Closed Bug 1372643 Opened 3 years ago Closed 3 years ago
Loader::Encode Bytecode might be called after dropping the document reference .
ScriptLoader::EncodeBytecode currently use get the script global out of the mDocument field. We should check that mDocument is not null before calling GetScriptGlobalObject.
This function is used in various places where it might not be obvious that mDocument is not null, and in EncodeBytecode and GiveUpBytecodeEncoding where it might potentially be nullified on the mDocument destruction, while the ScriptLoader is kept alive by the NewRunnableMethod from MaybeTriggerBytecodeEncoding.
Attachment #8877235 - Flags: review?(mrbkap)
Attachment #8877235 - Flags: review?(mrbkap) → review+
Pushed by email@example.com: https://hg.mozilla.org/integration/mozilla-inbound/rev/1ea55f730fc0 Guard ScriptLoader::GetScriptGlobalObject with mDocument weak-ptr check. r=mrbkap
You need to log in before you can comment on or make changes to this bug.