From: Nick Desaulniers <ndesaulniers@google.com>
To: Arnd Bergmann <arnd@arndb.de>
Cc: Kees Cook <keescook@chromium.org>,
linux-fsdevel@vger.kernel.org,
Alexander Viro <viro@zeniv.linux.org.uk>,
Andrew Morton <akpm@linux-foundation.org>,
Andi Kleen <ak@linux.intel.com>, Christoph Hellwig <hch@lst.de>,
Eric Dumazet <edumazet@google.com>,
"Darrick J. Wong" <darrick.wong@oracle.com>,
Greg Kroah-Hartman <gregkh@linuxfoundation.org>,
linux-kernel@vger.kernel.org, llvm@lists.linux.dev,
Paul Kirth <paulkirth@google.com>
Subject: Re: [PATCH] fs/select: avoid clang stack usage warning
Date: Fri, 7 Oct 2022 15:54:57 -0700 [thread overview]
Message-ID: <CAKwvOdmNiSok3sAMJs2PQLs0yVzOfMTaQTWjyW8q2oc3VF60sw@mail.gmail.com> (raw)
In-Reply-To: <e554eb3c-d065-4aad-b6d2-a12469eaf49c@app.fastmail.com>
On Fri, Oct 7, 2022 at 2:43 PM Arnd Bergmann <arnd@arndb.de> wrote:
>
> On Fri, Oct 7, 2022, at 9:04 PM, Nick Desaulniers wrote:
> > On Fri, Oct 7, 2022 at 1:28 AM Arnd Bergmann <arnd@arndb.de> wrote:
> >> On Fri, Oct 7, 2022, at 12:21 AM, Nick Desaulniers wrote:
> >> > On Thu, Mar 07, 2019 at 10:01:36AM +0100, Arnd Bergmann wrote:
> >>
> >> - If I mark 'do_select' as noinline_for_stack, the reported frame
> >> size is decreased a lot and is suddenly independent of
> >> -fsanitize=local-bounds:
> >> fs/select.c:625:5: error: stack frame size (336) exceeds limit (100) in 'core_sys_select' [-Werror,-Wframe-larger-than]
> >> int core_sys_select(int n, fd_set __user *inp, fd_set __user *outp,
> >> fs/select.c:479:21: error: stack frame size (684) exceeds limit (100) in 'do_select' [-Werror,-Wframe-larger-than]
> >> static noinline int do_select(int n, fd_set_bits *fds, struct timespec64 *end_time)
> >
> > I think this approach makes the most sense to me; the caller
> > core_sys_select() has a large stack allocation `stack_fds`, and so
> > does the callee do_select with `table`. Add in inlining and long live
> > ranges and it makes sense that stack spills are going to tip us over
> > the threshold set by -Wframe-larger-than.
> >
> > Whether you make do_select() `noinline_for_stack` conditional on
> > additional configs like CC_IS_CLANG or CONFIG_UBSAN_LOCAL_BOUNDS is
> > perhaps also worth considering.
> >
> > How would you feel about a patch that:
> > 1. reverts commit ad312f95d41c ("fs/select: avoid clang stack usage warning")
> > 2. marks do_select noinline_for_stack
> >
> > ?
>
> That is probably ok, but it does need proper testing to ensure that
> there are no performance regressions.
Any recommendations on how to do so?
> Do you know if gcc inlines the
> function by default? If not, we probably don't need to make it
> conditional.
Ah good idea. For i386 defconfig and x86_64 defconfig, it does not!
Here's how I tested that:
$ make -j128 defconfig fs/select.o
$ llvm-objdump -Dr --disassemble-symbols=core_sys_select fs/select.o |
grep do_select
This seems to be affected by -fno-conserve-stack, a currently gcc-only
command line flag. If I remove that, then i386 defconfig will inline
do_select but x86_64 defconfig will not.
I have a sneaking suspicion that -fno-conserve-stack and
-Wframe-larger-than conspire in GCC to avoid inlining when doing so
would trip `-Wframe-larger-than` warnings, but it's just a conspiracy
theory; I haven't read the source. Probably should implement exactly
that behavior in LLVM.
I'll triple check 32b+64b arm configs next week to verify. But if GCC
is not inlining do_select into core_sys_select then I think my patch
https://lore.kernel.org/llvm/20221007201140.1744961-1-ndesaulniers@google.com/
is on the right track; probably could drop the 32b-only condition and
make a note of GCC in the commit message.
Also, my colleague Paul just whipped up a neat tool to help debug
-Wframe-larger-than.
https://reviews.llvm.org/D135488
See the output from my run here:
https://paste.debian.net/1256338/
It's a very early WIP, but I think it would be incredibly helpful to
have this, and will probably help us improve Clang's stack usage.
--
Thanks,
~Nick Desaulniers
next prev parent reply other threads:[~2022-10-07 22:55 UTC|newest]
Thread overview: 21+ messages / expand[flat|nested] mbox.gz Atom feed top
2019-03-07 9:01 [PATCH] fs/select: avoid clang stack usage warning Arnd Bergmann
2019-03-07 16:19 ` Andi Kleen
2022-10-06 22:21 ` Nick Desaulniers
2022-10-07 8:28 ` Arnd Bergmann
2022-10-07 19:04 ` Nick Desaulniers
2022-10-07 20:11 ` [PATCH] fs/select: mark do_select noinline_for_stack for 32b Nick Desaulniers
2022-10-10 7:44 ` Christoph Hellwig
2022-10-10 16:42 ` Nick Desaulniers
2022-10-10 19:55 ` Arnd Bergmann
2022-10-13 18:52 ` kernel test robot
2022-10-07 21:42 ` [PATCH] fs/select: avoid clang stack usage warning Arnd Bergmann
2022-10-07 22:54 ` Nick Desaulniers [this message]
2022-10-10 18:40 ` Nick Desaulniers
2022-10-11 12:46 ` Arnd Bergmann
2022-10-11 20:55 ` [PATCH v2] fs/select: mark do_select noinline_for_stack Nick Desaulniers
2022-10-14 22:39 ` Nathan Chancellor
2022-10-07 23:17 ` [PATCH] fs/select: avoid clang stack usage warning Kees Cook
2022-10-09 10:49 ` David Laight
2022-10-08 1:46 ` Andi Kleen
2022-10-11 20:50 ` Nick Desaulniers
2022-10-13 20:52 ` Andi Kleen
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=CAKwvOdmNiSok3sAMJs2PQLs0yVzOfMTaQTWjyW8q2oc3VF60sw@mail.gmail.com \
--to=ndesaulniers@google.com \
--cc=ak@linux.intel.com \
--cc=akpm@linux-foundation.org \
--cc=arnd@arndb.de \
--cc=darrick.wong@oracle.com \
--cc=edumazet@google.com \
--cc=gregkh@linuxfoundation.org \
--cc=hch@lst.de \
--cc=keescook@chromium.org \
--cc=linux-fsdevel@vger.kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=llvm@lists.linux.dev \
--cc=paulkirth@google.com \
--cc=viro@zeniv.linux.org.uk \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).