From 55a7cb144d8565583d31c323672745f87fca9954 Mon Sep 17 00:00:00 2001 From: Peter Maydell Date: Tue, 14 Aug 2018 17:17:19 +0100 Subject: accel/tcg: Check whether TLB entry is RAM consistently with how we set it up MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit We set up TLB entries in tlb_set_page_with_attrs(), where we have some logic for determining whether the TLB entry is considered to be RAM-backed, and thus has a valid addend field. When we look at the TLB entry in get_page_addr_code(), we use different logic for determining whether to treat the page as RAM-backed and use the addend field. This is confusing, and in fact buggy, because the code in tlb_set_page_with_attrs() correctly decides that rom_device memory regions not in romd mode are not RAM-backed, but the code in get_page_addr_code() thinks they are RAM-backed. This typically results in "Bad ram pointer" assertion if the guest tries to execute from such a memory region. Fix this by making get_page_addr_code() just look at the TLB_MMIO bit in the code_address field of the TLB, which tlb_set_page_with_attrs() sets if and only if the addend field is not valid for code execution. Signed-off-by: Peter Maydell Reviewed-by: Richard Henderson Tested-by: Philippe Mathieu-Daudé Message-id: 20180713150945.12348-1-peter.maydell@linaro.org --- exec.c | 6 ------ 1 file changed, 6 deletions(-) (limited to 'exec.c') diff --git a/exec.c b/exec.c index 4f5df07b6a..e7be0761c2 100644 --- a/exec.c +++ b/exec.c @@ -402,12 +402,6 @@ static MemoryRegionSection *phys_page_find(AddressSpaceDispatch *d, hwaddr addr) } } -bool memory_region_is_unassigned(MemoryRegion *mr) -{ - return mr != &io_mem_rom && mr != &io_mem_notdirty && !mr->rom_device - && mr != &io_mem_watch; -} - /* Called from RCU critical section */ static MemoryRegionSection *address_space_lookup_region(AddressSpaceDispatch *d, hwaddr addr, -- cgit v1.2.3