Triple Fault: Difference between revisions

Things never to do in an OS #1: Swap out the page swapping code (triple-fault here we come)

—Kemp

Causes

When a fault occurs, the CPU invokes an exception handler. If a fault occurs while running the exception handler, that's called a double fault, which the CPU tries to handle with yet another exception handler. If that results in a fault, too, the system reboots.

This is usually a sign that the exception handler called is faulty, or worse, that the whole exception handling in your system is screwed up. (LDT or GDT issues, bogus pointers or faulty memory mappings are frequent offenders.)

Another frequent cause of triple faults is a kernel stack overflow. If the stack reaches an invalid page (one with its present bit clear), a page fault is generated. However, the CPU faults while trying to push the exception information on to the stack, so a double fault is generated. The same problem still exists so a triple fault is generated.

Avoiding

The cleanest way to handle this is to provide a separate TSS for double faults and to use a task gate for that kind of exceptions. Try to keep that Task as simple as possible, and give it a dedicated stack segment and pointers.

• display "double fault" panic message
• try to get the "faulty status" from the backlinked TSS
• display that status (registers, etc)
• halt.

There's virtually no way to resume from a double fault. At least it will give you the opportunity of checking system status before it resets.

On the AMD64/Intel EM64T architecture, task gates are not valid in 64-bit long mode. The same effect can be achieved through the Interrupt Stack Table bits in the IDT entry. See the Intel manuals for more information.