From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from mail-pf1-x434.google.com (mail-pf1-x434.google.com [IPv6:2607:f8b0:4864:20::434]) by sourceware.org (Postfix) with ESMTPS id 1DBB73857C58 for ; Sat, 30 Jul 2022 20:30:04 +0000 (GMT) DMARC-Filter: OpenDMARC Filter v1.4.1 sourceware.org 1DBB73857C58 Received: by mail-pf1-x434.google.com with SMTP id u133so696462pfc.10 for ; Sat, 30 Jul 2022 13:30:04 -0700 (PDT) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=x-gm-message-state:message-id:date:mime-version:user-agent:subject :content-language:to:references:from:in-reply-to :content-transfer-encoding; bh=kLM6r50cHrapKOL97MFXiUq1U19kxCB0XQ4WIocsLEA=; b=EkEZS8YrzCBghKk+uJVXvCoWxZoySrJlTpVXbBiNgxg7Uhg+okNkNsKsmtdWGSqZHj S28uqH8wBUgmHecVxINseZHmOGmuuLD1ggmVNdXWhhy0aFj5l37LnpqrFpcNTb8oNIdx fFkhh3QKxWzUP8Dsx8O3bdY0Vln+vjuOQ7MGaRP5k5q0dUu+46DBO86zJag1ERwp6FVl 3cTS0mYKRQglVw1+HSVA3yk+0rNYMD3OaM+LZBRPto4K0zPmJ9+uU5y1JOOh0WZdk8yv 7fBRVkUhCyslScVQqVMxvG0QKr1a3k307SwWIL7KnQ68OYQZWmRHvUkTLHKs1qt50Nke 9m4g== X-Gm-Message-State: AJIora99W32M731/IlapzZcKUYndUc96VkiGhtoLboE7WNFHkJxDQ/34 aOhaIdV5rjYNSBcNDkZ5eRhBnS9KEbY= X-Google-Smtp-Source: AGRyM1sAWQsm6LXqEgVkb4eu63Srkv10q1YASCbx59RHInvTZlFDxpYH48/DKigCYaSbyatkFbEY4Q== X-Received: by 2002:a05:6a00:816:b0:52a:dea8:26a2 with SMTP id m22-20020a056a00081600b0052adea826a2mr9106678pfk.36.1659213002448; Sat, 30 Jul 2022 13:30:02 -0700 (PDT) Received: from [172.31.0.204] (c-73-98-188-51.hsd1.ut.comcast.net. [73.98.188.51]) by smtp.gmail.com with ESMTPSA id u12-20020a62790c000000b005252a06750esm980163pfc.182.2022.07.30.13.30.01 for (version=TLS1_3 cipher=TLS_AES_128_GCM_SHA256 bits=128/128); Sat, 30 Jul 2022 13:30:01 -0700 (PDT) Message-ID: <8088866d-2dd2-35ff-587b-567cb60db84e@gmail.com> Date: Sat, 30 Jul 2022 14:30:00 -0600 MIME-Version: 1.0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:91.0) Gecko/20100101 Thunderbird/91.11.0 Subject: Re: [PATCH] stack-protector: Check stack canary for noreturn function Content-Language: en-US To: gcc-patches@gcc.gnu.org References: <20220714215522.359952-1-hjl.tools@gmail.com> From: Jeff Law In-Reply-To: <20220714215522.359952-1-hjl.tools@gmail.com> Content-Type: text/plain; charset=UTF-8; format=flowed Content-Transfer-Encoding: 8bit X-Spam-Status: No, score=-2.2 required=5.0 tests=BAYES_00, DKIM_SIGNED, DKIM_VALID, DKIM_VALID_AU, DKIM_VALID_EF, FREEMAIL_FROM, NICE_REPLY_A, RCVD_IN_DNSWL_NONE, SPF_HELO_NONE, SPF_PASS, TXREP autolearn=ham autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on server2.sourceware.org X-BeenThere: gcc-patches@gcc.gnu.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: Gcc-patches mailing list List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 30 Jul 2022 20:30:05 -0000 On 7/14/2022 3:55 PM, H.J. Lu via Gcc-patches wrote: > Check stack canary for noreturn function to catch stack corruption > before calling noreturn function. For C++, check stack canary when > throwing exception or resuming stack unwind to avoid corrupted stack. > > gcc/ > > PR middle-end/58245 > * calls.cc (expand_call): Check stack canary for noreturn > function. > > gcc/testsuite/ > > PR middle-end/58245 > * c-c++-common/pr58245-1.c: New test. > * g++.dg/pr58245-1.C: Likewise. > * g++.dg/fstack-protector-strong.C: Adjusted. But is this really something we want?   I'd actually lean towards eliminating the useless load -- I don't necessarily think we should be treating non-returning paths specially here. The whole point of the stack protector is to prevent the *return* path from going to an attacker controlled location.  I'm not sure checking the protector at this point actually does anything particularly useful. jeff