From 3680f14a7d12a9faa86e09aaea1b3aa20713355e Mon Sep 17 00:00:00 2001 From: Carlos O'Donell Date: Thu, 24 Jun 2010 12:13:36 -0400 Subject: [PATCH] [hppa] Fix incorrect stack frame usage in vfork. In a multithreaded environment the call to vfork was incorrectly creating a stack frame. Given that the child unwinds the stack frame first to call exec, it will corrupt any values the parent stored in the stack frame. The solution is to avoid creating a stack frame unless required to call an error function, in which case we are assured no child was created. --- ChangeLog.hppa | 6 +++++ sysdeps/unix/sysv/linux/hppa/nptl/pt-vfork.S | 25 +++++++++++++------- 2 files changed, 22 insertions(+), 9 deletions(-) diff --git a/ChangeLog.hppa b/ChangeLog.hppa index faad5e9a33..2ccc911430 100644 --- a/ChangeLog.hppa +++ b/ChangeLog.hppa @@ -1,3 +1,9 @@ +2010-06-24 Carlos O'Donell + + * sysdeps/unix/sysv/linux/hppa/nptl/pt-vfork.S: Only create stack + frame around call to SYSCALL_ERROR_HANDLER. Do not restore %rp + from the stack frame on successfull return. + 2010-06-23 Carlos O'Donell * sysdeps/unix/sysv/linux/hppa/getcontext.S (__getcontext_ret): diff --git a/sysdeps/unix/sysv/linux/hppa/nptl/pt-vfork.S b/sysdeps/unix/sysv/linux/hppa/nptl/pt-vfork.S index 83a70b71cb..15efa98d60 100644 --- a/sysdeps/unix/sysv/linux/hppa/nptl/pt-vfork.S +++ b/sysdeps/unix/sysv/linux/hppa/nptl/pt-vfork.S @@ -1,4 +1,4 @@ -/* Copyright (C) 2005 Free Software Foundation, Inc. +/* Copyright (C) 2005, 2010 Free Software Foundation, Inc. This file is part of the GNU C Library. The GNU C Library is free software; you can redistribute it and/or @@ -50,10 +50,9 @@ /* r26, r25, r24, r23 are free since vfork has no arguments */ ENTRY(__vfork) - /* Prologue */ - stwm %r3, 64(%sp) - stw %sp, -4(%sp) - stw %r19, -32(%sp) + /* We must not create a frame. When the child unwinds to call + exec it will clobber the same frame that the parent + needs to unwind. */ /* Save the PIC register. */ #ifdef PIC @@ -75,12 +74,20 @@ ENTRY(__vfork) comclr,>>= %r1,%ret0,%r0 /* Note: unsigned compare. */ b,n .Lerror - /* Return, no need to restore the PIC register. */ - ldw -84(%sp), %rp - bv %r0(%rp) - ldwm -64(%sp), %r3 + /* Return, and DO NOT restore rp. The child may have called + functions that updated the frame's rp. This works because + the kernel ensures rp is preserved across the vfork + syscall. */ + bv,n %r0(%rp) .Lerror: + /* Now we need a stack to call a function. We are assured + that there is no child now, so it's safe to create + a frame. */ + stw %rp, -20(%sp) + stwm %r3, 64(%sp) + stw %sp, -4(%sp) + sub %r0,%ret0,%r3 SYSCALL_ERROR_HANDLER /* Restore the PIC register (in delay slot) on error */