[webkit-changes] [WebKit/WebKit] 68a3b2: ASSERTION FAILED: iterator != m_sessionToPageIDsMa...

Mon, 22 Dec 2025 23:25:57 -0800 

  Branch: refs/heads/main
  Home:   https://github.com/WebKit/WebKit
  Commit: 68a3b2f07d2e7905d5ef0260d04efb3f49997873
      
https://github.com/WebKit/WebKit/commit/68a3b2f07d2e7905d5ef0260d04efb3f49997873
  Author: Sihui Liu <[email protected]>
  Date:   2025-12-22 (Mon, 22 Dec 2025)

  Changed paths:
    M Source/WebKit/UIProcess/WebPageProxy.cpp

  Log Message:
  -----------
  ASSERTION FAILED: iterator != m_sessionToPageIDsMap.end() in 
WebProcessPool::pageEndUsingWebsiteDataStore
https://bugs.webkit.org/show_bug.cgi?id=304518
rdar://164973265

Reviewed by Chris Dumez.

According to crash log, the assertion failure can happen in the following flow:
1. WKWebView performs navigation and provisional load is committed: 
WebPageProxy::commitProvisionalPage() is invoked.
2. WebProcessProxy::removeWebPage() is invoked with 
WebPageProxy::m_legacyMainFrameProcess, which may shut down the web
process.
3. When web process is shut down, async message reply handlers will be invoked 
immediately, and some WebKit API
completion handler can get invoked. In the completeion handler, WebKit client 
might ask to close the WKWebView.
4. WebPageProxy::close() invokes WebProcessProxy::removeWebPage() with the same 
WebPageProxy::m_legacyMainFrameProcess
and WebPageProxy::m_webisteDataStore again. The assertion fails as 
`WebProcessPool::pageEndUsingWebsiteDataStore()`
notices WebPageProxy is not using the WebsiteDataStore (the usage is removed in 
the first removeWebPage() call).

To fix this problem, this patch defers web process shutdown in step 2 to after 
WebPageProxy::swapToProvisionalPage()
updates WebPageProxy::m_legacyMainFrameProcess and 
WebPageProxy::m_webisteDataStore (it also invokes
WebProcessPool::addExistingWebPage()), so that when WebPageProxy::close() is 
invoked as in step 4,
WebProcessProxy::removeWebPage() will be called on updated WebProcessProxy with 
updated WebsiteDataStore.

* Source/WebKit/UIProcess/WebPageProxy.cpp:
(WebKit::WebPageProxy::commitProvisionalPage):

Canonical link: https://commits.webkit.org/304892@main



To unsubscribe from these emails, change your notification settings at 
https://github.com/WebKit/WebKit/settings/notifications

Reply via email to