Re: [Qemu-devel] [PATCH] workaround qemu guest SIGSEGVs with cmpxchg8b insn
So a better fix would be something like this?
Index: target-i386/translate.c
===
RCS file: /cvsroot/qemu/qemu/target-i386/translate.c,v
retrieving revision 1.62
diff -u -B -C5 -r1.62 translate.c
*** target-i386/translate.c 16 Jan 2007 19:28:58 - 1.62
--- target-i386/translate.c 12 Mar 2007 10:46:21 -
***
*** 3795,3804
--- 3795,3805
case 0x1c7: /* cmpxchg8b */
modrm = ldub_code(s-pc++);
mod = (modrm 6) 3;
if (mod == 3)
goto illegal_op;
+ gen_jmp_im(pc_start - s-cs_base);
if (s-cc_op != CC_OP_DYNAMIC)
gen_op_set_cc_op(s-cc_op);
gen_lea_modrm(s, modrm, reg_addr, offset_addr);
gen_op_cmpxchg8b();
s-cc_op = CC_OP_EFLAGS;
OK for the bug. The proper patch is to set the EIP before executing the
instruction, as it is done for the other helpers which can generate
exceptions. I'll try to make a fix ASAP.
Regards,
Fabrice.
Juergen Keil wrote:
Current Solaris x86 Developer Express doesn't install any more as qemu
guest
- qemu 0.9.0 + cvs (32bit), 768 mbyte memory (or more) allocated for guest
- kqemu *not* used
I doesn't install because the java virtual machine (used for the installer)
crashes with a SIGSEGV.
The following test program reproduces the problem. The second cmpxchg8b
instruction after the fork results in a copy-on-write page fault and
the process terminates with a core dump.
Same program runs on bare metal just fine.
The problem can be reproduced both with an opensolaris b55 guest or a
linux ubuntu guest, running inside an i386-softmmu qemu, and running it
with -no-kqemu.
/*
* cc -o cmpxchg cmpxchg.c
*/
#include stdio.h
#include stdlib.h
#include unistd.h
#include sys/types.h
#if 0
static int
cmpxchg64(int64_t *mem, int64_t *expected_old, int64_t new)
{
if (*mem == *expected_old) {
*mem = new;
return 1;
} else {
*expected_old = *mem;
return 0;
}
}
#else
static int
cmpxchg64(int64_t *mem, int64_t *expected_old, int64_t new)
{
asm(pushl %ebx);
asm(pushl %esi);
asm(pushl %edi);
asm(movl 12(%ebp), %esi);
asm(movl (%esi), %eax);
asm(movl 4(%esi), %edx);
asm(movl 16(%ebp), %ebx);
asm(movl 20(%ebp), %ecx);
asm(movl 8(%ebp), %edi);
asm(cmpxchg8b (%edi));
asm(movl %eax, (%esi));
asm(movl %edx, 4(%esi));
asm(sete %al);
asm(movsbl %al, %eax);
asm(popl %edi);
asm(popl %esi);
asm(popl %ebx);
}
#endif
int64_t *val;
int
main(int argc, char **argv)
{
int64_t old, update;
val = calloc(2*4096, 1);
val = (void*)(((long)val + 0xfff) ~0xfff);
printf(%lld\n, *val);
old = 0;
update = 1;
cmpxchg64(val, old, update);
printf(%lld\n, *val);
switch (fork()) {
case -1:
perror(fork);
exit(1);
case 0:
sleep(1);
_exit(0);
break;
default:
break;
}
old = update;
update++;
cmpxchg64(val, old, update);
printf(%lld\n, *val);
}
Workaround: move the code from inside the helper_cmpxchg8b() function
into the op_cmpxchg8b() insn template[*].
A patch for this workaround is attached. With this workaround applied,
the above test program doesn't SIGSEGV any more, and the java installer
from Solaris x86 Developer Express doesn't crash with SIGSEGV any more
either.
[*] so that softmmu_template.h function __stq_mmu() ...
``void REGPARM(2) glue(glue(__st, SUFFIX), MMUSUFFIX)(target_ulong addr,
DATA_TYPE val,
int is_user)''
... passes a PC that is is inside translated code to tlb_fill().
Without the workaround, the return address passed into tlb_fill()
is inside helper_cmpxchg8b() and tlb_fill() is unable to pass
the correct virtual PC for the page fault to the kernel exception -
the PC that gets passed is the PC that was last saved to the env
register file, and this could point to a location that was executed
a few translations blocks before we reached the cmpxchg8b instruction.
diff -ru qemu-cvs-orig/target-i386/helper.c qemu-cvs/target-i386/helper.c
--- qemu-cvs-orig/target-i386/helper.c 2007-02-09
[Qemu-devel] [PATCH] TPM TIS device model
This patch adds a TIS device model for a v1.2 TPM to qemu.
It is based on the Xen patch from IBM and adopted by removing
the Xen-specific stuff. It works with the tpmd daemon of the
tpm-emulator package.
The following things are still missing:
* locality support
* cmdline option for the socket name
Greetings,
Bernhard Kauer
diff -N -r -u qemu.old/Makefile.target qemu/Makefile.target
--- qemu.old/Makefile.target2007-03-09 02:46:14.024009410 +0100
+++ qemu/Makefile.target2007-03-09 01:03:53.0 +0100
@@ -372,6 +372,7 @@
VL_OBJS+= fdc.o mc146818rtc.o serial.o i8259.o i8254.o pcspk.o pc.o
VL_OBJS+= cirrus_vga.o mixeng.o apic.o parallel.o acpi.o piix_pci.o
VL_OBJS+= usb-uhci.o smbus_eeprom.o
+VL_OBJS+= tpm_tis.o
CPPFLAGS += -DHAS_AUDIO
endif
ifeq ($(TARGET_BASE_ARCH), ppc)
diff -N -r -u qemu.old/hw/pc.c qemu/hw/pc.c
--- qemu.old/hw/pc.c2007-03-09 02:46:14.424026396 +0100
+++ qemu/hw/pc.c2007-03-09 01:14:26.507262699 +0100
@@ -734,6 +734,9 @@
if (i440fx_state) {
i440fx_init_memory_mappings(i440fx_state);
}
+
+tpm_tis_init();
+
#if 0
/* ??? Need to figure out some way for the user to
specify SCSI devices. */
diff -N -r -u qemu.old/hw/tpm_tis.c qemu/hw/tpm_tis.c
--- qemu.old/hw/tpm_tis.c 1970-01-01 01:00:00.0 +0100
+++ qemu/hw/tpm_tis.c 2007-03-09 02:59:13.801196995 +0100
@@ -0,0 +1,992 @@
+/*
+ * tpm_tis.c - QEMU emulator for a 1.2 TPM with TIS interface
+ *
+ * Copyright (C) 2006 IBM Corporation
+ *
+ * Author: Stefan Berger [EMAIL PROTECTED]
+ * David Safford [EMAIL PROTECTED]
+ * Adopted for Qemu: Bernhard Kauer [EMAIL PROTECTED]
+ *
+ * This program is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU General Public License as
+ * published by the Free Software Foundation, version 2 of the
+ * License.
+ *
+ *
+ * Implementation of the TIS interface according to specs at
+ *
https://www.trustedcomputinggroup.org/groups/pc_client/TCG_PCClientTPMSpecification_1-20_1-00_FINAL.pdf
+ *
+ */
+
+#include sys/types.h
+#include sys/stat.h
+#include sys/socket.h
+#include sys/un.h
+#include fcntl.h
+#include errno.h
+#include vl.h
+
+#define DEBUG_TPM
+#define logfile stderr
+
+#define TPM_MAX_PKT 4096
+
+#define VTPM_BAD_INSTANCE (uint32_t)0x
+
+#define TIS_ADDR_BASE 0xFED4
+
+/* tis registers */
+#define TPM_REG_ACCESS0x00
+#define TPM_REG_INT_ENABLE0x08
+#define TPM_REG_INT_VECTOR0x0c
+#define TPM_REG_INT_STATUS0x10
+#define TPM_REG_INTF_CAPABILITY 0x14
+#define TPM_REG_STS 0x18
+#define TPM_REG_DATA_FIFO 0x24
+#define TPM_REG_DID_VID 0xf00
+#define TPM_REG_RID 0xf04
+
+#define STS_VALID(1 7)
+#define STS_COMMAND_READY(1 6)
+#define STS_TPM_GO (1 5)
+#define STS_DATA_AVAILABLE (1 4)
+#define STS_EXPECT (1 3)
+#define STS_RESPONSE_RETRY (1 1)
+
+#define ACCESS_TPM_REG_VALID_STS (1 7)
+#define ACCESS_ACTIVE_LOCALITY (1 5)
+#define ACCESS_BEEN_SEIZED (1 4)
+#define ACCESS_SEIZE (1 3)
+#define ACCESS_PENDING_REQUEST (1 2)
+#define ACCESS_REQUEST_USE (1 1)
+#define ACCESS_TPM_ESTABLISHMENT (1 0)
+
+#define INT_ENABLED (1 31)
+#define INT_DATA_AVAILABLE (1 0)
+#define INT_LOCALITY_CHANGED (1 2)
+#define INT_COMMAND_READY(1 7)
+
+#define INTERRUPTS_SUPPORTED (INT_LOCALITY_CHANGED | \
+ INT_DATA_AVAILABLE | \
+ INT_COMMAND_READY)
+#define CAPABILITIES_SUPPORTED ((1 4) |\
+ INTERRUPTS_SUPPORTED)
+
+enum {
+ STATE_IDLE = 0,
+ STATE_READY,
+ STATE_COMPLETION,
+ STATE_EXECUTION,
+ STATE_RECEPTION
+};
+
+#define NUM_LOCALITIES 5
+#define NO_LOCALITY 0xff
+
+#define IS_VALID_LOC(x) ((x) NUM_LOCALITIES)
+
+#define TPM_DID 0x0001
+#define TPM_VID 0x0001
+#define TPM_RID 0x0001
+
+/* if the connection to the vTPM should be closed after a successfully
+ received response; set to '0' to allow keeping the connection */
+#define FORCE_CLOSE 0
+
+/* local data structures */
+
+typedef struct TPMTx {
+int fd[2];
+} tpmTx;
+
+typedef struct TPMBuffer {
+uint8_t instance[4]; /* instance number in network byte order */
+uint8_t buf[TPM_MAX_PKT];
+} __attribute__((packed)) tpmBuffer;
+
+/* locality data */
+typedef struct TPMLocal {
+uint32_t state;
+uint8_t access;
+uint8_t sts;
+uint32_t inte;
+uint32_t ints;
+} tpmLoc;
+
+/* overall state of the TPM interface; 's' marks as save upon suspension */
+typedef struct TPMState {
+uint32_t offset;/* s */
+tpmBuffer buffer;
[Qemu-devel] [PATCH] target-i386: DR6 single step exception status bit
- qemu CVS, without using the kqemu module
- Solaris x86 guest
- I'm trying to debug a user program inside the Solaris x86 guest:
$ mdb /bin/date
main:b
:r
(note: mdb uses a breakpoint inside the target's dynamic linker
ld.so.1 and single steps over that breakpoint during target
program startup)
When kqemu isn't available, single stepping a user programm in the
/bin/mdb debugger in a Solaris x86 guest doesn't work.
The Solaris x86 kernel verifies that the BS (single step) flag (bit
14) in the DR6 debug status register is set when a user
program gets an exception #1 (EXCP01_SSTP).
qemu currently doesn't set this bit for exception #1 (EXCP01_SSTP).
The Solaris x86 kernel complains with the message:
Unexpected INT 1 in user mode, dr6=0
At this point the Solaris x86 guest kernel is stuck in an endless
loop with Unexpected INT 1 in user mode, dr6=0 messages.
Workaround:
===
For the x86 platform only: use the kqemu module.
Suggested fix:
==
Set the 0x4000 bit in DR6 when single stepping.
See the attached patch. With this patch applied, debugging a user
program works.
diff -ru /tmp/qemu-cvs/target-i386/exec.h qemu-cvs/target-i386/exec.h
--- /tmp/qemu-cvs/target-i386/exec.h2006-09-25 09:52:23.0 +0200
+++ qemu-cvs/target-i386/exec.h 2007-03-10 21:20:22.804313251 +0100
@@ -191,6 +191,7 @@
void helper_idivq_EAX_T0(void);
void helper_bswapq_T0(void);
void helper_cmpxchg8b(void);
+void helper_single_step(void);
void helper_cpuid(void);
void helper_enter_level(int level, int data32);
void helper_enter64_level(int level, int data64);
diff -ru /tmp/qemu-cvs/target-i386/helper.c qemu-cvs/target-i386/helper.c
--- /tmp/qemu-cvs/target-i386/helper.c 2007-02-09 22:10:08.0 +0100
+++ qemu-cvs/target-i386/helper.c 2007-03-10 21:13:09.708272230 +0100
@@ -1591,6 +1591,12 @@
CC_SRC = eflags;
}
+void helper_single_step()
+{
+env-dr[6] |= 0x4000;
+raise_exception(EXCP01_SSTP);
+}
+
void helper_cpuid(void)
{
uint32_t index;
diff -ru /tmp/qemu-cvs/target-i386/op.c qemu-cvs/target-i386/op.c
--- /tmp/qemu-cvs/target-i386/op.c 2007-02-09 22:10:08.0 +0100
+++ qemu-cvs/target-i386/op.c 2007-03-10 21:20:53.276293877 +0100
@@ -730,6 +730,11 @@
helper_cmpxchg8b();
}
+void OPPROTO op_single_step(void)
+{
+helper_single_step();
+}
+
void OPPROTO op_movl_T0_0(void)
{
T0 = 0;
diff -ru /tmp/qemu-cvs/target-i386/translate.c qemu-cvs/target-i386/translate.c
--- /tmp/qemu-cvs/target-i386/translate.c 2007-01-24 10:07:52.0
+0100
+++ qemu-cvs/target-i386/translate.c2007-03-10 21:49:06.287293924 +0100
@@ -2277,7 +2277,7 @@
if (s-singlestep_enabled) {
gen_op_debug();
} else if (s-tf) {
-gen_op_raise_exception(EXCP01_SSTP);
+ gen_op_single_step();
} else {
gen_op_movl_T0_0();
gen_op_exit_tb();
___
Qemu-devel mailing list
Qemu-devel@nongnu.org
http://lists.nongnu.org/mailman/listinfo/qemu-devel
[Qemu-devel] SSE 'maxps' instruction bug?
The program below tests the 'maxps' instruction. When run on
qemu-0.9.0, host amd64, guest x86, guest OS redhat8, it prints:
f9a511d1 8d37d67f b34825b8 e2f40739
scp the binary to a Core 2 (real) machine and run:
f9a511d1 22dcb9b9 b34825b8 e2f40739
Second 32-bit word is completely different.
This is 0.9.0 compiled from source using gcc-3.4.6, host openSuSE
10.2 on a Core 2 Duo in 64-bit mode.
Any ideas? I grepped the 0.9.0 sources for maxps but couldn't
figure out where/how it is handled.
J
#include stdio.h
#include stdlib.h
#include assert.h
#include malloc.h
#include string.h
typedef unsigned char V128[16];
typedef signed int Int;
static void showV128 ( V128* v )
{
Int i;
for (i = 0; i 16; i++) {
printf(%02x, (Int)(*v)[i]);
if (i 0 (i % 4) == 3) printf( );
}
}
static V128 arg1 = { 0x28,0x9b,0x57,0xf7,0x22,0xdc,0xb9,0xb9,
0x0a,0xb3,0x8a,0xcf,0x73,0xbb,0xe4,0x0b };
static V128 arg2 = { 0xf9,0xa5,0x11,0xd1,0x8d,0x37,0xd6,0x7f,
0xb3,0x48,0x25,0xb8,0xe2,0xf4,0x07,0x39 };
static V128 res;
int main ( int argc, char** argv )
{
__asm__ __volatile__(
movups (%0),%%xmm6\n\t
movups (%1),%%xmm7\n\t
maxps %%xmm6,%%xmm7\n\t
movups %%xmm7, (%2)\n\t
: : r(arg1), r(arg2), r(res)
: xmm6, xmm7
);
showV128( res );
printf(\n);
return 0;
}
/* Output on qemu-0.9.0, host amd64, guest x86, guest OS redhat8:
f9a511d1 8d37d67f b34825b8 e2f40739
Run same binary on a Core 2:
f9a511d1 22dcb9b9 b34825b8 e2f40739
Second 32-bit word is completely different.
*/
___
Qemu-devel mailing list
Qemu-devel@nongnu.org
http://lists.nongnu.org/mailman/listinfo/qemu-devel
Re: [Qemu-devel] SSE 'maxps' instruction bug?
On Mon, 12 Mar 2007, Julian Seward wrote: The program below tests the 'maxps' instruction. When run on qemu-0.9.0, host amd64, guest x86, guest OS redhat8, it prints: f9a511d1 8d37d67f b34825b8 e2f40739 scp the binary to a Core 2 (real) machine and run: f9a511d1 22dcb9b9 b34825b8 e2f40739 Second 32-bit word is completely different. This is 0.9.0 compiled from source using gcc-3.4.6, host openSuSE 10.2 on a Core 2 Duo in 64-bit mode. Any ideas? I grepped the 0.9.0 sources for maxps but couldn't figure out where/how it is handled. [..snip..] ops_sse.h lines 711 and 670 QEMU and Core 2 Duo disagree on the handling of NaNs it seems. http://courses.ece.uiuc.edu/ece390/books/labmanual/inst-ref-simd.html - this implies that MAXPS should leave the NaNs alone, no idea how normative that is though (and no IA32 manual at hand) -- vale ___ Qemu-devel mailing list Qemu-devel@nongnu.org http://lists.nongnu.org/mailman/listinfo/qemu-devel
[Qemu-devel] PATCH: hw/rtl8139.c for Sparc (BigEndian) Hosts
This patch is to fix a big-endian problem in the RTL-8139 driver. The additional
debugging is mine, and the actual code fixes are by Garrison (Igor Kovalenko -
[EMAIL PROTECTED]). Code has been tested on 32-bit Solaris x86 and 32-bit
Solaris Sparc hosts, with and without debugging.
There were two problems.
1) the setup of the MAC address was not big-endian friendly
2) due to some feature of le32_to_cpu, the pointer to the buffer
for the packet was off in never-never land. Just setting the
val in rtl8139_TxAddr_write was enough to fix the problem,
and networking both in and out are working properly on a sparc host.
Ben--- qemu/hw/rtl8139.c.ORIG 2007-03-12 17:41:46.739541000 -0400
+++ qemu/hw/rtl8139.c 2007-03-12 17:55:14.749309000 -0400
@@ -73,7 +73,9 @@
( ( input ) ( size - 1 ) )
#if defined (DEBUG_RTL8139)
-# define DEBUG_PRINT(x) do { printf x ; } while (0)
+#include stdarg.h
+# define DEBUG_PRINT_VA(fmt, ...) do { printf ( rtl8139.c:%d:%s: fmt, __LINE__, __FUNCTION__, ## __VA_ARGS__ ); } while (0)
+# define DEBUG_PRINT(x) do { DEBUG_PRINT_VA x ; } while (0)
#else
# define DEBUG_PRINT(x)
#endif
@@ -637,8 +639,13 @@
int prom9346_get_wire(RTL8139State *s)
{
EEprom9346 *eeprom = s-eeprom;
-if (!eeprom-eecs)
+DEBUG_PRINT((eeprom-eecs = 0x%08x, eeprom-eedo = 0x%08x\n, eeprom-eecs, eeprom-eedo));
+if (!eeprom-eecs) {
+DEBUG_PRINT((eeprom-eedo = 0, returning 0\n));
return 0;
+}
+
+DEBUG_PRINT((return eeprom-eedo = 0x%08x\n, eeprom-eedo));
return eeprom-eedo;
}
@@ -778,6 +785,7 @@
/* non-wrapping path or overwrapping enabled */
cpu_physical_memory_write( s-RxBuf + s-RxBufAddr, buf, size );
+DEBUG_PRINT(( RTL8139: called cpu_physical_memory_write\n ));
s-RxBufAddr += size;
}
@@ -797,6 +805,7 @@
RTL8139State *s = opaque;
int avail;
+DEBUG_PRINT((s-clock_enabled = 0x%04x\n, s-clock_enabled ));
/* Recieve (drop) packets if card is disabled. */
if (!s-clock_enabled)
return 1;
@@ -1162,6 +1171,7 @@
static void rtl8139_receive(void *opaque, const uint8_t *buf, int size)
{
+DEBUG_PRINT((entering rtl8139_receive\n));
rtl8139_do_receive(opaque, buf, size, 1);
}
@@ -1192,7 +1202,9 @@
s-eeprom.contents[1] = 0x10ec;
s-eeprom.contents[2] = 0x8139;
#endif
-memcpy(s-eeprom.contents[7], s-macaddr, 6);
+s-eeprom.contents[7] = s-macaddr[0] | s-macaddr[1] 8;
+s-eeprom.contents[8] = s-macaddr[2] | s-macaddr[3] 8;
+s-eeprom.contents[9] = s-macaddr[4] | s-macaddr[5] 8;
/* mark all status registers as owned by host */
for (i = 0; i 4; ++i)
@@ -1756,6 +1768,7 @@
}
else
{
+DEBUG_PRINT((RTL8139: +++ qemu_send_packet(s-vc, buf, size)\n));
qemu_send_packet(s-vc, buf, size);
}
}
@@ -1786,10 +1799,20 @@
cpu_physical_memory_read(s-TxAddr[descriptor], txbuffer, txsize);
+DEBUG_PRINT((RTL8139: +++ finished calling cpu_physical_memory_read, txbuffer = 0x%08x\n, txbuffer ));
+#if DEBUG_RTL8139
+int bx;
+for(bx=0;bxtxsize;bx+=8) {
+DEBUG_PRINT((txbuffer[%d]: 0x%2x 0x%2x 0x%2x 0x%2x 0x%2x 0x%2x 0x%2x 0x%2x\n,
+bx,txbuffer[bx],txbuffer[bx+1],txbuffer[bx+2],txbuffer[bx+3],txbuffer[bx+4],txbuffer[bx+5],txbuffer[bx+6],txbuffer[bx+7]));
+}
+#endif
+
/* Mark descriptor as transferred */
s-TxStatus[descriptor] |= TxHostOwns;
s-TxStatus[descriptor] |= TxStatOK;
-
+DEBUG_PRINT((RTL8139: +++ calling rtl8139_transfer_frame(s, txbuffer = 0x%08x, txsize = 0x%04x, 0)\n,
+txbuffer, txsize));
rtl8139_transfer_frame(s, txbuffer, txsize, 0);
DEBUG_PRINT((RTL8139: +++ transmitted %d bytes from descriptor %d\n, txsize, descriptor));
@@ -2455,14 +2478,15 @@
{
DEBUG_PRINT((RTL8139: TxAddr write offset=0x%x val=0x%08x\n, txAddrOffset, val));
-s-TxAddr[txAddrOffset/4] = le32_to_cpu(val);
+s-TxAddr[txAddrOffset/4] = val;
+DEBUG_PRINT((RTL8139: s-TxAddr[%d] = 0x%08x\n, txAddrOffset/4, val));
}
static uint32_t rtl8139_TxAddr_read(RTL8139State *s, uint32_t txAddrOffset)
{
uint32_t ret = cpu_to_le32(s-TxAddr[txAddrOffset/4]);
-DEBUG_PRINT((RTL8139: TxAddr read offset=0x%x val=0x%08x\n, txAddrOffset, ret));
+DEBUG_PRINT((RTL8139: TxAddr read offset=0x%x val=0x%08x\n, txAddrOffset/4, ret));
return ret;
}
@@ -2608,36 +2632,46 @@
switch (addr)
{
case MAC0 ... MAC0+5:
+DEBUG_PRINT((RTL8139: s-phys[%d] set 0x%x\n, addr - MAC0, val));
s-phys[addr - MAC0] = val;
break;
case MAC0+6 ... MAC0+7:
/* reserved */
break;
case MAR0 ... MAR0+7:
+DEBUG_PRINT((RTL8139: s-mult[%d] set 0x%x\n, addr - MAR0, val));
s-mult[addr - MAR0] = val;
break;
case ChipCmd:
+DEBUG_PRINT((RTL8139: ChipCmd write set 0x%x\n, val));
[Qemu-devel] Updated PATCH: hw/rtl8139.c for Sparc (BigEndian) Hosts
Apologies to the list. I forgot to separate out the patches in a more appropriate manner. Patch 1: qemu-rtl8139-bigend.diff This fixes the big-endian problem with the hw/rtl8139.c on a Sparc host. Patch 2: qemu-rtl8139-impv-debug.difff This is an improved macro for debugging. This patch layers on the first patch. The above two patches were coded by Igor Kovalenko ([EMAIL PROTECTED]) Patch 3: qemu-rtl8139-extra-debug.diff This just adds a lot of debugging that was used to isolate the problem with the big-endian problem, and layers on the first two patches. Ben qemu-rtl8139-bigend.diff Description: Binary data qemu-rtl8139-extra-debug.diff Description: Binary data qemu-rtl8139-impr-debug.diff Description: Binary data ___ Qemu-devel mailing list Qemu-devel@nongnu.org http://lists.nongnu.org/mailman/listinfo/qemu-devel
