RESOLVED DUPLICATE of bug 269308 270548
WebContent crash in WebCore::Quirks::triggerOptionalStorageAccessQuirk() 
https://bugs.webkit.org/show_bug.cgi?id=270548
Summary WebContent crash in WebCore::Quirks::triggerOptionalStorageAccessQuirk()
Jeff Johnson
Reported 2024-03-05 16:02:58 PST
Safari Technology Preview 189 (Safari 17.4, WebKit 18619.1.3.2) on macOS 13.6.4 (22G513) The crash does not occur with Safari 17.3.1 (18617.2.4.11.12, 18617) Steps to reproduce: 1) Open https://gizmodo.com/x-twitter-ceo-shares-ad-tweets-criticize-elon-musk-1850862068 2) On the video right below the article title, open the contextual menu and select Show Controls 3) Hover over the volume control (which is muted) 4) Click inside the volume slider Below is the crashed thread. I can also provide full crash logs if necessary. This crash is reproducible every time. Thread 0 Crashed:: Dispatch queue: com.apple.main-thread 0 WebCore 0x116cc0614 WebCore::Quirks::triggerOptionalStorageAccessQuirk(WebCore::Element&, WebCore::PlatformMouseEvent const&, WTF::AtomString const&, int, WebCore::Element*, bool, WebCore::IsSyntheticClick) const + 4076 1 WebCore 0x116cc0598 WebCore::Quirks::triggerOptionalStorageAccessQuirk(WebCore::Element&, WebCore::PlatformMouseEvent const&, WTF::AtomString const&, int, WebCore::Element*, bool, WebCore::IsSyntheticClick) const + 3952 2 WebCore 0x1164deca0 WebCore::Element::dispatchMouseEvent(WebCore::PlatformMouseEvent const&, WTF::AtomString const&, int, WebCore::Element*, WebCore::IsSyntheticClick) + 1280 3 WebCore 0x116c079e8 WebCore::EventHandler::dispatchMouseEvent(WTF::AtomString const&, WebCore::Node*, int, WebCore::PlatformMouseEvent const&, WebCore::EventHandler::FireMouseOverOut) + 180 4 WebCore 0x114ce7ea4 WebCore::EventHandler::handleMouseReleaseEvent(WebCore::PlatformMouseEvent const&) + 2860 5 WebKit 0x10491acd4 WebKit::WebFrame::handleMouseEvent(WebKit::WebMouseEvent const&) + 672 6 WebKit 0x104a7dac0 WebKit::WebPage::mouseEvent(WebCore::ProcessQualified<WTF::ObjectIdentifierGeneric<WebCore::FrameIdentifierType, WTF::ObjectIdentifierMainThreadAccessTraits>>, WebKit::WebMouseEvent const&, std::__1::optional<WTF::Vector<WebKit::SandboxExtensionHandle, 0ul, WTF::CrashOnOverflow, 16ul, WTF::FastMalloc>>&&, WTF::CompletionHandler<void (std::__1::optional<WebKit::WebEventType>, bool, std::__1::optional<WebCore::RemoteUserInputEventData>)>&&) + 552 7 WebKit 0x104a9cf20 WebKit::WebPage::didReceiveWebPageMessage(IPC::Connection&, IPC::Decoder&) + 12392 8 WebKit 0x104b85e60 IPC::MessageReceiverMap::dispatchMessage(IPC::Connection&, IPC::Decoder&) + 256 9 WebKit 0x1047183c0 WebKit::WebProcess::didReceiveMessage(IPC::Connection&, IPC::Decoder&) + 40 10 WebKit 0x104b8179c IPC::Connection::dispatchMessage(WTF::UniqueRef<IPC::Decoder>) + 600 11 WebKit 0x104b83fcc WTF::Detail::CallableWrapper<IPC::Connection::enqueueIncomingMessage(WTF::UniqueRef<IPC::Decoder>)::$_12, void>::call() + 148 12 JavaScriptCore 0x10a2a5bec WTF::RunLoop::performWork() + 200 13 JavaScriptCore 0x10a2a6b14 WTF::RunLoop::performWork(void*) + 36 14 CoreFoundation 0x1894525ac __CFRUNLOOP_IS_CALLING_OUT_TO_A_SOURCE0_PERFORM_FUNCTION__ + 28 15 CoreFoundation 0x189452540 __CFRunLoopDoSource0 + 176 16 CoreFoundation 0x1894522b0 __CFRunLoopDoSources0 + 244 17 CoreFoundation 0x189450eb8 __CFRunLoopRun + 828 18 CoreFoundation 0x189450428 CFRunLoopRunSpecific + 612 19 Foundation 0x18a3c9f7c -[NSRunLoop(NSRunLoop) runMode:beforeDate:] + 212 20 Foundation 0x18a442c7c -[NSRunLoop(NSRunLoop) run] + 64 21 libxpc.dylib 0x1890c2594 _xpc_objc_main + 860 22 libxpc.dylib 0x1890c1eb4 xpc_main + 108 23 WebKit 0x104223b80 WebKit::XPCServiceMain(int, char const**) + 68 24 dyld 0x18901bf28 start + 2236
Attachments
Add attachment proposed patch, testcase, etc.
Charlie Wolfe
Comment 1 2024-03-05 18:40:56 PST
*** This bug has been marked as a duplicate of bug 269308 ***
Note You need to log in before you can comment on or make changes to this bug.