Date: Wed, 18 Apr 2001 12:55:46 -0700 (PDT) From: John Baldwin <jhb@FreeBSD.org> To: Doug Rabson <dfr@nlsystems.com> Cc: cvs-committers@FreeBSD.org, cvs-all@FreeBSD.org Subject: Re: cvs commit: src/sys/alpha/alpha exception.s Message-ID: <XFMail.010418125546.jhb@FreeBSD.org> In-Reply-To: <Pine.BSF.4.33.0104182039190.55816-100000@salmon.nlsystems.com>
next in thread | previous in thread | raw e-mail | index | archive | help
On 18-Apr-01 Doug Rabson wrote: > On Wed, 18 Apr 2001, John Baldwin wrote: > >> >> On 18-Apr-01 Doug Rabson wrote: >> > On Wed, 18 Apr 2001, John Baldwin wrote: >> > >> >> jhb 2001/04/18 10:17:55 PDT >> >> >> >> Modified files: >> >> sys/alpha/alpha exception.s >> >> Log: >> >> Back out the previous revision as it causes random sig 11's to userland >> >> processes until a better fix is found. >> > >> > I can see several possible races here. For instance, if an interrupt >> > happened partway through restoring registers trying to return to userland, >> > we could corrupt the user's t7 pretty easily. >> > >> > I can't quite think of the correct solution yet though. >> >> Oh, we share the same stack frame for user and kernel returns? Oh yuck. >> I can hack around that by raising the IPL in Lkernelret before changing t7, >> but >> if we use the same stackframe how do interrupts in the kernel work at all >> w/o >> trashing the user frame? > > Of course we have to use the kernel stack for all exceptions. The user > stack might not even be a valid virtual address. We could raise the IPL > before saving or restoring but it just seems like such a hack. I still > haven't thought of a better fix though. Ok, I've read more of exception.s and my head feels better, sort of. The problem with t7 being that we might get an interrupt after we restore the registers and thus we trash the t7 right before the rti PAL call? Hmmm. I think we only need to raise the IPL just before we do the bsr to exception_restore_regs(), so it would only be raised for the length of the register restore and the call_pal. I wonder if x86 has the same race condition with %fs. We might need to be doing a 'cli' in doreti_exit just before we pop %fs. -- John Baldwin <jhb@FreeBSD.org> -- http://www.FreeBSD.org/~jhb/ PGP Key: http://www.baldwin.cx/~john/pgpkey.asc "Power Users Use the Power to Serve!" - http://www.FreeBSD.org/ To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe cvs-all" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?XFMail.010418125546.jhb>