[webkit-changes] [WebKit/WebKit] 56280c: The Document object is leaked on some pages using ...

Ryan Reno noreply at github.com
Wed May 3 20:09:58 PDT 2023 

  Branch: refs/heads/main
  Home:   https://github.com/WebKit/WebKit
  Commit: 56280cdcbd8a337b7a904678c4bd955a5bbb1e31
      https://github.com/WebKit/WebKit/commit/56280cdcbd8a337b7a904678c4bd955a5bbb1e31
  Author: Ryan Reno <rreno at apple.com>
  Date:   2023-05-03 (Wed, 03 May 2023)

  Changed paths:
    A LayoutTests/media/media-session/actionHandler-no-document-leak-expected.txt
    A LayoutTests/media/media-session/actionHandler-no-document-leak.html
    A LayoutTests/media/media-session/resources/media-session-action-handler-document-leak-frame.html
    M Source/WebCore/Modules/mediasession/MediaSessionActionHandler.h
    M Source/WebCore/Modules/mediasession/MediaSessionActionHandler.idl

  Log Message:
  -----------
  The Document object is leaked on some pages using media (like YouTube.com)
https://bugs.webkit.org/show_bug.cgi?id=251835
rdar://105112595

Reviewed by Chris Dumez.

By default a callback holds a Strong<> reference to the JS Function
object. This has the effect of making the callback a GC root. Another
option is to annotate the callback with the IsWeakCallback extended
attribute which will hold the callback object as a Weak reference and
keep it alive via the visitJSFunction mechanism instead of making it a
root.

In the case of MediaSessionActionHandler the strong reference will
prevent an HTMLDocument from being garbage collected even after
navigating away and clearing the caches (after a low memory warning, for
example). This change adds the IsWeakCallback attribute and the
necessary virtual function to the MediaSessionActionHandler base class.

LayoutTests:
    Add a test to check that action handlers installed by the page are
    not leaked. Use an iframe to install and exercise the action
    handlers before the iframe is navigated away and a garbage
    collection is triggered (repeatedly). If after 500 attempts at GC
    the document containing the action handlers still exists we consider
    the document leaked.

* LayoutTests/media/media-session/actionHandler-no-document-leak-expected.txt: Added.
* LayoutTests/media/media-session/actionHandler-no-document-leak.html: Added.
* LayoutTests/media/media-session/resources/media-session-action-handler-document-leak-frame.html: Added.

* Source/WebCore/Modules/mediasession/MediaSessionActionHandler.h:
* Source/WebCore/Modules/mediasession/MediaSessionActionHandler.idl:

Canonical link: https://commits.webkit.org/263660@main

More information about the webkit-changes mailing list