Re: PING: [PATCH] i386: Insert ENDBR after __morestack call
On Wed, Apr 18, 2018 at 8:55 AM, H.J. Lu wrote:
> On Wed, Apr 18, 2018 at 7:00 AM, Tsimbalist, Igor V
> wrote:
>>> -Original Message-
>>> From: gcc-patches-ow...@gcc.gnu.org [mailto:gcc-patches-
>>> ow...@gcc.gnu.org] On Behalf Of H.J. Lu
>>> Sent: Wednesday, April 18, 2018 3:25 PM
>>> To: GCC Patches ; Tsimbalist, Igor V
>>>
>>> Cc: Uros Bizjak
>>> Subject: PING: [PATCH] i386: Insert ENDBR after __morestack call
>>>
>>> On Fri, Apr 13, 2018 at 5:56 AM, H.J. Lu wrote:
>>> > Since __morestack will jump back to its callee via indirect call, we
>>> > need to insert ENDBR after calling __morestack.
>>> >
>>> > OK for trunk?
>>> >
>>> > H.J.
>>> >
>>> > gcc/
>>> >
>>> > PR target/85388
>>> > * config/i386/i386.c (ix86_expand_split_stack_prologue): Insert
>>> > ENDBR after calling __morestack.
>>> >
>>> > gcc/testsuite/
>>> >
>>> > PR target/85388
>>> > * gcc.dg/pr85388-1.c: New test.
>>> > * gcc.dg/pr85388-2.c: Likewise.
>>> > * gcc.dg/pr85388-3.c: Likewise.
>>> > * gcc.dg/pr85388-4.c: Likewise.
>>> > * gcc.dg/pr85388-5.c: Likewise.
>>> > * gcc.dg/pr85388-6.c: Likewise.
>>> > ---
>>> > gcc/config/i386/i386.c | 11 ++-
>>> > gcc/testsuite/gcc.dg/pr85388-1.c | 50
>>> +
>>> > gcc/testsuite/gcc.dg/pr85388-2.c | 56
>>>
>>> > gcc/testsuite/gcc.dg/pr85388-3.c | 65
>>> +
>>> > gcc/testsuite/gcc.dg/pr85388-4.c | 69
>>>
>>> > gcc/testsuite/gcc.dg/pr85388-5.c | 54
>>> +++
>>> > gcc/testsuite/gcc.dg/pr85388-6.c | 56
>>>
>>> > 7 files changed, 360 insertions(+), 1 deletion(-)
>>> > create mode 100644 gcc/testsuite/gcc.dg/pr85388-1.c
>>> > create mode 100644 gcc/testsuite/gcc.dg/pr85388-2.c
>>> > create mode 100644 gcc/testsuite/gcc.dg/pr85388-3.c
>>> > create mode 100644 gcc/testsuite/gcc.dg/pr85388-4.c
>>> > create mode 100644 gcc/testsuite/gcc.dg/pr85388-5.c
>>> > create mode 100644 gcc/testsuite/gcc.dg/pr85388-6.c
>>> >
>>> > diff --git a/gcc/config/i386/i386.c b/gcc/config/i386/i386.c
>>> > index 03e5c433574..8b4fd8ae30b 100644
>>> > --- a/gcc/config/i386/i386.c
>>> > +++ b/gcc/config/i386/i386.c
>>> > @@ -15242,7 +15242,16 @@ ix86_expand_split_stack_prologue (void)
>>> > instruction--we need control flow to continue at the subsequent
>>> > label. Therefore, we use an unspec. */
>>> >gcc_assert (crtl->args.pops_args < 65536);
>>> > - emit_insn (gen_split_stack_return (GEN_INT (crtl->args.pops_args)));
>>> > + rtx_insn *ret_insn
>>> > += emit_insn (gen_split_stack_return (GEN_INT
>>> > (crtl->args.pops_args)));
>>> > +
>>> > + if ((flag_cf_protection & CF_BRANCH) && TARGET_IBT)
>>> > +{
>>> > + /* Insert ENDBR since __morestack will jump back here via indirect
>>> > +call. */
>>> > + rtx cet_eb = gen_nop_endbr ();
>>> > + emit_insn_after (cet_eb, ret_insn);
>>> > +}
>>> >
>>> >/* If we are in 64-bit mode and this function uses a static chain,
>>> > we saved %r10 in %rax before calling _morestack. */
>>>
>>> PING:
>>>
>>> https://gcc.gnu.org/ml/gcc-patches/2018-04/msg00669.html
>>>
>>
>> OK.
>
> I am going to check it in.
>
This is what I checked in.
--
H.J.
From 5cad7ddc0ee6f862414b411fae19516fe2f17e49 Mon Sep 17 00:00:00 2001
From: "H.J. Lu"
Date: Fri, 13 Apr 2018 05:27:09 -0700
Subject: [PATCH] i386: Insert ENDBR after __morestack call
Since __morestack will jump back to its callee via indirect call, we
need to insert ENDBR after calling __morestack.
gcc/
PR target/85388
* config/i386/i386.c (ix86_expand_split_stack_prologue): Insert
ENDBR after calling __morestack.
gcc/testsuite/
PR target/85388
* gcc.dg/pr85388-1.c: New test.
* gcc.dg/pr85388-2.c: Likewise.
* gcc.dg/pr85388-3.c: Likewise.
* gcc.dg/pr85388-4.c: Likewise.
* gcc.dg/pr85388-5.c: L
Re: PING: [PATCH] i386: Insert ENDBR after __morestack call
On Wed, Apr 18, 2018 at 7:00 AM, Tsimbalist, Igor V
wrote:
>> -Original Message-
>> From: gcc-patches-ow...@gcc.gnu.org [mailto:gcc-patches-
>> ow...@gcc.gnu.org] On Behalf Of H.J. Lu
>> Sent: Wednesday, April 18, 2018 3:25 PM
>> To: GCC Patches ; Tsimbalist, Igor V
>>
>> Cc: Uros Bizjak
>> Subject: PING: [PATCH] i386: Insert ENDBR after __morestack call
>>
>> On Fri, Apr 13, 2018 at 5:56 AM, H.J. Lu wrote:
>> > Since __morestack will jump back to its callee via indirect call, we
>> > need to insert ENDBR after calling __morestack.
>> >
>> > OK for trunk?
>> >
>> > H.J.
>> >
>> > gcc/
>> >
>> > PR target/85388
>> > * config/i386/i386.c (ix86_expand_split_stack_prologue): Insert
>> > ENDBR after calling __morestack.
>> >
>> > gcc/testsuite/
>> >
>> > PR target/85388
>> > * gcc.dg/pr85388-1.c: New test.
>> > * gcc.dg/pr85388-2.c: Likewise.
>> > * gcc.dg/pr85388-3.c: Likewise.
>> > * gcc.dg/pr85388-4.c: Likewise.
>> > * gcc.dg/pr85388-5.c: Likewise.
>> > * gcc.dg/pr85388-6.c: Likewise.
>> > ---
>> > gcc/config/i386/i386.c | 11 ++-
>> > gcc/testsuite/gcc.dg/pr85388-1.c | 50
>> +
>> > gcc/testsuite/gcc.dg/pr85388-2.c | 56
>>
>> > gcc/testsuite/gcc.dg/pr85388-3.c | 65
>> +
>> > gcc/testsuite/gcc.dg/pr85388-4.c | 69
>>
>> > gcc/testsuite/gcc.dg/pr85388-5.c | 54
>> +++
>> > gcc/testsuite/gcc.dg/pr85388-6.c | 56
>>
>> > 7 files changed, 360 insertions(+), 1 deletion(-)
>> > create mode 100644 gcc/testsuite/gcc.dg/pr85388-1.c
>> > create mode 100644 gcc/testsuite/gcc.dg/pr85388-2.c
>> > create mode 100644 gcc/testsuite/gcc.dg/pr85388-3.c
>> > create mode 100644 gcc/testsuite/gcc.dg/pr85388-4.c
>> > create mode 100644 gcc/testsuite/gcc.dg/pr85388-5.c
>> > create mode 100644 gcc/testsuite/gcc.dg/pr85388-6.c
>> >
>> > diff --git a/gcc/config/i386/i386.c b/gcc/config/i386/i386.c
>> > index 03e5c433574..8b4fd8ae30b 100644
>> > --- a/gcc/config/i386/i386.c
>> > +++ b/gcc/config/i386/i386.c
>> > @@ -15242,7 +15242,16 @@ ix86_expand_split_stack_prologue (void)
>> > instruction--we need control flow to continue at the subsequent
>> > label. Therefore, we use an unspec. */
>> >gcc_assert (crtl->args.pops_args < 65536);
>> > - emit_insn (gen_split_stack_return (GEN_INT (crtl->args.pops_args)));
>> > + rtx_insn *ret_insn
>> > += emit_insn (gen_split_stack_return (GEN_INT (crtl->args.pops_args)));
>> > +
>> > + if ((flag_cf_protection & CF_BRANCH) && TARGET_IBT)
>> > +{
>> > + /* Insert ENDBR since __morestack will jump back here via indirect
>> > +call. */
>> > + rtx cet_eb = gen_nop_endbr ();
>> > + emit_insn_after (cet_eb, ret_insn);
>> > +}
>> >
>> >/* If we are in 64-bit mode and this function uses a static chain,
>> > we saved %r10 in %rax before calling _morestack. */
>>
>> PING:
>>
>> https://gcc.gnu.org/ml/gcc-patches/2018-04/msg00669.html
>>
>
> OK.
I am going to check it in.
Thanks.
--
H.J.
RE: PING: [PATCH] i386: Insert ENDBR after __morestack call
> -Original Message-
> From: gcc-patches-ow...@gcc.gnu.org [mailto:gcc-patches-
> ow...@gcc.gnu.org] On Behalf Of H.J. Lu
> Sent: Wednesday, April 18, 2018 3:25 PM
> To: GCC Patches ; Tsimbalist, Igor V
>
> Cc: Uros Bizjak
> Subject: PING: [PATCH] i386: Insert ENDBR after __morestack call
>
> On Fri, Apr 13, 2018 at 5:56 AM, H.J. Lu wrote:
> > Since __morestack will jump back to its callee via indirect call, we
> > need to insert ENDBR after calling __morestack.
> >
> > OK for trunk?
> >
> > H.J.
> >
> > gcc/
> >
> > PR target/85388
> > * config/i386/i386.c (ix86_expand_split_stack_prologue): Insert
> > ENDBR after calling __morestack.
> >
> > gcc/testsuite/
> >
> > PR target/85388
> > * gcc.dg/pr85388-1.c: New test.
> > * gcc.dg/pr85388-2.c: Likewise.
> > * gcc.dg/pr85388-3.c: Likewise.
> > * gcc.dg/pr85388-4.c: Likewise.
> > * gcc.dg/pr85388-5.c: Likewise.
> > * gcc.dg/pr85388-6.c: Likewise.
> > ---
> > gcc/config/i386/i386.c | 11 ++-
> > gcc/testsuite/gcc.dg/pr85388-1.c | 50
> +
> > gcc/testsuite/gcc.dg/pr85388-2.c | 56
>
> > gcc/testsuite/gcc.dg/pr85388-3.c | 65
> +
> > gcc/testsuite/gcc.dg/pr85388-4.c | 69
>
> > gcc/testsuite/gcc.dg/pr85388-5.c | 54
> +++
> > gcc/testsuite/gcc.dg/pr85388-6.c | 56
>
> > 7 files changed, 360 insertions(+), 1 deletion(-)
> > create mode 100644 gcc/testsuite/gcc.dg/pr85388-1.c
> > create mode 100644 gcc/testsuite/gcc.dg/pr85388-2.c
> > create mode 100644 gcc/testsuite/gcc.dg/pr85388-3.c
> > create mode 100644 gcc/testsuite/gcc.dg/pr85388-4.c
> > create mode 100644 gcc/testsuite/gcc.dg/pr85388-5.c
> > create mode 100644 gcc/testsuite/gcc.dg/pr85388-6.c
> >
> > diff --git a/gcc/config/i386/i386.c b/gcc/config/i386/i386.c
> > index 03e5c433574..8b4fd8ae30b 100644
> > --- a/gcc/config/i386/i386.c
> > +++ b/gcc/config/i386/i386.c
> > @@ -15242,7 +15242,16 @@ ix86_expand_split_stack_prologue (void)
> > instruction--we need control flow to continue at the subsequent
> > label. Therefore, we use an unspec. */
> >gcc_assert (crtl->args.pops_args < 65536);
> > - emit_insn (gen_split_stack_return (GEN_INT (crtl->args.pops_args)));
> > + rtx_insn *ret_insn
> > += emit_insn (gen_split_stack_return (GEN_INT (crtl->args.pops_args)));
> > +
> > + if ((flag_cf_protection & CF_BRANCH) && TARGET_IBT)
> > +{
> > + /* Insert ENDBR since __morestack will jump back here via indirect
> > +call. */
> > + rtx cet_eb = gen_nop_endbr ();
> > + emit_insn_after (cet_eb, ret_insn);
> > +}
> >
> >/* If we are in 64-bit mode and this function uses a static chain,
> > we saved %r10 in %rax before calling _morestack. */
>
> PING:
>
> https://gcc.gnu.org/ml/gcc-patches/2018-04/msg00669.html
>
OK.
Igor
>
> --
> H.J.
PING: [PATCH] i386: Insert ENDBR after __morestack call
On Fri, Apr 13, 2018 at 5:56 AM, H.J. Lu wrote:
> Since __morestack will jump back to its callee via indirect call, we
> need to insert ENDBR after calling __morestack.
>
> OK for trunk?
>
> H.J.
>
> gcc/
>
> PR target/85388
> * config/i386/i386.c (ix86_expand_split_stack_prologue): Insert
> ENDBR after calling __morestack.
>
> gcc/testsuite/
>
> PR target/85388
> * gcc.dg/pr85388-1.c: New test.
> * gcc.dg/pr85388-2.c: Likewise.
> * gcc.dg/pr85388-3.c: Likewise.
> * gcc.dg/pr85388-4.c: Likewise.
> * gcc.dg/pr85388-5.c: Likewise.
> * gcc.dg/pr85388-6.c: Likewise.
> ---
> gcc/config/i386/i386.c | 11 ++-
> gcc/testsuite/gcc.dg/pr85388-1.c | 50 +
> gcc/testsuite/gcc.dg/pr85388-2.c | 56
> gcc/testsuite/gcc.dg/pr85388-3.c | 65 +
> gcc/testsuite/gcc.dg/pr85388-4.c | 69
>
> gcc/testsuite/gcc.dg/pr85388-5.c | 54 +++
> gcc/testsuite/gcc.dg/pr85388-6.c | 56
> 7 files changed, 360 insertions(+), 1 deletion(-)
> create mode 100644 gcc/testsuite/gcc.dg/pr85388-1.c
> create mode 100644 gcc/testsuite/gcc.dg/pr85388-2.c
> create mode 100644 gcc/testsuite/gcc.dg/pr85388-3.c
> create mode 100644 gcc/testsuite/gcc.dg/pr85388-4.c
> create mode 100644 gcc/testsuite/gcc.dg/pr85388-5.c
> create mode 100644 gcc/testsuite/gcc.dg/pr85388-6.c
>
> diff --git a/gcc/config/i386/i386.c b/gcc/config/i386/i386.c
> index 03e5c433574..8b4fd8ae30b 100644
> --- a/gcc/config/i386/i386.c
> +++ b/gcc/config/i386/i386.c
> @@ -15242,7 +15242,16 @@ ix86_expand_split_stack_prologue (void)
> instruction--we need control flow to continue at the subsequent
> label. Therefore, we use an unspec. */
>gcc_assert (crtl->args.pops_args < 65536);
> - emit_insn (gen_split_stack_return (GEN_INT (crtl->args.pops_args)));
> + rtx_insn *ret_insn
> += emit_insn (gen_split_stack_return (GEN_INT (crtl->args.pops_args)));
> +
> + if ((flag_cf_protection & CF_BRANCH) && TARGET_IBT)
> +{
> + /* Insert ENDBR since __morestack will jump back here via indirect
> +call. */
> + rtx cet_eb = gen_nop_endbr ();
> + emit_insn_after (cet_eb, ret_insn);
> +}
>
>/* If we are in 64-bit mode and this function uses a static chain,
> we saved %r10 in %rax before calling _morestack. */
PING:
https://gcc.gnu.org/ml/gcc-patches/2018-04/msg00669.html
--
H.J.
[PATCH] i386: Insert ENDBR after __morestack call
Since __morestack will jump back to its callee via indirect call, we
need to insert ENDBR after calling __morestack.
OK for trunk?
H.J.
gcc/
PR target/85388
* config/i386/i386.c (ix86_expand_split_stack_prologue): Insert
ENDBR after calling __morestack.
gcc/testsuite/
PR target/85388
* gcc.dg/pr85388-1.c: New test.
* gcc.dg/pr85388-2.c: Likewise.
* gcc.dg/pr85388-3.c: Likewise.
* gcc.dg/pr85388-4.c: Likewise.
* gcc.dg/pr85388-5.c: Likewise.
* gcc.dg/pr85388-6.c: Likewise.
---
gcc/config/i386/i386.c | 11 ++-
gcc/testsuite/gcc.dg/pr85388-1.c | 50 +
gcc/testsuite/gcc.dg/pr85388-2.c | 56
gcc/testsuite/gcc.dg/pr85388-3.c | 65 +
gcc/testsuite/gcc.dg/pr85388-4.c | 69
gcc/testsuite/gcc.dg/pr85388-5.c | 54 +++
gcc/testsuite/gcc.dg/pr85388-6.c | 56
7 files changed, 360 insertions(+), 1 deletion(-)
create mode 100644 gcc/testsuite/gcc.dg/pr85388-1.c
create mode 100644 gcc/testsuite/gcc.dg/pr85388-2.c
create mode 100644 gcc/testsuite/gcc.dg/pr85388-3.c
create mode 100644 gcc/testsuite/gcc.dg/pr85388-4.c
create mode 100644 gcc/testsuite/gcc.dg/pr85388-5.c
create mode 100644 gcc/testsuite/gcc.dg/pr85388-6.c
diff --git a/gcc/config/i386/i386.c b/gcc/config/i386/i386.c
index 03e5c433574..8b4fd8ae30b 100644
--- a/gcc/config/i386/i386.c
+++ b/gcc/config/i386/i386.c
@@ -15242,7 +15242,16 @@ ix86_expand_split_stack_prologue (void)
instruction--we need control flow to continue at the subsequent
label. Therefore, we use an unspec. */
gcc_assert (crtl->args.pops_args < 65536);
- emit_insn (gen_split_stack_return (GEN_INT (crtl->args.pops_args)));
+ rtx_insn *ret_insn
+= emit_insn (gen_split_stack_return (GEN_INT (crtl->args.pops_args)));
+
+ if ((flag_cf_protection & CF_BRANCH) && TARGET_IBT)
+{
+ /* Insert ENDBR since __morestack will jump back here via indirect
+call. */
+ rtx cet_eb = gen_nop_endbr ();
+ emit_insn_after (cet_eb, ret_insn);
+}
/* If we are in 64-bit mode and this function uses a static chain,
we saved %r10 in %rax before calling _morestack. */
diff --git a/gcc/testsuite/gcc.dg/pr85388-1.c b/gcc/testsuite/gcc.dg/pr85388-1.c
new file mode 100644
index 000..86d4737e32b
--- /dev/null
+++ b/gcc/testsuite/gcc.dg/pr85388-1.c
@@ -0,0 +1,50 @@
+/* This test needs to use setrlimit to set the stack size, so it can
+ only run on Unix. */
+/* { dg-do run { target { i?86-*-linux* i?86-*-gnu* x86_64-*-linux* } } } */
+/* { dg-require-effective-target cet } */
+/* { dg-require-effective-target split_stack } */
+/* { dg-options "-fsplit-stack -fcf-protection -mcet" } */
+
+#include
+#include
+#include
+
+/* Use a noinline function to ensure that the buffer is not removed
+ from the stack. */
+static void use_buffer (char *buf) __attribute__ ((noinline));
+static void
+use_buffer (char *buf)
+{
+ buf[0] = '\0';
+}
+
+/* Each recursive call uses 10,000 bytes. We call it 1000 times,
+ using a total of 10,000,000 bytes. If -fsplit-stack is not
+ working, that will overflow our stack limit. */
+
+static void
+down (int i)
+{
+ char buf[1];
+
+ if (i > 0)
+{
+ use_buffer (buf);
+ down (i - 1);
+}
+}
+
+int
+main (void)
+{
+ struct rlimit r;
+
+ /* We set a stack limit because we are usually invoked via make, and
+ make sets the stack limit to be as large as possible. */
+ r.rlim_cur = 8192 * 1024;
+ r.rlim_max = 8192 * 1024;
+ if (setrlimit (RLIMIT_STACK, &r) != 0)
+abort ();
+ down (1000);
+ return 0;
+}
diff --git a/gcc/testsuite/gcc.dg/pr85388-2.c b/gcc/testsuite/gcc.dg/pr85388-2.c
new file mode 100644
index 000..fd13d984c50
--- /dev/null
+++ b/gcc/testsuite/gcc.dg/pr85388-2.c
@@ -0,0 +1,56 @@
+/* { dg-do run { target { i?86-*-linux* i?86-*-gnu* x86_64-*-linux* } } } */
+/* { dg-require-effective-target cet } */
+/* { dg-require-effective-target split_stack } */
+/* { dg-require-effective-target pthread_h } */
+/* { dg-options "-pthread -fsplit-stack -fcf-protection -mcet" } */
+
+#include
+#include
+
+/* Use a noinline function to ensure that the buffer is not removed
+ from the stack. */
+static void use_buffer (char *buf) __attribute__ ((noinline));
+static void
+use_buffer (char *buf)
+{
+ buf[0] = '\0';
+}
+
+/* Each recursive call uses 10,000 bytes. We call it 1000 times,
+ using a total of 10,000,000 bytes. If -fsplit-stack is not
+ working, that will overflow our stack limit. */
+
+static void
+down (int i)
+{
+ char buf[1];
+
+ if (i > 0)
+{
+ use_buffer (buf);
+ down (i - 1);
+}
+}
+
+static void *
+thread_routine (void *arg __attribute__ ((unused)))
+{
+ down (1000);
+ return NULL;
+}
+
+int
+main (void)
+{
+ int i;
+ pthread_t
