P4
During stack unwinding, the post-call NOP pattern check can potentially read outside the code blob, causing fault if the memory is unmapped. This is unexpected but possible with stack corruption when unwinding interprets an invalid return address.
Using SafeFetch for the post-call NOP check would prevent fault in this scenario. This improves the robustness of stack unwinding and diagnostic error reporting: while this does not prevent false-positive matches of an arbitrary code or data with the post-call NOP pattern, it ensures the VM does not crash during the post-call NOP check while handling already-corrupted state.
On AArch64, `SafeFetch32` is implemented efficiently without `setjmp` or exception overhead. It might be possible to further optimize it for inlining to minimize performance impact.
Using SafeFetch for the post-call NOP check would prevent fault in this scenario. This improves the robustness of stack unwinding and diagnostic error reporting: while this does not prevent false-positive matches of an arbitrary code or data with the post-call NOP pattern, it ensures the VM does not crash during the post-call NOP check while handling already-corrupted state.
On AArch64, `SafeFetch32` is implemented efficiently without `setjmp` or exception overhead. It might be possible to further optimize it for inlining to minimize performance impact.