Re: [Qemu-devel] QEMU release 0.5.0

qemu-devel

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Qemu-devel] QEMU release 0.5.0

From:	Falk Hueffner
Subject:	Re: [Qemu-devel] QEMU release 0.5.0
Date:	30 Oct 2003 01:15:44 +0100
User-agent:	Gnus/5.0808 (Gnus v5.8.8) XEmacs/21.5 (cabbage)

Hi,

I tried 0.5.0 on Alpha, and besides the "empty code for op_noop", it
seems to basically work; however, I still get segfaults for nontrivial
programs, e. g. for the Mathematica test case, or test-i386:

[...]
lsll: Z=0 12345678
func1() = 0x00000001
func2() = 0x00005678 spdec=2
func3() = 0x00000025
Hello VM86 world
qemu: uncaught target signal 11 (Segmentation fault) - exiting

For this, the tail of the log says:

----------------
IN: 
0x00001107:  xorw   %ax,%ax
0x00001109:  movw   %ax,%es
0x0000110b:  movw   $0x153,%es:0x240
0x00001112:  movw   %cs,%es:0x242
0x00001117:  int    $0x90

OP:
0x0000: movl_T0_0
0x0001: movw_EAX_T0
0x0002: update1_cc
0x0003: movl_T0_EAX
0x0004: movl_seg_T0_vm 0xa0
0x0005: movl_A0_im 0x240
0x0006: addl_A0_seg 0xa8
0x0007: movl_T0_im 0x153
0x0008: stw_raw_T0_A0
0x0009: movl_T0_seg 0x1
0x000a: movl_A0_im 0x242
0x000b: addl_A0_seg 0xa8
0x000c: stw_raw_T0_A0
0x000d: set_cc_op 0x10
0x000e: jmp_im 0x117
0x000f: raise_exception 0xd
0x0010: end

AFTER FLAGS OPT:
0x0000: movl_T0_0
0x0001: movw_EAX_T0
0x0002: update1_cc
0x0003: movl_T0_EAX
0x0004: movl_seg_T0_vm 0xa0
0x0005: movl_A0_im 0x240
0x0006: addl_A0_seg 0xa8
0x0007: movl_T0_im 0x153
0x0008: stw_raw_T0_A0
0x0009: movl_T0_seg 0x1
0x000a: movl_A0_im 0x242
0x000b: addl_A0_seg 0xa8
0x000c: stw_raw_T0_A0
0x000d: set_cc_op 0x10
0x000e: jmp_im 0x117
0x000f: raise_exception 0xd
0x0010: end

RESTORE:
0x0000: 0x00001107
0x0003: 0x00001109
0x0005: 0x0000110b
spc=0x605b2800 j=0x5 eip=0x10b cs_base=1000

Not having a clue about i386, I can't tell whether that looks OK...
for Mathematica, the tail is:

----------------
IN: 
0x080ec220:  pushl  %esi
0x080ec221:  pushl  %ebx
0x080ec222:  movl   0xc(%esp,1),%esi
0x080ec226:  cmpl   $0xf,%esi
0x080ec229:  jg     0x80ec240

OP:
0x0000: movl_T0_ESI
0x0001: pushl_T0
0x0002: movl_T0_EBX
0x0003: pushl_T0
0x0004: movl_A0_ESP
0x0005: addl_A0_im 0xc
0x0006: ldl_raw_T0_A0
0x0007: movl_ESI_T0
0x0008: movl_T1_im 0xf
0x0009: movl_T0_ESI
0x000a: cmpl_T0_T1_cc
0x000b: set_cc_op 0xb
0x000c: jle_subl 0x601f27f0 0x80ec22b 0x80ec240
0x000d: end

AFTER FLAGS OPT:
0x0000: movl_T0_ESI
0x0001: pushl_T0
0x0002: movl_T0_EBX
0x0003: pushl_T0
0x0004: movl_A0_ESP
0x0005: addl_A0_im 0xc
0x0006: ldl_raw_T0_A0
0x0007: movl_ESI_T0
0x0008: movl_T1_im 0xf
0x0009: movl_T0_ESI
0x000a: cmpl_T0_T1_cc
0x000b: set_cc_op 0xb
0x000c: jle_subl 0x601f27f0 0x80ec22b 0x80ec240
0x000d: end

RESTORE:
0x0000: 0x080ec220
0x0002: 0x080ec221
spc=0x604f59b4 j=0x2 eip=0x80ec221 cs_base=0

So it is probably a problem with RESTORE (whatever that may be),
anybody has some tips before I try to look into this myself?

-- 
        Falk

[Prev in Thread]

Current Thread

[Next in Thread]

[Qemu-devel] QEMU release 0.5.0, Fabrice Bellard, 2003/10/27
- Re: [Qemu-devel] QEMU release 0.5.0, Falk Hueffner <=

Prev by Date: Re: [Qemu-devel] Roadmap for adding non-x86 system mode emulation support?
Next by Date: [Qemu-devel] qemu/target-i386 translate.c
Previous by thread: [Qemu-devel] QEMU release 0.5.0
Next by thread: [Qemu-devel] Math/FP problems in 0.5.0?
Index(es):
- Date
- Thread