[Webkit-unassigned] [Bug 105367] [V8] Creation of dedicated workers (isolates) prevents proper destruction of wrapped C++ objects
bugzilla-daemon at webkit.org
bugzilla-daemon at webkit.org
Tue Dec 18 16:58:27 PST 2012
https://bugs.webkit.org/show_bug.cgi?id=105367
Kenneth Russell <kbr at google.com> changed:
What |Removed |Added
----------------------------------------------------------------------------
Priority|P2 |P1
CC| |abarth at webkit.org,
| |danno at chromium.org,
| |dimich at chromium.org,
| |haraken at chromium.org,
| |kbr at google.com,
| |levin at chromium.org,
| |ulan at chromium.org
--- Comment #2 from Kenneth Russell <kbr at google.com> 2012-12-18 17:00:43 PST ---
+some people who worked on the DOM bindings, isolates, and GC recently
Initially we thought this was a bug in V8's GC, but because the WebGLRenderingContext objects aren't alive according to the heap profiler, I think it's a bug in the DOM bindings related to isolates. I have a bad feeling that if a dedicated worker is created, it may be preventing C++ objects which are referred to by JavaScript objects (whether those objects are in the DOM or not -- the WebGLRenderingContext isn't) from being properly unreferenced and deleted.
I'm raising this to P1 until the cause is at least understood, as this bug could be causing major memory leaks for applications using workers. I don't think it's specific to WebGL.
Please CC: anyone who may have worked in this area.
--
Configure bugmail: https://bugs.webkit.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug.
More information about the webkit-unassigned
mailing list