[Webkit-unassigned] [Bug 30898] Browser crash by deeply nested elements
bugzilla-daemon at webkit.org
bugzilla-daemon at webkit.org
Mon Nov 9 22:22:55 PST 2009
https://bugs.webkit.org/show_bug.cgi?id=30898
--- Comment #5 from TAMURA, Kent <tkent at chromium.org> 2009-11-09 22:22:55 PDT ---
Created an attachment (id=42847)
--> (https://bugs.webkit.org/attachment.cgi?id=42847)
A demo patch
The patch introduces the limitation of renderer tree depth.
It resolves both of the .svg case and the HTML case.
I'm not sure whether adding a new field to RenderObject is reasonable or not.
--
Configure bugmail: https://bugs.webkit.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug.
More information about the webkit-unassigned
mailing list