Closed Bug 621153 Opened 13 years ago Closed 12 years ago

Add JS_ALWAYS_TRUE markers to ValueToNumber() for cases where it should be so

Categories

(Core :: JavaScript Engine, enhancement)

Product:
Core
Component:
JavaScript Engine
Type:
enhancement
Priority:
Not set
Severity:
normal

Tracking

()

Status:
RESOLVED FIXED

People

(Reporter: timeless, Assigned: timeless)

References

(Blocks 1 open bug)

Details

(Keywords: coverity, Whiteboard: fixed-in-tracemonkey)

Attachments

(1 file)

patch
3.25 KB, patch
jorendorff
: review+
Details | Diff | Splinter Review 
Coverity complains that 11/80 calls to ValueToNumber() aren't checked for failure. There are generally checks before the calls which ensure that the Value is safe, but it'd be nice for coverity and friends to understand this (or for anyone reading the code), adding JS_ALWAYS_TRUE() addreses this.

an example:

816 mjit::Compiler::generateMethod()
1132           BEGIN_CASE(JSOP_NEG)
1133           {
1134             FrameEntry *top = frame.peek(-1);
1135             if (top->isConstant() && top->getValue().isPrimitive()) {
1136                 double d;
1137                 ValueToNumber(cx, top->getValue(), &d);
Attached patch patchSplinter Review 
Assignee: general → timeless
Status: NEW → ASSIGNED

        Attachment #499513 -
        Flags: review?(jorendorff)

    
    

    
  
Comment on attachment 499513 [details] [diff] [review]
patch

Review of attachment 499513 [details] [diff] [review]:

Another righteous patch. Thanks, r=me.

        Attachment #499513 -
        Flags: review?(jorendorff) → review+

    
  
Keywords: checkin-needed

    
    

    
  
Un-bitrotted & landed: http://hg.mozilla.org/tracemonkey/rev/21d23a346b22
Keywords: checkin-needed
Whiteboard: fixed-in-tracemonkey

    
    

    
  
http://hg.mozilla.org/mozilla-central/rev/21d23a346b22
Status: ASSIGNED → RESOLVED
Closed: 12 years ago
Resolution: --- → FIXED

          You need to log in
          before you can comment on or make changes to this bug.