Closed Bug 267126 Opened 20 years ago Closed 20 years ago

xlib makes mozilla exit due to large image

Categories

(Core Graveyard :: GFX: Gtk, defect)

Product:
Core Graveyard
Component:
GFX: Gtk
Platform:
x86
Linux
Type:
defect
Priority:
Not set
Severity:
normal

Tracking

(Not tracked)

Status:
VERIFIED DUPLICATE of bug 210931

People

(Reporter: guninski, Assigned: blizzard)

References

(
URL
)

Details

User-Agent: Mozilla/5.0 (X11; U; Linux i686; rv:1.7.3) Gecko/20040914 Firefox/0.10 Build Identifier: Mozilla/5.0 (X11; U; Linux i686; rv:1.7.3) Gecko/20040914 Firefox/0.10 when visiting the above url with latest mozilla trunk (and previous versions) on linux mozilla exits with the following error: The error was 'BadValue (integer parameter out of range for operation)'. (Details: serial 93624 error_code 2 request_code 53 minor_code 0) (Note to programmers: normally, X errors are reported asynchronously; that is, you will receive the error a while after causing it. To debug your program, run it with the --sync command line option to change this behavior. You can then get a meaningful backtrace from your debugger if you break on the gdk_x_error() function.) Reproducible: Always Steps to Reproduce: go to the url
seems confirmed on debian also. gdb doesn't fire.
GFX:Xlib is for the xlib port of mozilla. this is not what default builds use.
Assignee: roland.mainz → blizzard
Component: GFX: Xlib → GFX: Gtk
QA Contact: timeless → ian
This is related to bug 210931 . Essentially gdb will not fire since it is a clean exit being called. If we (mozilla) redefine the error handler then we can trap this.
In your html you have <img src="apache.png" style="width: 65536; height: 65536; background: red;">asdf</img> So for a 8bpp image of that size you'll be wanting 8*65535^2 = 32GB of memory to build that image. That clearly bad coding. Have you ever sceen a screen that big ?
it is strange at first sight, but 1. this is linux specific - the testcase works on f*cked windoze 2. if you change <img> to <div> you'll see large scrollbars and red backround of the <div> (without large amount of virtual memory)
As explained: 1. Of course this is linux specific. Windows doesn't have Xlib. I am not disputing it is a bug. 2. an <img> tag creates a xserver pixmap which triggers the bug. A <div> tag doesn't create a xserver pixmap hence it works. Bottom line, this is a dup of aforementioned bug.
style="width: 2; height: 65536" => crash style="width: 2; height: 65535" => no crash something related to "short int" ?
Yes it is a short. Gregori can you close this as a dup of 210931. I have a patch which i will attach to the aforementioned bug and carry on discussion in that bug.
Depends on: 210931
Resolving per the previous comment. *** This bug has been marked as a duplicate of 210931 ***
Status: UNCONFIRMED → RESOLVED
Closed: 20 years ago
Resolution: --- → DUPLICATE
Status: RESOLVED → VERIFIED
No longer depends on: 210931
Product: Core → Core Graveyard
You need to log in before you can comment on or make changes to this bug.