QEMU

floating point emulation can fail to set FE_INEXACT

Bug #1841442 reported by Paul Clarke on 2019-08-26

This bug affects 1 person

Affects		Status	Importance	Assigned to	Milestone
	QEMU	Fix Released	Undecided	Unassigned

Bug Description

Floating point emulation can fail to set FE_INEXACT in some circumstances. This shows up quite often in glibc's "math" tests. A similar test is attached.

On ppc64le native:
--
$ gcc nextafter.c -o nextafter -lm
$ ./nextafter $(./nextafter)
0x0000000000000001 0.000000
0x0

0xa000000
FE_INEXACT FE_UNDERFLOW
0x0000000000000000 0.000000
--

On x86_64:
--
$ gcc nextafter.c -o nextafter -lm
$ ./nextafter $(./nextafter)
0x0000000000000001 0.000000
0x0

0x30
FE_INEXACT FE_UNDERFLOW
0x0000000000000000 0.000000
--

Using qemu-system-ppc64
--
$ ./nextafter $(./nextafter)
0x0000000000000001 0.000000
0x0

0x8000000
FE_UNDERFLOW
0x0000000000000000 0.000000
--

Using qemu-x86_64:
--
$ ./nextafter $(./nextafter)
0x0000000000000001 0.000000
0x0

0x0

0x0000000000000000 0.000000
--

QEMU versions vary, but not too much, and are pretty close to git HEAD:
- 586f3dced9 (HEAD -> master, origin/master, origin/HEAD) Merge remote-tracking branch 'remotes/cohuck/tags/s390x-20190822' into staging
- 864ab31 Update version for v4.1.0-rc4 release

Since the issue happens nearly identically on different targets, I suspect the issue lies somewhere in fpu/softfloat.c.

Revision history for this message

Paul Clarke (7-pc) wrote on 2019-08-26:

testcase reporting exceptions set by nextafter Edit (1.1 KiB, text/x-csrc)

Revision history for this message

Richard Henderson (rth) wrote on 2019-08-26:

Well, maybe yes and maybe no. What you've done is choose two targets
whose floating point emulation have not been well maintained.

If I try this same test on aarch64, it passes:

$ ~/a.out 0x0000000000000001
0x0000000000000001 0.000000
0x0

0x18
FE_INEXACT FE_UNDERFLOW
0x0000000000000000 0.000000

$ ./aarch64-linux-user/qemu-aarch64 ~/a.out 0x0000000000000001
0x0000000000000001 0.000000
0x0

0x18
FE_INEXACT FE_UNDERFLOW
0x0000000000000000 0.000000

Revision history for this message

Paul Clarke (7-pc) wrote on 2019-08-26:

Interesting. Did you run qemu-aarch64 on aarch64? If so, it may have been using "hardfloat". I ran "qemu-system-ppc64" on x86_64 and "qemu-x86_64" on ppc64le to ensure I was using "softfloat".

Revision history for this message

Alex Bennée (ajbennee) wrote on 2019-08-26: Re: [Qemu-devel] [Bug 1841442] Re: floating point emulation can fail to set FE_INEXACT

Richard Henderson <email address hidden> writes:

> Well, maybe yes and maybe no. What you've done is choose two targets
> whose floating point emulation have not been well maintained.

So this is a failure on the x86_64 and ppc64 frontends to correctly set
the softfloat modes when their appropriate registers are set?

>
> If I try this same test on aarch64, it passes:
>
> $ ~/a.out 0x0000000000000001
> 0x0000000000000001 0.000000
> 0x0
>
> 0x18
> FE_INEXACT FE_UNDERFLOW
> 0x0000000000000000 0.000000
>
> $ ./aarch64-linux-user/qemu-aarch64 ~/a.out 0x0000000000000001
> 0x0000000000000001 0.000000
> 0x0
>
> 0x18
> FE_INEXACT FE_UNDERFLOW
> 0x0000000000000000 0.000000

--
Alex Bennée

Revision history for this message

Richard Henderson (rth) wrote on 2019-08-26:

> Interesting. Did you run qemu-aarch64 on aarch64? If so, it may have been
> using "hardfloat". I ran "qemu-system-ppc64" on x86_64 and "qemu-x86_64"
> on ppc64le to ensure I was using "softfloat".

That's not how that works. Indeed, the point of the hardfloat path is to
accelerate fpu emulation for a non-native guest.

That said, qemu-system-ppc64 will *never* use hardfloat, because ppc always
need the current and correct result of inexact for emulation of the FI bit,
which requires that we use the softfloat path.

Also, use of the hardfloat path requires normal inputs. For this test case
we're passing the minimum denormal input: 0x0000_0000_0000_0001. So we will
always use the softfloat path for this.