svn commit: r302573 - head/sys/i386/i386

[Konstantin Belousov]

Author: kib
Date: Mon Jul 11 15:52:52 2016
New Revision: 302573
URL: https://svnweb.freebsd.org/changeset/base/302573

Log:
  Fill tf_trapno for trap frames created for syscall.
  
  If tf_trapno contains garbage which appears to be equal to T_NMI,
  e.g. due to thread previously entered kernel due to NMI, doreti
  sequence skips ast, and does so until a trap or hardware interrupt
  occur.
  
  The visible effects of the issue are quite confusing.  First, signals
  delivery is postponed in observable ways.  In particular, the
  guarantee that unblocked async signals queue is flushed before a
  return from syscall, is broken.  Second, if there are pending signals,
  all interruptible sleeps of the stuck thread are aborted immediately.
  
  Since modern CPUs are relatively fast and tickless kernel generates
  low interrupt rate, the faulty condition might exist for long time (in
  an application time scale).
  
  In collaboration with:	pho
  Sponsored by:	The FreeBSD Foundation
  MFC after:	1 week

Modified:
  head/sys/i386/i386/exception.s

Modified: head/sys/i386/i386/exception.s
==============================================================================
--- head/sys/i386/i386/exception.s	Mon Jul 11 15:50:06 2016	(r302572)
+++ head/sys/i386/i386/exception.s	Mon Jul 11 15:52:52 2016	(r302573)
@@ -234,7 +234,7 @@ IDTVEC(lcall_syscall)
 	pushfl				/* save eflags */
 	popl	8(%esp)			/* shuffle into tf_eflags */
 	pushl	$7			/* sizeof "lcall 7,0" */
-	subl	$4,%esp			/* skip over tf_trapno */
+	pushl	$0			/* tf_trapno */
 	pushal
 	pushl	$0
 	movw	%ds,(%esp)
@@ -263,7 +263,7 @@ IDTVEC(lcall_syscall)
 	SUPERALIGN_TEXT
 IDTVEC(int0x80_syscall)
 	pushl	$2			/* sizeof "int 0x80" */
-	subl	$4,%esp			/* skip over tf_trapno */
+	pushl	$0			/* tf_trapno */
 	pushal
 	pushl	$0
 	movw	%ds,(%esp)