193264 2019-01-08 15:56:39 -0800 Leak of VectorBufferBase.m_buffer (16-64 bytes) under JSC::CompactVariableEnvironment in com.apple.WebKit.WebContent running layout tests 2019-01-08 19:28:24 -0800 1 1 1 Unclassified WebKit JavaScriptCore WebKit Local Build Unspecified Unspecified RESOLVED FIXED InRadar P2 Normal --- 1 ddkilzer ddkilzer annulen commit-queue fpizlo ggaren joepeck keith_miller mark.lam msaboff saam webkit-bug-importer ysuzuki oldest_to_newest 1492787 0 ddkilzer 2019-01-08 15:56:39 -0800 Leak of VectorBufferBase.m_buffer (16-64 bytes) under JSC::CompactVariableEnvironment in com.apple.WebKit.WebContent running layout tests. $ ./Tools/Scripts/run-webkit-tests --no-build --debug --batch-size=1000 --child-processes=1 --verbose --leaks --no-retry --no-show-results compositing contentfiltering crypto NOTE: Requires changes to run-webkit-tests to support --leaks with WebKit2. STACK OF 1 INSTANCE OF 'ROOT LEAK: <0x7fb3c1786660>', 1 INSTANCE OF 'ROOT LEAK: <0x7fb3c1787ac0>', 1 INSTANCE OF 'ROOT LEAK: <0x7fb3c17850c0>', 1 INSTANCE OF 'ROOT LEAK: <0x7fb3c1786640>', 1 INSTANCE OF 'ROOT LEAK: <0x7fb3c17855c0>', 1 INSTANCE OF 'ROOT LEAK: <0x7fb3c1784300>', 1 INSTANCE OF 'ROOT LEAK: <0x7fb3c1786070>', 1 INSTANCE OF 'ROOT LEAK: <0x7fb3c1785ee0>', 1 INSTANCE OF 'ROOT LEAK: <0x7fb3c1788320>', 1 INSTANCE OF 'ROOT LEAK: <0x7fb3c1786380>', 1 INSTANCE OF 'ROOT LEAK: <0x7fb3c178a390>', 1 INSTANCE OF 'ROOT LEAK: <0x7fb3c176dcd0>', 1 INSTANCE OF 'ROOT LEAK: <0x7fb3c1788890>', 1 INSTANCE OF 'ROOT LEAK: <0x7fb3c1786a90>', 1 INSTANCE OF 'ROOT LEAK: <0x7fb3c1785cb0>', 1 INSTANCE OF 'ROOT LEAK: <0x7fb3c17863d0>', 1 INSTANCE OF 'ROOT LEAK: <0x7fb3c1784090>', 1 INSTANCE OF 'ROOT LEAK: <0x7fb3c1783fb0>', 1 INSTANCE OF 'ROOT LEAK: <0x7fb3c1726820>', 1 INSTANCE OF 'ROOT LEAK: <0x7fb3c1785560>', 1 INSTANCE OF 'ROOT LEAK: <0x7fb3c1787950>', 1 INSTANCE OF 'ROOT LEAK: <0x7fb3c178a540>', 1 INSTANCE OF 'ROOT LEAK: <0x7fb3c17863b0>', 1 INSTANCE OF 'ROOT LEAK: <0x7fb3c1785c70>', 1 INSTANCE OF 'ROOT LEAK: <0x7fb3c17858e0>', 1 INSTANCE OF 'ROOT LEAK: <0x7fb3c1786390>', 1 INSTANCE OF 'ROOT LEAK: <0x7fb3c1785b30>', 1 INSTANCE OF 'ROOT LEAK: <0x7fb3c1786440>', 1 INSTANCE OF 'ROOT LEAK: <0x7fb3c1784050>', 1 INSTANCE OF 'ROOT LEAK: <0x7fb3c1786060>', 1 INSTANCE OF 'ROOT LEAK: <0x7fb3c1785900>', 1 INSTANCE OF 'ROOT LEAK: <0x7fb3c1786890>', 1 INSTANCE OF 'ROOT LEAK: <0x7fb3c1785c50>', 1 INSTANCE OF 'ROOT LEAK: <0x7fb3c1759840>', 1 INSTANCE OF 'ROOT LEAK: <0x7fb3c1782850>', 1 INSTANCE OF 'ROOT LEAK: <0x7fb3c17340f0>', 1 INSTANCE OF 'ROOT LEAK: <0x7fb3c1787150>', 1 INSTANCE OF 'ROOT LEAK: <0x7fb3c1787170>', 1 INSTANCE OF 'ROOT LEAK: <0x7fb3c17859e0>', 1 INSTANCE OF 'ROOT LEAK: <0x7fb3c1786040>', 1 INSTANCE OF 'ROOT LEAK: <0x7fb3c1786680>', 1 INSTANCE OF 'ROOT LEAK: <0x7fb3c1733a60>', 1 INSTANCE OF 'ROOT LEAK: <0x7fb3c17840a0>', 1 INSTANCE OF 'ROOT LEAK: <0x7fb3c1786870>', 1 INSTANCE OF 'ROOT LEAK: <0x7fb3c1787a70>', 1 INSTANCE OF 'ROOT LEAK: <0x7fb3c1786400>', 1 INSTANCE OF 'ROOT LEAK: <0x7fb3c17892a0>', 1 INSTANCE OF 'ROOT LEAK: <0x7fb3c1786850>': [thread 0x10e3625c0]: 95 libdyld.dylib 0x7fff633ad08d start + 1 94 com.apple.WebKit.WebContent 0x106057352 main + 34 XPCServiceMain.mm:165 93 com.apple.WebKit.WebContent 0x106057065 WebKit::XPCServiceMain(int, char const**) + 1333 XPCServiceMain.mm:157 92 libxpc.dylib 0x7fff635e39e5 _xpc_copy_xpcservice_dictionary + 0 91 libxpc.dylib 0x7fff635e3ee6 _xpc_objc_main + 555 90 com.apple.Foundation 0x7fff384b828f -[NSRunLoop(NSRunLoop) run] + 76 89 com.apple.Foundation 0x7fff384b83ba -[NSRunLoop(NSRunLoop) runMode:beforeDate:] + 280 88 com.apple.CoreFoundation 0x7fff36133be6 CFRunLoopRunSpecific + 467 87 com.apple.CoreFoundation 0x7fff36134303 __CFRunLoopRun + 1226 86 com.apple.CoreFoundation 0x7fff36134d5c __CFRunLoopDoSources0 + 195 85 com.apple.CoreFoundation 0x7fff36150eaf __CFRunLoopDoSource0 + 108 84 com.apple.CoreFoundation 0x7fff36150f09 __CFRUNLOOP_IS_CALLING_OUT_TO_A_SOURCE0_PERFORM_FUNCTION__ + 17 83 com.apple.JavaScriptCore 0x710efa174 WTF::RunLoop::performWork(void*) + 36 RunLoopCF.cpp:38 82 com.apple.JavaScriptCore 0x710ef97e3 WTF::RunLoop::performWork() + 211 RunLoop.cpp:107 81 com.apple.JavaScriptCore 0x710e93dad WTF::Function<void ()>::operator()() const + 173 Function.h:56 80 com.apple.WebKit 0x1060d0939 WTF::Function<void ()>::CallableWrapper<IPC::Connection::enqueueIncomingMessage(std::__1::unique_ptr<IPC::Decoder, std::__1::default_delete<IPC::Decoder> >)::$_14>::call() + 25 Function.h:101 79 com.apple.WebKit 0x1060d0a28 IPC::Connection::enqueueIncomingMessage(std::__1::unique_ptr<IPC::Decoder, std::__1::default_delete<IPC::Decoder> >)::$_14::operator()() + 104 Connection.cpp:957 78 com.apple.WebKit 0x1060afcb7 IPC::Connection::dispatchOneIncomingMessage() + 1607 Connection.cpp:1074 77 com.apple.WebKit 0x1060a12d1 IPC::Connection::dispatchMessage(std::__1::unique_ptr<IPC::Decoder, std::__1::default_delete<IPC::Decoder> >) + 721 Connection.cpp:0 76 com.apple.WebKit 0x1060aeeec IPC::Connection::dispatchMessage(IPC::Decoder&) + 476 Connection.cpp:979 75 com.apple.WebKit 0x106ecca46 WebKit::NetworkProcessConnection::didReceiveMessage(IPC::Connection&, IPC::Decoder&) + 166 NetworkProcessConnection.cpp:79 74 com.apple.WebKit 0x1072b44dc WebKit::WebResourceLoader::didReceiveWebResourceLoaderMessage(IPC::Connection&, IPC::Decoder&) + 636 WebResourceLoaderMessageReceiver.cpp:65 73 com.apple.WebKit 0x1072b4e28 void IPC::handleMessage<Messages::WebResourceLoader::DidFinishResourceLoad, WebKit::WebResourceLoader, void (WebKit::WebResourceLoader::*)(WebCore::NetworkLoadMetrics const&)>(IPC::Decoder&, WebKit::WebResourceLoader*, void (WebKit::WebResourceLoader::*)(WebCore::NetworkLoadMetrics const&)) + 296 HandleMessage.h:134 72 com.apple.WebKit 0x1072b5b20 void IPC::callMemberFunction<WebKit::WebResourceLoader, void (WebKit::WebResourceLoader::*)(WebCore::NetworkLoadMetrics const&), std::__1::tuple<WebCore::NetworkLoadMetrics>, std::__1::integer_sequence<unsigned long, 0ul> >(std::__1::tuple<WebCore::NetworkLoadMetrics>&&, WebKit::WebResourceLoader*, void (WebKit::WebResourceLoader::*)(WebCore::NetworkLoadMetrics const&)) + 96 HandleMessage.h:48 71 com.apple.WebKit 0x1072b5c9a void IPC::callMemberFunctionImpl<WebKit::WebResourceLoader, void (WebKit::WebResourceLoader::*)(WebCore::NetworkLoadMetrics const&), std::__1::tuple<WebCore::NetworkLoadMetrics>, 0ul>(WebKit::WebResourceLoader*, void (WebKit::WebResourceLoader::*)(WebCore::NetworkLoadMetrics const&), std::__1::tuple<WebCore::NetworkLoadMetrics>&&, std::__1::integer_sequence<unsigned long, 0ul>) + 154 HandleMessage.h:42 70 com.apple.WebKit 0x106edab49 WebKit::WebResourceLoader::didFinishResourceLoad(WebCore::NetworkLoadMetrics const&) + 457 WebResourceLoader.cpp:154 69 com.apple.WebCore 0x70299150f WebCore::SubresourceLoader::didFinishLoading(WebCore::NetworkLoadMetrics const&) + 799 SubresourceLoader.cpp:636 68 com.apple.WebCore 0x702a08096 WebCore::CachedRawResource::finishLoading(WebCore::SharedBuffer*) + 326 CachedRawResource.cpp:121 67 com.apple.WebCore 0x702a08501 WebCore::CachedResource::finishLoading(WebCore::SharedBuffer*) + 49 CachedResource.cpp:366 66 com.apple.WebCore 0x702a0d6af WebCore::CachedResource::checkNotify() + 127 CachedResource.cpp:348 65 com.apple.WebCore 0x7028bfaea WebCore::DocumentLoader::notifyFinished(WebCore::CachedResource&) + 202 DocumentLoader.cpp:377 64 com.apple.WebCore 0x7028b6587 WebCore::ContentFilter::continueAfterNotifyFinished(WebCore::CachedResource&) + 359 ContentFilter.cpp:187 63 com.apple.WebCore 0x7028b6387 WebCore::ContentFilter::deliverResourceData(WebCore::CachedResource&) + 311 ContentFilter.cpp:252 62 com.apple.WebCore 0x7028c6856 WebCore::DocumentLoader::dataReceived(WebCore::CachedResource&, char const*, int) + 150 DocumentLoader.cpp:1102 61 com.apple.WebCore 0x7028c5f35 WebCore::DocumentLoader::dataReceived(char const*, int) + 613 DocumentLoader.cpp:1129 60 com.apple.WebCore 0x7028c600d WebCore::DocumentLoader::commitLoad(char const*, int) + 205 DocumentLoader.cpp:987 59 com.apple.WebKit 0x106fc21af WebKit::WebFrameLoaderClient::committedLoad(WebCore::DocumentLoader*, char const*, int) + 79 WebFrameLoaderClient.cpp:1035 58 com.apple.WebCore 0x7028c0d96 WebCore::DocumentLoader::commitData(char const*, unsigned long) + 2630 DocumentLoader.cpp:0 57 com.apple.WebCore 0x70290031b WebCore::DocumentWriter::addData(char const*, unsigned long) + 219 DocumentWriter.cpp:254 56 com.apple.WebCore 0x7025e9869 WebCore::MediaDocumentParser::appendBytes(WebCore::DocumentWriter&, char const*, unsigned long) + 57 MediaDocument.cpp:143 55 com.apple.WebCore 0x7025e9681 WebCore::MediaDocumentParser::createDocumentStructure() + 913 MediaDocument.cpp:127 54 com.apple.WebCore 0x7020e5116 WebCore::ContainerNode::appendChild(WebCore::Node&) + 246 ContainerNode.cpp:686 53 com.apple.WebCore 0x7020e20ab WebCore::ContainerNode::appendChildWithoutPreInsertionValidityCheck(WebCore::Node&) + 571 ContainerNode.cpp:710 52 com.apple.WebCore 0x7020e5455 void WebCore::executeNodeInsertionWithScriptAssertion<WebCore::ContainerNode::appendChildWithoutPreInsertionValidityCheck(WebCore::Node&)::$_4>(WebCore::ContainerNode&, WebCore::Node&, WebCore::ContainerNode::ChildChangeSource, WebCore::ReplacedAllChildren, WebCore::ContainerNode::appendChildWithoutPreInsertionValidityCheck(WebCore::Node&)::$_4) + 805 ContainerNode.cpp:213 51 com.apple.WebCore 0x702523664 WebCore::HTMLMediaElement::didFinishInsertingNode() + 324 HTMLMediaElement.cpp:931 50 com.apple.WebCore 0x7025224e5 WebCore::HTMLMediaElement::configureMediaControls() + 261 HTMLMediaElement.cpp:6509 49 com.apple.WebCore 0x702538b97 WebCore::HTMLMediaElement::ensureMediaControlsShadowRoot() + 167 HTMLMediaElement.cpp:4357 48 com.apple.WebCore 0x7021f0836 WebCore::Element::ensureUserAgentShadowRoot() + 198 Element.cpp:2103 47 com.apple.WebCore 0x7021effd6 WebCore::Element::addShadowRoot(WTF::Ref<WebCore::ShadowRoot, WTF::DumbPtrTraits<WebCore::ShadowRoot> >&&) + 646 Element.cpp:2010 46 com.apple.WebCore 0x7025445a8 WebCore::HTMLMediaElement::didAddUserAgentShadowRoot(WebCore::ShadowRoot&) + 120 HTMLMediaElement.cpp:7286 45 com.apple.WebCore 0x70253923f WebCore::HTMLMediaElement::ensureMediaControlsInjectedScript() + 239 HTMLMediaElement.cpp:7220 44 com.apple.WebCore 0x702538d74 WebCore::HTMLMediaElement::setupAndCallJS(WTF::Function<bool (WebCore::JSDOMGlobalObject&, JSC::ExecState&, WebCore::ScriptController&, WebCore::DOMWrapperWorld&)> const&) + 436 HTMLMediaElement.cpp:4377 43 com.apple.WebCore 0x702539039 WTF::Function<bool (WebCore::JSDOMGlobalObject&, JSC::ExecState&, WebCore::ScriptController&, WebCore::DOMWrapperWorld&)>::operator()(WebCore::JSDOMGlobalObject&, JSC::ExecState&, WebCore::ScriptController&, WebCore::DOMWrapperWorld&) const + 281 Function.h:56 42 com.apple.WebCore 0x70257bd34 WTF::Function<bool (WebCore::JSDOMGlobalObject&, JSC::ExecState&, WebCore::ScriptController&, WebCore::DOMWrapperWorld&)>::CallableWrapper<WebCore::HTMLMediaElement::ensureMediaControlsInjectedScript()::$_29>::call(WebCore::JSDOMGlobalObject&, JSC::ExecState&, WebCore::ScriptController&, WebCore::DOMWrapperWorld&) + 100 Function.h:101 41 com.apple.WebCore 0x70257bfc9 WebCore::HTMLMediaElement::ensureMediaControlsInjectedScript()::$_29::operator()(WebCore::JSDOMGlobalObject&, JSC::ExecState&, WebCore::ScriptController&, WebCore::DOMWrapperWorld&) const + 521 HTMLMediaElement.cpp:7234 40 com.apple.WebCore 0x701c9e436 WebCore::ScriptController::evaluateInWorld(WebCore::ScriptSourceCode const&, WebCore::DOMWrapperWorld&, WebCore::ExceptionDetails*) + 310 ScriptController.cpp:131 39 com.apple.WebCore 0x701c9e6db WebCore::JSExecState::profiledEvaluate(JSC::ExecState*, JSC::ProfilingReason, JSC::SourceCode const&, JSC::JSValue, WTF::NakedPtr<JSC::Exception>&) + 75 JSExecState.h:80 38 com.apple.JavaScriptCore 0x71229be71 JSC::profiledEvaluate(JSC::ExecState*, JSC::ProfilingReason, JSC::SourceCode const&, JSC::JSValue, WTF::NakedPtr<JSC::Exception>&) + 97 Completion.cpp:122 37 com.apple.JavaScriptCore 0x71229bcb5 JSC::evaluate(JSC::ExecState*, JSC::SourceCode const&, JSC::JSValue, WTF::NakedPtr<JSC::Exception>&) + 565 Completion.cpp:106 36 com.apple.JavaScriptCore 0x711fa3441 JSC::Interpreter::executeProgram(JSC::SourceCode const&, JSC::ExecState*, JSC::JSObject*) + 5265 Interpreter.cpp:801 35 com.apple.JavaScriptCore 0x712498b93 JSC::ProgramExecutable::initializeGlobalProperties(JSC::VM&, JSC::ExecState*, JSC::JSScope*) + 707 ProgramExecutable.cpp:84 34 com.apple.JavaScriptCore 0x712270758 JSC::CodeCache::getUnlinkedProgramCodeBlock(JSC::VM&, JSC::ProgramExecutable*, JSC::SourceCode const&, JSC::JSParserStrictMode, JSC::DebuggerMode, JSC::ParserError&) + 104 CodeCache.cpp:86 33 com.apple.JavaScriptCore 0x712270b7a JSC::UnlinkedProgramCodeBlock* JSC::CodeCache::getUnlinkedGlobalCodeBlock<JSC::UnlinkedProgramCodeBlock, JSC::ProgramExecutable>(JSC::VM&, JSC::ProgramExecutable*, JSC::SourceCode const&, JSC::JSParserStrictMode, JSC::JSParserScriptMode, JSC::DebuggerMode, JSC::ParserError&, JSC::EvalContextType) + 1050 CodeCache.cpp:76 32 com.apple.JavaScriptCore 0x712290dc5 JSC::UnlinkedProgramCodeBlock* JSC::generateUnlinkedCodeBlock<JSC::UnlinkedProgramCodeBlock, JSC::ProgramExecutable>(JSC::VM&, JSC::ProgramExecutable*, JSC::SourceCode const&, JSC::JSParserStrictMode, JSC::JSParserScriptMode, JSC::DebuggerMode, JSC::ParserError&, JSC::EvalContextType, JSC::VariableEnvironment const*) + 1493 CodeCache.h:251 31 com.apple.JavaScriptCore 0x712291449 JSC::ParserError JSC::BytecodeGenerator::generate<JSC::ProgramNode, JSC::UnlinkedProgramCodeBlock>(JSC::VM&, JSC::ProgramNode*, JSC::SourceCode const&, JSC::UnlinkedProgramCodeBlock*, JSC::DebuggerMode, JSC::VariableEnvironment const*) + 633 BytecodeGenerator.h:405 30 com.apple.JavaScriptCore 0x7118a0b5f JSC::BytecodeGenerator::generate() + 1199 BytecodeGenerator.cpp:239 29 com.apple.JavaScriptCore 0x7118efb34 JSC::ProgramNode::emitBytecode(JSC::BytecodeGenerator&, JSC::RegisterID*) + 36 NodesCodegen.cpp:3710 28 com.apple.JavaScriptCore 0x7118efc25 JSC::emitProgramNodeBytecode(JSC::BytecodeGenerator&, JSC::ScopeNode&) + 229 NodesCodegen.cpp:3701 27 com.apple.JavaScriptCore 0x7118efee7 JSC::ScopeNode::emitStatementsBytecode(JSC::BytecodeGenerator&, JSC::RegisterID*) + 71 NodesCodegen.cpp:3690 26 com.apple.JavaScriptCore 0x7118e9723 JSC::SourceElements::emitBytecode(JSC::BytecodeGenerator&, JSC::RegisterID*) + 243 NodesCodegen.cpp:2663 25 com.apple.JavaScriptCore 0x7118ea6df JSC::BytecodeGenerator::emitNodeInTailPosition(JSC::RegisterID*, JSC::StatementNode*) + 303 BytecodeGenerator.h:508 24 com.apple.JavaScriptCore 0x7118f19c5 JSC::ClassDeclNode::emitBytecode(JSC::BytecodeGenerator&, JSC::RegisterID*) + 37 NodesCodegen.cpp:3961 23 com.apple.JavaScriptCore 0x7118cfce4 JSC::BytecodeGenerator::emitNode(JSC::ExpressionNode*) + 36 BytecodeGenerator.h:546 22 com.apple.JavaScriptCore 0x7118af5ee JSC::BytecodeGenerator::emitNode(JSC::RegisterID*, JSC::ExpressionNode*) + 78 BytecodeGenerator.h:530 21 com.apple.JavaScriptCore 0x7118e651f JSC::BytecodeGenerator::emitNodeInTailPosition(JSC::RegisterID*, JSC::ExpressionNode*) + 303 BytecodeGenerator.h:541 20 com.apple.JavaScriptCore 0x7118e7a56 JSC::AssignResolveNode::emitBytecode(JSC::BytecodeGenerator&, JSC::RegisterID*) + 1206 NodesCodegen.cpp:2514 19 com.apple.JavaScriptCore 0x7118af5ee JSC::BytecodeGenerator::emitNode(JSC::RegisterID*, JSC::ExpressionNode*) + 78 BytecodeGenerator.h:530 18 com.apple.JavaScriptCore 0x7118e651f JSC::BytecodeGenerator::emitNodeInTailPosition(JSC::RegisterID*, JSC::ExpressionNode*) + 303 BytecodeGenerator.h:541 17 com.apple.JavaScriptCore 0x7118f1bae JSC::ClassExprNode::emitBytecode(JSC::BytecodeGenerator&, JSC::RegisterID*) + 478 NodesCodegen.cpp:3984 16 com.apple.JavaScriptCore 0x7118af5ee JSC::BytecodeGenerator::emitNode(JSC::RegisterID*, JSC::ExpressionNode*) + 78 BytecodeGenerator.h:530 15 com.apple.JavaScriptCore 0x7118e651f JSC::BytecodeGenerator::emitNodeInTailPosition(JSC::RegisterID*, JSC::ExpressionNode*) + 303 BytecodeGenerator.h:541 14 com.apple.JavaScriptCore 0x7118f151e JSC::MethodDefinitionNode::emitBytecode(JSC::BytecodeGenerator&, JSC::RegisterID*) + 78 NodesCodegen.cpp:3917 13 com.apple.JavaScriptCore 0x7118befcf JSC::BytecodeGenerator::emitNewMethodDefinition(JSC::RegisterID*, JSC::MethodDefinitionNode*) + 175 BytecodeGenerator.cpp:3049 12 com.apple.JavaScriptCore 0x7118b71ac JSC::BytecodeGenerator::emitNewFunctionExpressionCommon(JSC::RegisterID*, JSC::FunctionMetadataNode*) + 60 BytecodeGenerator.cpp:3010 11 com.apple.JavaScriptCore 0x7118ac607 JSC::BytecodeGenerator::makeFunction(JSC::FunctionMetadataNode*) + 455 BytecodeGenerator.h:1150 10 com.apple.JavaScriptCore 0x7116ebe14 JSC::UnlinkedFunctionExecutable::create(JSC::VM*, JSC::SourceCode const&, JSC::FunctionMetadataNode*, JSC::UnlinkedFunctionKind, JSC::ConstructAbility, JSC::JSParserScriptMode, JSC::VariableEnvironment&, JSC::DerivedContextType, bool) + 228 UnlinkedFunctionExecutable.h:69 9 com.apple.JavaScriptCore 0x711887017 JSC::UnlinkedFunctionExecutable::UnlinkedFunctionExecutable(JSC::VM*, JSC::Structure*, JSC::SourceCode const&, JSC::FunctionMetadataNode*, JSC::UnlinkedFunctionKind, JSC::ConstructAbility, JSC::JSParserScriptMode, JSC::VariableEnvironment&, JSC::DerivedContextType, bool) + 167 UnlinkedFunctionExecutable.cpp:120 8 com.apple.JavaScriptCore 0x711886871 JSC::UnlinkedFunctionExecutable::UnlinkedFunctionExecutable(JSC::VM*, JSC::Structure*, JSC::SourceCode const&, JSC::FunctionMetadataNode*, JSC::UnlinkedFunctionKind, JSC::ConstructAbility, JSC::JSParserScriptMode, JSC::VariableEnvironment&, JSC::DerivedContextType, bool) + 1137 UnlinkedFunctionExecutable.cpp:113 7 com.apple.JavaScriptCore 0x7121fe6e6 JSC::CompactVariableMap::get(JSC::VariableEnvironment const&) + 70 VariableEnvironment.cpp:156 6 com.apple.JavaScriptCore 0x7121fe32d JSC::CompactVariableEnvironment::CompactVariableEnvironment(JSC::VariableEnvironment const&) + 29 VariableEnvironment.cpp:123 5 com.apple.JavaScriptCore 0x7121fdc3e JSC::CompactVariableEnvironment::CompactVariableEnvironment(JSC::VariableEnvironment const&) + 606 VariableEnvironment.cpp:113 4 com.apple.JavaScriptCore 0x7121fe15f WTF::Vector<JSC::VariableEnvironmentEntry, 0ul, WTF::CrashOnOverflow, 16ul>::reserveInitialCapacity(unsigned long) + 239 Vector.h:1222 3 com.apple.JavaScriptCore 0x712204153 WTF::VectorBufferBase<JSC::VariableEnvironmentEntry>::allocateBuffer(unsigned long) + 179 Vector.h:293 2 com.apple.JavaScriptCore 0x710eaadcc WTF::fastMalloc(unsigned long) + 124 FastMalloc.cpp:187 1 libsystem_malloc.dylib 0x7fff6355a783 malloc + 24 0 libsystem_malloc.dylib 0x7fff6355a82b malloc_zone_malloc + 139 ==== 48 (768 bytes) << TOTAL >> 1 (16 bytes) ROOT LEAK: 0x7fb3c1726820 [16] 1 (16 bytes) ROOT LEAK: 0x7fb3c1733a60 [16] 1 (16 bytes) ROOT LEAK: 0x7fb3c17340f0 [16] 1 (16 bytes) ROOT LEAK: 0x7fb3c1759840 [16] 1 (16 bytes) ROOT LEAK: 0x7fb3c176dcd0 [16] 1 (16 bytes) ROOT LEAK: 0x7fb3c1782850 [16] 1 (16 bytes) ROOT LEAK: 0x7fb3c1783fb0 [16] 1 (16 bytes) ROOT LEAK: 0x7fb3c1784050 [16] 1 (16 bytes) ROOT LEAK: 0x7fb3c1784090 [16] 1 (16 bytes) ROOT LEAK: 0x7fb3c17840a0 [16] 1 (16 bytes) ROOT LEAK: 0x7fb3c1784300 [16] 1 (16 bytes) ROOT LEAK: 0x7fb3c17850c0 [16] 1 (16 bytes) ROOT LEAK: 0x7fb3c1785560 [16] 1 (16 bytes) ROOT LEAK: 0x7fb3c17855c0 [16] 1 (16 bytes) ROOT LEAK: 0x7fb3c17858e0 [16] 1 (16 bytes) ROOT LEAK: 0x7fb3c1785900 [16] 1 (16 bytes) ROOT LEAK: 0x7fb3c17859e0 [16] 1 (16 bytes) ROOT LEAK: 0x7fb3c1785b30 [16] 1 (16 bytes) ROOT LEAK: 0x7fb3c1785c50 [16] 1 (16 bytes) ROOT LEAK: 0x7fb3c1785c70 [16] 1 (16 bytes) ROOT LEAK: 0x7fb3c1785cb0 [16] 1 (16 bytes) ROOT LEAK: 0x7fb3c1785ee0 [16] 1 (16 bytes) ROOT LEAK: 0x7fb3c1786040 [16] 1 (16 bytes) ROOT LEAK: 0x7fb3c1786060 [16] 1 (16 bytes) ROOT LEAK: 0x7fb3c1786070 [16] 1 (16 bytes) ROOT LEAK: 0x7fb3c1786380 [16] 1 (16 bytes) ROOT LEAK: 0x7fb3c1786390 [16] 1 (16 bytes) ROOT LEAK: 0x7fb3c17863b0 [16] 1 (16 bytes) ROOT LEAK: 0x7fb3c17863d0 [16] 1 (16 bytes) ROOT LEAK: 0x7fb3c1786400 [16] 1 (16 bytes) ROOT LEAK: 0x7fb3c1786440 [16] 1 (16 bytes) ROOT LEAK: 0x7fb3c1786640 [16] 1 (16 bytes) ROOT LEAK: 0x7fb3c1786660 [16] 1 (16 bytes) ROOT LEAK: 0x7fb3c1786680 [16] 1 (16 bytes) ROOT LEAK: 0x7fb3c1786850 [16] 1 (16 bytes) ROOT LEAK: 0x7fb3c1786870 [16] 1 (16 bytes) ROOT LEAK: 0x7fb3c1786890 [16] 1 (16 bytes) ROOT LEAK: 0x7fb3c1786a90 [16] 1 (16 bytes) ROOT LEAK: 0x7fb3c1787150 [16] 1 (16 bytes) ROOT LEAK: 0x7fb3c1787170 [16] 1 (16 bytes) ROOT LEAK: 0x7fb3c1787950 [16] 1 (16 bytes) ROOT LEAK: 0x7fb3c1787a70 [16] 1 (16 bytes) ROOT LEAK: 0x7fb3c1787ac0 [16] 1 (16 bytes) ROOT LEAK: 0x7fb3c1788320 [16] 1 (16 bytes) ROOT LEAK: 0x7fb3c1788890 [16] 1 (16 bytes) ROOT LEAK: 0x7fb3c17892a0 [16] 1 (16 bytes) ROOT LEAK: 0x7fb3c178a390 [16] 1 (16 bytes) ROOT LEAK: 0x7fb3c178a540 [16] STACK OF 1 INSTANCE OF 'ROOT LEAK: <0x7fb3c17c3590>': [thread 0x10e3625c0]: 121 libdyld.dylib 0x7fff633ad08d start + 1 120 com.apple.WebKit.WebContent 0x106057352 main + 34 XPCServiceMain.mm:165 119 com.apple.WebKit.WebContent 0x106057065 WebKit::XPCServiceMain(int, char const**) + 1333 XPCServiceMain.mm:157 118 libxpc.dylib 0x7fff635e39e5 _xpc_copy_xpcservice_dictionary + 0 117 libxpc.dylib 0x7fff635e3ee6 _xpc_objc_main + 555 116 com.apple.Foundation 0x7fff384b828f -[NSRunLoop(NSRunLoop) run] + 76 115 com.apple.Foundation 0x7fff384b83ba -[NSRunLoop(NSRunLoop) runMode:beforeDate:] + 280 114 com.apple.CoreFoundation 0x7fff36133be6 CFRunLoopRunSpecific + 467 113 com.apple.CoreFoundation 0x7fff36134303 __CFRunLoopRun + 1226 112 com.apple.CoreFoundation 0x7fff36134d5c __CFRunLoopDoSources0 + 195 111 com.apple.CoreFoundation 0x7fff36150eaf __CFRunLoopDoSource0 + 108 110 com.apple.CoreFoundation 0x7fff36150f09 __CFRUNLOOP_IS_CALLING_OUT_TO_A_SOURCE0_PERFORM_FUNCTION__ + 17 109 com.apple.JavaScriptCore 0x710efa174 WTF::RunLoop::performWork(void*) + 36 RunLoopCF.cpp:38 108 com.apple.JavaScriptCore 0x710ef97e3 WTF::RunLoop::performWork() + 211 RunLoop.cpp:107 107 com.apple.JavaScriptCore 0x710e93dad WTF::Function<void ()>::operator()() const + 173 Function.h:56 106 com.apple.WebKit 0x1060d0939 WTF::Function<void ()>::CallableWrapper<IPC::Connection::enqueueIncomingMessage(std::__1::unique_ptr<IPC::Decoder, std::__1::default_delete<IPC::Decoder> >)::$_14>::call() + 25 Function.h:101 105 com.apple.WebKit 0x1060d0a28 IPC::Connection::enqueueIncomingMessage(std::__1::unique_ptr<IPC::Decoder, std::__1::default_delete<IPC::Decoder> >)::$_14::operator()() + 104 Connection.cpp:957 104 com.apple.WebKit 0x1060afcb7 IPC::Connection::dispatchOneIncomingMessage() + 1607 Connection.cpp:1074 103 com.apple.WebKit 0x1060a12d1 IPC::Connection::dispatchMessage(std::__1::unique_ptr<IPC::Decoder, std::__1::default_delete<IPC::Decoder> >) + 721 Connection.cpp:0 102 com.apple.WebKit 0x1060aeeec IPC::Connection::dispatchMessage(IPC::Decoder&) + 476 Connection.cpp:979 101 com.apple.WebKit 0x106ecca46 WebKit::NetworkProcessConnection::didReceiveMessage(IPC::Connection&, IPC::Decoder&) + 166 NetworkProcessConnection.cpp:79 100 com.apple.WebKit 0x1072b44dc WebKit::WebResourceLoader::didReceiveWebResourceLoaderMessage(IPC::Connection&, IPC::Decoder&) + 636 WebResourceLoaderMessageReceiver.cpp:65 99 com.apple.WebKit 0x1072b4e28 void IPC::handleMessage<Messages::WebResourceLoader::DidFinishResourceLoad, WebKit::WebResourceLoader, void (WebKit::WebResourceLoader::*)(WebCore::NetworkLoadMetrics const&)>(IPC::Decoder&, WebKit::WebResourceLoader*, void (WebKit::WebResourceLoader::*)(WebCore::NetworkLoadMetrics const&)) + 296 HandleMessage.h:134 98 com.apple.WebKit 0x1072b5b20 void IPC::callMemberFunction<WebKit::WebResourceLoader, void (WebKit::WebResourceLoader::*)(WebCore::NetworkLoadMetrics const&), std::__1::tuple<WebCore::NetworkLoadMetrics>, std::__1::integer_sequence<unsigned long, 0ul> >(std::__1::tuple<WebCore::NetworkLoadMetrics>&&, WebKit::WebResourceLoader*, void (WebKit::WebResourceLoader::*)(WebCore::NetworkLoadMetrics const&)) + 96 HandleMessage.h:48 97 com.apple.WebKit 0x1072b5c9a void IPC::callMemberFunctionImpl<WebKit::WebResourceLoader, void (WebKit::WebResourceLoader::*)(WebCore::NetworkLoadMetrics const&), std::__1::tuple<WebCore::NetworkLoadMetrics>, 0ul>(WebKit::WebResourceLoader*, void (WebKit::WebResourceLoader::*)(WebCore::NetworkLoadMetrics const&), std::__1::tuple<WebCore::NetworkLoadMetrics>&&, std::__1::integer_sequence<unsigned long, 0ul>) + 154 HandleMessage.h:42 96 com.apple.WebKit 0x106edab49 WebKit::WebResourceLoader::didFinishResourceLoad(WebCore::NetworkLoadMetrics const&) + 457 WebResourceLoader.cpp:154 95 com.apple.WebCore 0x70299150f WebCore::SubresourceLoader::didFinishLoading(WebCore::NetworkLoadMetrics const&) + 799 SubresourceLoader.cpp:636 94 com.apple.WebCore 0x702a08096 WebCore::CachedRawResource::finishLoading(WebCore::SharedBuffer*) + 326 CachedRawResource.cpp:121 93 com.apple.WebCore 0x702a08501 WebCore::CachedResource::finishLoading(WebCore::SharedBuffer*) + 49 CachedResource.cpp:366 92 com.apple.WebCore 0x702a0d6af WebCore::CachedResource::checkNotify() + 127 CachedResource.cpp:348 91 com.apple.WebCore 0x7028bfaea WebCore::DocumentLoader::notifyFinished(WebCore::CachedResource&) + 202 DocumentLoader.cpp:377 90 com.apple.WebCore 0x7028b6587 WebCore::ContentFilter::continueAfterNotifyFinished(WebCore::CachedResource&) + 359 ContentFilter.cpp:187 89 com.apple.WebCore 0x7028b6387 WebCore::ContentFilter::deliverResourceData(WebCore::CachedResource&) + 311 ContentFilter.cpp:252 88 com.apple.WebCore 0x7028c6856 WebCore::DocumentLoader::dataReceived(WebCore::CachedResource&, char const*, int) + 150 DocumentLoader.cpp:1102 87 com.apple.WebCore 0x7028c5f35 WebCore::DocumentLoader::dataReceived(char const*, int) + 613 DocumentLoader.cpp:1129 86 com.apple.WebCore 0x7028c600d WebCore::DocumentLoader::commitLoad(char const*, int) + 205 DocumentLoader.cpp:987 85 com.apple.WebKit 0x106fc21af WebKit::WebFrameLoaderClient::committedLoad(WebCore::DocumentLoader*, char const*, int) + 79 WebFrameLoaderClient.cpp:1035 84 com.apple.WebCore 0x7028c0d96 WebCore::DocumentLoader::commitData(char const*, unsigned long) + 2630 DocumentLoader.cpp:0 83 com.apple.WebCore 0x70290031b WebCore::DocumentWriter::addData(char const*, unsigned long) + 219 DocumentWriter.cpp:254 82 com.apple.WebCore 0x7025e9869 WebCore::MediaDocumentParser::appendBytes(WebCore::DocumentWriter&, char const*, unsigned long) + 57 MediaDocument.cpp:143 81 com.apple.WebCore 0x7025e9681 WebCore::MediaDocumentParser::createDocumentStructure() + 913 MediaDocument.cpp:127 80 com.apple.WebCore 0x7020e5116 WebCore::ContainerNode::appendChild(WebCore::Node&) + 246 ContainerNode.cpp:686 79 com.apple.WebCore 0x7020e20ab WebCore::ContainerNode::appendChildWithoutPreInsertionValidityCheck(WebCore::Node&) + 571 ContainerNode.cpp:710 78 com.apple.WebCore 0x7020e5455 void WebCore::executeNodeInsertionWithScriptAssertion<WebCore::ContainerNode::appendChildWithoutPreInsertionValidityCheck(WebCore::Node&)::$_4>(WebCore::ContainerNode&, WebCore::Node&, WebCore::ContainerNode::ChildChangeSource, WebCore::ReplacedAllChildren, WebCore::ContainerNode::appendChildWithoutPreInsertionValidityCheck(WebCore::Node&)::$_4) + 805 ContainerNode.cpp:213 77 com.apple.WebCore 0x702523664 WebCore::HTMLMediaElement::didFinishInsertingNode() + 324 HTMLMediaElement.cpp:931 76 com.apple.WebCore 0x7025224e5 WebCore::HTMLMediaElement::configureMediaControls() + 261 HTMLMediaElement.cpp:6509 75 com.apple.WebCore 0x702538b97 WebCore::HTMLMediaElement::ensureMediaControlsShadowRoot() + 167 HTMLMediaElement.cpp:4357 74 com.apple.WebCore 0x7021f0836 WebCore::Element::ensureUserAgentShadowRoot() + 198 Element.cpp:2103 73 com.apple.WebCore 0x7021effd6 WebCore::Element::addShadowRoot(WTF::Ref<WebCore::ShadowRoot, WTF::DumbPtrTraits<WebCore::ShadowRoot> >&&) + 646 Element.cpp:2010 72 com.apple.WebCore 0x7025445df WebCore::HTMLMediaElement::didAddUserAgentShadowRoot(WebCore::ShadowRoot&) + 175 HTMLMediaElement.cpp:7289 71 com.apple.WebCore 0x702538d74 WebCore::HTMLMediaElement::setupAndCallJS(WTF::Function<bool (WebCore::JSDOMGlobalObject&, JSC::ExecState&, WebCore::ScriptController&, WebCore::DOMWrapperWorld&)> const&) + 436 HTMLMediaElement.cpp:4377 70 com.apple.WebCore 0x702539039 WTF::Function<bool (WebCore::JSDOMGlobalObject&, JSC::ExecState&, WebCore::ScriptController&, WebCore::DOMWrapperWorld&)>::operator()(WebCore::JSDOMGlobalObject&, JSC::ExecState&, WebCore::ScriptController&, WebCore::DOMWrapperWorld&) const + 281 Function.h:56 69 com.apple.WebCore 0x70257cc14 WTF::Function<bool (WebCore::JSDOMGlobalObject&, JSC::ExecState&, WebCore::ScriptController&, WebCore::DOMWrapperWorld&)>::CallableWrapper<WebCore::HTMLMediaElement::didAddUserAgentShadowRoot(WebCore::ShadowRoot&)::$_31>::call(WebCore::JSDOMGlobalObject&, JSC::ExecState&, WebCore::ScriptController&, WebCore::DOMWrapperWorld&) + 100 Function.h:101 68 com.apple.WebCore 0x70257d02c WebCore::HTMLMediaElement::didAddUserAgentShadowRoot(WebCore::ShadowRoot&)::$_31::operator()(WebCore::JSDOMGlobalObject&, JSC::ExecState&, WebCore::ScriptController&, WebCore::DOMWrapperWorld&) const + 1004 HTMLMediaElement.cpp:7325 67 com.apple.JavaScriptCore 0x71226e32c JSC::call(JSC::ExecState*, JSC::JSValue, JSC::CallType, JSC::CallData const&, JSC::JSValue, JSC::ArgList const&) + 236 CallData.cpp:41 66 com.apple.JavaScriptCore 0x711fa4929 JSC::Interpreter::executeCall(JSC::ExecState*, JSC::JSObject*, JSC::CallType, JSC::CallData const&, JSC::JSValue, JSC::ArgList const&) + 1433 Interpreter.cpp:891 65 com.apple.JavaScriptCore 0x711fa428e JSC::JITCode::execute(JSC::VM*, JSC::ProtoCallFrame*) + 206 JITCodeInlines.h:38 64 com.apple.JavaScriptCore 0x71134f0f2 vmEntryToJavaScript + 273 LowLevelInterpreter64.asm:295 63 com.apple.JavaScriptCore 0x711362a15 llint_entry + 79532 LowLevelInterpreter.asm:899 62 com.apple.JavaScriptCore 0x7113621eb llint_entry + 77442 LowLevelInterpreter.asm:899 61 com.apple.JavaScriptCore 0x711362a15 llint_entry + 79532 LowLevelInterpreter.asm:899 60 com.apple.JavaScriptCore 0x711362a15 llint_entry + 79532 LowLevelInterpreter.asm:899 59 com.apple.JavaScriptCore 0x711362a15 llint_entry + 79532 LowLevelInterpreter.asm:899 58 com.apple.JavaScriptCore 0x711356cfe llint_entry + 31125 LowLevelInterpreter64.asm:344 57 com.apple.JavaScriptCore 0x7120ad97b llint_slow_path_put_by_id + 811 LLIntSlowPaths.cpp:851 56 com.apple.JavaScriptCore 0x711cb5893 JSC::JSValue::putInline(JSC::ExecState*, JSC::PropertyName, JSC::JSValue, JSC::PutPropertySlot&) + 163 JSCJSValueInlines.h:951 55 com.apple.JavaScriptCore 0x711cb35d8 JSC::JSCell::putInline(JSC::ExecState*, JSC::PropertyName, JSC::JSValue, JSC::PutPropertySlot&) + 152 JSCellInlines.h:408 54 com.apple.JavaScriptCore 0x711cb3b08 JSC::JSObject::putInlineForJSObject(JSC::JSCell*, JSC::ExecState*, JSC::PropertyName, JSC::JSValue, JSC::PutPropertySlot&) + 1256 JSObjectInlines.h:245 53 com.apple.JavaScriptCore 0x7123d7b33 JSC::JSObject::putInlineSlow(JSC::ExecState*, JSC::PropertyName, JSC::JSValue, JSC::PutPropertySlot&) + 883 JSObject.cpp:779 52 com.apple.JavaScriptCore 0x7122dd203 JSC::callSetter(JSC::ExecState*, JSC::JSValue, JSC::JSValue, JSC::JSValue, JSC::ECMAMode) + 627 GetterSetter.cpp:82 51 com.apple.JavaScriptCore 0x71226e32c JSC::call(JSC::ExecState*, JSC::JSValue, JSC::CallType, JSC::CallData const&, JSC::JSValue, JSC::ArgList const&) + 236 CallData.cpp:41 50 com.apple.JavaScriptCore 0x711fa4929 JSC::Interpreter::executeCall(JSC::ExecState*, JSC::JSObject*, JSC::CallType, JSC::CallData const&, JSC::JSValue, JSC::ArgList const&) + 1433 Interpreter.cpp:891 49 com.apple.JavaScriptCore 0x711fa428e JSC::JITCode::execute(JSC::VM*, JSC::ProtoCallFrame*) + 206 JITCodeInlines.h:38 48 com.apple.JavaScriptCore 0x71134f0f2 vmEntryToJavaScript + 273 LowLevelInterpreter64.asm:295 47 com.apple.JavaScriptCore 0x7113621eb llint_entry + 77442 LowLevelInterpreter.asm:899 46 com.apple.JavaScriptCore 0x7113621d9 llint_entry + 77424 LowLevelInterpreter.asm:995 45 com.apple.JavaScriptCore 0x7120b6e12 llint_slow_path_call + 210 LLIntSlowPaths.cpp:1596 44 com.apple.JavaScriptCore 0x7120b6f22 JSC::SlowPathReturnType JSC::LLInt::genericCall<JSC::OpCall>(JSC::ExecState*, JSC::OpCall&&, JSC::CodeSpecializationKind) + 194 LLIntSlowPaths.cpp:1590 43 com.apple.JavaScriptCore 0x7120be13a JSC::LLInt::setUpCall(JSC::ExecState*, JSC::CodeSpecializationKind, JSC::JSValue, JSC::LLIntCallLinkInfo*) + 1498 LLIntSlowPaths.cpp:1537 42 com.apple.JavaScriptCore 0x711fa4ae0 JSC::JSObject* JSC::ScriptExecutable::prepareForExecution<JSC::FunctionExecutable>(JSC::VM&, JSC::JSFunction*, JSC::JSScope*, JSC::CodeSpecializationKind, JSC::CodeBlock*&) + 144 CodeBlock.h:1057 41 com.apple.JavaScriptCore 0x7124e689d JSC::ScriptExecutable::prepareForExecutionImpl(JSC::VM&, JSC::JSFunction*, JSC::JSScope*, JSC::CodeSpecializationKind, JSC::CodeBlock*&) + 429 ScriptExecutable.cpp:352 40 com.apple.JavaScriptCore 0x7124e594f JSC::ScriptExecutable::newCodeBlockFor(JSC::CodeSpecializationKind, JSC::JSFunction*, JSC::JSScope*, JSC::JSObject*&) + 3295 ScriptExecutable.cpp:257 39 com.apple.JavaScriptCore 0x711887b67 JSC::UnlinkedFunctionExecutable::unlinkedCodeBlockFor(JSC::VM&, JSC::SourceCode const&, JSC::CodeSpecializationKind, JSC::DebuggerMode, JSC::ParserError&, JSC::SourceParseMode) + 311 UnlinkedFunctionExecutable.cpp:212 38 com.apple.JavaScriptCore 0x7118882c6 JSC::generateUnlinkedFunctionCodeBlock(JSC::VM&, JSC::UnlinkedFunctionExecutable*, JSC::SourceCode const&, JSC::CodeSpecializationKind, JSC::DebuggerMode, JSC::UnlinkedFunctionKind, JSC::ParserError&, JSC::SourceParseMode) + 1558 UnlinkedFunctionExecutable.cpp:74 37 com.apple.JavaScriptCore 0x71188b589 JSC::ParserError JSC::BytecodeGenerator::generate<JSC::FunctionNode, JSC::UnlinkedFunctionCodeBlock>(JSC::VM&, JSC::FunctionNode*, JSC::SourceCode const&, JSC::UnlinkedFunctionCodeBlock*, JSC::DebuggerMode, JSC::VariableEnvironment const*) + 633 BytecodeGenerator.h:405 36 com.apple.JavaScriptCore 0x7118a0b5f JSC::BytecodeGenerator::generate() + 1199 BytecodeGenerator.cpp:239 35 com.apple.JavaScriptCore 0x7118f1036 JSC::FunctionNode::emitBytecode(JSC::BytecodeGenerator&, JSC::RegisterID*) + 4422 NodesCodegen.cpp:3865 34 com.apple.JavaScriptCore 0x7118efee7 JSC::ScopeNode::emitStatementsBytecode(JSC::BytecodeGenerator&, JSC::RegisterID*) + 71 NodesCodegen.cpp:3690 33 com.apple.JavaScriptCore 0x7118e9723 JSC::SourceElements::emitBytecode(JSC::BytecodeGenerator&, JSC::RegisterID*) + 243 NodesCodegen.cpp:2663 32 com.apple.JavaScriptCore 0x7118ea6df JSC::BytecodeGenerator::emitNodeInTailPosition(JSC::RegisterID*, JSC::StatementNode*) + 303 BytecodeGenerator.h:508 31 com.apple.JavaScriptCore 0x7118e9616 JSC::BlockNode::emitBytecode(JSC::BytecodeGenerator&, JSC::RegisterID*) + 102 NodesCodegen.cpp:2678 30 com.apple.JavaScriptCore 0x7118e9723 JSC::SourceElements::emitBytecode(JSC::BytecodeGenerator&, JSC::RegisterID*) + 243 NodesCodegen.cpp:2663 29 com.apple.JavaScriptCore 0x7118ea6df JSC::BytecodeGenerator::emitNodeInTailPosition(JSC::RegisterID*, JSC::StatementNode*) + 303 BytecodeGenerator.h:508 28 com.apple.JavaScriptCore 0x7118e989b JSC::ExprStatementNode::emitBytecode(JSC::BytecodeGenerator&, JSC::RegisterID*) + 139 NodesCodegen.cpp:2701 27 com.apple.JavaScriptCore 0x7118af5ee JSC::BytecodeGenerator::emitNode(JSC::RegisterID*, JSC::ExpressionNode*) + 78 BytecodeGenerator.h:530 26 com.apple.JavaScriptCore 0x7118e651f JSC::BytecodeGenerator::emitNodeInTailPosition(JSC::RegisterID*, JSC::ExpressionNode*) + 303 BytecodeGenerator.h:541 25 com.apple.JavaScriptCore 0x7118e7e59 JSC::AssignDotNode::emitBytecode(JSC::BytecodeGenerator&, JSC::RegisterID*) + 185 NodesCodegen.cpp:2539 24 com.apple.JavaScriptCore 0x7118af5ee JSC::BytecodeGenerator::emitNode(JSC::RegisterID*, JSC::ExpressionNode*) + 78 BytecodeGenerator.h:530 23 com.apple.JavaScriptCore 0x7118e651f JSC::BytecodeGenerator::emitNodeInTailPosition(JSC::RegisterID*, JSC::ExpressionNode*) + 303 BytecodeGenerator.h:541 22 com.apple.JavaScriptCore 0x7118dd90c JSC::FunctionCallDotNode::emitBytecode(JSC::BytecodeGenerator&, JSC::RegisterID*) + 988 NodesCodegen.cpp:1329 21 com.apple.JavaScriptCore 0x7118bff10 JSC::BytecodeGenerator::emitCallInTailPosition(JSC::RegisterID*, JSC::RegisterID*, JSC::ExpectedFunction, JSC::CallArguments&, JSC::JSTextPosition const&, JSC::JSTextPosition const&, JSC::JSTextPosition const&, JSC::DebuggableCall) + 240 BytecodeGenerator.cpp:3111 20 com.apple.JavaScriptCore 0x7118bfb5b JSC::RegisterID* JSC::BytecodeGenerator::emitCall<JSC::OpCall>(JSC::RegisterID*, JSC::RegisterID*, JSC::ExpectedFunction, JSC::CallArguments&, JSC::JSTextPosition const&, JSC::JSTextPosition const&, JSC::JSTextPosition const&, JSC::DebuggableCall) + 1419 BytecodeGenerator.cpp:3207 19 com.apple.JavaScriptCore 0x7118af5ee JSC::BytecodeGenerator::emitNode(JSC::RegisterID*, JSC::ExpressionNode*) + 78 BytecodeGenerator.h:530 18 com.apple.JavaScriptCore 0x7118e651f JSC::BytecodeGenerator::emitNodeInTailPosition(JSC::RegisterID*, JSC::ExpressionNode*) + 303 BytecodeGenerator.h:541 17 com.apple.JavaScriptCore 0x7118d5b2b JSC::ArgumentListNode::emitBytecode(JSC::BytecodeGenerator&, JSC::RegisterID*) + 139 NodesCodegen.cpp:781 16 com.apple.JavaScriptCore 0x7118af5ee JSC::BytecodeGenerator::emitNode(JSC::RegisterID*, JSC::ExpressionNode*) + 78 BytecodeGenerator.h:530 15 com.apple.JavaScriptCore 0x7118e651f JSC::BytecodeGenerator::emitNodeInTailPosition(JSC::RegisterID*, JSC::ExpressionNode*) + 303 BytecodeGenerator.h:541 14 com.apple.JavaScriptCore 0x7118f14be JSC::ArrowFuncExprNode::emitBytecode(JSC::BytecodeGenerator&, JSC::RegisterID*) + 78 NodesCodegen.cpp:3910 13 com.apple.JavaScriptCore 0x7118bef0a JSC::BytecodeGenerator::emitNewArrowFunctionExpression(JSC::RegisterID*, JSC::ArrowFuncExprNode*) + 202 BytecodeGenerator.cpp:3042 12 com.apple.JavaScriptCore 0x7118b71ac JSC::BytecodeGenerator::emitNewFunctionExpressionCommon(JSC::RegisterID*, JSC::FunctionMetadataNode*) + 60 BytecodeGenerator.cpp:3010 11 com.apple.JavaScriptCore 0x7118ac607 JSC::BytecodeGenerator::makeFunction(JSC::FunctionMetadataNode*) + 455 BytecodeGenerator.h:1150 10 com.apple.JavaScriptCore 0x7116ebe14 JSC::UnlinkedFunctionExecutable::create(JSC::VM*, JSC::SourceCode const&, JSC::FunctionMetadataNode*, JSC::UnlinkedFunctionKind, JSC::ConstructAbility, JSC::JSParserScriptMode, JSC::VariableEnvironment&, JSC::DerivedContextType, bool) + 228 UnlinkedFunctionExecutable.h:69 9 com.apple.JavaScriptCore 0x711887017 JSC::UnlinkedFunctionExecutable::UnlinkedFunctionExecutable(JSC::VM*, JSC::Structure*, JSC::SourceCode const&, JSC::FunctionMetadataNode*, JSC::UnlinkedFunctionKind, JSC::ConstructAbility, JSC::JSParserScriptMode, JSC::VariableEnvironment&, JSC::DerivedContextType, bool) + 167 UnlinkedFunctionExecutable.cpp:120 8 com.apple.JavaScriptCore 0x711886871 JSC::UnlinkedFunctionExecutable::UnlinkedFunctionExecutable(JSC::VM*, JSC::Structure*, JSC::SourceCode const&, JSC::FunctionMetadataNode*, JSC::UnlinkedFunctionKind, JSC::ConstructAbility, JSC::JSParserScriptMode, JSC::VariableEnvironment&, JSC::DerivedContextType, bool) + 1137 UnlinkedFunctionExecutable.cpp:113 7 com.apple.JavaScriptCore 0x7121fe6e6 JSC::CompactVariableMap::get(JSC::VariableEnvironment const&) + 70 VariableEnvironment.cpp:156 6 com.apple.JavaScriptCore 0x7121fe32d JSC::CompactVariableEnvironment::CompactVariableEnvironment(JSC::VariableEnvironment const&) + 29 VariableEnvironment.cpp:123 5 com.apple.JavaScriptCore 0x7121fdc11 JSC::CompactVariableEnvironment::CompactVariableEnvironment(JSC::VariableEnvironment const&) + 561 VariableEnvironment.cpp:112 4 com.apple.JavaScriptCore 0x7121fe03f WTF::Vector<WTF::RefPtr<WTF::UniquedStringImpl, WTF::DumbPtrTraits<WTF::UniquedStringImpl> >, 0ul, WTF::CrashOnOverflow, 16ul>::reserveInitialCapacity(unsigned long) + 239 Vector.h:1222 3 com.apple.JavaScriptCore 0x71210c953 WTF::VectorBufferBase<WTF::RefPtr<WTF::UniquedStringImpl, WTF::DumbPtrTraits<WTF::UniquedStringImpl> > >::allocateBuffer(unsigned long) + 179 Vector.h:293 2 com.apple.JavaScriptCore 0x710eaadcc WTF::fastMalloc(unsigned long) + 124 FastMalloc.cpp:187 1 libsystem_malloc.dylib 0x7fff6355a783 malloc + 24 0 libsystem_malloc.dylib 0x7fff6355a82b malloc_zone_malloc + 139 ==== 1 (64 bytes) ROOT LEAK: 0x7fb3c17c3590 [64] 1492789 1 358646 ddkilzer 2019-01-08 15:58:33 -0800 Created attachment 358646 Patch v1 1492790 2 ddkilzer 2019-01-08 15:59:13 -0800 <rdar://problem/46651026> 1492791 3 ddkilzer 2019-01-08 16:03:00 -0800 Or, if we don't expect JSC::CompactVariableEnvironment to use any heap-allocated memory, then we need to set the size of the Vector<> instance variables as appropriate to prevent heap allocations. 1492810 4 358646 ysuzuki 2019-01-08 16:40:38 -0800 Comment on attachment 358646 Patch v1 r=me 1492821 5 358646 commit-queue 2019-01-08 16:56:44 -0800 Comment on attachment 358646 Patch v1 Clearing flags on attachment: 358646 Committed r239755: <https://trac.webkit.org/changeset/239755> 1492822 6 commit-queue 2019-01-08 16:56:46 -0800 All reviewed patches have been landed. Closing bug. 1492823 7 358646 saam 2019-01-08 17:00:02 -0800 Comment on attachment 358646 Patch v1 View in context: https://bugs.webkit.org/attachment.cgi?id=358646&action=review > Source/JavaScriptCore/parser/VariableEnvironment.cpp:182 > + delete m_environment; Nice catch. (I can't believe I wrote that...) 1492845 8 358646 ddkilzer 2019-01-08 19:28:24 -0800 Comment on attachment 358646 Patch v1 View in context: https://bugs.webkit.org/attachment.cgi?id=358646&action=review >> Source/JavaScriptCore/parser/VariableEnvironment.cpp:182 >> + delete m_environment; > > Nice catch. (I can't believe I wrote that...) If both Vector instance variables were allocated inline (and never had to be resized to use separate heap-allocated buffers), it would have worked. Maybe that was the case at some point in the past? 358646 2019-01-08 15:58:33 -0800 2019-01-08 16:56:44 -0800 Patch v1 bug-193264-20190108155832.patch text/plain 1760 ddkilzer U3VidmVyc2lvbiBSZXZpc2lvbjogMjM5NzA5CmRpZmYgLS1naXQgYS9Tb3VyY2UvSmF2YVNjcmlw dENvcmUvQ2hhbmdlTG9nIGIvU291cmNlL0phdmFTY3JpcHRDb3JlL0NoYW5nZUxvZwppbmRleCAz MDYzYzZkNTYzZTZjNzMzNmNkYzI1MmRiZDM3NmZiNTY4NDljYmU5Li4yMWI1YTlhNWY2MTliZDFi MDdhNmNmOTBiMDZiZjk1ZjRmMDM3ZjU5IDEwMDY0NAotLS0gYS9Tb3VyY2UvSmF2YVNjcmlwdENv cmUvQ2hhbmdlTG9nCisrKyBiL1NvdXJjZS9KYXZhU2NyaXB0Q29yZS9DaGFuZ2VMb2cKQEAgLTEs MyArMSwxOSBAQAorMjAxOS0wMS0wOCAgRGF2aWQgS2lsemVyICA8ZGRraWx6ZXJAYXBwbGUuY29t PgorCisgICAgICAgIExlYWsgb2YgVmVjdG9yQnVmZmVyQmFzZS5tX2J1ZmZlciAoMTYtNjQgYnl0 ZXMpIHVuZGVyIEpTQzo6Q29tcGFjdFZhcmlhYmxlRW52aXJvbm1lbnQgaW4gY29tLmFwcGxlLldl YktpdC5XZWJDb250ZW50IHJ1bm5pbmcgbGF5b3V0IHRlc3RzCisgICAgICAgIDxodHRwczovL3dl YmtpdC5vcmcvYi8xOTMyNjQ+CisgICAgICAgIDxyZGFyOi8vcHJvYmxlbS80NjY1MTAyNj4KKwor ICAgICAgICBSZXZpZXdlZCBieSBOT0JPRFkgKE9PUFMhKS4KKworICAgICAgICAqIHBhcnNlci9W YXJpYWJsZUVudmlyb25tZW50LmNwcDoKKyAgICAgICAgKEpTQzo6Q29tcGFjdFZhcmlhYmxlTWFw OjpIYW5kbGU6On5IYW5kbGUpOiBDYWxsIGRlbGV0ZSBvbgorICAgICAgICBtX2Vudmlyb25tZW50 IGluc3RlYWQgb2YgZmFzdEZyZWUoKSB0byBtYWtlIHN1cmUgdGhlIGRlc3RydWN0b3JzCisgICAg ICAgIGZvciB0aGUgVmVjdG9yIGluc3RhbmNlIHZhcmlhYmxlcyBhcmUgcnVuLiAgVGhpcyBmaXhl cyB0aGUgbGVha3MKKyAgICAgICAgYmVjYXVzZSBjYWxsaW5nIGZhc3RGcmVlKCkgd291bGQgb25s eSBmcmVlIHRoZQorICAgICAgICBDb21wYWN0VmFyaWFibGVFbnZpcm9ubWVudCBvYmplY3QsIGJ1 dCBub3QgdGhlIGhlYXAtYmFzZWQKKyAgICAgICAgYnVmZmVycyBhbGxvY2F0ZWQgZm9yIHRoZSBW ZWN0b3IgaW5zdGFuY2UgdmFyaWFibGVzLgorCiAyMDE5LTAxLTA3ICBEZXZpbiBSb3Vzc28gIDxk cm91c3NvQGFwcGxlLmNvbT4KIAogICAgICAgICBXZWIgSW5zcGVjdG9yOiBleHRlbmQgWEhSIGJy ZWFrcG9pbnRzIHRvIHdvcmsgd2l0aCBmZXRjaApkaWZmIC0tZ2l0IGEvU291cmNlL0phdmFTY3Jp cHRDb3JlL3BhcnNlci9WYXJpYWJsZUVudmlyb25tZW50LmNwcCBiL1NvdXJjZS9KYXZhU2NyaXB0 Q29yZS9wYXJzZXIvVmFyaWFibGVFbnZpcm9ubWVudC5jcHAKaW5kZXggMjRmZDIzM2JjYTE0ZTQx M2IxYjE4NWM0ZTg3ZjAzNWI5YmQ4ZTFiZS4uYTM5NWZmNTg1YjZiZjNmMWM1ZTZlMjQzMzRkYzJk NjBmNTVkNWU4NSAxMDA2NDQKLS0tIGEvU291cmNlL0phdmFTY3JpcHRDb3JlL3BhcnNlci9WYXJp YWJsZUVudmlyb25tZW50LmNwcAorKysgYi9Tb3VyY2UvSmF2YVNjcmlwdENvcmUvcGFyc2VyL1Zh cmlhYmxlRW52aXJvbm1lbnQuY3BwCkBAIC0xNzksNyArMTc5LDcgQEAgQ29tcGFjdFZhcmlhYmxl TWFwOjpIYW5kbGU6On5IYW5kbGUoKQogICAgIGlmICghaXRlci0+dmFsdWUpIHsKICAgICAgICAg QVNTRVJUKG1fZW52aXJvbm1lbnQgPT0gJml0ZXItPmtleS5lbnZpcm9ubWVudCgpKTsKICAgICAg ICAgbV9tYXAtPm1fbWFwLnJlbW92ZShpdGVyKTsKLSAgICAgICAgZmFzdEZyZWUobV9lbnZpcm9u bWVudCk7CisgICAgICAgIGRlbGV0ZSBtX2Vudmlyb25tZW50OwogICAgIH0KIH0KIAo=