From bd303342774eeb628cc44dbb42f2f5b12cca56e5 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?=C3=89rico=20Nogueira?= Date: Sat, 17 Jul 2021 20:45:52 -0300 Subject: [PATCH] Manually set thread stack sizes. 8KB was empirically determined to work on musl. We can't go lower (musl supports up to 2KB) because posix_spawn allocates a temporary stack for vfork (via clone(2)) on its own stack. This improves our resource consumption and increases the likeliness for pthread_create to work even when there isn't a lot of free memory. Using pthread_setattr_default_np isn't possible, because on musl it doesn't allow us to go below the default thread stack size. This way is also more portable. We don't remove the guard pages entirely, because a shell prompt might be active in attacker controlled directories, and it's a reasonable protection against any stack overflow exploits that might appear. --- ep.c | 25 +++++++++++++++++++++++-- ep.h | 3 +++ git.c | 6 +++--- 3 files changed, 29 insertions(+), 5 deletions(-) diff --git a/ep.c b/ep.c index 95510a2..471fce5 100644 --- a/ep.c +++ b/ep.c @@ -22,6 +22,8 @@ #define PROMPT " ➜ " #define JOBS " ✦" +pthread_attr_t *thread_a = 0; + int main(int argc, char **argv) { setlocale(LC_ALL, ""); @@ -54,18 +56,37 @@ int main(int argc, char **argv) } } + pthread_attr_t attr; + + do { + if (pthread_attr_init(&attr)) break; + /* stack buffer in popen/posix_spawn can get big, so we can't go much below 8KB; + * we subtract 1024 so libc TLS can still fit into a 8KB region instead of + * requiring a 12KB region. This fiddling has no effect if PAGE_SIZE>4KB */ + if (pthread_attr_setstacksize(&attr, (1 << 13) - 1024)) { + pthread_attr_destroy(&attr); + break; + } + /* guarantee at least one memory page as guard */ + if (pthread_attr_setguardsize(&attr, 1)) { + pthread_attr_destroy(&attr); + break; + } + thread_a = &attr; + } while(0); + /* start threads for long(er) running steps */ struct threaded_task root_lang_task = { .task = task_launch_root_lang }; int git_launched = 1; pthread_t git_handle; - if (pthread_create(&git_handle, NULL, git_thread, &root_lang_task)) { + if (pthread_create(&git_handle, thread_a, git_thread, &root_lang_task)) { e(INFO, "couldn't create git thread", errno); git_launched = 0; } int pwd_lang_launched = 1; pthread_t pwd_lang_handle; - if (pthread_create(&pwd_lang_handle, NULL, lang_thread, NULL)) { + if (pthread_create(&pwd_lang_handle, thread_a, lang_thread, NULL)) { e(INFO, "couldn't create lang thread", errno); pwd_lang_launched = 0; } diff --git a/ep.h b/ep.h index 6c1cd3f..1aa8eef 100644 --- a/ep.h +++ b/ep.h @@ -15,6 +15,9 @@ struct threaded_task { enum task_identity task; }; +/* from ep.c */ +extern pthread_attr_t *thread_a; + /* from out.c */ extern FILE *out, *outerr; enum log_level_value { DEBUG, INFO, WARN, ERROR }; diff --git a/git.c b/git.c index becb87d..ee1c0f3 100644 --- a/git.c +++ b/git.c @@ -94,14 +94,14 @@ void *git_thread(void *arg) * if we add more stuff to do in repos, launch more threads */ pthread_t status_handle, root_handle; - if (pthread_create(&status_handle, NULL, get_git_status, git_info)) + if (pthread_create(&status_handle, thread_a, get_git_status, git_info)) goto status_create_error; - if (pthread_create(&root_handle, NULL, get_git_root, git_info)) + if (pthread_create(&root_handle, thread_a, get_git_root, git_info)) goto root_create_error; pthread_join(root_handle, NULL); if (root_lang_task && git_info->git_root) { - root_lang_task->launched = !pthread_create(&root_lang_task->handle, NULL, lang_thread, git_info->git_root); + root_lang_task->launched = !pthread_create(&root_lang_task->handle, thread_a, lang_thread, git_info->git_root); } root_create_error: pthread_join(status_handle, NULL);