Snap for 12385180 from 83a08b0c4ce6b1111a2985c41b16789832bed245 to 24Q4-release
Change-Id: Ie4e511a492ffc4694fb40112fde0a08518c4299d
diff --git a/TEST_MAPPING b/TEST_MAPPING
index 60a4f61..e98c2ff 100644
--- a/TEST_MAPPING
+++ b/TEST_MAPPING
@@ -88,6 +88,12 @@
},
{
"name": "toybox-tests"
+ },
+ {
+ "name": "hwasan_test"
+ },
+ {
+ "name": "hwasan_test_static"
}
],
"kernel-presubmit": [
diff --git a/libc/bionic/jemalloc_wrapper.cpp b/libc/bionic/jemalloc_wrapper.cpp
index 1bbdb29..63c9fab 100644
--- a/libc/bionic/jemalloc_wrapper.cpp
+++ b/libc/bionic/jemalloc_wrapper.cpp
@@ -15,6 +15,7 @@
*/
#include <errno.h>
+#include <inttypes.h>
#include <malloc.h>
#include <sys/param.h>
#include <unistd.h>
@@ -30,6 +31,7 @@
size_t je_mallinfo_nbins();
struct mallinfo je_mallinfo_arena_info(size_t);
struct mallinfo je_mallinfo_bin_info(size_t, size_t);
+void je_stats_arena(size_t arena_index, void (*callback)(size_t, size_t, size_t));
__END_DECLS
@@ -136,29 +138,24 @@
}
return 1;
} else if (param == M_LOG_STATS) {
+ size_t total_bytes = 0;
for (size_t i = 0; i < je_mallinfo_narenas(); i++) {
struct mallinfo mi = je_mallinfo_arena_info(i);
- if (mi.hblkhd != 0) {
- async_safe_format_log(ANDROID_LOG_INFO, "jemalloc",
- "Arena %zu: large bytes %zu huge bytes %zu bin bytes %zu", i,
- mi.ordblks, mi.uordblks, mi.fsmblks);
+ size_t arena_bytes = mi.fsmblks + mi.ordblks + mi.uordblks;
+ async_safe_format_log(ANDROID_LOG_INFO, "jemalloc",
+ "Arena %zu: bin bytes=%zu large bytes=%zu total bytes=%zu", i,
+ mi.fsmblks, mi.ordblks, arena_bytes);
- for (size_t j = 0; j < je_mallinfo_nbins(); j++) {
- struct mallinfo mi = je_mallinfo_bin_info(i, j);
- if (mi.ordblks != 0) {
- size_t total_allocs = 1;
- if (mi.uordblks > mi.fordblks) {
- total_allocs = mi.uordblks - mi.fordblks;
- }
- size_t bin_size = mi.ordblks / total_allocs;
- async_safe_format_log(
- ANDROID_LOG_INFO, "jemalloc",
- " Bin %zu (%zu bytes): allocated bytes %zu nmalloc %zu ndalloc %zu", j, bin_size,
- mi.ordblks, mi.uordblks, mi.fordblks);
- }
+ je_stats_arena(i, [](size_t index, size_t size, size_t allocs) {
+ if (allocs != 0) {
+ async_safe_format_log(ANDROID_LOG_INFO, "jemalloc",
+ " Size Class %zu(%zu bytes): allocs=%zu total bytes=%zu", index,
+ size, allocs, allocs * size);
}
- }
+ });
+ total_bytes += arena_bytes;
}
+ async_safe_format_log(ANDROID_LOG_INFO, "jemalloc", "Total Bytes=%zu", total_bytes);
return 1;
}
diff --git a/libc/bionic/libc_init_static.cpp b/libc/bionic/libc_init_static.cpp
index 2227856..7c46113 100644
--- a/libc/bionic/libc_init_static.cpp
+++ b/libc/bionic/libc_init_static.cpp
@@ -421,12 +421,11 @@
}
__attribute__((no_sanitize("memtag"))) __noreturn static void __real_libc_init(
- void* raw_args, void (*onexit)(void) __unused, int (*slingshot)(int, char**, char**),
- structors_array_t const* const structors, bionic_tcb* temp_tcb) {
+ KernelArgumentBlock& args, void* raw_args, void (*onexit)(void) __unused,
+ int (*slingshot)(int, char**, char**), structors_array_t const* const structors,
+ bionic_tcb* temp_tcb) {
BIONIC_STOP_UNWIND;
- // Initialize TLS early so system calls and errno work.
- KernelArgumentBlock args(raw_args);
__libc_init_main_thread_early(args, temp_tcb);
__libc_init_main_thread_late();
__libc_init_globals();
@@ -479,17 +478,19 @@
bionic_tcb temp_tcb __attribute__((uninitialized));
__builtin_memset_inline(&temp_tcb, 0, sizeof(temp_tcb));
+ KernelArgumentBlock args(raw_args);
#if __has_feature(hwaddress_sanitizer)
// Install main thread TLS early. It will be initialized later in __libc_init_main_thread. For now
- // all we need is access to TLS_SLOT_SANITIZER.
+ // all we need is access to TLS_SLOT_SANITIZER and read auxval for the page size.
__set_tls(&temp_tcb.tls_slot(0));
+ __libc_shared_globals()->auxv = args.auxv;
// Initialize HWASan enough to run instrumented code. This sets up TLS_SLOT_SANITIZER, among other
// things.
__hwasan_init_static();
// We are ready to run HWASan-instrumented code, proceed with libc initialization...
#endif
- __real_libc_init(raw_args, onexit, slingshot, structors, &temp_tcb);
+ __real_libc_init(args, raw_args, onexit, slingshot, structors, &temp_tcb);
}
static int g_target_sdk_version{__ANDROID_API__};
diff --git a/libc/private/KernelArgumentBlock.h b/libc/private/KernelArgumentBlock.h
index ee28d69..e1f655a 100644
--- a/libc/private/KernelArgumentBlock.h
+++ b/libc/private/KernelArgumentBlock.h
@@ -29,7 +29,7 @@
// constituents for easy access.
class KernelArgumentBlock {
public:
- explicit KernelArgumentBlock(void* raw_args) {
+ __attribute__((no_sanitize("hwaddress"))) explicit KernelArgumentBlock(void* raw_args) {
uintptr_t* args = reinterpret_cast<uintptr_t*>(raw_args);
argc = static_cast<int>(*args);
argv = reinterpret_cast<char**>(args + 1);
@@ -48,7 +48,7 @@
// Similar to ::getauxval but doesn't require the libc global variables to be set up,
// so it's safe to call this really early on.
- unsigned long getauxval(unsigned long type) {
+ __attribute__((no_sanitize("hwaddress"))) unsigned long getauxval(unsigned long type) {
for (ElfW(auxv_t)* v = auxv; v->a_type != AT_NULL; ++v) {
if (v->a_type == type) {
return v->a_un.a_val;
diff --git a/tests/Android.bp b/tests/Android.bp
index deb2843..d1ca78f 100644
--- a/tests/Android.bp
+++ b/tests/Android.bp
@@ -1083,8 +1083,8 @@
],
}
-cc_test {
- name: "hwasan_test",
+cc_defaults {
+ name: "hwasan_test_defaults",
enabled: false,
// This does not use bionic_tests_defaults because it is not supported on
// host.
@@ -1099,9 +1099,6 @@
srcs: [
"hwasan_test.cpp",
],
- shared_libs: [
- "libbase",
- ],
data_libs: [
"libtest_simple_hwasan",
"libtest_simple_hwasan_nohwasan",
@@ -1111,6 +1108,24 @@
}
cc_test {
+ name: "hwasan_test",
+ defaults: ["hwasan_test_defaults"],
+ shared_libs: [
+ "libbase",
+ ],
+}
+
+cc_test {
+ name: "hwasan_test_static",
+ defaults: ["hwasan_test_defaults"],
+ static_libs: [
+ "libbase",
+ ],
+ static_executable: true,
+ cflags: ["-DHWASAN_TEST_STATIC"],
+}
+
+cc_test {
name: "memtag_stack_dlopen_test",
enabled: false,
// This does not use bionic_tests_defaults because it is not supported on
diff --git a/tests/hwasan_test.cpp b/tests/hwasan_test.cpp
index e32534e..ddf84cb 100644
--- a/tests/hwasan_test.cpp
+++ b/tests/hwasan_test.cpp
@@ -36,7 +36,18 @@
using HwasanDeathTest = SilentDeathTest;
-TEST_F(HwasanDeathTest, UseAfterFree) {
+
+#ifdef HWASAN_TEST_STATIC
+#define MAYBE_DlopenAbsolutePath DISABLED_DlopenAbsolutePath
+// TODO(fmayer): figure out why uaf is misclassified as out of bounds for
+// static executables.
+#define MAYBE_UseAfterFree DISABLED_UseAfterFree
+#else
+#define MAYBE_DlopenAbsolutePath DlopenAbsolutePath
+#define MAYBE_UseAfterFree UseAfterFree
+#endif
+
+TEST_F(HwasanDeathTest, MAYBE_UseAfterFree) {
EXPECT_DEATH(
{
void* m = malloc(1);
@@ -59,7 +70,7 @@
}
// Check whether dlopen of /foo/bar.so checks /foo/hwasan/bar.so first.
-TEST(HwasanTest, DlopenAbsolutePath) {
+TEST(HwasanTest, MAYBE_DlopenAbsolutePath) {
std::string path = android::base::GetExecutableDirectory() + "/libtest_simple_hwasan.so";
ASSERT_EQ(0, access(path.c_str(), F_OK)); // Verify test setup.
std::string hwasan_path =