On Mon, 12 May 2014, Mark Cave-Ayland wrote:
On 12/05/14 20:32, BALATON Zoltan wrote:
(cut)

MorphOS and Darwin are definitely doing things differently. I hope
someone who understands what is happening can explain it why one of them
works while the other doesn't.

Which I hope is what I'm trying to do? From hw/ide/atapi.c you can see that

Yes, your comments and advise are helping a lot. Thank you.

command 0x43 is read the TOC which according to atapi_cmd_table should call cmd_read_toc_pma_atip(). You can see that in your MorphOS case you are getting a line with a "atapi_cmd_error" prefix which indicates that something is calling ide_atapi_cmd_error() to return an error code instead of ide_atapi_cmd_reply() which would output the "reply" prefix as seen in your Darwin case. So you need to step through these functions in QEMU in order to see why your ATAPI command is failing.

I've tried doing this and it seems that the cmd_read_toc_pma_atip function returns all right (via the case 0 path) with a 20 byte result array and calls ide_atapi_cmd_reply which takes the DMA path as s->atapi_dma is set to 1 and the error comes from somewhere during trying to DMA the result back to the client. I could not follow it so I've only got a backtrace from where ide_atapi_cmd_error is called:

DBDMA: DBDMA_run_bh
DBDMA: writel 0x0000000000000d00 <= 0x80008000
DBDMA: channel 0x1a reg 0x0
DBDMA:     status 0x00008400
DBDMA: readl 0x0000000000000d00 => 0x80008000
DBDMA: channel 0x1a reg 0x0
DBDMA: DBDMA_run_bh
DBDMA: channel_run
dbdma_cmd 0x5555563cccb0
    req_count 0x0324
    command 0x3000
    phy_addr 0x00e17e4c
    cmd_dep 0x00000000
    res_count 0x0000
    xfer_status 0x0000
DBDMA: start_input
DBDMA: addr 0xe17e4c key 0x0
pmac_ide_transfer(ATAPI) lba=ffffffff, buffer_index=0, len=324
io_buffer_size = 0
io->len = 0x324
sector_num=-1 size=20, cmd_cmd=0
[Switching to Thread 0x7ffff7fc5900 (LWP 6462)]

Breakpoint 2, ide_atapi_cmd_error (s=0x5555563cb238, sense_key=5, asc=33)
    at hw/ide/atapi.c:141
141     {
(gdb) bt
#0  ide_atapi_cmd_error (s=0x5555563cb238, sense_key=5, asc=33)
    at hw/ide/atapi.c:141
#1  0x00005555556cecf5 in ide_atapi_io_error (s=0x5555563cb238, ret=-5)
    at hw/ide/atapi.c:160
#2  0x00005555556d9d01 in pmac_ide_atapi_transfer_cb (opaque=0x5555563ccc68,
    ret=-5) at hw/ide/macio.c:64
#3  0x00005555556780d2 in dma_complete (dbs=0x5555563ab840, ret=-5)
    at dma-helpers.c:121
#4  0x00005555556781db in dma_bdrv_cb (opaque=0x5555563ab840, ret=-5)
    at dma-helpers.c:149
#5  0x0000555555614dd1 in bdrv_co_em_bh (opaque=0x5555563b5000) at block.c:4602
#6  0x00005555555f8170 in aio_bh_poll (ctx=0x55555637fc00) at async.c:81
#7  0x00005555555f7dc9 in aio_poll (ctx=0x55555637fc00, blocking=false)
    at aio-posix.c:188
#8  0x00005555555f8587 in aio_ctx_dispatch (source=0x55555637fc00, callback=
    0x0, user_data=0x0) at async.c:205
#9  0x00007ffff78ca6d5 in g_main_context_dispatch ()
   from /lib64/libglib-2.0.so.0
#10 0x00005555557a0f42 in glib_pollfds_poll () at main-loop.c:190
#11 0x00005555557a1042 in os_host_main_loop_wait (timeout=0) at main-loop.c:235
#12 0x00005555557a1115 in main_loop_wait (nonblocking=1) at main-loop.c:484
#13 0x0000555555844190 in main_loop () at vl.c:2075
#14 0x000055555584bc23 in main (argc=30, argv=0x7fffffffdc88, envp=
    0x7fffffffdd80) at vl.c:4556

Do you have any idea how to debug this further or does this help to tell where is the problem? (I think the question is where does the -5 return value come from?)

Regards,
BALATON Zoltan

Reply via email to