Summary: | NavigationAction should not hold a strong reference to a Document | ||
---|---|---|---|
Product: | WebKit | Reporter: | Simon Fraser (smfr) <simon.fraser> |
Component: | Page Loading | Assignee: | Daniel Bates <dbates> |
Status: | RESOLVED FIXED | ||
Severity: | Normal | CC: | achristensen, beidson, bfulgham, cdumez, dbates, ews-watchlist, japhet, mitz, rniwa, sam, simon.fraser, webkit-bug-importer |
Priority: | P2 | Keywords: | InRadar |
Version: | WebKit Nightly Build | ||
Hardware: | Unspecified | ||
OS: | Unspecified | ||
Attachments: |
Description
Simon Fraser (smfr)
2018-05-16 21:39:49 PDT
WebFrameLoaderClient::dispatchDecidePolicyForNavigationAction uses this sourceDocument to get at URL and originating frameID. Maybe NavigationAction should store those instead of retaining the sourceDocument. This bug means that when you're browsing, we'll keep one more document alive than we did before. NavigationAction also retains the Event, which itself can retain EventTargets which are DOM nodes which can also entrain the entire document. Is this a regression? I am not even sure NavigationAction::event() is ever used? (In reply to Ryosuke Niwa from comment #5) > Is this a regression? No, this is not a regression per comment 4. We have exacerbated the memory issue following the fix for bug #165160. (In reply to Daniel Bates from comment #7) > (In reply to Ryosuke Niwa from comment #5) > > Is this a regression? > > No, this is not a regression per comment 4. We have exacerbated the memory > issue following the fix for bug #165160. * exacerbated the occurrence of ... (In reply to Chris Dumez from comment #6) > I am not even sure NavigationAction::event() is ever used? Can you please elaborate? Created attachment 341045 [details]
[Patch] Remove NavigationAction::sourceDocument()
Attachment 341045 [details] did not pass style-queue:
ERROR: Source/WebCore/loader/NavigationAction.cpp:42: Code inside a namespace should not be indented. [whitespace/indent] [4]
Total errors found: 1 in 3 files
If any of these errors are false positives, please file a bug against check-webkit-style.
Created attachment 341051 [details]
[Patch] Remove NavigationAction::sourceDocument()
Attachment 341051 [details] did not pass style-queue:
ERROR: Source/WebCore/loader/NavigationAction.cpp:42: Code inside a namespace should not be indented. [whitespace/indent] [4]
Total errors found: 1 in 3 files
If any of these errors are false positives, please file a bug against check-webkit-style.
Comment on attachment 341051 [details] [Patch] Remove NavigationAction::sourceDocument() Attachment 341051 [details] did not pass mac-wk2-ews (mac-wk2): Output: http://webkit-queues.webkit.org/results/7771476 New failing tests: http/tests/navigation/window-open-redirect-and-remove-opener.html Created attachment 341055 [details]
Archive of layout-test-results from ews106 for mac-sierra-wk2
The attached test failures were seen while running run-webkit-tests on the mac-wk2-ews.
Bot: ews106 Port: mac-sierra-wk2 Platform: Mac OS X 10.12.6
Comment on attachment 341051 [details] [Patch] Remove NavigationAction::sourceDocument() Attachment 341051 [details] did not pass mac-ews (mac): Output: http://webkit-queues.webkit.org/results/7771518 New failing tests: http/tests/navigation/window-open-redirect-and-remove-opener.html Created attachment 341056 [details]
Archive of layout-test-results from ews102 for mac-sierra
The attached test failures were seen while running run-webkit-tests on the mac-ews.
Bot: ews102 Port: mac-sierra Platform: Mac OS X 10.12.6
Comment on attachment 341051 [details] [Patch] Remove NavigationAction::sourceDocument() Attachment 341051 [details] did not pass ios-sim-ews (ios-simulator-wk2): Output: http://webkit-queues.webkit.org/results/7771580 New failing tests: http/tests/navigation/window-open-redirect-and-remove-opener.html Created attachment 341059 [details]
Archive of layout-test-results from ews121 for ios-simulator-wk2
The attached test failures were seen while running run-webkit-tests on the ios-sim-ews.
Bot: ews121 Port: ios-simulator-wk2 Platform: Mac OS X 10.13.4
Comment on attachment 341051 [details] [Patch] Remove NavigationAction::sourceDocument() Attachment 341051 [details] did not pass mac-debug-ews (mac): Output: http://webkit-queues.webkit.org/results/7771567 New failing tests: http/tests/navigation/window-open-redirect-and-remove-opener.html Created attachment 341060 [details]
Archive of layout-test-results from ews113 for mac-sierra
The attached test failures were seen while running run-webkit-tests on the mac-debug-ews.
Bot: ews113 Port: mac-sierra Platform: Mac OS X 10.12.6
Comment on attachment 341051 [details] [Patch] Remove NavigationAction::sourceDocument() Attachment 341051 [details] did not pass win-ews (win): Output: http://webkit-queues.webkit.org/results/7772175 New failing tests: http/tests/security/contentSecurityPolicy/userAgentShadowDOM/allow-video.html http/tests/security/canvas-remote-read-remote-video-redirect.html http/tests/navigation/window-open-redirect-and-remove-opener.html Created attachment 341065 [details]
Archive of layout-test-results from ews206 for win-future
The attached test failures were seen while running run-webkit-tests on the win-ews.
Bot: ews206 Port: win-future Platform: CYGWIN_NT-6.1-2.9.0-0.318-5-3-x86_64-64bit
Created attachment 341220 [details]
Patch
Attachment 341220 [details] did not pass style-queue:
ERROR: Source/WebCore/loader/NavigationAction.cpp:42: Code inside a namespace should not be indented. [whitespace/indent] [4]
Total errors found: 1 in 5 files
If any of these errors are false positives, please file a bug against check-webkit-style.
Comment on attachment 341220 [details] Patch View in context: https://bugs.webkit.org/attachment.cgi?id=341220&action=review Looks good! r=me. > Source/WebCore/loader/NavigationAction.cpp:40 > +NavigationAction::Requester::Requester(Document& document) Could this be 'const Document&'? Or does one of the frame methods mutate the document or frame? > Source/WebCore/loader/NavigationAction.cpp:57 > + return url.isBlankURL() || url.protocolIsData() || (url.protocolIsBlob() && document.securityOrigin().canRequest(url)); I don't think this whitespace change is helpful. In fact, it makes it more difficult to easily see which predicate is causing an early return. > Source/WebCore/loader/NavigationAction.h:60 > + Requester(Document&); const Document& > Source/WebKit/WebProcess/WebCoreSupport/WebFrameLoaderClient.cpp:851 > + originatingFrameInfoData.securityOrigin = SecurityOrigin::create(requester.url())->data(); Was the sourceDocument's SecurityOrigin member always computed dynamically, or was it cached? SecurityOrigin can be expensive to compute. Comment on attachment 341220 [details] Patch View in context: https://bugs.webkit.org/attachment.cgi?id=341220&action=review >> Source/WebCore/loader/NavigationAction.cpp:40 >> +NavigationAction::Requester::Requester(Document& document) > > Could this be 'const Document&'? Or does one of the frame methods mutate the document or frame? Will change. >> Source/WebCore/loader/NavigationAction.cpp:57 >> + return url.isBlankURL() || url.protocolIsData() || (url.protocolIsBlob() && document.securityOrigin().canRequest(url)); > > I don't think this whitespace change is helpful. In fact, it makes it more difficult to easily see which predicate is causing an early return. I am going to commit this as-is. The whitespace seems excessive and quickly looking through our code we typically do not break out disjuncts across multiple lines. >> Source/WebCore/loader/NavigationAction.h:60 >> + Requester(Document&); > > const Document& Will change. >> Source/WebKit/WebProcess/WebCoreSupport/WebFrameLoaderClient.cpp:851 >> + originatingFrameInfoData.securityOrigin = SecurityOrigin::create(requester.url())->data(); > > Was the sourceDocument's SecurityOrigin member always computed dynamically, or was it cached? SecurityOrigin can be expensive to compute. Will cache the origin. We actually need to do this for correctness for sandboxed documents. Such documents may have a URL with a file or network scheme (e.g. HTTP) and a unique origin. Committed r232216: <https://trac.webkit.org/changeset/232216> |