Hi,
I found a bug in the subpage checking code. Could you try if the
attached patch fixes the problem?
Index: qemu/exec.c
===================================================================
--- qemu.orig/exec.c 2007-05-29 18:39:35.000000000 +0000
+++ qemu/exec.c 2007-05-29 18:39:54.000000000 +0000
@@ -1922,7 +1922,7 @@
need_subpage = 1; \
} \
\
- if (end_addr - addr > TARGET_PAGE_SIZE) \
+ if (end_addr - addr >= TARGET_PAGE_SIZE) \
end_addr2 = TARGET_PAGE_SIZE - 1; \
else { \
end_addr2 = (start_addr + orig_size - 1) & ~TARGET_PAGE_MASK; \
