Closed Bug 876805 Opened 11 years ago Closed 11 years ago

Fix unsafe reference hazards in dom/ code

Categories

(Core :: DOM: Core & HTML, defect)

Product:
Core
Component:
DOM: Core & HTML
Platform:
x86
macOS
Type:
defect
Priority:
Not set
Severity:
normal

Tracking

()

Status:
RESOLVED FIXED
Milestone:
mozilla24

People

(Reporter: bzbarsky, Assigned: bzbarsky)

References

Details

Attachments

(1 file)

Fix unsafe reference gc hazards in dom/ code.
29.02 KB, patch
smaug
: review+
Details | Diff | Splinter Review 
Most of these seem to be real issues.
I think that leaves the following unsafe references in dom/ code:

dom/plugins/base/nsJSNPRuntime.cpp:534 -- False positive, I think, due to
                                          virtual hashtable ops. We could try to
                                          rearrange code to make it not so, but
                                          it's hard.
dom/plugins/base/nsJSNPRuntime.cpp:1025 -- same
dom/workers/EventListenerManager.cpp:362 -- false positive for nsAutoJSValHolder, I think
Comment on attachment 754982 [details] [diff] [review]
Fix unsafe reference gc hazards in dom/ code.

I wonder if there was some other way to do 
JS::Rooted<JS::Value> undef(cx, JS::UndefinedValue()); ...
Attachment #754982 - Flags: review?(bugs) → review+
For what it's worth, that code dies in bug 877281.

Thanks for the review!
https://hg.mozilla.org/integration/mozilla-inbound/rev/f327a0802164
Flags: in-testsuite-
Whiteboard: [need review]
Target Milestone: --- → mozilla24
https://hg.mozilla.org/mozilla-central/rev/f327a0802164
Status: NEW → RESOLVED
Closed: 11 years ago
Resolution: --- → FIXED
Component: DOM → DOM: Core & HTML
You need to log in before you can comment on or make changes to this bug.

Attachment

General

Creator:
Created:
Updated:
Size: