Last Comment Bug 702182 - bug698584.js should allow oom
: bug698584.js should allow oom
Product: Core
Classification: Components
Component: JavaScript Engine (show other bugs)
: unspecified
: x86 Solaris
-- normal (vote)
: mozilla11
Assigned To: Ginn Chen
: Jason Orendorff [:jorendorff]
Depends on:
Blocks: 698584
  Show dependency treegraph
Reported: 2011-11-13 20:00 PST by Ginn Chen
Modified: 2012-06-21 16:46 PDT (History)
3 users (show)
See Also:
Crash Signature:
QA Whiteboard:
Iteration: ---
Points: ---
Has Regression Range: ---
Has STR: ---

patch (765 bytes, patch)
2011-11-13 20:17 PST, Ginn Chen
evilpies: review+
lukasblakk+bugs: approval‑mozilla‑esr10+
Details | Diff | Splinter Review

Description User image Ginn Chen 2011-11-13 20:00:30 PST
When I can on Solaris x86, bug698584.js failed with OOM.
If I run it directly with ./js, I got InternalError: allocation size overflow.

I think both results should be considered PASS.

Here's the stack of OOM:

=>[1] js_ReportOutOfMemory(cx = 0x86a00b8) (optimized), at 0x81dd83c (line ~718) in "jscntxt.h"
  [2] JSRuntime::onOutOfMemory(this = 0x865eec0, p = (nil), nbytes = 528482274U, cx = 0x86a00b8) (optimized), at 0x81df239 (line ~1587) in "jscntxt.cpp"
  [3] AllocChars(maybecx = 0x86a00b8, length = 234881010U, chars = 0x8044d9c, capacity = 0x8044d98) (optimized), at 0x83a813f (line ~743) in "jscntxt.h"
  [4] JSRope::flatten(this = 0xfda10030, maybecx = 0x86a00b8) (optimized), at 0x83a5c79 (line ~217) in "String.cpp"
  [5] ExecuteRegExp(cx = 0x86a00b8, native = 0x8404adc = &js::regexp_test(JSContext*,unsigned,JS::Value*), argc = 1U, vp = 0xfde00058) (optimized), at 0x840445e (line ~323) in "String.h"
  [6] js::regexp_test(cx = 0x86a00b8, argc = 1U, vp = 0xfde00058) (optimized), at 0x8404b03 (line ~586) in "RegExp.cpp"
  [7] CallCompiler::generateNativeStub(this = 0x8045620) (optimized), at 0x850a987 (line ~939) in "MonoIC.cpp"
  [8] js::mjit::ic::NativeCall(f = STRUCT, ic = 0x86a89ec) (optimized), at 0x8506bd3 (line ~1173) in "MonoIC.cpp"
  [9] 0xfed81d2f(0x8047230, 0xfde00020, 0x80456e8, 0x8408d4a, 0x86a00b8, 0xfde00020), at 0xfed81d2f 
  [10] 0x85d8750(0x0, 0xfda00040, 0x0, 0x857f73c, 0x0, 0xffffff82), at 0x85d8750
Comment 1 User image Ginn Chen 2011-11-13 20:17:01 PST
Created attachment 574230 [details] [diff] [review]
Comment 2 User image Marco Bonardo [::mak] 2011-11-14 04:42:33 PST
Comment on attachment 574230 [details] [diff] [review]

i'm not the right person to review this, maybe you meant mrbkap
Comment 4 User image Matt Brubeck (:mbrubeck) 2011-11-21 09:04:58 PST
Comment 5 User image Mark Banner (:standard8) 2012-03-06 12:25:32 PST
Comment on attachment 574230 [details] [diff] [review]

Requesting approval for esr10. This is a test-only fix that will fix a persistent test failure that we're seeing on the Thunderbird Linux 64 bit unit test boxes, hence clearing the orange picture a bit there and making it clearer for releases.
Comment 6 User image Lukas Blakk [:lsblakk] use ?needinfo 2012-03-21 14:55:19 PDT
Comment on attachment 574230 [details] [diff] [review]

[Triage Comment]
Approving test-only fix.
Comment 7 User image Mark Banner (:standard8) 2012-03-27 01:08:53 PDT
Landed on esr10:
Comment 8 User image Anthony Hughes (:ashughes) [GFX][QA][Mentor] 2012-06-21 16:46:29 PDT
Ginn, can you please confirm if this is working now with the latest ESR build?

Note You need to log in before you can comment on or make changes to this bug.