[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Qemu-devel] i386 target bug with cmpxchg instruction handling
|
From: |
Brad |
|
Subject: |
[Qemu-devel] i386 target bug with cmpxchg instruction handling |
|
Date: |
Sat, 25 Dec 2010 16:16:39 -0500 |
|
User-agent: |
Mutt/1.5.21 (2010-09-15) |
The following diff fixes a bug with the i386 targets cmpxhg instruction
handling. I'm making an attempt to submit this upstream since OpenBSD
currently has this in our port but it was originally from NetBSD's
pkgsrc tree with QEMU.
http://www.netbsd.org/cgi-bin/query-pr-single.pl?number=42158
https://bugs.launchpad.net/qemu/+bug/569760
diff --git a/target-i386/translate.c b/target-i386/translate.c
index 7b6e3c2..b5d6c97 100644
--- a/target-i386/translate.c
+++ b/target-i386/translate.c
@@ -4879,20 +4879,24 @@ static target_ulong disas_insn(DisasContext *s,
target_ulong pc_start)
tcg_gen_sub_tl(t2, cpu_regs[R_EAX], t0);
gen_extu(ot, t2);
tcg_gen_brcondi_tl(TCG_COND_EQ, t2, 0, label1);
+ label2 = gen_new_label();
if (mod == 3) {
- label2 = gen_new_label();
gen_op_mov_reg_v(ot, R_EAX, t0);
tcg_gen_br(label2);
gen_set_label(label1);
gen_op_mov_reg_v(ot, rm, t1);
- gen_set_label(label2);
} else {
- tcg_gen_mov_tl(t1, t0);
+ /* perform no-op store cycle like physical cpu; must be
+ before changing accumulator to ensure idempotency if
+ the store faults and the instruction is restarted
+ */
+ gen_op_st_v(ot + s->mem_index, t0, a0);
gen_op_mov_reg_v(ot, R_EAX, t0);
+ tcg_gen_br(label2);
gen_set_label(label1);
- /* always store */
gen_op_st_v(ot + s->mem_index, t1, a0);
}
+ gen_set_label(label2);
tcg_gen_mov_tl(cpu_cc_src, t0);
tcg_gen_mov_tl(cpu_cc_dst, t2);
s->cc_op = CC_OP_SUBB + ot;
--
This message has been scanned for viruses and
dangerous content by MailScanner, and is
believed to be clean.
- [Qemu-devel] i386 target bug with cmpxchg instruction handling,
Brad <=