| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Tue, 26 May 2020 18:39:47 +0200 (CEST)
From: Miroslav Benes <mbenes@...e.cz>
To: Josh Poimboeuf <jpoimboe@...hat.com>
cc: Randy Dunlap <rdunlap@...radead.org>,
Stephen Rothwell <sfr@...b.auug.org.au>,
Linux Next Mailing List <linux-next@...r.kernel.org>,
Linux Kernel Mailing List <linux-kernel@...r.kernel.org>,
Peter Zijlstra <peterz@...radead.org>, mjambor@...e.cz,
mliska@...e.cz, pmladek@...e.cz, live-patching@...r.kernel.org
Subject: Re: linux-next: Tree for May 21 (objtool warnings)
On Tue, 26 May 2020, Josh Poimboeuf wrote:
> On Mon, May 25, 2020 at 01:07:27PM +0200, Miroslav Benes wrote:
> > > I'll try to find out which optimization does this, because it is a
> > > slightly different scenario than hiding __noreturn from the callees.
> > > Probably -fno-ipa-pure-const again.
> >
> > And it is indeed -fno-ipa-pure-const again.
>
> It still seems odd to me that GCC's dead end detection seems to break
> with -fno-ipa-pure-const. Do you know if these issues can be fixed on
> the GCC side?
It is odd. I asked Martin and Martin about that yesterday (CCed). It could
be possible to enable just noreturn propagation for -flive-patching if I
understood correctly. The attribute would need to be preserved in a
patched function then, but that should be manageable.
Marking functions as __noreturn is one thing (I think it is useful on its
own as mentioned in the older thread about -flive-patching), but
__always_inline solution in this case is really arbitrary. I don't like
this neverending "battle" with compilers much, so it would be nice to have
some kind of generic solution (and I currently have no idea about that).
Of course, declaring -flive-patching a failed experiment is an option if
there is not a better way to deal with a dead end detection either in GCC
or in objtool. I would not like it, but you're right that if there are
more and more problems like this appearing, we'll have to deal with
maintainers all over the place and ask them to maintain odd fixes just for
the sake of -flive-patching. I don't know what the current numbers are
though. We'd have to approach the problem of GCC optimizations from a
different angle. Petr CCed (we talked about it yesterday as well).
But first, let's try to find a way with -flive-patching.
Reduced test case follows (courtesty of Martin Liska):
$ cat open.i
int global;
void
break_deleg_wait()
{
asm(".byte 15, 0x0b");
__builtin_unreachable();
}
void chmod_common_delegated_inode(int arg)
{
retry_deleg:
if (arg)
break_deleg_wait(global);
else
return;
goto retry_deleg;
}
$ gcc open.i -c -Os -fno-omit-frame-pointer -fno-ipa-pure-const && ./tools/objtool/objtool check open.o
open.o: warning: objtool: chmod_common_delegated_inode()+0x18: unreachable instruction
$ gcc open.i -c -Os -fno-omit-frame-pointer && ./tools/objtool/objtool check open.o
[OK]
---
So it is a similar problem. There is no noreturn attribute anywhere
(nothing to propagate from a caller to a callee). Here, the information
about an unreachable code is not propagated to the caller
(chmod_common_delegated_inode()).
Martins, would it be possible to extend -flive-patching to deal with this?
Miroslav
Powered by blists - more mailing lists