Port to 3.1 - Fix JIT_CheckedWriteBarrier on macOS (#28051)

In a change to enable Mojave hardened runtime support that was made last year, a bug was introduced into the JIT_CheckedWriteBarrier. A conditional relative jump before an updated piece of code that was jumping after that piece of code was not updated and ended up jumping into the middle of an instruction. Since that condition occurs only with specific memory layout and it is very rare, that problem was not discovered until now.
dotnet · Jul 14, 2020 · 68ec8a2 · 68ec8a2
1 parent 5d74d5b
commit 68ec8a2
Showing 1 changed file with 5 additions and 0 deletions.
diff --git a/src/vm/amd64/jithelpers_fast.S b/src/vm/amd64/jithelpers_fast.S
@@ -33,8 +33,13 @@ LEAF_ENTRY JIT_CheckedWriteBarrier, _TEXT
         // See if this is in GCHeap
         PREPARE_EXTERNAL_VAR g_lowest_address, rax
         cmp     rdi, [rax]
+#ifdef FEATURE_WRITEBARRIER_COPY
+        // jb      NotInHeap
+        .byte 0x72, 0x12
+#else
         // jb      NotInHeap
         .byte 0x72, 0x0e
+#endif
         PREPARE_EXTERNAL_VAR g_highest_address, rax
         cmp     rdi, [rax]