On Thu, Oct 25, 2012 at 03:47:34PM +0200, Avi Kivity wrote: > On 10/24/2012 04:00 PM, Aurelien Jarno wrote: > > > > mips is also broken but by commit 1c380f9460522f32c8dd2577b2a53d518ec91c6d: > > > > | [ 0.436000] PCI: Enabling device 0000:00:0a.1 (0000 -> 0001) > > | Segmentation fault (core dumped) > > > > How do you reproduce it?
You can use the mips kernel version 2.6.32 from: http://people.debian.org/~aurel32/qemu/mips/ Then just run it with the following command: qemu-system-mips -M malta -kernel vmlinux-2.6.32-5-4kc-malta -append "console=tty0" (You can also get the README command line if you don't care about downloading the disk image). > Does this patch fix it for you? Thanks for this patch. Unfortunately it doesn't. In the mean time, I have also found that it's possible to workaround the issue by using -vga none or -vga std (instead of the default cirrus). I don't know if it rings a bell for you. > From: Avi Kivity <a...@redhat.com> > Date: Thu, 11 Oct 2012 12:40:24 +0200 > Subject: [PATCH] memory: limit sections in the radix tree to the actual > address space size > > The radix tree is statically sized to fit TARGET_PHYS_ADDR_SPACE_BITS. > If a larger memory region is registered, it will overflow. > > Fix by limiting any section in the radix tree to the supported size. > > This problem was not observed earlier since artificial regions (containers > and aliases) are eliminated by the memory core, leaving only device regions > which have reasonable sizes. An IOMMU however cannot be eliminated by the > memory core, and may have an artificial size. > > Signed-off-by: Avi Kivity <a...@redhat.com> > > diff --git a/exec.c b/exec.c > index b0ed593..deee8ec 100644 > --- a/exec.c > +++ b/exec.c > @@ -2280,10 +2280,23 @@ static void register_multipage(AddressSpaceDispatch > *d, MemoryRegionSection *sec > section_index); > } > > +static MemoryRegionSection limit(MemoryRegionSection section) > +{ > + unsigned practical_as_bits = MIN(TARGET_PHYS_ADDR_SPACE_BITS, 62); > + hwaddr as_limit; > + > + as_limit = (hwaddr)1 << practical_as_bits; > + > + section.size = MIN(section.offset_within_address_space + section.size, > as_limit) > + - section.offset_within_address_space; > + > + return section; > +} > + > static void mem_add(MemoryListener *listener, MemoryRegionSection *section) > { > AddressSpaceDispatch *d = container_of(listener, AddressSpaceDispatch, > listener); > - MemoryRegionSection now = *section, remain = *section; > + MemoryRegionSection now = limit(*section), remain = limit(*section); > > if ((now.offset_within_address_space & ~TARGET_PAGE_MASK) > || (now.size < TARGET_PAGE_SIZE)) { > > > > -- > error compiling committee.c: too many arguments to function > > -- Aurelien Jarno GPG: 1024D/F1BCDB73 aurel...@aurel32.net http://www.aurel32.net