* [Qemu-devel] help with helper functions
@ 2012-03-19 22:34 João Corrêa
2012-03-20 8:20 ` Peter Maydell
0 siblings, 1 reply; 2+ messages in thread
From: João Corrêa @ 2012-03-19 22:34 UTC (permalink / raw)
To: qemu-devel
[-- Attachment #1.1: Type: text/plain, Size: 839 bytes --]
Hi Guys,
I'm trying to use some helper functions to instrument translated code, but
I'm getting some segfaults while doing it. Here are some code I've placed:
target-i386/helper.h
DEF_HELPER_1(foo, void, tl)
target-i386/op_helper.c
#ifdef TARGET_X86_64
void foo(target_ulong t0){
}
target-i386/translate.c
static inline void gen_jmp_im(target_ulong pc){
#ifdef TARGET_X86_64
printf("test2\n");
gen_foo(pc);
printf("test3\n");
#endif
tcg_gen_movi_tl(cpu_tmp0, pc);
tcg_gen_st_tl(cpu_tmp0, cpu_env, offsetof(CPUState, eip));
}
What happens is that, test2 is printed but test3 is never printed, what
means that the function gen_foo(pc) never ended.
Attached to this e-mail follows the output generated with valgrind.
Any help will be very useful. Thanks in advance.
João.
[-- Attachment #1.2: Type: text/html, Size: 1236 bytes --]
[-- Attachment #2: valgrind_output --]
[-- Type: application/octet-stream, Size: 2587 bytes --]
joao@localhost:~/counter$ valgrind qemu-x86_64 counter
==9167== Memcheck, a memory error detector
==9167== Copyright (C) 2002-2010, and GNU GPL'd, by Julian Seward et al.
==9167== Using Valgrind-3.6.1-Debian and LibVEX; rerun with -h for copyright info
==9167== Command: qemu-x86_64 counter
==9167==
==9167== Warning: ignored attempt to set SIGKILL handler in sigaction();
==9167== the SIGKILL signal is uncatchable
==9167== Warning: ignored attempt to set SIGRT32 handler in sigaction();
==9167== the SIGRT32 signal is used internally by Valgrind
teste2
==9167== Conditional jump or move depends on uninitialised value(s)
==9167== at 0x601900B5: ??? (in /usr/local/bin/qemu-x86_64)
==9167== by 0x6238D1D9: ???
==9167== by 0x6238D1BF: ???
==9167==
==9167== Invalid read of size 4
==9167== at 0x6018F43D: ??? (in /usr/local/bin/qemu-x86_64)
==9167== by 0x6238D74F: ???
==9167== by 0x7E4CFFA7: ???
==9167== by 0x6238D75F: ???
==9167== by 0x1FFFFFFFF: ???
==9167== Address 0x7e4cffb0 is not stack'd, malloc'd or (recently) free'd
==9167==
qemu: uncaught target signal 11 (Segmentation fault) - core dumped
==9167== Syscall param rt_sigaction(act->sa_flags) points to uninitialised byte(s)
==9167== at 0x4DC1165: __libc_sigaction (sigaction.c:67)
==9167== by 0x6017ACF6: ??? (in /usr/local/bin/qemu-x86_64)
==9167== by 0xFFFFFFFFFFFFFFFE: ???
==9167== by 0xFFFFFFFFFFFFFFFE: ???
==9167== by 0xFFFFFFFFFFFFFFFE: ???
==9167== by 0xFFFFFFFFFFFFFFFE: ???
==9167== by 0xFFFFFFFFFFFFFFFE: ???
==9167== by 0xFFFFFFFFFFFFFFFE: ???
==9167== by 0xFFFFFFFFFFFFFFFE: ???
==9167== by 0xFFFFFFFFFFFFFFFE: ???
==9167== by 0xFFFFFFFFFFFFFFFE: ???
==9167== by 0xFFFFFFFFFFFFFFFE: ???
==9167== Address 0x7fefff630 is on thread 1's stack
==9167==
==9167==
==9167== HEAP SUMMARY:
==9167== in use at exit: 63,163,205 bytes in 82 blocks
==9167== total heap usage: 232 allocs, 150 frees, 63,191,746 bytes allocated
==9167==
==9167== LEAK SUMMARY:
==9167== definitely lost: 47 bytes in 2 blocks
==9167== indirectly lost: 0 bytes in 0 blocks
==9167== possibly lost: 0 bytes in 0 blocks
==9167== still reachable: 63,163,158 bytes in 80 blocks
==9167== suppressed: 0 bytes in 0 blocks
==9167== Rerun with --leak-check=full to see details of leaked memory
==9167==
==9167== For counts of detected and suppressed errors, rerun with: -v
==9167== Use --track-origins=yes to see where uninitialised values come from
==9167== ERROR SUMMARY: 3 errors from 3 contexts (suppressed: 6 from 6)
Segmentation fault
^ permalink raw reply [flat|nested] 2+ messages in thread
* Re: [Qemu-devel] help with helper functions
2012-03-19 22:34 [Qemu-devel] help with helper functions João Corrêa
@ 2012-03-20 8:20 ` Peter Maydell
0 siblings, 0 replies; 2+ messages in thread
From: Peter Maydell @ 2012-03-20 8:20 UTC (permalink / raw)
To: João Corrêa; +Cc: qemu-devel
On 19 March 2012 22:34, João Corrêa <joao.lvwr@gmail.com> wrote:
> I'm trying to use some helper functions to instrument translated code, but
> I'm getting some segfaults while doing it. Here are some code I've placed:
>
> target-i386/helper.h
> DEF_HELPER_1(foo, void, tl)
>
> target-i386/op_helper.c
> #ifdef TARGET_X86_64
>
> void foo(target_ulong t0){
Should be
HELPER(foo)(target_ulong t0) {
> }
>
> target-i386/translate.c
> static inline void gen_jmp_im(target_ulong pc){
> #ifdef TARGET_X86_64
> printf("test2\n");
> gen_foo(pc);
should be gen_helper_foo().
But your main problem here is that gen_helper_*() take TCGv
types (TCG values), not immediate constants. You need to emit
TCG code to load 'pc' into a TCG temporary first.
If you configure --enable-debug then it ought to put in some
extra typechecking code which will make this fail compilation.
-- PMM
^ permalink raw reply [flat|nested] 2+ messages in thread
end of thread, other threads:[~2012-03-20 8:20 UTC | newest]
Thread overview: 2+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2012-03-19 22:34 [Qemu-devel] help with helper functions João Corrêa
2012-03-20 8:20 ` Peter Maydell
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).