From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from mailman by lists.gnu.org with tmda-scanned (Exim 4.43) id 1MRPSl-0007Q5-I5 for qemu-devel@nongnu.org; Thu, 16 Jul 2009 07:49:23 -0400 Received: from exim by lists.gnu.org with spam-scanned (Exim 4.43) id 1MRPSg-0007Ky-E1 for qemu-devel@nongnu.org; Thu, 16 Jul 2009 07:49:22 -0400 Received: from [199.232.76.173] (port=49127 helo=monty-python.gnu.org) by lists.gnu.org with esmtp (Exim 4.43) id 1MRPSg-0007Kr-Ae for qemu-devel@nongnu.org; Thu, 16 Jul 2009 07:49:18 -0400 Received: from mail-px0-f201.google.com ([209.85.216.201]:52606) by monty-python.gnu.org with esmtp (Exim 4.60) (envelope-from ) id 1MRPSf-0007mO-Pp for qemu-devel@nongnu.org; Thu, 16 Jul 2009 07:49:18 -0400 Received: by pxi39 with SMTP id 39so41381pxi.4 for ; Thu, 16 Jul 2009 04:49:17 -0700 (PDT) MIME-Version: 1.0 In-Reply-To: References: <3cdfa5bc0907150833w4bf27bfj283242a7e0b5eb9a@mail.gmail.com> Date: Thu, 16 Jul 2009 19:49:16 +0800 Message-ID: <3cdfa5bc0907160449l6e33597fn64e26cf5055eceed@mail.gmail.com> Subject: Re: [Qemu-devel] Misbehavior of qemu ppc tcg/translation? From: Baojun Wang Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: quoted-printable List-Id: qemu-devel.nongnu.org List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , To: Blue Swirl Cc: qemu-devel@nongnu.org Sorry, I think my example have some problem, because the instruction after the `bl' would also be executed, I think the reason why on a real machine (e500v2) doesn't PROGRAM is because of the SPE instruction: efdabs 0 0 0 1 0 0 rD rA /// 0 1 0 1 1 1 0 0 1 0 0 EFX efdabs efdadd 0 0 0 1 0 0 rD rA rB 0 1 0 1 1 1 0 0 0 0 0 EFX efdadd efdcfs 0 0 0 1 0 0 rD 0 0 0 0 0 rB 0 1 0 1 1 1 0 1 1 1 1 EFX efdcfs efdcfsf 0 0 0 1 0 0 rD /// rB 0 1 0 1 1 1 1 0 0 1 1 EFX efdcfsf efdcfsi 0 0 0 1 0 0 rD /// rB 0 1 0 1 1 1 1 0 0 0 1 EFX efdcfsi efdcfuf 0 0 0 1 0 0 rD /// rB 0 1 0 1 1 1 1 0 0 1 0 EFX efdcfuf efdcfui 0 0 0 1 0 0 rD /// rB 0 1 0 1 1 1 1 0 0 0 0 EFX efdcfui efdcmpeq 0 0 0 1 0 0 crfD / / rA rB 0 1 0 1 1 1 0 1 1 1 0 EFX efdcmpeq opcode(0x10001234) =3D=3D> opcode =3D 4 which will be the above instructions on e500. I have changed my program, not it looks like: .data msg: .string "hello, world!\n" len =3D . - msg .text .global _my_cont _my_cont: li 0, 1 li 3, 0 sc .global _my_write _my_write: stwu 1, -16(1) mflr 6 lwz 4, 0(6) lwz 5, 4(6) lwz 7, 8(6) stw 6, 0(1) stw 7, 4(1) sc lwz 6, 0(1) lwz 7, 8(6) mtlr 7 addi 1, 1, 16 blr .global _start _start: li 0, 4 li 3, 1 bl _my_write .long msg .long len .long _my_cont On both qemu & real machine, the code runs fine. I ran into infinite PROGRAM exception incidentally (NEED further confirm) in ppc-softmmu, which is more or less simular with the above example because of: (arch/powerpc/kernel/head_booke.h) #define EXC_XFER_TEMPLATE(hdlr, trap, msr, copyee, tfer, ret) \ li r10,trap; \ stw r10,_TRAP(r11); \ lis r10,msr@h; \ ori r10,r10,msr@l; \ copyee(r10, r9); \ bl tfer; \ .long hdlr; \ .long ret Anyway, Thank you very much! Best Regards, Wang Baojun On Thu, Jul 16, 2009 at 12:34 AM, Blue Swirl wrote: > On 7/15/09, Baojun Wang wrote: >> hi, list: >> >> =C2=A0 I hope the following example is self-explained, in the assembler >> =C2=A0code, we can use instruction like (instruction-as-data?): >> >> =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 100000b4: =C2=A0= =C2=A0 =C2=A0 10 00 12 34 =C2=A0 =C2=A0 .long 0x10001234 >> >> =C2=A0 but the ppc translator set the exception flag and raise a PROGRAM >> =C2=A0exception later, however on real machine, if the above instruction= is >> =C2=A0never ran, then everything should be OK. Thus the ppc translator r= aise >> =C2=A0the exception too early? (I think it should only raise the PROGRAM >> =C2=A0exception until tcg really trying to exec the instruction, but not= on >> =C2=A0translation time) > > Would the attached patch fix the problem? >