Re: [PATCH v9 12/26] x86/fpu/xstate: Use feature disable (XFD) to protect dynamic user state

[Dave Hansen]

On 8/24/21 4:17 PM, Len Brown wrote:
> Even if your AMX thread pool threads were to invoke this system call
> as soon as possible...
> What is to say that the thread pool is created only at a time when memory
> is available?  A thread could be created 24 hours into program execution
> under OOM conditions and this system call will return ENOMEM, and your program
> will in all likelihood throw up its arms and exit at the exact same place
> it would exit for transparently allocated buffers.

I tried this exact line of reasoning with Thomas: it doesn't matter
where we run out of memory, we still need the same memory and we're
screwed either way.

However, Thomas expressed a clear preference for ABIs which return
memory failures explicitly at syscalls versus implicit failures which
can happen on random instructions.

One might say that the odds of checking for and handling a NULL value
(or ENOMEM) are the same as installing a signal handler.  *But*, it's
infinitely easier to unroll state and recover from a NULL than it is to
handle it from within a signal handler.  In other words, the explicit
ones *encourage* better programming.

I'd prefer removing the demand-driven allocation at this point.