Closed Bug 418634 Opened 16 years ago Closed 15 years ago

Crash when closing View Source on long URLs

Categories

(Toolkit :: View Source, defect)

Product:
Toolkit
Component:
View Source
Platform:
x86
Windows XP
Type:
defect
Priority:
Not set
Severity:
critical

Tracking

()

Status:
RESOLVED WORKSFORME

People

(Reporter: djessup, Unassigned)

Details

(Keywords: crash, Whiteboard: closeme 2009-05-25) 

User-Agent:       Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.8.1.12) Gecko/20080201 Firefox/2.0.0.12
Build Identifier: Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.8.1.12) Gecko/20080201 Firefox/2.0.0.12

If I open a page using a long URL (or perhaps a long query string), then open View Source, and then close the View Source window, it crashes Firefox.  For example, I have been able to consistently get this problem with the URL
http://www.google.com/firefox?ops_issue_year=%3D&val_issue_year=2007&ops_fice_code=&val_fice_code=&ops_college_name=&val_college_name=&m_state%5B%5D=DC&ops_cmp_ncaa_cur_1=&val_cmp_ncaa_cur_1=&ops_cmp_ncaa_cur_2=&val_cmp_ncaa_cur_2=&ops_cmp_ncaa_cur_3=&val_cmp_ncaa_cur_3=&exec_search=

I have been able to do this on two different computers, one with Firefox 2.0.0.3 and one with Firefox 2.0.0.12.  Both computers are Windows XP SP2.  On the latter computer, the crash brings up notification that Data Execution Prevention is closing the program for a violation.

Reproducible: Always

Steps to Reproduce:
1. Open URL http://www.google.com/firefox?ops_issue_year=%3D&val_issue_year=2007&ops_fice_code=&val_fice_code=&ops_college_name=&val_college_name=&m_state%5B%5D=DC&ops_cmp_ncaa_cur_1=&val_cmp_ncaa_cur_1=&ops_cmp_ncaa_cur_2=&val_cmp_ncaa_cur_2=&ops_cmp_ncaa_cur_3=&val_cmp_ncaa_cur_3=&exec_search=
2. Press Cntl-U or click View -> Page Source.
3. Close the View Source window.
Actual Results:  
One of two situations:
* All of the Firefox windows would simply vanish, and Task Manager would no longer have any firefox.exe process
* A dialog box would open, indicating that Firefox was being shut down by Data Execution Prevention.  If allowed to proceed, another dialog opens, indicating that Firefox is being shut down and requesting whether to send an error report.  Once this dialog is responded to, all Firefox windows vanish as with the prior bullet point, and there is no longer a firefox.exe process in Task Manager.

Expected Results:  
The View Source window should have closed and the remaining Firefox window(s) should remain open.
wfm with FF2.0.0.12 and FF3Beta3 and SM trunk.
Do you get the same in the Firefox safemode ?
Can you please provide a tlakback crash ID ?
http://kb.mozillazine.org/Safe_Mode , http://kb.mozillazine.org/Talkback


(In reply to comment #1)

> Do you get the same in the Firefox safemode ?

I do get the same problems with Firefox in safe mode.  In fact, I have gone through all of the steps at http://kb.mozillazine.org/Standard_diagnostic_%28Firefox%29 up to and including a clean reinstall.

> Can you please provide a tlakback crash ID ?

I can't provide a talkback crash ID because Talkback isn't starting in these crashes.  If I opt out of Data Execution Prevention for Firefox, all of the Firefox windows simply vanish, and there is no firefox.exe process in Task Manager.  If I don't opt out of Data Execution Prevention, then the dialog that comes up indicating that Firefox is being shut down isn't Talkback but something that appears to be native to Windows.
Product: Firefox → Toolkit
Do you get the same crash with FF3.01 ?
You can use http://mversen.de/crash/ which contains a link for an alternative way to get a stack trace with Firefox3 (windbg)
Matthias:

I do get the same crash with FF3.01.  I followed your instructions and here's the access violation message and stack trace:

(864.110): Access violation - code c0000005 (first chance)
First chance exceptions are reported before any exception handling.
This exception may be expected and handled.
eax=00000000 ebx=00000000 ecx=00686698 edx=00070281 esi=000a0002 edi=00000002
eip=4f263d31 esp=0012ef70 ebp=0012ef90 iopl=0         nv up ei pl nz na pe nc
cs=001b  ss=0023  ds=0023  es=0023  fs=003b  gs=0000             efl=00010206
4f263d31 ??              ???
0:000> kp
ChildEBP RetAddr  
WARNING: Frame IP not in any known module. Following frames may be wrong.
0012ef6c 5f525543 0x4f263d31
0012eff0 7c90e453 0x5f525543
0012f014 7e43e1ad ntdll!KiUserCallbackDispatcher+0x13
0012f018 7e43e18a USER32!NtUserCallNextHookEx+0xc
7e43e1ad d7ff406a USER32!CallNextHookEx+0x6f
7e43e1ad 00000000 0xd7ff406a

I hope this is useful.
Are you sure that you did this : "Make sure that the "Debug child processes also" check box is checked. " ?
I wasn't sure that I had checked the "Debug child processes also" check box.  Also, in the week since I ran the debugger on Firefox, FF 3.0.2 and 3.0.3 have come out, so I upgraded the browser to 3.0.3 and reran the test.  Firefox still breaks under the same conditions, and the access violation message and stack trace are:

(c64.efc): Access violation - code c0000005 (first chance)
First chance exceptions are reported before any exception handling.
This exception may be expected and handled.
eax=00000000 ebx=00000000 ecx=0067c6d8 edx=0001023f esi=000a0002 edi=00000002
eip=4f263d31 esp=0012ef70 ebp=0012ef90 iopl=0         nv up ei pl nz na pe nc
cs=001b  ss=0023  ds=0023  es=0023  fs=003b  gs=0000             efl=00010206
4f263d31 ??              ???
1:003> kp
ChildEBP RetAddr  
WARNING: Frame IP not in any known module. Following frames may be wrong.
0012ef6c 5f525543 0x4f263d31
0012eff0 7c90e453 0x5f525543
0012f014 7e43e1ad ntdll!KiUserCallbackDispatcher+0x13
0012f018 7e43e18a USER32!NtUserCallNextHookEx+0xc
7e43e1ad d7ff406a USER32!CallNextHookEx+0x6f
7e43e1ad 00000000 0xd7ff406a

As you can see, the stack trace is still the same.  I'll try one more time, just to triple-check, but that does appear to be what WinDbg is handing me.
Yep, triple check revealed the same result, and the "Debug child processes
also" check box was definitely checked.
WFM also Mozilla/5.0 (Windows; U; Windows NT 6.0; en-US; rv:1.9.1b3pre) Gecko/20081222 Shiretoko/3.1b3pre

perhaps worth checking the beta
David, can you reproduce with beta?
 http://www.mozilla.com/en-US/firefox/all-beta.html
Severity: normal → critical
Keywords: crash
Whiteboard: closeme 2009-05-25
Status: UNCONFIRMED → RESOLVED
Closed: 15 years ago
Resolution: --- → WORKSFORME
You need to log in before you can comment on or make changes to this bug.