[valgrind] [Bug 369175] jm_vec_isa_2_07 test crashes on ppc64

Will Schmidt via KDE Bugzilla Fri, 23 Sep 2016 13:34:12 -0700

https://bugs.kde.org/show_bug.cgi?id=369175


--- Comment #19 from Will Schmidt <will_schm...@vnet.ibm.com> ---
Chased this one around under gdb for a while, looking for where the R2 or the
stack frame are getting messed up.    Something seems to be going horribly
wrong here, but it's possible valgrind just always does this and I'm totally
misunderstanding what I am seeing.

With that said:

It looks like something is going badly in  m_dispatch/dispatch-ppc64be-linux.S,
line 225, in or around the vspltisw instruction.   Noting the changes between
the backtrace before and the backtrace after the step over that instruction.

(gdb) 
223            beq     .LafterVMX2
=> 0x0000000038092e88 <.vgPlain_disp_run_translations+320>:    41 82 00 0c   
beq     0x38092e94 <.vgPlain_disp_run_translations+332>
(gdb) bt
#0  .vgPlain_disp_run_translations () at
m_dispatch/dispatch-ppc64be-linux.S:223
#1  0x00000000380a3114 in run_thread_for_a_while
(two_words=two_words@entry=0x802b3fe20,
dispatchCtrP=dispatchCtrP@entry=0x802b3fe34, tid=tid@entry=1, 
    alt_host_addr=alt_host_addr@entry=0,
use_alt_host_addr=use_alt_host_addr@entry=0 '\000') at
m_scheduler/scheduler.c:947
#2  0x00000000380a5a18 in vgPlain_scheduler (tid=<optimized out>) at
m_scheduler/scheduler.c:1336
#3  0x00000000380bf3c8 in thread_wrapper (tidW=<optimized out>) at
m_syswrap/syswrap-linux.c:103
#4  run_a_thread_NORETURN (tidW=<optimized out>) at
m_syswrap/syswrap-linux.c:156
#5  0x0000000000000000 in ?? ()
(gdb) stepi
.vgPlain_disp_run_translations () at m_dispatch/dispatch-ppc64be-linux.S:225
225            vspltisw 3,0x0  /* generate zero */
=> 0x0000000038092e8c <.vgPlain_disp_run_translations+324>:    10 60 03 8c   
vspltisw v3,0
(gdb) bt
#0  .vgPlain_disp_run_translations () at
m_dispatch/dispatch-ppc64be-linux.S:225
#1  0x00000000380a3114 in run_thread_for_a_while (two_words=0x0,
dispatchCtrP=0x0, tid=<optimized out>, alt_host_addr=0,
use_alt_host_addr=<optimized out>)
    at m_scheduler/scheduler.c:947
#2  0x0000000000000000 in ?? ()

(gdb) stepi
226            mtvscr  3
=> 0x0000000038092e90 <.vgPlain_disp_run_translations+328>:    10 00 1e 44   
mtvscr  v3
(gdb) 
230            stdu    1,-48(1)
=> 0x0000000038092e94 <.vgPlain_disp_run_translations+332>:    f8 21 ff d1   
stdu    r1,-48(r1)
(gdb) 
.vgPlain_disp_run_translations () at m_dispatch/dispatch-ppc64be-linux.S:233
233            mr      31,4      /* r31 (generated code gsp) = r4 */
=> 0x0000000038092e98 <.vgPlain_disp_run_translations+336>:    7c 9f 23 78   
mr      r31,r4
(gdb) 
240            mtctr   5
=> 0x0000000038092e9c <.vgPlain_disp_run_translations+340>:    7c a9 03 a6   
mtctr   r5
(gdb) 
241            bctr
=> 0x0000000038092ea0 <.vgPlain_disp_run_translations+344>:    4e 80 04 20   
bctr
(gdb) 
0x0000000803240000 in ?? ()
=> 0x0000000803240000:    83 df 00 08    lwz     r30,8(r31)
(gdb) 

... at which point I suspect we're off in the weeds with our IP/SP.    Did a
bit more single-stepping after that,..   Neither I nor gdb are able to map
whatever we are executing to anything..  

0x0000000803240000 in ?? ()
=> 0x0000000803240000:    83 df 00 08    lwz     r30,8(r31)
(gdb) 
0x0000000803240004 in ?? ()
=> 0x0000000803240004:    37 de ff ff    addic.  r30,r30,-1
(gdb) 
0x0000000803240008 in ?? ()
=> 0x0000000803240008:    93 df 00 08    stw     r30,8(r31)
(gdb) 
0x000000080324000c in ?? ()
=> 0x000000080324000c:    40 80 00 10    bge     0x80324001c
(gdb) 

eventually we stumble across ppc32g_dirtyhelper_MFSPR_....
(gdb) 
0x00000008032401ec in ?? ()
=> 0x00000008032401ec:    4e 80 04 21    bctrl
(gdb) 
ppc32g_dirtyhelper_MFSPR_268_269 (r269=0) at priv/guest_ppc_helpers.c:98
98       if (r269) {
=> 0x000000003817ce80 <ppc32g_dirtyhelper_MFSPR_268_269+0>:    2f a3 00 00   
cmpdi   cr7,r3,0
   0x000000003817ce84 <ppc32g_dirtyhelper_MFSPR_268_269+4>:    40 9e 00 1c   
bne     cr7,0x3817cea0 <ppc32g_dirtyhelper_MFSPR_268_269+32>
....
a bctrl in that takes us back into dispatch-ppc64be-linux.S
(gdb) 
0x000000080324026c in ?? ()
=> 0x000000080324026c:    4e 80 04 21    bctrl
(gdb) 
.vgPlain_disp_cp_chain_me_to_fastEP () at
m_dispatch/dispatch-ppc64be-linux.S:435
435            li   6, VG_TRC_CHAIN_ME_TO_FAST_EP
=> 0x0000000038093034 <.vgPlain_disp_cp_chain_me_to_fastEP+0>:    38 c0 00 33  
 li      r6,51
(gdb) 
436            mflr 7
....
eventually we branch into postamble/vgPlain_disp_run_translations...

(gdb) 
442            b    .postamble
=> 0x0000000038093040 <.vgPlain_disp_cp_chain_me_to_fastEP+12>:    4b ff fe 64 
  b       0x38092ea4 <.vgPlain_disp_run_translations+348>
(gdb) 
.vgPlain_disp_run_translations () at m_dispatch/dispatch-ppc64be-linux.S:256
256            addi    1,1,48

-- 
You are receiving this mail because:
You are watching all bug changes.

[valgrind] [Bug 369175] jm_vec_isa_2_07 test crashes on ppc64

Reply via email to