Received: by 2002:a05:6359:6284:b0:131:369:b2a3 with SMTP id se4csp4753323rwb; Tue, 8 Aug 2023 13:18:47 -0700 (PDT) X-Google-Smtp-Source: AGHT+IFv9UdnZcjiP5IP4izu0ybAo7RhV+4PHlF2tLJetMc+ORY+T3fOotm2AwheP4UFCLef9HTr X-Received: by 2002:a17:907:2c67:b0:99c:47a:8bd3 with SMTP id ib7-20020a1709072c6700b0099c047a8bd3mr583995ejc.10.1691525927132; Tue, 08 Aug 2023 13:18:47 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1691525927; cv=none; d=google.com; s=arc-20160816; b=Upd/qkSHfibQ3nyScMMLElF339yQ7XKnIypnOXjQye/5KzuZjX1qCGvX2jmwzl50c1 JaDdOxbb1AuxXZ5lp+8tos8jV5SAxGLsuCVDDmdXIsFUsdZRycXk23Cv8vGliv2U/NRX Qr9gPsF/Z4RYjZN4dTuWu5AgwmdlARA7N+pyyLyFyhRL3RNTXVfu8t9qna6K6kqVYWKa JXhKSIRCuzvfgmJjWqpMKP5o1pM5Rrv00Ws8+dCgl8MOySY2cdnF2yrJedsESUoQzY5W lQx1Qs98lieYlMYTx354x6m/NgajdP3Vdg8xRtp+zmGKNOW6Zft+ef5nEKIixxdM94hJ RnVg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:in-reply-to:content-transfer-encoding :content-disposition:mime-version:references:message-id:subject:cc :to:from:date:dkim-signature; bh=jW2Ev2fEU+tZ64hL5Q4L57WV2mLp60uuQxKGj9Nz61U=; fh=DEWFp4x4IeOm/1V75SpqdaoeA8UnM5fcjxSOKm7M9KI=; b=qCGpUn+CyM9M7oCoEfWJYkdMMQy0OxWRpJ0HagTof7o48NZn6VPlAF6vIncd8juwRl y+3EVRdp1GbASCtd+M5lEjcZ9jZkughHqcuBiShiG1R+FcW3ZzSfmMtoNOif3eaSCfX8 wQBajeKGp6mfW7lWZPgUfzuFntvCYlATay+/2Tb0Q/8fEObOZ+/IT60OBEcc1QyKjYGH hWJ5nkWg5XlqfyquA2IcC1sBGxQPULo3Ks8QIvdR+uHnU0Xh4Ons91xoGiCg8/2VzKEU BZbkd5Uqiv5OCPyTg4L1ElIBYeq+FxGwmu36ROR3XxwBRvIF0YkyvcMlxegcDby1U/WF OOZw== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@infradead.org header.s=casper.20170209 header.b=s+uSHykr; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Return-Path: Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20]) by mx.google.com with ESMTP id kg18-20020a17090776f200b0099c93638298si7486085ejc.230.2023.08.08.13.18.22; Tue, 08 Aug 2023 13:18:47 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20; Authentication-Results: mx.google.com; dkim=pass header.i=@infradead.org header.s=casper.20170209 header.b=s+uSHykr; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S234675AbjHHR3w (ORCPT + 99 others); Tue, 8 Aug 2023 13:29:52 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:47620 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S234593AbjHHR3U (ORCPT ); Tue, 8 Aug 2023 13:29:20 -0400 Received: from casper.infradead.org (casper.infradead.org [IPv6:2001:8b0:10b:1236::1]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 2D96D2037C; Tue, 8 Aug 2023 09:12:38 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=infradead.org; s=casper.20170209; h=In-Reply-To:Content-Transfer-Encoding: Content-Type:MIME-Version:References:Message-ID:Subject:Cc:To:From:Date: Sender:Reply-To:Content-ID:Content-Description; bh=jW2Ev2fEU+tZ64hL5Q4L57WV2mLp60uuQxKGj9Nz61U=; b=s+uSHykrxwdxki2XCrclKevIAH MJoGCh+i9DNbxuy9Na53KErR8H7nbUXpSigO/op8OE+3RGXWM5LaOzqfPIthDkpvgo1IsA+UJWAug 87p0DNMySA2R+5nZ3uiFvMP5cE4bwxhgTwDQrVmO+OC0jG7S8m5NGVRY7mznI+kpPXdonsFX9kKum ZyJWgvFc8DA8QCKbRB+9E9x+B2+G4jq+7yYx2l0dXXwYR5inUcYTFGnq6Lv06a9G4kFdfupLt/JEZ v03/4eWvx2RNhBTrh2qRDOLfTyCHtSMFDQ2BdNWh/3mnGKGlTleqEwPZrTKoT9chs6NQnAzXRleV7 yRcWrn3Q==; Received: from j130084.upc-j.chello.nl ([24.132.130.84] helo=noisy.programming.kicks-ass.net) by casper.infradead.org with esmtpsa (Exim 4.94.2 #2 (Red Hat Linux)) id 1qTKOh-00H2dm-Bd; Tue, 08 Aug 2023 10:57:07 +0000 Received: from hirez.programming.kicks-ass.net (hirez.programming.kicks-ass.net [192.168.1.225]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (Client did not present a certificate) by noisy.programming.kicks-ass.net (Postfix) with ESMTPS id C876430010B; Tue, 8 Aug 2023 12:57:05 +0200 (CEST) Received: by hirez.programming.kicks-ass.net (Postfix, from userid 1000) id 8B9BE2038C087; Tue, 8 Aug 2023 12:57:05 +0200 (CEST) Date: Tue, 8 Aug 2023 12:57:05 +0200 From: Peter Zijlstra To: Florian Weimer Cc: Marco Elver , Andrew Morton , Kees Cook , Guenter Roeck , Mark Rutland , Steven Rostedt , Marc Zyngier , Oliver Upton , James Morse , Suzuki K Poulose , Zenghui Yu , Catalin Marinas , Will Deacon , Nathan Chancellor , Nick Desaulniers , Tom Rix , Miguel Ojeda , linux-arm-kernel@lists.infradead.org, kvmarm@lists.linux.dev, linux-kernel@vger.kernel.org, llvm@lists.linux.dev, Dmitry Vyukov , Alexander Potapenko , kasan-dev@googlegroups.com, linux-toolchains@vger.kernel.org, Josh Poimboeuf Subject: Re: [PATCH v2 1/3] compiler_types: Introduce the Clang __preserve_most function attribute Message-ID: <20230808105705.GB212435@hirez.programming.kicks-ass.net> References: <20230804090621.400-1-elver@google.com> <87il9rgjvw.fsf@oldenburg.str.redhat.com> MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Disposition: inline Content-Transfer-Encoding: 8bit In-Reply-To: <87il9rgjvw.fsf@oldenburg.str.redhat.com> X-Spam-Status: No, score=-2.1 required=5.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,RCVD_IN_DNSWL_BLOCKED, SPF_HELO_NONE,SPF_NONE,URIBL_BLOCKED autolearn=ham autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On Mon, Aug 07, 2023 at 01:41:07PM +0200, Florian Weimer wrote: > * Marco Elver: > > > [1]: "On X86-64 and AArch64 targets, this attribute changes the calling > > convention of a function. The preserve_most calling convention attempts > > to make the code in the caller as unintrusive as possible. This > > convention behaves identically to the C calling convention on how > > arguments and return values are passed, but it uses a different set of > > caller/callee-saved registers. This alleviates the burden of saving and > > recovering a large register set before and after the call in the > > caller." > > > > [1] https://clang.llvm.org/docs/AttributeReference.html#preserve-most > > You dropped the interesting part: > > | If the arguments are passed in callee-saved registers, then they will > | be preserved by the callee across the call. This doesn’t apply for > | values returned in callee-saved registers. > | > | · On X86-64 the callee preserves all general purpose registers, except > | for R11. R11 can be used as a scratch register. Floating-point > | registers (XMMs/YMMs) are not preserved and need to be saved by the > | caller. > | > | · On AArch64 the callee preserve all general purpose registers, except > | X0-X8 and X16-X18. > > Ideally, this would be documented in the respective psABI supplement. > I filled in some gaps and filed: > > Document the ABI for __preserve_most__ function calls > > > Doesn't this change impact the kernel module ABI? > > I would really expect a check here So in the GCC bugzilla you raise the point of unwinding. So in arch/x86 we've beeing doing what this attribute proposes (except without that weird r11 exception) for a long while. We simply do: asm("call foo_thunk"); instead of a C call, and then have the 'thunk' thing PUSH/POP all the registers around a regular C function. Paravirt does quite a lot of that as well. In a very few cases we implement a function specifically to avoid all the PUSH/POP nonsense because it's so small the stack overhead kills it. For unwinding this means that the 'thunk' becomes invisible when IP is not inside it. But since the thunk is purely 'uninteresting' PUSH/POP around a real C call, this is not an issue. [[ tail calls leaving their sibling invisible is a far more annoying issue ]] If the function is one of those special things, then it will be a leaf function and we get to see it throught he IP. Now, the problem with __preserve_most is that it makes it really easy to deviate from this pattern, you can trivially write a function that is not a trivial wrapper and then does not show up on unwind. This might indeed be a problem. Ofc. the kernel doesn't longjmp much, and we also don't throw many exxceptions, but the live-patch people might care (although ORC unwinder should be able to deal with all this perfectly fine). In userspace, would not .eh_frame still be able to unwind this?