Closed
Bug 585943
Opened 14 years ago
Closed 14 years ago
Crash [@ nsHtml5TreeOperation::Init][@ TouchBadMemory][@ nsHtml5TreeBuilder::appendElement(nsIContent**, nsIContent**) ] on OOM
Categories
(Core :: DOM: HTML Parser, defect, P2)
Tracking
()
RESOLVED
FIXED
| Tracking | Status | |
|---|---|---|
| blocking2.0 | --- | final+ |
People
(Reporter: bc, Assigned: hsivonen)
References
()
Details
(Keywords: crash, Whiteboard: [hardblocker])
Crash Data
Attachments
(2 files)
1. http://redtaggy.com/ 2. crash trunk mac/windows related socorro signature: nsHtml5TreeBuilder::appendElement(nsIContent**, nsIContent**) various assertions depending on the phase of the moon. ASSERTION: Tree op allocation failed.: 'treeOp' /work/mozilla/builds/2.0.0/mozilla/parser/html/nsHtml5TreeBuilderCppSupplement.h ASSERTION: bad method name: 'Error' /work/mozilla/builds/2.0.0/mozilla/js/src/xpconnect/src/xpcwrappednativeinfo.cpp
|
Reporter | |
Comment 1•14 years ago
|
||
|
||
Updated•14 years ago
|
Severity: normal → critical
|
|
||
Updated•14 years ago
|
blocking2.0: --- → ?
|
||
Comment 2•14 years ago
|
||
We should fix this for final, and by fix I mean make sure we crash in a safe way if we're OOM.
blocking2.0: ? → final+
|
Assignee | |
Comment 3•14 years ago
|
||
All the nsTArrays in the HTML5 parser need to become infallible, but bug 550611 isn't ready yet.
Depends on: 550611
|
|
Assignee | |
Updated•14 years ago
|
Priority: -- → P2
|
|
Assignee | |
Updated•14 years ago
|
Whiteboard: Waiting for bug 550611
|
|
Assignee | |
Updated•14 years ago
|
Assignee: nobody → hsivonen
Whiteboard: Waiting for bug 550611
|
|
||
Comment 4•14 years ago
|
||
bug 550611 is fixed now. Henri, can you work on a patch to make all nsTArray's in the parser explicitly use the infallible version?
|
|
Assignee | |
Comment 5•14 years ago
|
||
(In reply to comment #4) > bug 550611 is fixed now. Henri, can you work on a patch to make all nsTArray's > in the parser explicitly use the infallible version? OK.
Status: NEW → ASSIGNED
Whiteboard: [waiting for bug 610823]
|
|
||
Updated•14 years ago
|
Whiteboard: hardblocker
|
|
||
Updated•14 years ago
|
Whiteboard: hardblocker → [hardblocker]
|
|
Assignee | |
Comment 6•14 years ago
|
||
Can this be considered fixed now that bug 610823 is fixed? That is, is it necessary to use the explicitly infallible versions now?
|
|
||
Comment 7•14 years ago
|
||
IMO yes.
|
|
||
Comment 8•14 years ago
|
||
Marking fixed per previous comments.
Status: ASSIGNED → RESOLVED
Closed: 14 years ago
Resolution: --- → FIXED
|
||
Updated•13 years ago
|
Crash Signature: [@ nsHtml5TreeOperation::Init]
[@ TouchBadMemory]
[@ nsHtml5TreeBuilder::appendElement(nsIContent**, nsIContent**) ]
You need to log in
before you can comment on or make changes to this bug.
Description
•