* [PATCH] MIPS: R2-on-R6 emulation bugfix of BLEZL and BGTZL instructions
@ 2016-11-07 18:39 ` Leonid Yegoshin
0 siblings, 0 replies; 4+ messages in thread
From: Leonid Yegoshin @ 2016-11-07 18:39 UTC (permalink / raw)
To: linux-mips, paul.burton, linux-kernel, ralf, yamada.masahiro, macro
MIPS R2 emulation doesn't take into account that BLEZL and BGTZL instructions
require register RT = 0. If it is not zero it can be some legitimate MIPS R6
instruction.
Problem happens after emulation optimization then emulation routine tries
to pipeline emulation and after emulation of one instruction it picks up
a next candidate. In single pass strategy it does not happen because CPU
doesn't trap on branch-compacts which share opcode space with BLEZL/BGTZL
(but has RT != 0, of course).
Signed-off-by: Leonid Yegoshin <Leonid.Yegoshin@imgtec.com>
Reported-by: Douglas Leung <Douglas.Leung@imgtec.com>
---
arch/mips/kernel/mips-r2-to-r6-emul.c | 11 +++++++++--
1 file changed, 9 insertions(+), 2 deletions(-)
diff --git a/arch/mips/kernel/mips-r2-to-r6-emul.c b/arch/mips/kernel/mips-r2-to-r6-emul.c
index 22dedd62818a..b0c86b08c0b9 100644
--- a/arch/mips/kernel/mips-r2-to-r6-emul.c
+++ b/arch/mips/kernel/mips-r2-to-r6-emul.c
@@ -919,6 +919,7 @@ int mipsr2_decoder(struct pt_regs *regs, u32 inst, unsigned long *fcr31)
BUG();
return SIGEMT;
}
+ err = 0;
pr_debug("Emulating the 0x%08x R2 instruction @ 0x%08lx (pass=%d))\n",
inst, epc, pass);
@@ -1096,10 +1097,16 @@ int mipsr2_decoder(struct pt_regs *regs, u32 inst, unsigned long *fcr31)
}
break;
- case beql_op:
- case bnel_op:
case blezl_op:
case bgtzl_op:
+ /* return MIPS R6 instruction to CPU execution */
+ if (MIPSInst_RT(inst)) {
+ err = SIGILL;
+ break;
+ }
+
+ case beql_op:
+ case bnel_op:
if (delay_slot(regs)) {
err = SIGILL;
break;
^ permalink raw reply related [flat|nested] 4+ messages in thread
* [PATCH] MIPS: R2-on-R6 emulation bugfix of BLEZL and BGTZL instructions
@ 2016-11-07 18:39 ` Leonid Yegoshin
0 siblings, 0 replies; 4+ messages in thread
From: Leonid Yegoshin @ 2016-11-07 18:39 UTC (permalink / raw)
To: linux-mips, paul.burton, linux-kernel, ralf, yamada.masahiro, macro
MIPS R2 emulation doesn't take into account that BLEZL and BGTZL instructions
require register RT = 0. If it is not zero it can be some legitimate MIPS R6
instruction.
Problem happens after emulation optimization then emulation routine tries
to pipeline emulation and after emulation of one instruction it picks up
a next candidate. In single pass strategy it does not happen because CPU
doesn't trap on branch-compacts which share opcode space with BLEZL/BGTZL
(but has RT != 0, of course).
Signed-off-by: Leonid Yegoshin <Leonid.Yegoshin@imgtec.com>
Reported-by: Douglas Leung <Douglas.Leung@imgtec.com>
---
arch/mips/kernel/mips-r2-to-r6-emul.c | 11 +++++++++--
1 file changed, 9 insertions(+), 2 deletions(-)
diff --git a/arch/mips/kernel/mips-r2-to-r6-emul.c b/arch/mips/kernel/mips-r2-to-r6-emul.c
index 22dedd62818a..b0c86b08c0b9 100644
--- a/arch/mips/kernel/mips-r2-to-r6-emul.c
+++ b/arch/mips/kernel/mips-r2-to-r6-emul.c
@@ -919,6 +919,7 @@ int mipsr2_decoder(struct pt_regs *regs, u32 inst, unsigned long *fcr31)
BUG();
return SIGEMT;
}
+ err = 0;
pr_debug("Emulating the 0x%08x R2 instruction @ 0x%08lx (pass=%d))\n",
inst, epc, pass);
@@ -1096,10 +1097,16 @@ int mipsr2_decoder(struct pt_regs *regs, u32 inst, unsigned long *fcr31)
}
break;
- case beql_op:
- case bnel_op:
case blezl_op:
case bgtzl_op:
+ /* return MIPS R6 instruction to CPU execution */
+ if (MIPSInst_RT(inst)) {
+ err = SIGILL;
+ break;
+ }
+
+ case beql_op:
+ case bnel_op:
if (delay_slot(regs)) {
err = SIGILL;
break;
^ permalink raw reply related [flat|nested] 4+ messages in thread
* Re: [PATCH] MIPS: R2-on-R6 emulation bugfix of BLEZL and BGTZL instructions
@ 2016-11-08 11:17 ` Maciej W. Rozycki
0 siblings, 0 replies; 4+ messages in thread
From: Maciej W. Rozycki @ 2016-11-08 11:17 UTC (permalink / raw)
To: Leonid Yegoshin
Cc: linux-mips, paul.burton, linux-kernel, Ralf Baechle, yamada.masahiro
On Mon, 7 Nov 2016, Leonid Yegoshin wrote:
> MIPS R2 emulation doesn't take into account that BLEZL and BGTZL instructions
> require register RT = 0. If it is not zero it can be some legitimate MIPS R6
> instruction.
Well, it *is* rather than just can be -- one of BLEZC/BGEZC/BGEC or
BGTZC/BLTZC/BLTC, respectively, according to the bit patterns in RS/RT,
all these instructions being compact branches, so we can stop emulation
rather than decoding them.
Also please line-wrap your description at 75 columns, as per
Documentation/SubmittingPatches.
> diff --git a/arch/mips/kernel/mips-r2-to-r6-emul.c b/arch/mips/kernel/mips-r2-to-r6-emul.c
> index 22dedd62818a..b0c86b08c0b9 100644
> --- a/arch/mips/kernel/mips-r2-to-r6-emul.c
> +++ b/arch/mips/kernel/mips-r2-to-r6-emul.c
> @@ -919,6 +919,7 @@ int mipsr2_decoder(struct pt_regs *regs, u32 inst, unsigned long *fcr31)
> BUG();
> return SIGEMT;
> }
> + err = 0;
> pr_debug("Emulating the 0x%08x R2 instruction @ 0x%08lx (pass=%d))\n",
> inst, epc, pass);
Is this because of BRANCH_LIKELY_TAKEN? It has to be a separate patch
then, with a suitable description.
> @@ -1096,10 +1097,16 @@ int mipsr2_decoder(struct pt_regs *regs, u32 inst,
> unsigned long *fcr31)
> }
> break;
>
> - case beql_op:
> - case bnel_op:
> case blezl_op:
> case bgtzl_op:
> + /* return MIPS R6 instruction to CPU execution */
> + if (MIPSInst_RT(inst)) {
> + err = SIGILL;
> + break;
> + }
Please add:
/* Fall through. */
here so that it is clear it's not a bug; also GCC 7 will catch such cases
and issue warnings, which I expect according to our settings will cause a
build failure here if this is missing.
> +
> + case beql_op:
> + case bnel_op:
This part looks fine to me otherwise.
Maciej
^ permalink raw reply [flat|nested] 4+ messages in thread
* Re: [PATCH] MIPS: R2-on-R6 emulation bugfix of BLEZL and BGTZL instructions
@ 2016-11-08 11:17 ` Maciej W. Rozycki
0 siblings, 0 replies; 4+ messages in thread
From: Maciej W. Rozycki @ 2016-11-08 11:17 UTC (permalink / raw)
To: Leonid Yegoshin
Cc: linux-mips, paul.burton, linux-kernel, Ralf Baechle, yamada.masahiro
On Mon, 7 Nov 2016, Leonid Yegoshin wrote:
> MIPS R2 emulation doesn't take into account that BLEZL and BGTZL instructions
> require register RT = 0. If it is not zero it can be some legitimate MIPS R6
> instruction.
Well, it *is* rather than just can be -- one of BLEZC/BGEZC/BGEC or
BGTZC/BLTZC/BLTC, respectively, according to the bit patterns in RS/RT,
all these instructions being compact branches, so we can stop emulation
rather than decoding them.
Also please line-wrap your description at 75 columns, as per
Documentation/SubmittingPatches.
> diff --git a/arch/mips/kernel/mips-r2-to-r6-emul.c b/arch/mips/kernel/mips-r2-to-r6-emul.c
> index 22dedd62818a..b0c86b08c0b9 100644
> --- a/arch/mips/kernel/mips-r2-to-r6-emul.c
> +++ b/arch/mips/kernel/mips-r2-to-r6-emul.c
> @@ -919,6 +919,7 @@ int mipsr2_decoder(struct pt_regs *regs, u32 inst, unsigned long *fcr31)
> BUG();
> return SIGEMT;
> }
> + err = 0;
> pr_debug("Emulating the 0x%08x R2 instruction @ 0x%08lx (pass=%d))\n",
> inst, epc, pass);
Is this because of BRANCH_LIKELY_TAKEN? It has to be a separate patch
then, with a suitable description.
> @@ -1096,10 +1097,16 @@ int mipsr2_decoder(struct pt_regs *regs, u32 inst,
> unsigned long *fcr31)
> }
> break;
>
> - case beql_op:
> - case bnel_op:
> case blezl_op:
> case bgtzl_op:
> + /* return MIPS R6 instruction to CPU execution */
> + if (MIPSInst_RT(inst)) {
> + err = SIGILL;
> + break;
> + }
Please add:
/* Fall through. */
here so that it is clear it's not a bug; also GCC 7 will catch such cases
and issue warnings, which I expect according to our settings will cause a
build failure here if this is missing.
> +
> + case beql_op:
> + case bnel_op:
This part looks fine to me otherwise.
Maciej
^ permalink raw reply [flat|nested] 4+ messages in thread
end of thread, other threads:[~2016-11-08 11:17 UTC | newest]
Thread overview: 4+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2016-11-07 18:39 [PATCH] MIPS: R2-on-R6 emulation bugfix of BLEZL and BGTZL instructions Leonid Yegoshin
2016-11-07 18:39 ` Leonid Yegoshin
2016-11-08 11:17 ` Maciej W. Rozycki
2016-11-08 11:17 ` Maciej W. Rozycki
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.