[webkit-help] cached scripts leak in C Loop Interpreter mode
abaldeva at ea.com
Fri Apr 11 09:46:07 PDT 2014
Thanks. Here is the official bug - https://bugs.webkit.org/show_bug.cgi?id=131544
I have described the fix in the bug report. I have verified it as well by letting it run overnight. Unfortunately, I am not set up to submit the patches but hopefully the info is enough for landing the fix.
Out of curiosity, is there no active port of WebKit that uses non JIT path? I was under an assumption that iOS port uses the non JIT path for web views. The interpreter path is certainly very helpful by allowing webkit to run on devices that do now allow/support JIT mode.
From: webkit-help-bounces at lists.webkit.org [mailto:webkit-help-bounces at lists.webkit.org] On Behalf Of Benjamin Poulain
Sent: Thursday, April 10, 2014 4:33 PM
To: webkit-help at lists.webkit.org
Subject: Re: [webkit-help] cached scripts leak in C Loop Interpreter mode
On 4/10/14, 4:26 PM, Baldeva, Arpit wrote:
> I spent more time on it and now have concrete info. The reason for the
> leak is ExecutableBase class in runtime/Executable.h has conditional
> compilation for the destroy call (only enabled if JIT is enabled). So
> when a ProgramExecutable is created, it adds a ref to the
> JSC::SourceCode::m_provider member I mentioned below. However, if you
> turn off JIT, the allocateCell ends up putting it in
> heap.allocateWithoutDestructor. Since the destructor/destroy is not
> called anymore, the ref leaks when JIT is not enabled.
> It seems to me that safeguarding the destructor using ENABLE(JIT) is a
> mistake. The memory leak is also quite severe as I outlined below. A
> quick local test I am running at the moment by allowing the destructor
> for the non JIT path seems to be working well without leaks.
If you have a fix, you can also attach it to the bug.
webkit-help mailing list
webkit-help at lists.webkit.org
More information about the webkit-help