[View]  [Edit]  [Lock]  [References]  [Attachments]  [History]  [Home]  [Changes]  [Search]  [Help] 

[coco8] CRASH - evaluating simple expression

Our application crash after evaluating a simple expression in loop.

After loading the image we load a small javascript file with an expression to evaluate 100 times the expression

The evaluation of the expression enter our (smalltalk to javascript) Compiler to execute the small expression. The compilation and evaluation do NOT use native objects (it creates a lot of normal javascript objects).

After 7 steps of iteration the system crash with memory full (iPhone6s); and we have seen that JSC do NOT garbage collect and crash when trying to collect garbage.
If we force a garbage collection after each iteration the script goes to end without problems (garbage is collected and do NOT goes to crash).

The dump of the crash report is attached here mini8 5-7-16 7-51 a.m.crash
A snapshot of the sources of the project that generated the crash (can be downloaded from this link).

Steps to reproduce

It is also strange the time taken to compile this simple expression.
The seven steps evaluated before crash takes too long
2016-07-05 08:19:40.492 mini8[806:48611] //loading default.app.js
2016-07-05 08:19:42.385 mini8[806:48611] #1 1890ms
2016-07-05 08:19:43.857 mini8[806:48611] #2 1471ms
2016-07-05 08:19:45.314 mini8[806:48611] #3 1456ms
2016-07-05 08:19:46.909 mini8[806:48611] #4 1593ms
2016-07-05 08:19:49.112 mini8[806:48611] #5 2203ms
2016-07-05 08:19:50.956 mini8[806:48611] #6 1842ms
2016-07-05 08:19:53.102 mini8[806:48611] #7 2146ms

The same evaluation using V8 VM (in the same device) takes between 150 and 160ms each step. We run the comparative test using jx8-ios (can be downloaded following this link).

We also want to mention that this bug appeared in mid 2015 (june?, before Oct 2015). We observed a few crashes per month at that time (in different places of the system), but it has been more and more frequent in later versions of JSC.