qemu-devel
[Top][All Lists]
Advanced
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Qemu-devel] [PATCH 0/3] linux-user/sparc: Fixes for clone

From: Alex Bennée
Subject: Re: [Qemu-devel] [PATCH 0/3] linux-user/sparc: Fixes for clone
Date: Tue, 31 Jul 2018 08:09:30 +0100
User-agent: mu4e 1.1.0; emacs 26.1.50 
Richard Henderson <address@hidden> writes:

> There are at least 4 separate bugs preventing clone from working.
>
> (1) cpu_copy left both cpus sharing the same register window (!)
>
> (2) cpu_clone_regs did not initialize %o1, so the new thread path
>     in the guest __clone was always taken, even for the parent
>     (old %o1 value was newsp, and so non-zero).
>
> (3) cpu_clone_regs did not advance the pc past the syscall in the
>     child, which meant that the child re-executed the syscall
>     (and because of (1), with essentially random inputs).
>
> (4) clone did not flush register windows, which would cause the
>     parent stack to be clobbered by the child writing out old
>     windows in order to allocate a new one.
>
> This is enough for Alex's atomic-test to make progress, but not
> quite enough for it to actually work.  What I'm seeing now is a
> legitimate SEGV for a write to a r-xp memory segment.  I'll need
> to examine the testcase further to see why that is happening.


Hmm and testthread now reliably bombs with:

  thread2: 10 hello2
  testthread: allocatestack.c:384: advise_stack_range: Assertion `freesize < 
size' failed.
  fish: “./qemu-sparc64 -d trace:user_qu…” terminated by signal SIGABRT (Abort)

However the behaviour of the atomic test now looks similar to the
occasional failure I was seeing in testthread before, i.e. a crash
during atomic operations.

>
>
> r~
>
>
> Richard Henderson (4):
>   linux-user: Disallow setting newsp for fork
>   linux-user: Pass the parent env to cpu_clone_regs
>   linux-user/sparc: Fix cpu_clone_regs
>   linux-user/sparc: Flush register windows before clone
>
>  linux-user/aarch64/target_cpu.h    |  3 ++-
>  linux-user/alpha/target_cpu.h      |  3 ++-
>  linux-user/arm/target_cpu.h        |  3 ++-
>  linux-user/cris/target_cpu.h       |  3 ++-
>  linux-user/hppa/target_cpu.h       |  3 ++-
>  linux-user/i386/target_cpu.h       |  3 ++-
>  linux-user/m68k/target_cpu.h       |  3 ++-
>  linux-user/microblaze/target_cpu.h |  3 ++-
>  linux-user/mips/target_cpu.h       |  3 ++-
>  linux-user/nios2/target_cpu.h      |  3 ++-
>  linux-user/openrisc/target_cpu.h   |  4 +++-
>  linux-user/ppc/target_cpu.h        |  3 ++-
>  linux-user/riscv/target_cpu.h      |  3 ++-
>  linux-user/s390x/target_cpu.h      |  3 ++-
>  linux-user/sh4/target_cpu.h        |  3 ++-
>  linux-user/sparc/target_cpu.h      | 23 ++++++++++++++++++++---
>  linux-user/tilegx/target_cpu.h     |  3 ++-
>  linux-user/xtensa/target_cpu.h     |  3 ++-
>  linux-user/sparc/cpu_loop.c        |  3 +++
>  linux-user/syscall.c               |  9 ++++++---
>  20 files changed, 64 insertions(+), 23 deletions(-)


--
Alex Bennée
reply via email to
[Prev in Thread] Current Thread [Next in Thread]