From mboxrd@z Thu Jan  1 00:00:00 1970
Received: from eggs.gnu.org ([208.118.235.92]:57316)
	by lists.gnu.org with esmtp (Exim 4.71)
	(envelope-from <avi@redhat.com>) id 1S9DJr-000355-LJ
	for qemu-devel@nongnu.org; Sun, 18 Mar 2012 06:26:36 -0400
Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71)
	(envelope-from <avi@redhat.com>) id 1S9DJp-0000az-Rv
	for qemu-devel@nongnu.org; Sun, 18 Mar 2012 06:26:35 -0400
Received: from mx1.redhat.com ([209.132.183.28]:19573)
	by eggs.gnu.org with esmtp (Exim 4.71)
	(envelope-from <avi@redhat.com>) id 1S9DJp-0000ap-Jz
	for qemu-devel@nongnu.org; Sun, 18 Mar 2012 06:26:33 -0400
Message-ID: <4F65B854.5070008@redhat.com>
Date: Sun, 18 Mar 2012 12:26:28 +0200
From: Avi Kivity <avi@redhat.com>
MIME-Version: 1.0
References: <1331227233-18601-1-git-send-email-avi@redhat.com>
	<1331227233-18601-4-git-send-email-avi@redhat.com>
	<4F6241C2.1060208@gmail.com>
In-Reply-To: <4F6241C2.1060208@gmail.com>
Content-Type: text/plain; charset=ISO-8859-1
Content-Transfer-Encoding: 7bit
Subject: Re: [Qemu-devel] [PATCH 3/5] exec: fix code tlb entry misused as
 iotlb in get_page_addr_code()
List-Id: <qemu-devel.nongnu.org>
List-Unsubscribe: <https://lists.nongnu.org/mailman/options/qemu-devel>,
	<mailto:qemu-devel-request@nongnu.org?subject=unsubscribe>
List-Archive: <http://lists.nongnu.org/archive/html/qemu-devel>
List-Post: <mailto:qemu-devel@nongnu.org>
List-Help: <mailto:qemu-devel-request@nongnu.org?subject=help>
List-Subscribe: <https://lists.nongnu.org/mailman/listinfo/qemu-devel>,
	<mailto:qemu-devel-request@nongnu.org?subject=subscribe>
To: jcmvbkbc <jcmvbkbc@gmail.com>
Cc: qemu-devel@nongnu.org

On 03/15/2012 09:23 PM, jcmvbkbc wrote:
> Hi.
>
>> get_page_addr_code() reads a code tlb entry, but interprets it as an
>> iotlb entry.  This works by accident since the low bits of a RAM code
>> tlb entry are clear, and match a RAM iotlb entry.  This accident is
>> about to unhappen, so fix the code to use an iotlb entry (using the
>> code entry with TLB_MMIO may fail if the page is a watchpoint).
>>
>> Signed-off-by: Avi Kivity<avi@redhat.com>
>> ---
>>   exec.c |    2 +-
>>   1 files changed, 1 insertions(+), 1 deletions(-)
>>
>> diff --git a/exec.c b/exec.c
>> index a35eb4f..f26d1b0 100644
>> --- a/exec.c
>> +++ b/exec.c
>> @@ -4685,7 +4685,7 @@ tb_page_addr_t get_page_addr_code(CPUState
>> *env1, target_ulong addr)
>>                    (addr&  TARGET_PAGE_MASK))) {
>>           ldub_code(addr);
>>       }
>> -    pd = env1->tlb_table[mmu_idx][page_index].addr_code& 
>> ~TARGET_PAGE_MASK;
>> +    pd = env1->iotlb[mmu_idx][page_index]&  ~TARGET_PAGE_MASK;
>>       if (pd != io_mem_ram.ram_addr&&  pd != io_mem_rom.ram_addr
>>           &&  !io_mem_region[pd]->rom_device) {
>>   #if defined(TARGET_ALPHA) || defined(TARGET_MIPS) ||
>> defined(TARGET_SPARC)
>
> With this patch xtensa debug option unit test causes qemu abort with
> the message
>
>  qemu: fatal: Trying to execute code outside RAM or ROM at 0xd000088c
>
> This happens immediately after a watchpoint setup for a data
> breakpoint at the same memory page where the currently
> executed code is located. Any idea on how to fix it?

Can you provide details on how to reproduce this?

-- 
error compiling committee.c: too many arguments to function