If you think a bug might affect users in the 57 release, please set the correct tracking and status flags for Release Management.

TM: possibly uninitialized variable in jsclone.cpp

RESOLVED FIXED

Status

()

Core
JavaScript Engine
RESOLVED FIXED
7 years ago
7 years ago

People

(Reporter: njn, Assigned: njn)

Tracking

Firefox Tracking Flags

(Not tracked)

Details

(Whiteboard: fixed-in-tracemonkey)

(Assignee)

Description

7 years ago
An optimized build on Linux:

../jsclone.cpp: In member function ‘bool js::SCInput::readPair(uint32_t*, uint32_t*)’:
../jsclone.cpp:162: warning: ‘u’ may be used uninitialized in this function
../jsclone.cpp: In member function ‘bool JSStructuredCloneReader::readId(jsid*)’:
../jsclone.cpp:162: warning: ‘u’ may be used uninitialized in this function
../jsclone.cpp:162: note: ‘u’ was declared here
../jsclone.cpp: In member function ‘bool JSStructuredCloneReader::startRead(js::Value*)’:
../jsclone.cpp:162: warning: ‘u’ may be used uninitialized in this function
../jsclone.cpp:162: note: ‘u’ was declared here


The relevant code:

bool
SCInput::read(uint64_t *p)
{
    if (point == end)
        return eof();
    *p = SwapBytes(*point++);
    return true;
}

bool
SCInput::readPair(uint32_t *tagp, uint32_t *datap)
{
    uint64_t u;
    bool ok = read(&u);
    if (ok) {
        *tagp = uint32_t(u >> 32);
        *datap = uint32_t(u);
    }
    return ok;
}

For once, GCC seems to be right:  it appears that read() can return 'true' without writing to *p.
Slander! A few lines above that:

bool
SCInput::eof()
{
    JS_ReportErrorNumber(cx, js_GetErrorMessage, NULL, JSMSG_SC_BAD_SERIALIZED_DATA, "truncated");
    return false;
}
(Assignee)

Comment 2

7 years ago
eof() is an odd name for that function, then.  Always returning false is unusual too.  At the very least, a band-aid for the warning would be much appreciated.
(Assignee)

Comment 3

7 years ago
http://hg.mozilla.org/tracemonkey/rev/c44177df3ee3

(No patch was posted here because I got r+ from jorendorff via IRC.)
Whiteboard: fixed-in-tracemonkey

Comment 4

7 years ago
http://hg.mozilla.org/mozilla-central/rev/c44177df3ee3
Status: ASSIGNED → RESOLVED
Last Resolved: 7 years ago
Resolution: --- → FIXED
You need to log in before you can comment on or make changes to this bug.