Closed Bug 1457230 Opened 6 years ago Closed 4 years ago

Crash in OOM | large | mozalloc_abort | mozalloc_handle_oom | moz_xmalloc | std::_Allocate | google::protobuf::internal::ArenaStringPtr::CreateInstanceNoArena

Categories

(Toolkit :: Safe Browsing, defect, P5)

58 Branch
x86
Windows
defect

Tracking

()

RESOLVED WORKSFORME
Tracking Status
firefox-esr52 --- unaffected
firefox-esr60 --- affected
firefox59 --- wontfix
firefox60 --- wontfix
firefox61 --- fix-optional
firefox62 --- fix-optional

People

(Reporter: philipp, Unassigned)

References

Details

(Keywords: crash, regression)

Crash Data

This bug was filed from the Socorro interface and is
report bp-8d2367ef-d0d7-42d6-854f-bff770180426.
=============================================================

Top 10 frames of crashing thread:

0 mozglue.dll mozalloc_abort memory/mozalloc/mozalloc_abort.cpp:33
1 mozglue.dll mozalloc_handle_oom memory/mozalloc/mozalloc_oom.cpp:54
2 mozglue.dll moz_xmalloc memory/mozalloc/mozalloc.cpp:72
3 xul.dll std::_Allocate vs2017_15.4.2/VC/include/xmemory0:78
4 xul.dll google::protobuf::internal::ArenaStringPtr::CreateInstanceNoArena toolkit/components/protobuf/src/google/protobuf/arenastring.h:304
5 xul.dll mozilla::safebrowsing::RiceDeltaEncoding::RiceDeltaEncoding toolkit/components/url-classifier/chromium/safebrowsing.pb.cc:9591
6 xul.dll mozilla::safebrowsing::ThreatEntrySet::ThreatEntrySet toolkit/components/url-classifier/chromium/safebrowsing.pb.cc:8440
7 xul.dll mozilla::safebrowsing::ProtocolParserProtobuf::ProcessAdditionOrRemoval toolkit/components/url-classifier/ProtocolParser.cpp:890
8 xul.dll mozilla::safebrowsing::ProtocolParserProtobuf::ProcessOneResponse toolkit/components/url-classifier/ProtocolParser.cpp:872
9 xul.dll mozilla::safebrowsing::ProtocolParserProtobuf::End toolkit/components/url-classifier/ProtocolParser.cpp:783

=============================================================

this crash is showing up since firefox 58 - it's rather low volume and mainly hitting 32bit builds on windows.
the OOM Allocation Size in those reports is usually around 2.5MB.
I'm not sure there's a lot we can do here. The 2.5 MB allocation is triggered by this code:

https://hg.mozilla.org/releases/mozilla-beta/annotate/f2ac3383fb97a55d11a876f17189613a852a0077/toolkit/components/url-classifier/ProtocolParser.cpp#l890

but the allocation then happens within the code generated by the protocol buffer library.

If memory is so tight that a 2.5 MB allocation will fail, _something_ in Firefox is bound to cause an OOM crash.
Priority: -- → P5
Doesn't sound like this is actionable right now. Marking fix-optional .
Crash Signature: [@ OOM | large | mozalloc_abort | mozalloc_handle_oom | moz_xmalloc | std::_Allocate | google::protobuf::internal::ArenaStringPtr::CreateInstanceNoArena] → [@ OOM | large | mozalloc_abort | mozalloc_handle_oom | moz_xmalloc | std::_Allocate | google::protobuf::internal::ArenaStringPtr::CreateInstanceNoArena] [@ OOM | large | mozalloc_abort | mozalloc_handle_oom | moz_xmalloc | std::_Allocate_manually_vector…

Closing because no crashes reported for 12 weeks.

Status: NEW → RESOLVED
Closed: 4 years ago
Resolution: --- → WORKSFORME
You need to log in before you can comment on or make changes to this bug.