[Webkit-unassigned] [Bug 253965] New: [iOS 16.4] Crash in -[WKWebGeolocationPolicyDecider _executeNextChallenge]
bugzilla-daemon at webkit.org
bugzilla-daemon at webkit.org
Wed Mar 15 08:03:22 PDT 2023
https://bugs.webkit.org/show_bug.cgi?id=253965
Bug ID: 253965
Summary: [iOS 16.4] Crash in -[WKWebGeolocationPolicyDecider
_executeNextChallenge]
Product: WebKit
Version: WebKit Nightly Build
Hardware: Unspecified
OS: Unspecified
Status: NEW
Severity: Normal
Priority: P2
Component: WebKit2
Assignee: webkit-unassigned at lists.webkit.org
Reporter: ajuma at chromium.org
CC: achristensen at apple.com, cdumez at apple.com,
kkinnunen at apple.com
Created attachment 465446
--> https://bugs.webkit.org/attachment.cgi?id=465446&action=review
Crash log
Chrome for iOS is getting reports of a new crash in -[WKWebGeolocationPolicyDecider _executeNextChallenge] in iOS 16.4 beta, including the most recent seed (20E5229e). I've attached a crash log.
The crash stack is:
Exception Type: EXC_BAD_ACCESS (SIGSEGV)
Exception Subtype: KERN_INVALID_ADDRESS at 0x0000000000000000
Thread 0 Crashed:
0 WebKit 0x00000001a56d1524 __54-[WKWebGeolocationPolicyDecider _executeNextChallenge]_block_invoke_3 + 28 (WKWebGeolocationPolicyDeciderIOS.mm:191)
1 UIKitCore 0x0000000194bcb5b0 -[UIAlertController _invokeHandlersForAction:] + 88 (UIAlertController.m:1204)
2 UIKitCore 0x0000000194d5b530 __103-[UIAlertController _dismissAnimated:triggeringAction:triggeredByPopoverDimmingView:dismissCompletion:]_block_invoke_2 + 36 (UIAlertController.m:1369)
3 UIKitCore 0x0000000194a1e1ec -[UIPresentationController transitionDidFinish:] + 1124 (UIPresentationController.m:601)
4 UIKitCore 0x0000000194f0a1a0 __56-[UIPresentationController runTransitionForCurrentState]_block_invoke.110 + 320 (UIPresentationController.m:1303)
5 UIKitCore 0x0000000194a57bbc -[_UIViewControllerTransitionContext completeTransition:] + 116 (UIViewControllerTransitioning.m:289)
6 UIKitCore 0x00000001958042fc __UIVIEW_IS_EXECUTING_ANIMATION_COMPLETION_BLOCK__ + 36 (UIView.m:15136)
7 UIKitCore 0x0000000194874324 -[UIViewAnimationBlockDelegate _didEndBlockAnimation:finished:context:] + 636 (UIView.m:15169)
8 UIKitCore 0x0000000194873280 -[UIViewAnimationState sendDelegateAnimationDidStop:finished:] + 436 (UIView.m:0)
9 UIKitCore 0x000000019487299c -[UIViewAnimationState animationDidStop:finished:] + 196 (UIView.m:2325)
10 UIKit 0x000000021c14cbf8 -[UIViewAnimationStateAccessibility animationDidStop:finished:] + 172 (UIViewAnimationStateAccessibility.m:106)
11 UIKitCore 0x0000000194872ab0 -[UIViewAnimationState animationDidStop:finished:] + 472 (UIView.m:2344)
12 UIKit 0x000000021c14cbf8 -[UIViewAnimationStateAccessibility animationDidStop:finished:] + 172 (UIViewAnimationStateAccessibility.m:106)
13 QuartzCore 0x0000000193c6bc64 CA::Layer::run_animation_callbacks(void*) + 232 (CALayer.mm:7337)
14 libdispatch.dylib 0x0000000199c01f48 _dispatch_client_callout + 20 (object.m:560)
15 libdispatch.dylib 0x0000000199c106cc _dispatch_main_queue_drain + 928 (inline_internal.h:2633)
16 libdispatch.dylib 0x0000000199c1031c _dispatch_main_queue_callback_4CF + 44 (queue.c:7916)
17 CoreFoundation 0x00000001927c5d18 __CFRUNLOOP_IS_SERVICING_THE_MAIN_DISPATCH_QUEUE__ + 16 (CFRunLoop.c:1780)
18 CoreFoundation 0x00000001927a7650 __CFRunLoopRun + 1992 (CFRunLoop.c:3147)
19 CoreFoundation 0x00000001927ac4dc CFRunLoopRunSpecific + 612 (CFRunLoop.c:3418)
20 GraphicsServices 0x00000001cd47d35c GSEventRunModal + 164 (GSEvent.c:2196)
21 UIKitCore 0x0000000194b42c48 -[UIApplication _run] + 888 (UIApplication.m:3773)
22 UIKitCore 0x0000000194b428ac UIApplicationMain + 340 (UIApplication.m:5363)
23 Chrome 0x00000001026394cc 0x1025c8000 + 464076
24 dyld 0x00000001b1c06dec start + 2220 (dyldMain.cpp:1165)
--
You are receiving this mail because:
You are the assignee for the bug.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.webkit.org/pipermail/webkit-unassigned/attachments/20230315/f2777d85/attachment.htm>
More information about the webkit-unassigned
mailing list