RESOLVED DUPLICATE of bug 158719 158888
LinkBuffer should place a nop sled at the end of the code it generates when it generates code into already allocated executable memory and the assembly it memcpy is smaller than the allocated size 
https://bugs.webkit.org/show_bug.cgi?id=158888
Summary LinkBuffer should place a nop sled at the end of the code it generates when i...
Saam Barati
Reported 2016-06-17 14:31:39 PDT
I don't think this comes up at all now, but it's probably the right contract for the API to have.
Attachments
Add attachment proposed patch, testcase, etc.
Geoffrey Garen
Comment 1 2016-06-17 14:33:54 PDT
Can we do a breakpoint sled instead? NOP sleds can be attack vectors because you can jump into the middle of them. But breakpoint sleds crash.
Filip Pizlo
Comment 2 2016-06-17 14:35:07 PDT
(In reply to comment #1) > Can we do a breakpoint sled instead? NOP sleds can be attack vectors because > you can jump into the middle of them. But breakpoint sleds crash. That would mean that if an IC emits less code than the allowed size, we would crash at a breakpoint. A nop sled means that if an IC emits less code than the allowed size, it runs correctly.
Geoffrey Garen
Comment 3 2016-06-17 14:45:40 PDT
I see. OK.
Saam Barati
Comment 4 2016-06-17 17:35:59 PDT
This will be fixed as part of another bug *** This bug has been marked as a duplicate of bug 158719 ***
Note You need to log in before you can comment on or make changes to this bug.