Bug 136974 - JSStringRef leak on the leaks bot allocation under selectTextWithCriteriaCallback
Summary: JSStringRef leak on the leaks bot allocation under selectTextWithCriteriaCall...
Status: RESOLVED FIXED
Alias: None
Product: WebKit
Classification: Unclassified
Component: WebKit Misc. (show other bugs)
Version: 528+ (Nightly build)
Hardware: Unspecified Unspecified
: P2 Normal
Assignee: Joseph Pecoraro
URL:
Keywords:
Depends on:
Blocks:
 
Reported: 2014-09-19 19:32 PDT by Joseph Pecoraro
Modified: 2014-09-19 22:46 PDT (History)
3 users (show)

See Also:

Attachments
[PATCH] Proposed Fix (1.36 KB, patch)
2014-09-19 19:37 PDT, Joseph Pecoraro 		no flags Details | Formatted Diff | Diff
View All Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description Joseph Pecoraro 2014-09-19 19:32:19 PDT 
JSStringRef leak seen on the leaks bots:
<http://build.webkit.org/builders/Apple%20MountainLion%20%28Leaks%29/builds/11637/steps/layout-test/logs/stdio>

Seems to come from the test code itself (selectTextWithCriteriaCallback in AccessibilityUIElement.cpp).

Leak: 0x7fcdb0a29b10  size=32  zone: DefaultMallocZone_0x10a6e9000
	0x00000001 0x70000000 0xb1014700 0x00007fcd 	.......p.G......
	0x00000000 0x00000000 0xdb1094ea 0x000207fc 	................
	Call stack: [thread 0x7fff782d9180]: 
        | 0x2 
        | start 
        | main DumpRenderTreeMain.mm:30 
        | DumpRenderTreeMain(int, char const**) DumpRenderTree.mm:1295 
        | dumpRenderTree(int, char const**) DumpRenderTree.mm:1164 
        | runTestingServerLoop() DumpRenderTree.mm:1073 
        | runTest(std::__1::basic_string<char, std::__1::char_traits<char>, std::__1::allocator<char> > const&) DumpRenderTree.mm:1853 
        | CFRunLoopRunSpecific 
        | __CFRunLoopRun 
        | __CFRunLoopDoSources0 
        | __CFRUNLOOP_IS_CALLING_OUT_TO_A_SOURCE0_PERFORM_FUNCTION__ 
        | MultiplexerSource::perform() 
        | RunloopBlockContext::perform() 
        | CFArrayApplyFunction 
        | __block_global_1 
        | ___withDelegateAsync_block_invoke_0 
        | ___delegate_didReceiveDataArray_block_invoke_0 
        | _NSURLConnectionDidReceiveDataArray 
        | -[NSURLConnectionInternal _withActiveConnectionAndDelegate:] 
        | -[NSURLConnectionInternal _withConnectionAndDelegate:onlyActive:] 
        | __65-[NSURLConnectionInternal _withConnectionAndDelegate:onlyActive:]_block_invoke_0 
        | -[WebCoreResourceHandleAsDelegate connection:didReceiveDataArray:] WebCoreResourceHandleAsDelegate.mm:200 
        | WebCore::ResourceLoader::didReceiveBuffer(WebCore::ResourceHandle*, WTF::PassRefPtr<WebCore::SharedBuffer>, int) ResourceLoader.cpp:506 
        | WebCore::SubresourceLoader::didReceiveBuffer(WTF::PassRefPtr<WebCore::SharedBuffer>, long long, WebCore::DataPayloadType) SubresourceLoader.cpp:258 
        | WebCore::SubresourceLoader::didReceiveDataOrBuffer(char const*, int, WTF::PassRefPtr<WebCore::SharedBuffer>, long long, WebCore::DataPayloadType) SubresourceLoader.cpp:277 
        | WebCore::CachedRawResource::addDataBuffer(WebCore::ResourceBuffer*) CachedRawResource.cpp:72 
        | WebCore::CachedRawResource::notifyClientsDataWasReceived(char const*, unsigned int) CachedRawResource.cpp:117 
        | WebCore::DocumentLoader::dataReceived(WebCore::CachedResource*, char const*, int) DocumentLoader.cpp:891 
        | WebCore::DocumentLoader::commitLoad(char const*, int) DocumentLoader.cpp:771 
        | WebFrameLoaderClient::committedLoad(WebCore::DocumentLoader*, char const*, int) WebFrameLoaderClient.mm:988 
        | -[WebDataSource(WebInternal) _receivedData:] WebDataSource.mm:252 
        | -[WebHTMLRepresentation receivedData:withDataSource:] WebHTMLRepresentation.mm:191 
        | -[WebFrame(WebInternal) _commitData:] WebFrame.mm:1002 
        | WebCore::DocumentLoader::commitData(char const*, unsigned long) DocumentLoader.cpp:846 
        | WebCore::DocumentWriter::addData(char const*, unsigned long) DocumentWriter.cpp:224 
        | WebCore::DecodedDataDocumentParser::appendBytes(WebCore::DocumentWriter&, char const*, unsigned long) DecodedDataDocumentParser.cpp:50 
        | WebCore::HTMLDocumentParser::append(WTF::PassRefPtr<WTF::StringImpl>) HTMLDocumentParser.cpp:430 
        | WebCore::HTMLDocumentParser::pumpTokenizerIfPossible(WebCore::HTMLDocumentParser::SynchronousMode) HTMLDocumentParser.cpp:190 
        | WebCore::HTMLDocumentParser::pumpTokenizer(WebCore::HTMLDocumentParser::SynchronousMode) HTMLDocumentParser.cpp:293 
        | WebCore::HTMLDocumentParser::canTakeNextToken(WebCore::HTMLDocumentParser::SynchronousMode, WebCore::PumpSession&) HTMLDocumentParser.cpp:238 
        | WebCore::HTMLDocumentParser::runScriptsForPausedTreeBuilder() HTMLDocumentParser.cpp:218 
        | WebCore::HTMLScriptRunner::execute(WTF::PassRefPtr<WebCore::Element>, WTF::TextPosition const&) HTMLScriptRunner.cpp:177 
        | WebCore::HTMLScriptRunner::runScript(WebCore::Element*, WTF::TextPosition const&) HTMLScriptRunner.cpp:304 
        | WebCore::ScriptElement::prepareScript(WTF::TextPosition const&, WebCore::ScriptElement::LegacyTypeSupport) ScriptElement.cpp:237 
        | WebCore::ScriptElement::executeScript(WebCore::ScriptSourceCode const&) ScriptElement.cpp:301 
        | WebCore::ScriptController::evaluate(WebCore::ScriptSourceCode const&) ScriptController.cpp:168 
        | WebCore::ScriptController::evaluateInWorld(WebCore::ScriptSourceCode const&, WebCore::DOMWrapperWorld&) ScriptController.cpp:152 
        | WebCore::JSMainThreadExecState::evaluate(JSC::ExecState*, JSC::SourceCode const&, JSC::JSValue, JSC::JSValue*) JSMainThreadExecState.h:62 
        | JSC::evaluate(JSC::ExecState*, JSC::SourceCode const&, JSC::JSValue, JSC::JSValue*) Completion.cpp:82 
        | JSC::Interpreter::execute(JSC::ProgramExecutable*, JSC::ExecState*, JSC::JSObject*) Interpreter.cpp:928 
        | JSC::JITCode::execute(JSC::VM*, JSC::ProtoCallFrame*) JITCode.cpp:56 
        | vmEntryToJavaScript 
        | llint_entry 
        | llint_slow_path_call LLIntSlowPaths.cpp:1160 
        | JSC::LLInt::genericCall(JSC::ExecState*, JSC::Instruction*, JSC::CodeSpecializationKind) LLIntSlowPaths.cpp:1154 
        | JSC::LLInt::setUpCall(JSC::ExecState*, JSC::Instruction*, JSC::CodeSpecializationKind, JSC::JSValue, JSC::LLIntCallLinkInfo*) LLIntSlowPaths.cpp:1090 
        | JSC::LLInt::handleHostCall(JSC::ExecState*, JSC::Instruction*, JSC::JSValue, JSC::CodeSpecializationKind) LLIntSlowPaths.cpp:1044 
        | long long JSC::APICallbackFunction::call<JSC::JSCallbackFunction>(JSC::ExecState*) APICallbackFunction.h:61 
        | selectTextWithCriteriaCallback(OpaqueJSContext const*, OpaqueJSValue*, OpaqueJSValue*, unsigned long, OpaqueJSValue const* const*, OpaqueJSValue const**) AccessibilityUIElement.cpp:273 
        | JSValueToStringCopy JSValueRef.cpp:416 
        | OpaqueJSString::create(WTF::String const&) OpaqueJSString.cpp:41 
        | WTF::ThreadSafeRefCountedBase::operator new(unsigned long) ThreadSafeRefCounted.h:70 
        | WTF::fastMalloc(unsigned long) FastMalloc.cpp:282 
        | malloc 
        | malloc_zone_malloc
Comment 1 Joseph Pecoraro 2014-09-19 19:36:56 PDT 
* STEPS TO REPRODUCE
shell> ./Tools/Scripts/run-webkit-tests --release platform/mac/accessibility/select-text.html --leaks
Comment 2 Joseph Pecoraro 2014-09-19 19:37:12 PDT 
Created attachment 238406 [details]
[PATCH] Proposed Fix
Comment 3 WebKit Commit Bot 2014-09-19 22:46:17 PDT 
Comment on attachment 238406 [details]
[PATCH] Proposed Fix

Clearing flags on attachment: 238406

Committed r173789: <http://trac.webkit.org/changeset/173789>
Comment 4 WebKit Commit Bot 2014-09-19 22:46:19 PDT 
All reviewed patches have been landed.  Closing bug.