On 05/01/13 16:08, Alexander Graf wrote:
Do you think you could narrow this down to a simple test case? Somewhere in openbios' init function, access a global variable, check that the write fails and if so, go into an endless loop? That way we might be able to track it down with all logging facilities enabled.
Ok, so I did just that with the below patch and got the expected result. Maybe for some reason we're in real mode at the point in time when the breakage occurs?
Ah yes - wait a sec. The code in question is in arch/ppc/qemu/ofmem.c:hash_page_32() which can be called from both of the ISI/DSI exception handlers dsi_exception()/isi_exception(). And I'm sure I remember reading somewhere over the past day or so that PPC switches to real mode when handling TLB misses - could that be it?
(The static that is not being updated is next_grab_slot in hash_page_32(), although I'm fairly sure the same bug would exist for PPC64 in hash_page_64())
ATB,
Mark.