From: "Mike Nordell" <tamlin@algonet.se>
To: qemu-devel@nongnu.org
Subject: Re: [Qemu-devel] Win2k mouse
Date: Fri, 16 Apr 2004 05:54:14 +0200 [thread overview]
Message-ID: <000401c42366$7d2464f0$0401a8c0@putte2k> (raw)
In-Reply-To: 20040415222123.A24057@bbland
Lionel Ulmer wrote:
> > Now I start to see the rest of the Win2K second-stage installer. So at
> > least it helps going a bit further than before.
>
> Well, I spoke a bit too fast : it's still segfaulting, but a bit further
> than before, just after the 'Setup is detecting and installing devices on
> your computer'.
Just for kicks, you might test the following for hw/sb16:
@@ -426,6 +449,7 @@
dsp->v2x6 = 0;
else if ((1 == val) && (0 == dsp->v2x6)) {
dsp->v2x6 = 1;
+ assert(dsp->out_data_len <
sizeof(dsp->out_data)/sizeof(*dsp->out_data));
dsp->out_data[dsp->out_data_len++] = 0xaa;
}
else
@@ -537,6 +561,7 @@
static IO_READ_PROTO(mixer_read)
{
SB16State *dsp = opaque;
+ assert(dsp->mixer_nreg <
sizeof(dsp->mixer_regs)/sizeof(*dsp->mixer_regs));
return dsp->mixer_regs[dsp->mixer_nreg];
}
I'm right now in the debugger after an attempted read from memory the SB16
emulator has no business probing.
Right after this, the gfx got really screwy, starting to display vertical
white lines over the setup dialog, why I think it's a fair bet guest kernel
memory has been overwritten by something. Judging by these accesses, I quite
obviously suspect some other device emulation code. I'll add another bunch
of asserts all over the place, but considering it takes me around 2-3 hours
to reach this point (starting from an image where the first phase of the
setup, copying files to target disk, has already completed), don't expect
any earth-shattering revelations anytime soon.
Does anyone know SB16 h/w enough to say what would be the right behaviour
here:
- To limit mixer_nreg in mixer_write_indexb to ?
- To return 0xff (or anything else) from mixer_read if mixer_nreg is OOB?
- To extend mixer_nreg to 256 bytes?
- To, just for kicks, stream n chunks of m bytes from /dev/random to an
equally random address in the QEMU process' memory? Just to see what
happens. :-)
/Mike - looking for devices that need some TLC with a 2x4
next prev parent reply other threads:[~2004-04-16 3:54 UTC|newest]
Thread overview: 15+ messages / expand[flat|nested] mbox.gz Atom feed top
2004-04-14 20:36 [Qemu-devel] Win2k mouse Mike Nordell
2004-04-15 8:52 ` Jean-Michel POURE
2004-04-15 9:37 ` Lionel Ulmer
2004-04-15 11:28 ` Brad Campbell
2004-04-15 11:51 ` Jean-Michel POURE
2004-04-15 13:48 ` Mike Nordell
2004-04-15 13:44 ` Mike Nordell
2004-04-15 18:31 ` Lionel Ulmer
2004-04-15 20:21 ` Lionel Ulmer
2004-04-16 3:54 ` Mike Nordell [this message]
2004-04-16 16:33 ` malc
2004-04-16 17:30 ` [Qemu-devel] sound issue Hetz Ben Hamo
-- strict thread matches above, loose matches on Subject: below --
2004-04-14 8:49 [Qemu-devel] Win2k mouse Jean-Michel POURE
2004-04-14 11:11 ` Hetz Ben Hamo
2004-04-14 20:17 ` Fabrice Bellard
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to='000401c42366$7d2464f0$0401a8c0@putte2k' \
--to=tamlin@algonet.se \
--cc=qemu-devel@nongnu.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).