Syscalls and RSE
Marcel Moolenaar
xcllnt at mac.com
Wed Jun 27 15:44:34 UTC 2007
On Jun 27, 2007, at 5:17 AM, Christian Kandeler wrote:
> On Thursday 21 June 2007 19:41, Marcel Moolenaar wrote:
>
>> When we switch to the kernel stack, we align BSPSTORE to the user
>> stack
>> (WRT to NaT collections). In other words we preserve the least
>> significant 9 bits of BSPSTORE. Since these bits determine when a NaT
>> collection will happen and which bit in the RNAT register will
>> take the NaT
>> bit of the stacked register on a flush, we effectively preserved
>> all the NaT
>> bits without explicitly saving or restoring anything.
>
> Yes, I understand that.
>
>> As such, we never clobber "used" bits in the RNAT register and it
>> also
>> allows us to flush the dirty registers onto the kernel stack and copy
>> them back to user space knowing that any NaT collections on the
>> kernel stack
>> will be copied to the right location on the user stack. Also, any NaT
>> bits left in RNAT after the loadrs on our way out of the kernel
>> will be
>> those of the user process.
>
> The problem, I think, is not the RNAT on the way out of the
> syscall, but a
> collection of undefined NaT bits saved in the kernel and loaded
> later in user
> space. As I have mentioned in my first mail, this is due to the
> fact that we
> can advance the saved user space BSPSTORE (and therefore BspLoad
> too) over
> such a NaT collection in ia64_flush_dirty().
> The reason that this does not usually lead to problems in practice
> is probably
> that the current Itanium processors set RNAT to zero after a
> backing store
> switch, so no NaT bits are actually set to 1 by the RSE load that
> restores
> the undefined NaT collection. This is not guaranteed, of course.
> I've tried to verify my theory, and I believe I have succeeded: If
> the code in
> epc_syscall is correct, then it should tolerate any value in RNAT
> after the
> backing store switch, since the value of this register is undefined
> anyway.
> However, when I manually set RNAT to -1 and boot the resulting
> kernel, the
> system crashes right after entering user space (Illegal Instruction
> in the sh
> process). I assume this is due to one of the many NaT bits the process
> receives after making a system call.
I need think about this for a bit. I'll get back to you shortly...
--
Marcel Moolenaar
xcllnt at mac.com
More information about the freebsd-ia64
mailing list