Summary: | NPN_UserAgent leaks its return value | ||
---|---|---|---|
Product: | WebKit | Reporter: | Dan Webb <dwebb> |
Component: | WebCore Misc. | Assignee: | Nobody <webkit-unassigned> |
Status: | RESOLVED WONTFIX | ||
Severity: | Normal | CC: | ahmad.saleem792, andersca, ap, mrowe, rniwa, webkit-bug-importer, zalan |
Priority: | P2 | Keywords: | InRadar |
Version: | 528+ (Nightly build) | ||
Hardware: | Mac | ||
OS: | OS X 10.5 |
Description
Dan Webb
2009-10-15 17:55:35 PDT
I cannot reproduce this with ToT. Could you please post a full stack trace? Also, are you seeing this in Safari on Mac OS X 10.5? Could you please try to reproduce this with a nightly build from <http://nightly.webkit.org>? I reproduced it in Monday's ToT WebKit build. Stack trace of one of the leaked objects (from ObjectAlloc): 21 Safari 0x2c92 20 AppKit NSApplicationMain 19 AppKit -[NSApplication run] 18 Safari 0xc303 17 AppKit -[NSApplication nextEventMatchingMask:untilDate:inMode:dequeue:] 16 AppKit _DPSNextEvent 15 HIToolbox BlockUntilNextEventMatchingListInMode 14 HIToolbox ReceiveNextEventCommon 13 HIToolbox RunCurrentEventLoopInMode 12 CoreFoundation CFRunLoopRunInMode 11 CoreFoundation CFRunLoopRunSpecific 10 WebKit WebNetscapePluginEventHandlerCarbon::sendNullEvent() /Users/dwebb/Keyhole-local/WebKit/WebKit/mac/Plugins/WebNetscapePluginEventHandlerCarbon.mm:124 9 WebKit WebNetscapePluginEventHandlerCarbon::sendEvent(EventRecord*) /Users/dwebb/Keyhole-local/WebKit/WebKit/mac/Plugins/WebNetscapePluginEventHandlerCarbon.mm:420 8 WebKit -[WebNetscapePluginDocumentView sendEvent:isDrawRect:] /Users/dwebb/Keyhole-local/WebKit/WebKit/mac/Plugins/WebNetscapePluginView.mm:672 7 libnpgeplugin.dylib Private_HandleEvent(_NPP*, void*) 6 libnpgeplugin.dylib nsPluginInstance::HandleEvent(void*) scons-out/opt/obj/apps/earth/plugin/idlglue/staticglue/moz/plugin.cc:164 5 libnpgeplugin.dylib GetNPSupportedModels(_NPP*, bool*, bool*, bool*) 4 WebKit NPN_UserAgent /Users/dwebb/Keyhole-local/WebKit/WebKit/mac/Plugins/npapi.mm:120 3 Foundation -[NSCFString UTF8String] 2 Foundation bytesInEncoding 1 CoreFoundation __CFDataInit 0 CoreFoundation _CFRuntimeCreateInstance If you want to reproduce it using the Google Earth plugin, download the installer from here, install it, and reload the page (might require Safari restart): <http://code.google.com/apis/earth/> That appears to show the char* buffer returned by NPN_UserAgent is being leaked. I would assume that the caller of NPN_UserAgent is responsible for freeing that memory. Is that not the case? Hmm, I assumed that the string was owned by npapi, since the docs didn't mention anything about handing off ownership of the C string. <http://developer.mozilla.org/en/NPN_UserAgent> I googled around a bit and found some example code that doesn't free the string: <https://developer.mozilla.org/en/Gecko_Plugin_API_Reference/Initialization_and_Destruction#Initialize_and_Shutdown_Example> If I'm looking at the right place, Mozilla does return a pointer to static buffer: <http://mxr.mozilla.org/mozilla-central/source/modules/plugin/base/src/nsPluginHost.cpp#2612> indeed. I am not able to find any reference about NPN_UserAgent in Webkit Github mirror except within Layout Tests for plugins? Considering that they might be disabled (skipped) as well, can we mark this as "RESOLVED WONTFIX"? Since NPAPI plugin support is now removed and Safari 14 onward does not support it. Thanks! |