[HWASAN] Updated HWASAN design document to better portray the chance of missing a...

Summary: Provided rule of thumb percentage chances of miss for 4 and 8 bit tag sizes.

Subscribers: cfe-commits

Tags: #clang

Differential Revision: https://reviews.llvm.org/D58195

git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@353990 91177308-0d34-0410-b5e6-96231b3b80d8

diff --git a/docs/HardwareAssistedAddressSanitizerDesign.rst b/docs/HardwareAssistedAddressSanitizerDesign.rst
index 6bbfcb7192cb472d962fb0408d88b111bc3ee107..12e2cc25256fe9c33c0afac03117faeafb5d075a 100644 (file)
--- a/docs/HardwareAssistedAddressSanitizerDesign.rst
+++ b/docs/HardwareAssistedAddressSanitizerDesign.rst
@@ -131,7 +131,8 @@ HWASAN:
     https://www.kernel.org/doc/Documentation/arm64/tagged-pointers.txt).
   * **Does not require redzones to detect buffer overflows**,
     but the buffer overflow detection is probabilistic, with roughly
-    `(2**TS-1)/(2**TS)` probability of catching a bug.
+    `1/(2**TS)` chance of missing a bug (6.25% or 0.39% with 4 and 8-bit TS
+    respectively).
   * **Does not require quarantine to detect heap-use-after-free,
     or stack-use-after-return**.
     The detection is similarly probabilistic.