Window.postMessage() to self can cause document leaks
When a script does Window.postMessage() a PostMessageTimer object is
stored in the LocalDOMWindow until the message has been delivered, or
until it is cleared in the destructor of LocalDOMWindow. When a
LocalDOMWindow is reset the remaining messages will not be
delivered. Any PostMessageTimer objects alive at that point will be
kept until the LocalDOMWindow is destroyed. Unfortunately, the
PostMessageTimer objects keeps a reference to the source window. If
both the source and destination window of the message is the same, the
PostMessageTimer can keep that LocalDOMWindow from getting destroyed.
Removing the PostMessageTimers when stop() is invoked fixes the problem.
BUG=
Review URL: https://codereview.chromium.org/1148133005
git-svn-id: svn://svn.chromium.org/blink/trunk@196930 bbb929c8-8fbe-4397-9dbb-9b2b20218538
4 files changed
