Hi Marc, On Sun, Mar 17, 2024 at 11:42:44AM +0000, Marc Zyngier wrote: > On Thu, 14 Mar 2024 20:24:31 +0000, > Pierre-Clément Tosi <ptosi@xxxxxxxxxx> wrote: > > > > Remove superfluous SP overflow check from the non-synchronous > > handlers. > > Why are they superfluous? Because we are panic'ing? Detecting a stack > overflow is pretty valuable in any circumstances. I've reverted to keeping these in v2. However, the rationale was based on the assumption that the stack overflows into an invalid mapping so that accessing it post-overflow triggers a page fault. If that is correct, can't handlers of non-synchronous exceptions just blindly access SP and rely on the synchronous exception handler to catch any overflow (and somehow handle it or panic, this isn't really relevant)? In particular, note that passing those checks doesn't guarantee that the SP won't actually overflow while the handler is running (as most push to the stack). In that case, they'll end up in the synchronous handler anyway, right? So, given that the checks seem (to me) to happen at completely arbitrary points in time (due to the nature of exceptions), it is therefore not clear how they make the code more robust than not having them? But I'm probably missing something? -- Pierre
