检测堆栈溢出 [英] Detect Stack overflows

问题描述

操作系统如何检测用户空间程序的堆栈溢出[然后将SIGTERM或SIGSEGV发送给那些用户空间程序]？

How do operating systems detect stack overflows of user-space programs [and then send SIGTERM or SIGSEGV to those userspace programs] ?

推荐答案

答案将取决于目标架构和特定的操作系统。由于这个问题是Linux的标签，所以你对这个问题的看法比较普遍，但是这个问题似乎比较普遍。

The answer will depend on the target architecture and the particular OS. Since the question is tagged Linux, you have rather biased the question which on the face of it seems more general.

在一个复杂的操作系统或RTOS中，如Linux或QNX Neutrino通过MMU保护支持，可以使用诸如已经提到的保护页面的存储器保护机制。这样的操作系统当然需要具有MMU的目标。

In a sophisticated OS or RTOS such as Linux or QNX Neutrino, with MMU protection support, memory protection mechanisms may be used such as the guard pages already mentioned. Such OSs require a target with an MMU of course.

更简单的操作系统和没有MMU支持的典型RTOS调度内核可能会使用多种方法。最简单的是将防护签名放在堆栈的顶部，当调度程序运行时，它将被检查修改。这是一个有点命中，它要求堆栈溢出实际上修改签名，并且导致的损坏在调度程序下一次运行之前不会导致崩溃。一些具有片上调试资源的系统可能能够在签名字上放置访问断点，并在命中时引起异常。

Simpler OSs and typical RTOS scheduling kernels without MMU support may use a number of methods. The simplest is to place a guard signature at the top of the stack, which is checked for modification when the scheduler runs. This is a bit hit-and-miss, it requires that the stack-overflow actually modifies the signature, and that the resulting corruption does not cause a crash before the scheduler next runs. Some systems with on-chip debug resources may be able to place an access break-point on the signature word and cause an exception when it is hit.

在开发中，常见的技术是最初用签名填充每个线程堆栈，并且有一个线程定期检查高潮，如果超过一定的百分比水平则发出警告。

In development a common technique is to initially fill each thread stack with a signature and to have a thread periodically check for the "high-tide" and issue a warning if it exceeds a certain percentage level.

这篇关于检测堆栈溢出的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！