[objects] Take into account the LSB bit in purecap ABI in Code::GetOffsetFromInstructionStart

RoundofThree · RoundofThree · commit e04b2bb9a195 · 2025-08-02T14:31:30.000+01:00
When the PCC is sealed in purecap ABI, the LSB bit is set, leading
to an off-by-one error in the computation of the offset from the
instruction start to the current PCC address. This can cause errors
such as in OptimizedFrame::LookupExceptionHandlerInTable, where the
computed offset is used to look up an exception handler table.
diff --git a/src/objects/code-inl.h b/src/objects/code-inl.h
@@ -171,7 +171,14 @@ Address Code::InstructionEnd(Isolate* isolate, Address pc) const {
 }
 
 int Code::GetOffsetFromInstructionStart(Isolate* isolate, Address pc) const {
+#if defined(__CHERI_PURE_CAPABILITY__) && defined(__aarch64__)
+  // NOTE(zyj20): Take into account that the LSB of sealed PCC is set.
+  // The resulting capability could be invalid but it won't be
+  // used as a pointer anyways.
+  const Address offset = (pc & ~1) - InstructionStart(isolate, pc);
+#else
   const Address offset = pc - InstructionStart(isolate, pc);
+#endif
   DCHECK_LE(offset, instruction_size());
   return static_cast<int>(offset);
 }

Original file line number	Diff line number	Diff line change
`@@ -171,7 +171,14 @@ Address Code::InstructionEnd(Isolate* isolate, Address pc) const {`
`171`	`171`	`}`
`172`	`172`
`173`	`173`	`int Code::GetOffsetFromInstructionStart(Isolate* isolate, Address pc) const {`
	`174`	`+#if defined(__CHERI_PURE_CAPABILITY__) && defined(__aarch64__)`
	`175`	`+ // NOTE(zyj20): Take into account that the LSB of sealed PCC is set.`
	`176`	`+ // The resulting capability could be invalid but it won't be`
	`177`	`+ // used as a pointer anyways.`
	`178`	`+ const Address offset = (pc & ~1) - InstructionStart(isolate, pc);`
	`179`	`+#else`
`174`	`180`	`const Address offset = pc - InstructionStart(isolate, pc);`
	`181`	`+#endif`
`175`	`182`	`DCHECK_LE(offset, instruction_size());`
`176`	`183`	`return static_cast<int>(offset);`
`177`	`184`	`}`