Closed Bug 1433551 Opened 2 years ago Closed 2 years ago
Crash in OOM | large | mozalloc
_abort | mozalloc _handle _oom | moz _xmalloc | mozilla::Make Unique<T> | mozilla::a11y::Compatibility::On UIAMessage
This bug was filed from the Socorro interface and is report bp-9544430a-1203-4edc-b6df-6d8be0180126. ============================================================= Top 10 frames of crashing thread: 0 mozglue.dll mozalloc_abort memory/mozalloc/mozalloc_abort.cpp:33 1 mozglue.dll mozalloc_handle_oom memory/mozalloc/mozalloc_oom.cpp:54 2 mozglue.dll moz_xmalloc memory/mozalloc/mozalloc.cpp:72 3 xul.dll mozilla::MakeUnique<unsigned char > mfbt/UniquePtr.h:688 4 xul.dll mozilla::a11y::Compatibility::OnUIAMessage accessible/windows/msaa/CompatibilityUIA.cpp:190 5 xul.dll CallWindowProcCrashProtected xpcom/base/nsCrashOnException.cpp:32 6 xul.dll nsWindow::WindowProc widget/windows/nsWindow.cpp:4969 7 msctf.dll CThreadInputMgr::PeekMessageW 8 nss3.dll PR_MillisecondsToInterval nsprpub/pr/src/misc/prinrval.c:62 9 xul.dll nsThread::ProcessNextEvent xpcom/threads/nsThread.cpp:952 ============================================================= these out of memeory crashes with a particularly large allocation size are starting to show up in firefox 59.0b in a codepath from bug 1419886.
I don't know why we're seeing some of those reports on 64-bit (!) But in the 32-bit case, these allocations are large enough that I think we should make them fallible.
These allocations are sometimes very large (I see one that's > 800MiB). Let's use fallible allocation in those cases.
Assignee: nobody → aklotz
Status: NEW → ASSIGNED
Comment on attachment 8945895 [details] [diff] [review] Use fallible allocation for handleInfoBuf in UIA detection Troubling that so much memory usage happens, but since it does I think this patch is a good change.
Attachment #8945895 - Flags: review?(dbolter) → review+
https://hg.mozilla.org/integration/mozilla-inbound/rev/ad05b79ebbe5cabb4d7ca0198b02987fe7de44d1 Bug 1433551: Use fallible allocation for handleInfoBuf inside UIA detection; r=davidb
Comment on attachment 8945895 [details] [diff] [review] Use fallible allocation for handleInfoBuf in UIA detection Approval Request Comment [Feature/Bug causing the regression]: Bug 1419886 [User impact if declined]: Crashes under specific conditions. [Is this code covered by automated tests?]: No [Has the fix been verified in Nightly?]: Yes [Needs manual test from QE? If yes, steps to reproduce]: No [List of other uplifts needed for the feature/fix]: None [Is the change risky?]: No [Why is the change risky/not risky?]: Simple patch - make one memory allocation fallible. [String changes made/needed]: None.
Attachment #8945895 - Flags: approval-mozilla-beta?
Comment on attachment 8945895 [details] [diff] [review] Use fallible allocation for handleInfoBuf in UIA detection Crash fix, let's uplift this for 59 beta 6.
Attachment #8945895 - Flags: approval-mozilla-beta? → approval-mozilla-beta+
You need to log in before you can comment on or make changes to this bug.