Bug 223581 - Source/WebKit/UIProcess/Cocoa/WebViewImpl.mm:2681:9: runtime error: load of value nnn, which is not a valid value for type 'BOOL' (aka 'signed char')
Summary: Source/WebKit/UIProcess/Cocoa/WebViewImpl.mm:2681:9: runtime error: load of v...
Status: RESOLVED FIXED
Alias: None
Product: WebKit
Classification: Unclassified
Component: WebKit2 (show other bugs)
Version: WebKit Nightly Build
Hardware: Unspecified Unspecified
: P2 Normal
Assignee: Chris Dumez
URL:
Keywords: InRadar
Depends on:
Blocks:
 
Reported: 2021-03-22 09:18 PDT by Chris Dumez
Modified: 2021-03-22 15:23 PDT (History)
6 users (show)

See Also:

Attachments
Patch (1.93 KB, patch)
2021-03-22 09:22 PDT, Chris Dumez 		no flags Details | Formatted Diff | Diff
Patch (1.93 KB, patch)
2021-03-22 10:03 PDT, Chris Dumez 		no flags Details | Formatted Diff | Diff
Show Obsolete (1) View All Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description Chris Dumez 2021-03-22 09:18:26 PDT 
Fix bug found by UBSAN in WebViewImpl::pluginFocusOrWindowFocusChanged().
Comment 1 Chris Dumez 2021-03-22 09:22:35 PDT 
Created attachment 423897 [details]
Patch
Comment 2 Chris Dumez 2021-03-22 10:03:49 PDT 
Created attachment 423902 [details]
Patch
Comment 3 EWS 2021-03-22 13:15:10 PDT 
Committed r274786: <https://commits.webkit.org/r274786>

All reviewed patches have been landed. Closing bug and clearing flags on attachment 423902 [details].
Comment 4 Radar WebKit Bug Importer 2021-03-22 13:16:17 PDT 
<rdar://problem/75705715>
Comment 5 Darin Adler 2021-03-22 15:23:34 PDT 
Comment on attachment 423902 [details]
Patch

View in context: https://bugs.webkit.org/attachment.cgi?id=423902&action=review

> Source/WebKit/ChangeLog:10
> +        The code was implicitly casting an uint64_t identifier into a BOOL variable. The intention was
> +        to check whether the identifier is 0 or not. To silence the UBSAN error, we now use the bool
> +        type instead of BOOL (since BOOL is defined as a signed char on some platforms).

On platforms where BOOL is signed char, the original code will work wrong any time the low 8 bits of the pointer are zero!

I feel like we are concentrating too much on "placating" UBSan and too little on fixing the bug UBSan found in our commentary.