Bug 192420

Summary: [iOS] On google docs, copying & pasting hits assertion failure in PlatformPasteboard::readString(int, WTF::String const&)
Product: WebKit Reporter: Daniel Bates <dbates>
Component: WebCore Misc.Assignee: Wenson Hsieh <wenson_hsieh>
Status: NEW ---    
Severity: Normal CC: rniwa, webkit-bug-importer, wenson_hsieh
Priority: P2 Keywords: InRadar, NeedsReduction, PlatformOnly
Version: WebKit Local Build   
Hardware: iPhone / iPad   
OS: iOS 12   

Description Daniel Bates 2018-12-05 11:50:24 PST 
Seen using a debug build of WebKit for iOS Simulator at r238894.

Steps to reproduce:

1. Visit <https://docs.google.com>.
2. Sign in.
3. Open a document that has some text.
4. Press Command + A to select all.

You may need to repeat (4) more than once.

Then Mobile Safari crashes because ASSERT([value isKindOfClass:[NSString class]]) fails in WebCore::PlatformPasteboard::readString(int, WTF::String const&) [1] with the following backtrace:

#0  0x000000010b92f2c0 in ::WTFCrash() at /Volumes/.../Source/WTF/wtf/Assertions.cpp:255
#1  0x00000001218e3acb in WTFCrashWithInfo(int, char const*, char const*, int) at /Volumes/.../Debug-iphonesimulator/usr/local/include/wtf/Assertions.h:554
#2  0x0000000122267ee9 in WebCore::PlatformPasteboard::readString(int, WTF::String const&) const at /Volumes/.../Source/WebCore/platform/ios/PlatformPasteboardIOS.mm:670
#3  0x000000012226c5c4 in WebCore::PlatformPasteboard::allStringsForType(WTF::String const&) const at /Volumes/.../Source/WebCore/platform/ios/PlatformPasteboardIOS.mm:636
#4  0x0000000110cc74ad in WebKit::WebPasteboardProxy::getPasteboardStringsForType(WTF::String const&, WTF::String const&, WTF::Vector<WTF::String, 0ul, WTF::CrashOnOverflow, 16ul>&) at /Volumes/.../Source/WebKit/UIProcess/Cocoa/WebPasteboardProxyCocoa.mm:75
#5  0x00000001115e922b in void IPC::callMemberFunctionImpl<WebKit::WebPasteboardProxy, void (WebKit::WebPasteboardProxy::*)(WTF::String const&, WTF::String const&, WTF::Vector<WTF::String, 0ul, WTF::CrashOnOverflow, 16ul>&), std::__1::tuple<WTF::String, WTF::String>, 0ul, 1ul, std::__1::tuple<WTF::Vector<WTF::String, 0ul, WTF::CrashOnOverflow, 16ul> >, 0ul>(WebKit::WebPasteboardProxy*, void (WebKit::WebPasteboardProxy::*)(WTF::String const&, WTF::String const&, WTF::Vector<WTF::String, 0ul, WTF::CrashOnOverflow, 16ul>&), std::__1::tuple<WTF::String, WTF::String>&&, std::__1::tuple<WTF::Vector<WTF::String, 0ul, WTF::CrashOnOverflow, 16ul> >&, std::__1::integer_sequence<unsigned long, 0ul, 1ul>, std::__1::integer_sequence<unsigned long, 0ul>) at /Volumes/.../Source/WebKit/Platform/IPC/HandleMessage.h:55
#6  0x00000001115e9158 in void IPC::callMemberFunction<WebKit::WebPasteboardProxy, void (WebKit::WebPasteboardProxy::*)(WTF::String const&, WTF::String const&, WTF::Vector<WTF::String, 0ul, WTF::CrashOnOverflow, 16ul>&), std::__1::tuple<WTF::String, WTF::String>, std::__1::integer_sequence<unsigned long, 0ul, 1ul>, std::__1::tuple<WTF::Vector<WTF::String, 0ul, WTF::CrashOnOverflow, 16ul> >, std::__1::integer_sequence<unsigned long, 0ul> >(std::__1::tuple<WTF::String, WTF::String>&&, std::__1::tuple<WTF::Vector<WTF::String, 0ul, WTF::CrashOnOverflow, 16ul> >&, WebKit::WebPasteboardProxy*, void (WebKit::WebPasteboardProxy::*)(WTF::String const&, WTF::String const&, WTF::Vector<WTF::String, 0ul, WTF::CrashOnOverflow, 16ul>&)) at /Volumes/.../Source/WebKit/Platform/IPC/HandleMessage.h:61
#7  0x00000001115e4519 in void IPC::handleMessageLegacySync<Messages::WebPasteboardProxy::GetPasteboardStringsForType, WebKit::WebPasteboardProxy, void (WebKit::WebPasteboardProxy::*)(WTF::String const&, WTF::String const&, WTF::Vector<WTF::String, 0ul, WTF::CrashOnOverflow, 16ul>&)>(IPC::Decoder&, IPC::Encoder&, WebKit::WebPasteboardProxy*, void (WebKit::WebPasteboardProxy::*)(WTF::String const&, WTF::String const&, WTF::Vector<WTF::String, 0ul, WTF::CrashOnOverflow, 16ul>&)) at /Volumes/.../Source/WebKit/Platform/IPC/HandleMessage.h:146
#8  0x00000001115e2ac1 in WebKit::WebPasteboardProxy::didReceiveSyncMessage(IPC::Connection&, IPC::Decoder&, std::__1::unique_ptr<IPC::Encoder, std::__1::default_delete<IPC::Encoder> >&) at /Volumes/.../Debug-iphonesimulator/DerivedSources/WebKit2/WebPasteboardProxyMessageReceiver.cpp:188
#9  0x00000001106e89ca in IPC::MessageReceiverMap::dispatchSyncMessage(IPC::Connection&, IPC::Decoder&, std::__1::unique_ptr<IPC::Encoder, std::__1::default_delete<IPC::Encoder> >&) at /Volumes/.../Source/WebKit/Platform/IPC/MessageReceiverMap.cpp:135
#10 0x0000000110bd412c in WebKit::ChildProcessProxy::dispatchSyncMessage(IPC::Connection&, IPC::Decoder&, std::__1::unique_ptr<IPC::Encoder, std::__1::default_delete<IPC::Encoder> >&) at /Volumes/.../Source/WebKit/UIProcess/ChildProcessProxy.cpp:160
#11 0x0000000110e1ec72 in WebKit::WebProcessProxy::didReceiveSyncMessage(IPC::Connection&, IPC::Decoder&, std::__1::unique_ptr<IPC::Encoder, std::__1::default_delete<IPC::Encoder> >&) at /Volumes/.../Source/WebKit/UIProcess/WebProcessProxy.cpp:666
#12 0x00000001106977a5 in IPC::Connection::dispatchSyncMessage(IPC::Decoder&) at /Volumes/.../Source/WebKit/Platform/IPC/Connection.cpp:900
#13 0x0000000110690438 in IPC::Connection::dispatchMessage(std::__1::unique_ptr<IPC::Decoder, std::__1::default_delete<IPC::Decoder> >) at /Volumes/.../Source/WebKit/Platform/IPC/Connection.cpp:1003
#14 0x0000000110690013 in IPC::Connection::SyncMessageState::dispatchMessages(IPC::Connection*) at /Volumes/.../Source/WebKit/Platform/IPC/Connection.cpp:182
#15 0x000000011069071f in IPC::Connection::SyncMessageState::dispatchMessageAndResetDidScheduleDispatchMessagesForConnection(IPC::Connection&) at /Volumes/.../Source/WebKit/Platform/IPC/Connection.cpp:201
#16 0x00000001106a041c in IPC::Connection::SyncMessageState::processIncomingMessage(IPC::Connection&, std::__1::unique_ptr<IPC::Decoder, std::__1::default_delete<IPC::Decoder> >&)::$_1::operator()() at /Volumes/.../Source/WebKit/Platform/IPC/Connection.cpp:147
#17 0x00000001106a0299 in WTF::Function<void ()>::CallableWrapper<IPC::Connection::SyncMessageState::processIncomingMessage(IPC::Connection&, std::__1::unique_ptr<IPC::Decoder, std::__1::default_delete<IPC::Decoder> >&)::$_1>::call() at /Volumes/.../Debug-iphonesimulator/usr/local/include/wtf/Function.h:101
#18 0x000000010b95b2aa in WTF::Function<void ()>::operator()() const at /Volumes/.../Debug-iphonesimulator/usr/local/include/wtf/Function.h:56
#19 0x000000010b9cb8e3 in WTF::RunLoop::performWork() at /Volumes/.../Source/WTF/wtf/RunLoop.cpp:106
#20 0x000000010b9cccae in WTF::RunLoop::performWork(void*) at /Volumes/.../Source/WTF/wtf/cf/RunLoopCF.cpp:38
#21 0x0000000109256af1 in __CFRUNLOOP_IS_CALLING_OUT_TO_A_SOURCE0_PERFORM_FUNCTION__ ()
#22 0x000000010925632f in __CFRunLoopDoSources0 ()
#23 0x00000001092509af in __CFRunLoopRun ()
#24 0x0000000109250152 in CFRunLoopRunSpecific ()
#25 0x000000011f453017 in GSEventRunModal at /Volumes/.../GSEvent.c:2246
#26 0x000000011f452d2c in GSEventRun at /Volumes/.../GSEvent.c:2226
#27 0x000000011b100e87 in -[UIApplication _run] at /Volumes/.../UIApplication.m:2984
#28 0x000000011b108272 in UIApplicationMain at /Volumes/.../UIApplication.m:4258
#29 0x0000000106e80daf in main at /Volumes/.../iOS/MobileSafari/main.m:121
#30 0x0000000118393985 in start ()

[1] <https://trac.webkit.org/browser/trunk/Source/WebCore/platform/ios/PlatformPasteboardIOS.mm?rev=238894#L670>
Comment 1 Radar WebKit Bug Importer 2018-12-05 11:51:28 PST 
<rdar://problem/46494932>
Comment 2 Daniel Bates 2018-12-05 11:53:33 PST 
(lldb) p value
(WTF::RetainPtr<id>) $0 = (m_ptr = 0x0000000000000000)
(lldb) p type
(const WTF::String) $1 = { length = 17, contents = 'public.plain-text' } {
  m_impl = {
    m_ptr = 0x000000014c975e88 { length = 17, is8bit = 1, contents = 'public.plain-text' }
  }
}
(lldb) p index
(int) $2 = 0
(lldb) p m_pasteboard
(WTF::RetainPtr<id>) $3 = (m_ptr = 0x00007fa235994c00)
(lldb) po [m_pasteboard.m_ptr description]
<_UIConcretePasteboard: 0x7fa235994c00>
Comment 3 Daniel Bates 2018-12-05 11:55:48 PST 
(In reply to Daniel Bates from comment #0)
> Seen using a debug build of WebKit for iOS Simulator at r238894.
> 
> Steps to reproduce:
> 
> 1. Visit <https://docs.google.com>.
> 2. Sign in.
> 3. Open a document that has some text.
> 4. Press Command + A to select all.
> 
> You may need to repeat (4) more than once.
> 

Err, these steps should be:

1. Visit <https://docs.google.com> and sign in.
2. Open a document that has some text and focus the document for typing.
3. Press Command + A to select all.
4. Press Command + C to copy.
5. Press Command + V to paste.
Comment 4 Ryosuke Niwa 2018-12-05 13:46:13 PST 
What kind of a class do we have instead of NSString?
Comment 5 Daniel Bates 2018-12-05 18:55:56 PST 
(In reply to Ryosuke Niwa from comment #4)
> What kind of a class do we have instead of NSString?

No class, a nil :) See comment 2.
Comment 6 Ryosuke Niwa 2018-12-05 20:02:19 PST 
On interesting. So either _UIConcretePasteboard claims to have plain text but returns nil when we ask, or we're getting confused and think _UIConcretePasteboard has plain text even when it doesn't.