public inbox for gcc-cvs@sourceware.org
help / color / mirror / Atom feed
* [gcc(refs/users/aoliva/heads/testme)] hardcfr docs: add checking at exceptions and noreturn calls
@ 2022-08-24 16:53 Alexandre Oliva
0 siblings, 0 replies; 5+ messages in thread
From: Alexandre Oliva @ 2022-08-24 16:53 UTC (permalink / raw)
To: gcc-cvs
https://gcc.gnu.org/g:27964f6ee0310bfa250ed5ccd54efb8623dcce93
commit 27964f6ee0310bfa250ed5ccd54efb8623dcce93
Author: Alexandre Oliva <oliva@adacore.com>
Date: Wed Aug 24 13:37:00 2022 -0300
hardcfr docs: add checking at exceptions and noreturn calls
Diff:
---
gcc/ada/doc/gnat_rm/security_hardening_features.rst | 15 ++++++++++-----
1 file changed, 10 insertions(+), 5 deletions(-)
diff --git a/gcc/ada/doc/gnat_rm/security_hardening_features.rst b/gcc/ada/doc/gnat_rm/security_hardening_features.rst
index f5fdc8e46b4..b7803cde588 100644
--- a/gcc/ada/doc/gnat_rm/security_hardening_features.rst
+++ b/gcc/ada/doc/gnat_rm/security_hardening_features.rst
@@ -263,11 +263,16 @@ For each block that is marked as visited, the mechanism checks that at
least one of its predecessors, and at least one of its successors, are
also marked as visited.
-Verification is performed just before returning. Subprogram
-executions that complete by raising or propagating an exception bypass
-verification-and-return points. A subprogram that can only complete
-by raising or propagating an exception may have instrumentation
-disabled altogether.
+Verification is performed just before returns, tail- and noreturn
+calls. Furthermore, any subprogram from which an exception may
+escape, i.e., that may raise or propagate an exception that isn't
+handled internally, is automatically enclosed by a cleanup handler
+that performs verification. When a noreturn call returns control to
+its caller through an exception, verification will have already been
+performed before the call, but it will take place again when the
+caller reaches the next verification point, whether it is the end of
+the enclosing cleanup handler, a return or reraise statement after the
+exception is otherwise handled, or even another noreturn call.
The instrumentation for hardening with control flow redundancy can be
observed in dump files generated by the command-line option
^ permalink raw reply [flat|nested] 5+ messages in thread
* [gcc(refs/users/aoliva/heads/testme)] hardcfr docs: add checking at exceptions and noreturn calls
@ 2022-08-24 22:59 Alexandre Oliva
0 siblings, 0 replies; 5+ messages in thread
From: Alexandre Oliva @ 2022-08-24 22:59 UTC (permalink / raw)
To: gcc-cvs
https://gcc.gnu.org/g:f2eb2a1c61110fbed1729123656bb58aa035d251
commit f2eb2a1c61110fbed1729123656bb58aa035d251
Author: Alexandre Oliva <oliva@adacore.com>
Date: Wed Aug 24 19:58:01 2022 -0300
hardcfr docs: add checking at exceptions and noreturn calls
Diff:
---
gcc/ada/doc/gnat_rm/security_hardening_features.rst | 15 ++++++++++-----
1 file changed, 10 insertions(+), 5 deletions(-)
diff --git a/gcc/ada/doc/gnat_rm/security_hardening_features.rst b/gcc/ada/doc/gnat_rm/security_hardening_features.rst
index f5fdc8e46b4..b7803cde588 100644
--- a/gcc/ada/doc/gnat_rm/security_hardening_features.rst
+++ b/gcc/ada/doc/gnat_rm/security_hardening_features.rst
@@ -263,11 +263,16 @@ For each block that is marked as visited, the mechanism checks that at
least one of its predecessors, and at least one of its successors, are
also marked as visited.
-Verification is performed just before returning. Subprogram
-executions that complete by raising or propagating an exception bypass
-verification-and-return points. A subprogram that can only complete
-by raising or propagating an exception may have instrumentation
-disabled altogether.
+Verification is performed just before returns, tail- and noreturn
+calls. Furthermore, any subprogram from which an exception may
+escape, i.e., that may raise or propagate an exception that isn't
+handled internally, is automatically enclosed by a cleanup handler
+that performs verification. When a noreturn call returns control to
+its caller through an exception, verification will have already been
+performed before the call, but it will take place again when the
+caller reaches the next verification point, whether it is the end of
+the enclosing cleanup handler, a return or reraise statement after the
+exception is otherwise handled, or even another noreturn call.
The instrumentation for hardening with control flow redundancy can be
observed in dump files generated by the command-line option
^ permalink raw reply [flat|nested] 5+ messages in thread
* [gcc(refs/users/aoliva/heads/testme)] hardcfr docs: add checking at exceptions and noreturn calls
@ 2022-08-24 22:45 Alexandre Oliva
0 siblings, 0 replies; 5+ messages in thread
From: Alexandre Oliva @ 2022-08-24 22:45 UTC (permalink / raw)
To: gcc-cvs
https://gcc.gnu.org/g:a79cda91d1232a12ebf9cf4a0368ce7e9a043e67
commit a79cda91d1232a12ebf9cf4a0368ce7e9a043e67
Author: Alexandre Oliva <oliva@adacore.com>
Date: Wed Aug 24 13:37:00 2022 -0300
hardcfr docs: add checking at exceptions and noreturn calls
Diff:
---
gcc/ada/doc/gnat_rm/security_hardening_features.rst | 15 ++++++++++-----
1 file changed, 10 insertions(+), 5 deletions(-)
diff --git a/gcc/ada/doc/gnat_rm/security_hardening_features.rst b/gcc/ada/doc/gnat_rm/security_hardening_features.rst
index f5fdc8e46b4..b7803cde588 100644
--- a/gcc/ada/doc/gnat_rm/security_hardening_features.rst
+++ b/gcc/ada/doc/gnat_rm/security_hardening_features.rst
@@ -263,11 +263,16 @@ For each block that is marked as visited, the mechanism checks that at
least one of its predecessors, and at least one of its successors, are
also marked as visited.
-Verification is performed just before returning. Subprogram
-executions that complete by raising or propagating an exception bypass
-verification-and-return points. A subprogram that can only complete
-by raising or propagating an exception may have instrumentation
-disabled altogether.
+Verification is performed just before returns, tail- and noreturn
+calls. Furthermore, any subprogram from which an exception may
+escape, i.e., that may raise or propagate an exception that isn't
+handled internally, is automatically enclosed by a cleanup handler
+that performs verification. When a noreturn call returns control to
+its caller through an exception, verification will have already been
+performed before the call, but it will take place again when the
+caller reaches the next verification point, whether it is the end of
+the enclosing cleanup handler, a return or reraise statement after the
+exception is otherwise handled, or even another noreturn call.
The instrumentation for hardening with control flow redundancy can be
observed in dump files generated by the command-line option
^ permalink raw reply [flat|nested] 5+ messages in thread
* [gcc(refs/users/aoliva/heads/testme)] hardcfr docs: add checking at exceptions and noreturn calls
@ 2022-08-24 19:39 Alexandre Oliva
0 siblings, 0 replies; 5+ messages in thread
From: Alexandre Oliva @ 2022-08-24 19:39 UTC (permalink / raw)
To: gcc-cvs
https://gcc.gnu.org/g:66687c95a0658c74e4ad1ae015cc8baa37a91e10
commit 66687c95a0658c74e4ad1ae015cc8baa37a91e10
Author: Alexandre Oliva <oliva@adacore.com>
Date: Wed Aug 24 13:37:00 2022 -0300
hardcfr docs: add checking at exceptions and noreturn calls
Diff:
---
gcc/ada/doc/gnat_rm/security_hardening_features.rst | 15 ++++++++++-----
1 file changed, 10 insertions(+), 5 deletions(-)
diff --git a/gcc/ada/doc/gnat_rm/security_hardening_features.rst b/gcc/ada/doc/gnat_rm/security_hardening_features.rst
index f5fdc8e46b4..b7803cde588 100644
--- a/gcc/ada/doc/gnat_rm/security_hardening_features.rst
+++ b/gcc/ada/doc/gnat_rm/security_hardening_features.rst
@@ -263,11 +263,16 @@ For each block that is marked as visited, the mechanism checks that at
least one of its predecessors, and at least one of its successors, are
also marked as visited.
-Verification is performed just before returning. Subprogram
-executions that complete by raising or propagating an exception bypass
-verification-and-return points. A subprogram that can only complete
-by raising or propagating an exception may have instrumentation
-disabled altogether.
+Verification is performed just before returns, tail- and noreturn
+calls. Furthermore, any subprogram from which an exception may
+escape, i.e., that may raise or propagate an exception that isn't
+handled internally, is automatically enclosed by a cleanup handler
+that performs verification. When a noreturn call returns control to
+its caller through an exception, verification will have already been
+performed before the call, but it will take place again when the
+caller reaches the next verification point, whether it is the end of
+the enclosing cleanup handler, a return or reraise statement after the
+exception is otherwise handled, or even another noreturn call.
The instrumentation for hardening with control flow redundancy can be
observed in dump files generated by the command-line option
^ permalink raw reply [flat|nested] 5+ messages in thread
* [gcc(refs/users/aoliva/heads/testme)] hardcfr docs: add checking at exceptions and noreturn calls
@ 2022-08-10 23:51 Alexandre Oliva
0 siblings, 0 replies; 5+ messages in thread
From: Alexandre Oliva @ 2022-08-10 23:51 UTC (permalink / raw)
To: gcc-cvs
https://gcc.gnu.org/g:0ab4e8d54edbf52d34639dedcea3cb19eddb1b7a
commit 0ab4e8d54edbf52d34639dedcea3cb19eddb1b7a
Author: Alexandre Oliva <oliva@adacore.com>
Date: Wed Aug 10 20:43:29 2022 -0300
hardcfr docs: add checking at exceptions and noreturn calls
Diff:
---
gcc/ada/doc/gnat_rm/security_hardening_features.rst | 15 ++++++++++-----
1 file changed, 10 insertions(+), 5 deletions(-)
diff --git a/gcc/ada/doc/gnat_rm/security_hardening_features.rst b/gcc/ada/doc/gnat_rm/security_hardening_features.rst
index f5fdc8e46b4..b7803cde588 100644
--- a/gcc/ada/doc/gnat_rm/security_hardening_features.rst
+++ b/gcc/ada/doc/gnat_rm/security_hardening_features.rst
@@ -263,11 +263,16 @@ For each block that is marked as visited, the mechanism checks that at
least one of its predecessors, and at least one of its successors, are
also marked as visited.
-Verification is performed just before returning. Subprogram
-executions that complete by raising or propagating an exception bypass
-verification-and-return points. A subprogram that can only complete
-by raising or propagating an exception may have instrumentation
-disabled altogether.
+Verification is performed just before returns, tail- and noreturn
+calls. Furthermore, any subprogram from which an exception may
+escape, i.e., that may raise or propagate an exception that isn't
+handled internally, is automatically enclosed by a cleanup handler
+that performs verification. When a noreturn call returns control to
+its caller through an exception, verification will have already been
+performed before the call, but it will take place again when the
+caller reaches the next verification point, whether it is the end of
+the enclosing cleanup handler, a return or reraise statement after the
+exception is otherwise handled, or even another noreturn call.
The instrumentation for hardening with control flow redundancy can be
observed in dump files generated by the command-line option
^ permalink raw reply [flat|nested] 5+ messages in thread
end of thread, other threads:[~2022-08-24 22:59 UTC | newest]
Thread overview: 5+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2022-08-24 16:53 [gcc(refs/users/aoliva/heads/testme)] hardcfr docs: add checking at exceptions and noreturn calls Alexandre Oliva
-- strict thread matches above, loose matches on Subject: below --
2022-08-24 22:59 Alexandre Oliva
2022-08-24 22:45 Alexandre Oliva
2022-08-24 19:39 Alexandre Oliva
2022-08-10 23:51 Alexandre Oliva
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).