On Fri, 2007-09-21 at 15:42 +1000, David Gibson wrote: > On Thu, Sep 20, 2007 at 10:34:12PM -0500, Hollis Blanchard wrote: > > I seem to have come across a strange bug while doing KVM development. It > > seems that the final tlbwe in finish_tlb (head_44x.S) is actually > > leaking RPN bits into the "attribute" word. > > > > When I set a breakpoint there and press enter on the serial console, I > > see r12=ef600703, which is the physical address of the UART on this chip > > (440EP), plus the correct permission bits at the bottom. > > > > Am I crazy? I'm not really looking to step through that assembly right > > now... Clearly (current) hardware is just ignoring these errant writes, > > but it should be fixed. > > A quick glance at the code suggests this is indeed wrong. Hurrah. > Another reason to rewrite the 44x tlb miss handling.
Actually it's slightly worse than I thought. Not only are we setting "0" bits in the TLB word, I'm also seeing mappings like this: pid word0 word1 word2 00000001 7fe4f210 00209000 00200349 That means WIMG=0011, which seems inappropriate for userspace mappings. (Oh and we're also writing to the only reserved bit in word2.) -- Hollis Blanchard IBM Linux Technology Center _______________________________________________ Linuxppc-dev mailing list Linuxppc-dev@ozlabs.org https://ozlabs.org/mailman/listinfo/linuxppc-dev