Closed
Bug 1166349
Opened 9 years ago
Closed 9 years ago
crash in OOM | large | NS_ABORT_OOM(unsigned int) | nsACString_internal::Replace(unsigned int, unsigned int, char const*, unsigned int)
Categories
(Core :: DOM: Core & HTML, defect)
Tracking
()
RESOLVED
FIXED
mozilla41
People
(Reporter: away, Assigned: away)
Details
(Keywords: crash)
Crash Data
Attachments
(1 file, 2 obsolete files)
|
1.60 KB,
patch
|
smaug
:
review+
lizzard
:
approval-mozilla-aurora+
lizzard
:
approval-mozilla-beta+
Sylvestre
:
approval-mozilla-release-
|
Details | Diff | Splinter Review |
This bug was filed from the Socorro interface and is report bp-ef0d5b78-31e2-4fbb-9e65-528d82150515. ============================================================= This is a top crash on 38.0.1 (by the old metrics at least). Don't trust the stack on crash-stats. It actually goes like: xul!nsACString_internal::Replace xul!nsACString_internal::Append xul!nsXMLHttpRequest::StreamReaderFunc It's clear that the code is prepared to handle allocation failure. I guess it just needs to make a fallible call.
Assignee: nobody → dmajor
Attachment #8607613 -
Flags: review?(jonas)
Sorry, had some unrelated files in the previous patch
Attachment #8607613 -
Attachment is obsolete: true
Attachment #8607613 -
Flags: review?(jonas)
Attachment #8607617 -
Flags: review?(jonas)
[Tracking Requested - why for this release]: Moderate topcrash on 38.0.1; easy fix
status-firefox38.0.5:
--- → affected
status-firefox39:
--- → affected
status-firefox40:
--- → affected
tracking-firefox38.0.5:
--- → ?
Comment on attachment 8607617 [details] [diff] [review] fallible allocation Review of attachment 8607617 [details] [diff] [review]: ----------------------------------------------------------------- This looks good to me, though it'd be good to add a test. But maybe such a test would take too long to run?
Attachment #8607617 -
Flags: review?(jonas) → review+
Comment on attachment 8607617 [details] [diff] [review] fallible allocation Review of attachment 8607617 [details] [diff] [review]: ----------------------------------------------------------------- Leaving it up to Olli if we need tests or not.
Attachment #8607617 -
Flags: review?(bugs)
|
||
Updated•9 years ago
|
Attachment #8607617 -
Flags: review?(bugs) → review+
|
|
||
Comment 6•9 years ago
|
||
I don't know how we could test this reliably. OOM might happen on server side, or if using data: urls, it might happen while creating the url (either on JS side or in C++)
FWIW, I consider the stability people who constantly watch crash-stats, to be a kind of test :)
|
||
Comment 9•9 years ago
|
||
Backed out for Werror bustage. https://treeherder.mozilla.org/logviewer.html#?job_id=9981697&repo=mozilla-inbound https://hg.mozilla.org/integration/mozilla-inbound/rev/39f481e86829
|
Assignee | |
Comment 10•9 years ago
|
||
I thought about just landing this to fix the bustage, but given that this may be rushed up to beta, another review seemed prudent.
Attachment #8607617 -
Attachment is obsolete: true
Attachment #8607876 -
Flags: review?(bugs)
|
|
||
Updated•9 years ago
|
Attachment #8607876 -
Flags: review?(bugs) → review+
|
|
||
Comment 12•9 years ago
|
||
Backed out for Werror bustage. https://treeherder.mozilla.org/logviewer.html#?job_id=10003610&repo=mozilla-inbound
|
||
Comment 13•9 years ago
|
||
Backout: https://hg.mozilla.org/integration/mozilla-inbound/rev/1757ff5613db
|
|
Assignee | |
Comment 14•9 years ago
|
||
Ok, if this fails, I give up on this bug >:( https://treeherder.mozilla.org/#/jobs?repo=try&revision=a80bba91d119
|
||
Comment 16•9 years ago
|
||
https://hg.mozilla.org/mozilla-central/rev/529142f49290
Status: NEW → RESOLVED
Closed: 9 years ago
status-firefox41:
--- → fixed
Resolution: --- → FIXED
Target Milestone: --- → mozilla41
|
|
Assignee | |
Comment 17•9 years ago
|
||
Take that, Werror!
|
|
Assignee | |
Comment 18•9 years ago
|
||
Comment on attachment 8607876 [details] [diff] [review] fallible allocation For some reason this has dropped in volume on 38.0.1 since I filed the bug. If I were looking at the crash lists today, I wouldn't open a bug on this. But we already have the patch and it's an easy fix... relman I leave it up to you. Approval Request Comment [Feature/regressing bug #]: memory exhaustion [User impact if declined]: OOM crashes that we might have otherwise survived [Describe test coverage new/current, TreeHerder]: green m-i [Risks and why]: trivial change [String/UUID change made/needed]: none
Attachment #8607876 -
Flags: approval-mozilla-release?
Attachment #8607876 -
Flags: approval-mozilla-beta?
Attachment #8607876 -
Flags: approval-mozilla-aurora?
Comment on attachment 8607876 [details] [diff] [review] fallible allocation Let's take this for aurora and beta. This may help us forestall other OOM errors. And, David has defeated the mighty Werror.
Attachment #8607876 -
Flags: approval-mozilla-beta?
Attachment #8607876 -
Flags: approval-mozilla-beta+
Attachment #8607876 -
Flags: approval-mozilla-aurora?
Attachment #8607876 -
Flags: approval-mozilla-aurora+
|
||
Comment 22•8 years ago
|
||
Comment on attachment 8607876 [details] [diff] [review] fallible allocation This will ride the train from 39.
Attachment #8607876 -
Flags: approval-mozilla-release? → approval-mozilla-release-
|
|
||
Updated•8 years ago
|
|
||
Updated•5 years ago
|
Component: DOM → DOM: Core & HTML
You need to log in
before you can comment on or make changes to this bug.
Description
•