How to debug ios Webkit crash

Question

Created 23h

Replies 2

Boosts 0

Participants 2

We have an iphone app that has an embedded webview using webkit, and we found the app crashes when we navigate to an specifc internal website.

When I opened the ips file I see this stacktrace on the com.apple.main-thread

WebCore::JSDOMRect::subspaceForImpl(JSC::VM&)
WebCore::JSDOMRect::create(JSC::Structure*, WebCore::JSDOMGlobalObject*, WTF::Ref<WebCore::DOMRect, WTF::RawPtrTraits<WebCore::DOMRect>, WTF::DefaultRefDerefTraits<WebCore::DOMRect>>&&)
WebCore::toJSNewlyCreated(JSC::JSGlobalObject*, WebCore::JSDOMGlobalObject*, WTF::Ref<WebCore::DOMRect, WTF::RawPtrTraits<WebCore::DOMRect>, WTF::DefaultRefDerefTraits<WebCore::DOMRect>>&&)
JSC::JSValue WebCore::CloneDeserializer::readDOMRect<WebCore::DOMRect>()
WebCore::CloneDeserializer::readTerminal()
WebCore::CloneDeserializer::deserialize()
WebCore::SerializedScriptValue::deserialize(JSC::JSGlobalObject&, JSC::JSGlobalObject*, WTF::Vector<WTF::Ref<WebCore::MessagePort, WTF::RawPtrTraits<WebCore::MessagePort>, WTF::DefaultRefDerefTrait
WebCore::SerializedScriptValue::deserialize(JSC::JSGlobalObject&, JSC::JSGlobalObject*, WebCore::SerializationErrorMode, bool*)
WebCore::SerializedScriptValue::deserialize(OpaqueJSContext const*, OpaqueJSValue const**)
API::SerializedScriptValue::deserialize(WebCore::SerializedScriptValue&)
ScriptMessageHandlerDelegate::didPostMessage(WebKit::WebPageProxy&, WebKit::FrameInfoData&&, API::ContentWorld&, WebCore::SerializedScriptValue&)
WebKit::WebUserContentControllerProxy::didPostMessage(WTF::ObjectIdentifierGeneric<WebKit::WebPageProxyIdentifierType, WTF::ObjectIdentifierMainThreadAccessTraits<unsigned long long>, unsigned lon
WebKit::WebUserContentControllerProxy::didReceiveMessage(IPC::Connection&, IPC::Decoder&)
IPC::MessageReceiverMap::dispatchMessage(IPC::Connection&, IPC::Decoder&)
WebKit::WebProcessProxy::dispatchMessage(IPC::Connection&, IPC::Decoder&)
WebKit::WebProcessProxy::didReceiveMessage(IPC::Connection&, IPC::Decoder&)
IPC::Connection::dispatchMessage(WTF::UniqueRef<IPC::Decoder>)
IPC::Connection::dispatchIncomingMessages()
WTF::RunLoop::performWork()
WTF::RunLoop::performWork(void*)
__CFRUNLOOP_IS_CALLING_OUT_TO_A_SOURCE0_PERFORM_FUNCTION__
__CFRunLoopDoSource0
__CFRunLoopDoSources0
__CFRunLoopRun
CFRunLoopRunSpecific
GSEventRunModal
-[UIApplication _run]
UIApplicationMain
main
start

I assume something is crashing after deserializing a JSDomRect.

This is crashing on an Iphone 13 with os 18.6.2 but this doesn't crash on iphone 11 os 26.0

I'm executing the app from xcode and I'm not able to see the stacktrace listed before in xcode, to be able to see variables and to understand what is being deserialized.

I've also tried using safari mac develop, but safari stops debugging as soon as the app crashes.

I've also tried attaching a remote process into the webkit I've downloaded from here https://webkit.org/getting-the-code/ but didn't have luck so far.

Do you know how can I debug what's causing the crash?

Boost

Answer 1

DTS Engineer OP

Apple

13h

Our engineering teams need to investigate this issue, as resolution may involve changes to Apple's software. Please file a bug report, include a small Xcode project and some directions that can be used to reproduce the problem, and post the Feedback number here once you do. If you post the Feedback number here I'll check the status next time I do a sweep of forums posts where I've suggested bug reports.

Bug Reporting: How and Why? has tips on creating your bug report.

0

Answer 2

MiguelMPG OP

12h

Ah ok thanks, I'll report the bug. It will be difficult to include a small xcode project as the crash is happening with an specific internal website.

I forget to mention that the crash is

"type": "EXC_BAD_ACCESS", "signal": "SIGSEGV", "subtype": "KERN_INVALID_ADDRESS at 0x0000000000005d80"

Thanks

0