Created attachment 135818 [details] Crash log Steps to reproduce: 1) In the dragstart callback for a draggable element, call event.dataTransfer.setDragImage(document.createElement('div'), 0, 0). What should happen: In browsers that support passing an HTML element to setDragImage, the element should be painted below the cursor while dragging. WebKit does not seem to support this behaviour, so I would expect the default drag image to be used instead. What happens instead: The page reloads immediately and a crash log is saved to ~/Library/Logs/DiagnosticReports on Mac OS. The Drag and Drop section of the HTML5 spec says[1]: If the element argument is an img element, then set the drag data store bitmap to the element's image (at its intrinsic size); otherwise, set the drag data store bitmap to an image generated from the given element (the exact mechanism for doing so is not currently specified). [1] http://www.w3.org/TR/2011/WD-html5-20110405/dnd.html#dom-datatransfer-setdragimage
Asserts in debug builds: PassRefPtr<SharedMemory> SharedMemory::create(size_t size) { ASSERT(size); Not immediately sure which level is right for a null check.
Created attachment 135859 [details] test case
<rdar://problem/11192720>
I can reproduce the problem using Alexey's test case in Safari 6.0.5, but not in the latest nightly, r153061 built on 23 July 2013.
Looks like dragging may not work at all on the test case any more, masking the crash. I'm not sure if the crash has been addressed.
Possibly related: https://bugs.webkit.org/show_bug.cgi?id=119027
I believe it still takes place in one form or another. See these SO links https://stackoverflow.com/questions/22565909/setdragimage-on-safari-crashes-unexpectedly?noredirect=1&lq=1 https://stackoverflow.com/questions/48973815/javascript-html5-drag-events-not-firing-on-safari-mac-dragging-does-not-work/58407105
Does not reproduce for me on macOS Catalina. Maybe a dupe of https://bugs.webkit.org/show_bug.cgi?id=191817?