Crash in "applicationDidBecomeActive:" when running as a "Mac (designed for iPad)" application.

[sthompson-crestron]

Problem Description

Describe your problem in detail. Include the following information:

• Which AIR SDK did you use?

AIR 51.0.1 build 4

• Describe the affected environment: Android vs. iOS, all devices vs. just specific models.

This is an iOS app compiled as "Mac (designed for iPad)" running on an Apple Silicon laptop (from Xcode)

• Can you reproduce it yourself, or did you get reports from other users? If so, how many users are affected (percentage)?

I can reproduce the issue myself.

Steps to Reproduce

Run the application

Give us a minimal example:

The application crashes in [CTAppController applicationDidBecomeActive] with the following backtrace:

#0 0x00000001005bd388 in -[CTAppController applicationDidBecomeActive:] ()
#1 0x00000001bac847f8 in -[UIApplication _stopDeactivatingForReason:] ()
#2 0x00000001bab84628 in __101-[_UISceneLifecycleMultiplexer _evalTransitionToSettings:fromSettings:forceExit:withTransitionStore:]_block_invoke_2 ()
#3 0x00000001bab816c8 in _UIScenePerformActionsWithLifecycleActionMask ()
#4 0x00000001bab8452c in __101-[_UISceneLifecycleMultiplexer _evalTransitionToSettings:fromSettings:forceExit:withTransitionStore:]_block_invoke ()
#5 0x00000001bab842b0 in -[_UISceneLifecycleMultiplexer _performBlock:withApplicationOfDeactivationReasons:fromReasons:] ()
#6 0x00000001bab8380c in -[_UISceneLifecycleMultiplexer _evalTransitionToSettings:fromSettings:forceExit:withTransitionStore:] ()
#7 0x00000001bab83508 in -[_UISceneLifecycleMultiplexer uiScene:transitionedFromState:withTransitionContext:] ()
#8 0x00000001bab81ca4 in __186-[_UIWindowSceneFBSSceneTransitionContextDrivenLifecycleSettingsDiffAction _performActionsForUIScene:withUpdatedFBSScene:settingsDiff:fromSettings:transitionContext:lifecycleActionType:]_block_invoke ()
#9 0x00000001bb3ddab8 in +[BSAnimationSettings(UIKit) tryAnimatingWithSettings:fromCurrentState:actions:completion:] ()
#10 0x00000001bb4d0504 in _UISceneSettingsDiffActionPerformChangesWithTransitionContextAndCompletion ()
#11 0x00000001bab81850 in -[_UIWindowSceneFBSSceneTransitionContextDrivenLifecycleSettingsDiffAction _performActionsForUIScene:withUpdatedFBSScene:settingsDiff:fromSettings:transitionContext:lifecycleActionType:] ()
#12 0x00000001bae9e45c in __64-[UIScene scene:didUpdateWithDiff:transitionContext:completion:]_block_invoke.243 ()
#13 0x00000001bab80cec in -[UIScene _emitSceneSettingsUpdateResponseForCompletion:afterSceneUpdateWork:] ()
#14 0x00000001bab80b5c in -[UIScene scene:didUpdateWithDiff:transitionContext:completion:] ()
#15 0x00000001bab76864 in -[UIApplication workspace:didCreateScene:withTransitionContext:completion:] ()
#16 0x00000001bab765f0 in -[UIApplicationSceneClientAgent scene:didInitializeWithEvent:completion:] ()
#17 0x00000001a1224ad8 in -[FBSScene _callOutQueue_didCreateWithTransitionContext:completion:] ()
#18 0x00000001a124d284 in __92-[FBSWorkspaceScenesClient createSceneWithIdentity:parameters:transitionContext:completion:]_block_invoke.139 ()
#19 0x00000001a120f048 in -[FBSWorkspace _calloutQueue_executeCalloutFromSource:withBlock:] ()
#20 0x00000001a124cf98 in __92-[FBSWorkspaceScenesClient createSceneWithIdentity:parameters:transitionContext:completion:]_block_invoke ()
#21 0x000000010679aba4 in _dispatch_client_callout ()
#22 0x000000010679ef48 in _dispatch_block_invoke_direct ()
#23 0x00000001a120ef5c in FBSSERIALQUEUE_IS_CALLING_OUT_TO_A_BLOCK ()
#24 0x00000001a126d0b4 in -[FBSMainRunLoopSerialQueue _targetQueue_performNextIfPossible] ()
#25 0x00000001a126d1e8 in -[FBSMainRunLoopSerialQueue _performNextFromRunLoopSource] ()
#26 0x000000018b70a4d8 in CFRUNLOOP_IS_CALLING_OUT_TO_A_SOURCE0_PERFORM_FUNCTION ()
#27 0x000000018b70a46c in __CFRunLoopDoSource0 ()
#28 0x000000018b70a1dc in __CFRunLoopDoSources0 ()
#29 0x000000018b708dc8 in __CFRunLoopRun ()
#30 0x000000018b708434 in CFRunLoopRunSpecific ()
#31 0x0000000195eac19c in RunCurrentEventLoopInMode ()
#32 0x0000000195eabe2c in ReceiveNextEventCommon ()
#33 0x0000000195eabd30 in _BlockUntilNextEventMatchingListInModeWithFilter ()
#34 0x000000018ef67d68 in _DPSNextEvent ()
#35 0x000000018f75d808 in -[NSApplication(NSEventRouting) _nextEventMatchingEventMask:untilDate:inMode:dequeue:] ()
#36 0x000000018ef5b09c in -[NSApplication run] ()
#37 0x000000018ef322e0 in NSApplicationMain ()
#38 0x000000018f185a30 in _NSApplicationMainWithInfoDictionary ()
#39 0x00000001a49d2f40 in UINSApplicationMain ()
#40 0x00000001bab5f570 in UIApplicationMain ()
#41 0x00000001006a2958 in main ()
#42 0x000000018b2a20e0 in start ()

The crash happens when trying to dereference a null pointer that seems to be related to (maybe allocated by?):

Loki::CreateStatic<runtime::AIRRuntime>::Create()::staticMemory_

Immediately before the crash the application had objective-C calls that appear to grab the key window from the main application set the frame (or bounds... can't remember which) of the window. So the offending code may be right after manipulating the size of the key window.

The code in question looks like:

0x1005bd378 <+292>:  ldr    x8, [x19, #0x10]
0x1005bd37c <+296>:  ldr    x8, [x8, #0x68]
0x1005bd380 <+300>:  ldr    x8, [x8, #0x288]
0x1005bd384 <+304>:  ldr    x0, [x8, #0x418]

-> 0x1005bd388 <+308>: ldr x8, [x0]
0x1005bd38c <+312>: ldr x8, [x8, #0x170]

Where the line with the -> is the one that crashes. The x0 register in this case is NULL, leading to a null dereference error.

There is a branch statement shortly after the series of deferences above so presumably this is setting up to call a function short after manipulating the frame of the window.

[ajwfrost]

This appears to be the same issue as was causing #3357 - are you able to re-try it with 51.1.1.x please?

thanks