From mboxrd@z Thu Jan  1 00:00:00 1970
Received: from mailman by lists.gnu.org with tmda-scanned (Exim 4.43)
	id 1HgYky-0001DB-Bk
	for qemu-devel@nongnu.org; Wed, 25 Apr 2007 00:05:28 -0400
Received: from exim by lists.gnu.org with spam-scanned (Exim 4.43)
	id 1HgYkx-0001Ct-QS
	for qemu-devel@nongnu.org; Wed, 25 Apr 2007 00:05:28 -0400
Received: from [199.232.76.173] (helo=monty-python.gnu.org)
	by lists.gnu.org with esmtp (Exim 4.43) id 1HgYkx-0001Cq-NM
	for qemu-devel@nongnu.org; Wed, 25 Apr 2007 00:05:27 -0400
Received: from eastrmmtao107.cox.net ([68.230.240.59])
	by monty-python.gnu.org with esmtp (Exim 4.60)
	(envelope-from <sol10x86@cox.net>) id 1HgYfN-0005fv-7W
	for qemu-devel@nongnu.org; Tue, 24 Apr 2007 23:59:41 -0400
Message-ID: <9608107.1177473578562.JavaMail.root@eastrmwml03.mgt.cox.net>
Date: Tue, 24 Apr 2007 23:59:38 -0400
From: Ben Taylor <sol10x86@cox.net>
Subject: Re: [Qemu-devel] [PATCH] fix exception precision for cmpxchg8b
MIME-Version: 1.0
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: 7bit
Reply-To: sol10x86@cox.net, qemu-devel@nongnu.org
List-Id: qemu-devel.nongnu.org
List-Unsubscribe: <http://lists.nongnu.org/mailman/listinfo/qemu-devel>,
	<mailto:qemu-devel-request@nongnu.org?subject=unsubscribe>
List-Archive: <http://lists.gnu.org/pipermail/qemu-devel>
List-Post: <mailto:qemu-devel@nongnu.org>
List-Help: <mailto:qemu-devel-request@nongnu.org?subject=help>
List-Subscribe: <http://lists.nongnu.org/mailman/listinfo/qemu-devel>,
	<mailto:qemu-devel-request@nongnu.org?subject=subscribe>
To: qemu-devel@nongnu.org


a patch like this was posted about 6 weeks ago.  the 
only difference I can see between this and the 
previous patch is the location of the inserted 
function.

take a look at http://lists.gnu.org/archive/html/qemu-devel/2007-03/msg00123.html
for hints.  This patch fixed the Solaris/express install in a qemu
guest.

Ben


---- Nickolai Zeldovich <nickolai@cs.stanford.edu> wrote: 
> In qemu-0.9.0, an exception in cmpxchg8b (e.g. page fault due to a
> missing TLB entry) causes the wrong eip value to be pushed onto the
> exception stack -- it seems to be the eip of the last exception or the
> start of the translation block, whichever happened last.  This makes
> it impossible to resume execution after such an exception.
> 
> The simple patch below fixes it, by explicitly saving the current eip
> before invoking the cmpxchg8b helper; the same approach appears to be
> taken in many other instructions before generating code that could
> raise an exception.  Apologies for the non-tab-clean patch, but it's
> simple enough to apply by hand.
> 
> I can't quite understand what's generating the equivalent piece of
> code (to save pc_start into eip) for the cmpxchgl instruction (defined
> right above cmpxchg8b in translate.c).  I'd be thankful if someone
> could explain to me where it's getting saved.
> 
> Nickolai.
> 
> --- qemu-0.9.0/target-i386/translate.c	2007-02-05 15:01:54.000000000 -0800
> +++ /home/nickolai/build/qemu-0.9.0/target-i386/translate.c	2007-04-24
> 19:33:47.000000000 -0700
> @@ -3800,6 +3800,7 @@
>          if (s->cc_op != CC_OP_DYNAMIC)
>              gen_op_set_cc_op(s->cc_op);
>          gen_lea_modrm(s, modrm, &reg_addr, &offset_addr);
> +        gen_jmp_im(pc_start - s->cs_base);
>          gen_op_cmpxchg8b();
>          s->cc_op = CC_OP_EFLAGS;
>          break;
> 
>