RESOLVED FIXED 45938
_web_makePluginViewsPerformSelector:: mutates subviews array while iterating it 
https://bugs.webkit.org/show_bug.cgi?id=45938
Summary _web_makePluginViewsPerformSelector:: mutates subviews array while iterating it
John Sullivan
Reported 2010-09-16 18:07:59 PDT
This is in Radar as <rdar://problem/8395558> The method -[NSArray _web_makePluginViewsPerformSelector:withObject:], which is implemented in WebHTMLView.mm, uses -[NSArray objectEnumerator] to enumerate the receiver array. The two callers to this method both send it to [self subviews]. [NSView subviews] returns the "live" mutable NSArray holding a view's subviews, so if the selector causes the view's subviews to change, the array will be mutated while it's being enumerated, which is an ObjC no-no that causes an NSException to be thrown (and ensuing havoc).
Attachments
Patch to avoid mutating array while enumerating it. (3.55 KB, patch)
2010-09-16 18:14 PDT, John Sullivan 		darin: review+
DetailsFormatted DiffDiff
View All Add attachment proposed patch, testcase, etc.
John Sullivan
Comment 1 2010-09-16 18:14:12 PDT
Created attachment 67870 [details] Patch to avoid mutating array while enumerating it.
Darin Adler
Comment 2 2010-09-16 19:40:47 PDT
Comment on attachment 67870 [details] Patch to avoid mutating array while enumerating it. Historically, objectEnumerator creating a copy of the entire array! I’m surprised that it has changed so that it no longer does so. Does this work properly when there are no subviews? Instead of initWithArray: you could have used the copy method. r=me
John Sullivan
Comment 3 2010-09-16 21:04:09 PDT
The fast enumeration introduced with ObjC-2.0 is used with objectEnumerator; that's when the prohibition against mutating a collection while enumerating it began. Other bugs like this have been fixed in WebKit, though maybe the others were all a long time ago (e.g. <http://trac.webkit.org/changeset/24827>). initWithArray: will return an empty array when passed nil, but the documentation is not clear about this. -copy will call -initWithArray:, but I guess it's a little bit better because it's unambiguous about what you'll get with a nil initial array, so I'll switch to using that. Thanks for reviewing!
John Sullivan
Comment 4 2010-09-16 21:07:40 PDT
Fixed in r67691.
Note You need to log in before you can comment on or make changes to this bug.