#4031 closed defect (fixed)

i386: ISR can overwrite its own stack during system initialization (cloned)

Reported by: Jan Sommer Owned by: Jan Sommer <jan.sommer@…>
Priority: normal Milestone: 6.1
Component: arch/i386 Version: 6
Severity: major Keywords:
Cc: Blocked By:
Blocking:

Description

Cloned from #4030:


During testing the rtems-libbsd examples, we experienced GP exceptions from within the ISR from time to time during initalization.

When the init task is restored for the first time and the a pending interrupt is available, an ISR could overwrite its own return address if it is spawned between restoring the eflags register and restoring the esp register.

Change History (1)

comment:1 Changed on Jul 29, 2020 at 9:39:17 AM by Jan Sommer <jan.sommer@…>

Owner: set to Jan Sommer <jan.sommer@…>
Resolution: fixed
Status: newclosed

In 21c7e3a/rtems:

i386: Fix possible race condition on first context restore

Make sure that the esp is restored before the eflags register.

When the init task is initially restored, system interrupts are activated when the
eflags register is loaded.
If the esp register still points to an address in the interrupt stack
area (from early system initlization) the ISR might overwrite its own
stack.

Closes #4031

Note: See TracTickets for help on using tickets.