mathieu/granite-rust
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity
granite-rust/compiler
History
Dylan DPC 58d72aedee
Rollup merge of #81506 - vo4:hwasan, r=nagisa 
HWAddressSanitizer support

#  Motivation
Compared to regular ASan, HWASan has a [smaller overhead](https://source.android.com/devices/tech/debug/hwasan). The difference in practice is that HWASan'ed code is more usable, e.g. Android device compiled with HWASan can be used as a daily driver.

# Example
```
fn main() {
    let xs = vec![0, 1, 2, 3];
    let _y = unsafe { *xs.as_ptr().offset(4) };
}
```
```
==223==ERROR: HWAddressSanitizer: tag-mismatch on address 0xefdeffff0050 at pc 0xaaaad00b3468
READ of size 4 at 0xefdeffff0050 tags: e5/00 (ptr/mem) in thread T0
    #0 0xaaaad00b3464  (/root/main+0x53464)
    #1 0xaaaad00b39b4  (/root/main+0x539b4)
    #2 0xaaaad00b3dd0  (/root/main+0x53dd0)
    #3 0xaaaad00b61dc  (/root/main+0x561dc)
    #4 0xaaaad00c0574  (/root/main+0x60574)
    #5 0xaaaad00b6290  (/root/main+0x56290)
    #6 0xaaaad00b6170  (/root/main+0x56170)
    #7 0xaaaad00b3578  (/root/main+0x53578)
    #8 0xffff81345e70  (/lib64/libc.so.6+0x20e70)
    #9 0xaaaad0096310  (/root/main+0x36310)

[0xefdeffff0040,0xefdeffff0060) is a small allocated heap chunk; size: 32 offset: 16
0xefdeffff0050 is located 0 bytes to the right of 16-byte region [0xefdeffff0040,0xefdeffff0050)
allocated here:
    #0 0xaaaad009bcdc  (/root/main+0x3bcdc)
    #1 0xaaaad00b1eb0  (/root/main+0x51eb0)
    #2 0xaaaad00b20d4  (/root/main+0x520d4)
    #3 0xaaaad00b2800  (/root/main+0x52800)
    #4 0xaaaad00b1cf4  (/root/main+0x51cf4)
    #5 0xaaaad00b33d4  (/root/main+0x533d4)
    #6 0xaaaad00b39b4  (/root/main+0x539b4)
    #7 0xaaaad00b61dc  (/root/main+0x561dc)
    #8 0xaaaad00b3578  (/root/main+0x53578)
    #9 0xaaaad0096310  (/root/main+0x36310)

Thread: T0 0xeffe00002000 stack: [0xffffc0590000,0xffffc0d90000) sz: 8388608 tls: [0xffff81521020,0xffff815217d0)
Memory tags around the buggy address (one tag corresponds to 16 bytes):
  0xfefcefffef80: 00  00  00  00  00  00  00  00  00  00  00  00  00  00  00  00
  0xfefcefffef90: 00  00  00  00  00  00  00  00  00  00  00  00  00  00  00  00
  0xfefcefffefa0: 00  00  00  00  00  00  00  00  00  00  00  00  00  00  00  00
  0xfefcefffefb0: 00  00  00  00  00  00  00  00  00  00  00  00  00  00  00  00
  0xfefcefffefc0: 00  00  00  00  00  00  00  00  00  00  00  00  00  00  00  00
  0xfefcefffefd0: 00  00  00  00  00  00  00  00  00  00  00  00  00  00  00  00
  0xfefcefffefe0: 00  00  00  00  00  00  00  00  00  00  00  00  00  00  00  00
  0xfefcefffeff0: 00  00  00  00  00  00  00  00  00  00  00  00  00  00  00  00
=>0xfefceffff000: a2  a2  05  00  e5 [00] 00  00  00  00  00  00  00  00  00  00
  0xfefceffff010: 00  00  00  00  00  00  00  00  00  00  00  00  00  00  00  00
  0xfefceffff020: 00  00  00  00  00  00  00  00  00  00  00  00  00  00  00  00
  0xfefceffff030: 00  00  00  00  00  00  00  00  00  00  00  00  00  00  00  00
  0xfefceffff040: 00  00  00  00  00  00  00  00  00  00  00  00  00  00  00  00
  0xfefceffff050: 00  00  00  00  00  00  00  00  00  00  00  00  00  00  00  00
  0xfefceffff060: 00  00  00  00  00  00  00  00  00  00  00  00  00  00  00  00
  0xfefceffff070: 00  00  00  00  00  00  00  00  00  00  00  00  00  00  00  00
  0xfefceffff080: 00  00  00  00  00  00  00  00  00  00  00  00  00  00  00  00
Tags for short granules around the buggy address (one tag corresponds to 16 bytes):
  0xfefcefffeff0: ..  ..  ..  ..  ..  ..  ..  ..  ..  ..  ..  ..  ..  ..  ..  ..
=>0xfefceffff000: ..  ..  c5  ..  .. [..] ..  ..  ..  ..  ..  ..  ..  ..  ..  ..
  0xfefceffff010: ..  ..  ..  ..  ..  ..  ..  ..  ..  ..  ..  ..  ..  ..  ..  ..
See https://clang.llvm.org/docs/HardwareAssistedAddressSanitizerDesign.html#short-granules for a description of short granule tags
Registers where the failure occurred (pc 0xaaaad00b3468):
    x0  e500efdeffff0050  x1  0000000000000004  x2  0000ffffc0d8f5a0  x3  0200efff00000000
    x4  0000ffffc0d8f4c0  x5  000000000000004f  x6  00000ffffc0d8f36  x7  0000efff00000000
    x8  e500efdeffff0050  x9  0200efff00000000  x10 0000000000000000  x11 0200efff00000000
    x12 0200effe000006b0  x13 0200effe000006b0  x14 0000000000000008  x15 00000000c00000cf
    x16 0000aaaad00a0afc  x17 0000000000000003  x18 0000000000000001  x19 0000ffffc0d8f718
    x20 ba00ffffc0d8f7a0  x21 0000aaaad00962e0  x22 0000000000000000  x23 0000000000000000
    x24 0000000000000000  x25 0000000000000000  x26 0000000000000000  x27 0000000000000000
    x28 0000000000000000  x29 0000ffffc0d8f650  x30 0000aaaad00b3468
```

# Comments/Caveats
* HWASan is only supported on arm64.
* I'm not sure if I should add a feature gate or piggyback on the existing one for sanitizers.
* HWASan requires `-C target-feature=+tagged-globals`. That flag should probably be set transparently to the user. Not sure how to go about that.

# TODO
* Need more tests.
* Update documentation.
* Fix symbolization.
* Integrate with CI
2021-02-12 22:53:30 +01:00
..
rustc just max_level_info 2020-09-11 09:37:51 -07:00
rustc_apfloat Backport another LLVM commit to rustc_apfloat 2020-10-04 02:02:25 +02:00
rustc_arena Rollup merge of #80470 - SimonSapin:array-intoiter-type, r=m-ou-se 2021-01-31 01:47:25 +01:00
rustc_ast Auto merge of #80860 - camelid:nodeid-docs, r=sanxiyn 2021-02-11 00:51:45 +00:00
rustc_ast_lowering Rename HIR UnOp variants 2021-02-09 11:39:20 +03:00
rustc_ast_passes Auto merge of #81346 - hug-dev:nonsecure-call-abi, r=jonas-schievink 2021-02-03 06:00:43 +00:00
rustc_ast_pretty Fix pretty printer macro_rules with semicolon. 2021-02-08 12:08:27 -08:00
rustc_attr Never MIR inline functions with a different instruction set 2021-02-05 00:00:00 +00:00
rustc_builtin_macros Borrow builder only once in debug derive 2021-02-10 00:00:00 +00:00
rustc_codegen_cranelift Add a new ABI to support cmse_nonsecure_call 2021-02-02 13:04:31 +00:00
rustc_codegen_llvm HWASan support 2021-02-07 23:48:58 -08:00
rustc_codegen_ssa HWASan support 2021-02-07 23:48:58 -08:00
rustc_data_structures Only initialize what is used 2021-02-10 09:20:41 +01:00
rustc_driver Indicate both start and end of pass RSS in time-passes output 2021-01-29 12:46:29 -08:00
rustc_error_codes Improve long explanation for E0542 and E0546 2021-02-11 16:26:07 +01:00
rustc_errors Make sure all fields are accounted for in encode_fields! 2021-02-07 14:54:22 -08:00
rustc_expand add method to construct def site path as a vec of idents 2021-02-09 13:42:35 +01:00
rustc_feature Feature gate macro attributes in #[derive] output 2021-02-07 20:08:45 +03:00
rustc_fs_util Optimize away a fs::metadata call. 2021-01-06 08:33:15 -08:00
rustc_graphviz remove redundant closures (clippy::redundant_closure) 2021-01-03 13:34:24 +01:00
rustc_hir Rename HIR UnOp variants 2021-02-09 11:39:20 +03:00
rustc_hir_pretty hir pretty printing 2021-02-04 16:20:57 +01:00
rustc_incremental Auto merge of #80957 - tgnottingham:direct_serialize_depgraph, r=michaelwoerister 2021-01-19 19:36:41 +00:00
rustc_index Auto merge of #81498 - thomaseizinger:ice-workaround-56935-rustc-index, r=matthewjasper 2021-02-07 08:09:58 +00:00
rustc_infer Rollup merge of #80732 - spastorino:trait-inheritance-self2, r=nikomatsakis 2021-02-09 02:39:50 +01:00
rustc_interface Box the biggest ast::ItemKind variants 2021-02-01 09:23:39 +01:00
rustc_lexer Return EOF_CHAR constant instead of magic char. 2021-01-07 13:20:04 +01:00
rustc_lint Auto merge of #79804 - tmiasko:improper-ctypes-no-niche, r=pnkfelix 2021-02-10 12:56:09 +00:00
rustc_lint_defs Add --extern-loc to augment unused crate dependency diagnostics 2021-02-07 14:54:20 -08:00
rustc_llvm HWASan support 2021-02-07 23:48:58 -08:00
rustc_macros Switch query descriptions to just String 2021-02-08 17:20:41 -05:00
rustc_metadata Rollup merge of #81861 - tmiasko:mir-bytes, r=wesleywiser 2021-02-08 19:28:23 +01:00
rustc_middle Auto merge of #81744 - rylev:overlapping-early-exit2, r=lcnr 2021-02-12 17:38:15 +00:00
rustc_mir Rollup merge of #81479 - osa1:issue24151, r=lcnr 2021-02-12 22:53:29 +01:00
rustc_mir_build Auto merge of #81350 - tmiasko:instrument-debug, r=lcnr 2021-02-11 13:44:00 +00:00
rustc_parse parser: Fix panic in 'const impl' recovery 2021-02-08 10:46:19 +03:00
rustc_parse_format parse_format: treat r" as a literal 2021-02-06 15:01:07 +00:00
rustc_passes Rename HIR UnOp variants 2021-02-09 11:39:20 +03:00
rustc_plugin_impl Store ForeignItem in a side table. 2020-11-26 21:29:27 +01:00
rustc_privacy more things are const evaluatable *sparkles* 2021-02-01 20:05:50 +00:00
rustc_query_system Auto merge of #81892 - jyn514:no-inline, r=cjgillot 2021-02-09 18:37:33 +00:00
rustc_resolve resolve: Remove visibility hacks for enum variants and trait items 2021-02-10 22:46:44 +03:00
rustc_save_analysis Use Option::map_or instead of .map(..).unwrap_or(..) 2021-01-14 19:23:59 +01:00
rustc_serialize Revert stabilizing integer::BITS. 2021-02-03 22:23:58 +01:00
rustc_session HWASan support 2021-02-07 23:48:58 -08:00
rustc_span Rollup merge of #81506 - vo4:hwasan, r=nagisa 2021-02-12 22:53:30 +01:00
rustc_symbol_mangling Rollup merge of #80959 - jhpratt:unsigned_abs-stabilization, r=m-ou-se 2021-01-30 13:36:44 +09:00
rustc_target Stack probes: fix error message 2021-02-11 20:33:16 +01:00
rustc_trait_selection Auto merge of #81744 - rylev:overlapping-early-exit2, r=lcnr 2021-02-12 17:38:15 +00:00
rustc_traits Update Chalk 2021-02-02 12:37:22 -05:00
rustc_ty_utils Infallible version of def_span. 2021-01-23 13:35:22 +01:00
rustc_type_ir Move a few more types to rustc_type_ir 2021-01-18 21:06:12 +01:00
rustc_typeck Rollup merge of #81506 - vo4:hwasan, r=nagisa 2021-02-12 22:53:30 +01:00