Merge "Reset PAC keys on thread creation instead of on zygote fork."
diff --git a/benchmarks/linker_relocation/Android.bp b/benchmarks/linker_relocation/Android.bp
index b41d093..b78eb8e 100644
--- a/benchmarks/linker_relocation/Android.bp
+++ b/benchmarks/linker_relocation/Android.bp
@@ -32,7 +32,6 @@
name: "linker_reloc_bench_headers",
defaults: ["bionic_spawn_benchmark_targets"],
export_include_dirs: ["include"],
- bazel_module: { bp2build_available: true },
}
// TODO: This benchmark doesn't work with TradeFed/atest because it doesn't copy its test libraries
diff --git a/libc/arch-arm/bionic/setjmp.S b/libc/arch-arm/bionic/setjmp.S
index 5fbcaf3..2579143 100644
--- a/libc/arch-arm/bionic/setjmp.S
+++ b/libc/arch-arm/bionic/setjmp.S
@@ -87,28 +87,6 @@
b sigsetjmp
END(_setjmp)
-#define MANGLE_REGISTERS 1
-#define USE_CHECKSUM 1
-
-.macro m_mangle_registers reg
-#if MANGLE_REGISTERS
- eor r4, r4, \reg
- eor r5, r5, \reg
- eor r6, r6, \reg
- eor r7, r7, \reg
- eor r8, r8, \reg
- eor r9, r9, \reg
- eor r10, r10, \reg
- eor r11, r11, \reg
- eor r13, r13, \reg
- eor r14, r14, \reg
-#endif
-.endm
-
-.macro m_unmangle_registers reg
- m_mangle_registers \reg
-.endm
-
.macro m_calculate_checksum dst, src, scratch
mov \dst, #0
.irp i,0,1,2,3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28
@@ -167,12 +145,30 @@
// Save core registers.
add r1, r0, #(_JB_CORE_BASE * 4)
- m_mangle_registers r2
-
- // ARM deprecates using sp in the register list for stmia.
- stmia r1, {r4-r11, lr}
- str sp, [r1, #(9 * 4)]
- m_unmangle_registers r2
+ // Mangle the easy registers in-place, write them out in one go, and unmangle
+ // them again.
+ eor r4, r4, r2
+ eor r5, r5, r2
+ eor r6, r6, r2
+ eor r7, r7, r2
+ eor r8, r8, r2
+ eor r9, r9, r2
+ eor r10, r10, r2
+ eor r11, r11, r2
+ stmia r1, {r4-r11}
+ eor r4, r4, r2
+ eor r5, r5, r2
+ eor r6, r6, r2
+ eor r7, r7, r2
+ eor r8, r8, r2
+ eor r9, r9, r2
+ eor r10, r10, r2
+ eor r11, r11, r2
+ // We need to avoid invalid values in sp or lr (http://b/152210274).
+ eor r3, lr, r2
+ str r3, [r1, #(8 * 4)]
+ eor r3, sp, r2
+ str r3, [r1, #(9 * 4)]
// Save floating-point registers.
add r1, r0, #(_JB_FLOAT_BASE * 4)
@@ -182,11 +178,9 @@
fmrx r1, fpscr
str r1, [r0, #(_JB_FLOAT_STATE * 4)]
-#if USE_CHECKSUM
// Calculate the checksum.
m_calculate_checksum r12, r0, r2
str r12, [r0, #(_JB_CHECKSUM * 4)]
-#endif
mov r0, #0
bx lr
@@ -201,14 +195,11 @@
.cfi_rel_offset r1, 4
.cfi_rel_offset lr, 8
-#if USE_CHECKSUM
// Check the checksum before doing anything.
m_calculate_checksum r12, r0, r3
ldr r2, [r0, #(_JB_CHECKSUM * 4)]
-
teq r2, r12
bne __bionic_setjmp_checksum_mismatch
-#endif
// Fetch the signal flag.
ldr r1, [r0, #(_JB_SIGFLAG * 4)]
@@ -245,10 +236,21 @@
// Restore core registers.
add r2, r0, #(_JB_CORE_BASE * 4)
- // ARM deprecates using sp in the register list for ldmia.
- ldmia r2, {r4-r11, lr}
- ldr sp, [r2, #(9 * 4)]
- m_unmangle_registers r3
+ // Do all the easy registers in one go.
+ ldmia r2, {r4-r11}
+ eor r4, r4, r3
+ eor r5, r5, r3
+ eor r6, r6, r3
+ eor r7, r7, r3
+ eor r8, r8, r3
+ eor r9, r9, r3
+ eor r10, r10, r3
+ eor r11, r11, r3
+ // We need to avoid invalid values in sp or lr (http://b/152210274).
+ ldr r0, [r2, #(8 * 4)]
+ eor lr, r0, r3
+ ldr r0, [r2, #(9 * 4)]
+ eor sp, r0, r3
// Save the return value/address and check the setjmp cookie.
stmfd sp!, {r1, lr}
diff --git a/libc/arch-arm64/bionic/setjmp.S b/libc/arch-arm64/bionic/setjmp.S
index 351516f..d2fafdb 100644
--- a/libc/arch-arm64/bionic/setjmp.S
+++ b/libc/arch-arm64/bionic/setjmp.S
@@ -69,11 +69,8 @@
#define _JB_CHECKSUM (_JB_D8_D9 + 2)
#define SCS_MASK (SCS_SIZE - 1)
-#define MANGLE_REGISTERS 1
-#define USE_CHECKSUM 1
.macro m_mangle_registers reg, sp_reg
-#if MANGLE_REGISTERS
eor x3, x3, \reg
eor x19, x19, \reg
eor x20, x20, \reg
@@ -88,7 +85,6 @@
eor x29, x29, \reg
eor x30, x30, \reg
eor \sp_reg, \sp_reg, \reg
-#endif
.endm
.macro m_calculate_checksum dst, src, scratch
@@ -179,11 +175,9 @@
stp d10, d11, [x0, #(_JB_D10_D11 * 8)]
stp d8, d9, [x0, #(_JB_D8_D9 * 8)]
-#if USE_CHECKSUM
// Calculate the checksum.
m_calculate_checksum x12, x0, x2
str x12, [x0, #(_JB_CHECKSUM * 8)]
-#endif
mov w0, #0
autiasp
@@ -194,14 +188,11 @@
// void siglongjmp(sigjmp_buf env, int value);
ENTRY(siglongjmp)
__BIONIC_WEAK_ASM_FOR_NATIVE_BRIDGE(siglongjmp)
-#if USE_CHECKSUM
// Check the checksum before doing anything.
m_calculate_checksum x12, x0, x2
ldr x2, [x0, #(_JB_CHECKSUM * 8)]
-
cmp x2, x12
bne __bionic_setjmp_checksum_mismatch
-#endif
#if __has_feature(hwaddress_sanitizer)
stp x0, x30, [sp, #-16]!
diff --git a/libc/arch-common/bionic/crtbegin.c b/libc/arch-common/bionic/crtbegin.c
index f2b6638..62878378 100644
--- a/libc/arch-common/bionic/crtbegin.c
+++ b/libc/arch-common/bionic/crtbegin.c
@@ -89,6 +89,3 @@
#include "__dso_handle.h"
#include "atexit.h"
#include "pthread_atfork.h"
-#ifdef __i386__
-# include "../../arch-x86/bionic/__stack_chk_fail_local.h"
-#endif
diff --git a/libc/arch-common/bionic/crtbegin_so.c b/libc/arch-common/bionic/crtbegin_so.c
index cf369cc..2f3b118 100644
--- a/libc/arch-common/bionic/crtbegin_so.c
+++ b/libc/arch-common/bionic/crtbegin_so.c
@@ -73,6 +73,3 @@
# include "atexit.h"
#endif
#include "pthread_atfork.h"
-#ifdef __i386__
-# include "../../arch-x86/bionic/__stack_chk_fail_local.h"
-#endif
diff --git a/libc/arch-x86/bionic/__stack_chk_fail_local.h b/libc/arch-x86/bionic/__stack_chk_fail_local.h
deleted file mode 100644
index 0b0fd7f..0000000
--- a/libc/arch-x86/bionic/__stack_chk_fail_local.h
+++ /dev/null
@@ -1,57 +0,0 @@
-/*
- * Copyright (C) 2012 The Android Open Source Project
- * All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * * Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- * * Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in
- * the documentation and/or other materials provided with the
- * distribution.
- *
- * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
- * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
- * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
- * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
- * COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT,
- * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING,
- * BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS
- * OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED
- * AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,
- * OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT
- * OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- */
-
-#include <sys/cdefs.h>
-
-/*
- __stack_chk_fail routine is runtime part of stack protector compiler
- feature. It's implemented in libc and represents die routine when stack
- corruption is detected.
-
- Calls are generated by compiler and injected into user functions when
- -fstack-protector* options are used.
-
- __stack_chk_fail_local is wrapper for __stack_chk_fail. Compiler generates
- wrapper calls instead for PIC code only and only on IA32 for optimization
- purpose (see gcc/config/i386/i386.c). Wrapper body is always included into
- executable or library. This is the idea of optimization.
-
- Glibc is doing this via libc_nonshared.a which is linked automatically
- everytime with libc.so. In bionic we have to bring it within crtfiles
- because libc.so is real library and not a link script like libc.so at glibc.
-
- For x86_64 or non-PIC code compiler always generates __stack_chk_fail calls.
-*/
-
-#ifdef __i386__
-extern void __stack_chk_fail();
-
-__LIBC_HIDDEN__ void __stack_chk_fail_local() {
- __stack_chk_fail();
-}
-#endif
diff --git a/libc/arch-x86/bionic/setjmp.S b/libc/arch-x86/bionic/setjmp.S
index 1e1ce58..1a3eb4b 100644
--- a/libc/arch-x86/bionic/setjmp.S
+++ b/libc/arch-x86/bionic/setjmp.S
@@ -57,19 +57,6 @@
#define _JB_SIGFLAG 8
#define _JB_CHECKSUM 9
-.macro m_mangle_registers reg
- xorl \reg,%edx
- xorl \reg,%ebx
- xorl \reg,%esp
- xorl \reg,%ebp
- xorl \reg,%esi
- xorl \reg,%edi
-.endm
-
-.macro m_unmangle_registers reg
- m_mangle_registers \reg
-.endm
-
.macro m_calculate_checksum dst, src
movl $0, \dst
.irp i,0,1,2,3,4,5
@@ -129,14 +116,17 @@
// Save the callee-save registers.
movl 0(%esp),%edx
- m_mangle_registers %eax
- movl %edx,(_JB_EDX * 4)(%ecx)
- movl %ebx,(_JB_EBX * 4)(%ecx)
- movl %esp,(_JB_ESP * 4)(%ecx)
- movl %ebp,(_JB_EBP * 4)(%ecx)
- movl %esi,(_JB_ESI * 4)(%ecx)
- movl %edi,(_JB_EDI * 4)(%ecx)
- m_unmangle_registers %eax
+
+.macro m_mangle_register reg, offset
+ movl \reg,(\offset * 4)(%ecx)
+ xorl %eax,(\offset * 4)(%ecx)
+.endm
+ m_mangle_register %edx, _JB_EDX
+ m_mangle_register %ebx, _JB_EBX
+ m_mangle_register %esp, _JB_ESP
+ m_mangle_register %ebp, _JB_EBP
+ m_mangle_register %esi, _JB_ESI
+ m_mangle_register %edi, _JB_EDI
m_calculate_checksum %eax, %ecx
movl %eax, (_JB_CHECKSUM * 4)(%ecx)
@@ -174,18 +164,26 @@
movl 4(%esp),%edx
movl 8(%esp),%eax
+ // Fetch the setjmp cookie and clear the signal flag bit.
movl (_JB_SIGFLAG * 4)(%edx),%ecx
andl $-2,%ecx
+ // Carefully unmangle esp/ebp without ever having an invalid value in the
+ // register (http://b/152210274).
+ movl (_JB_ESP * 4)(%edx),%edi
+ xorl %ecx,%edi
+ movl %edi,%esp
+ movl (_JB_EBP * 4)(%edx),%edi
+ xorl %ecx,%edi
+ movl %edi,%ebp
+
+ // The others don't matter as much, but we do need to finish using the cookie
+ // from %ecx before we clobber it, so we seed each register with the cookie.
movl %ecx,%ebx
- movl %ecx,%esp
- movl %ecx,%ebp
movl %ecx,%esi
movl %ecx,%edi
xorl (_JB_EDX * 4)(%edx),%ecx
xorl (_JB_EBX * 4)(%edx),%ebx
- xorl (_JB_ESP * 4)(%edx),%esp
- xorl (_JB_EBP * 4)(%edx),%ebp
xorl (_JB_ESI * 4)(%edx),%esi
xorl (_JB_EDI * 4)(%edx),%edi
diff --git a/libc/arch-x86_64/bionic/setjmp.S b/libc/arch-x86_64/bionic/setjmp.S
index 1d34561..ba3f05f 100644
--- a/libc/arch-x86_64/bionic/setjmp.S
+++ b/libc/arch-x86_64/bionic/setjmp.S
@@ -64,25 +64,6 @@
#define _JB_SIGMASK 9
#define _JB_CHECKSUM 10
-#define MANGLE_REGISTERS 1
-
-.macro m_mangle_registers reg
-#if MANGLE_REGISTERS
- xorq \reg,%rbx
- xorq \reg,%rbp
- xorq \reg,%r12
- xorq \reg,%r13
- xorq \reg,%r14
- xorq \reg,%r15
- xorq \reg,%rsp
- xorq \reg,%r11
-#endif
-.endm
-
-.macro m_unmangle_registers reg
- m_mangle_registers \reg
-.endm
-
.macro m_calculate_checksum dst, src
movq $0, \dst
.irp i,0,1,2,3,4,5,6,7
@@ -127,20 +108,26 @@
popq %rdi // Pop 'env'.
2:
- // Save the callee-save registers.
+ // Fetch the setjmp cookie and clear the signal flag bit.
popq %rax
andq $-2,%rax
movq (%rsp),%r11
- m_mangle_registers %rax
- movq %rbx,(_JB_RBX * 8)(%rdi)
- movq %rbp,(_JB_RBP * 8)(%rdi)
- movq %r12,(_JB_R12 * 8)(%rdi)
- movq %r13,(_JB_R13 * 8)(%rdi)
- movq %r14,(_JB_R14 * 8)(%rdi)
- movq %r15,(_JB_R15 * 8)(%rdi)
- movq %rsp,(_JB_RSP * 8)(%rdi)
- movq %r11,(_JB_PC * 8)(%rdi)
- m_unmangle_registers %rax
+
+ // Save the callee-save registers.
+
+.macro m_mangle_register reg, offset
+ movq \reg, (\offset * 8)(%rdi)
+ xorq %rax, (\offset * 8)(%rdi) // %rax contains the cookie.
+.endm
+
+ m_mangle_register %rbx, _JB_RBX
+ m_mangle_register %rbp, _JB_RBP
+ m_mangle_register %r12, _JB_R12
+ m_mangle_register %r13, _JB_R13
+ m_mangle_register %r14, _JB_R14
+ m_mangle_register %r15, _JB_R15
+ m_mangle_register %rsp, _JB_RSP
+ m_mangle_register %r11, _JB_PC
m_calculate_checksum %rax, %rdi
movq %rax, (_JB_CHECKSUM * 8)(%rdi)
@@ -179,15 +166,22 @@
popq %rax // Pop 'value'.
// Restore the callee-save registers.
- movq (_JB_RBX * 8)(%r12),%rbx
- movq (_JB_RBP * 8)(%r12),%rbp
- movq (_JB_R13 * 8)(%r12),%r13
- movq (_JB_R14 * 8)(%r12),%r14
- movq (_JB_R15 * 8)(%r12),%r15
- movq (_JB_RSP * 8)(%r12),%rsp
- movq (_JB_PC * 8)(%r12),%r11
- movq (_JB_R12 * 8)(%r12),%r12
- m_unmangle_registers %rcx
+
+.macro m_unmangle_register reg, offset
+ movq (\offset * 8)(%r12), %rdx // Clobbers rdx.
+ xorq %rcx, %rdx // %rcx contains the cookie.
+ // Now it's safe to overwrite the register (http://b/152210274).
+ movq %rdx, \reg
+.endm
+
+ m_unmangle_register %rbx, _JB_RBX
+ m_unmangle_register %rbp, _JB_RBP
+ m_unmangle_register %r13, _JB_R13
+ m_unmangle_register %r14, _JB_R14
+ m_unmangle_register %r15, _JB_R15
+ m_unmangle_register %rsp, _JB_RSP
+ m_unmangle_register %r11, _JB_PC
+ m_unmangle_register %r12, _JB_R12
// Check the cookie.
pushq %rax
diff --git a/libc/async_safe/Android.bp b/libc/async_safe/Android.bp
index 2e05d7a..e4a5837 100644
--- a/libc/async_safe/Android.bp
+++ b/libc/async_safe/Android.bp
@@ -57,5 +57,4 @@
"//apex_available:platform",
"com.android.runtime",
],
- bazel_module: { bp2build_available: true },
}
diff --git a/libc/bionic/scandir.cpp b/libc/bionic/scandir.cpp
index 6a7e368..f528286 100644
--- a/libc/bionic/scandir.cpp
+++ b/libc/bionic/scandir.cpp
@@ -16,8 +16,9 @@
#include <dirent.h>
-#include <fcntl.h>
+#include <assert.h>
#include <errno.h>
+#include <fcntl.h>
#include <stdlib.h>
#include <string.h>
#include <unistd.h>
@@ -32,10 +33,8 @@
}
~ScandirResult() {
- while (size_ > 0) {
- free(names_[--size_]);
- }
- free(names_);
+ // We always call release(), so this can't happen.
+ if (names_ != nullptr) __assert(__FILE__, __LINE__, "missing call to release()");
}
size_t size() {
diff --git a/libc/include/sys/cdefs.h b/libc/include/sys/cdefs.h
index b1bd713..2556d11 100644
--- a/libc/include/sys/cdefs.h
+++ b/libc/include/sys/cdefs.h
@@ -281,10 +281,12 @@
*/
# define __call_bypassing_fortify(fn) (&fn)
/*
- * Because clang-FORTIFY uses overloads, we can't mark functions as `extern
- * inline` without making them available externally.
+ * Because clang-FORTIFY uses overloads, we can't mark functions as `extern inline` without making
+ * them available externally. FORTIFY'ed functions try to be as close to possible as 'invisible';
+ * having stack protectors detracts from that (b/182948263).
*/
-# define __BIONIC_FORTIFY_INLINE static __inline__ __always_inline __VERSIONER_FORTIFY_INLINE
+# define __BIONIC_FORTIFY_INLINE static __inline__ __attribute__((no_stack_protector)) \
+ __always_inline __VERSIONER_FORTIFY_INLINE
/*
* We should use __BIONIC_FORTIFY_VARIADIC instead of __BIONIC_FORTIFY_INLINE
* for variadic functions because compilers cannot inline them.
diff --git a/libc/kernel/README.md b/libc/kernel/README.md
index 6db08d6..5f1c81d 100644
--- a/libc/kernel/README.md
+++ b/libc/kernel/README.md
@@ -17,11 +17,23 @@
Description of the directories involved in generating the parsed kernel headers:
- * `external/kernel-headers/original/`
- Contains the uapi kernel headers found in the android kernel. Note this
+ * `external/kernel-headers/original/uapi/`
+ Contains the uapi kernel headers found in the Android kernel. Note this
also includes the header files that are generated by building the kernel
sources.
+ * `external/kernel-headers/original/scsi/`
+ Contains copies of the kernel scsi header files. These where never
+ made into uapi files, but some user space code expects that these
+ headers are available.
+
+ * `external/kernel-headers/modified/scsi/`
+ Contains hand-modified versions of a few files from `original/scsi/`
+ that removes the kernel specific code from these files so they can
+ be used as uapi headers. The tools to process the kernel headers will
+ warn if any scsi header files have changed and require new versions
+ to be hand-modified.
+
* `bionic/libc/kernel/uapi/`
Contains the cleaned kernel headers and mirrors the directory structure
in `external/kernel-headers/original/uapi/`.
@@ -33,7 +45,7 @@
The tools to get/parse the headers:
* `tools/generate_uapi_headers.sh`
- Checks out the android kernel and generates all uapi header files.
+ Checks out the Android kernel and generates all uapi header files.
copies all the changed files into external/kernel-headers.
* `tools/clean_header.py`
@@ -60,19 +72,25 @@
kernel_src> git clone https://android.googlesource.com/kernel/common/ -b android-mainline
```
-For now, there are no tags, take the top of tree version. To find the
-version of the linux stable kernel headers the mainline source code is
-tracking, read the uapi/linux/version.h that is generated.
+The Android mainline kernel source has tags that indicate the kernel
+version to which they correspond. The format of a tag is
+android-mainline-XXX, where XXX is the kernel version. For example,
+android-mainline-5.10 corresponds to linux stable kernel 5.10. To check out
+a particular tag:
```
- kernel_src> cd linux-stable
- kernel_src/linux-stable> git checkout tags/vXXX
+ kernel_src> cd common
+ kernel_src/common> git checkout tags/android-mainline-XXX
```
+It is expected that a kernel update should only be performed on a valid tag.
+For testing purposes, it is possible that you can use the top of tree
+version, but never use that as the basis for importing new kernel headers.
+
Before running the command to import the headers, make sure that you have
done a lunch TARGET. The script uses a variable set by the lunch command
to determine which directory to use as the destination directory.
-After running lunch, run this command to import the headers into the android
+After running lunch, run this command to import the headers into the Android
source tree if there is a kernel source tree already checked out:
```
bionic/libc/kernel/tools/generate_uapi_headers.sh --use-kernel-dir kernel_src
diff --git a/libc/system_properties/system_properties.cpp b/libc/system_properties/system_properties.cpp
index 3fd20b7..344c838 100644
--- a/libc/system_properties/system_properties.cpp
+++ b/libc/system_properties/system_properties.cpp
@@ -133,7 +133,7 @@
prop_area* pa = contexts_->GetPropAreaForName(name);
if (!pa) {
- async_safe_format_log(ANDROID_LOG_ERROR, "libc", "Access denied finding property \"%s\"", name);
+ async_safe_format_log(ANDROID_LOG_WARN, "libc", "Access denied finding property \"%s\"", name);
return nullptr;
}
diff --git a/libc/tools/Android.bp b/libc/tools/Android.bp
index 575a31a..116b853 100644
--- a/libc/tools/Android.bp
+++ b/libc/tools/Android.bp
@@ -11,7 +11,6 @@
filegroup {
name: "bionic-gensyscalls",
srcs: ["gensyscalls.py"],
- bazel_module: { bp2build_available: true },
}
// Generate the C++ policy sources for app and system seccomp-bpf filters.
diff --git a/linker/Android.bp b/linker/Android.bp
index dd376da..3370f28 100644
--- a/linker/Android.bp
+++ b/linker/Android.bp
@@ -68,6 +68,9 @@
// We need to access Bionic private headers in the linker.
include_dirs: ["bionic/libc"],
+
+ // b/182338959
+ bazel_module: { bp2build_available: false },
}
// ========================================================
diff --git a/tests/setjmp_test.cpp b/tests/setjmp_test.cpp
index e6b6819..4b1482a 100644
--- a/tests/setjmp_test.cpp
+++ b/tests/setjmp_test.cpp
@@ -18,6 +18,8 @@
#include <setjmp.h>
#include <stdlib.h>
+#include <sys/syscall.h>
+#include <unistd.h>
#include "BionicDeathTest.h"
#include "SignalUtils.h"
@@ -268,3 +270,57 @@
if (value == 0) call_longjmp(buf);
EXPECT_EQ(123, value);
}
+
+TEST(setjmp, bug_152210274) {
+ // Ensure that we never have a mangled value in the stack pointer.
+#if defined(__BIONIC__)
+ struct sigaction sa = {.sa_flags = SA_SIGINFO, .sa_sigaction = [](int, siginfo_t*, void*) {}};
+ ASSERT_EQ(0, sigaction(SIGPROF, &sa, 0));
+
+ constexpr size_t kNumThreads = 20;
+
+ // Start a bunch of threads calling setjmp/longjmp.
+ auto jumper = [](void* arg) -> void* {
+ sigset_t set;
+ sigemptyset(&set);
+ sigaddset(&set, SIGPROF);
+ pthread_sigmask(SIG_UNBLOCK, &set, nullptr);
+
+ jmp_buf buf;
+ for (size_t count = 0; count < 100000; ++count) {
+ if (setjmp(buf) != 0) {
+ perror("setjmp");
+ abort();
+ }
+ if (*static_cast<pid_t*>(arg) == 100) longjmp(buf, 1);
+ }
+ return nullptr;
+ };
+ pid_t tids[kNumThreads] = {};
+ for (size_t i = 0; i < kNumThreads; ++i) {
+ pthread_t t;
+ ASSERT_EQ(0, pthread_create(&t, nullptr, jumper, &tids[i]));
+ tids[i] = pthread_gettid_np(t);
+ }
+
+ // Start the interrupter thread.
+ auto interrupter = [](void* arg) -> void* {
+ pid_t* tids = static_cast<pid_t*>(arg);
+ for (size_t count = 0; count < 1000; ++count) {
+ for (size_t i = 0; i < kNumThreads; i++) {
+ if (tgkill(getpid(), tids[i], SIGPROF) == -1 && errno != ESRCH) {
+ perror("tgkill failed");
+ abort();
+ }
+ }
+ usleep(100);
+ }
+ return nullptr;
+ };
+ pthread_t t;
+ ASSERT_EQ(0, pthread_create(&t, nullptr, interrupter, tids));
+ pthread_join(t, nullptr);
+#else
+ GTEST_LOG_(INFO) << "tests uses functions not in glibc";
+#endif
+}
diff --git a/tools/Android.bp b/tools/Android.bp
index 5a54fe4..dcd2a7d 100644
--- a/tools/Android.bp
+++ b/tools/Android.bp
@@ -18,5 +18,4 @@
filegroup {
name: "bionic-generate-version-script",
srcs: ["generate-version-script.py"],
- bazel_module: { bp2build_available: true },
}