Bug 157945

Summary: Web Inspector: retained size for typed arrays does not count native backing store
Product: WebKit Reporter: Blaze Burg <bburg>
Component: Web InspectorAssignee: Joseph Pecoraro <joepeck>
Status: RESOLVED FIXED    
Severity: Normal CC: bburg, commit-queue, fpizlo, ggaren, graouts, joepeck, keith_miller, mark.lam, mattbaker, msaboff, nvasilyev, saam, timothy, webkit-bug-importer
Priority: P2 Keywords: InRadar
Version: WebKit Nightly Build   
Hardware: All   
OS: All   
See Also: https://bugs.webkit.org/show_bug.cgi?id=78574
Attachments:
Description Flags
[SCREENSHOT] Bad timeline data
none
[PATCH] Proposed Fix none

Blaze Burg
Reported 2016-05-20 09:32:52 PDT
STEPS TO REPRODUCE 1. Go to http://bl.ocks.org/syntagmatic/6c149c08fc9cde682635 2. Capture a recording long enough that a really big GC happens 3. Compare heap snapshots before and after a big GC EXPECTED It lists a Float32Array and ArrayBuffer with 10's of thousands of elements, so it should be MB's of data ACTUAL Retained size is 32 bytes regardless of typed array size
Attachments
[SCREENSHOT] Bad timeline data (415.96 KB, image/png)
2016-05-20 09:34 PDT, Blaze Burg 		no flags
Details
[PATCH] Proposed Fix (4.18 KB, patch)
2016-05-20 14:20 PDT, Joseph Pecoraro 		no flags
DetailsFormatted DiffDiff
View All Add attachment proposed patch, testcase, etc.
Radar WebKit Bug Importer
Comment 1 2016-05-20 09:33:20 PDT
<rdar://problem/26392238>
Blaze Burg
Comment 2 2016-05-20 09:34:44 PDT
Created attachment 279483 [details] [SCREENSHOT] Bad timeline data
Joseph Pecoraro
Comment 3 2016-05-20 12:22:31 PDT
I guess this is a specific type of TypedArray that we do not get the size correctly. For a basic: new Uint32Array(5000); I'm seeing it get a size of 19.56kb. So there must be something non-trivial about the arrays on that page.
Joseph Pecoraro
Comment 4 2016-05-20 13:35:07 PDT
Ahh, I see the issue when using a Buffer and View separately: window.lists = []; console.takeHeapSnapshot("before"); var buffer = new ArrayBuffer(4*5000); var view = new Float32Array(buffer); window.lists.push(view); console.takeHeapSnapshot("after"); Neither the ArrayBuffer or the Float32Array claiming the data!
Joseph Pecoraro
Comment 5 2016-05-20 13:40:13 PDT
Looks like JSArrayBuffer doesn't report an estimated size. I missed it because ArrayBuffer's have their own unique reporting of their size to the Heap.
Joseph Pecoraro
Comment 6 2016-05-20 14:20:37 PDT
Created attachment 279501 [details] [PATCH] Proposed Fix Note, with this change, the memory will be associated with the ArrayBuffer. There currently does not exist a way to know if the Float32Array is the only retainer of the ArrayBuffer, so the Float32Array's will still appear small. That means they are just a view on an ArrayBuffer.
Geoffrey Garen
Comment 7 2016-05-20 14:25:39 PDT
Comment on attachment 279501 [details] [PATCH] Proposed Fix r=me
WebKit Commit Bot
Comment 8 2016-05-20 14:46:16 PDT
Comment on attachment 279501 [details] [PATCH] Proposed Fix Clearing flags on attachment: 279501 Committed r201226: <http://trac.webkit.org/changeset/201226>
WebKit Commit Bot
Comment 9 2016-05-20 14:46:23 PDT
All reviewed patches have been landed. Closing bug.
Note You need to log in before you can comment on or make changes to this bug.