xref: /freebsd/sys/dev/aic7xxx/aic79xx.seq (revision c59c8a72cf6cd2f6d421d57846292d700c50f59b)

/*
 * Adaptec U320 device driver firmware for Linux and FreeBSD.
 *
 * Copyright (c) 1994-2001 Justin T. Gibbs.
 * Copyright (c) 2000-2002 Adaptec Inc.
 * All rights reserved.
 *
 * Redistribution and use in source and binary forms, with or without
 * modification, are permitted provided that the following conditions
 * are met:
 * 1. Redistributions of source code must retain the above copyright
 *    notice, this list of conditions, and the following disclaimer,
 *    without modification.
 * 2. Redistributions in binary form must reproduce at minimum a disclaimer
 *    substantially similar to the "NO WARRANTY" disclaimer below
 *    ("Disclaimer") and any redistribution must be conditioned upon
 *    including a substantially similar Disclaimer requirement for further
 *    binary redistribution.
 * 3. Neither the names of the above-listed copyright holders nor the names
 *    of any contributors may be used to endorse or promote products derived
 *    from this software without specific prior written permission.
 *
 * Alternatively, this software may be distributed under the terms of the
 * GNU General Public License ("GPL") version 2 as published by the Free
 * Software Foundation.
 *
 * NO WARRANTY
 * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
 * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
 * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTIBILITY AND FITNESS FOR
 * A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
 * HOLDERS OR CONTRIBUTORS BE LIABLE FOR SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
 * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING
 * IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
 * POSSIBILITY OF SUCH DAMAGES.
 *
 * $FreeBSD$
 */

VERSION = "$Id: //depot/aic7xxx/aic7xxx/aic79xx.seq#60 $"
PATCH_ARG_LIST = "struct ahd_softc *ahd"
PREFIX = "ahd_"

#include "aic79xx.reg"
#include "scsi_message.h"

idle_loop:
	SET_MODE(M_SCSI, M_SCSI)
	test	SCSISEQ0, ENSELO|ENARBO jnz idle_loop_checkbus;
	test	SEQ_FLAGS2, SELECTOUT_QFROZEN jnz idle_loop_checkbus;
	cmp	WAITING_TID_HEAD[1], SCB_LIST_NULL je idle_loop_checkbus;
	/*
	 * ENSELO is cleared by a SELDO, so we must test for SELDO
	 * one last time.
	 */
BEGIN_CRITICAL;
	test	SSTAT0, SELDO jnz select_out;
END_CRITICAL;
	call	start_selection;
idle_loop_checkbus:
BEGIN_CRITICAL;
	test	SSTAT0, SELDO jnz select_out;
END_CRITICAL;
	test	SSTAT0, SELDI jnz select_in;
	test	SCSIPHASE, ~DATA_PHASE_MASK jz idle_loop_check_nonpackreq;
	test	SCSISIGO, ATNO jz idle_loop_check_nonpackreq;
	call	unexpected_nonpkt_phase_find_ctxt;
idle_loop_check_nonpackreq:
	test	SSTAT2, NONPACKREQ jz idle_loop_scsi;
	call	unexpected_nonpkt_phase_find_ctxt;
idle_loop_scsi:
BEGIN_CRITICAL;
	test	LQISTAT2, LQIGSAVAIL jz idle_loop_service_fifos;
	/*
	 * We have received good status for this transaction.  There may
	 * still be data in our FIFOs draining to the host.  Setup
	 * monitoring of the draining process or complete the SCB.
	 */
good_status_IU_done:
	bmov	SCBPTR, GSFIFO, 2;
	clr	SCB_SCSI_STATUS;
	or	SCB_CONTROL, STATUS_RCVD;

	/*
	 * Since this status did not consume a FIFO, we have to
	 * be a bit more dilligent in how we check for FIFOs pertaining
	 * to this transaction.  There are three states that a FIFO still
	 * transferring data may be in.
	 *
	 * 1) Configured and draining to the host, with a pending CLRCHN.
	 * 2) Configured and draining to the host, no pending CLRCHN.
	 * 3) Pending cfg4data, fifo not empty.
	 *
	 * Cases 1 and 2 can be detected by noticing that a longjmp is
	 * active for the FIFO and LONGJMP_SCB matches our SCB.  In this
	 * case, we allow the routine servicing the FIFO to complete the SCB.
	 *
	 * Case 3 implies either a pending or yet to occur save data
	 * pointers for this same context in the other FIFO.  So, if
	 * we detect case 2, we will properly defer the post of the SCB
	 * and achieve the desired result.  The pending cfg4data will
	 * notice that status has been received and complete the SCB.
	 */
	test	SCB_SGPTR, SG_LIST_NULL jz good_status_check_fifos;
	/*
	 * All segments have been loaded (or no data transfer), so
	 * it is safe to complete the command.  Since this was a
	 * cheap command to check for completion, loop to see if
	 * more entries can be removed from the GSFIFO.
	 */
	call	complete;
END_CRITICAL;
	jmp	idle_loop_scsi;
BEGIN_CRITICAL;
good_status_check_fifos:
	clc;
	bmov	ARG_1, SCBPTR, 2;
	SET_MODE(M_DFF0, M_DFF0)
	call	check_fifo;
	jc	idle_loop_service_fifos;
	SET_MODE(M_DFF1, M_DFF1)
	call	check_fifo;
	jc	idle_loop_service_fifos;
	SET_MODE(M_SCSI, M_SCSI)
	call	queue_scb_completion;
END_CRITICAL;
idle_loop_service_fifos:
	SET_MODE(M_DFF0, M_DFF0)
	test	LONGJMP_ADDR[1], INVALID_ADDR jnz idle_loop_next_fifo;
	call	longjmp;
idle_loop_next_fifo:
	SET_MODE(M_DFF1, M_DFF1)
	test	LONGJMP_ADDR[1], INVALID_ADDR jnz idle_loop_last_fifo_done;
	call	longjmp;
idle_loop_last_fifo_done:
	call	idle_loop_cchan;
	jmp	idle_loop;

idle_loop_cchan:
	SET_MODE(M_CCHAN, M_CCHAN)
BEGIN_CRITICAL;
	test	CCSCBCTL, CCARREN|CCSCBEN jz scbdma_idle;
	test	CCSCBCTL, CCSCBDIR jnz fetch_new_scb_inprog;
	test	CCSCBCTL, CCSCBDONE jz return;
END_CRITICAL;
	/* FALLTHROUGH */
scbdma_tohost_done:
	test	CCSCBCTL, CCARREN jz fill_qoutfifo_dmadone;
	/*
	 * A complete SCB upload requires no intervention.
	 * The SCB is already on the COMPLETE_SCB list
	 * and its completion notification will now be
	 * handled just like any other SCB.
	 */
	and	CCSCBCTL, ~(CCARREN|CCSCBEN) ret;
fill_qoutfifo_dmadone:
	and	CCSCBCTL, ~(CCARREN|CCSCBEN);
	mvi	INTSTAT, CMDCMPLT;
	mvi	COMPLETE_SCB_DMAINPROG_HEAD[1], SCB_LIST_NULL;
	bmov	QOUTFIFO_NEXT_ADDR, SCBHADDR, 4;
	test	QOFF_CTLSTA, SDSCB_ROLLOVR jz return;
	bmov	QOUTFIFO_NEXT_ADDR, SHARED_DATA_ADDR, 4;
	xor	QOUTFIFO_ENTRY_VALID_TAG, QOUTFIFO_ENTRY_VALID_TOGGLE ret;

BEGIN_CRITICAL;
fetch_new_scb_inprog:
	test	CCSCBCTL, ARRDONE jz return;
fetch_new_scb_done:
	and	CCSCBCTL, ~(CCARREN|CCSCBEN);
	bmov	REG0, SCBPTR, 2;
	/* Update the next SCB address to download. */
	bmov	NEXT_QUEUED_SCB_ADDR, SCB_NEXT_SCB_BUSADDR, 4;
	mvi	SCB_NEXT[1], SCB_LIST_NULL;
	mvi	SCB_NEXT2[1], SCB_LIST_NULL;
	/*
	 * SCBs that want to send messages are always
	 * queued independently.  This ensures that they
	 * are at the head of the SCB list to select out
	 * to a target and we will see the MK_MESSAGE flag.
	 */
	test	SCB_CONTROL, MK_MESSAGE jnz first_new_target_scb;
	shr	SINDEX, 3, SCB_SCSIID;
	and	SINDEX, ~0x1;
	mvi	SINDEX[1], (WAITING_SCB_TAILS >> 8);
	bmov	DINDEX, SINDEX, 2;
	bmov	SCBPTR, SINDIR, 2;
	bmov	DINDIR, REG0, 2;
	cmp	SCBPTR[1], SCB_LIST_NULL je first_new_target_scb;
	bmov	SCB_NEXT, REG0, 2;
fetch_new_scb_fini:
	/* Increment our position in the QINFIFO. */
	mov	NONE, SNSCB_QOFF ret;
first_new_target_scb:
	cmp	WAITING_TID_HEAD[1], SCB_LIST_NULL je first_new_scb;
	bmov	SCBPTR, WAITING_TID_TAIL, 2;
	bmov	SCB_NEXT2, REG0, 2;
	bmov	WAITING_TID_TAIL, REG0, 2;
	/* Increment our position in the QINFIFO. */
	mov	NONE, SNSCB_QOFF ret;
first_new_scb:
	bmov	WAITING_TID_HEAD, REG0, 2;
	bmov	WAITING_TID_TAIL, REG0, 2;
	/* Increment our position in the QINFIFO. */
	mov	NONE, SNSCB_QOFF ret;
END_CRITICAL;

scbdma_idle:
	/*
	 * Give precedence to downloading new SCBs to execute
	 * unless select-outs are currently frozen.
	 * XXX Use a timer to prevent completion starvation.
	 */
	test	SEQ_FLAGS2, SELECTOUT_QFROZEN jnz . + 2;
BEGIN_CRITICAL;
	test	QOFF_CTLSTA, NEW_SCB_AVAIL jnz fetch_new_scb;
	cmp	COMPLETE_DMA_SCB_HEAD[1], SCB_LIST_NULL jne dma_complete_scb;
	cmp	COMPLETE_SCB_HEAD[1], SCB_LIST_NULL je return;
	/* FALLTHROUGH */
fill_qoutfifo:
	/*
	 * Keep track of the SCBs we are dmaing just
	 * in case the DMA fails or is aborted.
	 */
	mov	A, QOUTFIFO_ENTRY_VALID_TAG;
	bmov	COMPLETE_SCB_DMAINPROG_HEAD, COMPLETE_SCB_HEAD, 2;
	mvi	CCSCBCTL, CCSCBRESET;
	bmov	SCBHADDR, QOUTFIFO_NEXT_ADDR, 4;
	mov	CCSCBRAM, COMPLETE_SCB_HEAD;
	or	CCSCBRAM, A, COMPLETE_SCB_HEAD[1];
	bmov	SCBPTR, COMPLETE_SCB_HEAD, 2;
	jmp	fill_qoutfifo_first_entry;
fill_qoutfifo_loop:
	mov	CCSCBRAM, SCB_NEXT_COMPLETE;
	or	CCSCBRAM, A, SCB_NEXT_COMPLETE[1];
	bmov	SCBPTR, SCB_NEXT_COMPLETE, 2;
fill_qoutfifo_first_entry:
	mov	NONE, SDSCB_QOFF;
	cmp	SCB_NEXT_COMPLETE[1], SCB_LIST_NULL je fill_qoutfifo_done;
	cmp	CCSCBADDR, CCSCBADDR_MAX je fill_qoutfifo_done;
	test	QOFF_CTLSTA, SDSCB_ROLLOVR jz fill_qoutfifo_loop;
fill_qoutfifo_done:
	mov	SCBHCNT, CCSCBADDR;
	mvi	CCSCBCTL, CCSCBEN|CCSCBRESET;
	bmov	COMPLETE_SCB_HEAD, SCB_NEXT_COMPLETE, 2;
	mvi	SCB_NEXT_COMPLETE[1], SCB_LIST_NULL ret;

fetch_new_scb:
	bmov	SCBHADDR, NEXT_QUEUED_SCB_ADDR, 4;
	mvi	CCARREN|CCSCBEN|CCSCBDIR|CCSCBRESET jmp dma_scb;
dma_complete_scb:
	bmov	SCBPTR, COMPLETE_DMA_SCB_HEAD, 2;
	bmov	SCBHADDR, SCB_BUSADDR, 4;
	mvi	CCARREN|CCSCBEN|CCSCBRESET call dma_scb;
	/*
	 * Now that we've started the DMA, push us onto
	 * the normal completion queue to have our SCBID
	 * posted to the kernel.
	 */
	bmov	COMPLETE_DMA_SCB_HEAD, SCB_NEXT_COMPLETE, 2;
	bmov	SCB_NEXT_COMPLETE, COMPLETE_SCB_HEAD, 2;
	bmov	COMPLETE_SCB_HEAD, SCBPTR, 2 ret;
END_CRITICAL;

/*
 * Either post or fetch an SCB from host memory.  The caller
 * is responsible for polling for transfer completion.
 *
 * Prerequisits: Mode == M_CCHAN
 *		 SINDEX contains CCSCBCTL flags
 *		 SCBHADDR set to Host SCB address
 *		 SCBPTR set to SCB src location on "push" operations
 */
SET_SRC_MODE	M_CCHAN;
SET_DST_MODE	M_CCHAN;
dma_scb:
	mvi	SCBHCNT, SCB_TRANSFER_SIZE;
	mov	CCSCBCTL, SINDEX ret;

BEGIN_CRITICAL;
setjmp_setscb:
	bmov	LONGJMP_SCB, SCBPTR, 2;
setjmp:
	bmov	LONGJMP_ADDR, STACK, 2 ret;
setjmp_inline:
	bmov	LONGJMP_ADDR, STACK, 2;
longjmp:
	bmov	STACK, LONGJMP_ADDR, 2 ret;
END_CRITICAL;

/************************ Packetized LongJmp Routines *************************/
/*
 * Must disable interrupts when setting the mode pointer
 * register as an interrupt occurring mid update will
 * fail to store the new mode value for restoration on
 * an iret.
 */
if ((ahd->bugs & AHD_SET_MODE_BUG) != 0) {
set_mode_work_around:
	mvi	SEQINTCTL, INTVEC1DSL;
	mov	MODE_PTR, SINDEX;
	clr	SEQINTCTL ret;

toggle_dff_mode_work_around:
	mvi	SEQINTCTL, INTVEC1DSL;
	xor	MODE_PTR, MK_MODE(M_DFF1, M_DFF1);
	clr	SEQINTCTL ret;
}

SET_SRC_MODE	M_SCSI;
SET_DST_MODE	M_SCSI;
start_selection:
BEGIN_CRITICAL;
	if ((ahd->bugs & AHD_SENT_SCB_UPDATE_BUG) != 0) {
		/*
		 * Razor #494
		 * Rev A hardware fails to update LAST/CURR/NEXTSCB
		 * correctly after a packetized selection in several
		 * situations:
		 *
		 * 1) If only one command existed in the queue, the
		 *    LAST/CURR/NEXTSCB are unchanged.
		 *
		 * 2) In a non QAS, protocol allowed phase change,
		 *    the queue is shifted 1 too far.  LASTSCB is
		 *    the last SCB that was correctly processed.
		 *
		 * 3) In the QAS case, if the full list of commands
		 *    was successfully sent, NEXTSCB is NULL and neither
		 *    CURRSCB nor LASTSCB can be trusted.  We must
		 *    manually walk the list counting MAXCMDCNT elements
		 *    to find the last SCB that was sent correctly.
		 *
		 * To simplify the workaround for this bug in SELDO
		 * handling, we initialize LASTSCB prior to enabling
		 * selection so we can rely on it even for case #1 above.
		 */
		bmov	LASTSCB, WAITING_TID_HEAD, 2;
	}
	bmov	CURRSCB, WAITING_TID_HEAD, 2;
	bmov	SCBPTR, WAITING_TID_HEAD, 2;
	shr	SELOID, 4, SCB_SCSIID;
	/*
	 * If we want to send a message to the device, ensure
	 * we are selecting with atn irregardless of our packetized
	 * agreement.  Since SPI4 only allows target reset or PPR
	 * messages if this is a packetized connection, the change
	 * to our negotiation table entry for this selection will
	 * be cleared when the message is acted on.
	 */
	test	SCB_CONTROL, MK_MESSAGE jz . + 3;
	mov	NEGOADDR, SELOID;
	or	NEGCONOPTS, ENAUTOATNO;
	or	SCSISEQ0, ENSELO ret;
END_CRITICAL;

/*
 * Allocate a FIFO for a non-packetized transaction.
 * For some reason unkown to me, both FIFOs must be free before we
 * can allocate a FIFO for a non-packetized transaction.  This
 * may be fixed in Rev B.
 */
allocate_fifo_loop:
	/*
	 * Do whatever work is required to free a FIFO.
	 */
	SET_MODE(M_DFF0, M_DFF0)
	test	LONGJMP_ADDR[1], INVALID_ADDR jnz . + 2;
	call	longjmp;
	SET_MODE(M_DFF1, M_DFF1)
	test	LONGJMP_ADDR[1], INVALID_ADDR jnz . + 2;
	call	longjmp;
	SET_MODE(M_SCSI, M_SCSI)
allocate_fifo:
	and	A, FIFO0FREE|FIFO1FREE, DFFSTAT;
	cmp	A, FIFO0FREE|FIFO1FREE jne allocate_fifo_loop;
take_fifo:
	or	DFFSTAT, CURRFIFO;
	SET_MODE(M_DFF1, M_DFF1)
	bmov	SCBPTR, ALLOCFIFO_SCBPTR, 2 ret;

/*
 * We have been reselected as an initiator
 * or selected as a target.
 */
SET_SRC_MODE	M_SCSI;
SET_DST_MODE	M_SCSI;
select_in:
	if ((ahd->bugs & AHD_BUSFREEREV_BUG) != 0) {
		/*
		 * This exposes a window whereby a
		 * busfree just after a selection will
		 * be missed, but there is not other safe
		 * way to enable busfree detection if
		 * the busfreerev function is broken.
		 */
		mvi	CLRSINT1,CLRBUSFREE;
		or	SIMODE1, ENBUSFREE;
	}
	or	SXFRCTL0, SPIOEN;
	and	SAVED_SCSIID, SELID_MASK, SELID;
	and	A, OID, IOWNID;
	or	SAVED_SCSIID, A;
	mvi	CLRSINT0, CLRSELDI;
	jmp	ITloop;

/*
 * We have successfully selected out.
 *
 * Clear SELDO.
 * Dequeue all SCBs sent from the waiting queue
 * Requeue all SCBs *not* sent to the tail of the waiting queue
 * Take Razor #494 into account for above.
 *
 * In Packetized Mode:
 *	Return to the idle loop.  Our interrupt handler will take
 *	care of any incoming L_Qs.
 *
 * In Non-Packetize Mode:
 *	Continue to our normal state machine.
 */
SET_SRC_MODE	M_SCSI;
SET_DST_MODE	M_SCSI;
select_out:
BEGIN_CRITICAL;
	/* Clear out all SCBs that have been successfully sent. */
	if ((ahd->bugs & AHD_SENT_SCB_UPDATE_BUG) != 0) {
		/*
		 * For packetized, the LQO manager clears ENSELO on
		 * the assertion of SELDO.  If we are non-packetized,
		 * LASTSCB and CURRSCB are acuate.
		 */
		test	SCSISEQ0, ENSELO jnz use_lastscb;

		/*
		 * The update is correct for LQOSTAT1 errors.  All
		 * but LQOBUSFREE are handled by kernel interrupts.
		 * If we see LQOBUSFREE, return to the idle loop.
		 * Once we are out of the select_out critical section,
		 * the kernel will cleanup the LQOBUSFREE and we will
		 * eventually restart the selection if appropriate.
		 */
		test	LQOSTAT1, LQOBUSFREE jnz idle_loop;

		/*
		 * On a phase change oustside of packet boundaries,
		 * LASTSCB points to the currently active SCB context
		 * on the bus.
		 */
		test	LQOSTAT2, LQOPHACHGOUTPKT jnz use_lastscb;

		/*
		 * If the hardware has traversed the whole list, NEXTSCB
		 * will be NULL, CURRSCB and LASTSCB cannot be trusted,
		 * but MAXCMDCNT is accurate.  If we stop part way through
		 * the list or only had one command to issue, NEXTSCB[1] is
		 * not NULL and LASTSCB is the last command to go out.
		 */
		cmp	NEXTSCB[1], SCB_LIST_NULL jne use_lastscb;

		/*
		 * Brute force walk.
		 */
		bmov	SCBPTR, WAITING_TID_HEAD, 2;
		mvi	SEQINTCTL, INTVEC1DSL;
		mvi	MODE_PTR, MK_MODE(M_CFG, M_CFG);
		mov	A, MAXCMDCNT;
		mvi	MODE_PTR, MK_MODE(M_SCSI, M_SCSI);
		clr	SEQINTCTL;
find_lastscb_loop:
		dec	A;
		test	A, 0xFF jz found_last_sent_scb;
		bmov	SCBPTR, SCB_NEXT, 2;
		jmp	find_lastscb_loop;
use_lastscb:
		bmov	SCBPTR, LASTSCB, 2;
found_last_sent_scb:
		bmov	CURRSCB, SCBPTR, 2;
curscb_ww_done:
	} else {
		/*
		 * Untested - Verify with Rev B.
		 */
		bmov	SCBPTR, CURRSCB, 2;
	}
	/*
	 * Requeue any SCBs not sent, to the tail of the waiting Q.
	 */
	cmp	SCB_NEXT[1], SCB_LIST_NULL je select_out_list_done;

	/*
	 * We know that neither the per-TID list nor the list of
	 * TIDs is empty.  Use this knowledge to our advantage.
	 */
	bmov	REG0, SCB_NEXT, 2;
	bmov	SCBPTR, WAITING_TID_TAIL, 2;
	bmov	SCB_NEXT2, REG0, 2;
	bmov	WAITING_TID_TAIL, REG0, 2;
	jmp	select_out_inc_tid_q;

select_out_list_done:
	/*
	 * The whole list made it.  Just clear our TID's tail pointer
	 * unless we were queued independently due to our need to
	 * send a message.
	 */
	test	SCB_CONTROL, MK_MESSAGE jnz select_out_inc_tid_q;
	shr	DINDEX, 3, SCB_SCSIID;
	or	DINDEX, 1;	/* Want only the second byte */
	mvi	DINDEX[1], ((WAITING_SCB_TAILS) >> 8);
	mvi	DINDIR, SCB_LIST_NULL;
select_out_inc_tid_q:
	bmov	SCBPTR, WAITING_TID_HEAD, 2;
	bmov	WAITING_TID_HEAD, SCB_NEXT2, 2;
	cmp	WAITING_TID_HEAD[1], SCB_LIST_NULL jne . + 2;
	mvi	WAITING_TID_TAIL[1], SCB_LIST_NULL;
	bmov	SCBPTR, CURRSCB, 2;
END_CRITICAL;

	mvi	CLRSINT0, CLRSELDO;

	test	LQOSTAT2, LQOPHACHGOUTPKT jnz unexpected_nonpkt_phase;
	test	LQOSTAT1, LQOPHACHGINPKT jnz unexpected_nonpkt_phase;

	/*
	 * If this is a packetized connection, return to our
	 * idle_loop and let our interrupt handler deal with
	 * any connection setup/teardown issues.  The only
	 * exception is the case of MK_MESSAGE SCBs.  In the
	 * A, the LQO manager transitions to LQOSTOP0 even if
	 * we have selected out with ATN asserted and the target
	 * REQs in a non-packet phase.
	 */
	if ((ahd->bugs & AHD_LQO_ATNO_BUG) != 0) {
		test 	SCB_CONTROL, MK_MESSAGE jz select_out_no_message;
		test	SCSISIGO, ATNO jnz select_out_non_packetized;
select_out_no_message:
	}
	test	LQOSTAT2, LQOSTOP0 jnz idle_loop;

select_out_non_packetized:
	/* Non packetized request. */
	and     SCSISEQ0, ~ENSELO;
	if ((ahd->bugs & AHD_BUSFREEREV_BUG) != 0) {
		/*
		 * This exposes a window whereby a
		 * busfree just after a selection will
		 * be missed, but there is not other safe
		 * way to enable busfree detection if
		 * the busfreerev function is broken.
		 */
		mvi	CLRSINT1,CLRBUSFREE;
		or	SIMODE1, ENBUSFREE;
	}
	mov	SAVED_SCSIID, SCB_SCSIID;
	mov	SAVED_LUN, SCB_LUN;
	or	SXFRCTL0, SPIOEN;

	/*
	 * As soon as we get a successful selection, the target
	 * should go into the message out phase since we have ATN
	 * asserted.
	 */
	mvi	MSG_OUT, MSG_IDENTIFYFLAG;
	mvi	SEQ_FLAGS, NO_CDB_SENT;

	/*
	 * Main loop for information transfer phases.  Wait for the
	 * target to assert REQ before checking MSG, C/D and I/O for
	 * the bus phase.
	 */
mesgin_phasemis:
ITloop:
	call	phase_lock;

	mov	A, LASTPHASE;

	test	A, ~P_DATAIN_DT	jz p_data;
	cmp	A,P_COMMAND	je p_command;
	cmp	A,P_MESGOUT	je p_mesgout;
	cmp	A,P_STATUS	je p_status;
	cmp	A,P_MESGIN	je p_mesgin;

	mvi	SEQINTCODE, BAD_PHASE;
	jmp	ITloop;			/* Try reading the bus again. */

/*
 * Command phase.  Set up the DMA registers and let 'er rip.
 */
p_command:
SET_SRC_MODE	M_DFF1;
SET_DST_MODE	M_DFF1;
	test	MODE_PTR, ~(MK_MODE(M_DFF1, M_DFF1))
		jnz p_command_allocate_fifo;
	/*
	 * Command retry.  Free our current FIFO and
	 * re-allocate a FIFO so transfer state is
	 * reset.
	 */
	mvi	DFFSXFRCTL, RSTCHN|CLRSHCNT;
p_command_allocate_fifo:
	bmov	ALLOCFIFO_SCBPTR, SCBPTR, 2;
	call	allocate_fifo;
	add	NONE, -17, SCB_CDB_LEN;
	jnc	p_command_embedded;
p_command_from_host:
	bmov	HADDR[0], SCB_CDB_PTR, 11;
	mvi	SG_CACHE_PRE, LAST_SEG;
	mvi	DFCNTRL, (PRELOADEN|SCSIEN|HDMAEN);
	jmp	p_command_loop;
p_command_embedded:
	bmov	SHCNT[0], SCB_CDB_LEN,  1;
	bmov	SHCNT[1], ALLZEROS, 2;
	bmov	DFDAT, SCB_CDB_STORE, 16;
	mvi	DFCNTRL, SCSIEN;
p_command_loop:
	test	DFCNTRL, SCSIEN jnz p_command_loop;
	/*
	 * DMA Channel automatically disabled.
	 * Don't allow a data phase if the command
	 * was not fully transferred.  Make sure that
	 * we clear the IDENTIFY SEEN flag if a retry
	 * falls short too.
	 */
	and	SEQ_FLAGS, ~NO_CDB_SENT;
	test	SSTAT2, SDONE jnz ITloop;
	or	SEQ_FLAGS, NO_CDB_SENT;
	jmp	ITloop;


/*
 * Status phase.  Wait for the data byte to appear, then read it
 * and store it into the SCB.
 */
SET_SRC_MODE	M_SCSI;
SET_DST_MODE	M_SCSI;
p_status:
	test	SEQ_FLAGS,NOT_IDENTIFIED jz p_status_okay;
	mvi	SEQINTCODE, PROTO_VIOLATION;
	jmp	mesgin_done;
p_status_okay:
	mov	SCB_SCSI_STATUS, SCSIDAT;
	or	SCB_CONTROL, STATUS_RCVD;
	jmp	ITloop;

/*
 * Message out phase.  If MSG_OUT is MSG_IDENTIFYFLAG, build a full
 * indentify message sequence and send it to the target.  The host may
 * override this behavior by setting the MK_MESSAGE bit in the SCB
 * control byte.  This will cause us to interrupt the host and allow
 * it to handle the message phase completely on its own.  If the bit
 * associated with this target is set, we will also interrupt the host,
 * thereby allowing it to send a message on the next selection regardless
 * of the transaction being sent.
 *
 * If MSG_OUT is == HOST_MSG, also interrupt the host and take a message.
 * This is done to allow the host to send messages outside of an identify
 * sequence while protecting the seqencer from testing the MK_MESSAGE bit
 * on an SCB that might not be for the current nexus. (For example, a
 * BDR message in responce to a bad reselection would leave us pointed to
 * an SCB that doesn't have anything to do with the current target).
 *
 * Otherwise, treat MSG_OUT as a 1 byte message to send (abort, abort tag,
 * bus device reset).
 *
 * When there are no messages to send, MSG_OUT should be set to MSG_NOOP,
 * in case the target decides to put us in this phase for some strange
 * reason.
 */
p_mesgout_retry:
	/* Turn on ATN for the retry */
	mvi	SCSISIGO, ATNO;
p_mesgout:
	mov	SINDEX, MSG_OUT;
	cmp	SINDEX, MSG_IDENTIFYFLAG jne p_mesgout_from_host;
	test	SCB_CONTROL,MK_MESSAGE	jnz host_message_loop;
p_mesgout_identify:
	or	SINDEX, MSG_IDENTIFYFLAG|DISCENB, SCB_LUN;
	test	SCB_CONTROL, DISCENB jnz . + 2;
	and	SINDEX, ~DISCENB;
/*
 * Send a tag message if TAG_ENB is set in the SCB control block.
 * Use SCB_NONPACKET_TAG as the tag value.
 */
p_mesgout_tag:
	test	SCB_CONTROL,TAG_ENB jz  p_mesgout_onebyte;
	mov	SCSIDAT, SINDEX;	/* Send the identify message */
	call	phase_lock;
	cmp	LASTPHASE, P_MESGOUT	jne p_mesgout_done;
	and	SCSIDAT,TAG_ENB|SCB_TAG_TYPE,SCB_CONTROL;
	call	phase_lock;
	cmp	LASTPHASE, P_MESGOUT	jne p_mesgout_done;
	mov	SCBPTR jmp p_mesgout_onebyte;
/*
 * Interrupt the driver, and allow it to handle this message
 * phase and any required retries.
 */
p_mesgout_from_host:
	cmp	SINDEX, HOST_MSG	jne p_mesgout_onebyte;
	jmp	host_message_loop;

p_mesgout_onebyte:
	mvi	CLRSINT1, CLRATNO;
	mov	SCSIDAT, SINDEX;

/*
 * If the next bus phase after ATN drops is message out, it means
 * that the target is requesting that the last message(s) be resent.
 */
	call	phase_lock;
	cmp	LASTPHASE, P_MESGOUT	je p_mesgout_retry;

p_mesgout_done:
	mvi	CLRSINT1,CLRATNO;	/* Be sure to turn ATNO off */
	mov	LAST_MSG, MSG_OUT;
	mvi	MSG_OUT, MSG_NOOP;	/* No message left */
	jmp	ITloop;

/*
 * Message in phase.  Bytes are read using Automatic PIO mode.
 */
p_mesgin:
	/* read the 1st message byte */
	mvi	ACCUM		call inb_first;

	test	A,MSG_IDENTIFYFLAG	jnz mesgin_identify;
	cmp	A,MSG_DISCONNECT	je mesgin_disconnect;
	cmp	A,MSG_SAVEDATAPOINTER	je mesgin_sdptrs;
	cmp	ALLZEROS,A		je mesgin_complete;
	cmp	A,MSG_RESTOREPOINTERS	je mesgin_rdptrs;
	cmp	A,MSG_IGN_WIDE_RESIDUE	je mesgin_ign_wide_residue;
	cmp	A,MSG_NOOP		je mesgin_done;

/*
 * Pushed message loop to allow the kernel to
 * run it's own message state engine.  To avoid an
 * extra nop instruction after signaling the kernel,
 * we perform the phase_lock before checking to see
 * if we should exit the loop and skip the phase_lock
 * in the ITloop.  Performing back to back phase_locks
 * shouldn't hurt, but why do it twice...
 */
host_message_loop:
	call	phase_lock;	/* Benign the first time through. */
	mvi	SEQINTCODE, HOST_MSG_LOOP;
	cmp	RETURN_1, EXIT_MSG_LOOP	je ITloop;
	cmp	RETURN_1, CONT_MSG_LOOP_WRITE	jne . + 3;
	mov	SCSIDAT, RETURN_2;
	jmp	host_message_loop;
	/* Must be CONT_MSG_LOOP_READ */
	mov	NONE, SCSIDAT;	/* ACK Byte */
	jmp	host_message_loop;

mesgin_ign_wide_residue:
	shr	NEGOADDR, 4, SAVED_SCSIID;
	test	NEGCONOPTS, WIDEXFER jz mesgin_reject;
	/* Pull the residue byte */
	mvi	REG0	call inb_next;
	cmp	REG0, 0x01 jne mesgin_reject;
	test	SCB_RESIDUAL_SGPTR[0], SG_LIST_NULL jz . + 2;
	test	DATA_COUNT_ODD, 0x1	jz mesgin_done;
	mvi	SEQINTCODE, IGN_WIDE_RES;
	jmp	mesgin_done;

mesgin_reject:
	mvi	MSG_MESSAGE_REJECT	call mk_mesg;
mesgin_done:
	mov	NONE,SCSIDAT;		/*dummy read from latch to ACK*/
	jmp	ITloop;

#define INDEX_DISC_LIST(scsiid, lun)					\
	and	A, 0xC0, scsiid;					\
	or	SCBPTR, A, lun;						\
	clr	SCBPTR[1];						\
	and	SINDEX, 0x30, scsiid;					\
	shr	SINDEX, 3;	/* Multiply by 2 */			\
	add	SINDEX, (SCB_DISCONNECTED_LISTS & 0xFF);		\
	mvi	SINDEX[1], ((SCB_DISCONNECTED_LISTS >> 8) & 0xFF)

mesgin_identify:
	/*
	 * Determine whether a target is using tagged or non-tagged
	 * transactions by first looking at the transaction stored in
	 * the per-device, disconnected array.  If there is no untagged
	 * transaction for this target, this must be a tagged transaction.
	 */
	and	SAVED_LUN, MSG_IDENTIFY_LUNMASK, A;
	INDEX_DISC_LIST(SAVED_SCSIID, SAVED_LUN);
	bmov	DINDEX, SINDEX, 2;
	bmov	REG0, SINDIR, 2;
	cmp	REG0[1], SCB_LIST_NULL je snoop_tag;
	/* Untagged.  Clear the busy table entry and setup the SCB. */
	bmov	DINDIR, ALLONES, 2;
	bmov	SCBPTR, REG0, 2;
	jmp	setup_SCB;

/*
 * Here we "snoop" the bus looking for a SIMPLE QUEUE TAG message.
 * If we get one, we use the tag returned to find the proper
 * SCB.  After receiving the tag, look for the SCB at SCB locations tag and
 * tag + 256.
 */
snoop_tag:
	if ((ahd->flags & AHD_SEQUENCER_DEBUG) != 0) {
		or	SEQ_FLAGS, 0x80;
	}
	mov	NONE, SCSIDAT;		/* ACK Identify MSG */
	call	phase_lock;
	if ((ahd->flags & AHD_SEQUENCER_DEBUG) != 0) {
		or	SEQ_FLAGS, 0x1;
	}
	cmp	LASTPHASE, P_MESGIN	jne not_found_ITloop;
	if ((ahd->flags & AHD_SEQUENCER_DEBUG) != 0) {
		or	SEQ_FLAGS, 0x2;
	}
	cmp	SCSIBUS, MSG_SIMPLE_Q_TAG jne not_found;
get_tag:
	clr	SCBPTR[1];
	mvi	SCBPTR	call inb_next;	/* tag value */
verify_scb:
	test	SCB_CONTROL,DISCONNECTED jz verify_other_scb;
	mov	A, SAVED_SCSIID;
	cmp	SCB_SCSIID, A jne verify_other_scb;
	mov	A, SAVED_LUN;
	cmp	SCB_LUN, A je setup_SCB_disconnected;
verify_other_scb:
	xor	SCBPTR[1], 1;
	test	SCBPTR[1], 0xFF jnz verify_scb;
	jmp	not_found;

/*
 * Ensure that the SCB the tag points to is for
 * an SCB transaction to the reconnecting target.
 */
setup_SCB:
	if ((ahd->flags & AHD_SEQUENCER_DEBUG) != 0) {
		or	SEQ_FLAGS, 0x10;
	}
	test	SCB_CONTROL,DISCONNECTED jz not_found;
setup_SCB_disconnected:
	and	SCB_CONTROL,~DISCONNECTED;
	clr	SEQ_FLAGS;	/* make note of IDENTIFY */
	test	SCB_SGPTR, SG_LIST_NULL jnz . + 3;
	bmov	ALLOCFIFO_SCBPTR, SCBPTR, 2;
	call	allocate_fifo;
	/* See if the host wants to send a message upon reconnection */
	test	SCB_CONTROL, MK_MESSAGE jz mesgin_done;
	mvi	HOST_MSG	call mk_mesg;
	jmp	mesgin_done;

not_found:
	mvi	SEQINTCODE, NO_MATCH;
	jmp	mesgin_done;

not_found_ITloop:
	mvi	SEQINTCODE, NO_MATCH;
	jmp	ITloop;

/*
 * We received a "command complete" message.  Put the SCB on the complete
 * queue and trigger a completion interrupt via the idle loop.  Before doing
 * so, check to see if there
 * is a residual or the status byte is something other than STATUS_GOOD (0).
 * In either of these conditions, we upload the SCB back to the host so it can
 * process this information.  In the case of a non zero status byte, we
 * additionally interrupt the kernel driver synchronously, allowing it to
 * decide if sense should be retrieved.  If the kernel driver wishes to request
 * sense, it will fill the kernel SCB with a request sense command, requeue
 * it to the QINFIFO and tell us not to post to the QOUTFIFO by setting
 * RETURN_1 to SEND_SENSE.
 */
mesgin_complete_proto_violation:
	mvi	SEQINTCODE, PROTO_VIOLATION;
	jmp	mesgin_done;
mesgin_complete:

	/*
	 * If ATN is raised, we still want to give the target a message.
	 * Perhaps there was a parity error on this last message byte.
	 * Either way, the target should take us to message out phase
	 * and then attempt to complete the command again.  We should use a
	 * critical section here to guard against a timeout triggering
	 * for this command and setting ATN while we are still processing
	 * the completion.
	test	SCSISIGI, ATNI jnz mesgin_done;
	 */

	/*
	 * If we are identified and have successfully sent the CDB,
	 * any status will do.  Optimize this fast path.
	 */
	test	SEQ_FLAGS, NOT_IDENTIFIED|NO_CDB_SENT jnz . + 2;
	test	SCB_CONTROL, STATUS_RCVD jnz complete_accepted;

	/*
	 * If the target never sent an identify message but instead went
	 * to mesgin to give an invalid message, let the host abort us.
	 */
	test	SEQ_FLAGS, NOT_IDENTIFIED jnz mesgin_complete_proto_violation;

	/*
	 * If the target never gave us status information, have
	 * the host abort the command.
	 */
	test	SCB_CONTROL, STATUS_RCVD jz mesgin_complete_proto_violation;

	/*
	 * If we recevied good status but never successfully sent the
	 * cdb, abort the command.
	 */
	test	SCB_SCSI_STATUS,0xff	jnz complete_accepted;
	test	SEQ_FLAGS, NO_CDB_SENT jnz mesgin_complete_proto_violation;
complete_accepted:

	/*
	 * See if we attempted to deliver a message but the target ingnored us.
	 */
	test	SCB_CONTROL, MK_MESSAGE jz . + 2;
	mvi	SEQINTCODE, MKMSG_FAILED;
	call	queue_scb_completion;
	jmp	await_busfree;

freeze_queue:
	/* Cancel any pending select-out. */
	test	SSTAT0, SELDO jnz . + 2;
	and	SCSISEQ0, ~ENSELO;
	mov	ACCUM_SAVE, A;
	clr	A;
	add	QFREEZE_COUNT, 1;
	adc	QFREEZE_COUNT[1], A;
	or	SEQ_FLAGS2, SELECTOUT_QFROZEN;
	mov	A, ACCUM_SAVE ret;

queue_arg1_scb_completion:
	SET_MODE(M_SCSI, M_SCSI)
	bmov	SCBPTR, ARG_1, 2;
queue_scb_completion:
	test	SCB_SCSI_STATUS,0xff	jnz bad_status;
	/*
	 * Check for residuals
	 */
	test	SCB_SGPTR, SG_LIST_NULL jnz complete;	/* No xfer */
	test	SCB_SGPTR, SG_FULL_RESID jnz upload_scb;/* Never xfered */
	test	SCB_RESIDUAL_SGPTR, SG_LIST_NULL jz upload_scb;
complete:
	bmov	SCB_NEXT_COMPLETE, COMPLETE_SCB_HEAD, 2;
	bmov	COMPLETE_SCB_HEAD, SCBPTR, 2 ret;
bad_status:
	cmp	SCB_SCSI_STATUS, STATUS_PKT_SENSE je upload_scb;
	call	freeze_queue;
upload_scb:
	bmov	SCB_NEXT_COMPLETE, COMPLETE_DMA_SCB_HEAD, 2;
	bmov	COMPLETE_DMA_SCB_HEAD, SCBPTR, 2;
	or	SCB_SGPTR, SG_STATUS_VALID ret;

/*
 * Is it a disconnect message?  Set a flag in the SCB to remind us
 * and await the bus going free.  If this is an untagged transaction
 * store the SCB id for it in our untagged target table for lookup on
 * a reselction.
 */
mesgin_disconnect:
	/*
	 * If ATN is raised, we still want to give the target a message.
	 * Perhaps there was a parity error on this last message byte
	 * or we want to abort this command.  Either way, the target
	 * should take us to message out phase and then attempt to
	 * disconnect again.
	 * XXX - Wait for more testing.
	test	SCSISIGI, ATNI jnz mesgin_done;
	 */
	test	SEQ_FLAGS, NOT_IDENTIFIED|NO_CDB_SENT	jz disconnect_allowed;
	mvi	SEQINTCODE, PROTO_VIOLATION;
	jmp	mesgin_done;
disconnect_allowed:
	or	SCB_CONTROL,DISCONNECTED;
	test	SCB_CONTROL, TAG_ENB jnz await_busfree;
queue_disc_scb:
	bmov	REG0, SCBPTR, 2;
	INDEX_DISC_LIST(SAVED_SCSIID, SAVED_LUN);
	bmov	DINDEX, SINDEX, 2;
	bmov	DINDIR, REG0, 2;
	bmov	SCBPTR, REG0, 2;
	/* FALLTHROUGH */
await_busfree:
	and	SIMODE1, ~ENBUSFREE;
	if ((ahd->bugs & AHD_BUSFREEREV_BUG) == 0) {
		/*
		 * In the BUSFREEREV_BUG case, the
		 * busfree status was cleared at the
		 * beginning of the connection.
		 */
		mvi	CLRSINT1,CLRBUSFREE;
	}
	mov	NONE, SCSIDAT;		/* Ack the last byte */
	test	MODE_PTR, ~(MK_MODE(M_DFF1, M_DFF1))
		jnz await_busfree_not_m_dff;
SET_SRC_MODE	M_DFF1;
SET_DST_MODE	M_DFF1;
await_busfree_clrchn:
	mvi	DFFSXFRCTL, CLRCHN;
await_busfree_not_m_dff:
	call	clear_target_state;
	test	SSTAT1,REQINIT|BUSFREE	jz .;
	test	SSTAT1, BUSFREE jnz idle_loop;
	mvi	SEQINTCODE, MISSED_BUSFREE;


/*
 * Save data pointers message:
 * Copying RAM values back to SCB, for Save Data Pointers message, but
 * only if we've actually been into a data phase to change them.  This
 * protects against bogus data in scratch ram and the residual counts
 * since they are only initialized when we go into data_in or data_out.
 * Ack the message as soon as possible.
 */
SET_SRC_MODE	M_DFF1;
SET_DST_MODE	M_DFF1;
mesgin_sdptrs:
	mov	NONE,SCSIDAT;		/*dummy read from latch to ACK*/
	test	SEQ_FLAGS, DPHASE	jz ITloop;
	call	save_pointers;
	jmp	ITloop;

save_pointers:
	/*
	 * If we are asked to save our position at the end of the
	 * transfer, just mark us at the end rather than perform a
	 * full save.
	 */
	test	SCB_RESIDUAL_SGPTR[0], SG_LIST_NULL jz save_pointers_full;
	or	SCB_SGPTR, SG_LIST_NULL ret;

save_pointers_full:
	/*
	 * The SCB_DATAPTR becomes the current SHADDR.
	 * All other information comes directly from our residual
	 * state.
	 */
	bmov	SCB_DATAPTR, SHADDR, 8;
	bmov	SCB_DATACNT, SCB_RESIDUAL_DATACNT, 8 ret;

/*
 * Restore pointers message?  Data pointers are recopied from the
 * SCB anytime we enter a data phase for the first time, so all
 * we need to do is clear the DPHASE flag and let the data phase
 * code do the rest.  We also reset/reallocate the FIFO to make
 * sure we have a clean start for the next data phase.
 */
mesgin_rdptrs:
	and	SEQ_FLAGS, ~DPHASE;
	test	MODE_PTR, ~(MK_MODE(M_DFF1, M_DFF1)) jnz msgin_rdptrs_get_fifo;
	mvi	DFFSXFRCTL, RSTCHN|CLRSHCNT;
msgin_rdptrs_get_fifo:
	call	allocate_fifo;
	jmp	mesgin_done;

clear_target_state:
	mvi	LASTPHASE, P_BUSFREE;
	/* clear target specific flags */
	mvi	SEQ_FLAGS, NOT_IDENTIFIED|NO_CDB_SENT ret;

phase_lock:
	test	SCSIPHASE, 0xFF jz .;
phase_lock_latch_phase:
	and	LASTPHASE, PHASE_MASK, SCSISIGI ret;

/*
 * Functions to read data in Automatic PIO mode.
 *
 * An ACK is not sent on input from the target until SCSIDATL is read from.
 * So we wait until SCSIDATL is latched (the usual way), then read the data
 * byte directly off the bus using SCSIBUSL.  When we have pulled the ATN
 * line, or we just want to acknowledge the byte, then we do a dummy read
 * from SCISDATL.  The SCSI spec guarantees that the target will hold the
 * data byte on the bus until we send our ACK.
 *
 * The assumption here is that these are called in a particular sequence,
 * and that REQ is already set when inb_first is called.  inb_{first,next}
 * use the same calling convention as inb.
 */
inb_next:
	mov	NONE,SCSIDAT;		/*dummy read from latch to ACK*/
inb_next_wait:
	/*
	 * If there is a parity error, wait for the kernel to
	 * see the interrupt and prepare our message response
	 * before continuing.
	 */
	test	SCSIPHASE, 0xFF jz .;
inb_next_check_phase:
	and	LASTPHASE, PHASE_MASK, SCSISIGI;
	cmp	LASTPHASE, P_MESGIN jne mesgin_phasemis;
inb_first:
	clr	DINDEX[1];
	mov	DINDEX,SINDEX;
	mov	DINDIR,SCSIBUS	ret;		/*read byte directly from bus*/
inb_last:
	mov	NONE,SCSIDAT ret;		/*dummy read from latch to ACK*/

mk_mesg:
	mvi	SCSISIGO, ATNO;
	mov	MSG_OUT,SINDEX ret;

SET_SRC_MODE	M_DFF1;
SET_DST_MODE	M_DFF1;
disable_ccsgen:
	test	SG_STATE, FETCH_INPROG jz disable_ccsgen_fetch_done;
	clr	CCSGCTL;
disable_ccsgen_fetch_done:
	clr	SG_STATE ret;

data_group_idle_loop:
	mov	SAVED_MODE, MODE_PTR;
	test	SG_STATE, LOADING_NEEDED jz . + 2;
	call	service_fifo;
	TOGGLE_DFF_MODE
	test	SG_STATE, LOADING_NEEDED jz . + 2;
	call	service_fifo;
	call	idle_loop_cchan;
	if ((ahd->bugs & AHD_SET_MODE_BUG) != 0) {
		mov	SAVED_MODE jmp set_mode_work_around;
	} else {
		mov	MODE_PTR, SAVED_MODE ret;
	}

service_fifo:
	/*
	 * Do we have any prefetch left???
	 */
	test	SG_STATE, SEGS_AVAIL jnz idle_sg_avail;

	/*
	 * Can this FIFO have access to the S/G cache yet?
	 */
	test	CCSGCTL, SG_CACHE_AVAIL jz return;

	/* Did we just finish fetching segs? */
	cmp	CCSGCTL, CCSGEN|SG_CACHE_AVAIL|CCSGDONE
		je idle_sgfetch_complete;

	/* Are we actively fetching segments? */
	test	CCSGCTL, CCSGEN jnz return;

	/*
	 * We fetch a "cacheline aligned" and sized amount of data
	 * so we don't end up referencing a non-existant page.
	 * Cacheline aligned is in quotes because the kernel will
	 * set the prefetch amount to a reasonable level if the
	 * cacheline size is unknown.
	 */
	and	SGHADDR[0], SG_PREFETCH_ALIGN_MASK, SCB_RESIDUAL_SGPTR;
	mvi	SGHCNT, SG_PREFETCH_CNT;
	if ((ahd->bugs & AHD_REG_SLOW_SETTLE_BUG) != 0) {
		/*
		 * Need two instruction between "touches" of SGHADDR.
		 * Note the setting of SGHCNT counts as one of
		 * these two instructions.
		 */
		nop;
	}
	bmov	SGHADDR[1], SCB_RESIDUAL_SGPTR[1], 3;
	mvi	CCSGCTL, CCSGEN|SG_CACHE_AVAIL|CCSGRESET;
	or	SG_STATE, FETCH_INPROG ret;
idle_sgfetch_complete:
	/*
	 * Guard against SG_CACHE_AVAIL activating during sg fetch
	 * request in the other FIFO.
	 */
	test	SG_STATE, FETCH_INPROG jz return;
	clr	CCSGCTL;
	and	CCSGADDR, SG_PREFETCH_ADDR_MASK, SCB_RESIDUAL_SGPTR;
	mvi	SG_STATE, SEGS_AVAIL|LOADING_NEEDED;
idle_sg_avail:
	/* Does the hardware have space for another SG entry? */
	test	DFSTATUS, PRELOAD_AVAIL jz return;
	if ((ahd->flags & AHD_64BIT_ADDRESSING) != 0) {
		bmov	HADDR, CCSGRAM, 8;
	} else {
		bmov 	HADDR, CCSGRAM, 4;
	}
	bmov	HCNT, CCSGRAM, 3;
	test	HCNT[0], 0x1 jz . + 2;
	xor	DATA_COUNT_ODD, 0x1;
	bmov	SCB_RESIDUAL_DATACNT[3], CCSGRAM, 1;
	if ((ahd->flags & AHD_39BIT_ADDRESSING) != 0) {
		and	HADDR[4], SG_HIGH_ADDR_BITS, SCB_RESIDUAL_DATACNT[3];
	}
	if ((ahd->flags & AHD_64BIT_ADDRESSING) != 0) {
		/* Skip 4 bytes of pad. */
		add	CCSGADDR, 4;
	}
sg_advance:
	clr	A;			/* add sizeof(struct scatter) */
	add	SCB_RESIDUAL_SGPTR[0],SG_SIZEOF;
	adc	SCB_RESIDUAL_SGPTR[1],A;
	adc	SCB_RESIDUAL_SGPTR[2],A;
	adc	SCB_RESIDUAL_SGPTR[3],A;
	mov	SINDEX, SCB_RESIDUAL_SGPTR[0];
	test	DATA_COUNT_ODD, 0x1 jz . + 2;
	or	SINDEX, ODD_SEG;
	test	SCB_RESIDUAL_DATACNT[3], SG_LAST_SEG jz . + 3;
	or	SINDEX, LAST_SEG;
	clr	SG_STATE;
	mov	SG_CACHE_PRE, SINDEX;
	/*
	 * Load the segment.  Or in HDMAEN here too
	 * just in case HDMAENACK has not come true
	 * by the time this segment is loaded.  If
	 * HDMAENACK is not true, this or will disable
	 * HDMAEN mid-transfer.  We do not want to simply
	 * mvi our original settings as SCSIEN automatically
	 * de-asserts and we don't want to accidentally
	 * re-enable it.
	 */
	or	DFCNTRL, PRELOADEN|HDMAEN;
	/*
	 * Do we have another segment in the cache?
	 */
	add	NONE, SG_PREFETCH_CNT_LIMIT, CCSGADDR;
	jnc	return;
	and	SG_STATE, ~SEGS_AVAIL ret;

/*
 * Initialize the DMA address and counter from the SCB.
 */
load_first_seg:
	bmov	HADDR, SCB_DATAPTR, 11;
	and	DATA_COUNT_ODD, 0x1, SCB_DATACNT[0];
	and	REG_ISR, ~SG_FULL_RESID, SCB_SGPTR[0];
	test	SCB_DATACNT[3], SG_LAST_SEG jz . + 2;
	or	REG_ISR, LAST_SEG;
	test	DATA_COUNT_ODD, 0x1 jz . + 2;
	or	REG_ISR, ODD_SEG;
	mov	SG_CACHE_PRE, REG_ISR;
	mvi	DFCNTRL, (PRELOADEN|SCSIEN|HDMAEN);
	/*
	 * Since we've are entering a data phase, we will
	 * rely on the SCB_RESID* fields.  Initialize the
	 * residual and clear the full residual flag.
	 */
	and	SCB_SGPTR[0], ~SG_FULL_RESID;
	bmov	SCB_RESIDUAL_DATACNT[3], SCB_DATACNT[3], 5;
	/* If we need more S/G elements, tell the idle loop */
	test	SCB_RESIDUAL_DATACNT[3], SG_LAST_SEG jnz . + 2;
	mvi	SG_STATE, LOADING_NEEDED ret;
	clr	SG_STATE ret;

p_data:
	test	SEQ_FLAGS, NOT_IDENTIFIED|NO_CDB_SENT	jz p_data_allowed;
	mvi	SEQINTCODE, PROTO_VIOLATION;
p_data_allowed:

	test	SEQ_FLAGS, DPHASE	jz data_phase_initialize;

	/*
	 * If we re-enter the data phase after going through another
	 * phase, our transfer location has almost certainly been
	 * corrupted by the interveining, non-data, transfers.  Ask
	 * the host driver to fix us up based on the transfer residual
	 * unless we already know that we should be bitbucketing.
	 */
	test	SCB_RESIDUAL_SGPTR[0], SG_LIST_NULL jnz p_data_bitbucket;
	mvi	SEQINTCODE, PDATA_REINIT;
	jmp	data_group_dma_loop;

p_data_bitbucket:
	/*
	 * Turn on `Bit Bucket' mode, wait until the target takes
	 * us to another phase, and then notify the host.
	 */
	test	MODE_PTR, ~(MK_MODE(M_DFF1, M_DFF1))
		jnz bitbucket_not_m_dff;
	/*
	 * Ensure that any FIFO contents are cleared out and the
	 * FIFO free'd prior to starting the BITBUCKET.  BITBUCKET
	 * doesn't discard data already in the FIFO.
	 */
	mvi	DFFSXFRCTL, RSTCHN|CLRSHCNT;
	SET_MODE(M_SCSI, M_SCSI)
bitbucket_not_m_dff:
	or	SXFRCTL1,BITBUCKET;
	/* Wait for non-data phase. */
	test	SCSIPHASE, ~DATA_PHASE_MASK jz .;
	and	SXFRCTL1, ~BITBUCKET;
	SET_MODE(M_DFF1, M_DFF1)
	mvi	SEQINTCODE, DATA_OVERRUN;
	jmp	ITloop;

data_phase_initialize:
	test	SCB_SGPTR[0], SG_LIST_NULL jnz p_data_bitbucket;
	call	load_first_seg;
data_phase_inbounds:
	/* We have seen a data phase at least once. */
	or	SEQ_FLAGS, DPHASE;
data_group_dma_loop:
	/*
	 * The transfer is complete if either the last segment
	 * completes or the target changes phase.  Both conditions
	 * will clear SCSIEN.
	 */
	call	data_group_idle_loop;
	test	DFCNTRL, SCSIEN jnz data_group_dma_loop;

data_group_dmafinish:
	/*
	 * The transfer has terminated either due to a phase
	 * change, and/or the completion of the last segment.
	 * We have two goals here.  Do as much other work
	 * as possible while the data fifo drains on a read
	 * and respond as quickly as possible to the standard
	 * messages (save data pointers/disconnect and command
	 * complete) that usually follow a data phase.
	 */
	call	calc_residual;

	/*
	 * Go ahead and shut down the DMA engine now.
	 */
	test	DFCNTRL, DIRECTION jnz data_phase_finish;
data_group_fifoflush:
	if ((ahd->bugs & AHD_AUTOFLUSH_BUG) != 0) {
		or	DFCNTRL, FIFOFLUSH;
	}
	/*
	 * We have enabled the auto-ack feature.  This means
	 * that the controller may have already transferred
	 * some overrun bytes into the data FIFO and acked them
	 * on the bus.  The only way to detect this situation is
	 * to wait for LAST_SEG_DONE to come true on a completed
	 * transfer and then test to see if the data FIFO is
	 * non-empty.  We know there is more data yet to transfer
	 * if SG_LIST_NULL is not yet set, thus there cannot be
	 * an overrun.
	 */
	test	SCB_RESIDUAL_SGPTR[0], SG_LIST_NULL jz data_phase_finish;
	test	SG_CACHE_SHADOW, LAST_SEG_DONE jz .;
	test	DFSTATUS, FIFOEMP jnz data_phase_finish;
	/* Overrun */
	jmp	p_data;
data_phase_finish:
	/*
	 * If the target has left us in data phase, loop through
	 * the dma code again.  We will only loop if there is a
	 * data overrun.
	 */
	if ((ahd->flags & AHD_TARGETROLE) != 0) {
		test	SSTAT0, TARGET jnz data_phase_done;
	}
	if ((ahd->flags & AHD_INITIATORROLE) != 0) {
		test	SSTAT1, REQINIT jz .;
		test	SCSIPHASE, DATA_PHASE_MASK jnz p_data;
	}

data_phase_done:
	/* Kill off any pending prefetch */
	call	disable_ccsgen;

	if ((ahd->flags & AHD_TARGETROLE) != 0) {
		test	SEQ_FLAGS, DPHASE_PENDING jz ITloop;
		/*
		and	SEQ_FLAGS, ~DPHASE_PENDING;
		 * For data-in phases, wait for any pending acks from the
		 * initiator before changing phase.  We only need to
		 * send Ignore Wide Residue messages for data-in phases.
		test	DFCNTRL, DIRECTION jz target_ITloop;
		test	SSTAT1, REQINIT	jnz .;
		test	DATA_COUNT_ODD, 0x1 jz target_ITloop;
		SET_MODE(M_SCSI, M_SCSI)
		test	NEGCONOPTS, WIDEXFER jz target_ITloop;
		 */
		/*
		 * Issue an Ignore Wide Residue Message.
		mvi	P_MESGIN|BSYO call change_phase;
		mvi	MSG_IGN_WIDE_RESIDUE call target_outb;
		mvi	1 call target_outb;
		jmp	target_ITloop;
		 */
	} else {
		jmp	ITloop;
	}

/*
 * We assume that, even though data may still be
 * transferring to the host, that the SCSI side of
 * the DMA engine is now in a static state.  This
 * allows us to update our notion of where we are
 * in this transfer.
 *
 * If, by chance, we stopped before being able
 * to fetch additional segments for this transfer,
 * yet the last S/G was completely exhausted,
 * call our idle loop until it is able to load
 * another segment.  This will allow us to immediately
 * pickup on the next segment on the next data phase.
 *
 * If we happened to stop on the last segment, then
 * our residual information is still correct from
 * the idle loop and there is no need to perform
 * any fixups.
 */
calc_residual:
	test	SG_CACHE_SHADOW, LAST_SEG jz residual_before_last_seg;
	/* Record if we've consumed all S/G entries */
	test	MDFFSTAT, SHVALID	jz . + 2;
	bmov	SCB_RESIDUAL_DATACNT, SHCNT, 3 ret;
	or	SCB_RESIDUAL_SGPTR[0], SG_LIST_NULL ret;
residual_before_last_seg:
	test    MDFFSTAT, SHVALID	jnz sgptr_fixup;
	/*
	 * Can never happen from an interrupt as the packetized
	 * hardware will only interrupt us once SHVALID or
	 * LAST_SEG_DONE.
	 */
	call	data_group_idle_loop;
	jmp	calc_residual;

sgptr_fixup:
	/*
	 * Fixup the residual next S/G pointer.  The S/G preload
	 * feature of the chip allows us to load two elements
	 * in addition to the currently active element.  We
	 * store the bottom byte of the next S/G pointer in
	 * the SG_CACHE_PTR register so we can restore the
	 * correct value when the DMA completes.  If the next
	 * sg ptr value has advanced to the point where higher
	 * bytes in the address have been affected, fix them
	 * too.
	 */
	test	SG_CACHE_SHADOW, 0x80 jz sgptr_fixup_done;
	test	SCB_RESIDUAL_SGPTR[0], 0x80 jnz sgptr_fixup_done;
	add	SCB_RESIDUAL_SGPTR[1], -1;
	adc	SCB_RESIDUAL_SGPTR[2], -1;
	adc	SCB_RESIDUAL_SGPTR[3], -1;
sgptr_fixup_done:
	and	SCB_RESIDUAL_SGPTR[0], SG_ADDR_MASK, SG_CACHE_SHADOW;
	clr	DATA_COUNT_ODD;
	test	SG_CACHE_SHADOW, ODD_SEG jz . + 2;
	or	DATA_COUNT_ODD, 0x1;
	clr	SCB_RESIDUAL_DATACNT[3]; /* We are not the last seg */
	bmov	SCB_RESIDUAL_DATACNT, SHCNT, 3 ret;

export seq_isr:
	nop;	/* Jumps in the first ISR instruction fail on Rev A. */
	test	SEQINTSRC, SAVEPTRS	jnz saveptr_intr;
	test	SEQINTSRC, CFG4DATA	jnz cfg4data_intr;
	test	SEQINTSRC, CFG4ISTAT	jnz cfg4istat_intr;
	test	SEQINTSRC, CFG4ICMD	jnz cfg4icmd_intr;
	mvi	SEQINTCODE, INVALID_SEQINT;

/*
 * There are two types of save pointers interrupts:
 * The first is a snapshot save pointers where the current FIFO is not
 * active and contains a snapshot of the current poniter information.
 * This happens between packets in a stream for a single L_Q.  Since we
 * are not performing a pointer save, we can safely clear the channel
 * so it can be used for other transactions.
 *
 * The second case is a save pointers on an active FIFO which occurs
 * if the target changes to a new L_Q or busfrees/QAS' and the transfer
 * has a residual.  This should occur coincident with a ctxtdone.  We
 * disable the interrupt and allow our active routine to handle the
 * save.
 */
saveptr_intr:
	test	DFCNTRL, HDMAENACK jz snapshot_saveptr;
	and	SEQIMODE, ~ENSAVEPTRS;
	or	SEQINTCTL, IRET ret;
snapshot_saveptr:
	mvi	DFFSXFRCTL, CLRCHN;
	or	SEQINTCTL, IRET ret;

cfg4data_intr:
	test	SCB_SGPTR[0], SG_LIST_NULL jnz pkt_handle_overrun;
	call	load_first_seg;
	call	pkt_handle_xfer;
	or	SEQINTCTL, IRET ret;

cfg4istat_intr:
	call	freeze_queue;
	add	NONE, -13, SCB_CDB_LEN;
	jnc	cfg4istat_have_sense_addr;
	test	SCB_CDB_LEN, SCB_CDB_LEN_PTR jnz cfg4istat_have_sense_addr;
	/*
	 * Host sets up address/count and enables transfer.
	 */
	mvi	SEQINTCODE, CFG4ISTAT_INTR;
	jmp	cfg4istat_setup_handler;
cfg4istat_have_sense_addr:
	bmov	HADDR, SCB_SENSE_BUSADDR, 4;
	mvi	HCNT[1], (AHD_SENSE_BUFSIZE >> 8);
	mvi	SG_CACHE_PRE, LAST_SEG;
	mvi	DFCNTRL, PRELOADEN|SCSIEN|HDMAEN;
cfg4istat_setup_handler:
	/*
	 * Status pkt is transferring to host.
	 * Wait in idle loop for transfer to complete.
	 */
	call	pkt_handle_status;
	or	SEQINTCTL, IRET ret;

/*
 * See if the target has gone on in this context creating an
 * overrun condition.  For the write case, the hardware cannot
 * ack bytes until data are provided.  So, if the target begins
 * another  packet without changing contexts, implying we are
 * not sitting on a packet boundary, we are in an overrun
 * situation.  For the read case, the hardware will continue to
 * ack bytes into the FIFO, and may even ack the last overrun packet
 * into the FIFO.   If the FIFO should become non-empty, we are in
 * a read overrun case.
 */
#define check_overrun							\
	/* Not on a packet boundary. */					\
	test 	MDFFSTAT, DLZERO jz pkt_handle_overrun;			\
	test	DFSTATUS, FIFOEMP jz pkt_handle_overrun

pkt_handle_xfer:
	bmov	LONGJMP_SCB, SCBPTR, 2;
	test	SG_STATE, LOADING_NEEDED jz pkt_last_seg;
	call	setjmp;
	test	SEQINTSRC, SAVEPTRS jnz pkt_saveptrs;
	test	SCSIPHASE, ~DATA_PHASE_MASK jz . + 2;
	test	SCSISIGO, ATNO jnz . + 2;
	test	SSTAT2, NONPACKREQ jz pkt_service_fifo;
	/*
	 * Defer handling of this NONPACKREQ until we
	 * can be sure it pertains to this FIFO.  SAVEPTRS
	 * will not be asserted if the NONPACKREQ is for us,
	 * so we must simulate it if shaddow is valid.  If
	 * shaddow is not valid, keep running this FIFO until we
	 * have satisfied the transfer by loading segments and
	 * waiting for either shaddow valid or last_seg_done.
	 */
	test	MDFFSTAT, SHVALID jnz pkt_saveptrs;
pkt_service_fifo:
	test	SG_STATE, LOADING_NEEDED jnz service_fifo;
pkt_last_seg:
	call	setjmp;
	test	SEQINTSRC, SAVEPTRS jnz pkt_saveptrs;
	test	SG_CACHE_SHADOW, LAST_SEG_DONE jnz last_pkt_done;
	test	SCSIPHASE, ~DATA_PHASE_MASK jz . + 2;
	test	SCSISIGO, ATNO jnz . + 2;
	test	SSTAT2, NONPACKREQ jz return;
	test	MDFFSTAT, SHVALID jz return;
	/* FALLTHROUGH */

/*
 * Either a SAVEPTRS interrupt condition is pending for this FIFO
 * or we have a pending nonpackreq for this FIFO.  We differentiate
 * between the two by capturing the state of the SAVEPTRS interrupt
 * prior to clearing this status and executing the common code for
 * these two cases.
 */
pkt_saveptrs:
BEGIN_CRITICAL;
	if ((ahd->bugs & AHD_AUTOFLUSH_BUG) != 0) {
		or	DFCNTRL, FIFOFLUSH;
	}
	mov	REG0, SEQINTSRC;
	call	calc_residual;
	call	save_pointers;
	mvi	CLRSEQINTSRC, CLRSAVEPTRS;
	call	disable_ccsgen;
	or	SEQIMODE, ENSAVEPTRS;
	test	DFCNTRL, DIRECTION jnz pkt_saveptrs_check_status;
	test	DFSTATUS, FIFOEMP jnz pkt_saveptrs_check_status;
	/*
	 * Keep a handler around for this FIFO until it drains
	 * to the host to guarantee that we don't complete the
	 * command to the host before the data arrives.
	 */
pkt_saveptrs_wait_fifoemp:
	call	setjmp;
	test	DFSTATUS, FIFOEMP jz return;
pkt_saveptrs_check_status:
	or	LONGJMP_ADDR[1], INVALID_ADDR;
	test	REG0, SAVEPTRS jz unexpected_nonpkt_phase;
	test	SCB_CONTROL, STATUS_RCVD jz pkt_saveptrs_clrchn;
	jmp	last_pkt_complete;
pkt_saveptrs_clrchn:
	mvi	DFFSXFRCTL, CLRCHN ret;
END_CRITICAL;

last_pkt_done:
BEGIN_CRITICAL;
	if ((ahd->bugs & AHD_AUTOFLUSH_BUG) != 0) {
		or	DFCNTRL, FIFOFLUSH;
	}
	test	SCB_CONTROL, STATUS_RCVD jz wait_pkt_end;
	check_overrun;
	or	SCB_SGPTR, SG_LIST_NULL;
	/*
	 * It is safe to skip the other FIFO check since
	 * we defer CLRCHN on SAVEPTRS until all data in
	 * the FIFO are seen by the host and a CFG4DATA
	 * in this FIFO for the same context is held off
	 * by hardware.
	 */
last_pkt_queue_scb:
	or	LONGJMP_ADDR[1], INVALID_ADDR;
	bmov	ARG_1, SCBPTR, 2;
	mvi	DFFSXFRCTL, CLRCHN;
	jmp	queue_arg1_scb_completion;

last_pkt_complete:
	bmov	ARG_1, SCBPTR, 2;
	mvi	DFFSXFRCTL, CLRCHN;
check_other_fifo:
	clc;
	TOGGLE_DFF_MODE
	call	check_fifo;
	jnc	queue_arg1_scb_completion;
return:
	ret;

wait_pkt_end:
	call	setjmp;
END_CRITICAL;
wait_pkt_end_loop:
	test	SEQINTSRC, CTXTDONE jnz pkt_end;
	check_overrun;
	test	SSTAT2, NONPACKREQ jz return;
	test	SEQINTSRC, CTXTDONE jz unexpected_nonpkt_phase;
pkt_end:
BEGIN_CRITICAL;
	check_overrun;
	or	LONGJMP_ADDR[1], INVALID_ADDR;
	or	SCB_SGPTR, SG_LIST_NULL;
	test	SCB_CONTROL, STATUS_RCVD jnz last_pkt_complete;
	mvi	DFFSXFRCTL, CLRCHN ret;
END_CRITICAL;

check_status_overrun:
	test	SHCNT[2], 0xFF jz status_IU_done;
	mvi	SEQINTCODE, STATUS_OVERRUN;
	jmp	status_IU_done;
pkt_handle_status:
	call	setjmp_setscb;
	test	MDFFSTAT, LASTSDONE jnz check_status_overrun;
	test	SEQINTSRC, CTXTDONE jz return;
status_IU_done:
BEGIN_CRITICAL;
	if ((ahd->bugs & AHD_AUTOFLUSH_BUG) != 0) {
		or	DFCNTRL, FIFOFLUSH;
	}
	or	LONGJMP_ADDR[1], INVALID_ADDR;
	mvi	SCB_SCSI_STATUS, STATUS_PKT_SENSE;
	or	SCB_CONTROL, STATUS_RCVD;
	jmp	last_pkt_complete;
END_CRITICAL;

SET_SRC_MODE	M_DFF0;
SET_DST_MODE	M_DFF0;
BEGIN_CRITICAL;
check_fifo:
	test	LONGJMP_ADDR[1], INVALID_ADDR jnz return;
	mov	A, ARG_2;
	cmp	LONGJMP_SCB[1], A	jne return;
	mov	A, ARG_1;
	cmp	LONGJMP_SCB[0], A	jne return;
	stc	ret;
END_CRITICAL;

/*
 * Nonpackreq is a polled status.  It can come true in three situations:
 * we have received an L_Q, we have sent one or more L_Qs, or there is no
 * L_Q context associated with this REQ (REQ occurs immediately after a
 * (re)selection).  Routines that know that the context responsible for this
 * nonpackreq call directly into unexpected_nonpkt_phase.  In the case of the
 * top level idle loop, we exhaust all active contexts prior to determining that
 * we simply do not have the full I_T_L_Q for this phase.
 */
unexpected_nonpkt_phase_find_ctxt:
	/*
	 * This nonpackreq is most likely associated with one of the tags
	 * in a FIFO or an outgoing LQ.  Only treat it as an I_T only
	 * nonpackreq if we've cleared out the FIFOs and handled any
	 * pending SELDO.
	 */
SET_SRC_MODE	M_SCSI;
SET_DST_MODE	M_SCSI;
	and	A, FIFO1FREE|FIFO0FREE, DFFSTAT;
	cmp	A, FIFO1FREE|FIFO0FREE jne return;
	test	SSTAT0, SELDO jnz return;
	mvi	SCBPTR[1], SCB_LIST_NULL;
unexpected_nonpkt_phase:
	test	MODE_PTR, ~(MK_MODE(M_DFF1, M_DFF1)) jnz . + 3;
SET_SRC_MODE	M_DFF0;
SET_DST_MODE	M_DFF0;
	or	LONGJMP_ADDR[1], INVALID_ADDR;
	mvi	DFFSXFRCTL, CLRCHN;
	mvi	CLRSINT2, CLRNONPACKREQ;
	test	SCSIPHASE, ~(MSG_IN_PHASE|MSG_OUT_PHASE) jnz illegal_phase;
	mvi	SEQINTCODE, ENTERING_NONPACK;
	jmp	ITloop;

illegal_phase:
	mvi	SEQINTCODE, ILLEGAL_PHASE;
	jmp	ITloop;

/*
 * We have entered an overrun situation.  If we have working
 * BITBUCKET, flip that on and let the hardware eat any overrun
 * data.  Otherwise use an overrun buffer in the host to simulate
 * BITBUCKET.
 */
pkt_handle_overrun:
	mvi	SEQINTCODE, CFG4OVERRUN;
	call	freeze_queue;
	if ((ahd->bugs & AHD_PKT_BITBUCKET_BUG) == 0) {
		SET_MODE(M_SCSI, M_SCSI)
		or	SXFRCTL1,BITBUCKET;
SET_SRC_MODE	M_DFF1;
SET_DST_MODE	M_DFF1;
	} else {
		call	load_overrun_buf;
		mvi	DFCNTRL, (HDMAEN|SCSIEN|PRELOADEN);
	}
	call	setjmp;
	if ((ahd->bugs & AHD_PKT_BITBUCKET_BUG) != 0) {
		test	DFSTATUS, PKT_PRELOAD_AVAIL jz overrun_load_done;
		call	load_overrun_buf;
		or	DFCNTRL, PRELOADEN;
overrun_load_done:
	}
	test	SEQINTSRC, CTXTDONE jnz pkt_overrun_end;
	test	SSTAT2, NONPACKREQ jz return;
pkt_overrun_end:
	or	SCB_RESIDUAL_SGPTR, SG_OVERRUN_RESID;
	test	SEQINTSRC, CTXTDONE jz unexpected_nonpkt_phase;
	test	SCB_CONTROL, STATUS_RCVD jnz last_pkt_queue_scb;
	mvi	DFFSXFRCTL, CLRCHN ret;

if ((ahd->bugs & AHD_PKT_BITBUCKET_BUG) != 0) {
load_overrun_buf:
	/*
	 * Load a dummy segment if preload space is available.
	 */
	mov 	HADDR[0], SHARED_DATA_ADDR;
	add	HADDR[1], PKT_OVERRUN_BUFOFFSET, SHARED_DATA_ADDR[1];
	mov	ACCUM_SAVE, A;
	clr	A;
	adc	HADDR[2], A, SHARED_DATA_ADDR[2];
	adc	HADDR[3], A, SHARED_DATA_ADDR[3];
	mov	A, ACCUM_SAVE;
	bmov	HADDR[4], ALLZEROS, 4;
	/* PKT_OVERRUN_BUFSIZE is a multiple of 256 */
	clr	HCNT[0];
	mvi	HCNT[1], ((PKT_OVERRUN_BUFSIZE >> 8) & 0xFF);
	clr	HCNT[2];
}

cfg4icmd_intr: