From mboxrd@z Thu Jan  1 00:00:00 1970
Received: from mailman by lists.gnu.org with tmda-scanned (Exim 4.43)
	id 1JoFb6-0003DV-AO
	for qemu-devel@nongnu.org; Tue, 22 Apr 2008 06:19:36 -0400
Received: from exim by lists.gnu.org with spam-scanned (Exim 4.43)
	id 1JoFb3-0003DF-OQ
	for qemu-devel@nongnu.org; Tue, 22 Apr 2008 06:19:35 -0400
Received: from [199.232.76.173] (helo=monty-python.gnu.org)
	by lists.gnu.org with esmtp (Exim 4.43) id 1JoFb3-0003DC-LO
	for qemu-devel@nongnu.org; Tue, 22 Apr 2008 06:19:33 -0400
Received: from gecko.sbs.de ([194.138.37.40])
	by monty-python.gnu.org with esmtps
	(TLS-1.0:DHE_RSA_AES_256_CBC_SHA1:32) (Exim 4.60)
	(envelope-from <jan.kiszka@siemens.com>) id 1JoFb3-0008RZ-7s
	for qemu-devel@nongnu.org; Tue, 22 Apr 2008 06:19:33 -0400
Received: from mail1.sbs.de (localhost [127.0.0.1])
	by gecko.sbs.de (8.12.11.20060308/8.12.11) with ESMTP id m3MAJ83m007605
	for <qemu-devel@nongnu.org>; Tue, 22 Apr 2008 12:19:08 +0200
Received: from [139.25.109.167] (mchn012c.mchp.siemens.de [139.25.109.167]
	(may be forged))
	by mail1.sbs.de (8.12.6/8.12.6) with ESMTP id m3MAJ6GR031984
	for <qemu-devel@nongnu.org>; Tue, 22 Apr 2008 12:19:08 +0200
Message-ID: <480DBB9A.2050905@siemens.com>
Date: Tue, 22 Apr 2008 12:19:06 +0200
From: Jan Kiszka <jan.kiszka@siemens.com>
MIME-Version: 1.0
Content-Type: text/plain; charset=ISO-8859-15
Content-Transfer-Encoding: 7bit
Subject: [Qemu-devel] Fragile MAX_OP_PER_INSTR
Reply-To: qemu-devel@nongnu.org
List-Id: qemu-devel.nongnu.org
List-Unsubscribe: <http://lists.nongnu.org/mailman/listinfo/qemu-devel>,
	<mailto:qemu-devel-request@nongnu.org?subject=unsubscribe>
List-Archive: <http://lists.gnu.org/pipermail/qemu-devel>
List-Post: <mailto:qemu-devel@nongnu.org>
List-Help: <mailto:qemu-devel-request@nongnu.org?subject=help>
List-Subscribe: <http://lists.nongnu.org/mailman/listinfo/qemu-devel>,
	<mailto:qemu-devel-request@nongnu.org?subject=subscribe>
To: qemu-devel@nongnu.org

Hi,

we ran into a weird SEGFAULT of QEMU which turned out to be a corruption
of tcg_ctx due to writing beyond gen_opc_buf. The reason for this was a
too small MAX_OP_PER_INSTR, given a particular toolchain (here the one
of SLES 10 for x86-32). So far it runs fine with

#define MAX_OP_PER_INSTR 64

Does anyone have an idea how to resolve the related comment in exec-all.h?

/* XXX: make safe guess about sizes */

Or should we just increase the safety margin?

Jan

-- 
Siemens AG, Corporate Technology, CT SE 2
Corporate Competence Center Embedded Linux