From patchwork Tue Jan 26 13:16:46 2010 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: "Edgar E. Iglesias" X-Patchwork-Id: 43696 Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@bilbo.ozlabs.org Received: from lists.gnu.org (lists.gnu.org [199.232.76.165]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (Client did not present a certificate) by ozlabs.org (Postfix) with ESMTPS id 82062B7C33 for ; Wed, 27 Jan 2010 00:41:55 +1100 (EST) Received: from localhost ([127.0.0.1]:56827 helo=lists.gnu.org) by lists.gnu.org with esmtp (Exim 4.43) id 1NZlfe-0003c2-5i for incoming@patchwork.ozlabs.org; Tue, 26 Jan 2010 08:41:30 -0500 Received: from mailman by lists.gnu.org with tmda-scanned (Exim 4.43) id 1NZlKS-0002kN-CP for qemu-devel@nongnu.org; Tue, 26 Jan 2010 08:19:36 -0500 Received: from exim by lists.gnu.org with spam-scanned (Exim 4.43) id 1NZlKN-0002hr-ME for qemu-devel@nongnu.org; Tue, 26 Jan 2010 08:19:35 -0500 Received: from [199.232.76.173] (port=47094 helo=monty-python.gnu.org) by lists.gnu.org with esmtp (Exim 4.43) id 1NZlKN-0002hk-Hl for qemu-devel@nongnu.org; Tue, 26 Jan 2010 08:19:31 -0500 Received: from miranda.se.axis.com ([193.13.178.8]:41623) by monty-python.gnu.org with esmtps (TLS-1.0:DHE_RSA_AES_256_CBC_SHA1:32) (Exim 4.60) (envelope-from ) id 1NZlKN-0000nt-3B for qemu-devel@nongnu.org; Tue, 26 Jan 2010 08:19:31 -0500 Received: from edde (edgar.se.axis.com [10.93.151.1]) by miranda.se.axis.com (8.13.4/8.13.4/Debian-3sarge3) with SMTP id o0QDJPro020779 for ; Tue, 26 Jan 2010 14:19:25 +0100 Received: by edde (sSMTP sendmail emulation); Tue, 26 Jan 2010 14:16:46 +0100 Date: Tue, 26 Jan 2010 14:16:46 +0100 From: "Edgar E. Iglesias" To: qemu-devel@nongnu.org Message-ID: <20100126131646.GA27171@edde.se.axis.com> MIME-Version: 1.0 Content-Disposition: inline User-Agent: Mutt/1.5.20 (2009-06-14) X-detected-operating-system: by monty-python.gnu.org: GNU/Linux 2.6 (newer, 3) Subject: [Qemu-devel] icount and unaligned IO accesses X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: qemu-devel.nongnu.org List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Sender: qemu-devel-bounces+incoming=patchwork.ozlabs.org@nongnu.org Errors-To: qemu-devel-bounces+incoming=patchwork.ozlabs.org@nongnu.org Hi, While emulating a small MMU-less CRIS system I ran into an -icount related problem. Without icount the emulation runs fine, with icount I get stuff like: qemu: fatal: cpu_io_recompile: could not find TB for pc=0x4be7fd IIUC, there is a recursion bug in the slow_ldx() calls that ends up clobbering retaddr. Later if the TB is aborted on the IO access, the code to map retaddr into guest PC fails to even find a TB because retaddr wrongly points to slow_ldx(). It seems to me like we simply shouldn't be touching retaddr in slow_ldx(). The following patch fixes the problem for me. slow_st() was AFAICS already OK. Comments? Cheers commit a4a31d3039e82b7550933e3d8e1f4c6e9a7f8529 Author: Edgar E. Iglesias Date: Tue Jan 26 13:55:55 2010 +0100 softmmu: Dont clobber retaddr in slow_ldx(). When splitting up unaligned IO accesses, ld calls slow_ld which was clobbering retaddr. AFAIK the problem only shows up when running emulations with -icount that may abort TB execution on IO accesses. Signed-off-by: Edgar E. Iglesias diff --git a/softmmu_template.h b/softmmu_template.h index abf18d2..9185c32 100644 --- a/softmmu_template.h +++ b/softmmu_template.h @@ -161,7 +161,6 @@ static DATA_TYPE glue(glue(slow_ld, SUFFIX), MMUSUFFIX)(target_ulong addr, /* IO access */ if ((addr & (DATA_SIZE - 1)) != 0) goto do_unaligned_access; - retaddr = GETPC(); addend = env->iotlb[mmu_idx][index]; res = glue(io_read, SUFFIX)(addend, addr, retaddr); } else if (((addr & ~TARGET_PAGE_MASK) + DATA_SIZE - 1) >= TARGET_PAGE_SIZE) {