From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from EUR04-VI1-obe.outbound.protection.outlook.com (mail-vi1eur04on2042.outbound.protection.outlook.com [40.107.8.42]) by sourceware.org (Postfix) with ESMTPS id E7A953856B4B for ; Tue, 6 Dec 2022 10:50:49 +0000 (GMT) DMARC-Filter: OpenDMARC Filter v1.4.1 sourceware.org E7A953856B4B Authentication-Results: sourceware.org; dmarc=pass (p=none dis=none) header.from=arm.com Authentication-Results: sourceware.org; spf=pass smtp.mailfrom=arm.com DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=armh.onmicrosoft.com; s=selector2-armh-onmicrosoft-com; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=V5IkvzNYLP2r4+rV1QkRqVp2ipFNTgteXfvAimyqYvw=; b=atckAbsVXG/fPN1WlKYWkfDlM/ioiLeNpIHs3s8CPIKGLJHEKpKMQUErhljNtp5SO3Ex/sbZgoOckyev40OzrWluyu+gA5OcjyB9GY2cY9mutcQRsZAf7Ippv/PYVCAV424VEAZ8Ds8DFganT/H08GKyXaDQ5v381zRwHned7bQ= Received: from FR3P281CA0061.DEUP281.PROD.OUTLOOK.COM (2603:10a6:d10:4b::9) by GV1PR08MB8308.eurprd08.prod.outlook.com (2603:10a6:150:a5::9) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.5880.13; Tue, 6 Dec 2022 10:50:47 +0000 Received: from VI1EUR03FT017.eop-EUR03.prod.protection.outlook.com (2603:10a6:d10:4b:cafe::c3) by FR3P281CA0061.outlook.office365.com (2603:10a6:d10:4b::9) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.5901.8 via Frontend Transport; Tue, 6 Dec 2022 10:50:47 +0000 X-MS-Exchange-Authentication-Results: spf=pass (sender IP is 63.35.35.123) smtp.mailfrom=arm.com; dkim=pass (signature was verified) header.d=armh.onmicrosoft.com;dmarc=pass action=none header.from=arm.com; Received-SPF: Pass (protection.outlook.com: domain of arm.com designates 63.35.35.123 as permitted sender) receiver=protection.outlook.com; client-ip=63.35.35.123; helo=64aa7808-outbound-1.mta.getcheckrecipient.com; pr=C Received: from 64aa7808-outbound-1.mta.getcheckrecipient.com (63.35.35.123) by VI1EUR03FT017.mail.protection.outlook.com (100.127.145.12) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.5880.14 via Frontend Transport; Tue, 6 Dec 2022 10:50:46 +0000 Received: ("Tessian outbound 58faf9791229:v130"); Tue, 06 Dec 2022 10:50:46 +0000 X-CheckRecipientChecked: true X-CR-MTA-CID: 1535336cd568009b X-CR-MTA-TID: 64aa7808 Received: from 195990bb372f.1 by 64aa7808-outbound-1.mta.getcheckrecipient.com id A30FBC14-BB83-4D61-B354-CDE526A8AF6F.1; Tue, 06 Dec 2022 10:50:36 +0000 Received: from EUR04-HE1-obe.outbound.protection.outlook.com by 64aa7808-outbound-1.mta.getcheckrecipient.com with ESMTPS id 195990bb372f.1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384); Tue, 06 Dec 2022 10:50:36 +0000 ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=YU+v1h2H47If6MgC9EYVodJH1DqEiAoaJ/9i/a6+D3rHyfJ4Qh72HqvKDbcfr3nuzJjc9/ID3nnqRHO5wpN6rZgx1xrwRwe1PYBgQdyT1P1a5UsHs2UlSZo+B5cQXKRq93p4zagMh18/dkfp6eHV0NHJaum/kRtRqVEBO0GA7pESFpyyytZ5xlstk5aGvYLrPS+leNprcFgZiC6dlGr5RGXUWXg6Msh9Q0ErZz5PpuJ5ls7LCZ1lqjFP4+MgRvP/putDJ2WjsoBTISSqcdVpkW1q8CUPNOa7aaSuve6v1b7klFAjdX3RnTr/zIevGK2mddMQrXw3bOWgcFEtZFZ/dA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=V5IkvzNYLP2r4+rV1QkRqVp2ipFNTgteXfvAimyqYvw=; b=QF0nqw85o/pTp4GlxYYc6/PDdFsgxUZkiyqLhO9NH0kofVSZxfyLWZi2f0wO8Rt+9lDeXPMT0OlfYKJaZi3U6wCo1jv3PTzUgDN2Mcze5YOVmqt6k61LAw+paWuSlYjcTv0NkCKMm+h/AVDwdh9kkRCydh63YqSTsWHjTQQCJFOc3KNSnCJs7ioh7nohsenBc9Tsxmo3dYPWSui+nfUD1lvuKAYq6fpF8nKr/aET0hrP8VG6NJ1iLMclmD27AxmeBQHbUZ9UNI9MXt1tsuVjWKiCs/ZTqKtweaumUWhYI+bevVrsgYXMGkmCYejzoqaugFSD9q0jlpJTirMRCv/mzQ== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=arm.com; dmarc=pass action=none header.from=arm.com; dkim=pass header.d=arm.com; arc=none DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=armh.onmicrosoft.com; s=selector2-armh-onmicrosoft-com; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=V5IkvzNYLP2r4+rV1QkRqVp2ipFNTgteXfvAimyqYvw=; b=atckAbsVXG/fPN1WlKYWkfDlM/ioiLeNpIHs3s8CPIKGLJHEKpKMQUErhljNtp5SO3Ex/sbZgoOckyev40OzrWluyu+gA5OcjyB9GY2cY9mutcQRsZAf7Ippv/PYVCAV424VEAZ8Ds8DFganT/H08GKyXaDQ5v381zRwHned7bQ= Authentication-Results-Original: dkim=none (message not signed) header.d=none;dmarc=none action=none header.from=arm.com; Received: from DB9PR08MB7179.eurprd08.prod.outlook.com (2603:10a6:10:2cc::19) by AM7PR08MB5352.eurprd08.prod.outlook.com (2603:10a6:20b:10e::8) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.5880.13; Tue, 6 Dec 2022 10:50:33 +0000 Received: from DB9PR08MB7179.eurprd08.prod.outlook.com ([fe80::81ce:94a0:632d:7016]) by DB9PR08MB7179.eurprd08.prod.outlook.com ([fe80::81ce:94a0:632d:7016%3]) with mapi id 15.20.5880.014; Tue, 6 Dec 2022 10:50:33 +0000 Date: Tue, 6 Dec 2022 10:50:17 +0000 From: Szabolcs Nagy To: Wilco Dijkstra , GCC Patches , richard.sandiford@arm.com Subject: Re: [PATCH] libgcc: Fix uninitialized RA signing on AArch64 [PR107678] Message-ID: References: Content-Type: text/plain; charset=utf-8 Content-Disposition: inline In-Reply-To: X-ClientProxiedBy: LO4P265CA0022.GBRP265.PROD.OUTLOOK.COM (2603:10a6:600:2ae::14) To DB9PR08MB7179.eurprd08.prod.outlook.com (2603:10a6:10:2cc::19) MIME-Version: 1.0 X-MS-TrafficTypeDiagnostic: DB9PR08MB7179:EE_|AM7PR08MB5352:EE_|VI1EUR03FT017:EE_|GV1PR08MB8308:EE_ X-MS-Office365-Filtering-Correlation-Id: c3766c0b-7755-4963-5b66-08dad777bb59 x-checkrecipientrouted: true NoDisclaimer: true X-MS-Exchange-SenderADCheck: 1 X-MS-Exchange-AntiSpam-Relay: 0 X-Microsoft-Antispam-Untrusted: BCL:0; X-Microsoft-Antispam-Message-Info-Original: PnV9Hk3QVUQ38PK4m86pOhzmERnwoiSxPu35fTw0jvZpvUWXgNr6toDkhTyTxZKro366CyzB/Y7MhBFiNDeFsRWQ53C9dMzFBMShnyuU2jXrpOicq+gZC2l8znyxk3PxjXH50sd6MzQ6Kl0tJvQDOCkUUwazY9Pz9ggzhUElR6E5a/miLogTL74+lgfUTkSXRYMvPekMTWoqfExHUj78Osw7InCF90Whtoai0KS4Hf90f0FvlRU798ayv0lOj9JxYT8+uZ2rRMl+TzyqxhsSvtX6IKvYh4ASUAKEFU5TCRUZXdA5w6v4XbzTP0LJUsolX142T9guWPCL/snQbpHa8gBJMZF9F+punPJM7f3QoAg8yBbZB+Vy/BzWkcSIVHIZ0N8/w11zzvFs+5SIx6115UuiSvJmo4V4RtbOBBSCTVcKo0DU4nsI7R1WINKOtE7cu4aLjQxRaR4hcIcf/EjfKQ1p8bX7MPy14dlX1evo870oNBE+BxBJa2kJjqUZKlaHgy/itCbMpKsWcWI5786G7iaTRA1nu/Rn4wX/GhLfK93IGABh10Adua3h8Z0XEC2sRz6jjCF2uJWfESCn31V0VbpM5+jXpmBaihbDi7cL4pqh5iiU8nLT0QiNfRe6dZsnPOkexVii86ewWBebR7j4AdyRlFv24tNKcNBI6b8Bs5NskVDRl30ambjKmR7EB6Tr X-Forefront-Antispam-Report-Untrusted: CIP:255.255.255.255;CTRY:;LANG:en;SCL:1;SRV:;IPV:NLI;SFV:NSPM;H:DB9PR08MB7179.eurprd08.prod.outlook.com;PTR:;CAT:NONE;SFS:(13230022)(4636009)(376002)(346002)(39860400002)(396003)(366004)(136003)(451199015)(6666004)(6506007)(8936002)(41300700001)(66946007)(66476007)(66556008)(8676002)(36756003)(2906002)(44832011)(6636002)(478600001)(6486002)(316002)(38100700002)(86362001)(5660300002)(186003)(110136005)(6512007)(83380400001)(26005)(2616005)(67856001);DIR:OUT;SFP:1101; X-MS-Exchange-Transport-CrossTenantHeadersStamped: AM7PR08MB5352 Original-Authentication-Results: dkim=none (message not signed) header.d=none;dmarc=none action=none header.from=arm.com; X-EOPAttributedMessage: 0 X-MS-Exchange-Transport-CrossTenantHeadersStripped: VI1EUR03FT017.eop-EUR03.prod.protection.outlook.com X-MS-PublicTrafficType: Email X-MS-Office365-Filtering-Correlation-Id-Prvs: 27f4683f-6738-477b-c633-08dad777b2c0 X-Microsoft-Antispam: BCL:0; X-Microsoft-Antispam-Message-Info: YlGhU+p+pk9ExG1sEHbMP1DjTXWJAEGe8oO1NRTP7c6Yx/21397F9RPoc/PCCk5xqrU/ATCw3dJEE4a7QJUqQSVR25WaYTE7hBKaIgnDdSGrgaeR5M1GX5Y2bX5mrNMyyozXDlZVZQfB0vX/JNZLDi1pmrCRo/7lJpsB1VLcSW/+jDPbf6x155gU+QZLmKkcagVZmUWQKouUHMps9uyMtAQ51czpct3Q6vhaBRmNqEw2WVfXWojTvhonMdnxoVa/nOr55kKluBgBnjpTdA2vTt/WhG7YPnCJ7FurD+FBtruiRo9w27cq7wWuaSt/PWuwykBSFOszvRv8jqMIW6mEAvFpDtIgIXzSQFdUQdXOfIaNaTKTbqpu1wuKNv0d9uu23l3L7ojDkMPsmSHDDgymB61TN/a97htKjP3JNZvSri+PJ2RPDv/xd0ZnCz352fEnD+u0s4as7gSKB+hO1WW9/SSCjSKInZ3zl+QXv9rsSgeMZemmheVpLPbZLezB3GmQ0ewNdcq+IYnZjT5FpPGQ/eOVI2OAJKAFSxU/6IXV0SLOv0Vdxa81NMsYoV7pEnNfqz9QcXFOH4SHpVWQHW1i3LSsrXaoS7HqOSp9a/BZjgKvFGqllO54HPf8xlvXO4hy/B6BUNT1Oezh4AF6CSKzObgFJYaHNh7gPNRA18kaHzUNgxWhwmMrw5Ifly7WxFIhQTLbtny9O0gBmwh8JinAUHXmU5QGTTH0j7UbVOqqVwk= X-Forefront-Antispam-Report: CIP:63.35.35.123;CTRY:IE;LANG:en;SCL:1;SRV:;IPV:CAL;SFV:NSPM;H:64aa7808-outbound-1.mta.getcheckrecipient.com;PTR:ec2-63-35-35-123.eu-west-1.compute.amazonaws.com;CAT:NONE;SFS:(13230022)(4636009)(346002)(136003)(39860400002)(376002)(396003)(451199015)(36840700001)(46966006)(40470700004)(6512007)(110136005)(478600001)(6636002)(26005)(8676002)(6666004)(6486002)(316002)(70586007)(70206006)(6506007)(5660300002)(44832011)(36860700001)(336012)(2906002)(83380400001)(41300700001)(36756003)(81166007)(186003)(2616005)(40460700003)(82740400003)(47076005)(356005)(8936002)(82310400005)(40480700001)(86362001)(67856001);DIR:OUT;SFP:1101; X-OriginatorOrg: arm.com X-MS-Exchange-CrossTenant-OriginalArrivalTime: 06 Dec 2022 10:50:46.9372 (UTC) X-MS-Exchange-CrossTenant-Network-Message-Id: c3766c0b-7755-4963-5b66-08dad777bb59 X-MS-Exchange-CrossTenant-Id: f34e5979-57d9-4aaa-ad4d-b122a662184d X-MS-Exchange-CrossTenant-OriginalAttributedTenantConnectingIp: TenantId=f34e5979-57d9-4aaa-ad4d-b122a662184d;Ip=[63.35.35.123];Helo=[64aa7808-outbound-1.mta.getcheckrecipient.com] X-MS-Exchange-CrossTenant-AuthSource: VI1EUR03FT017.eop-EUR03.prod.protection.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Anonymous X-MS-Exchange-CrossTenant-FromEntityHeader: HybridOnPrem X-MS-Exchange-Transport-CrossTenantHeadersStamped: GV1PR08MB8308 X-Spam-Status: No, score=-11.9 required=5.0 tests=BAYES_00,DKIM_SIGNED,DKIM_VALID,FORGED_SPF_HELO,GIT_PATCH_0,KAM_DMARC_NONE,RCVD_IN_DNSWL_NONE,RCVD_IN_MSPIKE_H2,SPF_HELO_PASS,SPF_NONE,TXREP,UNPARSEABLE_RELAY autolearn=ham autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on server2.sourceware.org List-Id: The 12/05/2022 19:04, Richard Sandiford wrote: > Wilco Dijkstra writes: > > A recent change only initializes the regs.how[] during Dwarf unwinding > > which resulted in an uninitialized offset used in return address signing > > and random failures during unwinding. The fix is to use REG_SAVED_OFFSET > > as the state where the return address signing bit is valid, and if the > > state is REG_UNSAVED, initialize it to 0. > > > > Passes bootstrap & regress, OK for commit? > > > > libgcc/ > > PR target/107678 > > * unwind-dw2.c (execute_cfa_program): Initialize offset of > > DWARF_REGNUM_AARCH64_RA_STATE if in REG_UNSAVED state. > > * config/aarch64/aarch64-unwind.h (aarch64_frob_update_contex): > > Check state is REG_SAVED_OFFSET before using offset for RA state. > > > > --- > > > > diff --git a/libgcc/config/aarch64/aarch64-unwind.h b/libgcc/config/aarch64/aarch64-unwind.h > > index 26db9cbd9e5c526e0c410a4fc6be2bedb7d261cf..597133b3d708a50a366c8bfeff57475f5522b3f6 100644 > > --- a/libgcc/config/aarch64/aarch64-unwind.h > > +++ b/libgcc/config/aarch64/aarch64-unwind.h > > @@ -71,21 +71,15 @@ aarch64_demangle_return_addr (struct _Unwind_Context *context, > > } > > > > /* Do AArch64 private initialization on CONTEXT based on frame info FS. Mark > > - CONTEXT as return address signed if bit 0 of DWARF_REGNUM_AARCH64_RA_STATE is > > - set. */ > > + CONTEXT as having a signed return address if DWARF_REGNUM_AARCH64_RA_STATE > > + is initialized (REG_SAVED_OFFSET state) and the offset has bit 0 set. */ > > > > static inline void > > aarch64_frob_update_context (struct _Unwind_Context *context, > > _Unwind_FrameState *fs) > > { > > - const int reg = DWARF_REGNUM_AARCH64_RA_STATE; > > - int ra_signed; > > - if (fs->regs.how[reg] == REG_UNSAVED) > > - ra_signed = fs->regs.reg[reg].loc.offset & 0x1; > > - else > > - ra_signed = _Unwind_GetGR (context, reg) & 0x1; > > - if (ra_signed) > > - /* The flag is used for re-authenticating EH handler's address. */ > > + if (fs->regs.how[DWARF_REGNUM_AARCH64_RA_STATE] == REG_SAVED_OFFSET > > + && (fs->regs.reg[DWARF_REGNUM_AARCH64_RA_STATE].loc.offset & 1) != 0) > > context->flags |= RA_SIGNED_BIT; > > else > > context->flags &= ~RA_SIGNED_BIT; > > Hmm, but the point of the original patch was to support code generators > that emit DW_CFA_val_expression instead of DW_CFA_AARCH64_negate_ra_state. > Doesn't this patch undo that? > > Also, if I understood correctly, the reason we use REG_UNSAVED is to > ensure that state from one frame isn't carried across to a parent frame, > in cases where the parent frame lacks any signing. That is, each frame > should start out with a zero bit even if a child frame is unwound while > it has a set bit. yes. i don't think how[*RA_STATE] can ever be set to REG_SAVED_OFFSET, this pseudo reg is not spilled to the stack, it is reset to 0 in each frame and then toggled within a frame. unwind-dw2.c has case DW_CFA_GNU_window_save: #if defined (__aarch64__) && !defined (__ILP32__) /* This CFA is multiplexed with Sparc. On AArch64 it's used to toggle return address signing status. */ reg = DWARF_REGNUM_AARCH64_RA_STATE; gcc_assert (fs->regs.how[reg] == REG_UNSAVED); fs->regs.reg[reg].loc.offset ^= 1; for this to work, loc.offset must be reset in uw_frame_state_for. we may need a new hook for that. > > Thanks, > Richard > > > diff --git a/libgcc/unwind-dw2.c b/libgcc/unwind-dw2.c > > index eaceace20298b9b13344aff9d1fe9ee5f9c7bd73..87f2ae065b67982ce48f74e45523d9c754a7661c 100644 > > --- a/libgcc/unwind-dw2.c > > +++ b/libgcc/unwind-dw2.c > > @@ -1203,11 +1203,16 @@ execute_cfa_program (const unsigned char *insn_ptr, > > > > case DW_CFA_GNU_window_save: > > #if defined (__aarch64__) && !defined (__ILP32__) > > - /* This CFA is multiplexed with Sparc. On AArch64 it's used to toggle > > - return address signing status. */ > > - reg = DWARF_REGNUM_AARCH64_RA_STATE; > > - gcc_assert (fs->regs.how[reg] == REG_UNSAVED); > > - fs->regs.reg[reg].loc.offset ^= 1; > > + /* This CFA is multiplexed with Sparc. On AArch64 it's used to toggle > > + the return address signing status. It is initialized at the first > > + use and the state is stored in bit 0 of the offset. */ > > + reg = DWARF_REGNUM_AARCH64_RA_STATE; > > + if (fs->regs.how[reg] == REG_UNSAVED) > > + { > > + fs->regs.how[reg] = REG_SAVED_OFFSET; > > + fs->regs.reg[reg].loc.offset = 0; > > + } > > + fs->regs.reg[reg].loc.offset ^= 1; > > #else > > /* ??? Hardcoded for SPARC register window configuration. */ > > if (__LIBGCC_DWARF_FRAME_REGISTERS__ >= 32)