When execute the js file below , jsc will have a memory leak ``` function main() { const v4 = [13.37]; const v6 = [1337,1337]; const v7 = [v4,"constructor",-3004925011]; const v8 = {b:13.37,toString:v6,d:v7,c:-3004925011}; const v9 = {d:v7,toString:v8}; let v10 = -3004925011; const v15 = [13.37,13.37]; const v17 = [1337,1337,1337,1337,1337]; const v18 = [1457955308,"FvJ1dPW7NF",13.37]; let v20 = NaN; const v22 = [13.37,13.37]; const v24 = [1337,1337,1337,v22]; const v25 = [1337,v24]; const v27 = (13.37).toLocaleString(); const v28 = v25.join(); function v29(v30,v31,v32,v33,...v34) { function v35(v36,v37,v38,v39,...v40) { const v45 = [13.37,13.37,13.37]; const v46 = v45.__proto__; const v48 = {set:gc,get:gc}; const v50 = Object.defineProperty(v46,128,v48); for (let v52 = 0; v52 < 1000; v52++) { function v54(v55,v56,v57,v58,...v59) { const v63 = isFinite.apply(Object); return v63; } const v64 = v54(); } return noInline; } const v65 = v35(); return v27; } const v66 = v29(v28,v29); const v67 = {valueOf:"FvJ1dPW7NF",a:v18}; const v69 = [13.37]; const v71 = [1337,1337,1337]; function v72(v73,v74,v75) { const v79 = [13.37,13.37,13.37,13.37,13.37]; const v80 = [v79,v79,-973213979,13.37]; const v82 = [13.37,Symbol,13.37]; function v83(v84,v85,v86) { } const v88 = [v80,13.37]; const v90 = [1337,1337,1337,v88]; const v91 = [1337,v90]; const v92 = v82.toLocaleString(); let v95 = 0; do { function v96(v97,v98,v99,v100,...v101) { function v102(v103,v104,v105,v106,...v107) { for (let v111 = 0; v111 < 1000; v111++) { function v112(v113,v114,v115,v116,...v117) { } } } } const v118 = v95 + 1; v95 = v118; } while (v95 < 8); const v123 = [13.37,13.37,13.37,13.37,13.37]; const v125 = [1337,1337]; const v126 = ["Z2EBZHeeZW","Z2EBZHeeZW"]; const v127 = {length:v123}; const v128 = {c:v125,a:v125,length:Function,b:Function,e:13.37}; let v129 = 1337; const v131 = [1337,1337,1337,1337]; const v133 = [1337,1337,1337,1337]; const v136 = [1337,1337,1337,1337]; const v137 = {}; let v138 = 3; function v139(v140,v141,v142) { for (let v147 = 0; v147 < 1000; v147++) { function v149(v150,v151,v152) { } let v154 = 0; for (const v155 of arguments) { const v157 = [1337]; function v159(v160,v161,v162) { arguments.__proto__ = v157; } function v163(v164,v165,v166,v167,...v168) { const v174 = v159(); } function v178(v179,v180,v181,v182,...v183) { } } const v191 = {__proto__:v149}; const v193 = Object.seal(arguments,9007199254740991,v191); } return v136; } const v195 = v139(v138,v137,v136); function v196(v197,v198,v199) { function v200(v201,v202,v203,v204,...v205) { } } let v210 = 0; do { const v211 = v210 + 1; v210 = v211; } while (v210 < 7); for (let v215 = 0; v215 < 3; v215++) { } const v217 = v139(8,1); function v218(v219,v220,v221,v222) { return 13.37; } function v223(v224,v225,v226,v227,...v228) { function v229(v230,v231,v232,v233,...v234) { function v235(v236,v237,v238,v239,...v240) { function v241(v242,v243,v244,v245,...v246) { return v237; } return v28; } return v82; } return v67; } const v247 = v91.push(v92); return v9; } const v248 = v69 - v71; const v249 = v72(13.37,1337,v248); } noDFG(main); noFTL(main); main(); ``` ASAN will show the detail ``` ================================================================= ==5624==ERROR: LeakSanitizer: detected memory leaks Direct leak of 96 byte(s) in 3 object(s) allocated from: #0 0x7f85dc6a4f00 in operator new(unsigned long) (/usr/lib/x86_64-linux-gnu/libasan.so.3+0xc7f00) #1 0x240ecc9 in bmalloc::Heap::Heap(bmalloc::HeapKind, std::lock_guard<bmalloc::Mutex>&) (/home/android/Desktop/Fuzzer/BrowserCore/webkit/WebKitBuild/Release/bin/jsc+0x240ecc9) #2 0x2407a25 in bmalloc::PerProcess<bmalloc::PerHeapKind<bmalloc::Heap> >::getSlowCase() (/home/android/Desktop/Fuzzer/BrowserCore/webkit/WebKitBuild/Release/bin/jsc+0x2407a25) #3 0x2407367 in bmalloc::Cache::Cache(bmalloc::HeapKind) (/home/android/Desktop/Fuzzer/BrowserCore/webkit/WebKitBuild/Release/bin/jsc+0x2407367) #4 0x2407cab in bmalloc::PerThread<bmalloc::PerHeapKind<bmalloc::Cache> >::getSlowCase() (/home/android/Desktop/Fuzzer/BrowserCore/webkit/WebKitBuild/Release/bin/jsc+0x2407cab) #5 0x24073fd in bmalloc::Cache::allocateSlowCaseNullCache(bmalloc::HeapKind, unsigned long) (/home/android/Desktop/Fuzzer/BrowserCore/webkit/WebKitBuild/Release/bin/jsc+0x24073fd) #6 0x233e24d in WTF::fastMalloc(unsigned long) (/home/android/Desktop/Fuzzer/BrowserCore/webkit/WebKitBuild/Release/bin/jsc+0x233e24d) #7 0x23f51d6 in WTF::Thread::initializeCurrentTLS() (/home/android/Desktop/Fuzzer/BrowserCore/webkit/WebKitBuild/Release/bin/jsc+0x23f51d6) #8 0x234f56c in WTF::LockedPrintStream::begin() (/home/android/Desktop/Fuzzer/BrowserCore/webkit/WebKitBuild/Release/bin/jsc+0x234f56c) #9 0x199ecdd in void std::call_once<JSC::Options::initialize()::{lambda()#1}>(std::once_flag&, JSC::Options::initialize()::{lambda()#1}&&)::{lambda()#2}::_FUN() (/home/android/Desktop/Fuzzer/BrowserCore/webkit/WebKitBuild/Release/bin/jsc+0x199ecdd) #10 0x7f85dc3cea98 in __pthread_once_slow (/lib/x86_64-linux-gnu/libpthread.so.0+0xea98) Indirect leak of 120 byte(s) in 3 object(s) allocated from: #0 0x7f85dc6a4f00 in operator new(unsigned long) (/usr/lib/x86_64-linux-gnu/libasan.so.3+0xc7f00) #1 0x240ec45 in bmalloc::Heap::Heap(bmalloc::HeapKind, std::lock_guard<bmalloc::Mutex>&) (/home/android/Desktop/Fuzzer/BrowserCore/webkit/WebKitBuild/Release/bin/jsc+0x240ec45) #2 0x2407a25 in bmalloc::PerProcess<bmalloc::PerHeapKind<bmalloc::Heap> >::getSlowCase() (/home/android/Desktop/Fuzzer/BrowserCore/webkit/WebKitBuild/Release/bin/jsc+0x2407a25) #3 0x2407367 in bmalloc::Cache::Cache(bmalloc::HeapKind) (/home/android/Desktop/Fuzzer/BrowserCore/webkit/WebKitBuild/Release/bin/jsc+0x2407367) #4 0x2407cab in bmalloc::PerThread<bmalloc::PerHeapKind<bmalloc::Cache> >::getSlowCase() (/home/android/Desktop/Fuzzer/BrowserCore/webkit/WebKitBuild/Release/bin/jsc+0x2407cab) #5 0x24073fd in bmalloc::Cache::allocateSlowCaseNullCache(bmalloc::HeapKind, unsigned long) (/home/android/Desktop/Fuzzer/BrowserCore/webkit/WebKitBuild/Release/bin/jsc+0x24073fd) #6 0x233e24d in WTF::fastMalloc(unsigned long) (/home/android/Desktop/Fuzzer/BrowserCore/webkit/WebKitBuild/Release/bin/jsc+0x233e24d) #7 0x23f51d6 in WTF::Thread::initializeCurrentTLS() (/home/android/Desktop/Fuzzer/BrowserCore/webkit/WebKitBuild/Release/bin/jsc+0x23f51d6) #8 0x234f56c in WTF::LockedPrintStream::begin() (/home/android/Desktop/Fuzzer/BrowserCore/webkit/WebKitBuild/Release/bin/jsc+0x234f56c) #9 0x199ecdd in void std::call_once<JSC::Options::initialize()::{lambda()#1}>(std::once_flag&, JSC::Options::initialize()::{lambda()#1}&&)::{lambda()#2}::_FUN() (/home/android/Desktop/Fuzzer/BrowserCore/webkit/WebKitBuild/Release/bin/jsc+0x199ecdd) #10 0x7f85dc3cea98 in __pthread_once_slow (/lib/x86_64-linux-gnu/libpthread.so.0+0xea98) SUMMARY: AddressSanitizer: 216 byte(s) leaked in 6 allocation(s). ``` To reproduce this issue ,you need to run jsc with this command: `jsc --validateOptions=true --useConcurrentJIT=false --thresholdForJITSoon=10 --thresholdForJITAfterWarmUp=10 --thresholdForOptimizeAfterWarmUp=100 --thresholdForOptimizeAfterLongWarmUp=100 --thresholdForOptimizeAfterLongWarmUp=100 --thresholdForFTLOptimizeAfterWarmUp=1000 --thresholdForFTLOptimizeSoon=1000 --gcAtEnd=true crash_1565006120806_26271_flaky_6.js`
<rdar://problem/54614147>
This is per-process singleton. Not an actual leak.