On Tue, Nov 26, 2002 at 01:55:30PM +0000, David Laight wrote:
> I'm not exactly sure which access debug register dr0 is set to
> trap on - but it will only trap on a 4 byte range so isn't a
> fat lot of use for checking stack overflow.
> 
> I also suspect that if NOREDZONE is defined, it is set to trap
> on writes to the start of struct user, not 2 pages into a 4 page
> stack.
> 
> This stack overflow detect code looks badly stuffed :-)
> I would have:
> - switched 'struct user' to the upper end of the allocated pages
> - allocated 3 pages of address space, but only mapped physical
>   memory to the latter 2.
> - if the kernel traps on the third (ie lowest) page report a
>   stack overflow.
>   (this might mean having a page of physical memory reserved.
>   - I presume the x86 interrupt scheme allows for faults
>   on the kernel stack...

Putting the KSTACK_CHECK_DR0 on the 1.6 branch makes some sense.
However, for -current it isn't needed anymore, and it should
probably be removed.

What I did in -current is put an unmapped page below the kernel
stack, and make sure that double faults are caught correctly
(i.e. on a seperate stack). So, if you run out of kernel stack,
you'll see a 'double fault', and you'll drop into DDB, as would
happen for all other fatal faults. Previously this would
cause a triple fault (the 'spontaneous reboot' phenomenon).

- Frank

-- 
Frank van der Linden                                    fvdl@wasabisystems.com
==============================================================================
Quality NetBSD Development, Support & Service.   http://www.wasabisystems.com/