components/nacl/loader/nonsfi/irt_exception_handling.cc - Issue 230413002: NonSFI NaCl: Plumb Exception IRT enough for breakpad.

Side by Side Diff: components/nacl/loader/nonsfi/irt_exception_handling.cc

Issue 230413002: NonSFI NaCl: Plumb Exception IRT enough for breakpad. (Closed) Base URL: svn://svn.chromium.org/chrome/trunk/src

Patch Set: review comments Created 6 years, 8 months ago

Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.

Jump to:

View unified diff | Download patch | Annotate | Revision Log

« chrome/test/nacl/nacl_browsertest.cc ('K') | « components/nacl/loader/nonsfi/irt_exception_handling.h ('k') | components/nacl/loader/nonsfi/irt_interfaces.h » ('j') | components/nacl/loader/nonsfi/irt_thread.cc » ('J')
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Hide Comments ('s')

OLD	NEW
(Empty)
	1 // Copyright 2014 The Chromium Authors. All rights reserved.

	2 // Use of this source code is governed by a BSD-style license that can be

	3 // found in the LICENSE file.

	4 #include <errno.h>
	Mark Seaborn 2014/04/23 03:49:50 Nit: add empty line between boilerplate and first Nit: add empty line between boilerplate and first #include Junichi Uekawa 2014/04/23 07:56:15 Done. Show quoted text On 2014/04/23 03:49:50, Mark Seaborn wrote: > Nit: add empty line between boilerplate and first #include Done.
	5 #include <signal.h>

	6

	7 #include <map>
	Mark Seaborn 2014/04/23 03:49:50 Not used? Not used? Junichi Uekawa 2014/04/23 07:56:15 Done. Show quoted text On 2014/04/23 03:49:50, Mark Seaborn wrote: > Not used? Done.
	8

	9 #include "components/nacl/loader/nonsfi/irt_interfaces.h"

	10 #include "native_client/src/include/nacl_macros.h"

	11 #include "native_client/src/trusted/service_runtime/nacl_exception.h"

	12 #include "native_client/src/trusted/service_runtime/nacl_signal.h"

	13

	14 namespace nacl {

	15 namespace nonsfi {

	16 namespace {

	17

	18 // This is NonSFI version of exception handling codebase, NaCl side of

	19 // things resides in:

	20 // native_client/src/trusted/service_runtime/linux/nacl_signal.c

	21 // native_client/src/trusted/service_runtime/sys_exception.c

	22

	23 // TODO(uekawa): The list of signals to be handled might need updating.
	Mark Seaborn 2014/04/23 03:49:50 It should be OK (so you can remove this TODO). An It should be OK (so you can remove this TODO). Any hypothetical omissions we can find by improving the test coverage later. Junichi Uekawa 2014/04/23 07:56:15 Done. Show quoted text On 2014/04/23 03:49:50, Mark Seaborn wrote: > It should be OK (so you can remove this TODO). Any hypothetical omissions we > can find by improving the test coverage later. Done.
	24 // NonSFI NaCl does not use NACL_THREAD_SUSPEND_SIGNAL (==SIGUSR1) (??check??)
	Mark Seaborn 2014/04/23 03:49:50 Correct. That's used for thread suspension, curre Correct. That's used for thread suspension, currently used for NaCl's GDB debug stub, which we don't use in Non-SFI NaCl. Junichi Uekawa 2014/04/23 07:56:15 I've re-wrote the comment with the context. Show quoted text On 2014/04/23 03:49:50, Mark Seaborn wrote: > Correct. That's used for thread suspension, currently used for NaCl's GDB debug > stub, which we don't use in Non-SFI NaCl. I've re-wrote the comment with the context.
	25 // and SIGSYS is reserved for seccomp-bpf.

	26 static const int kSignals[] = {

	27 SIGSTKFLT,

	28 SIGINT, SIGQUIT, SIGILL, SIGTRAP, SIGBUS, SIGFPE, SIGSEGV,

	29 // Handle SIGABRT in case someone sends it asynchronously using kill().

	30 SIGABRT

	31 };

	32

	33 NaClExceptionHandler signal_handler_function_pointer = NULL;

	34

	35 // Signal handler, responsible for calling the registered handlers.

	36 static void SignalCatch(int sig, siginfo_t info, void uc) {
	Mark Seaborn 2014/04/23 03:49:50 Nit: use Chromium-style "* " spacing Nit: use Chromium-style "* " spacing Junichi Uekawa 2014/04/23 07:56:15 Done. Show quoted text On 2014/04/23 03:49:50, Mark Seaborn wrote: > Nit: use Chromium-style "* " spacing Done.
	37 if (signal_handler_function_pointer) {

	38 // TODO(uekawa): Whether to add dependency or copy the implementation?
	Mark Seaborn 2014/04/23 03:49:50 Adding the dependency isn't ideal but it's OK for Adding the dependency isn't ideal but it's OK for now. Eventually we'll want to move the IRT interface implementations to the NaCl repo (where they will be more easily testable). Then maybe we can refactor this so that it's not depending on part of service_runtime. Junichi Uekawa 2014/04/23 07:56:15 I've pondered of not adding a dependency; it intro Show quoted text On 2014/04/23 03:49:50, Mark Seaborn wrote: > Adding the dependency isn't ideal but it's OK for now. Eventually we'll want to > move the IRT interface implementations to the NaCl repo (where they will be more > easily testable). Then maybe we can refactor this so that it's not depending on > part of service_runtime. I've pondered of not adding a dependency; it introduces yet another list of registers for all architectures, so I would prefer doing a refactor after we are inside native_client repo. https://codereview.chromium.org/248463005/
	39 NaClSignalContext signal_context;

	40 NaClSignalContextFromHandler(&signal_context, uc);

	41 // Is this safe to allocate this on stack ?
	Mark Seaborn 2014/04/23 03:49:50 Yes Yes Junichi Uekawa 2014/04/23 07:56:15 thanks Show quoted text On 2014/04/23 03:49:50, Mark Seaborn wrote: > Yes thanks
	42 NaClExceptionFrame exception_frame;

	43 NaClSignalSetUpExceptionFrame(&exception_frame,

	44 &signal_context,

	45 0 /* context_user_addr, what is this? */);
	Mark Seaborn 2014/04/23 03:49:50 This parameter doesn't apply if we're calling user This parameter doesn't apply if we're calling user code's handler function from C. Junichi Uekawa 2014/04/23 07:56:15 I think we don't need this for nonsfi NaCl, but pr Show quoted text On 2014/04/23 03:49:50, Mark Seaborn wrote: > This parameter doesn't apply if we're calling user code's handler function from > C. I think we don't need this for nonsfi NaCl, but probably won't hurt to leave it as it is either.
	46

	47 signal_handler_function_pointer(&exception_frame.context);

	48 }

	49 // TODO(uekawa): Only exit on crash signals?
	Mark Seaborn 2014/04/23 03:49:50 All the signals you're handling are crash signals All the signals you're handling are crash signals Junichi Uekawa 2014/04/23 07:56:15 Removed the comment. Show quoted text On 2014/04/23 03:49:50, Mark Seaborn wrote: > All the signals you're handling are crash signals Removed the comment.
	50 _exit(-1);

	51 }

	52

	53 static int IrtExceptionHandler(NaClExceptionHandler handler,

	54 NaClExceptionHandler *old_handler) {

	55 // TODO(uekawa): Do I need to have a mutex lock?
	Mark Seaborn 2014/04/23 03:49:50 You could use AtomicExchange from base/atomicops.h You could use AtomicExchange from base/atomicops.h Junichi Uekawa 2014/04/23 07:56:15 after staring at AtomicExchange, I don't think thi Show quoted text On 2014/04/23 03:49:50, Mark Seaborn wrote: > You could use AtomicExchange from base/atomicops.h after staring at AtomicExchange, I don't think this is worth it (unless we are running on 386 which doesn't have atomic word writes). Mark Seaborn 2014/04/24 23:39:27 But setting the new handler and getting the old on Show quoted text On 2014/04/23 07:56:15, uekawa wrote: > On 2014/04/23 03:49:50, Mark Seaborn wrote: > > You could use AtomicExchange from base/atomicops.h > > after staring at AtomicExchange, I don't think this is worth it (unless > we are running on 386 which doesn't have atomic word writes). But setting the new handler and getting the old one might be expected to be atomic overall, so you should either use a mutex (as your earlier comment suggested) or use AtomicExchange. Junichi Uekawa 2014/04/25 01:06:09 Done. Show quoted text On 2014/04/24 23:39:27, Mark Seaborn wrote: > On 2014/04/23 07:56:15, uekawa wrote: > > On 2014/04/23 03:49:50, Mark Seaborn wrote: > > > You could use AtomicExchange from base/atomicops.h > > > > after staring at AtomicExchange, I don't think this is worth it (unless > > we are running on 386 which doesn't have atomic word writes). > > But setting the new handler and getting the old one might be expected to be > atomic overall, so you should either use a mutex (as your earlier comment > suggested) or use AtomicExchange. Done.
	56 if (old_handler)

	57 *old_handler = signal_handler_function_pointer;

	58 signal_handler_function_pointer = handler;

	59 return 0;

	60 }

	61

	62 static int IrtExceptionStack(void *stack, size_t size) {

	63 // TODO(uekawa): I think we shouldn't implement this until we really

	64 // need it. IrtThreadCreate allocates sigaltstack already, and

	65 // there is no legitimate reason I can think of that you would want

	66 // to reallocate an altstack. Note that

	67 // native_client/src/tests/exception_test/exception_crash_test.c

	68 // wants to use this but we are not running that test yet.

	69 return -EINVAL;
	Mark Seaborn 2014/04/23 03:49:50 This could return 0, since it's mostly-OK as a no- This could return 0, since it's mostly-OK as a no-op. That would prevent crash reporter libraries from failing on startup if this returns an error. Junichi Uekawa 2014/04/23 07:56:15 Done. Show quoted text On 2014/04/23 03:49:50, Mark Seaborn wrote: > This could return 0, since it's mostly-OK as a no-op. That would prevent crash > reporter libraries from failing on startup if this returns an error. Done.
	70 }

	71

	72 static int IrtExceptionClearFlag(void) {

	73 // TODO(uekawa): I think we shouldn't implement this until we really

	74 // need it.

	75 return -EINVAL;
	Mark Seaborn 2014/04/23 03:49:50 ENOSYS would be more appropriate ENOSYS would be more appropriate Junichi Uekawa 2014/04/23 07:56:15 Done. Show quoted text On 2014/04/23 03:49:50, Mark Seaborn wrote: > ENOSYS would be more appropriate Done.
	76 }

	77

	78 } // namespace

	79

	80 const struct nacl_irt_exception_handling kIrtExceptionHandling = {

	81 IrtExceptionHandler,

	82 IrtExceptionStack,

	83 IrtExceptionClearFlag,

	84 };

	85

	86 void InitializeSignalHandler(void) {
	Mark Seaborn 2014/04/23 03:49:50 Nit: Should be "()" rather than "(void)" in C++. Nit: Should be "()" rather than "(void)" in C++. (There's only a difference in C.) Junichi Uekawa 2014/04/23 07:56:15 Done. Show quoted text On 2014/04/23 03:49:50, Mark Seaborn wrote: > Nit: Should be "()" rather than "(void)" in C++. (There's only a difference in > C.) Done.
	87 struct sigaction sa;

	88 unsigned int a;

	89

	90 memset(&sa, 0, sizeof(sa));

	91 sigemptyset(&sa.sa_mask);

	92 sa.sa_sigaction = SignalCatch;

	93 sa.sa_flags = SA_ONSTACK \| SA_SIGINFO;

	94

	95 // Mask all signals we catch to prevent re-entry.

	96 for (a = 0; a < NACL_ARRAY_SIZE(kSignals); a++) {

	97 sigaddset(&sa.sa_mask, kSignals[a]);

	98 }

	99

	100 // Install all handlers.

	101 for (a = 0; a < NACL_ARRAY_SIZE(kSignals); a++) {

	102 if (sigaction(kSignals[a], &sa, NULL) != 0)

	103 perror("sigaction");
	Mark Seaborn 2014/04/23 03:49:50 This should be a fatal error, otherwise this would This should be a fatal error, otherwise this would be ignored too easily Junichi Uekawa 2014/04/23 07:56:15 Done. Show quoted text On 2014/04/23 03:49:50, Mark Seaborn wrote: > This should be a fatal error, otherwise this would be ignored too easily Done.
	104 }

	105 }

	106

	107 } // namespace nonsfi

	108 } // namespace nacl

OLD	NEW