https://gcc.gnu.org/bugzilla/show_bug.cgi?id=112470
--- Comment #3 from John Dong <dongjianqiang2 at huawei dot com> --- (In reply to John Dong from comment #0) > Hi, after the CVE-2023-4039 patch is installed, the code size and > performance are affected after stack protection is enabled. > Refer to https://godbolt.org/z/7dWeYd5Kb > After analyzing the patch, I think we can add the following modification > solution: For functions that need to dynamically apply for stackframe, we > can change the stack distribution of local variables, in other cases, the > original stack distribution will be retained. > > diff --git a/gcc/config/aarch64/aarch64.cc b/gcc/config/aarch64/aarch64.cc > index 800a8b0e110..342bab89281 100644 > --- a/gcc/config/aarch64/aarch64.cc > +++ b/gcc/config/aarch64/aarch64.cc > @@ -8538,7 +8538,7 @@ aarch64_save_regs_above_locals_p () > it would be possible for a carefully sized smash attack to change > the saved registers (particularly LR and FP) without reaching the > canary. */ > - return crtl->stack_protect_guard; > + return crtl->stack_protect_guard && cfun->calls_alloca; > } > > /* Mark the registers that need to be saved by the callee and calculate > > > Please let me know if you have any comments ping ?
