Re: What can a signal handler do with SIGSTKSZ?

public inbox for libc-alpha@sourceware.org
 help / color / mirror / Atom feed

From: Szabolcs Nagy <Szabolcs.Nagy@arm.com>
To: Carlos O'Donell <carlos@redhat.com>,
	GNU C Library <libc-alpha@sourceware.org>
Cc: nd <nd@arm.com>
Subject: Re: What can a signal handler do with SIGSTKSZ?
Date: Fri, 11 Jan 2019 20:23:00 -0000	[thread overview]
Message-ID: <0c3426ba-2c50-d93c-4d15-c5fe97a32331@arm.com> (raw)
In-Reply-To: <bd828a5b-c71a-e299-8096-213171967064@redhat.com>

On 11/01/2019 19:11, Carlos O'Donell wrote:
> On 1/11/19 2:02 PM, Szabolcs Nagy wrote:
>> On 11/01/2019 17:44, Carlos O'Donell wrote:
>>> In the continuing series of "What can X do with Y?" [1]
>>>
>>> I would like to get consensus on what a signal handler can do with
>>> SIGSTKSZ amount of space.
>>>
>>> I propose the following:
>>> ~~~
>>> The implementation only guarantees that a signal handler can
>>> manipulate a reasonable amount of local variables (no more than
>>> 2 KiB worth), and can read and write to memory, carry out atomic
>>> operations, and call simple C library functions that do similar
>>> memory and simple string operations e.g. memcpy, memset, strcmp,
>>> strcpy. The amount of signal stack allocated for SIGSTKSZ is not
>>> sufficient to call complex signal-safe functions e.g. fork, _exit,
>>> abort, nor any that can be canceled (requires enough stack for
>>> cancellation). Any other operations or function calls in the
>>> signal handler should be evaluated for runtime stack usage and
>>> additional stack beyond SIGSTKSZ should be allocated.
>>> ~~~
>>>
>>> Thoughts?
>>
>> instead of "local variables" i'd say: user
>> code may use X bytes stack space and the
>> rest is for the runtime (which is guaranteed
>> to be enough for simple libc calls,...).
>>
>> X can be 2048.
>>
>> runtime stack usage vs user stack usage can
>> be accounted based on stack usage of libc code
>> vs user code.
>  
> I was wondering if I could simplify the language and just say:
> 
> There are (SIGSTKSZ - MINSTKSZ) bytes to use upon entry to the
> first signal handler, with stack space consumption happening
> as the handler executes. Each subsequent nested signal handler
> uses an additional MINSTKSZ bytes. 
> 
> What do you think?

works for me, but

MINSIGSTKSZ can be interpreted as just enough for the
kernel to deliver the signal and call the signal handler.
(currently it's not enough on x86_64 and on aarch64 with
sve. on aarch64 there is kernel provided AT_MINSIGSTKSZ
auxv value that is enough, but really posix requires a
sysconf for this instead of a fixed macro then.)

so users should be aware that there may be additional
overheads not visible in their code (we don't wrap
signal handlers currently but might, there is lazy
binding overhead for extern calls) so not all
SIGSTKSZ - MINSIGSTKSZ is for the user: it is for
user code + runtime.

next prev parent reply	other threads:[~2019-01-11 20:23 UTC|newest]

Thread overview: 25+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2019-01-11 17:44 Carlos O'Donell
2019-01-11 19:02 ` Szabolcs Nagy
2019-01-11 19:11   ` Carlos O'Donell
2019-01-11 20:23     ` Szabolcs Nagy [this message]
     [not found] ` <CAKCAbMiCaBst_ofjKkH3Ck1CoOV86wPKv3QSkC89XW_zu=1BLA@mail.gmail.com>
2019-01-11 19:34   ` Fwd: " Zack Weinberg
2019-01-11 20:00     ` Florian Weimer
2019-01-11 20:06       ` Christian Brauner
2019-01-11 20:14         ` Florian Weimer
2019-01-11 20:26           ` Christian Brauner
2019-01-14 16:15             ` Florian Weimer
2019-01-11 20:09       ` Zack Weinberg
2019-01-11 20:29         ` Florian Weimer
2019-01-11 23:59           ` Zack Weinberg
2019-01-14 11:18             ` Szabolcs Nagy
2019-01-14 11:29               ` Adhemerval Zanella
2019-01-14 16:34                 ` Zack Weinberg
2019-01-14 20:29                   ` Carlos O'Donell
2019-01-14 16:18               ` Florian Weimer
2019-01-14 16:23                 ` Carlos O'Donell
2019-01-14 16:31                   ` Florian Weimer
2019-01-14 16:34                   ` Szabolcs Nagy
2019-01-14 18:19                   ` Joseph Myers
2019-01-14 20:30                     ` Carlos O'Donell
2019-01-16 22:51             ` Christian Brauner
2019-01-11 19:40 ` Florian Weimer

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=0c3426ba-2c50-d93c-4d15-c5fe97a32331@arm.com \
    --to=szabolcs.nagy@arm.com \
    --cc=carlos@redhat.com \
    --cc=libc-alpha@sourceware.org \
    --cc=nd@arm.com \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).