From: Ingo Molnar <mingo@elte.hu>
To: Alan Cox <alan@lxorguk.ukuu.org.uk>
Cc: Linux Kernel Mailing List <linux-kernel@vger.kernel.org>,
mingo@redhat.com, Thomas Gleixner <tglx@linutronix.de>,
"H. Peter Anvin" <hpa@zytor.com>,
Arjan van de Ven <arjan@infradead.org>
Subject: Re: x86: 8K stacks by default
Date: Fri, 2 May 2008 09:15:42 +0200 [thread overview]
Message-ID: <20080502071542.GA713@elte.hu> (raw)
In-Reply-To: <20080501101956.695c5b34@core>
* Alan Cox <alan@lxorguk.ukuu.org.uk> wrote:
> > x86: 8K stacks by default
> >
> > Switch back to 8K stacks as the safer default. Out-of-memory
> > situations are less problematic than silent and hard to debug
> > stack corruption.
>
> On its own that makes the problem worse not better. If you are going
> to 8K stacks fine but if you want them debuggable then 32bit needs to
> always use separate IRQ stacks as well, otherwise you've merely made
> the crash cases rarer and harder to debug (deep recursion colliding
> with deep IRQ path)
you are right in the larger picture. Note that 4K stacks still move out
of EXPERIMENTAL, so they are still a more prominent choice than they
were in v2.6.25.
The plan is to remove "this overflows my stack here and now" technical
argument: we'll add the stack-footprint measurement tracing plugin from
-rt to ftrace and get that upstream. In -rt's tracer we can measure,
track and trace the exact worst-case stack footprint of a system, since
bootup. It relies on the function tracer which looks at the current
stack footprint at every given moment. It's not a statistical sample, it
tracks the true worst-case stack footprint.
we've also got other (lighter weight) "did the stack overflow"
protective measures queued up in x86.git - but those didnt make it into
v2.6.26. It's this commit in x86.git:
| commit 738570e1d30a5e26266072190f0ed8080594b8b0
| Author: Eric Sandeen <sandeen@sandeen.net>
| Date: Tue Apr 22 16:38:23 2008 -0500
|
| use canary at end of stack to indicate overruns at oops time
|
| (Updated with a common max-stack-used checker that knows about
| the canary, as suggested by Joe Perches)
So we'll just stay with the status quo for now - which was 8K stacks for
most people who didnt intentionally pick 4K stacks. Distributions can
still pick their preference anyway and we'll revisit the issue in 2.6.27
once we've got all the right tools in place.
_Then_ there can be no real technical argument about making the more
robust 4K stacks the default.
Ingo
next prev parent reply other threads:[~2008-05-02 7:16 UTC|newest]
Thread overview: 3+ messages / expand[flat|nested] mbox.gz Atom feed top
[not found] <200805010359.m413xWBV014593@hera.kernel.org>
2008-05-01 9:19 ` x86: 8K stacks by default Alan Cox
2008-05-02 7:15 ` Ingo Molnar [this message]
2008-05-02 9:05 ` Andi Kleen
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20080502071542.GA713@elte.hu \
--to=mingo@elte.hu \
--cc=alan@lxorguk.ukuu.org.uk \
--cc=arjan@infradead.org \
--cc=hpa@zytor.com \
--cc=linux-kernel@vger.kernel.org \
--cc=mingo@redhat.com \
--cc=tglx@linutronix.de \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox