| Message ID | 20160722095540.5887-1-paul.burton@imgtec.com (mailing list archive) |
|---|---|
| State | New, archived |
| Headers | show |
On 2016-07-22 10:55, Paul Burton wrote: > The print routine provided as part of the in-built bootloader had a bug > in that it attempted to use a jump instruction as part of a loop, but > the target has its upper bits zeroed leading to control flow > transferring to 0xb0000814 rather than the intended 0xbfc00814. Fix this > by using a branch instruction instead, which seems more fit for purpose. > > A simple way to test this is to build a Linux kernel with EVA enabled & > attempt to boot it in QEMU. It will attempt to print a message > indicating the configuration mismatch but QEMU would previously > incorrectly jump & wind up printing a continuous stream of the letter E. > > Signed-off-by: Paul Burton <paul.burton@imgtec.com> > Cc: Aurelien Jarno <aurelien@aurel32.net> > Cc: Leon Alrae <leon.alrae@imgtec.com> > --- > hw/mips/mips_malta.c | 2 +- > 1 file changed, 1 insertion(+), 1 deletion(-) > > diff --git a/hw/mips/mips_malta.c b/hw/mips/mips_malta.c > index 34d41ef..e90857e 100644 > --- a/hw/mips/mips_malta.c > +++ b/hw/mips/mips_malta.c > @@ -727,7 +727,7 @@ static void write_bootloader(uint8_t *base, int64_t run_addr, > stl_p(p++, 0x00000000); /* nop */ > stl_p(p++, 0x0ff0021c); /* jal 870 */ > stl_p(p++, 0x00000000); /* nop */ > - stl_p(p++, 0x08000205); /* j 814 */ > + stl_p(p++, 0x1000fff9); /* b 814 */ > stl_p(p++, 0x00000000); /* nop */ > stl_p(p++, 0x01a00009); /* jalr t5 */ > stl_p(p++, 0x01602021); /* move a0,t3 */ This looks fine. The switch from jump to branch is questionable given there are other jumps around in the code, but that's just nitpicking. Reviewed-by: Aurelien Jarno <aurelien@aurel32.net>
On Fri, Jul 22, 2016 at 10:55:40AM +0100, Paul Burton wrote: > The print routine provided as part of the in-built bootloader had a bug > in that it attempted to use a jump instruction as part of a loop, but > the target has its upper bits zeroed leading to control flow > transferring to 0xb0000814 rather than the intended 0xbfc00814. Fix this > by using a branch instruction instead, which seems more fit for purpose. > > A simple way to test this is to build a Linux kernel with EVA enabled & > attempt to boot it in QEMU. It will attempt to print a message > indicating the configuration mismatch but QEMU would previously > incorrectly jump & wind up printing a continuous stream of the letter E. > > Signed-off-by: Paul Burton <paul.burton@imgtec.com> > Cc: Aurelien Jarno <aurelien@aurel32.net> > Cc: Leon Alrae <leon.alrae@imgtec.com> > --- > hw/mips/mips_malta.c | 2 +- > 1 file changed, 1 insertion(+), 1 deletion(-) Applied to target-mips queue. Thanks, Leon
diff --git a/hw/mips/mips_malta.c b/hw/mips/mips_malta.c index 34d41ef..e90857e 100644 --- a/hw/mips/mips_malta.c +++ b/hw/mips/mips_malta.c @@ -727,7 +727,7 @@ static void write_bootloader(uint8_t *base, int64_t run_addr, stl_p(p++, 0x00000000); /* nop */ stl_p(p++, 0x0ff0021c); /* jal 870 */ stl_p(p++, 0x00000000); /* nop */ - stl_p(p++, 0x08000205); /* j 814 */ + stl_p(p++, 0x1000fff9); /* b 814 */ stl_p(p++, 0x00000000); /* nop */ stl_p(p++, 0x01a00009); /* jalr t5 */ stl_p(p++, 0x01602021); /* move a0,t3 */
The print routine provided as part of the in-built bootloader had a bug in that it attempted to use a jump instruction as part of a loop, but the target has its upper bits zeroed leading to control flow transferring to 0xb0000814 rather than the intended 0xbfc00814. Fix this by using a branch instruction instead, which seems more fit for purpose. A simple way to test this is to build a Linux kernel with EVA enabled & attempt to boot it in QEMU. It will attempt to print a message indicating the configuration mismatch but QEMU would previously incorrectly jump & wind up printing a continuous stream of the letter E. Signed-off-by: Paul Burton <paul.burton@imgtec.com> Cc: Aurelien Jarno <aurelien@aurel32.net> Cc: Leon Alrae <leon.alrae@imgtec.com> --- hw/mips/mips_malta.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-)