Author: kib
Date: Mon Jul 11 15:52:52 2016
New Revision: 302573
URL: https://svnweb.freebsd.org/changeset/base/302573
Log:
Fill tf_trapno for trap frames created for syscall.
If tf_trapno contains garbage which appears to be equal to T_NMI,
e.g. due to thread previously entered kernel due to NMI, doreti
sequence skips ast, and does so until a trap or hardware interrupt
occur.
The visible effects of the issue are quite confusing. First, signals
delivery is postponed in observable ways. In particular, the
guarantee that unblocked async signals queue is flushed before a
return from syscall, is broken. Second, if there are pending signals,
all interruptible sleeps of the stuck thread are aborted immediately.
Since modern CPUs are relatively fast and tickless kernel generates
low interrupt rate, the faulty condition might exist for long time (in
an application time scale).
In collaboration with: pho
Sponsored by: The FreeBSD Foundation
MFC after: 1 week
Modified:
head/sys/i386/i386/exception.s
Modified: head/sys/i386/i386/exception.s
==============================================================================
--- head/sys/i386/i386/exception.s Mon Jul 11 15:50:06 2016
(r302572)
+++ head/sys/i386/i386/exception.s Mon Jul 11 15:52:52 2016
(r302573)
@@ -234,7 +234,7 @@ IDTVEC(lcall_syscall)
pushfl /* save eflags */
popl 8(%esp) /* shuffle into tf_eflags */
pushl $7 /* sizeof "lcall 7,0" */
- subl $4,%esp /* skip over tf_trapno */
+ pushl $0 /* tf_trapno */
pushal
pushl $0
movw %ds,(%esp)
@@ -263,7 +263,7 @@ IDTVEC(lcall_syscall)
SUPERALIGN_TEXT
IDTVEC(int0x80_syscall)
pushl $2 /* sizeof "int 0x80" */
- subl $4,%esp /* skip over tf_trapno */
+ pushl $0 /* tf_trapno */
pushal
pushl $0
movw %ds,(%esp)
_______________________________________________
svn-src-all@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/svn-src-all
To unsubscribe, send any mail to "svn-src-all-unsubscr...@freebsd.org"
