Bug 220397

Summary: The scratch register should be different from the target register when calling validateUntaggedPtr.
Product: WebKit Reporter: Mark Lam <mark.lam>
Component: JavaScriptCoreAssignee: Mark Lam <mark.lam>
Status: RESOLVED FIXED    
Severity: Normal CC: ews-watchlist, keith_miller, msaboff, saam, tzagallo, webkit-bug-importer, ysuzuki, zalan
Priority: P2 Keywords: InRadar
Version: WebKit Nightly Build   
Hardware: Unspecified   
OS: Unspecified   
Attachments:
Description Flags
proposed patch. none

Mark Lam
Reported 2021-01-06 21:11:11 PST
rdar://72771069
Attachments
proposed patch. (2.29 KB, patch)
2021-01-06 21:20 PST, Mark Lam 		no flags
DetailsFormatted DiffDiff
View All Add attachment proposed patch, testcase, etc.
Mark Lam
Comment 1 2021-01-06 21:20:16 PST
Created attachment 417152 [details] proposed patch.
Yusuke Suzuki
Comment 2 2021-01-06 21:22:44 PST
Comment on attachment 417152 [details] proposed patch. r=me
Mark Lam
Comment 3 2021-01-07 09:02:41 PST
Comment on attachment 417152 [details] proposed patch. Thanks for the review. Landing now.
EWS
Comment 4 2021-01-07 09:33:29 PST
Committed r271240: <https://trac.webkit.org/changeset/271240> All reviewed patches have been landed. Closing bug and clearing flags on attachment 417152 [details].
alan
Comment 5 2021-01-09 04:24:09 PST
I can still repro the crash with the most recent spade (r271343).
Mark Lam
Comment 6 2021-01-09 08:53:38 PST
(In reply to zalan from comment #5) > I can still repro the crash with the most recent spade (r271343). This turns out to be a different issue. We should track it with a new bug. Closing this one.
Note You need to log in before you can comment on or make changes to this bug.