Date: Wed, 2 Oct 2013 13:51:56 GMT From: Robert Watson <rwatson@FreeBSD.org> To: Perforce Change Reviews <perforce@FreeBSD.org> Subject: PERFORCE change 931244 for review Message-ID: <201310021351.r92Dpu0e020049@skunkworks.freebsd.org>
index | next in thread | raw e-mail
http://p4web.freebsd.org/@@931244?ac=10 Change 931244 by rwatson@rwatson_zenith_cl_cam_ac_uk on 2013/10/02 13:51:29 Shrink PCB-embedded trusted stack down to 2 entries from 10 for now; growth of the PCB shrunk the available kernel stack sufficiently to cause deeply nested VM paths to overflow. In the case I encountered, triggered by a userspace NULL-pointer dereference, found the following on a manually unwound stack: user null pointer deref -> vm -> signal delivery -> coredump -> vfs -> page fault -> vm page filling -> interrupt delivery -> timer code -> sleepq processing -> <boom> Where <boom> consisted of taking a TLB invalid fault on the guard page and then keeling over. It would be helpful if (a) DDB's stack trace code on MIPS could walk past exceptions rather than requiring manual unwinding, and (b) code detecting stack overflow didn't promptly overwrite the register state required to debug it. In the longer term we'll need to move the TSC elsewhere. We may also want to grow the default MIPS kernel stack for 64-bit somewhat as even before my change, it came very close to the limit. Affected files ... .. //depot/projects/ctsrd/cheribsd/src/sys/mips/include/cheri.h#24 edit Differences ... ==== //depot/projects/ctsrd/cheribsd/src/sys/mips/include/cheri.h#24 (text+ko) ==== @@ -118,7 +118,7 @@ struct chericap csf_idc; }; -#define CHERI_STACK_DEPTH 10 /* XXXRW: 10 is a nice round number. */ +#define CHERI_STACK_DEPTH 2 /* XXXRW: 2 is a nice round number. */ struct cheri_stack { u_int cs_max; /* Maximum frame depth. */ u_int cs_pointer; /* Current frame index. */help
Want to link to this message? Use this
URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?201310021351.r92Dpu0e020049>