Bug 1508416: Check TLS initialization before reading sAlreadyHandlingTrap. r=luke
authorDavid Major <dmajor@mozilla.com>
Mon, 19 Nov 2018 20:30:51 -0500
changeset 503596 3a55e6ff319018eb2562a9759fde6d7a7bd526a1
parent 503595 8cef663e7653bb1939fa81a0e5ca79ea959808d3
child 503597 deefae2125c46945fda7e868eb17a4017429838f
push id10290
push userffxbld-merge
push dateMon, 03 Dec 2018 16:23:23 +0000
treeherdermozilla-beta@700bed2445e6 [default view] [failures only]
perfherder[talos] [build metrics] [platform microbench] (compared to previous push)
reviewersluke
bugs1508416
milestone65.0a1
first release with
nightly linux32
nightly linux64
nightly mac
nightly win32
nightly win64
last release without
nightly linux32
nightly linux64
nightly mac
nightly win32
nightly win64
Bug 1508416: Check TLS initialization before reading sAlreadyHandlingTrap. r=luke
js/src/wasm/WasmSignalHandlers.cpp
--- a/js/src/wasm/WasmSignalHandlers.cpp
+++ b/js/src/wasm/WasmSignalHandlers.cpp
@@ -22,16 +22,17 @@
 #include "mozilla/ScopeExit.h"
 #include "mozilla/ThreadLocal.h"
 
 #include "threading/Thread.h"
 #include "vm/Runtime.h"
 #include "wasm/WasmInstance.h"
 
 #if defined(XP_WIN)
+# include <winternl.h>  // must include before util/Windows.h's `#undef`s
 # include "util/Windows.h"
 #elif defined(XP_DARWIN)
 # include <mach/exc.h>
 # include <mach/mach.h>
 #else
 # include <signal.h>
 #endif
 
@@ -485,20 +486,28 @@ HandleTrap(CONTEXT* context, JSContext* 
 }
 
 // =============================================================================
 // The following platform-specific handlers funnel all signals/exceptions into
 // the shared HandleTrap() above.
 // =============================================================================
 
 #if defined(XP_WIN)
+// Obtained empirically from thread_local codegen on x86/x64/arm64.
+// Compiled in all user binaries, so should be stable over time.
+static const unsigned sThreadLocalArrayPointerIndex = 11;
 
 static LONG WINAPI
 WasmTrapHandler(LPEXCEPTION_POINTERS exception)
 {
+    // Make sure TLS is initialized before reading sAlreadyHandlingTrap.
+    if (!NtCurrentTeb()->Reserved1[sThreadLocalArrayPointerIndex]) {
+        return EXCEPTION_CONTINUE_SEARCH;
+    }
+
     if (sAlreadyHandlingTrap.get()) {
         return EXCEPTION_CONTINUE_SEARCH;
     }
     AutoHandlingTrap aht;
 
     EXCEPTION_RECORD* record = exception->ExceptionRecord;
     if (record->ExceptionCode != EXCEPTION_ACCESS_VIOLATION &&
         record->ExceptionCode != EXCEPTION_ILLEGAL_INSTRUCTION)