| Message ID | 20180112210613.14124-1-richard.henderson@linaro.org |
|---|---|
| Headers | show |
| Series | TCG queued patches | expand |
On 2018-01-12 13:06, Richard Henderson wrote: > This includes a fix for the tcg/arm bug exposed by the ppc64 code change > for comparisons. > > It also includes improvements to tcg/arm and tcg/ppc to allow for larger > CPUFooState structures, as exposed by expanding CPUARMState for 2048-bit > vector registers. > > Note that tcg/mips has the exact same problem. However, the mips isa > makes it more difficult to fix up. I'd like someone with hardware to > make this change. Ok, I'll try to have a look at that. -- Aurelien Jarno GPG: 4096R/1DDD8C9B aurelien@aurel32.net http://www.aurel32.net
On 12 January 2018 at 21:06, Richard Henderson <richard.henderson@linaro.org> wrote: > This includes a fix for the tcg/arm bug exposed by the ppc64 code change > for comparisons. > > It also includes improvements to tcg/arm and tcg/ppc to allow for larger > CPUFooState structures, as exposed by expanding CPUARMState for 2048-bit > vector registers. > ---------------------------------------------------------------- > Queued tcg patches > > ---------------------------------------------------------------- > Richard Henderson (4): > tcg/arm: Fix double-word comparisons > tcg/arm: Support tlb offsets larger than 64k > tcg/ppc: Support tlb offsets larger than 64k > tcg/ppc: Allow a 32-bit offset to the constant pool This seems to crash on arm32 hosts with a sparc64 guest: $ ./sparc64-softmmu/qemu-system-sparc64 -display none Segmentation fault Here's a backtrace: Thread 3 "qemu-system-spa" received signal SIGSEGV, Segmentation fault. [Switching to Thread 0xe8cb8e10 (LWP 25876)] 0x000325a0 in tcg_out32 (s=0xe8300470, v=<optimised out>) at /home/peter.maydell/qemu/tcg/tcg.c:193 193 *s->code_ptr++ = v; (gdb) bt #0 0x000325a0 in tcg_out32 (s=0xe8300470, v=<optimised out>) at /home/peter.maydell/qemu/tcg/tcg.c:193 #1 tcg_out_dat_imm (im=<optimised out>, rn=<optimised out>, rd=2, opc=8388608, cond=14, s=0xe8300470) at /home/peter.maydell/qemu/tcg/arm/tcg-target.inc.c:451 #2 tcg_out_tlb_read (s=s@entry=0xe8300470, addrlo=addrlo@entry=TCG_REG_R4, addrhi=addrhi@entry=TCG_REG_R5, opc=opc@entry=MO_8, mem_index=mem_index@entry=5, is_load=is_load@entry=true) at /home/peter.maydell/qemu/tcg/arm/tcg-target.inc.c:1320 #3 0x00033144 in tcg_out_qemu_ld (s=0xe8300470, args=<optimised out>, is64=<optimised out>) at /home/peter.maydell/qemu/tcg/arm/tcg-target.inc.c:1648 #4 0x00033b06 in tcg_out_op (s=s@entry=0xe8300470, opc=<optimised out>, args=args@entry=0xe8cb85fc, const_args=const_args@entry=0xe8cb863c) at /home/peter.maydell/qemu/tcg/arm/tcg-target.inc.c:2059 #5 0x000360b6 in tcg_reg_alloc_op (op=0xe83076b8, s=<optimised out>) at /home/peter.maydell/qemu/tcg/tcg.c:2893 #6 tcg_gen_code (s=<optimised out>, tb=tb@entry=0xe8e9d680 <code_gen_buffer+1636>) at /home/peter.maydell/qemu/tcg/tcg.c:3279 #7 0x000757b8 in tb_gen_code (cpu=cpu@entry=0xaf3ee8, pc=2198754869620, cs_base=cs_base@entry=2198754869624, flags=flags@entry=69, cflags=0) at /home/peter.maydell/qemu/accel/tcg/translate-all.c:1319 #8 0x000747fc in tb_find (cf_mask=<optimised out>, tb_exit=<optimised out>, last_tb=0x0, cpu=0xf000c178) at /home/peter.maydell/qemu/accel/tcg/cpu-exec.c:404 #9 cpu_exec (cpu=cpu@entry=0xaf3ee8) at /home/peter.maydell/qemu/accel/tcg/cpu-exec.c:731 #10 0x00052f60 in tcg_cpu_exec (cpu=0xaf3ee8) at /home/peter.maydell/qemu/cpus.c:1300 #11 qemu_tcg_rr_cpu_thread_fn (arg=<optimised out>) at /home/peter.maydell/qemu/cpus.c:1396 #12 0xec9235b4 in start_thread (arg=0x0) at pthread_create.c:335 #13 0xec8c4bec in ?? () at ../sysdeps/unix/sysv/linux/arm/clone.S:89 from /lib/arm-linux-gnueabihf/libc.so.6 Writing off the end of the codegen buffer? thanks -- PMM
This includes a fix for the tcg/arm bug exposed by the ppc64 code change for comparisons. It also includes improvements to tcg/arm and tcg/ppc to allow for larger CPUFooState structures, as exposed by expanding CPUARMState for 2048-bit vector registers. Note that tcg/mips has the exact same problem. However, the mips isa makes it more difficult to fix up. I'd like someone with hardware to make this change. r~ The following changes since commit 7398166ddf7c6dbbc9cae6ac69bb2feda14b40ac: Merge remote-tracking branch 'remotes/kraxel/tags/vnc-20180112-pull-request' into staging (2018-01-12 16:01:30 +0000) are available in the Git repository at: git://github.com/rth7680/qemu.git tags/pull-tcg-20180112 for you to fetch changes up to bb08c35b17b7245c696bd12e527453e624e77da3: tcg/ppc: Allow a 32-bit offset to the constant pool (2018-01-12 12:50:36 -0800) ---------------------------------------------------------------- Queued tcg patches ---------------------------------------------------------------- Richard Henderson (4): tcg/arm: Fix double-word comparisons tcg/arm: Support tlb offsets larger than 64k tcg/ppc: Support tlb offsets larger than 64k tcg/ppc: Allow a 32-bit offset to the constant pool tcg/arm/tcg-target.inc.c | 142 ++++++++++++++++++++++++++++++++--------------- tcg/ppc/tcg-target.inc.c | 84 ++++++++++++++++------------ 2 files changed, 144 insertions(+), 82 deletions(-)