From mboxrd@z Thu Jan  1 00:00:00 1970
Received: from eggs.gnu.org ([2001:4830:134:3::10]:51094)
	by lists.gnu.org with esmtp (Exim 4.71)
	(envelope-from <hpoussin@reactos.org>) id 1ZxAvB-0004y7-Sq
	for qemu-devel@nongnu.org; Fri, 13 Nov 2015 04:45:31 -0500
Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71)
	(envelope-from <hpoussin@reactos.org>) id 1ZxAv8-0002CY-MR
	for qemu-devel@nongnu.org; Fri, 13 Nov 2015 04:45:29 -0500
Message-ID: <5645B132.2070404@reactos.org>
Date: Fri, 13 Nov 2015 10:45:22 +0100
From: =?windows-1252?Q?Herv=E9_Poussineau?= <hpoussin@reactos.org>
MIME-Version: 1.0
References: <mailman.31561.1447387463.7903.qemu-ppc@nongnu.org>
	<11643EA3-BD07-4DD1-8599-1DD91D1CDE4D@gmail.com>
In-Reply-To: <11643EA3-BD07-4DD1-8599-1DD91D1CDE4D@gmail.com>
Content-Type: text/plain; charset=windows-1252; format=flowed
Content-Transfer-Encoding: quoted-printable
Subject: Re: [Qemu-devel] [Qemu-ppc] [PATCH for-2.5] mac_dbdma: always
 initialize channel field in DBDMA_channel
List-Id: <qemu-devel.nongnu.org>
List-Unsubscribe: <https://lists.nongnu.org/mailman/options/qemu-devel>,
	<mailto:qemu-devel-request@nongnu.org?subject=unsubscribe>
List-Archive: <http://lists.nongnu.org/archive/html/qemu-devel>
List-Post: <mailto:qemu-devel@nongnu.org>
List-Help: <mailto:qemu-devel-request@nongnu.org?subject=help>
List-Subscribe: <https://lists.nongnu.org/mailman/listinfo/qemu-devel>,
	<mailto:qemu-devel-request@nongnu.org?subject=subscribe>
To: Programmingkid <programmingkidx@gmail.com>, qemu-devel qemu-devel <qemu-devel@nongnu.org>
Cc: "qemu-ppc@nongnu.org list:PowerPC" <qemu-ppc@nongnu.org>

Le 13/11/2015 05:09, Programmingkid a =E9crit :
>
> On Nov 12, 2015, at 11:04 PM, qemu-ppc-request@nongnu.org wrote:
>
>> Message: 3
>> Date: Thu, 12 Nov 2015 22:24:08 +0100
>> From: Herv? Poussineau <hpoussin@reactos.org>
>> To: qemu-devel@nongnu.org
>> Cc: "open list:Old World" <qemu-ppc@nongnu.org>, Herv? Poussineau
>> 	<hpoussin@reactos.org>
>> Subject: [Qemu-ppc] [PATCH for-2.5] mac_dbdma: always initialize
>> 	channel	field in DBDMA_channel
>> Message-ID: <1447363448-20405-1-git-send-email-hpoussin@reactos.org>
>> Content-Type: text/plain; charset=3DUTF-8
>>
>> dbdma_from_ch() uses channel field to return the right DBDMA object.
>> Previous code was working if guest OS was only using registered DMA ch=
annels.
>> However, it lead to QEMU crashes if guest OS was using unregistered DM=
A channels.
>>
>> Signed-off-by: Herv? Poussineau <hpoussin@reactos.org>
>> ---
>> hw/misc/macio/mac_dbdma.c | 2 +-
>> 1 file changed, 1 insertion(+), 1 deletion(-)
>>
>> diff --git a/hw/misc/macio/mac_dbdma.c b/hw/misc/macio/mac_dbdma.c
>> index 779683c..5ee8f02 100644
>> --- a/hw/misc/macio/mac_dbdma.c
>> +++ b/hw/misc/macio/mac_dbdma.c
>> @@ -557,7 +557,6 @@ void DBDMA_register_channel(void *dbdma, int nchan=
, qemu_irq irq,
>>      DBDMA_DPRINTF("DBDMA_register_channel 0x%x\n", nchan);
>>
>>      ch->irq =3D irq;
>> -    ch->channel =3D nchan;
>>      ch->rw =3D rw;
>>      ch->flush =3D flush;
>>      ch->io.opaque =3D opaque;
>> @@ -753,6 +752,7 @@ void* DBDMA_init (MemoryRegion **dbdma_mem)
>>      for (i =3D 0; i < DBDMA_CHANNELS; i++) {
>>          DBDMA_io *io =3D &s->channels[i].io;
>>          qemu_iovec_init(&io->iov, 1);
>> +        s->channels[i].channel =3D i;
>>      }
>>
>>      memory_region_init_io(&s->mem, NULL, &dbdma_ops, s, "dbdma", 0x10=
00);
>> --
>> 2.1.4
>
> What operating system(s) did you use to test this patch out?
>

It was during some custom tests with OpenBIOS, where i miswrote the IDE D=
MA channel.

However, you can see the problem by using this "patch":
diff --git a/hw/ide/macio.c b/hw/ide/macio.c
index 3ee962f..73dfec0 100644
--- a/hw/ide/macio.c
+++ b/hw/ide/macio.c
@@ -629,7 +629,7 @@ void macio_ide_init_drives(MACIOIDEState *s, DriveInf=
o **hd_table)
  void macio_ide_register_dma(MACIOIDEState *s, void *dbdma, int channel)
  {
      s->dbdma =3D dbdma;
-    DBDMA_register_channel(dbdma, channel, s->dma_irq,
+    DBDMA_register_channel(dbdma, channel + 1, s->dma_irq,
                             pmac_ide_transfer, pmac_ide_flush, s);
  }

And starting whatever operating system. As soon as DMA is used to read th=
e disk/cdrom, QEMU will crash.

Regards,

Herv=E9