From 28b01697ff9f30dfa2faf181c1390fdf3eab5cc1 Mon Sep 17 00:00:00 2001
From: Jakob Gruber <jgruber@chromium.org>
Date: Thu, 13 Dec 2018 10:14:09 +0100
Subject: [PATCH] [asm] Pad instruction area with int3

The disassembler expects the actual instruction area of a code object
(i.e. from InstructionStart() to the first embedded metadata section
such as the handler table) to contain only valid instructions.

This changes asm::DataAlign() to pad with 0xcc bytes, which are int3
instructions on x64 and ia32.

Bug: v8:8559
Change-Id: I8a0920a85d4de89194e5c8d3d1a541d8b36fef92
Reviewed-on: https://chromium-review.googlesource.com/c/1375652
Reviewed-by: Clemens Hammacher <clemensh@chromium.org>
Commit-Queue: Jakob Gruber <jgruber@chromium.org>
Cr-Commit-Position: refs/heads/master@{#58207}
---
 src/assembler.cc | 5 ++++-
 1 file changed, 4 insertions(+), 1 deletion(-)

diff --git a/src/assembler.cc b/src/assembler.cc
index a5544551b3..69e3a2a36e 100644
--- a/src/assembler.cc
+++ b/src/assembler.cc
@@ -200,7 +200,10 @@ void Assembler::RecordComment(const char* msg) {
 void Assembler::DataAlign(int m) {
   DCHECK(m >= 2 && base::bits::IsPowerOfTwo(m));
   while ((pc_offset() & (m - 1)) != 0) {
-    db(0);
+    // Pad with 0xcc (= int3 on ia32 and x64); the primary motivation is that
+    // the disassembler expects to find valid instructions, but this is also
+    // nice from a security point of view.
+    db(0xcc);
   }
 }