- 28 Jan, 2021 1 commit
-
-
Thibaud Michaud authored
This is a reland of a80d51d4 There were two main issues: - Liftoff did 32 bit addition to get the offset, which overflowed and created a valid address where an OOB was expected - The access mode and landing pad was missing for SIMD load and store instructions Also fixed the macros to disable trap handlers from simulator builds. Original change's description: > [wasm][mac][arm64] Enable OOB trap handler > > R=ahaas@chromium.org,mark@chromium.org,mseaborn@chromium.org > > Bug: v8:11098 > Change-Id: Ic4eb02a96805e49da71f301269567a6e0ac1b843 > Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2519555 > Commit-Queue: Thibaud Michaud <thibaudm@chromium.org> > Reviewed-by: Zhi An Ng <zhin@chromium.org> > Reviewed-by: Igor Sheludko <ishell@chromium.org> > Reviewed-by: Andreas Haas <ahaas@chromium.org> > Cr-Commit-Position: refs/heads/master@{#72136} Bug: v8:11098 Change-Id: I2ebe434577f2cbe168f0bccf2936f69ca211e3c1 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2637223Reviewed-by: Clemens Backes <clemensb@chromium.org> Reviewed-by: Zhi An Ng <zhin@chromium.org> Reviewed-by: Andreas Haas <ahaas@chromium.org> Commit-Queue: Thibaud Michaud <thibaudm@chromium.org> Cr-Commit-Position: refs/heads/master@{#72401}
-
- 19 Jan, 2021 1 commit
-
-
Michael Achenbach authored
This reverts commit a80d51d4. Reason for revert: Breaks: https://ci.chromium.org/p/v8/builders/ci/V8%20Mac%20-%20arm64%20-%20release/2042 Original change's description: > [wasm][mac][arm64] Enable OOB trap handler > > R=ahaas@chromium.org,mark@chromium.org,mseaborn@chromium.org > > Bug: v8:11098 > Change-Id: Ic4eb02a96805e49da71f301269567a6e0ac1b843 > Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2519555 > Commit-Queue: Thibaud Michaud <thibaudm@chromium.org> > Reviewed-by: Zhi An Ng <zhin@chromium.org> > Reviewed-by: Igor Sheludko <ishell@chromium.org> > Reviewed-by: Andreas Haas <ahaas@chromium.org> > Cr-Commit-Position: refs/heads/master@{#72136} TBR=mseaborn@chromium.org,ahaas@chromium.org,mark@chromium.org,ishell@chromium.org,zhin@chromium.org,thibaudm@chromium.org Change-Id: I73d868f044f3c362e4a6d65533fccbdb49c51cd3 No-Presubmit: true No-Tree-Checks: true No-Try: true Bug: v8:11098 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2637216Reviewed-by: Michael Achenbach <machenbach@chromium.org> Commit-Queue: Michael Achenbach <machenbach@chromium.org> Cr-Commit-Position: refs/heads/master@{#72143}
-
- 18 Jan, 2021 1 commit
-
-
Thibaud Michaud authored
R=ahaas@chromium.org,mark@chromium.org,mseaborn@chromium.org Bug: v8:11098 Change-Id: Ic4eb02a96805e49da71f301269567a6e0ac1b843 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2519555 Commit-Queue: Thibaud Michaud <thibaudm@chromium.org> Reviewed-by: Zhi An Ng <zhin@chromium.org> Reviewed-by: Igor Sheludko <ishell@chromium.org> Reviewed-by: Andreas Haas <ahaas@chromium.org> Cr-Commit-Position: refs/heads/master@{#72136}
-
- 25 Nov, 2020 1 commit
-
-
Zhi An Ng authored
Also remove a comment referring to using the macro. Bug: v8:11074 Change-Id: Ib56a0360b28812833b372738f4956ef41c59a97b Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2557058Reviewed-by: Ross McIlroy <rmcilroy@chromium.org> Reviewed-by: Jakob Kummerow <jkummerow@chromium.org> Commit-Queue: Zhi An Ng <zhin@chromium.org> Cr-Commit-Position: refs/heads/master@{#71388}
-
- 09 Jun, 2020 1 commit
-
-
Ng Zhi An authored
Making them private was a way to hide the functions, we can explicitly delete them, which give a better compilation error message as well. Also see: https://stackoverflow.com/q/55205874 Bug: v8:10488 Change-Id: I27cb7b9aa3d2b90e1c05c1f12585f94c746cbdb1 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2233981 Commit-Queue: Zhi An Ng <zhin@chromium.org> Reviewed-by: Andreas Haas <ahaas@chromium.org> Cr-Commit-Position: refs/heads/master@{#68273}
-
- 08 Nov, 2019 1 commit
-
-
David Carlier authored
Using proper register (RIP) on this platform. Change-Id: Iaa0a25e328bd82c152db0ef3632523fd7d621020 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1857221Reviewed-by: Michael Achenbach <machenbach@chromium.org> Reviewed-by: Yang Guo <yangguo@chromium.org> Reviewed-by: Andreas Haas <ahaas@chromium.org> Commit-Queue: Andreas Haas <ahaas@chromium.org> Cr-Commit-Position: refs/heads/master@{#64863}
-
- 29 Nov, 2018 1 commit
-
-
Andreas Haas authored
The problem were missing V8_EXPORT_PRIVATE and V8_EXPORT. The unittests test if the trap handler only handles those traps it is supposed to handle: * Only handle traps when the thread-in-wasm flag is set. * Only handle traps of the right type, i.e. memory access violations. * Only handle traps at recorded instructions. The tests also test the consistency of the thread-in-wasm flag. I made one change in the trap handler where that consistency could be violated. All tests are executed with the default trap handler provided by V8, and with the trap handler callback installed in a test signal/exception handler. Patchset 1 is the original CL. R=mstarzinger@chromium.org Change-Id: I172d94f24cdba4c3a1f7f344825b059dbb59da79 Reviewed-on: https://chromium-review.googlesource.com/c/1351024Reviewed-by: Ulan Degenbaev <ulan@chromium.org> Reviewed-by: Michael Starzinger <mstarzinger@chromium.org> Commit-Queue: Andreas Haas <ahaas@chromium.org> Cr-Commit-Position: refs/heads/master@{#57947}
-
- 27 Nov, 2018 2 commits
-
-
Clemens Hammacher authored
This reverts commit 4644b32e. Reason for revert: Link errors on win64: https://ci.chromium.org/p/v8/builders/luci.v8.ci/V8%20Win64%20-%20debug/25950 Original change's description: > [wasm] Add more unit tests for trap handler > > The unittests test if the trap handler only handles those traps it > is supposed to handle: > * Only handle traps when the thread-in-wasm flag is set. > * Only handle traps of the right type, i.e. memory access violations. > * Only handle traps at recorded instructions. > > The tests also test the consistency of the thread-in-wasm flag. I made > one change in the trap handler where that consistency could be > violated. > > All tests are executed with the default trap handler provided by V8, > and with the trap handler callback installed in a test signal/exception > handler. > > Change-Id: I03904bb6effd2e8694d3f4d1fbf62bc38002646e > Reviewed-on: https://chromium-review.googlesource.com/c/1340246 > Commit-Queue: Andreas Haas <ahaas@chromium.org> > Reviewed-by: Michael Starzinger <mstarzinger@chromium.org> > Cr-Commit-Position: refs/heads/master@{#57858} TBR=mstarzinger@chromium.org,ahaas@chromium.org,mark@chromium.org Change-Id: Iac2f20c73744226885ea1810813863a21c5faf8c No-Presubmit: true No-Tree-Checks: true No-Try: true Reviewed-on: https://chromium-review.googlesource.com/c/1351021Reviewed-by: Clemens Hammacher <clemensh@chromium.org> Commit-Queue: Clemens Hammacher <clemensh@chromium.org> Cr-Commit-Position: refs/heads/master@{#57861}
-
Andreas Haas authored
The unittests test if the trap handler only handles those traps it is supposed to handle: * Only handle traps when the thread-in-wasm flag is set. * Only handle traps of the right type, i.e. memory access violations. * Only handle traps at recorded instructions. The tests also test the consistency of the thread-in-wasm flag. I made one change in the trap handler where that consistency could be violated. All tests are executed with the default trap handler provided by V8, and with the trap handler callback installed in a test signal/exception handler. Change-Id: I03904bb6effd2e8694d3f4d1fbf62bc38002646e Reviewed-on: https://chromium-review.googlesource.com/c/1340246 Commit-Queue: Andreas Haas <ahaas@chromium.org> Reviewed-by: Michael Starzinger <mstarzinger@chromium.org> Cr-Commit-Position: refs/heads/master@{#57858}
-
- 20 Nov, 2018 1 commit
-
-
Andreas Haas authored
In the chrome-side implementation I currently use the default trap handlers of V8, see https://crrev.com/c/1290955 Bug: chromium:906565 Cq-Include-Trybots: luci.chromium.try:linux_chromium_rel_ng Change-Id: I74c5a18c479ad1c69303d104ad4f040de436c4e7 Reviewed-on: https://chromium-review.googlesource.com/c/1282960 Commit-Queue: Andreas Haas <ahaas@chromium.org> Reviewed-by: Ben Titzer <titzer@chromium.org> Reviewed-by: Andreas Haas <ahaas@chromium.org> Cr-Commit-Position: refs/heads/master@{#57636}
-
- 26 Oct, 2018 1 commit
-
-
Andreas Haas authored
This CL refactors the existing trap handler code for Linux to allow a cleaner extension to Windows. 1) The CL extracts platform-specific code into separate files, see https://docs.google.com/document/d/1HCgKIpdjy_CEodTLvZ5VuykDI6gGTHrTtau2j0zwm28. Specifically this means: * Move posix-specific API functions from v8.h to v8-wasm-trap-handler-posix.h. Deprecate the existing TryHandleSignal API function. * Move posix-specific function declarations from trap-handler-internal.h to handler-inside-posix.h * Move posix-specific function definitions from handler-shared.cc to handler-outside-posix.cc 2) The CL changes filenames from *-linux.* to *-posix.*. I expect that most of the implementation for MacOS will be the same as for Linux. Bug: v8:6743 Cq-Include-Trybots: luci.chromium.try:linux_chromium_rel_ng Change-Id: I4bb7f199564a2f01042084d15a82311d11a93c7b Reviewed-on: https://chromium-review.googlesource.com/c/1280324 Commit-Queue: Andreas Haas <ahaas@chromium.org> Reviewed-by: Ben Titzer <titzer@chromium.org> Reviewed-by: Ulan Degenbaev <ulan@chromium.org> Cr-Commit-Position: refs/heads/master@{#57028}
-
- 04 May, 2018 1 commit
-
-
Eric Holk (eholk) authored
In preparing for adding trap-based bounds checking to Windows, this change refactors the code to separate the platform-specific portions from that which can be shared between platforms. Internally, we've renamed `RegisterDefaultSignalHandler` to `RegisterDefaultTrapHandler` to more accurately represent the difference in terminology between Linux (signals) and Windows (exceptions). The external API is left the same so as not to break downstream clients. This CL is primarily to make room for Windows support. Future CLs will begin adding support for Windows. This is a reincarnation of https://crrev.com/c/626558. Bug: v8:6743 Cq-Include-Trybots: luci.chromium.try:linux_chromium_rel_ng Change-Id: Iaa8bfd68c14cd1d17933b12c24cb8dd5ee8a21d6 Reviewed-on: https://chromium-review.googlesource.com/998829 Commit-Queue: Eric Holk <eholk@chromium.org> Reviewed-by: Brad Nelson <bradnelson@chromium.org> Cr-Commit-Position: refs/heads/master@{#53006}
-
- 14 Apr, 2018 1 commit
-
-
Jakob Kummerow authored
The "Address" type is V8's general-purpose type for manipulating memory addresses. Per the C++ spec, pointer arithmetic and pointer comparisons are undefined behavior except within the same array; since we generally don't operate within a C++ array, our general-purpose type shouldn't be a pointer type. Bug: v8:3770 Cq-Include-Trybots: luci.chromium.try:linux_chromium_rel_ng;master.tryserver.blink:linux_trusty_blink_rel Change-Id: Ib96016c24a0f18bcdba916dabd83e3f24a1b5779 Reviewed-on: https://chromium-review.googlesource.com/988657 Commit-Queue: Jakob Kummerow <jkummerow@chromium.org> Reviewed-by: Leszek Swirski <leszeks@chromium.org> Cr-Commit-Position: refs/heads/master@{#52601}
-
- 16 Oct, 2017 1 commit
-
-
Clemens Hammacher authored
Instead of modifying this flag in compiled wasm code, we can just change it in the caller / called code. This saves code space and compilation time and fixes the referenced bug. R=titzer@chromium.org, eholk@chromium.org Bug: chromium:773631, v8:5277 Change-Id: I095158ac01eecd21a92649a3990e8d7c593db912 Reviewed-on: https://chromium-review.googlesource.com/712597Reviewed-by: Ben Titzer <titzer@chromium.org> Reviewed-by: Eric Holk <eholk@chromium.org> Commit-Queue: Clemens Hammacher <clemensh@chromium.org> Cr-Commit-Position: refs/heads/master@{#48602}
-
- 11 Oct, 2017 3 commits
-
-
Eric Holk (eholk) authored
This is a reland of cc237d87 Original change's description: > Reland "[wasm] trap handlers: fall back on old signal handler" > > This is a reland of ee4fe896 > Original change's description: > > [wasm] trap handlers: fall back on old signal handler > > > > This is primarily needed to test D8 under ASan. ASan installs a signal handler > > early in the process startup to show stack traces from crashes. We need to make > > sure that if V8 does not handle a signal then the existing handler gets a > > chance. > > > > This change only applies when using V8's default signal handler. When > > integrating with the embedder's signal handler the behavior is unchanged. > > > > Bug: chromium:771948 > > Change-Id: Ifd560acf9700ec5f714f009530258fa92c83cabe > > Reviewed-on: https://chromium-review.googlesource.com/705823 > > Reviewed-by: Deepti Gandluri <gdeepti@chromium.org> > > Commit-Queue: Eric Holk <eholk@chromium.org> > > Cr-Commit-Position: refs/heads/master@{#48429} > > Bug: chromium:771948 > Change-Id: Ide307091c432fd933c48f89c51851b8dce44dd30 > Reviewed-on: https://chromium-review.googlesource.com/710114 > Reviewed-by: Deepti Gandluri <gdeepti@chromium.org> > Commit-Queue: Eric Holk <eholk@chromium.org> > Cr-Commit-Position: refs/heads/master@{#48435} Bug: chromium:771948 Change-Id: I781dfe356a728760090b6ccfa58212096e8f20c8 Reviewed-on: https://chromium-review.googlesource.com/713956Reviewed-by: Deepti Gandluri <gdeepti@chromium.org> Commit-Queue: Eric Holk <eholk@chromium.org> Cr-Commit-Position: refs/heads/master@{#48474}
-
Michael Achenbach authored
This reverts commit cc237d87. Reason for revert: breaks win clang: https://build.chromium.org/p/client.v8/builders/V8%20Win64%20-%20clang/builds/8538 Original change's description: > Reland "[wasm] trap handlers: fall back on old signal handler" > > This is a reland of ee4fe896 > Original change's description: > > [wasm] trap handlers: fall back on old signal handler > > > > This is primarily needed to test D8 under ASan. ASan installs a signal handler > > early in the process startup to show stack traces from crashes. We need to make > > sure that if V8 does not handle a signal then the existing handler gets a > > chance. > > > > This change only applies when using V8's default signal handler. When > > integrating with the embedder's signal handler the behavior is unchanged. > > > > Bug: chromium:771948 > > Change-Id: Ifd560acf9700ec5f714f009530258fa92c83cabe > > Reviewed-on: https://chromium-review.googlesource.com/705823 > > Reviewed-by: Deepti Gandluri <gdeepti@chromium.org> > > Commit-Queue: Eric Holk <eholk@chromium.org> > > Cr-Commit-Position: refs/heads/master@{#48429} > > Bug: chromium:771948 > Change-Id: Ide307091c432fd933c48f89c51851b8dce44dd30 > Reviewed-on: https://chromium-review.googlesource.com/710114 > Reviewed-by: Deepti Gandluri <gdeepti@chromium.org> > Commit-Queue: Eric Holk <eholk@chromium.org> > Cr-Commit-Position: refs/heads/master@{#48435} TBR=mseaborn@chromium.org,bradnelson@chromium.org,gdeepti@chromium.org,eholk@chromium.org,mark@chromium.org Change-Id: If71f61ae186fc6be2006edeb2dffd7e2b6827d91 No-Presubmit: true No-Tree-Checks: true No-Try: true Bug: chromium:771948 Reviewed-on: https://chromium-review.googlesource.com/711854Reviewed-by: Michael Achenbach <machenbach@chromium.org> Commit-Queue: Michael Achenbach <machenbach@chromium.org> Cr-Commit-Position: refs/heads/master@{#48436}
-
Eric Holk authored
This is a reland of ee4fe896 Original change's description: > [wasm] trap handlers: fall back on old signal handler > > This is primarily needed to test D8 under ASan. ASan installs a signal handler > early in the process startup to show stack traces from crashes. We need to make > sure that if V8 does not handle a signal then the existing handler gets a > chance. > > This change only applies when using V8's default signal handler. When > integrating with the embedder's signal handler the behavior is unchanged. > > Bug: chromium:771948 > Change-Id: Ifd560acf9700ec5f714f009530258fa92c83cabe > Reviewed-on: https://chromium-review.googlesource.com/705823 > Reviewed-by: Deepti Gandluri <gdeepti@chromium.org> > Commit-Queue: Eric Holk <eholk@chromium.org> > Cr-Commit-Position: refs/heads/master@{#48429} Bug: chromium:771948 Change-Id: Ide307091c432fd933c48f89c51851b8dce44dd30 Reviewed-on: https://chromium-review.googlesource.com/710114Reviewed-by: Deepti Gandluri <gdeepti@chromium.org> Commit-Queue: Eric Holk <eholk@chromium.org> Cr-Commit-Position: refs/heads/master@{#48435}
-
- 10 Oct, 2017 2 commits
-
-
Eric Holk authored
This reverts commit ee4fe896. Reason for revert: <INSERT REASONING HERE> Original change's description: > [wasm] trap handlers: fall back on old signal handler > > This is primarily needed to test D8 under ASan. ASan installs a signal handler > early in the process startup to show stack traces from crashes. We need to make > sure that if V8 does not handle a signal then the existing handler gets a > chance. > > This change only applies when using V8's default signal handler. When > integrating with the embedder's signal handler the behavior is unchanged. > > Bug: chromium:771948 > Change-Id: Ifd560acf9700ec5f714f009530258fa92c83cabe > Reviewed-on: https://chromium-review.googlesource.com/705823 > Reviewed-by: Deepti Gandluri <gdeepti@chromium.org> > Commit-Queue: Eric Holk <eholk@chromium.org> > Cr-Commit-Position: refs/heads/master@{#48429} TBR=mseaborn@chromium.org,bradnelson@chromium.org,gdeepti@chromium.org,eholk@chromium.org,mark@chromium.org Change-Id: Ib43b096831b15c312b3b460e59f268d5ea903f21 No-Presubmit: true No-Tree-Checks: true No-Try: true Bug: chromium:771948 Reviewed-on: https://chromium-review.googlesource.com/710034Reviewed-by: Eric Holk <eholk@chromium.org> Commit-Queue: Eric Holk <eholk@chromium.org> Cr-Commit-Position: refs/heads/master@{#48430}
-
Eric Holk authored
This is primarily needed to test D8 under ASan. ASan installs a signal handler early in the process startup to show stack traces from crashes. We need to make sure that if V8 does not handle a signal then the existing handler gets a chance. This change only applies when using V8's default signal handler. When integrating with the embedder's signal handler the behavior is unchanged. Bug: chromium:771948 Change-Id: Ifd560acf9700ec5f714f009530258fa92c83cabe Reviewed-on: https://chromium-review.googlesource.com/705823Reviewed-by: Deepti Gandluri <gdeepti@chromium.org> Commit-Queue: Eric Holk <eholk@chromium.org> Cr-Commit-Position: refs/heads/master@{#48429}
-
- 27 Sep, 2017 1 commit
-
-
Eric Holk (eholk) authored
This is the first of a series of refactoring CLs to make way for Windows trap handling support. See https://chromium-review.googlesource.com/c/v8/v8/+/626558 as well. Bug: Change-Id: I5fe9ef9c1cec58a81e51fcffbbe4419e0e298ab7 Reviewed-on: https://chromium-review.googlesource.com/644104Reviewed-by: Brad Nelson <bradnelson@chromium.org> Commit-Queue: Eric Holk <eholk@chromium.org> Cr-Commit-Position: refs/heads/master@{#48191}
-
- 19 Sep, 2017 1 commit
-
-
Eric Holk authored
This is primarily to aid in testing the Wasm out of bounds trap handler. We keep track of how many faults have been recovered by the Wasm trap handler. This count is exposed to JavaScript through a testing-only runtime function. This allows tests to verify whether the trap handler is actually running. Bug: v8:5277 Change-Id: Ie8037a36d84eb08166c6e40c7225d912683d5786 Reviewed-on: https://chromium-review.googlesource.com/665968 Commit-Queue: Eric Holk <eholk@chromium.org> Reviewed-by: Mircea Trofin <mtrofin@chromium.org> Cr-Commit-Position: refs/heads/master@{#48076}
-
- 13 Mar, 2017 3 commits
-
-
eholk authored
This is basically the minimum viable signal handler for Wasm bounds checks. It includes the TLS check and the fine grained instructions checks. These two checks provide most of the safety for the signal handler. Future CLs will add code range and data range checks for more robustness. The trap handling code and data structures are all in src/trap-handler, with the code that actually runs in the signal handler confined to src/trap-handler/signal-handler.cc. This changes adds a new V8 API that the embedder should call from a signal handler that will give V8 the chance to handle the fault first. For hosts that do not want to implement their own signal handler, we include the option to install a simple one. This simple handler is also used for the tests. When a Wasm module is instantiated, information about each function is passed to the trap handler, which is used to classify faults. These are removed during the instance finalizer. Several future enhancements are planned before turning this on by default. Obviously, the additional checks will be added to MaybeHandleFault. We are also planning to add a two-level CodeObjectData table that is grouped by isolates to make cleanup easier and also reduce potential for contending on a single data structure. BUG= https://bugs.chromium.org/p/v8/issues/detail?id=5277 Review-Url: https://codereview.chromium.org/2371833007 Cr-Original-Original-Commit-Position: refs/heads/master@{#43523} Committed: https://chromium.googlesource.com/v8/v8/+/a5af7fe9ee388a636675f4a6872b1d34fa7d1a7a Review-Url: https://codereview.chromium.org/2371833007 Cr-Original-Commit-Position: refs/heads/master@{#43755} Committed: https://chromium.googlesource.com/v8/v8/+/338622d7cae787a63cece1f2e79a8b030023940b Review-Url: https://codereview.chromium.org/2371833007 Cr-Commit-Position: refs/heads/master@{#43759}
-
eholk authored
Revert of [wasm] Initial signal handler (patchset #60 id:1170001 of https://codereview.chromium.org/2371833007/ ) Reason for revert: ASAN breakage, such as https://build.chromium.org/p/client.v8/builders/V8%20Linux64%20ASAN/builds/19111/steps/Check/logs/grow-memory Original issue's description: > [wasm] Initial signal handler > > This is basically the minimum viable signal handler for Wasm bounds checks. > It includes the TLS check and the fine grained instructions checks. These > two checks provide most of the safety for the signal handler. Future CLs will > add code range and data range checks for more robustness. > > The trap handling code and data structures are all in src/trap-handler, with > the code that actually runs in the signal handler confined to > src/trap-handler/signal-handler.cc. > > This changes adds a new V8 API that the embedder should call from a signal > handler that will give V8 the chance to handle the fault first. For hosts that > do not want to implement their own signal handler, we include the option to > install a simple one. This simple handler is also used for the tests. > > When a Wasm module is instantiated, information about each function is passed > to the trap handler, which is used to classify faults. These are removed during > the instance finalizer. > > Several future enhancements are planned before turning this on by default. > Obviously, the additional checks will be added to MaybeHandleFault. We are > also planning to add a two-level CodeObjectData table that is grouped by > isolates to make cleanup easier and also reduce potential for contending on > a single data structure. > > BUG= https://bugs.chromium.org/p/v8/issues/detail?id=5277 > > Review-Url: https://codereview.chromium.org/2371833007 > Cr-Original-Commit-Position: refs/heads/master@{#43523} > Committed: https://chromium.googlesource.com/v8/v8/+/a5af7fe9ee388a636675f4a6872b1d34fa7d1a7a > Review-Url: https://codereview.chromium.org/2371833007 > Cr-Commit-Position: refs/heads/master@{#43755} > Committed: https://chromium.googlesource.com/v8/v8/+/338622d7cae787a63cece1f2e79a8b030023940b TBR=ahaas@chromium.org,bradnelson@google.com,hpayer@chromium.org,jochen@chromium.org,mark@chromium.org,mseaborn@chromium.org,titzer@chromium.org # Skipping CQ checks because original CL landed less than 1 days ago. NOPRESUBMIT=true NOTREECHECKS=true NOTRY=true BUG= https://bugs.chromium.org/p/v8/issues/detail?id=5277 Review-Url: https://codereview.chromium.org/2744383002 Cr-Commit-Position: refs/heads/master@{#43757}
-
eholk authored
This is basically the minimum viable signal handler for Wasm bounds checks. It includes the TLS check and the fine grained instructions checks. These two checks provide most of the safety for the signal handler. Future CLs will add code range and data range checks for more robustness. The trap handling code and data structures are all in src/trap-handler, with the code that actually runs in the signal handler confined to src/trap-handler/signal-handler.cc. This changes adds a new V8 API that the embedder should call from a signal handler that will give V8 the chance to handle the fault first. For hosts that do not want to implement their own signal handler, we include the option to install a simple one. This simple handler is also used for the tests. When a Wasm module is instantiated, information about each function is passed to the trap handler, which is used to classify faults. These are removed during the instance finalizer. Several future enhancements are planned before turning this on by default. Obviously, the additional checks will be added to MaybeHandleFault. We are also planning to add a two-level CodeObjectData table that is grouped by isolates to make cleanup easier and also reduce potential for contending on a single data structure. BUG= https://bugs.chromium.org/p/v8/issues/detail?id=5277 Review-Url: https://codereview.chromium.org/2371833007 Cr-Original-Commit-Position: refs/heads/master@{#43523} Committed: https://chromium.googlesource.com/v8/v8/+/a5af7fe9ee388a636675f4a6872b1d34fa7d1a7a Review-Url: https://codereview.chromium.org/2371833007 Cr-Commit-Position: refs/heads/master@{#43755}
-
- 01 Mar, 2017 2 commits
-
-
bmeurer authored
Revert of [wasm] Initial signal handler (patchset #56 id:1090001 of https://codereview.chromium.org/2371833007/ ) Reason for revert: Breaks tree, i.e. https://build.chromium.org/p/client.v8/builders/V8%20Linux64%20ASAN/builds/18928/steps/Check/logs/grow-memory Original issue's description: > [wasm] Initial signal handler > > This is basically the minimum viable signal handler for Wasm bounds checks. > It includes the TLS check and the fine grained instructions checks. These > two checks provide most of the safety for the signal handler. Future CLs will > add code range and data range checks for more robustness. > > The trap handling code and data structures are all in src/trap-handler, with > the code that actually runs in the signal handler confined to > src/trap-handler/signal-handler.cc. > > This changes adds a new V8 API that the embedder should call from a signal > handler that will give V8 the chance to handle the fault first. For hosts that > do not want to implement their own signal handler, we include the option to > install a simple one. This simple handler is also used for the tests. > > When a Wasm module is instantiated, information about each function is passed > to the trap handler, which is used to classify faults. These are removed during > the instance finalizer. > > Several future enhancements are planned before turning this on by default. > Obviously, the additional checks will be added to MaybeHandleFault. We are > also planning to add a two-level CodeObjectData table that is grouped by > isolates to make cleanup easier and also reduce potential for contending on > a single data structure. > > BUG= https://bugs.chromium.org/p/v8/issues/detail?id=5277 > > Review-Url: https://codereview.chromium.org/2371833007 > Cr-Commit-Position: refs/heads/master@{#43523} > Committed: https://chromium.googlesource.com/v8/v8/+/a5af7fe9ee388a636675f4a6872b1d34fa7d1a7a TBR=ahaas@chromium.org,bradnelson@google.com,hpayer@chromium.org,jochen@chromium.org,mark@chromium.org,mseaborn@chromium.org,titzer@chromium.org,eholk@chromium.org # Skipping CQ checks because original CL landed less than 1 days ago. NOPRESUBMIT=true NOTREECHECKS=true NOTRY=true BUG= https://bugs.chromium.org/p/v8/issues/detail?id=5277 Review-Url: https://codereview.chromium.org/2723133003 Cr-Commit-Position: refs/heads/master@{#43525}
-
eholk authored
This is basically the minimum viable signal handler for Wasm bounds checks. It includes the TLS check and the fine grained instructions checks. These two checks provide most of the safety for the signal handler. Future CLs will add code range and data range checks for more robustness. The trap handling code and data structures are all in src/trap-handler, with the code that actually runs in the signal handler confined to src/trap-handler/signal-handler.cc. This changes adds a new V8 API that the embedder should call from a signal handler that will give V8 the chance to handle the fault first. For hosts that do not want to implement their own signal handler, we include the option to install a simple one. This simple handler is also used for the tests. When a Wasm module is instantiated, information about each function is passed to the trap handler, which is used to classify faults. These are removed during the instance finalizer. Several future enhancements are planned before turning this on by default. Obviously, the additional checks will be added to MaybeHandleFault. We are also planning to add a two-level CodeObjectData table that is grouped by isolates to make cleanup easier and also reduce potential for contending on a single data structure. BUG= https://bugs.chromium.org/p/v8/issues/detail?id=5277 Review-Url: https://codereview.chromium.org/2371833007 Cr-Commit-Position: refs/heads/master@{#43523}
-