Kevin D. Kissell wrote:
Shane McDonald wrote:
In the following chunk of code from cp1emu.c:
[snip]
value gets set to an initial value of 0x400, and ctx->fcr31
comes in with an initial value of 0x8420.
By the time we hit the if statement around the return SIGFPE, ctx->fcr31
has been set to 0x8400, not the 0x400 I implied.
Ah, well that would rather change things, and you *would* get an
exception there. As written, the code doesn't seem to allow the pending
exception (.._X) bits to be cleared by the CTC.
Nevertheless, that's not the problem.
Maybe it is. I don't have my MIPS specs handy anymore, but just what is
supposed to clear a pending exception bit in a real FPU?
From old-ish MIPS32 specs out there on the web, it looks like the
emulator was doing the right thing in raising the exception - it's
specifically called out in the CTC1 definition that writing a value with
both a Cause and an Enable (_X and _E) bit set will throw an exception.
The question is: Why wasn't the Cause bit cleared? As I mentioned last
night, in current kernels running on a real FPU, it gets cleared as part
of the assembly-language preamble to servicing a FPU exception, a path
which is definitely not taken in the emulator case, which is driven by
coprocessor unusable exceptions. So now I'm actually confused by two
things: One is where the emulator *should* have its _X flags cleared,
and the other is how the current kernel/signal code communicates the
nature of a floating point exception to the user. I had thought that
either we had a model where a SIGFPE signal carried the FPCR bits as
part of its payload (something I've done for other architectures and
could have sworn I'd done for MIPS at one point or another), or that the
signal handler can inspect the FPCR to know what kind of exception it
was. As near as I can tell, when there's a real FPU, we wipe out the
evidence before we save the context.
Regards,
Kevin K.
