[TIMOB-3839] Certain HTML web pages can crash UIWebView
| GitHub Issue | n/a |
|---|---|
| Type | Bug |
| Priority | Medium |
| Status | Closed |
| Resolution | Hold |
| Resolution Date | 2011-04-29T19:23:58.000+0000 |
| Affected Version/s | Release 1.7.0 |
| Fix Version/s | n/a |
| Components | iOS |
| Labels | applebug, ios, rendering, webview |
| Reporter | Blain Hamon |
| Assignee | Blain Hamon |
| Created | 2011-04-29T19:23:17.000+0000 |
| Updated | 2017-03-10T19:23:27.000+0000 |
Description
With a certain crafted web page, it is possible to cause UIWebView to crash during render with the stack trace roughly:
0 WebCore 0x0011c6ec WebCore::RenderLayer::clippingRoot() const + 72
1 WebCore 0x0011c582 WebCore::RenderLayer::childrenClipRect() const + 30
2 WebCore 0x0011c454 WebCore::RenderWidget::setWidgetGeometry(WebCore::IntRect const&) + 44
3 WebCore 0x0011c1e2 WebCore::RenderWidget::updateWidgetPosition() + 346
4 WebCore 0x0005a0d0 WebCore::RenderView::updateWidgetPositions() + 132
5 WebCore 0x00059f02 WebCore::FrameView::performPostLayoutTasks() + 202
6 WebCore 0x0004da4c WebCore::FrameView::layout(bool) + 2216
7 WebCore 0x0004d170 WebCore::FrameView::forceLayout(bool) + 4
8 WebKit 0x0000a968 -[WebHTMLView layoutToMinimumPageWidth:height:maximumPageWidth:adjustingViewSize:] + 92
9 WebKit 0x0000a8fe -[WebHTMLView layout] + 18
10 WebKit 0x0000ca44 -[WebHTMLView(WebInternal) _layoutIfNeeded] + 48
11 WebKit 0x0000c976 -[WebHTMLView(WebInternal) _web_layoutIfNeededRecursive] + 14
12 WebKit 0x0000c86a -[WebHTMLView(WebPrivate) viewWillDraw] + 50
13 CoreFoundation 0x00036d74 -[NSObject(NSObject) performSelector:] + 12
14 CoreFoundation 0x00036996 -[NSArray makeObjectsPerformSelector:] + 382
15 WebCore 0x0005bdb0 -[WAKView viewWillDraw] + 24
16 CoreFoundation 0x00036d74 -[NSObject(NSObject) performSelector:] + 12
17 CoreFoundation 0x00036996 -[NSArray makeObjectsPerformSelector:] + 382
18 WebCore 0x0005bdb0 -[WAKView viewWillDraw] + 24
19 CoreFoundation 0x00036d74 -[NSObject(NSObject) performSelector:] + 12
20 CoreFoundation 0x00036996 -[NSArray makeObjectsPerformSelector:] + 382
21 WebCore 0x0005bdb0 -[WAKView viewWillDraw] + 24
22 CoreFoundation 0x00036d74 -[NSObject(NSObject) performSelector:] + 12
23 CoreFoundation 0x00036996 -[NSArray makeObjectsPerformSelector:] + 382
24 WebCore 0x0005bdb0 -[WAKView viewWillDraw] + 24
25 WebKit 0x0000c81a -[WebView(WebPrivate) viewWillDraw] + 62
26 WebCore 0x0005bc60 WebCore::TileCache::prepareToDraw() + 36
27 WebCore 0x0005bc0a -[TileLayer display] + 30
28 QuartzCore 0x00008706 CALayerDisplayIfNeeded + 178
29 QuartzCore 0x000081c6 CA::Context::commit_transaction(CA::Transaction*) + 214
30 QuartzCore 0x00007fd0 CA::Transaction::commit() + 184
31 QuartzCore 0x0000104e CA::Transaction::observer_callback(__CFRunLoopObserver*, unsigned long, void*) + 50
32 CoreFoundation 0x00075a2e __CFRUNLOOP_IS_CALLING_OUT_TO_AN_OBSERVER_CALLBACK_FUNCTION__ + 10
33 CoreFoundation 0x0007745e __CFRunLoopDoObservers + 406
34 CoreFoundation 0x00078754 __CFRunLoopRun + 848
This is deep in Apple code. Nothing we can do, really.
Closing ticket.