[webkit-reviews] review denied: [Bug 135178] JSDOMWindowShell leaks on pages with media elements : [Attachment 235328] [PATCH] Proposed Fix
bugzilla-daemon at webkit.org
bugzilla-daemon at webkit.org
Tue Jul 22 20:23:36 PDT 2014
Oliver Hunt <oliver at apple.com> has denied Joseph Pecoraro
<joepeck at webkit.org>'s request for review:
Bug 135178: JSDOMWindowShell leaks on pages with media elements
https://bugs.webkit.org/show_bug.cgi?id=135178
Attachment 235328: [PATCH] Proposed Fix
https://bugs.webkit.org/attachment.cgi?id=235328&action=review
------- Additional Comments from Oliver Hunt <oliver at apple.com>
View in context: https://bugs.webkit.org/attachment.cgi?id=235328&action=review
> Source/WebCore/bindings/js/ScriptController.cpp:189
> + Vector<JSC::Strong<JSDOMWindowShell>> windowShells;
> + copyValuesToVector(m_windowShells, windowShells);
> +
> + for (size_t i = 0; i < windowShells.size(); ++i) {
> + JSDOMWindowShell* windowShell = windowShells[i].get();
We must take this, file it as a separate bug as this code is otherwise sadly
unsafe :(
> Source/WebCore/html/HTMLMediaElement.cpp:421
> + if (m_isolatedWorld)
> + m_isolatedWorld->clearWrappers();
This is wrong - it means if we ever destroy an htmlmediaelement we'll nuke all
the dom wrappers
More information about the webkit-reviews
mailing list