Skip to site navigation (Press enter)

[webkit-changes] [149205] trunk/Source/JavaScriptCore

oliver Fri, 26 Apr 2013 13:10:18 -0700

Title: [149205] trunk/Source/_javascript_Core

Revision: 149205
Author: oli...@apple.com
Date: 2013-04-26 13:12:04 -0700 (Fri, 26 Apr 2013)

Log Message

Make stack tracing more robust
https://bugs.webkit.org/show_bug.cgi?id=115272


Reviewed by Geoffrey Garen.

CallFrame already handles stack walking confusion robustly,
so we should make sure that the actual walk handles that as well.

* interpreter/Interpreter.cpp:
(JSC::getCallerInfo):

Modified Paths

trunk/Source/_javascript_Core/ChangeLog
trunk/Source/_javascript_Core/interpreter/Interpreter.cpp

Diff

Modified: trunk/Source/_javascript_Core/ChangeLog (149204 => 149205)


--- trunk/Source/_javascript_Core/ChangeLog	2013-04-26 19:42:29 UTC (rev 149204)
+++ trunk/Source/_javascript_Core/ChangeLog	2013-04-26 20:12:04 UTC (rev 149205)
@@ -1,3 +1,16 @@
+2013-04-26  Oliver Hunt  <oli...@apple.com>
+
+        Make stack tracing more robust
+        https://bugs.webkit.org/show_bug.cgi?id=115272
+
+        Reviewed by Geoffrey Garen.
+
+        CallFrame already handles stack walking confusion robustly,
+        so we should make sure that the actual walk handles that as well.
+
+        * interpreter/Interpreter.cpp:
+        (JSC::getCallerInfo):
+
 2013-04-26  Mark Hahnenberg  <mhahnenb...@apple.com>
 
         REGRESSION(r149165): It made many tests crash on 32 bit

Modified: trunk/Source/_javascript_Core/interpreter/Interpreter.cpp (149204 => 149205)


--- trunk/Source/_javascript_Core/interpreter/Interpreter.cpp	2013-04-26 19:42:29 UTC (rev 149204)
+++ trunk/Source/_javascript_Core/interpreter/Interpreter.cpp	2013-04-26 20:12:04 UTC (rev 149205)
@@ -567,8 +567,14 @@
             }
         } else if (callerCodeBlock && callerCodeBlock->getJITType() == JITCode::DFGJIT) {
             CodeOrigin origin;
-            if (!callerCodeBlock->codeOriginForReturn(callFrame->returnPC(), origin))
-                RELEASE_ASSERT_NOT_REACHED();
+            if (!callerCodeBlock->codeOriginForReturn(callFrame->returnPC(), origin)) {
+                // This should not be possible, but we're seeing cases where it does happen
+                // CallFrame already has robustness against bogus stack walks, so
+                // we'll extend that to here as well.
+                ASSERT_NOT_REACHED();
+                caller = 0;
+                return 0;
+            }
             bytecodeOffset = origin.bytecodeIndex;
             if (InlineCallFrame* icf = origin.inlineCallFrame) {
                 FunctionExecutable* executable = static_cast<FunctionExecutable*>(icf->executable.get());

_______________________________________________
webkit-changes mailing list
webkit-changes@lists.webkit.org
https://lists.webkit.org/mailman/listinfo/webkit-changes