Bug 54463 - Uninitialized register can cause kernel crash.
Uninitialized register can cause kernel crash.
Status: CLOSED CURRENTRELEASE
Product: Red Hat Linux
Classification: Retired
Component: gcc (Show other bugs)
7.1
ia64 Linux
medium Severity high
: ---
: ---
Assigned To: Jakub Jelinek
Brock Organ
:
Depends On:
Blocks:
  Show dependency treegraph
 
Reported: 2001-10-09 05:05 EDT by Shinya Narahara
Modified: 2007-04-18 12:37 EDT (History)
0 users

See Also:
Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 2002-02-14 18:12:39 EST
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---


Attachments (Terms of Use)

  None (edit)
Description Shinya Narahara 2001-10-09 05:05:10 EDT
From Bugzilla Helper:
User-Agent: Mozilla/4.75 [ja] (WinNT; U)

Description of problem:
Just see gcc-bug ml, #2246, this issue is reported.
http://gcc.gnu.org/cgi-bin/gnatsweb.pl
called NaT comsamption fault.
But this has not been fixed yet.


Version-Release number of selected component (if applicable):


How reproducible:
Sometimes

Steps to Reproduce:
1.use ide-floppy module.
2.do benchmark test.
3.


Actual Results:  It could be kernel panic, segmentation fault or core dump.


Expected Results:  Nothing'll be occured.


Additional info:

We encounted this issue when testing ide-floppy interrupt handler.
And this isn't ocurred everytime, but certainly. In ide-floppy.o

e0000000046626bc: dep r40=r14,r40,8,8 // r40.nat=r40.nat | r14.nat ...(2)
e00000000466271c: dep r40=r14,r40,0,8 // r40.nat=r40.nat | r14.nat
e000000004662966: zxt2 r34=r40        // r34.nat=r40.nat 
e000000004662a96: mov r15=r34         // r15.nat=r34.nat 
e000000004662aa0: add r14=r14,r15     // r14.nat=r15.nat 
e000000004662ab6: st4 [r37]=r14                                    ...(1)

r40's nat bit isn't initialized on this sequence, because
r40 register hasn't been initialized before this.

We can do something to avoid this.

1) Edit kernel binary directry and swap the line(2) into
   e0000000046626bc: dep r40=r14,r0,8,8
   This is not good because we could fix only this bug.

2) Fix kernel source not to use the spaculative load.
   __strlen_user() and strlen() functions use this spaculative
   load. However gcc doesn't produce spaculative load if all
   sources are in C, 

Both are needed to avoid this issue.
Comment 1 Arjan van de Ven 2001-10-09 09:09:17 EDT
The compiler is wrong to assume anything about the NAT state of registers it
doesn't fully set... -> assigning to gcc
Comment 2 Bill Nottingham 2001-10-09 16:29:36 EDT
Jim was looking at this at some point; Jakub, I can send you the discussion.
Comment 3 Jakub Jelinek 2001-10-10 06:33:54 EDT
I know about it, have read the discussion. But as Jim is looking into this,
I'll leave it on him.
Comment 4 erik tapang 2002-02-14 18:12:34 EST
test post
Comment 5 Jakub Jelinek 2002-02-14 18:18:43 EST
Oh, forgot to close this.
This has been fixed in gcc-2.96-101.

Note You need to log in before you can comment on or make changes to this bug.