AuroraMiddleware/v8
1
0
Fork 0
Code Issues 2 Pull Requests Releases Wiki Activity
e5e19bf764
v8/tools/gcmole
History
Victor Costan 539e907258 Roll googletest to 1.8.0+. 
This is the V8 equivalent to https://crrev.com/2779193002 and must be landed
before //build/secondary/{gtest,gmock} are removed from Chromium. This started
out as https://crrev.com/2847693002

The changes in tools/ were authored by yangguo@chromium.org and
initially shared in http://crrev.com/2849783003.

GoogleTest (gtest) and GoogleMock (gmock) are now hosted into the same
googletest repository. In order to cope with this, the googletest
repository is now sourced at third_party/googletest.

The file/directory layout of Google Test is not yet considered stable.
To minimize disruption while Google Test stabilizes, Chromium code will
be insulated from third_party/googletest.

* testing/gtest/include/gtest/ and testing/gmock/include/gmock have
  been populated with headers that forward into the appropriate
  locations of third_party/googletest

* testing/BUILD.gn has been populated with the targets
  //testing/gtest(:gtest_main) and //testing/gmock(:gmock_main),
  which depend on the appropriate //third_party/googletest targets.

All Chromium code should keep depending on the targets and
headers in testing/{gtest,gmock} for now.

BUG=chromium:630705

Change-Id: I12b07ae78c8039aeff6ada7a3335e4e2b5d308ab
Reviewed-on: https://chromium-review.googlesource.com/639953
Reviewed-by: Michael Achenbach <machenbach@chromium.org>
Commit-Queue: Victor Costan <pwnall@chromium.org>
Cr-Commit-Position: refs/heads/master@{#52170}
2018-03-23 07:54:27 +00:00
..
bootstrap.sh
gccause.lua
gcmole-tools.tar.gz.sha1 [test] Upgrade gcmole plugin 2017-02-16 14:54:22 +00:00
gcmole.cc
gcmole.lua [gyp] move gyp files from src to gypfiles. 2018-01-23 09:54:36 +00:00
Makefile
parallel.py
README
run-gcmole.isolate Roll googletest to 1.8.0+. 2018-03-23 07:54:27 +00:00
run-gcmole.py [tools] Properly handle sigterm in gcmole 2017-04-05 09:36:48 +00:00

README 

DESCRIPTION -------------------------------------------------------------------

gcmole is a simple static analysis tool used to find possible evaluation order 
dependent GC-unsafe places in the V8 codebase.

For example the following code is GC-unsafe:

Handle<Object> Foo();  // Assume Foo can trigger a GC.
void Bar(Object*, Object*);

Handle<Object> baz;
baz->Qux(*Foo());  // (a)  
Bar(*Foo(), *baz);  // (b)

Both in cases (a) and (b) compiler is free to evaluate call arguments (that 
includes receiver) in any order. That means it can dereference baz before 
calling to Foo and save a raw pointer to a heap object in the register or 
on the stack.  

PREREQUISITES -----------------------------------------------------------------

1) Install Lua 5.1

2) Get LLVM 2.9 and Clang 2.9 sources and build them.

Follow the instructions on http://clang.llvm.org/get_started.html.

Make sure to pass --enable-optimized to configure to get Release build 
instead of a Debug one.

3) Build gcmole Clang plugin (libgcmole.so)

In the tools/gcmole execute the following command:

LLVM_SRC_ROOT=<path-to-llvm-source-root> make

USING GCMOLE ------------------------------------------------------------------

gcmole consists of driver script written in Lua and Clang plugin that does
C++ AST processing. Plugin (libgcmole.so) is expected to be in the same
folder as driver (gcmole.lua).

To start analysis cd into the root of v8 checkout and execute the following
command:

CLANG_BIN=<path-to-clang-bin-folder> lua tools/gcmole/gcmole.lua [<arch>]

where arch should be one of architectures supported by V8 (arm, ia32, x64).

Analysis will be performed in 2 stages: 

- on the first stage driver will parse all files and build a global callgraph 
approximation to find all functions that might potentially cause GC, list
of this functions will be written into gcsuspects file.

- on the second stage driver will parse all files again and will locate all 
callsites that might be GC-unsafe based on the list of functions causing GC. 
Such places are marked with a "Possible problem with evaluation order." 
warning. Messages "Failed to resolve v8::internal::Object" are benign and 
can be ignored.

If any errors were found driver exits with non-zero status.