mm/mm_heap: remove kasan in MM_ADD_BACKTRACE

do simple copy to instead of memset and memcpy operation because they have been instrumented, if you access the posion area, the system will crash. Signed-off-by: dongjiuzhu1 <dongjiuzhu1@xiaomi.com>
2022-10-28 22:51:30 +08:00 · 2022-10-28 22:51:30 +08:00 · 7cd325f3be
parent 415a09115d
commit 7cd325f3be
2 changed files with 8 additions and 5 deletions
--- a/arch/sim/src/sim/sim_backtrace.c
+++ b/arch/sim/src/sim/sim_backtrace.c
@ -33,10 +33,12 @@
 * Public Functions
 ****************************************************************************/

+nosanitize_address
 int up_backtrace(struct tcb_s *tcb, void **buffer, int size, int skip)
 {
  void *buf[skip + size];
  int ret = 0;
+  int i;

  if (tcb == running_task())
    {
@ -49,7 +51,10 @@ int up_backtrace(struct tcb_s *tcb, void **buffer, int size, int skip)
    }

  ret -= skip;
-  memcpy(buffer, &buf[skip], ret * sizeof(void *));
+  for (i = 0; i < ret; i++)
+    {
+      buffer[i] = buf[skip + i];
+    }

  return ret;
 }
--- a/mm/mm_heap/mm.h
+++ b/mm/mm_heap/mm.h
@ -82,23 +82,21 @@
     do \
       { \
         FAR struct mm_allocnode_s *tmp = (FAR struct mm_allocnode_s *)(ptr); \
-         kasan_unpoison(tmp, SIZEOF_MM_ALLOCNODE); \
         FAR struct tcb_s *tcb; \
         tmp->pid = gettid(); \
         tcb = nxsched_get_tcb(tmp->pid); \
         if ((heap)->mm_procfs.backtrace || (tcb && tcb->flags & TCB_FLAG_HEAP_DUMP)) \
           { \
             int n = backtrace(tmp->backtrace, CONFIG_MM_BACKTRACE); \
-             if (n < CONFIG_MM_BACKTRACE) \
+             while (n < CONFIG_MM_BACKTRACE) \
               { \
-                 tmp->backtrace[n] = 0; \
+                 tmp->backtrace[n++] = NULL; \
               } \
           } \
         else \
           { \
             tmp->backtrace[0] = 0; \
           } \
-         kasan_poison(tmp, SIZEOF_MM_ALLOCNODE); \
       } \
     while (0)
 #else