Hi all. After having spent almost two weeks chasing down a heisenbug and an unwanted double prefetch abort I'm pretty happy to say that the guest now successfully decompresses the kernel and actually starts executing the main kernel initialization code. The bug, which caused the system to crash at random times was a simple programming mistake, where I enabled interrupts for a few instructions during exceptions handling. It has been fixed and guest execution with or without hardware interrupts enabled (on the host machine) runs stable and deterministically. The reason for the double prefetch abort exception was also a programming error. The problem was that I forgot to add the page offset for the second level page tables when creating new second level page tables. When the prefetch was taken the second time though, the L2 table was already created and in that case the offset was added correctly and the mapping was created successfully. Both bugs have been corrected in the main android-goldfish-2.6.27-virt branch. The MMIO operations are now using the re-factored emulation code and correctly decodes type, length, address and direction of load/store operations and uses this to return to QEMU for IO emulation. On the next vcpu run ioctl call from QEMU, the kernel code checks if the last exit was due to an mmio-read and if so, places the code from QEMU into the right register. I placed a screenshot of the guest printing "Uncompressing linux..." on the wiki: http://android.chazy.dk. The crash which can be seen in the screenshot will be the main focus of my work in the nearest future together with determining why some characters are dropped in the mmio operations. There will also be some more work in cleaning up the emulation code to make it all kernel style and easier to maintain. Best, Christoffer
