On 06/20/2017 02:27 AM, Richard Earnshaw (lists) wrote: > On 19/06/17 20:04, Jeff Law wrote: >> On 06/19/2017 11:50 AM, Joseph Myers wrote: >>> On Mon, 19 Jun 2017, Jeff Law wrote: >>> >>>> A key point to remember is that you can never have an allocation >>>> (potentially using more than one allocation site) which is larger than a >>>> page without probing the page. >>> >>> There's a platform ABI issue here. At least some kernel fixes for these >>> stack issues, as I understand it, increase the size of the stack guard to >>> more than a single page. It would be possible to define the ABI to >>> require such a larger guard for protection and so reduce the number of >>> (non-alloca/VLA-using) functions that need probes generated, depending on >>> whether a goal is to achieve security on kernels without such a fix. >>> (Thinking in terms of how to get to enabling such probes by default.) >> On 32 bit platforms we don't have a lot of address space left, so we >> have to be careful about creating too large of a guard. >> >> On 64 bit platforms we have a lot more freedom and I suspect larger >> guards, mandated by the ABI would be useful, if for no other reason than >> allowing us to allocate more stack without probing. A simple array of >> PATH_MAX characters triggers probing right now. I suspect (but didn't >> bother to confirm) that PATH_MAX array are what causes git to have so >> many large stacks. >> >> Also if we look at something like ppc and aarch64, we've currently got >> the PROBE_INTERVAL set to 4k. But in reality they're using much larger >> page sizes. So we could improve things there as well. >> > > There are aarch64 linux systems using 4k pages for compatibility with > existing aarch32 binaries. Ah. That's good to know. Thanks.
jeff
