[Webkit-unassigned] [Bug 141538] New: WKActionSheetAssistant crashes with a Bad Access when the view it's initialized with is no longer in memory

bugzilla-daemon at webkit.org bugzilla-daemon at webkit.org
Thu Feb 12 14:38:01 PST 2015 

https://bugs.webkit.org/show_bug.cgi?id=141538

            Bug ID: 141538
           Summary: WKActionSheetAssistant crashes with a Bad Access when
                    the view it's initialized with is no longer in memory
    Classification: Unclassified
           Product: WebKit
           Version: 528+ (Nightly build)
          Hardware: iOS
                OS: iOS 8.1
            Status: NEW
          Severity: Normal
          Priority: P2
         Component: WebKit2
          Assignee: webkit-unassigned at lists.webkit.org
          Reporter: mstanley at twitter.com

Created attachment 246475
  --> https://bugs.webkit.org/attachment.cgi?id=246475&action=review
This Sample App shows one way this bug manifest, the crash file shows another

Overview:
 WKActionSheetAssistent.mm holds an unsafe pointer to a UIView called "_view".
 However since WKActionSheet.mm is retained by the window's rootViewController and it's
 UIAlertActions retain the WKActionSheetAssistent.mm, the assistent can easily outlive
 the _view it's pointing to. As a result this example will crash with a BAD ACCESS. The most
 common stack trace that that exposes this issue for us is via the "willRotate" method on WKActionSheet.mm.

 I will attach a crash log with that particular trace along with the bug that I file.

 For the record, we don't dump the webview on a memory warning in our production app, but the views that
 are being deallococated in the real app are internal subviews of WKWebView that we can't access, (not necessarily
 memory pressure)

Reproduction Steps:
 1. Run the attached sample app
 2. Long-press the web link
 3. Leave ActionSheet open
 4. Send App Memory Warning
 5. Close ActionSheet

Actual Result:
 The App Crashes with Bad Access

Expected Result:
 The App shouldn't crash

Platform: 
 iOS 8.1.3

-- 
You are receiving this mail because:
You are the assignee for the bug.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.webkit.org/pipermail/webkit-unassigned/attachments/20150212/54efa815/attachment-0002.html>

More information about the webkit-unassigned mailing list