a493fe4153
GWP-ASan's recoverable mode was landed upstream in https://reviews.llvm.org/D140173. This mode allows for a use-after-free or a buffer-overflow bug to be detected by GWP-ASan, a crash report dumped, but then GWP-ASan (through the preCrashReport() and postCrashReportRecoverableOnly() hooks) will patch up the memory so that the process can continue, in spite of the memory safety bug. This is desirable, as it allows us to consider migrating non-system apps from opt-in GWP-ASan to opt-out GWP-ASan. The major concern was "if we make it opt-out, then bad apps will start crashing". If we don't crash, problem solved :). Obviously, we'll need to do this with an amount of process sampling to mitigate against the 70KiB memory overhead. The biggest problem is that the debuggerd signal handler isn't the first signal handler for apps, it's the sigchain handler inside of libart. Clearly, the sigchain handler needs to ask us whether the crash is GWP-ASan's fault, and if so, please patch up the allocator. Because of linker namespace restrictions, libart can't directly ask the linker (which is where debuggerd lies), so we provide a proxy function in libc. Test: Build the platform, run sanitizer-status and various test apps with recoverable gwp-asan. Assert that it doesn't crash, and we get a debuggerd report. Bug: 247012630 Change-Id: I86d5e27a9ca5531c8942e62647fd377c3cd36dfd |
||
---|---|---|
.. | ||
__bionic_get_shell_path.h | ||
bionic_allocator.h | ||
bionic_arc4random.h | ||
bionic_asm.h | ||
bionic_asm_arm.h | ||
bionic_asm_arm64.h | ||
bionic_asm_dwarf_exprs.h | ||
bionic_asm_note.h | ||
bionic_asm_riscv64.h | ||
bionic_asm_x86.h | ||
bionic_asm_x86_64.h | ||
bionic_auxv.h | ||
bionic_call_ifunc_resolver.h | ||
bionic_config.h | ||
bionic_constants.h | ||
bionic_defs.h | ||
bionic_elf_tls.h | ||
bionic_fdsan.h | ||
bionic_fdtrack.h | ||
bionic_fortify.h | ||
bionic_futex.h | ||
bionic_globals.h | ||
bionic_ieee.h | ||
bionic_ifuncs.h | ||
bionic_inline_raise.h | ||
bionic_lock.h | ||
bionic_malloc_dispatch.h | ||
bionic_mbstate.h | ||
bionic_sigdefs.h | ||
bionic_ssp.h | ||
bionic_systrace.h | ||
bionic_time_conversions.h | ||
bionic_tls.h | ||
bionic_vdso.h | ||
bsd_sys_param.h | ||
CachedProperty.h | ||
CFIShadow.h | ||
ErrnoRestorer.h | ||
FdPath.h | ||
get_cpu_count_from_string.h | ||
grp_pwd.h | ||
icu.h | ||
KernelArgumentBlock.h | ||
linker_native_bridge.h | ||
MallocXmlElem.h | ||
NetdClientDispatch.h | ||
ScopedFd.h | ||
ScopedPthreadMutexLocker.h | ||
ScopedReaddir.h | ||
ScopedRWLock.h | ||
ScopedSignalBlocker.h | ||
ScopedSignalHandler.h | ||
SigSetConverter.h | ||
thread_private.h | ||
WriteProtected.h |