Bug 207407

Summary: Crash under WKBundleFrameForJavaScriptContext dereferencing a NULL WebCore::Frame
Product: WebKit Reporter: Timothy Hatcher <timothy>
Component: WebKit Misc.Assignee: Timothy Hatcher <timothy>
Status: RESOLVED FIXED    
Severity: Normal CC: bdakin, commit-queue, thorton, webkit-bug-importer, wenson_hsieh
Priority: P2 Keywords: InRadar
Version: WebKit Local Build   
Hardware: Unspecified   
OS: Unspecified   
Attachments:
Description Flags
Patch none

Timothy Hatcher
Reported 2020-02-07 14:08:54 PST
Safari is hitting a crash in the injected bundle when calling WKBundleFrameForJavaScriptContext with a context of a page that has been closed. #0 0x00000003b836f715 in std::__1::unique_ptr<WebCore::FrameLoader, std::__1::default_delete<WebCore::FrameLoader> >::operator bool() const at ~/Applications/Xcode.app/Contents/Developer/Toolchains/OSX10.15.xctoolchain/usr/include/c++/v1/memory:2636 #1 0x00000003b836f69d in WTF::UniqueRef<WebCore::FrameLoader>::get() at /Users/Timothy/Work/Safari/OpenSource/WebKitBuild/Debug/usr/local/include/wtf/UniqueRef.h:58 #2 0x00000003b83634ce in WebCore::Frame::loader() const at /Users/Timothy/Work/Safari/OpenSource/WebKitBuild/Debug/WebCore.framework/PrivateHeaders/Frame.h:367 #3 0x00000003b949d835 in WebKit::WebFrame::fromCoreFrame(WebCore::Frame const&) at ~/Work/Safari/OpenSource/Source/WebKit/WebProcess/WebPage/WebFrame.cpp:182 #4 0x00000003b94a65f3 in WebKit::WebFrame::frameForContext(OpaqueJSContext const*) at ~/Work/Safari/OpenSource/Source/WebKit/WebProcess/WebPage/WebFrame.cpp:711 #5 0x00000003b92ea1b5 in ::WKBundleFrameForJavaScriptContext(JSContextRef) at ~/Work/Safari/OpenSource/Source/WebKit/WebProcess/InjectedBundle/API/c/WKBundleFrame.cpp:104 <rdar://problem/59206599>
Attachments
Patch (1.67 KB, patch)
2020-02-07 14:10 PST, Timothy Hatcher 		no flags
DetailsFormatted DiffDiff
View All Add attachment proposed patch, testcase, etc.
Timothy Hatcher
Comment 1 2020-02-07 14:10:33 PST
Created attachment 390120 [details] Patch
WebKit Commit Bot
Comment 2 2020-02-07 15:01:48 PST
Comment on attachment 390120 [details] Patch Clearing flags on attachment: 390120 Committed r256068: <https://trac.webkit.org/changeset/256068>
WebKit Commit Bot
Comment 3 2020-02-07 15:01:49 PST
All reviewed patches have been landed. Closing bug.
Note You need to log in before you can comment on or make changes to this bug.