Closed Bug 505858 Opened 15 years ago Closed 15 years ago

NSS_RegisterShutdown can return without unlocking nssShutdownList.lock

Categories

(NSS :: Libraries, defect, P2)

Product:
NSS
Component:
Libraries
Type:
defect

Tracking

(Not tracked)

Status:
RESOLVED FIXED
Milestone:
3.12.4

People

(Reporter: timeless, Assigned: nelson)

References

(
URL
)

Details

(Keywords: coverity, hang)

Attachments

(1 file)

Patch v1 for NSS Trunk
576 bytes, patch
julien.pierre
: review+
Details | Diff | Splinter Review 
748     PZ_Lock(nssShutdownList.lock);

753         PZ_Unlock(nssShutdownList.lock);
754         PORT_SetError(SEC_ERROR_LIBRARY_FAILURE);
755         return SECFailure;

762         PZ_Unlock(nssShutdownList.lock);
763         return SECSuccess;

bad:
771         if (!funcs) {
772             return SECFailure;

780     PZ_Unlock(nssShutdownList.lock);
781     return SECSuccess;
Timeless, I'm curious about something.  All these coverity reports you're 
filing today are new issues, not previously reported in previous coverity 
runs.  But they're issues in OLD code.  So, why are they only now being 
reported for the first time?  Has Coverity been improving its analysis?
Assignee: nobody → nelson
Severity: critical → normal
Priority: -- → P2
Target Milestone: --- → 3.12.4
This should do it.
Attachment #390116 - Flags: review?(julien.pierre.boogz)
scan.coverity.com was running 2.4, i'm using 4.3.

2.4 was configured with a bunch of checkers off because the noise level of the checkers at the time was considered likely to be too high for people to tolerate - their goal was to get people to use their checkers and used to things, as people got the bug count down, and if people were responsive, they could enable other checkers and tune them.

also, scan.coverity.com's scans got stuck around november of last year. we're going to get a 5.0 on scan with continual builds soon, at which point i'll stop filing based on my 4.3 (which happens to include some **** patches to gecko).

to answer your question, yes 4.3's analysis is better than 2.4's and 5.0's will be better than 4.3's.

note that there are still many noisy checkers, so running with all of them will give you a headache, and letting people who don't know what they're doing look at coverity will also give you a headache.

as to why i'm doing coverity work now, when i've in theory had access to 4.3 for months... well, it's summer and people aren't bothering me, so i figured why not (plus the tree isn't cooperating with patch pushing).
Attachment #390116 - Flags: review?(julien.pierre.boogz) → review+
Checking in nssinit.c; new revision: 1.99; previous revision: 1.98
Status: NEW → RESOLVED
Closed: 15 years ago
Resolution: --- → FIXED
You need to log in before you can comment on or make changes to this bug.

Attachment

General

Creator:
Created:
Updated:
Size: