about summary refs log tree commit diff
path: root/src/thread/i386
diff options
context:
space:
mode:
authorRich Felker <dalias@aerifal.cx>2011-04-17 15:30:08 -0400
committerRich Felker <dalias@aerifal.cx>2011-04-17 15:30:08 -0400
commit09dae2b7b66f741b30aa7ce95ab395239da20762 (patch)
treeda94ed95c914ec60663aec3368e3642d8c41cfeb /src/thread/i386
parentebf82447be4b30bedc19ad868c3a0662b1ba596d (diff)
downloadmusl-09dae2b7b66f741b30aa7ce95ab395239da20762.tar.gz
musl-09dae2b7b66f741b30aa7ce95ab395239da20762.tar.xz
musl-09dae2b7b66f741b30aa7ce95ab395239da20762.zip
fix bugs in cancellable syscall asm
x86_64 was just plain wrong in the cancel-flag-already-set path, and
crashing.

the more subtle error was not clearing the saved stack pointer before
returning to c code. this could result in the signal handler
misidentifying c code as the pre-syscall part of the asm, and acting
on cancellation at the wrong time, and thus resource leak race
conditions.

also, now __cancel (in the c code) is responsible for clearing the
saved sp in the already-cancelled branch. this means we have to use
call rather than jmp to ensure the stack pointer in the c will never
match what the asm saved.
Diffstat (limited to 'src/thread/i386')
-rw-r--r--src/thread/i386/syscall_cp.s9
1 files changed, 4 insertions, 5 deletions
diff --git a/src/thread/i386/syscall_cp.s b/src/thread/i386/syscall_cp.s
index 6d8c354b..51905131 100644
--- a/src/thread/i386/syscall_cp.s
+++ b/src/thread/i386/syscall_cp.s
@@ -28,9 +28,8 @@ __syscall_cp_asm:
 	popl %edi
 	popl %esi
 	popl %ebx
+	xorl %edx,%edx
+	movl 4(%esp),%ecx
+	movl %edx,(%ecx)
 	ret
-2:	xorl %eax,%eax
-	movl %eax,4(%ecx)
-	movl %eax,(%ecx)
-	pushl $-1
-	call __cancel
+2:	call __cancel