RESOLVED DUPLICATE of bug 215622 215732
Crash when interacting with certain elements in WebCore::EventHandler::dispatchMouseEvent 
https://bugs.webkit.org/show_bug.cgi?id=215732
Summary Crash when interacting with certain elements in WebCore::EventHandler::dispat...
zac west
Reported 2020-08-21 08:59:33 PDT
Created attachment 407012 [details] An example crash log STR: 1. Visit https://demo.home-assistant.io or https://mwc-demos.glitch.me 2. Click on a button/toggle element on the page. 3. Note the crash. This reproduces (and began) on the version of WebKit/Safari in iOS 14 beta 5 and Safari Technology Preview Release 112 (Safari 14.0, WebKit 15610.1.25.5.1). The crash will look something like the one attached, ending in: Thread 0 Crashed:: Dispatch queue: com.apple.main-thread 0 com.apple.WebCore 0x0000000662c4cde5 WebCore::EventHandler::dispatchMouseEvent(WTF::AtomString const&, WebCore::Node*, int, WebCore::PlatformMouseEvent const&, WebCore::EventHandler::FireMouseOverOut) + 2773 1 com.apple.WebCore 0x00000006612c7d49 WebCore::EventHandler::handleMousePressEvent(WebCore::PlatformMouseEvent const&) + 3529 2 com.apple.WebKit 0x0000000660023c7d WebKit::WebPage::mouseEvent(WebKit::WebMouseEvent const&) + 475 3 com.apple.WebKit 0x00000006605fbd71 WebKit::WebPage::didReceiveWebPageMessage(IPC::Connection&, IPC::Decoder&) + 13359 4 com.apple.WebKit 0x00000006600a0895 IPC::MessageReceiverMap::dispatchMessage(IPC::Connection&, IPC::Decoder&) + 125 5 com.apple.WebKit 0x00000006604e45ac WebKit::WebProcess::didReceiveMessage(IPC::Connection&, IPC::Decoder&) + 28 6 com.apple.WebKit 0x0000000660082cfb IPC::Connection::dispatchMessage(std::__1::unique_ptr<IPC::Decoder, std::__1::default_delete<IPC::Decoder> >) + 701 7 com.apple.WebKit 0x000000066008550a WTF::Detail::CallableWrapper<IPC::Connection::enqueueIncomingMessage(std::__1::unique_ptr<IPC::Decoder, std::__1::default_delete<IPC::Decoder> >)::$_7, void>::call() + 214
Attachments
An example crash log (123.25 KB, text/plain)
2020-08-21 08:59 PDT, zac west 		no flags
Details
View All Add attachment proposed patch, testcase, etc.
Elizabeth Mitchell
Comment 1 2020-08-21 13:13:44 PDT
This error is related to delegatesFocus. When set to true, the tab will crash when the user creates focus by clicking on the ShadowRoot's content. If the element is programmatically focused via element.focus(), the tab does not crash and element.shadowRoot.activeElement is properly set to the delegated focus target. If delegatesFocus is set to false, the tab does not crash when the user clicks on the ShadowRoot's content. Crash: https://jsbin.com/hudimuseya/edit?html,output No crash: https://jsbin.com/hegogibike/edit?html,output Safari TP 112 (Safari 14.0, WebKit 15610.1.25.5.1)
Alexey Proskuryakov
Comment 2 2020-08-22 16:10:04 PDT
Thank you for the report! I believe that this was just fixed a couple days ago as bug 215622. *** This bug has been marked as a duplicate of bug 215622 ***
Note You need to log in before you can comment on or make changes to this bug.