[View] [Edit] [Lock] [References] [Attachments] [History] [Home] [Changes] [Search] [Help]
[coco8] Issue report: Evaluating simple expression
Summary: Execution of a JavaScript expression (produces a large amount of garbage), can result in an EXC_BAD_ACCESS.
Expected Results: The expression should evaluate an arbitrary number of times without issue.
Actual Results: Memory appears to be corrupted causing EXC_BAD_ACCESS.
Steps to reproduce:
- Download the bug8 Xcode project (compressed file)
- Open Bug/Bug.xcodeproj with Xcode 8.
- Run the application on an iPhone 6s.
- The expression in Bug/default.app.js is evaluated during application startup. This will cause the application to crash.
Notes:
- The executed expression activates a Smalltalk to Javascript translator. The translated Smalltalk code is then evaluated within the JavaScripCore environment.
- If a GC is forced (via the JSSynchronousGarbageCollectForDebugging function) the issue appears to subside. This can be tested by uncommenting the ‘print("gcNow “+gcNow.ms()+”ms");' line in mini8/default.app.js. This causes a full synchronous garbage collection to occur after each execution of the expression.
Configuration: Xcode 8.0 beta (8S128d), iPhone 6s iOS 9.3.2 (13F69)