Closed Bug 2766 Opened 26 years ago Closed 26 years ago

[PP] <DIV> tag outside of BODY results in crash (from browser buster)

Categories

(Core Graveyard :: Viewer App, defect, P1)

All
Linux

Tracking

(Not tracked)

VERIFIED FIXED

People

(Reporter: elig, Assigned: pierre)

References

()

Details

* TITLE/SUMMARY <DIV> tag outside of BODY yields a crash (from browser buster) * STEPS TO REPRODUCE 0) Launch Viewer 1) Load the text at http://www.prometheus-music.com/gecko/divcrash.html. (Text is excerpted from the browser buster at http://grok/tests/page_loader/about.html) * RESULT - What happened Poof. (stack crawl from Mac enclosed) - What was expected No crash. Doesn't crash if you take the <DIV> tag and move it into the <BODY> tag. Also works if you remove the <HEAD> section. * REGRESSION - Occurs On viewer (1.27.99 optimized build for Mac OS) viewer (1.27.99 optimized build for Win32 [NT 4, Service Pack 3]) viewer (1.27.99 optimized build for Linux) - Doesn't Occur On Netscape Communicator 4.5 (4.5.1m2 for Mac OS) * STACK CRAWL PowerPC unmapped memory exception at 619A6198 Calling chain using A6/R1 links Back chain ISA Caller 00000000 PPC 0BA85CEC 03AF09C0 PPC 0BA7C8AC 03AF0960 PPC 0BA7C10C 03AF0920 PPC 0B8A9588 nsMacMessageSink::IsRaptorWindow(GrafPort*)+00E6C 03AF0840 PPC 0B8A9AC0 nsMacMessageSink::IsRaptorWindow(GrafPort*)+013A4 03AF07E0 PPC 0B9FC3CC Repeater::DoRepeaters(const EventRecord&)+00030 03AF07A0 PPC 0B9F8ACC TimerPeriodical::RepeatAction(const EventRecord&)+ 00144 03AF06A0 PPC 0B9F813C TimerImpl::Fire()+00024 03AF0660 PPC 0B9CF3C0 NS_NewImageRenderer+00D2C 03AF0620 PPC 0B9637F0 NET_RegisterProtocolImplementation+059D0 03AF05E0 PPC 0B95F9C8 NET_RegisterProtocolImplementation+01BA8 03AF0250 PPC 0B96B238 TimingElapsedTimeToString+06BA0 03AF0200 PPC 0B96A9E4 TimingElapsedTimeToString+0634C 03AF01B0 PPC 0B984B14 NS_ShutdownINetService+024D0 03AF0160 PPC 0B637888 03AF0110 PPC 0B652E74 NS_NewOtherHTMLDTD(nsIDTD**)+07D58 03AF00B0 PPC 0B652A54 NS_NewOtherHTMLDTD(nsIDTD**)+07938 03AF0060 PPC 0B652B54 NS_NewOtherHTMLDTD(nsIDTD**)+07A38 03AF0020 PPC 0B6475A4 NS_NewNavHTMLDTD(nsIDTD**)+00A7C 03AEFFD0 PPC 0B647828 NS_NewNavHTMLDTD(nsIDTD**)+00D00 03AEFF80 PPC 0B651A14 NS_NewOtherHTMLDTD(nsIDTD**)+068F8 03AEFF40 PPC 0B646C64 NS_NewNavHTMLDTD(nsIDTD**)+0013C 03AEFEF0 PPC 0B6480B8 NS_NewNavHTMLDTD(nsIDTD**)+01590 03AEFE30 PPC 0B647DA4 NS_NewNavHTMLDTD(nsIDTD**)+0127C 03AEFD70 PPC 0B64A0E0 NS_NewNavHTMLDTD(nsIDTD**)+035B8 03AEFD10 PPC 0B649BD8 NS_NewNavHTMLDTD(nsIDTD**)+030B0 03AEFC00 PPC 0B6ED7D4 nsGlobalVariables::Release()+07808 Closing log * HTML SNIPPET (from http://www.prometheus-music.com/gecko/divcrash.html) <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN"> <HTML> <HEAD> <META HTTP-EQUIV="Content-Type" CONTENT="text/html; charset=iso-8859-1"> <META NAME="Author" CONTENT="Chris Hofmann"> <META NAME="GENERATOR" CONTENT="Mozilla/4.06 [en] (Win95; U) [Netscape]"> <TITLE>Browser Buster Endurance Tests</TITLE> </HEAD> <DIV ALIGN=CENTER> <BODY> </DIV> </BODY> </HTML> * CONFIGURATIONS TESTED - [Mac] Power Mac 8500/120 (233 Mhz 604e), 64 MB RAM (VM on; 1 MB of VM used), 1024x768 (Thousands of Colors), Mac OS 8.5.1 - [Win32] Vectra VL (233 Mhz P2), 96 MB RAM, 800x600 (True Color), NT 4.0 SP3. - [Linux] Vectra VL (266 Mhz P2), 32 MB RAM (blech).
Component: Widget Set → Viewer App
Assignee: kmcclusk → rickg
Summary: <DIV> tag outside of BODY yields a crash (from browser buster) → <DIV> tag outside of BODY results in crash (from browser buster)
Status: NEW → ASSIGNED
Please note bug 2783, of which this may be a duplicate --- and both of which may be a duplicate of a greater known problem.
Verified fixed on 2.1.99 Win32 and Mac OS builds. However, unable to verify on Linux builds (today's builds dump on load for me, and the 1.29.99 build checked still has this bug.) Thus, not formally marked as verified until Linux verification takes place.
Status: RESOLVED → REOPENED
Re-opening. Using 2.3.99 build, Viewer segfaults on this page after an approximately 10 second pause.
OS: All → Linux
Summary: <DIV> tag outside of BODY results in crash (from browser buster) → [PP] <DIV> tag outside of BODY results in crash (from browser buster)
(adding platform parity marker in Summary.)
Assignee: rickg → pierre
Status: REOPENED → NEW
Pierre -- I'm pretty sure that this is working correctly in the parser. Can you spend 10 minutes looking at your debugger to see if its an event problem?
Status: NEW → RESOLVED
Closed: 26 years ago
Resolution: FIXED → WORKSFORME
I tried with the 02/01 optimized build and with today's (02/10) debug build but it doesn't crash, even after a 30 seconds wait. Marking as WorksForMe. Eli, if you can reproduce the bug, could you join another stack trace?
Status: RESOLVED → REOPENED
Status: REOPENED → RESOLVED
Closed: 26 years ago26 years ago
Resolution: WORKSFORME → FIXED
Status: RESOLVED → VERIFIED
Hmm...Can't reproduce on 2.9.99 Linux build, either. I'm going to mark as Verified/Fixed, since the bug appears to be fixed cross- platform. Thanks, Pierre.
Product: Core → Core Graveyard
You need to log in before you can comment on or make changes to this bug.