Closed
Bug 1191823
Opened 9 years ago
Closed 9 years ago
Minimize memory usage in about:memory makes some website crash
Categories
(Core :: Storage: IndexedDB, defect)
Tracking
()
RESOLVED
DUPLICATE
of bug 1152026
People
(Reporter: autra, Unassigned)
References
Details
(Keywords: sec-high, Whiteboard: [adv-main43-])
# In firefox desktop
[Steps]
- Visit https://autra.github.io/bug_test_case/aboutmemory_worker_asyncstorage/views/main/index.html)
- click on the forward button (once is enough)
- go to about:memory in another tab
- click on "minimize memory usage"
[Expected]
It does not crash and you can measure memory :-)
[Actual]
All the tabs crashes.
Stacktrace: https://pastebin.mozilla.org/8841853
# In firefox OS:
[Steps]
- Download https://github.com/autra/bug_test_case/archive/gh-pages.zip and install the app in aboutmemory_worker_asyncstorage/ with the WebIDE.
- start the app
- put it in the background
- execute
> python ./tools/get_about_memory.py -m --no-gc-cc-log --no-kgsl-logs
from inside the cloned b2g folder
[Expected]
The app does not crash and you can measure memory
[Actual]
The app crashes
stacktrace https://pastebin.mozilla.org/8841856
Apparently, it has to do with a combination of workers and indexed DB after we terminate the worker. (putting the tab/app into background terminate the worker in the website linked above).
It does not crash if we put the indexedDB code into the main thread.
It does not crash if we measure while the app/tab is in foreground (so when the worker is alive).
Sorry for the big test case, I'll try to minimize it if I have time.
Group: core-security
Comment 1•9 years ago
|
||
This sounds like some kind of use-after-free, so I'm going to mark it sec-high.
Keywords: sec-high
What versions have you tested on? This is probably the promises + IDB on workers bug.
Flags: needinfo?(augustin.trancart)
Reporter | ||
Comment 3•9 years ago
|
||
Tested on nightly. Shame on me, I didn't get the exact build number, sorry for that
Flags: needinfo?(augustin.trancart)
Reporter | ||
Comment 4•9 years ago
|
||
But I can't reproduce on today's nightly for desktop :-) So it seems to have been fixed between 2015-08-06 and today (2015-08-20)
Comment 5•9 years ago
|
||
For clarity, the fix landed 2015-08-11, https://bugzilla.mozilla.org/show_bug.cgi?id=1179909#c17
Comment 6•9 years ago
|
||
Fixed in 43 by bug 1179909. 42 is still affected.
Status: NEW → RESOLVED
Closed: 9 years ago
status-firefox43:
--- → fixed
Depends on: 1179909
Resolution: --- → WORKSFORME
Resolution: WORKSFORME → DUPLICATE
Updated•9 years ago
|
Group: core-security → core-security-release
Updated•9 years ago
|
Whiteboard: [adv-main43-]
Updated•8 years ago
|
Group: core-security-release
You need to log in
before you can comment on or make changes to this bug.
Description
•