sh: Fix kernel thread stack corruption with preempt.

When I run a preemptive kernel-2.6.20 for SH7780, a created
kthread(pdflush) can not exit by do_exit() in kernel_thread_helper. I
think that the created kthread should have a room for 'struct pt_regs'
space on the stack top, because __switch_to() will refer to the space as
follows using 'regs = task_pt_regs(prev)' and next condition may be true.

Signed-off-by: Hideo Saito <saito@densan.co.jp>
Signed-off-by: Paul Mundt <lethal@linux-sh.org>

1 files changed, 2 insertions, 3 deletions

diff --git a/arch/sh/kernel/process.c b/arch/sh/kernel/process.c
index 9d6a438b3eaf..e7607366ac4e 100644
--- a/arch/sh/kernel/process.c
+++ b/arch/sh/kernel/process.c
@@ -250,12 +250,11 @@ int copy_thread(int nr, unsigned long clone_flags, unsigned long usp,
                 childregs->regs[15] = usp;
                 ti->addr_limit = USER_DS;
         } else {
-                childregs->regs[15] = (unsigned long)task_stack_page(p) +
-                                                        THREAD_SIZE;
+                childregs->regs[15] = (unsigned long)childregs;
                 ti->addr_limit = KERNEL_DS;
         }
 
-        if (clone_flags & CLONE_SETTLS)
+        if (clone_flags & CLONE_SETTLS)
                 childregs->gbr = childregs->regs[0];
 
         childregs->regs[0] = 0; /* Set return value for child */