|
From: | Paul Eggert |
Subject: | Re: stack bounds |
Date: | Sat, 10 Oct 2020 13:10:17 -0700 |
User-agent: | Mozilla/5.0 (X11; Linux x86_64; rv:68.0) Gecko/20100101 Thunderbird/68.10.0 |
On 10/10/20 5:08 AM, Bruno Haible wrote:
On Linux, the kernel allows the stack to grow by any amount, if it does not become closer than 1 MB to another VMA and does not violate the set limits. See linux/mm/mmap.c:expand_downwards and linux/mm/mmap.c:acct_stack_growth. Therefore on Linux, there is no need for a guard page and no need for 'gcc -fstack-clash-protection'.
There's still a need, if a function declares a large local variable, as the stack pointer can jump around the 1 MB barrier and trash other storage. If I compile the attached program with 'gcc -m32 -O2 stackish.c' on Fedora 31 x86-64, the program exits with status 255 (instead of crashing with a stack overflow as it should), because the stack has overflowed and has stomped on the heap. So stack overflow checking is not "just working", at least for this particular case.
stackish.c
Description: Text Data
[Prev in Thread] | Current Thread | [Next in Thread] |