[Qemu-devel] [Bug 1349277] [NEW] AArch64 emulation ignores SPSel=0 when

qemu-devel

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Qemu-devel] [Bug 1349277] [NEW] AArch64 emulation ignores SPSel=0 when

From:	T McIntosh
Subject:	[Qemu-devel] [Bug 1349277] [NEW] AArch64 emulation ignores SPSel=0 when taking (or returning from) an exception at EL1 or greater
Date:	Mon, 28 Jul 2014 07:40:56 -0000

Public bug reported:

The AArch64 emulation ignores SPSel=0 when:

(1) taking an interrupt from an exception level greater than EL0 (e.g.,
EL1t),

(2) returning from an exception (via ERET) to an exception level greater
than EL0 (e.g., EL1t), with SPSR_ELx[SPSel]=0.

The attached patch fixes the problem in my application.

Background:

I'm running a standalone application (toy OS) that is performing
preemptive multithreading between threads running at EL1t, with
exception handling / context switching occurring at EL1h.  This bug
causes the stack pointer to be corrupted in the threads running at EL1t
(they end up with a version of the EL1h stack pointer (SP_EL1)).

Occurs in:
        qemu-2.1.0-rc1 (found in)
        commit c60a57ff497667780132a3fcdc1500c83af5d5c0 (current master)

** Affects: qemu
     Importance: Undecided
         Status: New

** Patch added: "Proposed fix"
   
https://bugs.launchpad.net/bugs/1349277/+attachment/4164169/+files/qemu-aarch64-spsel-fix.patch

-- 
You received this bug notification because you are a member of qemu-
devel-ml, which is subscribed to QEMU.
https://bugs.launchpad.net/bugs/1349277

Title:
  AArch64 emulation ignores SPSel=0 when taking (or returning from) an
  exception at EL1 or greater

Status in QEMU:
  New

Bug description:
  The AArch64 emulation ignores SPSel=0 when:

  (1) taking an interrupt from an exception level greater than EL0
  (e.g., EL1t),

  (2) returning from an exception (via ERET) to an exception level
  greater than EL0 (e.g., EL1t), with SPSR_ELx[SPSel]=0.

  The attached patch fixes the problem in my application.

  Background:

  I'm running a standalone application (toy OS) that is performing
  preemptive multithreading between threads running at EL1t, with
  exception handling / context switching occurring at EL1h.  This bug
  causes the stack pointer to be corrupted in the threads running at
  EL1t (they end up with a version of the EL1h stack pointer (SP_EL1)).

  Occurs in:
        qemu-2.1.0-rc1 (found in)
        commit c60a57ff497667780132a3fcdc1500c83af5d5c0 (current master)

To manage notifications about this bug go to:
https://bugs.launchpad.net/qemu/+bug/1349277/+subscriptions

[Prev in Thread]

Current Thread

[Next in Thread]

[Qemu-devel] Behavior of floating point conversion in case the float value is NaN, Gaurav Sharma, 2014/07/30

Prev by Date: Re: [Qemu-devel] [RESEND PATCH V3] qemu-img info: show nocow info
Next by Date: [Qemu-devel] qemu run crash when divice_add another qxl display card
Previous by thread: [Qemu-devel] [Bug 1297218] Re: guest hangs after live migration due to tsc jump
Index(es):
- Date
- Thread