I’ve been searching the Google archives to see if anyone has ever had
this discussion before, and I haven’t found anything. Here’s my
situation: QNX 4.25C. I have some code which needs to be high
availability, and to catch its own problems and reinitialize itself
when necessary (when the code is running the computer that it
runs on is physically inaccessible and the code has to take care
of itself). Currently we compile all the code using the Watcom
32-bit small model; in this model (most of you probably already
know this, so bear with me for a moment), there is a code segment
and a data segment. One advantage of this setup is that there is
no way for (near) data pointer to access the code segment, so
no possibility of an out-of-bounds array or pointer reference
overwriting the code.
I’d like to find a way to map out the memory that corresponds
to data address 0, so as to catch null pointer references
(a problem we’ve had in the past). There doesn’t seem to be
any way with the Watcom linker to tell it to offset just the
data segment. If I switch to flat model, where code and data
are all in the same segment, then I can use the OFFSET option
and offset the whole program so that address 0 is no longer valid,
and that will catch null pointer references. However, now with
the code and data in the same segment, it becomes possible for
an out-of-bounds data reference to overwrite the code.
It looks like a Faustian bargain. Which would you choose?
(Right now my thought is to leave it alone; we have some
stuff like ISRs and DMA routines that might be upset by
a change in the memory model. And I think that during
debugging I can catch null pointer references easier than
I can an overwrite of the code.)
Can’t you write a signal handler to catch SIGSEGV?
I don’t know. I’ve never tried it. It is just a guess.
“Dave Cornutt” <david.k.cornutt@boeing.com> wrote in message
news:4977cf6d.0210110908.572dbc58@posting.google.com…
I’ve been searching the Google archives to see if anyone has ever had
this discussion before, and I haven’t found anything. Here’s my
situation: QNX 4.25C. I have some code which needs to be high
availability, and to catch its own problems and reinitialize itself
when necessary (when the code is running the computer that it
runs on is physically inaccessible and the code has to take care
of itself). Currently we compile all the code using the Watcom
32-bit small model; in this model (most of you probably already
know this, so bear with me for a moment), there is a code segment
and a data segment. One advantage of this setup is that there is
no way for (near) data pointer to access the code segment, so
no possibility of an out-of-bounds array or pointer reference
overwriting the code.
I’d like to find a way to map out the memory that corresponds
to data address 0, so as to catch null pointer references
(a problem we’ve had in the past). There doesn’t seem to be
any way with the Watcom linker to tell it to offset just the
data segment. If I switch to flat model, where code and data
are all in the same segment, then I can use the OFFSET option
and offset the whole program so that address 0 is no longer valid,
and that will catch null pointer references. However, now with
the code and data in the same segment, it becomes possible for
an out-of-bounds data reference to overwrite the code.
It looks like a Faustian bargain. Which would you choose?
(Right now my thought is to leave it alone; we have some
stuff like ISRs and DMA routines that might be upset by
a change in the memory model. And I think that during
debugging I can catch null pointer references easier than
I can an overwrite of the code.)