183067 – validateStackAccess should not validate if the offset is within the stack bounds

Bug 183067 - validateStackAccess should not validate if the offset is within the stack bounds

Summary: validateStackAccess should not validate if the offset is within the stack bounds

Status:	RESOLVED FIXED

Alias:	None

Product:	WebKit
Classification:	Unclassified
Component:	JavaScriptCore (show other bugs)
Version:	WebKit Nightly Build
Hardware:	Unspecified Unspecified

Importance:	P2 Normal
Assignee:	Saam Barati

URL:
Keywords:	InRadar

Depends on:
Blocks:

Reported:	2018-02-22 16:01 PST by Saam Barati
Modified:	2018-02-26 12:42 PST (History)
CC List:	13 users (show)

See Also:

Attachments
patch (3.24 KB, patch) 2018-02-22 16:07 PST, Saam Barati	no flags	Details \| Formatted Diff \| Diff
View All Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description Saam Barati 2018-02-22 16:01:19 PST

For example, we may emit code that only reaches such a stack load conditionally. It's natural to emit such code. This happens in the case of GetMyArgumentByVal, which will branch on the argument count before issuing a load.

Comment 1 Saam Barati 2018-02-22 16:01:53 PST

<rdar://problem/37749988>

Comment 2 Saam Barati 2018-02-22 16:07:42 PST

Created attachment 334482 [details]
patch

Comment 3 Mark Lam 2018-02-26 12:17:20 PST

Comment on attachment 334482 [details]
patch

r=me

Comment 4 WebKit Commit Bot 2018-02-26 12:42:43 PST

Comment on attachment 334482 [details]
patch

Clearing flags on attachment: 334482

Committed r229036: <https://trac.webkit.org/changeset/229036>

Comment 5 WebKit Commit Bot 2018-02-26 12:42:45 PST

All reviewed patches have been landed.  Closing bug.