Closed
Bug 22015
Opened 26 years ago
Closed 26 years ago
Mozilla Page Faults at URL
Categories
(Core :: JavaScript Engine, defect, P3)
Tracking
()
People
(Reporter: stephena, Assigned: leger)
References
()
Details
(Whiteboard: [TESTCASE])
Attachments
(1 file)
|
228 bytes,
text/html
|
Details |
Using build 1999121612, mozilla regularly page faults on the URL. The pagefault
dialog box often quotes the fault as occurring in a different DLL each time. I
am attempting to pear down the page's HTML and retrieve the pictures and
JavaScript locally so I can try to isolate what part exactly is causing the page
fault.
I am running W95 OSR2 with 128MB RAM.
|
||
Updated•26 years ago
|
Severity: normal → critical
|
Reporter | |
Comment 1•26 years ago
|
||
As I have been working to isolate the section of the HTML causing the invalid
page fault, I have repeatedly been getting:
Invalid page fault in Kernel32.dll at 0137:bff9a5d0
If that means anything to anybody...
|
|
Reporter | |
Updated•26 years ago
|
Component: Browser-General → Javascript Engine
|
|
Reporter | |
Comment 2•26 years ago
|
||
I think it is a JavaScript problem. Down in the middle of the <BODY> section
they have the following code:
<SCRIPT>
function email()
{
address=document.emailform.emailinput.value;
location='http://cnn.com/EMAIL/index.html?'+address;
}
</SCRIPT>
Then they have some more HTML followed by:
<SCRIPT>document.write('<FORM name="emailform" onsubmit="email();return
false;"><input type="text" name="emailinput" size="10"> <input
type="submit" value="go"></form>');
</SCRIPT>
Now, I've found removal of either of these two script sections stops mozilla
from page faulting. BUT, inserting these two sections into a dummy HTML test
page do not cause a page fault. There has to be another part to this somewhere
in the HTML... I continue looking...
|
|
Reporter | |
Comment 3•26 years ago
|
||
|
|
Reporter | |
Comment 4•26 years ago
|
||
I have created a test case attachment. It's pretty simple - but the problem
seems to be pretty complicated. Here's the source of the testcase and what
I've discovered:
<HTML>
<HEAD>
<TITLE>Title</TITLE>
</HEAD>
<BODY>
<TABLE>
<SCRIPT>
// Blah blah
</SCRIPT>
<TR>
<TD>
<SCRIPT>
document.write('blah');
</SCRIPT>
</TD>
</TR>
</TABLE>
</BODY>
</HTML>
There are basically two SCRIPT sections planted inside a TABLE. For the
invalid page fault to occur, the first SCRIPT section must be placed before the
first <TR> for the page fault to occur. It does not seem to matter what the
contents of the first SCRIPT section are. The second script section must fall
within a proper <TD> </TD> section for the page fault to occur. Moving it out
into a <TR> </TR> or out just under the <TABLE> element like the first script
section makes the page fault go away. Additionally, it seems the second SCRIPT
section must contain a document.write of some type. If you replace it with
comments or a function definition, it will not page fault.
Now if you're like me your thinking those are a whole lot of specifications to
meet for a page fault to occur. Well, yes, but CNN has managed to meet all
those conditions. Additionally, I'm getting a fair number of page faults with
mozilla during general use. Hopefully this cockroach may lead back to the nest
;)
|
|
Reporter | |
Updated•26 years ago
|
Whiteboard: [TESTCASE]
|
|
Reporter | |
Comment 5•26 years ago
|
||
I don't know if this bug got created recently (within the last two or three
days) or CNN has changed how they're doing their website, but almost every
single one of their "Full story" links on their top stories causing this
invalid page fault crash. And just as M12 is poking it's head up too.... rats.
|
||
Comment 6•26 years ago
|
||
Very nice work, stephena@hiwaay.net. Really well broken down. Thanks.
... which is why I'm hesitant in noting it, but, I believe that this is
a duplicate of bug #21918, which is also on cnn.com, and has an virtually
identical minimum test case.
But the good news is that a fix has already been checked in. (Amazingly,
it's a one-liner fix -- a typo that never got run until recently).
|
|
Reporter | |
Comment 7•26 years ago
|
||
Thank you for pointing that out. I hope indeed the fix works. The testcase
for bug 21918 actually does not cause a crash on my W95 mozilla. For a crash
to occur the second SCRIPT with the document.write (as seen in my testcase)
must be included in order to prompt a crash.
Hopefully that is a OS dependant thing and the fix for the other bug will also
fix this nearly identical one. I wish I had seen that bug before writing this
one. Oh well.... 3jrgm would you mind taking a look at bug #22026 before I do
this all over agian? <grin>
|
|
Reporter | |
Comment 8•26 years ago
|
||
Added karnaze to the cc list so he can comment on whether the fix for bug#
21918 indeed adresses the same issue as this bug.
|
||
Updated•26 years ago
|
Status: NEW → RESOLVED
Closed: 26 years ago
Resolution: --- → DUPLICATE
|
|
||
Comment 9•26 years ago
|
||
|
||
Comment 10•26 years ago
|
||
Verified as a dup per
http://www.mozilla.org/quality/duplicate-resolved-bugs.html
| Comment hidden (collapsed) |
You need to log in
before you can comment on or make changes to this bug.
Description
•