Bug 259253 - [iOS] Various editing layout tests occasionally crash under TextChecker::closeSpellDocumentWithTag
Summary: [iOS] Various editing layout tests occasionally crash under TextChecker::clos...
Status: RESOLVED FIXED
Alias: None
Product: WebKit
Classification: Unclassified
Component: Tools / Tests (show other bugs)
Version: WebKit Nightly Build
Hardware: Unspecified Unspecified
: P2 Normal
Assignee: Wenson Hsieh
URL:
Keywords: InRadar
Depends on:
Blocks:
 
Reported: 2023-07-15 18:10 PDT by Wenson Hsieh
Modified: 2023-07-17 10:54 PDT (History)
1 user (show)

See Also:

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description Wenson Hsieh 2023-07-15 18:10:59 PDT 
To reproduce, run these 3 tests back to back:

1. editing/input/cocoa/autocorrect-on.html
2. editing/pasteboard/paste-blockquote-1.html
3. editing/pasteboard/paste-does-not-fire-promises-while-sanitizing-web-content.html

Or more generally,

1. Run a test that installs the fake text checker on iOS.
2. Run any other layout test.
3. Run a layout test that shows an edit menu by tapping or selecting text.

...the test in (3) will crash with an overelease under something like:

```
Thread 0 Crashed::  Dispatch queue: com.apple.main-thread
0   libobjc.A.dylib                        0x1044e2280 objc_release + 16
1   WebKit                                 0x10d12abac WTF::RetainPtr<UITextChecker>::~RetainPtr() + 8 (RetainPtr.h:198) [inlined]
2   WebKit                                 0x10d12abac WTF::RetainPtr<UITextChecker>::~RetainPtr() + 8 (RetainPtr.h:196) [inlined]
…
10  WebKit                                 0x10d1226f8 WTF::HashMap<long long, WTF::RetainPtr<UITextChecker>, WTF::DefaultHash<long long>, WTF::HashTraits<long long>, WTF::HashTraits<WTF::RetainPtr<UITextChecker>>, WTF::HashTableTraits>::remove(long long const&) + 80 (HashMap.h:502) [inlined]
11  WebKit                                 0x10d1226f8 WebKit::TextChecker::closeSpellDocumentWithTag(long long) + 112 (TextCheckerIOS.mm:189)
12  WebKit                                 0x10d207594 WebKit::WebPageProxy::~WebPageProxy() + 264 (WebPageProxy.cpp:726)
13  WebKit                                 0x10ce7680c -[WKObject dealloc] + 64 (WKObject.mm:58)
```
Comment 1 Wenson Hsieh 2023-07-15 18:19:47 PDT 
Pull request: https://github.com/WebKit/WebKit/pull/15872
Comment 2 EWS 2023-07-17 10:53:20 PDT 
Committed 266103@main (0c2e3d5a3e16): <https://commits.webkit.org/266103@main>

Reviewed commits have been landed. Closing PR #15872 and removing active labels.
Comment 3 Radar WebKit Bug Importer 2023-07-17 10:54:19 PDT 
<rdar://problem/112414009>