From: Aurelien Jarno <aurelien@aurel32.net>
To: Kirill Batuzov <batuzovk@ispras.ru>
Cc: Stefan Weil <sw@weilnetz.de>, qemu-devel <qemu-devel@nongnu.org>,
Paolo Bonzini <pbonzini@redhat.com>
Subject: Re: [Qemu-devel] 64-on-32 TCG broken
Date: Sun, 11 Nov 2012 17:05:10 +0100 [thread overview]
Message-ID: <20121111160510.GA11081@ohm.aurel32.net> (raw)
In-Reply-To: <alpine.DEB.2.02.1211071706360.17415@bulbul>
On Wed, Nov 07, 2012 at 05:26:58PM +0400, Kirill Batuzov wrote:
> > diff --git a/tcg/tcg.c b/tcg/tcg.c
> > index c3a7f19..1133438 100644
> > --- a/tcg/tcg.c
> > +++ b/tcg/tcg.c
> > @@ -1329,8 +1329,8 @@ static void tcg_liveness_analysis(TCGContext *s)
> > the low part. The result can be optimized to a simple
> > add or sub. This happens often for x86_64 guest when the
> > cpu mode is set to 32 bit. */
> > - if (dead_temps[args[1]]) {
> > - if (dead_temps[args[0]]) {
> > + if (dead_temps[args[1]] && !mem_temps[1]) {
> > + if (dead_temps[args[0]] && !mem_temps[0]) {
>
> This should be mem_temps[args[1]] and mem_temps[args[0]] I believe.
>
> > goto do_remove;
> > }
> > /* Create the single operation plus nop. */
> > @@ -1355,8 +1355,8 @@ static void tcg_liveness_analysis(TCGContext *s)
> > nb_iargs = 2;
> > nb_oargs = 2;
> > /* Likewise, test for the high part of the operation dead. */
> > - if (dead_temps[args[1]]) {
> > - if (dead_temps[args[0]]) {
> > + if (dead_temps[args[1]] && !mem_temps[1]) {
> > + if (dead_temps[args[0]] && !mem_temps[0]) {
>
> Same here.
>
> > goto do_remove;
> > }
> > gen_opc_buf[op_index] = op = INDEX_op_mul_i32;
>
> Looks like for x86_64 guest temp 0 is the env (always mem_temp), temp 1 -
> cc_op. As a result it can accidentally remove high part of operation
> when it is actually alive but will never optimize out whole operation
> even if its output is really dead.
>
> I've attached a small patch to fix this issue.
>
> I was not able to boot gentoo install CD (amd64) with current trunk.
> Boot process hangs soon after framebuffer initialization. With the patch
> it boots successfully. Command line to reproduce:
>
> qemu-system-x86_64 -cdrom install-amd64-minimal-20121013.iso
>
> --
> Kirill Batuzov
> From 33e1fc03934cebea8d32c98ea34961c80f05d94a Mon Sep 17 00:00:00 2001
> From: Kirill Batuzov <batuzovk@ispras.ru>
> Date: Wed, 7 Nov 2012 15:26:38 +0400
> Subject: [PATCH] tcg: properly check that op's output needs to be synced to
> memory
>
> Fix typo introduced in b3a1be87bac3a6aaa59bb88c1410f170dc9b22d5.
>
> Reported-by: Ruslan Savchenko <ruslan.savchenko@gmail.com>
> Signed-off-by: Kirill Batuzov <batuzovk@ispras.ru>
> ---
> tcg/tcg.c | 8 ++++----
> 1 file changed, 4 insertions(+), 4 deletions(-)
>
> diff --git a/tcg/tcg.c b/tcg/tcg.c
> index 42052db..35fba50 100644
> --- a/tcg/tcg.c
> +++ b/tcg/tcg.c
> @@ -1337,8 +1337,8 @@ static void tcg_liveness_analysis(TCGContext *s)
> the low part. The result can be optimized to a simple
> add or sub. This happens often for x86_64 guest when the
> cpu mode is set to 32 bit. */
> - if (dead_temps[args[1]] && !mem_temps[1]) {
> - if (dead_temps[args[0]] && !mem_temps[0]) {
> + if (dead_temps[args[1]] && !mem_temps[args[1]]) {
> + if (dead_temps[args[0]] && !mem_temps[args[0]]) {
> goto do_remove;
> }
> /* Create the single operation plus nop. */
> @@ -1363,8 +1363,8 @@ static void tcg_liveness_analysis(TCGContext *s)
> nb_iargs = 2;
> nb_oargs = 2;
> /* Likewise, test for the high part of the operation dead. */
> - if (dead_temps[args[1]] && !mem_temps[1]) {
> - if (dead_temps[args[0]] && !mem_temps[0]) {
> + if (dead_temps[args[1]] && !mem_temps[args[1]]) {
> + if (dead_temps[args[0]] && !mem_temps[args[0]]) {
> goto do_remove;
> }
> gen_opc_buf[op_index] = op = INDEX_op_mul_i32;
Thanks, applied.
--
Aurelien Jarno GPG: 1024D/F1BCDB73
aurelien@aurel32.net http://www.aurel32.net
prev parent reply other threads:[~2012-11-11 16:05 UTC|newest]
Thread overview: 15+ messages / expand[flat|nested] mbox.gz Atom feed top
2012-10-29 17:53 [Qemu-devel] x86_64-softmmu broken on Windows (TCG?) Paolo Bonzini
2012-10-29 18:29 ` Aurelien Jarno
2012-10-30 8:15 ` [Qemu-devel] 64-on-32 TCG broken [was Re: x86_64-softmmu broken on Windows (TCG?)] Paolo Bonzini
2012-10-30 22:24 ` [Qemu-devel] 64-on-32 TCG broken Stefan Weil
2012-10-30 23:22 ` Aurelien Jarno
2012-10-30 23:56 ` Aurelien Jarno
2012-10-31 12:40 ` Aurelien Jarno
2012-10-31 14:01 ` Paolo Bonzini
2012-10-31 14:05 ` Peter Maydell
2012-10-31 14:08 ` Paolo Bonzini
2012-10-31 15:23 ` Aurelien Jarno
2012-10-31 17:05 ` Stefan Weil
2012-10-31 21:48 ` Aurelien Jarno
2012-11-07 13:26 ` Kirill Batuzov
2012-11-11 16:05 ` Aurelien Jarno [this message]
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20121111160510.GA11081@ohm.aurel32.net \
--to=aurelien@aurel32.net \
--cc=batuzovk@ispras.ru \
--cc=pbonzini@redhat.com \
--cc=qemu-devel@nongnu.org \
--cc=sw@weilnetz.de \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).