[Qemu-devel] Fixing STOP A5 on qemu

2008-03-02 Thread Michael Brown 
Hi,

I was hitting the STOP 0x00A5 error when attempting to boot Vista or 
similar (Server 2008, WinPE) on current qemu CVS.  Googling suggested that 
this was a problem with the qemu BIOS not supporting ACPI 2.0.

Replacing pc-bios/bios.bin with the bios/BIOS-bochs-latest from current 
bochs CVS fixed the problem, and I am now able to boot these operating 
systems.  This isn't a perfect solution, since the bochs BIOS is built 
without #define BX_QEMU.

It looks as though the BIOS problem has been fixed upstream; could someone 
who knows what they're doing rebuild pc-bios/bios.bin from the latest 
bochs CVS and check it in to qemu CVS?

Thanks,

Michael

(Not a mailing list member, so please do CC me on replies.)

[Qemu-devel] [PATCH] hw/slavio_timer.c remove unneeded qemu_irq_lower

2008-03-02 Thread Robert Reif 
Remove unneeded qemu_irq_lower because user mode timers don't support 
IRQs and the IRQ is lowered when switching to user mode.
diff -p -u -r1.30 slavio_timer.c
--- hw/slavio_timer.c   26 Jan 2008 09:13:46 -  1.30
+++ hw/slavio_timer.c   3 Mar 2008 00:35:28 -
@@ -192,7 +192,6 @@ static void slavio_timer_mem_writel(void
 uint64_t count;
 
 // set user counter MSW, reset counter
-qemu_irq_lower(s->irq);
 s->limit = TIMER_MAX_COUNT64;
 s->counthigh = val & (TIMER_MAX_COUNT64 >> 32);
 s->reached = 0;
@@ -218,7 +217,6 @@ static void slavio_timer_mem_writel(void
 uint64_t count;
 
 // set user counter LSW, reset counter
-qemu_irq_lower(s->irq);
 s->limit = TIMER_MAX_COUNT64;
 s->count = val & TIMER_MAX_COUNT64;
 s->reached = 0;

[Qemu-devel] [PATCH] hw/sun4m.c show IRQ set or reset

2008-03-02 Thread Robert Reif 

Show which CPU IRQ is actually being set or reset when debugging.
diff -p -u -r1.86 sun4m.c
--- hw/sun4m.c  2 Mar 2008 08:48:47 -   1.86
+++ hw/sun4m.c  3 Mar 2008 00:35:29 -
@@ -258,12 +258,15 @@ void cpu_check_irqs(CPUState *env)
 int old_interrupt = env->interrupt_index;
 
 env->interrupt_index = TT_EXTINT | i;
-if (old_interrupt != env->interrupt_index)
+if (old_interrupt != env->interrupt_index) {
+DPRINTF("Set CPU IRQ %d\n", i);
 cpu_interrupt(env, CPU_INTERRUPT_HARD);
+}
 break;
 }
 }
 } else if (!env->pil_in && (env->interrupt_index & ~15) == TT_EXTINT) {
+DPRINTF("Reset CPU IRQ %d\n", env->interrupt_index & 15);
 env->interrupt_index = 0;
 cpu_reset_interrupt(env, CPU_INTERRUPT_HARD);
 }

[Qemu-devel] Re: qemu 2008-03-02 snapshot FreeBSD 7.0/amd64 guest regression (tcg?)

2008-03-02 Thread Juergen Lock 
On Sun, Mar 02, 2008 at 09:47:02PM +0100, Juergen Lock wrote:
> Hi!
> 
>  I've prepared a FreeBSD qemu-devel port update, as already mentioned
> on the freebsd-emulation list, and found the FreeBSD 7.0/amd64 isos
> now pagefault repeatedly, saying:
> 
> panic: page fault
> cpuid = 0
> kernel trap 12 with interrupts disabled
> 
> 
> Fatal trap 12: page fault while in kernel mode
> cpuid = 0; apic id = 00
> fault virtual address   = 0x20
> fault code  = supervisor read data, page not present
> instruction pointer = 0x8:0x8046c704
> trap number = 12
> frame pointer   = 0x10:0x0
> ...
> 
> 0x8046c704 in the 7.0-RELEASE kernel used on the isos is
> in _thread_lock_flags:
> 
> (kgdb) disassemble _thread_lock_flags 
> Dump of assembler code for function _thread_lock_flags:
> 0x8046c6e0 <_thread_lock_flags+0>:push   %r14
> 0x8046c6e2 <_thread_lock_flags+2>:mov%rdi,%r14
> 0x8046c6e5 <_thread_lock_flags+5>:push   %r13
> 0x8046c6e7 <_thread_lock_flags+7>:push   %r12
> 0x8046c6e9 <_thread_lock_flags+9>:push   %rbp
> 0x8046c6ea <_thread_lock_flags+10>:   push   %rbx
> 0x8046c6eb <_thread_lock_flags+11>:   mov%gs:0x0,%r13
> 0x8046c6f4 <_thread_lock_flags+20>:   xor%r12d,%r12d
> 0x8046c6f7 <_thread_lock_flags+23>:   callq  0x8071df80 
> 
> 0x8046c6fc <_thread_lock_flags+28>:   mov(%r14),%rbp
> 0x8046c6ff <_thread_lock_flags+31>:   mov$0x4,%eax
> 0x8046c704 <_thread_lock_flags+36>:   lock cmpxchg %r13,0x20(%rbp)
> 0x8046c70a <_thread_lock_flags+42>:   sete   %al
> 0x8046c70d <_thread_lock_flags+45>:   test   %al,%al
> 0x8046c70f <_thread_lock_flags+47>:   jne0x8046c799 
> <_thread_lock_flags+185>
> 0x8046c715 <_thread_lock_flags+53>:   mov0x20(%rbp),%rdx
> 0x8046c719 <_thread_lock_flags+57>:   cmp%r13,%rdx
> 0x8046c71c <_thread_lock_flags+60>:   je 0x8046c7cd 
> <_thread_lock_flags+237>
> 0x8046c722 <_thread_lock_flags+66>:   callq  0x8071c4e0 
> 
> ---Type  to continue, or q  to quit---
> 0x8046c727 <_thread_lock_flags+71>:   jmp0x8046c73c 
> <_thread_lock_flags+92>
> 0x8046c729 <_thread_lock_flags+73>:   data16
> ...
> 
>  so this looks like either %rbp is indeed zero or that cmpxchg insn isnt
> getting correctly translated.  If you want to reproduce just boot the 35 MB
> 7.0-RELEASE-amd64-bootonly.iso in qemu-system-x86_64 (without kqemu); you
> can find mirrors via
>   http://mirrorlist.freebsd.org/
> (search for isos, amd64 architecture, I used 7.0 as you can see.)
> 
>  Oh, if you want to look at the live kernel you can boot the
> 7.0-RELEASE-amd64-livefs.iso in 0.9.1 with the previously mentioned
> patch (see
>   http://www.nabble.com/forum/ViewPost.jtp?post=14921171
> ), select fixit->cdrom in the menu that comes up after choosing
> the keyboard layout, and run `kgdb /dist/boot/kernel/kernel /dev/mem'.

Update: looks like the bug is i386 host only, at least I got a report
of amd64 host working. (will try to confirm later...)

Juergen

[Qemu-devel] Network Issues

2008-03-02 Thread Chris Brennan 
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

For some time now, I have been attempting to get the user-mode
networking stack to work when booting any flavor of FreeBSD's bootonly
ISO for a NetInstall.

I can get qemu to boot just fine. The problem is, I can't get it to
actually connect to the outside world and start the install.

I select the device ed0 and no to ipv6, yes to dhcp and it gets an ip of
10.0.2.15 which is fine, I give it a hostname (fbsd for the sake of ease
in this case) and select 'OK', it does what it needs to to format the
partitions and then it fails saying it can't connect to the ftp mirror.
at first, I thought this may have been a dns issue, so I choose to
select my own mirror and pluged in the IP of the mirror. Still failed.

So I had some light discussion in freenode/#qemu and it was suggested
that there is a patch to fix this known issue. But I am unsure of which
patch is needed and how I would use that when using Portage to install
qemu (if need be, I can make a custom ebuild in an overlay that would
patch the srcs.)

So my point is this, can someone help me by pointing me in the right
direction?
-BEGIN PGP SIGNATURE-
Version: GnuPG v2.0.7 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org

iD8DBQFHyxyW8hUIAnGfls4RArS8AJ0SHC7DKMfbV9upn/AjU44OiZ7CzQCginwA
Zqf6mW5pSF/I9wafc95/vXQ=
=uHxe
-END PGP SIGNATURE-

[Qemu-devel] qemu 2008-03-02 snapshot FreeBSD 7.0/amd64 guest regression (tcg?)

2008-03-02 Thread Juergen Lock 
Hi!

 I've prepared a FreeBSD qemu-devel port update, as already mentioned
on the freebsd-emulation list, and found the FreeBSD 7.0/amd64 isos
now pagefault repeatedly, saying:

panic: page fault
cpuid = 0
kernel trap 12 with interrupts disabled


Fatal trap 12: page fault while in kernel mode
cpuid = 0; apic id = 00
fault virtual address   = 0x20
fault code  = supervisor read data, page not present
instruction pointer = 0x8:0x8046c704
trap number = 12
frame pointer   = 0x10:0x0
...

0x8046c704 in the 7.0-RELEASE kernel used on the isos is
in _thread_lock_flags:

(kgdb) disassemble _thread_lock_flags 
Dump of assembler code for function _thread_lock_flags:
0x8046c6e0 <_thread_lock_flags+0>:  push   %r14
0x8046c6e2 <_thread_lock_flags+2>:  mov%rdi,%r14
0x8046c6e5 <_thread_lock_flags+5>:  push   %r13
0x8046c6e7 <_thread_lock_flags+7>:  push   %r12
0x8046c6e9 <_thread_lock_flags+9>:  push   %rbp
0x8046c6ea <_thread_lock_flags+10>: push   %rbx
0x8046c6eb <_thread_lock_flags+11>: mov%gs:0x0,%r13
0x8046c6f4 <_thread_lock_flags+20>: xor%r12d,%r12d
0x8046c6f7 <_thread_lock_flags+23>: callq  0x8071df80 

0x8046c6fc <_thread_lock_flags+28>: mov(%r14),%rbp
0x8046c6ff <_thread_lock_flags+31>: mov$0x4,%eax
0x8046c704 <_thread_lock_flags+36>: lock cmpxchg %r13,0x20(%rbp)
0x8046c70a <_thread_lock_flags+42>: sete   %al
0x8046c70d <_thread_lock_flags+45>: test   %al,%al
0x8046c70f <_thread_lock_flags+47>: jne0x8046c799 
<_thread_lock_flags+185>
0x8046c715 <_thread_lock_flags+53>: mov0x20(%rbp),%rdx
0x8046c719 <_thread_lock_flags+57>: cmp%r13,%rdx
0x8046c71c <_thread_lock_flags+60>: je 0x8046c7cd 
<_thread_lock_flags+237>
0x8046c722 <_thread_lock_flags+66>: callq  0x8071c4e0 

---Type  to continue, or q  to quit---
0x8046c727 <_thread_lock_flags+71>: jmp0x8046c73c 
<_thread_lock_flags+92>
0x8046c729 <_thread_lock_flags+73>: data16
...

 so this looks like either %rbp is indeed zero or that cmpxchg insn isnt
getting correctly translated.  If you want to reproduce just boot the 35 MB
7.0-RELEASE-amd64-bootonly.iso in qemu-system-x86_64 (without kqemu); you
can find mirrors via
http://mirrorlist.freebsd.org/
(search for isos, amd64 architecture, I used 7.0 as you can see.)

 Oh, if you want to look at the live kernel you can boot the
7.0-RELEASE-amd64-livefs.iso in 0.9.1 with the previously mentioned
patch (see
http://www.nabble.com/forum/ViewPost.jtp?post=14921171
), select fixit->cdrom in the menu that comes up after choosing
the keyboard layout, and run `kgdb /dist/boot/kernel/kernel /dev/mem'.

 Thanx,
Juergen

[Qemu-devel] qemu/target-sparc cpu.h helper.c helper.h op.c ...

2008-03-02 Thread Blue Swirl 
CVSROOT:/cvsroot/qemu
Module name:qemu
Changes by: Blue Swirl   08/03/02 18:28:07

Modified files:
target-sparc   : cpu.h helper.c helper.h op.c translate.c 

Log message:
 Convert tick operations to TCG

CVSWeb URLs:
http://cvs.savannah.gnu.org/viewcvs/qemu/target-sparc/cpu.h?cvsroot=qemu&r1=1.63&r2=1.64
http://cvs.savannah.gnu.org/viewcvs/qemu/target-sparc/helper.c?cvsroot=qemu&r1=1.34&r2=1.35
http://cvs.savannah.gnu.org/viewcvs/qemu/target-sparc/helper.h?cvsroot=qemu&r1=1.1&r2=1.2
http://cvs.savannah.gnu.org/viewcvs/qemu/target-sparc/op.c?cvsroot=qemu&r1=1.50&r2=1.51
http://cvs.savannah.gnu.org/viewcvs/qemu/target-sparc/translate.c?cvsroot=qemu&r1=1.92&r2=1.93

[Qemu-devel] qemu/target-sparc op.c translate.c

2008-03-02 Thread Blue Swirl 
CVSROOT:/cvsroot/qemu
Module name:qemu
Changes by: Blue Swirl   08/03/02 18:25:28

Modified files:
target-sparc   : op.c translate.c 

Log message:
 Convert movr and (partially) movcc to TCG

CVSWeb URLs:
http://cvs.savannah.gnu.org/viewcvs/qemu/target-sparc/op.c?cvsroot=qemu&r1=1.49&r2=1.50
http://cvs.savannah.gnu.org/viewcvs/qemu/target-sparc/translate.c?cvsroot=qemu&r1=1.91&r2=1.92

[Qemu-devel] qemu/target-sparc op.c translate.c

2008-03-02 Thread Blue Swirl 
CVSROOT:/cvsroot/qemu
Module name:qemu
Changes by: Blue Swirl   08/03/02 18:22:19

Modified files:
target-sparc   : op.c translate.c 

Log message:
 Convert addx, subx, next_insn and mov_pc_npc to TCG

CVSWeb URLs:
http://cvs.savannah.gnu.org/viewcvs/qemu/target-sparc/op.c?cvsroot=qemu&r1=1.48&r2=1.49
http://cvs.savannah.gnu.org/viewcvs/qemu/target-sparc/translate.c?cvsroot=qemu&r1=1.90&r2=1.91

[Qemu-devel] qemu/tcg tcg-op.h

2008-03-02 Thread Blue Swirl 
CVSROOT:/cvsroot/qemu
Module name:qemu
Changes by: Blue Swirl   08/03/02 18:20:59

Modified files:
tcg: tcg-op.h 

Log message:
 Add brcond_tl

CVSWeb URLs:
http://cvs.savannah.gnu.org/viewcvs/qemu/tcg/tcg-op.h?cvsroot=qemu&r1=1.6&r2=1.7

[Qemu-devel] [PATCH] GT64XXX: fix endianness issues

2008-03-02 Thread Aurelien Jarno 
The GT64XXX code has some endianness issues on big endian as shown by
lspci:
  00:00.0 Network and computing encryption device: Unknown device 2046:ab11 
(rev 06)
  00:0a.0 ISA bridge: Intel Corporation 82371AB/EB/MB PIIX4 ISA
  ...

The first device ID is obviously wrong.

This patch attempts to fix endianness issues:
- Byte swapping for internal GT64XXX registers is controlled by the bit
  12 of the Configuration Register and not by the PCI Internal Command
  register.
- The bit 0 of the PCI Internal Command register controls byte swapping
  for PCI access *except for the internal PCI device*, that is when both
  bus and device numbers are 0.

PCI access is now done directly via pci_data_read/write and not via
pci_host_data_readl/writel as the later functions assume that the host
always handle PCI data in its own endianness.

Signed-off-by: Aurelien Jarno <[EMAIL PROTECTED]>
---
 hw/gt64xxx.c |   19 ++-
 1 files changed, 14 insertions(+), 5 deletions(-)

diff --git a/hw/gt64xxx.c b/hw/gt64xxx.c
index 46d6a76..8e8adad 100644
--- a/hw/gt64xxx.c
+++ b/hw/gt64xxx.c
@@ -309,7 +309,7 @@ static void gt64120_writel (void *opaque, 
target_phys_addr_t addr,
 GT64120State *s = opaque;
 uint32_t saddr;
 
-if (!(s->regs[GT_PCI0_CMD] & 1))
+if (!(s->regs[GT_CPU] & 0x1000))
 val = bswap32(val);
 
 saddr = (addr & 0xfff) >> 2;
@@ -530,7 +530,10 @@ static void gt64120_writel (void *opaque, 
target_phys_addr_t addr,
 s->pci->config_reg = val & 0x80fc;
 break;
 case GT_PCI0_CFGDATA:
-pci_host_data_writel(s->pci, 0, val);
+if (!(s->regs[GT_PCI0_CMD] & 1) && (s->pci->config_reg & 0x00fff800))
+val = bswap32(val);
+if (s->pci->config_reg & (1u << 31))
+pci_data_write(s->pci->bus, s->pci->config_reg, val, 4);
 break;
 
 /* Interrupts */
@@ -767,7 +770,12 @@ static uint32_t gt64120_readl (void *opaque,
 val = s->pci->config_reg;
 break;
 case GT_PCI0_CFGDATA:
-val = pci_host_data_readl(s->pci, 0);
+if (!(s->pci->config_reg & (1 << 31)))
+val = 0x;
+else
+val = pci_data_read(s->pci->bus, s->pci->config_reg, 4);
+if (!(s->regs[GT_PCI0_CMD] & 1) && (s->pci->config_reg & 0x00fff800))
+val = bswap32(val);
 break;
 
 case GT_PCI0_CMD:
@@ -840,7 +848,7 @@ static uint32_t gt64120_readl (void *opaque,
 break;
 }
 
-if (!(s->regs[GT_PCI0_CMD] & 1))
+if (!(s->regs[GT_CPU] & 0x1000))
 val = bswap32(val);
 
 return val;
@@ -1069,7 +1077,6 @@ static void gt64120_reset(void *opaque)
 s->regs[GT_PCI1_CFGADDR]  = 0x;
 s->regs[GT_PCI1_CFGDATA]  = 0x;
 s->regs[GT_PCI0_CFGADDR]  = 0x;
-s->regs[GT_PCI0_CFGDATA]  = 0x;
 
 /* Interrupt registers are all zeroed at reset */
 
@@ -1114,8 +1121,10 @@ PCIBus *pci_gt64120_init(qemu_irq *pic)
 
 (void)&pci_host_data_writeb; /* avoid warning */
 (void)&pci_host_data_writew; /* avoid warning */
+(void)&pci_host_data_writel; /* avoid warning */
 (void)&pci_host_data_readb; /* avoid warning */
 (void)&pci_host_data_readw; /* avoid warning */
+(void)&pci_host_data_readl; /* avoid warning */
 
 s = qemu_mallocz(sizeof(GT64120State));
 s->pci = qemu_mallocz(sizeof(GT64120PCIState));
-- 
1.5.4.3


-- 
  .''`.  Aurelien Jarno | GPG: 1024D/F1BCDB73
 : :' :  Debian developer   | Electrical Engineer
 `. `'   [EMAIL PROTECTED] | [EMAIL PROTECTED]
   `-people.debian.org/~aurel32 | www.aurel32.net

[Qemu-devel] qemu Makefile.target hw/esp.c hw/sun4m.c hw/sun...

2008-03-02 Thread Blue Swirl 
CVSROOT:/cvsroot/qemu
Module name:qemu
Changes by: Blue Swirl   08/03/02 08:48:47

Modified files:
.  : Makefile.target 
hw : esp.c sun4m.c sun4m.h 
Added files:
hw : scsi.h 

Log message:
Let ESP SCSI adapter to be usable outside sun4m (Hervé Poussineau)

CVSWeb URLs:
http://cvs.savannah.gnu.org/viewcvs/qemu/Makefile.target?cvsroot=qemu&r1=1.246&r2=1.247
http://cvs.savannah.gnu.org/viewcvs/qemu/hw/esp.c?cvsroot=qemu&r1=1.33&r2=1.34
http://cvs.savannah.gnu.org/viewcvs/qemu/hw/sun4m.c?cvsroot=qemu&r1=1.85&r2=1.86
http://cvs.savannah.gnu.org/viewcvs/qemu/hw/sun4m.h?cvsroot=qemu&r1=1.10&r2=1.11
http://cvs.savannah.gnu.org/viewcvs/qemu/hw/scsi.h?cvsroot=qemu&rev=1.1