stackovf.test fails on Solaris 11/sparc64

stackovf.test fails on Solaris 11/sparc64

[Bruno Haible]

The newest m4 snapshots don't pass all their tests on Solaris 11.3/sparc64:
stackovf.test fails.

This happens also when GNU libsigsegv is installed and --with-libsigsegv-prefix
is given, because the c-stack.m4 autoconf test now insists in ignoring
GNU libsigsegv when it thinks that the Solaris heuristic will work.

But the Solaris heuristic does not work reliably: It works in the configure
test and in the test-c-stack* unit test. But it does not work in m4.

I've added a couple of printfs and get this output:

Checking ../../checks/stackovf.test
Stack soft limit set to 300K
Failure - m4 aborted unexpectedly
Output from m4:
cannot_be_stack_overflow1 = 0
cannot_be_stack_overflow2 = 0
pc=0x10001de44, sp+2047=0xffffffff7ffb5ee0, faulting_address=0x100204000, stack_base=0xffffffff7ffb5000, stack_size=0x4b000
segv_handler code=1 fault=100204000 base=ffffffff7ffb5000 size=0x4b000 page=0x2000 signo=11
m4: internal error detected; please report this bug to <bug-m4@gnu.org>: Segmentation fault

It's easy to reproduce: In a build tree, just run
  $ echo 'define(a,a(a))a' | src/m

Clearly, the faulting_address variable's value is bogus.

There is an alternative heuristic implemented in the Solaris 11
function 'stack_violation' [1]. But this function does not help: m4
still crashes.

I won't spend any more time on fixing this Solaris-only code — when we
have code that works on all platforms in GNU libsigsegv.

Bruno

[1] https://docs.oracle.com/cd/E26502_01/html/E29034/stack-violation-3c.html

Re: stackovf.test fails on Solaris 11/sparc64

[Bruno Haible]

I wrote:
> Clearly, the faulting_address variable's value is bogus.

In fact, GNU libsigsegv already knows how to cope with this problem:
https://git.savannah.gnu.org/gitweb/?p=libsigsegv.git;a=blob;f=src/fault-solaris11-sparc.h

Bruno

Re: stackovf.test fails on Solaris 11/sparc64

[Paul Eggert]

[-- Attachment #1: Type: text/plain, Size: 1178 bytes --]

On 5/14/21 5:07 PM, Bruno Haible wrote:
> I won't spend any more time on fixing this Solaris-only code — when we
> have code that works on all platforms in GNU libsigsegv.

At first I fixed this by having c-stack simply defer to libsigsegv if 
installed, but I found that this didn't work on gcc211 in the GCC 
compile farm, because its version of Solaris 11 has libsigsegv 2.12 and 
this older libsigsegv has a similar bug that also causes that test to 
fail. So I installed the attached patch instead; please give it a try.

With this patch, I expect Gnulib test-c-stack2.sh to fail on Solaris 11 
sparc with older libsigsegv installed, because it'll report "cannot tell 
stack overflow from crash, in spite of libsigsegv". I expect that's good 
enough, as the failure report is accurate for that platform and people 
can avoid the failure by updating to current libsigsegv.

I hear what you're saying about Solaris SPARC not being worth a lot of 
our time nowadays. Still, Oracle says it'll support it through 2034(!) 
though you will need a SPARC T4 or SPARC64 X or better, and I suppose we 
should continue to keep Solaris SPARC working if it's easy.

[-- Attachment #2: 0001-c-stack-work-around-Solaris-11-bugs.patch --]
[-- Type: text/x-patch, Size: 5654 bytes --]

From b4bb5c8ae79eebc3d5ec829b932c04df35881ef2 Mon Sep 17 00:00:00 2001
From: Paul Eggert <eggert@cs.ucla.edu>
Date: Fri, 14 May 2021 22:48:20 -0700
Subject: [PATCH] c-stack: work around Solaris 11 bugs

Problem reported by Bruno Haible in:
https://lists.gnu.org/r/bug-gnulib/2021-05/msg00062.html
* lib/c-stack.c: Always include sigsegv.h if HAVE_LIBSIGSEGV.
(USE_LIBSIGSEGV): Do not use libsigsegv if the kernel
has the si_addr bug and libsigsegv is too old to work
around it.
(segv_handler) [!USE_LIBSIGSEGV]: Do not trust si_addr
if BOGUS_SI_ADDR_UPON_STACK_OVERFLOW.
* m4/c-stack.m4 (AC_SYS_XSI_STACK_OVERFLOW_HEURISTIC):
Define BOGUS_SI_ADDR_UPON_STACK_OVERFLOW on Solaris 2.11 SPARC.
And do not define HAVE_XSI_STACK_OVERFLOW_HEURISTIC.
---
 ChangeLog     | 15 +++++++++++++++
 lib/c-stack.c | 25 +++++++++++++++++--------
 m4/c-stack.m4 | 14 ++++++++++++--
 3 files changed, 44 insertions(+), 10 deletions(-)

diff --git a/ChangeLog b/ChangeLog
index e3f1d8220..b802233cf 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,3 +1,18 @@
+2021-05-14  Paul Eggert  <eggert@cs.ucla.edu>
+
+	c-stack: work around Solaris 11 bugs
+	Problem reported by Bruno Haible in:
+	https://lists.gnu.org/r/bug-gnulib/2021-05/msg00062.html
+	* lib/c-stack.c: Always include sigsegv.h if HAVE_LIBSIGSEGV.
+	(USE_LIBSIGSEGV): Do not use libsigsegv if the kernel
+	has the si_addr bug and libsigsegv is too old to work
+	around it.
+	(segv_handler) [!USE_LIBSIGSEGV]: Do not trust si_addr
+	if BOGUS_SI_ADDR_UPON_STACK_OVERFLOW.
+	* m4/c-stack.m4 (AC_SYS_XSI_STACK_OVERFLOW_HEURISTIC):
+	Define BOGUS_SI_ADDR_UPON_STACK_OVERFLOW on Solaris 2.11 SPARC.
+	And do not define HAVE_XSI_STACK_OVERFLOW_HEURISTIC.
+
 2021-05-14  Bruno Haible  <bruno@clisp.org>
 
 	fcntl tests: Avoid failure in MacPorts.
diff --git a/lib/c-stack.c b/lib/c-stack.c
index c0da7f404..3e8cd2565 100644
--- a/lib/c-stack.c
+++ b/lib/c-stack.c
@@ -66,14 +66,19 @@ typedef struct sigaltstack stack_t;
 #include "gettext.h"
 #define _(msgid) gettext (msgid)
 
-/* Use libsigsegv only if needed; kernels like Solaris can detect
-   stack overflow without the overhead of an external library.  */
-#define USE_LIBSIGSEGV (!HAVE_XSI_STACK_OVERFLOW_HEURISTIC && HAVE_LIBSIGSEGV)
-
-#if USE_LIBSIGSEGV
+#if HAVE_LIBSIGSEGV
 # include <sigsegv.h>
 #endif
 
+/* Use libsigsegv only if needed; kernels like Solaris can detect
+   stack overflow without the overhead of an external library.
+   However, BOGUS_SI_ADDR_ON_STACK_OVERFLOW indicates a buggy
+   Solaris kernel, and a too-small LIBSIGSEGV_VERSION indicates a
+   libsigsegv so old that it does not work around the bug.  */
+#define USE_LIBSIGSEGV (!HAVE_XSI_STACK_OVERFLOW_HEURISTIC && HAVE_LIBSIGSEGV \
+                        && ! (BOGUS_SI_ADDR_UPON_STACK_OVERFLOW \
+                              && LIBSIGSEGV_VERSION < 0x020D))
+
 #include "exitfail.h"
 #include "ignore-value.h"
 #include "intprops.h"
@@ -277,6 +282,9 @@ segv_handler (int signo, siginfo_t *info, void *context _GL_UNUSED)
      of the current stack.  */
   if (!cannot_be_stack_overflow)
     {
+#  if BOGUS_SI_ADDR_UPON_STACK_OVERFLOW
+      signo = 0;
+#  else
       /* If the faulting address is within the stack, or within one
          page of the stack, assume that it is a stack overflow.  */
       uintptr_t faulting_address = (uintptr_t) info->si_addr;
@@ -286,12 +294,12 @@ segv_handler (int signo, siginfo_t *info, void *context _GL_UNUSED)
          pages might be in the stack.  */
       void *stack_base = (void *) (uintptr_t) page_size;
       uintptr_t stack_size = 0; stack_size -= page_size;
-#  if HAVE_XSI_STACK_OVERFLOW_HEURISTIC
+#   if HAVE_XSI_STACK_OVERFLOW_HEURISTIC
       /* Tighten the stack bounds via the XSI heuristic.  */
       ucontext_t const *user_context = context;
       stack_base = user_context->uc_stack.ss_sp;
       stack_size = user_context->uc_stack.ss_size;
-#  endif
+#   endif
       uintptr_t base = (uintptr_t) stack_base,
         lo = (INT_SUBTRACT_WRAPV (base, page_size, &lo) || lo < page_size
               ? page_size : lo),
@@ -300,8 +308,9 @@ segv_handler (int signo, siginfo_t *info, void *context _GL_UNUSED)
               ? UINTPTR_MAX : hi);
       if (lo <= faulting_address && faulting_address <= hi)
         signo = 0;
+#  endif
 
-#   if DEBUG
+#  if DEBUG
       {
         char buf[1024];
         ignore_value (write (STDERR_FILENO, buf,
diff --git a/m4/c-stack.m4 b/m4/c-stack.m4
index df8dc52ca..06b2594d4 100644
--- a/m4/c-stack.m4
+++ b/m4/c-stack.m4
@@ -199,14 +199,24 @@ int main ()
          rather than as the lowest address.])
     fi
 
+   case $host_os--$host_cpu in
+     solaris2.11--sparc*)
+        AC_DEFINE([BOGUS_SI_ADDR_UPON_STACK_OVERFLOW], [1],
+          [Define to 1 if the faulting address (info->si_addr)
+           might be incorrect on stack overflow.])
+        gl_bogus_si_addr=1;;
+     *) gl_bogus_si_addr=0;;
+   esac
+
    AC_CACHE_CHECK([for precise C stack overflow detection],
      [gl_cv_sys_xsi_stack_overflow_heuristic],
      [dnl On Linux/sparc64 (both in 32-bit and 64-bit mode), it would be wrong
       dnl to set HAVE_XSI_STACK_OVERFLOW_HEURISTIC to 1, because the third
       dnl argument passed to the segv_handler is a 'struct sigcontext *', not
       dnl an 'ucontext_t *'.  It would lead to a failure of test-c-stack2.sh.
-      case "${host_os}--${host_cpu}" in
-        linux*--sparc*)
+      dnl If $gl_bogus_si_addr is 1, there is no point to the heuristic.
+      case "${host_os}--${host_cpu}--${gl_bogus_si_addr}" in
+        linux*--sparc* | *--1)
           gl_cv_sys_xsi_stack_overflow_heuristic=no
           ;;
         *)
-- 
2.31.1