Skip to content
Find file Blame History Permalink
  • ggaren's avatar
    JavaScriptCore: · ecd5f5c5
    ggaren authored 
            Reviewed by Maciej Stachowiak.
        
        Fixed http://bugs.webkit.org/show_bug.cgi?id=12659 | <rdar://problem/4954306>
        JS objects not collected after closing window @ ebay.com/maps.google.com

        Don't GC in the Interpreter destructor. For that to work, the Interpreter
        would have to NULL out all of its ProtectedPtrs before calling collect(). But 
        we've decided that we don't want things to work that way, anyway. We want the
        client to be in charge of manual GC so that it can optimize cases when
        it will be destroying many interpreters at once
        (e.g., http://bugs.webkit.org/show_bug.cgi?id=12900).
        
        Also removed Interpreter::collect() because it was redundant with 
        Collector::collect().

        * JavaScriptCore.exp:
        * kjs/interpreter.cpp:
        (KJS::Interpreter::~Interpreter):
        * kjs/testkjs.cpp:
        (TestFunctionImp::callAsFunction):

LayoutTests:

        Reviewed by Maciej Stachowiak.
        
        Test for http://bugs.webkit.org/show_bug.cgi?id=12659 | <rdar://problem/4954306> 
        JS objects not collected after closing window @ ebay.com/maps.google.com
        
        * fast/leaks/003-expected.txt: Added.
        * fast/leaks/003.html: Added.

        * fast/dom/gc-10.html: Bumped the wiggle room threshold on this test by 2 
        because it's failing on my machine with the patch applied but, according 
        to the test notes, we're still well within the margin of error.

WebCore:

        Reviewed by Maciej Stachowiak.
        
        Fixed http://bugs.webkit.org/show_bug.cgi?id=12659 | <rdar://problem/4954306>
        JS objects not collected after closing window @ ebay.com/maps.google.com

        Garbage collect in the KJSProxy destructor, after clearing our reference
        to the interpreter, because that's when the interpreter has torn down fully.

        (Technically speaking, we can't *prove* that we have the only reference to 
        our interpreter, but that's how it works in practice, and manual garbage 
        collection is just an opportunistic optimization, so it's OK for it to 
        work in practice even if it can't be proven in theory.)
        
        Layout tests pass. No leaks reported.

        * bindings/js/kjs_proxy.cpp:
        (WebCore::KJSProxy::~KJSProxy):
        * bindings/js/kjs_proxy.h:
        * page/Page.cpp:
        (WebCore::Page::~Page): Merged pageDestroyed() calls. Moved debug-only
        code to the bottom.
        * page/Frame.cpp:
        (WebCore::Frame::~Frame): Don't call getObject() because globalObject()
        returns a JSObject* already, and the call can leave a pointer to the Window
        object on the stack. Don't check for NULL because it is an invariant of
        JavaScriptCore that no JSObject* can be NULL. Do use a volatile pointer
        for w because the 'w = 0' assignment just screams to the compiler, "Don't
        generate any code for me!"



git-svn-id: http://svn.webkit.org/repository/webkit/trunk@19894 268f45cc-cd09-0410-ab3c-d52691b4dbfc
    ecd5f5c5