Closed Bug 737412 Opened 8 years ago Closed 8 years ago
THashtable and ns Base Hashtable memory reporter functions crash if given a null size Of Entry Excluding This function
The comments in nsBaseHashtable.h and nsTHashtable.h imply that it would be OK to call SizeOfExcludingThis() with a null sizeOfEntryExcludingThis: http://mxr.mozilla.org/mozilla-central/source/xpcom/glue/nsBaseHashtable.h#263 263 * Measure the size of the table's entry storage, and if 264 * |sizeOfEntryExcludingThis| is non-nsnull, measure the size of things pointed 265 * to by entries. and similarly at http://mxr.mozilla.org/mozilla-central/source/xpcom/glue/nsTHashtable.h#277. However, the s_SizeOfStub functions in those classes actually call the provided sizeOfEntryExcludingThis pointer *without* checking that it is non-null, and will therefore crash.
Attachment #607538 - Flags: review?(n.nethercote)
Apologies for the false advertising! Your patch works, but I'd rather handle the NULL case within SizeOfExcludingThis instead of in s_SizeOfStub, as the attached patch does. IMHO it's easier to understand, and it doesn't result in unnecessary enumeration of the hash table in the NULL case. (BTW, I've tested this lightly in a trunk build, but not with any code that passes in NULL. I assume your patch in bug 688125 needs this? Could you please test this patch with that patch?)
Attachment #607775 - Flags: review?(jfkthame)
Attachment #607538 - Flags: review?(n.nethercote) → review-
Comment on attachment 607775 [details] [diff] [review] alternative patch Review of attachment 607775 [details] [diff] [review]: ----------------------------------------------------------------- Looks fine. The second patch (forthcoming...) in bug 688125 will rely on this behavior, so I'll test it together with that, but I'm confident it'll work as required.
Attachment #607775 - Flags: review?(jfkthame) → review+
Target Milestone: --- → mozilla14
One of the patches in this push caused winxp debug mochitests to perma-hang in test_memoryReporters.xul. Backed the entire push out. https://hg.mozilla.org/integration/mozilla-inbound/rev/d0dfb71a2df9
Assignee: nobody → n.nethercote
I don't think this patch can be the culprit there, so I re-landed it: https://hg.mozilla.org/integration/mozilla-inbound/rev/220f36e7f9f7
Status: NEW → RESOLVED
Closed: 8 years ago
Resolution: --- → FIXED
You need to log in before you can comment on or make changes to this bug.