The Android Memory Security tool is a comprehensive toolkit that helps you improve the quality and security of your applications. Learn about our various memory security tools, their use scenarios, and how you can use them to find and fix problems.

If you prefer to see this in video, check it out here.

What is a memory safe error

Memory errors are errors that occur when processing memory in native languages such as C or C++.

void BufferOverflow() {
    char *p = new char[10];
    p[20] = 'x'; // 💣💥 writes outside the allocated array
}

void UseAfterFree() {
    char *p = new char[10];
    delete[] p;
    p[0] = 'x'; // 💣💥 writes after the array has been freed
}
Copy the code

△ Two common memory security errors

In this example, we can see that the two most common forms of error are Buffer Overflow and Use After Free.

End-user devices report more than 3,000 memory-related crashes per second, which translates to 7.7 billion crashes per month, and these crashes are easily perceived by users, leading to a bad impression of these applications. Using memory safety tools can help you reduce such errors and improve the user experience.

More than 60% of Android bugs each year are caused by memory errors, and similar problems have been reported in large native code bases other than Android. Fixing memory errors in applications is just as important as fixing memory errors in systems. Users do not have to worry about how the operating system protects their data, and your application should not ignore this issue. Using memory security tools can help provide users with greater security.

Over 50% of the app packages in the Play Store contain native code, and even if you don’t use native code directly to implement features in your app, you may include native code indirectly by using third-party SDKS or libraries.

Use memory safety tools

Our mission is to help developers ensure memory security and help you avoid errors and bugs when using native code to handle memory. Therefore, we have developed a set of tools to detect and help developers become more productive, making it easier than ever to detect and fix such errors.

Over the years, we have worked to introduce new tools and enhance existing tools, and now we are officially introducing these three tools to you:

  • HWASan: memory error detection tool based on the compiler
  • Gwp-asan: Probabilistic memory error detection tool based on allocator
  • Arm MTE: hardware-based memory error detection tool

HWASan

HWASan, available starting with Android 10, can detect a variety of memory errors including stack, global, and heap problems. Using this tool requires recompilation because it requires the introduction of additional code to run in all memory operations, so it may not be suitable for deployment in a production environment. Introducing HWASan reduces application performance by approximately two times, and we recommend that you use HWASan during development and testing.

There are 3 steps to using HWASan:

  • Brush HWASan onto your test equipment
  • Rebuild your application with the -fsanitize= hwAddress parameter
  • run

We maintain the HWASan build for most Pixel devices, and while the performance of the tool is not suitable for deployment in a production environment, it is sufficient for testing. Internally we used HWASan builds to dogfood test new Pixel devices. For more details on HWASan, check out the documentation guide HWAddress Sanitizer.

GWP-ASan

Gwp-asan is a probabilistic memory error detection tool that we introduced in Android 11. Probabilistic means that some heap allocations are protected at random to balance performance with the chance of catching errors. This is a bit like a lottery system, where as the number of devices running the code base increases, so does the chance of detecting an error. Gwp-asan does not require recompilation, and its performance is ideal for use in production environments, and it is highly recommended that you use GWP-ASAN from early development through testing and deployment to production.

Gwp-asan is very simple to use:

  • Add gwpAsanMode to the Android manifest file
  • run

If you want to learn more about GWP-ASAN, please refer to the documentation guide GWP-ASAN.

Arm MTE

Arm MTE is a hardware-based memory error detection tool that we developed in collaboration with Arm, and we will gradually make it available to developers in the future as new hardware becomes available. While these hardware technologies are available on some Android devices, we strongly recommend that app developers familiarize themselves with HWASan and GWP-Asan to facilitate smooth transitions between compatible devices.

Run the code and look for problems

When the memory safety tool is enabled, execute as many code paths as possible. Memory errors generate Logcat and Tombstone traces that can be used for local debugging, and in a production environment, reports are exported from the device to the Play developer console. In Android 12, we introduced a new Tombostone API that allows developers to extract more crash information the next time an application launches. We have been working with Firebase to provide support for memory security tools in Crashlytics.

To fix the problem

The memory safety tool provides error reports including allocation and unallocation backtracking

When using a memory-safe tool, the error report contains more information that is helpful for debugging, including allocation and unallocation tracebacks in addition to unpleasant tracebacks, which can be helpful in finding the root cause of the error. We have been using these tools in our internal development of the Android operating system, which has helped us detect a large number of bugs that have been hidden in our code base for years. These tools have greatly improved our ability to detect bugs, and enhanced error reporting has helped us reduce repair times.

conclusion

The Android Memory Security tool detects memory errors in the code base, and fixing such errors can help improve quality and security. The trick to ensuring memory safety is to use a memory safety tool to run code to find errors and then fix them.

Thank you for reading this article and we look forward to using the tools we provide to improve the quality and security of the Android ecosystem. If you have any questions or feedback, please contact us on Github Issues.

Please click here to submit your feedback to us, or share your favorite content or questions. Your feedback is very important to us, thank you for your support!