[Webkit-unassigned] [Bug 144609] GC has trouble with pathologically large array allocations
bugzilla-daemon at webkit.org
bugzilla-daemon at webkit.org
Mon May 4 17:10:13 PDT 2015
https://bugs.webkit.org/show_bug.cgi?id=144609
--- Comment #1 from Filip Pizlo <fpizlo at apple.com> ---
Consider the following test, if you tweak the size so that we actually allocate the memory. It causes linear heap growth.
function foo(x) {
return new Array(x);
}
noInline(foo);
function test(size) {
var result = foo(size);
if (result.length != size)
throw "Error: bad result: " + result;
var sawThings = false;
for (var s in result)
sawThings = true;
if (sawThings)
throw "Error: array is in bad state: " + result;
result[0] = "42.5";
if (result[0] != "42.5")
throw "Error: array is in wierd state: " + result;
}
for (var i = 0; i < 100000; ++i) {
test(1000000);
}
--
You are receiving this mail because:
You are the assignee for the bug.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.webkit.org/pipermail/webkit-unassigned/attachments/20150505/411b5410/attachment.html>
More information about the webkit-unassigned
mailing list