Make stack tracing more robust
authoroliver@apple.com <oliver@apple.com@268f45cc-cd09-0410-ab3c-d52691b4dbfc>
Fri, 26 Apr 2013 20:12:04 +0000 (20:12 +0000)
committeroliver@apple.com <oliver@apple.com@268f45cc-cd09-0410-ab3c-d52691b4dbfc>
Fri, 26 Apr 2013 20:12:04 +0000 (20:12 +0000)
https://bugs.webkit.org/show_bug.cgi?id=115272

Reviewed by Geoffrey Garen.

CallFrame already handles stack walking confusion robustly,
so we should make sure that the actual walk handles that as well.

* interpreter/Interpreter.cpp:
(JSC::getCallerInfo):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@149205 268f45cc-cd09-0410-ab3c-d52691b4dbfc

Source/JavaScriptCore/ChangeLog
Source/JavaScriptCore/interpreter/Interpreter.cpp

index a511976..faf7fc4 100644 (file)
@@ -1,3 +1,16 @@
+2013-04-26  Oliver Hunt  <oliver@apple.com>
+
+        Make stack tracing more robust
+        https://bugs.webkit.org/show_bug.cgi?id=115272
+
+        Reviewed by Geoffrey Garen.
+
+        CallFrame already handles stack walking confusion robustly,
+        so we should make sure that the actual walk handles that as well.
+
+        * interpreter/Interpreter.cpp:
+        (JSC::getCallerInfo):
+
 2013-04-26  Mark Hahnenberg  <mhahnenberg@apple.com>
 
         REGRESSION(r149165): It made many tests crash on 32 bit
index a6b1649..8ba3b1b 100644 (file)
@@ -567,8 +567,14 @@ static CallFrame* getCallerInfo(VM* vm, CallFrame* callFrame, unsigned& bytecode
             }
         } else if (callerCodeBlock && callerCodeBlock->getJITType() == JITCode::DFGJIT) {
             CodeOrigin origin;
-            if (!callerCodeBlock->codeOriginForReturn(callFrame->returnPC(), origin))
-                RELEASE_ASSERT_NOT_REACHED();
+            if (!callerCodeBlock->codeOriginForReturn(callFrame->returnPC(), origin)) {
+                // This should not be possible, but we're seeing cases where it does happen
+                // CallFrame already has robustness against bogus stack walks, so
+                // we'll extend that to here as well.
+                ASSERT_NOT_REACHED();
+                caller = 0;
+                return 0;
+            }
             bytecodeOffset = origin.bytecodeIndex;
             if (InlineCallFrame* icf = origin.inlineCallFrame) {
                 FunctionExecutable* executable = static_cast<FunctionExecutable*>(icf->executable.get());