Date: Thu, 12 Feb 2009 16:01:58 -0600 (CST) From: Mark Tinguely <tinguely@casselton.net> To: freebsd-arm@freebsd.org Subject: thread0.td_frame overwritten in cpu_startup() Message-ID: <200902122201.n1CM1wbK018744@casselton.net>
next in thread | raw e-mail | index | archive | help
on startup, the initarm() sets the thread0.td_frame to a local trapframe structure. in arm/ARCH/ARCH_machdep.c thread0.td_frame = &proc0_tf; But cpu_startup() in arm/arm/machdep.c overwrites it with a value at the end of the kernel stack. unfortunately, that space is also used by the thread0 pcb structure. in arm/ARCH/ARCH_machdep.c thread0.td_pcb = (struct pcb *) (thread0.td_kstack + KSTACK_PAGES * PAGE_SIZE) - 1 in arm/arm/machdep.c pcb->un_32.pcb32_sp = (u_int)thread0.td_kstack + USPACE_SVC_STACK_TOP; note: USPACE_SVC_STACK_TOP is defined as KSTACK_PAGES * PAGE_SIZE, so this is the top of the kernel stack. thread0.td_frame = (struct trapframe *)pcb->un_32.pcb32_sp - 1; This td_frame assignment in arm/arm/machdep.c should be removed. Not only did it overwrite a perfectly good trapframe, it overwrited it with memory that is shared with the pcb. --Mark Tinguely.
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200902122201.n1CM1wbK018744>