* [Qemu-devel] Help needed testing on ppc
@ 2014-05-06 10:03 BALATON Zoltan
2014-05-06 12:20 ` Tom Musta
0 siblings, 1 reply; 17+ messages in thread
From: BALATON Zoltan @ 2014-05-06 10:03 UTC (permalink / raw)
To: qemu-devel; +Cc: Alexander Graf
Hello,
As I got no reply on the qemu-ppc list so far I try here maybe there are
some people who read this list but don't follow the ppc one.
I don't have the necessary hardware to do the testing needed for the patch
below. Some context for the discussion can be found in this message:
http://lists.nongnu.org/archive/html/qemu-ppc/2014-04/msg00277.html
It seems we have some code that contains instructions with a reserved bit set
in an stwx instruction that works on real hardware but causes an invalid
instruction exception on QEMU.
I'd appreciate some insight and help.
Regards,
BALATON Zoltan
On Thu, 17 Apr 2014, Programmingkid wrote:
> On Apr 17, 2014, at 3:16 AM, qemu-ppc-request@nongnu.org wrote:
>> On Wed, 16 Apr 2014, Alexander Graf wrote:
>>> On 16.04.14 12:24, BALATON Zoltan wrote:
>>>> On Tue, 15 Apr 2014, Alexander Graf wrote:
>>>>> Try to do the same with the _E macro. Be creative :)
>>>>
>>>> This one did it:
>>>>
>>>> diff --git a/target-ppc/translate.c b/target-ppc/translate.c
>>>> index e3fcb03..d1e175e 100644
>>>> --- a/target-ppc/translate.c
>>>> +++ b/target-ppc/translate.c
>>>> @@ -10341,7 +10341,7 @@ GEN_HANDLER(stop##u, opc, 0xFF, 0xFF, 0x00000000,
>>>> type),
>>>> #define GEN_STUX(name, stop, opc2, opc3, type)
>>>> \
>>>> GEN_HANDLER(name##ux, 0x1F, opc2, opc3, 0x00000001, type),
>>>> #define GEN_STX_E(name, stop, opc2, opc3, type, type2)
>>>> \
>>>> -GEN_HANDLER_E(name##x, 0x1F, opc2, opc3, 0x00000001, type, type2),
>>>> +GEN_HANDLER_E(name##x, 0x1F, opc2, opc3, 0x00000000, type, type2),
>>>> #define GEN_STS(name, stop, op, type)
>>>> \
>>>> GEN_ST(name, stop, op | 0x20, type)
>>>> \
>>>> GEN_STU(name, stop, op | 0x21, type)
>>>> \
>>>
>>> Cool. Could you please write a small program similar to the one I sent you
>>> that runs all of these instructions and checks that really none of them
>>> trigger a program interrupt on real hardware? We can then remove the
>>> reserved
>>> 1 bit from the mask.
>>
>> Would something like this work? (You should be able to change the
>> instruction to test at the 1: label.) I can't test it though without a PPC
>> machine.
>>
>> #include <stdio.h>
>>
>> int main(int argc, char **argv)
>> {
>> register unsigned long r8 asm("r8");
>> register unsigned long r9 asm("r9");
>> register unsigned long r10 asm("r10");
>> register unsigned long r11 asm("r11");
>> register unsigned long r12 asm("r12");
>> long val = 0;
>>
>> r8 = 0;
>> r9 = (long)&val;
>> r10 = 0;
>>
>> asm volatile("mfcr 8 \n\t"
>> "bl 1f \n\t"
>> "mfcr 11 \n\t"
>> "mflr 0 \n\t"
>> "lwz 8, 36(0) \n\t"
>> "ori 8, 8, 1 \n\t"
>> "stw 8, 36(0) \n\t"
>> "mfcr 8 \n\t"
>> "bl 1f \n\t"
>> "mfcr 12 \n\t"
>> "b 2f \n\t"
>> "1: stwx 8, 9, 10 \n\t"
>> "blr \n\t"
>> "2: \n\t"
>> : "=r"(r8), "=r"(r11), "=r"(r12)
>> : "r"(r8), "r"(r9), "r"(r10)
>> : "cc");
>>
>> printf("old cr (mem):\t%#lx\n", val);
>> printf("old cr (reg):\t%#lx\n", r8);
>> printf("new cr1 (reg):\t%#lx\n", r11);
>> printf("new cr2 (reg):\t%#lx\n", r12);
>>
>> return 0;
>> }
>>
>> Regards,
>> BALATON Zoltan
>
> Just tried out your program on a Macintosh with a G3 processor. It doesn't
> compile under Mac OS X. Under Linux it crashes with a segmentation fault.
^ permalink raw reply [flat|nested] 17+ messages in thread* Re: [Qemu-devel] Help needed testing on ppc
2014-05-06 10:03 [Qemu-devel] Help needed testing on ppc BALATON Zoltan
@ 2014-05-06 12:20 ` Tom Musta
2014-05-06 23:17 ` BALATON Zoltan
0 siblings, 1 reply; 17+ messages in thread
From: Tom Musta @ 2014-05-06 12:20 UTC (permalink / raw)
To: BALATON Zoltan, qemu-devel; +Cc: Alexander Graf
On 5/6/2014 5:03 AM, BALATON Zoltan wrote:
> Hello,
>
> As I got no reply on the qemu-ppc list so far I try here maybe there are some people who read this list but don't follow the ppc one.
>
> I don't have the necessary hardware to do the testing needed for the patch below. Some context for the discussion can be found in this message: http://lists.nongnu.org/archive/html/qemu-ppc/2014-04/msg00277.html
>
> It seems we have some code that contains instructions with a reserved bit set in an stwx instruction that works on real hardware but causes an invalid instruction exception on QEMU.
>
> I'd appreciate some insight and help.
>
> Regards,
> BALATON Zoltan
This is a bit tricky. You appear to have code that has a reserved bit set.
Early forms of the PowerPC ISA (circa 1998) said this: "All reserved fields in instructions should be zero. If they are not, the instruction form
is invalid. ... Any attempt to execute an invalid form of an instruction will cause the system illegal instruction error handler to
be invoked or yield boundedly undefined results." QEMU, as a general rule, meets this requirement by causing illegal instruction
exceptions.
More modern versions of the ISA (circa 2006) say this: "Reserved fields in instructions are ignored by the processor. This is a requirement
in the Server environment and is being phased into the Embedded environment. ... To maximize compatibility with future architecture
extensions, software must ensure that reserved fields in instructions contain zero and that defined fields of instructions do not contain
reserved values." Technically, QEMU does not comply with the requirement in the first sentence; and MorpOS does not comply with the third.
The newer form of the ISA is compatible with the older one since ignoring reserved fields is a valid implementation of "boundedly undefined."
A few questions and comments:
(1) Why is MorphOS using this invalid instruction form? Would it be easier to fix the OS rather than QEMU? Is there some undocumented
processor behavior that the code is dependent upon (e.g. is it actually expected CR0 to be set?).
(2) Your patch makes some store instructions compliant with the most recent ISAs but there are many other instructions that are not
addressed by the patch. I think fixing only some will be a future source of confusion.
(3) The change risks breaking behavior on older designs which may very well have taken the illegal instruction interrupt. Would it make more
sense to leave the masks as-is and instead make a single, isolated change in the decoder (gen_intermediate_code_internal). This behavior
could be made conditional (configuration item? processor family specific flag?). Unfortunately, the masks also catch some invalid forms
that do not involve reserved fields (e.g. lq/stq to odd numbered registers).
(4) In general, modeling undefined behavior is a slippery slope. I would much prefer to see the code fixed or justified before changing QEMU.
^ permalink raw reply [flat|nested] 17+ messages in thread
* Re: [Qemu-devel] Help needed testing on ppc
2014-05-06 12:20 ` Tom Musta
@ 2014-05-06 23:17 ` BALATON Zoltan
2014-05-07 15:31 ` Tom Musta
0 siblings, 1 reply; 17+ messages in thread
From: BALATON Zoltan @ 2014-05-06 23:17 UTC (permalink / raw)
To: Tom Musta; +Cc: qemu-devel, Alexander Graf
On Tue, 6 May 2014, Tom Musta wrote:
> On 5/6/2014 5:03 AM, BALATON Zoltan wrote:
>> Hello,
>>
>> As I got no reply on the qemu-ppc list so far I try here maybe there
>> are some people who read this list but don't follow the ppc one.
>>
>> I don't have the necessary hardware to do the testing needed for the
>> patch below. Some context for the discussion can be found in this
>> message:
>> http://lists.nongnu.org/archive/html/qemu-ppc/2014-04/msg00277.html
>>
>> It seems we have some code that contains instructions with a reserved
>> bit set in an stwx instruction that works on real hardware but causes
>> an invalid instruction exception on QEMU.
>>
>> I'd appreciate some insight and help.
>>
>> Regards,
>> BALATON Zoltan
>
> This is a bit tricky. You appear to have code that has a reserved bit
> set.
>
> Early forms of the PowerPC ISA (circa 1998) said this: "All reserved
> fields in instructions should be zero. If they are not, the instruction
> form is invalid. ... Any attempt to execute an invalid form of an
> instruction will cause the system illegal instruction error handler to
> be invoked or yield boundedly undefined results." QEMU, as a general
> rule, meets this requirement by causing illegal instruction exceptions.
>
> More modern versions of the ISA (circa 2006) say this: "Reserved fields
> in instructions are ignored by the processor. This is a requirement in
> the Server environment and is being phased into the Embedded
> environment. ... To maximize compatibility with future architecture
> extensions, software must ensure that reserved fields in instructions
> contain zero and that defined fields of instructions do not contain
> reserved values." Technically, QEMU does not comply with the
> requirement in the first sentence; and MorpOS does not comply with the
> third.
>
> The newer form of the ISA is compatible with the older one since
> ignoring reserved fields is a valid implementation of "boundedly
> undefined."
Thanks for the exhaustive answer with definitive references. This is
really very helpful.
> A few questions and comments:
>
> (1) Why is MorphOS using this invalid instruction form? Would it be
> easier to fix the OS rather than QEMU?
I don't know why is it used. I can ask the MorphOS developers but they did
not seem to be too supportive so far and at least one of them expressed
that they have no interest supporting other than their officially
supported list of hardware at this time. So I assume it is easier to fix
QEMU than MorphOS and if it works on a real Mac then it should also work
on QEMU's emulation of that Mac hardware.
> Is there some undocumented processor behavior that the code is dependent
> upon (e.g. is it actually expected CR0 to be set?).
This is what the testing was supposed to find out but MorphOS seems to run
better with the quoted patch so I don't think it depends on any other
undocumented behaviour other than ignoring reserved bits but I have no
definitive answer.
> (2) Your patch makes some store instructions compliant with the most
> recent ISAs but there are many other instructions that are not addressed
> by the patch. I think fixing only some will be a future source of
> confusion.
>
> (3) The change risks breaking behavior on older designs which may very
> well have taken the illegal instruction interrupt. Would it make more
> sense to leave the masks as-is and instead make a single, isolated
> change in the decoder (gen_intermediate_code_internal). This behavior
> could be made conditional (configuration item? processor family
> specific flag?). Unfortunately, the masks also catch some invalid forms
> that do not involve reserved fields (e.g. lq/stq to odd numbered
> registers).
I don't know this code very well so not sure I can follow your suggestion.
Are you proposing that the invalid masks could be ignored globally in
gen_intermediate_code_internal (around target-ppc/traslate.c:11444) based
on some condition for all opcodes?
Since your quotes above show that QEMU does not implement the current
specification and code relying on older behaviour would not run on newer
processors so it's likely they will get fixed so I think the risk of
breaking older designs is less than breaking software that rely on current
specification so IMO it should be changed in QEMU if possible and only
care about older designs when one is actually encountered.
> (4) In general, modeling undefined behavior is a slippery slope. I
> would much prefer to see the code fixed or justified before changing
> QEMU.
I can try to ask on the MorphOS list but their previous answer to another
question was that it works on the hardware they officially support.
Regards,
BALATON Zoltan
^ permalink raw reply [flat|nested] 17+ messages in thread
* Re: [Qemu-devel] Help needed testing on ppc
2014-05-06 23:17 ` BALATON Zoltan
@ 2014-05-07 15:31 ` Tom Musta
2014-05-07 16:59 ` Alexander Graf
2014-05-20 23:55 ` [Qemu-devel] " BALATON Zoltan
0 siblings, 2 replies; 17+ messages in thread
From: Tom Musta @ 2014-05-07 15:31 UTC (permalink / raw)
To: BALATON Zoltan; +Cc: qemu-devel, Alexander Graf
On 5/6/2014 6:17 PM, BALATON Zoltan wrote:
> On Tue, 6 May 2014, Tom Musta wrote:
>> On 5/6/2014 5:03 AM, BALATON Zoltan wrote:
>>> I'd appreciate some insight and help.
[snip]
>> (1) Why is MorphOS using this invalid instruction form? Would it be easier to fix the OS rather than QEMU?
>
> I don't know why is it used. I can ask the MorphOS developers but they did not seem to be too supportive so far and at least one of them expressed that they have no interest supporting other than their officially supported list of hardware at this time. So
> I assume it is easier to fix QEMU than MorphOS and if it works on a real Mac then it should also work on QEMU's emulation of that Mac hardware.
>
>> Is there some undocumented processor behavior that the code is dependent upon (e.g. is it actually expected CR0 to be set?).
>
> This is what the testing was supposed to find out but MorphOS seems to run better with the quoted patch so I don't think it depends on any other undocumented behaviour other than ignoring reserved bits but I have no definitive answer.
>
It still seems to me that setting a reserved instruction bit is an strange thing to do. It would be nice to at least
have a justification from MorphOS. It is possible that no one even knows the answer.
>> (2) Your patch makes some store instructions compliant with the most recent ISAs but there are many other instructions that are not addressed by the patch. I think fixing only some will be a future source of confusion.>>
Alex: do you have an opinion on this? Are you OK with changing masks for a few stores but not all instructions in general?
>> (3) The change risks breaking behavior on older designs which may very well have taken the illegal instruction interrupt. Would it make more sense to leave the masks as-is and instead make a single, isolated change in the decoder
>> (gen_intermediate_code_internal). This behavior could be made conditional (configuration item? processor family specific flag?). Unfortunately, the masks also catch some invalid forms that do not involve reserved fields (e.g. lq/stq to odd numbered
>> registers).
>
> I don't know this code very well so not sure I can follow your suggestion. Are you proposing that the invalid masks could be ignored globally in gen_intermediate_code_internal (around target-ppc/traslate.c:11444) based on some condition for all opcodes?
>
target-ppc/translate.c has a function named gen_intermediate_code_internal which does the decoding of the guest instructions.
Specifically it has this code:
11434 }
11435 } else {
11436 uint32_t inval;
11437
11438 if (unlikely(handler->type & (PPC_SPE | PPC_SPE_SINGLE | PPC_SPE_DOUBLE) && Rc(ctx.opcode))) {
11439 inval = handler->inval2;
11440 } else {
11441 inval = handler->inval1;
11442 }
11443
11444 if (unlikely((ctx.opcode & inval) != 0)) {
11445 if (qemu_log_enabled()) {
11446 qemu_log("invalid bits: %08x for opcode: "
11447 "%02x - %02x - %02x (%08x) " TARGET_FMT_lx "\n",
11448 ctx.opcode & inval, opc1(ctx.opcode),
11449 opc2(ctx.opcode), opc3(ctx.opcode),
11450 ctx.opcode, ctx.nip - 4);
11451 }
11452 gen_inval_exception(ctxp, POWERPC_EXCP_INVAL_INVAL);
11453 break;
11454 }
11455 }
My observations are that (a) rather than fix individual masks (like your patch does), one could inhibit the detection of illegal bits
in one spot. This behavior could be made dependent on something ... a configuration flag ... or it could be dependent on the processor
model. So there is an opportunity to not change every PPC model because of an oddity in MorpOS.
> Since your quotes above show that QEMU does not implement the current specification and code relying on older behaviour would not run on newer processors so it's likely they will get fixed so I think the risk of breaking older designs is less than breaking
> software that rely on current specification so IMO it should be changed in QEMU if possible and only care about older designs when one is actually encountered.
>
I agree with this argument except for the clause that says: "... and is being phased into the Embedded environment",
which still appears in the most recent ISA. So the Book E folks my not be so ready to eliminate the reserved
bit masks.
>> (4) In general, modeling undefined behavior is a slippery slope. I would much prefer to see the code fixed or justified before changing QEMU.
>
> I can try to ask on the MorphOS list but their previous answer to another question was that it works on the hardware they officially support.
"Working" should not be confused for "correct" :)
^ permalink raw reply [flat|nested] 17+ messages in thread* Re: [Qemu-devel] Help needed testing on ppc
2014-05-07 15:31 ` Tom Musta
@ 2014-05-07 16:59 ` Alexander Graf
2014-06-12 0:49 ` BALATON Zoltan
2014-05-20 23:55 ` [Qemu-devel] " BALATON Zoltan
1 sibling, 1 reply; 17+ messages in thread
From: Alexander Graf @ 2014-05-07 16:59 UTC (permalink / raw)
To: Tom Musta; +Cc: qemu-devel
On 05/07/2014 05:31 PM, Tom Musta wrote:
> On 5/6/2014 6:17 PM, BALATON Zoltan wrote:
>> On Tue, 6 May 2014, Tom Musta wrote:
>>> On 5/6/2014 5:03 AM, BALATON Zoltan wrote:
>>>> I'd appreciate some insight and help.
> [snip]
>>> (1) Why is MorphOS using this invalid instruction form? Would it be easier to fix the OS rather than QEMU?
>> I don't know why is it used. I can ask the MorphOS developers but they did not seem to be too supportive so far and at least one of them expressed that they have no interest supporting other than their officially supported list of hardware at this time. So
>> I assume it is easier to fix QEMU than MorphOS and if it works on a real Mac then it should also work on QEMU's emulation of that Mac hardware.
>>
>>> Is there some undocumented processor behavior that the code is dependent upon (e.g. is it actually expected CR0 to be set?).
>> This is what the testing was supposed to find out but MorphOS seems to run better with the quoted patch so I don't think it depends on any other undocumented behaviour other than ignoring reserved bits but I have no definitive answer.
>>
> It still seems to me that setting a reserved instruction bit is an strange thing to do. It would be nice to at least
> have a justification from MorphOS. It is possible that no one even knows the answer.
>
>>> (2) Your patch makes some store instructions compliant with the most recent ISAs but there are many other instructions that are not addressed by the patch. I think fixing only some will be a future source of confusion.>>
> Alex: do you have an opinion on this? Are you OK with changing masks for a few stores but not all instructions in general?
I would like to see someone just test all those load/store instructions
on old CPUs and see whether they fault. If none faults, we should just
be consistent and remove them for all. If say a 750 really only ignores
the Rc bit for stwx for some reason we should just model it accordingly.
Alex
^ permalink raw reply [flat|nested] 17+ messages in thread
* Re: [Qemu-devel] Help needed testing on ppc
2014-05-07 16:59 ` Alexander Graf
@ 2014-06-12 0:49 ` BALATON Zoltan
2014-06-16 23:42 ` BALATON Zoltan
0 siblings, 1 reply; 17+ messages in thread
From: BALATON Zoltan @ 2014-06-12 0:49 UTC (permalink / raw)
To: qemu-devel; +Cc: Programmingkid, Alexander Graf, Andreas Färber
On Wed, 7 May 2014, Alexander Graf wrote:
> On 05/07/2014 05:31 PM, Tom Musta wrote:
>> On 5/6/2014 6:17 PM, BALATON Zoltan wrote:
>>> On Tue, 6 May 2014, Tom Musta wrote:
>>>> (2) Your patch makes some store instructions compliant with the most
>>>> recent ISAs but there are many other instructions that are not addressed
>>>> by the patch. I think fixing only some will be a future source of
>>>> confusion.>>
>> Alex: do you have an opinion on this? Are you OK with changing masks for
>> a few stores but not all instructions in general?
>
> I would like to see someone just test all those load/store instructions on
> old CPUs and see whether they fault. If none faults, we should just be
> consistent and remove them for all. If say a 750 really only ignores the Rc
> bit for stwx for some reason we should just model it accordingly.
To get some answers to this and other questions that are still open I've
made a test program by stripping down yaboot and adding tests to it so
that it should be possible to run from Open Firmware as a boot loader. It
can be found here:
http://goliat.eik.bme.hu/~balaton/oftest/
The files there are:
* oftest - an ELF executable that you can put on some device OF can read
and run it if it were a boot loader ( e.g. 0> boot hd0,0:\oftest )
* oftest.hfs.xz - the same file on an 800k HFS volume that can be put on
e.g. a USB drive or CD then used as the previous one
* oftest-src.tar.xz - the source
When run from Open Firmware it should print some information about memory
layout, MSR setting, stack location, BAT registers and test the stwx
opcode with and without reserved bit which should help us understand
better the differences between QEMU and real hardware. I could only test
it on QEMU though.
I'd appreciate if you could run it on real hardware and take a picture of
the output screen which you upload somewhere and send the URL to that (or
if you cannot upload you can send the picture but in that case only to me
not to the list please). If cannot be seen on the picture please also
include the model of your machine that should appear at the beginning of
the Open Firmware greeting line.
Regards,
BALATON Zoltan
^ permalink raw reply [flat|nested] 17+ messages in thread* Re: [Qemu-devel] Help needed testing on ppc
2014-06-12 0:49 ` BALATON Zoltan
@ 2014-06-16 23:42 ` BALATON Zoltan
2014-06-17 8:42 ` Alexander Graf
0 siblings, 1 reply; 17+ messages in thread
From: BALATON Zoltan @ 2014-06-16 23:42 UTC (permalink / raw)
To: qemu-devel; +Cc: Programmingkid, Alexander Graf, Andreas Färber
On Thu, 12 Jun 2014, BALATON Zoltan wrote:
> On Wed, 7 May 2014, Alexander Graf wrote:
>> On 05/07/2014 05:31 PM, Tom Musta wrote:
>>> On 5/6/2014 6:17 PM, BALATON Zoltan wrote:
>>>> On Tue, 6 May 2014, Tom Musta wrote:
>>>>> (2) Your patch makes some store instructions compliant with the most
>>>>> recent ISAs but there are many other instructions that are not addressed
>>>>> by the patch. I think fixing only some will be a future source of
>>>>> confusion.>>
>>> Alex: do you have an opinion on this? Are you OK with changing masks for
>>> a few stores but not all instructions in general?
>>
>> I would like to see someone just test all those load/store instructions on
>> old CPUs and see whether they fault. If none faults, we should just be
>> consistent and remove them for all. If say a 750 really only ignores the Rc
>> bit for stwx for some reason we should just model it accordingly.
>
> To get some answers to this and other questions that are still open I've made
> a test program by stripping down yaboot and adding tests to it so that it
> should be possible to run from Open Firmware as a boot loader. It can be
> found here:
>
> http://goliat.eik.bme.hu/~balaton/oftest/
>
> The files there are:
> * oftest - an ELF executable that you can put on some device OF can read
> and run it if it were a boot loader ( e.g. 0> boot hd0,0:\oftest )
> * oftest.hfs.xz - the same file on an 800k HFS volume that can be put on
> e.g. a USB drive or CD then used as the previous one
> * oftest-src.tar.xz - the source
>
> When run from Open Firmware it should print some information about memory
> layout, MSR setting, stack location, BAT registers and test the stwx opcode
> with and without reserved bit which should help us understand better the
> differences between QEMU and real hardware. I could only test it on QEMU
> though.
I've got some results (but more are welcome) which can be seen here:
http://goliat.eik.bme.hu/~balaton/oftest/results/
The results show that the stwx instruction with reserved bit set does not
change status bits and does not generate an exception on any CPU tested
(G3 and G4) so it is most probably just ignored as we thought.
Regards,
BALATON Zoltan
^ permalink raw reply [flat|nested] 17+ messages in thread
* Re: [Qemu-devel] Help needed testing on ppc
2014-06-16 23:42 ` BALATON Zoltan
@ 2014-06-17 8:42 ` Alexander Graf
2014-06-17 9:34 ` [Qemu-devel] [Qemu-ppc] " BALATON Zoltan
0 siblings, 1 reply; 17+ messages in thread
From: Alexander Graf @ 2014-06-17 8:42 UTC (permalink / raw)
To: BALATON Zoltan, qemu-devel
Cc: Programmingkid, qemu-ppc, Andreas Färber, Tom Musta
On 17.06.14 01:42, BALATON Zoltan wrote:
> On Thu, 12 Jun 2014, BALATON Zoltan wrote:
>> On Wed, 7 May 2014, Alexander Graf wrote:
>>> On 05/07/2014 05:31 PM, Tom Musta wrote:
>>>> On 5/6/2014 6:17 PM, BALATON Zoltan wrote:
>>>>> On Tue, 6 May 2014, Tom Musta wrote:
>>>>>> (2) Your patch makes some store instructions compliant with the
>>>>>> most recent ISAs but there are many other instructions that are
>>>>>> not addressed by the patch. I think fixing only some will be a
>>>>>> future source of confusion.>>
>>>> Alex: do you have an opinion on this? Are you OK with changing
>>>> masks for a few stores but not all instructions in general?
>>>
>>> I would like to see someone just test all those load/store
>>> instructions on old CPUs and see whether they fault. If none faults,
>>> we should just be consistent and remove them for all. If say a 750
>>> really only ignores the Rc bit for stwx for some reason we should
>>> just model it accordingly.
>>
>> To get some answers to this and other questions that are still open
>> I've made a test program by stripping down yaboot and adding tests to
>> it so that it should be possible to run from Open Firmware as a boot
>> loader. It can be found here:
>>
>> http://goliat.eik.bme.hu/~balaton/oftest/
>>
>> The files there are:
>> * oftest - an ELF executable that you can put on some device OF can read
>> and run it if it were a boot loader ( e.g. 0> boot
>> hd0,0:\oftest )
>> * oftest.hfs.xz - the same file on an 800k HFS volume that can be put on
>> e.g. a USB drive or CD then used as the previous one
>> * oftest-src.tar.xz - the source
>>
>> When run from Open Firmware it should print some information about
>> memory layout, MSR setting, stack location, BAT registers and test
>> the stwx opcode with and without reserved bit which should help us
>> understand better the differences between QEMU and real hardware. I
>> could only test it on QEMU though.
>
> I've got some results (but more are welcome) which can be seen here:
>
> http://goliat.eik.bme.hu/~balaton/oftest/results/
>
> The results show that the stwx instruction with reserved bit set does
> not change status bits and does not generate an exception on any CPU
> tested (G3 and G4) so it is most probably just ignored as we thought.
[adding qemu-ppc and tom to CC]
Tom already commented on this. Is there a pattern that matches all the
indexed load/store instructions or is stwx a one-off?
Alex
^ permalink raw reply [flat|nested] 17+ messages in thread
* Re: [Qemu-devel] [Qemu-ppc] Help needed testing on ppc
2014-06-17 8:42 ` Alexander Graf
@ 2014-06-17 9:34 ` BALATON Zoltan
2014-06-17 9:37 ` Alexander Graf
0 siblings, 1 reply; 17+ messages in thread
From: BALATON Zoltan @ 2014-06-17 9:34 UTC (permalink / raw)
To: Alexander Graf
Cc: Tom Musta, Programmingkid, qemu-ppc, qemu-devel, Andreas Färber
On Tue, 17 Jun 2014, Alexander Graf wrote:
> On 17.06.14 01:42, BALATON Zoltan wrote:
>> On Thu, 12 Jun 2014, BALATON Zoltan wrote:
>>> On Wed, 7 May 2014, Alexander Graf wrote:
>>>> On 05/07/2014 05:31 PM, Tom Musta wrote:
>>>>> On 5/6/2014 6:17 PM, BALATON Zoltan wrote:
>>>>>> On Tue, 6 May 2014, Tom Musta wrote:
>>>>>>> (2) Your patch makes some store instructions compliant with the most
>>>>>>> recent ISAs but there are many other instructions that are not
>>>>>>> addressed by the patch. I think fixing only some will be a future
>>>>>>> source of confusion.>>
>>>>> Alex: do you have an opinion on this? Are you OK with changing masks
>>>>> for a few stores but not all instructions in general?
>>>>
>>>> I would like to see someone just test all those load/store instructions
>>>> on old CPUs and see whether they fault. If none faults, we should just be
>>>> consistent and remove them for all. If say a 750 really only ignores the
>>>> Rc bit for stwx for some reason we should just model it accordingly.
>>>
>>> To get some answers to this and other questions that are still open I've
>>> made a test program by stripping down yaboot and adding tests to it so
>>> that it should be possible to run from Open Firmware as a boot loader. It
>>> can be found here:
>>>
>>> http://goliat.eik.bme.hu/~balaton/oftest/
>>>
>>> The files there are:
>>> * oftest - an ELF executable that you can put on some device OF can read
>>> and run it if it were a boot loader ( e.g. 0> boot hd0,0:\oftest )
>>> * oftest.hfs.xz - the same file on an 800k HFS volume that can be put on
>>> e.g. a USB drive or CD then used as the previous one
>>> * oftest-src.tar.xz - the source
>>>
>>> When run from Open Firmware it should print some information about memory
>>> layout, MSR setting, stack location, BAT registers and test the stwx
>>> opcode with and without reserved bit which should help us understand
>>> better the differences between QEMU and real hardware. I could only test
>>> it on QEMU though.
>>
>> I've got some results (but more are welcome) which can be seen here:
>>
>> http://goliat.eik.bme.hu/~balaton/oftest/results/
>>
>> The results show that the stwx instruction with reserved bit set does not
>> change status bits and does not generate an exception on any CPU tested (G3
>> and G4) so it is most probably just ignored as we thought.
>
> [adding qemu-ppc and tom to CC]
>
> Tom already commented on this. Is there a pattern that matches all the
> indexed load/store instructions or is stwx a one-off?
Is this a question to whom? If to me I don't understand it.
Regards,
BALATON Zoltan
^ permalink raw reply [flat|nested] 17+ messages in thread
* Re: [Qemu-devel] [Qemu-ppc] Help needed testing on ppc
2014-06-17 9:34 ` [Qemu-devel] [Qemu-ppc] " BALATON Zoltan
@ 2014-06-17 9:37 ` Alexander Graf
2014-06-17 11:05 ` BALATON Zoltan
0 siblings, 1 reply; 17+ messages in thread
From: Alexander Graf @ 2014-06-17 9:37 UTC (permalink / raw)
To: BALATON Zoltan
Cc: Tom Musta, Programmingkid, qemu-ppc, qemu-devel, Andreas Färber
On 17.06.14 11:34, BALATON Zoltan wrote:
> On Tue, 17 Jun 2014, Alexander Graf wrote:
>> On 17.06.14 01:42, BALATON Zoltan wrote:
>>> On Thu, 12 Jun 2014, BALATON Zoltan wrote:
>>>> On Wed, 7 May 2014, Alexander Graf wrote:
>>>>> On 05/07/2014 05:31 PM, Tom Musta wrote:
>>>>>> On 5/6/2014 6:17 PM, BALATON Zoltan wrote:
>>>>>>> On Tue, 6 May 2014, Tom Musta wrote:
>>>>>>>> (2) Your patch makes some store instructions compliant with the
>>>>>>>> most recent ISAs but there are many other instructions that are
>>>>>>>> not addressed by the patch. I think fixing only some will be a
>>>>>>>> future source of confusion.>>
>>>>>> Alex: do you have an opinion on this? Are you OK with changing
>>>>>> masks for a few stores but not all instructions in general?
>>>>>
>>>>> I would like to see someone just test all those load/store
>>>>> instructions on old CPUs and see whether they fault. If none
>>>>> faults, we should just be consistent and remove them for all. If
>>>>> say a 750 really only ignores the Rc bit for stwx for some reason
>>>>> we should just model it accordingly.
>>>>
>>>> To get some answers to this and other questions that are still open
>>>> I've made a test program by stripping down yaboot and adding tests
>>>> to it so that it should be possible to run from Open Firmware as a
>>>> boot loader. It can be found here:
>>>>
>>>> http://goliat.eik.bme.hu/~balaton/oftest/
>>>>
>>>> The files there are:
>>>> * oftest - an ELF executable that you can put on some device OF can
>>>> read
>>>> and run it if it were a boot loader ( e.g. 0> boot
>>>> hd0,0:\oftest )
>>>> * oftest.hfs.xz - the same file on an 800k HFS volume that can be
>>>> put on
>>>> e.g. a USB drive or CD then used as the previous one
>>>> * oftest-src.tar.xz - the source
>>>>
>>>> When run from Open Firmware it should print some information about
>>>> memory layout, MSR setting, stack location, BAT registers and test
>>>> the stwx opcode with and without reserved bit which should help us
>>>> understand better the differences between QEMU and real hardware. I
>>>> could only test it on QEMU though.
>>>
>>> I've got some results (but more are welcome) which can be seen here:
>>>
>>> http://goliat.eik.bme.hu/~balaton/oftest/results/
>>>
>>> The results show that the stwx instruction with reserved bit set
>>> does not change status bits and does not generate an exception on
>>> any CPU tested (G3 and G4) so it is most probably just ignored as we
>>> thought.
>>
>> [adding qemu-ppc and tom to CC]
>>
>> Tom already commented on this. Is there a pattern that matches all
>> the indexed load/store instructions or is stwx a one-off?
>
> Is this a question to whom? If to me I don't understand it.
stwx is part of a group of instructions. It's very rare that hardware
only shows certain behavior (like ignore a reserved bit) for single
instructions. Usually it happens on complete groups.
Alex
^ permalink raw reply [flat|nested] 17+ messages in thread
* Re: [Qemu-devel] [Qemu-ppc] Help needed testing on ppc
2014-06-17 9:37 ` Alexander Graf
@ 2014-06-17 11:05 ` BALATON Zoltan
2014-06-17 11:54 ` Tom Musta
0 siblings, 1 reply; 17+ messages in thread
From: BALATON Zoltan @ 2014-06-17 11:05 UTC (permalink / raw)
To: Alexander Graf
Cc: Tom Musta, Programmingkid, qemu-ppc, qemu-devel, Andreas Färber
On Tue, 17 Jun 2014, Alexander Graf wrote:
>>>> http://goliat.eik.bme.hu/~balaton/oftest/results/
>>>>
>>>> The results show that the stwx instruction with reserved bit set does not
>>>> change status bits and does not generate an exception on any CPU tested
>>>> (G3 and G4) so it is most probably just ignored as we thought.
>>>
>>> [adding qemu-ppc and tom to CC]
>>>
>>> Tom already commented on this. Is there a pattern that matches all the
>>> indexed load/store instructions or is stwx a one-off?
>>
>> Is this a question to whom? If to me I don't understand it.
>
> stwx is part of a group of instructions. It's very rare that hardware only
> shows certain behavior (like ignore a reserved bit) for single instructions.
> Usually it happens on complete groups.
Who would know that? The test only tested stwx and I assume the same that
this should not behave differently than any other instruction. Also this
is the only instruction that was used with the set reserved bit in MorphOS
and the patch ignoring reserved bits for this group of instructions that
we discussed earlier seems to fix it. (There's another case with an
altivec instruction with a similar failure but I did not look at that yet
if that's a reserved bit too or something else.) As to why it's in MorphOS
I don't know, I got no answer from them.
Regards,
BALATON Zoltan
^ permalink raw reply [flat|nested] 17+ messages in thread
* Re: [Qemu-devel] [Qemu-ppc] Help needed testing on ppc
2014-06-17 11:05 ` BALATON Zoltan
@ 2014-06-17 11:54 ` Tom Musta
2014-06-17 15:17 ` BALATON Zoltan
0 siblings, 1 reply; 17+ messages in thread
From: Tom Musta @ 2014-06-17 11:54 UTC (permalink / raw)
To: BALATON Zoltan, Alexander Graf
Cc: Programmingkid, qemu-ppc, qemu-devel, Andreas Färber
On 6/17/2014 6:05 AM, BALATON Zoltan wrote:
> On Tue, 17 Jun 2014, Alexander Graf wrote:
>>>>> http://goliat.eik.bme.hu/~balaton/oftest/results/
>>>>>
>>>>> The results show that the stwx instruction with reserved bit set does not change status bits and does not generate an exception on any CPU tested (G3 and G4) so it is most probably just ignored as we thought.
>>>>
>>>> [adding qemu-ppc and tom to CC]
>>>>
>>>> Tom already commented on this. Is there a pattern that matches all the indexed load/store instructions or is stwx a one-off?
>>>
>>> Is this a question to whom? If to me I don't understand it.
>>
>> stwx is part of a group of instructions. It's very rare that hardware only shows certain behavior (like ignore a reserved bit) for single instructions. Usually it happens on complete groups.
>
> Who would know that? The test only tested stwx and I assume the same that this should not behave differently than any other instruction. Also this is the only instruction that was used with the set reserved bit in MorphOS and the patch ignoring reserved
> bits for this group of instructions that we discussed earlier seems to fix it. (There's another case with an altivec instruction with a similar failure but I did not look at that yet if that's a reserved bit too or something else.) As to why it's in
> MorphOS I don't know, I got no answer from them.
>
> Regards,
> BALATON Zoltan
I am looking at the test case source code and do not see how you are setting the reserved bit. Maybe I am missing some cleverness in how the test is built?
#include <prom.h>
void stwxtest(void)
{
unsigned int val, cr, cr1, cr2;
prom_printf("Testing stwx reserved bit\n");
val = 0;
asm volatile("mfcr %0 \n\t"
"bl 1f \n\t"
"mfcr %1 \n\t"
"mflr 10 \n\t"
"lwz %0, 36(10) \n\t"
"ori %0, %0, 1 \n\t"
"stw %0, 36(10) \n\t"
"mfcr %0 \n\t"
"bl 1f \n\t"
"mfcr %2 \n\t"
"b 2f \n\t"
"1: stwx %0, %4, %6 \n\t" <<<<<<<<<<<<< just a normal stwx, right?
"blr \n\t"
"2: \n\t"
: "=&r"(cr), "=&r"(cr1), "=&r"(cr2), "=m"(val)
: "r"(&val), "m"(val), "r"(8)
: "r8", "r9", "r10", "cc", "memory");
prom_printf("old cr (mem):\t%#x\n", val);
prom_printf("old cr (reg):\t%#x\n", cr);
prom_printf("new cr1 (reg):\t%#x\n", cr1);
prom_printf("new cr2 (reg):\t%#x\n", cr2);
}
But the objdump of your test binary does not show that it is set either:
00102784 <stwxtest>:
stwxtest():
102784: 7c 08 02 a6 mflr r0
102788: 94 21 ff d0 stwu r1,-48(r1)
10278c: 3c 60 00 10 lis r3,16
102790: 38 63 32 29 addi r3,r3,12841
102794: bf a1 00 24 stmw r29,36(r1)
102798: 90 01 00 34 stw r0,52(r1)
10279c: 4c c6 31 82 crclr 4*cr1+eq
1027a0: 4b ff e2 75 bl 100a14 <prom_printf>
1027a4: 7c 27 0b 78 mr r7,r1
1027a8: 39 20 00 00 li r9,0
1027ac: 95 27 00 08 stwu r9,8(r7)
1027b0: 38 c0 00 08 li r6,8
1027b4: 7f a0 00 26 mfcr r29
1027b8: 48 00 00 29 bl 1027e0 <stwxtest+0x5c>
1027bc: 7f c0 00 26 mfcr r30
1027c0: 7d 48 02 a6 mflr r10
1027c4: 83 aa 00 24 lwz r29,36(r10)
1027c8: 63 bd 00 01 ori r29,r29,1
1027cc: 93 aa 00 24 stw r29,36(r10)
1027d0: 7f a0 00 26 mfcr r29
1027d4: 48 00 00 0d bl 1027e0 <stwxtest+0x5c>
1027d8: 7f e0 00 26 mfcr r31
1027dc: 48 00 00 0c b 1027e8 <stwxtest+0x64>
1027e0: 7f a7 31 2e stwx r29,r7,r6 <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<
1027e4: 4e 80 00 20 blr
^ permalink raw reply [flat|nested] 17+ messages in thread* Re: [Qemu-devel] [Qemu-ppc] Help needed testing on ppc
2014-06-17 11:54 ` Tom Musta
@ 2014-06-17 15:17 ` BALATON Zoltan
2014-06-18 12:40 ` Tom Musta
0 siblings, 1 reply; 17+ messages in thread
From: BALATON Zoltan @ 2014-06-17 15:17 UTC (permalink / raw)
To: Tom Musta
Cc: Programmingkid, qemu-ppc, Alexander Graf, Andreas Färber,
qemu-devel
On Tue, 17 Jun 2014, Tom Musta wrote:
> I am looking at the test case source code and do not see how you are
> setting the reserved bit. Maybe I am missing some cleverness in how the
> test is built?
Probably I should have written it more straight-forward but I wanted it to
be possible to change it for other tests easily so it's a bit tricky.
Basically I get the code location by a bl then fetching the link register:
> asm volatile("mfcr %0 \n\t"
> "bl 1f \n\t"
> "mfcr %1 \n\t"
> "mflr 10 \n\t"
and then set the bit with the next three lines after testing the normal
case:
> "lwz %0, 36(10) \n\t"
> "ori %0, %0, 1 \n\t"
> "stw %0, 36(10) \n\t"
Then test again with the bit set:
> "mfcr %0 \n\t"
> "bl 1f \n\t"
> "mfcr %2 \n\t"
and exit:
> "b 2f \n\t"
> "1: stwx %0, %4, %6 \n\t" <<<<<<<<<<<<< just a normal stwx, right?
> "blr \n\t"
> "2: \n\t"
> : "=&r"(cr), "=&r"(cr1), "=&r"(cr2), "=m"(val)
> : "r"(&val), "m"(val), "r"(8)
> : "r8", "r9", "r10", "cc", "memory");
>
> prom_printf("old cr (mem):\t%#x\n", val);
> prom_printf("old cr (reg):\t%#x\n", cr);
> prom_printf("new cr1 (reg):\t%#x\n", cr1);
> prom_printf("new cr2 (reg):\t%#x\n", cr2);
> }
>
>
> But the objdump of your test binary does not show that it is set either:
It should show in a debugger the second time the stwx is called (it did
for me).
Regards,
BALATON Zoltan
^ permalink raw reply [flat|nested] 17+ messages in thread* Re: [Qemu-devel] [Qemu-ppc] Help needed testing on ppc
2014-06-17 15:17 ` BALATON Zoltan
@ 2014-06-18 12:40 ` Tom Musta
2014-06-19 13:21 ` BALATON Zoltan
0 siblings, 1 reply; 17+ messages in thread
From: Tom Musta @ 2014-06-18 12:40 UTC (permalink / raw)
To: BALATON Zoltan
Cc: Programmingkid, qemu-ppc, Alexander Graf, Andreas Färber,
qemu-devel
On 6/17/2014 10:17 AM, BALATON Zoltan wrote:
> On Tue, 17 Jun 2014, Tom Musta wrote:
>> I am looking at the test case source code and do not see how you are setting the reserved bit. Maybe I am missing some cleverness in how the test is built?
>
> Probably I should have written it more straight-forward but I wanted it to be possible to change it for other tests easily so it's a bit tricky. Basically I get the code location by a bl then fetching the link register:
>
>> asm volatile("mfcr %0 \n\t"
>> "bl 1f \n\t"
>> "mfcr %1 \n\t"
>> "mflr 10 \n\t"
>
> and then set the bit with the next three lines after testing the normal case:
>
>> "lwz %0, 36(10) \n\t"
>> "ori %0, %0, 1 \n\t"
>> "stw %0, 36(10) \n\t"
>
> Then test again with the bit set:
>
>> "mfcr %0 \n\t"
>> "bl 1f \n\t"
>> "mfcr %2 \n\t"
>
> and exit:
>
>> "b 2f \n\t"
>> "1: stwx %0, %4, %6 \n\t" <<<<<<<<<<<<< just a normal stwx, right?
>> "blr \n\t"
>> "2: \n\t"
>> : "=&r"(cr), "=&r"(cr1), "=&r"(cr2), "=m"(val)
>> : "r"(&val), "m"(val), "r"(8)
>> : "r8", "r9", "r10", "cc", "memory");
>>
>> prom_printf("old cr (mem):\t%#x\n", val);
>> prom_printf("old cr (reg):\t%#x\n", cr);
>> prom_printf("new cr1 (reg):\t%#x\n", cr1);
>> prom_printf("new cr2 (reg):\t%#x\n", cr2);
>> }
>>
>>
>> But the objdump of your test binary does not show that it is set either:
>
> It should show in a debugger the second time the stwx is called (it did for me).
>
> Regards,
> BALATON Zoltan
There should be an icbi after the ori/stw sequence to ensure that the modified code gets into the instruction cache.
^ permalink raw reply [flat|nested] 17+ messages in thread* Re: [Qemu-devel] [Qemu-ppc] Help needed testing on ppc
2014-06-18 12:40 ` Tom Musta
@ 2014-06-19 13:21 ` BALATON Zoltan
2014-06-23 17:07 ` Alexander Graf
0 siblings, 1 reply; 17+ messages in thread
From: BALATON Zoltan @ 2014-06-19 13:21 UTC (permalink / raw)
To: Tom Musta
Cc: Programmingkid, qemu-ppc, Alexander Graf, Andreas Färber,
qemu-devel
On Wed, 18 Jun 2014, Tom Musta wrote:
> On 6/17/2014 10:17 AM, BALATON Zoltan wrote:
>> On Tue, 17 Jun 2014, Tom Musta wrote:
>>> I am looking at the test case source code and do not see how you are setting the reserved bit. Maybe I am missing some cleverness in how the test is built?
>>
>> Probably I should have written it more straight-forward but I wanted it to be possible to change it for other tests easily so it's a bit tricky. Basically I get the code location by a bl then fetching the link register:
>>
>>> asm volatile("mfcr %0 \n\t"
>>> "bl 1f \n\t"
>>> "mfcr %1 \n\t"
>>> "mflr 10 \n\t"
>>
>> and then set the bit with the next three lines after testing the normal case:
>>
>>> "lwz %0, 36(10) \n\t"
>>> "ori %0, %0, 1 \n\t"
>>> "stw %0, 36(10) \n\t"
>>
>> Then test again with the bit set:
>>
>>> "mfcr %0 \n\t"
>>> "bl 1f \n\t"
>>> "mfcr %2 \n\t"
>>
>> and exit:
>>
>>> "b 2f \n\t"
>>> "1: stwx %0, %4, %6 \n\t" <<<<<<<<<<<<< just a normal stwx, right?
>>> "blr \n\t"
>>> "2: \n\t"
>>> : "=&r"(cr), "=&r"(cr1), "=&r"(cr2), "=m"(val)
>>> : "r"(&val), "m"(val), "r"(8)
>>> : "r8", "r9", "r10", "cc", "memory");
>>>
>>> prom_printf("old cr (mem):\t%#x\n", val);
>>> prom_printf("old cr (reg):\t%#x\n", cr);
>>> prom_printf("new cr1 (reg):\t%#x\n", cr1);
>>> prom_printf("new cr2 (reg):\t%#x\n", cr2);
>>> }
>>>
>>>
>>> But the objdump of your test binary does not show that it is set either:
>>
>> It should show in a debugger the second time the stwx is called (it did for me).
>>
>
> There should be an icbi after the ori/stw sequence to ensure that the
> modified code gets into the instruction cache.
I've corrected the test accordingly and rerun on iMac,1. It did not change
the stwx test results, the cr values are still the same.
Regards,
BALATON Zoltan
^ permalink raw reply [flat|nested] 17+ messages in thread* Re: [Qemu-devel] [Qemu-ppc] Help needed testing on ppc
2014-06-19 13:21 ` BALATON Zoltan
@ 2014-06-23 17:07 ` Alexander Graf
0 siblings, 0 replies; 17+ messages in thread
From: Alexander Graf @ 2014-06-23 17:07 UTC (permalink / raw)
To: BALATON Zoltan, Tom Musta
Cc: Programmingkid, qemu-ppc, qemu-devel, Andreas Färber
On 19.06.14 15:21, BALATON Zoltan wrote:
> On Wed, 18 Jun 2014, Tom Musta wrote:
>> On 6/17/2014 10:17 AM, BALATON Zoltan wrote:
>>> On Tue, 17 Jun 2014, Tom Musta wrote:
>>>> I am looking at the test case source code and do not see how you
>>>> are setting the reserved bit. Maybe I am missing some cleverness in
>>>> how the test is built?
>>>
>>> Probably I should have written it more straight-forward but I wanted
>>> it to be possible to change it for other tests easily so it's a bit
>>> tricky. Basically I get the code location by a bl then fetching the
>>> link register:
>>>
>>>> asm volatile("mfcr %0 \n\t"
>>>> "bl 1f \n\t"
>>>> "mfcr %1 \n\t"
>>>> "mflr 10 \n\t"
>>>
>>> and then set the bit with the next three lines after testing the
>>> normal case:
>>>
>>>> "lwz %0, 36(10) \n\t"
>>>> "ori %0, %0, 1 \n\t"
>>>> "stw %0, 36(10) \n\t"
>>>
>>> Then test again with the bit set:
>>>
>>>> "mfcr %0 \n\t"
>>>> "bl 1f \n\t"
>>>> "mfcr %2 \n\t"
>>>
>>> and exit:
>>>
>>>> "b 2f \n\t"
>>>> "1: stwx %0, %4, %6 \n\t" <<<<<<<<<<<<< just a
>>>> normal stwx, right?
>>>> "blr \n\t"
>>>> "2: \n\t"
>>>> : "=&r"(cr), "=&r"(cr1), "=&r"(cr2), "=m"(val)
>>>> : "r"(&val), "m"(val), "r"(8)
>>>> : "r8", "r9", "r10", "cc", "memory");
>>>>
>>>> prom_printf("old cr (mem):\t%#x\n", val);
>>>> prom_printf("old cr (reg):\t%#x\n", cr);
>>>> prom_printf("new cr1 (reg):\t%#x\n", cr1);
>>>> prom_printf("new cr2 (reg):\t%#x\n", cr2);
>>>> }
>>>>
>>>>
>>>> But the objdump of your test binary does not show that it is set
>>>> either:
>>>
>>> It should show in a debugger the second time the stwx is called (it
>>> did for me).
>>>
>>
>> There should be an icbi after the ori/stw sequence to ensure that the
>> modified code gets into the instruction cache.
>
> I've corrected the test accordingly and rerun on iMac,1. It did not
> change the stwx test results, the cr values are still the same.
Great :). Now please check through all opcodes that get generated by the
GEN_STUX, GEN_STX_E, GEN_LDUX and GEN_LDX_E helpers in translate.c and
verify that the bit gets ignored on all of them. We can then easily
just remove the reserved Rc bit on those instruction definitions
generically and call it a day.
Alex
^ permalink raw reply [flat|nested] 17+ messages in thread
* Re: [Qemu-devel] Help needed testing on ppc
2014-05-07 15:31 ` Tom Musta
2014-05-07 16:59 ` Alexander Graf
@ 2014-05-20 23:55 ` BALATON Zoltan
1 sibling, 0 replies; 17+ messages in thread
From: BALATON Zoltan @ 2014-05-20 23:55 UTC (permalink / raw)
To: Tom Musta; +Cc: qemu-devel, Alexander Graf
On Wed, 7 May 2014, Tom Musta wrote:
> On 5/6/2014 6:17 PM, BALATON Zoltan wrote:
>> On Tue, 6 May 2014, Tom Musta wrote:
>>> On 5/6/2014 5:03 AM, BALATON Zoltan wrote:
>>>> I'd appreciate some insight and help.
> [snip]
>>> (1) Why is MorphOS using this invalid instruction form? Would it be easier to fix the OS rather than QEMU?
>>
>> I don't know why is it used. I can ask the MorphOS developers but they did not seem to be too supportive so far and at least one of them expressed that they have no interest supporting other than their officially supported list of hardware at this time. So
>> I assume it is easier to fix QEMU than MorphOS and if it works on a real Mac then it should also work on QEMU's emulation of that Mac hardware.
>>
>>> Is there some undocumented processor behavior that the code is dependent upon (e.g. is it actually expected CR0 to be set?).
>>
>> This is what the testing was supposed to find out but MorphOS seems to run better with the quoted patch so I don't think it depends on any other undocumented behaviour other than ignoring reserved bits but I have no definitive answer.
>
> It still seems to me that setting a reserved instruction bit is an strange thing to do. It would be nice to at least
> have a justification from MorphOS. It is possible that no one even knows the answer.
I've tried to ask them about this but all I got as an answer was that
running on QEMU is not supported so I take it that they don't know or
won't tell. But it's also very unlikely they would change it in MorphOS so
it seems it is not easier to fix in MorphOS.
>>> (2) Your patch makes some store instructions compliant with the most recent ISAs but there are many other instructions that are not addressed by the patch. I think fixing only some will be a future source of confusion.>>
>
> Alex: do you have an opinion on this? Are you OK with changing masks for a few stores but not all instructions in general?
I've got a bit further and came across another invalid instruction
exception:
invalid bits: 02000000 for opcode: 1f - 16 - 0b (7e04caec) 1020574c
I don't know if this is another case of using reserved bits or something
else though.
Regards,
BALATON Zoltan
^ permalink raw reply [flat|nested] 17+ messages in thread
end of thread, other threads:[~2014-06-23 17:07 UTC | newest]
Thread overview: 17+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2014-05-06 10:03 [Qemu-devel] Help needed testing on ppc BALATON Zoltan
2014-05-06 12:20 ` Tom Musta
2014-05-06 23:17 ` BALATON Zoltan
2014-05-07 15:31 ` Tom Musta
2014-05-07 16:59 ` Alexander Graf
2014-06-12 0:49 ` BALATON Zoltan
2014-06-16 23:42 ` BALATON Zoltan
2014-06-17 8:42 ` Alexander Graf
2014-06-17 9:34 ` [Qemu-devel] [Qemu-ppc] " BALATON Zoltan
2014-06-17 9:37 ` Alexander Graf
2014-06-17 11:05 ` BALATON Zoltan
2014-06-17 11:54 ` Tom Musta
2014-06-17 15:17 ` BALATON Zoltan
2014-06-18 12:40 ` Tom Musta
2014-06-19 13:21 ` BALATON Zoltan
2014-06-23 17:07 ` Alexander Graf
2014-05-20 23:55 ` [Qemu-devel] " BALATON Zoltan
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.