Search

Calling eval() in the WebBrowser control with a json object around 25k in size causes memory leak by SteveSteveSteveP

Closed
as External Help for as External

1
0
Sign in
 to vote
Type: Bug
ID: 780067
Opened: 2/26/2013 4:53:25 PM
Access Restriction: Public
0
Workaround(s)
0
User(s) can reproduce this bug
Calling WebBrowser.Document.InvokeScript and then calling the eval() in the script causes a memory leak.

Calling the following line, where jsonMessages is a json object of 27k is size will result in a virtual memory allocation of 81,920 bytes that is never collected. The same line, with a small object of 1k in size does not causes the memory leak.

var message = eval('(' + jsonMessages + ')');

The stack trace of the allocation is below.

Note that is includes Debug method calls, despite being compiled in release mode.

ntdll!NtAllocateVirtualMemory( HANDLE, PVOID*, ULONG, PULONG, ULONG, ULONG )
KERNELBASE!_VirtualAllocEx@20() + 0x44 bytes
KERNELBASE!_VirtualAlloc@16() + 0x18 bytes
jscript9!PageAllocator::AddPageSegment( class DListBase<class PageSegment> & ) + 0x3b bytes
jscript9!PageAllocator::SnailAllocPages( unsigned int,class PageSegment * * ) + 0xdf7 bytes
jscript9!PageAllocator::AllocPages( unsigned int,class PageSegment * * ) + 0x46 bytes
jscript9!ArenaAllocatorNoFreeList::AddBigBlock( unsigned int ) + 0x4f bytes
jscript9!ArenaAllocatorNoFreeList::SnailAlloc( unsigned int ) + 0x92 bytes
jscript9!PoolAllocator::Alloc( unsigned int ) + 0x1f6 bytes
jscript9!Js::GlobalObject::DefaultEvalHelper( class Js::ScriptContext *,unsigned short const *,int,unsigned long,unsigned long,unsigned short const *,int ) + 0x13a bytes
jscript9!Js::GlobalObject::EntryEval( class Js::RecyclableObject *,struct Js::CallInfo,... ) + 0x1ae bytes
jscript9!Js::JavascriptFunction::CallFunction( class Js::RecyclableObject *,void * (cdecl*)(class Js::RecyclableObject *,struct Js::CallInfo,...),struct Js::Arguments ) + 0x87 bytes
jscript9!Js::InterpreterStackFrame::OP_CallFld( struct Js::OpLayoutCallFld *,unsigned int ) + 0x4d bytes
jscript9!Js::InterpreterStackFrame::ProcessWithDebugging( void ) + 0x94e bytes
jscript9!Js::InterpreterStackFrame::DebugProcess( void ) + 0x3e bytes
jscript9!Js::InterpreterStackFrame::DebugProcessThunk( void * & ) + 0x69 bytes
jscript9!Js::InterpreterStackFrame::InterpreterThunk( class Js::RecyclableObject *,struct Js::CallInfo,... ) + 0x846ad bytes
jscript9!Js::JavascriptFunction::CallFunction( class Js::RecyclableObject *,void * (cdecl*)(class Js::RecyclableObject *,struct Js::CallInfo,...),struct Js::Arguments ) + 0x87 bytes
jscript9!Js::JavascriptFunction::CallRootFunction( class Js::RecyclableObject *,struct Js::Arguments,class Js::ScriptContext * ) + 0xa9 bytes
jscript9!ScriptSite::CallRootFunction( class Js::JavascriptFunction *,struct Js::Arguments,struct IServiceProvider *,void * * ) + 0x4f bytes
jscript9!ScriptSite::Execute( class Js::RecyclableObject *,struct Js::Arguments *,struct IServiceProvider *,void * * ) + 0x5f bytes
jscript9!JavascriptDispatch::InvokeOnMember( long,unsigned long,unsigned short,struct tagDISPPARAMS *,struct tagVARIANT *,struct tagEXCEPINFO *,struct IServiceProvider * ) + 0xffffd5d2 bytes
jscript9!JavascriptDispatch::InvokeEx( long,unsigned long,unsigned short,struct tagDISPPARAMS *,struct tagVARIANT *,struct tagEXCEPINFO *,struct IServiceProvider * ) + 0x456cd bytes
mshtml!CScriptCollection::InvokeEx( class CScriptContext *,long,unsigned long,unsigned short,struct tagDISPPARAMS *,struct tagVARIANT *,struct tagEXCEPINFO *,struct IServiceProvider * ) + 0x95 bytes
mshtml!CWindow::InvokeEx( long,unsigned long,unsigned short,struct tagDISPPARAMS *,struct tagVARIANT *,struct tagEXCEPINFO *,struct IServiceProvider * ) + 0x1d88 bytes
[Truncated]
Details (expand)

Visual Studio/Team Foundation Server/.NET Framework Tooling Version

Visual Studio 2012

Steps to reproduce

Sample c# app to reproduce downloadable from here: http://db.tt/yu7hfUb1

Generally speaking:


From a windows app hosting the WebBrowser control:

this.webBrowser1.Document.InvokeScript("onExternalMessage", new object[] {"jsonObject", _json});

In the html in the webbrowser:

onExternalMessage = function (messageType, jsonMessages) {

                     //LEAKY VERSION for large objects

                    message = eval('(' + jsonMessages + ')');

        };


using the json_parse() function from https://raw.github.com/douglascrockford/JSON-js/master/json_parse.js instead of eval() will not leak memory

Product Language

English

Operating System

Any

Operating System Language

English

Actual results

81,920 bytes allocated for every call to eval() that is never reclaimed

Expected results

New memory not allocated, or allocated and reclaimed.
File Attachments
0 attachments
Sign in to post a comment.
Posted by Microsoft on 2/26/2013 at 11:58 PM
The product team itself no longer directly accepting feedback for Microsoft Visual Studio 2010 and earlier products. You can get support for issues with Visual Studio 2010 and earlier by visiting one of the resources in the link below:
http://msdn.microsoft.com/en-us/vstudio/cc136615.aspx
Posted by Microsoft on 2/26/2013 at 5:50 PM
Thank you for your feedback, we are currently reviewing the issue you have submitted. If this issue is urgent, please contact support directly(http://support.microsoft.com)
Sign in to post a workaround.
© 2013 Microsoft Corporation. All rights reserved. Microsoft Connect Terms of Use | Trademarks | Privacy Statement