blob: 51e8d86e941829e628831dfeac87afb355cc4e71 (
plain) (
blame)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
|
id = 2899
title = "Regression 10.0.0rc1: Segmentation fault on executing QEMU advent calendar 2014, day 4"
state = "closed"
created_at = "2025-04-01T10:23:12.161Z"
closed_at = "2025-04-04T17:07:31.583Z"
labels = ["accel: TCG", "workflow::Patch available"]
url = "https://gitlab.com/qemu-project/qemu/-/issues/2899"
host-os = "Debian 12.10"
host-arch = "x86_64"
qemu-version = "QEMU emulator version 9.2.50 (v9.2.0-1215-g456709db50)"
guest-os = "Unknown"
guest-arch = "i386"
description = """On executing QEMU, a segmentation fault occurs"""
reproduce = """1. Download https://www.qemu-advent-calendar.org/2014/download/stxmas.tar.xz
2. Execute with QEMU command line"""
additional = """git bisect finishes with:
```
456709db50f424d112bc5f07260fdc51555f3a24 is the first bad commit
commit 456709db50f424d112bc5f07260fdc51555f3a24
Author: Paolo Bonzini <pbonzini@redhat.com>
Date: Sun Dec 15 10:06:10 2024 +0100
target/i386: execute multiple REP/REPZ iterations without leaving TB
Use a TCG loop so that it is not necessary to go through the setup steps
of REP and through the I/O check on every iteration. Interestingly, this
is not a particularly effective optimization on its own, though it avoids
the cost of correct RF emulation that was added in the previous patch.
The main benefit lies in allowing the hoisting of loop invariants outside
the loop, which will happen separately.
The loop exits when the low 16 bits of CX/ECX/RCX are zero (so generally
speaking the string operation runs in 65536 iteration batches) to give
the main loop an opportunity to pick up interrupts.
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Link: https://lore.kernel.org/r/20241215090613.89588-12-pbonzini@redhat.com
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
target/i386/tcg/translate.c | 55 ++++++++++++++++++++++++++++++++++++++++-----
1 file changed, 49 insertions(+), 6 deletions(-)
```"""
|