From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from eggs.gnu.org ([2001:4830:134:3::10]:59635) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1Wn4Sh-0002Ua-8K for qemu-devel@nongnu.org; Wed, 21 May 2014 07:13:35 -0400 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1Wn4Sc-00048C-PF for qemu-devel@nongnu.org; Wed, 21 May 2014 07:13:31 -0400 Received: from mx1.redhat.com ([209.132.183.28]:45737) by eggs.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1Wn4Sc-000487-FM for qemu-devel@nongnu.org; Wed, 21 May 2014 07:13:26 -0400 Message-ID: <537C8A51.2080008@redhat.com> Date: Wed, 21 May 2014 13:13:21 +0200 From: Paolo Bonzini MIME-Version: 1.0 References: <1400270365-12316-1-git-send-email-pbonzini@redhat.com> <1400270365-12316-4-git-send-email-pbonzini@redhat.com> <20140520215433.GA19697@morn.localdomain> In-Reply-To: <20140520215433.GA19697@morn.localdomain> Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit Subject: Re: [Qemu-devel] [PATCH 3/3] target-i386: get CPL from SS.DPL List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , To: Kevin O'Connor Cc: qemu-devel@nongnu.org Il 20/05/2014 23:54, Kevin O'Connor ha scritto: > On Fri, May 16, 2014 at 09:59:25PM +0200, Paolo Bonzini wrote: >> CS.RPL is not equal to the CPL in the few instructions between >> setting CR0.PE and reloading CS. We get this right in the common >> case, because writes to CR0 do not modify the CPL, but it would >> not be enough if an SMI comes exactly during that brief period. >> Were this to happen, the RSM instruction would erroneously set >> CPL to the low two bits of the real-mode selector; and if they are >> not 00, the next instruction fetch cannot access the code segment >> and causes a triple fault. >> >> However, SS.DPL *is* always equal to the CPL. In real processors >> (AMD only) there is a weird case of SYSRET setting SS.DPL=SS.RPL >> from the STAR register while forcing CPL=3, but we do not emulate >> that. > > I was in the process of testing something else, when I encountered a > problem with an old MSDOS 6.22 floppy I had. I tracked it down to an > error in one of the commits I did in this series (I sent a fix in a > separate email for it). > > Unfortunately, after I fixed the problem in my patch, your patch above > breaks it again. I think it's another VM86 thing. > > Steps to reproduce: > > 1 - grab the DOS 6.22 floppy from: http://bootdisk.com/bootdisk.htm > > 2 - boot it up and add emm386.exe to config.sys ("edit config.sys" and > add "DEVICE=EMM386.EXE" on the second line of the file). > > 3 - reboot with modified config.sys I cannot reproduce this. I can see the breakage with current master, and I can see your patch fixing it. It keeps working with these changes. Please try branch cpl-queue at git://github.com/bonzini/qemu.git and see if it works for you too. My QEMU command line is simply "-fda boot622.img". Paolo