Closed
Bug 43174
Opened 24 years ago
Closed 24 years ago
Blow the stack going to www.internet.com -- nasty crash
Categories
(Core :: Layout, defect, P3)
Tracking
()
M17
People
(Reporter: Brade, Assigned: harishd)
References
()
Details
(Keywords: crash, platform-parity, top100)
Attachments
(3 files)
With a debug Macintosh build from this morning, I crash when I go to http:// www.internet.com. I discovered this bug when I was running chofmann's browser buster (top 100 sites)
Reporter | ||
Comment 1•24 years ago
|
||
adding some keywords; not sure if this is cross-platform or not
Comment 2•24 years ago
|
||
hmmm, it works in win32 2000062008, but loads wierdly
Comment 3•24 years ago
|
||
this crashes me on Mac os9 but not winNT
Comment 4•24 years ago
|
||
Works on Linux 2000-06-19-08, loads slowly.
Comment 5•24 years ago
|
||
www.internet.com loads fine on PC/Linux with build 2000062220. However, I see lots of JavaScript errors in the shell output: http://www.internet.com/home-d.html line 48: curDoc.layers has no properties
Comment 6•24 years ago
|
||
Comment 7•24 years ago
|
||
I got this to work about once every other time by downloading the source in 4.7 and removing the large block of white space from the page. However, this only works about half the time so I don?t think it will help, but you never know.
Comment 8•24 years ago
|
||
updating component and setting defualt owner. macsbug sc output from 071108 mozilla build: Calling chain using A6/R1 links Back chain ISA Caller 00000000 PPC 1F2B7D64 0D6B5800 PPC 1F2A28A8 main+00130 0D6B57A0 PPC 1F2A1DA4 main1(int, char**, nsISupports*)+00944 0D6B54E0 PPC 1F03609C nsAppShellService::Run()+00018 0D6B54A0 PPC 1EB528B4 nsAppShell::Run()+00038 0D6B5450 PPC 1EB52FB0 nsMacMessagePump::DoMessagePump()+0003C 0D6B5400 PPC 1EB535B8 nsMacMessagePump::DispatchEvent(int, EventRecord*)+ 00174 0D6B53B0 PPC 1EB68D2C Repeater::DoRepeaters(const EventRecord&)+00030 0D6B5370 PPC 1EB30E88 nsMacNSPREventQueueHandler::RepeatAction(const EventRecord&)+000 0C 0D6B5330 PPC 1EB30FA0 nsMacNSPREventQueueHandler::ProcessPLEventQueue()+ 000B0 0D6B52C0 PPC 1EE04DE8 nsEventQueueImpl::ProcessPendingEvents()+00038 0D6B5250 PPC 1EE61DE0 PL_ProcessPendingEvents+0004C 0D6B5210 PPC 1EE61EC8 PL_HandleEvent+00020 0D6B51D0 PPC 1EA15F30 nsStreamListenerEvent::HandlePLEvent(PLEvent*)+00024 0D6B5180 PPC 1EA1710C nsOnDataAvailableEvent::HandleEvent()+00068 0D6B5130 PPC 1EA90CF4 nsHTTPServerListener::OnDataAvailable(nsIChannel*, nsISupports*, nsIInputStream*, unsigned int, unsigned int)+00C68 0D6B4D70 PPC 1EA46EAC InterceptStreamListener::OnDataAvailable(nsIChannel* , nsISupport s*, nsIInputStream*, unsigned int, unsigned int)+00060 0D6B4D20 PPC 1EA92788 nsHTTPFinalListener::OnDataAvailable(nsIChannel*, nsISupports*, nsIInputStream*, unsigned int, unsigned int)+00094 0D6B4CC0 PPC 1F115998 nsDocumentOpenInfo::OnDataAvailable(nsIChannel*, nsISupports*, n sIInputStream*, unsigned int, unsigned int)+00068 0D6B4C60 PPC 1EAFA8E8 ImageConsumer::OnDataAvailable(nsIChannel*, nsISupports*, nsIInp utStream*, unsigned int, unsigned int)+002A4 0D6B4BC0 PPC 1F28FF54 NetReaderImpl::Write(const unsigned char*, long)+ 00018 0D6B4B80 PPC 1F293B34 IL_StreamWrite(il_container_struct*, const unsigned char*, long) +00074 0D6B4B30 PPC 1FC9689C GIFDecoder::ImgDWrite(const unsigned char*, long)+ 00018 0D6B4AF0 PPC 1FC982F8 il_gif_write(il_container_struct*, const unsigned char*, long)+0 0B70 0D6B4A80 PPC 1F2923BC ImgDCallbk::ImgDCBImageSize()+0001C 0D6B4A40 PPC 1F293584 il_size(il_container_struct*)+003B0 0D6B49D0 PPC 1EAF45E0 ImageRendererImpl::NewPixmap(void*, int, int, _NI_Pixmap*, _NI_P ixmap*)+000DC 0D6B4960 PPC 1EAFE0FC nsImageMac::Init(int, int, int, nsMaskRequirements)+ 000DC 0D6B4900 PPC 1EAFEBB8 nsImageMac::AllocateGWorld(short, ColorTable**, const Rect&, CGr afPort**)+00030 0D6B48B0 PPC FFD1946C PurgeSpace+00028 0D6B4870 PPC 20008874 __PurgeSpace+00018
Assignee: asa → pnunn
Component: Browser-General → ImageLib
QA Contact: doronr → elig
Reporter | ||
Comment 9•24 years ago
|
||
I ran chofmann's browser buster page (again) on today's mac (debug) build. I managed to load **78** pages before I crashed at this website. Nominate this for nsbeta2 since this is a top100 page.
Keywords: nsbeta2
Comment 10•24 years ago
|
||
Ah, we're getting heap corruption here. That's bad.
Comment 11•24 years ago
|
||
What's happening here is that we're blowing the stack. This site seems to use close to 1Mb of stack to lay out. I'll attach one example of a big, frame construction stack. Sorry to doom you, Chris.
Assignee: pnunn → waterson
Status: ASSIGNED → NEW
Component: ImageLib → Layout
Summary: crash going to www.internet.com → Blow the stack going to www.internet.com -- nasty crash
Comment 12•24 years ago
|
||
Reporter | ||
Comment 13•24 years ago
|
||
actually the stack needs to be about 555K or so (for this url to not crash) PDT--can we make the stack larger for nsbeta2 (on the branch)?
Reporter | ||
Comment 14•24 years ago
|
||
add pp keyword; cc buster (since table code may be the culprit), pierre, and kmcclusk
Keywords: pp
Comment 15•24 years ago
|
||
sounds like increasing stack size may change the behaviour of the app in unmeasurable ways exposing unknown bugs. risky for beta. is there any other way to fix this? less risky way to fix this?
Whiteboard: NEED INFO
Comment 16•24 years ago
|
||
Increasing the stack size has low risk; it is very unlikely to cause any new bugs.
Comment 17•24 years ago
|
||
This is unclosed-tag city. I'll attach the original page for posterity's sake, but it looks like there are about 100 unclosed <input type="hidden"> fields that are probably blowing the content model to hell in a bucket. harishd, this is probably your department...
Assignee: waterson → harishd
Comment 18•24 years ago
|
||
Comment 19•24 years ago
|
||
harishd: what appears to be blowing its mind is -not- the <input type=hidden>, but instead the sekret tags in the head, which cuase the content model to get deeply nested. I tried removing all of those tags (everything between <csactions>...</csaction>), and life got much better. Why do we let those tags affect the body?
Comment 20•24 years ago
|
||
ChrisW: <input> has no end tag anyway; that's why the unclosed <input>s are not causing a problem. It is rather fun to see us trying interpret the unknown tags and then failing dismally when we discover they don't have end tags though... There is (or was) a bug on this issue already.
Assignee | ||
Comment 21•24 years ago
|
||
Increasing the stack is * a * solution ( though I'm unsure of the side effects ) but not * the * solution. I'll be tackling a similar bug ( unclosed FONT ) for beta3 and therefore will look into this bug for beta3 ( since we don't have a lot of time for beta2 ).
Status: NEW → ASSIGNED
Comment 22•24 years ago
|
||
Putting on [nsbeta2+] radar for beta2 fix. The + is for a hack fix to increase the stack.
Whiteboard: NEED INFO → [nsbeta2+]
Assignee | ||
Comment 23•24 years ago
|
||
Chris, will have to work with you..since I don't have a Mac. system!!! HEEEEELLLLLLPPPP.
Updated•24 years ago
|
Whiteboard: [nsbeta2+]
Comment 24•24 years ago
|
||
PDT: please assign your "+" to bug 46722 instead. That way, we won't lose this one in the shuffle.
Comment 27•24 years ago
|
||
Scrap the makingtest idea. I just don't have the time.
Keywords: makingtest
Comment 28•24 years ago
|
||
*** This bug has been marked as a duplicate of 42138 ***
Status: ASSIGNED → RESOLVED
Closed: 24 years ago
Resolution: --- → DUPLICATE
You need to log in
before you can comment on or make changes to this bug.
Description
•