144391 – Allow large arguments arrays by falling back to passing some or all arguments on the heap

Bug 144391 - Allow large arguments arrays by falling back to passing some or all arguments on the heap

Summary: Allow large arguments arrays by falling back to passing some or all arguments...

Status:	NEW

Alias:	None

Product:	WebKit
Classification:	Unclassified
Component:	JavaScriptCore (show other bugs)
Version:	528+ (Nightly build)
Hardware:	All All

Importance:	P2 Normal
Assignee:	Nobody

URL:
Keywords:

Depends on:
Blocks:

Reported:	2015-04-29 09:11 PDT by Filip Pizlo
Modified:	2015-04-29 09:11 PDT (History)
CC List:	0 users

See Also:

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description Filip Pizlo 2015-04-29 09:11:47 PDT

Consider code like:

Math.max.apply(Math, new Array(100000))

If the array size is large enough, this will fail.  Maybe it would be cool if it didn't.  We could make this work by having large arguments arrays passed in the heap - for example as an arguments object allocated by the caller - instead of on the stack.

We'd probably have to only pass overflow arguments in this manner, for example arguments beyond some stack argument limit, in order to have a consistent calling convention. We'd also have to make sure that ExecState's methods for looping over arguments are appropriately clued in - so that they aren't too slow for the common case of few arguments, while allowing existing variadic native functions to work for large arguments lists.