From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from mail-qk1-x743.google.com (mail-qk1-x743.google.com [IPv6:2607:f8b0:4864:20::743]) by sourceware.org (Postfix) with ESMTPS id CEA4E3857C43 for ; Mon, 24 Aug 2020 14:32:32 +0000 (GMT) DMARC-Filter: OpenDMARC Filter v1.3.2 sourceware.org CEA4E3857C43 Received: by mail-qk1-x743.google.com with SMTP id o64so1416059qkb.10 for ; Mon, 24 Aug 2020 07:32:32 -0700 (PDT) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:to:references:from:autocrypt:subject:message-id :date:user-agent:mime-version:in-reply-to:content-language :content-transfer-encoding; bh=PBOwYZVH2wAXQut721r96jFPeqYwUW8HY4ohjD+j9y4=; b=l58tp/qWv5iJzJjCUuSLEnNviJMU9qkbJghhk3gynFjI43ZEqNinyW22uqGusr748v kSr+Rha9hvumVxe4JXd53MKIhc8bBI4qBd5dt45TvUSVc+4wfi6K5bmS9Iv5bRz05dqk x5ilW9VSSMbt9nnH8Iwwdk94rn+5fZJfMS7AAmWl0jWacOHk/aoTXfXFoYtOQ6+Kxl77 IPboAuzpsnn6QiDgb2hy9M2PEhrXjAC/4Hk/XeAu/vGT/3vUYiW8MTQlKe/XIwAcYo0X UopuU34+hGrYJvNKHn7LctaZQKqlGXh3mbmxS1CIvSoo901eBzQbYFNtEFR2M+1XoIYY yxrA== X-Gm-Message-State: AOAM533oqSvfvBa+3hpzJEHx0LUUQrZLgQTa2x8xf7zXWJOI/YaQT+hF RnFoLbC+JRqv5GRkVszT4GM5OQ== X-Google-Smtp-Source: ABdhPJzFX9QGwP/5udZg/If71DAK+lg3GsztJyoaKzkW/kmgA8qNn3pwe4WqOjE/hVQCLmcrWnrX4g== X-Received: by 2002:a37:9245:: with SMTP id u66mr2416279qkd.471.1598279552175; Mon, 24 Aug 2020 07:32:32 -0700 (PDT) Received: from [192.168.1.4] ([177.194.48.209]) by smtp.googlemail.com with ESMTPSA id d15sm9421859qka.91.2020.08.24.07.32.30 (version=TLS1_3 cipher=TLS_AES_128_GCM_SHA256 bits=128/128); Mon, 24 Aug 2020 07:32:31 -0700 (PDT) To: libc-alpha@sourceware.org, Xiaoming Ni , Paul Eggert References: <20200815070851.46403-1-nixiaoming@huawei.com> <8fa27d3a-f65c-ee0c-e665-7c4f4ace18e2@huawei.com> <9960d71b-28f0-bf9c-a854-df416363fabf@cs.ucla.edu> <509977d1-35c7-d80a-c061-efb79a08b84f@huawei.com> <93ac7fed-d7e9-eb46-f8fd-407bd606eb52@huawei.com> From: Adhemerval Zanella Autocrypt: addr=adhemerval.zanella@linaro.org; prefer-encrypt=mutual; keydata= mQINBFcVGkoBEADiQU2x/cBBmAVf5C2d1xgz6zCnlCefbqaflUBw4hB/bEME40QsrVzWZ5Nq 8kxkEczZzAOKkkvv4pRVLlLn/zDtFXhlcvQRJ3yFMGqzBjofucOrmdYkOGo0uCaoJKPT186L NWp53SACXguFJpnw4ODI64ziInzXQs/rUJqrFoVIlrPDmNv/LUv1OVPKz20ETjgfpg8MNwG6 iMizMefCl+RbtXbIEZ3TE/IaDT/jcOirjv96lBKrc/pAL0h/O71Kwbbp43fimW80GhjiaN2y WGByepnkAVP7FyNarhdDpJhoDmUk9yfwNuIuESaCQtfd3vgKKuo6grcKZ8bHy7IXX1XJj2X/ BgRVhVgMHAnDPFIkXtP+SiarkUaLjGzCz7XkUn4XAGDskBNfbizFqYUQCaL2FdbW3DeZqNIa nSzKAZK7Dm9+0VVSRZXP89w71Y7JUV56xL/PlOE+YKKFdEw+gQjQi0e+DZILAtFjJLoCrkEX w4LluMhYX/X8XP6/C3xW0yOZhvHYyn72sV4yJ1uyc/qz3OY32CRy+bwPzAMAkhdwcORA3JPb kPTlimhQqVgvca8m+MQ/JFZ6D+K7QPyvEv7bQ7M+IzFmTkOCwCJ3xqOD6GjX3aphk8Sr0dq3 4Awlf5xFDAG8dn8Uuutb7naGBd/fEv6t8dfkNyzj6yvc4jpVxwARAQABtElBZGhlbWVydmFs IFphbmVsbGEgTmV0dG8gKExpbmFybyBWUE4gS2V5KSA8YWRoZW1lcnZhbC56YW5lbGxhQGxp bmFyby5vcmc+iQI3BBMBCAAhBQJXFRpKAhsDBQsJCAcDBRUKCQgLBRYCAwEAAh4BAheAAAoJ EKqx7BSnlIjv0e8P/1YOYoNkvJ+AJcNUaM5a2SA9oAKjSJ/M/EN4Id5Ow41ZJS4lUA0apSXW NjQg3VeVc2RiHab2LIB4MxdJhaWTuzfLkYnBeoy4u6njYcaoSwf3g9dSsvsl3mhtuzm6aXFH /Qsauav77enJh99tI4T+58rp0EuLhDsQbnBic/ukYNv7sQV8dy9KxA54yLnYUFqH6pfH8Lly sTVAMyi5Fg5O5/hVV+Z0Kpr+ZocC1YFJkTsNLAW5EIYSP9ftniqaVsim7MNmodv/zqK0IyDB GLLH1kjhvb5+6ySGlWbMTomt/or/uvMgulz0bRS+LUyOmlfXDdT+t38VPKBBVwFMarNuREU2 69M3a3jdTfScboDd2ck1u7l+QbaGoHZQ8ZNUrzgObltjohiIsazqkgYDQzXIMrD9H19E+8fw kCNUlXxjEgH/Kg8DlpoYJXSJCX0fjMWfXywL6ZXc2xyG/hbl5hvsLNmqDpLpc1CfKcA0BkK+ k8R57fr91mTCppSwwKJYO9T+8J+o4ho/CJnK/jBy1pWKMYJPvvrpdBCWq3MfzVpXYdahRKHI ypk8m4QlRlbOXWJ3TDd/SKNfSSrWgwRSg7XCjSlR7PNzNFXTULLB34sZhjrN6Q8NQZsZnMNs TX8nlGOVrKolnQPjKCLwCyu8PhllU8OwbSMKskcD1PSkG6h3r0AquQINBFcVGkoBEACgAdbR Ck+fsfOVwT8zowMiL3l9a2DP3Eeak23ifdZG+8Avb/SImpv0UMSbRfnw/N81IWwlbjkjbGTu oT37iZHLRwYUFmA8fZX0wNDNKQUUTjN6XalJmvhdz9l71H3WnE0wneEM5ahu5V1L1utUWTyh VUwzX1lwJeV3vyrNgI1kYOaeuNVvq7npNR6t6XxEpqPsNc6O77I12XELic2+36YibyqlTJIQ V1SZEbIy26AbC2zH9WqaKyGyQnr/IPbTJ2Lv0dM3RaXoVf+CeK7gB2B+w1hZummD21c1Laua +VIMPCUQ+EM8W9EtX+0iJXxI+wsztLT6vltQcm+5Q7tY+HFUucizJkAOAz98YFucwKefbkTp eKvCfCwiM1bGatZEFFKIlvJ2QNMQNiUrqJBlW9nZp/k7pbG3oStOjvawD9ZbP9e0fnlWJIsj 6c7pX354Yi7kxIk/6gREidHLLqEb/otuwt1aoMPg97iUgDV5mlNef77lWE8vxmlY0FBWIXuZ yv0XYxf1WF6dRizwFFbxvUZzIJp3spAao7jLsQj1DbD2s5+S1BW09A0mI/1DjB6EhNN+4bDB SJCOv/ReK3tFJXuj/HbyDrOdoMt8aIFbe7YFLEExHpSk+HgN05Lg5TyTro8oW7TSMTk+8a5M kzaH4UGXTTBDP/g5cfL3RFPl79ubXwARAQABiQIfBBgBCAAJBQJXFRpKAhsMAAoJEKqx7BSn lIjvI/8P/jg0jl4Tbvg3B5kT6PxJOXHYu9OoyaHLcay6Cd+ZrOd1VQQCbOcgLFbf4Yr+rE9l mYsY67AUgq2QKmVVbn9pjvGsEaz8UmfDnz5epUhDxC6yRRvY4hreMXZhPZ1pbMa6A0a/WOSt AgFj5V6Z4dXGTM/lNManr0HjXxbUYv2WfbNt3/07Db9T+GZkpUotC6iknsTA4rJi6u2ls0W9 1UIvW4o01vb4nZRCj4rni0g6eWoQCGoVDk/xFfy7ZliR5B+3Z3EWRJcQskip/QAHjbLa3pml xAZ484fVxgeESOoaeC9TiBIp0NfH8akWOI0HpBCiBD5xaCTvR7ujUWMvhsX2n881r/hNlR9g fcE6q00qHSPAEgGr1bnFv74/1vbKtjeXLCcRKk3Ulw0bY1OoDxWQr86T2fZGJ/HIZuVVBf3+ gaYJF92GXFynHnea14nFFuFgOni0Mi1zDxYH/8yGGBXvo14KWd8JOW0NJPaCDFJkdS5hu0VY 7vJwKcyHJGxsCLU+Et0mryX8qZwqibJIzu7kUJQdQDljbRPDFd/xmGUFCQiQAncSilYOcxNU EMVCXPAQTteqkvA+gNqSaK1NM9tY0eQ4iJpo+aoX8HAcn4sZzt2pfUB9vQMTBJ2d4+m/qO6+ cFTAceXmIoFsN8+gFN3i8Is3u12u8xGudcBPvpoy4OoG Subject: Re: ping//Re: [PATCH v2] io:nftw/ftw:fix stack overflow when large nopenfd [BZ #26353] Message-ID: Date: Mon, 24 Aug 2020 11:32:28 -0300 User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:68.0) Gecko/20100101 Thunderbird/68.10.0 MIME-Version: 1.0 In-Reply-To: <93ac7fed-d7e9-eb46-f8fd-407bd606eb52@huawei.com> Content-Type: text/plain; charset=utf-8 Content-Language: en-US Content-Transfer-Encoding: 8bit X-Spam-Status: No, score=-8.5 required=5.0 tests=BAYES_00, BODY_8BITS, DKIM_SIGNED, DKIM_VALID, DKIM_VALID_AU, DKIM_VALID_EF, NICE_REPLY_A, RCVD_IN_DNSWL_NONE, SPF_HELO_NONE, SPF_PASS, TXREP autolearn=ham autolearn_force=no version=3.4.2 X-Spam-Checker-Version: SpamAssassin 3.4.2 (2018-09-13) on server2.sourceware.org X-BeenThere: libc-alpha@sourceware.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: Libc-alpha mailing list List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 24 Aug 2020 14:32:34 -0000 On 24/08/2020 05:31, Xiaoming Ni wrote: > On 2020/8/23 2:09, Paul Eggert wrote: >> On 8/21/20 8:27 PM, Xiaoming Ni wrote: >>> How do I determine whether data.maxdir is too large for alloca? >> >> __libc_use_alloca. Also see include/scratch_buffer.h, which is designed for this sort of situation. >> >> . > > is that ? > > --- a/io/ftw.c > +++ b/io/ftw.c > @@ -645,6 +645,13 @@ ftw_startup (const char *dir, int is_nftw, void *func, int descriptors, >      } > >    data.maxdir = descriptors < 1 ? 1 : descriptors; > +  if ((__glibc_unlikely (data.maxdir > SIZE_MAX / sizeof (struct dir_data *))) > +      || (! __libc_use_alloca (data.maxdir * sizeof (struct dir_data *)))) > +    { > +      __set_errno (EINVAL); > +      return -1; > +    } > + >    data.actdir = 0; >    data.dirstreams = (struct dir_data **) alloca (data.maxdir >                                                  * sizeof (struct dir_data *)); > I would prefer to just remove alloca altogether and either move to dynamic allocation or use hybrid approach and use a scratch_buffer or a dynarray. In this specific case, it already does a unconditional dynamic memory allocation for the 'data.dirbuf', so why not just allocate the 'dirstream' buffer on the same block as: data.maxdir = descriptors < 1 ? 1 : descriptors; data.actdir = 0; data.dirbufsize = MAX (2 * strlen (dir), PATH_MAX); data.dirstreams = malloc (data.maxdir * sizeof (struct dir_data *) + data.dirbufsize); if (data.dirstreams == NULL) return -1; memset (data.dirstreams, '\0', data.maxdir * sizeof (struct dir_data *)); data.dirbuf = (char *) data.dirstreams + data.maxdir * sizeof (struct dir_data *); It would require adjust the size of 'process_entry' for the realloc (to take in consideration the 'dirstreams' size). > > Whether to use malloc or return an error message when the input is too large? > > I still don't understand why libc uses alloca so much. > Is it for performance? Most of the code that uses alloca is pre-C99 that provides VLA or are code where there is no prior way to know how much stack would be allocated (that's why the __libc_use_alloca which tries to put a high bound in stack usage). However, dynamic stack allocation either with alloca or VLA tend to produce bad code gen (as the Linux kernel developers has observed) and increases the possibility of multiple issues (unbounded stack allocation, performance issues, etc.). There were multiple issues with alloca usage over the years, so recently we were moving the code to either scratch_buffer or dynarray.