On Thu, Dec 10, 2009 at 12:11 AM, Nick Couchman Nick.Couchman@seakr.com wrote:
That's interesting. From the whole output you posted in the pastebin, it looks as if the IDE control register is located at 0x682 and various bits of data are written between 0x600 and 0x607.
However, then something does terribly wrong mid-request and the write addresses change to 0x500-0x507 with a control register at 0x582, then 0x600-0x607 with a control register at 0x582 and then 0x700-0x707 with a control register of 0x682 again.
I'm current leaning towards this being a bug in Qemu...
So perhaps the 57 that it tries to write as an IDE CMD is getting pulled out of a memory location that the IDE code shouldn't be accessing?
Well qemu's crash is a bug in qemu for sure. The garbage being written is probably due to device i/o mapping issues (could clash with physical ram mapped low) so is separate issue. Of course we will need to solve both :) Do you see screen garbage before crash?