Closed Bug 1734421 Opened 4 years ago Closed 4 years ago

Crash in [@ abort | wasm_rt_allocate_memory]

Categories

(Core :: Spelling checker, defect)

Product:
Core
Component:
Spelling checker
Platform:
Unspecified
Windows
Type:
defect

Tracking

()

Status:
RESOLVED FIXED
Milestone:
95 Branch
Tracking Flags:
Tracking Status
firefox-esr78 --- unaffected
firefox-esr91 --- unaffected
firefox92 --- unaffected
firefox93 --- unaffected
firefox94 + verified
firefox95 + fixed

People

(Reporter: aryx, Assigned: shravanrn)

References

Details

(Keywords: crash)

Crash Data

Attachments

(1 file)

Bug 1734421 - Update wasm2c to support better use of 32-bit virtual space r=glandium
48 bytes, text/x-phabricator-request
Details | Review

Windows crash, mostly 32-bit but only the 64-bit crashes have usable stacks.

Stack is very similar to bug 1733686.

Crash report: https://crash-stats.mozilla.org/report/index/33dc9b81-9bc7-47b5-b534-7ead30211006

Reason: STATUS_FATAL_APP_EXIT

Top 10 frames of crashing thread:

0 ucrtbase.dll abort 
1 rlbox.dll wasm_rt_allocate_memory third_party/wasm2c/wasm2c/wasm-rt-impl.c:137
2 rlbox.dll create_wasm2c_sandbox /builds/worker/workspace/obj-build/security/rlbox/rlbox.dll.wasm.c:613317
3 xul.dll rlbox::rlbox_wasm2c_sandbox::impl_create_sandbox third_party/rlbox_wasm2c_sandbox/include/rlbox_wasm2c_sandbox.hpp:451
4 xul.dll rlbox::rlbox_sandbox<rlbox::rlbox_wasm2c_sandbox>::create_sandbox<char16ptr_t> third_party/rlbox/include/rlbox_sandbox.hpp:383
5 xul.dll RLBoxHunspell::RLBoxHunspell extensions/spellcheck/hunspell/glue/RLBoxHunspell.cpp:41
6 xul.dll mozHunspell::SetDictionary extensions/spellcheck/hunspell/glue/mozHunspell.cpp:189
7 xul.dll mozSpellChecker::SetCurrentDictionary extensions/spellcheck/src/mozSpellChecker.cpp:447
8 xul.dll mozilla::RemoteSpellcheckEngineParent::RecvSetDictionaryFromList extensions/spellcheck/hunspell/glue/RemoteSpellCheckEngineParent.cpp:29
9 xul.dll mozilla::PRemoteSpellcheckEngineParent::OnMessageReceived ipc/ipdl/PRemoteSpellcheckEngineParent.cpp:290
Flags: needinfo?(shravanrn)

investigating

Looks like this bug (1734421) is an error when there is no space to create an rlbox sandbox, while the other bug mentioned (bug 1733686) is to do with the sandbox internally running out of memory.

@glandium In the case of the most frequent x86 32bit platform crashes, I think the fix is a modified version of "part 1 of Bug 1728934" (which got backed out in its current form). I need to update this patch, but this will ensure that we make better use of the limited available virtual memory in 32-bit applications. I will need to look more into the one or two x64/arm64 related crashes here.

Flags: needinfo?(shravanrn) → needinfo?(mh+mozilla)
Assignee: nobody → shravanrn
Status: NEW → ASSIGNED
Blocks: 1733686

Bug 1727266 was backed out for 94.0b3, so hopefully we'll see these crashes go away there.

status-firefox92: --- → unaffected
status-firefox93: --- → unaffected
status-firefox94: --- → affected
status-firefox95: --- → affected
status-firefox-esr78: --- → unaffected
status-firefox-esr91: --- → unaffected
tracking-firefox94: --- → +
tracking-firefox95: --- → +

(In reply to Ryan VanderMeulen [:RyanVM] from comment #4)

Bug 1727266 was backed out for 94.0b3, so hopefully we'll see these crashes go away there.

No crashes in 94.0b3.

status-firefox94: affectedverified
Pushed by mh@glandium.org: https://hg.mozilla.org/integration/autoland/rev/6e1011402c79 Update wasm2c to support better use of 32-bit virtual space r=glandium

https://hg.mozilla.org/mozilla-central/rev/6e1011402c79

Status: ASSIGNED → RESOLVED
Closed: 4 years ago
status-firefox95: affectedfixed
Resolution: --- → FIXED
Target Milestone: --- → 95 Branch
Flags: needinfo?(mh+mozilla)
Blocks: 1758626
You need to log in before you can comment on or make changes to this bug.

Attachment

General

Creator:
Created:
Updated:
Size: