Correct a cache coherency regression introduced with be1664c4 [Another round of fixes for the fp emulator.] for the emulation frame used in delay-slot emulation. Two instructions are copied into the frame and as from the commit referred a cache synchronisation call is made for the second instruction aka `badinst' of the two only. The `flush_cache_sigtramp' interface is reused that guarantees that synchronisation will be made for 8 bytes or 2 instructions starting from the address requested, although if cache lines are wider then a larger area may be synchronised. Change the call to point to the first of the two instructions aka `emul' instead, removing unpredictable behaviour resulting from cache incoherency. This bug only ever manifested itself on systems implementing 4-byte cache lines, typically MIPS I systems, causing all kinds of weirdness. This is because the sequence of two instructions starting from `emul' is 8-byte aligned and for 8-byte or wider cache lines the line synchronised will span both, so the vast majority of systems have escaped unharmed. Signed-off-by: Maciej W. Rozycki <macro@xxxxxxxxxxxxxx> --- linux-mips-emu-dsemul-flush-cache.patch Index: linux/arch/mips/math-emu/dsemul.c =================================================================== --- linux.orig/arch/mips/math-emu/dsemul.c 2015-04-02 20:18:49.616501000 +0100 +++ linux/arch/mips/math-emu/dsemul.c 2015-04-02 20:27:57.133225000 +0100 @@ -94,7 +94,7 @@ int mips_dsemul(struct pt_regs *regs, mi regs->cp0_epc = ((unsigned long) &fr->emul) | get_isa16_mode(regs->cp0_epc); - flush_cache_sigtramp((unsigned long)&fr->badinst); + flush_cache_sigtramp((unsigned long)&fr->emul); return SIGILL; /* force out of emulation loop */ }
