From patchwork Fri Mar 22 22:11:01 2013 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Aurelien Jarno X-Patchwork-Id: 230280 Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@bilbo.ozlabs.org Received: from lists.gnu.org (lists.gnu.org [208.118.235.17]) (using TLSv1 with cipher AES256-SHA (256/256 bits)) (Client did not present a certificate) by ozlabs.org (Postfix) with ESMTPS id 987862C00D3 for ; Sat, 23 Mar 2013 09:11:27 +1100 (EST) Received: from localhost ([::1]:50977 helo=lists.gnu.org) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1UJABJ-0007a3-P2 for incoming@patchwork.ozlabs.org; Fri, 22 Mar 2013 18:11:25 -0400 Received: from eggs.gnu.org ([208.118.235.92]:40676) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1UJAB2-0007Zl-2e for qemu-devel@nongnu.org; Fri, 22 Mar 2013 18:11:09 -0400 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1UJAB0-0007ro-GG for qemu-devel@nongnu.org; Fri, 22 Mar 2013 18:11:08 -0400 Received: from hall.aurel32.net ([2001:470:1f15:c4f::1]:57086) by eggs.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1UJAB0-0007rb-64; Fri, 22 Mar 2013 18:11:06 -0400 Received: from [2001:470:d4ed:0:ea11:32ff:fea1:831a] (helo=ohm.aurel32.net) by hall.aurel32.net with esmtpsa (TLS1.0:DHE_RSA_AES_128_CBC_SHA1:16) (Exim 4.72) (envelope-from ) id 1UJAAw-0003Lp-SK; Fri, 22 Mar 2013 23:11:02 +0100 Received: from aurel32 by ohm.aurel32.net with local (Exim 4.80) (envelope-from ) id 1UJAAv-0003Cc-K2; Fri, 22 Mar 2013 23:11:01 +0100 Date: Fri, 22 Mar 2013 23:11:01 +0100 From: Aurelien Jarno To: Yeongkyoon Lee Message-ID: <20130322221101.GB4268@ohm.aurel32.net> References: <1363956617-28771-1-git-send-email-yeongkyoon.lee@samsung.com> MIME-Version: 1.0 Content-Disposition: inline In-Reply-To: <1363956617-28771-1-git-send-email-yeongkyoon.lee@samsung.com> X-Mailer: Mutt 1.5.21 (2010-09-15) User-Agent: Mutt/1.5.21 (2010-09-15) X-detected-operating-system: by eggs.gnu.org: Error: Malformed IPv6 address (bad octet value). X-Received-From: 2001:470:1f15:c4f::1 Cc: blauwirbel@gmail.com, sw@weilnetz.de, rth@twiddle.net, qemu-devel@nongnu.org, qemu-stable@nongnu.org Subject: Re: [Qemu-devel] [Qemu-stable][PATCH v3] tcg: Fix occasional TCG broken problem when ldst optimization enabled X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.14 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: qemu-devel-bounces+incoming=patchwork.ozlabs.org@nongnu.org Sender: qemu-devel-bounces+incoming=patchwork.ozlabs.org@nongnu.org On Fri, Mar 22, 2013 at 09:50:17PM +0900, Yeongkyoon Lee wrote: > is_tcg_gen_code() checks the upper limit of TCG generated code range wrong, so > that TCG could get broken occasionally only when CONFIG_QEMU_LDST_OPTIMIZATION > enabled. The reason is code_gen_buffer_max_size does not cover the upper range > up to (TCG_MAX_OP_SIZE * OPC_BUF_SIZE), thus code_gen_buffer_max_size should be > modified to code_gen_buffer_size. > > CC: qemu-stable@nongnu.org > Signed-off-by: Yeongkyoon Lee > --- > > Here's the promised patch with Aurelien Jarno for TCG broken problem, which > is supposed to be applied to 1.3.x and 1.4.x releases as well as master. > Thanks to Aurelien Jarno and Stefan Weil. > > v2: Fix source comment > v3: Inline qemu-stable@nongnu.org to commit message > > translate-all.c | 4 ++-- > 1 file changed, 2 insertions(+), 2 deletions(-) > > diff --git a/translate-all.c b/translate-all.c > index 1f3237e..72bea9b 100644 > --- a/translate-all.c > +++ b/translate-all.c > @@ -1308,11 +1308,11 @@ static void tb_link_page(TranslationBlock *tb, tb_page_addr_t phys_pc, > /* check whether the given addr is in TCG generated code buffer or not */ > bool is_tcg_gen_code(uintptr_t tc_ptr) > { > - /* This can be called during code generation, code_gen_buffer_max_size > + /* This can be called during code generation, code_gen_buffer_size > is used instead of code_gen_ptr for upper boundary checking */ > return (tc_ptr >= (uintptr_t)tcg_ctx.code_gen_buffer && > tc_ptr < (uintptr_t)(tcg_ctx.code_gen_buffer + > - tcg_ctx.code_gen_buffer_max_size)); > + tcg_ctx.code_gen_buffer_size)); > } > #endif > Thanks, applied. For the stable branch, please fine the corresponding patch below. From 931ff5988ecd23e2976d20fc6116d2e42ebf6154 Mon Sep 17 00:00:00 2001 From: Yeongkyoon Lee Date: Fri, 22 Mar 2013 21:50:17 +0900 Subject: [PATCH] tcg: Fix occasional TCG broken problem when ldst optimization enabled is_tcg_gen_code() checks the upper limit of TCG generated code range wrong, so that TCG could get broken occasionally only when CONFIG_QEMU_LDST_OPTIMIZATION enabled. The reason is code_gen_buffer_max_size does not cover the upper range up to (TCG_MAX_OP_SIZE * OPC_BUF_SIZE), thus code_gen_buffer_max_size should be modified to code_gen_buffer_size. CC: qemu-stable@nongnu.org Signed-off-by: Yeongkyoon Lee Reviewed-by: Peter Maydell Signed-off-by: Aurelien Jarno (cherry picked from commit 52ae646d4a3ebdcdcc973492c6a56f2c49b6578f) Conflicts: translate-all.c Signed-off-by: Aurelien Jarno --- translate-all.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/translate-all.c b/translate-all.c index d367fc4..bf1db09 100644 --- a/translate-all.c +++ b/translate-all.c @@ -1310,10 +1310,10 @@ static void tb_link_page(TranslationBlock *tb, tb_page_addr_t phys_pc, /* check whether the given addr is in TCG generated code buffer or not */ bool is_tcg_gen_code(uintptr_t tc_ptr) { - /* This can be called during code generation, code_gen_buffer_max_size + /* This can be called during code generation, code_gen_buffer_size is used instead of code_gen_ptr for upper boundary checking */ return (tc_ptr >= (uintptr_t)code_gen_buffer && - tc_ptr < (uintptr_t)(code_gen_buffer + code_gen_buffer_max_size)); + tc_ptr < (uintptr_t)(code_gen_buffer + code_gen_buffer_size)); } #endif