Bug 234994 - Null pointer crash when calling into `-[WebView close]` in `-webView:didCommitLoadForFrame:`
Summary: Null pointer crash when calling into `-[WebView close]` in `-webView:didCommi...
Status: RESOLVED FIXED
Alias: None
Product: WebKit
Classification: Unclassified
Component: WebKit Misc. (show other bugs)
Version: WebKit Nightly Build
Hardware: Unspecified Unspecified
: P2 Normal
Assignee: Wenson Hsieh
URL:
Keywords: InRadar
Depends on:
Blocks:
 
Reported: 2022-01-07 16:12 PST by Wenson Hsieh
Modified: 2022-01-08 14:14 PST (History)
5 users (show)

See Also:

Attachments
For EWS (12.58 KB, patch)
2022-01-07 16:18 PST, Wenson Hsieh 		no flags Details | Formatted Diff | Diff
For EWS (11.55 KB, patch)
2022-01-08 13:36 PST, Wenson Hsieh 		no flags Details | Formatted Diff | Diff
Show Obsolete (1) View All Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description Wenson Hsieh 2022-01-07 16:12:47 PST 
rdar://86845512
Comment 1 Wenson Hsieh 2022-01-07 16:18:43 PST 
Created attachment 448645 [details]
For EWS
Comment 2 Geoffrey Garen 2022-01-07 16:31:44 PST 
LGTM
Comment 3 Wenson Hsieh 2022-01-07 16:32:58 PST 
(In reply to Geoffrey Garen from comment #2)
> LGTM

Thanks for taking a look!

(I held off on adding the r? because I wasn't sure if there were going to be more unified-source-related build failures on iOS, but it seems like EWS is happy now :P)
Comment 4 Chris Dumez 2022-01-07 16:34:30 PST 
Comment on attachment 448645 [details]
For EWS

r=me
Comment 5 Wenson Hsieh 2022-01-08 13:05:38 PST 
(In reply to Chris Dumez from comment #4)
> Comment on attachment 448645 [details]
> For EWS
> 
> r=me

Thanks for the reviews!

It looks like my new test is crashing on iOS — upon closer investigation though, it seems that it's just crashing on initialization of the WebView:

```
Thread 0 Crashed::  Dispatch queue: com.apple.main-thread
0   JavaScriptCore                	       0x10b654d53 WTFCrashWithInfo(int, char const*, char const*, int) + 19 (Assertions.h:732)
1   JavaScriptCore                	       0x10b310503 JSC::(anonymous namespace)::sizeClasses() + 58 (MarkedSpace.cpp:138) [inlined]
2   JavaScriptCore                	       0x10b310503 void JSC::(anonymous namespace)::buildSizeClassTable<std::__1::array<unsigned int, 503ul>, JSC::MarkedSpace::initializeSizeClassForStepSize()::$_5::operator()() const::'lambda'(unsigned long), JSC::MarkedSpace::initializeSizeClassForStepSize()::$_5::operator()() const::'lambda0'(unsigned long)>(std::__1::array<unsigned int, 503ul>&, JSC::MarkedSpace::initializeSizeClassForStepSize()::$_5::operator()() const::'lambda'(unsigned long) const&, JSC::MarkedSpace::initializeSizeClassForStepSize()::$_5::operator()() const::'lambda0'(unsigned long) const&) + 58 (MarkedSpace.cpp:147) [inlined]
```

Taking a look at similar legacy WK1 API tests that use WebView, it seems they're all macOS-specific, so  it seems WK1's WebView just wasn't intended to be used in this way on iOS. I'll move the new test to `Tests/mac` before landing (and remove some of the unified source related fixes that are no longer needed).
Comment 6 Wenson Hsieh 2022-01-08 13:36:07 PST 
Created attachment 448680 [details]
For EWS
Comment 7 EWS 2022-01-08 14:13:25 PST 
Committed r287814 (245866@main): <https://commits.webkit.org/245866@main>

All reviewed patches have been landed. Closing bug and clearing flags on attachment 448680 [details].
Comment 8 Radar WebKit Bug Importer 2022-01-08 14:14:21 PST Comment hidden (obsolete)