Closed Bug 61931 Opened 25 years ago Closed 24 years ago

segfault if this page is loaded

Categories

(SeaMonkey :: General, defect, P3)

Product:
SeaMonkey
Component:
General
Platform:
x86
Linux
Type:
defect

Tracking

(Not tracked)

Status:
RESOLVED DUPLICATE of bug 59494

People

(Reporter: zadigre, Assigned: asa)

References

(
URL
)

Details

(Keywords: crash)

From Bugzilla Helper: User-Agent: Mozilla/5.0 (X11; U; Linux 2.4.0-test12 i686; en-US; m18) Gecko/20001202 BuildID: 2000120206 Mozilla just close without any error message when I go to this page. Reproducible: Always Steps to Reproduce: go to the URL Actual Results: segfault and all Mozilla windows are closed...
Yup. Me too. Renders part way and then explodes. Linux, 2000120306.
Status: UNCONFIRMED → NEW
Ever confirmed: true
This is one profoundly sick server. Everything is arriving in 4K blocks padded with nulls. Use wget, or lynx -source, to retrieve the page and look at it with a hex viewer. The GIF images are also corrupt. Still, Mozilla should not crash on bad input data.
Keywords: crash
talkback looks like this: il_find_in_cache() il_get_container() IL_GetImage() ImageRequestImpl::Init() ImageGroupImpl::GetImage() nsFrameImageLoader::Init() nsPresContext::StartLoadImage() nsHTMLImageLoader::StartLoadImage() nsHTMLImageLoader::UpdateURLSpec() nsImageBoxFrame::UpdateImage() nsImageBoxFrame::DidSetStyleContext() nsFrame::SetStyleContext() FrameManager::ReResolveStyleContext() FrameManager::ReResolveStyleContext() FrameManager::ReResolveStyleContext() FrameManager::ComputeStyleChangeFor() nsCSSFrameConstructor::AttributeChanged() StyleSetImpl::AttributeChanged() PresShell::AttributeChanged() nsXULDocument::AttributeChanged() nsXULElement::SetAttribute() nsXULElement::SetAttribute() ElementSetAttribute() js_Invoke() js_Interpret() js_Invoke() nsXPCWrappedJSClass::CallMethod() nsXPCWrappedJS::CallMethod() PrepareAndDispatch() nsXPTCStubBase::Stub7() nsBrowserInstance::OnStateChange() nsDocLoaderImpl::FireOnStateChange() nsDocLoaderImpl::doStopDocumentLoad() nsDocLoaderImpl::DocLoaderIsEmpty() nsDocLoaderImpl::OnStopRequest() nsLoadGroup::RemoveChannel() nsHTTPChannel::ResponseCompleted() nsHTTPServerListener::OnStopRequest() nsOnStopRequestEvent::HandleEvent() nsStreamListenerEvent::HandlePLEvent() PL_HandleEvent() PL_ProcessPendingEvents() nsEventQueueImpl::ProcessPendingEvents() event_processor_callback() our_gdk_io_invoke() libglib-1.2.so.0 + 0xeaca (0x404b3aca) libglib-1.2.so.0 + 0x10186 (0x404b5186) libglib-1.2.so.0 + 0x10751 (0x404b5751) libglib-1.2.so.0 + 0x108f1 (0x404b58f1) libgtk-1.2.so.0 + 0x8c5b9 (0x405da5b9) nsAppShell::Run() nsAppShellService::Run() main1() main() libc.so.6 + 0x189cb (0x402629cb)
and from win32 talkback: il_find_in_cache [d:\builds\seamonkey\mozilla\modules\libimg\src\ilclient.cpp, line 395] il_get_container [d:\builds\seamonkey\mozilla\modules\libimg\src\ilclient.cpp, line 438] IL_GetImage [d:\builds\seamonkey\mozilla\modules\libimg\src\if.cpp, line 1913] ImageRequestImpl::Init [d:\builds\seamonkey\mozilla\gfx\src\nsImageRequest.cpp, line 262] ImageGroupImpl::GetImage [d:\builds\seamonkey\mozilla\gfx\src\nsImageGroup.cpp, line 284] nsFrameImageLoader::Init [d:\builds\seamonkey\mozilla\layout\base\src\nsFrameImageLoader.cpp, line 189] nsPresContext::StartLoadImage [d:\builds\seamonkey\mozilla\layout\base\src\nsPresContext.cpp, line 1107] nsHTMLImageLoader::StartLoadImage [d:\builds\seamonkey\mozilla\layout\html\base\src\nsHTMLImageLoader.cpp, line 241] nsHTMLImageLoader::GetDesiredSize [d:\builds\seamonkey\mozilla\layout\html\base\src\nsHTMLImageLoader.cpp, line 479] nsImageFrame::GetDesiredSize [d:\builds\seamonkey\mozilla\layout\html\base\src\nsImageFrame.cpp, line 327] nsImageFrame::Reflow [d:\builds\seamonkey\mozilla\layout\html\base\src\nsImageFrame.cpp, line 362] nsLineLayout::ReflowFrame [d:\builds\seamonkey\mozilla\layout\html\base\src\nsLineLayout.cpp, line 922] nsBlockFrame::ReflowInlineFrame [d:\builds\seamonkey\mozilla\layout\html\base\src\nsBlockFrame.cpp, line 4364] nsBlockFrame::DoReflowInlineFrames [d:\builds\seamonkey\mozilla\layout\html\base\src\nsBlockFrame.cpp, lin I think this is a duplicate
looks like topcrash bug 59494 *** This bug has been marked as a duplicate of 59494 ***
Status: NEW → RESOLVED
Closed: 24 years ago
Resolution: --- → DUPLICATE
Product: Browser → Seamonkey
You need to log in before you can comment on or make changes to this bug.