From: Gerd Hoffmann <kraxel@suse.de>
To: "Petersson, Mats" <Mats.Petersson@amd.com>
Cc: Xen devel list <xen-devel@lists.xensource.com>
Subject: Re: VT/ioemu: vga memory access?
Date: Tue, 16 May 2006 17:57:14 +0200 [thread overview]
Message-ID: <4469F65A.9040507@suse.de> (raw)
In-Reply-To: <907625E08839C4409CE5768403633E0BA7FC73@sefsexmb1.amd.com>
Hi,
>> How is vga vram access handled in the device model? Is there some
>> kind of notification system, by mapping those pages read-only, then
>> trap and forward any write access to qemu-dm?
>
> Actually, xen HVM handles all memory mapped IO in the same way -
> pages are not present, causing a page-fault and then checking the
> address against a "memory mapped IO range" in the function
> mmio_space() [I haven't looked inside this function], and if it's a
> match it's passed to QEMU via handle_mmio().
I think I found the bug. It's actually in handle_mmio() ;) The "case
INSTR_MOVS" has code which deals with page boundaries. The code allways
_adds_ the count (ecx) to figure whenever the "repz movsb" crosses a
page boundary or not. In case the direction flag is set this isn't
correct, it should subtract instead. Subsequently it mis-calculates
count, making it _larger_ than it was because the copy wouldn't have
crossed a page boundary, leading to the negative ecx value in the
register dump ...
cheers,
Gerd
--
Gerd Hoffmann <kraxel@suse.de>
Erst mal heiraten, ein, zwei Kinder, und wenn alles läuft
geh' ich nach drei Jahren mit der Familie an die Börse.
http://www.suse.de/~kraxel/julika-dora.jpeg
next prev parent reply other threads:[~2006-05-16 15:57 UTC|newest]
Thread overview: 8+ messages / expand[flat|nested] mbox.gz Atom feed top
2006-05-16 15:26 VT/ioemu: vga memory access? Petersson, Mats
2006-05-16 15:57 ` Gerd Hoffmann [this message]
-- strict thread matches above, loose matches on Subject: below --
2006-05-16 17:24 Petersson, Mats
2006-05-16 17:03 Petersson, Mats
2006-05-16 16:20 Petersson, Mats
2006-05-16 16:49 ` Gerd Hoffmann
2006-05-16 16:57 ` Keir Fraser
2006-05-16 14:44 Gerd Hoffmann
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=4469F65A.9040507@suse.de \
--to=kraxel@suse.de \
--cc=Mats.Petersson@amd.com \
--cc=xen-devel@lists.xensource.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.