Possible bad null-check in mjit::Compiler::performCompilation()

RESOLVED FIXED in mozilla12

Status

()

Core
JavaScript Engine
RESOLVED FIXED
6 years ago
6 years ago

People

(Reporter: Dolske, Assigned: dmandelin)

Tracking

(Blocks: 1 bug)

unspecified
mozilla12
Points:
---

Firefox Tracking Flags

(Not tracked)

Details

(Whiteboard: [pvs-studio])

Attachments

(1 attachment)

(Reporter)

Description

6 years ago
From http://www.viva64.com/en/a/0078/

Example 4. Checking a pointer for NULL only after it had been used

CompileStatus
mjit::Compiler::performCompilation(JITScript **jitp)
{
  ...
  JaegerSpew(JSpew_Scripts,
    "successfully compiled (code \"%p\") (size \"%u\")\n",
    (*jitp)->code.m_code.executableAddress(),
    unsigned((*jitp)->code.m_size));

  if (!*jitp)
      return Compile_Abort;
  ...
}

PVS-Studio diagnostic message: V595 The '* jitp' pointer was utilized before it was verified against nullptr. Check lines: 547, 549. compiler.cpp 547

By the way, using a pointer before checking it is a wide-spread error. This was one more example of this kind.
(Reporter)

Updated

6 years ago
Blocks: 710966
(Assignee)

Comment 1

6 years ago
Created attachment 582111 [details] [diff] [review]
Patch

False positive/nit: finishThisUp returns Okay only iff *jitp is non-null.
Assignee: general → dmandelin
Attachment #582111 - Flags: review?(dvander)
Attachment #582111 - Flags: review?(dvander) → review-
Comment on attachment 582111 [details] [diff] [review]
Patch

Gah hit wrong button.
Attachment #582111 - Flags: review- → review+
(Assignee)

Comment 3

6 years ago
http://hg.mozilla.org/integration/mozilla-inbound/rev/092b0f19e65a
Target Milestone: --- → mozilla12

Comment 4

6 years ago
https://hg.mozilla.org/mozilla-central/rev/092b0f19e65a
Status: NEW → RESOLVED
Last Resolved: 6 years ago
Resolution: --- → FIXED
You need to log in before you can comment on or make changes to this bug.