qemu/accel/tcg
Peter Maydell 55a7cb144d accel/tcg: Check whether TLB entry is RAM consistently with how we set it up
We set up TLB entries in tlb_set_page_with_attrs(), where we have
some logic for determining whether the TLB entry is considered
to be RAM-backed, and thus has a valid addend field. When we
look at the TLB entry in get_page_addr_code(), we use different
logic for determining whether to treat the page as RAM-backed
and use the addend field. This is confusing, and in fact buggy,
because the code in tlb_set_page_with_attrs() correctly decides
that rom_device memory regions not in romd mode are not RAM-backed,
but the code in get_page_addr_code() thinks they are RAM-backed.
This typically results in "Bad ram pointer" assertion if the
guest tries to execute from such a memory region.

Fix this by making get_page_addr_code() just look at the
TLB_MMIO bit in the code_address field of the TLB, which
tlb_set_page_with_attrs() sets if and only if the addend
field is not valid for code execution.

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Tested-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
Message-id: 20180713150945.12348-1-peter.maydell@linaro.org
2018-08-14 17:17:19 +01:00
..
atomic_template.h trace: enable tracing of TCG atomics 2018-06-27 11:09:24 +01:00
cpu-exec-common.c icount: fix cpu_restore_state_from_tb for non-tb-exit cases 2018-04-11 09:05:22 +10:00
cpu-exec.c accel/tcg: Handle get_page_addr_code() returning -1 in hashtable lookups 2018-08-14 17:17:19 +01:00
cputlb.c accel/tcg: Check whether TLB entry is RAM consistently with how we set it up 2018-08-14 17:17:19 +01:00
Makefile.objs
softmmu_template.h accel/tcg: Pass read access type through to io_readx() 2018-08-14 17:17:19 +01:00
tcg-all.c
tcg-runtime-gvec.c
tcg-runtime.c
tcg-runtime.h tcg: Introduce atomic helpers for integer min/max 2018-05-10 18:10:57 +01:00
trace-events
translate-all.c accel/tcg: tb_gen_code(): Create single-insn TB for execution from non-RAM 2018-08-14 17:17:19 +01:00
translate-all.h move public invalidate APIs out of translate-all.{c,h}, clean up 2018-06-28 19:05:30 +02:00
translator.c translator: merge max_insns into DisasContextBase 2018-05-09 10:12:21 -07:00
user-exec-stub.c i386/cpu: make -cpu host support monitor/mwait 2018-06-29 13:02:47 +02:00
user-exec.c icount: fix cpu_restore_state_from_tb for non-tb-exit cases 2018-04-11 09:05:22 +10:00