1. 04 May, 2018 1 commit
    • Eric Holk (eholk)'s avatar
      [wasm] Refactor trap handlers to make way for Windows support · bb60967e
      Eric Holk (eholk) authored
      In preparing for adding trap-based bounds checking to Windows, this
      change refactors the code to separate the platform-specific portions
      from that which can be shared between platforms.
      
      Internally, we've renamed `RegisterDefaultSignalHandler` to
      `RegisterDefaultTrapHandler` to more accurately represent the
      difference in terminology between Linux (signals) and Windows
      (exceptions). The external API is left the same so as not to break
      downstream clients.
      
      This CL is primarily to make room for Windows support. Future CLs
      will begin adding support for Windows.
      
      This is a reincarnation of https://crrev.com/c/626558.
      
      Bug: v8:6743
      Cq-Include-Trybots: luci.chromium.try:linux_chromium_rel_ng
      Change-Id: Iaa8bfd68c14cd1d17933b12c24cb8dd5ee8a21d6
      Reviewed-on: https://chromium-review.googlesource.com/998829
      Commit-Queue: Eric Holk <eholk@chromium.org>
      Reviewed-by: 's avatarBrad Nelson <bradnelson@chromium.org>
      Cr-Commit-Position: refs/heads/master@{#53006}
      bb60967e
  2. 14 Apr, 2018 1 commit
    • Jakob Kummerow's avatar
      [ubsan] Change Address typedef to uintptr_t · 2459046c
      Jakob Kummerow authored
      The "Address" type is V8's general-purpose type for manipulating memory
      addresses. Per the C++ spec, pointer arithmetic and pointer comparisons
      are undefined behavior except within the same array; since we generally
      don't operate within a C++ array, our general-purpose type shouldn't be
      a pointer type.
      
      Bug: v8:3770
      Cq-Include-Trybots: luci.chromium.try:linux_chromium_rel_ng;master.tryserver.blink:linux_trusty_blink_rel
      Change-Id: Ib96016c24a0f18bcdba916dabd83e3f24a1b5779
      Reviewed-on: https://chromium-review.googlesource.com/988657
      Commit-Queue: Jakob Kummerow <jkummerow@chromium.org>
      Reviewed-by: 's avatarLeszek Swirski <leszeks@chromium.org>
      Cr-Commit-Position: refs/heads/master@{#52601}
      2459046c
  3. 16 Oct, 2017 1 commit
  4. 11 Oct, 2017 3 commits
    • Eric Holk (eholk)'s avatar
      Reland "Reland "[wasm] trap handlers: fall back on old signal handler"" · 1117da83
      Eric Holk (eholk) authored
      This is a reland of cc237d87
      Original change's description:
      > Reland "[wasm] trap handlers: fall back on old signal handler"
      > 
      > This is a reland of ee4fe896
      > Original change's description:
      > > [wasm] trap handlers: fall back on old signal handler
      > > 
      > > This is primarily needed to test D8 under ASan. ASan installs a signal handler
      > > early in the process startup to show stack traces from crashes. We need to make
      > > sure that if V8 does not handle a signal then the existing handler gets a
      > > chance.
      > > 
      > > This change only applies when using V8's default signal handler. When
      > > integrating with the embedder's signal handler the behavior is unchanged.
      > > 
      > > Bug: chromium:771948
      > > Change-Id: Ifd560acf9700ec5f714f009530258fa92c83cabe
      > > Reviewed-on: https://chromium-review.googlesource.com/705823
      > > Reviewed-by: Deepti Gandluri <gdeepti@chromium.org>
      > > Commit-Queue: Eric Holk <eholk@chromium.org>
      > > Cr-Commit-Position: refs/heads/master@{#48429}
      > 
      > Bug: chromium:771948
      > Change-Id: Ide307091c432fd933c48f89c51851b8dce44dd30
      > Reviewed-on: https://chromium-review.googlesource.com/710114
      > Reviewed-by: Deepti Gandluri <gdeepti@chromium.org>
      > Commit-Queue: Eric Holk <eholk@chromium.org>
      > Cr-Commit-Position: refs/heads/master@{#48435}
      
      Bug: chromium:771948
      Change-Id: I781dfe356a728760090b6ccfa58212096e8f20c8
      Reviewed-on: https://chromium-review.googlesource.com/713956Reviewed-by: 's avatarDeepti Gandluri <gdeepti@chromium.org>
      Commit-Queue: Eric Holk <eholk@chromium.org>
      Cr-Commit-Position: refs/heads/master@{#48474}
      1117da83
    • Michael Achenbach's avatar
      Revert "Reland "[wasm] trap handlers: fall back on old signal handler"" · 33d4e209
      Michael Achenbach authored
      This reverts commit cc237d87.
      
      Reason for revert: breaks win clang:
      https://build.chromium.org/p/client.v8/builders/V8%20Win64%20-%20clang/builds/8538
      
      Original change's description:
      > Reland "[wasm] trap handlers: fall back on old signal handler"
      > 
      > This is a reland of ee4fe896
      > Original change's description:
      > > [wasm] trap handlers: fall back on old signal handler
      > > 
      > > This is primarily needed to test D8 under ASan. ASan installs a signal handler
      > > early in the process startup to show stack traces from crashes. We need to make
      > > sure that if V8 does not handle a signal then the existing handler gets a
      > > chance.
      > > 
      > > This change only applies when using V8's default signal handler. When
      > > integrating with the embedder's signal handler the behavior is unchanged.
      > > 
      > > Bug: chromium:771948
      > > Change-Id: Ifd560acf9700ec5f714f009530258fa92c83cabe
      > > Reviewed-on: https://chromium-review.googlesource.com/705823
      > > Reviewed-by: Deepti Gandluri <gdeepti@chromium.org>
      > > Commit-Queue: Eric Holk <eholk@chromium.org>
      > > Cr-Commit-Position: refs/heads/master@{#48429}
      > 
      > Bug: chromium:771948
      > Change-Id: Ide307091c432fd933c48f89c51851b8dce44dd30
      > Reviewed-on: https://chromium-review.googlesource.com/710114
      > Reviewed-by: Deepti Gandluri <gdeepti@chromium.org>
      > Commit-Queue: Eric Holk <eholk@chromium.org>
      > Cr-Commit-Position: refs/heads/master@{#48435}
      
      TBR=mseaborn@chromium.org,bradnelson@chromium.org,gdeepti@chromium.org,eholk@chromium.org,mark@chromium.org
      
      Change-Id: If71f61ae186fc6be2006edeb2dffd7e2b6827d91
      No-Presubmit: true
      No-Tree-Checks: true
      No-Try: true
      Bug: chromium:771948
      Reviewed-on: https://chromium-review.googlesource.com/711854Reviewed-by: 's avatarMichael Achenbach <machenbach@chromium.org>
      Commit-Queue: Michael Achenbach <machenbach@chromium.org>
      Cr-Commit-Position: refs/heads/master@{#48436}
      33d4e209
    • Eric Holk's avatar
      Reland "[wasm] trap handlers: fall back on old signal handler" · cc237d87
      Eric Holk authored
      This is a reland of ee4fe896
      Original change's description:
      > [wasm] trap handlers: fall back on old signal handler
      > 
      > This is primarily needed to test D8 under ASan. ASan installs a signal handler
      > early in the process startup to show stack traces from crashes. We need to make
      > sure that if V8 does not handle a signal then the existing handler gets a
      > chance.
      > 
      > This change only applies when using V8's default signal handler. When
      > integrating with the embedder's signal handler the behavior is unchanged.
      > 
      > Bug: chromium:771948
      > Change-Id: Ifd560acf9700ec5f714f009530258fa92c83cabe
      > Reviewed-on: https://chromium-review.googlesource.com/705823
      > Reviewed-by: Deepti Gandluri <gdeepti@chromium.org>
      > Commit-Queue: Eric Holk <eholk@chromium.org>
      > Cr-Commit-Position: refs/heads/master@{#48429}
      
      Bug: chromium:771948
      Change-Id: Ide307091c432fd933c48f89c51851b8dce44dd30
      Reviewed-on: https://chromium-review.googlesource.com/710114Reviewed-by: 's avatarDeepti Gandluri <gdeepti@chromium.org>
      Commit-Queue: Eric Holk <eholk@chromium.org>
      Cr-Commit-Position: refs/heads/master@{#48435}
      cc237d87
  5. 10 Oct, 2017 2 commits
    • Eric Holk's avatar
      Revert "[wasm] trap handlers: fall back on old signal handler" · 0a97c51f
      Eric Holk authored
      This reverts commit ee4fe896.
      
      Reason for revert: <INSERT REASONING HERE>
      
      Original change's description:
      > [wasm] trap handlers: fall back on old signal handler
      > 
      > This is primarily needed to test D8 under ASan. ASan installs a signal handler
      > early in the process startup to show stack traces from crashes. We need to make
      > sure that if V8 does not handle a signal then the existing handler gets a
      > chance.
      > 
      > This change only applies when using V8's default signal handler. When
      > integrating with the embedder's signal handler the behavior is unchanged.
      > 
      > Bug: chromium:771948
      > Change-Id: Ifd560acf9700ec5f714f009530258fa92c83cabe
      > Reviewed-on: https://chromium-review.googlesource.com/705823
      > Reviewed-by: Deepti Gandluri <gdeepti@chromium.org>
      > Commit-Queue: Eric Holk <eholk@chromium.org>
      > Cr-Commit-Position: refs/heads/master@{#48429}
      
      TBR=mseaborn@chromium.org,bradnelson@chromium.org,gdeepti@chromium.org,eholk@chromium.org,mark@chromium.org
      
      Change-Id: Ib43b096831b15c312b3b460e59f268d5ea903f21
      No-Presubmit: true
      No-Tree-Checks: true
      No-Try: true
      Bug: chromium:771948
      Reviewed-on: https://chromium-review.googlesource.com/710034Reviewed-by: 's avatarEric Holk <eholk@chromium.org>
      Commit-Queue: Eric Holk <eholk@chromium.org>
      Cr-Commit-Position: refs/heads/master@{#48430}
      0a97c51f
    • Eric Holk's avatar
      [wasm] trap handlers: fall back on old signal handler · ee4fe896
      Eric Holk authored
      This is primarily needed to test D8 under ASan. ASan installs a signal handler
      early in the process startup to show stack traces from crashes. We need to make
      sure that if V8 does not handle a signal then the existing handler gets a
      chance.
      
      This change only applies when using V8's default signal handler. When
      integrating with the embedder's signal handler the behavior is unchanged.
      
      Bug: chromium:771948
      Change-Id: Ifd560acf9700ec5f714f009530258fa92c83cabe
      Reviewed-on: https://chromium-review.googlesource.com/705823Reviewed-by: 's avatarDeepti Gandluri <gdeepti@chromium.org>
      Commit-Queue: Eric Holk <eholk@chromium.org>
      Cr-Commit-Position: refs/heads/master@{#48429}
      ee4fe896
  6. 27 Sep, 2017 1 commit
  7. 19 Sep, 2017 1 commit
  8. 13 Mar, 2017 3 commits
    • eholk's avatar
      [wasm] Initial signal handler · 118c376f
      eholk authored
      This is basically the minimum viable signal handler for Wasm bounds checks.
      It includes the TLS check and the fine grained instructions checks. These
      two checks provide most of the safety for the signal handler. Future CLs will
      add code range and data range checks for more robustness.
      
      The trap handling code and data structures are all in src/trap-handler, with
      the code that actually runs in the signal handler confined to
      src/trap-handler/signal-handler.cc.
      
      This changes adds a new V8 API that the embedder should call from a signal
      handler that will give V8 the chance to handle the fault first. For hosts that
      do not want to implement their own signal handler, we include the option to
      install a simple one. This simple handler is also used for the tests.
      
      When a Wasm module is instantiated, information about each function is passed
      to the trap handler, which is used to classify faults. These are removed during
      the instance finalizer.
      
      Several future enhancements are planned before turning this on by default.
      Obviously, the additional checks will be added to MaybeHandleFault. We are
      also planning to add a two-level CodeObjectData table that is grouped by
      isolates to make cleanup easier and also reduce potential for contending on
      a single data structure.
      
      BUG= https://bugs.chromium.org/p/v8/issues/detail?id=5277
      
      Review-Url: https://codereview.chromium.org/2371833007
      Cr-Original-Original-Commit-Position: refs/heads/master@{#43523}
      Committed: https://chromium.googlesource.com/v8/v8/+/a5af7fe9ee388a636675f4a6872b1d34fa7d1a7a
      Review-Url: https://codereview.chromium.org/2371833007
      Cr-Original-Commit-Position: refs/heads/master@{#43755}
      Committed: https://chromium.googlesource.com/v8/v8/+/338622d7cae787a63cece1f2e79a8b030023940b
      Review-Url: https://codereview.chromium.org/2371833007
      Cr-Commit-Position: refs/heads/master@{#43759}
      118c376f
    • eholk's avatar
      Revert of [wasm] Initial signal handler (patchset #60 id:1170001 of... · aba151b9
      eholk authored
      Revert of [wasm] Initial signal handler (patchset #60 id:1170001 of https://codereview.chromium.org/2371833007/ )
      
      Reason for revert:
      ASAN breakage, such as https://build.chromium.org/p/client.v8/builders/V8%20Linux64%20ASAN/builds/19111/steps/Check/logs/grow-memory
      
      Original issue's description:
      > [wasm] Initial signal handler
      >
      > This is basically the minimum viable signal handler for Wasm bounds checks.
      > It includes the TLS check and the fine grained instructions checks. These
      > two checks provide most of the safety for the signal handler. Future CLs will
      > add code range and data range checks for more robustness.
      >
      > The trap handling code and data structures are all in src/trap-handler, with
      > the code that actually runs in the signal handler confined to
      > src/trap-handler/signal-handler.cc.
      >
      > This changes adds a new V8 API that the embedder should call from a signal
      > handler that will give V8 the chance to handle the fault first. For hosts that
      > do not want to implement their own signal handler, we include the option to
      > install a simple one. This simple handler is also used for the tests.
      >
      > When a Wasm module is instantiated, information about each function is passed
      > to the trap handler, which is used to classify faults. These are removed during
      > the instance finalizer.
      >
      > Several future enhancements are planned before turning this on by default.
      > Obviously, the additional checks will be added to MaybeHandleFault. We are
      > also planning to add a two-level CodeObjectData table that is grouped by
      > isolates to make cleanup easier and also reduce potential for contending on
      > a single data structure.
      >
      > BUG= https://bugs.chromium.org/p/v8/issues/detail?id=5277
      >
      > Review-Url: https://codereview.chromium.org/2371833007
      > Cr-Original-Commit-Position: refs/heads/master@{#43523}
      > Committed: https://chromium.googlesource.com/v8/v8/+/a5af7fe9ee388a636675f4a6872b1d34fa7d1a7a
      > Review-Url: https://codereview.chromium.org/2371833007
      > Cr-Commit-Position: refs/heads/master@{#43755}
      > Committed: https://chromium.googlesource.com/v8/v8/+/338622d7cae787a63cece1f2e79a8b030023940b
      
      TBR=ahaas@chromium.org,bradnelson@google.com,hpayer@chromium.org,jochen@chromium.org,mark@chromium.org,mseaborn@chromium.org,titzer@chromium.org
      # Skipping CQ checks because original CL landed less than 1 days ago.
      NOPRESUBMIT=true
      NOTREECHECKS=true
      NOTRY=true
      BUG= https://bugs.chromium.org/p/v8/issues/detail?id=5277
      
      Review-Url: https://codereview.chromium.org/2744383002
      Cr-Commit-Position: refs/heads/master@{#43757}
      aba151b9
    • eholk's avatar
      [wasm] Initial signal handler · 338622d7
      eholk authored
      This is basically the minimum viable signal handler for Wasm bounds checks.
      It includes the TLS check and the fine grained instructions checks. These
      two checks provide most of the safety for the signal handler. Future CLs will
      add code range and data range checks for more robustness.
      
      The trap handling code and data structures are all in src/trap-handler, with
      the code that actually runs in the signal handler confined to
      src/trap-handler/signal-handler.cc.
      
      This changes adds a new V8 API that the embedder should call from a signal
      handler that will give V8 the chance to handle the fault first. For hosts that
      do not want to implement their own signal handler, we include the option to
      install a simple one. This simple handler is also used for the tests.
      
      When a Wasm module is instantiated, information about each function is passed
      to the trap handler, which is used to classify faults. These are removed during
      the instance finalizer.
      
      Several future enhancements are planned before turning this on by default.
      Obviously, the additional checks will be added to MaybeHandleFault. We are
      also planning to add a two-level CodeObjectData table that is grouped by
      isolates to make cleanup easier and also reduce potential for contending on
      a single data structure.
      
      BUG= https://bugs.chromium.org/p/v8/issues/detail?id=5277
      
      Review-Url: https://codereview.chromium.org/2371833007
      Cr-Original-Commit-Position: refs/heads/master@{#43523}
      Committed: https://chromium.googlesource.com/v8/v8/+/a5af7fe9ee388a636675f4a6872b1d34fa7d1a7a
      Review-Url: https://codereview.chromium.org/2371833007
      Cr-Commit-Position: refs/heads/master@{#43755}
      338622d7
  9. 01 Mar, 2017 2 commits
    • bmeurer's avatar
      Revert of [wasm] Initial signal handler (patchset #56 id:1090001 of... · 0b3e554e
      bmeurer authored
      Revert of [wasm] Initial signal handler (patchset #56 id:1090001 of https://codereview.chromium.org/2371833007/ )
      
      Reason for revert:
      Breaks tree, i.e. https://build.chromium.org/p/client.v8/builders/V8%20Linux64%20ASAN/builds/18928/steps/Check/logs/grow-memory
      
      Original issue's description:
      > [wasm] Initial signal handler
      >
      > This is basically the minimum viable signal handler for Wasm bounds checks.
      > It includes the TLS check and the fine grained instructions checks. These
      > two checks provide most of the safety for the signal handler. Future CLs will
      > add code range and data range checks for more robustness.
      >
      > The trap handling code and data structures are all in src/trap-handler, with
      > the code that actually runs in the signal handler confined to
      > src/trap-handler/signal-handler.cc.
      >
      > This changes adds a new V8 API that the embedder should call from a signal
      > handler that will give V8 the chance to handle the fault first. For hosts that
      > do not want to implement their own signal handler, we include the option to
      > install a simple one. This simple handler is also used for the tests.
      >
      > When a Wasm module is instantiated, information about each function is passed
      > to the trap handler, which is used to classify faults. These are removed during
      > the instance finalizer.
      >
      > Several future enhancements are planned before turning this on by default.
      > Obviously, the additional checks will be added to MaybeHandleFault. We are
      > also planning to add a two-level CodeObjectData table that is grouped by
      > isolates to make cleanup easier and also reduce potential for contending on
      > a single data structure.
      >
      > BUG= https://bugs.chromium.org/p/v8/issues/detail?id=5277
      >
      > Review-Url: https://codereview.chromium.org/2371833007
      > Cr-Commit-Position: refs/heads/master@{#43523}
      > Committed: https://chromium.googlesource.com/v8/v8/+/a5af7fe9ee388a636675f4a6872b1d34fa7d1a7a
      
      TBR=ahaas@chromium.org,bradnelson@google.com,hpayer@chromium.org,jochen@chromium.org,mark@chromium.org,mseaborn@chromium.org,titzer@chromium.org,eholk@chromium.org
      # Skipping CQ checks because original CL landed less than 1 days ago.
      NOPRESUBMIT=true
      NOTREECHECKS=true
      NOTRY=true
      BUG= https://bugs.chromium.org/p/v8/issues/detail?id=5277
      
      Review-Url: https://codereview.chromium.org/2723133003
      Cr-Commit-Position: refs/heads/master@{#43525}
      0b3e554e
    • eholk's avatar
      [wasm] Initial signal handler · a5af7fe9
      eholk authored
      This is basically the minimum viable signal handler for Wasm bounds checks.
      It includes the TLS check and the fine grained instructions checks. These
      two checks provide most of the safety for the signal handler. Future CLs will
      add code range and data range checks for more robustness.
      
      The trap handling code and data structures are all in src/trap-handler, with
      the code that actually runs in the signal handler confined to
      src/trap-handler/signal-handler.cc.
      
      This changes adds a new V8 API that the embedder should call from a signal
      handler that will give V8 the chance to handle the fault first. For hosts that
      do not want to implement their own signal handler, we include the option to
      install a simple one. This simple handler is also used for the tests.
      
      When a Wasm module is instantiated, information about each function is passed
      to the trap handler, which is used to classify faults. These are removed during
      the instance finalizer.
      
      Several future enhancements are planned before turning this on by default.
      Obviously, the additional checks will be added to MaybeHandleFault. We are
      also planning to add a two-level CodeObjectData table that is grouped by
      isolates to make cleanup easier and also reduce potential for contending on
      a single data structure.
      
      BUG= https://bugs.chromium.org/p/v8/issues/detail?id=5277
      
      Review-Url: https://codereview.chromium.org/2371833007
      Cr-Commit-Position: refs/heads/master@{#43523}
      a5af7fe9