I spent more time on it and now have concrete info. The reason for the leak is ExecutableBase class in runtime/Executable.h has conditional compilation for the destroy call (only enabled if JIT is enabled). So when a ProgramExecutable is created, it adds a ref to the JSC::SourceCode::m_provider member I mentioned below. However, if you turn off JIT, the allocateCell ends up putting it in heap.allocateWithoutDestructor. Since the destructor/destroy is not called anymore, the ref leaks when JIT is not enabled.
It seems to me that safeguarding the destructor using ENABLE(JIT) is a mistake. The memory leak is also quite severe as I outlined below. A quick local test I am running at the moment by allowing the destructor for the non JIT path seems to be working well without leaks. Thoughts? Thanks Arpit From: webkit-help-boun...@lists.webkit.org [mailto:webkit-help-boun...@lists.webkit.org] On Behalf Of Baldeva, Arpit Sent: Wednesday, April 09, 2014 5:47 PM To: webkit-help@lists.webkit.org Subject: [webkit-help] cached scripts leak in C Loop Interpreter mode Hi, I am using WebCore::gcController().discardAllCompiledCode() API to discard cached scripts and free up memory. This works pretty well in the JIT mode. However, when I used C Loop interpreter, the cached scripts are not discarded. So far, I have traced it down to JSC::SourceCode::m_provider member. The ref count on this member is all wrong. The reproduction is pretty simple. Load a "hello world" type page in web view, then go to Google.com. That causes about 0.189 MB worth of scripts to get cached. Go back to the hello world page and now call WebCore::gcController().discardAllCompiledCode(). The JIT path is able to get rid of the cached scripts. However, C loop interpreter leaks pretty much everything (the ref count on the member noted about is around ~850 whereas it should be 1). The direct url of the problematic script is http://www.google.com/xjs/_/js/k=xjs.hp.en_US.75bv2nh_qxI.O/m=sb_he,pcc/rt=j/d=1/sv=1/rs=AItRSTOX5WMsAVpkgEafYeVKZ7ZCJdNXcg An even more accessible scenario is just keep on reloading the sunspider test suite. I used 0.9.1 - http://www.webkit.org/perf/sunspider-0.9.1/sunspider-0.9.1/driver.html Every reload is pretty much leaking causing the memory usage to grow unbounded. The C Loop interpreter path memory usage goes up to 200 MB just within few minutes however the JIT path stays around 12 MB. My version of code is about 5 months old (157437). However, I did not see any leak fixes going in recently when I search bugzilla. Any help is appreciated. Thanks Arpit
_______________________________________________ webkit-help mailing list webkit-help@lists.webkit.org https://lists.webkit.org/mailman/listinfo/webkit-help
