From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: (qmail 47185 invoked by alias); 14 Jan 2019 16:23:00 -0000 Mailing-List: contact libc-alpha-help@sourceware.org; run by ezmlm Precedence: bulk List-Id: List-Subscribe: List-Archive: List-Post: List-Help: , Sender: libc-alpha-owner@sourceware.org Received: (qmail 47074 invoked by uid 89); 14 Jan 2019 16:23:00 -0000 Authentication-Results: sourceware.org; auth=none X-Spam-SWARE-Status: No, score=-1.9 required=5.0 tests=BAYES_00,RCVD_IN_DNSWL_NONE autolearn=ham version=3.3.2 spammy=operate X-HELO: mail-qt1-f174.google.com Return-Path: Subject: Re: Fwd: What can a signal handler do with SIGSTKSZ? To: Florian Weimer , Szabolcs Nagy Cc: Zack Weinberg , Christian Brauner , nd , GNU C Library References: <874lafezhe.fsf@oldenburg2.str.redhat.com> <87sgxzdjl4.fsf@oldenburg2.str.redhat.com> <61925098-4669-b478-9baf-644818d26a44@arm.com> <87d0ozb4c8.fsf@oldenburg2.str.redhat.com> From: Carlos O'Donell Openpgp: preference=signencrypt Message-ID: <0a995c61-62d6-7b09-8b5d-1d77b33a242d@redhat.com> Date: Mon, 14 Jan 2019 16:23:00 -0000 User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:60.0) Gecko/20100101 Thunderbird/60.4.0 MIME-Version: 1.0 In-Reply-To: <87d0ozb4c8.fsf@oldenburg2.str.redhat.com> Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 7bit X-SW-Source: 2019-01/txt/msg00293.txt.bz2 On 1/14/19 11:18 AM, Florian Weimer wrote: > * Szabolcs Nagy: > >> i think proposing sysconf(_SC_{MIN}SIGSTKSZ) for posix is the >> right solution with the kernel providing an upper bound of the >> stack frame in AT_MINSIGSTKSZ (as it already does on aarch64). > > It's still a bit nasty for process migration, but at least it should for > VM migration. I think that would be a reasonable compromise. > > Of course, we'd still need a way to determine how much we should add on > top of AT_MINSIGSTKSZ for the application developer's benefit. 8-) The value of SIGSTKSZ seems to be a "culturally relevant detail" that will probably be impossible to pin down to a real value. If *I* were a developer I might expect as Zach pointed out, that I can call every function on the list of callable AS-safe functions, at least once, without recursion, and expect them to operate correctly. A test case for this would therefore be a main, that register a handler that exercises *all* functions in the AS-safe list, and then looks for stack corruption at each execution. The test could also be used to set the value to some accepted value for all machines. Can we do this in practice? -- Cheers, Carlos.