[Qemu-devel] Re: sparc32 "bneg,a" bug?

[Artyom Tarasenko]

On Sun, Nov 7, 2010 at 9:32 PM, Blue Swirl <address@hidden> wrote:
> On Sun, Nov 7, 2010 at 5:22 PM, Artyom Tarasenko <address@hidden> wrote:
>> Can it be that bneg,a branches unconditionally, or annuls unconditionally?
>>
>>   0xf0071520:  subcc  %g3, %g2, %g3
>> => 0xf0071524:  bneg,a   0xf007152c
>>   0xf0071528:  clr  %g3
>>   0xf007152c:  st  %g3, [ %i0 + 0x58 ]
>> (gdb) info registers g3 psr
>> g3             0x18     24
>> psr            0x4000ae7        [ #0 #1 #2 ET PS S #9 #11 #26 ]
>> (gdb) nexti
>> 0xf007152c in ?? ()
>>
>>  0xf0071528 is supposed to be executed. Or it a gdb stub bug?
>
> It should not be executed. Since N flag is not set and this is an
> ICC-conditional branch, the delay instruction is annulled. See V8
> manual B.21, page 120.

Ops. Sorry for the noise. I missed that  the annul bit has a different
effect on
conditional branches than it does on unconditional ones.
Thanks for the clarification!

> The following program produces the same results natively and with QEMU:
> $ cat bneg.c
> #include <stdio.h>
>
> long f(long val)
> {
>    long ret;
>
>    asm("tst %1\n\t"
>        "clr %0\n\t"
>        "bneg,a 1f\n\t"
>        "or %0, 1, %0\n\t"
>        "or %0, 2, %0\n\t"
>        "or %0, 4, %0\n\t"
>        "1: \n\t"
>        : "=r" (ret) : "r" (val));
>    return ret;
> }
>
> int main(int argc, const char **argv)
> {
>    long x;
>
>    x = -1;
>    printf("f(0x%lx) = 0x%lx\n", x, f(x));
>    x = 0;
>    printf("f(0x%lx) = 0x%lx\n", x, f(x));
>
>    return 0;
> }
> $ gcc -o bneg bneg.c
> $ ./bneg
> f(0xffffffff) = 0x1
> f(0x0) = 0x6
> $ qemu-sparc32plus ./bneg
> f(0xffffffff) = 0x1
> f(0x0) = 0x6
>



-- 
Regards,
Artyom Tarasenko

solaris/sparc under qemu blog: http://tyom.blogspot.com/