On 11/27/17 7:45 PM, Eric Rescorla wrote:
As for the lifetime question, can you elaborate on the scenario you are
concerned about.
Olli may have a different concern, but I'm thinking something like this:
for (auto foo : myFoos) {
foo->bar();
}
where bar() can run arbitrary script. Is "foo" held alive across that
call? Who knows; you have to go read the definition of the iterators on
the type of myFoos to find out.
One possible answer is that the right solution for this type of issue is
the MOZ_CAN_RUN_SCRIPT static analysis annotation on bar(), which will
make this code not compile if the type of "foo" is a raw pointer....
But this annotation is only added to a few functions in our codebase so
far, and we'll see how well we manage at adding it to more. We have a
_lot_ of stuff in our codebase that can run random script. :(
-Boris
_______________________________________________
dev-platform mailing list
dev-platform@lists.mozilla.org
https://lists.mozilla.org/listinfo/dev-platform
