[71f4beb] | 1 | Introduction |
---|
| 2 | ============ |
---|
| 3 | |
---|
[ac7d5ef0] | 4 | This directory contains a stack bounds checker. It provides two |
---|
| 5 | primary features: |
---|
| 6 | |
---|
| 7 | + check for stack overflow at each context switch |
---|
| 8 | + provides an educated guess at each task's stack usage |
---|
| 9 | |
---|
[71f4beb] | 10 | Enabling |
---|
| 11 | ======== |
---|
| 12 | |
---|
| 13 | Add the stack checker extension to the initial user extension set. |
---|
| 14 | If using confdefs.h to build your configuration table, this is |
---|
| 15 | as simple as adding -DSTACK_CHECK_ON to the gcc command line which |
---|
| 16 | compiles the file defining the configuration table. In the RTEMS |
---|
| 17 | test suites and samples, this is always init.c |
---|
| 18 | |
---|
| 19 | Background |
---|
| 20 | ========== |
---|
| 21 | |
---|
[ac7d5ef0] | 22 | The stack overflow check at context switch works by looking for |
---|
| 23 | a 16 byte pattern at the logical end of the stack to be corrupted. |
---|
| 24 | The "guesser" assumes that the entire stack was prefilled with a known |
---|
| 25 | pattern and assumes that the pattern is still in place if the memory |
---|
| 26 | has not been used as a stack. |
---|
| 27 | |
---|
| 28 | Both of these can be fooled by pushing large holes onto the stack |
---|
| 29 | and not writing to them... or (much more unlikely) writing the |
---|
| 30 | magic patterns into memory. |
---|
| 31 | |
---|
| 32 | This code has not been extensively tested. It is provided as a tool |
---|
| 33 | for RTEMS users to catch the most common mistake in multitasking |
---|
| 34 | systems ... too little stack space. Suggestions and comments are appreciated. |
---|
| 35 | |
---|
| 36 | NOTES: |
---|
| 37 | |
---|
| 38 | 1. Stack usage information is questionable on CPUs which push |
---|
| 39 | large holes on stack. |
---|
| 40 | |
---|
| 41 | 2. The stack checker has a tendency to generate a fault when |
---|
| 42 | trying to print the helpful diagnostic message. If it comes |
---|
| 43 | out, congratulations. If not, then the variable Stack_check_Blown_task |
---|
| 44 | contains a pointer to the TCB of the offending task. This |
---|
| 45 | is usually enough to go on. |
---|
| 46 | |
---|
| 47 | FUTURE: |
---|
| 48 | |
---|
| 49 | 1. Determine how/if gcc will generate stack probe calls and support that. |
---|