| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <20220513034629.l662gw4mn6bi4zen@M910t>
Date: Fri, 13 May 2022 11:46:29 +0800
From: Changbin Du <changbin.du@...wei.com>
To: Craig Topper <craig.topper@...ive.com>
CC: Alex Bradbury <asb@...radbury.org>,
Albert Ou <aou@...s.berkeley.edu>,
Changbin Du <changbin.du@...wei.com>,
Nick Desaulniers <ndesaulniers@...gle.com>,
Palmer Dabbelt <palmer@...belt.com>,
Paul Walmsley <paul.walmsley@...ive.com>,
Steven Rostedt <rostedt@...dmis.org>, <hw.huiwang@...wei.com>,
<linux-kernel@...r.kernel.org>, <linux-riscv@...ts.infradead.org>,
<llvm@...ts.linux.dev>
Subject: Re: riscv: llvm-compiler: calling convention violation: temporary
register $t2 is used to pass the ninth function parameter
On Thu, May 12, 2022 at 07:49:41AM -0700, Craig Topper wrote:
> Changbin, can you provide a pre-processed source and a command line? I can
> reduce it on the llvm side.
>
hmm, clang can not build the preprocessed source by itself!
$ /opt/llvm-13.0.0/bin/clang -nostdinc -Qunused-arguments -Wall -Wundef -Werror=strict-prototypes -Wno-trigraphs -fno-strict-aliasing -fno-common -fshort-wchar -fno-PIE -Werror=implicit-function-declaration -Werror=implicit-int -Werror=return-type -Wno-format-security -std=gnu11 --target=riscv64-linux-gnu -fintegrated-as -Werror=unknown-warning-option -Werror=ignored-optimization-argument -mabi=lp64 -mno-relax -march=rv64imac -mno-save-restore -mcmodel=medany -fno-omit-frame-pointer -fno-delete-null-pointer-checks -Wno-frame-address -Wno-address-of-packed-member -O2 -Wframe-larger-than=2048 -fstack-protector-strong -Werror -Wno-gnu -Wno-unused-but-set-variable -Wno-unused-const-variable -fno-omit-frame-pointer -fno-optimize-sibling-calls -fno-stack-clash-protection -fpatchable-function-entry=8 -Wdeclaration-after-statement -Wvla -Wno-pointer-sign -Wcast-function-type -fno-strict-overflow -fno-stack-check -Werror=date-time -Werror=incompatible-pointer-types -Wno-initializer-overrides -Wno-format -Wno-sign-compare -Wno-format-zero-length -Wno-pointer-to-enum-cast -Wno-tautological-constant-out-of-range-compare -g -c -o route.o route.i
In file included from net/ipv6/route.c:30:
In file included from ./include/linux/socket.h:8:
In file included from ./include/linux/uio.h:9:
In file included from ./include/linux/thread_info.h:14:
In file included from ./include/linux/restart_block.h:10:
In file included from ./include/linux/time64.h:5:
./include/linux/math64.h:278:128: error: expression result unused [-Werror,-Wunused-value]
({ uint32_t __base = (divisor); uint32_t __rem; __rem = ((uint64_t)(rl.ll)) % __base; (rl.ll) = ((uint64_t)(rl.ll)) / __base; __rem; });
...
I also tried to reduce it using creduce. But the result is still too large and
creduce encounted a bug.
Here is my test script 'llvm-riscv-callconvention-bug.sh':
#!/bin/bash
pushd /home/changbin/work/linux-riscv
/opt/llvm-latest/bin/clang -Wp,-MMD,net/ipv6/.route.o.d -nostdinc -I./arch/riscv/include -I./arch/riscv/include/generated -I./include -I./arch/riscv/include/uapi -I./arch/riscv/include/generated/uapi -I./include/uapi -I./include/generated/uapi -include ./include/linux/compiler-version.h -include ./include/linux/kconfig.h -include ./include/linux/compiler_types.h -D__KERNEL__ -DCC_USING_PATCHABLE_FUNCTION_ENTRY -Qunused-arguments -fmacro-prefix-map=./= -Wall -Wundef -Werror=strict-prototypes -Wno-trigraphs -fno-strict-aliasing -fno-common -fshort-wchar -fno-PIE -Werror=implicit-function-declaration -Werror=implicit-int -Werror=return-type -Wno-format-security -std=gnu11 --target=riscv64-linux-gnu -fintegrated-as -Werror=unknown-warning-option -Werror=ignored-optimization-argument -mabi=lp64 -mno-relax -march=rv64imac -mno-save-restore -DCONFIG_PAGE_OFFSET=0xff60000000000000 -mcmodel=medany -fno-omit-frame-pointer -fno-delete-null-pointer-checks -Wno-frame-address -Wno-address-of-packed-member -O2 -Wframe-larger-than=2048 -fstack-protector-strong -Werror -Wno-gnu -Wno-unused-but-set-variable -Wno-unused-const-variable -fno-omit-frame-pointer -fno-optimize-sibling-calls -fno-stack-clash-protection -fpatchable-function-entry=8 -Wdeclaration-after-statement -Wvla -Wno-pointer-sign -Wcast-function-type -fno-strict-overflow -fno-stack-check -Werror=date-time -Werror=incompatible-pointer-types -Wno-initializer-overrides -Wno-format -Wno-sign-compare -Wno-format-zero-length -Wno-pointer-to-enum-cast -Wno-tautological-constant-out-of-range-compare -g -DKBUILD_MODFILE='"net/ipv6/ipv6"' -DKBUILD_BASENAME='"route"' -DKBUILD_MODNAME='"ipv6"' -D__KBUILD_MODNAME=kmod_ipv6 -c -o net/ipv6/route.o /home/changbin/work/linux-riscv/net/ipv6/route.c || exit 1
mpri_found=false
gdb -q -ex 'info scope __find_rr_leaf' -ex 'quit' net/ipv6/route.o | while read line
do
if [ "$mpri_found" = true ]; then
match='\$t2'
if [[ "$line" =~ $match ]]; then
exit 0
else
exit 1
fi
fi
match='Symbol mpri*'
if [[ "$line" =~ $match ]]; then
mpri_found=true
echo $line
fi
done
popd
$ creduce llvm-riscv-callconvention-bug.sh linux-riscv/net/ipv6/route.c
Here are the steps to reproduce it by buiding linux kernel:
1. copy attached llvm-bug.kernel.config as .config under kernel souce tree.
$ cd linux
$ cp llvm-bug.kernel.config .config
2. build the kernel.
$ make ARCH=riscv LLVM=1 LLVM_IAS=1 -j$(nproc) Image
3. investigate the result.
$ gdb net/ipv6/route.o
$ (gdb) info scope __find_rr_leaf
> On Thu, May 12, 2022 at 1:35 AM Alex Bradbury <asb@...radbury.org> wrote:
>
> > On Thu, 12 May 2022 at 09:30, Changbin Du <changbin.du@...wei.com> wrote:
> > >
> > > On Wed, May 11, 2022 at 01:07:14PM -0700, Craig Topper wrote:
> > > > I’m guessing that because the function is static, the calling
> > convention was changed to fastcall which allows us to ignore the ABI.
> > > >
> > > I think so. But the mcount function assumes the ABI is not changed.
> >
> > It feels like this is a problem that would be encountered on other
> > architectures with clangbuiltlinux as well, due to dropping the ABI
> > requirements for local functions. Have you seen something similar
> > elsewhere Nick?
> >
> > Best,
> >
> > Alex
> >
--
Cheers,
Changbin Du
View attachment "llvm-bug.kernel.config" of type "text/plain" (97610 bytes)
Powered by blists - more mailing lists