Re: [gem5-users] Possible Bug with X86 Decoder

Mon, 04 Dec 2017 18:35:25 -0800 

Could you please give this patch a try?

https://gem5-review.googlesource.com/c/public/gem5/+/6301

On Mon, Dec 4, 2017 at 5:50 PM, Matt Sinclair <mattdsincl...@gmail.com>
wrote:

> Hi everyone,
>
> Recently I've been dealing with an unmapped address bug that I’ve traced
> back to an issue with the X86 decoder.  Specifically, the issue I’m having
> is that one of the three micro-ops for this loop instruction:
>
>
>
> 1964176    : loop   0xffffffffffffffee
>
>
>
> is having its PC truncated from 64 bits to 32 bits.  The PC of the
> original loop instruction is 0x7ffff27ae050, and I see that the rdip and
> subi (the first two micro-ops) do not affect this.  However, the wripi
> truncates the resultant PC to 32 bits, which causes the unmapped address
> failure.  With the X86 flag on, I see that the pick() function picks size 4
> (i.e., dataSize == 4) for this micro-op, when it should be choosing size 8
> (if I force the pick() function to always choose the 64-bit return value,
> then the application makes progress beyond the failure point).  I have
> included more details of the trace I’ve been looking at below for reference.
>
>
>
> However, so far I haven’t been able to find any useful information about
> why the dataSize field is being set to 4 for this micro-op/instruction.
> Gabe, I was wondering if you could provide any pointers about where the
> right place(s) to look at for this?
>
>
>
> Sincerely,
> Matt Sinclair
>
>
>
> ---
>
>
>
> (I used the following flags: ExecAll,Decode,X86,Fetch,
> IntRegs,MiscRegs,CCRegs)
>
>
>
> 60042127104: system.cpu0.[tid:0]: Setting int reg 16 (16) to
> 0.
>
> 60042127104: system.cpu0: Decode: Decoded rdip
> instruction:
>
> {
>
>
>     leg = 0,
>
>
>     rex = 0,
>
>
>     vex/xop = 0,
>
>
>     op = {
>
>
>         type = one byte,
>
>
>         op = 0xe2,
>
>
>         },
>
>
>     modRM = 0,
>
>
>     sib = 0,
>
>
>     immediate = 0xffffffffffffffee,
>
>
>     displacement = 0
>
>
>     dispSize = 0,
>
>
>     mode = 0,
>
>
>     submode = 0}
>
>
>
>
>
> 60042127104: global: The data size is 4
>
>
> 60042127104: system.cpu0.[tid:0]: Setting int reg 17 (17) to
> *0x7ffff27ae052*.             *// Matt: rdip sets resultant PC correctly
> in t1d*
>
> 60042127104: system.cpu0 A0 T0 : 
> @_ZN12_GLOBAL__N_1L16ARMAttributeTagsE+140737131964176
> : loop   0xffffffffffffffee
>
> 60042127104: system.cpu0 A0 T0 : 
> @_ZN12_GLOBAL__N_1L16ARMAttributeTagsE+140737131964176.0
> :   LOOP_I : rdip   t1d, %ctrl154,  : IntAlu :  D=*0x00007ffff27ae052  *
> flags=(IsInteger|IsMicroop|IsDelayedCommit|IsFirstMicroop)
>
> 60042127104: system.cpu0.[tid:0]: Setting int reg 16 (16) to
> 0.
>
> 60042127104: system.cpu0: Decode: Decoded subi
> instruction:
>
> {
>
>
>     leg = 0,
>
>
>     rex = 0,
>
>
>     vex/xop = 0,
>
>
>     op = {
>
>
>         type = one byte,
>
>
>         op = 0xe2,
>
>
>         },
>
>
>     modRM = 0,
>
>
>     sib = 0,
>
>
>     immediate = 0xffffffffffffffee,
>
>
>     displacement = 0
>
>
>     dispSize = 0,
>
>
>     mode = 0,
>
>
>     submode = 0}
>
>
>
>
>
> 60042127104: system.cpu0.[tid:0]: Reading int reg 1 (1) as
> 0x22.
>
> 60042127104: global: Picking with size 8
>
>
> 60042127104: global: flagMask = 0x20
>
>
> 60042127104: system.cpu0.[tid:0]: Setting int reg 1 (1) to
> 0x21.
>
> 60042127104: system.cpu0.[tid:0]: Setting CC reg 4 (4) to
> 0.
>
> 60042127104: system.cpu0 A0 T0 : 
> @_ZN12_GLOBAL__N_1L16ARMAttributeTagsE+140737131964176.1
> :   LOOP_I : subi   rcx, rcx, 0x1 : IntAlu :  D=0x0000000000000000
> flags=(IsInteger|IsCC|IsMicroop|IsDelayedCommit)
>
> 60042127104: system.cpu0.[tid:0]: Setting int reg 16 (16) to
> 0.
>
> 60042127104: system.cpu0: Decode: Decoded wripi
> instruction:
>
> {
>
>
>     leg = 0,
>
>
>     rex = 0,
>
>
>     vex/xop = 0,
>
>
>     op = {
>
>
>         type = one byte,
>
>
>         op = 0xe2,
>
>
>         },
>
>
>     modRM = 0,
>
>
>     sib = 0,
>
>
>     immediate = 0xffffffffffffffee,
>
>
>     displacement = 0
>
>
>     dispSize = 0,
>
>
>     mode = 0,
>
>
>     submode = 0}
>
>
>
>
>
> *60042127104: system.cpu0.[tid:0]: Reading int reg 17 (17) as
> 0x7ffff27ae052.       // Matt: PC (in t1d) still correct at this point*
>
> 60042127104: system.cpu0.[tid:0]: Reading CC reg 0 (0) as
> 0x44.
>
> 60042127104: system.cpu0.[tid:0]: Reading CC reg 1 (1) as
> 0.
>
> 60042127104: system.cpu0.[tid:0]: Reading CC reg 2 (2) as 0.
>
>
> 60042127104: system.cpu0.[tid:0]: Reading CC reg 3 (3) as
> 0.
>
> 60042127104: system.cpu0.[tid:0]: Reading CC reg 4 (4) as
> 0.
>
> *60042127104: global: Picking with size
> 4                                                             // Matt: this
> should be size 8*
>
> 60042127104: system.cpu0 A0 T0 : 
> @_ZN12_GLOBAL__N_1L16ARMAttributeTagsE+140737131964176.2
> :   LOOP_I : wripi   , t1d, 0xee : IntAlu :   flags=(IsInteger|IsCC|
> IsControl|IsCondControl|IsMicroop|IsLastMicroop)
>
> 60042127104: system.cpu0: Fetch: PC:*0xf27ae040
> // Matt: resultant PC is truncated*
>
> Fault description: #PF(0x15) at 0xf27ae040
>
>
> PC: 0xf27ae040, Instr:   LOOP_I : wripi   , t1d,
> 0xee
>
> panic: Tried to execute unmapped address 0xf27ae040.
>
> _______________________________________________
> gem5-users mailing list
> gem5-users@gem5.org
> http://m5sim.org/cgi-bin/mailman/listinfo/gem5-users
>

_______________________________________________
gem5-users mailing list
gem5-users@gem5.org
http://m5sim.org/cgi-bin/mailman/listinfo/gem5-users

Reply via email to