WebKit Bugzilla
New
Browse
Log In
×
Sign in with GitHub
or
Remember my login
Create Account
·
Forgot Password
Forgotten password account recovery
RESOLVED FIXED
136970
Leak of mallocs under StructureSet::OutOfLineList::create
https://bugs.webkit.org/show_bug.cgi?id=136970
Summary
Leak of mallocs under StructureSet::OutOfLineList::create
Joseph Pecoraro
Reported
2014-09-19 18:46:31 PDT
The leaks bot is seeing a lot of leaks of mallocs under StructureSet::OutOfLineList::create. The leak itself is small (48 bytes), but that is a large number of leaks: <
http://build.webkit.org/builders/Apple%20MountainLion%20%28Leaks%29/builds/11637/steps/layout-test/logs/stdio
> I don't have a test case, but the bots run frequently. Example back traces show OutOfLineLists created in add, merge, and addOutOfLine: Call stack: [thread 0x12f65a000]: | thread_start | _pthread_start | WTF::wtfThreadEntryPoint(void*) ThreadingPthreads.cpp:170 | WTF::threadEntryPoint(void*) Threading.cpp:68 | JSC::DFG::Worklist::threadFunction(void*) DFGWorklist.cpp:401 | JSC::DFG::Worklist::runThread(JSC::DFG::ThreadData*) DFGWorklist.cpp:358 | JSC::DFG::Plan::compileInThread(JSC::DFG::LongLivedState&, JSC::DFG::ThreadData*) DFGPlan.cpp:162 | JSC::DFG::Plan::compileInThreadImpl(JSC::DFG::LongLivedState&) DFGPlan.cpp:347 | JSC::DFG::performCFA(JSC::DFG::Graph&) DFGCFAPhase.cpp:168 | bool JSC::DFG::runPhase<JSC::DFG::CFAPhase>(JSC::DFG::Graph&) DFGPhase.h:87 | bool JSC::DFG::runAndLog<JSC::DFG::CFAPhase>(JSC::DFG::CFAPhase&) DFGPhase.h:77 | JSC::DFG::CFAPhase::run() DFGCFAPhase.cpp:80 | JSC::DFG::CFAPhase::performForwardCFA() DFGCFAPhase.cpp:151 | JSC::DFG::CFAPhase::performBlockCFA(JSC::DFG::BasicBlock*) DFGCFAPhase.cpp:125 | JSC::DFG::AbstractInterpreter<JSC::DFG::InPlaceAbstractState>::execute(unsigned int) DFGAbstractInterpreterInlines.h:1992 | JSC::DFG::AbstractInterpreter<JSC::DFG::InPlaceAbstractState>::executeEffects(unsigned int, JSC::DFG::Node*) DFGAbstractInterpreterInlines.h:1655 | JSC::StructureSet::merge(JSC::StructureSet const&) StructureSet.cpp:104 | JSC::StructureSet::OutOfLineList::create(unsigned int) StructureSet.cpp:387 | WTF::fastMalloc(unsigned long) FastMalloc.cpp:282 | malloc | malloc_zone_malloc Call stack: [thread 0x11b7a9000]: | thread_start | _pthread_start | WTF::wtfThreadEntryPoint(void*) ThreadingPthreads.cpp:170 | WTF::threadEntryPoint(void*) Threading.cpp:68 | JSC::DFG::Worklist::threadFunction(void*) DFGWorklist.cpp:401 | JSC::DFG::Worklist::runThread(JSC::DFG::ThreadData*) DFGWorklist.cpp:358 | JSC::DFG::Plan::compileInThread(JSC::DFG::LongLivedState&, JSC::DFG::ThreadData*) DFGPlan.cpp:162 | JSC::DFG::Plan::compileInThreadImpl(JSC::DFG::LongLivedState&) DFGPlan.cpp:260 | JSC::DFG::performCFA(JSC::DFG::Graph&) DFGCFAPhase.cpp:168 | bool JSC::DFG::runPhase<JSC::DFG::CFAPhase>(JSC::DFG::Graph&) DFGPhase.h:87 | bool JSC::DFG::runAndLog<JSC::DFG::CFAPhase>(JSC::DFG::CFAPhase&) DFGPhase.h:77 | JSC::DFG::CFAPhase::run() DFGCFAPhase.cpp:80 | JSC::DFG::CFAPhase::performForwardCFA() DFGCFAPhase.cpp:151 | JSC::DFG::CFAPhase::performBlockCFA(JSC::DFG::BasicBlock*) DFGCFAPhase.cpp:125 | JSC::DFG::AbstractInterpreter<JSC::DFG::InPlaceAbstractState>::execute(unsigned int) DFGAbstractInterpreterInlines.h:1992 | JSC::DFG::AbstractInterpreter<JSC::DFG::InPlaceAbstractState>::executeEffects(unsigned int, JSC::DFG::Node*) DFGAbstractInterpreterInlines.h:1489 | JSC::DFG::AbstractInterpreter<JSC::DFG::InPlaceAbstractState>::observeTransition(unsigned int, JSC::Structure*, JSC::Structure*) DFGAbstractInterpreter.h:2077 | void JSC::DFG::AbstractInterpreter<JSC::DFG::InPlaceAbstractState>::forAllValues<JSC::DFG::AbstractValue::TransitionObserver>(unsigned int, JSC::DFG::AbstractValue::TransitionObserver&) DFGAbstractInterpreterInlines.h:2059 | JSC::DFG::AbstractValue::TransitionObserver::operator()(JSC::DFG::AbstractValue&) DFGAbstractValue.h:131 | JSC::DFG::AbstractValue::observeTransition(JSC::Structure*, JSC::Structure*) DFGAbstractValue.h:113 | JSC::DFG::StructureAbstractValue::observeTransition(JSC::Structure*, JSC::Structure*) DFGStructureAbstractValue.cpp:95 | JSC::StructureSet::add(JSC::Structure*) StructureSet.cpp:50 | JSC::StructureSet::OutOfLineList::create(unsigned int) StructureSet.cpp:387 | WTF::fastMalloc(unsigned long) FastMalloc.cpp:282 | malloc | malloc_zone_malloc Leak: 0x7f912ce560e0 size=64 zone: DefaultMallocZone_0x10b933000 0x00000006 0x00000006 0x1a4937a0 0x00000001 .........7I..... 0x1a492c40 0x00000001 0x1a492460 0x00000001 @,I.....`$I..... 0x1a491b30 0x00000001 0x1a4984a0 0x00000001 0.I.......I..... 0x1a497ef0 0x00000001 0x00000000 0x00040000 .~I............. Call stack: [thread 0x11fe42000]: | thread_start | _pthread_start | WTF::wtfThreadEntryPoint(void*) ThreadingPthreads.cpp:170 | WTF::threadEntryPoint(void*) Threading.cpp:68 | JSC::DFG::Worklist::threadFunction(void*) DFGWorklist.cpp:401 | JSC::DFG::Worklist::runThread(JSC::DFG::ThreadData*) DFGWorklist.cpp:358 | JSC::DFG::Plan::compileInThread(JSC::DFG::LongLivedState&, JSC::DFG::ThreadData*) DFGPlan.cpp:162 | JSC::DFG::Plan::compileInThreadImpl(JSC::DFG::LongLivedState&) DFGPlan.cpp:207 | JSC::DFG::parse(JSC::DFG::Graph&) DFGByteCodeParser.cpp:3941 | JSC::DFG::ByteCodeParser::parse() DFGByteCodeParser.cpp:3916 | JSC::DFG::ByteCodeParser::parseCodeBlock() DFGByteCodeParser.cpp:3856 | JSC::DFG::ByteCodeParser::parseBlock(unsigned int) DFGByteCodeParser.cpp:2854 | JSC::GetByIdStatus::computeFor(JSC::CodeBlock*, JSC::CodeBlock*, WTF::HashMap<JSC::CodeOrigin, JSC::StructureStubInfo*, JSC::CodeOriginApproximateHash, WTF::HashTraits<JSC::CodeOrigin>, WTF::HashTraits<JSC::StructureStubInfo*> >&, WTF::HashMap<JSC::CodeOrigin, JSC::StructureStubInfo*, JSC::CodeOriginApproximateHash, WTF::HashTraits<JSC::CodeOrigin>, WTF::HashTraits<JSC::StructureStubInfo*> >&, JSC::CodeOrigin, WTF::StringImpl*) GetByIdStatus.cpp:264 | JSC::GetByIdStatus::computeFor(JSC::CodeBlock*, WTF::HashMap<JSC::CodeOrigin, JSC::StructureStubInfo*, JSC::CodeOriginApproximateHash, WTF::HashTraits<JSC::CodeOrigin>, WTF::HashTraits<JSC::StructureStubInfo*> >&, unsigned int, WTF::StringImpl*) GetByIdStatus.cpp:102 | JSC::GetByIdStatus::computeForStubInfo(JSC::ConcurrentJITLocker const&, JSC::CodeBlock*, JSC::StructureStubInfo*, WTF::StringImpl*, JSC::CallLinkStatus::ExitSiteData) GetByIdStatus.cpp:208 | JSC::GetByIdStatus::appendVariant(JSC::GetByIdVariant const&) GetByIdStatus.cpp:45 | JSC::GetByIdVariant::attemptToMerge(JSC::GetByIdVariant const&) GetByIdVariant.cpp:99 | JSC::StructureSet::merge(JSC::StructureSet const&) StructureSet.cpp:97 | JSC::StructureSet::add(JSC::Structure*) StructureSet.cpp:58 | JSC::StructureSet::addOutOfLine(JSC::Structure*) StructureSet.cpp:355 | JSC::StructureSet::OutOfLineList::create(unsigned int) StructureSet.cpp:387 | WTF::fastMalloc(unsigned long) FastMalloc.cpp:282 | malloc | malloc_zone_malloc
Attachments
Fixes the leak
(1.24 KB, patch)
2014-09-19 19:34 PDT
,
Ryosuke Niwa
no flags
Details
Formatted Diff
Diff
View All
Add attachment
proposed patch, testcase, etc.
Ryosuke Niwa
Comment 1
2014-09-19 19:34:40 PDT
Created
attachment 238405
[details]
Fixes the leak
WebKit Commit Bot
Comment 2
2014-09-19 20:01:57 PDT
Comment on
attachment 238405
[details]
Fixes the leak Clearing flags on attachment: 238405 Committed
r173787
: <
http://trac.webkit.org/changeset/173787
>
WebKit Commit Bot
Comment 3
2014-09-19 20:02:00 PDT
All reviewed patches have been landed. Closing bug.
Note
You need to
log in
before you can comment on or make changes to this bug.
Top of Page
Format For Printing
XML
Clone This Bug