Closed
Bug 935814
Opened 11 years ago
Closed 11 years ago
CID 749215, CID 1123244, CID 1123245: Resource leaks on OOM, in jsd as found by Coverity
Categories
(Core :: JavaScript Engine, defect)
Core
JavaScript Engine
Tracking
()
RESOLVED
INVALID
People
(Reporter: gkw, Unassigned)
References
(Blocks 1 open bug)
Details
(Keywords: coverity)
Coverity analysis of Oct 31, 2013 source code has found some "resource leaks" that might be the cause of some OOM problems. I'm not sure if every one of them is a problem, though. http://hg.mozilla.org/mozilla-central/annotate/9ba3faa35c96/js/jsd/jsd_xpc.cpp#l2861 - rec is not being freed here in jsdService::AppendFilter? http://hg.mozilla.org/mozilla-central/annotate/9ba3faa35c96/js/jsd/jsd_xpc.cpp#l1262 - ret is not being freed here in jsdScript::GetParameterNames? (blame probably points to bz) http://hg.mozilla.org/mozilla-central/annotate/9ba3faa35c96/js/jsd/jsd_xpc.cpp#l732 - ds is not being freed here in jsds_ScriptHookProc? jimb, are all 3 of them likely issues?
Flags: needinfo?(jimb)
Reporter | ||
Updated•11 years ago
|
Summary: Resource leaks in jsd as found by Coverity, some may cause OOM → Resource leaks on OOM, in jsd as found by Coverity
Reporter | ||
Comment 1•11 years ago
|
||
These are CIDs 749215, 1123244 and 1123245.
Comment 2•11 years ago
|
||
(In reply to Gary Kwong [:gkw] [:nth10sd] (yes, still catching up on bugmail) from comment #0) > Coverity analysis of Oct 31, 2013 source code has found some "resource > leaks" that might be the cause of some OOM problems. I'm not sure if every > one of them is a problem, though. > > http://hg.mozilla.org/mozilla-central/annotate/9ba3faa35c96/js/jsd/jsd_xpc. > cpp#l2861 - rec is not being freed here in jsdService::AppendFilter? There, it looks to me as if rec is always either freed, or added to the gFilters linked list. > http://hg.mozilla.org/mozilla-central/annotate/9ba3faa35c96/js/jsd/jsd_xpc. > cpp#l1262 - ret is not being freed here in jsdScript::GetParameterNames? > (blame probably points to bz) This one looks okay too. There are only two ways to exit after allocating ret: line 1259 (failure), and line 1262 (success). On success, we return the array in *paramNames, so that's not a leak. The only way to return via 1259 is to set rv to a failure result - and that can only happen if we just called NS_FREE_XPCOM_ALLOCATED_POINTER_ARRAY, which seems to free ret. > http://hg.mozilla.org/mozilla-central/annotate/9ba3faa35c96/js/jsd/jsd_xpc. > cpp#l732 - ds is not being freed here in jsds_ScriptHookProc? This is another case like the first: ds seems to be always saved in gDeadScripts. Perhaps Coverity couldn't figure out our doubly-linked list implementation. > jimb, are all 3 of them likely issues? It looks to me as if none of them are leaks.
Flags: needinfo?(jimb)
Reporter | ||
Comment 3•11 years ago
|
||
> It looks to me as if none of them are leaks.
Understood - I've already marked them as false positives. Thanks!
Status: NEW → RESOLVED
Closed: 11 years ago
Resolution: --- → INVALID
Reporter | ||
Updated•10 years ago
|
Summary: Resource leaks on OOM, in jsd as found by Coverity → CID 749215, CID 1123244, CID 1123245: Resource leaks on OOM, in jsd as found by Coverity
Updated•6 years ago
|
Blocks: coverity-analysis
You need to log in
before you can comment on or make changes to this bug.
Description
•