mirror of
https://github.com/qemu/qemu.git
synced 2025-10-31 12:07:31 +00:00
55a7cb144d
We set up TLB entries in tlb_set_page_with_attrs(), where we have some logic for determining whether the TLB entry is considered to be RAM-backed, and thus has a valid addend field. When we look at the TLB entry in get_page_addr_code(), we use different logic for determining whether to treat the page as RAM-backed and use the addend field. This is confusing, and in fact buggy, because the code in tlb_set_page_with_attrs() correctly decides that rom_device memory regions not in romd mode are not RAM-backed, but the code in get_page_addr_code() thinks they are RAM-backed. This typically results in "Bad ram pointer" assertion if the guest tries to execute from such a memory region. Fix this by making get_page_addr_code() just look at the TLB_MMIO bit in the code_address field of the TLB, which tlb_set_page_with_attrs() sets if and only if the addend field is not valid for code execution. Signed-off-by: Peter Maydell <peter.maydell@linaro.org> Reviewed-by: Richard Henderson <richard.henderson@linaro.org> Tested-by: Philippe Mathieu-Daudé <f4bug@amsat.org> Message-id: 20180713150945.12348-1-peter.maydell@linaro.org |
||
|---|---|---|
| .. | ||
| user | ||
| address-spaces.h | ||
| cpu_ldst_template.h | ||
| cpu_ldst_useronly_template.h | ||
| cpu_ldst.h | ||
| cpu-all.h | ||
| cpu-common.h | ||
| cpu-defs.h | ||
| cputlb.h | ||
| exec-all.h | ||
| gdbstub.h | ||
| gen-icount.h | ||
| helper-gen.h | ||
| helper-head.h | ||
| helper-proto.h | ||
| helper-tcg.h | ||
| hwaddr.h | ||
| ioport.h | ||
| log.h | ||
| memattrs.h | ||
| memory_ldst_cached.inc.h | ||
| memory_ldst_phys.inc.h | ||
| memory_ldst.inc.h | ||
| memory-internal.h | ||
| memory.h | ||
| poison.h | ||
| ram_addr.h | ||
| ramlist.h | ||
| semihost.h | ||
| softmmu-semi.h | ||
| target_page.h | ||
| tb-context.h | ||
| tb-hash-xx.h | ||
| tb-hash.h | ||
| tb-lookup.h | ||
| translator.h | ||