(1) You should be looking at DDI0403D -- revision D of the v7M ARM ARM included some significant clarifications and corrections as well as adding documentation of floating point support.
(2) The behaviour of the POP instruction is irrelevant here because the QEMU function you are proposing to change is not related to it but is in fact implementing the exception return handling. As I said before, this corresponds to the PopStack pseudocode function in the v7m ARM, which is clearly documented as UNPREDICTABLE if the lsbit is set. (3) Joseph Yiu's book (however good it may be) is not the authoritative reference to the behaviour that v7M software can rely on; that is the architecture reference manual. (4) It is entirely possible that hardware implementations to date ignore the lsbit in this situation. That doesn't mean that software which relies on this UNPREDICTABLE behaviour is not buggy. (5) The code in http://freertos.svn.sourceforge.net/viewvc/freertos/trunk/Source/portable/GCC/ARM_CM3/port.c?revision=1660&view=markup pxPortInitialiseStack() is wrong because it does not force the lsbit to zero when setting up its fake stack frame. That (or the equivalent in whichever freertos port you're building) is what you need to fix. -- You received this bug notification because you are a member of qemu- devel-ml, which is subscribed to QEMU. https://bugs.launchpad.net/bugs/657006 Title: arm v7M - svc insn doesn't trigger PendSV handler Status in QEMU: New Bug description: The svc instruction doesn't work as expected. -> qemu 0.13.0 rc1 (git) Test : demo with freeRTOS (for example FreeRTOS-6.0.5/Demo/CORTEX_LM3S811_GCC) with the card lm3s811evb. If we start the scheduler, it will call that function (__attribute__ (( naked ))) : void vPortStartFirstTask( void ) { __asm volatile( " ldr r0, =0xE000ED08 \n" /* Use the NVIC offset register to locate the stack. */ " ldr r0, [r0] \n" " ldr r0, [r0] \n" " msr msp, r0 \n" /* Set the msp back to the start of the stack. */ " svc 0 \n" /* System call to start first task. */ ); } The 4 first lines in asm work fine. The scv 0 call will rise the right interrupt in qemu (line 151, in arm_gic.c, best_irq = 15). However, it will never call the PendSV Handler (xPortPendSVHandler here). This function is recorded in the nvic vector. Next, (after the svc), the processor will execute the line after in code (this is a naked function) so the next function written after vPortStartFirstTask in the code. command line : console 1 : qemu-system-arm -M lm3s6965evb -kernel gcc/RTOSDemo.axf -s -S console 2 : arm-none-eabi-gdb -ex "target remote localhost:1234" gcc/RTOSDemo.axf arm-none-eabi from http://www.codesourcery.com/sgpp/lite/arm/portal/release1294 Same error with another project with arm-elf processor : arm cortex m3 host : gentoo (2.6.35-r9) (without kqemu) To manage notifications about this bug go to: https://bugs.launchpad.net/qemu/+bug/657006/+subscriptions