255162 – Accessing null RemoteScrollingCoordinatorProxy in [WKWebViewIOS _didFinishScrolling]

Bug 255162 - Accessing null RemoteScrollingCoordinatorProxy in [WKWebViewIOS _didFinishScrolling]

Summary: Accessing null RemoteScrollingCoordinatorProxy in [WKWebViewIOS _didFinishScr...

Status:	RESOLVED FIXED

Alias:	None

Product:	WebKit
Classification:	Unclassified
Component:	Scrolling (show other bugs)
Version:	WebKit Nightly Build
Hardware:	Unspecified Unspecified

Importance:	P1 Normal
Assignee:	Nobody

URL:
Keywords:	InRadar

Depends on:
Blocks:

Reported:	2023-04-07 12:03 PDT by Abrar Rahman Protyasha
Modified:	2023-04-07 21:58 PDT (History)
CC List:	3 users (show)

See Also:

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description Abrar Rahman Protyasha 2023-04-07 12:03:49 PDT

We're seeing runtime crashes at [WKWebViewIOS _didFinishScrolling] in situations where a web view is closed out during a scroll operation.

This regression surfaced from https://commits.webkit.org/260975@main because it (correctly) changed the relative order of destruction between the `DrawingAreaProxy` and the `RemoteScrollingCoordinatorProxy` (and the `RemoteScrollingTree` it encompasses), which meant that there could be situations where closing or switching out a web view in the middle of a scroll operation could lead to a null deref of the `RemoteScrollingCoordinatorProxy` held by the `WebPageProxy`.

Comment 1 Abrar Rahman Protyasha 2023-04-07 12:05:10 PDT

rdar://106894608

Comment 2 Abrar Rahman Protyasha 2023-04-07 15:04:38 PDT

Pull request: https://github.com/WebKit/WebKit/pull/12532

Comment 3 EWS 2023-04-07 21:58:46 PDT

Committed 262748@main (2aa252bfd9f1): <https://commits.webkit.org/262748@main>

Reviewed commits have been landed. Closing PR #12532 and removing active labels.