diff mbox

Breakage

Message ID 4F660A78.4040409@redhat.com
State New
Headers show

Commit Message

Avi Kivity March 18, 2012, 4:16 p.m. UTC 
On 03/18/2012 06:12 PM, malc wrote:
> 97161e177b4ea2730dff13c4df01475762ab6048 broke booting of a DOS image
> i've been using for years, the VM stalls at "Booting from hard disk"
> BIOS message never making any progress.

Can you post an image that exhibits the problem?

Also, try the attached patch.

Comments

malc March 18, 2012, 4:21 p.m. UTC | #1 
On Sun, 18 Mar 2012, Avi Kivity wrote:

> On 03/18/2012 06:12 PM, malc wrote:
> > 97161e177b4ea2730dff13c4df01475762ab6048 broke booting of a DOS image
> > i've been using for years, the VM stalls at "Booting from hard disk"
> > BIOS message never making any progress.
> 
> Can you post an image that exhibits the problem?

It's 400+MB

> 
> Also, try the attached patch.

Boots with the patch.
Roy Tam March 19, 2012, 4:34 a.m. UTC | #2 
2012/3/19 Avi Kivity <avi@redhat.com>:
> On 03/18/2012 06:12 PM, malc wrote:
>> 97161e177b4ea2730dff13c4df01475762ab6048 broke booting of a DOS image
>> i've been using for years, the VM stalls at "Booting from hard disk"
>> BIOS message never making any progress.
>
> Can you post an image that exhibits the problem?
>
> Also, try the attached patch.
>

Confirmed fixed for Windows XP.
But I get "*** stack smashing detected ***:  terminated" and crash
when booting BeOS 5.

> --
> error compiling committee.c: too many arguments to function
>
Avi Kivity March 19, 2012, 9:48 a.m. UTC | #3 
On 03/19/2012 06:34 AM, Roy Tam wrote:
> But I get "*** stack smashing detected ***:  terminated" and crash
> when booting BeOS 5.
>

Is that a regression?  From what commit?
Luiz Capitulino March 19, 2012, 4:16 p.m. UTC | #4 
On Sun, 18 Mar 2012 20:21:45 +0400 (MSK)
malc <av1474@comtv.ru> wrote:

> On Sun, 18 Mar 2012, Avi Kivity wrote:
> 
> > On 03/18/2012 06:12 PM, malc wrote:
> > > 97161e177b4ea2730dff13c4df01475762ab6048 broke booting of a DOS image
> > > i've been using for years, the VM stalls at "Booting from hard disk"
> > > BIOS message never making any progress.
> > 
> > Can you post an image that exhibits the problem?
> 
> It's 400+MB
> 
> > 
> > Also, try the attached patch.
> 
> Boots with the patch.

I was just bisecting a problem during win95 install that seems to be
caused by the same commit. The attached patch fixes it too.
Roy Tam March 20, 2012, 1:21 a.m. UTC | #5 
2012/3/19 Avi Kivity <avi@redhat.com>:
> On 03/19/2012 06:34 AM, Roy Tam wrote:
>> But I get "*** stack smashing detected ***:  terminated" and crash
>> when booting BeOS 5.
>>
>
> Is that a regression?  From what commit?

It seems to be a regression from 0.15.1.
1.0 (mingw) build fails to boot also (a fresh compile just done before
I type this message)

>
> --
> error compiling committee.c: too many arguments to function
>
diff mbox

Patch

From bb363db2608dfc9b49b53994dc20d68169e66774 Mon Sep 17 00:00:00 2001
From: Avi Kivity <avi@redhat.com>
Date: Wed, 14 Mar 2012 16:19:39 +0200
Subject: [PATCH] exec: fix write tlb entry misused as iotlb

A couple of code paths check the lower bits of CPUTLBEntry::addr_write
against io_mem_ram as a way of looking for a dirty RAM page.  This works
by accident since the value is zero, which matches all clear bits for
TLB_INVALID, TLB_MMIO, and TLB_NOTDIRTY (indicating dirty RAM).

Make it work by design by checking for the proper bits.

Signed-off-by: Avi Kivity <avi@redhat.com>
---
 exec.c |   11 ++++++++---
 1 files changed, 8 insertions(+), 3 deletions(-)

diff --git a/exec.c b/exec.c
index 8fd50a1..d8b089e 100644
--- a/exec.c
+++ b/exec.c
@@ -2031,14 +2031,19 @@  static void tlb_unprotect_code_phys(CPUArchState *env, ram_addr_t ram_addr,
     cpu_physical_memory_set_dirty_flags(ram_addr, CODE_DIRTY_FLAG);
 }
 
+static bool tlb_is_dirty_ram(CPUTLBEntry *tlbe)
+{
+    return (tlbe->addr_write & (TLB_INVALID_MASK|TLB_MMIO|TLB_NOTDIRTY)) == 0;
+}
+
 static inline void tlb_reset_dirty_range(CPUTLBEntry *tlb_entry,
                                          unsigned long start, unsigned long length)
 {
     unsigned long addr;
-    if ((tlb_entry->addr_write & ~TARGET_PAGE_MASK) == io_mem_ram.ram_addr) {
+    if (tlb_is_dirty_ram(tlb_entry)) {
         addr = (tlb_entry->addr_write & TARGET_PAGE_MASK) + tlb_entry->addend;
         if ((addr - start) < length) {
-            tlb_entry->addr_write = (tlb_entry->addr_write & TARGET_PAGE_MASK) | TLB_NOTDIRTY;
+            tlb_entry->addr_write |= TLB_NOTDIRTY;
         }
     }
 }
@@ -2091,7 +2096,7 @@  static inline void tlb_update_dirty(CPUTLBEntry *tlb_entry)
     ram_addr_t ram_addr;
     void *p;
 
-    if ((tlb_entry->addr_write & ~TARGET_PAGE_MASK) == io_mem_ram.ram_addr) {
+    if (tlb_is_dirty_ram(tlb_entry)) {
         p = (void *)(unsigned long)((tlb_entry->addr_write & TARGET_PAGE_MASK)
             + tlb_entry->addend);
         ram_addr = qemu_ram_addr_from_host_nofail(p);
-- 
1.7.9