Improve diagnostics from the assembler __memcpy_chk routines.

Change-Id: Iec16c92ed80beee505cba2121ea33e3550197b02

libc/arch-arm/cortex-a15/bionic/memcpy_common.S

@@ -60,10 +60,14 @@
         .fpu    neon
 
 ENTRY(__memcpy_chk)
-        cmp     r2, r3
-        bhi     .L_memcpy_chk_fail
+        cmp r2, r3
+        bls memcpy
 
-        // Fall through to memcpy...
+        // Preserve lr for backtrace.
+        push        {lr}
+        .cfi_def_cfa_offset 4
+        .cfi_rel_offset lr, 0
+        bl          __memcpy_chk_fail
 END(__memcpy_chk)
 
 // Prototype: void *memcpy (void *dst, const void *src, size_t count).
@@ -75,25 +79,4 @@ ENTRY(memcpy)
         .cfi_rel_offset lr, 4
 
 #include MEMCPY_BASE
-
-        // Undo the cfi instructions from above.
-        .cfi_def_cfa_offset 0
-        .cfi_restore r0
-        .cfi_restore lr
-.L_memcpy_chk_fail:
-        // Preserve lr for backtrace.
-        push    {lr}
-        .cfi_adjust_cfa_offset 4
-        .cfi_rel_offset lr, 0
-
-        ldr     r0, error_message
-1:
-        add     r0, pc
-        bl      __fortify_fatal
-error_message:
-        .word   error_string-(1b+8)
 END(memcpy)
-
-        .data
-error_string:
-        .string "memcpy: prevented write past end of buffer"

libc/arch-arm/cortex-a9/bionic/memcpy.S

@@ -41,9 +41,14 @@
 
 ENTRY(__memcpy_chk)
         cmp         r2, r3
-        bhi         __memcpy_chk_fail
+        bls         memcpy
 
-        // Fall through to memcpy...
+        // Preserve lr for backtrace.
+        push        {lr}
+        .cfi_def_cfa_offset 4
+        .cfi_rel_offset lr, 0
+
+        bl          __memcpy_chk_fail
 END(__memcpy_chk)
 
 ENTRY(memcpy)
@@ -58,21 +63,3 @@ END(memcpy)
 #define MEMCPY_BASE         __memcpy_base
 #define MEMCPY_BASE_ALIGNED __memcpy_base_aligned
 #include "memcpy_base.S"
-
-ENTRY_PRIVATE(__memcpy_chk_fail)
-        // Preserve lr for backtrace.
-        push    {lr}
-        .cfi_def_cfa_offset 4
-        .cfi_rel_offset lr, 0
-
-        ldr     r0, error_message
-1:
-        add     r0, pc
-        bl      __fortify_fatal
-error_message:
-        .word   error_string-(1b+4)
-END(__memcpy_chk_fail)
-
-        .data
-error_string:
-        .string     "memcpy: prevented write past end of buffer"

libc/arch-arm/denver/bionic/memcpy.S

@@ -63,9 +63,14 @@
 
 ENTRY(__memcpy_chk)
         cmp     r2, r3
-        bhi     __memcpy_chk_fail
+        bls     memcpy
 
-        // Fall through to memcpy...
+        // Preserve lr for backtrace.
+        push    {lr}
+        .cfi_def_cfa_offset 4
+        .cfi_rel_offset lr, 0
+
+        bl      __memcpy_chk_fail
 END(__memcpy_chk)
 
 ENTRY(memcpy)
@@ -79,21 +84,3 @@ END(memcpy)
 #define MEMCPY_BASE         __memcpy_base
 #define MEMCPY_BASE_ALIGNED __memcpy_base_aligned
 #include "memcpy_base.S"
-
-ENTRY_PRIVATE(__memcpy_chk_fail)
-        // Preserve lr for backtrace.
-        push    {lr}
-        .cfi_def_cfa_offset 4
-        .cfi_rel_offset lr, 0
-
-        ldr     r0, error_message
-1:
-        add     r0, pc
-        bl      __fortify_fatal
-error_message:
-        .word   error_string-(1b+8)
-END(__memcpy_chk_fail)
-
-        .data
-error_string:
-        .string "memcpy: prevented write past end of buffer"

libc/arch-arm/generic/bionic/memcpy.S

@@ -40,9 +40,14 @@
 
 ENTRY(__memcpy_chk)
         cmp         r2, r3
-        bhi         __memcpy_chk_fail
+        bls         memcpy
 
-        // Fall through to memcpy...
+        // Preserve lr for backtrace.
+        push        {lr}
+        .cfi_def_cfa_offset 4
+        .cfi_rel_offset lr, 0
+
+        bl          __memcpy_chk_fail
 END(__memcpy_chk)
 
 ENTRY(memcpy)
@@ -385,22 +390,3 @@ ENTRY(memcpy)
         add         sp,  sp, #28
         ldmfd       sp!, {r0, r4, pc}
 END(memcpy)
-
-        // Only reached when the __memcpy_chk check fails.
-ENTRY_PRIVATE(__memcpy_chk_fail)
-        // Preserve lr for backtrace.
-        push    {lr}
-        .cfi_def_cfa_offset 4
-        .cfi_rel_offset lr, 0
-
-        ldr     r0, error_message
-1:
-        add     r0, pc
-        bl      __fortify_fatal
-error_message:
-        .word   error_string-(1b+8)
-END(__memcpy_chk_fail)
-
-        .data
-error_string:
-        .string     "memcpy: prevented write past end of buffer"

libc/arch-arm/krait/bionic/memcpy.S

@@ -44,9 +44,14 @@
 
 ENTRY(__memcpy_chk)
         cmp         r2, r3
-        bhi         .L_memcpy_chk_fail
+        bls         memcpy
 
-        // Fall through to memcpy...
+        // Preserve lr for backtrace.
+        push        {lr}
+        .cfi_def_cfa_offset 4
+        .cfi_rel_offset lr, 0
+
+        bl          __memcpy_chk_fail
 END(__memcpy_chk)
 
 ENTRY(memcpy)
@@ -57,25 +62,4 @@ ENTRY(memcpy)
         .cfi_rel_offset lr, 4
 
 #include "memcpy_base.S"
-
-        // Undo the cfi directives from above.
-        .cfi_adjust_cfa_offset -8
-        .cfi_restore r0
-        .cfi_restore lr
-.L_memcpy_chk_fail:
-        // Preserve lr for backtrace.
-        push    {lr}
-        .cfi_adjust_cfa_offset 4
-        .cfi_rel_offset lr, 0
-
-        ldr     r0, error_message
-1:
-        add     r0, pc
-        bl      __fortify_fatal
-error_message:
-        .word   error_string-(1b+4)
 END(memcpy)
-
-        .data
-error_string:
-        .string     "memcpy: prevented write past end of buffer"

libc/arch-arm64/denver64/bionic/memcpy.S

@@ -31,29 +31,18 @@
 #include <private/bionic_asm.h>
 
 ENTRY(__memcpy_chk)
-  cmp   x2, x3
-  b.hi  __memcpy_chk_fail
+  cmp x2, x3
+  bls memcpy
 
-  // Fall through to memcpy...
+  // Preserve for accurate backtrace.
+  stp x29, x30, [sp, -16]!
+  .cfi_def_cfa_offset 16
+  .cfi_rel_offset x29, 0
+  .cfi_rel_offset x30, 8
+
+  bl __memcpy_chk_fail
 END(__memcpy_chk)
 
 ENTRY(memcpy)
   #include "memcpy_base.S"
 END(memcpy)
-
-ENTRY_PRIVATE(__memcpy_chk_fail)
-  // Preserve for accurate backtrace.
-  stp  x29, x30, [sp, -16]!
-  .cfi_def_cfa_offset 16
-  .cfi_rel_offset x29, 0
-  .cfi_rel_offset x30, 8
-
-  adrp  x0, error_string
-  add   x0, x0, :lo12:error_string
-  bl    __fortify_fatal
-END(__memcpy_chk_fail)
-
-  .data
-  .align 2
-error_string:
-  .string "memcpy: prevented write past end of buffer"

libc/arch-arm64/generic/bionic/memcpy.S

@@ -31,29 +31,18 @@
 #include <private/bionic_asm.h>
 
 ENTRY(__memcpy_chk)
-  cmp   x2, x3
-  b.hi  __memcpy_chk_fail
+  cmp x2, x3
+  bls memcpy
 
-  // Fall through to memcpy...
+  // Preserve for accurate backtrace.
+  stp x29, x30, [sp, -16]!
+  .cfi_def_cfa_offset 16
+  .cfi_rel_offset x29, 0
+  .cfi_rel_offset x30, 8
+
+  bl __memcpy_chk_fail
 END(__memcpy_chk)
 
 ENTRY(memcpy)
   #include "memcpy_base.S"
 END(memcpy)
-
-ENTRY_PRIVATE(__memcpy_chk_fail)
-  // Preserve for accurate backtrace.
-  stp  x29, x30, [sp, -16]!
-  .cfi_def_cfa_offset 16
-  .cfi_rel_offset x29, 0
-  .cfi_rel_offset x30, 8
-
-  adrp  x0, error_string
-  add   x0, x0, :lo12:error_string
-  bl    __fortify_fatal
-END(__memcpy_chk_fail)
-
-  .data
-  .align 2
-error_string:
-  .string "memcpy: prevented write past end of buffer"

libc/bionic/fortify.cpp

@@ -140,6 +140,14 @@ extern "C" void* __memmove_chk(void* dst, const void* src, size_t len, size_t ds
   return memmove(dst, src, len);
 }
 
+// memcpy is performance-critical enough that we have assembler __memcpy_chk implementations.
+// This function is used to give better diagnostics than we can easily do from assembler.
+extern "C" void* __memcpy_chk_fail(void* /*dst*/, const void* /*src*/, size_t count, size_t dst_len) {
+  __check_count("memcpy", "count", count);
+  __check_buffer_access("memcpy", "write into", count, dst_len);
+  abort(); // One of the above is supposed to have failed, otherwise we shouldn't have been called.
+}
+
 void* __memrchr_chk(const void* s, int c, size_t n, size_t actual_size) {
   __check_buffer_access("memrchr", "read from", n, actual_size);
   return memrchr(s, c, n);