Re: [Qemu-arm] RISU TCG failures (AArch64 on AArch64)

qemu-arm

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Qemu-arm] RISU TCG failures (AArch64 on AArch64)

From:	Peter Maydell
Subject:	Re: [Qemu-arm] RISU TCG failures (AArch64 on AArch64)
Date:	Tue, 6 Dec 2016 11:27:08 +0000

On 6 December 2016 at 11:06, Alex Bennée <address@hidden> wrote:

A quick eyeball of the logs:

> loading test image 
> testcases.aarch64/insn_ADDPv_ADD_RES1_ADD_RES2_ADDS__INC.risu.bin...
> starting apprentice image at 0x4000801000
> Executed 100 test instructions (pc=0x4000801574).Executed 200 test 
> instructions (pc=0x4000801aec).Executed 300 test instructions 
> (pc=0x4000801d08).Executed 400 test instructions (pc=0x4000802264).Executed 
> 500 test instructions (pc=0x40008027b8).Executed 600 test instructions 
> (pc=0x40008029e8).Executed 700 test instructions (pc=0x4000802f3c).Executed 
> 800 test instructions (pc=0x40008034a8).Executed 900 test instructions 
> (pc=0x40008036cc).Executed 1000 test instructions 
> (pc=0x4000803c2c).----------------
> IN:
> 0x0000004000803cac:  ab1feff6      adds x22, xzr, xzr, lsl #59

>  ---- 0000004000803cac 0000000000000000 0000000000000000
>  movi_i64 tmp2,$0x0
>  movi_i64 tmp3,$0x0
>  movi_i64 tmp7,$0x0
>  add2_i64 tmp5,tmp6,tmp2,tmp7,tmp3,tmp7           dead: 2 3 4 5
>  mov_i32 CF,tmp6                                  sync: 0  dead: 0 1
>  mov_i32 ZF,tmp5
>  movi_i64 tmp9,$0x20
>  shr_i64 tmp8,tmp5,tmp9                           dead: 2
[...]

> OUT: [size=108]
> 0x556a9c11a0:  b85f8274      ldur w20, [x19, #-8]
> 0x556a9c11a4:  350002d4      cbnz w20, #+0x58 (addr 0x556a9c11fc)
> 0x556a9c11a8:  b10003f4      adds x20, sp, #0x0 (0)
> 0x556a9c11ac:  9a1f03f5      adc x21, xzr, xzr

Looks like the add2_i64 has emitted a bogus adds, because
it thinks adds (immediate) allows use of xzr when it doesn't
(for this insn Rn==31 means SP, not XZR).


> loading test image testcases.aarch64/insn_BSL_CCMN_CCMNi_CCMP__INC.risu.bin...
> starting apprentice image at 0x4000801000
> ----------------
> IN:
> 0x000000400080157c:  3a5cabed      ccmn wzr, #28, #NZcV, ge
> 0x0000004000801580:  00005af0      unallocated (Unallocated)

> OP after optimization and liveness analysis:
>  ld_i32 tmp0,env,$0xfffffffffffffff8              dead: 1
>  movi_i32 tmp1,$0x0
>  brcond_i32 tmp0,tmp1,ne,$L0                      dead: 0 1
>
>  ---- 000000400080157c 0000000000000000 0000000000000000
>  xor_i32 tmp1,VF,NF                               dead: 1 2
>  movi_i32 tmp2,$0x0
>  setcond_i32 tmp0,tmp1,tmp2,lt                    dead: 1 2
>  movi_i64 tmp3,$0x1c
>  movi_i64 tmp4,$0x0
>  movi_i32 tmp6,$0x0
>  mov_i32 tmp1,tmp4                                dead: 1
>  mov_i32 tmp2,tmp3                                dead: 1
>  add2_i32 NF,CF,tmp1,tmp6,tmp2,tmp6               dead: 3 5

> 0x55956bfc4c:  310073f5      adds w21, wsp, #0x1c (28)
> 0x55956bfc50:  1a1f03f6      adc w22, wzr, wzr

Same again but with add2_i32.

> loading test image testcases.aarch64/insn_MOVI_MOVK_MOVN_MOVZ__INC.risu.bin...


> 0x000000400080be2c:  6f01e7a0      movi v0.2d, #0xffffffff00ff
> 0x000000400080be30:  00005af0      unallocated (Unallocated)

>  ---- 000000400080be2c 0000000000000000 0000000000000000
>  movi_i64 tmp2,$0xffffffff00ff
>  mov_i64 tmp3,tmp2                                dead: 1
>  st_i64 tmp3,env,$0x838
>  st_i64 tmp3,env,$0x840                           dead: 0

> OUT: [size=72]
> 0x5561a8beb0:  b85f8274      ldur w20, [x19, #-8]
> 0x5561a8beb4:  350001b4      cbnz w20, #+0x34 (addr 0x5561a8bee8)
> 0x5561a8beb8:  929fe014      mov x20, #0xffffffffffff00ff

Generated move with wrong constant value...

> loading test image 
> testcases.aarch64/insn_UCVTFv_UCVTFvf_UCVTFvis_UCVTFv_RES1__INC.risu.bin...
> starting apprentice image at 0x4000801000
> Executed 100 test instructions (pc=0x400080158c).Executed 200 test 
> instructions (pc=0x4000801b10).Executed 300 test instructions 
> (pc=0x400080208c).Executed 400 test instructions (pc=0x40008022c8).Executed 
> 500 test instructions (pc=0x4000802880).Executed 600 test instructions 
> (pc=0x4000802e10).Executed 700 test instructions (pc=0x4000803034).Executed 
> 800 test instructions (pc=0x40008035a8).----------------
> IN:
> 0x0000004000803a74:  6f01e6fc      movi v28.2d, #0xffff00ffffff
> 0x0000004000803a78:  00005af0      unallocated (Unallocated)

>  movi_i64 tmp2,$0xffff00ffffff

> OUT: [size=72]
> 0x555c897290:  b85f8274      ldur w20, [x19, #-8]
> 0x555c897294:  350001b4      cbnz w20, #+0x34 (addr 0x555c8972c8)
> 0x555c897298:  92bfe014      mov x20, #0xffffffff00ffffff

Same thing again.

So there's two bugs here, one in handling of add2 in the
backend, and one in constant loading.

thanks
-- PMM

[Prev in Thread]

Current Thread

[Next in Thread]

[Qemu-arm] RISU TCG failures (AArch64 on AArch64), Alex Bennée, 2016/12/06
- Re: [Qemu-arm] RISU TCG failures (AArch64 on AArch64), Peter Maydell <=

Prev by Date: Re: [Qemu-arm] [Qemu-devel] [kvm-unit-tests RFC 00/15] arm/arm64: add ITS framework
Next by Date: [Qemu-arm] [PATCH 0/3] GICv3 bugfixes (preliminary for virt)
Previous by thread: [Qemu-arm] RISU TCG failures (AArch64 on AArch64)
Next by thread: [Qemu-arm] [PATCH 0/3] GICv3 bugfixes (preliminary for virt)
Index(es):
- Date
- Thread