qemu-devel.nongnu.org archive mirror
 help / color / mirror / Atom feed
From: Richard Henderson <rth@twiddle.net>
To: Leon Alrae <leon.alrae@imgtec.com>, qemu-devel@nongnu.org
Cc: aurelien@aurel32.net
Subject: Re: [Qemu-devel] [PATCH] target-mips: apply workaround for TCG optimizations for MFC1
Date: Wed, 15 Jul 2015 10:46:37 +0100	[thread overview]
Message-ID: <55A62BFD.6010108@twiddle.net> (raw)
In-Reply-To: <1436891912-14742-1-git-send-email-leon.alrae@imgtec.com>

On 07/14/2015 05:38 PM, Leon Alrae wrote:
> There seems to be an issue when trying to keep a pointer in bottom 32-bits
> of a 64-bit floating point register. Load and store instructions accessing
> this address for some reason use the whole 64-bit content of floating point
> register rather than truncated 32-bit value. The following load uses
> incorrect address which leads to a crash if upper 32 bits of $f0 isn't 0:
>
> 0x00400c60:  mfc1       t8,$f0
> 0x00400c64:  lw t9,0(t8)
>
> It can be reproduced with the following linux userland program when running
> on a MIPS32 with CP0.Status.FR=1 (by default mips32r5-generic and
> mips32r6-generic CPUs have this bit set in linux-user).
>
> int main(int argc, char *argv[])
> {
>      int tmp = 0x11111111;
>      /* Set f0 */
>      __asm__ ("mtc1  %0, $f0\n"
>               "mthc1 %1, $f0\n"
>               : : "r" (&tmp), "r" (tmp));
>      /* At this point $f0: w:76fff040 d:1111111176fff040 */
>      __asm__ ("mfc1 $t8, $f0\n"
>               "lw   $t9, 0($t8)\n"); /* <--- crash! */
>      return 0;
> }

What compilation options, exactly?  I'm having trouble reproducing.
Alternately, perhaps you can send me a binary.


r~

  parent reply	other threads:[~2015-07-15  9:46 UTC|newest]

Thread overview: 14+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2015-07-14 16:38 [Qemu-devel] [PATCH] target-mips: apply workaround for TCG optimizations for MFC1 Leon Alrae
2015-07-14 17:09 ` Aurelien Jarno
2015-07-14 18:20   ` Paolo Bonzini
2015-07-14 18:37     ` Aurelien Jarno
2015-07-14 20:56       ` Paolo Bonzini
2015-07-14 22:09         ` Aurelien Jarno
2015-07-15  7:31           ` Paolo Bonzini
2015-07-15  8:06             ` Aurelien Jarno
2015-07-15 10:02               ` Richard Henderson
2015-07-15 10:14                 ` Aurelien Jarno
2015-07-15 10:16                   ` Aurelien Jarno
2015-07-15 11:31                   ` Paolo Bonzini
2015-07-15  9:46 ` Richard Henderson [this message]
2015-07-15  9:59   ` Aurelien Jarno

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=55A62BFD.6010108@twiddle.net \
    --to=rth@twiddle.net \
    --cc=aurelien@aurel32.net \
    --cc=leon.alrae@imgtec.com \
    --cc=qemu-devel@nongnu.org \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line before the message body. 
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).