Sun Apr 25 12:55:41 2010 UTC ()

Correct emulation of i386 cmpxchg instruction in the case where the
comparison outcome is unequal and the memory write causes a page
fault.  Fixes PR pkg/42158.


(gson)

diff -r1.65 -r1.66 pkgsrc/emulators/qemu/Makefile
diff -r1.53 -r1.54 pkgsrc/emulators/qemu/distinfo
diff -r0 -r1.1 pkgsrc/emulators/qemu/patches/patch-ed

--- pkgsrc/emulators/qemu/Makefile 2010/04/10 05:57:40 1.65
+++ pkgsrc/emulators/qemu/Makefile 2010/04/25 12:55:41 1.66

 @@ -1,18 +1,18 @@
-# $NetBSD: Makefile,v 1.65 2010/04/10 05:57:40 sbd Exp $
+# $NetBSD: Makefile,v 1.66 2010/04/25 12:55:41 gson Exp $
+#
 DISTNAME=		qemu-0.12.3
-PKGREVISION=		1
+PKGREVISION=		2
 CATEGORIES=		emulators
 MASTER_SITES=		http://download.savannah.gnu.org/releases/qemu/
 MAINTAINER=		pkgsrc-users@NetBSD.org
 HOMEPAGE=		http://www.qemu.org/
 COMMENT=		CPU emulator using dynamic translation
 LICENSE=		gnu-gpl-v2 AND gnu-lgpl-v2.1 AND mit AND modified-bsd
 PKG_DESTDIR_SUPPORT=	user-destdir
 CONFLICTS+=		qemu-bin-[0-9]*
 NOT_FOR_PLATFORM=	NetBSD-1.[0-6]*-*

--- pkgsrc/emulators/qemu/distinfo 2010/02/27 23:21:13 1.53
+++ pkgsrc/emulators/qemu/distinfo 2010/04/25 12:55:41 1.54

 @@ -1,11 +1,12 @@
-$NetBSD: distinfo,v 1.53 2010/02/27 23:21:13 tnn Exp $
+$NetBSD: distinfo,v 1.54 2010/04/25 12:55:41 gson Exp $
 SHA1 (qemu-0.12.3.tar.gz) = 03ec307be094bb216bb5be17297e9f33e1a01b56
 RMD160 (qemu-0.12.3.tar.gz) = 10dd16ee970a19a6706491fa4425ddbea1da2ba3
 Size (qemu-0.12.3.tar.gz) = 4693581 bytes
 SHA1 (patch-aa) = 7180def64ebff88074666adef21ee1b5022b6881
 SHA1 (patch-ao) = e515093b6ea99f9cba665de022fd62f3be911569
 SHA1 (patch-ba) = 7c5043a39405f52b512e479a46fc76108580b7bc
 SHA1 (patch-dd) = 32661203ba023bea67cd7cde1f4088f4d0e5c582
 SHA1 (patch-de) = 225eaa996fccc02b17be0099d943c75302600ada
 SHA1 (patch-dk) = 5538bebc08b0047e501469f9cb306cb798d0eb00
 SHA1 (patch-ed) = ef1871b82dac9c89dc3c3d28c97805fabeea43ab

$NetBSD: patch-ed,v 1.1 2010/04/25 12:55:41 gson Exp $

--- target-i386/translate.c.orig	2010-02-23 22:54:38.000000000 +0200
+++ target-i386/translate.c
@@ -4876,20 +4876,24 @@ static target_ulong disas_insn(DisasCont
             tcg_gen_sub_tl(t2, cpu_regs[R_EAX], t0);
             gen_extu(ot, t2);
             tcg_gen_brcondi_tl(TCG_COND_EQ, t2, 0, label1);
+	    label2 = gen_new_label();
             if (mod == 3) {
-                label2 = gen_new_label();
                 gen_op_mov_reg_v(ot, R_EAX, t0);
                 tcg_gen_br(label2);
                 gen_set_label(label1);
                 gen_op_mov_reg_v(ot, rm, t1);
-                gen_set_label(label2);
             } else {
-                tcg_gen_mov_tl(t1, t0);
+                /* perform no-op store cycle like physical cpu; must be
+		   before changing accumulator to ensure idempotency if
+		   the store faults and the instruction is restarted
+		*/
+                gen_op_st_v(ot + s->mem_index, t0, a0);
                 gen_op_mov_reg_v(ot, R_EAX, t0);
+                tcg_gen_br(label2);		
                 gen_set_label(label1);
-                /* always store */
-                gen_op_st_v(ot + s->mem_index, t1, a0);
+                gen_op_st_v(ot + s->mem_index, t1, a0);		
             }
+	    gen_set_label(label2);
             tcg_gen_mov_tl(cpu_cc_src, t0);
             tcg_gen_mov_tl(cpu_cc_dst, t2);
             s->cc_op = CC_OP_SUBB + ot;