Closed Bug 619777 Opened 10 years ago Closed 9 years ago

obj_toSource guard of IS_SHARP instead of !ida confuses coverity

Categories

(Core :: JavaScript Engine, enhancement)

x86
Windows 7
enhancement
Not set
normal

Tracking

()

RESOLVED FIXED
mozilla6

People

(Reporter: timeless, Assigned: timeless)

References

(Blocks 1 open bug, )

Details

(Keywords: coverity)

Attachments

(1 file)

473 obj_toSource(JSContext *cx, uintN argc, Value *vp)
478     JSIdArray *ida;
498     if (!obj || !(he = js_EnterSharpObject(cx, obj, &ida, &chars))) {
500         goto out;

there's a condition here, but coverity can't reason it:
502     if (IS_SHARP(he)) {

here we assert that !ida is roughly equivalent to IS_SHARP(he):
508         JS_ASSERT(!ida);
517         goto make_string;
518     }

here we assert that ida is roughly equivalent to !IS_SHARP(he):
519     JS_ASSERT(ida);

if the guard on line 502 is ida (and ida is initialized on 478) then coverity (and friends) should be able to reason that ida isn't leaked in this function.
Attached patch proposalSplinter Review
Assignee: general → timeless
Status: NEW → ASSIGNED
Attachment #498206 - Flags: review?(jorendorff)
Comment on attachment 498206 [details] [diff] [review]
proposal

Review of attachment 498206 [details] [diff] [review]:

Sure, ok.
Attachment #498206 - Flags: review?(jorendorff) → review+
Keywords: checkin-needed
http://hg.mozilla.org/projects/cedar/rev/284c22ed4b17
Keywords: checkin-needed
Whiteboard: [fixed-in-cedar]
Target Milestone: --- → mozilla6
http://hg.mozilla.org/mozilla-central/rev/284c22ed4b17
Status: ASSIGNED → RESOLVED
Closed: 9 years ago
Flags: in-testsuite-
Resolution: --- → FIXED
Whiteboard: [fixed-in-cedar]
You need to log in before you can comment on or make changes to this bug.