15760 2007-10-30 01:00:37 -0700 Crash with ridiculous number of classes on an element 2007-12-14 14:36:16 -0800 1 1 1 Unclassified WebKit WebCore Misc. 523.x (Safari 3) Mac OS X 10.5 RESOLVED FIXED http://dscoder.com/crazyclasstest.html P2 Normal --- 1 catfish.man webkit-unassigned oldest_to_newest 59835 0 catfish.man 2007-10-30 01:00:37 -0700 The destructor for AtomicStringList is recursive, and can run out of stack space when the number of classes is too high. Load the test url, then close the window or reload to trigger the crash. The testcase is currently 14MB; I haven't yet determined what the cutoff point where it stops crashing is. A reasonable solution (which I hope to find time to try) would be to make AtomicStringList be Vector based instead of a linked list. 64207 1 sam 2007-12-14 13:59:31 -0800 This was probably fixed in r28722 which switched the data structure to use a Vector. David, can you verify this. 64210 2 catfish.man 2007-12-14 14:36:16 -0800 This is fixed as of r28722 :)