Closed Bug 424416 Opened 17 years ago Closed 16 years ago

analysis wanted: finalizer safety

Categories

(Developer Infrastructure :: Source Code Analysis, defect)

Product:
Developer Infrastructure
Component:
Source Code Analysis
Type:
defect
Priority:
Not set
Severity:
normal

Tracking

(Not tracked)

Status:
RESOLVED INCOMPLETE

People

(Reporter: benjamin, Assigned: benjamin)

References

Details

The basic rule to be enforced is: a finalizer method may not dereference a pointer to a GC object, and it may only call functions that are marked "safe for finalizers" * A finalizer method is a destructor of a class that inherits from MMgc::GCFinalizable * functions may be annotated "safe for finalizers" and must follow the same rules that finalizers follow It is especially important that we catch "instrinsic" destructors that are run as a consequence of member variables being destroyed, e.g.: class nsFoo { ~nsFoo(); }; class nsBar : public MMgc::GCFinalizable { nsFoo foo; }; Even though nsBar doesn't have an explicit destructor, the implicit destructor calls nsFoo::~nsFoo, which is not marked finalizer-safe, and should be flagged as an error.
Alright, I'm done for today. I pushed a script that should be complete. Once you compile treehydra make -C test finalizer to check it out
Status: NEW → ASSIGNED
Blocks: XPCOMGC
Note, from experience I'm changing the spec a little as I go: a finalizer-safe method may call a method which isn't annotated for finalizer safety as long as it doesn't pass any GC objects to the method (including "this").
Blocks: static_analyses
Assignee: nobody → benjamin
Status: ASSIGNED → NEW
Depends on: 427536
OS: Linux → All
Hardware: PC → All
This is on hold indefinitely.
Status: NEW → RESOLVED
Closed: 16 years ago
Resolution: --- → INCOMPLETE
Product: Core → Firefox Build System
Product: Firefox Build System → Developer Infrastructure
You need to log in before you can comment on or make changes to this bug.