[v8-dev] Issue 1928 in v8: Large array OOM crash

codesite-noreply Fri, 03 Feb 2012 02:29:22 -0800

Status: Accepted
Owner: [email protected]
Labels: Type-Bug Priority-Medium


New issue 1928 by [email protected]: Large array OOM crash
http://code.google.com/p/v8/issues/detail?id=1928

<script>
  var oCanvas = document.createElement("CANVAS");/*js_om2*/
  var oContext2d=oCanvas.getContext("2d");/*js_om2*/
  oContext2d.getImageData(0, 0, 1, 0x8000000);
  oContext2d.getImageData(0, 0, 1, 0x8000000);
  oContext2d.getImageData(0, 0, 1, 0x8000000);
</script>

I would expect V8 to be able to handle OOM more gracefully and throw anexception.

Also, since the first two objects are not referenced in a variable, shouldgarbage collection not be able to free them and prevent OOM?


--
v8-dev mailing list
[email protected]
http://groups.google.com/group/v8-dev

[v8-dev] Issue 1928 in v8: Large array OOM crash

Reply via email to