[Webkit-unassigned] [Bug 215732] New: Crash when interacting with certain elements in WebCore::EventHandler::dispatchMouseEvent

bugzilla-daemon at webkit.org bugzilla-daemon at webkit.org
Fri Aug 21 08:59:33 PDT 2020 

https://bugs.webkit.org/show_bug.cgi?id=215732

            Bug ID: 215732
           Summary: Crash when interacting with certain elements in
                    WebCore::EventHandler::dispatchMouseEvent
           Product: WebKit
           Version: Safari Technology Preview
          Hardware: All
                OS: All
            Status: NEW
          Severity: Normal
          Priority: P2
         Component: WebCore Misc.
          Assignee: webkit-unassigned at lists.webkit.org
          Reporter: zac at zac.us

Created attachment 407012

  --> https://bugs.webkit.org/attachment.cgi?id=407012&action=review

An example crash log

STR:

1. Visit https://demo.home-assistant.io or https://mwc-demos.glitch.me
2. Click on a button/toggle element on the page.
3. Note the crash.

This reproduces (and began) on the version of WebKit/Safari in iOS 14 beta 5 and Safari Technology Preview Release 112 (Safari 14.0, WebKit 15610.1.25.5.1).

The crash will look something like the one attached, ending in:

Thread 0 Crashed:: Dispatch queue: com.apple.main-thread
0   com.apple.WebCore                   0x0000000662c4cde5 WebCore::EventHandler::dispatchMouseEvent(WTF::AtomString const&, WebCore::Node*, int, WebCore::PlatformMouseEvent const&, WebCore::EventHandler::FireMouseOverOut) + 2773
1   com.apple.WebCore                   0x00000006612c7d49 WebCore::EventHandler::handleMousePressEvent(WebCore::PlatformMouseEvent const&) + 3529
2   com.apple.WebKit                    0x0000000660023c7d WebKit::WebPage::mouseEvent(WebKit::WebMouseEvent const&) + 475
3   com.apple.WebKit                    0x00000006605fbd71 WebKit::WebPage::didReceiveWebPageMessage(IPC::Connection&, IPC::Decoder&) + 13359
4   com.apple.WebKit                    0x00000006600a0895 IPC::MessageReceiverMap::dispatchMessage(IPC::Connection&, IPC::Decoder&) + 125
5   com.apple.WebKit                    0x00000006604e45ac WebKit::WebProcess::didReceiveMessage(IPC::Connection&, IPC::Decoder&) + 28
6   com.apple.WebKit                    0x0000000660082cfb IPC::Connection::dispatchMessage(std::__1::unique_ptr<IPC::Decoder, std::__1::default_delete<IPC::Decoder> >) + 701
7   com.apple.WebKit                    0x000000066008550a WTF::Detail::CallableWrapper<IPC::Connection::enqueueIncomingMessage(std::__1::unique_ptr<IPC::Decoder, std::__1::default_delete<IPC::Decoder> >)::$_7, void>::call() + 214

-- 
You are receiving this mail because:
You are the assignee for the bug.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.webkit.org/pipermail/webkit-unassigned/attachments/20200821/60396716/attachment.htm>

More information about the webkit-unassigned mailing list