Bug 1421345 - Check the canary during allocations. r=jet a=gchang
☠☠ backed out by fae7c41d40fd ☠ ☠
authorMatt Woodrow <mwoodrow@mozilla.com>
Mon, 15 Jan 2018 21:12:57 +1300
changeset 445674 814254bd1eb76533621eea0700d0182aa3121350
parent 445673 4c230b89e05e6a4d87d3f26e2ca862dd59e617d0
child 445675 fae7c41d40fd8ddb4d6d0ade34af7c75fef0e4d5
push id1624
push userarchaeopteryx@coole-files.de
push dateMon, 15 Jan 2018 11:39:32 +0000
treeherdermozilla-release@814254bd1eb7 [default view] [failures only]
perfherder[talos] [build metrics] [platform microbench] (compared to previous push)
reviewersjet, gchang
bugs1421345
milestone58.0
Bug 1421345 - Check the canary during allocations. r=jet a=gchang
xpcom/ds/ArenaAllocator.h
--- a/xpcom/ds/ArenaAllocator.h
+++ b/xpcom/ds/ArenaAllocator.h
@@ -170,17 +170,19 @@ private:
 
     /**
      * Allocates a chunk of memory out of the arena and advances the offset.
      */
     void* Allocate(size_t aSize)
     {
       MOZ_ASSERT(aSize <= Available());
       char* p = reinterpret_cast<char*>(header.offset);
+      MOZ_RELEASE_ASSERT(p);
       header.offset += aSize;
+      canary.Check();
       MOZ_MAKE_MEM_UNDEFINED(p, aSize);
       return p;
     }
 
     /**
      * Calculates the amount of space available for allocation in this chunk.
      */
     size_t Available() const {