Branch: refs/heads/main
Home: https://github.com/WebKit/WebKit
Commit: e938617efad650e9578a649cdba3085c97393e4b
https://github.com/WebKit/WebKit/commit/e938617efad650e9578a649cdba3085c97393e4b
Author: Ryan Reno <[email protected]>
Date: 2023-05-09 (Tue, 09 May 2023)
Changed paths:
A LayoutTests/media/media-session/actionHandler-lifetime-expected.txt
A LayoutTests/media/media-session/actionHandler-lifetime.html
A
LayoutTests/media/media-session/actionHandler-no-document-leak-expected.txt
A LayoutTests/media/media-session/actionHandler-no-document-leak.html
A
LayoutTests/media/media-session/resources/media-session-action-handler-document-leak-frame.html
M Source/WebCore/Modules/mediasession/MediaSession.cpp
M Source/WebCore/Modules/mediasession/MediaSession.h
M Source/WebCore/Modules/mediasession/MediaSession.idl
M Source/WebCore/Modules/mediasession/MediaSessionActionHandler.h
M Source/WebCore/Modules/mediasession/MediaSessionActionHandler.idl
M Source/WebCore/Sources.txt
M Source/WebCore/WebCore.xcodeproj/project.pbxproj
A Source/WebCore/bindings/js/JSMediaSessionCustom.cpp
Log Message:
-----------
The Document object is leaked on some pages using media (like YouTube.com)
https://bugs.webkit.org/show_bug.cgi?id=251835
rdar://105112595
Reviewed by Chris Dumez.
Re-land of 263660@main (and 263715@main) fixing crashes due to
prematurely garbage collected MediaSessionActionHandler JS wrappers.
By default a callback holds a Strong<> reference to the JS Function
object. This has the effect of making the callback a GC root. Another
option is to annotate the callback with the IsWeakCallback extended
attribute which will hold the callback object as a Weak reference and
keep it alive via the visitJSFunction mechanism instead of making it a
root.
In the case of MediaSessionActionHandler the strong reference will
prevent an HTMLDocument from being garbage collected even after
navigating away and clearing the caches (after a low memory warning, for
example). This change adds the IsWeakCallback attribute and the
necessary virtual function to the MediaSessionActionHandler base class
and makes changes to allow the MediaSession to mark any action handlers
that have been added to it.
LayoutTests:
Add a test to check that action handlers installed by the page are
not leaked. Use an iframe to install and exercise the action
handlers before the iframe is navigated away and a garbage
collection is triggered (repeatedly). If after 500 attempts at GC
the document containing the action handlers still exists we consider
the document leaked.
Also add a test to check that action handlers survive garbage
collection and can be called when appropriate.
* LayoutTests/media/media-session/actionHandler-lifetime-expected.txt: Added.
* LayoutTests/media/media-session/actionHandler-lifetime.html: Added.
* LayoutTests/media/media-session/actionHandler-no-document-leak-expected.txt:
Added.
* LayoutTests/media/media-session/actionHandler-no-document-leak.html: Added.
*
LayoutTests/media/media-session/resources/media-session-action-handler-document-leak-frame.html:
Added.
* Source/WebCore/Modules/mediasession/MediaSession.cpp:
(WebCore::MediaSession::virtualHasPendingActivity const):
(WebCore::MediaSession::setActionHandler):
(WebCore::MediaSession::callActionHandler):
* Source/WebCore/Modules/mediasession/MediaSession.h:
(WebCore::MediaSession::hasActiveActionHandlers const):
(WebCore::MediaSession::visitActionHandlers const):
* Source/WebCore/Modules/mediasession/MediaSession.idl:
* Source/WebCore/Modules/mediasession/MediaSessionActionHandler.h:
* Source/WebCore/Modules/mediasession/MediaSessionActionHandler.idl:
* Source/WebCore/Sources.txt:
* Source/WebCore/WebCore.xcodeproj/project.pbxproj:
* Source/WebCore/bindings/js/JSMediaSessionCustom.cpp: Added.
(WebCore::JSMediaSession::visitAdditionalChildren):
Canonical link: https://commits.webkit.org/263868@main
_______________________________________________
webkit-changes mailing list
[email protected]
https://lists.webkit.org/mailman/listinfo/webkit-changes
