[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Qemu-devel] found one tcg `bug' (was: testing r4764 svn from 2008-06-20
|
From: |
Juergen Lock |
|
Subject: |
[Qemu-devel] found one tcg `bug' (was: testing r4764 svn from 2008-06-20 18:25:56 +0200 on FreeBSD) |
|
Date: |
Wed, 2 Jul 2008 22:04:48 +0200 |
|
User-agent: |
Mutt/1.5.17 (2007-11-01) |
On Sat, Jun 21, 2008 at 01:02:15AM +0200, Juergen Lock wrote:
> I've been playing with qemu svn again recently, preparing experimental
> FreeBSD ports (see
> http://docs.freebsd.org/cgi/mid.cgi?20080620211216.GA75382
> for the details), and want to note a few things:
>
> [...]
> - I found a tcg regression for x86_64 targets on i386 hosts that caused
> qemu-system-x86_64 to segfault like this:
>
> GNU gdb 6.1.1 [FreeBSD]
> Copyright 2004 Free Software Foundation, Inc.
> GDB is free software, covered by the GNU General Public License, and you are
> welcome to change it and/or distribute copies of it under certain conditions.
> Type "show copying" to see the conditions.
> There is absolutely no warranty for GDB. Type "show warranty" for details.
> This GDB was configured as "i386-marcel-freebsd"...
>
> warning: core file may not match specified executable file.
> Core was generated by `qemu-system-x86_64'.
> Program terminated with signal 11, Segmentation fault.
> Reading symbols from /lib/libm.so.4...done.
> Loaded symbols for /lib/libm.so.4
> Reading symbols from /lib/libz.so.3...done.
> Loaded symbols for /lib/libz.so.3
> Reading symbols from /usr/local/lib/libgnutls.so.26...done.
> Loaded symbols for /usr/local/lib/libgnutls.so.26
> Reading symbols from /lib/libutil.so.5...done.
> Loaded symbols for /lib/libutil.so.5
> Reading symbols from /usr/local/lib/libSDL-1.2.so.11...done.
> Loaded symbols for /usr/local/lib/libSDL-1.2.so.11
> Reading symbols from /lib/libncurses.so.6...done.
> Loaded symbols for /lib/libncurses.so.6
> Reading symbols from /lib/libpthread.so.2...done.
> Loaded symbols for /lib/libpthread.so.2
> Reading symbols from /lib/libc.so.6...done.
> Loaded symbols for /lib/libc.so.6
> Reading symbols from /usr/local/lib/libgcrypt.so.15...done.
> Loaded symbols for /usr/local/lib/libgcrypt.so.15
> Reading symbols from /usr/local/lib/libgpg-error.so.0...done.
> Loaded symbols for /usr/local/lib/libgpg-error.so.0
> Reading symbols from /usr/local/lib/libintl.so.8...done.
> Loaded symbols for /usr/local/lib/libintl.so.8
> Reading symbols from /usr/local/lib/libiconv.so.3...done.
> Loaded symbols for /usr/local/lib/libiconv.so.3
> Reading symbols from /usr/local/lib/libX11.so.6...done.
> Loaded symbols for /usr/local/lib/libX11.so.6
> Reading symbols from /usr/local/lib/libXext.so.6...done.
> Loaded symbols for /usr/local/lib/libXext.so.6
> Reading symbols from /usr/local/lib/libXrandr.so.2...done.
> Loaded symbols for /usr/local/lib/libXrandr.so.2
> Reading symbols from /usr/local/lib/libXrender.so.1...done.
> Loaded symbols for /usr/local/lib/libXrender.so.1
> Reading symbols from /usr/local/lib/libvga.so.1...done.
> Loaded symbols for /usr/local/lib/libvga.so.1
> Reading symbols from /usr/lib/libvgl.so.4...done.
> Loaded symbols for /usr/lib/libvgl.so.4
> Reading symbols from /usr/local/lib/libaa.so.1...done.
> Loaded symbols for /usr/local/lib/libaa.so.1
> Reading symbols from /usr/lib/libusbhid.so.2...done.
> Loaded symbols for /usr/lib/libusbhid.so.2
> Reading symbols from /usr/local/lib/libXau.so.6...done.
> Loaded symbols for /usr/local/lib/libXau.so.6
> Reading symbols from /usr/local/lib/libXdmcp.so.6...done.
> Loaded symbols for /usr/local/lib/libXdmcp.so.6
> Reading symbols from /usr/lib/librpcsvc.so.3...done.
> Loaded symbols for /usr/lib/librpcsvc.so.3
> Reading symbols from /usr/local/lib/libXcursor.so.1...done.
> Loaded symbols for /usr/local/lib/libXcursor.so.1
> Reading symbols from /usr/local/lib/libXfixes.so.3...done.
> Loaded symbols for /usr/local/lib/libXfixes.so.3
> Reading symbols from /libexec/ld-elf.so.1...done.
> Loaded symbols for /libexec/ld-elf.so.1
> #0 tcg_malloc_internal (s=0x83c32e0, size=1024)
> at
> /usr/ports/emulators/qemu-devel/work/qemu-snapshot-2008-06-20_19/tcg/tcg.c:172
> 172 if (!p->next) {
> [New LWP 100159]
> (gdb) bt
> #0 tcg_malloc_internal (s=0x83c32e0, size=1024)
> at
> /usr/ports/emulators/qemu-devel/work/qemu-snapshot-2008-06-20_19/tcg/tcg.c:172
> #1 0x0814d8c6 in tcg_liveness_analysis (s=0x83c32e0) at tcg.h:286
> #2 0x08150ac1 in dyngen_code (s=0x83c32e0, gen_code_buf=0x290d60a0 "")
> at
> /usr/ports/emulators/qemu-devel/work/qemu-snapshot-2008-06-20_19/tcg/tcg.c:1860
> #3 0x080d521c in cpu_x86_gen_code (env=0x1276e000, tb=0x11217398,
> gen_code_size_ptr=0xbfbfd6fc)
> at
> /usr/ports/emulators/qemu-devel/work/qemu-snapshot-2008-06-20_19/translate-all.c:121
> #4 0x080d5b90 in cpu_x86_exec (env1=0x1)
> at
> /usr/ports/emulators/qemu-devel/work/qemu-snapshot-2008-06-20_19/cpu-exec.c:141
> #5 0x08056056 in main (argc=0, argv=0x0)
> at
> /usr/ports/emulators/qemu-devel/work/qemu-snapshot-2008-06-20_19/vl.c:7233
> (gdb) p *p
> Cannot access memory at address 0x1b001b
> (gdb) p/x *s
> $1 = {pool_cur = 0x1b001e, pool_end = 0xc000b, pool_first = 0xc001a,
> pool_current = 0x1b001b, labels = 0x60006, nb_labels = 0x7000c,
> temps = 0xc000c, nb_globals = 0x140014, nb_temps = 0x26, first_free_temp = {
> 0x20, 0x2f, 0xffffffff, 0x27}, code_buf = 0x290d5990, tb_next = 0x0,
> tb_next_offset = 0x112173d4, tb_jmp_offset = 0x112173d8,
> op_dead_iargs = 0x1286e010, reg_to_temp = {0xffffffff, 0xffffffff,
> 0xffffffff, 0xffffffff, 0xffffffff, 0xffffffff, 0xffffffff, 0xffffffff},
> reserved_regs = 0x30, current_frame_offset = 0x9460, frame_start = 0x9460,
> frame_end = 0x9660, frame_reg = 0x5, code_ptr = 0x290d60a0, static_temps =
> {{
> base_type = 0x0, type = 0x0, val_type = 0x1, reg = 0x5, val = 0x0,
> mem_reg = 0x0, mem_offset = 0x0, fixed_reg = 0x1, mem_coherent = 0x0,
> mem_allocated = 0x0, temp_local = 0x0, temp_allocated = 0x0,
> next_free_temp = 0x0, name = 0x81938e3}, {base_type = 0x0, type = 0x0,
> val_type = 0x2, reg = 0x0, val = 0x1, mem_reg = 0x5, mem_offset = 0xa0,
> fixed_reg = 0x0, mem_coherent = 0x1, mem_allocated = 0x1,
> temp_local = 0x0, temp_allocated = 0x0, next_free_temp = 0x0,
> name = 0x8192e90}, {base_type = 0x1, type = 0x0, val_type = 0x2,
> reg = 0x7, val = 0x58, mem_reg = 0x5, mem_offset = 0x90,
> fixed_reg = 0x0, mem_coherent = 0x0, mem_allocated = 0x1,
> temp_local = 0x0, temp_allocated = 0x0, next_free_temp = 0x0,
> name = 0x126f8860}, {base_type = 0x1, type = 0x0, val_type = 0x2,
> reg = 0x1, val = 0x0, mem_reg = 0x5, mem_offset = 0x94, fixed_reg =
> 0x0,
> mem_coherent = 0x0, mem_allocated = 0x1, temp_local = 0x0,
> ---Type <return> to continue, or q <return> to quit---
> temp_allocated = 0x0, next_free_temp = 0x0, name = 0x126f8870}, {
> base_type = 0x1, type = 0x0, val_type = 0x2, reg = 0x6, val = 0x1,
> mem_reg = 0x5, mem_offset = 0x98, fixed_reg = 0x0, mem_coherent = 0x0,
> mem_allocated = 0x1, temp_local = 0x0, temp_allocated = 0x0,
> next_free_temp = 0x0, name = 0x126f8880}, {base_type = 0x1, type = 0x0,
> val_type = 0x2, reg = 0x7, val = 0x0, mem_reg = 0x5, mem_offset = 0x9c,
> fixed_reg = 0x0, mem_coherent = 0x0, mem_allocated = 0x1,
> temp_local = 0x0, temp_allocated = 0x0, next_free_temp = 0x0,
> name = 0x126f8890}, {base_type = 0x1, type = 0x0, val_type = 0x2,
> reg = 0x0, val = 0x0, mem_reg = 0x5, mem_offset = 0x370,
> fixed_reg = 0x0, mem_coherent = 0x0, mem_allocated = 0x1,
> temp_local = 0x0, temp_allocated = 0x0, next_free_temp = 0x0,
> name = 0x126f88a0}, {base_type = 0x1, type = 0x0, val_type = 0x2,
> reg = 0x0, val = 0x0, mem_reg = 0x5, mem_offset = 0x374,
> fixed_reg = 0x0, mem_coherent = 0x0, mem_allocated = 0x1,
> temp_local = 0x0, temp_allocated = 0x0, next_free_temp = 0x0,
> name = 0x126f88b0}, {base_type = 0x1, type = 0x0, val_type = 0x0,
> reg = 0x0, val = 0x804925af, mem_reg = 0x5, mem_offset = 0x9460,
> fixed_reg = 0x0, mem_coherent = 0x0, mem_allocated = 0x0,
> temp_local = 0x0, temp_allocated = 0x1, next_free_temp = 0x0,
> name = 0x0}, {base_type = 0x0, type = 0x0, val_type = 0x0, reg = 0x7,
> val = 0xffffffff, mem_reg = 0x5, mem_offset = 0x946c, fixed_reg = 0x0,
> mem_coherent = 0x0, mem_allocated = 0x0, temp_local = 0x0,
> ---Type <return> to continue, or q <return> to quit---
> temp_allocated = 0x1, next_free_temp = 0x0, name = 0x0}, {
> base_type = 0x1, type = 0x0, val_type = 0x0, reg = 0x0, val = 0x12,
> mem_reg = 0x5, mem_offset = 0x9460, fixed_reg = 0x0, mem_coherent =
> 0x0,
> mem_allocated = 0x0, temp_local = 0x0, temp_allocated = 0x1,
> next_free_temp = 0x0, name = 0x0}, {base_type = 0x0, type = 0x0,
> val_type = 0x0, reg = 0x1, val = 0x0, mem_reg = 0x5,
> mem_offset = 0x9464, fixed_reg = 0x0, mem_coherent = 0x0,
> mem_allocated = 0x0, temp_local = 0x0, temp_allocated = 0x1,
> next_free_temp = 0x0, name = 0x0}, {base_type = 0x1, type = 0x0,
> val_type = 0x0, reg = 0x3, val = 0x0, mem_reg = 0x5,
> mem_offset = 0x9460, fixed_reg = 0x0, mem_coherent = 0x0,
> mem_allocated = 0x0, temp_local = 0x0, temp_allocated = 0x1,
> next_free_temp = 0x0, name = 0x0}, {base_type = 0x0, type = 0x0,
> val_type = 0x0, reg = 0x0, val = 0x0, mem_reg = 0x5,
> mem_offset = 0x948c, fixed_reg = 0x0, mem_coherent = 0x0,
> mem_allocated = 0x0, temp_local = 0x0, temp_allocated = 0x1,
> next_free_temp = 0x0, name = 0x0}, {base_type = 0x1, type = 0x0,
> val_type = 0x0, reg = 0x0, val = 0x4, mem_reg = 0x5,
> mem_offset = 0x946c, fixed_reg = 0x0, mem_coherent = 0x0,
> mem_allocated = 0x0, temp_local = 0x0, temp_allocated = 0x1,
> next_free_temp = 0x0, name = 0x0}, {base_type = 0x0, type = 0x0,
> val_type = 0x0, reg = 0x2, val = 0x0, mem_reg = 0x5,
> mem_offset = 0x9470, fixed_reg = 0x0, mem_coherent = 0x0,
> ---Type <return> to continue, or q <return> to quit---
> mem_allocated = 0x0, temp_local = 0x0, temp_allocated = 0x1,
> next_free_temp = 0x0, name = 0x0}, {base_type = 0x1, type = 0x0,
> val_type = 0x0, reg = 0x0, val = 0x80492897, mem_reg = 0x5,
> mem_offset = 0x9470, fixed_reg = 0x0, mem_coherent = 0x0,
> mem_allocated = 0x1, temp_local = 0x0, temp_allocated = 0x1,
> next_free_temp = 0x0, name = 0x0}, {base_type = 0x0, type = 0x0,
> val_type = 0x0, reg = 0x0, val = 0xffffffff, mem_reg = 0x5,
> mem_offset = 0x9478, fixed_reg = 0x0, mem_coherent = 0x0,
> mem_allocated = 0x1, temp_local = 0x0, temp_allocated = 0x1,
> next_free_temp = 0x0, name = 0x0}, {base_type = 0x1, type = 0x0,
> val_type = 0x0, reg = 0x0, val = 0x0, mem_reg = 0x0, mem_offset = 0x0,
> fixed_reg = 0x0, mem_coherent = 0x0, mem_allocated = 0x0,
> temp_local = 0x0, temp_allocated = 0x1, next_free_temp = 0x0,
> name = 0x0}, {base_type = 0x0, type = 0x0, val_type = 0x0, reg = 0x0,
> val = 0x0, mem_reg = 0x0, mem_offset = 0x0, fixed_reg = 0x0,
> mem_coherent = 0x0, mem_allocated = 0x0, temp_local = 0x0,
> temp_allocated = 0x1, next_free_temp = 0x0, name = 0x0}, {
> base_type = 0x0, type = 0x0, val_type = 0x0, reg = 0x0, val = 0x1,
> mem_reg = 0x0, mem_offset = 0x0, fixed_reg = 0x0, mem_coherent = 0x0,
> mem_allocated = 0x0, temp_local = 0x0, temp_allocated = 0x1,
> next_free_temp = 0x0, name = 0x0}, {base_type = 0x0, type = 0x0,
> val_type = 0x0, reg = 0x1, val = 0x0, mem_reg = 0x0, mem_offset = 0x0,
> fixed_reg = 0x0, mem_coherent = 0x0, mem_allocated = 0x0,
> ---Type <return> to continue, or q <return> to quit---
> temp_local = 0x0, temp_allocated = 0x1, next_free_temp = 0x0,
> name = 0x0}, {base_type = 0x1, type = 0x0, val_type = 0x0, reg = 0x1,
> val = 0x0, mem_reg = 0x5, mem_offset = 0x947c, fixed_reg = 0x0,
> mem_coherent = 0x1, mem_allocated = 0x1, temp_local = 0x0,
> temp_allocated = 0x1, next_free_temp = 0x0, name = 0x0}, {
> base_type = 0x0, type = 0x0, val_type = 0x0, reg = 0x1, val = 0x0,
> mem_reg = 0x5, mem_offset = 0x9480, fixed_reg = 0x0, mem_coherent =
> 0x1,
> mem_allocated = 0x1, temp_local = 0x0, temp_allocated = 0x1,
> next_free_temp = 0x0, name = 0x0}, {base_type = 0x1, type = 0x0,
> val_type = 0x0, reg = 0x3, val = 0x0, mem_reg = 0x5,
> mem_offset = 0x9468, fixed_reg = 0x0, mem_coherent = 0x0,
> mem_allocated = 0x0, temp_local = 0x0, temp_allocated = 0x1,
> next_free_temp = 0x0, name = 0x0}, {base_type = 0x0, type = 0x0,
> val_type = 0x0, reg = 0x7, val = 0x0, mem_reg = 0x5,
> mem_offset = 0x9460, fixed_reg = 0x0, mem_coherent = 0x0,
> mem_allocated = 0x0, temp_local = 0x0, temp_allocated = 0x1,
> next_free_temp = 0x0, name = 0x0}, {base_type = 0x1, type = 0x0,
> val_type = 0x0, reg = 0x0, val = 0x0, mem_reg = 0x0, mem_offset = 0x0,
> fixed_reg = 0x0, mem_coherent = 0x0, mem_allocated = 0x0,
> temp_local = 0x0, temp_allocated = 0x1, next_free_temp = 0x0,
> name = 0x0}, {base_type = 0x0, type = 0x0, val_type = 0x0, reg = 0x0,
> val = 0x0, mem_reg = 0x0, mem_offset = 0x0, fixed_reg = 0x0,
> mem_coherent = 0x0, mem_allocated = 0x0, temp_local = 0x0,
> ---Type <return> to continue, or q <return> to quit---
> temp_allocated = 0x1, next_free_temp = 0x0, name = 0x0}, {
> base_type = 0x0, type = 0x0, val_type = 0x0, reg = 0x0, val = 0x0,
> mem_reg = 0x0, mem_offset = 0x0, fixed_reg = 0x0, mem_coherent = 0x0,
> mem_allocated = 0x0, temp_local = 0x0, temp_allocated = 0x1,
> next_free_temp = 0x0, name = 0x0}, {base_type = 0x0, type = 0x0,
> val_type = 0x0, reg = 0x0, val = 0x0, mem_reg = 0x0, mem_offset = 0x0,
> fixed_reg = 0x0, mem_coherent = 0x0, mem_allocated = 0x0,
> temp_local = 0x0, temp_allocated = 0x1, next_free_temp = 0x0,
> name = 0x0}, {base_type = 0x1, type = 0x0, val_type = 0x0, reg = 0x7,
> val = 0x1, mem_reg = 0x5, mem_offset = 0x9460, fixed_reg = 0x0,
> mem_coherent = 0x0, mem_allocated = 0x0, temp_local = 0x0,
> temp_allocated = 0x1, next_free_temp = 0xffffffff, name = 0x0}, {
> base_type = 0x0, type = 0x0, val_type = 0x2, reg = 0x3, val = 0x0,
> mem_reg = 0x5, mem_offset = 0x9460, fixed_reg = 0x0, mem_coherent =
> 0x0,
> mem_allocated = 0x1, temp_local = 0x0, temp_allocated = 0x1,
> next_free_temp = 0xffffffff, name = 0x0}, {base_type = 0x0, type = 0x0,
> val_type = 0x2, reg = 0x0, val = 0x0, mem_reg = 0x5,
> mem_offset = 0x9464, fixed_reg = 0x0, mem_coherent = 0x1,
> mem_allocated = 0x1, temp_local = 0x0, temp_allocated = 0x0,
> next_free_temp = 0x2b, name = 0x0}, {base_type = 0x1, type = 0x0,
> val_type = 0x2, reg = 0x2, val = 0x12, mem_reg = 0x5,
> mem_offset = 0x9468, fixed_reg = 0x0, mem_coherent = 0x1,
> mem_allocated = 0x1, temp_local = 0x1, temp_allocated = 0x0,
> ---Type <return> to continue, or q <return> to quit---
> next_free_temp = 0xffffffff, name = 0x0}, {base_type = 0x0, type = 0x0,
> val_type = 0x2, reg = 0x1, val = 0x0, mem_reg = 0x5,
> mem_offset = 0x946c, fixed_reg = 0x0, mem_coherent = 0x1,
> mem_allocated = 0x1, temp_local = 0x1, temp_allocated = 0x1,
> next_free_temp = 0x24, name = 0x0}, {base_type = 0x1, type = 0x0,
> val_type = 0x2, reg = 0x2, val = 0x17, mem_reg = 0x5,
> mem_offset = 0x9474, fixed_reg = 0x0, mem_coherent = 0x1,
> mem_allocated = 0x1, temp_local = 0x1, temp_allocated = 0x0,
> next_free_temp = 0x21, name = 0x0}, {base_type = 0x0, type = 0x0,
> val_type = 0x2, reg = 0x6, val = 0x0, mem_reg = 0x5,
> mem_offset = 0x9484, fixed_reg = 0x0, mem_coherent = 0x1,
> mem_allocated = 0x1, temp_local = 0x1, temp_allocated = 0x1,
> next_free_temp = 0x26, name = 0x0}, {base_type = 0x1, type = 0x0,
> val_type = 0x2, reg = 0x3, val = 0x0, mem_reg = 0x5,
> mem_offset = 0x9488, fixed_reg = 0x0, mem_coherent = 0x0,
> mem_allocated = 0x1, temp_local = 0x1, temp_allocated = 0x0,
> next_free_temp = 0x23, name = 0x0}, {base_type = 0x0, type = 0x0,
> val_type = 0x2, reg = 0x0, val = 0x0, mem_reg = 0x5,
> mem_offset = 0x948c, fixed_reg = 0x0, mem_coherent = 0x1,
> mem_allocated = 0x1, temp_local = 0x1, temp_allocated = 0x1,
> next_free_temp = 0xffffffff, name = 0x0}, {base_type = 0x1, type = 0x0,
> val_type = 0x0, reg = 0x1, val = 0x20, mem_reg = 0x5,
> mem_offset = 0x948c, fixed_reg = 0x0, mem_coherent = 0x0,
> ---Type <return> to continue, or q <return> to quit---
> mem_allocated = 0x0, temp_local = 0x1, temp_allocated = 0x0,
> next_free_temp = 0x25, name = 0x0}, {base_type = 0x0, type = 0x0,
> val_type = 0x0, reg = 0x3, val = 0x0, mem_reg = 0x5,
> mem_offset = 0x948c, fixed_reg = 0x0, mem_coherent = 0x0,
> mem_allocated = 0x0, temp_local = 0x1, temp_allocated = 0x1,
> next_free_temp = 0x2b, name = 0x0}, {base_type = 0x1, type = 0x0,
> val_type = 0x0, reg = 0x1, val = 0x20, mem_reg = 0x5,
> mem_offset = 0x9468, fixed_reg = 0x0, mem_coherent = 0x0,
> mem_allocated = 0x0, temp_local = 0x0, temp_allocated = 0x1,
> next_free_temp = 0xffffffff, name = 0x0}, {base_type = 0x0, type = 0x0,
> val_type = 0x0, reg = 0x3, val = 0x0, mem_reg = 0x5,
> mem_offset = 0x9480, fixed_reg = 0x0, mem_coherent = 0x0,
> mem_allocated = 0x0, temp_local = 0x0, temp_allocated = 0x1,
> next_free_temp = 0x0, name = 0x0}, {base_type = 0x0, type = 0x0,
> val_type = 0x0, reg = 0x0, val = 0x800, mem_reg = 0x0, mem_offset =
> 0x0,
> fixed_reg = 0x0, mem_coherent = 0x0, mem_allocated = 0x0,
> temp_local = 0x0, temp_allocated = 0x0, next_free_temp = 0x2c,
> name = 0x0}, {base_type = 0x0, type = 0x0, val_type = 0x0, reg = 0x3,
> val = 0x1f, mem_reg = 0x0, mem_offset = 0x0, fixed_reg = 0x0,
> mem_coherent = 0x0, mem_allocated = 0x0, temp_local = 0x0,
> temp_allocated = 0x0, next_free_temp = 0xffffffff, name = 0x0}, {
> base_type = 0x1, type = 0x0, val_type = 0x0, reg = 0x1, val = 0x20,
> mem_reg = 0x0, mem_offset = 0x0, fixed_reg = 0x0, mem_coherent = 0x0,
> ---Type <return> to continue, or q <return> to quit---
> mem_allocated = 0x0, temp_local = 0x0, temp_allocated = 0x1,
> next_free_temp = 0xffffffff, name = 0x0}, {base_type = 0x0, type = 0x0,
> val_type = 0x0, reg = 0x3, val = 0x0, mem_reg = 0x0, mem_offset = 0x0,
> fixed_reg = 0x0, mem_coherent = 0x0, mem_allocated = 0x0,
> temp_local = 0x0, temp_allocated = 0x1, next_free_temp = 0x0,
> name = 0x0}, {base_type = 0x1, type = 0x0, val_type = 0x0, reg = 0x0,
> val = 0x0, mem_reg = 0x0, mem_offset = 0x0, fixed_reg = 0x0,
> mem_coherent = 0x0, mem_allocated = 0x0, temp_local = 0x0,
> temp_allocated = 0x0, next_free_temp = 0xffffffff, name = 0x0}, {
> base_type = 0x0, type = 0x0, val_type = 0x0, reg = 0x0, val = 0x0,
> mem_reg = 0x0, mem_offset = 0x0, fixed_reg = 0x0, mem_coherent = 0x0,
> mem_allocated = 0x0, temp_local = 0x0, temp_allocated = 0x1,
> next_free_temp = 0x0, name = 0x0}, {base_type = 0x0, type = 0x0,
> val_type = 0x0, reg = 0x0, val = 0x0, mem_reg = 0x0, mem_offset = 0x0,
> fixed_reg = 0x0, mem_coherent = 0x0, mem_allocated = 0x0,
> temp_local = 0x0, temp_allocated = 0x0, next_free_temp = 0x0,
> name = 0x0} <repeats 463 times>}, helpers = 0x126fa000,
> nb_helpers = 0x1b4, allocated_helpers = 0x200, helpers_sorted = 0x0}
> (gdb) q
>
> (Memory corruption, right?) I've put the end of a in_asm,out_asm log up at
> http://people.freebsd.org/~nox/qemu/tcgbug-i386host.log.txt
> (its long.) That function is MD5Transform() in:
> http://www.freebsd.org/cgi/cvsweb.cgi/src/sys/kern/md5c.c?annotate=1.27
> in the FreeBSD 7.0 amd64 kernel on
>
> ftp://ftp.freebsd.org/pub/FreeBSD/ISO-IMAGES-amd64/7.0/7.0-RELEASE-amd64-livefs.iso
> (the bootonly most likely will fail in the same way:
>
> ftp://ftp.freebsd.org/pub/FreeBSD/ISO-IMAGES-amd64/7.0/7.0-RELEASE-amd64-bootonly.iso
> , you can go to
> http://mirrorlist.freebsd.org/
> to find a mirror near you, search for ISOs.)
Well, I finally got around looking at this again, and found the cause
wasn't exactly a bug, just a too low constant:
Index: qemu/exec-all.h
@@ -30,7 +30,7 @@
struct TranslationBlock;
/* XXX: make safe guess about sizes */
-#define MAX_OP_PER_INSTR 64
+#define MAX_OP_PER_INSTR 128
/* A Call op needs up to 6 + 2N parameters (N = number of arguments). */
#define MAX_OPC_PARAM 10
#define OPC_BUF_SIZE 512
With this I can at least boot into fixit and run find /dist (I didn't
test an actual install.)
Juergen
- [Qemu-devel] found one tcg `bug' (was: testing r4764 svn from 2008-06-20 18:25:56 +0200 on FreeBSD),
Juergen Lock <=