If we create an Image object inside unload event listener and set src attribute to it, the Document will never be released. As shown in the following HTML: <html> <head> <script type="text/javascript"> window.onunload = unloadPage; p = []; function unloadPage() { p[0] = new Image; p[0].src = "https://www.my_random_testpage.com/image.png"; } function reload() { setTimeout(function() {location.reload();}, 500); } </script> </head> <body onload="reload()"> </body> </html> In mac, running "heap" periodically will show the number of HTMLDocument keeps growing.
<rdar://problem/12797901>
And this also happens on onbeforeunload and onpagehide listeners too.
Created attachment 179107 [details] Patch, don't trigger error event in ImageLoader if the page is being dismissed.
Created attachment 179112 [details] Don't trigger error event in ImageLoader if the page is being dismissed.
Comment on attachment 179112 [details] Don't trigger error event in ImageLoader if the page is being dismissed. View in context: https://bugs.webkit.org/attachment.cgi?id=179112&action=review > Source/WebCore/loader/ImageLoader.cpp:203 > + Frame* frame = document()->frame(); > + bool pageIsBeingDismissed = frame && frame->loader()->pageDismissalEventBeingDispatched() != FrameLoader::NoDismissal; It seems wasteful to do all this computation when newImage is non-zero. Could you put this into a helper function so it’s only computed when newImage is 0?
(In reply to comment #5) > (From update of attachment 179112 [details]) > View in context: https://bugs.webkit.org/attachment.cgi?id=179112&action=review > > > Source/WebCore/loader/ImageLoader.cpp:203 > > + Frame* frame = document()->frame(); > > + bool pageIsBeingDismissed = frame && frame->loader()->pageDismissalEventBeingDispatched() != FrameLoader::NoDismissal; > > It seems wasteful to do all this computation when newImage is non-zero. Could you put this into a helper function so it’s only computed when newImage is 0? yes that is a good point. I will make it into a help function which only get called when image is 0.
Created attachment 179299 [details] Address review comments, add a helper function pageIsBeingDismissed and only call it when image is null.
Comment on attachment 179299 [details] Address review comments, add a helper function pageIsBeingDismissed and only call it when image is null. Clearing flags on attachment: 179299 Committed r137615: <http://trac.webkit.org/changeset/137615>
All reviewed patches have been landed. Closing bug.