Bug 30350

Summary:

Reproducible crash on :hover below WebCore::RenderLayer::hitTest

Product:

WebKit

Reporter:

Federico Lebrón <federico.lebron>

Component:

New Bugs

Assignee:

Nobody <webkit-unassigned>

Status:

RESOLVED DUPLICATE

Severity:

Normal

CC:

bdakin

Priority:

Keywords:

HasReduction, InRadar

Version:

528+ (Nightly build)

Hardware:

Mac (Intel)

OS:

OS X 10.5

Attachments:

Description	Flags
Minimal test case	none
System information after crash in nightly WebKit	none

Federico Lebrón

Reported 2009-10-13 22:19:12 PDT

Created attachment 41150 [details] Minimal test case I'm not using 528+ but the nightly 532.2+, but there was no option for it. However, it also crashes Safari 4.0.3. Attached is a minimal test case. The crash is reproducible every time, on both nightly and Safari 4.0.3. All Safari extensions were disabled at the moment of the crashes. Steps to reproduce: Hover "fooooooooo". -> Crash. Crash report: http://pastebin.com/f65b8e173 System info: http://pastebin.com/f6ebe5864 I'll also be attaching the crash report after submitting, just in case.

Attachments
Minimal test case (304 bytes, text/html) 2009-10-13 22:19 PDT, Federico Lebrón	no flags	Details
System information after crash in nightly WebKit (33.45 KB, text/plain) 2009-10-13 22:21 PDT, Federico Lebrón	no flags	Details
View All Add attachment proposed patch, testcase, etc.

Federico Lebrón

Comment 1 2009-10-13 22:21:26 PDT

Created attachment 41151 [details] System information after crash in nightly WebKit

Mark Rowe (bdash)

Comment 2 2009-10-13 22:28:18 PDT

<rdar://problem/7301567>

Mark Rowe (bdash)

Comment 3 2009-10-13 22:41:17 PDT

Top of my crash log with some line numbers (r49488): Exception Type: EXC_BAD_ACCESS (SIGSEGV) Exception Codes: KERN_INVALID_ADDRESS at 0x0000000000000210 Crashed Thread: 0 Dispatch queue: com.apple.main-thread Thread 0 Crashed: Dispatch queue: com.apple.main-thread 0 com.apple.WebCore 0x00000001008ac636 WebCore::RenderLayer::updateHoverActiveState(WebCore::HitTestRequest const&, WebCore::HitTestResult&) + 582 (RenderLayer.cpp:3044) 1 com.apple.WebCore 0x00000001008ab1d0 WebCore::RenderLayer::hitTest(WebCore::HitTestRequest const&, WebCore::HitTestResult&) + 224 (RenderLayer.cpp:2322) 2 com.apple.WebCore 0x00000001008ab04b WebCore::Document::prepareMouseEvent(WebCore::HitTestRequest const&, WebCore::IntPoint const&, WebCore::PlatformMouseEvent const&) + 91 (Document.cpp:2192)

Mark Rowe (bdash)

Comment 4 2009-10-15 15:28:40 PDT

*** This bug has been marked as a duplicate of bug 26515 ***

Note You need to log in before you can comment on or make changes to this bug.