#975 Rabbit stack protection

[Philipp Klaus Krause]

The Rabbits have a stack protection feature. We could introduce an option to enable it. When enabled, we'd set the stack pointer, and stack protection registers accordingly. We would also give an error if no stack violation interrupt is defined.
There are open questions: Should the lower stack bound be dynamically adjusted by the heap (de)allocation functions? Doing so would give optimal protection and memory use, but add overhead to memory (de)allocation.

[Jeff Mathews]

might also be interesting to support -fstack-protector

[Philipp Klaus Krause]

Yes, but IMO that should be a separate feature request.

• The Rabbit stack protection, if just set up once at program start has virtually non-existent runtime overhead (apart from a 32B RAM cost) and can protect against stack overflow due to runaway recursion, while it cannot protect against local stack corruption. It can offer a bit of extra protection (low overhead instead of no overhead) against out-of-bound accesses to local arrays if we set the lower bound at function entry.
• -fstack-protector has substantial runtime and code size overhead. It cannot protect against stack overflow from runaway recursion, but offers more protection against local stack corruption from out-of-bound accesses to local arrays.
• Neither of them gives perfect protection against stack corruption.

[Philipp Klaus Krause]

Looks like hardware documentation is incomplete. I tried some experiments, but have not been able to trigger the stack protection interrupt at all: https://forums.digi.com/t/how-does-the-rabbot-stack-protection-work/37813