Opened 10 years ago
Closed 10 years ago
#605 closed defect (fixed)
PREEMPTIBLE_HANDLER_KERNEL needs to spill uspace windows to uspace wbuf
Reported by: | Jakub Jermář | Owned by: | Jakub Jermář |
---|---|---|---|
Priority: | major | Milestone: | 0.7.0 |
Component: | helenos/kernel/sparc64 | Version: | mainline |
Keywords: | sun4v | Cc: | rimskyp@… |
Blocker for: | Depends on: | ||
See also: |
Description
PREEMPTIBLE_HANDLER_KERNEL checks the value of the CANSAVE register to see whether the imminent SAVE instruction would generate a window spill trap or not. If CANSAVE is zero, it uses the INLINE_SPILL macro to spill a register window without generating the spill trap. INLINE_SPILL assumes a kernel window, but it is also possible to have a uspace window at this point. In this case, INLINE_SPILL will wrongly interpret the window's uspace stack address as a kernel stack address, leading to a random memory corruption.
It is therefore necessary to also check the value in the OTHERWIN register to see whether the spilled window would be a uspace window. In such case, INLINE_SPILL_TO_WBUF needs to be used instead of INLINE_SPILL to spill the uspace window to the uspace window buffer.
Change History (2)
comment:1 by , 10 years ago
Status: | new → accepted |
---|
comment:2 by , 10 years ago
Resolution: | → fixed |
---|---|
Status: | accepted → closed |
Fix merged in mainline,2297.
There is an unmerged fix for this in the CHT pre-integration branch:
http://bazaar.launchpad.net/~jakub/helenos/cht-preintegration/revision/2290