213165 2020-06-13 09:32:18 -0700 Fix Overrelease in makeFailureSetForAllTextManipulationItems 2020-06-13 14:05:27 -0700 1 1 1 Unclassified WebKit WebKit2 WebKit Nightly Build Unspecified Unspecified RESOLVED FIXED InRadar P2 Critical --- 1 rhoule webkit-unassigned darin rniwa webkit-bug-importer wenson_hsieh oldest_to_newest 1662364 0 rhoule 2020-06-13 09:32:18 -0700 The following line of code in Source/WebKit/UIProcess/API/Cocoa/WKWebView.mm: RetainPtr<NSMutableArray> wkFailures = adoptNS([[[NSMutableArray alloc] initWithCapacity:items.count] autorelease]); causes an overrelease when the autorelease pool is drained. 1662366 1 401838 rhoule 2020-06-13 09:38:00 -0700 Created attachment 401838 Proposed fix V1 1662386 2 401838 wenson_hsieh 2020-06-13 11:12:42 -0700 Comment on attachment 401838 Proposed fix V1 Good catch! 1662388 3 401838 wenson_hsieh 2020-06-13 11:14:24 -0700 Comment on attachment 401838 Proposed fix V1 View in context: https://bugs.webkit.org/attachment.cgi?id=401838&action=review > Source/WebKit/ChangeLog:3 > + https://bugs.webkit.org/show_bug.cgi?id=213165 The fix looks good to me, but please add the bug title here as well. 1662398 4 401846 rhoule 2020-06-13 11:44:40 -0700 Created attachment 401846 Proposed Fix V2 1662401 5 ews-feeder 2020-06-13 12:06:29 -0700 Committed r263004: <https://trac.webkit.org/changeset/263004> All reviewed patches have been landed. Closing bug and clearing flags on attachment 401846. 1662402 6 webkit-bug-importer 2020-06-13 12:07:16 -0700 <rdar://problem/64331098> 1662424 7 darin 2020-06-13 14:02:31 -0700 Someone should grep "adopt.+autorelease" across the whole source tree to see if we made the identical mistake in the exact same way elsewhere. I’d do myself if I had source checked out on a readily accessible computer, but that might not happen for a few days. 1662425 8 rhoule 2020-06-13 14:03:55 -0700 I did grep the entire tree. This was the only problematic entry. 1662426 9 darin 2020-06-13 14:05:27 -0700 (In reply to Richard Houle from comment #8) > I did grep the entire tree. Great. Thanks! 401838 2020-06-13 09:38:00 -0700 2020-06-13 11:44:40 -0700 Proposed fix V1 0001-Fix-Overrelease-in-makeFailureSetForAllTextManipulat.patch text/plain 2107 rhoule RnJvbSBmZjg3OWVjMzhhZWEzYTg2ZWRmMmQ5NjVhNDBlMWI1Y2RiZWFjMzFmIE1vbiBTZXAgMTcg MDA6MDA6MDAgMjAwMQpGcm9tOiBSaWNoYXJkIEhvdWxlIDxyaG91bGVAYXBwbGUuY29tPgpEYXRl OiBTYXQsIDEzIEp1biAyMDIwIDA5OjI4OjAxIC0wNzAwClN1YmplY3Q6IFtQQVRDSF0gRml4IE92 ZXJyZWxlYXNlIGluIG1ha2VGYWlsdXJlU2V0Rm9yQWxsVGV4dE1hbmlwdWxhdGlvbkl0ZW1zCiBo dHRwczovL2J1Z3Mud2Via2l0Lm9yZy9zaG93X2J1Zy5jZ2k/aWQ9MjEzMTY1IDxyZGFyOi8vcHJv YmxlbS82MTM4OTE2ND4KCi0tLQogU291cmNlL1dlYktpdC9DaGFuZ2VMb2cgICAgICAgICAgICAg ICAgICAgICAgICB8IDEwICsrKysrKysrKysKIFNvdXJjZS9XZWJLaXQvVUlQcm9jZXNzL0FQSS9D b2NvYS9XS1dlYlZpZXcubW0gfCAgMiArLQogMiBmaWxlcyBjaGFuZ2VkLCAxMSBpbnNlcnRpb25z KCspLCAxIGRlbGV0aW9uKC0pCgpkaWZmIC0tZ2l0IGEvU291cmNlL1dlYktpdC9DaGFuZ2VMb2cg Yi9Tb3VyY2UvV2ViS2l0L0NoYW5nZUxvZwppbmRleCA5OGNjNTE1MTJjOC4uZjhhMzdhNGRiODMg MTAwNjQ0Ci0tLSBhL1NvdXJjZS9XZWJLaXQvQ2hhbmdlTG9nCisrKyBiL1NvdXJjZS9XZWJLaXQv Q2hhbmdlTG9nCkBAIC0xLDMgKzEsMTMgQEAKKzIwMjAtMDYtMTMgIFJpY2hhcmQgSG91bGUgIDxy aG91bGVAYXBwbGUuY29tPgorCisgICAgICAgIGh0dHBzOi8vYnVncy53ZWJraXQub3JnL3Nob3df YnVnLmNnaT9pZD0yMTMxNjUKKyAgICAgICAgPHJkYXI6Ly9wcm9ibGVtLzYxMzg5MTY0PgorCisg ICAgICAgIFJldmlld2VkIGJ5IE5PQk9EWSAoT09QUyEpLgorCisgICAgICAgICogVUlQcm9jZXNz L0FQSS9Db2NvYS9XS1dlYlZpZXcubW06CisgICAgICAgIChtYWtlRmFpbHVyZVNldEZvckFsbFRl eHRNYW5pcHVsYXRpb25JdGVtcyk6CisKIDIwMjAtMDYtMTIgIEJyaWFuIEJ1cmcgIDxiYnVyZ0Bh cHBsZS5jb20+CiAKICAgICAgICAgQXV0b21hdGlvbi5jb21wdXRlRWxlbWVudExheW91dCBzaG91 bGQgcmV0dXJuIGlmcmFtZS1yZWxhdGl2ZSBlbGVtZW50IHJlY3RzICh3aGVuIGNvb3JkaW5hdGUg c3lzdGVtIGlzICdQYWdlJykKZGlmZiAtLWdpdCBhL1NvdXJjZS9XZWJLaXQvVUlQcm9jZXNzL0FQ SS9Db2NvYS9XS1dlYlZpZXcubW0gYi9Tb3VyY2UvV2ViS2l0L1VJUHJvY2Vzcy9BUEkvQ29jb2Ev V0tXZWJWaWV3Lm1tCmluZGV4IGE0ZmYwMzhhNjEwLi41NTU4ODhhMTA0YyAxMDA2NDQKLS0tIGEv U291cmNlL1dlYktpdC9VSVByb2Nlc3MvQVBJL0NvY29hL1dLV2ViVmlldy5tbQorKysgYi9Tb3Vy Y2UvV2ViS2l0L1VJUHJvY2Vzcy9BUEkvQ29jb2EvV0tXZWJWaWV3Lm1tCkBAIC0xNzA5LDcgKzE3 MDksNyBAQCBzdGF0aWMgV2ViQ29yZTo6VGV4dE1hbmlwdWxhdGlvbkNvbnRyb2xsZXI6OlRva2Vu SWRlbnRpZmllciBjb3JlVGV4dE1hbmlwdWxhdGlvbgogCiBzdGF0aWMgUmV0YWluUHRyPE5TTXV0 YWJsZUFycmF5PiBtYWtlRmFpbHVyZVNldEZvckFsbFRleHRNYW5pcHVsYXRpb25JdGVtcyhOU0Fy cmF5PF9XS1RleHRNYW5pcHVsYXRpb25JdGVtICo+ICppdGVtcykKIHsKLSAgICBSZXRhaW5QdHI8 TlNNdXRhYmxlQXJyYXk+IHdrRmFpbHVyZXMgPSBhZG9wdE5TKFtbW05TTXV0YWJsZUFycmF5IGFs bG9jXSBpbml0V2l0aENhcGFjaXR5Oml0ZW1zLmNvdW50XSBhdXRvcmVsZWFzZV0pOworICAgIFJl dGFpblB0cjxOU011dGFibGVBcnJheT4gd2tGYWlsdXJlcyA9IGFkb3B0TlMoW1tOU011dGFibGVB cnJheSBhbGxvY10gaW5pdFdpdGhDYXBhY2l0eTppdGVtcy5jb3VudF0pOwogICAgIGZvciAoX1dL VGV4dE1hbmlwdWxhdGlvbkl0ZW0gKml0ZW0gaW4gaXRlbXMpCiAgICAgICAgIFt3a0ZhaWx1cmVz IGFkZE9iamVjdDpbTlNFcnJvciBlcnJvcldpdGhEb21haW46X1dLVGV4dE1hbmlwdWxhdGlvbkl0 ZW1FcnJvckRvbWFpbiBjb2RlOl9XS1RleHRNYW5pcHVsYXRpb25JdGVtRXJyb3JOb3RBdmFpbGFi bGUgdXNlckluZm86QHtfV0tUZXh0TWFuaXB1bGF0aW9uSXRlbUVycm9ySXRlbUtleTogaXRlbX1d XTsKICAgICByZXR1cm4gd2tGYWlsdXJlczsKLS0gCjIuMjQuMyAoQXBwbGUgR2l0LTEyOCkKCg== 401846 2020-06-13 11:44:40 -0700 2020-06-13 12:06:29 -0700 Proposed Fix V2 0001-Fix-Overrelease-in-makeFailureSetForAllTextManipulat.patch text/plain 2154 rhoule RnJvbSBhNGExY2U5YTRiNTk1ZmZmOGNkMTEyNjczODczMjI0YTA3MjQ0M2U2IE1vbiBTZXAgMTcg MDA6MDA6MDAgMjAwMQpGcm9tOiBSaWNoYXJkIEhvdWxlIDxyaG91bGVAYXBwbGUuY29tPgpEYXRl OiBTYXQsIDEzIEp1biAyMDIwIDA5OjI4OjAxIC0wNzAwClN1YmplY3Q6IFtQQVRDSF0gRml4IE92 ZXJyZWxlYXNlIGluIG1ha2VGYWlsdXJlU2V0Rm9yQWxsVGV4dE1hbmlwdWxhdGlvbkl0ZW1zCiBo dHRwczovL2J1Z3Mud2Via2l0Lm9yZy9zaG93X2J1Zy5jZ2k/aWQ9MjEzMTY1IDxyZGFyOi8vcHJv YmxlbS82MTM4OTE2ND4KCi0tLQogU291cmNlL1dlYktpdC9DaGFuZ2VMb2cgICAgICAgICAgICAg ICAgICAgICAgICB8IDExICsrKysrKysrKysrCiBTb3VyY2UvV2ViS2l0L1VJUHJvY2Vzcy9BUEkv Q29jb2EvV0tXZWJWaWV3Lm1tIHwgIDIgKy0KIDIgZmlsZXMgY2hhbmdlZCwgMTIgaW5zZXJ0aW9u cygrKSwgMSBkZWxldGlvbigtKQoKZGlmZiAtLWdpdCBhL1NvdXJjZS9XZWJLaXQvQ2hhbmdlTG9n IGIvU291cmNlL1dlYktpdC9DaGFuZ2VMb2cKaW5kZXggMmU4OGNjYWE2OGQuLjhmZGExNzExY2U4 IDEwMDY0NAotLS0gYS9Tb3VyY2UvV2ViS2l0L0NoYW5nZUxvZworKysgYi9Tb3VyY2UvV2ViS2l0 L0NoYW5nZUxvZwpAQCAtMSwzICsxLDE0IEBACisyMDIwLTA2LTEzICBSaWNoYXJkIEhvdWxlICA8 cmhvdWxlQGFwcGxlLmNvbT4KKworICAgICAgICBGaXggT3ZlcnJlbGVhc2UgaW4gbWFrZUZhaWx1 cmVTZXRGb3JBbGxUZXh0TWFuaXB1bGF0aW9uSXRlbXMKKyAgICAgICAgaHR0cHM6Ly9idWdzLndl YmtpdC5vcmcvc2hvd19idWcuY2dpP2lkPTIxMzE2NQorICAgICAgICA8cmRhcjovL3Byb2JsZW0v NjEzODkxNjQ+CisKKyAgICAgICAgUmV2aWV3ZWQgYnkgTk9CT0RZIChPT1BTISkuCisKKyAgICAg ICAgKiBVSVByb2Nlc3MvQVBJL0NvY29hL1dLV2ViVmlldy5tbToKKyAgICAgICAgKG1ha2VGYWls dXJlU2V0Rm9yQWxsVGV4dE1hbmlwdWxhdGlvbkl0ZW1zKToKKwogMjAyMC0wNi0xMyAgV2Vuc29u IEhzaWVoICA8d2Vuc29uX2hzaWVoQGFwcGxlLmNvbT4KIAogICAgICAgICBbTWFjIENhdGFseXN0 XSBDb2xvciBpbnB1dHMgYW5kIHNlbGVjdHMgZmFpbCB0byBkaXNwbGF5IHBvcG92ZXJzIHdoZW4g Y2xpY2tlZApkaWZmIC0tZ2l0IGEvU291cmNlL1dlYktpdC9VSVByb2Nlc3MvQVBJL0NvY29hL1dL V2ViVmlldy5tbSBiL1NvdXJjZS9XZWJLaXQvVUlQcm9jZXNzL0FQSS9Db2NvYS9XS1dlYlZpZXcu bW0KaW5kZXggYTRmZjAzOGE2MTAuLjU1NTg4OGExMDRjIDEwMDY0NAotLS0gYS9Tb3VyY2UvV2Vi S2l0L1VJUHJvY2Vzcy9BUEkvQ29jb2EvV0tXZWJWaWV3Lm1tCisrKyBiL1NvdXJjZS9XZWJLaXQv VUlQcm9jZXNzL0FQSS9Db2NvYS9XS1dlYlZpZXcubW0KQEAgLTE3MDksNyArMTcwOSw3IEBAIHN0 YXRpYyBXZWJDb3JlOjpUZXh0TWFuaXB1bGF0aW9uQ29udHJvbGxlcjo6VG9rZW5JZGVudGlmaWVy IGNvcmVUZXh0TWFuaXB1bGF0aW9uCiAKIHN0YXRpYyBSZXRhaW5QdHI8TlNNdXRhYmxlQXJyYXk+ IG1ha2VGYWlsdXJlU2V0Rm9yQWxsVGV4dE1hbmlwdWxhdGlvbkl0ZW1zKE5TQXJyYXk8X1dLVGV4 dE1hbmlwdWxhdGlvbkl0ZW0gKj4gKml0ZW1zKQogewotICAgIFJldGFpblB0cjxOU011dGFibGVB cnJheT4gd2tGYWlsdXJlcyA9IGFkb3B0TlMoW1tbTlNNdXRhYmxlQXJyYXkgYWxsb2NdIGluaXRX aXRoQ2FwYWNpdHk6aXRlbXMuY291bnRdIGF1dG9yZWxlYXNlXSk7CisgICAgUmV0YWluUHRyPE5T TXV0YWJsZUFycmF5PiB3a0ZhaWx1cmVzID0gYWRvcHROUyhbW05TTXV0YWJsZUFycmF5IGFsbG9j XSBpbml0V2l0aENhcGFjaXR5Oml0ZW1zLmNvdW50XSk7CiAgICAgZm9yIChfV0tUZXh0TWFuaXB1 bGF0aW9uSXRlbSAqaXRlbSBpbiBpdGVtcykKICAgICAgICAgW3drRmFpbHVyZXMgYWRkT2JqZWN0 OltOU0Vycm9yIGVycm9yV2l0aERvbWFpbjpfV0tUZXh0TWFuaXB1bGF0aW9uSXRlbUVycm9yRG9t YWluIGNvZGU6X1dLVGV4dE1hbmlwdWxhdGlvbkl0ZW1FcnJvck5vdEF2YWlsYWJsZSB1c2VySW5m bzpAe19XS1RleHRNYW5pcHVsYXRpb25JdGVtRXJyb3JJdGVtS2V5OiBpdGVtfV1dOwogICAgIHJl dHVybiB3a0ZhaWx1cmVzOwotLSAKMi4yNC4zIChBcHBsZSBHaXQtMTI4KQoK