I found an crash that webcore call UI API not on main thread, this maybe happened from iOS15.3, the call stack like this: Thread 29(Crashed) 1 CoreFoundation __exceptionPreprocess (in CoreFoundation) + 220 2 libobjc.A.dylib objc_exception_throw (in libobjc.A.dylib) + 60 3 Foundation _userInfoForFileAndLine (in Foundation) + 0 4 UIKitCore -[_UISimpleFenceProvider trackSystemAnimationFence:] (in UIKitCore) + 204 5 UIKitCore -[UIApplication _trackSystemAnimationFence:] (in UIKitCore) + 88 6 UIKitCore +[UIWindow _synchronizeDrawingWithFence:preCommitHandler:] (in UIKitCore) + 92 7 UIKitCore -[UIScene _synchronizeDrawingWithFence:] (in UIKitCore) + 76 8 UIKitCore -[_UIRemoteKeyboards prepareToMoveKeyboard:withIAV:isIAVRelevant:showing:notifyRemote:forScene:] (in UIKitCore) + 1216 9 UIKitCore -[UIKeyboardSceneDelegate prepareToMoveKeyboardForInputViewSet:animationStyle:] (in UIKitCore) + 488 10 UIKitCore -[UIKeyboardSceneDelegate setKeyWindowSceneInputViews:animationStyle:] (in UIKitCore) + 660 11 UIKitCore -[UIKeyboardSceneDelegate setInputViews:animationStyle:] (in UIKitCore) + 256 12 UIKitCore -[UIKeyboardSceneDelegate setInputViews:animated:] (in UIKitCore) + 100 13 UIKitCore -[UIKeyboardSceneDelegate setInputViews:] (in UIKitCore) + 80 14 UIKitCore __71-[UIKeyboardSceneDelegate _reloadInputViewsForKeyWindowSceneResponder:]_block_invoke.713 (in UIKitCore) + 40 15 UIKitCore -[UIKeyboardSceneDelegate _reloadInputViewsForKeyWindowSceneResponder:] (in UIKitCore) + 3936 16 UIKitCore -[UIKeyboardSceneDelegate _reloadInputViewsForResponder:] (in UIKitCore) + 164 17 UIKitCore -[UIKeyboardSceneDelegate _preserveInputViewsWithId:animated:reset:] (in UIKitCore) + 140 18 UIKitCore -[UIViewController _presentViewController:modalSourceViewController:presentationController:animationController:interactionController:completion:] (in UIKitCore) + 1292 19 UIKitCore -[UIViewController _presentViewController:withAnimationController:completion:] (in UIKitCore) + 3972 20 UIKitCore __63-[UIViewController _presentViewController:animated:completion:]_block_invoke (in UIKitCore) + 108 21 UIKitCore -[UIViewController _performCoordinatedPresentOrDismiss:animated:] (in UIKitCore) + 536 22 UIKitCore -[UIViewController _presentViewController:animated:completion:] (in UIKitCore) + 208 23 UIKitCore -[UIViewController presentViewController:animated:completion:] (in UIKitCore) + 188 24 WebKit WebKit::alertForPermission(WebKit::WebPageProxy&, WebKit::MediaPermissionReason, WebCore::SecurityOriginData const&, WTF::CompletionHandler<void (bool)>&&) (in WebKit) + 1764 25 WebKit WebKit::UserMediaPermissionRequestProxy::promptForGetUserMedia() (in WebKit) + 216 26 WebKit WTF::Detail::CallableWrapper<WebKit::UserMediaPermissionRequestManagerProxy::processUserMediaPermissionValidRequest(WTF::Vector<WebCore::CaptureDevice, 0ul, WTF::CrashOnOverflow, 16ul, WTF::FastMalloc>&&, WTF::Vector<WebCore::CaptureDevice, 0ul, WTF::CrashOnOverflow, 16ul, WTF::FastMalloc>&&, WTF::String&&)::$_10, void, bool>::call(bool) (in WebKit) + 324 27 WebKit WTF::CompletionHandler<void (bool)>::operator()(bool) (in WebKit) + 72 28 WebKit WTF::Detail::CallableWrapper<WebKit::UserMediaPermissionRequestManagerProxy::processUserMediaPermissionRequest()::$_0::operator()(WTF::String&&)::'lambda'(WTF::Vector<WebCore::CaptureDevice, 0ul, WTF::CrashOnOverflow, 16ul, WTF::FastMalloc>&&, WTF::Vector<WebCore::CaptureDevice, 0ul, WTF::CrashOnOverflow, 16ul, WTF::FastMalloc>&&, WTF::String&&), void, WTF::Vector<WebCore::CaptureDevice, 0ul, WTF::CrashOnOverflow, 16ul, WTF::FastMalloc>&&, WTF::Vector<WebCore::CaptureDevice, 0ul, WTF::CrashOnOverflow, 16ul, WTF::FastMalloc>&&, WTF::String&&>::call(WTF::Vector<WebCore::CaptureDevice, 0ul, WTF::CrashOnOverflow, 16ul, WTF::FastMalloc>&&, WTF::Vector<WebCore::CaptureDevice, 0ul, WTF::CrashOnOverflow, 16ul, WTF::FastMalloc>&&, WTF::String&&) (in WebKit) + 3172 29 WebCore WebCore::RealtimeMediaSourceCenter::validateRequestConstraintsAfterEnumeration(WTF::Function<void (WTF::Vector<WebCore::CaptureDevice, 0ul, WTF::CrashOnOverflow, 16ul, WTF::FastMalloc>&&, WTF::Vector<WebCore::CaptureDevice, 0ul, WTF::CrashOnOverflow, 16ul, WTF::FastMalloc>&&, WTF::String&&)>&&, WTF::Function<void (WTF::String const&)>&&, WebCore::MediaStreamRequest const&, WTF::String&&) (in WebCore) + 820 30 WebCore WTF::Detail::CallableWrapper<WebCore::RealtimeMediaSourceCenter::enumerateDevices(bool, bool, bool, bool, WTF::CompletionHandler<void ()>&&)::$_42, void>::~CallableWrapper() (in WebCore) + 168 31 WebCore HandleRunSource(void*) (in WebCore) + 660 32 CoreFoundation __CFRUNLOOP_IS_CALLING_OUT_TO_A_SOURCE0_PERFORM_FUNCTION__ (in CoreFoundation) + 28 33 CoreFoundation __CFRunLoopDoSource0 (in CoreFoundation) + 208 34 CoreFoundation __CFRunLoopDoSources0 (in CoreFoundation) + 268 35 CoreFoundation __CFRunLoopRun (in CoreFoundation) + 828 36 CoreFoundation CFRunLoopRunSpecific (in CoreFoundation) + 600 37 WebCore RunWebThread(void*) (in WebCore) + 760 38 libsystem_pthread.dylib _pthread_start (in libsystem_pthread.dylib) + 148 39 libsystem_pthread.dylib thread_start (in libsystem_pthread.dylib) + 8 I'm sorry that I can't attach an standard crash report since we used a custom crash report system, hope related people can check your internal crash logs for this crash!
Could you locate the console log message that should have been generated by the exception? It might give us a clue about the cause.
There is an assertion in -[_UISimpleFenceProvider trackSystemAnimationFence:] that says "main thread only", and we are clearly calling it on WebThread. And this seems like a weird mix of WebKit and WebKitLegacy code?
<rdar://problem/96305779>
(In reply to Alexey Proskuryakov from comment #2) > And this seems like a weird mix of WebKit and WebKitLegacy code? There is no WK1 here. The symbol names are confusing because some of the code is exported from the WebCore framework and called from WebKit. This is because media capture and enumeration was originally done in the web process, but is now spread among the UI, GPU, and web processes.
Pull request: https://github.com/WebKit/WebKit/pull/2009
Committed 252189@main (4dbd5bdfdbf7): <https://commits.webkit.org/252189@main> Reviewed commits have been landed. Closing PR #2009 and removing active labels.
still happened on iOS16.3 !!!!!
(In reply to 894110476 from comment #7) > still happened on iOS16.3 !!!!! Can you please attach a log of the crash on 16.3?
`UserMediaPermissionRequestProxy::promptForGetUserMedia` is only called when getUserMedia is used in an application that does not implement `[WKUIDelegate webView:requestMediaCapturePermissionForOrigin:initiatedByFrame:type:decisionHandler:]`. I was not able to reproduce this crash by opening https://webrtc.github.io/samples/src/content/devices/input-output in MobileMiniBrowser.
(In reply to Eric Carlson from comment #9) > `UserMediaPermissionRequestProxy::promptForGetUserMedia` is only called when > getUserMedia is used in an application that does not implement > `[WKUIDelegate > webView:requestMediaCapturePermissionForOrigin:initiatedByFrame:type: > decisionHandler:]`. > > I was not able to reproduce this crash by opening > https://webrtc.github.io/samples/src/content/devices/input-output in > MobileMiniBrowser. YES, my application didn't implement `[WKUIDelegate webView:requestMediaCapturePermissionForOrigin:initiatedByFrame:type: decisionHandler:]`, it is confused that we can't reproduce it and which scene webkit called UI api not on main thread? crash stack on iOS 16.3 like this: thread 18 1 CoreFoundation __exceptionPreprocess (in CoreFoundation) + 164 2 libobjc.A.dylib objc_exception_throw (in libobjc.A.dylib) + 60 3 Foundation _userInfoForFileAndLine (in Foundation) + 0 4 UIKitCore -[UIApplication _performAfterCATransactionCommitsWithLegacyRunloopObserverBasedTiming:block:] (in UIKitCore) + 408 5 UIKitCore -[UIApplication _updateSerializableKeyCommandsForResponder:] (in UIKitCore) + 200 6 UIKitCore -[UIViewController setChildModalViewController:] (in UIKitCore) + 168 7 UIKitCore -[UIViewController _presentViewController:modalSourceViewController:presentationController:animationController:interactionController:completion:] (in UIKitCore) + 496 8 UIKitCore -[UIViewController _presentViewController:withAnimationController:completion:] (in UIKitCore) + 3144 9 UIKitCore __63-[UIViewController _presentViewController:animated:completion:]_block_invoke (in UIKitCore) + 92 10 UIKitCore -[UIViewController _performCoordinatedPresentOrDismiss:animated:] (in UIKitCore) + 396 11 UIKitCore -[UIViewController _presentViewController:animated:completion:] (in UIKitCore) + 188 12 UIKitCore -[UIViewController presentViewController:animated:completion:] (in UIKitCore) + 164 13 WebKit WebKit::alertForPermission(WebKit::WebPageProxy&, WebKit::MediaPermissionReason, WebCore::SecurityOriginData const&, WTF::CompletionHandler<void (bool)>&&) (in WebKit) + 1684 14 WebKit WebKit::UserMediaPermissionRequestProxy::promptForGetUserMedia() (in WebKit) + 220 15 WebKit WTF::Detail::CallableWrapper<WebKit::UserMediaPermissionRequestManagerProxy::processUserMediaPermissionValidRequest(WTF::Vector<WebCore::CaptureDevice, 0ul, WTF::CrashOnOverflow, 16ul, WTF::FastMalloc>&&, WTF::Vector<WebCore::CaptureDevice, 0ul, WTF::CrashOnOverflow, 16ul, WTF::FastMalloc>&&, WebCore::MediaDeviceHashSalts&&)::$_11, void, bool>::call(bool) (in WebKit) + 304 16 WebKit WTF::CompletionHandler<void (bool)>::operator()(bool) (in WebKit) + 64 17 WebKit WTF::Detail::CallableWrapper<WebKit::UserMediaPermissionRequestManagerProxy::processUserMediaPermissionRequest()::$_1::operator()(WTF::String&&)::'lambda'(WTF::Vector<WebCore::CaptureDevice, 0ul, WTF::CrashOnOverflow, 16ul, WTF::FastMalloc>&&, WTF::Vector<WebCore::CaptureDevice, 0ul, WTF::CrashOnOverflow, 16ul, WTF::FastMalloc>&&), void, WTF::Vector<WebCore::CaptureDevice, 0ul, WTF::CrashOnOverflow, 16ul, WTF::FastMalloc>&&, WTF::Vector<WebCore::CaptureDevice, 0ul, WTF::CrashOnOverflow, 16ul, WTF::FastMalloc>&&>::call(WTF::Vector<WebCore::CaptureDevice, 0ul, WTF::CrashOnOverflow, 16ul, WTF::FastMalloc>&&, WTF::Vector<WebCore::CaptureDevice, 0ul, WTF::CrashOnOverflow, 16ul, WTF::FastMalloc>&&) (in WebKit) + 2672 18 WebCore WebCore::RealtimeMediaSourceCenter::validateRequestConstraintsAfterEnumeration(WTF::Function<void (WTF::Vector<WebCore::CaptureDevice, 0ul, WTF::CrashOnOverflow, 16ul, WTF::FastMalloc>&&, WTF::Vector<WebCore::CaptureDevice, 0ul, WTF::CrashOnOverflow, 16ul, WTF::FastMalloc>&&)>&&, WTF::Function<void (WTF::String const&)>&&, WebCore::MediaStreamRequest const&, WebCore::MediaDeviceHashSalts&&) (in WebCore) + 1628 19 WebCore WTF::Detail::CallableWrapper<WebCore::RealtimeMediaSourceCenter::enumerateDevices(bool, bool, bool, bool, WTF::CompletionHandler<void ()>&&)::$_30, void>::~CallableWrapper() (in WebCore) + 168 20 WebCore HandleRunSource(void*) (in WebCore) + 660 21 CoreFoundation __CFRUNLOOP_IS_CALLING_OUT_TO_A_SOURCE0_PERFORM_FUNCTION__ (in CoreFoundation) + 28 ... 26 WebCore RunWebThread(void*) (in WebCore) + 756
Pull request: https://github.com/WebKit/WebKit/pull/10448
Committed 260619@main (f3eb8e384292): <https://commits.webkit.org/260619@main> Reviewed commits have been landed. Closing PR #10448 and removing active labels.