qemu-system-sparc stucked while booting using ss20_v2.25_rom
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
QEMU |
Fix Released
|
Undecided
|
Unassigned |
Bug Description
I cannot boot up OBP using the current (5.1) version of qemu with ss20_v2.25_rom. It just stuck at "Power-ON reset" and hanged. However using the previous version from 2015 I can successfully both up the OBP.
qemu-system-sparc -M SS-20 -m 256 -bios ss20_v2.25.rom -nographic
Power-ON Reset
(*hang)
regards
Yap KV
yapkv (yapkv) wrote : | #1 |
Philippe Mathieu-Daudé (philmd) wrote : [PATCH] hw/timer/slavio_timer: Allow 64-bit accesses | #2 |
Per the "NCR89C105 Chip Specification" referenced in the header:
-----
| 1D0 0000 -> | Counter/Timers | W,D |
| 1DF FFFF | | |
...
The address map indicated the allowed accesses at each address.
[...] W indicates a word access, and D indicates a double-word
access.
The SLAVIO timer controller is implemented expecting 32-bit accesses.
Commit a3d12d073e1 restricted the memory accesses to 32-bit, while
the device allows 64-bit accesses.
This was not an issue until commit 5d971f9e67 which reverted
("memory: accept mismatching sizes in memory_
Fix by renaming .valid MemoryRegionOps as .impl, and add the valid
access range (W -> 4, D -> 8).
Since commit 21786c7e598 ("memory: Log invalid memory accesses")
this class of bug can be quickly debugged displaying 'guest_errors'
accesses, as:
$ qemu-system-sparc -M SS-20 -m 256 -bios ss20_v2.25_rom -serial stdio -d guest_errors
Power-ON Reset
Invalid access at addr 0x0, size 8, region 'timer-1', reason: invalid size (min:4 max:4)
$ qemu-system-sparc -M SS-20 -m 256 -bios ss20_v2.25_rom -monitor stdio -S
(qemu) info mtree
address-space: memory
00000000000
...
0000000ff
(qemu) info qtree
bus: main-system-bus
dev: slavio_timer, id "" <-- device type name
gpio-out "sysbus-irq" 17
num_cpus = 1 (0x1)
mmio 0000000ff131000
mmio 0000000ff130000
mmio 0000000ff130100
mmio 0000000ff130200
...
Reported-by: Yap KV <email address hidden>
Buglink: https:/
Fixes: a3d12d073e1 ("slavio_timer: convert to memory API")
Signed-off-by: Philippe Mathieu-Daudé <email address hidden>
---
Cc: Benoit Canet <email address hidden>
Cc: <email address hidden>
Signed-off-by: Philippe Mathieu-Daudé <email address hidden>
---
hw/timer/
1 file changed, 4 insertions(+)
diff --git a/hw/timer/
index 5b2d20cb6a5.
--- a/hw/timer/
+++ b/hw/timer/
@@ -331,6 +331,10 @@ static const MemoryRegionOps slavio_
.write = slavio_
.endianness = DEVICE_
.valid = {
+ .min_access_size = 4,
+ .max_access_size = 8,
+ },
+ .impl = {
},
--
2.26.2
Changed in qemu: | |
status: | New → Confirmed |
tags: | added: sparc |
Mark Cave-Ayland (mark-cave-ayland) wrote : | #3 |
On 05/12/2020 15:09, Philippe Mathieu-Daudé wrote:
> Per the "NCR89C105 Chip Specification" referenced in the header:
>
> Chip-level Address Map
>
> -------
> | 1D0 0000 -> | Counter/Timers | W,D |
> | 1DF FFFF | | |
> ...
>
> The address map indicated the allowed accesses at each address.
> [...] W indicates a word access, and D indicates a double-word
> access.
>
> The SLAVIO timer controller is implemented expecting 32-bit accesses.
> Commit a3d12d073e1 restricted the memory accesses to 32-bit, while
> the device allows 64-bit accesses.
>
> This was not an issue until commit 5d971f9e67 which reverted
> ("memory: accept mismatching sizes in memory_
>
> Fix by renaming .valid MemoryRegionOps as .impl, and add the valid
> access range (W -> 4, D -> 8).
>
> Since commit 21786c7e598 ("memory: Log invalid memory accesses")
> this class of bug can be quickly debugged displaying 'guest_errors'
> accesses, as:
>
> $ qemu-system-sparc -M SS-20 -m 256 -bios ss20_v2.25_rom -serial stdio -d guest_errors
>
> Power-ON Reset
> Invalid access at addr 0x0, size 8, region 'timer-1', reason: invalid size (min:4 max:4)
>
> $ qemu-system-sparc -M SS-20 -m 256 -bios ss20_v2.25_rom -monitor stdio -S
> (qemu) info mtree
> address-space: memory
> 000000000000000
> ...
> 0000000ff130000
> ^^^^^^^^^ ^^^^^^^
> \ memory region base address and name /
>
> (qemu) info qtree
> bus: main-system-bus
> dev: slavio_timer, id "" <-- device type name
> gpio-out "sysbus-irq" 17
> num_cpus = 1 (0x1)
> mmio 0000000ff131000
> mmio 0000000ff130000
> mmio 0000000ff130100
> mmio 0000000ff130200
> ...
>
> Reported-by: Yap KV <email address hidden>
> Buglink: https:/
> Fixes: a3d12d073e1 ("slavio_timer: convert to memory API")
> Signed-off-by: Philippe Mathieu-Daudé <email address hidden>
> ---
> Cc: Benoit Canet <email address hidden>
> Cc: <email address hidden>
> Signed-off-by: Philippe Mathieu-Daudé <email address hidden>
> ---
> hw/timer/
> 1 file changed, 4 insertions(+)
>
> diff --git a/hw/timer/
> index 5b2d20cb6a5.
> --- a/hw/timer/
> +++ b/hw/timer/
> @@ -331,6 +331,10 @@ static const MemoryRegionOps slavio_
> .write = slavio_
> .endianness = DEVICE_
> .valid = {
> + .min_access_size = 4,
> + .max_access_size = 8,
> + },
> + .impl = {
> .min_access_size = 4,
> .max_access_size = 4,
> },
I don't really use the proprietary Sun ROMs here, but the fix looks good to me:
Reviewed-by: M...
Philippe Mathieu-Daudé (philmd) wrote : | #4 |
ping?
On 12/5/20 4:09 PM, Philippe Mathieu-Daudé wrote:
> Per the "NCR89C105 Chip Specification" referenced in the header:
>
> Chip-level Address Map
>
> -------
> | 1D0 0000 -> | Counter/Timers | W,D |
> | 1DF FFFF | | |
> ...
>
> The address map indicated the allowed accesses at each address.
> [...] W indicates a word access, and D indicates a double-word
> access.
>
> The SLAVIO timer controller is implemented expecting 32-bit accesses.
> Commit a3d12d073e1 restricted the memory accesses to 32-bit, while
> the device allows 64-bit accesses.
>
> This was not an issue until commit 5d971f9e67 which reverted
> ("memory: accept mismatching sizes in memory_
>
> Fix by renaming .valid MemoryRegionOps as .impl, and add the valid
> access range (W -> 4, D -> 8).
>
> Since commit 21786c7e598 ("memory: Log invalid memory accesses")
> this class of bug can be quickly debugged displaying 'guest_errors'
> accesses, as:
>
> $ qemu-system-sparc -M SS-20 -m 256 -bios ss20_v2.25_rom -serial stdio -d guest_errors
>
> Power-ON Reset
> Invalid access at addr 0x0, size 8, region 'timer-1', reason: invalid size (min:4 max:4)
>
> $ qemu-system-sparc -M SS-20 -m 256 -bios ss20_v2.25_rom -monitor stdio -S
> (qemu) info mtree
> address-space: memory
> 000000000000000
> ...
> 0000000ff130000
> ^^^^^^^^^ ^^^^^^^
> \ memory region base address and name /
>
> (qemu) info qtree
> bus: main-system-bus
> dev: slavio_timer, id "" <-- device type name
> gpio-out "sysbus-irq" 17
> num_cpus = 1 (0x1)
> mmio 0000000ff131000
> mmio 0000000ff130000
> mmio 0000000ff130100
> mmio 0000000ff130200
> ...
>
> Reported-by: Yap KV <email address hidden>
> Buglink: https:/
> Fixes: a3d12d073e1 ("slavio_timer: convert to memory API")
> Signed-off-by: Philippe Mathieu-Daudé <email address hidden>
> ---
> Cc: Benoit Canet <email address hidden>
> Cc: <email address hidden>
> Signed-off-by: Philippe Mathieu-Daudé <email address hidden>
> ---
> hw/timer/
> 1 file changed, 4 insertions(+)
>
> diff --git a/hw/timer/
> index 5b2d20cb6a5.
> --- a/hw/timer/
> +++ b/hw/timer/
> @@ -331,6 +331,10 @@ static const MemoryRegionOps slavio_
> .write = slavio_
> .endianness = DEVICE_
> .valid = {
> + .min_access_size = 4,
> + .max_access_size = 8,
> + },
> + .impl = {
> .min_access_size = 4,
> .max_access_size = 4,
> },
>
Mark Cave-Ayland (mark-cave-ayland) wrote : Re: [Bug 1906905] Re: [PATCH] hw/timer/slavio_timer: Allow 64-bit accesses | #5 |
On 05/01/2021 11:06, Philippe Mathieu-Daudé wrote:
> ping?
>
> On 12/5/20 4:09 PM, Philippe Mathieu-Daudé wrote:
>> Per the "NCR89C105 Chip Specification" referenced in the header:
>>
>> Chip-level Address Map
>>
>> -------
>> | 1D0 0000 -> | Counter/Timers | W,D |
>> | 1DF FFFF | | |
>> ...
>>
>> The address map indicated the allowed accesses at each address.
>> [...] W indicates a word access, and D indicates a double-word
>> access.
>>
>> The SLAVIO timer controller is implemented expecting 32-bit accesses.
>> Commit a3d12d073e1 restricted the memory accesses to 32-bit, while
>> the device allows 64-bit accesses.
>>
>> This was not an issue until commit 5d971f9e67 which reverted
>> ("memory: accept mismatching sizes in memory_
>>
>> Fix by renaming .valid MemoryRegionOps as .impl, and add the valid
>> access range (W -> 4, D -> 8).
>>
>> Since commit 21786c7e598 ("memory: Log invalid memory accesses")
>> this class of bug can be quickly debugged displaying 'guest_errors'
>> accesses, as:
>>
>> $ qemu-system-sparc -M SS-20 -m 256 -bios ss20_v2.25_rom -serial stdio -d guest_errors
>>
>> Power-ON Reset
>> Invalid access at addr 0x0, size 8, region 'timer-1', reason: invalid size (min:4 max:4)
>>
>> $ qemu-system-sparc -M SS-20 -m 256 -bios ss20_v2.25_rom -monitor stdio -S
>> (qemu) info mtree
>> address-space: memory
>> 000000000000000
>> ...
>> 0000000ff130000
>> ^^^^^^^^^ ^^^^^^^
>> \ memory region base address and name /
>>
>> (qemu) info qtree
>> bus: main-system-bus
>> dev: slavio_timer, id "" <-- device type name
>> gpio-out "sysbus-irq" 17
>> num_cpus = 1 (0x1)
>> mmio 0000000ff131000
>> mmio 0000000ff130000
>> mmio 0000000ff130100
>> mmio 0000000ff130200
>> ...
>>
>> Reported-by: Yap KV <email address hidden>
>> Buglink: https:/
>> Fixes: a3d12d073e1 ("slavio_timer: convert to memory API")
>> Signed-off-by: Philippe Mathieu-Daudé <email address hidden>
>> ---
>> Cc: Benoit Canet <email address hidden>
>> Cc: <email address hidden>
>> Signed-off-by: Philippe Mathieu-Daudé <email address hidden>
>> ---
>> hw/timer/
>> 1 file changed, 4 insertions(+)
>>
>> diff --git a/hw/timer/
>> index 5b2d20cb6a5.
>> --- a/hw/timer/
>> +++ b/hw/timer/
>> @@ -331,6 +331,10 @@ static const MemoryRegionOps slavio_
>> .write = slavio_
>> .endianness = DEVICE_
>> .valid = {
>> + .min_access_size = 4,
>> + .max_access_size = 8,
>> + },
>> + .impl = {
>> .min_access_size = 4,
>> ....
Thomas Huth (th-huth) wrote : | #6 |
Fix has been included here:
https:/
Changed in qemu: | |
status: | Confirmed → Fix Released |
I have just compiled a few version from source code:
4.1.1 worked: able to boot up with -bios ss20_v2.25.rom
5.0.0 worked: able to boot up with -bios ss20_v2.25.rom
5.1.0 not working. Stuck after "Power-On Reset"
SS5.bin worked for 5.1.0