• jgruber's avatar
    Fix LookupCode for the DatePrototype_GetField builtin · 4f781d72
    jgruber authored
    This was exposed on win64 and manifested as a negative offset during
    stack frame collection, i.e. pc < Code::instruction_start() for a
    BUILTIN frame.
    
    This happened because StackFrame::LookupCode returns the wrong code
    object when call is the last instruction in a code object:
    * pc is actually the return address for all but the topmost frame.
    * pc points at the next instruction after the call.
    * This is beyond the current code object if call is the last
      instruction.
    * Lookup itself is naive in that it just returns the first code object
      for which (next_code_obj_addr > pc). It does not check that pc is
      actually within [instruction_start, instruction_end[.
    * In this specific case, the pc (== return address) actually pointed
      at the beginning of the header of the next code object.
    * We finally calculated offset as (code->instruction_start() - pc),
      but with the wrong code object.
    
    This should be followed up by a proper fix at some point. For instance,
    this could be setting pc to (return address - 1) for all but the topmost
    frame.
    
    BUG=v8:5311
    
    Review-Url: https://codereview.chromium.org/2284673002
    Cr-Commit-Position: refs/heads/master@{#38996}
    4f781d72
frames-inl.h 9.46 KB