This is an archive of the discontinued LLVM Phabricator instance.

[AArch64][PtrAuth] Fix unwind state for tail calls
ClosedPublic

Authored by olista01 on Jul 27 2023, 6:43 AM.

Details

Summary

When generating unwind tables for code which uses return-address
signing, we need to toggle the RA_SIGN_STATE DWARF register around any
tail-calls, because these require the return address to be authenticated
before the call, and could throw an exception. This is done using the
.cfi_negate_ra_state directive before the call, and .cfi_restore_state
at the start of the next basic block.

However, since D153098, the .cfi_restore_state isn't being inserted,
because the CFIFixup pass isn't being run. This re-enables that pass
when return-adress signing is enabled.

Diff Detail

Event Timeline

olista01 created this revision.Jul 27 2023, 6:43 AM
Herald added a project: Restricted Project. · View Herald TranscriptJul 27 2023, 6:43 AM
olista01 requested review of this revision.Jul 27 2023, 6:43 AM
Herald added a project: Restricted Project. · View Herald TranscriptJul 27 2023, 6:43 AM
ikudrin added a comment.EditedJul 29 2023, 10:33 PM

Thanks for working on this!

Have you considered disabling the emitting of .cfi_negate_ra_state in InsertReturnAddressAuth() for synchronous unwind tables? This might be more in line with the changes in D153098.

olista01 updated this revision to Diff 545620.Jul 31 2023, 6:01 AM
  • Don't emit .cfi_negate_ra_state for synchronous unwind tables
  • Convert test to update_llc_test_checks
  • Test sync and async unwind tables
ikudrin accepted this revision.Jul 31 2023, 5:37 PM

LGTM with a nit. Please wait a few days for possible feedback from others.

It would also be great to backport the fix to the LLVM-17 release.

llvm/test/CodeGen/AArch64/sign-return-address-cfi-negate-ra-state.ll
78–83

Do you think it would be helpful to add some CHECK-DUMP-LABEL: lines here?

This revision is now accepted and ready to land.Jul 31 2023, 5:37 PM
olista01 updated this revision to Diff 546491.Aug 2 2023, 8:33 AM

Added full checking of the llvm-dwarfdump output.

This also revealed another future optimisation opportunity: move the
negate_ra_state forward to the same location as the other unwind opcodes, to
save one advance_loc per function.

Could you update the review to reflect changes in sign-return-address.ll after D156327?

This also revealed another future optimisation opportunity: move the
negate_ra_state forward to the same location as the other unwind opcodes, to
save one advance_loc per function.

Right, thanks. Do you want to prepare a patch for this?

llvm/test/CodeGen/AArch64/sign-return-address-cfi-negate-ra-state.ll
79–86

Perhaps remove excess details to make the test more robust?

MaskRay accepted this revision.Aug 2 2023, 2:18 PM
olista01 updated this revision to Diff 546787.Aug 3 2023, 3:39 AM
  • Updated sign-return-address.ll after D156327
  • Simplified llvm-dwarfdump checks

Right, thanks. Do you want to prepare a patch for this?

I've put it on my ideas list, but probably won't get to it any time soon, so if you want to do it then go ahead.

This revision was landed with ongoing or failed builds.Aug 3 2023, 3:46 AM
This revision was automatically updated to reflect the committed changes.