From mboxrd@z Thu Jan  1 00:00:00 1970
Received: from mailman by lists.gnu.org with tmda-scanned (Exim 4.43)
	id 1KDjZz-0001Wz-It
	for qemu-devel@nongnu.org; Tue, 01 Jul 2008 13:23:47 -0400
Received: from exim by lists.gnu.org with spam-scanned (Exim 4.43)
	id 1KDjZx-0001VP-Ke
	for qemu-devel@nongnu.org; Tue, 01 Jul 2008 13:23:46 -0400
Received: from [199.232.76.173] (port=45572 helo=monty-python.gnu.org)
	by lists.gnu.org with esmtp (Exim 4.43) id 1KDjZx-0001VC-Eh
	for qemu-devel@nongnu.org; Tue, 01 Jul 2008 13:23:45 -0400
Received: from nomad.cncware.com ([216.18.236.20]:51744)
	by monty-python.gnu.org with esmtps
	(TLS-1.0:DHE_RSA_AES_256_CBC_SHA1:32) (Exim 4.60)
	(envelope-from <cliff@snipe444.org>) id 1KDjZx-0004wd-C4
	for qemu-devel@nongnu.org; Tue, 01 Jul 2008 13:23:45 -0400
Received: from blitzen.snipe444.org (c-98-203-166-24.hsd1.wa.comcast.net
	[98.203.166.24])
	by nomad.cncware.com (8.13.8/8.13.1) with SMTP id m61H7OwR017095
	for <qemu-devel@nongnu.org>; Tue, 1 Jul 2008 10:07:25 -0700
Date: Tue, 1 Jul 2008 10:23:38 -0700
From: Cliff Wright <cliff@snipe444.org>
Message-Id: <20080701102338.e756a168.cliff@snipe444.org>
Mime-Version: 1.0
Content-Type: multipart/mixed;
	boundary="Multipart=_Tue__1_Jul_2008_10_23_38_-0700_fERWeNUO8t6YSmSe"
Subject: [Qemu-devel] sparc dma length bug(and fix) seen with NetBSD
Reply-To: qemu-devel@nongnu.org
List-Id: qemu-devel.nongnu.org
List-Unsubscribe: <http://lists.nongnu.org/mailman/listinfo/qemu-devel>,
	<mailto:qemu-devel-request@nongnu.org?subject=unsubscribe>
List-Archive: <http://lists.gnu.org/pipermail/qemu-devel>
List-Post: <mailto:qemu-devel@nongnu.org>
List-Help: <mailto:qemu-devel-request@nongnu.org?subject=help>
List-Subscribe: <http://lists.nongnu.org/mailman/listinfo/qemu-devel>,
	<mailto:qemu-devel-request@nongnu.org?subject=subscribe>
To: qemu-devel@nongnu.org

This is a multi-part message in MIME format.

--Multipart=_Tue__1_Jul_2008_10_23_38_-0700_fERWeNUO8t6YSmSe
Content-Type: text/plain; charset=US-ASCII
Content-Transfer-Encoding: 7bit

Using QEMU 0.9.1 for sparc emulation, a dma length bug is seen with NetBSD.
When an 8192 byte block is read to memory using dma into non-contiguous
memory, the 2nd 4k block of contiguous memory is also written to.
This is due to an incorrect variable being used for length.
See the attached patch. I see the same bug on subversion trunk.

-- 
Cliff Wright <cliff@snipe444.org>

--Multipart=_Tue__1_Jul_2008_10_23_38_-0700_fERWeNUO8t6YSmSe
Content-Type: text/plain;
 name="patch2.txt"
Content-Disposition: attachment;
 filename="patch2.txt"
Content-Transfer-Encoding: 7bit

--- qemu-0.9.1/hw/iommu.c.orig	2008-01-06 11:38:42.000000000 -0800
+++ qemu-0.9.1/hw/iommu.c	2008-07-01 10:10:42.000000000 -0700
@@ -293,9 +293,9 @@
                 iommu_bad_addr(opaque, page, is_write);
                 return;
             }
-            cpu_physical_memory_write(phys_addr, buf, len);
+            cpu_physical_memory_write(phys_addr, buf, l);
         } else {
-            cpu_physical_memory_read(phys_addr, buf, len);
+            cpu_physical_memory_read(phys_addr, buf, l);
         }
         len -= l;
         buf += l;

--Multipart=_Tue__1_Jul_2008_10_23_38_-0700_fERWeNUO8t6YSmSe--