bug-binutils
[Top][All Lists]
Advanced
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Bug gold/25921] New: gold: split-stack fixup confused by -fcf-protectio

From: thanm at google dot com
Subject: [Bug gold/25921] New: gold: split-stack fixup confused by -fcf-protection=branch
Date: Mon, 04 May 2020 21:23:12 +0000 
https://sourceware.org/bugzilla/show_bug.cgi?id=25921

            Bug ID: 25921
           Summary: gold: split-stack fixup confused by
                    -fcf-protection=branch
           Product: binutils
           Version: 2.35 (HEAD)
            Status: UNCONFIRMED
          Severity: normal
          Priority: P2
         Component: gold
          Assignee: ccoutant at gmail dot com
          Reporter: thanm at google dot com
                CC: ian at airs dot com
  Target Milestone: ---

The code in Gold that pattern matches and fixes up prolog sequences for x86
targets looks like it is getting confused by additional instructions added when
the "-fcf-protection=branch" GCC option is employed (which uses Intel CET).

Example:

$ cat himom.c
#include <stdio.h>
int main(int argc, char **argv) {
  printf("hi mom\n");
  return 0;
}
$ gcc -fsplit-stack himom.c 
$ gcc -fsplit-stack himom.c  -fuse-ld=gold 
$ gcc -fsplit-stack himom.c  -fuse-ld=gold  -fcf-protection=branch
/usr/bin/ld.gold: error: /tmp/ccu49EOc.o: failed to match split-stack sequence
at section 1 offset 0
collect2: error: ld returned 1 exit status
$

Here is a closer look at the prolog sequences in each scenario:

$ gcc -c -fsplit-stack himom.c
$ objdump -dl himom.o
...
   0:   64 48 3b 24 25 70 00    cmp    %fs:0x70,%rsp
   7:   00 00 
   9:   73 12                   jae    1d <main+0x1d>
   b:   41 ba 18 00 00 00       mov    $0x18,%r10d
  11:   41 bb 00 00 00 00       mov    $0x0,%r11d

$ gcc -c -fsplit-stack -fcf-protection=branch himom.c 
$ objdump -dl himom.o
...
   0:   f3 0f 1e fa             endbr64 
   4:   64 48 3b 24 25 70 00    cmp    %fs:0x70,%rsp
   b:   00 00 
   d:   73 16                   jae    25 <main+0x25>
   f:   41 ba 18 00 00 00       mov    $0x18,%r10d
  15:   41 bb 00 00 00 00       mov    $0x0,%r11d

Note the inserted "endbr64".

The problem also seems to be made a bit more mysterious for users in that some
linux distributions have started to hard-wired on cf-protection by default,
e.g.

https://lists.ubuntu.com/archives/ubuntu-devel/2019-June/040741.html

This makes it more difficult for users of -fsplit-stack to understand what the
problem might be (the same compile/link commands on one distro work fine, but
fail on others).

I will see if I can write a patch to address this problem.

-- 
You are receiving this mail because:
You are on the CC list for the bug.
reply via email to
[Prev in Thread] Current Thread [Next in Thread]