WebKit does not gracefully handle allocation failure.
| Originator: | henrycerner | ||
| Number: | rdar://18148131 | Date Originated: | 8/27/2014 |
| Status: | Open | Resolved: | No |
| Product: | iOS | Product Version: | iOS 7.0.6 [11B651] |
| Classification: | Crash/Hang/Data Loss | Reproducible: | Sometimes |
Summary: WebKit was designed to crash if FastMalloc failed to allocate additional memory. See the comment here: http://www.opensource.apple.com/source/JavaScriptCore/JavaScriptCore-721.26/wtf/FastMalloc.h Look for the comment near the top: "These functions call CRASH() if an allocation fails." Steps to Reproduce: I reproduced the crash by continually malloc'ing chunks of memory in a loop until malloc returned NULL, then I used the Safari webview developer console to eval large amounts of JavaScript in my UIWebView. This caused the app to crash. A low memory warning was never sent at any point. Expected Results: If WebKit cannot allocate enough memory, then it should stop loading content, release the memory associated with the partially loaded content, and post a low-memory warning. Actual Results: WebKit crashes the app since it does not gracefully handle allocation failure. Version: iOS 7.0.6 [11B651] Notes: I marked the "reproducibility" of this crash as "sometimes" because occasionally, other (non-webview related) systems would crash due to being out of memory. Configuration: iPad 2
Comments
Please note: Reports posted here will not necessarily be seen by Apple. All problems should be submitted at bugreport.apple.com before they are posted here. Please only post information for Radars that you have filed yourself, and please do not include Apple confidential information in your posts. Thank you!