Hi Philippe,

Thanks for your very quick response!
I remember I have seen this error before while working on the patches, in particular
on the SMP part. I'll try to reproduce this error with the 4.20 sunxi kernel you used and debug it.

Could it be related to the change I made in patch 0006 for the CP10/CP11 bits?
Basically I needed to add that to get the CPUCFG module working. It is an interface
that U-Boot uses to reset the secondary cores for PSCI functionality. I used
the arm_set_cpu_on() function there to reset the cores at the desired start address,
but Im not sure if that function is the right choice. At some point while rebasing the patches,
I got undefined exceptions which turned out to be because of the CP10/CP11 bits missing.
If I made an obvious mistake there, please let me know and I'll correct it.

Regards,
Niek


On Tue, Dec 3, 2019 at 9:47 AM Philippe Mathieu-Daudé <philmd@redhat.com> wrote:
On 12/2/19 10:09 PM, Niek Linnenbank wrote:
> Dear QEMU developers,
>
> Hereby I would like to contribute the following set of patches to QEMU
> which add support for the Allwinner H3 System on Chip and the
> Orange Pi PC machine. The following features and devices are supported:
>
>   * SMP (Quad Core Cortex A7)
>   * Generic Interrupt Controller configuration
>   * SRAM mappings
>   * Timer device (re-used from Allwinner A10)
>   * UART
>   * SD/MMC storage controller
>   * EMAC ethernet connectivity
>   * USB 2.0 interfaces
>   * Clock Control Unit
>   * System Control module
>   * Security Identifier device

Awesome!

> Functionality related to graphical output such as HDMI, GPU,
> Display Engine and audio are not included. Recently released
> mainline Linux kernels (4.19 up to latest master) and mainline U-Boot
> are known to work. The SD/MMC code is tested using bonnie++ and
> various tools such as fsck, dd and fdisk. The EMAC is verified with iperf3
> using -netdev socket.
>
> To build a Linux mainline kernel that can be booted by the Orange Pi PC
> machine, simply configure the kernel using the sunxi_defconfig configuration:
>   $ ARCH=arm CROSS_COMPILE=arm-linux-gnueabi- make mrproper
>   $ ARCH=arm CROSS_COMPILE=arm-linux-gnueabi- make sunxi_defconfig
>
> To be able to use USB storage, you need to manually enable the corresponding
> configuration item. Start the kconfig configuration tool:
>   $ ARCH=arm CROSS_COMPILE=arm-linux-gnueabi- make menuconfig
>
> Navigate to the following item, enable it and save your configuration:
>   Device Drivers > USB support > USB Mass Storage support
>
> Build the Linux kernel with:
>   $ ARCH=arm CROSS_COMPILE=arm-linux-gnueabi- make -j5
>
> To boot the newly build linux kernel in QEMU with the Orange Pi PC machine, use:
>   $ qemu-system-arm -M orangepi -m 512 -nic user -nographic \
>       -kernel /path/to/linux/arch/arm/boot/zImage \
>       -append 'console=ttyS0,115200' \
>       -dtb /path/to/linux/arch/arm/boot/dts/sun8i-h3-orangepi-pc.dtb
>
> Note that this kernel does not have a root filesystem. You may provide it
> with an official Orange Pi PC image [1] either as an SD card or as
> USB mass storage. To boot using the Orange Pi PC Debian image on SD card,
> simply add the -sd argument and provide the proper root= kernel parameter:
>   $ qemu-system-arm -M orangepi -m 512 -nic user -nographic \
>       -kernel /path/to/linux/arch/arm/boot/zImage \
>       -append 'console=ttyS0,115200 root=/dev/mmcblk0p2' \
>       -dtb /path/to/linux/arch/arm/boot/dts/sun8i-h3-orangepi-pc.dtb \
>       -sd OrangePi_pc_debian_stretch_server_linux5.3.5_v1.0.img
>
> Alternatively, you can also choose to build and boot a recent buildroot [2]
> using the orangepi_pc_defconfig or Armbian image [3] for Orange Pi PC.

Richard, trying the Armbian image from
https://apt.armbian.com/pool/main/l/linux-4.20.7-sunxi/ I get:

$ arm-softmmu/qemu-system-arm -M orangepi -m 512 -nic user \
   -append 'console=ttyS0,115200' \
   -kernel boot/vmlinuz-4.20.7-sunxi \
   -dtb usr/lib/linux-image-dev-sunxi/sun8i-h3-orangepi-pc.dtb \
   -serial stdio -d unimp
Uncompressing Linux... done, booting the kernel.
rtc: unimplemented device write (size 4, value 0x16aa0001, offset 0x0)
rtc: unimplemented device read (size 4, offset 0x0)
rtc: unimplemented device read (size 4, offset 0x0)
rtc: unimplemented device read (size 4, offset 0x8)
qemu-system-arm: target/arm/helper.c:11359: cpu_get_tb_cpu_state:
Assertion `flags == rebuild_hflags_internal(env)' failed.
Aborted (core dumped)

(gdb) bt
#0  0x00007f6c1fa2ce35 in raise () at /lib64/libc.so.6
#1  0x00007f6c1fa17895 in abort () at /lib64/libc.so.6
#2  0x00007f6c1fa17769 in _nl_load_domain.cold () at /lib64/libc.so.6
#3  0x00007f6c1fa25566 in annobin_assert.c_end () at /lib64/libc.so.6
#4  0x00005590657e2685 in cpu_get_tb_cpu_state (env=0x5590686899b0,
pc=0x7f6c07ffa718, cs_base=0x7f6c07ffa714, pflags=0x7f6c07ffa71c) at
target/arm/helper.c:11359
#5  0x000055906569f962 in tb_lookup__cpu_state (cpu=0x5590686808b0,
pc=0x7f6c07ffa718, cs_base=0x7f6c07ffa714, flags=0x7f6c07ffa71c,
cf_mask=524288) at include/exec/tb-lookup.h:28
#6  0x00005590656a084c in tb_find (cpu=0x5590686808b0, last_tb=0x0,
tb_exit=0, cf_mask=524288) at accel/tcg/cpu-exec.c:403
#7  0x00005590656a114a in cpu_exec (cpu=0x5590686808b0) at
accel/tcg/cpu-exec.c:730
#8  0x000055906565f6af in tcg_cpu_exec (cpu=0x5590686808b0) at cpus.c:1473
#9  0x000055906565ff05 in qemu_tcg_cpu_thread_fn (arg=0x5590686808b0) at
cpus.c:1781
#10 0x0000559065d54aa6 in qemu_thread_start (args=0x5590687d8c20) at
util/qemu-thread-posix.c:519
#11 0x00007f6c1fbc54c0 in start_thread () at /lib64/libpthread.so.0
#12 0x00007f6c1faf1553 in clone () at /lib64/libc.so.6

(gdb) p/x flags
$1 = 0x33600000

(gdb) p/x *env
$2 = {regs = {0x0 <repeats 15 times>, 0x40102448}, xregs = {0x0 <repeats
32 times>}, pc = 0x0, pstate = 0x0, aarch64 = 0x0, hflags = 0x33600000,
uncached_cpsr = 0x1a, spsr = 0x0, banked_spsr = {0x0, 0x0, 0x0, 0x0,
0x0, 0x0, 0x0, 0x0},
   banked_r13 = {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, banked_r14 =
{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, usr_regs = {0x0, 0x0, 0x0,
0x0, 0x0}, fiq_regs = {0x0, 0x0, 0x0, 0x0, 0x0}, CF = 0x0, VF = 0x0, NF
= 0x0, ZF = 0x0,
   QF = 0x0, GE = 0x0, thumb = 0x1, condexec_bits = 0x0, btype = 0x0,
daif = 0x3c0, elr_el = {0x0, 0x0, 0x0, 0x0}, sp_el = {0x0, 0x0, 0x0,
0x0}, cp15 = {c0_cpuid = 0x410fc075, {{_unused_csselr0 = 0x0, csselr_ns
= 0x0,
         _unused_csselr1 = 0x0, csselr_s = 0x0}, csselr_el = {0x0, 0x0,
0x0, 0x0}}, {{_unused_sctlr = 0x0, sctlr_ns = 0xc50078, hsctlr = 0x0,
sctlr_s = 0xc50078}, sctlr_el = {0x0, 0xc50078, 0x0, 0xc50078}},
cpacr_el1 = 0x0, cptr_el = {
       0x0, 0x0, 0x0, 0x0}, c1_xscaleauxcr = 0x0, sder = 0x0, nsacr =
0xc00, {{_unused_ttbr0_0 = 0x0, ttbr0_ns = 0x0, _unused_ttbr0_1 = 0x0,
ttbr0_s = 0x0}, ttbr0_el = {0x0, 0x0, 0x0, 0x0}}, {{_unused_ttbr1_0 =
0x0, ttbr1_ns = 0x0,
         _unused_ttbr1_1 = 0x0, ttbr1_s = 0x0}, ttbr1_el = {0x0, 0x0,
0x0, 0x0}}, vttbr_el2 = 0x0, tcr_el = {{raw_tcr = 0x0, mask = 0x0,
base_mask = 0x0}, {raw_tcr = 0x0, mask = 0x0, base_mask = 0xffffc000},
{raw_tcr = 0x0, mask = 0x0,
         base_mask = 0x0}, {raw_tcr = 0x0, mask = 0x0, base_mask =
0xffffc000}}, vtcr_el2 = {raw_tcr = 0x0, mask = 0x0, base_mask = 0x0},
c2_data = 0x0, c2_insn = 0x0, {{dacr_ns = 0x0, dacr_s = 0x0},
{dacr32_el2 = 0x0}},
     pmsav5_data_ap = 0x0, pmsav5_insn_ap = 0x0, hcr_el2 = 0x0, scr_el3
= 0x101, {{ifsr_ns = 0x0, ifsr_s = 0x0}, {ifsr32_el2 = 0x0}},
{{_unused_dfsr = 0x0, dfsr_ns = 0x0, hsr = 0x0, dfsr_s = 0x0}, esr_el =
{0x0, 0x0, 0x0, 0x0}},
     c6_region = {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0},
{{_unused_far0 = 0x0, dfar_ns = 0x0, ifar_ns = 0x0, dfar_s = 0x0, ifar_s
= 0x0, _unused_far3 = 0x0}, far_el = {0x0, 0x0, 0x0, 0x0}}, hpfar_el2 =
0x0, hstr_el2 = 0x0, {{
         _unused_par_0 = 0x0, par_ns = 0x0, _unused_par_1 = 0x0, par_s =
0x0}, par_el = {0x0, 0x0, 0x0, 0x0}}, c9_insn = 0x0, c9_data = 0x0,
c9_pmcr = 0x41002000, c9_pmcnten = 0x0, c9_pmovsr = 0x0, c9_pmuserenr =
0x0, c9_pmselr = 0x0,
     c9_pminten = 0x0, {{_unused_mair_0 = 0x0, mair0_ns = 0x0, mair1_ns
= 0x0, _unused_mair_1 = 0x0, mair0_s = 0x0, mair1_s = 0x0}, mair_el =
{0x0, 0x0, 0x0, 0x0}}, {{_unused_vbar = 0x0, vbar_ns = 0x0, hvbar = 0x0,
vbar_s = 0x0},
       vbar_el = {0x0, 0x0, 0x0, 0x0}}, mvbar = 0x0, {fcseidr_ns = 0x0,
fcseidr_s = 0x0}, {{_unused_contextidr_0 = 0x0, contextidr_ns = 0x0,
_unused_contextidr_1 = 0x0, contextidr_s = 0x0}, contextidr_el = {0x0,
0x0, 0x0, 0x0}}, {{
         tpidrurw_ns = 0x0, tpidrprw_ns = 0x0, htpidr = 0x0, _tpidr_el3
= 0x0}, tpidr_el = {0x0, 0x0, 0x0, 0x0}}, tpidrurw_s = 0x0, tpidrprw_s =
0x0, tpidruro_s = 0x0, {tpidruro_ns = 0x0, tpidrro_el = {0x0}},
c14_cntfrq = 0x3b9aca0,
     c14_cntkctl = 0x0, cnthctl_el2 = 0x3, cntvoff_el2 = 0x0, c14_timer
= {{cval = 0x0, ctl = 0x0}, {cval = 0x0, ctl = 0x0}, {cval = 0x0, ctl =
0x0}, {cval = 0x0, ctl = 0x0}}, c15_cpar = 0x0, c15_ticonfig = 0x0,
c15_i_max = 0x0,
     c15_i_min = 0x0, c15_threadid = 0x0, c15_config_base_address = 0x0,
c15_diagnostic = 0x0, c15_power_diagnostic = 0x0, c15_power_control =
0x0, dbgbvr = {0x0 <repeats 16 times>}, dbgbcr = {0x0 <repeats 16
times>}, dbgwvr = {
       0x0 <repeats 16 times>}, dbgwcr = {0x0 <repeats 16 times>},
mdscr_el1 = 0x0, oslsr_el1 = 0xa, mdcr_el2 = 0x0, mdcr_el3 = 0x0,
c15_ccnt = 0x0, c15_ccnt_delta = 0x0, c14_pmevcntr = {0x0 <repeats 31
times>}, c14_pmevcntr_delta = {
       0x0 <repeats 31 times>}, c14_pmevtyper = {0x0 <repeats 31
times>}, pmccfiltr_el0 = 0x0, vpidr_el2 = 0x410fc075, vmpidr_el2 =
0x80000001}, v7m = {other_sp = 0x0, other_ss_msp = 0x0, other_ss_psp =
0x0, vecbase = {0x0, 0x0},
     basepri = {0x0, 0x0}, control = {0x0, 0x0}, ccr = {0x0, 0x0}, cfsr
= {0x0, 0x0}, hfsr = 0x0, dfsr = 0x0, sfsr = 0x0, mmfar = {0x0, 0x0},
bfar = 0x0, sfar = 0x0, mpu_ctrl = {0x0, 0x0}, exception = 0x0, primask
= {0x0, 0x0},
     faultmask = {0x0, 0x0}, aircr = 0x0, secure = 0x0, csselr = {0x0,
0x0}, scr = {0x0, 0x0}, msplim = {0x0, 0x0}, psplim = {0x0, 0x0}, fpcar
= {0x0, 0x0}, fpccr = {0x0, 0x0}, fpdscr = {0x0, 0x0}, cpacr = {0x0,
0x0}, nsacr = 0x0},
   exception = {syndrome = 0x0, fsr = 0x0, vaddress = 0x0, target_el =
0x0}, serror = {pending = 0x0, has_esr = 0x0, esr = 0x0}, irq_line_state
= 0x0, teecr = 0x0, teehbr = 0x0, vfp = {zregs = {{d = {0x0, 0x0}}
<repeats 32 times>},
     qc = {0x0, 0x0, 0x0, 0x0}, vec_len = 0x0, vec_stride = 0x0, xregs =
{0x41023075, 0x0, 0x0, 0x0, 0x0, 0x0, 0x11111111, 0x10110222, 0x0, 0x0,
0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, scratch = {0x0, 0x0, 0x0, 0x0, 0x0, 0x0,
0x0, 0x0},
     fp_status = {float_detect_tininess = 0x1, float_rounding_mode =
0x0, float_exception_flags = 0x0, floatx80_rounding_precision = 0x0,
flush_to_zero = 0x0, flush_inputs_to_zero = 0x0, default_nan_mode = 0x0,
snan_bit_is_one = 0x0},
     fp_status_f16 = {float_detect_tininess = 0x1, float_rounding_mode =
0x0, float_exception_flags = 0x0, floatx80_rounding_precision = 0x0,
flush_to_zero = 0x0, flush_inputs_to_zero = 0x0, default_nan_mode = 0x0,
       snan_bit_is_one = 0x0}, standard_fp_status =
{float_detect_tininess = 0x1, float_rounding_mode = 0x0,
float_exception_flags = 0x0, floatx80_rounding_precision = 0x0,
flush_to_zero = 0x1, flush_inputs_to_zero = 0x1,
       default_nan_mode = 0x1, snan_bit_is_one = 0x0}, zcr_el = {0x0,
0x0, 0x0, 0x0}}, exclusive_addr = 0xffffffffffffffff, exclusive_val =
0x0, exclusive_high = 0x0, iwmmxt = {regs = {0x0 <repeats 16 times>},
val = 0x0, cregs = {
       0x0 <repeats 16 times>}}, cpu_breakpoint = {0x0 <repeats 16
times>}, cpu_watchpoint = {0x0 <repeats 16 times>}, end_reset_fields =
{<No data fields>}, features = 0xfd38fbe6f3, pmsav7 = {drbar = 0x0, drsr
= 0x0, dracr = 0x0,
     rnr = {0x0, 0x0}}, pmsav8 = {rbar = {0x0, 0x0}, rlar = {0x0, 0x0},
mair0 = {0x0, 0x0}, mair1 = {0x0, 0x0}}, sau = {rbar = 0x0, rlar = 0x0,
rnr = 0x0, ctrl = 0x0}, nvic = 0x0, boot_info = 0x5622af3a17a0,
gicv3state = 0x0}

> [1] http://www.orangepi.org/downloadresources/
> [2] https://buildroot.org/download.html
> [3] https://www.armbian.com/orange-pi-pc/



--
Niek Linnenbank

WWW: http://www.nieklinnenbank.nl/
BLOG: http://nieklinnenbank.wordpress.com/
FUN:    http://www.FreeNOS.org/