Hi all,
I have a bit of a strange one. I'm not after a full solution, just any
hints that quickly come to mind :)
After a few simple patches I have a build of mongodb for aarch64 (built
with gcc-4.8). However, all of the test binaries that the build spits
out immediately segfault. gdb-ing shows that they segfault inside this
macro:
TSP_DECLARE(OwnedOstreamVector, threadOstreamCache);
This expands to:
# define TSP_DECLARE(T,p) \
extern __thread T* _ ## p; \
template<> inline T* TSP<T>::get() const { return _ ## p; } \
extern TSP<T> p;
And indeed, it's mongo::TSP<mongo::OwnedPointerVector<...> >::get()
const that we're segfaulting in. This is the disassembly of this
function (at -O0) with the faulting instruction marked:
0x00000000004b4b6c <+0>: stp x29, x30, [sp,#-32]!
0x00000000004b4b70 <+4>: mov x29, sp
0x00000000004b4b74 <+8>: str x0, [x29,#16]
0x00000000004b4b78 <+12>: adrp x0, 0x64c000
0x00000000004b4b7c <+16>: ldr x0, [x0,#776]
0x00000000004b4b80 <+20>: nop
0x00000000004b4b84 <+24>: nop
0x00000000004b4b88 <+28>: mrs x1, tpidr_el0
0x00000000004b4b8c <+32>: add x0, x1, x0
=> 0x00000000004b4b90 <+36>: ldr x0, [x0]
0x00000000004b4b94 <+40>: ldp x29, x30, [sp],#32
0x00000000004b4b98 <+44>: ret
And the registers:
(gdb) info registers
x0 0x7fb863fd70 548554407280
x1 0x7fb7ff76f0 548547819248
x2 0x0 0
x3 0x7fb7fc11b8 548547596728
x4 0x1 1
x5 0x0 0
x6 0x50 80
x7 0x0 0
x8 0x0 0
x9 0x6165727473676f4c 7018141438804717388
x10 0x0 0
x11 0x0 0
x12 0x2 2
x13 0x10 16
x14 0x0 0
x15 0x7fb7e5e590 548546143632
x16 0x64b3d8 6599640
x17 0x7fb7f667d0 548547225552
x18 0x7fffffdab0 549755804336
x19 0x7fffffed50 549755809104
x20 0xb 11
x21 0xb 11
x22 0x6500b0 6619312
x23 0x650070 6619248
x24 0x7fffffff 2147483647
x25 0x64db40 6609728
x26 0x7fffffeda0 549755809184
x27 0x653d00 6634752
x28 0x7fffffe750 549755807568
x29 0x7fffffe4d0 549755806928
x30 0x4b4ed4 4935380
sp 0x7fffffe4d0 0x7fffffe4d0
pc 0x4b4b90 0x4b4b90 <mongo::TSP<mongo::OwnedPointerVector<std::basic_ostringstream<char, std::char_traits<char>, std::allocator<char> > > >::get() const+36>
cpsr 0x20000000 536870912
fpsr 0x0 0
fpcr 0x0 0
If I recompile this object file without -fPIC, it works.
I guess I see three things that could be wrong:
1) The operand to "adrp x0, 0x64c000"[1]
2) The operand to "ldr x0, [x0,#776]"
3) The value of tpidr_el0
Oh, and I guess:
4) The setup of tls has gone wrong and the address in x0 _ought_ to be
accessible but isn't for some reason.
Any hints on which of these seems mostly likely to be the culprit?
Chers,
mwh
[1] FWIW, objdump reports 0x64c000 as "_GLOBAL_OFFSET_TABLE_+0x2d0", not
sure why that doesn't show up in gdb's disassembly).
== Progress ==
* Bugfixing and testing QEMU AArch64 FP patches (3/10, VIRT-183)
* Debugging and submitting a patch for ARM gdb ifunc test failures (1/10)
* Two day week due to holidays
== Issues ==
* None
== Plan ==
* Back on the 9th January, have a good Christmas and New Year everybody!
--
Will Newton
Toolchain Working Group, Linaro
Hi,
We've noticed an issue trying to use the Linaro AArch64 binary bare metal
toolchain release with the MMU turned off for some low-level tests.
Anytime puts, sprintf, etc. gets called, a reent structure gets created with
references to STDIN, STDOUT, STDERR FILE types. A member in the __sFile
struct, _mbstate, is an 8 byte struct, but is not aligned on an 8 byte
boundary. This means that when memset (or a similar function) gets called on
this struct, and doesn't operate one byte at a time, a data alignment fault
will be generated when operating out of device memory, such as on a system
where the MMU has not yet been turned on yet.
I'm still examining possible fixes (I'll probably look at building with
-mstrict-align first), but I wanted to check if anyone had thoughts on the
subject and if Newlib upstream or Linaro consider using Newlib with the MMU
turned off to be a valid use case or if running the code that turns on the MMU
is considered a prerequisite to everything else.
Thanks,
Christopher
--
Employee of Qualcomm Innovation Center, Inc.
Qualcomm Innovation Center, Inc. is a member of Code Aurora Forum,
hosted by the Linux Foundation.
== Progress ==
TCWG-293 (9/10)
- wrote and tested 64bit division code
- it seems to work
- still need to do performance testing
TCWG-347 Fix PR59142 (1/10)
- split into series of 3 patches
- patch almost ready, was held up by non-availability of the lab
- need to bootstrap on Thumb-1 to prove change made in response to
review comments
TCWG-346 AArch64 Benchmarking: CoreMark & Dhrystone
- no significant progress, no access to the lab
== Next ==
Pick up aarch64 benchmarking when the board becomes accessible again
Submit PR59142
== Progress ==
- 2013.12 releases (4/10):
* stalled due to lab unavailability.
* A couple of backports are waiting for approval, another one is
being debugged.
- cross-validation (4/10): fixed arneb+qemu validations.
- misc (2/10): misc conf-calls and meetings
== Next ==
- Make 2013.12 releases
- cbuild2: continue testing, try to make 4.7 source release
- libsanitizer on AArch64: resume work
== Future ==
Next 2 weeks off (Dec 23rd-Jan 3rd)
== Issues ==
* 1.5 day of due to car issue. (3/10)
* Calxedas are down after lab maintenance.
== Progress ==
* LRA on AArch32:
o TCWG-343 : Make LRA the default for the ARM backend (5/10)
- Turn LRA on by default committed as rev205887
http://gcc.gnu.org/ml/gcc-patches/2013-12/msg01088.html
- New Thumb regressions reported (Cortex-m0 and bootstrap),
analysis ongoing.
- Analysed last week regressions and reported them upstream,
Vladimir fixed them at rev205974.
- iWMMXT issue : work ongoing.
o TCWG-345 : Analyse performance of LRA for ARM. (0/10)
- No progress this week.
* Reviewed some merge requests. (1/10)
* Various meetings. (1/10)
== Next ==
* Continue LRA, merge and patch reviews.
== Progress ==
* Debugging and analysis of various gdb test suite failures [TCWG-34] [5/10]
Updated googledoc sheet with action items and comments on different failures.
Investigated remote core file generation issues.
Prepared a patch to turn off corefile dependent tests in remote configs.
* Debugged gdb.reverse testsuite failures [TCWG-197] [4/10]
Found a memory corruption issue where execution log is being corrupted
in memory.
* Time off for dentist appointment and office relocation stuff [1/10]
== Plan ==
* Figure out a reason and fix for process record memory corruption problem.
* Further analysis of test suite failures in arm-native Vs x86-native
and arm-remote Vs
x86-remote test results.
* Send patch to disable corefile tests in remote mode. Ping process
record and other previous patches.
== Progress ==
- Libssp GCC (4/10)
- Rebased GCC source and added patch for stack protect and test
based on global stack guard. Discussing with Marcus on
generic stack protect set and test versus machine descriptions.
Discussed with ARM and Glibc Maintainers, Dropped my patches
for TLS based stack guard.
- Cbuildv2 experiments (3/10)
- Built cross compiler with Cbuilv2.
- Discussing with Ryan on building tool chain without
cbuild.validation.linaro.org dependency
- PGO support for aarch64 (1/10)
Read a paper on PGO optimization in GCC
- Cross build some benchmarks(2/10). There were omp.h file missing
errors when Linaro tool chain was used. The issue is the tool chain is
not built with libgomp library. Rebuilt the tool chain after checkign
configuration changes with Zhenqiang Chen .
== Plan ==
- Inverstigate Pointer Guard support in Aarch64 glibc
- Continue tesing Cbuildv2
- Continue PGO investigations
== Issues ==
* None.
== Progress ==
* Enable libomp for aarch64*-linux-gnu builds in Linaro crosstool-ng.
* Backporting r200103 and r205509 to Linaro 4.8.
* Try to enable lra and test Spec2k with -fno-move-loop-invariants and
-fira-loop-pressure. But still no overall performance improvement.
(2/10)
* Try conditional compare related changes (CARD 313: 3/10)
- Set LOGICAL_NON_SHORT_CIRCUIT to false in fold-const.c.
- Do ifcombine twice.
- Logs show lots of new FAILs in vrp related cases and no
performance improvement in Spec2k INT.
* Identified the root causes of "uninit warning testsuite failures"
(CARD 304: 3/10)
- Some values are from PHI, which is not handled when checking subset.
- Function is_included_in is conservative. Here is its comments:
/* ... It returns false if ONE_PRED's domain is
not a subset of any of the sub-domains of PREDS (
corresponding to each individual chains in it), even
though it may be still be a subset of whole domain
of PREDS which is the union (ORed) of all its subdomains.
In other words, the result is conservative. */
== Plans ==
* 2013.12 toolchain binaries release.
* Continue on CARD 313 and 304.
