> On Sep 11, 2008, at 10:57 AM, Josh Chia (���) wrote: > >> Is it possible for a "false positive" on the stack to prevent an >> object from being collected even after calling collect() multiple >> times? > > Sure. That's always theoretically possible with conservative garbage > collection. But in practice this is unlikely and it is almost > certainly not a practical problem. > > In my experience so far, when diagnosing a problem where an object was > not collected, it has always been due to another cause.
We have alread tried to find out whether it is possible to any JavaScript program to prevent freeing unused objects. It seems the non-pointer integer constants stored in the Register array are too small to accomplish this task which means it is not possible to make harmful JavaScript programs, which causes memory overflow only in WebKit based browsers. Cheers, Zoltan _______________________________________________ webkit-dev mailing list [email protected] http://lists.webkit.org/mailman/listinfo.cgi/webkit-dev
