You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@nuttx.apache.org by xi...@apache.org on 2023/01/16 12:32:25 UTC
[nuttx] 01/04: mm/mm_heap: remove kasan in MM_ADD_BACKTRACE
This is an automated email from the ASF dual-hosted git repository.
xiaoxiang pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/nuttx.git
commit 7cd325f3be58966823dbe545eaf239ea1646db25
Author: dongjiuzhu1 <do...@xiaomi.com>
AuthorDate: Fri Oct 28 22:51:30 2022 +0800
mm/mm_heap: remove kasan in MM_ADD_BACKTRACE
do simple copy to instead of memset and memcpy operation because
they have been instrumented, if you access the posion area,
the system will crash.
Signed-off-by: dongjiuzhu1 <do...@xiaomi.com>
---
arch/sim/src/sim/sim_backtrace.c | 7 ++++++-
mm/mm_heap/mm.h | 6 ++----
2 files changed, 8 insertions(+), 5 deletions(-)
diff --git a/arch/sim/src/sim/sim_backtrace.c b/arch/sim/src/sim/sim_backtrace.c
index e084041db0..3ebeedac8a 100644
--- a/arch/sim/src/sim/sim_backtrace.c
+++ b/arch/sim/src/sim/sim_backtrace.c
@@ -33,10 +33,12 @@
* Public Functions
****************************************************************************/
+nosanitize_address
int up_backtrace(struct tcb_s *tcb, void **buffer, int size, int skip)
{
void *buf[skip + size];
int ret = 0;
+ int i;
if (tcb == running_task())
{
@@ -49,7 +51,10 @@ int up_backtrace(struct tcb_s *tcb, void **buffer, int size, int skip)
}
ret -= skip;
- memcpy(buffer, &buf[skip], ret * sizeof(void *));
+ for (i = 0; i < ret; i++)
+ {
+ buffer[i] = buf[skip + i];
+ }
return ret;
}
diff --git a/mm/mm_heap/mm.h b/mm/mm_heap/mm.h
index 4a980eccd8..23f5795bc3 100644
--- a/mm/mm_heap/mm.h
+++ b/mm/mm_heap/mm.h
@@ -82,23 +82,21 @@
do \
{ \
FAR struct mm_allocnode_s *tmp = (FAR struct mm_allocnode_s *)(ptr); \
- kasan_unpoison(tmp, SIZEOF_MM_ALLOCNODE); \
FAR struct tcb_s *tcb; \
tmp->pid = gettid(); \
tcb = nxsched_get_tcb(tmp->pid); \
if ((heap)->mm_procfs.backtrace || (tcb && tcb->flags & TCB_FLAG_HEAP_DUMP)) \
{ \
int n = backtrace(tmp->backtrace, CONFIG_MM_BACKTRACE); \
- if (n < CONFIG_MM_BACKTRACE) \
+ while (n < CONFIG_MM_BACKTRACE) \
{ \
- tmp->backtrace[n] = 0; \
+ tmp->backtrace[n++] = NULL; \
} \
} \
else \
{ \
tmp->backtrace[0] = 0; \
} \
- kasan_poison(tmp, SIZEOF_MM_ALLOCNODE); \
} \
while (0)
#else