This is not actually a property that is guaranteed by the bionic
implementation of CFI shadow. Since the gaps between libraries are not
completely inaccessible, it is possible for a stack mapping to sneak in,
which would cause the callback to register in the test library.
This is not a correctness issue in CFI as the actual __cfi_check
callback will reject such address anyway, at a small CPU cost.
Bug:
156218352
Test: CtsBionicTestCases-cfi_test#basic
Change-Id: I8d04fb7132e1eac2a8abfbc48a37c8eac6e25a09
Merged-In: I8d04fb7132e1eac2a8abfbc48a37c8eac6e25a09
(cherry picked from commit
0f6b504e0c682e7c3d377416dacfe57b6c59f1b8)
EXPECT_EQ(get_global_address(), get_last_address());
EXPECT_EQ(c, get_count());
- // CFI check for a stack address. This is always invalid and gets the process killed.
- EXPECT_DEATH(__cfi_slowpath(45, reinterpret_cast<void*>(&c)), "");
-
// CFI check for a heap address.
// It's possible that this allocation could wind up in the same CFI granule as
// an unchecked library, which means the below might not crash. To force a