Closed Bug 1534421 Opened 6 years ago Closed 6 years ago

Make the CAN_RUN_SCRIPT analysis treat dereferences of pointer-typed args of CAN_RUN_SCRIPT functions as live

Categories

(Developer Infrastructure :: Source Code Analysis, enhancement)

Product:
Developer Infrastructure
Component:
Source Code Analysis
Type:
enhancement
Priority:
Not set
Severity:
normal

Tracking

(firefox67 fixed)

Status:
RESOLVED FIXED
Milestone:
mozilla67
Tracking Flags:
Tracking Status
firefox67 --- fixed

People

(Reporter: bzbarsky, Assigned: bzbarsky)

Details

Attachments

(2 files)

Attempted fix.
2.20 KB, patch
Details | Diff | Splinter Review
Bug 1534421. Fix the CAN_RUN_SCRIPT analysis to treat a deref of an arg as live if it would treat the arg as live. r=andi
47 bytes, text/x-phabricator-request
Details | Review
Attached patch Attempted fix.Splinter Review

Consider this case:

  MOZ_CAN_RUN_SCRIPT
  void foo(Arg& arg) {}

  MOZ_CAN_RUN_SCRIPT
  void bar(Arg* arg) {
    foo(*arg);
  }

ideally this would pass the analysis. Right now it doesn't, and my attempt to fix the analysis to allow it doesn't seem to work: the unaryDereferenceOperator() does match, but the hasUnaryOperand(declRefExpr()) bit does not (even if I take out the to(...) bits).

Flags: needinfo?(bpostelnicu)

I found the clang analysis docs. This all makes a lot more sense now. ;)

Assignee: nobody → bzbarsky
Flags: needinfo?(bpostelnicu)
Pushed by bzbarsky@mozilla.com: https://hg.mozilla.org/integration/autoland/rev/f65aaa2a97bb Fix the CAN_RUN_SCRIPT analysis to treat a deref of an arg as live if it would treat the arg as live. r=andi

https://hg.mozilla.org/mozilla-central/rev/f65aaa2a97bb

Status: NEW → RESOLVED
Closed: 6 years ago
status-firefox67: --- → fixed
Resolution: --- → FIXED
Target Milestone: --- → mozilla67
Product: Firefox Build System → Developer Infrastructure
You need to log in before you can comment on or make changes to this bug.

Attachment

General

Creator:
Created:
Updated:
Size: