Pure HTML still crashing IE after three years.

February 6th, 2010 admin Posted in General Rants, Interesting | 8 Comments »

A while ago I was testing a quick tag parser to determine how many HTML tags were present in pages (the things we programmers do from time to time.) I then, to count the offset, made a quick page with mismatched (malformed) HTML tables.

The result would bring Internet Explorer 5 to its knees consuming 100% of available CPU resources and start a slow and stead ramp of memory consumption. I contacted several sources at Microsoft (via posts to MSDN forums) and found a very friendly and knowledgeable tech at Microsoft who examined the HTML, concurred that it was a fault in an HTML rendering DLL and would be resolved on the next patch release.

I never gave it much thought till I ran into the HTML file a while ago and decided to see what Chrome did with it. Well, sure enough, while Chrome, Firefox and Opera all render the pages (albeit completely different from each other) Internet Explorer still crashes. Now, IE (on a dual core machine) will consume 50% of the CPU and hang in the file ietutil.dll(Ordinal405+0x1e). Exploring the process (using process explorer) reveals roughly fifteen calls hanging in msls31.dll!LsQueryLineCpPpoint+0xb0e and some 50+ calls hanging in mshtml.dll!DllGetClassObject+0xa0398.

To this day I have no idea why IE crashes on pure HTML. There is no JavaScript trickery, no ActiveX modifications, no Flash buffer overrun, nothing save pure HTML bringing down IE.

I had considered adding it to every single webpage so anyone using IE would quickly get sick of it and start using another browser but that would be too easy.

So I present the IECRASH.HTML file to you to view. In any browser but IE it will look like a gibberish of malformed tables (squares in Firefox, a nice pyramid in Chrome and a rather well calculated attempt to show the tables in Opera.)

Viewing the file in IE will crash you, you have been amply warned.

Here is the mismatch count breakdown:

Table Starts : 164
Table Ends : 180
Table Row Start : 344
Table Row End : 0
Table Data Start : 164
Table Data End : 180


You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.

8 Responses to “Pure HTML still crashing IE after three years.”

  1. David Jamerson Says:
    March 14th, 2010 at 11:30 am

    Just tried it from my Server 2003 machine and it locked up Internet Explorer at 25% but I have a four core machine here. Maybe a race condition?

  2. Todd Says:
    March 31st, 2010 at 11:50 am

    Safari 3 handles it like a champ

  3. Original Sin Says:
    March 31st, 2010 at 12:07 pm

    It crashed my Firefox too.

  4. links.ptrtovoid.net Says:
    March 31st, 2010 at 2:13 pm

    Pure HTML still crashing IE after three years….

    Nice way to crash IE of all versions….

  5. fimez Says:
    March 31st, 2010 at 4:22 pm

    Works on FF 3.7a2 on OSX 10.5.8

  6. Ryan Kearney Says:
    March 31st, 2010 at 5:19 pm

    @David Jamerson I just did it on Windows 7 x64 with Internet Explorer 8. IE locked up at 13% usage (I have an 8 core machine) and I had to force quit it.

  7. Skippy Says:
    March 31st, 2010 at 9:15 pm

    Windows 7 x32 running IE8 (8.0.7600.16385).. no problems.

  8. Greg Merideth » Blog Archive » Pure HTML table crash effects IE9 as well…go figure Says:
    June 22nd, 2011 at 11:35 am

    [...] Here's the original page http://www.gregmerideth.net/?p=87 [...]

Leave a Reply

«
»