Changeset 280858 in webkit for trunk/Source/JavaScriptCore/interpreter/AbstractPC.cpp

Timestamp:

Aug 10, 2021, 11:17:15 AM (4 years ago)

Author:

[email protected]

Message:

CallFrame::returnPC should untag the return address before passing it to ReturnAddressPtr
​https://bugs.webkit.org/show_bug.cgi?id=228931

Reviewed by Mark Lam.

Source/JavaScriptCore:

Right now current debugging code expects that the JS return PC on
the stack is already unsigned. This is not true on arm64e.
This patch now properly unsigns the return PC before passing it to
the ReturnAddressPC constructor.

• assembler/MacroAssemblerCodeRef.h:

(JSC::ReturnAddressPtr::fromTaggedPC):

• interpreter/AbstractPC.cpp:

(JSC::AbstractPC::AbstractPC):

• interpreter/AbstractPC.h:

(JSC::AbstractPC::AbstractPC):
(JSC::AbstractPC::jitReturnAddress const):

• interpreter/CallFrame.h:

(JSC::CallFrame::returnPC const):

Source/WTF:

Add a new helper to untag the return pc from a stack frame.

• wtf/PtrTag.h:

(WTF::untagReturnPC):

File:

• trunk/Source/JavaScriptCore/interpreter/AbstractPC.cpp (modified) (1 diff)

trunk/Source/JavaScriptCore/interpreter/AbstractPC.cpp

@@ -39 +39 @@
 #if ENABLE(JIT)
     if (Options::useJIT()) {
-        m_pointer = callFrame->returnPC().value();
+        m_pointer = callFrame->returnPC();
         m_mode = JIT;
         return;