Title: [149205] trunk/Source/_javascript_Core
- Revision
- 149205
- Author
- oli...@apple.com
- Date
- 2013-04-26 13:12:04 -0700 (Fri, 26 Apr 2013)
Log Message
Make stack tracing more robust
https://bugs.webkit.org/show_bug.cgi?id=115272
Reviewed by Geoffrey Garen.
CallFrame already handles stack walking confusion robustly,
so we should make sure that the actual walk handles that as well.
* interpreter/Interpreter.cpp:
(JSC::getCallerInfo):
Modified Paths
Diff
Modified: trunk/Source/_javascript_Core/ChangeLog (149204 => 149205)
--- trunk/Source/_javascript_Core/ChangeLog 2013-04-26 19:42:29 UTC (rev 149204)
+++ trunk/Source/_javascript_Core/ChangeLog 2013-04-26 20:12:04 UTC (rev 149205)
@@ -1,3 +1,16 @@
+2013-04-26 Oliver Hunt <oli...@apple.com>
+
+ Make stack tracing more robust
+ https://bugs.webkit.org/show_bug.cgi?id=115272
+
+ Reviewed by Geoffrey Garen.
+
+ CallFrame already handles stack walking confusion robustly,
+ so we should make sure that the actual walk handles that as well.
+
+ * interpreter/Interpreter.cpp:
+ (JSC::getCallerInfo):
+
2013-04-26 Mark Hahnenberg <mhahnenb...@apple.com>
REGRESSION(r149165): It made many tests crash on 32 bit
Modified: trunk/Source/_javascript_Core/interpreter/Interpreter.cpp (149204 => 149205)
--- trunk/Source/_javascript_Core/interpreter/Interpreter.cpp 2013-04-26 19:42:29 UTC (rev 149204)
+++ trunk/Source/_javascript_Core/interpreter/Interpreter.cpp 2013-04-26 20:12:04 UTC (rev 149205)
@@ -567,8 +567,14 @@
}
} else if (callerCodeBlock && callerCodeBlock->getJITType() == JITCode::DFGJIT) {
CodeOrigin origin;
- if (!callerCodeBlock->codeOriginForReturn(callFrame->returnPC(), origin))
- RELEASE_ASSERT_NOT_REACHED();
+ if (!callerCodeBlock->codeOriginForReturn(callFrame->returnPC(), origin)) {
+ // This should not be possible, but we're seeing cases where it does happen
+ // CallFrame already has robustness against bogus stack walks, so
+ // we'll extend that to here as well.
+ ASSERT_NOT_REACHED();
+ caller = 0;
+ return 0;
+ }
bytecodeOffset = origin.bytecodeIndex;
if (InlineCallFrame* icf = origin.inlineCallFrame) {
FunctionExecutable* executable = static_cast<FunctionExecutable*>(icf->executable.get());
_______________________________________________
webkit-changes mailing list
webkit-changes@lists.webkit.org
https://lists.webkit.org/mailman/listinfo/webkit-changes