Re: [PATCH 2/2] linux-user/sh4: Fix setup_sigtramp to match Linux kernel trampoline pattern

Sat, 16 May 2026 12:28:25 -0700 

On 5/14/26 09:55, Matt Turner wrote:

QEMU used MOVW(2) (0x9300), which loads the syscall number from PC+4,
instead of the kernel's MOVW(7) (0x9305), which loads from PC+14.  The
kernel uses five "or r0,r0" nop pads between TRAP_NOARG and the syscall
number word to reach that offset.  libunwind's unw_is_signal_frame checks
for the exact kernel byte pattern 0xc3109305 at the frame PC, so QEMU's
compact layout was not detected, breaking unwinding through signal frames.

Expand each trampoline from 6 to 16 bytes matching the kernel layout
defined in arch/sh/kernel/signal_32.c:

   #define MOVW(n)    (0x9300|((n)-2))  /* Move mem word at PC+n to R3 */
   #define TRAP_NOARG 0xc310            /* Syscall w/no args (NR in R3) */
   #define OR_R0_R0   0x200b            /* or r0,r0 (insert to avoid hardware 
bug) */

   __put_user(MOVW(7),          &frame->retcode[0]);  /* 0x9305 */
   __put_user(TRAP_NOARG,       &frame->retcode[1]);  /* 0xc310 */
   __put_user(OR_R0_R0,         &frame->retcode[2]);  /* 0x200b */
   __put_user(OR_R0_R0,         &frame->retcode[3]);  /* 0x200b */
   __put_user(OR_R0_R0,         &frame->retcode[4]);  /* 0x200b */
   __put_user(OR_R0_R0,         &frame->retcode[5]);  /* 0x200b */
   __put_user(OR_R0_R0,         &frame->retcode[6]);  /* 0x200b */
   __put_user((__NR_sigreturn), &frame->retcode[7]);

The first two halfwords (MOVW(7) || TRAP_NOARG = 0xc3109305) form the
32-bit value libunwind checks at the frame PC, followed by two
OR_R0_R0 halfwords (0x200b200b) at PC+4.  The same layout applies to
the rt_sigreturn trampoline (lines 366-373 of signal_32.c).

Neither this fix nor the companion tuc_link fix is independently
sufficient: this fix makes signal frames detectable but register reads
remain garbage without the correct ucontext layout; that fix corrects the
ucontext layout but libunwind still cannot detect the frame without the
correct trampoline pattern.  Together they fix the following libunwind
tests on a 64-bit host:
   Gtest-sig-context, Gtest-trace, Ltest-init-local-signal,
   Ltest-sig-context, Ltest-trace

Signed-off-by: Matt Turner<[email protected]>
Cc:[email protected]
---
  linux-user/sh4/signal.c | 38 ++++++++++++++++++++++++++++++--------
  1 file changed, 30 insertions(+), 8 deletions(-)


Reviewed-by: Richard Henderson <[email protected]>

Since you're looking at sh4, any chance you'd have time to create the vdso?
See e.g. linux-user/i386/{Makefile.vdso,vdso.S,vdso.ld}.


r~

Reply via email to