![]() ![]() ![]() The only thing the kernel can do at that point is die a painful death. The reason that this is a double-fault is that the CPU tries to build an exception record on the stack for transfer to the exception handler, and when it tries to push the record on to the overflowed stack, it faults again. If you use more than 12K of stack, you’ll hit a guard page, which probably means an instant double-fault bluescreen. My guess is that Microsoft increased the kernel stack size on Windows 2000 because of the deeper layering of drivers brought about by WDM (more on that in a sec). Believe it or not, this is bigger than it used to be – it was 8K in NT4 and previous. It is usually 3 pages or so, which means 12k on X86. There are a few intersting issues in play here for kernel-mode developers. Today I think I’ll talk a bit about the kernel-mode stack. The good news is that I’m having fun writing it! If this post seems, well, a little druk - that’s why. Somehow, I managed to catch a cold this weekend, and can already feel the NyQuil starting to kick in.
0 Comments
Leave a Reply. |