From 789cd7451690e67299a9b86857872e156c3b807b Mon Sep 17 00:00:00 2001
From: Toby Jaffey <toby@ringtailsoftware.co.uk>
Date: Fri, 12 Dec 2025 21:01:40 +0000
Subject: [PATCH] Disable stack canary by default

---
 doc/README.md        |   2 ++
 precompiled/self.bin | Bin 5524 -> 5396 bytes
 uvm32/uvm32.c        |  12 +++++++++---
 uvm32/uvm32.h        |   2 ++
 4 files changed, 13 insertions(+), 3 deletions(-)

diff --git a/doc/README.md b/doc/README.md
index 22b3e9f..f8a3c22 100644
--- a/doc/README.md
+++ b/doc/README.md
@@ -183,6 +183,8 @@ The uvm32 memory size is set at compile time with `-DUVM32_MEMORY_SIZE=X` (in by
 
 Define `UVM32_ERROR_STRINGS` to add an `errstr` field to `uvm32_evt_err_t` giving a printable error string.
 
+Define `UVM32_STACK_PROTECTION` to enable a basic stack canary, to cause an early crash when the stack grows too large. Without this, the VM will normally crash (safely) in some other way which is less easily detected.
+
 ## Debugging
 
 Binaries can be disassembled with
diff --git a/precompiled/self.bin b/precompiled/self.bin
index 20484c7ded57f7d91ac14e11c95f9c290afbaa9f..d25ca78314df373498a3fe21dc20eecd2cf317b6 100755
GIT binary patch
delta 1668
zcmZ{jUrbw77{I@K+jDOzw-mTAh~SE?qj4;=SvAbamZD>Wjku2Ru!kj>+$Ao?q&Vk>
zk)(BPDKIjfA92e<91q*@f#^fgE|CW|aiBv+BG|={L4?U3FkB53)Nc5lBCe9q<k$24
zIp4o?&h0Gg+-@q!2T&QSyI|T|^?|Se1NpH62pF!*M`HO9z%VOT8Mi|bx2tWDwbdwO
zW7~luRq{y4Dk(!M_F&Mt@4~q<e@K4^C~Y_ceBfchXG1!gT%fh*8DcUB7%706z~W!p
zM@C~RSmG_DirA3>pb3D-`}C>h|N95Ft@&N#vpp`S2C4O@xQ+BjF*|@;I08X@QFu>i
z!7qgE>~mRhoW=XXuG*LrK)W?0s)DepvasSP&4C5IVKG>8ld5L}*@ZU(yb}Pvmdl{K
zBM*Q&7GtFp+q^7Ar3naLyKTWH(JnUphFzk|;0`~)A4Pjvb9}{ZS^`6LtD+T~ASTi2
zwX`VF@C3Nom%PDbYVc3vNh~%T%)K(rEAvBjT$jBV8S-M2p>Au#&wMOLDf6oATdz;Q
z@`x8t74D(J4-L-?JF(FCrZ_c<A){R!w%}*R8bQQAj1{@IL4)%qFZDMv7fomT20g5%
z=&YO-bTYt925N|b)*%~_CSK5|`f-50&-P+_dj)!=$Kupg^vGuf7v7LB3gzfEy<K4b
zN<roYZF=cg>P1|10*1pc;XTu2vDTGwQjILHYK8JizDW&dQdVoy2Lq>ZEaP4Ebi5Jc
zL!c(k{OfDDj7QBj;bm+x-x6(?up;xjqIRhsBU?c0lwl@|jkv2OM4#U9gLYo3!xAOm
z&?492Zly=?;I!i2QyGoKA=o3+CCU8w03-5%rX;G@<bvNdbD|m}_g0a4K$~64OY8a-
z^jaLkt9Z)d*i)6BNBcFA7u!NN#;0q!y+7S&xOOg6n@{9E@$aw3amrJJD;Aq@2n(}p
zPuHeL@F%3oCO}ztYtuu!qV-wN36hizn)#<_(7IEwroI9v%qYv}`Mbn{?5+N|;^>`I
z9Nn38fmb?InYMS%iP|R_<64(2#<tP6a9E))PKbuTre|v8N8RSr@7_^m7eqrZRL*qG
zB~dN`N68}PIQ+dzvUYinPU{fajNq_y``uw=jl4z#Sqa~FUuF8L&#7Dg<c<6E4_DS!
z+o&of?jR+fnI9VGFBKyPUc<4RXRN<0jXpWns>2`WQg-@9OLA)kzhZ;{=>ZpUjPMY(
z#E2CFgG4vcM~o9m`b^fD-Jnly(C0Vk$ql-aoyz6^FJU1W>N6m4iC8akmE>NckLV|q
zEC`$+yo4)fjaHIt%@8<B94B~eBdyIuUna#7gTx3iOX!42fj~9kRs0l4!t2BdB1Ci$
ztriL(=83n6-Bjc_(M{wLr-%@--VASu!<$*(+evcz-gSF#y4{}^a3kH3W*^+dKDLQ{
jaufT*4fbKucTCgYJkd{hi1mr~k=#u1iTG>TApraX{5K8y

delta 1667
zcmZ{kUrdu%6u{5@{@p^qmcl3Clt9<7qfU(@tJ6K04Kq{_#&mxiGbEUN$s~KhWplbo
z#y1NT85w^LnZ%I6mQ8#x+e4Yn5+Bgusu_#CxVp>;8B87|v5N?1BJA9DOh)Fz@4M%m
zd;Z;fPusn|dxIl48^BQ2{hf{%c5G*NU?@A93$}ckzZJ~}8=F+Wp$a>!6?Wr9*i5bp
z^WceHrlA#Us4~hReC&!)K<WH+Lqkd8J)pErX;25nYRF%bKt~Z+t*hiH2ZrHXn6PL5
zvN{wc8LWvGlEqC_0nh;;;_DJ)bN}791F8KY+ACPtN)1x$K4ByMVbli@WP2fm&#@2L
zkN6#1uYSedW+UEY&(<1@Et<YgFbgxm^nU_TKY(?4STYoqsyFF(5`A}rN;jCB6x~og
z5b|CCnfyZj?Le{Ype?!-mHHO8a!3Tje*m3EiWX9ykLR?Ab`3(`>~v$b<dgbtqb(J2
z<8W*-sD6(T$rt!2en05A2XbkPZmn@ZRHNH%Zq_4B*F^L4$xG>oFLcSfv&L?U;^Lmo
z)4U49u_~;VU(N5kE>3I~s#S)1sfzk|C~7C`4p7|@`5Cqa=jC^#f}gQg@kym_Y*WgZ
zg1;!+vT82MfeWJ215}IPPNL=l`qi?njocj?h`G>7m(Zxv6LFAZ9FThzR1bi)W)4CF
zPOv`Xq<iQ|og(%JY*CM?JF&I31RdIfRP!Y|_!0Iz+WaJY5m!6j&4qJWsO|x4{9bi(
zkWK~wo0_&`zvD)p5uRJLJp8EjMcN0#DV4STejV7yuqW-XQ6GOF<1sL1kNmUO*Mr{l
z0`?LXr(cw6K1aoQMYgs5IO@z^+o)9q-?%2xeT+;T*G8-y6)>CwRvX{fr4O)DJfjDn
zDvN~UbP^5+Z7yz>T=<YB%~q!5+&?Xtt?Y8;vfa4aWwLVIM&Fn5fNL$Q#Clf&+k?Gi
z*^5IYzlP)VeZ9;5gnTQuC6ecUnrU=7R{FU}dB!G|q0x*t7eX{Zli`R<*y725JF1&!
zr*yO5DF&!57=8e9Am*CL=dJR9Qx?+@<Z&>L@I}<PVok<>pRi|JMGAw5JrVK`hHr!U
z?UWvA{w?`FX5*|*KasG(sdV?0WObyC;*e*JcGa#+WW;dXle4e=lEJ-TotmPvmxJk5
z!1T>f2N}bt9-?*ZII3P++kZ9G#A03Im6_CtU%i`JYpxjD>`%yxVB%J6R7@m>ckRQ9
z%qKIZ?_GZMushzw`b=-6KeK{0tW&_=MpO_-iE5&jP&{DIXMla3m?m`6H}gm2t<YDk
z(ETg)%`5bhl-}@f(miBoO9Ok9SSoab<Vj+hm?28sVD}R(#9(HMA(9)@!R{b>2@!jS
z)<I(0NpZwHq3B@e5$lLz!X{eu1_~shhv+BH6T`%iivlRIpZJ>OL$vl1*NF<^EODM#
zYDP395X~(4j*z_Ecga4v+}^M(AhCR7nSK5-b_YGn{}ovE7`u0c9Z27}nm&GFhKd{|
TmQGYp@*p8jME~xvkpcV-S+M*2

diff --git a/uvm32/uvm32.c b/uvm32/uvm32.c
index c1ccba0..536a7b7 100644
--- a/uvm32/uvm32.c
+++ b/uvm32/uvm32.c
@@ -16,8 +16,9 @@
 // On an invalid operation, an error is set in uvm32_state_t, but a valid pointer still needs to be temporarily used
 static uint32_t garbage;
 
-// magic value for stack canary
-#define STACK_CANARY_VALUE 0x42
+#ifdef UVM32_STACK_PROTECTION
+#define STACK_CANARY_VALUE 0x42 // magic value for stack canary
+#endif
 
 #ifndef UVM32_MEMCPY
 #define UVM32_MEMCPY uvm32_memcpy
@@ -101,8 +102,9 @@ bool uvm32_load(uvm32_state_t *vmst, const uint8_t *rom, int len) {
     }
 
     UVM32_MEMCPY(vmst->_memory, rom, len);
+#ifdef UVM32_STACK_PROTECTION
     vmst->_stack_canary = (uint8_t *)NULL;
-    
+#endif
     return true;
 }
 
@@ -207,11 +209,13 @@ uint32_t uvm32_run(uvm32_state_t *vmst, uvm32_evt_t *evt, uint32_t instr_meter)
         orig_instr_meter = min_instrs;
     }
 
+#ifdef UVM32_STACK_PROTECTION
     if (vmst->_stack_canary != NULL && *vmst->_stack_canary != STACK_CANARY_VALUE) {
         setStatusErr(vmst, UVM32_ERR_INTERNAL_CORE);
         setup_err_evt(vmst, evt);
         return orig_instr_meter - instr_meter;
     }
+#endif
 
     if (vmst->_status != UVM32_STATUS_PAUSED) {
         setStatusErr(vmst, UVM32_ERR_NOTREADY);
@@ -243,6 +247,7 @@ uint32_t uvm32_run(uvm32_state_t *vmst, uvm32_evt_t *evt, uint32_t instr_meter)
                         setStatus(vmst, UVM32_STATUS_ENDED);
                     break;
                     case UVM32_SYSCALL_STACKPROTECT: {
+#ifdef UVM32_STACK_PROTECTION
                         // don't allow errant code to change it once set
                         if (vmst->_stack_canary == (uint8_t *)NULL) {
                             uint32_t param0 = vmst->_core.regs[10]; // a0
@@ -263,6 +268,7 @@ uint32_t uvm32_run(uvm32_state_t *vmst, uvm32_evt_t *evt, uint32_t instr_meter)
                                 *vmst->_stack_canary = STACK_CANARY_VALUE;
                             }
                         }
+#endif
                     } break;
                     default:
                         // user defined syscalls
diff --git a/uvm32/uvm32.h b/uvm32/uvm32.h
index 1027686..51a207e 100644
--- a/uvm32/uvm32.h
+++ b/uvm32/uvm32.h
@@ -118,7 +118,9 @@ typedef struct {
     struct MiniRV32IMAState _core;          /*! CPU registers */
     uint8_t _memory[UVM32_MEMORY_SIZE];     /*! Memory */
     uvm32_evt_t _ioevt;                     /*! Event to be returned on next pause */
+#ifdef UVM32_STACK_PROTECTION
     uint8_t *_stack_canary;                 /*! Location of stack canary */
+#endif
     uint8_t *_extram;                       /*! External RAM pointer, or NULL */
     uint32_t _extramLen;                    /*! Length of external RAM */
     bool _extramDirty;                      /*! Flag to indicate VM code has modified extram since last run */