Bug 8995 - memory leak in XPath code -- seen in layout tests
Summary: memory leak in XPath code -- seen in layout tests
Status: RESOLVED FIXED
Alias: None
Product: WebKit
Classification: Unclassified
Component: DOM (show other bugs)
Version: 420+
Hardware: Mac OS X 10.4
: P1 Normal
Assignee: Darin Adler
URL:
Keywords:
Depends on:
Blocks:
 
Reported: 2006-05-19 08:51 PDT by Darin Adler
Modified: 2019-02-06 09:02 PST (History)
2 users (show)

See Also:

Attachments
patch (114.10 KB, patch)
2006-06-03 18:46 PDT, Darin Adler 		no flags Details | Formatted Diff | Diff
updated patch (merged with Anders's XPath change) (124.79 KB, patch)
2006-06-04 11:11 PDT, Darin Adler 		andersca: review+
Details | Formatted Diff | Diff
Show Obsolete (1) View All Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description Darin Adler 2006-05-19 08:51:06 PDT 
We're seeing leaks in the XPath parsing code:

Leak: 0x18667850  size=32	
	0x00000001 0x00000006 0x18667b30 0x00000000 	.........f{0....
	0x00000000 0x00000000 0xffffffff 0x00000000 	................
	Call stack: [thread 39a7]: | 0x0 | start | _start | main | dumpRenderTree | -[NSRunLoop runMode:beforeDate:] | CFRunLoopRunSpecific | __CFRunLoopRun | __CFRunLoopDoSources0 | _sendCallbacks | -[NSURLConnection(NSURLConnectionInternal) _sendCallbacks] | -[NSURLConnection(NSURLConnectionInternal) _sendDidFinishLoadingCallback] | -[WebLoader connectionDidFinishLoading:] | -[WebSubresourceLoader didFinishLoading] | -[KWQResourceLoader finishWithData:] | -[KWQResourceLoader finishJobAndHandle:] | WebCore::Loader::receivedAllData(WebCore::TransferJob*, NSData*) | WebCore::CachedScript::data(WebCore::DeprecatedArray<char>&, bool) | WebCore::CachedScript::checkNotify() | WebCore::XMLTokenizer::notifyFinished(WebCore::CachedObject*) | WebCore::XMLTokenizer::executeScripts() | WebCore::CachedScript::ref(WebCore::CachedObjectClient*) | WebCore::XMLTokenizer::notifyFinished(WebCore::CachedObject*) | WebCore::Frame::executeScript(WebCore::Node*, DeprecatedString const&, bool) | WebCore::KJSProxy::evaluate(WebCore::String const&, int, WebCore::String const&, WebCore::Node*) | KJS::Interpreter::evaluate(KJS::UString const&, int, KJS::UChar const*, int, KJS::JSValue*) | KJS::InterpreterImp::evaluate(KJS::UChar const*, int, KJS::JSValue*, KJS::UString const&, int) | KJS::BlockNode::execute(KJS::ExecState*) | KJS::SourceElementsNode::execute(KJS::ExecState*) | KJS::TryNode::execute(KJS::ExecState*) | KJS::BlockNode::execute(KJS::ExecState*) | KJS::SourceElementsNode::execute(KJS::ExecState*) | KJS::ExprStatementNode::execute(KJS::ExecState*) | KJS::FunctionCallResolveNode::evaluate(KJS::ExecState*) | KJS::JSObject::call(KJS::ExecState*, KJS::JSObject*, KJS::List const&) | KJS::FunctionImp::callAsFunction(KJS::ExecState*, KJS::JSObject*, KJS::List const&) | KJS::DeclaredFunctionImp::execute(KJS::ExecState*) | KJS::BlockNode::execute(KJS::ExecState*) | KJS::SourceElementsNode::execute(KJS::ExecState*) | KJS::ExprStatementNode::execute(KJS::ExecState*) | KJS::FunctionCallResolveNode::evaluate(KJS::ExecState*) | KJS::JSObject::call(KJS::ExecState*, KJS::JSObject*, KJS::List const&) | KJS::FunctionImp::callAsFunction(KJS::ExecState*, KJS::JSObject*, KJS::List const&) | KJS::DeclaredFunctionImp::execute(KJS::ExecState*) | KJS::BlockNode::execute(KJS::ExecState*) | KJS::SourceElementsNode::execute(KJS::ExecState*) | KJS::ForNode::execute(KJS::ExecState*) | KJS::BlockNode::execute(KJS::ExecState*) | KJS::SourceElementsNode::execute(KJS::ExecState*) | KJS::ExprStatementNode::execute(KJS::ExecState*) | KJS::AssignResolveNode::evaluate(KJS::ExecState*) | KJS::FunctionCallDotNode::evaluate(KJS::ExecState*) | KJS::JSObject::call(KJS::ExecState*, KJS::JSObject*, KJS::List const&) | WebCore::JSDocumentProtoFunc::callAsFunction(KJS::ExecState*, KJS::JSObject*, KJS::List const&) | WebCore::Document::createExpression(WebCore::String const&, WebCore::XPathNSResolver*, int&) | WebCore::XPathEvaluator::createExpression(WebCore::String const&, WebCore::XPathNSResolver*, int&) | WebCore::XPathExpression::createExpression(WebCore::String const&, WebCore::XPathNSResolver*, int&) | WebCore::XPath::Parser::parseStatement(WebCore::String const&, int&) | xpathyyparse(void*) | xpathyylex(YYSTYPE*) | WebCore::XPath::Parser::lex(void*) | WebCore::XPath::Parser::nextToken() | WebCore::XPath::Parser::nextTokenInternal() | WebCore::XPath::Parser::lexString() | WebCore::String::String[in-charge](DeprecatedString const&) | operator new(unsigned long) | WTF::fastMalloc(unsigned long) 
Leak: 0x18667810  size=32	
	0x015bbe98 0x00000000 0x00000000 0x00000000 	.[..............
	0x00000000 0x18667850 0x00000000 0x00000000 	.....fxP........
	Call stack: [thread 8bbb]: | 0x0 | start | _start | main | dumpRenderTree | -[NSRunLoop runMode:beforeDate:] | CFRunLoopRunSpecific | __CFRunLoopRun | __CFRunLoopDoSources0 | _sendCallbacks | -[NSURLConnection(NSURLConnectionInternal) _sendCallbacks] | -[NSURLConnection(NSURLConnectionInternal) _sendDidFinishLoadingCallback] | -[WebLoader connectionDidFinishLoading:] | -[WebSubresourceLoader didFinishLoading] | -[KWQResourceLoader finishWithData:] | -[KWQResourceLoader finishJobAndHandle:] | WebCore::Loader::receivedAllData(WebCore::TransferJob*, NSData*) | WebCore::CachedScript::data(WebCore::DeprecatedArray<char>&, bool) | WebCore::CachedScript::checkNotify() | WebCore::XMLTokenizer::notifyFinished(WebCore::CachedObject*) | WebCore::XMLTokenizer::executeScripts() | WebCore::CachedScript::ref(WebCore::CachedObjectClient*) | WebCore::XMLTokenizer::notifyFinished(WebCore::CachedObject*) | WebCore::Frame::executeScript(WebCore::Node*, DeprecatedString const&, bool) | WebCore::KJSProxy::evaluate(WebCore::String const&, int, WebCore::String const&, WebCore::Node*) | KJS::Interpreter::evaluate(KJS::UString const&, int, KJS::UChar const*, int, KJS::JSValue*) | KJS::InterpreterImp::evaluate(KJS::UChar const*, int, KJS::JSValue*, KJS::UString const&, int) | KJS::BlockNode::execute(KJS::ExecState*) | KJS::SourceElementsNode::execute(KJS::ExecState*) | KJS::TryNode::execute(KJS::ExecState*) | KJS::BlockNode::execute(KJS::ExecState*) | KJS::SourceElementsNode::execute(KJS::ExecState*) | KJS::ExprStatementNode::execute(KJS::ExecState*) | KJS::FunctionCallResolveNode::evaluate(KJS::ExecState*) | KJS::JSObject::call(KJS::ExecState*, KJS::JSObject*, KJS::List const&) | KJS::FunctionImp::callAsFunction(KJS::ExecState*, KJS::JSObject*, KJS::List const&) | KJS::DeclaredFunctionImp::execute(KJS::ExecState*) | KJS::BlockNode::execute(KJS::ExecState*) | KJS::SourceElementsNode::execute(KJS::ExecState*) | KJS::ExprStatementNode::execute(KJS::ExecState*) | KJS::FunctionCallResolveNode::evaluate(KJS::ExecState*) | KJS::JSObject::call(KJS::ExecState*, KJS::JSObject*, KJS::List const&) | KJS::FunctionImp::callAsFunction(KJS::ExecState*, KJS::JSObject*, KJS::List const&) | KJS::DeclaredFunctionImp::execute(KJS::ExecState*) | KJS::BlockNode::execute(KJS::ExecState*) | KJS::SourceElementsNode::execute(KJS::ExecState*) | KJS::ForNode::execute(KJS::ExecState*) | KJS::BlockNode::execute(KJS::ExecState*) | KJS::SourceElementsNode::execute(KJS::ExecState*) | KJS::ExprStatementNode::execute(KJS::ExecState*) | KJS::AssignResolveNode::evaluate(KJS::ExecState*) | KJS::FunctionCallDotNode::evaluate(KJS::ExecState*) | KJS::JSObject::call(KJS::ExecState*, KJS::JSObject*, KJS::List const&) | WebCore::JSDocumentProtoFunc::callAsFunction(KJS::ExecState*, KJS::JSObject*, KJS::List const&) | WebCore::Document::createExpression(WebCore::String const&, WebCore::XPathNSResolver*, int&) | WebCore::XPathEvaluator::createExpression(WebCore::String const&, WebCore::XPathNSResolver*, int&) | WebCore::XPathExpression::createExpression(WebCore::String const&, WebCore::XPathNSResolver*, int&) | WebCore::XPath::Parser::parseStatement(WebCore::String const&, int&) | xpathyyparse(void*) | operator new(unsigned long) | WTF::fastMalloc(unsigned long) 
Leak: 0x18667b30  size=16	
	0x00430041 0x004e0041 0x00440041 0x00010001 	.C.A.N.A.D.A....
	Call stack: [thread bfffe97b]: | 0x0 | start | _start | main | dumpRenderTree | -[NSRunLoop runMode:beforeDate:] | CFRunLoopRunSpecific | __CFRunLoopRun | __CFRunLoopDoSources0 | _sendCallbacks | -[NSURLConnection(NSURLConnectionInternal) _sendCallbacks] | -[NSURLConnection(NSURLConnectionInternal) _sendDidFinishLoadingCallback] | -[WebLoader connectionDidFinishLoading:] | -[WebSubresourceLoader didFinishLoading] | -[KWQResourceLoader finishWithData:] | -[KWQResourceLoader finishJobAndHandle:] | WebCore::Loader::receivedAllData(WebCore::TransferJob*, NSData*) | WebCore::CachedScript::data(WebCore::DeprecatedArray<char>&, bool) | WebCore::CachedScript::checkNotify() | WebCore::XMLTokenizer::notifyFinished(WebCore::CachedObject*) | WebCore::XMLTokenizer::executeScripts() | WebCore::CachedScript::ref(WebCore::CachedObjectClient*) | WebCore::XMLTokenizer::notifyFinished(WebCore::CachedObject*) | WebCore::Frame::executeScript(WebCore::Node*, DeprecatedString const&, bool) | WebCore::KJSProxy::evaluate(WebCore::String const&, int, WebCore::String const&, WebCore::Node*) | KJS::Interpreter::evaluate(KJS::UString const&, int, KJS::UChar const*, int, KJS::JSValue*) | KJS::InterpreterImp::evaluate(KJS::UChar const*, int, KJS::JSValue*, KJS::UString const&, int) | KJS::BlockNode::execute(KJS::ExecState*) | KJS::SourceElementsNode::execute(KJS::ExecState*) | KJS::TryNode::execute(KJS::ExecState*) | KJS::BlockNode::execute(KJS::ExecState*) | KJS::SourceElementsNode::execute(KJS::ExecState*) | KJS::ExprStatementNode::execute(KJS::ExecState*) | KJS::FunctionCallResolveNode::evaluate(KJS::ExecState*) | KJS::JSObject::call(KJS::ExecState*, KJS::JSObject*, KJS::List const&) | KJS::FunctionImp::callAsFunction(KJS::ExecState*, KJS::JSObject*, KJS::List const&) | KJS::DeclaredFunctionImp::execute(KJS::ExecState*) | KJS::BlockNode::execute(KJS::ExecState*) | KJS::SourceElementsNode::execute(KJS::ExecState*) | KJS::ExprStatementNode::execute(KJS::ExecState*) | KJS::FunctionCallResolveNode::evaluate(KJS::ExecState*) | KJS::JSObject::call(KJS::ExecState*, KJS::JSObject*, KJS::List const&) | KJS::FunctionImp::callAsFunction(KJS::ExecState*, KJS::JSObject*, KJS::List const&) | KJS::DeclaredFunctionImp::execute(KJS::ExecState*) | KJS::BlockNode::execute(KJS::ExecState*) | KJS::SourceElementsNode::execute(KJS::ExecState*) | KJS::ForNode::execute(KJS::ExecState*) | KJS::BlockNode::execute(KJS::ExecState*) | KJS::SourceElementsNode::execute(KJS::ExecState*) | KJS::ExprStatementNode::execute(KJS::ExecState*) | KJS::AssignResolveNode::evaluate(KJS::ExecState*) | KJS::FunctionCallDotNode::evaluate(KJS::ExecState*) | KJS::JSObject::call(KJS::ExecState*, KJS::JSObject*, KJS::List const&) | WebCore::JSDocumentProtoFunc::callAsFunction(KJS::ExecState*, KJS::JSObject*, KJS::List const&) | WebCore::Document::createExpression(WebCore::String const&, WebCore::XPathNSResolver*, int&) | WebCore::XPathEvaluator::createExpression(WebCore::String const&, WebCore::XPathNSResolver*, int&) | WebCore::XPathExpression::createExpression(WebCore::String const&, WebCore::XPathNSResolver*, int&) | WebCore::XPath::Parser::parseStatement(WebCore::String const&, int&) | xpathyyparse(void*) | xpathyylex(YYSTYPE*) | WebCore::XPath::Parser::lex(void*) | WebCore::XPath::Parser::nextToken() | WebCore::XPath::Parser::nextTokenInternal() | WebCore::XPath::Parser::lexString() | WebCore::String::String[in-charge](DeprecatedString const&) | WebCore::StringImpl::StringImpl[in-charge](unsigned short const*, unsigned) | WebCore::StringImpl::init(unsigned short const*, unsigned) | WebCore::newUCharVector(unsigned) | WTF::fastMalloc(unsigned long)
Comment 1 Darin Adler 2006-06-03 17:38:35 PDT 
I figured out the problem, and I have a patch to fix it along with some other XPath code cleanup and improvements.
Comment 2 Darin Adler 2006-06-03 18:46:09 PDT 
Created attachment 8685 [details]
patch
Comment 3 Anders Carlsson 2006-06-04 01:22:52 PDT 
Comment on attachment 8685 [details]
patch

Looks great! r=me
Comment 4 Darin Adler 2006-06-04 11:11:13 PDT 
Created attachment 8693 [details]
updated patch (merged with Anders's XPath change)
Comment 5 Anders Carlsson 2006-06-04 11:13:14 PDT 
Comment on attachment 8693 [details]
updated patch (merged with Anders's XPath change)

r=me
Comment 6 Darin Adler 2006-06-04 15:58:54 PDT 
Committed revision 14729.
Comment 7 Lucas Forschler 2019-02-06 09:02:37 PST 
Mass moving XML DOM bugs to the "DOM" Component.