3 # User Gian-Carlo Pascutto <gcp@mozilla.com>
5 # Node ID 7f9b9624c400dc847dc0053ebe35fbe63353a3d2
6 # Parent 958aef401f3c27231c426fc6e00024b0741470a6
7 Bug 1721326 - Allow dynamic PTHREAD_STACK_MIN. r=glandium, a=RyanVM
9 https://phabricator.services.mozilla.com/D120708
11 Differential Revision: https://phabricator.services.mozilla.com/D120972
13 diff --git a/js/xpconnect/src/XPCJSContext.cpp b/js/xpconnect/src/XPCJSContext.cpp
14 --- a/js/xpconnect/src/XPCJSContext.cpp
15 +++ b/js/xpconnect/src/XPCJSContext.cpp
21 using namespace mozilla;
25 -// The watchdog thread loop is pretty trivial, and should not require much stack
26 -// space to do its job. So only give it 32KiB or the platform minimum.
27 +// We will clamp to reasonable values if this isn't set.
28 #if !defined(PTHREAD_STACK_MIN)
29 # define PTHREAD_STACK_MIN 0
31 -static constexpr size_t kWatchdogStackSize =
32 - PTHREAD_STACK_MIN < 32 * 1024 ? 32 * 1024 : PTHREAD_STACK_MIN;
34 static void WatchdogMain(void* arg);
36 class WatchdogManager;
37 class MOZ_RAII AutoLockWatchdog final {
38 Watchdog* const mWatchdog;
41 @@ -154,22 +151,29 @@ class Watchdog {
42 // extra pages if we can avoid it.
43 nsCOMPtr<nsIDebug2> dbg = do_GetService("@mozilla.org/xpcom/debug;1");
48 AutoLockWatchdog lock(this);
50 + // The watchdog thread loop is pretty trivial, and should not
51 + // require much stack space to do its job. So only give it 32KiB
52 + // or the platform minimum. On modern Linux libc this might resolve to
54 + size_t watchdogStackSize = PTHREAD_STACK_MIN;
55 + watchdogStackSize = std::max<size_t>(32 * 1024, watchdogStackSize);
57 // Gecko uses thread private for accounting and has to clean up at thread
58 // exit. Therefore, even though we don't have a return value from the
59 // watchdog, we need to join it on shutdown.
60 mThread = PR_CreateThread(PR_USER_THREAD, WatchdogMain, this,
61 PR_PRIORITY_NORMAL, PR_GLOBAL_THREAD,
62 - PR_JOINABLE_THREAD, kWatchdogStackSize);
63 + PR_JOINABLE_THREAD, watchdogStackSize);
65 MOZ_CRASH("PR_CreateThread failed!");
68 // WatchdogMain acquires the lock and then asserts mInitialized. So
69 // make sure to set mInitialized before releasing the lock here so
70 // that it's atomic with the creation of the thread.
75 # User stransky <stransky@redhat.com>
77 # Node ID 600365d8b24068e8105773830270cf86478aa487
78 # Parent 7f9b9624c400dc847dc0053ebe35fbe63353a3d2
79 Bug 1721326 - Use small stack for DoClone(). r=jld, a=RyanVM
81 Patch author is Florian Weimer <fweimer 'at' redhat.com>
83 Differential Revision: https://phabricator.services.mozilla.com/D120709
85 diff --git a/security/sandbox/linux/launch/SandboxLaunch.cpp b/security/sandbox/linux/launch/SandboxLaunch.cpp
86 --- a/security/sandbox/linux/launch/SandboxLaunch.cpp
87 +++ b/security/sandbox/linux/launch/SandboxLaunch.cpp
88 @@ -504,18 +504,17 @@ static int CloneCallee(void* aPtr) {
89 // stack, not switch stacks.
91 // Valgrind would disapprove of using clone() without CLONE_VM;
92 // Chromium uses the raw syscall as a workaround in that case, but
93 // we don't currently support sandboxing under valgrind.
94 MOZ_NEVER_INLINE MOZ_ASAN_BLACKLIST static pid_t DoClone(int aFlags,
96 static constexpr size_t kStackAlignment = 16;
97 - uint8_t miniStack[PTHREAD_STACK_MIN]
98 - __attribute__((aligned(kStackAlignment)));
99 + uint8_t miniStack[4096] __attribute__((aligned(kStackAlignment)));
101 void* stackPtr = miniStack;
103 void* stackPtr = ArrayEnd(miniStack);
105 return clone(CloneCallee, stackPtr, aFlags, aCtx);
108 @@ -526,23 +525,29 @@ MOZ_NEVER_INLINE MOZ_ASAN_BLACKLIST stat
109 static pid_t ForkWithFlags(int aFlags) {
110 // Don't allow flags that would share the address space, or
111 // require clone() arguments we're not passing:
112 static const int kBadFlags = CLONE_VM | CLONE_VFORK | CLONE_SETTLS |
113 CLONE_PARENT_SETTID | CLONE_CHILD_SETTID |
114 CLONE_CHILD_CLEARTID;
115 MOZ_RELEASE_ASSERT((aFlags & kBadFlags) == 0);
117 + // Block signals due to small stack in DoClone.
119 + BlockAllSignals(&oldSigs);
123 if (setjmp(ctx) == 0) {
124 // In the parent and just called setjmp:
125 - return DoClone(aFlags | SIGCHLD, &ctx);
126 + ret = DoClone(aFlags | SIGCHLD, &ctx);
128 + RestoreSignals(&oldSigs);
129 // In the child and have longjmp'ed:
134 static bool WriteStringToFile(const char* aPath, const char* aStr,
136 int fd = open(aPath, O_WRONLY);