Closed Bug 621153 Opened 9 years ago Closed 9 years ago

Add JS_ALWAYS_TRUE markers to ValueToNumber() for cases where it should be so

Categories

(Core :: JavaScript Engine, enhancement)

enhancement
Not set

Tracking

()

RESOLVED FIXED

People

(Reporter: timeless, Assigned: timeless)

References

(Blocks 1 open bug)

Details

(Keywords: coverity, Whiteboard: fixed-in-tracemonkey)

Attachments

(1 file)

Coverity complains that 11/80 calls to ValueToNumber() aren't checked for failure. There are generally checks before the calls which ensure that the Value is safe, but it'd be nice for coverity and friends to understand this (or for anyone reading the code), adding JS_ALWAYS_TRUE() addreses this.

an example:

816 mjit::Compiler::generateMethod()
1132           BEGIN_CASE(JSOP_NEG)
1133           {
1134             FrameEntry *top = frame.peek(-1);
1135             if (top->isConstant() && top->getValue().isPrimitive()) {
1136                 double d;
1137                 ValueToNumber(cx, top->getValue(), &d);
Attached patch patchSplinter Review
Assignee: general → timeless
Status: NEW → ASSIGNED
Attachment #499513 - Flags: review?(jorendorff)
Comment on attachment 499513 [details] [diff] [review]
patch

Review of attachment 499513 [details] [diff] [review]:

Another righteous patch. Thanks, r=me.
Attachment #499513 - Flags: review?(jorendorff) → review+
Keywords: checkin-needed
Un-bitrotted & landed: http://hg.mozilla.org/tracemonkey/rev/21d23a346b22
Keywords: checkin-needed
Whiteboard: fixed-in-tracemonkey
http://hg.mozilla.org/mozilla-central/rev/21d23a346b22
Status: ASSIGNED → RESOLVED
Closed: 9 years ago
Resolution: --- → FIXED
You need to log in before you can comment on or make changes to this bug.