Participants
Andres Freund
Andres Freund
Tom Lane
Tom Lane
Attachments
Download Latest Patchset
+17-3
Show all attachments
Thread Outline
#1Andres FreundAndres Freund
3 days ago
#2Tom LaneTom Laneto Andres Freund (#1)
3 days ago
#3Andres FreundAndres Freundto Tom Lane (#2)
2 days ago

Make stack depth check work with asan's use-after-return

Started by Andres Freund3 days ago3 messageshackers
Jump to latest
#1Andres Freund
Andres Freund
andres@anarazel.de

Hi,

When running asan without further options against the backend, random tests
fail because the stack-depth check fails. One can work around that by putting
detect_stack_use_after_return=0 into ASAN_OPTIONS (at least with gcc, clang
still uses a lot of stack, but i think that's a separate issue).

The reason for that breakage is that with the stack-use-after-return logic,
stack variables are moved to heap allocations, to allow to detect references
to the memory at a later time. That breaks our stack-depth check, which is why
we had to disable detect_stack_use_after_return in CI. Luckily
__builtin_frame_address() works correctly, even under asan, so use that.

I think we should backpatch this. I'd be worried about using
__builtin_frame_address(), but we already do, for the base address of the
stack.

Greetings,

Andres Freund

Attachments:

v2-0001-Make-stack-depth-check-work-with-asan-s-use-after.patchtext/x-diff; charset=us-asciiDownload+17-3
#2Tom Lane
Tom Lane
tgl@sss.pgh.pa.us
In reply to: Andres Freund (#1)
Re: Make stack depth check work with asan's use-after-return

Andres Freund <andres@anarazel.de> writes:

The reason for that breakage is that with the stack-use-after-return logic,
stack variables are moved to heap allocations, to allow to detect references
to the memory at a later time. That breaks our stack-depth check, which is why
we had to disable detect_stack_use_after_return in CI. Luckily
__builtin_frame_address() works correctly, even under asan, so use that.
I think we should backpatch this. I'd be worried about using
__builtin_frame_address(), but we already do, for the base address of the
stack.

+1. It was a little weird that we adopted __builtin_frame_address()
to measure the location of the stack bottom but not the stack top.
So I think this is good cleanup even if ASAN weren't forcing it.

I might write the comments a bit differently, in particular I suggest
changing

- 	 * Compute distance from reference point to my local variables
+ 	 * Compute distance from reference point to my stack frame

regards, tom lane

#3Andres Freund
Andres Freund
andres@anarazel.de
In reply to: Tom Lane (#2)
Re: Make stack depth check work with asan's use-after-return

Hi,

On 2026-05-27 09:54:51 -0400, Tom Lane wrote:

Andres Freund <andres@anarazel.de> writes:

The reason for that breakage is that with the stack-use-after-return logic,
stack variables are moved to heap allocations, to allow to detect references
to the memory at a later time. That breaks our stack-depth check, which is why
we had to disable detect_stack_use_after_return in CI. Luckily
__builtin_frame_address() works correctly, even under asan, so use that.
I think we should backpatch this. I'd be worried about using
__builtin_frame_address(), but we already do, for the base address of the
stack.

+1. It was a little weird that we adopted __builtin_frame_address()
to measure the location of the stack bottom but not the stack top.
So I think this is good cleanup even if ASAN weren't forcing it.

Agreed.

I might write the comments a bit differently, in particular I suggest
changing

- 	 * Compute distance from reference point to my local variables
+ 	 * Compute distance from reference point to my stack frame

Changed that, did some other minor comment polishing, and pushed the changes.

One annoying thing when backpatching is that in the older branches we still
used long. I ended up leaving that aspect as it was, but it didn't feel good
:)

Thanks for reviewing.

- Andres

← Back to Topics