[okl4-developer] OKL4 3.0 l4_do_page_fault() in syscall_loop.c - binary patching

[Badea Daniel]

Hi, 

The  Linux ARM EABI toolchain provided here:
http://wiki.ok-labs.com/#OKL43.0Release does not provide a cross GDB.
Because I want to use Skyeye's GDB server I tried to use another toolchain
instead of the official one: CodeSourcery's
arm-2008q3-72-arm-none-linux-gnueabi (GCC 4.3.2) instead of
arm-unknown-linux-gnueabi (GCC 4.2.4).

Changing toolchains results in init() being unable to start because of a
page fault at address 0xffff0fa0.
I tracked the problem back to l4_do_page_fault() in syscall_loop.c which
does some 'magic' runtime patching of the code that caused the fault. Quote:

	/*
	 * Binary patching for NPTL
	 *
	 * XXX ??? Better place this thing?
	 */
	if (user_mode(regs) && ((address & PAGE_MASK) == 0xffff0000)){
        ....

Only 0xffff0fc0 and 0xffff0fe0 fault addresses are handled. 

Briefly:

a) for fault at 0xffff0fc0, code :

		mvn r3, #0xf000
		mov lr, pc
		sub pc, r3, #63

   is replaced (on Gumstix) with:
  
                mov r3, #0x01fc0000
		mov lr, pc
		orr pc, r3, #0x3a400

b) for fault at 0xffff0fe0, code:

		mvn r0, #0xf000
		mov lr, pc
		sub pc, r0, #31

   is replaced with:

		mov r0, #0xff000000
		ldr r0, [r0, #0x0ff0]
		ldr r0, [r0, #56]

When I use the new toolchain I get an additional fault at 0xffff0fa0 which I
don't know how to handle. The offending code looks like:

		mvn	ip, #61440	; 0xf000
		mov	lr, pc
		sub	pc, ip, #95	; 0x5f

Questions:
a) What is the purpose of binary patching, why does it work and how to
handle 0xffff0fa0?
    What is the meaning of the magic 0x01fc0000 | 0x3a400 address?
b) If you just wanted to patch the C library why don't you made a source
code patch and distribute with the toolchain?

Thanks,
Daniel

-- 
View this message in context: http://n2.nabble.com/OKL4-3-0-l4-do-page-fault-in-syscall-loop-c-binary-patching-tp3865042p3865042.html
Sent from the OKL4 Community Forum mailing list archive at Nabble.com.