Closed
Bug 864236
Opened 12 years ago
Closed 12 years ago
Make multi-MiB allocations in the url-classifier fallible
Categories
(Toolkit :: Safe Browsing, defect)
Toolkit
Safe Browsing
Tracking
()
RESOLVED
FIXED
Firefox 25
People
(Reporter: n.nethercote, Assigned: n.nethercote)
References
Details
Attachments
(1 file, 2 obsolete files)
|
4.81 KB,
patch
|
dcamp
:
review+
|
Details | Diff | Splinter Review |
In bug 862592 I found that the url-classifier is doing frequent multi-MiB allocations.
|
Assignee | |
Comment 1•12 years ago
|
||
Attachment #740178 -
Flags: review?(gpascutto)
|
||
Comment 2•12 years ago
|
||
Comment on attachment 740178 [details] [diff] [review]
Make multi-MiB allocations in the url-classifier fallible.
The change in itself is OK, but you must improve the error handling if you do this. If you look at the callers, they will reset (=delete) the entire SafeBrowsing database if there is a failure updating it, because they presume this will only happen if it's corrupted (given that OOM was not possible before).
You probably want to change SUCCESS_OR_RESET so it does the right thing when your OOM error triggers (i.e. propagate failure upwards, don't delete the table).
Attachment #740178 -
Flags: review?(gpascutto) → review-
|
|
Assignee | |
Comment 3•12 years ago
|
||
This patch modifies SUCCESS_OR_RESET. I don't understand this code at all, so
if this doesn't suffice perhaps you could take possession of this bug, gcp?
BTW, ReadTArray returns NS_ERROR_OF_OUT_MEMORY if the SetLength() call fails,
so there was already some "reset DB on OOM" behaviour here, AFAICT.
Attachment #740184 -
Flags: review?(gpascutto)
|
|
Assignee | |
Updated•12 years ago
|
Attachment #740178 -
Attachment is obsolete: true
|
|
||
Comment 4•12 years ago
|
||
Comment on attachment 740184 [details] [diff] [review]
Make multi-MiB allocations in the url-classifier fallible.
>BTW, ReadTArray returns NS_ERROR_OF_OUT_MEMORY if the SetLength() call fails,
>so there was already some "reset DB on OOM" behaviour here, AFAICT.
Does SetLength return an error on OOM or does it crash? Some of this code has gone back and forth between being fallible and not. Crashing during an update is acceptable - the code deals with it.
It looks like Classifier::ApplyUpdates needs a very similar fix on line 303, other than that I think this is fine. Possibly. r+ assuming you'll fix that one too.
>I don't understand this code at all, so if this doesn't suffice perhaps you could take possession of this bug, gcp?
That's a poor cop-out :) I can take possesion but that would be the equivalent of "postpone fixing this indefinitely". I'd rather have you fix it and have at least one other person with halfway of an understanding of this code.
Attachment #740184 -
Flags: review?(gpascutto) → review+
|
|
||
Comment 5•12 years ago
|
||
Fixed up the things I noticed. This could use a lookover to see if there's any nasty cases I missed.
Attachment #740184 -
Attachment is obsolete: true
Attachment #779655 -
Flags: review?(dcamp)
|
||
Comment 6•12 years ago
|
||
Comment on attachment 779655 [details] [diff] [review]
Patch 1. Make some allocations fallible and deal with the error
Review of attachment 779655 [details] [diff] [review]:
-----------------------------------------------------------------
Looks good to me.
Attachment #779655 -
Flags: review?(dcamp) → review+
|
|
||
Comment 7•12 years ago
|
||
|
|
Assignee | |
Comment 8•12 years ago
|
||
Thanks for pushing this through, gcp!
Status: ASSIGNED → RESOLVED
Closed: 12 years ago
Resolution: --- → FIXED
Target Milestone: --- → Firefox 25
|
||
Updated•11 years ago
|
Product: Firefox → Toolkit
You need to log in
before you can comment on or make changes to this bug.
Description
•