Subject: Re: random signals kill my processes with -current
To: John C. Hayward <John.C.Hayward@wheaton.edu>
From: Bill Studenmund <firstname.lastname@example.org>
Date: 01/29/1997 12:53:02
On Mon, 27 Jan 1997, John C. Hayward wrote:
> While a guard page may be a good approach to detect stack overflow in
> principle, I have seen in other systems which did not have hardware
> support for this detection when dealing with multiple stacks. XINU
> (Douglas Comers OS on PDP-11s for teaching OS) and Modula-3 (for support
> of threads) both use a magic signature at the bottom of one stack to
> detect overflow of another stack. Just before switching to the stack
> which may be over written a simple sanity check is made.
> Could a magic signature be placed at the bottom of the user area and
> checked to see for kernel stack overflow at context switch time?
This suggestion is basically what I was thinking of. I suggested a whole
page, but it doesn't have to be that large, given the data structures
living below the stack.
The idea is just put down a magic number which is unlikely to be passed as
a function parameter or a pointer, and occasionally check to see if it's
changed. And to leave enough space below the magic #'s so that when
they get tomped on, we still have a reasonable chance of living
long enough to say what's wrong.
Someone asked about having to check the whole page. I'd think checking two
or four of these magic #'s at the top would be fine. The rest of the space
is just for protection of what's below.