Bug 18506 - Crash when Ctrl C (copy) is pressed after a series of specific mouse events
Summary: Crash when Ctrl C (copy) is pressed after a series of specific mouse events
Status: RESOLVED FIXED
Alias: None
Product: WebKit
Classification: Unclassified
Component: HTML Editing (show other bugs)
Version: 528+ (Nightly build)
Hardware: All All
: P1 Normal
Assignee: Nobody
URL:
Keywords: InRadar
Depends on:
Blocks:
 
Reported: 2008-04-14 16:47 PDT by Rahul Kuchhal
Modified: 2008-06-08 13:46 PDT (History)
0 users

See Also:

Attachments
Testcase (9.09 KB, text/html)
2008-04-14 16:48 PDT, Rahul Kuchhal 		no flags Details
Fixes the crash described in the bug. (1.22 KB, patch)
2008-04-14 16:53 PDT, Rahul Kuchhal 		no flags Details | Formatted Diff | Diff
Crash log for kuchal's repro steps (19.07 KB, text/plain)
2008-04-17 16:53 PDT, Eric Roman 		no flags Details
Layout test (10.60 KB, text/html)
2008-04-18 10:18 PDT, Rahul Kuchhal 		no flags Details
View All Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description Rahul Kuchhal 2008-04-14 16:47:26 PDT 
To reproduce:
- open the attached html file
- hover the mouse over "Mouse Over" link
- Select the "Select" link in the popup box
- move mouse away so that popup disappears
- press Ctrl C - crash
Comment 1 Rahul Kuchhal 2008-04-14 16:48:20 PDT 
Created attachment 20539 [details]
Testcase
Comment 2 Rahul Kuchhal 2008-04-14 16:53:54 PDT 
Created attachment 20540 [details]
Fixes the crash described in the bug.
Comment 3 Mark Rowe (bdash) 2008-04-14 17:22:45 PDT 
<rdar://problem/5863412>
Comment 4 Adele Peterson 2008-04-15 22:27:21 PDT 
Comment on attachment 20540 [details]
Fixes the crash described in the bug.

Internally, we haven't been able to reproduce this.  But the null check is fine (and its done earlier in the function too).  Is there a way to make a layout test for this?
Comment 5 Rahul Kuchhal 2008-04-16 10:24:54 PDT 
I can reproduce this 100% of the time but the steps are a little tricky. After mouse over, you need to jump quickly to the popup box and then select the dummy link using mouse. Now move mouse away (without clicking) so that popup disappears and pressing ctrl-c at that time causes crash.

I am trying to write layout test for this.
Comment 6 Eric Roman 2008-04-17 16:42:14 PDT 
I am also able to reproduce this 100% of the time

To be clear, on Mac Os X you need to type "cmd-c" instead of "ctrl-c".

To re-iterate the repro steps:

(1) Mouse over the link called "Mouse Over"
(2) Quickly move the mouse into the yellow box (otherwise it closes before you reach it)
(3) Drag a selection around the "Select" word
(4) Move the mouse outside of yellow box and it will be dismissed
(5) If on mac os x, type cmd-c (copy)
else if on windows type ctrl-c (copy)
(6) Results in crashes in safari 3.1

Raised priority since it is a crash.
Comment 7 Eric Roman 2008-04-17 16:53:34 PDT 
Created attachment 20655 [details]
Crash log for kuchal's repro steps
Comment 8 Rahul Kuchhal 2008-04-18 10:18:29 PDT 
Created attachment 20669 [details]
Layout test

I have this layout test case which is rather complicated. I couldn't reduce it any further because there are multiple steps involved and making even any small changes renders the test useless by causing the crash to go away.

If this layout test is acceptable let me know and I will generate a patch for it.
Comment 9 Darin Adler 2008-06-08 13:45:05 PDT 
Comment on attachment 20540 [details]
Fixes the crash described in the bug.

Clearing the review flag since this patch was landed.
Comment 10 Darin Adler 2008-06-08 13:46:06 PDT 
r33583

It's great to try to work on a test case for this, but the bug is fixed so this should be closed. If you want an open bug to track the work, then it should be a separate bug report.