Add additional checks of the kernel stack addresses in order to

ensure we don't overrun the end of the call chain.

MFC after:	1 week

1 files changed, 11 insertions, 3 deletions

diff --git a/sys/sun4v/sun4v/stack_machdep.c b/sys/sun4v/sun4v/stack_machdep.c
index e29ce88..6b91dc1 100644
--- a/sys/sun4v/sun4v/stack_machdep.c
+++ b/sys/sun4v/sun4v/stack_machdep.c
@@ -36,20 +36,28 @@ __FBSDID("$FreeBSD$");
 #include <machine/stack.h>
 #include <machine/vmparam.h>
 
-static void stack_capture(struct stack *st, struct frame *fp);
+static void stack_capture(struct stack *st, struct frame *frame);
 
 static void
-stack_capture(struct stack *st, struct frame *fp)
+stack_capture(struct stack *st, struct frame *frame)
 {
+	struct frame *fp;
 	vm_offset_t callpc;
 
 	stack_zero(st);
-	while (1) {
+	fp = frame;
+	for (;;) {
+		if (!INKERNEL((vm_offset_t)fp) ||
+		    !ALIGNED_POINTER(fp, uint64_t))
+                        break;
 		callpc = fp->fr_pc;
 		if (!INKERNEL(callpc))
 			break;
 		if (stack_put(st, callpc) == -1)
 			break;
+		if (v9next_frame(fp) <= fp ||
+		    v9next_frame(fp) >= frame + KSTACK_PAGES * PAGE_SIZE)
+			break;
 		fp = v9next_frame(fp);
 	}
 }