Last Comment Bug 671080 - Add assertion checking to ensure no unintentional cross-compartment wrappers are created
: Add assertion checking to ensure no unintentional cross-compartment wrappers ...
Status: RESOLVED FIXED
:
Product: Core
Classification: Components
Component: JavaScript Engine (show other bugs)
: unspecified
: All All
: -- normal (vote)
: mozilla8
Assigned To: [PTO to Dec5] Bill McCloskey (:billm)
:
: Jason Orendorff [:jorendorff]
Mentors:
Depends on:
Blocks: 670702
  Show dependency treegraph
 
Reported: 2011-07-12 14:27 PDT by [PTO to Dec5] Bill McCloskey (:billm)
Modified: 2011-07-15 06:57 PDT (History)
2 users (show)
See Also:
Crash Signature:
(edit)
QA Whiteboard:
Iteration: ---
Points: ---
Has Regression Range: ---
Has STR: ---


Attachments
assertions (3.01 KB, patch)
2011-07-12 14:27 PDT, [PTO to Dec5] Bill McCloskey (:billm)
no flags Details | Diff | Splinter Review
nicer patch (2.64 KB, patch)
2011-07-12 14:32 PDT, [PTO to Dec5] Bill McCloskey (:billm)
mrbkap: review+
Details | Diff | Splinter Review

Description [PTO to Dec5] Bill McCloskey (:billm) 2011-07-12 14:27:36 PDT
Created attachment 545480 [details] [diff] [review]
assertions

Bug 670702 has evidence that some non-cross compartment JSWrappers have pointers outside their compartment. Blake confirms that this is not expected. This patch adds some additional opt-mode assertions to try and narrow down the code creating these pointers.

I'm sorry about how gross the check is. Unfortunately, we're not allowed to get the compartment for static strings, since they're not part of the GC heap.
Comment 1 [PTO to Dec5] Bill McCloskey (:billm) 2011-07-12 14:32:33 PDT
Created attachment 545485 [details] [diff] [review]
nicer patch

Since the priv field can't be a string, this patch is shorter.

Note You need to log in before you can comment on or make changes to this bug.