Commit 3b6c2552 authored by Nico Weber's avatar Nico Weber Committed by Commit Bot

docs: Update asan docs slightly

- Mention more platforms at the top
- Be better about escaping underscores
- Remove some old gyp references
- Remove some no-longer-needed explicit clang opt-ins

Change-Id: I0e604a12ef67f3ae4d40cb06eac713305bdaf726
Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/2401806Reviewed-by: default avatarLei Zhang <thestig@chromium.org>
Commit-Queue: Nico Weber <thakis@chromium.org>
Cr-Commit-Position: refs/heads/master@{#805441}
parent 376467c7
...@@ -2,8 +2,8 @@ ...@@ -2,8 +2,8 @@
[AddressSanitizer](https://github.com/google/sanitizers) (ASan) is a fast memory [AddressSanitizer](https://github.com/google/sanitizers) (ASan) is a fast memory
error detector based on compiler instrumentation (LLVM). It is fully usable for error detector based on compiler instrumentation (LLVM). It is fully usable for
Chrome on Linux and Mac. There's a mostly-functional Windows port in progress Chrome on Android, Chrome OS, iOS simulator, Linux, Mac, and 64-bit Windows.
too. Additional info on the tool itself is available at Additional info on the tool itself is available at
https://clang.llvm.org/docs/AddressSanitizer.html. https://clang.llvm.org/docs/AddressSanitizer.html.
For the memory leak detector built into ASan, see For the memory leak detector built into ASan, see
...@@ -14,20 +14,19 @@ instead. ...@@ -14,20 +14,19 @@ instead.
## Buildbots and trybots ## Buildbots and trybots
The [Chromium Memory The [Chromium Memory
waterfall](https://ci.chromium.org/p/chromium/g/chromium.memory/console) (not to waterfall](https://ci.chromium.org/p/chromium/g/chromium.memory/console)
be confused with the Memory FYI waterfall) contains buildbots running Chromium contains buildbots running Chromium tests under ASan on Linux (Linux ASan/LSan
tests under ASan on Linux (Linux ASan/LSan bots for the regular Linux build, bots for the regular Linux build, Linux Chromium OS ASan for the chromeos=1
Linux Chromium OS ASan for the chromeos=1 build running on Linux), OS X (both 32 build running on Linux), macOS, Chromium OS. Linux and Linux Chromium OS bots
and 64 bits), Chromium OS (x86 and amd64 builds running inside VMs). Linux and run with --no-sandbox, but there's an extra Linux bot that enables the sandbox
Linux Chromium OS bots run with --no-sandbox, but there's an extra Linux bot (but disables LeakSanitizer).
that enables the sandbox (but disables LeakSanitizer).
The trybots running Chromium tests on Linux and macOS are: The trybots running Chromium tests on Linux and macOS are:
- linux_asan (everything except browser_tests and content_browsertests) - linux\_asan (everything except browser\_tests and content\_browsertests)
- linux_browser_asan (browser_tests and content_browsertests), - linux\_browser\_asan (browser\_tests and content\_browsertests),
- mac_asan (many tests including browser_tests and content_browsertests) - mac\_asan (many tests including browser\_tests and content\_browsertests)
- linux_chromeos_asan (the chromeos=1 build running on a Linux machine, many - linux\_chromeos\_asan (the chromeos=1 build running on a Linux machine, many
tests including browser_tests and content_browsertests). tests including browser\_tests and content\_browsertests).
## Pre-built Chrome binaries ## Pre-built Chrome binaries
...@@ -36,14 +35,9 @@ You can grab fresh Chrome binaries built with ASan ...@@ -36,14 +35,9 @@ You can grab fresh Chrome binaries built with ASan
## Build tests with ASan ## Build tests with ASan
If you're on MacOS or linux64, building with ASan is easy. Start by compiling Building with ASan is easy. Start by compiling `base_unittests` to verify the
`base_unittests` to verify the build is working for you (see below). Then, you build is working for you (see below). Then, you can compile `chrome`,
can compile `chrome`, `browser_tests`, etc.. Make sure to compile release `browser_tests`, etc.. Make sure to compile release builds.
builds.
Make sure you've run `tools/clang/scripts/update.py` (see
https://chromium.googlesource.com/chromium/src/+/master/docs/clang.md for
details).
### Configuring the build ### Configuring the build
...@@ -65,9 +59,8 @@ ninja -C out/asan base_unittests ...@@ -65,9 +59,8 @@ ninja -C out/asan base_unittests
### Goma build ### Goma build
ASan builds should work seamlessly with Goma (except for Windows); just add ASan builds should work seamlessly with Goma; just add `use_goma=true` in your
`use_goma=1` to your `GYP_DEFINES` or `use_goma=true` in your "gn args" Don't "gn args" Don't forget to use `ninja -j <jobs>` to take advantage of goma.
forget to use ninja -j <jobs> to take advantage of goma.
### Build options ### Build options
...@@ -139,7 +132,7 @@ You may need to run with `--disable-gpu` on Linux with NVIDIA driver older than ...@@ -139,7 +132,7 @@ You may need to run with `--disable-gpu` on Linux with NVIDIA driver older than
You will likely need to define environment variable You will likely need to define environment variable
[`G_SLICE=always-malloc`](https://developer.gnome.org/glib/unstable/glib-running.html) [`G_SLICE=always-malloc`](https://developer.gnome.org/glib/unstable/glib-running.html)
to avoid crashes inside gtk. to avoid crashes inside gtk.
NSS_DISABLE_ARENA_FREE_LIST=1 and NSS_DISABLE_UNLOAD=1 are required as well. `NSS_DISABLE_ARENA_FREE_LIST=1` and `NSS_DISABLE_UNLOAD=1` are required as well.
When filing a bug found by AddressSanitizer, please add a label When filing a bug found by AddressSanitizer, please add a label
`Stability-AddressSanitizer`. `Stability-AddressSanitizer`.
...@@ -155,11 +148,11 @@ See `base/debug/sanitizer_options.cc` for more details. ...@@ -155,11 +148,11 @@ See `base/debug/sanitizer_options.cc` for more details.
## NaCl support under ASan ## NaCl support under ASan
On Linux (and soon on MacOS) you can build and run Chromium with NaCl under ASan. On Linux (and soon on macOS) you can build and run Chromium with NaCl under ASan.
Untrusted code (nexe) itself is not instrumented with ASan in this mode, but Untrusted code (nexe) itself is not instrumented with ASan in this mode, but
everything else is. everything else is.
To do this, remove `disable_nacl=1` from `GYP_DEFINES`, and define To do this, remove `enable_nacl=false` from your `args.gn`, and define
`NACL_DANGEROUS_SKIP_QUALIFICATION_TEST=1` in your environment at run time. `NACL_DANGEROUS_SKIP_QUALIFICATION_TEST=1` in your environment at run time.
Pipe chromium output (stderr) through ``tools/valgrind/asan/asan_symbolize.py Pipe chromium output (stderr) through ``tools/valgrind/asan/asan_symbolize.py
...@@ -194,7 +187,6 @@ changes: ...@@ -194,7 +187,6 @@ changes:
```python ```python
target_os="android" target_os="android"
is_clang=true
is_asan=true is_asan=true
is_debug=false is_debug=false
``` ```
...@@ -229,7 +221,7 @@ Use `build/android/asan_symbolize.py` to symbolize stack from `adb logcat`. It ...@@ -229,7 +221,7 @@ Use `build/android/asan_symbolize.py` to symbolize stack from `adb logcat`. It
needs the `--output-directory` argument and takes care of translating the device needs the `--output-directory` argument and takes care of translating the device
path to the unstripped binary in the output directory. path to the unstripped binary in the output directory.
## Building with v8_target_arch=arm ## Building with v8\_target\_arch="arm"
This is needed to detect addressability bugs in the ARM code emitted by V8 and This is needed to detect addressability bugs in the ARM code emitted by V8 and
running on an instrumented ARM emulator in a 32-bit x86 Linux Chromium. **You running on an instrumented ARM emulator in a 32-bit x86 Linux Chromium. **You
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment