WebKit Bugzilla
Attachment 341354 Details for
Bug 186004
: MachineContext's instructionPointer() should handle null PCs correctly.
Home
|
New
|
Browse
|
Search
|
[?]
|
Reports
|
Requests
|
Help
|
New Account
|
Log In
Remember
[x]
|
Forgot Password
Login:
[x]
[patch]
proposed patch.
bug-186004.patch (text/plain), 2.12 KB, created by
Mark Lam
on 2018-05-25 16:42:01 PDT
(
hide
)
Description:
proposed patch.
Filename:
MIME Type:
Creator:
Mark Lam
Created:
2018-05-25 16:42:01 PDT
Size:
2.12 KB
patch
obsolete
>Index: Source/JavaScriptCore/ChangeLog >=================================================================== >--- Source/JavaScriptCore/ChangeLog (revision 232213) >+++ Source/JavaScriptCore/ChangeLog (working copy) >@@ -1,3 +1,28 @@ >+2018-05-25 Mark Lam <mark.lam@apple.com> >+ >+ MachineContext's instructionPointer() should handle null PCs correctly. >+ https://bugs.webkit.org/show_bug.cgi?id=186004 >+ >+ Reviewed by NOBODY (OOPS!). >+ >+ instructionPointer() returns a MacroAssemblerCodePtr<CFunctionPtrTag>. However, >+ MacroAssemblerCodePtr's constructor does not accept a null pointer value and will >+ assert accordingly with a debug ASSERT. This is inconsequential for release >+ builds, but to avoid this assertion failure, we should check for a null PC and >+ return MacroAssemblerCodePtr<CFunctionPtrTag>(nullptr) instead (which uses the >+ MacroAssemblerCodePtr(std::nullptr_t) version of the constructor instead). >+ >+ Alternatively, we can change all of MacroAssemblerCodePtr's constructors to check >+ for null pointers, but I rather not do that yet. In general, >+ MacroAssemblerCodePtrs are constructed with non-null pointers, and I prefer to >+ leave it that way for now. >+ >+ Note: this assertion failure only manifests when we have signal traps enabled, >+ and encounter a null pointer deref. >+ >+ * runtime/MachineContext.h: >+ (JSC::MachineContext::instructionPointer): >+ > 2018-05-25 Mark Lam <mark.lam@apple.com> > > Enforce invariant that GetterSetter objects are invariant. >Index: Source/JavaScriptCore/runtime/MachineContext.h >=================================================================== >--- Source/JavaScriptCore/runtime/MachineContext.h (revision 232211) >+++ Source/JavaScriptCore/runtime/MachineContext.h (working copy) >@@ -438,6 +438,8 @@ inline MacroAssemblerCodePtr<CFunctionPt > #else > void* value = instructionPointerImpl(const_cast<PlatformRegisters&>(regs)); > #endif >+ if (!value) >+ return MacroAssemblerCodePtr<CFunctionPtrTag>(nullptr); > return MacroAssemblerCodePtr<CFunctionPtrTag>(value); > } >
<b>You cannot view the attachment while viewing its details because your browser does not support IFRAMEs. <a href="attachment.cgi?id=341354">View the attachment on a separate page</a>.</b>
View Attachment As Diff
View Attachment As Raw
Flags:
saam
:
review+
Actions:
View
|
Formatted Diff
|
Diff
Attachments on
bug 186004
: 341354