site_archiver@lists.apple.com Delivered-To: darwin-kernel@lists.apple.com On Nov 24, 2009, at 6:11 PM, mogambo wrote:
I am debugging a couple of issues with a filesystem driver kext on 64-bit 10.6. One of them looks like stack corruption. A pointer to an array of two ints on stack in fnA() is passed to a fnB(). When fnB() tries writing to it, it gets a kernel trap. Looking at the address of the passed in array in fnB() reveals that it is corrupt. If I compare the esp between frame 0 and frame 20 in the kernel coredump, the difference is about 6400 bytes. I do not think the kernel stack will be smaller than that, but in general, is there an easy way to check kernel stack size?
You've confused two things here; corrupting your stack, and running off the stack. Totally different issues. If you run out of stack, you'll take a trap on the guard page that's below the stack. Not at all related to running off an array boundary or dereferencing a bad pointer into the stack and corrupting your array. = Mike _______________________________________________ Do not post admin requests to the list. They will be ignored. Darwin-kernel mailing list (Darwin-kernel@lists.apple.com) Help/Unsubscribe/Update your Subscription: http://lists.apple.com/mailman/options/darwin-kernel/site_archiver%40lists.a... This email sent to site_archiver@lists.apple.com