[View]  [Edit]  [Lock]  [References]  [Attachments]  [History]  [Home]  [Changes]  [Search]  [Help] 

[coco8] BUG: Crash situation during UI callback

Severity: High
Reproducible: It is not easy to reproduce. It happens while building large Tables (e.g. in system browser), or while processing click of native button.
Symptom: App crash most o fthe times ahile executing an javascript function that was already garbage collected (so the crash is reported as accessing invalid address from a property of the function).
Notes: It happens when using UI elements built as applications resources (in storyboard). It has NOT been observed the bug when the UI is built using Mobile Framework.
Debugger Log-todo-

Actions to reproduce

It happens using U8 toolset in coco8 app.


See at end of this bug report
JSValueRef* valueArray = new JSValueRef[8];
It's not valid to put a JSValueRef in the heap without first calling JSValueProtect.
The garbage collector will automatically scan JSValueRefs on the stack, but once you put the JSValueRef into the heap like this, you need to use explicit reference counting through JSValueProtect and JSValueUnprotect.
ToDo:Check uses of JSValueProtect; also check if the code in this git help.
See reports of jscocoa issues

If you're thinking of build JSCore from WebKit, it's easiest to just checkout the package from svn:
svn co https://svn.webkit.org/repository/webkit/trunk
-and build all of webkit (takes a long time)
./Tools/Scripts/build-webkit --debug
Note that the build do not end with a library, as we need to be used in building coco8

How to solve/avoid the bug?