Bug 75451

Summary:

REGRESSION(r100517): Finalizers are not run for many, many DOM objects!

Product:

WebKit

Reporter:

Sam Weinig <sam>

Component:

WebCore JavaScript

Assignee:

Sam Weinig <sam>

Status:

NEW

Severity:

Normal

CC:

abarth, ap, ggaren, japhet, mhahnenberg, mrowe, webkit.review.bot

Priority:

Keywords:

InRadar

Version:

528+ (Nightly build)

Hardware:

All

OS:

All

Attachments:

Description	Flags
Temporary workaround patch	none

Sam Weinig

Reported 2012-01-02 15:19:57 PST

After r100517 we appear to be leaking many DOM objects. It appears that their wrappers are not being finalized which is leading to the wrapped object not being deref'd before the wrapper is destroyed. * STEPS TO REPRODUCE 1. Load <http://www.google.com/>. 2. Run "leaks WebProcess". * RESULTS You'll see 50 - 100 reported leaks of objects like CSSComputedStyleDeclaration and so on.

Attachments
Temporary workaround patch (3.14 KB, patch) 2012-01-02 15:23 PST, Sam Weinig	no flags	Details Formatted Diff Diff
Show Obsolete (1) View All Add attachment proposed patch, testcase, etc.

Sam Weinig

Comment 1 2012-01-02 15:21:01 PST

It seems the assumption that a finalizer will run for each DOM object wrapper (based on the assumption that each DOM object wrapper has a handle which can get finalized) is not holding true.

Sam Weinig

Comment 2 2012-01-02 15:23:46 PST

Created attachment 120896 [details] Temporary workaround patch

Sam Weinig

Comment 3 2012-01-02 15:32:08 PST

Committed r103913: <http://trac.webkit.org/changeset/103913>

Sam Weinig

Comment 4 2012-01-02 15:41:25 PST

<rdar://problem/10611063>

Sam Weinig

Comment 5 2012-01-02 15:56:12 PST

Fixed the build due to bad patch landing in r103915.

Alexey Proskuryakov

Comment 6 2012-04-03 15:35:49 PDT

Re-titling to track a proper fix, now that the symptom is under the carpet.

Note You need to log in before you can comment on or make changes to this bug.