| Age | Commit message (Collapse) | Author |
|---|
|
The tests were patched earlier to run with tagging heap allocator.
This change enables hwasan code instrumentation in the tests themselves,
and fixes the issues that arise, mainly in the code that:
* compares addresses of unrelated stack variables
* compares address of a stack variable with stack limits as found in
/proc/self/maps
* writes address of a stack variable to a hardware watchpoint register
etc.
Note that static tests are broken at the moment, like all static
binaries. Dynamic tests pass 100% with this change.
Bug: 114279110, 124007027
Test: SANITIZE_TARGET=hwaddress; run dynamic bionic tests
Change-Id: I68b8df9dd3e30b47734ddc083811a75a7f27deaa
|
|
* HWASan report invalid use of the allocator api (like alignment not
being power of two, or allocation size too large) in a way tests do not
expect.
* Code in .preinit_array runs before HWASan shadow is initialized and
needs to be excluded from instrumentation.
* It looks that mm system calls (mmap/mprotect/etc) will not allow
tagged pointers. In fact, the use of mprotect on malloc()ed memory is
doubtful - one can imagine some kind of speculative load from such
memory, as compiler knows that it is addressable.
Bug: 114279110
Test: bionic-unit-tests with hwasan
Change-Id: I6ba4b46a0d554de77c923ad134cf156ce4ddba1b
|
|
This bug will happen when these circumstances are met:
- Destination address & 0x7 == 1, strlen of src is 11, 12, 13.
- Destination address & 0x7 == 2, strlen of src is 10, 11, 12.
- Destination address & 0x7 == 3, strlen of src is 9, 10, 11.
- Destination address & 0x7 == 4, strlen of src is 8, 9, 10.
In these cases, the dest alignment code does a ldr which reads 4 bytes,
and it will read past the end of the source. In most cases, this is
probably benign, but if this crosses into a new page it could cause a
crash.
Fix the labels in the cortex-a9 strcat.
Modify the overread test to vary the dst alignment to expost this bug.
Also, shrink the strcat/strlcat overread cases since the dst alignment
variation increases the runtime too much.
Bug: 24345899
Change-Id: Ib34a559bfcebd89861985b29cae6c1e47b5b5855
|
|
Upstream clang has a new diagnostic, '-Wmismatched-new-delete' to
generate a warning (that becomes an error with -Werror) when delete is
used to deallocate pointers created with 'new[]'. This patch fixes
'delete's that trigger this warning/error.
Change-Id: Id7b6f6c2df3e860e576de55e2f61f3d2be3a3986
|
|
Bug: 9797008
Change-Id: I11b1da060d29f7dacbb53f20a3e2082395b5bd8a
|
|
Create a few generic testing functions to allow any memory/string tests
to be created.
Add alignment tests for memcpy/memset/strcat/strcpy/strlen.
Add an overread test for memcpy/strcat/strcpy/strlen. This test attempts
to verify that the functions do not read past the end of their buffers
(src buffer in the case of src/dst functions).
Bug: 9797008
Change-Id: Ib3223ca1b99e729ae8229adc2d03f4dc3103d97c
|
