Closed
Bug 762199
Opened 12 years ago
Closed 12 years ago
IndexedDB: checking availability of IDBTransaction constants in a Greasemonkey userscript crashes Firefox
Categories
(Core :: JavaScript Engine, defect)
Tracking
()
RESOLVED
FIXED
mozilla16
People
(Reporter: Omar_Hawk, Assigned: billm)
References
Details
(Keywords: addon-compat, crash, dev-doc-complete, Whiteboard: [js:p1:fx16])
Crash Data
Attachments
(1 file)
1.97 KB,
patch
|
Waldo
:
review+
|
Details | Diff | Splinter Review |
User Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:13.0) Gecko/20100101 Firefox/13.0 Build ID: 20120601045813 Steps to reproduce: When putting the following code into any Greasemonkey userscript (or in any other real AddOn; with userscripts, it is easier to test): if (IDBTransaction.READ_WRITE) alert('true'); Firefox crashes when the code is executed. The problem is, that these constants have been removed as of Firefox 13. Executing this code on a normal web page shows an alert containing 'true', which is also wrong. Crash report: https://crash-stats.mozilla.com/report/index/6398a357-d5c6-455f-9be8-cb5ec2120606 Actual results: Firefox crashed. Expected results: Firefox should not crash.
Updated•12 years ago
|
Assignee: nobody → general
Severity: normal → critical
Status: UNCONFIRMED → NEW
Crash Signature: [@ DefineProperty]
Component: Untriaged → JavaScript Engine
Ever confirmed: true
Keywords: crash
Product: Firefox → Core
QA Contact: untriaged → general
Comment 1•12 years ago
|
||
I found another add-on possibly affected by this: https://addons.mozilla.org/firefox/addon/web-highlighter-by-diigo/ I contacted the developers.
Keywords: addon-compat,
dev-doc-needed
Updated•12 years ago
|
Whiteboard: [js:p1]
Updated•12 years ago
|
Whiteboard: [js:p1] → [js:p1:fx16]
Assignee | ||
Comment 2•12 years ago
|
||
We have some indexeddb code that seems to try to keep these properties around for backwards compatibility. Bug 735094 seems to suggest that these will be removed in a few months. Nevertheless, I think the code functions as desired in content code. From chrome, we seem to go through some proxies, and we get all screwed up and crash because these properties are implemented using the tiny ID mechanism, which is somewhat broken and should be deprecated. This patch changes the indexeddb code so it doesn't use tiny IDs. It stops us from crashing.
Assignee: general → wmccloskey
Status: NEW → ASSIGNED
Attachment #635486 -
Flags: review?(jwalden+bmo)
Updated•12 years ago
|
Attachment #635486 -
Flags: review?(jwalden+bmo) → review+
Bill, I used tiny IDs in workers quite a bit... Should I be worried?
Assignee | ||
Comment 4•12 years ago
|
||
(In reply to ben turner [:bent] from comment #3) > Bill, I used tiny IDs in workers quite a bit... Should I be worried? Really? I didn't see any other uses, but maybe I didn't search for the right thing. Can you link to one or two places?
Comment 6•12 years ago
|
||
Those should be turned into JSNatives to make introspection show the right things (a getter function, no setter function, etc.), in which case the need for tinyids would coincidentally go away, I think. For the one case touched here, Bill said the code in question was going to die quickly enough that it probably wasn't worth the trouble to do anything like that.
Assignee | ||
Comment 7•12 years ago
|
||
https://hg.mozilla.org/integration/mozilla-inbound/rev/ef0f6e8707ae
Target Milestone: --- → mozilla16
Comment 8•12 years ago
|
||
https://hg.mozilla.org/mozilla-central/rev/ef0f6e8707ae
Status: ASSIGNED → RESOLVED
Closed: 12 years ago
Resolution: --- → FIXED
Updated•9 years ago
|
Keywords: dev-doc-needed → dev-doc-complete
You need to log in
before you can comment on or make changes to this bug.
Description
•