summary refs log tree commit diff stats
path: root/gitlab/issues/target_missing/host_missing/accel_missing/1604.toml
diff options
context:
space:
mode:
Diffstat (limited to 'gitlab/issues/target_missing/host_missing/accel_missing/1604.toml')
-rw-r--r--gitlab/issues/target_missing/host_missing/accel_missing/1604.toml71
1 files changed, 71 insertions, 0 deletions
diff --git a/gitlab/issues/target_missing/host_missing/accel_missing/1604.toml b/gitlab/issues/target_missing/host_missing/accel_missing/1604.toml
new file mode 100644
index 00000000..47d9a371
--- /dev/null
+++ b/gitlab/issues/target_missing/host_missing/accel_missing/1604.toml
@@ -0,0 +1,71 @@
+id = 1604
+title = "Get wrong rom when loading 2 different firmware to 2 cpu."
+state = "opened"
+created_at = "2023-04-14T08:40:06.650Z"
+closed_at = "n/a"
+labels = ["workflow::Confirmed"]
+url = "https://gitlab.com/qemu-project/qemu/-/issues/1604"
+host-os = "Linux"
+host-arch = "x86"
+qemu-version = "7.2.92 (v8.0 rc2)"
+guest-os = "none"
+guest-arch = "armv7"
+description = """HI, I'm trying to model a machine with 2 cortex-m7 cpu. The 2 CPUs have their own address spaces.
+and when loading rom to init sp and pc, the CPU1 would load the rom of CPU0, because it seems not check 
+address space here.
+```c
+void *rom_ptr_for_as(AddressSpace *as, hwaddr addr, size_t size)
+{
+    /*
+     * Find any ROM data for the given guest address range.  If there
+     * is a ROM blob then return a pointer to the host memory
+     * corresponding to 'addr'; otherwise return NULL.
+     *
+     * We look not only for ROM blobs that were loaded directly to
+     * addr, but also for ROM blobs that were loaded to aliases of
+     * that memory at other addresses within the AddressSpace.
+     *
+     * Note that we do not check @as against the 'as' member in the
+     * 'struct Rom' returned by rom_ptr(). The Rom::as is the
+     * AddressSpace which the rom blob should be written to, whereas
+     * our @as argument is the AddressSpace which we are (effectively)
+     * reading from, and the same underlying RAM will often be visible
+     * in multiple AddressSpaces. (A common example is a ROM blob
+     * written to the 'system' address space but then read back via a
+     * CPU's cpu->as pointer.) This does mean we might potentially
+     * return a false-positive match if a ROM blob was loaded into an
+     * AS which is entirely separate and distinct from the one we're
+     * querying, but this issue exists also for rom_ptr() and hasn't
+     * caused any problems in practice.
+     */
+    FlatView *fv;
+    void *rom;
+    hwaddr len_unused;
+    FindRomCBData cbdata = {};
+
+    /* Easy case: there's data at the actual address */
+    rom = rom_ptr(addr, size);
+    if (rom) {
+        return rom;
+    }
+```"""
+reproduce = """1. create a machine with 2 cortex-m7 cores and their own rom/ram. 
+2. Set different ram size for them. for example, cpu0 ram size:0x40000, cpu1 ram size:0x20000
+3. build firmware of 2 cpu. make sure the init SP(local at 0x0) is set to the top the ram.
+4. use command:
+```
+./qemu-system-arm -M mymachine -smp 2 \\
+-device loader,file=./cpu0.elf,addr=0x0,cpu-num=0 \\
+-device loader,file=./cpu1.elf,addr=0x0,cpu-num=1  \\
+-serial stdio -serial tcp::5678,server=on,wait=off 
+```
+to start this machine.
+
+5. the cpu1 will panic when it try to use stack:
+`qemu-system-arm: ../target/arm/cpu.h:2396: arm_is_secure_below_el3: Assertion failed.` 
+
+
+Sorry that I'm not sure whether this is an issue or I did something wrong. So post it here.
+For local fix this problem, I add a func `rom_ptr_wit_as(addr,size,as)` to find a rom with addresspace check. 
+Is it proper?"""
+additional = """"""