Closed Bug 808679 Opened 7 years ago Closed 6 years ago

Vector::Range::front should assert that the range isn't empty

Categories

(Core :: JavaScript Engine, defect)

defect
Not set

Tracking

()

RESOLVED FIXED
mozilla30

People

(Reporter: Waldo, Assigned: cpeterson)

Details

Attachments

(1 file)

No description provided.
I think this bug is already fixed.
I found assertion in builtin/MapObject.cpp:417.

        T &front() {
            MOZ_ASSERT(valid());
            MOZ_ASSERT(!empty());
            return ht.data[i].element;
        }
Attached patch 808679.patchSplinter Review
* As reported, assert Range is not empty in Vector::Range::front.

* Change Vector::Range::remain from bare pointer subtraction to PointerRangeSize.

* Add srcbeg <= srcend range asserts to some other Vector functions. Technically, these functions do handle the srcbeg > srcend case, but is that a reasonable use case?
Assignee: general → cpeterson
Status: NEW → ASSIGNED
Attachment #8376856 - Flags: review?(jwalden+bmo)
Comment on attachment 8376856 [details] [diff] [review]
808679.patch

Review of attachment 8376856 [details] [diff] [review]:
-----------------------------------------------------------------

Looks plausible.  I wonder whether additional non-overlapping-ness assertions might also be useful anywhere here, on a second look, but not worth bikeshedding into a delay of this.
Attachment #8376856 - Flags: review?(jwalden+bmo) → review+
https://hg.mozilla.org/mozilla-central/rev/61834b158c73
Status: ASSIGNED → RESOLVED
Closed: 6 years ago
Resolution: --- → FIXED
Target Milestone: --- → mozilla30
You need to log in before you can comment on or make changes to this bug.