From: Stefan Weil <weil@mail.berlios.de>
To: qemu-devel@nongnu.org
Subject: Re: [Qemu-devel] Problems with MIPS full system emulation and breakpoints: also for FPU emulation
Date: Thu, 03 May 2007 22:28:01 +0200 [thread overview]
Message-ID: <463A45D1.1000909@mail.berlios.de> (raw)
In-Reply-To: <4629005B.7030301@windriver.com>
A similar patch for EXCP_AdEL seems to fix the problems
with Linux floating point emulation.
Linux uses self modifying code on the stack in the FPU emulation
and terminates this code using "lw zero,1(zero)"
(which raises EXCP_AdEL).
Sometimes, a system call which follows and is also on the stack
does not raise EXCP_SYSCALL but raises EXCP_AdEL, so the calling
process gets a signal SIGILL.
I tested this by running aptitude on Debian 4.0.
It crashs with 4KEc (no FPU, CVS HEAD).
It works with default CPU (FPU, CVS HEAD).
It works with 4KEc (no FPU, patched CVS HEAD).
Stefan
Jason Wessel schrieb:
>
> It seems there is an issue with the translation block flushing when
> writing to the code regions in the MIPS full system emulation. Using
> a 2.6 kernel which is basically running in single user mode, I use an
> extremely simple program:
>
> ...
> To illustrate the problem further, I attached a patch that makes this
> problem go away. Of course this is not the right fix, because it only
> deals with the breakpoint opcode and does not isolate the translated
> block that had the instruction that changed. In theory you should be
> able to modify any part of the instruction code from another process
> with ptrace.
> Are there any suggestions as to how to fix this the right way? The
> real hardware of course does not exhibit this issue.
>
> Thanks,
> Jason.
>
>
> ------------------------------------------------------------------------
>
> Index: qemu/target-mips/helper.c
> ===================================================================
> --- qemu.orig/target-mips/helper.c
> +++ qemu/target-mips/helper.c
> @@ -360,6 +360,7 @@ void do_interrupt (CPUState *env)
> goto set_EPC;
> case EXCP_BREAK:
> cause = 9;
> + tb_flush(env);
> goto set_EPC;
> case EXCP_RI:
> cause = 10;
prev parent reply other threads:[~2007-05-03 20:34 UTC|newest]
Thread overview: 5+ messages / expand[flat|nested] mbox.gz Atom feed top
2007-04-20 18:03 [Qemu-devel] Problems with MIPS full system emulation and breakpoints Jason Wessel
2007-04-20 18:22 ` Daniel Jacobowitz
2007-09-10 15:34 ` Daniel Jacobowitz
2007-09-11 10:03 ` Thiemo Seufer
2007-05-03 20:28 ` Stefan Weil [this message]
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=463A45D1.1000909@mail.berlios.de \
--to=weil@mail.berlios.de \
--cc=qemu-devel@nongnu.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).