From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from mail-wm0-x244.google.com (mail-wm0-x244.google.com [IPv6:2a00:1450:400c:c09::244]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ml01.01.org (Postfix) with ESMTPS id 7D41481F4E for ; Fri, 9 Dec 2016 04:16:03 -0800 (PST) Received: by mail-wm0-x244.google.com with SMTP id u144so3683956wmu.0 for ; Fri, 09 Dec 2016 04:16:03 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:in-reply-to:references:from:date:message-id:subject:to :cc; bh=5MJW0VUxupXBfU2Io5sPQl68jDUakVrGMvoUV6a4DVs=; b=QDB2dVuhc9qMv0hazwmMvHNukjFUeGq446YGOS/nm7fELFGPCn0tYOJP88xhZStI+Q iGkN16GzyyV0Ac4xmuTGVSbSZ8VaepqnZgVsulWpAHwWIqARcmw/ybwbKVcmQ7ivkFYN Mzs9tmwVECWA0Hka8pFeSQmUU4lqIckXSA6nhZYPnx7I76P/aE/X6da0mEE6AOabs88k KOkLoTv4/HJky/d/C+xYs9TuIdFfRDXuSoiFQBfK2+PcQfHVYbrj2RIjXO8k/fpp2fPX WGiFE5Hg/jtOHy9L7oQIAb6RfY1/o4lzTsCDJWIyq3OrJtVpcU0RtG0MxzoMYPKEHgym SYeg== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20130820; h=x-gm-message-state:mime-version:in-reply-to:references:from:date :message-id:subject:to:cc; bh=5MJW0VUxupXBfU2Io5sPQl68jDUakVrGMvoUV6a4DVs=; b=JhAq0MZmT1SGjfE2Sp+Cjj7k7tQf/XX+AN+oA3pXioJ1Nrozi3rbn8tBe0qXqfJDny a+q6ZsUWDTD+n8cgFQutRJu1CncRz203sLtQqGgNs2eJz8LyVOecICYKqFDqjjCl3l2n S6/22ivg1y1ptVPL/pBYNNWUcQABoyWd3BHTqHyEHeD0qyrq7/az7VTUL0TrnD+A4WQf +Fc3mC5TZC+Fo0h0hkt2WG0ysLArMLUXf4aYuavO+M7GlVPd63nYlmTIoWqUW5BPGLSR S8RqpCyHyh+B0k+0/hACusYflKPqo2ykd792kwiJ1kKrkXrkILZT3LijGUoZn5fpcKPk iE4g== X-Gm-Message-State: AKaTC00tayLYzqG6/+Xcla10Sv3ucEqKeyATd+UdeJssksUflQwSgY0DSWYGvfJXuwav5aHpwlMIEyBRHTvZXA== X-Received: by 10.28.139.131 with SMTP id n125mr6483701wmd.116.1481285761960; Fri, 09 Dec 2016 04:16:01 -0800 (PST) MIME-Version: 1.0 Received: by 10.80.183.2 with HTTP; Fri, 9 Dec 2016 04:16:01 -0800 (PST) In-Reply-To: References: From: Michael Zimmermann Date: Fri, 9 Dec 2016 13:16:01 +0100 Message-ID: To: Ard Biesheuvel Cc: "Gao, Liming" , "Zhu, Yonghong" , "Shi, Steven" , "edk2-devel@lists.01.org" Subject: Re: GCC needs __attribute__((returns_twice)) for SetJump X-BeenThere: edk2-devel@lists.01.org X-Mailman-Version: 2.1.21 Precedence: list List-Id: EDK II Development List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 09 Dec 2016 12:16:03 -0000 Content-Type: text/plain; charset=UTF-8 I've tested it with clang 3.9.0 and it seems to support this attribute. But what about MSVC and all the other compilers which can be found in edk2's tools_def? I wasn't able to find anything useful about twice-returning function support for these compilers. So do they just never apply optimizations which could break such functions or is there no way of fixing this? On Thu, Dec 8, 2016 at 3:32 PM, Ard Biesheuvel wrote: > On 8 December 2016 at 13:30, Michael Zimmermann > wrote: >> When compiling with any ARM toolchain and Os, registers can get >> trashed when returning for the second time from SetJump because GCC >> only handles this correctly when using standard names like 'setjmp' or >> 'getcontext'. When different names are used you have to use the >> attribute 'returns_twice' to tell gcc to be extra careful. >> >> example: >> #define FN_NAME nonstandard_setjmp >> extern int FN_NAME(void*); >> >> void jmp_buf_set(void *jmpb, void (*f)(void)) >> { >> if (!FN_NAME(jmpb)) >> f(); >> } >> >> this code produces this wrong code with Os: >> 00000000 : >> 0: e92d4010 push {r4, lr} >> 4: e1a04001 mov r4, r1 >> 8: ebfffffe bl 0 >> c: e3500000 cmp r0, #0 >> 10: 01a03004 moveq r3, r4 >> 14: 08bd4010 popeq {r4, lr} >> 18: 012fff13 bxeq r3 >> 1c: e8bd4010 pop {r4, lr} >> 20: e12fff1e bx lr >> >> The generated code pushes backups of r4 and lr to the stack and then >> saves all registers using nonstandard_setjmp. >> Then it pops the stack and jumps to the function in r3 which is the >> main problem because now the function can overwrite our register >> backups on the stack. >> When we return a second time from the call to nonstandard_setjmp, the >> stack pointer has it's original(pushed) position and when the code >> pops r4 and lr from the stack the values are not guaranteed to be the >> same. >> >> When using a standard name like setjmp or getcontext or adding >> '__attribute__((returns_twice))' to nonstandard_setjmp's declaration >> the code looks different: >> >> 00000000 : >> 0: e92d4007 push {r0, r1, r2, lr} >> 4: e58d1004 str r1, [sp, #4] >> 8: ebfffffe bl 0 >> c: e3500000 cmp r0, #0 >> 10: 059d3004 ldreq r3, [sp, #4] >> 14: 01a0e00f moveq lr, pc >> 18: 012fff13 bxeq r3 >> 1c: e28dd00c add sp, sp, #12 >> 20: e49de004 pop {lr} ; (ldr lr, [sp], #4) >> 24: e12fff1e bx lr >> >> Here the problem is being solved by restoring r3 from the stack >> without popping it. >> >> I would have sent a patch but since there's no define for >> 'returns_twice' yet and I don't know how other compilers handle this I >> want to discuss this first. >> > > Well spotted! > > This issue applies to all GCC supported architectures, not just ARM, > and so I think we need to solve this generically. > > I have no idea how other toolchains deal with this, although I assume > Clang will support the same attribute