Bug 17047 - Out of Memory Error with .split("") due to large number of live objects
Summary: Out of Memory Error with .split("") due to large number of live objects
Status: RESOLVED FIXED
Alias: None
Product: WebKit
Classification: Unclassified
Component: JavaScriptCore (show other bugs)
Version: 528+ (Nightly build)
Hardware: Mac OS X 10.5
: P2 Normal
Assignee: Nobody
URL: http://ejohn.org/files/bugs/split/
Keywords: HasReduction, InRadar
Depends on:
Blocks:
 
Reported: 2008-01-28 12:31 PST by John Resig
Modified: 2008-12-29 21:58 PST (History)
3 users (show)

See Also:

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description John Resig 2008-01-28 12:31:15 PST 
I've been hitting some weird Out of Memory errors in the latest nightly builds of WebKit, see the attached URL for an example. It only occurs with .split("") and a mix of closures and intervals. Full script below:

var str = "", ret, fn = [];

for ( var i = 0; i < 16384; i++ )
  str += "a";

for ( var i = 16384; i <= 131072; i *= 2 ) (function(i){
  fn.push(function(){
    ret = str.split("");
  });

  str += str;
})();

window.onload = function(){
        setInterval(function(){
                if ( fn.length )
                        fn.shift()();
        }, 13);
};
Comment 1 Mark Rowe (bdash) 2008-01-28 12:35:55 PST 
After loading <http://ejohn.org/files/bugs/split/> the Caches window shows around 800,000 live objects, which is enough to trigger the "Out of Memory" error.  Forcing a collection manually drops this down to around 270,000.  Closing the tab drops back to around 8,000, which shows nothing is actually being leaked.
Comment 2 Mark Rowe (bdash) 2008-01-28 12:38:07 PST 
<rdar://problem/5710766>
Comment 3 David Kilzer (:ddkilzer) 2008-02-23 13:27:24 PST 
Fixed by r30492?

http://trac.webkit.org/projects/webkit/changeset/30492