Skip site navigation (1)Skip section navigation (2) 
Date:      Sun, 13 May 2001 00:44:14 -0700 (PDT)
From:      Bruce Evans <bde@FreeBSD.org>
To:        cvs-committers@FreeBSD.org, cvs-all@FreeBSD.org
Subject:   cvs commit: src/sys/i386/i386 vm_machdep.c
Message-ID:  <200105130744.f4D7iFi60673@freefall.freebsd.org>
next in thread | raw e-mail | index | archive | help 
bde         2001/05/13 00:44:14 PDT

  Modified files:
    sys/i386/i386        vm_machdep.c 
  Log:
  Use a critical region to protect pushing of the parent's npx state to the
  pcb for fork().  It was possible for the state to be saved twice when an
  interrupt handler saved it concurrently.  This corrupted (reset) the state
  because fnsave has the (in)convenient side effect of doing an implicit
  fninit.  Mundane null pointer bugs were not possible, because we save to
  an "arbitrary" process's pcb and not to the "right" place (npxproc).
  
  Push the parent's %gs to the pcb for fork().  Changes to %gs before
  fork() were not preserved in the child unless an accidental context
  switch did the pushing.  Updated the list of pcb contents which is
  supposed to inhibit bugs like this.  pcb_dr*, pcb_gs and pcb_ext were
  missing.  Copying is correct for pcb_dr*, and pcb_ext is already
  handled specially (although XXX'ly).
  
  Reducing the savectx() call to an npxsave() call in rev.1.80 was a
  mistake.  The above bugs are duplicated in many places, including in
  savectx() itself.
  
  The arbitraryness of the parent process pointer for the fork()
  subroutines, the pcb pointer for savectx(), and the save87 pointer
  for npxsave(), is illusory.  These functions don't work "right" unless
  the pointers are precisely curproc, curpcb, and the address of npxproc's
  save87 area, respectively, although the special context in which they
  are called allows savectx(&dumppcb) to sort of work and npxsave(&dummy)
  to work.  cpu_fork() just doesn't work unless the parent process
  pointer is curproc, or the caller has pushed %gs to the pcb, or %gs
  happens to already be in the pcb.
  
  Revision  Changes    Path
  1.157     +15 -5     src/sys/i386/i386/vm_machdep.c


To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe cvs-all" in the body of the message

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200105130744.f4D7iFi60673>