From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: by sourceware.org (Postfix, from userid 1130) id 922B23858C60; Fri, 21 Jan 2022 19:22:55 +0000 (GMT) DKIM-Filter: OpenDKIM Filter v2.11.0 sourceware.org 922B23858C60 MIME-Version: 1.0 Content-Transfer-Encoding: 8bit Content-Type: text/plain; charset="utf-8" From: Richard Sandiford To: gcc-cvs@gcc.gnu.org Subject: [gcc r12-6807] Disable -fsplit-stack support on non-glibc targets X-Act-Checkin: gcc X-Git-Author: =?utf-8?q?S=C3=B6ren_Tempel?= X-Git-Refname: refs/heads/master X-Git-Oldrev: afe91e2566f47a6041f45095a48fc255625cb468 X-Git-Newrev: c163647ffbc9a20c8feb6e079dbecccfe016c82e Message-Id: <20220121192255.922B23858C60@sourceware.org> Date: Fri, 21 Jan 2022 19:22:55 +0000 (GMT) X-BeenThere: gcc-cvs@gcc.gnu.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: Gcc-cvs mailing list List-Unsubscribe: , List-Archive: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 21 Jan 2022 19:22:55 -0000 https://gcc.gnu.org/g:c163647ffbc9a20c8feb6e079dbecccfe016c82e commit r12-6807-gc163647ffbc9a20c8feb6e079dbecccfe016c82e Author: Sören Tempel Date: Fri Jan 21 19:22:46 2022 +0000 Disable -fsplit-stack support on non-glibc targets The -fsplit-stack option requires the pthread_t TCB definition in the libc to provide certain struct fields at specific hardcoded offsets. As far as I know, only glibc provides these fields at the required offsets. Most notably, musl libc does not have these fields. However, since gcc accesses the fields using a fixed offset, this does not cause a compile-time error, but instead results in a silent memory corruption at run-time with musl libc. For example, on s390x libgcc's __stack_split_initialize CTOR will overwrite the cancel field in the pthread_t TCB on musl. The -fsplit-stack option is used within the gcc code base itself by gcc-go (if available). On musl-based systems with split-stack support (i.e. s390x or x86) this causes Go programs compiled with gcc-go to misbehave at run-time. This patch fixes gcc-go on musl by disabling -fsplit-stack in gcc itself since it is not supported on non-glibc targets anyhow. This is achieved by checking if gcc targets a glibc-based system. This check has been added for x86 and s390x, the rs6000 config already checks for TARGET_GLIBC_MAJOR. Other architectures do not have split-stack support. With this patch applied, the gcc-go configure script will detect that -fsplit-stack support is not available and will not use it. See https://www.openwall.com/lists/musl/2012/10/16/12 This patch was written under the assumption that glibc is the only libc implementation which supports the required fields at the required offsets in the pthread_t TCB. The patch has been tested on Alpine Linux Edge on the s390x and x86 architectures by bootstrapping Google's Go implementation with gcc-go. Signed-off-by: Sören Tempel gcc/ChangeLog: * common/config/s390/s390-common.cc (s390_supports_split_stack): Only support split-stack on glibc targets. * config/i386/gnu-user-common.h (STACK_CHECK_STATIC_BUILTIN): Ditto. * config/i386/gnu.h (defined): Ditto. Diff: --- gcc/common/config/s390/s390-common.cc | 14 ++++++++++---- gcc/config/i386/gnu-user-common.h | 5 +++-- gcc/config/i386/gnu.h | 5 ++++- 3 files changed, 17 insertions(+), 7 deletions(-) diff --git a/gcc/common/config/s390/s390-common.cc b/gcc/common/config/s390/s390-common.cc index 6ed2f89f3d0..547b0826f93 100644 --- a/gcc/common/config/s390/s390-common.cc +++ b/gcc/common/config/s390/s390-common.cc @@ -116,13 +116,19 @@ s390_handle_option (struct gcc_options *opts ATTRIBUTE_UNUSED, /* -fsplit-stack uses a field in the TCB, available with glibc-2.23. We don't verify it, since earlier versions just have padding at - its place, which works just as well. */ + its place, which works just as well. For other libc implementations + we disable the feature entirely to avoid corrupting the TCB. */ static bool -s390_supports_split_stack (bool report ATTRIBUTE_UNUSED, - struct gcc_options *opts ATTRIBUTE_UNUSED) +s390_supports_split_stack (bool report, + struct gcc_options *opts) { - return true; + if (opts->x_linux_libc == LIBC_GLIBC) + return true; + + if (report) + error ("%<-fsplit-stack%> currently only supported on GNU/Linux"); + return false; } #undef TARGET_DEFAULT_TARGET_FLAGS diff --git a/gcc/config/i386/gnu-user-common.h b/gcc/config/i386/gnu-user-common.h index 23b54c5be52..7525f788a9c 100644 --- a/gcc/config/i386/gnu-user-common.h +++ b/gcc/config/i386/gnu-user-common.h @@ -66,7 +66,8 @@ along with GCC; see the file COPYING3. If not see #define STACK_CHECK_STATIC_BUILTIN 1 /* We only build the -fsplit-stack support in libgcc if the - assembler has full support for the CFI directives. */ -#if HAVE_GAS_CFI_PERSONALITY_DIRECTIVE + assembler has full support for the CFI directives and + targets glibc. */ +#if HAVE_GAS_CFI_PERSONALITY_DIRECTIVE && OPTION_GLIBC #define TARGET_CAN_SPLIT_STACK #endif diff --git a/gcc/config/i386/gnu.h b/gcc/config/i386/gnu.h index 401e60c9a02..daa505a5d45 100644 --- a/gcc/config/i386/gnu.h +++ b/gcc/config/i386/gnu.h @@ -35,7 +35,10 @@ along with GCC. If not, see . crti.o%s %{static:crtbeginT.o%s;shared|pie:crtbeginS.o%s;:crtbegin.o%s}" #endif -#ifdef TARGET_LIBC_PROVIDES_SSP +/* -fsplit-stack uses a field in the TCB at a fixed offset. This + field is only available for glibc. Disable -fsplit-stack for + other libc implementations to avoid silent TCB corruptions. */ +#if defined (TARGET_LIBC_PROVIDES_SSP) && OPTION_GLIBC /* i386 glibc provides __stack_chk_guard in %gs:0x14. */ #define TARGET_THREAD_SSP_OFFSET 0x14