8ad1b38 xpc_main + 148
12  WebKit                        	0x00000001b05c35c0 WebKit::XPCServiceMain+ 1512896 (int, char const**) + 360
13  libdyld.dylib                 	0x00000001a8cfc360 start + 4


To reproduce go to https://webrtc.github.io/samples/src/content/peerconnection/pc1/ click Start and then click "Call" and "Hang up" repeatedly multiple times until Safari crashes
It also happens a lot on random video chat type websites, where calls are created and closed multiple times

I also noticed that the crashes are reduced when "playsinline" attribute is removed

Full crash report in the attachment

Comment 1 Alexey Proskuryakov 2019-11-03 10:32:59 PST

Could you please try with the next (upcoming) Safari Technology Preview? This looks like something that should have been fixed via bug 203369.

Thank you for the great report, with steps to reproduce, and a full crash log! I'm sure that Youenn will check too.

Comment 2 Adrian 2019-11-09 04:48:39 PST

It still happens in iOS 13.2.2. Is there Safari Technology Preview for iOS available?

Comment 3 Adrian 2019-11-20 11:43:21 PST

iOS 13.2.3 still affected

Comment 4 Adrian 2019-12-12 10:08:48 PST

Looks like it's fixed in iOS 13.3