Bug 132214

Summary: REGRESSION (r167689): Hovering file name in a file input causes a crash
Product: WebKit Reporter: Alexey Proskuryakov <ap>
Component: UI EventsAssignee: Ryosuke Niwa <rniwa>
Status: RESOLVED FIXED    
Severity: Normal CC: commit-queue, esprehn+autocc, kangil.han, rniwa, thorton
Priority: P1 Keywords: InRadar, Regression
Version: 528+ (Nightly build)   
Hardware: Unspecified   
OS: Unspecified   
URL: data:text/html,<input%20type=file>
Attachments:
Description Flags
Fixes the bug none

Description Alexey Proskuryakov 2014-04-25 16:21:27 PDT 
Steps to reproduce:
1. Open data:text/html,<input%20type=file>
2. Hover "no files" text.

Results: crash.

Thread 0 Crashed:: Dispatch queue: com.apple.main-thread
0   com.apple.JavaScriptCore      	0x0000000106fbab7e WTFCrash + 62
1   com.apple.WebCore             	0x00000001076f4479 WTF::CrashOnOverflow::overflowed() + 9
2   com.apple.WebCore             	0x000000010789dcac WebCore::EventDispatcher::dispatchEvent(WebCore::Node*, WTF::PassRefPtr<WebCore::Event>) + 2108
3   com.apple.WebCore             	0x00000001073b082d WebCore::Node::dispatchEvent(WTF::PassRefPtr<WebCore::Event>) + 29
4   com.apple.WebCore             	0x00000001078947fe WebCore::Element::dispatchMouseEvent(WebCore::PlatformMouseEvent const&, WTF::AtomicString const&, int, WebCore::Element*) + 270
5   com.apple.WebCore             	0x0000000107547932 WebCore::EventHandler::updateMouseEventTargetNode(WebCore::Node*, WebCore::PlatformMouseEvent const&, bool) + 2770
6   com.apple.WebCore             	0x0000000107546bf6 WebCore::EventHandler::dispatchMouseEvent(WTF::AtomicString const&, WebCore::Node*, bool, int, WebCore::PlatformMouseEvent const&, bool) + 70
7   com.apple.WebCore             	0x0000000107544dff WebCore::EventHandler::handleMouseMoveEvent(WebCore::PlatformMouseEvent const&, WebCore::HitTestResult*, bool) + 1279
8   com.apple.WebCore             	0x000000010754469b WebCore::EventHandler::mouseMoved(WebCore::PlatformMouseEvent const&) + 107
9   com.apple.WebCore             	0x00000001080c2097 WebCore::UserInputBridge::handleMouseMoveEvent(WebCore::PlatformMouseEvent const&, WebCore::InputSource) + 23
Comment 1 Alexey Proskuryakov 2014-04-25 16:22:12 PDT 
<rdar://problem/16731925>
Comment 2 Ryosuke Niwa 2014-04-25 20:38:13 PDT 
Created attachment 230234 [details]
Fixes the bug
Comment 3 Andreas Kling 2014-04-25 20:39:16 PDT 
Comment on attachment 230234 [details]
Fixes the bug

:|
Comment 4 Ryosuke Niwa 2014-04-25 21:42:05 PDT 
Comment on attachment 230234 [details]
Fixes the bug

Clearing flags on attachment: 230234

Committed r167840: <http://trac.webkit.org/changeset/167840>
Comment 5 Ryosuke Niwa 2014-04-25 21:42:09 PDT 
All reviewed patches have been landed.  Closing bug.
Comment 6 Tim Horton 2014-04-26 00:38:38 PDT 
The test is failing on WebKit1 bots with this console message:

CONSOLE MESSAGE: line 11: TypeError: HTMLPreElement is not a function (evaluating 'log('Content:' + detailsContainer.outerHTML + '\n')')
Comment 7 Tim Horton 2014-04-26 00:41:30 PDT 
(In reply to comment #6)
> The test is failing on WebKit1 bots with this console message:
> 
> CONSOLE MESSAGE: line 11: TypeError: HTMLPreElement is not a function (evaluating 'log('Content:' + detailsContainer.outerHTML + '\n')')

http://build.webkit.org/results/Apple%20MountainLion%20Release%20WK1%20(Tests)/r167842%20(19473)/fast/events/shadow-event-path-2-pretty-diff.html