Bug 298499
| Summary: | AbortController with event listeners causes memory leak due to incorrect GC reachability check | ||
|---|---|---|---|
| Product: | WebKit | Reporter: | tbvjaos510 |
| Component: | New Bugs | Assignee: | Nobody <webkit-unassigned> |
| Status: | RESOLVED FIXED | ||
| Severity: | Normal | CC: | webkit-bug-importer |
| Priority: | P2 | Keywords: | InRadar |
| Version: | WebKit Nightly Build | ||
| Hardware: | All | ||
| OS: | All | ||
tbvjaos510
AbortController objects with event listeners are never garbage collected, causing memory leaks.
Steps to Reproduce:
1. Create AbortController instances
2. Add event listeners to their signals
3. Remove all references to the controllers
4. Force garbage collection
Expected Result:
AbortController objects should be garbage collected when no longer referenced.
Actual Result:
AbortController objects with event listeners remain in memory indefinitely.
Root Cause:
The JSAbortSignalOwner::isReachableFromOpaqueRoots() method incorrectly marks all AbortSignals with event listeners
as always reachable, preventing garbage collection even when they have no other references.
| Attachments | ||
|---|---|---|
| Add attachment proposed patch, testcase, etc. |
tbvjaos510
Pull request: https://github.com/WebKit/WebKit/pull/50419
tbvjaos510
Pull request: https://github.com/Webkit/Webkit/pull/50419
EWS
Committed 299758@main (1f6b6bea2079): <https://commits.webkit.org/299758@main>
Reviewed commits have been landed. Closing PR #50419 and removing active labels.
Radar WebKit Bug Importer
<rdar://problem/160211727>