Commit graph

6 commits

Author SHA1 Message Date
Evgenii Stepanov
7cc6706370 Cleanup bionic tests with hwasan.
The tests were patched earlier to run with tagging heap allocator.
This change enables hwasan code instrumentation in the tests themselves,
and fixes the issues that arise, mainly in the code that:
* compares addresses of unrelated stack variables
* compares address of a stack variable with stack limits as found in
  /proc/self/maps
* writes address of a stack variable to a hardware watchpoint register
etc.

Note that static tests are broken at the moment, like all static
binaries. Dynamic tests pass 100% with this change.

Bug: 114279110, 124007027
Test: SANITIZE_TARGET=hwaddress; run dynamic bionic tests

Change-Id: I68b8df9dd3e30b47734ddc083811a75a7f27deaa
2019-02-06 13:59:16 -08:00
Evgenii Stepanov
acd6f4f9f5 Disable a few bionic tests under HWASan.
* HWASan report invalid use of the allocator api (like alignment not
being power of two, or allocation size too large) in a way tests do not
expect.
* Code in .preinit_array runs before HWASan shadow is initialized and
needs to be excluded from instrumentation.
* It looks that mm system calls (mmap/mprotect/etc) will not allow
tagged pointers. In fact, the use of mprotect on malloc()ed memory is
doubtful - one can imagine some kind of speculative load from such
memory, as compiler knows that it is addressable.

Bug: 114279110
Test: bionic-unit-tests with hwasan

Change-Id: I6ba4b46a0d554de77c923ad134cf156ce4ddba1b
2018-11-06 16:59:25 -08:00
Christopher Ferris
fdfcfce7c6 Fix over read in strcpy/stpcpy/strcat.
This bug will happen when these circumstances are met:

- Destination address & 0x7 == 1, strlen of src is 11, 12, 13.
- Destination address & 0x7 == 2, strlen of src is 10, 11, 12.
- Destination address & 0x7 == 3, strlen of src is 9, 10, 11.
- Destination address & 0x7 == 4, strlen of src is 8, 9, 10.

In these cases, the dest alignment code does a ldr which reads 4 bytes,
and it will read past the end of the source. In most cases, this is
probably benign, but if this crosses into a new page it could cause a
crash.

Fix the labels in the cortex-a9 strcat.

Modify the overread test to vary the dst alignment to expost this bug.
Also, shrink the strcat/strlcat overread cases since the dst alignment
variation increases the runtime too much.

Bug: 24345899
Change-Id: Ib34a559bfcebd89861985b29cae6c1e47b5b5855
2015-09-24 14:17:36 -07:00
Pirama Arumuga Nainar
4d44675283 Use delete[] to de-allocate pointers from new[]
Upstream clang has a new diagnostic, '-Wmismatched-new-delete' to
generate a warning (that becomes an error with -Werror) when delete is
used to deallocate pointers created with 'new[]'.  This patch fixes
'delete's that trigger this warning/error.

Change-Id: Id7b6f6c2df3e860e576de55e2f61f3d2be3a3986
2015-07-09 10:15:15 -07:00
Christopher Ferris
e5bbb6b6ab Add strcmp/memcmp testing.
Bug: 9797008
Change-Id: I11b1da060d29f7dacbb53f20a3e2082395b5bd8a
2013-12-03 18:42:41 -08:00
Christopher Ferris
b687ad3c34 Add new tests for memory/string routines.
Create a few generic testing functions to allow any memory/string tests
to be created.

Add alignment tests for memcpy/memset/strcat/strcpy/strlen.

Add an overread test for memcpy/strcat/strcpy/strlen. This test attempts
to verify that the functions do not read past the end of their buffers
(src buffer in the case of src/dst functions).

Bug: 9797008

Change-Id: Ib3223ca1b99e729ae8229adc2d03f4dc3103d97c
2013-11-15 10:36:21 -08:00