(In reply to dytynenko.roman from comment #28)
> ulimit -a returned virtual memory unlimited, but I figured out that this
> error was triggered because I explicitly disabled overcommit by
> vm.overcommit_memory = 2
> setting it to 1 fixed the issue
Oh boy...
(In reply to Filip Pizlo from comment #29)
> Comment on attachment 335768 [details]
> Patch
>
> You might want to set GIGACAEG_ALLOCATION_CAN_FAIL to true on Linux until
> that's fixed.
I'm not sure what we should do here. We definitely don't need to change anything for Deja Dup; it's easier to fix Deja Dup than to update WebKit, anyway. Disabling overcommit is worth considering, though, and the connection between overcommit and browser security is not obvious.
* If we leave things unchanged, WebKit will crash with overcommit disabled.
* If we set GIGACAGE_ALLOCATION_CAN_FAIL, WebKit will not crash, but an important security feature will be lost, and users will not notice.
My inclination is to say Gigacage is sufficiently important that WebKit should crash if overcommit is disabled. Perhaps that's not very kind, though. Thoughts?
(In reply to dytynenko.roman from comment #28) memory = 2
> ulimit -a returned virtual memory unlimited, but I figured out that this
> error was triggered because I explicitly disabled overcommit by
> vm.overcommit_
> setting it to 1 fixed the issue
Oh boy...
(In reply to Filip Pizlo from comment #29) ALLOCATION_ CAN_FAIL to true on Linux until
> Comment on attachment 335768 [details]
> Patch
>
> You might want to set GIGACAEG_
> that's fixed.
I'm not sure what we should do here. We definitely don't need to change anything for Deja Dup; it's easier to fix Deja Dup than to update WebKit, anyway. Disabling overcommit is worth considering, though, and the connection between overcommit and browser security is not obvious.
* If we leave things unchanged, WebKit will crash with overcommit disabled. ALLOCATION_ CAN_FAIL, WebKit will not crash, but an important security feature will be lost, and users will not notice.
* If we set GIGACAGE_
My inclination is to say Gigacage is sufficiently important that WebKit should crash if overcommit is disabled. Perhaps that's not very kind, though. Thoughts?