[quickjs-devel] Re: Segfault in 2019-12-21 when setting a memory limit

• From: Petter Strandmark <petter.strandmark@xxxxxxxxx>
• To: quickjs-devel@xxxxxxxxxxxxx
• Date: Fri, 10 Jan 2020 08:38:18 +0100

This is now fixed in the latest release. Thanks!

On Thu, Jan 2, 2020, 01:00 Petter Strandmark <petter.strandmark@xxxxxxxxx>
wrote:

Also, if the following check is added in the beginning ot JS_ThrowError2:

    if (ctx->in_out_of_memory) {
        return JS_Throw(ctx, JS_NULL);
    }

everything seems to work (have not run comprehensive tests).

Cheers,
Petter

On Thu, Jan 2, 2020 at 12:44 AM Petter Strandmark <
petter.strandmark@xxxxxxxxx> wrote:

If i just add a return statement before doing anything in
build_backtrace, setting the memory limit works.
It raises a null exception when running out of memory, just like before.

On Wed, Dec 25, 2019 at 5:30 PM Petter Strandmark <
petter.strandmark@xxxxxxxxx> wrote:

Hi all,

Version 2019-12-21 has introduced a segfault for me when a memory limit
is exceeded.

#0  __strlen_avx2 () at ../sysdeps/x86_64/multiarch/strlen-avx2.S:62
#1  0x00007ffffc563744 in JS_NewString (ctx=ctx@entry=0xcaa9a0,
str=0x0) at third-party/quickjs.c:3649
#2  0x00007ffffc55b77f in build_backtrace (ctx=ctx@entry=0xcaa9a0,
error_obj=..., filename=filename@entry=0x0, line_num=line_num@entry=0,
backtrace_flags=<optimized out>, backtrace_flags@entry=0) at
third-party/quickjs.c:6118
#3  0x00007ffffc55bb36 in JS_ThrowError2 (ctx=0xcaa9a0,
error_num=<optimized out>, fmt=<optimized out>, ap=<optimized out>,
add_backtrace=1) at third-party/quickjs.c:6161
#4  0x00007ffffc55d9fc in JS_ThrowInternalError (ctx=ctx@entry=0xcaa9a0,
fmt=fmt@entry=0x7ffffc5aa7de "out of memory") at
third-party/quickjs.c:6257
#5  0x00007ffffc55dab6 in JS_ThrowOutOfMemory (ctx=ctx@entry=0xcaa9a0)
at third-party/quickjs.c:6266
#6  0x00007ffffc55f460 in js_mallocz (ctx=ctx@entry=0xcaa9a0,
size=size@entry=520) at third-party/quickjs.c:1177
#7  0x00007ffffc56341b in js_new_function_def (ctx=ctx@entry=0xcaa9a0,
parent=parent@entry=0x0, is_eval=is_eval@entry=1,
is_func_expr=is_func_expr@entry=0, filename=filename@entry=0x7ffffc5aa256
"<input>", line_num=line_num@entry=1)
    at third-party/quickjs.c:26963
#8  0x00007ffffc59497e in __JS_EvalInternal (ctx=0xcaa9a0, this_obj=...,
input=<optimized out>, input_len=<optimized out>, filename=0x7ffffc5aa256
"<input>", flags=0, scope_idx=-1) at third-party/quickjs.c:31735

Looks like a string is being allocated while handling the out of memory
error?

My test code is really simple:

(function() {
    let arr = [];
    for (let i = 0; i < 1000; ++i) {
        arr.push(i);
    }
})();

I just eval it, set the memory limit and then eval it again.

Petter

• References:
  • [quickjs-devel] Re: Segfault in 2019-12-21 when setting a memory limit
    • From: Petter Strandmark
  • [quickjs-devel] Re: Segfault in 2019-12-21 when setting a memory limit
    • From: Petter Strandmark

Other related posts:

• » [quickjs-devel] Segfault in 2019-12-21 when setting a memory limit- Petter Strandmark
• » [quickjs-devel] Re: Segfault in 2019-12-21 when setting a memory limit- Petter Strandmark
• » [quickjs-devel] Re: Segfault in 2019-12-21 when setting a memory limit- Petter Strandmark
• » [quickjs-devel] Re: Segfault in 2019-12-21 when setting a memory limit - Petter Strandmark

1. Home
2. quickjs-devel
3. Archive
4. 01-2020

---

• » Previous by Date
• » Next by Date
• » Related Posts
• » View list details
• » Manage your subscription

---