Bug 1323207, part 2 - Assert early if we're painting at various points we enter JS. r=billm

nsContentUtils::IsPatternMatching is the most common by far, but the other two are generic locations that may cover a number of issues. MozReview-Commit-ID: Kli39btsqdd --HG-- extra : rebase_source : 1a7eda2a711f079978b54012d9c7466bbd6de36f
2024-10-14 05:45:37 +00:00 · 2016-12-14 16:28:57 -08:00 · 2016-12-14 16:28:57 -08:00 · d8103c4981
commit d8103c4981
parent 3112f6e469
3 changed files with 10 additions and 0 deletions
--- a/dom/base/nsContentUtils.cpp
+++ b/dom/base/nsContentUtils.cpp
@ -6743,6 +6743,8 @@ nsContentUtils::IsPatternMatching(nsAString& aValue, nsAString& aPattern,
  jsapi.Init();
  JSContext* cx = jsapi.cx();

+  MOZ_RELEASE_ASSERT(js::AllowGCBarriers(cx), "IsPatternMatching can enter the JS engine during painting. See bug 1310335.");
+
  // We can use the junk scope here, because we're just using it for
  // regexp evaluation, not actual script execution.
  JSAutoCompartment ac(cx, xpc::UnprivilegedJunkScope());
--- a/dom/base/nsImageLoadingContent.cpp
+++ b/dom/base/nsImageLoadingContent.cpp
@ -44,6 +44,7 @@

 #include "mozAutoDocUpdate.h"
 #include "mozilla/AsyncEventDispatcher.h"
+#include "mozilla/CycleCollectedJSContext.h"
 #include "mozilla/EventStates.h"
 #include "mozilla/dom/Element.h"
 #include "mozilla/dom/ImageTracker.h"
@ -148,6 +149,9 @@ nsImageLoadingContent::Notify(imgIRequest* aRequest,
  }

  {
+    MOZ_RELEASE_ASSERT(js::AllowGCBarriers(CycleCollectedJSContext::Get()->Context()),
+                       "ImageObservers can be implement in JS, so they should not be called during painting. See bug 1311841");
+
    nsAutoScriptBlocker scriptBlocker;

    for (ImageObserver* observer = &mObserverList, *next; observer;
--- a/xpcom/ds/nsObserverList.cpp
+++ b/xpcom/ds/nsObserverList.cpp
@ -10,6 +10,7 @@
 #include "nsCOMArray.h"
 #include "nsISimpleEnumerator.h"
 #include "xpcpublic.h"
+#include "mozilla/CycleCollectedJSContext.h"

 nsresult
 nsObserverList::AddObserver(nsIObserver* anObserver, bool ownsWeak)
@ -105,6 +106,9 @@ nsObserverList::NotifyObservers(nsISupports* aSubject,
                                const char* aTopic,
                                const char16_t* someData)
 {
+  MOZ_RELEASE_ASSERT(js::AllowGCBarriers(CycleCollectedJSContext::Get()->Context()),
+                     "Observers can be implement in JS, so they should not be called during painting.");
+
  nsCOMArray<nsIObserver> observers;
  FillObserverArray(observers);