Re: [PATCH] posix_spawn: use a larger min stack for -fstack-check [BZ #21253]

[Mike Frysinger <vapier at gentoo dot org>]

On 16 Mar 2017 14:56, Andrew Pinski wrote:
> On Thu, Mar 16, 2017 at 2:52 PM, Mike Frysinger wrote:
> > On 16 Mar 2017 09:17, Florian Weimer wrote:
> >> On 03/16/2017 08:30 AM, Mike Frysinger wrote:
> >> > When glibc is built with -fstack-check, trying to use posix_spawn can
> >> > lead to segfaults due to gcc internally probing stack memory too far.
> >> > The new spawn API will allocate a minimum of 1 page, but the stack
> >> > checking logic might probe a couple of pages.  When it tries to walk
> >> > them, everything falls apart.
> >> >
> >> > The gcc internal docs [1] state the default interval checking is one
> >> > page.  Which means we need two pages (the current one, and the next
> >> > probed).  No target currently defines it larger.
> >>
> >> GCC miscomputes the offsets in some cases, so I would not rely on this.
> >>
> >> Would it be possible compile the functions involved without
> >> -fstack-check instead?
> >
> > i mentioned in the bug that it's not feasible: compiling this one file
> > doesn't help as it calls other glibc funcs which will have checking
> > enabled.  so we'd have to manually track the full call stack here and
> > disable it on all the files which is a fairly fragile/burdensome process.
> >
> >> >    /* Add a slack area for child's stack.  */
> >> >    size_t argv_size = (argc * sizeof (void *)) + 512;
> >> > -  size_t stack_size = ALIGN_UP (argv_size, GLRO(dl_pagesize));
> >> > +  /* We need at least a few pages in case the compiler's stack checking is
> >> > +     enabled.  In some configs, it is known to use at least 24KiB.  */
> >> > +  size_t stack_size = ALIGN_UP (argv_size, 32 * 1024);
> >>
> >> 64 KiB pages are common, so this reduces the stack size in many cases.
> >
> > common where ?  are you talking about large pages ?
> >
> > going by PAGE_SHIFT in the kernel, looks to me like very few
> > targets allow using 64 KiB at all, let alone being common.
> 
> RHEL on ARM64 defaults to 64k.
> For Cavium Octeon SDK, the mips kernel defaults to 64k page size.

i think it's fair to say that those userbases do not constitute anywhere
close to a majority, or even a signficiantly large presence.

from what i can tell, gcc does not expose any CPP defines we can use to
see if stack checking is enabled.  so we don't have a way of turning the
extra allocations on conditionally.

wouldn't be easy to add a configure check either since -fstack-check can
be turned on via default specs.
-mike

Attachment: signature.asc
Description: Digital signature