Issue 680806 link

Starred by 1 user

Issue metadata

Status:	Fixed
Owner:	szager@chromium.org
Closed:	Feb 2017
Cc:	szager@chromium.org ikilpatrick@chromium.org esprehn@chromium.org ojan@chromium.org
Components:	Blink>Layout
EstimatedDays:	----
NextAction:	----
OS:	----
Pri:	1
Type:	Bug

IntersectionObserver methods leak GC timing

Project Member Reported by esprehn@chromium.org, Jan 13 2017

Issue description

ex.

var root = document.createElement("div");
var observer = new IntersectionObserver(() => {}, {root:root});
root = null; // allow root to be collected since IO doesn't keep it alive.

while (true) {
  doSomething();
  try {
    observer.observe(null);
  } {
    // GC happened and not isRootValid() is false.
    break;
  }
}

You just need to make doSomething() do some work to potentially trigger a GC. This can also be used async, any time a method throws for an invalid root it leaks knowledge that a GC happened to the page.

Comment 1 by e...@chromium.org, Jan 17 2017

Owner: szager@chromium.org
Status: Assigned (was: Untriaged)

Project Member

Comment 2 by bugdroid1@chromium.org, Jan 19 2017

The following revision refers to this bug:
  https://chromium.googlesource.com/chromium/src.git/+/86f8eec3ff39b659e93a70f50aa8e8196277e8a9

commit 86f8eec3ff39b659e93a70f50aa8e8196277e8a9
Author: szager <szager@chromium.org>
Date: Thu Jan 19 00:32:23 2017

IntersectionObserver: remove gc-timing-revealing execeptions.

This also simplifies some of the teardown logic, and eliminates a few
calls to rootIsValid.

BUG= 680806 
R=esprehn@chromium.org,ojan@chromium.org

Review-Url: https://codereview.chromium.org/2646633002
Cr-Commit-Position: refs/heads/master@{#444566}

[modify] https://crrev.com/86f8eec3ff39b659e93a70f50aa8e8196277e8a9/third_party/WebKit/LayoutTests/intersection-observer/observer-exceptions-expected.txt
[modify] https://crrev.com/86f8eec3ff39b659e93a70f50aa8e8196277e8a9/third_party/WebKit/LayoutTests/intersection-observer/observer-exceptions.html
[modify] https://crrev.com/86f8eec3ff39b659e93a70f50aa8e8196277e8a9/third_party/WebKit/Source/core/dom/ElementIntersectionObserverData.cpp
[modify] https://crrev.com/86f8eec3ff39b659e93a70f50aa8e8196277e8a9/third_party/WebKit/Source/core/dom/IntersectionObservation.cpp
[modify] https://crrev.com/86f8eec3ff39b659e93a70f50aa8e8196277e8a9/third_party/WebKit/Source/core/dom/IntersectionObservation.h
[modify] https://crrev.com/86f8eec3ff39b659e93a70f50aa8e8196277e8a9/third_party/WebKit/Source/core/dom/IntersectionObserver.cpp
[modify] https://crrev.com/86f8eec3ff39b659e93a70f50aa8e8196277e8a9/third_party/WebKit/Source/core/dom/IntersectionObserver.h

Comment 3 by e...@chromium.org, Feb 2 2017

Status: Fixed (was: Assigned)

►

Issue 680806 link

Issue metadata

IntersectionObserver methods leak GC timing

Issue description

Comment 1 by e...@chromium.org, Jan 17 2017

Comment 1 Deleted

Comment 2 by bugdroid1@chromium.org, Jan 19 2017

Comment 2 Deleted

Comment 3 by e...@chromium.org, Feb 2 2017

Comment 3 Deleted

Sign in to add a comment