1718231 - JS::ContextOptions::ergonomicBrandChecks_ is sometimes used before it is defined

Status: RESOLVED FIXED

(Core :: JavaScript Engine, defect)

Description

[Julian Seward [:jseward]]

Attachment: Valgrind complainage

It appears that (1) JS::ContextOptions::ContextOptions() doesn't give an
initial value for field ergonomicBrandChecks_, and (2) at least in a browser
build, it can be used in that state. A minimal bit of poking around suggests
that it might be defined in shell builds, but not in browser builds.

The result is a bunch of Valgrind complaints in the JS parser, in orExpr.

Doing the obvious thing (setting it to false in
JS::ContextOptions::ContextOptions()) stops Valgrind complaining.

This appears to be related to bug 1648090.

Comment 1

[Julian Seward [:jseward]]

Attachment: Possible fix

The obvious fix. I'm not claiming that this is the right fix,
merely that it stops Valgrind complaining.

Comment 2

[Yulia Startsev [:yulia] OOO until July 2026]

The obvious fix looks right. Thanks for looking into this!

Comment 3

[Matthew Gaudet (he/him) [:mgaudet]]

Did you want to land this patch Julian? (otherwise I can)

Comment 4

[Julian Seward [:jseward]]

Attachment: Bug 1718231 - JS::ContextOptions::ergonomicBrandChecks_ is sometimes used before it is defined. r=mgaudet.

It appears that (1) JS::ContextOptions::ContextOptions() doesn't give an
initial value for field ergonomicBrandChecks_, and (2) at least in a browser
build, it can be used in that state. This trivial patch initialises it to
false.

Comment 5

[Pulsebot]

Pushed by jseward@mozilla.com:
https://hg.mozilla.org/integration/autoland/rev/ce3c35cb21fc
JS::ContextOptions::ergonomicBrandChecks_ is sometimes used before it is defined.  r=mgaudet.

Comment 6

[Marian-Vasile Laza]

https://hg.mozilla.org/mozilla-central/rev/ce3c35cb21fc