chromium/src
0
Fork 0
Code Activity

[Instrumented libraries] Pull instrumented_libraries via recursedeps

Browse Source 
Projects like V8/WebRTC/Pdfium/etc will also have to:
1. Change DEPS as in this CL
2. Rename instrumented_libraries to instrumented_libs as in this CL

Cq-Include-Trybots: luci.chromium.try:linux_chromium_msan_rel_ng
Bug: 320564950
Change-Id: I802bce32cc37d0ec9c0081cf08a4f8179293693d
Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/5368675
Commit-Queue: Thomas Anderson <thomasanderson@chromium.org>
Reviewed-by: Nico Weber <thakis@chromium.org>
Reviewed-by: Dirk Pranke <dpranke@google.com>
Cr-Commit-Position: refs/heads/main@{#1277898}
This commit is contained in:
Tom Anderson
2024-03-25 20:26:16 +00:00
committed by Chromium LUCI CQ
parent 35709bd9a7
commit ce4370776d
57 changed files with 25 additions and 2597 deletions

4
.gitmodules vendored

@ -261,6 +261,10 @@
[submodule "third_party/harfbuzz-ng/src"]
path = third_party/harfbuzz-ng/src
url = https://chromium.googlesource.com/external/github.com/harfbuzz/harfbuzz
[submodule "third_party/instrumented_libs"]
path = third_party/instrumented_libs
url = https://chromium.googlesource.com/chromium/third_party/instrumented_libraries
gclient-condition = checkout_instrumented_libraries
[submodule "third_party/jszip/src"]
path = third_party/jszip/src
url = https://chromium.googlesource.com/external/github.com/Stuk/jszip

30
DEPS

@ -1264,6 +1264,11 @@ deps = {
'src/third_party/harfbuzz-ng/src':
Var('chromium_git') + '/external/github.com/harfbuzz/harfbuzz.git' + '@' + Var('harfbuzz_revision'),
'src/third_party/instrumented_libs': {
'url': Var('chromium_git') + '/chromium/third_party/instrumented_libraries.git' + '@' + '0afcd954d906cd988fa5e55807c19f1443080657',
'condition': 'checkout_instrumented_libraries',
},
'src/third_party/jszip/src': {
'url': Var('chromium_git') + '/external/github.com/Stuk/jszip.git' + '@' + '2ceb998e29d4171b4f3f2ecab1a2195c696543c0',
'condition': 'checkout_ios',
@ -4875,30 +4880,6 @@ hooks = [
'src/third_party/apache-win32',
],
},
{
'name': 'msan_chained_origins_focal',
'pattern': '.',
'condition': 'checkout_instrumented_libraries',
'action': [ 'python3',
'src/third_party/depot_tools/download_from_google_storage.py',
'--no_resume',
'--no_auth',
'--bucket', 'chromium-instrumented-libraries',
'-s', 'src/third_party/instrumented_libraries/binaries/msan-chained-origins-focal.tgz.sha1',
],
},
{
'name': 'msan_no_origins_focal',
'pattern': '.',
'condition': 'checkout_instrumented_libraries',
'action': [ 'python3',
'src/third_party/depot_tools/download_from_google_storage.py',
'--no_resume',
'--no_auth',
'--bucket', 'chromium-instrumented-libraries',
'-s', 'src/third_party/instrumented_libraries/binaries/msan-no-origins-focal.tgz.sha1',
],
},
{
'name': 'wasm_fuzzer',
'pattern': '.',
@ -5679,6 +5660,7 @@ recursedeps = [
# it has build files.
'src/third_party/dawn',
'src/third_party/devtools-frontend-internal',
'src/third_party/instrumented_libs',
'src/third_party/openscreen/src',
'src/third_party/vulkan-deps',
'src/third_party/devtools-frontend/src',

8
build/config/BUILD.gn

@ -334,10 +334,10 @@ config("executable_config") {
# If we're using the prebuilt instrumented libraries with the sanitizers, we
# need to add ldflags to every binary to make sure they are picked up.
if (prebuilt_instrumented_libraries_available) {
configs += [ "//third_party/instrumented_libraries:prebuilt_ldflags" ]
configs += [ "//third_party/instrumented_libs:prebuilt_ldflags" ]
}
if (use_locally_built_instrumented_libraries) {
configs += [ "//third_party/instrumented_libraries:locally_built_ldflags" ]
configs += [ "//third_party/instrumented_libs:locally_built_ldflags" ]
}
}
@ -365,10 +365,10 @@ config("shared_library_config") {
# If we're using the prebuilt instrumented libraries with the sanitizers, we
# need to add ldflags to every binary to make sure they are picked up.
if (prebuilt_instrumented_libraries_available) {
configs += [ "//third_party/instrumented_libraries:prebuilt_ldflags" ]
configs += [ "//third_party/instrumented_libs:prebuilt_ldflags" ]
}
if (use_locally_built_instrumented_libraries) {
configs += [ "//third_party/instrumented_libraries:locally_built_ldflags" ]
configs += [ "//third_party/instrumented_libs:locally_built_ldflags" ]
}
}

2
build/config/sanitizers/BUILD.gn

@ -43,7 +43,7 @@ group("deps") {
}
if (use_prebuilt_instrumented_libraries ||
use_locally_built_instrumented_libraries) {
deps += [ "//third_party/instrumented_libraries:deps" ]
deps += [ "//third_party/instrumented_libs:deps" ]
}
}
if (fail_on_san_warnings) {

4
docs/linux/dependencies.md

@ -180,7 +180,7 @@ file](https://goto.google.com/ynnzy). For DBus, this will look like:
In order for `MSAN` to work, you will likely need to add your library package to
the instrumented libraries. To do this, add the library dev package to
[`third_party/instrumented_libraries/BUILD.gn`](https://cs.chromium.org/chromium/src/third_party/instrumented_libraries/BUILD.gn):
[`third_party/instrumented_libs/BUILD.gn`](https://cs.chromium.org/chromium/src/third_party/instrumented_libs/BUILD.gn):
```
# This is the minimum you will need. Check other examples in this file if
@ -191,7 +191,7 @@ the instrumented libraries. To do this, add the library dev package to
```
Then add `:libdbus-1-3` to
`//third_party/instrumented_libraries:locally_built`'s `deps`.
`//third_party/instrumented_libs:locally_built`'s `deps`.
See [Linux Instrumented
Libraries](https://chromium.googlesource.com/chromium/src.git/+/main/docs/instrumented_libraries.md)

8
docs/linux/instrumented_libraries.md

@ -70,7 +70,7 @@ apt install lsb-release sudo python pkg-config libgtk2.0-bin libdrm-dev nih-dbus
Install library packages:
```shell
third_party/instrumented_libraries/focal/scripts/install-build-deps.sh
third_party/instrumented_libs/focal/scripts/install-build-deps.sh
```
Change to a non-root user:
@ -95,7 +95,7 @@ Now we're ready to build the libraries. A clean build takes a little over 8
minutes on a 72-thread machine.
```shell
third_party/instrumented_libraries/scripts/build_and_package.py --parallel -j $(nproc) all focal
third_party/instrumented_libs/scripts/build_and_package.py --parallel -j $(nproc) all focal
```
## Uploading the libraries
@ -109,10 +109,10 @@ to request access.
exit
# Move files into place.
mv *.tgz third_party/instrumented_libraries/binaries
mv *.tgz third_party/instrumented_libs/binaries
# Upload.
upload_to_google_storage.py -b chromium-instrumented-libraries third_party/instrumented_libraries/binaries/msan*.tgz
upload_to_google_storage.py -b chromium-instrumented-libraries third_party/instrumented_libs/binaries/msan*.tgz
```
## Testing and uploading a CL

2
infra/inclusive_language_presubmit_exempt_dirs.txt

@ -538,7 +538,7 @@ third_party/hunspell/fuzz/bdict_corpus 2 2
third_party/hyphenation-patterns 1 1
third_party/hyphenation-patterns/src/am 1 1
third_party/inspector_protocol 4 1
third_party/instrumented_libraries/focal/scripts 1 1
third_party/instrumented_libs/focal/scripts 1 1
third_party/jsoncpp 1 1
third_party/libpng/contrib/oss-fuzz 1 1
third_party/libpng/patches 1 1

4
third_party/.gitignore vendored

@ -66,8 +66,8 @@
/guava/lib/
/hamcrest/lib/
/icu4j/lib/
/instrumented_libraries/scripts/*.tgz
/instrumented_libraries/scripts/out/*
/instrumented_libraries/
/instrumented_libs/
/jacoco/coverage/
/jacoco/doc/
/jacoco/index.html

2
third_party/instrumented_libraries/.style.yapf vendored

@ -1,2 +0,0 @@
[style]
based_on_style = pep8

77
third_party/instrumented_libraries/BUILD.gn vendored

@ -1,77 +0,0 @@
# Copyright 2015 The Chromium Authors
# Use of this source code is governed by a BSD-style license that can be
# found in the LICENSE file.
import("//build/config/sanitizers/sanitizers.gni")
declare_args() {
instrumented_libraries_release = "focal"
}
group("deps") {
if (use_locally_built_instrumented_libraries) {
deps = [ "//third_party/instrumented_libraries/$instrumented_libraries_release:locally_built" ]
} else if (use_prebuilt_instrumented_libraries) {
assert(prebuilt_instrumented_libraries_available,
"Prebuilt instrumented libraries are only available when " +
"is_msan = true and msan_track_origins = {0, 2}")
deps = [ ":prebuilt" ]
data_deps = [ ":prebuilt" ]
}
}
if (prebuilt_instrumented_libraries_available) {
group("prebuilt") {
visibility = [ ":deps" ]
deps = [ ":extract_prebuilt_instrumented_libraries" ]
data_deps = [ ":extract_prebuilt_instrumented_libraries" ]
}
if (msan_track_origins == 0) {
archive_prefix = "msan-no-origins"
} else if (msan_track_origins == 2) {
archive_prefix = "msan-chained-origins"
}
# Note: This requires a clobber whenever Ubuntu version changes.
action("extract_prebuilt_instrumented_libraries") {
visibility = [ ":prebuilt" ]
script = "scripts/unpack_binaries.py"
depfile = "$target_out_dir/$archive_prefix.d"
args = [
archive_prefix,
instrumented_libraries_release,
rebase_path("binaries", root_build_dir),
rebase_path(root_out_dir + "/instrumented_libraries_prebuilt",
root_build_dir),
rebase_path(target_out_dir, root_out_dir),
]
outputs = [ "$target_out_dir/$archive_prefix.txt" ]
data = [ "$root_out_dir/instrumented_libraries_prebuilt/" ]
}
config("prebuilt_ldflags") {
ldflags = [
# Add a relative RPATH entry to Chromium binaries. This puts instrumented
# DSOs before system-installed versions in library search path.
"-Wl,-R,\$ORIGIN/instrumented_libraries_prebuilt/lib",
"-Wl,-z,origin",
# Add some padding to allow RPATHs to be modified later.
"-Wl,-R,________________________________________________________________________________________________PADDING________________________________________________________________________________________________",
]
}
}
config("locally_built_ldflags") {
ldflags = [
# Add a relative RPATH entry to Chromium binaries. This puts instrumented
# DSOs before system-installed versions in library search path.
"-Wl,-R,\$ORIGIN/instrumented_libraries/lib",
"-Wl,-z,origin",
# Add some padding to allow RPATHs to be modified later.
"-Wl,-R,________________________________________________________________PADDING________________________________________________________________",
]
}

6
third_party/instrumented_libraries/DIR_METADATA vendored

@ -1,6 +0,0 @@
monorail: {
component: "Internals>Instrumentation"
}
buganizer_public: {
component_id: 1456524
}

3
third_party/instrumented_libraries/OWNERS vendored

@ -1,3 +0,0 @@
eugenis@chromium.org
glider@chromium.org
thomasanderson@chromium.org

10
third_party/instrumented_libraries/README.chromium vendored

@ -1,10 +0,0 @@
Name: instrumented_libraries
URL: n/a
Version: 0
Security Critical: no
Shipped: no
License: n/a
Description:
Scripts which can download and build several third party libraries
using different instrumentation tools (MemorySanitizer, etc.).

2
third_party/instrumented_libraries/binaries/.gitignore vendored

@ -1,2 +0,0 @@
# Ignore downloaded binaries.
*.tgz

1
third_party/instrumented_libraries/binaries/msan-chained-origins-focal.tgz.sha1 vendored

@ -1 +0,0 @@
003f342623c1b8a06b94631fd4652796a6a471f0

1
third_party/instrumented_libraries/binaries/msan-no-origins-focal.tgz.sha1 vendored

@ -1 +0,0 @@
6578e0635e3f76c09b112f6fd62d18608fda3add

859
third_party/instrumented_libraries/focal/BUILD.gn vendored

@ -1,859 +0,0 @@
# Copyright 2021 The Chromium Authors
# Use of this source code is governed by a BSD-style license that can be
# found in the LICENSE file.
import("//build/config/python.gni")
import("//build/config/sanitizers/sanitizers.gni")
import("//build/toolchain/goma.gni")
group("locally_built") {
visibility = [ "//third_party/instrumented_libraries:deps" ]
deps = [
":atk1.0",
":brltty",
":dee",
":freetype",
":guest-oslogin",
":harfbuzz",
":libappindicator3-1",
":libasound2",
":libatk-bridge2.0-0",
":libatspi2.0-0",
":libavahi-client3",
":libcairo2",
":libcap2",
":libcredentialkit_pkcs11",
":libcups2",
":libcurl3-gnutls",
":libdbus-1-3",
":libdbus-glib-1-2",
":libdbusmenu",
":libdbusmenu-glib4",
":libexpat1",
":libffi7",
":libfontconfig1",
":libgcrypt20",
":libgdk-pixbuf2.0-0",
":libglib2.0-0",
":libgnutls30",
":libgpg-error0",
":libgtk-3-0",
":libidn11",
":libido3-0.1-0",
":libindicator3-7",
":libjpeg-turbo8",
":libldap-2.4-2",
":libnettle7",
":libnspr4",
":libp11-kit0",
":libpci3",
":libpcre3",
":libpixman-1-0",
":libpng16-16",
":librtmp1",
":libsasl2-2",
":libsecret",
":libssl1.1",
":libtasn1-6",
":libudev1",
":libunity9",
":libva2",
":libwayland-client0",
":libx11-6",
":libxau6",
":libxcb1",
":libxcomposite1",
":libxcursor1",
":libxdamage1",
":libxdmcp6",
":libxext6",
":libxfixes3",
":libxi6",
":libxinerama1",
":libxkbcommon0",
":libxrandr2",
":libxrender1",
":libxss1",
":libxtst6",
":nss",
":opensc-pkcs11",
":pango1.0",
":pulseaudio",
":zlib1g",
]
data = [ "${root_out_dir}/instrumented_libraries/lib" ]
}
template("instrumented_library") {
action(target_name) {
# Ignore "assignment had no effect" errors when there are no variables
# defined inside of the instrumented_library.
not_needed([ "invoker" ])
script = "scripts/download_build_install.py"
build_method = "destdir"
if (defined(invoker.build_method)) {
build_method = invoker.build_method
}
cc = rebase_path("//third_party/llvm-build/Release+Asserts/bin/clang")
cxx = rebase_path("//third_party/llvm-build/Release+Asserts/bin/clang++")
if (use_goma) {
cc = "${goma_dir}/gomacc ${cc}"
cxx = "${goma_dir}/gomacc ${cxx}"
}
package_cflags = [
"-O2",
"-gline-tables-only",
"-fPIC",
"-w",
"-U_FORTIFY_SOURCE",
"-fno-omit-frame-pointer",
"-fsanitize=memory",
"-fsanitize-memory-track-origins=${msan_track_origins}",
]
package_ldflags = [ "-fsanitize=memory" ]
if (defined(invoker.package_cflags)) {
package_cflags += invoker.package_cflags
}
if (defined(invoker.package_ldflags)) {
package_ldflags += invoker.package_ldflags
}
if (defined(invoker.deps)) {
deps = invoker.deps
}
env = []
if (defined(invoker.env)) {
env = invoker.env
}
product_dir = rebase_path(root_out_dir)
intermediate_dir = rebase_path(target_gen_dir)
args = [
"--build-method=${build_method}",
"--cc=${cc}",
"--cxx=${cxx}",
"--intermediate-dir=${intermediate_dir}",
"--libdir=lib",
"--package=${target_name}",
"--product-dir=${product_dir}",
"--cflags=${package_cflags}",
"--ldflags=${package_ldflags}",
"--env=${env}",
]
outputs = [ "${root_out_dir}/instrumented_libraries/${target_name}.txt" ]
inputs = []
if (defined(invoker.pre_build)) {
inputs += [ invoker.pre_build ]
args += [ "--pre-build=${invoker.pre_build}" ]
}
if (defined(invoker.patches)) {
inputs += invoker.patches
foreach(patch, invoker.patches) {
args += [ "--patch=${patch}" ]
}
}
if (defined(invoker.msan_ignorelist)) {
inputs += [ invoker.msan_ignorelist ]
args += [ "--sanitizer-ignorelist=${invoker.msan_ignorelist}" ]
}
if (defined(invoker.extra_configure_flags)) {
args += [ "--extra-configure-flags=${invoker.extra_configure_flags}" ]
}
if (defined(invoker.git_url)) {
args += [ "--git-url=${invoker.git_url}" ]
}
if (defined(invoker.git_revision)) {
args += [ "--git-revision=${invoker.git_revision}" ]
}
if (defined(invoker.make_targets)) {
args += [ "--make-targets=${invoker.make_targets}" ]
}
}
}
instrumented_library("atk1.0") {
build_method = "meson"
extra_configure_flags = [ "-Dintrospection=false" ]
}
instrumented_library("brltty") {
extra_configure_flags = [
"--disable-static",
# From debian/rules.
"--without-viavoice",
"--without-theta",
"--without-swift",
"--bindir=/sbin",
"--with-curses=ncursesw",
"--disable-stripping",
# We don't need any of those.
"--disable-java-bindings",
"--disable-lisp-bindings",
"--disable-ocaml-bindings",
"--disable-python-bindings",
"--disable-tcl-bindings",
]
}
instrumented_library("dee") {
extra_configure_flags = [
"--disable-static",
# See above.
"--disable-introspection",
]
pre_build = "scripts/pre-build/autogen.sh"
}
instrumented_library("freetype") {
extra_configure_flags = [ "--disable-static" ]
}
instrumented_library("guest-oslogin") {
git_url = "https://github.com/GoogleCloudPlatform/guest-oslogin.git"
git_revision = "f59b7f38c21b4794282ddf12fd4a6083cd99e1e4"
# Work around an issue where header files are passed to the linker.
patches = [ "patches/guest-oslogin.diff" ]
}
instrumented_library("harfbuzz") {
package_cflags = [ "-Wno-c++11-narrowing" ]
extra_configure_flags = [
"--disable-static",
# From debian/rules.
"--with-graphite2=yes",
"--with-gobject",
# See above.
"--disable-introspection",
]
}
instrumented_library("libappindicator3-1") {
extra_configure_flags = [
"--disable-static",
# See above.
"--disable-introspection",
"--with-gtk=3",
]
pre_build = "scripts/pre-build/autogen.sh"
}
instrumented_library("libasound2") {
extra_configure_flags = [ "--disable-static" ]
pre_build = "scripts/pre-build/libasound2.sh"
}
instrumented_library("libatk-bridge2.0-0") {
build_method = "meson"
}
instrumented_library("libatspi2.0-0") {
build_method = "meson"
extra_configure_flags = [ "-Dintrospection=no" ]
package_cflags = [
"-Wno-incompatible-function-pointer-types",
"-Wno-implicit-function-declaration",
]
}
instrumented_library("libavahi-client3") {
extra_configure_flags = [
"--disable-static",
"--disable-introspection",
"--disable-gtk3",
# From debian/rules.
"--enable-compat-libdns_sd",
"--disable-mono",
"--disable-monodoc",
"--disable-qt3",
"--disable-qt4",
"--with-systemdsystemunitdir=/lib/systemd/system",
]
patches = [ "patches/libavahi-client3.diff" ]
pre_build = "scripts/pre-build/autogen.sh"
}
instrumented_library("libcairo2") {
extra_configure_flags = [
"--disable-gtk-doc",
"--disable-static",
]
# Required due to aclocal version mismatch.
pre_build = "scripts/pre-build/autoreconf.sh"
}
instrumented_library("libcap2") {
extra_configure_flags = [ "--disable-static" ]
build_method = "custom_libcap"
}
instrumented_library("libcredentialkit_pkcs11") {
build_method = "stub"
}
instrumented_library("libcups2") {
extra_configure_flags = [
"--disable-static",
# All from debian/rules.
"--localedir=/usr/share/cups/locale",
"--enable-slp",
"--enable-libpaper",
"--enable-ssl",
"--enable-gnutls",
"--disable-openssl",
"--enable-threads",
"--enable-debug",
"--enable-dbus",
"--with-dbusdir=/etc/dbus-1",
"--enable-gssapi",
"--enable-avahi",
"--with-pdftops=/usr/bin/gs",
"--disable-launchd",
"--with-cups-group=lp",
"--with-system-groups=lpadmin",
"--with-printcap=/var/run/cups/printcap",
"--with-log-file-perm=0640",
"--with-local_protocols=\"CUPS dnssd\"",
"--with-remote_protocols=\"CUPS dnssd\"",
"--enable-libusb",
]
pre_build = "scripts/pre-build/libcups2.sh"
}
instrumented_library("libcurl3-gnutls") {
build_method = "custom_libcurl"
# Don't generate zsh or fish completions.
patches = [ "patches/libcurl3-gnutls.diff" ]
}
instrumented_library("libdbus-1-3") {
extra_configure_flags = [
"--disable-static",
# From debian/rules.
"--disable-libaudit",
"--enable-apparmor",
"--enable-systemd",
"--libexecdir=/lib/dbus-1.0",
"--with-systemdsystemunitdir=/lib/systemd/system",
"--disable-tests",
"--exec-prefix=/",
# From dh_auto_configure.
"--prefix=/usr",
"--localstatedir=/var",
]
}
instrumented_library("libdbus-glib-1-2") {
extra_configure_flags = [
# Use system dbus-binding-tool. The just-built one is instrumented but
# doesn't have the correct RPATH, and will crash.
"--with-dbus-binding-tool=dbus-binding-tool",
"--disable-static",
]
}
instrumented_library("libdbusmenu") {
extra_configure_flags = [
"--disable-static",
# From debian/rules.
"--disable-scrollkeeper",
"--with-gtk=2",
# See above.
"--disable-introspection",
"--disable-vala",
]
pre_build = "scripts/pre-build/autogen.sh"
}
instrumented_library("libdbusmenu-glib4") {
extra_configure_flags = [
"--disable-static",
# From debian/rules.
"--disable-scrollkeeper",
"--enable-gtk-doc",
# --enable-introspection introduces a build step that attempts to run
# a just-built binary and crashes. Vala requires introspection.
# TODO(eugenis): find a better fix.
"--disable-introspection",
"--disable-vala",
]
pre_build = "scripts/pre-build/autogen.sh"
}
instrumented_library("libexpat1") {
build_method = "debian"
patches = [
"patches/libexpat1.diff",
"patches/libexpat1.2.diff",
]
}
instrumented_library("libffi7") {
extra_configure_flags = [ "--disable-static" ]
}
instrumented_library("libfontconfig1") {
extra_configure_flags = [
"--disable-docs",
"--sysconfdir=/etc/",
"--disable-static",
# From debian/rules.
"--with-add-fonts=/usr/X11R6/lib/X11/fonts,/usr/local/share/fonts",
]
}
instrumented_library("libgcrypt20") {
package_ldflags = [ "-Wl,-z,muldefs" ]
extra_configure_flags = [
# From debian/rules.
"--enable-noexecstack",
"--enable-ld-version-script",
"--disable-static",
# http://crbug.com/344505
"--disable-asm",
]
}
instrumented_library("libgdk-pixbuf2.0-0") {
build_method = "meson"
extra_configure_flags = [
"-Dgir=false",
"-Dman=false",
"-Dx11=true",
"-Djasper=false",
"-Dinstalled_tests=false",
# Do not use loadable modules. Same as with Pango, there's no easy way
# to make gdk-pixbuf pick instrumented versions over system-installed
# ones.
"-Dbuiltin_loaders=all",
]
pre_build = "scripts/pre-build/libgdk-pixbuf2.0-0.sh"
# Ignore MSAN errors during the build. It's unclear why this only works on
# some binaries.
env = [ [
"MSAN_OPTIONS",
"halt_on_error=0 exitcode=0",
] ]
}
instrumented_library("libglib2.0-0") {
build_method = "meson"
extra_configure_flags = [
"-Dgdk_doc=false",
"-Dman=false",
]
msan_ignorelist = "ignorelists/msan/libglib2.0-0.txt"
pre_build = "scripts/pre-build/libglib2.0-0.sh"
package_cflags = [ "-Wno-int-conversion" ]
}
instrumented_library("libgnutls30") {
extra_configure_flags = [
# from debian/rules.
"--enable-ld-version-script",
"--enable-cxx",
"--without-lzo",
"--disable-guile",
"--with-libgcrypt",
"--with-packager=Debian",
"--with-included-unistring",
# MSAN is not compatible with instructions such as CPUID.
# https://github.com/google/oss-fuzz/issues/578
"--disable-hardware-acceleration",
]
patches = [
# Make sure to use the memset/memcmp provided by MSAN, not the
# gnutls-provided ones.
"patches/libgnutls30.1.diff",
# Work around several usages of uninitialized memory. The allocated
# memory is contained within libgnutls, so will not affect Chromium test
# coverage.
"patches/libgnutls30.2.diff",
]
}
instrumented_library("libgpg-error0") {
extra_configure_flags = [ "--disable-static" ]
}
instrumented_library("libgtk-3-0") {
package_cflags = [
"-Wno-implicit-function-declaration",
"-Wno-int-conversion",
"-Wno-return-type",
]
extra_configure_flags = [
"--disable-static",
"--disable-introspection",
# From debian/rules.
"--enable-test-print-backend",
"--enable-x11-backend",
]
pre_build = "scripts/pre-build/libgtk-3-0.sh"
patches = [
# MSAN does not support GL, so it must be disabled in GTK.
# https://www.chromium.org/developers/testing/memorysanitizer#TOC-Disable-OpenGL
"patches/libgtk-3-0.diff",
]
}
instrumented_library("libido3-0.1-0") {
package_cflags = [ "-Wno-return-type" ]
extra_configure_flags = [
"--disable-static",
# See above.
"--disable-introspection",
"--with-gtk=3",
]
pre_build = "scripts/pre-build/autogen.sh"
}
instrumented_library("libidn11") {
build_method = "debian"
pre_build = "scripts/pre-build/libidn.sh"
}
instrumented_library("libindicator3-7") {
extra_configure_flags = [
"--disable-static",
# See above.
"--disable-introspection",
]
pre_build = "scripts/pre-build/autogen.sh"
}
instrumented_library("libjpeg-turbo8") {
build_method = "cmake"
}
instrumented_library("libldap-2.4-2") {
extra_configure_flags = [
"--disable-slapd",
# From debian/rules.
"--enable-debug",
"--enable-dynamic",
"--enable-syslog",
"--enable-proctitle",
"--enable-ipv6",
"--enable-local",
"--with-subdir=ldap",
"--with-cyrus-sasl",
"--without-threads",
"--with-gssapi",
"--with-tls=gnutls",
"--with-odbc=unixodbc",
]
# Debian adds a custom patch that adds @VERSION_OPTION@, which must
# be substituted before building.
pre_build = "scripts/pre-build/dh_autoreconf.sh"
package_cflags = [
"-Wno-implicit-function-declaration",
"-Wno-implicit-int",
]
}
instrumented_library("libnspr4") {
extra_configure_flags = [
"--enable-64bit",
"--disable-static",
# TSan reports data races on debug variables.
"--disable-debug",
]
pre_build = "scripts/pre-build/libnspr4.sh"
}
instrumented_library("libnettle7") {
}
instrumented_library("libp11-kit0") {
extra_configure_flags = [ "--disable-static" ]
# Required due to autoconf version mismatch.
pre_build = "scripts/pre-build/autoreconf.sh"
}
instrumented_library("libpci3") {
extra_configure_flags = [ "--disable-static" ]
build_method = "custom_libpci3"
}
instrumented_library("libpcre3") {
extra_configure_flags = [
"--enable-utf8",
"--enable-unicode-properties",
"--disable-static",
]
pre_build = "scripts/pre-build/dh_autoreconf.sh"
}
instrumented_library("libpixman-1-0") {
extra_configure_flags = [
"--disable-static",
# From debian/rules.
"--disable-gtk",
"--disable-silent-rules",
# Avoid a clang issue. http://crbug.com/449183
"--disable-mmx",
]
patches = [ "patches/libpixman-1-0.diff" ]
}
instrumented_library("libpng16-16") {
extra_configure_flags = [ "--disable-static" ]
}
instrumented_library("librtmp1") {
build_method = "debian"
# Ensure we build with clang.
patches = [ "patches/librtmp1.diff" ]
}
instrumented_library("libsasl2-2") {
build_method = "debian"
pre_build = "scripts/pre-build/libsasl2-2.sh"
package_cflags = [
"-Wno-implicit-function-declaration",
"-Wno-return-type",
]
}
instrumented_library("libsecret") {
extra_configure_flags = [
"--disable-static",
# See above.
"--disable-introspection",
]
pre_build = "scripts/pre-build/autoreconf.sh"
}
instrumented_library("libssl1.1") {
build_method = "debian"
patches = [
"patches/libssl1.1.diff",
"patches/libssl1.1-2.diff",
]
}
instrumented_library("libtasn1-3") {
extra_configure_flags = [
"--disable-static",
# From debian/rules.
"--enable-ld-version-script",
]
}
instrumented_library("libtasn1-6") {
extra_configure_flags = [
"--disable-static",
# From debian/rules.
"--enable-ld-version-script",
]
}
instrumented_library("libunity9") {
extra_configure_flags = [ "--disable-static" ]
pre_build = "scripts/pre-build/autogen.sh"
package_cflags = [ "-Wno-incompatible-function-pointer-types" ]
}
instrumented_library("libva2") {
build_method = "meson"
}
instrumented_library("libwayland-client0") {
extra_configure_flags = [
"--disable-static",
"--disable-documentation",
]
# Do not use the just-built wayland_scanner because it is not runnable due
# to uninstrumented dependencies.
extra_configure_flags += [ "--with-host-scanner" ]
}
instrumented_library("libx11-6") {
extra_configure_flags = [
"--disable-specs",
"--disable-static",
]
msan_ignorelist = "ignorelists/msan/libx11-6.txt"
}
instrumented_library("libxau6") {
extra_configure_flags = [ "--disable-static" ]
}
instrumented_library("libxcb1") {
extra_configure_flags = [
"--disable-build-docs",
"--disable-static",
]
pre_build = "scripts/pre-build/autoreconf.sh"
env = [ [
"PYTHON",
"python3",
] ]
}
instrumented_library("libxcomposite1") {
extra_configure_flags = [ "--disable-static" ]
}
instrumented_library("libxcursor1") {
extra_configure_flags = [ "--disable-static" ]
}
instrumented_library("libxdamage1") {
extra_configure_flags = [ "--disable-static" ]
}
instrumented_library("libxdmcp6") {
extra_configure_flags = [
"--disable-docs",
"--disable-static",
]
}
instrumented_library("libxext6") {
extra_configure_flags = [
"--disable-specs",
"--disable-static",
]
}
instrumented_library("libxfixes3") {
extra_configure_flags = [ "--disable-static" ]
}
instrumented_library("libxi6") {
extra_configure_flags = [
"--disable-specs",
"--disable-docs",
"--disable-static",
]
patches = [ "patches/libxi6.diff" ]
}
instrumented_library("libxinerama1") {
extra_configure_flags = [ "--disable-static" ]
}
instrumented_library("libxkbcommon0") {
package_ldflags = [ "-Wl,-z,undefs" ]
build_method = "debian"
pre_build = "scripts/pre-build/xkbcommon.sh"
patches = [ "patches/libxkbcommon0.diff" ]
}
instrumented_library("libxrandr2") {
extra_configure_flags = [ "--disable-static" ]
}
instrumented_library("libxrender1") {
extra_configure_flags = [ "--disable-static" ]
}
instrumented_library("libxss1") {
extra_configure_flags = [ "--disable-static" ]
}
instrumented_library("libxtst6") {
extra_configure_flags = [
"--disable-specs",
"--disable-static",
]
}
instrumented_library("nss") {
patches = [
"patches/nss.diff",
"patches/nss.2.diff",
"patches/nss.3.diff",
"patches/nss.4.diff",
]
build_method = "custom_nss"
}
instrumented_library("opensc-pkcs11") {
build_method = "debian"
}
instrumented_library("pango1.0") {
build_method = "meson"
extra_configure_flags = [
# Avoid https://bugs.gentoo.org/show_bug.cgi?id=425620
"-Dintrospection=false",
]
patches = [ "patches/pango1.0.diff" ]
}
instrumented_library("pulseaudio") {
# New location of libpulsecommon.
package_ldflags = [ "-Wl,-R,XORIGIN/pulseaudio/." ]
extra_configure_flags = [
"--disable-static",
# From debian/rules.
"--enable-x11",
"--disable-hal-compat",
# Disable some ARM-related code that fails compilation. No idea why
# this even impacts x86-64 builds.
"--disable-neon-opt",
# There's a build failure caused (I think) by a missing include, so skip
# building the offending file to avoid maintaining a patch.
"--disable-android-hal",
]
pre_build = "scripts/pre-build/pulseaudio.sh"
}
instrumented_library("libudev1") {
build_method = "meson"
}
instrumented_library("zlib1g") {
make_targets = [ "libz.so.1.2.11" ]
}

6
third_party/instrumented_libraries/focal/ignorelists/msan/libglib2.0-0.txt vendored

@ -1,6 +0,0 @@
# MSan needs an interceptor for wcsxfrm(). http://crbug.com/423410
fun:g_utf8_collate_key
# safe_fdwalk uses syscall(SYS_getdents64) instead of getdents64(),
# so MSAN cannot intercept the call.
fun:safe_fdwalk

2
third_party/instrumented_libraries/focal/ignorelists/msan/libx11-6.txt vendored

@ -1,2 +0,0 @@
# https://bugs.freedesktop.org/show_bug.cgi?id=81236
fun:XIconifyWindow

19
third_party/instrumented_libraries/focal/patches/guest-oslogin.diff vendored

@ -1,19 +0,0 @@
diff --git a/src/Makefile b/src/Makefile
index a633c7c..39185fc 100644
--- a/src/Makefile
+++ b/src/Makefile
@@ -52,12 +52,12 @@ $(NSS_CACHE_OSLOGIN): nss/nss_cache_oslogin.o nss/compat/getpwent_r.o oslogin_ut
# PAM modules
-$(PAM_LOGIN): pam/pam_oslogin_login.o oslogin_sshca.o oslogin_utils.o include/oslogin_sshca.h
+$(PAM_LOGIN): pam/pam_oslogin_login.o oslogin_sshca.o oslogin_utils.o
$(CXX) $(CXXFLAGS) $(CPPFLAGS) -shared $^ -o $@ $(PAMLIBS)
# Utilities.
-google_authorized_principals: authorized_principals/authorized_principals.o oslogin_utils.o oslogin_sshca.o include/oslogin_sshca.h
+google_authorized_principals: authorized_principals/authorized_principals.o oslogin_utils.o oslogin_sshca.o
$(CXX) $(CXXFLAGS) $(CPPFLAGS) $^ -o $@ $(LDLIBS)
google_authorized_keys: authorized_keys/authorized_keys.o oslogin_utils.o

12
third_party/instrumented_libraries/focal/patches/libavahi-client3.diff vendored

@ -1,12 +0,0 @@
--- ./common/acx_pthread.m4 2015-10-10 00:39:05.000000000 +0000
+++ ../avahi-patched/common/acx_pthread.m4 2021-09-01 22:42:25.700475819 +0000
@@ -232,7 +232,8 @@
# internally use various flags which are still necessary.
AC_MSG_CHECKING([whether to check for GCC pthread/shared inconsistencies])
- check_inconsistencies=yes
+ # Necessary to make ./configure compatible with clang.
+ check_inconsistencies=no
case "${host_cpu}-${host_os}" in
*-darwin*) check_inconsistencies=no ;;
esac

24
third_party/instrumented_libraries/focal/patches/libcurl3-gnutls.diff vendored

@ -1,24 +0,0 @@
diff -rupN curl-7.68.0/scripts/Makefile.am curl-7.68.0.new/scripts/Makefile.am
--- curl-7.68.0/scripts/Makefile.am 2019-12-20 08:17:42.000000000 +0000
+++ curl-7.68.0.new/scripts/Makefile.am 2021-11-04 19:48:15.121879894 +0000
@@ -34,16 +34,16 @@ $(ZSH_COMPLETION_FUNCTION_FILENAME): com
if CROSSCOMPILING
@echo "NOTICE: we can't generate zsh completion when cross-compiling!"
else # if not cross-compiling:
- @if ! test -x "$(PERL)"; then echo "No perl: can't install completion.pl"; exit 0; fi
- $(PERL) $(srcdir)/completion.pl --curl $(top_builddir)/src/curl$(EXEEXT) --shell zsh > $@
+ @echo "NOTICE: we can't generate zsh completion in MSAN builds"
+ touch $@
endif
$(FISH_COMPLETION_FUNCTION_FILENAME): completion.pl
if CROSSCOMPILING
@echo "NOTICE: we can't generate fish completion when cross-compiling!"
else # if not cross-compiling:
- @if ! test -x "$(PERL)"; then echo "No perl: can't install completion.pl"; exit 0; fi
- $(PERL) $(srcdir)/completion.pl --curl $(top_builddir)/src/curl$(EXEEXT) --shell fish > $@
+ @echo "NOTICE: we can't generate fish completion in MSAN builds"
+ touch $@
endif
install-data-local:

23
third_party/instrumented_libraries/focal/patches/libexpat1.2.diff vendored

@ -1,23 +0,0 @@
diff --color -rupN expat-2.2.9/expat/lib/xmlparse.c expat-2.2.9.new/expat/lib/xmlparse.c
--- expat-2.2.9/expat/lib/xmlparse.c 2022-10-19 22:46:59.000000000 +0000
+++ expat-2.2.9.new/expat/lib/xmlparse.c 2022-10-19 23:28:41.859811027 +0000
@@ -650,6 +650,8 @@ static const XML_Char implicitContext[]
# if defined(HAVE_GETRANDOM) || defined(HAVE_SYSCALL_GETRANDOM)
+void __msan_unpoison(void *, size_t);
+
/* Obtain entropy on Linux 3.17+ */
static int
writeRandomBytes_getrandom_nonblock(void *target, size_t count) {
@@ -675,6 +677,10 @@ writeRandomBytes_getrandom_nonblock(void
}
} while (! success && (errno == EINTR));
+ // MSAN doesn't recognise |syscall| and thus doesn't notice that we have
+ // initialised the output buffer.
+ __msan_unpoison(target, count);
+
return success;
}

12
third_party/instrumented_libraries/focal/patches/libexpat1.diff vendored

@ -1,12 +0,0 @@
diff -rupN expat-2.2.9/debian/rules expat-2.2.9.new/debian/rules
--- expat-2.2.9/debian/rules 2017-12-16 07:24:56.000000000 +0000
+++ expat-2.2.9.new/debian/rules 2021-11-04 21:09:22.014564482 +0000
@@ -114,8 +114,6 @@ binary-arch: build install
dh_strip -a
dh_compress -a
dh_fixperms -a
- chmod 644 $(CURDIR)/debian/libexpat1-dev/usr/share/doc/libexpat1-dev/examples/* \
- $(CURDIR)/debian/libexpat1-dev/usr/share/aclocal/*
dh_makeshlibs -a -V --add-udeb=$(UPACKAGE)
dh_installdeb -a
dh_shlibdeps -a -l $(CURDIR)/debian/libexpat1/usr/lib/$(DEB_HOST_MULTIARCH)

49
third_party/instrumented_libraries/focal/patches/libgnutls30.1.diff vendored

@ -1,49 +0,0 @@
diff -rup gnutls28-3.6.13/lib/safe-memfuncs.c gnutls28-3.6.13.new/lib/safe-memfuncs.c
--- gnutls28-3.6.13/lib/safe-memfuncs.c 2020-01-01 20:10:19.000000000 +0000
+++ gnutls28-3.6.13.new/lib/safe-memfuncs.c 2021-11-08 23:20:28.486672798 +0000
@@ -34,25 +34,7 @@
**/
void gnutls_memset(void *data, int c, size_t size)
{
- volatile unsigned volatile_zero;
- volatile char *vdata = (volatile char*)data;
-#ifdef HAVE_EXPLICIT_BZERO
- if (c == 0) {
- explicit_bzero(data, size);
- return;
- }
-#endif
- volatile_zero = 0;
-
- /* This is based on a nice trick for safe memset,
- * sent by David Jacobson in the openssl-dev mailing list.
- */
-
- if (size > 0) {
- do {
- memset(data, c, size);
- } while(vdata[volatile_zero] != c);
- }
+ memset(data, c, size);
}
/**
@@ -71,16 +53,7 @@ void gnutls_memset(void *data, int c, si
**/
int gnutls_memcmp(const void *s1, const void *s2, size_t n)
{
- unsigned i;
- unsigned status = 0;
- const uint8_t *_s1 = s1;
- const uint8_t *_s2 = s2;
-
- for (i=0;i<n;i++) {
- status |= (_s1[i] ^ _s2[i]);
- }
-
- return status;
+ return memcmp(s1, s2, n);
}
#ifdef TEST_SAFE_MEMSET
Only in gnutls28-3.6.13.new/lib: safe-memfuncs.c~

37
third_party/instrumented_libraries/focal/patches/libgnutls30.2.diff vendored

@ -1,37 +0,0 @@
diff -rup gnutls28-3.6.13/lib/mbuffers.c gnutls28-3.6.13.new/lib/mbuffers.c
--- gnutls28-3.6.13/lib/mbuffers.c 2020-01-01 20:11:40.000000000 +0000
+++ gnutls28-3.6.13.new/lib/mbuffers.c 2021-11-08 23:30:49.519648440 +0000
@@ -284,7 +284,7 @@ mbuffer_st *_mbuffer_alloc(size_t maximu
}
/* set the structure to zero */
- memset(st, 0, sizeof(*st));
+ memset(st, 0, maximum_size + sizeof(mbuffer_st));
/* payload points after the mbuffer_st structure */
st->msg.data = (uint8_t *) st + sizeof(mbuffer_st);
Only in gnutls28-3.6.13.new/lib: mbuffers.c~
diff -rup gnutls28-3.6.13/lib/nettle/cipher.c gnutls28-3.6.13.new/lib/nettle/cipher.c
--- gnutls28-3.6.13/lib/nettle/cipher.c 2020-03-24 08:26:29.000000000 +0000
+++ gnutls28-3.6.13.new/lib/nettle/cipher.c 2021-11-08 23:24:35.104648910 +0000
@@ -1020,6 +1020,7 @@ wrap_nettle_cipher_aead_decrypt(void *_c
if (ctx->cipher->aead_decrypt == NULL) {
/* proper AEAD cipher */
uint8_t tag[MAX_HASH_SIZE];
+ memset(tag, 0, MAX_HASH_SIZE);
ctx->cipher->set_iv(ctx->ctx_ptr, nonce_size, nonce);
ctx->cipher->auth(ctx->ctx_ptr, auth_size, auth);
Only in gnutls28-3.6.13.new/lib/nettle: cipher.c~
diff -rup gnutls28-3.6.13/lib/nettle/pk.c gnutls28-3.6.13.new/lib/nettle/pk.c
--- gnutls28-3.6.13/lib/nettle/pk.c 2020-03-13 20:17:54.000000000 +0000
+++ gnutls28-3.6.13.new/lib/nettle/pk.c 2021-11-08 23:24:58.344835111 +0000
@@ -369,6 +369,7 @@ dh_cleanup:
case GNUTLS_PK_EC:
{
struct ecc_scalar ecc_priv;
+ memset(&ecc_priv, 0, sizeof(ecc_priv));
struct ecc_point ecc_pub;
const struct ecc_curve *curve;
Only in gnutls28-3.6.13.new/lib/nettle: pk.c~

10
third_party/instrumented_libraries/focal/patches/libgtk-3-0.diff vendored

@ -1,10 +0,0 @@
diff -rupN gtk+3.0-3.18.9/gdk/gdkglobals.c gtk+3.0-3.18.9.new/gdk/gdkglobals.c
--- gtk+3.0-3.18.9/gdk/gdkglobals.c 2021-09-21 19:47:52.578347112 +0000
+++ gtk+3.0-3.18.9.new/gdk/gdkglobals.c 2021-09-21 19:48:31.938662992 +0000
@@ -34,5 +34,5 @@ GList *_gdk_default_filters
gchar *_gdk_display_name = NULL;
gchar *_gdk_display_arg_name = NULL;
gboolean _gdk_disable_multidevice = FALSE;
-guint _gdk_gl_flags = 0;
+guint _gdk_gl_flags = GDK_GL_DISABLE;
GdkRenderingMode _gdk_rendering_mode = GDK_RENDERING_MODE_SIMILAR;

23
third_party/instrumented_libraries/focal/patches/libpixman-1-0.diff vendored

@ -1,23 +0,0 @@
--- pixman-0.30.2/configure.ac.orig 2014-08-19 15:53:39.376032738 +0400
+++ pixman-0.30.2/configure.ac 2014-08-19 15:53:55.264181469 +0400
@@ -844,12 +844,13 @@ if test x$have_gettimeofday = xyes && te
AC_DEFINE(HAVE_GETTIMEOFDAY, 1, [Whether we have gettimeofday()])
fi
-dnl =====================================
-dnl Check for missing sqrtf() as, e.g., for Solaris 9
-
-AC_SEARCH_LIBS([sqrtf], [m], [],
- [AC_DEFINE([sqrtf], [sqrt],
- [Define to sqrt if you do not have the `sqrtf' function.])])
+# Not needed for Clang Linux builds. Fixes http://crbug.com/404526.
+#dnl =====================================
+#dnl Check for missing sqrtf() as, e.g., for Solaris 9
+#
+#AC_SEARCH_LIBS([sqrtf], [m], [],
+# [AC_DEFINE([sqrtf], [sqrt],
+# [Define to sqrt if you do not have the `sqrtf' function.])])
dnl =====================================
dnl Thread local storage

13
third_party/instrumented_libraries/focal/patches/librtmp1.diff vendored

@ -1,13 +0,0 @@
diff -rupN rtmpdump-2.4+20151223.gitfa8646d/debian/rules rtmpdump-2.4+20151223.gitfa8646d.new/debian/rules
--- rtmpdump-2.4+20151223.gitfa8646d/debian/rules 2021-09-15 20:05:12.286425496 +0000
+++ rtmpdump-2.4+20151223.gitfa8646d.new/debian/rules 2021-09-15 20:07:07.067365697 +0000
@@ -11,7 +11,8 @@ MAKEVARS= \
CRYPTO=GNUTLS \
libdir=/usr/lib/$(DEB_HOST_MULTIARCH) \
XCFLAGS="$(CFLAGS) $(CPPFLAGS)" \
- XLDFLAGS="$(LDFLAGS)"
+ XLDFLAGS="$(LDFLAGS)" \
+ CC=$(CC)
ifneq ($(DEB_BUILD_GNU_TYPE),$(DEB_HOST_GNU_TYPE))
MAKEVARS += CROSS_COMPILE=$(DEB_HOST_GNU_TYPE)-

11
third_party/instrumented_libraries/focal/patches/libssl1.1-2.diff vendored

@ -1,11 +0,0 @@
diff --color -rupN openssl-1.1.1f/crypto/ec/ecx_meth.c openssl-1.1.1f.new/crypto/ec/ecx_meth.c
--- openssl-1.1.1f/crypto/ec/ecx_meth.c 2022-11-08 19:01:29.000000000 +0000
+++ openssl-1.1.1f.new/crypto/ec/ecx_meth.c 2022-11-08 19:36:04.051021276 +0000
@@ -79,6 +79,7 @@ static int ecx_key_op(EVP_PKEY *pkey, in
memcpy(pubkey, p, plen);
} else {
privkey = key->privkey = OPENSSL_secure_malloc(KEYLENID(id));
+ memset(privkey, 0, KEYLENID(id));
if (privkey == NULL) {
ECerr(EC_F_ECX_KEY_OP, ERR_R_MALLOC_FAILURE);
goto err;

11
third_party/instrumented_libraries/focal/patches/libssl1.1.diff vendored

@ -1,11 +0,0 @@
diff --color -rupN openssl-1.1.1f/ssl/ssl_ciph.c openssl-1.1.1f.new/ssl/ssl_ciph.c
--- openssl-1.1.1f/ssl/ssl_ciph.c 2020-03-31 12:17:45.000000000 +0000
+++ openssl-1.1.1f.new/ssl/ssl_ciph.c 2022-11-08 19:03:17.597890542 +0000
@@ -1280,6 +1280,7 @@ static int ciphersuite_cb(const char *el
const SSL_CIPHER *cipher;
/* Arbitrary sized temp buffer for the cipher name. Should be big enough */
char name[80];
+ memset(name, 0, sizeof(name));
if (len > (int)(sizeof(name) - 1)) {
SSLerr(SSL_F_CIPHERSUITE_CB, SSL_R_NO_CIPHER_MATCH);

11
third_party/instrumented_libraries/focal/patches/libxi6.diff vendored

@ -1,11 +0,0 @@
diff --color -rupN libxi-1.7.10/src/XIQueryDevice.c libxi-1.7.10.new/src/XIQueryDevice.c
--- libxi-1.7.10/src/XIQueryDevice.c 2019-06-19 16:43:25.000000000 +0000
+++ libxi-1.7.10.new/src/XIQueryDevice.c 2022-10-20 23:42:29.799640660 +0000
@@ -120,6 +120,7 @@ XIQueryDevice(Display *dpy, int deviceid
Xfree(lib->name);
goto error_loop;
}
+ memset(lib->classes, 0, sz);
ptr += copy_classes(lib, (xXIAnyInfo*)ptr, &nclasses);
/* We skip over unused classes */
lib->num_classes = nclasses;

12
third_party/instrumented_libraries/focal/patches/libxkbcommon0.diff vendored

@ -1,12 +0,0 @@
diff --color -rupN libxkbcommon-0.10.0/src/context.c libxkbcommon-0.10.0.new/src/context.c
--- libxkbcommon-0.10.0/src/context.c 2020-01-18 21:13:01.308651200 +0000
+++ libxkbcommon-0.10.0.new/src/context.c 2022-10-28 23:08:30.472207564 +0000
@@ -93,7 +93,7 @@ XKB_EXPORT int
xkb_context_include_path_append_default(struct xkb_context *ctx)
{
const char *home, *xdg, *root;
- char *user_path;
+ char *user_path = NULL;
int err;
int ret = 0;

48
third_party/instrumented_libraries/focal/patches/nss.2.diff vendored

@ -1,48 +0,0 @@
diff --git a/lib/freebl/freebl.gyp b/lib/freebl/freebl.gyp
index 2b8182e..9bfbb87 100644
--- a/nss/lib/freebl/freebl.gyp
+++ b/nss/lib/freebl/freebl.gyp
@@ -16,19 +16,6 @@
'dependencies': [
'<(DEPTH)/exports.gyp:nss_exports'
],
- 'conditions': [
- [ 'cc_is_clang==1', {
- 'cflags': [
- '-no-integrated-as',
- ],
- 'cflags_mozilla': [
- '-no-integrated-as',
- ],
- 'asflags_mozilla': [
- '-no-integrated-as',
- ],
- }],
- ],
},
{
'target_name': 'intel-gcm-wrap_c_lib',
diff --git a/lib/freebl/freebl_base.gypi b/lib/freebl/freebl_base.gypi
index f7f03bd..3a0a16a 100644
--- a/nss/lib/freebl/freebl_base.gypi
+++ b/nss/lib/freebl/freebl_base.gypi
@@ -74,19 +74,6 @@
'mpi/mpi_amd64_gas.s',
'mpi/mp_comba.c',
],
- 'conditions': [
- [ 'cc_is_clang==1 and fuzz!=1 and coverage!=1', {
- 'cflags': [
- '-no-integrated-as',
- ],
- 'cflags_mozilla': [
- '-no-integrated-as',
- ],
- 'asflags_mozilla': [
- '-no-integrated-as',
- ],
- }],
- ],
}],
[ 'target_arch=="ia32"', {
'sources': [

58
third_party/instrumented_libraries/focal/patches/nss.3.diff vendored

@ -1,58 +0,0 @@
diff --git a/lib/freebl/freebl.gyp b/lib/freebl/freebl.gyp
index 9bfbb87..c5061d6 100644
--- a/nss/lib/freebl/freebl.gyp
+++ b/nss/lib/freebl/freebl.gyp
@@ -238,8 +238,6 @@
'defines!': [
'FREEBL_NO_DEPEND',
'FREEBL_LOWHASH',
- 'USE_HW_AES',
- 'INTEL_GCM',
],
'conditions': [
[ 'target_arch=="x64"', {
@@ -471,16 +469,10 @@
[ 'target_arch=="x64"', {
'defines': [
'MP_IS_LITTLE_ENDIAN',
- 'NSS_BEVAND_ARCFOUR',
- 'MPI_AMD64',
- 'MP_ASSEMBLY_MULTIPLY',
- 'NSS_USE_COMBA',
],
}],
[ 'target_arch=="x64"', {
'defines': [
- 'USE_HW_AES',
- 'INTEL_GCM',
],
}],
[ 'target_arch=="ia32"', {
diff --git a/lib/freebl/freebl_base.gypi b/lib/freebl/freebl_base.gypi
index 3a0a16a..472db32 100644
--- a/nss/lib/freebl/freebl_base.gypi
+++ b/nss/lib/freebl/freebl_base.gypi
@@ -69,10 +69,6 @@
'conditions': [
[ 'target_arch=="x64"', {
'sources': [
- 'arcfour-amd64-gas.s',
- 'mpi/mpi_amd64.c',
- 'mpi/mpi_amd64_gas.s',
- 'mpi/mp_comba.c',
],
}],
[ 'target_arch=="ia32"', {
diff --git a/lib/freebl/unix_urandom.c b/lib/freebl/unix_urandom.c
index 720fa80..5f167ed 100644
--- a/nss/lib/freebl/unix_urandom.c
+++ b/nss/lib/freebl/unix_urandom.c
@@ -32,7 +32,7 @@ RNG_SystemRNG(void *dest, size_t maxLen)
size_t fileBytes = 0;
unsigned char *buffer = dest;
-#if defined(__OpenBSD__) || (defined(__FreeBSD__) && __FreeBSD_version >= 1200000) || (defined(LINUX) && defined(__GLIBC__) && ((__GLIBC__ > 2) || ((__GLIBC__ == 2) && (__GLIBC_MINOR__ >= 25))))
+#if 0
int result;
while (fileBytes < maxLen) {

13
third_party/instrumented_libraries/focal/patches/nss.4.diff vendored

@ -1,13 +0,0 @@
diff --git a/lib/softoken/pkcs11.c b/lib/softoken/pkcs11.c
index 6c535cf..6094555 100644
--- a/nss/lib/softoken/pkcs11.c
+++ b/nss/lib/softoken/pkcs11.c
@@ -4783,7 +4783,7 @@ sftk_searchDatabase(SFTKDBHandle *handle, SFTKSearchResults *search,
CK_RV crv;
int objectListSize = search->array_size - search->size;
CK_OBJECT_HANDLE *array = &search->handles[search->size];
- SDBFind *find;
+ SDBFind *find = NULL;
CK_ULONG count;
crv = sftkdb_FindObjectsInit(handle, pTemplate, ulCount, &find);

51
third_party/instrumented_libraries/focal/patches/nss.diff vendored

@ -1,51 +0,0 @@
diff --git a/lib/pk11wrap/pk11load.c b/lib/pk11wrap/pk11load.c
index 0323025..cc53636 100644
--- a/nss/lib/pk11wrap/pk11load.c
+++ b/nss/lib/pk11wrap/pk11load.c
@@ -353,15 +353,16 @@ SECMOD_SetRootCerts(PK11SlotInfo *slot, SECMODModule *mod)
}
}
-#ifndef NSS_STATIC_SOFTOKEN
+// Remove the build guard here since the code below requires both
+// when NSS_STATIC_SOFTOKEN is set.
static const char *my_shlib_name =
SHLIB_PREFIX "nss" SHLIB_VERSION "." SHLIB_SUFFIX;
static const char *softoken_shlib_name =
SHLIB_PREFIX "softokn" SOFTOKEN_SHLIB_VERSION "." SHLIB_SUFFIX;
-static const PRCallOnceType pristineCallOnce;
-static PRCallOnceType loadSoftokenOnce;
+__attribute__((unused)) static const PRCallOnceType pristineCallOnce;
+__attribute__((unused)) static PRCallOnceType loadSoftokenOnce;
static PRLibrary *softokenLib;
-static PRInt32 softokenLoadCount;
+__attribute__((unused)) static PRInt32 softokenLoadCount;
/* This function must be run only once. */
/* determine if hybrid platform, then actually load the DSO. */
@@ -379,10 +380,8 @@ softoken_LoadDSO(void)
}
return PR_FAILURE;
}
-#else
CK_RV NSC_GetFunctionList(CK_FUNCTION_LIST_PTR *pFunctionList);
char **NSC_ModuleDBFunc(unsigned long function, char *parameters, void *args);
-#endif
/*
* load a new module into our address space and initialize it.
diff --git a/nss.gyp b/nss.gyp
index bf8b4d3..6f873cc 100644
--- a/nss/nss.gyp
+++ b/nss/nss.gyp
@@ -111,8 +111,8 @@
'dependencies': [
'cmd/certutil/certutil.gyp:certutil',
'cmd/modutil/modutil.gyp:modutil',
- 'cmd/pk12util/pk12util.gyp:pk12util',
- 'cmd/shlibsign/shlibsign.gyp:shlibsign',
+ 'cmd/pk12util/pk12util.gyp:pk12util'
+ # Remove shlibsign since we don't sign the libraries.
],
'conditions': [
[ 'comm_client==1', {

13
third_party/instrumented_libraries/focal/patches/pango1.0.diff vendored

@ -1,13 +0,0 @@
diff -rup pango1.0-1.44.7/utils/meson.build pango1.0-1.44.7.new/utils/meson.build
--- pango1.0-1.44.7/utils/meson.build 2019-10-25 03:45:11.000000000 +0000
+++ pango1.0-1.44.7.new/utils/meson.build 2021-11-10 22:58:42.634353917 +0000
@@ -53,7 +53,7 @@ if help2man.found() and not meson.is_cro
custom_target('pango-view.1',
output: 'pango-view.1',
command: [
- help2man, help2man_opts, '--output=@OUTPUT@', pango_view
+ help2man, help2man_opts, '--output=@OUTPUT@', '/usr/bin/pango-view'
],
install: true,
install_dir: join_paths(pango_datadir, 'man/man1'))
Only in pango1.0-1.44.7.new/utils: meson.build~

646
third_party/instrumented_libraries/focal/scripts/download_build_install.py vendored

@ -1,646 +0,0 @@
#!/usr/bin/env python3
# Copyright 2013 The Chromium Authors
# Use of this source code is governed by a BSD-style license that can be
# found in the LICENSE file.
"""Downloads, builds (with instrumentation) and installs shared libraries."""
import argparse
import ast
import errno
import fcntl
import multiprocessing
import os
import glob
import re
import shlex
import shutil
import subprocess
import sys
SCRIPT_ABSOLUTE_PATH = os.path.dirname(os.path.abspath(__file__))
def unescape_flags(s):
"""Un-escapes build flags received from GN.
GN escapes build flags as if they are to be inserted directly into a command
line, wrapping each flag in double quotes. When flags are passed via
CFLAGS/LDFLAGS instead, double quotes must be dropped.
"""
if not s:
return []
try:
return ast.literal_eval(s)
except (SyntaxError, ValueError):
return shlex.split(s)
def real_path(path_relative_to_gn):
"""Returns the absolute path to a file.
GN generates paths relative to the build directory, which is one
level above the location of this script. This function converts them to
absolute paths.
"""
return os.path.realpath(
os.path.join(SCRIPT_ABSOLUTE_PATH, "..", path_relative_to_gn))
class InstrumentedPackageBuilder(object):
"""Checks out and builds a single instrumented package."""
def __init__(self, args, clobber):
self._cc = args.cc
self._cxx = args.cxx
self._extra_configure_flags = unescape_flags(
args.extra_configure_flags)
self._libdir = args.libdir
self._package = args.package
self._patches = [real_path(patch) for patch in args.patch]
self._pre_build = real_path(args.pre_build) if args.pre_build else None
self._verbose = args.verbose
self._clobber = clobber
self._working_dir = os.path.join(real_path(args.intermediate_dir),
self._package, "")
product_dir = real_path(args.product_dir)
self._destdir = os.path.join(product_dir, "instrumented_libraries")
self._source_archives_dir = os.path.join(product_dir,
"instrumented_libraries",
"sources", self._package)
self._cflags = unescape_flags(args.cflags)
if args.sanitizer_ignorelist:
ignorelist_file = real_path(args.sanitizer_ignorelist)
self._cflags += ["-fsanitize-blacklist=%s" % ignorelist_file]
self._ldflags = unescape_flags(args.ldflags)
self.init_build_env(eval(args.env))
self._git_url = args.git_url
self._git_revision = args.git_revision
self._make_targets = unescape_flags(args.make_targets)
# Initialized later.
self._source_dir = ""
self._source_archives = ""
def init_build_env(self, args_env):
self._build_env = os.environ.copy()
self._build_env.update(dict(args_env))
self._build_env["CC"] = self._cc
self._build_env["CXX"] = self._cxx
self._build_env["CFLAGS"] = " ".join(self._cflags)
self._build_env["CXXFLAGS"] = " ".join(self._cflags)
self._build_env["LDFLAGS"] = " ".join(self._ldflags)
# libappindicator1 needs this.
self._build_env["CSC"] = "/usr/bin/mono-csc"
def shell_call(self, command, env=None, cwd=None, shell=False):
"""Wrapper around subprocess.Popen().
Calls command with specific environment and verbosity using
subprocess.Popen().
"""
child = subprocess.Popen(
command,
stdout=subprocess.PIPE,
stderr=subprocess.STDOUT,
env=env,
shell=shell,
cwd=cwd,
)
stdout = child.communicate()[0].decode("utf-8")
if self._verbose or child.returncode:
print(stdout)
if child.returncode:
raise Exception("Failed to run: %s" % command)
return stdout
def maybe_download_source(self):
"""Checks out the source code (if needed).
Checks out the source code for the package, if required (i.e. unless running
in no-clobber mode). Initializes self._source_dir and self._source_archives.
"""
command = ""
get_fresh_source = self._clobber or not os.path.exists(
self._working_dir)
if get_fresh_source:
shutil.rmtree(self._working_dir, ignore_errors=True)
os.makedirs(self._working_dir)
if self._git_url:
command = ["git", "clone", self._git_url]
self.shell_call(command, cwd=self._working_dir)
else:
# Download one source package at a time, otherwise, there will
# be connection errors in gnutls_handshake().
lock = open("apt-source-lock", "w")
fcntl.flock(lock, fcntl.LOCK_EX)
command = ["apt-get", "source", self._package]
self.shell_call(command, cwd=self._working_dir)
fcntl.flock(lock, fcntl.LOCK_UN)
(dirpath, dirnames, filenames) = next(os.walk(self._working_dir))
if len(dirnames) != 1:
raise Exception("`%s' must create exactly one subdirectory." %
command)
self._source_component = dirnames[0]
self._source_dir = os.path.join(dirpath, self._source_component, "")
if self._git_url:
self.shell_call(["git", "checkout", self._git_revision],
cwd=self._source_dir)
else:
if len(filenames) == 0:
raise Exception("Can't find source files after `%s'." %
command)
self._source_archives = [
os.path.join(dirpath, filename) for filename in filenames
]
return get_fresh_source
def patch_source(self):
for patch in self._patches:
self.shell_call(["patch", "-p1", "-i", patch],
cwd=self._source_dir)
if self._pre_build:
self.shell_call([self._pre_build], cwd=self._source_dir)
def copy_source_archives(self):
"""Copies the downloaded source archives to the output dir.
For license compliance purposes, every Chromium build that includes
instrumented libraries must include their full source code.
"""
shutil.rmtree(self._source_archives_dir, ignore_errors=True)
os.makedirs(self._source_archives_dir)
if self._git_url:
dest = os.path.join(self._source_archives_dir,
self._source_component)
shutil.copytree(self._source_dir, dest)
else:
for filename in self._source_archives:
shutil.copy(filename, self._source_archives_dir)
for patch in self._patches:
shutil.copy(patch, self._source_archives_dir)
def download_build_install(self):
got_fresh_source = self.maybe_download_source()
if got_fresh_source:
self.patch_source()
self.copy_source_archives()
if not os.path.exists(self.dest_libdir()):
os.makedirs(self.dest_libdir())
try:
self.build_and_install()
except Exception as exception:
print("ERROR: Failed to build package %s. Have you "
"run src/third_party/instrumented_libraries/scripts/"
"install-build-deps.sh?" % self._package)
raise
# Touch a text file to indicate package is installed.
stamp_file = os.path.join(self._destdir, "%s.txt" % self._package)
open(stamp_file, "w").close()
# Remove downloaded package and generated temporary build files. Failed
# builds intentionally skip this step to help debug build failures.
if self._clobber:
self.shell_call(["rm", "-rf", self._working_dir])
def fix_rpaths(self, directory):
# TODO(eugenis): reimplement fix_rpaths.sh in Python.
script = real_path("scripts/fix_rpaths.sh")
self.shell_call([script, directory])
def temp_dir(self):
"""Returns the directory which will be passed to `make install'."""
return os.path.join(self._source_dir, "debian", "instrumented_build")
def temp_libdir(self):
"""Returns the directory under temp_dir() containing the DSOs."""
return os.path.join(self.temp_dir(), self._libdir)
def dest_libdir(self):
"""Returns the final location of the DSOs."""
return os.path.join(self._destdir, self._libdir)
def cleanup_after_install(self):
"""Removes unneeded files in self.temp_libdir()."""
# .la files are not needed, nuke them.
# In case --no-static is not supported, nuke any static libraries we built.
self.shell_call(
"find %s -name *.la -or -name *.a | xargs rm -f" %
self.temp_libdir(),
shell=True,
)
# .pc files are not needed.
self.shell_call(["rm", "-rf", "%s/pkgconfig" % self.temp_libdir()])
def make(self, args, env=None, cwd=None):
"""Invokes `make'.
Invokes `make' with the specified args, using self._build_env and
self._source_dir by default.
"""
if cwd is None:
cwd = self._source_dir
if env is None:
env = self._build_env
self.shell_call(["make"] + args, env=env, cwd=cwd)
def make_install(self, args, **kwargs):
"""Invokes `make install'."""
self.make(["install"] + args, **kwargs)
def build_and_install(self):
"""Builds and installs the DSOs.
Builds the package with ./configure + make, installs it to a temporary
location, then moves the relevant files to their permanent location.
"""
configure = os.path.join(self._source_dir, "configure")
configure_exists = os.path.exists(configure)
if configure_exists:
configure_cmd = [
configure,
"--libdir=/%s/" % self._libdir,
] + self._extra_configure_flags
self.shell_call(configure_cmd,
env=self._build_env,
cwd=self._source_dir)
args = {
# Some makefiles use BUILDROOT or INSTALL_ROOT instead of DESTDIR.
"DESTDIR": self.temp_dir(),
"BUILDROOT": self.temp_dir(),
"INSTALL_ROOT": self.temp_dir(),
}
if not configure_exists:
# Specify LIBDIR in case ./configure isn't used for this package.
args['LIBDIR'] = '/%s/' % self._libdir
make_args = ["%s=%s" % item for item in args.items()]
self.make(make_args + self._make_targets)
self.make_install(make_args)
self.post_install()
def post_install(self):
self.cleanup_after_install()
self.fix_rpaths(self.temp_libdir())
# Now move the contents of the temporary destdir to their final place.
# We only care for the contents of LIBDIR.
self.shell_call("cp %s/* %s/ -rdf" %
(self.temp_libdir(), self.dest_libdir()),
shell=True)
class DebianBuilder(InstrumentedPackageBuilder):
"""Builds a package using Debian's build system.
TODO(spang): Probably the rest of the packages should also use this method..
"""
def init_build_env(self, args_env):
self._build_env = os.environ.copy()
self._build_env.update(dict(args_env))
self._build_env["CC"] = self._cc
self._build_env["CXX"] = self._cxx
self._build_env["DEB_CFLAGS_APPEND"] = " ".join(self._cflags)
self._build_env["DEB_CXXFLAGS_APPEND"] = " ".join(self._cflags)
self._build_env["DEB_LDFLAGS_APPEND"] = " ".join(self._ldflags)
self._build_env["DEB_BUILD_OPTIONS"] = (
"nocheck notest nodoc nostrip parallel=%d" % os.cpu_count())
def build_and_install(self):
self.build_debian_packages()
self.install_packaged_libs()
def build_debian_packages(self):
configure_cmd = ["dpkg-buildpackage", "-B", "-uc"]
self.shell_call(configure_cmd,
env=self._build_env,
cwd=self._source_dir)
def install_packaged_libs(self):
for deb_file in self.get_deb_files():
self.shell_call(["dpkg-deb", "-x", deb_file, self.temp_dir()])
dpkg_arch_cmd = ["dpkg-architecture", "-qDEB_HOST_MULTIARCH"]
dpkg_arch = self.shell_call(dpkg_arch_cmd).strip()
lib_dirs = [
"usr/lib/%s" % dpkg_arch,
"lib/%s" % dpkg_arch,
]
lib_paths = [
path for lib_dir in lib_dirs for path in glob.glob(
os.path.join(self.temp_dir(), lib_dir, "*.so.*"))
]
for lib_path in lib_paths:
dest_path = os.path.join(self.dest_libdir(),
os.path.basename(lib_path))
try:
os.unlink(dest_path)
except OSError as exception:
if exception.errno != errno.ENOENT:
raise
if os.path.islink(lib_path):
if self._verbose:
print("linking %s" % os.path.basename(lib_path))
os.symlink(os.readlink(lib_path), dest_path)
elif os.path.isfile(lib_path):
if self._verbose:
print("copying %s" % os.path.basename(lib_path))
shutil.copy(lib_path, dest_path)
def get_deb_files(self):
deb_files = []
files_file = os.path.join(self._source_dir, "debian/files")
for line in open(files_file, "r").read().splitlines():
filename, category, section = line.split(" ")
if not filename.endswith(".deb"):
continue
pathname = os.path.join(self._source_dir, "..", filename)
deb_files.append(pathname)
return deb_files
class LibcapBuilder(InstrumentedPackageBuilder):
def build_and_install(self):
# libcap2 doesn't have a configure script
build_args = ["CC", "CXX", "CFLAGS", "CXXFLAGS", "LDFLAGS"]
make_args = [
"%s=%s" % (name, self._build_env[name]) for name in build_args
]
self.make(make_args)
install_args = [
"DESTDIR=%s" % self.temp_dir(),
"lib=%s" % self._libdir,
# Skip a step that requires sudo.
"RAISE_SETFCAP=no",
]
self.make_install(install_args)
self.cleanup_after_install()
self.fix_rpaths(self.temp_libdir())
# Now move the contents of the temporary destdir to their final place.
# We only care for the contents of LIBDIR.
self.shell_call("cp %s/* %s/ -rdf" %
(self.temp_libdir(), self.dest_libdir()),
shell=True)
class LibcurlBuilder(DebianBuilder):
def build_and_install(self):
super().build_and_install()
# The libcurl packages don't specify a default libcurl.so, but this is
# required since libcurl.so is dlopen()ed by crashpad. Normally,
# libcurl.so is installed by one of libcurl-{gnutls,nss,openssl}-dev.
# Doing a standalone instrumented build of a dev package is tricky,
# so we manually symlink libcurl.so instead.
libcurl_so = os.path.join(self.dest_libdir(), "libcurl.so")
if not os.path.exists(libcurl_so):
os.symlink("libcurl.so.4", libcurl_so)
class Libpci3Builder(InstrumentedPackageBuilder):
def package_version(self):
"""Guesses libpci3 version from source directory name."""
dir_name = os.path.split(os.path.normpath(self._source_dir))[-1]
match = re.match("pciutils-(\d+\.\d+\.\d+)", dir_name)
if match is None:
raise Exception(
"Unable to guess libpci3 version from directory name: %s" %
dir_name)
return match.group(1)
def temp_libdir(self):
# DSOs have to be picked up from <source_dir>/lib, since `make install'
# doesn't actualy install them anywhere.
return os.path.join(self._source_dir, "lib")
def build_and_install(self):
# pciutils doesn't have a configure script
# This build process follows debian/rules.
self.shell_call(["mkdir", "-p", "%s-udeb/usr/bin" % self.temp_dir()])
build_args = ["CC", "CXX", "CFLAGS", "CXXFLAGS", "LDFLAGS"]
make_args = [
"%s=%s" % (name, self._build_env[name]) for name in build_args
]
make_args += [
"LIBDIR=/%s/" % self._libdir,
"PREFIX=/usr",
"SBINDIR=/usr/bin",
"IDSDIR=/usr/share/misc",
"SHARED=yes",
# pciutils fails to build due to unresolved libkmod symbols. The binary
# package has no dependencies on libkmod, so it looks like it was
# actually built without libkmod support.
"LIBKMOD=no",
]
self.make(make_args)
# `make install' is not needed.
self.fix_rpaths(self.temp_libdir())
# Now install the DSOs to their final place.
self.shell_call(
"install -m 644 %s/libpci.so* %s" %
(self.temp_libdir(), self.dest_libdir()),
shell=True,
)
self.shell_call(
"ln -sf libpci.so.%s %s/libpci.so.3" %
(self.package_version(), self.dest_libdir()),
shell=True,
)
class MesonBuilder(InstrumentedPackageBuilder):
def build_and_install(self):
meson_cmd = [
"meson",
"build",
".",
"--prefix",
"/",
"--libdir",
self._libdir,
"--sbindir",
"bin",
"-Db_lundef=false",
] + self._extra_configure_flags
self.shell_call(meson_cmd, env=self._build_env, cwd=self._source_dir)
self.shell_call(
["ninja", "-C", "build", "install"],
{
**self._build_env, "DESTDIR": self.temp_dir()
},
cwd=self._source_dir,
)
self.post_install()
class CmakeBuilder(InstrumentedPackageBuilder):
def build_and_install(self):
cmake_cmd = [
"cmake",
".",
"-DCMAKE_INSTALL_PREFIX=/usr",
"-DCMAKE_INSTALL_LIBDIR=/%s/" % self._libdir,
] + self._extra_configure_flags
self.shell_call(cmake_cmd, env=self._build_env, cwd=self._source_dir)
args = ["DESTDIR", "BUILDROOT", "INSTALL_ROOT"]
make_args = ["%s=%s" % (name, self.temp_dir()) for name in args]
self.make(make_args)
self.make_install(make_args)
self.post_install()
class NSSBuilder(InstrumentedPackageBuilder):
def build_and_install(self):
try:
with multiprocessing.Semaphore():
pass
except (OSError, PermissionError):
raise Exception('/dev/shm must be mounted')
# Hardcoded paths.
temp_dir = os.path.join(self._source_dir, "nss")
temp_libdir = os.path.join(self._source_dir, "dist", "Release", "lib")
self.shell_call(
[
os.path.join(temp_dir, "build.sh"),
"--gyp",
"--opt",
"--msan",
"--no-zdefs",
"--system-nspr",
"-Dsign_libs=0"
"-Ddisable_tests=1",
],
cwd=temp_dir,
env=self._build_env,
)
self.fix_rpaths(temp_libdir)
# 'make install' is not supported. Copy the DSOs manually.
for (dirpath, dirnames, filenames) in os.walk(temp_libdir):
for filename in filenames:
if filename.endswith(".so"):
full_path = os.path.join(dirpath, filename)
if self._verbose:
print("download_build_install.py: installing " +
full_path)
shutil.copy(full_path, self.dest_libdir())
class StubBuilder(InstrumentedPackageBuilder):
def download_build_install(self):
self._touch(os.path.join(self._destdir, "%s.txt" % self._package))
self.shell_call(["mkdir", "-p", self.dest_libdir()])
self._touch(os.path.join(self.dest_libdir(),
"%s.so.0" % self._package))
def _touch(self, path):
with open(path, "w"):
pass
def main():
parser = argparse.ArgumentParser(
description="Download, build and install an instrumented package.")
parser.add_argument("-p", "--package", required=True)
parser.add_argument(
"-i",
"--product-dir",
default=".",
help="Relative path to the directory with chrome binaries",
)
parser.add_argument(
"-m",
"--intermediate-dir",
default=".",
help="Relative path to the directory for temporary build files",
)
parser.add_argument("--extra-configure-flags", default="")
parser.add_argument("--cflags", default="")
parser.add_argument("--ldflags", default="")
parser.add_argument("-v", "--verbose", action="store_true")
parser.add_argument("--cc")
parser.add_argument("--cxx")
parser.add_argument("--patch", nargs="*", action="extend", default=[])
# This should be a shell script to run before building specific libraries.
# This will be run after applying the patches above.
parser.add_argument("--pre-build", default="")
parser.add_argument("--build-method", default="destdir")
parser.add_argument("--sanitizer-ignorelist", default="")
# The LIBDIR argument to configure/make.
parser.add_argument("--libdir", default="lib")
parser.add_argument("--env", default="")
parser.add_argument("--git-url", default="")
parser.add_argument("--git-revision", default="")
parser.add_argument("--make-targets", default="")
# Ignore all empty arguments because in several cases gn passes them to the
# script, but ArgumentParser treats them as positional arguments instead of
# ignoring (and doesn't have such options).
args = parser.parse_args([arg for arg in sys.argv[1:] if len(arg) != 0])
# Clobber by default, unless the developer wants to hack on the package's
# source code.
clobber = os.environ.get("INSTRUMENTED_LIBRARIES_NO_CLOBBER", "") != "1"
if args.build_method == "destdir":
builder = InstrumentedPackageBuilder(args, clobber)
elif args.build_method == "custom_nss":
builder = NSSBuilder(args, clobber)
elif args.build_method == "custom_libcap":
builder = LibcapBuilder(args, clobber)
elif args.build_method == "custom_libcurl":
builder = LibcurlBuilder(args, clobber)
elif args.build_method == "custom_libpci3":
builder = Libpci3Builder(args, clobber)
elif args.build_method == "debian":
builder = DebianBuilder(args, clobber)
elif args.build_method == "meson":
builder = MesonBuilder(args, clobber)
elif args.build_method == "cmake":
builder = CmakeBuilder(args, clobber)
elif args.build_method == "stub":
builder = StubBuilder(args, clobber)
else:
raise Exception("Unrecognized build method: %s" % args.build_method)
builder.download_build_install()
if __name__ == "__main__":
main()

30
third_party/instrumented_libraries/focal/scripts/fix_rpaths.sh vendored

@ -1,30 +0,0 @@
#!/bin/bash
# Copyright 2013 The Chromium Authors
# Use of this source code is governed by a BSD-style license that can be
# found in the LICENSE file.
# Changes all RPATHs in a given directory from XORIGIN to $ORIGIN
# See the comment about XORIGIN in BUILD.gn
# Fixes rpath from XORIGIN to $ORIGIN in a single file $1.
function fix_rpath {
if [ -w "$1" ]
then
# Only attempt to fix RPATH if the entry actually exists.
# FIXME(eugenis): find out why zlib1g on Precise doesn't get RPATH set.
if chrpath -l $1
then
echo "fix_rpaths.sh: fixing $1"
chrpath -r $(chrpath $1 | cut -d " " -f 2 | sed s/XORIGIN/\$ORIGIN/g \
| sed s/RUNPATH=//g) $1
fi
else
# FIXME(eugenis): libcups2 DSOs are created non-writable, causing this
# script to fail. As a temporary measure, ignore non-writable files.
echo "fix_rpaths.sh: skipping non-writable file $1"
fi
}
for i in $(find $1 | grep -P "\.so(.\d+)*$"); do
fix_rpath $i
done

91
third_party/instrumented_libraries/focal/scripts/install-build-deps.sh vendored

@ -1,91 +0,0 @@
#!/bin/bash -e
# Copyright 2014 The Chromium Authors
# Use of this source code is governed by a BSD-style license that can be
# found in the LICENSE file.
# Script to install build dependencies of packages which we instrument.
# Enable source repositories in Goobuntu.
if hash goobuntu-config 2> /dev/null
then
sudo goobuntu-config set include_deb_src true
fi
# TODO(eugenis): find a way to pull the list from the build config.
packages="\
alsa-lib \
atk1.0 \
at-spi2-atk \
at-spi2-core \
avahi \
brltty \
cairo \
cups \
curl \
cyrus-sasl2 \
dbus \
dbus-glib \
dee \
dpkg \
expat \
fontconfig \
freetype \
gdk-pixbuf \
git \
glib2.0 \
gnome-common \
gnome-keyring \
gobject-introspection \
graphite2 \
gtk+3.0 \
gyp \
ido \
jasper-initramfs \
libappindicator3-1 \
libcap2 \
libdbusmenu \
libdbusmenu-gtk3-dev \
libffi \
libgpg-error \
libidn \
libindicator \
libjpeg-turbo \
libldap-2.4-2 \
libmicrohttpd \
libpng1.6 \
libsasl2-2 \
libssl1.1 \
libunity \
libx11 \
libxau \
libxcb \
libxcomposite \
libxcursor \
libxdamage \
libxdmcp \
libxext \
libxfixes \
libxi \
libxinerama \
libxkbcommon \
libxrandr \
libxrender \
libxss \
libxtst \
nspr \
nss \
opensc-pkcs11 \
p11-kit \
pango1.0 \
pciutils \
pcre3 \
pixman \
pkg-config \
pulseaudio \
rtmpdump \
systemd \
wayland \
zlib"
sudo apt-get build-dep -y $packages

20
third_party/instrumented_libraries/focal/scripts/pre-build/autogen.sh vendored

@ -1,20 +0,0 @@
#!/bin/bash
# Copyright 2014 The Chromium Authors
# Use of this source code is governed by a BSD-style license that can be
# found in the LICENSE file.
# Sometimes there isn't a pre-generated configure script, and we must first run
# autogen.sh to generate it. Even if there is one, sometimes we need to
# re-generate it.
# Unfortunately, we can't run autogen.sh unconditionally whenever it's present,
# as that sometimes breaks build. Which is why we have this file.
# Also, some packages may or may not have an autogen script, depending on
# version. Rather than clutter the GN file with conditionals, we simply do
# nothing if the file is not present.
if [ -x ./autogen.sh ]
then
NOCONFIGURE=1 ./autogen.sh
fi

6
third_party/instrumented_libraries/focal/scripts/pre-build/autoreconf.sh vendored

@ -1,6 +0,0 @@
#!/bin/bash
# Copyright 2014 The Chromium Authors
# Use of this source code is governed by a BSD-style license that can be
# found in the LICENSE file.
autoreconf --force

6
third_party/instrumented_libraries/focal/scripts/pre-build/dh_autoreconf.sh vendored

@ -1,6 +0,0 @@
#!/bin/bash
# Copyright 2019 The Chromium Authors
# Use of this source code is governed by a BSD-style license that can be
# found in the LICENSE file.
dh_autoreconf

16
third_party/instrumented_libraries/focal/scripts/pre-build/libasound2.sh vendored

@ -1,16 +0,0 @@
#!/bin/bash
# Copyright 2014 The Chromium Authors
# Use of this source code is governed by a BSD-style license that can be
# found in the LICENSE file.
# This script does some preparations before build of instrumented libasound2.
# Instructions from the INSTALL file.
libtoolize --force --copy --automake
aclocal
autoheader
autoconf
automake --foreign --copy --add-missing
# Do not warn about undefined sanitizer symbols in object files.
sed -i "s/\(-Wl,--no-undefined\|-Wl,-z,defs\)//g" ./configure

12
third_party/instrumented_libraries/focal/scripts/pre-build/libcups2.sh vendored

@ -1,12 +0,0 @@
#!/bin/bash
# Copyright 2014 The Chromium Authors
# Use of this source code is governed by a BSD-style license that can be
# found in the LICENSE file.
# This script does some preparations before the build of instrumented libcups2.
# Libcup2 configure script, if the compiler name ends with "clang", enables PIE
# with a -Wl,-pie flag. That does not work at all, because the driver running in
# non-PIE mode links incompatible crtbegin.o (or something similarly named).
sed -i "s|-Wl,-pie|-pie|g" configure

21
third_party/instrumented_libraries/focal/scripts/pre-build/libgdk-pixbuf2.0-0.sh vendored

@ -1,21 +0,0 @@
#!/bin/bash
# Copyright 2014 The Chromium Authors
# Use of this source code is governed by a BSD-style license that can be
# found in the LICENSE file.
# This script does some preparations before build of instrumented libgdk-pixbuf2.0-0.
# Use the system-installed gdk-pixbuf-query-loaders during building. Normally a
# just-built one is used, however in MSan builds it will crash due to
# uninstrumented dependencies.
sed -i "s|gdk_pixbuf_query_loaders,|'/usr/lib/x86_64-linux-gnu/gdk-pixbuf-2.0/gdk-pixbuf-query-loaders',|g" \
gdk-pixbuf/meson.build
# gdk-pixbuf-print-mime-types requires instrumented libgio, which is unavailabe
# during the build. It's also not installed in /usr/bin, so we must build
# an uninstrumented version ourselves and patch the build file to use that.
gcc thumbnailer/gdk-pixbuf-print-mime-types.c -o gdk-pixbuf-print-mime-types \
$(pkg-config gdk-pixbuf-2.0 --libs --cflags)
sed -i "s|gdk_pixbuf_print_mime_types.full_path()|'../gdk-pixbuf-print-mime-types'|g" \
thumbnailer/meson.build

11
third_party/instrumented_libraries/focal/scripts/pre-build/libglib2.0-0.sh vendored

@ -1,11 +0,0 @@
#!/bin/bash
# Copyright 2021 The Chromium Authors
# Use of this source code is governed by a BSD-style license that can be
# found in the LICENSE file.
# Use the system-installed glib-compile-resources during building. Normally a
# just-built one is used, however in MSan builds it will crash due to
# uninstrumented dependencies.
sed -i "s|glib_compile_resources|'/usr/bin/glib-compile-resources'|g" \
gio/tests/meson.build

22
third_party/instrumented_libraries/focal/scripts/pre-build/libgtk-3-0.sh vendored

@ -1,22 +0,0 @@
#!/bin/bash
# Copyright 2016 The Chromium Authors
# Use of this source code is governed by a BSD-style license that can be
# found in the LICENSE file.
# This script does some preparations before build of instrumented libgtk-3-0.
# Use the system-installed gtk-update-icon-cache during building. Normally a
# just-built one is used, however in MSan builds it will crash due to
# uninstrumented dependencies.
sed -i "s|./gtk-update-icon-cache|/usr/bin/gtk-update-icon-cache|g" gtk/Makefile.am
# Don't build immodules.cache. It requires running just-built executables that
# depend on glib, but using the system glib will cause msan errors. This file
# is only used in GTK test suites, and is unneeded for the instrumented build.
sed -i "s|all-local: immodules.cache||g" modules/input/Makefile.am
# Copied from override_dh_clean in debian/rules.
rm testsuite/gtk/gtkresources.[ch]
autoreconf

14
third_party/instrumented_libraries/focal/scripts/pre-build/libidn.sh vendored

@ -1,14 +0,0 @@
#!/bin/bash
# Copyright 2021 The Chromium Authors
# Use of this source code is governed by a BSD-style license that can be
# found in the LICENSE file.
# This script does some preparations before build of instrumented libidn.
# Do not warn about undefined sanitizer symbols in object files.
sed -i "s/-no-undefined//g" ./lib/gl/Makefile.am
sed -i "s/-no-undefined//g" ./lib/Makefile.am
sed -i "s/-Wl,-z,defs//g" ./debian/rules
# Do not run tests.
sed -i "s/$(MAKE) check//g" ./debian/rules

17
third_party/instrumented_libraries/focal/scripts/pre-build/libnspr4.sh vendored

@ -1,17 +0,0 @@
#!/bin/bash
# Copyright 2014 The Chromium Authors
# Use of this source code is governed by a BSD-style license that can be
# found in the LICENSE file.
# This script does some preparations before build of instrumented libnspr4.
if [ -d nspr ]
then
mv nspr/* .
elif [ -d mozilla/nsprpub ]
then
mv mozilla/nsprpub/* .
else
echo "libnspr4.sh: package has unexpected directory structure. Please update this script."
return 1
fi

14
third_party/instrumented_libraries/focal/scripts/pre-build/libsasl2-2.sh vendored

@ -1,14 +0,0 @@
#!/bin/bash
# Copyright 2021 The Chromium Authors
# Use of this source code is governed by a BSD-style license that can be
# found in the LICENSE file.
# This script does some preparations before build of instrumented libsasl.
# Do not warn about undefined sanitizer symbols in object files.
sed -i "s/-Wl,-z,defs//g" ./debian/rules
# Do not build the sample server/client.
sed -i "s/.*sample.*//g" ./debian/rules

14
third_party/instrumented_libraries/focal/scripts/pre-build/pulseaudio.sh vendored

@ -1,14 +0,0 @@
#!/bin/bash
# Copyright 2014 The Chromium Authors
# Use of this source code is governed by a BSD-style license that can be
# found in the LICENSE file.
# This script does some preparations before build of instrumented pulseaudio.
automake --add-missing
autoreconf
# Do not warn about undefined sanitizer symbols in object files.
sed -i "s/\(-Wl,--no-undefined\|-Wl,-z,defs\)//g" ./configure
# The configure script enforces FORTIFY_SOURCE=2, but we can't live with that.
sed -i "s/-D_FORTIFY_SOURCE=2/-U_FORTIFY_SOURCE/g" ./configure

15
third_party/instrumented_libraries/focal/scripts/pre-build/xkbcommon.sh vendored

@ -1,15 +0,0 @@
#!/bin/bash
# Copyright 2019 The Chromium Authors
# Use of this source code is governed by a BSD-style license that can be
# found in the LICENSE file.
# This script does some preparations before build of instrumented xkbcommon.
# Do not warn about undefined sanitizer symbols in object files.
sed -i "s/\(-Wl,--no-undefined\|-Wl,-z,defs\)//g" ./Makefile.am
# Do not warn about uninstalled documentation.
sed -i "s/--fail-missing//g" ./debian/rules
# Do not warn about extra msan symbols.
sed -i "s/dh_makeshlibs -- -c4/dh_makeshlibs/g" ./debian/rules

142
third_party/instrumented_libraries/scripts/build_and_package.py vendored

@ -1,142 +0,0 @@
#!/usr/bin/env python3
# Copyright 2016 The Chromium Authors
# Use of this source code is governed by a BSD-style license that can be
# found in the LICENSE file.
"""Builds and packages instrumented libraries for dynamic tools."""
import argparse
import multiprocessing
import os
import subprocess
import tarfile
BUILD_TYPES = {
"msan-no-origins": [
"is_msan = true",
"msan_track_origins = 0",
],
"msan-chained-origins": [
"is_msan = true",
"msan_track_origins = 2",
],
}
class Error(Exception):
pass
class IncorrectReleaseError(Error):
pass
def _get_release():
return subprocess.check_output(["lsb_release",
"-cs"]).decode("utf-8").strip()
def _tar_filter(tar_info):
if tar_info.name.endswith(".txt"):
return None
return tar_info
def build_libraries(build_type, ubuntu_release, jobs, use_goma):
build_dir = "out/Instrumented-%s" % build_type
if not os.path.exists(build_dir):
os.makedirs(build_dir)
gn_args = [
"is_debug = false",
"use_goma = %s" % str(use_goma).lower(),
"use_locally_built_instrumented_libraries = true",
'instrumented_libraries_release = "%s"' % ubuntu_release,
] + BUILD_TYPES[build_type]
with open(os.path.join(build_dir, "args.gn"), "w") as f:
f.write("\n".join(gn_args) + "\n")
subprocess.check_call(["gn", "gen", build_dir, "--check"])
subprocess.check_call([
"ninja",
"-j%d" % jobs,
"-C",
build_dir,
"third_party/instrumented_libraries/%s:locally_built" % ubuntu_release,
])
with tarfile.open("%s.tgz" % build_type, mode="w:gz") as f:
f.add(
"%s/instrumented_libraries/lib" % build_dir,
arcname="lib",
filter=_tar_filter,
)
f.add(
"%s/instrumented_libraries/sources" % build_dir,
arcname="sources",
filter=_tar_filter,
)
def main():
parser = argparse.ArgumentParser(
description=__doc__,
formatter_class=argparse.ArgumentDefaultsHelpFormatter)
parser.add_argument(
"--jobs",
"-j",
type=int,
default=8,
help="the default number of jobs to use when running ninja",
)
parser.add_argument(
"--parallel",
action="store_true",
default=False,
help="whether to run all instrumented builds in parallel",
)
parser.add_argument(
"--use_goma",
action="store_true",
default=False,
help="whether to use goma to compile",
)
parser.add_argument(
"build_type",
nargs="*",
default="all",
choices=list(BUILD_TYPES.keys()) + ["all"],
help="the type of instrumented library to build",
)
parser.add_argument("release",
help="the name of the Ubuntu release to build with")
args = parser.parse_args()
if args.build_type == "all" or "all" in args.build_type:
args.build_type = BUILD_TYPES.keys()
if args.release != _get_release():
raise IncorrectReleaseError(
"trying to build for %s but the current release is %s" %
(args.release, _get_release()))
build_types = sorted(set(args.build_type))
if args.parallel:
procs = []
for build_type in build_types:
proc = multiprocessing.Process(
target=build_libraries,
args=(build_type, args.release, args.jobs, args.use_goma),
)
proc.start()
procs.append(proc)
for proc in procs:
proc.join()
else:
for build_type in build_types:
build_libraries(build_type, args.release, args.jobs, args.use_goma)
print("To upload, run:")
for build_type in build_types:
print("upload_to_google_storage.py -b "
"chromium-instrumented-libraries %s-%s.tgz" %
(build_type, args.release))
print("You should then commit the resulting .sha1 files.")
if __name__ == "__main__":
main()

43
third_party/instrumented_libraries/scripts/unpack_binaries.py vendored

@ -1,43 +0,0 @@
#!/usr/bin/env python
# Copyright 2015 The Chromium Authors
# Use of this source code is governed by a BSD-style license that can be
# found in the LICENSE file.
"""Unpacks pre-built sanitizer-instrumented third-party libraries."""
import os
import subprocess
import shutil
import sys
def get_archive_name(archive_prefix, release):
return "%s-%s.tgz" % (archive_prefix, release)
def main(archive_prefix, release, archive_dir, target_dir, stamp_dir=None):
shutil.rmtree(target_dir, ignore_errors=True)
os.mkdir(target_dir)
subprocess.check_call([
"tar",
"-zxf",
os.path.join(archive_dir, get_archive_name(archive_prefix, release)),
"-C",
target_dir,
])
stamp_file = os.path.join(stamp_dir or target_dir,
"%s.txt" % archive_prefix)
open(stamp_file, "w").close()
if stamp_dir:
with open(os.path.join(stamp_dir, "%s.d" % archive_prefix), "w") as f:
f.write("%s: %s" % (
stamp_file,
os.path.join(archive_dir,
get_archive_name(archive_prefix, release)),
))
return 0
if __name__ == "__main__":
sys.exit(main(*sys.argv[1:]))

1
third_party/instrumented_libs vendored Submodule

Submodule third_party/instrumented_libs added at 0afcd954d9