From c7ce7b343cb46c629322ffeff55f217a5997ea19 Mon Sep 17 00:00:00 2001 From: Ryan VanderMeulen Date: Mon, 24 Apr 2023 12:47:00 +0000 Subject: [PATCH] Bug 1829425 - Rename the ASAN/TSAN blacklist macros. r=decoder Differential Revision: https://phabricator.services.mozilla.com/D176201 --- mfbt/Attributes.h | 26 +++++++++---------- mozglue/baseprofiler/core/platform.cpp | 8 +++--- mozglue/build/AsanOptions.cpp | 2 +- mozglue/misc/StackWalk.cpp | 2 +- .../sandbox/linux/launch/SandboxLaunch.cpp | 4 +-- tools/lint/rejected-words.yml | 9 ------- tools/profiler/core/platform.cpp | 8 +++--- .../xptcall/md/unix/xptcinvoke_arm.cpp | 2 +- .../xptcall/md/unix/xptcinvoke_linux_s390.cpp | 2 +- .../md/unix/xptcinvoke_linux_s390x.cpp | 2 +- 10 files changed, 27 insertions(+), 38 deletions(-) diff --git a/mfbt/Attributes.h b/mfbt/Attributes.h index d48dc28f5c0e..d6e6293066ef 100644 --- a/mfbt/Attributes.h +++ b/mfbt/Attributes.h @@ -212,44 +212,42 @@ #endif /* - * MOZ_ASAN_BLACKLIST is a macro to tell AddressSanitizer (a compile-time + * MOZ_ASAN_IGNORE is a macro to tell AddressSanitizer (a compile-time * instrumentation shipped with Clang and GCC) to not instrument the annotated * function. Furthermore, it will prevent the compiler from inlining the - * function because inlining currently breaks the blacklisting mechanism of + * function because inlining currently breaks the blocklisting mechanism of * AddressSanitizer. */ #if defined(__has_feature) # if __has_feature(address_sanitizer) -# define MOZ_HAVE_ASAN_BLACKLIST +# define MOZ_HAVE_ASAN_IGNORE # endif #elif defined(__GNUC__) # if defined(__SANITIZE_ADDRESS__) -# define MOZ_HAVE_ASAN_BLACKLIST +# define MOZ_HAVE_ASAN_IGNORE # endif #endif -#if defined(MOZ_HAVE_ASAN_BLACKLIST) -# define MOZ_ASAN_BLACKLIST \ - MOZ_NEVER_INLINE __attribute__((no_sanitize_address)) +#if defined(MOZ_HAVE_ASAN_IGNORE) +# define MOZ_ASAN_IGNORE MOZ_NEVER_INLINE __attribute__((no_sanitize_address)) #else -# define MOZ_ASAN_BLACKLIST /* nothing */ +# define MOZ_ASAN_IGNORE /* nothing */ #endif /* - * MOZ_TSAN_BLACKLIST is a macro to tell ThreadSanitizer (a compile-time + * MOZ_TSAN_IGNORE is a macro to tell ThreadSanitizer (a compile-time * instrumentation shipped with Clang) to not instrument the annotated function. * Furthermore, it will prevent the compiler from inlining the function because - * inlining currently breaks the blacklisting mechanism of ThreadSanitizer. + * inlining currently breaks the blocklisting mechanism of ThreadSanitizer. */ #if defined(__has_feature) # if __has_feature(thread_sanitizer) -# define MOZ_TSAN_BLACKLIST \ - MOZ_NEVER_INLINE __attribute__((no_sanitize_thread)) +# define MOZ_TSAN_IGNORE MOZ_NEVER_INLINE __attribute__((no_sanitize_thread)) # else -# define MOZ_TSAN_BLACKLIST /* nothing */ +# define MOZ_TSAN_IGNORE /* nothing */ # endif #else -# define MOZ_TSAN_BLACKLIST /* nothing */ +# define MOZ_TSAN_IGNORE /* nothing */ #endif #if defined(__has_attribute) diff --git a/mozglue/baseprofiler/core/platform.cpp b/mozglue/baseprofiler/core/platform.cpp index 065ac77694c3..dd3bfe667451 100644 --- a/mozglue/baseprofiler/core/platform.cpp +++ b/mozglue/baseprofiler/core/platform.cpp @@ -1473,9 +1473,9 @@ static void DoEHABIBacktrace(PSLockRef aLock, #ifdef USE_LUL_STACKWALK // See the comment at the callsite for why this function is necessary. -# if defined(MOZ_HAVE_ASAN_BLACKLIST) -MOZ_ASAN_BLACKLIST static void ASAN_memcpy(void* aDst, const void* aSrc, - size_t aLen) { +# if defined(MOZ_HAVE_ASAN_IGNORE) +MOZ_ASAN_IGNORE static void ASAN_memcpy(void* aDst, const void* aSrc, + size_t aLen) { // The obvious thing to do here is call memcpy(). However, although // ASAN_memcpy() is not instrumented by ASAN, memcpy() still is, and the // false positive still manifests! So we must implement memcpy() ourselves @@ -1614,7 +1614,7 @@ static void DoLULBacktrace(PSLockRef aLock, // // This code is very much a custom stack unwind mechanism! So we use an // alternative memcpy() implementation that is ignored by ASAN. -# if defined(MOZ_HAVE_ASAN_BLACKLIST) +# if defined(MOZ_HAVE_ASAN_IGNORE) ASAN_memcpy(&stackImg.mContents[0], (void*)start, nToCopy); # else memcpy(&stackImg.mContents[0], (void*)start, nToCopy); diff --git a/mozglue/build/AsanOptions.cpp b/mozglue/build/AsanOptions.cpp index 2ce5be549cce..a96e6bd840f2 100644 --- a/mozglue/build/AsanOptions.cpp +++ b/mozglue/build/AsanOptions.cpp @@ -66,7 +66,7 @@ // These should be updated in: // mobile/android/geckoview/src/asan/resources/lib/*/wrap.sh // -extern "C" MOZ_ASAN_BLACKLIST const char* __asan_default_options() { +extern "C" MOZ_ASAN_IGNORE const char* __asan_default_options() { return "allow_user_segv_handler=1:alloc_dealloc_mismatch=0:detect_leaks=0" # ifdef MOZ_ASAN_REPORTER ":malloc_context_size=20" diff --git a/mozglue/misc/StackWalk.cpp b/mozglue/misc/StackWalk.cpp index 3789f8c753fe..307715b170a7 100644 --- a/mozglue/misc/StackWalk.cpp +++ b/mozglue/misc/StackWalk.cpp @@ -863,7 +863,7 @@ const uintptr_t kPointerMask = const uintptr_t kPointerMask = ~uintptr_t(0); # endif -MOZ_ASAN_BLACKLIST +MOZ_ASAN_IGNORE static void DoFramePointerStackWalk(MozWalkStackCallback aCallback, const void* aFirstFramePC, uint32_t aMaxFrames, void* aClosure, diff --git a/security/sandbox/linux/launch/SandboxLaunch.cpp b/security/sandbox/linux/launch/SandboxLaunch.cpp index 267b71bd139f..d6f3ec9c778f 100644 --- a/security/sandbox/linux/launch/SandboxLaunch.cpp +++ b/security/sandbox/linux/launch/SandboxLaunch.cpp @@ -524,8 +524,8 @@ static int CloneCallee(void* aPtr) { // Valgrind would disapprove of using clone() without CLONE_VM; // Chromium uses the raw syscall as a workaround in that case, but // we don't currently support sandboxing under valgrind. -MOZ_NEVER_INLINE MOZ_ASAN_BLACKLIST static pid_t DoClone(int aFlags, - jmp_buf* aCtx) { +MOZ_NEVER_INLINE MOZ_ASAN_IGNORE static pid_t DoClone(int aFlags, + jmp_buf* aCtx) { static constexpr size_t kStackAlignment = 16; uint8_t miniStack[4096] __attribute__((aligned(kStackAlignment))); #ifdef __hppa__ diff --git a/tools/lint/rejected-words.yml b/tools/lint/rejected-words.yml index a1b11c7a43ed..bf69cd9c9891 100644 --- a/tools/lint/rejected-words.yml +++ b/tools/lint/rejected-words.yml @@ -158,7 +158,6 @@ avoid-blacklist-and-whitelist: - layout/tools/reftest/reftestcommandline.py - layout/tools/reftest/runreftest.py - layout/tools/reftest/selftest/conftest.py - - mfbt/Attributes.h - mobile/android/app/mobile.js - mobile/android/geckoview/src/main/java/org/mozilla/gecko/util/HardwareCodecCapabilityUtils.java - mobile/android/geckoview/src/main/java/org/mozilla/geckoview/ContentBlocking.java @@ -166,9 +165,6 @@ avoid-blacklist-and-whitelist: - mobile/android/geckoview/src/main/java/org/mozilla/geckoview/WebAuthnTokenManager.java - modules/libpref/Preferences.cpp - modules/libpref/init/all.js - - mozglue/baseprofiler/core/platform.cpp - - mozglue/build/AsanOptions.cpp - - mozglue/misc/StackWalk.cpp - netwerk/base/nsIPermissionManager.idl - netwerk/base/nsIProtocolHandler.idl - netwerk/base/nsIOService.cpp @@ -208,7 +204,6 @@ avoid-blacklist-and-whitelist: - security/sandbox/linux/broker/SandboxBrokerPolicyFactory.cpp - security/sandbox/linux/glue/SandboxPrefBridge.cpp - security/sandbox/linux/gtest/TestBroker.cpp - - security/sandbox/linux/launch/SandboxLaunch.cpp - security/sandbox/linux/Sandbox.cpp - security/sandbox/linux/SandboxFilter.cpp - security/sandbox/linux/SandboxFilterUtil.h @@ -309,7 +304,6 @@ avoid-blacklist-and-whitelist: - tools/fuzzing/messagemanager/MessageManagerFuzzer.h - tools/lint/eslint/eslint-plugin-mozilla/lib/rules/no-define-cc-etc.js - tools/lint/rejected-words.yml - - tools/profiler/core/platform.cpp - tools/tryselect/selectors/chooser/__init__.py - tools/tryselect/task_config.py - widget/android/GfxInfo.cpp @@ -320,9 +314,6 @@ avoid-blacklist-and-whitelist: - widget/windows/WinUtils.cpp - widget/windows/WinUtils.h - xpcom/io/FilePreferences.cpp - - xpcom/reflect/xptcall/md/unix/xptcinvoke_arm.cpp - - xpcom/reflect/xptcall/md/unix/xptcinvoke_linux_s390.cpp - - xpcom/reflect/xptcall/md/unix/xptcinvoke_linux_s390x.cpp - xpcom/tests/gtest/TestFilePreferencesUnix.cpp # --- diff --git a/tools/profiler/core/platform.cpp b/tools/profiler/core/platform.cpp index 28a791172a30..8950c48b5823 100644 --- a/tools/profiler/core/platform.cpp +++ b/tools/profiler/core/platform.cpp @@ -2257,9 +2257,9 @@ static void DoEHABIBacktrace( #ifdef USE_LUL_STACKWALK // See the comment at the callsite for why this function is necessary. -# if defined(MOZ_HAVE_ASAN_BLACKLIST) -MOZ_ASAN_BLACKLIST static void ASAN_memcpy(void* aDst, const void* aSrc, - size_t aLen) { +# if defined(MOZ_HAVE_ASAN_IGNORE) +MOZ_ASAN_IGNORE static void ASAN_memcpy(void* aDst, const void* aSrc, + size_t aLen) { // The obvious thing to do here is call memcpy(). However, although // ASAN_memcpy() is not instrumented by ASAN, memcpy() still is, and the // false positive still manifests! So we must implement memcpy() ourselves @@ -2408,7 +2408,7 @@ static void DoLULBacktrace( // // This code is very much a custom stack unwind mechanism! So we use an // alternative memcpy() implementation that is ignored by ASAN. -# if defined(MOZ_HAVE_ASAN_BLACKLIST) +# if defined(MOZ_HAVE_ASAN_IGNORE) ASAN_memcpy(&stackImg.mContents[0], (void*)start, nToCopy); # else memcpy(&stackImg.mContents[0], (void*)start, nToCopy); diff --git a/xpcom/reflect/xptcall/md/unix/xptcinvoke_arm.cpp b/xpcom/reflect/xptcall/md/unix/xptcinvoke_arm.cpp index 1fd73c1dc670..39a6b406f40e 100644 --- a/xpcom/reflect/xptcall/md/unix/xptcinvoke_arm.cpp +++ b/xpcom/reflect/xptcall/md/unix/xptcinvoke_arm.cpp @@ -118,7 +118,7 @@ typedef nsresult (*vtable_func)(nsISupports *, uint32_t, uint32_t, uint32_t); // once the function is compiled with a version of ASan that has dynamic-alloca // instrumentation enabled. -MOZ_ASAN_BLACKLIST +MOZ_ASAN_IGNORE EXPORT_XPCOM_API(nsresult) NS_InvokeByIndex(nsISupports* that, uint32_t methodIndex, uint32_t paramCount, nsXPTCVariant* params) diff --git a/xpcom/reflect/xptcall/md/unix/xptcinvoke_linux_s390.cpp b/xpcom/reflect/xptcall/md/unix/xptcinvoke_linux_s390.cpp index 36eb682b8623..c5fa2f94bdc7 100644 --- a/xpcom/reflect/xptcall/md/unix/xptcinvoke_linux_s390.cpp +++ b/xpcom/reflect/xptcall/md/unix/xptcinvoke_linux_s390.cpp @@ -175,7 +175,7 @@ typedef nsresult (*vtable_func)(nsISupports *, uint32_t, uint32_t, uint32_t, uin // once the function is compiled with a version of ASan that has dynamic-alloca // instrumentation enabled. -MOZ_ASAN_BLACKLIST +MOZ_ASAN_IGNORE EXPORT_XPCOM_API(nsresult) NS_InvokeByIndex(nsISupports* that, uint32_t methodIndex, uint32_t paramCount, nsXPTCVariant* params) diff --git a/xpcom/reflect/xptcall/md/unix/xptcinvoke_linux_s390x.cpp b/xpcom/reflect/xptcall/md/unix/xptcinvoke_linux_s390x.cpp index cf70c0c438a6..1be12d4ad308 100644 --- a/xpcom/reflect/xptcall/md/unix/xptcinvoke_linux_s390x.cpp +++ b/xpcom/reflect/xptcall/md/unix/xptcinvoke_linux_s390x.cpp @@ -169,7 +169,7 @@ typedef nsresult (*vtable_func)(nsISupports *, uint64_t, uint64_t, uint64_t, uin // once the function is compiled with a version of ASan that has dynamic-alloca // instrumentation enabled. -MOZ_ASAN_BLACKLIST +MOZ_ASAN_IGNORE EXPORT_XPCOM_API(nsresult) NS_InvokeByIndex(nsISupports* that, uint32_t methodIndex, uint32_t paramCount, nsXPTCVariant* params)