mirrors/cosmopolitan
1
0
Fork 0
mirror of https://github.com/jart/cosmopolitan.git synced 2024-05-12 08:32:40 +00:00
Code Issues Projects Releases Wiki Activity

Increase stack size to 128k and guard size to 16k

Browse source 
This improves our compatibility with Apple M1.
This commit is contained in:
Justine Tunney 2022-12-18 22:58:29 -08:00
parent 57c0dcdc29
commit dd04aeba1c
No known key found for this signature in database
GPG key ID: BE714B4575D6E328
36 changed files with 109 additions and 125 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

11
libc/calls/calls.mk
View file

@ -121,21 +121,12 @@ o/$(MODE)/libc/calls/execlp.o \
o/$(MODE)/libc/calls/statfs.o \
o/$(MODE)/libc/calls/fstatfs.o \
o/$(MODE)/libc/calls/execve-sysv.o \
o/$(MODE)/libc/calls/readlinkat-nt.o \
o/$(MODE)/libc/calls/execve-nt.greg.o \
o/$(MODE)/libc/calls/mkntenvblock.o: private \
OVERRIDE_CPPFLAGS += \
-DSTACK_FRAME_UNLIMITED
# we must disable static stack safety because:
# PATH_MAX*sizeof(char16_t)*2 exceeds 4096 byte frame limit
o/$(MODE)/libc/calls/copyfile.o \
o/$(MODE)/libc/calls/symlinkat-nt.o \
o/$(MODE)/libc/calls/readlinkat-nt.o \
o/$(MODE)/libc/calls/linkat-nt.o \
o/$(MODE)/libc/calls/renameat-nt.o: private \
OVERRIDE_CPPFLAGS += \
-DSTACK_FRAME_UNLIMITED
# we must segregate codegen because:
# file contains multiple independently linkable apis
o/$(MODE)/libc/calls/ioctl-siocgifconf.o \

3
libc/calls/readlinkat-nt.c
View file

@ -28,6 +28,7 @@
#include "libc/nt/files.h"
#include "libc/nt/runtime.h"
#include "libc/nt/struct/reparsedatabuffer.h"
#include "libc/runtime/stack.h"
#include "libc/str/str.h"
#include "libc/str/utf16.h"
#include "libc/sysv/errfuns.h"
@ -45,7 +46,7 @@ textwindows ssize_t sys_readlinkat_nt(int dirfd, const char *path, char *buf,
if (__mkntpathat(dirfd, path, 0, path16) == -1) return -1;
mem = 16384;
memory = alloca(mem);
for (i = 0; i < mem; i += PAGESIZE) memory[i] = 0;
CheckLargeStackAllocation(memory, mem);
rdb = (struct NtReparseDataBuffer *)memory;
if ((h = CreateFile(path16, 0, 0, 0, kNtOpenExisting,
kNtFileFlagOpenReparsePoint | kNtFileFlagBackupSemantics,

40
libc/integral/c.inc
View file

@ -151,7 +151,7 @@ typedef struct {
#define memcpyesque libcesque
#define strlenesque libcesque nosideeffect paramsnonnull()
#define vallocesque \
libcesque dontdiscard returnsaligned((PAGESIZE)) returnspointerwithnoaliases
libcesque dontdiscard returnsaligned((GUARDSIZE)) returnspointerwithnoaliases
#define reallocesque libcesque returnsaligned((16))
#define mallocesque reallocesque returnspointerwithnoaliases
#define interruptfn nocallersavedregisters forcealignargpointer
@ -273,9 +273,9 @@ typedef struct {
static __inline __attribute__((__always_inline__, __gnu_inline__, \
__no_instrument_function__, __unused__))
#else
#define forceinline \
static __inline __attribute__( \
(__always_inline__, __no_instrument_function__, __unused__))
#define forceinline \
static __inline __attribute__((__always_inline__, \
__no_instrument_function__, __unused__))
#endif /* __GNUC_STDC_INLINE__ */
#endif /* GCC >= 4.3 */
#elif defined(_MSC_VER)
@ -677,19 +677,19 @@ typedef struct {
#if defined(__GNUC__) || defined(__llvm__)
#pragma GCC diagnostic ignored \
"-Wundef" /* complaints about __ASSEMBLER__/__LINKER__ */
#pragma GCC diagnostic ignored "-Wsign-compare" /* lint needs to change */
#pragma GCC diagnostic ignored "-Wtype-limits" /* makes macros unsafe */
#pragma GCC diagnostic ignored "-Woverflow" /* also breaks macros */
#pragma GCC diagnostic ignored "-Wformat" /* forces only gnu pf */
#pragma GCC diagnostic ignored "-Wsign-compare" /* lint needs to change */
#pragma GCC diagnostic ignored "-Wtype-limits" /* makes macros unsafe */
#pragma GCC diagnostic ignored "-Woverflow" /* also breaks macros */
#pragma GCC diagnostic ignored "-Wformat" /* forces only gnu pf */
#pragma GCC diagnostic ignored "-Wunused-parameter" /* extreme prejudice */
#pragma GCC diagnostic ignored "-Wunused-function" /* contradicts dce! */
#pragma GCC diagnostic ignored "-Wunused-const-variable" /* let me dce */
#pragma GCC diagnostic ignored "-Wunused-variable" /* belongs in tidy */
#pragma GCC diagnostic ignored "-Wformat-extra-args" /* is also broken */
#pragma GCC diagnostic ignored "-Wparentheses" /* annoying tidy */
#pragma GCC diagnostic ignored "-Wdangling-else" /* come on tidy */
#pragma GCC diagnostic ignored "-Wformat-security" /* come on tidy */
#pragma GCC diagnostic ignored "-Wunused-value" /* breaks macros */
#pragma GCC diagnostic ignored "-Wunused-function" /* contradicts dce! */
#pragma GCC diagnostic ignored "-Wunused-const-variable" /* let me dce */
#pragma GCC diagnostic ignored "-Wunused-variable" /* belongs in tidy */
#pragma GCC diagnostic ignored "-Wformat-extra-args" /* is also broken */
#pragma GCC diagnostic ignored "-Wparentheses" /* annoying tidy */
#pragma GCC diagnostic ignored "-Wdangling-else" /* come on tidy */
#pragma GCC diagnostic ignored "-Wformat-security" /* come on tidy */
#pragma GCC diagnostic ignored "-Wunused-value" /* breaks macros */
#pragma GCC diagnostic ignored "-Wdeprecated-declarations" /* libcxx */
#ifndef __cplusplus
#pragma GCC diagnostic ignored "-Wimplicit-int"
@ -709,7 +709,7 @@ typedef struct {
#if __GNUC__ >= 8
#pragma GCC diagnostic ignored "-Wstringop-truncation"
#pragma GCC diagnostic ignored "-Wstringop-overflow" /* breaks strndup */
#endif /* GCC8+ */
#endif /* GCC8+ */
#if __GNUC__ + 0 >= 9
#pragma GCC diagnostic ignored /* "always true" breaks dce */ "-Waddress"
#endif /* GCC9+ */
@ -720,8 +720,8 @@ typedef struct {
"-Wincompatible-pointer-types-discards-qualifiers"
#pragma clang diagnostic ignored "-Wbuiltin-requires-header"
#pragma clang diagnostic ignored "-Wparentheses-equality" /*-save-temps*/
#pragma clang diagnostic ignored "-Wunused-value" /*({-save-temps})*/
#pragma clang diagnostic ignored "-Wstring-plus-int" /* special ed */
#pragma clang diagnostic ignored "-Wunused-value" /*({-save-temps})*/
#pragma clang diagnostic ignored "-Wstring-plus-int" /* special ed */
#pragma clang diagnostic ignored "-Wunused-value" /* extreme prejudice */
#pragma clang diagnostic ignored "-Wbuiltin-requires-header"
#pragma clang diagnostic ignored \
@ -756,7 +756,7 @@ typedef struct {
#if __GNUC__ >= 6
#pragma GCC diagnostic error "-Wnonnull-compare"
#if defined(COSMO) && !defined(MODE_DBG) && !defined(STACK_FRAME_UNLIMITED)
#pragma GCC diagnostic error "-Wframe-larger-than=4096"
#pragma GCC diagnostic error "-Wframe-larger-than=16384"
#if __GNUC__ >= 9
#pragma GCC diagnostic error "-Walloca-larger-than=1024"
#pragma GCC diagnostic error "-Wvla-larger-than=1024"

3
libc/integral/normalize.inc
View file

@ -70,13 +70,14 @@
#if defined(COSMO) && (defined(MODE_DBG) || defined(__SANITIZE_ADDRESS__))
#define STACKSIZE 262144 /* 256kb stack */
#elif defined(COSMO)
#define STACKSIZE 65536 /* 64kb stack */
#define STACKSIZE 131072 /* 128kb stack */
#else
#define STACKSIZE 8388608 /* 8mb stack */
#endif
#define BIGPAGESIZE 0x200000
#define FRAMESIZE 0x10000 /* 8086 */
#define GUARDSIZE 0x4000 /* b/c apple m1 */
#define PAGESIZE 0x1000 /* i386+ */
#define BUFSIZ 0x1000 /* best stdio default */
#define CACHELINE 0x40 /* nexgen32e */

4
libc/intrin/asan.c
View file

@ -1458,7 +1458,7 @@ static textstartup void __asan_shadow_mapping(struct MemoryIntervals *m,
static textstartup void __asan_shadow_existing_mappings(void) {
__asan_shadow_mapping(&_mmi, 0);
__asan_map_shadow(GetStackAddr(), GetStackSize());
__asan_poison((void *)GetStackAddr(), PAGESIZE, kAsanStackOverflow);
__asan_poison((void *)GetStackAddr(), GUARDSIZE, kAsanStackOverflow);
}
__attribute__((__constructor__)) void __asan_init(int argc, char **argv,
@ -1482,7 +1482,7 @@ __attribute__((__constructor__)) void __asan_init(int argc, char **argv,
__asan_shadow_existing_mappings();
__asan_map_shadow((uintptr_t)_base, _end - _base);
__asan_map_shadow(0, 4096);
__asan_poison(0, PAGESIZE, kAsanNullPage);
__asan_poison(0, GUARDSIZE, kAsanNullPage);
if (!IsWindows()) {
__sysv_mprotect((void *)0x7fff8000, 0x10000, PROT_READ);
}

1
libc/intrin/extend.c
View file

@ -75,6 +75,7 @@ noasan void *_extend(void *p, size_t n, void *e, int f, intptr_t h) {
char *q;
_unassert(!((uintptr_t)SHADOW(p) & (G - 1)));
_unassert((uintptr_t)p + (G << kAsanScale) <= h);
// TODO(jart): Make this spin less in non-ASAN mode.
for (q = e; q < ((char *)p + n); q += 8) {
if (!((uintptr_t)q & (G - 1))) {
_unassert(q + G <= (char *)h);

2
libc/log/oncrash.c
View file

@ -232,7 +232,7 @@ relegated void ShowCrashReport(int err, int sig, struct siginfo *si,
" %s %s %s %s\n",
!__nocolor ? "\e[30;101m" : "", !__nocolor ? "\e[0m" : "", sig,
(ctx && (ctx->uc_mcontext.rsp >= GetStaticStackAddr(0) &&
ctx->uc_mcontext.rsp <= GetStaticStackAddr(0) + PAGESIZE))
ctx->uc_mcontext.rsp <= GetStaticStackAddr(0) + GUARDSIZE))
? "Stack Overflow"
: GetSiCodeName(sig, si->si_code),
host, getpid(), gettid(), program_invocation_name, names.sysname,

2
libc/mem/balloc.c
View file

@ -21,7 +21,7 @@
/* TODO(jart): delete */
#define kGuard PAGESIZE
#define kGuard GUARDSIZE
#define kGrain FRAMESIZE
/**

5
libc/runtime/clone-linux.S
View file

@ -44,9 +44,14 @@ sys_clone_linux:
ret
2: xor %ebp,%ebp # child thread
mov %rbx,%rdi # arg
mov %r10,%r15 # experiment
mov (%r10),%esi # tid
call *%r9 # func(arg,tid)
xchg %eax,%edi # func(arg,tid) exitcode
mov (%r15),%eax # experiment
test %eax,%eax # experiment
jz 1f # experiment
mov $60,%eax # __NR_exit(exitcode)
syscall
1: hlt # ctid was corrupted by program!
.endfn sys_clone_linux,globl,hidden

1
libc/runtime/clone.c
View file

@ -446,6 +446,7 @@ static int CloneLinux(int (*func)(void *arg, int rc), char *stk, size_t stksz,
sp -= sizeof(int);
sp = sp & -alignof(int);
ctid = (int *)sp;
sp -= 8; // experiment
}
sp = sp & -16; // align the stack
if ((rc = sys_clone_linux(flags, sp, ptid, ctid, tls, func, arg)) >= 0) {

8
libc/runtime/mmap.c
View file

@ -381,10 +381,10 @@ static noasan inline void *Mmap(void *addr, size_t size, int prot, int flags,
// however this 1mb behavior oddly enough is smart enough to not
// apply if the mapping is a manually-created guard page.
int e = errno;
if ((dm = sys_mmap(p + size - PAGESIZE, PAGESIZE, prot,
if ((dm = sys_mmap(p + size - GUARDSIZE, GUARDSIZE, prot,
f | MAP_GROWSDOWN_linux, fd, off))
.addr != MAP_FAILED) {
_npassert(sys_mmap(p, PAGESIZE, PROT_NONE,
_npassert(sys_mmap(p, GUARDSIZE, PROT_NONE,
MAP_FIXED | MAP_PRIVATE | MAP_ANONYMOUS, -1, 0)
.addr == p);
dm.addr = p;
@ -412,11 +412,11 @@ static noasan inline void *Mmap(void *addr, size_t size, int prot, int flags,
if (needguard) {
if (!IsWindows()) {
// make windows fork() code simpler
mprotect(p, PAGESIZE, PROT_NONE);
mprotect(p, GUARDSIZE, PROT_NONE);
}
if (IsAsan()) {
__repstosb((void *)(((intptr_t)p >> 3) + 0x7fff8000),
kAsanStackOverflow, PAGESIZE / 8);
kAsanStackOverflow, GUARDSIZE / 8);
}
}
}

2
libc/runtime/stack.h
View file

@ -122,7 +122,7 @@ extern char ape_stack_align[] __attribute__((__weak__));
*/
#define HaveStackMemory(n) \
(IsTiny() || \
(intptr_t)__builtin_frame_address(0) >= GetStackAddr() + PAGESIZE + (n))
(intptr_t)__builtin_frame_address(0) >= GetStackAddr() + GUARDSIZE + (n))
forceinline void CheckLargeStackAllocation(void *p, ssize_t n) {
for (; n > 0; n -= 4096) {

2
libc/str/memmem.c
View file

@ -16,9 +16,9 @@
TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR
PERFORMANCE OF THIS SOFTWARE.
*/
#include "libc/intrin/likely.h"
#include "libc/dce.h"
#include "libc/intrin/asan.internal.h"
#include "libc/intrin/likely.h"
#include "libc/str/str.h"
typedef char xmm_t __attribute__((__vector_size__(16), __aligned__(16)));

4
libc/str/str.mk
View file

@ -45,10 +45,6 @@ $(LIBC_STR_A).pkg: \
$(LIBC_STR_A_OBJS) \
$(foreach x,$(LIBC_STR_A_DIRECTDEPS),$($(x)_A).pkg)
o/$(MODE)/libc/str/memmem.o: private \
OVERRIDE_CPPFLAGS += \
-DSTACK_FRAME_UNLIMITED
o/$(MODE)/libc/str/wmemset.o \
o/$(MODE)/libc/str/memset16.o \
o/$(MODE)/libc/str/dosdatetimetounix.o: private \

2
libc/thread/pthread_attr_init.c
View file

@ -27,7 +27,7 @@
errno_t pthread_attr_init(pthread_attr_t *attr) {
*attr = (pthread_attr_t){
.__stacksize = GetStackSize(),
.__guardsize = PAGESIZE,
.__guardsize = GUARDSIZE,
};
return 0;
}

6
libc/thread/pthread_create.c
View file

@ -174,12 +174,12 @@ static errno_t pthread_create_impl(pthread_t *thread,
pt->flags = PT_OWNSTACK;
pt->attr.__stacksize = MAX(pt->attr.__stacksize, GetStackSize());
pt->attr.__stacksize = _roundup2pow(pt->attr.__stacksize);
pt->attr.__guardsize = ROUNDUP(pt->attr.__guardsize, PAGESIZE);
if (pt->attr.__guardsize + PAGESIZE >= pt->attr.__stacksize) {
pt->attr.__guardsize = ROUNDUP(pt->attr.__guardsize, GUARDSIZE);
if (pt->attr.__guardsize + GUARDSIZE >= pt->attr.__stacksize) {
_pthread_free(pt);
return EINVAL;
}
if (pt->attr.__guardsize == PAGESIZE) {
if (pt->attr.__guardsize == GUARDSIZE) {
// user is wisely using smaller stacks with default guard size
pt->attr.__stackaddr =
mmap(0, pt->attr.__stacksize, PROT_READ | PROT_WRITE,

13
net/turfwar/turfwar.c
View file

@ -46,6 +46,7 @@
#include "libc/runtime/internal.h"
#include "libc/runtime/runtime.h"
#include "libc/runtime/stack.h"
#include "libc/runtime/sysconf.h"
#include "libc/sock/sock.h"
#include "libc/sock/struct/pollfd.h"
#include "libc/sock/struct/sockaddr.h"
@ -114,7 +115,7 @@
#define SOCK_MAX 100 // max length of socket queue
#define MSG_BUF 512 // small response lookaside
#define INBUF_SIZE PAGESIZE
#define INBUF_SIZE FRAMESIZE
#define OUTBUF_SIZE 8192
#define TB_BYTES (1u << TB_CIDR)
@ -632,16 +633,18 @@ static bool GetNick(char *inbuf, struct HttpMessage *msg, struct Claim *v) {
// so if it gets hacked it'll at least crash instead of get compromised
void *NewSafeBuffer(size_t n) {
char *p;
size_t m = ROUNDUP(n, PAGESIZE);
_npassert((p = valloc(m + PAGESIZE)));
_npassert(!mprotect(p + m, PAGESIZE, PROT_NONE));
long pagesize = sysconf(_SC_PAGESIZE);
size_t m = ROUNDUP(n, pagesize);
_npassert((p = valloc(m + pagesize)));
_npassert(!mprotect(p + m, pagesize, PROT_NONE));
return p;
}
// frees memory with hardware-accelerated buffer overflow detection
void FreeSafeBuffer(void *p) {
long pagesize = sysconf(_SC_PAGESIZE);
size_t n = malloc_usable_size(p);
size_t m = ROUNDDOWN(n, PAGESIZE);
size_t m = ROUNDDOWN(n, pagesize);
_npassert(!mprotect(p, m, PROT_READ | PROT_WRITE));
free(p);
}

18
test/libc/calls/setrlimit_test.c
View file

@ -125,8 +125,8 @@ TEST(setrlimit, testMemoryLimit) {
ASSERT_NE(-1, (wstatus = xspawn(0)));
if (wstatus == -2) {
ASSERT_EQ(0, SetKernelEnforcedMemoryLimit(MEM));
for (gotsome = i = 0; i < (MEM * 2) / PAGESIZE; ++i) {
p = mmap(0, PAGESIZE, PROT_READ | PROT_WRITE,
for (gotsome = i = 0; i < (MEM * 2) / GUARDSIZE; ++i) {
p = mmap(0, GUARDSIZE, PROT_READ | PROT_WRITE,
MAP_ANONYMOUS | MAP_PRIVATE | MAP_POPULATE, -1, 0);
if (p != MAP_FAILED) {
gotsome = true;
@ -138,7 +138,7 @@ TEST(setrlimit, testMemoryLimit) {
ASSERT_EQ(ENOMEM, errno);
_Exit(0);
}
rngset(p, PAGESIZE, _rand64, -1);
rngset(p, GUARDSIZE, _rand64, -1);
}
_Exit(1);
}
@ -158,15 +158,15 @@ TEST(setrlimit, testVirtualMemoryLimit) {
ASSERT_NE(-1, (wstatus = xspawn(0)));
if (wstatus == -2) {
ASSERT_EQ(0, setrlimit(RLIMIT_AS, &(struct rlimit){MEM, MEM}));
for (i = 0; i < (MEM * 2) / PAGESIZE; ++i) {
p = sys_mmap(0, PAGESIZE, PROT_READ | PROT_WRITE,
for (i = 0; i < (MEM * 2) / GUARDSIZE; ++i) {
p = sys_mmap(0, GUARDSIZE, PROT_READ | PROT_WRITE,
MAP_ANONYMOUS | MAP_PRIVATE | MAP_POPULATE, -1, 0)
.addr;
if (p == MAP_FAILED) {
ASSERT_EQ(ENOMEM, errno);
_Exit(0);
}
rngset(p, PAGESIZE, _rand64, -1);
rngset(p, GUARDSIZE, _rand64, -1);
}
_Exit(1);
}
@ -188,15 +188,15 @@ TEST(setrlimit, testDataMemoryLimit) {
ASSERT_NE(-1, (wstatus = xspawn(0)));
if (wstatus == -2) {
ASSERT_EQ(0, setrlimit(RLIMIT_DATA, &(struct rlimit){MEM, MEM}));
for (i = 0; i < (MEM * 2) / PAGESIZE; ++i) {
p = sys_mmap(0, PAGESIZE, PROT_READ | PROT_WRITE,
for (i = 0; i < (MEM * 2) / GUARDSIZE; ++i) {
p = sys_mmap(0, GUARDSIZE, PROT_READ | PROT_WRITE,
MAP_ANONYMOUS | MAP_PRIVATE | MAP_POPULATE, -1, 0)
.addr;
if (p == MAP_FAILED) {
ASSERT_EQ(ENOMEM, errno);
_Exit(0);
}
rngset(p, PAGESIZE, _rand64, -1);
rngset(p, GUARDSIZE, _rand64, -1);
}
_Exit(1);
}

6
test/libc/intrin/kprintf_test.c
View file

@ -226,9 +226,9 @@ TEST(ksnprintf, fuzzTheUnbreakable) {
size_t i;
uint64_t x;
char *f, b[32];
_Alignas(PAGESIZE) static const char weasel[PAGESIZE];
_Alignas(FRAMESIZE) static const char weasel[FRAMESIZE];
asm("mov\t%1,%0" : "=r"(f) : "g"(weasel));
EXPECT_SYS(0, 0, mprotect(f, PAGESIZE, PROT_READ | PROT_WRITE));
EXPECT_SYS(0, 0, mprotect(f, FRAMESIZE, PROT_READ | PROT_WRITE));
strcpy(f, "hello %s\n");
EXPECT_EQ(12, ksnprintf(b, sizeof(b), f, "world"));
EXPECT_STREQ("hello world\n", b);
@ -240,7 +240,7 @@ TEST(ksnprintf, fuzzTheUnbreakable) {
f[Rando() & 15] = '%';
ksnprintf(b, sizeof(b), f, lemur64(), lemur64(), lemur64());
}
EXPECT_SYS(0, 0, mprotect(f, PAGESIZE, PROT_READ));
EXPECT_SYS(0, 0, mprotect(f, FRAMESIZE, PROT_READ));
}
TEST(kprintf, testFailure_wontClobberErrnoAndBypassesSystemCallSupport) {

4
test/libc/intrin/popcnt_test.c
View file

@ -16,14 +16,14 @@
TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR
PERFORMANCE OF THIS SOFTWARE.
*/
#include "libc/intrin/popcnt.h"
#include "libc/calls/calls.h"
#include "libc/intrin/popcnt.h"
#include "libc/testlib/ezbench.h"
#include "libc/testlib/hyperion.h"
#include "libc/testlib/testlib.h"
void SetUpOnce(void) {
ASSERT_SYS(0, 0, pledge("stdio", 0));
ASSERT_SYS(0, 0, pledge("stdio rpath", 0));
}
TEST(popcnt, test) {

14
test/libc/runtime/brk_test.c
View file

@ -49,7 +49,7 @@ TEST(brk, underflowsEnd_returnsEinval) {
}
TEST(sbrk, underflowsEnd_returnsEinval) {
ASSERT_SYS(EINVAL, MAP_FAILED, sbrk(-PAGESIZE));
ASSERT_SYS(EINVAL, MAP_FAILED, sbrk(-GUARDSIZE));
}
TEST(sbrk, giantDelta_returnsEnomem) {
@ -73,11 +73,11 @@ TEST(sbrk, overlapsExistingMapping_failsWithEexist) {
TEST(sbrk, testGrowAndShrink) {
SPAWN(fork);
ASSERT_FALSE(testlib_memoryexists(_end));
ASSERT_SYS(0, _end, sbrk(PAGESIZE));
ASSERT_SYS(0, _end + PAGESIZE, sbrk(0));
ASSERT_SYS(0, _end, sbrk(GUARDSIZE));
ASSERT_SYS(0, _end + GUARDSIZE, sbrk(0));
ASSERT_TRUE(testlib_memoryexists(_end));
ASSERT_FALSE(testlib_memoryexists(_end + PAGESIZE));
ASSERT_SYS(0, _end + PAGESIZE, sbrk(-PAGESIZE));
ASSERT_FALSE(testlib_memoryexists(_end + GUARDSIZE));
ASSERT_SYS(0, _end + GUARDSIZE, sbrk(-GUARDSIZE));
ASSERT_FALSE(testlib_memoryexists(_end));
EXITS(0);
}
@ -85,9 +85,9 @@ TEST(sbrk, testGrowAndShrink) {
TEST(brk, testGrowAndShrink) {
SPAWN(fork);
ASSERT_FALSE(testlib_memoryexists(_end));
ASSERT_EQ(0, brk(_end + PAGESIZE));
ASSERT_EQ(0, brk(_end + GUARDSIZE));
ASSERT_TRUE(testlib_memoryexists(_end));
ASSERT_FALSE(testlib_memoryexists(_end + PAGESIZE));
ASSERT_FALSE(testlib_memoryexists(_end + GUARDSIZE));
ASSERT_EQ(0, brk(_end));
EXITS(0);
}

32
test/libc/runtime/mprotect_test.c
View file

@ -94,9 +94,9 @@ void TearDown(void) {
}
TEST(mprotect, testOkMemory) {
char *p = gc(memalign(PAGESIZE, PAGESIZE));
char *p = gc(memalign(GUARDSIZE, GUARDSIZE));
p[0] = 0;
ASSERT_NE(-1, mprotect(p, PAGESIZE, PROT_READ | PROT_WRITE));
ASSERT_NE(-1, mprotect(p, GUARDSIZE, PROT_READ | PROT_WRITE));
p[0] = 1;
EXPECT_EQ(1, p[0]);
EXPECT_FALSE(gotsegv);
@ -105,19 +105,19 @@ TEST(mprotect, testOkMemory) {
TEST(mprotect, testSegfault_writeToReadOnlyAnonymous) {
volatile char *p;
p = gc(memalign(PAGESIZE, PAGESIZE));
p = gc(memalign(GUARDSIZE, GUARDSIZE));
EXPECT_FALSE(gotsegv);
p[0] = 1;
EXPECT_FALSE(gotsegv);
EXPECT_FALSE(gotbusted);
EXPECT_NE(-1, mprotect(p, PAGESIZE, PROT_READ));
EXPECT_NE(-1, mprotect(p, GUARDSIZE, PROT_READ));
_missingno(p[0]);
EXPECT_FALSE(gotsegv);
EXPECT_FALSE(gotbusted);
p[0] = 2;
EXPECT_TRUE(gotsegv | gotbusted);
EXPECT_EQ(1, p[0]);
EXPECT_NE(-1, mprotect(p, PAGESIZE, PROT_READ | PROT_WRITE));
EXPECT_NE(-1, mprotect(p, GUARDSIZE, PROT_READ | PROT_WRITE));
}
TEST(mprotect, testExecOnly_canExecute) {
@ -137,11 +137,11 @@ TEST(mprotect, testExecOnly_canExecute) {
TEST(mprotect, testProtNone_cantEvenRead) {
volatile char *p;
p = gc(memalign(PAGESIZE, PAGESIZE));
EXPECT_NE(-1, mprotect(p, PAGESIZE, PROT_NONE));
p = gc(memalign(GUARDSIZE, GUARDSIZE));
EXPECT_NE(-1, mprotect(p, GUARDSIZE, PROT_NONE));
_missingno(p[0]);
EXPECT_TRUE(gotsegv | gotbusted);
EXPECT_NE(-1, mprotect(p, PAGESIZE, PROT_READ | PROT_WRITE));
EXPECT_NE(-1, mprotect(p, GUARDSIZE, PROT_READ | PROT_WRITE));
}
static const char kRet31337[] = {
@ -150,24 +150,24 @@ static const char kRet31337[] = {
};
TEST(mprotect, testExecJit_actuallyWorks) {
int (*p)(void) = gc(memalign(PAGESIZE, PAGESIZE));
int (*p)(void) = gc(memalign(GUARDSIZE, GUARDSIZE));
memcpy(p, kRet31337, sizeof(kRet31337));
EXPECT_NE(-1, mprotect(p, PAGESIZE, PROT_EXEC));
EXPECT_NE(-1, mprotect(p, GUARDSIZE, PROT_EXEC));
EXPECT_EQ(31337, p());
EXPECT_FALSE(gotsegv);
EXPECT_FALSE(gotbusted);
EXPECT_NE(-1, mprotect(p, PAGESIZE, PROT_READ | PROT_WRITE));
EXPECT_NE(-1, mprotect(p, GUARDSIZE, PROT_READ | PROT_WRITE));
}
TEST(mprotect, testRwxMap_vonNeumannRules) {
if (IsOpenbsd()) return; // boo
int (*p)(void) = gc(memalign(PAGESIZE, PAGESIZE));
int (*p)(void) = gc(memalign(GUARDSIZE, GUARDSIZE));
memcpy(p, kRet31337, sizeof(kRet31337));
EXPECT_NE(-1, mprotect(p, PAGESIZE, PROT_READ | PROT_WRITE | PROT_EXEC));
EXPECT_NE(-1, mprotect(p, GUARDSIZE, PROT_READ | PROT_WRITE | PROT_EXEC));
EXPECT_EQ(31337, p());
EXPECT_FALSE(gotsegv);
EXPECT_FALSE(gotbusted);
EXPECT_NE(-1, mprotect(p, PAGESIZE, PROT_READ | PROT_WRITE));
EXPECT_NE(-1, mprotect(p, GUARDSIZE, PROT_READ | PROT_WRITE));
}
TEST(mprotect, testExecuteFlatFileMapOpenedAsReadonly) {
@ -202,13 +202,13 @@ TEST(mprotect, testFileMap_canChangeToExecWhileOpenInRdwrMode) {
}
TEST(mprotect, testBadProt_failsEinval) {
volatile char *p = gc(memalign(PAGESIZE, PAGESIZE));
volatile char *p = gc(memalign(GUARDSIZE, GUARDSIZE));
EXPECT_EQ(-1, mprotect(p, 9999, -1));
EXPECT_EQ(EINVAL, errno);
}
TEST(mprotect, testZeroSize_doesNothing) {
volatile char *p = gc(memalign(PAGESIZE, PAGESIZE));
volatile char *p = gc(memalign(GUARDSIZE, GUARDSIZE));
EXPECT_NE(-1, mprotect(p, 0, PROT_READ));
p[0] = 1;
EXPECT_FALSE(gotsegv);

4
third_party/dlmalloc/init.inc vendored
View file

@ -24,8 +24,8 @@ int init_mparams(void) {
size_t gsize;
#if defined(__COSMOPOLITAN__)
psize = 4096;
gsize = 65536;
psize = FRAMESIZE;
gsize = FRAMESIZE;
#elif !defined(WIN32)
psize = malloc_getpagesize;
gsize = ((DEFAULT_GRANULARITY != 0)? DEFAULT_GRANULARITY : psize);

4
third_party/lua/lua.mk vendored
View file

@ -155,10 +155,6 @@ o/$(MODE)/third_party/lua/lvm.o: private \
OVERRIDE_CFLAGS += \
-fno-gcse
o/$(MODE)/third_party/lua/lauxlib.o: private \
OVERRIDE_CFLAGS += \
-DSTACK_FRAME_UNLIMITED
$(THIRD_PARTY_LUA_A_OBJS): private \
OVERRIDE_CFLAGS += \
-ffunction-sections \

4
third_party/lua/luaencodejsondata.c vendored
View file

@ -22,8 +22,8 @@
#include "libc/intrin/likely.h"
#include "libc/log/log.h"
#include "libc/log/rop.h"
#include "libc/mem/mem.h"
#include "libc/mem/gc.internal.h"
#include "libc/mem/mem.h"
#include "libc/runtime/stack.h"
#include "libc/stdio/append.h"
#include "libc/stdio/strlist.internal.h"
@ -169,7 +169,7 @@ static int SerializeTable(lua_State *L, char **buf, int idx,
bool multi;
bool isarray;
lua_Unsigned n;
if (UNLIKELY(!HaveStackMemory(PAGESIZE))) {
if (UNLIKELY(!HaveStackMemory(GUARDSIZE))) {
z->reason = "out of stack";
return -1;
}

2
third_party/lua/luaencodeluadata.c vendored
View file

@ -353,7 +353,7 @@ static int SerializeTable(lua_State *L, char **buf, int idx,
int rc;
bool multi;
intptr_t rsp, bot;
if (UNLIKELY(!HaveStackMemory(PAGESIZE))) {
if (UNLIKELY(!HaveStackMemory(GUARDSIZE))) {
z->reason = "out of stack";
return -1;
}

2
third_party/make/make.mk vendored
View file

@ -171,8 +171,8 @@ o/$(MODE)/third_party/make/hash.o: private \
$(THIRD_PARTY_MAKE_OBJS): private \
OVERRIDE_CFLAGS += \
-DNO_ARCHIVES \
-DSTACK_FRAME_UNLIMITED \
-DHAVE_CONFIG_H \
-DSTACK_FRAME_UNLIMITED \
-DINCLUDEDIR=\".\" \
-DLIBDIR=\".\" \
-DLOCALEDIR=\".\"

4
third_party/mbedtls/test/test.mk vendored
View file

@ -134,10 +134,6 @@ o/$(MODE)/third_party/mbedtls/test/%.com.dbg: \
o/$(MODE)/third_party/mbedtls/test/%.com.runs: o/$(MODE)/third_party/mbedtls/test/%.com
@$(COMPILE) -ACHECK -wtT$@ $< $(TESTARGS)
$(THIRD_PARTY_MBEDTLS_TEST_OBJS): private \
OVERRIDE_CFLAGS += \
-DSTACK_FRAME_UNLIMITED
o/$(MODE)/third_party/mbedtls/test/lib.o: private \
OVERRIDE_CFLAGS += \
-fdata-sections \

4
third_party/quickjs/quickjs.mk vendored
View file

@ -199,10 +199,6 @@ o/tiny/third_party/quickjs/call.o: private \
OVERRIDE_CFLAGS += \
-O2
o/$(MODE)/third_party/quickjs/unicode_gen.o: private \
OVERRIDE_CPPFLAGS += \
-DSTACK_FRAME_UNLIMITED
# TODO(jart): Replace alloca() calls with malloc().
o/$(MODE)/third_party/quickjs/libregexp.o \
o/$(MODE)/third_party/quickjs/quickjs.o: private \

2
third_party/quickjs/unicode_gen.c vendored
View file

@ -22,11 +22,11 @@
* OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
* THE SOFTWARE.
*/
#include "libc/mem/alg.h"
#include "libc/assert.h"
#include "libc/fmt/conv.h"
#include "libc/fmt/fmt.h"
#include "libc/log/log.h"
#include "libc/mem/alg.h"
#include "libc/mem/mem.h"
#include "libc/runtime/runtime.h"
#include "libc/stdio/stdio.h"

2
third_party/stb/stb.mk vendored
View file

@ -60,7 +60,7 @@ $(THIRD_PARTY_STB_A_OBJS): private \
-ffunction-sections \
-fdata-sections
$(THIRD_PARTY_STB_A_OBJS): private \
o/$(MODE)/third_party/stb/stb_vorbis.o: private \
OVERRIDE_CPPFLAGS += \
-DSTACK_FRAME_UNLIMITED

7
third_party/zip/zip.mk vendored
View file

@ -162,13 +162,6 @@ o/$(MODE)/third_party/zip/zipup.o: private \
-DZIP64_SUPPORT \
-DBZIP2_SUPPORT
o/$(MODE)/third_party/zip/zip.o \
o/$(MODE)/third_party/zip/zipsplit.o \
o/$(MODE)/third_party/zip/fileio.o \
o/$(MODE)/third_party/zip/fileio_.o: private \
OVERRIDE_CPPFLAGS += \
-DSTACK_FRAME_UNLIMITED
.PHONY: o/$(MODE)/third_party/zip
o/$(MODE)/third_party/zip: \
$(THIRD_PARTY_ZIP_BINS) \

3
third_party/zip/zipup.c vendored
View file

@ -48,6 +48,9 @@
// MISSING #include "os2/os2zip.h"
#endif
#undef PAGESIZE
#define PAGESIZE FRAMESIZE
#if defined(MMAP)
#include "libc/calls/calls.h"
#include "libc/calls/weirdtypes.h"

1
tool/emacs/cosmo-cpp-constants.el
View file

@ -153,6 +153,7 @@
(defconst cosmo-cpp-constants-cosmopolitan
'("__SAUCE__"
"PAGESIZE"
"GUARDSIZE"
"FRAMESIZE"
"BIGPAGESIZE"
"STACKSIZE"

2
tool/net/ljson.c
View file

@ -98,7 +98,7 @@ static struct DecodeJson Parse(struct lua_State *L, const char *p,
if (UNLIKELY(!depth)) {
return (struct DecodeJson){-1, "maximum depth exceeded"};
}
if (UNLIKELY(!HaveStackMemory(PAGESIZE))) {
if (UNLIKELY(!HaveStackMemory(GUARDSIZE))) {
return (struct DecodeJson){-1, "out of stack"};
}
for (a = p, d = +1; p < e;) {

10
tool/viz/life.c
View file

@ -481,17 +481,17 @@ static void *NewBoard(size_t *out_size) {
char *p;
size_t s, n, k;
s = (byn * bxn) >> 3;
k = PAGESIZE + ROUNDUP(s, PAGESIZE);
n = ROUNDUP(k + PAGESIZE, FRAMESIZE);
k = GUARDSIZE + ROUNDUP(s, GUARDSIZE);
n = ROUNDUP(k + GUARDSIZE, FRAMESIZE);
p = _mapanon(n);
mprotect(p, PAGESIZE, 0);
mprotect(p, GUARDSIZE, 0);
mprotect(p + k, n - k, 0);
if (out_size) *out_size = n;
return p + PAGESIZE;
return p + GUARDSIZE;
}
static void FreeBoard(void *p, size_t n) {
munmap((char *)p - PAGESIZE, n);
munmap((char *)p - GUARDSIZE, n);
}
static void AllocateBoardsWithHardwareAcceleratedMemorySafety(void) {