netbsd-bugs: port-mips/27298: FP trap handler bug (at least in cobalt port) -> kernel panic

Subject: port-mips/27298: FP trap handler bug (at least in cobalt port) -> kernel panic
To: None <gnats-bugs@gnats.NetBSD.org>
From: Markus W Kilbinger <kilbi@rad.rwth-aachen.de>
List: netbsd-bugs
Date: 10/19/2004 09:49:33

>Number:         27298
>Category:       port-mips
>Synopsis:       FP trap handler bug (at least in cobalt port) -> kernel panic
>Confidential:   no
>Severity:       serious
>Priority:       medium
>Responsible:    port-mips-maintainer
>State:          open
>Class:          sw-bug
>Submitter-Id:   net
>Arrival-Date:   Tue Oct 19 07:50:00 UTC 2004
>Closed-Date:
>Last-Modified:
>Originator:     
>Release:        NetBSD 2.99.10
>Organization:
>Environment:
System: NetBSD cochise 2.99.10 NetBSD 2.99.10 (COCHISE) #2: Tue Oct 19 00:06:57 MEST 2004  kilbi@qie:/sys/arch/cobalt/compile/COCHISE cobalt
Architecture: mipsel
Machine: cobalt
>Description:
	Higher optimized (-mips2 and higher) binaries containing long
	float to int casts cause kernel panics (at least on my cobalt
	qube 2) with following ddb output:

	  trap: TLB miss (load or instr. fetch) in kernel mode
	  status=0x20007c03, cause=0x8, epc=0x8019514c, vaddr=0x4
	  pid=8414 cmd=try usp=0x7fffd068 ksp=0xc870be00
	  Stopped in pid 8414.1 (try) at  netbsd:trapsignal+0x2c: lw      v0,0(a1)
	  db> bt
	  trapsignal+2c (8e65fcf8,4,4620010d,80243800) ra 800016ac sz 64
	  MachFPTrap+cc (8e65fcf8,4,4620010d,80243800) ra 8023b3a4 sz 24
	  8023acc4+6e0 (8e65fcf8,4,4620010d,80243800) ra 0 sz 0
	  User-level: pid 8414.1
	  db> ps
	   PID           PPID     PGRP        UID S   FLAGS LWPS          COMMAND    WAIT
	  >8414         25684     9563          0 2  0x4002    1              try

>How-To-Repeat:
	Compile a (minimum) C program containing a type cast like

	  int i32;
	  double f, g;
	  [...]
	  i32  = (int) g;

	, compile it with higher mips optimization (>= -mips2) like

	  gcc -O -s -mips2 -o test-casti32 test-casti32.c

	, execute it and see how the kernel panics (when the code is
	executed! ;-)) (see above ddb output) .

	Compiling the same code w/o (or -mips1) mips optimization
	yields a working binary (guess the compiler does not emit the
	'problematic' code then).

	BTW: I ran into this problem when compiling
	pkgsrc/lang/perl5{,8} where the Configure script tests exactly
	this cast capability of the system/compiler.

	I tested this only on my cobalt qube 2 (RM 5200)! After some
	discussion on port-cobalt I decided to choose 'port-mips'
	category (hope this' correct).
>Fix:
	n/a
>Release-Note:
>Audit-Trail:
>Unformatted: