Open Bug 403999 Opened 17 years ago Updated 2 years ago

alert() called from deeply nested js function is blank and cannot be closed

Categories

(Core :: DOM: Core & HTML, defect, P5)

Product:
Core
Component:
DOM: Core & HTML
Type:
defect

Tracking

()

People

(Reporter: jruderman, Unassigned)

References

(
URL
)

Details

(Keywords: crash, hang, testcase, Whiteboard: js-triage-needed)

Attachments

(1 file, 1 obsolete file)

testcase (essentially hangs Firefox when loaded)
390 bytes, text/html
Details 
This was reported at 
http://www.thespanner.co.uk/2007/11/14/firefox-history-dos-attack/ (which reed pointed me to).  It's also part of what goes wrong in bug 246377.

Note that the testcase here is clearer than the testcase on thespanner.co.uk.
Blocks: 246377

        Attachment #288948 -
        Attachment is obsolete: true

    
    

    
  
CCing people from bug 339652, since they know about the too-much-recursion checks in dom/ and js/src/.  (This was initially found on branch, but still happens on trunk, so I guess the fix for that bug didn't change the behavior here.)

    
    

    
  
Pressing escape key will close it.
But underneath you will see another. and another and so on.
Finally you will start seeing a good alert boxes.  


    
    

    
  
This testcase crashes for me after a brief hang.
OS: Mac OS X → All
Hardware: x86 → All
Keywords: crash
Whiteboard: js-triage-needed

    
    

    
  
I see the slow-script dialog (mangled it may be) so I'll lob this over to DOM.
Assignee: general → nobody
Component: JavaScript Engine → DOM
QA Contact: general → general

    
    

    
  
Isn't this just a matter of running out of JS stack while trying to run the UI JS?  I don't think there's anything the DOM per se can do about that....

    
  
Depends on: 732665

    
    

    
  
DOM gets the DOMOperationCallback, so, even if JS does run out of stack, I think execution should be halted.  Due to the nesting, I suspect this is related to bug 726174, which needs attention from a DOM-knowing person.

    
    

    
  
https://bugzilla.mozilla.org/show_bug.cgi?id=1472046

Move all DOM bugs that haven’t been updated in more than 3 years and has no one currently assigned to P5.

If you have questions, please contact :mdaly.
Priority: -- → P5
Component: DOM → DOM: Core & HTML

    
  
Severity: normal → S3

          You need to log in
          before you can comment on or make changes to this bug.
        






  

    
  







  

    

      
Attachment

      

      
      
      
      
    

    

      

        

          

            
General

            

              Creator: 



            

            
Created: 

            
Updated: 

            
Size: