Bug 37589 - WebCore::Position::getInlineBoxAndOffset RecursionSOV (2ff151b84dcc5cb5ce97a6de6d406158)
Summary: WebCore::Position::getInlineBoxAndOffset RecursionSOV (2ff151b84dcc5cb5ce97a6...
Status: RESOLVED FIXED
Alias: None
Product: WebKit
Classification: Unclassified
Component: HTML Editing (show other bugs)
Version: 528+ (Nightly build)
Hardware: PC Windows Vista
: P1 Normal
Assignee: Nobody
URL:
Keywords:
Depends on:
Blocks:
 
Reported: 2010-04-14 11:21 PDT by Berend-Jan Wever
Modified: 2010-05-17 12:50 PDT (History)
5 users (show)

See Also:

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description Berend-Jan Wever 2010-04-14 11:21:37 PDT 
http://code.google.com/p/chromium/issues/detail?id=41494
--- Repro ---------------------------------------------------------------
<object>x</object>
<script>
    document.execCommand("SelectAll", false);
    document.designMode = "on";
    document.execCommand("InsertNewlineInQuotedContent");
</script>
--- Details -------------------------------------------------------------
id:          WebCore::Position::getInlineBoxAndOffset RecursionSOV (2ff151b84dcc5cb5ce97a6de6d406158)
description: Recursive function call in WebCore::Position::getInlineBoxAndOffset: 13548 loops
stack:       WebCore::positionInParentBeforeNode
             WebCore::PositionIterator::operator WebCore::Position
             WebCore::Position::upstream
             -- Start of 13548 loops --
               WebCore::Position::getInlineBoxAndOffset
             -- End of loop --
             WebCore::rootBoxForLine
             WebCore::startPositionForLine
             WebCore::startOfLine
             WebCore::isStartOfLine
             WebCore::Position::previousCharacterPosition
             WebCore::Position::leadingWhitespacePosition
             WebCore::DeleteSelectionCommand::initializePositionData
             WebCore::DeleteSelectionCommand::doApply
             WebCore::EditCommand::apply
             WebCore::CompositeEditCommand::applyCommandToComposite
             WebCore::CompositeEditCommand::deleteSelection
             WebCore::BreakBlockquoteCommand::doApply
             WebCore::EditCommand::apply
             WebCore::CompositeEditCommand::applyCommandToComposite
             WebCore::TypingCommand::insertParagraphSeparatorInQuotedContent
             WebCore::EditCommand::apply
             WebCore::applyCommand
             WebCore::TypingCommand::insertParagraphSeparatorInQuotedContent
             WebCore::executeInsertNewlineInQuotedContent
             WebCore::Editor::Command::execute
             WebCore::Document::execCommand
             WebCore::DocumentInternal::execCommandCallback
             v8::internal::HandleApiCallHelper<...>
             v8::internal::Builtin_HandleApiCall
             v8::internal::Invoke
             v8::internal::Execution::Call
             v8::Script::Run
             WebCore::V8Proxy::runScript
             WebCore::V8Proxy::evaluate
             WebCore::ScriptController::evaluate
             WebCore::ScriptController::executeScript
             WebCore::HTMLTokenizer::scriptExecution
             WebCore::HTMLTokenizer::scriptHandler
             WebCore::HTMLTokenizer::parseNonHTMLText
             WebCore::HTMLTokenizer::parseTag
             WebCore::HTMLTokenizer::write
             WebCore::FrameLoader::write
             WebCore::FrameLoader::endIfNotLoadingMainResource
             WebCore::FrameLoader::finishedLoading
             WebCore::MainResourceLoader::didFinishLoading
             WebCore::ResourceLoader::didFinishLoading
             webkit_glue::WebURLLoaderImpl::Context::OnCompletedRequest
             ...etc...
Comment 1 Xiaomei Ji 2010-05-17 12:50:19 PDT 
fixed in r59516
http://trac.webkit.org/changeset/59516/trunk