[Webkit-unassigned] [Bug 203775] New: Crash in ~TrackPrivateBase on iOS 13.2 when using WebRTC to call multiple times

bugzilla-daemon at webkit.org bugzilla-daemon at webkit.org
Fri Nov 1 20:36:20 PDT 2019 

https://bugs.webkit.org/show_bug.cgi?id=203775

            Bug ID: 203775
           Summary: Crash in ~TrackPrivateBase on iOS 13.2 when using
                    WebRTC to call multiple times
           Product: WebKit
           Version: Safari 13
          Hardware: iPhone / iPad
                OS: iOS 13
            Status: NEW
          Severity: Major
          Priority: P2
         Component: WebRTC
          Assignee: webkit-unassigned at lists.webkit.org
          Reporter: adrian.eddy at gmail.com
                CC: youennf at gmail.com

Created attachment 382667

  --> https://bugs.webkit.org/attachment.cgi?id=382667&action=review

crash report

Since iOS 13.2 I experience a lot of crashes in WebRTC with stack trace:

Exception Type:  EXC_BREAKPOINT (SIGTRAP)
Exception Codes: 0x0000000000000001, 0x00000001b0b8cf80
Termination Signal: Trace/BPT trap: 5
Termination Reason: Namespace SIGNAL, Code 0x5
Terminating Process: exc handler [957]
Triggered by Thread:  0

Thread 0 name:  Dispatch queue: com.apple.main-thread
Thread 0 Crashed:
0   WebCore                             0x00000001b0b8cf80 WebCore::TrackPrivateBase::~TrackPrivateBase+ 1539968 () + 0
1   JavaScriptCore                      0x00000001b7bc66bc WTF::dispatchFunctionsFromMainThread+ 157372 () + 316
2   Foundation                          0x00000001a92e224c __NSThreadPerformPerform + 232
3   CoreFoundation                      0x00000001a8e777c4 __CFRUNLOOP_IS_CALLING_OUT_TO_A_SOURCE0_PERFORM_FUNCTION__ + 24
4   CoreFoundation                      0x00000001a8e7771c __CFRunLoopDoSource0 + 80
5   CoreFoundation                      0x00000001a8e76eb4 __CFRunLoopDoSources0 + 180
6   CoreFoundation                      0x00000001a8e72000 __CFRunLoopRun + 1080
7   CoreFoundation                      0x00000001a8e718a0 CFRunLoopRunSpecific + 464
8   Foundation                          0x00000001a91b1824 -[NSRunLoop+ 30756 (NSRunLoop) runMode:beforeDate:] + 228
9   Foundation                          0x00000001a91eb238 -[NSRunLoop+ 266808 (NSRunLoop) run] + 88
10  libxpc.dylib                        0x00000001a8acf1f8 _xpc_objc_main + 304
11  libxpc.dylib                        0x00000001a8ad1b38 xpc_main + 148
12  WebKit                              0x00000001b05c35c0 WebKit::XPCServiceMain+ 1512896 (int, char const**) + 360
13  libdyld.dylib                       0x00000001a8cfc360 start + 4


To reproduce go to https://webrtc.github.io/samples/src/content/peerconnection/pc1/ click Start and then click "Call" and "Hang up" repeatedly multiple times until Safari crashes
It also happens a lot on random video chat type websites, where calls are created and closed multiple times

I also noticed that the crashes are reduced when "playsinline" attribute is removed

Full crash report in the attachment

-- 
You are receiving this mail because:
You are the assignee for the bug.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.webkit.org/pipermail/webkit-unassigned/attachments/20191102/3f40352f/attachment.htm>

More information about the webkit-unassigned mailing list