The following malformed .html document causes firefox to crash: x<frameset><iframe height=8388606> Demo: http://markbyers.com/crash.html For some people it always crashes, for other people it never works. Reproducible: Sometimes Steps to Reproduce: 1.echo 'x<frameset><iframe height=8388606>' > crash.html 2.firefox crash.html 3. Actual Results: No running windows found /usr/bin/firefox: line 88: 30043 Segmentation fault $mozbin "$@" Expected Results: No Segmentation fault. Portage 2.0.51.19 (default-linux/x86/2005.0, gcc-3.4.3-20050110, glibc-2.3.4.20050125-r0, 2.6.10-gentoo-r6 i686) ================================================================= System uname: 2.6.10-gentoo-r6 i686 Intel(R) Celeron(R) CPU 2.60GHz Gentoo Base System version 1.6.10 Python: dev-lang/python-2.3.5,dev-lang/python-2.2.3-r5 [2.3.5 (#1, Feb 20 2005, 03:03:30)] distcc 2.18.3 i686-pc-linux-gnu (protocols 1 and 2) (default port 3632) [disabled] dev-lang/python: 2.3.5, 2.2.3-r5 sys-devel/autoconf: 2.13, 2.59-r6 sys-devel/automake: 1.5, 1.6.3, 1.9.5, 1.7.9-r1, 1.8.5-r3, 1.4_p6 sys-devel/binutils: 2.15.92.0.2-r6 sys-devel/libtool: 1.5.10-r5 virtual/os-headers: 2.6.8.1-r2 ACCEPT_KEYWORDS="x86 ~x86" AUTOCLEAN="yes" CFLAGS="-O2 -march=pentium4 -pipe -fomit-frame-pointer" CHOST="i686-pc-linux-gnu" CONFIG_PROTECT="/etc /usr/kde/2/share/config /usr/kde/3.3/env /usr/kde/3.3/share/config /usr/kde/3.3/shutdown /usr/kde/3/share/config /usr/lib/X11/xkb /usr/lib/mozilla/defaults/pref /usr/share/config /usr/share/texmf/dvipdfm/config/ /usr/share/texmf/dvips/config/ /usr/share/texmf/tex/generic/config/ /usr/share/texmf/tex/platex/config/ /usr/share/texmf/xdvi/ /var/qmail/control" CONFIG_PROTECT_MASK="/etc/gconf /etc/terminfo /etc/env.d" CXXFLAGS="-O2 -march=pentium4 -pipe -fomit-frame-pointer" DISTDIR="/usr/portage/distfiles" FEATURES="autoaddcvs autoconfig ccache distlocks sandbox sfperms" GENTOO_MIRRORS="http://mirror.uni-c.dk/gentoo/ http://mirror.uni-c.dk/gentoo/ http://ftp.du.se/pub/os/gentoo http://pandemonium.tiscali.de/pub/gentoo/ http://ftp-stud.fht-esslingen.de/pub/Mirrors/gentoo/ http://ds.thn.htu.se/linux/gentoo http://gentoo.zie.pg.gda.pl http://gentoo.prz.rzeszow.pl http://mirrors.sec.informatik.tu-darmstadt.de/gentoo/ http://ftp.uni-erlangen.de/pub/mirrors/gentoo" LANG="en_GB.utf8" LC_ALL="en_GB.utf8" MAKEOPTS="-j2" PKGDIR="/usr/portage/packages" PORTAGE_TMPDIR="/var/tmp" PORTDIR="/usr/portage" PORTDIR_OVERLAY="/usr/local/zugaina-portage" SYNC="rsync://rsync.gentoo.org/gentoo-portage" USE="X aalib alsa apm arts avi bash-completion beepmp berkdb bitmap-fonts cddb cdr cdrom crypt cups directfb dvd dvdr encode esd fam fbcon flac foomaticdb gdbm gif gkrellm gmail gnome gpm gstreamer gtk gtk2 imlib java javascript jpeglcms libwww mad mikmod mmx motif mozilla mpeg ncurses network nls nntp nptl nptlonly oggvorbis opengl oss pam pdflib perl pic pie png python quicktime readline real samba sdl slang spell sse ssl svga tcltk tcpd tetex tiff transcode truetype truetype-fonts unicode usb x86 xemacs xml xml2 xmms xscreensaver xv zlib" Unset: ASFLAGS, CBUILD, CTARGET, LDFLAGS
If firefox crashes, mozilla and epiphany also crash. So this bug doesn't seem to be firefox specific. On my system mozilla-firefox crashes, but when I unmerge mozilla-firefox and merge mozilla-firefox-bin, I no longer get the crash.
Just checked - this is seems to be fixed in version 1.0.4.