[Webkit-unassigned] [Bug 203782] New: Tab-completing external search sites in the url bar crashes STP

bugzilla-daemon at webkit.org bugzilla-daemon at webkit.org
Sat Nov 2 09:44:49 PDT 2019 

https://bugs.webkit.org/show_bug.cgi?id=203782

            Bug ID: 203782
           Summary: Tab-completing external search sites in the url bar
                    crashes STP
           Product: WebKit
           Version: Safari Technology Preview
          Hardware: Macintosh
                OS: macOS 10.15
            Status: NEW
          Severity: Normal
          Priority: P2
         Component: New Bugs
          Assignee: webkit-unassigned at lists.webkit.org
          Reporter: matt at webkit.mattgoldman.us

(Not sure exactly what the correct terminology is for this in Safari.)

Steps to reproduce:
1. Type `wiki` in the url bar. Safari offers to autocomplete `https://en.wikpedia.org/wiki/Main_Page`
2. Hit Tab

Expected Behavior:
URL bar changes to "Search Wikipedia" context

Actual Behavior:
Safari crashes.

This is reproducible 100% of the time using Wikipedia and Youtube as the site to search, but doesn't crash for reddit.com

STP 95, macOS 10.15.1

Crash info:

Crashed Thread:        6  Dispatch queue: com.apple.Safari.URLCompletionDatabase.URLCompletionDatabase.0x60000186eb50.internalQueue

Exception Type:        EXC_BAD_ACCESS (SIGSEGV)
Exception Codes:       KERN_INVALID_ADDRESS at 0x0000000000000000
Exception Note:        EXC_CORPSE_NOTIFY

Termination Signal:    Segmentation fault: 11
Termination Reason:    Namespace SIGNAL, Code 0xb
Terminating Process:   exc handler [58016]


Thread 6 Crashed:: Dispatch queue: com.apple.Safari.URLCompletionDatabase.URLCompletionDatabase.0x60000186eb50.internalQueue
0   com.apple.CoreFoundation            0x00007fff2f9d8fec CFURLGetBytes + 43
1   com.apple.JavaScriptCore            0x000000010de72434 WTF::originalURLData(NSURL*) + 52
2   com.apple.JavaScriptCore            0x000000010de72582 WTF::userVisibleString(NSURL*) + 18
3   com.apple.Safari.Shared             0x000000010e3eda69 makeURLWithEscapedIDNWorkaround(NSString*) + 37
4   com.apple.Safari.Shared             0x000000010e400e84 urlWithAddedComponents(NSString*, unsigned long) + 201
5   com.apple.Safari.Shared             0x000000010e3ed8c8 enumeratePossibleURLsForUserTypedStringWithBlockInternal(NSString*, void (NSURL*, signed char*) block_pointer) + 914
6   com.apple.Safari.Shared             0x000000010e3ed4b1 +[NSURL(SafariSharedExtras) safari_enumeratePossibleURLsForUserTypedString:withBlock:] + 53
7   com.apple.Safari.Shared             0x000000010e3ed408 -[NSString(SafariSharedExtras) safari_bestURLForUserTypedString] + 147
8   com.apple.Safari.Shared             0x000000010e5a2953 -[WBSURLCompletionDatabase _getSortedMatchesForTypedString:topHits:historyMatches:historyLimit:bookmarkMatches:bookmarkLimit:prefixMatchesOnly:] + 1026
9   com.apple.Safari.Shared             0x000000010e5a244d -[WBSURLCompletionDatabase _getSortedPrefixMatchesForTypedString:topHits:historyMatches:historyLimit:bookmarkMatches:bookmarkLimit:] + 29
10  com.apple.Safari.Shared             0x000000010e5a1d8c -[WBSURLCompletionDatabase getBestMatchesForTypedString:topHits:matches:limit:forQueryID:] + 169
11  com.apple.Safari.framework          0x000000010c7d12a5 __87-[URLCompletionDatabase getBestMatchesForTypedString:topHits:matches:limit:forQueryID:]_block_invoke + 118
12  libdispatch.dylib                   0x00007fff66df150e _dispatch_client_callout + 8
13  libdispatch.dylib                   0x00007fff66dfd567 _dispatch_lane_barrier_sync_invoke_and_complete + 60
14  com.apple.Safari.framework          0x000000010c7d117c -[URLCompletionDatabase getBestMatchesForTypedString:topHits:matches:limit:forQueryID:] + 273
15  com.apple.Safari.framework          0x000000010c7c7b24 invocation function for block in Safari::UnifiedFieldCompletionListGenerator::startDatabaseLookupOperation() + 454
16  libdispatch.dylib                   0x00007fff66df0583 _dispatch_call_block_and_release + 12
17  libdispatch.dylib                   0x00007fff66df150e _dispatch_client_callout + 8
18  libdispatch.dylib                   0x00007fff66df6ace _dispatch_lane_serial_drain + 597
19  libdispatch.dylib                   0x00007fff66df7452 _dispatch_lane_invoke + 363
20  libdispatch.dylib                   0x00007fff66e00a9e _dispatch_workloop_worker_thread + 598
21  libsystem_pthread.dylib             0x00007fff6704a71b _pthread_wqthread + 290
22  libsystem_pthread.dylib             0x00007fff6704a57b start_wqthread + 15

-- 
You are receiving this mail because:
You are the assignee for the bug.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.webkit.org/pipermail/webkit-unassigned/attachments/20191102/d8ae20a8/attachment-0001.htm>

More information about the webkit-unassigned mailing list