Bug 189247 - CallFrame::unsafeCallee() should use an ASAN suppressed Register::asanUnsafePointer().
Summary: CallFrame::unsafeCallee() should use an ASAN suppressed Register::asanUnsafeP...
Status: RESOLVED FIXED
Alias: None
Product: WebKit
Classification: Unclassified
Component: JavaScriptCore (show other bugs)
Version: WebKit Nightly Build
Hardware: Unspecified Unspecified
: P2 Normal
Assignee: Mark Lam
URL:
Keywords: InRadar
Depends on:
Blocks:
 
Reported: 2018-09-03 10:52 PDT by Mark Lam
Modified: 2018-09-03 16:30 PDT (History)
10 users (show)

See Also:

Attachments
proposed patch. (3.54 KB, patch)
2018-09-03 11:08 PDT, Mark Lam 		saam: review+
saam: commit-queue-
Details | Formatted Diff | Diff
proposed patch. (2.83 KB, patch)
2018-09-03 13:17 PDT, Mark Lam 		mark.lam: review-
Details | Formatted Diff | Diff
proposed patch. (3.42 KB, patch)
2018-09-03 13:45 PDT, Mark Lam 		no flags Details | Formatted Diff | Diff
Show Obsolete (2) View All Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description Mark Lam 2018-09-03 10:52:15 PDT 
Patch coming.
Comment 1 Mark Lam 2018-09-03 11:08:05 PDT 
Created attachment 348779 [details]
proposed patch.
Comment 2 Saam Barati 2018-09-03 13:06:06 PDT 
Comment on attachment 348779 [details]
proposed patch.

View in context: https://bugs.webkit.org/attachment.cgi?id=348779&action=review

> Source/JavaScriptCore/interpreter/Register.h:125
> +        return asanUnsafeJSValue();

How does this not remove asan protection?
Comment 3 Mark Lam 2018-09-03 13:11:12 PDT 
Comment on attachment 348779 [details]
proposed patch.

View in context: https://bugs.webkit.org/attachment.cgi?id=348779&action=review

>> Source/JavaScriptCore/interpreter/Register.h:125
>> +        return asanUnsafeJSValue();
> 
> How does this not remove asan protection?

I was previously thinking that the outer function Register::jsValue() not being a ASAN suppressed function means that this is OK.  But I'm wrong: this is a bug.  I will undo these call forwardinh changes.
Comment 4 Mark Lam 2018-09-03 13:17:52 PDT 
Created attachment 348788 [details]
proposed patch.
Comment 5 Mark Lam 2018-09-03 13:27:12 PDT 
Comment on attachment 348788 [details]
proposed patch.

Got a bug.
Comment 6 Mark Lam 2018-09-03 13:45:31 PDT 
Created attachment 348789 [details]
proposed patch.
Comment 7 WebKit Commit Bot 2018-09-03 16:29:43 PDT 
Comment on attachment 348789 [details]
proposed patch.

Clearing flags on attachment: 348789

Committed r235603: <https://trac.webkit.org/changeset/235603>
Comment 8 WebKit Commit Bot 2018-09-03 16:29:45 PDT 
All reviewed patches have been landed.  Closing bug.
Comment 9 Radar WebKit Bug Importer 2018-09-03 16:30:17 PDT 
<rdar://problem/44079982>