1. Field of the Invention
The present invention relates to the process of developing operating systems for computers. More specifically, the present invention relates to a method and an apparatus for detecting a kernel stack overflow condition during development of an operating system.
2. Related Art
The problem of kernel stack overflow arises frequently during operating system development. As kernel code makes procedure calls, each successive procedure call allocates a stack frame on the kernel stack. Upon completion of a procedure call, the stack frame for the procedure call is removed from the top of the kernel stack. When procedure calls become deeply nested, a large amount of stack space can potentially be used. In some instances, so much stack space is used that the stack grows beyond its allocated space and stack overflow results. During a stack overflow, the system starts overwriting information in memory located past the end of the stack. Operating systems are typically designed to handle stack overflow conditions, but stack overflow conditions are not always detected and handled successfully, especially during the operating system development process, when the kernel code is not stable.
Stack overflow conditions can also arise when procedures temporarily use the stack to store state information. Stack overflows of this nature can be extremely difficult to diagnose, especially because they can randomly corrupt memory being used for unrelated purposes.
Traditionally, stack overflow detection has been solved a number of ways. One common method is to use hardware support to make memory just beyond the stack inaccessible. In this case, if an executing code tries to access memory beyond the stack boundary, an overflow is detected by the hardware and appropriate action is taken. However, this technique can greatly complicate hardware development and can potentially degrade system performance.
Another technique for detecting stack overflows involves analyzing the stack during context swapping operations. In operating systems that support context swapping, each thread has its own stack, and the context-swapping mechanism swaps threads in and out to facilitate time sharing. When a context switch occurs, it is possible to analyze the stack to determine if it has overrun its boundaries. While sometimes useful, this technique does not immediately provide notification when the stack pointer exceeds its boundaries. Hence, the overflow can potentially corrupt critical data before the stack overflow is detected, making it hard to diagnose the problem.
What is needed is a method and an apparatus for detecting stack overflow conditions before they occur without the limitations described above.