Chromium: https://code.google.com/p/chromium/issues/detail?id=88924 Repro: <body onload="go()"><pre style="word-wrap: break-word; white-space: pre-wrap;">x</pre></body> <script> function go() { document.execCommand("SelectAll", false); document.designMode="on"; document.execCommand("Underline"); document.execCommand("InsertHorizontalRule", false); document.execCommand("InsertOrderedList"); document.execCommand("insertimage", false); document.execCommand("insertimage", false); document.execCommand("JustifyRight"); document.execCommand("InsertHorizontalRule", false); document.execCommand("SelectAll", false); document.execCommand("insertorderedlist", false); } </script> The repro will cause very deeply (infinitely?) nested tags. It's obvious that this should not happend. This deep nesting leads to stack overflow in one of these three locations: http://codesearch.google.com/codesearch#OAMlx_jo-ck/src/third_party/WebKit/Source/WebCore/rendering/RenderObject.cpp&q=RenderObject::removeLayers&exact_package=chromium&l=466 http://codesearch.google.com/codesearch#OAMlx_jo-ck/src/third_party/WebKit/Source/WebCore/dom/Element.cpp&q=Element::recalcStyle&exact_package=chromium&l=1176 http://codesearch.google.com/codesearch#OAMlx_jo-ck/src/third_party/WebKit/Source/WebCore/rendering/RenderObject.cpp&q=addLayers&exact_package=chromium&l=442