From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from eggs.gnu.org ([2001:4830:134:3::10]:37824) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1VdjK4-0007Rc-KR for qemu-devel@nongnu.org; Tue, 05 Nov 2013 11:17:49 -0500 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1VdjJz-0007Ok-QE for qemu-devel@nongnu.org; Tue, 05 Nov 2013 11:17:44 -0500 Received: from mail-la0-x229.google.com ([2a00:1450:4010:c03::229]:62473) by eggs.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1VdjJz-0007Od-HI for qemu-devel@nongnu.org; Tue, 05 Nov 2013 11:17:39 -0500 Received: by mail-la0-f41.google.com with SMTP id ea20so1404710lab.28 for ; Tue, 05 Nov 2013 08:17:38 -0800 (PST) Date: Tue, 5 Nov 2013 20:24:23 +0400 From: Antony Pavlov Message-Id: <20131105202423.29dd58b873d2b07c46c32d0e@gmail.com> In-Reply-To: <20131105124713.24131.16100.malonedeb@gac.canonical.com> References: <20131105124713.24131.16100.malonedeb@gac.canonical.com> <20131105124713.24131.16100.malonedeb@gac.canonical.com> Mime-Version: 1.0 Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: quoted-printable Subject: Re: [Qemu-devel] [Bug 1248168] [NEW] MIPS, self-modifying code and uncached memory List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , To: Bug 1248168 <1248168@bugs.launchpad.net> Cc: Nikita Kanunnikov , qemu-devel@nongnu.org On Tue, 05 Nov 2013 12:47:13 -0000 Nikita Kanunnikov wrote: Could you please provide some additional information for error reproducing? (qemu version, necessary binary files, qemu cmdline etc) Par exemple I have tried to reproduce your error on qemu-1.6.1. I use qemu-system-mips (so it's big-endian) and the "-M malta -m 256" optio= ns. I have put your code starting at 0xa0000000 (kseg1 first address). Here is a part of my gdb log: =3D> 0xa0000390: 00 00 50 25 move t2,zero (gdb) stepi =3D> 0xa0000394: 34 0b 00 02 li t3,0x2 (gdb) stepi =3D> 0xa0000398: 01 4b 50 23 subu t2,t2,t3 (gdb) stepi =3D> 0xa000039c: 0b 3c 00 e9 j 0xacf003a4 (gdb) In fact there is no problem with 0xacf003a4 address. It is normal KSEG1 RAM= address on Malta with 256M RAM! May be it contains some rational code. Could you describe step-by-step what you have done exactly to reproduce the= error? > Public bug reported: >=20 > Self-modifying code does not work properly in MIPS in uncached and > unmapped kseg1 memory region. >=20 > For example, when running this code I get unexpected behavior: >=20 > 0: e3000010 b 0x390 > 4: 00000000 nop > ... > 380: 00701f40 mfc0 ra,c0_epc > 384: 0400e0bb swr zero,4(ra) > 388: 18000042 eret > 38c: 00000000 nop > 390: 25500000 move t2,zero > 394: 02000b34 li t3,0x2 > 398: 23504b01 subu t2,t2,t3 > 39c: e9003c0b j 0xcf003a4 > 3a0: 0a004a21 addi t2,t2,10 > 3a4: ffff0010 b 0x3a4 > 3a8: 00000000 nop > 3ac: 00000000 nop >=20 > I expect that swr instruction in line 384 would change `addi t2,t2,1`0 = to `nop` > This should work because no cache is used for this memory region. >=20 > ** Affects: qemu > Importance: Undecided > Status: New >=20 > --=20 > You received this bug notification because you are a member of qemu- > devel-ml, which is subscribed to QEMU. > https://bugs.launchpad.net/bugs/1248168 >=20 > Title: > MIPS, self-modifying code and uncached memory >=20 > Status in QEMU: > New >=20 > Bug description: > Self-modifying code does not work properly in MIPS in uncached and > unmapped kseg1 memory region. >=20 > For example, when running this code I get unexpected behavior: >=20 > 0: e3000010 b 0x390 > 4: 00000000 nop > ... > 380: 00701f40 mfc0 ra,c0_epc > 384: 0400e0bb swr zero,4(ra) > 388: 18000042 eret > 38c: 00000000 nop > 390: 25500000 move t2,zero > 394: 02000b34 li t3,0x2 > 398: 23504b01 subu t2,t2,t3 > 39c: e9003c0b j 0xcf003a4 > 3a0: 0a004a21 addi t2,t2,10 > 3a4: ffff0010 b 0x3a4 > 3a8: 00000000 nop > 3ac: 00000000 nop >=20 > I expect that swr instruction in line 384 would change `addi t2,t2,1`= 0 to `nop` > This should work because no cache is used for this memory region. >=20 > To manage notifications about this bug go to: > https://bugs.launchpad.net/qemu/+bug/1248168/+subscriptions >=20 --=20 --=A0 Best regards, =A0 Antony Pavlov