diff options
| author | Evgenii Stepanov <eugenis@google.com> | 2018-03-15 14:51:46 -0700 |
|---|---|---|
| committer | Evgenii Stepanov <eugenis@google.com> | 2018-03-16 15:06:07 -0700 |
| commit | 1a46a05ce4ca08958f19843feb0c833125c05116 (patch) | |
| tree | 59e2323d256fd804c02d19bb812ba896bbffbf90 /include/ScopedJavaUnicodeString.h | |
| parent | 9be5324b104beb635d1e2470fffedf657ec55389 (diff) | |
Disable vfork under ASan.
With vfork child process shares address space with the parent. ASan
stack instrumentation of functions running after vfork but before
exec ends up poisoning the stack of the parent process.
With vfork, exec* is similar to longjmp - it stops the current thread
of execution and effectively transfers control to the caller of
vfork().
ASan's way of handling cases like this is __asan_handle_no_return() -
it can be inserted manually and is auto-inserted before any call to a
[[no_return]] function. Unfortunately, execve() is not [[no_return]].
Seems like an oversight, but it only matters in combination with
vfork().
There are two other ways to fix this problem, but they are, IMHO,
inferior to this patch.
1. Mark childProcess and all its transitive callees as
__attribute__((no_sanitize_address)) to disable stack poisoning.
This is error-prone and there are quite a few of those.
2. Add __asan_handle_no_return() before any call to exec*-type
function in childProcess and below.
This is, again, error-prone. It would also suppress detection of
stack-based issues in all function frames that are live in the
current thread.
Bug: 73957446
Bug: 74535073
Bug: 73060923
Bug: 74533962
Bug: 74534935
Test: 130-hprof with SANITIZE_HOST=address
(cherry picked from commit e537e1b776d555a50b16fe26f5c37c584d44133d)
Change-Id: I5aefaca8322dfa4449680602cc9f0f26c6b5ebc1
Diffstat (limited to 'include/ScopedJavaUnicodeString.h')
0 files changed, 0 insertions, 0 deletions