On Sun, Jul 20, 2014 at 10:49 AM, Vincent Lefevre <vincent+gcc@xxxxxxxxxx> wrote: > It appears that GCC can generate code that yields silent stack-heap > collision under GNU/Linux. I mean, the program doesn't crash (at least > not immediately), the memory just gets corrupted. At the same time, > this overrides the stack-size limit defined at the kernel level > (getrlimit system call / RLIMIT_STACK) because the kernel has no > chance to detect the collision (no page fault); thus this limit > doesn't protect the user, and the problem seems to be on GCC's side. > > Why aren't such collisions detected by default? Because it's expensive, and GCC takes the attitude that the C language comes without safety guards. > How can one tell GCC to detect them? Use the -fstack-check option. Or -fsanitize=address. Or if you don't need variable length arrays at all, you could use -Werror=vla. Ian
