public inbox for gcc-cvs@sourceware.org help / color / mirror / Atom feed
From: Alexandre Oliva <aoliva@gcc.gnu.org> To: gcc-cvs@gcc.gnu.org Subject: [gcc(refs/users/aoliva/heads/testme)] hardcfr docs: add checking at exceptions and noreturn calls Date: Wed, 24 Aug 2022 16:53:03 +0000 (GMT) [thread overview] Message-ID: <20220824165303.9718C385356F@sourceware.org> (raw) https://gcc.gnu.org/g:27964f6ee0310bfa250ed5ccd54efb8623dcce93 commit 27964f6ee0310bfa250ed5ccd54efb8623dcce93 Author: Alexandre Oliva <oliva@adacore.com> Date: Wed Aug 24 13:37:00 2022 -0300 hardcfr docs: add checking at exceptions and noreturn calls Diff: --- gcc/ada/doc/gnat_rm/security_hardening_features.rst | 15 ++++++++++----- 1 file changed, 10 insertions(+), 5 deletions(-) diff --git a/gcc/ada/doc/gnat_rm/security_hardening_features.rst b/gcc/ada/doc/gnat_rm/security_hardening_features.rst index f5fdc8e46b4..b7803cde588 100644 --- a/gcc/ada/doc/gnat_rm/security_hardening_features.rst +++ b/gcc/ada/doc/gnat_rm/security_hardening_features.rst @@ -263,11 +263,16 @@ For each block that is marked as visited, the mechanism checks that at least one of its predecessors, and at least one of its successors, are also marked as visited. -Verification is performed just before returning. Subprogram -executions that complete by raising or propagating an exception bypass -verification-and-return points. A subprogram that can only complete -by raising or propagating an exception may have instrumentation -disabled altogether. +Verification is performed just before returns, tail- and noreturn +calls. Furthermore, any subprogram from which an exception may +escape, i.e., that may raise or propagate an exception that isn't +handled internally, is automatically enclosed by a cleanup handler +that performs verification. When a noreturn call returns control to +its caller through an exception, verification will have already been +performed before the call, but it will take place again when the +caller reaches the next verification point, whether it is the end of +the enclosing cleanup handler, a return or reraise statement after the +exception is otherwise handled, or even another noreturn call. The instrumentation for hardening with control flow redundancy can be observed in dump files generated by the command-line option
next reply other threads:[~2022-08-24 16:53 UTC|newest] Thread overview: 5+ messages / expand[flat|nested] mbox.gz Atom feed top 2022-08-24 16:53 Alexandre Oliva [this message] -- strict thread matches above, loose matches on Subject: below -- 2022-08-24 22:59 Alexandre Oliva 2022-08-24 22:45 Alexandre Oliva 2022-08-24 19:39 Alexandre Oliva 2022-08-10 23:51 Alexandre Oliva
Reply instructions: You may reply publicly to this message via plain-text email using any one of the following methods: * Save the following mbox file, import it into your mail client, and reply-to-all from there: mbox Avoid top-posting and favor interleaved quoting: https://en.wikipedia.org/wiki/Posting_style#Interleaved_style * Reply using the --to, --cc, and --in-reply-to switches of git-send-email(1): git send-email \ --in-reply-to=20220824165303.9718C385356F@sourceware.org \ --to=aoliva@gcc.gnu.org \ --cc=gcc-cvs@gcc.gnu.org \ /path/to/YOUR_REPLY https://kernel.org/pub/software/scm/git/docs/git-send-email.html * If your mail client supports setting the In-Reply-To header via mailto: links, try the mailto: linkBe sure your reply has a Subject: header at the top and a blank line before the message body.
This is a public inbox, see mirroring instructions for how to clone and mirror all data and code used for this inbox; as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).