bug 967629 - don't release any nsNSSShutDownObject in any destructorSafeDestroyNSSReference r=cviecco
--- a/security/manager/ssl/src/nsNSSCertCache.cpp
+++ b/security/manager/ssl/src/nsNSSCertCache.cpp
@@ -30,17 +30,16 @@ nsNSSCertCache::~nsNSSCertCache()
void nsNSSCertCache::virtualDestroyNSSReference()
{
destructorSafeDestroyNSSReference();
}
void nsNSSCertCache::destructorSafeDestroyNSSReference()
{
- mCertList = nullptr;
}
NS_IMETHODIMP
nsNSSCertCache::CacheAllCerts()
{
nsNSSShutDownPreventionLock locker;
if (isAlreadyShutDown())
return NS_ERROR_NOT_AVAILABLE;
--- a/security/manager/ssl/src/nsNSSShutDown.h
+++ b/security/manager/ssl/src/nsNSSShutDown.h
@@ -196,16 +196,21 @@ protected:
destructorSafeDestroyNSSReference() does not need to acquire an
nsNSSShutDownPreventionLock or check isAlreadyShutDown() as long as it
is only called by the destructor that has already acquired the lock and
checked for shutdown or by the NSS shutdown code itself (which acquires
the same lock and checks if objects it cleans up have already cleaned
up themselves).
+ destructorSafeDestroyNSSReference() MUST NOT cause any other
+ nsNSSShutDownObject to be deconstructed. Doing so can cause
+ unsupported concurrent operations on the hash table in the
+ nsNSSShutDownList.
+
class derivedClass : public nsISomeInterface,
public nsNSSShutDownObject
{
virtual void virtualDestroyNSSReference()
{
destructorSafeDestroyNSSReference();
}
--- a/toolkit/identity/IdentityCryptoService.cpp
+++ b/toolkit/identity/IdentityCryptoService.cpp
@@ -151,17 +151,16 @@ private:
virtual void virtualDestroyNSSReference() MOZ_OVERRIDE
{
destructorSafeDestroyNSSReference();
}
void destructorSafeDestroyNSSReference()
{
- mKeyPair = nullptr;
}
const KeyType mKeyType; // in
nsMainThreadPtrHandle<nsIIdentityKeyGenCallback> mCallback; // in
nsresult mRv; // out
nsCOMPtr<KeyPair> mKeyPair; // out
KeyGenRunnable(const KeyGenRunnable &) MOZ_DELETE;