[Qemu-devel] A strange segmentation fault

[Qemu-devel] A strange segmentation fault

[Heng Yin]

Hi Qemu developers,

I'm running into a strange problem, when I do some implementation on Qemu.

In target_i386/op.c, if I add a function call in the following function, 
  Qemu will crash immediately after execution.

void OPPROTO op_jnz_T0_label(void)
{
     helper_test(T0); //this is the function I add
     if (T0)
         GOTO_LABEL_PARAM(1);
     FORCE_RET();
}

I define this function in target_i386/helper.c:
int helper_test(int a)
{
     return a*3;
}

However, if my function takes no arguments, qemu works well.
void OPPROTO op_jnz_T0_label(void)
{
     helper_test(); //this is the function I add
     if (T0)
         GOTO_LABEL_PARAM(1);
     FORCE_RET();
}

I define this function in target_i386/helper.c:
int helper_test()
{
     return 100+cpu_single_env;
}

I built qemu on linux, and tested it on 0.8.0 and 0.8.2, and the problem 
appeared on both versions. I also tried to load winxp and linux images 
with three different options for kqemu: -kernel-kqemu -no-kqemu (none), 
and nothing is changed.

Below is the message I got in gdb:

Program received signal SIGSEGV, Segmentation fault.
[Switching to Thread -1212746048 (LWP 5587)]
0x00000001 in ?? ()
(gdb) bt
#0  0x00000001 in ?? ()
#1  0x080bac6c in cpu_x86_exec (env1=0x40) at 
/home/hyin/qemu-0.8.2/cpu-exec.c:772
#2  0x08050a62 in main_loop () at /home/hyin/qemu-0.8.2/vl.c:5069
#3  0x08051fe2 in main (argc=3324, argv=0x8) at 
/home/hyin/qemu-0.8.2/vl.c:6221

Can you guys give any idea of what may cause this problem and how to 
solve it?

Thanks,
Heng

[Qemu-devel] a strange segmentation fault

[Heng Yin]

Hi QEMU developers,

I'm running into a strange problem when I add some my own stuff in QEMU.
If I add a function call in the following position, QEMU will crash 
immediately after execution.

In target-i386/op.c:
void OPPROTO op_jnz_T0_label(void)
{
     helper_test(T0); //my own function
     if (T0)
         GOTO_LABEL_PARAM(1);
     FORCE_RET();
}

I define this function in target-i386/helper.c:

int helper_test(int t0)
{
     return 100+t0;
}

I try it on the two versions: 0.8.2 and 0.8.0. The problem appears no 
matter what kqemu option (-kernel-kqemu -no-kqmeu, or none) is used and 
what guest os (linux or winxp) is to launch.

I got the following message from gdb:

Program received signal SIGSEGV, Segmentation fault.
[Switching to Thread -1212991808 (LWP 28612)]
0x00000001 in ?? ()
(gdb) bt
#0  0x00000001 in ?? ()
#1  0x080bac6c in cpu_x86_exec (env1=0x40)
     at /home/hyin/qemu-0.8.2/cpu-exec.c:772
#2  0x08050a62 in main_loop () at /home/hyin/qemu-0.8.2/vl.c:5069
#3  0x08051fe2 in main (argc=3324, argv=0x8)
     at /home/hyin/qemu-0.8.2/vl.c:6221
(gdb)

Interestingly, if I change the function helper_test to take no 
arguments, the fault will be gone.

Can anybody give any hints of what may cause this fault and how to solve it?

Thanks,
Heng

Re: [Qemu-devel] a strange segmentation fault

[Paul Brook]

>      helper_test(T0); //my own function
>      if (T0)
>          GOTO_LABEL_PARAM(1);
>      FORCE_RET();

ops that use GOTO_LABEL_PARM or EXIT_TB must not have a stack frame.

Paul

Re: [Qemu-devel] a strange segmentation fault

[Heng Yin]

Paul,

Thank you! I didn't know it, as nobody told me. :)

Heng

Paul Brook wrote:
>>      helper_test(T0); //my own function
>>      if (T0)
>>          GOTO_LABEL_PARAM(1);
>>      FORCE_RET();
> 
> ops that use GOTO_LABEL_PARM or EXIT_TB must not have a stack frame.
> 
> Paul
> 
> 
> _______________________________________________
> Qemu-devel mailing list
> Qemu-devel@nongnu.org
> http://lists.nongnu.org/mailman/listinfo/qemu-devel