From: Jeff Law <law@redhat.com>
To: Richard Biener <richard.guenther@gmail.com>
Cc: gcc-patches <gcc-patches@gcc.gnu.org>
Subject: Re: [PATCH][RFA/RFC] Stack clash mitigation patch 01/08 - V3
Date: Tue, 22 Aug 2017 16:29:00 -0000 [thread overview]
Message-ID: <fa948b9e-8c49-18b1-2857-241f57bdd6a1@redhat.com> (raw)
In-Reply-To: <CAFiYyc2ZQvOy5eG2WMxjCisJ0ZgrKHnZw6d=5mieDAhLt2VRrQ@mail.gmail.com>
On 08/18/2017 08:01 AM, Richard Biener wrote:
> On Mon, Jul 31, 2017 at 7:35 AM, Jeff Law <law@redhat.com> wrote:
>> This patch introduces the stack clash protection options
>>
>> Changes since V2:
>>
>> Adds two new params. The first controls the size of the guard area.
>> This controls the threshold for when a function prologue requires
>> probes. The second controls the probing interval -- ie, once probes are
>> needed, how often do we emit them. These are really meant more for
>> developers to experiment with than users. Regardless I did go ahead and
>> document them./PARAM
>>
>> It also adds some sanity checking WRT combining stack clash protection
>> with -fstack-check.
>
> diff --git a/gcc/params.c b/gcc/params.c
> index fab0ffa..8afe4c4 100644
> --- a/gcc/params.c
> +++ b/gcc/params.c
> @@ -209,6 +209,11 @@ set_param_value (const char *name, int value,
> error ("maximum value of parameter %qs is %u",
> compiler_params[i].option,
> compiler_params[i].max_value);
> + else if ((strcmp (name, "stack-clash-protection-guard-size") == 0
> + || strcmp (name, "stack-clash-protection-probe-interval") == 0)
> + && exact_log2 (value) == -1)
> + error ("value of parameter %qs must be a power of 2",
> + compiler_params[i].option);
> else
> set_param_value_internal ((compiler_param) i, value,
> params, params_set, true);
>
> I don't like this. Either use them as if they were power-of-two
> (floor_log2/ceil_log2 as appropriate) or simply make them take
> the logarithm instead (like -mincoming-stack-boundary and friends).
Yes. I was torn on this for a variety of reasons, including the fact
that I don't actually expect anyone to be mucking with those :-)
Given we've already other stuff in log2 form, I'll use that -- it seems
less surprising to me than using floor/ceil.
>
> Both -fstack-clash-protection and -fstack-check cannot be turned
> off per function. This means they would need merging in lto-wrapper.
> The alternative is to mark them with 'Optimization' and allow per-function
> specification (like we do for -fstack-protector).
Do you have a strong preference here? I'd tend to go with tweaking
lto-wrapper as we really don't want to have this stuff varying per-function.
Presumably in lto-wrapper we just have to detect that both were enabled
and do something sensible. We drop -fstack-check in toplev.c when both
are specified, we could just as easily call that situation a fatal error
in both toplev.c and lto-wrapper.c
jeff
next prev parent reply other threads:[~2017-08-22 15:52 UTC|newest]
Thread overview: 11+ messages / expand[flat|nested] mbox.gz Atom feed top
2017-07-31 5:36 Jeff Law
2017-08-18 14:36 ` Richard Biener
2017-08-22 16:29 ` Jeff Law [this message]
2017-08-23 9:40 ` Richard Biener
2017-08-23 17:16 ` Jeff Law
2017-08-23 17:31 ` Richard Biener
2017-09-08 22:00 ` Jeff Law
2017-08-20 18:31 ` Martin Sebor
2017-08-22 15:58 ` Jeff Law
2017-08-22 16:39 ` David Malcolm
2017-08-22 17:32 ` Jeff Law
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=fa948b9e-8c49-18b1-2857-241f57bdd6a1@redhat.com \
--to=law@redhat.com \
--cc=gcc-patches@gcc.gnu.org \
--cc=richard.guenther@gmail.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).