From patchwork Tue Jun 11 13:07:16 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Steve Sakoman X-Patchwork-Id: 44898 X-Patchwork-Delegate: steve@sakoman.com Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from aws-us-west-2-korg-lkml-1.web.codeaurora.org (localhost.localdomain [127.0.0.1]) by smtp.lore.kernel.org (Postfix) with ESMTP id BD8E9C27C77 for ; Tue, 11 Jun 2024 13:07:36 +0000 (UTC) Received: from mail-pf1-f181.google.com (mail-pf1-f181.google.com [209.85.210.181]) by mx.groups.io with SMTP id smtpd.web11.9064.1718111252026868719 for ; Tue, 11 Jun 2024 06:07:32 -0700 Authentication-Results: mx.groups.io; dkim=pass header.i=@sakoman-com.20230601.gappssmtp.com header.s=20230601 header.b=HPvxEXlG; spf=softfail (domain: sakoman.com, ip: 209.85.210.181, mailfrom: steve@sakoman.com) Received: by mail-pf1-f181.google.com with SMTP id d2e1a72fcca58-7041ed475acso2824548b3a.2 for ; Tue, 11 Jun 2024 06:07:31 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=sakoman-com.20230601.gappssmtp.com; s=20230601; t=1718111251; x=1718716051; darn=lists.openembedded.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:from:to:cc:subject:date:message-id :reply-to; bh=DRdw/fHN0rDuLmuNYju+3VMjjq9dWhAgyxjYewhLDo8=; b=HPvxEXlGRWGgGYI6Nk6yJsGULgUund94/b6IFwpt4v70S/sEbKuVYHVyzRXorBzXmQ yvhdo/R0lYD98h4PYdoew5XuHFUos4tOij5uUYsf8NjGTxoaOND8PX235WFB2L/HfDB0 OjwoRJQsv+uV8ANYB+BuxTzkv3602dHjpKbIuKCpWT9t2FenIhzF3rHhw8EjY/d+iHmC /djtrVH+Y4DqexbaUbxE+0GjHs3D4SgzHKc0EtHK8bH0CINByzw0E+mJ9s+LoFZG8e/w TJ3kGpR+K0Pr+53XiaJyQqh9W/Zrg2rJzHYfGYiqwtUWvMOCnWFKPLyFD2so5591GshW zGWw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1718111251; x=1718716051; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=DRdw/fHN0rDuLmuNYju+3VMjjq9dWhAgyxjYewhLDo8=; b=tObkM9OD7QMzw/ma2pR8pujRRuBIaSmbk/oVPL1V1+f0/MphyemlHmkf5pXKo5FIl/ AgR1Df1YKsH5ywndss/PolRqd/SHn77t62DMtih/AkVOsTc2cU6Q2QivgNUQJT6R2gto MaCHYaTah7pxFVjSPGBE9Z/ZJjiuQQqJxesCeTPwmlIWJkRpxuejJtu1OYcxF3EgPiAj 8CafrAcngJiVaFw/7XCVdaUK0/Oz7NHIPw45Eyv0edVpAg5MCa3MJFrVYkpVc3jdBUtW /+h4LcB8QinCnTeYdAd6td9HqvqGaOtqscdSOw3TGNqUJ9W8/5UKidiOBlHFc7LhBGTI r2Qg== X-Gm-Message-State: AOJu0YwY42tNaHSVKBAQcW3vQz4e1PlD1APSDZ8e6x5+N+v1oYQvfKyy 7ho1hpqvlBWqgti6RL5C0h4p3EvNaAaX8qKpYKDDoWENRkueO/gQTS8/V+ZF/N5IVux1MwIZWPS o X-Google-Smtp-Source: AGHT+IG6WYiNLxPHPOgumsbiEb9+WcOFw/0C9bxSLie7r/9FiviSFKyS1apPHhw3FQ7kLkG6wdm++g== X-Received: by 2002:a17:90a:ab94:b0:2c3:4a9:7bfc with SMTP id 98e67ed59e1d1-2c304a980a9mr5243625a91.29.1718111250927; Tue, 11 Jun 2024 06:07:30 -0700 (PDT) Received: from hexa.. ([98.142.47.158]) by smtp.gmail.com with ESMTPSA id 98e67ed59e1d1-2c3076dcf04sm4380915a91.48.2024.06.11.06.07.30 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Tue, 11 Jun 2024 06:07:30 -0700 (PDT) From: Steve Sakoman To: openembedded-core@lists.openembedded.org Subject: [OE-core][scarthgap 01/10] util-linux: Fix CVE-2024-28085 Date: Tue, 11 Jun 2024 06:07:16 -0700 Message-Id: X-Mailer: git-send-email 2.34.1 In-Reply-To: References: MIME-Version: 1.0 List-Id: X-Webhook-Received: from li982-79.members.linode.com [45.33.32.79] by aws-us-west-2-korg-lkml-1.web.codeaurora.org with HTTPS for ; Tue, 11 Jun 2024 13:07:36 -0000 X-Groupsio-URL: https://lists.openembedded.org/g/openembedded-core/message/200510 From: Soumya Sambu wall in util-linux through 2.40, often installed with setgid tty permissions, allows escape sequences to be sent to other users' terminals through argv. (Specifically, escape sequences received from stdin are blocked, but escape sequences received from argv are not blocked.) There may be plausible scenarios where this leads to account takeover. References: https://nvd.nist.gov/vuln/detail/CVE-2024-28085 Signed-off-by: Soumya Sambu Signed-off-by: Steve Sakoman --- meta/recipes-core/util-linux/util-linux.inc | 2 ++ .../util-linux/CVE-2024-28085-0001.patch | 36 +++++++++++++++++++ .../util-linux/CVE-2024-28085-0002.patch | 34 ++++++++++++++++++ 3 files changed, 72 insertions(+) create mode 100644 meta/recipes-core/util-linux/util-linux/CVE-2024-28085-0001.patch create mode 100644 meta/recipes-core/util-linux/util-linux/CVE-2024-28085-0002.patch diff --git a/meta/recipes-core/util-linux/util-linux.inc b/meta/recipes-core/util-linux/util-linux.inc index d506783f9a..48520ef951 100644 --- a/meta/recipes-core/util-linux/util-linux.inc +++ b/meta/recipes-core/util-linux/util-linux.inc @@ -40,6 +40,8 @@ SRC_URI = "${KERNELORG_MIRROR}/linux/utils/util-linux/v${MAJOR_VERSION}/util-lin file://avoid_parallel_tests.patch \ file://0001-login-utils-include-libgen.h-for-basename-API.patch \ file://fcntl-lock.c \ + file://CVE-2024-28085-0001.patch \ + file://CVE-2024-28085-0002.patch \ " SRC_URI[sha256sum] = "7b6605e48d1a49f43cc4b4cfc59f313d0dd5402fa40b96810bd572e167dfed0f" diff --git a/meta/recipes-core/util-linux/util-linux/CVE-2024-28085-0001.patch b/meta/recipes-core/util-linux/util-linux/CVE-2024-28085-0001.patch new file mode 100644 index 0000000000..af39931b3f --- /dev/null +++ b/meta/recipes-core/util-linux/util-linux/CVE-2024-28085-0001.patch @@ -0,0 +1,36 @@ +From 07f0f0f5bd1e5e2268257ae1ff6d76a9b6c6ea8b Mon Sep 17 00:00:00 2001 +From: Karel Zak +Date: Wed, 17 Jan 2024 12:37:08 +0100 +Subject: [PATCH] wall: fix calloc cal [-Werror=calloc-transposed-args] + +term-utils/wall.c:143:37: error: xcalloc sizes specified with sizeof in the earlier argument and not in the later argument [-Werror=calloc-transposed-args] + 143 | buf->groups = xcalloc(sizeof(*buf->groups), buf->ngroups); + | ^ +term-utils/wall.c:143:37: note: earlier argument should specify number of elements, later size of each element + +Signed-off-by: Karel Zak + +CVE: CVE-2024-28085 + +Upstream-Status: Backport [https://github.com/util-linux/util-linux/commit/07f0f0f5bd1e5e2268257ae1ff6d76a9b6c6ea8b] + +Signed-off-by: Soumya Sambu +--- + term-utils/wall.c | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/term-utils/wall.c b/term-utils/wall.c +index 377db45..85c006a 100644 +--- a/term-utils/wall.c ++++ b/term-utils/wall.c +@@ -135,7 +135,7 @@ static struct group_workspace *init_group_workspace(const char *group) + + buf->requested_group = get_group_gid(group); + buf->ngroups = sysconf(_SC_NGROUPS_MAX) + 1; /* room for the primary gid */ +- buf->groups = xcalloc(sizeof(*buf->groups), buf->ngroups); ++ buf->groups = xcalloc(buf->ngroups, sizeof(*buf->groups)); + + return buf; + } +-- +2.40.0 diff --git a/meta/recipes-core/util-linux/util-linux/CVE-2024-28085-0002.patch b/meta/recipes-core/util-linux/util-linux/CVE-2024-28085-0002.patch new file mode 100644 index 0000000000..a2b914d580 --- /dev/null +++ b/meta/recipes-core/util-linux/util-linux/CVE-2024-28085-0002.patch @@ -0,0 +1,34 @@ +From 404b0781f52f7c045ca811b2dceec526408ac253 Mon Sep 17 00:00:00 2001 +From: Karel Zak +Date: Thu, 21 Mar 2024 11:16:20 +0100 +Subject: [PATCH] wall: fix escape sequence Injection [CVE-2024-28085] + +Let's use for all cases the same output function. + +Reported-by: Skyler Ferrante +Signed-off-by: Karel Zak + +CVE: CVE-2024-28085 + +Upstream-Status: Backport [https://github.com/util-linux/util-linux/commit/404b0781f52f7c045ca811b2dceec526408ac253] + +Signed-off-by: Soumya Sambu +--- + term-utils/wall.c | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/term-utils/wall.c b/term-utils/wall.c +index 85c006a..0212c03 100644 +--- a/term-utils/wall.c ++++ b/term-utils/wall.c +@@ -328,7 +328,7 @@ static char *makemsg(char *fname, char **mvec, int mvecsz, + int i; + + for (i = 0; i < mvecsz; i++) { +- fputs(mvec[i], fs); ++ fputs_careful(mvec[i], fs, '^', true, TERM_WIDTH); + if (i < mvecsz - 1) + fputc(' ', fs); + } +-- +2.40.0 From patchwork Tue Jun 11 13:07:17 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Steve Sakoman X-Patchwork-Id: 44899 X-Patchwork-Delegate: steve@sakoman.com Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from aws-us-west-2-korg-lkml-1.web.codeaurora.org (localhost.localdomain [127.0.0.1]) by smtp.lore.kernel.org (Postfix) with ESMTP id BD88DC25B76 for ; Tue, 11 Jun 2024 13:07:36 +0000 (UTC) Received: from mail-pj1-f41.google.com (mail-pj1-f41.google.com [209.85.216.41]) by mx.groups.io with SMTP id smtpd.web10.9091.1718111253113736693 for ; Tue, 11 Jun 2024 06:07:33 -0700 Authentication-Results: mx.groups.io; dkim=pass header.i=@sakoman-com.20230601.gappssmtp.com header.s=20230601 header.b=e69wQkNP; spf=softfail (domain: sakoman.com, ip: 209.85.216.41, mailfrom: steve@sakoman.com) Received: by mail-pj1-f41.google.com with SMTP id 98e67ed59e1d1-2c2ef6617bfso950972a91.3 for ; Tue, 11 Jun 2024 06:07:33 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=sakoman-com.20230601.gappssmtp.com; s=20230601; t=1718111252; x=1718716052; darn=lists.openembedded.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:from:to:cc:subject:date:message-id :reply-to; bh=KfVEMcDR1UHBbrKdJzYTt0+IsAnJKsH22v5gsNZk7WI=; b=e69wQkNPezbaWWKgJwG4oRpneE0FIj8t1O8vSYP1iYvhmCEGVUMOzgD4C/8ukEWTvx 9p66CPjvKmf2EYCRay/IAJO5HlyvUaioFPHQ01B8qkv2qzKq5kPVBlahRVdWYUjI0Bst 5I3SBJ7k3oGrQrl68XWvx1VV0xIHoQdgkXpK7tv86HoKXTl5y0ypCMhrW/vsoDvSzh1K s4s1L8xqvh1lqo601l1M8kHsVMpLPU6CCOpSAOlSzRP5Tm/36UdLg0J7KcvoqQQUj1g1 OCN9W0vnGFQUuYMbLpR9RPEQnfJGUVRtc1AQThjOfH5y1BoCD5vPJ0tr+mL+1gFM8hNc Oe9w== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1718111252; x=1718716052; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=KfVEMcDR1UHBbrKdJzYTt0+IsAnJKsH22v5gsNZk7WI=; b=sXR5X84WyQx6t01bTumLM5L0xvNVy/29SwGBjwvHujCGAFHkR9hg8+p754jVuTFVL6 gdXSipl0f/lxhiDV1xiBxqUXK+BcD4Q1t1RM2Cv1X81X2jrWfUwYZDP0ADybet61/53w paiP0A5LxgTH3V+IavYc9JkoWzqBjTt22f0h2gKib6+BE8x5xWEdHryOWcWp1AoaJ/pc pt28mpla0oczJ7pidBhroLvilvK5ePU9LhJU6bdRR6l39USrOZiD52Smtr45uE46GWVL jCAPtT6cllpcegVXQq72XpCdzSrC0XKK8DcmkKNVpMtyE13sYdM5G9/+PBEfd8GLAkc8 WfXQ== X-Gm-Message-State: AOJu0YzGcfxWvjDUXhoKjLtHyTm0uk4rYhgqORBpfF5NKt3gpCV4aK6n 6x9w5ozA2Q+II1AYobgXpgQwbh08hubNa/4s4oEpET4Rg722JdvLZXRsPh9X1gqk7YtVT4zNsck I X-Google-Smtp-Source: AGHT+IHCyqhipg/WrQst6ZZ09BP3XokklF0T7m1GyKVVT26MtlB6xrC68E8eirItYpy8TO9Ya/A5gg== X-Received: by 2002:a17:90a:8cb:b0:2c2:f501:20f1 with SMTP id 98e67ed59e1d1-2c2f50124c4mr6983489a91.3.1718111252282; Tue, 11 Jun 2024 06:07:32 -0700 (PDT) Received: from hexa.. ([98.142.47.158]) by smtp.gmail.com with ESMTPSA id 98e67ed59e1d1-2c3076dcf04sm4380915a91.48.2024.06.11.06.07.31 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Tue, 11 Jun 2024 06:07:32 -0700 (PDT) From: Steve Sakoman To: openembedded-core@lists.openembedded.org Subject: [OE-core][scarthgap 02/10] gdk-pixbuf: upgrade 2.42.10 -> 2.42.11 Date: Tue, 11 Jun 2024 06:07:17 -0700 Message-Id: <78d7d14194f25be800fb42c8e81f7709611d26cd.1718111104.git.steve@sakoman.com> X-Mailer: git-send-email 2.34.1 In-Reply-To: References: MIME-Version: 1.0 List-Id: X-Webhook-Received: from li982-79.members.linode.com [45.33.32.79] by aws-us-west-2-korg-lkml-1.web.codeaurora.org with HTTPS for ; Tue, 11 Jun 2024 13:07:36 -0000 X-Groupsio-URL: https://lists.openembedded.org/g/openembedded-core/message/200511 From: Wang Mingyu 0001-meson.build-allow-a-subset-of-tests-in-cross-compile.patch fatal-loader.patch refreshed for 2.42.11 Changelog: =========== - Disable fringe loaders by default - Introspection fixes - Translation updates Signed-off-by: Wang Mingyu Signed-off-by: Richard Purdie (cherry picked from commit 243a6fce44882ff16c5dfcb518cafd8ee8f7ae24) Signed-off-by: Steve Sakoman --- ...uild-allow-a-subset-of-tests-in-cross-compile.patch | 10 +++++----- .../gdk-pixbuf/gdk-pixbuf/fatal-loader.patch | 7 +++---- .../{gdk-pixbuf_2.42.10.bb => gdk-pixbuf_2.42.11.bb} | 2 +- 3 files changed, 9 insertions(+), 10 deletions(-) rename meta/recipes-gnome/gdk-pixbuf/{gdk-pixbuf_2.42.10.bb => gdk-pixbuf_2.42.11.bb} (98%) diff --git a/meta/recipes-gnome/gdk-pixbuf/gdk-pixbuf/0001-meson.build-allow-a-subset-of-tests-in-cross-compile.patch b/meta/recipes-gnome/gdk-pixbuf/gdk-pixbuf/0001-meson.build-allow-a-subset-of-tests-in-cross-compile.patch index 7250fa3f62..3d685db774 100644 --- a/meta/recipes-gnome/gdk-pixbuf/gdk-pixbuf/0001-meson.build-allow-a-subset-of-tests-in-cross-compile.patch +++ b/meta/recipes-gnome/gdk-pixbuf/gdk-pixbuf/0001-meson.build-allow-a-subset-of-tests-in-cross-compile.patch @@ -1,4 +1,4 @@ -From 9d3b374e75692da3d1d05344a1693c85a3098f47 Mon Sep 17 00:00:00 2001 +From 4bfb696fd125f044e3df9f6983c4ad518d9552c7 Mon Sep 17 00:00:00 2001 From: Alexander Kanavin Date: Thu, 26 Jan 2023 20:29:46 +0100 Subject: [PATCH] meson.build: allow (a subset of) tests in cross compile @@ -19,10 +19,10 @@ Signed-off-by: Alexander Kanavin 2 files changed, 9 insertions(+), 7 deletions(-) diff --git a/meson.build b/meson.build -index 8a16c8f..7c8b20f 100644 +index 78f3683..e0feaee 100644 --- a/meson.build +++ b/meson.build -@@ -369,10 +369,10 @@ subdir('gdk-pixbuf') +@@ -390,10 +390,10 @@ subdir('gdk-pixbuf') # i18n subdir('po') @@ -37,7 +37,7 @@ index 8a16c8f..7c8b20f 100644 endif diff --git a/tests/meson.build b/tests/meson.build -index 28c2525..c45e765 100644 +index 78d0ad9..0c9e64e 100644 --- a/tests/meson.build +++ b/tests/meson.build @@ -4,7 +4,7 @@ @@ -49,7 +49,7 @@ index 28c2525..c45e765 100644 # Resources; we cannot use gnome.compile_resources() here, because we need to # override the environment in order to use the utilities we just built instead # of the system ones -@@ -166,9 +166,11 @@ endif +@@ -172,9 +172,11 @@ endif test_deps = gdk_pixbuf_deps + [ gdkpixbuf_dep, ] test_args = [ '-k' ] test_env = environment() diff --git a/meta/recipes-gnome/gdk-pixbuf/gdk-pixbuf/fatal-loader.patch b/meta/recipes-gnome/gdk-pixbuf/gdk-pixbuf/fatal-loader.patch index 23c68a0923..80c93e2166 100644 --- a/meta/recipes-gnome/gdk-pixbuf/gdk-pixbuf/fatal-loader.patch +++ b/meta/recipes-gnome/gdk-pixbuf/gdk-pixbuf/fatal-loader.patch @@ -1,4 +1,4 @@ -From b511bd1efb43ffc49c753e309717a242ec686ef1 Mon Sep 17 00:00:00 2001 +From 9b4f5738f8ac30f393b6163dcc84757976683d9b Mon Sep 17 00:00:00 2001 From: Ross Burton Date: Tue, 1 Apr 2014 17:23:36 +0100 Subject: [PATCH] gdk-pixbuf: add an option so that loader errors are fatal @@ -8,13 +8,12 @@ non-zero if the loader had errors (missing libraries, generally). Upstream-Status: Submitted [https://gitlab.gnome.org/GNOME/gdk-pixbuf/-/merge_requests/144] Signed-off-by: Ross Burton - --- gdk-pixbuf/queryloaders.c | 19 +++++++++++++++---- 1 file changed, 15 insertions(+), 4 deletions(-) diff --git a/gdk-pixbuf/queryloaders.c b/gdk-pixbuf/queryloaders.c -index 1d39b44..2b00815 100644 +index baa9a5c..9b6fa89 100644 --- a/gdk-pixbuf/queryloaders.c +++ b/gdk-pixbuf/queryloaders.c @@ -216,7 +216,7 @@ write_loader_info (GString *contents, const char *path, GdkPixbufFormat *info) @@ -77,7 +76,7 @@ index 1d39b44..2b00815 100644 } g_free (cwd); } -@@ -490,5 +498,8 @@ int main (int argc, char **argv) +@@ -492,5 +500,8 @@ int main (int argc, char **argv) g_free (pixbuf_libdir); diff --git a/meta/recipes-gnome/gdk-pixbuf/gdk-pixbuf_2.42.10.bb b/meta/recipes-gnome/gdk-pixbuf/gdk-pixbuf_2.42.11.bb similarity index 98% rename from meta/recipes-gnome/gdk-pixbuf/gdk-pixbuf_2.42.10.bb rename to meta/recipes-gnome/gdk-pixbuf/gdk-pixbuf_2.42.11.bb index cca89a9059..ef0f23f8f7 100644 --- a/meta/recipes-gnome/gdk-pixbuf/gdk-pixbuf_2.42.10.bb +++ b/meta/recipes-gnome/gdk-pixbuf/gdk-pixbuf_2.42.11.bb @@ -22,7 +22,7 @@ SRC_URI = "${GNOME_MIRROR}/${BPN}/${MAJ_VER}/${BPN}-${PV}.tar.xz \ file://0001-meson.build-allow-a-subset-of-tests-in-cross-compile.patch \ " -SRC_URI[sha256sum] = "ee9b6c75d13ba096907a2e3c6b27b61bcd17f5c7ebeab5a5b439d2f2e39fe44b" +SRC_URI[sha256sum] = "49dcb402388708647e8c321d56b6fb30f21e51e515d0c5a942268d23052a2f00" inherit meson pkgconfig gettext pixbufcache ptest-gnome upstream-version-is-even gobject-introspection gi-docgen lib_package From patchwork Tue Jun 11 13:07:18 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Steve Sakoman X-Patchwork-Id: 44896 X-Patchwork-Delegate: steve@sakoman.com Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from aws-us-west-2-korg-lkml-1.web.codeaurora.org (localhost.localdomain [127.0.0.1]) by smtp.lore.kernel.org (Postfix) with ESMTP id 9E7CAC41513 for ; Tue, 11 Jun 2024 13:07:36 +0000 (UTC) Received: from mail-pj1-f54.google.com (mail-pj1-f54.google.com [209.85.216.54]) by mx.groups.io with SMTP id smtpd.web10.9092.1718111254376943450 for ; Tue, 11 Jun 2024 06:07:34 -0700 Authentication-Results: mx.groups.io; dkim=pass header.i=@sakoman-com.20230601.gappssmtp.com header.s=20230601 header.b=CdcLULHV; spf=softfail (domain: sakoman.com, ip: 209.85.216.54, mailfrom: steve@sakoman.com) Received: by mail-pj1-f54.google.com with SMTP id 98e67ed59e1d1-2c348a263easo31363a91.0 for ; Tue, 11 Jun 2024 06:07:34 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=sakoman-com.20230601.gappssmtp.com; s=20230601; t=1718111254; x=1718716054; darn=lists.openembedded.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:from:to:cc:subject:date:message-id :reply-to; bh=tuq5TM9LTpEIiL6oKSxlOlsRcjN1LLr78mTdq8vhYFc=; b=CdcLULHVnAh44k4ZHw/A/VTL9qNPQsuSafx+qmW0O951oAtWqtKa3a4Hzp7JnW946F 6u1SUl8akdcyjqNekogv9ymEB1b6nBD26/nru0tvujQh4Jda5Xcy4P/FUD3vHpa46Wu5 +H4K7nM8mRAy0qBvlggJXt12cnErb5rdZJBxrAkaSCyt90/Pv/u37jD7j6hgAuJFE0LI PWRRtNimdJOVMBDdnuiXX34b6exj3pn3S9x2b1VZ9IqMTKI1qozsM/TqzsFZ/2K7Jp37 ehXcdWyqQIvsYXHegxDJjXFMwizDTY6Mb0rnsG46P8If5AOEBtsztxTel9gppfmPPPP8 zBdg== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1718111254; x=1718716054; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=tuq5TM9LTpEIiL6oKSxlOlsRcjN1LLr78mTdq8vhYFc=; b=knL6ZWcxBmQZURBuB+Cy/vCfphs+sF73q8CS1BoSo8NebwTjQSwXXb0g9ezVPmJrnF BX1tQdO1FS1ilFmr8H9nTxXa7DTERpNqWWkzSYaz+GECKPDqOXRMNRQzlsODTFiiMU/P UmMz5m4KIBLqulJVvN3l8WzPsUkJP34uscrLCg5yBowTrq6/bw+PdY4pRMQ5+RmY0MEd wfPsSq7GUTKR+7qIgPgMkwfGBhwbg1/eoO+/zDA0ACdKc4U2GsQkyO+wWRJjpLVPAPLg d2HhCuz5Hs1x3xW0xBzHTGx9duwG174rkmLLynVdMYgEa41nX9nsJCoN5s8dZhGLEbg1 orLw== X-Gm-Message-State: AOJu0YyAUiU1BwtM/W2wlEluAq+YUFO3fs5s4lflrcjVThuqh3RL2aEZ 7DZrk7Y8A3tLV18eJcMNcfsE1guF7t8XA+xHPxD77/f4ScjxT/j2mRO5Yucv5zLKzFwFNOhRGn8 h X-Google-Smtp-Source: AGHT+IGzyQVvywJZZMh1w0loqcqRymbvQDmI1ImpeQn0PHcYEaCecaOJX4JdqsgOXFeyEEz9CH7Cdg== X-Received: by 2002:a17:90b:3786:b0:2c2:c6c8:8fc with SMTP id 98e67ed59e1d1-2c32b469f3fmr3407308a91.2.1718111253541; Tue, 11 Jun 2024 06:07:33 -0700 (PDT) Received: from hexa.. ([98.142.47.158]) by smtp.gmail.com with ESMTPSA id 98e67ed59e1d1-2c3076dcf04sm4380915a91.48.2024.06.11.06.07.33 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Tue, 11 Jun 2024 06:07:33 -0700 (PDT) From: Steve Sakoman To: openembedded-core@lists.openembedded.org Subject: [OE-core][scarthgap 03/10] gdk-pixbuf: upgrade 2.42.11 -> 2.42.12 Date: Tue, 11 Jun 2024 06:07:18 -0700 Message-Id: <246c1b01ca21a8102ab7a400f88621e8a95281af.1718111104.git.steve@sakoman.com> X-Mailer: git-send-email 2.34.1 In-Reply-To: References: MIME-Version: 1.0 List-Id: X-Webhook-Received: from li982-79.members.linode.com [45.33.32.79] by aws-us-west-2-korg-lkml-1.web.codeaurora.org with HTTPS for ; Tue, 11 Jun 2024 13:07:36 -0000 X-Groupsio-URL: https://lists.openembedded.org/g/openembedded-core/message/200512 From: Ross Burton - Fix a build failure (Christian Heusel) - Fix occasional build failures (Benjamin Gilbert) - ani: Reject files with multiple INA or IART chunks (Benjamin Gilbert) - ani: Reject files with multiple anih chunks (Benjamin Gilbert, CVE-2022-48622) - ani: validate chunk size (Benjamin Gilbert) - Translation updates Signed-off-by: Ross Burton Signed-off-by: Alexandre Belloni Signed-off-by: Richard Purdie (cherry picked from commit c5b202b0aef56ecf7982887c54b4ecbc4bbe73ae) Signed-off-by: Steve Sakoman --- ...n.build-allow-a-subset-of-tests-in-cross-compile.patch | 8 ++++---- .../gdk-pixbuf/gdk-pixbuf/fatal-loader.patch | 2 +- .../{gdk-pixbuf_2.42.11.bb => gdk-pixbuf_2.42.12.bb} | 2 +- 3 files changed, 6 insertions(+), 6 deletions(-) rename meta/recipes-gnome/gdk-pixbuf/{gdk-pixbuf_2.42.11.bb => gdk-pixbuf_2.42.12.bb} (98%) diff --git a/meta/recipes-gnome/gdk-pixbuf/gdk-pixbuf/0001-meson.build-allow-a-subset-of-tests-in-cross-compile.patch b/meta/recipes-gnome/gdk-pixbuf/gdk-pixbuf/0001-meson.build-allow-a-subset-of-tests-in-cross-compile.patch index 3d685db774..24edda8102 100644 --- a/meta/recipes-gnome/gdk-pixbuf/gdk-pixbuf/0001-meson.build-allow-a-subset-of-tests-in-cross-compile.patch +++ b/meta/recipes-gnome/gdk-pixbuf/gdk-pixbuf/0001-meson.build-allow-a-subset-of-tests-in-cross-compile.patch @@ -1,4 +1,4 @@ -From 4bfb696fd125f044e3df9f6983c4ad518d9552c7 Mon Sep 17 00:00:00 2001 +From 325a4cde99a00b84116ab7111d27e6973f3c5026 Mon Sep 17 00:00:00 2001 From: Alexander Kanavin Date: Thu, 26 Jan 2023 20:29:46 +0100 Subject: [PATCH] meson.build: allow (a subset of) tests in cross compile @@ -19,7 +19,7 @@ Signed-off-by: Alexander Kanavin 2 files changed, 9 insertions(+), 7 deletions(-) diff --git a/meson.build b/meson.build -index 78f3683..e0feaee 100644 +index 3eb3fcc..dc7e790 100644 --- a/meson.build +++ b/meson.build @@ -390,10 +390,10 @@ subdir('gdk-pixbuf') @@ -37,7 +37,7 @@ index 78f3683..e0feaee 100644 endif diff --git a/tests/meson.build b/tests/meson.build -index 78d0ad9..0c9e64e 100644 +index 3781066..911b5fb 100644 --- a/tests/meson.build +++ b/tests/meson.build @@ -4,7 +4,7 @@ @@ -49,7 +49,7 @@ index 78d0ad9..0c9e64e 100644 # Resources; we cannot use gnome.compile_resources() here, because we need to # override the environment in order to use the utilities we just built instead # of the system ones -@@ -172,9 +172,11 @@ endif +@@ -164,9 +164,11 @@ endif test_deps = gdk_pixbuf_deps + [ gdkpixbuf_dep, ] test_args = [ '-k' ] test_env = environment() diff --git a/meta/recipes-gnome/gdk-pixbuf/gdk-pixbuf/fatal-loader.patch b/meta/recipes-gnome/gdk-pixbuf/gdk-pixbuf/fatal-loader.patch index 80c93e2166..3b4bf62861 100644 --- a/meta/recipes-gnome/gdk-pixbuf/gdk-pixbuf/fatal-loader.patch +++ b/meta/recipes-gnome/gdk-pixbuf/gdk-pixbuf/fatal-loader.patch @@ -1,4 +1,4 @@ -From 9b4f5738f8ac30f393b6163dcc84757976683d9b Mon Sep 17 00:00:00 2001 +From f78ab4edaee5f62663a9a4bcfa56e5c524da4474 Mon Sep 17 00:00:00 2001 From: Ross Burton Date: Tue, 1 Apr 2014 17:23:36 +0100 Subject: [PATCH] gdk-pixbuf: add an option so that loader errors are fatal diff --git a/meta/recipes-gnome/gdk-pixbuf/gdk-pixbuf_2.42.11.bb b/meta/recipes-gnome/gdk-pixbuf/gdk-pixbuf_2.42.12.bb similarity index 98% rename from meta/recipes-gnome/gdk-pixbuf/gdk-pixbuf_2.42.11.bb rename to meta/recipes-gnome/gdk-pixbuf/gdk-pixbuf_2.42.12.bb index ef0f23f8f7..9f825a68ef 100644 --- a/meta/recipes-gnome/gdk-pixbuf/gdk-pixbuf_2.42.11.bb +++ b/meta/recipes-gnome/gdk-pixbuf/gdk-pixbuf_2.42.12.bb @@ -22,7 +22,7 @@ SRC_URI = "${GNOME_MIRROR}/${BPN}/${MAJ_VER}/${BPN}-${PV}.tar.xz \ file://0001-meson.build-allow-a-subset-of-tests-in-cross-compile.patch \ " -SRC_URI[sha256sum] = "49dcb402388708647e8c321d56b6fb30f21e51e515d0c5a942268d23052a2f00" +SRC_URI[sha256sum] = "b9505b3445b9a7e48ced34760c3bcb73e966df3ac94c95a148cb669ab748e3c7" inherit meson pkgconfig gettext pixbufcache ptest-gnome upstream-version-is-even gobject-introspection gi-docgen lib_package From patchwork Tue Jun 11 13:07:19 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Steve Sakoman X-Patchwork-Id: 44900 X-Patchwork-Delegate: steve@sakoman.com Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from aws-us-west-2-korg-lkml-1.web.codeaurora.org (localhost.localdomain [127.0.0.1]) by smtp.lore.kernel.org (Postfix) with ESMTP id EDD12C27C79 for ; Tue, 11 Jun 2024 13:07:36 +0000 (UTC) Received: from mail-pg1-f172.google.com (mail-pg1-f172.google.com [209.85.215.172]) by mx.groups.io with SMTP id smtpd.web11.9066.1718111256350251509 for ; Tue, 11 Jun 2024 06:07:36 -0700 Authentication-Results: mx.groups.io; dkim=pass header.i=@sakoman-com.20230601.gappssmtp.com header.s=20230601 header.b=aqbS7P8m; spf=softfail (domain: sakoman.com, ip: 209.85.215.172, mailfrom: steve@sakoman.com) Received: by mail-pg1-f172.google.com with SMTP id 41be03b00d2f7-6818e31e5baso4626338a12.1 for ; Tue, 11 Jun 2024 06:07:36 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=sakoman-com.20230601.gappssmtp.com; s=20230601; t=1718111255; x=1718716055; darn=lists.openembedded.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:from:to:cc:subject:date:message-id :reply-to; bh=rurq37VHP+VZlnX6UEosws9s1hS3I/Hxaj4HZgN5bYw=; b=aqbS7P8m5nzDfLkcRlArZRl4j9X8DOksA66/GCrCNhsjND4nZsL8Q/DdGKHckOcHJB fBKcDUP66GxMA6qZTK7YCWbP93zJrVhV0J+OkcOaYZCoF2BkyR06b6nDdBkZ2z2rb8hM 8LgRifdQIBZ1RFr/Kg82+i6HD+YJBPHMqJu4AM2lCMz8hBH0kL45F57nioQNtSAHtAJW IXqFQqoXlezqZYFHyhXH4earVNeKiQRQgHxn3iCKyjDVp/KYaKkbTY9tgT16Dm7ptZXj D6pNgujKecDf1aeQgBENPdH5qtETH8IFSn5SPZ0P+q7WEvAhqd9f5V4Wkk5Cn6nnUYuN 2E/g== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1718111255; x=1718716055; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=rurq37VHP+VZlnX6UEosws9s1hS3I/Hxaj4HZgN5bYw=; b=IqTY8K9NSioyUKYBxy+XKx8Yqr2Ne5djfCbrsaP7GOBa+z6b6xwb+egDE6ItDCAyFB ARNFfTnycZM3t/i4Sp6p8RfRouXH7NaszPl8ZLuP7sdFVOUVUc53XWB6VtMRma5GRoKC SDh/AcnqejLevv8AjAfS2pmXDH07p2z1FZ9qOHlfm6V3ODIcfisP0tI/Rzl5B9cOXv8f jz+GB2sIn8ayeRoE6ojckzFyh0u8vdWMFDmVTV5Vs0ztSnnAFDtWszAobBnWcz5ITUk7 IPxYiuQitbN/7O34bOmuxorIofF3ZZ++UAx+TUDba/Wqo7KS4E6jAOToR2frJ0A7tJdM Cjww== X-Gm-Message-State: AOJu0YzCyI6u3zFzV0gf5QrlK2m0D7Z8k2cPqD4oAa7mU5wPi5bqnMS6 fBlE7B0RsE+OyVH830sPg7QuiJFje/N5HM2dh2zUNQprGQyGD1uh8fFmX0zmk9DfX7wzCgptv8/ t X-Google-Smtp-Source: AGHT+IEHa1pKQ/Rb2scVtmf4KcVFY6vWtDy23p2y65wnDSX8HN7Vvuk2nGPy3b+rUMFPr/qO8sKJRQ== X-Received: by 2002:a17:90a:d397:b0:2bd:ef6b:c33b with SMTP id 98e67ed59e1d1-2c2bc7b4c69mr13476671a91.0.1718111255168; Tue, 11 Jun 2024 06:07:35 -0700 (PDT) Received: from hexa.. ([98.142.47.158]) by smtp.gmail.com with ESMTPSA id 98e67ed59e1d1-2c3076dcf04sm4380915a91.48.2024.06.11.06.07.34 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Tue, 11 Jun 2024 06:07:34 -0700 (PDT) From: Steve Sakoman To: openembedded-core@lists.openembedded.org Subject: [OE-core][scarthgap 04/10] openssl: Upgrade 3.2.1 -> 3.2.2 Date: Tue, 11 Jun 2024 06:07:19 -0700 Message-Id: X-Mailer: git-send-email 2.34.1 In-Reply-To: References: MIME-Version: 1.0 List-Id: X-Webhook-Received: from li982-79.members.linode.com [45.33.32.79] by aws-us-west-2-korg-lkml-1.web.codeaurora.org with HTTPS for ; Tue, 11 Jun 2024 13:07:36 -0000 X-Groupsio-URL: https://lists.openembedded.org/g/openembedded-core/message/200513 From: Siddharth CVE's Fixed by upgrade: CVE-2024-4741: Fixed potential use after free after SSL_free_buffers() is called CVE-2024-4603: Fixed an issue where checking excessively long DSA keys or parameters may be very slow CVE-2024-2511: Fixed unbounded memory growth with session handling in TLSv1.3 Bugs Fixed by upgrade: #23560: Fixed bug where SSL_export_keying_material() could not be used with QUIC connections Removed backports of CVE-2024-2511, CVE-2024-4603 and bti.patch as they are already fixed. Detailed Information: https://github.com/openssl/openssl/blob/openssl-3.2/CHANGES.md#changes-between-321-and-322-4-jun-2024 Signed-off-by: Siddharth Doshi Signed-off-by: Steve Sakoman --- .../openssl/openssl/CVE-2024-2511.patch | 120 ------------ .../openssl/openssl/CVE-2024-4603.patch | 179 ------------------ .../openssl/openssl/bti.patch | 58 ------ .../{openssl_3.2.1.bb => openssl_3.2.2.bb} | 5 +- 4 files changed, 1 insertion(+), 361 deletions(-) delete mode 100644 meta/recipes-connectivity/openssl/openssl/CVE-2024-2511.patch delete mode 100644 meta/recipes-connectivity/openssl/openssl/CVE-2024-4603.patch delete mode 100644 meta/recipes-connectivity/openssl/openssl/bti.patch rename meta/recipes-connectivity/openssl/{openssl_3.2.1.bb => openssl_3.2.2.bb} (97%) diff --git a/meta/recipes-connectivity/openssl/openssl/CVE-2024-2511.patch b/meta/recipes-connectivity/openssl/openssl/CVE-2024-2511.patch deleted file mode 100644 index 8772f716d5..0000000000 --- a/meta/recipes-connectivity/openssl/openssl/CVE-2024-2511.patch +++ /dev/null @@ -1,120 +0,0 @@ -From e9d7083e241670332e0443da0f0d4ffb52829f08 Mon Sep 17 00:00:00 2001 -From: Matt Caswell -Date: Tue, 5 Mar 2024 15:43:53 +0000 -Subject: [PATCH] Fix unconstrained session cache growth in TLSv1.3 - -In TLSv1.3 we create a new session object for each ticket that we send. -We do this by duplicating the original session. If SSL_OP_NO_TICKET is in -use then the new session will be added to the session cache. However, if -early data is not in use (and therefore anti-replay protection is being -used), then multiple threads could be resuming from the same session -simultaneously. If this happens and a problem occurs on one of the threads, -then the original session object could be marked as not_resumable. When we -duplicate the session object this not_resumable status gets copied into the -new session object. The new session object is then added to the session -cache even though it is not_resumable. - -Subsequently, another bug means that the session_id_length is set to 0 for -sessions that are marked as not_resumable - even though that session is -still in the cache. Once this happens the session can never be removed from -the cache. When that object gets to be the session cache tail object the -cache never shrinks again and grows indefinitely. - -CVE-2024-2511 - -Reviewed-by: Neil Horman -Reviewed-by: Tomas Mraz -(Merged from https://github.com/openssl/openssl/pull/24043) - -CVE: CVE-2024-2511 -Upstream-Status: Backport [https://github.com/openssl/openssl/commit/e9d7083e241670332e0443da0f0d4ffb52829f08] -Signed-off-by: Peter Marko ---- - ssl/ssl_lib.c | 5 +++-- - ssl/ssl_sess.c | 28 ++++++++++++++++++++++------ - ssl/statem/statem_srvr.c | 5 ++--- - 3 files changed, 27 insertions(+), 11 deletions(-) - -diff --git a/ssl/ssl_lib.c b/ssl/ssl_lib.c -index 4afb43bc86e54..c51529ddab5bb 100644 ---- a/ssl/ssl_lib.c -+++ b/ssl/ssl_lib.c -@@ -4457,9 +4457,10 @@ void ssl_update_cache(SSL_CONNECTION *s, int mode) - - /* - * If the session_id_length is 0, we are not supposed to cache it, and it -- * would be rather hard to do anyway :-) -+ * would be rather hard to do anyway :-). Also if the session has already -+ * been marked as not_resumable we should not cache it for later reuse. - */ -- if (s->session->session_id_length == 0) -+ if (s->session->session_id_length == 0 || s->session->not_resumable) - return; - - /* -diff --git a/ssl/ssl_sess.c b/ssl/ssl_sess.c -index 3dcc4d81e5bc6..1fa6d17c46863 100644 ---- a/ssl/ssl_sess.c -+++ b/ssl/ssl_sess.c -@@ -127,16 +127,11 @@ SSL_SESSION *SSL_SESSION_new(void) - return ss; - } - --SSL_SESSION *SSL_SESSION_dup(const SSL_SESSION *src) --{ -- return ssl_session_dup(src, 1); --} -- - /* - * Create a new SSL_SESSION and duplicate the contents of |src| into it. If - * ticket == 0 then no ticket information is duplicated, otherwise it is. - */ --SSL_SESSION *ssl_session_dup(const SSL_SESSION *src, int ticket) -+static SSL_SESSION *ssl_session_dup_intern(const SSL_SESSION *src, int ticket) - { - SSL_SESSION *dest; - -@@ -265,6 +260,27 @@ SSL_SESSION *ssl_session_dup(const SSL_SESSION *src, int ticket) - return NULL; - } - -+SSL_SESSION *SSL_SESSION_dup(const SSL_SESSION *src) -+{ -+ return ssl_session_dup_intern(src, 1); -+} -+ -+/* -+ * Used internally when duplicating a session which might be already shared. -+ * We will have resumed the original session. Subsequently we might have marked -+ * it as non-resumable (e.g. in another thread) - but this copy should be ok to -+ * resume from. -+ */ -+SSL_SESSION *ssl_session_dup(const SSL_SESSION *src, int ticket) -+{ -+ SSL_SESSION *sess = ssl_session_dup_intern(src, ticket); -+ -+ if (sess != NULL) -+ sess->not_resumable = 0; -+ -+ return sess; -+} -+ - const unsigned char *SSL_SESSION_get_id(const SSL_SESSION *s, unsigned int *len) - { - if (len) -diff --git a/ssl/statem/statem_srvr.c b/ssl/statem/statem_srvr.c -index 853af8c0aa9f9..d5f0ab091dacc 100644 ---- a/ssl/statem/statem_srvr.c -+++ b/ssl/statem/statem_srvr.c -@@ -2445,9 +2445,8 @@ CON_FUNC_RETURN tls_construct_server_hello(SSL_CONNECTION *s, WPACKET *pkt) - * so the following won't overwrite an ID that we're supposed - * to send back. - */ -- if (s->session->not_resumable || -- (!(SSL_CONNECTION_GET_CTX(s)->session_cache_mode & SSL_SESS_CACHE_SERVER) -- && !s->hit)) -+ if (!(SSL_CONNECTION_GET_CTX(s)->session_cache_mode & SSL_SESS_CACHE_SERVER) -+ && !s->hit) - s->session->session_id_length = 0; - - if (usetls13) { diff --git a/meta/recipes-connectivity/openssl/openssl/CVE-2024-4603.patch b/meta/recipes-connectivity/openssl/openssl/CVE-2024-4603.patch deleted file mode 100644 index 50fb969c03..0000000000 --- a/meta/recipes-connectivity/openssl/openssl/CVE-2024-4603.patch +++ /dev/null @@ -1,179 +0,0 @@ -From da343d0605c826ef197aceedc67e8e04f065f740 Mon Sep 17 00:00:00 2001 -From: Tomas Mraz -Date: Wed, 8 May 2024 15:23:45 +0200 -Subject: [PATCH] Check DSA parameters for excessive sizes before validating - -This avoids overly long computation of various validation -checks. - -Fixes CVE-2024-4603 - -Reviewed-by: Paul Dale -Reviewed-by: Matt Caswell -Reviewed-by: Neil Horman -Reviewed-by: Shane Lontis -(Merged from https://github.com/openssl/openssl/pull/24346) - -(cherry picked from commit 85ccbab216da245cf9a6503dd327072f21950d9b) - - - -CVE: CVE-2024-4603 -Upstream-Status: Backport [https://github.com/openssl/openssl/commit/da343d0605c826ef197aceedc67e8e04f065f740] -Signed-off-by: Peter Marko ---- - crypto/dsa/dsa_check.c | 44 ++++++++++++-- - .../invalid/p10240_q256_too_big.pem | 57 +++++++++++++++++++ - 2 files changed, 97 insertions(+), 4 deletions(-) - -diff --git a/crypto/dsa/dsa_check.c b/crypto/dsa/dsa_check.c -index fb0e9129a2..122449a7bf 100644 ---- a/crypto/dsa/dsa_check.c -+++ b/crypto/dsa/dsa_check.c -@@ -19,8 +19,34 @@ - #include "dsa_local.h" - #include "crypto/dsa.h" - -+static int dsa_precheck_params(const DSA *dsa, int *ret) -+{ -+ if (dsa->params.p == NULL || dsa->params.q == NULL) { -+ ERR_raise(ERR_LIB_DSA, DSA_R_BAD_FFC_PARAMETERS); -+ *ret = FFC_CHECK_INVALID_PQ; -+ return 0; -+ } -+ -+ if (BN_num_bits(dsa->params.p) > OPENSSL_DSA_MAX_MODULUS_BITS) { -+ ERR_raise(ERR_LIB_DSA, DSA_R_MODULUS_TOO_LARGE); -+ *ret = FFC_CHECK_INVALID_PQ; -+ return 0; -+ } -+ -+ if (BN_num_bits(dsa->params.q) >= BN_num_bits(dsa->params.p)) { -+ ERR_raise(ERR_LIB_DSA, DSA_R_BAD_Q_VALUE); -+ *ret = FFC_CHECK_INVALID_PQ; -+ return 0; -+ } -+ -+ return 1; -+} -+ - int ossl_dsa_check_params(const DSA *dsa, int checktype, int *ret) - { -+ if (!dsa_precheck_params(dsa, ret)) -+ return 0; -+ - if (checktype == OSSL_KEYMGMT_VALIDATE_QUICK_CHECK) - return ossl_ffc_params_simple_validate(dsa->libctx, &dsa->params, - FFC_PARAM_TYPE_DSA, ret); -@@ -39,6 +65,9 @@ int ossl_dsa_check_params(const DSA *dsa, int checktype, int *ret) - */ - int ossl_dsa_check_pub_key(const DSA *dsa, const BIGNUM *pub_key, int *ret) - { -+ if (!dsa_precheck_params(dsa, ret)) -+ return 0; -+ - return ossl_ffc_validate_public_key(&dsa->params, pub_key, ret) - && *ret == 0; - } -@@ -50,6 +79,9 @@ int ossl_dsa_check_pub_key(const DSA *dsa, const BIGNUM *pub_key, int *ret) - */ - int ossl_dsa_check_pub_key_partial(const DSA *dsa, const BIGNUM *pub_key, int *ret) - { -+ if (!dsa_precheck_params(dsa, ret)) -+ return 0; -+ - return ossl_ffc_validate_public_key_partial(&dsa->params, pub_key, ret) - && *ret == 0; - } -@@ -58,8 +90,10 @@ int ossl_dsa_check_priv_key(const DSA *dsa, const BIGNUM *priv_key, int *ret) - { - *ret = 0; - -- return (dsa->params.q != NULL -- && ossl_ffc_validate_private_key(dsa->params.q, priv_key, ret)); -+ if (!dsa_precheck_params(dsa, ret)) -+ return 0; -+ -+ return ossl_ffc_validate_private_key(dsa->params.q, priv_key, ret); - } - - /* -@@ -72,8 +106,10 @@ int ossl_dsa_check_pairwise(const DSA *dsa) - BN_CTX *ctx = NULL; - BIGNUM *pub_key = NULL; - -- if (dsa->params.p == NULL -- || dsa->params.g == NULL -+ if (!dsa_precheck_params(dsa, &ret)) -+ return 0; -+ -+ if (dsa->params.g == NULL - || dsa->priv_key == NULL - || dsa->pub_key == NULL) - return 0; -diff --git a/test/recipes/15-test_dsaparam_data/invalid/p10240_q256_too_big.pem b/test/recipes/15-test_dsaparam_data/invalid/p10240_q256_too_big.pem -new file mode 100644 -index 0000000000..e85e2953b7 ---- /dev/null -+++ b/test/recipes/15-test_dsaparam_data/invalid/p10240_q256_too_big.pem -@@ -0,0 +1,57 @@ -+-----BEGIN DSA PARAMETERS----- -+MIIKLAKCBQEAym47LzPFZdbz16WvjczLKuzLtsP8yRk/exxL4bBthJhP1qOwctja -+p1586SF7gDxCMn7yWVEYdfRbFefGoq0gj1XOE917XqlbnkmZhMgxut2KbNJo/xil -+XNFUjGvKs3F413U9rAodC8f07cWHP1iTcWL+vPe6u2yilKWYYfnLWHQH+Z6aPrrF -+x/R08LI6DZ6nEsIo+hxaQnEtx+iqNTJC6Q1RIjWDqxQkFVTkJ0Y7miRDXmRdneWk -+oLrMZRpaXr5l5tSjEghh1pBgJcdyOv0lh4dlDy/alAiqE2Qlb667yHl6A9dDPlpW -+dAntpffy4LwOxfbuEhISvKjjQoBwIvYE4TBPqL0Q6bC6HgQ4+tqd9b44pQjdIQjb -+Xcjc6azheITSnPEex3OdKtKoQeRq01qCeLBpMXu1c+CTf4ApKArZvT3vZSg0hM1O -+pR71bRZrEEegDj0LH2HCgI5W6H3blOS9A0kUTddCoQXr2lsVdiPtRbPKH1gcd9FQ -+P8cGrvbakpTiC0dCczOMDaCteM1QNILlkM7ZoV6VghsKvDnFPxFsiIr5GgjasXP5 -+hhbn3g7sDoq1LiTEo+IKQY28pBWx7etSOSRuXW/spnvCkivZla7lSEGljoy9QlQ2 -+UZmsEQI9G3YyzgpxHvKZBK1CiZVTywdYKTZ4TYCxvqzhYhjv2bqbpjI12HRFLojB -+koyEmMSp53lldCzp158PrIanqSp2rksMR8SmmCL3FwfAp2OjqFMEglG9DT8x0WaN -+TLSkjGC6t2csMte7WyU1ekNoFDKfMjDSAz0+xIx21DEmZtYqFOg1DNPK1xYLS0pl -+RSMRRkJVN2mk/G7/1oxlB8Wb9wgi3GKUqqCYT11SnBjzq0NdoJ3E4GMedp5Lx3AZ -+4mFuRPUd4iV86tE0XDSHSFE7Y3ZkrOjD7Q/26/L53L/UH5z4HW6CHP5os7QERJjg -+c1S3x87wXWo9QXbB9b2xmf+c+aWwAAr1cviw38tru58jF3/IGyduj9H8claKQqBG -+cIOUF4aNe1hK2K3ArAOApUxr4KE+tCvrltRfiTmVFip0g9Jt1CPY3Zu7Bd4Z2ZkE -+DtSztpwa49HrWF5E9xpquvBL2U8jQ68E7Xd8Wp4orI/TIChriamBmdkgRz3H2LvN -+Ozb6+hsnEGrz3sp2RVAToSqA9ysa6nHZdfufPNtMEbQdO/k1ehmGRb0ljBRsO6b2 -+rsG2eYuC8tg8eCrIkua0TGRI7g6a4K32AJdzaX6NsISaaIW+OYJuoDSscvD3oOg8 -+PPEhU+zM7xJskTA+jxvPlikKx8V7MNHOCQECldJlUBwzJvqp40JvwfnDsF+8VYwd -+UaiieR3pzMzyTjpReXRmZbnRPusRcsVzxb2OhB79wmuy4UPjjQBX+7eD0rs8xxvW -+5a5q1Cjq4AvbwmmcA/wDrHDOjcbD/zodad2O1QtBWa/R4xyWea4zKsflgACE1zY9 -+wW2br7+YQFekcrXkkkEzgxd6zxv8KVEDpXRZjmAM1cI5LvkoN64To4GedN8Qe/G7 -+R9SZh9gnS17PTP64hK+aYqhFafMdu87q/+qLfxaSux727qE5hiW01u4nnWhACf9s -+xuOozowKqxZxkolMIyZv6Lddwy1Zv5qjCyd0DvM/1skpXWkb9kfabYC+OhjsjVhs -+0Ktfs6a5B3eixiw5x94hhIcTEcS4hmvhGUL72FiTca6ZeSERTKmNBy8CIQC9/ZUN -+uU/V5JTcnYyUGHzm7+XcZBjyGBagBj9rCmW3SQKCBQAJ/k9rb39f1cO+/3XDEMjy -+9bIEXSuS48g5RAc1UGd5nrrBQwuDxGWFyz0yvAY7LgyidZuJS21+MAp9EY7AOMmx -+TDttifNaBJYt4GZ8of166PcqTKkHQwq5uBpxeSDv/ZE8YbYfaCtLTcUC8KlO+l36 -+gjJHSkdkflSsGy1yObSNDQDfVAAwQs//TjDMnuEtvlNXZllsTvFFBceXVETn10K2 -+ZMmdSIJNfLnjReUKEN6PfeGqv7F4xoyGwUybEfRE4u5RmXrqCODaIjY3SNMrOq8B -+R3Ata/cCozsM1jIdIW2z+OybDJH+BYsYm2nkSZQjZS6javTYClLrntEKG/hAQwL8 -+F16YLOQXpHhgiAaWnTZzANtLppB2+5qCVy5ElzKongOwT8JTjTFXOaRnqe/ngm9W -+SSbrxfDaoWUOyK9XD8Cydzpv3n4Y8nWNGayi7/yAFCU36Ri040ufgv/TZLuKacnl -++3ga3ZUpRlSigzx0kb1+KjTSWeQ8vE/psdWjvBukVEbzdUauMLyRLo/6znSVvvPX -+UGhviThE5uhrsUg+wEPFINriSHfF7JDKVhDcJnLBdaXvfN52pkF/naLBF5Rt3Gvq -+fjCxjx0Sy9Lag1hDN4dor7dzuO7wmwOS01DJW1PtNLuuH0Bbqh1kYSaQkmyXBZWX -+qo8K3nkoDM0niOtJJubOhTNrGmSaZpNXkK3Mcy9rBbdvEs5O0Jmqaax/eOdU0Yot -+B3lX+3ddOseT2ZEFjzObqTtkWuFBeBxuYNcRTsu3qMdIBsEb8URQdsTtjoIja2fK -+hreVgjK36GW70KXEl8V/vq5qjQulmqkBEjmilcDuiREKqQuyeagUOnhQaBplqVco -+4xznh5DMBMRbpGb5lHxKv4cPNi+uNAJ5i98zWUM1JRt6aXnRCuWcll1z8fRZ+5kD -+vK9FaZU3VRMK/eknEG49cGr8OuJ6ZRSaC+tKwV1y+amkSZpKPWnk2bUnQI3ApJv3 -+k1e1EToeECpMUkLMDgNbpKBoz4nqMEvAAlYgw9xKNbLlQlahqTVEAmaJHh4yDMDy -+i7IZ9Wrn47IGoR7s3cvhDHUpRPeW4nsmgzj+tf5EAxemI61STZJTTWo0iaPGJxct -+9nhOOhw1I38Mvm4vkAbFH7YJ0B6QrjjYL2MbOTp5JiIh4vdOeWwNo9/y4ffyaN5+ -+ADpxuuIAmcbdr6GPOhkOFFixRJa0B2eP1i032HESlLs8RB9oYtdTXdXQotnIgJGd -+Y8tSKOa1zjzeLHn3AVpRZTUW++/BxmApV3GKIeG8fsUjg/df0QRrBcdC/1uccdaG -+KKlAOwlywVn5jUlwHkTmDiTM9w5AqVVGHZ2b+4ZgQW8jnPKN0SrKf6U555D+zp7E -+x4uXoE8ojN9y8m8UKf0cTLnujH2XgZorjPfuMOt5VZEhQFMS2QaljSeni5CJJ8gk -+XtztNqfBlAtWR4V5iAHeQOfIB2YaOy8GESda89tyKraKeaez41VblpTVHTeq9IIF -+YB4cQA2PfuNaGVRGLMAgT3Dvl+mxxxeJyxnGAiUcETU/jJJt9QombiuszBlYGQ5d -+ELOSm/eQSRARV9zNSt5jaQlMSjMBqenIEM09BzYqa7jDwqoztFxNdO8bcuQPuKwa -+4z3bBZ1yYm63WFdNbQqqGEwc0OYmqg1raJ0zltgHyjFyw8IGu4g/wETs+nVQcH7D -+vKuje86bePD6kD/LH3wmkA== -+-----END DSA PARAMETERS----- --- -2.30.2 - diff --git a/meta/recipes-connectivity/openssl/openssl/bti.patch b/meta/recipes-connectivity/openssl/openssl/bti.patch deleted file mode 100644 index 748576c30c..0000000000 --- a/meta/recipes-connectivity/openssl/openssl/bti.patch +++ /dev/null @@ -1,58 +0,0 @@ -From ba8a599395f8b770c76316b5f5b0f3838567014f Mon Sep 17 00:00:00 2001 -From: Tom Cosgrove -Date: Tue, 26 Mar 2024 13:18:00 +0000 -Subject: [PATCH] aarch64: fix BTI in bsaes assembly code - -In Arm systems where BTI is enabled but the Crypto extensions are not (more -likely in FVPs than in real hardware), the bit-sliced assembler code will -be used. However, this wasn't annotated with BTI instructions when BTI was -enabled, so the moment libssl jumps into this code it (correctly) aborts. - -Solve this by adding the missing BTI landing pads. - -Upstream-Status: Submitted [https://github.com/openssl/openssl/pull/23982] -Signed-off-by: Ross Burton ---- - crypto/aes/asm/bsaes-armv8.pl | 5 ++++- - 1 file changed, 4 insertions(+), 1 deletion(-) - -diff --git a/crypto/aes/asm/bsaes-armv8.pl b/crypto/aes/asm/bsaes-armv8.pl -index b3c97e439f..c3c5ff3e05 100644 ---- a/crypto/aes/asm/bsaes-armv8.pl -+++ b/crypto/aes/asm/bsaes-armv8.pl -@@ -1018,6 +1018,7 @@ _bsaes_key_convert: - // Initialisation vector overwritten with last quadword of ciphertext - // No output registers, usual AAPCS64 register preservation - ossl_bsaes_cbc_encrypt: -+ AARCH64_VALID_CALL_TARGET - cmp x2, #128 - bhs .Lcbc_do_bsaes - b AES_cbc_encrypt -@@ -1270,7 +1271,7 @@ ossl_bsaes_cbc_encrypt: - // Output text filled in - // No output registers, usual AAPCS64 register preservation - ossl_bsaes_ctr32_encrypt_blocks: -- -+ AARCH64_VALID_CALL_TARGET - cmp x2, #8 // use plain AES for - blo .Lctr_enc_short // small sizes - -@@ -1476,6 +1477,7 @@ ossl_bsaes_ctr32_encrypt_blocks: - // Output ciphertext filled in - // No output registers, usual AAPCS64 register preservation - ossl_bsaes_xts_encrypt: -+ AARCH64_VALID_CALL_TARGET - // Stack layout: - // sp -> - // nrounds*128-96 bytes: key schedule -@@ -1921,6 +1923,7 @@ ossl_bsaes_xts_encrypt: - // Output plaintext filled in - // No output registers, usual AAPCS64 register preservation - ossl_bsaes_xts_decrypt: -+ AARCH64_VALID_CALL_TARGET - // Stack layout: - // sp -> - // nrounds*128-96 bytes: key schedule --- -2.34.1 - diff --git a/meta/recipes-connectivity/openssl/openssl_3.2.1.bb b/meta/recipes-connectivity/openssl/openssl_3.2.2.bb similarity index 97% rename from meta/recipes-connectivity/openssl/openssl_3.2.1.bb rename to meta/recipes-connectivity/openssl/openssl_3.2.2.bb index 9bdf7e1ec6..1c92707144 100644 --- a/meta/recipes-connectivity/openssl/openssl_3.2.1.bb +++ b/meta/recipes-connectivity/openssl/openssl_3.2.2.bb @@ -12,16 +12,13 @@ SRC_URI = "http://www.openssl.org/source/openssl-${PV}.tar.gz \ file://0001-buildinfo-strip-sysroot-and-debug-prefix-map-from-co.patch \ file://0001-Configure-do-not-tweak-mips-cflags.patch \ file://0001-Added-handshake-history-reporting-when-test-fails.patch \ - file://bti.patch \ - file://CVE-2024-2511.patch \ - file://CVE-2024-4603.patch \ " SRC_URI:append:class-nativesdk = " \ file://environment.d-openssl.sh \ " -SRC_URI[sha256sum] = "83c7329fe52c850677d75e5d0b0ca245309b97e8ecbcfdc1dfdc4ab9fac35b39" +SRC_URI[sha256sum] = "197149c18d9e9f292c43f0400acaba12e5f52cacfe050f3d199277ea738ec2e7" inherit lib_package multilib_header multilib_script ptest perlnative manpages MULTILIB_SCRIPTS = "${PN}-bin:${bindir}/c_rehash" From patchwork Tue Jun 11 13:07:20 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-Patchwork-Submitter: Steve Sakoman X-Patchwork-Id: 44902 X-Patchwork-Delegate: steve@sakoman.com Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from aws-us-west-2-korg-lkml-1.web.codeaurora.org (localhost.localdomain [127.0.0.1]) by smtp.lore.kernel.org (Postfix) with ESMTP id CF652C41513 for ; Tue, 11 Jun 2024 13:07:46 +0000 (UTC) Received: from mail-pj1-f44.google.com (mail-pj1-f44.google.com [209.85.216.44]) by mx.groups.io with SMTP id smtpd.web11.9070.1718111262066346051 for ; Tue, 11 Jun 2024 06:07:42 -0700 Authentication-Results: mx.groups.io; dkim=pass header.i=@sakoman-com.20230601.gappssmtp.com header.s=20230601 header.b=m+T9nvvg; spf=softfail (domain: sakoman.com, ip: 209.85.216.44, mailfrom: steve@sakoman.com) Received: by mail-pj1-f44.google.com with SMTP id 98e67ed59e1d1-2c1a4192d55so4591539a91.2 for ; Tue, 11 Jun 2024 06:07:42 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=sakoman-com.20230601.gappssmtp.com; s=20230601; t=1718111261; x=1718716061; darn=lists.openembedded.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:from:to:cc:subject:date:message-id :reply-to; bh=sJFFC3fOnGTj6PwU83rvi3Xpp9BuRGHTW/vvv/0Dhw0=; b=m+T9nvvgJqHXmO21GGi5/+Lo7K30mSfCkCGhQSMxra+OshlzXQ7BEoGLYJK4Q97FgV ztn2VyPySm4sCIYTFFZHanspgDuVbcIbXsuQ5gLRtc2xZItKSc/pV1RLhS+zxuuzqh1r bbES4iRPPntNnK5X6Tm7zuVlGbc8HU8liqNK/VIfJY/zva/k6YYdZNArR37GKabRYZQ/ SPH/EB2aIz7zvfMv2gc0ec47cjF4f0GwA4wimlpBeimbKhLnyY6u02k4sDNLPe+HGkjI lPjR4QtFwgbnHLFOl+9Oov0VqMCQVk7egfvz2uapBuHwmtp3++ZhePfqpTsDFcHatt5q 9MBg== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1718111261; x=1718716061; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=sJFFC3fOnGTj6PwU83rvi3Xpp9BuRGHTW/vvv/0Dhw0=; b=iyS5dVfFFHXfUk+d95AxVVXIh/IIZe7JHIt30okuFK9JeFQEoIPsD7POAyItcpAR1a 4cGCVcqutug2eqQk9qvtozHpftPK48A+aKPwXwzKUrQkvvNTzA7IDeLjNOtusZOU5C3r wDJLH0XmXi9OCRxJ1zo1bxWZikm0LheCyV8berXryE/iteT5phdj44WKxAFQifp2GfSV nd+waXe9nVybY6VyY7CAkIkSqkQ4lyVQ4hD7sUR/Q4Q/BpA09rqKGeJEY/+i5nX1oyqy ggqfpLelm+CVqYebBdeRawlzgnKHTIK1JiXkTHXpQ98X6t816Bj5PsF4R/G81OhsmtVm z+kQ== X-Gm-Message-State: AOJu0YwhXMWJjnj7FWpbzSoC2OS2yVKanwf9f8/yIKvWI3aPKtnxwlGC MgfV6XF2KfAG3YkqKd7KnbhI9rkg/dsfGzB7yv3V3JtdayHmYqGfP3eLNK2JoeQWpk9SzUF50bK o X-Google-Smtp-Source: AGHT+IEB/HDbpadfoZUdfF8ZBLSvt9oAhn2aOKFMOLsrdGGViGlEeBmf5WAaLIwio292asjK4UnZZQ== X-Received: by 2002:a17:90a:2c48:b0:2c2:4114:cf49 with SMTP id 98e67ed59e1d1-2c2bcaf8ffemr12175289a91.26.1718111259795; Tue, 11 Jun 2024 06:07:39 -0700 (PDT) Received: from hexa.. ([98.142.47.158]) by smtp.gmail.com with ESMTPSA id 98e67ed59e1d1-2c3076dcf04sm4380915a91.48.2024.06.11.06.07.38 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Tue, 11 Jun 2024 06:07:39 -0700 (PDT) From: Steve Sakoman To: openembedded-core@lists.openembedded.org Subject: [OE-core][scarthgap 05/10] gcc : upgrade to v13.3 Date: Tue, 11 Jun 2024 06:07:20 -0700 Message-Id: <20b94a6f3681afc9d5f7c07d571fcc47efcc9827.1718111104.git.steve@sakoman.com> X-Mailer: git-send-email 2.34.1 In-Reply-To: References: MIME-Version: 1.0 List-Id: X-Webhook-Received: from li982-79.members.linode.com [45.33.32.79] by aws-us-west-2-korg-lkml-1.web.codeaurora.org with HTTPS for ; Tue, 11 Jun 2024 13:07:46 -0000 X-Groupsio-URL: https://lists.openembedded.org/g/openembedded-core/message/200514 From: Deepthi Hemraj gcc stable version upgraded from v13.2 to v13.3 Dropped CVE-2023-4039.patch, CVE-2024-0151.patch and 0026-aarch64-Fix-loose-ldpstp-check-PR111411.patch because its been taken to gcc-13.3 with below commits 71a2aa2127283f450c623d3604dbcabe0e14a8d4, 5550214b58e95320b54e42ef0e37c6479e04b27b and 4bb1ae3c13ce4fb72129229de66f5ffbcd45fe4c respectively. For changes in v13.3 see: https://gcc.gnu.org/onlinedocs/gcc-13.3.0/gcc/ Below is the bug fix list for v13.3 https://gcc.gnu.org/bugzilla/buglist.cgi?bug_status=RESOLVED&list_id=429106&resolution=FIXED&target_milestone=13.3 There are a total 173 bugs are fixed in this release, below is the list of bugs fixed excluding the regression fixes. ID Product Comp Assignee▲ Summary 114408 gcc analyzer dmalcolm ICE when invoking strcmp multiple times with -fsanitize=undefined -O1 -fanalyzer -flto 109251 gcc analyzer dmalcolm -Wanalyzer-deref-before-check false positives seen in Linux kernel due to check in macros 114473 gcc analyzer dmalcolm ICE: in deref_rvalue, at analyzer/region-model.cc:2780 with -fanalyzer -fanalyzer-call-summaries 100988 gcc fortran anlauf Missed optimization: RESTRICT missing for optional arguments 112764 gcc fortran anlauf Associating entity does not have target attribute if selector has pointer attribute in associate block 114001 gcc fortran anlauf is_contiguous considers unlimited polymorphic dummy always as contiguous 112787 gcc target avieira Codegen regression of large GCC vector extensions when enabling SVE 114160 gcc target cmuellner ICE on RISCV (-mcpu=thead-c906) when building glibc in dwarf2out_frame_debug_cfa_offset 110882 gcc analyzer dmalcolm ICE with -fanalyzer on zero-sized array 111289 gcc analyzer dmalcolm Unwarranted -Wanalyzer-va-arg-type-mismatch warning 112790 gcc analyzer dmalcolm Wanalyzer-deref-before-check false positives seen in Linux kernel due to inlining 112792 gcc analyzer dmalcolm Wanalyzer-out-of-bounds false positives seen on Linux kernel with certain unions 114316 gcc libstdc+ fdumont assert failure with _GLIBCXX_DEBUG and empty range of singular iterators passed to std:: algorithm 108121 gcc modula2 gaius Failing tests on x86_64-linux-gnu 110754 gcc middle-e jakub assume create spurious load for volatile variable 105456 gcc libfortr jvdelisle Child I/O does not propage iostat 114747 gcc target kito Wrong SEW set for mixed-size intrinsics 104831 gcc target patrick RISCV libatomic LR.aq/SC.rl pair insufficient for SEQ_CST 108174 gcc target pinskia ICE: tree check: expected function_type or method_type, have ggc_freed in aarch64_resolve_overloaded_memtag, at config/aarch64/aarch64-builtins.cc:3349 114314 gcc driver pinskia ICE: in common_handle_option, at opts.cc:3356 with -fno-multiflags 99493 gcc c++ ppalka Address of template parameter object is not a valid template argument 99631 gcc c++ ppalka decltype of non-type template-parameter shouldn't be const 104634 gcc c++ ppalka Explicit template instantiation does not work when there are multiple partial template specialization using concepts 110809 gcc c++ ppalka ICE: in unify, at cp/pt.cc:25226 with floating-point NTTPs 110927 gcc c++ ppalka GCC fails to parse dependent type in concept through partial specialization 111493 gcc c++ ppalka multidimensional subscript operator inside requires is broken 113242 gcc c++ ppalka g++ rejects-valid template argument of class type containing an lvalue reference 113529 gcc c++ ppalka Incorrect result of requires-expression in case of function call ambiguity and `operator<=>` 108046 gcc libstdc+ redi The dot in the floating-point alternative form has wrong position 110708 gcc libstdc+ redi std::format("{:%EEC %OOd}", std::chrono::system_clock::now()) should be rejected 2023-07-28 110719 gcc libstdc+ redi Should chrono formatters always use std::time_put for locale's representation? 110860 gcc libstdc+ redi std::format("{:f}",2e304) invokes undefined behaviour 110862 gcc libstdc+ redi format out of bounds read on format string "{0:{0}" 110917 gcc libstdc+ redi std::format_to(int*, ...) fails to compile because of _S_make_span 110944 gcc libstdc+ redi std::variant & optional GDB representation is too verbose 110968 gcc libstdc+ redi format out of bounds read on format("{:05L}",-1.f) 110970 gcc libstdc+ redi clang / c++23 missing 'typename' prior to dependent type name 110990 gcc libstdc+ redi `format_to_n` returns wrong value 111511 gcc libstdc+ redi Incorrect ADL in std::to_array in GCC 11/12/13 111826 gcc libstdc+ redi __cpp_lib_format should be 202110, not 202106 111948 gcc libstdc+ redi subrange modifies a const size object 112607 gcc libstdc+ redi _Normalize does not consider char_type for the basic_string_view case 112832 gcc libstdc+ redi Broken non-SFINAE-friendly `set_debug_format()` for `const char *` formatter 113500 gcc libstdc+ redi Using std::format with float or double based std::chrono::time_point causes error: no match for 'operator<<' 13512 gcc libstdc+ redi Incorrect results for std::format("{:#.3g}", flt) 114103 gcc libstdc+ redi FAIL: 29_atomics/atomic/lock_free_aliases.cc -std=gnu++20 (test for excess errors) 114152 gcc libstdc+ redi Wrong exception specifiers for LFTSv3 scope guard destructors 114863 gcc libstdc+ redi std::format applying grouping to nan's and inf's 115063 gcc libstdc+ redi compilation error: std::basic_stracktrace::max_size() 105523 gcc target saaadhu Wrong warning array subscript [0] is outside array bounds 93370 gcc target unassigned Aarch64 accepts but ignores target("+sm4") unless ARMv8.2-A is enabled 93762 gcc fortran unassigned Truncation of deferred-length string when passing as optional 100285 gcc libstdc+ unassigned experimental/net/socket/socket_base.cc fails on arm-eabi (r12-137) 106037 gcc ada unassigned internal error with Aggregate aspect on array type 110127 gcc c++ unassigned -fimplicit-constexpr leads to extremely slow and memory intensive compilation 110133 gcc libstdc+ unassigned System error message should ideally use strerror_r over strerror 110974 gcc libstdc+ unassigned format out of bounds read on invalid format string "{:{}." 111102 gcc libstdc+ unassigned illegal pointer arithmetic invoked by std::format("L{:65536}",1) 112480 gcc libstdc+ unassigned optional::reset emits inefficient code when T is trivially-destructible 113294 gcc libstdc+ unassigned constexpr error from accessing inactive union member in basic_string after move assignment 113815 gcc ada unassigned error: there is no applicable operator "*" for a string type 113824 gcc target unassigned AVR: ATA5795 in wrong multilib set 2024-02-08 113850 gcc libgcc unassigned condition variables timed wait does a lot of spurious wakeups on Win32 threading implementation 113927 gcc target unassigned Sets up a stack-frame even for trivial code 114136 gcc middle-e unassigned wrong code for c23 fully anonymous arg lists on arm 97245 gcc fortran anlauf ASSOCIATED intrinsic does not recognize a pointer variable the second time it is used 101135 gcc fortran anlauf Load of null pointer when passing absent assumed-shape array argument for an optional dummy argument 110825 gcc fortran anlauf TYPE(*) dummy argument to generate an unused hidden argument 110826 gcc fortran anlauf Fortran array of derived type with a pointer to function with dimensional arguments fails 113799 gcc fortran anlauf gfc_replace_expr: double free detected ? 114012 gcc fortran anlauf overloaded unary operator called twice 113601 gcc target gjl avr: Wrong SRAM start for ATmega3208 and ATmega3209 107201 gcc target unassigned -nodevicelib not working for devices -mmcu=avr... 114024 gcc fortran unassigned ICE allocate statement with source=cmp%re and z an array 53372 gcc target unassigned Section attribute ignored with address space 112952 gcc target unassigned avr: attribute address not working with -fdata-sections -fno-common 114752 gcc target unassigned AVR: internal compiler error. Unknown mode: const_double:DF 114794 gcc target unassigned Speed up udivmodqi4 Signed-off-by: Deepthi Hemraj Signed-off-by: Steve Sakoman --- meta/conf/distro/include/maintainers.inc | 2 +- .../gcc/{gcc-13.2.inc => gcc-13.3.inc} | 9 +- ...ian_13.2.bb => gcc-cross-canadian_13.3.bb} | 0 .../{gcc-cross_13.2.bb => gcc-cross_13.3.bb} | 0 ...-crosssdk_13.2.bb => gcc-crosssdk_13.3.bb} | 0 ...cc-runtime_13.2.bb => gcc-runtime_13.3.bb} | 0 ...itizers_13.2.bb => gcc-sanitizers_13.3.bb} | 0 ...{gcc-source_13.2.bb => gcc-source_13.3.bb} | 0 ...AMIC_LINKER-and-UCLIBC_DYNAMIC_LINKE.patch | 9 +- ...ch64-Fix-loose-ldpstp-check-PR111411.patch | 117 - .../gcc/gcc/CVE-2023-4039.patch | 3093 ----------------- .../gcc/gcc/CVE-2024-0151.patch | 315 -- .../gcc/{gcc_13.2.bb => gcc_13.3.bb} | 0 ...initial_13.2.bb => libgcc-initial_13.3.bb} | 0 .../gcc/{libgcc_13.2.bb => libgcc_13.3.bb} | 0 ...ibgfortran_13.2.bb => libgfortran_13.3.bb} | 0 16 files changed, 11 insertions(+), 3534 deletions(-) rename meta/recipes-devtools/gcc/{gcc-13.2.inc => gcc-13.3.inc} (94%) rename meta/recipes-devtools/gcc/{gcc-cross-canadian_13.2.bb => gcc-cross-canadian_13.3.bb} (100%) rename meta/recipes-devtools/gcc/{gcc-cross_13.2.bb => gcc-cross_13.3.bb} (100%) rename meta/recipes-devtools/gcc/{gcc-crosssdk_13.2.bb => gcc-crosssdk_13.3.bb} (100%) rename meta/recipes-devtools/gcc/{gcc-runtime_13.2.bb => gcc-runtime_13.3.bb} (100%) rename meta/recipes-devtools/gcc/{gcc-sanitizers_13.2.bb => gcc-sanitizers_13.3.bb} (100%) rename meta/recipes-devtools/gcc/{gcc-source_13.2.bb => gcc-source_13.3.bb} (100%) delete mode 100644 meta/recipes-devtools/gcc/gcc/0026-aarch64-Fix-loose-ldpstp-check-PR111411.patch delete mode 100644 meta/recipes-devtools/gcc/gcc/CVE-2023-4039.patch delete mode 100644 meta/recipes-devtools/gcc/gcc/CVE-2024-0151.patch rename meta/recipes-devtools/gcc/{gcc_13.2.bb => gcc_13.3.bb} (100%) rename meta/recipes-devtools/gcc/{libgcc-initial_13.2.bb => libgcc-initial_13.3.bb} (100%) rename meta/recipes-devtools/gcc/{libgcc_13.2.bb => libgcc_13.3.bb} (100%) rename meta/recipes-devtools/gcc/{libgfortran_13.2.bb => libgfortran_13.3.bb} (100%) diff --git a/meta/conf/distro/include/maintainers.inc b/meta/conf/distro/include/maintainers.inc index 20eb3a0446..58ef13f423 100644 --- a/meta/conf/distro/include/maintainers.inc +++ b/meta/conf/distro/include/maintainers.inc @@ -190,7 +190,7 @@ RECIPE_MAINTAINER:pn-gcc-cross-canadian-${TRANSLATED_TARGET_ARCH} = "Khem Raj -Date: Fri, 15 Sep 2023 09:19:14 +0100 -Subject: [PATCH] aarch64: Fix loose ldpstp check [PR111411] - -aarch64_operands_ok_for_ldpstp contained the code: - - /* One of the memory accesses must be a mempair operand. - If it is not the first one, they need to be swapped by the - peephole. */ - if (!aarch64_mem_pair_operand (mem_1, GET_MODE (mem_1)) - && !aarch64_mem_pair_operand (mem_2, GET_MODE (mem_2))) - return false; - -But the requirement isn't just that one of the accesses must be a -valid mempair operand. It's that the lower access must be, since -that's the access that will be used for the instruction operand. - -gcc/ - PR target/111411 - * config/aarch64/aarch64.cc (aarch64_operands_ok_for_ldpstp): Require - the lower memory access to a mem-pair operand. - -gcc/testsuite/ - PR target/111411 - * gcc.dg/rtl/aarch64/pr111411.c: New test. - -Upstream-Status: Backport [https://gcc.gnu.org/git/gitweb.cgi?p=gcc.git;h=2d38f45bcca62ca0c7afef4b579f82c5c2a01610] -Signed-off-by: Martin Jansa ---- - gcc/config/aarch64/aarch64.cc | 8 ++- - gcc/testsuite/gcc.dg/rtl/aarch64/pr111411.c | 57 +++++++++++++++++++++ - 2 files changed, 60 insertions(+), 5 deletions(-) - create mode 100644 gcc/testsuite/gcc.dg/rtl/aarch64/pr111411.c - -diff --git a/gcc/config/aarch64/aarch64.cc b/gcc/config/aarch64/aarch64.cc -index 6118a3354ac..9b1f791ca8b 100644 ---- a/gcc/config/aarch64/aarch64.cc -+++ b/gcc/config/aarch64/aarch64.cc -@@ -26154,11 +26154,9 @@ aarch64_operands_ok_for_ldpstp (rtx *operands, bool load, - gcc_assert (known_eq (GET_MODE_SIZE (GET_MODE (mem_1)), - GET_MODE_SIZE (GET_MODE (mem_2)))); - -- /* One of the memory accesses must be a mempair operand. -- If it is not the first one, they need to be swapped by the -- peephole. */ -- if (!aarch64_mem_pair_operand (mem_1, GET_MODE (mem_1)) -- && !aarch64_mem_pair_operand (mem_2, GET_MODE (mem_2))) -+ /* The lower memory access must be a mem-pair operand. */ -+ rtx lower_mem = reversed ? mem_2 : mem_1; -+ if (!aarch64_mem_pair_operand (lower_mem, GET_MODE (lower_mem))) - return false; - - if (REG_P (reg_1) && FP_REGNUM_P (REGNO (reg_1))) -diff --git a/gcc/testsuite/gcc.dg/rtl/aarch64/pr111411.c b/gcc/testsuite/gcc.dg/rtl/aarch64/pr111411.c -new file mode 100644 -index 00000000000..ad07e9c6c89 ---- /dev/null -+++ b/gcc/testsuite/gcc.dg/rtl/aarch64/pr111411.c -@@ -0,0 +1,57 @@ -+/* { dg-do compile { target aarch64*-*-* } } */ -+/* { dg-require-effective-target lp64 } */ -+/* { dg-options "-O -fdisable-rtl-postreload -fpeephole2 -fno-schedule-fusion" } */ -+ -+extern int data[]; -+ -+void __RTL (startwith ("ira")) foo (void *ptr) -+{ -+ (function "foo" -+ (param "ptr" -+ (DECL_RTL (reg/v:DI <0> [ ptr ])) -+ (DECL_RTL_INCOMING (reg/v:DI x0 [ ptr ])) -+ ) ;; param "ptr" -+ (insn-chain -+ (block 2 -+ (edge-from entry (flags "FALLTHRU")) -+ (cnote 3 [bb 2] NOTE_INSN_BASIC_BLOCK) -+ (insn 4 (set (reg:DI <0>) (reg:DI x0))) -+ (insn 5 (set (reg:DI <1>) -+ (plus:DI (reg:DI <0>) (const_int 768)))) -+ (insn 6 (set (mem:SI (plus:DI (reg:DI <0>) -+ (const_int 508)) [1 &data+508 S4 A4]) -+ (const_int 0))) -+ (insn 7 (set (mem:SI (plus:DI (reg:DI <1>) -+ (const_int -256)) [1 &data+512 S4 A4]) -+ (const_int 0))) -+ (edge-to exit (flags "FALLTHRU")) -+ ) ;; block 2 -+ ) ;; insn-chain -+ ) ;; function -+} -+ -+void __RTL (startwith ("ira")) bar (void *ptr) -+{ -+ (function "bar" -+ (param "ptr" -+ (DECL_RTL (reg/v:DI <0> [ ptr ])) -+ (DECL_RTL_INCOMING (reg/v:DI x0 [ ptr ])) -+ ) ;; param "ptr" -+ (insn-chain -+ (block 2 -+ (edge-from entry (flags "FALLTHRU")) -+ (cnote 3 [bb 2] NOTE_INSN_BASIC_BLOCK) -+ (insn 4 (set (reg:DI <0>) (reg:DI x0))) -+ (insn 5 (set (reg:DI <1>) -+ (plus:DI (reg:DI <0>) (const_int 768)))) -+ (insn 6 (set (mem:SI (plus:DI (reg:DI <1>) -+ (const_int -256)) [1 &data+512 S4 A4]) -+ (const_int 0))) -+ (insn 7 (set (mem:SI (plus:DI (reg:DI <0>) -+ (const_int 508)) [1 &data+508 S4 A4]) -+ (const_int 0))) -+ (edge-to exit (flags "FALLTHRU")) -+ ) ;; block 2 -+ ) ;; insn-chain -+ ) ;; function -+} diff --git a/meta/recipes-devtools/gcc/gcc/CVE-2023-4039.patch b/meta/recipes-devtools/gcc/gcc/CVE-2023-4039.patch deleted file mode 100644 index 81b5067c33..0000000000 --- a/meta/recipes-devtools/gcc/gcc/CVE-2023-4039.patch +++ /dev/null @@ -1,3093 +0,0 @@ -From: Richard Sandiford -Subject: [PATCH 00/19] aarch64: Fix -fstack-protector issue -Date: Tue, 12 Sep 2023 16:25:10 +0100 - -This series of patches fixes deficiencies in GCC's -fstack-protector -implementation for AArch64 when using dynamically allocated stack space. -This is CVE-2023-4039. See: - -https://developer.arm.com/Arm%20Security%20Center/GCC%20Stack%20Protector%20Vulnerability%20AArch64 -https://github.com/metaredteam/external-disclosures/security/advisories/GHSA-x7ch-h5rf-w2mf - -for more details. - -The fix is to put the saved registers above the locals area when --fstack-protector is used. - -The series also fixes a stack-clash problem that I found while working -on the CVE. In unpatched sources, the stack-clash problem would only -trigger for unrealistic numbers of arguments (8K 64-bit arguments, or an -equivalent). But it would be a more significant issue with the new --fstack-protector frame layout. It's therefore important that both -problems are fixed together. - -Some reorganisation of the code seemed necessary to fix the problems in a -cleanish way. The series is therefore quite long, but only a handful of -patches should have any effect on code generation. - -See the individual patches for a detailed description. - -Tested on aarch64-linux-gnu. Pushed to trunk and to all active branches. -I've also pushed backports to GCC 7+ to vendors/ARM/heads/CVE-2023-4039. - -CVE: CVE-2023-4039 -Upstream-Status: Backport -Signed-off-by: Ross Burton - - -From 71a2aa2127283f450c623d3604dbcabe0e14a8d4 Mon Sep 17 00:00:00 2001 -From: Richard Sandiford -Date: Tue, 12 Sep 2023 16:07:12 +0100 -Subject: [PATCH 01/19] aarch64: Use local frame vars in shrink-wrapping code - -aarch64_layout_frame uses a shorthand for referring to -cfun->machine->frame: - - aarch64_frame &frame = cfun->machine->frame; - -This patch does the same for some other heavy users of the structure. -No functional change intended. - -gcc/ - * config/aarch64/aarch64.cc (aarch64_save_callee_saves): Use - a local shorthand for cfun->machine->frame. - (aarch64_restore_callee_saves, aarch64_get_separate_components): - (aarch64_process_components): Likewise. - (aarch64_allocate_and_probe_stack_space): Likewise. - (aarch64_expand_prologue, aarch64_expand_epilogue): Likewise. - (aarch64_layout_frame): Use existing shorthand for one more case. ---- - gcc/config/aarch64/aarch64.cc | 123 ++++++++++++++++++---------------- - 1 file changed, 64 insertions(+), 59 deletions(-) - -diff --git a/gcc/config/aarch64/aarch64.cc b/gcc/config/aarch64/aarch64.cc -index 822a2b49a46..5d473d161d9 100644 ---- a/gcc/config/aarch64/aarch64.cc -+++ b/gcc/config/aarch64/aarch64.cc -@@ -8612,7 +8612,7 @@ aarch64_layout_frame (void) - frame.is_scs_enabled - = (!crtl->calls_eh_return - && sanitize_flags_p (SANITIZE_SHADOW_CALL_STACK) -- && known_ge (cfun->machine->frame.reg_offset[LR_REGNUM], 0)); -+ && known_ge (frame.reg_offset[LR_REGNUM], 0)); - - /* When shadow call stack is enabled, the scs_pop in the epilogue will - restore x30, and we don't need to pop x30 again in the traditional -@@ -9078,6 +9078,7 @@ aarch64_save_callee_saves (poly_int64 start_offset, - unsigned start, unsigned limit, bool skip_wb, - bool hard_fp_valid_p) - { -+ aarch64_frame &frame = cfun->machine->frame; - rtx_insn *insn; - unsigned regno; - unsigned regno2; -@@ -9092,8 +9093,8 @@ aarch64_save_callee_saves (poly_int64 start_offset, - bool frame_related_p = aarch64_emit_cfi_for_reg_p (regno); - - if (skip_wb -- && (regno == cfun->machine->frame.wb_push_candidate1 -- || regno == cfun->machine->frame.wb_push_candidate2)) -+ && (regno == frame.wb_push_candidate1 -+ || regno == frame.wb_push_candidate2)) - continue; - - if (cfun->machine->reg_is_wrapped_separately[regno]) -@@ -9101,7 +9102,7 @@ aarch64_save_callee_saves (poly_int64 start_offset, - - machine_mode mode = aarch64_reg_save_mode (regno); - reg = gen_rtx_REG (mode, regno); -- offset = start_offset + cfun->machine->frame.reg_offset[regno]; -+ offset = start_offset + frame.reg_offset[regno]; - rtx base_rtx = stack_pointer_rtx; - poly_int64 sp_offset = offset; - -@@ -9114,7 +9115,7 @@ aarch64_save_callee_saves (poly_int64 start_offset, - { - gcc_assert (known_eq (start_offset, 0)); - poly_int64 fp_offset -- = cfun->machine->frame.below_hard_fp_saved_regs_size; -+ = frame.below_hard_fp_saved_regs_size; - if (hard_fp_valid_p) - base_rtx = hard_frame_pointer_rtx; - else -@@ -9136,8 +9137,7 @@ aarch64_save_callee_saves (poly_int64 start_offset, - && (regno2 = aarch64_next_callee_save (regno + 1, limit)) <= limit - && !cfun->machine->reg_is_wrapped_separately[regno2] - && known_eq (GET_MODE_SIZE (mode), -- cfun->machine->frame.reg_offset[regno2] -- - cfun->machine->frame.reg_offset[regno])) -+ frame.reg_offset[regno2] - frame.reg_offset[regno])) - { - rtx reg2 = gen_rtx_REG (mode, regno2); - rtx mem2; -@@ -9187,6 +9187,7 @@ static void - aarch64_restore_callee_saves (poly_int64 start_offset, unsigned start, - unsigned limit, bool skip_wb, rtx *cfi_ops) - { -+ aarch64_frame &frame = cfun->machine->frame; - unsigned regno; - unsigned regno2; - poly_int64 offset; -@@ -9203,13 +9204,13 @@ aarch64_restore_callee_saves (poly_int64 start_offset, unsigned start, - rtx reg, mem; - - if (skip_wb -- && (regno == cfun->machine->frame.wb_pop_candidate1 -- || regno == cfun->machine->frame.wb_pop_candidate2)) -+ && (regno == frame.wb_pop_candidate1 -+ || regno == frame.wb_pop_candidate2)) - continue; - - machine_mode mode = aarch64_reg_save_mode (regno); - reg = gen_rtx_REG (mode, regno); -- offset = start_offset + cfun->machine->frame.reg_offset[regno]; -+ offset = start_offset + frame.reg_offset[regno]; - rtx base_rtx = stack_pointer_rtx; - if (mode == VNx2DImode && BYTES_BIG_ENDIAN) - aarch64_adjust_sve_callee_save_base (mode, base_rtx, anchor_reg, -@@ -9220,8 +9221,7 @@ aarch64_restore_callee_saves (poly_int64 start_offset, unsigned start, - && (regno2 = aarch64_next_callee_save (regno + 1, limit)) <= limit - && !cfun->machine->reg_is_wrapped_separately[regno2] - && known_eq (GET_MODE_SIZE (mode), -- cfun->machine->frame.reg_offset[regno2] -- - cfun->machine->frame.reg_offset[regno])) -+ frame.reg_offset[regno2] - frame.reg_offset[regno])) - { - rtx reg2 = gen_rtx_REG (mode, regno2); - rtx mem2; -@@ -9326,6 +9326,7 @@ offset_12bit_unsigned_scaled_p (machine_mode mode, poly_int64 offset) - static sbitmap - aarch64_get_separate_components (void) - { -+ aarch64_frame &frame = cfun->machine->frame; - sbitmap components = sbitmap_alloc (LAST_SAVED_REGNUM + 1); - bitmap_clear (components); - -@@ -9342,18 +9343,18 @@ aarch64_get_separate_components (void) - if (mode == VNx2DImode && BYTES_BIG_ENDIAN) - continue; - -- poly_int64 offset = cfun->machine->frame.reg_offset[regno]; -+ poly_int64 offset = frame.reg_offset[regno]; - - /* If the register is saved in the first SVE save slot, we use - it as a stack probe for -fstack-clash-protection. */ - if (flag_stack_clash_protection -- && maybe_ne (cfun->machine->frame.below_hard_fp_saved_regs_size, 0) -+ && maybe_ne (frame.below_hard_fp_saved_regs_size, 0) - && known_eq (offset, 0)) - continue; - - /* Get the offset relative to the register we'll use. */ - if (frame_pointer_needed) -- offset -= cfun->machine->frame.below_hard_fp_saved_regs_size; -+ offset -= frame.below_hard_fp_saved_regs_size; - else - offset += crtl->outgoing_args_size; - -@@ -9372,11 +9373,11 @@ aarch64_get_separate_components (void) - /* If the spare predicate register used by big-endian SVE code - is call-preserved, it must be saved in the main prologue - before any saves that use it. */ -- if (cfun->machine->frame.spare_pred_reg != INVALID_REGNUM) -- bitmap_clear_bit (components, cfun->machine->frame.spare_pred_reg); -+ if (frame.spare_pred_reg != INVALID_REGNUM) -+ bitmap_clear_bit (components, frame.spare_pred_reg); - -- unsigned reg1 = cfun->machine->frame.wb_push_candidate1; -- unsigned reg2 = cfun->machine->frame.wb_push_candidate2; -+ unsigned reg1 = frame.wb_push_candidate1; -+ unsigned reg2 = frame.wb_push_candidate2; - /* If registers have been chosen to be stored/restored with - writeback don't interfere with them to avoid having to output explicit - stack adjustment instructions. */ -@@ -9485,6 +9486,7 @@ aarch64_get_next_set_bit (sbitmap bmp, unsigned int start) - static void - aarch64_process_components (sbitmap components, bool prologue_p) - { -+ aarch64_frame &frame = cfun->machine->frame; - rtx ptr_reg = gen_rtx_REG (Pmode, frame_pointer_needed - ? HARD_FRAME_POINTER_REGNUM - : STACK_POINTER_REGNUM); -@@ -9499,9 +9501,9 @@ aarch64_process_components (sbitmap components, bool prologue_p) - machine_mode mode = aarch64_reg_save_mode (regno); - - rtx reg = gen_rtx_REG (mode, regno); -- poly_int64 offset = cfun->machine->frame.reg_offset[regno]; -+ poly_int64 offset = frame.reg_offset[regno]; - if (frame_pointer_needed) -- offset -= cfun->machine->frame.below_hard_fp_saved_regs_size; -+ offset -= frame.below_hard_fp_saved_regs_size; - else - offset += crtl->outgoing_args_size; - -@@ -9526,14 +9528,14 @@ aarch64_process_components (sbitmap components, bool prologue_p) - break; - } - -- poly_int64 offset2 = cfun->machine->frame.reg_offset[regno2]; -+ poly_int64 offset2 = frame.reg_offset[regno2]; - /* The next register is not of the same class or its offset is not - mergeable with the current one into a pair. */ - if (aarch64_sve_mode_p (mode) - || !satisfies_constraint_Ump (mem) - || GP_REGNUM_P (regno) != GP_REGNUM_P (regno2) - || (crtl->abi->id () == ARM_PCS_SIMD && FP_REGNUM_P (regno)) -- || maybe_ne ((offset2 - cfun->machine->frame.reg_offset[regno]), -+ || maybe_ne ((offset2 - frame.reg_offset[regno]), - GET_MODE_SIZE (mode))) - { - insn = emit_insn (set); -@@ -9555,7 +9557,7 @@ aarch64_process_components (sbitmap components, bool prologue_p) - /* REGNO2 can be saved/restored in a pair with REGNO. */ - rtx reg2 = gen_rtx_REG (mode, regno2); - if (frame_pointer_needed) -- offset2 -= cfun->machine->frame.below_hard_fp_saved_regs_size; -+ offset2 -= frame.below_hard_fp_saved_regs_size; - else - offset2 += crtl->outgoing_args_size; - rtx addr2 = plus_constant (Pmode, ptr_reg, offset2); -@@ -9650,6 +9652,7 @@ aarch64_allocate_and_probe_stack_space (rtx temp1, rtx temp2, - bool frame_related_p, - bool final_adjustment_p) - { -+ aarch64_frame &frame = cfun->machine->frame; - HOST_WIDE_INT guard_size - = 1 << param_stack_clash_protection_guard_size; - HOST_WIDE_INT guard_used_by_caller = STACK_CLASH_CALLER_GUARD; -@@ -9670,25 +9673,25 @@ aarch64_allocate_and_probe_stack_space (rtx temp1, rtx temp2, - register as a probe. We can't assume that LR was saved at position 0 - though, so treat any space below it as unprobed. */ - if (final_adjustment_p -- && known_eq (cfun->machine->frame.below_hard_fp_saved_regs_size, 0)) -+ && known_eq (frame.below_hard_fp_saved_regs_size, 0)) - { -- poly_int64 lr_offset = cfun->machine->frame.reg_offset[LR_REGNUM]; -+ poly_int64 lr_offset = frame.reg_offset[LR_REGNUM]; - if (known_ge (lr_offset, 0)) - min_probe_threshold -= lr_offset.to_constant (); - else - gcc_assert (!flag_stack_clash_protection || known_eq (poly_size, 0)); - } - -- poly_int64 frame_size = cfun->machine->frame.frame_size; -+ poly_int64 frame_size = frame.frame_size; - - /* We should always have a positive probe threshold. */ - gcc_assert (min_probe_threshold > 0); - - if (flag_stack_clash_protection && !final_adjustment_p) - { -- poly_int64 initial_adjust = cfun->machine->frame.initial_adjust; -- poly_int64 sve_callee_adjust = cfun->machine->frame.sve_callee_adjust; -- poly_int64 final_adjust = cfun->machine->frame.final_adjust; -+ poly_int64 initial_adjust = frame.initial_adjust; -+ poly_int64 sve_callee_adjust = frame.sve_callee_adjust; -+ poly_int64 final_adjust = frame.final_adjust; - - if (known_eq (frame_size, 0)) - { -@@ -9977,17 +9980,18 @@ aarch64_epilogue_uses (int regno) - void - aarch64_expand_prologue (void) - { -- poly_int64 frame_size = cfun->machine->frame.frame_size; -- poly_int64 initial_adjust = cfun->machine->frame.initial_adjust; -- HOST_WIDE_INT callee_adjust = cfun->machine->frame.callee_adjust; -- poly_int64 final_adjust = cfun->machine->frame.final_adjust; -- poly_int64 callee_offset = cfun->machine->frame.callee_offset; -- poly_int64 sve_callee_adjust = cfun->machine->frame.sve_callee_adjust; -+ aarch64_frame &frame = cfun->machine->frame; -+ poly_int64 frame_size = frame.frame_size; -+ poly_int64 initial_adjust = frame.initial_adjust; -+ HOST_WIDE_INT callee_adjust = frame.callee_adjust; -+ poly_int64 final_adjust = frame.final_adjust; -+ poly_int64 callee_offset = frame.callee_offset; -+ poly_int64 sve_callee_adjust = frame.sve_callee_adjust; - poly_int64 below_hard_fp_saved_regs_size -- = cfun->machine->frame.below_hard_fp_saved_regs_size; -- unsigned reg1 = cfun->machine->frame.wb_push_candidate1; -- unsigned reg2 = cfun->machine->frame.wb_push_candidate2; -- bool emit_frame_chain = cfun->machine->frame.emit_frame_chain; -+ = frame.below_hard_fp_saved_regs_size; -+ unsigned reg1 = frame.wb_push_candidate1; -+ unsigned reg2 = frame.wb_push_candidate2; -+ bool emit_frame_chain = frame.emit_frame_chain; - rtx_insn *insn; - - if (flag_stack_clash_protection && known_eq (callee_adjust, 0)) -@@ -10018,7 +10022,7 @@ aarch64_expand_prologue (void) - } - - /* Push return address to shadow call stack. */ -- if (cfun->machine->frame.is_scs_enabled) -+ if (frame.is_scs_enabled) - emit_insn (gen_scs_push ()); - - if (flag_stack_usage_info) -@@ -10057,7 +10061,7 @@ aarch64_expand_prologue (void) - - /* The offset of the frame chain record (if any) from the current SP. */ - poly_int64 chain_offset = (initial_adjust + callee_adjust -- - cfun->machine->frame.hard_fp_offset); -+ - frame.hard_fp_offset); - gcc_assert (known_ge (chain_offset, 0)); - - /* The offset of the bottom of the save area from the current SP. */ -@@ -10160,16 +10164,17 @@ aarch64_use_return_insn_p (void) - void - aarch64_expand_epilogue (bool for_sibcall) - { -- poly_int64 initial_adjust = cfun->machine->frame.initial_adjust; -- HOST_WIDE_INT callee_adjust = cfun->machine->frame.callee_adjust; -- poly_int64 final_adjust = cfun->machine->frame.final_adjust; -- poly_int64 callee_offset = cfun->machine->frame.callee_offset; -- poly_int64 sve_callee_adjust = cfun->machine->frame.sve_callee_adjust; -+ aarch64_frame &frame = cfun->machine->frame; -+ poly_int64 initial_adjust = frame.initial_adjust; -+ HOST_WIDE_INT callee_adjust = frame.callee_adjust; -+ poly_int64 final_adjust = frame.final_adjust; -+ poly_int64 callee_offset = frame.callee_offset; -+ poly_int64 sve_callee_adjust = frame.sve_callee_adjust; - poly_int64 below_hard_fp_saved_regs_size -- = cfun->machine->frame.below_hard_fp_saved_regs_size; -- unsigned reg1 = cfun->machine->frame.wb_pop_candidate1; -- unsigned reg2 = cfun->machine->frame.wb_pop_candidate2; -- unsigned int last_gpr = (cfun->machine->frame.is_scs_enabled -+ = frame.below_hard_fp_saved_regs_size; -+ unsigned reg1 = frame.wb_pop_candidate1; -+ unsigned reg2 = frame.wb_pop_candidate2; -+ unsigned int last_gpr = (frame.is_scs_enabled - ? R29_REGNUM : R30_REGNUM); - rtx cfi_ops = NULL; - rtx_insn *insn; -@@ -10203,7 +10208,7 @@ aarch64_expand_epilogue (bool for_sibcall) - /* We need to add memory barrier to prevent read from deallocated stack. */ - bool need_barrier_p - = maybe_ne (get_frame_size () -- + cfun->machine->frame.saved_varargs_size, 0); -+ + frame.saved_varargs_size, 0); - - /* Emit a barrier to prevent loads from a deallocated stack. */ - if (maybe_gt (final_adjust, crtl->outgoing_args_size) -@@ -10284,7 +10289,7 @@ aarch64_expand_epilogue (bool for_sibcall) - } - - /* Pop return address from shadow call stack. */ -- if (cfun->machine->frame.is_scs_enabled) -+ if (frame.is_scs_enabled) - { - machine_mode mode = aarch64_reg_save_mode (R30_REGNUM); - rtx reg = gen_rtx_REG (mode, R30_REGNUM); -@@ -12740,24 +12745,24 @@ aarch64_can_eliminate (const int from ATTRIBUTE_UNUSED, const int to) - poly_int64 - aarch64_initial_elimination_offset (unsigned from, unsigned to) - { -+ aarch64_frame &frame = cfun->machine->frame; -+ - if (to == HARD_FRAME_POINTER_REGNUM) - { - if (from == ARG_POINTER_REGNUM) -- return cfun->machine->frame.hard_fp_offset; -+ return frame.hard_fp_offset; - - if (from == FRAME_POINTER_REGNUM) -- return cfun->machine->frame.hard_fp_offset -- - cfun->machine->frame.locals_offset; -+ return frame.hard_fp_offset - frame.locals_offset; - } - - if (to == STACK_POINTER_REGNUM) - { - if (from == FRAME_POINTER_REGNUM) -- return cfun->machine->frame.frame_size -- - cfun->machine->frame.locals_offset; -+ return frame.frame_size - frame.locals_offset; - } - -- return cfun->machine->frame.frame_size; -+ return frame.frame_size; - } - - --- -2.34.1 - - -From 89a9fa287706c5011f61926eaf65e7b996b963a3 Mon Sep 17 00:00:00 2001 -From: Richard Sandiford -Date: Tue, 12 Sep 2023 16:07:12 +0100 -Subject: [PATCH 02/19] aarch64: Avoid a use of callee_offset - -When we emit the frame chain, i.e. when we reach Here in this statement -of aarch64_expand_prologue: - - if (emit_frame_chain) - { - // Here - ... - } - -the stack is in one of two states: - -- We've allocated up to the frame chain, but no more. - -- We've allocated the whole frame, and the frame chain is within easy - reach of the new SP. - -The offset of the frame chain from the current SP is available -in aarch64_frame as callee_offset. It is also available as the -chain_offset local variable, where the latter is calculated from other -data. (However, chain_offset is not always equal to callee_offset when -!emit_frame_chain, so chain_offset isn't redundant.) - -In c600df9a4060da3c6121ff4d0b93f179eafd69d1 I switched to using -chain_offset for the initialisation of the hard frame pointer: - - aarch64_add_offset (Pmode, hard_frame_pointer_rtx, -- stack_pointer_rtx, callee_offset, -+ stack_pointer_rtx, chain_offset, - tmp1_rtx, tmp0_rtx, frame_pointer_needed); - -But the later REG_CFA_ADJUST_CFA handling still used callee_offset. - -I think the difference is harmless, but it's more logical for the -CFA note to be in sync, and it's more convenient for later patches -if it uses chain_offset. - -gcc/ - * config/aarch64/aarch64.cc (aarch64_expand_prologue): Use - chain_offset rather than callee_offset. ---- - gcc/config/aarch64/aarch64.cc | 4 +--- - 1 file changed, 1 insertion(+), 3 deletions(-) - -diff --git a/gcc/config/aarch64/aarch64.cc b/gcc/config/aarch64/aarch64.cc -index 5d473d161d9..4f233c95140 100644 ---- a/gcc/config/aarch64/aarch64.cc -+++ b/gcc/config/aarch64/aarch64.cc -@@ -9985,7 +9985,6 @@ aarch64_expand_prologue (void) - poly_int64 initial_adjust = frame.initial_adjust; - HOST_WIDE_INT callee_adjust = frame.callee_adjust; - poly_int64 final_adjust = frame.final_adjust; -- poly_int64 callee_offset = frame.callee_offset; - poly_int64 sve_callee_adjust = frame.sve_callee_adjust; - poly_int64 below_hard_fp_saved_regs_size - = frame.below_hard_fp_saved_regs_size; -@@ -10098,8 +10097,7 @@ aarch64_expand_prologue (void) - implicit. */ - if (!find_reg_note (insn, REG_CFA_ADJUST_CFA, NULL_RTX)) - { -- rtx src = plus_constant (Pmode, stack_pointer_rtx, -- callee_offset); -+ rtx src = plus_constant (Pmode, stack_pointer_rtx, chain_offset); - add_reg_note (insn, REG_CFA_ADJUST_CFA, - gen_rtx_SET (hard_frame_pointer_rtx, src)); - } --- -2.34.1 - - -From b36a2a78040722dab6124366c5d6baf8eaf80aef Mon Sep 17 00:00:00 2001 -From: Richard Sandiford -Date: Tue, 12 Sep 2023 16:07:13 +0100 -Subject: [PATCH 03/19] aarch64: Explicitly handle frames with no saved - registers - -If a frame has no saved registers, it can be allocated in one go. -There is no need to treat the areas below and above the saved -registers as separate. - -And if we allocate the frame in one go, it should be allocated -as the initial_adjust rather than the final_adjust. This allows the -frame size to grow to guard_size - guard_used_by_caller before a stack -probe is needed. (A frame with no register saves is necessarily a -leaf frame.) - -This is a no-op as thing stand, since a leaf function will have -no outgoing arguments, and so all the frame will be above where -the saved registers normally go. - -gcc/ - * config/aarch64/aarch64.cc (aarch64_layout_frame): Explicitly - allocate the frame in one go if there are no saved registers. ---- - gcc/config/aarch64/aarch64.cc | 8 +++++--- - 1 file changed, 5 insertions(+), 3 deletions(-) - -diff --git a/gcc/config/aarch64/aarch64.cc b/gcc/config/aarch64/aarch64.cc -index 4f233c95140..37643041ffb 100644 ---- a/gcc/config/aarch64/aarch64.cc -+++ b/gcc/config/aarch64/aarch64.cc -@@ -8639,9 +8639,11 @@ aarch64_layout_frame (void) - - HOST_WIDE_INT const_size, const_outgoing_args_size, const_fp_offset; - HOST_WIDE_INT const_saved_regs_size; -- if (frame.frame_size.is_constant (&const_size) -- && const_size < max_push_offset -- && known_eq (frame.hard_fp_offset, const_size)) -+ if (known_eq (frame.saved_regs_size, 0)) -+ frame.initial_adjust = frame.frame_size; -+ else if (frame.frame_size.is_constant (&const_size) -+ && const_size < max_push_offset -+ && known_eq (frame.hard_fp_offset, const_size)) - { - /* Simple, small frame with no outgoing arguments: - --- -2.34.1 - - -From ada2ab0093596be707f23a3466ac82cff59fcffe Mon Sep 17 00:00:00 2001 -From: Richard Sandiford -Date: Tue, 12 Sep 2023 16:07:13 +0100 -Subject: [PATCH 04/19] aarch64: Add bytes_below_saved_regs to frame info - -The frame layout code currently hard-codes the assumption that -the number of bytes below the saved registers is equal to the -size of the outgoing arguments. This patch abstracts that -value into a new field of aarch64_frame. - -gcc/ - * config/aarch64/aarch64.h (aarch64_frame::bytes_below_saved_regs): New - field. - * config/aarch64/aarch64.cc (aarch64_layout_frame): Initialize it, - and use it instead of crtl->outgoing_args_size. - (aarch64_get_separate_components): Use bytes_below_saved_regs instead - of outgoing_args_size. - (aarch64_process_components): Likewise. ---- - gcc/config/aarch64/aarch64.cc | 71 ++++++++++++++++++----------------- - gcc/config/aarch64/aarch64.h | 5 +++ - 2 files changed, 41 insertions(+), 35 deletions(-) - -diff --git a/gcc/config/aarch64/aarch64.cc b/gcc/config/aarch64/aarch64.cc -index 37643041ffb..dacc2b0e4dd 100644 ---- a/gcc/config/aarch64/aarch64.cc -+++ b/gcc/config/aarch64/aarch64.cc -@@ -8478,6 +8478,8 @@ aarch64_layout_frame (void) - gcc_assert (crtl->is_leaf - || maybe_ne (frame.reg_offset[R30_REGNUM], SLOT_NOT_REQUIRED)); - -+ frame.bytes_below_saved_regs = crtl->outgoing_args_size; -+ - /* Now assign stack slots for the registers. Start with the predicate - registers, since predicate LDR and STR have a relatively small - offset range. These saves happen below the hard frame pointer. */ -@@ -8582,18 +8584,18 @@ aarch64_layout_frame (void) - - poly_int64 varargs_and_saved_regs_size = offset + frame.saved_varargs_size; - -- poly_int64 above_outgoing_args -+ poly_int64 saved_regs_and_above - = aligned_upper_bound (varargs_and_saved_regs_size - + get_frame_size (), - STACK_BOUNDARY / BITS_PER_UNIT); - - frame.hard_fp_offset -- = above_outgoing_args - frame.below_hard_fp_saved_regs_size; -+ = saved_regs_and_above - frame.below_hard_fp_saved_regs_size; - - /* Both these values are already aligned. */ -- gcc_assert (multiple_p (crtl->outgoing_args_size, -+ gcc_assert (multiple_p (frame.bytes_below_saved_regs, - STACK_BOUNDARY / BITS_PER_UNIT)); -- frame.frame_size = above_outgoing_args + crtl->outgoing_args_size; -+ frame.frame_size = saved_regs_and_above + frame.bytes_below_saved_regs; - - frame.locals_offset = frame.saved_varargs_size; - -@@ -8637,7 +8639,7 @@ aarch64_layout_frame (void) - else if (frame.wb_pop_candidate1 != INVALID_REGNUM) - max_push_offset = 256; - -- HOST_WIDE_INT const_size, const_outgoing_args_size, const_fp_offset; -+ HOST_WIDE_INT const_size, const_below_saved_regs, const_fp_offset; - HOST_WIDE_INT const_saved_regs_size; - if (known_eq (frame.saved_regs_size, 0)) - frame.initial_adjust = frame.frame_size; -@@ -8645,31 +8647,31 @@ aarch64_layout_frame (void) - && const_size < max_push_offset - && known_eq (frame.hard_fp_offset, const_size)) - { -- /* Simple, small frame with no outgoing arguments: -+ /* Simple, small frame with no data below the saved registers. - - stp reg1, reg2, [sp, -frame_size]! - stp reg3, reg4, [sp, 16] */ - frame.callee_adjust = const_size; - } -- else if (crtl->outgoing_args_size.is_constant (&const_outgoing_args_size) -+ else if (frame.bytes_below_saved_regs.is_constant (&const_below_saved_regs) - && frame.saved_regs_size.is_constant (&const_saved_regs_size) -- && const_outgoing_args_size + const_saved_regs_size < 512 -- /* We could handle this case even with outgoing args, provided -- that the number of args left us with valid offsets for all -- predicate and vector save slots. It's such a rare case that -- it hardly seems worth the effort though. */ -- && (!saves_below_hard_fp_p || const_outgoing_args_size == 0) -+ && const_below_saved_regs + const_saved_regs_size < 512 -+ /* We could handle this case even with data below the saved -+ registers, provided that that data left us with valid offsets -+ for all predicate and vector save slots. It's such a rare -+ case that it hardly seems worth the effort though. */ -+ && (!saves_below_hard_fp_p || const_below_saved_regs == 0) - && !(cfun->calls_alloca - && frame.hard_fp_offset.is_constant (&const_fp_offset) - && const_fp_offset < max_push_offset)) - { -- /* Frame with small outgoing arguments: -+ /* Frame with small area below the saved registers: - - sub sp, sp, frame_size -- stp reg1, reg2, [sp, outgoing_args_size] -- stp reg3, reg4, [sp, outgoing_args_size + 16] */ -+ stp reg1, reg2, [sp, bytes_below_saved_regs] -+ stp reg3, reg4, [sp, bytes_below_saved_regs + 16] */ - frame.initial_adjust = frame.frame_size; -- frame.callee_offset = const_outgoing_args_size; -+ frame.callee_offset = const_below_saved_regs; - } - else if (saves_below_hard_fp_p - && known_eq (frame.saved_regs_size, -@@ -8679,30 +8681,29 @@ aarch64_layout_frame (void) - - sub sp, sp, hard_fp_offset + below_hard_fp_saved_regs_size - save SVE registers relative to SP -- sub sp, sp, outgoing_args_size */ -+ sub sp, sp, bytes_below_saved_regs */ - frame.initial_adjust = (frame.hard_fp_offset - + frame.below_hard_fp_saved_regs_size); -- frame.final_adjust = crtl->outgoing_args_size; -+ frame.final_adjust = frame.bytes_below_saved_regs; - } - else if (frame.hard_fp_offset.is_constant (&const_fp_offset) - && const_fp_offset < max_push_offset) - { -- /* Frame with large outgoing arguments or SVE saves, but with -- a small local area: -+ /* Frame with large area below the saved registers, or with SVE saves, -+ but with a small area above: - - stp reg1, reg2, [sp, -hard_fp_offset]! - stp reg3, reg4, [sp, 16] - [sub sp, sp, below_hard_fp_saved_regs_size] - [save SVE registers relative to SP] -- sub sp, sp, outgoing_args_size */ -+ sub sp, sp, bytes_below_saved_regs */ - frame.callee_adjust = const_fp_offset; - frame.sve_callee_adjust = frame.below_hard_fp_saved_regs_size; -- frame.final_adjust = crtl->outgoing_args_size; -+ frame.final_adjust = frame.bytes_below_saved_regs; - } - else - { -- /* Frame with large local area and outgoing arguments or SVE saves, -- using frame pointer: -+ /* General case: - - sub sp, sp, hard_fp_offset - stp x29, x30, [sp, 0] -@@ -8710,10 +8711,10 @@ aarch64_layout_frame (void) - stp reg3, reg4, [sp, 16] - [sub sp, sp, below_hard_fp_saved_regs_size] - [save SVE registers relative to SP] -- sub sp, sp, outgoing_args_size */ -+ sub sp, sp, bytes_below_saved_regs */ - frame.initial_adjust = frame.hard_fp_offset; - frame.sve_callee_adjust = frame.below_hard_fp_saved_regs_size; -- frame.final_adjust = crtl->outgoing_args_size; -+ frame.final_adjust = frame.bytes_below_saved_regs; - } - - /* Make sure the individual adjustments add up to the full frame size. */ -@@ -9358,7 +9359,7 @@ aarch64_get_separate_components (void) - if (frame_pointer_needed) - offset -= frame.below_hard_fp_saved_regs_size; - else -- offset += crtl->outgoing_args_size; -+ offset += frame.bytes_below_saved_regs; - - /* Check that we can access the stack slot of the register with one - direct load with no adjustments needed. */ -@@ -9507,7 +9508,7 @@ aarch64_process_components (sbitmap components, bool prologue_p) - if (frame_pointer_needed) - offset -= frame.below_hard_fp_saved_regs_size; - else -- offset += crtl->outgoing_args_size; -+ offset += frame.bytes_below_saved_regs; - - rtx addr = plus_constant (Pmode, ptr_reg, offset); - rtx mem = gen_frame_mem (mode, addr); -@@ -9561,7 +9562,7 @@ aarch64_process_components (sbitmap components, bool prologue_p) - if (frame_pointer_needed) - offset2 -= frame.below_hard_fp_saved_regs_size; - else -- offset2 += crtl->outgoing_args_size; -+ offset2 += frame.bytes_below_saved_regs; - rtx addr2 = plus_constant (Pmode, ptr_reg, offset2); - rtx mem2 = gen_frame_mem (mode, addr2); - rtx set2 = prologue_p ? gen_rtx_SET (mem2, reg2) -@@ -9635,10 +9636,10 @@ aarch64_stack_clash_protection_alloca_probe_range (void) - registers. If POLY_SIZE is not large enough to require a probe this function - will only adjust the stack. When allocating the stack space - FRAME_RELATED_P is then used to indicate if the allocation is frame related. -- FINAL_ADJUSTMENT_P indicates whether we are allocating the outgoing -- arguments. If we are then we ensure that any allocation larger than the ABI -- defined buffer needs a probe so that the invariant of having a 1KB buffer is -- maintained. -+ FINAL_ADJUSTMENT_P indicates whether we are allocating the area below -+ the saved registers. If we are then we ensure that any allocation -+ larger than the ABI defined buffer needs a probe so that the -+ invariant of having a 1KB buffer is maintained. - - We emit barriers after each stack adjustment to prevent optimizations from - breaking the invariant that we never drop the stack more than a page. This -@@ -9847,7 +9848,7 @@ aarch64_allocate_and_probe_stack_space (rtx temp1, rtx temp2, - /* Handle any residuals. Residuals of at least MIN_PROBE_THRESHOLD have to - be probed. This maintains the requirement that each page is probed at - least once. For initial probing we probe only if the allocation is -- more than GUARD_SIZE - buffer, and for the outgoing arguments we probe -+ more than GUARD_SIZE - buffer, and below the saved registers we probe - if the amount is larger than buffer. GUARD_SIZE - buffer + buffer == - GUARD_SIZE. This works that for any allocation that is large enough to - trigger a probe here, we'll have at least one, and if they're not large -diff --git a/gcc/config/aarch64/aarch64.h b/gcc/config/aarch64/aarch64.h -index 73b09e20508..0b6faa3ddf1 100644 ---- a/gcc/config/aarch64/aarch64.h -+++ b/gcc/config/aarch64/aarch64.h -@@ -777,6 +777,11 @@ struct GTY (()) aarch64_frame - /* The size of the callee-save registers with a slot in REG_OFFSET. */ - poly_int64 saved_regs_size; - -+ /* The number of bytes between the bottom of the static frame (the bottom -+ of the outgoing arguments) and the bottom of the register save area. -+ This value is always a multiple of STACK_BOUNDARY. */ -+ poly_int64 bytes_below_saved_regs; -+ - /* The size of the callee-save registers with a slot in REG_OFFSET that - are saved below the hard frame pointer. */ - poly_int64 below_hard_fp_saved_regs_size; --- -2.34.1 - - -From 82f6b3e1b596ef0f4e3ac3bb9c6e88fb4458f402 Mon Sep 17 00:00:00 2001 -From: Richard Sandiford -Date: Tue, 12 Sep 2023 16:07:14 +0100 -Subject: [PATCH 05/19] aarch64: Add bytes_below_hard_fp to frame info - -Following on from the previous bytes_below_saved_regs patch, this one -records the number of bytes that are below the hard frame pointer. -This eventually replaces below_hard_fp_saved_regs_size. - -If a frame pointer is not needed, the epilogue adds final_adjust -to the stack pointer before restoring registers: - - aarch64_add_sp (tmp1_rtx, tmp0_rtx, final_adjust, true); - -Therefore, if the epilogue needs to restore the stack pointer from -the hard frame pointer, the directly corresponding offset is: - - -bytes_below_hard_fp + final_adjust - -i.e. go from the hard frame pointer to the bottom of the frame, -then add the same amount as if we were using the stack pointer -from the outset. - -gcc/ - * config/aarch64/aarch64.h (aarch64_frame::bytes_below_hard_fp): New - field. - * config/aarch64/aarch64.cc (aarch64_layout_frame): Initialize it. - (aarch64_expand_epilogue): Use it instead of - below_hard_fp_saved_regs_size. ---- - gcc/config/aarch64/aarch64.cc | 6 +++--- - gcc/config/aarch64/aarch64.h | 5 +++++ - 2 files changed, 8 insertions(+), 3 deletions(-) - -diff --git a/gcc/config/aarch64/aarch64.cc b/gcc/config/aarch64/aarch64.cc -index dacc2b0e4dd..a3f7aabcc59 100644 ---- a/gcc/config/aarch64/aarch64.cc -+++ b/gcc/config/aarch64/aarch64.cc -@@ -8530,6 +8530,7 @@ aarch64_layout_frame (void) - of the callee save area. */ - bool saves_below_hard_fp_p = maybe_ne (offset, 0); - frame.below_hard_fp_saved_regs_size = offset; -+ frame.bytes_below_hard_fp = offset + frame.bytes_below_saved_regs; - if (frame.emit_frame_chain) - { - /* FP and LR are placed in the linkage record. */ -@@ -10171,8 +10172,7 @@ aarch64_expand_epilogue (bool for_sibcall) - poly_int64 final_adjust = frame.final_adjust; - poly_int64 callee_offset = frame.callee_offset; - poly_int64 sve_callee_adjust = frame.sve_callee_adjust; -- poly_int64 below_hard_fp_saved_regs_size -- = frame.below_hard_fp_saved_regs_size; -+ poly_int64 bytes_below_hard_fp = frame.bytes_below_hard_fp; - unsigned reg1 = frame.wb_pop_candidate1; - unsigned reg2 = frame.wb_pop_candidate2; - unsigned int last_gpr = (frame.is_scs_enabled -@@ -10230,7 +10230,7 @@ aarch64_expand_epilogue (bool for_sibcall) - is restored on the instruction doing the writeback. */ - aarch64_add_offset (Pmode, stack_pointer_rtx, - hard_frame_pointer_rtx, -- -callee_offset - below_hard_fp_saved_regs_size, -+ -bytes_below_hard_fp + final_adjust, - tmp1_rtx, tmp0_rtx, callee_adjust == 0); - else - /* The case where we need to re-use the register here is very rare, so -diff --git a/gcc/config/aarch64/aarch64.h b/gcc/config/aarch64/aarch64.h -index 0b6faa3ddf1..4263d29d29d 100644 ---- a/gcc/config/aarch64/aarch64.h -+++ b/gcc/config/aarch64/aarch64.h -@@ -786,6 +786,11 @@ struct GTY (()) aarch64_frame - are saved below the hard frame pointer. */ - poly_int64 below_hard_fp_saved_regs_size; - -+ /* The number of bytes between the bottom of the static frame (the bottom -+ of the outgoing arguments) and the hard frame pointer. This value is -+ always a multiple of STACK_BOUNDARY. */ -+ poly_int64 bytes_below_hard_fp; -+ - /* Offset from the base of the frame (incomming SP) to the - top of the locals area. This value is always a multiple of - STACK_BOUNDARY. */ --- -2.34.1 - - -From 86fa43e9fe4a8bf954f2919f07cbe3646d1d1df3 Mon Sep 17 00:00:00 2001 -From: Richard Sandiford -Date: Tue, 12 Sep 2023 16:07:14 +0100 -Subject: [PATCH 06/19] aarch64: Tweak aarch64_save/restore_callee_saves - -aarch64_save_callee_saves and aarch64_restore_callee_saves took -a parameter called start_offset that gives the offset of the -bottom of the saved register area from the current stack pointer. -However, it's more convenient for later patches if we use the -bottom of the entire frame as the reference point, rather than -the bottom of the saved registers. - -Doing that removes the need for the callee_offset field. -Other than that, this is not a win on its own. It only really -makes sense in combination with the follow-on patches. - -gcc/ - * config/aarch64/aarch64.h (aarch64_frame::callee_offset): Delete. - * config/aarch64/aarch64.cc (aarch64_layout_frame): Remove - callee_offset handling. - (aarch64_save_callee_saves): Replace the start_offset parameter - with a bytes_below_sp parameter. - (aarch64_restore_callee_saves): Likewise. - (aarch64_expand_prologue): Update accordingly. - (aarch64_expand_epilogue): Likewise. ---- - gcc/config/aarch64/aarch64.cc | 56 +++++++++++++++++------------------ - gcc/config/aarch64/aarch64.h | 4 --- - 2 files changed, 28 insertions(+), 32 deletions(-) - -diff --git a/gcc/config/aarch64/aarch64.cc b/gcc/config/aarch64/aarch64.cc -index a3f7aabcc59..46ae5cf7673 100644 ---- a/gcc/config/aarch64/aarch64.cc -+++ b/gcc/config/aarch64/aarch64.cc -@@ -8604,7 +8604,6 @@ aarch64_layout_frame (void) - frame.final_adjust = 0; - frame.callee_adjust = 0; - frame.sve_callee_adjust = 0; -- frame.callee_offset = 0; - - frame.wb_pop_candidate1 = frame.wb_push_candidate1; - frame.wb_pop_candidate2 = frame.wb_push_candidate2; -@@ -8672,7 +8671,6 @@ aarch64_layout_frame (void) - stp reg1, reg2, [sp, bytes_below_saved_regs] - stp reg3, reg4, [sp, bytes_below_saved_regs + 16] */ - frame.initial_adjust = frame.frame_size; -- frame.callee_offset = const_below_saved_regs; - } - else if (saves_below_hard_fp_p - && known_eq (frame.saved_regs_size, -@@ -9073,12 +9071,13 @@ aarch64_add_cfa_expression (rtx_insn *insn, rtx reg, - } - - /* Emit code to save the callee-saved registers from register number START -- to LIMIT to the stack at the location starting at offset START_OFFSET, -- skipping any write-back candidates if SKIP_WB is true. HARD_FP_VALID_P -- is true if the hard frame pointer has been set up. */ -+ to LIMIT to the stack. The stack pointer is currently BYTES_BELOW_SP -+ bytes above the bottom of the static frame. Skip any write-back -+ candidates if SKIP_WB is true. HARD_FP_VALID_P is true if the hard -+ frame pointer has been set up. */ - - static void --aarch64_save_callee_saves (poly_int64 start_offset, -+aarch64_save_callee_saves (poly_int64 bytes_below_sp, - unsigned start, unsigned limit, bool skip_wb, - bool hard_fp_valid_p) - { -@@ -9106,7 +9105,9 @@ aarch64_save_callee_saves (poly_int64 start_offset, - - machine_mode mode = aarch64_reg_save_mode (regno); - reg = gen_rtx_REG (mode, regno); -- offset = start_offset + frame.reg_offset[regno]; -+ offset = (frame.reg_offset[regno] -+ + frame.bytes_below_saved_regs -+ - bytes_below_sp); - rtx base_rtx = stack_pointer_rtx; - poly_int64 sp_offset = offset; - -@@ -9117,9 +9118,7 @@ aarch64_save_callee_saves (poly_int64 start_offset, - else if (GP_REGNUM_P (regno) - && (!offset.is_constant (&const_offset) || const_offset >= 512)) - { -- gcc_assert (known_eq (start_offset, 0)); -- poly_int64 fp_offset -- = frame.below_hard_fp_saved_regs_size; -+ poly_int64 fp_offset = frame.bytes_below_hard_fp - bytes_below_sp; - if (hard_fp_valid_p) - base_rtx = hard_frame_pointer_rtx; - else -@@ -9183,12 +9182,13 @@ aarch64_save_callee_saves (poly_int64 start_offset, - } - - /* Emit code to restore the callee registers from register number START -- up to and including LIMIT. Restore from the stack offset START_OFFSET, -- skipping any write-back candidates if SKIP_WB is true. Write the -- appropriate REG_CFA_RESTORE notes into CFI_OPS. */ -+ up to and including LIMIT. The stack pointer is currently BYTES_BELOW_SP -+ bytes above the bottom of the static frame. Skip any write-back -+ candidates if SKIP_WB is true. Write the appropriate REG_CFA_RESTORE -+ notes into CFI_OPS. */ - - static void --aarch64_restore_callee_saves (poly_int64 start_offset, unsigned start, -+aarch64_restore_callee_saves (poly_int64 bytes_below_sp, unsigned start, - unsigned limit, bool skip_wb, rtx *cfi_ops) - { - aarch64_frame &frame = cfun->machine->frame; -@@ -9214,7 +9214,9 @@ aarch64_restore_callee_saves (poly_int64 start_offset, unsigned start, - - machine_mode mode = aarch64_reg_save_mode (regno); - reg = gen_rtx_REG (mode, regno); -- offset = start_offset + frame.reg_offset[regno]; -+ offset = (frame.reg_offset[regno] -+ + frame.bytes_below_saved_regs -+ - bytes_below_sp); - rtx base_rtx = stack_pointer_rtx; - if (mode == VNx2DImode && BYTES_BIG_ENDIAN) - aarch64_adjust_sve_callee_save_base (mode, base_rtx, anchor_reg, -@@ -9990,8 +9992,6 @@ aarch64_expand_prologue (void) - HOST_WIDE_INT callee_adjust = frame.callee_adjust; - poly_int64 final_adjust = frame.final_adjust; - poly_int64 sve_callee_adjust = frame.sve_callee_adjust; -- poly_int64 below_hard_fp_saved_regs_size -- = frame.below_hard_fp_saved_regs_size; - unsigned reg1 = frame.wb_push_candidate1; - unsigned reg2 = frame.wb_push_candidate2; - bool emit_frame_chain = frame.emit_frame_chain; -@@ -10067,8 +10067,8 @@ aarch64_expand_prologue (void) - - frame.hard_fp_offset); - gcc_assert (known_ge (chain_offset, 0)); - -- /* The offset of the bottom of the save area from the current SP. */ -- poly_int64 saved_regs_offset = chain_offset - below_hard_fp_saved_regs_size; -+ /* The offset of the current SP from the bottom of the static frame. */ -+ poly_int64 bytes_below_sp = frame_size - initial_adjust - callee_adjust; - - if (emit_frame_chain) - { -@@ -10076,7 +10076,7 @@ aarch64_expand_prologue (void) - { - reg1 = R29_REGNUM; - reg2 = R30_REGNUM; -- aarch64_save_callee_saves (saved_regs_offset, reg1, reg2, -+ aarch64_save_callee_saves (bytes_below_sp, reg1, reg2, - false, false); - } - else -@@ -10116,7 +10116,7 @@ aarch64_expand_prologue (void) - emit_insn (gen_stack_tie (stack_pointer_rtx, hard_frame_pointer_rtx)); - } - -- aarch64_save_callee_saves (saved_regs_offset, R0_REGNUM, R30_REGNUM, -+ aarch64_save_callee_saves (bytes_below_sp, R0_REGNUM, R30_REGNUM, - callee_adjust != 0 || emit_frame_chain, - emit_frame_chain); - if (maybe_ne (sve_callee_adjust, 0)) -@@ -10126,16 +10126,17 @@ aarch64_expand_prologue (void) - aarch64_allocate_and_probe_stack_space (tmp1_rtx, tmp0_rtx, - sve_callee_adjust, - !frame_pointer_needed, false); -- saved_regs_offset += sve_callee_adjust; -+ bytes_below_sp -= sve_callee_adjust; - } -- aarch64_save_callee_saves (saved_regs_offset, P0_REGNUM, P15_REGNUM, -+ aarch64_save_callee_saves (bytes_below_sp, P0_REGNUM, P15_REGNUM, - false, emit_frame_chain); -- aarch64_save_callee_saves (saved_regs_offset, V0_REGNUM, V31_REGNUM, -+ aarch64_save_callee_saves (bytes_below_sp, V0_REGNUM, V31_REGNUM, - callee_adjust != 0 || emit_frame_chain, - emit_frame_chain); - - /* We may need to probe the final adjustment if it is larger than the guard - that is assumed by the called. */ -+ gcc_assert (known_eq (bytes_below_sp, final_adjust)); - aarch64_allocate_and_probe_stack_space (tmp1_rtx, tmp0_rtx, final_adjust, - !frame_pointer_needed, true); - } -@@ -10170,7 +10171,6 @@ aarch64_expand_epilogue (bool for_sibcall) - poly_int64 initial_adjust = frame.initial_adjust; - HOST_WIDE_INT callee_adjust = frame.callee_adjust; - poly_int64 final_adjust = frame.final_adjust; -- poly_int64 callee_offset = frame.callee_offset; - poly_int64 sve_callee_adjust = frame.sve_callee_adjust; - poly_int64 bytes_below_hard_fp = frame.bytes_below_hard_fp; - unsigned reg1 = frame.wb_pop_candidate1; -@@ -10240,9 +10240,9 @@ aarch64_expand_epilogue (bool for_sibcall) - - /* Restore the vector registers before the predicate registers, - so that we can use P4 as a temporary for big-endian SVE frames. */ -- aarch64_restore_callee_saves (callee_offset, V0_REGNUM, V31_REGNUM, -+ aarch64_restore_callee_saves (final_adjust, V0_REGNUM, V31_REGNUM, - callee_adjust != 0, &cfi_ops); -- aarch64_restore_callee_saves (callee_offset, P0_REGNUM, P15_REGNUM, -+ aarch64_restore_callee_saves (final_adjust, P0_REGNUM, P15_REGNUM, - false, &cfi_ops); - if (maybe_ne (sve_callee_adjust, 0)) - aarch64_add_sp (NULL_RTX, NULL_RTX, sve_callee_adjust, true); -@@ -10250,7 +10250,7 @@ aarch64_expand_epilogue (bool for_sibcall) - /* When shadow call stack is enabled, the scs_pop in the epilogue will - restore x30, we don't need to restore x30 again in the traditional - way. */ -- aarch64_restore_callee_saves (callee_offset - sve_callee_adjust, -+ aarch64_restore_callee_saves (final_adjust + sve_callee_adjust, - R0_REGNUM, last_gpr, - callee_adjust != 0, &cfi_ops); - -diff --git a/gcc/config/aarch64/aarch64.h b/gcc/config/aarch64/aarch64.h -index 4263d29d29d..fd820b1be4e 100644 ---- a/gcc/config/aarch64/aarch64.h -+++ b/gcc/config/aarch64/aarch64.h -@@ -813,10 +813,6 @@ struct GTY (()) aarch64_frame - It is zero when no push is used. */ - HOST_WIDE_INT callee_adjust; - -- /* The offset from SP to the callee-save registers after initial_adjust. -- It may be non-zero if no push is used (ie. callee_adjust == 0). */ -- poly_int64 callee_offset; -- - /* The size of the stack adjustment before saving or after restoring - SVE registers. */ - poly_int64 sve_callee_adjust; --- -2.34.1 - - -From 8ae9181426f2700c2e5a2909487fa630e6fa406b Mon Sep 17 00:00:00 2001 -From: Richard Sandiford -Date: Tue, 12 Sep 2023 16:07:15 +0100 -Subject: [PATCH 07/19] aarch64: Only calculate chain_offset if there is a - chain - -After previous patches, it is no longer necessary to calculate -a chain_offset in cases where there is no chain record. - -gcc/ - * config/aarch64/aarch64.cc (aarch64_expand_prologue): Move the - calculation of chain_offset into the emit_frame_chain block. ---- - gcc/config/aarch64/aarch64.cc | 10 +++++----- - 1 file changed, 5 insertions(+), 5 deletions(-) - -diff --git a/gcc/config/aarch64/aarch64.cc b/gcc/config/aarch64/aarch64.cc -index 46ae5cf7673..0e9b9717c08 100644 ---- a/gcc/config/aarch64/aarch64.cc -+++ b/gcc/config/aarch64/aarch64.cc -@@ -10062,16 +10062,16 @@ aarch64_expand_prologue (void) - if (callee_adjust != 0) - aarch64_push_regs (reg1, reg2, callee_adjust); - -- /* The offset of the frame chain record (if any) from the current SP. */ -- poly_int64 chain_offset = (initial_adjust + callee_adjust -- - frame.hard_fp_offset); -- gcc_assert (known_ge (chain_offset, 0)); -- - /* The offset of the current SP from the bottom of the static frame. */ - poly_int64 bytes_below_sp = frame_size - initial_adjust - callee_adjust; - - if (emit_frame_chain) - { -+ /* The offset of the frame chain record (if any) from the current SP. */ -+ poly_int64 chain_offset = (initial_adjust + callee_adjust -+ - frame.hard_fp_offset); -+ gcc_assert (known_ge (chain_offset, 0)); -+ - if (callee_adjust == 0) - { - reg1 = R29_REGNUM; --- -2.34.1 - - -From 375794feb614cee1f41b710b9cc1b6f25da6c1cb Mon Sep 17 00:00:00 2001 -From: Richard Sandiford -Date: Tue, 12 Sep 2023 16:07:15 +0100 -Subject: [PATCH 08/19] aarch64: Rename locals_offset to bytes_above_locals -MIME-Version: 1.0 -Content-Type: text/plain; charset=UTF-8 -Content-Transfer-Encoding: 8bit - -locals_offset was described as: - - /* Offset from the base of the frame (incomming SP) to the - top of the locals area. This value is always a multiple of - STACK_BOUNDARY. */ - -This is implicitly an “upside down” view of the frame: the incoming -SP is at offset 0, and anything N bytes below the incoming SP is at -offset N (rather than -N). - -However, reg_offset instead uses a “right way up” view; that is, -it views offsets in address terms. Something above X is at a -positive offset from X and something below X is at a negative -offset from X. - -Also, even on FRAME_GROWS_DOWNWARD targets like AArch64, -target-independent code views offsets in address terms too: -locals are allocated at negative offsets to virtual_stack_vars. - -It seems confusing to have *_offset fields of the same structure -using different polarities like this. This patch tries to avoid -that by renaming locals_offset to bytes_above_locals. - -gcc/ - * config/aarch64/aarch64.h (aarch64_frame::locals_offset): Rename to... - (aarch64_frame::bytes_above_locals): ...this. - * config/aarch64/aarch64.cc (aarch64_layout_frame) - (aarch64_initial_elimination_offset): Update accordingly. ---- - gcc/config/aarch64/aarch64.cc | 6 +++--- - gcc/config/aarch64/aarch64.h | 6 +++--- - 2 files changed, 6 insertions(+), 6 deletions(-) - -diff --git a/gcc/config/aarch64/aarch64.cc b/gcc/config/aarch64/aarch64.cc -index 0e9b9717c08..0a22f91520e 100644 ---- a/gcc/config/aarch64/aarch64.cc -+++ b/gcc/config/aarch64/aarch64.cc -@@ -8598,7 +8598,7 @@ aarch64_layout_frame (void) - STACK_BOUNDARY / BITS_PER_UNIT)); - frame.frame_size = saved_regs_and_above + frame.bytes_below_saved_regs; - -- frame.locals_offset = frame.saved_varargs_size; -+ frame.bytes_above_locals = frame.saved_varargs_size; - - frame.initial_adjust = 0; - frame.final_adjust = 0; -@@ -12754,13 +12754,13 @@ aarch64_initial_elimination_offset (unsigned from, unsigned to) - return frame.hard_fp_offset; - - if (from == FRAME_POINTER_REGNUM) -- return frame.hard_fp_offset - frame.locals_offset; -+ return frame.hard_fp_offset - frame.bytes_above_locals; - } - - if (to == STACK_POINTER_REGNUM) - { - if (from == FRAME_POINTER_REGNUM) -- return frame.frame_size - frame.locals_offset; -+ return frame.frame_size - frame.bytes_above_locals; - } - - return frame.frame_size; -diff --git a/gcc/config/aarch64/aarch64.h b/gcc/config/aarch64/aarch64.h -index fd820b1be4e..7ae12d13e2b 100644 ---- a/gcc/config/aarch64/aarch64.h -+++ b/gcc/config/aarch64/aarch64.h -@@ -791,10 +791,10 @@ struct GTY (()) aarch64_frame - always a multiple of STACK_BOUNDARY. */ - poly_int64 bytes_below_hard_fp; - -- /* Offset from the base of the frame (incomming SP) to the -- top of the locals area. This value is always a multiple of -+ /* The number of bytes between the top of the locals area and the top -+ of the frame (the incomming SP). This value is always a multiple of - STACK_BOUNDARY. */ -- poly_int64 locals_offset; -+ poly_int64 bytes_above_locals; - - /* Offset from the base of the frame (incomming SP) to the - hard_frame_pointer. This value is always a multiple of --- -2.34.1 - - -From 1a9ea1c45c75615ffbfabe652b3598a1d7be2168 Mon Sep 17 00:00:00 2001 -From: Richard Sandiford -Date: Tue, 12 Sep 2023 16:07:16 +0100 -Subject: [PATCH 09/19] aarch64: Rename hard_fp_offset to bytes_above_hard_fp -MIME-Version: 1.0 -Content-Type: text/plain; charset=UTF-8 -Content-Transfer-Encoding: 8bit - -Similarly to the previous locals_offset patch, hard_fp_offset -was described as: - - /* Offset from the base of the frame (incomming SP) to the - hard_frame_pointer. This value is always a multiple of - STACK_BOUNDARY. */ - poly_int64 hard_fp_offset; - -which again took an “upside-down” view: higher offsets meant lower -addresses. This patch renames the field to bytes_above_hard_fp instead. - -gcc/ - * config/aarch64/aarch64.h (aarch64_frame::hard_fp_offset): Rename - to... - (aarch64_frame::bytes_above_hard_fp): ...this. - * config/aarch64/aarch64.cc (aarch64_layout_frame) - (aarch64_expand_prologue): Update accordingly. - (aarch64_initial_elimination_offset): Likewise. ---- - gcc/config/aarch64/aarch64.cc | 26 +++++++++++++------------- - gcc/config/aarch64/aarch64.h | 6 +++--- - 2 files changed, 16 insertions(+), 16 deletions(-) - -diff --git a/gcc/config/aarch64/aarch64.cc b/gcc/config/aarch64/aarch64.cc -index 0a22f91520e..95499ae49ba 100644 ---- a/gcc/config/aarch64/aarch64.cc -+++ b/gcc/config/aarch64/aarch64.cc -@@ -8590,7 +8590,7 @@ aarch64_layout_frame (void) - + get_frame_size (), - STACK_BOUNDARY / BITS_PER_UNIT); - -- frame.hard_fp_offset -+ frame.bytes_above_hard_fp - = saved_regs_and_above - frame.below_hard_fp_saved_regs_size; - - /* Both these values are already aligned. */ -@@ -8639,13 +8639,13 @@ aarch64_layout_frame (void) - else if (frame.wb_pop_candidate1 != INVALID_REGNUM) - max_push_offset = 256; - -- HOST_WIDE_INT const_size, const_below_saved_regs, const_fp_offset; -+ HOST_WIDE_INT const_size, const_below_saved_regs, const_above_fp; - HOST_WIDE_INT const_saved_regs_size; - if (known_eq (frame.saved_regs_size, 0)) - frame.initial_adjust = frame.frame_size; - else if (frame.frame_size.is_constant (&const_size) - && const_size < max_push_offset -- && known_eq (frame.hard_fp_offset, const_size)) -+ && known_eq (frame.bytes_above_hard_fp, const_size)) - { - /* Simple, small frame with no data below the saved registers. - -@@ -8662,8 +8662,8 @@ aarch64_layout_frame (void) - case that it hardly seems worth the effort though. */ - && (!saves_below_hard_fp_p || const_below_saved_regs == 0) - && !(cfun->calls_alloca -- && frame.hard_fp_offset.is_constant (&const_fp_offset) -- && const_fp_offset < max_push_offset)) -+ && frame.bytes_above_hard_fp.is_constant (&const_above_fp) -+ && const_above_fp < max_push_offset)) - { - /* Frame with small area below the saved registers: - -@@ -8681,12 +8681,12 @@ aarch64_layout_frame (void) - sub sp, sp, hard_fp_offset + below_hard_fp_saved_regs_size - save SVE registers relative to SP - sub sp, sp, bytes_below_saved_regs */ -- frame.initial_adjust = (frame.hard_fp_offset -+ frame.initial_adjust = (frame.bytes_above_hard_fp - + frame.below_hard_fp_saved_regs_size); - frame.final_adjust = frame.bytes_below_saved_regs; - } -- else if (frame.hard_fp_offset.is_constant (&const_fp_offset) -- && const_fp_offset < max_push_offset) -+ else if (frame.bytes_above_hard_fp.is_constant (&const_above_fp) -+ && const_above_fp < max_push_offset) - { - /* Frame with large area below the saved registers, or with SVE saves, - but with a small area above: -@@ -8696,7 +8696,7 @@ aarch64_layout_frame (void) - [sub sp, sp, below_hard_fp_saved_regs_size] - [save SVE registers relative to SP] - sub sp, sp, bytes_below_saved_regs */ -- frame.callee_adjust = const_fp_offset; -+ frame.callee_adjust = const_above_fp; - frame.sve_callee_adjust = frame.below_hard_fp_saved_regs_size; - frame.final_adjust = frame.bytes_below_saved_regs; - } -@@ -8711,7 +8711,7 @@ aarch64_layout_frame (void) - [sub sp, sp, below_hard_fp_saved_regs_size] - [save SVE registers relative to SP] - sub sp, sp, bytes_below_saved_regs */ -- frame.initial_adjust = frame.hard_fp_offset; -+ frame.initial_adjust = frame.bytes_above_hard_fp; - frame.sve_callee_adjust = frame.below_hard_fp_saved_regs_size; - frame.final_adjust = frame.bytes_below_saved_regs; - } -@@ -10069,7 +10069,7 @@ aarch64_expand_prologue (void) - { - /* The offset of the frame chain record (if any) from the current SP. */ - poly_int64 chain_offset = (initial_adjust + callee_adjust -- - frame.hard_fp_offset); -+ - frame.bytes_above_hard_fp); - gcc_assert (known_ge (chain_offset, 0)); - - if (callee_adjust == 0) -@@ -12751,10 +12751,10 @@ aarch64_initial_elimination_offset (unsigned from, unsigned to) - if (to == HARD_FRAME_POINTER_REGNUM) - { - if (from == ARG_POINTER_REGNUM) -- return frame.hard_fp_offset; -+ return frame.bytes_above_hard_fp; - - if (from == FRAME_POINTER_REGNUM) -- return frame.hard_fp_offset - frame.bytes_above_locals; -+ return frame.bytes_above_hard_fp - frame.bytes_above_locals; - } - - if (to == STACK_POINTER_REGNUM) -diff --git a/gcc/config/aarch64/aarch64.h b/gcc/config/aarch64/aarch64.h -index 7ae12d13e2b..3808f49e9ca 100644 ---- a/gcc/config/aarch64/aarch64.h -+++ b/gcc/config/aarch64/aarch64.h -@@ -796,10 +796,10 @@ struct GTY (()) aarch64_frame - STACK_BOUNDARY. */ - poly_int64 bytes_above_locals; - -- /* Offset from the base of the frame (incomming SP) to the -- hard_frame_pointer. This value is always a multiple of -+ /* The number of bytes between the hard_frame_pointer and the top of -+ the frame (the incomming SP). This value is always a multiple of - STACK_BOUNDARY. */ -- poly_int64 hard_fp_offset; -+ poly_int64 bytes_above_hard_fp; - - /* The size of the frame. This value is the offset from base of the - frame (incomming SP) to the stack_pointer. This value is always --- -2.34.1 - - -From d202ce1ecf60a36a3e1009917dd76109248ce9be Mon Sep 17 00:00:00 2001 -From: Richard Sandiford -Date: Tue, 12 Sep 2023 16:07:16 +0100 -Subject: [PATCH 10/19] aarch64: Tweak frame_size comment -MIME-Version: 1.0 -Content-Type: text/plain; charset=UTF-8 -Content-Transfer-Encoding: 8bit - -This patch fixes another case in which a value was described with -an “upside-down” view. - -gcc/ - * config/aarch64/aarch64.h (aarch64_frame::frame_size): Tweak comment. ---- - gcc/config/aarch64/aarch64.h | 4 ++-- - 1 file changed, 2 insertions(+), 2 deletions(-) - -diff --git a/gcc/config/aarch64/aarch64.h b/gcc/config/aarch64/aarch64.h -index 3808f49e9ca..108a5731b0d 100644 ---- a/gcc/config/aarch64/aarch64.h -+++ b/gcc/config/aarch64/aarch64.h -@@ -801,8 +801,8 @@ struct GTY (()) aarch64_frame - STACK_BOUNDARY. */ - poly_int64 bytes_above_hard_fp; - -- /* The size of the frame. This value is the offset from base of the -- frame (incomming SP) to the stack_pointer. This value is always -+ /* The size of the frame, i.e. the number of bytes between the bottom -+ of the outgoing arguments and the incoming SP. This value is always - a multiple of STACK_BOUNDARY. */ - poly_int64 frame_size; - --- -2.34.1 - - -From f2b585375205b0a1802d79c682ba33766ecd1f0f Mon Sep 17 00:00:00 2001 -From: Richard Sandiford -Date: Tue, 12 Sep 2023 16:07:17 +0100 -Subject: [PATCH 11/19] aarch64: Measure reg_offset from the bottom of the - frame - -reg_offset was measured from the bottom of the saved register area. -This made perfect sense with the original layout, since the bottom -of the saved register area was also the hard frame pointer address. -It became slightly less obvious with SVE, since we save SVE -registers below the hard frame pointer, but it still made sense. - -However, if we want to allow different frame layouts, it's more -convenient and obvious to measure reg_offset from the bottom of -the frame. After previous patches, it's also a slight simplification -in its own right. - -gcc/ - * config/aarch64/aarch64.h (aarch64_frame): Add comment above - reg_offset. - * config/aarch64/aarch64.cc (aarch64_layout_frame): Walk offsets - from the bottom of the frame, rather than the bottom of the saved - register area. Measure reg_offset from the bottom of the frame - rather than the bottom of the saved register area. - (aarch64_save_callee_saves): Update accordingly. - (aarch64_restore_callee_saves): Likewise. - (aarch64_get_separate_components): Likewise. - (aarch64_process_components): Likewise. ---- - gcc/config/aarch64/aarch64.cc | 53 ++++++++++++++++------------------- - gcc/config/aarch64/aarch64.h | 3 ++ - 2 files changed, 27 insertions(+), 29 deletions(-) - -diff --git a/gcc/config/aarch64/aarch64.cc b/gcc/config/aarch64/aarch64.cc -index 95499ae49ba..af99807ef8a 100644 ---- a/gcc/config/aarch64/aarch64.cc -+++ b/gcc/config/aarch64/aarch64.cc -@@ -8400,7 +8400,6 @@ aarch64_needs_frame_chain (void) - static void - aarch64_layout_frame (void) - { -- poly_int64 offset = 0; - int regno, last_fp_reg = INVALID_REGNUM; - machine_mode vector_save_mode = aarch64_reg_save_mode (V8_REGNUM); - poly_int64 vector_save_size = GET_MODE_SIZE (vector_save_mode); -@@ -8478,7 +8477,9 @@ aarch64_layout_frame (void) - gcc_assert (crtl->is_leaf - || maybe_ne (frame.reg_offset[R30_REGNUM], SLOT_NOT_REQUIRED)); - -- frame.bytes_below_saved_regs = crtl->outgoing_args_size; -+ poly_int64 offset = crtl->outgoing_args_size; -+ gcc_assert (multiple_p (offset, STACK_BOUNDARY / BITS_PER_UNIT)); -+ frame.bytes_below_saved_regs = offset; - - /* Now assign stack slots for the registers. Start with the predicate - registers, since predicate LDR and STR have a relatively small -@@ -8490,7 +8491,8 @@ aarch64_layout_frame (void) - offset += BYTES_PER_SVE_PRED; - } - -- if (maybe_ne (offset, 0)) -+ poly_int64 saved_prs_size = offset - frame.bytes_below_saved_regs; -+ if (maybe_ne (saved_prs_size, 0)) - { - /* If we have any vector registers to save above the predicate registers, - the offset of the vector register save slots need to be a multiple -@@ -8508,10 +8510,10 @@ aarch64_layout_frame (void) - offset = aligned_upper_bound (offset, STACK_BOUNDARY / BITS_PER_UNIT); - else - { -- if (known_le (offset, vector_save_size)) -- offset = vector_save_size; -- else if (known_le (offset, vector_save_size * 2)) -- offset = vector_save_size * 2; -+ if (known_le (saved_prs_size, vector_save_size)) -+ offset = frame.bytes_below_saved_regs + vector_save_size; -+ else if (known_le (saved_prs_size, vector_save_size * 2)) -+ offset = frame.bytes_below_saved_regs + vector_save_size * 2; - else - gcc_unreachable (); - } -@@ -8528,9 +8530,10 @@ aarch64_layout_frame (void) - - /* OFFSET is now the offset of the hard frame pointer from the bottom - of the callee save area. */ -- bool saves_below_hard_fp_p = maybe_ne (offset, 0); -- frame.below_hard_fp_saved_regs_size = offset; -- frame.bytes_below_hard_fp = offset + frame.bytes_below_saved_regs; -+ frame.below_hard_fp_saved_regs_size = offset - frame.bytes_below_saved_regs; -+ bool saves_below_hard_fp_p -+ = maybe_ne (frame.below_hard_fp_saved_regs_size, 0); -+ frame.bytes_below_hard_fp = offset; - if (frame.emit_frame_chain) - { - /* FP and LR are placed in the linkage record. */ -@@ -8581,9 +8584,10 @@ aarch64_layout_frame (void) - - offset = aligned_upper_bound (offset, STACK_BOUNDARY / BITS_PER_UNIT); - -- frame.saved_regs_size = offset; -+ frame.saved_regs_size = offset - frame.bytes_below_saved_regs; - -- poly_int64 varargs_and_saved_regs_size = offset + frame.saved_varargs_size; -+ poly_int64 varargs_and_saved_regs_size -+ = frame.saved_regs_size + frame.saved_varargs_size; - - poly_int64 saved_regs_and_above - = aligned_upper_bound (varargs_and_saved_regs_size -@@ -9105,9 +9109,7 @@ aarch64_save_callee_saves (poly_int64 bytes_below_sp, - - machine_mode mode = aarch64_reg_save_mode (regno); - reg = gen_rtx_REG (mode, regno); -- offset = (frame.reg_offset[regno] -- + frame.bytes_below_saved_regs -- - bytes_below_sp); -+ offset = frame.reg_offset[regno] - bytes_below_sp; - rtx base_rtx = stack_pointer_rtx; - poly_int64 sp_offset = offset; - -@@ -9214,9 +9216,7 @@ aarch64_restore_callee_saves (poly_int64 bytes_below_sp, unsigned start, - - machine_mode mode = aarch64_reg_save_mode (regno); - reg = gen_rtx_REG (mode, regno); -- offset = (frame.reg_offset[regno] -- + frame.bytes_below_saved_regs -- - bytes_below_sp); -+ offset = frame.reg_offset[regno] - bytes_below_sp; - rtx base_rtx = stack_pointer_rtx; - if (mode == VNx2DImode && BYTES_BIG_ENDIAN) - aarch64_adjust_sve_callee_save_base (mode, base_rtx, anchor_reg, -@@ -9355,14 +9355,12 @@ aarch64_get_separate_components (void) - it as a stack probe for -fstack-clash-protection. */ - if (flag_stack_clash_protection - && maybe_ne (frame.below_hard_fp_saved_regs_size, 0) -- && known_eq (offset, 0)) -+ && known_eq (offset, frame.bytes_below_saved_regs)) - continue; - - /* Get the offset relative to the register we'll use. */ - if (frame_pointer_needed) -- offset -= frame.below_hard_fp_saved_regs_size; -- else -- offset += frame.bytes_below_saved_regs; -+ offset -= frame.bytes_below_hard_fp; - - /* Check that we can access the stack slot of the register with one - direct load with no adjustments needed. */ -@@ -9509,9 +9507,7 @@ aarch64_process_components (sbitmap components, bool prologue_p) - rtx reg = gen_rtx_REG (mode, regno); - poly_int64 offset = frame.reg_offset[regno]; - if (frame_pointer_needed) -- offset -= frame.below_hard_fp_saved_regs_size; -- else -- offset += frame.bytes_below_saved_regs; -+ offset -= frame.bytes_below_hard_fp; - - rtx addr = plus_constant (Pmode, ptr_reg, offset); - rtx mem = gen_frame_mem (mode, addr); -@@ -9563,9 +9559,7 @@ aarch64_process_components (sbitmap components, bool prologue_p) - /* REGNO2 can be saved/restored in a pair with REGNO. */ - rtx reg2 = gen_rtx_REG (mode, regno2); - if (frame_pointer_needed) -- offset2 -= frame.below_hard_fp_saved_regs_size; -- else -- offset2 += frame.bytes_below_saved_regs; -+ offset2 -= frame.bytes_below_hard_fp; - rtx addr2 = plus_constant (Pmode, ptr_reg, offset2); - rtx mem2 = gen_frame_mem (mode, addr2); - rtx set2 = prologue_p ? gen_rtx_SET (mem2, reg2) -@@ -9681,7 +9675,8 @@ aarch64_allocate_and_probe_stack_space (rtx temp1, rtx temp2, - if (final_adjustment_p - && known_eq (frame.below_hard_fp_saved_regs_size, 0)) - { -- poly_int64 lr_offset = frame.reg_offset[LR_REGNUM]; -+ poly_int64 lr_offset = (frame.reg_offset[LR_REGNUM] -+ - frame.bytes_below_saved_regs); - if (known_ge (lr_offset, 0)) - min_probe_threshold -= lr_offset.to_constant (); - else -diff --git a/gcc/config/aarch64/aarch64.h b/gcc/config/aarch64/aarch64.h -index 108a5731b0d..c8becb098c8 100644 ---- a/gcc/config/aarch64/aarch64.h -+++ b/gcc/config/aarch64/aarch64.h -@@ -766,6 +766,9 @@ extern enum aarch64_processor aarch64_tune; - #ifdef HAVE_POLY_INT_H - struct GTY (()) aarch64_frame - { -+ /* The offset from the bottom of the static frame (the bottom of the -+ outgoing arguments) of each register save slot, or -2 if no save is -+ needed. */ - poly_int64 reg_offset[LAST_SAVED_REGNUM + 1]; - - /* The number of extra stack bytes taken up by register varargs. --- -2.34.1 - - -From 79faabda181d0d9fd29a3cf5726ba65bdee945b5 Mon Sep 17 00:00:00 2001 -From: Richard Sandiford -Date: Tue, 12 Sep 2023 16:07:17 +0100 -Subject: [PATCH 12/19] aarch64: Simplify top of frame allocation - -After previous patches, it no longer really makes sense to allocate -the top of the frame in terms of varargs_and_saved_regs_size and -saved_regs_and_above. - -gcc/ - * config/aarch64/aarch64.cc (aarch64_layout_frame): Simplify - the allocation of the top of the frame. ---- - gcc/config/aarch64/aarch64.cc | 23 ++++++++--------------- - 1 file changed, 8 insertions(+), 15 deletions(-) - -diff --git a/gcc/config/aarch64/aarch64.cc b/gcc/config/aarch64/aarch64.cc -index af99807ef8a..31b00094c2a 100644 ---- a/gcc/config/aarch64/aarch64.cc -+++ b/gcc/config/aarch64/aarch64.cc -@@ -8586,23 +8586,16 @@ aarch64_layout_frame (void) - - frame.saved_regs_size = offset - frame.bytes_below_saved_regs; - -- poly_int64 varargs_and_saved_regs_size -- = frame.saved_regs_size + frame.saved_varargs_size; -- -- poly_int64 saved_regs_and_above -- = aligned_upper_bound (varargs_and_saved_regs_size -- + get_frame_size (), -- STACK_BOUNDARY / BITS_PER_UNIT); -- -- frame.bytes_above_hard_fp -- = saved_regs_and_above - frame.below_hard_fp_saved_regs_size; -+ offset += get_frame_size (); -+ offset = aligned_upper_bound (offset, STACK_BOUNDARY / BITS_PER_UNIT); -+ auto top_of_locals = offset; - -- /* Both these values are already aligned. */ -- gcc_assert (multiple_p (frame.bytes_below_saved_regs, -- STACK_BOUNDARY / BITS_PER_UNIT)); -- frame.frame_size = saved_regs_and_above + frame.bytes_below_saved_regs; -+ offset += frame.saved_varargs_size; -+ gcc_assert (multiple_p (offset, STACK_BOUNDARY / BITS_PER_UNIT)); -+ frame.frame_size = offset; - -- frame.bytes_above_locals = frame.saved_varargs_size; -+ frame.bytes_above_hard_fp = frame.frame_size - frame.bytes_below_hard_fp; -+ frame.bytes_above_locals = frame.frame_size - top_of_locals; - - frame.initial_adjust = 0; - frame.final_adjust = 0; --- -2.34.1 - - -From 4e62049e403b141e6f916176160dac8cbd65fe47 Mon Sep 17 00:00:00 2001 -From: Richard Sandiford -Date: Tue, 12 Sep 2023 16:07:18 +0100 -Subject: [PATCH 13/19] aarch64: Minor initial adjustment tweak - -This patch just changes a calculation of initial_adjust -to one that makes it slightly more obvious that the total -adjustment is frame.frame_size. - -gcc/ - * config/aarch64/aarch64.cc (aarch64_layout_frame): Tweak - calculation of initial_adjust for frames in which all saves - are SVE saves. ---- - gcc/config/aarch64/aarch64.cc | 5 ++--- - 1 file changed, 2 insertions(+), 3 deletions(-) - -diff --git a/gcc/config/aarch64/aarch64.cc b/gcc/config/aarch64/aarch64.cc -index 31b00094c2a..1aa79da0673 100644 ---- a/gcc/config/aarch64/aarch64.cc -+++ b/gcc/config/aarch64/aarch64.cc -@@ -8675,11 +8675,10 @@ aarch64_layout_frame (void) - { - /* Frame in which all saves are SVE saves: - -- sub sp, sp, hard_fp_offset + below_hard_fp_saved_regs_size -+ sub sp, sp, frame_size - bytes_below_saved_regs - save SVE registers relative to SP - sub sp, sp, bytes_below_saved_regs */ -- frame.initial_adjust = (frame.bytes_above_hard_fp -- + frame.below_hard_fp_saved_regs_size); -+ frame.initial_adjust = frame.frame_size - frame.bytes_below_saved_regs; - frame.final_adjust = frame.bytes_below_saved_regs; - } - else if (frame.bytes_above_hard_fp.is_constant (&const_above_fp) --- -2.34.1 - - -From aaa1a0a5912d9e5d571e5f1c6f09ceac99544ab5 Mon Sep 17 00:00:00 2001 -From: Richard Sandiford -Date: Tue, 12 Sep 2023 16:07:18 +0100 -Subject: [PATCH 14/19] aarch64: Tweak stack clash boundary condition - -The AArch64 ABI says that, when stack clash protection is used, -there can be a maximum of 1KiB of unprobed space at sp on entry -to a function. Therefore, we need to probe when allocating ->= guard_size - 1KiB of data (>= rather than >). This is what -GCC does. - -If an allocation is exactly guard_size bytes, it is enough to allocate -those bytes and probe once at offset 1024. It isn't possible to use a -single probe at any other offset: higher would conmplicate later code, -by leaving more unprobed space than usual, while lower would risk -leaving an entire page unprobed. For simplicity, the code probes all -allocations at offset 1024. - -Some register saves also act as probes. If we need to allocate -more space below the last such register save probe, we need to -probe the allocation if it is > 1KiB. Again, this allocation is -then sometimes (but not always) probed at offset 1024. This sort of -allocation is currently only used for outgoing arguments, which are -rarely this big. - -However, the code also probed if this final outgoing-arguments -allocation was == 1KiB, rather than just > 1KiB. This isn't -necessary, since the register save then probes at offset 1024 -as required. Continuing to probe allocations of exactly 1KiB -would complicate later patches. - -gcc/ - * config/aarch64/aarch64.cc (aarch64_allocate_and_probe_stack_space): - Don't probe final allocations that are exactly 1KiB in size (after - unprobed space above the final allocation has been deducted). - -gcc/testsuite/ - * gcc.target/aarch64/stack-check-prologue-17.c: New test. ---- - gcc/config/aarch64/aarch64.cc | 4 +- - .../aarch64/stack-check-prologue-17.c | 55 +++++++++++++++++++ - 2 files changed, 58 insertions(+), 1 deletion(-) - create mode 100644 gcc/testsuite/gcc.target/aarch64/stack-check-prologue-17.c - -diff --git a/gcc/config/aarch64/aarch64.cc b/gcc/config/aarch64/aarch64.cc -index 1aa79da0673..5cad847977a 100644 ---- a/gcc/config/aarch64/aarch64.cc -+++ b/gcc/config/aarch64/aarch64.cc -@@ -9648,9 +9648,11 @@ aarch64_allocate_and_probe_stack_space (rtx temp1, rtx temp2, - HOST_WIDE_INT guard_size - = 1 << param_stack_clash_protection_guard_size; - HOST_WIDE_INT guard_used_by_caller = STACK_CLASH_CALLER_GUARD; -+ HOST_WIDE_INT byte_sp_alignment = STACK_BOUNDARY / BITS_PER_UNIT; -+ gcc_assert (multiple_p (poly_size, byte_sp_alignment)); - HOST_WIDE_INT min_probe_threshold - = (final_adjustment_p -- ? guard_used_by_caller -+ ? guard_used_by_caller + byte_sp_alignment - : guard_size - guard_used_by_caller); - /* When doing the final adjustment for the outgoing arguments, take into - account any unprobed space there is above the current SP. There are -diff --git a/gcc/testsuite/gcc.target/aarch64/stack-check-prologue-17.c b/gcc/testsuite/gcc.target/aarch64/stack-check-prologue-17.c -new file mode 100644 -index 00000000000..0d8a25d73a2 ---- /dev/null -+++ b/gcc/testsuite/gcc.target/aarch64/stack-check-prologue-17.c -@@ -0,0 +1,55 @@ -+/* { dg-options "-O2 -fstack-clash-protection -fomit-frame-pointer --param stack-clash-protection-guard-size=12" } */ -+/* { dg-final { check-function-bodies "**" "" } } */ -+ -+void f(int, ...); -+void g(); -+ -+/* -+** test1: -+** ... -+** str x30, \[sp\] -+** sub sp, sp, #1024 -+** cbnz w0, .* -+** bl g -+** ... -+*/ -+int test1(int z) { -+ __uint128_t x = 0; -+ int y[0x400]; -+ if (z) -+ { -+ f(0, 0, 0, 0, 0, 0, 0, &y, -+ x, x, x, x, x, x, x, x, x, x, x, x, x, x, x, x, -+ x, x, x, x, x, x, x, x, x, x, x, x, x, x, x, x, -+ x, x, x, x, x, x, x, x, x, x, x, x, x, x, x, x, -+ x, x, x, x, x, x, x, x, x, x, x, x, x, x, x, x); -+ } -+ g(); -+ return 1; -+} -+ -+/* -+** test2: -+** ... -+** str x30, \[sp\] -+** sub sp, sp, #1040 -+** str xzr, \[sp\] -+** cbnz w0, .* -+** bl g -+** ... -+*/ -+int test2(int z) { -+ __uint128_t x = 0; -+ int y[0x400]; -+ if (z) -+ { -+ f(0, 0, 0, 0, 0, 0, 0, &y, -+ x, x, x, x, x, x, x, x, x, x, x, x, x, x, x, x, -+ x, x, x, x, x, x, x, x, x, x, x, x, x, x, x, x, -+ x, x, x, x, x, x, x, x, x, x, x, x, x, x, x, x, -+ x, x, x, x, x, x, x, x, x, x, x, x, x, x, x, x, -+ x); -+ } -+ g(); -+ return 1; -+} --- -2.34.1 - - -From 8433953434a7b58c0923140d39eb3c5988c1d097 Mon Sep 17 00:00:00 2001 -From: Richard Sandiford -Date: Tue, 12 Sep 2023 16:07:19 +0100 -Subject: [PATCH 15/19] aarch64: Put LR save probe in first 16 bytes - --fstack-clash-protection uses the save of LR as a probe for the next -allocation. The next allocation could be: - -* another part of the static frame, e.g. when allocating SVE save slots - or outgoing arguments - -* an alloca in the same function - -* an allocation made by a callee function - -However, when -fomit-frame-pointer is used, the LR save slot is placed -above the other GPR save slots. It could therefore be up to 80 bytes -above the base of the GPR save area (which is also the hard fp address). - -aarch64_allocate_and_probe_stack_space took this into account when -deciding how much subsequent space could be allocated without needing -a probe. However, it interacted badly with: - - /* If doing a small final adjustment, we always probe at offset 0. - This is done to avoid issues when LR is not at position 0 or when - the final adjustment is smaller than the probing offset. */ - else if (final_adjustment_p && rounded_size == 0) - residual_probe_offset = 0; - -which forces any allocation that is smaller than the guard page size -to be probed at offset 0 rather than the usual offset 1024. It was -therefore possible to construct cases in which we had: - -* a probe using LR at SP + 80 bytes (or some other value >= 16) -* an allocation of the guard page size - 16 bytes -* a probe at SP + 0 - -which allocates guard page size + 64 consecutive unprobed bytes. - -This patch requires the LR probe to be in the first 16 bytes of the -save area when stack clash protection is active. Doing it -unconditionally would cause code-quality regressions. - -Putting LR before other registers prevents push/pop allocation -when shadow call stacks are enabled, since LR is restored -separately from the other callee-saved registers. - -The new comment doesn't say that the probe register is required -to be LR, since a later patch removes that restriction. - -gcc/ - * config/aarch64/aarch64.cc (aarch64_layout_frame): Ensure that - the LR save slot is in the first 16 bytes of the register save area. - Only form STP/LDP push/pop candidates if both registers are valid. - (aarch64_allocate_and_probe_stack_space): Remove workaround for - when LR was not in the first 16 bytes. - -gcc/testsuite/ - * gcc.target/aarch64/stack-check-prologue-18.c: New test. - * gcc.target/aarch64/stack-check-prologue-19.c: Likewise. - * gcc.target/aarch64/stack-check-prologue-20.c: Likewise. ---- - gcc/config/aarch64/aarch64.cc | 72 ++++++------- - .../aarch64/stack-check-prologue-18.c | 100 ++++++++++++++++++ - .../aarch64/stack-check-prologue-19.c | 100 ++++++++++++++++++ - .../aarch64/stack-check-prologue-20.c | 3 + - 4 files changed, 233 insertions(+), 42 deletions(-) - create mode 100644 gcc/testsuite/gcc.target/aarch64/stack-check-prologue-18.c - create mode 100644 gcc/testsuite/gcc.target/aarch64/stack-check-prologue-19.c - create mode 100644 gcc/testsuite/gcc.target/aarch64/stack-check-prologue-20.c - -diff --git a/gcc/config/aarch64/aarch64.cc b/gcc/config/aarch64/aarch64.cc -index 5cad847977a..a765f92329d 100644 ---- a/gcc/config/aarch64/aarch64.cc -+++ b/gcc/config/aarch64/aarch64.cc -@@ -8534,26 +8534,34 @@ aarch64_layout_frame (void) - bool saves_below_hard_fp_p - = maybe_ne (frame.below_hard_fp_saved_regs_size, 0); - frame.bytes_below_hard_fp = offset; -+ -+ auto allocate_gpr_slot = [&](unsigned int regno) -+ { -+ frame.reg_offset[regno] = offset; -+ if (frame.wb_push_candidate1 == INVALID_REGNUM) -+ frame.wb_push_candidate1 = regno; -+ else if (frame.wb_push_candidate2 == INVALID_REGNUM) -+ frame.wb_push_candidate2 = regno; -+ offset += UNITS_PER_WORD; -+ }; -+ - if (frame.emit_frame_chain) - { - /* FP and LR are placed in the linkage record. */ -- frame.reg_offset[R29_REGNUM] = offset; -- frame.wb_push_candidate1 = R29_REGNUM; -- frame.reg_offset[R30_REGNUM] = offset + UNITS_PER_WORD; -- frame.wb_push_candidate2 = R30_REGNUM; -- offset += 2 * UNITS_PER_WORD; -+ allocate_gpr_slot (R29_REGNUM); -+ allocate_gpr_slot (R30_REGNUM); - } -+ else if (flag_stack_clash_protection -+ && known_eq (frame.reg_offset[R30_REGNUM], SLOT_REQUIRED)) -+ /* Put the LR save slot first, since it makes a good choice of probe -+ for stack clash purposes. The idea is that the link register usually -+ has to be saved before a call anyway, and so we lose little by -+ stopping it from being individually shrink-wrapped. */ -+ allocate_gpr_slot (R30_REGNUM); - - for (regno = R0_REGNUM; regno <= R30_REGNUM; regno++) - if (known_eq (frame.reg_offset[regno], SLOT_REQUIRED)) -- { -- frame.reg_offset[regno] = offset; -- if (frame.wb_push_candidate1 == INVALID_REGNUM) -- frame.wb_push_candidate1 = regno; -- else if (frame.wb_push_candidate2 == INVALID_REGNUM) -- frame.wb_push_candidate2 = regno; -- offset += UNITS_PER_WORD; -- } -+ allocate_gpr_slot (regno); - - poly_int64 max_int_offset = offset; - offset = aligned_upper_bound (offset, STACK_BOUNDARY / BITS_PER_UNIT); -@@ -8631,10 +8639,13 @@ aarch64_layout_frame (void) - max_push_offset to 0, because no registers are popped at this time, - so callee_adjust cannot be adjusted. */ - HOST_WIDE_INT max_push_offset = 0; -- if (frame.wb_pop_candidate2 != INVALID_REGNUM) -- max_push_offset = 512; -- else if (frame.wb_pop_candidate1 != INVALID_REGNUM) -- max_push_offset = 256; -+ if (frame.wb_pop_candidate1 != INVALID_REGNUM) -+ { -+ if (frame.wb_pop_candidate2 != INVALID_REGNUM) -+ max_push_offset = 512; -+ else -+ max_push_offset = 256; -+ } - - HOST_WIDE_INT const_size, const_below_saved_regs, const_above_fp; - HOST_WIDE_INT const_saved_regs_size; -@@ -9654,29 +9665,6 @@ aarch64_allocate_and_probe_stack_space (rtx temp1, rtx temp2, - = (final_adjustment_p - ? guard_used_by_caller + byte_sp_alignment - : guard_size - guard_used_by_caller); -- /* When doing the final adjustment for the outgoing arguments, take into -- account any unprobed space there is above the current SP. There are -- two cases: -- -- - When saving SVE registers below the hard frame pointer, we force -- the lowest save to take place in the prologue before doing the final -- adjustment (i.e. we don't allow the save to be shrink-wrapped). -- This acts as a probe at SP, so there is no unprobed space. -- -- - When there are no SVE register saves, we use the store of the link -- register as a probe. We can't assume that LR was saved at position 0 -- though, so treat any space below it as unprobed. */ -- if (final_adjustment_p -- && known_eq (frame.below_hard_fp_saved_regs_size, 0)) -- { -- poly_int64 lr_offset = (frame.reg_offset[LR_REGNUM] -- - frame.bytes_below_saved_regs); -- if (known_ge (lr_offset, 0)) -- min_probe_threshold -= lr_offset.to_constant (); -- else -- gcc_assert (!flag_stack_clash_protection || known_eq (poly_size, 0)); -- } -- - poly_int64 frame_size = frame.frame_size; - - /* We should always have a positive probe threshold. */ -@@ -9856,8 +9844,8 @@ aarch64_allocate_and_probe_stack_space (rtx temp1, rtx temp2, - if (final_adjustment_p && rounded_size != 0) - min_probe_threshold = 0; - /* If doing a small final adjustment, we always probe at offset 0. -- This is done to avoid issues when LR is not at position 0 or when -- the final adjustment is smaller than the probing offset. */ -+ This is done to avoid issues when the final adjustment is smaller -+ than the probing offset. */ - else if (final_adjustment_p && rounded_size == 0) - residual_probe_offset = 0; - -diff --git a/gcc/testsuite/gcc.target/aarch64/stack-check-prologue-18.c b/gcc/testsuite/gcc.target/aarch64/stack-check-prologue-18.c -new file mode 100644 -index 00000000000..82447d20fff ---- /dev/null -+++ b/gcc/testsuite/gcc.target/aarch64/stack-check-prologue-18.c -@@ -0,0 +1,100 @@ -+/* { dg-options "-O2 -fstack-clash-protection -fomit-frame-pointer --param stack-clash-protection-guard-size=12" } */ -+/* { dg-final { check-function-bodies "**" "" } } */ -+ -+void f(int, ...); -+void g(); -+ -+/* -+** test1: -+** ... -+** str x30, \[sp\] -+** sub sp, sp, #4064 -+** str xzr, \[sp\] -+** cbnz w0, .* -+** bl g -+** ... -+** str x26, \[sp, #?4128\] -+** ... -+*/ -+int test1(int z) { -+ __uint128_t x = 0; -+ int y[0x400]; -+ if (z) -+ { -+ asm volatile ("" ::: -+ "x19", "x20", "x21", "x22", "x23", "x24", "x25", "x26"); -+ f(0, 0, 0, 0, 0, 0, 0, &y, -+ x, x, x, x, x, x, x, x, x, x, x, x, x, x, x, x, -+ x, x, x, x, x, x, x, x, x, x, x, x, x, x, x, x, -+ x, x, x, x, x, x, x, x, x, x, x, x, x, x, x, x, -+ x, x, x, x, x, x, x, x, x, x, x, x, x, x, x, x, -+ x, x, x, x, x, x, x, x, x, x, x, x, x, x, x, x, -+ x, x, x, x, x, x, x, x, x, x, x, x, x, x, x, x, -+ x, x, x, x, x, x, x, x, x, x, x, x, x, x, x, x, -+ x, x, x, x, x, x, x, x, x, x, x, x, x, x, x, x, -+ x, x, x, x, x, x, x, x, x, x, x, x, x, x, x, x, -+ x, x, x, x, x, x, x, x, x, x, x, x, x, x, x, x, -+ x, x, x, x, x, x, x, x, x, x, x, x, x, x, x, x, -+ x, x, x, x, x, x, x, x, x, x, x, x, x, x, x, x, -+ x, x, x, x, x, x, x, x, x, x, x, x, x, x, x, x, -+ x, x, x, x, x, x, x, x, x, x, x, x, x, x, x, x, -+ x, x, x, x, x, x, x, x, x, x, x, x, x, x, x, x, -+ x, x, x, x, x, x, x, x, x, x, x, x, x, x); -+ } -+ g(); -+ return 1; -+} -+ -+/* -+** test2: -+** ... -+** str x30, \[sp\] -+** sub sp, sp, #1040 -+** str xzr, \[sp\] -+** cbnz w0, .* -+** bl g -+** ... -+*/ -+int test2(int z) { -+ __uint128_t x = 0; -+ int y[0x400]; -+ if (z) -+ { -+ asm volatile ("" ::: -+ "x19", "x20", "x21", "x22", "x23", "x24", "x25", "x26"); -+ f(0, 0, 0, 0, 0, 0, 0, &y, -+ x, x, x, x, x, x, x, x, x, x, x, x, x, x, x, x, -+ x, x, x, x, x, x, x, x, x, x, x, x, x, x, x, x, -+ x, x, x, x, x, x, x, x, x, x, x, x, x, x, x, x, -+ x, x, x, x, x, x, x, x, x, x, x, x, x, x, x, x, -+ x); -+ } -+ g(); -+ return 1; -+} -+ -+/* -+** test3: -+** ... -+** str x30, \[sp\] -+** sub sp, sp, #1024 -+** cbnz w0, .* -+** bl g -+** ... -+*/ -+int test3(int z) { -+ __uint128_t x = 0; -+ int y[0x400]; -+ if (z) -+ { -+ asm volatile ("" ::: -+ "x19", "x20", "x21", "x22", "x23", "x24", "x25", "x26"); -+ f(0, 0, 0, 0, 0, 0, 0, &y, -+ x, x, x, x, x, x, x, x, x, x, x, x, x, x, x, x, -+ x, x, x, x, x, x, x, x, x, x, x, x, x, x, x, x, -+ x, x, x, x, x, x, x, x, x, x, x, x, x, x, x, x, -+ x, x, x, x, x, x, x, x, x, x, x, x, x, x, x, x); -+ } -+ g(); -+ return 1; -+} -diff --git a/gcc/testsuite/gcc.target/aarch64/stack-check-prologue-19.c b/gcc/testsuite/gcc.target/aarch64/stack-check-prologue-19.c -new file mode 100644 -index 00000000000..73ac3e4e4eb ---- /dev/null -+++ b/gcc/testsuite/gcc.target/aarch64/stack-check-prologue-19.c -@@ -0,0 +1,100 @@ -+/* { dg-options "-O2 -fstack-clash-protection -fomit-frame-pointer --param stack-clash-protection-guard-size=12 -fsanitize=shadow-call-stack -ffixed-x18" } */ -+/* { dg-final { check-function-bodies "**" "" } } */ -+ -+void f(int, ...); -+void g(); -+ -+/* -+** test1: -+** ... -+** str x30, \[sp\] -+** sub sp, sp, #4064 -+** str xzr, \[sp\] -+** cbnz w0, .* -+** bl g -+** ... -+** str x26, \[sp, #?4128\] -+** ... -+*/ -+int test1(int z) { -+ __uint128_t x = 0; -+ int y[0x400]; -+ if (z) -+ { -+ asm volatile ("" ::: -+ "x19", "x20", "x21", "x22", "x23", "x24", "x25", "x26"); -+ f(0, 0, 0, 0, 0, 0, 0, &y, -+ x, x, x, x, x, x, x, x, x, x, x, x, x, x, x, x, -+ x, x, x, x, x, x, x, x, x, x, x, x, x, x, x, x, -+ x, x, x, x, x, x, x, x, x, x, x, x, x, x, x, x, -+ x, x, x, x, x, x, x, x, x, x, x, x, x, x, x, x, -+ x, x, x, x, x, x, x, x, x, x, x, x, x, x, x, x, -+ x, x, x, x, x, x, x, x, x, x, x, x, x, x, x, x, -+ x, x, x, x, x, x, x, x, x, x, x, x, x, x, x, x, -+ x, x, x, x, x, x, x, x, x, x, x, x, x, x, x, x, -+ x, x, x, x, x, x, x, x, x, x, x, x, x, x, x, x, -+ x, x, x, x, x, x, x, x, x, x, x, x, x, x, x, x, -+ x, x, x, x, x, x, x, x, x, x, x, x, x, x, x, x, -+ x, x, x, x, x, x, x, x, x, x, x, x, x, x, x, x, -+ x, x, x, x, x, x, x, x, x, x, x, x, x, x, x, x, -+ x, x, x, x, x, x, x, x, x, x, x, x, x, x, x, x, -+ x, x, x, x, x, x, x, x, x, x, x, x, x, x, x, x, -+ x, x, x, x, x, x, x, x, x, x, x, x, x, x); -+ } -+ g(); -+ return 1; -+} -+ -+/* -+** test2: -+** ... -+** str x30, \[sp\] -+** sub sp, sp, #1040 -+** str xzr, \[sp\] -+** cbnz w0, .* -+** bl g -+** ... -+*/ -+int test2(int z) { -+ __uint128_t x = 0; -+ int y[0x400]; -+ if (z) -+ { -+ asm volatile ("" ::: -+ "x19", "x20", "x21", "x22", "x23", "x24", "x25", "x26"); -+ f(0, 0, 0, 0, 0, 0, 0, &y, -+ x, x, x, x, x, x, x, x, x, x, x, x, x, x, x, x, -+ x, x, x, x, x, x, x, x, x, x, x, x, x, x, x, x, -+ x, x, x, x, x, x, x, x, x, x, x, x, x, x, x, x, -+ x, x, x, x, x, x, x, x, x, x, x, x, x, x, x, x, -+ x); -+ } -+ g(); -+ return 1; -+} -+ -+/* -+** test3: -+** ... -+** str x30, \[sp\] -+** sub sp, sp, #1024 -+** cbnz w0, .* -+** bl g -+** ... -+*/ -+int test3(int z) { -+ __uint128_t x = 0; -+ int y[0x400]; -+ if (z) -+ { -+ asm volatile ("" ::: -+ "x19", "x20", "x21", "x22", "x23", "x24", "x25", "x26"); -+ f(0, 0, 0, 0, 0, 0, 0, &y, -+ x, x, x, x, x, x, x, x, x, x, x, x, x, x, x, x, -+ x, x, x, x, x, x, x, x, x, x, x, x, x, x, x, x, -+ x, x, x, x, x, x, x, x, x, x, x, x, x, x, x, x, -+ x, x, x, x, x, x, x, x, x, x, x, x, x, x, x, x); -+ } -+ g(); -+ return 1; -+} -diff --git a/gcc/testsuite/gcc.target/aarch64/stack-check-prologue-20.c b/gcc/testsuite/gcc.target/aarch64/stack-check-prologue-20.c -new file mode 100644 -index 00000000000..690aae8dfd5 ---- /dev/null -+++ b/gcc/testsuite/gcc.target/aarch64/stack-check-prologue-20.c -@@ -0,0 +1,3 @@ -+/* { dg-options "-O2 -fstack-protector-all -fstack-clash-protection -fomit-frame-pointer --param stack-clash-protection-guard-size=12 -fsanitize=shadow-call-stack -ffixed-x18" } */ -+ -+#include "stack-check-prologue-19.c" --- -2.34.1 - - -From eea1759073e09dd1aefbc9a881601ab1eebfdd18 Mon Sep 17 00:00:00 2001 -From: Richard Sandiford -Date: Tue, 12 Sep 2023 16:07:19 +0100 -Subject: [PATCH 16/19] aarch64: Simplify probe of final frame allocation - -Previous patches ensured that the final frame allocation only needs -a probe when the size is strictly greater than 1KiB. It's therefore -safe to use the normal 1024 probe offset in all cases. - -The main motivation for doing this is to simplify the code and -remove the number of special cases. - -gcc/ - * config/aarch64/aarch64.cc (aarch64_allocate_and_probe_stack_space): - Always probe the residual allocation at offset 1024, asserting - that that is in range. - -gcc/testsuite/ - * gcc.target/aarch64/stack-check-prologue-17.c: Expect the probe - to be at offset 1024 rather than offset 0. - * gcc.target/aarch64/stack-check-prologue-18.c: Likewise. - * gcc.target/aarch64/stack-check-prologue-19.c: Likewise. ---- - gcc/config/aarch64/aarch64.cc | 12 ++++-------- - .../gcc.target/aarch64/stack-check-prologue-17.c | 2 +- - .../gcc.target/aarch64/stack-check-prologue-18.c | 4 ++-- - .../gcc.target/aarch64/stack-check-prologue-19.c | 4 ++-- - 4 files changed, 9 insertions(+), 13 deletions(-) - -diff --git a/gcc/config/aarch64/aarch64.cc b/gcc/config/aarch64/aarch64.cc -index a765f92329d..37809a306f7 100644 ---- a/gcc/config/aarch64/aarch64.cc -+++ b/gcc/config/aarch64/aarch64.cc -@@ -9838,16 +9838,12 @@ aarch64_allocate_and_probe_stack_space (rtx temp1, rtx temp2, - are still safe. */ - if (residual) - { -- HOST_WIDE_INT residual_probe_offset = guard_used_by_caller; -+ gcc_assert (guard_used_by_caller + byte_sp_alignment <= size); -+ - /* If we're doing final adjustments, and we've done any full page - allocations then any residual needs to be probed. */ - if (final_adjustment_p && rounded_size != 0) - min_probe_threshold = 0; -- /* If doing a small final adjustment, we always probe at offset 0. -- This is done to avoid issues when the final adjustment is smaller -- than the probing offset. */ -- else if (final_adjustment_p && rounded_size == 0) -- residual_probe_offset = 0; - - aarch64_sub_sp (temp1, temp2, residual, frame_related_p); - if (residual >= min_probe_threshold) -@@ -9858,8 +9854,8 @@ aarch64_allocate_and_probe_stack_space (rtx temp1, rtx temp2, - HOST_WIDE_INT_PRINT_DEC " bytes, probing will be required." - "\n", residual); - -- emit_stack_probe (plus_constant (Pmode, stack_pointer_rtx, -- residual_probe_offset)); -+ emit_stack_probe (plus_constant (Pmode, stack_pointer_rtx, -+ guard_used_by_caller)); - emit_insn (gen_blockage ()); - } - } -diff --git a/gcc/testsuite/gcc.target/aarch64/stack-check-prologue-17.c b/gcc/testsuite/gcc.target/aarch64/stack-check-prologue-17.c -index 0d8a25d73a2..f0ec1389771 100644 ---- a/gcc/testsuite/gcc.target/aarch64/stack-check-prologue-17.c -+++ b/gcc/testsuite/gcc.target/aarch64/stack-check-prologue-17.c -@@ -33,7 +33,7 @@ int test1(int z) { - ** ... - ** str x30, \[sp\] - ** sub sp, sp, #1040 --** str xzr, \[sp\] -+** str xzr, \[sp, #?1024\] - ** cbnz w0, .* - ** bl g - ** ... -diff --git a/gcc/testsuite/gcc.target/aarch64/stack-check-prologue-18.c b/gcc/testsuite/gcc.target/aarch64/stack-check-prologue-18.c -index 82447d20fff..6383bec5ebc 100644 ---- a/gcc/testsuite/gcc.target/aarch64/stack-check-prologue-18.c -+++ b/gcc/testsuite/gcc.target/aarch64/stack-check-prologue-18.c -@@ -9,7 +9,7 @@ void g(); - ** ... - ** str x30, \[sp\] - ** sub sp, sp, #4064 --** str xzr, \[sp\] -+** str xzr, \[sp, #?1024\] - ** cbnz w0, .* - ** bl g - ** ... -@@ -50,7 +50,7 @@ int test1(int z) { - ** ... - ** str x30, \[sp\] - ** sub sp, sp, #1040 --** str xzr, \[sp\] -+** str xzr, \[sp, #?1024\] - ** cbnz w0, .* - ** bl g - ** ... -diff --git a/gcc/testsuite/gcc.target/aarch64/stack-check-prologue-19.c b/gcc/testsuite/gcc.target/aarch64/stack-check-prologue-19.c -index 73ac3e4e4eb..562039b5e9b 100644 ---- a/gcc/testsuite/gcc.target/aarch64/stack-check-prologue-19.c -+++ b/gcc/testsuite/gcc.target/aarch64/stack-check-prologue-19.c -@@ -9,7 +9,7 @@ void g(); - ** ... - ** str x30, \[sp\] - ** sub sp, sp, #4064 --** str xzr, \[sp\] -+** str xzr, \[sp, #?1024\] - ** cbnz w0, .* - ** bl g - ** ... -@@ -50,7 +50,7 @@ int test1(int z) { - ** ... - ** str x30, \[sp\] - ** sub sp, sp, #1040 --** str xzr, \[sp\] -+** str xzr, \[sp, #?1024\] - ** cbnz w0, .* - ** bl g - ** ... --- -2.34.1 - - -From 96d85187c3b9c9a7efc2fd698c3d452e80d8aa47 Mon Sep 17 00:00:00 2001 -From: Richard Sandiford -Date: Tue, 12 Sep 2023 16:07:20 +0100 -Subject: [PATCH 17/19] aarch64: Explicitly record probe registers in frame - info - -The stack frame is currently divided into three areas: - -A: the area above the hard frame pointer -B: the SVE saves below the hard frame pointer -C: the outgoing arguments - -If the stack frame is allocated in one chunk, the allocation needs a -probe if the frame size is >= guard_size - 1KiB. In addition, if the -function is not a leaf function, it must probe an address no more than -1KiB above the outgoing SP. We ensured the second condition by - -(1) using single-chunk allocations for non-leaf functions only if - the link register save slot is within 512 bytes of the bottom - of the frame; and - -(2) using the link register save as a probe (meaning, for instance, - that it can't be individually shrink wrapped) - -If instead the stack is allocated in multiple chunks, then: - -* an allocation involving only the outgoing arguments (C above) requires - a probe if the allocation size is > 1KiB - -* any other allocation requires a probe if the allocation size - is >= guard_size - 1KiB - -* second and subsequent allocations require the previous allocation - to probe at the bottom of the allocated area, regardless of the size - of that previous allocation - -The final point means that, unlike for single allocations, -it can be necessary to have both a non-SVE register probe and -an SVE register probe. For example: - -* allocate A, probe using a non-SVE register save -* allocate B, probe using an SVE register save -* allocate C - -The non-SVE register used in this case was again the link register. -It was previously used even if the link register save slot was some -bytes above the bottom of the non-SVE register saves, but an earlier -patch avoided that by putting the link register save slot first. - -As a belt-and-braces fix, this patch explicitly records which -probe registers we're using and allows the non-SVE probe to be -whichever register comes first (as for SVE). - -The patch also avoids unnecessary probes in sve/pcs/stack_clash_3.c. - -gcc/ - * config/aarch64/aarch64.h (aarch64_frame::sve_save_and_probe) - (aarch64_frame::hard_fp_save_and_probe): New fields. - * config/aarch64/aarch64.cc (aarch64_layout_frame): Initialize them. - Rather than asserting that a leaf function saves LR, instead assert - that a leaf function saves something. - (aarch64_get_separate_components): Prevent the chosen probe - registers from being individually shrink-wrapped. - (aarch64_allocate_and_probe_stack_space): Remove workaround for - probe registers that aren't at the bottom of the previous allocation. - -gcc/testsuite/ - * gcc.target/aarch64/sve/pcs/stack_clash_3.c: Avoid redundant probes. ---- - gcc/config/aarch64/aarch64.cc | 68 +++++++++++++++---- - gcc/config/aarch64/aarch64.h | 8 +++ - .../aarch64/sve/pcs/stack_clash_3.c | 6 +- - 3 files changed, 64 insertions(+), 18 deletions(-) - -diff --git a/gcc/config/aarch64/aarch64.cc b/gcc/config/aarch64/aarch64.cc -index 37809a306f7..6c59c39a639 100644 ---- a/gcc/config/aarch64/aarch64.cc -+++ b/gcc/config/aarch64/aarch64.cc -@@ -8471,15 +8471,11 @@ aarch64_layout_frame (void) - && !crtl->abi->clobbers_full_reg_p (regno)) - frame.reg_offset[regno] = SLOT_REQUIRED; - -- /* With stack-clash, LR must be saved in non-leaf functions. The saving of -- LR counts as an implicit probe which allows us to maintain the invariant -- described in the comment at expand_prologue. */ -- gcc_assert (crtl->is_leaf -- || maybe_ne (frame.reg_offset[R30_REGNUM], SLOT_NOT_REQUIRED)); - - poly_int64 offset = crtl->outgoing_args_size; - gcc_assert (multiple_p (offset, STACK_BOUNDARY / BITS_PER_UNIT)); - frame.bytes_below_saved_regs = offset; -+ frame.sve_save_and_probe = INVALID_REGNUM; - - /* Now assign stack slots for the registers. Start with the predicate - registers, since predicate LDR and STR have a relatively small -@@ -8487,6 +8483,8 @@ aarch64_layout_frame (void) - for (regno = P0_REGNUM; regno <= P15_REGNUM; regno++) - if (known_eq (frame.reg_offset[regno], SLOT_REQUIRED)) - { -+ if (frame.sve_save_and_probe == INVALID_REGNUM) -+ frame.sve_save_and_probe = regno; - frame.reg_offset[regno] = offset; - offset += BYTES_PER_SVE_PRED; - } -@@ -8524,6 +8522,8 @@ aarch64_layout_frame (void) - for (regno = V0_REGNUM; regno <= V31_REGNUM; regno++) - if (known_eq (frame.reg_offset[regno], SLOT_REQUIRED)) - { -+ if (frame.sve_save_and_probe == INVALID_REGNUM) -+ frame.sve_save_and_probe = regno; - frame.reg_offset[regno] = offset; - offset += vector_save_size; - } -@@ -8533,10 +8533,18 @@ aarch64_layout_frame (void) - frame.below_hard_fp_saved_regs_size = offset - frame.bytes_below_saved_regs; - bool saves_below_hard_fp_p - = maybe_ne (frame.below_hard_fp_saved_regs_size, 0); -+ gcc_assert (!saves_below_hard_fp_p -+ || (frame.sve_save_and_probe != INVALID_REGNUM -+ && known_eq (frame.reg_offset[frame.sve_save_and_probe], -+ frame.bytes_below_saved_regs))); -+ - frame.bytes_below_hard_fp = offset; -+ frame.hard_fp_save_and_probe = INVALID_REGNUM; - - auto allocate_gpr_slot = [&](unsigned int regno) - { -+ if (frame.hard_fp_save_and_probe == INVALID_REGNUM) -+ frame.hard_fp_save_and_probe = regno; - frame.reg_offset[regno] = offset; - if (frame.wb_push_candidate1 == INVALID_REGNUM) - frame.wb_push_candidate1 = regno; -@@ -8570,6 +8578,8 @@ aarch64_layout_frame (void) - for (regno = V0_REGNUM; regno <= V31_REGNUM; regno++) - if (known_eq (frame.reg_offset[regno], SLOT_REQUIRED)) - { -+ if (frame.hard_fp_save_and_probe == INVALID_REGNUM) -+ frame.hard_fp_save_and_probe = regno; - /* If there is an alignment gap between integer and fp callee-saves, - allocate the last fp register to it if possible. */ - if (regno == last_fp_reg -@@ -8593,6 +8603,17 @@ aarch64_layout_frame (void) - offset = aligned_upper_bound (offset, STACK_BOUNDARY / BITS_PER_UNIT); - - frame.saved_regs_size = offset - frame.bytes_below_saved_regs; -+ gcc_assert (known_eq (frame.saved_regs_size, -+ frame.below_hard_fp_saved_regs_size) -+ || (frame.hard_fp_save_and_probe != INVALID_REGNUM -+ && known_eq (frame.reg_offset[frame.hard_fp_save_and_probe], -+ frame.bytes_below_hard_fp))); -+ -+ /* With stack-clash, a register must be saved in non-leaf functions. -+ The saving of the bottommost register counts as an implicit probe, -+ which allows us to maintain the invariant described in the comment -+ at expand_prologue. */ -+ gcc_assert (crtl->is_leaf || maybe_ne (frame.saved_regs_size, 0)); - - offset += get_frame_size (); - offset = aligned_upper_bound (offset, STACK_BOUNDARY / BITS_PER_UNIT); -@@ -8723,6 +8744,25 @@ aarch64_layout_frame (void) - frame.final_adjust = frame.bytes_below_saved_regs; - } - -+ /* The frame is allocated in pieces, with each non-final piece -+ including a register save at offset 0 that acts as a probe for -+ the following piece. In addition, the save of the bottommost register -+ acts as a probe for callees and allocas. Roll back any probes that -+ aren't needed. -+ -+ A probe isn't needed if it is associated with the final allocation -+ (including callees and allocas) that happens before the epilogue is -+ executed. */ -+ if (crtl->is_leaf -+ && !cfun->calls_alloca -+ && known_eq (frame.final_adjust, 0)) -+ { -+ if (maybe_ne (frame.sve_callee_adjust, 0)) -+ frame.sve_save_and_probe = INVALID_REGNUM; -+ else -+ frame.hard_fp_save_and_probe = INVALID_REGNUM; -+ } -+ - /* Make sure the individual adjustments add up to the full frame size. */ - gcc_assert (known_eq (frame.initial_adjust - + frame.callee_adjust -@@ -9354,13 +9394,6 @@ aarch64_get_separate_components (void) - - poly_int64 offset = frame.reg_offset[regno]; - -- /* If the register is saved in the first SVE save slot, we use -- it as a stack probe for -fstack-clash-protection. */ -- if (flag_stack_clash_protection -- && maybe_ne (frame.below_hard_fp_saved_regs_size, 0) -- && known_eq (offset, frame.bytes_below_saved_regs)) -- continue; -- - /* Get the offset relative to the register we'll use. */ - if (frame_pointer_needed) - offset -= frame.bytes_below_hard_fp; -@@ -9395,6 +9428,13 @@ aarch64_get_separate_components (void) - - bitmap_clear_bit (components, LR_REGNUM); - bitmap_clear_bit (components, SP_REGNUM); -+ if (flag_stack_clash_protection) -+ { -+ if (frame.sve_save_and_probe != INVALID_REGNUM) -+ bitmap_clear_bit (components, frame.sve_save_and_probe); -+ if (frame.hard_fp_save_and_probe != INVALID_REGNUM) -+ bitmap_clear_bit (components, frame.hard_fp_save_and_probe); -+ } - - return components; - } -@@ -9931,8 +9971,8 @@ aarch64_epilogue_uses (int regno) - When probing is needed, we emit a probe at the start of the prologue - and every PARAM_STACK_CLASH_PROTECTION_GUARD_SIZE bytes thereafter. - -- We have to track how much space has been allocated and the only stores -- to the stack we track as implicit probes are the FP/LR stores. -+ We can also use register saves as probes. These are stored in -+ sve_save_and_probe and hard_fp_save_and_probe. - - For outgoing arguments we probe if the size is larger than 1KB, such that - the ABI specified buffer is maintained for the next callee. -diff --git a/gcc/config/aarch64/aarch64.h b/gcc/config/aarch64/aarch64.h -index c8becb098c8..fbfb73545ba 100644 ---- a/gcc/config/aarch64/aarch64.h -+++ b/gcc/config/aarch64/aarch64.h -@@ -863,6 +863,14 @@ struct GTY (()) aarch64_frame - This is the register they should use. */ - unsigned spare_pred_reg; - -+ /* An SVE register that is saved below the hard frame pointer and that acts -+ as a probe for later allocations, or INVALID_REGNUM if none. */ -+ unsigned sve_save_and_probe; -+ -+ /* A register that is saved at the hard frame pointer and that acts -+ as a probe for later allocations, or INVALID_REGNUM if none. */ -+ unsigned hard_fp_save_and_probe; -+ - bool laid_out; - - /* True if shadow call stack should be enabled for the current function. */ -diff --git a/gcc/testsuite/gcc.target/aarch64/sve/pcs/stack_clash_3.c b/gcc/testsuite/gcc.target/aarch64/sve/pcs/stack_clash_3.c -index 3e01ec36c3a..3530a0d504b 100644 ---- a/gcc/testsuite/gcc.target/aarch64/sve/pcs/stack_clash_3.c -+++ b/gcc/testsuite/gcc.target/aarch64/sve/pcs/stack_clash_3.c -@@ -11,11 +11,10 @@ - ** mov x11, sp - ** ... - ** sub sp, sp, x13 --** str p4, \[sp\] - ** cbz w0, [^\n]* -+** str p4, \[sp\] - ** ... - ** ptrue p0\.b, all --** ldr p4, \[sp\] - ** addvl sp, sp, #1 - ** ldr x24, \[sp\], 32 - ** ret -@@ -39,13 +38,12 @@ test_1 (int n) - ** mov x11, sp - ** ... - ** sub sp, sp, x13 --** str p4, \[sp\] - ** cbz w0, [^\n]* -+** str p4, \[sp\] - ** str p5, \[sp, #1, mul vl\] - ** str p6, \[sp, #2, mul vl\] - ** ... - ** ptrue p0\.b, all --** ldr p4, \[sp\] - ** addvl sp, sp, #1 - ** ldr x24, \[sp\], 32 - ** ret --- -2.34.1 - - -From 56df065080950bb30dda9c260f71be54269bdda5 Mon Sep 17 00:00:00 2001 -From: Richard Sandiford -Date: Tue, 12 Sep 2023 16:07:20 +0100 -Subject: [PATCH 18/19] aarch64: Remove below_hard_fp_saved_regs_size - -After previous patches, it's no longer necessary to store -saved_regs_size and below_hard_fp_saved_regs_size in the frame info. -All measurements instead use the top or bottom of the frame as -reference points. - -gcc/ - * config/aarch64/aarch64.h (aarch64_frame::saved_regs_size) - (aarch64_frame::below_hard_fp_saved_regs_size): Delete. - * config/aarch64/aarch64.cc (aarch64_layout_frame): Update accordingly. ---- - gcc/config/aarch64/aarch64.cc | 45 ++++++++++++++++------------------- - gcc/config/aarch64/aarch64.h | 7 ------ - 2 files changed, 21 insertions(+), 31 deletions(-) - -diff --git a/gcc/config/aarch64/aarch64.cc b/gcc/config/aarch64/aarch64.cc -index 6c59c39a639..b95e805a8cc 100644 ---- a/gcc/config/aarch64/aarch64.cc -+++ b/gcc/config/aarch64/aarch64.cc -@@ -8530,9 +8530,8 @@ aarch64_layout_frame (void) - - /* OFFSET is now the offset of the hard frame pointer from the bottom - of the callee save area. */ -- frame.below_hard_fp_saved_regs_size = offset - frame.bytes_below_saved_regs; -- bool saves_below_hard_fp_p -- = maybe_ne (frame.below_hard_fp_saved_regs_size, 0); -+ auto below_hard_fp_saved_regs_size = offset - frame.bytes_below_saved_regs; -+ bool saves_below_hard_fp_p = maybe_ne (below_hard_fp_saved_regs_size, 0); - gcc_assert (!saves_below_hard_fp_p - || (frame.sve_save_and_probe != INVALID_REGNUM - && known_eq (frame.reg_offset[frame.sve_save_and_probe], -@@ -8602,9 +8601,8 @@ aarch64_layout_frame (void) - - offset = aligned_upper_bound (offset, STACK_BOUNDARY / BITS_PER_UNIT); - -- frame.saved_regs_size = offset - frame.bytes_below_saved_regs; -- gcc_assert (known_eq (frame.saved_regs_size, -- frame.below_hard_fp_saved_regs_size) -+ auto saved_regs_size = offset - frame.bytes_below_saved_regs; -+ gcc_assert (known_eq (saved_regs_size, below_hard_fp_saved_regs_size) - || (frame.hard_fp_save_and_probe != INVALID_REGNUM - && known_eq (frame.reg_offset[frame.hard_fp_save_and_probe], - frame.bytes_below_hard_fp))); -@@ -8613,7 +8611,7 @@ aarch64_layout_frame (void) - The saving of the bottommost register counts as an implicit probe, - which allows us to maintain the invariant described in the comment - at expand_prologue. */ -- gcc_assert (crtl->is_leaf || maybe_ne (frame.saved_regs_size, 0)); -+ gcc_assert (crtl->is_leaf || maybe_ne (saved_regs_size, 0)); - - offset += get_frame_size (); - offset = aligned_upper_bound (offset, STACK_BOUNDARY / BITS_PER_UNIT); -@@ -8670,7 +8668,7 @@ aarch64_layout_frame (void) - - HOST_WIDE_INT const_size, const_below_saved_regs, const_above_fp; - HOST_WIDE_INT const_saved_regs_size; -- if (known_eq (frame.saved_regs_size, 0)) -+ if (known_eq (saved_regs_size, 0)) - frame.initial_adjust = frame.frame_size; - else if (frame.frame_size.is_constant (&const_size) - && const_size < max_push_offset -@@ -8683,7 +8681,7 @@ aarch64_layout_frame (void) - frame.callee_adjust = const_size; - } - else if (frame.bytes_below_saved_regs.is_constant (&const_below_saved_regs) -- && frame.saved_regs_size.is_constant (&const_saved_regs_size) -+ && saved_regs_size.is_constant (&const_saved_regs_size) - && const_below_saved_regs + const_saved_regs_size < 512 - /* We could handle this case even with data below the saved - registers, provided that that data left us with valid offsets -@@ -8702,8 +8700,7 @@ aarch64_layout_frame (void) - frame.initial_adjust = frame.frame_size; - } - else if (saves_below_hard_fp_p -- && known_eq (frame.saved_regs_size, -- frame.below_hard_fp_saved_regs_size)) -+ && known_eq (saved_regs_size, below_hard_fp_saved_regs_size)) - { - /* Frame in which all saves are SVE saves: - -@@ -8725,7 +8722,7 @@ aarch64_layout_frame (void) - [save SVE registers relative to SP] - sub sp, sp, bytes_below_saved_regs */ - frame.callee_adjust = const_above_fp; -- frame.sve_callee_adjust = frame.below_hard_fp_saved_regs_size; -+ frame.sve_callee_adjust = below_hard_fp_saved_regs_size; - frame.final_adjust = frame.bytes_below_saved_regs; - } - else -@@ -8740,7 +8737,7 @@ aarch64_layout_frame (void) - [save SVE registers relative to SP] - sub sp, sp, bytes_below_saved_regs */ - frame.initial_adjust = frame.bytes_above_hard_fp; -- frame.sve_callee_adjust = frame.below_hard_fp_saved_regs_size; -+ frame.sve_callee_adjust = below_hard_fp_saved_regs_size; - frame.final_adjust = frame.bytes_below_saved_regs; - } - -@@ -9936,17 +9933,17 @@ aarch64_epilogue_uses (int regno) - | local variables | <-- frame_pointer_rtx - | | - +-------------------------------+ -- | padding | \ -- +-------------------------------+ | -- | callee-saved registers | | frame.saved_regs_size -- +-------------------------------+ | -- | LR' | | -- +-------------------------------+ | -- | FP' | | -- +-------------------------------+ |<- hard_frame_pointer_rtx (aligned) -- | SVE vector registers | | \ -- +-------------------------------+ | | below_hard_fp_saved_regs_size -- | SVE predicate registers | / / -+ | padding | -+ +-------------------------------+ -+ | callee-saved registers | -+ +-------------------------------+ -+ | LR' | -+ +-------------------------------+ -+ | FP' | -+ +-------------------------------+ <-- hard_frame_pointer_rtx (aligned) -+ | SVE vector registers | -+ +-------------------------------+ -+ | SVE predicate registers | - +-------------------------------+ - | dynamic allocation | - +-------------------------------+ -diff --git a/gcc/config/aarch64/aarch64.h b/gcc/config/aarch64/aarch64.h -index fbfb73545ba..cfeaf4657ab 100644 ---- a/gcc/config/aarch64/aarch64.h -+++ b/gcc/config/aarch64/aarch64.h -@@ -777,18 +777,11 @@ struct GTY (()) aarch64_frame - STACK_BOUNDARY. */ - HOST_WIDE_INT saved_varargs_size; - -- /* The size of the callee-save registers with a slot in REG_OFFSET. */ -- poly_int64 saved_regs_size; -- - /* The number of bytes between the bottom of the static frame (the bottom - of the outgoing arguments) and the bottom of the register save area. - This value is always a multiple of STACK_BOUNDARY. */ - poly_int64 bytes_below_saved_regs; - -- /* The size of the callee-save registers with a slot in REG_OFFSET that -- are saved below the hard frame pointer. */ -- poly_int64 below_hard_fp_saved_regs_size; -- - /* The number of bytes between the bottom of the static frame (the bottom - of the outgoing arguments) and the hard frame pointer. This value is - always a multiple of STACK_BOUNDARY. */ --- -2.34.1 - - -From b96e66fd4ef3e36983969fb8cdd1956f551a074b Mon Sep 17 00:00:00 2001 -From: Richard Sandiford -Date: Tue, 12 Sep 2023 16:07:21 +0100 -Subject: [PATCH 19/19] aarch64: Make stack smash canary protect saved - registers - -AArch64 normally puts the saved registers near the bottom of the frame, -immediately above any dynamic allocations. But this means that a -stack-smash attack on those dynamic allocations could overwrite the -saved registers without needing to reach as far as the stack smash -canary. - -The same thing could also happen for variable-sized arguments that are -passed by value, since those are allocated before a call and popped on -return. - -This patch avoids that by putting the locals (and thus the canary) below -the saved registers when stack smash protection is active. - -The patch fixes CVE-2023-4039. - -gcc/ - * config/aarch64/aarch64.cc (aarch64_save_regs_above_locals_p): - New function. - (aarch64_layout_frame): Use it to decide whether locals should - go above or below the saved registers. - (aarch64_expand_prologue): Update stack layout comment. - Emit a stack tie after the final adjustment. - -gcc/testsuite/ - * gcc.target/aarch64/stack-protector-8.c: New test. - * gcc.target/aarch64/stack-protector-9.c: Likewise. ---- - gcc/config/aarch64/aarch64.cc | 46 +++++++-- - .../gcc.target/aarch64/stack-protector-8.c | 95 +++++++++++++++++++ - .../gcc.target/aarch64/stack-protector-9.c | 33 +++++++ - 3 files changed, 168 insertions(+), 6 deletions(-) - create mode 100644 gcc/testsuite/gcc.target/aarch64/stack-protector-8.c - create mode 100644 gcc/testsuite/gcc.target/aarch64/stack-protector-9.c - -diff --git a/gcc/config/aarch64/aarch64.cc b/gcc/config/aarch64/aarch64.cc -index b95e805a8cc..389c0e29353 100644 ---- a/gcc/config/aarch64/aarch64.cc -+++ b/gcc/config/aarch64/aarch64.cc -@@ -8394,6 +8394,20 @@ aarch64_needs_frame_chain (void) - return aarch64_use_frame_pointer; - } - -+/* Return true if the current function should save registers above -+ the locals area, rather than below it. */ -+ -+static bool -+aarch64_save_regs_above_locals_p () -+{ -+ /* When using stack smash protection, make sure that the canary slot -+ comes between the locals and the saved registers. Otherwise, -+ it would be possible for a carefully sized smash attack to change -+ the saved registers (particularly LR and FP) without reaching the -+ canary. */ -+ return crtl->stack_protect_guard; -+} -+ - /* Mark the registers that need to be saved by the callee and calculate - the size of the callee-saved registers area and frame record (both FP - and LR may be omitted). */ -@@ -8405,6 +8419,7 @@ aarch64_layout_frame (void) - poly_int64 vector_save_size = GET_MODE_SIZE (vector_save_mode); - bool frame_related_fp_reg_p = false; - aarch64_frame &frame = cfun->machine->frame; -+ poly_int64 top_of_locals = -1; - - frame.emit_frame_chain = aarch64_needs_frame_chain (); - -@@ -8471,9 +8486,16 @@ aarch64_layout_frame (void) - && !crtl->abi->clobbers_full_reg_p (regno)) - frame.reg_offset[regno] = SLOT_REQUIRED; - -+ bool regs_at_top_p = aarch64_save_regs_above_locals_p (); - - poly_int64 offset = crtl->outgoing_args_size; - gcc_assert (multiple_p (offset, STACK_BOUNDARY / BITS_PER_UNIT)); -+ if (regs_at_top_p) -+ { -+ offset += get_frame_size (); -+ offset = aligned_upper_bound (offset, STACK_BOUNDARY / BITS_PER_UNIT); -+ top_of_locals = offset; -+ } - frame.bytes_below_saved_regs = offset; - frame.sve_save_and_probe = INVALID_REGNUM; - -@@ -8613,15 +8635,18 @@ aarch64_layout_frame (void) - at expand_prologue. */ - gcc_assert (crtl->is_leaf || maybe_ne (saved_regs_size, 0)); - -- offset += get_frame_size (); -- offset = aligned_upper_bound (offset, STACK_BOUNDARY / BITS_PER_UNIT); -- auto top_of_locals = offset; -- -+ if (!regs_at_top_p) -+ { -+ offset += get_frame_size (); -+ offset = aligned_upper_bound (offset, STACK_BOUNDARY / BITS_PER_UNIT); -+ top_of_locals = offset; -+ } - offset += frame.saved_varargs_size; - gcc_assert (multiple_p (offset, STACK_BOUNDARY / BITS_PER_UNIT)); - frame.frame_size = offset; - - frame.bytes_above_hard_fp = frame.frame_size - frame.bytes_below_hard_fp; -+ gcc_assert (known_ge (top_of_locals, 0)); - frame.bytes_above_locals = frame.frame_size - top_of_locals; - - frame.initial_adjust = 0; -@@ -9930,10 +9955,10 @@ aarch64_epilogue_uses (int regno) - | for register varargs | - | | - +-------------------------------+ -- | local variables | <-- frame_pointer_rtx -+ | local variables (1) | <-- frame_pointer_rtx - | | - +-------------------------------+ -- | padding | -+ | padding (1) | - +-------------------------------+ - | callee-saved registers | - +-------------------------------+ -@@ -9945,6 +9970,10 @@ aarch64_epilogue_uses (int regno) - +-------------------------------+ - | SVE predicate registers | - +-------------------------------+ -+ | local variables (2) | -+ +-------------------------------+ -+ | padding (2) | -+ +-------------------------------+ - | dynamic allocation | - +-------------------------------+ - | padding | -@@ -9954,6 +9983,9 @@ aarch64_epilogue_uses (int regno) - +-------------------------------+ - | | <-- stack_pointer_rtx (aligned) - -+ The regions marked (1) and (2) are mutually exclusive. (2) is used -+ when aarch64_save_regs_above_locals_p is true. -+ - Dynamic stack allocations via alloca() decrease stack_pointer_rtx - but leave frame_pointer_rtx and hard_frame_pointer_rtx - unchanged. -@@ -10149,6 +10181,8 @@ aarch64_expand_prologue (void) - gcc_assert (known_eq (bytes_below_sp, final_adjust)); - aarch64_allocate_and_probe_stack_space (tmp1_rtx, tmp0_rtx, final_adjust, - !frame_pointer_needed, true); -+ if (emit_frame_chain && maybe_ne (final_adjust, 0)) -+ emit_insn (gen_stack_tie (stack_pointer_rtx, hard_frame_pointer_rtx)); - } - - /* Return TRUE if we can use a simple_return insn. -diff --git a/gcc/testsuite/gcc.target/aarch64/stack-protector-8.c b/gcc/testsuite/gcc.target/aarch64/stack-protector-8.c -new file mode 100644 -index 00000000000..e71d820e365 ---- /dev/null -+++ b/gcc/testsuite/gcc.target/aarch64/stack-protector-8.c -@@ -0,0 +1,95 @@ -+/* { dg-options " -O -fstack-protector-strong -mstack-protector-guard=sysreg -mstack-protector-guard-reg=tpidr2_el0 -mstack-protector-guard-offset=16" } */ -+/* { dg-final { check-function-bodies "**" "" } } */ -+ -+void g(void *); -+__SVBool_t *h(void *); -+ -+/* -+** test1: -+** sub sp, sp, #288 -+** stp x29, x30, \[sp, #?272\] -+** add x29, sp, #?272 -+** mrs (x[0-9]+), tpidr2_el0 -+** ldr (x[0-9]+), \[\1, #?16\] -+** str \2, \[sp, #?264\] -+** mov \2, #?0 -+** add x0, sp, #?8 -+** bl g -+** ... -+** mrs .* -+** ... -+** bne .* -+** ... -+** ldp x29, x30, \[sp, #?272\] -+** add sp, sp, #?288 -+** ret -+** bl __stack_chk_fail -+*/ -+int test1() { -+ int y[0x40]; -+ g(y); -+ return 1; -+} -+ -+/* -+** test2: -+** stp x29, x30, \[sp, #?-16\]! -+** mov x29, sp -+** sub sp, sp, #1040 -+** mrs (x[0-9]+), tpidr2_el0 -+** ldr (x[0-9]+), \[\1, #?16\] -+** str \2, \[sp, #?1032\] -+** mov \2, #?0 -+** add x0, sp, #?8 -+** bl g -+** ... -+** mrs .* -+** ... -+** bne .* -+** ... -+** add sp, sp, #?1040 -+** ldp x29, x30, \[sp\], #?16 -+** ret -+** bl __stack_chk_fail -+*/ -+int test2() { -+ int y[0x100]; -+ g(y); -+ return 1; -+} -+ -+#pragma GCC target "+sve" -+ -+/* -+** test3: -+** stp x29, x30, \[sp, #?-16\]! -+** mov x29, sp -+** addvl sp, sp, #-18 -+** ... -+** str p4, \[sp\] -+** ... -+** sub sp, sp, #272 -+** mrs (x[0-9]+), tpidr2_el0 -+** ldr (x[0-9]+), \[\1, #?16\] -+** str \2, \[sp, #?264\] -+** mov \2, #?0 -+** add x0, sp, #?8 -+** bl h -+** ... -+** mrs .* -+** ... -+** bne .* -+** ... -+** add sp, sp, #?272 -+** ... -+** ldr p4, \[sp\] -+** ... -+** addvl sp, sp, #18 -+** ldp x29, x30, \[sp\], #?16 -+** ret -+** bl __stack_chk_fail -+*/ -+__SVBool_t test3() { -+ int y[0x40]; -+ return *h(y); -+} -diff --git a/gcc/testsuite/gcc.target/aarch64/stack-protector-9.c b/gcc/testsuite/gcc.target/aarch64/stack-protector-9.c -new file mode 100644 -index 00000000000..58f322aa480 ---- /dev/null -+++ b/gcc/testsuite/gcc.target/aarch64/stack-protector-9.c -@@ -0,0 +1,33 @@ -+/* { dg-options "-O2 -mcpu=neoverse-v1 -fstack-protector-all" } */ -+/* { dg-final { check-function-bodies "**" "" } } */ -+ -+/* -+** main: -+** ... -+** stp x29, x30, \[sp, #?-[0-9]+\]! -+** ... -+** sub sp, sp, #[0-9]+ -+** ... -+** str x[0-9]+, \[x29, #?-8\] -+** ... -+*/ -+int f(const char *); -+void g(void *); -+int main(int argc, char* argv[]) -+{ -+ int a; -+ int b; -+ char c[2+f(argv[1])]; -+ int d[0x100]; -+ char y; -+ -+ y=42; a=4; b=10; -+ c[0] = 'h'; c[1] = '\0'; -+ -+ c[f(argv[2])] = '\0'; -+ -+ __builtin_printf("%d %d\n%s\n", a, b, c); -+ g(d); -+ -+ return 0; -+} --- -2.34.1 - diff --git a/meta/recipes-devtools/gcc/gcc/CVE-2024-0151.patch b/meta/recipes-devtools/gcc/gcc/CVE-2024-0151.patch deleted file mode 100644 index 12883388cb..0000000000 --- a/meta/recipes-devtools/gcc/gcc/CVE-2024-0151.patch +++ /dev/null @@ -1,315 +0,0 @@ -arm: Zero/Sign extends for CMSE security - -This patch makes the following changes: - -1) When calling a secure function from non-secure code then any arguments - smaller than 32-bits that are passed in registers are zero- or sign-extended. -2) After a non-secure function returns into secure code then any return value - smaller than 32-bits that is passed in a register is zero- or sign-extended. - -This patch addresses the following CVE-2024-0151. - -gcc/ChangeLog: - PR target/114837 - * config/arm/arm.cc (cmse_nonsecure_call_inline_register_clear): - Add zero/sign extend. - (arm_expand_prologue): Add zero/sign extend. - -gcc/testsuite/ChangeLog: - - * gcc.target/arm/cmse/extend-param.c: New test. - * gcc.target/arm/cmse/extend-return.c: New test. - -CVE: CVE-2024-0151 -Upstream-Status: Backport [https://gcc.gnu.org/pipermail/gcc-patches/2024-April/649973.html] -Signed-off-by: Mark Hatle - -diff --git a/gcc/config/arm/arm.cc b/gcc/config/arm/arm.cc -index 0217abc218d60956ce727e6d008d46b9176dddc5..ea0c963a4d67ecd70e1571624e84dfe46d757df9 100644 ---- a/gcc/config/arm/arm.cc -+++ b/gcc/config/arm/arm.cc -@@ -19210,6 +19210,30 @@ cmse_nonsecure_call_inline_register_clear (void) - end_sequence (); - emit_insn_before (seq, insn); - -+ /* The AAPCS requires the callee to widen integral types narrower -+ than 32 bits to the full width of the register; but when handling -+ calls to non-secure space, we cannot trust the callee to have -+ correctly done so. So forcibly re-widen the result here. */ -+ tree ret_type = TREE_TYPE (fntype); -+ if ((TREE_CODE (ret_type) == INTEGER_TYPE -+ || TREE_CODE (ret_type) == ENUMERAL_TYPE -+ || TREE_CODE (ret_type) == BOOLEAN_TYPE) -+ && known_lt (GET_MODE_SIZE (TYPE_MODE (ret_type)), 4)) -+ { -+ machine_mode ret_mode = TYPE_MODE (ret_type); -+ rtx extend; -+ if (TYPE_UNSIGNED (ret_type)) -+ extend = gen_rtx_ZERO_EXTEND (SImode, -+ gen_rtx_REG (ret_mode, R0_REGNUM)); -+ else -+ extend = gen_rtx_SIGN_EXTEND (SImode, -+ gen_rtx_REG (ret_mode, R0_REGNUM)); -+ emit_insn_after (gen_rtx_SET (gen_rtx_REG (SImode, R0_REGNUM), -+ extend), insn); -+ -+ } -+ -+ - if (TARGET_HAVE_FPCXT_CMSE) - { - rtx_insn *last, *pop_insn, *after = insn; -@@ -23652,6 +23676,51 @@ arm_expand_prologue (void) - - ip_rtx = gen_rtx_REG (SImode, IP_REGNUM); - -+ /* The AAPCS requires the callee to widen integral types narrower -+ than 32 bits to the full width of the register; but when handling -+ calls to non-secure space, we cannot trust the callee to have -+ correctly done so. So forcibly re-widen the result here. */ -+ if (IS_CMSE_ENTRY (func_type)) -+ { -+ function_args_iterator args_iter; -+ CUMULATIVE_ARGS args_so_far_v; -+ cumulative_args_t args_so_far; -+ bool first_param = true; -+ tree arg_type; -+ tree fndecl = current_function_decl; -+ tree fntype = TREE_TYPE (fndecl); -+ arm_init_cumulative_args (&args_so_far_v, fntype, NULL_RTX, fndecl); -+ args_so_far = pack_cumulative_args (&args_so_far_v); -+ FOREACH_FUNCTION_ARGS (fntype, arg_type, args_iter) -+ { -+ rtx arg_rtx; -+ -+ if (VOID_TYPE_P (arg_type)) -+ break; -+ -+ function_arg_info arg (arg_type, /*named=*/true); -+ if (!first_param) -+ /* We should advance after processing the argument and pass -+ the argument we're advancing past. */ -+ arm_function_arg_advance (args_so_far, arg); -+ first_param = false; -+ arg_rtx = arm_function_arg (args_so_far, arg); -+ gcc_assert (REG_P (arg_rtx)); -+ if ((TREE_CODE (arg_type) == INTEGER_TYPE -+ || TREE_CODE (arg_type) == ENUMERAL_TYPE -+ || TREE_CODE (arg_type) == BOOLEAN_TYPE) -+ && known_lt (GET_MODE_SIZE (GET_MODE (arg_rtx)), 4)) -+ { -+ if (TYPE_UNSIGNED (arg_type)) -+ emit_set_insn (gen_rtx_REG (SImode, REGNO (arg_rtx)), -+ gen_rtx_ZERO_EXTEND (SImode, arg_rtx)); -+ else -+ emit_set_insn (gen_rtx_REG (SImode, REGNO (arg_rtx)), -+ gen_rtx_SIGN_EXTEND (SImode, arg_rtx)); -+ } -+ } -+ } -+ - if (IS_STACKALIGN (func_type)) - { - rtx r0, r1; -diff --git a/gcc/testsuite/gcc.target/arm/cmse/extend-param.c b/gcc/testsuite/gcc.target/arm/cmse/extend-param.c -new file mode 100644 -index 0000000000000000000000000000000000000000..01fac7862385f871f3ecc246ede95eea180be025 ---- /dev/null -+++ b/gcc/testsuite/gcc.target/arm/cmse/extend-param.c -@@ -0,0 +1,96 @@ -+/* { dg-do compile } */ -+/* { dg-options "-mcmse" } */ -+/* { dg-final { check-function-bodies "**" "" "" } } */ -+ -+#include -+#include -+ -+#define ARRAY_SIZE (256) -+char array[ARRAY_SIZE]; -+ -+enum offset -+{ -+ zero = 0, -+ one = 1, -+ two = 2 -+}; -+ -+/* -+**__acle_se_unsignSecureFunc: -+** ... -+** uxtb r0, r0 -+** ... -+*/ -+__attribute__((cmse_nonsecure_entry)) char unsignSecureFunc (unsigned char index) { -+ if (index >= ARRAY_SIZE) -+ return 0; -+ return array[index]; -+} -+ -+/* -+**__acle_se_signSecureFunc: -+** ... -+** sxtb r0, r0 -+** ... -+*/ -+__attribute__((cmse_nonsecure_entry)) char signSecureFunc (signed char index) { -+ if (index >= ARRAY_SIZE) -+ return 0; -+ return array[index]; -+} -+ -+/* -+**__acle_se_shortUnsignSecureFunc: -+** ... -+** uxth r0, r0 -+** ... -+*/ -+__attribute__((cmse_nonsecure_entry)) char shortUnsignSecureFunc (unsigned short index) { -+ if (index >= ARRAY_SIZE) -+ return 0; -+ return array[index]; -+} -+ -+/* -+**__acle_se_shortSignSecureFunc: -+** ... -+** sxth r0, r0 -+** ... -+*/ -+__attribute__((cmse_nonsecure_entry)) char shortSignSecureFunc (signed short index) { -+ if (index >= ARRAY_SIZE) -+ return 0; -+ return array[index]; -+} -+ -+/* -+**__acle_se_enumSecureFunc: -+** ... -+** uxtb r0, r0 -+** ... -+*/ -+__attribute__((cmse_nonsecure_entry)) char enumSecureFunc (enum offset index) { -+ -+ // Compiler may optimize away bounds check as value is an unsigned char. -+ -+ // According to AAPCS caller will zero extend to ensure value is < 256. -+ -+ if (index >= ARRAY_SIZE) -+ return 0; -+ return array[index]; -+ -+} -+ -+/* -+**__acle_se_boolSecureFunc: -+** ... -+** uxtb r0, r0 -+** ... -+*/ -+__attribute__((cmse_nonsecure_entry)) char boolSecureFunc (bool index) { -+ -+ if (index >= ARRAY_SIZE) -+ return 0; -+ return array[index]; -+ -+} -\ No newline at end of file -diff --git a/gcc/testsuite/gcc.target/arm/cmse/extend-return.c b/gcc/testsuite/gcc.target/arm/cmse/extend-return.c -new file mode 100644 -index 0000000000000000000000000000000000000000..cf731ed33df7e6dc101320c1970016f01b14c59a ---- /dev/null -+++ b/gcc/testsuite/gcc.target/arm/cmse/extend-return.c -@@ -0,0 +1,92 @@ -+/* { dg-do compile } */ -+/* { dg-options "-mcmse" } */ -+/* { dg-final { check-function-bodies "**" "" "" } } */ -+ -+#include -+#include -+ -+enum offset -+{ -+ zero = 0, -+ one = 1, -+ two = 2 -+}; -+ -+typedef unsigned char __attribute__ ((cmse_nonsecure_call)) ns_unsign_foo_t (void); -+typedef signed char __attribute__ ((cmse_nonsecure_call)) ns_sign_foo_t (void); -+typedef unsigned short __attribute__ ((cmse_nonsecure_call)) ns_short_unsign_foo_t (void); -+typedef signed short __attribute__ ((cmse_nonsecure_call)) ns_short_sign_foo_t (void); -+typedef enum offset __attribute__ ((cmse_nonsecure_call)) ns_enum_foo_t (void); -+typedef bool __attribute__ ((cmse_nonsecure_call)) ns_bool_foo_t (void); -+ -+/* -+**unsignNonsecure0: -+** ... -+** bl __gnu_cmse_nonsecure_call -+** uxtb r0, r0 -+** ... -+*/ -+unsigned char unsignNonsecure0 (ns_unsign_foo_t * ns_foo_p) -+{ -+ return ns_foo_p (); -+} -+ -+/* -+**signNonsecure0: -+** ... -+** bl __gnu_cmse_nonsecure_call -+** sxtb r0, r0 -+** ... -+*/ -+signed char signNonsecure0 (ns_sign_foo_t * ns_foo_p) -+{ -+ return ns_foo_p (); -+} -+ -+/* -+**shortUnsignNonsecure0: -+** ... -+** bl __gnu_cmse_nonsecure_call -+** uxth r0, r0 -+** ... -+*/ -+unsigned short shortUnsignNonsecure0 (ns_short_unsign_foo_t * ns_foo_p) -+{ -+ return ns_foo_p (); -+} -+ -+/* -+**shortSignNonsecure0: -+** ... -+** bl __gnu_cmse_nonsecure_call -+** sxth r0, r0 -+** ... -+*/ -+signed short shortSignNonsecure0 (ns_short_sign_foo_t * ns_foo_p) -+{ -+ return ns_foo_p (); -+} -+ -+/* -+**enumNonsecure0: -+** ... -+** bl __gnu_cmse_nonsecure_call -+** uxtb r0, r0 -+** ... -+*/ -+unsigned char __attribute__((noipa)) enumNonsecure0 (ns_enum_foo_t * ns_foo_p) -+{ -+ return ns_foo_p (); -+} -+ -+/* -+**boolNonsecure0: -+** ... -+** bl __gnu_cmse_nonsecure_call -+** uxtb r0, r0 -+** ... -+*/ -+unsigned char boolNonsecure0 (ns_bool_foo_t * ns_foo_p) -+{ -+ return ns_foo_p (); -+} -\ No newline at end of file diff --git a/meta/recipes-devtools/gcc/gcc_13.2.bb b/meta/recipes-devtools/gcc/gcc_13.3.bb similarity index 100% rename from meta/recipes-devtools/gcc/gcc_13.2.bb rename to meta/recipes-devtools/gcc/gcc_13.3.bb diff --git a/meta/recipes-devtools/gcc/libgcc-initial_13.2.bb b/meta/recipes-devtools/gcc/libgcc-initial_13.3.bb similarity index 100% rename from meta/recipes-devtools/gcc/libgcc-initial_13.2.bb rename to meta/recipes-devtools/gcc/libgcc-initial_13.3.bb diff --git a/meta/recipes-devtools/gcc/libgcc_13.2.bb b/meta/recipes-devtools/gcc/libgcc_13.3.bb similarity index 100% rename from meta/recipes-devtools/gcc/libgcc_13.2.bb rename to meta/recipes-devtools/gcc/libgcc_13.3.bb diff --git a/meta/recipes-devtools/gcc/libgfortran_13.2.bb b/meta/recipes-devtools/gcc/libgfortran_13.3.bb similarity index 100% rename from meta/recipes-devtools/gcc/libgfortran_13.2.bb rename to meta/recipes-devtools/gcc/libgfortran_13.3.bb From patchwork Tue Jun 11 13:07:21 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Steve Sakoman X-Patchwork-Id: 44901 X-Patchwork-Delegate: steve@sakoman.com Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from aws-us-west-2-korg-lkml-1.web.codeaurora.org (localhost.localdomain [127.0.0.1]) by smtp.lore.kernel.org (Postfix) with ESMTP id B98C4C25B76 for ; Tue, 11 Jun 2024 13:07:46 +0000 (UTC) Received: from mail-pf1-f179.google.com (mail-pf1-f179.google.com [209.85.210.179]) by mx.groups.io with SMTP id smtpd.web11.9073.1718111266034094820 for ; Tue, 11 Jun 2024 06:07:46 -0700 Authentication-Results: mx.groups.io; dkim=pass header.i=@sakoman-com.20230601.gappssmtp.com header.s=20230601 header.b=UzF/PDMa; spf=softfail (domain: sakoman.com, ip: 209.85.210.179, mailfrom: steve@sakoman.com) Received: by mail-pf1-f179.google.com with SMTP id d2e1a72fcca58-704261a1f67so1140973b3a.3 for ; Tue, 11 Jun 2024 06:07:45 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=sakoman-com.20230601.gappssmtp.com; s=20230601; t=1718111265; x=1718716065; darn=lists.openembedded.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:from:to:cc:subject:date:message-id :reply-to; bh=FXcNPy4Z3bRdClAh+Cn6+AgXKGNd1kmXE2qAcsyLScE=; b=UzF/PDMagbVv7uvp8hGMmX2zUq0tjuHQZUGnaAPmId/mTsp19W2o5XyvLJe1qZ1fdi NTVPesniT2uS/Vp/LxyRkavx4gLelqCi4irEIk/cJZOfaUanW+99yYEKReAi6ncVGwaf eBbig+ogttmWCtjoYekfyIAekl6OECVL3QmDWBQDktt7PS9I+tbUneL/YyaFjO4jodXI 6rze/5fzrCpmcm3/7P1iHGzTnPvw8YB/l1uzysMI863s9eIO35/Yh0MzVDAFFCQ/jh+9 DqKhLlnrKX2V0YdZr0xbO+T7j7aaJGO04TxvzFfFf5rNnRVptXR27fkgOMTbSNs+Vt9n 0OPw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1718111265; x=1718716065; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=FXcNPy4Z3bRdClAh+Cn6+AgXKGNd1kmXE2qAcsyLScE=; b=iRPRzjv22B8r8UbKs5ZILD5ZtJRsrmclrOLPLx7lhe3tPUS9WxbEnBa9cfGW9q5+ZM 0ZQQx9VyKzOl0HZOAa6t4A8xi8FGjImzC9KznZj92A39IQkNH8fXzSgUstE49eAFjFgi Gx5jap4Es6MjFzcqH4Cp+DzUXlaocHMDaIlS7NJ3eS3lWf2IgKFXyRFpMcBeXg3R4MDH KTfnMGdleLRKvXkXtlme90Sqi2bmnssmSrwDZIviIHaHEQtfXOKaR0ZQe5X/7RQ1zGnt oY2Qx9kjvsJTMj8D/Bk2ev1wDARMRIeZgpAO6E7Ysv0Z+vrx9Qq0imCFsEcKjWJO8Y0k nwLQ== X-Gm-Message-State: AOJu0YzGGCRi9k77ixCsxiiDrTn/UV7y8j7yWzkzL9TCgw1jhomN5K6G avC8GtEOrFyt9vE6nbISX7Y+kMR2dHcVspXU/yw6ikahYgft1B+AqY0e2e85c6JdSFFEo5E+m4i A X-Google-Smtp-Source: AGHT+IHEQ6NVtei6mQRcubtj2uNazRH/ltQdg1TChAXoejYqCKSWGN25n6qlRRx0hIYwRwYcfUuxAQ== X-Received: by 2002:a05:6a20:9147:b0:1b7:ffb9:fb30 with SMTP id adf61e73a8af0-1b7ffba0ae9mr5240217637.42.1718111265247; Tue, 11 Jun 2024 06:07:45 -0700 (PDT) Received: from hexa.. ([98.142.47.158]) by smtp.gmail.com with ESMTPSA id 98e67ed59e1d1-2c3076dcf04sm4380915a91.48.2024.06.11.06.07.44 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Tue, 11 Jun 2024 06:07:45 -0700 (PDT) From: Steve Sakoman To: openembedded-core@lists.openembedded.org Subject: [OE-core][scarthgap 06/10] git: upgrade 2.44.0 -> 2.44.1 Date: Tue, 11 Jun 2024 06:07:21 -0700 Message-Id: <3a7ef46ebaf8d4b470ef5b6803dc3b76c22a97c2.1718111104.git.steve@sakoman.com> X-Mailer: git-send-email 2.34.1 In-Reply-To: References: MIME-Version: 1.0 List-Id: X-Webhook-Received: from li982-79.members.linode.com [45.33.32.79] by aws-us-west-2-korg-lkml-1.web.codeaurora.org with HTTPS for ; Tue, 11 Jun 2024 13:07:46 -0000 X-Groupsio-URL: https://lists.openembedded.org/g/openembedded-core/message/200515 From: Soumya Sambu Addresses the security issues - CVE-2024-32002, CVE-2024-32004, CVE-2024-32020,CVE-2024-32021 and CVE-2024-32465 Changelog: ========== https://raw.githubusercontent.com/git/git/master/Documentation/RelNotes/2.44.1.txt Signed-off-by: Soumya Sambu Signed-off-by: Alexandre Belloni Signed-off-by: Richard Purdie (cherry picked from commit 767f9515013790c9a6b945fae9de03c9e5b89b80) Signed-off-by: Steve Sakoman --- meta/recipes-devtools/git/{git_2.44.0.bb => git_2.44.1.bb} | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) rename meta/recipes-devtools/git/{git_2.44.0.bb => git_2.44.1.bb} (98%) diff --git a/meta/recipes-devtools/git/git_2.44.0.bb b/meta/recipes-devtools/git/git_2.44.1.bb similarity index 98% rename from meta/recipes-devtools/git/git_2.44.0.bb rename to meta/recipes-devtools/git/git_2.44.1.bb index 78b00dd19f..53d67eb40a 100644 --- a/meta/recipes-devtools/git/git_2.44.0.bb +++ b/meta/recipes-devtools/git/git_2.44.1.bb @@ -164,4 +164,4 @@ EXTRA_OECONF += "ac_cv_snprintf_returns_bogus=no \ " EXTRA_OEMAKE += "NO_GETTEXT=1" -SRC_URI[tarball.sha256sum] = "f9e36f085458fe9688fbbe7846b8c4770b13d161fcd8953655f36b2b85f06b76" +SRC_URI[tarball.sha256sum] = "118214bb8d7ba971a62741416e757562b8f5451cefc087a407e91857897c92cc" From patchwork Tue Jun 11 13:07:22 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Steve Sakoman X-Patchwork-Id: 44903 X-Patchwork-Delegate: steve@sakoman.com Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from aws-us-west-2-korg-lkml-1.web.codeaurora.org (localhost.localdomain [127.0.0.1]) by smtp.lore.kernel.org (Postfix) with ESMTP id C5D50C41513 for ; Tue, 11 Jun 2024 13:07:56 +0000 (UTC) Received: from mail-pj1-f47.google.com (mail-pj1-f47.google.com [209.85.216.47]) by mx.groups.io with SMTP id smtpd.web11.9074.1718111267567763634 for ; Tue, 11 Jun 2024 06:07:47 -0700 Authentication-Results: mx.groups.io; dkim=pass header.i=@sakoman-com.20230601.gappssmtp.com header.s=20230601 header.b=jScxctFY; spf=softfail (domain: sakoman.com, ip: 209.85.216.47, mailfrom: steve@sakoman.com) Received: by mail-pj1-f47.google.com with SMTP id 98e67ed59e1d1-2c2ecd25e5aso2365043a91.2 for ; Tue, 11 Jun 2024 06:07:47 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=sakoman-com.20230601.gappssmtp.com; s=20230601; t=1718111267; x=1718716067; darn=lists.openembedded.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:from:to:cc:subject:date:message-id :reply-to; bh=L46MHHje+fscvJe3u7fg/B47wrrXLFYcEaKykHlrvj4=; b=jScxctFY6O+SmGyb4BbKkH0ojVZuS8AHm8huiQHCcZaj9zbkcT4ObA6Hztd/oFdqwI dWWefYAJBZ6flKDxRjZLsCc9tHG4FfE49javxH0eEOFrZ/5HIe8bokpwz1dmJdzYdJAI ZHA0gmMWkkpm0zqBme5cT678KTZXdP85ShS3UitwpWxsOnDEdI0xWOhdET4LYzjdgtFP fnO+Mbee4pC/bm3/JHlyoaHsiVHKZcRujJ6hQyZJXjPyMQ3yz9h0ygqAg/zUsE+U5nS+ SGrQP14qCTuoc+VXseR7o/pwz8a5D+d6PrxruxNu3XYkdtGvf9lslJtwlQFhzuWnAgvf Nvrg== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1718111267; x=1718716067; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=L46MHHje+fscvJe3u7fg/B47wrrXLFYcEaKykHlrvj4=; b=b1+ictstTVTQhHQ8YWG7nDbnWRWJ6OrN4kXVvyQowVjijx4D+Rg8ShmRC6x+eps5tU 6xIKnfjh6bKyOWpDKE6/JSFVTwLtHA3QmWML0+lbt1aYO2bn5hOKeOnqm/CjsfBqPakj qa/u1rsVjTwGcmYbIyKGSGnt8Q2fZmaOhQK/H6L6QAJ/y16bScwIAZ1cdP+5W5upEX/h 4VUPpQGwrS22XYRQD6Dz14Wo9xsNOs9Mt8basn4KJvqqz9/GgHGJU5YqjpChjBYLrV0G IsFH9ItCqZlwnOJESYev5wjbHQuDqd+ayyZBH7gVz+xYKUut85/5PqnFezV0sy2qcNWE YJKQ== X-Gm-Message-State: AOJu0Yz2tAgsNy1JGbLO1CLMuYwwQe70R8tEUfaAzNHmzjLPp4WGYKvH A48KlhwN5Kaqh0wbckk2+dySgJWe8UjjPJUpRiyqp7tc8mcUgo+wT1b4sObazH18kPFN8cHzkTe H X-Google-Smtp-Source: AGHT+IE5pi9doesXKjeRsSuPZqlPA2yVS5pY6HWOWa8tg1BZYkz5xaOnBz/8Cn5UHwzbuWF8+fyQnA== X-Received: by 2002:a17:90a:c28a:b0:2c2:fd6b:cfa with SMTP id 98e67ed59e1d1-2c2fd6b122amr5970328a91.18.1718111266802; Tue, 11 Jun 2024 06:07:46 -0700 (PDT) Received: from hexa.. ([98.142.47.158]) by smtp.gmail.com with ESMTPSA id 98e67ed59e1d1-2c3076dcf04sm4380915a91.48.2024.06.11.06.07.46 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Tue, 11 Jun 2024 06:07:46 -0700 (PDT) From: Steve Sakoman To: openembedded-core@lists.openembedded.org Subject: [OE-core][scarthgap 07/10] run-postinsts.service: Removed --no-reload to fix reload warning when users execute systemctl in the first boot. Date: Tue, 11 Jun 2024 06:07:22 -0700 Message-Id: X-Mailer: git-send-email 2.34.1 In-Reply-To: References: MIME-Version: 1.0 List-Id: X-Webhook-Received: from li982-79.members.linode.com [45.33.32.79] by aws-us-west-2-korg-lkml-1.web.codeaurora.org with HTTPS for ; Tue, 11 Jun 2024 13:07:56 -0000 X-Groupsio-URL: https://lists.openembedded.org/g/openembedded-core/message/200516 From: Lei Maohui This warning is because after systemd has been upgraded to 255, reloading units operation is needed even when "enable/disable" units by systemctl. (From OE-Core rev: 28a7064403f2433ef3cb4d52b03dd73437f2d665) Signed-off-by: Lei Maohui Signed-off-by: Alexandre Belloni Signed-off-by: Richard Purdie Signed-off-by: Zhang Peng Signed-off-by: Steve Sakoman --- .../run-postinsts/run-postinsts/run-postinsts.service | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/meta/recipes-devtools/run-postinsts/run-postinsts/run-postinsts.service b/meta/recipes-devtools/run-postinsts/run-postinsts/run-postinsts.service index b6b81d5c1a..1ce19abcaf 100644 --- a/meta/recipes-devtools/run-postinsts/run-postinsts/run-postinsts.service +++ b/meta/recipes-devtools/run-postinsts/run-postinsts/run-postinsts.service @@ -7,7 +7,7 @@ Before=sysinit.target [Service] Type=oneshot ExecStart=#SBINDIR#/run-postinsts -ExecStartPost=#BASE_BINDIR#/systemctl --no-reload disable run-postinsts.service +ExecStartPost=#BASE_BINDIR#/systemctl disable run-postinsts.service RemainAfterExit=yes TimeoutSec=0 From patchwork Tue Jun 11 13:07:23 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-Patchwork-Submitter: Steve Sakoman X-Patchwork-Id: 44905 X-Patchwork-Delegate: steve@sakoman.com Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from aws-us-west-2-korg-lkml-1.web.codeaurora.org (localhost.localdomain [127.0.0.1]) by smtp.lore.kernel.org (Postfix) with ESMTP id D9528C27C5E for ; Tue, 11 Jun 2024 13:07:56 +0000 (UTC) Received: from mail-pg1-f181.google.com (mail-pg1-f181.google.com [209.85.215.181]) by mx.groups.io with SMTP id smtpd.web10.9097.1718111269124265928 for ; Tue, 11 Jun 2024 06:07:49 -0700 Authentication-Results: mx.groups.io; dkim=pass header.i=@sakoman-com.20230601.gappssmtp.com header.s=20230601 header.b=Kn0Goort; spf=softfail (domain: sakoman.com, ip: 209.85.215.181, mailfrom: steve@sakoman.com) Received: by mail-pg1-f181.google.com with SMTP id 41be03b00d2f7-6818eea9c3aso4129474a12.1 for ; Tue, 11 Jun 2024 06:07:49 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=sakoman-com.20230601.gappssmtp.com; s=20230601; t=1718111268; x=1718716068; darn=lists.openembedded.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:from:to:cc:subject:date:message-id :reply-to; bh=HB3wQQSTrKKRN+iyiyn8aw6p67oxD/UTIcrsqdB/ft8=; b=Kn0Goort6wAUS9MC+gs1Yzw3LQ96SihrQNKtxLE9TwL5bDC4urkUol/dKeOJUbmUri d3xwCgNdCU25EU4MsTeNc7OLNN++VZpTVm18IiQPC9Kg9y8YVKkgmfqoS8iYV6YDNmVi CNu+RsFgXmQhT2I75D+wPqoqXZil/9VVZ2Wwn9Cq2Up6vZwjGkSghefBo1TEdM4V3epf Zl39+I81iIc3ZpW/xjxz60YIbeZskJIUHgz2Jr34aAiq4aCgOCHIHt21fP0Nir2U0sLK jOZDbkn7QQXYcZUWJMPVDfznsRmrJhQoZX+S48xofFXJ8LnL5blduvon+2HkVq3hQ89r 7+Gw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1718111268; x=1718716068; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=HB3wQQSTrKKRN+iyiyn8aw6p67oxD/UTIcrsqdB/ft8=; b=MjdB/mso11DIetrn1Lvk+K+khKFk47t3TG9v/p8mnSDlazInqFiOTUYub76OQyfxQW IqLWfPaJu4i4jMQrhkOtg/NHjyWU4w4Or+b3GjfLsr0/CMp813ADFZMyXOFvVV9CecgP ggOE/Bke0ceyMY0cozEdnjLKExz7S83K9xla1yk/b/bUWp/4PCoaiSDwqkPTruXRUlWp toYLQpDxQSnXHJaxVehJJL/tEMGQZh/pqE2LNDJ8j5TAz0sLg6eoG8gY/JhwelVWd01g nA+GjU8uszYUjWzqnGzFeOUbjxybTxVJQYB4VjR238c4j0NBybX39Gkjt5ZqHKF6z2pD ztMA== X-Gm-Message-State: AOJu0Yx3YnSd5MwS1XGn2LBrHg+XHXrhnesJ/E5ZgOZ9Nm7M2r7cVxnI 00PQmduyM7nIDS0dRdDr2qWsCruFEzUUBfoSMcpfw4NSTbYZaIfJp4kVmX1X3MAZQDoyP1ZOObr o X-Google-Smtp-Source: AGHT+IEFgkI6rNxiFeu0iGDC8K48agYDPvWfmFPOAnqzBGZW8882u7SpFduFPyQLnYlajtL5AI/w7A== X-Received: by 2002:a17:90a:b793:b0:2c3:3cee:7d7b with SMTP id 98e67ed59e1d1-2c33cee928cmr982919a91.0.1718111268118; Tue, 11 Jun 2024 06:07:48 -0700 (PDT) Received: from hexa.. ([98.142.47.158]) by smtp.gmail.com with ESMTPSA id 98e67ed59e1d1-2c3076dcf04sm4380915a91.48.2024.06.11.06.07.47 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Tue, 11 Jun 2024 06:07:47 -0700 (PDT) From: Steve Sakoman To: openembedded-core@lists.openembedded.org Subject: [OE-core][scarthgap 08/10] classes: image_types: quote variable assignment needed by dash Date: Tue, 11 Jun 2024 06:07:23 -0700 Message-Id: X-Mailer: git-send-email 2.34.1 In-Reply-To: References: MIME-Version: 1.0 List-Id: X-Webhook-Received: from li982-79.members.linode.com [45.33.32.79] by aws-us-west-2-korg-lkml-1.web.codeaurora.org with HTTPS for ; Tue, 11 Jun 2024 13:07:56 -0000 X-Groupsio-URL: https://lists.openembedded.org/g/openembedded-core/message/200517 From: Martin Hundeb?ll The change in commit 39fc503036 ("classes: image_types: apply EXTRA_IMAGECMD:squashfs* in oe_mksquashfs()") assigns $@ to a local variable without quoting it. While this works with bash, it fails with dash. Here, only the first token of $@ is assigned to the variable, and the reamining tokens are passed as arguments to the "local" keyword. Fix it by adding the missing quotes. Signed-off-by: Martin Hundebøll Signed-off-by: Alexandre Belloni Signed-off-by: Richard Purdie (cherry picked from commit 14ca134f9f72d518c9180156a8efac19f8bb3ab0) Signed-off-by: Steve Sakoman --- meta/classes-recipe/image_types.bbclass | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/meta/classes-recipe/image_types.bbclass b/meta/classes-recipe/image_types.bbclass index b4a83ae284..2f948ecbf8 100644 --- a/meta/classes-recipe/image_types.bbclass +++ b/meta/classes-recipe/image_types.bbclass @@ -113,7 +113,7 @@ IMAGE_CMD:btrfs () { oe_mksquashfs () { local comp=$1; shift - local extra_imagecmd=$@ + local extra_imagecmd="$@" if [ "$comp" = "zstd" ]; then suffix="zst" From patchwork Tue Jun 11 13:07:24 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Steve Sakoman X-Patchwork-Id: 44906 X-Patchwork-Delegate: steve@sakoman.com Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from aws-us-west-2-korg-lkml-1.web.codeaurora.org (localhost.localdomain [127.0.0.1]) by smtp.lore.kernel.org (Postfix) with ESMTP id CD5EDC27C75 for ; Tue, 11 Jun 2024 13:07:56 +0000 (UTC) Received: from mail-pj1-f47.google.com (mail-pj1-f47.google.com [209.85.216.47]) by mx.groups.io with SMTP id smtpd.web10.9098.1718111270273992007 for ; Tue, 11 Jun 2024 06:07:50 -0700 Authentication-Results: mx.groups.io; dkim=pass header.i=@sakoman-com.20230601.gappssmtp.com header.s=20230601 header.b=DvkYW4n1; spf=softfail (domain: sakoman.com, ip: 209.85.216.47, mailfrom: steve@sakoman.com) Received: by mail-pj1-f47.google.com with SMTP id 98e67ed59e1d1-2c2e0ca8f90so2486596a91.0 for ; Tue, 11 Jun 2024 06:07:50 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=sakoman-com.20230601.gappssmtp.com; s=20230601; t=1718111269; x=1718716069; darn=lists.openembedded.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:from:to:cc:subject:date:message-id :reply-to; bh=Js/ma3FMcyRBVK9vlxQIBsiHAANEkueZyL6SudyOc8Y=; b=DvkYW4n1BYCtJ16hw3tf9vVvSmfeTjhHy4X6QYN2hJf2Nq3dqWj7YDieeyd+2R1QUn obcCqrTQi5vYtANP/oiaFUMAfKLkQ2GT3nKGNShFJ5eDJQL5BeHchAIi2RS35ZhvSQkC 06zQbSsC6VMAo1CyZAFDdiPJN/2y787V9tNd84oOZotX5VLF3q2sN6BC9mztITdYbrEq yTUQSGpbkHz7V6oczDuqvPgj0SVc5CYcbnavHHx2kOVdDNzULdPIg9D3KhOv31SyeoEo K8N7PvMf53fobqcrIV4yqZLQHywj2Vt0p1xQ5mH8cVG+DrlSPzl8rEkbPURDGsWZmRJ3 2LWg== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1718111269; x=1718716069; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=Js/ma3FMcyRBVK9vlxQIBsiHAANEkueZyL6SudyOc8Y=; b=Hw8deR7HcdxL3K2+RrC9c0tutFAbOr+OII2IzjTadnxjXV0X7xfWDDjvKTe1H6MAeP BVjkxymTMttfTNOXF6/z9JhGKShruIq57+RJl9Y/cSeFkBuiqlhPZq55z6m4KDWgc0DA FgTVhh3hGeLq1Tc9ccgsz5RI1rOzFVsiLcUlgGphVlp29MfMdmBnsRJKBo78PZLN6eYh AAfFers151sa/u1XbRZvasXNHcCEAWEZ3lArIDWeyaDzPiElhg7Pe80yzEz3NSPdzd0C /0pKjzcdVoVIiQlbOVOYOD2BfWLIBBMss5/yVtWASSmXWgOTzumgR2ap3/2dP8vEr+MI mhRw== X-Gm-Message-State: AOJu0YzhjpXGLVNyQCgv5tAPVEBSdnms27nMIk8w9daqmdTXsC1OwSup 2q7i/F3f+AVewvMkW6q7t+5J+l7Tr4+RZVgMQnDvRpIkdS3Kdg4BUi8sXPxcoUwHuYefA+iCBh3 Y X-Google-Smtp-Source: AGHT+IGMcES44SbjMc8zc2U2L8QL6N8qnkYdMTpDIXAv/Ei2wBjp+jYwBcTJm3Rt7Rs8dg/eLrXPPw== X-Received: by 2002:a17:90a:5381:b0:2c1:a9d5:9b58 with SMTP id 98e67ed59e1d1-2c2bcad11f0mr8646330a91.1.1718111269528; Tue, 11 Jun 2024 06:07:49 -0700 (PDT) Received: from hexa.. ([98.142.47.158]) by smtp.gmail.com with ESMTPSA id 98e67ed59e1d1-2c3076dcf04sm4380915a91.48.2024.06.11.06.07.49 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Tue, 11 Jun 2024 06:07:49 -0700 (PDT) From: Steve Sakoman To: openembedded-core@lists.openembedded.org Subject: [OE-core][scarthgap 09/10] libgloss: Do not apply non-existent patch Date: Tue, 11 Jun 2024 06:07:24 -0700 Message-Id: <71231580e9e5d0060a0ea41d29152d43846a00f1.1718111104.git.steve@sakoman.com> X-Mailer: git-send-email 2.34.1 In-Reply-To: References: MIME-Version: 1.0 List-Id: X-Webhook-Received: from li982-79.members.linode.com [45.33.32.79] by aws-us-west-2-korg-lkml-1.web.codeaurora.org with HTTPS for ; Tue, 11 Jun 2024 13:07:56 -0000 X-Groupsio-URL: https://lists.openembedded.org/g/openembedded-core/message/200518 From: Robert Joslyn When newlib and libgloss were updated to 4.3.0, SRC_URI was updated to append a fix-rs6000-cflags.patch file when building on PowerPC, but this file was not added to the repo. Remove appending the missing patch. Signed-off-by: Robert Joslyn Signed-off-by: Alexandre Belloni Signed-off-by: Richard Purdie (cherry picked from commit 64561d8b81233a19df5f51d26dfbcd15835bec1f) Signed-off-by: Steve Sakoman --- meta/recipes-core/newlib/libgloss_git.bb | 1 - 1 file changed, 1 deletion(-) diff --git a/meta/recipes-core/newlib/libgloss_git.bb b/meta/recipes-core/newlib/libgloss_git.bb index 7e34e33c7a..3c97a7f296 100644 --- a/meta/recipes-core/newlib/libgloss_git.bb +++ b/meta/recipes-core/newlib/libgloss_git.bb @@ -6,7 +6,6 @@ FILESEXTRAPATHS:prepend := "${THISDIR}/libgloss:" SRC_URI:append = " file://libgloss-build-without-nostdinc.patch" SRC_URI:append:powerpc = " file://fix-rs6000-crt0.patch" -SRC_URI:append:powerpc = " file://fix-rs6000-cflags.patch" do_configure() { ${S}/libgloss/configure ${EXTRA_OECONF} From patchwork Tue Jun 11 13:07:25 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Steve Sakoman X-Patchwork-Id: 44904 X-Patchwork-Delegate: steve@sakoman.com Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from aws-us-west-2-korg-lkml-1.web.codeaurora.org (localhost.localdomain [127.0.0.1]) by smtp.lore.kernel.org (Postfix) with ESMTP id C053AC25B76 for ; Tue, 11 Jun 2024 13:07:56 +0000 (UTC) Received: from mail-pj1-f49.google.com (mail-pj1-f49.google.com [209.85.216.49]) by mx.groups.io with SMTP id smtpd.web10.9101.1718111272225671317 for ; Tue, 11 Jun 2024 06:07:52 -0700 Authentication-Results: mx.groups.io; dkim=pass header.i=@sakoman-com.20230601.gappssmtp.com header.s=20230601 header.b=cZkUi+BR; spf=softfail (domain: sakoman.com, ip: 209.85.216.49, mailfrom: steve@sakoman.com) Received: by mail-pj1-f49.google.com with SMTP id 98e67ed59e1d1-2c1ab9e17f6so4905333a91.1 for ; Tue, 11 Jun 2024 06:07:52 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=sakoman-com.20230601.gappssmtp.com; s=20230601; t=1718111271; x=1718716071; darn=lists.openembedded.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:from:to:cc:subject:date:message-id :reply-to; bh=Xo46rhG8LCnIj5Ogxz5INIK7766P8LNPP44E7YTD8y8=; b=cZkUi+BRO0vlyKFp/qvOgDpl15CRWJIidSiWxGi+Ctibtlwq8BUBui0LV0SWSwXEPx QxKOz/HIklNjP+Zdy9zN8w2EfuzPx1KlM0M6CJ0YUbbl+eOImdoHwsfm7vVj1lJaXKcW 0FP/IZjBwIsCyE9ZC06E22IE4uU/TuFzqa+IhDo/jOX3s/DHfx7Kuuf4siepVJlTR4E3 CMfJAv0mGXWBtO0QhW/ao8PO9eCPeHXgZYLpA0t65UW1di5vvwrzmBDczH+Tk/obYZWp hBYq7P8dX4sNu/Rrsiok3QqACdKQkdkIqScO8qHisp8MCMaAX1/Gh8f8kptrApuAbDri Amdg== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1718111271; x=1718716071; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=Xo46rhG8LCnIj5Ogxz5INIK7766P8LNPP44E7YTD8y8=; b=As6BWhW9ouSIdSpck4cO3RnQTA9hJOCxZ83cULkQ7KOH4vs/ZbtGyEbz11uI9tjZo+ BsHOc1khRzh4hc+55OgTdB4vsOqMXIYV+ZrWTkrDvlA29lPasIAhbpTbsIRUUhbeQjhx rymQEQXyHPo44e8kRCn2D0Xg2ohvM/ecjgl+WoiRCs0MgFa4w3yTNcO0+iNog1Cgdxxr 62pNOmhcJ6YoF/4pLyta5MvEs10I79c4FnCYF48R9DAHhelTt4F3AVdZWcA7dNZXj41F bsGBptU6nJZKZYJVUFLW7/ET6tDQFxUIKOdu6HXrTwlrKzg5p8MG5WfdXt0psdlgmFlM P9+Q== X-Gm-Message-State: AOJu0YxyKM6lj5Z3hMh1Bc/pgDQrpt24yII7WYP+YUVnOYQnsnhnz+hB FEtSMdolHmLHQ5eLgs5wBQNM+e8rz+/ORiKFfKEulfNFbTusWD7PQvfE0aRg9lTHA4G4eFdcrT/ o X-Google-Smtp-Source: AGHT+IFqr97oYb4ZRsBtI5UyjWFIXyx4wP+DcaxUYkRFsxBt4tvO21ujUmInWjoDR6r0+Jf/gOJvMA== X-Received: by 2002:a17:90a:fc93:b0:2c3:2da1:c8bc with SMTP id 98e67ed59e1d1-2c32da1ce04mr2274027a91.15.1718111271031; Tue, 11 Jun 2024 06:07:51 -0700 (PDT) Received: from hexa.. ([98.142.47.158]) by smtp.gmail.com with ESMTPSA id 98e67ed59e1d1-2c3076dcf04sm4380915a91.48.2024.06.11.06.07.50 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Tue, 11 Jun 2024 06:07:50 -0700 (PDT) From: Steve Sakoman To: openembedded-core@lists.openembedded.org Subject: [OE-core][scarthgap 10/10] binutils: Fix aarch64 disassembly abort Date: Tue, 11 Jun 2024 06:07:25 -0700 Message-Id: <3b070fc3963d04ce8c13b5b78c3b7ae95e26c435.1718111104.git.steve@sakoman.com> X-Mailer: git-send-email 2.34.1 In-Reply-To: References: MIME-Version: 1.0 List-Id: X-Webhook-Received: from li982-79.members.linode.com [45.33.32.79] by aws-us-west-2-korg-lkml-1.web.codeaurora.org with HTTPS for ; Tue, 11 Jun 2024 13:07:56 -0000 X-Groupsio-URL: https://lists.openembedded.org/g/openembedded-core/message/200519 From: Mark Hatle Code backported from binutils development tree. aarch64: Remove asserts from operand qualifier decoders [PR31595] Given that the disassembler should never abort when decoding (potentially random) data, assertion statements in the `get_*reg_qualifier_from_value' function family prove problematic. ... Signed-off-by: Mark Hatle Signed-off-by: Alexandre Belloni Signed-off-by: Richard Purdie (cherry picked from commit 00f3d8495a1d8fe44336b53c5a9d9a5f8a8d5664) Signed-off-by: Steve Sakoman --- .../binutils/binutils-2.42.inc | 1 + ...sserts-from-operand-qualifier-decode.patch | 382 ++++++++++++++++++ 2 files changed, 383 insertions(+) create mode 100644 meta/recipes-devtools/binutils/binutils/0016-aarch64-Remove-asserts-from-operand-qualifier-decode.patch diff --git a/meta/recipes-devtools/binutils/binutils-2.42.inc b/meta/recipes-devtools/binutils/binutils-2.42.inc index 3b6f47d4ce..d2f49560f3 100644 --- a/meta/recipes-devtools/binutils/binutils-2.42.inc +++ b/meta/recipes-devtools/binutils/binutils-2.42.inc @@ -36,5 +36,6 @@ SRC_URI = "\ file://0013-Define-alignof-using-_Alignof-when-using-C11-or-newe.patch \ file://0014-Remove-duplicate-pe-dll.o-entry-deom-targ_extra_ofil.patch \ file://0015-gprofng-change-use-of-bignum-to-bigint.patch \ + file://0016-aarch64-Remove-asserts-from-operand-qualifier-decode.patch \ " S = "${WORKDIR}/git" diff --git a/meta/recipes-devtools/binutils/binutils/0016-aarch64-Remove-asserts-from-operand-qualifier-decode.patch b/meta/recipes-devtools/binutils/binutils/0016-aarch64-Remove-asserts-from-operand-qualifier-decode.patch new file mode 100644 index 0000000000..7b52425a38 --- /dev/null +++ b/meta/recipes-devtools/binutils/binutils/0016-aarch64-Remove-asserts-from-operand-qualifier-decode.patch @@ -0,0 +1,382 @@ +From 5b1c70bfe0d8f84dc28237d6150b7b9d57c791a8 Mon Sep 17 00:00:00 2001 +From: Victor Do Nascimento +Date: Tue, 16 Apr 2024 11:49:15 +0100 +Subject: [PATCH] aarch64: Remove asserts from operand qualifier decoders + [PR31595] + +Given that the disassembler should never abort when decoding +(potentially random) data, assertion statements in the +`get_*reg_qualifier_from_value' function family prove problematic. + +Consider the random 32-bit word W, encoded in a data segment and +encountered on execution of `objdump -D '. + +If: + + (W & ~opcode_mask) == valid instruction + +Then before `print_insn_aarch64_word' has a chance to report the +instruction as potentially undefined, an attempt will be made to have +the qualifiers for the instruction's register operands (if any) +decoded. If the relevant bits do not map onto a valid qualifier for +the matched instruction-like word, an abort will be triggered and the +execution of objdump aborted. + +As this scenario is perfectly feasible and, in light of the fact that +objdump must successfully decode all sections of a given object file, +it is not appropriate to assert in this family of functions. + +Therefore, we add a new pseudo-qualifier `AARCH64_OPND_QLF_ERR' for +handling invalid qualifier-associated values and re-purpose the +assertion conditions in qualifier-retrieving functions to be the +predicate guarding the returning of the calculated qualifier type. +If the predicate fails, we return this new qualifier and allow the +caller to handle the error as appropriate. + +As these functions are called either from within +`aarch64_extract_operand' or `do_special_decoding', both of which are +expected to return non-zero values, it suffices that callers return +zero upon encountering `AARCH64_OPND_QLF_ERR'. + +Ar present the error presented in the hypothetical scenario has been +encountered in `get_sreg_qualifier_from_value', but the change is made +to the whole family to keep the interface consistent. + +Bug: https://sourceware.org/PR31595 + +Upstream-Status: Backport [commit 2601b201e95ea0edab89342ee7137c74e88a8a79] + +Signed-off-by: Mark Hatle +--- + .../testsuite/binutils-all/aarch64/illegal.d | 1 + + .../testsuite/binutils-all/aarch64/illegal.s | 3 + + include/opcode/aarch64.h | 3 + + opcodes/aarch64-dis.c | 98 +++++++++++++++---- + 4 files changed, 87 insertions(+), 18 deletions(-) + +diff --git a/binutils/testsuite/binutils-all/aarch64/illegal.d b/binutils/testsuite/binutils-all/aarch64/illegal.d +index 4b90a1d9f39..b69318aec85 100644 +--- a/binutils/testsuite/binutils-all/aarch64/illegal.d ++++ b/binutils/testsuite/binutils-all/aarch64/illegal.d +@@ -8,5 +8,6 @@ Disassembly of section \.text: + + 0+000 <.*>: + [ ]+0:[ ]+68ea18cc[ ]+.inst[ ]+0x68ea18cc ; undefined ++[ ]+4:[ ]+9dc39839[ ]+.inst[ ]+0x9dc39839 ; undefined + #pass + +diff --git a/binutils/testsuite/binutils-all/aarch64/illegal.s b/binutils/testsuite/binutils-all/aarch64/illegal.s +index 216cbe6f265..43668c6db55 100644 +--- a/binutils/testsuite/binutils-all/aarch64/illegal.s ++++ b/binutils/testsuite/binutils-all/aarch64/illegal.s +@@ -4,4 +4,7 @@ + # ldpsw x12, x6, [x6],#-8 ; illegal because one of the dest regs is also the address reg + .inst 0x68ea18cc + ++ # illegal, resembles the opcode `ldapur' with invalid qualifier bits ++ .inst 0x9dc39839 ++ + # FIXME: Add more illegal instructions here. +diff --git a/include/opcode/aarch64.h b/include/opcode/aarch64.h +index 2fca9528c20..e8fe93ef127 100644 +--- a/include/opcode/aarch64.h ++++ b/include/opcode/aarch64.h +@@ -894,6 +894,9 @@ enum aarch64_opnd_qualifier + /* Special qualifier helping retrieve qualifier information during the + decoding time (currently not in use). */ + AARCH64_OPND_QLF_RETRIEVE, ++ ++ /* Special qualifier used for indicating error in qualifier retrieval. */ ++ AARCH64_OPND_QLF_ERR, + }; + + /* Instruction class. */ +diff --git a/opcodes/aarch64-dis.c b/opcodes/aarch64-dis.c +index 96f42ae862a..b70e6da9eb7 100644 +--- a/opcodes/aarch64-dis.c ++++ b/opcodes/aarch64-dis.c +@@ -219,9 +219,10 @@ static inline enum aarch64_opnd_qualifier + get_greg_qualifier_from_value (aarch64_insn value) + { + enum aarch64_opnd_qualifier qualifier = AARCH64_OPND_QLF_W + value; +- assert (value <= 0x1 +- && aarch64_get_qualifier_standard_value (qualifier) == value); +- return qualifier; ++ if (value <= 0x1 ++ && aarch64_get_qualifier_standard_value (qualifier) == value) ++ return qualifier; ++ return AARCH64_OPND_QLF_ERR; + } + + /* Given VALUE, return qualifier for a vector register. This does not support +@@ -237,9 +238,10 @@ get_vreg_qualifier_from_value (aarch64_insn value) + if (qualifier >= AARCH64_OPND_QLF_V_2H) + qualifier += 1; + +- assert (value <= 0x8 +- && aarch64_get_qualifier_standard_value (qualifier) == value); +- return qualifier; ++ if (value <= 0x8 ++ && aarch64_get_qualifier_standard_value (qualifier) == value) ++ return qualifier; ++ return AARCH64_OPND_QLF_ERR; + } + + /* Given VALUE, return qualifier for an FP or AdvSIMD scalar register. */ +@@ -248,9 +250,10 @@ get_sreg_qualifier_from_value (aarch64_insn value) + { + enum aarch64_opnd_qualifier qualifier = AARCH64_OPND_QLF_S_B + value; + +- assert (value <= 0x4 +- && aarch64_get_qualifier_standard_value (qualifier) == value); +- return qualifier; ++ if (value <= 0x4 ++ && aarch64_get_qualifier_standard_value (qualifier) == value) ++ return qualifier; ++ return AARCH64_OPND_QLF_ERR; + } + + /* Given the instruction in *INST which is probably half way through the +@@ -263,13 +266,17 @@ get_expected_qualifier (const aarch64_inst *inst, int i) + { + aarch64_opnd_qualifier_seq_t qualifiers; + /* Should not be called if the qualifier is known. */ +- assert (inst->operands[i].qualifier == AARCH64_OPND_QLF_NIL); +- int invalid_count; +- if (aarch64_find_best_match (inst, inst->opcode->qualifiers_list, +- i, qualifiers, &invalid_count)) +- return qualifiers[i]; ++ if (inst->operands[i].qualifier == AARCH64_OPND_QLF_NIL) ++ { ++ int invalid_count; ++ if (aarch64_find_best_match (inst, inst->opcode->qualifiers_list, ++ i, qualifiers, &invalid_count)) ++ return qualifiers[i]; ++ else ++ return AARCH64_OPND_QLF_NIL; ++ } + else +- return AARCH64_OPND_QLF_NIL; ++ return AARCH64_OPND_QLF_ERR; + } + + /* Operand extractors. */ +@@ -355,6 +362,8 @@ aarch64_ext_reglane (const aarch64_operand *self, aarch64_opnd_info *info, + aarch64_insn value = extract_field (FLD_imm4_11, code, 0); + /* Depend on AARCH64_OPND_Ed to determine the qualifier. */ + info->qualifier = get_expected_qualifier (inst, info->idx); ++ if (info->qualifier == AARCH64_OPND_QLF_ERR) ++ return 0; + shift = get_logsz (aarch64_get_qualifier_esize (info->qualifier)); + info->reglane.index = value >> shift; + } +@@ -374,6 +383,8 @@ aarch64_ext_reglane (const aarch64_operand *self, aarch64_opnd_info *info, + if (pos > 3) + return false; + info->qualifier = get_sreg_qualifier_from_value (pos); ++ if (info->qualifier == AARCH64_OPND_QLF_ERR) ++ return 0; + info->reglane.index = (unsigned) (value >> 1); + } + } +@@ -381,6 +392,8 @@ aarch64_ext_reglane (const aarch64_operand *self, aarch64_opnd_info *info, + { + /* Need information in other operand(s) to help decoding. */ + info->qualifier = get_expected_qualifier (inst, info->idx); ++ if (info->qualifier == AARCH64_OPND_QLF_ERR) ++ return 0; + switch (info->qualifier) + { + case AARCH64_OPND_QLF_S_4B: +@@ -405,6 +418,8 @@ aarch64_ext_reglane (const aarch64_operand *self, aarch64_opnd_info *info, + + /* Need information in other operand(s) to help decoding. */ + info->qualifier = get_expected_qualifier (inst, info->idx); ++ if (info->qualifier == AARCH64_OPND_QLF_ERR) ++ return 0; + switch (info->qualifier) + { + case AARCH64_OPND_QLF_S_H: +@@ -644,9 +659,15 @@ aarch64_ext_advsimd_imm_shift (const aarch64_operand *self ATTRIBUTE_UNUSED, + 1xxx 1 2D */ + info->qualifier = + get_vreg_qualifier_from_value ((pos << 1) | (int) Q); ++ if (info->qualifier == AARCH64_OPND_QLF_ERR) ++ return false; + } + else +- info->qualifier = get_sreg_qualifier_from_value (pos); ++ { ++ info->qualifier = get_sreg_qualifier_from_value (pos); ++ if (info->qualifier == AARCH64_OPND_QLF_ERR) ++ return 0; ++ } + + if (info->type == AARCH64_OPND_IMM_VLSR) + /* immh +@@ -773,6 +794,8 @@ aarch64_ext_advsimd_imm_modified (const aarch64_operand *self ATTRIBUTE_UNUSED, + + /* cmode */ + info->qualifier = get_expected_qualifier (inst, info->idx); ++ if (info->qualifier == AARCH64_OPND_QLF_ERR) ++ return 0; + switch (info->qualifier) + { + case AARCH64_OPND_QLF_NIL: +@@ -1014,6 +1037,8 @@ aarch64_ext_ft (const aarch64_operand *self ATTRIBUTE_UNUSED, + if (value > 0x4) + return false; + info->qualifier = get_sreg_qualifier_from_value (value); ++ if (info->qualifier == AARCH64_OPND_QLF_ERR) ++ return 0; + } + + return true; +@@ -1086,6 +1111,8 @@ aarch64_ext_rcpc3_addr_offset (const aarch64_operand *self ATTRIBUTE_UNUSED, + aarch64_operand_error *errors ATTRIBUTE_UNUSED) + { + info->qualifier = get_expected_qualifier (inst, info->idx); ++ if (info->qualifier == AARCH64_OPND_QLF_ERR) ++ return 0; + + /* Rn */ + info->addr.base_regno = extract_field (self->fields[0], code, 0); +@@ -1105,6 +1132,8 @@ aarch64_ext_addr_offset (const aarch64_operand *self ATTRIBUTE_UNUSED, + aarch64_operand_error *errors ATTRIBUTE_UNUSED) + { + info->qualifier = get_expected_qualifier (inst, info->idx); ++ if (info->qualifier == AARCH64_OPND_QLF_ERR) ++ return 0; + + /* Rn */ + info->addr.base_regno = extract_field (self->fields[0], code, 0); +@@ -1154,6 +1183,8 @@ aarch64_ext_addr_regoff (const aarch64_operand *self ATTRIBUTE_UNUSED, + /* Need information in other operand(s) to help achieve the decoding + from 'S' field. */ + info->qualifier = get_expected_qualifier (inst, info->idx); ++ if (info->qualifier == AARCH64_OPND_QLF_ERR) ++ return 0; + /* Get the size of the data element that is accessed, which may be + different from that of the source register size, e.g. in strb/ldrb. */ + size = aarch64_get_qualifier_esize (info->qualifier); +@@ -1172,6 +1203,8 @@ aarch64_ext_addr_simm (const aarch64_operand *self, aarch64_opnd_info *info, + { + aarch64_insn imm; + info->qualifier = get_expected_qualifier (inst, info->idx); ++ if (info->qualifier == AARCH64_OPND_QLF_ERR) ++ return 0; + + /* Rn */ + info->addr.base_regno = extract_field (FLD_Rn, code, 0); +@@ -1210,6 +1243,8 @@ aarch64_ext_addr_uimm12 (const aarch64_operand *self, aarch64_opnd_info *info, + { + int shift; + info->qualifier = get_expected_qualifier (inst, info->idx); ++ if (info->qualifier == AARCH64_OPND_QLF_ERR) ++ return 0; + shift = get_logsz (aarch64_get_qualifier_esize (info->qualifier)); + /* Rn */ + info->addr.base_regno = extract_field (self->fields[0], code, 0); +@@ -1228,6 +1263,8 @@ aarch64_ext_addr_simm10 (const aarch64_operand *self, aarch64_opnd_info *info, + aarch64_insn imm; + + info->qualifier = get_expected_qualifier (inst, info->idx); ++ if (info->qualifier == AARCH64_OPND_QLF_ERR) ++ return 0; + /* Rn */ + info->addr.base_regno = extract_field (self->fields[0], code, 0); + /* simm10 */ +@@ -2467,6 +2504,8 @@ decode_sizeq (aarch64_inst *inst) + if (mask == 0x7) + { + inst->operands[idx].qualifier = get_vreg_qualifier_from_value (value); ++ if (inst->operands[idx].qualifier == AARCH64_OPND_QLF_ERR) ++ return 0; + return 1; + } + +@@ -2649,6 +2688,8 @@ do_special_decoding (aarch64_inst *inst) + idx = select_operand_for_sf_field_coding (inst->opcode); + value = extract_field (FLD_sf, inst->value, 0); + inst->operands[idx].qualifier = get_greg_qualifier_from_value (value); ++ if (inst->operands[idx].qualifier == AARCH64_OPND_QLF_ERR) ++ return 0; + if ((inst->opcode->flags & F_N) + && extract_field (FLD_N, inst->value, 0) != value) + return 0; +@@ -2659,6 +2700,8 @@ do_special_decoding (aarch64_inst *inst) + idx = select_operand_for_sf_field_coding (inst->opcode); + value = extract_field (FLD_lse_sz, inst->value, 0); + inst->operands[idx].qualifier = get_greg_qualifier_from_value (value); ++ if (inst->operands[idx].qualifier == AARCH64_OPND_QLF_ERR) ++ return 0; + } + /* rcpc3 'size' field. */ + if (inst->opcode->flags & F_RCPC3_SIZE) +@@ -2670,12 +2713,18 @@ do_special_decoding (aarch64_inst *inst) + { + if (aarch64_operands[inst->operands[i].type].op_class + == AARCH64_OPND_CLASS_INT_REG) +- inst->operands[i].qualifier = get_greg_qualifier_from_value (value & 1); ++ { ++ inst->operands[i].qualifier = get_greg_qualifier_from_value (value & 1); ++ if (inst->operands[i].qualifier == AARCH64_OPND_QLF_ERR) ++ return 0; ++ } + else if (aarch64_operands[inst->operands[i].type].op_class + == AARCH64_OPND_CLASS_FP_REG) + { + value += (extract_field (FLD_opc1, inst->value, 0) << 2); + inst->operands[i].qualifier = get_sreg_qualifier_from_value (value); ++ if (inst->operands[i].qualifier == AARCH64_OPND_QLF_ERR) ++ return 0; + } + } + } +@@ -2709,7 +2758,11 @@ do_special_decoding (aarch64_inst *inst) + /* For most related instruciton, the 'size' field is fully available for + operand encoding. */ + if (mask == 0x3) +- inst->operands[idx].qualifier = get_sreg_qualifier_from_value (value); ++ { ++ inst->operands[idx].qualifier = get_sreg_qualifier_from_value (value); ++ if (inst->operands[idx].qualifier == AARCH64_OPND_QLF_ERR) ++ return 0; ++ } + else + { + get_operand_possible_qualifiers (idx, inst->opcode->qualifiers_list, +@@ -2744,6 +2797,9 @@ do_special_decoding (aarch64_inst *inst) + Q = (unsigned) extract_field (FLD_Q, inst->value, inst->opcode->mask); + inst->operands[0].qualifier = + get_vreg_qualifier_from_value ((num << 1) | Q); ++ if (inst->operands[0].qualifier == AARCH64_OPND_QLF_ERR) ++ return 0; ++ + } + + if ((inst->opcode->flags & F_OPD_SIZE) && inst->opcode->iclass == sve2_urqvs) +@@ -2753,7 +2809,11 @@ do_special_decoding (aarch64_inst *inst) + inst->opcode->mask); + inst->operands[0].qualifier + = get_vreg_qualifier_from_value (1 + (size << 1)); ++ if (inst->operands[0].qualifier == AARCH64_OPND_QLF_ERR) ++ return 0; + inst->operands[2].qualifier = get_sreg_qualifier_from_value (size); ++ if (inst->operands[2].qualifier == AARCH64_OPND_QLF_ERR) ++ return 0; + } + + if (inst->opcode->flags & F_GPRSIZE_IN_Q) +@@ -2772,6 +2832,8 @@ do_special_decoding (aarch64_inst *inst) + assert (idx == 0 || idx == 1); + value = extract_field (FLD_Q, inst->value, 0); + inst->operands[idx].qualifier = get_greg_qualifier_from_value (value); ++ if (inst->operands[idx].qualifier == AARCH64_OPND_QLF_ERR) ++ return 0; + } + + if (inst->opcode->flags & F_LDS_SIZE) +-- +2.34.1 +