[Webkit-unassigned] [Bug 120508] New: Fix XMLHttpRequest leak document when send() is called multiple times
bugzilla-daemon at webkit.org
bugzilla-daemon at webkit.org
Thu Aug 29 20:44:48 PDT 2013
https://bugs.webkit.org/show_bug.cgi?id=120508
Summary: Fix XMLHttpRequest leak document when send() is called
multiple times
Product: WebKit
Version: 528+ (Nightly build)
Platform: Unspecified
OS/Version: Unspecified
Status: NEW
Keywords: BlinkMergeCandidate
Severity: Normal
Priority: P2
Component: XML
AssignedTo: webkit-unassigned at lists.webkit.org
ReportedBy: rniwa at webkit.org
CC: darin at apple.com, ap at webkit.org, mrowe at apple.com,
aestes at apple.com
Consider merging https://chromium.googlesource.com/chromium/blink/+/3a1a3f05e3a139166f5fa81d1acf3d512cf1c9a1
if the bug exists in WebKit as well
XMLHttpRequest creates a ThreadableLoader which may call XHR async, so it setPendingActivity() to avoid being destroyed. However, before this patch, unsetPendingActivity() was called asynchronously after ThreadableLoader was destroyed, so it lead to multiple problems:
a) When next m_loader was set in send() with pending unsetPendingActivity(), the pendingActivity may be dropped even when there exists new m_loader need protection.
b) pendingActivity may be set multiple times from pending unsetPendingActivity(), but dropProtectionSoon() only decrements m_pendingActivityCount by one, leading to a leak.
This patch fix the above problems by unsetPendingActivity() synchronously with m_loader destruction where possible. XMLHttpRequest::stop() still uses asynchronous unsetPendingActivity() to workaround issues mentioned in r152266.
The file "leak-check.js" was moved from fast/dom to fast/js to enable access from http tests.
--
Configure bugmail: https://bugs.webkit.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug.
More information about the webkit-unassigned
mailing list