[Webkit-unassigned] [Bug 260358] New: REGRESSION (iOS 17 Beta): Crash when quickly tapping on a date picker after reload
bugzilla-daemon at webkit.org
bugzilla-daemon at webkit.org
Thu Aug 17 11:45:16 PDT 2023
https://bugs.webkit.org/show_bug.cgi?id=260358
Bug ID: 260358
Summary: REGRESSION (iOS 17 Beta): Crash when quickly tapping
on a date picker after reload
Product: WebKit
Version: WebKit Nightly Build
Hardware: Unspecified
OS: Unspecified
Status: NEW
Severity: Normal
Priority: P2
Component: Forms
Assignee: webkit-unassigned at lists.webkit.org
Reporter: ajuma at chromium.org
CC: akeerthi at apple.com, cdumez at apple.com,
wenson_hsieh at apple.com
Created attachment 467313
--> https://bugs.webkit.org/attachment.cgi?id=467313&action=review
Crash log
This seems to reproduce on any site with a date picker element, e.g. https://go-mini.com. I've been able to reproduce this crash in both Safari and Chrome on iOS 17 beta.
Steps:
1. In Safari on iOS 17, visit a site that has a date picker.
2. Reload the page and quickly tap on the date picker (might take a few tries to get the timing right)
This results in an exception:
CALayer bounds contains NaN: [#.# #.#; #.# #.#]. Layer: <CALayer:0x#; position = CGPoint (# #); bounds = CGRect (# #; # #); delegate = <_UIDatePickerOverlayPlatterView: 0x#; frame = (# #; # #); transform = [0, 0, 0, 0, 0, 0]; layer = <CALayer: 0x#>>; sublayers = (<CALayer: 0x#>, <CALayer: 0x#>); opaque = YES; transform = CATransform3D (0 0 0 0; 0 0 0 0; 0 0 1 0; 0 0 0 1)>
With backtrace:
0 CoreFoundation 0x19468c178 __exceptionPreprocess + 164
1 libobjc.A.dylib 0x18ca9fc00 objc_exception_throw + 60
2 CoreFoundation 0x194710578 -[NSException initWithCoder:] + 0
3 QuartzCore 0x195bc924c CA::Layer::set_bounds(CA::Rect const&, bool) + 204
4 QuartzCore 0x195bc9154 -[CALayer setBounds:] + 132
5 UIKitCore 0x19681ddec -[UIView _backing_setBounds:] + 68
6 UIKitCore 0x19681c94c -[UIView(Geometry) setBounds:] + 352
7 UIKitCore 0x197951ed8 -[_UIDatePickerOverlayPresentation _presentNewDatePicker:] + 432
8 UIKitCore 0x197951140 __64-[_UIDatePickerOverlayPresentation presentDatePicker:onDismiss:]_block_invoke + 116
9 UIKitCore 0x197951b70 __81-[_UIDatePickerOverlayPresentation _prepareDatePickerPresentationWithCompletion:]_block_invoke + 56
10 UIKitCore 0x1968e3ac0 -[UIPresentationController transitionDidFinish:] + 1096
11 UIKitCore 0x196e82d44 -[_UICurrentContextPresentationController transitionDidFinish:] + 44
12 UIKitCore 0x1968e357c __56-[UIPresentationController runTransitionForCurrentState]_block_invoke.111 + 320
13 UIKitCore 0x1968e33a8 -[_UIViewControllerTransitionContext completeTransition:] + 116
14 UIKitCore 0x196865a28 -[_UIAfterCACommitBlock run] + 72
15 UIKitCore 0x19686580c -[_UIAfterCACommitQueue flush] + 164
16 libdispatch.dylib 0x19c4106a8 _dispatch_call_block_and_release + 32
17 libdispatch.dylib 0x19c412300 _dispatch_client_callout + 20
18 libdispatch.dylib 0x19c420998 _dispatch_main_queue_drain + 984
19 libdispatch.dylib 0x19c4205b0 _dispatch_main_queue_callback_4CF + 44
20 CoreFoundation 0x1945d65bc __CFRUNLOOP_IS_SERVICING_THE_MAIN_DISPATCH_QUEUE__ + 16
21 CoreFoundation 0x1945d32f0 __CFRunLoopRun + 1996
22 CoreFoundation 0x1945d2a40 CFRunLoopRunSpecific + 600
23 GraphicsServices 0x1d6b1b5ec GSEventRunModal + 164
24 UIKitCore 0x1969e9ba0 -[UIApplication _run] + 888
25 UIKitCore 0x1969e91dc UIApplicationMain + 340
26 MobileSafariUI 0x1f60bd868 MobileSafariUIMain + 1276
27 dyld 0x1b7674d44 start + 2104
I've attached a full crash log.
--
You are receiving this mail because:
You are the assignee for the bug.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.webkit.org/pipermail/webkit-unassigned/attachments/20230817/4f42a3dc/attachment.htm>
More information about the webkit-unassigned
mailing list