Bug 21924

Summary: HashTable internal index is not always deleted
Product: WebKit Reporter: Frederic Marmond <fmarmond>
Component: JavaScriptCoreAssignee: Alexey Proskuryakov <ap>
Status: RESOLVED FIXED    
Severity: Normal CC: ap, fmarmond, mario.bensi
Priority: P2    
Version: 528+ (Nightly build)   
Hardware: PC   
OS: All   
Attachments:
Description Flags
fix a memory leak on HashTable
ap: review-
proposed fix darin: review+

Description Frederic Marmond 2008-10-28 08:48:01 PDT 
HashTable::createTable() allocates new HashEntry array, but HashTable::deleteTable() is not always called, so this array may not be deleted.

It can then introduce memory leaks, valgrind gives one of around 800ko on a single gmail visit.

My fix is to call the deleteTable() in the HashTable destructor.
It is secured and fixes the memory leak.
Comment 1 Frederic Marmond 2008-10-28 08:49:04 PDT 
Created attachment 24714 [details]
fix a memory leak on HashTable
Comment 2 Alexey Proskuryakov 2008-10-28 09:15:59 PDT 
Comment on attachment 24714 [details]
fix a memory leak on HashTable

HashTable::deleteTable is called from JSGlobalData destructor to avoid having destructors for static objects, which this patch would introduce.

However, the problem is real - in WebCore/bindings/js/JSDOMBinding.cpp, DOMObjectHashTableMap isn't properly cleaned up! This only affects worker threads though.
Comment 3 Alexey Proskuryakov 2008-10-28 09:49:41 PDT 
Created attachment 24719 [details]
proposed fix

Fix the problem in WebCore.
Comment 4 Darin Adler 2008-10-28 09:51:46 PDT 
Comment on attachment 24719 [details]
proposed fix

r=me
Comment 5 Alexey Proskuryakov 2008-10-29 03:35:44 PDT 
Committed revision 37968.