Bug 11393

Dear RedHat Developers:

I have had an ongoing problem with Netscape ever since I switched to RedHat
6.1, and it continued into RedHat 6.2. The problem manifests itself in a
BUS ERROR every time I access sites with certain content. I've estimated
that approximately one in ten sites contains this content, which means I'm
forever reloading netscape. I must then either a) avoid the site, b) wait a
while for the banner ad to switch (yes, sometimes the banner itself causes
the problem, or c) rerun netscape as root. While running as root, this
problem does not occur.

I should also mention that a co-worker also experiences this same problem.
It is quite bothersome to say the least. Hopefully, you'll be able to
identify where the problem lies; I've captured one such culprit page and
narrowed it down to the following text:

  <SCRIPT SRC="http://localhost"></SCRIPT>

No header, no body, nothing...just the above text in a file all by itself
(even if it's contained in an email message...)


To reproduce the problem, start by creating a file, say, /tmp/bad.html and
fill it with:

  <SCRIPT SRC="http://localhost"></SCRIPT>

Then, in the URL location, type:

  file:/tmp/bad.html <enter>

The result is a shutdown of netscape, and a bus error.

It only occurs under a non-root account, and persists even when strace'ing
the application. Here is a dump of the above exactly as I've described it.


Output from the command:

  strace /usr/local/lib/netscape/netscape-communicator > /tmp/strace.txt
2>&1

yields a complete startup and trace up until it coredumps. I can provide
more information, or a complete trace upon request.

------------------------------
  read(8, "\1\0\215\32\3\0\0\0\"\0\0\0\1\0\1\1\377\377\377\377\0\0"..., 32)
= 32
  read(8, "\37\200\"\1\37\200\"\1O\0s\10", 12) = 12
  read(8, "\1\10\216\32\0\0\0\0*\0\0\0\0\0\0\0\20\0\20\0\0\0\0\0\0"..., 32)
= 32
  time(NULL)                              = 958164763
  lseek(16, 0, SEEK_END)                  = 339968
  lseek(16, 245760, SEEK_SET)             = 245760
  read(16, "0\0\323\17\302\17\204\17s\17O\17>\17\n\17\371\16\305\16"...,
4096) = 4096
  time(NULL)                              = 958164763
  gettimeofday({958164763, 943768}, NULL) = 0
  time(NULL)                              = 958164763
  getpid()                                = 8999
  stat("/home/twalker/.netscape/cache/1B", {st_mode=S_IFDIR|0755,
st_size=4096, ...}) = 0
  --- SIGALRM (Alarm clock) ---
  gettimeofday({958164763, 968988}, NULL) = 0
  sigreturn()                             = ? (mask now [])
  stat("/home/twalker/.netscape/cache/1B/cache391C6F1B0002327", 0xbfffdff4)
= -1 ENOENT (No such file or directory)
  open("/home/twalker/.netscape/cache/1B/cache391C6F1B0002327",
O_WRONLY|O_CREAT|O_TRUNC, 0666) = 23
  fchmod(23, 0600)                        = 0
  fstat64(0x17, 0xbfffe018)               = 0
  old_mmap(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1,
0) = 0x402d0000
  --- SIGSEGV (Segmentation fault) ---
  getpid()                                = 8999
  kill(8999, SIGBUS)                      = 0
  --- SIGBUS (Bus error) ---
  +++ killed by SIGBUS +++

--------------------------------

If there is any other information you'd like, I would be glad to be of
assistance.


Torin...