Bug 138915

Summary: Throttled DOMTimers can prevent their document from being garbage collected
Product: WebKit Reporter: Chris Dumez <cdumez>
Component: DOMAssignee: Chris Dumez <cdumez>
Status: RESOLVED FIXED    
Severity: Normal CC: barraclough, benjamin, cmarcelo, commit-queue, esprehn+autocc, ggaren, kangil.han, kling, koivisto
Priority: P2    
Version: 528+ (Nightly build)   
Hardware: Unspecified   
OS: Unspecified   
Bug Depends on: 138292    
Bug Blocks:    
Attachments:
Description Flags
Patch
none
Patch none

Chris Dumez
Reported 2014-11-20 00:31:45 PST
It seems throttled DOMTimers can prevent their document from being garbage collected. This is likely caused by DOMTimer::m_elementsCausingThrottling keeping a reference to the Elements that caused its throttling. It looks like we may need to use weak references to those Elements in DOMTimer. I realized this when trying to write a layout test for: https://bugs.webkit.org/show_bug.cgi?id=138914
Attachments
Patch (12.73 KB, patch)
2014-11-20 11:59 PST, Chris Dumez 		no flags
DetailsFormatted DiffDiff
Patch (14.15 KB, patch)
2014-11-21 18:07 PST, Chris Dumez 		no flags
DetailsFormatted DiffDiff
Show Obsolete (1) View All Add attachment proposed patch, testcase, etc.
Chris Dumez
Comment 1 2014-11-20 11:59:19 PST
Created attachment 241969 [details] Patch
Chris Dumez
Comment 2 2014-11-21 18:07:34 PST
Created attachment 242098 [details] Patch
Chris Dumez
Comment 3 2014-11-21 18:08:16 PST
Stop using a unique_ptr in ElementRareData as per Andreas' comments offline.
WebKit Commit Bot
Comment 4 2014-11-21 19:29:46 PST
Comment on attachment 242098 [details] Patch Clearing flags on attachment: 242098 Committed r176496: <http://trac.webkit.org/changeset/176496>
WebKit Commit Bot
Comment 5 2014-11-21 19:29:52 PST
All reviewed patches have been landed. Closing bug.
Note You need to log in before you can comment on or make changes to this bug.