Magic-Mirror/gecko-dev
1
0
Fork 0
mirror of https://github.com/mozilla/gecko-dev.git synced 2024-10-20 16:55:40 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

Bug 1221448 - Leak instead of crashing on off-main-thread NPAPI _releaseobject; r=jandem r=jst r=bsmedberg

Browse Source
This commit is contained in:
Kyle Machulis 2015-12-03 14:51:52 -08:00
parent 8579f4894a
commit 7c9986e33b
1 changed files with 13 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

16
dom/plugins/base/nsNPAPIPlugin.cpp
View File

@ -1254,12 +1254,22 @@ _retainobject(NPObject* npobj)
void
_releaseobject(NPObject* npobj)
{
// If nothing is passed, just return, even if we're on the wrong thread.
if (!npobj) {
return;
}
// THIS IS A KNOWN LEAK. SEE BUG 1221448.
// If releaseobject is called off the main thread and we have a valid pointer,
// we at least know it was created on the main thread (see _createobject
// implementation). However, forwarding the deletion back to the main thread
// without careful checking could cause bad memory management races. So, for
// now, we leak by warning and then just returning early. But it should fix
// java 7 crashes.
if (!NS_IsMainThread()) {
NPN_PLUGIN_LOG(PLUGIN_LOG_ALWAYS,("NPN_releaseobject called from the wrong thread\n"));
MOZ_CRASH("NPN_releaseobject called from the wrong thread");
}
if (!npobj)
return;
}
int32_t refCnt = PR_ATOMIC_DECREMENT((int32_t*)&npobj->referenceCount);
NS_LOG_RELEASE(npobj, refCnt, "BrowserNPObject");