1491964 - crashsafari.com crashes Firefox Nightly on Linux [DoS / rapid system memory exhaustion]

Status: RESOLVED DUPLICATE of bug 1314912

(Firefox :: Untriaged, defect)

Description

[u580221]

User Agent: Mozilla/5.0 (X11; Linux x86_64; rv:64.0) Gecko/20100101 Firefox/64.0
Build ID: 20180917100342

Steps to reproduce:

1. Opened crashsafari.com


Actual results:

Memory usage of firefox quickly climbs to >10GB with no stopping in sight


Expected results:

Firefox stops memory allocation for the tab at a reasonable limit and requires at the very least a user confirmation before more resources can be used

Comment 1

[u580221]

A few more notes in case this turns out to be a general no-memory-limit-for-tab issue: my expectation would be Firefox reasonably limits any tab in memory usage (e.g. with a limit defaulting to 10% of total system memory or something like that). Using more with user confirmation is ok, but any web page shouldn't be able to risk a system crash by just using up arbitrary amounts of memory willy-nilly (be it via JS or via DOM)

Comment 2

[u580221]

This also still reproduces for me: #330029 (after >10 years.) - and no it doesn't present a script hang dialog as a comment suggests, but happily eats up ALL SYSTEM MEMORY heading for an inevitable crash that might also affect other programs, especially on Linux where overallocation will not necessarily kill the offending program. Therefore, I really think this should be fixed

Comment 3

[:Gijs (he/him)]

The crashsafari/history.pushState abuse is tracked in bug 1314912. The other bug you cite is tracked in that other bug. Filing duplicates isn't going to help getting it fixed.

Comment 4

[u580221]

Sorry, did not intentionally file a duplicate. (Wasn't aware the crashsafari issue already exists, and the other one I stumbled across afterwards by pure chance)