I think that current documentation of `-fstack-check' is unclear. The
documentation states that for single-treaded program `-fstack-check'
is not usefull. IMHO for main thread `-fstack-check' is harmfull
and may cause spurious segfault. Namely the following silly
program:
extern int printf(const char * fmt, ...);
int
main(void)
{
int dummy;
printf("0x%lx\n", &dummy);
return 0;
}
compiled with `-fstack-check' and run using the following command line:
for A in 1 2 3 4 5 6 7 8 9 0; do for B in 1 2 3 4 5 6 7 8
9 0; do
C=${C}aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa;
D=$C ./a.out ;
done ; done
crashes multiple times. AFAICS the stack probe generated by gcc accesses
stack below current stack pointer. The address is not alread allocated
Linux kernel treats such access as segmentation fault (page fault for
address above stack pointer is legal and Linux just allocats more space
to the stack). Since `exec' system call copies environment and arguments
to the new stack one can cause segmentation fault in _any_ program
compiled with `-fstack-check' just by putting apropriatly sized variable
in the environment (sometimes even renaming the program).
There are already bug reports about this problem (like PR 10127), but
I have not seen written explanation.
So I would suggest to add a warning, for example:
Do not use `-fstack-check' for single-thread programs (or main thread
in multi-threaded programs), on some systems (for example Linux)
it may cause spurious segmentation fault during startup.
Alternatively, `-fstack-check' should be fixed and use different method
for stack probes (but the goals of current stack probe look incompatible
with kernel policy for stack extension).
--
Waldek Hebisch
[EMAIL PROTECTED]
