From owner-freebsd-current@FreeBSD.ORG  Fri Aug  1 15:44:15 2003
Return-Path: <owner-freebsd-current@FreeBSD.ORG>
Delivered-To: freebsd-current@freebsd.org
Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125])
	by hub.freebsd.org (Postfix) with ESMTP
	id 4BECF37B401; Fri,  1 Aug 2003 15:44:15 -0700 (PDT)
Received: from freefall.freebsd.org (freefall.freebsd.org [216.136.204.21])
	by mx1.FreeBSD.org (Postfix) with ESMTP
	id DE5FF43FDF; Fri,  1 Aug 2003 15:44:14 -0700 (PDT)
	(envelope-from davidxu@FreeBSD.org)
Received: from localhost (davidxu@localhost [127.0.0.1])
	by freefall.freebsd.org (8.12.9/8.12.9) with ESMTP id h71MiCUp097734;
	Fri, 1 Aug 2003 15:44:13 -0700 (PDT)
	(envelope-from davidxu@FreeBSD.org)
From: David Xu <davidxu@FreeBSD.org>
To: Munish Chopra <mchopra@engmail.uwaterloo.ca>, current@FreeBSD.org
Date: Sat, 2 Aug 2003 06:47:18 +0800
User-Agent: KMail/1.5.2
References: <20030801215529.GA745@tybalt> <20030801222027.GA921@tybalt>
	<20030801222411.GE667@opiate.soulwax.net>
In-Reply-To: <20030801222411.GE667@opiate.soulwax.net>
MIME-Version: 1.0
Content-Type: text/plain;
  charset="iso-8859-1"
Content-Transfer-Encoding: 7bit
Content-Disposition: inline
Message-Id: <200308020647.18039.davidxu@FreeBSD.org>
Subject: Re: NVidia glx stuff dies in sysarch(I386_SET_LDT, ...)
X-BeenThere: freebsd-current@freebsd.org
X-Mailman-Version: 2.1.1
Precedence: list
Reply-To: davidxu@FreeBSD.org
List-Id: Discussions about the use of FreeBSD-current
	<freebsd-current.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-current>,
	<mailto:freebsd-current-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-current>
List-Post: <mailto:freebsd-current@freebsd.org>
List-Help: <mailto:freebsd-current-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-current>,
	<mailto:freebsd-current-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Fri, 01 Aug 2003 22:44:15 -0000

On Saturday 02 August 2003 06:24, Munish Chopra wrote:
> On 2003-08-02 00:20 +0200, Thorsten Greiner wrote:
> > * Daniel Eischen <eischen@vigrid.com> [2003-08-02 00:06]:
> > > I think the bug was in the old code allowing this to
> > > happen...
> >
> > Well, than someone should tell that to NVidia. Their driver is
> > closed source and comes without "user servicable parts".
> >
> > Regards
> >         -Thorsten
>
> That's going to be a lot easier to get through if someone can confirm
> whether 0-16 are reserved, or whether (like julian says), 6-15 are
> actually safe and something else is being clobbered.

#define LSYS5CALLS_SEL  0       /* forced by intel BCS */
#define LSYS5SIGR_SEL   1
#define L43BSDCALLS_SEL 2       /* notyet */
#define LUCODE_SEL      3
#define LSOL26CALLS_SEL 4       /* Solaris >= 2.6 system call gate */
#define LUDATA_SEL      5
/* separate stack, es,fs,gs sels ? */
/* #define      LPOSIXCALLS_SEL 5*/     /* notyet */
#define LBSDICALLS_SEL  16      /* BSDI system call gate */
#define NLDT            (LBSDICALLS_SEL + 1)

LUCODE_SEL is used by kernel to load _ucodesel to user %cs
LUDATA_SEL is used by kernel to load _udatasel to user %ds, %es, %fs, %gs.
I didn't check other ABIs, but setting to a fixed location of LDT in userland
is also a bad idea, I think it will conflict with thread library soon,
it is better to use dynamic allocating facility newly added in i386_set_ldt.

David Xu