From owner-freebsd-hackers Thu Nov 15 16:54:41 2001 Delivered-To: freebsd-hackers@freebsd.org Received: from mail5.speakeasy.net (mail5.speakeasy.net [216.254.0.205]) by hub.freebsd.org (Postfix) with ESMTP id 0F70337B41B for ; Thu, 15 Nov 2001 16:54:30 -0800 (PST) Received: (qmail 28277 invoked from network); 16 Nov 2001 00:54:28 -0000 Received: from unknown (HELO laptop.baldwin.cx) ([64.81.54.73]) (envelope-sender ) by mail5.speakeasy.net (qmail-ldap-1.03) with SMTP for ; 16 Nov 2001 00:54:28 -0000 Message-ID: X-Mailer: XFMail 1.4.0 on FreeBSD X-Priority: 3 (Normal) Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 8bit MIME-Version: 1.0 In-Reply-To: Date: Thu, 15 Nov 2001 16:54:27 -0800 (PST) From: John Baldwin To: Daniel Eischen Subject: Re: Using bit 21 of EFLAGS in user-mode [was: Re: sigreturn: efl Cc: Maxim Sobolev , marcus@marcuscom.com, freebsd-ports@FreeBSD.org, hackers@FreeBSD.org Sender: owner-freebsd-hackers@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG On 16-Nov-01 Daniel Eischen wrote: > On Thu, 15 Nov 2001, John Baldwin wrote: >> On 15-Nov-01 Daniel Eischen wrote: >> > On Thu, 15 Nov 2001, Maxim Sobolev wrote: >> >> On Thu, 15 Nov 2001 14:56:31 -0500 (EST), Joe Clarke wrote: >> >> > >> >> > I learned about this by reading through some of the -hackers archives. >> >> > One person complained of similar errors trying to get xine to work on >> >> > FreeBSD. Removing the MMX detection code fixed it. I remembered >> >> > libpng >> >> > also used MMX, so I removed the pnggccrd.c source, and voila! >> >> > >> >> > Based on core dumps, strace output, and a lot of code surfing, this >> >> > makes >> >> > sense to me. Basically, any png-dependent app's thread that runs >> >> > longer >> >> > than what ITIMER_PROF is set to gets hit with a SIGPROF. When that >> >> > happens, things context switch. eflags must have been corrupted by the >> >> > MMX code, thus sigreturn() bombs out, and causes uthread_kern to die as >> >> > well. Here's what strace looks like when balsa tries to read a 33 MB >> >> > mailbox: >> >> > >> >> > 74202 sigreturn(0x81f2c64 >> >> > >> >> > When this happens, strace politely dies with a bus error. >> >> > >> >> > Thanks for testing this, Maxim. Hopefully someone can find the problem >> >> > and fix it for good. >> >> >> >> That explains... After a quick glance at png code I found that >> >> the only place where EFLAGS is altered is CPUID code, where >> >> the library flips bit 21 of EFLAGS in order to ensure that the >> >> CPUID instruction is supported (otherwise it will get SIGILL >> >> on older processors). Unfortunately, for some reason FreeBSB >> > >> > Does it need to keep bit 21 of EFLAGS flipped, or can libpng >> > set it back and keep knowledge that CPUID is supported? Or >> > does that bit need to remain set for CPUID to work? >> >> It needs to be able to change it. If you can change the value of the bit >> (done >> by pushf ; pop %eax ; mov %eax,%ebx ; xor $PSL_ID,%eax ; push %eax ; popf ; >> pushf ; pop %eax ; compare bit PSL_ID of eax ebx to see if they match). >> The problem is if a signal comes in during the middle of that bit toggling >> due >> to a profiling timer. I think the problem may be that it uses a sequence >> that >> leaves the bit set, thus the kernel freaks out thinking that the user has >> changed a kernel only flag. The solution is Maxim's patch to make the >> kernel >> not care about the flag (which it shouldn't since cpuid is not a privileged >> instruction). > > I just thought perhaps libpng could do something like: > > static int init_done = 0; > static int cpuid_supported = 0; > > ... > > if (init_done == 0) { > block_all_sigs(); > cpuid_supported = check_cpuid(); > init_done = 1; > unblock_sigs(); > } > > But if it always needs to change the bit, I guess the above doesn't help. No, that's correct. The problem is the check_cpuid() function left the state of the PSL_ID flag bit changed. :) So you need to change the check_cpuid() to include a wrapper to save/restore the flags. Maxim just committed a change to do this. I'm not sure if he included the signal blocking though. -- John Baldwin <>< http://www.FreeBSD.org/~jhb/ "Power Users Use the Power to Serve!" - http://www.FreeBSD.org/ To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-hackers" in the body of the message