[Webkit-unassigned] [Bug 98078] New: IndexedDB: IDBRequest/IDBCursor reference cycle not broken until transaction completes
bugzilla-daemon at webkit.org
bugzilla-daemon at webkit.org
Mon Oct 1 14:55:20 PDT 2012
https://bugs.webkit.org/show_bug.cgi?id=98078
Summary: IndexedDB: IDBRequest/IDBCursor reference cycle not
broken until transaction completes
Product: WebKit
Version: 528+ (Nightly build)
Platform: Unspecified
OS/Version: Unspecified
Status: NEW
Severity: Normal
Priority: P2
Component: WebCore Misc.
AssignedTo: webkit-unassigned at lists.webkit.org
ReportedBy: jsbell at chromium.org
CC: dgrogan at chromium.org, alecflett at chromium.org
IDBRequest maintains a RefPtr to IDBCursor (per spec, as |result|)
IDBCursor maintains a RefPtr to IDBRequest (per spec, as calling continue() re-uses the same cursor object)
We break this reference explicitly if (1) the transaction completes (via IDBTransaction::closeOpenCursors() => IDBCursor::close()) or (2) if the cursor hits the end (via IDBRequest::onSuccessInternal => IDBCursor::close()).
But until that time, the cursor holds on to values which can eat up memory on both the front and and back end. If script has released all references to both the cursor and request we should be able to destroy them and reclaim memory.
As a workaround, scripts can call continue() with a value past the end of the range, e.g. cursor.continue(-Infinity) or cursor.continue([[[]]]), depending on key structure.
--
Configure bugmail: https://bugs.webkit.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug.
More information about the webkit-unassigned
mailing list