Status

()

--
major
RESOLVED DUPLICATE of bug 13350
17 years ago
11 years ago

People

(Reporter: markus, Assigned: jst)

Tracking

Trunk
x86
All
Points:
---

Firefox Tracking Flags

(Not tracked)

Details

(URL)

(Reporter)

Description

17 years ago
When clicking the above link, mozilla (2001120621) shows really strange behaviour: 
1. 100% cpu
2. 100% smem/swap, 0% cpu
3. release a great deal of memory
back to 2.

(RH 7.1, Ximian GNOME 1.4 all updates applied)

Comment 1

17 years ago
Build ID: 2001 12 06 03. Windows 2000.

Suggest severity CRITICAL. I can reproduce this. Process size
(as displayed in the "Mem Usage" column in Task Manager => Processes)
oscillates between 50 and 100 MB. No I/O. CPU almost 100%.
This seems to go on forever, so I had to kill Mozilla.

Comment 2

17 years ago
I do see the same problem on W2k buildid 2001120603. Since It's on linux and
win2k shouldn't the OS be changed to ALL ?
(Reporter)

Comment 3

17 years ago
severity major: to incorrectly execute malicious javascript code is not that
severe, but the behaviour might lead to 'real' bug.
Severity: normal → major
OS: Linux → All
The relevant part of the page:

<form name="form"><input type="text" name="box"><form>

<script language="javascript">
while(true) {
  document.form.box.value=document.form.box.value + '
Status: UNCONFIRMED → NEW
Ever confirmed: true

Comment 5

17 years ago
So it's adding a non-ASCII character that's causing us the problem ... the
character # in question is 167 if that helps.

Comment 6

17 years ago
Reassigning to DOM Level 0. Correct me if I'm wrong, but this has
nothing to do with the particular character that's being appended above,
it's the infinite loop that's the issue:


                 while (true) 
                 {
                   // code with no escape provision
                 }


Therefore I believe this is just a duplicate of bug 13350,
"DOM needs to police JS infinite loops, schedule garbage collection"

For the exact code that Boris referenced above, see this frame:
view-source:http://www.teknix.vwe.net/war/iehang.html
Assignee: rogerl → jst
Component: Javascript Engine → DOM Level 0
QA Contact: pschwartau → amar

Comment 7

17 years ago

*** This bug has been marked as a duplicate of 13350 ***
Status: NEW → RESOLVED
Last Resolved: 17 years ago
Resolution: --- → DUPLICATE
You need to log in before you can comment on or make changes to this bug.