arm64 syzbot instances

Arnd Bergmann arnd at arndb.de
Sun Mar 21 11:52:57 GMT 2021


On Sat, Mar 20, 2021 at 9:43 PM Peter Maydell <peter.maydell at linaro.org> wrote:
>
> On Fri, 12 Mar 2021 at 09:16, Arnd Bergmann <arnd at arndb.de> wrote:
> > So it's probably qemu that triggers the 'synchronous external
> > abort' when accessing the PCI I/O space, which in turn hints
> > towards a bug in qemu. Presumably it only returns data from
> > I/O ports that are actually mapped to a device when real hardware
> > is supposed to return 0xffffffff when reading from unused I/O ports.
>
> Do you have a reference to the bit of the PCI spec that mandates
> this -1/discard behaviour for attempted access to places where
> there isn't actually a PCI device mapped ? The spec is pretty
> long and hard to read...
>
> (Knowing to what extent this behaviour is mandatory for all
> PCI systems/host controllers vs just "it would be nice if the
> gpex host controller worked this way" would help in figuring
> out where in QEMU to change.)

Sorry, I don't. I can probably find something in there myself,
but in the end it comes down to Linux drivers relying on this
behavior for ISA devices since the start. On an old-style x86
PC, this is the only method for finding out if a device is present
or not, since there is no description in the firmware that lists them.

PCIe devices remain backwards compatible with the old ISA
bus, so the old behavior must generally be kept possible.
I don't think a specification for the ISA bus exists at all, and
I found nothing in the related LPC specification about reading
from an unknown device.

https://tldp.org/HOWTO/Plug-and-Play-HOWTO-6.html#ss6.12
states the behavior of the ISA I/O ports and how Linux drivers rely
on that. Is that enough for you?

          Arnd



More information about the linux-arm-kernel mailing list