Re: [Qemu-devel] [Bug 1248168] [NEW] MIPS, self-modifying code and uncached memory

qemu-devel.nongnu.org archive mirror
 help / color / mirror / Atom feed

From: Antony Pavlov <antonynpavlov@gmail.com>
To: Bug 1248168 <1248168@bugs.launchpad.net>
Cc: Nikita Kanunnikov <n.kanunnikov@sbtcom.ru>, qemu-devel@nongnu.org
Subject: Re: [Qemu-devel] [Bug 1248168] [NEW] MIPS, self-modifying code and uncached memory
Date: Tue, 5 Nov 2013 20:24:23 +0400	[thread overview]
Message-ID: <20131105202423.29dd58b873d2b07c46c32d0e@gmail.com> (raw)
In-Reply-To: <20131105124713.24131.16100.malonedeb@gac.canonical.com>

On Tue, 05 Nov 2013 12:47:13 -0000
Nikita Kanunnikov <n.kanunnikov@sbtcom.ru> wrote:

Could you please provide some additional information for error reproducing?
(qemu version, necessary binary files, qemu cmdline etc)

Par exemple I have tried to reproduce your error on qemu-1.6.1.

I use qemu-system-mips (so it's big-endian) and the "-M malta -m 256" options.

I have put your code starting at 0xa0000000 (kseg1 first address).

Here is a part of my gdb log:

=> 0xa0000390:   00 00 50 25    move    t2,zero
(gdb) stepi
=> 0xa0000394:   34 0b 00 02    li      t3,0x2
(gdb) stepi
=> 0xa0000398:   01 4b 50 23    subu    t2,t2,t3
(gdb) stepi
=> 0xa000039c:   0b 3c 00 e9    j       0xacf003a4
(gdb)

In fact there is no problem with 0xacf003a4 address. It is normal KSEG1 RAM address
on Malta with 256M RAM! May be it contains some rational code.

Could you describe step-by-step what you have done exactly to reproduce the error?

> Public bug reported:
> 
> Self-modifying code does not work properly in MIPS in uncached and
> unmapped kseg1 memory region.
> 
> For example, when running this code I get unexpected behavior:
> 
>    0:	e3000010 	b	0x390
>    4:	00000000 	nop
> 	...
>  380:	00701f40 	mfc0	ra,c0_epc
>  384:	0400e0bb 	swr	zero,4(ra)
>  388:	18000042 	eret
>  38c:	00000000 	nop
>  390:	25500000 	move	t2,zero
>  394:	02000b34 	li	t3,0x2
>  398:	23504b01 	subu	t2,t2,t3
>  39c:	e9003c0b 	j	0xcf003a4
>  3a0:	0a004a21 	addi	t2,t2,10
>  3a4:	ffff0010 	b	0x3a4
>  3a8:	00000000 	nop
>  3ac:	00000000 	nop
> 
>   I expect that swr instruction in line 384 would change `addi	t2,t2,1`0 to `nop`
> This should work because no cache is used for this memory region.
> 
> ** Affects: qemu
>      Importance: Undecided
>          Status: New
> 
> -- 
> You received this bug notification because you are a member of qemu-
> devel-ml, which is subscribed to QEMU.
> https://bugs.launchpad.net/bugs/1248168
> 
> Title:
>   MIPS, self-modifying code and uncached memory
> 
> Status in QEMU:
>   New
> 
> Bug description:
>   Self-modifying code does not work properly in MIPS in uncached and
>   unmapped kseg1 memory region.
> 
>   For example, when running this code I get unexpected behavior:
> 
>      0:	e3000010 	b	0x390
>      4:	00000000 	nop
>   	...
>    380:	00701f40 	mfc0	ra,c0_epc
>    384:	0400e0bb 	swr	zero,4(ra)
>    388:	18000042 	eret
>    38c:	00000000 	nop
>    390:	25500000 	move	t2,zero
>    394:	02000b34 	li	t3,0x2
>    398:	23504b01 	subu	t2,t2,t3
>    39c:	e9003c0b 	j	0xcf003a4
>    3a0:	0a004a21 	addi	t2,t2,10
>    3a4:	ffff0010 	b	0x3a4
>    3a8:	00000000 	nop
>    3ac:	00000000 	nop
> 
>     I expect that swr instruction in line 384 would change `addi	t2,t2,1`0 to `nop`
>   This should work because no cache is used for this memory region.
> 
> To manage notifications about this bug go to:
> https://bugs.launchpad.net/qemu/+bug/1248168/+subscriptions
> 


-- 
-- 
Best regards,
  Antony Pavlov

next prev parent reply	other threads:[~2013-11-05 16:17 UTC|newest]

Thread overview: 5+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2013-11-05 12:47 [Qemu-devel] [Bug 1248168] [NEW] MIPS, self-modifying code and uncached memory Nikita Kanunnikov
2013-11-05 16:24 ` Antony Pavlov [this message]
2013-11-06 19:42 ` [Qemu-devel] [Bug 1248168] " Petar Jovanovic
2017-01-23 17:48 ` Thomas Huth
2017-03-25  4:17 ` Launchpad Bug Tracker

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=20131105202423.29dd58b873d2b07c46c32d0e@gmail.com \
    --to=antonynpavlov@gmail.com \
    --cc=1248168@bugs.launchpad.net \
    --cc=n.kanunnikov@sbtcom.ru \
    --cc=qemu-devel@nongnu.org \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).