Bug 220564

Summary: [JSC] Bypass OperationPtrTagging for JITCage verification for CallDOMGetter
Product: WebKit Reporter: Yusuke Suzuki <ysuzuki>
Component: New BugsAssignee: Yusuke Suzuki <ysuzuki>
Status: RESOLVED FIXED    
Severity: Normal CC: ews-watchlist, keith_miller, mark.lam, msaboff, saam, tzagallo, webkit-bug-importer
Priority: P2 Keywords: InRadar
Version: WebKit Nightly Build   
Hardware: Unspecified   
OS: Unspecified   
Attachments:
Description Flags
Patch saam: review+

Description Yusuke Suzuki 2021-01-12 13:37:44 PST 
[JSC] Bypass OperationPtrTagging for JITCage verification for CallDOMGetter
Comment 1 Yusuke Suzuki 2021-01-12 13:41:22 PST 
Created attachment 417487 [details]
Patch
Comment 2 Yusuke Suzuki 2021-01-12 13:42:11 PST 
<rdar://problem/73051360>
Comment 3 Saam Barati 2021-01-12 14:55:45 PST 
Comment on attachment 417487 [details]
Patch

View in context: https://bugs.webkit.org/attachment.cgi?id=417487&action=review

> Source/JavaScriptCore/ChangeLog:8
> +        CustomAccessorPtrTag functions are not registered ones for JITCage since we are using trampoline to invoke them.

Maybe specify trampoline is in C++?
Comment 4 Yusuke Suzuki 2021-01-12 16:09:24 PST 
Committed r271422: <https://trac.webkit.org/changeset/271422>