Closed
Bug 876805
Opened 11 years ago
Closed 11 years ago
Fix unsafe reference hazards in dom/ code
Categories
(Core :: DOM: Core & HTML, defect)
Tracking
()
RESOLVED
FIXED
mozilla24
People
(Reporter: bzbarsky, Assigned: bzbarsky)
References
Details
Attachments
(1 file)
|
(deleted),
patch
|
smaug
:
review+
|
Details | Diff | Splinter Review |
Most of these seem to be real issues.
|
Assignee | |
Comment 1•11 years ago
|
||
Attachment #754982 -
Flags: review?(bugs)
|
|
Assignee | |
Comment 2•11 years ago
|
||
I think that leaves the following unsafe references in dom/ code:
dom/plugins/base/nsJSNPRuntime.cpp:534 -- False positive, I think, due to
virtual hashtable ops. We could try to
rearrange code to make it not so, but
it's hard.
dom/plugins/base/nsJSNPRuntime.cpp:1025 -- same
dom/workers/EventListenerManager.cpp:362 -- false positive for nsAutoJSValHolder, I think
|
||
Comment 3•11 years ago
|
||
Comment on attachment 754982 [details] [diff] [review]
Fix unsafe reference gc hazards in dom/ code.
I wonder if there was some other way to do
JS::Rooted<JS::Value> undef(cx, JS::UndefinedValue()); ...
Attachment #754982 -
Flags: review?(bugs) → review+
|
|
Assignee | |
Comment 4•11 years ago
|
||
For what it's worth, that code dies in bug 877281.
Thanks for the review!
|
|
Assignee | |
Comment 5•11 years ago
|
||
Flags: in-testsuite-
Whiteboard: [need review]
Target Milestone: --- → mozilla24
|
||
Comment 6•11 years ago
|
||
Status: NEW → RESOLVED
Closed: 11 years ago
Resolution: --- → FIXED
|
||
Updated•6 years ago
|
Component: DOM → DOM: Core & HTML
You need to log in
before you can comment on or make changes to this bug.
Description
•