Last Comment Bug 702182 - bug698584.js should allow oom
: bug698584.js should allow oom
Product: Core
Classification: Components
Component: JavaScript Engine (show other bugs)
: unspecified
: x86 Solaris
: -- normal (vote)
: mozilla11
Assigned To: Ginn Chen
: Jason Orendorff [:jorendorff]
Depends on:
Blocks: 698584
  Show dependency treegraph
Reported: 2011-11-13 20:00 PST by Ginn Chen
Modified: 2012-06-21 16:46 PDT (History)
3 users (show)
See Also:
Crash Signature:
QA Whiteboard:
Iteration: ---
Points: ---
Has Regression Range: ---
Has STR: ---

patch (765 bytes, patch)
2011-11-13 20:17 PST, Ginn Chen
evilpies: review+
lukasblakk+bugs: approval‑mozilla‑esr10+
Details | Diff | Splinter Review

Description Ginn Chen 2011-11-13 20:00:30 PST
When I can on Solaris x86, bug698584.js failed with OOM.
If I run it directly with ./js, I got InternalError: allocation size overflow.

I think both results should be considered PASS.

Here's the stack of OOM:

=>[1] js_ReportOutOfMemory(cx = 0x86a00b8) (optimized), at 0x81dd83c (line ~718) in "jscntxt.h"
  [2] JSRuntime::onOutOfMemory(this = 0x865eec0, p = (nil), nbytes = 528482274U, cx = 0x86a00b8) (optimized), at 0x81df239 (line ~1587) in "jscntxt.cpp"
  [3] AllocChars(maybecx = 0x86a00b8, length = 234881010U, chars = 0x8044d9c, capacity = 0x8044d98) (optimized), at 0x83a813f (line ~743) in "jscntxt.h"
  [4] JSRope::flatten(this = 0xfda10030, maybecx = 0x86a00b8) (optimized), at 0x83a5c79 (line ~217) in "String.cpp"
  [5] ExecuteRegExp(cx = 0x86a00b8, native = 0x8404adc = &js::regexp_test(JSContext*,unsigned,JS::Value*), argc = 1U, vp = 0xfde00058) (optimized), at 0x840445e (line ~323) in "String.h"
  [6] js::regexp_test(cx = 0x86a00b8, argc = 1U, vp = 0xfde00058) (optimized), at 0x8404b03 (line ~586) in "RegExp.cpp"
  [7] CallCompiler::generateNativeStub(this = 0x8045620) (optimized), at 0x850a987 (line ~939) in "MonoIC.cpp"
  [8] js::mjit::ic::NativeCall(f = STRUCT, ic = 0x86a89ec) (optimized), at 0x8506bd3 (line ~1173) in "MonoIC.cpp"
  [9] 0xfed81d2f(0x8047230, 0xfde00020, 0x80456e8, 0x8408d4a, 0x86a00b8, 0xfde00020), at 0xfed81d2f 
  [10] 0x85d8750(0x0, 0xfda00040, 0x0, 0x857f73c, 0x0, 0xffffff82), at 0x85d8750
Comment 1 Ginn Chen 2011-11-13 20:17:01 PST
Created attachment 574230 [details] [diff] [review]
Comment 2 Marco Bonardo [::mak] 2011-11-14 04:42:33 PST
Comment on attachment 574230 [details] [diff] [review]

i'm not the right person to review this, maybe you meant mrbkap
Comment 4 Matt Brubeck (:mbrubeck) 2011-11-21 09:04:58 PST
Comment 5 Mark Banner (:standard8, limited time in Dec) 2012-03-06 12:25:32 PST
Comment on attachment 574230 [details] [diff] [review]

Requesting approval for esr10. This is a test-only fix that will fix a persistent test failure that we're seeing on the Thunderbird Linux 64 bit unit test boxes, hence clearing the orange picture a bit there and making it clearer for releases.
Comment 6 Lukas Blakk [:lsblakk] use ?needinfo 2012-03-21 14:55:19 PDT
Comment on attachment 574230 [details] [diff] [review]

[Triage Comment]
Approving test-only fix.
Comment 7 Mark Banner (:standard8, limited time in Dec) 2012-03-27 01:08:53 PDT
Landed on esr10:
Comment 8 Anthony Hughes (:ashughes) [GFX][QA][Mentor] 2012-06-21 16:46:29 PDT
Ginn, can you please confirm if this is working now with the latest ESR build?

Note You need to log in before you can comment on or make changes to this bug.