Closed
Bug 828502
Opened 12 years ago
Closed 12 years ago
nsMainThreadPtrHandle can be initialized with a nullptr, and ::get() will crash on it
Categories
(Core :: XPCOM, defect)
Tracking
()
People
(Reporter: mikeh, Assigned: mikeh)
References
Details
Attachments
(1 file, 1 obsolete file)
1.34 KB,
patch
|
mikeh
:
review+
|
Details | Diff | Splinter Review |
The attached patch fixes this problem, and adds an NS_WARNING to the otherwise-blind MOZ_CRASH() call.
Attachment #699905 -
Flags: review?(bobbyholley+bmo)
Comment 1•12 years ago
|
||
Comment on attachment 699905 [details] [diff] [review]
fix
Review of attachment 699905 [details] [diff] [review]:
-----------------------------------------------------------------
r=bholley with comments addressed.
::: xpcom/glue/nsProxyRelease.h
@@ +129,5 @@
>
> T* get() {
> // Nobody should be touching the raw pointer off-main-thread.
> + if (MOZ_UNLIKELY(!NS_IsMainThread())) {
> + NS_WARNING("Attempt to get() raw from nsMainThreadPtrHolder off main thread!");
Make this "Can't dereference nsMainThreadPtrHolder off main thread".
@@ +173,5 @@
> operator nsMainThreadPtrHolder<T>*() { return mPtr.get(); }
>
> // These all call through to nsMainThreadPtrHolder, and thus implicitly
> // assert that we're on the main thread. Off-main-thread consumers must treat
> // these handles as opaque.
Now that get() is no longer guaranteed to go through nsMainThreadPtrHolder, we no longer get deterministic crashes for off-main-thread usage, so people may not notice the problem if their pointers happen to be null. At the same time, another release-mode check is hardly ideal. So how about adding a MOZ_ASSERT that we're on the main thread in this function?
@@ +176,5 @@
> // assert that we're on the main thread. Off-main-thread consumers must treat
> // these handles as opaque.
> + T* get()
> + {
> + if (mPtr.get()) {
Again, no need to .get() COMPtrs/RefPtrs for most purposes, including boolean tests.
Attachment #699905 -
Flags: review?(bobbyholley+bmo) → review+
Assignee | ||
Comment 2•12 years ago
|
||
Addressing feedback from review, carrying r+ forward.
Attachment #699905 -
Attachment is obsolete: true
Attachment #700045 -
Flags: review+
Comment 4•12 years ago
|
||
Comment 5•12 years ago
|
||
Status: NEW → RESOLVED
Closed: 12 years ago
Resolution: --- → FIXED
Target Milestone: --- → mozilla21
Assignee | ||
Comment 6•12 years ago
|
||
Assignee | ||
Comment 7•12 years ago
|
||
Back out due to b2g18 bustage: https://hg.mozilla.org/releases/mozilla-b2g18/rev/47f713c2fb4c
Assignee | ||
Comment 8•12 years ago
|
||
(Once more, with feeling!)
https://hg.mozilla.org/releases/mozilla-b2g18/rev/dcc9202c0fff
Updated•12 years ago
|
status-b2g18:
--- → fixed
status-firefox19:
--- → wontfix
status-firefox20:
--- → wontfix
status-firefox21:
--- → fixed
You need to log in
before you can comment on or make changes to this bug.
Description
•