Cflag "-fsanitize-trap=all" will override "-fno-sanitize-trap=integer" if "-fsanitize-trap=all" is placed behind. Change the order to make minimal abort work, which will output the abort message to give user a better prompt.
Bug: 233840743
Test: "objdump -dS {CFI enabled so}" to check the instrumented abort instruction
Change-Id: Id85fa8ece3e13d1b21b4fdbf5f4b5124011890ca
This is so that we can avoid mutating state in sanitizerMutator, as
would be necessary if we only had a single bit for every sanitizer
together.
Test: Presubmits.
Change-Id: I5576367c12972fbea64342ab123118ec5a2cfeec
Also remove a tiny bit of state mutation from sanitizerMutator. Every
little bit helps!
Test: Prebuilts + comparing soong/build.ninja .
Your branch is up to date with 'aosp/master'.
Change-Id: I73b28b660b572610242765d87b70ab081b0b43df
Now that we provide runtimes built for musl, enable the sanitizers
when targeting musl.
Bug: 215802826
Test: m USE_HOST_MUSL=true host-native
Change-Id: Id17513ee305274874c31e9c99ce4faeff4a1c057
Previously, we use to fill memory with 0xbe bytes. This caused a lot of
problems that necessitated disablement. For example, 0xbe-filled mutexes
are apparently locked, and there were a few instances of
uninitialized-mutex use.
Given that zero-fill is now the default behaviour, enable zero-init in
HWASan as well.
For now, only fill the first page. It would be preferable to fill the
whole allocation, but I don't want to spin for too many cycles filling
huge secondary pages. In future, we might change the behaviour to have
an explicit "zero initialize" option that completely fills the primarily
allocations, and knows it's unnecessary for the secondary.
Bug: 226078464
Test: Boot w/ HWASan (done by presubmit robot)
Change-Id: I7de3a7f9fa2fdeb5116e5bf6586babe4d06fcb91
This CL enables HWASan to detect a new class of bugs, specifically
use-after-scope. An example for a bug like this is
int* y;
{
int x = 1;
y = &x;
}
*y = 2;
IF YOU FOUND THIS CL AS A POSSIBLE CULPRIT OF A TEST FAILURE:
While it is possible that there is a bug in HWASan and this CL needs
to be rolled back, please also consider that this might surface
actual problems in either the test code or the code under test. See
https://r.android.com/1956922 for an example of fix for a bug
detected by a previous rollout of this flag.
This reverts commit fd337b3963.
Reason for revert: Once https://r.android.com/1985009 is submitted the bug that caused the revert will be fixed.
Change-Id: Id9e81e8b7c26e044af00bdaeae6bb35abbbd9710
Use dependencies instead of libflags to link libclang_rt.builtins
and libclang_rt.ubsan_minimal.
Test: m checkbuild
Change-Id: I403cee0fb8cc21c347b42d8f8a3c20d6f43337a4
Currently when using sanitizers and building for the device
the -fsanitize= argument is not passed to the linker so that the
linker won't add the runtimes, which have already been added
as explicit dependencies. Pass -fno-sanitize-link-runtime instead
in case the linker has other behaviors when passed -fsanitize=
besides adding the runtimes. Also check for bionic instead of host
so that linux bionic gets the same linker behavior as bionic for
the device.
Test: m USE_HOST_MUSL=true host-native
Test: m checkbuild
Change-Id: I0f2966e2fd4ae8adc5cb21eb116c349bcc0c668f
Bug: http://b/133876586
This was turned off but the upstream change fixing this has been long
part of the Android toolchain.
Test: Output of
m aidl_parser_fuzzer; readelf aidl_parser_fuzzer | grep -c sancov
hasn't changed.
Change-Id: Id7edd7ac5791b0e031fd4af46381acdbb1b80d47
This CL adds support for the MTE memtag_heap sanitizer. This is
controlled via inclusion of an ELF note.
Bug: 170672854
Test: Heap MTE-enabled Rust test binary triggers MTE
Change-Id: I2619818785e86a94667d02b30d102c83456b7925
ThinLTO shifts codegen to linking stage. Need to pass the same set of
workaround flags to linker.
Test: m GLOBAL_THINLTO=true; adb shell incident_helper
Bug: 159343917
Bug: 204746309
Change-Id: I1e42bb043d6a86d880054b85e8831386ae4ea7e5
This CL adds Rust support for the SANITIZE_TARGET options.
This CL includes a couple small fixes to related to HWASAN, ASAN,
ensuring that the Never sanitize property is respected. Notably,
additional llvm-args are passed to ensure that HWASAN-ified Rust/C
interop works correctly.
Bug: 170672854
Bug: 204915322
Test: SANITIZE_TARGET globally applies hwasan to Rust targets
Change-Id: Ia904d07b4618f72cdc95c51f88961905c240ac53
Now that we have rolled to a sufficiently new clang, HWASan also works
with the new pass manager.
Bug: 135298400
Test: introduce memory safety bug and verify HWASan gets triggered.
Change-Id: I497ca6542971569cbcad949780e4c7df5b0bfb44
Split the x86 host toolchain into glibc and musl variants
Create new musl toolchains that are based on the existing glibc
toolchains, and add the necessary flags for musl compiles.
This relands Ifc02f9e5afa61ff758be98b0c962f3a4b53d0546 with changes
for I46672e3a096b6ea94ff4c10e1c31e8fd010a163c.
Bug: 190084016
Change-Id: Iaa9f7a50ff601155ecd73acc5701a2c226be66dc
Test: TestArchMutator
Create new musl toolchains that are based on the existing glibc
toolchains, and add the necessary flags for musl compiles.
Bug: 190084016
Test: TestArchMutator
Change-Id: Ifc02f9e5afa61ff758be98b0c962f3a4b53d0546
Current snapshot definition is located in the CC module, so it is
difficult to capture non-CC module (such as prebuilt_etc) to the
snapshot. Separate general snapshot definition from cc so other modules
can also define its own snapshot.
Bug: 192430376
Test: m nothing passed
Change-Id: Ifb69fb3d2ec555b629aa31ec03e7ce5831fd3063
This is equivalent to Binary() -- reduce the interface and improve
clarity.
Test: go test soong tests
Change-Id: I770f5ce79fd4d888586d31ec5e67be88153626b6
This is a workaround for a compiler bug that makes this combination
extremely slow to build.
Bug: 191808836
Test: m net_test_btm_iso with SANITIZE_TARGET=hwaddress
Change-Id: Ide7436bbc564413cb2f29355ada5286976607205
This CL exports and refactors some cc vendor-snapshot related functions
so they can be reused by rust modules to support vendor snapshotting.
Bug: 184042776
Test: m nothing
Change-Id: I12706e62ce0ac3b2b4298085fafc1d77b8e0a0c4
Propagating enabling ASAN through shared library dependencies
doesn't make much sense, because only the non-ASAN variant is exposed
to Make, leading to an non-installed dependency.
Bug: 186487510
Test: TestAsan
Change-Id: I7d3f20f2d10beac09c66c6b6dcb7a34a513ff3b8
Refactors the vendor snapshot support to use the LinkableInterface
so that support can be extended to Rust. This CL does not add
vendor snapshot support for Rust; that is left for a follow-on CL.
Bug: 184042776
Test: m nothing
Change-Id: Id0c4970ca00053484a52677d182153cbc454c301
We need this so that HWASan sanitizer mutator in CC can sanitize Rust.
Bug: 180495975
Test: m nothing
Change-Id: I2c9eb248df4e55a33f5d45083e91588f4c8e3e94
memtag sanitizer libraries are vendor available and can be captured as
snapshots. This change adds a redirection logic for memtag libraries.
This is just a workaround, just like other SnapshotInfoProvider calls.
In the future we need to refactor these codes. So TODO is added to
remind refactoring.
Bug: 178470649
Test: soong test
Change-Id: Id77f1ce94255b56a68f3e1d7446a68189c45ac54
Enabling cfi for 32-bit arch; b/35157333 seems to have been resolved in b/67507331.
Bug: 158010610
Test: manual interaction with Wimbley device: youtube video, chrome
navigations, gmail
MPTS testing on Sargo
Change-Id: I9eb034deed9938710f0f7b690fa57108d9bc5669
Change-Id: I434748ede352f998e64a6639de6ba162762ee7f0
