Closed Bug 702182 Opened 13 years ago Closed 13 years ago

bug698584.js should allow oom

Categories

(Core :: JavaScript Engine, defect)

Product:
Core
Component:
JavaScript Engine
Platform:
x86
Solaris
Type:
defect
Priority:
Not set
Severity:
normal

Tracking

()

Status:
RESOLVED FIXED
Milestone:
mozilla11
Tracking Flags:
Tracking Status
firefox-esr10 --- fixed

People

(Reporter: ginnchen+exoracle, Assigned: ginnchen+exoracle)

References

Details

(Whiteboard: [qa-])

Attachments

(1 file)

patch
765 bytes, patch
evilpie
: review+
lsblakk
: approval-mozilla-esr10+
Details | Diff | Splinter Review 
When I can jit-test.py on Solaris x86, bug698584.js failed with OOM.
If I run it directly with ./js, I got InternalError: allocation size overflow.

I think both results should be considered PASS.

Here's the stack of OOM:

=>[1] js_ReportOutOfMemory(cx = 0x86a00b8) (optimized), at 0x81dd83c (line ~718) in "jscntxt.h"
  [2] JSRuntime::onOutOfMemory(this = 0x865eec0, p = (nil), nbytes = 528482274U, cx = 0x86a00b8) (optimized), at 0x81df239 (line ~1587) in "jscntxt.cpp"
  [3] AllocChars(maybecx = 0x86a00b8, length = 234881010U, chars = 0x8044d9c, capacity = 0x8044d98) (optimized), at 0x83a813f (line ~743) in "jscntxt.h"
  [4] JSRope::flatten(this = 0xfda10030, maybecx = 0x86a00b8) (optimized), at 0x83a5c79 (line ~217) in "String.cpp"
  [5] ExecuteRegExp(cx = 0x86a00b8, native = 0x8404adc = &js::regexp_test(JSContext*,unsigned,JS::Value*), argc = 1U, vp = 0xfde00058) (optimized), at 0x840445e (line ~323) in "String.h"
  [6] js::regexp_test(cx = 0x86a00b8, argc = 1U, vp = 0xfde00058) (optimized), at 0x8404b03 (line ~586) in "RegExp.cpp"
  [7] CallCompiler::generateNativeStub(this = 0x8045620) (optimized), at 0x850a987 (line ~939) in "MonoIC.cpp"
  [8] js::mjit::ic::NativeCall(f = STRUCT, ic = 0x86a89ec) (optimized), at 0x8506bd3 (line ~1173) in "MonoIC.cpp"
  [9] 0xfed81d2f(0x8047230, 0xfde00020, 0x80456e8, 0x8408d4a, 0x86a00b8, 0xfde00020), at 0xfed81d2f 
  [10] 0x85d8750(0x0, 0xfda00040, 0x0, 0x857f73c, 0x0, 0xffffff82), at 0x85d8750
Attached patch patchSplinter Review 
Assignee: general → ginn.chen
Status: NEW → ASSIGNED

        Attachment #574230 -
        Flags: review?(mak77)

    
    

    
  
Comment on attachment 574230 [details] [diff] [review]
patch

i'm not the right person to review this, maybe you meant mrbkap

        Attachment #574230 -
        Flags: review?(mak77) → review?(mrbkap)

    
  

        Attachment #574230 -
        Flags: review?(mrbkap) → review?(evilpies)

    
  

        Attachment #574230 -
        Flags: review?(evilpies) → review+

    
    

    
  
https://hg.mozilla.org/mozilla-central/rev/cf6e30a75b0a
Status: ASSIGNED → RESOLVED
Closed: 13 years ago
Resolution: --- → FIXED
Target Milestone: --- → mozilla11

    
    

    
  
Comment on attachment 574230 [details] [diff] [review]
patch

Requesting approval for esr10. This is a test-only fix that will fix a persistent test failure that we're seeing on the Thunderbird Linux 64 bit unit test boxes, hence clearing the orange picture a bit there and making it clearer for releases.

        Attachment #574230 -
        Flags: approval-mozilla-esr10?

    
    

    
  
Comment on attachment 574230 [details] [diff] [review]
patch

[Triage Comment]
Approving test-only fix.

        Attachment #574230 -
        Flags: approval-mozilla-esr10? → approval-mozilla-esr10+

    
    

    
  
Ginn, can you please confirm if this is working now with the latest ESR build?
Whiteboard: [qa-]

          You need to log in
          before you can comment on or make changes to this bug.
        






  

    
  







  

    

      
Attachment

      

      
      
      
      
    

    

      

        

          

            
General

            

              Creator: 



            

            
Created: 

            
Updated: 

            
Size: