[monodroid] Add native code static checkers and sanitizers (#5094)

Context: https://devdiv.visualstudio.com/DevDiv/_workitems/edit/1139593

Begin running Clang-based code analysis tools against our C++ codebase:

  * [`clang-tidy`][0] static analysis
  * [`ASAN`][1] and [`UBSAN`][2] runtime sanitizers, which can find
    some issues that cannot be detected by static analysis.

All of the required tools are shipped with the Android NDK, which 
currently ships the Clang 9 toolchain.

All of the tools require separate builds of the native code.
`clang-tidy` builds the entire codebase to generate an AST and then
analyze it, reporting possible errors, but it does not produce any
binaries.

The ASAN and UBSAN runtime sanitizers instrument the generated code in
numerous ways, which make runtime code much slower to execute, up to 3x
longer to run various tasks.  We now build our native code 4 additional
times, once for each sanitizer in both `Debug` and `Release` configs.
The output binaries have the `-checked+SANITIZER_NAME` infix added to
their name, e.g. `libmono-android-checked+asan.debug.so`.

The instrumented binaries will not be currently distributed to the end
users since they are intended for internal use.

Also added are two [`wrap.sh`][3] scripts, one for `ASAN` and the other
for `UBSAN`; both can be found in the `build-tools/wrap.sh/` directory.

The instrumented binaries can then be placed in the `.apk` instead of
the standard binaries by adding the following to the project file:

	<PropertyGroup>
	  <AndroidIncludeWrapSh Condition=" '$(UseASAN)' != '' Or '$(UseUBSAN)' != '' ">true</AndroidIncludeWrapSh>
	  <_AndroidCheckedBuild Condition=" '$(UseASAN)' != '' ">asan</_AndroidCheckedBuild>
	  <_AndroidCheckedBuild Condition=" '$(UseUBSAN)' != '' ">ubsan</_AndroidCheckedBuild>
	  <_ASANScript>../path/to/build-scripts/wrap.sh/asan.sh</_ASANScript>
	  <_UBSANScript>../path/to/build-scripts/wrap.sh/ubsan.sh</_UBSANScript>
	</PropertyGroup>

	<ItemGroup>
	  <AndroidNativeLibrary Include="$(_ASANScript)" Condition=" '$(UseASAN)' != '' ">
	    <Link>lib\arm64-v8a\wrap.sh</Link>
	  </AndroidNativeLibrary>
	  <AndroidNativeLibrary Include="$(_ASANScript)" Condition=" '$(UseASAN)' != '' ">
	    <Link>lib\armeabi-v7a\wrap.sh</Link>
	  </AndroidNativeLibrary>
	  <AndroidNativeLibrary Include="$(_ASANScript)" Condition=" '$(UseASAN)' != '' ">
	    <Link>lib\x86\wrap.sh</Link>
	  </AndroidNativeLibrary>
	  <AndroidNativeLibrary Include="$(_ASANScript)" Condition=" '$(UseASAN)' != '' ">
	    <Link>lib\x86_64\wrap.sh</Link>
	  </AndroidNativeLibrary>

	  <AndroidNativeLibrary Include="$(_UBSANScript)" Condition=" '$(UseUBSAN)' != '' ">
	    <Link>lib\arm64-v8a\wrap.sh</Link>
	  </AndroidNativeLibrary>
	  <AndroidNativeLibrary Include="$(_UBSANScript)" Condition=" '$(UseUBSAN)' != '' ">
	    <Link>lib\armeabi-v7a\wrap.sh</Link>
	  </AndroidNativeLibrary>
	  <AndroidNativeLibrary Include="$(_UBSANScript)" Condition=" '$(UseUBSAN)' != '' ">
	    <Link>lib\x86\wrap.sh</Link>
	  </AndroidNativeLibrary>
	  <AndroidNativeLibrary Include="$(_UBSANScript)" Condition=" '$(UseUBSAN)' != '' ">
	    <Link>lib\x86_64\wrap.sh</Link>
	  </AndroidNativeLibrary>
	</ItemGroup>


The `%(AndroidNativeLibrary.Link)` metadata value **must** be a valid
path to the native library directory inside the `.apk` since the
`wrap.sh` scripts are architecture-specific and are expected to be
found in specific directories by the Android loader.

The checked build is enabled by setting the `$(_AndroidCheckedBuild)`
MSBuild property to either `asan` or `ubsan`.

TODO: While "checked" versions of the native libraries are built, they
need to be *used* to be of full usefulness.  We still need to update CI
so that `Mono.Android-Tests` will be executed with `asan` or `ubsan`
enabled, to assert that future issues are not introduced.

[0]: https://releases.llvm.org/9.0.0/tools/clang/tools/extra/docs/clang-tidy/
[1]: https://releases.llvm.org/9.0.0/tools/clang/docs/AddressSanitizer.html
[2]: https://releases.llvm.org/9.0.0/tools/clang/docs/UndefinedBehaviorSanitizer.html
[3]: https://developer.android.com/ndk/guides/wrap-script

Author: grendello

.editorconfig

@@ -41,6 +41,12 @@ tab_width = 8
 indent_size = 8
 max_line_length = 180
 
+# CMake files
+[CMakeLists.txt]
+indent_style = space
+indent_size = 2
+insert_final_newline = true
+
 ###############################
 # .NET Coding Conventions     #
 ###############################

Documentation/guides/building-apps/build-properties.md

@@ -555,6 +555,50 @@ The most common values for this property are:
 
 Added in Xamarin.Android 6.1.
 
+## AndroidIncludeWrapSh
+
+A boolean value which indicates whether the Android wrapper script
+([`wrap.sh`](https://developer.android.com/ndk/guides/wrap-script))
+should be packaged into the APK. The property defaults to `false`
+since the wrapper script may significantly influence the way the
+application starts up and works and the script should be included only
+when necessary e.g. for debugging or otherwise changing the
+application startup/runtime behavior.
+
+The script is added to the project using the
+[`@(AndroidNativeLibrary)`](~/android/deploy-test/building-apps/build-items.md#androidnativelibrary)
+build action, because it is placed in the same directory where
+architecture-specific native libraries, and must be named `wrap.sh`.
+
+The easiest way to specify path to the `wrap.sh` script is to put it
+in a directory named after the target architecture. This approach will
+work if you have just one `wrap.sh` per architecture:
+
+```xml
+<AndroidNativeLibrary Include="path/to/arm64-v8a/wrap.sh" />
+```
+
+However, if your project needs more than one `wrap.sh` per
+architecture, for different purposes, this approach won't work.
+Instead, in such cases the name can be specified using the `Link`
+metadata of the `AndroidNativeLibrary`:
+
+```xml
+<AndroidNativeLibrary Include="/path/to/my/arm64-wrap.sh">
+  <Link>lib\arm64-v8a\wrap.sh</Link>
+</AndroidNativeLibrary>
+```
+
+If the `Link` metadata is used, the path specified in its value must
+be a valid native architecture-specific library path, relative to the
+APK root directory. The format of the path is `lib\ARCH\wrap.sh` where
+`ARCH` can be one of:
+
++ `arm64-v8a`
++ `armeabi-v7a`
++ `x86_64`
++ `x86`
+
 ## AndroidKeyStore
 
 A boolean value which indicates whether

build-tools/Xamarin.Android.Tools.BootstrapTasks/result-packaging.targets

@@ -29,6 +29,7 @@
     <_BuildStatusFiles Include="$(XamarinAndroidSourcePath)**\CMakeFiles\*.log" />
     <_BuildStatusFiles Include="$(XamarinAndroidSourcePath)**\.ninja_log" />
     <_BuildStatusFiles Include="$(XamarinAndroidSourcePath)**\android-*.config.cache" />
+    <_BuildStatusFiles Include="$(XamarinAndroidSourcePath)\bin\Build$(Configuration)\clang-tidy*.log" />
   </ItemGroup>
   <ItemGroup>
     <_TestResultFiles Include="$(XamarinAndroidSourcePath)TestResult-*.xml" />

build-tools/cmake/xa_macros.cmake

@@ -50,7 +50,6 @@ macro(xa_common_prepare)
     Wa,-noexecstack
     fPIC
     g
-    fomit-frame-pointer
     O2
     )
 

build-tools/installers/create-installers.targets

@@ -160,8 +160,14 @@
     <_MSBuildFiles Include="$(MSBuildSrcDir)\jnimarshalmethod-gen.pdb" Condition=" '$(PackageId)' != 'Microsoft.Android.Sdk' " />
     <_MSBuildFiles Include="$(MSBuildSrcDir)\LayoutBinding.cs" />
     <_MSBuildFiles Include="@(AndroidSupportedTargetJitAbi->'$(MSBuildSrcDir)\lib\%(Identity)\libmono-android.debug.so')"       Condition=" '$(PackageId)' != 'Microsoft.Android.Sdk' " />
+    <_MSBuildFiles Include="@(AndroidSupportedTargetJitAbi->'$(MSBuildSrcDir)\lib\%(Identity)\libmono-android-checked+asan.debug.so')"  Condition=" '$(PackageId)' != 'Microsoft.Android.Sdk' " />
+    <_MSBuildFiles Include="@(AndroidSupportedTargetJitAbi->'$(MSBuildSrcDir)\lib\%(Identity)\libmono-android-checked+ubsan.debug.so')" Condition=" '$(PackageId)' != 'Microsoft.Android.Sdk' " />
     <_MSBuildFiles Include="@(AndroidSupportedTargetJitAbi->'$(MSBuildSrcDir)\lib\%(Identity)\libmono-android.release.so')"     Condition=" '$(PackageId)' != 'Microsoft.Android.Sdk' " />
+    <_MSBuildFiles Include="@(AndroidSupportedTargetJitAbi->'$(MSBuildSrcDir)\lib\%(Identity)\libmono-android-checked+asan.release.so')"  Condition=" '$(PackageId)' != 'Microsoft.Android.Sdk' " />
+    <_MSBuildFiles Include="@(AndroidSupportedTargetJitAbi->'$(MSBuildSrcDir)\lib\%(Identity)\libmono-android-checked+ubsan.release.so')" Condition=" '$(PackageId)' != 'Microsoft.Android.Sdk' " />
     <_MSBuildFiles Include="@(AndroidSupportedTargetJitAbi->'$(MSBuildSrcDir)\lib\%(Identity)\libxa-internal-api.so')"          Condition=" '$(PackageId)' != 'Microsoft.Android.Sdk' " />
+    <_MSBuildFiles Include="@(AndroidSupportedTargetJitAbi->'$(MSBuildSrcDir)\lib\%(Identity)\libxa-internal-api-checked+asan.so')"     Condition=" '$(PackageId)' != 'Microsoft.Android.Sdk' " />
+    <_MSBuildFiles Include="@(AndroidSupportedTargetJitAbi->'$(MSBuildSrcDir)\lib\%(Identity)\libxa-internal-api-checked+ubsan.so')"    Condition=" '$(PackageId)' != 'Microsoft.Android.Sdk' " />
     <_MSBuildFiles Include="@(AndroidSupportedTargetJitAbi->'$(MSBuildSrcDir)\lib\%(Identity)\libmono-btls-shared.so')"         Condition=" '$(PackageId)' != 'Microsoft.Android.Sdk' " />
     <_MSBuildFiles Include="@(AndroidSupportedTargetJitAbi->'$(MSBuildSrcDir)\lib\%(Identity)\libmono-btls-shared.d.so')"       Condition=" '$(PackageId)' != 'Microsoft.Android.Sdk' " />
     <_MSBuildFiles Include="@(AndroidSupportedTargetJitAbi->'$(MSBuildSrcDir)\lib\%(Identity)\libmono-profiler-aot.so')"        Condition=" '$(PackageId)' != 'Microsoft.Android.Sdk' " />
@@ -174,6 +180,8 @@
     <_MSBuildFiles Include="@(AndroidSupportedTargetJitAbi->'$(MSBuildSrcDir)\lib\%(Identity)\libmonosgen-2.0.d.so')"           Condition=" '$(PackageId)' != 'Microsoft.Android.Sdk' " />
     <_MSBuildFiles Include="@(AndroidSupportedTargetJitAbi->'$(MSBuildSrcDir)\lib\%(Identity)\libsqlite3_xamarin.so')"          Condition=" '$(PackageId)' != 'Microsoft.Android.Sdk' " />
     <_MSBuildFiles Include="@(AndroidSupportedTargetJitAbi->'$(MSBuildSrcDir)\lib\%(Identity)\libxamarin-debug-app-helper.so')" Condition=" '$(PackageId)' != 'Microsoft.Android.Sdk' " />
+    <_MSBuildFiles Include="@(AndroidSupportedTargetJitAbi->'$(MSBuildSrcDir)\lib\%(Identity)\libxamarin-debug-app-helper-checked+asan.so')"        Condition=" '$(PackageId)' != 'Microsoft.Android.Sdk' " />
+    <_MSBuildFiles Include="@(AndroidSupportedTargetJitAbi->'$(MSBuildSrcDir)\lib\%(Identity)\libxamarin-debug-app-helper-checked+ubsan.so')"       Condition=" '$(PackageId)' != 'Microsoft.Android.Sdk' " />
     <_MSBuildFiles Include="@(AndroidSupportedTargetJitAbi->'$(MSBuildSrcDir)\lib\interpreter-%(Identity)\libmono-btls-shared.so')"         Condition=" '$(PackageId)' != 'Microsoft.Android.Sdk' " />
     <_MSBuildFiles Include="@(AndroidSupportedTargetJitAbi->'$(MSBuildSrcDir)\lib\interpreter-%(Identity)\libmono-profiler-aot.so')"        Condition=" '$(PackageId)' != 'Microsoft.Android.Sdk' " />
     <_MSBuildFiles Include="@(AndroidSupportedTargetJitAbi->'$(MSBuildSrcDir)\lib\interpreter-%(Identity)\libmono-profiler-log.so')"        Condition=" '$(PackageId)' != 'Microsoft.Android.Sdk' " />

build-tools/wrap.sh/asan.sh

@@ -0,0 +1,11 @@
+#!/system/bin/sh
+HERE="$(cd "$(dirname "$0")" && pwd)"
+export ASAN_OPTIONS="log_to_syslog=false,allow_user_segv_handler=1,check_initialization_order=true,print_stats=true,detect_invalid_pointer_pairs=2"
+ASAN_LIB=$(ls $HERE/libclang_rt.asan-*-android.so)
+if [ -f "$HERE/libc++_shared.so" ]; then
+    # Workaround for https://github.com/android-ndk/ndk/issues/988.
+    export LD_PRELOAD="$ASAN_LIB $HERE/libc++_shared.so"
+else
+    export LD_PRELOAD="$ASAN_LIB"
+fi
+"$@"

build-tools/wrap.sh/ubsan.sh

@@ -0,0 +1,10 @@
+#!/system/bin/sh
+HERE="$(cd "$(dirname "$0")" && pwd)"
+UBSAN_LIB=$(ls $HERE/libclang_rt.ubsan_standalone-*-android.so)
+if [ -f "$HERE/libc++_shared.so" ]; then
+    # Workaround for https://github.com/android-ndk/ndk/issues/988.
+    export LD_PRELOAD="$UBSAN_LIB $HERE/libc++_shared.so"
+else
+    export LD_PRELOAD="$UBSAN_LIB"
+fi
+"$@"

build-tools/xaprepare/xaprepare/Resources/Configuration.OperatingSystem.props.in

@@ -20,5 +20,6 @@
         <JarPath Condition=" '$(JarPath)' == '' ">@jar@</JarPath>
         <JavaPath Condition=" '$(JavaPath)' == '' ">@java@</JavaPath>
         <HostHomebrewPrefix Condition=" '$(HostHomebrewPrefix)' == '' ">@HOST_HOMEBREW_PREFIX@</HostHomebrewPrefix>
+        <NdkLlvmTag Condition=" '$(NdkLlvmTag)' == '' ">@NDK_LLVM_TAG@</NdkLlvmTag>
     </PropertyGroup>
 </Project>

build-tools/xaprepare/xaprepare/Steps/Step_GenerateFiles.cs

@@ -101,6 +101,7 @@ GeneratedFile Get_Configuration_OperatingSystem_props (Context context)
 				{ "@javac@",                context.OS.JavaCPath },
 				{ "@java@",                 context.OS.JavaPath },
 				{ "@jar@",                  context.OS.JarPath },
+				{ "@NDK_LLVM_TAG@",         $"{context.OS.Type.ToLowerInvariant ()}-x86_64" },
 			};
 
 			return new GeneratedPlaceholdersFile (

src/Mono.Android/Test/Mono.Android-Tests.csproj

@@ -24,6 +24,11 @@
     <TargetFrameworkVersion>v11.0</TargetFrameworkVersion>
     <AndroidDexTool Condition=" '$(AndroidDexTool)' == '' ">d8</AndroidDexTool>
     <_SkipJniAddNativeMethodRegistrationAttributeScan>True</_SkipJniAddNativeMethodRegistrationAttributeScan>
+    <AndroidIncludeWrapSh Condition=" '$(UseASAN)' != '' Or '$(UseUBSAN)' != '' ">true</AndroidIncludeWrapSh>
+    <_AndroidCheckedBuild Condition=" '$(UseASAN)' != '' ">asan</_AndroidCheckedBuild>
+    <_AndroidCheckedBuild Condition=" '$(UseUBSAN)' != '' ">ubsan</_AndroidCheckedBuild>
+    <_ASANScript>..\..\..\build-tools\wrap.sh\asan.sh</_ASANScript>
+    <_UBSANScript>..\..\..\build-tools\wrap.sh\ubsan.sh</_UBSANScript>
   </PropertyGroup>
   <Import Project="Mono.Android-Test.Shared.projitems" Label="Shared" Condition="Exists('Mono.Android-Test.Shared.projitems')" />
   <Import Project="..\..\..\Configuration.props" />
@@ -124,4 +129,31 @@
   <ItemGroup>
     <Folder Include="Localization\" />
   </ItemGroup>
+  <ItemGroup>
+    <AndroidNativeLibrary Include="$(_ASANScript)" Condition=" '$(UseASAN)' != '' ">
+      <Link>lib\arm64-v8a\wrap.sh</Link>
+    </AndroidNativeLibrary>
+    <AndroidNativeLibrary Include="$(_ASANScript)" Condition=" '$(UseASAN)' != '' ">
+      <Link>lib\armeabi-v7a\wrap.sh</Link>
+    </AndroidNativeLibrary>
+    <AndroidNativeLibrary Include="$(_ASANScript)" Condition=" '$(UseASAN)' != '' ">
+      <Link>lib\x86\wrap.sh</Link>
+    </AndroidNativeLibrary>
+    <AndroidNativeLibrary Include="$(_ASANScript)" Condition=" '$(UseASAN)' != '' ">
+      <Link>lib\x86_64\wrap.sh</Link>
+    </AndroidNativeLibrary>
+
+    <AndroidNativeLibrary Include="$(_UBSANScript)" Condition=" '$(UseUBSAN)' != '' ">
+      <Link>lib\arm64-v8a\wrap.sh</Link>
+    </AndroidNativeLibrary>
+    <AndroidNativeLibrary Include="$(_UBSANScript)" Condition=" '$(UseUBSAN)' != '' ">
+      <Link>lib\armeabi-v7a\wrap.sh</Link>
+    </AndroidNativeLibrary>
+    <AndroidNativeLibrary Include="$(_UBSANScript)" Condition=" '$(UseUBSAN)' != '' ">
+      <Link>lib\x86\wrap.sh</Link>
+    </AndroidNativeLibrary>
+    <AndroidNativeLibrary Include="$(_UBSANScript)" Condition=" '$(UseUBSAN)' != '' ">
+      <Link>lib\x86_64\wrap.sh</Link>
+    </AndroidNativeLibrary>
+  </ItemGroup>
 </Project>