1b06c23b14
The name dictionary allocated to store named captures on the regexp result object could be too large for regular heap spaces and ConstructNewResultFromMatchInfo must thus also handle the large object case. Bug: chromium:980891 Change-Id: Ia1dbecd0a9d9d6b39f80e77680386c385d95c97c Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1691907 Reviewed-by: Tobias Tebbi <tebbi@chromium.org> Commit-Queue: Tobias Tebbi <tebbi@chromium.org> Auto-Submit: Jakob Gruber <jgruber@chromium.org> Cr-Commit-Position: refs/heads/master@{#62591}
16 lines
448 B
JavaScript
16 lines
448 B
JavaScript
// Copyright 2019 the V8 project authors. All rights reserved.
|
|
// Use of this source code is governed by a BSD-style license that can be
|
|
// found in the LICENSE file.
|
|
|
|
let str = "";
|
|
|
|
// Many named captures force the resulting named capture backing store into
|
|
// large object space.
|
|
for (var i = 0; i < 0x2000; i++) str += "(?<a"+i+">)|";
|
|
str += "(?<b>)";
|
|
|
|
const regexp = new RegExp(str);
|
|
const result = "xxx".match(regexp);
|
|
|
|
assertNotNull(result);
|