Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

faulthandler._stack_overflow doesn't work on x86-linux with KPTI enabled #81037

Closed
xry111 mannequin opened this issue May 8, 2019 · 6 comments
Closed

faulthandler._stack_overflow doesn't work on x86-linux with KPTI enabled #81037

xry111 mannequin opened this issue May 8, 2019 · 6 comments
Labels
3.7 (EOL) end of life extension-modules C modules in the Modules dir type-bug An unexpected behavior, bug, or error

Comments

@xry111
Copy link
Mannequin

xry111 mannequin commented May 8, 2019

BPO 36856
Nosy @vstinner, @pablogsal, @miss-islington, @xry111
PRs
  • bpo-36856: Handle possible overflow in faulthandler_stack_overflow #13205
  • [3.7] bpo-36856: Handle possible overflow in faulthandler_stack_overflow (GH-13205) #13605
    		•

    Note: these values reflect the state of the issue at the time it was migrated and might not reflect the current state.

    Show more details

    GitHub fields:

    assignee = None
closed_at = <Date 2019-05-28.00:20:17.535>
created_at = <Date 2019-05-08.17:23:39.311>
labels = ['extension-modules', 'type-bug', '3.7']
title = "faulthandler._stack_overflow doesn't work on x86-linux with KPTI enabled"
updated_at = <Date 2019-05-28.00:20:17.534>
user = 'https://github.com/xry111'

    bugs.python.org fields:

    activity = <Date 2019-05-28.00:20:17.534>
actor = 'vstinner'
assignee = 'none'
closed = True
closed_date = <Date 2019-05-28.00:20:17.535>
closer = 'vstinner'
components = ['Extension Modules']
creation = <Date 2019-05-08.17:23:39.311>
creator = 'xry111'
dependencies = []
files = []
hgrepos = []
issue_num = 36856
keywords = ['patch']
message_count = 6.0
messages = ['341915', '341922', '341923', '342209', '343719', '343721']
nosy_count = 4.0
nosy_names = ['vstinner', 'pablogsal', 'miss-islington', 'xry111']
pr_nums = ['13205', '13605']
priority = 'normal'
resolution = 'fixed'
stage = 'resolved'
status = 'closed'
superseder = None
type = 'behavior'
url = 'https://bugs.python.org/issue36856'
versions = ['Python 3.7']
    @xry111
    Copy link
    Mannequin Author

    xry111 mannequin commented May 8, 2019

    In faulthandler.c STACK_OVERFLOW_MAX_SIZE is defined to 100 * 1024 * 1024 (100MB). But recently KPTI has been applied to mitigate Meltdown (CVE-2017-5754) so the userspace stack pointer may be very close to 0xffffffff on Linux systems with 32-bit x86. For example, on my laptop it's sometimes 0xffffcc20. So the expression

    sp + STACK_OVERFLOW_MAX_SIZE

    overflows and becomes a very small number. That causes faulthandler._stack_overflow() to bail out after only one recursive call:

    Traceback (most recent call last):
  File "<string>", line 1, in <module>
RuntimeError: unable to raise a stack overflow (allocated 4124 bytes on the stack, 1 recursive calls)

    @xry111 xry111 mannequin added 3.7 (EOL) end of life extension-modules C modules in the Modules dir type-bug An unexpected behavior, bug, or error labels May 8, 2019
    @pablogsal
    Copy link
    Member

    Are uintptr_t overflow/underflow semantics a defined behavior?

    @xry111
    Copy link
    Mannequin Author

    xry111 mannequin commented May 8, 2019

    Are uintptr_t overflow/underflow semantics a defined behavior?

    Yes. Unlike signed overflow, unsigned overflow is defined to be 2's complement. The problem is this overflow results a wrong stack pointer limit and breaks _stack_overflow.

    @vstinner
    Copy link
    Member

    New changeset 6236c98 by Victor Stinner (Xi Ruoyao) in branch 'master':
    bpo-36856: Handle possible overflow in faulthandler_stack_overflow (GH-13205)
    6236c98

    @miss-islington
    Copy link
    Contributor

    New changeset 1062cf7 by Miss Islington (bot) in branch '3.7':
    bpo-36856: Handle possible overflow in faulthandler_stack_overflow (GH-13205)
    1062cf7

    @vstinner
    Copy link
    Member

    Thanks Xi Ruoyao, I applied your fix to 3.7 and master branches.

    @ezio-melotti ezio-melotti transferred this issue from another repository Apr 10, 2022
    Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
    Assignees
    No one assigned
    Labels
    3.7 (EOL) end of life extension-modules C modules in the Modules dir type-bug An unexpected behavior, bug, or error
    Projects
    None yet
    Milestone
    No milestone
    Development

    No branches or pull requests
    3 participants
    @vstinner @pablogsal @miss-islington