Unify on HAS_ADDRESS_SANITIZER define name

Centralize setting up sanitizer flags.

Remove last usage of CLR_CMAKE_ENABLE_ASAN outside of eng/native

Remove unnecessary diffs

Use the cpuid intrinsic and enable ASAN on InitJitHelpers1.

Add comments for the places where we have ASAN disabled

Undo changes to src/coreclr/jit/CMakeLists.txt

Add docs and fix the docs in the build script.

Add docs for the SkipVCEnvInit hook

docs/workflow/building/coreclr/linux-instructions.md

@@ -89,3 +89,19 @@ Just like you can use specialized Docker images, you can also do any of the supp
 ## Create the Core_Root
 
 The Core_Root provides one of the main ways to test your build. Full instructions on how to build it in the [CoreCLR testing doc](/docs/workflow/testing/coreclr/testing.md), and we also have a detailed guide on how to use it for your own testing in [its own dedicated doc](/docs/workflow/testing/using-corerun-and-coreroot.md).
+
+## Native Sanitizers
+
+CoreCLR can be built with native sanitizers like AddressSanitizer to help catch memory safety issues. To build the project with native sanitizers, add the `-fsanitize address` argument to the build script like the following:
+
+```bash
+build.sh -s clr -fsanitize address
+```
+
+When building the repo with any native sanitizers, you should build all native components in the repo with the same set of sanitizers.
+
+The following sanitizers are supported for CoreCLR on Linux:
+
+| Sanitizer Name  | `-fsanitize` argument | Support Status |
+|-----------------|-----------------------|----------------|
+| AddressSanitize | `address` | regularly tested on x64 |

docs/workflow/building/coreclr/macos-instructions.md

@@ -32,3 +32,19 @@ It is possible to get a macOS ARM64 build using an Intel x64 Mac and vice versa,
 ## Create the Core_Root
 
 The Core_Root provides one of the main ways to test your build. Full instructions on how to build it in the [CoreCLR testing doc](/docs/workflow/testing/coreclr/testing.md), and we also have a detailed guide on how to use it for your own testing in [its own dedicated doc](/docs/workflow/testing/using-corerun-and-coreroot.md).
+
+## Native Sanitizers
+
+CoreCLR can be built with native sanitizers like AddressSanitizer to help catch memory safety issues. To build the project with native sanitizers, add the `-fsanitize address` argument to the build script like the following:
+
+```bash
+build.sh -s clr -fsanitize address
+```
+
+When building the repo with any native sanitizers, you should build all native components in the repo with the same set of sanitizers.
+
+The following sanitizers are supported for CoreCLR on macOS:
+
+| Sanitizer Name  | `-fsanitize` argument | Support Status |
+|-----------------|-----------------------|----------------|
+| AddressSanitize | `address` | regularly tested on x64 |

docs/workflow/building/coreclr/nativeaot.md

@@ -108,6 +108,10 @@ Build library tests by passing the `libs.tests` subset together with the `/p:Tes
 * [ILC Compiler Architecture](/docs/design/coreclr/botr/ilc-architecture.md)
 * [Managed Type System](/docs/design/coreclr/botr/managed-type-system.md)
 
+## Native Sanitizers
+
+Using native sanitizers with NativeAOT requires additional care compared to using them with CoreCLR. In addition to passing the `-fsanitize` flag to the command that builds NativeAOT, you must also pass the `EnableNativeSanitizers` MSBuild property to any commands that build projects with a sanitized NativeAOT build to ensure that any sanitizer runtimes are correctly linked with the project.
+
 ## Further Reading
 
 If you want to know more about working with _NativeAOT_ in general, you can check out their [more in-depth docs](/src/coreclr/nativeaot/docs/README.md) in the `src/coreclr/nativeaot` subtree.

docs/workflow/building/coreclr/windows-instructions.md

@@ -45,3 +45,23 @@ build.cmd -s clr -c Release -arch arm64 -msbuild
 ```
 
 Since this is still in an experimental phase, the recommended way for building ARM64 is cross-compiling from an x64 machine. Instructions on how to do this can be found at the [cross-building doc](/docs/workflow/building/coreclr/cross-building.md#cross-compiling-for-arm32-and-arm64).
+
+## Native Sanitizers
+
+CoreCLR can be built with native sanitizers like AddressSanitizer to help catch memory safety issues. To build the project with native sanitizers, add the `-fsanitize address` argument to the build script like the following:
+
+```cmd
+build.cmd -s clr -fsanitize address
+```
+
+When building the repo with any native sanitizers, you should build all native components in the repo with the same set of sanitizers.
+
+The following sanitizers are supported for CoreCLR on Windows:
+
+| Sanitizer Name | Minimum VS Version | `-fsanitize` argument | Support Status |
+|----------------|--------------------|-----------------------|----------------|
+| AddressSanitizer | not yet released | `address` | experimental |
+
+## Using a custom compiler environment
+
+If you ever need to use a custom compiler environment for the native builds on Windows, you can set the `SkipVCEnvInit` environment variable to `1`. The build system will skip discovering Visual Studio and initializing its development environment when this flag is used. This is only required for very advanced scenarios and should be used rarely.

docs/workflow/building/libraries/README.md

@@ -105,6 +105,16 @@ By default the `build` script only builds the product libraries and none of the
 
 For Windows, replace `./build.sh` with `build.cmd`.
 
+### Building the native components with native sanitizers
+
+The libraries native components can be built with native sanitizers like AddressSanitizer to help catch memory safety issues. To build the project with native sanitizers, add the `-fsanitize` argument to the build script like the following:
+
+```bash
+build.sh -s libs -fsanitize address
+```
+
+When building the repo with any native sanitizers, you should build all native components in the repo with the same set of sanitizers.
+
 ### How to building native components only
 
 The libraries build contains some native code. This includes shims over libc, openssl, gssapi, and zlib. The build system uses CMake to generate Makefiles using clang. The build also uses git for generating some version information.

eng/build.ps1

@@ -89,7 +89,6 @@ function Get-Help() {
   Write-Host "  -pgoinstrument            Build the CLR with PGO instrumentation."
   Write-Host "  -fsanitize (address)      Build the native components with the specified sanitizers."
   Write-Host "                            Sanitizers can be specified with a comma-separated list."
-  Write-Host "                            If the value 'true' is specified, the default (AddressSanitizer) will be enabled."
   Write-Host ""
 
   Write-Host "Command-line arguments not listed above are passed through to MSBuild."
@@ -223,7 +222,7 @@ if ($vs) {
 
   # Put our local dotnet.exe on PATH first so Visual Studio knows which one to use
   $env:PATH=($env:DOTNET_ROOT + ";" + $env:PATH);
-  
+
   # Disable .NET runtime signature validation errors which errors for local builds
   $env:VSDebugger_ValidateDotnetDebugLibSignatures=0;
 

eng/native/configurecompiler.cmake

@@ -165,6 +165,9 @@ if (CLR_CMAKE_ENABLE_SANITIZERS)
         address)
       list(APPEND CLR_CMAKE_SANITIZER_RUNTIMES
         address)
+      # We can't use preprocessor defines to determine if we're building with ASAN in assembly, so we'll
+      # define the preprocessor define ourselves.
+      add_compile_definitions($<$<COMPILE_LANGUAGE:ASM,ASM_MASM>:HAS_ADDRESS_SANITIZER>)
     endif()
   endif()
 
@@ -219,6 +222,12 @@ if (CLR_CMAKE_ENABLE_SANITIZERS)
   if (CLR_CMAKE_SANITIZER_RUNTIMES)
     list(APPEND CLR_CMAKE_LINK_SANITIZE_OPTIONS "-fsanitize=${CLR_CMAKE_SANITIZER_RUNTIMES}")
   endif()
+  if (MSVC)
+    add_compile_options("$<$<COMPILE_LANGUAGE:C,CXX>:${CLR_CMAKE_BUILD_SANITIZE_OPTIONS}>")
+  else()
+    add_compile_options("$<$<COMPILE_LANGUAGE:C,CXX>:${CLR_CMAKE_BUILD_SANITIZE_OPTIONS}>")
+    add_linker_flag("${CLR_CMAKE_LINK_SANITIZE_OPTIONS}")
+  endif()
 endif()
 
 # CLR_ADDITIONAL_LINKER_FLAGS - used for passing additional arguments to linker

eng/native/functions.cmake

@@ -89,9 +89,11 @@ function(get_compile_definitions DefinitionName)
     set(LastGeneratorExpression "")
     foreach(DEFINITION IN LISTS COMPILE_DEFINITIONS_LIST)
       # If there is a definition that uses the $<TARGET_PROPERTY:prop> generator expression
+      # or the $<COMPILE_LANGUAGE:lang> generator expression,
       # we need to remove it since that generator expression is only valid on binary targets.
       # Assume that the value is 0.
       string(REGEX REPLACE "\\$<TARGET_PROPERTY:[^,>]+>" "0" DEFINITION "${DEFINITION}")
+      string(REGEX REPLACE "\\$<COMPILE_LANGUAGE:[^>]+(,[^>]+)*>" "0" DEFINITION "${DEFINITION}")
 
       if (${DEFINITION} MATCHES "^\\$<(.+):([^>]+)(>?)$")
         if("${CMAKE_MATCH_3}" STREQUAL "")
@@ -622,15 +624,6 @@ function(link_natvis_sources_for_target targetName linkKind)
     endforeach()
 endfunction()
 
-macro(add_sanitizers_to_all_targets)
-  if (MSVC)
-    add_compile_options("$<$<COMPILE_LANGUAGE:C,CXX>:${CLR_CMAKE_BUILD_SANITIZE_OPTIONS}>")
-  else()
-    add_compile_options("$<$<COMPILE_LANGUAGE:C,CXX>:${CLR_CMAKE_BUILD_SANITIZE_OPTIONS}>")
-    add_linker_flag("${CLR_CMAKE_LINK_SANITIZE_OPTIONS}")
-  endif()
-endmacro()
-
 # Add sanitizer runtime support code to the target.
 function(add_sanitizer_runtime_support targetName)
   # Add sanitizer support functions.

src/coreclr/CMakeLists.txt

@@ -20,8 +20,6 @@ include(${CLR_ENG_NATIVE_DIR}/configurecompiler.cmake)
 
 include_directories("${CLR_SRC_NATIVE_DIR}")
 
-add_sanitizers_to_all_targets()
-
 if(MSVC)
   set(CMAKE_CXX_STANDARD_LIBRARIES "") # do not link against standard win32 libs i.e. kernel32, uuid, user32, etc.
 endif (MSVC)

src/coreclr/dlls/clretwrc/CMakeLists.txt

@@ -1,6 +1,5 @@
 include_directories(${CMAKE_CURRENT_BINARY_DIR})
 
-
 if(CLR_CMAKE_HOST_WIN32)
     # remove /ltcg from resource-only libraries
     string(REPLACE "/LTCG" "" CMAKE_SHARED_LINKER_FLAGS_RELEASE ${CMAKE_SHARED_LINKER_FLAGS_RELEASE})

src/coreclr/jit/CMakeLists.txt

@@ -19,7 +19,7 @@ function(create_standalone_jit)
 
   set(oneValueArgs TARGET OS ARCH)
   set(multiValueArgs DESTINATIONS)
-  cmake_parse_arguments(TARGETDETAILS "${options}" "${oneValueArgs}" "${multiValueArgs}" ${ARGN})
+  cmake_parse_arguments(TARGETDETAILS "" "${oneValueArgs}" "${multiValueArgs}" ${ARGN})
 
   if(TARGETDETAILS_OS STREQUAL "unix_osx")
     if (NOT (TARGETDETAILS_ARCH STREQUAL "arm64"))
@@ -494,41 +494,40 @@ endif()
 
 add_custom_target(jit_exports DEPENDS ${JIT_EXPORTS_FILE})
 
+set(JIT_LINK_LIBRARIES
+   utilcodestaticnohost
+)
+
+set(JIT_ARCH_LINK_LIBRARIES
+   gcinfo
+)
+
+if(CLR_CMAKE_HOST_UNIX)
+    list(APPEND JIT_LINK_LIBRARIES
+       mscorrc
+       coreclrpal
+    )
+else()
+    list(APPEND JIT_LINK_LIBRARIES
+       ${STATIC_MT_CRT_LIB}
+       ${STATIC_MT_VCRT_LIB}
+       kernel32.lib
+       advapi32.lib
+       ole32.lib
+       oleaut32.lib
+       uuid.lib
+       user32.lib
+       version.lib
+       shlwapi.lib
+       bcrypt.lib
+       crypt32.lib
+       RuntimeObject.lib
+    )
+endif(CLR_CMAKE_HOST_UNIX)
+
 # Shared function for generating JIT
 # optional arguments: DESTINATIONS path
 function(add_jit jitName)
-    set(options "")
-    set(oneValueArgs "")
-    set(multiValueArgs DESTINATIONS)
-    cmake_parse_arguments(ADD_JIT "${options}" "${oneValueArgs}"
-                          "${multiValueArgs}" ${ARGN} )
-
-    set(JIT_LINK_LIBRARIES
-      utilcodestaticnohost
-    )
-
-    if(CLR_CMAKE_HOST_UNIX)
-        list(APPEND JIT_LINK_LIBRARIES
-          mscorrc
-          coreclrpal
-        )
-    else()
-        list(APPEND JIT_LINK_LIBRARIES
-          ${STATIC_MT_CRT_LIB}
-          ${STATIC_MT_VCRT_LIB}
-          kernel32.lib
-          advapi32.lib
-          ole32.lib
-          oleaut32.lib
-          uuid.lib
-          user32.lib
-          version.lib
-          shlwapi.lib
-          bcrypt.lib
-          crypt32.lib
-          RuntimeObject.lib
-        )
-    endif(CLR_CMAKE_HOST_UNIX)
 
     set_source_files_properties(${JIT_EXPORTS_FILE} PROPERTIES GENERATED TRUE)
 
@@ -579,7 +578,7 @@ function(add_jit jitName)
     endif()
 
     # add the install targets
-    install_clr(TARGETS ${jitName} COMPONENT alljits DESTINATIONS ${ADD_JIT_DESTINATIONS})
+    install_clr(TARGETS ${jitName} ${ARGN} COMPONENT alljits)
 endfunction()
 
 set(JIT_SOURCE_DIR ${CMAKE_CURRENT_SOURCE_DIR})
@@ -620,6 +619,7 @@ create_standalone_jit(TARGET clrjit_win_x86_${ARCH_HOST_NAME} OS win ARCH x86 DE
 if (CLR_CMAKE_TARGET_ARCH_I386 AND CLR_CMAKE_TARGET_UNIX)
   create_standalone_jit(TARGET clrjit_unix_x86_${ARCH_HOST_NAME} OS unix ARCH x86 DESTINATIONS .)
 endif (CLR_CMAKE_TARGET_ARCH_I386 AND CLR_CMAKE_TARGET_UNIX)
+
 if (CLR_CMAKE_TARGET_UNIX AND NOT CLR_CMAKE_TARGET_ARCH_RISCV64)
     if (NOT ARCH_TARGET_NAME STREQUAL s390x AND NOT ARCH_TARGET_NAME STREQUAL armv6 AND NOT ARCH_TARGET_NAME STREQUAL ppc64le)
       if(CLR_CMAKE_TARGET_ARCH_ARM OR CLR_CMAKE_TARGET_ARCH_ARM64)

src/coreclr/md/inc/metamodel.h

@@ -617,7 +617,7 @@ class CMiniMdBase : public IMetaModelCommonRO
     HRESULT SetNewColumnDefinition(CMiniTableDef *pTable, CMiniColDef* pCols, DWORD ixTbl);
 
 private:
-
+    // DISABLE_ASAN tracked by https://github.com/dotnet/runtime/issues/73718
     BOOL DISABLE_ASAN UsesAllocatedMemory(CMiniColDef* pCols);
 };
 

src/coreclr/nativeaot/Runtime/CommonMacros.h

@@ -282,4 +282,5 @@ typedef int32_t HRESULT;
 #endif
 
 #endif
+
 #endif // __COMMONMACROS_H__

src/coreclr/nativeaot/Runtime/startup.cpp

@@ -377,7 +377,7 @@ bool InitGSCookie()
     volatile GSCookie * pGSCookiePtr = GetProcessGSCookiePtr();
 
 #ifdef FEATURE_READONLY_GS_COOKIE
-    // The GS cookie is stored in a read only data segment
+    // The GS cookie is stored in a read only data segment    
     if (!PalVirtualProtect((void*)pGSCookiePtr, sizeof(GSCookie), PAGE_READWRITE))
     {
         return false;
@@ -464,7 +464,7 @@ static void UninitDLL()
 #ifdef _WIN32
 // This is set to the thread that initiates and performs the shutdown and may run
 // after other threads are rudely terminated. So far this is a Windows-specific concern.
-//
+// 
 // On POSIX OSes a process typically lives as long as any of its threads are alive or until
 // the process is terminated via `exit()` or a signal. Thus there is no such distinction
 // between threads.

src/coreclr/pal/src/CMakeLists.txt

@@ -225,11 +225,6 @@ add_library(coreclrpal
   ${LIBUNWIND_OBJECTS}
 )
 
-if (CLR_CMAKE_ENABLE_ASAN)
-    # Enable ASAN integration in our PAL if we are building with ASAN support
-    target_compile_definitions(coreclrpal PRIVATE HAS_ASAN)
-endif()
-
 # Build separate pal library for DAC (addition to regular pal library)
 if(CLR_CMAKE_TARGET_OSX)
   set(LIBUNWIND_DAC_OBJECTS $<TARGET_OBJECTS:libunwind_dac>)

src/coreclr/pal/src/arch/amd64/context2.S

@@ -88,7 +88,7 @@ LEAF_ENTRY RtlRestoreContext, _TEXT
     push_nonvol_reg rbp
     alloc_stack (IRetFrameLengthAligned)
 
-#ifdef HAS_ASAN
+#ifdef HAS_ADDRESS_SANITIZER
     test    BYTE PTR [rdi + CONTEXT_ContextFlags], CONTEXT_CONTROL
     je      LOCAL_LABEL(Restore_CONTEXT_FLOATING_POINT)
 

src/coreclr/pal/src/arch/amd64/exceptionhelper.S

@@ -13,7 +13,7 @@
 // Then it uses the ThrowExceptionHelper to throw the passed in exception from that context.
 // EXTERN_C void ThrowExceptionFromContextInternal(CONTEXT* context, PAL_SEHException* ex);
 LEAF_ENTRY ThrowExceptionFromContextInternal, _TEXT
-#ifdef HAS_ASAN
+#ifdef HAS_ADDRESS_SANITIZER
         // Need to call __asan_handle_no_return explicitly here because we re-initialize RSP before
         // throwing exception in ThrowExceptionHelper
         push_nonvol_reg rdi

src/coreclr/pal/src/arch/arm/context2.S

@@ -118,7 +118,7 @@ LEAF_END RtlCaptureContext, _TEXT
 LEAF_ENTRY RtlRestoreContext, _TEXT
     END_PROLOGUE
 
-#ifdef HAS_ASAN
+#ifdef HAS_ADDRESS_SANITIZER
     ldr r2, [r0, #(CONTEXT_ContextFlags)]
     tst r2, #(CONTEXT_CONTROL)
     beq     LOCAL_LABEL(Restore_CONTEXT_FLOATING_POINT)

src/coreclr/pal/src/arch/arm/exceptionhelper.S

@@ -12,7 +12,7 @@
 // EXTERN_C void ThrowExceptionFromContextInternal(CONTEXT* context, PAL_SEHException* ex);
 LEAF_ENTRY ThrowExceptionFromContextInternal, _TEXT
     // Ported from src/pal/src/arch/amd64/exceptionhelper.S
-#ifdef HAS_ASAN
+#ifdef HAS_ADDRESS_SANITIZER
     // Need to call __asan_handle_no_return explicitly here because we re-initialize SP before
     // throwing exception in ThrowExceptionHelper
     push_nonvol_reg "{r0, r1}"

src/coreclr/pal/src/arch/arm64/context2.S

@@ -135,7 +135,7 @@ LEAF_END RtlCaptureContext, _TEXT
 //
 LEAF_ENTRY RtlRestoreContext, _TEXT
 
-#ifdef HAS_ASAN
+#ifdef HAS_ADDRESS_SANITIZER
     ldr w17, [x0, #(CONTEXT_ContextFlags)]
     tbz w17, #CONTEXT_CONTROL_BIT, LOCAL_LABEL(Restore_CONTEXT_FLOATING_POINT)
 
@@ -220,7 +220,7 @@ LEAF_END RtlRestoreContext, _TEXT
 //  x1: Exception*
 //
 LEAF_ENTRY RestoreCompleteContext, _TEXT
-    // We cannot restore all registers in the user mode code, so we rely on a help from kernel here. 
+    // We cannot restore all registers in the user mode code, so we rely on a help from kernel here.
     // The following instruction is an undefined instruction. In the hardware exception handler, we check
     // if the faulting address is the RtlRestoreContext and in case it is, we update the context of
     // the faulting thread using the CONTEXT pointed to by the x0 register.

src/coreclr/pal/src/arch/arm64/exceptionhelper.S

@@ -11,7 +11,7 @@
 // Then it uses the ThrowExceptionHelper to throw the passed in exception from that context.
 // EXTERN_C void ThrowExceptionFromContextInternal(CONTEXT* context, PAL_SEHException* ex);
 LEAF_ENTRY ThrowExceptionFromContextInternal, _TEXT
-#ifdef HAS_ASAN
+#ifdef HAS_ADDRESS_SANITIZER
         // Need to call __asan_handle_no_return explicitly here because we re-initialize SP before
         // throwing exception in ThrowExceptionHelper
         stp x0, x1, [sp, -16]!

src/coreclr/pal/src/arch/i386/context2.S

@@ -94,7 +94,7 @@ LEAF_END RtlCaptureContext, _TEXT
 
 LEAF_ENTRY RtlRestoreContext, _TEXT
 
-#ifdef HAS_ASAN
+#ifdef HAS_ADDRESS_SANITIZER
     call    EXTERNAL_C_FUNC(__asan_handle_no_return)
 #endif
     mov     eax, [esp + 4]