On Fri, Jan 6, 2017 at 2:23 AM, Peter Maydell <peter.mayd...@linaro.org> wrote:
> On 5 January 2017 at 22:52, Max Filippov <jcmvb...@gmail.com> wrote:
>> Hello,
>>
>> debugging XIP kernel running directly from CFI FLASH I've got to a point
>> where QEMU aborts with the message "Bad ram pointer 0xbb4".
>>
>> It turns out that that happens when QEMU tries to translate code from FLASH
>> immediately after the kernel has written to the FLASH address range:
>> writing to FLASH address range turns off romd_mode of its memory region:
>
> This sounds like
> https://lists.nongnu.org/archive/html/qemu-devel/2016-08/msg03273.html
Right. Strange that I haven't found it...
> It's a bug that we fail with this unhelpful message and abort,
> but the fix to the bug would only cause us to print the more
> useful "can't execute from a device" instead. You can't
> execute from a ROM that's not in ROMD mode, I'm afraid.
Yes, aborting is my main concern.
Shouldn't we do something like the following?
diff --git a/exec.c b/exec.c
index 8d4bb0e..d3f1818 100644
--- a/exec.c
+++ b/exec.c
@@ -381,7 +381,8 @@ static MemoryRegionSection
*phys_page_find(PhysPageEntry lp, hwaddr addr,
bool memory_region_is_unassigned(MemoryRegion *mr)
{
- return mr != &io_mem_rom && mr != &io_mem_notdirty && !mr->rom_device
+ return mr != &io_mem_rom && mr != &io_mem_notdirty
+ && !(mr->rom_device && mr->romd_mode)
&& mr != &io_mem_watch;
}
--
Thanks.
-- Max
