diff options
author | Mark Nelson <markn@au1.ibm.com> | 2009-02-25 08:26:48 -0500 |
---|---|---|
committer | Benjamin Herrenschmidt <benh@kernel.crashing.org> | 2009-02-25 22:02:53 -0500 |
commit | e423b9ecd6aa434ce9ba72a21fdc61079e620e0a (patch) | |
tree | 497608c41554e8d2cbff6054d35988bcaf9577a8 /arch/powerpc | |
parent | 49f297f8df9adb797334155470ea9ca68bdb041e (diff) |
powerpc: Fix 64bit memcpy() regression
This fixes a regression introduced by commit
25d6e2d7c58ddc4a3b614fc5381591c0cfe66556 ("powerpc: Update 64bit memcpy()
using CPU_FTR_UNALIGNED_LD_STD").
This commit allowed CPUs that have the CPU_FTR_UNALIGNED_LD_STD CPU
feature bit present to do the memcpy() with unaligned load doubles. But,
along with this came a bug where our final load double would read bytes
beyond a page boundary and into the next (unmapped) page. This was caught
by enabling CONFIG_DEBUG_PAGEALLOC,
The fix was to read only the number of bytes that we need to store rather
than reading a full 8-byte doubleword and storing only a portion of that.
In order to minimise the amount of existing code touched we use the
original do_tail for the src_unaligned case.
Below is an example of the regression, as reported by Sachin Sant:
Unable to handle kernel paging request for data at address 0xc00000003f380000
Faulting instruction address: 0xc000000000039574
cpu 0x1: Vector: 300 (Data Access) at [c00000003baf3020]
pc: c000000000039574: .memcpy+0x74/0x244
lr: d00000000244916c: .ext3_xattr_get+0x288/0x2f4 [ext3]
sp: c00000003baf32a0
msr: 8000000000009032
dar: c00000003f380000
dsisr: 40000000
current = 0xc00000003e54b010
paca = 0xc000000000a53680
pid = 1840, comm = readahead
enter ? for help
[link register ] d00000000244916c .ext3_xattr_get+0x288/0x2f4 [ext3]
[c00000003baf32a0] d000000002449104 .ext3_xattr_get+0x220/0x2f4 [ext3]
(unreliab
le)
[c00000003baf3390] d00000000244a6e8 .ext3_xattr_security_get+0x40/0x5c [ext3]
[c00000003baf3400] c000000000148154 .generic_getxattr+0x74/0x9c
[c00000003baf34a0] c000000000333400 .inode_doinit_with_dentry+0x1c4/0x678
[c00000003baf3560] c00000000032c6b0 .security_d_instantiate+0x50/0x68
[c00000003baf35e0] c00000000013c818 .d_instantiate+0x78/0x9c
[c00000003baf3680] c00000000013ced0 .d_splice_alias+0xf0/0x120
[c00000003baf3720] d00000000243e05c .ext3_lookup+0xec/0x134 [ext3]
[c00000003baf37c0] c000000000131e74 .do_lookup+0x110/0x260
[c00000003baf3880] c000000000134ed0 .__link_path_walk+0xa98/0x1010
[c00000003baf3970] c0000000001354a0 .path_walk+0x58/0xc4
[c00000003baf3a20] c000000000135720 .do_path_lookup+0x138/0x1e4
[c00000003baf3ad0] c00000000013645c .path_lookup_open+0x6c/0xc8
[c00000003baf3b70] c000000000136780 .do_filp_open+0xcc/0x874
[c00000003baf3d10] c0000000001251e0 .do_sys_open+0x80/0x140
[c00000003baf3dc0] c00000000016aaec .compat_sys_open+0x24/0x38
[c00000003baf3e30] c00000000000855c syscall_exit+0x0/0x40
Signed-off-by: Benjamin Herrenschmidt <benh@kernel.crashing.org>
Diffstat (limited to 'arch/powerpc')
-rw-r--r-- | arch/powerpc/lib/memcpy_64.S | 26 |
1 files changed, 20 insertions, 6 deletions
diff --git a/arch/powerpc/lib/memcpy_64.S b/arch/powerpc/lib/memcpy_64.S index fe2d34e5332d..e178922b2c21 100644 --- a/arch/powerpc/lib/memcpy_64.S +++ b/arch/powerpc/lib/memcpy_64.S | |||
@@ -53,18 +53,19 @@ END_FTR_SECTION_IFCLR(CPU_FTR_UNALIGNED_LD_STD) | |||
53 | 3: std r8,8(r3) | 53 | 3: std r8,8(r3) |
54 | beq 3f | 54 | beq 3f |
55 | addi r3,r3,16 | 55 | addi r3,r3,16 |
56 | ld r9,8(r4) | ||
57 | .Ldo_tail: | 56 | .Ldo_tail: |
58 | bf cr7*4+1,1f | 57 | bf cr7*4+1,1f |
59 | rotldi r9,r9,32 | 58 | lwz r9,8(r4) |
59 | addi r4,r4,4 | ||
60 | stw r9,0(r3) | 60 | stw r9,0(r3) |
61 | addi r3,r3,4 | 61 | addi r3,r3,4 |
62 | 1: bf cr7*4+2,2f | 62 | 1: bf cr7*4+2,2f |
63 | rotldi r9,r9,16 | 63 | lhz r9,8(r4) |
64 | addi r4,r4,2 | ||
64 | sth r9,0(r3) | 65 | sth r9,0(r3) |
65 | addi r3,r3,2 | 66 | addi r3,r3,2 |
66 | 2: bf cr7*4+3,3f | 67 | 2: bf cr7*4+3,3f |
67 | rotldi r9,r9,8 | 68 | lbz r9,8(r4) |
68 | stb r9,0(r3) | 69 | stb r9,0(r3) |
69 | 3: ld r3,48(r1) /* return dest pointer */ | 70 | 3: ld r3,48(r1) /* return dest pointer */ |
70 | blr | 71 | blr |
@@ -133,11 +134,24 @@ END_FTR_SECTION_IFCLR(CPU_FTR_UNALIGNED_LD_STD) | |||
133 | cmpwi cr1,r5,8 | 134 | cmpwi cr1,r5,8 |
134 | addi r3,r3,32 | 135 | addi r3,r3,32 |
135 | sld r9,r9,r10 | 136 | sld r9,r9,r10 |
136 | ble cr1,.Ldo_tail | 137 | ble cr1,6f |
137 | ld r0,8(r4) | 138 | ld r0,8(r4) |
138 | srd r7,r0,r11 | 139 | srd r7,r0,r11 |
139 | or r9,r7,r9 | 140 | or r9,r7,r9 |
140 | b .Ldo_tail | 141 | 6: |
142 | bf cr7*4+1,1f | ||
143 | rotldi r9,r9,32 | ||
144 | stw r9,0(r3) | ||
145 | addi r3,r3,4 | ||
146 | 1: bf cr7*4+2,2f | ||
147 | rotldi r9,r9,16 | ||
148 | sth r9,0(r3) | ||
149 | addi r3,r3,2 | ||
150 | 2: bf cr7*4+3,3f | ||
151 | rotldi r9,r9,8 | ||
152 | stb r9,0(r3) | ||
153 | 3: ld r3,48(r1) /* return dest pointer */ | ||
154 | blr | ||
141 | 155 | ||
142 | .Ldst_unaligned: | 156 | .Ldst_unaligned: |
143 | PPC_MTOCRF 0x01,r6 # put #bytes to 8B bdry into cr7 | 157 | PPC_MTOCRF 0x01,r6 # put #bytes to 8B bdry into cr7 |