Bug 183067

Summary: validateStackAccess should not validate if the offset is within the stack bounds
Product: WebKit Reporter: Saam Barati <saam>
Component: JavaScriptCoreAssignee: Saam Barati <saam>
Severity: Normal CC: benjamin, commit-queue, fpizlo, ggaren, gskachkov, jfbastien, keith_miller, mark.lam, msaboff, rmorisset, ticaiolima, webkit-bug-importer, ysuzuki
Priority: P2 Keywords: InRadar
Version: WebKit Nightly Build   
Hardware: Unspecified   
OS: Unspecified   
Description Flags
patch none

Description Saam Barati 2018-02-22 16:01:19 PST
For example, we may emit code that only reaches such a stack load conditionally. It's natural to emit such code. This happens in the case of GetMyArgumentByVal, which will branch on the argument count before issuing a load.
Comment 1 Saam Barati 2018-02-22 16:01:53 PST
Comment 2 Saam Barati 2018-02-22 16:07:42 PST
Created attachment 334482 [details]
Comment 3 Mark Lam 2018-02-26 12:17:20 PST
Comment on attachment 334482 [details]

Comment 4 WebKit Commit Bot 2018-02-26 12:42:43 PST
Comment on attachment 334482 [details]

Clearing flags on attachment: 334482

Committed r229036: <https://trac.webkit.org/changeset/229036>
Comment 5 WebKit Commit Bot 2018-02-26 12:42:45 PST
All reviewed patches have been landed.  Closing bug.