esp.c: fix premature end of phase logic esp_command_complete
There are two cases here: the first is when the TI command underflows, in which
case we raise INTR_BS to indicate an early change of phase, and the second is
when the TI command overflows because the host requested a transfer for more
data than is available. In the latter case force TC to zero so that the TI
completion logic executes correctly.
Signed-off-by: Mark Cave-Ayland <mark.cave-ayland@ilande.co.uk>
Tested-by: Helge Deller <deller@gmx.de>
Tested-by: Thomas Huth <thuth@redhat.com>
Message-Id: <20240112125420.514425-30-mark.cave-ayland@ilande.co.uk>
Signed-off-by: Mark Cave-Ayland <mark.cave-ayland@ilande.co.uk>
diff --git a/hw/scsi/esp.c b/hw/scsi/esp.c
index f20026c..c6151d3 100644
--- a/hw/scsi/esp.c
+++ b/hw/scsi/esp.c
@@ -887,7 +887,6 @@
if (s->ti_size != 0) {
trace_esp_command_complete_unexpected();
}
- s->ti_size = 0;
}
s->async_len = 0;
@@ -897,13 +896,26 @@
s->status = req->status;
/*
- * If the transfer is finished, switch to status phase. For non-DMA
- * transfers from the target the last byte is still in the FIFO
+ * Switch to status phase. For non-DMA transfers from the target the last
+ * byte is still in the FIFO
*/
+ esp_set_phase(s, STAT_ST);
if (s->ti_size == 0) {
- esp_set_phase(s, STAT_ST);
+ /*
+ * Transfer complete: force TC to zero just in case a TI command was
+ * requested for more data than the command returns (Solaris 8 does
+ * this)
+ */
+ esp_set_tc(s, 0);
esp_dma_done(s);
- esp_lower_drq(s);
+ } else {
+ /*
+ * Transfer truncated: raise INTR_BS to indicate early change of
+ * phase
+ */
+ s->rregs[ESP_RINTR] |= INTR_BS;
+ esp_raise_irq(s);
+ s->ti_size = 0;
}
if (s->current_req) {