[Webkit-unassigned] [Bug 10773] Memory usage grows when reloading google.com/ig
bugzilla-daemon at webkit.org
bugzilla-daemon at webkit.org
Tue Jan 16 11:49:58 PST 2007
http://bugs.webkit.org/show_bug.cgi?id=10773
------- Comment #17 from sanjay12 at gmail.com 2007-01-16 11:49 PDT -------
At work so I can't ask this in IRC, but I was thinking...(bear with me here as
I'm explaining this to myself while typing it out)...
We're kind of looking at it in terms of "let's prevent the Document from
getting marked."
But logically thinking, wouldn't it make sense that if an HTMLBodyElement or
HTMLHeadElement WAS marked, then the document that owns it has to be marked as
well, because that element is contained by the document?
So the issue really is figuring out why the HTMLBodyElement or HTMLHeadElement
is getting marked, and prevent that from happening.
Browsing the code some more, I'm curious (though I can't really test it until I
get home) whether the issue is maybe something like this:
1. You hit refresh, and a new HTMLDocument is created.
2. The new HTMLDocument adopts the previous document's HTMLBodyElement or
HTMLHeadElement, for whatever reason (it maybe needs to be kept alive
temporarily on the refresh to make sure onunload handlers get their chance to
run).
3. However, even though the old HTMLBodyElement or old HTMLHeadElement is now
adopted by the new HTMLDocument, it STILL has a reference to the old
HTMLDocument in it's node tree.
4. So now when the old HTMLBodyElement/HeadElement gets marked, even though
it's now owned by the new HTMLDocument, it marks the old HTMLDocument because
it still has a reference to it in its tree.
5. Now that the old HTMLDocument is marked, its destructor can never be called.
This is important because it means forgetAllDOMNodesForDocument never gets
called, which then leaks the old HTMLDocument + any DOM Nodes that weren't
adopted by the new HTMLDocument
6. Then the vicious cycle continues for every subsequent refresh.
This might also explain why in the case of bdash's simplification without the
window event handlers, if you never press a key and just click the refresh
button, you don't leak. The reason for this is since the "keydown" listener
isn't being processesed, the old HTMLHead doesn't need to be kept alive. The
"keydown" listener is accessing the HTMLHead, so if a key is being pressed
(which happens when you Cmd-R) when you refresh, the HTMLHead gets adopted by
the new document, and causing the pattern as described above.
So then the "fix" if this is what's happening is to make sure that in
updateDOMNodeDocument, it traverses through the tree and breaks off any links
to the old HTMLDocument.
*Note the above comments were from information not actually garnered while
debugging, so it's certainly feasible that I'm totally off-base here!
--
Configure bugmail: http://bugs.webkit.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.
More information about the webkit-unassigned
mailing list