[Webkit-unassigned] [Bug 63938] New: Image creation via data: uri causes unbounded memory growth and crashing

bugzilla-daemon at webkit.org bugzilla-daemon at webkit.org
Tue Jul 5 06:50:59 PDT 2011 

https://bugs.webkit.org/show_bug.cgi?id=63938

           Summary: Image creation via data: uri causes unbounded memory
                    growth and crashing
           Product: WebKit
           Version: 528+ (Nightly build)
          Platform: All
               URL: http://turmeric.assanka.com/rowan/imgmemory.html
        OS/Version: All
            Status: UNCONFIRMED
          Severity: Normal
          Priority: P2
         Component: Images
        AssignedTo: webkit-unassigned at lists.webkit.org
        ReportedBy: rowan at irowan.com


If a page displays images via data: uris, some form of memory usage related to the data: uris is never released.  If javascript is used to dynamically create image elements on page (via createElement, innerHTML etc) using data: uris as the source, memory usage will increase and will not decrease proportionally when the image is subsequently removed from the page.

There is a brief writeup of this bug at http://waldheinz.de/2010/06/webkit-leaks-data-uris/ , and a reduced test case based on that page at http://turmeric.assanka.com/rowan/imgmemory.html .

I initially thought this might be related to the page image cache, but that appears to be capping out correctly (at ~128MB IIRC?) if images loaded via URL instead of data URI are used instead.  That also suggests this isn't related to some of the other rapid-loading image issues ("death by a thousand papercuts" etc), and instead may be related to a URL issue such as https://bugs.webkit.org/show_bug.cgi?id=19699 .

There's a Chromium bug open for this, although that bug seems to cover several unrelated image issues; jamesr has done some investigative work, see his comment at http://code.google.com/p/chromium/issues/detail?id=36142#c64 .

This causes severe leaks on latest nightlies, Safari, and Chrome, and crashes on iOS.

-- 
Configure bugmail: https://bugs.webkit.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug.

More information about the webkit-unassigned mailing list