sunfishcode opened PR #1315 from bigger-sigaltstack-rust
to master
:
Rust's stack overflow handler installs a sigaltstack stack with size
SIGSTKSZ, which is too small for some of the things we do in signal
handlers, and as of this writing lacks a guard page. Install bigger
sigaltstack stacks so that we have enough space, and have a guard page.This is similar to https://github.com/bytecodealliance/wasmtime/pull/1298 but rewritten in Rust
<!--
Please ensure that the following steps are all taken care of before submitting
the PR.
[ ] This has been discussed in issue #..., or if not, please tell us why
here.[ ] A short description of what this does, why it is needed; if the
description becomes long, the matter should probably be discussed in an issue
first.[ ] This PR contains test cases, if meaningful.
- [ ] A reviewer from the core maintainer team has been assigned for this PR.
If you don't know who could review this, please indicate so. The list of
suggested reviewers on the right can help you.Please ensure all communication adheres to the code of conduct.
-->
alexcrichton submitted PR Review.
alexcrichton created PR Review Comment:
FWIW panicking in destructors is pretty sketchy, and panicking in a TLS destructor is sort of even sketchier (almost guaranteed to abort the process). Perhaps these could switch to
debug_assert
statements?
alexcrichton created PR Review Comment:
Since
Tls
is constructed with a nullss_sp
before we callmmap
, I think this'll want to check for null and bail out becausemmap
would have failed.
alexcrichton submitted PR Review.
alexcrichton created PR Review Comment:
Instead of raising a trap could this perhaps bubble up some sort of error to the caller? I don't think the raising mechanism is needed here if this is reorganized a bit, for example the caller could do:
#[cfg(unix)] unix::setup_sigaltstack()?;and internally this module would check the TLS variable, and if it's not initialized would perform inline initialization which would bubble this error up through returns rather than a longjmp
alexcrichton created PR Review Comment:
I might recommend something like:
thread_local!(static TLS: RefCell<Tls> = RefCell::new(Tls::None); enum Tls { None, Allocated(Sigaltstack), // `Drop for Sigaltstack` frees stuff CheckedAlready), // sigaltstack was previously big enough }
alexcrichton created PR Review Comment:
FWIW this may be a bit easier with
let mut old_stack = mem::zeroed()
to make it a bit more portable if that ever comes up
alexcrichton created PR Review Comment:
I think these checks may want to move up to the front actually and not be assertions but rather runtime checks. With the C embedding we're not actually guaranteed the sigaltstack is set up (which I'm just now realizing is probably bad) because the Rust main function didn't happen. Additionally the application may have its own sigaltstack handled somewhere else.
I think we'll want to check the current sigaltstack here and if it's big enough just skip all this entirely, and then for flags I'm not really sure we need to check too much, but I don't think we should panic if the embedder has a particular configuration.
iximeow submitted PR Review.
iximeow created PR Review Comment:
just a note, the default signal stack should have a guard page soon: https://github.com/rust-lang/rust/pull/69969
eust-dfinity submitted PR Review.
eust-dfinity created PR Review Comment:
FYI in Dfinity we use std::cmp::max(SIGSTKSZ, 24 * 1024) here, because SIGSTKSZ on MacOS is already huge (128K) and reserving 512K per thread for the signal stack seemed like too much
alexcrichton updated PR #1315 from bigger-sigaltstack-rust
to master
:
Rust's stack overflow handler installs a sigaltstack stack with size
SIGSTKSZ, which is too small for some of the things we do in signal
handlers, and as of this writing lacks a guard page. Install bigger
sigaltstack stacks so that we have enough space, and have a guard page.This is similar to https://github.com/bytecodealliance/wasmtime/pull/1298 but rewritten in Rust
<!--
Please ensure that the following steps are all taken care of before submitting
the PR.
[ ] This has been discussed in issue #..., or if not, please tell us why
here.[ ] A short description of what this does, why it is needed; if the
description becomes long, the matter should probably be discussed in an issue
first.[ ] This PR contains test cases, if meaningful.
- [ ] A reviewer from the core maintainer team has been assigned for this PR.
If you don't know who could review this, please indicate so. The list of
suggested reviewers on the right can help you.Please ensure all communication adheres to the code of conduct.
-->
alexcrichton updated PR #1315 from bigger-sigaltstack-rust
to master
:
Rust's stack overflow handler installs a sigaltstack stack with size
SIGSTKSZ, which is too small for some of the things we do in signal
handlers, and as of this writing lacks a guard page. Install bigger
sigaltstack stacks so that we have enough space, and have a guard page.This is similar to https://github.com/bytecodealliance/wasmtime/pull/1298 but rewritten in Rust
<!--
Please ensure that the following steps are all taken care of before submitting
the PR.
[ ] This has been discussed in issue #..., or if not, please tell us why
here.[ ] A short description of what this does, why it is needed; if the
description becomes long, the matter should probably be discussed in an issue
first.[ ] This PR contains test cases, if meaningful.
- [ ] A reviewer from the core maintainer team has been assigned for this PR.
If you don't know who could review this, please indicate so. The list of
suggested reviewers on the right can help you.Please ensure all communication adheres to the code of conduct.
-->
alexcrichton updated PR #1315 from bigger-sigaltstack-rust
to master
:
Rust's stack overflow handler installs a sigaltstack stack with size
SIGSTKSZ, which is too small for some of the things we do in signal
handlers, and as of this writing lacks a guard page. Install bigger
sigaltstack stacks so that we have enough space, and have a guard page.This is similar to https://github.com/bytecodealliance/wasmtime/pull/1298 but rewritten in Rust
<!--
Please ensure that the following steps are all taken care of before submitting
the PR.
[ ] This has been discussed in issue #..., or if not, please tell us why
here.[ ] A short description of what this does, why it is needed; if the
description becomes long, the matter should probably be discussed in an issue
first.[ ] This PR contains test cases, if meaningful.
- [ ] A reviewer from the core maintainer team has been assigned for this PR.
If you don't know who could review this, please indicate so. The list of
suggested reviewers on the right can help you.Please ensure all communication adheres to the code of conduct.
-->
sunfishcode created PR Review Comment:
s/reigster/register/
sunfishcode submitted PR Review.
sunfishcode submitted PR Review.
alexcrichton updated PR #1315 from bigger-sigaltstack-rust
to master
:
Rust's stack overflow handler installs a sigaltstack stack with size
SIGSTKSZ, which is too small for some of the things we do in signal
handlers, and as of this writing lacks a guard page. Install bigger
sigaltstack stacks so that we have enough space, and have a guard page.This is similar to https://github.com/bytecodealliance/wasmtime/pull/1298 but rewritten in Rust
<!--
Please ensure that the following steps are all taken care of before submitting
the PR.
[ ] This has been discussed in issue #..., or if not, please tell us why
here.[ ] A short description of what this does, why it is needed; if the
description becomes long, the matter should probably be discussed in an issue
first.[ ] This PR contains test cases, if meaningful.
- [ ] A reviewer from the core maintainer team has been assigned for this PR.
If you don't know who could review this, please indicate so. The list of
suggested reviewers on the right can help you.Please ensure all communication adheres to the code of conduct.
-->
alexcrichton merged PR #1315.
Last updated: Dec 23 2024 at 13:07 UTC