* [Linux-ia64] small but important fix for clone2()
@ 2002-02-08 3:30 David Mosberger
2002-02-09 18:45 ` David Mosberger
0 siblings, 1 reply; 2+ messages in thread
From: David Mosberger @ 2002-02-08 3:30 UTC (permalink / raw)
To: linux-ia64
There is a longstanding and silly bug in clone2() which can lead to
memory corruption. The problem is that when the user-stack area is
specified explicitly (as is the case during pthread creation),
clone2() failed to allocate the scratch space required by the calling
convention. The patch below fixes this.
Thanks to Asit Mallick for tracking this down.
--david
--- arch/ia64/kernel/process.c~ Mon Feb 4 22:38:51 2002
+++ arch/ia64/kernel/process.c Wed Feb 6 21:05:25 2002
@@ -267,7 +267,7 @@
if (user_mode(child_ptregs)) {
if (user_stack_base) {
- child_ptregs->r12 = user_stack_base + user_stack_size;
+ child_ptregs->r12 = user_stack_base + user_stack_size - 16;
child_ptregs->ar_bspstore = user_stack_base;
child_ptregs->ar_rnat = 0;
child_ptregs->loadrs = 0;
^ permalink raw reply [flat|nested] 2+ messages in thread* Re: [Linux-ia64] small but important fix for clone2()
2002-02-08 3:30 [Linux-ia64] small but important fix for clone2() David Mosberger
@ 2002-02-09 18:45 ` David Mosberger
0 siblings, 0 replies; 2+ messages in thread
From: David Mosberger @ 2002-02-09 18:45 UTC (permalink / raw)
To: linux-ia64
Thursday's patch isn't sufficient. It breaks threaded ia32 apps. The
patch below should be complete, but more testing needs to be done. At
least the x86 version of OpenOffice works again.
--david
--- arch/ia64/kernel/entry.S~ Thu Jan 24 17:16:06 2002
+++ arch/ia64/kernel/entry.S Sat Feb 9 10:41:59 2002
@@ -115,7 +115,7 @@
mov loc1=r16 // save ar.pfs across do_fork
.body
mov out1=in1
- mov out3=0
+ mov out3\x16 // stacksize (compensates for 16-byte scratch area)
adds out2=IA64_SWITCH_STACK_SIZE+16,sp // out2 = ®s
mov out0=in0 // out0 = clone_flags
br.call.sptk.many rp=do_fork
--- arch/ia64/ia32/ia32_entry.S~ Mon Nov 19 20:04:55 2001
+++ arch/ia64/ia32/ia32_entry.S Sat Feb 9 10:41:41 2002
@@ -37,7 +37,7 @@
mov loc1=r16 // save ar.pfs across do_fork
.body
zxt4 out1=in1 // newsp
- mov out3=0 // stacksize
+ mov out3\x16 // stacksize (compensates for 16-byte scratch area)
adds out2=IA64_SWITCH_STACK_SIZE+16,sp // out2 = ®s
zxt4 out0=in0 // out0 = clone_flags
br.call.sptk.many rp=do_fork
--- arch/ia64/kernel/process.c~ Mon Feb 4 22:38:51 2002
+++ arch/ia64/kernel/process.c Wed Feb 6 21:05:25 2002
@@ -267,7 +267,7 @@
if (user_mode(child_ptregs)) {
if (user_stack_base) {
- child_ptregs->r12 = user_stack_base + user_stack_size;
+ child_ptregs->r12 = user_stack_base + user_stack_size - 16;
child_ptregs->ar_bspstore = user_stack_base;
child_ptregs->ar_rnat = 0;
child_ptregs->loadrs = 0;
^ permalink raw reply [flat|nested] 2+ messages in thread
end of thread, other threads:[~2002-02-09 18:45 UTC | newest]
Thread overview: 2+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2002-02-08 3:30 [Linux-ia64] small but important fix for clone2() David Mosberger
2002-02-09 18:45 ` David Mosberger
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox