[Qemu-devel] sparc32 FPU SP Invalid CEXC Test

Artyom Tarasenko Thu, 15 Apr 2010 17:36:09 -0700

One of LX's tests crashes pretty hard, causing qemu abort.
I've tried to look how does the execution flow works with -d in_asm.
Does the address in the log show the guest's PC register?
If so it looks strange:


0x70002d8c:  fadds  %f1, %f2, %f3
0x70002d90:  st  %f3, [ %l4 ]
0x70002d94:  nop
0x70002d98:  cmp  %g0, %g5
0x70002d9c:  bne,a   0x70003a1c

--------------
IN:
0x00000080:  sethi  %hi(0x1c00), %l4
0x00000084:  or  %l4, 0x324, %l4        ! 0x1f24
0x00000088:  jmp  %l4
0x0000008c:  rd  %psr, %l0

--------------
IN:
0x00001f24:  rd  %tbr, %l3
0x00001f28:  srl  %l3, 4, %l3
0x00001f2c:  and  %l3, 0xff, %l3
0x00001f30:  cmp  %l3, %g5
0x00001f34:  bne,a   0x2044

--------------
IN:
0x00001f3c:  sethi  %hi(0x600000), %l4
0x00001f40:  or  %l4, 0x100, %l4        ! 0x600100
0x00001f44:  add  %l4, 8, %l5
0x00001f48:  sethi  %hi(0x2000), %l6
0x00001f4c:  st  %fsr, [ %l4 ]
0x00001f50:  ld  [ %l4 ], %l7
0x00001f54:  andcc  %l7, %l6, %l7
0x00001f58:  bne  0x1f68
0x00001f5c:  nop

--------------
IN:
0x00001f60:  b  0x1f74
0x00001f64:  nop

--------------
IN:
0x00001f74:  mov  %g0, %g5
0x00001f78:  mov  %l0, %psr

--------------
IN:
0x00001f7c:  nop
0x00001f80:  nop
0x00001f84:  nop
0x00001f88:  jmp  %l2
0x00001f8c:  rett  %l2 + 4

--------------
########### Here: why does it return to 0x70002d84, not to 0x70002d94 ?

IN:
0x70002d84:  clr  [ %l4 ]
0x70002d88:  mov  8, %g5
0x70002d8c:  fadds  %f1, %f2, %f3
0x70002d90:  st  %f3, [ %l4 ]
0x70002d94:  nop
0x70002d98:  cmp  %g0, %g5
0x70002d9c:  bne,a   0x70003a1c

--------------
######## Here: why does it jump to 0x70002d88?
IN:
0x70002d88:  mov  8, %g5
0x70002d8c:  fadds  %f1, %f2, %f3
0x70002d90:  st  %f3, [ %l4 ]
0x70002d94:  nop
0x70002d98:  cmp  %g0, %g5
0x70002d9c:  bne,a   0x70003a1c

--------------
IN:
0x70002d8c:  fadds  %f1, %f2, %f3
0x70002d90:  st  %f3, [ %l4 ]
0x70002d94:  nop
0x70002d98:  cmp  %g0, %g5
0x70002d9c:  bne,a   0x70003a1c

>From the OBP log messages it looks like the trap 8 is signalled at
least one time more than expected.
Multiple execution of "0x70002d8c:  fadds  %f1, %f2, %f3" would have explain it:

     ERROR : Unexpected Synchronous Trap Taken, Trap Type = 00000008,
PSR = 414010c4, PC = 70002d8c, TBR = 00000080
     STATUS : Entering scope loop .... Press <A> key to Abort!qemu:
fatal: Trap 0x03 while interrupts disabled, Error state
pc: 0000217c  npc: 00002d68
General Registers:
%g0-7: 00000000 00002d68 00000055 00000001 00000002 00000000 00000000 00000000

Current Register Window:
%o0-7: 00000000 00000999 00000000 00000000 00000000 00000000 0001fba0 7000971c
%l0-7: 0002fff8 00000000 00000000 00000000 00000000 ffffffff 00000000 00000000
%i0-7: 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000

Floating Point Registers:
%f00: 000000002.890625              inf             -inf 000000000.000000
%f04: 000000002.890625 000000000.000000 000000002.890625 000000000.000000
%f08: 000000003.390625 000000000.000000 000000002.250000 000000000.000000
%f12: 000000002.890625 000000000.000000 000000002.312500 000000000.000000
%f16: 000000002.312500 000000000.000000 000000002.890625 000000000.000000
%f20: 000000002.718750 000000000.000000 000000002.562500 000000000.000000
%f24: 000000002.890625 000000000.000000 000000002.968750 000000000.000000
%f28: 000000002.312500 000000000.000000 000000002.890625 000000000.000000
psr: 41000000 (icc: ---- SPE: ---) wim: 00000002
fsr: 0f880010 y: 00000000
Aborted


-- 
Regards,
Artyom Tarasenko

solaris/sparc under qemu blog: http://tyom.blogspot.com/

[Qemu-devel] sparc32 FPU SP Invalid CEXC Test

Reply via email to