Gotta love the man page. Don't get carried away. "The alloca() function returns a pointer to the beginning of the allocated space. If the allocation causes stack overflow, program behavior is undefined"
Conversation
Surely touching anything outside the stack limit would result in a page fault, no?
1
It depends on the platform including the OS and compiler. You need -fstack-clash-protection with Clang and GCC on Linux to guarantee stack overflows are detected. Otherwise, you can easily skip over the guard page. It's not inherently caught from going past the end of the stack.
1
1
Never quite understood the difference between that and -fstack-check?
1
GCC -fstack-check doesn't provide protection in the general case and is actively dangerous on architectures without new-style checking. Clang doesn't actually implement it.
-fstack-clash-protection is safe and provides full protection on architectures with proper support for it.
2
1
Oh OK thanks. I've had great success catching stack overflows w/ -fstack-check and was wondering how they differed. Will read on this, thanks.
1
It's covered in the GCC man page. Definitely stop using -fstack-check and use -fstack-clash-protection instead.
1
1
Mmmh developers.redhat.com/blog/2019/04/3 helps with one detail, I write lots of Ada, rarely mixed. Mmmh. Still the 1-3 pages might be why I had some trouble with some stack overflow behaviour... Thanks! Will read the gcc man page too... TIL
1
It's safe on an architecture with a proper implementation if you have pure Ada processes without any C code (no libc usage, etc.) or assembly code that's not doing the probes, etc. It's unsafe in the presence of code without the checks. It can actually be worse than not doing it.
1
1
C ecosystem is not designed with that assumption at all and it's rarely ever safe to use -fstack-check even if you think everything is compiled with it. It's best to just use -fstack-clash-protection and avoid it completely.
2
1
-fstack-clash-protection is smart enough to avoid causing harm on architectures without proper implementations. It only provides full protection on a few architectures (likely varies between GCC and Clang) but won't screw you over elsewhere.