public inbox for gcc-bugs@sourceware.org
help / color / mirror / Atom feed
* [Bug target/98997] New: Linking mismatched -fcf-protection objects generates incorrect code
@ 2021-02-08 6:15 luto at kernel dot org
2021-02-08 9:38 ` [Bug target/98997] " rguenth at gcc dot gnu.org
` (5 more replies)
0 siblings, 6 replies; 7+ messages in thread
From: luto at kernel dot org @ 2021-02-08 6:15 UTC (permalink / raw)
To: gcc-bugs
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=98997
Bug ID: 98997
Summary: Linking mismatched -fcf-protection objects generates
incorrect code
Product: gcc
Version: unknown
Status: UNCONFIRMED
Severity: normal
Priority: P3
Component: target
Assignee: unassigned at gcc dot gnu.org
Reporter: luto at kernel dot org
Target Milestone: ---
$ gcc --version
gcc (GCC) 10.2.1 20201125 (Red Hat 10.2.1-9)
Copyright (C) 2020 Free Software Foundation, Inc.
This is free software; see the source for copying conditions. There is NO
warranty; not even for MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.
$ cat cet1.c
#include <setjmp.h>
void test(jmp_buf buf)
{
__builtin_longjmp(buf, 1);
}
$ cat cet2.c
#include <setjmp.h>
void test(jmp_buf buf);
int main()
{
jmp_buf buf;
if (__builtin_setjmp(buf) == 0)
test(buf);
return 0;
}
$ gcc -c -O2 cet1.c -fcf-protection=full
$ gcc -c -O2 cet2.c
$ gcc -o cet -O2 cet1.o cet2.o
$ ./cet
Illegal instruction (core dumped)
Presumably the magic CET fixup in the builtin setjmp/longjmp requires that
matching code is generated for both. I'm testing on a non-CET system.
I haven't even tried to figure out if anything sensible happens to the CET GNU
property, but I think the current GCC behavior is impolite at best. I think
GCC should do one of a few things:
1. Generate working code.
2. Fail to link.
3. At least document this pitfall very clearly.
I really hope this doesn't affect shared objects.
^ permalink raw reply [flat|nested] 7+ messages in thread
* [Bug target/98997] Linking mismatched -fcf-protection objects generates incorrect code
2021-02-08 6:15 [Bug target/98997] New: Linking mismatched -fcf-protection objects generates incorrect code luto at kernel dot org
@ 2021-02-08 9:38 ` rguenth at gcc dot gnu.org
2021-02-08 12:54 ` hjl.tools at gmail dot com
` (4 subsequent siblings)
5 siblings, 0 replies; 7+ messages in thread
From: rguenth at gcc dot gnu.org @ 2021-02-08 9:38 UTC (permalink / raw)
To: gcc-bugs
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=98997
Richard Biener <rguenth at gcc dot gnu.org> changed:
What |Removed |Added
----------------------------------------------------------------------------
Version|unknown |10.2.1
Target| |x86_64-*-* i?86-*-*
--- Comment #1 from Richard Biener <rguenth at gcc dot gnu.org> ---
__builtin{setjmp,longjmp} are internal to GCC (for SJLJ EH), they do _not_
map to setjmp/longjmp in glibc. Just in case this matters here.
^ permalink raw reply [flat|nested] 7+ messages in thread
* [Bug target/98997] Linking mismatched -fcf-protection objects generates incorrect code
2021-02-08 6:15 [Bug target/98997] New: Linking mismatched -fcf-protection objects generates incorrect code luto at kernel dot org
2021-02-08 9:38 ` [Bug target/98997] " rguenth at gcc dot gnu.org
@ 2021-02-08 12:54 ` hjl.tools at gmail dot com
2021-02-08 17:38 ` luto at kernel dot org
` (3 subsequent siblings)
5 siblings, 0 replies; 7+ messages in thread
From: hjl.tools at gmail dot com @ 2021-02-08 12:54 UTC (permalink / raw)
To: gcc-bugs
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=98997
H.J. Lu <hjl.tools at gmail dot com> changed:
What |Removed |Added
----------------------------------------------------------------------------
Ever confirmed|0 |1
Last reconfirmed| |2021-02-08
Status|UNCONFIRMED |NEW
--- Comment #2 from H.J. Lu <hjl.tools at gmail dot com> ---
A patch is posted at
https://gcc.gnu.org/pipermail/gcc-patches/2021-February/564972.html
^ permalink raw reply [flat|nested] 7+ messages in thread
* [Bug target/98997] Linking mismatched -fcf-protection objects generates incorrect code
2021-02-08 6:15 [Bug target/98997] New: Linking mismatched -fcf-protection objects generates incorrect code luto at kernel dot org
2021-02-08 9:38 ` [Bug target/98997] " rguenth at gcc dot gnu.org
2021-02-08 12:54 ` hjl.tools at gmail dot com
@ 2021-02-08 17:38 ` luto at kernel dot org
2021-02-08 17:42 ` luto at kernel dot org
` (2 subsequent siblings)
5 siblings, 0 replies; 7+ messages in thread
From: luto at kernel dot org @ 2021-02-08 17:38 UTC (permalink / raw)
To: gcc-bugs
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=98997
--- Comment #3 from Andy Lutomirski <luto at kernel dot org> ---
What is -fcf-protection=stack actually supposed to do as compared to
-fcf-protection=none? Is it valid to run code compiled with
-fcf-protection=none with SHSTK enabled? If so, then I wonder why
-fcf-protection=stack exists at all. If not, then I'm wondering why your patch
seems to be effectively hardcoding "stack" mode for SJLJ?
You could probably fix this bug differently by changing __builtin_setjmp() to
store 0 for SSP in "none" mode. Then at least -fcf-protection=none wouldn't
emit CET code.
^ permalink raw reply [flat|nested] 7+ messages in thread
* [Bug target/98997] Linking mismatched -fcf-protection objects generates incorrect code
2021-02-08 6:15 [Bug target/98997] New: Linking mismatched -fcf-protection objects generates incorrect code luto at kernel dot org
` (2 preceding siblings ...)
2021-02-08 17:38 ` luto at kernel dot org
@ 2021-02-08 17:42 ` luto at kernel dot org
2021-02-08 18:43 ` hjl.tools at gmail dot com
2021-02-08 18:44 ` hjl.tools at gmail dot com
5 siblings, 0 replies; 7+ messages in thread
From: luto at kernel dot org @ 2021-02-08 17:42 UTC (permalink / raw)
To: gcc-bugs
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=98997
--- Comment #4 from Andy Lutomirski <luto at kernel dot org> ---
I should add: on brief inspection, that patch looks like an ABI break for
-fcf-protection=none
^ permalink raw reply [flat|nested] 7+ messages in thread
* [Bug target/98997] Linking mismatched -fcf-protection objects generates incorrect code
2021-02-08 6:15 [Bug target/98997] New: Linking mismatched -fcf-protection objects generates incorrect code luto at kernel dot org
` (3 preceding siblings ...)
2021-02-08 17:42 ` luto at kernel dot org
@ 2021-02-08 18:43 ` hjl.tools at gmail dot com
2021-02-08 18:44 ` hjl.tools at gmail dot com
5 siblings, 0 replies; 7+ messages in thread
From: hjl.tools at gmail dot com @ 2021-02-08 18:43 UTC (permalink / raw)
To: gcc-bugs
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=98997
--- Comment #5 from H.J. Lu <hjl.tools at gmail dot com> ---
(In reply to Andy Lutomirski from comment #3)
> What is -fcf-protection=stack actually supposed to do as compared to
It is -fcf-protection=return.
> -fcf-protection=none? Is it valid to run code compiled with
> -fcf-protection=none with SHSTK enabled? If so, then I wonder why
No. The binary will crash.
> -fcf-protection=stack exists at all. If not, then I'm wondering why your
> patch seems to be effectively hardcoding "stack" mode for SJLJ?
>
Correct.
^ permalink raw reply [flat|nested] 7+ messages in thread
* [Bug target/98997] Linking mismatched -fcf-protection objects generates incorrect code
2021-02-08 6:15 [Bug target/98997] New: Linking mismatched -fcf-protection objects generates incorrect code luto at kernel dot org
` (4 preceding siblings ...)
2021-02-08 18:43 ` hjl.tools at gmail dot com
@ 2021-02-08 18:44 ` hjl.tools at gmail dot com
5 siblings, 0 replies; 7+ messages in thread
From: hjl.tools at gmail dot com @ 2021-02-08 18:44 UTC (permalink / raw)
To: gcc-bugs
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=98997
--- Comment #6 from H.J. Lu <hjl.tools at gmail dot com> ---
(In reply to Andy Lutomirski from comment #4)
> I should add: on brief inspection, that patch looks like an ABI break for
> -fcf-protection=none
True if __builtin_longjmp and __builtin_setjmp are compiled by different
compilers.
^ permalink raw reply [flat|nested] 7+ messages in thread
end of thread, other threads:[~2021-02-08 18:44 UTC | newest]
Thread overview: 7+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2021-02-08 6:15 [Bug target/98997] New: Linking mismatched -fcf-protection objects generates incorrect code luto at kernel dot org
2021-02-08 9:38 ` [Bug target/98997] " rguenth at gcc dot gnu.org
2021-02-08 12:54 ` hjl.tools at gmail dot com
2021-02-08 17:38 ` luto at kernel dot org
2021-02-08 17:42 ` luto at kernel dot org
2021-02-08 18:43 ` hjl.tools at gmail dot com
2021-02-08 18:44 ` hjl.tools at gmail dot com
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).