Skip to content

App crashes upon selecting iOS webview link when voice over is on #140528

New issue
New issue
Closed
Closed
App crashes upon selecting iOS webview link when voice over is on#140528
Labels
P2Important issues not at the top of the work listcustomer: huggsy (g3)p: webviewThe WebView pluginpackageflutter/packages repository. See also p: labels.team-iosOwned by iOS platform teamtriaged-iosTriaged by iOS platform team
@jmagman

Description

@jmagman
jmagman
opened on Dec 21, 2023

Steps to reproduce

See recording in internal bug b/312385214. Crash only happens when voice over is on.

0   libobjc.A.dylib               	       0x1996aa120 objc_retain + 16
1   UIAccessibility               	       0x198825734 -[NSObject(UIStorage) _accessibilityProxyViewAncestorWhenMissingWindow] + 203
2   UIAccessibility               	       0x1988321ac UIAccessibilityFrameForBounds + 179
3   UIKitCore                     	       0x1847e4900 UIAccessibilityConvertFrameToScreenCoordinates + 23
4   UIAccessibility               	       0x198830f5c -[UIView(AXWebKitHelper) accessibilityConvertRectToSceneReferenceCoordinates:] + 19
5   WebKit                        	       0x1902309c0 WebKit::PageClientImpl::rootViewToAccessibilityScreen(WebCore::IntRect const&) + 123

Expected results

Opens web page

Actual results

Crashes EXC_BAD_ACCESS

Logs

Logs 
Exception Type:  EXC_BAD_ACCESS (SIGSEGV)
Exception Subtype: KERN_INVALID_ADDRESS at 0x0000000000000020
Exception Codes: 0x0000000000000001, 0x0000000000000020
VM Region Info: 0x20 is not in any region.  Bytes before following region: 4298276832
      REGION TYPE                 START - END      [ VSIZE] PRT/MAX SHRMOD  REGION DETAIL
      UNUSED SPACE AT START
--->  
      __TEXT                   100328000-10032c000 [   16K] r-x/r-x SM=COW  ...pp/FamilyLink
Exception Note:  EXC_CORPSE_NOTIFY
Termination Reason: SIGNAL 11 Segmentation fault: 11
Terminating Process: exc handler [866]

Triggered by Thread:  0

Thread 0 name:   Dispatch queue: com.apple.main-thread
Thread 0 Crashed:
0   libobjc.A.dylib               	       0x1996aa120 objc_retain + 16
1   UIAccessibility               	       0x198825734 -[NSObject(UIStorage) _accessibilityProxyViewAncestorWhenMissingWindow] + 203
2   UIAccessibility               	       0x1988321ac UIAccessibilityFrameForBounds + 179
3   UIKitCore                     	       0x1847e4900 UIAccessibilityConvertFrameToScreenCoordinates + 23
4   UIAccessibility               	       0x198830f5c -[UIView(AXWebKitHelper) accessibilityConvertRectToSceneReferenceCoordinates:] + 19
5   WebKit                        	       0x1902309c0 WebKit::PageClientImpl::rootViewToAccessibilityScreen(WebCore::IntRect const&) + 123
6   WebKit                        	       0x190350628 WebKit::WebPageProxy::rootViewToAccessibilityScreen(WebCore::IntRect const&, WTF::CompletionHandler<void (WebCore::IntRect)>&&) + 35
7   WebKit                        	       0x190687c0c bool IPC::handleMessageSynchronous<Messages::WebPageProxy::RootViewToAccessibilityScreen, WebKit::WebPageProxy, void (WebKit::WebPageProxy::*)(WebCore::IntRect const&, WTF::CompletionHandler<void (WebCore::IntRect)>&&)>(IPC::Connection&, IPC::Decoder&, WTF::UniqueRef<IPC::Encoder>&, WebKit::WebPageProxy*, void (WebKit::WebPageProxy::*)(WebCore::IntRect const&, WTF::CompletionHandler<void (WebCore::IntRect)>&&)) + 279
8   WebKit                        	       0x1906854ec WebKit::WebPageProxy::didReceiveSyncMessage(IPC::Connection&, IPC::Decoder&, WTF::UniqueRef<IPC::Encoder>&) + 1127
9   WebKit                        	       0x19014d40c IPC::MessageReceiverMap::dispatchSyncMessage(IPC::Connection&, IPC::Decoder&, WTF::UniqueRef<IPC::Encoder>&) + 471
10  WebKit                        	       0x19036d1a8 WebKit::WebProcessProxy::didReceiveSyncMessage(IPC::Connection&, IPC::Decoder&, WTF::UniqueRef<IPC::Encoder>&) + 39
11  WebKit                        	       0x19013467c IPC::Connection::dispatchMessage(std::__1::unique_ptr<IPC::Decoder, std::__1::default_delete<IPC::Decoder>>) + 1047
12  WebKit                        	       0x190130c2c IPC::Connection::SyncMessageState::ConnectionAndIncomingMessage::dispatch() + 35
13  WebKit                        	       0x190135cf8 WTF::Detail::CallableWrapper<IPC::Connection::SyncMessageState::processIncomingMessage(IPC::Connection&, std::__1::unique_ptr<IPC::Decoder, std::__1::default_delete<IPC::Decoder>>&)::$_5, void>::call() + 671
14  JavaScriptCore                	       0x18c6772c0 WTF::RunLoop::performWork() + 371
15  JavaScriptCore                	       0x18c677e3c WTF::RunLoop::performWork(void*) + 31
16  CoreFoundation                	       0x181eb0448 __CFRUNLOOP_IS_CALLING_OUT_TO_A_SOURCE0_PERFORM_FUNCTION__ + 23
17  CoreFoundation                	       0x181ec0578 __CFRunLoopDoSource0 + 203
18  CoreFoundation                	       0x181e02734 __CFRunLoopDoSources0 + 255
19  CoreFoundation                	       0x181e07e08 __CFRunLoopRun + 767
20  CoreFoundation                	       0x181e1b174 CFRunLoopRunSpecific + 571
21  GraphicsServices              	       0x1a2936988 GSEventRunModal + 159
22  UIKitCore                     	       0x18461da88 -[UIApplication _run] + 1079
23  UIKitCore                     	       0x1843b6f78 UIApplicationMain + 335
24  FamilyLink                    	       0x10032c8b4 0x100328000 + 18612
25  dyld                          	       0x1045844d0 start + 443

Metadata

Metadata

Assignees

No one assigned

    Labels

    P2Important issues not at the top of the work listcustomer: huggsy (g3)p: webviewThe WebView pluginpackageflutter/packages repository. See also p: labels.team-iosOwned by iOS platform teamtriaged-iosTriaged by iOS platform team

    Type

    No type

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions