RESOLVED FIXED 34957
REGRESSION: WebKit Crashes when deleting images on blogger.com 
https://bugs.webkit.org/show_bug.cgi?id=34957
Summary REGRESSION: WebKit Crashes when deleting images on blogger.com
Greg
Reported 2010-02-15 12:48:56 PST
Created attachment 48771 [details] Pressing delete would normally delete the image. Instead, it locks up the browser The browser would completely lock up, then crash, if the user selected an image from the blogger editor, and then tried to delete it by pressing delete. I was able to reproduce this bug twice. It works perfectly in Safari, only fails in the nightly build of webkit.
Attachments
Pressing delete would normally delete the image. Instead, it locks up the browser (153.99 KB, image/png)
2010-02-15 12:48 PST, Greg 		no flags
Details
Crash report (130.30 KB, text/plain)
2010-02-15 18:06 PST, Greg 		no flags
Details
Patch (4.03 KB, patch)
2010-02-23 17:38 PST, Enrica Casucci 		simon.fraser: review+
DetailsFormatted DiffDiff
View All Add attachment proposed patch, testcase, etc.
Alexey Proskuryakov
Comment 1 2010-02-15 14:05:41 PST
Could you please attach a crash log? Please see <http://webkit.org/quality/crashlogs.html> for instructions.
Greg
Comment 2 2010-02-15 18:06:37 PST
Created attachment 48784 [details] Crash report
Alexey Proskuryakov
Comment 3 2010-02-15 18:26:47 PST
Looks like infinite recursion in getInlineBoxAndOffset().
Alexey Proskuryakov
Comment 4 2010-02-15 18:27:10 PST
<rdar://problem/7651935>
Enrica Casucci
Comment 5 2010-02-23 17:38:38 PST
Created attachment 49348 [details] Patch
Enrica Casucci
Comment 6 2010-02-23 17:54:05 PST
Committed revision 55179.
Note You need to log in before you can comment on or make changes to this bug.