Bug 302069

Summary:	_ willStartRenderingUpdateDisplay crashes when _private->page is null
Product:	WebKit	Reporter:	jlee53
Component:	New Bugs	Assignee:	Robert Jenner <jenner>
Status:	RESOLVED FIXED
Severity:	Normal	CC:	webkit-bug-importer
Priority:	P2	Keywords:	InRadar
Version:	WebKit Nightly Build
Hardware:	Unspecified
OS:	Unspecified

jlee53

Reported 2025-11-06 02:01:33 PST

In the function WebView::_willStartRenderingUpdateDisplay (in WebkitLegacy), the page can become null between when it is originally null-checked if (_private->page) and when willStartRenderingUpdateDisplay starts executing. This is due to an increased delay from WebThreadLock(); We should move WebThreadLock() before page->willStartRenderingUpdateDisplay starts executing so that the page cannot be manipulated by the WebThread before page->willStartRenderingUpdateDisplay runs.

Attachments
Add attachment proposed patch, testcase, etc.

jlee53

Comment 1 2025-11-06 02:02:23 PST

<rdar://problem/164022564>

jlee53

Comment 2 2025-11-06 02:06:32 PST

Pull request: https://github.com/apple/WebKit/pull/3986

Robert Jenner

Comment 3 2025-12-15 20:14:39 PST

<rdar://problem/166335789>

Robert Jenner

Comment 4 2025-12-15 20:15:04 PST

Pull request: https://github.com/WebKit/WebKit/pull/55454

EWS

Comment 5 2025-12-16 08:32:51 PST

Committed 304517@main (41c6f81fa853): <https://commits.webkit.org/304517@main> Reviewed commits have been landed. Closing PR #55454 and removing active labels.

Note You need to log in before you can comment on or make changes to this bug.