New issue
Advanced search Search tips

Issue 826017 link

Starred by 1 user

Issue metadata

Status: Available
Owner: ----
Components:
EstimatedDays: ----
NextAction: ----
OS: Android
Pri: 3
Type: Bug



Sign in to add a comment

Guard all webview->app callbacks with AwContents.isDestroyed

Project Member Reported by boliu@chromium.org, Mar 26 2018

Issue description

Forked from crbug.com/824156

The problem is jni jweak (ie JavaObjectWeakGlobalRef) resurrecting objects after (potentially) WeakReference are cleared and finalization has happened.

See "ReferenceQueue with WeakReference" section at the end of this doc:
https://docs.google.com/document/d/1J081GIUprqNbQDSzhYtL2kYsF3mf6jRc1GcAWGgUPXo/edit?usp=sharing
 

Comment 1 by boliu@chromium.org, Mar 26 2018

A lot of calls are guarded with isDestroyedOrNoOperation already:
https://cs.chromium.org/chromium/src/android_webview/java/src/org/chromium/android_webview/AwContents.java?rcl=ac8224087d6b4e187b37cbdddbc059be107c891a&l=822

but that's not everything, apparently

Comment 2 by boliu@chromium.org, Mar 26 2018

so might need an audit here..

Sign in to add a comment