[Webkit-unassigned] [Bug 254331] Aborted at Source/JavaScriptCore/runtime/ArrayBuffer.cpp(113)
bugzilla-daemon at webkit.org
bugzilla-daemon at webkit.org
Thu Mar 23 15:00:10 PDT 2023
https://bugs.webkit.org/show_bug.cgi?id=254331
Alexey Proskuryakov <ap at webkit.org> changed:
What |Removed |Added
----------------------------------------------------------------------------
CC| |mark.lam at apple.com,
| |msaboff at apple.com
--- Comment #1 from Alexey Proskuryakov <ap at webkit.org> ---
On macOS Apple Silicon, I get an exception and no crash.
>>> const v2 = new Int16Array(59925);
undefined
>>> function f3(a4, a5, a6, a7) {
... const o10 = {
... "maxByteLength": 786701,
... };
... const v12 = new ArrayBuffer(32, o10);
... return a6;
... }
undefined
>>> v2.forEach(f3);
Exception: RangeError: Out of memory
>>>
--
You are receiving this mail because:
You are the assignee for the bug.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.webkit.org/pipermail/webkit-unassigned/attachments/20230323/eb6de9a0/attachment.htm>
More information about the webkit-unassigned
mailing list