Closed
Bug 1027107
Opened 10 years ago
Closed 10 years ago
Large OOM in mozilla::gfx::AlphaBoxBlur::Blur
Categories
(Core :: Graphics, defect)
Tracking
()
VERIFIED
FIXED
mozilla33
People
(Reporter: kairo, Assigned: mattwoodrow)
References
Details
(Keywords: crash)
Crash Data
Attachments
(1 file)
1.41 KB,
patch
|
bas.schouten
:
review+
Sylvestre
:
approval-mozilla-aurora+
Sylvestre
:
approval-mozilla-beta+
|
Details | Diff | Splinter Review |
This may or may not be related to bug 986502, but the function is different, so filing as a new one. This is a "OOM | large", so it probably need to use a fallible allocator instead of an infallible one. Links to more reports: Android signature: https://crash-stats.mozilla.com/report/list?signature=OOM+%7C+large+%7C+mozalloc_abort%28char+const%2A%29+%7C+mozalloc_handle_oom%28unsigned+int%29+%7C+moz_xmalloc+%7C+mozilla%3A%3Agfx%3A%3AAlphaBoxBlur%3A%3ABlur%28unsigned+char%2A%29 Windows (low-volume) signature: https://crash-stats.mozilla.com/report/list?signature=OOM+%7C+large+%7C+mozalloc_abort%28char+const%2A+const%29+%7C+mozalloc_handle_oom%28unsigned+int%29+%7C+moz_xmalloc+%7C+mozilla%3A%3Agfx%3A%3AAlphaBoxBlur%3A%3ABlur%28unsigned+char%2A%29
Comment 1•10 years ago
|
||
I can reproduce this on my HTC One (M8) and nightly Fennec, by loading http://www.lionsgate.com/movies/ and either just waiting, or zooming in and out and panning around. There's a hang, then a crash: https://crash-stats.mozilla.com/report/index/67b427ff-a1da-4b2c-8241-e75c02140619
Updated•10 years ago
|
Severity: normal → critical
Reporter | ||
Comment 2•10 years ago
|
||
I did see this three times today on my Nexus 10 with all current updates (Android 4.4.4) and yesterday's Nightly build while reading http://ascii.textfiles.com/archives/4306, see bp-cefebc15-84e0-4baa-88c4-310932140708 bp-ec8cba2b-c032-4bfb-9e63-098bc2140708 and bp-331d5f10-c97b-45f8-8958-6eeed2140708
Reporter | ||
Comment 3•10 years ago
|
||
My stacks come from gfxAlphaBoxBlur::DoBlur at http://hg.mozilla.org/mozilla-central/annotate/81691a55e60f/gfx/thebes/gfxBlur.cpp#l117 which was last changed by Matt Woodrow in bug 940845. Matt, is this connected to your work?
Flags: needinfo?(matt.woodrow)
Assignee | ||
Comment 4•10 years ago
|
||
Nope, but seems easy enough to fix.
Assignee: nobody → matt.woodrow
Attachment #8452110 -
Flags: review?(bas)
Flags: needinfo?(matt.woodrow)
Reporter | ||
Comment 5•10 years ago
|
||
Kevin, just FYI, this OOM crash is happening quite a bit on Android trunk.
Reporter | ||
Comment 6•10 years ago
|
||
And from stats, it looks like everything starting with 30 is seeing this to some degree. If the fix is low-risk, maybe we want this for 31 still.
status-firefox30:
--- → affected
status-firefox31:
--- → affected
status-firefox32:
--- → affected
status-firefox33:
--- → affected
Comment 7•10 years ago
|
||
Is this any different than bug 1028802?
Reporter | ||
Comment 8•10 years ago
|
||
(In reply to Kevin Brosnan [:kbrosnan] from comment #7) > Is this any different than bug 1028802? The crash here is marked as OOM, while the other one isn't. It probably needs a dev to find out if they are related or not.
Updated•10 years ago
|
Attachment #8452110 -
Flags: review?(bas) → review+
Assignee | ||
Comment 9•10 years ago
|
||
https://hg.mozilla.org/integration/mozilla-inbound/rev/25e05badc128
Comment 12•10 years ago
|
||
https://hg.mozilla.org/mozilla-central/rev/25e05badc128
Status: NEW → RESOLVED
Closed: 10 years ago
Resolution: --- → FIXED
Target Milestone: --- → mozilla33
Comment 13•10 years ago
|
||
The crash stats seem to suggest we should take this on branches.
Comment 14•10 years ago
|
||
Comment on attachment 8452110 [details] [diff] [review] Use fallible allocations Approval Request Comment [Feature/regressing bug #]: code has been this way for years, but is now being triggered with large allocations for some reason [User impact if declined]: crashes [Describe test coverage new/current, TBPL]: been on m-c [Risks and why]: practically zero, since it just makes us skip the blur step and not crash if we can't allocate enough memory for it [String/UUID change made/needed]: none
Attachment #8452110 -
Flags: approval-mozilla-beta?
Attachment #8452110 -
Flags: approval-mozilla-aurora?
Comment 15•10 years ago
|
||
Comment on attachment 8452110 [details] [diff] [review] Use fallible allocations Should be low risk. Comment #6 and #13 both suggest we should take it. Taking it.
Attachment #8452110 -
Flags: approval-mozilla-beta?
Attachment #8452110 -
Flags: approval-mozilla-beta+
Attachment #8452110 -
Flags: approval-mozilla-aurora?
Attachment #8452110 -
Flags: approval-mozilla-aurora+
Comment 16•10 years ago
|
||
https://hg.mozilla.org/releases/mozilla-aurora/rev/54681c0522d0 https://hg.mozilla.org/releases/mozilla-beta/rev/27f25e1d82ad
Updated•10 years ago
|
Comment 17•10 years ago
|
||
No crashes in Socorro for both signatures after 2014-07-10: 1. [@ OOM | large | mozalloc_abort(char const* const) | mozalloc_handle_oom(unsigned int) | moz_xmalloc | mozilla::gfx::AlphaBoxBlur::Blur(unsigned char*)] signature: -> for 31.0b: https://crash-stats.mozilla.com/report/list?signature=OOM+%7C+large+%7C+mozalloc_abort%28char+const%2A+const%29+%7C+mozalloc_handle_oom%28unsigned+int%29+%7C+moz_xmalloc+%7C+mozilla%3A%3Agfx%3A%3AAlphaBoxBlur%3A%3ABlur%28unsigned+char%2A%29&product=Firefox&query_type=contains&range_unit=weeks&process_type=any&version=Firefox%3A31.0b&hang_type=any&date=2014-07-15+10%3A00%3A00&range_value=1#tab-reports -> for 32.0a2: https://crash-stats.mozilla.com/report/list?signature=OOM+%7C+large+%7C+mozalloc_abort%28char+const%2A+const%29+%7C+mozalloc_handle_oom%28unsigned+int%29+%7C+moz_xmalloc+%7C+mozilla%3A%3Agfx%3A%3AAlphaBoxBlur%3A%3ABlur%28unsigned+char%2A%29&product=Firefox&query_type=contains&range_unit=weeks&process_type=any&version=Firefox%3A32.0a2&hang_type=any&date=2014-07-15+11%3A00%3A00&range_value=1#tab-reports -> for 33.0a1: https://crash-stats.mozilla.com/report/list?signature=OOM+%7C+large+%7C+mozalloc_abort%28char+const%2A+const%29+%7C+mozalloc_handle_oom%28unsigned+int%29+%7C+moz_xmalloc+%7C+mozilla%3A%3Agfx%3A%3AAlphaBoxBlur%3A%3ABlur%28unsigned+char%2A%29&product=Firefox&query_type=contains&range_unit=weeks&process_type=any&version=Firefox%3A33.0a1&hang_type=any&date=2014-07-15+11%3A00%3A00&range_value=1#tab-reports 2. [@ OOM | large | mozalloc_abort(char const*) | mozalloc_handle_oom(unsigned int) | moz_xmalloc | mozilla::gfx::AlphaBoxBlur::Blur(unsigned char*)] signature: -> for 31.0b: https://crash-stats.mozilla.com/report/list?signature=OOM+%7C+large+%7C+mozalloc_abort%28char+const%2A+const%29+%7C+mozalloc_handle_oom%28unsigned+int%29+%7C+moz_xmalloc+%7C+mozilla%3A%3Agfx%3A%3AAlphaBoxBlur%3A%3ABlur%28unsigned+char%2A%29&product=Firefox&query_type=contains&range_unit=weeks&process_type=any&version=Firefox%3A31.0b&hang_type=any&date=2014-07-15+11%3A00%3A00&range_value=1#tab-reports -> for 32.0a2: https://crash-stats.mozilla.com/query/?product=Firefox&version=Firefox%3A32.0a2&range_value=1&range_unit=weeks&date=07%2F15%2F2014+11%3A00%3A00&query_search=signature&query_type=contains&query=OOM+%7C+large+%7C+mozalloc_abort%28char+const*%29+%7C+mozalloc_handle_oom%28unsigned+int%29+%7C+moz_xmalloc+%7C+mozilla%3A%3Agfx%3A%3AAlphaBoxBlur%3A%3ABlur%28unsigned+char*%29&reason=&release_channels=&build_id=&process_type=any&hang_type=any -> for 33.0a1: https://crash-stats.mozilla.com/query/?product=Firefox&version=Firefox%3A33.0a1&range_value=1&range_unit=weeks&date=07%2F15%2F2014+11%3A00%3A00&query_search=signature&query_type=contains&query=OOM+%7C+large+%7C+mozalloc_abort%28char+const*%29+%7C+mozalloc_handle_oom%28unsigned+int%29+%7C+moz_xmalloc+%7C+mozilla%3A%3Agfx%3A%3AAlphaBoxBlur%3A%3ABlur%28unsigned+char*%29&reason=&release_channels=&build_id=&process_type=any&hang_type=any Although, I suggest we wait one more week to collect more data before calling this fixed.
Comment 18•10 years ago
|
||
Going through Socorro, I get the following for crashes in the past 28 days: 1. [@ OOM | large | mozalloc_abort(char const* const) | mozalloc_handle_oom(unsigned int) | moz_xmalloc | mozilla::gfx::AlphaBoxBlur::Blur(unsigned char*)] signature (https://crash-stats.mozilla.com/report/list?signature=OOM+%7C+large+%7C+mozalloc_abort%28char+const%2A+const%29+%7C+mozalloc_handle_oom%28unsigned+int%29+%7C+moz_xmalloc+%7C+mozilla%3A%3Agfx%3A%3AAlphaBoxBlur%3A%3ABlur%28unsigned+char%2A%29&range_value=28&range_unit=days&date=2014-07-15#tab-reports): -> for 31.0b: 0 crashes in builds newer than July 7th (20140707160635) -> for 32.0a2: 0 crashes in builds newer than July 7th (20140707004006) -> for 33.0a1: 0 crashes in builds newer than July 8th (20140708030203) 2. [@ OOM | large | mozalloc_abort(char const*) | mozalloc_handle_oom(unsigned int) | moz_xmalloc | mozilla::gfx::AlphaBoxBlur::Blur(unsigned char*)] signature (https://crash-stats.mozilla.com/report/list?range_unit=days&range_value=28&signature=OOM+%7C+large+%7C+mozalloc_abort%28char+const%2A%29+%7C+mozalloc_handle_oom%28unsigned+int%29+%7C+moz_xmalloc+%7C+mozilla%3A%3Agfx%3A%3AAlphaBoxBlur%3A%3ABlur%28unsigned+char%2A%29#tab-reports): -> for 31.0b: 0 crashes in builds newer than July 7th (20140707155504) -> for 32.0a2: 0 crashes in builds newer than June 19th (20140619004025) -> for 33.0a1: 0 crashes in builds newer than July 9th (20140709030201) Marking verified since there don't seem to be any new crash reports since ~2 weeks.
Status: RESOLVED → VERIFIED
Keywords: verifyme
Comment 19•10 years ago
|
||
(In reply to Florin Mezei, QA (:FlorinMezei) from comment #18) > 1. [@ OOM | large | mozalloc_abort(char const* const) | > mozalloc_handle_oom(unsigned int) | moz_xmalloc | > mozilla::gfx::AlphaBoxBlur::Blur(unsigned char*)] signature > (https://crash-stats.mozilla.com/report/ > list?signature=OOM+%7C+large+%7C+mozalloc_abort%28char+const%2A+const%29+%7C+ > mozalloc_handle_oom%28unsigned+int%29+%7C+moz_xmalloc+%7C+mozilla%3A%3Agfx%3A > %3AAlphaBoxBlur%3A%3ABlur%28unsigned+char%2A%29&range_value=28&range_unit=day > s&date=2014-07-15#tab-reports): The correct URL is: https://crash-stats.mozilla.com/report/list?range_unit=days&range_value=28&signature=OOM+%7C+large+%7C+mozalloc_abort%28char+const%2A+const%29+%7C+mozalloc_handle_oom%28unsigned+int%29+%7C+moz_xmalloc+%7C+mozilla%3A%3Agfx%3A%3AAlphaBoxBlur%3A%3ABlur%28unsigned+char%2A%29#tab-reports
You need to log in
before you can comment on or make changes to this bug.
Description
•