On i86 and other CISC platforms; although with i86 we can have a double
fault handler which is a task gate to a process with another PL0 stack.
On RISC boxen, where you have a linkage register containing the function
return address, the stack is implemented entirely in software. There's
nothing stopping the fault handler from seeing if the one it's servicing
is due to a page fault in the kernel, in the page below the current end
of stack, and either switching to a temporary stack and invoking a 'C'
handler or invoking the normal handler directly.
>And you could maybe handle it by having a double
>fault handler that switches to another process, but quite frankly I
>doubt that would work out very well either.
>
>(If I remember correctly, then double faults don't work correctly on
>early 386's, and this would also complicate the stack handling a lot in
>any case).
We have i486 specific compilation.
>It is way too painful to do in practice - you _really_ don't want to
>have the stack disappear from under you in kernel mode and try to fix it
>up with a fault handler (it's not likely to be even possible in theory
>on all architectures).
I'll conceed that it's non-portable, painful, and shouldn't buy us anything
(kernel stack overflows are indicative of programming errors) with respect
to normal operation; although it's technically possible on i86 and all of
the RISC architectures I've played with, and IMHO (no, I'm not volunteering)
possible to do with a minimal amount of machine specific code.
-- You too can commit two felonies by using this .sig: Eat bite fuck suck gobble nibble chew; nipple bosum hairpie finger-fuck screw moose-piss cat-pud orangutan-tit; sheep-pussy camel-crack pig-a-lie-in-shit