[webkit-help] cached scripts leak in C Loop Interpreter mode

Baldeva, Arpit abaldeva at ea.com
Fri Apr 11 09:46:07 PDT 2014 

Thanks. Here is the official bug - https://bugs.webkit.org/show_bug.cgi?id=131544 

I have described the fix in the bug report. I have verified it as well by letting it run overnight. Unfortunately, I am not set up to submit the patches but hopefully the info is enough for landing the fix.

Out of curiosity, is there no active port of WebKit that uses non JIT path? I was under an assumption that iOS port uses the non JIT path for web views. The interpreter path is certainly very helpful by allowing webkit to run on devices that do now allow/support JIT mode.

Thanks
Arpit

-----Original Message-----
From: webkit-help-bounces at lists.webkit.org [mailto:webkit-help-bounces at lists.webkit.org] On Behalf Of Benjamin Poulain
Sent: Thursday, April 10, 2014 4:33 PM
To: webkit-help at lists.webkit.org
Subject: Re: [webkit-help] cached scripts leak in C Loop Interpreter mode

On 4/10/14, 4:26 PM, Baldeva, Arpit wrote:
> I spent more time on it and now have concrete info. The reason for the 
> leak is ExecutableBase class in runtime/Executable.h has conditional 
> compilation for the destroy call (only enabled if JIT is enabled). So 
> when a ProgramExecutable is created, it adds a ref to the 
> JSC::SourceCode::m_provider member I mentioned below. However, if you 
> turn off JIT, the allocateCell ends up putting it in 
> heap.allocateWithoutDestructor. Since the destructor/destroy is not 
> called anymore, the ref leaks when JIT is not enabled.
>
> It seems to me that safeguarding the destructor using ENABLE(JIT) is a 
> mistake. The memory leak is also quite severe as I outlined below. A 
> quick local test I am running at the moment by allowing the destructor 
> for the non JIT path seems to be working well without leaks.
>
> Thoughts?

This is likely a bug. I don't think anyone compile JavaScriptCore without enabling JIT anymore, that code is pretty much untested.

Please file a bug on bugs.webkit.org and give the number on this mailing list. I'll add the JavaScriptCore experts on in CC.

If you have a fix, you can also attach it to the bug.

Cheers,
Benjamin

_______________________________________________
webkit-help mailing list
webkit-help at lists.webkit.org
https://lists.webkit.org/mailman/listinfo/webkit-help

More information about the webkit-help mailing list