This is the mail archive of the ecos-bugs@sources.redhat.com mailing list for the eCos project.

Index Nav:	[Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav:	[Date Prev] [Date Next]	[Thread Prev] [Thread Next]
Other format:	[Raw text]

[Bug 1000170] SuperH context switch code vulnerable to stack corruption by ISR

From: bugzilla at ecoscentric dot com
To: ecos-bugs at sources dot redhat dot com
Date: Mon, 18 Apr 2005 16:09:41 +0100 (BST)
Subject: [Bug 1000170] SuperH context switch code vulnerable to stack corruption by ISR

http://bugs.ecos.sourceware.org/show_bug.cgi?id=1000170





------- Additional Comments From jifl@ecoscentric.com  2005-18-04 16:09 -------
Ah yes, I had forgotten about hal_thread_switch_context dropping through into
hal_thread_load_context.

My concern is really that if the previous context had interrupts disabled
because, for example, it has insufficient stack space to handle nested
interrupts to the required depth, then this would cause problems.

So what I'm suggesting as a potentially better fix would instead be to update
the stack pointer between the read of the SR into r2 and the hal_cpu_int_merge?
That way the SR can't get trashed, but the stack has been swapped by the time
interrupts are potentially re-enabled.

i.e.

        mov.l   @r0+,r2                 ! SR
        mov     r3,r15                  ! update stack pointer
        hal_cpu_int_merge r2,r0,r1      ! restore interrupt state





------- You are receiving this mail because: -------
You are the QA contact for the bug, or are watching the QA contact.

Index Nav:	[Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav:	[Date Prev] [Date Next]	[Thread Prev] [Thread Next]