Date: Thu, 13 Jan 2005 21:07:04 GMT From: John Baldwin <jhb@FreeBSD.org> To: Perforce Change Reviews <perforce@freebsd.org> Subject: PERFORCE change 68938 for review Message-ID: <200501132107.j0DL74Ov010613@repoman.freebsd.org>
next in thread | raw e-mail | index | archive | help
http://perforce.freebsd.org/chv.cgi?CH=68938 Change 68938 by jhb@jhb_slimer on 2005/01/13 21:06:03 cpu_exit() cleaning inspired by sparc64 use-after-free bug: - Remove stale comment (alpha, powerpc) - Drop redundant dbregs drop (i386, amd64) - Note that fp state should probably be per thread (alpha, ia64) Affected files ... .. //depot/projects/smpng/sys/alpha/alpha/vm_machdep.c#37 edit .. //depot/projects/smpng/sys/amd64/amd64/vm_machdep.c#22 edit .. //depot/projects/smpng/sys/i386/i386/vm_machdep.c#59 edit .. //depot/projects/smpng/sys/ia64/ia64/vm_machdep.c#44 edit .. //depot/projects/smpng/sys/powerpc/powerpc/vm_machdep.c#40 edit Differences ... ==== //depot/projects/smpng/sys/alpha/alpha/vm_machdep.c#37 (text+ko) ==== @@ -224,17 +224,15 @@ td->td_pcb->pcb_context[2] = (u_long) arg; } -/* - * cpu_exit is called as the last action during exit. - * We release the address space of the process, block interrupts, - * and call switch_exit. switch_exit switches to proc0's PCB and stack, - * then jumps into the middle of cpu_switch, as if it were switching - * from proc0. - */ void cpu_exit(struct thread *td) { + /* + * XXX: Should this be in thread_exit instead? If so, + * alpha_fpstate_save() should be in cpu_set_upcall() + * as well. + */ alpha_fpstate_drop(td); } ==== //depot/projects/smpng/sys/amd64/amd64/vm_machdep.c#22 (text+ko) ==== @@ -185,13 +185,6 @@ void cpu_exit(struct thread *td) { - struct pcb *pcb = td->td_pcb; - - if (pcb->pcb_flags & PCB_DBREGS) { - /* disable all hardware breakpoints */ - reset_dbregs(); - pcb->pcb_flags &= ~PCB_DBREGS; - } } void ==== //depot/projects/smpng/sys/i386/i386/vm_machdep.c#59 (text+ko) ==== @@ -295,8 +295,6 @@ cpu_exit(struct thread *td) { struct mdproc *mdp; - struct pcb *pcb = td->td_pcb; - /* Reset pc->pcb_gs and %gs before possibly invalidating it. */ mdp = &td->td_proc->p_md; @@ -307,18 +305,13 @@ user_ldt_free(td); } else mtx_unlock_spin(&sched_lock); - - if (pcb->pcb_flags & PCB_DBREGS) { - /* disable all hardware breakpoints */ - reset_dbregs(); - pcb->pcb_flags &= ~PCB_DBREGS; - } } void cpu_thread_exit(struct thread *td) { struct pcb *pcb = td->td_pcb; + #ifdef DEV_NPX if (td == PCPU_GET(fpcurthread)) npxdrop(); ==== //depot/projects/smpng/sys/ia64/ia64/vm_machdep.c#44 (text+ko) ==== @@ -297,6 +297,7 @@ cpu_exit(struct thread *td) { + /* XXX: Should this be in cpu_thread_exit() instead? */ /* Throw away the high FP registers. */ ia64_highfp_drop(td); } ==== //depot/projects/smpng/sys/powerpc/powerpc/vm_machdep.c#40 (text+ko) ==== @@ -182,13 +182,6 @@ cf->cf_arg0 = (register_t)arg; } -/* - * cpu_exit is called as the last action during exit. - * We release the address space of the process, block interrupts, - * and call switch_exit. switch_exit switches to proc0's PCB and stack, - * then jumps into the middle of cpu_switch, as if it were switching - * from proc0. - */ void cpu_exit(td) register struct thread *td;
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200501132107.j0DL74Ov010613>