Denial of service - web workers and postMessage()
Categories
(Core :: DOM: Workers, defect, P3)
Tracking
()
People
(Reporter: lukas, Unassigned)
References
(Blocks 1 open bug)
Details
(Keywords: csectype-dos)
Attachments
(1 file)
|
572 bytes,
text/html
|
Details |
User Agent: Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:65.0) Gecko/20100101 Firefox/65.0
Steps to reproduce:
Hello,
while testing web workers and postMessage, I found a bug in the function postMessage(), which leads to a denial of service in firefox.
If postMessage() is used in an endless loop, then the message queue can't be processed correctly.
The ram is quickly filled up and firefox becomes unusable, the expected behaviour of a pop-up asking to stop the script did not appear.
Greetings
Lukas
Actual results:
The ram is quickly filled up and firefox becomes unusable - denial of service.
Expected results:
A pop-up asking to stop the script should appear.
|
||
Updated•6 years ago
|
|
||
Comment 1•6 years ago
|
||
Basically what we want here is to build on the work of bug 1300659 to also cover the case that the postMessage calls are happening without yielding control back to the event loop. After bug 1300659 we would pause the event loop if we had too many outgoing postMessages, then that regressed in bug 1426467, then it got fixed again in bug 1522316. Bug 1315803 is notionally what tracks that.
It could also make sense to flow the knowledge that the worker just seems to be a runaway worker back to the page for slow script/broken script tracking.
|
||
Updated•6 years ago
|
|
||
Updated•5 years ago
|
Description
•