Naked functions with arguments generate a prologue #42779
Comments
Mark-Simulacrum
added
A-naked
|
IIRC this is invalid and rustc should reject such a function, naked functions can't take arguments and the compiler should probably enforce that. |
|
Hmm, my understanding of the RFC (“The following variant is not an error because the C calling convention is well-defined and it is thus possible for the programmer to write a conforming function”, even if the example is not with an argument) would mean that if the function is declared |
|
Is there an update on this? I was hit by this issue as well. I hit the problem when compiling a tock app (baremetal-ish and jumped to by the tock OS) A naked function with arguments would produce this prolog (RV32):
Which would result in an invalid access as s0 would be 0. Removing the arguments would remove the prologue and fix the problem. Removing the naked cfg would also work as teh stack pointer was already setup by the OS and result in this.
If arguments with naked functions aren't supported rustc should generate an error as this is a difficult problem to debug. |
|
This is an LLVM bug. Has it been reported upstream? |
As mentioned in issue: rust-lang#42779 a naked function with arguments will cause LLVM to generate some prologue code for the arguments. This goes against the idea of a naked function and can cause difficult to diagnose bugs. The current situation is wrong and leaves users exposed to nasty bugs. There are two possible solutions: 1. Not allow any naked functions to have arguments. This is the method taken by this patch. 2. Modify LLVM to not generate any prologue code for naked functions. This seems like a more controversial change as it will impact all LLVM users and I am not sure how other languages will handle this. It seems unlikely that there are many naked functions that don't call inline assembly as the first or only code in the function. In which case the inline assembly can assess the registers used to pass arguments still allowing arguments to be passed to naked functions. Rust shouldn't be calling naked functions [1] so this is unlikely to be a major concern. 1: https://github.com/rust-lang/rfcs/blob/master/text/1201-naked-fns.md "Because the calling convention of a naked function is not guaranteed to match any calling convention the compiler is compatible with, calls to naked functions from within Rust code are forbidden unless the function is also declared with a well-defined ABI." Signed-off-by: Alistair Francis <[email protected]>
jonas-schievink
added
requires-nightly
Elinvynia
added
the
I-prioritize
LeSeulArtichaut
removed
the
I-prioritize
A function that has no prologue cannot be reasonably expected to support debuginfo. In fact, the existing code (before this patch) would generate invalid instructions that caused crashes. We can solve this easily by just not emitting the debuginfo in this case. Fixes rust-lang#42779 cc rust-lang#32408
Suppress debuginfo on naked function arguments A function that has no prologue cannot be reasonably expected to support debuginfo. In fact, the existing code (before this patch) would generate invalid instructions that caused crashes. We can solve this easily by just not emitting the debuginfo in this case. Fixes rust-lang#42779 cc rust-lang#32408
Suppress debuginfo on naked function arguments A function that has no prologue cannot be reasonably expected to support debuginfo. In fact, the existing code (before this patch) would generate invalid instructions that caused crashes. We can solve this easily by just not emitting the debuginfo in this case. Fixes rust-lang#42779 cc rust-lang#32408
Suppress debuginfo on naked function arguments A function that has no prologue cannot be reasonably expected to support debuginfo. In fact, the existing code (before this patch) would generate invalid instructions that caused crashes. We can solve this easily by just not emitting the debuginfo in this case. Fixes rust-lang#42779 cc rust-lang#32408
Suppress debuginfo on naked function arguments A function that has no prologue cannot be reasonably expected to support debuginfo. In fact, the existing code (before this patch) would generate invalid instructions that caused crashes. We can solve this easily by just not emitting the debuginfo in this case. Fixes rust-lang#42779 cc rust-lang#32408
Suppress debuginfo on naked function arguments A function that has no prologue cannot be reasonably expected to support debuginfo. In fact, the existing code (before this patch) would generate invalid instructions that caused crashes. We can solve this easily by just not emitting the debuginfo in this case. Fixes rust-lang#42779 cc rust-lang#32408
Suppress debuginfo on naked function arguments A function that has no prologue cannot be reasonably expected to support debuginfo. In fact, the existing code (before this patch) would generate invalid instructions that caused crashes. We can solve this easily by just not emitting the debuginfo in this case. Fixes rust-lang#42779 cc rust-lang#32408
Suppress debuginfo on naked function arguments A function that has no prologue cannot be reasonably expected to support debuginfo. In fact, the existing code (before this patch) would generate invalid instructions that caused crashes. We can solve this easily by just not emitting the debuginfo in this case. Fixes rust-lang#42779 cc rust-lang#32408
Suppress debuginfo on naked function arguments A function that has no prologue cannot be reasonably expected to support debuginfo. In fact, the existing code (before this patch) would generate invalid instructions that caused crashes. We can solve this easily by just not emitting the debuginfo in this case. Fixes rust-lang#42779 cc rust-lang#32408
A function that has no prologue cannot be reasonably expected to support debuginfo. In fact, the existing code (before this patch) would generate invalid instructions that caused crashes. We can solve this easily by just not emitting the debuginfo in this case. Fixes rust-lang#42779 cc rust-lang#32408
Suppress debuginfo on naked function arguments A function that has no prologue cannot be reasonably expected to support debuginfo. In fact, the existing code (before this patch) would generate invalid instructions that caused crashes. We can solve this easily by just not emitting the debuginfo in this case. Fixes rust-lang#42779 cc rust-lang#32408
Currently, the code spills operands onto the stack for the purpose of debuginfo. However, naked functions can only contain an asm block. Therefore, attempting to spill the operands on the stack is undefined behavior. Fixes rust-lang#42779 cc rust-lang#32408
Don't spill operands onto the stack in naked functions Currently, the code spills operands onto the stack for the purpose of debuginfo. However, naked functions can only contain an asm block. Therefore, attempting to spill the operands on the stack is undefined behavior. Fixes rust-lang#42779 cc rust-lang#32408 Note that this PR reverts rust-lang#74105 which ultimately didn't fix the problem. cc @haraldh @Amanieu @matthewjasper
When compiling
(https://is.gd/Q03g7b)
The generated assembly includes a prologue with unexpected
mov's (as well as a trailingret, already reported in #32487)Expected behaviour would be to have no prologue (and prevent compilation of a
#[naked]function that is notexternas this would require implementing an undefined ABI, contrarily to what seems to happen https://is.gd/sQFBIy).This is treacherous, as it dereferences some memory locations that may not be accessible, as happened to me and led to hours of debugging to finally figure out the compiled function was not the one defined.
cc #32408
The text was updated successfully, but these errors were encountered: