Received: by 2002:a05:6359:c8b:b0:c7:702f:21d4 with SMTP id go11csp1647364rwb; Fri, 7 Oct 2022 16:16:57 -0700 (PDT) X-Google-Smtp-Source: AMsMyM6jopnsYlV85z4d/dm5xDpO8H/qoPWfWg54YhbmiEg23GHMfkTPVpUB/uAYtLGialvo4LE+ X-Received: by 2002:a17:902:ac97:b0:17c:759a:cd27 with SMTP id h23-20020a170902ac9700b0017c759acd27mr7081217plr.162.1665184617195; Fri, 07 Oct 2022 16:16:57 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1665184617; cv=none; d=google.com; s=arc-20160816; b=p5wrk5Ip4popyqlKnzP+MP0ozzE5jbwxSU2u0Yiy+cwSHmOReLVjso/GRsRBI/EQgd 4pO376usklpBOkfDLo7M+wL4RX0v0oPyv9TCBszORvkD2CAjsL2OpxNBiDyvwYnelzDK jTts6+0znKguMdYF7z5Xu32hdHw95hvGNP84E7DyBE1kCW0/XgsY/mxX24rGU7y5EBPu NETAjjFJkOrQ1+2nDVpYc3efq8cSwoWT0vNIx6FnOc7rTfCPCQAKp6MCj40qv8ILBWHj LxmpdKR8RcU7MySf8UmcOvUJ2q3CS5udMdydSyBoQK5yX/xAlTUpFuRybw15/81BIUTx +hjg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:cc:to:subject:message-id:date:from:in-reply-to :references:mime-version:dkim-signature; bh=rtoZt27StfCUmX+Bnz3gqQ40JrFnPYdCDaiJ+WdcE2I=; b=pcVZFscqFMQWFiHLaZf+DqWVmRLDMWex5TEeqGkTftXg1YVyPYOCfCsRojsIvpomJJ omDnA87ijKBfmlsfKu3a9LmcA0LWovr6Y4V7ukPw7W1QkGwPWLOoKohm2H92FNQ66r6i B5GlvzwC7d/68v06qubqpn2qQHRhvtlCl16AqTzxmEG7iaRQreIWDh0Fs+mnJWc1tiRa OYPxvEju5DmpFshZxWt+DlJ4pryYzQUHvMwrv9ZIXq+MvwwRI29zJFHKal+1101peCvq EJZA26p76CkhLLVdBXqdnT47mymDsOBed95cEuWwfZxlUCLcWVgr+1bcPdGQCTu4VO+e 430w== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@google.com header.s=20210112 header.b=O4FzzAzt; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=google.com Return-Path: Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20]) by mx.google.com with ESMTP id z27-20020a63b91b000000b00455db4531c5si4374456pge.486.2022.10.07.16.16.43; Fri, 07 Oct 2022 16:16:57 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20; Authentication-Results: mx.google.com; dkim=pass header.i=@google.com header.s=20210112 header.b=O4FzzAzt; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=google.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S229630AbiJGWzO (ORCPT + 99 others); Fri, 7 Oct 2022 18:55:14 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:45868 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S229507AbiJGWzM (ORCPT ); Fri, 7 Oct 2022 18:55:12 -0400 Received: from mail-pf1-x42c.google.com (mail-pf1-x42c.google.com [IPv6:2607:f8b0:4864:20::42c]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 1A11230F56 for ; Fri, 7 Oct 2022 15:55:10 -0700 (PDT) Received: by mail-pf1-x42c.google.com with SMTP id y136so6119344pfb.3 for ; Fri, 07 Oct 2022 15:55:10 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20210112; h=cc:to:subject:message-id:date:from:in-reply-to:references :mime-version:from:to:cc:subject:date:message-id:reply-to; bh=rtoZt27StfCUmX+Bnz3gqQ40JrFnPYdCDaiJ+WdcE2I=; b=O4FzzAzt8PMUC+TkOyyRMf3xSZI0c6cT+ueviXF2ICIKJ+guY6PjTyhMjIRxKIBj/v DZjKSG7YFiJQYd53b6YdCTDTjFAusIuw3FyQjWCBGzzwq/OZL3zScBgq7Kn2ZE/oIVU0 2gKCZvl/IlARDEimjpvPwZO01vBCNN0cBXzE7Sl9YOZIfML0fxgQwu3sw6dnJXA34XLK LZH7Zag7hQybphtYetu8IKgfub7kAw8sC0JTwmlMoQ/WVrqOxDfA11FFpLdDv60jJXus 6+Bb+WgApraXNrYLvlvEhwmN5L0x1o4I0YOlA0cMYcBknpGn8awfPFH7oQB101ArUNBH wf9w== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=cc:to:subject:message-id:date:from:in-reply-to:references :mime-version:x-gm-message-state:from:to:cc:subject:date:message-id :reply-to; bh=rtoZt27StfCUmX+Bnz3gqQ40JrFnPYdCDaiJ+WdcE2I=; b=eXUIZ6dFaMxtUNR1BjkMRxDp+02ajme7dwk0oofSuWn2JvkUkls17F5KitLbJ7WNw0 eROHGathS+V/L1wzb5DDUIGZLMvy5twBLxUvKYIi7D5ykSRdnwK4bkthZwad9wz7cX3d XffTnRR0MlTsRaXNMazgjmsxSRe0LYwaNs/ph+MDkW4IPrB7BTyj3FJb6C+nzrFMagpy JlZdSTaTHguFix+65OqWU5rECltGiDwgkho1Oi1FZNERPusmeG7kvDE07g/rM3XjhZkr JhHepc61KSmBOgaDdiIuAsOiwPsNyhLf4B3OjzNH/K4tO8qPVU03U6E/eMll7Tn7hJ+S mzxg== X-Gm-Message-State: ACrzQf1pO1XaFnOKlUpisFGG2k8W5WUQu06mazIyaG2z9YQyBsvMZduo fDiSJa+UXTJDrycqwnAU6k95HVd/mkPgvNE8uwDK+A== X-Received: by 2002:a63:e709:0:b0:438:98e8:d1c with SMTP id b9-20020a63e709000000b0043898e80d1cmr6567201pgi.403.1665183309403; Fri, 07 Oct 2022 15:55:09 -0700 (PDT) MIME-Version: 1.0 References: <20190307090146.1874906-1-arnd@arndb.de> <20221006222124.aabaemy7ofop7ccz@google.com> In-Reply-To: From: Nick Desaulniers Date: Fri, 7 Oct 2022 15:54:57 -0700 Message-ID: Subject: Re: [PATCH] fs/select: avoid clang stack usage warning To: Arnd Bergmann Cc: Kees Cook , linux-fsdevel@vger.kernel.org, Alexander Viro , Andrew Morton , Andi Kleen , Christoph Hellwig , Eric Dumazet , "Darrick J. Wong" , Greg Kroah-Hartman , linux-kernel@vger.kernel.org, llvm@lists.linux.dev, Paul Kirth Content-Type: text/plain; charset="UTF-8" X-Spam-Status: No, score=-17.6 required=5.0 tests=BAYES_00,DKIMWL_WL_MED, DKIM_SIGNED,DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF, ENV_AND_HDR_SPF_MATCH,RCVD_IN_DNSWL_NONE,SPF_HELO_NONE,SPF_PASS, USER_IN_DEF_DKIM_WL,USER_IN_DEF_SPF_WL autolearn=ham autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On Fri, Oct 7, 2022 at 2:43 PM Arnd Bergmann wrote: > > On Fri, Oct 7, 2022, at 9:04 PM, Nick Desaulniers wrote: > > On Fri, Oct 7, 2022 at 1:28 AM Arnd Bergmann wrote: > >> On Fri, Oct 7, 2022, at 12:21 AM, Nick Desaulniers wrote: > >> > On Thu, Mar 07, 2019 at 10:01:36AM +0100, Arnd Bergmann wrote: > >> > >> - If I mark 'do_select' as noinline_for_stack, the reported frame > >> size is decreased a lot and is suddenly independent of > >> -fsanitize=local-bounds: > >> fs/select.c:625:5: error: stack frame size (336) exceeds limit (100) in 'core_sys_select' [-Werror,-Wframe-larger-than] > >> int core_sys_select(int n, fd_set __user *inp, fd_set __user *outp, > >> fs/select.c:479:21: error: stack frame size (684) exceeds limit (100) in 'do_select' [-Werror,-Wframe-larger-than] > >> static noinline int do_select(int n, fd_set_bits *fds, struct timespec64 *end_time) > > > > I think this approach makes the most sense to me; the caller > > core_sys_select() has a large stack allocation `stack_fds`, and so > > does the callee do_select with `table`. Add in inlining and long live > > ranges and it makes sense that stack spills are going to tip us over > > the threshold set by -Wframe-larger-than. > > > > Whether you make do_select() `noinline_for_stack` conditional on > > additional configs like CC_IS_CLANG or CONFIG_UBSAN_LOCAL_BOUNDS is > > perhaps also worth considering. > > > > How would you feel about a patch that: > > 1. reverts commit ad312f95d41c ("fs/select: avoid clang stack usage warning") > > 2. marks do_select noinline_for_stack > > > > ? > > That is probably ok, but it does need proper testing to ensure that > there are no performance regressions. Any recommendations on how to do so? > Do you know if gcc inlines the > function by default? If not, we probably don't need to make it > conditional. Ah good idea. For i386 defconfig and x86_64 defconfig, it does not! Here's how I tested that: $ make -j128 defconfig fs/select.o $ llvm-objdump -Dr --disassemble-symbols=core_sys_select fs/select.o | grep do_select This seems to be affected by -fno-conserve-stack, a currently gcc-only command line flag. If I remove that, then i386 defconfig will inline do_select but x86_64 defconfig will not. I have a sneaking suspicion that -fno-conserve-stack and -Wframe-larger-than conspire in GCC to avoid inlining when doing so would trip `-Wframe-larger-than` warnings, but it's just a conspiracy theory; I haven't read the source. Probably should implement exactly that behavior in LLVM. I'll triple check 32b+64b arm configs next week to verify. But if GCC is not inlining do_select into core_sys_select then I think my patch https://lore.kernel.org/llvm/20221007201140.1744961-1-ndesaulniers@google.com/ is on the right track; probably could drop the 32b-only condition and make a note of GCC in the commit message. Also, my colleague Paul just whipped up a neat tool to help debug -Wframe-larger-than. https://reviews.llvm.org/D135488 See the output from my run here: https://paste.debian.net/1256338/ It's a very early WIP, but I think it would be incredibly helpful to have this, and will probably help us improve Clang's stack usage. -- Thanks, ~Nick Desaulniers