1874510 - [hazards] InternalError: allocation size overflow in computeCallgraph.js

Status: RESOLVED FIXED

(Core :: JavaScript: GC, defect, P3)

Description

[Steve Fink [:sfink] [:s:]]

When trying to land bug 1871441, the hazard analysis is failing:

[js/src/devtools/rootAnalysis/computeCallgraph.js:429:23](https://searchfox.org/mozilla-central/rev/f465027ef4d334dbc9ad270718c8a5e8045e7a2b/js/src/devtools/rootAnalysis/computeCallgraph.js#429) InternalError: allocation size overflow

It appears to be dying in the data.readString() part of that line that retrieves the JSON, not while actually parsing the JSON.

I can reproduce locally, and am looking into it now.

Comment 1

[Steve Fink [:sfink] [:s:]]

It is saying that the JSON data for one function is 1.9GB long. That... can't be good. The function is mozilla::MakeUnique templatized on a million-element std::array. gstoll actually guessed it exactly:

<gstoll> could it be a problem with the std::array with 1024*1024 members, since that's a templatized parameter?

sixgill is generating a body for the MakeUnique function that appears to have an assignment operation for each and every element of that array. Which generates a rather large JSON representation. It would be better if it didn't do that.

Comment 2

[Steve Fink [:sfink] [:s:]]

Attachment: Bug 1874510 - Prevent runaway array constructor initialization expansion

Comment 3

[Steve Fink [:sfink] [:s:]]

The workaround in bug 1871441 is quite simple and is now landed, so reducing the priority. (The attached change should fix the original problem, though.)

Comment 4

[Steve Fink [:sfink] [:s:]]

Attachment: Bug 1874510 - Update sixgill to version that can work around large array initializers

Comment 5

[Pulsebot]

Pushed by sfink@mozilla.com:
https://hg.mozilla.org/integration/autoland/rev/33e6d8011473
Update sixgill to version that can work around large array initializers

Comment 6

[Narcis Beleuzu [:NarcisB]]

https://hg.mozilla.org/mozilla-central/rev/33e6d8011473