[HN Gopher] Typing "old" (space) into iOS Safari crashes the app
___________________________________________________________________
Typing "old" (space) into iOS Safari crashes the app
Author : lunchbreak
Score : 161 points
Date : 2022-11-14 17:37 UTC (5 hours ago)
(HTM) web link (twitter.com)
(TXT) w3m dump (twitter.com)
| sneak wrote:
| Turning off Safari Suggestions is one of the first and most
| important privacy tweaks on a new iPhone. Otherwise every
| keystroke you type in the address bar gets sent to Apple in
| realtime.
| happyopossum wrote:
| > most important
|
| Really? No - there is no privacy threat surface with
| suggestions, unless you assume that Apple and everyone who
| works there is lying about it?
|
| ref: "any information sent to Apple does not identify you, and
| is associated with a 15-minute random, rotating device-
| generated identifier"
|
| [0]https://www.apple.com/legal/privacy/data/en/siri-
| suggestions...
| deafpolygon wrote:
| Haven't updated to 16.1.1 and no issues.
| [deleted]
| netsharc wrote:
| Can someone contribute more than "lol, me too!" and figure out
| which API endpoint it's hitting, what it's returning and guess
| why it's crashing? I don't have an iOS device otherwise I'd do
| it...
| dpkirchner wrote:
| Someone from Apple can probably attach a debugger and figure
| out the problem, but most of us are going to be in the dark.
| [deleted]
| acdha wrote:
| It's their own "Safari suggestions" service. I don't know if
| that's device local or some Apple API which changed but
| disabling it prevents the crashes.
| bombcar wrote:
| I wonder if "Safari Suggestions" is crossing a privacy line
| with its API it shouldn't and iOS nukes the app from orbit.
| acdha wrote:
| I doubt that since it's their own code but I'd easily
| believe that it hits an API endpoint which just started
| malfunctioning. The description is vague but it appears to
| retrieve a bunch of different kinds of information from
| some Apple service. Clearly a massive test coverage miss if
| my speculation is right.
| superjan wrote:
| I think he is joking.
| acdha wrote:
| I wasn't sure about that and it's certainly not without
| precedent that different parts of the same company might
| do something like that.
| bombcar wrote:
| It's partially a joke, but as anyone who has worked with
| a complex system, things like this can happen. A privacy
| control is changed somewhere, but not activated until
| later, and suddenly one day something stops working.
| jakedata wrote:
| "Turning off "Safari Suggestions" in settings fixes it." I should
| have turned that off before. It certainly stopped this one weird
| crash.
| SoftTalker wrote:
| I turn off search suggestions, auto-complete, auto-correct,
| intellisense and its ilk, everywhere I can.
| pas wrote:
| I like the autocomplete from my bookmarks and history. What's
| mind boggling is how slow it is (on Firefox on a beefy PC +
| SSD + Windows)
| gjsman-1000 wrote:
| For goodness sake Apple - this takes the cake for weirdest bug
| since the early Windows 10 Preview build which caused random
| letters to be missing from text...
| suction wrote:
| terrorOf wrote:
| hnews_account_1 wrote:
| It crashes for me without even typing the space at the end. Works
| for best too.
| alkonaut wrote:
| No it doesn't. Better repro steps needed.
|
| Edit: best guess so far: something regional or language
| dependent? Looks like US-specific search suggestions?
|
| My non-crashing circumstances:
|
| (iPhone11, iOS 15.6.1, Swedish language, in Sweden)
| numpad0 wrote:
| People are suggesting that it seems to come from Google
| suggestions, try first letters for local equivalents of Old
| Navy, Starbucks, Walmart, etc.
| jtbayly wrote:
| I have DDG as my search engine.
|
| Crashes on my phone running 16.1.1.
|
| People are suggesting it might be en-US only.
| Lendal wrote:
| I use DDG as my search engine on 16.1.1, and live in
| Florida (the English speaking part), but I couldn't
| reproduce it.
|
| Must be something else more complicated.
| josefresco wrote:
| Crashed for me (iPhone 14, iOS 16.0.3)
| throwawayment wrote:
| are you trolling? type it into the search bar and it does crash
| alkonaut wrote:
| It's not enough to do that. There is something more specific
| required: a specific version of iOS, a specific language, a
| particular phone, some setting, something in the search/url
| history etc.
|
| But it clearly doesn't reproduce across all
| devices/versions/settings with iOS Safari. Better repro steps
| needed.
| dpkirchner wrote:
| The repro steps are accurate and sufficient on their own --
| following the described steps does crash Safari for the
| reporting user (and many of us). What is missing is the
| complete device configuration which is distinct from steps
| (and would probably be overwhelming, in any case).
| alkonaut wrote:
| Tbf the "steps" in the tweet didn't even specify _where_
| in Safari to enter the text (text area, search bar,
| anywhere). So even absent the relevant config I'd say
| it's a pretty lacking bug report in the steps too.
| dpkirchner wrote:
| You're right, that would have been useful.
|
| * edit crazy typo
| suction wrote:
| ncphillips wrote:
| Doesn't happen for me
| bartread wrote:
| They're not trolling. I typed it into the search bar. Safari
| didn't crash.
|
| Is the person who wrote the tweet trolling? Probably not
| either.
|
| But what type of iOS device do they have? Which version of
| iOS are they running? Which language and locale?
|
| Those things matter. Other things that apparently shouldn't
| matter might matter as well: other apps installed or running,
| notification configuration, how many tabs they have open,
| whether they're connected via WiFi or 4G, etc.
|
| We don't know any of that stuff. As GP said: better
| reproduction steps needed.
|
| As it is this bug report is barely above the kind of "hurr
| durr it dern't work" support ticket that really pisses off
| everyone in my team, and indeed every support engineer, and
| software engineer I've ever worked with.
| yamtaddle wrote:
| 1) It's a tweet, not a bug report.
|
| 2) The _very first_ thing any actual engineer on Apple 's
| payroll ought to try to reproduce it will work (most recent
| official iOS, "happy path" settings that have Safari
| Suggestions turned on)
| bartread wrote:
| 1) Yes, people use tweets to report bugs all the time.
| The problem with nitpicking is that anyone can pick your
| nits back, which leads me to...
|
| 2) Yes, they will, but that won't necessarily repro the
| bug without knowing which type of device it's running on,
| so at the very least they might need to check several
| different devices, and even then other factors can come
| into play that go beyond basic device configuration.
|
| I'm sure, given that this appears to affect at least a
| significant minority of users, that Apple will be all
| over it and will find a way to repro it in relatively
| short order. Yet, at the same time, it's obscure enough
| to have escaped their no doubt reasonably robust QA
| processes before release, so it may well be there are
| some wrinkles to reproduction that aren't immediately
| apparent.
| yamtaddle wrote:
| > 1) Yes, people use tweets to report bugs all the time.
| The problem with nitpicking is that anyone can pick your
| nits back, which leads me to...
|
| People might. This one didn't even @ Apple. Jesus, HN (a
| sentiment the Tweet author has also expressed by now on
| the tweet thread, as they're apparently reading this and
| seeing y'all acting like this in public)
|
| > 2) Yes, they will, but that won't necessarily repro the
| bug without knowing which type of device it's running on,
| so at the very least they might need to check several
| different devices, and even then other factors can come
| into play that go beyond basic device configuration.
|
| Twitter figured this out in like 30 minutes. It's Safari
| Suggestions on any recent iOS. This may not be the
| platonic ideal of a bug report but _it 's not a bug
| report_ and also it happens, by chance, to be entirely
| fine even if it were, because this is super-easy to
| figure out.
| alkonaut wrote:
| > It's Safari Suggestions on any recent iOS.
|
| ... and what more? in US? On en-US language? Because it
| doesn't seem to be that universal.
| josefresco wrote:
| iPhone 14, iOS 16.0.3 English, US, No Tabs, Wifi
|
| Launch Safari
|
| Tap address bar
|
| Type "old"
| bartread wrote:
| Yes! See, this is what we need more of!
| afandian wrote:
| Surely there's an automated battery of configurations
| that devs can test against if they really want to fix the
| bug?
| bombcar wrote:
| iPhone 8, iOS 16.1 (20B82) English, US, No Tabs, Wifi
|
| Launch Safari
|
| Tap address bar
|
| Type "old "
|
| Boom!
| bartread wrote:
| _Now_ we 're talking!
| abxytg wrote:
| "support ticket that really pisses off everyone in my team,
| and indeed every support engineer, and software engineer
| I've ever worked with"
|
| I'm sorry to to be the one to break this to you -- you have
| only worked with bad engineers.
|
| If you get a bug report like this, where some simple user
| action like typing three characters is causing client
| devices to crash, you better be more mad at your busted ass
| system than a sparse bug report.
| alkonaut wrote:
| I think the suggestion that "X crashes Safari for at
| least one user" vs "X crashes Safari for all users" is a
| pretty different severity so the relevance of this story
| hinges on if it's some minority of users or a large
| majority, or even all users.
|
| I don't think it's unreasonable to try to narrow it down
| here simply because the story sort of hinges on the
| magnitude here.
| qubert2000 wrote:
| Crashes on mine, don't put the quotes...
| avanai wrote:
| "Best " does it for me. 16.1.1
|
| Turning off "Safari Suggestions" in settings fixes it.
| twobitshifter wrote:
| I can only get to bes before it crashes, turning off safari
| suggestions fixed it. I think it's maps/shopping related, old
| navy and Best Buy were the suggestions.
| Veuxdo wrote:
| Funny, with Google you typically want to add "-best" to your
| searches to cut down on SEO spam.
| layman51 wrote:
| Interesting, I had never heard of this tip before. How do you
| do this though? Do you just add it at the end like a flag?
| (e.g. "sparking water -best" ?) In general, I thought these
| kinds of search engine commands were being phased out, but it
| looks to me like it would filter out those garbage articles
| that would bring up results like "top/best 15 brands of
| sparkling water" etc.
| czx4f4bd wrote:
| That still works on Google. You can put it anywhere in the
| query. The "-" is a negation operator that tells the engine
| to exclude results containing the following word.
|
| They've actually apparently introduced a few new operators
| since the old days, which I found surprising. For example,
| $ for prices, # for hashtags, and .. for ranges of numbers.
| https://support.google.com/websearch/answer/2466433?hl=en
| andirk wrote:
| I often do the opposite: "best [search query, usually a
| product] in the world".
| ok_dad wrote:
| None of the strings crashed my safari, I'm on whatever the newest
| version of iOS is, just updated it yesterday.
|
| edit: Also, I'm on the iPhone 11 or 12 I think? So maybe model
| has something to do with it?
| yamtaddle wrote:
| It seems to be tied to "Safari Suggestions", so if you have
| that turned off you won't see the crash.
| ok_dad wrote:
| Not for me, I actually turned that off just now, I didn't
| know it was "on". Maybe a hacker who resides on my iPhone
| fixed the bug for me?
|
| Also, I'm on the iPhone 11 or 12 I think? So maybe model has
| something to do with it?
| BudaDude wrote:
| > Maybe a hacker who resides on my iPhone fixed the bug for
| me
|
| Wholesome hacking
| ok_dad wrote:
| If you "hacked" a system, I would assume the first thing
| you'd do is patch any of your own known exploits, and
| others, so you don't lose ownership to some other hacker,
| right?
| tlholaday wrote:
| If you ever consider a career change, the parasitology
| field could advance from your intuitions.
| brewdad wrote:
| I'm on 16.1.1 with Safari Suggestions turned on. No crashes
| here. iPhone 12 Pro.
| yamtaddle wrote:
| Wild! Mine crashed the first try, turned off Safari
| Suggestions, crash behavior gone.
|
| Turned it back on... still no crash. Search engine makes no
| difference.
|
| Wonder if it's a cache thing and disabling Suggestions
| cleared that, removing whatever bad data was hanging
| around, or if it was a purely server-side bug and they've
| already fixed it.
|
| [EDIT] Some others saying it stopped happening, so may have
| been fixed.
| lzooz wrote:
| Same here, impossible to make it crash, and yes suggestions are
| on. (Although I must say I never get any suggestions for some
| reason)
| gnicholas wrote:
| Huh, not replicable for me, in 16.1, on iPhone 13 Mini on EN-US.
| Was this added in 16.1.1?
| alwillis wrote:
| I'm running the public beta of iOS 16.2; typing "old" in the
| address/search bar crashes Safari.
| obituary_latte wrote:
| Unfortunately, connecting MacOS Safari debugging crashes the
| debugger when the iOS Safari crashes as far as I can tell.
| recuter wrote:
| That's just the old
| recuter wrote:
| Dammit, that's just the old
| tlholaday wrote:
| From my reading of the update log, it looks like the last
| change was from Candlej
| [deleted]
| josefresco wrote:
| Imagine having a domain or business name starting with "old" -
| nightmare scenario!
|
| Old Spice, Old Navy...
| stardenburden wrote:
| According to the top commentator that's exactly why it's
| happening
| pas wrote:
| how is it a "nightmare scenario"? it's not ideal, but it
| doesn't sound bad (there are other browsers, workarounds, etc.
| it's not like these sites are forever gone because of a
| ransomware or SSL key exploit, etc)
| josefresco wrote:
| I can't imagine "Old Navy" customer support is going to have
| much success telling iOS customers to install another browser
| (I'm not even sure that solves it).
| robbyking wrote:
| My guess is a lot of the crashes come from old.reddit.com
| Regnore wrote:
| Is old.reddit.com very unstable for everyone else in safari
| or just me? On my past 3 iphones through multiple iOS
| versions I can't browse for more than 10 minutes without
| eventually hanging/crashing safari. It seems to happen most
| frequently after browsing posts with images
| bargle0 wrote:
| I haven't had any trouble with it.
| ljm wrote:
| New Reddit it like that. Page randomly resets no matter
| what you're doing. Dumps you back at the top and asks if
| you want to install the app.
|
| They are _desperate_ about getting you to download their
| app.
| jaywalk wrote:
| I had a bunch of open tabs in Safari, and typing "old" (space)
| not only crashed Safari but got rid of almost all of the open
| tabs. It was all stuff I needed to refer back to, and yeah that's
| not a great way to manage stuff like that. Of course bookmarks
| would be the right way. But now it's gone.
|
| So be careful.
| omoikane wrote:
| Reminds me of the bug where certain strings would crash apple
| products.
|
| https://nvd.nist.gov/vuln/detail/CVE-2018-4124
|
| https://xkcd.com/1957/
| nneonneo wrote:
| I wonder if a crash log gets generated - Settings -> Privacy ->
| Analytics & Improvements -> Analytics Data will have it if so.
| Unfortunately, I can't reproduce the issue on my phone (iOS 16.1,
| Canada)
| lizardactivist wrote:
| You thought only a bug _inside_ your app could crash it?
|
| Now your browser can crash because of a bug on a server,
| somewhere, which you weren't planning on browsing to, let alone
| even knew existed.
|
| The future truly is here.
| madeofpalk wrote:
| It's still a bug in the app.
|
| "Fail gracefully" for malformed responses. If a JSON API all of
| a sudden starts returning a cloudflare html error response, you
| shouldn't crash your iPhone app.
| whoisjuan wrote:
| "best "
|
| "bedt "
|
| "old "
|
| "wel "
|
| "dta "
|
| All of these crash safari in iOS for me.
|
| What's strange about this bug is that it happened overnight for
| multiple iOS version.
|
| It seems to be a server bug that happens with the requests that
| populate the suggestions.
|
| Turning off safari suggestions fixes it.
| yamtaddle wrote:
| Concur, smells strongly of a server-side change, that it's
| hitting multiple versions all the sudden. Which might mean it's
| also relatively quick/easy fix?
| coldcode wrote:
| It's not universal, my iPhone 14 pro with 16.1 does not crash
| for any letters I can type, spaces or not. Suggestions work
| fine for me. Clearly there is another factor not obvious
| causing the crash. In any case Apple would see a whole influx
| of crash reports (assuming they are as anal about them as I
| used to be).
| shon wrote:
| Can confirm. For me a reboot, administered immediately after 3
| consecutive crashes a few hours ago, seemed to fix the issue.
| bumblebritches5 wrote:
| Overtonwindow wrote:
| No, doesn't crash for me.
| woodruffw wrote:
| It does for me. It's probably a tuple of (Safari, iOS, iPhone)
| version specific, for a couple of versions of each.
| shellac wrote:
| Which search engine are you using?
| woodruffw wrote:
| Looks like I have DDG configured as my default.
| yamtaddle wrote:
| In a blank address bar, not just anywhere. Crashed mine, sure
| enough, first try. I'm on 16.1 (haven't updated to 16.1.1 yet).
| ActionHank wrote:
| This is the important point I think. Version of Safari is
| tied to version of OS.
| wging wrote:
| I don't think 16.1.1 is unaffected. I'm on iOS 16.1.1 and
| can reproduce it. Blank address bar -> "old " -> crash. The
| second time I didn't need the space, as others have also
| reported.
| Overtonwindow wrote:
| I try to avoid updating my iPhone for as long as humanly
| possible. I find updates generally bring bugs, features I
| don't want, apps I don't want, and sometimes taking away
| things I like.
| numpad0 wrote:
| For those not reproducing: your device may have to reside CONUS
| for some of "tar"(-get), "bes"(-tbuy), "wal"(-mart), "wel"(-ls
| fargo), "old"(-navy?), "sta"(-rbucks), "pla"(-net fitness?) to
| work. Try local brands, e.g., "Harrods", "Tesco", "Picard", etc.
| For my country "Gusto", a casual dining franchise, reproduces the
| issue. List is from [1].
|
| Edit: stopped reproducing here as of 19:11 UTC.
|
| Edit: some people digged into it[2][3], [2] includes partial
| endpoint URLs. Apparently this was happening for 7+^H^H 10+ hour.
|
| 1: https://www.macrumors.com/2022/11/14/safari-search-crash-
| bug...
|
| 2: https://twitter.com/nejigami/status/1592174411712712706
|
| 3: https://twitter.com/take6556/status/1592100775119171584
| awinter-py wrote:
| I like the many possibilities here of
|
| 1. apple shipped a feature _for_ walmart causing their browser
| to crash
|
| 2. apple shipped walmart _code_ in their browser which crashed
|
| 3. apple shipped walmart plugin in their browser and then
| _apple_ made a breaking change which crashed
|
| 3rd one is my favorite because it's the most dysfunctional
| madeofpalk wrote:
| The reality will be more like Safari suggestions API sending
| malformed response for some scenarios, crashing the app.
| bogwog wrote:
| > your device may have to reside CONUS for some of "tar"(-get),
| "bes"(-tbuy),
|
| I have no idea what this means
| tchalla wrote:
| These initialisms, abbreviations and acronyms are getting out
| of hand.
| ironmagma wrote:
| These are the people who in real life say "Jan" instead of
| "January."
| cassianoleal wrote:
| At least that can usually be understood from context.
| Acronyms and initialisms usually cannot unless you
| already know them.
| divan wrote:
| And K instead of OK
| gardenhedge wrote:
| This wouldn't make me blink.. Jan, Feb.. but if someone
| just said Mar for March I'd blink twice.
| ironmagma wrote:
| Apr for April :P
| lapetitejort wrote:
| How about Thu for Thursday?
| monkpit wrote:
| Continental US, I guess? Not sure why "continental" matters.
| devonallie wrote:
| Excludes Hawaii, and Alaska (+ all other non state
| islands/territories)
| mordechai9000 wrote:
| Continental includes Alaska, as it's on the same
| continent, but contiguous does not.
| rsynnott wrote:
| I mean, _you'd think_, but:
| https://en.wiktionary.org/wiki/CONUS#Usage_notes
| gnubison wrote:
| Good thing this acronym distingui- oh.
| pasquinelli wrote:
| i think they meant they're not sure why that would make a
| difference
| gameshot911 wrote:
| Me either, but guessing: Contiguous United States
| 1024core wrote:
| "CONUS" is short for "CONtinental United States"
| ethbr0 wrote:
| As distinct from OCONUS. https://veteran.com/military-
| acronyms/
| s_dev wrote:
| Interesting to not see POTUS there.
| cassianoleal wrote:
| Or TOTOPOTUS! https://twitter.com/MarkDStrauss/status/159
| 0026071059013633
| dannyphantom wrote:
| Thank you
| sokoloff wrote:
| Does not crash for me. (US, using "old ".) Safari suggestions
| on. IOS 15.7 (19H12).
|
| Installing 15.7.1 now to check that version (and because I
| might as well install it anyway...) Edit: doesn't crash on
| 15.7.1 either (though my first test on 15.7.1 was at 17:28
| UTC.)
| DefineOutside wrote:
| Crashes for me with "old" on iOS 16.0 with an iPhone 11
| QuadmasterXLII wrote:
| in my phone nothing happens with "old ", but reproduced with okd
|
| doesn't crash in private mode
| jfk13 wrote:
| My guess is that it depends on your browser history (and maybe
| other factors that influence what autocorrect or autocomplete
| wants to propose).
| fonix wrote:
| just got beta 2 installed and it did infact crash in safari
| CharlesW wrote:
| For me too, also with current public beta.
| TechBro8615 wrote:
| They really, really don't want you using old.reddit.com
|
| Doesn't reproduce for me btw. I also have the setting disabled
| that adds a period when typing a space twice, if that matters.
| can16358p wrote:
| Yeah I was trying and all I was getting suggested is
| old.reddit.com
| friendlyHornet wrote:
| Cease your investigations into this conspiracy theory
| immediately. We must not anger the new reddit designers
| skykooler wrote:
| In my case I don't even need to type the space - the moment I
| press "d" it crashes.
| obituary_latte wrote:
| Same for me. Doesn't happen in Firefox which is strange because
| I thought all browsers used the same Safari engine...
| skykooler wrote:
| Firefox on iOS uses webview for page rendering, but the url
| suggestions (which seem to be the cause of the crash) are
| separate and are handled by firefox's code.
___________________________________________________________________
(page generated 2022-11-14 23:00 UTC)