From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from eggs.gnu.org ([2001:4830:134:3::10]:46253) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1VT5Ek-0006TQ-GW for qemu-devel@nongnu.org; Mon, 07 Oct 2013 03:28:19 -0400 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1VT5Ef-0005G4-9k for qemu-devel@nongnu.org; Mon, 07 Oct 2013 03:28:14 -0400 Received: from cantor2.suse.de ([195.135.220.15]:32922 helo=mx2.suse.de) by eggs.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1VT5Ef-0005Fy-0K for qemu-devel@nongnu.org; Mon, 07 Oct 2013 03:28:09 -0400 Message-ID: <52526283.8040407@suse.de> Date: Mon, 07 Oct 2013 09:28:03 +0200 From: =?ISO-8859-1?Q?Andreas_F=E4rber?= MIME-Version: 1.0 References: <20131003140937.GA59761@enceladus10.kn-bremen.de> <524E6B19.9020805@siemens.com> <20131005175432.GA25070@enceladus10.kn-bremen.de> <5250551E.6020105@weilnetz.de> <20131005214537.GA42901@enceladus10.kn-bremen.de> In-Reply-To: <20131005214537.GA42901@enceladus10.kn-bremen.de> Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: quoted-printable Subject: Re: [Qemu-devel] [PATCH] cpu-exec(): also reload CPUClass *cc after longjmp return List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , To: Juergen Lock Cc: Peter Maydell , Stefan Weil , Dimitry Andric , QEMU Developers , Jan Kiszka Am 05.10.2013 23:45, schrieb Juergen Lock: > On Sat, Oct 05, 2013 at 08:06:22PM +0200, Stefan Weil wrote: >> Am 05.10.2013 19:54, schrieb Juergen Lock: >>> On Fri, Oct 04, 2013 at 09:15:37AM +0200, Jan Kiszka wrote: >>>> On 2013-10-03 18:05, Peter Maydell wrote: >>>>> On 3 October 2013 23:09, Juergen Lock w= rote: >>>>>> Local variable CPUClass *cc needs to be reloaded after return from= longjmp >>>>>> too. (This fixes the mips-softmmu crash observed on FreeBSD when = qemu is >>>>>> built with clang.) >>>>>> >>>>>> Signed-off-by: Juergen Lock >>>>>> Found-by: Dimitry Andric >>>>>> >>>>>> --- a/cpu-exec.c >>>>>> +++ b/cpu-exec.c >>>>>> @@ -681,6 +681,10 @@ int cpu_exec(CPUArchState *env) >>>>>> * local variables as longjmp is marked 'noreturn'. *= / >>>>>> cpu =3D current_cpu; >>>>>> env =3D cpu->env_ptr; >>>>>> +#if !(defined(CONFIG_USER_ONLY) && \ >>>>>> + (defined(TARGET_M68K) || defined(TARGET_PPC) || defined(TAR= GET_S390X))) >>>>>> + cc =3D CPU_GET_CLASS(cpu); >>>>>> +#endif >>>>> This is a c compiler or libc bug -- the C standard says that this >>>>> local variable should not be trashed by the longjmp. We were >>>>> actually discussing removing the current workarounds there... >>>> But we didn't decide if we should stop supporting the affected compi= ler >>>> versions. >>>> >>>> Does this issue also exist with the latest clang version available f= or >>>> your platform? >>>> >>> It happens with up to date clang as it's in FreeBSD 10.0-current >>> which is due for a release soon. I think the clang folks are looking >>> into this issue but I don't know if a fix will make it into the >>> release... (For now I've added the workaround to the FreeBSD >>> qemu-devel port.) >>> >>> Thanx, >>> Juergen >> >> >> Could you try whether QEMU crashes when it was configured with >> TCG interpreter (--enable-tcg-interpreter)? If it does not crash, it >> might be that TCG does not save / restore enough registers. >> > Still crashes the same. Practical bugfix beats theoretical optimization, so I'm queuing the patch (w/ message tweaked) until someone comes up with a better one: https://github.com/afaerber/qemu-cpu/commits/qom-cpu Thanks, Andreas >=20 >> Which register is used for the local variable 'cc'? >> > Here is the original debug log with part of the disassembly: >=20 > http://people.freebsd.org/~nox/tmp/qemu-1.6.0-mips-softmmu-crash.txt >=20 > (I wrote the comment at the top before I knew cc needs to be reloaded..= .) >=20 > So apparently cc gets loaded from the stack before the crash: -0x40(%r= bp) >=20 > Thanx, > Juergen >=20 --=20 SUSE LINUX Products GmbH, Maxfeldstr. 5, 90409 N=FCrnberg, Germany GF: Jeff Hawn, Jennifer Guild, Felix Imend=F6rffer; HRB 16746 AG N=FCrnbe= rg