Closed Bug 1432993 Opened 8 years ago Closed 7 years ago

~AutoClearTypeInferenceStateOnOOM has no callers

Categories

(Core :: JavaScript: GC, defect, P1)

Product:
Core
Component:
JavaScript: GC
Type:
defect

Tracking

()

Status:
RESOLVED DUPLICATE of bug 1479673
Tracking Flags:
Tracking Status
firefox60 --- affected
firefox61 --- wontfix
firefox62 --- fix-optional

People

(Reporter: sfink, Unassigned)

Details

(Keywords: sec-audit)

This seems unlikely. (This is with a rather stale callgraph.txt, from April 2017, but still.)
Group: core-security → javascript-core-security
Keywords: sec-audit
ff60 is "affected" in the sense that if the analysis is missing GC hazards, any consequent bugs are in ff60.
status-firefox60: --- → affected
Priority: -- → P1
What needs to be done here? Making this destructor private, I can see multiple errors being produced. However, the symbol does not appear in the object file even in debug build.
status-firefox61: --- → wontfix
status-firefox62: --- → fix-optional
Flags: needinfo?(sphink)
Oops, sorry, the bug title isn't exactly helpful. When the hazard analysis builds the callgraph, it sees no callers of this destructor. That's a bug in the analysis; there *are* calls, it's just not seeing them (due to monkey business with different destructor variants.) The fix would be in the analysis, and the problem in question is that missing callgraph edges can cause the analysis to miss finding some hazards. (So the current rating of sec-audit is correct.) Fortunately, I recently fixed this in bug 1479673.
Status: NEW → RESOLVED
Closed: 7 years ago
Flags: needinfo?(sphink)
Resolution: --- → DUPLICATE
Group: javascript-core-security
You need to log in before you can comment on or make changes to this bug.