* [Qemu-devel] [PATCH] hw/mips_malta: Fix YAMON API print routine
@ 2016-07-22 9:55 Paul Burton
2016-07-22 13:05 ` Aurelien Jarno
2016-07-26 10:13 ` Leon Alrae
0 siblings, 2 replies; 3+ messages in thread
From: Paul Burton @ 2016-07-22 9:55 UTC (permalink / raw)
To: qemu-devel; +Cc: Paul Burton, Aurelien Jarno, Leon Alrae
The print routine provided as part of the in-built bootloader had a bug
in that it attempted to use a jump instruction as part of a loop, but
the target has its upper bits zeroed leading to control flow
transferring to 0xb0000814 rather than the intended 0xbfc00814. Fix this
by using a branch instruction instead, which seems more fit for purpose.
A simple way to test this is to build a Linux kernel with EVA enabled &
attempt to boot it in QEMU. It will attempt to print a message
indicating the configuration mismatch but QEMU would previously
incorrectly jump & wind up printing a continuous stream of the letter E.
Signed-off-by: Paul Burton <paul.burton@imgtec.com>
Cc: Aurelien Jarno <aurelien@aurel32.net>
Cc: Leon Alrae <leon.alrae@imgtec.com>
---
hw/mips/mips_malta.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/hw/mips/mips_malta.c b/hw/mips/mips_malta.c
index 34d41ef..e90857e 100644
--- a/hw/mips/mips_malta.c
+++ b/hw/mips/mips_malta.c
@@ -727,7 +727,7 @@ static void write_bootloader(uint8_t *base, int64_t run_addr,
stl_p(p++, 0x00000000); /* nop */
stl_p(p++, 0x0ff0021c); /* jal 870 */
stl_p(p++, 0x00000000); /* nop */
- stl_p(p++, 0x08000205); /* j 814 */
+ stl_p(p++, 0x1000fff9); /* b 814 */
stl_p(p++, 0x00000000); /* nop */
stl_p(p++, 0x01a00009); /* jalr t5 */
stl_p(p++, 0x01602021); /* move a0,t3 */
--
2.9.0
^ permalink raw reply related [flat|nested] 3+ messages in thread
* Re: [Qemu-devel] [PATCH] hw/mips_malta: Fix YAMON API print routine
2016-07-22 9:55 [Qemu-devel] [PATCH] hw/mips_malta: Fix YAMON API print routine Paul Burton
@ 2016-07-22 13:05 ` Aurelien Jarno
2016-07-26 10:13 ` Leon Alrae
1 sibling, 0 replies; 3+ messages in thread
From: Aurelien Jarno @ 2016-07-22 13:05 UTC (permalink / raw)
To: Paul Burton; +Cc: qemu-devel, Leon Alrae
On 2016-07-22 10:55, Paul Burton wrote:
> The print routine provided as part of the in-built bootloader had a bug
> in that it attempted to use a jump instruction as part of a loop, but
> the target has its upper bits zeroed leading to control flow
> transferring to 0xb0000814 rather than the intended 0xbfc00814. Fix this
> by using a branch instruction instead, which seems more fit for purpose.
>
> A simple way to test this is to build a Linux kernel with EVA enabled &
> attempt to boot it in QEMU. It will attempt to print a message
> indicating the configuration mismatch but QEMU would previously
> incorrectly jump & wind up printing a continuous stream of the letter E.
>
> Signed-off-by: Paul Burton <paul.burton@imgtec.com>
> Cc: Aurelien Jarno <aurelien@aurel32.net>
> Cc: Leon Alrae <leon.alrae@imgtec.com>
> ---
> hw/mips/mips_malta.c | 2 +-
> 1 file changed, 1 insertion(+), 1 deletion(-)
>
> diff --git a/hw/mips/mips_malta.c b/hw/mips/mips_malta.c
> index 34d41ef..e90857e 100644
> --- a/hw/mips/mips_malta.c
> +++ b/hw/mips/mips_malta.c
> @@ -727,7 +727,7 @@ static void write_bootloader(uint8_t *base, int64_t run_addr,
> stl_p(p++, 0x00000000); /* nop */
> stl_p(p++, 0x0ff0021c); /* jal 870 */
> stl_p(p++, 0x00000000); /* nop */
> - stl_p(p++, 0x08000205); /* j 814 */
> + stl_p(p++, 0x1000fff9); /* b 814 */
> stl_p(p++, 0x00000000); /* nop */
> stl_p(p++, 0x01a00009); /* jalr t5 */
> stl_p(p++, 0x01602021); /* move a0,t3 */
This looks fine. The switch from jump to branch is questionable given
there are other jumps around in the code, but that's just nitpicking.
Reviewed-by: Aurelien Jarno <aurelien@aurel32.net>
--
Aurelien Jarno GPG: 4096R/1DDD8C9B
aurelien@aurel32.net http://www.aurel32.net
^ permalink raw reply [flat|nested] 3+ messages in thread
* Re: [Qemu-devel] [PATCH] hw/mips_malta: Fix YAMON API print routine
2016-07-22 9:55 [Qemu-devel] [PATCH] hw/mips_malta: Fix YAMON API print routine Paul Burton
2016-07-22 13:05 ` Aurelien Jarno
@ 2016-07-26 10:13 ` Leon Alrae
1 sibling, 0 replies; 3+ messages in thread
From: Leon Alrae @ 2016-07-26 10:13 UTC (permalink / raw)
To: Paul Burton; +Cc: qemu-devel, Aurelien Jarno
On Fri, Jul 22, 2016 at 10:55:40AM +0100, Paul Burton wrote:
> The print routine provided as part of the in-built bootloader had a bug
> in that it attempted to use a jump instruction as part of a loop, but
> the target has its upper bits zeroed leading to control flow
> transferring to 0xb0000814 rather than the intended 0xbfc00814. Fix this
> by using a branch instruction instead, which seems more fit for purpose.
>
> A simple way to test this is to build a Linux kernel with EVA enabled &
> attempt to boot it in QEMU. It will attempt to print a message
> indicating the configuration mismatch but QEMU would previously
> incorrectly jump & wind up printing a continuous stream of the letter E.
>
> Signed-off-by: Paul Burton <paul.burton@imgtec.com>
> Cc: Aurelien Jarno <aurelien@aurel32.net>
> Cc: Leon Alrae <leon.alrae@imgtec.com>
> ---
> hw/mips/mips_malta.c | 2 +-
> 1 file changed, 1 insertion(+), 1 deletion(-)
Applied to target-mips queue.
Thanks,
Leon
^ permalink raw reply [flat|nested] 3+ messages in thread
end of thread, other threads:[~2016-07-26 10:14 UTC | newest]
Thread overview: 3+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2016-07-22 9:55 [Qemu-devel] [PATCH] hw/mips_malta: Fix YAMON API print routine Paul Burton
2016-07-22 13:05 ` Aurelien Jarno
2016-07-26 10:13 ` Leon Alrae
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).