From mboxrd@z Thu Jan  1 00:00:00 1970
Received: from eggs.gnu.org ([208.118.235.92]:54123)
	by lists.gnu.org with esmtp (Exim 4.71)
	(envelope-from <sw@weilnetz.de>) id 1SgrNq-0000qF-E3
	for qemu-devel@nongnu.org; Tue, 19 Jun 2012 01:53:47 -0400
Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71)
	(envelope-from <sw@weilnetz.de>) id 1SgrNo-0002sS-7Z
	for qemu-devel@nongnu.org; Tue, 19 Jun 2012 01:53:45 -0400
Received: from v220110690675601.yourvserver.net ([78.47.199.172]:51162)
	by eggs.gnu.org with esmtp (Exim 4.71)
	(envelope-from <sw@weilnetz.de>) id 1SgrNo-0002pf-1S
	for qemu-devel@nongnu.org; Tue, 19 Jun 2012 01:53:44 -0400
Message-ID: <4FE013E3.6090907@weilnetz.de>
Date: Tue, 19 Jun 2012 07:53:39 +0200
From: Stefan Weil <sw@weilnetz.de>
MIME-Version: 1.0
References: <20120619023136.GA5187@tyr.buserror.net>
In-Reply-To: <20120619023136.GA5187@tyr.buserror.net>
Content-Type: text/plain; charset=ISO-8859-1; format=flowed
Content-Transfer-Encoding: 7bit
Subject: Re: [Qemu-devel] [PATCH] tci: don't write zero for reloc in
	tci_out_label
List-Id: <qemu-devel.nongnu.org>
List-Unsubscribe: <https://lists.nongnu.org/mailman/options/qemu-devel>,
	<mailto:qemu-devel-request@nongnu.org?subject=unsubscribe>
List-Archive: <http://lists.nongnu.org/archive/html/qemu-devel>
List-Post: <mailto:qemu-devel@nongnu.org>
List-Help: <mailto:qemu-devel-request@nongnu.org?subject=help>
List-Subscribe: <https://lists.nongnu.org/mailman/listinfo/qemu-devel>,
	<mailto:qemu-devel-request@nongnu.org?subject=subscribe>
To: Scott Wood <scottwood@freescale.com>
Cc: Blue Swirl <blauwirbel@gmail.com>, qemu-devel@nongnu.org

Am 19.06.2012 04:31, schrieb Scott Wood:
> If tci_out_label is called in the context of tcg_gen_code_search_pc, we
> could be overwriting an already patched relocation with zero -- and not
> repatch it because the set_label is past search_pc, causing a QEMU crash
> when it tries to branch to a zero label.
>
> Not writing anything to the relocation area seems to be in line with what
> other backends do from the couple I looked at (x86, ppc).

Thanks, this might fix a crash which I have seen from time to time.
I'll run tests as soon as possible.

Could you please also look at the other backends?

I saw from git history that ppc once had the same bug.
The sparc backend (and maybe others) might still have it.

Regards,
Stefan W.

>
> Signed-off-by: Scott Wood<scottwood@freescale.com>
> ---
>   tcg/tci/tcg-target.c |    2 +-
>   1 files changed, 1 insertions(+), 1 deletions(-)
>
> diff --git a/tcg/tci/tcg-target.c b/tcg/tci/tcg-target.c
> index 453f187..3c6b0f5 100644
> --- a/tcg/tci/tcg-target.c
> +++ b/tcg/tci/tcg-target.c
> @@ -487,7 +487,7 @@ static void tci_out_label(TCGContext *s, TCGArg arg)
>           assert(label->u.value);
>       } else {
>           tcg_out_reloc(s, s->code_ptr, sizeof(tcg_target_ulong), arg, 0);
> -        tcg_out_i(s, 0);
> +        s->code_ptr += sizeof(tcg_target_ulong);
>       }
>   }
>