Bug 120901

Summary: [Windows] StructuredExceptionHandlerSuppressor Causes Bad Interactions With Support Libraries
Product: WebKit Reporter: Brent Fulgham <bfulgham>
Component: WebCore Misc.Assignee: Brent Fulgham <bfulgham>
Status: RESOLVED FIXED    
Severity: Normal CC: commit-queue, simon.fraser
Priority: P2 Keywords: InRadar
Version: 528+ (Nightly build)   
Hardware: PC   
OS: All   
Bug Depends on: 67510    
Bug Blocks: 120906    
Attachments:
Description Flags
Patch
none
Patch andersca: review+

Description Brent Fulgham 2013-09-06 15:30:34 PDT
The StructuredExceptionHandlerSuppressor was added in Bug 67510 so that WebKit would generate useful stack traces when null pointers or other invalid data were being passed through the WebKit infrastructure. The intention was to allow us to crash when null pointers or other runtime exceptions were generated.

Unfortunately, because Windows C++ exceptions are built on top of the underlying structured-exception-handling infrastructure, this caused valid C++ exception handler to stop working. (For details on this, see http://www.microsoft.com/msj/0197/Exception/Exception.aspx, http://www.microsoft.com/msj/archive/S2CE.aspx, http://www.hexblog.com/wp-content/uploads/2012/06/Recon-2012-Skochinsky-Compiler-Internals.pdf, http://www.codeproject.com/Articles/2126/How-a-C-compiler-implements-exception-handling).

This was observed when a support library was modified to use a C++ exception as part of its handling of certain device setup logic. Although the exception was fully captured and handled inside the support library, our manipulation of the SEH call chain caused the entire exception handling system to break causing a 'normal' code path for our support library to suddenly turn into a critical failure.

This bug revises the StructuredExceptionHandlerSuppressor to apply a filter to the exceptions it chooses to abort. For most exception classes, it passes exception handling up the chain so that the proper handler can be invoked. However, we force a crash for access violations, memory corruption, etc. as desired.
Comment 1 Brent Fulgham 2013-09-06 15:36:14 PDT
<rdar://problem/14922148>
Comment 2 Brent Fulgham 2013-09-06 15:47:51 PDT
Created attachment 210806 [details]
Patch
Comment 3 Brent Fulgham 2013-09-06 15:49:10 PDT
Created attachment 210808 [details]
Patch
Comment 4 Brent Fulgham 2013-09-06 15:56:29 PDT
Note: This logic will need to be extended to support 64-bit Windows. See referenced bug 120906 for this work.
Comment 5 Brent Fulgham 2013-09-06 16:45:08 PDT
Committed r155226: <http://trac.webkit.org/changeset/155226>