Created attachment 74025 [details] Repro Repro.html: <svg ><form><i><form > id: chrome.dll!WebKit::WebFormElement::getFormControlElements ReadAV@NULL (a9319ca20fca72f2fd751c8b3b19773c) description: Attempt to read from unallocated NULL pointer+0x68 in chrome.dll!WebKit::WebFormElement::getFormControlElements application: Chromium 9.0.586.0 stack: chrome.dll!WebKit::WebFormElement::getFormControlElements chrome.dll!FormManager::ExtractForms chrome.dll!AutoFillHelper::FrameContentsAvailable chrome.dll!RenderView::didFinishDocumentLoad chrome.dll!WebKit::FrameLoaderClientImpl::dispatchDidFinishDocumentLoad chrome.dll!WebCore::FrameLoader::finishedParsing chrome.dll!WebCore::Document::finishedParsing chrome.dll!WebCore::HTMLDocumentParser::prepareToStopParsing chrome.dll!WebCore::DocumentWriter::endIfNotLoadingMainResource chrome.dll!WebCore::FrameLoader::finishedLoading chrome.dll!WebCore::MainResourceLoader::didFinishLoading chrome.dll!WebCore::ResourceLoader::didFinishLoading chrome.dll!WebCore::ResourceHandleInternal::didFinishLoading chrome.dll!webkit_glue::WebURLLoaderImpl::Context::OnCompletedRequest chrome.dll!ResourceDispatcher::OnRequestComplete chrome.dll!IPC::MessageWithTuple<...>::Dispatch<ResourceDispatcher,void chrome.dll!ResourceDispatcher::DispatchMessageW chrome.dll!ResourceDispatcher::OnMessageReceived chrome.dll!ChildThread::OnMessageReceived chrome.dll!RunnableMethod<browser_sync::SyncBackendHost::Core,void chrome.dll!MessageLoop::RunTask chrome.dll!MessageLoop::DoWork chrome.dll!base::MessagePumpDefault::Run chrome.dll!MessageLoop::RunInternal chrome.dll!MessageLoop::Run chrome.dll!RendererMain ...