On Sat, 27 Jun 2026 02:58:41 GMT, Yasumasa Suenaga <[email protected]> wrote:
>> src/hotspot/cpu/aarch64/vm_version_aarch64.cpp line 553: >> >>> 551: _pac_mask = (uintptr_t)pauth_strip_pointer((address)~(UINT64_C(1) >>> << 55)); >>> 552: } >>> 553: >> >> Did this code have to be moved? >> >> It looks like the change here is making sure _pac_mask gets set even if the >> setting of UseBranchProtection indicates that PAC will not be used. Is this >> change needed because runtime flags are in conflict with what is in the >> dwarf file. In other words, dwarf says PAC is supported, but hotspot has >> decided not to enable it? However, this means you are masking addresses that >> are not PAC signed. Are. you sure this is always ok? What if you mask off >> bits of the actual unsigned address. It's not clear to my why SA would need >> _pac_mask set if PAC was disabled at runtime. >> >> BTW, where is supports_paca() defined. I'm unable to find it in the source >> or with a web search. > > I need `_pac_mask` to strip PAC, so I moved to set it even if branch > protection is disabled. > We have to strip PAC for native frames (e.g. glibc) even if HotSpot disables > branch protection. If PAC is enabled in the Kernel, all of native frames > would be handled PAC if PAC instructions are issued (then it should be also > recorded in DWARF instructions). To avoid unnecessary stripping, this PR > checks PAC in auxiliary vector from `getauxv()`. > > Now, `_pac_mask` does not seem to be used in HotSpot (excluding vmstructs), > so I believe it does not produce side-effect (actually all of GHA workflows > succeeded). > >> where is supports_paca() defined. I'm unable to find it in the source or >> with a web search. > > It is defined in hotspot/cpu/aarch64/vm_version_aarch64.hpp via > `CPU_FEATURE_FLAGS` macro. The flag would be set at > `VM_Version::get_os_cpu_info()` in vm_version_linux_aarch64.cpp. Yes, it looks like _pac_mask was added specifically for SA by [JDK-8286711](https://bugs.openjdk.org/browse/JDK-8286711). What happens if the core was generated on a machine with PAC support but debugged on a machine without it. Is _pac_mask going to be setup in that case? >> src/jdk.hotspot.agent/share/classes/sun/jvm/hotspot/debugger/linux/LinuxDebuggerLocal.java >> line 326: >> >>> 324: if ((debugger instanceof LinuxAARCH64DebuggerLocal d) && >>> d.isPACEnabled()) { >>> 325: >>> ((MachineDescriptionAArch64)d.getMachineDescription()).enablePAC(); >>> 326: } >> >> Is there a better place for this? Maybe closer to the creation of the >> MachienDescriptorAArch54? > > Yes, we can move it to near the insantiate of `MachineDescriptorAArch64` in > case of live attach, but I think it is better to place it in similar place > for core attaching for consistency. We have to get the status of PAC from > coredump after attaching in case of the core because we have to consider to > analyze coredump produced by PAC-enabled machine on PAC-disabled machine. I was actually implying moving it for a core file attach also. This just doesn't seem like the proper place for CPU dependent code. ------------- PR Review Comment: https://git.openjdk.org/jdk/pull/31669#discussion_r3485191517 PR Review Comment: https://git.openjdk.org/jdk/pull/31669#discussion_r3485200462
