If i just add a return statement before doing anything in build_backtrace,
setting the memory limit works.
It raises a null exception when running out of memory, just like before.
On Wed, Dec 25, 2019 at 5:30 PM Petter Strandmark <
petter.strandmark@xxxxxxxxx> wrote:
Hi all,
Version 2019-12-21 has introduced a segfault for me when a memory limit is
exceeded.
#0 __strlen_avx2 () at ../sysdeps/x86_64/multiarch/strlen-avx2.S:62
#1 0x00007ffffc563744 in JS_NewString (ctx=ctx@entry=0xcaa9a0, str=0x0)
at third-party/quickjs.c:3649
#2 0x00007ffffc55b77f in build_backtrace (ctx=ctx@entry=0xcaa9a0,
error_obj=..., filename=filename@entry=0x0, line_num=line_num@entry=0,
backtrace_flags=<optimized out>, backtrace_flags@entry=0) at
third-party/quickjs.c:6118
#3 0x00007ffffc55bb36 in JS_ThrowError2 (ctx=0xcaa9a0,
error_num=<optimized out>, fmt=<optimized out>, ap=<optimized out>,
add_backtrace=1) at third-party/quickjs.c:6161
#4 0x00007ffffc55d9fc in JS_ThrowInternalError (ctx=ctx@entry=0xcaa9a0,
fmt=fmt@entry=0x7ffffc5aa7de "out of memory") at
third-party/quickjs.c:6257
#5 0x00007ffffc55dab6 in JS_ThrowOutOfMemory (ctx=ctx@entry=0xcaa9a0) at
third-party/quickjs.c:6266
#6 0x00007ffffc55f460 in js_mallocz (ctx=ctx@entry=0xcaa9a0,
size=size@entry=520) at third-party/quickjs.c:1177
#7 0x00007ffffc56341b in js_new_function_def (ctx=ctx@entry=0xcaa9a0,
parent=parent@entry=0x0, is_eval=is_eval@entry=1,
is_func_expr=is_func_expr@entry=0, filename=filename@entry=0x7ffffc5aa256
"<input>", line_num=line_num@entry=1)
at third-party/quickjs.c:26963
#8 0x00007ffffc59497e in __JS_EvalInternal (ctx=0xcaa9a0, this_obj=...,
input=<optimized out>, input_len=<optimized out>, filename=0x7ffffc5aa256
"<input>", flags=0, scope_idx=-1) at third-party/quickjs.c:31735
Looks like a string is being allocated while handling the out of memory
error?
My test code is really simple:
(function() {
let arr = [];
for (let i = 0; i < 1000; ++i) {
arr.push(i);
}
})();
I just eval it, set the memory limit and then eval it again.
Petter
