mbox series

[00/10] Add Allwinner H3 SoC and Orange Pi PC Machine

Message ID 20191202210947.3603-1-nieklinnenbank@gmail.com (mailing list archive)
Headers show
Series Add Allwinner H3 SoC and Orange Pi PC Machine | expand

Message

Niek Linnenbank Dec. 2, 2019, 9:09 p.m. UTC
Dear QEMU developers,

Hereby I would like to contribute the following set of patches to QEMU
which add support for the Allwinner H3 System on Chip and the
Orange Pi PC machine. The following features and devices are supported:

 * SMP (Quad Core Cortex A7)
 * Generic Interrupt Controller configuration
 * SRAM mappings
 * Timer device (re-used from Allwinner A10)
 * UART
 * SD/MMC storage controller
 * EMAC ethernet connectivity
 * USB 2.0 interfaces
 * Clock Control Unit
 * System Control module
 * Security Identifier device

Functionality related to graphical output such as HDMI, GPU,
Display Engine and audio are not included. Recently released
mainline Linux kernels (4.19 up to latest master) and mainline U-Boot
are known to work. The SD/MMC code is tested using bonnie++ and
various tools such as fsck, dd and fdisk. The EMAC is verified with iperf3
using -netdev socket.

To build a Linux mainline kernel that can be booted by the Orange Pi PC
machine, simply configure the kernel using the sunxi_defconfig configuration:
 $ ARCH=arm CROSS_COMPILE=arm-linux-gnueabi- make mrproper
 $ ARCH=arm CROSS_COMPILE=arm-linux-gnueabi- make sunxi_defconfig

To be able to use USB storage, you need to manually enable the corresponding
configuration item. Start the kconfig configuration tool:
 $ ARCH=arm CROSS_COMPILE=arm-linux-gnueabi- make menuconfig

Navigate to the following item, enable it and save your configuration:
 Device Drivers > USB support > USB Mass Storage support

Build the Linux kernel with:
 $ ARCH=arm CROSS_COMPILE=arm-linux-gnueabi- make -j5

To boot the newly build linux kernel in QEMU with the Orange Pi PC machine, use:
 $ qemu-system-arm -M orangepi -m 512 -nic user -nographic \
     -kernel /path/to/linux/arch/arm/boot/zImage \
     -append 'console=ttyS0,115200' \
     -dtb /path/to/linux/arch/arm/boot/dts/sun8i-h3-orangepi-pc.dtb

Note that this kernel does not have a root filesystem. You may provide it
with an official Orange Pi PC image [1] either as an SD card or as
USB mass storage. To boot using the Orange Pi PC Debian image on SD card,
simply add the -sd argument and provide the proper root= kernel parameter:
 $ qemu-system-arm -M orangepi -m 512 -nic user -nographic \
     -kernel /path/to/linux/arch/arm/boot/zImage \
     -append 'console=ttyS0,115200 root=/dev/mmcblk0p2' \
     -dtb /path/to/linux/arch/arm/boot/dts/sun8i-h3-orangepi-pc.dtb \
     -sd OrangePi_pc_debian_stretch_server_linux5.3.5_v1.0.img

Alternatively, you can also choose to build and boot a recent buildroot [2]
using the orangepi_pc_defconfig or Armbian image [3] for Orange Pi PC.
To attach an USB mass storage device to the machine, simply append to the command:
 -drive if=none,id=stick,file=myimage.img \
 -device usb-storage,bus=usb-bus.0,drive=stick

U-Boot mainline can be build and configured using the orangepi_pc_defconfig
using similar commands as describe above for Linux. To start U-Boot using
the Orange Pi PC machine, provide the u-boot binary to the -kernel argument:
 $ qemu-system-arm -M orangepi -m 512 -nic user -nographic \
     -kernel /path/to/uboot/u-boot -sd disk.img

Use the following U-boot commands to load and boot a Linux kernel from SD card:
 -> setenv bootargs console=ttyS0,115200
 -> ext2load mmc 0 0x42000000 zImage
 -> ext2load mmc 0 0x43000000 sun8i-h2-plus-orangepi-zero.dtb
 -> bootz 0x42000000 - 0x43000000

Looking forward to your review comments. I will do my best
to update the patches where needed.

With kind regards,

Niek Linnenbank

[1] http://www.orangepi.org/downloadresources/
[2] https://buildroot.org/download.html
[3] https://www.armbian.com/orange-pi-pc/

Niek Linnenbank (10):
  hw: arm: add Allwinner H3 System-on-Chip
  hw: arm: add Xunlong Orange Pi PC machine
  arm: allwinner-h3: add Clock Control Unit
  arm: allwinner-h3: add USB host controller
  arm: allwinner-h3: add System Control module
  arm/arm-powerctl: set NSACR.{CP11,CP10} bits in arm_set_cpu_on()
  arm: allwinner-h3: add CPU Configuration module
  arm: allwinner-h3: add Security Identifier device
  arm: allwinner-h3: add SD/MMC host controller
  arm: allwinner-h3: add EMAC ethernet device

 MAINTAINERS                           |   8 +
 default-configs/arm-softmmu.mak       |   1 +
 hw/arm/Kconfig                        |   9 +
 hw/arm/Makefile.objs                  |   1 +
 hw/arm/allwinner-h3.c                 | 316 ++++++++++
 hw/arm/orangepi.c                     | 114 ++++
 hw/misc/Makefile.objs                 |   4 +
 hw/misc/allwinner-h3-clk.c            | 227 ++++++++
 hw/misc/allwinner-h3-cpucfg.c         | 280 +++++++++
 hw/misc/allwinner-h3-sid.c            | 162 ++++++
 hw/misc/allwinner-h3-syscon.c         | 139 +++++
 hw/misc/trace-events                  |   5 +
 hw/net/Kconfig                        |   3 +
 hw/net/Makefile.objs                  |   1 +
 hw/net/allwinner-h3-emac.c            | 786 +++++++++++++++++++++++++
 hw/net/trace-events                   |  10 +
 hw/sd/Makefile.objs                   |   1 +
 hw/sd/allwinner-h3-sdhost.c           | 791 ++++++++++++++++++++++++++
 hw/sd/trace-events                    |   7 +
 hw/usb/hcd-ehci-sysbus.c              |  17 +
 hw/usb/hcd-ehci.h                     |   1 +
 include/hw/arm/allwinner-h3.h         | 130 +++++
 include/hw/misc/allwinner-h3-clk.h    |  41 ++
 include/hw/misc/allwinner-h3-cpucfg.h |  44 ++
 include/hw/misc/allwinner-h3-sid.h    |  42 ++
 include/hw/misc/allwinner-h3-syscon.h |  43 ++
 include/hw/net/allwinner-h3-emac.h    |  69 +++
 include/hw/sd/allwinner-h3-sdhost.h   |  73 +++
 target/arm/arm-powerctl.c             |   3 +
 29 files changed, 3328 insertions(+)
 create mode 100644 hw/arm/allwinner-h3.c
 create mode 100644 hw/arm/orangepi.c
 create mode 100644 hw/misc/allwinner-h3-clk.c
 create mode 100644 hw/misc/allwinner-h3-cpucfg.c
 create mode 100644 hw/misc/allwinner-h3-sid.c
 create mode 100644 hw/misc/allwinner-h3-syscon.c
 create mode 100644 hw/net/allwinner-h3-emac.c
 create mode 100644 hw/sd/allwinner-h3-sdhost.c
 create mode 100644 include/hw/arm/allwinner-h3.h
 create mode 100644 include/hw/misc/allwinner-h3-clk.h
 create mode 100644 include/hw/misc/allwinner-h3-cpucfg.h
 create mode 100644 include/hw/misc/allwinner-h3-sid.h
 create mode 100644 include/hw/misc/allwinner-h3-syscon.h
 create mode 100644 include/hw/net/allwinner-h3-emac.h
 create mode 100644 include/hw/sd/allwinner-h3-sdhost.h

Comments

Philippe Mathieu-Daudé Dec. 3, 2019, 8:47 a.m. UTC | #1
On 12/2/19 10:09 PM, Niek Linnenbank wrote:
> Dear QEMU developers,
> 
> Hereby I would like to contribute the following set of patches to QEMU
> which add support for the Allwinner H3 System on Chip and the
> Orange Pi PC machine. The following features and devices are supported:
> 
>   * SMP (Quad Core Cortex A7)
>   * Generic Interrupt Controller configuration
>   * SRAM mappings
>   * Timer device (re-used from Allwinner A10)
>   * UART
>   * SD/MMC storage controller
>   * EMAC ethernet connectivity
>   * USB 2.0 interfaces
>   * Clock Control Unit
>   * System Control module
>   * Security Identifier device

Awesome!

> Functionality related to graphical output such as HDMI, GPU,
> Display Engine and audio are not included. Recently released
> mainline Linux kernels (4.19 up to latest master) and mainline U-Boot
> are known to work. The SD/MMC code is tested using bonnie++ and
> various tools such as fsck, dd and fdisk. The EMAC is verified with iperf3
> using -netdev socket.
> 
> To build a Linux mainline kernel that can be booted by the Orange Pi PC
> machine, simply configure the kernel using the sunxi_defconfig configuration:
>   $ ARCH=arm CROSS_COMPILE=arm-linux-gnueabi- make mrproper
>   $ ARCH=arm CROSS_COMPILE=arm-linux-gnueabi- make sunxi_defconfig
> 
> To be able to use USB storage, you need to manually enable the corresponding
> configuration item. Start the kconfig configuration tool:
>   $ ARCH=arm CROSS_COMPILE=arm-linux-gnueabi- make menuconfig
> 
> Navigate to the following item, enable it and save your configuration:
>   Device Drivers > USB support > USB Mass Storage support
> 
> Build the Linux kernel with:
>   $ ARCH=arm CROSS_COMPILE=arm-linux-gnueabi- make -j5
> 
> To boot the newly build linux kernel in QEMU with the Orange Pi PC machine, use:
>   $ qemu-system-arm -M orangepi -m 512 -nic user -nographic \
>       -kernel /path/to/linux/arch/arm/boot/zImage \
>       -append 'console=ttyS0,115200' \
>       -dtb /path/to/linux/arch/arm/boot/dts/sun8i-h3-orangepi-pc.dtb
> 
> Note that this kernel does not have a root filesystem. You may provide it
> with an official Orange Pi PC image [1] either as an SD card or as
> USB mass storage. To boot using the Orange Pi PC Debian image on SD card,
> simply add the -sd argument and provide the proper root= kernel parameter:
>   $ qemu-system-arm -M orangepi -m 512 -nic user -nographic \
>       -kernel /path/to/linux/arch/arm/boot/zImage \
>       -append 'console=ttyS0,115200 root=/dev/mmcblk0p2' \
>       -dtb /path/to/linux/arch/arm/boot/dts/sun8i-h3-orangepi-pc.dtb \
>       -sd OrangePi_pc_debian_stretch_server_linux5.3.5_v1.0.img
> 
> Alternatively, you can also choose to build and boot a recent buildroot [2]
> using the orangepi_pc_defconfig or Armbian image [3] for Orange Pi PC.

Richard, trying the Armbian image from 
https://apt.armbian.com/pool/main/l/linux-4.20.7-sunxi/ I get:

$ arm-softmmu/qemu-system-arm -M orangepi -m 512 -nic user \
   -append 'console=ttyS0,115200' \
   -kernel boot/vmlinuz-4.20.7-sunxi \
   -dtb usr/lib/linux-image-dev-sunxi/sun8i-h3-orangepi-pc.dtb \
   -serial stdio -d unimp
Uncompressing Linux... done, booting the kernel.
rtc: unimplemented device write (size 4, value 0x16aa0001, offset 0x0)
rtc: unimplemented device read (size 4, offset 0x0)
rtc: unimplemented device read (size 4, offset 0x0)
rtc: unimplemented device read (size 4, offset 0x8)
qemu-system-arm: target/arm/helper.c:11359: cpu_get_tb_cpu_state: 
Assertion `flags == rebuild_hflags_internal(env)' failed.
Aborted (core dumped)

(gdb) bt
#0  0x00007f6c1fa2ce35 in raise () at /lib64/libc.so.6
#1  0x00007f6c1fa17895 in abort () at /lib64/libc.so.6
#2  0x00007f6c1fa17769 in _nl_load_domain.cold () at /lib64/libc.so.6
#3  0x00007f6c1fa25566 in annobin_assert.c_end () at /lib64/libc.so.6
#4  0x00005590657e2685 in cpu_get_tb_cpu_state (env=0x5590686899b0, 
pc=0x7f6c07ffa718, cs_base=0x7f6c07ffa714, pflags=0x7f6c07ffa71c) at 
target/arm/helper.c:11359
#5  0x000055906569f962 in tb_lookup__cpu_state (cpu=0x5590686808b0, 
pc=0x7f6c07ffa718, cs_base=0x7f6c07ffa714, flags=0x7f6c07ffa71c, 
cf_mask=524288) at include/exec/tb-lookup.h:28
#6  0x00005590656a084c in tb_find (cpu=0x5590686808b0, last_tb=0x0, 
tb_exit=0, cf_mask=524288) at accel/tcg/cpu-exec.c:403
#7  0x00005590656a114a in cpu_exec (cpu=0x5590686808b0) at 
accel/tcg/cpu-exec.c:730
#8  0x000055906565f6af in tcg_cpu_exec (cpu=0x5590686808b0) at cpus.c:1473
#9  0x000055906565ff05 in qemu_tcg_cpu_thread_fn (arg=0x5590686808b0) at 
cpus.c:1781
#10 0x0000559065d54aa6 in qemu_thread_start (args=0x5590687d8c20) at 
util/qemu-thread-posix.c:519
#11 0x00007f6c1fbc54c0 in start_thread () at /lib64/libpthread.so.0
#12 0x00007f6c1faf1553 in clone () at /lib64/libc.so.6

(gdb) p/x flags
$1 = 0x33600000

(gdb) p/x *env
$2 = {regs = {0x0 <repeats 15 times>, 0x40102448}, xregs = {0x0 <repeats 
32 times>}, pc = 0x0, pstate = 0x0, aarch64 = 0x0, hflags = 0x33600000, 
uncached_cpsr = 0x1a, spsr = 0x0, banked_spsr = {0x0, 0x0, 0x0, 0x0, 
0x0, 0x0, 0x0, 0x0},
   banked_r13 = {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, banked_r14 = 
{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, usr_regs = {0x0, 0x0, 0x0, 
0x0, 0x0}, fiq_regs = {0x0, 0x0, 0x0, 0x0, 0x0}, CF = 0x0, VF = 0x0, NF 
= 0x0, ZF = 0x0,
   QF = 0x0, GE = 0x0, thumb = 0x1, condexec_bits = 0x0, btype = 0x0, 
daif = 0x3c0, elr_el = {0x0, 0x0, 0x0, 0x0}, sp_el = {0x0, 0x0, 0x0, 
0x0}, cp15 = {c0_cpuid = 0x410fc075, {{_unused_csselr0 = 0x0, csselr_ns 
= 0x0,
         _unused_csselr1 = 0x0, csselr_s = 0x0}, csselr_el = {0x0, 0x0, 
0x0, 0x0}}, {{_unused_sctlr = 0x0, sctlr_ns = 0xc50078, hsctlr = 0x0, 
sctlr_s = 0xc50078}, sctlr_el = {0x0, 0xc50078, 0x0, 0xc50078}}, 
cpacr_el1 = 0x0, cptr_el = {
       0x0, 0x0, 0x0, 0x0}, c1_xscaleauxcr = 0x0, sder = 0x0, nsacr = 
0xc00, {{_unused_ttbr0_0 = 0x0, ttbr0_ns = 0x0, _unused_ttbr0_1 = 0x0, 
ttbr0_s = 0x0}, ttbr0_el = {0x0, 0x0, 0x0, 0x0}}, {{_unused_ttbr1_0 = 
0x0, ttbr1_ns = 0x0,
         _unused_ttbr1_1 = 0x0, ttbr1_s = 0x0}, ttbr1_el = {0x0, 0x0, 
0x0, 0x0}}, vttbr_el2 = 0x0, tcr_el = {{raw_tcr = 0x0, mask = 0x0, 
base_mask = 0x0}, {raw_tcr = 0x0, mask = 0x0, base_mask = 0xffffc000}, 
{raw_tcr = 0x0, mask = 0x0,
         base_mask = 0x0}, {raw_tcr = 0x0, mask = 0x0, base_mask = 
0xffffc000}}, vtcr_el2 = {raw_tcr = 0x0, mask = 0x0, base_mask = 0x0}, 
c2_data = 0x0, c2_insn = 0x0, {{dacr_ns = 0x0, dacr_s = 0x0}, 
{dacr32_el2 = 0x0}},
     pmsav5_data_ap = 0x0, pmsav5_insn_ap = 0x0, hcr_el2 = 0x0, scr_el3 
= 0x101, {{ifsr_ns = 0x0, ifsr_s = 0x0}, {ifsr32_el2 = 0x0}}, 
{{_unused_dfsr = 0x0, dfsr_ns = 0x0, hsr = 0x0, dfsr_s = 0x0}, esr_el = 
{0x0, 0x0, 0x0, 0x0}},
     c6_region = {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 
{{_unused_far0 = 0x0, dfar_ns = 0x0, ifar_ns = 0x0, dfar_s = 0x0, ifar_s 
= 0x0, _unused_far3 = 0x0}, far_el = {0x0, 0x0, 0x0, 0x0}}, hpfar_el2 = 
0x0, hstr_el2 = 0x0, {{
         _unused_par_0 = 0x0, par_ns = 0x0, _unused_par_1 = 0x0, par_s = 
0x0}, par_el = {0x0, 0x0, 0x0, 0x0}}, c9_insn = 0x0, c9_data = 0x0, 
c9_pmcr = 0x41002000, c9_pmcnten = 0x0, c9_pmovsr = 0x0, c9_pmuserenr = 
0x0, c9_pmselr = 0x0,
     c9_pminten = 0x0, {{_unused_mair_0 = 0x0, mair0_ns = 0x0, mair1_ns 
= 0x0, _unused_mair_1 = 0x0, mair0_s = 0x0, mair1_s = 0x0}, mair_el = 
{0x0, 0x0, 0x0, 0x0}}, {{_unused_vbar = 0x0, vbar_ns = 0x0, hvbar = 0x0, 
vbar_s = 0x0},
       vbar_el = {0x0, 0x0, 0x0, 0x0}}, mvbar = 0x0, {fcseidr_ns = 0x0, 
fcseidr_s = 0x0}, {{_unused_contextidr_0 = 0x0, contextidr_ns = 0x0, 
_unused_contextidr_1 = 0x0, contextidr_s = 0x0}, contextidr_el = {0x0, 
0x0, 0x0, 0x0}}, {{
         tpidrurw_ns = 0x0, tpidrprw_ns = 0x0, htpidr = 0x0, _tpidr_el3 
= 0x0}, tpidr_el = {0x0, 0x0, 0x0, 0x0}}, tpidrurw_s = 0x0, tpidrprw_s = 
0x0, tpidruro_s = 0x0, {tpidruro_ns = 0x0, tpidrro_el = {0x0}}, 
c14_cntfrq = 0x3b9aca0,
     c14_cntkctl = 0x0, cnthctl_el2 = 0x3, cntvoff_el2 = 0x0, c14_timer 
= {{cval = 0x0, ctl = 0x0}, {cval = 0x0, ctl = 0x0}, {cval = 0x0, ctl = 
0x0}, {cval = 0x0, ctl = 0x0}}, c15_cpar = 0x0, c15_ticonfig = 0x0, 
c15_i_max = 0x0,
     c15_i_min = 0x0, c15_threadid = 0x0, c15_config_base_address = 0x0, 
c15_diagnostic = 0x0, c15_power_diagnostic = 0x0, c15_power_control = 
0x0, dbgbvr = {0x0 <repeats 16 times>}, dbgbcr = {0x0 <repeats 16 
times>}, dbgwvr = {
       0x0 <repeats 16 times>}, dbgwcr = {0x0 <repeats 16 times>}, 
mdscr_el1 = 0x0, oslsr_el1 = 0xa, mdcr_el2 = 0x0, mdcr_el3 = 0x0, 
c15_ccnt = 0x0, c15_ccnt_delta = 0x0, c14_pmevcntr = {0x0 <repeats 31 
times>}, c14_pmevcntr_delta = {
       0x0 <repeats 31 times>}, c14_pmevtyper = {0x0 <repeats 31 
times>}, pmccfiltr_el0 = 0x0, vpidr_el2 = 0x410fc075, vmpidr_el2 = 
0x80000001}, v7m = {other_sp = 0x0, other_ss_msp = 0x0, other_ss_psp = 
0x0, vecbase = {0x0, 0x0},
     basepri = {0x0, 0x0}, control = {0x0, 0x0}, ccr = {0x0, 0x0}, cfsr 
= {0x0, 0x0}, hfsr = 0x0, dfsr = 0x0, sfsr = 0x0, mmfar = {0x0, 0x0}, 
bfar = 0x0, sfar = 0x0, mpu_ctrl = {0x0, 0x0}, exception = 0x0, primask 
= {0x0, 0x0},
     faultmask = {0x0, 0x0}, aircr = 0x0, secure = 0x0, csselr = {0x0, 
0x0}, scr = {0x0, 0x0}, msplim = {0x0, 0x0}, psplim = {0x0, 0x0}, fpcar 
= {0x0, 0x0}, fpccr = {0x0, 0x0}, fpdscr = {0x0, 0x0}, cpacr = {0x0, 
0x0}, nsacr = 0x0},
   exception = {syndrome = 0x0, fsr = 0x0, vaddress = 0x0, target_el = 
0x0}, serror = {pending = 0x0, has_esr = 0x0, esr = 0x0}, irq_line_state 
= 0x0, teecr = 0x0, teehbr = 0x0, vfp = {zregs = {{d = {0x0, 0x0}} 
<repeats 32 times>},
     qc = {0x0, 0x0, 0x0, 0x0}, vec_len = 0x0, vec_stride = 0x0, xregs = 
{0x41023075, 0x0, 0x0, 0x0, 0x0, 0x0, 0x11111111, 0x10110222, 0x0, 0x0, 
0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, scratch = {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 
0x0, 0x0},
     fp_status = {float_detect_tininess = 0x1, float_rounding_mode = 
0x0, float_exception_flags = 0x0, floatx80_rounding_precision = 0x0, 
flush_to_zero = 0x0, flush_inputs_to_zero = 0x0, default_nan_mode = 0x0, 
snan_bit_is_one = 0x0},
     fp_status_f16 = {float_detect_tininess = 0x1, float_rounding_mode = 
0x0, float_exception_flags = 0x0, floatx80_rounding_precision = 0x0, 
flush_to_zero = 0x0, flush_inputs_to_zero = 0x0, default_nan_mode = 0x0,
       snan_bit_is_one = 0x0}, standard_fp_status = 
{float_detect_tininess = 0x1, float_rounding_mode = 0x0, 
float_exception_flags = 0x0, floatx80_rounding_precision = 0x0, 
flush_to_zero = 0x1, flush_inputs_to_zero = 0x1,
       default_nan_mode = 0x1, snan_bit_is_one = 0x0}, zcr_el = {0x0, 
0x0, 0x0, 0x0}}, exclusive_addr = 0xffffffffffffffff, exclusive_val = 
0x0, exclusive_high = 0x0, iwmmxt = {regs = {0x0 <repeats 16 times>}, 
val = 0x0, cregs = {
       0x0 <repeats 16 times>}}, cpu_breakpoint = {0x0 <repeats 16 
times>}, cpu_watchpoint = {0x0 <repeats 16 times>}, end_reset_fields = 
{<No data fields>}, features = 0xfd38fbe6f3, pmsav7 = {drbar = 0x0, drsr 
= 0x0, dracr = 0x0,
     rnr = {0x0, 0x0}}, pmsav8 = {rbar = {0x0, 0x0}, rlar = {0x0, 0x0}, 
mair0 = {0x0, 0x0}, mair1 = {0x0, 0x0}}, sau = {rbar = 0x0, rlar = 0x0, 
rnr = 0x0, ctrl = 0x0}, nvic = 0x0, boot_info = 0x5622af3a17a0, 
gicv3state = 0x0}

> [1] http://www.orangepi.org/downloadresources/
> [2] https://buildroot.org/download.html
> [3] https://www.armbian.com/orange-pi-pc/
Philippe Mathieu-Daudé Dec. 3, 2019, 9:02 a.m. UTC | #2
On 12/2/19 10:09 PM, Niek Linnenbank wrote:
> Dear QEMU developers,
> 
> Hereby I would like to contribute the following set of patches to QEMU
> which add support for the Allwinner H3 System on Chip and the
> Orange Pi PC machine. The following features and devices are supported:
> 
>   * SMP (Quad Core Cortex A7)
>   * Generic Interrupt Controller configuration
>   * SRAM mappings
>   * Timer device (re-used from Allwinner A10)
>   * UART
>   * SD/MMC storage controller
>   * EMAC ethernet connectivity
>   * USB 2.0 interfaces
>   * Clock Control Unit
>   * System Control module
>   * Security Identifier device
> 
> Functionality related to graphical output such as HDMI, GPU,
> Display Engine and audio are not included.

I'd love to see the OpenRISC AR100 core instantiated in this SoC.

Your contribution makes another good example of multi-arch/single-binary 
QEMU (here 4x ARM + 1x OpenRISC).
Niek Linnenbank Dec. 3, 2019, 7:25 p.m. UTC | #3
Hi Philippe,

Thanks for your very quick response!
I remember I have seen this error before while working on the patches, in
particular
on the SMP part. I'll try to reproduce this error with the 4.20 sunxi
kernel you used and debug it.

Could it be related to the change I made in patch 0006 for the CP10/CP11
bits?
Basically I needed to add that to get the CPUCFG module working. It is an
interface
that U-Boot uses to reset the secondary cores for PSCI functionality. I used
the arm_set_cpu_on() function there to reset the cores at the desired start
address,
but Im not sure if that function is the right choice. At some point while
rebasing the patches,
I got undefined exceptions which turned out to be because of the CP10/CP11
bits missing.
If I made an obvious mistake there, please let me know and I'll correct it.

Regards,
Niek


On Tue, Dec 3, 2019 at 9:47 AM Philippe Mathieu-Daudé <philmd@redhat.com>
wrote:

> On 12/2/19 10:09 PM, Niek Linnenbank wrote:
> > Dear QEMU developers,
> >
> > Hereby I would like to contribute the following set of patches to QEMU
> > which add support for the Allwinner H3 System on Chip and the
> > Orange Pi PC machine. The following features and devices are supported:
> >
> >   * SMP (Quad Core Cortex A7)
> >   * Generic Interrupt Controller configuration
> >   * SRAM mappings
> >   * Timer device (re-used from Allwinner A10)
> >   * UART
> >   * SD/MMC storage controller
> >   * EMAC ethernet connectivity
> >   * USB 2.0 interfaces
> >   * Clock Control Unit
> >   * System Control module
> >   * Security Identifier device
>
> Awesome!
>
> > Functionality related to graphical output such as HDMI, GPU,
> > Display Engine and audio are not included. Recently released
> > mainline Linux kernels (4.19 up to latest master) and mainline U-Boot
> > are known to work. The SD/MMC code is tested using bonnie++ and
> > various tools such as fsck, dd and fdisk. The EMAC is verified with
> iperf3
> > using -netdev socket.
> >
> > To build a Linux mainline kernel that can be booted by the Orange Pi PC
> > machine, simply configure the kernel using the sunxi_defconfig
> configuration:
> >   $ ARCH=arm CROSS_COMPILE=arm-linux-gnueabi- make mrproper
> >   $ ARCH=arm CROSS_COMPILE=arm-linux-gnueabi- make sunxi_defconfig
> >
> > To be able to use USB storage, you need to manually enable the
> corresponding
> > configuration item. Start the kconfig configuration tool:
> >   $ ARCH=arm CROSS_COMPILE=arm-linux-gnueabi- make menuconfig
> >
> > Navigate to the following item, enable it and save your configuration:
> >   Device Drivers > USB support > USB Mass Storage support
> >
> > Build the Linux kernel with:
> >   $ ARCH=arm CROSS_COMPILE=arm-linux-gnueabi- make -j5
> >
> > To boot the newly build linux kernel in QEMU with the Orange Pi PC
> machine, use:
> >   $ qemu-system-arm -M orangepi -m 512 -nic user -nographic \
> >       -kernel /path/to/linux/arch/arm/boot/zImage \
> >       -append 'console=ttyS0,115200' \
> >       -dtb /path/to/linux/arch/arm/boot/dts/sun8i-h3-orangepi-pc.dtb
> >
> > Note that this kernel does not have a root filesystem. You may provide it
> > with an official Orange Pi PC image [1] either as an SD card or as
> > USB mass storage. To boot using the Orange Pi PC Debian image on SD card,
> > simply add the -sd argument and provide the proper root= kernel
> parameter:
> >   $ qemu-system-arm -M orangepi -m 512 -nic user -nographic \
> >       -kernel /path/to/linux/arch/arm/boot/zImage \
> >       -append 'console=ttyS0,115200 root=/dev/mmcblk0p2' \
> >       -dtb /path/to/linux/arch/arm/boot/dts/sun8i-h3-orangepi-pc.dtb \
> >       -sd OrangePi_pc_debian_stretch_server_linux5.3.5_v1.0.img
> >
> > Alternatively, you can also choose to build and boot a recent buildroot
> [2]
> > using the orangepi_pc_defconfig or Armbian image [3] for Orange Pi PC.
>
> Richard, trying the Armbian image from
> https://apt.armbian.com/pool/main/l/linux-4.20.7-sunxi/ I get:
>
> $ arm-softmmu/qemu-system-arm -M orangepi -m 512 -nic user \
>    -append 'console=ttyS0,115200' \
>    -kernel boot/vmlinuz-4.20.7-sunxi \
>    -dtb usr/lib/linux-image-dev-sunxi/sun8i-h3-orangepi-pc.dtb \
>    -serial stdio -d unimp
> Uncompressing Linux... done, booting the kernel.
> rtc: unimplemented device write (size 4, value 0x16aa0001, offset 0x0)
> rtc: unimplemented device read (size 4, offset 0x0)
> rtc: unimplemented device read (size 4, offset 0x0)
> rtc: unimplemented device read (size 4, offset 0x8)
> qemu-system-arm: target/arm/helper.c:11359: cpu_get_tb_cpu_state:
> Assertion `flags == rebuild_hflags_internal(env)' failed.
> Aborted (core dumped)
>
> (gdb) bt
> #0  0x00007f6c1fa2ce35 in raise () at /lib64/libc.so.6
> #1  0x00007f6c1fa17895 in abort () at /lib64/libc.so.6
> #2  0x00007f6c1fa17769 in _nl_load_domain.cold () at /lib64/libc.so.6
> #3  0x00007f6c1fa25566 in annobin_assert.c_end () at /lib64/libc.so.6
> #4  0x00005590657e2685 in cpu_get_tb_cpu_state (env=0x5590686899b0,
> pc=0x7f6c07ffa718, cs_base=0x7f6c07ffa714, pflags=0x7f6c07ffa71c) at
> target/arm/helper.c:11359
> #5  0x000055906569f962 in tb_lookup__cpu_state (cpu=0x5590686808b0,
> pc=0x7f6c07ffa718, cs_base=0x7f6c07ffa714, flags=0x7f6c07ffa71c,
> cf_mask=524288) at include/exec/tb-lookup.h:28
> #6  0x00005590656a084c in tb_find (cpu=0x5590686808b0, last_tb=0x0,
> tb_exit=0, cf_mask=524288) at accel/tcg/cpu-exec.c:403
> #7  0x00005590656a114a in cpu_exec (cpu=0x5590686808b0) at
> accel/tcg/cpu-exec.c:730
> #8  0x000055906565f6af in tcg_cpu_exec (cpu=0x5590686808b0) at cpus.c:1473
> #9  0x000055906565ff05 in qemu_tcg_cpu_thread_fn (arg=0x5590686808b0) at
> cpus.c:1781
> #10 0x0000559065d54aa6 in qemu_thread_start (args=0x5590687d8c20) at
> util/qemu-thread-posix.c:519
> #11 0x00007f6c1fbc54c0 in start_thread () at /lib64/libpthread.so.0
> #12 0x00007f6c1faf1553 in clone () at /lib64/libc.so.6
>
> (gdb) p/x flags
> $1 = 0x33600000
>
> (gdb) p/x *env
> $2 = {regs = {0x0 <repeats 15 times>, 0x40102448}, xregs = {0x0 <repeats
> 32 times>}, pc = 0x0, pstate = 0x0, aarch64 = 0x0, hflags = 0x33600000,
> uncached_cpsr = 0x1a, spsr = 0x0, banked_spsr = {0x0, 0x0, 0x0, 0x0,
> 0x0, 0x0, 0x0, 0x0},
>    banked_r13 = {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, banked_r14 =
> {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, usr_regs = {0x0, 0x0, 0x0,
> 0x0, 0x0}, fiq_regs = {0x0, 0x0, 0x0, 0x0, 0x0}, CF = 0x0, VF = 0x0, NF
> = 0x0, ZF = 0x0,
>    QF = 0x0, GE = 0x0, thumb = 0x1, condexec_bits = 0x0, btype = 0x0,
> daif = 0x3c0, elr_el = {0x0, 0x0, 0x0, 0x0}, sp_el = {0x0, 0x0, 0x0,
> 0x0}, cp15 = {c0_cpuid = 0x410fc075, {{_unused_csselr0 = 0x0, csselr_ns
> = 0x0,
>          _unused_csselr1 = 0x0, csselr_s = 0x0}, csselr_el = {0x0, 0x0,
> 0x0, 0x0}}, {{_unused_sctlr = 0x0, sctlr_ns = 0xc50078, hsctlr = 0x0,
> sctlr_s = 0xc50078}, sctlr_el = {0x0, 0xc50078, 0x0, 0xc50078}},
> cpacr_el1 = 0x0, cptr_el = {
>        0x0, 0x0, 0x0, 0x0}, c1_xscaleauxcr = 0x0, sder = 0x0, nsacr =
> 0xc00, {{_unused_ttbr0_0 = 0x0, ttbr0_ns = 0x0, _unused_ttbr0_1 = 0x0,
> ttbr0_s = 0x0}, ttbr0_el = {0x0, 0x0, 0x0, 0x0}}, {{_unused_ttbr1_0 =
> 0x0, ttbr1_ns = 0x0,
>          _unused_ttbr1_1 = 0x0, ttbr1_s = 0x0}, ttbr1_el = {0x0, 0x0,
> 0x0, 0x0}}, vttbr_el2 = 0x0, tcr_el = {{raw_tcr = 0x0, mask = 0x0,
> base_mask = 0x0}, {raw_tcr = 0x0, mask = 0x0, base_mask = 0xffffc000},
> {raw_tcr = 0x0, mask = 0x0,
>          base_mask = 0x0}, {raw_tcr = 0x0, mask = 0x0, base_mask =
> 0xffffc000}}, vtcr_el2 = {raw_tcr = 0x0, mask = 0x0, base_mask = 0x0},
> c2_data = 0x0, c2_insn = 0x0, {{dacr_ns = 0x0, dacr_s = 0x0},
> {dacr32_el2 = 0x0}},
>      pmsav5_data_ap = 0x0, pmsav5_insn_ap = 0x0, hcr_el2 = 0x0, scr_el3
> = 0x101, {{ifsr_ns = 0x0, ifsr_s = 0x0}, {ifsr32_el2 = 0x0}},
> {{_unused_dfsr = 0x0, dfsr_ns = 0x0, hsr = 0x0, dfsr_s = 0x0}, esr_el =
> {0x0, 0x0, 0x0, 0x0}},
>      c6_region = {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0},
> {{_unused_far0 = 0x0, dfar_ns = 0x0, ifar_ns = 0x0, dfar_s = 0x0, ifar_s
> = 0x0, _unused_far3 = 0x0}, far_el = {0x0, 0x0, 0x0, 0x0}}, hpfar_el2 =
> 0x0, hstr_el2 = 0x0, {{
>          _unused_par_0 = 0x0, par_ns = 0x0, _unused_par_1 = 0x0, par_s =
> 0x0}, par_el = {0x0, 0x0, 0x0, 0x0}}, c9_insn = 0x0, c9_data = 0x0,
> c9_pmcr = 0x41002000, c9_pmcnten = 0x0, c9_pmovsr = 0x0, c9_pmuserenr =
> 0x0, c9_pmselr = 0x0,
>      c9_pminten = 0x0, {{_unused_mair_0 = 0x0, mair0_ns = 0x0, mair1_ns
> = 0x0, _unused_mair_1 = 0x0, mair0_s = 0x0, mair1_s = 0x0}, mair_el =
> {0x0, 0x0, 0x0, 0x0}}, {{_unused_vbar = 0x0, vbar_ns = 0x0, hvbar = 0x0,
> vbar_s = 0x0},
>        vbar_el = {0x0, 0x0, 0x0, 0x0}}, mvbar = 0x0, {fcseidr_ns = 0x0,
> fcseidr_s = 0x0}, {{_unused_contextidr_0 = 0x0, contextidr_ns = 0x0,
> _unused_contextidr_1 = 0x0, contextidr_s = 0x0}, contextidr_el = {0x0,
> 0x0, 0x0, 0x0}}, {{
>          tpidrurw_ns = 0x0, tpidrprw_ns = 0x0, htpidr = 0x0, _tpidr_el3
> = 0x0}, tpidr_el = {0x0, 0x0, 0x0, 0x0}}, tpidrurw_s = 0x0, tpidrprw_s =
> 0x0, tpidruro_s = 0x0, {tpidruro_ns = 0x0, tpidrro_el = {0x0}},
> c14_cntfrq = 0x3b9aca0,
>      c14_cntkctl = 0x0, cnthctl_el2 = 0x3, cntvoff_el2 = 0x0, c14_timer
> = {{cval = 0x0, ctl = 0x0}, {cval = 0x0, ctl = 0x0}, {cval = 0x0, ctl =
> 0x0}, {cval = 0x0, ctl = 0x0}}, c15_cpar = 0x0, c15_ticonfig = 0x0,
> c15_i_max = 0x0,
>      c15_i_min = 0x0, c15_threadid = 0x0, c15_config_base_address = 0x0,
> c15_diagnostic = 0x0, c15_power_diagnostic = 0x0, c15_power_control =
> 0x0, dbgbvr = {0x0 <repeats 16 times>}, dbgbcr = {0x0 <repeats 16
> times>}, dbgwvr = {
>        0x0 <repeats 16 times>}, dbgwcr = {0x0 <repeats 16 times>},
> mdscr_el1 = 0x0, oslsr_el1 = 0xa, mdcr_el2 = 0x0, mdcr_el3 = 0x0,
> c15_ccnt = 0x0, c15_ccnt_delta = 0x0, c14_pmevcntr = {0x0 <repeats 31
> times>}, c14_pmevcntr_delta = {
>        0x0 <repeats 31 times>}, c14_pmevtyper = {0x0 <repeats 31
> times>}, pmccfiltr_el0 = 0x0, vpidr_el2 = 0x410fc075, vmpidr_el2 =
> 0x80000001}, v7m = {other_sp = 0x0, other_ss_msp = 0x0, other_ss_psp =
> 0x0, vecbase = {0x0, 0x0},
>      basepri = {0x0, 0x0}, control = {0x0, 0x0}, ccr = {0x0, 0x0}, cfsr
> = {0x0, 0x0}, hfsr = 0x0, dfsr = 0x0, sfsr = 0x0, mmfar = {0x0, 0x0},
> bfar = 0x0, sfar = 0x0, mpu_ctrl = {0x0, 0x0}, exception = 0x0, primask
> = {0x0, 0x0},
>      faultmask = {0x0, 0x0}, aircr = 0x0, secure = 0x0, csselr = {0x0,
> 0x0}, scr = {0x0, 0x0}, msplim = {0x0, 0x0}, psplim = {0x0, 0x0}, fpcar
> = {0x0, 0x0}, fpccr = {0x0, 0x0}, fpdscr = {0x0, 0x0}, cpacr = {0x0,
> 0x0}, nsacr = 0x0},
>    exception = {syndrome = 0x0, fsr = 0x0, vaddress = 0x0, target_el =
> 0x0}, serror = {pending = 0x0, has_esr = 0x0, esr = 0x0}, irq_line_state
> = 0x0, teecr = 0x0, teehbr = 0x0, vfp = {zregs = {{d = {0x0, 0x0}}
> <repeats 32 times>},
>      qc = {0x0, 0x0, 0x0, 0x0}, vec_len = 0x0, vec_stride = 0x0, xregs =
> {0x41023075, 0x0, 0x0, 0x0, 0x0, 0x0, 0x11111111, 0x10110222, 0x0, 0x0,
> 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, scratch = {0x0, 0x0, 0x0, 0x0, 0x0, 0x0,
> 0x0, 0x0},
>      fp_status = {float_detect_tininess = 0x1, float_rounding_mode =
> 0x0, float_exception_flags = 0x0, floatx80_rounding_precision = 0x0,
> flush_to_zero = 0x0, flush_inputs_to_zero = 0x0, default_nan_mode = 0x0,
> snan_bit_is_one = 0x0},
>      fp_status_f16 = {float_detect_tininess = 0x1, float_rounding_mode =
> 0x0, float_exception_flags = 0x0, floatx80_rounding_precision = 0x0,
> flush_to_zero = 0x0, flush_inputs_to_zero = 0x0, default_nan_mode = 0x0,
>        snan_bit_is_one = 0x0}, standard_fp_status =
> {float_detect_tininess = 0x1, float_rounding_mode = 0x0,
> float_exception_flags = 0x0, floatx80_rounding_precision = 0x0,
> flush_to_zero = 0x1, flush_inputs_to_zero = 0x1,
>        default_nan_mode = 0x1, snan_bit_is_one = 0x0}, zcr_el = {0x0,
> 0x0, 0x0, 0x0}}, exclusive_addr = 0xffffffffffffffff, exclusive_val =
> 0x0, exclusive_high = 0x0, iwmmxt = {regs = {0x0 <repeats 16 times>},
> val = 0x0, cregs = {
>        0x0 <repeats 16 times>}}, cpu_breakpoint = {0x0 <repeats 16
> times>}, cpu_watchpoint = {0x0 <repeats 16 times>}, end_reset_fields =
> {<No data fields>}, features = 0xfd38fbe6f3, pmsav7 = {drbar = 0x0, drsr
> = 0x0, dracr = 0x0,
>      rnr = {0x0, 0x0}}, pmsav8 = {rbar = {0x0, 0x0}, rlar = {0x0, 0x0},
> mair0 = {0x0, 0x0}, mair1 = {0x0, 0x0}}, sau = {rbar = 0x0, rlar = 0x0,
> rnr = 0x0, ctrl = 0x0}, nvic = 0x0, boot_info = 0x5622af3a17a0,
> gicv3state = 0x0}
>
> > [1] http://www.orangepi.org/downloadresources/
> > [2] https://buildroot.org/download.html
> > [3] https://www.armbian.com/orange-pi-pc/
>
>
Niek Linnenbank Dec. 3, 2019, 7:32 p.m. UTC | #4
Hello Philippe,

On Tue, Dec 3, 2019 at 10:02 AM Philippe Mathieu-Daudé <philmd@redhat.com>
wrote:

> On 12/2/19 10:09 PM, Niek Linnenbank wrote:
> > Dear QEMU developers,
> >
> > Hereby I would like to contribute the following set of patches to QEMU
> > which add support for the Allwinner H3 System on Chip and the
> > Orange Pi PC machine. The following features and devices are supported:
> >
> >   * SMP (Quad Core Cortex A7)
> >   * Generic Interrupt Controller configuration
> >   * SRAM mappings
> >   * Timer device (re-used from Allwinner A10)
> >   * UART
> >   * SD/MMC storage controller
> >   * EMAC ethernet connectivity
> >   * USB 2.0 interfaces
> >   * Clock Control Unit
> >   * System Control module
> >   * Security Identifier device
> >
> > Functionality related to graphical output such as HDMI, GPU,
> > Display Engine and audio are not included.
>
> I'd love to see the OpenRISC AR100 core instantiated in this SoC.
>
> Your contribution makes another good example of multi-arch/single-binary
> QEMU (here 4x ARM + 1x OpenRISC).
>
>
Indeed that sounds like an interesting combination. Are there plans to
build a multi-arch/single-binary QEMU?
I have not looked yet at that part of the H3, but there is some documention
available here on this wiki:
  https://linux-sunxi.org/AR100

Regards,
Niek
Peter Maydell Dec. 6, 2019, 2:16 p.m. UTC | #5
On Tue, 3 Dec 2019 at 19:32, Niek Linnenbank <nieklinnenbank@gmail.com> wrote:
> Indeed that sounds like an interesting combination. Are there plans to build a multi-arch/single-binary QEMU?

This is in the category of "it would be nice in theory to
support multi-arch guest machines, and we've made some
small steps in that direction and/or tried to keep the
door open for it when designing things, but it would
still be a huge amount of work to actually implement,
so don't hold your breath for it or make anything else
depend on having it happen first"...

thanks
-- PMM
Niek Linnenbank Dec. 9, 2019, 9:37 p.m. UTC | #6
Hi Philippe,

On Tue, Dec 3, 2019 at 9:47 AM Philippe Mathieu-Daudé <philmd@redhat.com>
wrote:

> On 12/2/19 10:09 PM, Niek Linnenbank wrote:
> > Dear QEMU developers,
> >
> > Hereby I would like to contribute the following set of patches to QEMU
> > which add support for the Allwinner H3 System on Chip and the
> > Orange Pi PC machine. The following features and devices are supported:
> >
> >   * SMP (Quad Core Cortex A7)
> >   * Generic Interrupt Controller configuration
> >   * SRAM mappings
> >   * Timer device (re-used from Allwinner A10)
> >   * UART
> >   * SD/MMC storage controller
> >   * EMAC ethernet connectivity
> >   * USB 2.0 interfaces
> >   * Clock Control Unit
> >   * System Control module
> >   * Security Identifier device
>
> Awesome!
>
> > Functionality related to graphical output such as HDMI, GPU,
> > Display Engine and audio are not included. Recently released
> > mainline Linux kernels (4.19 up to latest master) and mainline U-Boot
> > are known to work. The SD/MMC code is tested using bonnie++ and
> > various tools such as fsck, dd and fdisk. The EMAC is verified with
> iperf3
> > using -netdev socket.
> >
> > To build a Linux mainline kernel that can be booted by the Orange Pi PC
> > machine, simply configure the kernel using the sunxi_defconfig
> configuration:
> >   $ ARCH=arm CROSS_COMPILE=arm-linux-gnueabi- make mrproper
> >   $ ARCH=arm CROSS_COMPILE=arm-linux-gnueabi- make sunxi_defconfig
> >
> > To be able to use USB storage, you need to manually enable the
> corresponding
> > configuration item. Start the kconfig configuration tool:
> >   $ ARCH=arm CROSS_COMPILE=arm-linux-gnueabi- make menuconfig
> >
> > Navigate to the following item, enable it and save your configuration:
> >   Device Drivers > USB support > USB Mass Storage support
> >
> > Build the Linux kernel with:
> >   $ ARCH=arm CROSS_COMPILE=arm-linux-gnueabi- make -j5
> >
> > To boot the newly build linux kernel in QEMU with the Orange Pi PC
> machine, use:
> >   $ qemu-system-arm -M orangepi -m 512 -nic user -nographic \
> >       -kernel /path/to/linux/arch/arm/boot/zImage \
> >       -append 'console=ttyS0,115200' \
> >       -dtb /path/to/linux/arch/arm/boot/dts/sun8i-h3-orangepi-pc.dtb
> >
> > Note that this kernel does not have a root filesystem. You may provide it
> > with an official Orange Pi PC image [1] either as an SD card or as
> > USB mass storage. To boot using the Orange Pi PC Debian image on SD card,
> > simply add the -sd argument and provide the proper root= kernel
> parameter:
> >   $ qemu-system-arm -M orangepi -m 512 -nic user -nographic \
> >       -kernel /path/to/linux/arch/arm/boot/zImage \
> >       -append 'console=ttyS0,115200 root=/dev/mmcblk0p2' \
> >       -dtb /path/to/linux/arch/arm/boot/dts/sun8i-h3-orangepi-pc.dtb \
> >       -sd OrangePi_pc_debian_stretch_server_linux5.3.5_v1.0.img
> >
> > Alternatively, you can also choose to build and boot a recent buildroot
> [2]
> > using the orangepi_pc_defconfig or Armbian image [3] for Orange Pi PC.
>
> Richard, trying the Armbian image from
> https://apt.armbian.com/pool/main/l/linux-4.20.7-sunxi/ I get:
>
> $ arm-softmmu/qemu-system-arm -M orangepi -m 512 -nic user \
>    -append 'console=ttyS0,115200' \
>    -kernel boot/vmlinuz-4.20.7-sunxi \
>    -dtb usr/lib/linux-image-dev-sunxi/sun8i-h3-orangepi-pc.dtb \
>    -serial stdio -d unimp
> Uncompressing Linux... done, booting the kernel.
> rtc: unimplemented device write (size 4, value 0x16aa0001, offset 0x0)
> rtc: unimplemented device read (size 4, offset 0x0)
> rtc: unimplemented device read (size 4, offset 0x0)
> rtc: unimplemented device read (size 4, offset 0x8)
> qemu-system-arm: target/arm/helper.c:11359: cpu_get_tb_cpu_state:
> Assertion `flags == rebuild_hflags_internal(env)' failed.
> Aborted (core dumped)
>

I'm trying to reproduce the error you reported here with my patch set on
latest master,
but so far without any result. The host OS I'm using is Ubuntu 18.04.3 LTS
on x86_64.
I ran several times using the same 4.20.7-sunxi kernel and same command
line.

Some questions that might help:
1) Are there any specific steps you did in order to produce this error?
2) Could this be a known / existing issue?
3) How many times did you see this error?
4) Are you also using Ubuntu 18.04.3 LTS on x86_64, or a different host OS?

Regards,
Niek


>
> (gdb) bt
> #0  0x00007f6c1fa2ce35 in raise () at /lib64/libc.so.6
> #1  0x00007f6c1fa17895 in abort () at /lib64/libc.so.6
> #2  0x00007f6c1fa17769 in _nl_load_domain.cold () at /lib64/libc.so.6
> #3  0x00007f6c1fa25566 in annobin_assert.c_end () at /lib64/libc.so.6
> #4  0x00005590657e2685 in cpu_get_tb_cpu_state (env=0x5590686899b0,
> pc=0x7f6c07ffa718, cs_base=0x7f6c07ffa714, pflags=0x7f6c07ffa71c) at
> target/arm/helper.c:11359
> #5  0x000055906569f962 in tb_lookup__cpu_state (cpu=0x5590686808b0,
> pc=0x7f6c07ffa718, cs_base=0x7f6c07ffa714, flags=0x7f6c07ffa71c,
> cf_mask=524288) at include/exec/tb-lookup.h:28
> #6  0x00005590656a084c in tb_find (cpu=0x5590686808b0, last_tb=0x0,
> tb_exit=0, cf_mask=524288) at accel/tcg/cpu-exec.c:403
> #7  0x00005590656a114a in cpu_exec (cpu=0x5590686808b0) at
> accel/tcg/cpu-exec.c:730
> #8  0x000055906565f6af in tcg_cpu_exec (cpu=0x5590686808b0) at cpus.c:1473
> #9  0x000055906565ff05 in qemu_tcg_cpu_thread_fn (arg=0x5590686808b0) at
> cpus.c:1781
> #10 0x0000559065d54aa6 in qemu_thread_start (args=0x5590687d8c20) at
> util/qemu-thread-posix.c:519
> #11 0x00007f6c1fbc54c0 in start_thread () at /lib64/libpthread.so.0
> #12 0x00007f6c1faf1553 in clone () at /lib64/libc.so.6
>
> (gdb) p/x flags
> $1 = 0x33600000
>
> (gdb) p/x *env
> $2 = {regs = {0x0 <repeats 15 times>, 0x40102448}, xregs = {0x0 <repeats
> 32 times>}, pc = 0x0, pstate = 0x0, aarch64 = 0x0, hflags = 0x33600000,
> uncached_cpsr = 0x1a, spsr = 0x0, banked_spsr = {0x0, 0x0, 0x0, 0x0,
> 0x0, 0x0, 0x0, 0x0},
>    banked_r13 = {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, banked_r14 =
> {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, usr_regs = {0x0, 0x0, 0x0,
> 0x0, 0x0}, fiq_regs = {0x0, 0x0, 0x0, 0x0, 0x0}, CF = 0x0, VF = 0x0, NF
> = 0x0, ZF = 0x0,
>    QF = 0x0, GE = 0x0, thumb = 0x1, condexec_bits = 0x0, btype = 0x0,
> daif = 0x3c0, elr_el = {0x0, 0x0, 0x0, 0x0}, sp_el = {0x0, 0x0, 0x0,
> 0x0}, cp15 = {c0_cpuid = 0x410fc075, {{_unused_csselr0 = 0x0, csselr_ns
> = 0x0,
>          _unused_csselr1 = 0x0, csselr_s = 0x0}, csselr_el = {0x0, 0x0,
> 0x0, 0x0}}, {{_unused_sctlr = 0x0, sctlr_ns = 0xc50078, hsctlr = 0x0,
> sctlr_s = 0xc50078}, sctlr_el = {0x0, 0xc50078, 0x0, 0xc50078}},
> cpacr_el1 = 0x0, cptr_el = {
>        0x0, 0x0, 0x0, 0x0}, c1_xscaleauxcr = 0x0, sder = 0x0, nsacr =
> 0xc00, {{_unused_ttbr0_0 = 0x0, ttbr0_ns = 0x0, _unused_ttbr0_1 = 0x0,
> ttbr0_s = 0x0}, ttbr0_el = {0x0, 0x0, 0x0, 0x0}}, {{_unused_ttbr1_0 =
> 0x0, ttbr1_ns = 0x0,
>          _unused_ttbr1_1 = 0x0, ttbr1_s = 0x0}, ttbr1_el = {0x0, 0x0,
> 0x0, 0x0}}, vttbr_el2 = 0x0, tcr_el = {{raw_tcr = 0x0, mask = 0x0,
> base_mask = 0x0}, {raw_tcr = 0x0, mask = 0x0, base_mask = 0xffffc000},
> {raw_tcr = 0x0, mask = 0x0,
>          base_mask = 0x0}, {raw_tcr = 0x0, mask = 0x0, base_mask =
> 0xffffc000}}, vtcr_el2 = {raw_tcr = 0x0, mask = 0x0, base_mask = 0x0},
> c2_data = 0x0, c2_insn = 0x0, {{dacr_ns = 0x0, dacr_s = 0x0},
> {dacr32_el2 = 0x0}},
>      pmsav5_data_ap = 0x0, pmsav5_insn_ap = 0x0, hcr_el2 = 0x0, scr_el3
> = 0x101, {{ifsr_ns = 0x0, ifsr_s = 0x0}, {ifsr32_el2 = 0x0}},
> {{_unused_dfsr = 0x0, dfsr_ns = 0x0, hsr = 0x0, dfsr_s = 0x0}, esr_el =
> {0x0, 0x0, 0x0, 0x0}},
>      c6_region = {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0},
> {{_unused_far0 = 0x0, dfar_ns = 0x0, ifar_ns = 0x0, dfar_s = 0x0, ifar_s
> = 0x0, _unused_far3 = 0x0}, far_el = {0x0, 0x0, 0x0, 0x0}}, hpfar_el2 =
> 0x0, hstr_el2 = 0x0, {{
>          _unused_par_0 = 0x0, par_ns = 0x0, _unused_par_1 = 0x0, par_s =
> 0x0}, par_el = {0x0, 0x0, 0x0, 0x0}}, c9_insn = 0x0, c9_data = 0x0,
> c9_pmcr = 0x41002000, c9_pmcnten = 0x0, c9_pmovsr = 0x0, c9_pmuserenr =
> 0x0, c9_pmselr = 0x0,
>      c9_pminten = 0x0, {{_unused_mair_0 = 0x0, mair0_ns = 0x0, mair1_ns
> = 0x0, _unused_mair_1 = 0x0, mair0_s = 0x0, mair1_s = 0x0}, mair_el =
> {0x0, 0x0, 0x0, 0x0}}, {{_unused_vbar = 0x0, vbar_ns = 0x0, hvbar = 0x0,
> vbar_s = 0x0},
>        vbar_el = {0x0, 0x0, 0x0, 0x0}}, mvbar = 0x0, {fcseidr_ns = 0x0,
> fcseidr_s = 0x0}, {{_unused_contextidr_0 = 0x0, contextidr_ns = 0x0,
> _unused_contextidr_1 = 0x0, contextidr_s = 0x0}, contextidr_el = {0x0,
> 0x0, 0x0, 0x0}}, {{
>          tpidrurw_ns = 0x0, tpidrprw_ns = 0x0, htpidr = 0x0, _tpidr_el3
> = 0x0}, tpidr_el = {0x0, 0x0, 0x0, 0x0}}, tpidrurw_s = 0x0, tpidrprw_s =
> 0x0, tpidruro_s = 0x0, {tpidruro_ns = 0x0, tpidrro_el = {0x0}},
> c14_cntfrq = 0x3b9aca0,
>      c14_cntkctl = 0x0, cnthctl_el2 = 0x3, cntvoff_el2 = 0x0, c14_timer
> = {{cval = 0x0, ctl = 0x0}, {cval = 0x0, ctl = 0x0}, {cval = 0x0, ctl =
> 0x0}, {cval = 0x0, ctl = 0x0}}, c15_cpar = 0x0, c15_ticonfig = 0x0,
> c15_i_max = 0x0,
>      c15_i_min = 0x0, c15_threadid = 0x0, c15_config_base_address = 0x0,
> c15_diagnostic = 0x0, c15_power_diagnostic = 0x0, c15_power_control =
> 0x0, dbgbvr = {0x0 <repeats 16 times>}, dbgbcr = {0x0 <repeats 16
> times>}, dbgwvr = {
>        0x0 <repeats 16 times>}, dbgwcr = {0x0 <repeats 16 times>},
> mdscr_el1 = 0x0, oslsr_el1 = 0xa, mdcr_el2 = 0x0, mdcr_el3 = 0x0,
> c15_ccnt = 0x0, c15_ccnt_delta = 0x0, c14_pmevcntr = {0x0 <repeats 31
> times>}, c14_pmevcntr_delta = {
>        0x0 <repeats 31 times>}, c14_pmevtyper = {0x0 <repeats 31
> times>}, pmccfiltr_el0 = 0x0, vpidr_el2 = 0x410fc075, vmpidr_el2 =
> 0x80000001}, v7m = {other_sp = 0x0, other_ss_msp = 0x0, other_ss_psp =
> 0x0, vecbase = {0x0, 0x0},
>      basepri = {0x0, 0x0}, control = {0x0, 0x0}, ccr = {0x0, 0x0}, cfsr
> = {0x0, 0x0}, hfsr = 0x0, dfsr = 0x0, sfsr = 0x0, mmfar = {0x0, 0x0},
> bfar = 0x0, sfar = 0x0, mpu_ctrl = {0x0, 0x0}, exception = 0x0, primask
> = {0x0, 0x0},
>      faultmask = {0x0, 0x0}, aircr = 0x0, secure = 0x0, csselr = {0x0,
> 0x0}, scr = {0x0, 0x0}, msplim = {0x0, 0x0}, psplim = {0x0, 0x0}, fpcar
> = {0x0, 0x0}, fpccr = {0x0, 0x0}, fpdscr = {0x0, 0x0}, cpacr = {0x0,
> 0x0}, nsacr = 0x0},
>    exception = {syndrome = 0x0, fsr = 0x0, vaddress = 0x0, target_el =
> 0x0}, serror = {pending = 0x0, has_esr = 0x0, esr = 0x0}, irq_line_state
> = 0x0, teecr = 0x0, teehbr = 0x0, vfp = {zregs = {{d = {0x0, 0x0}}
> <repeats 32 times>},
>      qc = {0x0, 0x0, 0x0, 0x0}, vec_len = 0x0, vec_stride = 0x0, xregs =
> {0x41023075, 0x0, 0x0, 0x0, 0x0, 0x0, 0x11111111, 0x10110222, 0x0, 0x0,
> 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, scratch = {0x0, 0x0, 0x0, 0x0, 0x0, 0x0,
> 0x0, 0x0},
>      fp_status = {float_detect_tininess = 0x1, float_rounding_mode =
> 0x0, float_exception_flags = 0x0, floatx80_rounding_precision = 0x0,
> flush_to_zero = 0x0, flush_inputs_to_zero = 0x0, default_nan_mode = 0x0,
> snan_bit_is_one = 0x0},
>      fp_status_f16 = {float_detect_tininess = 0x1, float_rounding_mode =
> 0x0, float_exception_flags = 0x0, floatx80_rounding_precision = 0x0,
> flush_to_zero = 0x0, flush_inputs_to_zero = 0x0, default_nan_mode = 0x0,
>        snan_bit_is_one = 0x0}, standard_fp_status =
> {float_detect_tininess = 0x1, float_rounding_mode = 0x0,
> float_exception_flags = 0x0, floatx80_rounding_precision = 0x0,
> flush_to_zero = 0x1, flush_inputs_to_zero = 0x1,
>        default_nan_mode = 0x1, snan_bit_is_one = 0x0}, zcr_el = {0x0,
> 0x0, 0x0, 0x0}}, exclusive_addr = 0xffffffffffffffff, exclusive_val =
> 0x0, exclusive_high = 0x0, iwmmxt = {regs = {0x0 <repeats 16 times>},
> val = 0x0, cregs = {
>        0x0 <repeats 16 times>}}, cpu_breakpoint = {0x0 <repeats 16
> times>}, cpu_watchpoint = {0x0 <repeats 16 times>}, end_reset_fields =
> {<No data fields>}, features = 0xfd38fbe6f3, pmsav7 = {drbar = 0x0, drsr
> = 0x0, dracr = 0x0,
>      rnr = {0x0, 0x0}}, pmsav8 = {rbar = {0x0, 0x0}, rlar = {0x0, 0x0},
> mair0 = {0x0, 0x0}, mair1 = {0x0, 0x0}}, sau = {rbar = 0x0, rlar = 0x0,
> rnr = 0x0, ctrl = 0x0}, nvic = 0x0, boot_info = 0x5622af3a17a0,
> gicv3state = 0x0}
>
> > [1] http://www.orangepi.org/downloadresources/
> > [2] https://buildroot.org/download.html
> > [3] https://www.armbian.com/orange-pi-pc/
>
>
Aleksandar Markovic Dec. 9, 2019, 10:24 p.m. UTC | #7
On Friday, December 6, 2019, Peter Maydell <peter.maydell@linaro.org> wrote:

> On Tue, 3 Dec 2019 at 19:32, Niek Linnenbank <nieklinnenbank@gmail.com>
> wrote:
> > Indeed that sounds like an interesting combination. Are there plans to
> build a multi-arch/single-binary QEMU?
>
> This is in the category of "it would be nice in theory to
> support multi-arch guest machines, and we've made some
> small steps in that direction and/or tried to keep the
> door open for it when designing things, but it would
> still be a huge amount of work to actually implement,
> so don't hold your breath for it or make anything else
> depend on having it happen first"...
>
>
Peter,

This is one of the longest definitions of a category (in fact, most likely,
the longest) that I have heard in my life. ;))

Aleksandar



> thanks
> -- PMM
>
>
Philippe Mathieu-Daudé Dec. 10, 2019, 8:26 a.m. UTC | #8
On 12/9/19 10:37 PM, Niek Linnenbank wrote:
> Hi Philippe,
> 
> On Tue, Dec 3, 2019 at 9:47 AM Philippe Mathieu-Daudé <philmd@redhat.com 
> <mailto:philmd@redhat.com>> wrote:
> 
>     On 12/2/19 10:09 PM, Niek Linnenbank wrote:
>      > Dear QEMU developers,
>      >
>      > Hereby I would like to contribute the following set of patches to
>     QEMU
>      > which add support for the Allwinner H3 System on Chip and the
>      > Orange Pi PC machine. The following features and devices are
>     supported:
>      >
>      >   * SMP (Quad Core Cortex A7)
>      >   * Generic Interrupt Controller configuration
>      >   * SRAM mappings
>      >   * Timer device (re-used from Allwinner A10)
>      >   * UART
>      >   * SD/MMC storage controller
>      >   * EMAC ethernet connectivity
>      >   * USB 2.0 interfaces
>      >   * Clock Control Unit
>      >   * System Control module
>      >   * Security Identifier device
> 
>     Awesome!
> 
>      > Functionality related to graphical output such as HDMI, GPU,
>      > Display Engine and audio are not included. Recently released
>      > mainline Linux kernels (4.19 up to latest master) and mainline U-Boot
>      > are known to work. The SD/MMC code is tested using bonnie++ and
>      > various tools such as fsck, dd and fdisk. The EMAC is verified
>     with iperf3
>      > using -netdev socket.
>      >
>      > To build a Linux mainline kernel that can be booted by the Orange
>     Pi PC
>      > machine, simply configure the kernel using the sunxi_defconfig
>     configuration:
>      >   $ ARCH=arm CROSS_COMPILE=arm-linux-gnueabi- make mrproper
>      >   $ ARCH=arm CROSS_COMPILE=arm-linux-gnueabi- make sunxi_defconfig
>      >
>      > To be able to use USB storage, you need to manually enable the
>     corresponding
>      > configuration item. Start the kconfig configuration tool:
>      >   $ ARCH=arm CROSS_COMPILE=arm-linux-gnueabi- make menuconfig
>      >
>      > Navigate to the following item, enable it and save your
>     configuration:
>      >   Device Drivers > USB support > USB Mass Storage support
>      >
>      > Build the Linux kernel with:
>      >   $ ARCH=arm CROSS_COMPILE=arm-linux-gnueabi- make -j5
>      >
>      > To boot the newly build linux kernel in QEMU with the Orange Pi
>     PC machine, use:
>      >   $ qemu-system-arm -M orangepi -m 512 -nic user -nographic \
>      >       -kernel /path/to/linux/arch/arm/boot/zImage \
>      >       -append 'console=ttyS0,115200' \
>      >       -dtb /path/to/linux/arch/arm/boot/dts/sun8i-h3-orangepi-pc.dtb
>      >
>      > Note that this kernel does not have a root filesystem. You may
>     provide it
>      > with an official Orange Pi PC image [1] either as an SD card or as
>      > USB mass storage. To boot using the Orange Pi PC Debian image on
>     SD card,
>      > simply add the -sd argument and provide the proper root= kernel
>     parameter:
>      >   $ qemu-system-arm -M orangepi -m 512 -nic user -nographic \
>      >       -kernel /path/to/linux/arch/arm/boot/zImage \
>      >       -append 'console=ttyS0,115200 root=/dev/mmcblk0p2' \
>      >       -dtb
>     /path/to/linux/arch/arm/boot/dts/sun8i-h3-orangepi-pc.dtb \
>      >       -sd OrangePi_pc_debian_stretch_server_linux5.3.5_v1.0.img
>      >
>      > Alternatively, you can also choose to build and boot a recent
>     buildroot [2]
>      > using the orangepi_pc_defconfig or Armbian image [3] for Orange
>     Pi PC.
> 
>     Richard, trying the Armbian image from
>     https://apt.armbian.com/pool/main/l/linux-4.20.7-sunxi/ I get:
> 
>     $ arm-softmmu/qemu-system-arm -M orangepi -m 512 -nic user \
>         -append 'console=ttyS0,115200' \
>         -kernel boot/vmlinuz-4.20.7-sunxi \
>         -dtb usr/lib/linux-image-dev-sunxi/sun8i-h3-orangepi-pc.dtb \
>         -serial stdio -d unimp
>     Uncompressing Linux... done, booting the kernel.
>     rtc: unimplemented device write (size 4, value 0x16aa0001, offset 0x0)
>     rtc: unimplemented device read (size 4, offset 0x0)
>     rtc: unimplemented device read (size 4, offset 0x0)
>     rtc: unimplemented device read (size 4, offset 0x8)
>     qemu-system-arm: target/arm/helper.c:11359: cpu_get_tb_cpu_state:
>     Assertion `flags == rebuild_hflags_internal(env)' failed.
>     Aborted (core dumped)
> 
> 
> I'm trying to reproduce the error you reported here with my patch set on 
> latest master,
> but so far without any result. The host OS I'm using is Ubuntu 18.04.3 
> LTS on x86_64.
> I ran several times using the same 4.20.7-sunxi kernel and same command 
> line.
> 
> Some questions that might help:
> 1) Are there any specific steps you did in order to produce this error?

I build QEMU with:

./configure --enable-trace-backends=log --extra-cflags=-ggdb --enable-debug

> 2) Could this be a known / existing issue?
> 3) How many times did you see this error?

Always

> 4) Are you also using Ubuntu 18.04.3 LTS on x86_64, or a different host OS?

Host is Fedora 30.

> 
> Regards,
> Niek
Philippe Mathieu-Daudé Dec. 10, 2019, 8:40 a.m. UTC | #9
Cc'ing Alex.

On 12/3/19 8:25 PM, Niek Linnenbank wrote:
> Hi Philippe,
> 
> Thanks for your very quick response!
> I remember I have seen this error before while working on the patches, 
> in particular
> on the SMP part. I'll try to reproduce this error with the 4.20 sunxi 
> kernel you used and debug it.
> 
> Could it be related to the change I made in patch 0006 for the CP10/CP11 
> bits?
> Basically I needed to add that to get the CPUCFG module working. It is 
> an interface
> that U-Boot uses to reset the secondary cores for PSCI functionality. I used
> the arm_set_cpu_on() function there to reset the cores at the desired 
> start address,
> but Im not sure if that function is the right choice. At some point 
> while rebasing the patches,
> I got undefined exceptions which turned out to be because of the 
> CP10/CP11 bits missing.
> If I made an obvious mistake there, please let me know and I'll correct it.
> 
> Regards,
> Niek
> 
> 
> On Tue, Dec 3, 2019 at 9:47 AM Philippe Mathieu-Daudé <philmd@redhat.com 
> <mailto:philmd@redhat.com>> wrote:
> 
>     On 12/2/19 10:09 PM, Niek Linnenbank wrote:
>      > Dear QEMU developers,
>      >
>      > Hereby I would like to contribute the following set of patches to
>     QEMU
>      > which add support for the Allwinner H3 System on Chip and the
>      > Orange Pi PC machine. The following features and devices are
>     supported:
>      >
>      >   * SMP (Quad Core Cortex A7)
>      >   * Generic Interrupt Controller configuration
>      >   * SRAM mappings
>      >   * Timer device (re-used from Allwinner A10)
>      >   * UART
>      >   * SD/MMC storage controller
>      >   * EMAC ethernet connectivity
>      >   * USB 2.0 interfaces
>      >   * Clock Control Unit
>      >   * System Control module
>      >   * Security Identifier device
> 
>     Awesome!
> 
>      > Functionality related to graphical output such as HDMI, GPU,
>      > Display Engine and audio are not included. Recently released
>      > mainline Linux kernels (4.19 up to latest master) and mainline U-Boot
>      > are known to work. The SD/MMC code is tested using bonnie++ and
>      > various tools such as fsck, dd and fdisk. The EMAC is verified
>     with iperf3
>      > using -netdev socket.
>      >
>      > To build a Linux mainline kernel that can be booted by the Orange
>     Pi PC
>      > machine, simply configure the kernel using the sunxi_defconfig
>     configuration:
>      >   $ ARCH=arm CROSS_COMPILE=arm-linux-gnueabi- make mrproper
>      >   $ ARCH=arm CROSS_COMPILE=arm-linux-gnueabi- make sunxi_defconfig
>      >
>      > To be able to use USB storage, you need to manually enable the
>     corresponding
>      > configuration item. Start the kconfig configuration tool:
>      >   $ ARCH=arm CROSS_COMPILE=arm-linux-gnueabi- make menuconfig
>      >
>      > Navigate to the following item, enable it and save your
>     configuration:
>      >   Device Drivers > USB support > USB Mass Storage support
>      >
>      > Build the Linux kernel with:
>      >   $ ARCH=arm CROSS_COMPILE=arm-linux-gnueabi- make -j5
>      >
>      > To boot the newly build linux kernel in QEMU with the Orange Pi
>     PC machine, use:
>      >   $ qemu-system-arm -M orangepi -m 512 -nic user -nographic \
>      >       -kernel /path/to/linux/arch/arm/boot/zImage \
>      >       -append 'console=ttyS0,115200' \
>      >       -dtb /path/to/linux/arch/arm/boot/dts/sun8i-h3-orangepi-pc.dtb
>      >
>      > Note that this kernel does not have a root filesystem. You may
>     provide it
>      > with an official Orange Pi PC image [1] either as an SD card or as
>      > USB mass storage. To boot using the Orange Pi PC Debian image on
>     SD card,
>      > simply add the -sd argument and provide the proper root= kernel
>     parameter:
>      >   $ qemu-system-arm -M orangepi -m 512 -nic user -nographic \
>      >       -kernel /path/to/linux/arch/arm/boot/zImage \
>      >       -append 'console=ttyS0,115200 root=/dev/mmcblk0p2' \
>      >       -dtb
>     /path/to/linux/arch/arm/boot/dts/sun8i-h3-orangepi-pc.dtb \
>      >       -sd OrangePi_pc_debian_stretch_server_linux5.3.5_v1.0.img
>      >
>      > Alternatively, you can also choose to build and boot a recent
>     buildroot [2]
>      > using the orangepi_pc_defconfig or Armbian image [3] for Orange
>     Pi PC.
> 
>     Richard, trying the Armbian image from
>     https://apt.armbian.com/pool/main/l/linux-4.20.7-sunxi/ I get:
> 
>     $ arm-softmmu/qemu-system-arm -M orangepi -m 512 -nic user \
>         -append 'console=ttyS0,115200' \
>         -kernel boot/vmlinuz-4.20.7-sunxi \
>         -dtb usr/lib/linux-image-dev-sunxi/sun8i-h3-orangepi-pc.dtb \
>         -serial stdio -d unimp
>     Uncompressing Linux... done, booting the kernel.
>     rtc: unimplemented device write (size 4, value 0x16aa0001, offset 0x0)
>     rtc: unimplemented device read (size 4, offset 0x0)
>     rtc: unimplemented device read (size 4, offset 0x0)
>     rtc: unimplemented device read (size 4, offset 0x8)
>     qemu-system-arm: target/arm/helper.c:11359: cpu_get_tb_cpu_state:
>     Assertion `flags == rebuild_hflags_internal(env)' failed.
>     Aborted (core dumped)

To have ELF debug info I built a Linux kernel around v5.5-rc1 (commit 
2f13437b8) with:

$ make ARCH=arm CROSS_COMPILE=arm-linux-gnu- sunxi_defconfig zImage

Then I applied Alex patch and mine on top of your series:
https://www.mail-archive.com/qemu-devel@nongnu.org/msg663850.html
https://www.mail-archive.com/qemu-devel@nongnu.org/msg663843.html

Running with -d in_asm,cpu:

----------------
IN:
0xc0102128:  e281c018  add      ip, r1, #0x18
0xc010212c:  e8ac6ff0  stm      ip!, {r4, r5, r6, r7, r8, sb, sl, fp, 
sp, lr}
0xc0102130:  e592405c  ldr      r4, [r2, #0x5c]
0xc0102134:  e5925060  ldr      r5, [r2, #0x60]
0xc0102138:  ee1d7f50  mrc      p15, #0, r7, c13, c0, #2
0xc010213c:  ee0d4f70  mcr      p15, #0, r4, c13, c0, #3

R00=c0a07c40 R01=c0a00000 R02=c685a000 R03=00000000
R04=c6ea7cc0 R05=c0a07c40 R06=c68405c0 R07=c0958cc0
R08=00000000 R09=0654f000 R10=c0701e8c R11=c0a01f94
R12=00000000 R13=c0a01f50 R14=c06df2fc R15=c0102128
PSR=600000d3 -ZC- A NS svc32
----------------
IN:
0xc0102140:  ee0d5f50  mcr      p15, #0, r5, c13, c0, #2

R00=c0a07c40 R01=c0a00000 R02=c685a000 R03=00000000
R04=00000000 R05=00000000 R06=c68405c0 R07=00000000
R08=00000000 R09=0654f000 R10=c0701e8c R11=c0a01f94
R12=c0a00040 R13=c0a01f50 R14=c06df2fc R15=c0102140
PSR=600000d3 -ZC- A NS svc32
----------------
TCG hflags mismatch (current:0x33600000 rebuilt:0x20200040)
Aborted (core dumped)

(gdb) disas __switch_to
Dump of assembler code for function __switch_to:
    0xc0102128 <+0>:     add     r12, r1, #24
    0xc010212c <+4>:     stmia   r12!, {r4, r5, r6, r7, r8, r9, r10, 
r11, sp, lr}
    0xc0102130 <+8>:     ldr     r4, [r2, #92]   ; 0x5c
    0xc0102134 <+12>:    ldr     r5, [r2, #96]   ; 0x60
    0xc0102138 <+16>:    mrc     15, 0, r7, cr13, cr0, {2}
    0xc010213c <+20>:    mcr     15, 0, r4, cr13, cr0, {3}
    0xc0102140 <+24>:    mcr     15, 0, r5, cr13, cr0, {2}
    0xc0102144 <+28>:    str     r7, [r1, #96]   ; 0x60
    0xc0102148 <+32>:    mov     r5, r0
    0xc010214c <+36>:    add     r4, r2, #24
    0xc0102150 <+40>:    ldr     r0, [pc, #12]   ; 0xc0102164
    0xc0102154 <+44>:    mov     r1, #2
    0xc0102158 <+48>:    bl      0xc013e348 <atomic_notifier_call_chain>
    0xc010215c <+52>:    mov     r0, r5
    0xc0102160 <+56>:    ldm     r4, {r4, r5, r6, r7, r8, r9, r10, r11, 
sp, pc}
(gdb) x/10i 0xc06df2f0 - 12
    0xc06df2e4 <__schedule+532>: mov     r0, r5
    0xc06df2e8 <__schedule+536>: bic     r3, r3, #3
    0xc06df2ec <__schedule+540>: str     r3, [r4, #1376] ; 0x560
    0xc06df2f0 <__schedule+544>: ldr     r2, [r6, #4]
    0xc06df2f4 <__schedule+548>: ldr     r1, [r5, #4]
    0xc06df2f8 <__schedule+552>: bl      0xc0102128 <__switch_to>
    0xc06df2fc <__schedule+556>: bl      0xc0141f00 <finish_task_switch>
    0xc06df300 <__schedule+560>: mov     r4, r0
    0xc06df304 <__schedule+564>: ldr     r3, [r4, #1452] ; 0x5ac
    0xc06df308 <__schedule+568>: cmp     r3, #0

Note from patch #1:

CPU is cortex-a7 with:

     object_property_set_bool(cpuobj,
                              true, "has_el3", NULL);
     object_property_set_bool(cpuobj,
                              true, "has_el2", NULL);

> 
>     (gdb) bt
>     #0  0x00007f6c1fa2ce35 in raise () at /lib64/libc.so.6
>     #1  0x00007f6c1fa17895 in abort () at /lib64/libc.so.6
>     #2  0x00007f6c1fa17769 in _nl_load_domain.cold () at /lib64/libc.so.6
>     #3  0x00007f6c1fa25566 in annobin_assert.c_end () at /lib64/libc.so.6
>     #4  0x00005590657e2685 in cpu_get_tb_cpu_state (env=0x5590686899b0,
>     pc=0x7f6c07ffa718, cs_base=0x7f6c07ffa714, pflags=0x7f6c07ffa71c) at
>     target/arm/helper.c:11359
>     #5  0x000055906569f962 in tb_lookup__cpu_state (cpu=0x5590686808b0,
>     pc=0x7f6c07ffa718, cs_base=0x7f6c07ffa714, flags=0x7f6c07ffa71c,
>     cf_mask=524288) at include/exec/tb-lookup.h:28
>     #6  0x00005590656a084c in tb_find (cpu=0x5590686808b0, last_tb=0x0,
>     tb_exit=0, cf_mask=524288) at accel/tcg/cpu-exec.c:403
>     #7  0x00005590656a114a in cpu_exec (cpu=0x5590686808b0) at
>     accel/tcg/cpu-exec.c:730
>     #8  0x000055906565f6af in tcg_cpu_exec (cpu=0x5590686808b0) at
>     cpus.c:1473
>     #9  0x000055906565ff05 in qemu_tcg_cpu_thread_fn
>     (arg=0x5590686808b0) at
>     cpus.c:1781
>     #10 0x0000559065d54aa6 in qemu_thread_start (args=0x5590687d8c20) at
>     util/qemu-thread-posix.c:519
>     #11 0x00007f6c1fbc54c0 in start_thread () at /lib64/libpthread.so.0
>     #12 0x00007f6c1faf1553 in clone () at /lib64/libc.so.6
> 
>     (gdb) p/x flags
>     $1 = 0x33600000
> 
>     (gdb) p/x *env
>     $2 = {regs = {0x0 <repeats 15 times>, 0x40102448}, xregs = {0x0
>     <repeats
>     32 times>}, pc = 0x0, pstate = 0x0, aarch64 = 0x0, hflags = 0x33600000,
>     uncached_cpsr = 0x1a, spsr = 0x0, banked_spsr = {0x0, 0x0, 0x0, 0x0,
>     0x0, 0x0, 0x0, 0x0},
>         banked_r13 = {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, banked_r14 =
>     {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, usr_regs = {0x0, 0x0, 0x0,
>     0x0, 0x0}, fiq_regs = {0x0, 0x0, 0x0, 0x0, 0x0}, CF = 0x0, VF = 0x0, NF
>     = 0x0, ZF = 0x0,
>         QF = 0x0, GE = 0x0, thumb = 0x1, condexec_bits = 0x0, btype = 0x0,
>     daif = 0x3c0, elr_el = {0x0, 0x0, 0x0, 0x0}, sp_el = {0x0, 0x0, 0x0,
>     0x0}, cp15 = {c0_cpuid = 0x410fc075, {{_unused_csselr0 = 0x0, csselr_ns
>     = 0x0,
>               _unused_csselr1 = 0x0, csselr_s = 0x0}, csselr_el = {0x0,
>     0x0,
>     0x0, 0x0}}, {{_unused_sctlr = 0x0, sctlr_ns = 0xc50078, hsctlr = 0x0,
>     sctlr_s = 0xc50078}, sctlr_el = {0x0, 0xc50078, 0x0, 0xc50078}},
>     cpacr_el1 = 0x0, cptr_el = {
>             0x0, 0x0, 0x0, 0x0}, c1_xscaleauxcr = 0x0, sder = 0x0, nsacr =
>     0xc00, {{_unused_ttbr0_0 = 0x0, ttbr0_ns = 0x0, _unused_ttbr0_1 = 0x0,
>     ttbr0_s = 0x0}, ttbr0_el = {0x0, 0x0, 0x0, 0x0}}, {{_unused_ttbr1_0 =
>     0x0, ttbr1_ns = 0x0,
>               _unused_ttbr1_1 = 0x0, ttbr1_s = 0x0}, ttbr1_el = {0x0, 0x0,
>     0x0, 0x0}}, vttbr_el2 = 0x0, tcr_el = {{raw_tcr = 0x0, mask = 0x0,
>     base_mask = 0x0}, {raw_tcr = 0x0, mask = 0x0, base_mask = 0xffffc000},
>     {raw_tcr = 0x0, mask = 0x0,
>               base_mask = 0x0}, {raw_tcr = 0x0, mask = 0x0, base_mask =
>     0xffffc000}}, vtcr_el2 = {raw_tcr = 0x0, mask = 0x0, base_mask = 0x0},
>     c2_data = 0x0, c2_insn = 0x0, {{dacr_ns = 0x0, dacr_s = 0x0},
>     {dacr32_el2 = 0x0}},
>           pmsav5_data_ap = 0x0, pmsav5_insn_ap = 0x0, hcr_el2 = 0x0,
>     scr_el3
>     = 0x101, {{ifsr_ns = 0x0, ifsr_s = 0x0}, {ifsr32_el2 = 0x0}},
>     {{_unused_dfsr = 0x0, dfsr_ns = 0x0, hsr = 0x0, dfsr_s = 0x0}, esr_el =
>     {0x0, 0x0, 0x0, 0x0}},
>           c6_region = {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0},
>     {{_unused_far0 = 0x0, dfar_ns = 0x0, ifar_ns = 0x0, dfar_s = 0x0,
>     ifar_s
>     = 0x0, _unused_far3 = 0x0}, far_el = {0x0, 0x0, 0x0, 0x0}}, hpfar_el2 =
>     0x0, hstr_el2 = 0x0, {{
>               _unused_par_0 = 0x0, par_ns = 0x0, _unused_par_1 = 0x0,
>     par_s =
>     0x0}, par_el = {0x0, 0x0, 0x0, 0x0}}, c9_insn = 0x0, c9_data = 0x0,
>     c9_pmcr = 0x41002000, c9_pmcnten = 0x0, c9_pmovsr = 0x0, c9_pmuserenr =
>     0x0, c9_pmselr = 0x0,
>           c9_pminten = 0x0, {{_unused_mair_0 = 0x0, mair0_ns = 0x0,
>     mair1_ns
>     = 0x0, _unused_mair_1 = 0x0, mair0_s = 0x0, mair1_s = 0x0}, mair_el =
>     {0x0, 0x0, 0x0, 0x0}}, {{_unused_vbar = 0x0, vbar_ns = 0x0, hvbar =
>     0x0,
>     vbar_s = 0x0},
>             vbar_el = {0x0, 0x0, 0x0, 0x0}}, mvbar = 0x0, {fcseidr_ns =
>     0x0,
>     fcseidr_s = 0x0}, {{_unused_contextidr_0 = 0x0, contextidr_ns = 0x0,
>     _unused_contextidr_1 = 0x0, contextidr_s = 0x0}, contextidr_el = {0x0,
>     0x0, 0x0, 0x0}}, {{
>               tpidrurw_ns = 0x0, tpidrprw_ns = 0x0, htpidr = 0x0,
>     _tpidr_el3
>     = 0x0}, tpidr_el = {0x0, 0x0, 0x0, 0x0}}, tpidrurw_s = 0x0,
>     tpidrprw_s =
>     0x0, tpidruro_s = 0x0, {tpidruro_ns = 0x0, tpidrro_el = {0x0}},
>     c14_cntfrq = 0x3b9aca0,
>           c14_cntkctl = 0x0, cnthctl_el2 = 0x3, cntvoff_el2 = 0x0,
>     c14_timer
>     = {{cval = 0x0, ctl = 0x0}, {cval = 0x0, ctl = 0x0}, {cval = 0x0, ctl =
>     0x0}, {cval = 0x0, ctl = 0x0}}, c15_cpar = 0x0, c15_ticonfig = 0x0,
>     c15_i_max = 0x0,
>           c15_i_min = 0x0, c15_threadid = 0x0, c15_config_base_address =
>     0x0,
>     c15_diagnostic = 0x0, c15_power_diagnostic = 0x0, c15_power_control =
>     0x0, dbgbvr = {0x0 <repeats 16 times>}, dbgbcr = {0x0 <repeats 16
>     times>}, dbgwvr = {
>             0x0 <repeats 16 times>}, dbgwcr = {0x0 <repeats 16 times>},
>     mdscr_el1 = 0x0, oslsr_el1 = 0xa, mdcr_el2 = 0x0, mdcr_el3 = 0x0,
>     c15_ccnt = 0x0, c15_ccnt_delta = 0x0, c14_pmevcntr = {0x0 <repeats 31
>     times>}, c14_pmevcntr_delta = {
>             0x0 <repeats 31 times>}, c14_pmevtyper = {0x0 <repeats 31
>     times>}, pmccfiltr_el0 = 0x0, vpidr_el2 = 0x410fc075, vmpidr_el2 =
>     0x80000001}, v7m = {other_sp = 0x0, other_ss_msp = 0x0, other_ss_psp =
>     0x0, vecbase = {0x0, 0x0},
>           basepri = {0x0, 0x0}, control = {0x0, 0x0}, ccr = {0x0, 0x0},
>     cfsr
>     = {0x0, 0x0}, hfsr = 0x0, dfsr = 0x0, sfsr = 0x0, mmfar = {0x0, 0x0},
>     bfar = 0x0, sfar = 0x0, mpu_ctrl = {0x0, 0x0}, exception = 0x0, primask
>     = {0x0, 0x0},
>           faultmask = {0x0, 0x0}, aircr = 0x0, secure = 0x0, csselr = {0x0,
>     0x0}, scr = {0x0, 0x0}, msplim = {0x0, 0x0}, psplim = {0x0, 0x0}, fpcar
>     = {0x0, 0x0}, fpccr = {0x0, 0x0}, fpdscr = {0x0, 0x0}, cpacr = {0x0,
>     0x0}, nsacr = 0x0},
>         exception = {syndrome = 0x0, fsr = 0x0, vaddress = 0x0, target_el =
>     0x0}, serror = {pending = 0x0, has_esr = 0x0, esr = 0x0},
>     irq_line_state
>     = 0x0, teecr = 0x0, teehbr = 0x0, vfp = {zregs = {{d = {0x0, 0x0}}
>     <repeats 32 times>},
>           qc = {0x0, 0x0, 0x0, 0x0}, vec_len = 0x0, vec_stride = 0x0,
>     xregs =
>     {0x41023075, 0x0, 0x0, 0x0, 0x0, 0x0, 0x11111111, 0x10110222, 0x0, 0x0,
>     0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, scratch = {0x0, 0x0, 0x0, 0x0, 0x0, 0x0,
>     0x0, 0x0},
>           fp_status = {float_detect_tininess = 0x1, float_rounding_mode =
>     0x0, float_exception_flags = 0x0, floatx80_rounding_precision = 0x0,
>     flush_to_zero = 0x0, flush_inputs_to_zero = 0x0, default_nan_mode =
>     0x0,
>     snan_bit_is_one = 0x0},
>           fp_status_f16 = {float_detect_tininess = 0x1,
>     float_rounding_mode =
>     0x0, float_exception_flags = 0x0, floatx80_rounding_precision = 0x0,
>     flush_to_zero = 0x0, flush_inputs_to_zero = 0x0, default_nan_mode = 0x0,
>             snan_bit_is_one = 0x0}, standard_fp_status =
>     {float_detect_tininess = 0x1, float_rounding_mode = 0x0,
>     float_exception_flags = 0x0, floatx80_rounding_precision = 0x0,
>     flush_to_zero = 0x1, flush_inputs_to_zero = 0x1,
>             default_nan_mode = 0x1, snan_bit_is_one = 0x0}, zcr_el = {0x0,
>     0x0, 0x0, 0x0}}, exclusive_addr = 0xffffffffffffffff, exclusive_val =
>     0x0, exclusive_high = 0x0, iwmmxt = {regs = {0x0 <repeats 16 times>},
>     val = 0x0, cregs = {
>             0x0 <repeats 16 times>}}, cpu_breakpoint = {0x0 <repeats 16
>     times>}, cpu_watchpoint = {0x0 <repeats 16 times>}, end_reset_fields =
>     {<No data fields>}, features = 0xfd38fbe6f3, pmsav7 = {drbar = 0x0,
>     drsr
>     = 0x0, dracr = 0x0,
>           rnr = {0x0, 0x0}}, pmsav8 = {rbar = {0x0, 0x0}, rlar = {0x0,
>     0x0},
>     mair0 = {0x0, 0x0}, mair1 = {0x0, 0x0}}, sau = {rbar = 0x0, rlar = 0x0,
>     rnr = 0x0, ctrl = 0x0}, nvic = 0x0, boot_info = 0x5622af3a17a0,
>     gicv3state = 0x0}
> 
>      > [1] http://www.orangepi.org/downloadresources/
>      > [2] https://buildroot.org/download.html
>      > [3] https://www.armbian.com/orange-pi-pc/
> 
> 
> 
> -- 
> Niek Linnenbank
> 
> WWW: http://www.nieklinnenbank.nl/
> BLOG: http://nieklinnenbank.wordpress.com/
> FUN: http://www.FreeNOS.org/
KONRAD Frederic Dec. 10, 2019, 10:34 a.m. UTC | #10
Le 12/2/19 à 10:09 PM, Niek Linnenbank a écrit :
> Dear QEMU developers,
> 
> Hereby I would like to contribute the following set of patches to QEMU
> which add support for the Allwinner H3 System on Chip and the
> Orange Pi PC machine. The following features and devices are supported:
> 
>   * SMP (Quad Core Cortex A7)
>   * Generic Interrupt Controller configuration
>   * SRAM mappings
>   * Timer device (re-used from Allwinner A10)
>   * UART
>   * SD/MMC storage controller
>   * EMAC ethernet connectivity
>   * USB 2.0 interfaces
>   * Clock Control Unit
>   * System Control module
>   * Security Identifier device
> 
> Functionality related to graphical output such as HDMI, GPU,
> Display Engine and audio are not included. Recently released
> mainline Linux kernels (4.19 up to latest master) and mainline U-Boot
> are known to work. The SD/MMC code is tested using bonnie++ and
> various tools such as fsck, dd and fdisk. The EMAC is verified with iperf3
> using -netdev socket.
> 
> To build a Linux mainline kernel that can be booted by the Orange Pi PC
> machine, simply configure the kernel using the sunxi_defconfig configuration:
>   $ ARCH=arm CROSS_COMPILE=arm-linux-gnueabi- make mrproper
>   $ ARCH=arm CROSS_COMPILE=arm-linux-gnueabi- make sunxi_defconfig
> 
> To be able to use USB storage, you need to manually enable the corresponding
> configuration item. Start the kconfig configuration tool:
>   $ ARCH=arm CROSS_COMPILE=arm-linux-gnueabi- make menuconfig
> 
> Navigate to the following item, enable it and save your configuration:
>   Device Drivers > USB support > USB Mass Storage support
> 
> Build the Linux kernel with:
>   $ ARCH=arm CROSS_COMPILE=arm-linux-gnueabi- make -j5
> 
> To boot the newly build linux kernel in QEMU with the Orange Pi PC machine, use:
>   $ qemu-system-arm -M orangepi -m 512 -nic user -nographic \
>       -kernel /path/to/linux/arch/arm/boot/zImage \
>       -append 'console=ttyS0,115200' \
>       -dtb /path/to/linux/arch/arm/boot/dts/sun8i-h3-orangepi-pc.dtb
> 
> Note that this kernel does not have a root filesystem. You may provide it
> with an official Orange Pi PC image [1] either as an SD card or as
> USB mass storage. To boot using the Orange Pi PC Debian image on SD card,
> simply add the -sd argument and provide the proper root= kernel parameter:
>   $ qemu-system-arm -M orangepi -m 512 -nic user -nographic \
>       -kernel /path/to/linux/arch/arm/boot/zImage \
>       -append 'console=ttyS0,115200 root=/dev/mmcblk0p2' \
>       -dtb /path/to/linux/arch/arm/boot/dts/sun8i-h3-orangepi-pc.dtb \
>       -sd OrangePi_pc_debian_stretch_server_linux5.3.5_v1.0.img
> 
> Alternatively, you can also choose to build and boot a recent buildroot [2]
> using the orangepi_pc_defconfig or Armbian image [3] for Orange Pi PC.
> To attach an USB mass storage device to the machine, simply append to the command:
>   -drive if=none,id=stick,file=myimage.img \
>   -device usb-storage,bus=usb-bus.0,drive=stick
> 
> U-Boot mainline can be build and configured using the orangepi_pc_defconfig
> using similar commands as describe above for Linux. To start U-Boot using
> the Orange Pi PC machine, provide the u-boot binary to the -kernel argument:
>   $ qemu-system-arm -M orangepi -m 512 -nic user -nographic \
>       -kernel /path/to/uboot/u-boot -sd disk.img
> 
> Use the following U-boot commands to load and boot a Linux kernel from SD card:
>   -> setenv bootargs console=ttyS0,115200
>   -> ext2load mmc 0 0x42000000 zImage
>   -> ext2load mmc 0 0x43000000 sun8i-h2-plus-orangepi-zero.dtb
>   -> bootz 0x42000000 - 0x43000000
> 
> Looking forward to your review comments. I will do my best
> to update the patches where needed.
> 
> With kind regards,
> 
> Niek Linnenbank
> 
> [1] http://www.orangepi.org/downloadresources/
> [2] https://buildroot.org/download.html
> [3] https://www.armbian.com/orange-pi-pc/

Works well on my side with vanilla linux-4.9.13 built with gcc-8.3.0 + busybox
and sun8i-h3-orangepi-one.dtb.

Tested-by: KONRAD Frederic <frederic.konrad@adacore.com>

> 
> Niek Linnenbank (10):
>    hw: arm: add Allwinner H3 System-on-Chip
>    hw: arm: add Xunlong Orange Pi PC machine
>    arm: allwinner-h3: add Clock Control Unit
>    arm: allwinner-h3: add USB host controller
>    arm: allwinner-h3: add System Control module
>    arm/arm-powerctl: set NSACR.{CP11,CP10} bits in arm_set_cpu_on()
>    arm: allwinner-h3: add CPU Configuration module
>    arm: allwinner-h3: add Security Identifier device
>    arm: allwinner-h3: add SD/MMC host controller
>    arm: allwinner-h3: add EMAC ethernet device
> 
>   MAINTAINERS                           |   8 +
>   default-configs/arm-softmmu.mak       |   1 +
>   hw/arm/Kconfig                        |   9 +
>   hw/arm/Makefile.objs                  |   1 +
>   hw/arm/allwinner-h3.c                 | 316 ++++++++++
>   hw/arm/orangepi.c                     | 114 ++++
>   hw/misc/Makefile.objs                 |   4 +
>   hw/misc/allwinner-h3-clk.c            | 227 ++++++++
>   hw/misc/allwinner-h3-cpucfg.c         | 280 +++++++++
>   hw/misc/allwinner-h3-sid.c            | 162 ++++++
>   hw/misc/allwinner-h3-syscon.c         | 139 +++++
>   hw/misc/trace-events                  |   5 +
>   hw/net/Kconfig                        |   3 +
>   hw/net/Makefile.objs                  |   1 +
>   hw/net/allwinner-h3-emac.c            | 786 +++++++++++++++++++++++++
>   hw/net/trace-events                   |  10 +
>   hw/sd/Makefile.objs                   |   1 +
>   hw/sd/allwinner-h3-sdhost.c           | 791 ++++++++++++++++++++++++++
>   hw/sd/trace-events                    |   7 +
>   hw/usb/hcd-ehci-sysbus.c              |  17 +
>   hw/usb/hcd-ehci.h                     |   1 +
>   include/hw/arm/allwinner-h3.h         | 130 +++++
>   include/hw/misc/allwinner-h3-clk.h    |  41 ++
>   include/hw/misc/allwinner-h3-cpucfg.h |  44 ++
>   include/hw/misc/allwinner-h3-sid.h    |  42 ++
>   include/hw/misc/allwinner-h3-syscon.h |  43 ++
>   include/hw/net/allwinner-h3-emac.h    |  69 +++
>   include/hw/sd/allwinner-h3-sdhost.h   |  73 +++
>   target/arm/arm-powerctl.c             |   3 +
>   29 files changed, 3328 insertions(+)
>   create mode 100644 hw/arm/allwinner-h3.c
>   create mode 100644 hw/arm/orangepi.c
>   create mode 100644 hw/misc/allwinner-h3-clk.c
>   create mode 100644 hw/misc/allwinner-h3-cpucfg.c
>   create mode 100644 hw/misc/allwinner-h3-sid.c
>   create mode 100644 hw/misc/allwinner-h3-syscon.c
>   create mode 100644 hw/net/allwinner-h3-emac.c
>   create mode 100644 hw/sd/allwinner-h3-sdhost.c
>   create mode 100644 include/hw/arm/allwinner-h3.h
>   create mode 100644 include/hw/misc/allwinner-h3-clk.h
>   create mode 100644 include/hw/misc/allwinner-h3-cpucfg.h
>   create mode 100644 include/hw/misc/allwinner-h3-sid.h
>   create mode 100644 include/hw/misc/allwinner-h3-syscon.h
>   create mode 100644 include/hw/net/allwinner-h3-emac.h
>   create mode 100644 include/hw/sd/allwinner-h3-sdhost.h
>
Niek Linnenbank Dec. 10, 2019, 7:55 p.m. UTC | #11
Hi Frederic,

On Tue, Dec 10, 2019 at 11:34 AM KONRAD Frederic <
frederic.konrad@adacore.com> wrote:

>
>
> Le 12/2/19 à 10:09 PM, Niek Linnenbank a écrit :
> > Dear QEMU developers,
> >
> > Hereby I would like to contribute the following set of patches to QEMU
> > which add support for the Allwinner H3 System on Chip and the
> > Orange Pi PC machine. The following features and devices are supported:
> >
> >   * SMP (Quad Core Cortex A7)
> >   * Generic Interrupt Controller configuration
> >   * SRAM mappings
> >   * Timer device (re-used from Allwinner A10)
> >   * UART
> >   * SD/MMC storage controller
> >   * EMAC ethernet connectivity
> >   * USB 2.0 interfaces
> >   * Clock Control Unit
> >   * System Control module
> >   * Security Identifier device
> >
> > Functionality related to graphical output such as HDMI, GPU,
> > Display Engine and audio are not included. Recently released
> > mainline Linux kernels (4.19 up to latest master) and mainline U-Boot
> > are known to work. The SD/MMC code is tested using bonnie++ and
> > various tools such as fsck, dd and fdisk. The EMAC is verified with
> iperf3
> > using -netdev socket.
> >
> > To build a Linux mainline kernel that can be booted by the Orange Pi PC
> > machine, simply configure the kernel using the sunxi_defconfig
> configuration:
> >   $ ARCH=arm CROSS_COMPILE=arm-linux-gnueabi- make mrproper
> >   $ ARCH=arm CROSS_COMPILE=arm-linux-gnueabi- make sunxi_defconfig
> >
> > To be able to use USB storage, you need to manually enable the
> corresponding
> > configuration item. Start the kconfig configuration tool:
> >   $ ARCH=arm CROSS_COMPILE=arm-linux-gnueabi- make menuconfig
> >
> > Navigate to the following item, enable it and save your configuration:
> >   Device Drivers > USB support > USB Mass Storage support
> >
> > Build the Linux kernel with:
> >   $ ARCH=arm CROSS_COMPILE=arm-linux-gnueabi- make -j5
> >
> > To boot the newly build linux kernel in QEMU with the Orange Pi PC
> machine, use:
> >   $ qemu-system-arm -M orangepi -m 512 -nic user -nographic \
> >       -kernel /path/to/linux/arch/arm/boot/zImage \
> >       -append 'console=ttyS0,115200' \
> >       -dtb /path/to/linux/arch/arm/boot/dts/sun8i-h3-orangepi-pc.dtb
> >
> > Note that this kernel does not have a root filesystem. You may provide it
> > with an official Orange Pi PC image [1] either as an SD card or as
> > USB mass storage. To boot using the Orange Pi PC Debian image on SD card,
> > simply add the -sd argument and provide the proper root= kernel
> parameter:
> >   $ qemu-system-arm -M orangepi -m 512 -nic user -nographic \
> >       -kernel /path/to/linux/arch/arm/boot/zImage \
> >       -append 'console=ttyS0,115200 root=/dev/mmcblk0p2' \
> >       -dtb /path/to/linux/arch/arm/boot/dts/sun8i-h3-orangepi-pc.dtb \
> >       -sd OrangePi_pc_debian_stretch_server_linux5.3.5_v1.0.img
> >
> > Alternatively, you can also choose to build and boot a recent buildroot
> [2]
> > using the orangepi_pc_defconfig or Armbian image [3] for Orange Pi PC.
> > To attach an USB mass storage device to the machine, simply append to
> the command:
> >   -drive if=none,id=stick,file=myimage.img \
> >   -device usb-storage,bus=usb-bus.0,drive=stick
> >
> > U-Boot mainline can be build and configured using the
> orangepi_pc_defconfig
> > using similar commands as describe above for Linux. To start U-Boot using
> > the Orange Pi PC machine, provide the u-boot binary to the -kernel
> argument:
> >   $ qemu-system-arm -M orangepi -m 512 -nic user -nographic \
> >       -kernel /path/to/uboot/u-boot -sd disk.img
> >
> > Use the following U-boot commands to load and boot a Linux kernel from
> SD card:
> >   -> setenv bootargs console=ttyS0,115200
> >   -> ext2load mmc 0 0x42000000 zImage
> >   -> ext2load mmc 0 0x43000000 sun8i-h2-plus-orangepi-zero.dtb
> >   -> bootz 0x42000000 - 0x43000000
> >
> > Looking forward to your review comments. I will do my best
> > to update the patches where needed.
> >
> > With kind regards,
> >
> > Niek Linnenbank
> >
> > [1] http://www.orangepi.org/downloadresources/
> > [2] https://buildroot.org/download.html
> > [3] https://www.armbian.com/orange-pi-pc/
>
> Works well on my side with vanilla linux-4.9.13 built with gcc-8.3.0 +
> busybox
> and sun8i-h3-orangepi-one.dtb.
>

> Tested-by: KONRAD Frederic <frederic.konrad@adacore.com>
>
> Thank you for testing! Great, I'll add the tag for the next v2 of the
patches.

Regards,
Niek


> >
> > Niek Linnenbank (10):
> >    hw: arm: add Allwinner H3 System-on-Chip
> >    hw: arm: add Xunlong Orange Pi PC machine
> >    arm: allwinner-h3: add Clock Control Unit
> >    arm: allwinner-h3: add USB host controller
> >    arm: allwinner-h3: add System Control module
> >    arm/arm-powerctl: set NSACR.{CP11,CP10} bits in arm_set_cpu_on()
> >    arm: allwinner-h3: add CPU Configuration module
> >    arm: allwinner-h3: add Security Identifier device
> >    arm: allwinner-h3: add SD/MMC host controller
> >    arm: allwinner-h3: add EMAC ethernet device
> >
> >   MAINTAINERS                           |   8 +
> >   default-configs/arm-softmmu.mak       |   1 +
> >   hw/arm/Kconfig                        |   9 +
> >   hw/arm/Makefile.objs                  |   1 +
> >   hw/arm/allwinner-h3.c                 | 316 ++++++++++
> >   hw/arm/orangepi.c                     | 114 ++++
> >   hw/misc/Makefile.objs                 |   4 +
> >   hw/misc/allwinner-h3-clk.c            | 227 ++++++++
> >   hw/misc/allwinner-h3-cpucfg.c         | 280 +++++++++
> >   hw/misc/allwinner-h3-sid.c            | 162 ++++++
> >   hw/misc/allwinner-h3-syscon.c         | 139 +++++
> >   hw/misc/trace-events                  |   5 +
> >   hw/net/Kconfig                        |   3 +
> >   hw/net/Makefile.objs                  |   1 +
> >   hw/net/allwinner-h3-emac.c            | 786 +++++++++++++++++++++++++
> >   hw/net/trace-events                   |  10 +
> >   hw/sd/Makefile.objs                   |   1 +
> >   hw/sd/allwinner-h3-sdhost.c           | 791 ++++++++++++++++++++++++++
> >   hw/sd/trace-events                    |   7 +
> >   hw/usb/hcd-ehci-sysbus.c              |  17 +
> >   hw/usb/hcd-ehci.h                     |   1 +
> >   include/hw/arm/allwinner-h3.h         | 130 +++++
> >   include/hw/misc/allwinner-h3-clk.h    |  41 ++
> >   include/hw/misc/allwinner-h3-cpucfg.h |  44 ++
> >   include/hw/misc/allwinner-h3-sid.h    |  42 ++
> >   include/hw/misc/allwinner-h3-syscon.h |  43 ++
> >   include/hw/net/allwinner-h3-emac.h    |  69 +++
> >   include/hw/sd/allwinner-h3-sdhost.h   |  73 +++
> >   target/arm/arm-powerctl.c             |   3 +
> >   29 files changed, 3328 insertions(+)
> >   create mode 100644 hw/arm/allwinner-h3.c
> >   create mode 100644 hw/arm/orangepi.c
> >   create mode 100644 hw/misc/allwinner-h3-clk.c
> >   create mode 100644 hw/misc/allwinner-h3-cpucfg.c
> >   create mode 100644 hw/misc/allwinner-h3-sid.c
> >   create mode 100644 hw/misc/allwinner-h3-syscon.c
> >   create mode 100644 hw/net/allwinner-h3-emac.c
> >   create mode 100644 hw/sd/allwinner-h3-sdhost.c
> >   create mode 100644 include/hw/arm/allwinner-h3.h
> >   create mode 100644 include/hw/misc/allwinner-h3-clk.h
> >   create mode 100644 include/hw/misc/allwinner-h3-cpucfg.h
> >   create mode 100644 include/hw/misc/allwinner-h3-sid.h
> >   create mode 100644 include/hw/misc/allwinner-h3-syscon.h
> >   create mode 100644 include/hw/net/allwinner-h3-emac.h
> >   create mode 100644 include/hw/sd/allwinner-h3-sdhost.h
> >
>
Niek Linnenbank Dec. 10, 2019, 8:12 p.m. UTC | #12
Hi Philippe,

On Tue, Dec 10, 2019 at 9:26 AM Philippe Mathieu-Daudé <philmd@redhat.com>
wrote:

> On 12/9/19 10:37 PM, Niek Linnenbank wrote:
> > Hi Philippe,
> >
> > On Tue, Dec 3, 2019 at 9:47 AM Philippe Mathieu-Daudé <philmd@redhat.com
> > <mailto:philmd@redhat.com>> wrote:
> >
> >     On 12/2/19 10:09 PM, Niek Linnenbank wrote:
> >      > Dear QEMU developers,
> >      >
> >      > Hereby I would like to contribute the following set of patches to
> >     QEMU
> >      > which add support for the Allwinner H3 System on Chip and the
> >      > Orange Pi PC machine. The following features and devices are
> >     supported:
> >      >
> >      >   * SMP (Quad Core Cortex A7)
> >      >   * Generic Interrupt Controller configuration
> >      >   * SRAM mappings
> >      >   * Timer device (re-used from Allwinner A10)
> >      >   * UART
> >      >   * SD/MMC storage controller
> >      >   * EMAC ethernet connectivity
> >      >   * USB 2.0 interfaces
> >      >   * Clock Control Unit
> >      >   * System Control module
> >      >   * Security Identifier device
> >
> >     Awesome!
> >
> >      > Functionality related to graphical output such as HDMI, GPU,
> >      > Display Engine and audio are not included. Recently released
> >      > mainline Linux kernels (4.19 up to latest master) and mainline
> U-Boot
> >      > are known to work. The SD/MMC code is tested using bonnie++ and
> >      > various tools such as fsck, dd and fdisk. The EMAC is verified
> >     with iperf3
> >      > using -netdev socket.
> >      >
> >      > To build a Linux mainline kernel that can be booted by the Orange
> >     Pi PC
> >      > machine, simply configure the kernel using the sunxi_defconfig
> >     configuration:
> >      >   $ ARCH=arm CROSS_COMPILE=arm-linux-gnueabi- make mrproper
> >      >   $ ARCH=arm CROSS_COMPILE=arm-linux-gnueabi- make sunxi_defconfig
> >      >
> >      > To be able to use USB storage, you need to manually enable the
> >     corresponding
> >      > configuration item. Start the kconfig configuration tool:
> >      >   $ ARCH=arm CROSS_COMPILE=arm-linux-gnueabi- make menuconfig
> >      >
> >      > Navigate to the following item, enable it and save your
> >     configuration:
> >      >   Device Drivers > USB support > USB Mass Storage support
> >      >
> >      > Build the Linux kernel with:
> >      >   $ ARCH=arm CROSS_COMPILE=arm-linux-gnueabi- make -j5
> >      >
> >      > To boot the newly build linux kernel in QEMU with the Orange Pi
> >     PC machine, use:
> >      >   $ qemu-system-arm -M orangepi -m 512 -nic user -nographic \
> >      >       -kernel /path/to/linux/arch/arm/boot/zImage \
> >      >       -append 'console=ttyS0,115200' \
> >      >       -dtb
> /path/to/linux/arch/arm/boot/dts/sun8i-h3-orangepi-pc.dtb
> >      >
> >      > Note that this kernel does not have a root filesystem. You may
> >     provide it
> >      > with an official Orange Pi PC image [1] either as an SD card or as
> >      > USB mass storage. To boot using the Orange Pi PC Debian image on
> >     SD card,
> >      > simply add the -sd argument and provide the proper root= kernel
> >     parameter:
> >      >   $ qemu-system-arm -M orangepi -m 512 -nic user -nographic \
> >      >       -kernel /path/to/linux/arch/arm/boot/zImage \
> >      >       -append 'console=ttyS0,115200 root=/dev/mmcblk0p2' \
> >      >       -dtb
> >     /path/to/linux/arch/arm/boot/dts/sun8i-h3-orangepi-pc.dtb \
> >      >       -sd OrangePi_pc_debian_stretch_server_linux5.3.5_v1.0.img
> >      >
> >      > Alternatively, you can also choose to build and boot a recent
> >     buildroot [2]
> >      > using the orangepi_pc_defconfig or Armbian image [3] for Orange
> >     Pi PC.
> >
> >     Richard, trying the Armbian image from
> >     https://apt.armbian.com/pool/main/l/linux-4.20.7-sunxi/ I get:
> >
> >     $ arm-softmmu/qemu-system-arm -M orangepi -m 512 -nic user \
> >         -append 'console=ttyS0,115200' \
> >         -kernel boot/vmlinuz-4.20.7-sunxi \
> >         -dtb usr/lib/linux-image-dev-sunxi/sun8i-h3-orangepi-pc.dtb \
> >         -serial stdio -d unimp
> >     Uncompressing Linux... done, booting the kernel.
> >     rtc: unimplemented device write (size 4, value 0x16aa0001, offset
> 0x0)
> >     rtc: unimplemented device read (size 4, offset 0x0)
> >     rtc: unimplemented device read (size 4, offset 0x0)
> >     rtc: unimplemented device read (size 4, offset 0x8)
> >     qemu-system-arm: target/arm/helper.c:11359: cpu_get_tb_cpu_state:
> >     Assertion `flags == rebuild_hflags_internal(env)' failed.
> >     Aborted (core dumped)
> >
> >
> > I'm trying to reproduce the error you reported here with my patch set on
> > latest master,
> > but so far without any result. The host OS I'm using is Ubuntu 18.04.3
> > LTS on x86_64.
> > I ran several times using the same 4.20.7-sunxi kernel and same command
> > line.
> >
> > Some questions that might help:
> > 1) Are there any specific steps you did in order to produce this error?
>
> I build QEMU with:
>
> ./configure --enable-trace-backends=log --extra-cflags=-ggdb --enable-debug
>
> > 2) Could this be a known / existing issue?
> > 3) How many times did you see this error?
>
> Always
>
> > 4) Are you also using Ubuntu 18.04.3 LTS on x86_64, or a different host
> OS?
>
> Host is Fedora 30.
>

OK thanks, I will try again using the info above after I finished reworking
the other patch comments.

Niek


>
> >
> > Regards,
> > Niek
>
>
Niek Linnenbank Dec. 12, 2019, 11:07 p.m. UTC | #13
Hi Philippe,

I have discovered that the hflags assertion error you reported is not
caused by the Allwinner H3
patches but actually an existing problem. What I did is to use the latest
master (v4.2.0 tag) without any patches applied.
and tried to boot the raspi2 machine with and without debugging enabled.
Without debuggin, the raspi2
machine runs fine and can boot the 5.4.2 linux kernel. With debugging
enabled, the same hflags error shows.

To reproduce it, build Linux 5.4.2 with the bmc2835_defconfig:

$ ARCH=arm CROSS_COMPILE=arm-linux-gnueabi- make mrproper
$ ARCH=arm CROSS_COMPILE=arm-linux-gnueabi- make bcm2835_defconfig
$ ARCH=arm CROSS_COMPILE=arm-linux-gnueabi- make -j5
...
First build QEMU without debugging and try to boot linux:
$ ./configure --target-list=arm-softmmu; make clean; make -j5
$ ./arm-softmmu/qemu-system-arm -M raspi2 \
  -kernel $HOME/linux-5.4.2/arch/arm/boot/zImage \
  -append 'console=ttyAMA0,115200 earlyprintk debug' \
  -dtb $HOME/linux-5.4.2/arch/arm/boot/dts/bcm2836-rpi-2-b.dtb \
  -m 1024 -nographic -s
[    0.000000] Booting Linux on physical CPU 0x0
[    0.000000] Linux version 5.4.2 (me@host) (gcc version 7.4.0
(Ubuntu/Linaro 7.4.0-1ubuntu1~18.04.1)) #1 Thu Dec 12 22:49:14 CET
2019
[    0.000000] CPU: ARMv7 Processor [410fc075] revision 5 (ARMv7), cr=10c53c7d
...
Then rebuild QEMU with debugging enabled and again try to boot linux:
$ ./configure --target-list=arm-softmmu --enable-debug
--extra-cflags=-ggdb; make clean; make -j5
$ ./arm-softmmu/qemu-system-arm -M raspi2 \
  -kernel $HOME/linux-5.4.2/arch/arm/boot/zImage \
  -append 'console=ttyAMA0,115200 earlyprintk debug' \
  -dtb $HOME/linux-5.4.2/arch/arm/boot/dts/bcm2836-rpi-2-b.dtb \
  -m 1024 -nographic -s
qemu-system-arm: /home/me/qemu/target/arm/helper.c:11359:
cpu_get_tb_cpu_state: Assertion `flags ==
rebuild_hflags_internal(env)' failed.
qemu-system-arm: /home/me/qemu/target/arm/helper.c:11359:
cpu_get_tb_cpu_state: Assertion `flags ==
rebuild_hflags_internal(env)' failed.
qemu-system-arm: /home/me/qemu/target/arm/helper.c:11359:
cpu_get_tb_cpu_state: Assertion `flags ==
rebuild_hflags_internal(env)' failed.
Aborted (core dumped)

$ git describe
v4.2.0


What should be the next step? Should this be reported as a bug?

Regards,
Niek

On Tue, Dec 10, 2019 at 9:12 PM Niek Linnenbank <nieklinnenbank@gmail.com>
wrote:

> Hi Philippe,
>
> On Tue, Dec 10, 2019 at 9:26 AM Philippe Mathieu-Daudé <philmd@redhat.com>
> wrote:
>
>> On 12/9/19 10:37 PM, Niek Linnenbank wrote:
>> > Hi Philippe,
>> >
>> > On Tue, Dec 3, 2019 at 9:47 AM Philippe Mathieu-Daudé <
>> philmd@redhat.com
>> > <mailto:philmd@redhat.com>> wrote:
>> >
>> >     On 12/2/19 10:09 PM, Niek Linnenbank wrote:
>> >      > Dear QEMU developers,
>> >      >
>> >      > Hereby I would like to contribute the following set of patches to
>> >     QEMU
>> >      > which add support for the Allwinner H3 System on Chip and the
>> >      > Orange Pi PC machine. The following features and devices are
>> >     supported:
>> >      >
>> >      >   * SMP (Quad Core Cortex A7)
>> >      >   * Generic Interrupt Controller configuration
>> >      >   * SRAM mappings
>> >      >   * Timer device (re-used from Allwinner A10)
>> >      >   * UART
>> >      >   * SD/MMC storage controller
>> >      >   * EMAC ethernet connectivity
>> >      >   * USB 2.0 interfaces
>> >      >   * Clock Control Unit
>> >      >   * System Control module
>> >      >   * Security Identifier device
>> >
>> >     Awesome!
>> >
>> >      > Functionality related to graphical output such as HDMI, GPU,
>> >      > Display Engine and audio are not included. Recently released
>> >      > mainline Linux kernels (4.19 up to latest master) and mainline
>> U-Boot
>> >      > are known to work. The SD/MMC code is tested using bonnie++ and
>> >      > various tools such as fsck, dd and fdisk. The EMAC is verified
>> >     with iperf3
>> >      > using -netdev socket.
>> >      >
>> >      > To build a Linux mainline kernel that can be booted by the Orange
>> >     Pi PC
>> >      > machine, simply configure the kernel using the sunxi_defconfig
>> >     configuration:
>> >      >   $ ARCH=arm CROSS_COMPILE=arm-linux-gnueabi- make mrproper
>> >      >   $ ARCH=arm CROSS_COMPILE=arm-linux-gnueabi- make
>> sunxi_defconfig
>> >      >
>> >      > To be able to use USB storage, you need to manually enable the
>> >     corresponding
>> >      > configuration item. Start the kconfig configuration tool:
>> >      >   $ ARCH=arm CROSS_COMPILE=arm-linux-gnueabi- make menuconfig
>> >      >
>> >      > Navigate to the following item, enable it and save your
>> >     configuration:
>> >      >   Device Drivers > USB support > USB Mass Storage support
>> >      >
>> >      > Build the Linux kernel with:
>> >      >   $ ARCH=arm CROSS_COMPILE=arm-linux-gnueabi- make -j5
>> >      >
>> >      > To boot the newly build linux kernel in QEMU with the Orange Pi
>> >     PC machine, use:
>> >      >   $ qemu-system-arm -M orangepi -m 512 -nic user -nographic \
>> >      >       -kernel /path/to/linux/arch/arm/boot/zImage \
>> >      >       -append 'console=ttyS0,115200' \
>> >      >       -dtb
>> /path/to/linux/arch/arm/boot/dts/sun8i-h3-orangepi-pc.dtb
>> >      >
>> >      > Note that this kernel does not have a root filesystem. You may
>> >     provide it
>> >      > with an official Orange Pi PC image [1] either as an SD card or
>> as
>> >      > USB mass storage. To boot using the Orange Pi PC Debian image on
>> >     SD card,
>> >      > simply add the -sd argument and provide the proper root= kernel
>> >     parameter:
>> >      >   $ qemu-system-arm -M orangepi -m 512 -nic user -nographic \
>> >      >       -kernel /path/to/linux/arch/arm/boot/zImage \
>> >      >       -append 'console=ttyS0,115200 root=/dev/mmcblk0p2' \
>> >      >       -dtb
>> >     /path/to/linux/arch/arm/boot/dts/sun8i-h3-orangepi-pc.dtb \
>> >      >       -sd OrangePi_pc_debian_stretch_server_linux5.3.5_v1.0.img
>> >      >
>> >      > Alternatively, you can also choose to build and boot a recent
>> >     buildroot [2]
>> >      > using the orangepi_pc_defconfig or Armbian image [3] for Orange
>> >     Pi PC.
>> >
>> >     Richard, trying the Armbian image from
>> >     https://apt.armbian.com/pool/main/l/linux-4.20.7-sunxi/ I get:
>> >
>> >     $ arm-softmmu/qemu-system-arm -M orangepi -m 512 -nic user \
>> >         -append 'console=ttyS0,115200' \
>> >         -kernel boot/vmlinuz-4.20.7-sunxi \
>> >         -dtb usr/lib/linux-image-dev-sunxi/sun8i-h3-orangepi-pc.dtb \
>> >         -serial stdio -d unimp
>> >     Uncompressing Linux... done, booting the kernel.
>> >     rtc: unimplemented device write (size 4, value 0x16aa0001, offset
>> 0x0)
>> >     rtc: unimplemented device read (size 4, offset 0x0)
>> >     rtc: unimplemented device read (size 4, offset 0x0)
>> >     rtc: unimplemented device read (size 4, offset 0x8)
>> >     qemu-system-arm: target/arm/helper.c:11359: cpu_get_tb_cpu_state:
>> >     Assertion `flags == rebuild_hflags_internal(env)' failed.
>> >     Aborted (core dumped)
>> >
>> >
>> > I'm trying to reproduce the error you reported here with my patch set
>> on
>> > latest master,
>> > but so far without any result. The host OS I'm using is Ubuntu 18.04.3
>> > LTS on x86_64.
>> > I ran several times using the same 4.20.7-sunxi kernel and same command
>> > line.
>> >
>> > Some questions that might help:
>> > 1) Are there any specific steps you did in order to produce this error?
>>
>> I build QEMU with:
>>
>> ./configure --enable-trace-backends=log --extra-cflags=-ggdb
>> --enable-debug
>>
>> > 2) Could this be a known / existing issue?
>> > 3) How many times did you see this error?
>>
>> Always
>>
>> > 4) Are you also using Ubuntu 18.04.3 LTS on x86_64, or a different host
>> OS?
>>
>> Host is Fedora 30.
>>
>
> OK thanks, I will try again using the info above after I finished
> reworking the other patch comments.
>
> Niek
>
>
>>
>> >
>> > Regards,
>> > Niek
>>
>>
>
> --
> Niek Linnenbank
>
>
Philippe Mathieu-Daudé Dec. 12, 2019, 11:25 p.m. UTC | #14
Cc'ing Alex.

On 12/13/19 12:07 AM, Niek Linnenbank wrote:
> Hi Philippe,
> 
> I have discovered that the hflags assertion error you reported is not 
> caused by the Allwinner H3
> patches but actually an existing problem. What I did is to use the 
> latest master (v4.2.0 tag) without any patches applied.
> and tried to boot the raspi2 machine with and without debugging enabled. 
> Without debuggin, the raspi2
> machine runs fine and can boot the 5.4.2 linux kernel. With debugging 
> enabled, the same hflags error shows.

This might be the same bug I hit last week... Alex suggested a patch:
https://www.mail-archive.com/qemu-devel@nongnu.org/msg664500.html

Do you mind to try it?

If it still fails, you might also add this one on top:
https://www.mail-archive.com/qemu-devel@nongnu.org/msg663843.html
and report the error.

> 
> To reproduce it, build Linux 5.4.2 with the bmc2835_defconfig:
> 
> $ ARCH=arm CROSS_COMPILE=arm-linux-gnueabi- make mrproper
> $ ARCH=arm CROSS_COMPILE=arm-linux-gnueabi- make bcm2835_defconfig
> $ ARCH=arm CROSS_COMPILE=arm-linux-gnueabi- make -j5
> ...
> 
> First build QEMU without debugging and try to boot linux:
> $ ./configure --target-list=arm-softmmu; make clean; make -j5
> $ ./arm-softmmu/qemu-system-arm -M raspi2 \
>    -kernel $HOME/linux-5.4.2/arch/arm/boot/zImage \
>    -append 'console=ttyAMA0,115200 earlyprintk debug' \
>    -dtb $HOME/linux-5.4.2/arch/arm/boot/dts/bcm2836-rpi-2-b.dtb \
>    -m 1024 -nographic -s
> [    0.000000] Booting Linux on physical CPU 0x0
> [    0.000000] Linux version 5.4.2 (me@host) (gcc version 7.4.0 (Ubuntu/Linaro 7.4.0-1ubuntu1~18.04.1)) #1 Thu Dec 12 22:49:14 CET 2019
> [    0.000000] CPU: ARMv7 Processor [410fc075] revision 5 (ARMv7), cr=10c53c7d
> ...
> 
> Then rebuild QEMU with debugging enabled and again try to boot linux:
> $ ./configure --target-list=arm-softmmu --enable-debug --extra-cflags=-ggdb; make clean; make -j5
> $ ./arm-softmmu/qemu-system-arm -M raspi2 \
>    -kernel $HOME/linux-5.4.2/arch/arm/boot/zImage \
>    -append 'console=ttyAMA0,115200 earlyprintk debug' \
>    -dtb $HOME/linux-5.4.2/arch/arm/boot/dts/bcm2836-rpi-2-b.dtb \
>    -m 1024 -nographic -s
> qemu-system-arm: /home/me/qemu/target/arm/helper.c:11359: cpu_get_tb_cpu_state: Assertion `flags == rebuild_hflags_internal(env)' failed.
> qemu-system-arm: /home/me/qemu/target/arm/helper.c:11359: cpu_get_tb_cpu_state: Assertion `flags == rebuild_hflags_internal(env)' failed.
> qemu-system-arm: /home/me/qemu/target/arm/helper.c:11359: cpu_get_tb_cpu_state: Assertion `flags == rebuild_hflags_internal(env)' failed.
> Aborted (core dumped)
> 
> $ git describe
> v4.2.0
> 
> 
> What should be the next step? Should this be reported as a bug?

In this case we might already have the fix, but if Alex patch doesn't 
help, you are always welcome to open a bug report:
https://bugs.launchpad.net/qemu/+filebug
This help to have notes/progress gathered.

> On Tue, Dec 10, 2019 at 9:12 PM Niek Linnenbank 
> <nieklinnenbank@gmail.com <mailto:nieklinnenbank@gmail.com>> wrote:
> 
>     Hi Philippe,
> 
>     On Tue, Dec 10, 2019 at 9:26 AM Philippe Mathieu-Daudé
>     <philmd@redhat.com <mailto:philmd@redhat.com>> wrote:
> 
>         On 12/9/19 10:37 PM, Niek Linnenbank wrote:
>          > Hi Philippe,
>          >
>          > On Tue, Dec 3, 2019 at 9:47 AM Philippe Mathieu-Daudé
>         <philmd@redhat.com <mailto:philmd@redhat.com>
>          > <mailto:philmd@redhat.com <mailto:philmd@redhat.com>>> wrote:
>          >
>          >     On 12/2/19 10:09 PM, Niek Linnenbank wrote:
>          >      > Dear QEMU developers,
>          >      >
>          >      > Hereby I would like to contribute the following set of
>         patches to
>          >     QEMU
>          >      > which add support for the Allwinner H3 System on Chip
>         and the
>          >      > Orange Pi PC machine. The following features and
>         devices are
>          >     supported:
>          >      >
>          >      >   * SMP (Quad Core Cortex A7)
>          >      >   * Generic Interrupt Controller configuration
>          >      >   * SRAM mappings
>          >      >   * Timer device (re-used from Allwinner A10)
>          >      >   * UART
>          >      >   * SD/MMC storage controller
>          >      >   * EMAC ethernet connectivity
>          >      >   * USB 2.0 interfaces
>          >      >   * Clock Control Unit
>          >      >   * System Control module
>          >      >   * Security Identifier device
>          >
>          >     Awesome!
>          >
>          >      > Functionality related to graphical output such as
>         HDMI, GPU,
>          >      > Display Engine and audio are not included. Recently
>         released
>          >      > mainline Linux kernels (4.19 up to latest master) and
>         mainline U-Boot
>          >      > are known to work. The SD/MMC code is tested using
>         bonnie++ and
>          >      > various tools such as fsck, dd and fdisk. The EMAC is
>         verified
>          >     with iperf3
>          >      > using -netdev socket.
>          >      >
>          >      > To build a Linux mainline kernel that can be booted by
>         the Orange
>          >     Pi PC
>          >      > machine, simply configure the kernel using the
>         sunxi_defconfig
>          >     configuration:
>          >      >   $ ARCH=arm CROSS_COMPILE=arm-linux-gnueabi- make
>         mrproper
>          >      >   $ ARCH=arm CROSS_COMPILE=arm-linux-gnueabi- make
>         sunxi_defconfig
>          >      >
>          >      > To be able to use USB storage, you need to manually
>         enable the
>          >     corresponding
>          >      > configuration item. Start the kconfig configuration tool:
>          >      >   $ ARCH=arm CROSS_COMPILE=arm-linux-gnueabi- make
>         menuconfig
>          >      >
>          >      > Navigate to the following item, enable it and save your
>          >     configuration:
>          >      >   Device Drivers > USB support > USB Mass Storage support
>          >      >
>          >      > Build the Linux kernel with:
>          >      >   $ ARCH=arm CROSS_COMPILE=arm-linux-gnueabi- make -j5
>          >      >
>          >      > To boot the newly build linux kernel in QEMU with the
>         Orange Pi
>          >     PC machine, use:
>          >      >   $ qemu-system-arm -M orangepi -m 512 -nic user
>         -nographic \
>          >      >       -kernel /path/to/linux/arch/arm/boot/zImage \
>          >      >       -append 'console=ttyS0,115200' \
>          >      >       -dtb
>         /path/to/linux/arch/arm/boot/dts/sun8i-h3-orangepi-pc.dtb
>          >      >
>          >      > Note that this kernel does not have a root filesystem.
>         You may
>          >     provide it
>          >      > with an official Orange Pi PC image [1] either as an
>         SD card or as
>          >      > USB mass storage. To boot using the Orange Pi PC
>         Debian image on
>          >     SD card,
>          >      > simply add the -sd argument and provide the proper
>         root= kernel
>          >     parameter:
>          >      >   $ qemu-system-arm -M orangepi -m 512 -nic user
>         -nographic \
>          >      >       -kernel /path/to/linux/arch/arm/boot/zImage \
>          >      >       -append 'console=ttyS0,115200 root=/dev/mmcblk0p2' \
>          >      >       -dtb
>          >     /path/to/linux/arch/arm/boot/dts/sun8i-h3-orangepi-pc.dtb \
>          >      >       -sd
>         OrangePi_pc_debian_stretch_server_linux5.3.5_v1.0.img
>          >      >
>          >      > Alternatively, you can also choose to build and boot a
>         recent
>          >     buildroot [2]
>          >      > using the orangepi_pc_defconfig or Armbian image [3]
>         for Orange
>          >     Pi PC.
>          >
>          >     Richard, trying the Armbian image from
>          > https://apt.armbian.com/pool/main/l/linux-4.20.7-sunxi/ I get:
>          >
>          >     $ arm-softmmu/qemu-system-arm -M orangepi -m 512 -nic user \
>          >         -append 'console=ttyS0,115200' \
>          >         -kernel boot/vmlinuz-4.20.7-sunxi \
>          >         -dtb
>         usr/lib/linux-image-dev-sunxi/sun8i-h3-orangepi-pc.dtb \
>          >         -serial stdio -d unimp
>          >     Uncompressing Linux... done, booting the kernel.
>          >     rtc: unimplemented device write (size 4, value
>         0x16aa0001, offset 0x0)
>          >     rtc: unimplemented device read (size 4, offset 0x0)
>          >     rtc: unimplemented device read (size 4, offset 0x0)
>          >     rtc: unimplemented device read (size 4, offset 0x8)
>          >     qemu-system-arm: target/arm/helper.c:11359:
>         cpu_get_tb_cpu_state:
>          >     Assertion `flags == rebuild_hflags_internal(env)' failed.
>          >     Aborted (core dumped)
>          >
>          >
>          > I'm trying to reproduce the error you reported here with my
>         patch set on
>          > latest master,
>          > but so far without any result. The host OS I'm using is
>         Ubuntu 18.04.3
>          > LTS on x86_64.
>          > I ran several times using the same 4.20.7-sunxi kernel and
>         same command
>          > line.
>          >
>          > Some questions that might help:
>          > 1) Are there any specific steps you did in order to produce
>         this error?
> 
>         I build QEMU with:
> 
>         ./configure --enable-trace-backends=log --extra-cflags=-ggdb
>         --enable-debug
> 
>          > 2) Could this be a known / existing issue?
>          > 3) How many times did you see this error?
> 
>         Always
> 
>          > 4) Are you also using Ubuntu 18.04.3 LTS on x86_64, or a
>         different host OS?
> 
>         Host is Fedora 30.
> 
> 
>     OK thanks, I will try again using the info above after I finished
>     reworking the other patch comments.
> 
>     Niek
Niek Linnenbank Dec. 13, 2019, 8:45 p.m. UTC | #15
Hi Philippe,

On Fri, Dec 13, 2019 at 12:25 AM Philippe Mathieu-Daudé <philmd@redhat.com>
wrote:

> Cc'ing Alex.
>
> On 12/13/19 12:07 AM, Niek Linnenbank wrote:
> > Hi Philippe,
> >
> > I have discovered that the hflags assertion error you reported is not
> > caused by the Allwinner H3
> > patches but actually an existing problem. What I did is to use the
> > latest master (v4.2.0 tag) without any patches applied.
> > and tried to boot the raspi2 machine with and without debugging enabled.
> > Without debuggin, the raspi2
> > machine runs fine and can boot the 5.4.2 linux kernel. With debugging
> > enabled, the same hflags error shows.
>
> This might be the same bug I hit last week... Alex suggested a patch:
> https://www.mail-archive.com/qemu-devel@nongnu.org/msg664500.html
>
> Do you mind to try it?
>

Ahh OK, I was not aware that this was already seen and solved!
Sometimes I try use the lists.gnu.org site to keep an eye out for relevant
emails going to qemu-devel,
but I totally missed this fix. Too many e-mails. Perhaps instead I should
just subscribe to the mailing list and use filters.

I retried with the raspi2 machine and alex's patch, and indeed the hflags
error is gone and
the machine starts fine with debugging enabled.

Ofcourse, I also retried with the Allwinner H3 patches + alex's fix applied
and the orangepi-pc machine,
and unfortunately, there the hflags assertion did still show up.

Then I looked further to try and understand what is going on, and it looked
to me that the hflags is a
state variable, that needs to be rebuild after changing some other fields
inside the ARM cpu object.
And in my patch #0006 I did just that: I tried to resolve the undefined
exceptions I got using arm_set_cpu_on(),
by setting CP10,CP11 bits. So I tried to use the arm_rebuild_hflags()
function after applying the CP10,CP11 bits,
and that solved the assertion issue (see below).

Can you verify if this change also resolves the hflags assertion on your
side?

I'll also reply to the mail for patch #0006 with this info.

Regards,
Niek

diff --git a/target/arm/arm-powerctl.c b/target/arm/arm-powerctl.c
index f77a950db6..cf2f3d69ab 100644
--- a/target/arm/arm-powerctl.c
+++ b/target/arm/arm-powerctl.c
@@ -104,6 +104,9 @@ static void arm_set_cpu_on_async_work(CPUState
*target_cpu_state,
         /* Processor is not in secure mode */
         target_cpu->env.cp15.scr_el3 |= SCR_NS;

+        /* Set NSACR.{CP11,CP10} so NS can access the FPU */
+        target_cpu->env.cp15.nsacr |= 3 << 10;
+
         /*
          * If QEMU is providing the equivalent of EL3 firmware, then we need
          * to make sure a CPU targeting EL2 comes out of reset with a
@@ -124,6 +127,9 @@ static void arm_set_cpu_on_async_work(CPUState
*target_cpu_state,
         target_cpu->env.regs[0] = info->context_id;
     }

+    /* Ensure hflags is rebuild */
+    arm_rebuild_hflags(&target_cpu->env);
+
     /* Start the new CPU at the requested address */
     cpu_set_pc(target_cpu_state, info->entry);




>
> If it still fails, you might also add this one on top:
> https://www.mail-archive.com/qemu-devel@nongnu.org/msg663843.html
> and report the error.
>
> That patch is indeed very helpful


> >
> > To reproduce it, build Linux 5.4.2 with the bmc2835_defconfig:
> >
> > $ ARCH=arm CROSS_COMPILE=arm-linux-gnueabi- make mrproper
> > $ ARCH=arm CROSS_COMPILE=arm-linux-gnueabi- make bcm2835_defconfig
> > $ ARCH=arm CROSS_COMPILE=arm-linux-gnueabi- make -j5
> > ...
> >
> > First build QEMU without debugging and try to boot linux:
> > $ ./configure --target-list=arm-softmmu; make clean; make -j5
> > $ ./arm-softmmu/qemu-system-arm -M raspi2 \
> >    -kernel $HOME/linux-5.4.2/arch/arm/boot/zImage \
> >    -append 'console=ttyAMA0,115200 earlyprintk debug' \
> >    -dtb $HOME/linux-5.4.2/arch/arm/boot/dts/bcm2836-rpi-2-b.dtb \
> >    -m 1024 -nographic -s
> > [    0.000000] Booting Linux on physical CPU 0x0
> > [    0.000000] Linux version 5.4.2 (me@host) (gcc version 7.4.0
> (Ubuntu/Linaro 7.4.0-1ubuntu1~18.04.1)) #1 Thu Dec 12 22:49:14 CET 2019
> > [    0.000000] CPU: ARMv7 Processor [410fc075] revision 5 (ARMv7),
> cr=10c53c7d
> > ...
> >
> > Then rebuild QEMU with debugging enabled and again try to boot linux:
> > $ ./configure --target-list=arm-softmmu --enable-debug
> --extra-cflags=-ggdb; make clean; make -j5
> > $ ./arm-softmmu/qemu-system-arm -M raspi2 \
> >    -kernel $HOME/linux-5.4.2/arch/arm/boot/zImage \
> >    -append 'console=ttyAMA0,115200 earlyprintk debug' \
> >    -dtb $HOME/linux-5.4.2/arch/arm/boot/dts/bcm2836-rpi-2-b.dtb \
> >    -m 1024 -nographic -s
> > qemu-system-arm: /home/me/qemu/target/arm/helper.c:11359:
> cpu_get_tb_cpu_state: Assertion `flags == rebuild_hflags_internal(env)'
> failed.
> > qemu-system-arm: /home/me/qemu/target/arm/helper.c:11359:
> cpu_get_tb_cpu_state: Assertion `flags == rebuild_hflags_internal(env)'
> failed.
> > qemu-system-arm: /home/me/qemu/target/arm/helper.c:11359:
> cpu_get_tb_cpu_state: Assertion `flags == rebuild_hflags_internal(env)'
> failed.
> > Aborted (core dumped)
> >
> > $ git describe
> > v4.2.0
> >
> >
> > What should be the next step? Should this be reported as a bug?
>
> In this case we might already have the fix, but if Alex patch doesn't
> help, you are always welcome to open a bug report:
> https://bugs.launchpad.net/qemu/+filebug
> This help to have notes/progress gathered.
>
> > On Tue, Dec 10, 2019 at 9:12 PM Niek Linnenbank
> > <nieklinnenbank@gmail.com <mailto:nieklinnenbank@gmail.com>> wrote:
> >
> >     Hi Philippe,
> >
> >     On Tue, Dec 10, 2019 at 9:26 AM Philippe Mathieu-Daudé
> >     <philmd@redhat.com <mailto:philmd@redhat.com>> wrote:
> >
> >         On 12/9/19 10:37 PM, Niek Linnenbank wrote:
> >          > Hi Philippe,
> >          >
> >          > On Tue, Dec 3, 2019 at 9:47 AM Philippe Mathieu-Daudé
> >         <philmd@redhat.com <mailto:philmd@redhat.com>
> >          > <mailto:philmd@redhat.com <mailto:philmd@redhat.com>>> wrote:
> >          >
> >          >     On 12/2/19 10:09 PM, Niek Linnenbank wrote:
> >          >      > Dear QEMU developers,
> >          >      >
> >          >      > Hereby I would like to contribute the following set of
> >         patches to
> >          >     QEMU
> >          >      > which add support for the Allwinner H3 System on Chip
> >         and the
> >          >      > Orange Pi PC machine. The following features and
> >         devices are
> >          >     supported:
> >          >      >
> >          >      >   * SMP (Quad Core Cortex A7)
> >          >      >   * Generic Interrupt Controller configuration
> >          >      >   * SRAM mappings
> >          >      >   * Timer device (re-used from Allwinner A10)
> >          >      >   * UART
> >          >      >   * SD/MMC storage controller
> >          >      >   * EMAC ethernet connectivity
> >          >      >   * USB 2.0 interfaces
> >          >      >   * Clock Control Unit
> >          >      >   * System Control module
> >          >      >   * Security Identifier device
> >          >
> >          >     Awesome!
> >          >
> >          >      > Functionality related to graphical output such as
> >         HDMI, GPU,
> >          >      > Display Engine and audio are not included. Recently
> >         released
> >          >      > mainline Linux kernels (4.19 up to latest master) and
> >         mainline U-Boot
> >          >      > are known to work. The SD/MMC code is tested using
> >         bonnie++ and
> >          >      > various tools such as fsck, dd and fdisk. The EMAC is
> >         verified
> >          >     with iperf3
> >          >      > using -netdev socket.
> >          >      >
> >          >      > To build a Linux mainline kernel that can be booted by
> >         the Orange
> >          >     Pi PC
> >          >      > machine, simply configure the kernel using the
> >         sunxi_defconfig
> >          >     configuration:
> >          >      >   $ ARCH=arm CROSS_COMPILE=arm-linux-gnueabi- make
> >         mrproper
> >          >      >   $ ARCH=arm CROSS_COMPILE=arm-linux-gnueabi- make
> >         sunxi_defconfig
> >          >      >
> >          >      > To be able to use USB storage, you need to manually
> >         enable the
> >          >     corresponding
> >          >      > configuration item. Start the kconfig configuration
> tool:
> >          >      >   $ ARCH=arm CROSS_COMPILE=arm-linux-gnueabi- make
> >         menuconfig
> >          >      >
> >          >      > Navigate to the following item, enable it and save your
> >          >     configuration:
> >          >      >   Device Drivers > USB support > USB Mass Storage
> support
> >          >      >
> >          >      > Build the Linux kernel with:
> >          >      >   $ ARCH=arm CROSS_COMPILE=arm-linux-gnueabi- make -j5
> >          >      >
> >          >      > To boot the newly build linux kernel in QEMU with the
> >         Orange Pi
> >          >     PC machine, use:
> >          >      >   $ qemu-system-arm -M orangepi -m 512 -nic user
> >         -nographic \
> >          >      >       -kernel /path/to/linux/arch/arm/boot/zImage \
> >          >      >       -append 'console=ttyS0,115200' \
> >          >      >       -dtb
> >         /path/to/linux/arch/arm/boot/dts/sun8i-h3-orangepi-pc.dtb
> >          >      >
> >          >      > Note that this kernel does not have a root filesystem.
> >         You may
> >          >     provide it
> >          >      > with an official Orange Pi PC image [1] either as an
> >         SD card or as
> >          >      > USB mass storage. To boot using the Orange Pi PC
> >         Debian image on
> >          >     SD card,
> >          >      > simply add the -sd argument and provide the proper
> >         root= kernel
> >          >     parameter:
> >          >      >   $ qemu-system-arm -M orangepi -m 512 -nic user
> >         -nographic \
> >          >      >       -kernel /path/to/linux/arch/arm/boot/zImage \
> >          >      >       -append 'console=ttyS0,115200
> root=/dev/mmcblk0p2' \
> >          >      >       -dtb
> >          >     /path/to/linux/arch/arm/boot/dts/sun8i-h3-orangepi-pc.dtb
> \
> >          >      >       -sd
> >         OrangePi_pc_debian_stretch_server_linux5.3.5_v1.0.img
> >          >      >
> >          >      > Alternatively, you can also choose to build and boot a
> >         recent
> >          >     buildroot [2]
> >          >      > using the orangepi_pc_defconfig or Armbian image [3]
> >         for Orange
> >          >     Pi PC.
> >          >
> >          >     Richard, trying the Armbian image from
> >          > https://apt.armbian.com/pool/main/l/linux-4.20.7-sunxi/ I
> get:
> >          >
> >          >     $ arm-softmmu/qemu-system-arm -M orangepi -m 512 -nic
> user \
> >          >         -append 'console=ttyS0,115200' \
> >          >         -kernel boot/vmlinuz-4.20.7-sunxi \
> >          >         -dtb
> >         usr/lib/linux-image-dev-sunxi/sun8i-h3-orangepi-pc.dtb \
> >          >         -serial stdio -d unimp
> >          >     Uncompressing Linux... done, booting the kernel.
> >          >     rtc: unimplemented device write (size 4, value
> >         0x16aa0001, offset 0x0)
> >          >     rtc: unimplemented device read (size 4, offset 0x0)
> >          >     rtc: unimplemented device read (size 4, offset 0x0)
> >          >     rtc: unimplemented device read (size 4, offset 0x8)
> >          >     qemu-system-arm: target/arm/helper.c:11359:
> >         cpu_get_tb_cpu_state:
> >          >     Assertion `flags == rebuild_hflags_internal(env)' failed.
> >          >     Aborted (core dumped)
> >          >
> >          >
> >          > I'm trying to reproduce the error you reported here with my
> >         patch set on
> >          > latest master,
> >          > but so far without any result. The host OS I'm using is
> >         Ubuntu 18.04.3
> >          > LTS on x86_64.
> >          > I ran several times using the same 4.20.7-sunxi kernel and
> >         same command
> >          > line.
> >          >
> >          > Some questions that might help:
> >          > 1) Are there any specific steps you did in order to produce
> >         this error?
> >
> >         I build QEMU with:
> >
> >         ./configure --enable-trace-backends=log --extra-cflags=-ggdb
> >         --enable-debug
> >
> >          > 2) Could this be a known / existing issue?
> >          > 3) How many times did you see this error?
> >
> >         Always
> >
> >          > 4) Are you also using Ubuntu 18.04.3 LTS on x86_64, or a
> >         different host OS?
> >
> >         Host is Fedora 30.
> >
> >
> >     OK thanks, I will try again using the info above after I finished
> >     reworking the other patch comments.
> >
> >     Niek
>
>