Closed Bug 478995 Opened 15 years ago Closed 15 years ago

Out-of-memory crash [@ _CxxThrowException] [@ operator new] [@ mozcrt19.dll]

Categories

(Core :: General, defect)

1.9.0 Branch
x86
Windows XP
defect
Not set
critical

Tracking

()

RESOLVED DUPLICATE of bug 511758

People

(Reporter: masa141421356, Unassigned)

Details

(Keywords: crash)

Crash Data

Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9.2a1pre) Gecko/20090217 Minefield/3.2a1pre

bp-389bc436-e7e9-4548-adb4-0c07b2090217

Crashed when testing attachment 229928 [details] (bug 345161 testcase 3).
attachment 229928 [details] contains crafted script to make system low memory.

It seems to be a problem around handling out of memory at operator "new" in
mozcrt19.dll.

# Bug 345161 is marked as Security Sensitive.
# If it is needed to see attachment 229928 [details], please tell me.
Keywords: crash
kernel32.dll@0x12aeb is _RaiseException@16 + 0x52
0	kernel32.dll	kernel32.dll@0x12aeb	
1	mozcrt19.dll	_CxxThrowException	 throw.cpp:159
2	mozcrt19.dll	operator new	 new.cpp:57
3	xul.dll	nsDeque::GrowCapacity	 nsDeque.cpp:182
4	xul.dll	GraphWalker::DoWalk	mozilla/xpcom/base/nsCycleCollector.cpp:1169
5	xul.dll	GraphWalker::WalkFromRoots	mozilla/xpcom/base/nsCycleCollector.cpp:1153
6	xul.dll	nsCycleCollector::BeginCollection	mozilla/xpcom/base/nsCycleCollector.cpp:2379

This is a duplicate of a bug i own. you're chasing something that's mostly pointless.

99% of gecko uses new and we don't handle c++ exceptions from new failures. I have the beginnings of a patch for this stuff, although I don't remember if I finished the graph bits.
crashed browser is not Trunk, its Fx3.0.6.
Mozilla/5.0 (Windows; U; Windows NT 5.1; ja; rv:1.9.0.6) Gecko/2009011913 Firefox/3.0.6

Crash is really caused by Out of memory.
I executed both of Fx3.0.6 and Fx Trunk
I tested bug 345161 on Trunk, it causes OS low memory.
As a result of low memory, some code executed by some timer event causes crash at Fx3.0.6.
Version: Trunk → 1.9.0 Branch
->NEW
Because I can find crash report that contains same stack trace .
for example.
bp-8b475cff-df4d-4c20-a92b-d30292090520
bp-8cca7394-115a-4196-9eab-4618a2090518
Status: UNCONFIRMED → NEW
Ever confirmed: true
masahiro: you're not looking for a crash with the same stack trace.

the complete signature is this:

[@ _CxxThrowException - operator new]

and we have dozens of bugs for this, now please find one. thanks.
Whiteboard: DUPEME
timeless, what do you think we should do with OOM crash bugs?  Split them by what calls |new|?  Mark them as duplicates of bug 427099?
Summary: crash at throwing exception when low memory in mozcrt19.dll → Out-of-memory crash [@ _CxxThrowException] [@ operator new] [@ mozcrt19.dll]
for the time being, i'd prefer to split by what calls new.
I'm beginning to agree.
Status: NEW → RESOLVED
Closed: 15 years ago
Resolution: --- → DUPLICATE
Crash Signature: [@ _CxxThrowException] [@ operator new] [@ mozcrt19.dll]
Whiteboard: DUPEME
You need to log in before you can comment on or make changes to this bug.