Closed Bug 834766 Opened 11 years ago Closed 11 years ago

GC: Fix some more rooting issues found by static analysis

Categories

(Core :: JavaScript Engine, defect)

Product:
Core
Component:
JavaScript Engine
Platform:
x86
macOS
Type:
defect
Priority:
Not set
Severity:
normal

Tracking

()

Status:
RESOLVED FIXED
Milestone:
mozilla21

People

(Reporter: jonco, Assigned: jonco)

Details

Attachments

(2 files, 1 obsolete file)

Proposed fix v2
10.91 KB, patch
sfink
: review+
Details | Diff | Splinter Review
Also root some out params
6.74 KB, patch
sfink
: review+
Details | Diff | Splinter Review 
      No description provided.
Attached patch Proposed fix (obsolete) — Splinter Review 

        Attachment #706453 -
        Flags: review?(sphink)

    
    

    
  
Comment on attachment 706453 [details] [diff] [review]
Proposed fix

Review of attachment 706453 [details] [diff] [review]:
-----------------------------------------------------------------

::: js/src/jsstr.cpp
@@ +3143,3 @@
>         CallReceiver call)
>  {
> +    RootedLinearString param(cx, paramArg);

I'd rather you switch the param to a Handle. Most of the callers will pass NullPtr() anyway.

::: js/src/jswrapper.cpp
@@ +418,3 @@
>                                                 PropertyDescriptor *desc, unsigned flags)
>  {
> +    RootedObject wrapper(cx, wrapperArg);

How hard would it be to Handle-ify all the params in jswrapper.cpp? They're used in some funky macros, so I couldn't easily tell. If it's a pain, this is fine for now, but I wanted to ask before giving an r+.

::: js/src/vm/ObjectImpl.cpp
@@ +85,3 @@
>                                      PropDesc *unwrapped) const
>  {
> +    RootedObject obj(cx, objArg);

This should definitely be a Handle too. The callers pass a RootedObject, though the declaration is hidden in a macro.

@@ +132,3 @@
>                     PropDesc *desc) const
>  {
> +    RootedObject obj(cx, objArg);

Same. (Same RootedObjects are passed in, even.)

        Attachment #706453 -
        Flags: review?(sphink)

    
    

    
  

      
      
      
      

        Attached patch
          
          
        Proposed fix v2Splinter Review
      

    


  
Thanks for the comments.

I didn't Handleify the jswrapper stuff because it would involve changing the whole API.  I've split that part out from this patch and will attempt that separately.

        Attachment #706453 -
        Attachment is obsolete: true

        Attachment #707088 -
        Flags: review?(sphink)

    
    

    
  


  

        Attachment #707095 -
        Flags: review?(sphink)

        Attachment #707088 -
        Flags: review?(sphink) → review+

        Attachment #707095 -
        Flags: review?(sphink) → review+

    
    

    
  
https://hg.mozilla.org/mozilla-central/rev/0e64eba37805
https://hg.mozilla.org/mozilla-central/rev/f6367c0f3f2b
Status: ASSIGNED → RESOLVED
Closed: 11 years ago
Resolution: --- → FIXED
Target Milestone: --- → mozilla21

          You need to log in
          before you can comment on or make changes to this bug.
        






  

    
  







  

    

      
Attachment

      

      
      
      
      
    

    

      

        

          

            
General

            

              Creator: 



            

            
Created: 

            
Updated: 

            
Size: