Closed Bug 424416 Opened 12 years ago Closed 12 years ago

analysis wanted: finalizer safety

Categories

(Firefox Build System :: Source Code Analysis, defect)

defect
Not set

Tracking

(Not tracked)

RESOLVED INCOMPLETE

People

(Reporter: benjamin, Assigned: benjamin)

References

Details

The basic rule to be enforced is: a finalizer method may not dereference a pointer to a GC object, and it may only call functions that are marked "safe for finalizers"

* A finalizer method is a destructor of a class that inherits from MMgc::GCFinalizable
* functions may be annotated "safe for finalizers" and must follow the same rules that finalizers follow

It is especially important that we catch "instrinsic" destructors that are run as a consequence of member variables being destroyed, e.g.:

class nsFoo
{
  ~nsFoo();
};

class nsBar : public MMgc::GCFinalizable
{
  nsFoo foo;
};

Even though nsBar doesn't have an explicit destructor, the implicit destructor calls nsFoo::~nsFoo, which is not marked finalizer-safe, and should be flagged as an error.
Alright, I'm done for today. 
I pushed a script that should be complete.
Once you compile treehydra

make -C test finalizer
to check it out
Status: NEW → ASSIGNED
Blocks: XPCOMGC
Note, from experience I'm changing the spec a little as I go: a finalizer-safe method may call a method which isn't annotated for finalizer safety as long as it doesn't pass any GC objects to the method (including "this").
Assignee: nobody → benjamin
Status: ASSIGNED → NEW
Depends on: 427536
OS: Linux → All
Hardware: PC → All
This is on hold indefinitely.
Status: NEW → RESOLVED
Closed: 12 years ago
Resolution: --- → INCOMPLETE
Product: Core → Firefox Build System
You need to log in before you can comment on or make changes to this bug.