[PATCH 2.6.27] [POWERPC] Invalidate all TLB entries in a specifiedrange
From: Rocky Craig
Date: Thu Aug 14 2008 - 09:12:14 EST
From: Rocky Craig <rocky.craig@xxxxxx>
The apparent intent of "flush_tlbs" is to invalidate TLB entries that
might match in the address range 0 to 0x00400000. A loop counter is
set up at the high value and decremented by page size. However, the
loop is only done once as the sense of the conditional branch at the
loop end does not match the setup/decrement.
Signed-off-by: Rocky Craig <rocky.craig@xxxxxx>
---
Source is from 2.6.27 development, but the bug appears as far back as 2.4.0.
The small user-space program below demonstrates the loop behavior. It was
compiled via crosstool gcc 3.4.5 / glibc 2.3.6 for an MPC8347 target.
int main()
{
long endval; // 16(r31)
__asm__ __volatile__(
" lis 10,0x40\n"
"1: addic. 10,10,-0x1000\n"
" bgt 1b\n"
" stw 10,16(31)\n"); // endval
printf("end value = 0x%08lx\n", endval);
}
This might win the prize for "Smallest actual code patch ever".
--- a/arch/powerpc/kernel/head_32.S.orig 2008-07-24 19:25:09.000000000 -0600
+++ a/arch/powerpc/kernel/head_32.S 2008-07-24 19:25:22.000000000 -0600
@@ -1155,7 +1155,7 @@ flush_tlbs:
lis r10, 0x40
1: addic. r10, r10, -0x1000
tlbie r10
- blt 1b
+ bgt 1b
sync
blr
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/