| blob | 6c59a8eeabc9a2aa19d50b325fa1b5913f595861 |
1 /* scfi.c - Support for synthesizing DWARF CFI for hand-written asm.
2 Copyright (C) 2023 Free Software Foundation, Inc.
4 This file is part of GAS, the GNU Assembler.
6 GAS is free software; you can redistribute it and/or modify
7 it under the terms of the GNU General Public License as published by
8 the Free Software Foundation; either version 3, or (at your option)
9 any later version.
11 GAS is distributed in the hope that it will be useful,
12 but WITHOUT ANY WARRANTY; without even the implied warranty of
13 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
14 GNU General Public License for more details.
16 You should have received a copy of the GNU General Public License
17 along with GAS; see the file COPYING. If not, write to the Free
18 Software Foundation, 51 Franklin Street - Fifth Floor, Boston, MA
19 02110-1301, USA. */
27 #if defined (TARGET_USE_SCFI) && defined (TARGET_USE_GINSN)
29 /* Beyond the target defined number of registers to be tracked
30 (SCFI_MAX_REG_ID), keep the next register ID, in sequence, for REG_CFA. */
31 #define REG_CFA (SCFI_MAX_REG_ID+1)
32 /* Define the total number of registers being tracked.
33 Used as index into an array of cfi_reglocS. Note that a ginsn may carry a
34 register number greater than MAX_NUM_SCFI_REGS, e.g., for the ginsns
35 corresponding to push fs/gs in AMD64. */
36 #define MAX_NUM_SCFI_REGS (REG_CFA+1)
38 #define REG_INVALID ((unsigned int)-1)
40 enum cfi_reglocstate
41 {
42 CFI_UNDEFINED,
43 CFI_IN_REG,
44 CFI_ON_STACK
45 };
47 /* Location at which CFI register is saved.
49 A CFI register (callee-saved registers, RA/LR) are always an offset from
50 the CFA. REG_CFA itself, however, may have REG_SP or REG_FP as base
51 register. Hence, keep the base reg ID and offset per tracked register. */
53 struct cfi_regloc
54 {
55 /* Base reg ID (DWARF register number). */
57 /* Location as offset from the CFA. */
58 offsetT offset;
59 /* Current state of the CFI register. */
61 };
65 struct scfi_op_data
66 {
68 };
72 /* SCFI operation.
74 An SCFI operation represents a single atomic change to the SCFI state.
75 This can also be understood as an abstraction for what eventually gets
76 emitted as a DWARF CFI operation. */
78 struct scfi_op
79 {
80 /* An SCFI op updates the state of either the CFA or other tracked
81 (callee-saved, REG_SP etc) registers. 'reg' is in the DWARF register
82 number space and must be strictly less than MAX_NUM_SCFI_REGS. */
84 /* Location of the reg. */
85 cfi_reglocS loc;
86 /* DWARF CFI opcode. */
88 /* Some SCFI ops, e.g., for CFI_label, may need to carry additional data. */
90 /* A linked list. */
92 };
94 /* SCFI State - accumulated unwind information at a PC.
96 SCFI state is the accumulated unwind information encompassing:
97 - REG_SP, REG_FP,
98 - RA, and
99 - all callee-saved registers.
101 Note that SCFI_MAX_REG_ID is target/ABI dependent and is provided by the
102 backends. The backend must also identify the DWARF register numbers for
103 the REG_SP, and REG_FP registers. */
105 struct scfi_state
106 {
109 /* Current stack size. */
110 offsetT stack_size;
111 /* Whether the stack size is known.
112 Stack size may become untraceable depending on the specific stack
113 manipulation machine instruction, e.g., rsp = rsp op reg instruction
114 makes the stack size untraceable. */
116 };
118 /* Initialize a new SCFI op. */
122 {
126 }
128 /* Free the SCFI ops, given the HEAD of the list. */
130 void
132 {
143 {
148 }
151 }
153 /* Compare two SCFI states. */
155 static int
157 {
163 /* Skip comparing the scratch[] value of registers. The user visible
164 unwind information is derived from the regs[] from the SCFI state. */
168 /* For user functions which perform dynamic stack allocation, after switching
169 t REG_FP based CFA tracking, it is perfectly possible to have stack usage
170 in some control flows. Further, the different control flows may even not
171 have the same idea of CFA tracking (likely later necessitating generation
172 of .cfi_remember_state / .cfi_restore_state pair). */
181 }
183 #if 0
184 static void
187 {
193 }
194 #endif
196 /* Update the SCFI state of REG as available on execution stack at OFFSET
197 from REG_CFA (BASE).
199 Note that BASE must be REG_CFA, because any other base (REG_SP, REG_FP)
200 is by definition transitory in the function. */
202 static void
204 offsetT offset)
205 {
214 }
216 static void
218 {
222 /* Sanity check. See Rule 4. */
226 /* PS: the register may still be on stack much after the restore. Reset the
227 SCFI state to CFI_UNDEFINED, however, to indicate that the most updated
228 source of value is register itself from here onwards. */
232 }
234 /* Identify if the given GAS instruction GINSN saves a register
235 (of interest) on stack. */
237 static bool
239 {
247 /* The first save to stack of callee-saved register is deemed as
248 register save. */
253 /* A register save insn may be an indirect mov. */
260 /* or an explicit store to stack. */
267 }
269 /* Identify if the given GAS instruction GINSN restores a register
270 (of interest) on stack. */
272 static bool
274 {
285 /* A register restore insn may be an indirect mov... */
292 /* ...or an explicit load from stack. */
299 }
301 /* Append the SCFI operation OP to the list of SCFI operations in the
302 given GINSN. */
304 static int
306 {
313 {
316 }
317 else
318 {
319 /* Add to tail. Most ginsns have a single SCFI operation,
320 so this traversal for every insertion is acceptable for now. */
326 }
330 }
332 static void
334 {
346 }
348 static void
350 {
362 }
364 static void
366 {
378 }
380 static void
382 offsetT num)
383 {
396 }
398 static void
400 {
410 }
412 static void
414 {
425 }
427 static void
429 {
437 }
439 static void
441 {
448 /* FIXME - add to the beginning of the scfi_ops. */
450 }
452 void
454 {
463 }
465 void
467 {
474 }
476 static int
478 {
479 /* The function uses this variable to issue error to user right away. */
504 /* Stack manipulation can be done in a variety of ways. A program may
505 allocate stack statically or may perform dynamic stack allocation in
506 the prologue.
508 The SCFI machinery in GAS is based on some heuristics:
510 - Rule 3 If the base register for CFA tracking is REG_FP, the program
511 must not clobber REG_FP, unless it is for switch to REG_SP based CFA
512 tracking (via say, a pop %rbp in X86). */
514 /* Check all applicable instructions with dest REG_FP, when the CFA base
515 register is REG_FP. */
519 {
520 /* Excuse the add/sub with imm usage: They are OK. */
525 /* REG_FP restore is OK too. */
528 /* mov's to memory with REG_FP base do not make REG_FP untraceable. */
532 /* Manipulations of the values possibly on stack are OK too. */
537 /* All other ginsns with REG_FP as destination make REG_FP not
538 traceable. */
539 else
541 }
548 }
550 static int
553 {
554 /* The function uses this variable to issue error to user right away. */
580 /* Stack manipulation can be done in a variety of ways. A program may
581 allocate stack statically in prologue or may need to do dynamic stack
582 allocation.
584 The SCFI machinery in GAS is based on some heuristics:
586 - Rule 1 The base register for CFA tracking may be either REG_SP or
587 REG_FP.
589 - Rule 2 If the base register for CFA tracking is REG_SP, the precise
590 amount of stack usage (and hence, the value of rsp) must be known at
591 all times. */
595 /* Exclude mov %rbp, %rsp from this check. */
597 {
598 /* A previous mov %rsp, %reg must have been seen earlier for this to be
599 an OK for stack manipulation. */
603 }
604 /* Check add/sub/and insn usage when CFA base register is REG_SP.
605 Any stack size manipulation, including stack realignment is not allowed
606 if CFA base register is REG_SP. */
612 /* If a register save operation is seen when REG_SP is untraceable,
613 CFI cannot be synthesized for register saves, hence bail out. */
615 {
617 /* If, however, the register save is an REG_FP-based, indirect mov
618 like: mov reg, disp(%rbp) and CFA base register is REG_BP,
619 untraceable REG_SP is not a problem. */
623 }
625 {
630 }
633 {
634 /* See Rule 2. For SP-based CFA, this makes CFA tracking not possible.
635 Propagate now to caller. */
639 {
640 /* An extension of Rule 2.
641 For FP-based CFA, this may be a problem *if* certain specific
642 changes to the SCFI state are seen beyond this point, e.g.,
643 register save / restore from stack. */
645 /* Simply make a note in the SCFI state object for now and
646 continue. Indicate an error when register save / restore
647 for callee-saved registers is seen. */
650 }
651 }
658 }
660 static int
662 {
669 /* Rule 4: Save and Restore of callee-saved registers must be symmetrical.
670 It is expected that value of the saved register is restored correctly.
671 E.g.,
672 push reg1
673 push reg2
674 ...
675 body of func which uses reg1 , reg2 as scratch,
676 and may be even spills them to stack.
677 ...
678 pop reg2
679 pop reg1
680 It is difficult to verify the Rule 4 in all cases. For the SCFI machinery,
681 it is difficult to separate prologue-epilogue from the body of the function
683 Hence, the SCFI machinery at this time, should only warn on an asymetrical
684 restore. */
689 /* For non callee-saved registers, calling the API is meaningless. */
693 /* The register must have been saved on stack, for sure. */
703 {
704 /* mov disp(%rsp), reg. */
705 /* mov disp(%rbp), reg. */
710 }
715 }
717 /* Perform symbolic execution of the GINSN and update its list of scfi_ops.
718 scfi_ops are later used to directly generate the DWARF CFI directives.
719 Also update the SCFI state object STATE for the caller. */
721 static int
723 {
725 offsetT offset;
738 /* For the first ginsn (of type GINSN_TYPE_SYMBOL) in the gbb, generate
739 the SCFI op with DW_CFA_def_cfa. Note that the register and offset are
740 target-specific. */
742 {
746 }
768 {
771 {
776 {
777 /* mov %rsp, %rbp. */
779 }
783 {
784 /* mov %rbp, %rsp. */
788 }
792 {
793 /* mov disp(%rsp), reg. */
794 /* mov disp(%rbp), reg. */
796 {
799 }
800 else
803 }
806 {
807 /* mov %rsp, %reg. */
808 /* The value of rsp is taken directly from state->stack_size.
809 IMP: The workflow in gen_scfi_ops must keep it updated.
810 PS: Not taking the value from state->scratch[REG_SP] is
811 intentional. */
815 }
818 {
819 /* mov %reg, %rsp. */
820 /* Keep the value of REG_SP updated. */
822 {
825 }
826 # if 0
830 #endif
832 }
838 {
839 /* Stack inc/dec offset, when generated due to stack push and pop is
840 target-specific. Use the value encoded in the ginsn. */
843 {
844 /* push reg. */
846 }
847 }
853 {
854 /* Stack inc/dec offset is target-specific. Use the value
855 encoded in the ginsn. */
857 /* pop %reg affects CFA offset only if CFA is currently
858 stack-pointer based. */
860 {
862 }
863 }
867 {
868 /* FIXME - what is this for ? */
870 }
873 /* If this is a load from stack. */
878 {
879 /* pop %rbp when CFA tracking is REG_FP based. */
881 {
886 }
888 {
890 {
893 }
894 else
897 }
898 }
902 }
906 /* Some operations with an indirect access to memory (or even to stack)
907 may still be uninteresting for SCFI purpose (e.g, addl %edx, -32(%rsp)
908 in x86). In case of x86_64, these can neither be a register
909 save / unsave, nor can alter the stack size.
910 PS: This condition may need to be revisited for other arches. */
917 /* mov reg, disp(%rbp) */
918 /* mov reg, disp(%rsp) */
920 {
922 {
923 /* mov reg, disp(%rsp) */
927 }
929 {
931 /* mov reg, disp(%rbp) */
935 }
936 }
940 /* Skip GINSN_DST_UNKNOWN and GINSN_DST_MEM as they are uninteresting
941 currently for SCFI. */
943 }
946 }
948 /* Recursively perform forward flow of the (unwind information) SCFI STATE
949 starting at basic block GBB.
951 The core of forward flow process takes the SCFI state at the entry of a bb
952 and updates it incrementally as per the semantics of each ginsn in the bb.
954 Returns error code, if any. */
956 static int
958 {
965 {
966 /* Check that the SCFI state is the same as previous. */
971 }
978 /* Perform symbolic execution of each ginsn in the gbb and update the
979 scfi_ops list of each ginsn (and also update the STATE object). */
981 {
985 }
990 /* Forward flow the SCFI state. Currently, we process the next basic block
991 in DFS order. But any forward traversal order should be fine. */
994 {
996 {
998 /* Ensure that the state is the one from the exit of the prev bb. */
1001 {
1005 }
1008 {
1011 /* Entry SCFI state for the destination bb of the edge is the
1012 same as the exit SCFI state of the source bb of the edge. */
1017 }
1018 }
1019 }
1023 fail:
1028 }
1030 static int
1032 {
1044 /* Basic blocks in reverse program order. */
1046 /* Basic blocks for which CFI remember op needs to be generated. */
1052 /* Traverse in reverse program order. */
1054 {
1058 {
1059 /* Candidate for .cfi_restore_state found. */
1062 /* Memorize current_bb now to find location for its remember state
1063 later. */
1065 }
1066 else
1067 {
1069 {
1073 {
1076 /* Remove the memorised restore_bb from the list. */
1079 }
1080 }
1081 }
1082 i--;
1083 }
1085 /* All .cfi_restore_state pseudo-ops must have a corresponding
1086 .cfi_remember_state by now. */
1089 {
1092 }
1098 }
1100 /* Synthesize DWARF CFI for a function. */
1102 int
1104 {
1111 /* Traverse the input GCFG and perform forward flow of information.
1112 Update the scfi_op(s) per ginsn. */
1115 {
1118 }
1122 {
1125 }
1127 end:
1130 }
1132 static int
1134 {
1137 /* Nothing to do. */
1146 {
1148 {
1184 }
1186 }
1189 bad:
1192 }
1194 /* Emit Synthesized DWARF CFI. */
1196 int
1198 {
1206 {
1208 {
1210 /* .cfi_startproc and .cfi_endproc pseudo-ops. */
1212 {
1215 }
1217 {
1220 }
1221 /* Fall through. */
1235 /* For all other SCFI ops, invoke the handler. */
1241 /* No other GINSN_TYPE_* expected. */
1245 }
1247 }
1249 }
1251 #else
1253 int
1255 {
1258 }
1260 int
1264 {
1267 }