RESOLVED DUPLICATE of bug 80648 78587
REGRESSION(r99369?): Crash on http://www.sendspace.com/ 
https://bugs.webkit.org/show_bug.cgi?id=78587
Summary REGRESSION(r99369?): Crash on http://www.sendspace.com/
Kent Tamura
Reported 2012-02-14 01:16:10 PST
http://code.google.com/p/chromium/issues/detail?id=113630 Dragging files on an <input type=file> in www.sendspace.com causes a crash. Stack trace on Google Chrome 17: Thread 0 *CRASHED* ( EXC_BAD_ACCESS / KERN_PROTECTION_FAILURE @ 0x00000000 ) 0x6823cca1 [Google Chrome Framework - HTMLInputElement.cpp:1425] WebCore::HTMLInputElement::setCanReceiveDroppedFiles 0x68626abf [Google Chrome Framework - DragController.cpp:337] WebCore::DragController::tryDocumentDrag 0x68625136 [Google Chrome Framework - DragController.cpp:253] WebCore::DragController::dragEnteredOrUpdated 0x6862548e [Google Chrome Framework - DragController.cpp:192] WebCore::DragController::dragUpdated 0x6805c63a [Google Chrome Framework - WebViewImpl.cpp:2295] WebKit::WebViewImpl::dragTargetDragEnterOrOver 0x6805c6ef [Google Chrome Framework - WebViewImpl.cpp:2229] WebKit::WebViewImpl::dragTargetDragOver 0x68f86d1e [Google Chrome Framework - render_view_impl.cc:3796] RenderViewImpl::OnMessageReceived
Attachments
Add attachment proposed patch, testcase, etc.
Alexey Proskuryakov
Comment 1 2012-02-14 10:48:26 PST
Crashing on this line: renderer()->updateFromElement();
Alexey Proskuryakov
Comment 2 2012-02-14 10:48:41 PST
<rdar://problem/10861627>
Berend-Jan Wever
Comment 3 2012-02-17 03:48:03 PST
From a dup it looks like the underlying problem is that a dragging something over an HTMLInputElement while modifying that element causes this NULL ptr.
Kent Tamura
Comment 4 2012-03-08 17:11:22 PST
*** This bug has been marked as a duplicate of bug 80648 ***
Note You need to log in before you can comment on or make changes to this bug.