This repository was archived by the owner on Apr 30, 2021. It is now read-only.
This repository was archived by the owner on Apr 30, 2021. It is now read-only.
Allocation failed - JavaScript heap out of memory (tokenize) #5
Open
Description
I encountered a core dump while fuzzing that traces back to jsfuzz's versifier.js:413
[6242:0x34faa20] 18540 ms: Mark-sweep 1291.7 (1426.7) -> 1291.7 (1427.2) MB, 15.0 / 0.0 ms (average mu = 0.244, current mu = 0.169) allocation failure GC in old space requested
[6242:0x34faa20] 18549 ms: Mark-sweep 1292.4 (1427.2) -> 1292.1 (1427.2) MB, 7.8 / 0.1 ms (average mu = 0.212, current mu = 0.153) allocation failure GC in old space requested
<--- JS stacktrace --->
==== JS stack trace =========================================
0: ExitFrame [pc: 0x16ebcc0dbe1d]
Security context: 0x147d4f69e6e9 <JSObject>
1: tokenize(aka tokenize) [0x14d370af2101] [/home/me/.nvm/versions/node/v10.16.3/lib/node_modules/jsfuzz/build/src/versifier.js:~413] [pc=0x16ebcc0ea74d](this=0x35c17a8826f1 <undefined>,data=0x1bc2ece351d1 <Uint8Array map = 0xc82d755b89>)
2: BuildVerse [0x14d370af1e01] [/home/me/.nvm/versions/node/v10.16.3/lib/node_modules/jsfuzz/build/src/...
It also generated a corpus file of ~144K, while the average corpus size was ~20 bytes
jsfuzz - 1.0.10
node - 10.16.3
Metadata
Metadata
Assignees
Labels
No labels