This is the mail archive of the
mailing list for the glibc project.
Re: [RFC] nptl: change default stack guard size of threads
On Tue, Dec 19, 2017 at 09:41:03PM -0700, Jeff Law wrote:
> On 12/19/2017 01:34 PM, Rich Felker wrote:
> > On Tue, Dec 19, 2017 at 06:21:32PM +0000, Szabolcs Nagy wrote:
> >> On 19/12/17 13:06, Florian Weimer wrote:
> >>> On 12/19/2017 01:34 PM, James Greenhalgh wrote:
> >>>> Option 1: 64k guard pages for LP64 on AArch64.
> >>>> Option 2: 4k guard pages for LP64 for AArch64
> >>>> Our proposal then, having spoken things through with the Arm engineers
> >>>> here, and taken in to consideration the opinions on this thread, is that
> >>>> we move to two "blessed" configurations of the GCC support for AArch64.
> >>> Are there any Arm engineers who prefer Option 2, or is that just there to accommodate feedback on libc-alpha?
> >>> My main concern was the variance in configurations with Option 1 (compared to Option 2). To some extent, the
> >>> variance with Option 1 is temporary. If both Option 1 and 2 are offered, we have permanent variance. From my
> >>> point of view, that's worth that just going with Option 1.
> >>> So if this is some sort of consensus proposal, as opposed to actual technical requirements which favor Option 2
> >>> in some deployments, I think that's not a good idea, and we should go with Option 1 instead.
> >> well glibc can pretend that only Option 1 is available,
> >> my latest patch assumes 64k probe interval:
> >> https://sourceware.org/ml/libc-alpha/2017-12/msg00451.html
> >> however Option 1 requires generic code to be changed
> >> for aarch64 only (in the libc and elsewhere) and we
> >> cannot easily do that on all (non-glibc) systems.
> >> it seems to me if there are systems where Option 1
> >> may not provide guaranteed trap on stack overflow
> >> then gcc should have Option 2 for those systems.
> > For what it's worth, I would prefer having the assumed minimum guard
> > size be 4k for musl targets. Even if we do increase the default guard
> > to 64k for 64-bit archs (seems likely), applications that manually set
> > it lower for whatever reason should still be handled safely.
> > I'm utterly unconvinced that there's any practical measurable
> > performance difference either way, unless someone can demonstrate an
> > existing real-world program (not artificial benchmark) where the
> > difference is measurable.
> I've believed all along that stack clash probing as implemented by GCC
> is pretty damn cheap -- cheap enough that we ought to just turn it on by
> default and move on to other more useful work items. And I hold that
> position regardless of whether or not the guard is 4k or 64k.
> 64k is marginally better simply because there's less probing,
> particularly in a functions that allocate something like char array of
> MAXPATHLEN entries. Based on what I've looked at on a distro-wide
> basis, MAXPATHLEN arrays on the stack are the single biggest reasons we
> have to probe in prologues.
They're also almost certainly indicative of the function making
syscalls, in which case <10 instructions for a probe are completely
dominated by the syscall time (hundreds if not thousands of times