Large OOM in mozilla::WebGLContext::TexImage2D_base

VERIFIED FIXED in Firefox 34

Status

()

defect
--
critical
VERIFIED FIXED
5 years ago
5 years ago

People

(Reporter: cbadau, Assigned: jgilbert)

Tracking

({crash})

33 Branch
mozilla36
x86
Windows 7
Points:
---
Bug Flags:
qe-verify +

Firefox Tracking Flags

(firefox34 verified, firefox35 verified, firefox36 verified, firefox-esr31 fixed, b2g-v2.1 fixed, b2g-v2.2 fixed)

Details

(crash signature)

Attachments

(1 attachment, 1 obsolete attachment)

This bug was filed from the Socorro interface and it's crash report is: 
https://crash-stats.mozilla.com/report/index/bp-4202571a-33ac-47a7-9aa7-211bf2141008 . 

I had Google Maps, Youtube and many other sites opened. I don't have proper STR but it crashes while navigating on Google Maps, on street view for quite a while (>15 minutes). 
I reproduced the crash on Firefox 33 RC on Windows 7 32bit. 

In the last week 1276 crashes on Windows 7 32bit occured with this signature. 

Other crash reports:
https://crash-stats.mozilla.com/report/index/d3738afa-2806-4f56-b6f8-4fe5d2140909
https://crash-stats.mozilla.com/report/index/ba569f13-e9f9-4325-829f-8a37b2140910
Keywords: crash

Updated

5 years ago
Summary: Crash in [@ OOM | large | mozalloc_abort(char const* const) | mozalloc_handle_oom(unsigned int) | moz_xmalloc | mozilla::WebGLContext::TexImage2D_base(unsigned int, int, unsigned int, int, int, int, int, unsigned int, unsigned int, void*, unsigned int, in → Large OOM in mozilla::WebGLContext::TexImage2D_base
Assignee

Comment 1

5 years ago
Assignee: nobody → jgilbert
Attachment #8503492 - Flags: review?(dglastonbury)
Attachment #8503492 - Flags: review?(dglastonbury) → review+
Assignee

Comment 3

5 years ago
r=kamidphish
Attachment #8503492 - Attachment is obsolete: true
Attachment #8504291 - Flags: review+
All good except for the patch description, which says "infallible and handled" instead of "fallible and handled". :-) (Made me stop and look.)
Assignee

Comment 5

5 years ago
Ahhh, annoying! Sorry about that!
Assignee

Comment 6

5 years ago
Comment on attachment 8504291 [details] [diff] [review]
0001-Large-allocs-should-be-fallible-and-handled.patch

Approval Request Comment
[Feature/regressing bug #]: n/a
[User impact if declined]: Crashes!
[Describe test coverage new/current, TBPL]: None.
[Risks and why]: Negative. :P
[String/UUID change made/needed]: None.
Attachment #8504291 - Flags: approval-mozilla-beta?
Attachment #8504291 - Flags: approval-mozilla-aurora?
https://hg.mozilla.org/mozilla-central/rev/dc127a8d08f6
Status: NEW → RESOLVED
Closed: 5 years ago
Resolution: --- → FIXED
Target Milestone: --- → mozilla36
Attachment #8504291 - Flags: approval-mozilla-beta?
Attachment #8504291 - Flags: approval-mozilla-beta+
Attachment #8504291 - Flags: approval-mozilla-aurora?
Attachment #8504291 - Flags: approval-mozilla-aurora+
Assignee

Comment 9

5 years ago
Thanks!
Flags: qe-verify+
QA Contact: camelia.badau
I verified the bug on Windows 7 32bit using Firefox 34 Beta 2 (buildID: 20141020184313) and it seems to be fixed (no crash occurs). 
I'll keep an eye on Soccoro in the next couple of days to ensure that no crashes will occur before changing the Status of the bug.
Checking Soccoro no other crashes were noticed on FF34.0b, FF35 and FF36 versions on the latest 4 weeks post fix.
Marking this bug as verified
Assignee

Comment 14

5 years ago
Comment on attachment 8504291 [details] [diff] [review]
0001-Large-allocs-should-be-fallible-and-handled.patch

[Approval Request Comment]
If this is not a sec:{high,crit} bug, please state case for ESR consideration: Low risk OOM fix.
User impact if declined: OOMs.
Fix Landed on Version: 36
Risk to taking this patch (and alternatives if risky): low
String or UUID changes made by this patch: none

See https://wiki.mozilla.org/Release_Management/ESR_Landing_Process for more info.
Flags: needinfo?(jgilbert)
Attachment #8504291 - Flags: approval-mozilla-esr31?
Attachment #8504291 - Flags: approval-mozilla-esr31? → approval-mozilla-esr31+
You need to log in before you can comment on or make changes to this bug.