Closed
Bug 518925
Opened 15 years ago
Closed 15 years ago
LirWriter leak with regexp match in debug builds
Categories
(Core :: JavaScript Engine, defect)
Tracking
()
RESOLVED
FIXED
Tracking | Status | |
---|---|---|
status1.9.2 | --- | beta1-fixed |
People
(Reporter: jruderman, Assigned: graydon)
Details
(Keywords: memory-leak, valgrind, Whiteboard: fixed-in-tracemonkey)
Attachments
(1 file)
632 bytes,
patch
|
dvander
:
review+
|
Details | Diff | Splinter Review |
valgrind --dsymutil=yes --smc-check=all --leak-check=full ~/tracemonkey/js/src/debug/js -j
"".match(/.*x/)
causes:
8 bytes in 1 blocks are definitely lost in loss record 12 of 225
at 0x28F0D8: calloc (vg_replace_malloc.c:418)
by 0xF4ECC: nanojit::LirWriter::operator new(unsigned long) (LIR.h:1019)
by 0xFA85A: RegExpNativeCompiler::compile() (jsregexp.cpp:3154)
by 0xF3A59: CompileRegExpToNative(JSContext*, JSRegExp*, nanojit::Fragment*) (jsregexp.cpp:3253)
by 0xF3C53: GetNativeRegExp(JSContext*, JSRegExp*) (jsregexp.cpp:3276)
by 0xF3CE0: MatchRegExp(REGlobalData*, REMatchState*) (jsregexp.cpp:4682)
by 0xF4109: js_ExecuteRegExp (jsregexp.cpp:4866)
by 0x10B3A1: DoMatch(JSContext*, long*, JSString*, RegExpGuard const&, bool (*)(JSContext*, unsigned long, void*), void*, MatchControlFlags) (jsstr.cpp:1458)
by 0x110AD3: str_match(JSContext*, unsigned int, long*) (jsstr.cpp:1537)
by 0x87589: js_Interpret (jsops.cpp:2235)
by 0x9971A: js_Execute (jsinterp.cpp:1599)
by 0x1EB6B: JS_ExecuteScript (jsapi.cpp:4947)
Tested with valgrind rev 10894 and TM rev 6fef8dd5dba6+.
This affects some tests in "python trace-test.py --valgrind-all" (e.g. check-date-format-xparb.js). It also affects jsfunfuzz.
This seems to only happen in debug builds, so maybe it's related to the sanity_filter stuff in RegExpNativeCompiler::compile, which was added in rev f461c8c654e7 for bug 514548.
Assignee | ||
Updated•15 years ago
|
Assignee: general → graydon
Assignee | ||
Comment 1•15 years ago
|
||
Correctly identified, this patch fixes it.
Nice catch.
Attachment #402942 -
Flags: review?(dvander)
![]() |
||
Updated•15 years ago
|
Attachment #402942 -
Flags: review?(dvander) → review+
Comment on attachment 402942 [details] [diff] [review]
fix the bug
Thanks - I introduced this bug :( Julian or njn mentioned it on IRC but I forgot to file.
Assignee | ||
Comment 3•15 years ago
|
||
Whiteboard: fixed-in-tracemonkey
Comment 4•15 years ago
|
||
Status: NEW → RESOLVED
Closed: 15 years ago
Resolution: --- → FIXED
Comment 5•15 years ago
|
||
status1.9.2:
--- → beta1-fixed
You need to log in
before you can comment on or make changes to this bug.
Description
•