Bug 207407

Summary: Crash under WKBundleFrameForJavaScriptContext dereferencing a NULL WebCore::Frame
Product: WebKit Reporter: Timothy Hatcher <timothy>
Component: WebKit Misc.Assignee: Timothy Hatcher <timothy>
Status: RESOLVED FIXED    
Severity: Normal CC: bdakin, commit-queue, thorton, webkit-bug-importer, wenson_hsieh
Priority: P2 Keywords: InRadar
Version: WebKit Local Build   
Hardware: Unspecified   
OS: Unspecified   
Attachments:
Description Flags
Patch none

Description Timothy Hatcher 2020-02-07 14:08:54 PST 
Safari is hitting a crash in the injected bundle when calling WKBundleFrameForJavaScriptContext with a context of a page that has been closed.

#0    0x00000003b836f715 in std::__1::unique_ptr<WebCore::FrameLoader, std::__1::default_delete<WebCore::FrameLoader> >::operator bool() const at ~/Applications/Xcode.app/Contents/Developer/Toolchains/OSX10.15.xctoolchain/usr/include/c++/v1/memory:2636
#1    0x00000003b836f69d in WTF::UniqueRef<WebCore::FrameLoader>::get() at /Users/Timothy/Work/Safari/OpenSource/WebKitBuild/Debug/usr/local/include/wtf/UniqueRef.h:58
#2    0x00000003b83634ce in WebCore::Frame::loader() const at /Users/Timothy/Work/Safari/OpenSource/WebKitBuild/Debug/WebCore.framework/PrivateHeaders/Frame.h:367
#3    0x00000003b949d835 in WebKit::WebFrame::fromCoreFrame(WebCore::Frame const&) at ~/Work/Safari/OpenSource/Source/WebKit/WebProcess/WebPage/WebFrame.cpp:182
#4    0x00000003b94a65f3 in WebKit::WebFrame::frameForContext(OpaqueJSContext const*) at ~/Work/Safari/OpenSource/Source/WebKit/WebProcess/WebPage/WebFrame.cpp:711
#5    0x00000003b92ea1b5 in ::WKBundleFrameForJavaScriptContext(JSContextRef) at ~/Work/Safari/OpenSource/Source/WebKit/WebProcess/InjectedBundle/API/c/WKBundleFrame.cpp:104

<rdar://problem/59206599>
Comment 1 Timothy Hatcher 2020-02-07 14:10:33 PST 
Created attachment 390120 [details]
Patch
Comment 2 WebKit Commit Bot 2020-02-07 15:01:48 PST 
Comment on attachment 390120 [details]
Patch

Clearing flags on attachment: 390120

Committed r256068: <https://trac.webkit.org/changeset/256068>
Comment 3 WebKit Commit Bot 2020-02-07 15:01:49 PST 
All reviewed patches have been landed.  Closing bug.