On 09/18/2017 03:29 AM, Andreas Schwab wrote: > On Jul 30 2017, Jeff Law <l...@redhat.com> wrote: > >> This patch introduces generic mechanisms to protect the dynamically >> allocated stack space against stack-clash attacks. >> >> Changes since V2: >> >> Dynamic allocations can be emitted as unrolled inlined probes or with a >> rotated loop. Blockage insns are also properly emitted for the dynamic >> area probes and the dynamic area probing now supports targets that may >> make optimistic assumptions in their prologues. Finally it uses the new >> param to control the probing interval. >> >> Tests were updated to explicitly specify the guard and probing interval. >> New test to check inline/unrolled probes as well as rotated loop. > > Does that work correctly when the VLA is smaller than the probe size > (word_mode by default)? I see a failure in glibc on armv7 where > ldconfig is using a zero-size VLA, which is invalid in C, but it could > also end up using a VLA of size 1. I don't have a test for that, but can probably create one.
ISTM that if the size is variable and zero at runtime, then we need to either allocate a small chunk and probe or avoid probing. jeff
