Commit 4aa3dd83 authored by Samuel Groß's avatar Samuel Groß Committed by V8 LUCI CQ

[sandbox] Install sandbox crash filter after V8::Initialize

The sandbox crash filter must be installed after the sandbox has been
initialized, which now happens during V8::Initialize.

Bug: v8:10391
Change-Id: I0103e32f091843415aaff4ec1c9bd93603244144
Cq-Include-Trybots: luci.v8.try:v8_linux64_heap_sandbox_dbg_ng,v8_linux_arm64_sim_heap_sandbox_dbg_ng
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3769689Reviewed-by: 's avatarCamillo Bruni <cbruni@chromium.org>
Commit-Queue: Camillo Bruni <cbruni@chromium.org>
Auto-Submit: Samuel Groß <saelo@chromium.org>
Cr-Commit-Position: refs/heads/main@{#81771}
parent b3477fdd
...@@ -5600,14 +5600,6 @@ int Shell::Main(int argc, char* argv[]) { ...@@ -5600,14 +5600,6 @@ int Shell::Main(int argc, char* argv[]) {
V8::SetFlagsFromString("--redirect-code-traces-to=code.asm"); V8::SetFlagsFromString("--redirect-code-traces-to=code.asm");
} }
v8::V8::InitializePlatform(g_platform.get()); v8::V8::InitializePlatform(g_platform.get());
#ifdef V8_ENABLE_SANDBOX
if (options.enable_sandbox_crash_filter) {
// Note: this must happen before the Wasm trap handler is installed, so
// that the Wasm trap handler is invoked first (and can handle Wasm OOB
// accesses), then forwards all "real" crashes to the sandbox crash filter.
i::SandboxTesting::InstallSandboxCrashFilter();
}
#endif
// Disable flag freezing if we are producing a code cache, because for that we // Disable flag freezing if we are producing a code cache, because for that we
// modify FLAG_hash_seed (below). // modify FLAG_hash_seed (below).
...@@ -5665,6 +5657,15 @@ int Shell::Main(int argc, char* argv[]) { ...@@ -5665,6 +5657,15 @@ int Shell::Main(int argc, char* argv[]) {
create_params.add_histogram_sample_callback = AddHistogramSample; create_params.add_histogram_sample_callback = AddHistogramSample;
} }
#ifdef V8_ENABLE_SANDBOX
if (options.enable_sandbox_crash_filter) {
// Note: this must happen before the Wasm trap handler is installed, so
// that the Wasm trap handler is invoked first (and can handle Wasm OOB
// accesses), then forwards all "real" crashes to the sandbox crash filter.
i::SandboxTesting::InstallSandboxCrashFilter();
}
#endif
#if V8_ENABLE_WEBASSEMBLY #if V8_ENABLE_WEBASSEMBLY
if (V8_TRAP_HANDLER_SUPPORTED && options.wasm_trap_handler) { if (V8_TRAP_HANDLER_SUPPORTED && options.wasm_trap_handler) {
constexpr bool kUseDefaultTrapHandler = true; constexpr bool kUseDefaultTrapHandler = true;
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment