[Webkit-unassigned] [Bug 193167] IndexedDB: leak IDBTransaction and TransactionOperationImpl due to retain cycle

bugzilla-daemon at webkit.org bugzilla-daemon at webkit.org
Fri Jan 4 18:17:27 PST 2019 

https://bugs.webkit.org/show_bug.cgi?id=193167

--- Comment #2 from Sihui Liu <sihui_liu at apple.com> ---
STACK OF 1 INSTANCE OF 'ROOT CYCLE: <WebCore>':
[thread 0x10b2605c0]:
39  libdyld.dylib                      0x7fff7834c3f1 start + 1
38  com.apple.WebKit.WebContent           0x100fb8867 invocation function for block in WebKit::XPCServiceEventHandler(NSObject<OS_xpc_object>*) + 0  XPCServiceMain.mm:46
37  com.apple.WebKit.WebContent           0x100fb86e2 WebKit::XPCServiceMain(int, char const**) + 547  XPCServiceMain.mm:0
36  libxpc.dylib                       0x7fff78580ce5 _xpc_copy_xpcservice_dictionary + 0
35  libxpc.dylib                       0x7fff785811e3 _xpc_objc_main + 552
34  com.apple.Foundation               0x7fff4de1e334 -[NSRunLoop(NSRunLoop) run] + 76
33  com.apple.Foundation               0x7fff4de1e45f -[NSRunLoop(NSRunLoop) runMode:beforeDate:] + 280
32  com.apple.CoreFoundation           0x7fff4bae201a CFRunLoopRunSpecific + 455
31  com.apple.CoreFoundation           0x7fff4bae2ae3 __CFRunLoopRun + 2167
30  com.apple.CoreFoundation           0x7fff4bb01912 __CFRunLoopDoTimers + 330
29  com.apple.CoreFoundation           0x7fff4bb01dcc __CFRunLoopDoTimer + 851
28  com.apple.CoreFoundation           0x7fff4bb02220 __CFRUNLOOP_IS_CALLING_OUT_TO_A_TIMER_CALLBACK_FUNCTION__ + 20
27  com.apple.WebCore                     0x103666a0f WebCore::timerFired(__CFRunLoopTimer*, void*) + 31  MainThreadSharedTimerCF.cpp:75
26  com.apple.WebCore                     0x1036450e0 WebCore::ThreadTimers::sharedTimerFiredInternal() + 176  ThreadTimers.cpp:120
25  com.apple.WebCore                     0x1030fd77c WebCore::DocumentEventQueue::pendingEventTimerFired() + 284  utility:898
24  com.apple.WebCore                     0x102d03ba8 WebCore::IDBOpenDBRequest::dispatchEvent(WebCore::Event&) + 24  RefPtr.h:87
23  com.apple.WebCore                     0x102d03d42 WebCore::IDBRequest::dispatchEvent(WebCore::Event&) + 274  IDBTransaction.cpp:1354
22  com.apple.WebCore                     0x10312b097 WebCore::EventDispatcher::dispatchEvent(WTF::Vector<WebCore::EventTarget*, 0ul, WTF::CrashOnOverflow, 16ul> const&, WebCore::Event&) + 119  EventDispatcher.cpp:186
21  com.apple.WebCore                     0x10312afee WebCore::dispatchEventInDOM(WebCore::Event&, WebCore::EventPath const&) + 222  Event.h:114
20  com.apple.WebCore                     0x10312e5a3 WebCore::EventTarget::fireEventListeners(WebCore::Event&, WebCore::EventTarget::EventInvokePhase) + 515  Vector.h:674
19  com.apple.WebCore                     0x103130639 WebCore::EventTarget::innerInvokeEventListeners(WebCore::Event&, WTF::Vector<WTF::RefPtr<WebCore::RegisteredEventListener, WTF::DumbPtrTraits<WebCore::RegisteredEventListener> >, 1ul, WTF::CrashOnOverflow, 16ul>, WebCore::EventTarget::EventInvokePhase) + 825  InspectorInstrumentation.h:282
18  com.apple.WebCore                     0x102eb502f WebCore::JSEventListener::handleEvent(WebCore::ScriptExecutionContext&, WebCore::Event&) + 1023  JSEventListener.cpp:175
17  com.apple.WebCore                     0x102e9d4e4 WebCore::JSExecState::profiledCall(JSC::ExecState*, JSC::ProfilingReason, JSC::JSValue, JSC::CallType, JSC::CallData const&, JSC::JSValue, JSC::ArgList const&, WTF::NakedPtr<JSC::Exception>&) + 100  JSExecState.h:74
16  com.apple.JavaScriptCore              0x1073abe0b JSC::profiledCall(JSC::ExecState*, JSC::ProfilingReason, JSC::JSValue, JSC::CallType, JSC::CallData const&, JSC::JSValue, JSC::ArgList const&, WTF::NakedPtr<JSC::Exception>&) + 187  CallData.cpp:41
15  com.apple.JavaScriptCore              0x1071644a0 JSC::Interpreter::executeCall(JSC::ExecState*, JSC::JSObject*, JSC::CallType, JSC::CallData const&, JSC::JSValue, JSC::ArgList const&) + 464  JITCodeInlines.h:39
14  com.apple.JavaScriptCore              0x106b89ba9 vmEntryToJavaScript + 200  LowLevelInterpreter64.asm:295
13  com.apple.JavaScriptCore              0x106b99001 llint_entry + 62110  LowLevelInterpreter.asm:899
12  com.apple.JavaScriptCore              0x106b9a042 llint_entry + 66271  LowLevelInterpreter.asm:995
11  com.apple.JavaScriptCore              0x1072699ef JSC::LLInt::commonCallEval(JSC::ExecState*, JSC::Instruction const*, JSC::MacroAssemblerCodePtr<(WTF::PtrTag)357>) + 255  LLIntSlowPaths.cpp:1745
10  com.apple.JavaScriptCore              0x10715e018 JSC::eval(JSC::ExecState*) + 664  Interpreter.cpp:171
9   com.apple.JavaScriptCore              0x10715efe2 JSC::Interpreter::execute(JSC::EvalExecutable*, JSC::ExecState*, JSC::JSValue, JSC::JSScope*) + 2194  JITCodeInlines.h:39
8   com.apple.JavaScriptCore              0x106b89ba9 vmEntryToJavaScript + 200  LowLevelInterpreter64.asm:295
7   com.apple.JavaScriptCore              0x106b99001 llint_entry + 62110  LowLevelInterpreter.asm:899
6                                      0x3a98e6201177 0x3a98e6201000 + 375
5   com.apple.WebCore                     0x1029029f2 WebCore::jsIDBDatabasePrototypeFunctionCreateObjectStore(JSC::ExecState*) + 418  Expected.h:487
4   com.apple.WebCore                     0x102cf1287 WebCore::IDBDatabase::createObjectStore(WTF::String const&, WebCore::IDBDatabase::ObjectStoreParameters&&) + 375  utility:898
3   com.apple.WebCore                     0x102d0a1ef WebCore::IDBTransaction::createObjectStore(WebCore::IDBObjectStoreInfo const&) + 127  ThreadSafeRefCounted.h:37
2   com.apple.JavaScriptCore              0x106949a2b WTF::fastMalloc(unsigned long) + 91  FastMalloc.cpp:279
1   com.apple.JavaScriptCore              0x1069b8c8c bmalloc::DebugHeap::malloc(unsigned long) + 12  DebugHeap.cpp:49
0   libsystem_malloc.dylib             0x7fff784f7b19 malloc_zone_malloc + 139 
====
    3 (256 bytes) ROOT CYCLE: <WebCore::IDBClient::TransactionOperationImpl<WebCore::IDBObjectStoreInfo const&> 0x7f85d6b32530> [112]
       1 (128 bytes) ROOT CYCLE: <WTF::Function<void ()>::CallableWrapper<WebCore::IDBClient::TransactionOperationImpl<WebCore::IDBObjectStoreInfo const&>::TransactionOperationImpl(WebCore::IDBTransaction&, void (WebCore::IDBTransaction::*)(WebCore::IDBResultData const&), void (WebCore::IDBTransaction::*)(WebCore::IDBClient::TransactionOperation&, WebCore::IDBObjectStoreInfo const&), WebCore::IDBObjectStoreInfo const&)::'lambda'()> 0x7f85d6b90940> [128]
          CYCLE BACK TO <WebCore::IDBClient::TransactionOperationImpl<WebCore::IDBObjectStoreInfo const&> 0x7f85d6b32530> [112]
       1 (16 bytes) 0x7f85d6b2b570 [16]

-- 
You are receiving this mail because:
You are the assignee for the bug.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.webkit.org/pipermail/webkit-unassigned/attachments/20190105/8a5572bf/attachment.html>

More information about the webkit-unassigned mailing list