from correct account, sorry. On Tue, Sep 29, 2009 at 9:31 PM, Anton Muhin <ant...@google.com> wrote: > On Tue, Sep 29, 2009 at 9:07 PM, Jens Alfke <s...@google.com> wrote: >> A big V8/DOM memory leak I was chasing down turns out to be not a real leak, >> it's just that it takes five full GCs after closing a document for its >> resources to be freed. I'd been getting bored after two GCs, so it wasn't >> till Ivan mentioned the stickiness of the generated-function caches that I >> thought to turn it up to 5. > > This 5 number looks really odd. Do you have a simple way to reproduce > it? I'd love to have a look. The only hypothesis I immediately have > a long chain of JS wrapper - native something: wrapper gets collected, > releases native wrapper which makes another JS wrapper collectable... > >> This still seems like an opportunity for optimization — the >> WebCore::Document and WebCore::DOMWindow can have a lot of stuff hanging off >> of them, so we should try to clean them up more quickly after a same-process >> child tab closes. >> The sticky reference is actually to the v8::Context. The DOM objects hang on >> because they're pointed to by that context's globals. So if the context's >> globals could be cleared when Chrome's V8Proxy disposes the context, the DOM >> objects should go away at the next GC. >> Good news: There is a v8::Context::DetachGlobal method that appears to >> separate the globals from the context. Bad news: it doesn't appear to do >> what I expected it to. After it's called the context still seems to have a >> reference to the globals, because they still don't go away until later when >> the context is collected. >> I looked at the implementation, Bootstrapper::DetachGlobal >> (bootstrapper.cc:361) but I don't really understand what it's doing. The >> context internally has both a global() and a global_proxy() object, and this >> method seems to detach the latter but not the former. From the way they're >> created it looks like the global() points to the global_proxy(), explaining >> why there's still a connection after detaching. >> Is there a way I can sever the relationship from the context to the globals? >> Would it require adding a new V8 API method similar to DetachGlobal? >> (I did find one approach that sort of works: iterating over the global >> object's properties and removing them all. Unfortunately I can't use this >> because in some cases the V8Proxy requires the global object to stay intact >> after disposing the context, so it can be used with a new context, and at >> the point where the context is disposed I don't know whether that's going to >> happen or not.) > > There are indeed two global objects (and it is explicitly required by > HTML 5 and it's the way most of browser implements it): global object > proxy which forwards everything to a 'real' global object which is a > window. If you can give more explanations which of properties should > be retained after context disposal and when it's free to clear them, > that'd be really helpful. > > yours, > anton. > >> >> >> >
--~--~---------~--~----~------------~-------~--~----~ Chromium Developers mailing list: chromium-dev@googlegroups.com View archives, change email options, or unsubscribe: http://groups.google.com/group/chromium-dev -~----------~----~----~----~------~----~------~--~---