[Webkit-unassigned] [Bug 37813] New: [Gtk] LEAK: WebCore::Document instances are leaked in certain conditions.

bugzilla-daemon at webkit.org bugzilla-daemon at webkit.org
Mon Apr 19 12:40:43 PDT 2010 

https://bugs.webkit.org/show_bug.cgi?id=37813

           Summary: [Gtk] LEAK: WebCore::Document instances are leaked in
                    certain conditions.
           Product: WebKit
           Version: 528+ (Nightly build)
          Platform: Other
        OS/Version: Other
            Status: UNCONFIRMED
          Severity: Normal
          Priority: P2
         Component: Platform
        AssignedTo: webkit-unassigned at lists.webkit.org
        ReportedBy: superstippi at gmx.de


This is something I've found out by trying to track down an issue in the Haiku
port and cross-referencing the Gtk port. My debugging facilities are somewhat
crude, but I can't see at the moment how my findings could be wrong: In the
WebCore/dom/Document.cpp, I've added a variable "static int instanceCount = 0".
Then in the Document constructor, I increase the variable, print the instance
count, and in the destructor, I decrease the value and print it again.
Normally, the instance count ballances out just fine, but in the following test
case, but also in many other cases, it does not: Run GtkLauncher with
"http://www.wikipedia.com" as argument on the command line. The instance count
will go up to 2 and back to 1 until the page is loaded. The Frame instance
which is passed to the Document constructor is always the same. I think it
loads an initial about:blank and then the requested URL. Now enter a search
string in the Wikipedia text input. I used "amiga". This will immediately
navigate to the resulting page. A second Document instance has been created,
while the first one is put into the page cache (I enabled the page cache in the
GtkLauncher). Now close GtkLauncher, you will see that neither instance is
being freed. If you don't enter a search string and close GtkLauncher, you will
see that the only Document instance is freed correctly. Just to make sure, I
repeated the test with the page cache disabled. In that case, the second of the
two instances is freed. The revision I tested is r57813.

-- 
Configure bugmail: https://bugs.webkit.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug.

More information about the webkit-unassigned mailing list