System Crash when opening Website

From the mods: The link mentioned below seems to be able to block systems. A forced power dwon may be needed to cure this. Please read first the whole thread before you try the link.

Hi @all,

I have the following Problem. When I try to open this webside: RecentWork - Research Wiki with Firefox my screen becomes black and I have no response from anything. This bug is reproducible. The side is a wiki-page from a friend of mine so I can rule out (intentional) malware.

I also tried to open it with Epiphany - which also has a hard time opening it. (100% Cpu load, long phases of nearly stopping) I meanwhile observed the processes “prepare_preload”, “tracker-store” and "Xorg"taking the biggest amount of cpu-time.
Konqueror seems to have no problems loading it.

My System: is openSUSE 11.4 64 Bit, Kernel 2.6.37.6-0.7, Firefox 7.0.1, Gnome 2.32.1 I have no other machine to test it.

I don’t know if this is a browser or system Problem. Maybe someone can check it and fit it into the right Bugreport-slot? Thanks.

skynet4ever wrote:

>
> Hi @all,
>
> I have the following Problem. When I try to open this webside:
> ‘RecentWork - Research Wiki’
> (http://nexuslab.phas.ubc.ca/wiki/RecentWork) with Firefox my screen
> becomes black and I have no response from anything. This bug is
> reproducible. The side is a wiki-page from a friend of mine so I can
> rule out (intentional) malware.

Yes, it is not malware, but rather a LOT of content, such as the graphs,
which are taking a very long time to load, etc.

I was going to use Firebug to get some info on total page size, and sizes of
the objects, etc. but the browser crashed before I could start Firebug.

This is not a bug with your browser, but rather content on the site that
needs to be fixed.

> I also tried to open it with Epiphany - which also has a hard time
> opening it. (100% Cpu load, long phases of nearly stopping) I meanwhile
> observed the processes “prepare_preload”, “tracker-store” and
> "Xorg"taking the biggest amount of cpu-time.
> Konqueror seems to have no problems loading it.

That is happes with multiple browsers further indicates an issue with the
content, not the browser.

> My System: is openSUSE 11.4 64 Bit, Kernel 2.6.37.6-0.7, Firefox 7.0.1,
> Gnome 2.32.1 I have no other machine to test it.
>
> I don’t know if this is a browser or system Problem. Maybe someone can
> check it and fit it into the right Bugreport-slot? Thanks.
>

I would have your friend look at the content on the page - reduce the amount
on one page for one thing (make more pages) and make the graphs smaller file
sizes. Also, if using any other plugins, javascript, etc. disable that to
narrow it down.

–
Cheers,
Lews Therin

Hi there,

Though it crashed FF consistently, and I could not use Firebug, I was able to load it with Chrome and use its Firebug-Like debug console to view more info. You might try using this to see what you can determine. The 35MB page size would be where I would start, thats a bit much. Just splitting the graphs onto multiple pages might resolve it - and make them smaller, looks like some are half a meg each, etc. It does not to me appear to be a Javascript issue, as there is very little and those scripts appear to run fine.

http://timelordz.com/scripts/media/nexuslabWikiChrome.png

Cheers,
Lews Theirn

I suspect that is a malicious site.

I “visited” that site, not expecting problem. I am using “noscript” which usually stops a lot of problems.

I found my system soon became unusable and was forced to reboot. The reboot hung halfway, so I had to force a power off.

Before the attempted reboot, I noticed that “sshd” was running at 100%. That sure looked suspicious.

Checking the logs after reboot, there is some interesting stuff:

Oct 16 10:50:19 nwr2 kernel:  3806.065900] [drm] nouveau 0000:00:05.0: fail ttm_validate
Oct 16 10:50:19 nwr2 kernel:  3806.065906] [drm] nouveau 0000:00:05.0: validate both_list
Oct 16 10:50:19 nwr2 kernel:  3806.065918] [drm] nouveau 0000:00:05.0: validate: -12
Oct 16 10:52:12 nwr2 kernel:  3919.575477] show_signal_msg: 54 callbacks suppressed
Oct 16 10:52:12 nwr2 kernel:  3919.575483] sshd[2655]: segfault at 10000005d ip 000000010000005d sp 00007fff980532c8 error 14 in libnss_files-2.11.3.so[7fe937036000+c000]
Oct 16 10:52:12 nwr2 kernel:  3919.742436] sshd[8891]: segfault at 48 ip 00007f963a6f339d sp 00007fff861dafa0 error 6 in ld-2.11.3.so[7f963a6e9000+1e000]
Oct 16 10:54:33 nwr2 polkitd(authority=local): Unregistered Authentication Agent for unix-session:/org/freedesktop/ConsoleKit/Session1 (system bus name :1.24, object path /org/kde/PolicyKit1/AuthenticationAgent, locale en_US.UTF-8)
Oct 16 10:54:37 nwr2 kernel:  4064.082065] startkde[8978]: segfault at 0 ip 00000000004767d6 sp 00007fffaa06e2b0 error 4 in bash[400000+95000]
Oct 16 10:54:37 nwr2 kernel:  4064.082525] startkde[8980]: segfault at 114e ip 000000000046af71 sp 00007fffaa06e280 error 4 in bash[400000+95000]
Oct 16 10:54:38 nwr2 kernel:  4065.412912] dbus_at_console[8996]: segfault at 8 ip 00007f3429e12eae sp 00007fffd02a95c0 error 4 in libc-2.11.3.so[7f3429d9e000+164000]
Oct 16 10:54:38 nwr2 kernel:  4065.414057] dbus_at_console[8997]: segfault at 10 ip 00007f3429e12d85 sp 00007fffd02a9160 error 4 in libc-2.11.3.so[7f3429d9e000+164000]
Oct 16 10:54:39 nwr2 kernel:  4066.380505] [drm] nouveau 0000:00:05.0: nouveau_channel_free: freeing fifo 1
Oct 16 10:54:39 nwr2 shutdown[9004]: shutting down for system reboot
Oct 16 10:54:40 nwr2 init: Switching to runlevel: 6
Oct 16 10:54:41 nwr2 init: no more processes left in this runlevel
Oct 16 10:55:01 nwr2 shutdown[9009]: shutting down for system reboot

Those are the last few lines, after which I powered off and rebooted.

I’m guessing here, but I suspect that the site has a specially crafted image that is designed to attack vulnerabilities in the graphics hardware and/or software.

Thank you for your replies. Of cause I have informed him about this issue! The email is already out. But from my point of view no Page content whatsoever should be able to do this to my System - maybe the browser can crash but not the hole System. Obviously this (a big Page) can happen so it should be handled in so way. Maybe there is a delimiter missing somewhere. If this is the case it is not entirely his fault alone.

Thanks again.

It may be a graphics driver problem. I am running 12.1 Beta 1 with kernel
3.1-rc9, FF 7.0.1, and an nVidia graphics adapter, but using nv as the video
driver. The web page loaded without any problems. Because of the large size,
scrolling was slow, but no crashes.

The page author should split up the graphs, but there is no malicious intent.

On 10/16/2011 06:56 PM, skynet4ever wrote:
>
> Thank you for your replies. Of cause I have informed him about this
> issue! The email is already out. But from my point of view no Page
> content whatsoever should be able to do this to my System - maybe the
> browser can crash but not the hole System. Obviously this (a big Page)
> can happen so it should be handled in so way. Maybe there is a delimiter
> missing somewhere. If this is the case it is not entirely his fault
> alone.

well, you use the word “crash” and that not what happened here,
instead i had steady HIGH usages of cpu cycles by a combo of the
download, the firefox rendering engine and who know what else…the
desktop became very slow and unusable…i was unable to click FF
closed…but, that is NOT a crash…unusable because of being
overworked and crashing are two different things…

also, my KDE did not crash…TOO slow to be usable, but not crashed…

what i did was Ctrl+Alt+F1, logged in as myself, a simple user, and
launched top, saw firefox stuck at the top sucking big on the CPU , and
i killed it…went back to the desktop and saw it was STILL
overloaded…strange! back to the cli and i see thunderbird sucking bigh
time, so i kill it…

next back to the desktop and all is well…no problems, operating system
is ok (never stopped running or responding, did not crash), desktop is
ok (didn’t crash) and the birds are singing…NO CRASH…

i restarted firefox and it (stupid) automatically loaded all the pages
that were open when i killed it, and the whole cycle began again…and
again i couldn’t kill ff normally with a click…so, i killed it again
in top and when launching the next time i planned to quick close the tab
where the overloading site lived…but, this time i got a firefox page
saying (something like) This is embarassing, we can’t load some of the
tabs that were open when you shut down…and, gave me a chance to mark
the killer page to NOT open…

now, i wanna know how to tell FF to always open with my home page only!

–
DD
http://tinyurl.com/DD-Caveat
openSUSE®, the “German Automobiles” of operating systems

It did crash FF for me DenverD (repeatedly), and the desktop session as well. (FF 7.0.1, Suse 11.4, NV Proprietary 280.13)

OP - Don’t be so certain that page content can’t crash a browser - it certainly can. That it also crashes the desktop session is certainly interesting. As far a large page size just being expected to “work” - that is just not really how it goes in the real world. There is too much content on that page - no matter what else is going on. Rendering 35+ MB in one page in a browser is going to cause issues.

nrickert’s issue comments about a specially crafted image design to exploit a vulnerability in the browser / video driver is interesting. I did notice in Firebug that two images where aborted with the error: image corrupt or truncated. They were:

voro_facesDist_unperturbedAging.png
voro_faces_agingFit.png

This happened consistently. Though I’m not personally convinced these are malicious, I do think checking them out is a good idea. Use Firebug / the Chrome console and look at the content being loaded.

Lews Therin

On 16.10.2011 20:32, DenverD wrote:

>
> i restarted firefox and it (stupid) automatically loaded all the pages
> that were open when i killed it,

Not stupid, not even default.

>
> now, i wanna know how to tell FF to always open with my home page only!
>
Edit > Preferences > General

Vahis

openSUSE 11.4 (x86_64) 2.6.37.6-0.7-default main host
openSUSE 12.1 Beta 1 (x86_64) 3.1.0-rc7-3-desktop in VBox
openSUSE 11.4 (i586) 3.0.6-44-desktop “Tumbleweed” in EeePC 900

On 10/16/2011 07:48 PM, Vahis wrote:

> Edit > Preferences > General

yep, it is (and was) set to (the default) “Show my homepage” (and not
either of the other two choices)…however, despite that setting, the
first time i started it tried to open all tabs which were active when
i killed it…

the second time it gave up trying (as said) gave the chance to deselect
pages…

perhaps the “Show my homepage” setting is not respected when it is
killed (which it might ‘see’ as a “crash” and try to auto-recover when
kicked off again??)

–
DD
openSUSE®, the “German Automobiles” of operating systems

On 10/16/2011 07:56 PM, LewsTherinTelemon wrote:
>
> It did crash FF for me DenverD (repeatedly), and the desktop session as
> well. (FF 7.0.1, Suse 11.4, NV Proprietary 280.13)

i suspect we have sufficiently different systems to have different
experiences…for example mine is 32 bit Atom with only one meg of RAM,
and a integrated intel graphic…when trying to load the page
everything slowed WAY down…i wasted little time getting to the full
screen console and killing it…maybe if i had a faster machine and
a nice nvidia graphics i would also have gotten to the video offering
which (i think) is what caused your crash…

but, i AM guessing…

anyway, i repeat: the page didn’t crash my firefox 7.0.1, or kde4.6.0,
or kdm or openSUSE 11.4

>
> nrickert’s issue comments about a specially crafted image design to
> exploit a vulnerability in the browser / video driver is interesting.

i don’t have the capability to determine if that is true or not, but i
can (safely) get to http://nexuslab.phas.ubc.ca/wiki/ where i see the
“RecentWork” offered for review…and, if it is an attack, i doubt
the student doing the research intended for it to be…but, who knows?

–
DD
http://www.youtube.com/watch?v=wDlM47j0Ae8
openSUSE®, the “German Automobiles” of operating systems

On 16.10.2011 21:03, DenverD wrote:
> On 10/16/2011 07:48 PM, Vahis wrote:
>
>> Edit > Preferences > General
>
> yep, it is (and was) set to (the default) “Show my homepage” (and not
> either of the other two choices)…however, despite that setting, the
> first time i started it tried to open all tabs which were active when
> i killed it…
>
> the second time it gave up trying (as said) gave the chance to deselect
> pages…
>
> perhaps the “Show my homepage” setting is not respected when it is
> killed (which it might ‘see’ as a “crash” and try to auto-recover when
> kicked off again??)
>

I seem to have FF respecting that setting here, in all openSUSE versions.

I do have an other-OS-7 machine here where that setting is greyed out
altogether and I can’t opt to opening my tabs at all.
I asked about it a while ago in a group for that other OS. Never got a
reply…

There might be a setting for this somewhere in about:config but I can’t
remember what it is.

Vahis

http://waxborg.servepics.com
openSUSE 11.4 (x86_64) 2.6.37.6-0.7-default main host
openSUSE 12.1 Beta 1 (x86_64) 3.1.0-rc7-3-desktop in VBox
openSUSE 11.4 (i586) 3.0.6-44-desktop “Tumbleweed” in EeePC 900

Your friend should reduce the size of the png graphics used just to show a
small preview, he can create a small reolution image for the preview and a
link to show the big one, downloading one of the visibly “small” images
showed me that they are 4080x3120 pixel in size, which is IMHO nonsense for
just showing it in a highly reduced size on the page.
My system slowed down because it used all the 3Gig of RAM in it plus 859 MB
swap space just to show that page (the Eee PC below).
For a short time it looked like a freeze of my system (but it was not).

–
PC: oS 11.4 64 bit | Intel Core i7-2600@3.40GHz | KDE 4.6.0 | GeForce GT 420
| 16GB Ram
Eee PC 1201n: oS 11.4 64 bit | Intel Atom 330@1.60GHz | KDE 4.7.2 | nVidia
ION | 3GB Ram

On 2011-10-16 20:03, DenverD wrote:

> perhaps the “Show my homepage” setting is not respected when it is killed
> (which it might ‘see’ as a “crash” and try to auto-recover when kicked off
> again??)

Yes. It is a feature.

–
Cheers / Saludos,

Carlos E. R.
(from 11.4 x86_64 “Celadon” at Telcontar)

On 2011-10-16 20:15, DenverD wrote:
> for example mine is 32 bit Atom with only one meg of RAM

Made circa 1980? >:-P

–
Cheers / Saludos,

Carlos E. R.
(from 11.4 x86_64 “Celadon” at Telcontar)

The webmaster simply does not understand how to construct a web page. Images are typically 10 megapixels in spatial dimension as opposed to normal web images of circa 0.5 megapixels dimension. That’s a factor of about 50. The webmaster puts the humongous images on the page and uses html (or css) codes to tell browsers to display them “smaller” by a factor of about 100. And the page contains many images. Browsers can’t cope. End of story. Fix the overloaded page and you fix the problem.

There’s no malice in this, just inexperience by person who wrote the web page.

On 10/16/2011 02:18 PM, Carlos E. R. wrote:
> On 2011-10-16 20:15, DenverD wrote:
>> for example mine is 32 bit Atom with only one meg of RAM
>
> Made circa 1980?>:-P

It only behaves that way!

I have never been sure what market Intel was trying to get with the Atom, but I
sure get good battery life fom my HP Mini 110 Netbook. Too bad I only fire it up
every 10 days, or so, to check if b43 is still working with its variant of the
BCM4312 (14e4:4315). At least the machine was donated to me.

On 2011-10-16 21:36, swerdna wrote:
> There’s no malice in this, just inexperience by person who wrote the
> web page.

What will happen when google scans it? I’m curious.

–
Cheers / Saludos,

Carlos E. R.
(from 11.4 x86_64 “Celadon” at Telcontar)

On 2011-10-16 21:48, Larry Finger wrote:
> On 10/16/2011 02:18 PM, Carlos E. R. wrote:
>> On 2011-10-16 20:15, DenverD wrote:
>>> for example mine is 32 bit Atom with only one meg of RAM
>>
>> Made circa 1980?>:-P
>
> It only behaves that way!
>
> I have never been sure what market Intel was trying to get with the Atom,
> but I sure get good battery life fom my HP Mini 110 Netbook. Too bad I only
> fire it up every 10 days, or so, to check if b43 is still working with its
> variant of the BCM4312 (14e4:4315). At least the machine was donated to me.

You did not understand my meaning. A computer with only 1 MB is a
contemporary of the original IBM PC with an 8088. If it has a 32 bits bus
it is a waste of bus space.

–
Cheers / Saludos,

Carlos E. R.
(from 11.4 x86_64 “Celadon” at Telcontar)

I don’t think Google bothers about that. I think it’s even worse that swerdna thinks, I’ve seen these huge pngs with research graphs.