Closed Bug 1264398 Opened 4 years ago Closed 4 years ago

[e10s] Copying a image causes 100% core CPU usage. And Nightly becomes unresponsive and hangs with 100% core CPU when switching tabs


(Core :: IPC, defect, critical)

48 Branch
Windows 7
Not set



Tracking Status
e10s m9+ ---
firefox47 --- unaffected
firefox48 + fixed


(Reporter: alice0775, Assigned: billm)



(4 keywords, Whiteboard: btpp-fixnow)


(1 file)

[Tracking Requested - why for this release]: hang

Build Identifier:
Mozilla/5.0 (Windows NT 6.1; WOW64; rv:48.0) Gecko/20100101 Firefox/48.0 ID:20160413030239

**original report

This seems to be e10s specific bug.
Reproduced on Nightly48.0a1, but not on Aurora47.0a2.

Steps To Reproduce:
1. Open several tabs
   (e.g.,  [about:home][about:home][about:home])
2. Open in a new tab
3. Wait for loading the image
4. Right click on the image and Copy image.
   --- observe 100% core CPU usage
5. Switch tabs
   --- observe Nightly becomes unresponsive and hangs with 100% core CPU.

Actual Results:
Nightly.exe consumes 100% core CPU.
Nightly becomes unresponsive and hangs with 100% core CPU.
Sometimes(not often), the content of all tabs gets replaced with a spinning throbber.

Expected Results:
not so.
Tried the STR and did not see what Alice sees. CPU% was negligible. 

Application Basics

Name: Firefox
Version: 48.0a1
Build ID: 20160413073236
Update Channel: default
User Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:48.0) Gecko/20100101 Firefox/48.0
OS: Windows_NT 10.0 x86-64
Multiprocess Windows: 1/1 (Enabled by user)
Safe Mode: false


Adapter Description: AMD Radeon (TM) R9 390 Series
Adapter Drivers: aticfx64 aticfx64 aticfx64 amdxc64 aticfx32 aticfx32 aticfx32 amdxc32 atiumd64 atidxx64 atidxx64 atiumdag atidxx32 atidxx32 atiumdva atiumd6a atitmm64
Adapter RAM: 4095
Asynchronous Pan/Zoom: wheel input enabled; touch input enabled
ClearType Parameters: D [ Gamma: 2200 Pixel Structure: R ClearType Level: 100 Enhanced Contrast: 50 ] D [ Gamma: 2200 Pixel Structure: R ClearType Level: 100 Enhanced Contrast: 50 ]
Device ID: 0x67b1
Direct2D Enabled: true
DirectWrite Enabled: true (10.0.10586.0)
Driver Date: 4-3-2016
Driver Version: 16.150.2211.1001
GPU #2 Active: false
GPU Accelerated Windows: 1/1 Direct3D 11 (OMTC)
Subsys ID: 00000000
Supports Hardware H264 Decoding: Yes; Using D3D11 API
Vendor ID: 0x1002
WebGL Renderer: Google Inc. -- ANGLE (AMD Radeon (TM) R9 390 Series Direct3D11 vs_5_0 ps_5_0)
windowLayerManagerRemote: true
AzureCanvasAccelerated: 0
AzureCanvasBackend: direct2d 1.1
AzureContentBackend: direct2d 1.1
AzureFallbackCanvasBackend: cairo
Regression window:

Suspect: dd3e03fcb06b	Bill McCloskey — Bug 1235633 - IPC OOM mitigation by eliminating buffer copying (r=jld)
Blocks: 1235633
Component: General → IPC
Flags: needinfo?(wmccloskey)
Flags: needinfo?(jld)
Whiteboard: btpp-fixnow
Stack using crashfirefox.exe
(during 100% core usage):
I can reproduce.
Assignee: nobody → wmccloskey
Flags: needinfo?(wmccloskey)
Flags: needinfo?(jld)
Attached patch patchSplinter Review
When there's a huge message coming in, we would call reserve to reserve lots of space for it. Then we would read in 4K and call assign, which would realloc the buffer to be only as big as how much we had read so far. The next time through we would reserve a ton of space again and then realloc at the end.

This patch avoids the assign() operation so that we reserve once and use that memory for the entire message, as intended.
Attachment #8741171 - Flags: review?(jld)
Comment on attachment 8741171 [details] [diff] [review]

Review of attachment 8741171 [details] [diff] [review]:

r=me if it passes Try.
Attachment #8741171 - Flags: review?(jld) → review+
Duplicate of this bug: 1263457
Duplicate of this bug: 1263763
Closed: 4 years ago
Resolution: --- → FIXED
Target Milestone: --- → mozilla48
Recent regression, tracking in case it reopens
You need to log in before you can comment on or make changes to this bug.