-
Notifications
You must be signed in to change notification settings - Fork 1.1k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
AddressSanitizer on a android application. #1100
Comments
Hi,
LOCAL_ARM_MODE := aarch64 is unnecessary,
Compiler should be clang, not gcc.
Need "android:debuggable" in the manifest.
Other than that, everything looks great.
There is not studio support or leak detection.
…On Tue, May 28, 2019 at 3:56 AM Nithin Malikarunja ***@***.***> wrote:
Hello All,
*1) Does AddressSanitizer(sanitizer) built into android studio like
iOS/Xcode?*
https://developer.apple.com/documentation/code_diagnostics/address_sanitizer/enabling_the_address_sanitizer
*2)Memory leak : AddressSanitizer detects Memory leaks on android?*
*3)Memory corruption: How to enable AddressSanitizer on an android app
such that it detects C library(.SO shared library )memory corruption?*
*What was tired:*
https://github.com/google/sanitizers/wiki/AddressSanitizerOnAndroid
*1)Add this to my project(64 bit) android.mk <http://android.mk>*
LOCAL_CFLAGS := -fsanitize=address -fno-omit-frame-pointer
LOCAL_LDFLAGS := -fsanitize=address
LOCAL_ARM_MODE := aarch64
LD_PRELOAD := libclang_rt.asan-aarch64-android.so
*2)APP_ABI := arm64-v8a*
*3)wrap.sh created with below content and placed in lib/arm64-v8a/wrap.sh*
#!/system/bin/sh
HERE="$(cd "$(dirname "$0")" && pwd)"
export ASAN_OPTIONS=log_to_syslog=false,allow_user_segv_handler=1
export LD_PRELOAD=$HERE/libclang_rt.asan-aarch64-android.so
exec "$@"
*4) libclang_rt.asan-aarch64-android.so
<http://libclang_rt.asan-aarch64-android.so> is placed in lib/arm64-v8a/
libclang_rt.asan-aarch64-android.so
<http://libclang_rt.asan-aarch64-android.so>.*
*5)Build ndk project using GCC 4.9 and load my 64 bit shared library(.SO).*
*a)above setup is enough to detect below corruptions ??*
Stack and heap buffer overflow/underflow.
Heap use after free.
Stack use outside scope.
Stack use after return (HWAsan only on Android).
Double free/wild free.
*b) if any corruption detected while running the app, does the traces gets
printed to console/logcat?*
Thanks
—
You are receiving this because you are subscribed to this thread.
Reply to this email directly, view it on GitHub
<#1100?email_source=notifications&email_token=AADG4SRMOCI3VEOKJOPQZYLPXUFU5A5CNFSM4HQCGD7KYY3PNVWWK3TUL52HS4DFUVEXG43VMWVGG33NNVSW45C7NFSM4GWGJDOQ>,
or mute the thread
<https://github.com/notifications/unsubscribe-auth/AADG4SQMOGRCVLN6NM3A2MLPXUFU5ANCNFSM4HQCGD7A>
.
|
Hi Kostya, We have two native libraries in our app. We enabled -fsanitize=address on one of the library Code: char ptr = (char) malloc(10); App is crashing. But in adb logs its not printing detailed memory corruptions data. @ How I confirm generated .so -fsanitize=address flag is enabled or not. |
Check if the library depends on libclang_rt.asan-* using readelf -d.
…On Fri, May 31, 2019 at 7:06 AM kusumakara ***@***.***> wrote:
Hi Kostya,
We have two native libraries in our app. We enabled -fsanitize=address on
one of the library
And added some code to currupt memmory explicitly.
*Code:*
char *ptr = (char*) malloc(10);
ptr[10] = 'c';
char buff[10] = {0};
strcpy(buff, "This String Will Overflow the Buffer");
App is crashing. But in adb logs its not printing detailed memory
corruptions data.
@ How I confirm *generated .so* -fsanitize=address flag is enabled or not.
—
You are receiving this because you were assigned.
Reply to this email directly, view it on GitHub
<#1100?email_source=notifications&email_token=AADG4SVJ3DVDUPLWGN5V7I3PYEWHTA5CNFSM4HQCGD7KYY3PNVWWK3TUL52HS4DFVREXG43VMVBW63LNMVXHJKTDN5WW2ZLOORPWSZGODWVKACA#issuecomment-497721352>,
or mute the thread
<https://github.com/notifications/unsubscribe-auth/AADG4SXX752AP5E5M4GB6PDPYEWHTANCNFSM4HQCGD7A>
.
|
@eugenis please confirm if any android ndk with GCC asan supported version exist, which we can try? |
As far as I know, such thing does not exist.
…On Fri, Jun 14, 2019 at 9:12 PM Nithin Malikarunja ***@***.***> wrote:
@eugenis please confirm if the android ndk with GCC asan version exist which we can try?
—
You are receiving this because you were mentioned.
Reply to this email directly, view it on GitHub, or mute the thread.
|
If i build through android studio. Its printing memory address properly. My wrap.sh file location is app\libs\arm64-v8a\wrap.sh (Where my native libs are available) 06-24 17:02:34.535 I/com.kodiak.ui(10355): Addressable: 00 If I build through command line. ./gradlew assemblearmv7debug -q its excluding my wrap.sh file. So that i changed wrap.sh file location. app\src\main\resources\lib\arm64-v8a\wrap.sh Build is success but its printing wrong address like below 06-24 18:10:11.672 I/wrap.sh (12767): Addressable: �[1m�[0m00�[1m�[0m If I build through command-line. Where exactly place my wrap.sh file. My wrap.sh file content. Please confirm me I can build addresssanitizer through command line? |
@DanAlbert AFAIK gradle does not copy wrap.sh automatically, but if placed in the appropriate directory manually, things should work fine. |
That's correct. android/ndk#954 explains the various difficulties with using ASan with wrap.sh right now and how to solve them. |
Thanks, @eugenis After adding below flags to my wrap.sh file. Its working now and printing AddressSanitizer SUMMARY.
|
@eugenis @DanAlbert 2)https://developer.android.com/ndk/guides/ndk-stack When NON-ASAN build crashes. Above tools were tried to get the line number of crash function/Memory corruption function, but unsucessful. Please help in this.
Thanks |
Nice. This looks like a real bug, as far as I can tell without seeing the
source.
Have you tried this:
https://source.android.com/devices/tech/debug/asan#symbolization ?
The first option is the easiest to use if you don't care about symbols in
platform libraries.
Unfortunately, I don't know where to get prebuilt llvm-symbolizer for
aarch64-android...
You can also do it manually on the host by running
addr2line -fi -e path/to/library.so 0xaaa 0xaaa 0xaaa
replacing 0xaaa with offsets from the asan report:
#0 0x76d18550a7
(/data/app/com.company.ui-4SAD7wU_5H1-MMdNytD1oA==/lib/arm64/libcdeAndroidPort.so+0x68d0a7)
^^^ in this case, 0x68d0a7.
…On Wed, Jun 26, 2019 at 8:27 PM Nithin Malikarunja ***@***.***> wrote:
@eugenis <https://github.com/eugenis> @DanAlbert
<https://github.com/DanAlbert>
1)
https://code.google.com/archive/p/android-ndk-stacktrace-analyzer/wikis/Usage.wiki
2)https://developer.android.com/ndk/guides/ndk-stack
Above tools were tried to get the line number of crash function, but
unsucessful.
Please help in this.
Thanks
—
You are receiving this because you were mentioned.
Reply to this email directly, view it on GitHub
<#1100?email_source=notifications&email_token=AADG4SWAJVBVJDCMYO7AECDP4QXTVA5CNFSM4HQCGD7KYY3PNVWWK3TUL52HS4DFVREXG43VMVBW63LNMVXHJKTDN5WW2ZLOORPWSZGODYVRZYY#issuecomment-506141923>,
or mute the thread
<https://github.com/notifications/unsubscribe-auth/AADG4SVLO224ZARIDVJQB2LP4QXTVANCNFSM4HQCGD7A>
.
|
@eugenis thanks addr2line is working with obj level shared libaray(.SO). And we are able to see the line number now. |
Hello All,
1) Does AddressSanitizer(sanitizer) built into android studio like iOS/Xcode?
https://developer.apple.com/documentation/code_diagnostics/address_sanitizer/enabling_the_address_sanitizer
2)Memory leak : AddressSanitizer detects Memory leaks on android?
3)Memory corruption: How to enable AddressSanitizer on an android app such that it detects C library(.SO shared library )memory corruption?
What was tried:
https://github.com/google/sanitizers/wiki/AddressSanitizerOnAndroid
1)Add this to my project(64 bit) android.mk
LOCAL_CFLAGS := -fsanitize=address -fno-omit-frame-pointer
LOCAL_LDFLAGS := -fsanitize=address
LOCAL_ARM_MODE := aarch64
LD_PRELOAD := libclang_rt.asan-aarch64-android.so
2)APP_ABI := arm64-v8a
3)wrap.sh created with below content and placed in lib/arm64-v8a/wrap.sh
4) libclang_rt.asan-aarch64-android.so is placed in lib/arm64-v8a/ libclang_rt.asan-aarch64-android.so.
5)Build ndk project using GCC 4.9 and load my 64 bit shared library(.SO).
a)above setup is enough to detect below corruptions ??
Stack and heap buffer overflow/underflow.
Heap use after free.
Stack use outside scope.
Stack use after return (HWAsan only on Android).
Double free/wild free.
b) if any corruption detected while running the app, does the traces gets printed to console/logcat?
Thanks
The text was updated successfully, but these errors were encountered: