[libunwind] [libunwind] Fix exposure of UNW_AARCH64_RA_SIGN_STATE through _Unwind… (PR #205188)

Daniil Kovalev via cfe-commits cfe-commits at lists.llvm.org
Fri Jun 26 10:14:33 PDT 2026


================
@@ -0,0 +1,155 @@
+// -*- C++ -*-
+//===----------------------------------------------------------------------===//
+//
+// Part of the LLVM Project, under the Apache License v2.0 with LLVM Exceptions.
+// See https://llvm.org/LICENSE.txt for license information.
+// SPDX-License-Identifier: Apache-2.0 WITH LLVM-exception
+//
+//===----------------------------------------------------------------------===//
+
+// clang-format off
+
+// REQUIRES: target={{aarch64.*}}
+// UNSUPPORTED: target={{.*-windows.*}}
+
+// The libSystem unwinder does not correctly read UNW_AARCH64_RA_SIGN_STATE, at
+// least through OS version 27.0
+// XFAIL: stdlib=apple-libc++ && target={{.*}}-apple-{{.*}}{{(11|12|13|14|15|26)(\.\d+)?}}
+// XFAIL: stdlib=apple-libc++ && target={{.*}}-apple-{{.*}}27.0
+
+// clang-format on
+
+#undef NDEBUG
+#include "../src/config.h"
+#include "support/func_bounds.h"
+#include <assert.h>
+#include <inttypes.h>
+#include <libunwind.h>
+#include <stdio.h>
+#include <stdlib.h>
+#include <sys/types.h>
+#include <unistd.h>
+#include <unwind.h>
+
+#if defined(__APPLE__)
+#include <sys/sysctl.h>
+#endif
+#if defined(_LIBUNWIND_HAVE_GETAUXVAL) || defined(_LIBUNWIND_HAVE_ELF_AUX_INFO)
+#include <sys/auxv.h>
+#endif
+
+// Note: This test requires FEAT_PAuth (and is setup to pass on other targets).
+
+#if defined(__APPLE__)
+static bool checkHasPAuth() {
+  int has_pauth = 0;
+  size_t size = sizeof(has_pauth);
+  if (sysctlbyname("hw.optional.arm.FEAT_PAuth", &has_pauth, &size, NULL, 0))
+    return false;
+  return has_pauth != 0;
+}
+#elif defined(_LIBUNWIND_HAVE_GETAUXVAL)
+static bool checkHasPAuth() {
+  constexpr unsigned long hwcap_paca = (1UL << 30);
+  unsigned long hwcap = getauxval(AT_HWCAP);
+  return (hwcap & hwcap_paca) != 0;
+}
+#elif defined(_LIBUNWIND_HAVE_ELF_AUX_INFO)
+static bool checkHasPAuth() {
+  constexpr unsigned long hwcap_paca = (1UL << 30);
+  unsigned long hwcap = 0;
+  elf_aux_info(AT_HWCAP, &hwcap, sizeof(hwcap));
+  return (hwcap & hwcap_paca) != 0;
+}
+#else
+static bool checkHasPAuth() {
+  // TODO: Support other platforms.
+  return false;
+}
+#endif
+
+FUNC_BOUNDS_DECL(main_func);
+
+_Unwind_Reason_Code frame_handler(struct _Unwind_Context *ctx, void *arg) {
+  uint64_t ra_sign_state =
+      (uint64_t)_Unwind_GetGR(ctx, UNW_AARCH64_RA_SIGN_STATE);
+
+  uintptr_t ip = _Unwind_GetIP(ctx);
+  if (ip >= (uintptr_t)FUNC_START(main_func) &&
+      ip < (uintptr_t)FUNC_END(main_func)) {
+
+    // Collect the RA from the callee that will return to main.
+    *(uint64_t *)arg = ra_sign_state;
+
+    // Unwind until main is reached, above frames depend on the platform and
+    // architecture.
+    return _URC_END_OF_STACK;
+  }
+
+#if defined(__PTRAUTH__) || __has_feature(ptrauth_calls)
+  assert(ra_sign_state == 1);
+#else
+  assert(ra_sign_state == 0);
+#endif
+
+  return _URC_NO_REASON;
+}
+
+__attribute__((noinline)) extern "C" uintptr_t
+get_main_ra_sign_state(const char *note) {
+  printf("check: %s\n", note);
+  uint64_t sign_state = -1;
+  _Unwind_Backtrace(frame_handler, &sign_state);
+  printf("UNW_AARCH64_RA_SIGN_STATE for %s = %" PRIu64 "\n", note, sign_state);
+  assert((sign_state & 0x3) == sign_state);
+  return sign_state;
+}
+
+__attribute__((noinline)) uint64_t check_vanilla(const char *note) {
+  return get_main_ra_sign_state(note);
+}
+
+__attribute__((naked, target("pauth"))) uint64_t
+check_negate(const char *note) {
+  // clang-format off
+  asm(".cfi_negate_ra_state\n"
+      "pacibsp\n"
+
+      "stp x29, x30, [sp, #-16]!\n"
+      ".cfi_def_cfa_offset 16\n"
+      ".cfi_offset x29, -16\n"
+      ".cfi_offset x30, -8\n"
+
+      "bl " SYMBOL_NAME(get_main_ra_sign_state) "\n"
----------------
kovdan01 wrote:

Do I get it right that here we rely on the fact that `note` pointer remains in the same `x0` register and gets passed to `get_main_ra_sign_state`? If so, I'm wondering do we actually have such a guarantee. It's probably not that important since it just about debug printing, but anyway if we can make this more robust (for example, explicitly set `x0` in inline assembly registers set list)  - it's probably worth doing that.

https://github.com/llvm/llvm-project/pull/205188


More information about the cfe-commits mailing list