Revert "Shorten TRAP_SEQUENCE() to one instruction on most platforms."
This reverts commit ffe0185ea67114e8f0809e0112412c5bea61320b.
Reason for revert: Causes test failures in official builds
Original change's description:
> Shorten TRAP_SEQUENCE() to one instruction on most platforms.
>
> Previously, TRAP_SEQUENCE() consisted of:
> - an instruction to trigger a debugger breakpoint
> - an instruction to ensure fatal termination (usually encoded as an
> illegal instruction)
>
> But all that's really needed is the latter, so eliminate the
> instruction to trigger the debugger breakpoint.
>
> Note: on Intel, the debugger breakpoint instruction (int3) is only one
> byte, while the fatal termination instruction (ud2) is two bytes.
> Unfortunately, crash reports seem to be indicating that int3 is
> non-fatal. Since it's important that TRAP_SEQUENCE() terminates, it
> cannot rely on int3.
>
> Bug: 958675
> Change-Id: I84b3123b07a9871dbd3b062fd73e79137b1ef6dd
> Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/1672227
> Reviewed-by: Mark Mentovai <[email protected]>
> Reviewed-by: Alex Moshchuk <[email protected]>
> Commit-Queue: Daniel Cheng <[email protected]>
> Cr-Commit-Position: refs/heads/master@{#678065}
[email protected],[email protected],[email protected],[email protected]
# Not skipping CQ checks because original CL landed > 1 day ago.
Bug: 958675, 985138
Change-Id: Ib9c3d09f6b2a5dc182cb125f90a7d9130c98e5be
Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/1713904
Reviewed-by: Reid Kleckner <[email protected]>
Reviewed-by: Daniel Cheng <[email protected]>
Commit-Queue: Reid Kleckner <[email protected]>
Cr-Commit-Position: refs/heads/master@{#679787}
diff --git a/base/immediate_crash.h b/base/immediate_crash.h
index 935fb00..94ee14f 100644
--- a/base/immediate_crash.h
+++ b/base/immediate_crash.h
@@ -33,33 +33,32 @@
// Note: this last bullet point may no longer be true, and may be removed in
// the future.
-// TODO(https://crbug.com/958675): TRAP_SEQUENCE_() was previously split into
-// two macro helpers to make it easier to simplify it to one instruction in
-// followups. TRAP_SEQUENCE2_() will be renamed and collapsed into
-// TRAP_SEQUENCE_() assuming nothing goes wrong...
+// Note: TRAP_SEQUENCE Is currently split into two macro helpers due to the fact
+// that clang emits an actual instruction for __builtin_unreachable() on certain
+// platforms (see https://crbug.com/958675). In addition, the int3/bkpt/brk will
+// be removed in followups, so splitting it up like this now makes it easy to
+// land the followups.
#if defined(COMPILER_GCC)
#if defined(OS_NACL)
// Crash report accuracy is not guaranteed on NaCl.
-#define TRAP_SEQUENCE2_() __builtin_trap()
+#define TRAP_SEQUENCE1_() __builtin_trap()
+#define TRAP_SEQUENCE2_() asm volatile("")
#elif defined(ARCH_CPU_X86_FAMILY)
-// In theory, it should be possible to use just int3. However, there are a
-// number of crashes with SIGILL as the exception code, so it seems likely that
-// there's a signal handler that allows execution to continue after SIGTRAP.
+// TODO(https://crbug.com/958675): In theory, it should be possible to use just
+// int3. However, there are a number of crashes with SIGILL as the exception
+// code, so it seems likely that there's a signal handler that allows execution
+// to continue after SIGTRAP.
+#define TRAP_SEQUENCE1_() asm volatile("int3")
#if defined(OS_MACOSX)
// Intentionally empty: __builtin_unreachable() is always part of the sequence
// (see IMMEDIATE_CRASH below) and already emits a ud2 on Mac.
#define TRAP_SEQUENCE2_() asm volatile("")
-#elif defined(OS_LINUX)
-// TODO(dcheng): Remove int3 on Linux as well. Removing it is preventing
-// IMMEDIATE_CRASH() from being detected as abnormal program termination on
-// Linux.
-#define TRAP_SEQUENCE2_() asm volatile("int3;ud2")
#else
#define TRAP_SEQUENCE2_() asm volatile("ud2")
#endif // defined(OS_MACOSX)
@@ -70,22 +69,23 @@
// as a 32 bit userspace app on arm64. There doesn't seem to be any way to
// cause a SIGTRAP from userspace without using a syscall (which would be a
// problem for sandboxing).
-// TODO(dcheng): This likely will no longer generate a SIGTRAP, update this
-// comment to what it does generate?
+// TODO(https://crbug.com/958675): Remove bkpt from this sequence.
+#define TRAP_SEQUENCE1_() asm volatile("bkpt #0")
#define TRAP_SEQUENCE2_() asm volatile("udf #0")
#elif defined(ARCH_CPU_ARM64)
// This will always generate a SIGTRAP on arm64.
-// TODO(dcheng): This likely will no longer generate a SIGTRAP, update this
-// comment to what it does generate?
+// TODO(https://crbug.com/958675): Remove brk from this sequence.
+#define TRAP_SEQUENCE1_() asm volatile("brk #0")
#define TRAP_SEQUENCE2_() asm volatile("hlt #0")
#else
// Crash report accuracy will not be guaranteed on other architectures, but at
// least this will crash as expected.
-#define TRAP_SEQUENCE2_() __builtin_trap()
+#define TRAP_SEQUENCE1_() __builtin_trap()
+#define TRAP_SEQUENCE2_() asm volatile("")
#endif // ARCH_CPU_*
@@ -94,16 +94,20 @@
#if !defined(__clang__)
// MSVC x64 doesn't support inline asm, so use the MSVC intrinsic.
-#define TRAP_SEQUENCE2_() __debugbreak()
+#define TRAP_SEQUENCE1_() __debugbreak()
+#define TRAP_SEQUENCE2_()
#elif defined(ARCH_CPU_ARM64)
+#define TRAP_SEQUENCE1_() __asm volatile("brk #0\n")
// Intentionally empty: __builtin_unreachable() is always part of the sequence
// (see IMMEDIATE_CRASH below) and already emits a ud2 on Win64
#define TRAP_SEQUENCE2_() __asm volatile("")
#else
+#define TRAP_SEQUENCE1_() asm volatile("int3")
+
#if defined(ARCH_CPU_64_BITS)
// Intentionally empty: __builtin_unreachable() is always part of the sequence
// (see IMMEDIATE_CRASH below) and already emits a ud2 on Win64
@@ -122,6 +126,7 @@
#define TRAP_SEQUENCE_() \
do { \
+ TRAP_SEQUENCE1_(); \
TRAP_SEQUENCE2_(); \
} while (false)
diff --git a/base/immediate_crash_unittest.cc b/base/immediate_crash_unittest.cc
index 1b538ae..8fc9d38 100644
--- a/base/immediate_crash_unittest.cc
+++ b/base/immediate_crash_unittest.cc
@@ -38,19 +38,14 @@
NativeLibraryLoadError load_error;
FilePath helper_library_path;
#if !defined(OS_ANDROID) && !defined(OS_FUCHSIA)
- // Appending the library name to DIR_EXE isn't necessary on all platforms (and
- // can even break in some places):
- // - on Android M, DIR_EXE == /system/bin when running base_unittests.
- // - on Fuchsia, NativeLibrary knows where to look already, since it
- // understands the platform convention that libraries are not colocated with
- // the binary.
+ // On Android M, DIR_EXE == /system/bin when running base_unittests.
+ // On Fuchsia, NativeLibrary understands the native convention that libraries
+ // are not colocated with the binary.
ASSERT_TRUE(PathService::Get(DIR_EXE, &helper_library_path));
#endif
helper_library_path = helper_library_path.AppendASCII(
GetNativeLibraryName("immediate_crash_test_helper"));
#if defined(OS_ANDROID) && defined(COMPONENT_BUILD)
- // Android component builds use a unique shared library suffix to avoid naming
- // collisions.
helper_library_path = helper_library_path.ReplaceExtension(".cr.so");
#endif
// TODO(dcheng): Shouldn't GetNativeLibraryName just return a FilePath?
@@ -91,10 +86,8 @@
// Look for two IMMEDIATE_CRASH() opcode sequences.
for (int i = 0; i < 2; ++i) {
-#if defined(OS_LINUX)
- // INT3
+ // INT 3
EXPECT_EQ(0xCC, *++it);
-#endif // defined(OS_LINUX)
// UD2
EXPECT_EQ(0x0F, *++it);
EXPECT_EQ(0x0B, *++it);
@@ -127,6 +120,8 @@
// Look for two IMMEDIATE_CRASH() opcode sequences.
for (int i = 0; i < 2; ++i) {
+ // BKPT #0
+ EXPECT_EQ(0xBE00, *++it);
// UDF #0
EXPECT_EQ(0xDE00, *++it);
}
@@ -148,6 +143,8 @@
// Look for two IMMEDIATE_CRASH() opcode sequences.
for (int i = 0; i < 2; ++i) {
+ // BRK #0
+ EXPECT_EQ(0XD4200000, *++it);
// HLT #0
EXPECT_EQ(0xD4400000, *++it);
}
diff --git a/content/browser/utility_process_host_browsertest.cc b/content/browser/utility_process_host_browsertest.cc
index 862c4e5..0c9fd30 100644
--- a/content/browser/utility_process_host_browsertest.cc
+++ b/content/browser/utility_process_host_browsertest.cc
@@ -125,11 +125,8 @@
const ChildProcessTerminationInfo& info) override {
DCHECK_CURRENTLY_ON(BrowserThread::UI);
#if defined(OS_WIN)
- EXPECT_EQ(EXCEPTION_ILLEGAL_INSTRUCTION, DWORD{info.exit_code});
-#elif defined(OS_MACOSX)
- EXPECT_TRUE(WIFSIGNALED(info.exit_code));
- EXPECT_EQ(SIGILL, WTERMSIG(info.exit_code));
-#elif defined(OS_LINUX)
+ EXPECT_EQ(EXCEPTION_BREAKPOINT, DWORD{info.exit_code});
+#elif defined(OS_MACOSX) || defined(OS_LINUX)
EXPECT_TRUE(WIFSIGNALED(info.exit_code));
EXPECT_EQ(SIGTRAP, WTERMSIG(info.exit_code));
#endif
