Bug 1237201 part 2 - Handle Vector OOM in gfx/. r=jrmuizel,kats
authorJan de Mooij <jdemooij@mozilla.com>
Thu, 14 Jan 2016 15:19:16 +0100
changeset 279976 96f5d3e2f0d3c0d51379006ab29ae964025b17d3
parent 279975 9a062cdf1c8a4ea9c6a8458f6baabae655b42f4b
child 279977 2ebafa1c0eee604355b6acbc37270c668f6889f1
push id70281
push userjandemooij@gmail.com
push dateThu, 14 Jan 2016 14:18:23 +0000
treeherdermozilla-inbound@cdd2accc2d1a [default view] [failures only]
perfherder[talos] [build metrics] [platform microbench] (compared to previous push)
reviewersjrmuizel, kats
bugs1237201
milestone46.0a1
first release with
nightly linux32
nightly linux64
nightly mac
nightly win32
nightly win64
last release without
nightly linux32
nightly linux64
nightly mac
nightly win32
nightly win64
Bug 1237201 part 2 - Handle Vector OOM in gfx/. r=jrmuizel,kats
gfx/2d/Preferences.cpp
gfx/2d/SFNTData.cpp
gfx/2d/SFNTNameTable.cpp
gfx/layers/apz/src/AsyncPanZoomController.cpp
gfx/thebes/gfxUtils.cpp
--- a/gfx/2d/Preferences.cpp
+++ b/gfx/2d/Preferences.cpp
@@ -26,17 +26,19 @@ static Vector<Int32Pref>& Int32Prefs()
   return *sInt32Prefs;
 }
 
 /* static */
 int32_t
 PreferenceAccess::RegisterLivePref(const char* aName, int32_t* aVar,
                                    int32_t aDefault)
 {
-  Int32Prefs().append(Int32Pref{ aName, aVar });
+  if (!Int32Prefs().append(Int32Pref{ aName, aVar })) {
+    MOZ_CRASH();
+  }
   return aDefault;
 }
 
 /* static */
 void
 PreferenceAccess::SetAccess(PreferenceAccess* aAccess)
 {
   sAccess = aAccess;
@@ -52,9 +54,9 @@ PreferenceAccess::SetAccess(PreferenceAc
 
   for (Int32Pref pref : Int32Prefs()) {
     sAccess->LivePref(pref.name, pref.varPtr, *pref.varPtr);
   }
   Int32Prefs().clearAndFree();
 }
 
 } // namespace gfx
-} // namespace mozilla
\ No newline at end of file
+} // namespace mozilla
--- a/gfx/2d/SFNTData.cpp
+++ b/gfx/2d/SFNTData.cpp
@@ -189,17 +189,19 @@ bool
 SFNTData::GetU16FullNames(Vector<mozilla::u16string>& aU16FullNames)
 {
   bool fontFound = false;
   for (size_t i = 0; i < mFonts.length(); ++i) {
     mozilla::u16string name;
     if (mFonts[i]->GetU16FullName(name)) {
       fontFound = true;
     }
-    aU16FullNames.append(Move(name));
+    if (!aU16FullNames.append(Move(name))) {
+      return false;
+    }
   }
 
   return fontFound;
 }
 
 bool
 SFNTData::GetIndexForU16Name(const mozilla::u16string& aU16FullName,
                              uint32_t* aIndex)
--- a/gfx/2d/SFNTNameTable.cpp
+++ b/gfx/2d/SFNTNameTable.cpp
@@ -123,47 +123,55 @@ IsUTF16Encoding(const NameRecord *aNameR
 }
 
 static NameRecordMatchers*
 CreateCanonicalU16Matchers(const BigEndianUint16& aNameID)
 {
   NameRecordMatchers *matchers = new NameRecordMatchers();
 
   // First, look for the English name (this will normally succeed).
-  matchers->append(
+  if (!matchers->append(
     [=](const NameRecord *aNameRecord) {
         return aNameRecord->nameID == aNameID &&
                aNameRecord->languageID == CANONICAL_LANG_ID &&
                aNameRecord->platformID == PLATFORM_ID &&
                IsUTF16Encoding(aNameRecord);
-    });
+    })) {
+    MOZ_CRASH();
+  }
 
   // Second, look for all languages.
-  matchers->append(
+  if (!matchers->append(
     [=](const NameRecord *aNameRecord) {
         return aNameRecord->nameID == aNameID &&
                aNameRecord->platformID == PLATFORM_ID &&
                IsUTF16Encoding(aNameRecord);
-    });
+    })) {
+    MOZ_CRASH();
+  }
 
 #if defined(XP_MACOSX)
   // On Mac may be dealing with font that only has Microsoft name entries.
-  matchers->append(
+  if (!matchers->append(
     [=](const NameRecord *aNameRecord) {
         return aNameRecord->nameID == aNameID &&
                aNameRecord->languageID == LANG_ID_MICROSOFT_EN_US &&
                aNameRecord->platformID == PLATFORM_ID_MICROSOFT &&
                IsUTF16Encoding(aNameRecord);
-    });
-  matchers->append(
+    })) {
+    MOZ_CRASH();
+  }
+  if (!matchers->append(
     [=](const NameRecord *aNameRecord) {
         return aNameRecord->nameID == aNameID &&
                aNameRecord->platformID == PLATFORM_ID_MICROSOFT &&
                IsUTF16Encoding(aNameRecord);
-    });
+    })) {
+    MOZ_CRASH();
+  }
 #endif
 
   return matchers;
 }
 
 static const NameRecordMatchers&
 FullNameMatchers()
 {
--- a/gfx/layers/apz/src/AsyncPanZoomController.cpp
+++ b/gfx/layers/apz/src/AsyncPanZoomController.cpp
@@ -511,19 +511,21 @@ public:
       APZC_LOG("%p ending fling animation. overscrolled=%d\n", &mApzc, mApzc.IsOverscrolled());
       // This APZC or an APZC further down the handoff chain may be be overscrolled.
       // Start a snap-back animation on the overscrolled APZC.
       // Note:
       //   This needs to be a deferred task even though it can safely run
       //   while holding mMonitor, because otherwise, if the overscrolled APZC
       //   is this one, then the SetState(NOTHING) in UpdateAnimation will
       //   stomp on the SetState(SNAP_BACK) it does.
-      mDeferredTasks.append(NewRunnableMethod(mOverscrollHandoffChain.get(),
-                                              &OverscrollHandoffChain::SnapBackOverscrolledApzc,
-                                              &mApzc));
+      if (!mDeferredTasks.append(NewRunnableMethod(mOverscrollHandoffChain.get(),
+                                                   &OverscrollHandoffChain::SnapBackOverscrolledApzc,
+                                                   &mApzc))) {
+        MOZ_CRASH();
+      }
       return false;
     }
 
     // AdjustDisplacement() zeroes out the Axis velocity if we're in overscroll.
     // Since we need to hand off the velocity to the tree manager in such a case,
     // we save it here. Would be ParentLayerVector instead of ParentLayerPoint
     // if we had vector classes.
     ParentLayerPoint velocity = mApzc.GetVelocityVector();
@@ -562,21 +564,23 @@ public:
       // there is an APZC further in the handoff chain which is pannable; if
       // there isn't, we take the new fling ourselves, entering an overscrolled
       // state.
       // Note: APZC is holding mMonitor, so directly calling
       // HandleFlingOverscroll() (which acquires the tree lock) would violate
       // the lock ordering. Instead we schedule HandleFlingOverscroll() to be
       // called after mMonitor is released.
       APZC_LOG("%p fling went into overscroll, handing off with velocity %s\n", &mApzc, Stringify(velocity).c_str());
-      mDeferredTasks.append(NewRunnableMethod(&mApzc,
-                                              &AsyncPanZoomController::HandleFlingOverscroll,
-                                              velocity,
-                                              mOverscrollHandoffChain,
-                                              mScrolledApzc));
+      if (!mDeferredTasks.append(NewRunnableMethod(&mApzc,
+                                                   &AsyncPanZoomController::HandleFlingOverscroll,
+                                                   velocity,
+                                                   mOverscrollHandoffChain,
+                                                   mScrolledApzc))) {
+        MOZ_CRASH();
+      }
 
       // If there is a remaining velocity on this APZC, continue this fling
       // as well. (This fling and the handed-off fling will run concurrently.)
       // Note that AdjustDisplacement() will have zeroed out the velocity
       // along the axes where we're overscrolled.
       return !IsZero(mApzc.GetVelocityVector());
     }
 
@@ -791,19 +795,21 @@ public:
       // that this is not noticeable. The target APZC is chosen by seeing if
       // there is an APZC further in the handoff chain which is pannable; if
       // there isn't, we take the new fling ourselves, entering an overscrolled
       // state.
       // Note: APZC is holding mMonitor, so directly calling
       // HandleSmoothScrollOverscroll() (which acquires the tree lock) would violate
       // the lock ordering. Instead we schedule HandleSmoothScrollOverscroll() to be
       // called after mMonitor is released.
-      mDeferredTasks.append(NewRunnableMethod(&mApzc,
-                                              &AsyncPanZoomController::HandleSmoothScrollOverscroll,
-                                              velocity));
+      if (!mDeferredTasks.append(NewRunnableMethod(&mApzc,
+                                                   &AsyncPanZoomController::HandleSmoothScrollOverscroll,
+                                                   velocity))) {
+        MOZ_CRASH();
+      }
 
       return false;
     }
 
     return true;
   }
 
   void SetDestination(const nsPoint& aNewDestination) {
--- a/gfx/thebes/gfxUtils.cpp
+++ b/gfx/thebes/gfxUtils.cpp
@@ -1192,17 +1192,19 @@ EncodeSourceSurfaceInternal(SourceSurfac
     return NS_ERROR_OUT_OF_MEMORY;
   }
   uint32_t numReadThisTime = 0;
   while ((rv = imgStream->Read(imgData.begin() + imgSize,
                                bufSize - imgSize,
                                &numReadThisTime)) == NS_OK && numReadThisTime > 0)
   {
     // Update the length of the vector without overwriting the new data.
-    imgData.growByUninitialized(numReadThisTime);
+    if (!imgData.growByUninitialized(numReadThisTime)) {
+      return NS_ERROR_OUT_OF_MEMORY;
+    }
 
     imgSize += numReadThisTime;
     if (imgSize == bufSize) {
       // need a bigger buffer, just double
       bufSize *= 2;
       if (!imgData.resizeUninitialized(bufSize)) {
         return NS_ERROR_OUT_OF_MEMORY;
       }