In release builds, Register::jsValue is inlined into DFG::prepareOSREntry, so a blacklist line we have in webkit-asan-ignore.txt is sufficient. But in debug builds, it is not inlined, so we crash in this function. Adding Register::jsValue to the blacklist is not the best fix, because this function is used elsewhere. The better fix is to blacklist the whole file.
Created attachment 244013 [details] proposed fix Actually, blacklisting the file doesn't work - if we do that, we get a non-ASan version of the inline function in DFGOSREntry.o, but it is later eliminated by the linker in favor of an ASanified copy from another file. So I only see two options: 1. Blacklist Register::jsValue(), and ask for a better solution (which I propose here). 2. Make a copy of Register::jsValue() function with a different name, just for the purpose of using it in prepareOSREntry() in a blacklist.
Committed <http://trac.webkit.org/r178005>.