On Mon, Sep 09, 2002 at 03:09:51PM -0600, Joseph A. Knapka wrote: > Seth Arnold wrote: > > > > On Sat, Sep 07, 2002 at 04:03:41AM -0600, Joseph A. Knapka wrote: > > > I also suspect (though I do not know this for certain) > > > that the kernel is smart enough to detect kernel-stack > > > overflow and kill the offending process. > > > > Nope. Things just start acting funny. :) If you are lucky you get a > > panic soon. > > > > > trivial: just keep a read-only PTE at the end of the > > > kernel stack, and if anything tries to write > > > there, take a page fault, notice that it's adjacent > > > to the task stack, and kill the process. > > > > Iterate over $n processes .. where $n is disturbingly large on some > > systems. > > Hmm... Why not just look at the stack for "current"? Well, yes. The first thing it destroys is the task struct. So scheduler is likely to run into some broken pointer there sooner or later and OOPS. > > I agree it would be a nice debugging option to have :) but > > i doubt it would ever be added to the mainstream kernel. > > Probably so, but I'd just like to understand your comment :-) Well, a magic number at the end of task struct, that would be checked before task_struct is used would probably serve the same and would cost two words instead of a page. There is none however. ------------------------------------------------------------------------------- Jan 'Bulb' Hudec <bulb@ucw.cz> -- Kernelnewbies: Help each other learn about the Linux kernel. Archive: http://mail.nl.linux.org/kernelnewbies/ FAQ: http://kernelnewbies.org/faq/