RESOLVED WORKSFORME 44172
[chromium] WebKit::WebFormElement::getFormControlElements ReadAV@NULL 
https://bugs.webkit.org/show_bug.cgi?id=44172
Summary [chromium] WebKit::WebFormElement::getFormControlElements ReadAV@NULL
Berend-Jan Wever
Reported 2010-08-18 06:47:31 PDT
Created attachment 64700 [details] Repro The following repro causes a NULL pointer in Chromium latest: <body onload=" document.write('<svg><form><strike><form>'); document.close(); "> id: WebKit::WebFormElement::getFormControlElements ReadAV@NULL (c289b174a22e30d5c270e0327fe517e9) description: Attempt to read from NULL pointer (+0x60) in WebKit::WebFormElement::getFormControlElements stack: WebKit::WebFormElement::getFormControlElements FormManager::ExtractForms AutoFillHelper::FrameContentsAvailable RenderView::didFinishDocumentLoad WebKit::FrameLoaderClientImpl::dispatchDidFinishDocumentLoad WebCore::FrameLoader::finishedParsing WebCore::Document::finishedParsing WebCore::DocumentWriter::endIfNotLoadingMainResource WebCore::Document::close WebCore::HTMLDocumentInternal::closeCallback v8::internal::HandleApiCallHelper<...> v8::internal::Builtin_HandleApiCall v8::internal::Invoke v8::internal::Execution::Call ...
Attachments
Repro (84 bytes, text/html)
2010-08-18 06:47 PDT, Berend-Jan Wever 		no flags
Details
View All Add attachment proposed patch, testcase, etc.
Eric Seidel (no email)
Comment 1 2010-08-18 08:43:16 PDT
Probably related to bug 43055 as well, not sure.
Eric Seidel (no email)
Comment 2 2010-08-18 09:54:35 PDT
This looks chromium-only.
Berend-Jan Wever
Comment 3 2011-07-28 01:03:13 PDT
This seems to have been fixed by now.
Note You need to log in before you can comment on or make changes to this bug.