[llvm-dev] [MTE] Globals Tagging - Discussion
Szabolcs Nagy via llvm-dev
llvm-dev at lists.llvm.org
Tue Nov 10 02:18:11 PST 2020
* Mitch Phillips <mitchp at google.com> [2020-10-09 13:17:06 -0700]:
>
> > static int a[8];
> > static int *p = a - 5;
> > ...
> > p[10] = 1;
> > should work (even if it's not valid in c it can be valid as
> > a c extension or written in asm, so ELF should support it).
>
>
> IMO this is exactly the kind of thing that MTE is trying to *prevent*. I
> don't see why we would want to support something like this.
sorry for the late answer, but i disagree.
the compiler can generate such code for good reasons,
and it can be useful in high level program code too.
mte is not for interfering with pointer arithmetics,
but to check invalid memory access at load/store time
if we can tie the dereferenced pointer to an object.
there is no reason to assume a pointer can be always
dereferenced. (and i think it's not relevant that iso
c happens to allow pointers past the end of an array,
even if that was forbidden, the construct should be
supported in elf not to restrict code generators.)
i think if the pointers cannot be tied to an object
then the object must not be tagged, and if they can be
then that should be represented in the relocation
(so you need a symbolic relocation and object bounds
for the symbol even if the symbol is not visible. i
think it's also fine to have a separate object bounds
table for hidden symbols and reference that instead of
the symbol table, i'm not sure if this needs a new
relocation type or changing relative relocs is enough)
More information about the llvm-dev
mailing list