Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Rooted::new_unrooted can easily cause undefined behaviour #548

Closed
simonwuelker opened this issue Jan 20, 2025 · 2 comments · Fixed by #551
Closed

Rooted::new_unrooted can easily cause undefined behaviour #548

simonwuelker opened this issue Jan 20, 2025 · 2 comments · Fixed by #551

Comments

@simonwuelker
Copy link
Contributor

Rooted::new_unrooted will zero-initialize the contained value (RootedGuard::new will usually be used to init it later)

mozjs/mozjs-sys/src/jsimpls.rs

Lines 431 to 440 in 0081fc4

pub fn new_unrooted() -> JS::Rooted<T> {
JS::Rooted {
vtable: T::VTABLE,
base: RootedBase {
stack: ptr::null_mut(),
prev: ptr::null_mut(),
},
ptr: unsafe { std::mem::zeroed() },
}
}

This causes immediate undefined behaviour (or a panic in debug mode) if T is a type that must not be zero, like std::ptr::NonNull<T>.
@simonwuelker
Copy link
Contributor Author

I think we should wrap the value in std::mem::MaybeUninit.

@simonwuelker simonwuelker mentioned this issue Jan 20, 2025
Merged
@simonwuelker
Copy link
Contributor Author

This is currently preventing me from implementing the :slotted selector and laying out slot elements in servo

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

Indicate to the compiler that Rooted<T> may be uninitialized simonwuelker/mozjs
1 participant
@simonwuelker