use of setjmp/longjmp in x86 emulator.
in [Kernel]
|
Prev: ARM: includecheck fix for mach-at91/board-sam9m10g45ek.c
Next: 2.6.33: Intel DP55KG - USB still not fixed: USBDEVFS_CONTROL failed cmd usbhid-ups rqt 161 rq 1 len 4 ret -110
From: Zachary Amsden on 1 Mar 2010 14:20 On 03/01/2010 09:03 AM, Gleb Natapov wrote: > On Mon, Mar 01, 2010 at 08:39:49AM -1000, Zachary Amsden wrote: > > >> Anything that can generate exceptions is going to need logic to >> handle error cases anyway... the depth can not be that bad. >> Especially if you structure it so as to optimize for tail calling. >> >> > Tail call is not what usually happens. Usually emulation goes like this: > if (check some conditions) { > queue exception A > return exception queued > } > if (check other conditions) { > queue exception B > return exception queued > } > do some emulation > try to read guest memory > if (read failed) { > queue exception C > return exception queued > } > if (read needs exit to userspace for device emulation) > return please go out and retrieve me the data > > continue emulation > try to write guest memory > if (write failed) { > queue exception C > return exception queued > } > if (write needs exit to userspace for device emulation) > return please go out and process the data > > emulate some more. > > return emulation done > It's going to be ugly to emulate segmentation, NX and write protect support without hardware to do this checking for you, but it's just what you have to do in this slow path - tedious, fully specified emulation. Just because it's tedious doesn't mean we need to use setjmp / longjmp. Throw / catch might be effective, but it's still pretty bizarre to do tricks like that in C. Zach -- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo(a)vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
From: H. Peter Anvin on 1 Mar 2010 17:40 On 03/01/2010 11:18 AM, Zachary Amsden wrote: > > It's going to be ugly to emulate segmentation, NX and write protect > support without hardware to do this checking for you, but it's just what > you have to do in this slow path - tedious, fully specified emulation. > > Just because it's tedious doesn't mean we need to use setjmp / longjmp. > Throw / catch might be effective, but it's still pretty bizarre to do > tricks like that in C. > Well, setjmp/longjmp really is not much more than exception handling in C. -hpa -- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo(a)vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
From: H. Peter Anvin on 1 Mar 2010 18:00 On 03/01/2010 02:31 PM, H. Peter Anvin wrote: > On 03/01/2010 11:18 AM, Zachary Amsden wrote: >> >> It's going to be ugly to emulate segmentation, NX and write protect >> support without hardware to do this checking for you, but it's just what >> you have to do in this slow path - tedious, fully specified emulation. >> >> Just because it's tedious doesn't mean we need to use setjmp / longjmp. >> Throw / catch might be effective, but it's still pretty bizarre to do >> tricks like that in C. >> > > Well, setjmp/longjmp really is not much more than exception handling in C. > For what it's worth, I think that setjmp/longjmp is not anywhere near as dangerous as people want to make it out to be. gcc will warn for dangerous uses (and a lot of non-dangerous uses), but generally the difficult problems can be dealt with by moving the setjmp-protected code into a separate function. -hpa -- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo(a)vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
From: Zachary Amsden on 1 Mar 2010 18:40 On 03/01/2010 12:56 PM, H. Peter Anvin wrote: > On 03/01/2010 02:31 PM, H. Peter Anvin wrote: > >> On 03/01/2010 11:18 AM, Zachary Amsden wrote: >> >>> It's going to be ugly to emulate segmentation, NX and write protect >>> support without hardware to do this checking for you, but it's just what >>> you have to do in this slow path - tedious, fully specified emulation. >>> >>> Just because it's tedious doesn't mean we need to use setjmp / longjmp. >>> Throw / catch might be effective, but it's still pretty bizarre to do >>> tricks like that in C. >>> >>> >> Well, setjmp/longjmp really is not much more than exception handling in C. >> >> > For what it's worth, I think that setjmp/longjmp is not anywhere near as > dangerous as people want to make it out to be. gcc will warn for > dangerous uses (and a lot of non-dangerous uses), but generally the > difficult problems can be dealt with by moving the setjmp-protected code > into a separate function. > I'd be curious to see if it would need to evolve it to preemptsetjmp / irqlongjmp or some other more complex forms in time. But I'd rather implement a new language where acquisition of resources such as locks, dynamically allocated objects, and ref counts are predicated in the function typing and are heavily encouraged to possess defined inverses. Then the closure of a particular layer of nesting already has enough information to provide release upon escape, and the compiler can easily take the burden of checking for a large class of lock and resource violation. And it would have to be prettier than the current languages that do that, meaning operator overloading would be banned. Although it would define rational numbers, super-extended precision arithmetic, imaginary numbers, quaternions and matrices as part of the spec, so there would be no need to use arithmetic overrides anyway, and then all the nonsensical operators could die, die, die, especially the function () and logical operator overrides. Zach -- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo(a)vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
From: H. Peter Anvin on 1 Mar 2010 18:50
On 03/01/2010 03:34 PM, Zachary Amsden wrote: > > But I'd rather implement a new language where acquisition of resources > such as locks, dynamically allocated objects, and ref counts are > predicated in the function typing and are heavily encouraged to possess > defined inverses. Then the closure of a particular layer of nesting > already has enough information to provide release upon escape, and the > compiler can easily take the burden of checking for a large class of > lock and resource violation. > > And it would have to be prettier than the current languages that do > that, meaning operator overloading would be banned. Although it would > define rational numbers, super-extended precision arithmetic, imaginary > numbers, quaternions and matrices as part of the spec, so there would be > no need to use arithmetic overrides anyway, and then all the nonsensical > operators could die, die, die, especially the function () and logical > operator overrides. > /me takes away Zach's caffeine. -hpa -- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo(a)vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/ |