59699 2011-04-28 06:56:10 -0700 Global object is recreated on teardown, for no good reason 2011-05-17 11:12:38 -0700 1 1 1 Unclassified WebKit JavaScriptCore 528+ (Nightly build) PC OS X 10.5 RESOLVED FIXED P2 Normal --- 1 staikos ggaren abarth ademar dave+webkit dimich ggaren mjs oliver oldest_to_newest 394407 0 staikos 2011-04-28 06:56:10 -0700 #4 0x00075618 in JSC::Structure::addPropertyTransition(JSC::Structure*, JSC::Identifier const&, unsigned int, JSC::JSCell*, unsigned int&) () #5 0x008467c6 in JSC::JSObject::putDirectInternal(JSC::Identifier const&, JSC::JSValue, unsigned int, bool, JSC::PutPropertySlot&, JSC::JSCell*) () #6 0x0005284c in JSC::InternalFunction::InternalFunction(JSC::JSGlobalData*, JSC::JSGlobalObject*, WTF::NonNullPassRefPtr<JSC::Structure>, JSC::Identifier const&) () #7 0x0006f158 in JSC::StringConstructor::StringConstructor(JSC::ExecState*, JSC::JSGlobalObject*, WTF::NonNullPassRefPtr<JSC::Structure>, JSC::Structure*, JSC::StringPrototype*) () #8 0x00059df6 in JSC::JSGlobalObject::reset(JSC::JSValue) () #9 0x0005b2b4 in JSC::JSGlobalObject::init(JSC::JSObject*) () #10 0x002458c0 in WebCore::JSDOMGlobalObject::JSDOMGlobalObject(WTF::NonNullPassRefPtr<JSC::Structure>, WebCore::JSDOMGlobalObject::JSDOMGlobalObjectData*, JSC::JSObject*) () #11 0x00246290 in WebCore::JSDOMWindowBase::JSDOMWindowBase(WTF::NonNullPassRefPtr<JSC::Structure>, WTF::PassRefPtr<WebCore::DOMWindow>, WebCore::JSDOMWindowShell*) () #12 0x0019e062 in WebCore::JSDOMWindow::JSDOMWindow(WTF::NonNullPassRefPtr<JSC::Structure>, WTF::PassRefPtr<WebCore::DOMWindow>, WebCore::JSDOMWindowShell*) () #13 0x0024a054 in WebCore::JSDOMWindowShell::setWindow(WTF::PassRefPtr<WebCore::DOMWindow>) () #14 0x0025cb3c in WebCore::ScriptController::clearWindowShell(bool) () #15 0x003aa490 in WebCore::Frame::~Frame() () You can see from this trace that frame teardown is creating a new global object for no good reason that I can determine. We immediately get rid of it all anyway. 394408 1 91486 staikos 2011-04-28 06:57:43 -0700 Created attachment 91486 Possible fix Does this cause a possible leak? I'm not sure yet. 394603 2 ggaren 2011-04-28 11:37:23 -0700 > You can see from this trace that frame teardown is creating a new global object for no good reason that I can determine. We immediately get rid of it all anyway. Yeah, this is a pretty big travesty. 394607 3 91486 ggaren 2011-04-28 11:39:10 -0700 Comment on attachment 91486 Possible fix I think this patch would crash, because setWindow(JSGlobalData&, JSDOMWindow*) assumes the window is not NULL. It might work to change setWindow(JSGlobalData&, JSDOMWindow*) to use jsNull() as the window shell's prototype if the JSDOMWindow* is NULL, or you could just change setWindow(JSGlobalData&, JSDOMWindow*) to take an explicit prototype argument. 404277 4 93605 ggaren 2011-05-15 22:04:54 -0700 Created attachment 93605 Patch 404281 5 ggaren 2011-05-15 22:10:08 -0700 Committed r86523: <http://trac.webkit.org/changeset/86523> 404417 6 staikos 2011-05-16 04:51:41 -0700 Thanks! Just got back from vacation/travel to see this :) 405184 7 ademar 2011-05-17 11:12:38 -0700 Revision r86523 cherry-picked into qtwebkit-2.2 with commit 97cb464 <http://gitorious.org/webkit/qtwebkit/commit/97cb464> 91486 2011-04-28 06:57:43 -0700 2011-05-15 22:04:46 -0700 Possible fix dont-create-useless-global-object.patch text/plain 1319 staikos SW5kZXg6IFNvdXJjZS9XZWJDb3JlL2JpbmRpbmdzL2pzL0pTRE9NV2luZG93U2hlbGwuY3BwCj09 PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09 PT09PT09PT0KLS0tIFNvdXJjZS9XZWJDb3JlL2JpbmRpbmdzL2pzL0pTRE9NV2luZG93U2hlbGwu Y3BwCShyZXZpc2lvbiA4NDgzMykKKysrIFNvdXJjZS9XZWJDb3JlL2JpbmRpbmdzL2pzL0pTRE9N V2luZG93U2hlbGwuY3BwCSh3b3JraW5nIGNvcHkpCkBAIC02NCw5ICs2NCwxMiBAQCB2b2lkIEpT RE9NV2luZG93U2hlbGw6OnNldFdpbmRvdyhQYXNzUmVmCiAgICAgU3Ryb25nPEpTRE9NV2luZG93 UHJvdG90eXBlPiBwcm90b3R5cGUoKkpTRE9NV2luZG93Ojpjb21tb25KU0dsb2JhbERhdGEoKSwg bmV3IEpTRE9NV2luZG93UHJvdG90eXBlKCpKU0RPTVdpbmRvdzo6Y29tbW9uSlNHbG9iYWxEYXRh KCksIDAsIHByb3RvdHlwZVN0cnVjdHVyZSkpOwogCiAgICAgU3RydWN0dXJlKiBzdHJ1Y3R1cmUg PSBKU0RPTVdpbmRvdzo6Y3JlYXRlU3RydWN0dXJlKCpKU0RPTVdpbmRvdzo6Y29tbW9uSlNHbG9i YWxEYXRhKCksIHByb3RvdHlwZS5nZXQoKSk7Ci0gICAgSlNET01XaW5kb3cqIGpzRE9NV2luZG93 ID0gbmV3IChKU0RPTVdpbmRvdzo6Y29tbW9uSlNHbG9iYWxEYXRhKCkpIEpTRE9NV2luZG93KCpK U0RPTVdpbmRvdzo6Y29tbW9uSlNHbG9iYWxEYXRhKCksIHN0cnVjdHVyZSwgZG9tV2luZG93LCB0 aGlzKTsKLSAgICBwcm90b3R5cGUtPnB1dEFub255bW91c1ZhbHVlKCpKU0RPTVdpbmRvdzo6Y29t bW9uSlNHbG9iYWxEYXRhKCksIDAsIGpzRE9NV2luZG93KTsKLSAgICBzZXRXaW5kb3coKkpTRE9N V2luZG93Ojpjb21tb25KU0dsb2JhbERhdGEoKSwganNET01XaW5kb3cpOworICAgIGlmIChkb21X aW5kb3cpIHsKKyAgICAgICAgSlNET01XaW5kb3cqIGpzRE9NV2luZG93ID0gbmV3IChKU0RPTVdp bmRvdzo6Y29tbW9uSlNHbG9iYWxEYXRhKCkpIEpTRE9NV2luZG93KCpKU0RPTVdpbmRvdzo6Y29t bW9uSlNHbG9iYWxEYXRhKCksIHN0cnVjdHVyZSwgZG9tV2luZG93LCB0aGlzKTsKKyAgICAgICAg cHJvdG90eXBlLT5wdXRBbm9ueW1vdXNWYWx1ZSgqSlNET01XaW5kb3c6OmNvbW1vbkpTR2xvYmFs RGF0YSgpLCAwLCBqc0RPTVdpbmRvdyk7CisgICAgICAgIHNldFdpbmRvdygqSlNET01XaW5kb3c6 OmNvbW1vbkpTR2xvYmFsRGF0YSgpLCBqc0RPTVdpbmRvdyk7CisgICAgfSBlbHNlCisgICAgICAg IHNldFdpbmRvdygqSlNET01XaW5kb3c6OmNvbW1vbkpTR2xvYmFsRGF0YSgpLCAwKTsKIH0KIAog Ly8gLS0tLQo= 93605 2011-05-15 22:04:54 -0700 2011-05-15 22:07:10 -0700 Patch bug-59699-20110515220453.patch text/plain 1802 ggaren SW5kZXg6IFNvdXJjZS9XZWJDb3JlL0NoYW5nZUxvZwo9PT09PT09PT09PT09PT09PT09PT09PT09 PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09Ci0tLSBTb3VyY2UvV2Vi Q29yZS9DaGFuZ2VMb2cJKHJldmlzaW9uIDg2NTIyKQorKysgU291cmNlL1dlYkNvcmUvQ2hhbmdl TG9nCSh3b3JraW5nIGNvcHkpCkBAIC0xLDMgKzEsMjggQEAKKzIwMTEtMDUtMTUgIEdlb2ZmcmV5 IEdhcmVuICA8Z2dhcmVuQGFwcGxlLmNvbT4KKworICAgICAgICBSZXZpZXdlZCBieSBOT0JPRFkg KE9PUFMhKS4KKworICAgICAgICBodHRwczovL2J1Z3Mud2Via2l0Lm9yZy9zaG93X2J1Zy5jZ2k/ aWQ9NTk2OTkKKyAgICAgICAgR2xvYmFsIG9iamVjdCBpcyByZWNyZWF0ZWQgb24gdGVhcmRvd24s IGZvciBubyBnb29kIHJlYXNvbgorICAgICAgICAKKyAgICAgICAgKEFub3RoZXIgcGFydGlhbCBm aXggZm9yIDxyZGFyOi8vcHJvYmxlbS85NDE3ODc1PiBSRUdSRVNTSU9OOiBTdW5TcGlkZXIKKyAg ICAgICAgfjclIHNsb3dlciBpbiBicm93c2VyIHRoYW4gb24gY29tbWFuZCBsaW5lICh3YXMgMTcl KSkKKyAgICAgICAgCisgICAgICAgIEknbSBiYXNpY2FsbHkgcm9sbGluZyBvdXQgaHR0cDovL3Ry YWMud2Via2l0Lm9yZy9jaGFuZ2VzZXQvNDk3ODYgYmVjYXVzZQorCisgICAgICAgIChhKSBpdCBj cmVhdGVkIHRoaXMgcGVyZm9ybWFuY2UgcHJvYmxlbQorICAgICAgICAKKyAgICAgICAgYW5kCisg ICAgICAgIAorICAgICAgICAoYikgYSBtb3JlIGNvbXBsZXRlIGZpeCwgd2hpY2ggb2Jzb2xldGVz IGh0dHA6Ly90cmFjLndlYmtpdC5vcmcvY2hhbmdlc2V0LzQ5Nzg2LAorICAgICAgICB3YXMgY29t bWl0dGVkIGluIGh0dHA6Ly90cmFjLndlYmtpdC5vcmcvY2hhbmdlc2V0LzUzNDM5LgorICAgICAg ICAKKyAgICAgICAgVGVzdGVkIHdpdGggdGhlIGZpbGUgYXR0YWNoZWQgdG8gaHR0cHM6Ly9idWdz LndlYmtpdC5vcmcvc2hvd19idWcuY2dpP2lkPTI5ODMyLgorCisgICAgICAgICogcGFnZS9GcmFt ZS5jcHA6CisgICAgICAgIChXZWJDb3JlOjpGcmFtZTo6fkZyYW1lKTogRG9uJ3QgY3JlYXRlIGEg bmV3IHdpbmRvdyBldmVyeSB0aW1lIHdlIGRlc3Ryb3kKKyAgICAgICAgYSBmcmFtZS4KKwogMjAx MS0wNS0xMiAgTU9SSVRBIEhhamltZSAgPG1vcnJpdGFAZ29vZ2xlLmNvbT4KIAogICAgICAgICBT aGFkb3dDb250ZW50RWxlbWVudCBzaG91bGQgYWZmZWN0IHRoZSBvcmRlciBvZiByZW5kZXJlciBj aGlsZHJlbgpJbmRleDogU291cmNlL1dlYkNvcmUvcGFnZS9GcmFtZS5jcHAKPT09PT09PT09PT09 PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PQot LS0gU291cmNlL1dlYkNvcmUvcGFnZS9GcmFtZS5jcHAJKHJldmlzaW9uIDg2NTE0KQorKysgU291 cmNlL1dlYkNvcmUvcGFnZS9GcmFtZS5jcHAJKHdvcmtpbmcgY29weSkKQEAgLTIzMCw4ICsyMzAs NiBAQCBGcmFtZTo6fkZyYW1lKCkKICAgICAgICAgbV9tZWRpYVN0cmVhbUZyYW1lQ29udHJvbGxl ci0+ZGlzY29ubmVjdEZyYW1lKCk7CiAjZW5kaWYKIAotICAgIHNjcmlwdCgpLT5jbGVhcldpbmRv d1NoZWxsKCk7Ci0KICAgICBIYXNoU2V0PERPTVdpbmRvdyo+OjppdGVyYXRvciBlbmQgPSBtX2xp dmVGb3JtZXJXaW5kb3dzLmVuZCgpOwogICAgIGZvciAoSGFzaFNldDxET01XaW5kb3cqPjo6aXRl cmF0b3IgaXQgPSBtX2xpdmVGb3JtZXJXaW5kb3dzLmJlZ2luKCk7IGl0ICE9IGVuZDsgKytpdCkK ICAgICAgICAgKCppdCktPmRpc2Nvbm5lY3RGcmFtZSgpOwo=