Closed Bug 1589108 Opened 6 years ago Closed 6 years ago

Assert that the current realm's global is not gray on entry to the JS API

Categories

(Core :: JavaScript: GC, task, P1)

Product:
Core
Component:
JavaScript: GC
Type:
task

Tracking

()

Status:
RESOLVED FIXED
Milestone:
mozilla72
Tracking Flags:
Tracking Status
firefox72 --- fixed

People

(Reporter: jonco, Assigned: jonco)

Details

Attachments

(1 file)

Bug 1589108 Assert that the current realm's global is not gray on entry to the JS API r?jandem
47 bytes, text/x-phabricator-request
Details | Review

This came up in bug 1399866 where we use AutoRealmUnchecked to enter a gray realm when remapping wrappers and then call the embedding remap hook. This can enter the JS API still in the gray realm.

We can prevent this by adding a check to the context checks we do at most API entry points.

Pushed by jcoppeard@mozilla.com: https://hg.mozilla.org/integration/autoland/rev/2c8041858580 Assert that the current realm's global is not gray on entry to the JS API r=jandem

https://hg.mozilla.org/mozilla-central/rev/2c8041858580

Status: NEW → RESOLVED
Closed: 6 years ago
status-firefox72: --- → fixed
Resolution: --- → FIXED
Target Milestone: --- → mozilla72
You need to log in before you can comment on or make changes to this bug.

Attachment

General

Creator:
Created:
Updated:
Size: