Re: port-mips/59064 (jemalloc switch to 5.3 broke userland)

["Taylor R Campbell via gnats" <gnats-admin%NetBSD.org@localhost>]

The following reply was made to PR port-mips/59064; it has been noted by GNATS.

From: Taylor R Campbell <riastradh%NetBSD.org@localhost>
To: Rin Okuyama <rokuyama.rk%gmail.com@localhost>
Cc: Martin Husemann <martin%duskware.de@localhost>, gnats-bugs%NetBSD.org@localhost,
	port-mips-maintainer%NetBSD.org@localhost, gnats-admin%NetBSD.org@localhost,
	netbsd-bugs%NetBSD.org@localhost, martin%NetBSD.org@localhost, simonb%NetBSD.org@localhost,
	joerg%NetBSD.org@localhost, dholland%NetBSD.org@localhost
Subject: Re: port-mips/59064 (jemalloc switch to 5.3 broke userland)
Date: Mon, 14 Apr 2025 17:59:53 +0000

 I think something might be wrong with  RDHWR $3,$29  emulation.
 
 I changed this branch to be unconditional so we always use the slow
 path in mips_emul.c for emulation, instead of the assembly fast path:
 
    1301 NESTED_NOPROFILE(MIPSX(user_reserved_insn), CALLFRAME_SIZ, ra)
 ...
    1316 	/* If this was in a branch delay slot, take the slow path. */
    1317 	mfc0	v0, MIPS_COP_0_CAUSE
    1318 	MFC0_HAZARD
 => 1319 	bltz	v0, MIPSX(user_gen_exception_common)
    1320 	 nop
 
 https://nxr.netbsd.org/xref/src/sys/arch/mips/mips/mipsX_subr.S?r=1.115#1319
 
 And now things don't seem to be crashing any more with initial-exec
 tls in jemalloc, in hundreds of trials -- previously it was about
 every other trial that would crash.
 
 So, maybe there's something wrong with this assembly fast path that
 somehow manages to corrupt v0 and make it point to the following pc --
 but only if it's not running under gdb!