New issue
Advanced search Search tips

Issue 903705 link

Starred by 3 users
Status: Fixed
Owner:
huangdarwin@chromium.org
Closed: Nov 21
Components:
EstimatedDays: ----
NextAction: ----
OS: Linux , Windows , Mac
Pri: 1
Type: Bug



Sign in to add a comment

BlinkLeakDetector: Mouse drag related layout tests are leaking

Project Member Reported by keishi@google.com, Nov 9 
The following tests began leaking from Build #26202

editing/pasteboard/drag-image-to-contenteditable-in-iframe.html
editing/selection/crash-on-drag-with-mutation-events.html
editing/selection/drag-to-contenteditable-iframe.html
fast/dnd/dragtriggerdommove/drag-trigger-dom-move-nested-iframe.html
fast/dnd/dragtriggerdommove/drag-trigger-dom-move-nested-iframes.html
fast/events/drag-dragend-detaches.html
fast/events/drag-in-frames.html
fast/events/drag-remove-iframe-crash.html
fast/events/inputevents/beforeinput-remove-iframe-crash.html
fast/events/standalone-image-drag-to-editable.html
http/tests/misc/drag-over-iframe-invalid-source-crash.html
http/tests/security/drag-drop-different-origin.html
virtual/mouseevent_fractional/fast/events/drag-dragend-detaches.html
virtual/mouseevent_fractional/fast/events/drag-in-frames.html
virtual/mouseevent_fractional/fast/events/drag-remove-iframe-crash.html
virtual/mouseevent_fractional/fast/events/inputevents/beforeinput-remove-iframe-crash.html
virtual/mouseevent_fractional/fast/events/standalone-image-drag-to-editable.html
virtual/outofblink-cors-ns/http/tests/security/drag-drop-different-origin.html
virtual/outofblink-cors/http/tests/security/drag-drop-different-origin.html
virtual/user-activation-v2/fast/events/drag-dragend-detaches.html
virtual/user-activation-v2/fast/events/drag-in-frames.html
virtual/user-activation-v2/fast/events/drag-remove-iframe-crash.html
virtual/user-activation-v2/fast/events/inputevents/beforeinput-remove-iframe-crash.html
virtual/user-activation-v2/fast/events/standalone-image-drag-to-editable.html

This is the first failure:
https://ci.chromium.org/buildbot/chromium.webkit/WebKit%20Linux%20Trusty%20Leak/26202

Scanning the regression range r606276 looks suspicious
https://chromium-review.googlesource.com/c/1265818

Leak detector bot works by navigating to about:blank and seeing if DOM objects survive.
My guess is that the addition of this early return is causing the drag_src_ Node to leak.
https://cs.chromium.org/chromium/src/third_party/blink/renderer/core/input/mouse_event_manager.cc?rcl=f038ea3445a10c7f8116f52afe7add030b77d243&l=1118

huangdarwin@ would you take a look? Thanks

Comment 1 by huangdarwin@google.com, Nov 9

Status: Started (was: Assigned)
Thanks for notifying me. I'm looking into this now.
Project Member

Comment 3 by bugdroid1@chromium.org, Nov 21 

The following revision refers to this bug:
  https://chromium.googlesource.com/chromium/src.git/+/2a3ca40202b5875266f6eecbd7f5103363303302

commit 2a3ca40202b5875266f6eecbd7f5103363303302
Author: Darwin Huang <huangdarwin@chromium.org>
Date: Wed Nov 21 11:31:09 2018

Drag and Drop: Frames not containing drag source shouldn't be able to reset
drag state

Only allow frames who are ancestors of the drag_src_ to reset a drag_src_

Created layout test to show previous lack of dragend when moving iframe in dom
as a result of dragging
Created layout test to verify lack of regression when frames containing drag
source are moved/detached

Fix memory leak from reverted CL https://crrev.com/c/1265818

Bug:  737691 ,  903705 ,  903933 
Change-Id: I308680446662d6548587ae2d7dd2c139b09ee581
Reviewed-on: https://chromium-review.googlesource.com/c/1336440
Commit-Queue: Victor Costan <pwnall@chromium.org>
Reviewed-by: Victor Costan <pwnall@chromium.org>
Reviewed-by: Daniel Cheng <dcheng@chromium.org>
Cr-Commit-Position: refs/heads/master@{#610001}
[add] https://crrev.com/2a3ca40202b5875266f6eecbd7f5103363303302/third_party/WebKit/LayoutTests/fast/dnd/dragtriggerdommove/drag-trigger-dom-move-iframe.html
[add] https://crrev.com/2a3ca40202b5875266f6eecbd7f5103363303302/third_party/WebKit/LayoutTests/fast/dnd/dragtriggerdommove/drag-trigger-dom-move-image.html
[add] https://crrev.com/2a3ca40202b5875266f6eecbd7f5103363303302/third_party/WebKit/LayoutTests/fast/dnd/dragtriggerdommove/drag-trigger-dom-move-nested-iframe.html
[add] https://crrev.com/2a3ca40202b5875266f6eecbd7f5103363303302/third_party/WebKit/LayoutTests/fast/dnd/dragtriggerdommove/drag-trigger-dom-move-nested-iframes.html
[add] https://crrev.com/2a3ca40202b5875266f6eecbd7f5103363303302/third_party/WebKit/LayoutTests/fast/dnd/resources/drag-trigger-dom-move.js
[modify] https://crrev.com/2a3ca40202b5875266f6eecbd7f5103363303302/third_party/blink/renderer/core/frame/local_frame.cc
[modify] https://crrev.com/2a3ca40202b5875266f6eecbd7f5103363303302/third_party/blink/renderer/core/input/mouse_event_manager.cc

Comment 4 by huangdarwin@chromium.org, Nov 21 

Thank you for the notification and investigation, keishi! The change in #3 should fix the leak.

Comment 5 by huangdarwin@chromium.org, Nov 21

Status: Fixed (was: Started)

Sign in to add a comment