[Webkit-unassigned] [Bug 276224] New: [GStreamer] gstStructureGet<T> may return optionals with unitialized values on Clang 18
bugzilla-daemon at webkit.org
bugzilla-daemon at webkit.org
Thu Jul 4 06:55:39 PDT 2024
https://bugs.webkit.org/show_bug.cgi?id=276224
Bug ID: 276224
Summary: [GStreamer] gstStructureGet<T> may return optionals
with unitialized values on Clang 18
Product: WebKit
Version: WebKit Nightly Build
Hardware: Unspecified
OS: Unspecified
Status: NEW
Severity: Normal
Priority: P2
Component: Platform
Assignee: webkit-unassigned at lists.webkit.org
Reporter: cadubentzen at igalia.com
On bug 275609 we introduced the gstStructureGet<T> helper. After using it in more places, we found what may be a compiler bug (reproduced it with Clang 18 so far).
Given a GstStructure named structure with "a-structure, width=10". If we try:
auto height = gstStructureGet<int>(structure, "height"_s);
if (height)
GST_LOG("height = %d", *height);
although the branch shouldn't be executed since there's no "height" field. It is executed with an unitialized value.
After debugging what's happening, it seems to be actually a compiler issue. Fixed it by using if(UNLIKELY(gst_structure_get_<type>)) in gstStructureGet branches. Without that, the branches were being executed and returning std::optional with unitialized values when they shouldn't.
Patch for the fix in WebKit incoming. Pending on a minimal reproducer outside WebKit to confirm it's a bug in Clang...
--
You are receiving this mail because:
You are the assignee for the bug.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.webkit.org/pipermail/webkit-unassigned/attachments/20240704/f49c06ca/attachment.htm>
More information about the webkit-unassigned
mailing list