| Message ID | 20180730201553.32423-1-richard.henderson@linaro.org |
|---|---|
| Headers | show |
| Series | linux-user/sparc: Fixes for clone | expand |
Richard Henderson <richard.henderson@linaro.org> writes: > There are at least 4 separate bugs preventing clone from working. > > (1) cpu_copy left both cpus sharing the same register window (!) > > (2) cpu_clone_regs did not initialize %o1, so the new thread path > in the guest __clone was always taken, even for the parent > (old %o1 value was newsp, and so non-zero). > > (3) cpu_clone_regs did not advance the pc past the syscall in the > child, which meant that the child re-executed the syscall > (and because of (1), with essentially random inputs). > > (4) clone did not flush register windows, which would cause the > parent stack to be clobbered by the child writing out old > windows in order to allocate a new one. > > This is enough for Alex's atomic-test to make progress, but not > quite enough for it to actually work. What I'm seeing now is a > legitimate SEGV for a write to a r-xp memory segment. I'll need > to examine the testcase further to see why that is happening. Hmm and testthread now reliably bombs with: thread2: 10 hello2 testthread: allocatestack.c:384: advise_stack_range: Assertion `freesize < size' failed. fish: “./qemu-sparc64 -d trace:user_qu…” terminated by signal SIGABRT (Abort) However the behaviour of the atomic test now looks similar to the occasional failure I was seeing in testthread before, i.e. a crash during atomic operations. > > > r~ > > > Richard Henderson (4): > linux-user: Disallow setting newsp for fork > linux-user: Pass the parent env to cpu_clone_regs > linux-user/sparc: Fix cpu_clone_regs > linux-user/sparc: Flush register windows before clone > > linux-user/aarch64/target_cpu.h | 3 ++- > linux-user/alpha/target_cpu.h | 3 ++- > linux-user/arm/target_cpu.h | 3 ++- > linux-user/cris/target_cpu.h | 3 ++- > linux-user/hppa/target_cpu.h | 3 ++- > linux-user/i386/target_cpu.h | 3 ++- > linux-user/m68k/target_cpu.h | 3 ++- > linux-user/microblaze/target_cpu.h | 3 ++- > linux-user/mips/target_cpu.h | 3 ++- > linux-user/nios2/target_cpu.h | 3 ++- > linux-user/openrisc/target_cpu.h | 4 +++- > linux-user/ppc/target_cpu.h | 3 ++- > linux-user/riscv/target_cpu.h | 3 ++- > linux-user/s390x/target_cpu.h | 3 ++- > linux-user/sh4/target_cpu.h | 3 ++- > linux-user/sparc/target_cpu.h | 23 ++++++++++++++++++++--- > linux-user/tilegx/target_cpu.h | 3 ++- > linux-user/xtensa/target_cpu.h | 3 ++- > linux-user/sparc/cpu_loop.c | 3 +++ > linux-user/syscall.c | 9 ++++++--- > 20 files changed, 64 insertions(+), 23 deletions(-) -- Alex Bennée
There are at least 4 separate bugs preventing clone from working. (1) cpu_copy left both cpus sharing the same register window (!) (2) cpu_clone_regs did not initialize %o1, so the new thread path in the guest __clone was always taken, even for the parent (old %o1 value was newsp, and so non-zero). (3) cpu_clone_regs did not advance the pc past the syscall in the child, which meant that the child re-executed the syscall (and because of (1), with essentially random inputs). (4) clone did not flush register windows, which would cause the parent stack to be clobbered by the child writing out old windows in order to allocate a new one. This is enough for Alex's atomic-test to make progress, but not quite enough for it to actually work. What I'm seeing now is a legitimate SEGV for a write to a r-xp memory segment. I'll need to examine the testcase further to see why that is happening. r~ Richard Henderson (4): linux-user: Disallow setting newsp for fork linux-user: Pass the parent env to cpu_clone_regs linux-user/sparc: Fix cpu_clone_regs linux-user/sparc: Flush register windows before clone linux-user/aarch64/target_cpu.h | 3 ++- linux-user/alpha/target_cpu.h | 3 ++- linux-user/arm/target_cpu.h | 3 ++- linux-user/cris/target_cpu.h | 3 ++- linux-user/hppa/target_cpu.h | 3 ++- linux-user/i386/target_cpu.h | 3 ++- linux-user/m68k/target_cpu.h | 3 ++- linux-user/microblaze/target_cpu.h | 3 ++- linux-user/mips/target_cpu.h | 3 ++- linux-user/nios2/target_cpu.h | 3 ++- linux-user/openrisc/target_cpu.h | 4 +++- linux-user/ppc/target_cpu.h | 3 ++- linux-user/riscv/target_cpu.h | 3 ++- linux-user/s390x/target_cpu.h | 3 ++- linux-user/sh4/target_cpu.h | 3 ++- linux-user/sparc/target_cpu.h | 23 ++++++++++++++++++++--- linux-user/tilegx/target_cpu.h | 3 ++- linux-user/xtensa/target_cpu.h | 3 ++- linux-user/sparc/cpu_loop.c | 3 +++ linux-user/syscall.c | 9 ++++++--- 20 files changed, 64 insertions(+), 23 deletions(-) -- 2.17.1