Hardened Malloc - Hardened Memory Allocator

madaidan · September 24, 2019, 4:17pm

I just tested it and yes it does.

Although, the majority of profiles allow access to /usr/lib which means we don’t have to do anything,

Patrick · September 25, 2019, 5:52am

Good candidate for upcoming

/etc/apparmor.d/abstractions/base.d

References:

github.com/netblue30/firejail

libpostexecseccomp.so in /run/firejail/lib/libpostexecseccomp.so apparmor issue

opened 06:04AM - 07 Sep 19 UTC

closed 08:30PM - 09 Oct 19 UTC

adrelanos

question

Tor Browser 8.5.5 with firejail and https://github.com/Whonix/apparmor-profile-t…orbrowser > Sep 07 03:25:54 host kernel: audit: type=1400 audit(1567826754.074:42): apparmor="DENIED" operation="open" profile="/**/*-browser/Browser/firefox" name="/run/firejail/lib/libpostexecseccomp.so" pid=7879 comm="firefox.real" requested_mask="r" denied_mask="r" fsuid=1000 ouid=0 Does libpostexecseccomp.so really have to reside in `/run/firejail/lib/libpostexecseccomp.so`? Ideally firejail would not cause apparmor issues. Maybe the (upcoming deepening on your apparmor version) `abstractions/base.d` would help? `abstractions/base.d` as per https://gitlab.com/apparmor/apparmor/issues/50

madaidan · September 25, 2019, 12:51pm

The base abstraction allows access to all of /usr/lib already so I don’t see why it’d be needed for hardened_malloc.

madaidan · November 24, 2019, 10:56pm

I’m testing hardened_malloc globally and there doesn’t actually seem to be much breakage. It might be ok to enable it globally by default on Whonix.

The only thing that seems to be breaking is the Tor Browser for some reason. I’ve narrowed down the issue to .tb/tor-browser/Browser/firefox (not Whonix’s torbrowser script).

This is weird since firefox uses it’s own malloc, mozjemalloc.

Patrick · November 25, 2019, 8:14am

Last time I tested it, it broke X Window System. (No GUI come up.)

Done.
RFP: hardened-malloc – hardened memory allocator

Is it worth it? Due to…

This is too early. We shouldn’t be the “only” ones using hardened malloc. Would be much better if some people using Debian testing and/or Debian sid used hardened malloc. So bugs (applications refusing to start) are spotted by others than Whonix people and reported upstream. Whonix cannot be the only ones using it, bumping into issues, working on integration by being the “only” users. “The world doesn’t know about hardened malloc.”

There are zero discussions on debian.org about hardened malloc. “google” search term:

site:debian.org "hardened malloc"

Mozilla.

site:mozilla.org hardened malloc

glibc

site:https://gnu.org hardened malloc

glibc issue tracker:

https://sourceware.org hardened malloc

Patrick · November 25, 2019, 8:17am

glibc feature request - consider using Hardened Malloc

Patrick · November 25, 2019, 8:39am

debian glibc feature request - consider using hardened malloc (hardened memory allocator)

Patrick · November 25, 2019, 8:55am

Packaging related enhancements:
Comparing 0.6-1...2.0.1-1 · Kicksecure/hardened_malloc · GitHub

no longer depend on genmkfile, can be build using dpkg-buildpackage -b or other standard Debian package build tools
- therefore reset to upstream original Makefile
use version number by upstream 2.0
- the last ocetot 2.0.1, 2.0.2, 2.0.3, 2.0.15 is for packaging changes.
- the first part 2.0 will only change as upstream releases new releases

Patrick · November 25, 2019, 12:28pm

glibc-alpha mailing list - consider using Hardened Malloc

HulaHoop · November 25, 2019, 3:15pm

Some decent conversation starting up I think it would be beneficial to “advertise” the security enhancements hardened_malloc offers. Also raise the issue of cross hardware platform support with Dan Micay because that is one big blocker glibc people have.

HulaHoop · November 25, 2019, 3:49pm

Relayed back feedback from glibc to Dan.

Patrick · November 25, 2019, 3:50pm

I’ve notified upstream about all postings just after these were created and before these got any replies.
Debian packaging · Issue #89 · GrapheneOS/hardened_malloc · GitHub
Not sure that is sufficient.

HulaHoop · November 25, 2019, 3:52pm

I asked him about the scudo allocator at risk of igniting a cyber firestorm, but I find his opinions valuable even if a bit crude in presentation sometimes.

madaidan · November 25, 2019, 4:20pm

Seems to work fine now.

That was only about mozjemalloc, not glibc and even then, it was going off what the guy on the mailing lists said which was then replied to by Daniel.

hardened_malloc has far superior security than other allocators.

He’s talked about scudo before.

https://twitter.com/search?l=&q=scudo%20from%3ADanielMicay&src=typd

Patrick · November 25, 2019, 6:28pm

madaidan · March 3, 2020, 9:14pm

Not the original intent of this issue but I realised it would help.

github.com/clipos/bugs

Use hardened_malloc as the default memory allocator

opened 10:28PM - 02 Mar 20 UTC

madaidan

new feature tag: help wanted target: core

Daniel Micay has created a hardened memory allocator, [hardened_malloc](https://…github.com/GrapheneOS/hardened_malloc), which provides substantial protection from memory corruption vulnerabilities. It would be best if this was used globally by default (either by integrating it into libc or via /etc/ld.so.preload), but it can be used on a case-by-case basis via LD_PRELOAD.

HardenedBSD also intends to use hardened_malloc.

https://github.com/HardenedBSD/hardenedBSD/issues/373

madaidan · March 9, 2020, 5:51pm

Got a reply on the CLIP OS issue:

We looked at hardened_malloc a while ago and are likely to integrate it to CLIP OS (at least to the Core ). As we still have quite important things to accomplish beforehand, we won’t tackle this straightaway but contributions are of course welcome.

Thanks for opening this issue, I’ll leave it open to track related progress.

madaidan · March 24, 2020, 8:43pm

We can disable hardened_malloc per program by using bubblewrap (or any other namespacing program):

bwrap --dev-bind / / --tmpfs /usr/lib/libhardened_malloc.so program_name

This makes the /usr/lib/libhardened_malloc.so directory an empty tmpfs without the hardened_malloc library so it isn’t preloaded:

ERROR: ld.so: object '/usr/lib/libhardened_malloc.so/libhardened_malloc.so' from /etc/ld.so.preload cannot be preloaded (cannot open shared object file): ignored.

This can be verified with cat /proc/self/maps. You’ll see /usr/lib/libhardened_malloc.so/libhardened_malloc.so in the output without bubblewrap and it’ll be missing with bubblewrap.

So if we have any issues with programs, we can just use bubblewrap.

Patrick · September 18, 2020, 10:06am

Patrick · September 18, 2020, 10:47am

github.com/GrapheneOS/hardened_malloc

tests failing in cowbuilder chroot

opened 10:46AM - 18 Sep 20 UTC

closed 03:31PM - 18 Sep 20 UTC

adrelanos

bug upstream

``` sudo cowbuilder --login --basepath /var/cache/pbuilder/base.cow_amd64 ``` … ``` root@work:/hardened_malloc# make cc -std=c11 -O3 -flto -fPIC -fvisibility=hidden -fno-plt -fstack-clash-protection -fstack-protector-strong -pipe -Wall -Wextra -Wcast-align=strict -Wcast-qual -Wwrite-strings -Werror -march=native -Wmissing-prototypes -D_GNU_SOURCE -I include -DCONFIG_SEAL_METADATA=false -DZERO_ON_FREE=true -DWRITE_AFTER_FREE_CHECK=true -DSLOT_RANDOMIZE=true -DSLAB_CANARY=true -DSLAB_QUARANTINE_RANDOM_LENGTH=1 -DSLAB_QUARANTINE_QUEUE_LENGTH=1 -DCONFIG_EXTENDED_SIZE_CLASSES=true -DCONFIG_LARGE_SIZE_CLASSES=true -DGUARD_SLABS_INTERVAL=1 -DGUARD_SIZE_DIVISOR=2 -DREGION_QUARANTINE_RANDOM_LENGTH=128 -DREGION_QUARANTINE_QUEUE_LENGTH=1024 -DREGION_QUARANTINE_SKIP_THRESHOLD=33554432 -DFREE_SLABS_QUARANTINE_RANDOM_LENGTH=32 -DCONFIG_CLASS_REGION_SIZE=34359738368 -DN_ARENA=4 -DCONFIG_STATS=false -c -o chacha.o chacha.c cc -std=c11 -O3 -flto -fPIC -fvisibility=hidden -fno-plt -fstack-clash-protection -fstack-protector-strong -pipe -Wall -Wextra -Wcast-align=strict -Wcast-qual -Wwrite-strings -Werror -march=native -Wmissing-prototypes -D_GNU_SOURCE -I include -DCONFIG_SEAL_METADATA=false -DZERO_ON_FREE=true -DWRITE_AFTER_FREE_CHECK=true -DSLOT_RANDOMIZE=true -DSLAB_CANARY=true -DSLAB_QUARANTINE_RANDOM_LENGTH=1 -DSLAB_QUARANTINE_QUEUE_LENGTH=1 -DCONFIG_EXTENDED_SIZE_CLASSES=true -DCONFIG_LARGE_SIZE_CLASSES=true -DGUARD_SLABS_INTERVAL=1 -DGUARD_SIZE_DIVISOR=2 -DREGION_QUARANTINE_RANDOM_LENGTH=128 -DREGION_QUARANTINE_QUEUE_LENGTH=1024 -DREGION_QUARANTINE_SKIP_THRESHOLD=33554432 -DFREE_SLABS_QUARANTINE_RANDOM_LENGTH=32 -DCONFIG_CLASS_REGION_SIZE=34359738368 -DN_ARENA=4 -DCONFIG_STATS=false -c -o h_malloc.o h_malloc.c cc -std=c11 -O3 -flto -fPIC -fvisibility=hidden -fno-plt -fstack-clash-protection -fstack-protector-strong -pipe -Wall -Wextra -Wcast-align=strict -Wcast-qual -Wwrite-strings -Werror -march=native -Wmissing-prototypes -D_GNU_SOURCE -I include -DCONFIG_SEAL_METADATA=false -DZERO_ON_FREE=true -DWRITE_AFTER_FREE_CHECK=true -DSLOT_RANDOMIZE=true -DSLAB_CANARY=true -DSLAB_QUARANTINE_RANDOM_LENGTH=1 -DSLAB_QUARANTINE_QUEUE_LENGTH=1 -DCONFIG_EXTENDED_SIZE_CLASSES=true -DCONFIG_LARGE_SIZE_CLASSES=true -DGUARD_SLABS_INTERVAL=1 -DGUARD_SIZE_DIVISOR=2 -DREGION_QUARANTINE_RANDOM_LENGTH=128 -DREGION_QUARANTINE_QUEUE_LENGTH=1024 -DREGION_QUARANTINE_SKIP_THRESHOLD=33554432 -DFREE_SLABS_QUARANTINE_RANDOM_LENGTH=32 -DCONFIG_CLASS_REGION_SIZE=34359738368 -DN_ARENA=4 -DCONFIG_STATS=false -c -o pages.o pages.c cc -std=c11 -O3 -flto -fPIC -fvisibility=hidden -fno-plt -fstack-clash-protection -fstack-protector-strong -pipe -Wall -Wextra -Wcast-align=strict -Wcast-qual -Wwrite-strings -Werror -march=native -Wmissing-prototypes -D_GNU_SOURCE -I include -DCONFIG_SEAL_METADATA=false -DZERO_ON_FREE=true -DWRITE_AFTER_FREE_CHECK=true -DSLOT_RANDOMIZE=true -DSLAB_CANARY=true -DSLAB_QUARANTINE_RANDOM_LENGTH=1 -DSLAB_QUARANTINE_QUEUE_LENGTH=1 -DCONFIG_EXTENDED_SIZE_CLASSES=true -DCONFIG_LARGE_SIZE_CLASSES=true -DGUARD_SLABS_INTERVAL=1 -DGUARD_SIZE_DIVISOR=2 -DREGION_QUARANTINE_RANDOM_LENGTH=128 -DREGION_QUARANTINE_QUEUE_LENGTH=1024 -DREGION_QUARANTINE_SKIP_THRESHOLD=33554432 -DFREE_SLABS_QUARANTINE_RANDOM_LENGTH=32 -DCONFIG_CLASS_REGION_SIZE=34359738368 -DN_ARENA=4 -DCONFIG_STATS=false -c -o random.o random.c cc -std=c11 -O3 -flto -fPIC -fvisibility=hidden -fno-plt -fstack-clash-protection -fstack-protector-strong -pipe -Wall -Wextra -Wcast-align=strict -Wcast-qual -Wwrite-strings -Werror -march=native -Wmissing-prototypes -D_GNU_SOURCE -I include -DCONFIG_SEAL_METADATA=false -DZERO_ON_FREE=true -DWRITE_AFTER_FREE_CHECK=true -DSLOT_RANDOMIZE=true -DSLAB_CANARY=true -DSLAB_QUARANTINE_RANDOM_LENGTH=1 -DSLAB_QUARANTINE_QUEUE_LENGTH=1 -DCONFIG_EXTENDED_SIZE_CLASSES=true -DCONFIG_LARGE_SIZE_CLASSES=true -DGUARD_SLABS_INTERVAL=1 -DGUARD_SIZE_DIVISOR=2 -DREGION_QUARANTINE_RANDOM_LENGTH=128 -DREGION_QUARANTINE_QUEUE_LENGTH=1024 -DREGION_QUARANTINE_SKIP_THRESHOLD=33554432 -DFREE_SLABS_QUARANTINE_RANDOM_LENGTH=32 -DCONFIG_CLASS_REGION_SIZE=34359738368 -DN_ARENA=4 -DCONFIG_STATS=false -c -o util.o util.c cc -std=c++17 -O3 -flto -fPIC -fvisibility=hidden -fno-plt -fstack-clash-protection -fstack-protector-strong -pipe -Wall -Wextra -Wcast-align=strict -Wcast-qual -Wwrite-strings -Werror -march=native -D_GNU_SOURCE -I include -DCONFIG_SEAL_METADATA=false -DZERO_ON_FREE=true -DWRITE_AFTER_FREE_CHECK=true -DSLOT_RANDOMIZE=true -DSLAB_CANARY=true -DSLAB_QUARANTINE_RANDOM_LENGTH=1 -DSLAB_QUARANTINE_QUEUE_LENGTH=1 -DCONFIG_EXTENDED_SIZE_CLASSES=true -DCONFIG_LARGE_SIZE_CLASSES=true -DGUARD_SLABS_INTERVAL=1 -DGUARD_SIZE_DIVISOR=2 -DREGION_QUARANTINE_RANDOM_LENGTH=128 -DREGION_QUARANTINE_QUEUE_LENGTH=1024 -DREGION_QUARANTINE_SKIP_THRESHOLD=33554432 -DFREE_SLABS_QUARANTINE_RANDOM_LENGTH=32 -DCONFIG_CLASS_REGION_SIZE=34359738368 -DN_ARENA=4 -DCONFIG_STATS=false -c -o new.o new.cc cc -std=c11 -O3 -flto -fPIC -fvisibility=hidden -fno-plt -fstack-clash-protection -fstack-protector-strong -pipe -Wall -Wextra -Wcast-align=strict -Wcast-qual -Wwrite-strings -Werror -march=native -Wmissing-prototypes -Wl,--as-needed,-z,defs,-z,relro,-z,now,-z,nodlopen,-z,text -shared chacha.o h_malloc.o memory.o pages.o random.o util.o new.o -lstdc++ -lgcc_s -o libhardened_malloc.so root@work:/hardened_malloc# make test make -C test/ make[1]: Entering directory '/hardened_malloc/test' make -C simple-memory-corruption make[2]: Entering directory '/hardened_malloc/test/simple-memory-corruption' make[2]: Nothing to be done for 'all'. make[2]: Leaving directory '/hardened_malloc/test/simple-memory-corruption' make[1]: Leaving directory '/hardened_malloc/test' python -m unittest discover --start-directory test/ FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF ====================================================================== FAIL: test_delete_type_size_mismatch (simple-memory-corruption.test_smc.TestSimpleMemoryCorruption) ---------------------------------------------------------------------- Traceback (most recent call last): File "/hardened_malloc/test/simple-memory-corruption/test_smc.py", line 21, in test_delete_type_size_mismatch self.assertEqual(returncode, -6) AssertionError: 127 != -6 ====================================================================== FAIL: test_double_free_large (simple-memory-corruption.test_smc.TestSimpleMemoryCorruption) ---------------------------------------------------------------------- Traceback (most recent call last): File "/hardened_malloc/test/simple-memory-corruption/test_smc.py", line 34, in test_double_free_large self.assertEqual(returncode, -6) AssertionError: 127 != -6 ====================================================================== FAIL: test_double_free_large_delayed (simple-memory-corruption.test_smc.TestSimpleMemoryCorruption) ---------------------------------------------------------------------- Traceback (most recent call last): File "/hardened_malloc/test/simple-memory-corruption/test_smc.py", line 28, in test_double_free_large_delayed self.assertEqual(returncode, -6) AssertionError: 127 != -6 ====================================================================== FAIL: test_double_free_small (simple-memory-corruption.test_smc.TestSimpleMemoryCorruption) ---------------------------------------------------------------------- Traceback (most recent call last): File "/hardened_malloc/test/simple-memory-corruption/test_smc.py", line 47, in test_double_free_small self.assertEqual(returncode, -6) AssertionError: 127 != -6 ====================================================================== FAIL: test_double_free_small_delayed (simple-memory-corruption.test_smc.TestSimpleMemoryCorruption) ---------------------------------------------------------------------- Traceback (most recent call last): File "/hardened_malloc/test/simple-memory-corruption/test_smc.py", line 41, in test_double_free_small_delayed self.assertEqual(returncode, -6) AssertionError: 127 != -6 ====================================================================== FAIL: test_eight_byte_overflow_large (simple-memory-corruption.test_smc.TestSimpleMemoryCorruption) ---------------------------------------------------------------------- Traceback (most recent call last): File "/hardened_malloc/test/simple-memory-corruption/test_smc.py", line 54, in test_eight_byte_overflow_large self.assertEqual(returncode, -11) AssertionError: 127 != -11 ====================================================================== FAIL: test_eight_byte_overflow_small (simple-memory-corruption.test_smc.TestSimpleMemoryCorruption) ---------------------------------------------------------------------- Traceback (most recent call last): File "/hardened_malloc/test/simple-memory-corruption/test_smc.py", line 59, in test_eight_byte_overflow_small self.assertEqual(returncode, -6) AssertionError: 127 != -6 ====================================================================== FAIL: test_invalid_free_protected (simple-memory-corruption.test_smc.TestSimpleMemoryCorruption) ---------------------------------------------------------------------- Traceback (most recent call last): File "/hardened_malloc/test/simple-memory-corruption/test_smc.py", line 65, in test_invalid_free_protected self.assertEqual(returncode, -6) AssertionError: 127 != -6 ====================================================================== FAIL: test_invalid_free_small_region (simple-memory-corruption.test_smc.TestSimpleMemoryCorruption) ---------------------------------------------------------------------- Traceback (most recent call last): File "/hardened_malloc/test/simple-memory-corruption/test_smc.py", line 79, in test_invalid_free_small_region self.assertEqual(returncode, -6) AssertionError: 127 != -6 ====================================================================== FAIL: test_invalid_free_small_region_far (simple-memory-corruption.test_smc.TestSimpleMemoryCorruption) ---------------------------------------------------------------------- Traceback (most recent call last): File "/hardened_malloc/test/simple-memory-corruption/test_smc.py", line 72, in test_invalid_free_small_region_far self.assertEqual(returncode, -6) AssertionError: 127 != -6 ====================================================================== FAIL: test_invalid_free_unprotected (simple-memory-corruption.test_smc.TestSimpleMemoryCorruption) ---------------------------------------------------------------------- Traceback (most recent call last): File "/hardened_malloc/test/simple-memory-corruption/test_smc.py", line 85, in test_invalid_free_unprotected self.assertEqual(returncode, -6) AssertionError: 127 != -6 ====================================================================== FAIL: test_invalid_malloc_object_size_small (simple-memory-corruption.test_smc.TestSimpleMemoryCorruption) ---------------------------------------------------------------------- Traceback (most recent call last): File "/hardened_malloc/test/simple-memory-corruption/test_smc.py", line 196, in test_invalid_malloc_object_size_small self.assertEqual(returncode, -6) AssertionError: 127 != -6 ====================================================================== FAIL: test_invalid_malloc_object_size_small_quarantine (simple-memory-corruption.test_smc.TestSimpleMemoryCorruption) ---------------------------------------------------------------------- Traceback (most recent call last): File "/hardened_malloc/test/simple-memory-corruption/test_smc.py", line 203, in test_invalid_malloc_object_size_small_quarantine self.assertEqual(returncode, -6) AssertionError: 127 != -6 ====================================================================== FAIL: test_invalid_malloc_usable_size_small (simple-memory-corruption.test_smc.TestSimpleMemoryCorruption) ---------------------------------------------------------------------- Traceback (most recent call last): File "/hardened_malloc/test/simple-memory-corruption/test_smc.py", line 99, in test_invalid_malloc_usable_size_small self.assertEqual(returncode, -6) AssertionError: 127 != -6 ====================================================================== FAIL: test_invalid_malloc_usable_size_small_quarantene (simple-memory-corruption.test_smc.TestSimpleMemoryCorruption) ---------------------------------------------------------------------- Traceback (most recent call last): File "/hardened_malloc/test/simple-memory-corruption/test_smc.py", line 92, in test_invalid_malloc_usable_size_small_quarantene self.assertEqual(returncode, -6) AssertionError: 127 != -6 ====================================================================== FAIL: test_malloc_object_size (simple-memory-corruption.test_smc.TestSimpleMemoryCorruption) ---------------------------------------------------------------------- Traceback (most recent call last): File "/hardened_malloc/test/simple-memory-corruption/test_smc.py", line 186, in test_malloc_object_size self.assertEqual(returncode, 0) AssertionError: 127 != 0 ====================================================================== FAIL: test_malloc_object_size_offset (simple-memory-corruption.test_smc.TestSimpleMemoryCorruption) ---------------------------------------------------------------------- Traceback (most recent call last): File "/hardened_malloc/test/simple-memory-corruption/test_smc.py", line 191, in test_malloc_object_size_offset self.assertEqual(returncode, 0) AssertionError: 127 != 0 ====================================================================== FAIL: test_read_after_free_large (simple-memory-corruption.test_smc.TestSimpleMemoryCorruption) ---------------------------------------------------------------------- Traceback (most recent call last): File "/hardened_malloc/test/simple-memory-corruption/test_smc.py", line 105, in test_read_after_free_large self.assertEqual(returncode, -11) AssertionError: 127 != -11 ====================================================================== FAIL: test_read_after_free_small (simple-memory-corruption.test_smc.TestSimpleMemoryCorruption) ---------------------------------------------------------------------- Traceback (most recent call last): File "/hardened_malloc/test/simple-memory-corruption/test_smc.py", line 109, in test_read_after_free_small self.assertEqual(returncode, 0) AssertionError: 127 != 0 ====================================================================== FAIL: test_read_zero_size (simple-memory-corruption.test_smc.TestSimpleMemoryCorruption) ---------------------------------------------------------------------- Traceback (most recent call last): File "/hardened_malloc/test/simple-memory-corruption/test_smc.py", line 115, in test_read_zero_size self.assertEqual(returncode, -11) AssertionError: 127 != -11 ====================================================================== FAIL: test_string_overflow (simple-memory-corruption.test_smc.TestSimpleMemoryCorruption) ---------------------------------------------------------------------- Traceback (most recent call last): File "/hardened_malloc/test/simple-memory-corruption/test_smc.py", line 119, in test_string_overflow self.assertEqual(returncode, 0) AssertionError: 127 != 0 ====================================================================== FAIL: test_unaligned_free_large (simple-memory-corruption.test_smc.TestSimpleMemoryCorruption) ---------------------------------------------------------------------- Traceback (most recent call last): File "/hardened_malloc/test/simple-memory-corruption/test_smc.py", line 124, in test_unaligned_free_large self.assertEqual(returncode, -6) AssertionError: 127 != -6 ====================================================================== FAIL: test_unaligned_free_small (simple-memory-corruption.test_smc.TestSimpleMemoryCorruption) ---------------------------------------------------------------------- Traceback (most recent call last): File "/hardened_malloc/test/simple-memory-corruption/test_smc.py", line 130, in test_unaligned_free_small self.assertEqual(returncode, -6) AssertionError: 127 != -6 ====================================================================== FAIL: test_unaligned_malloc_usable_size_small (simple-memory-corruption.test_smc.TestSimpleMemoryCorruption) ---------------------------------------------------------------------- Traceback (most recent call last): File "/hardened_malloc/test/simple-memory-corruption/test_smc.py", line 137, in test_unaligned_malloc_usable_size_small self.assertEqual(returncode, -6) AssertionError: 127 != -6 ====================================================================== FAIL: test_uninitialized_free (simple-memory-corruption.test_smc.TestSimpleMemoryCorruption) ---------------------------------------------------------------------- Traceback (most recent call last): File "/hardened_malloc/test/simple-memory-corruption/test_smc.py", line 143, in test_uninitialized_free self.assertEqual(returncode, -6) AssertionError: 127 != -6 ====================================================================== FAIL: test_uninitialized_malloc_usable_size (simple-memory-corruption.test_smc.TestSimpleMemoryCorruption) ---------------------------------------------------------------------- Traceback (most recent call last): File "/hardened_malloc/test/simple-memory-corruption/test_smc.py", line 150, in test_uninitialized_malloc_usable_size self.assertEqual(returncode, -11) AssertionError: 127 != -11 ====================================================================== FAIL: test_uninitialized_realloc (simple-memory-corruption.test_smc.TestSimpleMemoryCorruption) ---------------------------------------------------------------------- Traceback (most recent call last): File "/hardened_malloc/test/simple-memory-corruption/test_smc.py", line 154, in test_uninitialized_realloc self.assertEqual(returncode, -6) AssertionError: 127 != -6 ====================================================================== FAIL: test_write_after_free_large (simple-memory-corruption.test_smc.TestSimpleMemoryCorruption) ---------------------------------------------------------------------- Traceback (most recent call last): File "/hardened_malloc/test/simple-memory-corruption/test_smc.py", line 165, in test_write_after_free_large self.assertEqual(returncode, -11) AssertionError: 127 != -11 ====================================================================== FAIL: test_write_after_free_large_reuse (simple-memory-corruption.test_smc.TestSimpleMemoryCorruption) ---------------------------------------------------------------------- Traceback (most recent call last): File "/hardened_malloc/test/simple-memory-corruption/test_smc.py", line 161, in test_write_after_free_large_reuse self.assertEqual(returncode, -11) AssertionError: 127 != -11 ====================================================================== FAIL: test_write_after_free_small (simple-memory-corruption.test_smc.TestSimpleMemoryCorruption) ---------------------------------------------------------------------- Traceback (most recent call last): File "/hardened_malloc/test/simple-memory-corruption/test_smc.py", line 176, in test_write_after_free_small self.assertEqual(returncode, -6) AssertionError: 127 != -6 ====================================================================== FAIL: test_write_after_free_small_reuse (simple-memory-corruption.test_smc.TestSimpleMemoryCorruption) ---------------------------------------------------------------------- Traceback (most recent call last): File "/hardened_malloc/test/simple-memory-corruption/test_smc.py", line 170, in test_write_after_free_small_reuse self.assertEqual(returncode, -6) AssertionError: 127 != -6 ====================================================================== FAIL: test_write_zero_size (simple-memory-corruption.test_smc.TestSimpleMemoryCorruption) ---------------------------------------------------------------------- Traceback (most recent call last): File "/hardened_malloc/test/simple-memory-corruption/test_smc.py", line 182, in test_write_zero_size self.assertEqual(returncode, -11) AssertionError: 127 != -11 ---------------------------------------------------------------------- Ran 32 tests in 0.036s FAILED (failures=32) make: [Makefile:139: test] Error 1 (ignored) root@work:/hardened_malloc# ``` Any idea why this is happening? Fixable at chroot side or in hardened malloc source side?