From mboxrd@z Thu Jan  1 00:00:00 1970
Received: from eggs.gnu.org ([2001:4830:134:3::10]:55759)
	by lists.gnu.org with esmtp (Exim 4.71)
	(envelope-from <hpoussin@reactos.org>) id 1Z39Bj-0003xE-80
	for qemu-devel@nongnu.org; Thu, 11 Jun 2015 16:35:00 -0400
Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71)
	(envelope-from <hpoussin@reactos.org>) id 1Z39Be-00072d-8b
	for qemu-devel@nongnu.org; Thu, 11 Jun 2015 16:34:59 -0400
Received: from smtp2-g21.free.fr ([2a01:e0c:1:1599::11]:54539)
	by eggs.gnu.org with esmtp (Exim 4.71)
	(envelope-from <hpoussin@reactos.org>) id 1Z39Be-000724-2e
	for qemu-devel@nongnu.org; Thu, 11 Jun 2015 16:34:54 -0400
From: =?UTF-8?q?Herv=C3=A9=20Poussineau?= <hpoussin@reactos.org>
Date: Thu, 11 Jun 2015 22:30:31 +0200
Message-Id: <1434054631-32241-1-git-send-email-hpoussin@reactos.org>
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: quoted-printable
Subject: [Qemu-devel] [PATCH] dma/rc4030: do multiple calls to
	address_space_rw when doing DMA transfers
List-Id: <qemu-devel.nongnu.org>
List-Unsubscribe: <https://lists.nongnu.org/mailman/options/qemu-devel>,
	<mailto:qemu-devel-request@nongnu.org?subject=unsubscribe>
List-Archive: <http://lists.nongnu.org/archive/html/qemu-devel>
List-Post: <mailto:qemu-devel@nongnu.org>
List-Help: <mailto:qemu-devel-request@nongnu.org?subject=help>
List-Subscribe: <https://lists.nongnu.org/mailman/listinfo/qemu-devel>,
	<mailto:qemu-devel-request@nongnu.org?subject=subscribe>
To: qemu-devel@nongnu.org
Cc: Peter Maydell <peter.maydell@linaro.org>, Leon Alrae <leon.alrae@imgtec.com>, Aurelien Jarno <aurelien@aurel32.net>, =?UTF-8?q?Herv=C3=A9=20Poussineau?= <hpoussin@reactos.org>

This workarounds a bug in memory management.

To reproduce the problem, try to start the Windows NT 4.0/MIPS installer.
After loading some files, you should see a screen saying
"To set up Windows NT now, press ENTER."
However, you're welcomed with an IRQL_NOT_LESS_OR_EQUAL bugcheck or an
Unknown Hard Error c0000221.

Signed-off-by: Herv=C3=A9 Poussineau <hpoussin@reactos.org>
---
 hw/dma/rc4030.c | 15 +++++++++++++++
 1 file changed, 15 insertions(+)

diff --git a/hw/dma/rc4030.c b/hw/dma/rc4030.c
index 3efa6de..d265d6c 100644
--- a/hw/dma/rc4030.c
+++ b/hw/dma/rc4030.c
@@ -681,6 +681,7 @@ static void rc4030_do_dma(void *opaque, int n, uint8_=
t *buf, int len, int is_wri
     rc4030State *s =3D opaque;
     hwaddr dma_addr;
     int dev_to_mem;
+    int i;
=20
     s->dma_regs[n][DMA_REG_ENABLE] &=3D ~(DMA_FLAG_TC_INTR | DMA_FLAG_ME=
M_INTR | DMA_FLAG_ADDR_INTR);
=20
@@ -699,8 +700,22 @@ static void rc4030_do_dma(void *opaque, int n, uint8=
_t *buf, int len, int is_wri
     dma_addr =3D s->dma_regs[n][DMA_REG_ADDRESS];
=20
     /* Read/write data at right place */
+#if 1 /* workaround for a bug in memory management */
+    for (i =3D 0; i < len; ) {
+        int ncpy =3D DMA_PAGESIZE - (dma_addr & (DMA_PAGESIZE - 1));
+        if (ncpy > len - i) {
+            ncpy =3D len - i;
+        }
+        address_space_rw(&s->dma_as, dma_addr, MEMTXATTRS_UNSPECIFIED,
+                         buf + i, ncpy, is_write);
+
+        dma_addr +=3D ncpy;
+        i +=3D ncpy;
+    }
+#else
     address_space_rw(&s->dma_as, dma_addr, MEMTXATTRS_UNSPECIFIED,
                      buf, len, is_write);
+#endif
=20
     s->dma_regs[n][DMA_REG_ENABLE] |=3D DMA_FLAG_TC_INTR;
     s->dma_regs[n][DMA_REG_COUNT] -=3D len;
--=20
2.1.4