Give v8 a chance to handle signals

V8 is starting to use guard regions and a signal handler to do out of bounds checks for WebAssembly. This means out of bounds accesses will trigger a segmentation fault, but V8 is able to recover from these and throw a Javascript exception instead. In order to do this, V8 needs to cooperate with any existing signal handlers. This CL modifies Chromium's signal handlers to call V8's TryHandleSignal function before taking any other actions so that V8 is able to recover from the faults it expects. BUG= chromium:722585, v8:5277 Review-Url: https://codereview.chromium.org/2885053005 Cr-Commit-Position: refs/heads/master@{#487549}

Give v8 a chance to handle signals
V8 is starting to use guard regions and a signal handler to do out of bounds checks for WebAssembly. This means out of bounds accesses will trigger a segmentation fault, but V8 is able to recover from these and throw a Javascript exception instead. In order to do this, V8 needs to cooperate with any existing signal handlers. This CL modifies Chromium's signal handlers to call V8's TryHandleSignal function before taking any other actions so that V8 is able to recover from the faults it expects. BUG= chromium:722585, v8:5277 Review-Url: https://codereview.chromium.org/2885053005 Cr-Commit-Position: refs/heads/master@{#487549}
978f6fdb · eholk · Commit Bot · 9ecc7ea6 · 978f6fdb · 978f6fdb
Commit 978f6fdb authored Jul 18, 2017 by eholk Committed by Commit Bot Jul 18, 2017
4 changed files
--- a/chrome/app/BUILD.gn
+++ b/chrome/app/BUILD.gn
@@ -335,6 +335,7 @@ static_library("test_support") {
    "//printing/features",
    "//services/service_manager/embedder",
    "//ui/base",
+    "//v8:v8_headers",
  ]

  if (is_mac) {

--- a/chrome/app/chrome_main_delegate.cc
+++ b/chrome/app/chrome_main_delegate.cc
@@ -138,6 +138,7 @@

 #if defined(OS_POSIX) && !defined(OS_MACOSX)
 #include "components/crash/content/app/breakpad_linux.h"
+#include "v8/include/v8.h"
 #endif

 #if defined(OS_LINUX)
@@ -570,6 +571,9 @@ bool ChromeMainDelegate::BasicStartupComplete(int* exit_code) {
 #if defined(OS_WIN) && !defined(CHROME_MULTIPLE_DLL_BROWSER)
  v8_breakpad_support::SetUp();
 #endif
+#if defined(OS_LINUX) && !defined(OS_ANDROID)
+  breakpad::SetFirstChanceExceptionHandler(v8::V8::TryHandleSignal);
+#endif

 #if defined(OS_POSIX)
  if (HandleVersionSwitches(command_line)) {

--- a/components/crash/content/app/breakpad_linux.cc
+++ b/components/crash/content/app/breakpad_linux.cc
@@ -2099,4 +2099,8 @@ bool IsCrashReporterEnabled() {
  return g_is_crash_reporter_enabled;
 }

+void SetFirstChanceExceptionHandler(bool (*handler)(int, void*, void*)) {
+  google_breakpad::SetFirstChanceExceptionHandler(handler);
+}
+
 }  // namespace breakpad
--- a/components/crash/content/app/breakpad_linux.h
+++ b/components/crash/content/app/breakpad_linux.h
@@ -61,6 +61,10 @@ bool IsCrashReporterEnabled();

 // Generates a minidump on demand for this process, writing it to |dump_fd|.
 void GenerateMinidumpOnDemandForAndroid(int dump_fd);
+
+// Install a handler that gets a change to handle faults before Breakpad does
+// any processing. This is used by V8 for trap-based bounds checks.
+void SetFirstChanceExceptionHandler(bool (*handler)(int, void*, void*));
 }  // namespace breakpad

 #endif  // COMPONENTS_CRASH_CONTENT_APP_BREAKPAD_LINUX_H_