From mboxrd@z Thu Jan  1 00:00:00 1970
Received: from mailman by lists.gnu.org with tmda-scanned (Exim 4.33)
	id 1Cdrj7-0001e0-Ph
	for qemu-devel@nongnu.org; Mon, 13 Dec 2004 10:03:05 -0500
Received: from exim by lists.gnu.org with spam-scanned (Exim 4.33)
	id 1Cdrj6-0001cr-8d
	for qemu-devel@nongnu.org; Mon, 13 Dec 2004 10:03:04 -0500
Received: from [199.232.76.173] (helo=monty-python.gnu.org)
	by lists.gnu.org with esmtp (Exim 4.33) id 1Cdrj6-0001cg-0P
	for qemu-devel@nongnu.org; Mon, 13 Dec 2004 10:03:04 -0500
Received: from [64.233.184.193] (helo=wproxy.gmail.com)
	by monty-python.gnu.org with esmtp (Exim 4.34) id 1CdrYu-0007bh-Cj
	for qemu-devel@nongnu.org; Mon, 13 Dec 2004 09:52:32 -0500
Received: by wproxy.gmail.com with SMTP id 70so887846wra
	for <qemu-devel@nongnu.org>; Mon, 13 Dec 2004 06:52:13 -0800 (PST)
Message-ID: <da63183704121306524ea9ac3d@mail.gmail.com>
Date: Mon, 13 Dec 2004 15:52:12 +0100
From: Piotras <piotras@gmail.com>
Mime-Version: 1.0
Content-Type: multipart/mixed;
	boundary="----=_Part_1742_2005707.1102949532907"
Subject: [Qemu-devel] page fault during ins
Reply-To: Piotras <piotras@gmail.com>, qemu-devel@nongnu.org
List-Id: qemu-devel.nongnu.org
List-Unsubscribe: <http://lists.nongnu.org/mailman/listinfo/qemu-devel>,
	<mailto:qemu-devel-request@nongnu.org?subject=unsubscribe>
List-Archive: <http://lists.gnu.org/pipermail/qemu-devel>
List-Post: <mailto:qemu-devel@nongnu.org>
List-Help: <mailto:qemu-devel-request@nongnu.org?subject=help>
List-Subscribe: <http://lists.nongnu.org/mailman/listinfo/qemu-devel>,
	<mailto:qemu-devel-request@nongnu.org?subject=subscribe>
To: qemu-devel@nongnu.org

------=_Part_1742_2005707.1102949532907
Content-Type: text/plain; charset=US-ASCII
Content-Transfer-Encoding: 7bit
Content-Disposition: inline

Hi!

The current implementation of ins (Input from Port to String) is 
not-restartable. If page fault occurs during write, the port read 
is redone and for some devices this may give unexpected results.

This is different from what real CPU does. From my tests with 
Pentium II it seems that the CPU first makes sure that data can 
be written, and then issue IO read. I'm attaching my test program 
-- it may do harm to your system, so be very careful. The test 
assumes that there is a CDROM connected as master to second 
IDE controller (hdc).


Regards,

Piotrek

------=_Part_1742_2005707.1102949532907
Content-Type: text/x-csrc; name="test-ide.c"
Content-Transfer-Encoding: quoted-printable
Content-Disposition: attachment; filename="test-ide.c"

#include <sys/io.h>
#include <sys/mman.h>
#include <signal.h>
#include <stdio.h>
#include <stdint.h>


uint16_t *data;

void segv()
{
    printf("SEGV\n");
    data =3D mmap(data, 4096, PROT_READ | PROT_WRITE,
                MAP_PRIVATE | MAP_ANONYMOUS | MAP_FIXED, -1, 0);
    if (data =3D=3D MAP_FAILED) {
        exit(1);
    }
}

int main()
{
    int i;
    unsigned char v;
=20
    data =3D mmap(0, 4096, PROT_NONE,
                MAP_PRIVATE | MAP_ANONYMOUS, -1, 0);
    if (data =3D=3D MAP_FAILED) {
        exit(1);
    }
    signal(SIGSEGV, segv);

    iopl(3);

    do {
        v =3D inb(0x0177);
    } while ((v & 0xc0) !=3D 0x40);
    outb(0x00, 0x0176);
    outb(0xa1, 0x0177);
    do {
        v =3D inb(0x0177);
    } while ((v & 0x08) !=3D 0x08);
    insw(0x0170, data, 256);
    for(i =3D 0; i < 256; ++ i) {
        printf("%04x%c", data[i], (i % 8 !=3D 7)? ' ': '\n');
    }
}

------=_Part_1742_2005707.1102949532907--