309029 2026-03-02 18:04:30 -0800 [Site Isolation] window.open when opener is an empty site crashes 2026-03-23 09:06:45 -0700 1 1 1 Unclassified WebKit New Bugs WebKit Nightly Build Unspecified Unspecified RESOLVED FIXED InRadar P2 Normal --- 1 a.tarbinian webkit-unassigned webkit-bug-importer oldest_to_newest 2186348 0 a.tarbinian 2026-03-02 18:04:30 -0800 When calling window.open() from an empty site (i.e. about:blank) we hit this crash which gets triggered from WebPageProxy::initializeWebPage Steps to reproduce: 1. Open Minibrowser and navigate to about:blank 2. Open web inspector console 3. Run window.open() Full crash: Source/WebKit/Platform/IPC/MessageReceiverMap.cpp(53) : void IPC::MessageReceiverMap::addMessageReceiver(ReceiverName, uint64_t, MessageReceiver &) 1 0x11c16d514 IPC::MessageReceiverMap::addMessageReceiver(IPC::ReceiverName, unsigned long long, IPC::MessageReceiver&) 2 0x11a98f69c WebKit::AuxiliaryProcessProxy::addMessageReceiver(IPC::ReceiverName, unsigned long long, IPC::MessageReceiver&) 3 0x119d329a8 void WebKit::AuxiliaryProcessProxy::addMessageReceiver<unsigned long long>(IPC::ReceiverName, WTF::ObjectIdentifierGenericBase<unsigned long long> const&, IPC::MessageReceiver&) 4 0x11aa2bdec WebKit::RemotePageDrawingAreaProxy::RemotePageDrawingAreaProxy(WebKit::DrawingAreaProxy&, WebKit::WebProcessProxy&) 5 0x11aa2bcb8 WebKit::RemotePageDrawingAreaProxy::RemotePageDrawingAreaProxy(WebKit::DrawingAreaProxy&, WebKit::WebProcessProxy&) 6 0x11aa2bb54 WebKit::RemotePageDrawingAreaProxy::create(WebKit::DrawingAreaProxy&, WebKit::WebProcessProxy&) 7 0x11aa2d4d4 WebKit::RemotePageProxy::injectPageIntoNewProcess() 8 0x11a994164 WebKit::BrowsingContextGroup::addFrameProcessAndInjectPageContextIf(WebKit::FrameProcess&, WTF::Function<bool (WebKit::WebPageProxy&)>)::$_0::operator()(WebKit::WebPageProxy&, WebCore::Site const&) const 9 0x11a993d90 WebKit::BrowsingContextGroup::addFrameProcessAndInjectPageContextIf(WebKit::FrameProcess&, WTF::Function<bool (WebKit::WebPageProxy&)>) 10 0x11a993a1c WebKit::BrowsingContextGroup::addFrameProcess(WebKit::FrameProcess&) 11 0x11a9e485c WebKit::FrameProcess::FrameProcess(WebKit::WebProcessProxy&, WebKit::BrowsingContextGroup&, std::__1::optional<WebCore::Site> const&, WebCore::Site const&, WebKit::WebPreferences const&, WebKit::LoadedWebArchive, WebKit::BrowsingContextGroupUpdate) 12 0x11a9e4abc WebKit::FrameProcess::FrameProcess(WebKit::WebProcessProxy&, WebKit::BrowsingContextGroup&, std::__1::optional<WebCore::Site> const&, WebCore::Site const&, WebKit::WebPreferences const&, WebKit::LoadedWebArchive, WebKit::BrowsingContextGroupUpdate) 13 0x11a99373c WebKit::FrameProcess::create(WebKit::WebProcessProxy&, WebKit::BrowsingContextGroup&, std::__1::optional<WebCore::Site> const&, WebCore::Site const&, WebKit::WebPreferences const&, WebKit::LoadedWebArchive, WebKit::BrowsingContextGroupUpdate) 14 0x11a993128 WebKit::BrowsingContextGroup::ensureProcessForSite(WebCore::Site const&, WebCore::Site const&, WebKit::WebProcessProxy&, WebKit::WebPreferences const&, WebKit::LoadedWebArchive, WebKit::BrowsingContextGroupUpdate) 15 0x11ab23458 WebKit::WebPageProxy::initializeWebPage(WebCore::Site const&, WTF::OptionSet<WebCore::SandboxFlag, (WTF::ConcurrencyTag)0>, WebCore::ReferrerPolicy) 16 0x11a60d598 WebKit::WebViewImpl::WebViewImpl(WKWebView*, WebKit::WebProcessPool&, WTF::Ref<API::PageConfiguration, WTF::RawPtrTraits<API::PageConfiguration>, WTF::DefaultRefDerefTraits<API::PageConfiguration>>&&) 17 0x11a60f9c0 WebKit::WebViewImpl::WebViewImpl(WKWebView*, WebKit::WebProcessPool&, WTF::Ref<API::PageConfiguration, WTF::RawPtrTraits<API::PageConfiguration>, WTF::DefaultRefDerefTraits<API::PageConfiguration>>&&) 18 0x1198259d8 std::__1::unique_ptr<WebKit::WebViewImpl, std::__1::default_delete<WebKit::WebViewImpl>> std::__1::make_unique[abi:sqn210106]<WebKit::WebViewImpl, WKWebView*&, WebKit::WebProcessPool&, WTF::Ref<API::PageConfiguration, WTF::RawPtrTraits<API::PageConfiguration>, WTF::DefaultRefDerefTraits<API::PageConfiguration>>, 0>(WKWebView*&, WebKit::WebProcessPool&, WTF::Ref<API::PageConfiguration, WTF::RawPtrTraits<API::PageConfiguration>, WTF::DefaultRefDerefTraits<API::PageConfiguration>>&&) 19 0x1197d74a4 decltype(auto) WTF::makeUnique<WebKit::WebViewImpl, WKWebView*&, WebKit::WebProcessPool&, WTF::Ref<API::PageConfiguration, WTF::RawPtrTraits<API::PageConfiguration>, WTF::DefaultRefDerefTraits<API::PageConfiguration>>>(WKWebView*&, WebKit::WebProcessPool&, WTF::Ref<API::PageConfiguration, WTF::RawPtrTraits<API::PageConfiguration>, WTF::DefaultRefDerefTraits<API::PageConfiguration>>&&) 20 0x11709cd5c -[WKWebView _initializeWithConfiguration:] 21 0x11709c6d8 -[WKWebView initWithFrame:configuration:] 22 0x1001bb32c -[WK2BrowserWindowController awakeFromNib] 23 0x18556a314 -[NSIBObjectData nibInstantiateWithOwner:options:topLevelObjects:] 24 0x18555f994 loadNib 25 0x18555efb8 +[NSBundle(NSNibLoading) _loadNibFile:nameTable:options:withZone:ownerBundle:] 26 0x1856e589c -[NSWindowController loadWindow] 27 0x1856e5654 -[NSWindowController window] 28 0x1001bfc0c -[WK2BrowserWindowController webView:createWebViewWithConfiguration:forNavigationAction:windowFeatures:] 29 0x119e16700 WebKit::UIDelegate::UIClient::createNewPage(WebKit::WebPageProxy&, WTF::Ref<API::PageConfiguration, WTF::RawPtrTraits<API::PageConfiguration>, WTF::DefaultRefDerefTraits<API::PageConfiguration>>&&, WTF::Ref<API::NavigationAction, WTF::RawPtrTraits<API::NavigationAction>, WTF::DefaultRefDerefTraits<API::NavigationAction>>&&, WTF::CompletionHandler<void (WTF::RefPtr<WebKit::WebPageProxy, WTF::RawPtrTraits<WebKit::WebPageProxy>, WTF::DefaultRefDerefTraits<WebKit::WebPageProxy>>&&)>&&) 30 0x11ac733c8 WebKit::WebPageProxy::createNewPage(IPC::Connection&, WebCore::WindowFeatures&&, WebKit::NavigationActionData&&, WTF::CompletionHandler<void (std::__1::optional<WTF::ObjectIdentifierGeneric<WebCore::PageIdentifierType, WTF::ObjectIdentifierMainThreadAccessTraits<unsigned long long>, unsigned long long>>, std::__1::optional<WebKit::WebPageCreationParameters>)>&&)::$_1::operator()(WTF::Ref<API::NavigationAction, WTF::RawPtrTraits<API::NavigationAction>, WTF::DefaultRefDerefTraits<API::NavigationAction>>&&, WTF::CompletionHandler<void (WTF::RefPtr<WebKit::WebPageProxy, WTF::RawPtrTraits<WebKit::WebPageProxy>, WTF::DefaultRefDerefTraits<WebKit::WebPageProxy>>&&)>&&) 31 0x11ac73218 WTF::Detail::CallableWrapper<WebKit::WebPageProxy::createNewPage(IPC::Connection&, WebCore::WindowFeatures&&, WebKit::NavigationActionData&&, WTF::CompletionHandler<void (std::__1::optional<WTF::ObjectIdentifierGeneric<WebCore::PageIdentifierType, WTF::ObjectIdentifierMainThreadAccessTraits<unsigned long long>, unsigned long long>>, std::__1::optional<WebKit::WebPageCreationParameters>)>&&)::$_1, void, WTF::Ref<API::NavigationAction, WTF::RawPtrTraits<API::NavigationAction>, WTF::DefaultRefDerefTraits<API::NavigationAction>>&&, WTF::CompletionHandler<void (WTF::RefPtr<WebKit::WebPageProxy, WTF::RawPtrTraits<WebKit::WebPageProxy>, WTF::DefaultRefDerefTraits<WebKit::WebPageProxy>>&&)>&&>::call(WTF::Ref<API::NavigationAction, WTF::RawPtrTraits<API::NavigationAction>, WTF::DefaultRefDerefTraits<API::NavigationAction>>&&, WTF::CompletionHandler<void (WTF::RefPtr<WebKit::WebPageProxy, WTF::RawPtrTraits<WebKit::WebPageProxy>, WTF::DefaultRefDerefTraits<WebKit::WebPageProxy>>&&)>&&) 2186349 1 webkit-bug-importer 2026-03-02 18:04:36 -0800 <rdar://problem/171576184> 2186351 2 a.tarbinian 2026-03-02 18:05:49 -0800 Reproduces on 308471@main with site isolation on 2186363 3 a.tarbinian 2026-03-02 18:31:47 -0800 Pull request: https://github.com/WebKit/WebKit/pull/59765 2192776 4 ews-feeder 2026-03-23 09:06:43 -0700 Committed 309761@main (5c3dd122be67): <https://commits.webkit.org/309761@main> Reviewed commits have been landed. Closing PR #59765 and removing active labels.