From mboxrd@z Thu Jan  1 00:00:00 1970
Received: from mailman by lists.gnu.org with tmda-scanned (Exim 4.43)
	id 1JrE7H-0003vu-Gc
	for qemu-devel@nongnu.org; Wed, 30 Apr 2008 11:21:07 -0400
Received: from exim by lists.gnu.org with spam-scanned (Exim 4.43)
	id 1JrE7F-0003v8-Rg
	for qemu-devel@nongnu.org; Wed, 30 Apr 2008 11:21:06 -0400
Received: from [199.232.76.173] (port=57012 helo=monty-python.gnu.org)
	by lists.gnu.org with esmtp (Exim 4.43) id 1JrE7F-0003v5-Jd
	for qemu-devel@nongnu.org; Wed, 30 Apr 2008 11:21:05 -0400
Received: from os.inf.tu-dresden.de ([141.76.48.99])
	by monty-python.gnu.org with esmtps
	(TLS-1.0:DHE_RSA_AES_256_CBC_SHA1:32) (Exim 4.60)
	(envelope-from <adam@os.inf.tu-dresden.de>) id 1JrE7F-0003Nz-E2
	for qemu-devel@nongnu.org; Wed, 30 Apr 2008 11:21:05 -0400
Received: from erwin.inf.tu-dresden.de ([141.76.48.80]
	helo=os.inf.tu-dresden.de)
	by os.inf.tu-dresden.de with esmtps (TLSv1:AES256-SHA:256) (Exim 4.69)
	id 1JrE7D-00025U-Tj
	for qemu-devel@nongnu.org; Wed, 30 Apr 2008 17:21:04 +0200
Date: Wed, 30 Apr 2008 17:21:02 +0200
From: Adam Lackorzynski <adam@os.inf.tu-dresden.de>
Subject: Re: [Qemu-devel] Crash due to invalid env->current_tb
Message-ID: <20080430152102.GC6712@os.inf.tu-dresden.de>
References: <20080429115614.GA15524@os.inf.tu-dresden.de>
	<f43fc5580804291009s4dea4233y472c9823f42d021c@mail.gmail.com>
	<20080429184011.GK17356@os.inf.tu-dresden.de>
	<C654F6F0-37A1-4E18-B067-7B8EBC724401@suse.de>
	<20080430151132.GB6712@os.inf.tu-dresden.de>
MIME-Version: 1.0
Content-Type: text/plain; charset=iso-8859-1
Content-Disposition: inline
In-Reply-To: <20080430151132.GB6712@os.inf.tu-dresden.de>
Reply-To: qemu-devel@nongnu.org
List-Id: qemu-devel.nongnu.org
List-Unsubscribe: <http://lists.nongnu.org/mailman/listinfo/qemu-devel>,
	<mailto:qemu-devel-request@nongnu.org?subject=unsubscribe>
List-Archive: <http://lists.gnu.org/pipermail/qemu-devel>
List-Post: <mailto:qemu-devel@nongnu.org>
List-Help: <mailto:qemu-devel-request@nongnu.org?subject=help>
List-Subscribe: <http://lists.nongnu.org/mailman/listinfo/qemu-devel>,
	<mailto:qemu-devel-request@nongnu.org?subject=subscribe>
To: qemu-devel@nongnu.org


On Wed Apr 30, 2008 at 17:11:32 +0200, Adam Lackorzynski wrote:
> On Wed Apr 30, 2008 at 11:08:46 +0200, Alexander Graf wrote:
> > There was a comment from Fabrice on how to do prologues in TCG to save / 
> > restore the clobbered values. Btw, ebx gets clobbered as well.
> 
> tcg/README says that some registers are clobbered. So something like
> this should be safe:
> 
> Index: cpu-exec.c
> ===================================================================
> --- cpu-exec.c	(revision 4276)
> +++ cpu-exec.c	(working copy)
> @@ -690,6 +691,15 @@
>  		fp.ip = tc_ptr;
>  		fp.gp = code_gen_buffer + 2 * (1 << 20);
>  		(*(void (*)(void)) &fp)();
> +#elif defined(__i386)
> +		asm volatile ("push %%ebp\n"
> +		              "push %%ebx\n"
> +		              "call *%1\n"
> +			      "pop %%ebx\n"
> +			      "pop %%ebp\n"
> +		              : "=a" (T0)
> +			      : "r" (gen_func)
> +			      : "esi", "edi", "ecx", "edx");
>  #else
>                  T0 = gen_func();
>  #endif

I just realised that the push and pop of ebx is not needed as T0 is ebx
which gets overwritten in the output anyway.

Index: cpu-exec.c
===================================================================
--- cpu-exec.c	(revision 4276)
+++ cpu-exec.c	(working copy)
@@ -690,6 +691,13 @@
 		fp.ip = tc_ptr;
 		fp.gp = code_gen_buffer + 2 * (1 << 20);
 		(*(void (*)(void)) &fp)();
+#elif defined(__i386)
+		asm volatile ("push %%ebp\n"
+		              "call *%1\n"
+			      "pop %%ebp\n"
+		              : "=a" (T0)
+			      : "r" (gen_func)
+			      : "esi", "edi", "ecx", "edx");
 #else
                 T0 = gen_func();
 #endif


Adam
-- 
Adam                 adam@os.inf.tu-dresden.de
  Lackorzynski         http://os.inf.tu-dresden.de/~adam/