From: soeren@soeren-tempel.net
To: gcc-patches@gcc.gnu.org
Cc: richard.sandiford@arm.com
Subject: [PATCH v3] Disable -fsplit-stack support on non-glibc targets
Date: Fri, 21 Jan 2022 20:16:11 +0100 [thread overview]
Message-ID: <20220121191610.8305-1-soeren@soeren-tempel.net> (raw)
In-Reply-To: <mptpmomnhof.fsf@arm.com>
From: Sören Tempel <soeren@soeren-tempel.net>
The -fsplit-stack option requires the pthread_t TCB definition in the
libc to provide certain struct fields at specific hardcoded offsets. As
far as I know, only glibc provides these fields at the required offsets.
Most notably, musl libc does not have these fields. However, since gcc
accesses the fields using a fixed offset, this does not cause a
compile-time error, but instead results in a silent memory corruption at
run-time with musl libc. For example, on s390x libgcc's
__stack_split_initialize CTOR will overwrite the cancel field in the
pthread_t TCB on musl.
The -fsplit-stack option is used within the gcc code base itself by
gcc-go (if available). On musl-based systems with split-stack support
(i.e. s390x or x86) this causes Go programs compiled with gcc-go to
misbehave at run-time.
This patch fixes gcc-go on musl by disabling -fsplit-stack in gcc itself
since it is not supported on non-glibc targets anyhow. This is achieved
by checking if gcc targets a glibc-based system. This check has been
added for x86 and s390x, the rs6000 config already checks for
TARGET_GLIBC_MAJOR. Other architectures do not have split-stack
support. With this patch applied, the gcc-go configure script will
detect that -fsplit-stack support is not available and will not use it.
See https://www.openwall.com/lists/musl/2012/10/16/12
This patch was written under the assumption that glibc is the only libc
implementation which supports the required fields at the required
offsets in the pthread_t TCB. The patch has been tested on Alpine Linux
Edge on the s390x and x86 architectures by bootstrapping Google's Go
implementation with gcc-go.
Signed-off-by: Sören Tempel <soeren@soeren-tempel.net>
gcc/ChangeLog:
* common/config/s390/s390-common.c (s390_supports_split_stack):
Only support split-stack on glibc targets.
* config/i386/gnu-user-common.h (STACK_CHECK_STATIC_BUILTIN): Ditto.
* config/i386/gnu.h (defined): Ditto.
---
This version of the patch fixes a few codingstyle violations pointed out
to me by Richard Sandiford, it does not include any functional changes
compared to previous versions of this patch.
gcc/common/config/s390/s390-common.cc | 14 ++++++++++----
gcc/config/i386/gnu-user-common.h | 5 +++--
gcc/config/i386/gnu.h | 5 ++++-
3 files changed, 17 insertions(+), 7 deletions(-)
diff --git a/gcc/common/config/s390/s390-common.cc b/gcc/common/config/s390/s390-common.cc
index 6ed2f89f3d0..547b0826f93 100644
--- a/gcc/common/config/s390/s390-common.cc
+++ b/gcc/common/config/s390/s390-common.cc
@@ -116,13 +116,19 @@ s390_handle_option (struct gcc_options *opts ATTRIBUTE_UNUSED,
/* -fsplit-stack uses a field in the TCB, available with glibc-2.23.
We don't verify it, since earlier versions just have padding at
- its place, which works just as well. */
+ its place, which works just as well. For other libc implementations
+ we disable the feature entirely to avoid corrupting the TCB. */
static bool
-s390_supports_split_stack (bool report ATTRIBUTE_UNUSED,
- struct gcc_options *opts ATTRIBUTE_UNUSED)
+s390_supports_split_stack (bool report,
+ struct gcc_options *opts)
{
- return true;
+ if (opts->x_linux_libc == LIBC_GLIBC)
+ return true;
+
+ if (report)
+ error ("%<-fsplit-stack%> currently only supported on GNU/Linux");
+ return false;
}
#undef TARGET_DEFAULT_TARGET_FLAGS
diff --git a/gcc/config/i386/gnu-user-common.h b/gcc/config/i386/gnu-user-common.h
index 23b54c5be52..7525f788a9c 100644
--- a/gcc/config/i386/gnu-user-common.h
+++ b/gcc/config/i386/gnu-user-common.h
@@ -66,7 +66,8 @@ along with GCC; see the file COPYING3. If not see
#define STACK_CHECK_STATIC_BUILTIN 1
/* We only build the -fsplit-stack support in libgcc if the
- assembler has full support for the CFI directives. */
-#if HAVE_GAS_CFI_PERSONALITY_DIRECTIVE
+ assembler has full support for the CFI directives and
+ targets glibc. */
+#if HAVE_GAS_CFI_PERSONALITY_DIRECTIVE && OPTION_GLIBC
#define TARGET_CAN_SPLIT_STACK
#endif
diff --git a/gcc/config/i386/gnu.h b/gcc/config/i386/gnu.h
index 401e60c9a02..daa505a5d45 100644
--- a/gcc/config/i386/gnu.h
+++ b/gcc/config/i386/gnu.h
@@ -35,7 +35,10 @@ along with GCC. If not, see <http://www.gnu.org/licenses/>.
crti.o%s %{static:crtbeginT.o%s;shared|pie:crtbeginS.o%s;:crtbegin.o%s}"
#endif
-#ifdef TARGET_LIBC_PROVIDES_SSP
+/* -fsplit-stack uses a field in the TCB at a fixed offset. This
+ field is only available for glibc. Disable -fsplit-stack for
+ other libc implementations to avoid silent TCB corruptions. */
+#if defined (TARGET_LIBC_PROVIDES_SSP) && OPTION_GLIBC
/* i386 glibc provides __stack_chk_guard in %gs:0x14. */
#define TARGET_THREAD_SSP_OFFSET 0x14
next prev parent reply other threads:[~2022-01-21 19:18 UTC|newest]
Thread overview: 28+ messages / expand[flat|nested] mbox.gz Atom feed top
2021-12-18 10:43 [PATCH] " soeren
2021-12-18 10:54 ` Andrew Pinski
2021-12-18 11:13 ` Sören Tempel
2021-12-18 11:22 ` Andrew Pinski
2021-12-18 12:19 ` [PATCH v2] " soeren
2022-01-20 20:45 ` Sören Tempel
2022-01-20 22:52 ` Richard Sandiford
2022-01-21 7:32 ` Andreas Krebbel
2022-01-21 8:17 ` Uros Bizjak
2022-01-21 19:16 ` soeren [this message]
2022-01-21 19:23 ` [PATCH v3] " Richard Sandiford
2022-01-21 19:47 ` H.J. Lu
2022-01-21 20:09 ` H.J. Lu
2022-01-21 20:18 ` Jakub Jelinek
2022-01-21 21:31 ` [PATCH] x86: Properly disable " H.J. Lu
2022-01-21 21:42 ` Jakub Jelinek
2022-01-21 21:57 ` [PATCH v2] " H.J. Lu
2022-01-21 22:14 ` Jakub Jelinek
2022-01-21 19:53 ` [PATCH v2] Disable " H.J. Lu
2022-01-21 20:43 ` Sören Tempel
2022-01-22 9:32 ` [PATCH] " Martin Liška
2022-01-22 9:35 ` Jakub Jelinek
2022-01-22 12:16 ` Jakub Jelinek
2022-01-22 18:03 ` Jakub Jelinek
2022-01-23 9:06 ` Uros Bizjak
2022-01-23 10:06 ` Jakub Jelinek
2022-01-24 9:33 ` Jakub Jelinek
2022-01-24 10:09 ` Richard Biener
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20220121191610.8305-1-soeren@soeren-tempel.net \
--to=soeren@soeren-tempel.net \
--cc=gcc-patches@gcc.gnu.org \
--cc=richard.sandiford@arm.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).