> On 12/12/19 4:19 PM, Matthew Malcomson wrote: >> - if (is_store && !param_asan_instrument_writes) >> + if (is_store >> + && (!param_asan_instrument_writes || !param_hwasan_instrument_writes)) >> return; >> - if (!is_store && !param_asan_instrument_reads) >> + if (!is_store >> + && (!param_asan_instrument_reads || !param_hwasan_instrument_reads)) >> return; > > I know it's very unlikely, but one can use -fsanitize=address and > --param hwasan-instrument-reads=0 which will drop instrumentation of reads > for ASAN.
Ah! Thanks for the catch.
Updated patch is attached and has been tested.
I've also attached the patch including the new `Optimization` keyword to the
hwasan parameters to this email -- (putting both on this email to avoid a bit of
email spam).
>
> Similarly for other parameters.
>
> Martin
Inlining the new bit that avoids the problem you pointed out above, since
the implementation of that is the only new part someone might object to.
#######################################################################
diff --git a/gcc/asan.c b/gcc/asan.c
index
fe6841b4f084f75be534cc9653079ca0a5bdc94e..55723bf4d5d2a4111eb574d169f21332f6eb33ff
100644
--- a/gcc/asan.c
+++ b/gcc/asan.c
@@ -326,6 +326,25 @@ asan_sanitize_allocas_p (void)
return (asan_sanitize_stack_p () && param_asan_protect_allocas);
}
+bool
+asan_instrument_reads (void)
+{
+ return (sanitize_flags_p (SANITIZE_ADDRESS) && param_asan_instrument_reads);
+}
+
+bool
+asan_instrument_writes (void)
+{
+ return (sanitize_flags_p (SANITIZE_ADDRESS) && param_asan_instrument_writes);
+}
+
+bool
+asan_memintrin (void)
+{
+ return (sanitize_flags_p (SANITIZE_ADDRESS) && param_asan_memintrin);
+}
+
+
/* Checks whether section SEC should be sanitized. */
static bool
@@ -1382,6 +1673,28 @@ hwasan_sanitize_allocas_p (void)
return (hwasan_sanitize_stack_p () && param_hwasan_protect_allocas);
}
+/* Should we instrument reads? */
+bool
+hwasan_instrument_reads (void)
+{
+ return (hwasan_sanitize_p () && param_hwasan_instrument_reads);
+}
+
+/* Should we instrument writes? */
+bool
+hwasan_instrument_writes (void)
+{
+ return (hwasan_sanitize_p () && param_hwasan_instrument_writes);
+}
+
+/* Should we instrument builtin calls? */
+bool
+hwasan_memintrin (void)
+{
+ return (hwasan_sanitize_p () && param_hwasan_memintrin);
+}
+
+
/* Insert code to protect stack vars. The prologue sequence should be emitted
directly, epilogue sequence returned. BASE is the register holding the
stack base, against which OFFSETS array offsets are relative to, OFFSETS
@@ -2220,9 +2539,9 @@ static void
instrument_derefs (gimple_stmt_iterator *iter, tree t,
location_t location, bool is_store)
{
- if (is_store && !param_asan_instrument_writes)
+ if (is_store && !(asan_instrument_writes () || hwasan_instrument_writes ()))
return;
- if (!is_store && !param_asan_instrument_reads)
+ if (!is_store && !(asan_instrument_reads () || hwasan_instrument_reads ()))
return;
tree type, base;
@@ -2376,7 +2696,7 @@ instrument_mem_region_access (tree base, tree len,
static bool
instrument_builtin_call (gimple_stmt_iterator *iter)
{
- if (!param_asan_memintrin)
+ if (!(asan_memintrin () || hwasan_memintrin ()))
return false;
bool iter_advanced_p = false;
diff --git a/gcc/c-family/c-attribs.c b/gcc/c-family/c-attribs.c
index
77649e839c968c38485ea30d332576b9b089effe..c5746e3c89283ef0652de85cf6b94e76263aba38
100644
--- a/gcc/c-family/c-attribs.c
+++ b/gcc/c-family/c-attribs.c
@@ -54,6 +54,8 @@ static tree handle_cold_attribute (tree *, tree, tree, int,
bool *);
static tree handle_no_sanitize_attribute (tree *, tree, tree, int, bool *);
static tree handle_no_sanitize_address_attribute (tree *, tree, tree,
int, bool *);
+static tree handle_no_sanitize_hwaddress_attribute (tree *, tree, tree,
+ int, bool *);
static tree handle_no_sanitize_thread_attribute (tree *, tree, tree,
int, bool *);
static tree handle_no_address_safety_analysis_attribute (tree *, tree, tree,
@@ -412,6 +414,8 @@ const struct attribute_spec c_common_attribute_table[] =
handle_no_sanitize_attribute, NULL },
{ "no_sanitize_address", 0, 0, true, false, false, false,
handle_no_sanitize_address_attribute, NULL },
+ { "no_sanitize_hwaddress", 0, 0, true, false, false, false,
+ handle_no_sanitize_hwaddress_attribute, NULL },
{ "no_sanitize_thread", 0, 0, true, false, false, false,
handle_no_sanitize_thread_attribute, NULL },
{ "no_sanitize_undefined", 0, 0, true, false, false, false,
@@ -946,6 +950,22 @@ handle_no_sanitize_address_attribute (tree *node, tree
name, tree, int,
return NULL_TREE;
}
+/* Handle a "no_sanitize_hwaddress" attribute; arguments as in
+ struct attribute_spec.handler. */
+
+static tree
+handle_no_sanitize_hwaddress_attribute (tree *node, tree name, tree, int,
+ bool *no_add_attrs)
+{
+ *no_add_attrs = true;
+ if (TREE_CODE (*node) != FUNCTION_DECL)
+ warning (OPT_Wattributes, "%qE attribute ignored", name);
+ else
+ add_no_sanitize_value (*node, SANITIZE_HWADDRESS);
+
+ return NULL_TREE;
+}
+
/* Handle a "no_sanitize_thread" attribute; arguments as in
struct attribute_spec.handler. */
diff --git a/gcc/common.opt b/gcc/common.opt
index
9fc921109caa7744ad3ccde9d930cf53cfdf0811..217db2b1f1aa98cb0e7bf7077304edf998374fe6
100644
--- a/gcc/common.opt
+++ b/gcc/common.opt
@@ -212,7 +212,7 @@ unsigned int flag_sanitize
; What sanitizers should recover from errors
Variable
-unsigned int flag_sanitize_recover = (SANITIZE_UNDEFINED |
SANITIZE_UNDEFINED_NONDEFAULT | SANITIZE_KERNEL_ADDRESS) &
~(SANITIZE_UNREACHABLE | SANITIZE_RETURN)
+unsigned int flag_sanitize_recover = (SANITIZE_UNDEFINED |
SANITIZE_UNDEFINED_NONDEFAULT | SANITIZE_KERNEL_ADDRESS |
SANITIZE_KERNEL_HWADDRESS) & ~(SANITIZE_UNREACHABLE | SANITIZE_RETURN)
; What the coverage sanitizers should instrument
Variable
@@ -3321,6 +3321,9 @@ Driver
static-libasan
Driver
+static-libhwasan
+Driver
+
static-libtsan
Driver
diff --git a/gcc/config/aarch64/aarch64.c b/gcc/config/aarch64/aarch64.c
index
66e20becaf22469432a7f9d79ab4f4eb2706e1a6..c11f6f37317c945d9b5e9170803d6807e9501973
100644
--- a/gcc/config/aarch64/aarch64.c
+++ b/gcc/config/aarch64/aarch64.c
@@ -21723,6 +21723,15 @@ aarch64_stack_protect_guard (void)
return NULL_TREE;
}
+/* Implement TARGET_MEMTAG_CAN_TAG_ADDRESSES. Here we tell the rest of the
+ compiler that we automatically ignore the top byte of our pointers, which
+ allows using -fsanitize=hwaddress. */
+bool
+aarch64_can_tag_addresses ()
+{
+ return true;
+}
+
/* Implement TARGET_ASM_FILE_END for AArch64. This adds the AArch64 GNU NOTE
section at the end if needed. */
#define GNU_PROPERTY_AARCH64_FEATURE_1_AND 0xc0000000
@@ -22293,6 +22302,9 @@ aarch64_libgcc_floating_mode_supported_p
#undef TARGET_FNTYPE_ABI
#define TARGET_FNTYPE_ABI aarch64_fntype_abi
+#undef TARGET_MEMTAG_CAN_TAG_ADDRESSES
+#define TARGET_MEMTAG_CAN_TAG_ADDRESSES aarch64_can_tag_addresses
+
#if CHECKING_P
#undef TARGET_RUN_TARGET_SELFTESTS
#define TARGET_RUN_TARGET_SELFTESTS selftest::aarch64_run_selftests
diff --git a/gcc/config/gnu-user.h b/gcc/config/gnu-user.h
index
ff2e880b1fa81b76af866b6ba0e1fabf6d534f32..92950245e2b95c500da9df8b85940380e62030fa
100644
--- a/gcc/config/gnu-user.h
+++ b/gcc/config/gnu-user.h
@@ -129,14 +129,18 @@ see the files COPYING3 and COPYING.RUNTIME respectively.
If not, see
/* Link -lasan early on the command line. For -static-libasan, don't link
it for -shared link, the executable should be compiled with -static-libasan
in that case, and for executable link with --{,no-}whole-archive around
- it to force everything into the executable. And similarly for -ltsan
- and -llsan. */
+ it to force everything into the executable. And similarly for -ltsan,
+ -lhwasan, and -llsan. */
#if defined(HAVE_LD_STATIC_DYNAMIC)
#undef LIBASAN_EARLY_SPEC
#define LIBASAN_EARLY_SPEC "%{!shared:libasan_preinit%O%s} " \
"%{static-libasan:%{!shared:" \
LD_STATIC_OPTION " --whole-archive -lasan --no-whole-archive " \
LD_DYNAMIC_OPTION "}}%{!static-libasan:-lasan}"
+#undef LIBHWASAN_EARLY_SPEC
+#define LIBHWASAN_EARLY_SPEC "%{static-libhwasan:%{!shared:" \
+ LD_STATIC_OPTION " --whole-archive -lhwasan --no-whole-archive " \
+ LD_DYNAMIC_OPTION "}}%{!static-libhwasan:-lhwasan}"
#undef LIBTSAN_EARLY_SPEC
#define LIBTSAN_EARLY_SPEC "%{!shared:libtsan_preinit%O%s} " \
"%{static-libtsan:%{!shared:" \
diff --git a/gcc/cppbuiltin.c b/gcc/cppbuiltin.c
index
61efe9b2b75e961c15e9f399cafed559b5c8c9be..fc61c78a99373fcfbc2bb03a01134248214eb2d4
100644
--- a/gcc/cppbuiltin.c
+++ b/gcc/cppbuiltin.c
@@ -93,6 +93,9 @@ define_builtin_macros_for_compilation_flags (cpp_reader
*pfile)
if (flag_sanitize & SANITIZE_ADDRESS)
cpp_define (pfile, "__SANITIZE_ADDRESS__");
+ if (flag_sanitize & SANITIZE_HWADDRESS)
+ cpp_define (pfile, "__SANITIZE_HWADDRESS__");
+
if (flag_sanitize & SANITIZE_THREAD)
cpp_define (pfile, "__SANITIZE_THREAD__");
diff --git a/gcc/doc/invoke.texi b/gcc/doc/invoke.texi
index
2b07c09def8b434227ddd4f705530403f1d4b352..eb4a4ba3a9fa5874b21f08ed337635ba6d0cb644
100644
--- a/gcc/doc/invoke.texi
+++ b/gcc/doc/invoke.texi
@@ -12710,13 +12710,34 @@ more details. The run-time behavior can be
influenced using the
the available options are shown at startup of the instrumented program. See
@url{https://github.com/google/sanitizers/wiki/AddressSanitizerFlags#run-time-flags}
for a list of supported options.
-The option cannot be combined with @option{-fsanitize=thread}.
+The option cannot be combined with @option{-fsanitize=thread} or
+@option{-fsanitize=hwaddress}.
@item -fsanitize=kernel-address
@opindex fsanitize=kernel-address
Enable AddressSanitizer for Linux kernel.
See @uref{https://github.com/google/kasan/wiki} for more details.
+@item -fsanitize=hwaddress
+@opindex fsanitize=hwaddress
+Enable HardwareAddressSanitizer, a fast memory error detector.
+Memory access instructions are instrumented to detect out-of-bounds and
+use-after-free bugs.
+The option enables @option{-fsanitize-address-use-after-scope}.
+See
+@uref{https://clang.llvm.org/docs/HardwareAssistedAddressSanitizerDesign.html}
+for more details. The run-time behavior can be influenced using the
+@env{HWASAN_OPTIONS} environment variable. When set to @code{help=1},
+the available options are shown at startup of the instrumented program.
+The option cannot be combined with @option{-fsanitize=thread} or
+@option{-fsanitize=address}.
+
+@item -fsanitize=kernel-hwaddress
+@opindex fsanitize=kernel-hwaddress
+Enable HardwareAddressSanitizer for Linux kernel.
+Similar to @option{-fsanitize=kernel-address} but using the software tagging
+method of instrumentation.
+
@item -fsanitize=pointer-compare
@opindex fsanitize=pointer-compare
Instrument comparison operation (<, <=, >, >=) with pointer operands.
diff --git a/gcc/doc/tm.texi b/gcc/doc/tm.texi
index
0e90b31c537bbc5fe72866ebf76ab363d47f9926..64bcda42abf5f724fb4f1dbe418c870f7a810f29
100644
--- a/gcc/doc/tm.texi
+++ b/gcc/doc/tm.texi
@@ -2970,6 +2970,10 @@ This hook defines the machine mode to use for the
boolean result of conditional
A target hook which lets a backend compute the set of pressure classes to be
used by those optimization passes which take register pressure into account,
as opposed to letting IRA compute them. It returns the number of register
classes stored in the array @var{pressure_classes}.
@end deftypefn
+@deftypefn {Target Hook} bool TARGET_MEMTAG_CAN_TAG_ADDRESSES ()
+True if backend architecture naturally supports ignoring the top byte of
pointers. This feature means that @option{-fsanitize=hwaddress} can work.
+@end deftypefn
+
@node Stack and Calling
@section Stack Layout and Calling Conventions
@cindex calling conventions
diff --git a/gcc/doc/tm.texi.in b/gcc/doc/tm.texi.in
index
58647f052339c08522f04e1c76df7dd178cb4d21..78d87af7fffe7dba45616e36f1454b6d37d76bff
100644
--- a/gcc/doc/tm.texi.in
+++ b/gcc/doc/tm.texi.in
@@ -2373,6 +2373,8 @@ in the reload pass.
@hook TARGET_COMPUTE_PRESSURE_CLASSES
+@hook TARGET_MEMTAG_CAN_TAG_ADDRESSES
+
@node Stack and Calling
@section Stack Layout and Calling Conventions
@cindex calling conventions
diff --git a/gcc/flag-types.h b/gcc/flag-types.h
index
b092c563f3dae3ca841bc71855cec033d87d1edd..18280cbf6d8d1cfc5cc598a6c58282182cb8cf69
100644
--- a/gcc/flag-types.h
+++ b/gcc/flag-types.h
@@ -272,6 +272,9 @@ enum sanitize_code {
SANITIZE_BUILTIN = 1UL << 25,
SANITIZE_POINTER_COMPARE = 1UL << 26,
SANITIZE_POINTER_SUBTRACT = 1UL << 27,
+ SANITIZE_HWADDRESS = 1UL << 28,
+ SANITIZE_USER_HWADDRESS = 1UL << 29,
+ SANITIZE_KERNEL_HWADDRESS = 1UL << 30,
SANITIZE_SHIFT = SANITIZE_SHIFT_BASE | SANITIZE_SHIFT_EXPONENT,
SANITIZE_UNDEFINED = SANITIZE_SHIFT | SANITIZE_DIVIDE | SANITIZE_UNREACHABLE
| SANITIZE_VLA | SANITIZE_NULL | SANITIZE_RETURN
diff --git a/gcc/gcc.c b/gcc/gcc.c
index
effc384f3ef11a7e0e5a1e0469034b7d3ce1de7b..136229dacd78546dd3d750f1b2d16815ea47e4c4
100644
--- a/gcc/gcc.c
+++ b/gcc/gcc.c
@@ -707,6 +707,24 @@ proper position among the other output files. */
#define LIBASAN_EARLY_SPEC ""
#endif
+#ifndef LIBHWASAN_SPEC
+#define STATIC_LIBHWASAN_LIBS \
+ " %{static-libhwasan|static:%:include(libsanitizer.spec)%(link_libhwasan)}"
+#ifdef LIBHWASAN_EARLY_SPEC
+#define LIBHWASAN_SPEC STATIC_LIBHWASAN_LIBS
+#elif defined(HAVE_LD_STATIC_DYNAMIC)
+#define LIBHWASAN_SPEC "%{static-libhwasan:" LD_STATIC_OPTION \
+ "} -lhwasan %{static-libhwasan:" LD_DYNAMIC_OPTION "}" \
+ STATIC_LIBHWASAN_LIBS
+#else
+#define LIBHWASAN_SPEC "-lhwasan" STATIC_LIBHWASAN_LIBS
+#endif
+#endif
+
+#ifndef LIBHWASAN_EARLY_SPEC
+#define LIBHWASAN_EARLY_SPEC ""
+#endif
+
#ifndef LIBTSAN_SPEC
#define STATIC_LIBTSAN_LIBS \
" %{static-libtsan|static:%:include(libsanitizer.spec)%(link_libtsan)}"
@@ -981,6 +999,7 @@ proper position among the other output files. */
#ifndef SANITIZER_EARLY_SPEC
#define SANITIZER_EARLY_SPEC "\
%{!nostdlib:%{!r:%{!nodefaultlibs:%{%:sanitize(address):" LIBASAN_EARLY_SPEC
"} \
+ %{%:sanitize(hwaddress):" LIBHWASAN_EARLY_SPEC "} \
%{%:sanitize(thread):" LIBTSAN_EARLY_SPEC "} \
%{%:sanitize(leak):" LIBLSAN_EARLY_SPEC "}}}}"
#endif
@@ -990,6 +1009,8 @@ proper position among the other output files. */
#define SANITIZER_SPEC "\
%{!nostdlib:%{!r:%{!nodefaultlibs:%{%:sanitize(address):" LIBASAN_SPEC "\
%{static:%ecannot specify -static with -fsanitize=address}}\
+ %{%:sanitize(hwaddress):" LIBHWASAN_SPEC "\
+ %{static:%ecannot specify -static with -fsanitize=hwaddress}}\
%{%:sanitize(thread):" LIBTSAN_SPEC "\
%{static:%ecannot specify -static with -fsanitize=thread}}\
%{%:sanitize(undefined):" LIBUBSAN_SPEC "}\
@@ -9434,8 +9455,12 @@ sanitize_spec_function (int argc, const char **argv)
if (strcmp (argv[0], "address") == 0)
return (flag_sanitize & SANITIZE_USER_ADDRESS) ? "" : NULL;
+ if (strcmp (argv[0], "hwaddress") == 0)
+ return (flag_sanitize & SANITIZE_USER_HWADDRESS) ? "" : NULL;
if (strcmp (argv[0], "kernel-address") == 0)
return (flag_sanitize & SANITIZE_KERNEL_ADDRESS) ? "" : NULL;
+ if (strcmp (argv[0], "kernel-hwaddress") == 0)
+ return (flag_sanitize & SANITIZE_KERNEL_HWADDRESS) ? "" : NULL;
if (strcmp (argv[0], "thread") == 0)
return (flag_sanitize & SANITIZE_THREAD) ? "" : NULL;
if (strcmp (argv[0], "undefined") == 0)
diff --git a/gcc/opts.c b/gcc/opts.c
index
d5efadb4334640cab854fa8483ef29316a5a5b42..3998331aa55b856d83e8aa01eff642adfaf512ef
100644
--- a/gcc/opts.c
+++ b/gcc/opts.c
@@ -1094,6 +1094,13 @@ finish_options (struct gcc_options *opts, struct
gcc_options *opts_set,
"%<-fsanitize=address%> or %<-fsanitize=kernel-address%>");
}
+ /* Userspace and kernel HWasan conflict with each other. */
+ if ((opts->x_flag_sanitize & SANITIZE_USER_HWADDRESS)
+ && (opts->x_flag_sanitize & SANITIZE_KERNEL_HWADDRESS))
+ error_at (loc,
+ "%<-fsanitize=hwaddress%> is incompatible with "
+ "%<-fsanitize=kernel-hwaddress%>");
+
/* Userspace and kernel ASan conflict with each other. */
if ((opts->x_flag_sanitize & SANITIZE_USER_ADDRESS)
&& (opts->x_flag_sanitize & SANITIZE_KERNEL_ADDRESS))
@@ -1113,6 +1120,20 @@ finish_options (struct gcc_options *opts, struct
gcc_options *opts_set,
error_at (loc,
"%<-fsanitize=leak%> is incompatible with %<-fsanitize=thread%>");
+ /* HWASan and ASan conflict with each other. */
+ if ((opts->x_flag_sanitize & SANITIZE_ADDRESS)
+ && (opts->x_flag_sanitize & SANITIZE_HWADDRESS))
+ error_at (loc,
+ "%<-fsanitize=hwaddress%> is incompatible with both "
+ "%<-fsanitize=address%> and %<-fsanitize=kernel-address%>");
+
+ /* HWASan conflicts with TSan. */
+ if ((opts->x_flag_sanitize & SANITIZE_HWADDRESS)
+ && (opts->x_flag_sanitize & SANITIZE_THREAD))
+ error_at (loc,
+ "%<-fsanitize=hwaddress%> is incompatible with "
+ "%<-fsanitize=thread%>");
+
/* Check error recovery for -fsanitize-recover option. */
for (int i = 0; sanitizer_opts[i].name != NULL; ++i)
if ((opts->x_flag_sanitize_recover & sanitizer_opts[i].flag)
@@ -1130,9 +1151,10 @@ finish_options (struct gcc_options *opts, struct
gcc_options *opts_set,
if (opts->x_flag_sanitize & ~(SANITIZE_LEAK | SANITIZE_UNREACHABLE))
opts->x_flag_aggressive_loop_optimizations = 0;
- /* Enable -fsanitize-address-use-after-scope if address sanitizer is
+ /* Enable -fsanitize-address-use-after-scope if either address sanitizer is
enabled. */
- if (opts->x_flag_sanitize & SANITIZE_USER_ADDRESS)
+ if (opts->x_flag_sanitize
+ & (SANITIZE_USER_ADDRESS | SANITIZE_USER_HWADDRESS))
SET_OPTION_IF_UNSET (opts, opts_set, flag_sanitize_address_use_after_scope,
true);
@@ -1711,8 +1733,13 @@ const struct sanitizer_opts_s sanitizer_opts[] =
#define SANITIZER_OPT(name, flags, recover) \
{ #name, flags, sizeof #name - 1, recover }
SANITIZER_OPT (address, (SANITIZE_ADDRESS | SANITIZE_USER_ADDRESS), true),
+ SANITIZER_OPT (hwaddress, (SANITIZE_HWADDRESS | SANITIZE_USER_HWADDRESS),
+ true),
SANITIZER_OPT (kernel-address, (SANITIZE_ADDRESS | SANITIZE_KERNEL_ADDRESS),
true),
+ SANITIZER_OPT (kernel-hwaddress,
+ (SANITIZE_HWADDRESS | SANITIZE_KERNEL_HWADDRESS),
+ true),
SANITIZER_OPT (pointer-compare, SANITIZE_POINTER_COMPARE, true),
SANITIZER_OPT (pointer-subtract, SANITIZE_POINTER_SUBTRACT, true),
SANITIZER_OPT (thread, SANITIZE_THREAD, false),
@@ -2237,6 +2264,12 @@ common_handle_option (struct gcc_options *opts,
SET_OPTION_IF_UNSET (opts, opts_set, param_asan_protect_allocas, 0);
SET_OPTION_IF_UNSET (opts, opts_set, param_asan_use_after_return, 0);
}
+ if (opts->x_flag_sanitize & SANITIZE_KERNEL_HWADDRESS)
+ {
+ SET_OPTION_IF_UNSET (opts, opts_set, param_hwasan_stack, 0);
+ SET_OPTION_IF_UNSET (opts, opts_set, param_hwasan_random_frame_tag,
0);
+ SET_OPTION_IF_UNSET (opts, opts_set, param_hwasan_protect_allocas, 0);
+ }
break;
case OPT_fsanitize_recover_:
diff --git a/gcc/params.opt b/gcc/params.opt
index
5d39244761a0af8935629a2a599dcd497be1781b..002bda7d31c9d10ab198a9213b831f21545c62c1
100644
--- a/gcc/params.opt
+++ b/gcc/params.opt
@@ -62,6 +62,30 @@ Enable asan stack protection.
Common Joined UInteger Var(param_asan_use_after_return) Init(1)
IntegerRange(0, 1) Param Optimization
Enable asan detection of use-after-return bugs.
+-param=hwasan-stack=
+Common Joined UInteger Var(param_hwasan_stack) Init(1) IntegerRange(0, 1)
Param Optimization
+Enable hwasan stack protection.
+
+-param=hwasan-random-frame-tag=
+Common Joined UInteger Var(param_hwasan_random_frame_tag) Init(1)
IntegerRange(0, 1) Param Optimization
+Use random base tag for each frame, as opposed to base always zero.
+
+-param=hwasan-instrument-allocas=
+Common Joined UInteger Var(param_hwasan_protect_allocas) Init(1)
IntegerRange(0, 1) Param Optimization
+Enable hwasan allocas/VLAs protection.
+
+-param=hwasan-instrument-reads=
+Common Joined UInteger Var(param_hwasan_instrument_reads) Init(1)
IntegerRange(0, 1) Param Optimization
+Enable hwasan load operations protection.
+
+-param=hwasan-instrument-writes=
+Common Joined UInteger Var(param_hwasan_instrument_writes) Init(1)
IntegerRange(0, 1) Param Optimization
+Enable hwasan store operations protection.
+
+-param=hwasan-memintrin=
+Common Joined UInteger Var(param_hwasan_memintrin) Init(1) IntegerRange(0, 1)
Param Optimization
+Enable hwasan builtin functions protection.
+
-param=avg-loop-niter=
Common Joined UInteger Var(param_avg_loop_niter) Init(10) IntegerRange(1,
65536) Param Optimization
Average number of iterations of a loop.
diff --git a/gcc/target.def b/gcc/target.def
index
b11c7bf6d6558a2d6f335a66228bf312e7fc1b20..fa37f453889ede6d015d2b8f8970f189418a2da6
100644
--- a/gcc/target.def
+++ b/gcc/target.def
@@ -6787,6 +6787,17 @@ DEFHOOK
HOOK_VECTOR_END (mode_switching)
#undef HOOK_PREFIX
+#define HOOK_PREFIX "TARGET_MEMTAG_"
+HOOK_VECTOR (TARGET_MEMTAG_, memtag)
+
+DEFHOOK
+(can_tag_addresses,
+ "True if backend architecture naturally supports ignoring the top byte of\
+ pointers. This feature means that @option{-fsanitize=hwaddress} can work.",
+ bool, (), default_memtag_can_tag_addresses)
+
+HOOK_VECTOR_END (memtag)
+#undef HOOK_PREFIX
#define HOOK_PREFIX "TARGET_"
#define DEF_TARGET_INSN(NAME, PROTO) \
diff --git a/gcc/targhooks.h b/gcc/targhooks.h
index
72f3064e8f8d173fac7058840ffa269e6eaff98b..68b109c5a0ac4a80a504c7cbff9b98233d0257be
100644
--- a/gcc/targhooks.h
+++ b/gcc/targhooks.h
@@ -283,4 +283,5 @@ extern bool default_have_speculation_safe_value (bool);
extern bool speculation_safe_value_not_needed (bool);
extern rtx default_speculation_safe_value (machine_mode, rtx, rtx, rtx);
+extern bool default_memtag_can_tag_addresses ();
#endif /* GCC_TARGHOOKS_H */
diff --git a/gcc/targhooks.c b/gcc/targhooks.c
index
4819bb8058fa5920e19d6ab5f2f7cc4e66aeec11..d9f0e18a2c5fb86d4fb1682cd446cce32ac029e1
100644
--- a/gcc/targhooks.c
+++ b/gcc/targhooks.c
@@ -2364,4 +2364,10 @@ default_speculation_safe_value (machine_mode mode
ATTRIBUTE_UNUSED,
return result;
}
+bool
+default_memtag_can_tag_addresses ()
+{
+ return false;
+}
+
#include "gt-targhooks.h"
diff --git a/gcc/toplev.c b/gcc/toplev.c
index
0d70f6c07a0398c3a43e7df8a840aacab16d24d8..1007e90b5d56f4783f5ef0afc805f0f4bd147894
100644
--- a/gcc/toplev.c
+++ b/gcc/toplev.c
@@ -1826,6 +1826,16 @@ process_options (void)
flag_sanitize &= ~SANITIZE_ADDRESS;
}
+ /* HWAsan requires top byte ignore feature in the backend. */
+ if (flag_sanitize & SANITIZE_HWADDRESS
+ && ! targetm.memtag.can_tag_addresses ())
+ {
+ warning_at (UNKNOWN_LOCATION, 0,
+ "%<-fsanitize=hwaddress%> can not be implemented on "
+ "a backend that does not ignore the top byte of a pointer");
+ flag_sanitize &= ~SANITIZE_HWADDRESS;
+ }
+
/* Do not use IPA optimizations for register allocation if profiler is active
or patchable function entries are inserted for run-time instrumentation
or port does not emit prologue and epilogue as RTL. */
hwasan-patch5.patch.gz
Description: hwasan-patch5.patch.gz
