Lines Matching refs:shadow

14 to a separately allocated 'shadow call stack' in the function prolog in
15 non-leaf functions and loading the return address from the shadow call stack
32 To optimize for memory consumption and cache locality, the shadow call
38 `Return Flow Guard`_ is a pure software implementation of shadow call stacks
44 extension that would add native support to use a shadow stack to store/check
69 leaking the shadow call stack address.
94 The instrumentation makes use of the ``x18`` register to reference the shadow
95 call stack, meaning that references to the shadow call stack do not have
97 avoids exposing the address of the shadow call stack to attackers that can
100 to discover the address of the shadow call stack.
106 Unless care is taken when allocating the shadow call stack, it may be
111 used as the address of the shadow call stack and mark only that region as
121 The runtime will need the address of the shadow call stack in order to
126 stored at the start of the shadow call stack itself. But if it is possible
131 shadow call stack at thread exit. This is considered acceptable given that
134 One way in which the address of the shadow call stack could leak is in the
137 ``jmp_buf``, which requires the address of the shadow call stack to be
149 To enable ShadowCallStack, just pass the ``-fsanitize=shadow-call-stack``
171 ``__attribute__((no_sanitize("shadow-call-stack")))``
174 Use ``__attribute__((no_sanitize("shadow-call-stack")))`` on a function
175 declaration to specify that the shadow call stack instrumentation should not be
200 Adding ``-fsanitize=shadow-call-stack`` would output the following assembly: