From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <gdb-patches-bounces~public-inbox=simark.ca@sourceware.org>
Received: from simark.ca
	by simark.ca with LMTP
	id 3YaaBLmAJmm9lDAAWB0awg
	(envelope-from <gdb-patches-bounces~public-inbox=simark.ca@sourceware.org>)
	for <public-inbox@simark.ca>; Tue, 25 Nov 2025 23:23:21 -0500
Authentication-Results: simark.ca;
	dkim=pass (2048-bit key; unprotected) header.d=linaro.org header.i=@linaro.org header.a=rsa-sha256 header.s=google header.b=RkXgLcAl;
	dkim-atps=neutral
Received: by simark.ca (Postfix, from userid 112)
	id 016A71E0B3; Tue, 25 Nov 2025 23:23:20 -0500 (EST)
X-Spam-Checker-Version: SpamAssassin 4.0.1 (2024-03-25) on simark.ca
X-Spam-Level: 
X-Spam-Status: No, score=-2.4 required=5.0 tests=ARC_SIGNED,ARC_VALID,BAYES_00,
	DKIM_SIGNED,DKIM_VALID,DKIM_VALID_AU,MAILING_LIST_MULTI,
	RCVD_IN_DNSWL_MED,RCVD_IN_VALIDITY_CERTIFIED_BLOCKED,
	RCVD_IN_VALIDITY_RPBL_BLOCKED,RCVD_IN_VALIDITY_SAFE_BLOCKED
	autolearn=ham autolearn_force=no version=4.0.1
Received: from server2.sourceware.org (server2.sourceware.org [8.43.85.97])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange x25519 server-signature ECDSA (prime256v1) server-digest SHA256)
	(No client certificate requested)
	by simark.ca (Postfix) with ESMTPS id 4FF2B1E048
	for <public-inbox@simark.ca>; Tue, 25 Nov 2025 23:23:20 -0500 (EST)
Received: from server2.sourceware.org (localhost [IPv6:::1])
	by sourceware.org (Postfix) with ESMTP id 97B7D3858CD1
	for <public-inbox@simark.ca>; Wed, 26 Nov 2025 04:23:19 +0000 (GMT)
DKIM-Filter: OpenDKIM Filter v2.11.0 sourceware.org 97B7D3858CD1
Authentication-Results: sourceware.org;
	dkim=pass (2048-bit key, unprotected) header.d=linaro.org header.i=@linaro.org header.a=rsa-sha256 header.s=google header.b=RkXgLcAl
Received: from mail-pl1-x62c.google.com (mail-pl1-x62c.google.com
 [IPv6:2607:f8b0:4864:20::62c])
 by sourceware.org (Postfix) with ESMTPS id 96B443858D35
 for <gdb-patches@sourceware.org>; Wed, 26 Nov 2025 04:22:29 +0000 (GMT)
DMARC-Filter: OpenDMARC Filter v1.4.2 sourceware.org 96B443858D35
Authentication-Results: sourceware.org;
 dmarc=pass (p=none dis=none) header.from=linaro.org
Authentication-Results: sourceware.org; spf=pass smtp.mailfrom=linaro.org
ARC-Filter: OpenARC Filter v1.0.0 sourceware.org 96B443858D35
Authentication-Results: server2.sourceware.org;
 arc=none smtp.remote-ip=2607:f8b0:4864:20::62c
ARC-Seal: i=1; a=rsa-sha256; d=sourceware.org; s=key; t=1764130950; cv=none;
 b=QmwfsRh7Xl77fJNgOMwqR2tit0dSQs3OIxDILU5k6kftkN28PHCcNuR6wqnnACceLOpYSLvIyolTThNOis1d2tnCxTPqipPlFeA8b0mW+IceKTi7LRGUEHIDyR4+n1DIYyPyWXnMXsIt3Wwiw8JeFJbAcdADAfpkO02kBwbvQfA=
ARC-Message-Signature: i=1; a=rsa-sha256; d=sourceware.org; s=key;
 t=1764130950; c=relaxed/simple;
 bh=Ju9Gj6ROxU7YKSnZA2pHc1tDwwcQ1i4bnjHjpuyAoRo=;
 h=DKIM-Signature:From:To:Subject:Date:Message-ID:MIME-Version;
 b=ZmKl9ZYKJkdnLihytAyngKTRh9xil4ffNan1LDTn13s1pBx5MhtT1TjOtT8UnOzN93JXyO1ls3Gqe9U3rwhoH1QykpTA4XGmWoTJF6LfJW53ao9W9pC7GhUro2eGyWobHBhMYiY6ZuKFBbE+Go6FCi7RaGQrJ3n7pyfbZ4/rOpc=
ARC-Authentication-Results: i=1; server2.sourceware.org
DKIM-Filter: OpenDKIM Filter v2.11.0 sourceware.org 96B443858D35
Received: by mail-pl1-x62c.google.com with SMTP id
 d9443c01a7336-2981f9ce15cso75462915ad.1
 for <gdb-patches@sourceware.org>; Tue, 25 Nov 2025 20:22:29 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
 d=linaro.org; s=google; t=1764130948; x=1764735748; darn=sourceware.org;
 h=mime-version:message-id:date:user-agent:references:in-reply-to
 :subject:cc:to:from:from:to:cc:subject:date:message-id:reply-to;
 bh=d+RbJq95Vh70lv7LrSh/PqYK9eA8oD4//DHBpX44FzU=;
 b=RkXgLcAlNBnEWUIDcwtr9UMfwGttr3rCOonQklfVROOnQy13Gqa/taXlbkVf1RIDi9
 2uzDmKDzIN/YpxItUdyJdZXMW9DJMbhnFnouNN9ByqKFgqc5gZaykKojzI4/qBK2BrHx
 cW1W4ozr8eNy80BQbXBNosSq4LrEGX83dfF+wJSqMFGA/dkjmbksFqP3xVGk7eC5h8tb
 SHqPJUtnmKikSlxDhiRbwMDzgu2tuWRsQjcFS/V0i2bcqkFFvUUQDMYPuUihY8hMCgwE
 00TEJQKN+Sbp/SaZpSrJSBqpT6pK8XRxJG9JrwFBbQfXGgG4PDK3inPbs/DM62OaG8Cf
 YnPg==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
 d=1e100.net; s=20230601; t=1764130948; x=1764735748;
 h=mime-version:message-id:date:user-agent:references:in-reply-to
 :subject:cc:to:from:x-gm-gg:x-gm-message-state:from:to:cc:subject
 :date:message-id:reply-to;
 bh=d+RbJq95Vh70lv7LrSh/PqYK9eA8oD4//DHBpX44FzU=;
 b=vHIuexqrCkFdC6h/ePQ7dv6R8HyQ4FlgZMoLgCv/kHako7U54/EMy3J6a7g3ka12Rt
 4lcNdvv1ySZZDwCam/EttucWhXLXkPlLhiO5KbdJ7z/jXlB42R0UIdkeWhRLvl7Wws1K
 qfgWfK0+odDaRpUEYv596wAirZxuTNrFlkuxq0VCLWhpnFJF6VeAOyQB8wb1IKHKftL+
 X3N9iVPfxmy9tOQ3NnpMl2tlfu2OjwIVw/y7kzNPvyhC1to4bi0QwQvv9UNsF+RPnmK7
 MmnXrm55vKgU+rBOGH4e+DoaAv/TPzkLz/XsUAv6L/vtaQK2L+T6gPmblCBECOI6NYOy
 6rtg==
X-Gm-Message-State: AOJu0YzS6bOkO84Z8/0iFLfliu+YNF98Mbcx0vkbhqnG/CkwV5Dir2RF
 NuRLfG68PPpHxRqcvelA57Cbb0x9ZdVHmTCM5CMIZvTSx8rB/NqrQmVGgOESsNMViTvmT1ZxQKz
 xSKakXpQ=
X-Gm-Gg: ASbGncuzdtaAA85bQz72Ul6sG+fiRlcJmsftt9fLWrn72srBDWYhRGLdy+UY9F+rxXV
 kv3ywtRzlTFY8tzQDf118eAKRKYORHXjjI83874Kb+CLMcxawDlYa0VywG9YamhKuDsidoQZRTp
 apBk8954s3fRpyvJh6E4Jjp2+LnjHxgLthTiB9wYW6QPYMhYMUKjKPqKrZLokb3D23rlMrxPVy/
 0WYfnMfD7xA1w5jLrITnXvn+K8/+gDc/RfO+BX7eOvs7aSP5QkHRtBRAEODu2zNBcu+aBqj2loh
 jel1kRKaEooXSBVNFe32JDUJMxBC4zTxx/C63/JgRtG6ZJTMXBLiuvk/rOIkeDe6SpytFEh5HYs
 88VRhqyNaJK3mA+Jasj762oz5TjyN4HVybEUOnwmrNkBfgV1bCuBLKAQz772Q1Nko76QCnzjjyr
 Cky8jE8kRY8PSuahd+b+Jr
X-Google-Smtp-Source: AGHT+IHgmMyBG2hmlPCJpUxy3/f7dfl+5PpLhCz+5pLHFlpV9B5tgekoudfy4uq3MlhuGL8qL5Sqzw==
X-Received: by 2002:a05:7022:ea46:10b0:119:e569:fb9e with SMTP id
 a92af1059eb24-11c9d71710emr11694877c88.13.1764130947894; 
 Tue, 25 Nov 2025 20:22:27 -0800 (PST)
Received: from localhost ([2804:14d:7e39:8083:2b62:e85c:5936:d298])
 by smtp.gmail.com with ESMTPSA id
 a92af1059eb24-11cc631c236sm19345565c88.7.2025.11.25.20.22.27
 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256);
 Tue, 25 Nov 2025 20:22:27 -0800 (PST)
From: Thiago Jung Bauermann <thiago.bauermann@linaro.org>
To: Christina Schimpe <christina.schimpe@intel.com>
Cc: gdb-patches@sourceware.org
Subject: Re: [PATCH 8/9] gdb: Implement the hook
 'is_no_return_shadow_stack_address' for amd64 linux.
In-Reply-To: <20250923111842.4091694-9-christina.schimpe@intel.com> (Christina
 Schimpe's message of "Tue, 23 Sep 2025 11:18:41 +0000")
References: <20250923111842.4091694-1-christina.schimpe@intel.com>
 <20250923111842.4091694-9-christina.schimpe@intel.com>
User-Agent: mu4e 1.12.13; emacs 30.2
Date: Wed, 26 Nov 2025 01:22:25 -0300
Message-ID: <87tsyhpgn2.fsf@linaro.org>
MIME-Version: 1.0
Content-Type: text/plain
X-BeenThere: gdb-patches@sourceware.org
X-Mailman-Version: 2.1.30
Precedence: list
List-Id: Gdb-patches mailing list <gdb-patches.sourceware.org>
List-Unsubscribe: <https://sourceware.org/mailman/options/gdb-patches>,
 <mailto:gdb-patches-request@sourceware.org?subject=unsubscribe>
List-Archive: <https://sourceware.org/pipermail/gdb-patches/>
List-Post: <mailto:gdb-patches@sourceware.org>
List-Help: <mailto:gdb-patches-request@sourceware.org?subject=help>
List-Subscribe: <https://sourceware.org/mailman/listinfo/gdb-patches>,
 <mailto:gdb-patches-request@sourceware.org?subject=subscribe>
Errors-To: gdb-patches-bounces~public-inbox=simark.ca@sourceware.org

Christina Schimpe <christina.schimpe@intel.com> writes:

> There can be elements on the shadow stack which are not return addresses.
> This can happen, for instance, in case of signals on amd64 linux.
> The old shadow stack pointer is pushed in a special format with bit 63 set.
>
> |1...old SSP| - Pointer to old pre-signal ssp in sigframe token format
>                 (bit 63 set to 1)
>
> Linux kernel documentation: https://docs.kernel.org/next/x86/shstk.html.

The docs under "next/" are from the next tree, that is, patches that are
likely to be included in the next Linux version but not necessarily.

It's better to link to:

https://docs.kernel.org/arch/x86/shstk.html

which is the documentation that actually reached upstream.

> Implement the gdbarch hook is_no_return_shadow_stack_address to detect
> this scenario to print the shadow stack backtrace correctly.
> ---
>  gdb/amd64-linux-tdep.c                        | 43 +++++++++++++++
>  .../amd64-shadow-stack-backtrace-signal.exp   | 54 +++++++++++++++++++
>  .../gdb.arch/amd64-shadow-stack-signal.c      | 31 +++++++++++
>  3 files changed, 128 insertions(+)
>  create mode 100644 gdb/testsuite/gdb.arch/amd64-shadow-stack-backtrace-signal.exp
>  create mode 100644 gdb/testsuite/gdb.arch/amd64-shadow-stack-signal.c
>
> diff --git a/gdb/amd64-linux-tdep.c b/gdb/amd64-linux-tdep.c
> index f0db3b7a1b4..d72525a4cab 100644
> --- a/gdb/amd64-linux-tdep.c
> +++ b/gdb/amd64-linux-tdep.c
> @@ -1952,6 +1952,46 @@ amd64_linux_get_shadow_stack_pointer (gdbarch *gdbarch, regcache *regcache,
>    return ssp;
>  }
>  
> +/* Return true, if FRAME is a valid shadow stack frame while FRAME.VALUE
> +   does not refer to a return address.  This can happen, for instance, in
> +   case of signals.  The old shadow stack pointer is pushed in a special
> +   format with bit 63 set.  */
> +
> +static bool
> +amd64_linux_is_no_return_shadow_stack_address
> +  (gdbarch *gdbarch, const shadow_stack_frame_info &frame)
> +{
> +  /* FRAME must be a valid shadow stack frame.  */
> +  std::pair<CORE_ADDR, CORE_ADDR> range;
> +  gdb_assert (gdbarch_address_in_shadow_stack_memory_range (gdbarch,
> +							    frame.ssp,
> +							    &range));

The ssp member of a shadow_stack_frame_info object should always be in
the shadow stack memory range, no? This assert would be more effective
in that class' constructor.

> +  /* In case bit 63 is not configured, the address on the shadow stack
> +     should be a return address.  */
> +  constexpr CORE_ADDR mask = (CORE_ADDR) 1 << 63;
> +  if ((frame.value & mask) == 0)
> +    return false;
> +
> +  /* To compare the shadow stack pointer of the previous frame with the
> +     value of FRAME, we must clear bit 63.  */
> +  CORE_ADDR shadow_stack_val_cleared = (frame.value & (~mask));

Extraneous parentheses in the expression above.

> +  /* Compute the previous/old SSP.  The shadow stack grows downwards.  To
> +     compute the previous shadow stack pointer, we need to increment
> +     FRAME.SSP.  */
> +  CORE_ADDR prev_ssp
> +    = frame.ssp + gdbarch_shadow_stack_element_size_aligned (gdbarch);
> +
> +  /* We incremented FRAME.SSP by one element to compute PREV_SSP before.
> +     In case FRAME.SSP points to the first element of the shadow stack,
> +     PREV_SSP must point to the bottom of the shadow stack (RANGE.SECOND),
> +     but not beyond that address.  */
> +  gdb_assert (prev_ssp > range.first && prev_ssp <= range.second);

It's better to use one gdb_assert per condition, so that if it triggers,
it's clear which condition was violated.

> +  return (shadow_stack_val_cleared == prev_ssp);

Extraneous parentheses in the expression above.

-- 
Thiago