Chromium Code Reviews
|
|
Chromium Code Reviews
Issue
1245433002:
Don't clear the forward history when replacing entries. (Closed)
|
Created:
5 years, 5 months ago by Charlie Reis Modified:
5 years, 5 months ago CC:
chromium-reviews, creis+watch_chromium.org, darin-cc_chromium.org, jam, nasko+codewatch_chromium.org, ncarter (slow), site-isolation-reviews_chromium.org Base URL:
https://chromium.googlesource.com/chromium/src.git@master Target Ref:
refs/pending/heads/master Project:
chromium Visibility:
Public. |
DescriptionDon't clear the forward history when replacing entries.
This is a prerequisite to fixing the classification of location.replace,
which should generate a new NavigationEntry and not update the old one
in place.
BUG=317872
TEST=Forward history still in place after cross-process location.replace.
Committed: https://crrev.com/ee17e93a2684e2420ab932432edce920b3355a8e
Cr-Commit-Position: refs/heads/master@{#339281}
Patch Set 1 #Patch Set 2 : Add test #
Total comments: 2
Patch Set 3 : Update test #Patch Set 4 : Fix leak #
Total comments: 5
Messages
Total messages: 17 (4 generated)
creis@chromium.org changed reviewers: + avi@chromium.org
Avi, can you take a look? This will be needed as I fix https://codereview.chromium.org/1225593003/ to use NEW_PAGE rather than EXISTING_PAGE. It's a little crazy to me that this was both wrong and untested for so long. I haven't found any cases that pass replace=true to InsertAndReplaceEntry that actually expect the forward history to get pruned, and this change seems consistent with other browsers and how we behave on in-process location.replace (which classifies as EXISTING_PAGE).
On 2015/07/16 19:29:54, Charlie Reis wrote: > It's a little crazy to me that this was both wrong and untested for so long. But not surprising.
https://codereview.chromium.org/1245433002/diff/20001/content/browser/frame_h... File content/browser/frame_host/navigation_controller_impl_browsertest.cc (right): https://codereview.chromium.org/1245433002/diff/20001/content/browser/frame_h... content/browser/frame_host/navigation_controller_impl_browsertest.cc:201: EXPECT_TRUE(controller.CanGoForward()); Are you sure that this change keeps testing the same code in RenderView that the old code did? More precisely, this is testing the "&& !navigation_state->start_params().should_replace_current_entry" part of RenderFrameImpl::didCommitProvisionalLoad. Can you delete that clause and make sure that this test fails?
https://codereview.chromium.org/1245433002/diff/20001/content/browser/frame_h... File content/browser/frame_host/navigation_controller_impl_browsertest.cc (right): https://codereview.chromium.org/1245433002/diff/20001/content/browser/frame_h... content/browser/frame_host/navigation_controller_impl_browsertest.cc:201: EXPECT_TRUE(controller.CanGoForward()); On 2015/07/16 20:00:16, Avi wrote: > Are you sure that this change keeps testing the same code in RenderView that the > old code did? More precisely, this is testing the "&& > !navigation_state->start_params().should_replace_current_entry" part of > RenderFrameImpl::didCommitProvisionalLoad. Can you delete that clause and make > sure that this test fails? Good point. The fact that I only had one additional entry made the expectation (2) the same as the buggy answer from the renderer (2). Sure enough, the test passed when removing that clause. I updated it in two ways: I preserved your original test (causing it to fail without the RenderFrameImpl clause), and I changed my new case to have 3 entries in history (which independently fails without the RenderFrameImpl clause).
Looks like I've got a memory leak; I'll take a look.
I'm sad that ScopedVectors behave this way, but I think this should fix it. PTAL. https://codereview.chromium.org/1245433002/diff/60001/content/browser/frame_h... File content/browser/frame_host/navigation_controller_impl.cc (right): https://codereview.chromium.org/1245433002/diff/60001/content/browser/frame_h... content/browser/frame_host/navigation_controller_impl.cc:1660: // ScopedVectors don't automatically delete the replaced value, so make sure Nick and I took a look, and there doesn't appear to be a safe way to replace an entry in a ScopedVector without leaking the old value, since operator[] deals with direct references in the underlying array. This isn't great, but it makes sure the old value gets deleted, and we couldn't think of a cleaner option.
lgtm https://codereview.chromium.org/1245433002/diff/60001/content/browser/frame_h... File content/browser/frame_host/navigation_controller_impl.cc (right): https://codereview.chromium.org/1245433002/diff/60001/content/browser/frame_h... content/browser/frame_host/navigation_controller_impl.cc:1660: // ScopedVectors don't automatically delete the replaced value, so make sure On 2015/07/16 23:51:14, Charlie Reis wrote: > Nick and I took a look, and there doesn't appear to be a safe way to replace an > entry in a ScopedVector without leaking the old value, since operator[] deals > with direct references in the underlying array. This isn't great, but it makes > sure the old value gets deleted, and we couldn't think of a cleaner option. Yeah. As soon as we can use the C++11 library we'll switch all use of ScopedVector to std::vector<std::unique_ptr>. Until then, this is about as good as we can make it.
dcheng@chromium.org changed reviewers: + dcheng@chromium.org
https://codereview.chromium.org/1245433002/diff/60001/content/browser/frame_h... File content/browser/frame_host/navigation_controller_impl.cc (right): https://codereview.chromium.org/1245433002/diff/60001/content/browser/frame_h... content/browser/frame_host/navigation_controller_impl.cc:1660: // ScopedVectors don't automatically delete the replaced value, so make sure On 2015/07/17 at 02:17:24, Avi wrote: > On 2015/07/16 23:51:14, Charlie Reis wrote: > > Nick and I took a look, and there doesn't appear to be a safe way to replace an > > entry in a ScopedVector without leaking the old value, since operator[] deals > > with direct references in the underlying array. This isn't great, but it makes > > sure the old value gets deleted, and we couldn't think of a cleaner option. > > Yeah. As soon as we can use the C++11 library we'll switch all use of ScopedVector to std::vector<std::unique_ptr>. Until then, this is about as good as we can make it. An alternate way of doing this which maintains the unique ownership invariant of scoped_ptr is this: entries_.push_back(entry); using std::swap; swap(entries[last_committed_entry_index_], entries[entries.size() - 1]); entries_.pop_back();
nick@chromium.org changed reviewers: + nick@chromium.org
https://codereview.chromium.org/1245433002/diff/60001/content/browser/frame_h... File content/browser/frame_host/navigation_controller_impl.cc (right): https://codereview.chromium.org/1245433002/diff/60001/content/browser/frame_h... content/browser/frame_host/navigation_controller_impl.cc:1660: // ScopedVectors don't automatically delete the replaced value, so make sure On 2015/07/17 03:49:59, dcheng wrote: > On 2015/07/17 at 02:17:24, Avi wrote: > > On 2015/07/16 23:51:14, Charlie Reis wrote: > > > Nick and I took a look, and there doesn't appear to be a safe way to replace > an > > > entry in a ScopedVector without leaking the old value, since operator[] > deals > > > with direct references in the underlying array. This isn't great, but it > makes > > > sure the old value gets deleted, and we couldn't think of a cleaner option. > > > > Yeah. As soon as we can use the C++11 library we'll switch all use of > ScopedVector to std::vector<std::unique_ptr>. Until then, this is about as good > as we can make it. > > An alternate way of doing this which maintains the unique ownership invariant of > scoped_ptr is this: > entries_.push_back(entry); > using std::swap; > swap(entries[last_committed_entry_index_], entries[entries.size() - 1]); > entries_.pop_back(); reinterpret_cast<scoped_ptr<NavigationEntryImpl>&>(entries[last_commited_entry_index_]) = entry.Pass(); , obviously. Although I'm kidding, this is actually how the google3 PointerVector's operator[] worked until recently. (cl/60585078)
https://codereview.chromium.org/1245433002/diff/60001/content/browser/frame_h... File content/browser/frame_host/navigation_controller_impl.cc (right): https://codereview.chromium.org/1245433002/diff/60001/content/browser/frame_h... content/browser/frame_host/navigation_controller_impl.cc:1660: // ScopedVectors don't automatically delete the replaced value, so make sure On 2015/07/17 16:54:20, ncarter wrote: > On 2015/07/17 03:49:59, dcheng wrote: > > On 2015/07/17 at 02:17:24, Avi wrote: > > > On 2015/07/16 23:51:14, Charlie Reis wrote: > > > > Nick and I took a look, and there doesn't appear to be a safe way to > replace > > an > > > > entry in a ScopedVector without leaking the old value, since operator[] > > deals > > > > with direct references in the underlying array. This isn't great, but it > > makes > > > > sure the old value gets deleted, and we couldn't think of a cleaner > option. > > > > > > Yeah. As soon as we can use the C++11 library we'll switch all use of > > ScopedVector to std::vector<std::unique_ptr>. Until then, this is about as > good > > as we can make it. > > > > An alternate way of doing this which maintains the unique ownership invariant > of > > scoped_ptr is this: > > entries_.push_back(entry); > > using std::swap; > > swap(entries[last_committed_entry_index_], entries[entries.size() - 1]); > > entries_.pop_back(); > > reinterpret_cast<scoped_ptr<NavigationEntryImpl>&>(entries[last_commited_entry_index_]) > = entry.Pass(); > > , obviously. Although I'm kidding, this is actually how the google3 > PointerVector's operator[] worked until recently. (cl/60585078) Heh, I've stumbled into a fun corner case, I see. :) I'm inclined to avoid the extra array operations and stick with the current approach if we'll be able to use the C++11 library before too long. std::vector<std::unique_ptr> seems like it will be the best option.
The CQ bit was checked by creis@chromium.org
CQ is trying da patch. Follow status at https://chromium-cq-status.appspot.com/patch-status/1245433002/60001
Message was sent while issue was closed.
Committed patchset #4 (id:60001)
Message was sent while issue was closed.
Patchset 4 (id:??) landed as https://crrev.com/ee17e93a2684e2420ab932432edce920b3355a8e Cr-Commit-Position: refs/heads/master@{#339281} |
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
