From: Jeff Law <law@redhat.com>
To: Szabolcs Nagy <szabolcs.nagy@arm.com>,
Wilco Dijkstra <Wilco.Dijkstra@arm.com>,
gcc-patches <gcc-patches@gcc.gnu.org>
Cc: nd@arm.com, Richard Earnshaw <Richard.Earnshaw@arm.com>,
James Greenhalgh <James.Greenhalgh@arm.com>,
Marcus Shawcroft <Marcus.Shawcroft@arm.com>
Subject: Re: [RFA][PATCH] Stack clash protection 07/08 -- V4 (aarch64 bits)
Date: Mon, 27 Nov 2017 18:30:00 -0000 [thread overview]
Message-ID: <af60290d-edd8-1c3f-abd1-74e379bbab23@redhat.com> (raw)
In-Reply-To: <5A1C33D9.2050106@arm.com>
On 11/27/2017 08:48 AM, Szabolcs Nagy wrote:
> On 28/10/17 05:08, Jeff Law wrote:
>> On 10/13/2017 02:26 PM, Wilco Dijkstra wrote:
>>> For larger frames the first oddity is that there are now 2 separate params
>>> controlling how probes are generated:
>>>
>>> stack-clash-protection-guard-size (default 12, but set to 16 on AArch64)
>>> stack-clash-protection-probe-interval (default 12)
>>>
>>> I don't see how this makes sense. These values are closely related, so if
>>> one is different from the other, probing becomes ineffective/incorrect.
>>> For example we generate code that trivially bypasses the guard despite
>>> all the probing:
>> My hope would be that we simply don't ever use the params. They were
>> done as much for *you* to experiment with as anything. I'd happy just
>> delete them as there's essentially no guard rails to ensure their values
>> are sane.
>
> so is there a consensus now that 64k guard size is what
> gcc stack probing will assume?
Only aarch64 currently assumes a guard that large. Other targets are
still assuming a single 4k page guard.
I'd certainly like to see a larger guard, at least on the 64bit targets.
Address space is at a much higher premium on the 32bit targets so it's
less clear if we can really bump the guard size on them.
>
>>> Also on AArch64 --param=stack-clash-protection-probe-interval=16 causes
>>> crashes due to the offsets used in the probes - we don't need large offsets
>>> as we want to probe close to the bottom of the stack.
>> Not a surprise. While I tried to handle larger intervals, I certainly
>> didn't test them. Given the ISA I wouldn't expect an interval > 12 to
>> be useful or necessarily even work correctly.
>
> it's not clear what makes probing at every 64k hard,
> i think this should be clarified before we stick to
> this design. (..or before backporting such patches)
You just need to be able to find additional scratch registers then the
probe interval is > 12 on aarch64. It also impacts the dwarf2 unwinding
notes.
jeff
next prev parent reply other threads:[~2017-11-27 18:04 UTC|newest]
Thread overview: 13+ messages / expand[flat|nested] mbox.gz Atom feed top
2017-09-29 15:15 Jeff Law
[not found] ` <DB6PR0801MB205340E4DACC1CF3696A150983480@DB6PR0801MB2053.eurprd08.prod.outlook.com>
2017-10-13 16:14 ` Wilco Dijkstra
2017-10-13 20:47 ` Wilco Dijkstra
2017-10-28 11:23 ` Jeff Law
2017-11-21 11:59 ` James Greenhalgh
2017-11-22 18:52 ` Jeff Law
2017-11-27 19:25 ` James Greenhalgh
2017-12-19 0:49 ` Jeff Law
2017-11-27 16:32 ` Szabolcs Nagy
2017-11-27 17:50 ` Wilco Dijkstra
2017-11-27 18:44 ` Jeff Law
2017-11-27 18:30 ` Jeff Law [this message]
2017-11-28 16:31 ` Rich Felker
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=af60290d-edd8-1c3f-abd1-74e379bbab23@redhat.com \
--to=law@redhat.com \
--cc=James.Greenhalgh@arm.com \
--cc=Marcus.Shawcroft@arm.com \
--cc=Richard.Earnshaw@arm.com \
--cc=Wilco.Dijkstra@arm.com \
--cc=gcc-patches@gcc.gnu.org \
--cc=nd@arm.com \
--cc=szabolcs.nagy@arm.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).