Updates:
Owner: [email protected]
Cc: [email protected]
Labels: -Area-Misc Area-WebKit
Comment #1 on issue 21079 by [email protected]: Occasional memory leak
in WebCore::V8EventListenerList::findOrCreateWrapper<>()
http://code.google.com/p/chromium/issues/detail?id=21079
Valgrind failed to catch this in my tests. Yet I think there is a leak
indeed. What
happens is this:
1. When creating a new EventListener instance
V8DOMWrapper::getEventListener calls
V8EventListenerList::findOrCreateWrapper on proxy->objectListeners().
2. objectListeners adds the newly created instance to its HashMap<int/*v8
JS function
hash code*/, Vector<V8EventListener*>*>, growing existing or creating a new
Vector.
(Vector is required here because v8 hash codes are not unique.)
3. When proxy is disconnected from the frame, it clears
proxy->objectListeners() that
in turn clears the map, but the map does not delete the Vector objects.
There is
needsDestruction = true specified in its traits but it has no effect on
pointers to
Vector.
We have two options here:
1. Fix this by cleaning up the maps properly.
2. Rework this part by storing listeners in hidden properties on JS
functions. This
should make the code considerably simpler and less fragile.
Dimitri, what do you think?
--
You received this message because you are listed in the owner
or CC fields of this issue, or because you starred this issue.
You may adjust your issue notification preferences at:
http://code.google.com/hosting/settings
--~--~---------~--~----~------------~-------~--~----~
Automated mail from issue updates at http://crbug.com/
Subscription options: http://groups.google.com/group/chromium-bugs
-~----------~----~----~----~------~----~------~--~---
