wtdcode
commented
11 months ago Sounds like a bug at first glance. Would you mind sharing a small reproduction script?
Open InvoxiPlayGames opened 11 months ago
wtdcode
commented
11 months ago Sounds like a bug at first glance. Would you mind sharing a small reproduction script?
wtdcode
commented
11 months ago AFAIK, the co processor you are accessing (op1=0, crn=1, crm=0, op2=0) is not implemented even by qemu master. That said, you would probably implement it by youself.
I am trying to emulate system software that enables the MMU and D-cache feature of the ARM926EJ-S processor, however when the instruction to enable this is executed, an instruction fetch abort interrupt is raised to my UC_HOOK_INTR handler.
In UC_TLB_VIRTUAL mode, this doesn't happen, and the UC_HOOK_TLB_FILL hook is called when a virtual address is used, as is expected - this is not useful for me, however, as I won't necessarily know how the running software expects the virtual memory mapping to appear.
Code that is running in the emulated context, that enables the MMU and D-cache bits in the c1 Control Register:
The prefetch abort interrupt is raised after the mcr instruction (PC is at the "bx lr" instruction), and results in an endless loop, even if handled "correctly" by switching CPSR flags and setting PC to the correct vector.
I'm unsure if this is a bug or improper usage.