-
Notifications
You must be signed in to change notification settings - Fork 2
Expand file tree
/
Copy pathISSUES
More file actions
205 lines (136 loc) · 7.31 KB
/
ISSUES
File metadata and controls
205 lines (136 loc) · 7.31 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
Benchmarks
(works does not mean sequence emulation is working properly)
Main branch:
lorenz - works, validates
double-pend - works, validates
3body - works, validates
fbench - works, validates
ffbench - works, validates
miniaero - ?
enzo - ?
lbm - ?
nas-mg - works, validates, mysterious issues (YIKES) vector instructions in
nas-bt - works, validates, mysterious vector instructions
nas-sp - SEGFAULT
nas-lu - ASSERTION FAILURE (correctness handler failed) vector instruction and bogus instructions for correctness
movsxd instruction
nas-ft - ASSERTION FAILURE - movsxd instruction
nas-is - works, validates
nas-cg - works, does not validate, no errors shown (-nan outputs)
nas-ep - SEGFAULT (after one emul of mulsd in correctness
We should never see a movsxd triggering a fault and it should not trap either
since it is basically just a gpr->gpr move
State: need to xform miniaero, enzo, lbm; need to investigate segfaults / movsxd
fix_seq:
lorenz - works, validates
double-pend - works, validates
3body - works, validates
fbench - works, validates
ffbench - works, validates
miniaero - compiled, collected dynamic calls, patched, fails on vsqrtsd
enzo - compiled, collected dynamic calls, patched, ...
lbm - ?
NAS WITH GCC:
nas-mg - works, validates
nas-bt - SEGFAULT
fpvm ERROR( 2331967): problematic instruction is vector instruction - ATTEMPTING EMULATION, WHICH IS LIKELY BOGUS
problematic correctness instr: movapd xmm0, xmmword ptr [rip - 0x6699cd] (8 bytes)
problematic correctness instr (YIKES): movapd xmm0, xmmword ptr [rip - 0x6699cd] (8 bytes)
fpvm ERROR( 2331967): not our segfault and don't know what to do with it: rip=0x7f6f3e7e6fbb addr=0x41c620 reason: 2 (PERM) in
struction bytes on page follow: f2 0f 11 45 00 48 83 c3 08 4c 39 eb 75 af 48
/home/pdinda/fpvm/scripts/fpvm_run.sh: line 23: 2331967 Aborted LD_PRELOAD=$FPVM_HOME/build/fpvm.so FPVM_AGGRES
SIVE=y $@
nas-sp - works, validates
nas-lu - SEGFAULT:
fpvm ERROR( 2374246): simple move with dn=0 sn=0 - defaulting to complex move operation (which will demote sources!) BOGUS
problematic correctness instr: movsd xmm7, qword ptr [rip - 0x46d873] (8 bytes)
problematic correctness instr (YIKES): movsd xmm7, qword ptr [rip - 0x46d873] (8 bytes)
fpvm ERROR( 2374246): not our segfault and don't know what to do with it: rip=0x7f300a0abfbb addr=0x41c788 reason: 2 (PERM) in
struction bytes on page follow: f2 0f 11 45 00 48 83 c3 08 4c 39 eb 75 af 48
/home/pdinda/fpvm/scripts/fpvm_run.sh: line 23: 2374246 Aborted LD_PRELOAD=$FPVM_HOME/build/fpvm.so FPVM_AGGRES
SIVE=y $@
nas-ft - works, validates
nas-is - fails abort
fpvm ERROR( 2332075): cannot decode instruction
undecodable instruction: ret (1 bytes)
fpvm ERROR( 2332075): correctness handler failed
is.patched_trap: src/fpvm.c:1205: sigtrap_handler: Assertion `0' failed.
/home/pdinda/fpvm/scripts/fpvm_run.sh: line 23: 2332075 Aborted LD_PRELOAD=$FPVM_HOME/build/fpvm.so FPVM_AGGRES
nas-cg - works, does not validate, no errors shown (-nan outputs) -
problematic correctness instr (YIKES): movsd xmm0, qword ptr [rip - 0x43ffb69f] (8 bytes)
problematic correctness instr (YIKES): movsd xmm0, qword ptr [rip - 0x43ffb69f] (8 bytes)
problematic correctness instr (YIKES): movsd xmm0, qword ptr [rip - 0x43ffb69f] (8 bytes)
nas-ep - bad correctness instruction - test
fpvm ERROR( 2332087): cannot decode instruction
undecodable instruction: test ebx, ebx (2 bytes)
fpvm ERROR( 2332087): correctness handler failed
ep.patched_trap: src/fpvm.c:1205: sigtrap_handler: Assertion `0' failed.
/home/pdinda/fpvm/scripts/fpvm_run.sh: line 23: 2332087 Aborted LD_PRELOAD=$FPVM_HOME/build/fpvm.so FPVM_AGGRESSIVE=y $@
State:
miniaero : xformed,
lbm : xformed, running
enzo : xformed, missing command line to run
Nadharm:
hw->kernel was ~200
kernel->user is ~478 for kmod and ~1950 for normal
===============================================================
DONE - if we always generate an SNaN for encoding, we are fine
- how to handle comparisons that do not fault
possibly add a whole system patcher a la vmware
COMISD - faults on SNan or Qnan
UCOMISD - faults on SNan
These shouold be fine, but there may be others
===============================================================
===============================================================
- Need to verify correct behavior for conversion operations
Note that f2i is only overwriting the part of the register target
that is get the output. This probably should handle zeroing the
rest of the register in case this is the excepted behavior (not sure)
===============================================================
===============================================================
DONE - ADDED VCMPXX
VCMPLT and similar
- all 32 variants are now in there
===============================================================
===============================================================
DONE - ADDED CMPXX
CMPLT and similar
- these instructions should be emulatable. The main
deal is that they do a *specific* comparison and then
set the destiation register to all 1s or all 0s
===============================================================
===============================================================
DONE - Clearly document the compilation/etc technique that Alex found
for forcing only SSE2 or other limits
===============================================================
===============================================================
Instructions that the analysis should catch:
Instructions that move from xmm to gpr, such as:
movmskpd eax, xmm0 [intel format]
movq xmm0, %rax [at&t format]
These should be demotions via temporary
===============================================================
Instructions analysis should NOT catch, but currently is:
problematic correctness instr (YIKES): mulsd xmm3, xmm7 (4 bytes)
purely register/register, where the dest is not a gpr
problematic correctness instr: subpd xmm0, xmm1 (4 bytes)
problematic correctness instr (YIKES): subpd xmm0, xmm1 (4 bytes)
problematic correctness instr (YIKES): mulsd xmm3, xmm2 (4 bytes)
ARE WE SURE THAT WE HAVE ADDRESSES RIGHT IN THE ANALYSIS?
It looks much like it is catching things but ascribing them
to incorrect addresses
===============================================================
========
DONE Greatly expanded the set of "simple_moves" that correctness handler can support
Instructions that should be emulated ok, but...
BT
problematic correctness instr: movups xmmword ptr [rax + 0x4e5328], xmm4 (7 bytes)
problematic correctness instr (YIKES): movups xmmword ptr [rax + 0x4e5328], xmm4 (7 bytes)
fpvm ERROR( 1518726): problematic instruction is vector instruction - ATTEMPTING EMULATION, WHICH IS LIKELY BOGUS
========
Paritally done:
sequence emulation now is getting O(2) instructions / trap instead
of O(32) / trap
fix_seq branch has relevant fixes, though some other things break
The issue was not so much the seq emulation, but the changes
to the sign handling - bugs in GC, nan-boxing, and in alt/boxed