Closed
Bug 1267571
Opened 9 years ago
Closed 6 years ago
IDBObjectStore::AddOrPut() should use a Move constructor
Categories
(Core :: Storage: IndexedDB, defect, P3)
Tracking
()
RESOLVED
WORKSFORME
People
(Reporter: jujjyl, Unassigned)
Details
(Keywords: crash, Whiteboard: btpp-active)
Crash Data
This bug was filed from the Socorro interface and is
report bp-0ba7bad2-3775-400a-899b-b5bd82160426.
=============================================================
Tested on Firefox 45.0.2 32-bit, this took down the whole browser in an OOM situation. I think the code was storing a blob into IndexedDB.
Comment 1•9 years ago
|
||
OOM allocation size of about 215MB.
Comment 2•9 years ago
|
||
The crash report says:
Available Virtual Memory 1260367872
which is quite a bit! (1.17GB of the 4GB total).
but:
"largest_free_vm_block": "0xc000000",
which is ~192MB.
Comment 3•9 years ago
|
||
I'll take a look at it. It seems bad that we'd be doing a copy constructor on some giant data.
Assignee: nobody → continuation
Whiteboard: btpp-active
Comment 4•9 years ago
|
||
It looks like the problem is here:
if (aOverwrite) {
params = ObjectStorePutParams(commonParams);
} else {
params = ObjectStoreAddParams(commonParams);
}
This copies commonParams, which does not seem to be used later, so we should be able to move it. The problem is that ObjectStoreAddPutParams is an IPDL-generated class, so this would require generating move constructors.
I only see 12 crashes with this signature, so I'm not going to be able to work on this any time soon. That said, it is possible copies of IPDL-generated structures that should be moves might show up elsewhere, and if that gets fixed, this would be easy to fix.
Assignee: continuation → nobody
Summary: crash in OOM | large | mozalloc_abort | mozalloc_handle_oom | moz_xmalloc | nsTArray_base<T>::EnsureCapacity<T> | nsTArray_Impl<T>::ReplaceElementsAt<T> | mozilla::dom::indexedDB::ObjectStoreAddPutParams::operator= → IDBObjectStore::AddOrPut() should use a Move constructor
Comment 5•8 years ago
|
||
Crash volume for signature 'OOM | large | mozalloc_abort | mozalloc_handle_oom | moz_xmalloc | nsTArray_base<T>::EnsureCapacity<T> | nsTArray_Impl<T>::ReplaceElementsAt<T> | mozilla::dom::indexedDB::ObjectStoreAddPutParams::operator=':
- nightly (version 51): 0 crashes from 2016-08-01.
- aurora (version 50): 0 crashes from 2016-08-01.
- beta (version 49): 4 crashes from 2016-08-02.
- release (version 48): 133 crashes from 2016-07-25.
- esr (version 45): 3 crashes from 2016-05-02.
Crash volume on the last weeks (Week N is from 08-22 to 08-28):
W. N-1 W. N-2 W. N-3
- nightly 0 0 0
- aurora 0 0 0
- beta 2 0 0
- release 27 40 48
- esr 0 1 0
Affected platform: Windows
Crash rank on the last 7 days:
Browser Content Plugin
- nightly
- aurora
- beta #3626 #1656
- release #775 #249
- esr
status-firefox48:
--- → affected
status-firefox49:
--- → affected
status-firefox-esr45:
--- → affected
Updated•7 years ago
|
Priority: -- → P3
Comment 6•6 years ago
|
||
Closing because no crashes reported for 12 weeks.
Status: NEW → RESOLVED
Closed: 6 years ago
Resolution: --- → WORKSFORME
You need to log in
before you can comment on or make changes to this bug.
Description
•