[compiler-rt] [libcxxabi] [libunwind] [runtimes][PAC] Harden unwinding when possible (#138571) (PR #143230)

[Anatoly Trosinenko via llvm-commits]

================
@@ -597,6 +611,18 @@ _LIBUNWIND_EXPORT uintptr_t _Unwind_GetIP(struct _Unwind_Context *context) {
   unw_cursor_t *cursor = (unw_cursor_t *)context;
   unw_word_t result;
   __unw_get_reg(cursor, UNW_REG_IP, &result);
+
+#if __has_feature(ptrauth_calls)
+  // If we are in an arm64e frame, then the PC should have been signed with the
+  // sp
+  {
+    unw_word_t sp;
+    __unw_get_reg(cursor, UNW_REG_SP, &sp);
+    result = (unw_word_t)ptrauth_auth_data((void *)result,
+                                           ptrauth_key_return_address, sp);
+  }
+#endif
----------------
atrosinenko wrote:

Hmm, this `ptrauth_auth_data` call seems to be necessary even if only `-mbranch-protection=pac-ret` is in effect (that is, `__has_feature(ptrauth_returns)`). Most of the times, pac-ret protection should not affect the ABI compatibility, but this doesn't seem to be the case for exception handling.

@asl I wonder whether the functions whose stack frames can be unwound should be compiled with the same pac-ret setting as libunwind library itself? Another and probably better approach would be to take `RA_SIGN_STATE` pseudo register into account as long as its value can be safely obtained at this point.

https://github.com/llvm/llvm-project/pull/143230