dotnet for mips64 的 ea 版本已经发布
https://github.com/gsvm/loongson-dotnet/releases

在龙芯上调试CoreCLR

由于lldb在龙芯上工作不正常[1]，只有gdb可以用来调试CoreCLR。

因为需要调试JIT代码，所以我们关上gdb分页，不处理SIG34信号：

$ cat ~/.gdbinit
set pagination off
handle SIG34 nostop noprint

调试JIT代码

export CORE_LIBRARIES=/home/loongson/corefx-3.1-Linux.mips64.Debug
export COMPlus_JitFunctionTrace=1
export COMPlus_JitHalt="Main"
gdb -ex=r --args ./bin/Product/Linux.mips64.Debug/corerun /home/loongson/Hello.dll | tee gdb.log

JitHalt="Main"可以在Main方法的序言处插入break指令，然后我们跳过break指令：

(gdb) set $pc+=4
(gdb) x/22i $pc-440xff7c983aac:        li      zero,0x730xff7c983ab0:        nop0xff7c983ab4:        0xf200000xff7c983ab8:        sdc1    $f2,-6100(s6)0xff7c983abc:        dsra32  zero,zero,0x30xff7c983ac0:        0x7cc11db80xff7c983ac4:        dsra32  zero,zero,0x30xff7c983ac8:        0x7cc494580xff7c983acc:        dsra32  zero,zero,0x30xff7c983ad0:        nop0xff7c983ad4:        break
=> 0xff7c983ad8:        daddiu  sp,sp,-320xff7c983adc:        sd      s8,0(sp)0xff7c983ae0:        sd      ra,8(sp)0xff7c983ae4:        move    s8,sp0xff7c983ae8:        sd      a0,24(s8)0xff7c983aec:        lui     a0,0xff0xff7c983af0:        ori     a0,a0,0x7caf0xff7c983af4:        dsll    a0,a0,0x100xff7c983af8:        ori     a0,a0,0x7a880xff7c983afc:        lw      a0,0(a0)0xff7c983b00:        sltiu   at,a0,1

查看一下传参整型寄存器的值：

(gdb) i r a0
a0: 0xff5800fa28
(gdb) x/g 0xff5800fa28
0xff5800fa28:   0x000000ff7caf7c30

然后用si指令级的单步跟踪。

还可以使用“硬”watchpoint[2]调试GC相关问题：

(gdb) watch *0xff68001bf8
Hardware watchpoint 1: *0xff68001bf8
(gdb) c
Continuing....
Thread 1 "corerun" hit Hardware watchpoint 1: *0xff68001bf8Old value = 0
New value = 1476465840
JIT_WriteBarrier () at /home/loongson/coreclr/src/vm/mips64/asmhelpers.S:206(gdb) c
Continuing....
Thread 1 "corerun" hit Hardware watchpoint 1: *0xff68001bf8Old value = 1476465840
New value = 1476577368
JIT_WriteBarrier () at /home/loongson/coreclr/src/vm/mips64/asmhelpers.S:206

如何跟踪是“谁”生成的JIT代码？

测试用例：JIT/Methodical/Invoke/thiscall/dbgthisnull/dbgthisnull.exe[3]

加压JIT、GC的时候，该测试用例复现段错误：

export CORE_LIBRARIES=/home/loongson/corefx-3.1-Linux.mips64.Debug
export COMPlus_JitFunctionTrace=1
export COMPlus_JitStress=2
export COMPlus_GCStress=1
export COMPlus_HeapVerify=1
gdb -ex=r --args ./bin/Product/Linux.mips64.Debug/corerun ./bin/tests/Linux.mips64.Debug/JIT/Methodical/Invoke/thiscall/_dbgthisnull/_dbgthisnull.exe | tee gdb.log

我们发现该测试用例“故意”造空指针访存：

Program received signal SIGSEGV, Segmentation fault.
0x000000ff7c985948 in ?? ()
(gdb) x/22i $pc-440xff7c98591c:        dext    a0,a0,0x0,0x80xff7c985920:        sltiu   at,a0,10xff7c985924:        beqz    at,0xff7c9859440xff7c985928:        nop0xff7c98592c:        b       0xff7c98596c0xff7c985930:        nop0xff7c985934:        nop0xff7c985938:        nop0xff7c98593c:        nop0xff7c985940:        nop0xff7c985944:        ld      a0,32(s8)
=> 0xff7c985948:        ldc1    $f0,8(a0)0xff7c98594c:        sdc1    $f0,24(s8)0xff7c985950:        nop0xff7c985954:        b       0xff7c9859a00xff7c985958:        nop0xff7c98595c:        nop0xff7c985960:        nop0xff7c985964:        nop0xff7c985968:        nop0xff7c98596c:        bal     0xff7c9859740xff7c985970:        nop
(gdb) i r a0
a0: 0x0

那么ldc1 $f0,8(a0)这条指令是由“谁”生成的呢？

0x000000ff7c985948 in ?? ()
(gdb) x/76i 0x000000ff7c915948-1520xff7c9158b0:        daddiu  sp,sp,-48 <-------- CodeGen::genFnProlog -> CodeGen::genAllocLclFrame0xff7c9158b4:        sd      s8,0(sp)                                 -> CodeGen::genPushCalleeSavedRegisters0xff7c9158b8:        sd      ra,8(sp)                                 -> ...0xff7c9158bc:        move    s8,sp0xff7c9158c0:        sd      a0,32(s8)0xff7c9158c4:        sw      a1,40(s8) <-------- CodeGen::genFnProlog0xff7c9158c8:        lui     a0,0xff      <----- set_Reg_To_Imm0xff7c9158cc:        ori     a0,a0,0x7ca80xff7c9158d0:        dsll    a0,a0,0x100xff7c9158d4:        ori     a0,a0,0x7b50 <----- set_Reg_To_Imm end0xff7c9158d8:        lw      a0,0(a0)0xff7c9158dc:        sltiu   at,a0,1 <---------- CodeGen::genCodeForCompare0xff7c9158e0:        beqz    at,0xff7c9159000xff7c9158e4:        nop0xff7c9158e8:        b       0xff7c9159180xff7c9158ec:        nop0xff7c9158f0:        nop0xff7c9158f4:        nop0xff7c9158f8:        nop0xff7c9158fc:        nop            <----------- CodeGen::genCodeForCompare0xff7c915900:        lui     a0,0xff0xff7c915904:        ori     a0,a0,0xf6a00xff7c915908:        dsll    a0,a0,0x100xff7c91590c:        ori     a0,a0,0x8fa80xff7c915910:        jalr    a00xff7c915914:        move    t9,a00xff7c915918:        lw      a0,40(s8)0xff7c91591c:        dext    a0,a0,0x0,0x80xff7c915920:        sltiu   at,a0,1 <---------- CodeGen::genCodeForCompare0xff7c915924:        beqz    at,0xff7c9159440xff7c915928:        nop0xff7c91592c:        b       0xff7c91596c0xff7c915930:        nop0xff7c915934:        nop0xff7c915938:        nop0xff7c91593c:        nop0xff7c915940:        nop            <----------- CodeGen::genCodeForCompare0xff7c915944:        ld      a0,32(s8)
=> 0xff7c915948:        ldc1    $f0,8(a0)0xff7c91594c:        sdc1    $f0,24(s8)0xff7c915950:        nop0xff7c915954:        b       0xff7c9159a00xff7c915958:        nop0xff7c91595c:        nop0xff7c915960:        nop0xff7c915964:        nop0xff7c915968:        nop0xff7c91596c:        bal     0xff7c9159740xff7c915970:        nop0xff7c915974:        li      at,0x440xff7c915978:        daddu   a0,at,ra0xff7c91597c:        ldc1    $f0,0(a0)0xff7c915980:        sdc1    $f0,24(s8)0xff7c915984:        nop0xff7c915988:        b       0xff7c9159a00xff7c91598c:        nop0xff7c915990:        nop0xff7c915994:        nop0xff7c915998:        nop0xff7c91599c:        nop0xff7c9159a0:        ldc1    $f0,24(s8)0xff7c9159a4:        ld      ra,8(sp) <---------- CodeGen::genFnEpilog -> CodeGen::genPopCalleeSavedRegisters0xff7c9159a8:        ld      s8,0(sp)                                  -> ...0xff7c9159ac:        daddiu  sp,sp,480xff7c9159b0:        jr      ra0xff7c9159b4:        nop              <---------- CodeGen::genFnEpilog...

ldc1 $f0,8(a0)是由emitter::emitInsLoadStoreOp和emitter::emitIns_R_R_I生成。你可以“故意”修改src/jit/codegenmips64.cpp[4]的CodeGen::genCodeForIndir，添加冗余的nop指令：

diff --git a/src/jit/codegenmips64.cpp b/src/jit/codegenmips64.cpp
index ef18106..465bc17 100644
--- a/src/jit/codegenmips64.cpp
+++ b/src/jit/codegenmips64.cpp
@@ -8290,6 +8290,7 @@ void CodeGen::genCodeForIndir(GenTreeIndir* tree)}getEmitter()->emitInsLoadStoreOp(ins, emitActualTypeSize(type), targetReg, tree);
+    instGen(INS_nop);if (emitBarrier){

重新编译，就可以看到“故意”生成的冗余nop指令：

(gdb) x/22i $pc-440xff7c936560:        dext    a0,a0,0x0,0x80xff7c936564:        sltiu   at,a0,10xff7c936568:        beqz    at,0xff7c9365880xff7c93656c:        nop0xff7c936570:        b       0xff7c9365b40xff7c936574:        nop0xff7c936578:        nop0xff7c93657c:        nop0xff7c936580:        nop0xff7c936584:        nop0xff7c936588:        ld      a0,32(s8)
=> 0xff7c93658c:        ldc1    $f0,8(a0)
=> 0xff7c936590:        nop0xff7c936594:        sdc1    $f0,24(s8)0xff7c936598:        nop0xff7c93659c:        b       0xff7c9365e80xff7c9365a0:        nop0xff7c9365a4:        nop0xff7c9365a8:        nop0xff7c9365ac:        nop0xff7c9365b0:        nop0xff7c9365b4:        bal     0xff7c9365bc0xff7c9365b8:        nop

还可以通过grep ldc1 -rn src/jit/来了解访存相关的代码生成。因为ldc1    $f0,8(a0)属于RRI指令形式，所以可以在emitter::emitIns_R_R_I“故意”加入断言：

diff --git a/src/jit/emitmips64.cpp b/src/jit/emitmips64.cpp
index 06b574d..9d19a52 100644
--- a/src/jit/emitmips64.cpp
+++ b/src/jit/emitmips64.cpp
@@ -2513,6 +2513,7 @@ void emitter::emitIns_R_R_I(assert((-32768 <= imm) && (imm <= 32767));assert(isFloatReg(reg1));assert(isGeneralRegisterOrR0(reg2));
+            assert(imm != 8 && reg1 != REG_F0 && reg2 != REG_A0);break;case INS_c_f_s:

gdb bt一下就能知道具体的函数（例如：emitter::emitInsLoadStoreOp）以及行数。

1. https://github.com/dotnet/runtime/issues/37405
2. https://hev.cc/2758.html
3. https://github.com/gsvm/coreclr/blob/mips64-port/tests/src/JIT/Methodical/Invoke/thiscall/_dbgthisnull.ilproj
4. https://github.com/gsvm/coreclr/blob/mips64-port/src/jit/codegenmips64.cpp

相关文章：

• 龙芯团队完成CoreCLR MIPS64移植，在github开源

• Asp.Net终于可以在龙芯服务器上运行啦：Jexus成功完成对国产系列CPU的适配

• .NET Core 对龙芯的支持情况和对 .NET Core 开发嵌入式的思考
  

• 龙芯团队 在移值 MIPS64 下的.NET Core 进度速报