Bug 1858670 - Replace volatile accesses with inline assembly to ensure MOZ_CRASH() crashing sequence is always emitted r=glandium

gabrielesvelto · gabrielesvelto · commit 4f7911972913 · 2025-02-03T20:06:53.000Z
Differential Revision: https://phabricator.services.mozilla.com/D198023
diff --git a/mfbt/Assertions.h b/mfbt/Assertions.h
@@ -233,6 +233,40 @@ MOZ_NoReturn(int aLine) {
 
 #else
 
+// This function causes the process to crash by writing the line number
+// specified in the `aLine` parameter to the address provide by `aAddress`.
+// The store is implemented as volatile assembly code to ensure it's always
+// included in the output and always executed. This does not apply to ASAN
+// builds where we use __builtin_trap() instead, as an illegal access would
+// trip ASAN's checks.
+#  if !defined(MOZ_ASAN)
+static inline void MOZ_CrashSequence(void* aAddress, intptr_t aLine) {
+#    if defined(__i386__) || defined(__x86_64__)
+  asm volatile(
+      "mov %1, (%0);\n"  // Write the line number to the crashing address
+      :                  // no output registers
+      : "r"(aAddress), "r"(aLine));
+#    elif defined(__arm__) || defined(__aarch64__)
+  asm volatile(
+      "str %1,[%0];\n"  // Write the line number to the crashing address
+      :                 // no output registers
+      : "r"(aAddress), "r"(aLine));
+#    elif defined(__riscv)
+  asm volatile(
+      "sw %1,0(%0);\n"  // Write the line number to the crashing address
+      :                 // no output registers
+      : "r"(aAddress), "r"(aLine));
+#    else
+#      warning \
+          "Unsupported architecture, replace the code below with assembly suitable to crash the process"
+  asm volatile("" ::: "memory");
+  *((volatile int*)MOZ_CRASH_WRITE_ADDR) = line; /* NOLINT */
+#    endif
+}
+#  else
+#    define MOZ_CrashSequence(x, y) __builtin_trap()
+#  endif
+
 /*
  * MOZ_CRASH_WRITE_ADDR is the address to be used when performing a forced
  * crash. NULL is preferred however if for some reason NULL cannot be used
@@ -250,16 +284,16 @@ MOZ_NoReturn(int aLine) {
 #  endif
 
 #  ifdef __cplusplus
-#    define MOZ_REALLY_CRASH(line)                                  \
-      do {                                                          \
-        *((volatile int*)MOZ_CRASH_WRITE_ADDR) = line; /* NOLINT */ \
-        MOZ_NOMERGE ::abort();                                      \
+#    define MOZ_REALLY_CRASH(line)                     \
+      do {                                             \
+        MOZ_CrashSequence(MOZ_CRASH_WRITE_ADDR, line); \
+        MOZ_NOMERGE ::abort();                         \
       } while (false)
 #  else
-#    define MOZ_REALLY_CRASH(line)                                  \
-      do {                                                          \
-        *((volatile int*)MOZ_CRASH_WRITE_ADDR) = line; /* NOLINT */ \
-        MOZ_NOMERGE abort();                                        \
+#    define MOZ_REALLY_CRASH(line)                     \
+      do {                                             \
+        MOZ_CrashSequence(MOZ_CRASH_WRITE_ADDR, line); \
+        MOZ_NOMERGE abort();                           \
       } while (false)
 #  endif
 #endif
