From: Roman Bolshakov <r.bolshakov@yadro.com>
To: Richard Henderson <richard.henderson@linaro.org>
Cc: peter.maydell@linaro.org, qemu-devel@nongnu.org,
"Philippe Mathieu-Daudé" <f4bug@amsat.org>
Subject: Re: [PULL v2 10/10] tcg: Restart code generation when we run out of temps
Date: Mon, 25 Jan 2021 12:15:19 +0300 [thread overview]
Message-ID: <YA6MJ1r+GRUXvVQJ@SPB-NB-133.local> (raw)
In-Reply-To: <20210124181122.5447-2-richard.henderson@linaro.org>
On Sun, Jan 24, 2021 at 08:11:22AM -1000, Richard Henderson wrote:
> Some large translation blocks can generate so many unique
> constants that we run out of temps to hold them. In this
> case, longjmp back to the start of code generation and
> restart with a smaller translation block.
>
> Buglink: https://bugs.launchpad.net/bugs/1912065
> Tested-by: BALATON Zoltan <balaton@eik.bme.hu>
> Reviewed-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
> Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
> ---
> include/tcg/tcg.h | 3 +++
> accel/tcg/translate-all.c | 15 ++++++++++++++-
> tcg/tcg.c | 11 ++++++++---
> 3 files changed, 25 insertions(+), 4 deletions(-)
>
> diff --git a/include/tcg/tcg.h b/include/tcg/tcg.h
> index c5a9d65d5f..0f0695e90d 100644
> --- a/include/tcg/tcg.h
> +++ b/include/tcg/tcg.h
> @@ -680,6 +680,9 @@ struct TCGContext {
>
> uint16_t gen_insn_end_off[TCG_MAX_INSNS];
> target_ulong gen_insn_data[TCG_MAX_INSNS][TARGET_INSN_START_WORDS];
> +
> + /* Exit to translator on overflow. */
> + sigjmp_buf jmp_trans;
> };
>
> static inline bool temp_readonly(TCGTemp *ts)
> diff --git a/accel/tcg/translate-all.c b/accel/tcg/translate-all.c
> index d09c187e0f..81d4c83f22 100644
> --- a/accel/tcg/translate-all.c
> +++ b/accel/tcg/translate-all.c
> @@ -1926,11 +1926,17 @@ TranslationBlock *tb_gen_code(CPUState *cpu,
> ti = profile_getclock();
> #endif
>
> + gen_code_size = sigsetjmp(tcg_ctx->jmp_trans, 0);
> + if (unlikely(gen_code_size != 0)) {
> + goto error_return;
> + }
> +
> tcg_func_start(tcg_ctx);
>
> tcg_ctx->cpu = env_cpu(env);
> gen_intermediate_code(cpu, tb, max_insns);
> tcg_ctx->cpu = NULL;
> + max_insns = tb->icount;
>
> trace_translate_block(tb, tb->pc, tb->tc.ptr);
>
> @@ -1955,6 +1961,7 @@ TranslationBlock *tb_gen_code(CPUState *cpu,
>
> gen_code_size = tcg_gen_code(tcg_ctx, tb);
> if (unlikely(gen_code_size < 0)) {
> + error_return:
> switch (gen_code_size) {
> case -1:
> /*
> @@ -1966,6 +1973,9 @@ TranslationBlock *tb_gen_code(CPUState *cpu,
> * flush the TBs, allocate a new TB, re-initialize it per
> * above, and re-do the actual code generation.
> */
> + qemu_log_mask(CPU_LOG_TB_OP | CPU_LOG_TB_OP_OPT,
> + "Restarting code generation for "
> + "code_gen_buffer overflow\n");
> goto buffer_overflow;
>
> case -2:
> @@ -1978,9 +1988,12 @@ TranslationBlock *tb_gen_code(CPUState *cpu,
> * Try again with half as many insns as we attempted this time.
> * If a single insn overflows, there's a bug somewhere...
> */
> - max_insns = tb->icount;
> assert(max_insns > 1);
> max_insns /= 2;
> + qemu_log_mask(CPU_LOG_TB_OP | CPU_LOG_TB_OP_OPT,
> + "Restarting code generation with "
> + "smaller translation block (max %d insns)\n",
> + max_insns);
> goto tb_overflow;
>
> default:
> diff --git a/tcg/tcg.c b/tcg/tcg.c
> index 67b08f708d..9e1b0d73c7 100644
> --- a/tcg/tcg.c
> +++ b/tcg/tcg.c
> @@ -1205,18 +1205,23 @@ void tcg_func_start(TCGContext *s)
> QSIMPLEQ_INIT(&s->labels);
> }
>
> -static inline TCGTemp *tcg_temp_alloc(TCGContext *s)
> +static TCGTemp *tcg_temp_alloc(TCGContext *s)
> {
> int n = s->nb_temps++;
> - tcg_debug_assert(n < TCG_MAX_TEMPS);
> +
> + if (n >= TCG_MAX_TEMPS) {
> + /* Signal overflow, starting over with fewer guest insns. */
> + siglongjmp(s->jmp_trans, -2);
> + }
> return memset(&s->temps[n], 0, sizeof(TCGTemp));
> }
>
> -static inline TCGTemp *tcg_global_alloc(TCGContext *s)
> +static TCGTemp *tcg_global_alloc(TCGContext *s)
> {
> TCGTemp *ts;
>
> tcg_debug_assert(s->nb_globals == s->nb_temps);
> + tcg_debug_assert(s->nb_globals < TCG_MAX_TEMPS);
> s->nb_globals++;
> ts = tcg_temp_alloc(s);
> ts->kind = TEMP_GLOBAL;
> --
> 2.25.1
>
>
Hi Richard,
Thanks for providing the fix.
Tested-by: Roman Bolshakov <r.bolshakov@yadro.com>
Regards,
Roman
next prev parent reply other threads:[~2021-01-25 9:57 UTC|newest]
Thread overview: 4+ messages / expand[flat|nested] mbox.gz Atom feed top
2021-01-24 18:11 [PULL v2 00/10] tcg patch queue Richard Henderson
2021-01-24 18:11 ` [PULL v2 10/10] tcg: Restart code generation when we run out of temps Richard Henderson
2021-01-25 9:15 ` Roman Bolshakov [this message]
2021-01-25 10:35 ` [PULL v2 00/10] tcg patch queue Peter Maydell
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=YA6MJ1r+GRUXvVQJ@SPB-NB-133.local \
--to=r.bolshakov@yadro.com \
--cc=f4bug@amsat.org \
--cc=peter.maydell@linaro.org \
--cc=qemu-devel@nongnu.org \
--cc=richard.henderson@linaro.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).