Bug 51712
| Summary: | [Chromium] After r57004, readonly attributes that return non-constant values, leak wrappers | ||
|---|---|---|---|
| Product: | WebKit | Reporter: | Mikhail Naganov <mnaganov> |
| Component: | WebCore Misc. | Assignee: | Nobody <webkit-unassigned> |
| Status: | RESOLVED WONTFIX | ||
| Severity: | Normal | CC: | japhet, schenney, vitalyr |
| Priority: | P2 | ||
| Version: | 528+ (Nightly build) | ||
| Hardware: | PC | ||
| OS: | OS X 10.5 | ||
Mikhail Naganov
In https://trac.webkit.org/changeset/57004, CodeGeneratorV8 is changed to cache wrappers for 'readonly' IDL values, using native object pointer as a hash value. That means, if different object pointer value is returned, previous wrapper will stall in the cache, creating a memory leak. For example, that happened with MemoryInfo object which is created anew on every Console::memory() call. 'readonly' doesn't mean 'constant'!
I think, this logic needs to be revised, because nothing in .idl specifies that getter value returns the same native pointer.
| Attachments | ||
|---|---|---|
| Add attachment proposed patch, testcase, etc. |
Stephen Chenney
https://code.google.com/p/chromium/issues/detail?id=230536