Closed Bug 101365 Opened 24 years ago Closed 23 years ago

Browser crashes when browsing the vulnerabilities database part of the site

Categories

(Core :: Graphics: ImageLib, defect)

Product:
Core
Component:
Graphics: ImageLib
Platform:
x86
Linux
Type:
defect
Priority:
Not set
Severity:
critical

Tracking

()

Status:
VERIFIED WORKSFORME

People

(Reporter: dkropivnitskiy, Assigned: pavlov)

References

(
URL
)

Details

(Keywords: crash)

Attachments

(1 file)

Talk Back agent
33.99 KB, text/plain
Details
From Bugzilla Helper: User-Agent: Mozilla/5.0 (X11; U; Linux i686; en-US; rv:0.9.4) Gecko/20010917 BuildID: 2001091717 Browser crashes when trying to access securityfocus.com. For testing I would suggest going to http://www.securityfocus.com/cgi-bin/vulns.pl?section=vendor and switching between the tabs a bit. Also choose a piece of software and then switch to a different tab. Reproducible: Always Steps to Reproduce: See description Actual Results: Crash Expected Results: Browse
Reporter, Can you use a Talkback-enabled build available here: http://ftp.mozilla.org/pub/mozilla/nightly/latest/mozilla-i686-pc-linux-gnu-sea.tar.gz and report a Talkback ID when crashing. Do you have Java or Flash installed ?
Looks like bug 101506
Yes it is the same bug as 101506. I have found it to happen more frequently in this particular situation. Rather unfortunately securityfocus.com just changed their site design, so this might be something different now. I have both flash and java, and I will run the talkback version and get back to you.
Attached file Talk Back agent
Here is the feedback agent info, with this build the behavior changed and out of 4 times I tried to replay the bug, 3 times mozilla froze and had to be killed. 4th time though it crashed all by itself and that's where I got the talkback from.
Reporter, Can you mention the Talkback ID from your crash ? Go to mozilla/components/ and launch the talkback binary, it should mention a Talkback ID (such as TB1234567......) related to your crash. It's easier for Netscape engineers to decode the stack with this. BTW, can you also try without Flash nor Java and report Talkback ID (if you manage to crash) ? It might ease confirming this bug as a dup of bug 101506.
This is strange, since I have sent the whole thing as an attachment, but here they are: TB35913205X and TB35913085K
Asa, can you retreive talkback data ?
Severity: major → critical
Keywords: crash
Incident ID 35913205 Stack Signature libc.so.6 + 0x70c3d (0x404e6c3d) 78391e4c Bug ID Trigger Time 2001-09-26 10:19:51 Email Address dkropivnitskiy@tigertesting.com User Comments trying to change tab in /cgi-bin/vulns.pl Build ID 2001092608 Product ID MozillaTrunk Platform ID LinuxIntel Trigger Reason SIGSEGV: Segmentation Fault: (signal 11) Stack Trace libc.so.6 + 0x70c3d (0x404e6c3d) libc.so.6 + 0x70b03 (0x404e6b03) libstdc++-libc6.1-1.so.2 + 0x30d1e (0x405b7d1e) XPCWrappedNative::~XPCWrappedNative() XPCWrappedNative::Release() XPCWrappedNative::FlatJSObjectFinalized() XPC_WN_NoHelper_Finalize() js_FinalizeObject() js_GC() js_ForceGC() JS_GC() nsJSContext::GC() GlobalWindowImpl::SetNewDocument() DocumentViewerImpl::Init() nsDocShell::SetupNewViewer() nsWebShell::SetupNewViewer() nsDocShell::Embed() nsWebShell::Embed() nsDocShell::CreateContentViewer() nsDSURIContentListener::DoContent() nsDocumentOpenInfo::DispatchContent() nsDocumentOpenInfo::OnStartRequest() nsHttpChannel::ProcessNormal() nsHttpChannel::ProcessResponse() nsHttpChannel::OnStartRequest() nsOnStartRequestEvent::HandleEvent() nsARequestObserverEvent::HandlePLEvent() PL_HandleEvent() PL_ProcessPendingEvents() nsEventQueueImpl::ProcessPendingEvents() event_processor_callback() our_gdk_io_invoke() libglib-1.2.so.0 + 0xec40 (0x4034fc40) libglib-1.2.so.0 + 0x10308 (0x40351308) libglib-1.2.so.0 + 0x10913 (0x40351913) libglib-1.2.so.0 + 0x10aac (0x40351aac) libgtk-1.2.so.0 + 0x8d7e7 (0x402747e7) nsAppShell::Run() nsAppShellService::Run() main1() main() libc.so.6 + 0x1d2eb (0x404932eb) and Incident ID 35913085 Stack Signature libc.so.6 + 0x70c2e (0x404e6c2e) 1afd528b Bug ID Trigger Time 2001-09-26 10:09:24 Email Address dkropivnitskiy@tigertesting.com User Comments Tried to change the tab in /cgi-bin/vulns.pl Build ID 2001092608 Product ID MozillaTrunk Platform ID LinuxIntel Trigger Reason SIGSEGV: Segmentation Fault: (signal 11) Stack Trace libc.so.6 + 0x70c2e (0x404e6c2e) libc.so.6 + 0x70b03 (0x404e6b03) PR_Free() nsMemoryImpl::Free() nsMemory::Free() JSClassSweeper() JS_DHashTableEnumerate() XPCJSRuntime::GCCallback() DOMGCCallback() js_GC() js_ForceGC() JS_GC() nsJSContext::GC() GlobalWindowImpl::SetNewDocument() DocumentViewerImpl::Init() nsDocShell::SetupNewViewer() nsWebShell::SetupNewViewer() nsDocShell::Embed() nsWebShell::Embed() nsDocShell::CreateContentViewer() nsDSURIContentListener::DoContent() nsDocumentOpenInfo::DispatchContent() nsDocumentOpenInfo::OnStartRequest() nsHttpChannel::ProcessNormal() nsHttpChannel::ProcessResponse() nsHttpChannel::OnStartRequest() nsOnStartRequestEvent::HandleEvent() nsARequestObserverEvent::HandlePLEvent() PL_HandleEvent() PL_ProcessPendingEvents() nsEventQueueImpl::ProcessPendingEvents() event_processor_callback() our_gdk_io_invoke() libglib-1.2.so.0 + 0xec40 (0x4034fc40) libglib-1.2.so.0 + 0x10308 (0x40351308) libglib-1.2.so.0 + 0x10913 (0x40351913) libglib-1.2.so.0 + 0x10aac (0x40351aac) libgtk-1.2.so.0 + 0x8d7e7 (0x402747e7) nsAppShell::Run() nsAppShellService::Run() main1() main() libc.so.6 + 0x1d2eb (0x404932eb)
Sig11 can be a hardware problem: http://www.bitwizard.nl/sig11/ . Perhaps it's very sensitive, and the slightest bug triggers the crash. Try to run RC5 ( http://www.distributed.net/ ) and compiling kernel, I reproduce Sig11 with this every time on my AMD K6 machine. Perhaps dup of bug 98756 (I got a Sig11 on this one with AMD CPU, but might be a hardware problem ?) or dup of bug 86591. Sig11 being a hardware problem is very strange because bug 101506 was submitted nearly at the same as this one and on the same site (securityfocus.com).
I have been compiling kernels on this system many times. I have seen load 60 on this system without problems. All the rest of the applications run just fine including memory hogging ones ( KDE, GNOME, netscape, nessus ). More then that, if I don't go to securityfocus.com I can browse for hours without crashing.
Oh, yes, and in case you have been wondering the ids I have sent you are from the times mozilla froze on securityfocus.com since after it crashes on that one it doesn't leave the talkback info.
This is a normal one TB35924293E
Sorry if I seemed 'agressive', the Sig11 also occurs on my machine with a K6/2-500 and I was told it's a hardware problem although it's been a stable web server for years. I'm trying to reproduce Sig11 problems on non-K6 machines, perhaps it's finally nothing to do with a hardware problem after all...
Incident ID 35924293 Stack Signature nsCOMPtr_base::~nsCOMPtr_base() f823c795 Bug ID Trigger Time 2001-09-26 14:46:25 Email Address dkropivnitskiy@tigertesting.com User Comments Tried to switch tabs again Build ID 2001092608 Product ID MozillaTrunk Platform ID LinuxIntel Trigger Reason SIGSEGV: Segmentation Fault: (signal 11) Stack Trace nsCOMPtr_base::~nsCOMPtr_base() XPCWrappedNative::~XPCWrappedNative() XPCWrappedNative::Release() XPCWrappedNative::FlatJSObjectFinalized() <snip>....
*** Bug 102137 has been marked as a duplicate of this bug. ***
*** Bug 101506 has been marked as a duplicate of this bug. ***
Adding talkback data from bug 101506 which is obviously the same bug happening on same platform and same URL: Incident ID 35847433 Stack Signature libX11.so.6 + 0x2102f (0x403b102f) f4e0ddf9 Bug ID Trigger Time 2001-09-25 03:27:45 Email Address tet@accucard.com User Comments Just reading the page. It had finished loading, and after a few seconds (maybe a minute or so), the browser just died. Note that this is repeatable by going to the same site. Build ID 2001091311 Product ID Netscape6.20 Platform ID LinuxIntel Trigger Reason SIGSEGV: Segmentation Fault: (signal 11) Stack Trace libX11.so.6 + 0x2102f (0x403b102f) nsImageGTK::DrawToImage() gfxImageFrame::DrawTo() imgContainer::DoComposite() imgContainer::Notify() nsTimerGtk::FireTimeout() process_timers() TimerCallbackFunc() libglib-1.2.so.0 + 0x12731 (0x4036e731) libglib-1.2.so.0 + 0x117f3 (0x4036d7f3) libglib-1.2.so.0 + 0x11dd9 (0x4036ddd9) libglib-1.2.so.0 + 0x11f8c (0x4036df8c) libgtk-1.2.so.0 + 0x94803 (0x40282803) nsAppShell::Run() nsAppShellService::Run() main1() main() libc.so.6 + 0x1c177 (0x404b0177) and without flash: Incident ID 35852616 Stack Signature libc.so.6 + 0x80017 (0x40514017) bbbb7e01 Bug ID Trigger Time 2001-09-25 05:54:49 Email Address tet@accucard.com User Comments Just leaving the page to go to a new one (by typing in a new URL) Build ID 2001091311 Product ID Netscape6.20 Platform ID LinuxIntel Trigger Reason SIGSEGV: Segmentation Fault: (signal 11) Stack Trace libc.so.6 + 0x80017 (0x40514017) libc.so.6 + 0x7fd59 (0x40513d59) libstdc++-libc6.1-1.so.2 + 0x3132e (0x405f532e) nsImageGTK::~nsImageGTK() nsImageGTK::Release() nsCOMPtr_base::~nsCOMPtr_base() gfxImageFrame::~gfxImageFrame() gfxImageFrame::Release() nsSupportsArray::Clear() imgContainer::~imgContainer() imgContainer::Release() nsCOMPtr_base::~nsCOMPtr_base() imgRequest::~imgRequest() imgRequest::Release() EventHandler() PL_HandleEvent() PL_ProcessEventsBeforeID() processQueue() nsVoidArray::EnumerateForwards() nsAppShell::ProcessBeforeID() handle_gdk_event() libgdk-1.2.so.0 + 0x17e4f (0x4033ae4f) libglib-1.2.so.0 + 0x117f3 (0x4036d7f3) libglib-1.2.so.0 + 0x11dd9 (0x4036ddd9) libglib-1.2.so.0 + 0x11f8c (0x4036df8c) libgtk-1.2.so.0 + 0x94803 (0x40282803) nsAppShell::Run() nsAppShellService::Run() main1() main() libc.so.6 + 0x1c177 (0x404b0177)
Status: UNCONFIRMED → NEW
Ever confirmed: true
->imagelib.
Assignee: asa → pavlov
Component: Browser-General → ImageLib
QA Contact: doronr → tpreston
*** Bug 102889 has been marked as a duplicate of this bug. ***
The last stack trace is the same as one of the ones in bug 92577, which is a topcrash.
*** Bug 103666 has been marked as a duplicate of this bug. ***
I'm no longer seeing a crash here, reporter are you still seeing this with a new build? I'm closing out as WFM but please reopen if you are still crashing
Status: NEW → RESOLVED
Closed: 23 years ago
Resolution: --- → WORKSFORME
Still WFM linux build 2002012808, marking as such
Status: RESOLVED → VERIFIED
You need to log in before you can comment on or make changes to this bug.

Attachment

General

Creator:
Created:
Updated:
Size: