From: James Bottomley <James.Bottomley@steeleye.com>
To: Randolph Chung <randolph@tausq.org>
Cc: James Bottomley <James.Bottomley@SteelEye.com>,
parisc-linux@lists.parisc-linux.org
Subject: Re: [parisc-linux] 2.5 randomly kills applications with page faults
Date: Fri, 20 Dec 2002 16:12:37 -0600 [thread overview]
Message-ID: <200212202212.gBKMCbv08741@localhost.localdomain> (raw)
In-Reply-To: Message from Randolph Chung <randolph@tausq.org> of "Wed, 18 Dec 2002 09:02:55 PST." <20021218170254.GM19331@tausq.org>
[-- Attachment #1: Type: text/plain, Size: 1192 bytes --]
randolph@tausq.org said:
> that's what i thought too, so i went through entry.S as well to see
> what i can find. haven't found anything yet :(
OK, I think I found the cause of this and the solution.
The cause is in syscall.S in linux_gateway_entry. Some person (herinafter
referred to as "the guilty party") added a patch to store the user stack on
the kernel stack temporarily before stashing it correctly in the user pt_regs:
STREG %r1,0(%r30) /* Stick r1 (usp) here for now */
The problem is that they forgot to increment the stack pointer. Thus, if we
take an interruption between this instruction and the corresponding retrieval,
the value can be trashed.
The fix is simple: increment the stack pointer. I chose 16 to preserve every
alignment I can think of is that also safe for 64 bit?
With this fix, my system seems fairly solid. It survives my bitkeeper and
stress tests so far (about 30 min) previously it always collapsed within a few
minutes.
James
P.S. After this little debug frenzy, I don't personally care if I ever see
another line of parisc assembly again, so if another obscure register trashing
problem turns up, my good deed is done...
James
[-- Attachment #2: tmp.diff --]
[-- Type: text/plain , Size: 809 bytes --]
===== arch/parisc/kernel/syscall.S 1.5 vs edited =====
--- 1.5/arch/parisc/kernel/syscall.S Fri Nov 29 04:31:54 2002
+++ edited/arch/parisc/kernel/syscall.S Fri Dec 20 15:46:40 2002
@@ -94,6 +94,7 @@
mtsp %r0,%sr7 /* get kernel space into sr7 */
STREG %r1,0(%r30) /* Stick r1 (usp) here for now */
+ ldo 16(%r30),%r30
mfctl %cr30,%r1 /* get task ptr in %r1 */
LDREG TI_TASK(%r1),%r1
@@ -104,7 +105,8 @@
PSW value is stored. This is needed for gdb and sys_ptrace. */
STREG %r0, TASK_PT_PSW(%r1)
STREG %r2, TASK_PT_GR2(%r1) /* preserve rp */
- LDREG 0(%r30), %r2 /* get users sp back */
+ LDREG -16(%r30), %r2 /* get users sp back */
+ ldo -16(%r30), %r30
STREG %r2, TASK_PT_GR30(%r1) /* ... and save it */
STREG %r19, TASK_PT_GR19(%r1)
STREG %r20, TASK_PT_GR20(%r1)
next prev parent reply other threads:[~2002-12-20 22:12 UTC|newest]
Thread overview: 12+ messages / expand[flat|nested] mbox.gz Atom feed top
2002-12-18 16:37 [parisc-linux] 2.5 randomly kills applications with page faults James Bottomley
2002-12-18 17:02 ` Randolph Chung
2002-12-20 22:12 ` James Bottomley [this message]
2002-12-20 22:19 ` John David Anglin
2002-12-20 22:37 ` Grant Grundler
2002-12-22 7:11 ` Grant Grundler
2002-12-22 10:17 ` Helge Deller
2002-12-22 16:35 ` James Bottomley
2002-12-21 1:38 ` Grant Grundler
2002-12-21 1:46 ` James Bottomley
2002-12-21 4:34 ` Grant Grundler
2002-12-21 5:03 ` James Bottomley
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=200212202212.gBKMCbv08741@localhost.localdomain \
--to=james.bottomley@steeleye.com \
--cc=parisc-linux@lists.parisc-linux.org \
--cc=randolph@tausq.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox