| To: | "'linux-mips@oss.sgi.com'" <linux-mips@oss.sgi.com> |
|---|---|
| Subject: | _save_fp_context corrupts kernel sp |
| From: | Tommy Christensen <tommy.christensen@eicon.com> |
| Date: | Mon, 9 Apr 2001 15:44:58 +0200 |
| Sender: | owner-linux-mips@oss.sgi.com |
Hi all,
this bug was triggered by the 'crashme' program, which deliberately does
various bad things.
The problem occurs when _save_fp_context cannot write to the user stack.
Since the fixup
routine for this lacks a nop at the end, the following "random"
instruction is executed (in
my case it adjusted the stack pointer, which is pretty lethal).
The patch below corrects this.
Regards,
Tommy S. Christensen, Eicon Networks
--- r4k_fpu.S.orig Sun Dec 10 08:56:02 2000
+++ r4k_fpu.S Mon Apr 9 10:55:27 2001
@@ -94,6 +94,7 @@
ctc1 t0,fcr31
END(_restore_fp_context)
+ .set reorder
.type fault@function
.ent fault
fault: li v0, -EFAULT
|
| <Prev in Thread] | Current Thread | [Next in Thread> |
|---|---|---|
| ||
| Previous by Date: | mips_memory_upper, Scott A McConnell |
|---|---|
| Next by Date: | Re: mips_memory_upper, Maciej W. Rozycki |
| Previous by Thread: | mips_memory_upper, Scott A McConnell |
| Next by Thread: | Insmod messages and modules space, Shay Deloya |
| Indexes: | [Date] [Thread] [Top] [All Lists] |