Bug 63938

Summary: Image creation via data: uri causes unbounded memory growth and crashing
Product: WebKit Reporter: Rowan Beentje <rowan>
Component: ImagesAssignee: Nobody <webkit-unassigned>
Status: UNCONFIRMED ---    
Severity: Normal CC: ap, cmarcelo, jamesr, japhet, thorton
Priority: P2    
Version: 528+ (Nightly build)   
Hardware: All   
OS: All   
URL: http://saffron.assanka.com/rowan/imgmemory.html

Description Rowan Beentje 2011-07-05 06:50:59 PDT
If a page displays images via data: uris, some form of memory usage related to the data: uris is never released.  If javascript is used to dynamically create image elements on page (via createElement, innerHTML etc) using data: uris as the source, memory usage will increase and will not decrease proportionally when the image is subsequently removed from the page.

There is a brief writeup of this bug at http://waldheinz.de/2010/06/webkit-leaks-data-uris/ , and a reduced test case based on that page at http://turmeric.assanka.com/rowan/imgmemory.html .

I initially thought this might be related to the page image cache, but that appears to be capping out correctly (at ~128MB IIRC?) if images loaded via URL instead of data URI are used instead.  That also suggests this isn't related to some of the other rapid-loading image issues ("death by a thousand papercuts" etc), and instead may be related to a URL issue such as https://bugs.webkit.org/show_bug.cgi?id=19699 .

There's a Chromium bug open for this, although that bug seems to cover several unrelated image issues; jamesr has done some investigative work, see his comment at http://code.google.com/p/chromium/issues/detail?id=36142#c64 .

This causes severe leaks on latest nightlies, Safari, and Chrome, and crashes on iOS.
Comment 1 Alexey Proskuryakov 2011-07-05 10:21:41 PDT
We probably have a duplicate for this already, but as you've mentioned, it's hard to tell since there are usually several issues conflated in each bug report.