This removes the need for the content process to have permissions to create new
files on macOS, allowing more aggressive sandboxing.
MozReview-Commit-ID: 8agL5jwxDSL
--HG--
extra : rebase_source : 17ebcef3e9d24f3d4e7515e3fae95e65cef76a79
This removes the need for the content process to have permissions to create new
files on macOS, allowing more aggressive sandboxing.
MozReview-Commit-ID: 8agL5jwxDSL
--HG--
extra : rebase_source : 215577cd5ced3994a4c3345377b3feedea07e886
This method is used to replace some GetNativePath usage for logging.
MozReview-Commit-ID: 9nWf2r4oviA
--HG--
extra : rebase_source : b58e45ab38621179cd802979131fdddbfe65079e
extra : intermediate-source : b4ded2247082f98fe18eb640c5fafeb9bc107ac0
extra : source : 21a82c1faeffc7c0d7b3a5ef0ae4c5243c81a586
This method is used by some subsequent patches when unique opaque identifiers are necessary.
MozReview-Commit-ID: AreqK4MHdJP
--HG--
extra : rebase_source : d5b85c2c9212618f54a6ac2f5199651b01c99510
extra : intermediate-source : 67c3c7a1012b9fdd628928bec61472c6ce580616
extra : source : c9a67330c600dbe454fd2ce5025247171e0c0e22
Currently only |value_type| is implemented.
MozReview-Commit-ID: 1mejzvkuako
--HG--
extra : rebase_source : 69e08073adbb9a866db26e515702a0659ece0a70
extra : intermediate-source : 3696381ddfdc19ab2f901ca4247e1cb4efb27731
extra : source : 35d760da1d73dd51614f434c26e5ce80ff690829
This patch adjusts tools/fuzzing/ in such a way that the relevant parts can be
reused in the JS engine. Changes in detail include:
* Various JS_STANDALONE checks to exclude parts that cannot be included in
those builds.
* Turn LibFuzzerRegistry and LibFuzzerRunner into generic FuzzerRegistry and
FuzzerRunner classes and use them for AFL as well. Previously, AFL was
piggy-backing on gtests which was kind of an ugly solution anyway (besides
that it can't work in JS). Now more code like registry and harness is
shared between the two and they follow almost the same call paths and entry
points. AFL macros in FuzzingInterface have been rewritten accordingly.
This also required name changes in various places. Furthermore, this unifies
the way, the fuzzing target is selected, using the FUZZER environment
variable rather than LIBFUZZER (using LIBFUZZER in browser builds will give
you a deprecation warning because I know some people are using this already
and need time to switch). Previously, AFL target had to be selected using
GTEST_FILTER, so this is also much better now.
* I had to split up FuzzingInterface* such that the STREAM parts are in a
separate set of files FuzzingInterfaceStream* because they use nsStringStream
which is not allowed to be included into the JS engine even in a full browser
build (error: "Using XPCOM strings is limited to code linked into libxul.").
I also had to pull FuzzingInterface.cpp (the RAW part only) into the header
and make it static because otherwise, would have to make not only separate
files but also separate libraries to statically link to the JS engine, which
seemed overkill for a single small function. The streaming equivalent of the
function is still in a cpp file.
* LibFuzzerRegister functions are now unique by appending the module name to
avoid redefinition errors.
MozReview-Commit-ID: 44zWCdglnHr
--HG--
extra : rebase_source : fe07c557032fd33257eb701190becfaf85ab79d0
This patch adjusts tools/fuzzing/ in such a way that the relevant parts can be
reused in the JS engine. Changes in detail include:
* Various JS_STANDALONE checks to exclude parts that cannot be included in
those builds.
* Turn LibFuzzerRegistry and LibFuzzerRunner into generic FuzzerRegistry and
FuzzerRunner classes and use them for AFL as well. Previously, AFL was
piggy-backing on gtests which was kind of an ugly solution anyway (besides
that it can't work in JS). Now more code like registry and harness is
shared between the two and they follow almost the same call paths and entry
points. AFL macros in FuzzingInterface have been rewritten accordingly.
This also required name changes in various places. Furthermore, this unifies
the way, the fuzzing target is selected, using the FUZZER environment
variable rather than LIBFUZZER (using LIBFUZZER in browser builds will give
you a deprecation warning because I know some people are using this already
and need time to switch). Previously, AFL target had to be selected using
GTEST_FILTER, so this is also much better now.
* I had to split up FuzzingInterface* such that the STREAM parts are in a
separate set of files FuzzingInterfaceStream* because they use nsStringStream
which is not allowed to be included into the JS engine even in a full browser
build (error: "Using XPCOM strings is limited to code linked into libxul.").
I also had to pull FuzzingInterface.cpp (the RAW part only) into the header
and make it static because otherwise, would have to make not only separate
files but also separate libraries to statically link to the JS engine, which
seemed overkill for a single small function. The streaming equivalent of the
function is still in a cpp file.
* LibFuzzerRegister functions are now unique by appending the module name to
avoid redefinition errors.
MozReview-Commit-ID: 44zWCdglnHr
--HG--
rename : tools/fuzzing/libfuzzer/harness/LibFuzzerRunner.cpp => tools/fuzzing/interface/harness/FuzzerRunner.cpp
rename : tools/fuzzing/libfuzzer/harness/LibFuzzerRunner.h => tools/fuzzing/interface/harness/FuzzerRunner.h
rename : tools/fuzzing/libfuzzer/harness/LibFuzzerTestHarness.h => tools/fuzzing/interface/harness/FuzzerTestHarness.h
rename : tools/fuzzing/libfuzzer/harness/moz.build => tools/fuzzing/interface/harness/moz.build
rename : tools/fuzzing/libfuzzer/harness/LibFuzzerRegistry.cpp => tools/fuzzing/registry/FuzzerRegistry.cpp
rename : tools/fuzzing/libfuzzer/harness/LibFuzzerRegistry.h => tools/fuzzing/registry/FuzzerRegistry.h
extra : rebase_source : 7d0511ca0591dbf4d099376011402e063a79ee3b
Historically, PSM has handled tracking NSS resources, releasing them, and
shutting down NSS in a coordinated manner (i.e. preventing races,
use-after-frees, etc.). This approach has proved intractable. This patch
introduces a new approach: have XPCOM shut down NSS after all threads have been
joined and the component manager has been shut down (and so there shouldn't be
any XPCOM objects holding NSS resources).
Note that this patch only attempts to determine if this approach will work. If
it does, we will have to go through alter and remove the remnants of the old
approach (i.e. nsNSSShutDownPreventionLock and related machinery). This will be
done in bug 1421084.
MozReview-Commit-ID: LjgEl1UZqkC
--HG--
extra : rebase_source : 2182e60d04e89a91278d5ee91610f8f37d99a9c9
This adds a copy constructor that uses Rebind to preserve the reference to
static data rather allocate a new shared buffer.
--HG--
extra : rebase_source : db04def1137a9be646b8e09dfee780c9163a585c
Firefox in Flatpak sandboxed environment does not get the list
of installed applications on the system because application should
know about the environment as little as possible. Introducing
nsFlatpakHandlerApp which forwards requests for opening downloaded files
to the system by utilizing gtk_show_uri fuction.
This changeset also removes nsIGIOMimeApp::Launch method from the interface
because it can be fully replaced with LaunchWithUri from nsIHandlerApp
interface.
The TMPDIR where files are downloaded when user choose to open them
needs to be accessible from sandbox and host. The default settings
TMPDIR=/tmp is accessible only to the sandbox.
To workaround for is to set TMPDIR environment variable to
$XDG_CACHE_HOME/tmp before executing Firefox.
MozReview-Commit-ID: CSBv0QcETpd
--HG--
extra : rebase_source : 8155c33fa9c402d2668bdfb07094ba6758fe6203
The FunctionBroker actors allow the NPAPI process (child) to run methods on the main process (parent). Both the parent and the child run dedicated threads for this task -- this is a top-level protocol.
--HG--
extra : histedit_source : 5e0db8d3632ccb3480f6f09a2d7ee581c44b6616
The FunctionBroker actors allow the NPAPI process (child) to run methods on the main process (parent). Both the parent and the child run dedicated threads for this task -- this is a top-level protocol.
--HG--
extra : rebase_source : 38c02140f364f32c4ea16cac79d80facf168c2f9
Historically, PSM has handled tracking NSS resources, releasing them, and
shutting down NSS in a coordinated manner (i.e. preventing races,
use-after-frees, etc.). This approach has proved intractable. This patch
introduces a new approach: have XPCOM shut down NSS after all threads have been
joined and the component manager has been shut down (and so there shouldn't be
any XPCOM objects holding NSS resources).
Note that this patch only attempts to determine if this approach will work. If
it does, we will have to go through alter and remove the remnants of the old
approach (i.e. nsNSSShutDownPreventionLock and related machinery). This will be
done in bug 1421084.
MozReview-Commit-ID: LjgEl1UZqkC
--HG--
extra : rebase_source : 95050b060a93223c6f2fce90f44e563fa6ed4fa2
This commit adds a paint worker thread pool to PaintThread, and dispatches
tiled paints to it. The thread pool is only created if tiling is enabled,
and its size is set by 'layers.omtp.paint-workers' and defaults to 1. If
-1 is specified, it will be sized to 'max((cpu_cores * 3) / 4, 1)'.
The one tricky part of dispatching tiled paints to a thread pool is the
AsyncEndLayerTransaction message that must execute once all paints are
finished. Previously, this runnable would be queued after all the paints
had been queued, ensuring it would be run after they had all completed.
With a thread pool, there is no guarantee. Instead this commit, uses
a flag on CompositorBridgeChild to signify whether all of the paints
have been queued ('mOutstandingAsyncEndLayerTransaction'), and after
every tiled paint it is examined to see if that paint was the last
paint, and if it is to run AsyncEndLayerTransaction. In addition,
if the async paints complete before we even mark the end of the
layer transaction, we queue it like normal.
The profiler markers are also complicated by using a thread pool.
I don't know of a great way to keep them working as they are per
thread, so for now I've removed them. I may have been the only
one using them anyway.
MozReview-Commit-ID: 5LIJ9GWSfCn
--HG--
extra : rebase_source : 0c26806f337a1b4b1511945f9c72e787b426c5ba
The NS_IMPL_NAMED_* macros rely on the mName field, which are not
defined on beta or release, so don't use them on those branches, so
that Firefox will build.
MozReview-Commit-ID: 9wEnPqshBJ8
--HG--
extra : rebase_source : 1ee201c1f0049b02fb57679908915920226592a2
The nsGIOService now provides GetAppsForURIScheme which is used to append handlers
for specific scheme in handler list dialog (toolkit/mozapps/handling/content/dialog.js)
and also in Applications section in preferences. In case the default system handler
or user added handler has same name as one of the GIO handlers, the GIO handler
is not appended. The check for not adding handler is by using handler name.
The nsGIOMimeApp class now implements nsIHandlerApp interface. Instead overloaded
GetName methods (nsCString and nsString) we now use nsString variant everywhere.
This require change of nsGNOMERegistry::GetFromType which if fact leads to code
simplification.
The implementation of nsGNOMEShellService::SetDefaultBrowser has been changed
because implementation of CreateAppFromCommand has changed.
The CreateAppFromCommand no longer tries to find the application,
for that FindAppFromCommand has been introduced.
MozReview-Commit-ID: KmfFWRPqV3
--HG--
extra : source : 9660ff09c2212cb7456e50cb166752f42e0a0669
extra : amend_source : 3c5fc61fe09b9b68bdfbb9683335cedd4d706744
The nsGIOService now provides GetAppsForURIScheme which is used to append handlers
for specific scheme in handler list dialog (toolkit/mozapps/handling/content/dialog.js)
and also in Applications section in preferences. In case the default system handler
or user added handler has same name as one of the GIO handlers, the GIO handler
is not appended. The check for not adding handler is by using handler name.
The nsGIOMimeApp class now implements nsIHandlerApp interface. Instead overloaded
GetName methods (nsCString and nsString) we now use nsString variant everywhere.
This require change of nsGNOMERegistry::GetFromType which if fact leads to code
simplification.
The implementation of nsGNOMEShellService::SetDefaultBrowser has been changed
because implementation of CreateAppFromCommand has changed.
The CreateAppFromCommand no longer tries to find the application,
for that FindAppFromCommand has been introduced.
MozReview-Commit-ID: KmfFWRPqV3
--HG--
extra : rebase_source : 36d254cbc45cbe6929cc469cd531211f7ddd6a64
We had to force-include Char16.h to simulate char16_t on older MSVC versions.
But it is no longer the case. We should not rebuild the world whenever we
touch this file.
MozReview-Commit-ID: 1XY7tQD8LoK
--HG--
extra : rebase_source : a08ccfc9b6a4abf90f6f8b97a42079865724c9ec
Final style cleanup:
- Comment formatting
- Move variable declarations to where they're used
- Don't set NS_OK until we finish processing
- Early exit for error conditions
--HG--
extra : rebase_source : 15e216df6b9a5ca113d2da029e999d8bccd6752b
This reduces the indentation by removing the `if(cp)` and `if(done)` blocks
and just returning early. The `if(cp)` was unnecessary as `BeginReading` will
never return nullptr.
--HG--
extra : rebase_source : e0889e65bd5d371d54783087ae22e097c8dfe4db
In theory other radixes can be passed in but we don't actually handle them.
This asserts that the radix is supported and just switches over to using 10 and
16 directly.
--HG--
extra : rebase_source : 71891302d499bfd108a5bb41626d921b3be193ce
The `haveValue` logic is no longer necessary. If we don't have a value the
result will always be 0.
--HG--
extra : rebase_source : df79cbe1dab86914873de72f0ef8fe72d3469e1a
kAutoDetect is never actually used in our codebase and makes ToInteger rather
convoluted. This removes the logic for it, the constant itself, and the
resulting dead code.
--HG--
extra : rebase_source : 0809b1d167a0c6ffcc7d45cc6f471c9d381ca303
Most subclasses of Runnable don't bother to override AddRef and
Release, so XPCOM leak checking ends up reporting Runnable, which
makes it impossible to know what is actually leaking.
Each subclass of Runnable is already required to pass in the name of
the class, which is stored in the field mName. This patch changes
Runnable to use mName as the class name for XPCOM leak checking, thus
giving each subclass a specific name without needing to change the
hundreds of existing subclasses of Runnable.
The limitation of this approach is the classes that DO use
NS_IMPL_ADDREF/RELEASE_INHERITED end up using the same class name that
is used by the superclass AddRef/Release, but with a different size,
which causes assertions in the leak checker. To work around this, I
change NS_IMPL_ADDREF/RELEASE_INHERITED to not call into
NS_LOG_ADDREF/RELEASE for classes that are a subclass of
Runnable. This needs to use IsConvertible<> and not IsBaseOf<> because
the latter requires the classes involved to be defined, and headers
can use nsISupportsImpl.h without nsThreadUtils.h.
MozReview-Commit-ID: H0pgvwQSZAE
--HG--
extra : rebase_source : 0be13fe2e649e62be1f9471fc03fac43024eb0aa
Make unlabeled runnables be the runnables we tag with extra
information, since they're the ones we want to decrease.
Note: This changes values gathered for telemetry!
It was decided in bug 1430669 that we won't enable gcc's -Wsuggest-override warnings at this time, so these ugly pragmas from bug 1428535 won't be necessary.
--HG--
extra : rebase_source : 221b1f40bb071933ad3e320ce2fa491b2a5917fb
extra : amend_source : 7fc3e6ff067aa5ae8d728e1751de3d2590d31493
If any of the promises gets resolved/rejected prior MozPromise::All completing, it would return nullptr
MozReview-Commit-ID: Lqhv2t2upvF
--HG--
extra : rebase_source : 0c85172958c00a2ac3aa0bd33e4e50dd1893c3ba
Remove the headers included for "backwards compatibility" and just include them
where required.
--HG--
extra : source : e2beba7e6875120ebbbcadf24bcbcb5b86411a94
extra : amend_source : 11f07a27431cd468511f0bd45afe36150c6e342c
Remove the headers included for "backwards compatibility" and just include them
where required.
--HG--
extra : rebase_source : 03e703a81ed4b80f4f116ff36d8787464ce5acba
This removes an unnecessary level of indirection by replacing all
nsStringGlue.h instances with just nsString.h.
--HG--
extra : rebase_source : 340989240af4018f3ebfd92826ae11b0cb46d019
The clang-cl-specific code is hitting https://bugs.llvm.org/show_bug.cgi?id=35482 on 32-bit ThinLTO builds. As far as I can tell, this workaround is no longer needed in clang-cl anyway; it should be able to support declspec(naked) etc nowadays.
Drive-by MSVC warnings fix.
--HG--
extra : rebase_source : a8b585c554674daca6d75bae66c1a1d892ed6e57
OS.File already only supports UTF-8 paths on non-Windows systems, so this
change makes our different ways of accessing file paths consistent with each
other.
MozReview-Commit-ID: 8HiC5xC8tJN
--HG--
extra : rebase_source : 24c77a2e9b4003694e8e96cffab301e7adc0b4e6
The std::nothrow variant of operator new is effectively a fallible
operator new. It is used in third party code.
The duplication with our own fallible operator new is unfortunate, and
we can reduce it by making one an alias of the other.
We keep the fallible library as a dummy on Android because bug 1423802
induces some linking problems.
--HG--
extra : rebase_source : d7b915aaafde40057e87b7ad4bbd82d348e4f12d
Back when mozalloc was a separate library, the xpcom glue code could not
use the infallible allocator API. But since bug 868814, that's not the
case anymore, so we can safely include mozalloc.h when XPCOM_GLUE is
set.
--HG--
extra : rebase_source : a8fbf8dc7020765d7287e2eb7ceaf41c99be8b18
When this was added, the xpcom glue was still a thing, and there was a
distinction between things that would build with mozalloc available and
others. There is no such distinction anymore. Anything that has access
to xpcom has access to infallible allocator functions.
--HG--
extra : rebase_source : 04bce114e940c53709275d0354ea7240df4a051e
NoteIntentionalCrash is supposed to leave a marker that a process has crashed
intentionally, but if it can't open the target file it will crash the process
itself. This can cause difficulty debugging and false-positive results for
tests expecting crashes.
MozReview-Commit-ID: CgLauJIEAKD
--HG--
extra : rebase_source : 689bfaa0e93b96f8ebbbaf31e17e80547004506f
1. nsMultiplexInputStream::Available() should not return CLOSED if one of the
streams returns this error value. Instead it must check the following
streams.
2. If a substream is async, available() should not check following streams
until that is closed.
1. nsMultiplexInputStream::Available() should not return CLOSED if one of the
streams returns this error value. Instead it must check the following
streams.
2. If a substream is async, available() should not check following streams
until that is closed.
This version of the patch hopefully causes fewer performance regressions.
It might be good to apply this and catch some more assertions.
--HG--
extra : rebase_source : b8674308d581bed4baf6f64a9dd23f2cf995028b
Now that nsArray uses nsCOMArray under the hood, we don't have to do weird
ForwardEnumeration hacks to start IndexOf at a non-zero index.
MozReview-Commit-ID: 3ReDV0BT0hn
--HG--
extra : rebase_source : 399a988d00fabaa314eb7592b2aacf277a2ca477
The users of WriteSegmentFun and ReadSegmentFun read the final out parameter
whether or not the function returns an error. We should make sure to fill it
in with a sane value.
MozReview-Commit-ID: GWDS8gENUMB
--HG--
extra : rebase_source : 0af21f525afd1f036baa15dedb7ac520e646b31e
There's no good reason why these can't be code constants.
Especially given that, due to a bug, changes to the
"idle_queue.{min,long}_period" constants were not being passed onto the C++
code!
Here's why: those two prefs were specified as integers in all.js. But we used
AddFloatVarCache() to set up the reading of those prefs. libpref fakes floats
by storing them as strings and then converting them to floats when they are
read.
Which means that AddFloatVarCache() used to fail to get the value from all.js
-- because there's a type mismatch, int vs. string -- and instead use the
fallback default. That value is the same as the one in all.js, which is lucky.
But if someone changed the value in about:config to 100 (an integer), a similar
failure would have occured and the value used by the C++ code wouldn't be
updated!
Also note that idle_queue.max_timer_thread_bound did not have a value in
all.js.
What a mess!
--HG--
extra : rebase_source : 86f8fa905163803eb95007609c029e18c2c4f586
There's no good reason why these should't just be constants. The patch also
appends "MiB" to some of the C++ values to make their meaning clearer.
This patch fixes one outright bug, and one inconsistency.
The bug is due to a prefname mismatch:
- ContentPrefs.cpp and AvailableMemoryTracker.cpp use
"memory.low_virtual_mem_threshold_mb".
- all.js uses "memory.low_virtual_memory_threshold_mb".
Which means that "memory.low_virtual_memory_threshold_mb" showed up in
about:config, but if you changed it nothing would happen because the callback
listened for changes to to "memory.low_virtual_mem_threshold_mb"!
Now for the inconsistency. The above means we actually use a value of 256 for
the virtual memory threshold, even though all.js says 128. But we *do* use a
value of 128 for the commit space threshold, because that's what all.js says
and that prefname is used correctly everywhere. The patch changes the commit
space threshold to 256 for consistency with the virtual memory threshold.
What a mess!
--HG--
extra : rebase_source : d3842c732efa9ab0e90eeb6a4f341aeb289589ed
This was originally added for b2g, where the pref had a different value.
Bug 1398033 enabled it everywhere.
--HG--
extra : rebase_source : c8bb03190cd00d25e6c2ec62a99ed8e911e08197
This removes dead code using headlessClient and lastRunCrashID in crash
reporting. headlessClient is unconditional now. nsIXULRuntime.lastRunCrashID
is not used anymore so remove code for implementing it.
MozReview-Commit-ID: AU4bUeIx3O0
Use MOZ_CRASH, MOZ_CRASH_UNSAFE_OOL, or MOZ_CRASH_UNSAFE_PRINTF instead.
MozReview-Commit-ID: 1kCCHMlgbGP
--HG--
extra : rebase_source : 2f07ced16bccebf30cd3b2b5fea35e9868d32dad
extra : source : 0bf2c8425b828e71de55dd175fd0dad635b4e67d
MOZ_CRASH_UNSAFE_PRINTF causes data collection because crash strings are annotated to crash-stats and are publicly visible. Firefox data stewards must do data review on usages of this macro. However, all the crash strings this patch collects with MOZ_CRASH_UNSAFE_PRINTF are already collected with NS_RUNTIMEABORT.
MozReview-Commit-ID: 5ujXa9MHH5Z
--HG--
extra : rebase_source : 1367e6ac3c6085341e36cb0859d91417245ea472
extra : source : 3edeb64a40afd79d5c01ae0f0d3ab2777a2e744b
It's no longer needed, now that legacy extensions aren't supported.
Pieces removed include the following.
- The "load-extension-default" observer notification.
- The code for reading defaults/preferences/*.js from extensions.
- The unit test for this stuff.
- A crash reporter annotation relating to very long prefs set by add-ons.
- All references to "ExtPrefDL".
MozReview-Commit-ID: KMBoYn3uZ3x
--HG--
extra : rebase_source : 4dc8ffd425c6cdf06806409090c4f9d04a64930b
This was created for B2G and isn't really useful otherwise. It only works on
Linux, and it's behind the memory.system_memory_reporter pref, which is false
by default.
The patch also removes LinuxUtils.{h,cpp}, which is no longer used.
--HG--
extra : rebase_source : b97a018be11a79f83855a73b88020bfa86e60f78
And remove unreachable code after MOZ_CRASH_UNSAFE_OOL().
MOZ_CRASH_UNSAFE_OOL causes data collection because crash strings are annotated to crash-stats and are publicly visible. Firefox data stewards must do data review on usages of this macro. However, all the crash strings this patch collects with MOZ_CRASH_UNSAFE_OOL are already collected with NS_RUNTIMEABORT.
MozReview-Commit-ID: IHmJfuxXSqw
--HG--
extra : rebase_source : 031f30934b58a7b87f960e57179641d44aefe5c5
extra : source : fe9f638a56a53c8721eecc4273dcc074c988546e
And remove unreachable code after MOZ_CRASH().
MozReview-Commit-ID: 6ShBtPRKYlF
--HG--
extra : rebase_source : 0fe45a59411bda663828336e2686707b550144ae
extra : source : 8473fd7333d2abe1ea1cc176510c292a5b34df45
Now that xpcom strings use templates we can combine their `ArenaStrdup`
implementations. `nsTStringRepr` is used so as to allow handling of both
`nsTLiteralString` and `nsTSubstring` types.
--HG--
extra : rebase_source : e77891da589f320507b45f524a3203b3dc9f38e6
extra : histedit_source : 79d3b9a1add191563e0985f0c0e416bd29f24351
This adds support for duplicating both raw `char*` strings and raw `char16_t*`
strings by making the character type generic.
--HG--
extra : rebase_source : bb5245ed71161c8c785684e5a56ac894f03874ea
extra : histedit_source : e94eb738a3982f0cb63a894a0cdfbdf0be2b9cad
Removes the XPCOM interface for nsIDOMHTMLMenuItemElement, replacing it
with binding class usage.
MozReview-Commit-ID: 9HtCmwKyV1W
--HG--
extra : rebase_source : d56ee91a46d48c9d8698765b520a585361813a26
It's a sub-class of nsAtom, useful for cases where you know you are dealing
exclusively with static atoms. The nice thing about it is that you can use
raw nsStaticAtom pointers instead of RefPtr<>. (In fact, the AddRef/Release
implementations ensure that we'll crash if we use RefPtr<nsStaticAtom>.)
MozReview-Commit-ID: 4Q6QHX5h44V
--HG--
extra : rebase_source : e4237f85b4821b684db0ef84d1f9c5e17cdee428
We can save the entry in the hashtable, and then re-use that entry as a
starting point for removing from the hashtable, should that become
necessary. This saves us having to rehash things, at a minimum.
Right now, NS_GENERIC_FACTORY_SINGLETON_CONSTRUCTOR expects singleton
constructors to return already-addrefed raw pointers, and while it accepts
constructors that return already_AddRefed, most existing don't do so.
Meanwhile, the convention elsewhere is that a raw pointer return value is
owned by the callee, and that the caller needs to addref it if it wants to
keep its own reference to it.
The difference in convention makes it easy to leak (I've definitely caused
more than one shutdown leak this way), so it would be better if we required
the singleton getters to return an explicit already_AddRefed, which would
behave the same for all callers.
This also cleans up several singleton constructors that left a dangling
pointer to their singletons when their initialization methods failed, when
they released their references without clearing their global raw pointers.
MozReview-Commit-ID: 9peyG4pRYcr
--HG--
extra : rebase_source : 2f5bd89c17cb554541be38444672a827c1392f3f