>Number:         1833
>Category:       port-i386
>Synopsis:       integer overflow generates SIGSEG, not SIGFPE
>Confidential:   no
>Severity:       serious
>Priority:       medium
>Responsible:    gnats-admin (GNATS administrator)
>State:          open
>Class:          sw-bug
>Submitter-Id:   net
>Arrival-Date:   Tue Dec 12 13:35:01 1995
>Last-Modified:
>Originator:     Kenneth Cline
>Organization:
Carnegie Mellon University
		School of Computer Science
>Release:        1.0A, 1.1
>Environment:
System: NetBSD asm.fox.cs.cmu.edu 1.0A NetBSD 1.0A (INSTALL) #14: Mon May 15 16:03:18 PDT 1995 cgd@pain.cs.berkeley.edu:/b/users/cgd/src/sys/arch/i386/compile/INSTALL i386
		(and others)


>Description:

	Execution of the "into" (integer overflow) instruction with
	the overflow flag set results in SIGSEG being sent to the
	user process, rather than the expected SIGFPE.

>How-To-Repeat:

	Compile and execute the following assembly program:

		.file	"foo.c"
	gcc2_compiled.:
	___gnu_compiled_c:
	.text
		.align 2
	.globl _main
		.type	 _main,@function
	_main:
		pushl %ebp
		movl %esp,%ebp
		subl $4,%esp
		call ___main
		movl $1,-4(%ebp)
	L2:
		cmpl $0,-4(%ebp)
		je L3
	L4:
		movl -4(%ebp),%eax
		addl %eax,-4(%ebp)
		into
		jmp L2
		.align 2,0x90
	L3:
	L1:
		leave
		ret
	Lfe1:
		.size	 _main,Lfe1-_main


>Fix:
	The function init386 in src/sys/arch/i386/i386/machdep.c should
	not mask user generated ofl traps.  That is, line 1056 (in my
	"current" sources) should read:

	    setgate(&idt[  4], &IDTVEC(ofl),     0, SDT_SYS386TGT, SEL_UPL);

	In place of SEL_UPL, netbsd currently has SEL_KPL.

Thanks for your help in this matter.

	Ken Cline
>Audit-Trail:
>Unformatted: