Crashing Firefox 1.0.0 in One Line of Code
I was looking at a bug report for sIFR today. It discussed how sIFR 3 crashed Firefox 1.0.0 on Windows. After the better part of the evening, here’s what I found: if you create a non-anonymous method, declare a variable inside it and set a property on the function object with the same name as the variable (and whatever value, I used null), Firefox 1.0.0 will crash after about ten seconds after loading the page. If it doesn’t, close the window and it should crash right away. It seems to be an issue in the JavaScript parser.
Here’s the code, adjusted for readability, but you bet this fits in one line!
(function nonAnonymousMethod() {
var aProperty;
}).aProperty = null;
In the case of sIFR, the parseSelector code contained a similar construct. Fixed now in r130.
Full testing details: Firefox 1.0.0 and Firefox 1.0.1 on Windows XP SP2 with the latest updates as of Sept 8, 2006. Firefox 1.0.0 crashes, Firefox 1.0.1 doesn’t. I therefore assume the problem will not occur in any versions later than 1.0.0. Download old Firefox versions.
This is great news Mark! Glad you’ve found it. (I’d been doing some real dirty browser detection on production sites to avoid this ff bug!)
manuel | 8 September 2006, 22:40 | link
Wow, never thought that it was so easy, fortunately we don´t have to work with this version….
Arzt | 11 November 2006, 12:23 | link
I looked at the list of JavaScript bugs fixed in Firefox 1.0.1 and it is really hard to tell. However, judging by the patches 277069 should be most likely the reason here.
Wladimir Palant | 10 January 2007, 11:39 | link
Interesting, thanks Wladimir.
Mark Wubben | 10 January 2007, 12:03 | link