From mboxrd@z Thu Jan  1 00:00:00 1970
Received: from mailman by lists.gnu.org with tmda-scanned (Exim 4.43)
	id 1NJOxu-0000Gw-I9
	for qemu-devel@nongnu.org; Sat, 12 Dec 2009 05:12:42 -0500
Received: from exim by lists.gnu.org with spam-scanned (Exim 4.43)
	id 1NJOxp-0000Ay-9d
	for qemu-devel@nongnu.org; Sat, 12 Dec 2009 05:12:41 -0500
Received: from [199.232.76.173] (port=55012 helo=monty-python.gnu.org)
	by lists.gnu.org with esmtp (Exim 4.43) id 1NJOxp-0000Ab-1a
	for qemu-devel@nongnu.org; Sat, 12 Dec 2009 05:12:37 -0500
Received: from mail-yw0-f171.google.com ([209.85.211.171]:46073)
	by monty-python.gnu.org with esmtp (Exim 4.60)
	(envelope-from <blauwirbel@gmail.com>) id 1NJOxo-00049d-Qc
	for qemu-devel@nongnu.org; Sat, 12 Dec 2009 05:12:36 -0500
Received: by ywh1 with SMTP id 1so1621522ywh.18
	for <qemu-devel@nongnu.org>; Sat, 12 Dec 2009 02:12:35 -0800 (PST)
MIME-Version: 1.0
In-Reply-To: <4B22461602000099000327DE@collaborate.seakr.com>
References: <4B22461602000099000327DE@collaborate.seakr.com>
From: Blue Swirl <blauwirbel@gmail.com>
Date: Sat, 12 Dec 2009 12:12:15 +0200
Message-ID: <f43fc5580912120212n7c0d264ve8c95dc2f7cb6acf@mail.gmail.com>
Subject: Re: [Qemu-devel] Bug in Sparc64/IDE Code
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: quoted-printable
List-Id: qemu-devel.nongnu.org
List-Unsubscribe: <http://lists.nongnu.org/mailman/listinfo/qemu-devel>,
	<mailto:qemu-devel-request@nongnu.org?subject=unsubscribe>
List-Archive: <http://lists.gnu.org/pipermail/qemu-devel>
List-Post: <mailto:qemu-devel@nongnu.org>
List-Help: <mailto:qemu-devel-request@nongnu.org?subject=help>
List-Subscribe: <http://lists.nongnu.org/mailman/listinfo/qemu-devel>,
	<mailto:qemu-devel-request@nongnu.org?subject=subscribe>
To: Nick Couchman <Nick.Couchman@seakr.com>
Cc: qemu-devel@nongnu.org

On Fri, Dec 11, 2009 at 10:16 PM, Nick Couchman <Nick.Couchman@seakr.com> w=
rote:
> In working to try to get Sparc64 system emulation developed, we seem to h=
ave run into an issue with the IDE code in Qemu. =C2=A0The OpenBIOS folks h=
ave been working quite a few issues with the OpenBIOS code that need to be =
resolved in order to boot 64-bit Solaris kernels correctly, but the most re=
cent issue indicates that the IDE code for the Sparc64 emulator is reading =
from and writing to the wrong memory locations. =C2=A0The end result is the=
 following output when trying to boot off an ISO image in Qemu:

> bmdma_cmd_writeb: 0x00000054
> bmdma: writeb 0x701 : 0xd7
> bmdma: writeb 0x702 : 0x79
> bmdma: writeb 0x703 : 0xfe
> bmdma_addr_writew: 0x0000ddef
> bmdma_addr_writew: 0x0000b12b
> bmdma_cmd_writeb: 0x000000da
> bmdma: writeb 0x709 : 0x95
> Segmentation fault

I can't reproduce this with milaX 0.3.1, QEMU git HEAD and OpenBIOS
svn r644. The bug could be that the BMDMA address may need BE to LE
conversion, or OpenBIOS could just clobber BMDMA registers with
garbage (the DMA address candidates 0xddefb12b and 0xb12bddef do not
look valid).

Another possibility is that the PCI host bridge should have an IOMMU
which is not implemented yet, but I doubt we are at that stage.

Could you run QEMU in a GDB session and send the backtrace from the segfaul=
t?