Changes between Version 8 and Version 9 of Abandoned documents


Ignore:
Timestamp:
Sep 8, 2018 9:16:05 PM (2 years ago)
Author:
Simon Fraser
Comment:

--

Legend:

Unmodified
Added
Removed
Modified
  • Abandoned documents

    v8 v9  
    168168}}}
    169169
    170 Hmm, those <font-face> tags look suspicious. Breakpoints in Node::dumpStatistics() would let you confirm that they are still referencing the leaked document. So the bug fix would involve ensuring those font-face elements get released.
     170Hmm, those <font-face> tags look suspicious. Breakpoints in Node::dumpStatistics() (you can add a call to this function in the "com.apple.WebKit.showAllDocuments" callback in PageMac.mm) would let you confirm that they are still referencing the leaked document. So the bug fix would involve ensuring those font-face elements get released. We can use ref token tracking again to identify who's retaining the SVGFontFaceElement. There's a patch [https://bug-189147-attachments.webkit.org/attachment.cgi?id=349276 here] that does that; it just puts all the live SVGFontFaceElements in a HashSet so they can be dumped, and adds code to the  "com.apple.WebKit.showAllDocuments" callback to dump their remaining references. That showed up this stack:
     171{{{
     1723   0x107903384 WTF::RefPtr<WebCore::SVGFontFaceElement, WTF::DumbPtrTraits<WebCore::SVGFontFaceElement> >::RefPtr(WebCore::SVGFontFaceElement*)
     1734   0x1078db8ed WTF::RefPtr<WebCore::SVGFontFaceElement, WTF::DumbPtrTraits<WebCore::SVGFontFaceElement> >::RefPtr(WebCore::SVGFontFaceElement*)
     1745   0x1078db696 WebCore::CSSFontFaceSource::CSSFontFaceSource(WebCore::CSSFontFace&, WTF::String const&, WebCore::CachedFont*, WebCore::SVGFontFaceElement*, WTF::RefPtr<JSC::ArrayBufferView, WTF::DumbPtrTraits<JSC::ArrayBufferView> >&&)
     1756   0x1078dbb9d WebCore::CSSFontFaceSource::CSSFontFaceSource(WebCore::CSSFontFace&, WTF::String const&, WebCore::CachedFont*, WebCore::SVGFontFaceElement*, WTF::RefPtr<JSC::ArrayBufferView, WTF::DumbPtrTraits<JSC::ArrayBufferView> >&&)
     1767   0x1078cc4f6 WebCore::CSSFontFace::appendSources(WebCore::CSSFontFace&, WebCore::CSSValueList&, WebCore::Document*, bool)
     1778   0x1078de81d WebCore::CSSFontSelector::addFontFaceRule(WebCore::StyleRuleFontFace&, bool)
     1789   0x1078ddd9d WebCore::CSSFontSelector::buildCompleted()
     179}}}
     180and a bit of debugging (and logging via the Fonts log channel) shows that the CSSFontSelectors never go away. Document directly creates CSSFontSelectors, so now we've identified a retain cycle (Document -> CSSFontSelector -> CSSFontFaceSource -> SVGFontFaceElement -> Document) and the fix is to do some CSSFontSelector cleanup when the Document loses its last ref.
     181
     182
     183
     184
     185
     186