Fix GS cookie check on ARM in functions with stackalloc (#25628)

* Fix GS cookie check on ARM in functions with stackalloc The GC cookie check was failing during GC stack walking on ARM for frames of functions using stackalloc and pinvoke. The InlinedCallFrame stores only the SP after the stackalloc adjustment and unwinder needs R9 that contains SP before the stackalloc to be able to unwind the frame to get caller SP. The caller SP is used as a base for getting the GS cookie address. We were incorrectly setting the R9 in the CONTEXT to the same value as SP and so the unwinding was getting an incorrect caller SP. The fix is to store R9 in the InlinedCallFrame for ARM.
author: Jan Vorlicek <janvorli@microsoft.com> 2019-07-11 23:26:14 +0200
committer: GitHub <noreply@github.com> 2019-07-11 23:26:14 +0200
commit: 2290c1f10e58feef8636679788eb060705dae9b3 (patch)
tree: 17590690298f1e37255b7d87e03da6b85cda2b46 /src/jit/lower.cpp
parent: b4c7a2e6d97759b1d90f184664b510596cc64fd9 (diff)
download: coreclr-2290c1f10e58feef8636679788eb060705dae9b3.tar.gz
coreclr-2290c1f10e58feef8636679788eb060705dae9b3.tar.bz2
coreclr-2290c1f10e58feef8636679788eb060705dae9b3.zip
1 files changed, 5 insertions, 3 deletions
diff --git a/src/jit/lower.cpp b/src/jit/lower.cpp
index f8a5babd04..809f48f0f8 100644
--- a/src/jit/lower.cpp
+++ b/src/jit/lower.cpp
@@ -3336,9 +3336,11 @@ GenTree* Lowering::CreateFrameLinkUpdate(FrameLinkAction action)
 //                                                                              localloc and PInvoke in same function)
 //  +30h    +14h    m_pCallerReturnAddress            offsetOfReturnAddress   call site
 //  +38h    +18h    m_pCalleeSavedFP                  offsetOfCalleeSavedFP   not set by JIT
-//          +1Ch    JIT retval spill area (int)                               before call_gc    ???
-//          +20h    JIT retval spill area (long)                              before call_gc    ???
-//          +24h    Saved value of EBP                                        method prolog     ???
+//          +1Ch    m_pThread
+//          +20h    m_pSPAfterProlog                  offsetOfSPAfterProlog   arm only
+//          +20/24h JIT retval spill area (int)                               before call_gc    ???
+//          +24/28h JIT retval spill area (long)                              before call_gc    ???
+//          +28/2Ch Saved value of EBP                                        method prolog     ???
 //
 // Note that in the VM, InlinedCallFrame is a C++ class whose objects have a 'this' pointer that points
 // to the InlinedCallFrame vptr (the 2nd field listed above), and the GS cookie is stored *before*
author	Jan Vorlicek <janvorli@microsoft.com>	2019-07-11 23:26:14 +0200
committer	GitHub <noreply@github.com>	2019-07-11 23:26:14 +0200
commit	2290c1f10e58feef8636679788eb060705dae9b3 (patch)
tree	17590690298f1e37255b7d87e03da6b85cda2b46 /src/jit/lower.cpp
parent	b4c7a2e6d97759b1d90f184664b510596cc64fd9 (diff)
download	coreclr-2290c1f10e58feef8636679788eb060705dae9b3.tar.gz coreclr-2290c1f10e58feef8636679788eb060705dae9b3.tar.bz2 coreclr-2290c1f10e58feef8636679788eb060705dae9b3.zip