Mostly exporting variables to Bazel, but also allowlisting a BUILD
file.
Bug: 251217226
Test: Unit tests
Change-Id: Id87015a3cd5d970700c4058ec989bb0c14c36bcb
Use static asan runtimes for musl binaries to match glibc binaries.
The static asan runtime also requires libclang_rt.asan_cxx.a. Unlike
most other runtimes the asan runtimes need to expose the symbols
from the runtime to allow intercepting calls to malloc, new etc.
Test: m USE_HOST_MUSL=true aidl_unittests && out/host/linux-x86/testcases/aidl_unittests/x86_64/aidl_unittests
Test: sanitize_test.go
Change-Id: I93da03b1c447fbb01f37262e7a465f165c2d5a18
The dependencies on static runtimes are getting compilicated, as they
vary on whether or not they should hide or export symbols from the
runtime. Instead of setting flags to try to add the right static
runtime later, add them as dependencies immediately with a call to
addStaticDeps.
Test: sanitize_test.go
Change-Id: I5fb3ee29b31ce99d8feac262fcf71d19396dc68d
We pass mcpu=cortex-a55 for our build, which increases BB to the point
where the LLVM default of 32 is not enough.
I ran a fullmte build and did not see any slowdown.
Bug: 229654778
Change-Id: Ifbd1e5427101b2f2f39c067ba3ea4d5cb4a3ba0d
To match the scudo allocator's always return zero allocation behavior,
set the max malloc fill size larger than the largest size class.
Currently, the largest is 65552, so set the max to 128KB to avoid
needing to change this in the future.
Test: Run test that verifies allocations returned are zero and it passes.
Change-Id: Ie9f0b0d54f846008b1c6d5dc6e55c7031262d29e
vendor_snapshot_object modules do not provide sanitizers.
Avoid sanitizer mutation for these modules.
Bug: 234772527
Test: build against the vsdk with SANITIZE_TARGET=hwaddress
Change-Id: Ib4fe4def673aa77a4321f47c09393adcb2fa2964
When generating vsdk snapshot with SANITIZE_TARGET=hwaddress option,
include hwasan static libraries to the vendor snapshot.
Bug: 234772527
Test: build against the vsdk with SANITIZE_TARGET=hwaddress
Change-Id: I6fdecefaa8557b5c968745487a3ed7c959e682f9
Building for riscv64 fails with link errors on __thread variables.
Set -fno-emulated-tls to fix it.
Bug: 254713216
Test: lunch aosp_riscv64-userdebug && m ALLOW_MISSING_DEPENDENCIES=true ndk_sysroot
Change-Id: I3dca81dfd277d681b6c868a5e8385e3a37335a5f
Building with LTO and CFI enabled for riscv64 causes link failures:
ld.lld: error: lto.tmp: cannot link object files with different floating-point ABI
ld.lld: error: undefined symbol: guard variable for android::hardware::BufferedTextOutput::getBuffer() const::ts
Disable them for now.
Test: lunch aosp_riscv64-userdebug && m ALLOW_MISSING_DEPENDENCIES=true ndk_sysroot
Change-Id: I3489952abebeeb3f4de664fd3e436232aac298d7
Using a dynamic libclang_rt.ubsan_standalone runtime causes
problems when dalvikvm dlopen's libart.so:
JniInvocation E 10-19 18:25:55 1159447 1159447] Failed to dlopen libart.so: Error relocating /mnt/disks/build-disk/src/android/master/out/host/linux-x86/lib64/libclang_rt.ubsan_standalone-x86_64.so: (null): initial-exec TLS resolves to dynamic definition in /mnt/disks/build-disk/src/android/master/out/host/linux-x86/lib64/libclang_rt.ubsan_standalone-x86_64.so
This seems to be caused by a thread local variable with an
explicit initial-exec TLS model in libclang_rt.ubsan_standalone,
which is then rejected by musl's dynamic loader. Switching to
a static libclang_rt.ubsan_standalone matches what we are doing
for glibc and fixes musl.
Bug: 190084016
Test: m USE_HOST_MUSL=true out/target/common/obj/JAVA_LIBRARIES/ahat-test-dump_intermediates/test-dump-base.hprof
Change-Id: I3e50eae6c22b684fc7bb0ccdfe0379f41d246319
unwinding through tagged frames is fixed in upstream and cherry-picked
onto Android toolchain in https://r.android.com/2251926. until then, we
can disable stack tagging for code that uses exception, so we can get
some coverage before the toolchain update.
Test: stack_tagging_helper exception_cleanup from https://r.android.com/2175188
fails with assertion "GetTag(&y) !=
GetTag(__builtin_frame_address(0))" as expected
Bug: 174878242
Change-Id: I1597b21f64a92874dbccb64ffebbef7bb9bf8214
The root cause for the warning is fixed in upstream LLVM
(https://reviews.llvm.org/D127917) , working around until
that is submitted.
Test: make libc with memtag-stack
Bug: 174878242
Change-Id: Iae8c85f39bdceb9752b7f2758c5543c1b3f90277
This change depends on the following toolchain commit:
https://reviews.llvm.org/D118948
Bug: b/174878242
Test: sanitize_test.go
Test: fvp_mini with SANITIZE_TARGET=memtag_heap,memtag_stack
Change-Id: I52d2318c8e4e06d6da5b74c45226144b880f1577
The prebuilts for musl have the necessary symbols for vptr and function
sanitizers, but enabling them implicitly enables RTTI which causes RTTI
mismatch issues with dependencies.
Bug: 215802826
Test: m USE_HOST_MUSL=true host-native
Change-Id: I93edfd617d99efcac0eca58bb3f3c173c4fa121a
Don't use hwasan for non-bionic arm64 targets, including
arm64-linux-musl and arm64 darwin.
This relands I67c07f26f25a9f9807ee21ee79c113ea11f65473 which was
accidentally reverted in I47a9322929baff2492c6e8db989ece01fcbeb133.
Bug: 236052820
Test: build arm64 musl sysroot
Change-Id: I77753ecb6f07aafa1b6e00ad6bf432f9c9744f79
Add toolchains to support cross compiling to aarch64-linux-musl and
arm-linux-musleabihf.
Bug: 236052820
Test: build arm and arm64 musl sysroots
Change-Id: I47a9322929baff2492c6e8db989ece01fcbeb133
The logic is not 100% provably the same since HEAD was quite
confusing at some points, but I did make an effort to preserve
functional equivalence.
In case that effort was not enough, it should be pretty easy to
tweak the logic at HEAD since it's still quite malleable.
Bug: 231370928
Test: Presubmits.
Change-Id: I17b2efbfb5c4d0aedd922caed54ff8d857e578df
The sanitize code was assuming that the names of the clang runtime
library modules were the same as their static library output files,
but that's not true after I39e2cf8ae14edf8510276dab38011afaef85822c.
Use the dependency to get the name of the library to pass to
-Wl,--exclude-libs.
This relands If6ca7838800c76f90105fb02d39e8a68cec96314 with a fix
for skipping tests that don't work on mac.
Bug: 235624976
Test: TestUbsan
Change-Id: I32894d10d24473ad48b6afc5663f91fa48a6a0ba
Turns out, the whole context is not needed and then let's not
plumb it any further than necessary.
Test: Presubmits.
Change-Id: I1a25738e5a6ca20dea0d973c2ce435b5e152399b
THe sanitize code was assuming that the names of the clang runtime
library modules were the same as their static library output files,
but that's not true after I39e2cf8ae14edf8510276dab38011afaef85822c.
Use the dependency to get the name of the library to pass to
-Wl,--exclude-libs.
Bug: 235624976
Test: TestUbsan
Change-Id: If6ca7838800c76f90105fb02d39e8a68cec96314
Cflag "-fsanitize-trap=all" will override "-fno-sanitize-trap=integer" if "-fsanitize-trap=all" is placed behind. Change the order to make minimal abort work, which will output the abort message to give user a better prompt.
Bug: 233840743
Test: "objdump -dS {CFI enabled so}" to check the instrumented abort instruction
Change-Id: Id85fa8ece3e13d1b21b4fdbf5f4b5124011890ca
This is so that we can avoid mutating state in sanitizerMutator, as
would be necessary if we only had a single bit for every sanitizer
together.
Test: Presubmits.
Change-Id: I5576367c12972fbea64342ab123118ec5a2cfeec
Also remove a tiny bit of state mutation from sanitizerMutator. Every
little bit helps!
Test: Prebuilts + comparing soong/build.ninja .
Your branch is up to date with 'aosp/master'.
Change-Id: I73b28b660b572610242765d87b70ab081b0b43df
Now that we provide runtimes built for musl, enable the sanitizers
when targeting musl.
Bug: 215802826
Test: m USE_HOST_MUSL=true host-native
Change-Id: Id17513ee305274874c31e9c99ce4faeff4a1c057
Previously, we use to fill memory with 0xbe bytes. This caused a lot of
problems that necessitated disablement. For example, 0xbe-filled mutexes
are apparently locked, and there were a few instances of
uninitialized-mutex use.
Given that zero-fill is now the default behaviour, enable zero-init in
HWASan as well.
For now, only fill the first page. It would be preferable to fill the
whole allocation, but I don't want to spin for too many cycles filling
huge secondary pages. In future, we might change the behaviour to have
an explicit "zero initialize" option that completely fills the primarily
allocations, and knows it's unnecessary for the secondary.
Bug: 226078464
Test: Boot w/ HWASan (done by presubmit robot)
Change-Id: I7de3a7f9fa2fdeb5116e5bf6586babe4d06fcb91
This CL enables HWASan to detect a new class of bugs, specifically
use-after-scope. An example for a bug like this is
int* y;
{
int x = 1;
y = &x;
}
*y = 2;
IF YOU FOUND THIS CL AS A POSSIBLE CULPRIT OF A TEST FAILURE:
While it is possible that there is a bug in HWASan and this CL needs
to be rolled back, please also consider that this might surface
actual problems in either the test code or the code under test. See
https://r.android.com/1956922 for an example of fix for a bug
detected by a previous rollout of this flag.
This reverts commit fd337b3963.
Reason for revert: Once https://r.android.com/1985009 is submitted the bug that caused the revert will be fixed.
Change-Id: Id9e81e8b7c26e044af00bdaeae6bb35abbbd9710
Use dependencies instead of libflags to link libclang_rt.builtins
and libclang_rt.ubsan_minimal.
Test: m checkbuild
Change-Id: I403cee0fb8cc21c347b42d8f8a3c20d6f43337a4
Currently when using sanitizers and building for the device
the -fsanitize= argument is not passed to the linker so that the
linker won't add the runtimes, which have already been added
as explicit dependencies. Pass -fno-sanitize-link-runtime instead
in case the linker has other behaviors when passed -fsanitize=
besides adding the runtimes. Also check for bionic instead of host
so that linux bionic gets the same linker behavior as bionic for
the device.
Test: m USE_HOST_MUSL=true host-native
Test: m checkbuild
Change-Id: I0f2966e2fd4ae8adc5cb21eb116c349bcc0c668f
Bug: http://b/133876586
This was turned off but the upstream change fixing this has been long
part of the Android toolchain.
Test: Output of
m aidl_parser_fuzzer; readelf aidl_parser_fuzzer | grep -c sancov
hasn't changed.
Change-Id: Id7edd7ac5791b0e031fd4af46381acdbb1b80d47
This CL adds support for the MTE memtag_heap sanitizer. This is
controlled via inclusion of an ELF note.
Bug: 170672854
Test: Heap MTE-enabled Rust test binary triggers MTE
Change-Id: I2619818785e86a94667d02b30d102c83456b7925
ThinLTO shifts codegen to linking stage. Need to pass the same set of
workaround flags to linker.
Test: m GLOBAL_THINLTO=true; adb shell incident_helper
Bug: 159343917
Bug: 204746309
Change-Id: I1e42bb043d6a86d880054b85e8831386ae4ea7e5
This CL adds Rust support for the SANITIZE_TARGET options.
This CL includes a couple small fixes to related to HWASAN, ASAN,
ensuring that the Never sanitize property is respected. Notably,
additional llvm-args are passed to ensure that HWASAN-ified Rust/C
interop works correctly.
Bug: 170672854
Bug: 204915322
Test: SANITIZE_TARGET globally applies hwasan to Rust targets
Change-Id: Ia904d07b4618f72cdc95c51f88961905c240ac53
Now that we have rolled to a sufficiently new clang, HWASan also works
with the new pass manager.
Bug: 135298400
Test: introduce memory safety bug and verify HWASan gets triggered.
Change-Id: I497ca6542971569cbcad949780e4c7df5b0bfb44
Split the x86 host toolchain into glibc and musl variants
Create new musl toolchains that are based on the existing glibc
toolchains, and add the necessary flags for musl compiles.
This relands Ifc02f9e5afa61ff758be98b0c962f3a4b53d0546 with changes
for I46672e3a096b6ea94ff4c10e1c31e8fd010a163c.
Bug: 190084016
Change-Id: Iaa9f7a50ff601155ecd73acc5701a2c226be66dc
Test: TestArchMutator
Create new musl toolchains that are based on the existing glibc
toolchains, and add the necessary flags for musl compiles.
Bug: 190084016
Test: TestArchMutator
Change-Id: Ifc02f9e5afa61ff758be98b0c962f3a4b53d0546
Current snapshot definition is located in the CC module, so it is
difficult to capture non-CC module (such as prebuilt_etc) to the
snapshot. Separate general snapshot definition from cc so other modules
can also define its own snapshot.
Bug: 192430376
Test: m nothing passed
Change-Id: Ifb69fb3d2ec555b629aa31ec03e7ce5831fd3063
This is equivalent to Binary() -- reduce the interface and improve
clarity.
Test: go test soong tests
Change-Id: I770f5ce79fd4d888586d31ec5e67be88153626b6
This is a workaround for a compiler bug that makes this combination
extremely slow to build.
Bug: 191808836
Test: m net_test_btm_iso with SANITIZE_TARGET=hwaddress
Change-Id: Ide7436bbc564413cb2f29355ada5286976607205
This CL exports and refactors some cc vendor-snapshot related functions
so they can be reused by rust modules to support vendor snapshotting.
Bug: 184042776
Test: m nothing
Change-Id: I12706e62ce0ac3b2b4298085fafc1d77b8e0a0c4
Propagating enabling ASAN through shared library dependencies
doesn't make much sense, because only the non-ASAN variant is exposed
to Make, leading to an non-installed dependency.
Bug: 186487510
Test: TestAsan
Change-Id: I7d3f20f2d10beac09c66c6b6dcb7a34a513ff3b8
Refactors the vendor snapshot support to use the LinkableInterface
so that support can be extended to Rust. This CL does not add
vendor snapshot support for Rust; that is left for a follow-on CL.
Bug: 184042776
Test: m nothing
Change-Id: Id0c4970ca00053484a52677d182153cbc454c301
We need this so that HWASan sanitizer mutator in CC can sanitize Rust.
Bug: 180495975
Test: m nothing
Change-Id: I2c9eb248df4e55a33f5d45083e91588f4c8e3e94
memtag sanitizer libraries are vendor available and can be captured as
snapshots. This change adds a redirection logic for memtag libraries.
This is just a workaround, just like other SnapshotInfoProvider calls.
In the future we need to refactor these codes. So TODO is added to
remind refactoring.
Bug: 178470649
Test: soong test
Change-Id: Id77f1ce94255b56a68f3e1d7446a68189c45ac54
Enabling cfi for 32-bit arch; b/35157333 seems to have been resolved in b/67507331.
Bug: 158010610
Test: manual interaction with Wimbley device: youtube video, chrome
navigations, gmail
MPTS testing on Sargo
Change-Id: I9eb034deed9938710f0f7b690fa57108d9bc5669
Change-Id: I434748ede352f998e64a6639de6ba162762ee7f0
