* [PATCH] target/i386/tcg: Fix masking of real-mode addresses with A20 bit
@ 2022-05-25 15:33 Stephen Michael Jothen
2022-05-26 7:06 ` Paolo Bonzini
0 siblings, 1 reply; 2+ messages in thread
From: Stephen Michael Jothen @ 2022-05-25 15:33 UTC (permalink / raw)
To: qemu-devel; +Cc: pbonzini, richard.henderson, eduardo
The correct A20 masking is done if paging is enabled (protected mode) but it
seems to have been forgotten in real mode. For example from the AMD64 APM Vol. 2
section 1.2.4:
> If the sum of the segment base and effective address carries over into bit 20,
> that bit can be optionally truncated to mimic the 20-bit address wrapping of the
> 8086 processor by using the A20M# input signal to mask the A20 address bit.
Most BIOSes will enable the A20 line on boot, but I found by disabling the A20 line
afterwards, the correct wrapping wasn't taking place.
`handle_mmu_fault' in target/i386/tcg/sysemu/excp_helper.c seems to be the culprit.
In real mode, it fills the TLB with the raw unmasked address. However, for the
protected mode, the `mmu_translate' function does the correct A20 masking.
The fix then should be to just apply the A20 mask in the first branch of the if
statement.
Signed-off-by: Stephen Michael Jothen <sjothen@gmail.com>
---
target/i386/tcg/sysemu/excp_helper.c | 4 +++-
1 file changed, 3 insertions(+), 1 deletion(-)
diff --git a/target/i386/tcg/sysemu/excp_helper.c b/target/i386/tcg/sysemu/excp_helper.c
index e1b6d88683..48feba7e75 100644
--- a/target/i386/tcg/sysemu/excp_helper.c
+++ b/target/i386/tcg/sysemu/excp_helper.c
@@ -359,6 +359,7 @@ static int handle_mmu_fault(CPUState *cs, vaddr addr, int size,
CPUX86State *env = &cpu->env;
int error_code = PG_ERROR_OK;
int pg_mode, prot, page_size;
+ int32_t a20_mask;
hwaddr paddr;
hwaddr vaddr;
@@ -368,7 +369,8 @@ static int handle_mmu_fault(CPUState *cs, vaddr addr, int size,
#endif
if (!(env->cr[0] & CR0_PG_MASK)) {
- paddr = addr;
+ a20_mask = x86_get_a20_mask(env);
+ paddr = addr & a20_mask;
#ifdef TARGET_X86_64
if (!(env->hflags & HF_LMA_MASK)) {
/* Without long mode we can only address 32bits in real mode */
--
2.30.1 (Apple Git-130)
^ permalink raw reply related [flat|nested] 2+ messages in thread
* Re: [PATCH] target/i386/tcg: Fix masking of real-mode addresses with A20 bit
2022-05-25 15:33 [PATCH] target/i386/tcg: Fix masking of real-mode addresses with A20 bit Stephen Michael Jothen
@ 2022-05-26 7:06 ` Paolo Bonzini
0 siblings, 0 replies; 2+ messages in thread
From: Paolo Bonzini @ 2022-05-26 7:06 UTC (permalink / raw)
To: Stephen Michael Jothen; +Cc: qemu-devel, pbonzini, richard.henderson, eduardo
Queued, thanks.
Paolo
^ permalink raw reply [flat|nested] 2+ messages in thread
end of thread, other threads:[~2022-05-26 7:11 UTC | newest]
Thread overview: 2+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2022-05-25 15:33 [PATCH] target/i386/tcg: Fix masking of real-mode addresses with A20 bit Stephen Michael Jothen
2022-05-26 7:06 ` Paolo Bonzini
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.