From mboxrd@z Thu Jan  1 00:00:00 1970
Received: from list by monty-python.gnu.org with tmda-scanned (Exim 4.34)
	id 1BQcPf-0006Iv-AA
	for qemu-devel@nongnu.org; Wed, 19 May 2004 21:31:59 -0400
Received: from mail by monty-python.gnu.org with spam-scanned (Exim 4.34)
	id 1BQcOz-000697-42
	for qemu-devel@nongnu.org; Wed, 19 May 2004 21:31:50 -0400
Received: from [195.238.3.101] (helo=outfbmx006.isp.belgacom.be)
	by monty-python.gnu.org with esmtp (TLSv1:DES-CBC3-SHA:168)
	(Exim 4.34) id 1BQcOw-00061P-Fz
	for qemu-devel@nongnu.org; Wed, 19 May 2004 21:31:15 -0400
Received: from outmx001.isp.belgacom.be (outmx001.isp.belgacom.be
	[195.238.3.51]) by outfbmx006.isp.belgacom.be
	(8.12.11/8.12.11/Skynet-OUT-FALLBACK-2.22) with ESMTP id
	i4JM4NTC007892
	for <qemu-devel@nongnu.org>; Thu, 20 May 2004 00:04:23 +0200
	(envelope-from <mark.jonckheere@easynet.be>)
Received: from outmx001.isp.belgacom.be (localhost [127.0.0.1])
	by outmx001.isp.belgacom.be (8.12.11/8.12.11/Skynet-OUT-2.22) with
	ESMTP id i4JM4HQo014128
	for <qemu-devel@nongnu.org>; Thu, 20 May 2004 00:04:17 +0200
	(envelope-from <mark.jonckheere@easynet.be>)
Received: from easynet.be (133.75-136-217.adsl.skynet.be [217.136.75.133])
	by outmx001.isp.belgacom.be (8.12.11/8.12.11/Skynet-OUT-2.22) with
	ESMTP id i4JM4BwY014074
	for <qemu-devel@nongnu.org>; Thu, 20 May 2004 00:04:11 +0200
	(envelope-from <mark.jonckheere@easynet.be>)
Message-ID: <40ABE6F8.2070101@easynet.be>
Date: Thu, 20 May 2004 01:00:08 +0200
From: Mark Jonckheere <mark.jonckheere@easynet.be>
MIME-Version: 1.0
Content-Type: text/plain; charset=ISO-8859-15; format=flowed
Content-Transfer-Encoding: 7bit
Subject: [Qemu-devel] PCI-error with Beos 4.5 and Plan9
Reply-To: qemu-devel@nongnu.org
List-Id: qemu-devel.nongnu.org
List-Unsubscribe: <http://mail.nongnu.org/mailman/listinfo/qemu-devel>,
	<mailto:qemu-devel-request@nongnu.org?subject=unsubscribe>
List-Archive: <http://mail.gnu.org/pipermail/qemu-devel>
List-Post: <mailto:qemu-devel@nongnu.org>
List-Help: <mailto:qemu-devel-request@nongnu.org?subject=help>
List-Subscribe: <http://mail.nongnu.org/mailman/listinfo/qemu-devel>,
	<mailto:qemu-devel-request@nongnu.org?subject=subscribe>
To: qemu-devel@nongnu.org

Booting from an install-CD for Beos 4.5 and another one for Plan9
with PCI enabled gives an error. It seems that the function
register_ioport_write() is called with an address (-4) outside
of its expected range (0-65535).

It appears that both operating systems implement the procedure
described in the application note at page 204 from the document
"http://www.singlix.org/trdos/PCI22.pdf" with the special bits
already cleared.

The following quick patch (against CVS 19-05-2004) works for me
in both cases.

diff -wurb qemu/hw/pci.c qemu-patched/hw/pci.c
--- qemu/hw/pci.c       Wed May 19 01:05:28 2004
+++ qemu-patched/hw/pci.c       Thu May 20 00:12:46 2004
@@ -145,7 +145,7 @@
          r = &pci_dev->io_regions[reg];
          if (r->size == 0)
              goto default_config;
-        if (val != 0xffffffff && val != 0) {
+        if ((val | 0x0f) != 0xffffffff && val != 0) {
              /* XXX: the memory assignment should be global to handle
                 overlaps, but it is not needed at this stage */
              /* first unmap the old region */


To be completely correct a distinction should be made between memory
and I/O addressing and in the second case a (val | 0x03) should be
used.

The following patch was used for generating the boot log for both systems.

Greetings,
Mark.


===== diffs from current (19-05-2004) CVS =========

diff -wurb qemu/hw/pci.c qemu-patched/hw/pci.c
--- qemu/hw/pci.c	Wed May 19 01:05:28 2004
+++ qemu-patched/hw/pci.c	Wed May 19 21:37:42 2004
@@ -23,7 +23,7 @@
   */
  #include "vl.h"

-//#define DEBUG_PCI
+#define DEBUG_PCI

  typedef struct PCIBridge {
      uint32_t config_reg;
diff -wurb qemu/vl.c qemu-patched/vl.c
--- qemu/vl.c	Wed May 19 01:03:06 2004
+++ qemu-patched/vl.c	Wed May 19 21:46:48 2004
@@ -206,6 +206,10 @@
          return -1;
      }
      for(i = start; i < start + length; i += size) {
+        if (i < 0 || i > 65535) {
+            printf("register_ioport_read bad offset: %d\n", i);
+            return 0;
+        }
          ioport_read_table[bsize][i] = func;
          if (ioport_opaque[i] != NULL && ioport_opaque[i] != opaque)
              hw_error("register_ioport_read: invalid opaque");
@@ -231,6 +235,10 @@
          return -1;
      }
      for(i = start; i < start + length; i += size) {
+        if (i < 0 || i > 65535) {
+            printf("register_ioport_write bad offset: %d\n", i);
+            return 0;
+        }
          ioport_write_table[bsize][i] = func;
          if (ioport_opaque[i] != NULL && ioport_opaque[i] != opaque)
              hw_error("register_ioport_read: invalid opaque");

========== Beos 4.5 boot messages ===========

[mark@rh73 qemu-devel]$ qemu/i386-softmmu/qemu -hda scratch.img -cdrom /dev/cdrom -boot d -pci
Connected to host network interface: tun1
Serial port redirected to /dev/pts/5
pci_config_write: NE2000: addr=10 val=0000c000 len=4
map addr=0000c000 size=00000100 type=1
pci_config_write: IDE: addr=10 val=000001f0 len=4
map addr=000001f0 size=00000008 type=1
pci_config_write: IDE: addr=14 val=000003f4 len=4
map addr=000003f4 size=00000004 type=1
pci_config_write: IDE: addr=18 val=00000170 len=4
map addr=00000170 size=00000008 type=1
pci_config_write: IDE: addr=1c val=00000374 len=4
map addr=00000374 size=00000004 type=1
QEMU 0.5.5 monitor - type 'help' for more information
(qemu) pci_config_read: i440FX: addr=00 val=00008086 len=2
pci_config_read: i440FX: addr=3d val=00000000 len=1
pci_config_read: i440FX: addr=00 val=12378086 len=4
pci_config_read: i440FX: addr=08 val=06040002 len=4
pci_config_read: i440FX: addr=0c val=00010001 len=4
pci_config_read: i440FX: addr=10 val=00000000 len=4
pci_config_write: i440FX: addr=10 val=fffffff0 len=4
pci_config_read: i440FX: addr=10 val=fffffff0 len=4
pci_config_write: i440FX: addr=10 val=00000000 len=4
pci_config_read: i440FX: addr=14 val=00000000 len=4
pci_config_write: i440FX: addr=14 val=fffffff0 len=4
pci_config_read: i440FX: addr=14 val=fffffff0 len=4
pci_config_write: i440FX: addr=14 val=00000000 len=4
pci_config_read: i440FX: addr=18 val=00000000 len=4
pci_config_read: i440FX: addr=1c val=00000000 len=4
pci_config_read: i440FX: addr=20 val=00000000 len=4
pci_config_read: i440FX: addr=24 val=00000000 len=4
pci_config_read: i440FX: addr=28 val=00000000 len=4
pci_config_read: i440FX: addr=2c val=00000000 len=4
pci_config_read: i440FX: addr=30 val=00000000 len=4
pci_config_read: i440FX: addr=38 val=00000000 len=4
pci_config_read: i440FX: addr=3c val=00000000 len=4
pci_config_read: PIIX3: addr=00 val=00008086 len=2
pci_config_read: PIIX3: addr=3d val=00000000 len=1
pci_config_read: PIIX3: addr=00 val=70008086 len=4
pci_config_read: PIIX3: addr=08 val=06010000 len=4
pci_config_read: PIIX3: addr=0c val=00800000 len=4
pci_config_read: PIIX3: addr=10 val=00000000 len=4
pci_config_write: PIIX3: addr=10 val=fffffff0 len=4
pci_config_read: PIIX3: addr=10 val=fffffff0 len=4
pci_config_write: PIIX3: addr=10 val=00000000 len=4
pci_config_read: PIIX3: addr=14 val=00000000 len=4
pci_config_write: PIIX3: addr=14 val=fffffff0 len=4
pci_config_read: PIIX3: addr=14 val=fffffff0 len=4
pci_config_write: PIIX3: addr=14 val=00000000 len=4
pci_config_read: PIIX3: addr=18 val=00000000 len=4
pci_config_write: PIIX3: addr=18 val=fffffff0 len=4
pci_config_read: PIIX3: addr=18 val=fffffff0 len=4
pci_config_write: PIIX3: addr=18 val=00000000 len=4
pci_config_read: PIIX3: addr=1c val=00000000 len=4
pci_config_write: PIIX3: addr=1c val=fffffff0 len=4
pci_config_read: PIIX3: addr=1c val=fffffff0 len=4
pci_config_write: PIIX3: addr=1c val=00000000 len=4
pci_config_read: PIIX3: addr=20 val=00000000 len=4
pci_config_write: PIIX3: addr=20 val=fffffff0 len=4
pci_config_read: PIIX3: addr=20 val=fffffff0 len=4
pci_config_write: PIIX3: addr=20 val=00000000 len=4
pci_config_read: PIIX3: addr=24 val=00000000 len=4
pci_config_write: PIIX3: addr=24 val=fffffff0 len=4
pci_config_read: PIIX3: addr=24 val=fffffff0 len=4
pci_config_write: PIIX3: addr=24 val=00000000 len=4
pci_config_read: PIIX3: addr=3c val=00000000 len=4
pci_config_read: PIIX3: addr=28 val=00000000 len=4
pci_config_read: PIIX3: addr=30 val=00000000 len=4
pci_config_write: PIIX3: addr=30 val=fffff800 len=4
pci_config_read: PIIX3: addr=30 val=fffff800 len=4
pci_config_write: PIIX3: addr=30 val=00000000 len=4
pci_config_read: PIIX3: addr=2c val=00000000 len=4
pci_config_read: NE2000: addr=00 val=000010ec len=2
pci_config_read: NE2000: addr=3d val=00000001 len=1
pci_config_read: NE2000: addr=3c val=0000000b len=1
pci_config_read: NE2000: addr=00 val=802910ec len=4
pci_config_read: NE2000: addr=08 val=02000000 len=4
pci_config_read: NE2000: addr=0c val=00000000 len=4
pci_config_read: NE2000: addr=10 val=0000c001 len=4
pci_config_write: NE2000: addr=10 val=fffffffc len=4
unmap addr=0000c000 size=00000100
map addr=fffffffc size=00000100 type=1
register_ioport_write bad offset: -4
register_ioport_read bad offset: -4
qemu: hardware error: register_ioport_read: invalid opaque
EAX=fffffffc EBX=80001010 ECX=00000000 EDX=00000cfc
ESI=00000000 EDI=00000cfc EBP=01fff820 ESP=01fff7f8
EIP=0017d824 EFL=00000002 [-------]    CPL=0 II=0 A20=1
ES =0010 00000000 ffffffff 00cf9300
CS =0008 00000000 ffffffff 00cf9a00
SS =0010 00000000 ffffffff 00cf9300
DS =0010 00000000 ffffffff 00cf9300
FS =0020 00007c00 0000ffff 00009300
GS =0028 00070000 0000ffff 00009307
LDT=0000 00000000 0000ffff 00008000
TR =0000 00000000 0000ffff 00008000
GDT=     001a72a0 0000002f
IDT=     0007f000 000007ff
CR0=00040033 CR2=00000000 CR3=00000000 CR4=00000000
CCS=00000004 CCD=00000000 CCO=LOGICL
ST0=0.000000 ST1=0.000000 ST2=0.000000 ST3=0.000000
ST4=0.000000 ST5=0.000000 ST6=921.362048 ST7=0.500000
Afgebroken
[mark@rh73 qemu-devel]$


=========== plan9 boot messages ============


[mark@rh73 qemu-devel]$ qemu/i386-softmmu/qemu -hda scratch.img -cdrom /dev/cdrom -boot d -pci
Connected to host network interface: tun1
Serial port redirected to /dev/pts/5
pci_config_write: NE2000: addr=10 val=0000c000 len=4
map addr=0000c000 size=00000100 type=1
pci_config_write: IDE: addr=10 val=000001f0 len=4
map addr=000001f0 size=00000008 type=1
pci_config_write: IDE: addr=14 val=000003f4 len=4
map addr=000003f4 size=00000004 type=1
pci_config_write: IDE: addr=18 val=00000170 len=4
map addr=00000170 size=00000008 type=1
pci_config_write: IDE: addr=1c val=00000374 len=4
map addr=00000374 size=00000004 type=1
QEMU 0.5.5 monitor - type 'help' for more information
(qemu) pci_config_read: i440FX: addr=00 val=12378086 len=4
pci_config_read: i440FX: addr=08 val=00000002 len=1
pci_config_read: i440FX: addr=09 val=00000000 len=1
pci_config_read: i440FX: addr=0a val=00000004 len=1
pci_config_read: i440FX: addr=0b val=00000006 len=1
pci_config_read: i440FX: addr=04 val=00000000 len=4
pci_config_read: i440FX: addr=3c val=00000000 len=1
pci_config_read: i440FX: addr=0e val=00000001 len=1
pci_config_read: PIIX3: addr=00 val=70008086 len=4
pci_config_read: PIIX3: addr=08 val=00000000 len=1
pci_config_read: PIIX3: addr=09 val=00000000 len=1
pci_config_read: PIIX3: addr=0a val=00000001 len=1
pci_config_read: PIIX3: addr=0b val=00000006 len=1
pci_config_read: PIIX3: addr=04 val=02000007 len=4
pci_config_read: PIIX3: addr=3c val=00000000 len=1
pci_config_read: PIIX3: addr=0e val=00000080 len=1
pci_config_read: NE2000: addr=00 val=802910ec len=4
pci_config_read: NE2000: addr=08 val=00000000 len=1
pci_config_read: NE2000: addr=09 val=00000000 len=1
pci_config_read: NE2000: addr=0a val=00000000 len=1
pci_config_read: NE2000: addr=0b val=00000002 len=1
pci_config_read: NE2000: addr=04 val=00000001 len=4
pci_config_read: NE2000: addr=3c val=0000000b len=1
pci_config_read: NE2000: addr=0e val=00000000 len=1
pci_config_read: NE2000: addr=10 val=0000c001 len=4
pci_config_read: NE2000: addr=10 val=0000c001 len=4
pci_config_write: NE2000: addr=10 val=fffffff0 len=4
unmap addr=0000c000 size=00000100
map addr=fffffff0 size=00000100 type=1
register_ioport_write bad offset: -16
register_ioport_read bad offset: -16
qemu: hardware error: register_ioport_read: invalid opaque
EAX=fffffff0 EBX=80c15714 ECX=00000000 EDX=00000cfc
ESI=00000000 EDI=00000010 EBP=80c15714 ESP=80038e5c
EIP=800101b2 EFL=00000202 [-------]    CPL=0 II=0 A20=1
ES =0008 00000000 ffffffff 00cf9300
CS =0010 00000000 ffffffff 00cf9a00
SS =0008 00000000 ffffffff 00cf9300
DS =0008 00000000 ffffffff 00cf9300
FS =0008 00000000 ffffffff 00cf9300
GS =0008 00000000 ffffffff 00cf9300
LDT=0000 00000000 0000ffff 00008000
TR =0000 00000000 0000ffff 00008000
GDT=     00010153 00000018
IDT=     80030854 000007ff
CR0=e0000011 CR2=00000000 CR3=0000c000 CR4=00000000
CCS=00000000 CCD=00000000 CCO=SUBL
ST0=0.000000 ST1=0.000000 ST2=0.000000 ST3=0.000000
ST4=0.000000 ST5=0.000000 ST6=0.000000 ST7=0.000000
Afgebroken
[mark@rh73 qemu-devel]$