Hi all, I've stumbled upon an issue with ARM's return from exception (rfe) instruction in combination with the O3 CPU.
With the TimingSimpleCPU everything works fine. But with the DerivO3CPU it seems that the restoration of the userspace SP register does not happen immediately. For example, look at the following instruction trace: 2045980000: ldmstm 2045980000: addi_uop r35, sp, #0 : IntAlu : D=0x0000000000119160 1 --> 2045980000: ldr2_uop r701,r702, [r35, #0] : MemRead : D=0x0000006000211e50 A=0x119160 2045980000: add sp, sp, #12 : IntAlu : D=0x000000000011916c 2045980000: ldmstm 2045980000: ldr2_uop r0,r1, [sp, #0] : MemRead : D=0x0000000000000000 A=0x11916c 2045980000: ldr2_uop r2,r3, [sp, #8] : MemRead : D=0x0000000000000001 A=0x119174 2045980000: ldr2_uop r4,r5, [sp, #16] : MemRead : D=0xf0000020002f2020 A=0x11917c 2045980000: ldr2_uop r6,r7, [sp, #24] : MemRead : D=0x0000000000000006 A=0x119184 2045981000: ldr2_uop r8,r9, [sp, #32] : MemRead : D=0x002f228000211f40 A=0x11918c 2045981000: ldr2_uop r10,fp, [sp, #40] : MemRead : D=0x00211e6c00211f50 A=0x119194 2045981000: ldr2_uop r12,lr, [sp, #48] : MemRead : D=0x002d405000000006 A=0x11919c 2045981000: addi_uop sp, sp, #56 : IntAlu : D=0x00000000001191a4 2 --> 2045987000: rfeia sp! 2045987000: rfeia sp! : MemRead : D=0x0000000020000010 A=0x1191a4 2045987000: addi_uop sp, sp, #8 : IntAlu : D=0x00000000001191ac 2045987000: uopSet_uop [PC,CPSR] : IntAlu : D=0x0000000000000000 2045993000: ldr r2, [r8, #4] : MemRead : D=0x0000000000000003 A=0x211f44 2045993000: cmps r2, #0 : IntAlu : D=0x0000000000000001 2045993000: addne r10, r8, #4 : IntAlu : D=0x0000000000211f44 2045993000: movne r4, #0 : IntAlu : D=0x0000000000000000 2045993000: b <_ZN6kernel8CapTable6obtainEjPNS_10CapabilityE+92> : IntAlu : Predicated False 2045993000: ldr r0, [r10, #4]! 2045993000: ldr r0, [r10, #4]! : MemRead : D=0x0000000000506780 A=0x211f48 2045993000: addi_uop r10, r10, #4 : IntAlu : D=0x0000000000211f48 2045993000: add r4, r4, #1 : IntAlu : D=0x0000000000000001 2045994000: ldr r2, [r0, #0] : MemRead : D=0x00000000002ee14c A=0x506780 2045994000: ldr r2, [r2, #8] : MemRead : D=0x00000000002d95bc A=0x2ee154 2045994000: blx r2 : IntAlu : D=0x00000000002d4078 2046000000: ldmstm 3 --> 2046000000: str_uop r4, [sp, #24] : MemWrite : D=0x0000000000000001 A=0x119194 2046000000: str_uop r5, [sp, #20] : MemWrite : D=0x00000000f0000020 A=0x119198 2046000000: str_uop r6, [sp, #16] : MemWrite : D=0x0000000000000006 A=0x11919c 2046000000: str_uop r7, [sp, #12] : MemWrite : D=0x0000000000000000 A=0x1191a0 2046000000: str_uop fp, [sp, #8] : MemWrite : D=0x0000000000211e6c A=0x1191a4 4 --> 2046000000: str_uop lr, [sp, #4] : MemWrite : D=0x0000000000000060 A=0x211e4c 2046000000: subi_uop sp, sp, #24 : IntAlu : D=0x0000000000211e38 2046006000: add fp, sp, #20 : IntAlu : D=0x0000000000211e4c 2046006000: sub sp, sp, #24 : IntAlu : D=0x0000000000211e20 I've marked the most important lines. 1 is the place where the user space SP/LR are written. 2 is the place where rfe is used to return from supervisor mode to user mode. 3 uses the SP for the first time after returning to user mode. But note that the value is still 119XXX, so the SP that was used in supervisor mode. At 4 the value of SP suddenly changes to 211XXX, as should have happen much earlier. In case it matters, I'm using a single-core system with the classical memory model. Am I missing something or is there really something wrong? Best regards, Nils _______________________________________________ gem5-dev mailing list [email protected] http://m5sim.org/mailman/listinfo/gem5-dev
