From cb9881999dead51723bc5eb6d6fc2837f9345920 Mon Sep 17 00:00:00 2001 From: Mark Cave-Ayland Date: Fri, 12 Jan 2024 12:53:21 +0000 Subject: [PATCH] esp.c: fix premature end of phase logic esp_command_complete There are two cases here: the first is when the TI command underflows, in which case we raise INTR_BS to indicate an early change of phase, and the second is when the TI command overflows because the host requested a transfer for more data than is available. In the latter case force TC to zero so that the TI completion logic executes correctly. Signed-off-by: Mark Cave-Ayland Tested-by: Helge Deller Tested-by: Thomas Huth Message-Id: <20240112125420.514425-30-mark.cave-ayland@ilande.co.uk> Signed-off-by: Mark Cave-Ayland --- hw/scsi/esp.c | 22 +++++++++++++++++----- 1 file changed, 17 insertions(+), 5 deletions(-) diff --git a/hw/scsi/esp.c b/hw/scsi/esp.c index f20026c3dc..c6151d306e 100644 --- a/hw/scsi/esp.c +++ b/hw/scsi/esp.c @@ -887,7 +887,6 @@ void esp_command_complete(SCSIRequest *req, size_t resid) if (s->ti_size != 0) { trace_esp_command_complete_unexpected(); } - s->ti_size = 0; } s->async_len = 0; @@ -897,13 +896,26 @@ void esp_command_complete(SCSIRequest *req, size_t resid) s->status = req->status; /* - * If the transfer is finished, switch to status phase. For non-DMA - * transfers from the target the last byte is still in the FIFO + * Switch to status phase. For non-DMA transfers from the target the last + * byte is still in the FIFO */ + esp_set_phase(s, STAT_ST); if (s->ti_size == 0) { - esp_set_phase(s, STAT_ST); + /* + * Transfer complete: force TC to zero just in case a TI command was + * requested for more data than the command returns (Solaris 8 does + * this) + */ + esp_set_tc(s, 0); esp_dma_done(s); - esp_lower_drq(s); + } else { + /* + * Transfer truncated: raise INTR_BS to indicate early change of + * phase + */ + s->rregs[ESP_RINTR] |= INTR_BS; + esp_raise_irq(s); + s->ti_size = 0; } if (s->current_req) {