Re: [1/9][RFC][DWARF] Reserve three DW_OP numbers in vendor extension space

Mirror of the gdb-patches mailing list
 help / color / mirror / Atom feed

From: Jiong Wang <jiong.wang@foss.arm.com>
To: "Richard Earnshaw (lists)" <Richard.Earnshaw@arm.com>,
	Jakub Jelinek <jakub@redhat.com>,
	mjw@tucnak.zalov.cz
Cc: gcc-patches <gcc-patches@gcc.gnu.org>,
	gdb-patches@sourceware.org, Binutils <binutils@sourceware.org>
Subject: Re: [1/9][RFC][DWARF] Reserve three DW_OP numbers in vendor extension space
Date: Wed, 16 Nov 2016 10:00:00 -0000	[thread overview]
Message-ID: <bd3dae26-48c9-9f37-a1c8-001982cb6c78@foss.arm.com> (raw)
In-Reply-To: <ceb9dfac-9f94-0d78-7f3f-8f9e0a2abb66@arm.com>

On 15/11/16 19:25, Richard Earnshaw (lists) wrote:
> On 15/11/16 16:48, Jiong Wang wrote:
>> On 15/11/16 16:18, Jakub Jelinek wrote:
>>> I know nothing about the aarch64 return address signing, would all 3
>>> or say
>>> 2 usually appear together without any separate pc advance, or are they
>>> all
>>> going to appear frequently and at different pcs?
>>
>>   I think it's the latter, the DW_OP_AARCH64_paciasp and
>> DW_OP_AARCH64_paciasp_deref are going to appear frequently and at
>> different pcs.
>>     For example, the following function prologue, there are three
>> instructions
>> at 0x0, 0x4, 0x8.
>>
>>   After the first instruction at 0x0, LR/X30 will be mangled.  The
>> "paciasp" always
>> mangle LR register using SP as salt and write back the value into LR.
>> We then generate
>> DW_OP_AARCH64_paciasp to notify any unwinder that the original LR is
>> mangled in this
>> way so they can unwind the original value properly.
>>
>>   After the second instruction at 0x4, The mangled value of LR/X30 will
>> be pushed on
>> to stack, unlike usual .cfi_offset, the unwind rule for LR/X30 becomes:
>> first fetch the
>> mangled value from stack offset -16, then do whatever to restore the
>> original value
>> from the mangled value.  This is represented by
>> (DW_OP_AARCH64_paciasp_deref, offset).
>>
>>         .cfi_startproc
>>    0x0  paciasp (this instruction sign return address register LR/X30)
>>         .cfi_val_expression 30, DW_OP_AARCH64_paciasp
>>    0x4  stp     x29, x30, [sp, -32]!
>>         .cfi_val_expression 30, DW_OP_AARCH64_paciasp_deref, -16
>>         .cfi_offset 29, -32
>>         .cfi_def_cfa_offset 32
>>    0x8  add     x29, sp, 0
>>
>
> Now I'm confused.
>
> I was thinking that we needed one opcode for the sign operation in the
> prologue and one for the unsign/validate operation in the epilogue (to
> support non-call exceptions.

   IMO, non-call exceptions is fine, it looks to me doesn't need extra
description as for non-call exceptions (exceptions thrown from signal
handler) the key point is how to unwind across signal frame.  For libgcc EH
unwinder, when normal unwinding failed, it will fall back to architecture
unwinding hook which restore some information from signal frame which is just
on top of the signal handler's frame.

   I can see AArch64 implementation will setup return address column like the
following logic where "sc->pc" is initialized by kernel and it's not signed
therefore should sucess on further unwinding.

     fs->regs.reg[__LIBGCC_DWARF_ALT_FRAME_RETURN_COLUMN__].how =
       REG_SAVED_VAL_OFFSET;
     fs->regs.reg[__LIBGCC_DWARF_ALT_FRAME_RETURN_COLUMN__].loc.offset =
       (_Unwind_Ptr) (sc->pc) - new_cfa;

> But why do we need a separate code to say
> that a previously signed value has now been pushed on the stack?  Surely
> that's just a normal store operation that can be tracked through the
> unwinding state machine.

   I was thinking the same thing, but found it doesn't work.  My understanding
of frame unwinding described at DWARF specification is: there are two steps
for frame unwinding.  The first step is to calculate register restore rules.
Unwinder scans register rules from function start to the unwinding PC, one
rule will be *overridden* by the next for the same register, there is *no
inheritance*.  The second step is then to evaluate all the final rules
collected at the unwinding PC.  According to the rule, either fetch the value
from stack or evaluate the value on DWARF expression stack etc.

  I also had tried to modify ".cfi_val_expression" at offset 0x4 in above
example into ".cfi_offset 30, -24", libgcc EH unwinder just doesn't work.

>
> I was expecting the third opcode to be needed for the special operations
> that are not frequently used by the compiler.

  The two operations DW_OP_AARCH64_paciasp and DW_OP_AARCH64_paciasp_deref were
designed as shortcut operations when LR is signed with A key and using
function's CFA as salt.  This is the default behaviour of return address
signing so is expected to be used for most of the time.  DW_OP_AARCH64_pauth
is designed as a generic operation that allow describing pointer signing on
any value using any salt and key in case we can't use the shortcut operations
we can use this.

next prev parent reply	other threads:[~2016-11-16 10:00 UTC|newest]

Thread overview: 24+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
     [not found] <c9da17a6-c3de-4466-c023-4e4ddbe38efb@foss.arm.com>
2016-11-11 18:22 ` Jiong Wang
2016-11-11 19:39   ` Jakub Jelinek
2016-11-15 16:00     ` Jiong Wang
2016-11-15 16:18       ` Jakub Jelinek
2016-11-15 16:48         ` Jiong Wang
2016-11-15 19:25           ` Richard Earnshaw (lists)
2016-11-16 10:00             ` Jiong Wang [this message]
     [not found]               ` <1479304496.14569.256.camel@redhat.com>
2016-11-16 14:02                 ` Jakub Jelinek
2016-11-30 11:15                   ` Jiong Wang
2016-11-30 18:25                     ` Yao Qi
2016-12-12 13:40                     ` [Ping~][1/9][RFC][DWARF] " Jiong Wang
2016-12-19 13:59                       ` [Ping^2][1/9][RFC][DWARF] " Jiong Wang
2016-12-28 18:21                         ` [Ping^3][1/9][RFC][DWARF] " Jiong Wang
2016-12-28 19:54                     ` [1/9][RFC][DWARF] " Cary Coutant
2017-01-03  9:32                       ` Jiong Wang
2017-01-03 10:10                       ` Jiong Wang
2017-01-03 10:57                         ` Yao Qi
2017-01-03 15:21                           ` Nick Clifton
2017-01-03 17:47                             ` Yao Qi
2016-11-30 21:44                   ` Cary Coutant
2016-12-01 10:42                     ` Richard Earnshaw (lists)
2016-12-01 11:09                       ` Jiong Wang
2016-11-15 16:51         ` Jiong Wang
2016-12-28 19:48     ` Cary Coutant

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=bd3dae26-48c9-9f37-a1c8-001982cb6c78@foss.arm.com \
    --to=jiong.wang@foss.arm.com \
    --cc=Richard.Earnshaw@arm.com \
    --cc=binutils@sourceware.org \
    --cc=gcc-patches@gcc.gnu.org \
    --cc=gdb-patches@sourceware.org \
    --cc=jakub@redhat.com \
    --cc=mjw@tucnak.zalov.cz \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox