New issue
Advanced search Search tips

Issue 914060 link

Starred by 1 user
Status: Started
Owner:
wjmaclean@chromium.org
Cc:
bokan@chromium.org
wfh@chromium.org
creis@chromium.org
Components:
EstimatedDays: ----
NextAction: ----
OS: Linux , Android , Windows , Chrome , Mac
Pri: 2
Type: Bug



Sign in to add a comment

TouchAdjustment uses incorrect coordinate conversion inside OOPIF

Project Member Reported by danakj@chromium.org, Dec 11 
[1:1:1211/150910.364702:FATAL:event_handler.cc(1868)] Check failed: location.ContainsPoint(FloatPoint(point)). 
#0 0x7fc4b865616f base::debug::StackTrace::StackTrace()
#1 0x7fc4b85791bb logging::LogMessage::~LogMessage()
#2 0x7fc4af88d373 blink::EventHandler::ApplyTouchAdjustment()
#3 0x7fc4af88cd3f blink::EventHandler::HitTestResultForGestureEvent()
#4 0x7fc4af88a983 blink::EventHandler::TargetGestureEvent()
#5 0x7fc4af88a633 blink::EventHandler::HandleGestureEvent()
#6 0x7fc4af6a1279 blink::WebFrameWidgetImpl::HandleGestureEvent()
#7 0x7fc4afcbb7f4 blink::PageWidgetDelegate::HandleInputEvent()
#8 0x7fc4af69ecf0 blink::WebFrameWidgetImpl::HandleInputEvent()
#9 0x7fc4b60da158 content::RenderWidgetInputHandler::HandleInputEvent()
#10 0x7fc4b627bef7 content::RenderWidget::HandleInputEvent()

1) Go to http://csreis.github.io/tests/cross-site-iframe-simple.html
2) Set device emulation on pixel 2
3) Click around back and forth between a couple fields or outside fields
4) The iframe will crash quickly

Comment 1 by bokan@chromium.org, Dec 11

Cc: bokan@chromium.org
Components: Internals>Sandbox>SiteIsolation
Labels: OS-Android OS-Chrome OS-Linux OS-Mac OS-Windows
Owner: wjmaclean@chromium.org
Status: Assigned (was: Untriaged)
Summary: TouchAdjustment uses incorrect coordinate conversion inside OOPIF (was: Crash event handling in OOPIF)
I'm guessing the issue is with

frame_->View()->ConvertFromRootFrame(adjusted_point)

That's likely going to do the wrong thing inside an OOPIF.

James, could you add this to your backlog?

Comment 2 by wjmaclean@chromium.org, Dec 27

Status: Started (was: Assigned)
I'm having difficulty reproducing this (I'm trying on Linux ToT). Even with different PSFs (zooming the content in and out via touch-emulation), I seem to be able to correctly place the cursor in any field, or even between letters of entered text.

I verified that I'm hitting the code path where the DCHECK is.

The only time it crashed was once when I was (emulated-)touch-scrolling the iframe ... but I couldn't get it to reproduce.

bokan@ - why do you think that line of code will fail in an oopif? All events going to the oopif will have been converted in the browser using a transform that should account for scale, etc. So the oopif will just think PSF = 1, so I'm not sure where the error would occur.

The one crash during touch scrolling isn't too surprising, as emulating a Pixel 2 would likely set a PSF < 1.f, and (at present) although events sent to OOPIFs have their coords converted, they *do not* have any deltas converted.

Comment 3 by bokan@chromium.org, Dec 27 

That function doesn't deal with PSF, just frame offsets in the page. If OOPIF targetting transforms the event coordinates such that it is relative to the local root then that should work.

Sign in to add a comment