SCS has been supported in Rust since 1.64.0.
This adds SCS as a sanitizer option in Rust.
Bug: 168914033
Test: Built module with sanitize: { scs: true }
Change-Id: Ie54ac4693286878b98704cf052649a267777d764
'-Z sanitizer={hw}address' was not being passed if the fuzzer sanitizer
property was also set. Additionally, trying to use the fuzzer sanitizer
with the address sanitizer incorrectly linked in the hwasan runtime.
Bug: 293466009
Test: SANITIZE_TARGET="fuzzer address" m android_logger_fuzzer
Test: SANITIZE_TARGET="fuzzer hwaddress" m android_logger_fuzzer
Test: ldd <fuzzer_on_device> # ensure correct libraries linked
Test: Check build flags
Change-Id: I6b01c8808af07c642217b642af128ebf934f4bc6
SCS has been supported in Rust since 1.64.0.
This adds SCS as a sanitizer option in Rust.
Bug: 168914033
Test: Built module with sanitize: { scs: true }
Change-Id: Ibdc116a335339af6d0b0d6dd0bb82c0358fa9087
Rust libfuzzer flags have changed upstream, so update our set of flags.
This fixes the following fuzzer error:
ERROR: The size of coverage PC tables does not match the
number of instrumented PCs. This might be a compiler bug,
please contact the libFuzzer developers.
Bug: 249551848
Test: SANITIZE_TARGET="hwaddress fuzzer" m <fuzz_target>
Test: Test running the fuzzer.
Change-Id: I4f7df1fbe636133c646dfb0bd12757c947995ffe
Don't automatically assume that HWASAN or ASAN is enabled if Fuzzer is
enabled.
Bug: 178365482
Test: m bluetooth_stack_with_facade
Test: SANITIZE_TARGET=fuzzer m bluetooth_stack_with_facade
Test: SANITIZE_TARGET=address m bluetooth_stack_with_facade
Test: SANITIZE_TARGET=hwaddress m bluetooth_stack_with_facade
Test: SANITIZE_TARGET="fuzzer address" m bluetooth_stack_with_facade
Test: SANITIZE_TARGET="fuzzer hwaddress" m bluetooth_stack_with_facade
Change-Id: Ief8c0f899837c5889a8035782616025f1b0d54e7
The logic is not 100% provably the same since HEAD was quite
confusing at some points, but I did make an effort to preserve
functional equivalence.
In case that effort was not enough, it should be pretty easy to
tweak the logic at HEAD since it's still quite malleable.
Bug: 231370928
Test: Presubmits.
Change-Id: I17b2efbfb5c4d0aedd922caed54ff8d857e578df
This is so that we can avoid mutating state in sanitizerMutator, as
would be necessary if we only had a single bit for every sanitizer
together.
Test: Presubmits.
Change-Id: I5576367c12972fbea64342ab123118ec5a2cfeec
The 'fuzzer' sanitizer enables 'hwasan', which is not supported for Rust
static binaries. Make sure we skip applying this sanitizer to those
binaries.
Bug: 204776996
Test: SANITIZE_TARGET=fuzzer m <static_rust_executable>
Change-Id: I619cfab32b46c0811590973344eb5cdbe3f1a119
On HWASAN global sanitized builds, fuzz targets had hwasanFlags applied
twice. Rust only allows llvm-args flags to be passed in once however, so
this broke compilation.
Bug: 204915322
Test: SANITIZE_TARGET='hwaddress fuzzer' m <fuzzer>
Change-Id: I4f6c35e04bc4c891d9c66e8a53c3dcb88e8670cf
This CL adds support for the MTE memtag_heap sanitizer. This is
controlled via inclusion of an ELF note.
Bug: 170672854
Test: Heap MTE-enabled Rust test binary triggers MTE
Change-Id: I2619818785e86a94667d02b30d102c83456b7925
This CL adds Rust support for the SANITIZE_TARGET options.
This CL includes a couple small fixes to related to HWASAN, ASAN,
ensuring that the Never sanitize property is respected. Notably,
additional llvm-args are passed to ensure that HWASAN-ified Rust/C
interop works correctly.
Bug: 170672854
Bug: 204915322
Test: SANITIZE_TARGET globally applies hwasan to Rust targets
Change-Id: Ia904d07b4618f72cdc95c51f88961905c240ac53
Structs embedding binaryDecorator (rust_test, rust_benchmark, rust_fuzz)
are binaries as well, but won't pass checks against *binaryDecorator,
such as the check in StaticExecutable().
Add a binaryInterface that can be checked instead to simplify these
checks and ensure we catch all binaries.
Bug: 170672854
Test: rust_test, rust_benchmark return true StaticallyLinked
Change-Id: I2373d3663373a6977260785602a02d39a41320fe
Without `-C link-dead-code`, Rust fuzzers may fail to start fuzzing.
See the cargo-fuzz issue in the code comment for details. This patch
disables dead stripping for our fuzzers by default.
Bug: 193200135
Test: Flag emitted when building Rust fuzzers.
Test: Fuzzer runs on device.
Change-Id: I530de30e9a57db206bcbf3d2d3d371628eef8934
Refactors the vendor snapshot support to use the LinkableInterface
so that support can be extended to Rust. This CL does not add
vendor snapshot support for Rust; that is left for a follow-on CL.
Bug: 184042776
Test: m nothing
Change-Id: Id0c4970ca00053484a52677d182153cbc454c301
HWASan for static Rust executables is not supported yet.
Bug: 180495975
Test: build local test app with HWASan
Change-Id: I46e851c82a16943586ec3a789f09a58651d036e3
This flag causes a linkage error between rustc and our libclang_rt. We
can remove it for now and look into reintroducing it in the future.
We'd need to define 'thread_local uintptr_t __sancov_lowest_stack' to
support this. See https://reviews.llvm.org/D36839
Bug: 180495975
Test: m <fuzzer>
Change-Id: I95c9392307b5f20a0eda0fc76eb7ef79e27ae4df
libfuzzer-sys uses different flags in the 0.4.0 update, so update the
flags for rust_fuzz modules to align.
Test: m <example_fuzzer>
Change-Id: I0a1eb140a7843fdaf5266c05a1ecf6d3964e0f5e
Add a rust_fuzz module which builds a libfuzzer binary that enabes
asan+sancov. This relies on the libfuzzer-sys crate.
Bug: 147140513
Test: Local rust_fuzz example builds, fuzzes with asan+sancov.
Change-Id: I57db3b8d25869791824ccfab768d13b0bb9d42fa