[gclist] memory protections and system calls
Paul R. Wilson
wilson@cs.utexas.edu
Sat, 29 Jun 1996 12:53:28 -0500
>From majordom@iecc.com Sat Jun 29 11:37:13 1996
>> The problem is this: when you access-protect memory and pass a pointer
>> to something in that protected memory to a system call, most OS's will
>> choke---they'll signal an unrecoverable error, or silently corrupt
>> data, or simply die. (We've brought SunOS down several times this way.)
>[...]
>> We view this as a bug in the OS,
>
>Yes, if the OS crashes, that *is* definitely a bug.
OOPS, I was running two problems together. The thing that crashes
SunOS is actually register window flushes (not explicit system calls)
into protected pages of the stack segment. The register window overflow
code can't cope with protected pages.
Apparently this can be fixed, but Sun hasn't done it. BSD implements the
same memory abstraction, and on SPARCS, the register window flushing code
sorts out protections properly.
In some ways, this problem is worse, because register window flushes
occur unpredictably, so we can't wrap them :-(. But for a lot of people's
purposes (and most of our current ones) it doesn't matter, because you
don't need to protect the stack segment. (Some OS's don't let you
protect the stack at all.)