CN114282206A - Stack overflow detection method, device, embedded system and storage medium - Google Patents
Stack overflow detection method, device, embedded system and storage medium Download PDFInfo
- Publication number
- CN114282206A CN114282206A CN202011042657.6A CN202011042657A CN114282206A CN 114282206 A CN114282206 A CN 114282206A CN 202011042657 A CN202011042657 A CN 202011042657A CN 114282206 A CN114282206 A CN 114282206A
- Authority
- CN
- China
- Prior art keywords
- stack
- protection domain
- task
- target address
- protection
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Images
Landscapes
- Storage Device Security (AREA)
Abstract
The embodiment of the invention provides a stack overflow detection method, a device, an embedded system and a storage medium, wherein the stack overflow detection method comprises the following steps: creating a stack corresponding to the first task; protecting a target address of a stack through a first protection domain in a storage protection unit, and setting the access authority of the first protection domain as inaccessible, wherein the target address comprises an address in the direction of the bottom of the stack, and the first protection domain is one of a plurality of protection domains contained in the storage protection unit; in the running process of the first task, responding to the access of a stack pointer to a target address, and triggering an abnormal signal, wherein the abnormal signal indicates that the stack overflows; and acquiring stack overflow information according to an exception handler corresponding to the exception signal. Through the scheme, the problem of stack out overflow can be detected in real time, and a stack overflow site is obtained.
Description
Technical Field
The invention relates to the technical field of computers, in particular to a stack overflow detection method, a stack overflow detection device, an embedded system and a storage medium.
Background
Embedded systems are used in many electronic devices, and typically include hardware such as processors, memory, general device interfaces, and software such as operating systems.
In an embedded system, when a certain task needs to be run, a stack corresponding to the task is created in advance, and in the process of running the task, the stack can be used for storing local variables, parameter values and the like distributed in some functions during the running of the task, and can also be used for pushing the called functions. However, stack overflow problems can result if misusage, such as allocated local variables being too large, or function calls nested too deeply.
Currently, one method for detecting stack overflow is: when a stack corresponding to a certain task A is created, a magic number (also called magic value) is initialized in a certain byte or a certain few bytes at the bottom of the stack, and if a stack overflow phenomenon occurs during the running process of the task A, the magic number is tampered. Based on this, currently, when the task a is executed and switched to another task B, the detection of whether the stack overflow problem occurs in the task a is triggered, and when the magic number is detected to be tampered, the stack overflow problem is determined to occur.
The detection mode is a hysteresis detection mode, and stack overflow information cannot be captured in real time, namely stack overflow field context cannot be captured in real time, so that problem positioning is not facilitated.
Disclosure of Invention
Embodiments of the present invention provide a stack overflow detection method, an apparatus, an embedded system, and a storage medium, which can detect a stack overflow problem in real time.
In a first aspect, an embodiment of the present invention provides a stack overflow detection method, where the method includes:
creating a stack corresponding to the first task;
protecting a target address of the stack by a first protection domain in a storage protection unit, and setting an access right of the first protection domain to be inaccessible, wherein the target address comprises an address in a stack bottom direction, and the first protection domain is one of a plurality of protection domains contained in the storage protection unit;
in the running process of the first task, responding to the access of a stack pointer to the target address, and triggering an exception signal based on the access authority, wherein the exception signal indicates that the stack has a stack overflow problem;
and acquiring stack overflow information according to an exception handler corresponding to the exception signal.
In a second aspect, an embodiment of the present invention provides an apparatus for stack overflow detection, where the apparatus includes:
a creating module for creating a stack corresponding to a first task;
a protection module, configured to protect a target address of the stack by using a first protection domain in a storage protection unit, and set an access right of the first protection domain to be inaccessible, where the target address includes an address in a stack bottom direction, and the first protection domain is one of a plurality of protection domains included in the storage protection unit;
a stack overflow detection module, configured to respond to an access of a stack pointer to the target address in an operation process of the first task, and trigger an exception signal based on the access permission, where the exception signal indicates that a stack overflow problem occurs in the stack; and acquiring stack overflow information according to an exception handler corresponding to the exception signal.
In a third aspect, an embodiment of the present invention provides an embedded system, including a processor, a memory, and a storage protection unit, where the memory stores executable code thereon, and when the executable code is executed by the processor, the processor is enabled to implement at least the stack overflow detection method in the first aspect.
In a fourth aspect, an embodiment of the present invention provides a non-transitory machine-readable storage medium having stored thereon executable code, which when executed by a processor of an embedded system, causes the processor to implement at least the stack overflow detection method of the first aspect.
In a fifth aspect, an embodiment of the present invention provides an embedded system, including: the system comprises an operating system, a storage protection unit and a processor;
the operating system responds to the starting of a first task and creates a stack corresponding to the first task;
the storage protection unit is configured to protect a target address of the stack by using a first protection domain, and set an access right of the first protection domain to be inaccessible, where the target address includes an address in a stack bottom direction, and the first protection domain is one of a plurality of protection domains included in the storage protection unit;
the processor is used for responding to the access of a stack pointer to the target address in the running process of the first task and triggering an exception signal based on the access authority, wherein the exception signal indicates that the stack has a stack overflow problem; and acquiring stack overflow information according to an exception handler corresponding to the exception signal.
In the embodiment of the present invention, taking the first task to be executed as an example, before the first task is executed, a stack corresponding to the first task is created, and it is assumed that the stack is a downward-growing stack. In order to detect whether the stack overflows in real time during the operation of the first task, a target address (e.g., a preset address at the bottom of the stack) of the stack is protected in advance by a first Protection domain (region) in a Memory Protection Unit (MPU), and an access right of the first Protection domain is set to be inaccessible. In the running process of the first task, when the stack pointer accesses the target address, the target address cannot be accessed due to protection of the MPU, so that an exception (indicating that a stack overflow problem occurs) is immediately triggered, and stack overflow information can be acquired in a corresponding exception handler in real time.
Drawings
In order to more clearly illustrate the technical solutions in the embodiments of the present invention, the drawings needed to be used in the description of the embodiments are briefly introduced below, and it is obvious that the drawings in the following description are some embodiments of the present invention, and it is obvious for those skilled in the art to obtain other drawings based on the drawings without creative efforts.
Fig. 1 is a flowchart of a stack overflow detection method according to an embodiment of the present invention;
FIG. 2 is a schematic view of a downward growth stack according to an embodiment of the present invention;
FIG. 3 is a schematic view of an overgrowth stack according to one embodiment of the present invention;
fig. 4 is a schematic diagram of a scenario of protecting a stack bottom address according to an embodiment of the present invention;
FIG. 5 is a diagram illustrating a stack overflow scenario according to an embodiment of the present invention;
FIG. 6 is a flowchart of a stack overflow detection method according to another embodiment of the present invention;
fig. 7 is a schematic structural diagram of a stack overflow detection apparatus according to an embodiment of the present invention;
fig. 8 is a schematic structural diagram of an embedded system according to an embodiment of the present invention;
fig. 9 is a schematic structural diagram of an embedded system according to an embodiment of the present invention.
Detailed Description
In order to make the objects, technical solutions and advantages of the embodiments of the present invention clearer, the technical solutions in the embodiments of the present invention will be clearly and completely described below with reference to the drawings in the embodiments of the present invention, and it is obvious that the described embodiments are some, but not all, embodiments of the present invention. All other embodiments, which can be derived by a person skilled in the art from the embodiments given herein without making any creative effort, shall fall within the protection scope of the present invention.
The terminology used in the embodiments of the invention is for the purpose of describing particular embodiments only and is not intended to be limiting of the invention. As used in the examples of the present invention and the appended claims, the singular forms "a", "an", and "the" are intended to include the plural forms as well, unless the context clearly indicates otherwise, and "a plurality" typically includes at least two.
The words "if", as used herein, may be interpreted as "at … …" or "at … …" or "in response to a determination" or "in response to a detection", depending on the context. Similarly, the phrases "if determined" or "if detected (a stated condition or event)" may be interpreted as "when determined" or "in response to a determination" or "when detected (a stated condition or event)" or "in response to a detection (a stated condition or event)", depending on the context.
The traditional stack overflow detection scheme has detection hysteresis and cannot acquire a stack overflow field.
The reason why the conventional stack overflow detection scheme cannot acquire the stack overflow field is that: taking task a and task B as an example, when it is necessary to switch from task a to task B, the detection of whether the stack overflow problem exists in task a is performed, and at this time, the stack overflow field is lost. Because if the stack overflow problem occurs during the running process of the task A and the task A is not completely executed at the moment, the subsequent execution process of the task A destroys the stack overflow field. Therefore, in the stack overflow detection process executed only after the task A is executed, a stack overflow field cannot be obtained.
Based on this, the stack overflow detection method provided by the embodiment of the present invention aims to: and detecting the stack overflow problem in real time, thereby acquiring a stack overflow field so as to accurately locate the reason causing stack overflow and optimize the cause.
In practical applications, embedded systems may be deployed in many electronic devices. The stack overflow detection method provided by the embodiment of the invention can be executed by an embedded system, and particularly can be executed by a processor in the embedded system, such as a processor of a Cortex-M series. In practical applications, some embedded systems include an operating system coupled to a processor, and the stack overflow detection method can be executed by the operating system and the processor.
The implementation of the stack overflow detection method is described below with reference to some embodiments.
Fig. 1 is a flowchart of a stack overflow detection method according to an embodiment of the present invention, and as shown in fig. 1, the method may include the following steps:
101. a stack corresponding to the first task is created.
102. The method comprises the steps of protecting a target address of a stack through a first protection domain in a storage protection unit, and setting the access authority of the first protection domain to be inaccessible, wherein the target address comprises an address in the bottom direction of the stack, and the first protection domain is one of a plurality of protection domains contained in the storage protection unit.
103. And in the running process of the first task, responding to the access of a stack pointer to a target address, and triggering an exception signal based on the access authority, wherein the exception signal indicates that the stack overflows.
104. And acquiring stack overflow information according to an exception handler corresponding to the exception signal.
In an embedded system, whenever a task needs to be run, a stack corresponding to the task is created in advance. The stacks of different tasks are independent of each other.
In general, the stack can be divided into two types: a downward growing stack and an upward growing stack. For ease of understanding, both stacks are illustrated below in conjunction with fig. 2 and 3.
Fig. 2 is a schematic diagram of a growing down stack according to an embodiment of the present invention, as shown in fig. 2, if the stack grows down, that is, from a high address to a low address (i.e., the stack pointer moves from the high address to the low address during the stack pushing), the bottom of the stack is the smallest legal address that can be reached by the stack pointer, and the top of the stack is the largest legal address that can be reached by the stack pointer. Among them, a stack pointer (SP for short).
Fig. 3 is a schematic diagram of a stack growing upwards according to an embodiment of the present invention, as shown in fig. 3, if the stack grows upwards, that is, from a low address to a high address (i.e., the stack pointer moves from the low address to the high address during stack pushing), the bottom of the stack is the maximum legal address that can be reached by the stack pointer, and the top of the stack is the minimum legal address that can be reached by the stack pointer.
Herein, stack overflow, whether a stack grows downward or upward, refers to the phenomenon in which the stack pointer of the current task exceeds the bottom of the stack of the corresponding stack.
In the embodiment of the present invention, in order to detect the stack overflow problem in real time and obtain the stack overflow information (i.e. the stack overflow live context), a protection function of the MPU is required. In summary, the protection function is mainly embodied as: on one hand, a certain protection domain of the MPU points to the stack bottom address of the stack corresponding to the task, and on the other hand, the access authority is set for the protection domain and is set as the inaccessible authority. Both aspects of the configuration imply that the bottom address protected by the protection domain described above is not allowed to be accessed.
The procedure for using the above-described protection function is described in detail below.
Taking the first task as an example, when the first task is created, a stack corresponding to the first task may be created at the same time. For convenience of description, a stack corresponding to the first task is hereinafter referred to as a first stack. Before the first task needs to be run, a target address of a stack corresponding to the first task is protected, wherein the target address is an address in the bottom direction of the stack. Herein, the address in the bottom of the stack refers to an address corresponding to one or several bytes (e.g. 4 bytes) at the bottom of the stack. For example, in fig. 4, it is assumed that the first stack is a downward stack as shown in fig. 4, and the target address is a stack bottom address, i.e., an address of a byte corresponding to the stack bottom, where each rectangular box in fig. 4 represents a byte. The target address is protected using a protection domain of the MPU, a first protection domain (shown as region1 in FIG. 4), and the access rights of the first protection domain are set as follows: is not accessible.
In addition, optionally, during the process of creating the first stack, a magic number may also be written in the target address. Thus, if a stack overflow occurs and the first task performed a write operation on the stack when the stack overflow occurred, the magic number will be modified so that it can be known that the stack overflow was due to the write operation.
In an embedded system, the MPU can protect the memory (mainly memory and peripheral registers), which is a hardware protection method. The MPU manages memory using "domains" (which may also be referred to as protection domains). Generally, an MPU is provided with 8 protection domains, numbered 0-7. The first protection domain may be any one of the 8.
Assuming that the first protection domain is region1, in summary, the protection of the target address of the first stack by the region1 of the MPU may include the following steps:
the MPU is disabled first, then the target address of the first stack is written to region1 and the region's access rights are set to inaccessible, after which the MPU is enabled.
For example, assume the address of region1 is: 0x11111111, the target address of the first stack is 0x12345678, then 0x12345678 is written into 0x 11111111. The meaning and setting of the relevant information such as the address and size of the region1 can be realized by referring to the prior art, which is not described herein.
In addition, as known in the related art, disabling and enabling the MPU may be implemented by configuring a specific bit of the related register, for example, by setting bit [0] in the register c1 of the coprocessor CP15 to 1, so that the MPU may be enabled. Conversely, clearing the bit disables the MPU, i.e., the MPU is not used. At system power-up, the default state is that the bit is cleared and all protection domains are invalid.
In addition, currently in embedded operating systems, two modes of operation are provided: the handler (handler) mode, and the thread (thread) mode, also support two privilege levels: a privileged level and a non-privileged level (also referred to as a user level). The two modes of operation are primarily intended to distinguish between the types of code being executed. Generally, the processor mode corresponds to the code of an exception handler, and the thread mode corresponds to the code of a general application. Two privilege levels are one protection mechanism provided for memory accesses: at the privileged level, the program can access all ranges of memory (and of course also considering the MPU's definition of the area it protects), while at the non-privileged level, the accessible ranges are more limited.
Thread mode, which can be privileged or non-privileged; the processor mode is always privileged. After reset, the processor is in a privileged level thread mode.
In the setting process of the MPU in the embodiment of the invention, the processor is in an operation mode of a privilege level. That is, to determine that the processor of the embedded system is in a privileged level mode of operation, the target address of the first stack is set to be protected by the region1 in the MPU, and the access rights of the region1 are set to be inaccessible. The operation mode of the privilege level may be a processor mode of the privilege level or a thread mode of the privilege level.
As described above, after the embedded system is reset, the processor is in the privileged thread mode by default, and when the setting process of the MPU is required, the setting process may be completed directly in this mode, or may be switched to the privileged processor mode to complete the setting process. Switching between different modes can be achieved with reference to the prior art.
In summary, the first task may be run after the target address of the first stack is protected by the region1 of the MPU and the access right of the region1 is set to be inaccessible. During the running process of the first task, the stack pointer will continuously update the access address, when the stack pointer points to the target address at a certain time, since the target address is protected by the region1, and the access authority of the region1 is inaccessible, this means that the target address is not allowed to be accessed, so that, based on the setting of the access authority, when the stack pointer points to the target address, an exception signal will be immediately triggered, which may be an interrupt signal instructing to handle a storage management failure (MemManagementFault), and based on the exception signal, an exception handler provided by the operating system and corresponding to the exception signal may be called. Since the exception signal is triggered by the stack pointer accessing the target address of the first stack, which corresponds to the bottom address of the first stack, as mentioned above, when the stack pointer exceeds the bottom address, a stack overflow problem occurs, and therefore, the triggering of the exception signal means that a stack overflow problem occurs at this time.
Based on the triggering of the exception signal, a corresponding exception handler is skipped to, and stack overflow information, that is, a stack overflow field context, can be acquired based on the exception handler, and the method includes: state information of the relevant register, data information stored in the first stack, etc. when a stack overflow problem occurs. In summary, one of the main functions of the exception handler is to obtain various operation information on the first stack when stack overflow occurs, so as to facilitate accurate positioning of the reason for stack overflow based on the obtained information.
When the abnormal signal is triggered, the first task is interrupted to be executed.
In addition, when the exception signal is triggered, if the processor is not in the privileged handler mode at this time, it needs to be determined that the processor is in the privileged handler mode at this time, so as to acquire the stack overflow information according to the exception handler in the privileged handler mode.
In summary, before a task runs, a protection domain of the MPU is used to protect a stack bottom address (which refers to one or several bytes close to the stack bottom), and the protection domain is set to be inaccessible, so that a stack overflow problem can be detected in real time during the running process of the task based on the setting result, and a stack overflow site can be accurately located.
In order to more intuitively understand the stack overflow detection method provided by the embodiment shown in fig. 1, the following description is made with reference to the stack overflow detection scenario illustrated in fig. 5.
In fig. 5, assuming that the first task in the above is task X, when task X needs to be started, the operating system creates a stack corresponding to task X, which is assumed to be the stack illustrated in fig. 5. Initially, the stack pointer SP points to the top of the stack. The target address in the bottom direction illustrated in fig. 5 is protected by the MPU from being accessed. During the operation of task X, data needed to be written into the stack, such as data1 and data2 … data100, are generated continuously. As data is written, the address pointed to by the stack pointer SP changes. If the stack pointer points to the protected target address when data needs to be continuously written into the stack, at this time, since the target address is protected by the MPU and the access attribute is set to be inaccessible, an exception is triggered at this time, indicating that a stack overflow problem occurs, and a corresponding exception handler provided by the operating system is called to acquire a stack overflow field.
In practice, task X may be some user application included in the embedded system.
Fig. 6 is a flowchart of a stack overflow detection method according to another embodiment of the present invention, as shown in fig. 6, the method may include the following steps:
601. a stack corresponding to the first task is created.
602. The target address of the stack is protected through a first protection domain in the storage protection unit, and the access authority of the first protection domain is set to be inaccessible.
603. In the running process of the first task, responding to the access of the stack pointer to the target address, triggering an abnormal signal based on the access authority of the first protection domain, and acquiring stack overflow information according to an abnormal processing program corresponding to the abnormal signal.
604. A stack corresponding to the second task is created.
605. And responding to the switching from the first task to the second task, protecting the target address of the stack corresponding to the second task through a second protection domain in the storage protection unit, and setting the access authority of the second protection domain as inaccessible.
606. And in the running process of the second task, responding to the access of the stack pointer to the target address, triggering an abnormal signal based on the access authority of the second protection domain, and acquiring stack overflow information according to an abnormal processing program corresponding to the abnormal signal.
It should be noted that the execution sequence of the steps in this embodiment is only an example, and is not strictly limited.
In this embodiment, it is mainly intended to describe how to perform stack overflow detection on a second task in real time when a first task is executed completely and needs to be switched to execute the second task.
In fact, the stack overflow problem corresponding to the second task is detected in the same manner as the stack overflow detection corresponding to the first task described above.
Specifically, for convenience of description, the stack corresponding to the first task is referred to as a first stack, the stack corresponding to the second task is referred to as a second stack, and it is assumed that the target address of the first stack is the bottom address of the first stack, and the target address of the second stack is also the bottom address of the second stack. Assuming that a stack pointer corresponding to a first stack accesses a stack bottom address of the first stack at a certain time in a running process of a first task, an exception signal is triggered at this time, so that stack overflow information of the first stack is obtained in real time in an exception handler responding to the exception signal. After the first task is finished, assuming that the second task needs to be executed next, before the second task is executed, in order to detect the stack overflow problem corresponding to the second task in real time, similarly, the protection domain of the MPU needs to protect the bottom address of the second stack and set the protection domain inaccessible.
The protection domain protecting the bottom-of-stack address of the first stack is referred to as a first protection domain, the protection domain protecting the bottom-of-stack address of the second stack is referred to as a second protection domain, and the second protection domain may be the same as or different from the first protection domain.
Assuming that the first protection domain and the second protection domain are both region1, in fact, before the region1 is used to protect the stack bottom address of the second stack, the MPU is disabled, then the stack bottom address of the second stack is written into region1, the access right of region1 is set to be inaccessible, and then the MPU is enabled, thereby enabling the region1 to switch to protect the stack bottom address of the second stack.
Similarly, in the running process of the second task, when the stack pointer corresponding to the second stack accesses the stack bottom address of the second stack, the exception signal is immediately triggered, and the corresponding exception handler is skipped according to the exception signal, so as to obtain the stack overflow information corresponding to the second stack based on the exception handler.
The stack overflow detection apparatus of one or more embodiments of the present invention will be described in detail below. Those skilled in the art will appreciate that these stack overflow detection means can be constructed using commercially available hardware components configured by the steps taught in the present scheme.
Fig. 7 is a schematic structural diagram of a stack overflow detection apparatus according to an embodiment of the present invention, where the stack overflow detection apparatus may be located in an embedded system. As shown in fig. 7, the stack overflow detecting apparatus includes: a creating module 11, a protecting module 12 and a stack overflow detecting module 13.
A creating module 11, configured to create a stack corresponding to the first task.
A protection module 12, configured to protect a target address of the stack through a first protection domain in a storage protection unit, and set an access right of the first protection domain to be inaccessible, where the target address includes an address in a stack bottom direction, and the first protection domain is one of a plurality of protection domains included in the storage protection unit.
A stack overflow detection module 13, configured to trigger an exception signal based on the access permission in response to an access of a stack pointer to the target address in an operation process of the first task, where the exception signal indicates that a stack overflow problem occurs in the stack; and acquiring stack overflow information according to an exception handler corresponding to the exception signal.
Optionally, the protection module 12 may be specifically configured to: disabling the memory protection unit; writing the target address into a first protection domain in the storage protection unit, and setting the access authority of the first protection domain as inaccessible; the memory protection unit is enabled.
Optionally, the creating module 11 may be further configured to: in the process of creating the stack, a magic number is written in the target address.
Optionally, the protection module 12 may be specifically configured to: and determining that a processor of the embedded system is in a privileged-level operation mode, and protecting the target address of the stack through a first protection domain in a storage protection unit.
Wherein, optionally, the operation mode of the privilege level comprises: a processor mode of a privilege level, or a thread mode of a privilege level.
Optionally, the stack overflow detecting module 13 may be specifically configured to: and determining a handler mode of the processor of the embedded system at a special weight level, so as to acquire stack overflow information according to an exception handler corresponding to the exception signal.
Optionally, the protection module 12 may also be configured to: and in response to the switching from the first task to the second task, protecting the target address of the stack corresponding to the second task through a second protection domain in the storage protection unit, and setting the access authority of the second protection domain to be inaccessible, wherein the second protection domain is the same as or different from the first protection domain.
The stack overflow detecting apparatus shown in fig. 7 may perform the method provided in the embodiments shown in fig. 1 to fig. 5, and a part not described in detail in this embodiment may refer to the related description of the embodiments, which is not described herein again.
In one possible design, the structure of the stack overflow detection apparatus shown in fig. 7 described above may be implemented as an embedded system. As shown in fig. 8, the embedded system may include: processor 21, memory 22, memory protection unit 23. Wherein the memory 22 has stored thereon executable code which, when executed by the processor 21, at least enables the processor 21 to implement the stack overflow detection method as provided in the embodiments of fig. 1 to 5 described above.
The embedded system may also include software such as an operating system, interfaces such as I/O interfaces, communication interfaces, and various registers in its structure.
In addition, an embodiment of the present invention provides a non-transitory machine-readable storage medium having stored thereon executable code, which, when executed by a processor of an embedded system, causes the processor to perform the stack overflow detection method provided in the foregoing embodiments shown in fig. 1 to 5.
The composition of the embedded system is described above in terms of hardware composition. In practical applications, the embedded system may include not only hardware but also software. Based on this, as shown in fig. 9, the embedded system may include: an operating system 31, a memory protection unit 32, and a processor 33.
The operating system 31, in response to the start of the first task, creates a stack corresponding to the first task.
A storage protection unit 32, configured to protect a target address of the stack through a first protection domain, and set an access right of the first protection domain as inaccessible, where the target address includes an address in a stack bottom direction, and the first protection domain is one of a plurality of protection domains included in the storage protection unit.
The processor 33 is configured to trigger an exception signal based on the access authority in response to an access of a stack pointer to the target address during a running process of the first task, where the exception signal indicates that a stack overflow problem occurs in the stack; and acquiring stack overflow information according to an exception handler corresponding to the exception signal.
Optionally, the storage protection unit 32 is further configured to: and in response to the switching from the first task to the second task, protecting the target address of the stack corresponding to the second task through a second protection domain in the storage protection unit, and setting the access authority of the second protection domain to be inaccessible, wherein the second protection domain is the same as or different from the first protection domain.
For specific steps performed in the stack overflow detection process by the operating system 31, the storage protection unit 32, and the processor 33, reference may be made to the related descriptions in the foregoing other embodiments, which are not described herein again.
The above-described apparatus embodiments are merely illustrative, wherein the various modules illustrated as separate components may or may not be physically separate. Some or all of the modules may be selected according to actual needs to achieve the purpose of the solution of the present embodiment. One of ordinary skill in the art can understand and implement it without inventive effort.
Through the above description of the embodiments, those skilled in the art will clearly understand that each embodiment can be implemented by adding a necessary general hardware platform, and of course, can also be implemented by a combination of hardware and software. With this understanding in mind, the above-described aspects and portions of the present technology which contribute substantially or in part to the prior art may be embodied in the form of a computer program product, which may be embodied on one or more computer-usable storage media having computer-usable program code embodied therein, including without limitation disk storage, CD-ROM, optical storage, and the like.
Finally, it should be noted that: the above examples are only intended to illustrate the technical solution of the present invention, but not to limit it; although the present invention has been described in detail with reference to the foregoing embodiments, it will be understood by those of ordinary skill in the art that: the technical solutions described in the foregoing embodiments may still be modified, or some technical features may be equivalently replaced; and such modifications or substitutions do not depart from the spirit and scope of the corresponding technical solutions of the embodiments of the present invention.
Claims (12)
1. A stack overflow detection method is applied to an embedded system, and comprises the following steps:
creating a stack corresponding to the first task;
protecting a target address of the stack by a first protection domain in a storage protection unit, and setting an access right of the first protection domain to be inaccessible, wherein the target address comprises an address in a stack bottom direction, and the first protection domain is one of a plurality of protection domains contained in the storage protection unit;
in the running process of the first task, responding to the access of a stack pointer to the target address, and triggering an exception signal based on the access authority, wherein the exception signal indicates that the stack has a stack overflow problem;
and acquiring stack overflow information according to an exception handler corresponding to the exception signal.
2. The method of claim 1, wherein the protecting the target address of the stack with the first protection domain in the memory protection unit comprises:
disabling the memory protection unit;
writing the target address into a first protection domain in the storage protection unit, and setting the access authority of the first protection domain as inaccessible;
the memory protection unit is enabled.
3. The method of claim 1, further comprising:
in creating the stack, a magic number is written within the target address-a subsequent use logic is absent.
4. The method of claim 1, wherein the protecting the target address of the stack with the first protection domain in the memory protection unit comprises:
determining a mode of operation in which a processor of the embedded system is at a privilege level;
and protecting the target address of the stack through a first protection domain in the storage protection unit.
5. The method of claim 4, wherein the privilege level modes of operation comprise: a processor mode of a privilege level, or a thread mode of a privilege level.
6. The method according to claim 1, wherein the obtaining stack overflow information according to the exception handler corresponding to the exception signal comprises:
and determining a handler mode of the processor of the embedded system at a special weight level, so as to acquire stack overflow information according to an exception handler corresponding to the exception signal.
7. The method of claim 1, further comprising:
and in response to the switching from the first task to the second task, protecting the target address of the stack corresponding to the second task through a second protection domain in the storage protection unit, and setting the access authority of the second protection domain to be inaccessible, wherein the second protection domain is the same as or different from the first protection domain.
8. A stack overflow detection apparatus, comprising:
a creating module for creating a stack corresponding to a first task;
a protection module, configured to protect a target address of the stack by using a first protection domain in a storage protection unit, and set an access right of the first protection domain to be inaccessible, where the target address includes an address in a stack bottom direction, and the first protection domain is one of a plurality of protection domains included in the storage protection unit;
a stack overflow detection module, configured to respond to an access of a stack pointer to the target address in an operation process of the first task, and trigger an exception signal based on the access permission, where the exception signal indicates that a stack overflow problem occurs in the stack; and acquiring stack overflow information according to an exception handler corresponding to the exception signal.
9. An embedded system, comprising: the device comprises a memory, a processor and a memory protection unit; wherein the memory has stored thereon executable code which, when executed by the processor, causes the processor to perform the stack overflow detection method of any of claims 1 to 7.
10. A non-transitory machine-readable storage medium having stored thereon executable code, which when executed by a processor of an embedded system, causes the processor to perform the stack overflow detection method of any of claims 1 to 7.
11. An embedded system, comprising: the system comprises an operating system, a storage protection unit and a processor;
the operating system responds to the starting of a first task and creates a stack corresponding to the first task;
the storage protection unit is configured to protect a target address of the stack by using a first protection domain, and set an access right of the first protection domain to be inaccessible, where the target address includes an address in a stack bottom direction, and the first protection domain is one of a plurality of protection domains included in the storage protection unit;
the processor is used for responding to the access of a stack pointer to the target address in the running process of the first task and triggering an exception signal based on the access authority, wherein the exception signal indicates that the stack has a stack overflow problem; and acquiring stack overflow information according to an exception handler corresponding to the exception signal.
12. The embedded system of claim 11, wherein the memory protection unit is further configured to: and in response to the switching from the first task to the second task, protecting the target address of the stack corresponding to the second task through a second protection domain in the storage protection unit, and setting the access authority of the second protection domain to be inaccessible, wherein the second protection domain is the same as or different from the first protection domain.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202011042657.6A CN114282206A (en) | 2020-09-28 | 2020-09-28 | Stack overflow detection method, device, embedded system and storage medium |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202011042657.6A CN114282206A (en) | 2020-09-28 | 2020-09-28 | Stack overflow detection method, device, embedded system and storage medium |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN114282206A true CN114282206A (en) | 2022-04-05 |
Family
ID=80868142
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202011042657.6A Pending CN114282206A (en) | 2020-09-28 | 2020-09-28 | Stack overflow detection method, device, embedded system and storage medium |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN114282206A (en) |
Cited By (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN115221506A (en) * | 2022-07-15 | 2022-10-21 | 深圳市航顺芯片技术研发有限公司 | Protection method for preventing stack overflow and related equipment |
| CN117591333A (en) * | 2024-01-17 | 2024-02-23 | 深圳市国电科技通信有限公司 | Thread stack overflow detection method, device, system, chip and medium |
-
2020
- 2020-09-28 CN CN202011042657.6A patent/CN114282206A/en active Pending
Cited By (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN115221506A (en) * | 2022-07-15 | 2022-10-21 | 深圳市航顺芯片技术研发有限公司 | Protection method for preventing stack overflow and related equipment |
| CN115221506B (en) * | 2022-07-15 | 2023-08-29 | 深圳市航顺芯片技术研发有限公司 | Protection method for preventing stack overflow and related equipment |
| CN117591333A (en) * | 2024-01-17 | 2024-02-23 | 深圳市国电科技通信有限公司 | Thread stack overflow detection method, device, system, chip and medium |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| US8301856B2 (en) | Restricting memory areas for an instruction read in dependence upon a hardware mode and a security flag | |
| JP5905904B2 (en) | Controlling debug exception generation | |
| EP1857943A1 (en) | Computer system having memory protection function | |
| US10545851B2 (en) | Breakpoint insertion into kernel pages | |
| JP2015525916A (en) | Memory protection device and protection method | |
| US11354404B2 (en) | Transition disable indicator | |
| US10824350B2 (en) | Handling contingent and non-contingent memory access program instructions making use of disable flag | |
| US9652348B2 (en) | Debugging in a data processing apparatus | |
| CN114282206A (en) | Stack overflow detection method, device, embedded system and storage medium | |
| JP6921800B2 (en) | Data access tracking in secure mode | |
| CN104536912A (en) | Device and method for achieving memory protection mode in small operating system | |
| US20070239916A1 (en) | Input-output control apparatus, input-output control method, process control apparatus and process control method | |
| KR102161770B1 (en) | System and method for obtaining memory information | |
| JPS6074059A (en) | Access control system for storage device | |
| CN117688552B (en) | Stack space protection method, electronic device, storage medium and computer program product | |
| CN114282275A (en) | Mode switching method, device, embedded system and storage medium | |
| JP2002091826A (en) | Information processor |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination |