WebKit Bugzilla
Attachment 348779 Details for
Bug 189247
: CallFrame::unsafeCallee() should use an ASAN suppressed Register::asanUnsafePointer().
Home
|
New
|
Browse
|
Search
|
[?]
|
Reports
|
Requests
|
Help
|
New Account
|
Log In
Remember
[x]
|
Forgot Password
Login:
[x]
[patch]
proposed patch.
bug-189247.patch (text/plain), 3.54 KB, created by
Mark Lam
on 2018-09-03 11:08:05 PDT
(
hide
)
Description:
proposed patch.
Filename:
MIME Type:
Creator:
Mark Lam
Created:
2018-09-03 11:08:05 PDT
Size:
3.54 KB
patch
obsolete
>Index: Source/JavaScriptCore/ChangeLog >=================================================================== >--- Source/JavaScriptCore/ChangeLog (revision 235600) >+++ Source/JavaScriptCore/ChangeLog (working copy) >@@ -1,3 +1,21 @@ >+2018-09-03 Mark Lam <mark.lam@apple.com> >+ >+ CallFrame::unsafeCallee() should use an ASAN suppressed Register::asanUnsafePointer(). >+ https://bugs.webkit.org/show_bug.cgi?id=189247 >+ >+ Reviewed by NOBODY (OOPS!). >+ >+ Also made some Register methods call their asanUnsafe equivalents. This ensures >+ that this one single canonical definition of what those methods do. >+ >+ * interpreter/CallFrame.h: >+ (JSC::ExecState::unsafeCallee const): >+ * interpreter/Register.h: >+ (JSC::Register::jsValue const): >+ (JSC::Register::codeBlock const): >+ (JSC::Register::pointer const): >+ (JSC::Register::asanUnsafePointer const): >+ > 2018-09-02 Yusuke Suzuki <yusukesuzuki@slowstart.org> > > Implement Object.fromEntries >Index: Source/JavaScriptCore/interpreter/CallFrame.h >=================================================================== >--- Source/JavaScriptCore/interpreter/CallFrame.h (revision 235600) >+++ Source/JavaScriptCore/interpreter/CallFrame.h (working copy) >@@ -106,7 +106,7 @@ namespace JSC { > return this[CallFrameSlot::callee].object(); > } > CalleeBits callee() const { return CalleeBits(this[CallFrameSlot::callee].pointer()); } >- SUPPRESS_ASAN CalleeBits unsafeCallee() const { return CalleeBits(this[CallFrameSlot::callee].pointer()); } >+ SUPPRESS_ASAN CalleeBits unsafeCallee() const { return CalleeBits(this[CallFrameSlot::callee].asanUnsafePointer()); } > CodeBlock* codeBlock() const { return this[CallFrameSlot::codeBlock].Register::codeBlock(); } > CodeBlock** addressOfCodeBlock() const { return bitwise_cast<CodeBlock**>(this + CallFrameSlot::codeBlock); } > SUPPRESS_ASAN CodeBlock* unsafeCodeBlock() const { return this[CallFrameSlot::codeBlock].Register::asanUnsafeCodeBlock(); } >Index: Source/JavaScriptCore/interpreter/Register.h >=================================================================== >--- Source/JavaScriptCore/interpreter/Register.h (revision 235600) >+++ Source/JavaScriptCore/interpreter/Register.h (working copy) >@@ -1,5 +1,5 @@ > /* >- * Copyright (C) 2008, 2009 Apple Inc. All rights reserved. >+ * Copyright (C) 2008-2018 Apple Inc. All rights reserved. > * > * Redistribution and use in source and binary forms, with or without > * modification, are permitted provided that the following conditions >@@ -77,6 +77,7 @@ namespace JSC { > int32_t& tag(); > > void* pointer() const; >+ void* asanUnsafePointer() const; > > static Register withInt(int32_t i) > { >@@ -121,7 +122,7 @@ namespace JSC { > > ALWAYS_INLINE JSValue Register::jsValue() const > { >- return JSValue::decode(u.value); >+ return asanUnsafeJSValue(); > } > > ALWAYS_INLINE EncodedJSValue Register::encodedJSValue() const >@@ -155,7 +156,7 @@ namespace JSC { > > ALWAYS_INLINE CodeBlock* Register::codeBlock() const > { >- return u.codeBlock; >+ return asanUnsafeCodeBlock(); > } > > SUPPRESS_ASAN ALWAYS_INLINE CodeBlock* Register::asanUnsafeCodeBlock() const >@@ -199,6 +200,11 @@ namespace JSC { > > ALWAYS_INLINE void* Register::pointer() const > { >+ return asanUnsafePointer(); >+ } >+ >+ SUPPRESS_ASAN ALWAYS_INLINE void* Register::asanUnsafePointer() const >+ { > #if USE(JSVALUE64) > return u.encodedValue.ptr; > #else
<b>You cannot view the attachment while viewing its details because your browser does not support IFRAMEs. <a href="attachment.cgi?id=348779">View the attachment on a separate page</a>.</b>
View Attachment As Diff
View Attachment As Raw
Flags:
saam
:
review+
saam
:
commit-queue-
Actions:
View
|
Formatted Diff
|
Diff
Attachments on
bug 189247
:
348779
|
348788
|
348789