Re: [Qemu-devel] [Bug 1310324] [NEW] Commit 0f842f8a introduces regression when using tcg-interpreter

[Richard Henderson]

On 04/21/2014 06:14 AM, Stefan Weil wrote:
> That commit changed the use of the GETPC macro. I just tried to debug
> the tci.c code and noticed that cputlb.c no longer works as expected:

Ouch, yes, I see that.

> This is not specific for the TCG interpreter, but I don't know how the
> normal TCG is affected.

I believe that normal TCG is not affected, because the value returned for the
return address is outside the code_buffer, so tb_find_pc returns NULL, so
cpu_restore_state does nothing.  Whereas the interpreter continues to produce
the address of the last opcode executed.

To solve this, I believe you need to clear tci_tb_ptr on all exits from the
interpreter loop.  That is, both on normal exit (return from tcg_qemu_tb_exec)
as well as exceptional exit (longjmp landing in cpu_exec; see the Reload env
after longjmp section).

Only setting tci_tb_ptr at the places it's needed, calls and qemu_ld/st calls,
is a good optimization of memory traffic, but is unrelated to this bug.

> I also noticed that other code like target-i386/seg_helper.c which
> includes exec/softmmu_template.h also results in undefined usage of the
> GETRA macro.

Huh?  That's the normal backend expansion of its load/store helpers.



r~