Preflight Checklist
Electron Version
42.0.1
What operating system(s) are you using?
macOS
Operating System Version
macOS Tahoe 26.2 (25C56)
What arch are you using?
arm64 (including Apple Silicon)
Last Known Working Electron version
41.3.0
Does the issue also appear in Chromium / Google Chrome?
I don't know how to test
Expected Behavior
Right-clicking on an element with -webkit-app-region: drag in a titleBarStyle: 'hidden' window should show a context menu or do nothing. It should not crash.
Actual Behavior
The app crashes with SIGSEGV (EXC_BAD_ACCESS, KERN_INVALID_ADDRESS at 0x0). The crash occurs inside [ElectronNSWindow sendEvent:] which temporarily disables draggable regions via SetDisableDraggableRegions(true), making draggable_region() return nullptr. Something in Chromium's event routing inside [super sendEvent:] then dereferences this null pointer. Also reproduces on Electron 43.0.0-alpha.1. Does NOT crash on Electron 41.3.0.
Testcase Gist URL
https://gist.github.com/Rush/1d9276720cea0aabea4cce27be94978d
Additional Information
Minimal reproduction:
// main.js
const { app, BrowserWindow } = require('electron');
app.whenReady().then(() => {
const win = new BrowserWindow({
width: 800, height: 600,
titleBarStyle: 'hidden',
webPreferences: { nodeIntegration: false, contextIsolation: true }
});
win.loadURL('data:text/html,<div
style="-webkit-app-region:drag;height:40px;background:%23333;color:white;padding:0
80px;display:flex;align-items:center">RIGHT CLICK HERE TO CRASH</div>');
});Steps: run with npx electron ., right-click the gray bar.
Crash stack (Thread 0):
Exception Type: EXC_BAD_ACCESS (SIGSEGV)
KERN_INVALID_ADDRESS at 0x0000000000000000
0 Electron Framework rust_bmp$cxxbridge1$...
7 AppKit -[NSApplication(NSEventRouting) sendEvent:] + 1276
The crash path is in shell/browser/ui/cocoa/electron_ns_window.mm:224-243. The sendEvent: override calls SetDisableDraggableRegions(true) before [super sendEvent:event], which makes WebContents::draggable_region() return nullptr (electron_api_web_contents.cc:2191)
Preflight Checklist
Electron Version
42.0.1
What operating system(s) are you using?
macOS
Operating System Version
macOS Tahoe 26.2 (25C56)
What arch are you using?
arm64 (including Apple Silicon)
Last Known Working Electron version
41.3.0
Does the issue also appear in Chromium / Google Chrome?
I don't know how to test
Expected Behavior
Right-clicking on an element with -webkit-app-region: drag in a titleBarStyle: 'hidden' window should show a context menu or do nothing. It should not crash.
Actual Behavior
The app crashes with SIGSEGV (EXC_BAD_ACCESS, KERN_INVALID_ADDRESS at 0x0). The crash occurs inside [ElectronNSWindow sendEvent:] which temporarily disables draggable regions via SetDisableDraggableRegions(true), making draggable_region() return nullptr. Something in Chromium's event routing inside [super sendEvent:] then dereferences this null pointer. Also reproduces on Electron 43.0.0-alpha.1. Does NOT crash on Electron 41.3.0.
Testcase Gist URL
https://gist.github.com/Rush/1d9276720cea0aabea4cce27be94978d
Additional Information
Minimal reproduction:
Steps: run with npx electron ., right-click the gray bar.
The crash path is in shell/browser/ui/cocoa/electron_ns_window.mm:224-243. The sendEvent: override calls SetDisableDraggableRegions(true) before [super sendEvent:event], which makes WebContents::draggable_region() return nullptr (electron_api_web_contents.cc:2191)