[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Qemu-devel] [Bug 1080086] [NEW] MC146818 RTC breaks when SET bit in Reg
From: |
Alex Horn |
Subject: |
[Qemu-devel] [Bug 1080086] [NEW] MC146818 RTC breaks when SET bit in Register B is on. |
Date: |
Sat, 17 Nov 2012 14:41:35 -0000 |
Public bug reported:
This bug occurs when the SET flag of Register B is enabled. When an RTC
data register (i.e. any of the 10 bytes of time/calender data in CMOS) is set,
the data is (as expected) correctly stored in the cmos_data array. However,
since the SET flag is enabled, the function rtc_set_time is not invoked.
As a result, the field base_rtc in RTCState remains uninitialized. This appears
to
cause a problem on subsequent writes which can end up overwriting data.
To see this, consider writing data to Register A after having written
data to any of the RTC data registers; the following figure illustrates
the call stack for the Register A write operation:
+- cmos_io_port_write
+-- check_update_timer
+---- get_next_alarm
+------ rtc_update_time
In rtc_update_time, get_guest_rtc calculates the wrong time and
overwrites the previously written RTC data register values.
I have created a standalone test case which exposes this bug:
https://github.com/ahorn/benchmarks/commit/fff1ca40694bbef6f7f9de323bb0bed63419ef99
** Affects: qemu
Importance: Undecided
Status: New
** Tags: rtc
--
You received this bug notification because you are a member of qemu-
devel-ml, which is subscribed to QEMU.
https://bugs.launchpad.net/bugs/1080086
Title:
MC146818 RTC breaks when SET bit in Register B is on.
Status in QEMU:
New
Bug description:
This bug occurs when the SET flag of Register B is enabled. When an RTC
data register (i.e. any of the 10 bytes of time/calender data in CMOS) is set,
the data is (as expected) correctly stored in the cmos_data array. However,
since the SET flag is enabled, the function rtc_set_time is not invoked.
As a result, the field base_rtc in RTCState remains uninitialized. This
appears to
cause a problem on subsequent writes which can end up overwriting data.
To see this, consider writing data to Register A after having written
data to any of the RTC data registers; the following figure illustrates
the call stack for the Register A write operation:
+- cmos_io_port_write
+-- check_update_timer
+---- get_next_alarm
+------ rtc_update_time
In rtc_update_time, get_guest_rtc calculates the wrong time and
overwrites the previously written RTC data register values.
I have created a standalone test case which exposes this bug:
https://github.com/ahorn/benchmarks/commit/fff1ca40694bbef6f7f9de323bb0bed63419ef99
To manage notifications about this bug go to:
https://bugs.launchpad.net/qemu/+bug/1080086/+subscriptions
[Prev in Thread] |
Current Thread |
[Next in Thread] |