Closed
Bug 114007
Opened 23 years ago
Closed 23 years ago
eats all swap
Categories
(Core :: DOM: Core & HTML, defect)
Tracking
()
People
(Reporter: markus, Assigned: jst)
References
()
Details
When clicking the above link, mozilla (2001120621) shows really strange behaviour:
1. 100% cpu
2. 100% smem/swap, 0% cpu
3. release a great deal of memory
back to 2.
(RH 7.1, Ximian GNOME 1.4 all updates applied)
Comment 1•23 years ago
|
||
Build ID: 2001 12 06 03. Windows 2000.
Suggest severity CRITICAL. I can reproduce this. Process size
(as displayed in the "Mem Usage" column in Task Manager => Processes)
oscillates between 50 and 100 MB. No I/O. CPU almost 100%.
This seems to go on forever, so I had to kill Mozilla.
Comment 2•23 years ago
|
||
I do see the same problem on W2k buildid 2001120603. Since It's on linux and
win2k shouldn't the OS be changed to ALL ?
Reporter | ||
Comment 3•23 years ago
|
||
severity major: to incorrectly execute malicious javascript code is not that
severe, but the behaviour might lead to 'real' bug.
Severity: normal → major
OS: Linux → All
Comment 4•23 years ago
|
||
The relevant part of the page:
<form name="form"><input type="text" name="box"><form>
<script language="javascript">
while(true) {
document.form.box.value=document.form.box.value + '
Status: UNCONFIRMED → NEW
Ever confirmed: true
Comment 5•23 years ago
|
||
So it's adding a non-ASCII character that's causing us the problem ... the
character # in question is 167 if that helps.
Comment 6•23 years ago
|
||
Reassigning to DOM Level 0. Correct me if I'm wrong, but this has
nothing to do with the particular character that's being appended above,
it's the infinite loop that's the issue:
while (true)
{
// code with no escape provision
}
Therefore I believe this is just a duplicate of bug 13350,
"DOM needs to police JS infinite loops, schedule garbage collection"
For the exact code that Boris referenced above, see this frame:
view-source:http://www.teknix.vwe.net/war/iehang.html
Assignee: rogerl → jst
Component: Javascript Engine → DOM Level 0
QA Contact: pschwartau → amar
Comment 7•23 years ago
|
||
*** This bug has been marked as a duplicate of 13350 ***
Status: NEW → RESOLVED
Closed: 23 years ago
Resolution: --- → DUPLICATE
You need to log in
before you can comment on or make changes to this bug.
Description
•