Philippe Mathieu-Daudé <phi...@linaro.org> writes:
> Commit 1585ab9f1ba ("hw/sd/sdcard: Fill SPI response bits in card
> code") exposed a bug in the SPI adapter: if no SD card is plugged,
> we shouldn't return any particular packet response, but the noise
> shifted on the MISO line. Return the dummy byte, otherwise we get:
>
> qemu-system-riscv64: ../hw/sd/ssi-sd.c:160: ssi_sd_transfer: Assertion
> `s->arglen > 0' failed.
>
> Reported-by: Guenter Roeck <li...@roeck-us.net>
> Fixes: 775616c3ae8 ("Partial SD card SPI mode support")
> Signed-off-by: Philippe Mathieu-Daudé <phi...@linaro.org>
> ---
> hw/sd/ssi-sd.c | 4 ++++
> 1 file changed, 4 insertions(+)
>
> diff --git a/hw/sd/ssi-sd.c b/hw/sd/ssi-sd.c
> index 594dead19ee..3aacbd03871 100644
> --- a/hw/sd/ssi-sd.c
> +++ b/hw/sd/ssi-sd.c
> @@ -89,6 +89,10 @@ static uint32_t ssi_sd_transfer(SSIPeripheral *dev,
> uint32_t val)
> SDRequest request;
> uint8_t longresp[5];
>
> + if (!sdbus_get_inserted(&s->sdbus)) {
> + return SSI_DUMMY;
> + }
> +
Seems fair although it's hard to track what is consuming this value. I
think we end up in ssi_transfer() which a surprising number of calls
don't even bother checking the return value, other just seem to | the
result when iterating across devices.
We should probably improve on the definitions of transfer/transfer_raw
and explain what the return value is.
Anyway:
Reviewed-by: Alex Bennée <alex.ben...@linaro.org>
> /*
> * Special case: allow CMD12 (STOP TRANSMISSION) while reading data.
> *
--
Alex Bennée
Virtualisation Tech Lead @ Linaro
