[strcat]

HWAsan is semi-hardware-accelerated memory tagging usable on most arm64 devices. MTE makes it much lower overhead for the debugging-oriented synchronous mode but also provides the asynchronous/asymmetric modes aimed at production usage. Asynchronous mode is near 0% overhead and asymmetric mode is overall comparable to the overhead existing barely useful legacy mitigations like SSP. MTE provides both bug detection in production for resolving the bugs and also hardening against exploitation. It would be nice if it had more bits, but it can already provide a lot of deterministic protections.

Highly recommend that any Android developer with a single native library shipped with their app gets a Pixel 8 or Pixel 8 Pro to use MTE for finding and debugging memory corruption bugs. One of the major advantages of MTE is that you can use heap MTE with instrumentation only added to the allocators (such as malloc) without building all the code with it. Stack allocation MTE of course requires instrumenting those stack allocations.