[llvm-bugs] [Bug 45013] New: X86 JIT doesn't support Intel CET
via llvm-bugs
llvm-bugs at lists.llvm.org
Mon Feb 24 19:21:46 PST 2020
https://bugs.llvm.org/show_bug.cgi?id=45013
Bug ID: 45013
Summary: X86 JIT doesn't support Intel CET
Product: new-bugs
Version: trunk
Hardware: PC
OS: Linux
Status: NEW
Severity: normal
Priority: P
Component: new bugs
Assignee: unassignedbugs at nondot.org
Reporter: hjl.tools at gmail.com
CC: htmldeveloper at gmail.com, llvm-bugs at lists.llvm.org
To support IBT and SHSTK in Intel CET, x86 JIT
1. For IBT, put ENDBR at all indirect branch targets. This has been done
regardless if IBT is enabled or not since there is no easy way to check if
IBT is active and ENDBR is a NOP on non-CET processors. At minimum, all
entry points of jitted code should start with ENDBR, add NOTRACK prefix
before indirect call and jmp within jitted code.
2. For SHSTK, unwind shadow stack when skipping stack frames on return.
On CET machine with CET enabled Linux OS, I got control protection fault:
(gdb) disass 0x00007f0c40002000,+30
Dump of assembler code from 0x7f0c40002000 to 0x7f0c4000201e:
=> 0x00007f0c40002000: push %rbp <<<< Missing ENDBR
0x00007f0c40002001: mov %rsp,%rbp
0x00007f0c40002004: push %r15
0x00007f0c40002006: push %r14
0x00007f0c40002008: push %r13
0x00007f0c4000200a: push %r12
0x00007f0c4000200c: push %rbx
0x00007f0c4000200d: and $0xffffffffffffffe0,%rsp
0x00007f0c40002011: sub $0x60,%rsp
0x00007f0c40002015: mov 0x30(%rbp),%r14
0x00007f0c40002019: mov 0x10(%rbp),%rax
0x00007f0c4000201d: lea -0x1(%rcx),%ebx
End of assembler dump.
(gdb) bt
#0 0x00007f0c40002000 in ()
#1 0x00007f0c69c8a106 in llvm_pipeline_generic.constprop ()
at /usr/lib64/dri/swrast_dri.so
#2 0x00007f0c69c8a613 in llvm_middle_end_linear_run ()
at /usr/lib64/dri/swrast_dri.so
#3 0x00007f0c69c1de3a in vsplit_run_linear () at /usr/lib64/dri/swrast_dri.so
#4 0x00007f0c69c17773 in draw_pt_arrays () at /usr/lib64/dri/swrast_dri.so
#5 0x00007f0c69c17c90 in draw_vbo () at /usr/lib64/dri/swrast_dri.so
#6 0x00007f0c693b06fb in llvmpipe_draw_vbo () at /usr/lib64/dri/swrast_dri.so
#7 0x00007f0c69c363ca in blitter_draw () at /usr/lib64/dri/swrast_dri.so
#8 0x00007f0c69c36733 in blitter_draw_tex () at /usr/lib64/dri/swrast_dri.so
#9 0x00007f0c69c36e5d in do_blits () at /usr/lib64/dri/swrast_dri.so
#10 0x00007f0c69c394e6 in util_blitter_blit_generic ()
at /usr/lib64/dri/swrast_dri.so
#11 0x00007f0c69c3a672 in util_blitter_blit () at /usr/lib64/dri/swrast_dri.so
#12 0x00007f0c693cf8e7 in lp_blit () at /usr/lib64/dri/swrast_dri.so
#13 0x00007f0c69c3c862 in util_gen_mipmap () at /usr/lib64/dri/swrast_dri.so
#14 0x00007f0c6979b887 in st_generate_mipmap () at /usr/lib64/dri/swrast_dri.so
#15 0x00007f0c69835e9b in generate_texture_mipmap_error ()
at /usr/lib64/dri/swrast_dri.so
#16 0x00007f0d7006f0f1 in _cogl_texture_gl_generate_mipmaps ()
at /usr/lib64/mutter-5/libmutter-cogl-5.so.0
#17 0x00007f0d700a0e47 in _cogl_texture_2d_pre_paint ()
at /usr/lib64/mutter-5/libmutter-cogl-5.so.0
#18 0x00007f0d700938f1 in _cogl_pipeline_layer_pre_paint ()
at /usr/lib64/mutter-5/libmutter-cogl-5.so.0
#19 0x00007f0d70081faf in _cogl_rectangles_validate_layer_cb ()
at /usr/lib64/mutter-5/libmutter-cogl-5.so.0
#20 0x00007f0d700904a9 in cogl_pipeline_foreach_layer ()
at /usr/lib64/mutter-5/libmutter-cogl-5.so.0
#21 0x00007f0d700823d6 in _cogl_framebuffer_draw_multitextured_rectangles ()
at /usr/lib64/mutter-5/libmutter-cogl-5.so.0
#22 0x00007f0d700acb66 in cogl_framebuffer_draw_textured_rectangle ()
at /usr/lib64/mutter-5/libmutter-cogl-5.so.0
#23 0x00007f0d7061d60a in meta_background_get_texture ()
at /lib64/libmutter-5.so.0
#24 0x00007f0d7061b1e9 in meta_background_actor_paint ()
at /lib64/libmutter-5.so.0
#25 0x00007f0d707f2b7f in clutter_actor_continue_paint ()
at /usr/lib64/mutter-5/libmutter-clutter-5.so.0
#26 0x00007f0d707f9d14 in clutter_actor_paint ()
at /usr/lib64/mutter-5/libmutter-clutter-5.so.0
#27 0x00007f0d708578e2 in clutter_stage_paint ()
at /usr/lib64/mutter-5/libmutter-clutter-5.so.0
#28 0x00007f0d70606981 in meta_stage_paint () at /lib64/libmutter-5.so.0
#29 0x00007f0d707f2b7f in clutter_actor_continue_paint ()
at /usr/lib64/mutter-5/libmutter-clutter-5.so.0
#30 0x00007f0d707f9d14 in clutter_actor_paint ()
at /usr/lib64/mutter-5/libmutter-clutter-5.so.0
#31 0x00007f0d7085c985 in clutter_stage_do_paint_view ()
at /usr/lib64/mutter-5/libmutter-clutter-5.so.0
#32 0x00007f0d70606884 in meta_stage_paint_view () at /lib64/libmutter-5.so.0
#33 0x00007f0d70858cd0 in _clutter_stage_paint_view ()
at /usr/lib64/mutter-5/libmutter-clutter-5.so.0
#34 0x00007f0d70890445 in paint_stage ()
at /usr/lib64/mutter-5/libmutter-clutter-5.so.0
#35 0x00007f0d70890c87 in clutter_stage_cogl_redraw_view ()
at /usr/lib64/mutter-5/libmutter-clutter-5.so.0
#36 0x00007f0d708918e3 in clutter_stage_cogl_redraw ()
at /usr/lib64/mutter-5/libmutter-clutter-5.so.0
#37 0x00007f0d708595d3 in _clutter_stage_do_update ()
at /usr/lib64/mutter-5/libmutter-clutter-5.so.0
#38 0x00007f0d70842509 in clutter_clock_dispatch ()
at /usr/lib64/mutter-5/libmutter-clutter-5.so.0
--Type <RET> for more, q to quit, c to continue without paging--
#39 0x00007f0d711dd510 in g_main_context_dispatch () at /lib64/libglib-2.0.so.0
#40 0x00007f0d711dd8a0 in g_main_context_iterate.isra ()
at /lib64/libglib-2.0.so.0
#41 0x00007f0d711ddb93 in g_main_loop_run () at /lib64/libglib-2.0.so.0
#42 0x00007f0d70640d90 in meta_run () at /lib64/libmutter-5.so.0
#43 0x000056357b2c1cad in main ()
(gdb)
--
You are receiving this mail because:
You are on the CC list for the bug.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.llvm.org/pipermail/llvm-bugs/attachments/20200225/8bc9a2d0/attachment.html>
More information about the llvm-bugs
mailing list