Bug 51712

Summary: [Chromium] After r57004, readonly attributes that return non-constant values, leak wrappers
Product: WebKit Reporter: Mikhail Naganov <mnaganov>
Component: WebCore Misc.Assignee: Nobody <webkit-unassigned>
Status: RESOLVED WONTFIX    
Severity: Normal CC: japhet, schenney, vitalyr
Priority: P2    
Version: 528+ (Nightly build)   
Hardware: PC   
OS: OS X 10.5   

Mikhail Naganov
Reported 2010-12-29 10:03:06 PST
In https://trac.webkit.org/changeset/57004, CodeGeneratorV8 is changed to cache wrappers for 'readonly' IDL values, using native object pointer as a hash value. That means, if different object pointer value is returned, previous wrapper will stall in the cache, creating a memory leak. For example, that happened with MemoryInfo object which is created anew on every Console::memory() call. 'readonly' doesn't mean 'constant'! I think, this logic needs to be revised, because nothing in .idl specifies that getter value returns the same native pointer.
Attachments
Note You need to log in before you can comment on or make changes to this bug.