summary refs log tree commit diff stats
path: root/results/classifier/gemma3:12b/assembly/1435
diff options
context:
space:
mode:
Diffstat (limited to 'results/classifier/gemma3:12b/assembly/1435')
-rw-r--r--results/classifier/gemma3:12b/assembly/143517
1 files changed, 17 insertions, 0 deletions
diff --git a/results/classifier/gemma3:12b/assembly/1435 b/results/classifier/gemma3:12b/assembly/1435
new file mode 100644
index 000000000..e6f16b5dc
--- /dev/null
+++ b/results/classifier/gemma3:12b/assembly/1435
@@ -0,0 +1,17 @@
+
+Infinite recursion in tcg_gen_mulu2_i32 for certain 32-bit hosts.
+Description of problem:
+`tcg_gen_mulu2_i32` infinitely recurses on a 32-bit host (TCG target) that has neither `TCG_TARGET_HAS_mulu2_i32` nor `TCG_TARGET_HAS_muluh_i32`.
+
+I don't actually think there is any host that is 32-bits and has neither mulu2 nor muluh. The only reference I found is [this](https://gitlab.com/qemu-project/qemu/-/commit/df9ebea53ebc1c98217743f56c30ae3a46031bb9) commit, which adds an `#error` if that situation is hit. But the check, which [still exists](https://gitlab.com/qemu-project/qemu/-/blob/v7.2.0/include/tcg/tcg.h#L174), checks if those flags are *defined*, not for their value. I guess, over the years as the code was refactored, the check wasn't updated because, frankly, there aren't any hosts that match that situation (except mine).
+
+One easy fix is to change the check mentioned above to check the actual macro value so that compilation fails. I can create a PR for that.
+Steps to reproduce:
+(Note: I'm linking to the v7.2.0 tag so that these links stay relevant).
+
+1. `tcg_gen_mulu2_i32` [calls](https://gitlab.com/qemu-project/qemu/-/blob/v7.2.0/tcg/tcg-op.c#L890) `tcg_gen_mul_i64`.
+2. `tcg_gen_mul_i64` on 32-bit hosts, due to [this](https://gitlab.com/qemu-project/qemu/-/blob/v7.2.0/tcg/tcg-op.c#L1097) check for `TCG_TARGET_REG_BITS == 32`, is defined [here](https://gitlab.com/qemu-project/qemu/-/blob/v7.2.0/tcg/tcg-op.c#L1218), and [calls](https://gitlab.com/qemu-project/qemu/-/blob/v7.2.0/tcg/tcg-op.c#L1226) `tcg_gen_mulu2_i32`.
+3. Rinse and repeat.
+4. Eventually, as gen_mulu2/mul functions spill while trying to allocate temps, they will overflow the TB buffer. This will restart code generation with smaller and smaller block sizes, until the block size reaches 1 instruction. TCG will then give up and [assert](https://gitlab.com/qemu-project/qemu/-/blob/v7.2.0/accel/tcg/translate-all.c#L869).
+Additional information:
+