Closed
Conversation
Since longjmp to a previous setjmp'ed state could change the stack frame and involves stack frame unwinding, shadow stacks is also required to be unwinded. The unwinding is implemented according to the zicfiss spec by increasing the ssp by a page size (4K) at most, to prevent from accidentally point to another legal shadow stack page after the adjustment.
linux kernel handling for prctl is to have strict checking on input parameters. Input parameters not used must be zero. Signed-off-by: Deepak Gupta <debug@rivosinc.com>
jaidTw
pushed a commit
that referenced
this pull request
Jun 11, 2024
Linux dilfridge-amd64-stable 6.1.41-gentoo-dist #1 SMP PREEMPT_DYNAMIC Tue Jul 25 09:26:34 -00 2023 x86_64 AMD Ryzen 7 3700X 8-Core Processor AuthenticAMD GNU/Linux 32bit build on x86-64 Signed-off-by: Andreas K. Hüttel <dilfridge@gentoo.org>
jaidTw
pushed a commit
that referenced
this pull request
Aug 16, 2024
Also compile dl-misc.os with $(rtld-early-cflags) to avoid
Program received signal SIGILL, Illegal instruction.
0x00007ffff7fd36ea in _dl_strtoul (nptr=nptr@entry=0x7fffffffe2c9 "2",
endptr=endptr@entry=0x7fffffffd728) at dl-misc.c:156
156 bool positive = true;
(gdb) bt
#0 0x00007ffff7fd36ea in _dl_strtoul (nptr=nptr@entry=0x7fffffffe2c9 "2",
endptr=endptr@entry=0x7fffffffd728) at dl-misc.c:156
#1 0x00007ffff7fdb1a9 in tunable_initialize (
cur=cur@entry=0x7ffff7ffbc00 <tunable_list+2176>,
strval=strval@entry=0x7fffffffe2c9 "2", len=len@entry=1)
at dl-tunables.c:131
#2 0x00007ffff7fdb3a2 in parse_tunables (valstring=<optimized out>)
at dl-tunables.c:258
#3 0x00007ffff7fdb5d9 in __GI___tunables_init (envp=0x7fffffffdd58)
at dl-tunables.c:288
riscvarchive#4 0x00007ffff7fe44c3 in _dl_sysdep_start (
start_argptr=start_argptr@entry=0x7fffffffdcb0,
dl_main=dl_main@entry=0x7ffff7fe5f80 <dl_main>)
at ../sysdeps/unix/sysv/linux/dl-sysdep.c:110
riscvarchive#5 0x00007ffff7fe5cae in _dl_start_final (arg=0x7fffffffdcb0) at rtld.c:494
riscvarchive#6 _dl_start (arg=0x7fffffffdcb0) at rtld.c:581
riscvarchive#7 0x00007ffff7fe4b38 in _start ()
(gdb)
when setting GLIBC_TUNABLES in glibc compiled with APX.
Reviewed-by: Florian Weimer <fweimer@redhat.com>
jaidTw
pushed a commit
that referenced
this pull request
Aug 16, 2024
Linux pinacolada 6.6.32-gentoo #1 SMP PREEMPT Sun Jun 9 14:18:17 CEST 2024 x86_64 Intel(R) Core(TM) i7-6700 CPU @ 3.40GHz GenuineIntel GNU/Linux 32bit build for multilib environment Signed-off-by: Andreas K. Hüttel <dilfridge@gentoo.org>
jaidTw
pushed a commit
that referenced
this pull request
Aug 16, 2024
Linux catbus 5.15.110-gentoo-r1 #1 SMP Fri Jun 9 17:53:23 PDT 2023 sparc64 sun4v UltraSparc T5 (Niagara5) GNU/Linux Signed-off-by: Andreas K. Hüttel <dilfridge@gentoo.org>
jaidTw
pushed a commit
that referenced
this pull request
Aug 16, 2024
This hasn't been looked at for a loong time (already guessing from the number of missing entries), and it ain't pretty. There are some 9-ulps results for float. - ZaZaZebra (qemu-system-m68k clone of PowerBook 190 system) - GCC 13.3.1 20240614 (Gentoo 13.3.1_p20240614 p17) - ld GNU ld (Gentoo 2.42 p6) 2.42.0 - Linux ZaZaZebra 4.19.0-5-m68k #1 Gentoo 4.19.37-5 (2019-06-19) m68k 68040 68040 GNU/Linux - manual build - ../glibc/configure --enable-fortify-source --prefix=/usr - Tested by Immolo (via Andreas K. Hüttel) Signed-off-by: Andreas K. Hüttel <dilfridge@gentoo.org>
jaidTw
pushed a commit
that referenced
this pull request
Aug 16, 2024
Linux alphadev 6.9.8-gentoo-alpha #1 Sun Jul 7 00:45:49 EDT 2024 alpha EV68CB Titan GNU/Linux gcc (Gentoo 14.1.1_p20240622 p2) 14.1.1 20240622 GNU ld (Gentoo 2.42 p6) 2.42.0 Signed-off-by: Andreas K. Hüttel <dilfridge@gentoo.org>
jaidTw
pushed a commit
that referenced
this pull request
May 14, 2025
Linux dola 5.15.169-gentoo-dist #1 SMP Wed Oct 23 06:25:30 -00 2024 aarch64 GNU/Linux Vendor ID: ARM Model name: Neoverse-N1 gcc (Gentoo Hardened 13.3.1_p20241025 p1) 13.3.1 20241024 Signed-off-by: Andreas K. Hüttel <dilfridge@gentoo.org>
jaidTw
pushed a commit
that referenced
this pull request
May 14, 2025
Linux catbus 6.1.112 #1 SMP Sun Oct 13 10:52:08 PDT 2024 sparc64 sun4v UltraSparc T5 (Niagara5) GNU/Linux gcc (Gentoo 13.3.1_p20240614 p17) 13.3.1 20240614 Signed-off-by: Andreas K. Hüttel <dilfridge@gentoo.org>
jaidTw
pushed a commit
that referenced
this pull request
May 14, 2025
Linux lgentoo4 6.8.9-gentoo #1 SMP Tue May 7 09:52:48 EDT 2024 s390x 8561 IBM GNU/Linux Signed-off-by: Andreas K. Hüttel <dilfridge@gentoo.org>
jaidTw
pushed a commit
that referenced
this pull request
May 14, 2025
Linux catbus 6.1.112 #1 SMP Sun Oct 13 10:52:08 PDT 2024 sparc64 sun4v UltraSparc T5 (Niagara5) GNU/Linux Signed-off-by: Andreas K. Hüttel <dilfridge@gentoo.org>
jaidTw
pushed a commit
that referenced
this pull request
May 14, 2025
Linux timberdoodle 6.1.60-gentoo-dist-hardened #1 SMP Fri Dec 1 22:10:49 UTC 2023 ppc64 POWER9 (architected), altivec supported CHRP IBM pSeries (emulated by qemu) GNU/Linux Signed-off-by: Andreas K. Hüttel <dilfridge@gentoo.org>
jaidTw
pushed a commit
that referenced
this pull request
May 14, 2025
Linux matoro-loongdev 6.12.0-gentoo-loongarch64 #1 SMP PREEMPT Fri Nov 22 00:38:46 EST 2024 loongarch64 GNU/Linux Signed-off-by: Andreas K. Hüttel <dilfridge@gentoo.org>
jaidTw
pushed a commit
that referenced
this pull request
May 14, 2025
Linux matoro-alphadev 6.12.3-gentoo-alpha #1 Sun Dec 8 04:39:11 EST 2024 alpha EV68CB Titan GNU/Linux Signed-off-by: Andreas K. Hüttel <dilfridge@gentoo.org>
jaidTw
pushed a commit
that referenced
this pull request
May 14, 2025
Linux waikiki 6.6.53-gentoo #1 SMP Wed Oct 2 13:21:27 CEST 2024 x86_64 AMD EPYC 7532 32-Core Processor AuthenticAMD GNU/Linux Signed-off-by: Andreas K. Hüttel <dilfridge@gentoo.org>
jaidTw
pushed a commit
that referenced
this pull request
May 14, 2025
Linux bogsucker 6.1.55-gentoo-dist-hardened #1 SMP Sun Oct 1 18:03:02 UTC 2023 ppc64le POWER9 (architected), altivec supported CHRP IBM pSeries (emulated by qemu) GNU/Linux Signed-off-by: Andreas K. Hüttel <dilfridge@gentoo.org>
jaidTw
pushed a commit
that referenced
this pull request
Feb 6, 2026
The subnormal exponent calculation invokes UB by left shifting the signed exponent to find the first leading bit. The implementation also uses 32 bits operations, which generates suboptimal code in 64 bits architectures. The patch reimplements ilogb using the math_config.h macros and uses the new stdbit function to simplify the subnormal handling. On aarch64 it generates better code: * master: 0000000000000000 <__ieee754_ilogb>: 0: 9e660000 fmov x0, d0 4: d360fc02 lsr x2, x0, riscvarchive#32 8: d360f801 ubfx x1, x0, riscvarchive#32, riscvarchive#31 c: f26c285f tst x2, #0x7ff00000 10: 540001a1 b.ne 44 <__ieee754_ilogb+0x44> // b.any 14: 2a000022 orr w2, w1, w0 18: 34000322 cbz w2, 7c <__ieee754_ilogb+0x7c> 1c: 35000221 cbnz w1, 60 <__ieee754_ilogb+0x60> 20: 2a0003e1 mov w1, w0 24: 7100001f cmp w0, #0x0 28: 12808240 mov w0, #0xfffffbed // #-1043 2c: 540000ad b.le 40 <__ieee754_ilogb+0x40> 30: 531f7821 lsl w1, w1, #1 34: 51000400 sub w0, w0, #0x1 38: 7100003f cmp w1, #0x0 3c: 54ffffac b.gt 30 <__ieee754_ilogb+0x30> 40: d65f03c0 ret 44: 13147c20 asr w0, w1, riscvarchive#20 48: 12b00202 mov w2, #0x7fefffff // #2146435071 4c: 510ffc00 sub w0, w0, #0x3ff 50: 6b02003f cmp w1, w2 54: 12b00001 mov w1, #0x7fffffff // #2147483647 58: 1a819000 csel w0, w0, w1, ls // ls = plast 5c: d65f03c0 ret 60: 53155021 lsl w1, w1, riscvarchive#11 64: 12807fa0 mov w0, #0xfffffc02 // #-1022 68: 531f7821 lsl w1, w1, #1 6c: 51000400 sub w0, w0, #0x1 70: 7100003f cmp w1, #0x0 74: 54ffffac b.gt 68 <__ieee754_ilogb+0x68> 78: d65f03c0 ret 7c: 320107e0 mov w0, #0x80000001 // #-2147483647 80: d65f03c0 ret * patch: 0000000000000000 <__ieee754_ilogb>: 0: 9e660001 fmov x1, d0 4: d374f820 ubfx x0, x1, riscvarchive#52, riscvarchive#11 8: 350000e0 cbnz w0, 24 <__ieee754_ilogb+0x24> c: d374cc21 lsl x1, x1, riscvarchive#12 10: b4000141 cbz x1, 38 <__ieee754_ilogb+0x38> 14: dac01021 clz x1, x1 18: 12807fc0 mov w0, #0xfffffc01 // #-1023 1c: 4b010000 sub w0, w0, w1 20: d65f03c0 ret 24: 711ffc1f cmp w0, #0x7ff 28: 510ffc00 sub w0, w0, #0x3ff 2c: 12b00001 mov w1, #0x7fffffff // #2147483647 30: 1a811000 csel w0, w0, w1, ne // ne = any 34: d65f03c0 ret 38: 320107e0 mov w0, #0x80000001 // #-2147483647 3c: d65f03c0 ret Other architecture with support for stdc_leading_zeros and/or __builtin_clzll should have similar improvements. Checked on aarch64-linux-gnu and x86_64-linux-gnu. Reviewed-by: Wilco Dijkstra <Wilco.Dijkstra@arm.com>
jaidTw
pushed a commit
that referenced
this pull request
Feb 6, 2026
The subnormal exponent calculation invokes UB by left shifting the signed expoenent to find the first leading bit. The patch reimplements ilogb using the math_config.h macros and uses the new stdbit.h function to simplify the subnormal handling. On aarch64 it generates better code: * master: 0000000000000000 <__ieee754_ilogbf>: 0: 1e260000 fmov w0, s0 4: 12007801 and w1, w0, #0x7fffffff 8: 72091c1f tst w0, #0x7f800000 c: 54000141 b.ne 34 <__ieee754_ilogbf+0x34> // b.any 10: 34000201 cbz w1, 50 <__ieee754_ilogbf+0x50> 14: 53185c21 lsl w1, w1, riscvarchive#8 18: 12800fa0 mov w0, #0xffffff82 // #-126 1c: d503201f nop 20: 531f7821 lsl w1, w1, #1 24: 51000400 sub w0, w0, #0x1 28: 7100003f cmp w1, #0x0 2c: 54ffffac b.gt 20 <__ieee754_ilogbf+0x20> 30: d65f03c0 ret 34: 13177c20 asr w0, w1, riscvarchive#23 38: 12b01002 mov w2, #0x7f7fffff // #2139095039 3c: 5101fc00 sub w0, w0, #0x7f 40: 6b02003f cmp w1, w2 44: 12b00001 mov w1, #0x7fffffff // #2147483647 48: 1a819000 csel w0, w0, w1, ls // ls = plast 4c: d65f03c0 ret 50: 320107e0 mov w0, #0x80000001 // #-2147483647 54: d65f03c0 ret * patch: 0000000000000000 <__ieee754_ilogbf>: 0: 1e260001 fmov w1, s0 4: d3577820 ubfx x0, x1, riscvarchive#23, riscvarchive#8 8: 350000e0 cbnz w0, 24 <__ieee754_ilogbf+0x24> c: 53175821 lsl w1, w1, riscvarchive#9 10: 34000141 cbz w1, 38 <__ieee754_ilogbf+0x38> 14: 5ac01021 clz w1, w1 18: 12800fc0 mov w0, #0xffffff81 // #-127 1c: 4b010000 sub w0, w0, w1 20: d65f03c0 ret 24: 7103fc1f cmp w0, #0xff 28: 5101fc00 sub w0, w0, #0x7f 2c: 12b00001 mov w1, #0x7fffffff // #2147483647 30: 1a811000 csel w0, w0, w1, ne // ne = any 34: d65f03c0 ret 38: 320107e0 mov w0, #0x80000001 // #-2147483647 3c: d65f03c0 ret Other architecture with support for stdc_leading_zeros and/or __builtin_clzll should have similar improvements. Checked on aarch64-linux-gnu and x86_64-linux-gnu. Reviewed-by: Wilco Dijkstra <Wilco.Dijkstra@arm.com>
jaidTw
pushed a commit
that referenced
this pull request
Feb 6, 2026
On x86-64, when glibc is configured with --enable-stack-protector=all
and compiled with -Os, ld.so crashes very early:
(gdb) r --direct
Starting program: /export/build/gnu/tools-build/glibc-gitlab/build-x86_64-linux/string/test-memswap --direct
Program received signal SIGSEGV, Segmentation fault.
0x00007ffff7f41b0a in bsearch (__key=__key@entry=0x7fffffffda28,
__base=__base@entry=0x7ffff7fca140 <intel_02_known>,
__nmemb=__nmemb@entry=68, __size=__size@entry=8,
__compar=__compar@entry=0x7ffff7f3b691 <intel_02_known_compare>)
at ../bits/stdlib-bsearch.h:22
22 {
(gdb) disass
Dump of assembler code for function bsearch:
0x00007ffff7f41af0 <+0>: push %r15
0x00007ffff7f41af2 <+2>: mov %rcx,%r15
0x00007ffff7f41af5 <+5>: push %r14
0x00007ffff7f41af7 <+7>: push %r13
0x00007ffff7f41af9 <+9>: mov %rsi,%r13
0x00007ffff7f41afc <+12>: push %r12
0x00007ffff7f41afe <+14>: mov %rdi,%r12
0x00007ffff7f41b01 <+17>: push %rbp
0x00007ffff7f41b02 <+18>: mov %rdx,%rbp
0x00007ffff7f41b05 <+21>: push %rbx
0x00007ffff7f41b06 <+22>: sub $0x18,%rsp
=> 0x00007ffff7f41b0a <+26>: mov %fs:0x28,%r14
^^^^^^^^^^^^^^^^^^^^^^^^^^^^ We can't use stack protector at this point.
0x00007ffff7f41b13 <+35>: mov %r14,0x8(%rsp)
0x00007ffff7f41b18 <+40>: mov %r8,%r14
0x00007ffff7f41b1b <+43>: test %rbp,%rbp
0x00007ffff7f41b1e <+46>: je 0x7ffff7f41b48 <bsearch+88>
0x00007ffff7f41b20 <+48>: mov %rbp,%rbx
0x00007ffff7f41b23 <+51>: mov %r12,%rdi
0x00007ffff7f41b26 <+54>: shr $1,%rbx
0x00007ffff7f41b29 <+57>: imul %r15,%rbx
0x00007ffff7f41b2d <+61>: add %r13,%rbx
0x00007ffff7f41b30 <+64>: mov %rbx,%rsi
(gdb) bt
#0 0x00007ffff7f41b0a in bsearch (__key=__key@entry=0x7fffffffda28,
__base=__base@entry=0x7ffff7fca140 <intel_02_known>,
__nmemb=__nmemb@entry=68, __size=__size@entry=8,
__compar=__compar@entry=0x7ffff7f3b691 <intel_02_known_compare>)
at ../bits/stdlib-bsearch.h:22
#1 0x00007ffff7f3c1be in intel_check_word (name=188, value=1979933440,
has_level_2=has_level_2@entry=0x7fffffffda7f,
no_level_2_or_3=no_level_2_or_3@entry=0x7fffffffda7e,
cpu_features=<optimized out>) at ../sysdeps/x86/dl-cacheinfo.h:217
#2 0x00007ffff7f3c29f in handle_intel (name=name@entry=188,
cpu_features=<optimized out>) at ../sysdeps/x86/dl-cacheinfo.h:279
#3 0x00007ffff7f3ccf9 in dl_init_cacheinfo (cpu_features=<optimized out>)
at ../sysdeps/x86/dl-cacheinfo.h:852
riscvarchive#4 init_cpu_features (cpu_features=<optimized out>)
at ../sysdeps/x86/cpu-features.c:1153
riscvarchive#5 0x00007ffff7f3d6f9 in __libc_start_main_impl (main=0x7ffff7f396dc <main>,
argc=2, argv=0x7fffffffdbe8, init=<optimized out>, fini=<optimized out>,
rtld_fini=0x0, stack_end=0x7fffffffdbd8) at ../csu/libc-start.c:269
riscvarchive#6 0x00007ffff7f39901 in _start () at ../sysdeps/x86_64/start.S:115
(gdb)
The problem is that since __USE_EXTERN_INLINES isn't defined with -Os,
the inline bsearch in <bits/stdlib-bsearch.h> isn't available and the
external bsearch is compiled with stack protector. Include
<bits/stdlib-bsearch.h> in dl-cacheinfo.h fixed BZ #33374.
Signed-off-by: H.J. Lu <hjl.tools@gmail.com>
Reviewed-by: Sam James <sam@gentoo.org>
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
2 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
linux kernel handling for prctl is to have strict checking on input parameters.
Input parameters not used must be zero.