[Webkit-unassigned] [Bug 118788] [GTK] WebKitDOM objects leaking

Mon Feb 16 06:37:37 PST 2015

https://bugs.webkit.org/show_bug.cgi?id=118788

--- Comment #6 from Carlos Garcia Campos <cgarcia at igalia.com> ---
(In reply to comment #5)
> Created attachment 246517 [details]
> wk-leaks.c
> 
> Test application (first line shows how to compile & run it), which makes it
> easier to reproduce the leaks. Similar code (update_styles()) is used in
> Evolution and called to quite few times on various occasions.
> 
> The thing is that objects like WebKitDOMCSSRuleList (returned from
> webkit_dom_css_style_sheet_get_css_rules()) and WebKitDOMCSSRule (returned
> from webkit_dom_css_rule_list_item()) are not freed on frame reload, but a
> new objects are returned anyway.
> 
> The reason is that DOMObjectCache::clearByFrame() is called with a valid
> frame, but these objkects (and many other DOM objects) are stored in the
> cache with NULL data->frame.
> 
> My opinion: It won't work to always remove objects which has data->frame ==
> NULL in the cache on any frame cleanup, because that would influence
> (invalidate) GObject-s from other web views (if there are more instances).

I think the actual bug are the gtk-doc tags used, because not all GObject DOM bindings are supposed to be returned as transfer-none. See the original bug #40302 and the commits message:

"Manual management (calling g_object_unref on them) is also allowed, and is required for objects that are not in the DOM tree (eg NodeLists)."

I forgot about those when I added the transfer annotations to the gtk-doc :-(

-- 
You are receiving this mail because:
You are the assignee for the bug.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.webkit.org/pipermail/webkit-unassigned/attachments/20150216/44a8743e/attachment-0002.html>