Received: by 2002:ac0:a5b6:0:0:0:0:0 with SMTP id m51-v6csp4205827imm; Mon, 18 Jun 2018 10:52:16 -0700 (PDT) X-Google-Smtp-Source: ADUXVKJZzfZCGTBB/1Wvn3LaraYZ6LiBnqbf0pyIbNLBwGaQ7dDlrlNqlPMX5Bvn5ENN3TVx9wiv X-Received: by 2002:a65:5106:: with SMTP id f6-v6mr11764247pgq.122.1529344336027; Mon, 18 Jun 2018 10:52:16 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1529344336; cv=none; d=google.com; s=arc-20160816; b=fr5QO/tnTjgy2bt/4+8dB6dBWYWTb0EE2cUq6Ntk5hIJ3BSBHVkpWJbJ/qIeU7Qh6c c1fAk4SmKwh3+1060N3RsgUfEGDXAdPkb9qyTATWJrbx4xwEJ8mDOKTqRS8HAsG36X2k M0q4sRYA3y788up3emMR5odJUzjSM3v+j58z7yfrnZjysjL+V3bifbM+kEXN1tbiH51Y KdV4/eChL5PbgNUeoOCcnW5OR+HmAbj0f3dtG9gxcX6toq4MKOOkAlbNl6aqfZ6Ioe0c 9R6hLxHmOVglk3b/6e4YNA3lSbMJt6s8EEePJw1IAhIGwUrQbcjZHcouQLB+GTBzuyTc pnjA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:cc:to:subject:message-id:date:from :references:in-reply-to:mime-version:dkim-signature :arc-authentication-results; bh=U+VtV7Y6jgftswiqAhm6NqOP8JwJgrqQRiCIW31sYgo=; b=l4VS5AZ73rqfwDT9FUiYQolXt4ngLjviwH/SlE1lRGSD1+y7C9cufKaTGaQyKmvYYl SwEitHbnUJWjyVDc4b2/qxS2FNXxa4mZbjMjXs1H/c4U+5jghw++rVrun5p6bFoA1gTF 85sAZZJGLVfdQSXHWKlP1IBi2IAYwWx/JFYO+N8L6t3Erl/9m7cWnfjNXJ5dOAxNBTQz vNyN+5u5YEbZqmTlJTWlQ32NAxPtpmOUfrV8ZlMtQ7l8YDOyBsHhCzawkS1wTWFpulGQ 14bjSJ4ot+ocb24t3zcOmApytzvuyb9nFUxzvN7VXjmTAYhASC+wzx880bgqyFKpfJB7 dN7w== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@juliacomputing-com.20150623.gappssmtp.com header.s=20150623 header.b=eJov9CPV; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id g1-v6si15382780pld.11.2018.06.18.10.52.02; Mon, 18 Jun 2018 10:52:15 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; dkim=pass header.i=@juliacomputing-com.20150623.gappssmtp.com header.s=20150623 header.b=eJov9CPV; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S935610AbeFRRvN (ORCPT + 99 others); Mon, 18 Jun 2018 13:51:13 -0400 Received: from mail-io0-f175.google.com ([209.85.223.175]:32859 "EHLO mail-io0-f175.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S934963AbeFRRvM (ORCPT ); Mon, 18 Jun 2018 13:51:12 -0400 Received: by mail-io0-f175.google.com with SMTP id d185-v6so17624452ioe.0 for ; Mon, 18 Jun 2018 10:51:11 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=juliacomputing-com.20150623.gappssmtp.com; s=20150623; h=mime-version:in-reply-to:references:from:date:message-id:subject:to :cc; bh=U+VtV7Y6jgftswiqAhm6NqOP8JwJgrqQRiCIW31sYgo=; b=eJov9CPVVrqifrOmW2tF/ZabegngskAnQuIaYG/y/k1vKUUjDCBsrthcoKDQvsEvPM jrAzPlUwYRa2YOITIMHkMYGr6S8cDHdej8kuBdSjf6Iy2a2m8BFD3pYB9uelr4kXgv32 /QTNCS4+TTbGzIuHPIexUmp7U78vXeQGYSUIaq1el6MO0fvjCY0CG6WXeR8r0ee2s7Jl cz4XdKgcVPnc/IIf68sSo+cigtmEJUs+8aJpdqdStPOZUf6sLNNjVklNL5BZbanuyb++ LGUF/sOUgYBhweZqFgJ4MLwvWuE4C0jWvwIR5H0PCjztbVuvisVQmxPWub9+TMM3ZkeI vH+A== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:in-reply-to:references:from:date :message-id:subject:to:cc; bh=U+VtV7Y6jgftswiqAhm6NqOP8JwJgrqQRiCIW31sYgo=; b=BJKJUgjB4esmuwk+kr8pBG/0WQkeAMuYXxZwWJVLY82Ht9MVZlr8RYeNn8hL2pJXpK 9b3T+pNSg1iVwYMYDIWtZBKTdKjZVh8gtN3ItfFyHmUXWjivwVKm5pwpkTisHASrOxjP LubtyG2Q7GibiWLhPr664tp0Sc59D+UZcVNraEYA6FC8lHTw0A/sdynYz15LDIDv4AQ3 s1AAIvbwE/4OVlJkAaOTG534QLqv4pndMFNPD0TSwV7BWGeHc1qduQIllFr0JEPmbByf V8ByWhfob9x2xhZ4tduobAlHuJ7p7z3O6iX1X/2PoWPRb/6fPhVMLeP4V6bb0ebibTl2 2qbA== X-Gm-Message-State: APt69E2FAZJAvVf5s0ojmEW/YcLkKmnoUeOAcf2LZXb2ueob4Ju0ZZM9 H+iq7Eeh8WUI4PvI6jvK3qUdgGd4GT6e8cE4bYVvAQ== X-Received: by 2002:a6b:e315:: with SMTP id u21-v6mr11529180ioc.196.1529344271394; Mon, 18 Jun 2018 10:51:11 -0700 (PDT) MIME-Version: 1.0 Received: by 2002:a02:494a:0:0:0:0:0 with HTTP; Mon, 18 Jun 2018 10:50:30 -0700 (PDT) In-Reply-To: <20180618165840.gikljqhaxtiiw27x@two.firstfloor.org> References: <1529195582-64207-1-git-send-email-keno@alumni.harvard.edu> <20180617163530.rvwf7fcukmoletgo@two.firstfloor.org> <20180618165840.gikljqhaxtiiw27x@two.firstfloor.org> From: Keno Fischer Date: Mon, 18 Jun 2018 13:50:30 -0400 Message-ID: Subject: Re: [RFC PATCH] x86/arch_prctl: Add ARCH_SET_XCR0 to mask XCR0 per-thread To: Andi Kleen Cc: Linux Kernel Mailing List , Thomas Gleixner , Ingo Molnar , x86@kernel.org, "H. Peter Anvin" , Borislav Petkov , Dave Hansen , Paolo Bonzini , =?UTF-8?B?UmFkaW0gS3LEjW3DocWZ?= , Kyle Huey , "Robert O'Callahan" Content-Type: text/plain; charset="UTF-8" Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org > So we're talking about a workaround for broken software. The question > is how wide spread is it? For rr to work, it tries to replicate the process state *exactly*. That means: 1. The same instructions executed in the same order 2. The exact same register state at those instructions 3. The same memory state, bit-by-bit In particular 1) means that any extra instructions executed/not executed will cause a replay divergence (in practice rr uses retired conditional branches rather than instructions, because the instruction counter is not accurate, while the branch one is). This alone causes a problem for the present case, because glibc branches on the xcr0 value before it branches on the cpuid value for AVX512. Glibc does check for the correct cpuid before calling xgetbv, so one possible thing to do is to completely disable xsave during recording by disabling it in CPUID, but that would make rr quite a bit less useful, since it wouldn't be able to record any bugs that require AVX to be used. However, the xsave problem is worse, because xcr0 determines how much memory `xsave` writes, so if we emulate cpuid, to pretend that AVX512 does not exist, and the user space application uses that to determine the size of the required buffer, we now suddenly overflow that buffer (unless the user space application uses cpuid to compute a minimal RFBM for xsave, which no application seems to do). > Do memory contents which are never read by the application matter? In theory, no. However, in practice, I've seen most memory divergences (esp if on the stack), end up causing control flow divergences down the line, because some code somewhere picks up the uninitialized memory and branches on it. Hope that helps, Keno