Diff
Modified: branches/safari-537.73-branch/Source/WebCore/ChangeLog (158226 => 158227)
--- branches/safari-537.73-branch/Source/WebCore/ChangeLog 2013-10-29 21:30:39 UTC (rev 158226)
+++ branches/safari-537.73-branch/Source/WebCore/ChangeLog 2013-10-29 21:41:41 UTC (rev 158227)
@@ -1,5 +1,37 @@
2013-10-28 Brent Fulgham <[email protected]>
+
+ Merge r155221.
+
+
+ 2013-09-06 Brent Fulgham <[email protected]>
+
+ [Windows] StructuredExceptionHandlerSuppressor Causes Bad Interactions with Support Libraries
+ https://bugs.webkit.org/show_bug.cgi?id=120901
+
+ Reviewed by Anders Carlsson.
+
+ Change from old "crash on any exception" implementation to a new version that leaves normal
+ exception handling infrastructure in place for use by support libraries. We check exceptions
+ and decide whether to abort or not based on the failure type.
+
+ * WebCore.vcxproj/WebCore.vcxproj: Add new implementation files.
+ * WebCore.vcxproj/WebCore.vcxproj.filters: Ditto.
+ * platform/graphics/ca/win/LayerChangesFlusher.cpp:
+ (WebCore::LayerChangesFlusher::hookCallback): Allocate handler struct on stack.
+ * platform/win/StructuredExceptionHandlerSuppressor.cpp: Added.
+ (exceptionShouldTerminateProgram): New.
+ (exceptionHandler): New.
+ (WebCore::StructuredExceptionHandlerSuppressor::StructuredExceptionHandlerSuppressor): Moved
+ from header, and updated to add our new exception handler.
+ (WebCore::StructuredExceptionHandlerSuppressor::~StructuredExceptionHandlerSuppressor): Moved
+ from header.
+ * platform/win/StructuredExceptionHandlerSuppressor.h: Move implementation of constructor and
+ destructor from header file.
+ * platform/win/makesafeseh.asm: Added.
+
+2013-10-28 Brent Fulgham <[email protected]>
+
Merge r155215.
2013-09-06 Brent Fulgham <[email protected]>
Modified: branches/safari-537.73-branch/Source/WebCore/WebCore.vcxproj/WebCore.vcxproj (158226 => 158227)
--- branches/safari-537.73-branch/Source/WebCore/WebCore.vcxproj/WebCore.vcxproj 2013-10-29 21:30:39 UTC (rev 158226)
+++ branches/safari-537.73-branch/Source/WebCore/WebCore.vcxproj/WebCore.vcxproj 2013-10-29 21:41:41 UTC (rev 158227)
@@ -58,6 +58,7 @@
</PropertyGroup>
<Import Project="$(VCTargetsPath)\Microsoft.Cpp.props" />
<ImportGroup Label="ExtensionSettings">
+ <Import Project="$(VCTargetsPath)\BuildCustomizations\masm.props" />
</ImportGroup>
<ImportGroup Condition="'$(Configuration)|$(Platform)'=='Release|Win32'" Label="PropertySheets">
<Import Project="$(UserRootDir)\Microsoft.Cpp.$(Platform).user.props" Condition="exists('$(UserRootDir)\Microsoft.Cpp.$(Platform).user.props')" Label="LocalAppDataPlatform" />
@@ -4180,6 +4181,7 @@
<ClCompile Include="..\platform\win\SharedBufferWin.cpp" />
<ClCompile Include="..\platform\win\SharedTimerWin.cpp" />
<ClCompile Include="..\platform\win\SoundWin.cpp" />
+ <ClCompile Include="..\platform\win\StructuredExceptionHandlerSuppressor.cpp" />
<ClCompile Include="..\platform\win\SystemInfo.cpp" />
<ClCompile Include="..\platform\win\TemporaryLinkStubs.cpp" />
<ClCompile Include="..\platform\win\WCDataObject.cpp">
@@ -13281,6 +13283,9 @@
<None Include="..\css\mediaControls.css" />
<None Include="..\css\plugIns.css" />
<None Include="..\css\quirks.css" />
+ <MASM Include="..\platform\win\makesafeseh.asm">
+ <FileType>Document</FileType>
+ </MASM>
<None Include="..\xml\XPathGrammar.y" />
<None Include="..\bindings\scripts\CodeGenerator.pm" />
<None Include="..\bindings\scripts\CodeGeneratorJS.pm" />
@@ -13553,5 +13558,6 @@
</ItemGroup>
<Import Project="$(VCTargetsPath)\Microsoft.Cpp.targets" />
<ImportGroup Label="ExtensionTargets">
+ <Import Project="$(VCTargetsPath)\BuildCustomizations\masm.targets" />
</ImportGroup>
-</Project>
+</Project>
\ No newline at end of file
Modified: branches/safari-537.73-branch/Source/WebCore/WebCore.vcxproj/WebCore.vcxproj.filters (158226 => 158227)
--- branches/safari-537.73-branch/Source/WebCore/WebCore.vcxproj/WebCore.vcxproj.filters 2013-10-29 21:30:39 UTC (rev 158226)
+++ branches/safari-537.73-branch/Source/WebCore/WebCore.vcxproj/WebCore.vcxproj.filters 2013-10-29 21:41:41 UTC (rev 158227)
@@ -6790,7 +6790,6 @@
<ClCompile Include="..\page\CaptionUserPreferencesMediaAF.cpp">
<Filter>page</Filter>
</ClCompile>
- <ClCompile Include="$(ConfigurationBuildDir)\obj32\$(ProjectName)\DerivedSources\JSSVGGraphicsElement.cpp" />
<ClCompile Include="..\platform\graphics\avfoundation\cf\InbandTextTrackPrivateAVCF.cpp">
<Filter>platform\graphics\avfoundation\cf</Filter>
</ClCompile>
@@ -6800,6 +6799,9 @@
<ClCompile Include="..\platform\graphics\avfoundation\cf\InbandTextTrackPrivateLegacyAVCF.cpp">
<Filter>platform\graphics\avfoundation\cf</Filter>
</ClCompile>
+ <ClCompile Include="..\platform\win\StructuredExceptionHandlerSuppressor.cpp">
+ <Filter>platform\win</Filter>
+ </ClCompile>
</ItemGroup>
<ItemGroup>
<ClInclude Include="..\Modules\filesystem\AsyncFileWriter.h">
@@ -15221,4 +15223,9 @@
<Filter>rendering</Filter>
</CustomBuildStep>
</ItemGroup>
-</Project>
+ <ItemGroup>
+ <MASM Include="..\platform\win\makesafeseh.asm">
+ <Filter>platform\win</Filter>
+ </MASM>
+ </ItemGroup>
+</Project>
\ No newline at end of file
Modified: branches/safari-537.73-branch/Source/WebCore/platform/graphics/ca/win/LayerChangesFlusher.cpp (158226 => 158227)
--- branches/safari-537.73-branch/Source/WebCore/platform/graphics/ca/win/LayerChangesFlusher.cpp 2013-10-29 21:30:39 UTC (rev 158226)
+++ branches/safari-537.73-branch/Source/WebCore/platform/graphics/ca/win/LayerChangesFlusher.cpp 2013-10-29 21:41:41 UTC (rev 158227)
@@ -1,5 +1,5 @@
/*
- * Copyright (C) 2011 Apple Inc. All rights reserved.
+ * Copyright (C) 2011, 2013 Apple Inc. All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
@@ -74,7 +74,8 @@
{
// Supress the exception handler Windows puts around all hook calls so we can
// crash for debugging purposes if an exception is hit.
- StructuredExceptionHandlerSuppressor supressor;
+ ExceptionRegistration registrationStruct; // Note: must be stack allocated.
+ StructuredExceptionHandlerSuppressor supressor(registrationStruct);
return shared().hookFired(code, wParam, lParam);
}
Copied: branches/safari-537.73-branch/Source/WebCore/platform/win/StructuredExceptionHandlerSuppressor.cpp (from rev 155226, trunk/Source/WebCore/platform/win/StructuredExceptionHandlerSuppressor.cpp) (0 => 158227)
--- branches/safari-537.73-branch/Source/WebCore/platform/win/StructuredExceptionHandlerSuppressor.cpp (rev 0)
+++ branches/safari-537.73-branch/Source/WebCore/platform/win/StructuredExceptionHandlerSuppressor.cpp 2013-10-29 21:41:41 UTC (rev 158227)
@@ -0,0 +1,134 @@
+/*
+ * Copyright (C) 2013 Apple Inc. All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ *
+ * THIS SOFTWARE IS PROVIDED BY APPLE INC. ``AS IS'' AND ANY
+ * EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL APPLE COMPUTER, INC. OR
+ * CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL,
+ * EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO,
+ * PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR
+ * PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY
+ * OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+ * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+ * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ */
+
+#include "config.h"
+
+#include "StructuredExceptionHandlerSuppressor.h"
+
+extern "C" int __stdcall exceptionHandlerThunk(); // Defined in makesafeseh.asm
+
+static bool exceptionShouldTerminateProgram(int code)
+{
+ switch (code) {
+#ifndef NDEBUG
+ case EXCEPTION_DATATYPE_MISALIGNMENT:
+ case EXCEPTION_FLT_DENORMAL_OPERAND:
+ case EXCEPTION_FLT_DIVIDE_BY_ZERO:
+ case EXCEPTION_FLT_INEXACT_RESULT:
+ case EXCEPTION_FLT_INVALID_OPERATION:
+ case EXCEPTION_FLT_OVERFLOW:
+ case EXCEPTION_FLT_STACK_CHECK:
+ case EXCEPTION_FLT_UNDERFLOW:
+#endif
+ case EXCEPTION_ACCESS_VIOLATION:
+ case EXCEPTION_ARRAY_BOUNDS_EXCEEDED:
+ case EXCEPTION_INT_DIVIDE_BY_ZERO:
+ case EXCEPTION_INT_OVERFLOW:
+ case EXCEPTION_PRIV_INSTRUCTION:
+ case EXCEPTION_IN_PAGE_ERROR:
+ case EXCEPTION_ILLEGAL_INSTRUCTION:
+ case EXCEPTION_NONCONTINUABLE_EXCEPTION:
+ case EXCEPTION_STACK_OVERFLOW:
+ case EXCEPTION_INVALID_DISPOSITION:
+ case EXCEPTION_GUARD_PAGE:
+ case EXCEPTION_INVALID_HANDLE:
+ return true;
+ };
+
+ return false;
+}
+
+extern "C" EXCEPTION_DISPOSITION __stdcall exceptionHandler(struct _EXCEPTION_RECORD* exceptionRecord, void* /*establisherFrame*/, struct _CONTEXT* /*contextRecord*/, void* /*dispatcherContext*/)
+{
+ if (exceptionShouldTerminateProgram(exceptionRecord->ExceptionCode))
+ abort();
+
+ return ExceptionContinueSearch;
+}
+
+namespace WebCore {
+
+#pragma warning(push)
+#pragma warning(disable: 4733) // Disable "not registered as safe handler" warning
+
+StructuredExceptionHandlerSuppressor::StructuredExceptionHandlerSuppressor(ExceptionRegistration& exceptionRegistration)
+{
+ // Note: Windows requires that the EXCEPTION_REGISTRATION block (modeled here as our
+ // ExceptionRegistration struct) be stack allocated. Therefore we instantiated it prior
+ // to building this object so that Windows can still find it in stack memory when it
+ // attempts to use the handler.
+
+ // Windows puts an __try/__except block around some calls, such as hooks.
+ // The exception handler then ignores system exceptions like invalid addresses
+ // and null pointers. This class can be used to remove this block and prevent
+ // it from catching the exception. Typically this will cause the exception to crash
+ // which is often desirable to allow crashlogs to be recorded for debugging purposed.
+ // While this class is in scope we replace the Windows exception handler with a custom
+ // handler that indicates exceptions that should not be handled.
+ //
+ // See http://www.microsoft.com/msj/0197/Exception/Exception.aspx,
+ // http://www.microsoft.com/msj/archive/S2CE.aspx
+ // http://www.hexblog.com/wp-content/uploads/2012/06/Recon-2012-Skochinsky-Compiler-Internals.pdf
+ // http://www.codeproject.com/Articles/2126/How-a-C-compiler-implements-exception-handling
+
+ // Windows doesn't like assigning to member variables, so we need to get the value into
+ // a local variable and store it afterwards.
+ void* registration;
+
+ // Note: The FS register on Windows always holds the Thread Information Block.
+ // FS:[0] points to the structured exception handling chain (a chain of
+ // EXCEPTION_REGISTRATION structs).
+ //
+ // struct EXCEPTION_REGISTRATION
+ // {
+ // DWORD next;
+ // DWORD handler;
+ // };
+ //
+ // The first four bytes of FS:[0] point to the 'Next' member in the chain. Grab it so we can restore it later.
+ __asm mov eax, FS:[0]
+ __asm mov [registration], eax
+
+ exceptionRegistration.prev = (ExceptionRegistration*)registration;
+ exceptionRegistration.handler = (void*)exceptionHandlerThunk;
+
+ void* erStructMem = &exceptionRegistration;
+
+ __asm mov eax, erStructMem
+ __asm mov FS:[0], eax
+
+ m_savedExceptionRegistration = registration;
+}
+
+StructuredExceptionHandlerSuppressor::~StructuredExceptionHandlerSuppressor()
+{
+ // Restore the exception handler
+ __asm mov eax, [m_savedExceptionRegistration]
+ __asm mov FS:[0], eax
+}
+
+#pragma warning(pop)
+
+}
Modified: branches/safari-537.73-branch/Source/WebCore/platform/win/StructuredExceptionHandlerSuppressor.h (158226 => 158227)
--- branches/safari-537.73-branch/Source/WebCore/platform/win/StructuredExceptionHandlerSuppressor.h 2013-10-29 21:30:39 UTC (rev 158226)
+++ branches/safari-537.73-branch/Source/WebCore/platform/win/StructuredExceptionHandlerSuppressor.h 2013-10-29 21:41:41 UTC (rev 158227)
@@ -26,51 +26,28 @@
#ifndef StructuredExceptionHandlerSuppressor_h
#define StructuredExceptionHandlerSuppressor_h
+#include <excpt.h>
+#include <wtf/Noncopyable.h>
+
+extern "C" EXCEPTION_DISPOSITION __stdcall exceptionHandler(struct _EXCEPTION_RECORD* exceptionRecord, void* establisherFrame, struct _CONTEXT* contextRecord, void* dispatcherContext);
+
namespace WebCore {
-#pragma warning(push)
-#pragma warning(disable: 4733) // Disable "not registered as safe handler" warning
+struct ExceptionRegistration {
+ ExceptionRegistration* prev;
+ void* handler;
+};
class StructuredExceptionHandlerSuppressor {
WTF_MAKE_NONCOPYABLE(StructuredExceptionHandlerSuppressor);
public:
- StructuredExceptionHandlerSuppressor()
- {
- // Windows puts an __try/__except block around some calls, such as hooks.
- // The exception handler then ignores system exceptions like invalid addresses
- // and null pointers. This class can be used to remove this block and prevent
- // it from catching the exception. Typically this will cause the exception to crash
- // which is often desirable to allow crashlogs to be recorded for debugging purposed.
- // While this class is in scope we replace the Windows exception handler with 0xffffffff,
- // which indicates that the exception should not be handled.
- //
- // See http://www.microsoft.com/msj/0197/Exception/Exception.aspx
+ StructuredExceptionHandlerSuppressor(ExceptionRegistration&);
+ ~StructuredExceptionHandlerSuppressor();
- // Windows doesn't like assigning to member variables, so we need to get the value into
- // a local variable and store it afterwards.
- void* registration;
-
- __asm mov eax, FS:[0]
- __asm mov [registration], eax
- __asm mov eax, 0xffffffff
- __asm mov FS:[0], eax
-
- m_savedExceptionRegistration = registration;
- }
-
- ~StructuredExceptionHandlerSuppressor()
- {
- // Restore the exception handler
- __asm mov eax, [m_savedExceptionRegistration]
- __asm mov FS:[0], eax
- }
-
private:
void* m_savedExceptionRegistration;
};
-#pragma warning(pop)
-
} // namespace WebCore
#endif // StructuredExceptionHandlerSuppressor_h
Copied: branches/safari-537.73-branch/Source/WebCore/platform/win/makesafeseh.asm (from rev 155226, trunk/Source/WebCore/platform/win/makesafeseh.asm) (0 => 158227)
--- branches/safari-537.73-branch/Source/WebCore/platform/win/makesafeseh.asm (rev 0)
+++ branches/safari-537.73-branch/Source/WebCore/platform/win/makesafeseh.asm 2013-10-29 21:41:41 UTC (rev 158227)
@@ -0,0 +1,45 @@
+;/*
+; * Copyright (C) 2013 Apple, Inc. All rights reserved
+; *
+; * Redistribution and use in source and binary forms, with or without
+; * modification, are permitted provided that the following conditions
+; * are met:
+; * 1. Redistributions of source code must retain the above copyright
+; * notice, this list of conditions and the following disclaimer.
+; * 2. Redistributions in binary form must reproduce the above copyright
+; * notice, this list of conditions and the following disclaimer in the
+; * documentation and/or other materials provided with the distribution.
+; *
+; * THIS SOFTWARE IS PROVIDED BY APPLE INC. ``AS IS'' AND ANY
+; * EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+; * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+; * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL APPLE COMPUTER, INC. OR
+; * CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL,
+; * EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO,
+; * PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR
+; * PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY
+; * OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+; * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+; * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+; */
+
+; Tell Windows to trust our error handler. This must be done within an assembly
+; module. We cannot do it on-the-fly in our C++ code.
+;
+; Note also (confirmed by Raymond Chen) that we must use this assembly thunk
+; to call our custom exception handler. (See http://jpassing.com/2008/05/20/fun-with-low-level-seh/)
+
+.386
+.model FLAT, STDCALL
+
+EXTERN exceptionHandler@16 : near ; Defined in StructuredExceptionHandlerSupressor.cpp
+
+exceptionHandlerThunk proto
+.safeseh exceptionHandlerThunk
+
+.code
+exceptionHandlerThunk proc
+ jmp exceptionHandler@16
+exceptionHandlerThunk endp
+
+END
\ No newline at end of file
