Subject: port-mips/17548: LL/SC emulation is incorrect
To: None <gnats-bugs@gnats.netbsd.org>
From: None <thorpej@shagadelic.org>
List: netbsd-bugs
Date: 07/10/2002 09:38:20
>Number: 17548
>Category: port-mips
>Synopsis: LL/SC emulation is incorrect
>Confidential: no
>Severity: serious
>Priority: high
>Responsible: port-mips-maintainer
>State: open
>Class: sw-bug
>Submitter-Id: net
>Arrival-Date: Wed Jul 10 09:39:00 PDT 2002
>Closed-Date:
>Last-Modified:
>Originator: Jason R Thorpe
>Release: NetBSD 1.6D
>Organization:
Wasabi Systems, Inc.
>Environment:
>Description:
The LL/SC emulation which was recently added has a few problems that
need to be fixed:
1. You only compile it in for MIPS1. This is incorrect. It
needs to be there for MIPS2 and MIPS3, as well, since there
are some processors with those ISAs that don't have LL/SC.
2. The looping around emulation of the LL/SC insn (in what
appears to be an optimization to reduce trap overhead)
is incorrect. See bullet #3.
3. From inspection, this LL/SC emulation simply treats these
instructions as normal load/store. This is incorrect.
The point of LL/SC is that the SC will detect if the datum
at the memory location has changed since the LL (at least,
that is by far the most common usage).
So, what you need to do is:
a. In LL emulation, remember the process (lwp), address,
and value involved in the LL.
b. When you perform the SC emulation, check to make sure
the process and the address are the same as from the
LL emulation. If not, make the SC fail.
At this point, unlatch the LL emulation by clearing
the remembered process pointer.
Then fetch the value at the address, and compare it to
the value you remered from the LL. If they are not
the same, make the SC fail.
Otherwise, all is clear; write the new value to the
memory location and indicate success.
Note this is incompatible with emulating them in a loop.
LL/SC can't really be used as the loop assumes anyway.
>How-To-Repeat:
Code inspection.
>Fix:
Not provided.
>Release-Note:
>Audit-Trail:
>Unformatted: