Re: x86_64: Bug in new out of line put_user()
Brian, thanks for seeing this. (me goes hiding...) The labels after the last put_user patch were misplaced so exceptions on the real mov instructions would not be handled. Index: test/arch/x86_64/lib/putuser.S === --- test.orig/arch/x86_64/lib/putuser.S 2005-04-22 10:04:25.0 +0200 +++ test/arch/x86_64/lib/putuser.S 2005-04-22 10:06:29.0 +0200 @@ -49,8 +49,8 @@ jc 20f cmpq threadinfo_addr_limit(%r8),%rcx jae 20f -2: decq %rcx - movw %dx,(%rcx) + decq %rcx +2: movw %dx,(%rcx) xorl %eax,%eax ret 20:decq %rcx @@ -64,8 +64,8 @@ jc 30f cmpq threadinfo_addr_limit(%r8),%rcx jae 30f -3: subq $3,%rcx - movl %edx,(%rcx) + subq $3,%rcx +3: movl %edx,(%rcx) xorl %eax,%eax ret 30:subq $3,%rcx @@ -79,8 +79,8 @@ jc 40f cmpq threadinfo_addr_limit(%r8),%rcx jae 40f -4: subq $7,%rcx - movq %rdx,(%rcx) + subq $7,%rcx +4: movq %rdx,(%rcx) xorl %eax,%eax ret 40:subq $7,%rcx - To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to [EMAIL PROTECTED] More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
Re: x86_64: Bug in new out of line put_user()
Alexander Nyberg wrote: The new out of line put_user() assembly on x86_64 changes %rcx without telling GCC about it causing things like: http://bugme.osdl.org/show_bug.cgi?id=4515 See to it that %rcx is not changed (made it consistent with get_user()). Signed-off-by: Alexander Nyberg <[EMAIL PROTECTED]> Index: test/arch/x86_64/lib/getuser.S === --- test.orig/arch/x86_64/lib/getuser.S 2005-04-20 23:55:35.0 +0200 +++ test/arch/x86_64/lib/getuser.S 2005-04-21 00:54:16.0 +0200 @@ -78,9 +78,9 @@ __get_user_8: GET_THREAD_INFO(%r8) addq $7,%rcx - jc bad_get_user + jc 40f cmpq threadinfo_addr_limit(%r8),%rcx - jae bad_get_user + jae 40f subq $7,%rcx 4: movq (%rcx),%rdx xorl %eax,%eax Index: test/arch/x86_64/lib/putuser.S === --- test.orig/arch/x86_64/lib/putuser.S 2005-04-21 00:50:24.0 +0200 +++ test/arch/x86_64/lib/putuser.S 2005-04-21 01:02:15.0 +0200 @@ -46,36 +46,45 @@ __put_user_2: GET_THREAD_INFO(%r8) addq $1,%rcx - jc bad_put_user + jc 20f cmpq threadinfo_addr_limit(%r8),%rcx - jae bad_put_user -2: movw %dx,-1(%rcx) + jae 20f +2: decq %rcx + movw %dx,(%rcx) xorl %eax,%eax ret +20: decq %rcx + jmp bad_put_user .p2align 4 .globl __put_user_4 __put_user_4: GET_THREAD_INFO(%r8) addq $3,%rcx - jc bad_put_user + jc 30f cmpq threadinfo_addr_limit(%r8),%rcx - jae bad_put_user -3: movl %edx,-3(%rcx) + jae 30f +3: subq $3,%rcx + movl %edx,(%rcx) xorl %eax,%eax ret +30: subq $3,%rcx + jmp bad_put_user .p2align 4 .globl __put_user_8 __put_user_8: GET_THREAD_INFO(%r8) addq $7,%rcx - jc bad_put_user + jc 40f cmpq threadinfo_addr_limit(%r8),%rcx - jae bad_put_user -4: movq %rdx,-7(%rcx) + jae 40f +4: subq $7,%rcx + movq %rdx,(%rcx) xorl %eax,%eax ret +40: subq $7,%rcx + jmp bad_put_user bad_put_user: movq $(-EFAULT),%rax - This patch has a serious bug. The 2, 3 and 4 labels must be on the mov instructions in order to catch faults. -- Brian Gerst - To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to [EMAIL PROTECTED] More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
Re: x86_64: Bug in new out of line put_user()
Hello Alexander, I have other kind of problems with this patch... With 2.6.12-rc2 + your patch, when I run OpenOffice (a 32-bit application), I get this in dmesg : Unable to handle kernel paging request at 2d9280b0 RIP: {__put_user_4+32} PGD 0 Oops: 0002 [1] SMP CPU 0 Modules linked in: cpufreq_ondemand sch_sfq sch_htb ipt_CONNMARK ipt_ipp2p ipt_connmark ipt_mark ipt_tos ipt_length ipt_MARK iptable_filter iptable_mangle ip_tables powernow_k8 tun nvidia snd_pcm_oss snd_mixer_oss snd_via82xx snd_ac97_codec snd_pcm snd_timer snd_page_alloc snd_mpu401_uart snd_rawmidi snd_seq_device snd cx8800 v4l1_compat v4l2_common cx88xx i2c_algo_bit video_buf ir_common btcx_risc tveeprom videodev tuner usbhid w83627hf i2c_sensor i2c_isa i2c_core usb_storage uhci_hcd ehci_hcd usbcore sd_mod scsi_mod Pid: 11236, comm: soffice.bin Tainted: P 2.6.12-rc2 RIP: 0010:[] {__put_user_4+32} RSP: :81001d32fea0 EFLAGS: 00010202 RAX: 0003 RBX: 8100255b0f70 RCX: 2d9280b0 RDX: RSI: 810033534940 RDI: 2d9280b0 RBP: R08: 81001d32e000 R09: 0002 R10: 81001d32e000 R11: 558740dc R12: R13: 810033534940 R14: 0001 R15: FS: 2e0ff820() GS:80489840() knlGS: CS: 0010 DS: 002b ES: 002b CR0: 8005003b CR2: 2d9280b0 CR3: 2515 CR4: 06e0 Process soffice.bin (pid: 11236, threadinfo 81001d32e000, task 8100255b0f70) Stack: 80133414 810019f11138 810033534940 8100255b0f70 8100255b0f70 80137c0a 8100255b15a4 Call Trace:{mm_release+116} {exit_mm +42} {do_exit+351} {do_group_exit +252} {ia32_sysret+0} It is easily reproducible on my system, I just have to start and exit OpenOffice 1.1.4. I got similar messages with 2.6.12-rc3 + your patch (please tell me if you also want these messages). I also had one system freeze and one reboot (when I clicked on a link in Firefox (32-bit app too), I don't know if it is related). But I was unable to reproduce these crashes, so I'm not sure whether it is caused by rc3 or by your patch. Please note that these problems did not occur with 2.6.12-rc2 + these patches reverted: - x86_64-give-out-of-line-get_user-better-calling.patch - x86_64-move-put_user-out-of-line.patch - x86_64-remove-stale-unused-file.patch Best regards, Nicolas On Thu, 2005-04-21 at 01:10 +0200, Alexander Nyberg wrote: > The new out of line put_user() assembly on x86_64 changes %rcx without > telling GCC about it causing things like: > > http://bugme.osdl.org/show_bug.cgi?id=4515 > > See to it that %rcx is not changed (made it consistent with get_user()). > > > Signed-off-by: Alexander Nyberg <[EMAIL PROTECTED]> > > Index: test/arch/x86_64/lib/getuser.S > === > --- test.orig/arch/x86_64/lib/getuser.S 2005-04-20 23:55:35.0 > +0200 > +++ test/arch/x86_64/lib/getuser.S2005-04-21 00:54:16.0 +0200 > @@ -78,9 +78,9 @@ > __get_user_8: > GET_THREAD_INFO(%r8) > addq $7,%rcx > - jc bad_get_user > + jc 40f > cmpq threadinfo_addr_limit(%r8),%rcx > - jae bad_get_user > + jae 40f > subq$7,%rcx > 4: movq (%rcx),%rdx > xorl %eax,%eax > Index: test/arch/x86_64/lib/putuser.S > === > --- test.orig/arch/x86_64/lib/putuser.S 2005-04-21 00:50:24.0 > +0200 > +++ test/arch/x86_64/lib/putuser.S2005-04-21 01:02:15.0 +0200 > @@ -46,36 +46,45 @@ > __put_user_2: > GET_THREAD_INFO(%r8) > addq $1,%rcx > - jc bad_put_user > + jc 20f > cmpq threadinfo_addr_limit(%r8),%rcx > - jae bad_put_user > -2: movw %dx,-1(%rcx) > + jae 20f > +2: decq %rcx > + movw %dx,(%rcx) > xorl %eax,%eax > ret > +20: decq %rcx > + jmp bad_put_user > > .p2align 4 > .globl __put_user_4 > __put_user_4: > GET_THREAD_INFO(%r8) > addq $3,%rcx > - jc bad_put_user > + jc 30f > cmpq threadinfo_addr_limit(%r8),%rcx > - jae bad_put_user > -3: movl %edx,-3(%rcx) > + jae 30f > +3: subq $3,%rcx > + movl %edx,(%rcx) > xorl %eax,%eax > ret > +30: subq $3,%rcx > + jmp bad_put_user > > .p2align 4 > .globl __put_user_8 > __put_user_8: > GET_THREAD_INFO(%r8) > addq $7,%rcx > - jc bad_put_user > + jc 40f > cmpq threadinfo_addr_limit(%r8),%rcx > - jae bad_put_user > -4: movq %rdx,-7(%rcx) > + jae 40f > +4: subq $7,%rcx > + movq %rdx,(%rcx) > xorl %eax,%eax > ret > +40: subq $7,%rcx > + jmp bad_put_user > > bad_put_user: > movq $(-EFAULT),%rax > > > - To unsubscribe from this list: send the li
Re: x86_64: Bug in new out of line put_user()
Hello, On Thu, 2005-04-21 at 01:10 +0200, Alexander Nyberg wrote: > The new out of line put_user() assembly on x86_64 changes %rcx without > telling GCC about it causing things like: > > http://bugme.osdl.org/show_bug.cgi?id=4515 Thank you, this patch fixes the message queue problem. Best regards, Nicolas > See to it that %rcx is not changed (made it consistent with get_user()). > > > Signed-off-by: Alexander Nyberg <[EMAIL PROTECTED]> > > Index: test/arch/x86_64/lib/getuser.S > === > --- test.orig/arch/x86_64/lib/getuser.S 2005-04-20 23:55:35.0 > +0200 > +++ test/arch/x86_64/lib/getuser.S2005-04-21 00:54:16.0 +0200 > @@ -78,9 +78,9 @@ > __get_user_8: > GET_THREAD_INFO(%r8) > addq $7,%rcx > - jc bad_get_user > + jc 40f > cmpq threadinfo_addr_limit(%r8),%rcx > - jae bad_get_user > + jae 40f > subq$7,%rcx > 4: movq (%rcx),%rdx > xorl %eax,%eax > Index: test/arch/x86_64/lib/putuser.S > === > --- test.orig/arch/x86_64/lib/putuser.S 2005-04-21 00:50:24.0 > +0200 > +++ test/arch/x86_64/lib/putuser.S2005-04-21 01:02:15.0 +0200 > @@ -46,36 +46,45 @@ > __put_user_2: > GET_THREAD_INFO(%r8) > addq $1,%rcx > - jc bad_put_user > + jc 20f > cmpq threadinfo_addr_limit(%r8),%rcx > - jae bad_put_user > -2: movw %dx,-1(%rcx) > + jae 20f > +2: decq %rcx > + movw %dx,(%rcx) > xorl %eax,%eax > ret > +20: decq %rcx > + jmp bad_put_user > > .p2align 4 > .globl __put_user_4 > __put_user_4: > GET_THREAD_INFO(%r8) > addq $3,%rcx > - jc bad_put_user > + jc 30f > cmpq threadinfo_addr_limit(%r8),%rcx > - jae bad_put_user > -3: movl %edx,-3(%rcx) > + jae 30f > +3: subq $3,%rcx > + movl %edx,(%rcx) > xorl %eax,%eax > ret > +30: subq $3,%rcx > + jmp bad_put_user > > .p2align 4 > .globl __put_user_8 > __put_user_8: > GET_THREAD_INFO(%r8) > addq $7,%rcx > - jc bad_put_user > + jc 40f > cmpq threadinfo_addr_limit(%r8),%rcx > - jae bad_put_user > -4: movq %rdx,-7(%rcx) > + jae 40f > +4: subq $7,%rcx > + movq %rdx,(%rcx) > xorl %eax,%eax > ret > +40: subq $7,%rcx > + jmp bad_put_user > > bad_put_user: > movq $(-EFAULT),%rax > > > - To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to [EMAIL PROTECTED] More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
Re: x86_64: Bug in new out of line put_user()
On Thu, Apr 21, 2005 at 01:10:09AM +0200, Alexander Nyberg wrote: > The new out of line put_user() assembly on x86_64 changes %rcx without > telling GCC about it causing things like: > > http://bugme.osdl.org/show_bug.cgi?id=4515 > > See to it that %rcx is not changed (made it consistent with get_user()). Damn. I actually fixed this before submission, but it looks like the old patch staid in the queue :-( Sorry for you having to debug it again. Linus, can can you please apply the patch? -Andi > > > Signed-off-by: Alexander Nyberg <[EMAIL PROTECTED]> > > Index: test/arch/x86_64/lib/getuser.S > === > --- test.orig/arch/x86_64/lib/getuser.S 2005-04-20 23:55:35.0 > +0200 > +++ test/arch/x86_64/lib/getuser.S2005-04-21 00:54:16.0 +0200 > @@ -78,9 +78,9 @@ > __get_user_8: > GET_THREAD_INFO(%r8) > addq $7,%rcx > - jc bad_get_user > + jc 40f > cmpq threadinfo_addr_limit(%r8),%rcx > - jae bad_get_user > + jae 40f > subq$7,%rcx > 4: movq (%rcx),%rdx > xorl %eax,%eax > Index: test/arch/x86_64/lib/putuser.S > === > --- test.orig/arch/x86_64/lib/putuser.S 2005-04-21 00:50:24.0 > +0200 > +++ test/arch/x86_64/lib/putuser.S2005-04-21 01:02:15.0 +0200 > @@ -46,36 +46,45 @@ > __put_user_2: > GET_THREAD_INFO(%r8) > addq $1,%rcx > - jc bad_put_user > + jc 20f > cmpq threadinfo_addr_limit(%r8),%rcx > - jae bad_put_user > -2: movw %dx,-1(%rcx) > + jae 20f > +2: decq %rcx > + movw %dx,(%rcx) > xorl %eax,%eax > ret > +20: decq %rcx > + jmp bad_put_user > > .p2align 4 > .globl __put_user_4 > __put_user_4: > GET_THREAD_INFO(%r8) > addq $3,%rcx > - jc bad_put_user > + jc 30f > cmpq threadinfo_addr_limit(%r8),%rcx > - jae bad_put_user > -3: movl %edx,-3(%rcx) > + jae 30f > +3: subq $3,%rcx > + movl %edx,(%rcx) > xorl %eax,%eax > ret > +30: subq $3,%rcx > + jmp bad_put_user > > .p2align 4 > .globl __put_user_8 > __put_user_8: > GET_THREAD_INFO(%r8) > addq $7,%rcx > - jc bad_put_user > + jc 40f > cmpq threadinfo_addr_limit(%r8),%rcx > - jae bad_put_user > -4: movq %rdx,-7(%rcx) > + jae 40f > +4: subq $7,%rcx > + movq %rdx,(%rcx) > xorl %eax,%eax > ret > +40: subq $7,%rcx > + jmp bad_put_user > > bad_put_user: > movq $(-EFAULT),%rax > > - To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to [EMAIL PROTECTED] More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
x86_64: Bug in new out of line put_user()
The new out of line put_user() assembly on x86_64 changes %rcx without telling GCC about it causing things like: http://bugme.osdl.org/show_bug.cgi?id=4515 See to it that %rcx is not changed (made it consistent with get_user()). Signed-off-by: Alexander Nyberg <[EMAIL PROTECTED]> Index: test/arch/x86_64/lib/getuser.S === --- test.orig/arch/x86_64/lib/getuser.S 2005-04-20 23:55:35.0 +0200 +++ test/arch/x86_64/lib/getuser.S 2005-04-21 00:54:16.0 +0200 @@ -78,9 +78,9 @@ __get_user_8: GET_THREAD_INFO(%r8) addq $7,%rcx - jc bad_get_user + jc 40f cmpq threadinfo_addr_limit(%r8),%rcx - jae bad_get_user + jae 40f subq$7,%rcx 4: movq (%rcx),%rdx xorl %eax,%eax Index: test/arch/x86_64/lib/putuser.S === --- test.orig/arch/x86_64/lib/putuser.S 2005-04-21 00:50:24.0 +0200 +++ test/arch/x86_64/lib/putuser.S 2005-04-21 01:02:15.0 +0200 @@ -46,36 +46,45 @@ __put_user_2: GET_THREAD_INFO(%r8) addq $1,%rcx - jc bad_put_user + jc 20f cmpq threadinfo_addr_limit(%r8),%rcx - jae bad_put_user -2: movw %dx,-1(%rcx) + jae 20f +2: decq %rcx + movw %dx,(%rcx) xorl %eax,%eax ret +20:decq %rcx + jmp bad_put_user .p2align 4 .globl __put_user_4 __put_user_4: GET_THREAD_INFO(%r8) addq $3,%rcx - jc bad_put_user + jc 30f cmpq threadinfo_addr_limit(%r8),%rcx - jae bad_put_user -3: movl %edx,-3(%rcx) + jae 30f +3: subq $3,%rcx + movl %edx,(%rcx) xorl %eax,%eax ret +30:subq $3,%rcx + jmp bad_put_user .p2align 4 .globl __put_user_8 __put_user_8: GET_THREAD_INFO(%r8) addq $7,%rcx - jc bad_put_user + jc 40f cmpq threadinfo_addr_limit(%r8),%rcx - jae bad_put_user -4: movq %rdx,-7(%rcx) + jae 40f +4: subq $7,%rcx + movq %rdx,(%rcx) xorl %eax,%eax ret +40:subq $7,%rcx + jmp bad_put_user bad_put_user: movq $(-EFAULT),%rax - To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to [EMAIL PROTECTED] More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/