[Webkit-unassigned] [Bug 20403] [Gtk] Segfault after a table with an iframe is attempted to be added twice to DOM model with javascript.
bugzilla-daemon at webkit.org
bugzilla-daemon at webkit.org
Sun Sep 21 00:51:21 PDT 2008
https://bugs.webkit.org/show_bug.cgi?id=20403
mrowe at apple.com changed:
What |Removed |Added
----------------------------------------------------------------------------
CC| |mrowe at apple.com
------- Comment #16 from mrowe at apple.com 2008-09-21 00:51 PDT -------
(In reply to comment #14)
> the fix _really is_ to check that m_frame != NULL. much better would be to
> copy the style of the JS Bindings, which already have this concept of
> "mark()ing".
The JavaScript bindings have a concept of marking because JavaScriptCore uses a
mark/sweep garbage collector. The collector needs to know which objects are
still reachable, so it asks the root set of objects to mark themselves. Each
object marks itself, then asks each object it has a reference to to mark
itself, which results in recursively marking the entire live JS object graph.
WebCore and WebKit are not garbage collected in this respect, they instead use
the simpler approach of reference counting. Introducing a "mark" method for
refcounted objects doesn't make a lot of sense.
--
Configure bugmail: https://bugs.webkit.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.
More information about the webkit-unassigned
mailing list