This was a long pending bug, now revealed by the assert in
phys_page_find that stumbled over the large page index returned by
cpu_get_phys_page_debug for NX-marked pages.
Signed-off-by: Jan Kiszka <jan.kis...@siemens.com>
---
Was easily triggerable by attaching gdb to the guest and doing some
backtraces that reached into stack addresses.
target-i386/helper.c | 2 +-
1 files changed, 1 insertions(+), 1 deletions(-)
diff --git a/target-i386/helper.c b/target-i386/helper.c
index af6bba2..40fe407 100644
--- a/target-i386/helper.c
+++ b/target-i386/helper.c
@@ -947,7 +947,7 @@ target_phys_addr_t cpu_get_phys_page_debug(CPUState *env,
target_ulong addr)
}
page_offset = (addr & TARGET_PAGE_MASK) & (page_size - 1);
- paddr = (pte & TARGET_PAGE_MASK) + page_offset;
+ paddr = (pte & TARGET_PAGE_MASK & ~PG_NX_MASK) + page_offset;
return paddr;
}
--
1.7.3.4
