This is an archive of the discontinued LLVM Phabricator instance.

Differential D88583

[lldb] [test/Register] Add read/write tests for x87 regs
ClosedPublic

Authored by mgorny on Sep 30 2020, 8:47 AM.

Details

Reviewers
labath
krytarowski
emaste
teemperor
Commits
rG381bdc75ee2c: [lldb] [test/Register] Add read/write tests for x87 regs
Summary

Add a partial read/write tests for x87 FPU registers. This includes
reading and writing ST registers, control registers and floating-point
exception data registers (fop, fip, fdp).

The tests assume the current (roughly incorrect) behavior of reporting
the 'abridged' 8-bit ftag state as 16-bit ftag. They also assume Linux
plugin behavior of reporting fip/fdp split into halves as (fiseg, fioff)
and (foseg, fooff).

Diff Detail

Event Timeline

mgorny created this revision.Sep 30 2020, 8:47 AM
Herald added a project: Restricted Project. · View Herald TranscriptSep 30 2020, 8:47 AM
mgorny requested review of this revision.Sep 30 2020, 8:47 AM
Herald added a subscriber: JDevlieghere. · View Herald TranscriptSep 30 2020, 8:48 AM
Harbormaster completed remote builds in B73523: Diff 295304.Sep 30 2020, 8:54 AM
mgorny added a reviewer: emaste.Sep 30 2020, 8:58 AM
labath accepted this revision.Oct 1 2020, 12:26 AM

This is great. Thanks.

lldb/test/Shell/Register/x86-fp-read.test
8

Maybe add a # CHECK: Process {{.*}} stopped line here. That will restrict the following CHECK-DAGs to match after it, which will make FileCheck output more useful. Without it, FileCheck's "Searching from here" snippet will start at the very beginning of the lldb output, which will not be very helpful.

This revision is now accepted and ready to land.Oct 1 2020, 12:26 AM
mgorny marked an inline comment as done.Oct 1 2020, 2:29 AM
mgorny updated this revision to Diff 295500.EditedOct 1 2020, 2:33 AM
mgorny retitled this revision from [lldb] [test/Register] Add partial read/write tests for x87 regs to [lldb] [test/Register] Add read/write tests for x87 regs.
mgorny edited the summary of this revision. (Show Details)

Done as requested + improved the tests:

  • switched to FDIV on memory operand, to be able to test FDP
  • added disassembly-based test for FIP and print-based test for FDP (assuming Linux behavior for fiseg/fioff/foseg/fooff, this certainly breaks NetBSD and might break some more platforms)
  • figured out how to make write test work while restoring exception state
  • added FXSAVE-based check whether writing other registers works (this also includes potential future support for MXCSR)
mgorny added a comment.Oct 1 2020, 2:35 AM

I'd use some help improving the assembly, as explained below.

lldb/test/Shell/Register/Inputs/x86-fp-write.cpp
24

Now, here's the problem. This works just fine when built with clang but segfaults when built with gcc (apparently tries to access 0x0).

mgorny added inline comments.Oct 1 2020, 4:40 AM
lldb/test/Shell/Register/Inputs/x86-fp-write.cpp
24

Turned out to be an alignment issue. Will update the patch shortly.

labath added inline comments.Oct 1 2020, 5:03 AM
lldb/test/Shell/Register/x86-fp-read.test
28–29

zero is pretty common value. It would be better to check that the address actually points to the address of the zero variable. I think something like this ought to do it:

print &zero
# CHECK: (uint32_t *) $0 = [[ZERO:0x[0-9a-f]*]]
print (uint32_t*)($foseg * 0x100000000 + $fooff)
# CHECK: (uint32_t *) $1 = [[ZERO]]

Something similar can be done with the disassemble command too. That way we'll see the actual register value in case it turns out to be wrong.

mgorny updated this revision to Diff 295534.Oct 1 2020, 5:15 AM

Fixed segfault when built with GCC and fixed my poor attempt to run FXSAVE with REX.W prefix. Now it correctly gets 64-bit FIP and FDP, though it's unclear whether the apparent truncation is a bug in LLDB writing it or some other kind of limitation.

labath added a comment.Oct 1 2020, 5:32 AM
In D88583#2305815, @mgorny wrote:

Fixed segfault when built with GCC and fixed my poor attempt to run FXSAVE with REX.W prefix. Now it correctly gets 64-bit FIP and FDP, though it's unclear whether the apparent truncation is a bug in LLDB writing it or some other kind of limitation.

I think that could be an architectural cpu limitation. IIUC, even though the addresses are nominally 64-bit, not all addresses within that space are actually usable -- only the topmost and bottommost XX GB (TB) of the address space are. It could be that the cpu does not actually store all of the bits of these registers, but rather just sign-extends the most significant usable bit.

mgorny added inline comments.Oct 1 2020, 5:32 AM
lldb/test/Shell/Register/x86-fp-read.test
28–29

Cool idea, thanks!

As for FIP, I suppose that would require getting address corresponding to the FDIV instruction somehow. I suppose we can rely on constant-length encoding on int3 and fdivs ..., so I guess $rip-3 might work.

labath added inline comments.Oct 1 2020, 5:35 AM
lldb/test/Shell/Register/x86-fp-read.test
28–29

I was thinking you could disassemble the main function and capture the address before the fdivs instruction. But yes, a fixed offset from $rip should work just fine...

mgorny updated this revision to Diff 295539.Oct 1 2020, 5:39 AM

Update fp-read tests to verify FIP/FDP addresses, as suggested by Pavel.

labath accepted this revision.Oct 1 2020, 5:43 AM

cool

mgorny updated this revision to Diff 295552.Oct 1 2020, 6:31 AM

Use safer values for fiseg and foseg, to avoid truncation.

mgorny added a reviewer: teemperor.Oct 1 2020, 10:44 AM
mgorny added a subscriber: teemperor.

@teemperor would you perhaps be interested in testing this on macos before I commit it?

labath mentioned this in D88681: [lldb] [Process/NetBSD] Fix reading FIP/FDP registers.Oct 2 2020, 12:04 AM
mgorny updated this revision to Diff 295980.Oct 3 2020, 8:43 AM

Added missing -g to x86-fp-read.cpp build, as necessary to get address of zero.

Closed by commit rG381bdc75ee2c: [lldb] [test/Register] Add read/write tests for x87 regs (authored by mgorny). · Explain WhyOct 3 2020, 10:55 AM
This revision was automatically updated to reflect the committed changes.
mgorny added a commit: rG381bdc75ee2c: [lldb] [test/Register] Add read/write tests for x87 regs.
JDevlieghere added a comment.Oct 3 2020, 10:40 PM

This is failing on GreenDragon so I've XFAILed the tests (temporarily). Can you take a look and see if they can be fixed and re-enabled?

commit 0f08a1a5b162dcd2caf1b76827b917ca69e3e48d (HEAD -> master, origin/master, origin/HEAD)
Author: Jonas Devlieghere <jonas@devlieghere.com>
Date:   Sat Oct 3 22:36:28 2020 -0700

    [lldb] [test/Register] Mark new FP reg tests XFAIL on Darwin

    This is failing on GreenDragon:
    http://green.lab.llvm.org/green/view/LLDB/job/lldb-cmake/24066/
mgorny added a comment.Oct 3 2020, 11:16 PM
In D88583#2310538, @JDevlieghere wrote:

This is failing on GreenDragon so I've XFAILed the tests (temporarily). Can you take a look and see if they can be fixed and re-enabled?

I'm afraid I don't have enough context. Would you be able to rerun them for me with FILECHECK_DUMP_INPUT_ON_FAILURE=1 envvar? Also, I'd suggest adding this to buildbot — it's really helpful if something starts failing.

JDevlieghere added a comment.Oct 3 2020, 11:22 PM
In D88583#2310556, @mgorny wrote:
In D88583#2310538, @JDevlieghere wrote:

This is failing on GreenDragon so I've XFAILed the tests (temporarily). Can you take a look and see if they can be fixed and re-enabled?

I'm afraid I don't have enough context. Would you be able to rerun them for me with FILECHECK_DUMP_INPUT_ON_FAILURE=1 envvar? Also, I'd suggest adding this to buildbot — it's really helpful if something starts failing.

I think it recently became the default? Either way the bot has the input:

http://green.lab.llvm.org/green/view/LLDB/job/lldb-cmake/24066/testReport/junit/lldb-shell/Register/x86_64_fp_write_test/
http://green.lab.llvm.org/green/view/LLDB/job/lldb-cmake/24066/testReport/junit/lldb-shell/Register/x86_fp_read_test/

mgorny added a comment.Oct 3 2020, 11:57 PM

Well, it's not full input but sure, it's good enough. So I suppose the problem is that the register is named stmm instead of st. I suppose we can use a regex to fix read test, and maybe teach lldb stX alias for write test.

Revision Contents

PathSize
lldb/
test/
Shell/
Register/
Inputs/
45 lines
69 lines
48 lines
36 lines
45 lines

Diff 295991

lldb/test/Shell/Register/Inputs/x86-fp-read.cpp

  • This file was added.
#include <cstdint>
struct alignas(16) float80_raw {
uint64_t mantissa;
uint16_t sign_exp;
};
int main() {
float80_raw st[] = {
{0x8000000000000000, 0x4000}, // +2.0
{0x3f00000000000000, 0x0000}, // 1.654785e-4932 (denormal)
{0x0000000000000000, 0x0000}, // +0
{0x0000000000000000, 0x8000}, // -0
{0x8000000000000000, 0x7fff}, // +inf
{0x8000000000000000, 0xffff}, // -inf
{0xc000000000000000, 0xffff}, // nan
// leave st7 empty to test tag word better
};
// unmask divide-by-zero exception
uint16_t cw = 0x037b;
// used as single-precision float
uint32_t zero = 0;
asm volatile(
"finit\n\t"
"fldcw %1\n\t"
// load on stack in reverse order to make the result easier to read
"fldt 0x60(%0)\n\t"
"fldt 0x50(%0)\n\t"
"fldt 0x40(%0)\n\t"
"fldt 0x30(%0)\n\t"
"fldt 0x20(%0)\n\t"
"fldt 0x10(%0)\n\t"
"fldt 0x00(%0)\n\t"
// this should trigger a divide-by-zero
"fdivs (%2)\n\t"
"int3\n\t"
:
: "a"(st), "m"(cw), "b"(&zero)
: "st"
);
return 0;
}

lldb/test/Shell/Register/Inputs/x86-fp-write.cpp

  • This file was added.
#include <cassert>
#include <cinttypes>
#include <cstdint>
#include <cstdio>
struct alignas(16) float80_raw {
uint8_t data[10];
};
int main() {
float80_raw st[8];
uint16_t env[14];
union alignas(16) {
uint16_t i16[256];
uint32_t i32[128];
uint64_t i64[64];
} fxsave;
asm volatile(
"finit\n\t"
"int3\n\t"
#if defined(__x86_64__)
"fxsave64 %2\n\t"
#else
mgornyAuthorUnsubmitted
Done
ReplyInline Actions

Now, here's the problem. This works just fine when built with clang but segfaults when built with gcc (apparently tries to access 0x0).

mgorny: Now, here's the problem. This works just fine when built with clang but segfaults when built…
mgornyAuthorUnsubmitted
Done
ReplyInline Actions

Turned out to be an alignment issue. Will update the patch shortly.

mgorny: Turned out to be an alignment issue. Will update the patch shortly.
"fxsave %2\n\t"
#endif
"fnstenv %1\n\t"
"fnclex\n\t"
"fstpt 0x00(%0)\n\t"
"fstpt 0x10(%0)\n\t"
"fstpt 0x20(%0)\n\t"
"fstpt 0x30(%0)\n\t"
"fstpt 0x40(%0)\n\t"
"fstpt 0x50(%0)\n\t"
"fstpt 0x60(%0)\n\t"
"fstpt 0x70(%0)\n\t"
:
: "a"(st), "m"(env), "m"(fxsave)
: "st"
);
assert(env[0] == fxsave.i16[0]);
assert(env[2] == fxsave.i16[1]);
printf("fctrl = 0x%04" PRIx16 "\n", env[0]);
printf("fstat = 0x%04" PRIx16 "\n", env[2]);
printf("ftag = 0x%04" PRIx16 "\n", env[4]);
printf("fop = 0x%04" PRIx16 "\n", fxsave.i16[3]);
#if defined(__x86_64__)
printf("fip = 0x%016" PRIx64 "\n", fxsave.i64[1]);
printf("fdp = 0x%016" PRIx64 "\n", fxsave.i64[2]);
#else
printf("fip = 0x%08" PRIx32 "\n", fxsave.i32[2]);
printf("fcs = 0x%04" PRIx16 "\n", fxsave.i16[6]);
printf("fdp = 0x%08" PRIx32 "\n", fxsave.i32[4]);
printf("fds = 0x%04" PRIx16 "\n", fxsave.i16[10]);
#endif
printf("mxcsr = 0x%08" PRIx32 "\n", fxsave.i32[6]);
printf("mxcsr_mask = 0x%08" PRIx32 "\n", fxsave.i32[7]);
for (int i = 0; i < 8; ++i) {
printf("st%d = { ", i);
for (int j = 0; j < sizeof(st->data); ++j)
printf("0x%02" PRIx8 " ", st[i].data[j]);
printf("}\n");
}
return 0;
}

lldb/test/Shell/Register/x86-64-fp-write.test

  • This file was added.
# REQUIRES: native && target-x86_64
# RUN: %clangxx_host %p/Inputs/x86-fp-write.cpp -o %t
# RUN: %lldb -b -s %s %t | FileCheck %s
process launch
register write fctrl 0x037b
register write fstat 0x8884
# note: this needs to enable all registers for writes to be effective
# TODO: fix it to use proper ftag values instead of 'abridged'
register write ftag 0x00ff
register write fop 0x0033
# the exact addresses do not matter, we want just to verify FXSAVE
# note: fxrstor64 apparently truncates this to 48 bits, and sign extends
# the highest bits, so let's keep the value safely below
register write fiseg 0x00000567
register write fioff 0x89abcdef
register write foseg 0x00000a98
register write fooff 0x76543210
register write st0 "{0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x80 0x00 0x40}"
register write st1 "{0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x3f 0x00 0x00}"
register write st2 "{0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00}"
register write st3 "{0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x80}"
register write st4 "{0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x80 0xff 0x7f}"
register write st5 "{0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x80 0xff 0xff}"
register write st6 "{0x00 0x00 0x00 0x00 0x00 0x00 0x00 0xc0 0xff 0xff}"
register write st7 "{0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00}"
process continue
# CHECK: process continue
# CHECK-DAG: fctrl = 0x037b
# CHECK-DAG: fstat = 0x8884
# CHECK-DAG: ftag = 0xa961
# CHECK-DAG: fop = 0x0033
# CHECK-DAG: fip = 0x0000056789abcdef
# CHECK-DAG: fdp = 0x00000a9876543210
# CHECK-DAG: st0 = { 0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x80 0x00 0x40 }
# CHECK-DAG: st1 = { 0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x3f 0x00 0x00 }
# CHECK-DAG: st2 = { 0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00 }
# CHECK-DAG: st3 = { 0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x80 }
# CHECK-DAG: st4 = { 0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x80 0xff 0x7f }
# CHECK-DAG: st5 = { 0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x80 0xff 0xff }
# CHECK-DAG: st6 = { 0x00 0x00 0x00 0x00 0x00 0x00 0x00 0xc0 0xff 0xff }
# CHECK-DAG: st7 = { 0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00 }
# CHECK: Process {{[0-9]+}} exited with status = 0

lldb/test/Shell/Register/x86-fp-read.test

  • This file was added.
# REQUIRES: native && (target-x86 || target-x86_64)
# RUN: %clangxx_host -g %p/Inputs/x86-fp-read.cpp -o %t
# RUN: %lldb -b -s %s %t | FileCheck %s
process launch
# CHECK: Process {{.*}} stopped
register read --all
# CHECK-DAG: fctrl = 0x037b
labathUnsubmitted
Done
ReplyInline Actions

Maybe add a # CHECK: Process {{.*}} stopped line here. That will restrict the following CHECK-DAGs to match after it, which will make FileCheck output more useful. Without it, FileCheck's "Searching from here" snippet will start at the very beginning of the lldb output, which will not be very helpful.

labath: Maybe add a `# CHECK: Process {{.*}} stopped` line here. That will restrict the following CHECK…
# CHECK-DAG: fstat = 0x8884
# TODO: the following value is incorrect, it's a bug in the way
# FXSAVE/XSAVE is interpreted; it should be 0xa963 once fixed
# CHECK-DAG: ftag = 0x00fe
# CHECK-DAG: fop = 0x0033
# CHECK-DAG: st0 = {0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x80 0x00 0x40}
# CHECK-DAG: st1 = {0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x3f 0x00 0x00}
# CHECK-DAG: st2 = {0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00}
# CHECK-DAG: st3 = {0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x80}
# CHECK-DAG: st4 = {0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x80 0xff 0x7f}
# CHECK-DAG: st5 = {0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x80 0xff 0xff}
# CHECK-DAG: st6 = {0x00 0x00 0x00 0x00 0x00 0x00 0x00 0xc0 0xff 0xff}
# CHECK-DAG: st7 = {0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00}
# fdiv (%rbx) gets encoded into 2 bytes, int3 into 1 byte
print (void*)($pc-3)
# CHECK: (void *) $0 = [[FDIV:0x[0-9a-f]*]]
# TODO: we probably should not split it like this
print (void*)($fiseg*0x100000000 + $fioff)
# CHECK: (void *) $1 = [[FDIV]]
labathUnsubmitted
Not Done
ReplyInline Actions

zero is pretty common value. It would be better to check that the address actually points to the address of the zero variable. I think something like this ought to do it:

print &zero
# CHECK: (uint32_t *) $0 = [[ZERO:0x[0-9a-f]*]]
print (uint32_t*)($foseg * 0x100000000 + $fooff)
# CHECK: (uint32_t *) $1 = [[ZERO]]

Something similar can be done with the disassemble command too. That way we'll see the actual register value in case it turns out to be wrong.

labath: zero is pretty common value. It would be better to check that the address actually points to…
mgornyAuthorUnsubmitted
Done
ReplyInline Actions

Cool idea, thanks!

As for FIP, I suppose that would require getting address corresponding to the FDIV instruction somehow. I suppose we can rely on constant-length encoding on int3 and fdivs ..., so I guess $rip-3 might work.

mgorny: Cool idea, thanks! As for FIP, I suppose that would require getting address corresponding to…
labathUnsubmitted
Not Done
ReplyInline Actions

I was thinking you could disassemble the main function and capture the address before the fdivs instruction. But yes, a fixed offset from $rip should work just fine...

labath: I was thinking you could disassemble the `main` function and capture the address before the…
print &zero
# CHECK: (uint32_t *) $2 = [[ZERO:0x[0-9a-f]*]]
print (uint32_t*)($foseg * 0x100000000 + $fooff)
# CHECK: (uint32_t *) $3 = [[ZERO]]
process continue
# CHECK: Process {{[0-9]+}} exited with status = 0

lldb/test/Shell/Register/x86-fp-write.test

  • This file was added.
# REQUIRES: native && target-x86
# RUN: %clangxx_host %p/Inputs/x86-fp-write.cpp -o %t
# RUN: %lldb -b -s %s %t | FileCheck %s
process launch
register write fctrl 0x037b
register write fstat 0x8884
# note: this needs to enable all registers for writes to be effective
# TODO: fix it to use proper ftag values instead of 'abridged'
register write ftag 0x00ff
register write fop 0x0033
# the exact addresses do not matter, we want just to verify FXSAVE
# note: segment registers are not supported on all CPUs
register write fioff 0x89abcdef
register write fooff 0x76543210
register write st0 "{0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x80 0x00 0x40}"
register write st1 "{0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x3f 0x00 0x00}"
register write st2 "{0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00}"
register write st3 "{0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x80}"
register write st4 "{0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x80 0xff 0x7f}"
register write st5 "{0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x80 0xff 0xff}"
register write st6 "{0x00 0x00 0x00 0x00 0x00 0x00 0x00 0xc0 0xff 0xff}"
register write st7 "{0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00}"
process continue
# CHECK: process continue
# CHECK-DAG: fctrl = 0x037b
# CHECK-DAG: fstat = 0x8884
# CHECK-DAG: ftag = 0xa961
# CHECK-DAG: fop = 0x0033
# CHECK-DAG: fip = 0x89abcdef
# CHECK-DAG: fdp = 0x76543210
# CHECK-DAG: st0 = { 0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x80 0x00 0x40 }
# CHECK-DAG: st1 = { 0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x3f 0x00 0x00 }
# CHECK-DAG: st2 = { 0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00 }
# CHECK-DAG: st3 = { 0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x80 }
# CHECK-DAG: st4 = { 0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x80 0xff 0x7f }
# CHECK-DAG: st5 = { 0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x80 0xff 0xff }
# CHECK-DAG: st6 = { 0x00 0x00 0x00 0x00 0x00 0x00 0x00 0xc0 0xff 0xff }
# CHECK-DAG: st7 = { 0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00 }
# CHECK: Process {{[0-9]+}} exited with status = 0