#
95134 |
|
20-Apr-2002 |
jake |
Check the alignment of the stack pointer before copying in windows from the user stack in response to a failed window fill, allowing the process to be killed if its wrong. This caused user programs which misalign their stack pointer to get stuck in an infinite loop at the kernel-userland boundary, which is mostly harmless.
The same thing causes a fatal RED state exception on OpenBSD and probably NetBSD.
Inspired by: art@openbsd.org
|
#
82906 |
|
03-Sep-2001 |
jake |
Implement a slightly different window spill/fill algorithm for dealing with user windows in kernel mode. We split the windows using %otherwin, but instead of spilling user window directly to the pcb, we attempt to spill to user space. If this fails because a stack page is not resident (or the stack is smashed), the fault handler at tl 2 will detect the situation and resume at tl 1 again where recovery code can spill to the pcb. Any windows that have been saved to the pcb will be copied out to the user stack on return from kernel mode.
Add a first stab at 32 bit window handling. This uses much of the same recovery code as above because the alignment of the stack pointer is used to detect 32 bit code. Attempting to spill a 32 bit window to a 64 bit stack, or vice versa, will cause an alignment fault. The recovery code then changes the window state to vector to a 32 bit spill/fill handler and retries the faulting instruction.
Add ktr traces in useful places during trap processing.
Adjust comments to reflect new code and add many more.
|