Commit d3b5b63d authored by Clemens Backes's avatar Clemens Backes Committed by V8 LUCI CQ

[isolate] Increase allowed stack overflow for sanitizer builds

C++ frames can get quite big in sanitizer builds. In the linked bug it
was an ASan debug build, which overflowed the stack by more than 8kB
just from C++ frames (when entering the runtime, there was no overflow
yet).
Hence increase the allowed stack overflow a bit for sanitizer builds,
from 8kB to 32kB.

R=jkummerow@chromium.org

Bug: chromium:1236560
Change-Id: I119fdb859f7ab5e6a0a4174cf79f0a16baa39432
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3078359Reviewed-by: 's avatarJakob Kummerow <jkummerow@chromium.org>
Commit-Queue: Clemens Backes <clemensb@chromium.org>
Cr-Commit-Position: refs/heads/master@{#76142}
parent 2656330f
......@@ -1399,7 +1399,13 @@ Object Isolate::StackOverflow() {
// frames until we reach this method.
// If this DCHECK fails, one of the frames on the stack should be augmented by
// an additional stack check.
#if defined(V8_USE_ADDRESS_SANITIZER) || defined(MEMORY_SANITIZER)
// Allow for a bit more overflow in sanitizer builds, because C++ frames take
// significantly more space there.
DCHECK_GE(GetCurrentStackPosition(), stack_guard()->real_climit() - 32 * KB);
#else
DCHECK_GE(GetCurrentStackPosition(), stack_guard()->real_climit() - 8 * KB);
#endif
if (FLAG_correctness_fuzzer_suppressions) {
FATAL("Aborting on stack overflow");
......
// Copyright 2021 the V8 project authors. All rights reserved.
// Use of this source code is governed by a BSD-style license that can be
// found in the LICENSE file.
let obj = {};
let arr = new Uint8Array(3);
function __f_0() {
arr[2] = obj;
}
obj.toString = __f_0;
assertThrows(() => obj.toString(), RangeError);
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment