Re: [Qemu-devel] [PATCH v2 08/27] linux-user/sh4: Notice gUSA regions during signal delivery

[Richard Henderson]

On 07/06/2017 10:35 PM, John Paul Adrian Glaubitz wrote:
> On 07/07/2017 10:30 AM, John Paul Adrian Glaubitz wrote:
> > The scripts which are run here can be found as 
> > /var/lib/dpkg/info/tzdata.{config,postinst).
> > I don't know yet which command in particular triggers the crash.
> Interesting. It crashes for me immediately after resizing the terminal window 
> with:
>
> (sid-sh4-sbuild)address@hidden:/# Unhandled trap: 0x180
> pc=0xf6ffe9fa sr=0x00000101 pr=0x004a73c2 fpscr=0x00080000
> spc=0x00000000 ssr=0x00000000 gbr=0xf6646470 vbr=0x00000000
> sgr=0x00000000 dbr=0x00000000 delayed_pc=0xf6ffea14 fpul=0x00000000
> r0=0xfffffffc r1=0xf6ffea1c r2=0x00000000 r3=0x00000134
> r4=0x00000001 r5=0xf6ffeac0 r6=0x00000000 r7=0x00000000
> r8=0x00000000 r9=0x0041a050 r10=0xf677e4b8 r11=0xf6ffea40
> r12=0xf677ec54 r13=0x00000000 r14=0x0041a0a4 r15=0xf6ffea1c
> r16=0x00000000 r17=0x00000000 r18=0x00000000 r19=0x00000000
> r20=0x00000000 r21=0x00000000 r22=0x00000000 r23=0x00000000
> address@hidden:~>
>
> I did not enter any commands. Just chrooting into the chroot, the resizing the
> terminal window was enough.

Thanks for the hint.  I've got it now.

The problem is that sh4-linux-user does not limit the page mappings in the same 
way that the sh4 kernel does.  So we begin the program with the stack mapped at 
0xf7xxxxxx, which matches our normal check of 0xc0000000.

I think a more restricted check of -128 -- the most negative value that can be 
placed by mov #imm,sp -- will work and is more appropriate.  Indeed, I assume 
that the only reason the kernel doesn't perform the check that was is having to 
do it all in sh assembly with minimal free registers.


r~