[all-commits] [llvm/llvm-project] 58780b: [libc++][hardening] In production hardening modes, ...
Konstantin Varlamov via All-commits
all-commits at lists.llvm.org
Fri Jan 19 13:48:26 PST 2024
Branch: refs/heads/main
Home: https://github.com/llvm/llvm-project
Commit: 58780b811c23df3d928d8452ee21c862dde754a2
https://github.com/llvm/llvm-project/commit/58780b811c23df3d928d8452ee21c862dde754a2
Author: Konstantin Varlamov <varconsteq at gmail.com>
Date: 2024-01-19 (Fri, 19 Jan 2024)
Changed paths:
M libcxx/docs/BuildingLibcxx.rst
M libcxx/docs/ReleaseNotes/18.rst
M libcxx/test/libcxx/algorithms/alg.sorting/assert.min.max.pass.cpp
M libcxx/test/libcxx/algorithms/alg.sorting/assert.sort.invalid_comparator.pass.cpp
M libcxx/test/libcxx/assertions/customize_verbose_abort.compile-time.pass.cpp
M libcxx/test/libcxx/assertions/customize_verbose_abort.link-time.pass.cpp
M libcxx/test/libcxx/assertions/default_verbose_abort.pass.cpp
M libcxx/test/libcxx/assertions/modes/enabling_assertions_enables_extensive_mode.pass.cpp
M libcxx/test/libcxx/assertions/modes/extensive.pass.cpp
M libcxx/test/libcxx/assertions/modes/fast.pass.cpp
M libcxx/test/libcxx/assertions/modes/override_with_extensive_mode.pass.cpp
M libcxx/test/libcxx/assertions/modes/override_with_fast_mode.pass.cpp
M libcxx/test/libcxx/containers/sequences/array/array.zero/assert.back.pass.cpp
M libcxx/test/libcxx/containers/sequences/array/array.zero/assert.front.pass.cpp
M libcxx/test/libcxx/containers/sequences/array/array.zero/assert.subscript.pass.cpp
M libcxx/test/libcxx/containers/sequences/deque/assert.pop_back.empty.pass.cpp
M libcxx/test/libcxx/containers/sequences/list/list.modifiers/assert.erase_iter.end.pass.cpp
M libcxx/test/libcxx/containers/sequences/list/list.modifiers/assert.pop_back.empty.pass.cpp
M libcxx/test/libcxx/containers/sequences/vector/assert.back.empty.pass.cpp
M libcxx/test/libcxx/containers/sequences/vector/assert.cback.empty.pass.cpp
M libcxx/test/libcxx/containers/sequences/vector/assert.cfront.empty.pass.cpp
M libcxx/test/libcxx/containers/sequences/vector/assert.cindex.oob.pass.cpp
M libcxx/test/libcxx/containers/sequences/vector/assert.front.empty.pass.cpp
M libcxx/test/libcxx/containers/sequences/vector/assert.index.oob.pass.cpp
M libcxx/test/libcxx/containers/sequences/vector/assert.pop_back.empty.pass.cpp
M libcxx/test/libcxx/containers/unord/unord.map/assert.bucket.pass.cpp
M libcxx/test/libcxx/containers/unord/unord.map/assert.bucket_size.pass.cpp
M libcxx/test/libcxx/containers/unord/unord.map/assert.max_load_factor.pass.cpp
M libcxx/test/libcxx/containers/unord/unord.multimap/assert.bucket.pass.cpp
M libcxx/test/libcxx/containers/unord/unord.multimap/assert.bucket_size.pass.cpp
M libcxx/test/libcxx/containers/unord/unord.multimap/assert.max_load_factor.pass.cpp
M libcxx/test/libcxx/containers/unord/unord.multiset/assert.bucket.pass.cpp
M libcxx/test/libcxx/containers/unord/unord.multiset/assert.bucket_size.pass.cpp
M libcxx/test/libcxx/containers/unord/unord.multiset/assert.max_load_factor.pass.cpp
M libcxx/test/libcxx/containers/unord/unord.set/assert.bucket.pass.cpp
M libcxx/test/libcxx/containers/unord/unord.set/assert.bucket_size.pass.cpp
M libcxx/test/libcxx/containers/unord/unord.set/assert.max_load_factor.pass.cpp
M libcxx/test/libcxx/containers/views/mdspan/extents/assert.conversion.pass.cpp
M libcxx/test/libcxx/containers/views/mdspan/extents/assert.ctor_from_array.pass.cpp
M libcxx/test/libcxx/containers/views/mdspan/extents/assert.ctor_from_integral.pass.cpp
M libcxx/test/libcxx/containers/views/mdspan/extents/assert.ctor_from_span.pass.cpp
M libcxx/test/libcxx/containers/views/mdspan/extents/assert.obs.pass.cpp
M libcxx/test/libcxx/containers/views/mdspan/layout_left/assert.conversion.pass.cpp
M libcxx/test/libcxx/containers/views/mdspan/layout_left/assert.ctor.extents.pass.cpp
M libcxx/test/libcxx/containers/views/mdspan/layout_left/assert.ctor.layout_right.pass.cpp
M libcxx/test/libcxx/containers/views/mdspan/layout_left/assert.ctor.layout_stride.pass.cpp
M libcxx/test/libcxx/containers/views/mdspan/layout_left/assert.index_operator.pass.cpp
M libcxx/test/libcxx/containers/views/mdspan/layout_left/assert.stride.pass.cpp
M libcxx/test/libcxx/containers/views/mdspan/layout_right/assert.conversion.pass.cpp
M libcxx/test/libcxx/containers/views/mdspan/layout_right/assert.ctor.extents.pass.cpp
M libcxx/test/libcxx/containers/views/mdspan/layout_right/assert.ctor.layout_left.pass.cpp
M libcxx/test/libcxx/containers/views/mdspan/layout_right/assert.ctor.layout_stride.pass.cpp
M libcxx/test/libcxx/containers/views/mdspan/layout_right/assert.index_operator.pass.cpp
M libcxx/test/libcxx/containers/views/mdspan/layout_right/assert.stride.pass.cpp
M libcxx/test/libcxx/containers/views/mdspan/layout_stride/assert.conversion.pass.cpp
M libcxx/test/libcxx/containers/views/mdspan/layout_stride/assert.ctor.extents_array.non_unique.pass.cpp
M libcxx/test/libcxx/containers/views/mdspan/layout_stride/assert.ctor.extents_array.pass.cpp
M libcxx/test/libcxx/containers/views/mdspan/layout_stride/assert.ctor.extents_span.non_unique.pass.cpp
M libcxx/test/libcxx/containers/views/mdspan/layout_stride/assert.ctor.extents_span.pass.cpp
M libcxx/test/libcxx/containers/views/mdspan/layout_stride/assert.index_operator.pass.cpp
M libcxx/test/libcxx/containers/views/mdspan/layout_stride/assert.stride.pass.cpp
M libcxx/test/libcxx/containers/views/mdspan/mdspan/assert.conversion.pass.cpp
M libcxx/test/libcxx/containers/views/mdspan/mdspan/assert.index_operator.pass.cpp
M libcxx/test/libcxx/containers/views/mdspan/mdspan/assert.size.pass.cpp
M libcxx/test/libcxx/containers/views/views.span/span.cons/assert.iter_sent.pass.cpp
M libcxx/test/libcxx/containers/views/views.span/span.cons/assert.iter_size.pass.cpp
M libcxx/test/libcxx/containers/views/views.span/span.cons/assert.other_span.pass.cpp
M libcxx/test/libcxx/containers/views/views.span/span.cons/assert.range.pass.cpp
M libcxx/test/libcxx/containers/views/views.span/span.elem/assert.back.pass.cpp
M libcxx/test/libcxx/containers/views/views.span/span.elem/assert.front.pass.cpp
M libcxx/test/libcxx/containers/views/views.span/span.elem/assert.op_idx.pass.cpp
M libcxx/test/libcxx/containers/views/views.span/span.sub/assert.first.pass.cpp
M libcxx/test/libcxx/containers/views/views.span/span.sub/assert.last.pass.cpp
M libcxx/test/libcxx/containers/views/views.span/span.sub/assert.subspan.pass.cpp
M libcxx/test/libcxx/input.output/filesystems/class.path/path.itr/assert.iterator.pass.cpp
M libcxx/test/libcxx/iterators/assert.advance.pass.cpp
M libcxx/test/libcxx/iterators/assert.next.pass.cpp
M libcxx/test/libcxx/iterators/assert.prev.pass.cpp
M libcxx/test/libcxx/iterators/bounded_iter/dereference.pass.cpp
M libcxx/test/libcxx/iterators/predef.iterators/counted.iterator/assert.pass.cpp
M libcxx/test/libcxx/iterators/predef.iterators/iterators.common/assert.pass.cpp
M libcxx/test/libcxx/ranges/range.adaptors/range.chunk.by/assert.begin.pass.cpp
M libcxx/test/libcxx/ranges/range.adaptors/range.chunk.by/assert.find-next.pass.cpp
M libcxx/test/libcxx/ranges/range.adaptors/range.chunk.by/assert.find-prev.pass.cpp
M libcxx/test/libcxx/ranges/range.adaptors/range.chunk.by/range.chunk.by.iter/assert.deref.pass.cpp
M libcxx/test/libcxx/ranges/range.adaptors/range.chunk.by/range.chunk.by.iter/assert.increment.pass.cpp
M libcxx/test/libcxx/ranges/range.adaptors/range.drop.while/assert.begin.pass.cpp
M libcxx/test/libcxx/ranges/range.adaptors/range.lazy.split/range.lazy.split.inner/assert.equal.pass.cpp
M libcxx/test/libcxx/ranges/range.adaptors/range.lazy.split/range.lazy.split.outer/assert.equal.pass.cpp
M libcxx/test/libcxx/strings/basic.string/string.access/assert.back.pass.cpp
M libcxx/test/libcxx/strings/basic.string/string.access/assert.cback.pass.cpp
M libcxx/test/libcxx/strings/basic.string/string.access/assert.cfront.pass.cpp
M libcxx/test/libcxx/strings/basic.string/string.access/assert.cindex.pass.cpp
M libcxx/test/libcxx/strings/basic.string/string.access/assert.front.pass.cpp
M libcxx/test/libcxx/strings/basic.string/string.access/assert.index.pass.cpp
M libcxx/test/libcxx/strings/basic.string/string.modifiers/assert.erase_iter.null.pass.cpp
M libcxx/test/libcxx/strings/basic.string/string.modifiers/assert.pop_back.pass.cpp
M libcxx/test/libcxx/strings/string.view/assert.ctor.length.pass.cpp
M libcxx/test/libcxx/strings/string.view/assert.ctor.pointer.pass.cpp
M libcxx/test/libcxx/thread/futures/futures.promise/assert.set_exception.pass.cpp
M libcxx/test/libcxx/thread/futures/futures.promise/assert.set_exception_at_thread_exit.pass.cpp
M libcxx/test/libcxx/thread/thread.barrier/assert.arrive.pass.cpp
M libcxx/test/libcxx/thread/thread.barrier/assert.ctor.pass.cpp
M libcxx/test/libcxx/thread/thread.latch/assert.arrive_and_wait.pass.cpp
M libcxx/test/libcxx/thread/thread.latch/assert.count_down.pass.cpp
M libcxx/test/libcxx/thread/thread.latch/assert.ctor.pass.cpp
M libcxx/test/libcxx/thread/thread.semaphore/assert.ctor.pass.cpp
M libcxx/test/libcxx/thread/thread.semaphore/assert.release.pass.cpp
M libcxx/test/libcxx/utilities/assert.exception_guard.no_exceptions.pass.cpp
M libcxx/test/libcxx/utilities/expected/expected.expected/assert.arrow.pass.cpp
M libcxx/test/libcxx/utilities/expected/expected.expected/assert.deref.pass.cpp
M libcxx/test/libcxx/utilities/expected/expected.expected/assert.error.pass.cpp
M libcxx/test/libcxx/utilities/expected/expected.void/assert.deref.pass.cpp
M libcxx/test/libcxx/utilities/expected/expected.void/assert.error.pass.cpp
M libcxx/test/libcxx/utilities/optional/optional.object/optional.object.observe/assert.dereference.pass.cpp
M libcxx/test/libcxx/utilities/optional/optional.object/optional.object.observe/assert.op_arrow.pass.cpp
M libcxx/test/support/check_assertion.h
M libcxx/test/support/test.support/test_check_assertion.pass.cpp
M libcxx/vendor/llvm/default_assertion_handler.in
Log Message:
-----------
[libc++][hardening] In production hardening modes, trap rather than abort (#78561)
In the hardening modes that can be used in production (`fast` and
`extensive`), make a failed assertion invoke a trap instruction rather
than calling verbose abort. In the debug mode, still keep calling
verbose abort to provide a better user experience and to allow us to
keep our existing testing infrastructure for verifying assertion
messages. Since the debug mode by definition enables all assertions, we
can be sure that we still check all the assertion messages in the
library when running the test suite in the debug mode.
The main motivation to use trapping in production is to achieve better
code generation and reduce the binary size penalty. This way, the
assertion handler can compile to a single instruction, whereas the
existing mechanism with verbose abort results in generating a function
call that in general cannot be optimized away (made worse by the fact
that it's a variadic function, imposing an additional penalty). See the
[RFC](https://discourse.llvm.org/t/rfc-hardening-in-libc/73925) for more
details. Note that this mechanism can now be completely [overridden at
CMake configuration
time](https://github.com/llvm/llvm-project/pull/77883).
This patch also significantly refactors `check_assertion.h` and expands
its test coverage. The main changes:
- when overriding `verbose_abort`, don't do matching inside the function
-- just print the error message to `stderr`. This removes the need to
set a global matcher and allows to do matching in the parent process
after the child finishes;
- remove unused logic for matching source locations and for using
wildcards;
- make matchers simple functors;
- introduce `DeathTestResult` that keeps data about the test run,
primarily to make it easier to test.
In addition to the refactoring, `check_assertion.h` can now recognize
when a process exits due to a trap.
More information about the All-commits
mailing list