[Skyeye-developer] ARM MMU TLB issue

[Smirnov Dmitry]

Hi,

While running a binary (compiled by ADS1.2 for ARM926EJ-S) on the skyeye
1.2.3, I've encountered the following problem:
when the code is switching to system execution mode (0b11111) function
check_perms (in tlb.c) return 0 that means that program is not allowed
to read next instruction (after MCR instruction). This happens for 'ap'
equal to 0 (case 0). 
On the real hardware this code is working pretty well.

I believe the problem is the value of the 'user' variable.
On the line 24 it is calculated as 
user = (state->Mode == USER32MODE) || (state->Mode == USER26MODE) ||
(state->Mode == SYSTEM32MODE);

I suppose the last item in logical OR is wrong.
According to the DDI0100E_ARM_ARM.pdf I have, system mode is considered
as 'privileged mode' (ch. 2.2). Table 3-3 states that there are two
meanings of the combination of Access Permissions, S and R bits: for
privileged and user modes.

I've tried to remove this operand (state->Mode == SYSTEM32MODE). The
binary is working now.

I would report this as a bug, but there is a comment on line 23 that
explicitly indicates that system mode should be considered as user mode.

Does anybody know why it here?

P.S. maybe the following details will be helpful: 
binary is using flat memory model, where all the sections are mapped at
the same physical addresses as their virtual addresses. All the sections
have the same attributes. Prior to this mode switching, the code was
running in Supervisor mode (that is why I did not see any problems
earlier). Simulated interrupt switched CPU to IRQ mode (this was ok);
interrupt handler switched it to the System mode.

Dmitry