This is the mail archive of the
gcc-patches@gcc.gnu.org
mailing list for the GCC project.
[PATCH] Fix i?86 libffi with -fstack-protector
- From: Jakub Jelinek <jakub at redhat dot com>
- To: gcc-patches at gcc dot gnu dot org
- Date: Tue, 9 Aug 2005 12:25:26 -0400
- Subject: [PATCH] Fix i?86 libffi with -fstack-protector
- Reply-to: Jakub Jelinek <jakub at redhat dot com>
Hi!
If GCC is built with -fstack-protector, it fails many libffi tests on i386.
The problem is that ffi_closure_SYSV / ffi_closure_raw_SYSV is doing
something terribly hackish and unportable, particularly loading return
value into %eax or other registers and then leaving a void function in
the hope that nothing will clobber those registers. But e.g. stack guard
canary check can easily clobber them.
I think either we can built src/x86/ffi.c with -fno-stack-protector
assuming $CC supports that option (but I haven't been able to convince
automake to do that, as the file is in a subdirectory) and wait till this
happens next time, or do something as the following patch, i.e. do
the actual returning of the value in pure assembly.
Tested with -fstack-protector with both libffi and libjava testsuite.
2005-08-09 Jakub Jelinek <jakub@redhat.com>
* src/x86/ffi.c (hidden): Define.
(ffi_closure_SYSV): Remove.
(ffi_closure_SYSV_inner): New.
(ffi_closure_raw_SYSV): Remove.
* src/x86/sysv.S (ffi_closure_SYSV, ffi_closure_raw_SYSV): New.
* src/x86/win32.S (ffi_closure_SYSV, ffi_closure_raw_SYSV): New.
--- libffi/src/x86/ffi.c.jj 2004-03-16 14:17:33.000000000 -0500
+++ libffi/src/x86/ffi.c 2005-08-09 09:08:55.000000000 -0400
@@ -33,6 +33,12 @@
#include <stdlib.h>
+#if __GNUC__ > 3 || (__GNUC__ == 3 && __GNUC_MINOR__ > 1)
+# define hidden __attribute__ ((visibility ("hidden")))
+#else
+# define hidden
+#endif
+
/* ffi_prep_args is called by the assembly routine once stack space
has been allocated for the function's arguments */
@@ -241,26 +247,24 @@ void ffi_call(/*@dependent@*/ ffi_cif *c
static void ffi_prep_incoming_args_SYSV (char *stack, void **ret,
void** args, ffi_cif* cif);
-static void ffi_closure_SYSV (ffi_closure *)
+void ffi_closure_SYSV (ffi_closure *)
+ __attribute__ ((regparm(1)));
+unsigned int hidden ffi_closure_SYSV_inner (ffi_closure *, void **, void *)
__attribute__ ((regparm(1)));
-static void ffi_closure_raw_SYSV (ffi_raw_closure *)
+void ffi_closure_raw_SYSV (ffi_raw_closure *)
__attribute__ ((regparm(1)));
/* This function is jumped to by the trampoline */
-static void
-ffi_closure_SYSV (closure)
+unsigned int hidden
+ffi_closure_SYSV_inner (closure, respp, args)
ffi_closure *closure;
+ void **respp;
+ void *args;
{
- // this is our return value storage
- long double res;
-
// our various things...
ffi_cif *cif;
void **arg_area;
- unsigned short rtype;
- void *resp = (void*)&res;
- void *args = __builtin_dwarf_cfa ();
cif = closure->cif;
arg_area = (void**) alloca (cif->nargs * sizeof (void*));
@@ -271,46 +275,11 @@ ffi_closure_SYSV (closure)
* a structure, it will re-set RESP to point to the
* structure return address. */
- ffi_prep_incoming_args_SYSV(args, (void**)&resp, arg_area, cif);
-
- (closure->fun) (cif, resp, arg_area, closure->user_data);
+ ffi_prep_incoming_args_SYSV(args, respp, arg_area, cif);
- rtype = cif->flags;
+ (closure->fun) (cif, *respp, arg_area, closure->user_data);
- /* now, do a generic return based on the value of rtype */
- if (rtype == FFI_TYPE_INT)
- {
- asm ("movl (%0),%%eax" : : "r" (resp) : "eax");
- }
- else if (rtype == FFI_TYPE_FLOAT)
- {
- asm ("flds (%0)" : : "r" (resp) : "st" );
- }
- else if (rtype == FFI_TYPE_DOUBLE)
- {
- asm ("fldl (%0)" : : "r" (resp) : "st", "st(1)" );
- }
- else if (rtype == FFI_TYPE_LONGDOUBLE)
- {
- asm ("fldt (%0)" : : "r" (resp) : "st", "st(1)" );
- }
- else if (rtype == FFI_TYPE_SINT64)
- {
- asm ("movl 0(%0),%%eax;"
- "movl 4(%0),%%edx"
- : : "r"(resp)
- : "eax", "edx");
- }
-#ifdef X86_WIN32
- else if (rtype == FFI_TYPE_SINT8) /* 1-byte struct */
- {
- asm ("movsbl (%0),%%eax" : : "r" (resp) : "eax");
- }
- else if (rtype == FFI_TYPE_SINT16) /* 2-bytes struct */
- {
- asm ("movswl (%0),%%eax" : : "r" (resp) : "eax");
- }
-#endif
+ return cif->flags;
}
/*@-exportheader@*/
@@ -394,57 +363,6 @@ ffi_prep_closure (ffi_closure* closure,
#if !FFI_NO_RAW_API
-static void
-ffi_closure_raw_SYSV (closure)
- ffi_raw_closure *closure;
-{
- // this is our return value storage
- long double res;
-
- // our various things...
- ffi_raw *raw_args;
- ffi_cif *cif;
- unsigned short rtype;
- void *resp = (void*)&res;
-
- /* get the cif */
- cif = closure->cif;
-
- /* the SYSV/X86 abi matches the RAW API exactly, well.. almost */
- raw_args = (ffi_raw*) __builtin_dwarf_cfa ();
-
- (closure->fun) (cif, resp, raw_args, closure->user_data);
-
- rtype = cif->flags;
-
- /* now, do a generic return based on the value of rtype */
- if (rtype == FFI_TYPE_INT)
- {
- asm ("movl (%0),%%eax" : : "r" (resp) : "eax");
- }
- else if (rtype == FFI_TYPE_FLOAT)
- {
- asm ("flds (%0)" : : "r" (resp) : "st" );
- }
- else if (rtype == FFI_TYPE_DOUBLE)
- {
- asm ("fldl (%0)" : : "r" (resp) : "st", "st(1)" );
- }
- else if (rtype == FFI_TYPE_LONGDOUBLE)
- {
- asm ("fldt (%0)" : : "r" (resp) : "st", "st(1)" );
- }
- else if (rtype == FFI_TYPE_SINT64)
- {
- asm ("movl 0(%0),%%eax; movl 4(%0),%%edx"
- : : "r"(resp)
- : "eax", "edx");
- }
-}
-
-
-
-
ffi_status
ffi_prep_raw_closure (ffi_raw_closure* closure,
ffi_cif* cif,
--- libffi/src/x86/sysv.S.jj 2005-02-28 07:23:32.000000000 -0500
+++ libffi/src/x86/sysv.S 2005-08-09 10:34:27.000000000 -0400
@@ -1,5 +1,5 @@
/* -----------------------------------------------------------------------
- sysv.S - Copyright (c) 1996, 1998, 2001, 2002, 2003 Red Hat, Inc.
+ sysv.S - Copyright (c) 1996, 1998, 2001, 2002, 2003, 2005 Red Hat, Inc.
X86 Foreign Function Interface
@@ -130,6 +130,123 @@ epilogue:
.ffi_call_SYSV_end:
.size ffi_call_SYSV,.ffi_call_SYSV_end-ffi_call_SYSV
+ .align 4
+.globl ffi_closure_SYSV
+ .type ffi_closure_SYSV, @function
+
+ffi_closure_SYSV:
+.LFB2:
+ pushl %ebp
+.LCFI2:
+ movl %esp, %ebp
+.LCFI3:
+ subl $40, %esp
+ leal -24(%ebp), %edx
+ movl %edx, -12(%ebp) /* resp */
+ leal 8(%ebp), %edx
+ movl %edx, 4(%esp) /* args = __builtin_dwarf_cfa () */
+ leal -12(%ebp), %edx
+ movl %edx, (%esp) /* &resp */
+ call ffi_closure_SYSV_inner
+ movl -12(%ebp), %ecx
+ cmpl $FFI_TYPE_INT, %eax
+ je .Lcls_retint
+ cmpl $FFI_TYPE_FLOAT, %eax
+ je .Lcls_retfloat
+ cmpl $FFI_TYPE_DOUBLE, %eax
+ je .Lcls_retdouble
+ cmpl $FFI_TYPE_LONGDOUBLE, %eax
+ je .Lcls_retldouble
+ cmpl $FFI_TYPE_SINT64, %eax
+ je .Lcls_retllong
+.Lcls_epilogue:
+ movl %ebp, %esp
+ popl %ebp
+ ret
+.Lcls_retint:
+ movl (%ecx), %eax
+ jmp .Lcls_epilogue
+.Lcls_retfloat:
+ flds (%ecx)
+ jmp .Lcls_epilogue
+.Lcls_retdouble:
+ fldl (%ecx)
+ jmp .Lcls_epilogue
+.Lcls_retldouble:
+ fldt (%ecx)
+ jmp .Lcls_epilogue
+.Lcls_retllong:
+ movl (%ecx), %eax
+ movl 4(%ecx), %edx
+ jmp .Lcls_epilogue
+.LFE2:
+ .size ffi_closure_SYSV, .-ffi_closure_SYSV
+
+#if !FFI_NO_RAW_API
+
+#define RAW_CLOSURE_CIF_OFFSET ((FFI_TRAMPOLINE_SIZE + 3) & ~3)
+#define RAW_CLOSURE_FUN_OFFSET (RAW_CLOSURE_CIF_OFFSET + 4)
+#define RAW_CLOSURE_USER_DATA_OFFSET (RAW_CLOSURE_FUN_OFFSET + 4)
+#define CIF_FLAGS_OFFSET 20
+
+ .align 4
+.globl ffi_closure_raw_SYSV
+ .type ffi_closure_raw_SYSV, @function
+
+ffi_closure_raw_SYSV:
+.LFB3:
+ pushl %ebp
+.LCFI4:
+ movl %esp, %ebp
+.LCFI5:
+ pushl %esi
+.LCFI6:
+ subl $36, %esp
+ movl RAW_CLOSURE_CIF_OFFSET(%eax), %esi /* closure->cif */
+ movl RAW_CLOSURE_USER_DATA_OFFSET(%eax), %edx /* closure->user_data */
+ movl %edx, 12(%esp) /* user_data */
+ leal 8(%ebp), %edx /* __builtin_dwarf_cfa () */
+ movl %edx, 8(%esp) /* raw_args */
+ leal -24(%ebp), %edx
+ movl %edx, 4(%esp) /* &res */
+ movl %esi, (%esp) /* cif */
+ call *RAW_CLOSURE_FUN_OFFSET(%eax) /* closure->fun */
+ movl CIF_FLAGS_OFFSET(%esi), %eax /* rtype */
+ cmpl $FFI_TYPE_INT, %eax
+ je .Lrcls_retint
+ cmpl $FFI_TYPE_FLOAT, %eax
+ je .Lrcls_retfloat
+ cmpl $FFI_TYPE_DOUBLE, %eax
+ je .Lrcls_retdouble
+ cmpl $FFI_TYPE_LONGDOUBLE, %eax
+ je .Lrcls_retldouble
+ cmpl $FFI_TYPE_SINT64, %eax
+ je .Lrcls_retllong
+.Lrcls_epilogue:
+ addl $36, %esp
+ popl %esi
+ popl %ebp
+ ret
+.Lrcls_retint:
+ movl -24(%ebp), %eax
+ jmp .Lrcls_epilogue
+.Lrcls_retfloat:
+ flds -24(%ebp)
+ jmp .Lrcls_epilogue
+.Lrcls_retdouble:
+ fldl -24(%ebp)
+ jmp .Lrcls_epilogue
+.Lrcls_retldouble:
+ fldt -24(%ebp)
+ jmp .Lrcls_epilogue
+.Lrcls_retllong:
+ movl -24(%ebp), %eax
+ movl -20(%ebp), %edx
+ jmp .Lrcls_epilogue
+.LFE3:
+ .size ffi_closure_raw_SYSV, .-ffi_closure_raw_SYSV
+#endif
+
.section .eh_frame,EH_FRAME_FLAGS,@progbits
.Lframe1:
.long .LECIE1-.LSCIE1 /* Length of Common Information Entry */
@@ -180,6 +297,65 @@ epilogue:
.byte 0x5 /* .uleb128 0x5 */
.align 4
.LEFDE1:
+.LSFDE2:
+ .long .LEFDE2-.LASFDE2 /* FDE Length */
+.LASFDE2:
+ .long .LASFDE2-.Lframe1 /* FDE CIE offset */
+#ifdef __PIC__
+ .long .LFB2-. /* FDE initial location */
+#else
+ .long .LFB2
+#endif
+ .long .LFE2-.LFB2 /* FDE address range */
+#ifdef __PIC__
+ .byte 0x0 /* .uleb128 0x0; Augmentation size */
+#endif
+ .byte 0x4 /* DW_CFA_advance_loc4 */
+ .long .LCFI2-.LFB2
+ .byte 0xe /* DW_CFA_def_cfa_offset */
+ .byte 0x8 /* .uleb128 0x8 */
+ .byte 0x85 /* DW_CFA_offset, column 0x5 */
+ .byte 0x2 /* .uleb128 0x2 */
+ .byte 0x4 /* DW_CFA_advance_loc4 */
+ .long .LCFI3-.LCFI2
+ .byte 0xd /* DW_CFA_def_cfa_register */
+ .byte 0x5 /* .uleb128 0x5 */
+ .align 4
+.LEFDE2:
+
+#if !FFI_NO_RAW_API
+
+.LSFDE3:
+ .long .LEFDE3-.LASFDE3 /* FDE Length */
+.LASFDE3:
+ .long .LASFDE3-.Lframe1 /* FDE CIE offset */
+#ifdef __PIC__
+ .long .LFB3-. /* FDE initial location */
+#else
+ .long .LFB3
+#endif
+ .long .LFE3-.LFB3 /* FDE address range */
+#ifdef __PIC__
+ .byte 0x0 /* .uleb128 0x0; Augmentation size */
+#endif
+ .byte 0x4 /* DW_CFA_advance_loc4 */
+ .long .LCFI4-.LFB3
+ .byte 0xe /* DW_CFA_def_cfa_offset */
+ .byte 0x8 /* .uleb128 0x8 */
+ .byte 0x85 /* DW_CFA_offset, column 0x5 */
+ .byte 0x2 /* .uleb128 0x2 */
+ .byte 0x4 /* DW_CFA_advance_loc4 */
+ .long .LCFI5-.LCFI4
+ .byte 0xd /* DW_CFA_def_cfa_register */
+ .byte 0x5 /* .uleb128 0x5 */
+ .byte 0x4 /* DW_CFA_advance_loc4 */
+ .long .LCFI6-.LCFI5
+ .byte 0x86 /* DW_CFA_offset, column 0x6 */
+ .byte 0x3 /* .uleb128 0x3 */
+ .align 4
+.LEFDE3:
+
+#endif
#endif /* ifndef __x86_64__ */
--- libffi/src/x86/win32.S.jj 2004-03-16 14:17:33.000000000 -0500
+++ libffi/src/x86/win32.S 2005-08-09 10:34:41.000000000 -0400
@@ -257,3 +257,117 @@ sc_epilogue:
ret
.ffi_call_STDCALL_end:
+
+ .globl _ffi_closure_SYSV
+_ffi_closure_SYSV:
+ pushl %ebp
+ movl %esp, %ebp
+ subl $40, %esp
+ leal -24(%ebp), %edx
+ movl %edx, -12(%ebp) /* resp */
+ leal 8(%ebp), %edx
+ movl %edx, 4(%esp) /* args = __builtin_dwarf_cfa () */
+ leal -12(%ebp), %edx
+ movl %edx, (%esp) /* &resp */
+ call _ffi_closure_SYSV_inner
+ movl -12(%ebp), %ecx
+ cmpl $FFI_TYPE_INT, %eax
+ je .Lcls_retint
+ cmpl $FFI_TYPE_FLOAT, %eax
+ je .Lcls_retfloat
+ cmpl $FFI_TYPE_DOUBLE, %eax
+ je .Lcls_retdouble
+ cmpl $FFI_TYPE_LONGDOUBLE, %eax
+ je .Lcls_retldouble
+ cmpl $FFI_TYPE_SINT64, %eax
+ je .Lcls_retllong
+ cmpl $FFI_TYPE_SINT8, %eax /* 1-byte struct */
+ je .Lcls_retstruct1
+ cmpl $FFI_TYPE_SINT16, %eax /* 2-bytes struct */
+ je .Lcls_retstruct2
+.Lcls_epilogue:
+ movl %ebp, %esp
+ popl %ebp
+ ret
+.Lcls_retint:
+ movl (%ecx), %eax
+ jmp .Lcls_epilogue
+.Lcls_retfloat:
+ flds (%ecx)
+ jmp .Lcls_epilogue
+.Lcls_retdouble:
+ fldl (%ecx)
+ jmp .Lcls_epilogue
+.Lcls_retldouble:
+ fldt (%ecx)
+ jmp .Lcls_epilogue
+.Lcls_retllong:
+ movl (%ecx), %eax
+ movl 4(%ecx), %edx
+ jmp .Lcls_epilogue
+.Lcls_retstruct1:
+ movsbl (%ecx), %eax
+ jmp .Lcls_epilogue
+.Lcls_retstruct2:
+ movswl (%ecx), %eax
+ jmp .Lcls_epilogue
+.ffi_closure_SYSV_end:
+
+#if !FFI_NO_RAW_API
+
+#define RAW_CLOSURE_CIF_OFFSET ((FFI_TRAMPOLINE_SIZE + 3) & ~3)
+#define RAW_CLOSURE_FUN_OFFSET (RAW_CLOSURE_CIF_OFFSET + 4)
+#define RAW_CLOSURE_USER_DATA_OFFSET (RAW_CLOSURE_FUN_OFFSET + 4)
+#define CIF_FLAGS_OFFSET 20
+
+ .balign 16
+ .globl _ffi_closure_raw_SYSV
+_ffi_closure_raw_SYSV:
+ pushl %ebp
+ movl %esp, %ebp
+ pushl %esi
+ subl $36, %esp
+ movl RAW_CLOSURE_CIF_OFFSET(%eax), %esi /* closure->cif */
+ movl RAW_CLOSURE_USER_DATA_OFFSET(%eax), %edx /* closure->user_data */
+ movl %edx, 12(%esp) /* user_data */
+ leal 8(%ebp), %edx /* __builtin_dwarf_cfa () */
+ movl %edx, 8(%esp) /* raw_args */
+ leal -24(%ebp), %edx
+ movl %edx, 4(%esp) /* &res */
+ movl %esi, (%esp) /* cif */
+ call *RAW_CLOSURE_FUN_OFFSET(%eax) /* closure->fun */
+ movl CIF_FLAGS_OFFSET(%esi), %eax /* rtype */
+ cmpl $FFI_TYPE_INT, %eax
+ je .Lrcls_retint
+ cmpl $FFI_TYPE_FLOAT, %eax
+ je .Lrcls_retfloat
+ cmpl $FFI_TYPE_DOUBLE, %eax
+ je .Lrcls_retdouble
+ cmpl $FFI_TYPE_LONGDOUBLE, %eax
+ je .Lrcls_retldouble
+ cmpl $FFI_TYPE_SINT64, %eax
+ je .Lrcls_retllong
+.Lrcls_epilogue:
+ addl $36, %esp
+ popl %esi
+ popl %ebp
+ ret
+.Lrcls_retint:
+ movl -24(%ebp), %eax
+ jmp .Lrcls_epilogue
+.Lrcls_retfloat:
+ flds -24(%ebp)
+ jmp .Lrcls_epilogue
+.Lrcls_retdouble:
+ fldl -24(%ebp)
+ jmp .Lrcls_epilogue
+.Lrcls_retldouble:
+ fldt -24(%ebp)
+ jmp .Lrcls_epilogue
+.Lrcls_retllong:
+ movl -24(%ebp), %eax
+ movl -20(%ebp), %edx
+ jmp .Lrcls_epilogue
+.ffi_closure_raw_SYSV_end:
+
+#endif
Jakub