Closed
Bug 306502
Opened 19 years ago
Closed 19 years ago
[FIXr]Hang loading page with mimetype application/javascript
Categories
(Core :: DOM: Core & HTML, defect)
Core
DOM: Core & HTML
Tracking
()
RESOLVED
FIXED
People
(Reporter: jruderman, Assigned: bzbarsky)
References
()
Details
(Keywords: hang, verified1.8)
Attachments
(2 files)
60 bytes,
text/plain
|
Details | |
7.12 KB,
patch
|
mrbkap
:
review+
brendan
:
superreview+
brendan
:
approval1.8b4+
|
Details | Diff | Splinter Review |
Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.8b4) Gecko/20050830 Firefox/1.0+ Loading https://bugzilla.mozilla.org/attachment.cgi?id=194365 hangs Firefox.
Reporter | ||
Comment 1•19 years ago
|
||
Attachment 194365 [details], which hangs Firefox, is a .js file from bug 256246 comment 2.
Comment 2•19 years ago
|
||
Can reproduce on 1.8 branch. Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.8b4) Gecko/20050828 Firefox/1.0+ Appears to be due to a "Content-type: application/javascript" header on the file, planted by the chosen MIME type for that attachment. Attaching PHP source as text file with only this line. Title should be changed to reflect.
Comment 3•19 years ago
|
||
Demonstration URL. May crash your browser. http://hao2lian.f2o.org/caged/bug306502.php
Comment 4•19 years ago
|
||
Bugspam. Hang, not crash.
Reporter | ||
Updated•19 years ago
|
Status: UNCONFIRMED → NEW
Component: General → Layout
Ever confirmed: true
Product: Firefox → Core
QA Contact: general → layout
Summary: Hang loading this Bugzilla attachment → Hang loading page with mimetype application/javascript
Version: 1.5 Branch → 1.8 Branch
Comment 5•19 years ago
|
||
More MIME types that hang for me: http://hao2lian.f2o.org/caged/bug306502/app-ecmascript.php (application/emcascript) http://hao2lian.f2o.org/caged/bug306502/text-ecmascript.php (text/ecmascript) Will not: http://hao2lian.f2o.org/caged/bug306502/text-javascript.php (text/javascript) http://hao2lian.f2o.org/caged/bug306502/app-x-javascript.php (application/x-javascript) Wild guess would be that all the new JS MIME types are hanging from Bug 62485.
Comment 7•19 years ago
|
||
loop at line 1974 in nsParser.cpp while((result==NS_OK) && (theIterationIsOk)) looks like the offender. nsParser::ResumeParse(int 0x00000001, int 0x00000001, int 0x00000001) line 1974 nsParser::OnStopRequest(nsParser * const 0x02e51894, nsIRequest * 0x02e4f0d0, nsISupports * 0x00000000, unsigned int 0x80004005) line 2719 + 21 bytes nsDocumentOpenInfo::OnStopRequest(nsDocumentOpenInfo * const 0x02e5f478, nsIRequest * 0x02e4f0d0, nsISupports * 0x00000000, unsigned int 0x80004005) line 390 nsStreamListenerTee::OnStopRequest(nsStreamListenerTee * const 0x02ede198, nsIRequest * 0x02e4f0d0, nsISupports * 0x00000000, unsigned int 0x80004005) line 66 nsHttpChannel::OnStopRequest(nsHttpChannel * const 0x02e4f0d8, nsIRequest * 0x02e685a8, nsISupports * 0x00000000, unsigned int 0x80004005) line 4070 nsInputStreamPump::OnStateStop() line 507 nsInputStreamPump::OnInputStreamReady(nsInputStreamPump * const 0x02e685ac, nsIAsyncInputStream * 0x02e68370) line 343 + 11 bytes nsInputStreamReadyEvent::EventHandler(PLEvent * 0x02e6869c) line 120 PL_HandleEvent(PLEvent * 0x02e6869c) line 688 + 10 bytes PL_ProcessPendingEvents(PLEventQueue * 0x00ae3498) line 623 + 9 bytes _md_TimerProc(HWND__ * 0x06fe021c, unsigned int 0x00000113, unsigned int 0x00000000, unsigned long 0x06aa203f) line 1013 + 9 bytes USER32! 77d48734() USER32! 77d49857() USER32! 77d49791() USER32! 77d48a10() nsAppShell::Run(nsAppShell * const 0x00b61308) line 135 nsAppStartup::Run(nsAppStartup * const 0x00b61268) line 145 + 26 bytes XRE_main(int 0x00000003, char * * 0x003f6cf8, const nsXREAppData * 0x0042201c kAppData) line 2322 + 35 bytes main(int 0x00000003, char * * 0x003f6cf8) line 61 + 18 bytes mainCRTStartup() line 338 + 17 bytes KERNEL32! 7c816d4f()
Comment 8•19 years ago
|
||
Parser, that's spelled m-r-b-k-a-p ;-). /be
Assignee | ||
Updated•19 years ago
|
Blocks: text-ecmascript
Assignee | ||
Comment 9•19 years ago
|
||
So there are three things going on here: 1) The patch for bug 62485 was bogus. It caused us to try parsing this data with the nsExpatDriver DTD but with nsHTMLContentSink as the sink. 2) nsExpatDriver could be better about dealing with a sink that's not an nsIExpatSink (could store the error in mInternalState). 3) nsParser::OnStopRequest stomps on an rv that it shouldn't stomp on (but this only matters for 0-length data streams like this bug's testcase URI). Either of the first two changes would fix this bug; I propose we make both of them; patch coming up as soon as I wrap up some other things. Note that the hang is easily reproducible with the following URI: data:application/javascript,hang which suggests to me that no one ever tested the part of the patch for bug 62485 that touches nsContentDLF. Or gotten that part reviewed by a content peer, for that matter... :(
Flags: blocking1.8b4+
Assignee | ||
Comment 10•19 years ago
|
||
Attachment #194440 -
Flags: superreview?(brendan)
Attachment #194440 -
Flags: review?(mrbkap)
Comment 11•19 years ago
|
||
Comment on attachment 194440 [details] [diff] [review] Fix those three things r=mrbkap
Attachment #194440 -
Flags: review?(mrbkap) → review+
Comment 12•19 years ago
|
||
Comment on attachment 194440 [details] [diff] [review] Fix those three things If I were someone nick'ed after a precious metal, I would blame the broken design that couples nsContentDLF to nsParser magically. But I'll blame me for not reviewing better last time, and wonder why you are letting me sr! Still, from a sr point of view this all looks good. Comment the coupling to nsContentDLF (in both places)? /be
Attachment #194440 -
Flags: superreview?(brendan)
Attachment #194440 -
Flags: superreview+
Attachment #194440 -
Flags: approval1.8b4+
Assignee | ||
Comment 13•19 years ago
|
||
> I would blame the broken design And you'd be right! If only parser and layout were a single module, I could just have a single shared table both could use. As things stand, I suppose I can hook up a service to do that or something.... Been meaning to do that for ages; any ideas on doing it well are much appreciated. > Comment the coupling to nsContentDLF (in both places)? Will do.
Assignee | ||
Updated•19 years ago
|
Assignee: nobody → bzbarsky
OS: Windows XP → All
Hardware: PC → All
Summary: Hang loading page with mimetype application/javascript → [FIXr]Hang loading page with mimetype application/javascript
Version: 1.8 Branch → Trunk
Assignee | ||
Comment 14•19 years ago
|
||
Fixed trunk and branch
Updated•19 years ago
|
Keywords: fixed1.8 → verified1.8
Updated•5 years ago
|
Component: DOM → DOM: Core & HTML
You need to log in
before you can comment on or make changes to this bug.
Description
•