From mboxrd@z Thu Jan  1 00:00:00 1970
Received: from mailman by lists.gnu.org with tmda-scanned (Exim 4.43)
	id 1Jffji-0002yf-Od
	for qemu-devel@nongnu.org; Sat, 29 Mar 2008 14:25:02 -0400
Received: from exim by lists.gnu.org with spam-scanned (Exim 4.43)
	id 1Jffjg-0002yP-DQ
	for qemu-devel@nongnu.org; Sat, 29 Mar 2008 14:25:01 -0400
Received: from [199.232.76.173] (helo=monty-python.gnu.org)
	by lists.gnu.org with esmtp (Exim 4.43) id 1Jffjg-0002yM-5a
	for qemu-devel@nongnu.org; Sat, 29 Mar 2008 14:25:00 -0400
Received: from smtp3-g19.free.fr ([212.27.42.29])
	by monty-python.gnu.org with esmtp (Exim 4.60)
	(envelope-from <hpoussin@reactos.org>) id 1Jffjf-0004RS-Sb
	for qemu-devel@nongnu.org; Sat, 29 Mar 2008 14:25:00 -0400
Received: from smtp3-g19.free.fr (localhost.localdomain [127.0.0.1])
	by smtp3-g19.free.fr (Postfix) with ESMTP id 4E8EB17B55A
	for <qemu-devel@nongnu.org>; Sat, 29 Mar 2008 19:24:59 +0100 (CET)
Received: from [127.0.0.1] (rob92-10-88-171-126-33.fbx.proxad.net
	[88.171.126.33])
	by smtp3-g19.free.fr (Postfix) with ESMTP id F3ED617B589
	for <qemu-devel@nongnu.org>; Sat, 29 Mar 2008 19:24:58 +0100 (CET)
Message-ID: <47EE896F.3030906@reactos.org>
Date: Sat, 29 Mar 2008 19:24:47 +0100
From: =?ISO-8859-1?Q?Herv=E9_Poussineau?= <hpoussin@reactos.org>
MIME-Version: 1.0
Content-Type: multipart/mixed; boundary="------------000604050207020403010701"
Subject: [Qemu-devel] [PATCH] [MIPS] Fix infinite loop when invalidating TLB
Reply-To: qemu-devel@nongnu.org
List-Id: qemu-devel.nongnu.org
List-Unsubscribe: <http://lists.nongnu.org/mailman/listinfo/qemu-devel>,
	<mailto:qemu-devel-request@nongnu.org?subject=unsubscribe>
List-Archive: <http://lists.gnu.org/pipermail/qemu-devel>
List-Post: <mailto:qemu-devel@nongnu.org>
List-Help: <mailto:qemu-devel-request@nongnu.org?subject=help>
List-Subscribe: <http://lists.nongnu.org/mailman/listinfo/qemu-devel>,
	<mailto:qemu-devel-request@nongnu.org?subject=subscribe>
To: qemu-devel@nongnu.org

This is a multi-part message in MIME format.
--------------000604050207020403010701
Content-Type: text/plain; charset=ISO-8859-1; format=flowed
Content-Transfer-Encoding: quoted-printable

Hi,

In certain conditions, MIPS R4K TLB invalidation can lead to an infinite=20
loop.
If 'end' address is 0xffffffffffffffff, invalidation loop should stop=20
once 'addr' has flushed address 0xfffffffffffff000.
Attached patch fixes this issue.

Herv=E9

--------------000604050207020403010701
Content-Type: text/plain;
 name="invalidate_last_page.patch"
Content-Transfer-Encoding: 7bit
Content-Disposition: inline;
 filename="invalidate_last_page.patch"

Index: target-mips/helper.c
===================================================================
RCS file: /sources/qemu/qemu/target-mips/helper.c,v
retrieving revision 1.63
diff -u -r1.63 target-mips/helper.c
--- target-mips/helper.c	4 Jan 2008 17:52:57 -0000	1.63
+++ target-mips/helper.c	28 Mar 2008 07:47:46 -0000
@@ -630,7 +630,7 @@
         }
 #endif
         end = addr | mask;
-        while (addr < end) {
+        while (addr - 1 < end) {
             tlb_flush_page (env, addr);
             addr += TARGET_PAGE_SIZE;
         }

--------------000604050207020403010701--