Page that allocates and destroys canvas elements in a loop gets jettisoned on iOS
https://bugs.webkit.org/show_bug.cgi?id=172728
Summary Page that allocates and destroys canvas elements in a loop gets jettisoned on...
Simon Fraser (smfr)
Reported 2017-05-30 13:32:25 PDT
Load this page https://github.com/kangax/fabric.js/issues/3693 on iPad, and the tab will get killed because it goes above the jetsam high watermark. It's allocating and destroying canvas elements in a loop, so ideally would not get jettisoned. Why is GC not kicking in?
Attachments
Simon Fraser (smfr)
Comment 1 2017-05-30 13:41:10 PDT
Radar WebKit Bug Importer
Comment 2 2017-05-30 13:41:30 PDT
Simon Fraser (smfr)
Comment 3 2017-05-30 17:09:19 PDT
From the web inspector, and via code instrumentation, WebKit is retaining all the canvas elements and their image buffers while the loop is running. Chrome seems to be able to GC them as the loop runs.
Simon Fraser (smfr)
Comment 4 2017-05-30 17:46:37 PDT
This is something about fabric's addListener(fabric.window, 'resize', this._onResize); code.
Simon Fraser (smfr)
Comment 5 2017-05-30 17:59:50 PDT
If I comment out the line in fabric.js, the bug goes away: this._onResize = this._onResize.bind(this);
Joseph Pecoraro
Comment 6 2017-05-30 21:56:55 PDT
I think this is primarily a programming error in the page that will cause the "fabric.Canvas" instances to be kept alive by leaked global resize listeners being registered. I boiled it down to: <script> MyCanvas = function() { this.initialize(); }; MyCanvas.prototype.initialize = function() { this.a = document.createElement('canvas'); this.f = (function() {}).bind(this); // 2nd time this will overwrite "this.f" window.addEventListener('resize', this.f); }; MyCanvas.prototype.dispose = function() { window.removeEventListener('resize', this.f); }; window.addEventListener("load", function() { var canvas; for (var count = 0; count < 100; count++){ console.log("count", count); canvas = new MyCanvas(); // initialize once canvas.initialize(); // initialize again canvas.dispose(); } }, false); </script> It looks like the page effectively calls initialize twice. This means: 1. First call to initialize happens via new fabric.Canvas constructor: - creates the 1st this._onResize = this._onResize.bind() - adds this as a "resize" listener - note this constructor is generated within fabric.util.createClass as this.initialize.apply(this, args) 2. Second call to initialize is explicit in the loop - overwrites the 1st this._onResize with a second - adds this as a "resize" listener 3. Dispose clears the second this._onResize Nobody ever clears the first resize listener added to the window as part of (1). And nobody can do that as nobody holds a reference to the function to the original onResize before it was rewritten. The reason why the resize handler is significant is because it is on the window, therefore global and will stay around forever unless removed. The others are localized to an element and can be collected with the element. --- Compare to this fiddle: http://jsfiddle.net/hjnhfk5L/ Before: > for(var count = 1; count < 100; count++){ > console.log("count", count); > canvas = new fabric.Canvas(); > canvas.initialize(canvasElement, {height:2000, width: 2000}); > canvas.add(rect); > canvas.dispose(); > } After: > for (var count = 1; count < 100; count++){ > console.log("count", count); > canvas = new fabric.Canvas(canvasElement, {height:2000, width: 2000}); > canvas.add(rect); > canvas.dispose(); > } This doesn't call initialize twice, and doesn't have the same leaks. --- Now, even after diagnosing this as the issue doesn't mean we can't make a change to WebKit to improve WebKit's behavior in these situations. I don't think any of these Canvas elements are actually attached to the page, so maybe we can free some of the memory held by them.
Simon Fraser (smfr)
Comment 7 2017-05-30 22:08:38 PDT
Thanks for the analysis, Joe! I wonder why Chrome doesn't show the same memory growth.
Simon Fraser (smfr)
Comment 8 2017-05-31 13:45:22 PDT
Note You need to log in before you can comment on or make changes to this bug.