From: "Kevin D. Kissell" <kevink@mips.com>
To: "Harald Koerfgen" <Harald.Koerfgen@home.ivm.de>
Cc: "Linux SGI" <linux@cthulhu.engr.sgi.com>, <linux-mips@fnet.fr>,
<linux-mips@vger.rutgers.edu>
Subject: Re: FP emulation patch available
Date: Sun, 12 Mar 2000 14:03:35 +0100 [thread overview]
Message-ID: <008a01bf8c23$65dd01f0$0ceca8c0@satanas.mips.com> (raw)
[-- Attachment #1: Type: text/plain, Size: 1203 bytes --]
>My DS 5000/133 (R3000A) with FPU disabled and FPU emulation shows:
> Illegal instruction 00000034 at 801ce924, ...
>
>System.map shows:
> 801ce920 b dsemul_insns
> 801ce928 b dsemul_cpc
>
>Looks like your trick in mips_dsemul() doesn't work too well for ISA-I CPUs. Do
>you have an idea for an alternative?
I have come up with a slightly-less-pretty hack that uses the
Load Address Error trap instead of the Trap instruction to force
kernel entry in the delay slot emulator. It seems just as functional
as the previous version (i.e. operational but "paranoia" finds an
exponentiation problem), and is currently being tortured with crashme
to see if it holds up under corrupted instruction streams and corrupted
process states. I attach a pseudo-patch (cvs diff -c output) for the changes
relative to the version obtained by applying the previous patches on the
paralogos.com server, and would appreicate verification that it does
indeed work on an R3K. If it does, I'll check it into the MIPS repository
and it will be included in the next web distribution (and maybe our
CD-ROMS).
My apologies to those of you whose mailers can't handle
attachments.
Regards,
Kevin K.
[-- Attachment #2: cp1emu.patch --]
[-- Type: application/octet-stream, Size: 3411 bytes --]
Index: cp1emu.c
===================================================================
RCS file: /home/repository/sw/linux-2.2.12/linux/arch/mips/fpu_emulator/cp1emu.c,v
retrieving revision 1.5
diff -c -r1.5 cp1emu.c
*** cp1emu.c 2000/02/27 15:19:18 1.5
--- cp1emu.c 2000/03/12 12:24:06
***************
*** 767,772 ****
--- 767,774 ----
static unsigned int dsemul_sr;
static void *dsemul_osys;
+ #define AdEL 4
+ #define AdELOAD 0x8fa00001
int
do_dsemulret(struct pt_regs *xcp)
***************
*** 774,781 ****
#ifdef DSEMUL_TRACE
_mon_printf ("desemulret\n");
#endif
! /* Restore previous Trap instruction vector */
! (void)set_except_vector(13, dsemul_osys);
/* Set EPC to return to post-branch instruction */
xcp->cp0_epc = VA_TO_REG (dsemul_cpc);
/*
--- 776,783 ----
#ifdef DSEMUL_TRACE
_mon_printf ("desemulret\n");
#endif
! /* Restore previous exception vector */
! (void)set_except_vector(AdEL, dsemul_osys);
/* Set EPC to return to post-branch instruction */
xcp->cp0_epc = VA_TO_REG (dsemul_cpc);
/*
***************
*** 811,833 ****
*/
dsemul_insns = (mips_instruction *)(xcp->regs[29] & ~3);
dsemul_insns -= 3; /* Two instructions, plus one for luck ;-) */
! /* Verify that space exists, or can be grown, on the stack */
if(verify_area(VERIFY_WRITE, dsemul_insns, sizeof(mips_instruction)*2))
return SIGBUS;
dsemul_insns[0] = ir;
/*
* Algorithmics used a system call instruction, and
! * borrowed that vector. It seems more prudent, and
! * is simpler in Linux, to use a TEQ instruction, though
! * this does require a MIPS II CPU.
*/
- #define TEQ_R0_R0 0x00000034
- dsemul_insns[1] = TEQ_R0_R0;
dsemul_cpc = cpc;
dsemul_sr = xcp->cp0_status;
! dsemul_osys = set_except_vector(13, handle_dsemulret);
xcp->cp0_epc = VA_TO_REG &dsemul_insns[0];
xcp->cp0_status &= ~ST0_IM; /* interrupt disabled inside dsemul! */
--- 813,841 ----
*/
dsemul_insns = (mips_instruction *)(xcp->regs[29] & ~3);
dsemul_insns -= 3; /* Two instructions, plus one for luck ;-) */
! /* Verify that the stack pointer is not competely insane */
if(verify_area(VERIFY_WRITE, dsemul_insns, sizeof(mips_instruction)*2))
return SIGBUS;
dsemul_insns[0] = ir;
/*
* Algorithmics used a system call instruction, and
! * borrowed that vector. As that would be catastrophic
! * if a reschedule happens, a TEQ instruction was used
! * in early versions of the Linux kernel emulator, since
! * Linux does nothing useful with Trap instructions.
! * That does not work on R3000s, however, so here we
! * steal the Address Error on Load vector and
! * generate an address error on an unaligned load.
*/
+ /* If one is *really* paranoid, one tests for a bad stack pointer */
+ if((xcp->regs[29] & 0x3) == 0x3) dsemul_insns[1] = AdELOAD - 1;
+ else dsemul_insns[1] = AdELOAD;
+
dsemul_cpc = cpc;
dsemul_sr = xcp->cp0_status;
! dsemul_osys = set_except_vector(AdEL, handle_dsemulret);
xcp->cp0_epc = VA_TO_REG &dsemul_insns[0];
xcp->cp0_status &= ~ST0_IM; /* interrupt disabled inside dsemul! */
WARNING: multiple messages have this Message-ID (diff)
From: "Kevin D. Kissell" <kevink@mips.com>
To: Harald Koerfgen <Harald.Koerfgen@home.ivm.de>
Cc: Linux SGI <linux@cthulhu.engr.sgi.com>,
linux-mips@fnet.fr, linux-mips@vger.rutgers.edu
Subject: Re: FP emulation patch available
Date: Sun, 12 Mar 2000 14:03:35 +0100 [thread overview]
Message-ID: <008a01bf8c23$65dd01f0$0ceca8c0@satanas.mips.com> (raw)
Message-ID: <20000312130335.ukQiQwQmY4IaZ7Gb_IgLEwfzRglf0GzvEUOnT5Iut2M@z> (raw)
[-- Attachment #1: Type: text/plain, Size: 1203 bytes --]
>My DS 5000/133 (R3000A) with FPU disabled and FPU emulation shows:
> Illegal instruction 00000034 at 801ce924, ...
>
>System.map shows:
> 801ce920 b dsemul_insns
> 801ce928 b dsemul_cpc
>
>Looks like your trick in mips_dsemul() doesn't work too well for ISA-I CPUs. Do
>you have an idea for an alternative?
I have come up with a slightly-less-pretty hack that uses the
Load Address Error trap instead of the Trap instruction to force
kernel entry in the delay slot emulator. It seems just as functional
as the previous version (i.e. operational but "paranoia" finds an
exponentiation problem), and is currently being tortured with crashme
to see if it holds up under corrupted instruction streams and corrupted
process states. I attach a pseudo-patch (cvs diff -c output) for the changes
relative to the version obtained by applying the previous patches on the
paralogos.com server, and would appreicate verification that it does
indeed work on an R3K. If it does, I'll check it into the MIPS repository
and it will be included in the next web distribution (and maybe our
CD-ROMS).
My apologies to those of you whose mailers can't handle
attachments.
Regards,
Kevin K.
[-- Attachment #2: cp1emu.patch --]
[-- Type: application/octet-stream, Size: 3411 bytes --]
Index: cp1emu.c
===================================================================
RCS file: /home/repository/sw/linux-2.2.12/linux/arch/mips/fpu_emulator/cp1emu.c,v
retrieving revision 1.5
diff -c -r1.5 cp1emu.c
*** cp1emu.c 2000/02/27 15:19:18 1.5
--- cp1emu.c 2000/03/12 12:24:06
***************
*** 767,772 ****
--- 767,774 ----
static unsigned int dsemul_sr;
static void *dsemul_osys;
+ #define AdEL 4
+ #define AdELOAD 0x8fa00001
int
do_dsemulret(struct pt_regs *xcp)
***************
*** 774,781 ****
#ifdef DSEMUL_TRACE
_mon_printf ("desemulret\n");
#endif
! /* Restore previous Trap instruction vector */
! (void)set_except_vector(13, dsemul_osys);
/* Set EPC to return to post-branch instruction */
xcp->cp0_epc = VA_TO_REG (dsemul_cpc);
/*
--- 776,783 ----
#ifdef DSEMUL_TRACE
_mon_printf ("desemulret\n");
#endif
! /* Restore previous exception vector */
! (void)set_except_vector(AdEL, dsemul_osys);
/* Set EPC to return to post-branch instruction */
xcp->cp0_epc = VA_TO_REG (dsemul_cpc);
/*
***************
*** 811,833 ****
*/
dsemul_insns = (mips_instruction *)(xcp->regs[29] & ~3);
dsemul_insns -= 3; /* Two instructions, plus one for luck ;-) */
! /* Verify that space exists, or can be grown, on the stack */
if(verify_area(VERIFY_WRITE, dsemul_insns, sizeof(mips_instruction)*2))
return SIGBUS;
dsemul_insns[0] = ir;
/*
* Algorithmics used a system call instruction, and
! * borrowed that vector. It seems more prudent, and
! * is simpler in Linux, to use a TEQ instruction, though
! * this does require a MIPS II CPU.
*/
- #define TEQ_R0_R0 0x00000034
- dsemul_insns[1] = TEQ_R0_R0;
dsemul_cpc = cpc;
dsemul_sr = xcp->cp0_status;
! dsemul_osys = set_except_vector(13, handle_dsemulret);
xcp->cp0_epc = VA_TO_REG &dsemul_insns[0];
xcp->cp0_status &= ~ST0_IM; /* interrupt disabled inside dsemul! */
--- 813,841 ----
*/
dsemul_insns = (mips_instruction *)(xcp->regs[29] & ~3);
dsemul_insns -= 3; /* Two instructions, plus one for luck ;-) */
! /* Verify that the stack pointer is not competely insane */
if(verify_area(VERIFY_WRITE, dsemul_insns, sizeof(mips_instruction)*2))
return SIGBUS;
dsemul_insns[0] = ir;
/*
* Algorithmics used a system call instruction, and
! * borrowed that vector. As that would be catastrophic
! * if a reschedule happens, a TEQ instruction was used
! * in early versions of the Linux kernel emulator, since
! * Linux does nothing useful with Trap instructions.
! * That does not work on R3000s, however, so here we
! * steal the Address Error on Load vector and
! * generate an address error on an unaligned load.
*/
+ /* If one is *really* paranoid, one tests for a bad stack pointer */
+ if((xcp->regs[29] & 0x3) == 0x3) dsemul_insns[1] = AdELOAD - 1;
+ else dsemul_insns[1] = AdELOAD;
+
dsemul_cpc = cpc;
dsemul_sr = xcp->cp0_status;
! dsemul_osys = set_except_vector(AdEL, handle_dsemulret);
xcp->cp0_epc = VA_TO_REG &dsemul_insns[0];
xcp->cp0_status &= ~ST0_IM; /* interrupt disabled inside dsemul! */
next reply other threads:[~2000-03-12 13:22 UTC|newest]
Thread overview: 38+ messages / expand[flat|nested] mbox.gz Atom feed top
2000-03-12 13:03 Kevin D. Kissell [this message]
2000-03-12 13:03 ` FP emulation patch available Kevin D. Kissell
2000-03-12 21:23 ` Harald Koerfgen
-- strict thread matches above, loose matches on Subject: below --
2000-03-21 22:27 Kevin D. Kissell
2000-03-21 22:27 ` Kevin D. Kissell
2000-03-13 23:20 Kevin D. Kissell
2000-03-13 23:20 ` Kevin D. Kissell
2000-03-14 18:15 ` Harald Koerfgen
2000-03-13 8:33 Kevin D. Kissell
2000-03-13 8:33 ` Kevin D. Kissell
2000-03-13 13:46 ` Alan Cox
2000-03-13 13:46 ` Alan Cox
2000-03-13 19:05 ` Harald Koerfgen
2000-03-13 19:05 ` Harald Koerfgen
2000-03-13 17:46 ` Ralf Baechle
2000-03-13 20:13 ` William J. Earl
2000-03-14 18:50 ` Andrew R. Baker
[not found] ` <200003142317.XAA00644@gladsmuir.algor.co.uk>
2000-03-15 14:35 ` Kevin D. Kissell
2000-03-12 21:52 Kevin D. Kissell
2000-03-12 21:52 ` Kevin D. Kissell
2000-03-13 22:22 ` Harald Koerfgen
2000-03-08 20:12 Kevin D. Kissell
2000-03-08 20:12 ` Kevin D. Kissell
2000-03-09 2:03 ` Warner Losh
[not found] ` <200003082223.WAA00605@gladsmuir.algor.co.uk>
2000-03-09 2:13 ` Warner Losh
2000-03-09 20:20 ` Harald Koerfgen
2000-03-08 9:43 Kevin D. Kissell
2000-03-08 9:43 ` Kevin D. Kissell
2000-03-08 17:02 ` Richard van den Berg
2000-03-08 18:43 ` Harald Koerfgen
2000-03-07 4:12 Andrew R. Baker
[not found] ` <097a01bf87eb$ebe4d4d0$b8119526@ltc.com>
[not found] ` <200003071022.KAA00275@gladsmuir.algor.co.uk>
2000-03-07 12:08 ` Jay Carlson
2000-03-07 12:08 ` Jay Carlson
2000-03-08 16:25 ` Ralf Baechle
2000-03-08 16:18 ` Ralf Baechle
[not found] ` <38C4C328.9656C68E@niisi.msk.ru>
2000-03-07 18:54 ` Andrew R. Baker
2000-03-07 19:43 ` Harald Koerfgen
2000-03-08 16:11 ` Ralf Baechle
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to='008a01bf8c23$65dd01f0$0ceca8c0@satanas.mips.com' \
--to=kevink@mips.com \
--cc=Harald.Koerfgen@home.ivm.de \
--cc=linux-mips@fnet.fr \
--cc=linux-mips@vger.rutgers.edu \
--cc=linux@cthulhu.engr.sgi.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox