aidl: sanitize for integer overflows Hidden overflows are extra painful in AIDL interfaces because they may be stabilized. In order to make sure values in interfaces are exactly as expected, we are turning on hard failures here. This should make the fuzzer more effective (discovering these edge cases). In the mean time, this will prevent intefaces which have undefined overflows in constant expressions from getting created. Future considerations: - remove duplication of tests between constant expressions as constant variables and in lists, where they are easier to test. - better compiler errors for overflows (once the fuzzer catches them) Bug: 148149098 Test: TEST_MAPPING Change-Id: I4f936b96dc6eb7714ae622a444ebcc64da17a934

commit: 7ceb125e7cb3a70a20dcdbdfae763a5a768b352b [log] [tgz]
author: Steven Moreland <smoreland@google.com> Thu Jan 23 16:33:49 2020 -0800
committer: Steven Moreland <smoreland@google.com> Fri Jul 10 22:26:29 2020 +0000
tree: 613f50b41296767307acbef0be9023ca6e8e85fb
parent: 5376b50a13e8f5ffdb03494ca5ee7e3d33e824e0 [diff]
diff --git a/Android.bp b/Android.bp
index e90d8bd..a0db307 100644
--- a/Android.bp
+++ b/Android.bp

@@ -26,6 +26,10 @@
         "libbase",
         "libcutils",
     ],
+    sanitize: {
+        integer_overflow: true,
+        misc_undefined: ["integer"],
+    },
     target: {
         windows: {
             enabled: true,

diff --git a/aidl_const_expressions.cpp b/aidl_const_expressions.cpp
index 4017719..ce49923 100644
--- a/aidl_const_expressions.cpp
+++ b/aidl_const_expressions.cpp

@@ -752,8 +752,6 @@
     return true;
   }
 
-  // TODO(b/139877950) Add support for handling overflows
-
   // CASE: + - *  / % | ^ & < > <= >= == !=
   if (isArithmeticOrBitflip || OP_IS_BIN_COMP) {
     if ((op_ == "/" || op_ == "%") && right_val_->final_value_ == 0) {

diff --git a/tests/android/aidl/tests/ConstantExpressionEnum.aidl b/tests/android/aidl/tests/ConstantExpressionEnum.aidl
index 2fe4f61..09d108f 100644
--- a/tests/android/aidl/tests/ConstantExpressionEnum.aidl
+++ b/tests/android/aidl/tests/ConstantExpressionEnum.aidl

@@ -21,18 +21,18 @@
   // Should be all true / ones.
   // dec literals are either int or long
   decInt32_1 = (~(-1)) == 0,
-  decInt32_2 = -(1 << 31) == (1 << 31),
+  decInt32_2 = ~~(1 << 31) == (1 << 31),
   decInt64_1 = (~(-1L)) == 0,
   decInt64_2 = (~4294967295L) != 0,
   decInt64_3 = (~4294967295) != 0,
-  decInt64_4 = -(1L << 63) == (1L << 63),
+  decInt64_4 = ~~(1L << 63) == (1L << 63),
 
   // hex literals could be int or long
   // 0x7fffffff is int, hence can be negated
   hexInt32_1 = -0x7fffffff < 0,
 
   // 0x80000000 is int32_t max + 1
-  hexInt32_2 = -0x80000000 < 0,
+  hexInt32_2 = 0x80000000 < 0,
 
   // 0xFFFFFFFF is int32_t, not long; if it were long then ~(long)0xFFFFFFFF != 0
   hexInt32_3 = ~0xFFFFFFFF == 0,

diff --git a/tests/android/aidl/tests/ITestService.aidl b/tests/android/aidl/tests/ITestService.aidl
index 9b7f08c..d8c2fb3 100644
--- a/tests/android/aidl/tests/ITestService.aidl
+++ b/tests/android/aidl/tests/ITestService.aidl

@@ -146,10 +146,10 @@
 
   // All these constant expressions should be equal to 1
   const int A1 = (~(-1)) == 0;
-  const int A2 = -(1 << 31) == (1 << 31);
+  const int A2 = ~~(1 << 31) == (1 << 31);
   const int A3 = -0x7fffffff < 0;
-  const int A4 = -0x80000000 < 0;
-  const int A5 = (1 + 0x7fffffff) == -2147483648;
+  const int A4 = 0x80000000 < 0;
+  const int A5 = 0x7fffffff == 2147483647;
   const int A6 = (1 << 31) == 0x80000000;
   const int A7 = (1 + 2) == 3;
   const int A8 = (8 - 9) == -1;

diff --git a/tests/android/aidl/tests/StructuredParcelable.aidl b/tests/android/aidl/tests/StructuredParcelable.aidl
index 0cbd992..a53d667 100644
--- a/tests/android/aidl/tests/StructuredParcelable.aidl
+++ b/tests/android/aidl/tests/StructuredParcelable.aidl

@@ -66,12 +66,11 @@
     // Constant expressions that evaluate to 1
     int[] int32_1 = {
       (~(-1)) == 0,
-      -(1 << 31) == (1 << 31),
+      ~~(1 << 31) == (1 << 31),
       -0x7fffffff < 0,
-      -0x80000000 < 0,
+      0x80000000 < 0,
 
-      // both treated int32_t, sum = (int32_t)0x80000000 = -2147483648
-      (1 + 0x7fffffff) == -2147483648,
+      0x7fffffff == 2147483647,
 
       // Shifting for more than 31 bits are undefined. Not tested.
       (1 << 31) == 0x80000000,
@@ -136,23 +135,14 @@
       (~(-1)) == 0,
       (~4294967295) != 0,
       (~4294967295) != 0,
-      -(1 << 63) == (1 << 63),
+      ~~(1L << 63) == (1L << 63),
       -0x7FFFFFFFFFFFFFFF < 0,
 
-      // both treated int32_t, sum = (int64_t)(int32_t)0x80000000 = (int64_t)(-2147483648)
-      (1 + 0x7fffffff) == -2147483648,
-
-      // 0x80000000 is uint32_t, sum = (int64_t)(uint32_t)0x7fffffff = (int64_t)(2147483647)
-      (0x80000000 - 1) == 2147483647,
-      (0x80000000 + 1) == -2147483647,
-      (1L << 63)+1 == -9223372036854775807,
+      0x7fffffff == 2147483647,
       0xfffffffff == 68719476735,
-
       0xffffffffffffffff == -1,
       (0xfL << 32L) == 0xf00000000,
       (0xfL << 32) == 0xf00000000,
-      (0xf << 32L) == 0xf,
-      (0xf << 32) == 0xf
     };
     int hexInt32_pos_1 = -0xffffffff;
     int hexInt64_pos_1 = -0xfffffffffff < 0;
commit	7ceb125e7cb3a70a20dcdbdfae763a5a768b352b	[log] [tgz]
author	Steven Moreland <smoreland@google.com>	Thu Jan 23 16:33:49 2020 -0800
committer	Steven Moreland <smoreland@google.com>	Fri Jul 10 22:26:29 2020 +0000
tree	613f50b41296767307acbef0be9023ca6e8e85fb
parent	5376b50a13e8f5ffdb03494ca5ee7e3d33e824e0 [diff]