qemu-devel
[Top][All Lists]
Advanced
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Qemu-devel] Crash due to invalid env->current_tb

From: Adam Lackorzynski
Subject: [Qemu-devel] Crash due to invalid env->current_tb
Date: Tue, 29 Apr 2008 13:56:14 +0200
User-agent: Mutt/1.5.13 (2006-08-11) 
Hi,

I've been experiencing crashes of latest svn Qemu, host ia32 and target
arm, host gcc is 'gcc version 3.4.6 (Debian 3.4.6-7)'.
The segfault happens because of an invalid env->current_tb which seems
to be caused by generated code. The following code in cpu_exec

   tc_ptr = tb->tc_ptr;
   env->current_tb = tb;
   gen_func = (void *)tc_ptr;
   T0 = gen_func();
   env->current_tb = NULL;

is being compiled to the following

   mov    0x14(%ecx),%eax
   mov    %ecx,0x56c(%ebp)
   xor    %edi,%edi
   call   *%eax
   mov    %edi,0x56c(%ebp)

After the call edi isn't 0 anymore and gets the bogus value. As edi is
callee saved the code itself seems ok.
When I add a barrier before "env->current_tb = NULL" the xor is placed
after the call and everything works fine. So might the problem be that
generated code isn't preserving edi/registers?



Adam
-- 
Adam                 address@hidden
  Lackorzynski         http://os.inf.tu-dresden.de/~adam/
reply via email to
[Prev in Thread] Current Thread [Next in Thread]