Bug 242857

Created attachment 460972 [details] Test case The attached test case crashes in both Safari and Chrome in iOS 16 developer beta 2. Tapping on the following input crashes the UIProcess: <input type="text" name="test" onclick="window.open('https://www.webkit.org')"/> The crash happens because of an NSInternalInconsistencyException ("Received request for main thread, but there is no current keyboard task executing."). The relevant portion of the crash stack is: 0 CoreFoundation 0x1abeaf248 __exceptionPreprocess + 164 (NSException.m:202) 1 libobjc.A.dylib 0x1abad3098 objc_exception_throw + 60 (objc-exception.mm:356) 2 Foundation 0x1acf56724 -[NSAssertionHandler handleFailureInMethod:object:file:lineNumber:description:] + 188 (NSException.m:242) 3 UIKitCore 0x1b2d02018 -[UIKeyboardTaskQueue performTaskOnMainThread:waitUntilDone:] + 396 (UIKeyboardTaskQueue.m:323) 4 UIKitCore 0x1b305dacc -[UIKeyboardTaskQueue performSingleTask:] + 80 (UIKeyboardTaskQueue.m:477) 5 UIKitCore 0x1b37885ac -[UIKeyboardImpl updateForChangedSelection] + 116 (UIKeyboardImpl.m:9826) 6 UIKitCore 0x1b377d394 -[UIKeyboardImpl setDelegate:force:fromBecomeFirstResponder:] + 6144 (UIKeyboardImpl.m:6008) 7 UIKitCore 0x1b34eb5d0 -[UIKeyboardSceneDelegate _reloadInputViewsForKeyWindowSceneResponder:force:fromBecomeFirstResponder:] + 948 (UIKeyboardSceneDelegate.m:1145) 8 UIKitCore 0x1b34eb1dc -[UIKeyboardSceneDelegate _reloadInputViewsForResponder:force:fromBecomeFirstResponder:] + 128 (UIKeyboardSceneDelegate.m:1067) 9 UIKitCore 0x1b2e0dc48 -[UIResponder(UIResponderInputViewAdditions) reloadInputViews] + 84 (UIResponder.m:1983) Also see FB10505050 for full crash logs from Safari and Chrome.