Regression 10.0.0rc1: Segmentation fault on executing QEMU advent calendar 2014, day 4
Host environment
- Operating system: Debian 12.10
- OS/kernel version: Linux rodrigo 6.1.0-32-amd64 #1 SMP PREEMPT_DYNAMIC Debian 6.1.129-1 (2025-03-06) x86_64 GNU/Linux
- Architecture: x86_64
- QEMU flavor: qemu-system-i386
- QEMU version: QEMU emulator version 9.2.50 (v9.2.0-1215-g456709db50)
- QEMU command line:
qemu-system-i386 -drive file=stxmas/stxmas.img,format=raw
Emulated/Virtualized environment
- Operating system: Unknown
- OS/kernel version: Unknown
- Architecture: i386
Description of problem
On executing QEMU, a segmentation fault occurs
Steps to reproduce
- Download https://www.qemu-advent-calendar.org/2014/download/stxmas.tar.xz
- Execute with QEMU command line
Additional information
git bisect finishes with:
456709db50f424d112bc5f07260fdc51555f3a24 is the first bad commit
commit 456709db50f424d112bc5f07260fdc51555f3a24
Author: Paolo Bonzini <pbonzini@redhat.com>
Date: Sun Dec 15 10:06:10 2024 +0100
target/i386: execute multiple REP/REPZ iterations without leaving TB
Use a TCG loop so that it is not necessary to go through the setup steps
of REP and through the I/O check on every iteration. Interestingly, this
is not a particularly effective optimization on its own, though it avoids
the cost of correct RF emulation that was added in the previous patch.
The main benefit lies in allowing the hoisting of loop invariants outside
the loop, which will happen separately.
The loop exits when the low 16 bits of CX/ECX/RCX are zero (so generally
speaking the string operation runs in 65536 iteration batches) to give
the main loop an opportunity to pick up interrupts.
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Link: https://lore.kernel.org/r/20241215090613.89588-12-pbonzini@redhat.com
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
target/i386/tcg/translate.c | 55 ++++++++++++++++++++++++++++++++++++++++-----
1 file changed, 49 insertions(+), 6 deletions(-)