Bug 78587
| Summary: | REGRESSION(r99369?): Crash on http://www.sendspace.com/ | ||
|---|---|---|---|
| Product: | WebKit | Reporter: | Kent Tamura <tkent> |
| Component: | Forms | Assignee: | Nobody <webkit-unassigned> |
| Status: | RESOLVED DUPLICATE | ||
| Severity: | Major | CC: | jonlee, skylined, webkit-bug-importer |
| Priority: | P1 | Keywords: | InRadar, Regression |
| Version: | 528+ (Nightly build) | ||
| Hardware: | All | ||
| OS: | All | ||
| Bug Depends on: | 13897 | ||
| Bug Blocks: | |||
Kent Tamura
http://code.google.com/p/chromium/issues/detail?id=113630
Dragging files on an <input type=file> in www.sendspace.com causes a crash.
Stack trace on Google Chrome 17:
Thread 0 *CRASHED* ( EXC_BAD_ACCESS / KERN_PROTECTION_FAILURE @ 0x00000000 )
0x6823cca1 [Google Chrome Framework - HTMLInputElement.cpp:1425] WebCore::HTMLInputElement::setCanReceiveDroppedFiles
0x68626abf [Google Chrome Framework - DragController.cpp:337] WebCore::DragController::tryDocumentDrag
0x68625136 [Google Chrome Framework - DragController.cpp:253] WebCore::DragController::dragEnteredOrUpdated
0x6862548e [Google Chrome Framework - DragController.cpp:192] WebCore::DragController::dragUpdated
0x6805c63a [Google Chrome Framework - WebViewImpl.cpp:2295] WebKit::WebViewImpl::dragTargetDragEnterOrOver
0x6805c6ef [Google Chrome Framework - WebViewImpl.cpp:2229] WebKit::WebViewImpl::dragTargetDragOver
0x68f86d1e [Google Chrome Framework - render_view_impl.cc:3796] RenderViewImpl::OnMessageReceived
| Attachments | ||
|---|---|---|
| Add attachment proposed patch, testcase, etc. |
Alexey Proskuryakov
Crashing on this line:
renderer()->updateFromElement();
Alexey Proskuryakov
<rdar://problem/10861627>
Berend-Jan Wever
From a dup it looks like the underlying problem is that a dragging something over an HTMLInputElement while modifying that element causes this NULL ptr.
Kent Tamura
*** This bug has been marked as a duplicate of bug 80648 ***