Closed Bug 1644768 Opened 2 years ago Closed 2 years ago

Crash in [@ OOM | large | NS_ABORT_OOM | NS_ConvertASCIItoUTF16::NS_ConvertASCIItoUTF16 | nsXMLContentSerializer::AppendTextData]

Categories

(Core :: DOM: Core & HTML, defect, P3)

Product:
Core
Component:
DOM: Core & HTML
Type:
defect

Tracking

()

Status:
RESOLVED FIXED
Milestone:
mozilla79
Tracking Flags:
Tracking Status
firefox-esr68 --- unaffected
firefox-esr78 --- fixed
firefox77 --- wontfix
firefox78 --- wontfix
firefox79 --- fixed

People

(Reporter: sg, Assigned: hsivonen)

Details

(Keywords: crash)

Crash Data

Attachments

(1 file)

Bug 1644768 - Avoid OOM when serializing large 8-bit-code-unit text nodes.
47 bytes, text/x-phabricator-request
RyanVM
: approval-mozilla-esr78+
Details | Review

This bug is for crash report bp-84370fdd-34ec-4541-b685-514460200608.

Top 10 frames of crashing thread:

0 xul.dll NS_ABORT_OOM xpcom/base/nsDebugImpl.cpp:611
1 xul.dll NS_ConvertASCIItoUTF16::NS_ConvertASCIItoUTF16 xpcom/string/nsString.h:74
2 xul.dll nsXMLContentSerializer::AppendTextData dom/base/nsXMLContentSerializer.cpp:169
3 xul.dll nsXHTMLContentSerializer::AppendText dom/base/nsXHTMLContentSerializer.cpp:119
4 xul.dll nsDocumentEncoder::SerializeNodeStart dom/base/nsDocumentEncoder.cpp:691
5 xul.dll nsDocumentEncoder::SerializeToStringRecursive dom/base/nsDocumentEncoder.cpp:787
6 xul.dll nsDocumentEncoder::SerializeToStringRecursive dom/base/nsDocumentEncoder.cpp:797
7 xul.dll nsDocumentEncoder::SerializeToStringRecursive dom/base/nsDocumentEncoder.cpp:797
8 xul.dll nsDocumentEncoder::SerializeToStringRecursive dom/base/nsDocumentEncoder.cpp:797
9 xul.dll nsDocumentEncoder::SerializeToStringRecursive dom/base/nsDocumentEncoder.cpp:797

Found this during Nightly crash triage, but actually happens on a number of versions on all channels. It's only a content process OOM crash, but maybe it can be avoided?

Hi Henri,
Could you please help to take a look? Thank you.

Severity: -- → S2
Flags: needinfo?(hsivonen)
Priority: -- → P3

(In reply to John Dai[:jdai] from comment #1)

Hi Henri,
Could you please help to take a look? Thank you.

Patch attached.

Flags: needinfo?(hsivonen)
Assignee: nobody → hsivonen
Status: NEW → ASSIGNED
Pushed by hsivonen@mozilla.com:
https://hg.mozilla.org/integration/autoland/rev/a4326da5ff4f
Avoid OOM when serializing large 8-bit-code-unit text nodes. r=mbrodesser

https://hg.mozilla.org/mozilla-central/rev/a4326da5ff4f

Status: ASSIGNED → RESOLVED
Closed: 2 years ago
status-firefox79: --- → fixed
Resolution: --- → FIXED
Target Milestone: --- → mozilla79

Is this something we should consider uplifting to ESR78?

Flags: needinfo?(hsivonen)

(In reply to Ryan VanderMeulen [:RyanVM] from comment #6)

Is this something we should consider uplifting to ESR78?

Probably not that important to uplift but also extremely low risk.

Flags: needinfo?(hsivonen)

Comment on attachment 9155900 [details]
Bug 1644768 - Avoid OOM when serializing large 8-bit-code-unit text nodes.

ESR Uplift Approval Request

  • If this is not a sec:{high,crit} bug, please state case for ESR consideration: Extremely low-risk patch to avoid some OOM crashes.
  • User impact if declined: Rare OOM crashes on 32-bit systems when serializing large text nodes.
  • Fix Landed on Version: 79
  • Risk to taking this patch: Low
  • Why is the change risky/not risky? (and alternatives if risky): Merely uses an OOM-checking version of an operation.
  • String or UUID changes made by this patch: None
Attachment #9155900 - Flags: approval-mozilla-esr78?

Comment on attachment 9155900 [details]
Bug 1644768 - Avoid OOM when serializing large 8-bit-code-unit text nodes.

Approved for 78.1esr.

Attachment #9155900 - Flags: approval-mozilla-esr78? → approval-mozilla-esr78+
You need to log in before you can comment on or make changes to this bug.