Navigation requests should be deleted when a renderer dies or is killed |
||
Issue descriptionHypothetical unbounded memory leak: - Start a navigation that results in a kill during DidCommitProvisionalLoad - During the kill a NavigationRequest will be retained inside RenderFrameHostImpl::navigation_requests_ - Repeat This was caught as a result of the discussion in https://chromium-review.googlesource.com/c/chromium/src/+/1089797/3/content/browser/frame_host/navigation_handle_impl.cc#980
,
Jul 31
Good catch! The fix looks good to me.
,
Jul 31
The following revision refers to this bug: https://chromium.googlesource.com/chromium/src.git/+/9904bfa39dc6eee84836ee16420bc8ffc6e7c7ac commit 9904bfa39dc6eee84836ee16420bc8ffc6e7c7ac Author: Lukasz Anforowicz <lukasza@chromium.org> Date: Tue Jul 31 22:19:55 2018 Delete NavigationRequest(s) in RenderFrameHostImpl::RenderProcessGone. Bug: 869193 Change-Id: I911ec71a13c432a0111bdd8ec9da0f5ab679d082 Reviewed-on: https://chromium-review.googlesource.com/1155828 Commit-Queue: Ćukasz Anforowicz <lukasza@chromium.org> Reviewed-by: Nasko Oskov <nasko@chromium.org> Cr-Commit-Position: refs/heads/master@{#579596} [modify] https://crrev.com/9904bfa39dc6eee84836ee16420bc8ffc6e7c7ac/content/browser/frame_host/render_frame_host_impl.cc [modify] https://crrev.com/9904bfa39dc6eee84836ee16420bc8ffc6e7c7ac/content/browser/security_exploit_browsertest.cc
,
Jul 31
|
||
►
Sign in to add a comment |
||
Comment 1 by lukasza@chromium.org
, Jul 30