Received: by 2002:ad5:474a:0:0:0:0:0 with SMTP id i10csp1854641imu;
        Sun, 16 Dec 2018 10:16:14 -0800 (PST)
X-Google-Smtp-Source: AFSGD/Ve73Jq1PMTExKlVVgrGcedzp41dnwrs5W/q+B1bMwqUcbomGJ9haHGv3027QUbNYuZb02H
X-Received: by 2002:a63:d450:: with SMTP id i16mr9450901pgj.246.1544984174624;
        Sun, 16 Dec 2018 10:16:14 -0800 (PST)
ARC-Seal: i=1; a=rsa-sha256; t=1544984174; cv=none;
        d=google.com; s=arc-20160816;
        b=X5eyi6lgyGxmz8azPOXAjHZ14W9ssV9g0zTrdOQuWR+AdTKTW0wIBHMj8NC6eHylQz
         THRtZZ53vitJYeG4/08WGslNclOKARdtXoqObsH4l+9DsumA15pinjKmHiilz45Nwd/F
         Syz+QMmsI774RH/tGYAFlYAEIxljsiw3LLiGaDH4Q5hM+S9sLfeHQGDQOcQ+AZDJocvD
         tkGtc5qLunJQENTbVYNV0xQysP/UAo/h/ZSU7i6BUrS8J/bhScpeNT2rum1LC6PKwTLA
         8TgALr9aRs+P25myDkLapoYvCg1e29jHPpqMs0+gsMktBwFa79LdKWFKv2Ray3RXv6VS
         fTFQ==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816;
        h=list-id:precedence:sender:user-agent:in-reply-to
         :content-disposition:mime-version:references:message-id:subject:cc
         :to:from:date;
        bh=/6Zeb41vvlsy8PpBg26MJHquFvtyGG5ATOo0VPB5cqo=;
        b=SgWNRnfvWsNj4JbXntqRr4fiMR3JsFnjHtbhE7Old/twFfGpmgh8hMCDOfDuMrdAC7
         rszlo0NwLEA3VTpzou25v4FKAzMNl+1OtaIyYwohqY3+Y9wX3D+fM+3zsIk3Qn6ZBs3t
         jUedF8UlBCY6+QxWodq38oQVwF5hyvt4hALYp59VkmGHgilfNHLNf8piE5gZ7XQFvsZ2
         RiuAznmBiya9uMx71U0afA6TBIudK0Mkvc/FO/GFZGjwpXv79/oPltXy5+oxfRE3KgIf
         OzKrgssarJ/7v7oCHCO2Sj5Ei6J2wqwjJ7i8+IVRshJmQ49mQ2i7TWhzMpROfvDHnaW8
         SQsA==
ARC-Authentication-Results: i=1; mx.google.com;
       spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org
Return-Path: <linux-kernel-owner@vger.kernel.org>
Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67])
        by mx.google.com with ESMTP id t13si8661362pga.102.2018.12.16.10.15.58;
        Sun, 16 Dec 2018 10:16:14 -0800 (PST)
Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67;
Authentication-Results: mx.google.com;
       spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
        id S1730770AbeLPSNl (ORCPT <rfc822;arandomawesomegeek@gmail.com>
        + 99 others); Sun, 16 Dec 2018 13:13:41 -0500
Received: from 216-12-86-13.cv.mvl.ntelos.net ([216.12.86.13]:59158 "EHLO
        brightrain.aerifal.cx" rhost-flags-OK-OK-OK-OK) by vger.kernel.org
        with ESMTP id S1730518AbeLPSNk (ORCPT
        <rfc822;linux-kernel@vger.kernel.org>);
        Sun, 16 Dec 2018 13:13:40 -0500
Received: from dalias by brightrain.aerifal.cx with local (Exim 3.15 #2)
        id 1gYav2-0005Iu-00; Sun, 16 Dec 2018 18:13:36 +0000
Date:   Sun, 16 Dec 2018 13:13:36 -0500
From:   Rich Felker <dalias@libc.org>
To:     "Maciej W. Rozycki" <macro@linux-mips.org>
Cc:     Andy Lutomirski <luto@kernel.org>,
        Linux MIPS Mailing List <linux-mips@linux-mips.org>,
        LKML <linux-kernel@vger.kernel.org>,
        Paul Burton <paul.burton@imgtec.com>,
        David Daney <david.daney@cavium.com>,
        Ralf Baechle <ralf@linux-mips.org>,
        Paul Burton <paul.burton@mips.com>,
        James Hogan <jhogan@kernel.org>
Subject: Re: Fixing MIPS delay slot emulation weakness?
Message-ID: <20181216181336.GG23599@brightrain.aerifal.cx>
References: <CALCETrWaWTupSp6V=XXhvExtFdS6ewx_0A7hiGfStqpeuqZn8g@mail.gmail.com>
 <20181215225009.GB23599@brightrain.aerifal.cx>
 <alpine.LFD.2.21.1812160054300.11202@eddie.linux-mips.org>
 <20181216023259.GE23599@brightrain.aerifal.cx>
 <alpine.LFD.2.21.1812160319120.11202@eddie.linux-mips.org>
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
In-Reply-To: <alpine.LFD.2.21.1812160319120.11202@eddie.linux-mips.org>
User-Agent: Mutt/1.5.21 (2010-09-15)
Sender: linux-kernel-owner@vger.kernel.org
Precedence: bulk
List-ID: <linux-kernel.vger.kernel.org>
X-Mailing-List: linux-kernel@vger.kernel.org

On Sun, Dec 16, 2018 at 01:50:13PM +0000, Maciej W. Rozycki wrote:
> On Sat, 15 Dec 2018, Rich Felker wrote:
> 
> > >  I think "trivial" is an understatement, you at least need to decode the 
> > > delay-slot instruction enough to tell privileged and user instructions 
> > > apart and send SIGILL where appropriate.  Some user instructions send 
> > > exceptions too and you need to handle them accordingly.
> > 
> > I meant simply that making them safe is trivial if they're not
> > accessing memory, only modifying the regisster file in the signal
> > context. Not that emulating them is trivial.
> 
>  OK, fair enough.
> 
> > On the other hand it might be cleaner, safer, and easier to simply
> > write a full mips ISA emulator, put it in the vdso, and have the
> > kernel immediately return-to-userspace on hitting floating point
> > instructions and let the emulator code there take care of it all and
> > then return to the normal flow of execution.
> 
>  The problem is matching hardware being run on and then maintaining that 
> stuff.  I'd call that a maintenance nightmare, I'm afraid.  See what pain 
> we have to go through already to get FPU emulation right, and there's much 
> less variation.
> 
> > >  OTOH, for things like ADDIUPC you need to interpret the instruction 
> > > anyway, as the value of the PC used for calculation will be wrong except 
> > > in the original location.
> > 
> > Indeed. Assuming arbitrary ISA extensions including stuff that does
> > PC-relative arithmetic, there's no way to execute it out-of-place
> > without knowing how to interpret it.
> 
>  Well, ADDIUPC is a standard microMIPS instruction.  Then R6 has more 
> stuff like that in the regular MIPS instruction set, e.g. AUIPC, LWPC.
> 
> > >  What about all the odd and especially vendor-specific load/store 
> > > instructions like ASET, SAA or SWAPW?  Would we need to have all the 
> > > possible encodings provided in the VDSO?
> > 
> > Can all kinds of weird stuff like this go in delay slots? I'm more
> > familiar with SH delay slots where lots of instructions are
> > slot-illegal. If so perhaps the full-emulator-in-userspace approach is
> > better.
> 
>  I've double-checked and ASET is actually not allowed in a delay slot, 
> because it uses multiple bus cycles for data access.  This is also why 
> LWP, LWM, etc. are not allowed either.  Also control transfer instructions 
> are not allowed (unlike with SPARC), such as branches, ERET or YIELD (not 
> that the two latter instructions matter for us).  Most of stuff is allowed 
> in delay slots though.
> 
>  It doesn't help that information about that is scattered across many 
> documents.  You can check for the NODS flag in the opcodes library from 
> binutils though, which is almost 100% accurate, except for the SYNC 
> instructions, for semantic reasons (i.e. they are allowed, but we don't 
> want GAS to reorder them).  Most of the disallowed stuff is in the 
> microMIPS instruction set, due to encodings that execute as hardware 
> macros.

I think it suffices to emulate what compilers generate in delay slots,
which should be fairly minimal and stable. At the very least we could
enumerate everything GCC and LLVM already emit there, and get them to
upstream a policy of not adding new insns as fpu-delay-slot-allowed.
If someone is writing asm by hand to do ridiculous things in the delay
slot with random ISA extensions, they shouldn't expect it to work.

Rich