Page MenuHomePhabricator
Create Task
Maniphest T224113

WebKit crashes when quickly exiting an article after loading
Closed, ResolvedPublicBUG REPORT
Actions

Description

How many times were you able to reproduce it?

2ish/10

Steps to reproduce

  1. Search for longer articles and tap through on them
  2. Quickly tap back before they finish loading

Alternate steps

  1. Load article with a lot of images, scroll down quickly
  2. Tap back as images are loading

Expected results

App remains stable

Actual results

App crashes

Environments observed

App version: 6.3
OS versions: 12
Device model: X
Device language: en

Regression?

This is likely a similar issue to the top crash in 6.2.*. The crash seems to have been made more reproducible by changes in 6.3.

Stack traces

6.3 1625

Thread 44 Queue : SessionDelegateDispatchQueue (concurrent)
#0	0x00000001cd945b88 in WTFCrashWithInfo(int, char const*, char const*, int) ()
#1	0x00000001cdb20410 in WebKit::WebProcessProxy::~WebProcessProxy() ()
#2	0x00000001cdb204a0 in WebKit::WebProcessProxy::~WebProcessProxy() ()
#3	0x00000001cda5fbc4 in WebKit::WebURLSchemeTask::~WebURLSchemeTask() ()
#4	0x00000001cda5fb20 in WTF::RefCounted<WebKit::WebURLSchemeTask>::deref() const ()
#5	0x00000001cda5eed0 in -[WKURLSchemeTaskImpl dealloc] ()
#6	0x0000000104e0f5ec in ___lldb_unnamed_symbol521$$Wikipedia ()
#7	0x00000001ec668c68 in _swift_release_dealloc ()
#8	0x00000001062b2134 in outlined consume of Session.Callback? ()
#9	0x00000001062aec14 in closure #1 in SessionDelegate.removeDataCallback(for:) at /Users/wmf/Source/wikipedia-ios/Wikipedia/Code/Session.swift:423
#10	0x00000001060dc95c in thunk for @escaping @callee_guaranteed () -> () ()
#11	0x0000000106a7b6f0 in _dispatch_call_block_and_release ()
#12	0x0000000106a7cc74 in _dispatch_client_callout ()
#13	0x0000000106a8cc3c in _dispatch_lane_concurrent_drain ()
#14	0x0000000106a85928 in _dispatch_lane_invoke ()
#15	0x0000000106a8ddc8 in _dispatch_root_queue_drain ()
#16	0x0000000106a8e7ac in _dispatch_worker_thread2 ()
#17	0x00000001be0751b4 in _pthread_wqthread ()
#18	0x00000001be077cd4 in start_wqthread ()
Enqueued from SessionDelegateDispatchQueue (Thread 44) Queue : SessionDelegateDispatchQueue (serial)
#0	0x0000000106a81600 in dispatch_barrier_async ()
#1	0x00000001ec7514d4 in OS_dispatch_queue.async(group:qos:flags:execute:) ()
#2	0x00000001062aea8c in SessionDelegate.removeDataCallback(for:) at /Users/wmf/Source/wikipedia-ios/Wikipedia/Code/Session.swift:421
#3	0x00000001062afa58 in $defer #1 () in SessionDelegate.urlSession(_:task:didCompleteWithError:) at /Users/wmf/Source/wikipedia-ios/Wikipedia/Code/Session.swift:445
#4	0x00000001062af93c in SessionDelegate.urlSession(_:task:didCompleteWithError:) at /Users/wmf/Source/wikipedia-ios/Wikipedia/Code/Session.swift:444
#5	0x00000001062afb10 in @objc SessionDelegate.urlSession(_:task:didCompleteWithError:) ()
#6	0x00000001bebd8420 in __51-[NSURLSession delegate_task:didCompleteWithError:]_block_invoke.182 ()
#7	0x00000001beeb9ef8 in __NSBLOCKOPERATION_IS_CALLING_OUT_TO_A_BLOCK__ ()
#8	0x00000001bedc63e0 in -[NSBlockOperation main] ()
#9	0x00000001bedc58c8 in -[__NSOperationInternal _start:] ()
#10	0x00000001beebbc7c in __NSOQSchedule_f ()
#11	0x0000000106a7b6f0 in _dispatch_call_block_and_release ()
#12	0x0000000106a7cc74 in _dispatch_client_callout ()
#13	0x0000000106a7fffc in _dispatch_continuation_pop ()
#14	0x0000000106a7f4f0 in _dispatch_async_redirect_invoke ()
#15	0x0000000106a8ddc8 in _dispatch_root_queue_drain ()
#16	0x0000000106a8e7ac in _dispatch_worker_thread2 ()
#17	0x00000001be0751b4 in _pthread_wqthread ()
#18	0x00000001be077cd4 in start_wqthread ()
Enqueued from com.apple.NSURLSession-work (Thread 49) Queue : com.apple.NSURLSession-work (serial)
#0	0x0000000106a81a1c in dispatch_async ()
#1	0x00000001beeb9638 in __NSOQSchedule ()
#2	0x00000001beebaa64 in __addOperations ()
#3	0x00000001bea03d74 in -[NSURLSession delegate_task:didCompleteWithError:] ()
#4	0x00000001bea00a48 in -[__NSCFLocalSessionTask _task_onqueue_didFinish] ()
#5	0x0000000106a7b6f0 in _dispatch_call_block_and_release ()
#6	0x0000000106a7cc74 in _dispatch_client_callout ()
#7	0x0000000106a84bf4 in _dispatch_lane_serial_drain ()
#8	0x0000000106a858b4 in _dispatch_lane_invoke ()
#9	0x0000000106a8f77c in _dispatch_workloop_worker_thread ()
#10	0x00000001be075114 in _pthread_wqthread ()
#11	0x00000001be077cd4 in start_wqthread ()
Enqueued from com.apple.main-thread (Thread 1) Queue : com.apple.main-thread (serial)
#0	0x0000000106a81a1c in dispatch_async ()
#1	0x00000001bea16254 in -[__NSCFURLSessionTask cancel] ()
#2	0x0000000104e0d9c4 in SchemeHandler.webView(_:stop:) at /Users/wmf/Source/wikipedia-ios/Wikipedia/Code/SchemeHandler/SchemeHandler.swift:166
#3	0x0000000104e0dbe4 in @objc SchemeHandler.webView(_:stop:) ()
#4	0x00000001cdad1108 in WebKit::WebURLSchemeHandlerCocoa::platformStopTask(WebKit::WebPageProxy&, WebKit::WebURLSchemeTask&) ()
#5	0x00000001cdb4a158 in WebKit::WebURLSchemeHandler::stopTask(WebKit::WebPageProxy&, unsigned long long) ()
#6	0x00000001cdb4a0d4 in WebKit::WebURLSchemeHandler::stopAllTasksForPage(WebKit::WebPageProxy&) ()
#7	0x00000001cdaf02c0 in WebKit::WebPageProxy::stopAllURLSchemeTasks() ()
#8	0x00000001cdaecda4 in WebKit::WebPageProxy::close() ()
#9	0x00000001cd9388c0 in -[WKWebView dealloc] ()
#10	0x00000001bd649b9c in (anonymous namespace)::AutoreleasePoolPage::pop(void*) ()
#11	0x00000001eb0b89a8 in -[UIView dealloc] ()
#12	0x0000000104b2acd4 in -[WebViewController .cxx_destruct] at /Users/wmf/Source/wikipedia-ios/Wikipedia/Code/WebViewController.m:49
#13	0x00000001bd62e7cc in object_cxxDestructFromClass(objc_object*, objc_class*) ()
#14	0x00000001bd63e6b8 in objc_destructInstance ()
#15	0x00000001bd63e720 in object_dispose ()
#16	0x00000001eac77b28 in -[UIResponder dealloc] ()
#17	0x00000001ea6a0ab0 in -[UIViewController dealloc] ()
#18	0x0000000104b1d4dc in -[WebViewController dealloc] at /Users/wmf/Source/wikipedia-ios/Wikipedia/Code/WebViewController.m:55
#19	0x0000000104ada0f4 in -[WMFArticleViewController .cxx_destruct] at /Users/wmf/Source/wikipedia-ios/Wikipedia/Code/WMFArticleViewController.m:175
#20	0x00000001bd62e7cc in object_cxxDestructFromClass(objc_object*, objc_class*) ()
#21	0x00000001bd63e6b8 in objc_destructInstance ()
#22	0x00000001bd63e720 in object_dispose ()
#23	0x00000001eac77b28 in -[UIResponder dealloc] ()
#24	0x00000001ea6a0ab0 in -[UIViewController dealloc] ()
#25	0x0000000104ac1388 in -[WMFArticleViewController dealloc] at /Users/wmf/Source/wikipedia-ios/Wikipedia/Code/WMFArticleViewController.m:181
#26	0x0000000104a86230 in __destroy_helper_block_e8_32s at /Users/wmf/Source/wikipedia-ios/Wikipedia/Code/SavedArticlesFetcher.m:121
#27	0x00000001bdef0a44 in _Block_release ()
#28	0x000000010604a464 in __destroy_helper_block_e8_32s40s48s56s64s72s80s at /Users/wmf/Source/wikipedia-ios/Wikipedia/Code/WMFNotificationsController.m:202
#29	0x00000001bdef0a44 in _Block_release ()
#30	0x0000000106a7cc74 in _dispatch_client_callout ()
#31	0x0000000106a8a6fc in _dispatch_main_queue_callback_4CF ()
#32	0x00000001be3e6c1c in __CFRUNLOOP_IS_SERVICING_THE_MAIN_DISPATCH_QUEUE__ ()
#33	0x00000001be3e1b54 in __CFRunLoopRun ()
#34	0x00000001be3e10b0 in CFRunLoopRunSpecific ()
#35	0x00000001c05e179c in GSEventRunModal ()
#36	0x00000001eac4d978 in UIApplicationMain ()
#37	0x0000000104b03c38 in main at /Users/wmf/Source/wikipedia-ios/Wikipedia/Code/main.m:47
#38	0x00000001bdea68e0 in start ()

6.2.3

Thread 6 name:
Thread 6 Crashed:
0   WebKit                        	0x000000019bad5bf4 WTFCrashWithInfo(int, char const*, char const*, int) + 20 (Assertions.h:559)
1   WebKit                        	0x000000019bcade08 WebKit::WebProcessProxy::~WebProcessProxy() + 952 (Assertions.h:578)
2   WebKit                        	0x000000019bcade98 WebKit::WebProcessProxy::~WebProcessProxy() + 12 (WebProcessProxy.cpp:157)
3   WebKit                        	0x000000019bbee444 WebKit::WebURLSchemeTask::~WebURLSchemeTask() + 156 (ThreadSafeRefCounted.h:76)
4   WebKit                        	0x000000019bbee3a0 WTF::RefCounted<WebKit::WebURLSchemeTask>::deref() const + 32 (WebURLSchemeTask.h:54)
5   WebKit                        	0x000000019bbed750 -[WKURLSchemeTaskImpl dealloc] + 60 (Ref.h:60)
6   libsystem_blocks.dylib        	0x000000018c0d0a44 _Block_release + 152 (runtime.cpp:177)
7   libsystem_blocks.dylib        	0x000000018c0d0a44 _Block_release + 152 (runtime.cpp:177)
8   CFNetwork                     	0x000000018cc1c354 __destroy_helper_block_e8_32o40o48b + 28 (LocalSessionTask.mm:520)
9   libsystem_blocks.dylib        	0x000000018c0d0a44 _Block_release + 152 (runtime.cpp:177)
10  Foundation                    	0x000000018cfa5aa0 -[NSBlockOperation dealloc] + 64 (NSOperation.m:1523)
11  Foundation                    	0x000000018d0339d0 __destroy_helper_block_e8_32o40o + 28 (NSProgressRegistrar.m:379)
12  libsystem_blocks.dylib        	0x000000018c0d0a44 _Block_release + 152 (runtime.cpp:177)
13  libdispatch.dylib             	0x000000018c0757d4 _dispatch_client_callout + 16 (object.m:511)
14  libdispatch.dylib             	0x000000018c01a018 _dispatch_continuation_pop$VARIANT$mp + 412 (inline_internal.h:2441)
15  libdispatch.dylib             	0x000000018c0196dc _dispatch_async_redirect_invoke + 600 (queue.c:796)
16  libdispatch.dylib             	0x000000018c02602c _dispatch_root_queue_drain + 372 (inline_internal.h:2482)
17  libdispatch.dylib             	0x000000018c0268d0 _dispatch_worker_thread2 + 128 (queue.c:6072)
18  libsystem_pthread.dylib       	0x000000018c2551b4 _pthread_wqthread + 464 (pthread.c:2361)
19  libsystem_pthread.dylib       	0x000000018c257cd4 start_wqthread + 4
Content licensed under Creative Commons Attribution-ShareAlike (CC BY-SA) 4.0 unless otherwise noted; code licensed under GNU General Public License (GPL) 2.0 or later and other open source licenses. By using this site, you agree to the Terms of Use, Privacy Policy, and Code of Conduct. · Wikimedia Foundation · Privacy Policy · Code of Conduct · Terms of Use · Disclaimer · CC-BY-SA · GPL