WebKit Bugzilla
New
Browse
Log In
×
Sign in with GitHub
or
Remember my login
Create Account
·
Forgot Password
Forgotten password account recovery
RESOLVED DUPLICATE of
bug 56619
56045
REGRESSION (
r79781
-
r79968
): Many leaks seen beneath JSWorkerContextBase and WorkerScriptController constructors (leaking a JSGlobalData/JSGlobalObject?)
https://bugs.webkit.org/show_bug.cgi?id=56045
Summary
REGRESSION (r79781-r79968): Many leaks seen beneath JSWorkerContextBase and W...
Adam Roben (:aroben)
Reported
2011-03-09 12:26:25 PST
To see the leaks: 1. Go to
http://build.webkit.org/LeaksViewer/?url=http://build.webkit.org/results/SnowLeopard%20Intel%20Leaks/r80646%20(15446)/DumpRenderTree12-leaks.txt
2. Select "Tree (Top Down)" at the bottom of the page 3. Sort by "Total" 4. Start digging in Pretty much all of the leaks seem to be beneath the JSWorkerContextBase and WorkerScriptController constructors. It looks like we're leaking a JSGlobalObject and a JSGlobalData. I don't know whether this is a regression.
Attachments
Add attachment
proposed patch, testcase, etc.
Adam Roben (:aroben)
Comment 1
2011-03-09 12:26:59 PST
<
rdar://problem/9109988
>
Adam Roben (:aroben)
Comment 2
2011-03-11 11:09:25 PST
Looks like the leaks started happening in this range:
http://build.webkit.org/builders/SnowLeopard%20Intel%20Leaks/builds/15150
http://build.webkit.org/builders/SnowLeopard%20Intel%20Leaks/builds/15280
Adam Roben (:aroben)
Comment 3
2011-03-11 11:16:35 PST
Narrowed it down a little further:
http://build.webkit.org/builders/SnowLeopard%20Intel%20Leaks/builds/15164
(good)
http://build.webkit.org/builders/SnowLeopard%20Intel%20Leaks/builds/15255
(bad)
Adam Roben (:aroben)
Comment 4
2011-03-11 11:17:54 PST
http://build.webkit.org/builders/SnowLeopard%20Intel%20Leaks/builds/15235
(bad)
Adam Roben (:aroben)
Comment 5
2011-03-11 11:18:27 PST
http://build.webkit.org/builders/SnowLeopard%20Intel%20Leaks/builds/15220
(bad)
Adam Roben (:aroben)
Comment 6
2011-03-11 11:23:23 PST
Looks like there were a lot of JSC changes in this period and no workers changes.
David Levin
Comment 7
2011-03-11 11:27:38 PST
fwiw it seems like all leaks were related to strings allocated for Identifier. I haven't been able to figure out where the ref count goes wrong on them yet (and likely won't have much time over the next few days to get further as I'm on tap to be the Chrome WebKit gardener for the next 4 working days).
Alexey Proskuryakov
Comment 8
2011-03-11 12:11:18 PST
I briefly looked at Identifier string handling, and I don't see how strings are removed from HashSet. If we can get dangling pointers there, that would be pretty bad.
Adam Roben (:aroben)
Comment 9
2011-03-14 13:18:17 PDT
Looks like the leaks don't happen in every build:
http://build.webkit.org/builders/SnowLeopard%20Intel%20Leaks/builds/15500
Alexey Proskuryakov
Comment 10
2011-03-14 13:29:10 PDT
See also:
bug 56304
.
Alexey Proskuryakov
Comment 11
2011-03-14 14:08:41 PDT
> I don't see how strings are removed from HashSet
It's it StringImpl destructor: #if USE(JSC) if (isIdentifier()) { if (!wtfThreadData().currentIdentifierTable()->remove(this)) CRASH(); } #endif
Mark Rowe (bdash)
Comment 12
2011-03-14 16:26:33 PDT
This also happens outside of the context of workers. <
http://build.webkit.org/results/SnowLeopard%20Intel%20Leaks/r81055%20(15563)/DumpRenderTree14-leaks.txt
> shows a number of leaks originating from DRT’s JavaScriptCore thread.
Geoffrey Garen
Comment 13
2011-03-17 23:02:26 PDT
*** This bug has been marked as a duplicate of
bug 56619
***
Note
You need to
log in
before you can comment on or make changes to this bug.
Top of Page
Format For Printing
XML
Clone This Bug