On Tue, Sep 03, 2019 at 05:50:56PM +0100, Peter Maydell wrote: > On Tue, 3 Sep 2019 at 17:47, Tony Nguyen <tony.ngu...@bt.com> wrote: > > > > On Tue, Sep 03, 2019 at 11:25:28AM +0100, Peter Maydell wrote: > > > On Mon, 2 Sep 2019 at 02:36, Tony Nguyen <tony.ngu...@bt.com> wrote: > > > > > > > > Existing read rejecting validator was mistakenly cleared. > > > > > > > > Reads dispatched to io_mem_notdirty then segfaults as there is no read > > > > handler. > > > > > > Do you have the commit hash for where we introduced the > > > bug that this is fixing? > > > > > > thanks > > > -- PMM > > > > > > > ad52878f97610757390148fe5d5b4cc5ad15c585. > > > > Please feel free to amend my commit message. > > Thanks. > > > I do not understand why sun4u booting Solaris 10 triggers the bug. > > Do you have a backtrace of QEMU from the segfault? I'm having trouble > thinking of what the situation is when we'd try to invoke the > read handler on io_mem_notdirty...
I've no good understanding of how PHYS_SECTION_NOTDIRTY is used yet... though from what I understand that's the thing this patch wants to fix. Because after the broken commit, this line will be overwritten: .valid.accepts = notdirty_mem_accepts, and accept() will be reset to NULL. With that, memory_region_access_valid(is_write=false) could return valid now (so a read could happen), while it should never, logically? Regards, -- Peter Xu