Bug 220564 - [JSC] Bypass OperationPtrTagging for JITCage verification for CallDOMGetter
Summary: [JSC] Bypass OperationPtrTagging for JITCage verification for CallDOMGetter
Status: RESOLVED FIXED
Alias: None
Product: WebKit
Classification: Unclassified
Component: New Bugs (show other bugs)
Version: WebKit Nightly Build
Hardware: Unspecified Unspecified
: P2 Normal
Assignee: Yusuke Suzuki
URL:
Keywords: InRadar
Depends on:
Blocks:
 
Reported: 2021-01-12 13:37 PST by Yusuke Suzuki
Modified: 2021-01-12 16:09 PST (History)
7 users (show)

See Also:


Attachments
Patch (10.36 KB, patch)
2021-01-12 13:41 PST, Yusuke Suzuki
saam: review+
Details | Formatted Diff | Diff

Note You need to log in before you can comment on or make changes to this bug.
Description Yusuke Suzuki 2021-01-12 13:37:44 PST
[JSC] Bypass OperationPtrTagging for JITCage verification for CallDOMGetter
Comment 1 Yusuke Suzuki 2021-01-12 13:41:22 PST
Created attachment 417487 [details]
Patch
Comment 2 Yusuke Suzuki 2021-01-12 13:42:11 PST
<rdar://problem/73051360>
Comment 3 Saam Barati 2021-01-12 14:55:45 PST
Comment on attachment 417487 [details]
Patch

View in context: https://bugs.webkit.org/attachment.cgi?id=417487&action=review

> Source/JavaScriptCore/ChangeLog:8
> +        CustomAccessorPtrTag functions are not registered ones for JITCage since we are using trampoline to invoke them.

Maybe specify trampoline is in C++?
Comment 4 Yusuke Suzuki 2021-01-12 16:09:24 PST
Committed r271422: <https://trac.webkit.org/changeset/271422>