Bug 241736
| Summary: | [PlayStation] RunLoopGeneric has memory leak in vector of ScheduledTask | ||
|---|---|---|---|
| Product: | WebKit | Reporter: | Basuke Suzuki <basuke> |
| Component: | Platform | Assignee: | Nobody <webkit-unassigned> |
| Status: | RESOLVED FIXED | ||
| Severity: | Normal | CC: | bfulgham, cdumez, ggaren, Hironori.Fujii, webkit-bug-importer, ysuzuki |
| Priority: | P2 | Keywords: | InRadar |
| Version: | WebKit Nightly Build | ||
| Hardware: | Unspecified | ||
| OS: | Unspecified | ||
Basuke Suzuki
The ScheduledTask object is ref counted. There are two main owners, RunLoop::TimerBase m_scheduledTask and RunLoop::m_schedules vector. When new timer is scheduled while current one is active but not fired, it is marked as inactive to make it not fired in the future, and new one is created with active state. The old one will be removed eventually when original timing come to fire.
But when JSRun loop cancel running timer, it just set a new timer (to cancel the running one) with the value of long interval (it is 10 years). Then invalidated timers with those long interval has no chance to be removed from the task list. With a simple application with using repeating timer, it is easily observed that we see tens of thousands of inactive objects in the list in just a few minutes.
| Attachments | ||
|---|---|---|
| Add attachment proposed patch, testcase, etc. |
Radar WebKit Bug Importer
<rdar://problem/95890501>
Brent Fulgham
Note: Apple ports do not use this code, so this is not relevant to specific iOS or macOS releases.
Fujii Hironori
JSCOnly port and PlayStation port are using RunLoopGeneric.cpp.
Yusuke Suzuki
Basuke already has a fix (he is on PTO).
Basuke Suzuki
https://github.com/WebKit/WebKit/pull/2869
EWS
Committed 253065@main (cef910fdba39): <https://commits.webkit.org/253065@main>
Reviewed commits have been landed. Closing PR #2869 and removing active labels.