* [Qemu-devel] [PATCH 0/2] target/sh4: add missing tcg_temp_free()
@ 2017-12-05 17:00 Philippe Mathieu-Daudé
2017-12-05 17:00 ` [Qemu-devel] [PATCH 1/2] target/sh4: add missing tcg_temp_free() in gen_conditional_jump() Philippe Mathieu-Daudé
` (2 more replies)
0 siblings, 3 replies; 6+ messages in thread
From: Philippe Mathieu-Daudé @ 2017-12-05 17:00 UTC (permalink / raw)
To: Alex Bennée, Aurelien Jarno
Cc: Philippe Mathieu-Daudé,
qemu-devel, Richard Henderson, Vladimir Prus, Edgar E . Iglesias
Hi,
After reading Alex commenting on IRC "java --version failing on sh4" I remember
this series staged for 2.12.
This might help for:
root@6e10336e48ac:/etc/apt# java --version
qemu-sh4: /home/alex/lsrc/qemu/qemu.git/tcg/tcg.h:703: temp_idx: Assertion `n >= 0 && n < tcg_ctx->nb_temps' failed.
qemu: uncaught target signal 11 (Segmentation fault) - core dumped
Regards,
Philippe.
Philippe Mathieu-Daudé (2):
target/sh4: add missing tcg_temp_free() in gen_conditional_jump()
target/sh4: add missing tcg_temp_free() in _decode_opc()
target/sh4/translate.c | 7 ++++++-
1 file changed, 6 insertions(+), 1 deletion(-)
--
2.15.1
^ permalink raw reply [flat|nested] 6+ messages in thread
* [Qemu-devel] [PATCH 1/2] target/sh4: add missing tcg_temp_free() in gen_conditional_jump()
2017-12-05 17:00 [Qemu-devel] [PATCH 0/2] target/sh4: add missing tcg_temp_free() Philippe Mathieu-Daudé
@ 2017-12-05 17:00 ` Philippe Mathieu-Daudé
2017-12-06 21:59 ` Aurelien Jarno
2017-12-05 17:00 ` [Qemu-devel] [PATCH 2/2] target/sh4: add missing tcg_temp_free() in _decode_opc() Philippe Mathieu-Daudé
2017-12-05 20:35 ` [Qemu-devel] [PATCH 0/2] target/sh4: add missing tcg_temp_free() Alex Bennée
2 siblings, 1 reply; 6+ messages in thread
From: Philippe Mathieu-Daudé @ 2017-12-05 17:00 UTC (permalink / raw)
To: Alex Bennée, Aurelien Jarno
Cc: Philippe Mathieu-Daudé,
qemu-devel, Richard Henderson, Vladimir Prus, Edgar E . Iglesias
missed in c55497ecb8c.
Signed-off-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
---
target/sh4/translate.c | 5 ++++-
1 file changed, 4 insertions(+), 1 deletion(-)
diff --git a/target/sh4/translate.c b/target/sh4/translate.c
index 703020fe87..5aeaabdd8d 100644
--- a/target/sh4/translate.c
+++ b/target/sh4/translate.c
@@ -322,13 +322,16 @@ static void gen_delayed_conditional_jump(DisasContext * ctx)
gen_jump(ctx);
gen_set_label(l1);
- return;
+ goto done;
}
tcg_gen_brcondi_i32(TCG_COND_NE, ds, 0, l1);
gen_goto_tb(ctx, 1, ctx->pc + 2);
gen_set_label(l1);
gen_jump(ctx);
+
+done:
+ tcg_temp_free(ds);
}
static inline void gen_load_fpr64(DisasContext *ctx, TCGv_i64 t, int reg)
--
2.15.1
^ permalink raw reply related [flat|nested] 6+ messages in thread
* [Qemu-devel] [PATCH 2/2] target/sh4: add missing tcg_temp_free() in _decode_opc()
2017-12-05 17:00 [Qemu-devel] [PATCH 0/2] target/sh4: add missing tcg_temp_free() Philippe Mathieu-Daudé
2017-12-05 17:00 ` [Qemu-devel] [PATCH 1/2] target/sh4: add missing tcg_temp_free() in gen_conditional_jump() Philippe Mathieu-Daudé
@ 2017-12-05 17:00 ` Philippe Mathieu-Daudé
2017-12-06 21:59 ` Aurelien Jarno
2017-12-05 20:35 ` [Qemu-devel] [PATCH 0/2] target/sh4: add missing tcg_temp_free() Alex Bennée
2 siblings, 1 reply; 6+ messages in thread
From: Philippe Mathieu-Daudé @ 2017-12-05 17:00 UTC (permalink / raw)
To: Alex Bennée, Aurelien Jarno
Cc: Philippe Mathieu-Daudé,
qemu-devel, Richard Henderson, Vladimir Prus, Edgar E . Iglesias
missed in c55497ecb8c and 852d481faf7.
Signed-off-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
---
target/sh4/translate.c | 2 ++
1 file changed, 2 insertions(+)
diff --git a/target/sh4/translate.c b/target/sh4/translate.c
index 5aeaabdd8d..62d01227fc 100644
--- a/target/sh4/translate.c
+++ b/target/sh4/translate.c
@@ -604,6 +604,7 @@ static void _decode_opc(DisasContext * ctx)
tcg_gen_subi_i32(addr, REG(B11_8), 4);
tcg_gen_qemu_st_i32(REG(B7_4), addr, ctx->memidx, MO_TEUL);
tcg_gen_mov_i32(REG(B11_8), addr);
+ tcg_temp_free(addr);
}
return;
case 0x6004: /* mov.b @Rm+,Rn */
@@ -1527,6 +1528,7 @@ static void _decode_opc(DisasContext * ctx)
tcg_gen_qemu_ld_i32(val, REG(B11_8), ctx->memidx, MO_TEUL);
gen_helper_movcal(cpu_env, REG(B11_8), val);
tcg_gen_qemu_st_i32(REG(0), REG(B11_8), ctx->memidx, MO_TEUL);
+ tcg_temp_free(val);
}
ctx->has_movcal = 1;
return;
--
2.15.1
^ permalink raw reply related [flat|nested] 6+ messages in thread
* Re: [Qemu-devel] [PATCH 0/2] target/sh4: add missing tcg_temp_free()
2017-12-05 17:00 [Qemu-devel] [PATCH 0/2] target/sh4: add missing tcg_temp_free() Philippe Mathieu-Daudé
2017-12-05 17:00 ` [Qemu-devel] [PATCH 1/2] target/sh4: add missing tcg_temp_free() in gen_conditional_jump() Philippe Mathieu-Daudé
2017-12-05 17:00 ` [Qemu-devel] [PATCH 2/2] target/sh4: add missing tcg_temp_free() in _decode_opc() Philippe Mathieu-Daudé
@ 2017-12-05 20:35 ` Alex Bennée
2 siblings, 0 replies; 6+ messages in thread
From: Alex Bennée @ 2017-12-05 20:35 UTC (permalink / raw)
To: Philippe Mathieu-Daudé
Cc: Aurelien Jarno, qemu-devel, Richard Henderson, Vladimir Prus,
Edgar E . Iglesias
Philippe Mathieu-Daudé <f4bug@amsat.org> writes:
> Hi,
>
> After reading Alex commenting on IRC "java --version failing on sh4" I remember
> this series staged for 2.12.
>
> This might help for:
>
> root@6e10336e48ac:/etc/apt# java --version
> qemu-sh4: /home/alex/lsrc/qemu/qemu.git/tcg/tcg.h:703: temp_idx: Assertion `n >= 0 && n < tcg_ctx->nb_temps' failed.
> qemu: uncaught target signal 11 (Segmentation fault) - core dumped
Sadly it's decode_gusa which trips for me:
#0 0x00007ffff6941428 in __GI_raise (sig=sig@entry=6) at ../sysdeps/unix/sysv/linux/raise.c:54
#1 0x00007ffff694302a in __GI_abort () at abort.c:89
#2 0x00007ffff6939bd7 in __assert_fail_base (fmt=<optimised out>, assertion=assertion@entry=0x555555678fc8 "n >= 0 && n < tcg_ctx->nb_temps", file=file@entry=0x555555678fa0 "/home/alex/lsrc/qemu/qemu.git/tcg/tcg.h", line=line@entry=703, function=function@entry=0x55555567aa38 <__PRETTY_FUNCTION__.23740> "temp_idx") at assert.c:92
#3 0x00007ffff6939c82 in __GI___assert_fail (assertion=0x555555678fc8 "n >= 0 && n < tcg_ctx->nb_temps", file=0x555555678fa0 "/home/alex/lsrc/qemu/qemu.git/tcg/tcg.h", line=703, function=0x55555567aa38 <__PRETTY_FUNCTION__.23740> "temp_idx") at assert.c:101
#4 0x0000555555585e03 in temp_idx (ts=0x555555902f20 <tcg_init_ctx>) at /home/alex/lsrc/qemu/qemu.git/tcg/tcg.h:703
#5 0x0000555555585e5b in tcgv_i32_temp (v=0x0) at /home/alex/lsrc/qemu/qemu.git/tcg/tcg.h:724
#6 0x000055555558bc2f in tcg_temp_free_i32 (arg=0x0) at /home/alex/lsrc/qemu/qemu.git/tcg/tcg.c:1053
#7 0x00005555555ff077 in decode_gusa (ctx=0x7ffff7f67c00, env=0x5555579adf60, pmax_insns=0x7ffff7f67bec) at /home/alex/lsrc/qemu/qemu.git/target/sh4/translate.c:2193
#8 0x00005555555ff303 in gen_intermediate_code (cs=0x5555579a5cc0, tb=0x55555593c6c0 <static_code_gen_buffer+78976>) at /home/alex/lsrc/qemu/qemu.git/target/sh4/translate.c:2268
#9 0x00005555555bc656 in tb_gen_code (cpu=0x5555579a5cc0, pc=2134168040, cs_base=2134168044, flags=528320, cflags=524288) at /home/alex/lsrc/qemu/qemu.git/accel/tcg/translate-all.c:1292
#10 0x00005555555b9ff9 in tb_find (cpu=0x5555579a5cc0, last_tb=0x0, tb_exit=0, cf_mask=524288) at /home/alex/lsrc/qemu/qemu.git/accel/tcg/cpu-exec.c:402
#11 0x00005555555ba77d in cpu_exec (cpu=0x5555579a5cc0) at /home/alex/lsrc/qemu/qemu.git/accel/tcg/cpu-exec.c:735
#12 0x00005555555c0ed2 in cpu_loop (env=0x5555579adf60) at /home/alex/lsrc/qemu/qemu.git/linux-user/main.c:2684
#13 0x00005555555d001c in clone_func (arg=0x7fffffffc990) at /home/alex/lsrc/qemu/qemu.git/linux-user/syscall.c:6264
#14 0x00007ffff6cdd6ba in start_thread (arg=0x7ffff7f68700) at pthread_create.c:333
#15 0x00007ffff6a133dd in clone () at ../sysdeps/unix/sysv/linux/x86_64/clone.S:109
#7 0x00005555555ff077 in decode_gusa (ctx=0x7ffff7f67c00, env=0x5555579adf60, pmax_insns=0x7ffff7f67bec) at /home/alex/lsrc/qemu/qemu.git/target/sh4/translate.c:2193
2193 tcg_temp_free_i32(op_arg);
The line:
/* If op_src is not a valid register, then op_arg was a constant. */
if (op_src < 0) {
tcg_temp_free_i32(op_arg);
}
Looks pretty sketchy to me, why not check is op_arg is allocated
directly? Constants still need to be freed over a block. I think TCG
still keeps them around if it re-uses them.
>
> Regards,
>
> Philippe.
>
> Philippe Mathieu-Daudé (2):
> target/sh4: add missing tcg_temp_free() in gen_conditional_jump()
> target/sh4: add missing tcg_temp_free() in _decode_opc()
>
> target/sh4/translate.c | 7 ++++++-
> 1 file changed, 6 insertions(+), 1 deletion(-)
--
Alex Bennée
^ permalink raw reply [flat|nested] 6+ messages in thread
* Re: [Qemu-devel] [PATCH 2/2] target/sh4: add missing tcg_temp_free() in _decode_opc()
2017-12-05 17:00 ` [Qemu-devel] [PATCH 2/2] target/sh4: add missing tcg_temp_free() in _decode_opc() Philippe Mathieu-Daudé
@ 2017-12-06 21:59 ` Aurelien Jarno
0 siblings, 0 replies; 6+ messages in thread
From: Aurelien Jarno @ 2017-12-06 21:59 UTC (permalink / raw)
To: Philippe Mathieu-Daudé
Cc: Alex Bennée, qemu-devel, Richard Henderson, Vladimir Prus,
Edgar E . Iglesias
On 2017-12-05 14:00, Philippe Mathieu-Daudé wrote:
> missed in c55497ecb8c and 852d481faf7.
>
> Signed-off-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
> ---
> target/sh4/translate.c | 2 ++
> 1 file changed, 2 insertions(+)
>
> diff --git a/target/sh4/translate.c b/target/sh4/translate.c
> index 5aeaabdd8d..62d01227fc 100644
> --- a/target/sh4/translate.c
> +++ b/target/sh4/translate.c
> @@ -604,6 +604,7 @@ static void _decode_opc(DisasContext * ctx)
> tcg_gen_subi_i32(addr, REG(B11_8), 4);
> tcg_gen_qemu_st_i32(REG(B7_4), addr, ctx->memidx, MO_TEUL);
> tcg_gen_mov_i32(REG(B11_8), addr);
> + tcg_temp_free(addr);
> }
> return;
> case 0x6004: /* mov.b @Rm+,Rn */
> @@ -1527,6 +1528,7 @@ static void _decode_opc(DisasContext * ctx)
> tcg_gen_qemu_ld_i32(val, REG(B11_8), ctx->memidx, MO_TEUL);
> gen_helper_movcal(cpu_env, REG(B11_8), val);
> tcg_gen_qemu_st_i32(REG(0), REG(B11_8), ctx->memidx, MO_TEUL);
> + tcg_temp_free(val);
> }
> ctx->has_movcal = 1;
> return;
Good catch!
Reviewed-by: Aurelien Jarno <aurelien@aurel32.net>
--
Aurelien Jarno GPG: 4096R/1DDD8C9B
aurelien@aurel32.net http://www.aurel32.net
^ permalink raw reply [flat|nested] 6+ messages in thread
* Re: [Qemu-devel] [PATCH 1/2] target/sh4: add missing tcg_temp_free() in gen_conditional_jump()
2017-12-05 17:00 ` [Qemu-devel] [PATCH 1/2] target/sh4: add missing tcg_temp_free() in gen_conditional_jump() Philippe Mathieu-Daudé
@ 2017-12-06 21:59 ` Aurelien Jarno
0 siblings, 0 replies; 6+ messages in thread
From: Aurelien Jarno @ 2017-12-06 21:59 UTC (permalink / raw)
To: Philippe Mathieu-Daudé
Cc: Alex Bennée, qemu-devel, Richard Henderson, Vladimir Prus,
Edgar E . Iglesias
On 2017-12-05 14:00, Philippe Mathieu-Daudé wrote:
> missed in c55497ecb8c.
>
> Signed-off-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
> ---
> target/sh4/translate.c | 5 ++++-
> 1 file changed, 4 insertions(+), 1 deletion(-)
>
> diff --git a/target/sh4/translate.c b/target/sh4/translate.c
> index 703020fe87..5aeaabdd8d 100644
> --- a/target/sh4/translate.c
> +++ b/target/sh4/translate.c
> @@ -322,13 +322,16 @@ static void gen_delayed_conditional_jump(DisasContext * ctx)
> gen_jump(ctx);
>
> gen_set_label(l1);
> - return;
> + goto done;
> }
>
> tcg_gen_brcondi_i32(TCG_COND_NE, ds, 0, l1);
> gen_goto_tb(ctx, 1, ctx->pc + 2);
> gen_set_label(l1);
> gen_jump(ctx);
> +
> +done:
> + tcg_temp_free(ds);
> }
>
> static inline void gen_load_fpr64(DisasContext *ctx, TCGv_i64 t, int reg)
AFAIR, temps are not preserved across a branch (contrary to local
temps), so I am not sure they need to be freed.
--
Aurelien Jarno GPG: 4096R/1DDD8C9B
aurelien@aurel32.net http://www.aurel32.net
^ permalink raw reply [flat|nested] 6+ messages in thread
end of thread, other threads:[~2017-12-06 21:59 UTC | newest]
Thread overview: 6+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2017-12-05 17:00 [Qemu-devel] [PATCH 0/2] target/sh4: add missing tcg_temp_free() Philippe Mathieu-Daudé
2017-12-05 17:00 ` [Qemu-devel] [PATCH 1/2] target/sh4: add missing tcg_temp_free() in gen_conditional_jump() Philippe Mathieu-Daudé
2017-12-06 21:59 ` Aurelien Jarno
2017-12-05 17:00 ` [Qemu-devel] [PATCH 2/2] target/sh4: add missing tcg_temp_free() in _decode_opc() Philippe Mathieu-Daudé
2017-12-06 21:59 ` Aurelien Jarno
2017-12-05 20:35 ` [Qemu-devel] [PATCH 0/2] target/sh4: add missing tcg_temp_free() Alex Bennée
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.