[Webkit-unassigned] [Bug 228869] New: Crash when connecting gamepad in a PWA

bugzilla-daemon at webkit.org bugzilla-daemon at webkit.org
Fri Aug 6 11:28:21 PDT 2021 

https://bugs.webkit.org/show_bug.cgi?id=228869

            Bug ID: 228869
           Summary: Crash when connecting gamepad in a PWA
           Product: WebKit
           Version: Safari 14
          Hardware: iPhone / iPad
                OS: iOS 14
            Status: NEW
          Severity: Normal
          Priority: P2
         Component: WebCore Misc.
          Assignee: webkit-unassigned at lists.webkit.org
          Reporter: abargas at nvidia.com

Created attachment 435077

  --> https://bugs.webkit.org/attachment.cgi?id=435077&action=review

minimal test page

It is possible to crash a PWA by attaching a gamepad to the device. The stack trace indicates that the crash is happening internal to WebKit and not at the application level.

Attached is a minimal test page to reproduce the issue. The test page polls navigator.getGamepads() every 4 ms. Each poll it checks for the presence of gamepads and (un)checks boxes with the connection state of the first two gamepads it detects.

The crash seems to happen under different conditions, but the following is a consistent way to get a crash:
1. Restart device (power off/on).
2. Create PWA for test page.
3. Ensure all other Safari/PWA instances are killed.
4. Connect two gamepads (note the order)
5. Do inputs on both gamepads in the same order they were connected until they are detected (boxes on page checked)
6. Disconnect both gamepads (boxes on page unchecked)
7. Kill page (swipe away PWA)
8. Reopen page
9. Connect second gamepad and observe crash (screen will flash and crash dump will be present)

Reproduces with:
Version/14.1.2 Safari/605.1.15 (iOS 14.7.1)
Version/14.1.1 Safari/605.1.15 (iPadOS 14.6)
BT Dualshock 4 + Rotor Riot, BT Xbox One + Rotor Riot

The crash .ips file and symbolicated stack will be attached after the initial filing.

-- 
You are receiving this mail because:
You are the assignee for the bug.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.webkit.org/pipermail/webkit-unassigned/attachments/20210806/b208fa19/attachment.htm>

More information about the webkit-unassigned mailing list