From mboxrd@z Thu Jan  1 00:00:00 1970
Received: from mailman by lists.gnu.org with tmda-scanned (Exim 4.43)
	id 1JrGw5-0004iP-5a
	for qemu-devel@nongnu.org; Wed, 30 Apr 2008 14:21:45 -0400
Received: from exim by lists.gnu.org with spam-scanned (Exim 4.43)
	id 1JrGw3-0004hH-Pl
	for qemu-devel@nongnu.org; Wed, 30 Apr 2008 14:21:44 -0400
Received: from [199.232.76.173] (port=36565 helo=monty-python.gnu.org)
	by lists.gnu.org with esmtp (Exim 4.43) id 1JrGw3-0004gt-KU
	for qemu-devel@nongnu.org; Wed, 30 Apr 2008 14:21:43 -0400
Received: from ug-out-1314.google.com ([66.249.92.172])
	by monty-python.gnu.org with esmtp (Exim 4.60)
	(envelope-from <blauwirbel@gmail.com>) id 1JrGw3-0007Xa-6O
	for qemu-devel@nongnu.org; Wed, 30 Apr 2008 14:21:43 -0400
Received: by ug-out-1314.google.com with SMTP id m2so1484756uge.4
	for <qemu-devel@nongnu.org>; Wed, 30 Apr 2008 11:21:42 -0700 (PDT)
Message-ID: <f43fc5580804301121q14ab1a9bx8e944bc2ed135fcc@mail.gmail.com>
Date: Wed, 30 Apr 2008 21:21:40 +0300
From: "Blue Swirl" <blauwirbel@gmail.com>
Subject: Re: [Qemu-devel] Crash due to invalid env->current_tb
In-Reply-To: <67C63B39-3EBE-4E1F-B46B-D2FE7AAC001F@suse.de>
MIME-Version: 1.0
Content-Type: multipart/mixed;
	boundary="----=_Part_2337_10150044.1209579700750"
References: <20080429115614.GA15524@os.inf.tu-dresden.de>
	<f43fc5580804291009s4dea4233y472c9823f42d021c@mail.gmail.com>
	<20080429184011.GK17356@os.inf.tu-dresden.de>
	<C654F6F0-37A1-4E18-B067-7B8EBC724401@suse.de>
	<20080430151132.GB6712@os.inf.tu-dresden.de>
	<20080430152102.GC6712@os.inf.tu-dresden.de>
	<67C63B39-3EBE-4E1F-B46B-D2FE7AAC001F@suse.de>
Reply-To: qemu-devel@nongnu.org
List-Id: qemu-devel.nongnu.org
List-Unsubscribe: <http://lists.nongnu.org/mailman/listinfo/qemu-devel>,
	<mailto:qemu-devel-request@nongnu.org?subject=unsubscribe>
List-Archive: <http://lists.gnu.org/pipermail/qemu-devel>
List-Post: <mailto:qemu-devel@nongnu.org>
List-Help: <mailto:qemu-devel-request@nongnu.org?subject=help>
List-Subscribe: <http://lists.nongnu.org/mailman/listinfo/qemu-devel>,
	<mailto:qemu-devel-request@nongnu.org?subject=subscribe>
To: qemu-devel@nongnu.org

------=_Part_2337_10150044.1209579700750
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 7bit
Content-Disposition: inline

On 4/30/08, Alexander Graf <agraf@suse.de> wrote:
>
>  On Apr 30, 2008, at 5:21 PM, Adam Lackorzynski wrote:
>
>
> >
> > On Wed Apr 30, 2008 at 17:11:32 +0200, Adam Lackorzynski wrote:
> >
> > > On Wed Apr 30, 2008 at 11:08:46 +0200, Alexander Graf wrote:
> > >
> > > > There was a comment from Fabrice on how to do prologues in TCG to save
> /
> > > > restore the clobbered values. Btw, ebx gets clobbered as well.
> > > >
> > >
> > > tcg/README says that some registers are clobbered. So something like
> > > this should be safe:
> > >
> > > Index: cpu-exec.c
> > >
> ===================================================================
> > > --- cpu-exec.c  (revision 4276)
> > > +++ cpu-exec.c  (working copy)
> > > @@ -690,6 +691,15 @@
> > >                fp.ip = tc_ptr;
> > >                fp.gp = code_gen_buffer + 2 * (1 << 20);
> > >                (*(void (*)(void)) &fp)();
> > > +#elif defined(__i386)
> > > +               asm volatile ("push %%ebp\n"
> > > +                             "push %%ebx\n"
> > > +                             "call *%1\n"
> > > +                             "pop %%ebx\n"
> > > +                             "pop %%ebp\n"
> > > +                             : "=a" (T0)
> > > +                             : "r" (gen_func)
> > > +                             : "esi", "edi", "ecx", "edx");
> > > #else
> > >                T0 = gen_func();
> > > #endif
> > >
> >
> > I just realised that the push and pop of ebx is not needed as T0 is ebx
> > which gets overwritten in the output anyway.
> >
>
>  Why is T0 =a then? Shouldn't =a mean "input and output on eax for T0"?

GCC-Inline-Assembly-HOWTO:
"=" : Means that this operand is write-only for this instruction; the
previous value is discarded and replaced by output data.

The attached version survives quick tests for both Sparc32 and Sparc64.

------=_Part_2337_10150044.1209579700750
Content-Type: plain/text; name=fix_i386.diff
Content-Transfer-Encoding: base64
X-Attachment-Id: f_ffo8ho0a
Content-Disposition: attachment; filename=fix_i386.diff

SW5kZXg6IHFlbXUvY3B1LWV4ZWMuYwo9PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09
PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09Ci0tLSBxZW11Lm9yaWcvY3B1LWV4ZWMu
YwkyMDA4LTA0LTMwIDE3OjEwOjE4LjAwMDAwMDAwMCArMDAwMAorKysgcWVtdS9jcHUtZXhlYy5j
CTIwMDgtMDQtMzAgMTg6MTc6NTcuMDAwMDAwMDAwICswMDAwCkBAIC02OTAsNiArNjkwLDIzIEBA
CiAJCWZwLmlwID0gdGNfcHRyOwogCQlmcC5ncCA9IGNvZGVfZ2VuX2J1ZmZlciArIDIgKiAoMSA8
PCAyMCk7CiAJCSgqKHZvaWQgKCopKHZvaWQpKSAmZnApKCk7CisjZWxpZiBkZWZpbmVkKF9faTM4
NikKKyNpZiAoVEFSR0VUX0xPTkdfQklUUyA9PSAzMikKKyAgICAgICAgICAgICAgICBhc20gdm9s
YXRpbGUgKCJjYWxsIColJWVheFxuIgorICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgOiAi
PWEiIChUMCkKKyAgICAgICAgICAgICAgICAgICAgICAgICAgICAgIDogImEiIChnZW5fZnVuYykK
KyAgICAgICAgICAgICAgICAgICAgICAgICAgICAgIDogICJlY3giLCAiZWR4IiwgImVzaSIsICJl
ZGkiLCAiZWJwIik7CisjZWxzZQorICAgICAgICAgICAgICAgIHsKKyAgICAgICAgICAgICAgICAg
ICAgbG9uZyB0ZW1wOworCisgICAgICAgICAgICAgICAgICAgIGFzbSB2b2xhdGlsZSAoImNhbGwg
KiUlZWF4XG4iCisgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgOiAiPWEiICh0ZW1w
KQorICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgIDogImEiIChnZW5fZnVuYykKKyAg
ICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICA6ICJlYngiLCAiZWN4IiwgImVkeCIsICJl
c2kiLCAiZWRpIiwgImVicCIpOworICAgICAgICAgICAgICAgICAgICBUMCA9IHRlbXA7CisgICAg
ICAgICAgICAgICAgfQorI2VuZGlmCiAjZWxzZQogICAgICAgICAgICAgICAgIFQwID0gZ2VuX2Z1
bmMoKTsKICNlbmRpZgo=
------=_Part_2337_10150044.1209579700750--