Fix glibc dynstack

2021-08-12 09:00:08 +08:00 · 2021-08-12 09:00:08 +08:00 · fdaf3459a1
commit fdaf3459a1
parent ec38c0b389
3 changed files with 97 additions and 1 deletions
--- a/firefox-crashreporter-build.patch
+++ b/firefox-crashreporter-build.patch
@ -0,0 +1,12 @@
+diff -up firefox-87.0/toolkit/crashreporter/breakpad-client/linux/handler/exception_handler.cc.old firefox-87.0/toolkit/crashreporter/breakpad-client/linux/handler/exception_handler.cc
+--- firefox-87.0/toolkit/crashreporter/breakpad-client/linux/handler/exception_handler.cc.old	2021-03-25 19:07:12.920421009 +0100
+++ firefox-87.0/toolkit/crashreporter/breakpad-client/linux/handler/exception_handler.cc	2021-03-25 19:06:45.496596019 +0100
+@@ -149,7 +149,7 @@ void InstallAlternateStackLocked() {
+   // SIGSTKSZ may be too small to prevent the signal handlers from overrunning
+   // the alternative stack. Ensure that the size of the alternative stack is
+   // large enough.
+-  static const unsigned kSigStackSize = std::max(16384, SIGSTKSZ);
+  static const unsigned kSigStackSize = (16384 > SIGSTKSZ) ? 16384 : SIGSTKSZ;
+ 
+   // Only set an alternative stack if there isn't already one, or if the current
+   // one is too small.
--- a/firefox-glibc-dynstack.patch
+++ b/firefox-glibc-dynstack.patch
@ -0,0 +1,76 @@
+From 0b5da0bc80e4cfc1167d100f224ba577554909b0 Mon Sep 17 00:00:00 2001
+From: caodongxia <315816521@qq.com>
+Date: Wed, 11 Aug 2021 09:31:37 +0800
+Subject: [PATCH] fix
+
+---
+ js/xpconnect/src/XPCJSContext.cpp               | 10 +---------
+ security/sandbox/linux/launch/SandboxLaunch.cpp | 11 ++++++++---
+ 2 files changed, 9 insertions(+), 12 deletions(-)
+
+diff --git a/js/xpconnect/src/XPCJSContext.cpp b/js/xpconnect/src/XPCJSContext.cpp
+index 54461fb88c..9a998ac88d 100644
+--- a/js/xpconnect/src/XPCJSContext.cpp
+++ b/js/xpconnect/src/XPCJSContext.cpp
+@@ -81,14 +81,6 @@ using namespace xpc;
+ using namespace JS;
+ using mozilla::dom::AutoEntryScript;
+ 
+-// The watchdog thread loop is pretty trivial, and should not require much stack
+-// space to do its job. So only give it 32KiB or the platform minimum.
+-#if !defined(PTHREAD_STACK_MIN)
+-#  define PTHREAD_STACK_MIN 0
+-#endif
+-static constexpr size_t kWatchdogStackSize =
+-    PTHREAD_STACK_MIN < 32 * 1024 ? 32 * 1024 : PTHREAD_STACK_MIN;
+-
+ static void WatchdogMain(void* arg);
+ class Watchdog;
+ class WatchdogManager;
+@@ -161,7 +153,7 @@ class Watchdog {
+       // watchdog, we need to join it on shutdown.
+       mThread = PR_CreateThread(PR_USER_THREAD, WatchdogMain, this,
+                                 PR_PRIORITY_NORMAL, PR_GLOBAL_THREAD,
+-                                PR_JOINABLE_THREAD, kWatchdogStackSize);
+                                PR_JOINABLE_THREAD, 0);
+       if (!mThread) {
+         MOZ_CRASH("PR_CreateThread failed!");
+       }
+diff --git a/security/sandbox/linux/launch/SandboxLaunch.cpp b/security/sandbox/linux/launch/SandboxLaunch.cpp
+index 33d33a00c9..b70fa693d4 100644
+--- a/security/sandbox/linux/launch/SandboxLaunch.cpp
+++ b/security/sandbox/linux/launch/SandboxLaunch.cpp
+@@ -489,7 +489,7 @@ static int CloneCallee(void* aPtr) {
+ // we don't currently support sandboxing under valgrind.
+ MOZ_NEVER_INLINE MOZ_ASAN_BLACKLIST static pid_t DoClone(int aFlags,
+                                                          jmp_buf* aCtx) {
+-  uint8_t miniStack[PTHREAD_STACK_MIN];
+  uint8_t miniStack[4096];
+ #ifdef __hppa__
+   void* stackPtr = miniStack;
+ #else
+@@ -509,14 +509,19 @@ static pid_t ForkWithFlags(int aFlags) {
+                                CLONE_PARENT_SETTID | CLONE_CHILD_SETTID |
+                                CLONE_CHILD_CLEARTID;
+   MOZ_RELEASE_ASSERT((aFlags & kBadFlags) == 0);
+  // Block signals due to small stack in DoClone
+  sigset_t oldSigs;
+  BlockAllSignals(&oldSigs);
+ 
+  int ret = 0;
+   jmp_buf ctx;
+   if (setjmp(ctx) == 0) {
+     // In the parent and just called setjmp:
+-    return DoClone(aFlags | SIGCHLD, &ctx);
+    ret =  DoClone(aFlags | SIGCHLD, &ctx);
+   }
+  RestoreSignals(&oldSigs);
+   // In the child and have longjmp'ed:
+-  return 0;
+  return ret;
+ }
+ 
+ static bool WriteStringToFile(const char* aPath, const char* aStr,
+-- 
+2.27.0
+
--- a/firefox.spec
+++ b/firefox.spec
@ -88,7 +88,7 @@
 Summary:             Mozilla Firefox Web browser
 Name:                firefox
 Version:             79.0
-Release:             8
+Release:             9
 URL:                 https://www.mozilla.org/firefox/
 License:             MPLv1.1 or GPLv2+ or LGPLv2+
 Source0:             https://archive.mozilla.org/pub/firefox/releases/%{version}/source/firefox-%{version}.source.tar.xz
@ -183,6 +183,8 @@ Patch638:            Bug-1673202-Call-fstat-directly-in-Linux-sandbox-fstatat-in
 Patch639:            Bug-1673770-Extend-the-handling-of-fstatat-as-fstat-to-sandboxes-that-dont-use-a-file-broker.patch
 Patch640:            Bug-1680166-Return-EFAULT-when-given-a-null-path-to-stat-calls-in-the-sandbox-filter.patch
 Patch641:            Bug-1680166-GCC-is-smarter-than-clang-so-ignore-the-warning-properly.patch
+Patch642:            firefox-glibc-dynstack.patch
+Patch643:            firefox-crashreporter-build.patch

 %if %{?system_nss}
 BuildRequires:       pkgconfig(nspr) >= %{nspr_version} pkgconfig(nss) >= %{nss_version}
@ -359,6 +361,9 @@ tar -xf %{SOURCE3}
 %patch639 -p1
 %patch640 -p1
 %patch641 -p1
+%patch642 -p1
+%patch643 -p1
+
 %{__rm} -f .mozconfig
 %{__cp} %{SOURCE10} .mozconfig
 echo "ac_add_options --enable-default-toolkit=cairo-gtk3-wayland" >> .mozconfig
@ -800,6 +805,9 @@ gtk-update-icon-cache %{_datadir}/icons/hicolor &>/dev/null || :
 %endif

 %changelog
+* Wed Aug 11 2021 caodongxia <caodongxia@huawei.com> - 79.0-9
+- Fix glibc dynstack 
+
 * Wed Jul  7 2021 lingsheng <lingsheng@huawei.com> - 79.0-8
 - Fix firefox video tab crash with rust 1.51