From 631b66190bb378e64f49f49cc7eebfd306210f16 Mon Sep 17 00:00:00 2001 From: "ishell@chromium.org" Date: Mon, 12 May 2014 19:32:12 +0000 Subject: [PATCH] v8::TryCatch now works correctly with ASAN's UseAfterReturn mode enabled. BUG=chromium:369962 LOG=N R=jkummerow@chromium.org Review URL: https://codereview.chromium.org/273383003 git-svn-id: https://v8.googlecode.com/svn/branches/bleeding_edge@21273 ce2b1a6d-e550-0410-aec6-3dcde31c8c00 --- include/v8.h | 3 +++ src/api.cc | 18 ++++++++++++++++++ src/base/macros.h | 10 ++++++---- src/isolate.cc | 5 +++-- src/zone.h | 5 ----- 5 files changed, 30 insertions(+), 11 deletions(-) diff --git a/include/v8.h b/include/v8.h index e089b4181..e56e42be9 100644 --- a/include/v8.h +++ b/include/v8.h @@ -5076,6 +5076,8 @@ class V8_EXPORT TryCatch { void SetCaptureMessage(bool value); private: + TryCatch* DesanitizedThis(); + // Make it hard to create heap-allocated TryCatch blocks. TryCatch(const TryCatch&); void operator=(const TryCatch&); @@ -5087,6 +5089,7 @@ class V8_EXPORT TryCatch { void* exception_; void* message_obj_; void* message_script_; + void* asan_fake_stack_handle_; int message_start_pos_; int message_end_pos_; bool is_verbose_ : 1; diff --git a/src/api.cc b/src/api.cc index 7f1276dee..493c71ce4 100644 --- a/src/api.cc +++ b/src/api.cc @@ -6,6 +6,9 @@ #include // For memcpy, strlen. #include // For isnan. +#ifdef V8_USE_ADDRESS_SANITIZER +#include +#endif // V8_USE_ADDRESS_SANITIZER #include "../include/v8-debug.h" #include "../include/v8-profiler.h" #include "../include/v8-testing.h" @@ -1819,6 +1822,16 @@ v8::TryCatch::~TryCatch() { } +v8::TryCatch* v8::TryCatch::DesanitizedThis() { +#ifdef V8_USE_ADDRESS_SANITIZER + return TRY_CATCH_FROM_ADDRESS( + __asan_addr_is_in_fake_stack(asan_fake_stack_handle_, this, NULL, NULL)); +#else + return this; +#endif +} + + bool v8::TryCatch::HasCaught() const { return !reinterpret_cast(exception_)->IsTheHole(); } @@ -1893,6 +1906,11 @@ void v8::TryCatch::Reset() { message_script_ = the_hole; message_start_pos_ = 0; message_end_pos_ = 0; +#ifdef V8_USE_ADDRESS_SANITIZER + asan_fake_stack_handle_ = __asan_get_current_fake_stack(); +#else + asan_fake_stack_handle_ = NULL; +#endif } diff --git a/src/base/macros.h b/src/base/macros.h index b99f01b23..fa522fb94 100644 --- a/src/base/macros.h +++ b/src/base/macros.h @@ -54,15 +54,17 @@ #define MUST_USE_RESULT V8_WARN_UNUSED_RESULT -// Define DISABLE_ASAN macros. +// Define V8_USE_ADDRESS_SANITIZER macros. #if defined(__has_feature) #if __has_feature(address_sanitizer) -#define DISABLE_ASAN __attribute__((no_sanitize_address)) +#define V8_USE_ADDRESS_SANITIZER 1 #endif #endif - -#ifndef DISABLE_ASAN +// Define DISABLE_ASAN macros. +#ifdef V8_USE_ADDRESS_SANITIZER +#define DISABLE_ASAN __attribute__((no_sanitize_address)) +#else #define DISABLE_ASAN #endif diff --git a/src/isolate.cc b/src/isolate.cc index 06df1f67c..898f43c16 100644 --- a/src/isolate.cc +++ b/src/isolate.cc @@ -272,13 +272,14 @@ void Isolate::RegisterTryCatchHandler(v8::TryCatch* that) { // JS stack. When running without the simulator, the address // returned will be the address of the C++ try catch handler itself. Address address = reinterpret_cast
( - SimulatorStack::RegisterCTryCatch(reinterpret_cast(that))); + SimulatorStack::RegisterCTryCatch(reinterpret_cast( + that->DesanitizedThis()))); thread_local_top()->set_try_catch_handler_address(address); } void Isolate::UnregisterTryCatchHandler(v8::TryCatch* that) { - ASSERT(thread_local_top()->TryCatchHandler() == that); + ASSERT(thread_local_top()->TryCatchHandler() == that->DesanitizedThis()); thread_local_top()->set_try_catch_handler_address( reinterpret_cast
(that->next_)); thread_local_top()->catcher_ = NULL; diff --git a/src/zone.h b/src/zone.h index 573e13e1d..d3a1b578a 100644 --- a/src/zone.h +++ b/src/zone.h @@ -15,11 +15,6 @@ namespace v8 { namespace internal { -#if defined(__has_feature) - #if __has_feature(address_sanitizer) - #define V8_USE_ADDRESS_SANITIZER - #endif -#endif class Segment; class Isolate; -- 2.34.1