Animated GIFs causing memory leaks

[GoogleCodeExporter]

What steps will reproduce the problem?

1. Run cefclient.exe (release).
2. Navigate to URL of arbitrary animated GIF image. 
For example, 
http://goinglikesixty.com/wp-content/uploads/2010/10/imagesspiral.gif
3. Set a performance counter in PerfMon to observe working set size and leave 
it running for a few minutes.

What is the expected output? What do you see instead?

Expected: Working set to remain relatively stable.
Actual: Working set increases linearly with time (roughly 1MB/minute) 
indefinitely.

What version of the product are you using? On what operating system?

CEF r283. Windows 7 x64

Please provide any additional information below.

When testing the same image in Google Chrome (all extensions disabled, single 
tab), memory remains pretty much constant.

Original issue reported on code.google.com by yyankov on 7 Sep 2011 at 1:25

[GoogleCodeExporter]

The issue is reproducible in test_shell, too. But not in Chromium (compiled 
from source r100584).

Original comment by yyankov on 13 Sep 2011 at 11:53

[GoogleCodeExporter]

It appears this issue has been reported to Chromium:
http://code.google.com/p/chromium/issues/detail?id=81502

Starring it might help to get faster resolution.

Original comment by magreenb...@gmail.com on 21 Oct 2011 at 9:03

[GoogleCodeExporter]

Yes, I've seen this bug report, but, even if it has any merit at all, it is a 
different problem altogether. Maybe this particular bug has been fixed in 
Chrome since r82915. I cannot reproduce it (in Chrome).

In fact, I have tracked the cause for the leak down. Briefly, in test_shell 
there is performance statistics being accumulated on each paint, but unlike 
Chrome, this data is never discarded or otherwise dealt with afterwards. 
Animated GIFs do many more paints than anything else, so the leak becomes that 
much more obvious when one is playing. Seems like this problem is a carry-over 
from test_shell, but I have not had the time to finish my investigation, or 
file a proper follow-up to this bug report, ever since. I'll try to post more 
details in the coming days.

Original comment by yyankov on 21 Oct 2011 at 10:38

[GoogleCodeExporter]

On Mac there appears to be a memory leak in [NSView _drawRect:clip:] for each 
redraw. Reporting of this leak for Chromium was suppressed in 
http://code.google.com/p/chromium/issues/detail?id=77265.

Original comment by magreenb...@gmail.com on 2 Dec 2011 at 5:18

• Changed state: Accepted
• Added labels: SPI

[GoogleCodeExporter]

Stack trace for the leak on Mac:

   0 libsystem_c.dylib malloc
   1 libstdc++.6.dylib operator new(unsigned long)
   2 libcef.dylib __gnu_cxx::new_allocator<int>::allocate(unsigned long, void const*)
   3 libcef.dylib std::_Vector_base<int, std::allocator<int> >::_M_allocate(unsigned long)
   4 libcef.dylib std::_Vector_base<int, std::allocator<int> >::_Vector_base(unsigned long, std::allocator<int> const&)
   5 libcef.dylib std::vector<int, std::allocator<int> >::vector(unsigned long, int const&, std::allocator<int> const&)
   6 libcef.dylib std::vector<int, std::allocator<int> >::vector(unsigned long, int const&, std::allocator<int> const&)
   7 libcef.dylib base::CachedRanges::CachedRanges(unsigned long, int)
   8 libcef.dylib base::CachedRanges::CachedRanges(unsigned long, int)
   9 libcef.dylib base::Histogram::Histogram(std::string const&, int, int, unsigned long)
  10 libcef.dylib base::Histogram::Histogram(std::string const&, int, int, unsigned long)
  11 libcef.dylib base::Histogram::FactoryGet(std::string const&, int, int, unsigned long, base::Histogram::Flags)
  12 libcef.dylib webkit_glue::WebKitPlatformSupportImpl::histogramCustomCounts(char const*, int, int, int, int)
  13 libcef.dylib WebCore::PlatformSupport::histogramCustomCounts(char const*, int, int, int, int)
  14 libcef.dylib WebKit::WebViewImpl::paint(CGContext*, WebKit::WebRect const&)
  15 libcef.dylib WebWidgetHost::PaintRect(gfx::Rect const&)
  16 libcef.dylib WebWidgetHost::Paint(SkRegion&)
  17 libcef.dylib -[BrowserWebView drawRect:]
  18 AppKit -[NSView _drawRect:clip:]
  19 AppKit -[NSView _recursiveDisplayRectIfNeededIgnoringOpacity:isVisibleRect:rectIsVisibleRectForView:topView:]
  20 AppKit -[NSView _recursiveDisplayRectIfNeededIgnoringOpacity:isVisibleRect:rectIsVisibleRectForView:topView:]
  21 AppKit -[NSView _recursiveDisplayRectIfNeededIgnoringOpacity:isVisibleRect:rectIsVisibleRectForView:topView:]
  22 AppKit -[NSThemeFrame _recursiveDisplayRectIfNeededIgnoringOpacity:isVisibleRect:rectIsVisibleRectForView:topView:]
  23 AppKit -[NSView _displayRectIgnoringOpacity:isVisibleRect:rectIsVisibleRectForView:]
  24 AppKit -[NSView displayIfNeeded]
  25 AppKit -[NSWindow displayIfNeeded]
  26 AppKit _handleWindowNeedsDisplayOrLayoutOrUpdateConstraints
  27 CoreFoundation _runLoopObserverWithBlockContext
  28 CoreFoundation __CFRUNLOOP_IS_CALLING_OUT_TO_AN_OBSERVER_CALLBACK_FUNCTION__
  29 CoreFoundation __CFRunLoopDoObservers
  30 CoreFoundation __CFRunLoopRun
  31 CoreFoundation CFRunLoopRunSpecific
  32 CoreFoundation CFRunLoopRunInMode
  33 HIToolbox RunCurrentEventLoopInMode
  34 HIToolbox ReceiveNextEventCommon
  35 HIToolbox BlockUntilNextEventMatchingListInMode
  36 AppKit _DPSNextEvent
  37 AppKit -[NSApplication nextEventMatchingMask:untilDate:inMode:dequeue:]
  38 AppKit -[NSApplication run]
  39 libcef.dylib base::MessagePumpNSApplication::DoRun(base::MessagePump::Delegate*)
  40 libcef.dylib base::MessagePumpCFRunLoopBase::Run(base::MessagePump::Delegate*)
  41 libcef.dylib MessageLoop::RunInternal()
  42 libcef.dylib MessageLoop::RunHandler()
  43 libcef.dylib MessageLoop::Run()
  44 libcef.dylib CefMessageLoopForUI::DoMessageLoopIteration()
  45 libcef.dylib CefMessageLoopForUI::RunMessageLoop()
  46 libcef.dylib CefProcess::RunMessageLoop()
  47 libcef.dylib CefRunMessageLoop()
  48 libcef.dylib cef_run_message_loop /Users/marshall/code/chromium/src/cef/libcef_dll/libcef_dll.cc:103
  49 cefclient CefRunMessageLoop()
  50 cefclient main /Users/marshall/code/chromium/src/cef/tests/cefclient/cefclient_mac.mm:571
  51 cefclient start

Original comment by magreenb...@gmail.com on 2 Dec 2011 at 5:41

[GoogleCodeExporter]

I have not had the time to work on this, but maybe the way I deal with the 
issue currently -- and I realize this is only a temporary solution -- may be of 
help. I do it by commenting out line 274 in 
webkit/glue/webkitplatformsupport_impl.cc @ r105051:

Index: webkit/glue/webkitplatformsupport_impl.cc
===================================================================
--- webkit/glue/webkitplatformsupport_impl.cc   (revision 105051)
+++ webkit/glue/webkitplatformsupport_impl.cc   (working copy)
@@ -274,7 +274,7 @@
       base::Histogram::FactoryGet(name, min, max, bucket_count,
           base::Histogram::kUmaTargetedHistogramFlag);
   DCHECK_EQ(name, counter->histogram_name());
-  counter->Add(sample);
+  //counter->Add(sample);
 }

 void WebKitPlatformSupportImpl::histogramEnumeration(

Original comment by yyankov on 2 Dec 2011 at 5:48

[GoogleCodeExporter]

Fixed in revision 402 by overriding the stats, histogram and event tracing 
methods in BrowserWebKitInit.

Original comment by magreenb...@gmail.com on 2 Dec 2011 at 6:08

[GoogleCodeExporter]

Original comment by magreenb...@gmail.com on 2 Dec 2011 at 6:08

• Changed state: Fixed

[GoogleCodeExporter]

Issue 452 has been merged into this issue.

Original comment by magreenb...@gmail.com on 13 Dec 2011 at 1:26