[hatari-devel] Hatari crashes with Mental Hangover demo

Eero Tamminen eerot at users.berlios.de
Sat Apr 30 22:09:07 CEST 2011


Hi,

On lauantai 30 huhtikuu 2011, Nicolas Pomarède wrote:
> But in fact I think we should have some kind of "DMA_memcpy" that would
> be used from FDC / HDC when we want to copy memory from Hatari to the
> emulated RAM. This function would check each written byte is in ST RAM
> or I/O space and would mask addresses to 24 bits.

I added stMemory_SafeCopy() function.


> This way, we would have a common function to correctly copy data from
> disk images to the emulated RAM or IO space.

Half of the potentially unsafe operations are fread()s & fwrite()s to STRam,
not just memcpy()s...  See e.g. gemdos.c which I've fixed earlier or the new
hdc.c changes.


> In that case, ignoring is fine, because it's not the cause of the
> problem. But as above, it would be more correct to not ignore the
> request but ensure each destination address is corrrecly handled to stay
> in the RAM / ROM / IO space of the emulated machine (even if writing in
> ROM should have no effect, it should not be forbidden)

The check in stMemory.h is:
-------------
static inline bool STMemory_ValidArea(Uint32 addr, int size)
{
        if (size >= 0 && addr+size < 0xff0000 &&
            (addr+size < STRamEnd || addr >= 0xe00000))
        {
                return true;
        }
        return false;
}
-------------

stMemory_SafeCopy() copies only bytes that above states to be valid, it
ignores bytes going to invalid addresses. (As I don't see what it e.g.
should do to bytes between STRamEnd and 0xe00000.)


>>>> PS. While doing the patches, I noticed:
...
>>  From above you can see that "HDCSectorCount" can never get any other
>>  value
>> than zero (unlike e.g. FDCSectorCountRegister which seems to be used
>> for similar purpose).  So what's the point in having that variable?
>> 
>> hdc.c code gets the HDC sector count with this macro, it doesn't use
>> the variable:
>> #define HD_SECTORCOUNT(a) (a.command[4]&  0xFF)        /* get sector
>> count */

To me it seems that using HDCSectorCount is fairly obviously wrong. As far
as I see, the correct value comes from HD_SECTORCOUNT() which isn't
used by fdc.c...

Thomas?


	- Eero



More information about the hatari-devel mailing list