[Webkit-unassigned] [Bug 209585] New: Crash in RadioButtonGroups::requiredStateChanged

bugzilla-daemon at webkit.org bugzilla-daemon at webkit.org
Thu Mar 26 00:31:35 PDT 2020 

https://bugs.webkit.org/show_bug.cgi?id=209585

            Bug ID: 209585
           Summary: Crash in RadioButtonGroups::requiredStateChanged
           Product: WebKit
           Version: WebKit Nightly Build
          Hardware: Unspecified
                OS: Unspecified
            Status: NEW
          Severity: Normal
          Priority: P2
         Component: Forms
          Assignee: webkit-unassigned at lists.webkit.org
          Reporter: rniwa at webkit.org
                CC: cdumez at apple.com, wenson_hsieh at apple.com

e.g.

1   0x6aa089a19 WTFCrash
2   0x68d1959bb WTFCrashWithInfo(int, char const*, char const*, int)
3   0x68fcb94f7 WebCore::RadioButtonGroups::requiredStateChanged(WebCore::HTMLInputElement&)
4   0x68fff8024 WebCore::HTMLInputElement::requiredStateChanged()
5   0x68ffafa87 WebCore::HTMLFormControlElement::parseAttribute(WebCore::QualifiedName const&, WTF::AtomString const&)
6   0x6900eec5e WebCore::HTMLTextFormControlElement::parseAttribute(WebCore::QualifiedName const&, WTF::AtomString const&)
7   0x68fff43f0 WebCore::HTMLInputElement::parseAttribute(WebCore::QualifiedName const&, WTF::AtomString const&)
8   0x68fb8ccf4 WebCore::Element::attributeChanged(WebCore::QualifiedName const&, WTF::AtomString const&, WTF::AtomString const&, WebCore::Element::AttributeModificationReason)
9   0x68fd1accc WebCore::StyledElement::attributeChanged(WebCore::QualifiedName const&, WTF::AtomString const&, WTF::AtomString const&, WebCore::Element::AttributeModificationReason)
10  0x68fb934b2 WebCore::Element::didAddAttribute(WebCore::QualifiedName const&, WTF::AtomString const&)
11  0x68fb93400 WebCore::Element::addAttributeInternal(WebCore::QualifiedName const&, WTF::AtomString const&, WebCore::Element::SynchronizationOfLazyAttribute)
12  0x68fb8c3f5 WebCore::Element::setAttributeInternal(unsigned int, WebCore::QualifiedName const&, WTF::AtomString const&, WebCore::Element::SynchronizationOfLazyAttribute)
13  0x68fb859c2 WebCore::Element::setAttribute(WebCore::QualifiedName const&, WTF::AtomString const&)
14  0x68fb85925 WebCore::Element::setBooleanAttribute(WebCore::QualifiedName const&, bool)
15  0x68ddda3be WebCore::setJSHTMLInputElementRequiredSetter(JSC::JSGlobalObject&, WebCore::JSHTMLInputElement&, JSC::JSValue, JSC::ThrowScope&)::'lambda'()::operator()() const
16  0x68ddda34d std::__1::enable_if<std::is_same<void, decltype(fp1())>::value, void>::type WebCore::AttributeSetter::call<WebCore::setJSHTMLInputElementRequiredSetter(JSC::JSGlobalObject&, WebCore::JSHTMLInputElement&, JSC::JSValue, JSC::ThrowScope&)::'lambda'()>(JSC::JSGlobalObject&, JSC::ThrowScope&, WebCore::setJSHTMLInputElementRequiredSetter(JSC::JSGlobalObject&, WebCore::JSHTMLInputElement&, JSC::JSValue, JSC::ThrowScope&)::'lambda'()&&)
17  0x68ddda30a WebCore::setJSHTMLInputElementRequiredSetter(JSC::JSGlobalObject&, WebCore::JSHTMLInputElement&, JSC::JSValue, JSC::ThrowScope&)
18  0x68dd2c854 bool WebCore::IDLAttribute<WebCore::JSHTMLInputElement>::set<&(WebCore::setJSHTMLInputElementRequiredSetter(JSC::JSGlobalObject&, WebCore::JSHTMLInputElement&, JSC::JSValue, JSC::ThrowScope&)), (WebCore::CastedThisErrorBehavior)0>(JSC::JSGlobalObject&, long long, long long, char const*)
19  0x68dd2c6fc WebCore::setJSHTMLInputElementRequired(JSC::JSGlobalObject*, long long, long long)
20  0x6ab74414e JSC::callCustomSetter(JSC::JSGlobalObject*, bool (*)(JSC::JSGlobalObject*, long long, long long), bool, JSC::JSValue, JSC::JSValue)
21  0x6ab744222 JSC::callCustomSetter(JSC::JSGlobalObject*, JSC::JSValue, bool, JSC::JSObject*, JSC::JSValue, JSC::JSValue)
22  0x6ab8c72de JSC::JSObject::putInlineSlow(JSC::JSGlobalObject*, JSC::PropertyName, JSC::JSValue, JSC::PutPropertySlot&)
23  0x6ab8c6c8e JSC::JSObject::putInlineForJSObject(JSC::JSCell*, JSC::JSGlobalObject*, JSC::PropertyName, JSC::JSValue, JSC::PutPropertySlot&)

-- 
You are receiving this mail because:
You are the assignee for the bug.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.webkit.org/pipermail/webkit-unassigned/attachments/20200326/e94c906e/attachment.htm>

More information about the webkit-unassigned mailing list