Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

-Crelocation-model=rwpi (and possibly others) are unsound due to affecting the ABI #131300

Open
RalfJung opened this issue Oct 5, 2024 · 4 comments
Open

-Crelocation-model=rwpi (and possibly others) are unsound due to affecting the ABI #131300

RalfJung opened this issue Oct 5, 2024 · 4 comments
Labels
I-unsound Issue: A soundness hole (worst kind of bug), see: https://en.wikipedia.org/wiki/Soundness O-AArch64 Armv8-A or later processors in AArch64 mode O-Arm Target: 32-bit Arm processors (armv6, armv7, thumb...), including 64-bit Arm in AArch32 state P-medium Medium priority

Comments

@RalfJung
Copy link
Member

RalfJung commented Oct 5, 2024

This is based on the discussion here; I don't understand much of the underlying technical details unfortunately.

It seems like setting -Crelocation-model=rwpi on an ARM target compiles code in a way that it expects a particular register to be reserved for data addressing. However, the standard library is not built with that in mind and can use the register for other purposes. That's clearly unsound, we can now get arbitrary misbehavior because the same register is used in conflicting ways.
@RalfJung RalfJung added I-unsound Issue: A soundness hole (worst kind of bug), see: https://en.wikipedia.org/wiki/Soundness O-AArch64 Armv8-A or later processors in AArch64 mode O-Arm Target: 32-bit Arm processors (armv6, armv7, thumb...), including 64-bit Arm in AArch32 state labels Oct 5, 2024
@rustbot rustbot added I-prioritize Issue: Indicates that prioritization has been requested for this issue. needs-triage This issue may need triage. Remove it if it has been sufficiently triaged. labels Oct 5, 2024
@thejpster
Copy link
Contributor

Compiling code with RWPI currently produces a linker error. See https://github.com/thejpster/relocatable-experiments

I was told by Arm they will send a fix to LLVM for this but it might not make the next release.

@thejpster
Copy link
Contributor

And in case anyone was wondering, they're apparently pronounced "ropey" and "rupee".

@thejpster
Copy link
Contributor

Also, AFAIK the RWPI issue still blocks TockOS from being able to execute applications written in Rust, because the run-time RW address isn’t known at compile time.

https://tockos.org/blog/2017/talking-tock-17/

tock/libtock-rs#28

#54431

You can see it’s been known about for a very long time and no-one has fixed LLVM yet. Well I think Arm fixed their copy of LLVM but they only use it with clang and they only support C code.

@apiraino
Copy link
Contributor

apiraino commented Oct 9, 2024

WG-prioritization assigning priority (Zulip discussion).

@rustbot label -I-prioritize +P-medium

@rustbot rustbot added P-medium Medium priority and removed I-prioritize Issue: Indicates that prioritization has been requested for this issue. labels Oct 9, 2024
@RalfJung RalfJung mentioned this issue Oct 17, 2024
Open
@fmease fmease removed the needs-triage This issue may need triage. Remove it if it has been sufficiently triaged. label Oct 18, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
I-unsound Issue: A soundness hole (worst kind of bug), see: https://en.wikipedia.org/wiki/Soundness O-AArch64 Armv8-A or later processors in AArch64 mode O-Arm Target: 32-bit Arm processors (armv6, armv7, thumb...), including 64-bit Arm in AArch32 state P-medium Medium priority
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
5 participants
@RalfJung @thejpster @apiraino @fmease @rustbot