[Webkit-unassigned] [Bug 156831] [WinCairo] heap corruption is detected when destructing JSGlobalObject
bugzilla-daemon at webkit.org
bugzilla-daemon at webkit.org
Sun Apr 24 22:16:52 PDT 2016
https://bugs.webkit.org/show_bug.cgi?id=156831
--- Comment #8 from Darin Adler <darin at apple.com> ---
Comment on attachment 277215
--> https://bugs.webkit.org/attachment.cgi?id=277215
Patch
Looks like a good change.
I have these concerns:
1) A code change to shared code like this should not use the [WinCairo] prefix on the bug title.
2) The explanation covers why JSGlobalObjectRareData needs to be changed, but does not explain the Lock change at all.
3) Nothing has been done to prevent this kind of problem from happening in the future in the WinCairo port; other ports don’t depend so sensitively on the the use of WTF_MAKE_FAST_ALLOCATED. Someone needs to come up with a technique to prevent this kind of error from being reintroduced in the future.
Otherwise the patch looks OK to me.
--
You are receiving this mail because:
You are the assignee for the bug.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.webkit.org/pipermail/webkit-unassigned/attachments/20160425/f972f6ac/attachment.html>
More information about the webkit-unassigned
mailing list