[Qemu-devel] [PATCH 06/12] hw/omap2.c : separate sdrc (sdram controller)
Signed-off-by: cmchao
---
Makefile.target |2 +-
hw/omap.h |2 +
hw/omap2.c | 144
hw/omap_sdrc.c | 165 +++
4 files changed, 168 insertions(+), 145 deletions(-)
create mode 100644 hw/omap_sdrc.c
diff --git a/Makefile.target b/Makefile.target
index e6abaa7..59dd0d4 100644
--- a/Makefile.target
+++ b/Makefile.target
@@ -264,7 +264,7 @@ obj-arm-y += pxa2xx_lcd.o pxa2xx_mmci.o pxa2xx_pcmcia.o
pxa2xx_keypad.o
obj-arm-y += gumstix.o
obj-arm-y += zaurus.o ide/microdrive.o spitz.o tosa.o tc6393xb.o
obj-arm-y += omap1.o omap_lcdc.o omap_dma.o omap_clk.o omap_mmc.o omap_i2c.o
omap_gpio.o
-obj-arm-y += omap2.o omap_dss.o soc_dma.o omap_gptimer.o omap_synctimer.o
omap_gpmc.o
+obj-arm-y += omap2.o omap_dss.o soc_dma.o omap_gptimer.o omap_synctimer.o
omap_gpmc.o omap_sdrc.o
obj-arm-y += omap_sx1.o palm.o tsc210x.o
obj-arm-y += nseries.o blizzard.o onenand.o vga.o cbus.o tusb6010.o usb-musb.o
obj-arm-y += mst_fpga.o mainstone.o
diff --git a/hw/omap.h b/hw/omap.h
index c596953..ad4a465 100644
--- a/hw/omap.h
+++ b/hw/omap.h
@@ -90,8 +90,10 @@ struct omap_sysctl_s;
struct omap_sysctl_s *omap_sysctl_init(struct omap_target_agent_s *ta,
omap_clk iclk, struct omap_mpu_state_s *mpu);
+/* OMAP2 SDRAM controller */
struct omap_sdrc_s;
struct omap_sdrc_s *omap_sdrc_init(target_phys_addr_t base);
+void omap_sdrc_reset(struct omap_sdrc_s *s);
/* OMAP2 general purpose memory controller */
struct omap_gpmc_s;
diff --git a/hw/omap2.c b/hw/omap2.c
index b1e5aae..e6d1b52 100644
--- a/hw/omap2.c
+++ b/hw/omap2.c
@@ -2844,150 +2844,6 @@ struct omap_sysctl_s *omap_sysctl_init(struct
omap_target_agent_s *ta,
return s;
}
-/* SDRAM Controller Subsystem */
-struct omap_sdrc_s {
-uint8_t config;
-};
-
-static void omap_sdrc_reset(struct omap_sdrc_s *s)
-{
-s->config = 0x10;
-}
-
-static uint32_t omap_sdrc_read(void *opaque, target_phys_addr_t addr)
-{
-struct omap_sdrc_s *s = (struct omap_sdrc_s *) opaque;
-
-switch (addr) {
-case 0x00: /* SDRC_REVISION */
-return 0x20;
-
-case 0x10: /* SDRC_SYSCONFIG */
-return s->config;
-
-case 0x14: /* SDRC_SYSSTATUS */
-return 1; /* RESETDONE */
-
-case 0x40: /* SDRC_CS_CFG */
-case 0x44: /* SDRC_SHARING */
-case 0x48: /* SDRC_ERR_ADDR */
-case 0x4c: /* SDRC_ERR_TYPE */
-case 0x60: /* SDRC_DLLA_SCTRL */
-case 0x64: /* SDRC_DLLA_STATUS */
-case 0x68: /* SDRC_DLLB_CTRL */
-case 0x6c: /* SDRC_DLLB_STATUS */
-case 0x70: /* SDRC_POWER */
-case 0x80: /* SDRC_MCFG_0 */
-case 0x84: /* SDRC_MR_0 */
-case 0x88: /* SDRC_EMR1_0 */
-case 0x8c: /* SDRC_EMR2_0 */
-case 0x90: /* SDRC_EMR3_0 */
-case 0x94: /* SDRC_DCDL1_CTRL */
-case 0x98: /* SDRC_DCDL2_CTRL */
-case 0x9c: /* SDRC_ACTIM_CTRLA_0 */
-case 0xa0: /* SDRC_ACTIM_CTRLB_0 */
-case 0xa4: /* SDRC_RFR_CTRL_0 */
-case 0xa8: /* SDRC_MANUAL_0 */
-case 0xb0: /* SDRC_MCFG_1 */
-case 0xb4: /* SDRC_MR_1 */
-case 0xb8: /* SDRC_EMR1_1 */
-case 0xbc: /* SDRC_EMR2_1 */
-case 0xc0: /* SDRC_EMR3_1 */
-case 0xc4: /* SDRC_ACTIM_CTRLA_1 */
-case 0xc8: /* SDRC_ACTIM_CTRLB_1 */
-case 0xd4: /* SDRC_RFR_CTRL_1 */
-case 0xd8: /* SDRC_MANUAL_1 */
-return 0x00;
-}
-
-OMAP_BAD_REG(addr);
-return 0;
-}
-
-static void omap_sdrc_write(void *opaque, target_phys_addr_t addr,
-uint32_t value)
-{
-struct omap_sdrc_s *s = (struct omap_sdrc_s *) opaque;
-
-switch (addr) {
-case 0x00: /* SDRC_REVISION */
-case 0x14: /* SDRC_SYSSTATUS */
-case 0x48: /* SDRC_ERR_ADDR */
-case 0x64: /* SDRC_DLLA_STATUS */
-case 0x6c: /* SDRC_DLLB_STATUS */
-OMAP_RO_REG(addr);
-return;
-
-case 0x10: /* SDRC_SYSCONFIG */
-if ((value >> 3) != 0x2)
-fprintf(stderr, "%s: bad SDRAM idle mode %i\n",
-__FUNCTION__, value >> 3);
-if (value & 2)
-omap_sdrc_reset(s);
-s->config = value & 0x18;
-break;
-
-case 0x40: /* SDRC_CS_CFG */
-case 0x44: /* SDRC_SHARING */
-case 0x4c: /* SDRC_ERR_TYPE */
-case 0x60: /* SDRC_DLLA_SCTRL */
-case 0x68: /* SDRC_DLLB_CTRL */
-case 0x70: /* SDRC_POWER */
-case 0x80: /* SDRC_MCFG_0 */
-case 0x84: /* SDRC_MR_0 */
-case 0x88: /* SDRC_EMR1_0 */
-case 0x8c: /* SDRC_EMR2_0 */
-case 0x90: /* SDRC_EMR3_0 */
-case 0x94: /* SDRC_DCDL1_CTRL */
-case 0x98: /* SDRC_DCDL2_CTRL */
-case 0x9c: /* SDRC_ACTIM_CTRLA_0 */
-case 0xa0: /* SDRC_ACTIM_CTRLB_0 */
-case 0xa4: /* SDRC_RFR_CTRL_0 */
-case 0xa8: /* SDRC_MANUAL_0 */
-case 0xb0: /* SDRC_MCFG_1 */
-case 0xb4: /* SDRC_MR_1 */
-case 0xb8: /* SDRC_EMR1_1 */
-case 0xbc: /* SDRC_EMR2_1 */
-case 0xc0: /* SDRC_EMR3_1 */
-case 0xc4: /
[Qemu-devel] [PATCH 07/12] hw/omap1.c : separate interrupt controller module
Signed-off-by: cmchao
---
Makefile.target |2 +-
hw/omap.h |2 +
hw/omap1.c | 576 +
hw/omap_intc.c | 598 +++
4 files changed, 603 insertions(+), 575 deletions(-)
create mode 100644 hw/omap_intc.c
diff --git a/Makefile.target b/Makefile.target
index 59dd0d4..9a309e2 100644
--- a/Makefile.target
+++ b/Makefile.target
@@ -263,7 +263,7 @@ obj-arm-y += pxa2xx.o pxa2xx_pic.o pxa2xx_gpio.o
pxa2xx_timer.o pxa2xx_dma.o
obj-arm-y += pxa2xx_lcd.o pxa2xx_mmci.o pxa2xx_pcmcia.o pxa2xx_keypad.o
obj-arm-y += gumstix.o
obj-arm-y += zaurus.o ide/microdrive.o spitz.o tosa.o tc6393xb.o
-obj-arm-y += omap1.o omap_lcdc.o omap_dma.o omap_clk.o omap_mmc.o omap_i2c.o
omap_gpio.o
+obj-arm-y += omap1.o omap_lcdc.o omap_dma.o omap_clk.o omap_mmc.o omap_i2c.o
omap_gpio.o omap_intc.o
obj-arm-y += omap2.o omap_dss.o soc_dma.o omap_gptimer.o omap_synctimer.o
omap_gpmc.o omap_sdrc.o
obj-arm-y += omap_sx1.o palm.o tsc210x.o
obj-arm-y += nseries.o blizzard.o onenand.o vga.o cbus.o tusb6010.o usb-musb.o
diff --git a/hw/omap.h b/hw/omap.h
index ad4a465..ea23ec9 100644
--- a/hw/omap.h
+++ b/hw/omap.h
@@ -71,6 +71,7 @@ target_phys_addr_t omap_l4_attach(struct omap_target_agent_s
*ta, int region,
int iotype);
# define l4_register_io_memory cpu_register_io_memory
+/* OMAP interrupt controller */
struct omap_intr_handler_s;
struct omap_intr_handler_s *omap_inth_init(target_phys_addr_t base,
unsigned long size, unsigned char nbanks, qemu_irq **pins,
@@ -80,6 +81,7 @@ struct omap_intr_handler_s
*omap2_inth_init(target_phys_addr_t base,
qemu_irq parent_irq, qemu_irq parent_fiq,
omap_clk fclk, omap_clk iclk);
void omap_inth_reset(struct omap_intr_handler_s *s);
+qemu_irq omap_inth_get_pin(struct omap_intr_handler_s *s, int n);
struct omap_prcm_s;
struct omap_prcm_s *omap_prcm_init(struct omap_target_agent_s *ta,
diff --git a/hw/omap1.c b/hw/omap1.c
index 8b78c05..21c53fe 100644
--- a/hw/omap1.c
+++ b/hw/omap1.c
@@ -79,578 +79,6 @@ void omap_badwidth_write32(void *opaque, target_phys_addr_t
addr,
cpu_physical_memory_write(addr, (void *) &value, 4);
}
-/* Interrupt Handlers */
-struct omap_intr_handler_bank_s {
-uint32_t irqs;
-uint32_t inputs;
-uint32_t mask;
-uint32_t fiq;
-uint32_t sens_edge;
-uint32_t swi;
-unsigned char priority[32];
-};
-
-struct omap_intr_handler_s {
-qemu_irq *pins;
-qemu_irq parent_intr[2];
-unsigned char nbanks;
-int level_only;
-
-/* state */
-uint32_t new_agr[2];
-int sir_intr[2];
-int autoidle;
-uint32_t mask;
-struct omap_intr_handler_bank_s bank[];
-};
-
-static void omap_inth_sir_update(struct omap_intr_handler_s *s, int is_fiq)
-{
-int i, j, sir_intr, p_intr, p, f;
-uint32_t level;
-sir_intr = 0;
-p_intr = 255;
-
-/* Find the interrupt line with the highest dynamic priority.
- * Note: 0 denotes the hightest priority.
- * If all interrupts have the same priority, the default order is IRQ_N,
- * IRQ_N-1,...,IRQ_0. */
-for (j = 0; j < s->nbanks; ++j) {
-level = s->bank[j].irqs & ~s->bank[j].mask &
-(is_fiq ? s->bank[j].fiq : ~s->bank[j].fiq);
-for (f = ffs(level), i = f - 1, level >>= f - 1; f; i += f,
-level >>= f) {
-p = s->bank[j].priority[i];
-if (p <= p_intr) {
-p_intr = p;
-sir_intr = 32 * j + i;
-}
-f = ffs(level >> 1);
-}
-}
-s->sir_intr[is_fiq] = sir_intr;
-}
-
-static inline void omap_inth_update(struct omap_intr_handler_s *s, int is_fiq)
-{
-int i;
-uint32_t has_intr = 0;
-
-for (i = 0; i < s->nbanks; ++i)
-has_intr |= s->bank[i].irqs & ~s->bank[i].mask &
-(is_fiq ? s->bank[i].fiq : ~s->bank[i].fiq);
-
-if (s->new_agr[is_fiq] & has_intr & s->mask) {
-s->new_agr[is_fiq] = 0;
-omap_inth_sir_update(s, is_fiq);
-qemu_set_irq(s->parent_intr[is_fiq], 1);
-}
-}
-
-#define INT_FALLING_EDGE 0
-#define INT_LOW_LEVEL 1
-
-static void omap_set_intr(void *opaque, int irq, int req)
-{
-struct omap_intr_handler_s *ih = (struct omap_intr_handler_s *) opaque;
-uint32_t rise;
-
-struct omap_intr_handler_bank_s *bank = &ih->bank[irq >> 5];
-int n = irq & 31;
-
-if (req) {
-rise = ~bank->irqs & (1 << n);
-if (~bank->sens_edge & (1 << n))
-rise &= ~bank->inputs;
-
-bank->inputs |= (1 << n);
-if (rise) {
-bank->irqs |= rise;
-omap_inth_update(ih, 0);
-omap_inth_update(ih, 1);
-}
-} else {
-rise = bank->sens_edge & bank->irqs & (1 << n);
-bank->irqs &= ~rise;
-bank->inputs &= ~(1 << n);
-}
-}
-
-/* Simplified version with no edge detect
[Qemu-devel] [PATCH 05/12] hw/omap2.c : separate gpmc(general purpose memory controller)
Signed-off-by: cmchao
---
Makefile.target |2 +-
hw/omap.h |2 +
hw/omap2.c | 396
hw/omap_gpmc.c | 419 +++
4 files changed, 422 insertions(+), 397 deletions(-)
create mode 100644 hw/omap_gpmc.c
diff --git a/Makefile.target b/Makefile.target
index 43c1708..e6abaa7 100644
--- a/Makefile.target
+++ b/Makefile.target
@@ -264,7 +264,7 @@ obj-arm-y += pxa2xx_lcd.o pxa2xx_mmci.o pxa2xx_pcmcia.o
pxa2xx_keypad.o
obj-arm-y += gumstix.o
obj-arm-y += zaurus.o ide/microdrive.o spitz.o tosa.o tc6393xb.o
obj-arm-y += omap1.o omap_lcdc.o omap_dma.o omap_clk.o omap_mmc.o omap_i2c.o
omap_gpio.o
-obj-arm-y += omap2.o omap_dss.o soc_dma.o omap_gptimer.o omap_synctimer.o
+obj-arm-y += omap2.o omap_dss.o soc_dma.o omap_gptimer.o omap_synctimer.o
omap_gpmc.o
obj-arm-y += omap_sx1.o palm.o tsc210x.o
obj-arm-y += nseries.o blizzard.o onenand.o vga.o cbus.o tusb6010.o usb-musb.o
obj-arm-y += mst_fpga.o mainstone.o
diff --git a/hw/omap.h b/hw/omap.h
index b898230..c596953 100644
--- a/hw/omap.h
+++ b/hw/omap.h
@@ -93,8 +93,10 @@ struct omap_sysctl_s *omap_sysctl_init(struct
omap_target_agent_s *ta,
struct omap_sdrc_s;
struct omap_sdrc_s *omap_sdrc_init(target_phys_addr_t base);
+/* OMAP2 general purpose memory controller */
struct omap_gpmc_s;
struct omap_gpmc_s *omap_gpmc_init(target_phys_addr_t base, qemu_irq irq);
+void omap_gpmc_reset(struct omap_gpmc_s *s);
void omap_gpmc_attach(struct omap_gpmc_s *s, int cs, int iomemtype,
void (*base_upd)(void *opaque, target_phys_addr_t new),
void (*unmap)(void *opaque), void *opaque);
diff --git a/hw/omap2.c b/hw/omap2.c
index e310eef..b1e5aae 100644
--- a/hw/omap2.c
+++ b/hw/omap2.c
@@ -2988,402 +2988,6 @@ struct omap_sdrc_s *omap_sdrc_init(target_phys_addr_t
base)
return s;
}
-/* General-Purpose Memory Controller */
-struct omap_gpmc_s {
-qemu_irq irq;
-
-uint8_t sysconfig;
-uint16_t irqst;
-uint16_t irqen;
-uint16_t timeout;
-uint16_t config;
-uint32_t prefconfig[2];
-int prefcontrol;
-int preffifo;
-int prefcount;
-struct omap_gpmc_cs_file_s {
-uint32_t config[7];
-target_phys_addr_t base;
-size_t size;
-int iomemtype;
-void (*base_update)(void *opaque, target_phys_addr_t new);
-void (*unmap)(void *opaque);
-void *opaque;
-} cs_file[8];
-int ecc_cs;
-int ecc_ptr;
-uint32_t ecc_cfg;
-ECCState ecc[9];
-};
-
-static void omap_gpmc_int_update(struct omap_gpmc_s *s)
-{
-qemu_set_irq(s->irq, s->irqen & s->irqst);
-}
-
-static void omap_gpmc_cs_map(struct omap_gpmc_cs_file_s *f, int base, int mask)
-{
-/* TODO: check for overlapping regions and report access errors */
-if ((mask != 0x8 && mask != 0xc && mask != 0xe && mask != 0xf) ||
-(base < 0 || base >= 0x40) ||
-(base & 0x0f & ~mask)) {
-fprintf(stderr, "%s: wrong cs address mapping/decoding!\n",
-__FUNCTION__);
-return;
-}
-
-if (!f->opaque)
-return;
-
-f->base = base << 24;
-f->size = (0x0fff & ~(mask << 24)) + 1;
-/* TODO: rather than setting the size of the mapping (which should be
- * constant), the mask should cause wrapping of the address space, so
- * that the same memory becomes accessible at every size bytes
- * starting from base. */
-if (f->iomemtype)
-cpu_register_physical_memory(f->base, f->size, f->iomemtype);
-
-if (f->base_update)
-f->base_update(f->opaque, f->base);
-}
-
-static void omap_gpmc_cs_unmap(struct omap_gpmc_cs_file_s *f)
-{
-if (f->size) {
-if (f->unmap)
-f->unmap(f->opaque);
-if (f->iomemtype)
-cpu_register_physical_memory(f->base, f->size, IO_MEM_UNASSIGNED);
-f->base = 0;
-f->size = 0;
-}
-}
-
-static void omap_gpmc_reset(struct omap_gpmc_s *s)
-{
-int i;
-
-s->sysconfig = 0;
-s->irqst = 0;
-s->irqen = 0;
-omap_gpmc_int_update(s);
-s->timeout = 0;
-s->config = 0xa00;
-s->prefconfig[0] = 0x4000;
-s->prefconfig[1] = 0x;
-s->prefcontrol = 0;
-s->preffifo = 0;
-s->prefcount = 0;
-for (i = 0; i < 8; i ++) {
-if (s->cs_file[i].config[6] & (1 << 6))/*
CSVALID */
-omap_gpmc_cs_unmap(s->cs_file + i);
-s->cs_file[i].config[0] = i ? 1 << 12 : 0;
-s->cs_file[i].config[1] = 0x101001;
-s->cs_file[i].config[2] = 0x020201;
-s->cs_file[i].config[3] = 0x10031003;
-s->cs_file[i].config[4] = 0x10f;
-s->cs_file[i].config[5] = 0;
-s->cs_file[i].config[6] = 0xf00 | (i ? 0 : 1 << 6);
-if (s->cs_file[i].config[6] & (1 << 6))/*
CSVALID */
-omap_gpmc_cs_map(&s->cs_file[i],
-
[Qemu-devel] [PATCH 10/12] hw/omwp2.c : separate l4 interconnect module
Signed-off-by: cmchao
---
Makefile.target |3 +-
hw/omap.h | 37 ++--
hw/omap2.c | 269 ++-
hw/omap_l4.c| 271 +++
4 files changed, 307 insertions(+), 273 deletions(-)
create mode 100644 hw/omap_l4.c
diff --git a/Makefile.target b/Makefile.target
index 39d2858..20bcb8a 100644
--- a/Makefile.target
+++ b/Makefile.target
@@ -264,7 +264,8 @@ obj-arm-y += pxa2xx_lcd.o pxa2xx_mmci.o pxa2xx_pcmcia.o
pxa2xx_keypad.o
obj-arm-y += gumstix.o
obj-arm-y += zaurus.o ide/microdrive.o spitz.o tosa.o tc6393xb.o
obj-arm-y += omap1.o omap_lcdc.o omap_dma.o omap_clk.o omap_mmc.o omap_i2c.o
omap_gpio.o omap_intc.o
-obj-arm-y += omap2.o omap_dss.o soc_dma.o omap_gptimer.o omap_synctimer.o
omap_gpmc.o omap_sdrc.o omap_spi.o omap_tap.o
+obj-arm-y += omap2.o omap_dss.o soc_dma.o omap_gptimer.o omap_synctimer.o \
+ omap_gpmc.o omap_sdrc.o omap_spi.o omap_tap.o omap_l4.o
obj-arm-y += omap_sx1.o palm.o tsc210x.o
obj-arm-y += nseries.o blizzard.o onenand.o vga.o cbus.o tusb6010.o usb-musb.o
obj-arm-y += mst_fpga.o mainstone.o
diff --git a/hw/omap.h b/hw/omap.h
index fef495a..34443b4 100644
--- a/hw/omap.h
+++ b/hw/omap.h
@@ -61,15 +61,40 @@ void omap_clk_setrate(omap_clk clk, int divide, int
multiply);
int64_t omap_clk_getrate(omap_clk clk);
void omap_clk_reparent(omap_clk clk, omap_clk parent);
-/* omap[123].c */
+/* OMAP2 l4 Interconnect */
struct omap_l4_s;
+struct omap_l4_region_s {
+target_phys_addr_t offset;
+size_t size;
+int access;
+};
+struct omap_l4_agent_info_s {
+int ta;
+int region;
+int regions;
+int ta_region;
+};
+struct omap_target_agent_s {
+struct omap_l4_s *bus;
+int regions;
+const struct omap_l4_region_s *start;
+target_phys_addr_t base;
+uint32_t component;
+uint32_t control;
+uint32_t status;
+};
struct omap_l4_s *omap_l4_init(target_phys_addr_t base, int ta_num);
struct omap_target_agent_s;
-struct omap_target_agent_s *omap_l4ta_get(struct omap_l4_s *bus, int cs);
+struct omap_target_agent_s *omap_l4ta_get(
+struct omap_l4_s *bus,
+const struct omap_l4_region_s *regions,
+const struct omap_l4_agent_info_s *agents,
+int cs);
target_phys_addr_t omap_l4_attach(struct omap_target_agent_s *ta, int region,
int iotype);
-# define l4_register_io_memory cpu_register_io_memory
+int l4_register_io_memory(CPUReadMemoryFunc * const *mem_read,
+CPUWriteMemoryFunc * const *mem_write, void *opaque);
/* OMAP interrupt controller */
struct omap_intr_handler_s;
@@ -1146,10 +1171,4 @@ inline static int
debug_register_io_memory(CPUReadMemoryFunc * const *mem_read,
/* Define when we want to reduce the number of IO regions registered. */
/*# define L4_MUX_HACK*/
-# ifdef L4_MUX_HACK
-# undef l4_register_io_memory
-int l4_register_io_memory(CPUReadMemoryFunc * const *mem_read,
- CPUWriteMemoryFunc * const *mem_write, void *opaque);
-# endif
-
#endif /* hw_omap_h */
diff --git a/hw/omap2.c b/hw/omap2.c
index 7403077..9bac954 100644
--- a/hw/omap2.c
+++ b/hw/omap2.c
@@ -795,195 +795,10 @@ static struct omap_sti_s *omap_sti_init(struct
omap_target_agent_s *ta,
}
/* L4 Interconnect */
-struct omap_target_agent_s {
-struct omap_l4_s *bus;
-int regions;
-struct omap_l4_region_s *start;
-target_phys_addr_t base;
-uint32_t component;
-uint32_t control;
-uint32_t status;
-};
-
-struct omap_l4_s {
-target_phys_addr_t base;
-int ta_num;
-struct omap_target_agent_s ta[0];
-};
-
-#ifdef L4_MUX_HACK
-static int omap_l4_io_entries;
-static int omap_cpu_io_entry;
-static struct omap_l4_entry {
-CPUReadMemoryFunc * const *mem_read;
-CPUWriteMemoryFunc * const *mem_write;
-void *opaque;
-} *omap_l4_io_entry;
-static CPUReadMemoryFunc * const *omap_l4_io_readb_fn;
-static CPUReadMemoryFunc * const *omap_l4_io_readh_fn;
-static CPUReadMemoryFunc * const *omap_l4_io_readw_fn;
-static CPUWriteMemoryFunc * const *omap_l4_io_writeb_fn;
-static CPUWriteMemoryFunc * const *omap_l4_io_writeh_fn;
-static CPUWriteMemoryFunc * const *omap_l4_io_writew_fn;
-static void **omap_l4_io_opaque;
-
-int l4_register_io_memory(CPUReadMemoryFunc * const *mem_read,
-CPUWriteMemoryFunc * const *mem_write, void *opaque)
-{
-omap_l4_io_entry[omap_l4_io_entries].mem_read = mem_read;
-omap_l4_io_entry[omap_l4_io_entries].mem_write = mem_write;
-omap_l4_io_entry[omap_l4_io_entries].opaque = opaque;
-
-return omap_l4_io_entries ++;
-}
-
-static uint32_t omap_l4_io_readb(void *opaque, target_phys_addr_t addr)
-{
-unsigned int i = (addr - OMAP2_L4_BASE) >> TARGET_PAGE_BITS;
-
-return omap_l4_io_readb_fn[i](omap_l4_io_opaque[i], addr);
-}
-
-static uint32_t omap_l4_io_readh(void *opaque, target_phys_addr_t addr)
-{
-unsigned int i = (addr - OMAP2_L4_BASE) >> TARGET_
[Qemu-devel] [PATCH 12/12] hw/omap : make local function static and remove declaration from header
Signed-off-by: cmchao
---
hw/omap.h | 36
hw/omap1.c | 10 +-
hw/omap2.c |6 +++---
3 files changed, 8 insertions(+), 44 deletions(-)
diff --git a/hw/omap.h b/hw/omap.h
index 34443b4..18eb72b 100644
--- a/hw/omap.h
+++ b/hw/omap.h
@@ -108,15 +108,6 @@ struct omap_intr_handler_s
*omap2_inth_init(target_phys_addr_t base,
void omap_inth_reset(struct omap_intr_handler_s *s);
qemu_irq omap_inth_get_pin(struct omap_intr_handler_s *s, int n);
-struct omap_prcm_s;
-struct omap_prcm_s *omap_prcm_init(struct omap_target_agent_s *ta,
-qemu_irq mpu_int, qemu_irq dsp_int, qemu_irq iva_int,
-struct omap_mpu_state_s *mpu);
-
-struct omap_sysctl_s;
-struct omap_sysctl_s *omap_sysctl_init(struct omap_target_agent_s *ta,
-omap_clk iclk, struct omap_mpu_state_s *mpu);
-
/* OMAP2 SDRAM controller */
struct omap_sdrc_s;
struct omap_sdrc_s *omap_sdrc_init(target_phys_addr_t base);
@@ -658,34 +649,18 @@ struct omap_dma_lcd_channel_s {
# define OMAP24XX_DMA_EXT_DMAREQ5 64
/* omap[123].c */
-struct omap_mpu_timer_s;
-struct omap_mpu_timer_s *omap_mpu_timer_init(target_phys_addr_t base,
-qemu_irq irq, omap_clk clk);
-
/* OMAP2 gp timer */
struct omap_gp_timer_s;
struct omap_gp_timer_s *omap_gp_timer_init(struct omap_target_agent_s *ta,
qemu_irq irq, omap_clk fclk, omap_clk iclk);
void omap_gp_timer_reset(struct omap_gp_timer_s *s);
-struct omap_watchdog_timer_s;
-struct omap_watchdog_timer_s *omap_wd_timer_init(target_phys_addr_t base,
-qemu_irq irq, omap_clk clk);
-
-struct omap_32khz_timer_s;
-struct omap_32khz_timer_s *omap_os_timer_init(target_phys_addr_t base,
-qemu_irq irq, omap_clk clk);
-
/* OMAP2 sysctimer */
struct omap_synctimer_s;
struct omap_synctimer_s *omap_synctimer_init(struct omap_target_agent_s *ta,
struct omap_mpu_state_s *mpu, omap_clk fclk, omap_clk iclk);
void omap_synctimer_reset(struct omap_synctimer_s *s);
-struct omap_tipb_bridge_s;
-struct omap_tipb_bridge_s *omap_tipb_bridge_init(target_phys_addr_t base,
-qemu_irq abort_irq, omap_clk clk);
-
struct omap_uart_s;
struct omap_uart_s *omap_uart_init(target_phys_addr_t base,
qemu_irq irq, omap_clk fclk, omap_clk iclk,
@@ -740,10 +715,6 @@ void omap_mcspi_attach(struct omap_mcspi_s *s,
int chipselect);
void omap_mcspi_reset(struct omap_mcspi_s *s);
-struct omap_rtc_s;
-struct omap_rtc_s *omap_rtc_init(target_phys_addr_t base,
-qemu_irq *irq, omap_clk clk);
-
struct I2SCodec {
void *opaque;
@@ -773,16 +744,9 @@ struct omap_mcbsp_s *omap_mcbsp_init(target_phys_addr_t
base,
qemu_irq *irq, qemu_irq *dma, omap_clk clk);
void omap_mcbsp_i2s_attach(struct omap_mcbsp_s *s, I2SCodec *slave);
-struct omap_lpg_s;
-struct omap_lpg_s *omap_lpg_init(target_phys_addr_t base, omap_clk clk);
-
void omap_tap_init(struct omap_target_agent_s *ta,
struct omap_mpu_state_s *mpu);
-struct omap_eac_s;
-struct omap_eac_s *omap_eac_init(struct omap_target_agent_s *ta,
-qemu_irq irq, qemu_irq *drq, omap_clk fclk, omap_clk iclk);
-
/* omap_lcdc.c */
struct omap_lcd_panel_s;
void omap_lcdc_reset(struct omap_lcd_panel_s *s);
diff --git a/hw/omap1.c b/hw/omap1.c
index 301eec5..e38fd83 100644
--- a/hw/omap1.c
+++ b/hw/omap1.c
@@ -247,7 +247,7 @@ static void omap_mpu_timer_reset(struct omap_mpu_timer_s *s)
s->it_ena = 1;
}
-struct omap_mpu_timer_s *omap_mpu_timer_init(target_phys_addr_t base,
+static struct omap_mpu_timer_s *omap_mpu_timer_init(target_phys_addr_t base,
qemu_irq irq, omap_clk clk)
{
int iomemtype;
@@ -371,7 +371,7 @@ static void omap_wd_timer_reset(struct
omap_watchdog_timer_s *s)
omap_timer_update(&s->timer);
}
-struct omap_watchdog_timer_s *omap_wd_timer_init(target_phys_addr_t base,
+static struct omap_watchdog_timer_s *omap_wd_timer_init(target_phys_addr_t
base,
qemu_irq irq, omap_clk clk)
{
int iomemtype;
@@ -473,7 +473,7 @@ static void omap_os_timer_reset(struct omap_32khz_timer_s
*s)
s->timer.ar = 1;
}
-struct omap_32khz_timer_s *omap_os_timer_init(target_phys_addr_t base,
+static struct omap_32khz_timer_s *omap_os_timer_init(target_phys_addr_t base,
qemu_irq irq, omap_clk clk)
{
int iomemtype;
@@ -1180,7 +1180,7 @@ static void omap_tipb_bridge_reset(struct
omap_tipb_bridge_s *s)
s->enh_control = 0x000f;
}
-struct omap_tipb_bridge_s *omap_tipb_bridge_init(target_phys_addr_t base,
+static struct omap_tipb_bridge_s *omap_tipb_bridge_init(target_phys_addr_t
base,
qemu_irq abort_irq, omap_clk clk)
{
int iomemtype;
@@ -3506,7 +3506,7 @@ static void omap_lpg_clk_update(void *opaque, int line,
int on)
omap_lpg_update(s);
}
-struct omap_lpg_s *omap_lpg_init(target_phys_addr_t base, omap_clk cl
[Qemu-devel] [PATCH 04/12] hw/omap2.c : separate synctimer module
Signed-off-by: cmchao
---
Makefile.target |2 +-
hw/omap.h | 11 +++---
hw/omap2.c | 72 +-
hw/omap_synctimer.c | 96 +++
4 files changed, 104 insertions(+), 77 deletions(-)
create mode 100644 hw/omap_synctimer.c
diff --git a/Makefile.target b/Makefile.target
index c29dee0..43c1708 100644
--- a/Makefile.target
+++ b/Makefile.target
@@ -264,7 +264,7 @@ obj-arm-y += pxa2xx_lcd.o pxa2xx_mmci.o pxa2xx_pcmcia.o
pxa2xx_keypad.o
obj-arm-y += gumstix.o
obj-arm-y += zaurus.o ide/microdrive.o spitz.o tosa.o tc6393xb.o
obj-arm-y += omap1.o omap_lcdc.o omap_dma.o omap_clk.o omap_mmc.o omap_i2c.o
omap_gpio.o
-obj-arm-y += omap2.o omap_dss.o soc_dma.o omap_gptimer.o
+obj-arm-y += omap2.o omap_dss.o soc_dma.o omap_gptimer.o omap_synctimer.o
obj-arm-y += omap_sx1.o palm.o tsc210x.o
obj-arm-y += nseries.o blizzard.o onenand.o vga.o cbus.o tusb6010.o usb-musb.o
obj-arm-y += mst_fpga.o mainstone.o
diff --git a/hw/omap.h b/hw/omap.h
index 14fdb6f..b898230 100644
--- a/hw/omap.h
+++ b/hw/omap.h
@@ -645,8 +645,11 @@ struct omap_32khz_timer_s;
struct omap_32khz_timer_s *omap_os_timer_init(target_phys_addr_t base,
qemu_irq irq, omap_clk clk);
-void omap_synctimer_init(struct omap_target_agent_s *ta,
+/* OMAP2 sysctimer */
+struct omap_synctimer_s;
+struct omap_synctimer_s *omap_synctimer_init(struct omap_target_agent_s *ta,
struct omap_mpu_state_s *mpu, omap_clk fclk, omap_clk iclk);
+void omap_synctimer_reset(struct omap_synctimer_s *s);
struct omap_tipb_bridge_s;
struct omap_tipb_bridge_s *omap_tipb_bridge_init(target_phys_addr_t base,
@@ -939,11 +942,7 @@ struct omap_mpu_state_s {
struct omap_l4_s *l4;
struct omap_gp_timer_s *gptimer[12];
-
-struct omap_synctimer_s {
-uint32_t val;
-uint16_t readh;
-} synctimer;
+struct omap_synctimer_s *synctimer;
struct omap_prcm_s *prcm;
struct omap_sdrc_s *sdrc;
diff --git a/hw/omap2.c b/hw/omap2.c
index 890397b..e310eef 100644
--- a/hw/omap2.c
+++ b/hw/omap2.c
@@ -27,74 +27,6 @@
#include "soc_dma.h"
#include "audio/audio.h"
-/* 32-kHz Sync Timer of the OMAP2 */
-static uint32_t omap_synctimer_read(struct omap_synctimer_s *s) {
-return muldiv64(qemu_get_clock(vm_clock), 0x8000, get_ticks_per_sec());
-}
-
-static void omap_synctimer_reset(struct omap_synctimer_s *s)
-{
-s->val = omap_synctimer_read(s);
-}
-
-static uint32_t omap_synctimer_readw(void *opaque, target_phys_addr_t addr)
-{
-struct omap_synctimer_s *s = (struct omap_synctimer_s *) opaque;
-
-switch (addr) {
-case 0x00: /* 32KSYNCNT_REV */
-return 0x21;
-
-case 0x10: /* CR */
-return omap_synctimer_read(s) - s->val;
-}
-
-OMAP_BAD_REG(addr);
-return 0;
-}
-
-static uint32_t omap_synctimer_readh(void *opaque, target_phys_addr_t addr)
-{
-struct omap_synctimer_s *s = (struct omap_synctimer_s *) opaque;
-uint32_t ret;
-
-if (addr & 2)
-return s->readh;
-else {
-ret = omap_synctimer_readw(opaque, addr);
-s->readh = ret >> 16;
-return ret & 0x;
-}
-}
-
-static CPUReadMemoryFunc * const omap_synctimer_readfn[] = {
-omap_badwidth_read32,
-omap_synctimer_readh,
-omap_synctimer_readw,
-};
-
-static void omap_synctimer_write(void *opaque, target_phys_addr_t addr,
-uint32_t value)
-{
-OMAP_BAD_REG(addr);
-}
-
-static CPUWriteMemoryFunc * const omap_synctimer_writefn[] = {
-omap_badwidth_write32,
-omap_synctimer_write,
-omap_synctimer_write,
-};
-
-void omap_synctimer_init(struct omap_target_agent_s *ta,
-struct omap_mpu_state_s *mpu, omap_clk fclk, omap_clk iclk)
-{
-struct omap_synctimer_s *s = &mpu->synctimer;
-
-omap_synctimer_reset(s);
-omap_l4_attach(ta, 0, l4_register_io_memory(
- omap_synctimer_readfn, omap_synctimer_writefn, s));
-}
-
/* Multichannel SPI */
struct omap_mcspi_s {
qemu_irq irq;
@@ -3473,7 +3405,7 @@ static void omap2_mpu_reset(void *opaque)
omap_gp_timer_reset(mpu->gptimer[9]);
omap_gp_timer_reset(mpu->gptimer[10]);
omap_gp_timer_reset(mpu->gptimer[11]);
-omap_synctimer_reset(&mpu->synctimer);
+omap_synctimer_reset(mpu->synctimer);
omap_sdrc_reset(mpu->sdrc);
omap_gpmc_reset(mpu->gpmc);
omap_dss_reset(mpu->dss);
@@ -3634,7 +3566,7 @@ struct omap_mpu_state_s *omap2420_mpu_init(unsigned long
sdram_size,
omap_tap_init(omap_l4ta(s->l4, 2), s);
-omap_synctimer_init(omap_l4tao(s->l4, 2), s,
+s->synctimer = omap_synctimer_init(omap_l4tao(s->l4, 2), s,
omap_findclk(s, "clk32-kHz"),
omap_findclk(s, "core_l4_iclk"));
diff --git a/hw/omap_synctimer.c b/hw/omap_synctimer.c
new file mode 100644
index 000..118668a
--- /dev/null
+++ b/hw/omap_synctimer.c
@@ -0,0 +1,96 @@
+/*
+ * TI OMAP2 32kHz sync timer
[Qemu-devel] [PATCH 03/12] hw/omap2.c : separate gptimer module
Signed-off-by: cmchao
---
Makefile.target |2 +-
hw/omap.h |2 +
hw/omap2.c| 462 --
hw/omap_gptimer.c | 484 +
4 files changed, 487 insertions(+), 463 deletions(-)
create mode 100644 hw/omap_gptimer.c
diff --git a/Makefile.target b/Makefile.target
index eb5c84a..c29dee0 100644
--- a/Makefile.target
+++ b/Makefile.target
@@ -264,7 +264,7 @@ obj-arm-y += pxa2xx_lcd.o pxa2xx_mmci.o pxa2xx_pcmcia.o
pxa2xx_keypad.o
obj-arm-y += gumstix.o
obj-arm-y += zaurus.o ide/microdrive.o spitz.o tosa.o tc6393xb.o
obj-arm-y += omap1.o omap_lcdc.o omap_dma.o omap_clk.o omap_mmc.o omap_i2c.o
omap_gpio.o
-obj-arm-y += omap2.o omap_dss.o soc_dma.o
+obj-arm-y += omap2.o omap_dss.o soc_dma.o omap_gptimer.o
obj-arm-y += omap_sx1.o palm.o tsc210x.o
obj-arm-y += nseries.o blizzard.o onenand.o vga.o cbus.o tusb6010.o usb-musb.o
obj-arm-y += mst_fpga.o mainstone.o
diff --git a/hw/omap.h b/hw/omap.h
index a37ee54..14fdb6f 100644
--- a/hw/omap.h
+++ b/hw/omap.h
@@ -631,9 +631,11 @@ struct omap_mpu_timer_s;
struct omap_mpu_timer_s *omap_mpu_timer_init(target_phys_addr_t base,
qemu_irq irq, omap_clk clk);
+/* OMAP2 gp timer */
struct omap_gp_timer_s;
struct omap_gp_timer_s *omap_gp_timer_init(struct omap_target_agent_s *ta,
qemu_irq irq, omap_clk fclk, omap_clk iclk);
+void omap_gp_timer_reset(struct omap_gp_timer_s *s);
struct omap_watchdog_timer_s;
struct omap_watchdog_timer_s *omap_wd_timer_init(target_phys_addr_t base,
diff --git a/hw/omap2.c b/hw/omap2.c
index bf5539d..890397b 100644
--- a/hw/omap2.c
+++ b/hw/omap2.c
@@ -27,468 +27,6 @@
#include "soc_dma.h"
#include "audio/audio.h"
-/* GP timers */
-struct omap_gp_timer_s {
-qemu_irq irq;
-qemu_irq wkup;
-qemu_irq in;
-qemu_irq out;
-omap_clk clk;
-QEMUTimer *timer;
-QEMUTimer *match;
-struct omap_target_agent_s *ta;
-
-int in_val;
-int out_val;
-int64_t time;
-int64_t rate;
-int64_t ticks_per_sec;
-
-int16_t config;
-int status;
-int it_ena;
-int wu_ena;
-int enable;
-int inout;
-int capt2;
-int pt;
-enum {
-gpt_trigger_none, gpt_trigger_overflow, gpt_trigger_both
-} trigger;
-enum {
-gpt_capture_none, gpt_capture_rising,
-gpt_capture_falling, gpt_capture_both
-} capture;
-int scpwm;
-int ce;
-int pre;
-int ptv;
-int ar;
-int st;
-int posted;
-uint32_t val;
-uint32_t load_val;
-uint32_t capture_val[2];
-uint32_t match_val;
-int capt_num;
-
-uint16_t writeh; /* LSB */
-uint16_t readh;/* MSB */
-};
-
-#define GPT_TCAR_IT(1 << 2)
-#define GPT_OVF_IT (1 << 1)
-#define GPT_MAT_IT (1 << 0)
-
-static inline void omap_gp_timer_intr(struct omap_gp_timer_s *timer, int it)
-{
-if (timer->it_ena & it) {
-if (!timer->status)
-qemu_irq_raise(timer->irq);
-
-timer->status |= it;
-/* Or are the status bits set even when masked?
- * i.e. is masking applied before or after the status register? */
-}
-
-if (timer->wu_ena & it)
-qemu_irq_pulse(timer->wkup);
-}
-
-static inline void omap_gp_timer_out(struct omap_gp_timer_s *timer, int level)
-{
-if (!timer->inout && timer->out_val != level) {
-timer->out_val = level;
-qemu_set_irq(timer->out, level);
-}
-}
-
-static inline uint32_t omap_gp_timer_read(struct omap_gp_timer_s *timer)
-{
-uint64_t distance;
-
-if (timer->st && timer->rate) {
-distance = qemu_get_clock(vm_clock) - timer->time;
-distance = muldiv64(distance, timer->rate, timer->ticks_per_sec);
-
-if (distance >= 0x - timer->val)
-return 0x;
-else
-return timer->val + distance;
-} else
-return timer->val;
-}
-
-static inline void omap_gp_timer_sync(struct omap_gp_timer_s *timer)
-{
-if (timer->st) {
-timer->val = omap_gp_timer_read(timer);
-timer->time = qemu_get_clock(vm_clock);
-}
-}
-
-static inline void omap_gp_timer_update(struct omap_gp_timer_s *timer)
-{
-int64_t expires, matches;
-
-if (timer->st && timer->rate) {
-expires = muldiv64(0x1ll - timer->val,
-timer->ticks_per_sec, timer->rate);
-qemu_mod_timer(timer->timer, timer->time + expires);
-
-if (timer->ce && timer->match_val >= timer->val) {
-matches = muldiv64(timer->match_val - timer->val,
-timer->ticks_per_sec, timer->rate);
-qemu_mod_timer(timer->match, timer->time + matches);
-} else
-qemu_del_timer(timer->match);
-} else {
-qemu_del_timer(timer->timer);
-qemu_del_timer(timer->match);
-omap_gp_timer_out(timer, timer->scpwm);
-}
-}
-
-static inline void omap_gp_timer_trigger(struct
[Qemu-devel] [PATCH 09/12] hw/omap2.c : separate tap module(Test-Chip-level)
Signed-off-by: cmchao
---
Makefile.target |2 +-
hw/omap2.c | 90
hw/omap_tap.c | 112 +++
3 files changed, 113 insertions(+), 91 deletions(-)
create mode 100644 hw/omap_tap.c
diff --git a/Makefile.target b/Makefile.target
index 1edec6f..39d2858 100644
--- a/Makefile.target
+++ b/Makefile.target
@@ -264,7 +264,7 @@ obj-arm-y += pxa2xx_lcd.o pxa2xx_mmci.o pxa2xx_pcmcia.o
pxa2xx_keypad.o
obj-arm-y += gumstix.o
obj-arm-y += zaurus.o ide/microdrive.o spitz.o tosa.o tc6393xb.o
obj-arm-y += omap1.o omap_lcdc.o omap_dma.o omap_clk.o omap_mmc.o omap_i2c.o
omap_gpio.o omap_intc.o
-obj-arm-y += omap2.o omap_dss.o soc_dma.o omap_gptimer.o omap_synctimer.o
omap_gpmc.o omap_sdrc.o omap_spi.o
+obj-arm-y += omap2.o omap_dss.o soc_dma.o omap_gptimer.o omap_synctimer.o
omap_gpmc.o omap_sdrc.o omap_spi.o omap_tap.o
obj-arm-y += omap_sx1.o palm.o tsc210x.o
obj-arm-y += nseries.o blizzard.o onenand.o vga.o cbus.o tusb6010.o usb-musb.o
obj-arm-y += mst_fpga.o mainstone.o
diff --git a/hw/omap2.c b/hw/omap2.c
index ae6394e..7403077 100644
--- a/hw/omap2.c
+++ b/hw/omap2.c
@@ -1245,96 +1245,6 @@ target_phys_addr_t omap_l4_attach(struct
omap_target_agent_s *ta, int region,
return base;
}
-/* TEST-Chip-level TAP */
-static uint32_t omap_tap_read(void *opaque, target_phys_addr_t addr)
-{
-struct omap_mpu_state_s *s = (struct omap_mpu_state_s *) opaque;
-
-switch (addr) {
-case 0x204:/* IDCODE_reg */
-switch (s->mpu_model) {
-case omap2420:
-case omap2422:
-case omap2423:
-return 0x5b5d902f; /* ES 2.2 */
-case omap2430:
-return 0x5b68a02f; /* ES 2.2 */
-case omap3430:
-return 0x1b7ae02f; /* ES 2 */
-default:
-hw_error("%s: Bad mpu model\n", __FUNCTION__);
-}
-
-case 0x208:/* PRODUCTION_ID_reg for OMAP2 */
-case 0x210:/* PRODUCTION_ID_reg for OMAP3 */
-switch (s->mpu_model) {
-case omap2420:
-return 0x000254f0; /* POP ESHS2.1.1 in N91/93/95, ES2 in N800 */
-case omap2422:
-return 0x000400f0;
-case omap2423:
-return 0x000800f0;
-case omap2430:
-return 0x00f0;
-case omap3430:
-return 0x00f0;
-default:
-hw_error("%s: Bad mpu model\n", __FUNCTION__);
-}
-
-case 0x20c:
-switch (s->mpu_model) {
-case omap2420:
-case omap2422:
-case omap2423:
-return 0xcafeb5d9; /* ES 2.2 */
-case omap2430:
-return 0xcafeb68a; /* ES 2.2 */
-case omap3430:
-return 0xcafeb7ae; /* ES 2 */
-default:
-hw_error("%s: Bad mpu model\n", __FUNCTION__);
-}
-
-case 0x218:/* DIE_ID_reg */
-return ('Q' << 24) | ('E' << 16) | ('M' << 8) | ('U' << 0);
-case 0x21c:/* DIE_ID_reg */
-return 0x54 << 24;
-case 0x220:/* DIE_ID_reg */
-return ('Q' << 24) | ('E' << 16) | ('M' << 8) | ('U' << 0);
-case 0x224:/* DIE_ID_reg */
-return ('Q' << 24) | ('E' << 16) | ('M' << 8) | ('U' << 0);
-}
-
-OMAP_BAD_REG(addr);
-return 0;
-}
-
-static void omap_tap_write(void *opaque, target_phys_addr_t addr,
-uint32_t value)
-{
-OMAP_BAD_REG(addr);
-}
-
-static CPUReadMemoryFunc * const omap_tap_readfn[] = {
-omap_badwidth_read32,
-omap_badwidth_read32,
-omap_tap_read,
-};
-
-static CPUWriteMemoryFunc * const omap_tap_writefn[] = {
-omap_badwidth_write32,
-omap_badwidth_write32,
-omap_tap_write,
-};
-
-void omap_tap_init(struct omap_target_agent_s *ta,
-struct omap_mpu_state_s *mpu)
-{
-omap_l4_attach(ta, 0, l4_register_io_memory(
-omap_tap_readfn, omap_tap_writefn, mpu));
-}
-
/* Power, Reset, and Clock Management */
struct omap_prcm_s {
qemu_irq irq[3];
diff --git a/hw/omap_tap.c b/hw/omap_tap.c
new file mode 100644
index 000..1f18ddd
--- /dev/null
+++ b/hw/omap_tap.c
@@ -0,0 +1,112 @@
+/*
+ * TI OMAP TEST-Chip-level TAP emulation.
+ *
+ * Copyright (C) 2007-2008 Nokia Corporation
+ * Written by Andrzej Zaborowski
+ *
+ * This program is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU General Public License as
+ * published by the Free Software Foundation; either version 2 or
+ * (at your option) any later version of the License.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License along
+ * with this program; if not, see
[Qemu-devel] [PATCH 02/12] hw/omap2.c : separate gpio module
Signed-off-by: cmchao
---
hw/omap.h |3 +
hw/omap2.c | 523
hw/omap_gpio.c | 523
3 files changed, 526 insertions(+), 523 deletions(-)
diff --git a/hw/omap.h b/hw/omap.h
index ebd166f..a37ee54 100644
--- a/hw/omap.h
+++ b/hw/omap.h
@@ -668,6 +668,7 @@ qemu_irq *omap_mpuio_in_get(struct omap_mpuio_s *s);
void omap_mpuio_out_set(struct omap_mpuio_s *s, int line, qemu_irq handler);
void omap_mpuio_key(struct omap_mpuio_s *s, int row, int col, int down);
+/* omap1 gpio module interface */
struct omap_gpio_s;
struct omap_gpio_s *omap_gpio_init(target_phys_addr_t base,
qemu_irq irq, omap_clk clk);
@@ -675,9 +676,11 @@ void omap_gpio_reset(struct omap_gpio_s *s);
qemu_irq *omap_gpio_in_get(struct omap_gpio_s *s);
void omap_gpio_out_set(struct omap_gpio_s *s, int line, qemu_irq handler);
+/* omap2 gpio interface */
struct omap_gpif_s;
struct omap_gpif_s *omap2_gpio_init(struct omap_target_agent_s *ta,
qemu_irq *irq, omap_clk *fclk, omap_clk iclk, int modules);
+void omap_gpif_reset(struct omap_gpif_s *s);
qemu_irq *omap2_gpio_in_get(struct omap_gpif_s *s, int start);
void omap2_gpio_out_set(struct omap_gpif_s *s, int line, qemu_irq handler);
diff --git a/hw/omap2.c b/hw/omap2.c
index bd1b35e..bf5539d 100644
--- a/hw/omap2.c
+++ b/hw/omap2.c
@@ -557,529 +557,6 @@ void omap_synctimer_init(struct omap_target_agent_s *ta,
omap_synctimer_readfn, omap_synctimer_writefn, s));
}
-/* General-Purpose Interface of OMAP2 */
-struct omap2_gpio_s {
-qemu_irq irq[2];
-qemu_irq wkup;
-qemu_irq *in;
-qemu_irq handler[32];
-
-uint8_t config[2];
-uint32_t inputs;
-uint32_t outputs;
-uint32_t dir;
-uint32_t level[2];
-uint32_t edge[2];
-uint32_t mask[2];
-uint32_t wumask;
-uint32_t ints[2];
-uint32_t debounce;
-uint8_t delay;
-};
-
-static inline void omap_gpio_module_int_update(struct omap2_gpio_s *s,
-int line)
-{
-qemu_set_irq(s->irq[line], s->ints[line] & s->mask[line]);
-}
-
-static void omap_gpio_module_wake(struct omap2_gpio_s *s, int line)
-{
-if (!(s->config[0] & (1 << 2)))/* ENAWAKEUP */
-return;
-if (!(s->config[0] & (3 << 3)))/* Force Idle */
-return;
-if (!(s->wumask & (1 << line)))
-return;
-
-qemu_irq_raise(s->wkup);
-}
-
-static inline void omap_gpio_module_out_update(struct omap2_gpio_s *s,
-uint32_t diff)
-{
-int ln;
-
-s->outputs ^= diff;
-diff &= ~s->dir;
-while ((ln = ffs(diff))) {
-ln --;
-qemu_set_irq(s->handler[ln], (s->outputs >> ln) & 1);
-diff &= ~(1 << ln);
-}
-}
-
-static void omap_gpio_module_level_update(struct omap2_gpio_s *s, int line)
-{
-s->ints[line] |= s->dir &
-((s->inputs & s->level[1]) | (~s->inputs & s->level[0]));
-omap_gpio_module_int_update(s, line);
-}
-
-static inline void omap_gpio_module_int(struct omap2_gpio_s *s, int line)
-{
-s->ints[0] |= 1 << line;
-omap_gpio_module_int_update(s, 0);
-s->ints[1] |= 1 << line;
-omap_gpio_module_int_update(s, 1);
-omap_gpio_module_wake(s, line);
-}
-
-static void omap_gpio_module_set(void *opaque, int line, int level)
-{
-struct omap2_gpio_s *s = (struct omap2_gpio_s *) opaque;
-
-if (level) {
-if (s->dir & (1 << line) & ((~s->inputs & s->edge[0]) | s->level[1]))
-omap_gpio_module_int(s, line);
-s->inputs |= 1 << line;
-} else {
-if (s->dir & (1 << line) & ((s->inputs & s->edge[1]) | s->level[0]))
-omap_gpio_module_int(s, line);
-s->inputs &= ~(1 << line);
-}
-}
-
-static void omap_gpio_module_reset(struct omap2_gpio_s *s)
-{
-s->config[0] = 0;
-s->config[1] = 2;
-s->ints[0] = 0;
-s->ints[1] = 0;
-s->mask[0] = 0;
-s->mask[1] = 0;
-s->wumask = 0;
-s->dir = ~0;
-s->level[0] = 0;
-s->level[1] = 0;
-s->edge[0] = 0;
-s->edge[1] = 0;
-s->debounce = 0;
-s->delay = 0;
-}
-
-static uint32_t omap_gpio_module_read(void *opaque, target_phys_addr_t addr)
-{
-struct omap2_gpio_s *s = (struct omap2_gpio_s *) opaque;
-
-switch (addr) {
-case 0x00: /* GPIO_REVISION */
-return 0x18;
-
-case 0x10: /* GPIO_SYSCONFIG */
-return s->config[0];
-
-case 0x14: /* GPIO_SYSSTATUS */
-return 0x01;
-
-case 0x18: /* GPIO_IRQSTATUS1 */
-return s->ints[0];
-
-case 0x1c: /* GPIO_IRQENABLE1 */
-case 0x60: /* GPIO_CLEARIRQENABLE1 */
-case 0x64: /* GPIO_SETIRQENABLE1 */
-return s->mask[0];
-
-case 0x20: /* GPIO_WAKEUPENABLE */
-case 0x80: /* GPIO_CLEARWKUENA */
-case 0x84: /* GPIO_SETWKUENA */
-return s->wumask;
-
-case 0x28: /* GPIO_IRQSTATUS2 */
-return s->ints[1];
-
-case 0x2c: /* GPIO_IR
[Qemu-devel] [PATCH 01/12] hw/omap1.c : separate gpio module
Signed-off-by: cmchao
---
Makefile.target |2 +-
hw/omap.h |1 +
hw/omap1.c | 181 -
hw/omap_gpio.c | 202 +++
4 files changed, 204 insertions(+), 182 deletions(-)
create mode 100644 hw/omap_gpio.c
diff --git a/Makefile.target b/Makefile.target
index fda5bf3..eb5c84a 100644
--- a/Makefile.target
+++ b/Makefile.target
@@ -263,7 +263,7 @@ obj-arm-y += pxa2xx.o pxa2xx_pic.o pxa2xx_gpio.o
pxa2xx_timer.o pxa2xx_dma.o
obj-arm-y += pxa2xx_lcd.o pxa2xx_mmci.o pxa2xx_pcmcia.o pxa2xx_keypad.o
obj-arm-y += gumstix.o
obj-arm-y += zaurus.o ide/microdrive.o spitz.o tosa.o tc6393xb.o
-obj-arm-y += omap1.o omap_lcdc.o omap_dma.o omap_clk.o omap_mmc.o omap_i2c.o
+obj-arm-y += omap1.o omap_lcdc.o omap_dma.o omap_clk.o omap_mmc.o omap_i2c.o
omap_gpio.o
obj-arm-y += omap2.o omap_dss.o soc_dma.o
obj-arm-y += omap_sx1.o palm.o tsc210x.o
obj-arm-y += nseries.o blizzard.o onenand.o vga.o cbus.o tusb6010.o usb-musb.o
diff --git a/hw/omap.h b/hw/omap.h
index d305779..ebd166f 100644
--- a/hw/omap.h
+++ b/hw/omap.h
@@ -671,6 +671,7 @@ void omap_mpuio_key(struct omap_mpuio_s *s, int row, int
col, int down);
struct omap_gpio_s;
struct omap_gpio_s *omap_gpio_init(target_phys_addr_t base,
qemu_irq irq, omap_clk clk);
+void omap_gpio_reset(struct omap_gpio_s *s);
qemu_irq *omap_gpio_in_get(struct omap_gpio_s *s);
void omap_gpio_out_set(struct omap_gpio_s *s, int line, qemu_irq handler);
diff --git a/hw/omap1.c b/hw/omap1.c
index 8649dbd..8b78c05 100644
--- a/hw/omap1.c
+++ b/hw/omap1.c
@@ -2804,187 +2804,6 @@ void omap_mpuio_key(struct omap_mpuio_s *s, int row,
int col, int down)
omap_mpuio_kbd_update(s);
}
-/* General-Purpose I/O */
-struct omap_gpio_s {
-qemu_irq irq;
-qemu_irq *in;
-qemu_irq handler[16];
-
-uint16_t inputs;
-uint16_t outputs;
-uint16_t dir;
-uint16_t edge;
-uint16_t mask;
-uint16_t ints;
-uint16_t pins;
-};
-
-static void omap_gpio_set(void *opaque, int line, int level)
-{
-struct omap_gpio_s *s = (struct omap_gpio_s *) opaque;
-uint16_t prev = s->inputs;
-
-if (level)
-s->inputs |= 1 << line;
-else
-s->inputs &= ~(1 << line);
-
-if (((s->edge & s->inputs & ~prev) | (~s->edge & ~s->inputs & prev)) &
-(1 << line) & s->dir & ~s->mask) {
-s->ints |= 1 << line;
-qemu_irq_raise(s->irq);
-}
-}
-
-static uint32_t omap_gpio_read(void *opaque, target_phys_addr_t addr)
-{
-struct omap_gpio_s *s = (struct omap_gpio_s *) opaque;
-int offset = addr & OMAP_MPUI_REG_MASK;
-
-switch (offset) {
-case 0x00: /* DATA_INPUT */
-return s->inputs & s->pins;
-
-case 0x04: /* DATA_OUTPUT */
-return s->outputs;
-
-case 0x08: /* DIRECTION_CONTROL */
-return s->dir;
-
-case 0x0c: /* INTERRUPT_CONTROL */
-return s->edge;
-
-case 0x10: /* INTERRUPT_MASK */
-return s->mask;
-
-case 0x14: /* INTERRUPT_STATUS */
-return s->ints;
-
-case 0x18: /* PIN_CONTROL (not in OMAP310) */
-OMAP_BAD_REG(addr);
-return s->pins;
-}
-
-OMAP_BAD_REG(addr);
-return 0;
-}
-
-static void omap_gpio_write(void *opaque, target_phys_addr_t addr,
-uint32_t value)
-{
-struct omap_gpio_s *s = (struct omap_gpio_s *) opaque;
-int offset = addr & OMAP_MPUI_REG_MASK;
-uint16_t diff;
-int ln;
-
-switch (offset) {
-case 0x00: /* DATA_INPUT */
-OMAP_RO_REG(addr);
-return;
-
-case 0x04: /* DATA_OUTPUT */
-diff = (s->outputs ^ value) & ~s->dir;
-s->outputs = value;
-while ((ln = ffs(diff))) {
-ln --;
-if (s->handler[ln])
-qemu_set_irq(s->handler[ln], (value >> ln) & 1);
-diff &= ~(1 << ln);
-}
-break;
-
-case 0x08: /* DIRECTION_CONTROL */
-diff = s->outputs & (s->dir ^ value);
-s->dir = value;
-
-value = s->outputs & ~s->dir;
-while ((ln = ffs(diff))) {
-ln --;
-if (s->handler[ln])
-qemu_set_irq(s->handler[ln], (value >> ln) & 1);
-diff &= ~(1 << ln);
-}
-break;
-
-case 0x0c: /* INTERRUPT_CONTROL */
-s->edge = value;
-break;
-
-case 0x10: /* INTERRUPT_MASK */
-s->mask = value;
-break;
-
-case 0x14: /* INTERRUPT_STATUS */
-s->ints &= ~value;
-if (!s->ints)
-qemu_irq_lower(s->irq);
-break;
-
-case 0x18: /* PIN_CONTROL (not in OMAP310 TRM) */
-OMAP_BAD_REG(addr);
-s->pins = value;
-break;
-
-default:
-OMAP_BAD_REG(addr);
-return;
-}
-}
-
-/* *Some* sources say the memory region is 32-bit. */
-static CPUReadMemoryFunc * const omap_gpio_readfn[] = {
-omap_badwidth_read16,
-omap_gpio_read,
-omap_badwidth_re
[Qemu-devel] [PATCH 00/12] refactor OMAP implementation
The following changes since commit 29f91781bd300b228d9c38b9f6c1e0b6a38f25fb: Jes Sorensen (1): vhost_net.c: v2 Fix build failure introduced by 0bfcd599e3f5c5679cc7d0165a0a1822e2f60de2 The patches almostly base on http://meego.gitorious.org/qemu-maemo/qemu work and act as preparatory work to merge their OMAP3 and beagleboard support. All the work are to separate modules, which will be shared or extended in OMAP3 implementation and make certain local function static [PATCH 01/12] hw/omap1.c : separate gpio module [PATCH 02/12] hw/omap2.c : separate gpio module [PATCH 03/12] hw/omap2.c : separate gptimer module [PATCH 04/12] hw/omap2.c : separate synctimer module [PATCH 05/12] hw/omap2.c : separate gpmc(general purpose memory controller) [PATCH 06/12] hw/omap2.c : separate sdrc (sdram controller) [PATCH 07/12] hw/omap1.c : separate interrupt controller module [PATCH 08/12] hw/omap2.c : separate spi module [PATCH 09/12] hw/omap2.c : separate tap module(Test-Chip-level) [PATCH 10/12] hw/omwp2.c : separate l4 interconnect module [PATCH 11/12] hw/omap1.c : separate uart module [PATCH 12/12] hw/omap : make local function static and remove declaration from header
Re: [Qemu-devel] cg14
2010/5/28 Blue Swirl :
> On Fri, May 28, 2010 at 7:54 AM, Bob Breuer wrote:
>> Artyom Tarasenko wrote:
>>> 2010/5/27 Bob Breuer :
>>>
Artyom Tarasenko wrote:
> Was going to put some more empty slots into SS-10/20 (VSIMMs, SX)
> after we are done with SS-5 (due to technical limitations I can switch
> access from one real SS model to another one once a few days only).
>
>
I have a partial implementation of the SS-20 VSIMM (cg14) that I've been
working on. With the Sun firmware, I have working text console, color
boot logo, and programmable video resolutions up to 1600x1280.
>>>
>>> Great news! This would allow qemu booting NeXTStep! Are you planning
>>> to submit the patches any time soon?
>>>
>>>
>> It's not in a state to be submitted yet, but I've attached a working
>> patch if you want to give it a try. I need to hook it up to qdev and
>> fill in some more of the obviously incomplete switch cases before I'd
>> sign off on it.
>
> Nice work. I have a few comments below.
>
> This probably needs support from OpenBIOS to be usable without OBP.
Maybe it can be used as a second adapter without OpenBIOS support? At
least under some OSes?
>>
>> Bob
>>
>>
>> diff --git a/Makefile.target b/Makefile.target
>> index fda5bf3..b17b3af 100644
>> --- a/Makefile.target
>> +++ b/Makefile.target
>> @@ -250,6 +250,7 @@ else
>> obj-sparc-y = sun4m.o lance.o tcx.o sun4m_iommu.o slavio_intctl.o
>> obj-sparc-y += slavio_timer.o slavio_misc.o sparc32_dma.o
>> obj-sparc-y += cs4231.o eccmemctl.o sbi.o sun4c_intctl.o
>> +obj-sparc-y += cg14.o
>> endif
>>
>> obj-arm-y = integratorcp.o versatilepb.o arm_pic.o arm_timer.o
>> diff --git a/hw/sun4m.c b/hw/sun4m.c
>> index 7ba0f76..8b23c9b 100644
>> --- a/hw/sun4m.c
>> +++ b/hw/sun4m.c
>> @@ -864,6 +864,13 @@ static void sun4m_hw_init(const struct sun4m_hwdef
>> *hwdef, ram_addr_t RAM_size,
>> fprintf(stderr, "qemu: Unsupported depth: %d\n", graphic_depth);
>> exit (1);
>> }
>> + if (hwdef->machine_id == 65) { /* SS-20 */
>
> hwdef structure should contain a field for cg14. If non-zero, install
> cg14. Was cg14 only available for SS-20? Was it always included? This
> is also interesting for OpenBIOS, we need to detect cg14 vs. TCX.
>
>> + /* cg14.c */
>> + void cg14_init(target_phys_addr_t ctrl_base, target_phys_addr_t
>> vram_base,
>> + uint32_t vram_size);
>
> This should go to sun4m.h or cg14.h.
>
>> +
>> + cg14_init(0x09c00ULL, 0x0fc00ULL, 8<<20);
>> + } else
>
> Please add braces and reindent.
>
>> tcx_init(hwdef->tcx_base, 0x0010, graphic_width, graphic_height,
>> graphic_depth);
>>
>> --- /dev/null Fri May 28 02:08:36 2010
>> +++ hw/cg14.c Fri May 28 01:58:49 2010
>> @@ -0,0 +1,785 @@
>> +/*
>> + * QEMU CG14 Frame buffer
>> + *
>> + * Copyright (c) 2010 Bob Breuer
>> + *
>> + * Permission is hereby granted, free of charge, to any person obtaining a
>> copy
>> + * of this software and associated documentation files (the "Software"), to
>> deal
>> + * in the Software without restriction, including without limitation the
>> rights
>> + * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
>> + * copies of the Software, and to permit persons to whom the Software is
>> + * furnished to do so, subject to the following conditions:
>> + *
>> + * The above copyright notice and this permission notice shall be included
>> in
>> + * all copies or substantial portions of the Software.
>> + *
>> + * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS
>> OR
>> + * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
>> + * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL
>> + * THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR
>> OTHER
>> + * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING
>> FROM,
>> + * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
>> + * THE SOFTWARE.
>> + */
>> +
>> +#include "console.h"
>> +#include "sysbus.h"
>> +
>> +#ifdef DEBUG
DEBUG_CG14 ?
>> +#define DPRINTF(fmt, ...) \
>> + do { printf("CG14: " fmt , ## __VA_ARGS__); } while (0)
>> +#else
>> +#define DPRINTF(fmt, ...)
>> +#endif
>> +
>> +#define CG14_INFO(fmt, ...) \
>> + do { printf("CG14: " fmt , ## __VA_ARGS__); } while (0)
>> +#define CG14_ERROR(fmt, ...) \
>> + do { printf("CG14: " fmt , ## __VA_ARGS__); } while (0)
>> +
>> +/*
>> + * A[28:26] = slot number (4 to 7)
>> + * regs: size 0x1 @ 0x09c00 (0x8000 + slot * 64M)
>> + * vmem: size upto 16MB @ 0x0fc00 (0xE000 + slot * 64M)
>> + */
>
> If you have any links to chipset docs, it would be nice to mention those here.
>
>> +
>> +/*
>> + * memory map:
>> + * reg+0x = control registers
>> + * reg+0x1000 = cursor registers
Re: [Qemu-devel] [PATCH] alpha-linux-user: Fill in SI_CODE for SIGSEGV.
On Fri, May 21, 2010 at 10:03:33AM -0700, Richard Henderson wrote: > Signed-off-by: Richard Henderson > --- > linux-user/main.c |3 ++- > 1 files changed, 2 insertions(+), 1 deletions(-) Thanks, applied. > diff --git a/linux-user/main.c b/linux-user/main.c > index b240f29..de1076b 100644 > --- a/linux-user/main.c > +++ b/linux-user/main.c > @@ -2433,7 +2433,8 @@ void cpu_loop (CPUState *env) > env->lock_addr = -1; > info.si_signo = TARGET_SIGSEGV; > info.si_errno = 0; > -info.si_code = 0; /* ??? SEGV_MAPERR vs SEGV_ACCERR. */ > +info.si_code = (page_get_flags(env->ipr[IPR_EXC_ADDR]) & > PAGE_VALID > +? TARGET_SEGV_ACCERR : TARGET_SEGV_MAPERR); > info._sifields._sigfault._addr = env->ipr[IPR_EXC_ADDR]; > queue_signal(env, info.si_signo, &info); > break; > -- > 1.7.0.1 > > > -- Aurelien Jarno GPG: 1024D/F1BCDB73 aurel...@aurel32.net http://www.aurel32.net
Re: [Qemu-devel] [PATCH 0/2] Tidy qemu_malloc
On Fri, May 21, 2010 at 10:37:50AM -0700, Richard Henderson wrote: > I was reminded of this by the discussion on the list recently of > using calloc for qemu_mallocz. I'd vaguely remembered that I > already had a patch that did this. > > The second patch is a cleanup enabled by Paul's patch: > 2e9a5713f0567fffaa3518f495b8d16a2b74f84a > which removed PAGE_RESERVED. > > Thanks, both applied. > > Richard Henderson (2): > Use calloc in qemu_mallocz. > linux-user: Use qemu-malloc.c. > > Makefile.target |3 ++- > linux-user/mmap.c | 52 > qemu-malloc.c |8 > 3 files changed, 6 insertions(+), 57 deletions(-) > > > -- Aurelien Jarno GPG: 1024D/F1BCDB73 aurel...@aurel32.net http://www.aurel32.net
[Qemu-devel] Re: [PATCH 1/2] Pad iommu with an empty slot (necessary for SunOS 4.1.4)
> 32m: 0x12fff394 > 64m: 0x14fff394 > 192m:0x1cfff394 > 256m:0x20fff394 > > Memory probing? It would be strange that OS would do it itself. The OS > could just > ask OBP how much does it have. Here is the listing where it happens: > > _swift_vac_rgnflush: rd %psr, %g2 > _swift_vac_rgnflush+4: andn %g2, 0x20, %g5 > _swift_vac_rgnflush+8: mov %g5, %psr > _swift_vac_rgnflush+0xc: nop > _swift_vac_rgnflush+0x10: nop > _swift_vac_rgnflush+0x14: mov 0x100, %g5 > _swift_vac_rgnflush+0x18: lda [%g5] 0x4, %g5 > _swift_vac_rgnflush+0x1c: sll %o2, 0x2, %g1 > _swift_vac_rgnflush+0x20: sll %g5, 0x4, %g5 > _swift_vac_rgnflush+0x24: add %g5, %g1, %g5 > _swift_vac_rgnflush+0x28: lda [%g5] 0x20, %g5 > > _swift_vac_rgnflush+0x28: is the fatal one. > > kadb> $c > _swift_vac_rgnflush(?) > _vac_rgnflush() + 4 > _hat_setup_kas(0xc00,0xf0447000,0x43a000,0x400,0xf043a000,0x3c0) + 70 > _startup(0xfe00,0x1000,0xfa00,0xf00e2bfc,0x10,0xdbc00) + 1414 > _main(0xf00e0fb4,0xf0007810,0x293ff49f,0xa805209c,0x200,0xf00d1d18) + 14 > > Unfortunately (but not surprisingly) kadb doesn't allow debugging > cache-flush code, so I can't check what is in > [%g5] (aka sfar) on the real machine when this happens. I was telling fairy tales here and no one stopped me. [%g5] is not sfar, it's the context pointer, so the code makes much more sense! And I guess, SunOS 4.1.4 is buggy. I've managed to reproduce the complete case on the real machine. The trick is to set the breakpoint before the interrupts are switched off: kadb> _swift_vac_rgnflush:b kadb> :c breakpoint _swift_vac_rgnflush:rd %psr, %g2 kadb> $q Type 'go' to resume Type help for more information ok 100 4 spacel@ . 3fff00 So at _swift_vac_rgnflush+0x28 it would access (44000e5<<2) + (3fff00 << 4) = 14fff394. Which is outside of IOMMU. ok 14fff394 20 spacel@ . 3fe000 This seems to be an alias to ok 1404 20 spacel@ . 3fe000 So, it seems to be safe to pad iommu with an empty slot. I guess we are not missing anything more serious. Alternatively we can use your aliasing patch. What do you say? P.S. What is also interesting about SunOS 4.1.4 is that only the single-cpu kernel (which is used during the installation) calls _swift_vac_rgnflush on initialization. The smp kernel just doesn't have this call in _hat_setup_kas. Maybe they have noticed the bug and corrected it? -- Regards, Artyom Tarasenko solaris/sparc under qemu blog: http://tyom.blogspot.com/
Re: [Qemu-devel] [PATCH 1/2] tcg: Add TYPE parameter to tcg_out_mov.
On 05/28/2010 11:21 AM, Aurelien Jarno wrote: >> +tcg_out_mov(s, TCG_TYPE_PTR, data_reg, arg0); > > Is it something correct? This refers to a data register according to the > name of the variable. > >> break; >> } >> >> @@ -1007,10 +1007,10 @@ static void tcg_out_qemu_st(TCGContext *s, const >> TCGArg *args, >> tcg_out32(s, 0); >> >> /* mov (delay slot) */ >> -tcg_out_mov(s, arg0, addr_reg); >> +tcg_out_mov(s, TCG_TYPE_PTR, arg0, addr_reg); > > Here this looks correct > >> /* mov */ >> -tcg_out_mov(s, arg1, data_reg); >> +tcg_out_mov(s, TCG_TYPE_PTR, arg1, data_reg); > > Here not. > > I am also a bit puzzled that TCG_TYPE_PTR only appears on the sparc > target, though I haven't looked at the code, it might be normal. Most targets I didn't bother to figure out whether the item is or isn't a pointer. I.e. on arm/hppa/ppc/mips targets I simply always used _I32, and on ppc64 target I always used _I64. Sparc is, at present, the only target that supports multiple register sizes. The only TCG_TYPE_FOO we have that corresponds to the current register size is TCG_TYPE_PTR; there isn't a TCG_TYPE_REG or whatever that documents that we want to move an object of the native register size. Not that it *really* matters for sparc, since there is one common move insn for both 32-bit and 64-bit mode, but I thought _PTR was slightly more correct than using either _I32 or _I64. r~
Re: [Qemu-devel] Re: [PATCH, RFC 1/4] pci: add I/O registration functions
> On Thu, May 27, 2010 at 2:39 PM, Michael S. Tsirkin wrote: > > On Sun, May 23, 2010 at 08:34:30PM +, Blue Swirl wrote: > >> Convert also APB to use the registration so that > >> we can remove mem_base. > >> > >> Signed-off-by: Blue Swirl > >> --- > >> hw/apb_pci.c | 23 - > >> hw/pci.c | 64 > >> ++--- hw/pci.h > >> |9 +++- > >> 3 files changed, 68 insertions(+), 28 deletions(-) > > > > Probably should mention pci.c changes in the changelog. > > It's the subject. IMO the body of the commit message should be self-contained. Many mail clients display the body text separately from the subject - the subject tends to be grouped with other metadata like to/from addresses. This makes reading both as a whole confusing and unintuitive. You can argue that this is a bug in git (and/or many mail clients). However I don't see that changing any time soon, so we should adapt our work process appropriately. Some other version control systems (e.g. CVS and SVN) don't have commit summary, so this can seem a strange concept when migrating from those systems. Paul
Re: [Qemu-devel] [PATCH v2 2/6] MIPS: Initial support of vt82686b south bridge used by fulong mini pc
I would appreciate if someone knowing the PCI code could review this
patch.
On Wed, May 19, 2010 at 10:27:23PM +0800, Huacai Chen wrote:
> Signed-off-by: Huacai Chen
> ---
> Makefile.target |2 +-
> hw/pc.h |7 +
> hw/pci_ids.h|8 +
> hw/vt82c686.c | 786
> +++
> 4 files changed, 802 insertions(+), 1 deletions(-)
> create mode 100644 hw/vt82c686.c
>
> diff --git a/Makefile.target b/Makefile.target
> index 247a2eb..9ed4a8d 100644
> --- a/Makefile.target
> +++ b/Makefile.target
> @@ -221,7 +221,7 @@ obj-mips-y += dma.o vga.o i8259.o
> obj-mips-y += g364fb.o jazz_led.o
> obj-mips-y += gt64xxx.o pckbd.o mc146818rtc.o
> obj-mips-y += piix4.o cirrus_vga.o
> -obj-mips-$(CONFIG_FULONG) += bonito.o
> +obj-mips-$(CONFIG_FULONG) += bonito.o vt82c686.o
>
> obj-microblaze-y = petalogix_s3adsp1800_mmu.o
>
> diff --git a/hw/pc.h b/hw/pc.h
> index 654b7b3..7f0730b 100644
> --- a/hw/pc.h
> +++ b/hw/pc.h
> @@ -143,6 +143,13 @@ void i440fx_init_memory_mappings(PCII440FXState *d);
> extern PCIDevice *piix4_dev;
> int piix4_init(PCIBus *bus, int devfn);
>
> +/* vt82c686.c */
> +int vt82c686b_init(PCIBus * bus, int devfn);
> +void vt82c686b_ac97_init(PCIBus *bus, int devfn);
> +void vt82c686b_mc97_init(PCIBus *bus, int devfn);
> +i2c_bus *vt82c686b_pm_init(PCIBus *bus, int devfn, uint32_t smb_io_base,
> +qemu_irq sci_irq);
> +
> /* vga.c */
> enum vga_retrace_method {
> VGA_RETRACE_DUMB,
> diff --git a/hw/pci_ids.h b/hw/pci_ids.h
> index fe7a121..39e9f1d 100644
> --- a/hw/pci_ids.h
> +++ b/hw/pci_ids.h
> @@ -78,6 +78,14 @@
>
> #define PCI_VENDOR_ID_XILINX 0x10ee
>
> +#define PCI_VENDOR_ID_VIA0x1106
> +#define PCI_DEVICE_ID_VIA_ISA_BRIDGE 0x0686
> +#define PCI_DEVICE_ID_VIA_IDE0x0571
> +#define PCI_DEVICE_ID_VIA_UHCI 0x3038
> +#define PCI_DEVICE_ID_VIA_ACPI 0x3057
> +#define PCI_DEVICE_ID_VIA_AC97 0x3058
> +#define PCI_DEVICE_ID_VIA_MC97 0x3068
> +
> #define PCI_VENDOR_ID_MARVELL0x11ab
>
> #define PCI_VENDOR_ID_ENSONIQ0x1274
> diff --git a/hw/vt82c686.c b/hw/vt82c686.c
> new file mode 100644
> index 000..1045467
> --- /dev/null
> +++ b/hw/vt82c686.c
> @@ -0,0 +1,786 @@
> +/*
> + * VT82C686B south bridge support
> + *
> + * Copyright (c) 2008 yajin (ya...@vm-kernel.org)
> + * Copyright (c) 2009 chenming (chenm...@rdc.faw.com.cn)
> + * Copyright (c) 2010 Huacai Chen (zltjiang...@gmail.com)
> + * This code is licensed under the GNU GPL v2.
> + */
> +
> +#include "hw.h"
> +#include "pc.h"
> +#include "i2c.h"
> +#include "smbus.h"
> +#include "pci.h"
> +#include "isa.h"
> +#include "sysbus.h"
> +#include "mips.h"
> +
> +typedef uint32_t pci_addr_t;
> +#include "pci_host.h"
> +//#define DEBUG_VT82C686B
> +
> +#ifdef DEBUG_VT82C686B
> +#define DPRINTF(fmt, ...) fprintf(stderr, "%s: " fmt, __FUNCTION__,
> ##__VA_ARGS__)
> +#else
> +#define DPRINTF(fmt, ...)
> +#endif
> +
> +typedef struct SuperIOConfig
> +{
> +uint8_t config[0xff];
> +uint8_t index;
> +uint8_t data;
> +} SuperIOConfig;
> +
> +typedef struct VT82C686BState {
> +PCIDevice dev;
> +SuperIOConfig *superio_conf;
> +} VT82C686BState;
> +
> +uint32_t smb_data[16];
> +static void superio_ioport_writeb(void *opaque, uint32_t addr, uint32_t data)
> +{
> +int can_write;
> +SuperIOConfig *superio_conf = (SuperIOConfig *)opaque;
> +
> +DPRINTF("superio_ioport_writeb address 0x%x val 0x%x \n", addr, data);
> +if (addr == 0x3f0) {
> +superio_conf->index = data & 0xff;
> +} else {
> +/* 0x3f1 */
> +switch (superio_conf->index) {
> +case 0x00 ... 0xdf:
> +case 0xe4:
> +case 0xe5:
> +case 0xe9 ... 0xed:
> +case 0xf3:
> +case 0xf5:
> +case 0xf7:
> +case 0xf9 ... 0xfb:
> +case 0xfd ... 0xff:
> +can_write = 0;
> +break;
> +default:
> +can_write = 1;
> +
> +if (can_write) {
> +switch (superio_conf->index) {
> +case 0xe7:
> +if ((data & 0xff) != 0xfe) {
> +DPRINTF("chage uart 1 base. unsupported yet \n");
> +}
> +break;
> +case 0xe8:
> +if ((data & 0xff) != 0xbe) {
> +DPRINTF("chage uart 2 base. unsupported yet \n");
> +}
> +break;
> +
> +default:
> +superio_conf->config[superio_conf->index] = data & 0xff;
> +}
> +}
> +}
> +superio_conf->config[superio_conf->index] = data & 0xff;
> +}
> +}
> +
> +static uint32_t superio_ioport_readb(void *opaque, uint32_t addr)
> +{
> +SuperIOConfig *superio_conf = (SuperIOConfig *)opaque;
> +
> +DPRINTF("superio_ioport_readb addres
Re: [Qemu-devel] [PATCH] sparc64: fix 128-bit atomic load from nucleus context
On Sat, May 29, 2010 at 12:30 AM, Blue Swirl wrote:
> On Fri, May 28, 2010 at 9:48 AM, Igor V. Kovalenko
> wrote:
>> From: Igor V. Kovalenko
>>
>> Signed-off-by: Igor V. Kovalenko
>> ---
>> sparc-dis.c | 2 ++
>> target-sparc/op_helper.c | 10 +-
>> 2 files changed, 7 insertions(+), 5 deletions(-)
>>
>> diff --git a/sparc-dis.c b/sparc-dis.c
>> index c1b682d..dbd3b4f 100644
>> --- a/sparc-dis.c
>> +++ b/sparc-dis.c
>> @@ -2155,6 +2155,8 @@ static const arg asi_table_v9[] =
>> /* These are UltraSPARC extensions. */
>> { 0x14, "#ASI_PHYS_USE_EC"},
>> { 0x15, "#ASI_PHYS_BYPASS_EC_WITH_EBIT"},
>> + { 0x24, "#ASI_NUCLEUS_QUAD_LDD" },
>> + { 0x2c, "#ASI_NUCLEUS_QUAD_LDD_LITTLE" },
>> { 0x45, "#ASI_LSU_CONTROL_REG"},
>> { 0x47, "#ASI_DCACHE_TAG"},
>> { 0x49, "#ASI_INTR_RECEIVE"},
>
> The patch does not apply because the above line is not in the tree.
>
> This change should be also mentioned in the commit body.
I decided to drop disassembler update, it can be done separately once
for all ASI extensions.
--
Kind regards,
Igor V. Kovalenko
Re: [Qemu-devel] [PATCH v2 3/6] MIPS: Initial support of VIA IDE controller used by fulong mini pc
On Wed, May 19, 2010 at 10:27:50PM +0800, Huacai Chen wrote:
> Signed-off-by: Huacai Chen
> ---
> Makefile.objs|1 +
> default-configs/mips64el-softmmu.mak |1 +
> hw/ide.h |1 +
> hw/ide/via.c | 185
> ++
> 4 files changed, 188 insertions(+), 0 deletions(-)
> create mode 100644 hw/ide/via.c
>
> diff --git a/Makefile.objs b/Makefile.objs
> index acbaf22..3291e3a 100644
> --- a/Makefile.objs
> +++ b/Makefile.objs
> @@ -196,6 +196,7 @@ hw-obj-$(CONFIG_IDE_ISA) += ide/isa.o
> hw-obj-$(CONFIG_IDE_PIIX) += ide/piix.o
> hw-obj-$(CONFIG_IDE_CMD646) += ide/cmd646.o
> hw-obj-$(CONFIG_IDE_MACIO) += ide/macio.o
> +hw-obj-$(CONFIG_IDE_VIA) += ide/via.o
>
> # SCSI layer
> hw-obj-y += lsi53c895a.o
> diff --git a/default-configs/mips64el-softmmu.mak
> b/default-configs/mips64el-softmmu.mak
> index b731c74..bf19577 100644
> --- a/default-configs/mips64el-softmmu.mak
> +++ b/default-configs/mips64el-softmmu.mak
> @@ -19,6 +19,7 @@ CONFIG_IDE_QDEV=y
> CONFIG_IDE_PCI=y
> CONFIG_IDE_ISA=y
> CONFIG_IDE_PIIX=y
> +CONFIG_IDE_VIA=y
> CONFIG_NE2000_ISA=y
> CONFIG_SOUND=y
> CONFIG_VIRTIO_PCI=y
> diff --git a/hw/ide.h b/hw/ide.h
> index 0e7d540..bb635b6 100644
> --- a/hw/ide.h
> +++ b/hw/ide.h
> @@ -12,6 +12,7 @@ void pci_cmd646_ide_init(PCIBus *bus, DriveInfo **hd_table,
> int secondary_ide_enabled);
> void pci_piix3_ide_init(PCIBus *bus, DriveInfo **hd_table, int devfn);
> void pci_piix4_ide_init(PCIBus *bus, DriveInfo **hd_table, int devfn);
> +void vt82c686b_ide_init(PCIBus *bus, DriveInfo **hd_table, int devfn);
>
> /* ide-macio.c */
> int pmac_ide_init (DriveInfo **hd_table, qemu_irq irq,
> diff --git a/hw/ide/via.c b/hw/ide/via.c
> new file mode 100644
> index 000..33a0b90
> --- /dev/null
> +++ b/hw/ide/via.c
> @@ -0,0 +1,185 @@
> +/*
> + * QEMU IDE Emulation: PCI VIA82C686B support.
> + *
> + * Copyright (c) 2003 Fabrice Bellard
> + * Copyright (c) 2006 Openedhand Ltd.
> + * Copyright (c) 2010 Huacai Chen
> + *
> + * Permission is hereby granted, free of charge, to any person obtaining a
> copy
> + * of this software and associated documentation files (the "Software"), to
> deal
> + * in the Software without restriction, including without limitation the
> rights
> + * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
> + * copies of the Software, and to permit persons to whom the Software is
> + * furnished to do so, subject to the following conditions:
> + *
> + * The above copyright notice and this permission notice shall be included in
> + * all copies or substantial portions of the Software.
> + *
> + * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
> + * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
> + * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL
> + * THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
> + * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING
> FROM,
> + * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
> + * THE SOFTWARE.
> + */
> +#include
> +#include
> +#include
> +#include
> +#include "block.h"
> +#include "block_int.h"
> +#include "sysemu.h"
> +#include "dma.h"
> +
> +#include
> +
> +static uint32_t bmdma_readb(void *opaque, uint32_t addr)
> +{
> +BMDMAState *bm = opaque;
> +uint32_t val;
> +
> +switch (addr & 3) {
> +case 0:
> +val = bm->cmd;
> +break;
> +case 2:
> +val = bm->status;
> +break;
> +default:
> +val = 0xff;
> +break;
> +}
> +#ifdef DEBUG_IDE
> +printf("bmdma: readb 0x%02x : 0x%02x\n", addr, val);
> +#endif
> +return val;
> +}
> +
> +static void bmdma_writeb(void *opaque, uint32_t addr, uint32_t val)
> +{
> +BMDMAState *bm = opaque;
> +#ifdef DEBUG_IDE
> +printf("bmdma: writeb 0x%02x : 0x%02x\n", addr, val);
> +#endif
> +switch (addr & 3) {
> +case 2:
> +bm->status = (val & 0x60) | (bm->status & 1) | (bm->status & ~val &
> 0x06);
> +break;
> +default:;
> +}
> +}
> +
> +static void bmdma_map(PCIDevice *pci_dev, int region_num,
> +pcibus_t addr, pcibus_t size, int type)
> +{
> +PCIIDEState *d = DO_UPCAST(PCIIDEState, dev, pci_dev);
> +int i;
> +
> +for(i = 0;i < 2; i++) {
> +BMDMAState *bm = &d->bmdma[i];
> +d->bus[i].bmdma = bm;
> +bm->bus = d->bus+i;
> +qemu_add_vm_change_state_handler(ide_dma_restart_cb, bm);
> +
> +register_ioport_write(addr, 1, 1, bmdma_cmd_writeb, bm);
> +
> +register_ioport_write(addr + 1, 3, 1, bmdma_writeb, bm);
> +register_ioport_read(addr, 4, 1, bmdma_readb, bm);
> +
> +register_ioport_write(addr + 4, 4, 1, bmdma_addr_writeb, bm);
> +register_ioport_read(addr + 4, 4, 1, bmdma_a
Re: [Qemu-devel] [PATCH] linux-user: Fix compilation with DEBUG defined
On Wed, May 19, 2010 at 09:49:21PM +0200, Riccardo Magliocchetti wrote:
> Signed-off-by: Riccardo Magliocchetti
Thanks, applied.
> ---
> linux-user/flatload.c |2 +-
> 1 files changed, 1 insertions(+), 1 deletions(-)
>
> diff --git a/linux-user/flatload.c b/linux-user/flatload.c
> index 6a2c3f9..914de1f 100644
> --- a/linux-user/flatload.c
> +++ b/linux-user/flatload.c
> @@ -338,7 +338,7 @@ failed:
> static void old_reloc(struct lib_info *libinfo, uint32_t rl)
> {
> #ifdef DEBUG
> - char *segment[] = { "TEXT", "DATA", "BSS", "*UNKNOWN*" };
> + const char *segment[] = { "TEXT", "DATA", "BSS", "*UNKNOWN*" };
> #endif
> uint32_t *ptr;
> uint32_t offset;
> --
> 1.7.1
>
>
>
--
Aurelien Jarno GPG: 1024D/F1BCDB73
aurel...@aurel32.net http://www.aurel32.net
[Qemu-devel] [PATCH] sparc64: fix 128-bit atomic load from nucleus context v1
From: Igor V. Kovalenko
- change 128-bit atomic loads to reference nucleus context
v0->v1: dropped disassembler change
Signed-off-by: Igor V. Kovalenko
---
target-sparc/op_helper.c | 10 +-
1 files changed, 5 insertions(+), 5 deletions(-)
diff --git a/target-sparc/op_helper.c b/target-sparc/op_helper.c
index edeeb44..f468e7b 100644
--- a/target-sparc/op_helper.c
+++ b/target-sparc/op_helper.c
@@ -3060,19 +3060,19 @@ void helper_ldda_asi(target_ulong addr, int asi, int rd)
case 0x2c: // Nucleus quad LDD 128 bit atomic LE
helper_check_align(addr, 0xf);
if (rd == 0) {
-env->gregs[1] = ldq_kernel(addr + 8);
+env->gregs[1] = ldq_nucleus(addr + 8);
if (asi == 0x2c)
bswap64s(&env->gregs[1]);
} else if (rd < 8) {
-env->gregs[rd] = ldq_kernel(addr);
-env->gregs[rd + 1] = ldq_kernel(addr + 8);
+env->gregs[rd] = ldq_nucleus(addr);
+env->gregs[rd + 1] = ldq_nucleus(addr + 8);
if (asi == 0x2c) {
bswap64s(&env->gregs[rd]);
bswap64s(&env->gregs[rd + 1]);
}
} else {
-env->regwptr[rd] = ldq_kernel(addr);
-env->regwptr[rd + 1] = ldq_kernel(addr + 8);
+env->regwptr[rd] = ldq_nucleus(addr);
+env->regwptr[rd + 1] = ldq_nucleus(addr + 8);
if (asi == 0x2c) {
bswap64s(&env->regwptr[rd]);
bswap64s(&env->regwptr[rd + 1]);
Re: [Qemu-devel] cg14
On Fri, May 28, 2010 at 7:54 AM, Bob Breuer wrote:
> Artyom Tarasenko wrote:
>> 2010/5/27 Bob Breuer :
>>
>>> Artyom Tarasenko wrote:
>>>
Was going to put some more empty slots into SS-10/20 (VSIMMs, SX)
after we are done with SS-5 (due to technical limitations I can switch
access from one real SS model to another one once a few days only).
>>> I have a partial implementation of the SS-20 VSIMM (cg14) that I've been
>>> working on. With the Sun firmware, I have working text console, color
>>> boot logo, and programmable video resolutions up to 1600x1280.
>>>
>>
>> Great news! This would allow qemu booting NeXTStep! Are you planning
>> to submit the patches any time soon?
>>
>>
> It's not in a state to be submitted yet, but I've attached a working
> patch if you want to give it a try. I need to hook it up to qdev and
> fill in some more of the obviously incomplete switch cases before I'd
> sign off on it.
Nice work. I have a few comments below.
This probably needs support from OpenBIOS to be usable without OBP.
>
> Bob
>
>
> diff --git a/Makefile.target b/Makefile.target
> index fda5bf3..b17b3af 100644
> --- a/Makefile.target
> +++ b/Makefile.target
> @@ -250,6 +250,7 @@ else
> obj-sparc-y = sun4m.o lance.o tcx.o sun4m_iommu.o slavio_intctl.o
> obj-sparc-y += slavio_timer.o slavio_misc.o sparc32_dma.o
> obj-sparc-y += cs4231.o eccmemctl.o sbi.o sun4c_intctl.o
> +obj-sparc-y += cg14.o
> endif
>
> obj-arm-y = integratorcp.o versatilepb.o arm_pic.o arm_timer.o
> diff --git a/hw/sun4m.c b/hw/sun4m.c
> index 7ba0f76..8b23c9b 100644
> --- a/hw/sun4m.c
> +++ b/hw/sun4m.c
> @@ -864,6 +864,13 @@ static void sun4m_hw_init(const struct sun4m_hwdef
> *hwdef, ram_addr_t RAM_size,
> fprintf(stderr, "qemu: Unsupported depth: %d\n", graphic_depth);
> exit (1);
> }
> + if (hwdef->machine_id == 65) { /* SS-20 */
hwdef structure should contain a field for cg14. If non-zero, install
cg14. Was cg14 only available for SS-20? Was it always included? This
is also interesting for OpenBIOS, we need to detect cg14 vs. TCX.
> + /* cg14.c */
> + void cg14_init(target_phys_addr_t ctrl_base, target_phys_addr_t
> vram_base,
> + uint32_t vram_size);
This should go to sun4m.h or cg14.h.
> +
> + cg14_init(0x09c00ULL, 0x0fc00ULL, 8<<20);
> + } else
Please add braces and reindent.
> tcx_init(hwdef->tcx_base, 0x0010, graphic_width, graphic_height,
> graphic_depth);
>
> --- /dev/null Fri May 28 02:08:36 2010
> +++ hw/cg14.c Fri May 28 01:58:49 2010
> @@ -0,0 +1,785 @@
> +/*
> + * QEMU CG14 Frame buffer
> + *
> + * Copyright (c) 2010 Bob Breuer
> + *
> + * Permission is hereby granted, free of charge, to any person obtaining a
> copy
> + * of this software and associated documentation files (the "Software"), to
> deal
> + * in the Software without restriction, including without limitation the
> rights
> + * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
> + * copies of the Software, and to permit persons to whom the Software is
> + * furnished to do so, subject to the following conditions:
> + *
> + * The above copyright notice and this permission notice shall be included in
> + * all copies or substantial portions of the Software.
> + *
> + * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
> + * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
> + * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL
> + * THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
> + * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING
> FROM,
> + * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
> + * THE SOFTWARE.
> + */
> +
> +#include "console.h"
> +#include "sysbus.h"
> +
> +#ifdef DEBUG
> +#define DPRINTF(fmt, ...) \
> + do { printf("CG14: " fmt , ## __VA_ARGS__); } while (0)
> +#else
> +#define DPRINTF(fmt, ...)
> +#endif
> +
> +#define CG14_INFO(fmt, ...) \
> + do { printf("CG14: " fmt , ## __VA_ARGS__); } while (0)
> +#define CG14_ERROR(fmt, ...) \
> + do { printf("CG14: " fmt , ## __VA_ARGS__); } while (0)
> +
> +/*
> + * A[28:26] = slot number (4 to 7)
> + * regs: size 0x1 @ 0x09c00 (0x8000 + slot * 64M)
> + * vmem: size upto 16MB @ 0x0fc00 (0xE000 + slot * 64M)
> + */
If you have any links to chipset docs, it would be nice to mention those here.
> +
> +/*
> + * memory map:
> + * reg+0x = control registers
> + * reg+0x1000 = cursor registers
> + * reg+0x2000 = dac registers (ADV7152)
> + * reg+0x3000 = xlut
> + * reg+0x4000 = clut1
> + * reg+0x5000 = clut2
> + * reg+0x6000 = clut3 (if implemented)
> + *
> + * mem+0x000 = XBGR (01234567)
> + * mem+0x100 = BGR (.123.567)
> + * mem+0x200 = X16 (0246)
> + * mem+0
Re: [Qemu-devel] [PATCH v2 4/6] MIPS: Initial support of VIA USB controller used by fulong mini pc
On Wed, May 19, 2010 at 10:28:11PM +0800, Huacai Chen wrote:
> Signed-off-by: Huacai Chen
> ---
> hw/usb-uhci.c | 30 ++
> hw/usb-uhci.h |1 +
> 2 files changed, 31 insertions(+), 0 deletions(-)
>
> diff --git a/hw/usb-uhci.c b/hw/usb-uhci.c
> index 624d55b..5fd5388 100644
> --- a/hw/usb-uhci.c
> +++ b/hw/usb-uhci.c
> @@ -1152,6 +1152,26 @@ static int usb_uhci_piix4_initfn(PCIDevice *dev)
> return usb_uhci_common_initfn(s);
> }
>
> +static int usb_uhci_vt82c686b_initfn(PCIDevice *dev)
> +{
> +UHCIState *s = DO_UPCAST(UHCIState, dev, dev);
> +uint8_t *pci_conf = s->dev.config;
> +
> +pci_config_set_vendor_id(pci_conf, PCI_VENDOR_ID_VIA);
> +pci_config_set_device_id(pci_conf, PCI_DEVICE_ID_VIA_UHCI);
> +
> +pci_set_long(pci_conf + 0x0c,0x1600);
> +pci_set_long(pci_conf + 0x20,0x0301);
> +pci_set_long(pci_conf + 0x34,0x1080);
> +pci_set_long(pci_conf + 0x3c,0x0004);
> +pci_set_long(pci_conf + 0x40,0x1000);
> +pci_set_long(pci_conf + 0x60,0x0010);
> +pci_set_long(pci_conf + 0x80,0x00020001);
> +pci_set_long(pci_conf + 0xc0,0x2000);
Do we have an idea what those hex values are? It would probably be a
good idea to add some comments and/or use values from hw/pci_regs.h
> +return usb_uhci_common_initfn(s);
> +}
> +
> static PCIDeviceInfo uhci_info[] = {
> {
> .qdev.name= "piix3-usb-uhci",
> @@ -1164,6 +1184,11 @@ static PCIDeviceInfo uhci_info[] = {
> .qdev.vmsd= &vmstate_uhci,
> .init = usb_uhci_piix4_initfn,
> },{
> +.qdev.name= "vt82c686b-usb-uhci",
> +.qdev.size= sizeof(UHCIState),
> +.qdev.vmsd= &vmstate_uhci,
> +.init = usb_uhci_vt82c686b_initfn,
> +},{
> /* end of list */
> }
> };
> @@ -1183,3 +1208,8 @@ void usb_uhci_piix4_init(PCIBus *bus, int devfn)
> {
> pci_create_simple(bus, devfn, "piix4-usb-uhci");
> }
> +
> +void usb_uhci_vt82c686b_init(PCIBus *bus, int devfn)
> +{
> +pci_create_simple(bus, devfn, "vt82c686b-usb-uhci");
> +}
> diff --git a/hw/usb-uhci.h b/hw/usb-uhci.h
> index 911948e..3e4d377 100644
> --- a/hw/usb-uhci.h
> +++ b/hw/usb-uhci.h
> @@ -5,5 +5,6 @@
>
> void usb_uhci_piix3_init(PCIBus *bus, int devfn);
> void usb_uhci_piix4_init(PCIBus *bus, int devfn);
> +void usb_uhci_vt82c686b_init(PCIBus *bus, int devfn);
>
> #endif
> --
> 1.7.0.4
>
>
>
--
Aurelien Jarno GPG: 1024D/F1BCDB73
aurel...@aurel32.net http://www.aurel32.net
Re: [Qemu-devel] [PATCH 0/2] [RFC] 64-bit io paths
[Hit send too early on previous mail...] > The basic device interface looks like > ... > + > +/* Register a memory region at START_ADDR/SIZE. The REGION structure will > + be initialized appropriately for DEV using CB as the operation set. */ > +extern void cpu_register_memory_region(MemoryRegion *region, > + const MemoryCallbackInfo *cb, > + target_phys_addr_t start_addr, > + target_phys_addr_t size); > + > +/* Unregister a memory region. */ > +extern void cpu_unregister_memory_region(MemoryRegion *); > + > +/* Allocate ram for use with cpu_register_memory_region. */ > +extern const MemoryCallbackInfo *qemu_ram_alloc_r(ram_addr_t); > +extern void qemu_ram_free_r(const MemoryCallbackInfo *); > > The Basic Idea is that we have a MemoryRegion object that describes > a contiguous mapping within the guest address space. This object > needs to handle RAM, ROM and devices. The desire to handle memory > and devices the same comes from the wish to have PCI device BARs > show up as plain memory in the TLB as plain memory, and to be able > to handle all PCI device regions identically within sysbus. Looks reasonable to me. I'm tempted to add a DeviceState* argument to cpu_register_memory_region. This might be informative for debugging, and allow future disjoint bus support. OTOH it might be more trouble than it's worth. > I will admit that I do not yet have a good replacement for IO_MEM_ROMD, > or toggling the read-only bit on a RAM region. I suggest adding a MemoryCallbackInfo* argument to qemu_ram_alloc_r. If NULL this allocates a regular RAM block. if non-null it allocates a hybrid ROM/IO block using the specified callbacks for IO accesses. Then introduce a function that allows a device to switch a mapping between ROM and IO modes. Likewise to make a mapping of a RAM region readonly. Paul
Re: [Qemu-devel] [PATCH 3/3] Fix hw/gt64xxx.c compilation with DEBUG defined
On Wed, May 19, 2010 at 06:49:30PM +0200, Riccardo Magliocchetti wrote:
> Use TARGET_FMT_plx as format placeholder for target_phys_addr_t
>
> Signed-off-by: Riccardo Magliocchetti
Thanks, applied.
> ---
> hw/gt64xxx.c |2 +-
> 1 files changed, 1 insertions(+), 1 deletions(-)
>
> diff --git a/hw/gt64xxx.c b/hw/gt64xxx.c
> index 55971b9..7691e1d 100644
> --- a/hw/gt64xxx.c
> +++ b/hw/gt64xxx.c
> @@ -276,7 +276,7 @@ static void gt64120_isd_mapping(GT64120State *s)
> check_reserved_space(&start, &length);
> length = 0x1000;
> /* Map new address */
> -DPRINTF("ISD: %...@%x -> %...@%x, %x\n", s->ISD_length, s->ISD_start,
> +DPRINTF("ISD: "TARGET_FMT_plx"@"TARGET_FMT_plx" ->
> "TARGET_FMT_plx"@"TARGET_FMT_plx", %x\n", s->ISD_length, s->ISD_start,
> length, start, s->ISD_handle);
> s->ISD_start = start;
> s->ISD_length = length;
> --
> 1.7.1
>
>
>
--
Aurelien Jarno GPG: 1024D/F1BCDB73
aurel...@aurel32.net http://www.aurel32.net
Re: [Qemu-devel] [PATCH 1/3] Fix typo in balloon help
On Wed, May 19, 2010 at 06:49:28PM +0200, Riccardo Magliocchetti wrote: > Fix launchpad #563883 > > Signed-off-by: Riccardo Magliocchetti Thanks, applied. > --- > qemu-monitor.hx |2 +- > 1 files changed, 1 insertions(+), 1 deletions(-) > > diff --git a/qemu-monitor.hx b/qemu-monitor.hx > index a8f194c..ed7def9 100644 > --- a/qemu-monitor.hx > +++ b/qemu-monitor.hx > @@ -979,7 +979,7 @@ ETEXI > .name = "balloon", > .args_type = "value:M", > .params = "target", > -.help = "request VM to change it's memory allocation (in MB)", > +.help = "request VM to change its memory allocation (in MB)", > .user_print = monitor_user_noop, > .mhandler.cmd_async = do_balloon, > .async = 1, > -- > 1.7.1 > > > -- Aurelien Jarno GPG: 1024D/F1BCDB73 aurel...@aurel32.net http://www.aurel32.net
[Qemu-devel] Re: [PATCH v2 6/6] MIPS: add PMON (binary file) used by fulong mini pc
On Wed, May 19, 2010 at 10:29:13PM +0800, Huacai Chen wrote: > Signed-off-by: Huacai Chen > --- > pc-bios/pmon_fulong2e.bin | Bin 0 -> 335436 bytes > 1 files changed, 0 insertions(+), 0 deletions(-) > create mode 100755 pc-bios/pmon_fulong2e.bin > Where does this file come from? Usually an URL to the sources is added in pc-bios/README and the committer rebuild the binary file from sources. -- Aurelien Jarno GPG: 1024D/F1BCDB73 aurel...@aurel32.net http://www.aurel32.net
Re: [Qemu-devel] [PATCH 1/1] ceph/rbd block driver for qemu-kvm (v2)
Hi Kevin,
thanks for your review notes. Yehuda and I have already worked this into the git
tree on the ceph site.
I'll do some testing on Monday. After that I'll send an updated patch.
Regards,
Christian
2010/5/28 Kevin Wolf :
> Am 27.05.2010 21:11, schrieb Christian Brunner:
>> This is a block driver for the distributed file system Ceph
>> (http://ceph.newdream.net/). This driver uses librados (which
>> is part of the Ceph server) for direct access to the Ceph object
>> store and is running entirely in userspace. Therefore it is
>> called "rbd" - rados block device.
>>
>> To compile the driver a recent version of ceph (unstable/testin git
>> head or 0.20.3 once it is released) is needed and you have to
>> "--enable-rbd" when running configure.
>>
>> Additional information is available on the Ceph-Wiki:
>>
>> http://ceph.newdream.net/wiki/Kvm-rbd
>>
>> The patch is based on git://repo.or.cz/qemu/kevin.git block
>
> Signed-off-by line is missing.
>
>> ---
>> Makefile | 3 +
>> Makefile.objs | 1 +
>> block/rbd.c | 584
>> +
>> block/rbd_types.h | 52 +
>> configure | 27 +++
>> 5 files changed, 667 insertions(+), 0 deletions(-)
>> create mode 100644 block/rbd.c
>> create mode 100644 block/rbd_types.h
>>
>> diff --git a/Makefile b/Makefile
>> index 7986bf6..8d09612 100644
>> --- a/Makefile
>> +++ b/Makefile
>> @@ -27,6 +27,9 @@ configure: ;
>> $(call set-vpath, $(SRC_PATH):$(SRC_PATH)/hw)
>>
>> LIBS+=-lz $(LIBS_TOOLS)
>> +ifdef CONFIG_RBD
>> +LIBS+=-lrados
>> +endif
>
> You already write the -lrados option to config-host.mak in configure, so
> this looks unnecessary.
>
>>
>> ifdef BUILD_DOCS
>> DOCS=qemu-doc.html qemu-tech.html qemu.1 qemu-img.1 qemu-nbd.8
>> diff --git a/Makefile.objs b/Makefile.objs
>> index 1a942e5..08dc11f 100644
>> --- a/Makefile.objs
>> +++ b/Makefile.objs
>> @@ -18,6 +18,7 @@ block-nested-y += parallels.o nbd.o blkdebug.o
>> block-nested-$(CONFIG_WIN32) += raw-win32.o
>> block-nested-$(CONFIG_POSIX) += raw-posix.o
>> block-nested-$(CONFIG_CURL) += curl.o
>> +block-nested-$(CONFIG_RBD) += rbd.o
>>
>> block-obj-y += $(addprefix block/, $(block-nested-y))
>>
>> diff --git a/block/rbd.c b/block/rbd.c
>> new file mode 100644
>> index 000..375ae9d
>> --- /dev/null
>> +++ b/block/rbd.c
>> @@ -0,0 +1,584 @@
>> +/*
>> + * QEMU Block driver for RADOS (Ceph)
>> + *
>> + * Copyright (C) 2010 Christian Brunner
>> + *
>> + * This work is licensed under the terms of the GNU GPL, version 2. See
>> + * the COPYING file in the top-level directory.
>> + *
>> + */
>> +
>> +#include "qemu-common.h"
>> +#include
>> +#include
>> +
>> +#include
>> +
>> +#include "rbd_types.h"
>> +#include "module.h"
>> +#include "block_int.h"
>> +
>> +#include
>> +#include
>> +#include
>> +
>> +#include
>> +
>> +/*
>> + * When specifying the image filename use:
>> + *
>> + * rbd:poolname/devicename
>> + *
>> + * poolname must be the name of an existing rados pool
>> + *
>> + * devicename is the basename for all objects used to
>> + * emulate the raw device.
>> + *
>> + * Metadata information (image size, ...) is stored in an
>> + * object with the name "devicename.rbd".
>> + *
>> + * The raw device is split into 4MB sized objects by default.
>> + * The sequencenumber is encoded in a 12 byte long hex-string,
>> + * and is attached to the devicename, separated by a dot.
>> + * e.g. "devicename.1234567890ab"
>> + *
>> + */
>> +
>> +#define OBJ_MAX_SIZE (1UL << OBJ_DEFAULT_OBJ_ORDER)
>> +
>> +typedef struct RBDAIOCB {
>> + BlockDriverAIOCB common;
>> + QEMUBH *bh;
>> + int ret;
>> + QEMUIOVector *qiov;
>> + char *bounce;
>> + int write;
>> + int64_t sector_num;
>> + int aiocnt;
>> + int error;
>> +} RBDAIOCB;
>> +
>> +typedef struct RADOSCB {
>> + int rcbid;
>> + RBDAIOCB *acb;
>> + int done;
>> + int64_t segsize;
>> + char *buf;
>> +} RADOSCB;
>> +
>> +typedef struct RBDRVRBDState {
>> + rados_pool_t pool;
>> + char name[RBD_MAX_OBJ_NAME_SIZE];
>> + int name_len;
>
> name_len looks unused.
>
>> + uint64_t size;
>> + uint64_t objsize;
>> +} RBDRVRBDState;
>
> Hm, you mean BDRVRBDState?
>
> Maybe ceph would have been a better driver name to avoid such type
> names. ;-)
>
>> +
>> +typedef struct rbd_obj_header_ondisk RbdHeader1;
>> +
>> +static int rbd_parsename(const char *filename, char *pool, char *name)
>> +{
>> + const char *rbdname;
>> + char *p, *n;
>> + int l;
>> +
>> + if (!strstart(filename, "rbd:", &rbdname)) {
>> + return -EINVAL;
>> + }
>> +
>> + pstrcpy(pool, 2 * RBD_MAX_SEG_NAME_SIZE, rbdname);
>
> Why twice the size? The callers pass a char[RBD_MAX_SEG_NAME_SIZE], so
> doesn't this allow buffer overflows?
>
>> + p = strchr(pool, '/');
>> + if (p == NULL) {
>> + return -EINVAL;
>> + }
>> +
>> + *p = '\0';
>> + n = ++p;
>
> Why introduce a new variable here? p isn't used any more afterwards.
>
Re: [Qemu-devel] [PATCH v2 5/6] MIPS: Initial support of fulong mini pc (CPU definition, machine construction, etc.)
Please find my comments below.
On Wed, May 19, 2010 at 10:28:36PM +0800, Huacai Chen wrote:
> Signed-off-by: Huacai Chen
> ---
> Makefile.target |2 +-
> hw/mips_fulong2e.c | 421
> ++
> target-mips/translate_init.c | 35
> 3 files changed, 457 insertions(+), 1 deletions(-)
> create mode 100644 hw/mips_fulong2e.c
>
> diff --git a/Makefile.target b/Makefile.target
> index 9ed4a8d..db4badd 100644
> --- a/Makefile.target
> +++ b/Makefile.target
> @@ -221,7 +221,7 @@ obj-mips-y += dma.o vga.o i8259.o
> obj-mips-y += g364fb.o jazz_led.o
> obj-mips-y += gt64xxx.o pckbd.o mc146818rtc.o
> obj-mips-y += piix4.o cirrus_vga.o
> -obj-mips-$(CONFIG_FULONG) += bonito.o vt82c686.o
> +obj-mips-$(CONFIG_FULONG) += bonito.o vt82c686.o mips_fulong2e.o
>
> obj-microblaze-y = petalogix_s3adsp1800_mmu.o
>
> diff --git a/hw/mips_fulong2e.c b/hw/mips_fulong2e.c
> new file mode 100644
> index 000..3e6ed7e
> --- /dev/null
> +++ b/hw/mips_fulong2e.c
> @@ -0,0 +1,421 @@
> +/*
> + * QEMU fulong 2e mini pc support
> + *
> + * Copyright (c) 2008 yajin (ya...@vm-kernel.org)
> + * Copyright (c) 2009 chenming (chenm...@rdc.faw.com.cn)
> + * Copyright (c) 2010 Huacai Chen (zltjiang...@gmail.com)
> + * This code is licensed under the GNU GPL v2.
> + */
> +
> +/*
> + * Fulong 2e mini pc is based on ICT/ST Loongson 2e CPU (MIPS III like,
> 800MHz)
> + * http://www.linux-mips.org/wiki/Fulong
> + *
> + * Loongson 2e user manual:
> + * http://www.loongsondeveloper.com/doc/Loongson2EUserGuide.pdf
> + */
> +
> +#include "hw.h"
> +#include "pc.h"
> +#include "fdc.h"
> +#include "net.h"
> +#include "boards.h"
> +#include "smbus.h"
> +#include "block.h"
> +#include "flash.h"
> +#include "mips.h"
> +#include "mips_cpudevs.h"
> +#include "pci.h"
> +#include "usb-uhci.h"
> +#include "qemu-char.h"
> +#include "sysemu.h"
> +#include "audio/audio.h"
> +#include "qemu-log.h"
> +#include "loader.h"
> +#include "mips-bios.h"
> +#include "ide.h"
> +#include "elf.h"
> +#include "mc146818rtc.h"
> +
> +#define DEBUG_FULONG2E_INIT
> +
> +#define ENVP_ADDR 0x80002000l
> +#define ENVP_NB_ENTRIES 16
> +#define ENVP_ENTRY_SIZE 256
> +
> +#define MAX_IDE_BUS 2
> +
> +/* PCI SLOT in fulong 2e */
> +#define FULONG2E_VIA_SLOT5
> +#define FULONG2E_ATI_SLOT6
> +#define FULONG2E_RTL8139_SLOT7
> +
> +static PITState *pit;
> +
> +static struct _loaderparams {
> +int ram_size;
> +const char *kernel_filename;
> +const char *kernel_cmdline;
> +const char *initrd_filename;
> +} loaderparams;
> +
> +static void mips_qemu_writel (void *opaque, target_phys_addr_t addr,
> + uint32_t val)
> +{
> +if ((addr & 0x) == 0 && val == 42)
> +qemu_system_reset_request ();
> +else if ((addr & 0x) == 4 && val == 42)
> +qemu_system_shutdown_request ();
Coding style
> +}
> +
> +static uint32_t mips_qemu_readl (void *opaque, target_phys_addr_t addr)
> +{
> +return 0;
> +}
> +
> +static CPUWriteMemoryFunc *mips_qemu_write[] = {
> +mips_qemu_writel,
> +mips_qemu_writel,
> +mips_qemu_writel,
> +};
> +
> +static CPUReadMemoryFunc *mips_qemu_read[] = {
> +mips_qemu_readl,
> +mips_qemu_readl,
> +mips_qemu_readl,
> +};
If the same function is used for all width, it's probably better to call
it with a name not ending with l.
> +static int mips_qemu_iomemtype = 0;
> +
> +static void prom_set(uint32_t* prom_buf, int index, const char *string, ...)
> +{
> +va_list ap;
> +int32_t table_addr;
> +
> +if (index >= ENVP_NB_ENTRIES)
> +return;
> +
> +if (string == NULL) {
> +prom_buf[index] = 0;
> +return;
> +}
> +
> +table_addr = sizeof(int32_t) * ENVP_NB_ENTRIES + index * ENVP_ENTRY_SIZE;
> +prom_buf[index] = tswap32(ENVP_ADDR + table_addr);
> +
> +va_start(ap, string);
> +vsnprintf((char *)prom_buf + table_addr, ENVP_ENTRY_SIZE, string, ap);
> +va_end(ap);
> +}
> +
> +static int64_t load_kernel (CPUState *env)
> +{
> +int64_t kernel_entry, kernel_low, kernel_high;
> +int index = 0;
> +long initrd_size;
> +ram_addr_t initrd_offset;
> +uint32_t *prom_buf;
> +long prom_size;
> +
> +if (load_elf(loaderparams.kernel_filename, cpu_mips_kseg0_to_phys, NULL,
> + (uint64_t *)&kernel_entry, (uint64_t *)&kernel_low,
> + (uint64_t *)&kernel_high, 0, ELF_MACHINE, 1) < 0) {
> +fprintf(stderr, "qemu: could not load kernel '%s'\n",
> +loaderparams.kernel_filename);
> +exit(1);
> +}
> +
> +/* load initrd */
> +initrd_size = 0;
> +initrd_offset = 0;
> +if (loaderparams.initrd_filename) {
> +initrd_size = get_image_size (loaderparams.initrd_filename);
> +if (initrd_size > 0) {
> +initrd_offset = (kernel_high + ~TARGET_PAGE_MASK) &
> TARGET_PAGE_MASK;
> +if (initrd_offset +
Re: [Qemu-devel] Re: Another SIGFPE in display code, now in cirrus
12.05.2010 22:11, Stefano Stabellini wrote:
On Wed, 12 May 2010, Jamie Lokier wrote:
Stefano Stabellini wrote:
On Wed, 12 May 2010, Avi Kivity wrote:
It's useful if you have a one-line horizontal pattern you want to
propagate all over.
It might be useful all right, but it is not entirely clear what the
hardware should do in this situation from the documentation we have, and
certainly the current state of the cirrus emulation code doesn't help.
It's quite a reasonable thing for hardware to do, even if not documented.
It would be surprising if the hardware didn't copy the one-line pattern.
All right then, you convinced me :)
This is my proposed solution, however it is untested with Windows NT.
Signed-off-by: Stefano Stabellini
So.. what's the status of this, after all? :)
As far as I can tell, it has been agreed that the patch
is good, and verified that it fixes the problem. Should
we just throw it away and start from scratch, or what? :)
Thanks!
diff --git a/hw/cirrus_vga.c b/hw/cirrus_vga.c
index 9f61a01..a7f0d3c 100644
--- a/hw/cirrus_vga.c
+++ b/hw/cirrus_vga.c
@@ -676,15 +676,17 @@ static void cirrus_do_copy(CirrusVGAState *s, int dst,
int src, int w, int h)
int sx, sy;
int dx, dy;
int width, height;
+uint32_t start_addr, line_offset, line_compare;
int depth;
int notify = 0;
depth = s->vga.get_bpp(&s->vga) / 8;
s->vga.get_resolution(&s->vga,&width,&height);
+s->vga.get_offsets(&s->vga,&line_offset,&start_addr,&line_compare);
/* extra x, y */
-sx = (src % ABS(s->cirrus_blt_srcpitch)) / depth;
-sy = (src / ABS(s->cirrus_blt_srcpitch));
+sx = (src % line_offset) / depth;
+sy = (src / line_offset);
dx = (dst % ABS(s->cirrus_blt_dstpitch)) / depth;
dy = (dst / ABS(s->cirrus_blt_dstpitch));
@@ -725,18 +727,23 @@ static void cirrus_do_copy(CirrusVGAState *s, int dst,
int src, int w, int h)
s->cirrus_blt_dstpitch, s->cirrus_blt_srcpitch,
s->cirrus_blt_width, s->cirrus_blt_height);
-if (notify)
- qemu_console_copy(s->vga.ds,
- sx, sy, dx, dy,
- s->cirrus_blt_width / depth,
- s->cirrus_blt_height);
-
-/* we don't have to notify the display that this portion has
- changed since qemu_console_copy implies this */
-
-cirrus_invalidate_region(s, s->cirrus_blt_dstaddr,
- s->cirrus_blt_dstpitch, s->cirrus_blt_width,
- s->cirrus_blt_height);
+ if (ABS(s->cirrus_blt_dstpitch) != line_offset ||
+ ABS(s->cirrus_blt_srcpitch) != line_offset) {
+ /* this is not going to happen very often */
+ vga_hw_invalidate();
+ } else {
+ if (notify)
+ /* we don't have to notify the display that this portion has
+changed since qemu_console_copy implies this */
+ qemu_console_copy(s->vga.ds,
+ sx, sy, dx, dy,
+ s->cirrus_blt_width / depth,
+ s->cirrus_blt_height);
+ else
+ cirrus_invalidate_region(s, s->cirrus_blt_dstaddr,
+ s->cirrus_blt_dstpitch,
s->cirrus_blt_width,
+ s->cirrus_blt_height);
+ }
}
static int cirrus_bitblt_videotovideo_copy(CirrusVGAState * s)
diff --git a/hw/cirrus_vga_rop.h b/hw/cirrus_vga_rop.h
index 39a7b72..80f135b 100644
--- a/hw/cirrus_vga_rop.h
+++ b/hw/cirrus_vga_rop.h
@@ -32,10 +32,10 @@ glue(cirrus_bitblt_rop_fwd_, ROP_NAME)(CirrusVGAState *s,
dstpitch -= bltwidth;
srcpitch -= bltwidth;
-if (dstpitch< 0 || srcpitch< 0) {
-/* is 0 valid? srcpitch == 0 could be useful */
+if (dstpitch< 0)
return;
-}
+if (srcpitch< 0)
+srcpitch = 0;
for (y = 0; y< bltheight; y++) {
for (x = 0; x< bltwidth; x++) {
@@ -57,6 +57,12 @@ glue(cirrus_bitblt_rop_bkwd_, ROP_NAME)(CirrusVGAState *s,
int x,y;
dstpitch += bltwidth;
srcpitch += bltwidth;
+
+if (dstpitch> 0)
+return;
+if (srcpitch> 0)
+srcpitch = 0;
+
for (y = 0; y< bltheight; y++) {
for (x = 0; x< bltwidth; x++) {
ROP_OP(*dst, *src);
@@ -78,6 +84,12 @@ glue(glue(cirrus_bitblt_rop_fwd_transp_,
ROP_NAME),_8)(CirrusVGAState *s,
uint8_t p;
dstpitch -= bltwidth;
srcpitch -= bltwidth;
+
+if (dstpitch< 0)
+return;
+if (srcpitch< 0)
+srcpitch = 0;
+
for (y = 0; y< bltheight; y++) {
for (x = 0; x< bltwidth; x++) {
p = *dst;
@@ -101,6 +113,12 @@ glue(glue(cirrus_bitblt_rop_bkwd_transp_,
ROP_NAME),_8)(CirrusVGAState *s,
uint8_t p;
dstpitch += bltwidth;
srcpitch += bltwidth;
+
+if (dstpitch> 0)
+return;
+if (srcpitch> 0)
+srcpitch = 0;
Re: [Qemu-devel] [PATCH 0/2] [RFC] 64-bit io paths
> The basic device interface looks like > ... > + > +/* Register a memory region at START_ADDR/SIZE. The REGION structure will > + be initialized appropriately for DEV using CB as the operation set. */ > +extern void cpu_register_memory_region(MemoryRegion *region, > + const MemoryCallbackInfo *cb, > + target_phys_addr_t start_addr, > + target_phys_addr_t size); > + > +/* Unregister a memory region. */ > +extern void cpu_unregister_memory_region(MemoryRegion *); > + > +/* Allocate ram for use with cpu_register_memory_region. */ > +extern const MemoryCallbackInfo *qemu_ram_alloc_r(ram_addr_t); > +extern void qemu_ram_free_r(const MemoryCallbackInfo *); > > The Basic Idea is that we have a MemoryRegion object that describes > a contiguous mapping within the guest address space. This object > needs to handle RAM, ROM and devices. The desire to handle memory > and devices the same comes from the wish to have PCI device BARs > show up as plain memory in the TLB as plain memory, and to be able > to handle all PCI device regions identically within sysbus. Looks reasonable to me. I'm tempted to add a DeviceState* argument to cpu_register_memory_region. This might be informative for debugging, and allow future disjoint bus support. OTOH it may be more trouble than it's worth. > I will admit that I do not yet have a good replacement for IO_MEM_ROMD, > or toggling the read-only bit on a RAM region.
Re: [Qemu-devel] Re: [RFT][PATCH 07/15] qemu_irq: Add IRQ handlers with delivery feedback
On Fri, May 28, 2010 at 08:06:45PM +, Blue Swirl wrote: > 2010/5/28 Gleb Natapov : > > On Thu, May 27, 2010 at 06:37:10PM +, Blue Swirl wrote: > >> 2010/5/27 Gleb Natapov : > >> > On Wed, May 26, 2010 at 08:35:00PM +, Blue Swirl wrote: > >> >> On Wed, May 26, 2010 at 8:09 PM, Jan Kiszka wrote: > >> >> > Blue Swirl wrote: > >> >> >> On Tue, May 25, 2010 at 9:44 PM, Jan Kiszka > >> >> >> wrote: > >> >> >>> Anthony Liguori wrote: > >> >> On 05/25/2010 02:09 PM, Blue Swirl wrote: > >> >> > On Mon, May 24, 2010 at 8:13 PM, Jan Kiszka > >> >> > wrote: > >> >> > > >> >> >> From: Jan Kiszka > >> >> >> > >> >> >> This allows to communicate potential IRQ coalescing during > >> >> >> delivery from > >> >> >> the sink back to the source. Targets that support IRQ coalescing > >> >> >> workarounds need to register handlers that return the appropriate > >> >> >> QEMU_IRQ_* code, and they have to propergate the code across all > >> >> >> IRQ > >> >> >> redirections. If the IRQ source receives a QEMU_IRQ_COALESCED, > >> >> >> it can > >> >> >> apply its workaround. If multiple sinks exist, the source may > >> >> >> only > >> >> >> consider an IRQ coalesced if all other sinks either report > >> >> >> QEMU_IRQ_COALESCED as well or QEMU_IRQ_MASKED. > >> >> >> > >> >> > No real devices are interested whether any of their output lines > >> >> > are > >> >> > even connected. This would introduce a new signal type, > >> >> > bidirectional > >> >> > multi-level, which is not correct. > >> >> > > >> >> I don't think it's really an issue of correct, but I wouldn't > >> >> disagree > >> >> to a suggestion that we ought to introduce a new signal type for > >> >> this > >> >> type of bidirectional feedback. Maybe it's qemu_coalesced_irq and > >> >> has a > >> >> similar interface as qemu_irq. > >> >> >>> A separate type would complicate the delivery of the feedback value > >> >> >>> across GPIO pins (as Paul requested for the RTC->HPET routing). > >> >> >>> > >> >> > I think the real solution to coalescing is put the logic inside > >> >> > one > >> >> > device, in this case APIC because it has the information about irq > >> >> > delivery. APIC could monitor incoming RTC irqs for frequency > >> >> > information and whether they get delivered or not. If not, an > >> >> > internal > >> >> > timer is installed which injects the lost irqs. > >> >> >>> That won't fly as the IRQs will already arrive at the APIC with a > >> >> >>> sufficiently high jitter. At the bare minimum, you need to tell the > >> >> >>> interrupt controller about the fact that a particular IRQ should be > >> >> >>> delivered at a specific regular rate. For this, you also need a > >> >> >>> generic > >> >> >>> interface - nothing really "won". > >> >> >> > >> >> >> OK, let's simplify: just reinject at next possible chance. No need to > >> >> >> monitor or tell anything. > >> >> > > >> >> > There are guests that won't like this (I know of one in-house, but > >> >> > others may even have more examples), specifically if you end up firing > >> >> > multiple IRQs in a row due to a longer backlog. For that reason, the > >> >> > RTC > >> >> > spreads the reinjection according to the current rate. > >> >> > >> >> Then reinject with a constant delay, or next CPU exit. Such buggy > >> > If guest's time frequency is the same as host time frequency you can't > >> > reinject with constant delay. That is why current code mixes two > >> > approaches: reinject M interrupts in a raw then delay. > >> > >> This approach can be also used by APIC-only version. > >> > > I don't know what APIC-only version you are talking about. I haven't > > seen the code and I don't understand hand waving, sorry. > > There is no code, because we're still at architecture design stage. > Try to write test code to understand the problem better. > >> >> guests could also be assisted with special handling (like win2k > >> >> install hack), for example guest instructions could be counted > >> >> (approximately, for example using TB size or TSC) and only inject > >> >> after at least N instructions have passed. > >> > Guest instructions cannot be easily counted in KVM (it can be done more > >> > or less reliably using perf counters, may be). > >> > >> Aren't there any debug registers or perf counters, which can generate > >> an interrupt after some number of instructions have been executed? > > Don't think debug registers have something like that and they are > > available for guest use anyway. Perf counters differs greatly from CPU > > to CPU (even between two CPUs of the same manufacturer), and we want to > > keep using them for profiling guests. And I don't see what problem it > > will solve anyway that can be solved by simple delay between irq > > reinjection. > > This would allow counting the executed instructions a
[Qemu-devel] [Bug 584121] Re: migration always fails on 32bit qemu-kvm-0.12+ (sigsegv)
..And without -enable-kvm, it works (it corrupts cirrus vga but that's another issue, fixed in 0.13-tobe). -- migration always fails on 32bit qemu-kvm-0.12+ (sigsegv) https://bugs.launchpad.net/bugs/584121 You received this bug notification because you are a member of qemu- devel-ml, which is subscribed to QEMU. Status in QEMU: Incomplete Bug description: On a 32bit host (or when running 32bit userspace on 64bit host), migration always fails with a crash of qemu-kvm process. See http://marc.info/?l=kvm&m=127351472231666 for more information.
[Qemu-devel] [Bug 584121] Re: migration always fails on 32bit qemu-kvm-0.12+ (sigsegv)
Running it on unmodified qemu-0.12.4 gives the same effect: the sending side crashes immediately with heap corruption (detected in realloc). On the receiving side, there are 2 messages: qemu: warning: error while loading state for instance 0x0 of device 'ram' load of migration failed ie, the same as in qemu-kvm case. This is with -enable-kvm. Running without... -- migration always fails on 32bit qemu-kvm-0.12+ (sigsegv) https://bugs.launchpad.net/bugs/584121 You received this bug notification because you are a member of qemu- devel-ml, which is subscribed to QEMU. Status in QEMU: Incomplete Bug description: On a 32bit host (or when running 32bit userspace on 64bit host), migration always fails with a crash of qemu-kvm process. See http://marc.info/?l=kvm&m=127351472231666 for more information.
Re: [Qemu-devel] [PATCH v2 1/6] MIPS: Initial support of bonito north bridge used by fulong mini pc
Please find my comments below. Note that I don't feel very comfortable with PCI code, so a review from someone know this part of QEMU would be nice. On Wed, May 19, 2010 at 10:26:32PM +0800, Huacai Chen wrote: > Signed-off-by: Huacai Chen > --- > Makefile.target |1 + > default-configs/mips64el-softmmu.mak |1 + > hw/bonito.c | 950 > ++ > hw/mips.h|3 + > 4 files changed, 955 insertions(+), 0 deletions(-) > create mode 100644 hw/bonito.c > > diff --git a/Makefile.target b/Makefile.target > index a22484e..247a2eb 100644 > --- a/Makefile.target > +++ b/Makefile.target > @@ -221,6 +221,7 @@ obj-mips-y += dma.o vga.o i8259.o > obj-mips-y += g364fb.o jazz_led.o > obj-mips-y += gt64xxx.o pckbd.o mc146818rtc.o > obj-mips-y += piix4.o cirrus_vga.o > +obj-mips-$(CONFIG_FULONG) += bonito.o > > obj-microblaze-y = petalogix_s3adsp1800_mmu.o > > diff --git a/default-configs/mips64el-softmmu.mak > b/default-configs/mips64el-softmmu.mak > index 6fa54a3..b731c74 100644 > --- a/default-configs/mips64el-softmmu.mak > +++ b/default-configs/mips64el-softmmu.mak > @@ -27,3 +27,4 @@ CONFIG_DP8393X=y > CONFIG_DS1225Y=y > CONFIG_MIPSNET=y > CONFIG_PFLASH_CFI01=y > +CONFIG_FULONG=y > diff --git a/hw/bonito.c b/hw/bonito.c > new file mode 100644 > index 000..246c12a > --- /dev/null > +++ b/hw/bonito.c > @@ -0,0 +1,950 @@ > +/* > + * bonito north bridge support > + * > + * Copyright (c) 2008 yajin (ya...@vm-kernel.org) > + * Copyright (c) 2010 Huacai Chen (zltjiang...@gmail.com) > + * > + * This code is licensed under the GNU GPL v2. > + */ > + > +/* > + * fulong 2e mini pc has a bonito north bridge. > + */ > + > +/* what is the meaning of devfn in qemu and IDSEL in bonito northbridge? > + * > + * devfn pci_slot<<3 + funno > + * one pci bus can have 32 devices and each device can have 8 functions. > + * > + * In bonito north bridge, pci slot = IDSEL bit - 12. > + * For example, PCI_IDSEL_VIA686B = 17, > + * pci slot = 17-12=5 > + * > + * so > + * VT686B_FUN0's devfn = (5<<3)+0 > + * VT686B_FUN1's devfn = (5<<3)+1 > + * > + * qemu also uses pci address for north bridge to access pci config register. > + * bus_no [23:16] > + * dev_no [15:11] > + * fun_no [10:8] > + * reg_no [7:2] > + * > + * so function bonito_sbridge_pciaddr for the translation from > + * north bridge address to pci address. > + */ > + > +#include > + > +#include "hw.h" > +#include "pci.h" > +#include "pc.h" > +#include "mips.h" > + > +typedef target_phys_addr_t pci_addr_t; > +#include "pci_host.h" > + > +//#define DEBUG_BONITO > + > +#ifdef DEBUG_BONITO > +#define DPRINTF(fmt, ...) fprintf(stderr, "%s: " fmt, __FUNCTION__, > ##__VA_ARGS__) > +#else > +#define DPRINTF(fmt, ...) > +#endif > + > +/* from linux soure code. include/asm-mips/mips-boards/bonito64.h*/ > +#define BONITO_BOOT_BASE0x1fc0 > +#define BONITO_BOOT_SIZE0x0010 > +#define BONITO_BOOT_TOP (BONITO_BOOT_BASE+BONITO_BOOT_SIZE-1) > +#define BONITO_FLASH_BASE 0x1c00 > +#define BONITO_FLASH_SIZE 0x0300 > +#define BONITO_FLASH_TOP(BONITO_FLASH_BASE+BONITO_FLASH_SIZE-1) > +#define BONITO_SOCKET_BASE 0x1f80 > +#define BONITO_SOCKET_SIZE 0x0040 > +#define BONITO_SOCKET_TOP (BONITO_SOCKET_BASE+BONITO_SOCKET_SIZE-1) > +#define BONITO_REG_BASE 0x1fe0 > +#define BONITO_REG_SIZE 0x0004 > +#define BONITO_REG_TOP (BONITO_REG_BASE+BONITO_REG_SIZE-1) > +#define BONITO_DEV_BASE 0x1ff0 > +#define BONITO_DEV_SIZE 0x0010 > +#define BONITO_DEV_TOP (BONITO_DEV_BASE+BONITO_DEV_SIZE-1) > +#define BONITO_PCILO_BASE 0x1000 > +#define BONITO_PCILO_BASE_VA0xb000 > +#define BONITO_PCILO_SIZE 0x0c00 > +#define BONITO_PCILO_TOP(BONITO_PCILO_BASE+BONITO_PCILO_SIZE-1) > +#define BONITO_PCILO0_BASE 0x1000 > +#define BONITO_PCILO1_BASE 0x1400 > +#define BONITO_PCILO2_BASE 0x1800 > +#define BONITO_PCIHI_BASE 0x2000 > +#define BONITO_PCIHI_SIZE 0x2000 > +#define BONITO_PCIHI_TOP(BONITO_PCIHI_BASE+BONITO_PCIHI_SIZE-1) > +#define BONITO_PCIIO_BASE 0x1fd0 > +#define BONITO_PCIIO_BASE_VA0xbfd0 > +#define BONITO_PCIIO_SIZE 0x0001 > +#define BONITO_PCIIO_TOP(BONITO_PCIIO_BASE+BONITO_PCIIO_SIZE-1) > +#define BONITO_PCICFG_BASE 0x1fe8 > +#define BONITO_PCICFG_SIZE 0x0008 > +#define BONITO_PCICFG_TOP (BONITO_PCICFG_BASE+BONITO_PCICFG_SIZE-1) > + > + > +#define BONITO_PCICONFIGBASE0x00 > +#define BONITO_REGBASE 0x100 > + > +#define BONITO_PCICONFIG_BASE (BONITO_PCICONFIGBASE+BONITO_REG_BASE) > +#define BONITO_PCICONFIG_SIZE (0x100) > + > +#define BONITO_INTERNAL_REG_BASE (BONITO_REGBASE+BONITO_REG_BASE) > +#define BONITO_INTERNAL_REG_SIZE (0x70) > + > +#define BONITO_SPCICONFIG_BASE
Re: [Qemu-devel] [PATCH] sparc64: fix 128-bit atomic load from nucleus context
On Fri, May 28, 2010 at 9:48 AM, Igor V. Kovalenko
wrote:
> From: Igor V. Kovalenko
>
> Signed-off-by: Igor V. Kovalenko
> ---
> sparc-dis.c | 2 ++
> target-sparc/op_helper.c | 10 +-
> 2 files changed, 7 insertions(+), 5 deletions(-)
>
> diff --git a/sparc-dis.c b/sparc-dis.c
> index c1b682d..dbd3b4f 100644
> --- a/sparc-dis.c
> +++ b/sparc-dis.c
> @@ -2155,6 +2155,8 @@ static const arg asi_table_v9[] =
> /* These are UltraSPARC extensions. */
> { 0x14, "#ASI_PHYS_USE_EC"},
> { 0x15, "#ASI_PHYS_BYPASS_EC_WITH_EBIT"},
> + { 0x24, "#ASI_NUCLEUS_QUAD_LDD" },
> + { 0x2c, "#ASI_NUCLEUS_QUAD_LDD_LITTLE" },
> { 0x45, "#ASI_LSU_CONTROL_REG"},
> { 0x47, "#ASI_DCACHE_TAG"},
> { 0x49, "#ASI_INTR_RECEIVE"},
The patch does not apply because the above line is not in the tree.
This change should be also mentioned in the commit body.
> diff --git a/target-sparc/op_helper.c b/target-sparc/op_helper.c
> index e946ec7..63fef8c 100644
> --- a/target-sparc/op_helper.c
> +++ b/target-sparc/op_helper.c
> @@ -3088,19 +3088,19 @@ void helper_ldda_asi(target_ulong addr, int asi, int
> rd)
> case 0x2c: // Nucleus quad LDD 128 bit atomic LE
> helper_check_align(addr, 0xf);
> if (rd == 0) {
> - env->gregs[1] = ldq_kernel(addr + 8);
> + env->gregs[1] = ldq_nucleus(addr + 8);
> if (asi == 0x2c)
> bswap64s(&env->gregs[1]);
> } else if (rd < 8) {
> - env->gregs[rd] = ldq_kernel(addr);
> - env->gregs[rd + 1] = ldq_kernel(addr + 8);
> + env->gregs[rd] = ldq_nucleus(addr);
> + env->gregs[rd + 1] = ldq_nucleus(addr + 8);
> if (asi == 0x2c) {
> bswap64s(&env->gregs[rd]);
> bswap64s(&env->gregs[rd + 1]);
> }
> } else {
> - env->regwptr[rd] = ldq_kernel(addr);
> - env->regwptr[rd + 1] = ldq_kernel(addr + 8);
> + env->regwptr[rd] = ldq_nucleus(addr);
> + env->regwptr[rd + 1] = ldq_nucleus(addr + 8);
> if (asi == 0x2c) {
> bswap64s(&env->regwptr[rd]);
> bswap64s(&env->regwptr[rd + 1]);
>
>
>
Re: [Qemu-devel] Re: [RFT][PATCH 07/15] qemu_irq: Add IRQ handlers with delivery feedback
2010/5/28 Gleb Natapov : > On Thu, May 27, 2010 at 06:37:10PM +, Blue Swirl wrote: >> 2010/5/27 Gleb Natapov : >> > On Wed, May 26, 2010 at 08:35:00PM +, Blue Swirl wrote: >> >> On Wed, May 26, 2010 at 8:09 PM, Jan Kiszka wrote: >> >> > Blue Swirl wrote: >> >> >> On Tue, May 25, 2010 at 9:44 PM, Jan Kiszka wrote: >> >> >>> Anthony Liguori wrote: >> >> On 05/25/2010 02:09 PM, Blue Swirl wrote: >> >> > On Mon, May 24, 2010 at 8:13 PM, Jan Kiszka >> >> > wrote: >> >> > >> >> >> From: Jan Kiszka >> >> >> >> >> >> This allows to communicate potential IRQ coalescing during >> >> >> delivery from >> >> >> the sink back to the source. Targets that support IRQ coalescing >> >> >> workarounds need to register handlers that return the appropriate >> >> >> QEMU_IRQ_* code, and they have to propergate the code across all >> >> >> IRQ >> >> >> redirections. If the IRQ source receives a QEMU_IRQ_COALESCED, it >> >> >> can >> >> >> apply its workaround. If multiple sinks exist, the source may only >> >> >> consider an IRQ coalesced if all other sinks either report >> >> >> QEMU_IRQ_COALESCED as well or QEMU_IRQ_MASKED. >> >> >> >> >> > No real devices are interested whether any of their output lines are >> >> > even connected. This would introduce a new signal type, >> >> > bidirectional >> >> > multi-level, which is not correct. >> >> > >> >> I don't think it's really an issue of correct, but I wouldn't >> >> disagree >> >> to a suggestion that we ought to introduce a new signal type for this >> >> type of bidirectional feedback. Maybe it's qemu_coalesced_irq and >> >> has a >> >> similar interface as qemu_irq. >> >> >>> A separate type would complicate the delivery of the feedback value >> >> >>> across GPIO pins (as Paul requested for the RTC->HPET routing). >> >> >>> >> >> > I think the real solution to coalescing is put the logic inside one >> >> > device, in this case APIC because it has the information about irq >> >> > delivery. APIC could monitor incoming RTC irqs for frequency >> >> > information and whether they get delivered or not. If not, an >> >> > internal >> >> > timer is installed which injects the lost irqs. >> >> >>> That won't fly as the IRQs will already arrive at the APIC with a >> >> >>> sufficiently high jitter. At the bare minimum, you need to tell the >> >> >>> interrupt controller about the fact that a particular IRQ should be >> >> >>> delivered at a specific regular rate. For this, you also need a >> >> >>> generic >> >> >>> interface - nothing really "won". >> >> >> >> >> >> OK, let's simplify: just reinject at next possible chance. No need to >> >> >> monitor or tell anything. >> >> > >> >> > There are guests that won't like this (I know of one in-house, but >> >> > others may even have more examples), specifically if you end up firing >> >> > multiple IRQs in a row due to a longer backlog. For that reason, the RTC >> >> > spreads the reinjection according to the current rate. >> >> >> >> Then reinject with a constant delay, or next CPU exit. Such buggy >> > If guest's time frequency is the same as host time frequency you can't >> > reinject with constant delay. That is why current code mixes two >> > approaches: reinject M interrupts in a raw then delay. >> >> This approach can be also used by APIC-only version. >> > I don't know what APIC-only version you are talking about. I haven't > seen the code and I don't understand hand waving, sorry. There is no code, because we're still at architecture design stage. >> >> guests could also be assisted with special handling (like win2k >> >> install hack), for example guest instructions could be counted >> >> (approximately, for example using TB size or TSC) and only inject >> >> after at least N instructions have passed. >> > Guest instructions cannot be easily counted in KVM (it can be done more >> > or less reliably using perf counters, may be). >> >> Aren't there any debug registers or perf counters, which can generate >> an interrupt after some number of instructions have been executed? > Don't think debug registers have something like that and they are > available for guest use anyway. Perf counters differs greatly from CPU > to CPU (even between two CPUs of the same manufacturer), and we want to > keep using them for profiling guests. And I don't see what problem it > will solve anyway that can be solved by simple delay between irq > reinjection. This would allow counting the executed instructions and limit it. Thus we could emulate a 500MHz CPU on a 2GHz CPU more accurately. >> >> >> >> >> > And even if the rate did not matter, the APIC woult still have to now >> >> > about the fact that an IRQ is really periodic and does not only appear >> >> > as such for a certain interval. This really does not sound like >> >> > simplifying things or even make them cleaner. >> >> >>
Re: [Qemu-devel] [PATCH] MIPS DINSU
On Mon, May 17, 2010 at 04:20:21PM +0400, Dmitry Antipov wrote: > Hello, > > shouldn't it be in that way? > > Dmitry > Good catch, it is correct. Would you mind resending the patch with a Signed-off-by: line? > --- qemu-0.12.4/target-mips/translate.c 2010-05-17 16:12:58.048661610 > +0400 > +++ qemu-0.12.4/target-mips/translate.c 2010-05-17 16:13:12.281656754 > +0400 > @@ -2761,7 +2761,7 @@ > case OPC_DINSU: > if (lsb > msb) > goto fail; > -mask = ((1ULL << (msb - lsb + 1)) - 1) << lsb; > +mask = ((1ULL << (msb - lsb + 1)) - 1) << (lsb + 32); > gen_load_gpr(t0, rt); > tcg_gen_andi_tl(t0, t0, ~mask); > tcg_gen_shli_tl(t1, t1, lsb + 32); -- Aurelien Jarno GPG: 1024D/F1BCDB73 aurel...@aurel32.net http://www.aurel32.net
Re: [Qemu-devel] [PATCH] musicpal: Drop redundant reset call
On Thu, May 13, 2010 at 03:09:58PM +0200, Jan Kiszka wrote: > Reset is now triggered after init, no need for explicit calls anymore. Thanks, applied. > Signed-off-by: Jan Kiszka > --- > hw/musicpal.c |2 -- > 1 files changed, 0 insertions(+), 2 deletions(-) > > diff --git a/hw/musicpal.c b/hw/musicpal.c > index ebd933e..d44c5a0 100644 > --- a/hw/musicpal.c > +++ b/hw/musicpal.c > @@ -1295,8 +1295,6 @@ static int musicpal_gpio_init(SysBusDevice *dev) > musicpal_gpio_writefn, s); > sysbus_init_mmio(dev, MP_GPIO_SIZE, iomemtype); > > -musicpal_gpio_reset(&dev->qdev); > - > qdev_init_gpio_out(&dev->qdev, s->out, ARRAY_SIZE(s->out)); > > qdev_init_gpio_in(&dev->qdev, musicpal_gpio_pin_event, 32); > -- > 1.6.0.2 > -- Aurelien Jarno GPG: 1024D/F1BCDB73 aurel...@aurel32.net http://www.aurel32.net
Re: [Qemu-devel] [PATCH v2] doc: Update monitor info subcommands
On Wed, May 12, 2010 at 03:10:56PM +0100, Stefan Hajnoczi wrote: > The "info blockstats" documentation was copy-pasted as "info block" > instead of "info blockstats". The documentation for "commands", "jit", > "numa", "qdm", and "roms" is missing. This patch resolves these issues > in qemu-monitor.hx. > > Signed-off-by: Stefan Hajnoczi Thanks, applied. > --- > v2: > * "commands", "jit", and "numa" > > qemu-monitor.hx | 12 +++- > 1 files changed, 11 insertions(+), 1 deletions(-) > > diff --git a/qemu-monitor.hx b/qemu-monitor.hx > index a8f194c..f411bd1 100644 > --- a/qemu-monitor.hx > +++ b/qemu-monitor.hx > @@ -54,13 +54,15 @@ Show various information about the system state. > @table @option > @item info version > show the version of QEMU > +...@item info commands > +list QMP available commands > @item info network > show the various VLANs and the associated devices > @item info chardev > show the character devices > @item info block > show the block devices > -...@item info block > +...@item info blockstats > show block device statistics > @item info registers > show the cpu registers > @@ -80,8 +82,12 @@ show virtual to physical memory mappings (i386 only) > show the active virtual memory mappings (i386 only) > @item info hpet > show state of HPET (i386 only) > +...@item info jit > +show dynamic compiler info > @item info kvm > show KVM information > +...@item info numa > +show NUMA information > @item info usb > show USB devices plugged on the virtual USB hub > @item info usbhost > @@ -114,6 +120,10 @@ show migration status > show balloon information > @item info qtree > show device tree > +...@item info qdm > +show qdev device model list > +...@item info roms > +show roms > @end table > ETEXI > > -- > 1.7.1 > > > -- Aurelien Jarno GPG: 1024D/F1BCDB73 aurel...@aurel32.net http://www.aurel32.net
Re: [Qemu-devel] [PATCH] Name the default PCI bus "pci.0" on all architectures
> The system emulators for each arch are using inconsistent > naming for the default PCI bus "pci" vs "pci.0". Since it > is conceivable we'll have multiple PCI buses in the future > standardize on "pci.0" for all architectures. This ensures > mgmt apps can rely on a name when assigning PCI devices an > address on the bus using eg '-device e1000,bus=pci.0,addr=3' No. Bus names are local to the parent device. None of the host bridges support multiple bridges, so the ".0" suffix makes no sense. The parent device has no idea whether it owns the "default" pci bus or not. If you have multiple PCI busses then you can identify them by the device path. Paul
Re: [Qemu-devel] [PATCH] Fix overflow in i440fx_init()
On Sun, May 09, 2010 at 02:51:13PM +0300, Avi Kivity wrote:
> The ram_size parameter can be larger than an int, so it may be truncated.
>
> Fix by using the correct type.
Thanks, applied.
> Signed-off-by: Avi Kivity
> ---
> hw/pc.h |2 +-
> hw/piix_pci.c |2 +-
> 2 files changed, 2 insertions(+), 2 deletions(-)
>
> diff --git a/hw/pc.h b/hw/pc.h
> index e57821a..4898b37 100644
> --- a/hw/pc.h
> +++ b/hw/pc.h
> @@ -115,7 +115,7 @@ int pcspk_audio_init(qemu_irq *pic);
> struct PCII440FXState;
> typedef struct PCII440FXState PCII440FXState;
>
> -PCIBus *i440fx_init(PCII440FXState **pi440fx_state, int *piix_devfn,
> qemu_irq *pic, int ram_size);
> +PCIBus *i440fx_init(PCII440FXState **pi440fx_state, int *piix_devfn,
> qemu_irq *pic, ram_addr_t ram_size);
> void i440fx_set_smm(PCII440FXState *d, int val);
> void i440fx_init_memory_mappings(PCII440FXState *d);
>
> diff --git a/hw/piix_pci.c b/hw/piix_pci.c
> index 625fc1c..2e44b78 100644
> --- a/hw/piix_pci.c
> +++ b/hw/piix_pci.c
> @@ -220,7 +220,7 @@ static int i440fx_initfn(PCIDevice *dev)
>
> static PIIX3State *piix3_dev;
>
> -PCIBus *i440fx_init(PCII440FXState **pi440fx_state, int *piix3_devfn,
> qemu_irq *pic, int ram_size)
> +PCIBus *i440fx_init(PCII440FXState **pi440fx_state, int *piix3_devfn,
> qemu_irq *pic, ram_addr_t ram_size)
> {
> DeviceState *dev;
> PCIBus *b;
> --
> 1.7.0.4
>
>
>
>
--
Aurelien Jarno GPG: 1024D/F1BCDB73
aurel...@aurel32.net http://www.aurel32.net
Re: [Qemu-devel] [PATCH] Compile dma only once
> Use a qemu_irq to request CPU exit. Needing to request a CPU exit at all is just wrong. See previous discussions about how any use of qemu_bh_schedule_idle is fundamentally broken. Paul
Re: [Qemu-devel] [PATCH] arm: prevent coprocessor IO reset
On Sat, May 08, 2010 at 10:42:43PM +0200, Lars Munch wrote:
> This prevent coprocessor IO structure from being reset on cpu reset. This was
> a problem for PXA which uses coprocessor 6 and 14.
>
> Signed-off-by: Lars Munch
Thanks, applied.
> ---
> target-arm/cpu.h | 14 +++---
> 1 files changed, 7 insertions(+), 7 deletions(-)
>
> diff --git a/target-arm/cpu.h b/target-arm/cpu.h
> index 1e34541..f3d138d 100644
> --- a/target-arm/cpu.h
> +++ b/target-arm/cpu.h
> @@ -148,13 +148,6 @@ typedef struct CPUARMState {
> int pending_exception;
> } v7m;
>
> -/* Coprocessor IO used by peripherals */
> -struct {
> -ARMReadCPFunc *cp_read;
> -ARMWriteCPFunc *cp_write;
> -void *opaque;
> -} cp[15];
> -
> /* Thumb-2 EE state. */
> uint32_t teecr;
> uint32_t teehbr;
> @@ -204,6 +197,13 @@ typedef struct CPUARMState {
> CPU_COMMON
>
> /* These fields after the common ones so they are preserved on reset. */
> +
> +/* Coprocessor IO used by peripherals */
> +struct {
> +ARMReadCPFunc *cp_read;
> +ARMWriteCPFunc *cp_write;
> +void *opaque;
> +} cp[15];
> void *nvic;
> struct arm_boot_info *boot_info;
> } CPUARMState;
> --
> 1.7.1
>
>
>
>
--
Aurelien Jarno GPG: 1024D/F1BCDB73
aurel...@aurel32.net http://www.aurel32.net
Re: [Qemu-devel] Re: RFC: blockdev_add & friends, brief rationale, QMP docs
On Fri, 28 May 2010 14:17:07 -0500
Anthony Liguori wrote:
> On 05/28/2010 02:13 PM, Kevin Wolf wrote:
> > Am 28.05.2010 20:21, schrieb Markus Armbruster:
> >
> >> I'd like to give posting documentation of new QMP commands for review
> >> before posting code a try. But first let me explain briefly why we need
> >> new commands.
> >>
> >> We want a clean separation between host part (blockdev_add) and guest
> >> part (device_add). Existing -drive and drive_add don't provide that;
> >> they were designed to specify both parts together. Moreover, drive_add
> >> is limited to adding virtio drives (with pci_add's help) and SCSI
> >> drives.
> >>
> >> Support for defining just a host part for use with -device and was
> >> grafted onto -drive (if=none), but it's a mess. Some parts are
> >> redundant, other parts are broken.
> >>
> >> For instance, unit, bus, index, addr are redundant: -device does not use
> >> them, it provides its own parameters to specify bus and bus-specific
> >> address.
> >>
> >> The checks whether rerror, werror, readonly, cyls, heads, secs are sane
> >> for a particular guest driver are broken. The checks are in the -drive
> >> code, which used to know the guest driver, but doesn't with if=none.
> >>
> >> Additionally, removable media are flawed. Many parameters set with
> >> -drive silently revert to defaults on media change.
> >>
> >> My proposed solution is a new option -blockdev and monitor command
> >> blockdev_add. These specify only the host drive. Guest drive
> >> properties are left to -device / device_add. We keep -drive for
> >> backwards compatibility and command line convenience. Except we get rid
> >> of if=none (may need a grace period).
> >>
> >> New monitor command blockdev_del works regardless of how the host block
> >> device was created.
> >>
> >> New monitor command blockdev_change provides full control over the host
> >> part, unlike the existing change command.
> >>
> >> Summary of the host / guest split:
> >>
> >> -drive options host or guest?
> >> bus, unit, if, index, addr guest, already covered by qdev
> >> cyls, heads, secs, transguest, new qdev properties
> >>(but defaults depend on image)
> >> media guest
> >> snapshot, file, cache, aio, format host, blockdev_add options
> >> rerror, werror host, guest drivers will reject
> >>values they don't support
> >> serial guest, new qdev properties
> >> readonlyboth host& guest, qdev will refuse
> >>to connect readonly host to read/
> >>write guest
> >>
> >> QMP command docs:
> >>
> >> blockdev_add
> >>
> >>
> >> Add host block device.
> >>
> >> Arguments:
> >>
> >> - "id": the host block device's ID, must be unique (json-string)
> >> - "file": the disk image file to use (json-string, optional)
> >> - "format": disk format (json-string, optional)
> >> - Possible values: "raw", "qcow2", ...
> >> - "aio": host AIO (json-string, optional)
> >> - Possible values: "threads" (default), "native"
> >> - "cache": host cache usage (json-string, optional)
> >> - Possible values: "writethrough" (default), "writeback", "unsafe",
> >> "none"
> >> - "readonly": open image read-only (json-bool, optional, default false)
> >> - "rerror": what to do on read error (json-string, optional)
> >> - Possible values: "report" (default), "ignore", "stop"
> >> - "werror": what to do on write error (json-string, optional)
> >> - Possible values: "enospc" (default), "report", "ignore", "stop"
> >> - "snapshot": enable snapshot (json-bool, optional, default false)
> >>
> >> Example:
> >>
> >> -> { "execute": "blockdev_add",
> >> "arguments": { "format": "raw", "id": "blk1",
> >> "file": "fedora.img" } }
> >> <- { "return": {} }
> >>
> >> Notes:
> >>
> >> (1) If argument "file" is missing, all other optional arguments must be
> >> missing as well. This defines a block device with no media
> >> inserted.
> >>
> >> (2) It's possible to list supported disk formats by running QEMU with
> >> arguments "-blockdev_add \?".
> >>
> > -blockdev without _add you probably mean, if it's a command line option.
> >
> > Maybe one more thing to consider is encrypted images. With "change" in
> > the user monitor you're automatically prompted for the password.
> >
> > I'm not sure how this is supposed to work with QMP. From the
> > do_change_block code it looks as if you'd get an error and had to send a
> > block_set_passwd as a response to that. In the meantime the image would
> > be kind of half-open? What do devices do with it until the key is provided?
> >
>
> If a password is needed, we should throw an error and
Re: [Qemu-devel] [PATCH] arm: fix arm kernel boot for non zero start addr
On Sat, May 08, 2010 at 10:43:35PM +0200, Lars Munch wrote:
> Booting an arm kernel has been broken a while when booting from non zero start
> address. This is due to the order of events: board init loads the kernel and
> sets register 15 to the start address and then qemu_system_reset reset the cpu
> making register 15 zero again.
>
> This patch fixes the usage of the register 15 start address trick in
> combination with arm_load_kernel.
>
> Signed-off-by: Lars Munch
> ---
> hw/arm_boot.c |1 +
> hw/gumstix.c|4
> hw/mainstone.c |3 ---
> hw/nseries.c|7 ---
> hw/omap_sx1.c |5 -
> hw/palm.c |4
> hw/spitz.c |3 ---
> hw/tosa.c |3 ---
> target-arm/helper.c |1 -
> 9 files changed, 1 insertions(+), 30 deletions(-)
>
> diff --git a/hw/arm_boot.c b/hw/arm_boot.c
> index df031a5..620550b 100644
> --- a/hw/arm_boot.c
> +++ b/hw/arm_boot.c
> @@ -187,6 +187,7 @@ static void main_cpu_reset(void *opaque)
> env->regs[15] = info->entry & 0xfffe;
> env->thumb = info->entry & 1;
> } else {
> +env->regs[15] = info->loader_start;
> if (old_param) {
> set_kernel_args_old(info, info->initrd_size,
> info->loader_start);
This parts looks fine.
> diff --git a/hw/gumstix.c b/hw/gumstix.c
> index 3fd31f4..b64e04e 100644
> --- a/hw/gumstix.c
> +++ b/hw/gumstix.c
> @@ -74,8 +74,6 @@ static void connex_init(ram_addr_t ram_size,
> exit(1);
> }
>
> -cpu->env->regs[15] = 0x;
> -
> /* Interrupt line of NIC is connected to GPIO line 36 */
> smc91c111_init(&nd_table[0], 0x04000300,
> pxa2xx_gpio_in_get(cpu->gpio)[36]);
> @@ -114,8 +112,6 @@ static void verdex_init(ram_addr_t ram_size,
> exit(1);
> }
>
> -cpu->env->regs[15] = 0x;
> -
> /* Interrupt line of NIC is connected to GPIO line 99 */
> smc91c111_init(&nd_table[0], 0x04000300,
> pxa2xx_gpio_in_get(cpu->gpio)[99]);
> diff --git a/hw/mainstone.c b/hw/mainstone.c
> index a4379e3..54bacfb 100644
> --- a/hw/mainstone.c
> +++ b/hw/mainstone.c
> @@ -89,9 +89,6 @@ static void mainstone_common_init(ram_addr_t ram_size,
> cpu_register_physical_memory(0, MAINSTONE_ROM,
> qemu_ram_alloc(MAINSTONE_ROM) | IO_MEM_ROM);
>
> -/* Setup initial (reset) machine state */
> -cpu->env->regs[15] = mainstone_binfo.loader_start;
> -
> #ifdef TARGET_WORDS_BIGENDIAN
> be = 1;
> #else
> diff --git a/hw/nseries.c b/hw/nseries.c
> index 0273eee..04a028d 100644
> --- a/hw/nseries.c
> +++ b/hw/nseries.c
> @@ -1016,7 +1016,6 @@ static void n8x0_boot_init(void *opaque)
> n800_dss_init(&s->blizzard);
>
> /* CPU setup */
> -s->cpu->env->regs[15] = s->cpu->env->boot_info->loader_start;
> s->cpu->env->GE = 0x5;
>
> /* If the machine has a slided keyboard, open it */
> @@ -1317,11 +1316,6 @@ static void n8x0_init(ram_addr_t ram_size, const char
> *boot_device,
> if (usb_enabled)
> n8x0_usb_setup(s);
>
> -/* Setup initial (reset) machine state */
> -
> -/* Start at the OneNAND bootloader. */
> -s->cpu->env->regs[15] = 0;
> -
> if (kernel_filename) {
> /* Or at the linux loader. */
> binfo->kernel_filename = kernel_filename;
> @@ -1330,7 +1324,6 @@ static void n8x0_init(ram_addr_t ram_size, const char
> *boot_device,
> arm_load_kernel(s->cpu->env, binfo);
>
> qemu_register_reset(n8x0_boot_init, s);
> -n8x0_boot_init(s);
> }
>
> if (option_rom[0] && (boot_device[0] == 'n' || !kernel_filename)) {
> diff --git a/hw/omap_sx1.c b/hw/omap_sx1.c
> index ca0a7d1..2e9879f 100644
> --- a/hw/omap_sx1.c
> +++ b/hw/omap_sx1.c
> @@ -195,15 +195,10 @@ static void sx1_init(ram_addr_t ram_size,
>
> /* Load the kernel. */
> if (kernel_filename) {
> -/* Start at bootloader. */
> -cpu->env->regs[15] = sx1_binfo.loader_start;
> -
> sx1_binfo.kernel_filename = kernel_filename;
> sx1_binfo.kernel_cmdline = kernel_cmdline;
> sx1_binfo.initrd_filename = initrd_filename;
> arm_load_kernel(cpu->env, &sx1_binfo);
> -} else {
> -cpu->env->regs[15] = 0x;
> }
>
> /* TODO: fix next line */
> diff --git a/hw/palm.c b/hw/palm.c
> index ba7c398..8db133d 100644
> --- a/hw/palm.c
> +++ b/hw/palm.c
> @@ -243,7 +243,6 @@ static void palmte_init(ram_addr_t ram_size,
> rom_size = load_image_targphys(option_rom[0], OMAP_CS0_BASE,
> flash_size);
> rom_loaded = 1;
> -cpu->env->regs[15] = 0x;
> }
> if (rom_size < 0) {
> fprintf(stderr, "%s: error loading '%s'\n",
> @@ -258,9 +257,6 @@ static void palmte_init(ram_addr_t ram_size,
>
>
[Qemu-devel] [Reminder] KVM Forum 2010: Early Bird Registration
Just a reminder...The early bird registration period ends on May 30th. It's shaping up to be an excellent KVM Forum, look forward to seeing you there. Registration link is here: http://events.linuxfoundation.org/component/registrationpro/?func=details&did=34 thanks, -KVM Forum 2010 Program Commitee
Re: [Qemu-devel] Re: RFC: blockdev_add & friends, brief rationale, QMP docs
On 05/28/2010 02:13 PM, Kevin Wolf wrote:
Am 28.05.2010 20:21, schrieb Markus Armbruster:
I'd like to give posting documentation of new QMP commands for review
before posting code a try. But first let me explain briefly why we need
new commands.
We want a clean separation between host part (blockdev_add) and guest
part (device_add). Existing -drive and drive_add don't provide that;
they were designed to specify both parts together. Moreover, drive_add
is limited to adding virtio drives (with pci_add's help) and SCSI
drives.
Support for defining just a host part for use with -device and was
grafted onto -drive (if=none), but it's a mess. Some parts are
redundant, other parts are broken.
For instance, unit, bus, index, addr are redundant: -device does not use
them, it provides its own parameters to specify bus and bus-specific
address.
The checks whether rerror, werror, readonly, cyls, heads, secs are sane
for a particular guest driver are broken. The checks are in the -drive
code, which used to know the guest driver, but doesn't with if=none.
Additionally, removable media are flawed. Many parameters set with
-drive silently revert to defaults on media change.
My proposed solution is a new option -blockdev and monitor command
blockdev_add. These specify only the host drive. Guest drive
properties are left to -device / device_add. We keep -drive for
backwards compatibility and command line convenience. Except we get rid
of if=none (may need a grace period).
New monitor command blockdev_del works regardless of how the host block
device was created.
New monitor command blockdev_change provides full control over the host
part, unlike the existing change command.
Summary of the host / guest split:
-drive options host or guest?
bus, unit, if, index, addr guest, already covered by qdev
cyls, heads, secs, transguest, new qdev properties
(but defaults depend on image)
media guest
snapshot, file, cache, aio, format host, blockdev_add options
rerror, werror host, guest drivers will reject
values they don't support
serial guest, new qdev properties
readonlyboth host& guest, qdev will refuse
to connect readonly host to read/
write guest
QMP command docs:
blockdev_add
Add host block device.
Arguments:
- "id": the host block device's ID, must be unique (json-string)
- "file": the disk image file to use (json-string, optional)
- "format": disk format (json-string, optional)
- Possible values: "raw", "qcow2", ...
- "aio": host AIO (json-string, optional)
- Possible values: "threads" (default), "native"
- "cache": host cache usage (json-string, optional)
- Possible values: "writethrough" (default), "writeback", "unsafe",
"none"
- "readonly": open image read-only (json-bool, optional, default false)
- "rerror": what to do on read error (json-string, optional)
- Possible values: "report" (default), "ignore", "stop"
- "werror": what to do on write error (json-string, optional)
- Possible values: "enospc" (default), "report", "ignore", "stop"
- "snapshot": enable snapshot (json-bool, optional, default false)
Example:
-> { "execute": "blockdev_add",
"arguments": { "format": "raw", "id": "blk1",
"file": "fedora.img" } }
<- { "return": {} }
Notes:
(1) If argument "file" is missing, all other optional arguments must be
missing as well. This defines a block device with no media
inserted.
(2) It's possible to list supported disk formats by running QEMU with
arguments "-blockdev_add \?".
-blockdev without _add you probably mean, if it's a command line option.
Maybe one more thing to consider is encrypted images. With "change" in
the user monitor you're automatically prompted for the password.
I'm not sure how this is supposed to work with QMP. From the
do_change_block code it looks as if you'd get an error and had to send a
block_set_passwd as a response to that. In the meantime the image would
be kind of half-open? What do devices do with it until the key is provided?
If a password is needed, we should throw an error and let the QMP client
set the password and try again.
Regards,
Anthony Liguori
Would it make s1ense to add a password field to blockdev_add/change to
avoid this?
Kevin
[Qemu-devel] Re: RFC: blockdev_add & friends, brief rationale, QMP docs
Am 28.05.2010 20:21, schrieb Markus Armbruster:
> I'd like to give posting documentation of new QMP commands for review
> before posting code a try. But first let me explain briefly why we need
> new commands.
>
> We want a clean separation between host part (blockdev_add) and guest
> part (device_add). Existing -drive and drive_add don't provide that;
> they were designed to specify both parts together. Moreover, drive_add
> is limited to adding virtio drives (with pci_add's help) and SCSI
> drives.
>
> Support for defining just a host part for use with -device and was
> grafted onto -drive (if=none), but it's a mess. Some parts are
> redundant, other parts are broken.
>
> For instance, unit, bus, index, addr are redundant: -device does not use
> them, it provides its own parameters to specify bus and bus-specific
> address.
>
> The checks whether rerror, werror, readonly, cyls, heads, secs are sane
> for a particular guest driver are broken. The checks are in the -drive
> code, which used to know the guest driver, but doesn't with if=none.
>
> Additionally, removable media are flawed. Many parameters set with
> -drive silently revert to defaults on media change.
>
> My proposed solution is a new option -blockdev and monitor command
> blockdev_add. These specify only the host drive. Guest drive
> properties are left to -device / device_add. We keep -drive for
> backwards compatibility and command line convenience. Except we get rid
> of if=none (may need a grace period).
>
> New monitor command blockdev_del works regardless of how the host block
> device was created.
>
> New monitor command blockdev_change provides full control over the host
> part, unlike the existing change command.
>
> Summary of the host / guest split:
>
> -drive options host or guest?
> bus, unit, if, index, addr guest, already covered by qdev
> cyls, heads, secs, transguest, new qdev properties
> (but defaults depend on image)
> media guest
> snapshot, file, cache, aio, format host, blockdev_add options
> rerror, werror host, guest drivers will reject
> values they don't support
> serial guest, new qdev properties
> readonlyboth host & guest, qdev will refuse
> to connect readonly host to read/
> write guest
>
> QMP command docs:
>
> blockdev_add
>
>
> Add host block device.
>
> Arguments:
>
> - "id": the host block device's ID, must be unique (json-string)
> - "file": the disk image file to use (json-string, optional)
> - "format": disk format (json-string, optional)
> - Possible values: "raw", "qcow2", ...
> - "aio": host AIO (json-string, optional)
> - Possible values: "threads" (default), "native"
> - "cache": host cache usage (json-string, optional)
> - Possible values: "writethrough" (default), "writeback", "unsafe",
>"none"
> - "readonly": open image read-only (json-bool, optional, default false)
> - "rerror": what to do on read error (json-string, optional)
> - Possible values: "report" (default), "ignore", "stop"
> - "werror": what to do on write error (json-string, optional)
> - Possible values: "enospc" (default), "report", "ignore", "stop"
> - "snapshot": enable snapshot (json-bool, optional, default false)
>
> Example:
>
> -> { "execute": "blockdev_add",
> "arguments": { "format": "raw", "id": "blk1",
> "file": "fedora.img" } }
> <- { "return": {} }
>
> Notes:
>
> (1) If argument "file" is missing, all other optional arguments must be
> missing as well. This defines a block device with no media
> inserted.
>
> (2) It's possible to list supported disk formats by running QEMU with
> arguments "-blockdev_add \?".
-blockdev without _add you probably mean, if it's a command line option.
Maybe one more thing to consider is encrypted images. With "change" in
the user monitor you're automatically prompted for the password.
I'm not sure how this is supposed to work with QMP. From the
do_change_block code it looks as if you'd get an error and had to send a
block_set_passwd as a response to that. In the meantime the image would
be kind of half-open? What do devices do with it until the key is provided?
Would it make sense to add a password field to blockdev_add/change to
avoid this?
Kevin
Re: [Qemu-devel] Re: [RFT][PATCH 07/15] qemu_irq: Add IRQ handlers with delivery feedback
On Thu, May 27, 2010 at 10:21 PM, Paul Brook wrote: > >> >> Then the amount >> >> of CPU cycles between timer interrupts would increase and hopefully >> >> the guest can keep up. If the guest sleeps, time base could be >> >> accelerated to catch up with wall clock and then set back to 1:1 rate. >> > >> > Can't follow you ATM, sorry. What should be slowed down then? And how >> > precisely? >> >> I think vm_clock and everything that depends on vm_clock, also >> rtc_clock should be tied to vm_clock in this mode, not host_clock. > > The problem is more fundamental than that. There is no real correlation > between vm_clock and the amount of code executed by the guest, especially not > on timescales less than a second. Can we measure (or at least estimate with higher accuracy than the tick IRQ delivery jitter) the amount of code executed, somehow? For example, add TSC sampling to all TB or KVM VCPU exit and load/store paths?
[Qemu-devel] [PATCH] target-ppc: fix RFI by clearing some bits of MSR
From: Thomas Monjalon
Since commit 2ada0ed, "Return From Interrupt" is broken for PPC processors
because some interrupt specifics bits of SRR1 are copied to MSR.
SRR1 is a save of MSR during interrupt.
During RFI, MSR must be restored from SRR1.
But some bits of SRR1 are interrupt-specific and are not used for MSR saving.
This is the specification (ISA 2.06) at chapter 6.4.3 (Interrupt Processing):
"2. Bits 33:36 and 42:47 of SRR1 or HSRR1 are loaded with information specific
to the interrupt type.
3. Bits 0:32, 37:41, and 48:63 of SRR1 or HSRR1 are loaded with a copy of the
corresponding bits of the MSR."
Below is a representation of MSR bits which are not saved:
0:15 16:31 32 33:3637:41 42:47 48:63
——— | ——— | — X X X X — — — — — X X X X X X |
|7 | 8 | 3 | F|
History:
In the initial Qemu implementation (e1833e1), the mask 0x783F was used for
saving MSR in SRR1. But all the bits 32:47 were cleared during RFI restoring.
This was wrong. The commit 2ada0ed explains that this breaks Altivec.
Indeed, bit 38 (for Altivec support) must be saved and restored.
The change of 2ada0ed was to restore all the bits of SRR1 to MSR.
But it's also wrong.
Explanation:
As an example, let's see what's happening after a TLB miss.
According to the e300 manual (E300CORERM table 5-6), the TLB miss interrupts
set the bits 44-47 for KEY, I/D, WAY and S/L. These bits are specifics to the
interrupt and must not be copied into MSR at the end of the interrupt.
With the current implementation, a TLB miss overwrite bits POW, TGPR and ILE.
Fix:
It shouldn't be needed to filter-out bits on MSR saving when interrupt occurs.
Specific bits overwrite MSR ones in SRR1.
But at the end of interrupt (RFI), specifics bits must be cleared before
restoring MSR from SRR1. The mask 0x783F apply here.
Discussion:
The bits of the mask 0x783F are cleared after an interrupt.
I cannot find a specification which talks about this
but I assume it is the truth since Linux can run this way.
Maybe it's not perfect but it's better (works for e300).
Signed-off-by: Thomas Monjalon
Cc: Alexander Graf
---
target-ppc/helper.c|1 -
target-ppc/op_helper.c |6 +++---
2 files changed, 3 insertions(+), 4 deletions(-)
diff --git a/target-ppc/helper.c b/target-ppc/helper.c
index dabf1fd..5035d92 100644
--- a/target-ppc/helper.c
+++ b/target-ppc/helper.c
@@ -2080,7 +2080,6 @@ static inline void powerpc_excp(CPUState *env, int
excp_model, int excp)
srr1 = SPR_SRR1;
asrr0 = -1;
asrr1 = -1;
-msr &= ~((target_ulong)0x783F);
switch (excp) {
case POWERPC_EXCP_NONE:
/* Should never happen */
diff --git a/target-ppc/op_helper.c b/target-ppc/op_helper.c
index 8f2ee98..3c3aa60 100644
--- a/target-ppc/op_helper.c
+++ b/target-ppc/op_helper.c
@@ -1646,20 +1646,20 @@ static inline void do_rfi(target_ulong nip,
target_ulong msr,
void helper_rfi (void)
{
do_rfi(env->spr[SPR_SRR0], env->spr[SPR_SRR1],
- ~((target_ulong)0x0), 1);
+ ~((target_ulong)0x783F), 1);
}
#if defined(TARGET_PPC64)
void helper_rfid (void)
{
do_rfi(env->spr[SPR_SRR0], env->spr[SPR_SRR1],
- ~((target_ulong)0x0), 0);
+ ~((target_ulong)0x783F), 0);
}
void helper_hrfid (void)
{
do_rfi(env->spr[SPR_HSRR0], env->spr[SPR_HSRR1],
- ~((target_ulong)0x0), 0);
+ ~((target_ulong)0x783F), 0);
}
#endif
#endif
--
1.7.1
[Qemu-devel] [PATCH] target-ppc: remove useless line
From: Thomas Monjalon This line was a bit clear. The next lines set or reset this bit (LE) depending of another bit (ILE). So the first line is useless. Signed-off-by: Thomas Monjalon --- target-ppc/helper.c |1 - 1 files changed, 0 insertions(+), 1 deletions(-) diff --git a/target-ppc/helper.c b/target-ppc/helper.c index 3d843b5..dabf1fd 100644 --- a/target-ppc/helper.c +++ b/target-ppc/helper.c @@ -2591,7 +2591,6 @@ static inline void powerpc_excp(CPUState *env, int excp_model, int excp) #if 0 /* Fix this: not on all targets */ new_msr &= ~((target_ulong)1 << MSR_PMM); #endif -new_msr &= ~((target_ulong)1 << MSR_LE); if (msr_ile) new_msr |= (target_ulong)1 << MSR_LE; else -- 1.7.1
Re: [Qemu-devel] Re: [RFT][PATCH 07/15] qemu_irq: Add IRQ handlers with delivery feedback
On Thu, May 27, 2010 at 10:19 PM, Jan Kiszka wrote: > Blue Swirl wrote: >> On Thu, May 27, 2010 at 7:08 PM, Jan Kiszka wrote: >>> Blue Swirl wrote: On Thu, May 27, 2010 at 6:31 PM, Jan Kiszka wrote: > Blue Swirl wrote: >> On Wed, May 26, 2010 at 11:26 PM, Paul Brook >> wrote: At the other extreme, would it be possible to make the educated guests aware of the virtualization also in clock aspect: virtio-clock? >>> The guest doesn't even need to be aware of virtualization. It just >>> needs to be >>> able to accommodate the lack of guaranteed realtime behavior. >>> >>> The fundamental problem here is that some guest operating systems >>> assume that >>> the hardware provides certain realtime guarantees with respect to >>> execution of >>> interrupt handlers. In particular they assume that the CPU will always >>> be >>> able to complete execution of the timer IRQ handler before the periodic >>> timer >>> triggers again. In most virtualized environments you have absolutely no >>> guarantee of realtime response. >>> >>> With Linux guests this was solved a long time ago by the introduction of >>> tickless kernels. These separate the timekeeping from wakeup events, >>> so it >>> doesn't matter if several wakeup triggers end up getting merged (either >>> at the >>> hardware level or via top/bottom half guest IRQ handlers). >>> >>> >>> It's worth mentioning that this problem also occurs on real hardware, >>> typically due to lame hardware/drivers which end up masking interrupts >>> or >>> otherwise stall the CPU for for long periods of time. >>> >>> >>> The PIT hack attempts to workaround broken guests by adding artificial >>> latency >>> to the timer event, ensuring that the guest "sees" them all. >>> Unfortunately >>> guests vary on when it is safe for them to see the next timer event, and >>> trying to observe this behavior involves potentially harmful heuristics >>> and >>> collusion between unrelated devices (e.g. interrupt controller and >>> timer). >>> >>> In some cases we don't even do that, and just reschedule the event some >>> arbitrarily small amount of time later. This assumes the guest to do >>> useful >>> work in that time. In a single threaded environment this is probably >>> true - >>> qemu got enough CPU to inject the first interrupt, so will probably >>> manage to >>> execute some guest code before the end of its timeslice. In an >>> environment >>> where interrupt processing/delivery and execution of the guest code >>> happen in >>> different threads this becomes increasingly likely to fail. >> So any voodoo around timer events is doomed to fail in some cases. >> What's the amount of hacks what we want then? Is there any generic > The aim of this patch is to reduce the amount of existing and upcoming > hacks. It may still require some refinements, but I think we haven't > found any smarter approach yet that fits existing use cases. I don't feel we have tried other possibilities hard enough. >>> Well, seeing prototypes wouldn't be bad, also to run real load againt >>> them. But at least I'm currently clueless what to implement. >> >> Perhaps now is then not the time to rush to implement something, but >> to brainstorm for a clean solution. > > And sometimes it can help to understand how ideas could even be improved > or why others doesn't work at all. > >> >> solution, like slowing down the guest system to the point where we can >> guarantee the interrupt rate vs. CPU execution speed? > That's generally a non-option in virtualized production environments. > Specifically if the guest system lost interrupts due to host > overcommitment, you do not want it slow down even further. I meant that the guest time could be scaled down, for example 2s in wall clock time would be presented to the guest as 1s. >>> But that is precisely what already happens when the guest loses timer >>> interrupts. There is no other time source for this kind of guests - >>> often except for some external events generated by systems which you >>> don't want to fall behind arbitrarily. >>> Then the amount of CPU cycles between timer interrupts would increase and hopefully the guest can keep up. If the guest sleeps, time base could be accelerated to catch up with wall clock and then set back to 1:1 rate. >>> Can't follow you ATM, sorry. What should be slowed down then? And how >>> precisely? >> >> I think vm_clock and everything that depends on vm_clock, also >> rtc_clock should be tied to vm_clock in this mode, not host_clock. > > Let me check if I got this idea correctly: Instead of tuning just the > tick frequency of the affected timer device / sending its backlog in a > row, you rather want t
[Qemu-devel] Re: [PATCH] savevm: Really verify if a drive supports snapshots
Am 28.05.2010 20:18, schrieb Miguel Di Ciurcio Filho:
> Both bdrv_can_snapshot() and bdrv_has_snapshot() does not work as advertized.
>
> First issue: Their names implies different porpouses, but they do the same
> thing
> and have exactly the same code. Maybe copied and pasted and forgotten?
> bdrv_has_snapshot() is called in various places for actually checking if there
> is snapshots or not.
>
> Second issue: the way bdrv_can_snapshot() verifies if a block driver supports
> or
> not snapshots does not catch all cases. E.g.: a raw image.
>
> So when do_savevm() is called, first thing it does is to set a global
> BlockDriverState to save the VM memory state calling get_bs_snapshots().
>
> static BlockDriverState *get_bs_snapshots(void)
> {
> BlockDriverState *bs;
> DriveInfo *dinfo;
>
> if (bs_snapshots)
> return bs_snapshots;
> QTAILQ_FOREACH(dinfo, &drives, next) {
> bs = dinfo->bdrv;
> if (bdrv_can_snapshot(bs))
> goto ok;
> }
> return NULL;
> ok:
> bs_snapshots = bs;
> return bs;
> }
>
> bdrv_can_snapshot() may return a BlockDriverState that does not support
> snapshots and do_savevm() goes on.
>
> Later on in do_savevm(), we find:
>
> QTAILQ_FOREACH(dinfo, &drives, next) {
> bs1 = dinfo->bdrv;
> if (bdrv_has_snapshot(bs1)) {
> /* Write VM state size only to the image that contains the state
> */
> sn->vm_state_size = (bs == bs1 ? vm_state_size : 0);
> ret = bdrv_snapshot_create(bs1, sn);
> if (ret < 0) {
> monitor_printf(mon, "Error while creating snapshot on '%s'\n",
>bdrv_get_device_name(bs1));
> }
> }
> }
>
> bdrv_has_snapshot(bs1) is not checking if the device does support or has
> snapshots as explained above. Only in bdrv_snapshot_create() the device is
> actually checked for snapshot support.
>
> So, in cases where the first device supports snapshots, and the second does
> not,
> the snapshot on the first will happen anyways. I believe this is not a good
> behavior. It should be an all or nothing process.
>
> This patch addresses these issues by making bdrv_can_snapshot() and
> bdrv_has_snapshot() actually do what they must do and enforces better tests to
> avoid errors in the middle of do_savevm().
>
> The functions were moved from savevm.c to block.c. It makes more sense to me.
>
> The bdrv_has_snapshot() is not beaultiful, but it does the job. I think having
> this function avaible in the BlockDriver would be the best option.
>
> The loadvm_state() function was updated too to enforce that when loading a VM
> at
> least all writable devices must support snapshots too.
>
> Signed-off-by: Miguel Di Ciurcio Filho
Markus, I think this implements mostly what we discussed the other day.
Not sure if you already have a patch for doing this - if so, maybe could
compare the patches and give it a review this way?
I seem to remember that we came to the conclusion that
bdrv_has_snapshot() isn't needed at all and should be dropped. Any user
should be using bdrv_can_snapshot() instead as this is what they really
want.
> ---
> block.c | 47 ++-
> block.h |2 ++
> savevm.c | 48 +---
> 3 files changed, 69 insertions(+), 28 deletions(-)
>
> diff --git a/block.c b/block.c
> index cd70730..7eddc15 100644
> --- a/block.c
> +++ b/block.c
> @@ -1720,15 +1720,52 @@ void bdrv_debug_event(BlockDriverState *bs,
> BlkDebugEvent event)
> /**/
> /* handling of snapshots */
>
> -int bdrv_snapshot_create(BlockDriverState *bs,
> - QEMUSnapshotInfo *sn_info)
> +int bdrv_can_snapshot(BlockDriverState *bs)
> {
> BlockDriver *drv = bs->drv;
> -if (!drv)
> +if (!drv) {
> +return -ENOMEDIUM;
> +}
> +
> +if (!drv->bdrv_snapshot_create || bdrv_is_removable(bs) ||
> +bdrv_is_read_only(bs)) {
> +return -ENOTSUP;
> +}
> +
> +return 1;
> +}
Returning either 1 or -errno is a strange interface. I'm not sure which
of 1/0 or 0/-errno is better in this case, but I'd suggest to take one
of these.
> +int bdrv_has_snapshot(BlockDriverState *bs)
> +{
> +int ret;
> +QEMUSnapshotInfo *sn_tab;
> +BlockDriver *drv = bs->drv;
> +if (!drv) {
> return -ENOMEDIUM;
> -if (!drv->bdrv_snapshot_create)
> +}
> +
> +if (!drv->bdrv_snapshot_list) {
> return -ENOTSUP;
> -return drv->bdrv_snapshot_create(bs, sn_info);
> +}
> +
> +ret = drv->bdrv_snapshot_list(bs, &sn_tab);
> +
> +if (sn_tab) {
> +qemu_free(sn_tab);
> +}
> +
> +return ret;
> +}
> +
> +int bdrv_snapshot_create(BlockDriverState *bs,
> + QEMUSnapshotInfo *sn_info)
> +{
> +BlockDriver *drv = bs->drv;
> +if (bdrv_can_snapsh
[Qemu-devel] RFC: blockdev_add & friends, brief rationale, QMP docs
I'd like to give posting documentation of new QMP commands for review
before posting code a try. But first let me explain briefly why we need
new commands.
We want a clean separation between host part (blockdev_add) and guest
part (device_add). Existing -drive and drive_add don't provide that;
they were designed to specify both parts together. Moreover, drive_add
is limited to adding virtio drives (with pci_add's help) and SCSI
drives.
Support for defining just a host part for use with -device and was
grafted onto -drive (if=none), but it's a mess. Some parts are
redundant, other parts are broken.
For instance, unit, bus, index, addr are redundant: -device does not use
them, it provides its own parameters to specify bus and bus-specific
address.
The checks whether rerror, werror, readonly, cyls, heads, secs are sane
for a particular guest driver are broken. The checks are in the -drive
code, which used to know the guest driver, but doesn't with if=none.
Additionally, removable media are flawed. Many parameters set with
-drive silently revert to defaults on media change.
My proposed solution is a new option -blockdev and monitor command
blockdev_add. These specify only the host drive. Guest drive
properties are left to -device / device_add. We keep -drive for
backwards compatibility and command line convenience. Except we get rid
of if=none (may need a grace period).
New monitor command blockdev_del works regardless of how the host block
device was created.
New monitor command blockdev_change provides full control over the host
part, unlike the existing change command.
Summary of the host / guest split:
-drive options host or guest?
bus, unit, if, index, addr guest, already covered by qdev
cyls, heads, secs, transguest, new qdev properties
(but defaults depend on image)
media guest
snapshot, file, cache, aio, format host, blockdev_add options
rerror, werror host, guest drivers will reject
values they don't support
serial guest, new qdev properties
readonlyboth host & guest, qdev will refuse
to connect readonly host to read/
write guest
QMP command docs:
blockdev_add
Add host block device.
Arguments:
- "id": the host block device's ID, must be unique (json-string)
- "file": the disk image file to use (json-string, optional)
- "format": disk format (json-string, optional)
- Possible values: "raw", "qcow2", ...
- "aio": host AIO (json-string, optional)
- Possible values: "threads" (default), "native"
- "cache": host cache usage (json-string, optional)
- Possible values: "writethrough" (default), "writeback", "unsafe",
"none"
- "readonly": open image read-only (json-bool, optional, default false)
- "rerror": what to do on read error (json-string, optional)
- Possible values: "report" (default), "ignore", "stop"
- "werror": what to do on write error (json-string, optional)
- Possible values: "enospc" (default), "report", "ignore", "stop"
- "snapshot": enable snapshot (json-bool, optional, default false)
Example:
-> { "execute": "blockdev_add",
"arguments": { "format": "raw", "id": "blk1",
"file": "fedora.img" } }
<- { "return": {} }
Notes:
(1) If argument "file" is missing, all other optional arguments must be
missing as well. This defines a block device with no media
inserted.
(2) It's possible to list supported disk formats by running QEMU with
arguments "-blockdev_add \?".
blockdev_del
Remove a host block device.
Arguments:
- "id": the host block device's ID (json-string)
Example:
-> { "execute": "blockdev_del", "arguments": { "id": "blk1" } }
<- { "return": {} }
blockdev_change
---
Change host block device media.
Arguments are exactly like blockdev_add.
Notes:
(1) If argument "file" is missing, all other optional arguments must be
missing as well. This ejects the media without inserting a new one.
[Qemu-devel] [PATCH] qemu-io: Fix error messages
The truncate and getlength commands passed a negative error number to strerror.
They also happen to be the two functions that are lacking a newline at the end
of their error message.
Signed-off-by: Kevin Wolf
---
qemu-io.c |4 ++--
1 files changed, 2 insertions(+), 2 deletions(-)
diff --git a/qemu-io.c b/qemu-io.c
index 72a4524..7c6120b 100644
--- a/qemu-io.c
+++ b/qemu-io.c
@@ -1317,7 +1317,7 @@ truncate_f(int argc, char **argv)
ret = bdrv_truncate(bs, offset);
if (ret < 0) {
- printf("truncate: %s", strerror(ret));
+ printf("truncate: %s\n", strerror(-ret));
return 0;
}
@@ -1342,7 +1342,7 @@ length_f(int argc, char **argv)
size = bdrv_getlength(bs);
if (size < 0) {
- printf("getlength: %s", strerror(size));
+ printf("getlength: %s\n", strerror(-size));
return 0;
}
--
1.6.6.1
[Qemu-devel] [STABLE PULL 0/6] Block patches for 0.12.x
The following changes since commit 0c459361a1117a6c434c7b2b008a4c6c035eb4bf: Rabin Vincent (1): arm_timer: fix oneshot mode are available in the git repository at: git://repo.or.cz/qemu/kevin.git for-stable-0.12 Kevin Wolf (6): ide: Fix ide_dma_cancel qcow2: Clear L2 table cache after write error qcow2: Fix error handling in l2_allocate block: Fix multiwrite with overlapping requests qcow2: Fix corruption after refblock allocation qcow2: Fix corruption after error in update_refcount block.c|2 +- block/qcow2-cluster.c | 26 +++--- block/qcow2-refcount.c | 15 +-- hw/ide/core.c |8 4 files changed, 33 insertions(+), 18 deletions(-)
[Qemu-devel] [STABLE PATCH 3/6] qcow2: Fix error handling in l2_allocate
l2_allocate has some intermediate states in which the image is inconsistent.
Change the order to write to the L1 table only after the new L2 table has
successfully been initialized.
Also reset the L2 cache in failure case, it's very likely wrong.
Signed-off-by: Kevin Wolf
(cherry picked from commit 175e11526e2613b3dc031c23fec3107aa4a80307)
Conflicts:
block/qcow2-cluster.c
Signed-off-by: Kevin Wolf
---
block/qcow2-cluster.c | 21 -
1 files changed, 12 insertions(+), 9 deletions(-)
diff --git a/block/qcow2-cluster.c b/block/qcow2-cluster.c
index 0dc4f1d..b7a5b35 100644
--- a/block/qcow2-cluster.c
+++ b/block/qcow2-cluster.c
@@ -231,13 +231,6 @@ static uint64_t *l2_allocate(BlockDriverState *bs, int
l1_index)
return NULL;
}
-/* update the L1 entry */
-
-s->l1_table[l1_index] = l2_offset | QCOW_OFLAG_COPIED;
-if (write_l1_entry(s, l1_index) < 0) {
-return NULL;
-}
-
/* allocate a new entry in the l2 cache */
min_index = l2_cache_new_entry(bs);
@@ -251,13 +244,19 @@ static uint64_t *l2_allocate(BlockDriverState *bs, int
l1_index)
if (bdrv_pread(s->hd, old_l2_offset,
l2_table, s->l2_size * sizeof(uint64_t)) !=
s->l2_size * sizeof(uint64_t))
-return NULL;
+goto fail;
}
/* write the l2 table to the file */
if (bdrv_pwrite(s->hd, l2_offset,
l2_table, s->l2_size * sizeof(uint64_t)) !=
s->l2_size * sizeof(uint64_t))
-return NULL;
+goto fail;
+
+/* update the L1 entry */
+s->l1_table[l1_index] = l2_offset | QCOW_OFLAG_COPIED;
+if (write_l1_entry(s, l1_index) < 0) {
+goto fail;
+}
/* update the l2 cache entry */
@@ -265,6 +264,10 @@ static uint64_t *l2_allocate(BlockDriverState *bs, int
l1_index)
s->l2_cache_counts[min_index] = 1;
return l2_table;
+
+fail:
+qcow2_l2_cache_reset(bs);
+return NULL;
}
static int count_contiguous_clusters(uint64_t nb_clusters, int cluster_size,
--
1.6.6.1
[Qemu-devel] [STABLE PATCH 5/6] qcow2: Fix corruption after refblock allocation
Refblock allocation code needs to take into consideration that update_refcount
will load a different refcount block into the cache, so it must initialize the
cache for a new refcount block only afterwards. Not doing this means that not
only the refcount in the wrong block is updated, but also that the caller will
work on the wrong block.
Signed-off-by: Kevin Wolf
(cherry picked from commit 25408c09502be036e5575754fe54019ed4ed5dfa)
---
block/qcow2-refcount.c | 11 +--
1 files changed, 9 insertions(+), 2 deletions(-)
diff --git a/block/qcow2-refcount.c b/block/qcow2-refcount.c
index 5ebbcb6..fa78e46 100644
--- a/block/qcow2-refcount.c
+++ b/block/qcow2-refcount.c
@@ -215,8 +215,6 @@ static int64_t alloc_refcount_block(BlockDriverState *bs,
int64_t cluster_index)
/* Allocate the refcount block itself and mark it as used */
uint64_t new_block = alloc_clusters_noref(bs, s->cluster_size);
-memset(s->refcount_block_cache, 0, s->cluster_size);
-s->refcount_block_cache_offset = new_block;
#ifdef DEBUG_ALLOC2
fprintf(stderr, "qcow2: Allocate refcount block %d for %" PRIx64
@@ -225,6 +223,10 @@ static int64_t alloc_refcount_block(BlockDriverState *bs,
int64_t cluster_index)
#endif
if (in_same_refcount_block(s, new_block, cluster_index <<
s->cluster_bits)) {
+/* Zero the new refcount block before updating it */
+memset(s->refcount_block_cache, 0, s->cluster_size);
+s->refcount_block_cache_offset = new_block;
+
/* The block describes itself, need to update the cache */
int block_index = (new_block >> s->cluster_bits) &
((1 << (s->cluster_bits - REFCOUNT_SHIFT)) - 1);
@@ -236,6 +238,11 @@ static int64_t alloc_refcount_block(BlockDriverState *bs,
int64_t cluster_index)
if (ret < 0) {
goto fail_block;
}
+
+/* Initialize the new refcount block only after updating its refcount,
+ * update_refcount uses the refcount cache itself */
+memset(s->refcount_block_cache, 0, s->cluster_size);
+s->refcount_block_cache_offset = new_block;
}
/* Now the new refcount block needs to be written to disk */
--
1.6.6.1
Re: [Qemu-devel] [PATCH 2/2] tcg: Use INDEX_op_qemu_ld32 for 32-bit results.
On Mon, May 03, 2010 at 04:30:48PM -0700, Richard Henderson wrote:
> Signed-off-by: Richard Henderson
Thanks, applied.
> ---
> tcg/tcg-op.h |8
> 1 files changed, 8 insertions(+), 0 deletions(-)
>
> diff --git a/tcg/tcg-op.h b/tcg/tcg-op.h
> index bafac2b..aa436de 100644
> --- a/tcg/tcg-op.h
> +++ b/tcg/tcg-op.h
> @@ -2172,12 +2172,20 @@ static inline void tcg_gen_qemu_ld16s(TCGv ret, TCGv
> addr, int mem_index)
>
> static inline void tcg_gen_qemu_ld32u(TCGv ret, TCGv addr, int mem_index)
> {
> +#if TARGET_LONG_BITS == 32
> +tcg_gen_qemu_ldst_op(INDEX_op_qemu_ld32, ret, addr, mem_index);
> +#else
> tcg_gen_qemu_ldst_op(INDEX_op_qemu_ld32u, ret, addr, mem_index);
> +#endif
> }
>
> static inline void tcg_gen_qemu_ld32s(TCGv ret, TCGv addr, int mem_index)
> {
> +#if TARGET_LONG_BITS == 32
> +tcg_gen_qemu_ldst_op(INDEX_op_qemu_ld32, ret, addr, mem_index);
> +#else
> tcg_gen_qemu_ldst_op(INDEX_op_qemu_ld32s, ret, addr, mem_index);
> +#endif
> }
>
> static inline void tcg_gen_qemu_ld64(TCGv_i64 ret, TCGv addr, int mem_index)
> --
> 1.7.0.1
>
>
>
>
--
Aurelien Jarno GPG: 1024D/F1BCDB73
aurel...@aurel32.net http://www.aurel32.net
Re: [Qemu-devel] [PATCH 1/2] tcg: Add TYPE parameter to tcg_out_mov.
On Mon, May 03, 2010 at 04:30:47PM -0700, Richard Henderson wrote:
> Mirror tcg_out_movi in having a TYPE parameter. This allows x86_64
> to perform the move at the proper width, which may elide a REX prefix.
> Update all targets to match.
This patch basically looks ok except a few comments below.
> Signed-off-by: Richard Henderson
> ---
> tcg/arm/tcg-target.c|2 +-
> tcg/hppa/tcg-target.c | 38 ++--
> tcg/i386/tcg-target.c | 49
> ---
> tcg/ia64/tcg-target.c |3 +-
> tcg/mips/tcg-target.c | 28 +-
> tcg/ppc/tcg-target.c| 48 +++---
> tcg/ppc64/tcg-target.c | 10
> tcg/s390/tcg-target.c |2 +-
> tcg/sparc/tcg-target.c | 10
> tcg/tcg.c | 12 +-
> tcg/x86_64/tcg-target.c | 20 ++
> 11 files changed, 113 insertions(+), 109 deletions(-)
>
> diff --git a/tcg/arm/tcg-target.c b/tcg/arm/tcg-target.c
> index 8d23f47..b3169a9 100644
> --- a/tcg/arm/tcg-target.c
> +++ b/tcg/arm/tcg-target.c
> @@ -1798,7 +1798,7 @@ static void tcg_out_addi(TCGContext *s, int reg,
> tcg_target_long val)
> }
> }
>
> -static inline void tcg_out_mov(TCGContext *s, int ret, int arg)
> +static inline void tcg_out_mov(TCGContext *s, TCGType type, int ret, int arg)
> {
> tcg_out_dat_reg(s, COND_AL, ARITH_MOV, ret, 0, arg, SHIFT_IMM_LSL(0));
> }
> diff --git a/tcg/hppa/tcg-target.c b/tcg/hppa/tcg-target.c
> index cb605f1..012e486 100644
> --- a/tcg/hppa/tcg-target.c
> +++ b/tcg/hppa/tcg-target.c
> @@ -338,7 +338,7 @@ static int tcg_target_const_match(tcg_target_long val,
> /* supplied by libgcc */
> extern void *__canonicalize_funcptr_for_compare(void *);
>
> -static void tcg_out_mov(TCGContext *s, int ret, int arg)
> +static void tcg_out_mov(TCGContext *s, TCGType type, int ret, int arg)
> {
> /* PA1.1 defines COPY as OR r,0,t; PA2.0 defines COPY as LDO 0(r),t
> but hppa-dis.c is unaware of this definition */
> @@ -498,7 +498,7 @@ static void tcg_out_ori(TCGContext *s, int ret, int arg,
> tcg_target_ulong m)
> }
> assert(bs1 == 32 || (1ul << bs1) > m);
>
> -tcg_out_mov(s, ret, arg);
> +tcg_out_mov(s, TCG_TYPE_I32, ret, arg);
> tcg_out32(s, INSN_DEPI | INSN_R2(ret) | INSN_IM5(-1)
>| INSN_SHDEP_CP(31 - bs0) | INSN_DEP_LEN(bs1 - bs0));
> }
> @@ -528,7 +528,7 @@ static void tcg_out_andi(TCGContext *s, int ret, int arg,
> tcg_target_ulong m)
> if (ls1 == 32) {
> tcg_out_extr(s, ret, arg, 0, ls0, 0);
> } else {
> -tcg_out_mov(s, ret, arg);
> +tcg_out_mov(s, TCG_TYPE_I32, ret, arg);
> tcg_out32(s, INSN_DEPI | INSN_R2(ret) | INSN_IM5(0)
>| INSN_SHDEP_CP(31 - ls0) | INSN_DEP_LEN(ls1 - ls0));
> }
> @@ -608,7 +608,7 @@ static void tcg_out_rotr(TCGContext *s, int ret, int arg,
> int creg)
> static void tcg_out_bswap16(TCGContext *s, int ret, int arg, int sign)
> {
> if (ret != arg) {
> -tcg_out_mov(s, ret, arg); /* arg = xxAB */
> +tcg_out_mov(s, TCG_TYPE_I32, ret, arg); /* arg = xxAB */
> }
> tcg_out_dep(s, ret, ret, 16, 8); /* ret = xBAB */
> tcg_out_extr(s, ret, ret, 8, 16, sign); /* ret = ..BA */
> @@ -638,7 +638,7 @@ static void tcg_out_call(TCGContext *s, void *func)
> tcg_out32(s, INSN_LDIL | INSN_R2(TCG_REG_R20) | reassemble_21(hi));
> tcg_out32(s, INSN_BLE_SR4 | INSN_R2(TCG_REG_R20)
>| reassemble_17(lo >> 2));
> -tcg_out_mov(s, TCG_REG_RP, TCG_REG_R31);
> +tcg_out_mov(s, TCG_TYPE_I32, TCG_REG_RP, TCG_REG_R31);
> }
> }
>
> @@ -685,7 +685,7 @@ static void tcg_out_add2(TCGContext *s, int destl, int
> desth,
> }
> tcg_out_arith(s, desth, ah, bh, INSN_ADDC);
>
> -tcg_out_mov(s, destl, tmp);
> +tcg_out_mov(s, TCG_TYPE_I32, destl, tmp);
> }
>
> static void tcg_out_sub2(TCGContext *s, int destl, int desth, int al, int ah,
> @@ -706,7 +706,7 @@ static void tcg_out_sub2(TCGContext *s, int destl, int
> desth, int al, int ah,
> }
> tcg_out_arith(s, desth, ah, bh, INSN_SUBB);
>
> -tcg_out_mov(s, destl, tmp);
> +tcg_out_mov(s, TCG_TYPE_I32, destl, tmp);
> }
>
> static void tcg_out_branch(TCGContext *s, int label_index, int nul)
> @@ -869,7 +869,7 @@ static void tcg_out_setcond2(TCGContext *s, int cond,
> TCGArg ret,
> break;
> }
>
> -tcg_out_mov(s, ret, scratch);
> +tcg_out_mov(s, TCG_TYPE_I32, ret, scratch);
> }
>
> #if defined(CONFIG_SOFTMMU)
> @@ -1048,9 +1048,9 @@ static void tcg_out_qemu_ld(TCGContext *s, const TCGArg
> *args, int opc)
> tcg_out_label(s, lab1, (tcg_target_long)s->code_ptr);
>
> argreg = TCG_REG_R26;
> -tcg_out_mov(s, argreg--, addrlo_reg);
> +tcg_out_mov(s, TCG_TYPE_I32, argreg--, addrlo_reg);
> if (TARGET_LONG_BITS
[Qemu-devel] [PATCH 11/12] hw/omap1.c : separate uart module
Signed-off-by: cmchao
---
Makefile.target |3 +-
hw/omap1.c | 170
hw/omap_uart.c | 194 +++
3 files changed, 196 insertions(+), 171 deletions(-)
create mode 100644 hw/omap_uart.c
diff --git a/Makefile.target b/Makefile.target
index 20bcb8a..a01daa4 100644
--- a/Makefile.target
+++ b/Makefile.target
@@ -263,7 +263,8 @@ obj-arm-y += pxa2xx.o pxa2xx_pic.o pxa2xx_gpio.o
pxa2xx_timer.o pxa2xx_dma.o
obj-arm-y += pxa2xx_lcd.o pxa2xx_mmci.o pxa2xx_pcmcia.o pxa2xx_keypad.o
obj-arm-y += gumstix.o
obj-arm-y += zaurus.o ide/microdrive.o spitz.o tosa.o tc6393xb.o
-obj-arm-y += omap1.o omap_lcdc.o omap_dma.o omap_clk.o omap_mmc.o omap_i2c.o
omap_gpio.o omap_intc.o
+obj-arm-y += omap1.o omap_lcdc.o omap_dma.o omap_clk.o omap_mmc.o omap_i2c.o \
+ omap_gpio.o omap_intc.o omap_uart.o
obj-arm-y += omap2.o omap_dss.o soc_dma.o omap_gptimer.o omap_synctimer.o \
omap_gpmc.o omap_sdrc.o omap_spi.o omap_tap.o omap_l4.o
obj-arm-y += omap_sx1.o palm.o tsc210x.o
diff --git a/hw/omap1.c b/hw/omap1.c
index 21c53fe..301eec5 100644
--- a/hw/omap1.c
+++ b/hw/omap1.c
@@ -1378,176 +1378,6 @@ static void omap_dpll_init(struct dpll_ctl_s *s,
target_phys_addr_t base,
cpu_register_physical_memory(base, 0x100, iomemtype);
}
-/* UARTs */
-struct omap_uart_s {
-target_phys_addr_t base;
-SerialState *serial; /* TODO */
-struct omap_target_agent_s *ta;
-omap_clk fclk;
-qemu_irq irq;
-
-uint8_t eblr;
-uint8_t syscontrol;
-uint8_t wkup;
-uint8_t cfps;
-uint8_t mdr[2];
-uint8_t scr;
-uint8_t clksel;
-};
-
-void omap_uart_reset(struct omap_uart_s *s)
-{
-s->eblr = 0x00;
-s->syscontrol = 0;
-s->wkup = 0x3f;
-s->cfps = 0x69;
-s->clksel = 0;
-}
-
-struct omap_uart_s *omap_uart_init(target_phys_addr_t base,
-qemu_irq irq, omap_clk fclk, omap_clk iclk,
-qemu_irq txdma, qemu_irq rxdma, CharDriverState *chr)
-{
-struct omap_uart_s *s = (struct omap_uart_s *)
-qemu_mallocz(sizeof(struct omap_uart_s));
-
-s->base = base;
-s->fclk = fclk;
-s->irq = irq;
-#ifdef TARGET_WORDS_BIGENDIAN
-s->serial = serial_mm_init(base, 2, irq, omap_clk_getrate(fclk)/16,
- chr ?: qemu_chr_open("null", "null", NULL), 1,
- 1);
-#else
-s->serial = serial_mm_init(base, 2, irq, omap_clk_getrate(fclk)/16,
- chr ?: qemu_chr_open("null", "null", NULL), 1,
- 0);
-#endif
-return s;
-}
-
-static uint32_t omap_uart_read(void *opaque, target_phys_addr_t addr)
-{
-struct omap_uart_s *s = (struct omap_uart_s *) opaque;
-
-addr &= 0xff;
-switch (addr) {
-case 0x20: /* MDR1 */
-return s->mdr[0];
-case 0x24: /* MDR2 */
-return s->mdr[1];
-case 0x40: /* SCR */
-return s->scr;
-case 0x44: /* SSR */
-return 0x0;
-case 0x48: /* EBLR (OMAP2) */
-return s->eblr;
-case 0x4C: /* OSC_12M_SEL (OMAP1) */
-return s->clksel;
-case 0x50: /* MVR */
-return 0x30;
-case 0x54: /* SYSC (OMAP2) */
-return s->syscontrol;
-case 0x58: /* SYSS (OMAP2) */
-return 1;
-case 0x5c: /* WER (OMAP2) */
-return s->wkup;
-case 0x60: /* CFPS (OMAP2) */
-return s->cfps;
-}
-
-OMAP_BAD_REG(addr);
-return 0;
-}
-
-static void omap_uart_write(void *opaque, target_phys_addr_t addr,
-uint32_t value)
-{
-struct omap_uart_s *s = (struct omap_uart_s *) opaque;
-
-addr &= 0xff;
-switch (addr) {
-case 0x20: /* MDR1 */
-s->mdr[0] = value & 0x7f;
-break;
-case 0x24: /* MDR2 */
-s->mdr[1] = value & 0xff;
-break;
-case 0x40: /* SCR */
-s->scr = value & 0xff;
-break;
-case 0x48: /* EBLR (OMAP2) */
-s->eblr = value & 0xff;
-break;
-case 0x4C: /* OSC_12M_SEL (OMAP1) */
-s->clksel = value & 1;
-break;
-case 0x44: /* SSR */
-case 0x50: /* MVR */
-case 0x58: /* SYSS (OMAP2) */
-OMAP_RO_REG(addr);
-break;
-case 0x54: /* SYSC (OMAP2) */
-s->syscontrol = value & 0x1d;
-if (value & 2)
-omap_uart_reset(s);
-break;
-case 0x5c: /* WER (OMAP2) */
-s->wkup = value & 0x7f;
-break;
-case 0x60: /* CFPS (OMAP2) */
-s->cfps = value & 0xff;
-break;
-default:
-OMAP_BAD_REG(addr);
-}
-}
-
-static CPUReadMemoryFunc * const omap_uart_readfn[] = {
-omap_uart_read,
-omap_uart_read,
-omap_badwidth_read8,
-};
-
-static CPUWriteMemoryFunc * const omap_uart_writefn[] = {
-omap_uart_write,
-omap_uart_write,
-omap_badwidth_write8,
-};
-
-struct omap_uart_s *omap2_uart_init(struct omap_target_agent_s *ta,
-qemu_irq irq, omap_
[Qemu-devel] [PATCH] savevm: Really verify if a drive supports snapshots
Both bdrv_can_snapshot() and bdrv_has_snapshot() does not work as advertized.
First issue: Their names implies different porpouses, but they do the same thing
and have exactly the same code. Maybe copied and pasted and forgotten?
bdrv_has_snapshot() is called in various places for actually checking if there
is snapshots or not.
Second issue: the way bdrv_can_snapshot() verifies if a block driver supports or
not snapshots does not catch all cases. E.g.: a raw image.
So when do_savevm() is called, first thing it does is to set a global
BlockDriverState to save the VM memory state calling get_bs_snapshots().
static BlockDriverState *get_bs_snapshots(void)
{
BlockDriverState *bs;
DriveInfo *dinfo;
if (bs_snapshots)
return bs_snapshots;
QTAILQ_FOREACH(dinfo, &drives, next) {
bs = dinfo->bdrv;
if (bdrv_can_snapshot(bs))
goto ok;
}
return NULL;
ok:
bs_snapshots = bs;
return bs;
}
bdrv_can_snapshot() may return a BlockDriverState that does not support
snapshots and do_savevm() goes on.
Later on in do_savevm(), we find:
QTAILQ_FOREACH(dinfo, &drives, next) {
bs1 = dinfo->bdrv;
if (bdrv_has_snapshot(bs1)) {
/* Write VM state size only to the image that contains the state */
sn->vm_state_size = (bs == bs1 ? vm_state_size : 0);
ret = bdrv_snapshot_create(bs1, sn);
if (ret < 0) {
monitor_printf(mon, "Error while creating snapshot on '%s'\n",
bdrv_get_device_name(bs1));
}
}
}
bdrv_has_snapshot(bs1) is not checking if the device does support or has
snapshots as explained above. Only in bdrv_snapshot_create() the device is
actually checked for snapshot support.
So, in cases where the first device supports snapshots, and the second does not,
the snapshot on the first will happen anyways. I believe this is not a good
behavior. It should be an all or nothing process.
This patch addresses these issues by making bdrv_can_snapshot() and
bdrv_has_snapshot() actually do what they must do and enforces better tests to
avoid errors in the middle of do_savevm().
The functions were moved from savevm.c to block.c. It makes more sense to me.
The bdrv_has_snapshot() is not beaultiful, but it does the job. I think having
this function avaible in the BlockDriver would be the best option.
The loadvm_state() function was updated too to enforce that when loading a VM at
least all writable devices must support snapshots too.
Signed-off-by: Miguel Di Ciurcio Filho
---
block.c | 47 ++-
block.h |2 ++
savevm.c | 48 +---
3 files changed, 69 insertions(+), 28 deletions(-)
diff --git a/block.c b/block.c
index cd70730..7eddc15 100644
--- a/block.c
+++ b/block.c
@@ -1720,15 +1720,52 @@ void bdrv_debug_event(BlockDriverState *bs,
BlkDebugEvent event)
/**/
/* handling of snapshots */
-int bdrv_snapshot_create(BlockDriverState *bs,
- QEMUSnapshotInfo *sn_info)
+int bdrv_can_snapshot(BlockDriverState *bs)
{
BlockDriver *drv = bs->drv;
-if (!drv)
+if (!drv) {
+return -ENOMEDIUM;
+}
+
+if (!drv->bdrv_snapshot_create || bdrv_is_removable(bs) ||
+bdrv_is_read_only(bs)) {
+return -ENOTSUP;
+}
+
+return 1;
+}
+
+int bdrv_has_snapshot(BlockDriverState *bs)
+{
+int ret;
+QEMUSnapshotInfo *sn_tab;
+BlockDriver *drv = bs->drv;
+if (!drv) {
return -ENOMEDIUM;
-if (!drv->bdrv_snapshot_create)
+}
+
+if (!drv->bdrv_snapshot_list) {
return -ENOTSUP;
-return drv->bdrv_snapshot_create(bs, sn_info);
+}
+
+ret = drv->bdrv_snapshot_list(bs, &sn_tab);
+
+if (sn_tab) {
+qemu_free(sn_tab);
+}
+
+return ret;
+}
+
+int bdrv_snapshot_create(BlockDriverState *bs,
+ QEMUSnapshotInfo *sn_info)
+{
+BlockDriver *drv = bs->drv;
+if (bdrv_can_snapshot(bs) > 0) {
+return drv->bdrv_snapshot_create(bs, sn_info);
+}
+
+return -1;
}
int bdrv_snapshot_goto(BlockDriverState *bs,
diff --git a/block.h b/block.h
index 24efeb6..c536f1c 100644
--- a/block.h
+++ b/block.h
@@ -173,6 +173,8 @@ int bdrv_get_info(BlockDriverState *bs, BlockDriverInfo
*bdi);
const char *bdrv_get_encrypted_filename(BlockDriverState *bs);
void bdrv_get_backing_filename(BlockDriverState *bs,
char *filename, int filename_size);
+int bdrv_can_snapshot(BlockDriverState *bs);
+int bdrv_has_snapshot(BlockDriverState *bs);
int bdrv_snapshot_create(BlockDriverState *bs,
QEMUSnapshotInfo *sn_info);
int bdrv_snapshot_goto(BlockDriverState *bs,
diff --git a/savevm.c b/savevm.c
index dc20390..9bc232f 100644
--- a/savevm.c
+++ b/savevm.c
@@ -1574,22 +1574,6 @@ out:
return ret;
}
[Qemu-devel] [PATCH 08/12] hw/omap2.c : separate spi module
Signed-off-by: cmchao
---
Makefile.target |2 +-
hw/omap.h |2 +
hw/omap2.c | 323 ---
hw/omap_spi.c | 346 +++
4 files changed, 349 insertions(+), 324 deletions(-)
create mode 100644 hw/omap_spi.c
diff --git a/Makefile.target b/Makefile.target
index 9a309e2..1edec6f 100644
--- a/Makefile.target
+++ b/Makefile.target
@@ -264,7 +264,7 @@ obj-arm-y += pxa2xx_lcd.o pxa2xx_mmci.o pxa2xx_pcmcia.o
pxa2xx_keypad.o
obj-arm-y += gumstix.o
obj-arm-y += zaurus.o ide/microdrive.o spitz.o tosa.o tc6393xb.o
obj-arm-y += omap1.o omap_lcdc.o omap_dma.o omap_clk.o omap_mmc.o omap_i2c.o
omap_gpio.o omap_intc.o
-obj-arm-y += omap2.o omap_dss.o soc_dma.o omap_gptimer.o omap_synctimer.o
omap_gpmc.o omap_sdrc.o
+obj-arm-y += omap2.o omap_dss.o soc_dma.o omap_gptimer.o omap_synctimer.o
omap_gpmc.o omap_sdrc.o omap_spi.o
obj-arm-y += omap_sx1.o palm.o tsc210x.o
obj-arm-y += nseries.o blizzard.o onenand.o vga.o cbus.o tusb6010.o usb-musb.o
obj-arm-y += mst_fpga.o mainstone.o
diff --git a/hw/omap.h b/hw/omap.h
index ea23ec9..fef495a 100644
--- a/hw/omap.h
+++ b/hw/omap.h
@@ -706,12 +706,14 @@ struct omap_uwire_s *omap_uwire_init(target_phys_addr_t
base,
void omap_uwire_attach(struct omap_uwire_s *s,
uWireSlave *slave, int chipselect);
+/* OMAP2 spi */
struct omap_mcspi_s;
struct omap_mcspi_s *omap_mcspi_init(struct omap_target_agent_s *ta, int chnum,
qemu_irq irq, qemu_irq *drq, omap_clk fclk, omap_clk iclk);
void omap_mcspi_attach(struct omap_mcspi_s *s,
uint32_t (*txrx)(void *opaque, uint32_t, int), void *opaque,
int chipselect);
+void omap_mcspi_reset(struct omap_mcspi_s *s);
struct omap_rtc_s;
struct omap_rtc_s *omap_rtc_init(target_phys_addr_t base,
diff --git a/hw/omap2.c b/hw/omap2.c
index e6d1b52..ae6394e 100644
--- a/hw/omap2.c
+++ b/hw/omap2.c
@@ -27,329 +27,6 @@
#include "soc_dma.h"
#include "audio/audio.h"
-/* Multichannel SPI */
-struct omap_mcspi_s {
-qemu_irq irq;
-int chnum;
-
-uint32_t sysconfig;
-uint32_t systest;
-uint32_t irqst;
-uint32_t irqen;
-uint32_t wken;
-uint32_t control;
-
-struct omap_mcspi_ch_s {
-qemu_irq txdrq;
-qemu_irq rxdrq;
-uint32_t (*txrx)(void *opaque, uint32_t, int);
-void *opaque;
-
-uint32_t tx;
-uint32_t rx;
-
-uint32_t config;
-uint32_t status;
-uint32_t control;
-} ch[4];
-};
-
-static inline void omap_mcspi_interrupt_update(struct omap_mcspi_s *s)
-{
-qemu_set_irq(s->irq, s->irqst & s->irqen);
-}
-
-static inline void omap_mcspi_dmarequest_update(struct omap_mcspi_ch_s *ch)
-{
-qemu_set_irq(ch->txdrq,
-(ch->control & 1) && /* EN */
-(ch->config & (1 << 14)) &&/* DMAW */
-(ch->status & (1 << 1)) && /* TXS */
-((ch->config >> 12) & 3) != 1);/* TRM */
-qemu_set_irq(ch->rxdrq,
-(ch->control & 1) && /* EN */
-(ch->config & (1 << 15)) &&/* DMAW */
-(ch->status & (1 << 0)) && /* RXS */
-((ch->config >> 12) & 3) != 2);/* TRM */
-}
-
-static void omap_mcspi_transfer_run(struct omap_mcspi_s *s, int chnum)
-{
-struct omap_mcspi_ch_s *ch = s->ch + chnum;
-
-if (!(ch->control & 1))/* EN */
-return;
-if ((ch->status & (1 << 0)) && /* RXS */
-((ch->config >> 12) & 3) != 2 && /* TRM */
-!(ch->config & (1 << 19))) /* TURBO */
-goto intr_update;
-if ((ch->status & (1 << 1)) && /* TXS */
-((ch->config >> 12) & 3) != 1) /* TRM */
-goto intr_update;
-
-if (!(s->control & 1) || /* SINGLE */
-(ch->config & (1 << 20))) {/* FORCE */
-if (ch->txrx)
-ch->rx = ch->txrx(ch->opaque, ch->tx, /* WL */
-1 + (0x1f & (ch->config >> 7)));
-}
-
-ch->tx = 0;
-ch->status |= 1 << 2; /* EOT */
-ch->status |= 1 << 1; /* TXS */
-if (((ch->config >> 12) & 3) != 2) /* TRM */
-ch->status |= 1 << 0; /* RXS */
-
-intr_update:
-if ((ch->status & (1 << 0)) && /* RXS */
-((ch->config >> 12) & 3) != 2 && /* TRM */
-!(ch->config & (1 << 19))) /* TURBO */
-s->irqst |= 1 << (2 + 4 * chnum); /* RX_FULL */
-if ((ch->status & (1 << 1)) && /* TXS */
-((ch->config >> 12) & 3) != 1) /* TRM */
-s->irq
[Qemu-devel] [STABLE PATCH 1/6] ide: Fix ide_dma_cancel
When cancelling a request, bdrv_aio_cancel may decide that it waits for
completion of a request rather than for cancellation. IDE therefore can't
abandon its DMA status before calling bdrv_aio_cancel; otherwise the callback
of a completed request would use invalid data.
Signed-off-by: Kevin Wolf
(cherry picked from commit 38d8dfa193e9a45f0f08b06aab2ba2a94f40a041)
---
hw/ide/core.c |8
1 files changed, 4 insertions(+), 4 deletions(-)
diff --git a/hw/ide/core.c b/hw/ide/core.c
index 64aebc2..f9bb338 100644
--- a/hw/ide/core.c
+++ b/hw/ide/core.c
@@ -2827,10 +2827,6 @@ static void ide_dma_restart(IDEState *s, int is_read)
void ide_dma_cancel(BMDMAState *bm)
{
if (bm->status & BM_STATUS_DMAING) {
-bm->status &= ~BM_STATUS_DMAING;
-/* cancel DMA request */
-bm->unit = -1;
-bm->dma_cb = NULL;
if (bm->aiocb) {
#ifdef DEBUG_AIO
printf("aio_cancel\n");
@@ -2838,6 +2834,10 @@ void ide_dma_cancel(BMDMAState *bm)
bdrv_aio_cancel(bm->aiocb);
bm->aiocb = NULL;
}
+bm->status &= ~BM_STATUS_DMAING;
+/* cancel DMA request */
+bm->unit = -1;
+bm->dma_cb = NULL;
}
}
--
1.6.6.1
[Qemu-devel] [PATCH 06/12] hw/omap2.c : separate sdrc (sdram controller)
Signed-off-by: cmchao
---
Makefile.target |2 +-
hw/omap.h |2 +
hw/omap2.c | 144
hw/omap_sdrc.c | 165 +++
4 files changed, 168 insertions(+), 145 deletions(-)
create mode 100644 hw/omap_sdrc.c
diff --git a/Makefile.target b/Makefile.target
index e6abaa7..59dd0d4 100644
--- a/Makefile.target
+++ b/Makefile.target
@@ -264,7 +264,7 @@ obj-arm-y += pxa2xx_lcd.o pxa2xx_mmci.o pxa2xx_pcmcia.o
pxa2xx_keypad.o
obj-arm-y += gumstix.o
obj-arm-y += zaurus.o ide/microdrive.o spitz.o tosa.o tc6393xb.o
obj-arm-y += omap1.o omap_lcdc.o omap_dma.o omap_clk.o omap_mmc.o omap_i2c.o
omap_gpio.o
-obj-arm-y += omap2.o omap_dss.o soc_dma.o omap_gptimer.o omap_synctimer.o
omap_gpmc.o
+obj-arm-y += omap2.o omap_dss.o soc_dma.o omap_gptimer.o omap_synctimer.o
omap_gpmc.o omap_sdrc.o
obj-arm-y += omap_sx1.o palm.o tsc210x.o
obj-arm-y += nseries.o blizzard.o onenand.o vga.o cbus.o tusb6010.o usb-musb.o
obj-arm-y += mst_fpga.o mainstone.o
diff --git a/hw/omap.h b/hw/omap.h
index c596953..ad4a465 100644
--- a/hw/omap.h
+++ b/hw/omap.h
@@ -90,8 +90,10 @@ struct omap_sysctl_s;
struct omap_sysctl_s *omap_sysctl_init(struct omap_target_agent_s *ta,
omap_clk iclk, struct omap_mpu_state_s *mpu);
+/* OMAP2 SDRAM controller */
struct omap_sdrc_s;
struct omap_sdrc_s *omap_sdrc_init(target_phys_addr_t base);
+void omap_sdrc_reset(struct omap_sdrc_s *s);
/* OMAP2 general purpose memory controller */
struct omap_gpmc_s;
diff --git a/hw/omap2.c b/hw/omap2.c
index b1e5aae..e6d1b52 100644
--- a/hw/omap2.c
+++ b/hw/omap2.c
@@ -2844,150 +2844,6 @@ struct omap_sysctl_s *omap_sysctl_init(struct
omap_target_agent_s *ta,
return s;
}
-/* SDRAM Controller Subsystem */
-struct omap_sdrc_s {
-uint8_t config;
-};
-
-static void omap_sdrc_reset(struct omap_sdrc_s *s)
-{
-s->config = 0x10;
-}
-
-static uint32_t omap_sdrc_read(void *opaque, target_phys_addr_t addr)
-{
-struct omap_sdrc_s *s = (struct omap_sdrc_s *) opaque;
-
-switch (addr) {
-case 0x00: /* SDRC_REVISION */
-return 0x20;
-
-case 0x10: /* SDRC_SYSCONFIG */
-return s->config;
-
-case 0x14: /* SDRC_SYSSTATUS */
-return 1; /* RESETDONE */
-
-case 0x40: /* SDRC_CS_CFG */
-case 0x44: /* SDRC_SHARING */
-case 0x48: /* SDRC_ERR_ADDR */
-case 0x4c: /* SDRC_ERR_TYPE */
-case 0x60: /* SDRC_DLLA_SCTRL */
-case 0x64: /* SDRC_DLLA_STATUS */
-case 0x68: /* SDRC_DLLB_CTRL */
-case 0x6c: /* SDRC_DLLB_STATUS */
-case 0x70: /* SDRC_POWER */
-case 0x80: /* SDRC_MCFG_0 */
-case 0x84: /* SDRC_MR_0 */
-case 0x88: /* SDRC_EMR1_0 */
-case 0x8c: /* SDRC_EMR2_0 */
-case 0x90: /* SDRC_EMR3_0 */
-case 0x94: /* SDRC_DCDL1_CTRL */
-case 0x98: /* SDRC_DCDL2_CTRL */
-case 0x9c: /* SDRC_ACTIM_CTRLA_0 */
-case 0xa0: /* SDRC_ACTIM_CTRLB_0 */
-case 0xa4: /* SDRC_RFR_CTRL_0 */
-case 0xa8: /* SDRC_MANUAL_0 */
-case 0xb0: /* SDRC_MCFG_1 */
-case 0xb4: /* SDRC_MR_1 */
-case 0xb8: /* SDRC_EMR1_1 */
-case 0xbc: /* SDRC_EMR2_1 */
-case 0xc0: /* SDRC_EMR3_1 */
-case 0xc4: /* SDRC_ACTIM_CTRLA_1 */
-case 0xc8: /* SDRC_ACTIM_CTRLB_1 */
-case 0xd4: /* SDRC_RFR_CTRL_1 */
-case 0xd8: /* SDRC_MANUAL_1 */
-return 0x00;
-}
-
-OMAP_BAD_REG(addr);
-return 0;
-}
-
-static void omap_sdrc_write(void *opaque, target_phys_addr_t addr,
-uint32_t value)
-{
-struct omap_sdrc_s *s = (struct omap_sdrc_s *) opaque;
-
-switch (addr) {
-case 0x00: /* SDRC_REVISION */
-case 0x14: /* SDRC_SYSSTATUS */
-case 0x48: /* SDRC_ERR_ADDR */
-case 0x64: /* SDRC_DLLA_STATUS */
-case 0x6c: /* SDRC_DLLB_STATUS */
-OMAP_RO_REG(addr);
-return;
-
-case 0x10: /* SDRC_SYSCONFIG */
-if ((value >> 3) != 0x2)
-fprintf(stderr, "%s: bad SDRAM idle mode %i\n",
-__FUNCTION__, value >> 3);
-if (value & 2)
-omap_sdrc_reset(s);
-s->config = value & 0x18;
-break;
-
-case 0x40: /* SDRC_CS_CFG */
-case 0x44: /* SDRC_SHARING */
-case 0x4c: /* SDRC_ERR_TYPE */
-case 0x60: /* SDRC_DLLA_SCTRL */
-case 0x68: /* SDRC_DLLB_CTRL */
-case 0x70: /* SDRC_POWER */
-case 0x80: /* SDRC_MCFG_0 */
-case 0x84: /* SDRC_MR_0 */
-case 0x88: /* SDRC_EMR1_0 */
-case 0x8c: /* SDRC_EMR2_0 */
-case 0x90: /* SDRC_EMR3_0 */
-case 0x94: /* SDRC_DCDL1_CTRL */
-case 0x98: /* SDRC_DCDL2_CTRL */
-case 0x9c: /* SDRC_ACTIM_CTRLA_0 */
-case 0xa0: /* SDRC_ACTIM_CTRLB_0 */
-case 0xa4: /* SDRC_RFR_CTRL_0 */
-case 0xa8: /* SDRC_MANUAL_0 */
-case 0xb0: /* SDRC_MCFG_1 */
-case 0xb4: /* SDRC_MR_1 */
-case 0xb8: /* SDRC_EMR1_1 */
-case 0xbc: /* SDRC_EMR2_1 */
-case 0xc0: /* SDRC_EMR3_1 */
-case 0xc4: /
[Qemu-devel] [STABLE PATCH 2/6] qcow2: Clear L2 table cache after write error
If the L2 table was already updated in cache, but writing it to disk has
failed, we must not continue using the changed version in the cache to stay
consistent with what's on the disk.
Signed-off-by: Kevin Wolf
(cherry picked from commit 1b7c801b40ce90795397bb566d019c9b76ef9c13)
Conflicts:
block/qcow2-cluster.c
Signed-off-by: Kevin Wolf
---
block/qcow2-cluster.c |5 +++--
1 files changed, 3 insertions(+), 2 deletions(-)
diff --git a/block/qcow2-cluster.c b/block/qcow2-cluster.c
index c7057b1..0dc4f1d 100644
--- a/block/qcow2-cluster.c
+++ b/block/qcow2-cluster.c
@@ -672,8 +672,9 @@ int qcow2_alloc_cluster_link_l2(BlockDriverState *bs,
QCowL2Meta *m)
(i << s->cluster_bits)) | QCOW_OFLAG_COPIED);
}
-if (write_l2_entries(s, l2_table, l2_offset, l2_index, m->nb_clusters) <
0) {
-ret = -1;
+ret = write_l2_entries(s, l2_table, l2_offset, l2_index, m->nb_clusters);
+if (ret < 0) {
+qcow2_l2_cache_reset(bs);
goto err;
}
--
1.6.6.1
[Qemu-devel] [STABLE PATCH 4/6] block: Fix multiwrite with overlapping requests
With overlapping requests, the total number of sectors is smaller than the sum of the nb_sectors of both requests. Signed-off-by: Kevin Wolf (cherry picked from commit cbf1dff2f1033cadcb15c0ffc9c0a3d039d8ed42) --- block.c |2 +- 1 files changed, 1 insertions(+), 1 deletions(-) diff --git a/block.c b/block.c index 955eeaa..298414c 100644 --- a/block.c +++ b/block.c @@ -1711,7 +1711,7 @@ static int multiwrite_merge(BlockDriverState *bs, BlockRequest *reqs, // Add the second request qemu_iovec_concat(qiov, reqs[i].qiov, reqs[i].qiov->size); -reqs[outidx].nb_sectors += reqs[i].nb_sectors; +reqs[outidx].nb_sectors = qiov->size >> 9; reqs[outidx].qiov = qiov; mcb->callbacks[i].free_qiov = reqs[outidx].qiov; -- 1.6.6.1
[Qemu-devel] [PATCH 05/12] hw/omap2.c : separate gpmc(general purpose memory controller)
Signed-off-by: cmchao
---
Makefile.target |2 +-
hw/omap.h |2 +
hw/omap2.c | 396
hw/omap_gpmc.c | 419 +++
4 files changed, 422 insertions(+), 397 deletions(-)
create mode 100644 hw/omap_gpmc.c
diff --git a/Makefile.target b/Makefile.target
index 43c1708..e6abaa7 100644
--- a/Makefile.target
+++ b/Makefile.target
@@ -264,7 +264,7 @@ obj-arm-y += pxa2xx_lcd.o pxa2xx_mmci.o pxa2xx_pcmcia.o
pxa2xx_keypad.o
obj-arm-y += gumstix.o
obj-arm-y += zaurus.o ide/microdrive.o spitz.o tosa.o tc6393xb.o
obj-arm-y += omap1.o omap_lcdc.o omap_dma.o omap_clk.o omap_mmc.o omap_i2c.o
omap_gpio.o
-obj-arm-y += omap2.o omap_dss.o soc_dma.o omap_gptimer.o omap_synctimer.o
+obj-arm-y += omap2.o omap_dss.o soc_dma.o omap_gptimer.o omap_synctimer.o
omap_gpmc.o
obj-arm-y += omap_sx1.o palm.o tsc210x.o
obj-arm-y += nseries.o blizzard.o onenand.o vga.o cbus.o tusb6010.o usb-musb.o
obj-arm-y += mst_fpga.o mainstone.o
diff --git a/hw/omap.h b/hw/omap.h
index b898230..c596953 100644
--- a/hw/omap.h
+++ b/hw/omap.h
@@ -93,8 +93,10 @@ struct omap_sysctl_s *omap_sysctl_init(struct
omap_target_agent_s *ta,
struct omap_sdrc_s;
struct omap_sdrc_s *omap_sdrc_init(target_phys_addr_t base);
+/* OMAP2 general purpose memory controller */
struct omap_gpmc_s;
struct omap_gpmc_s *omap_gpmc_init(target_phys_addr_t base, qemu_irq irq);
+void omap_gpmc_reset(struct omap_gpmc_s *s);
void omap_gpmc_attach(struct omap_gpmc_s *s, int cs, int iomemtype,
void (*base_upd)(void *opaque, target_phys_addr_t new),
void (*unmap)(void *opaque), void *opaque);
diff --git a/hw/omap2.c b/hw/omap2.c
index e310eef..b1e5aae 100644
--- a/hw/omap2.c
+++ b/hw/omap2.c
@@ -2988,402 +2988,6 @@ struct omap_sdrc_s *omap_sdrc_init(target_phys_addr_t
base)
return s;
}
-/* General-Purpose Memory Controller */
-struct omap_gpmc_s {
-qemu_irq irq;
-
-uint8_t sysconfig;
-uint16_t irqst;
-uint16_t irqen;
-uint16_t timeout;
-uint16_t config;
-uint32_t prefconfig[2];
-int prefcontrol;
-int preffifo;
-int prefcount;
-struct omap_gpmc_cs_file_s {
-uint32_t config[7];
-target_phys_addr_t base;
-size_t size;
-int iomemtype;
-void (*base_update)(void *opaque, target_phys_addr_t new);
-void (*unmap)(void *opaque);
-void *opaque;
-} cs_file[8];
-int ecc_cs;
-int ecc_ptr;
-uint32_t ecc_cfg;
-ECCState ecc[9];
-};
-
-static void omap_gpmc_int_update(struct omap_gpmc_s *s)
-{
-qemu_set_irq(s->irq, s->irqen & s->irqst);
-}
-
-static void omap_gpmc_cs_map(struct omap_gpmc_cs_file_s *f, int base, int mask)
-{
-/* TODO: check for overlapping regions and report access errors */
-if ((mask != 0x8 && mask != 0xc && mask != 0xe && mask != 0xf) ||
-(base < 0 || base >= 0x40) ||
-(base & 0x0f & ~mask)) {
-fprintf(stderr, "%s: wrong cs address mapping/decoding!\n",
-__FUNCTION__);
-return;
-}
-
-if (!f->opaque)
-return;
-
-f->base = base << 24;
-f->size = (0x0fff & ~(mask << 24)) + 1;
-/* TODO: rather than setting the size of the mapping (which should be
- * constant), the mask should cause wrapping of the address space, so
- * that the same memory becomes accessible at every size bytes
- * starting from base. */
-if (f->iomemtype)
-cpu_register_physical_memory(f->base, f->size, f->iomemtype);
-
-if (f->base_update)
-f->base_update(f->opaque, f->base);
-}
-
-static void omap_gpmc_cs_unmap(struct omap_gpmc_cs_file_s *f)
-{
-if (f->size) {
-if (f->unmap)
-f->unmap(f->opaque);
-if (f->iomemtype)
-cpu_register_physical_memory(f->base, f->size, IO_MEM_UNASSIGNED);
-f->base = 0;
-f->size = 0;
-}
-}
-
-static void omap_gpmc_reset(struct omap_gpmc_s *s)
-{
-int i;
-
-s->sysconfig = 0;
-s->irqst = 0;
-s->irqen = 0;
-omap_gpmc_int_update(s);
-s->timeout = 0;
-s->config = 0xa00;
-s->prefconfig[0] = 0x4000;
-s->prefconfig[1] = 0x;
-s->prefcontrol = 0;
-s->preffifo = 0;
-s->prefcount = 0;
-for (i = 0; i < 8; i ++) {
-if (s->cs_file[i].config[6] & (1 << 6))/*
CSVALID */
-omap_gpmc_cs_unmap(s->cs_file + i);
-s->cs_file[i].config[0] = i ? 1 << 12 : 0;
-s->cs_file[i].config[1] = 0x101001;
-s->cs_file[i].config[2] = 0x020201;
-s->cs_file[i].config[3] = 0x10031003;
-s->cs_file[i].config[4] = 0x10f;
-s->cs_file[i].config[5] = 0;
-s->cs_file[i].config[6] = 0xf00 | (i ? 0 : 1 << 6);
-if (s->cs_file[i].config[6] & (1 << 6))/*
CSVALID */
-omap_gpmc_cs_map(&s->cs_file[i],
-
[Qemu-devel] [PATCH 04/12] hw/omap2.c : separate synctimer module
Signed-off-by: cmchao
---
Makefile.target |2 +-
hw/omap.h | 11 +++---
hw/omap2.c | 72 +-
hw/omap_synctimer.c | 96 +++
4 files changed, 104 insertions(+), 77 deletions(-)
create mode 100644 hw/omap_synctimer.c
diff --git a/Makefile.target b/Makefile.target
index c29dee0..43c1708 100644
--- a/Makefile.target
+++ b/Makefile.target
@@ -264,7 +264,7 @@ obj-arm-y += pxa2xx_lcd.o pxa2xx_mmci.o pxa2xx_pcmcia.o
pxa2xx_keypad.o
obj-arm-y += gumstix.o
obj-arm-y += zaurus.o ide/microdrive.o spitz.o tosa.o tc6393xb.o
obj-arm-y += omap1.o omap_lcdc.o omap_dma.o omap_clk.o omap_mmc.o omap_i2c.o
omap_gpio.o
-obj-arm-y += omap2.o omap_dss.o soc_dma.o omap_gptimer.o
+obj-arm-y += omap2.o omap_dss.o soc_dma.o omap_gptimer.o omap_synctimer.o
obj-arm-y += omap_sx1.o palm.o tsc210x.o
obj-arm-y += nseries.o blizzard.o onenand.o vga.o cbus.o tusb6010.o usb-musb.o
obj-arm-y += mst_fpga.o mainstone.o
diff --git a/hw/omap.h b/hw/omap.h
index 14fdb6f..b898230 100644
--- a/hw/omap.h
+++ b/hw/omap.h
@@ -645,8 +645,11 @@ struct omap_32khz_timer_s;
struct omap_32khz_timer_s *omap_os_timer_init(target_phys_addr_t base,
qemu_irq irq, omap_clk clk);
-void omap_synctimer_init(struct omap_target_agent_s *ta,
+/* OMAP2 sysctimer */
+struct omap_synctimer_s;
+struct omap_synctimer_s *omap_synctimer_init(struct omap_target_agent_s *ta,
struct omap_mpu_state_s *mpu, omap_clk fclk, omap_clk iclk);
+void omap_synctimer_reset(struct omap_synctimer_s *s);
struct omap_tipb_bridge_s;
struct omap_tipb_bridge_s *omap_tipb_bridge_init(target_phys_addr_t base,
@@ -939,11 +942,7 @@ struct omap_mpu_state_s {
struct omap_l4_s *l4;
struct omap_gp_timer_s *gptimer[12];
-
-struct omap_synctimer_s {
-uint32_t val;
-uint16_t readh;
-} synctimer;
+struct omap_synctimer_s *synctimer;
struct omap_prcm_s *prcm;
struct omap_sdrc_s *sdrc;
diff --git a/hw/omap2.c b/hw/omap2.c
index 890397b..e310eef 100644
--- a/hw/omap2.c
+++ b/hw/omap2.c
@@ -27,74 +27,6 @@
#include "soc_dma.h"
#include "audio/audio.h"
-/* 32-kHz Sync Timer of the OMAP2 */
-static uint32_t omap_synctimer_read(struct omap_synctimer_s *s) {
-return muldiv64(qemu_get_clock(vm_clock), 0x8000, get_ticks_per_sec());
-}
-
-static void omap_synctimer_reset(struct omap_synctimer_s *s)
-{
-s->val = omap_synctimer_read(s);
-}
-
-static uint32_t omap_synctimer_readw(void *opaque, target_phys_addr_t addr)
-{
-struct omap_synctimer_s *s = (struct omap_synctimer_s *) opaque;
-
-switch (addr) {
-case 0x00: /* 32KSYNCNT_REV */
-return 0x21;
-
-case 0x10: /* CR */
-return omap_synctimer_read(s) - s->val;
-}
-
-OMAP_BAD_REG(addr);
-return 0;
-}
-
-static uint32_t omap_synctimer_readh(void *opaque, target_phys_addr_t addr)
-{
-struct omap_synctimer_s *s = (struct omap_synctimer_s *) opaque;
-uint32_t ret;
-
-if (addr & 2)
-return s->readh;
-else {
-ret = omap_synctimer_readw(opaque, addr);
-s->readh = ret >> 16;
-return ret & 0x;
-}
-}
-
-static CPUReadMemoryFunc * const omap_synctimer_readfn[] = {
-omap_badwidth_read32,
-omap_synctimer_readh,
-omap_synctimer_readw,
-};
-
-static void omap_synctimer_write(void *opaque, target_phys_addr_t addr,
-uint32_t value)
-{
-OMAP_BAD_REG(addr);
-}
-
-static CPUWriteMemoryFunc * const omap_synctimer_writefn[] = {
-omap_badwidth_write32,
-omap_synctimer_write,
-omap_synctimer_write,
-};
-
-void omap_synctimer_init(struct omap_target_agent_s *ta,
-struct omap_mpu_state_s *mpu, omap_clk fclk, omap_clk iclk)
-{
-struct omap_synctimer_s *s = &mpu->synctimer;
-
-omap_synctimer_reset(s);
-omap_l4_attach(ta, 0, l4_register_io_memory(
- omap_synctimer_readfn, omap_synctimer_writefn, s));
-}
-
/* Multichannel SPI */
struct omap_mcspi_s {
qemu_irq irq;
@@ -3473,7 +3405,7 @@ static void omap2_mpu_reset(void *opaque)
omap_gp_timer_reset(mpu->gptimer[9]);
omap_gp_timer_reset(mpu->gptimer[10]);
omap_gp_timer_reset(mpu->gptimer[11]);
-omap_synctimer_reset(&mpu->synctimer);
+omap_synctimer_reset(mpu->synctimer);
omap_sdrc_reset(mpu->sdrc);
omap_gpmc_reset(mpu->gpmc);
omap_dss_reset(mpu->dss);
@@ -3634,7 +3566,7 @@ struct omap_mpu_state_s *omap2420_mpu_init(unsigned long
sdram_size,
omap_tap_init(omap_l4ta(s->l4, 2), s);
-omap_synctimer_init(omap_l4tao(s->l4, 2), s,
+s->synctimer = omap_synctimer_init(omap_l4tao(s->l4, 2), s,
omap_findclk(s, "clk32-kHz"),
omap_findclk(s, "core_l4_iclk"));
diff --git a/hw/omap_synctimer.c b/hw/omap_synctimer.c
new file mode 100644
index 000..118668a
--- /dev/null
+++ b/hw/omap_synctimer.c
@@ -0,0 +1,96 @@
+/*
+ * TI OMAP2 32kHz sync timer
[Qemu-devel] [STABLE PATCH 6/6] qcow2: Fix corruption after error in update_refcount
After it is done with updating refcounts in the cache, update_refcount writes
all changed entries to disk. If a refcount block allocation fails, however,
there was no change yet and therefore first_index = last_index = -1. Don't
treat -1 as a normal sector index (resulting in a 512 byte write!) but return
without updating anything in this case.
Signed-off-by: Kevin Wolf
(cherry picked from commit 86fa8da83771238de55dc44819a1a27bafef5353)
---
block/qcow2-refcount.c |4
1 files changed, 4 insertions(+), 0 deletions(-)
diff --git a/block/qcow2-refcount.c b/block/qcow2-refcount.c
index fa78e46..465d5d3 100644
--- a/block/qcow2-refcount.c
+++ b/block/qcow2-refcount.c
@@ -402,6 +402,10 @@ static int write_refcount_block_entries(BDRVQcowState *s,
return 0;
}
+if (first_index < 0) {
+return 0;
+}
+
first_index &= ~(REFCOUNTS_PER_SECTOR - 1);
last_index = (last_index + REFCOUNTS_PER_SECTOR)
& ~(REFCOUNTS_PER_SECTOR - 1);
--
1.6.6.1
[Qemu-devel] [PATCH 09/12] hw/omap2.c : separate tap module(Test-Chip-level)
Signed-off-by: cmchao
---
Makefile.target |2 +-
hw/omap2.c | 90
hw/omap_tap.c | 112 +++
3 files changed, 113 insertions(+), 91 deletions(-)
create mode 100644 hw/omap_tap.c
diff --git a/Makefile.target b/Makefile.target
index 1edec6f..39d2858 100644
--- a/Makefile.target
+++ b/Makefile.target
@@ -264,7 +264,7 @@ obj-arm-y += pxa2xx_lcd.o pxa2xx_mmci.o pxa2xx_pcmcia.o
pxa2xx_keypad.o
obj-arm-y += gumstix.o
obj-arm-y += zaurus.o ide/microdrive.o spitz.o tosa.o tc6393xb.o
obj-arm-y += omap1.o omap_lcdc.o omap_dma.o omap_clk.o omap_mmc.o omap_i2c.o
omap_gpio.o omap_intc.o
-obj-arm-y += omap2.o omap_dss.o soc_dma.o omap_gptimer.o omap_synctimer.o
omap_gpmc.o omap_sdrc.o omap_spi.o
+obj-arm-y += omap2.o omap_dss.o soc_dma.o omap_gptimer.o omap_synctimer.o
omap_gpmc.o omap_sdrc.o omap_spi.o omap_tap.o
obj-arm-y += omap_sx1.o palm.o tsc210x.o
obj-arm-y += nseries.o blizzard.o onenand.o vga.o cbus.o tusb6010.o usb-musb.o
obj-arm-y += mst_fpga.o mainstone.o
diff --git a/hw/omap2.c b/hw/omap2.c
index ae6394e..7403077 100644
--- a/hw/omap2.c
+++ b/hw/omap2.c
@@ -1245,96 +1245,6 @@ target_phys_addr_t omap_l4_attach(struct
omap_target_agent_s *ta, int region,
return base;
}
-/* TEST-Chip-level TAP */
-static uint32_t omap_tap_read(void *opaque, target_phys_addr_t addr)
-{
-struct omap_mpu_state_s *s = (struct omap_mpu_state_s *) opaque;
-
-switch (addr) {
-case 0x204:/* IDCODE_reg */
-switch (s->mpu_model) {
-case omap2420:
-case omap2422:
-case omap2423:
-return 0x5b5d902f; /* ES 2.2 */
-case omap2430:
-return 0x5b68a02f; /* ES 2.2 */
-case omap3430:
-return 0x1b7ae02f; /* ES 2 */
-default:
-hw_error("%s: Bad mpu model\n", __FUNCTION__);
-}
-
-case 0x208:/* PRODUCTION_ID_reg for OMAP2 */
-case 0x210:/* PRODUCTION_ID_reg for OMAP3 */
-switch (s->mpu_model) {
-case omap2420:
-return 0x000254f0; /* POP ESHS2.1.1 in N91/93/95, ES2 in N800 */
-case omap2422:
-return 0x000400f0;
-case omap2423:
-return 0x000800f0;
-case omap2430:
-return 0x00f0;
-case omap3430:
-return 0x00f0;
-default:
-hw_error("%s: Bad mpu model\n", __FUNCTION__);
-}
-
-case 0x20c:
-switch (s->mpu_model) {
-case omap2420:
-case omap2422:
-case omap2423:
-return 0xcafeb5d9; /* ES 2.2 */
-case omap2430:
-return 0xcafeb68a; /* ES 2.2 */
-case omap3430:
-return 0xcafeb7ae; /* ES 2 */
-default:
-hw_error("%s: Bad mpu model\n", __FUNCTION__);
-}
-
-case 0x218:/* DIE_ID_reg */
-return ('Q' << 24) | ('E' << 16) | ('M' << 8) | ('U' << 0);
-case 0x21c:/* DIE_ID_reg */
-return 0x54 << 24;
-case 0x220:/* DIE_ID_reg */
-return ('Q' << 24) | ('E' << 16) | ('M' << 8) | ('U' << 0);
-case 0x224:/* DIE_ID_reg */
-return ('Q' << 24) | ('E' << 16) | ('M' << 8) | ('U' << 0);
-}
-
-OMAP_BAD_REG(addr);
-return 0;
-}
-
-static void omap_tap_write(void *opaque, target_phys_addr_t addr,
-uint32_t value)
-{
-OMAP_BAD_REG(addr);
-}
-
-static CPUReadMemoryFunc * const omap_tap_readfn[] = {
-omap_badwidth_read32,
-omap_badwidth_read32,
-omap_tap_read,
-};
-
-static CPUWriteMemoryFunc * const omap_tap_writefn[] = {
-omap_badwidth_write32,
-omap_badwidth_write32,
-omap_tap_write,
-};
-
-void omap_tap_init(struct omap_target_agent_s *ta,
-struct omap_mpu_state_s *mpu)
-{
-omap_l4_attach(ta, 0, l4_register_io_memory(
-omap_tap_readfn, omap_tap_writefn, mpu));
-}
-
/* Power, Reset, and Clock Management */
struct omap_prcm_s {
qemu_irq irq[3];
diff --git a/hw/omap_tap.c b/hw/omap_tap.c
new file mode 100644
index 000..1f18ddd
--- /dev/null
+++ b/hw/omap_tap.c
@@ -0,0 +1,112 @@
+/*
+ * TI OMAP TEST-Chip-level TAP emulation.
+ *
+ * Copyright (C) 2007-2008 Nokia Corporation
+ * Written by Andrzej Zaborowski
+ *
+ * This program is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU General Public License as
+ * published by the Free Software Foundation; either version 2 or
+ * (at your option) any later version of the License.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License along
+ * with this program; if not, see
[Qemu-devel] [PATCH 03/12] hw/omap2.c : separate gptimer module
Signed-off-by: cmchao
---
Makefile.target |2 +-
hw/omap.h |2 +
hw/omap2.c| 462 --
hw/omap_gptimer.c | 484 +
4 files changed, 487 insertions(+), 463 deletions(-)
create mode 100644 hw/omap_gptimer.c
diff --git a/Makefile.target b/Makefile.target
index eb5c84a..c29dee0 100644
--- a/Makefile.target
+++ b/Makefile.target
@@ -264,7 +264,7 @@ obj-arm-y += pxa2xx_lcd.o pxa2xx_mmci.o pxa2xx_pcmcia.o
pxa2xx_keypad.o
obj-arm-y += gumstix.o
obj-arm-y += zaurus.o ide/microdrive.o spitz.o tosa.o tc6393xb.o
obj-arm-y += omap1.o omap_lcdc.o omap_dma.o omap_clk.o omap_mmc.o omap_i2c.o
omap_gpio.o
-obj-arm-y += omap2.o omap_dss.o soc_dma.o
+obj-arm-y += omap2.o omap_dss.o soc_dma.o omap_gptimer.o
obj-arm-y += omap_sx1.o palm.o tsc210x.o
obj-arm-y += nseries.o blizzard.o onenand.o vga.o cbus.o tusb6010.o usb-musb.o
obj-arm-y += mst_fpga.o mainstone.o
diff --git a/hw/omap.h b/hw/omap.h
index a37ee54..14fdb6f 100644
--- a/hw/omap.h
+++ b/hw/omap.h
@@ -631,9 +631,11 @@ struct omap_mpu_timer_s;
struct omap_mpu_timer_s *omap_mpu_timer_init(target_phys_addr_t base,
qemu_irq irq, omap_clk clk);
+/* OMAP2 gp timer */
struct omap_gp_timer_s;
struct omap_gp_timer_s *omap_gp_timer_init(struct omap_target_agent_s *ta,
qemu_irq irq, omap_clk fclk, omap_clk iclk);
+void omap_gp_timer_reset(struct omap_gp_timer_s *s);
struct omap_watchdog_timer_s;
struct omap_watchdog_timer_s *omap_wd_timer_init(target_phys_addr_t base,
diff --git a/hw/omap2.c b/hw/omap2.c
index bf5539d..890397b 100644
--- a/hw/omap2.c
+++ b/hw/omap2.c
@@ -27,468 +27,6 @@
#include "soc_dma.h"
#include "audio/audio.h"
-/* GP timers */
-struct omap_gp_timer_s {
-qemu_irq irq;
-qemu_irq wkup;
-qemu_irq in;
-qemu_irq out;
-omap_clk clk;
-QEMUTimer *timer;
-QEMUTimer *match;
-struct omap_target_agent_s *ta;
-
-int in_val;
-int out_val;
-int64_t time;
-int64_t rate;
-int64_t ticks_per_sec;
-
-int16_t config;
-int status;
-int it_ena;
-int wu_ena;
-int enable;
-int inout;
-int capt2;
-int pt;
-enum {
-gpt_trigger_none, gpt_trigger_overflow, gpt_trigger_both
-} trigger;
-enum {
-gpt_capture_none, gpt_capture_rising,
-gpt_capture_falling, gpt_capture_both
-} capture;
-int scpwm;
-int ce;
-int pre;
-int ptv;
-int ar;
-int st;
-int posted;
-uint32_t val;
-uint32_t load_val;
-uint32_t capture_val[2];
-uint32_t match_val;
-int capt_num;
-
-uint16_t writeh; /* LSB */
-uint16_t readh;/* MSB */
-};
-
-#define GPT_TCAR_IT(1 << 2)
-#define GPT_OVF_IT (1 << 1)
-#define GPT_MAT_IT (1 << 0)
-
-static inline void omap_gp_timer_intr(struct omap_gp_timer_s *timer, int it)
-{
-if (timer->it_ena & it) {
-if (!timer->status)
-qemu_irq_raise(timer->irq);
-
-timer->status |= it;
-/* Or are the status bits set even when masked?
- * i.e. is masking applied before or after the status register? */
-}
-
-if (timer->wu_ena & it)
-qemu_irq_pulse(timer->wkup);
-}
-
-static inline void omap_gp_timer_out(struct omap_gp_timer_s *timer, int level)
-{
-if (!timer->inout && timer->out_val != level) {
-timer->out_val = level;
-qemu_set_irq(timer->out, level);
-}
-}
-
-static inline uint32_t omap_gp_timer_read(struct omap_gp_timer_s *timer)
-{
-uint64_t distance;
-
-if (timer->st && timer->rate) {
-distance = qemu_get_clock(vm_clock) - timer->time;
-distance = muldiv64(distance, timer->rate, timer->ticks_per_sec);
-
-if (distance >= 0x - timer->val)
-return 0x;
-else
-return timer->val + distance;
-} else
-return timer->val;
-}
-
-static inline void omap_gp_timer_sync(struct omap_gp_timer_s *timer)
-{
-if (timer->st) {
-timer->val = omap_gp_timer_read(timer);
-timer->time = qemu_get_clock(vm_clock);
-}
-}
-
-static inline void omap_gp_timer_update(struct omap_gp_timer_s *timer)
-{
-int64_t expires, matches;
-
-if (timer->st && timer->rate) {
-expires = muldiv64(0x1ll - timer->val,
-timer->ticks_per_sec, timer->rate);
-qemu_mod_timer(timer->timer, timer->time + expires);
-
-if (timer->ce && timer->match_val >= timer->val) {
-matches = muldiv64(timer->match_val - timer->val,
-timer->ticks_per_sec, timer->rate);
-qemu_mod_timer(timer->match, timer->time + matches);
-} else
-qemu_del_timer(timer->match);
-} else {
-qemu_del_timer(timer->timer);
-qemu_del_timer(timer->match);
-omap_gp_timer_out(timer, timer->scpwm);
-}
-}
-
-static inline void omap_gp_timer_trigger(struct
[Qemu-devel] [PATCH 12/12] hw/omap : make local function static and remove declaration from header
Signed-off-by: cmchao
---
hw/omap.h | 36
hw/omap1.c | 10 +-
hw/omap2.c |6 +++---
3 files changed, 8 insertions(+), 44 deletions(-)
diff --git a/hw/omap.h b/hw/omap.h
index 34443b4..18eb72b 100644
--- a/hw/omap.h
+++ b/hw/omap.h
@@ -108,15 +108,6 @@ struct omap_intr_handler_s
*omap2_inth_init(target_phys_addr_t base,
void omap_inth_reset(struct omap_intr_handler_s *s);
qemu_irq omap_inth_get_pin(struct omap_intr_handler_s *s, int n);
-struct omap_prcm_s;
-struct omap_prcm_s *omap_prcm_init(struct omap_target_agent_s *ta,
-qemu_irq mpu_int, qemu_irq dsp_int, qemu_irq iva_int,
-struct omap_mpu_state_s *mpu);
-
-struct omap_sysctl_s;
-struct omap_sysctl_s *omap_sysctl_init(struct omap_target_agent_s *ta,
-omap_clk iclk, struct omap_mpu_state_s *mpu);
-
/* OMAP2 SDRAM controller */
struct omap_sdrc_s;
struct omap_sdrc_s *omap_sdrc_init(target_phys_addr_t base);
@@ -658,34 +649,18 @@ struct omap_dma_lcd_channel_s {
# define OMAP24XX_DMA_EXT_DMAREQ5 64
/* omap[123].c */
-struct omap_mpu_timer_s;
-struct omap_mpu_timer_s *omap_mpu_timer_init(target_phys_addr_t base,
-qemu_irq irq, omap_clk clk);
-
/* OMAP2 gp timer */
struct omap_gp_timer_s;
struct omap_gp_timer_s *omap_gp_timer_init(struct omap_target_agent_s *ta,
qemu_irq irq, omap_clk fclk, omap_clk iclk);
void omap_gp_timer_reset(struct omap_gp_timer_s *s);
-struct omap_watchdog_timer_s;
-struct omap_watchdog_timer_s *omap_wd_timer_init(target_phys_addr_t base,
-qemu_irq irq, omap_clk clk);
-
-struct omap_32khz_timer_s;
-struct omap_32khz_timer_s *omap_os_timer_init(target_phys_addr_t base,
-qemu_irq irq, omap_clk clk);
-
/* OMAP2 sysctimer */
struct omap_synctimer_s;
struct omap_synctimer_s *omap_synctimer_init(struct omap_target_agent_s *ta,
struct omap_mpu_state_s *mpu, omap_clk fclk, omap_clk iclk);
void omap_synctimer_reset(struct omap_synctimer_s *s);
-struct omap_tipb_bridge_s;
-struct omap_tipb_bridge_s *omap_tipb_bridge_init(target_phys_addr_t base,
-qemu_irq abort_irq, omap_clk clk);
-
struct omap_uart_s;
struct omap_uart_s *omap_uart_init(target_phys_addr_t base,
qemu_irq irq, omap_clk fclk, omap_clk iclk,
@@ -740,10 +715,6 @@ void omap_mcspi_attach(struct omap_mcspi_s *s,
int chipselect);
void omap_mcspi_reset(struct omap_mcspi_s *s);
-struct omap_rtc_s;
-struct omap_rtc_s *omap_rtc_init(target_phys_addr_t base,
-qemu_irq *irq, omap_clk clk);
-
struct I2SCodec {
void *opaque;
@@ -773,16 +744,9 @@ struct omap_mcbsp_s *omap_mcbsp_init(target_phys_addr_t
base,
qemu_irq *irq, qemu_irq *dma, omap_clk clk);
void omap_mcbsp_i2s_attach(struct omap_mcbsp_s *s, I2SCodec *slave);
-struct omap_lpg_s;
-struct omap_lpg_s *omap_lpg_init(target_phys_addr_t base, omap_clk clk);
-
void omap_tap_init(struct omap_target_agent_s *ta,
struct omap_mpu_state_s *mpu);
-struct omap_eac_s;
-struct omap_eac_s *omap_eac_init(struct omap_target_agent_s *ta,
-qemu_irq irq, qemu_irq *drq, omap_clk fclk, omap_clk iclk);
-
/* omap_lcdc.c */
struct omap_lcd_panel_s;
void omap_lcdc_reset(struct omap_lcd_panel_s *s);
diff --git a/hw/omap1.c b/hw/omap1.c
index 301eec5..e38fd83 100644
--- a/hw/omap1.c
+++ b/hw/omap1.c
@@ -247,7 +247,7 @@ static void omap_mpu_timer_reset(struct omap_mpu_timer_s *s)
s->it_ena = 1;
}
-struct omap_mpu_timer_s *omap_mpu_timer_init(target_phys_addr_t base,
+static struct omap_mpu_timer_s *omap_mpu_timer_init(target_phys_addr_t base,
qemu_irq irq, omap_clk clk)
{
int iomemtype;
@@ -371,7 +371,7 @@ static void omap_wd_timer_reset(struct
omap_watchdog_timer_s *s)
omap_timer_update(&s->timer);
}
-struct omap_watchdog_timer_s *omap_wd_timer_init(target_phys_addr_t base,
+static struct omap_watchdog_timer_s *omap_wd_timer_init(target_phys_addr_t
base,
qemu_irq irq, omap_clk clk)
{
int iomemtype;
@@ -473,7 +473,7 @@ static void omap_os_timer_reset(struct omap_32khz_timer_s
*s)
s->timer.ar = 1;
}
-struct omap_32khz_timer_s *omap_os_timer_init(target_phys_addr_t base,
+static struct omap_32khz_timer_s *omap_os_timer_init(target_phys_addr_t base,
qemu_irq irq, omap_clk clk)
{
int iomemtype;
@@ -1180,7 +1180,7 @@ static void omap_tipb_bridge_reset(struct
omap_tipb_bridge_s *s)
s->enh_control = 0x000f;
}
-struct omap_tipb_bridge_s *omap_tipb_bridge_init(target_phys_addr_t base,
+static struct omap_tipb_bridge_s *omap_tipb_bridge_init(target_phys_addr_t
base,
qemu_irq abort_irq, omap_clk clk)
{
int iomemtype;
@@ -3506,7 +3506,7 @@ static void omap_lpg_clk_update(void *opaque, int line,
int on)
omap_lpg_update(s);
}
-struct omap_lpg_s *omap_lpg_init(target_phys_addr_t base, omap_clk cl
[Qemu-devel] [PATCH 10/12] hw/omwp2.c : separate l4 interconnect module
Signed-off-by: cmchao
---
Makefile.target |3 +-
hw/omap.h | 37 ++--
hw/omap2.c | 269 ++-
hw/omap_l4.c| 271 +++
4 files changed, 307 insertions(+), 273 deletions(-)
create mode 100644 hw/omap_l4.c
diff --git a/Makefile.target b/Makefile.target
index 39d2858..20bcb8a 100644
--- a/Makefile.target
+++ b/Makefile.target
@@ -264,7 +264,8 @@ obj-arm-y += pxa2xx_lcd.o pxa2xx_mmci.o pxa2xx_pcmcia.o
pxa2xx_keypad.o
obj-arm-y += gumstix.o
obj-arm-y += zaurus.o ide/microdrive.o spitz.o tosa.o tc6393xb.o
obj-arm-y += omap1.o omap_lcdc.o omap_dma.o omap_clk.o omap_mmc.o omap_i2c.o
omap_gpio.o omap_intc.o
-obj-arm-y += omap2.o omap_dss.o soc_dma.o omap_gptimer.o omap_synctimer.o
omap_gpmc.o omap_sdrc.o omap_spi.o omap_tap.o
+obj-arm-y += omap2.o omap_dss.o soc_dma.o omap_gptimer.o omap_synctimer.o \
+ omap_gpmc.o omap_sdrc.o omap_spi.o omap_tap.o omap_l4.o
obj-arm-y += omap_sx1.o palm.o tsc210x.o
obj-arm-y += nseries.o blizzard.o onenand.o vga.o cbus.o tusb6010.o usb-musb.o
obj-arm-y += mst_fpga.o mainstone.o
diff --git a/hw/omap.h b/hw/omap.h
index fef495a..34443b4 100644
--- a/hw/omap.h
+++ b/hw/omap.h
@@ -61,15 +61,40 @@ void omap_clk_setrate(omap_clk clk, int divide, int
multiply);
int64_t omap_clk_getrate(omap_clk clk);
void omap_clk_reparent(omap_clk clk, omap_clk parent);
-/* omap[123].c */
+/* OMAP2 l4 Interconnect */
struct omap_l4_s;
+struct omap_l4_region_s {
+target_phys_addr_t offset;
+size_t size;
+int access;
+};
+struct omap_l4_agent_info_s {
+int ta;
+int region;
+int regions;
+int ta_region;
+};
+struct omap_target_agent_s {
+struct omap_l4_s *bus;
+int regions;
+const struct omap_l4_region_s *start;
+target_phys_addr_t base;
+uint32_t component;
+uint32_t control;
+uint32_t status;
+};
struct omap_l4_s *omap_l4_init(target_phys_addr_t base, int ta_num);
struct omap_target_agent_s;
-struct omap_target_agent_s *omap_l4ta_get(struct omap_l4_s *bus, int cs);
+struct omap_target_agent_s *omap_l4ta_get(
+struct omap_l4_s *bus,
+const struct omap_l4_region_s *regions,
+const struct omap_l4_agent_info_s *agents,
+int cs);
target_phys_addr_t omap_l4_attach(struct omap_target_agent_s *ta, int region,
int iotype);
-# define l4_register_io_memory cpu_register_io_memory
+int l4_register_io_memory(CPUReadMemoryFunc * const *mem_read,
+CPUWriteMemoryFunc * const *mem_write, void *opaque);
/* OMAP interrupt controller */
struct omap_intr_handler_s;
@@ -1146,10 +1171,4 @@ inline static int
debug_register_io_memory(CPUReadMemoryFunc * const *mem_read,
/* Define when we want to reduce the number of IO regions registered. */
/*# define L4_MUX_HACK*/
-# ifdef L4_MUX_HACK
-# undef l4_register_io_memory
-int l4_register_io_memory(CPUReadMemoryFunc * const *mem_read,
- CPUWriteMemoryFunc * const *mem_write, void *opaque);
-# endif
-
#endif /* hw_omap_h */
diff --git a/hw/omap2.c b/hw/omap2.c
index 7403077..9bac954 100644
--- a/hw/omap2.c
+++ b/hw/omap2.c
@@ -795,195 +795,10 @@ static struct omap_sti_s *omap_sti_init(struct
omap_target_agent_s *ta,
}
/* L4 Interconnect */
-struct omap_target_agent_s {
-struct omap_l4_s *bus;
-int regions;
-struct omap_l4_region_s *start;
-target_phys_addr_t base;
-uint32_t component;
-uint32_t control;
-uint32_t status;
-};
-
-struct omap_l4_s {
-target_phys_addr_t base;
-int ta_num;
-struct omap_target_agent_s ta[0];
-};
-
-#ifdef L4_MUX_HACK
-static int omap_l4_io_entries;
-static int omap_cpu_io_entry;
-static struct omap_l4_entry {
-CPUReadMemoryFunc * const *mem_read;
-CPUWriteMemoryFunc * const *mem_write;
-void *opaque;
-} *omap_l4_io_entry;
-static CPUReadMemoryFunc * const *omap_l4_io_readb_fn;
-static CPUReadMemoryFunc * const *omap_l4_io_readh_fn;
-static CPUReadMemoryFunc * const *omap_l4_io_readw_fn;
-static CPUWriteMemoryFunc * const *omap_l4_io_writeb_fn;
-static CPUWriteMemoryFunc * const *omap_l4_io_writeh_fn;
-static CPUWriteMemoryFunc * const *omap_l4_io_writew_fn;
-static void **omap_l4_io_opaque;
-
-int l4_register_io_memory(CPUReadMemoryFunc * const *mem_read,
-CPUWriteMemoryFunc * const *mem_write, void *opaque)
-{
-omap_l4_io_entry[omap_l4_io_entries].mem_read = mem_read;
-omap_l4_io_entry[omap_l4_io_entries].mem_write = mem_write;
-omap_l4_io_entry[omap_l4_io_entries].opaque = opaque;
-
-return omap_l4_io_entries ++;
-}
-
-static uint32_t omap_l4_io_readb(void *opaque, target_phys_addr_t addr)
-{
-unsigned int i = (addr - OMAP2_L4_BASE) >> TARGET_PAGE_BITS;
-
-return omap_l4_io_readb_fn[i](omap_l4_io_opaque[i], addr);
-}
-
-static uint32_t omap_l4_io_readh(void *opaque, target_phys_addr_t addr)
-{
-unsigned int i = (addr - OMAP2_L4_BASE) >> TARGET_
[Qemu-devel] [PATCH 01/12] hw/omap1.c : separate gpio module
Signed-off-by: cmchao
---
Makefile.target |2 +-
hw/omap.h |1 +
hw/omap1.c | 181 -
hw/omap_gpio.c | 202 +++
4 files changed, 204 insertions(+), 182 deletions(-)
create mode 100644 hw/omap_gpio.c
diff --git a/Makefile.target b/Makefile.target
index fda5bf3..eb5c84a 100644
--- a/Makefile.target
+++ b/Makefile.target
@@ -263,7 +263,7 @@ obj-arm-y += pxa2xx.o pxa2xx_pic.o pxa2xx_gpio.o
pxa2xx_timer.o pxa2xx_dma.o
obj-arm-y += pxa2xx_lcd.o pxa2xx_mmci.o pxa2xx_pcmcia.o pxa2xx_keypad.o
obj-arm-y += gumstix.o
obj-arm-y += zaurus.o ide/microdrive.o spitz.o tosa.o tc6393xb.o
-obj-arm-y += omap1.o omap_lcdc.o omap_dma.o omap_clk.o omap_mmc.o omap_i2c.o
+obj-arm-y += omap1.o omap_lcdc.o omap_dma.o omap_clk.o omap_mmc.o omap_i2c.o
omap_gpio.o
obj-arm-y += omap2.o omap_dss.o soc_dma.o
obj-arm-y += omap_sx1.o palm.o tsc210x.o
obj-arm-y += nseries.o blizzard.o onenand.o vga.o cbus.o tusb6010.o usb-musb.o
diff --git a/hw/omap.h b/hw/omap.h
index d305779..ebd166f 100644
--- a/hw/omap.h
+++ b/hw/omap.h
@@ -671,6 +671,7 @@ void omap_mpuio_key(struct omap_mpuio_s *s, int row, int
col, int down);
struct omap_gpio_s;
struct omap_gpio_s *omap_gpio_init(target_phys_addr_t base,
qemu_irq irq, omap_clk clk);
+void omap_gpio_reset(struct omap_gpio_s *s);
qemu_irq *omap_gpio_in_get(struct omap_gpio_s *s);
void omap_gpio_out_set(struct omap_gpio_s *s, int line, qemu_irq handler);
diff --git a/hw/omap1.c b/hw/omap1.c
index 8649dbd..8b78c05 100644
--- a/hw/omap1.c
+++ b/hw/omap1.c
@@ -2804,187 +2804,6 @@ void omap_mpuio_key(struct omap_mpuio_s *s, int row,
int col, int down)
omap_mpuio_kbd_update(s);
}
-/* General-Purpose I/O */
-struct omap_gpio_s {
-qemu_irq irq;
-qemu_irq *in;
-qemu_irq handler[16];
-
-uint16_t inputs;
-uint16_t outputs;
-uint16_t dir;
-uint16_t edge;
-uint16_t mask;
-uint16_t ints;
-uint16_t pins;
-};
-
-static void omap_gpio_set(void *opaque, int line, int level)
-{
-struct omap_gpio_s *s = (struct omap_gpio_s *) opaque;
-uint16_t prev = s->inputs;
-
-if (level)
-s->inputs |= 1 << line;
-else
-s->inputs &= ~(1 << line);
-
-if (((s->edge & s->inputs & ~prev) | (~s->edge & ~s->inputs & prev)) &
-(1 << line) & s->dir & ~s->mask) {
-s->ints |= 1 << line;
-qemu_irq_raise(s->irq);
-}
-}
-
-static uint32_t omap_gpio_read(void *opaque, target_phys_addr_t addr)
-{
-struct omap_gpio_s *s = (struct omap_gpio_s *) opaque;
-int offset = addr & OMAP_MPUI_REG_MASK;
-
-switch (offset) {
-case 0x00: /* DATA_INPUT */
-return s->inputs & s->pins;
-
-case 0x04: /* DATA_OUTPUT */
-return s->outputs;
-
-case 0x08: /* DIRECTION_CONTROL */
-return s->dir;
-
-case 0x0c: /* INTERRUPT_CONTROL */
-return s->edge;
-
-case 0x10: /* INTERRUPT_MASK */
-return s->mask;
-
-case 0x14: /* INTERRUPT_STATUS */
-return s->ints;
-
-case 0x18: /* PIN_CONTROL (not in OMAP310) */
-OMAP_BAD_REG(addr);
-return s->pins;
-}
-
-OMAP_BAD_REG(addr);
-return 0;
-}
-
-static void omap_gpio_write(void *opaque, target_phys_addr_t addr,
-uint32_t value)
-{
-struct omap_gpio_s *s = (struct omap_gpio_s *) opaque;
-int offset = addr & OMAP_MPUI_REG_MASK;
-uint16_t diff;
-int ln;
-
-switch (offset) {
-case 0x00: /* DATA_INPUT */
-OMAP_RO_REG(addr);
-return;
-
-case 0x04: /* DATA_OUTPUT */
-diff = (s->outputs ^ value) & ~s->dir;
-s->outputs = value;
-while ((ln = ffs(diff))) {
-ln --;
-if (s->handler[ln])
-qemu_set_irq(s->handler[ln], (value >> ln) & 1);
-diff &= ~(1 << ln);
-}
-break;
-
-case 0x08: /* DIRECTION_CONTROL */
-diff = s->outputs & (s->dir ^ value);
-s->dir = value;
-
-value = s->outputs & ~s->dir;
-while ((ln = ffs(diff))) {
-ln --;
-if (s->handler[ln])
-qemu_set_irq(s->handler[ln], (value >> ln) & 1);
-diff &= ~(1 << ln);
-}
-break;
-
-case 0x0c: /* INTERRUPT_CONTROL */
-s->edge = value;
-break;
-
-case 0x10: /* INTERRUPT_MASK */
-s->mask = value;
-break;
-
-case 0x14: /* INTERRUPT_STATUS */
-s->ints &= ~value;
-if (!s->ints)
-qemu_irq_lower(s->irq);
-break;
-
-case 0x18: /* PIN_CONTROL (not in OMAP310 TRM) */
-OMAP_BAD_REG(addr);
-s->pins = value;
-break;
-
-default:
-OMAP_BAD_REG(addr);
-return;
-}
-}
-
-/* *Some* sources say the memory region is 32-bit. */
-static CPUReadMemoryFunc * const omap_gpio_readfn[] = {
-omap_badwidth_read16,
-omap_gpio_read,
-omap_badwidth_re
[Qemu-devel] [PATCH 07/12] hw/omap1.c : separate interrupt controller module
Signed-off-by: cmchao
---
Makefile.target |2 +-
hw/omap.h |2 +
hw/omap1.c | 576 +
hw/omap_intc.c | 598 +++
4 files changed, 603 insertions(+), 575 deletions(-)
create mode 100644 hw/omap_intc.c
diff --git a/Makefile.target b/Makefile.target
index 59dd0d4..9a309e2 100644
--- a/Makefile.target
+++ b/Makefile.target
@@ -263,7 +263,7 @@ obj-arm-y += pxa2xx.o pxa2xx_pic.o pxa2xx_gpio.o
pxa2xx_timer.o pxa2xx_dma.o
obj-arm-y += pxa2xx_lcd.o pxa2xx_mmci.o pxa2xx_pcmcia.o pxa2xx_keypad.o
obj-arm-y += gumstix.o
obj-arm-y += zaurus.o ide/microdrive.o spitz.o tosa.o tc6393xb.o
-obj-arm-y += omap1.o omap_lcdc.o omap_dma.o omap_clk.o omap_mmc.o omap_i2c.o
omap_gpio.o
+obj-arm-y += omap1.o omap_lcdc.o omap_dma.o omap_clk.o omap_mmc.o omap_i2c.o
omap_gpio.o omap_intc.o
obj-arm-y += omap2.o omap_dss.o soc_dma.o omap_gptimer.o omap_synctimer.o
omap_gpmc.o omap_sdrc.o
obj-arm-y += omap_sx1.o palm.o tsc210x.o
obj-arm-y += nseries.o blizzard.o onenand.o vga.o cbus.o tusb6010.o usb-musb.o
diff --git a/hw/omap.h b/hw/omap.h
index ad4a465..ea23ec9 100644
--- a/hw/omap.h
+++ b/hw/omap.h
@@ -71,6 +71,7 @@ target_phys_addr_t omap_l4_attach(struct omap_target_agent_s
*ta, int region,
int iotype);
# define l4_register_io_memory cpu_register_io_memory
+/* OMAP interrupt controller */
struct omap_intr_handler_s;
struct omap_intr_handler_s *omap_inth_init(target_phys_addr_t base,
unsigned long size, unsigned char nbanks, qemu_irq **pins,
@@ -80,6 +81,7 @@ struct omap_intr_handler_s
*omap2_inth_init(target_phys_addr_t base,
qemu_irq parent_irq, qemu_irq parent_fiq,
omap_clk fclk, omap_clk iclk);
void omap_inth_reset(struct omap_intr_handler_s *s);
+qemu_irq omap_inth_get_pin(struct omap_intr_handler_s *s, int n);
struct omap_prcm_s;
struct omap_prcm_s *omap_prcm_init(struct omap_target_agent_s *ta,
diff --git a/hw/omap1.c b/hw/omap1.c
index 8b78c05..21c53fe 100644
--- a/hw/omap1.c
+++ b/hw/omap1.c
@@ -79,578 +79,6 @@ void omap_badwidth_write32(void *opaque, target_phys_addr_t
addr,
cpu_physical_memory_write(addr, (void *) &value, 4);
}
-/* Interrupt Handlers */
-struct omap_intr_handler_bank_s {
-uint32_t irqs;
-uint32_t inputs;
-uint32_t mask;
-uint32_t fiq;
-uint32_t sens_edge;
-uint32_t swi;
-unsigned char priority[32];
-};
-
-struct omap_intr_handler_s {
-qemu_irq *pins;
-qemu_irq parent_intr[2];
-unsigned char nbanks;
-int level_only;
-
-/* state */
-uint32_t new_agr[2];
-int sir_intr[2];
-int autoidle;
-uint32_t mask;
-struct omap_intr_handler_bank_s bank[];
-};
-
-static void omap_inth_sir_update(struct omap_intr_handler_s *s, int is_fiq)
-{
-int i, j, sir_intr, p_intr, p, f;
-uint32_t level;
-sir_intr = 0;
-p_intr = 255;
-
-/* Find the interrupt line with the highest dynamic priority.
- * Note: 0 denotes the hightest priority.
- * If all interrupts have the same priority, the default order is IRQ_N,
- * IRQ_N-1,...,IRQ_0. */
-for (j = 0; j < s->nbanks; ++j) {
-level = s->bank[j].irqs & ~s->bank[j].mask &
-(is_fiq ? s->bank[j].fiq : ~s->bank[j].fiq);
-for (f = ffs(level), i = f - 1, level >>= f - 1; f; i += f,
-level >>= f) {
-p = s->bank[j].priority[i];
-if (p <= p_intr) {
-p_intr = p;
-sir_intr = 32 * j + i;
-}
-f = ffs(level >> 1);
-}
-}
-s->sir_intr[is_fiq] = sir_intr;
-}
-
-static inline void omap_inth_update(struct omap_intr_handler_s *s, int is_fiq)
-{
-int i;
-uint32_t has_intr = 0;
-
-for (i = 0; i < s->nbanks; ++i)
-has_intr |= s->bank[i].irqs & ~s->bank[i].mask &
-(is_fiq ? s->bank[i].fiq : ~s->bank[i].fiq);
-
-if (s->new_agr[is_fiq] & has_intr & s->mask) {
-s->new_agr[is_fiq] = 0;
-omap_inth_sir_update(s, is_fiq);
-qemu_set_irq(s->parent_intr[is_fiq], 1);
-}
-}
-
-#define INT_FALLING_EDGE 0
-#define INT_LOW_LEVEL 1
-
-static void omap_set_intr(void *opaque, int irq, int req)
-{
-struct omap_intr_handler_s *ih = (struct omap_intr_handler_s *) opaque;
-uint32_t rise;
-
-struct omap_intr_handler_bank_s *bank = &ih->bank[irq >> 5];
-int n = irq & 31;
-
-if (req) {
-rise = ~bank->irqs & (1 << n);
-if (~bank->sens_edge & (1 << n))
-rise &= ~bank->inputs;
-
-bank->inputs |= (1 << n);
-if (rise) {
-bank->irqs |= rise;
-omap_inth_update(ih, 0);
-omap_inth_update(ih, 1);
-}
-} else {
-rise = bank->sens_edge & bank->irqs & (1 << n);
-bank->irqs &= ~rise;
-bank->inputs &= ~(1 << n);
-}
-}
-
-/* Simplified version with no edge detect
[Qemu-devel] [PATCH 02/12] hw/omap2.c : separate gpio module
Signed-off-by: cmchao
---
hw/omap.h |3 +
hw/omap2.c | 523
hw/omap_gpio.c | 523
3 files changed, 526 insertions(+), 523 deletions(-)
diff --git a/hw/omap.h b/hw/omap.h
index ebd166f..a37ee54 100644
--- a/hw/omap.h
+++ b/hw/omap.h
@@ -668,6 +668,7 @@ qemu_irq *omap_mpuio_in_get(struct omap_mpuio_s *s);
void omap_mpuio_out_set(struct omap_mpuio_s *s, int line, qemu_irq handler);
void omap_mpuio_key(struct omap_mpuio_s *s, int row, int col, int down);
+/* omap1 gpio module interface */
struct omap_gpio_s;
struct omap_gpio_s *omap_gpio_init(target_phys_addr_t base,
qemu_irq irq, omap_clk clk);
@@ -675,9 +676,11 @@ void omap_gpio_reset(struct omap_gpio_s *s);
qemu_irq *omap_gpio_in_get(struct omap_gpio_s *s);
void omap_gpio_out_set(struct omap_gpio_s *s, int line, qemu_irq handler);
+/* omap2 gpio interface */
struct omap_gpif_s;
struct omap_gpif_s *omap2_gpio_init(struct omap_target_agent_s *ta,
qemu_irq *irq, omap_clk *fclk, omap_clk iclk, int modules);
+void omap_gpif_reset(struct omap_gpif_s *s);
qemu_irq *omap2_gpio_in_get(struct omap_gpif_s *s, int start);
void omap2_gpio_out_set(struct omap_gpif_s *s, int line, qemu_irq handler);
diff --git a/hw/omap2.c b/hw/omap2.c
index bd1b35e..bf5539d 100644
--- a/hw/omap2.c
+++ b/hw/omap2.c
@@ -557,529 +557,6 @@ void omap_synctimer_init(struct omap_target_agent_s *ta,
omap_synctimer_readfn, omap_synctimer_writefn, s));
}
-/* General-Purpose Interface of OMAP2 */
-struct omap2_gpio_s {
-qemu_irq irq[2];
-qemu_irq wkup;
-qemu_irq *in;
-qemu_irq handler[32];
-
-uint8_t config[2];
-uint32_t inputs;
-uint32_t outputs;
-uint32_t dir;
-uint32_t level[2];
-uint32_t edge[2];
-uint32_t mask[2];
-uint32_t wumask;
-uint32_t ints[2];
-uint32_t debounce;
-uint8_t delay;
-};
-
-static inline void omap_gpio_module_int_update(struct omap2_gpio_s *s,
-int line)
-{
-qemu_set_irq(s->irq[line], s->ints[line] & s->mask[line]);
-}
-
-static void omap_gpio_module_wake(struct omap2_gpio_s *s, int line)
-{
-if (!(s->config[0] & (1 << 2)))/* ENAWAKEUP */
-return;
-if (!(s->config[0] & (3 << 3)))/* Force Idle */
-return;
-if (!(s->wumask & (1 << line)))
-return;
-
-qemu_irq_raise(s->wkup);
-}
-
-static inline void omap_gpio_module_out_update(struct omap2_gpio_s *s,
-uint32_t diff)
-{
-int ln;
-
-s->outputs ^= diff;
-diff &= ~s->dir;
-while ((ln = ffs(diff))) {
-ln --;
-qemu_set_irq(s->handler[ln], (s->outputs >> ln) & 1);
-diff &= ~(1 << ln);
-}
-}
-
-static void omap_gpio_module_level_update(struct omap2_gpio_s *s, int line)
-{
-s->ints[line] |= s->dir &
-((s->inputs & s->level[1]) | (~s->inputs & s->level[0]));
-omap_gpio_module_int_update(s, line);
-}
-
-static inline void omap_gpio_module_int(struct omap2_gpio_s *s, int line)
-{
-s->ints[0] |= 1 << line;
-omap_gpio_module_int_update(s, 0);
-s->ints[1] |= 1 << line;
-omap_gpio_module_int_update(s, 1);
-omap_gpio_module_wake(s, line);
-}
-
-static void omap_gpio_module_set(void *opaque, int line, int level)
-{
-struct omap2_gpio_s *s = (struct omap2_gpio_s *) opaque;
-
-if (level) {
-if (s->dir & (1 << line) & ((~s->inputs & s->edge[0]) | s->level[1]))
-omap_gpio_module_int(s, line);
-s->inputs |= 1 << line;
-} else {
-if (s->dir & (1 << line) & ((s->inputs & s->edge[1]) | s->level[0]))
-omap_gpio_module_int(s, line);
-s->inputs &= ~(1 << line);
-}
-}
-
-static void omap_gpio_module_reset(struct omap2_gpio_s *s)
-{
-s->config[0] = 0;
-s->config[1] = 2;
-s->ints[0] = 0;
-s->ints[1] = 0;
-s->mask[0] = 0;
-s->mask[1] = 0;
-s->wumask = 0;
-s->dir = ~0;
-s->level[0] = 0;
-s->level[1] = 0;
-s->edge[0] = 0;
-s->edge[1] = 0;
-s->debounce = 0;
-s->delay = 0;
-}
-
-static uint32_t omap_gpio_module_read(void *opaque, target_phys_addr_t addr)
-{
-struct omap2_gpio_s *s = (struct omap2_gpio_s *) opaque;
-
-switch (addr) {
-case 0x00: /* GPIO_REVISION */
-return 0x18;
-
-case 0x10: /* GPIO_SYSCONFIG */
-return s->config[0];
-
-case 0x14: /* GPIO_SYSSTATUS */
-return 0x01;
-
-case 0x18: /* GPIO_IRQSTATUS1 */
-return s->ints[0];
-
-case 0x1c: /* GPIO_IRQENABLE1 */
-case 0x60: /* GPIO_CLEARIRQENABLE1 */
-case 0x64: /* GPIO_SETIRQENABLE1 */
-return s->mask[0];
-
-case 0x20: /* GPIO_WAKEUPENABLE */
-case 0x80: /* GPIO_CLEARWKUENA */
-case 0x84: /* GPIO_SETWKUENA */
-return s->wumask;
-
-case 0x28: /* GPIO_IRQSTATUS2 */
-return s->ints[1];
-
-case 0x2c: /* GPIO_IR
[Qemu-devel] [PATCH 00/12] refactor OMAP implementation
The following changes since commit 29f91781bd300b228d9c38b9f6c1e0b6a38f25fb: Jes Sorensen (1): vhost_net.c: v2 Fix build failure introduced by 0bfcd599e3f5c5679cc7d0165a0a1822e2f60de2 The patches almostly base on http://meego.gitorious.org/qemu-maemo/qemu work and act as preparatory work to merge their OMAP3 and beagleboard support. All the work are to separate modules, which will be shared or extended in OMAP3 implementation and make certain local function static [PATCH 01/12] hw/omap1.c : separate gpio module [PATCH 02/12] hw/omap2.c : separate gpio module [PATCH 03/12] hw/omap2.c : separate gptimer module [PATCH 04/12] hw/omap2.c : separate synctimer module [PATCH 05/12] hw/omap2.c : separate gpmc(general purpose memory controller) [PATCH 06/12] hw/omap2.c : separate sdrc (sdram controller) [PATCH 07/12] hw/omap1.c : separate interrupt controller module [PATCH 08/12] hw/omap2.c : separate spi module [PATCH 09/12] hw/omap2.c : separate tap module(Test-Chip-level) [PATCH 10/12] hw/omwp2.c : separate l4 interconnect module [PATCH 11/12] hw/omap1.c : separate uart module [PATCH 12/12] hw/omap : make local function static and remove declaration from header
[Qemu-devel] Re: [PULL 00/14] Block patches
Am 28.05.2010 18:48, schrieb Anthony Liguori: > On 05/28/2010 11:45 AM, Kevin Wolf wrote: >> Hi Anthony, >> >> this includes again some patches that should be applied to stable-0.12, too: >> >> 86fa8da qcow2: Fix corruption after error in update_refcount >> 25408c0 qcow2: Fix corruption after refblock allocation >> cbf1dff block: Fix multiwrite with overlapping requests >> 175e115 qcow2: Fix error handling in l2_allocate >> 1b7c801 qcow2: Clear L2 table cache after write error >> > > Can you do a separate pull request for stable? Ok, will do. Just to be sure: The commit IDs stay the same after you have pulled, so that cherry-pick -x lines are still meaningful then? Kevin
[Qemu-devel] Re: [PULL 00/14] Block patches
On 05/28/2010 11:45 AM, Kevin Wolf wrote: Hi Anthony, this includes again some patches that should be applied to stable-0.12, too: 86fa8da qcow2: Fix corruption after error in update_refcount 25408c0 qcow2: Fix corruption after refblock allocation cbf1dff block: Fix multiwrite with overlapping requests 175e115 qcow2: Fix error handling in l2_allocate 1b7c801 qcow2: Clear L2 table cache after write error Can you do a separate pull request for stable? Thanks. Regards, Anthony Liguori Kevin The following changes since commit 29f91781bd300b228d9c38b9f6c1e0b6a38f25fb: Jes Sorensen (1): vhost_net.c: v2 Fix build failure introduced by 0bfcd599e3f5c5679cc7d0165a0a1822e2f60de2 are available in the git repository at: git://repo.or.cz/qemu/kevin.git for-anthony Gerd Hoffmann (1): drive: allow rerror, werror and readonly for if=none Jes Sorensen (1): block.h: Make BDRV_SECTOR_SIZE 64 bit safe Kevin Wolf (9): qcow2: Clear L2 table cache after write error qcow2: Fix error handling in l2_allocate block: Fix multiwrite with overlapping requests qemu-io: Add multiwrite command qcow2: Allow qcow2_get_cluster_offset to return errors qcow2: Change l2_load to return 0/-errno qcow2: Return right error code in write_refcount_block_entries qcow2: Fix corruption after refblock allocation qcow2: Fix corruption after error in update_refcount MORITA Kazutaka (1): add support for protocol driver create_options Nicholas A. Bellinger (1): block: Add missing bdrv_delete() for SG_IO BlockDriver in find_image_format() Stefan Hajnoczi (1): posix-aio-compat: Expand tabs that have crept in block.c| 13 ++-- block.h|3 +- block/qcow2-cluster.c | 94 ++-- block/qcow2-refcount.c | 42 +++ block/qcow2.c | 16 +++- block/qcow2.h |4 +- posix-aio-compat.c | 58 +++--- qemu-img.c | 49 + qemu-io.c | 192 qemu-option.c | 53 -- qemu-option.h |2 + vl.c |6 +- 12 files changed, 414 insertions(+), 118 deletions(-)
Re: [Qemu-devel] [PATCH 02/62] add lost chunks from the original patch
On 05/28/2010 09:49 AM, Andreas Färber wrote: > Am 27.05.2010 um 22:45 schrieb Richard Henderson: > >> From: Alexander Graf >> >> --- >> tcg/s390/tcg-target.c |3 ++ >> tcg/s390/tcg-target.h | 86 >> +++-- >> 2 files changed, 86 insertions(+), 3 deletions(-) > > This one's missing an SoB, and fwiw I think it should be squashed with > the preceding one. I'm intending to squash about 25 of these so that the "base" patch actually works. Perhaps it was premature to post the 62-part edition. That said, Blue caught a license problem, so it hasn't been a complete waste of time. r~
[Qemu-devel] [PATCH 11/14] qcow2: Return right error code in write_refcount_block_entries
write_refcount_block_entries used to return -EIO for any errors. Change this to
return the real error code.
Signed-off-by: Kevin Wolf
---
block/qcow2-refcount.c | 27 +++
1 files changed, 15 insertions(+), 12 deletions(-)
diff --git a/block/qcow2-refcount.c b/block/qcow2-refcount.c
index 744107c..a7f295d 100644
--- a/block/qcow2-refcount.c
+++ b/block/qcow2-refcount.c
@@ -404,6 +404,7 @@ static int write_refcount_block_entries(BlockDriverState
*bs,
{
BDRVQcowState *s = bs->opaque;
size_t size;
+int ret;
if (cache_refcount_updates) {
return 0;
@@ -414,12 +415,13 @@ static int write_refcount_block_entries(BlockDriverState
*bs,
& ~(REFCOUNTS_PER_SECTOR - 1);
size = (last_index - first_index) << REFCOUNT_SHIFT;
+
BLKDBG_EVENT(bs->file, BLKDBG_REFBLOCK_UPDATE_PART);
-if (bdrv_pwrite(bs->file,
+ret = bdrv_pwrite(bs->file,
refcount_block_offset + (first_index << REFCOUNT_SHIFT),
-&s->refcount_block_cache[first_index], size) != size)
-{
-return -EIO;
+&s->refcount_block_cache[first_index], size);
+if (ret < 0) {
+return ret;
}
return 0;
@@ -460,10 +462,10 @@ static int QEMU_WARN_UNUSED_RESULT
update_refcount(BlockDriverState *bs,
table_index = cluster_index >> (s->cluster_bits - REFCOUNT_SHIFT);
if ((old_table_index >= 0) && (table_index != old_table_index)) {
-if (write_refcount_block_entries(bs, refcount_block_offset,
-first_index, last_index) < 0)
-{
-return -EIO;
+ret = write_refcount_block_entries(bs, refcount_block_offset,
+first_index, last_index);
+if (ret < 0) {
+return ret;
}
first_index = -1;
@@ -505,10 +507,11 @@ fail:
/* Write last changed block to disk */
if (refcount_block_offset != 0) {
-if (write_refcount_block_entries(bs, refcount_block_offset,
-first_index, last_index) < 0)
-{
-return ret < 0 ? ret : -EIO;
+int wret;
+wret = write_refcount_block_entries(bs, refcount_block_offset,
+first_index, last_index);
+if (wret < 0) {
+return ret < 0 ? ret : wret;
}
}
--
1.6.6.1
[Qemu-devel] Re: [PULL 00/14] Block patches
On 05/28/2010 11:51 AM, Kevin Wolf wrote: Am 28.05.2010 18:48, schrieb Anthony Liguori: On 05/28/2010 11:45 AM, Kevin Wolf wrote: Hi Anthony, this includes again some patches that should be applied to stable-0.12, too: 86fa8da qcow2: Fix corruption after error in update_refcount 25408c0 qcow2: Fix corruption after refblock allocation cbf1dff block: Fix multiwrite with overlapping requests 175e115 qcow2: Fix error handling in l2_allocate 1b7c801 qcow2: Clear L2 table cache after write error Can you do a separate pull request for stable? Ok, will do. Just to be sure: The commit IDs stay the same after you have pulled, so that cherry-pick -x lines are still meaningful then? Yup. Regards, Anthony Liguori Kevin
[Qemu-devel] [PATCH 07/14] posix-aio-compat: Expand tabs that have crept in
From: Stefan Hajnoczi
This patch expands tabs on a few lines so the code formats nicely and
follows the QEMU coding style.
Signed-off-by: Stefan Hajnoczi
Signed-off-by: Kevin Wolf
---
posix-aio-compat.c | 58 ++--
1 files changed, 29 insertions(+), 29 deletions(-)
diff --git a/posix-aio-compat.c b/posix-aio-compat.c
index b43c531..a67ffe3 100644
--- a/posix-aio-compat.c
+++ b/posix-aio-compat.c
@@ -35,7 +35,7 @@ struct qemu_paiocb {
int aio_fildes;
union {
struct iovec *aio_iov;
- void *aio_ioctl_buf;
+void *aio_ioctl_buf;
};
int aio_niov;
size_t aio_nbytes;
@@ -119,21 +119,21 @@ static void thread_create(pthread_t *thread,
pthread_attr_t *attr,
static ssize_t handle_aiocb_ioctl(struct qemu_paiocb *aiocb)
{
- int ret;
-
- ret = ioctl(aiocb->aio_fildes, aiocb->aio_ioctl_cmd,
aiocb->aio_ioctl_buf);
- if (ret == -1)
- return -errno;
-
- /*
-* This looks weird, but the aio code only consideres a request
-* successfull if it has written the number full number of bytes.
-*
-* Now we overload aio_nbytes as aio_ioctl_cmd for the ioctl command,
-* so in fact we return the ioctl command here to make posix_aio_read()
-* happy..
-*/
- return aiocb->aio_nbytes;
+int ret;
+
+ret = ioctl(aiocb->aio_fildes, aiocb->aio_ioctl_cmd, aiocb->aio_ioctl_buf);
+if (ret == -1)
+return -errno;
+
+/*
+ * This looks weird, but the aio code only consideres a request
+ * successfull if it has written the number full number of bytes.
+ *
+ * Now we overload aio_nbytes as aio_ioctl_cmd for the ioctl command,
+ * so in fact we return the ioctl command here to make posix_aio_read()
+ * happy..
+ */
+return aiocb->aio_nbytes;
}
static ssize_t handle_aiocb_flush(struct qemu_paiocb *aiocb)
@@ -249,10 +249,10 @@ static ssize_t handle_aiocb_rw(struct qemu_paiocb *aiocb)
* Try preadv/pwritev first and fall back to linearizing the
* buffer if it's not supported.
*/
- if (preadv_present) {
+if (preadv_present) {
nbytes = handle_aiocb_rw_vector(aiocb);
if (nbytes == aiocb->aio_nbytes)
- return nbytes;
+return nbytes;
if (nbytes < 0 && nbytes != -ENOSYS)
return nbytes;
preadv_present = 0;
@@ -335,19 +335,19 @@ static void *aio_thread(void *unused)
switch (aiocb->aio_type & QEMU_AIO_TYPE_MASK) {
case QEMU_AIO_READ:
case QEMU_AIO_WRITE:
- ret = handle_aiocb_rw(aiocb);
- break;
+ret = handle_aiocb_rw(aiocb);
+break;
case QEMU_AIO_FLUSH:
-ret = handle_aiocb_flush(aiocb);
-break;
+ret = handle_aiocb_flush(aiocb);
+break;
case QEMU_AIO_IOCTL:
- ret = handle_aiocb_ioctl(aiocb);
- break;
- default:
- fprintf(stderr, "invalid aio request (0x%x)\n",
aiocb->aio_type);
- ret = -EINVAL;
- break;
- }
+ret = handle_aiocb_ioctl(aiocb);
+break;
+default:
+fprintf(stderr, "invalid aio request (0x%x)\n", aiocb->aio_type);
+ret = -EINVAL;
+break;
+}
mutex_lock(&lock);
aiocb->ret = ret;
--
1.6.6.1
Re: [Qemu-devel] [PATCH 02/62] add lost chunks from the original patch
Am 27.05.2010 um 22:45 schrieb Richard Henderson: From: Alexander Graf --- tcg/s390/tcg-target.c |3 ++ tcg/s390/tcg-target.h | 86 +++-- 2 files changed, 86 insertions(+), 3 deletions(-) This one's missing an SoB, and fwiw I think it should be squashed with the preceding one. Andreas
[Qemu-devel] [PATCH 13/14] qcow2: Fix corruption after error in update_refcount
After it is done with updating refcounts in the cache, update_refcount writes
all changed entries to disk. If a refcount block allocation fails, however,
there was no change yet and therefore first_index = last_index = -1. Don't
treat -1 as a normal sector index (resulting in a 512 byte write!) but return
without updating anything in this case.
Signed-off-by: Kevin Wolf
---
block/qcow2-refcount.c |4
1 files changed, 4 insertions(+), 0 deletions(-)
diff --git a/block/qcow2-refcount.c b/block/qcow2-refcount.c
index 5b7cda4..22b0b45 100644
--- a/block/qcow2-refcount.c
+++ b/block/qcow2-refcount.c
@@ -417,6 +417,10 @@ static int write_refcount_block_entries(BlockDriverState
*bs,
return 0;
}
+if (first_index < 0) {
+return 0;
+}
+
first_index &= ~(REFCOUNTS_PER_SECTOR - 1);
last_index = (last_index + REFCOUNTS_PER_SECTOR)
& ~(REFCOUNTS_PER_SECTOR - 1);
--
1.6.6.1
[Qemu-devel] [PATCH 04/14] qemu-io: Add multiwrite command
The new multiwrite commands allows to use qemu-io for testing
bdrv_aio_multiwrite.
Signed-off-by: Kevin Wolf
---
qemu-io.c | 192 +
1 files changed, 192 insertions(+), 0 deletions(-)
diff --git a/qemu-io.c b/qemu-io.c
index f39109e..72a4524 100644
--- a/qemu-io.c
+++ b/qemu-io.c
@@ -267,6 +267,47 @@ static int do_aio_writev(QEMUIOVector *qiov, int64_t
offset, int *total)
return async_ret < 0 ? async_ret : 1;
}
+struct multiwrite_async_ret {
+ int num_done;
+ int error;
+};
+
+static void multiwrite_cb(void *opaque, int ret)
+{
+ struct multiwrite_async_ret *async_ret = opaque;
+
+ async_ret->num_done++;
+ if (ret < 0) {
+ async_ret->error = ret;
+ }
+}
+
+static int do_aio_multiwrite(BlockRequest* reqs, int num_reqs, int *total)
+{
+ int i, ret;
+ struct multiwrite_async_ret async_ret = {
+ .num_done = 0,
+ .error = 0,
+ };
+
+ *total = 0;
+ for (i = 0; i < num_reqs; i++) {
+ reqs[i].cb = multiwrite_cb;
+ reqs[i].opaque = &async_ret;
+ *total += reqs[i].qiov->size;
+ }
+
+ ret = bdrv_aio_multiwrite(bs, reqs, num_reqs);
+ if (ret < 0) {
+ return ret;
+ }
+
+ while (async_ret.num_done < num_reqs) {
+ qemu_aio_wait();
+ }
+
+ return async_ret.error < 0 ? async_ret.error : 1;
+}
static void
read_help(void)
@@ -811,6 +852,156 @@ out:
return 0;
}
+static void
+multiwrite_help(void)
+{
+ printf(
+"\n"
+" writes a range of bytes from the given offset source from multiple
buffers,\n"
+" in a batch of requests that may be merged by qemu\n"
+"\n"
+" Example:\n"
+" 'multiwrite 512 1k 1k ; 4k 1k' \n"
+" writes 2 kB at 512 bytes and 1 kB at 4 kB into the open file\n"
+"\n"
+" Writes into a segment of the currently open file, using a buffer\n"
+" filled with a set pattern (0xcdcdcdcd). The pattern byte is increased\n"
+" by one for each request contained in the multiwrite command.\n"
+" -P, -- use different pattern to fill file\n"
+" -C, -- report statistics in a machine parsable format\n"
+" -q, -- quiet mode, do not show I/O statistics\n"
+"\n");
+}
+
+static int multiwrite_f(int argc, char **argv);
+
+static const cmdinfo_t multiwrite_cmd = {
+ .name = "multiwrite",
+ .cfunc = multiwrite_f,
+ .argmin = 2,
+ .argmax = -1,
+ .args = "[-Cq] [-P pattern ] off len [len..] [; off len
[len..]..]",
+ .oneline= "issues multiple write requests at once",
+ .help = multiwrite_help,
+};
+
+static int
+multiwrite_f(int argc, char **argv)
+{
+ struct timeval t1, t2;
+ int Cflag = 0, qflag = 0;
+ int c, cnt;
+ char **buf;
+ int64_t offset, first_offset = 0;
+ /* Some compilers get confused and warn if this is not initialized. */
+ int total = 0;
+ int nr_iov;
+ int nr_reqs;
+ int pattern = 0xcd;
+ QEMUIOVector *qiovs;
+ int i;
+ BlockRequest *reqs;
+
+ while ((c = getopt(argc, argv, "CqP:")) != EOF) {
+ switch (c) {
+ case 'C':
+ Cflag = 1;
+ break;
+ case 'q':
+ qflag = 1;
+ break;
+ case 'P':
+ pattern = parse_pattern(optarg);
+ if (pattern < 0)
+ return 0;
+ break;
+ default:
+ return command_usage(&writev_cmd);
+ }
+ }
+
+ if (optind > argc - 2)
+ return command_usage(&writev_cmd);
+
+ nr_reqs = 1;
+ for (i = optind; i < argc; i++) {
+ if (!strcmp(argv[i], ";")) {
+ nr_reqs++;
+ }
+ }
+
+ reqs = qemu_malloc(nr_reqs * sizeof(*reqs));
+ buf = qemu_malloc(nr_reqs * sizeof(*buf));
+ qiovs = qemu_malloc(nr_reqs * sizeof(*qiovs));
+
+ for (i = 0; i < nr_reqs; i++) {
+ int j;
+
+ /* Read the offset of the request */
+ offset = cvtnum(argv[optind]);
+ if (offset < 0) {
+ printf("non-numeric offset argument -- %s\n",
argv[optind]);
+ return 0;
+ }
+ optind++;
+
+ if (offset & 0x1ff) {
+ printf("offset %lld is not sector aligned\n",
+ (long long)offset);
+ return 0;
+ }
+
+if (i == 0) {
+first_offset = offset;
+}
+
+ /* Read lengths for qiov entries */
+ for (j = optind; j < argc; j++) {
+ if (!strcmp(argv[j], ";")) {
+
[Qemu-devel] [PATCH 12/14] qcow2: Fix corruption after refblock allocation
Refblock allocation code needs to take into consideration that update_refcount
will load a different refcount block into the cache, so it must initialize the
cache for a new refcount block only afterwards. Not doing this means that not
only the refcount in the wrong block is updated, but also that the caller will
work on the wrong block.
Signed-off-by: Kevin Wolf
---
block/qcow2-refcount.c | 11 +--
1 files changed, 9 insertions(+), 2 deletions(-)
diff --git a/block/qcow2-refcount.c b/block/qcow2-refcount.c
index a7f295d..5b7cda4 100644
--- a/block/qcow2-refcount.c
+++ b/block/qcow2-refcount.c
@@ -221,8 +221,6 @@ static int64_t alloc_refcount_block(BlockDriverState *bs,
int64_t cluster_index)
/* Allocate the refcount block itself and mark it as used */
uint64_t new_block = alloc_clusters_noref(bs, s->cluster_size);
-memset(s->refcount_block_cache, 0, s->cluster_size);
-s->refcount_block_cache_offset = new_block;
#ifdef DEBUG_ALLOC2
fprintf(stderr, "qcow2: Allocate refcount block %d for %" PRIx64
@@ -231,6 +229,10 @@ static int64_t alloc_refcount_block(BlockDriverState *bs,
int64_t cluster_index)
#endif
if (in_same_refcount_block(s, new_block, cluster_index <<
s->cluster_bits)) {
+/* Zero the new refcount block before updating it */
+memset(s->refcount_block_cache, 0, s->cluster_size);
+s->refcount_block_cache_offset = new_block;
+
/* The block describes itself, need to update the cache */
int block_index = (new_block >> s->cluster_bits) &
((1 << (s->cluster_bits - REFCOUNT_SHIFT)) - 1);
@@ -242,6 +244,11 @@ static int64_t alloc_refcount_block(BlockDriverState *bs,
int64_t cluster_index)
if (ret < 0) {
goto fail_block;
}
+
+/* Initialize the new refcount block only after updating its refcount,
+ * update_refcount uses the refcount cache itself */
+memset(s->refcount_block_cache, 0, s->cluster_size);
+s->refcount_block_cache_offset = new_block;
}
/* Now the new refcount block needs to be written to disk */
--
1.6.6.1
[Qemu-devel] [PATCH 08/14] block.h: Make BDRV_SECTOR_SIZE 64 bit safe
From: Jes Sorensen
C defaults to int, so make definition of BDRV_SECTOR_SIZE 64 bit
safe as it and BDRV_SECTOR_MASK may be used against 64 bit addresses.
Signed-off-by: Jes Sorensen
Signed-off-by: Kevin Wolf
---
block.h |2 +-
1 files changed, 1 insertions(+), 1 deletions(-)
diff --git a/block.h b/block.h
index 9034ebb..756670d 100644
--- a/block.h
+++ b/block.h
@@ -38,7 +38,7 @@ typedef struct QEMUSnapshotInfo {
#define BDRV_O_CACHE_MASK (BDRV_O_NOCACHE | BDRV_O_CACHE_WB)
#define BDRV_SECTOR_BITS 9
-#define BDRV_SECTOR_SIZE (1 << BDRV_SECTOR_BITS)
+#define BDRV_SECTOR_SIZE (1ULL << BDRV_SECTOR_BITS)
#define BDRV_SECTOR_MASK ~(BDRV_SECTOR_SIZE - 1)
typedef enum {
--
1.6.6.1
[Qemu-devel] [PATCH 03/14] block: Fix multiwrite with overlapping requests
With overlapping requests, the total number of sectors is smaller than the sum of the nb_sectors of both requests. Signed-off-by: Kevin Wolf --- block.c |2 +- 1 files changed, 1 insertions(+), 1 deletions(-) diff --git a/block.c b/block.c index cd70730..47be5ba 100644 --- a/block.c +++ b/block.c @@ -2019,7 +2019,7 @@ static int multiwrite_merge(BlockDriverState *bs, BlockRequest *reqs, // Add the second request qemu_iovec_concat(qiov, reqs[i].qiov, reqs[i].qiov->size); -reqs[outidx].nb_sectors += reqs[i].nb_sectors; +reqs[outidx].nb_sectors = qiov->size >> 9; reqs[outidx].qiov = qiov; mcb->callbacks[i].free_qiov = reqs[outidx].qiov; -- 1.6.6.1
[Qemu-devel] [PATCH 14/14] block: Add missing bdrv_delete() for SG_IO BlockDriver in find_image_format()
From: Nicholas A. Bellinger
This patch adds a missing bdrv_delete() call in find_image_format() so that a
SG_IO BlockDriver properly releases the temporary BlockDriverState *bs created
from bdrv_file_open()
Signed-off-by: Nicholas A. Bellinger
Reported-by: Chris Krumme
Signed-off-by: Kevin Wolf
---
block.c |4 +++-
1 files changed, 3 insertions(+), 1 deletions(-)
diff --git a/block.c b/block.c
index 24c63f6..296de89 100644
--- a/block.c
+++ b/block.c
@@ -332,8 +332,10 @@ static BlockDriver *find_image_format(const char *filename)
return NULL;
/* Return the raw BlockDriver * to scsi-generic devices */
-if (bs->sg)
+if (bs->sg) {
+bdrv_delete(bs);
return bdrv_find_format("raw");
+}
ret = bdrv_pread(bs, 0, buf, sizeof(buf));
bdrv_delete(bs);
--
1.6.6.1
[Qemu-devel] [PATCH 10/14] qcow2: Change l2_load to return 0/-errno
Provide the error code to the caller instead of just indicating success/error.
Signed-off-by: Kevin Wolf
---
block/qcow2-cluster.c | 38 ++
1 files changed, 22 insertions(+), 16 deletions(-)
diff --git a/block/qcow2-cluster.c b/block/qcow2-cluster.c
index ea98afc..03a9f25 100644
--- a/block/qcow2-cluster.c
+++ b/block/qcow2-cluster.c
@@ -157,31 +157,36 @@ static uint64_t *seek_l2_table(BDRVQcowState *s, uint64_t
l2_offset)
* the image file failed.
*/
-static uint64_t *l2_load(BlockDriverState *bs, uint64_t l2_offset)
+static int l2_load(BlockDriverState *bs, uint64_t l2_offset,
+uint64_t **l2_table)
{
BDRVQcowState *s = bs->opaque;
int min_index;
-uint64_t *l2_table;
+int ret;
/* seek if the table for the given offset is in the cache */
-l2_table = seek_l2_table(s, l2_offset);
-if (l2_table != NULL)
-return l2_table;
+*l2_table = seek_l2_table(s, l2_offset);
+if (*l2_table != NULL) {
+return 0;
+}
/* not found: load a new entry in the least used one */
min_index = l2_cache_new_entry(bs);
-l2_table = s->l2_cache + (min_index << s->l2_bits);
+*l2_table = s->l2_cache + (min_index << s->l2_bits);
BLKDBG_EVENT(bs->file, BLKDBG_L2_LOAD);
-if (bdrv_pread(bs->file, l2_offset, l2_table, s->l2_size *
sizeof(uint64_t)) !=
-s->l2_size * sizeof(uint64_t))
-return NULL;
+ret = bdrv_pread(bs->file, l2_offset, *l2_table,
+s->l2_size * sizeof(uint64_t));
+if (ret < 0) {
+return ret;
+}
+
s->l2_cache_offsets[min_index] = l2_offset;
s->l2_cache_counts[min_index] = 1;
-return l2_table;
+return 0;
}
/*
@@ -440,6 +445,7 @@ int qcow2_get_cluster_offset(BlockDriverState *bs, uint64_t
offset,
int l1_bits, c;
unsigned int index_in_cluster, nb_clusters;
uint64_t nb_available, nb_needed;
+int ret;
index_in_cluster = (offset >> 9) & (s->cluster_sectors - 1);
nb_needed = *num + index_in_cluster;
@@ -478,9 +484,9 @@ int qcow2_get_cluster_offset(BlockDriverState *bs, uint64_t
offset,
/* load the l2 table in memory */
l2_offset &= ~QCOW_OFLAG_COPIED;
-l2_table = l2_load(bs, l2_offset);
-if (l2_table == NULL) {
-return -EIO;
+ret = l2_load(bs, l2_offset, &l2_table);
+if (ret < 0) {
+return ret;
}
/* find the cluster offset for the given disk offset */
@@ -547,9 +553,9 @@ static int get_cluster_table(BlockDriverState *bs, uint64_t
offset,
if (l2_offset & QCOW_OFLAG_COPIED) {
/* load the l2 table in memory */
l2_offset &= ~QCOW_OFLAG_COPIED;
-l2_table = l2_load(bs, l2_offset);
-if (l2_table == NULL) {
-return -EIO;
+ret = l2_load(bs, l2_offset, &l2_table);
+if (ret < 0) {
+return ret;
}
} else {
if (l2_offset)
--
1.6.6.1
[Qemu-devel] [PATCH 05/14] add support for protocol driver create_options
From: MORITA Kazutaka
This patch enables protocol drivers to use their create options which
are not supported by the format. For example, protcol drivers can use
a backing_file option with raw format.
Signed-off-by: MORITA Kazutaka
Signed-off-by: Kevin Wolf
---
block.c |7 +++
block.h |1 +
qemu-img.c| 49 ++---
qemu-option.c | 53 ++---
qemu-option.h |2 ++
5 files changed, 86 insertions(+), 26 deletions(-)
diff --git a/block.c b/block.c
index 47be5ba..24c63f6 100644
--- a/block.c
+++ b/block.c
@@ -56,7 +56,6 @@ static int bdrv_read_em(BlockDriverState *bs, int64_t
sector_num,
uint8_t *buf, int nb_sectors);
static int bdrv_write_em(BlockDriverState *bs, int64_t sector_num,
const uint8_t *buf, int nb_sectors);
-static BlockDriver *find_protocol(const char *filename);
static QTAILQ_HEAD(, BlockDriverState) bdrv_states =
QTAILQ_HEAD_INITIALIZER(bdrv_states);
@@ -210,7 +209,7 @@ int bdrv_create_file(const char* filename,
QEMUOptionParameter *options)
{
BlockDriver *drv;
-drv = find_protocol(filename);
+drv = bdrv_find_protocol(filename);
if (drv == NULL) {
drv = bdrv_find_format("file");
}
@@ -283,7 +282,7 @@ static BlockDriver *find_hdev_driver(const char *filename)
return drv;
}
-static BlockDriver *find_protocol(const char *filename)
+BlockDriver *bdrv_find_protocol(const char *filename)
{
BlockDriver *drv1;
char protocol[128];
@@ -478,7 +477,7 @@ int bdrv_file_open(BlockDriverState **pbs, const char
*filename, int flags)
BlockDriver *drv;
int ret;
-drv = find_protocol(filename);
+drv = bdrv_find_protocol(filename);
if (!drv) {
return -ENOENT;
}
diff --git a/block.h b/block.h
index 24efeb6..9034ebb 100644
--- a/block.h
+++ b/block.h
@@ -54,6 +54,7 @@ void bdrv_info_stats(Monitor *mon, QObject **ret_data);
void bdrv_init(void);
void bdrv_init_with_whitelist(void);
+BlockDriver *bdrv_find_protocol(const char *filename);
BlockDriver *bdrv_find_format(const char *format_name);
BlockDriver *bdrv_find_whitelisted_format(const char *format_name);
int bdrv_create(BlockDriver *drv, const char* filename,
diff --git a/qemu-img.c b/qemu-img.c
index cb007b7..ea091f0 100644
--- a/qemu-img.c
+++ b/qemu-img.c
@@ -252,8 +252,8 @@ static int img_create(int argc, char **argv)
const char *base_fmt = NULL;
const char *filename;
const char *base_filename = NULL;
-BlockDriver *drv;
-QEMUOptionParameter *param = NULL;
+BlockDriver *drv, *proto_drv;
+QEMUOptionParameter *param = NULL, *create_options = NULL;
char *options = NULL;
flags = 0;
@@ -286,33 +286,42 @@ static int img_create(int argc, char **argv)
}
}
+/* Get the filename */
+if (optind >= argc)
+help();
+filename = argv[optind++];
+
/* Find driver and parse its options */
drv = bdrv_find_format(fmt);
if (!drv)
error("Unknown file format '%s'", fmt);
+proto_drv = bdrv_find_protocol(filename);
+if (!proto_drv)
+error("Unknown protocol '%s'", filename);
+
+create_options = append_option_parameters(create_options,
+ drv->create_options);
+create_options = append_option_parameters(create_options,
+ proto_drv->create_options);
+
if (options && !strcmp(options, "?")) {
-print_option_help(drv->create_options);
+print_option_help(create_options);
return 0;
}
/* Create parameter list with default values */
-param = parse_option_parameters("", drv->create_options, param);
+param = parse_option_parameters("", create_options, param);
set_option_parameter_int(param, BLOCK_OPT_SIZE, -1);
/* Parse -o options */
if (options) {
-param = parse_option_parameters(options, drv->create_options, param);
+param = parse_option_parameters(options, create_options, param);
if (param == NULL) {
error("Invalid options for file format '%s'.", fmt);
}
}
-/* Get the filename */
-if (optind >= argc)
-help();
-filename = argv[optind++];
-
/* Add size to parameters */
if (optind < argc) {
set_option_parameter(param, BLOCK_OPT_SIZE, argv[optind++]);
@@ -362,6 +371,7 @@ static int img_create(int argc, char **argv)
puts("");
ret = bdrv_create(drv, filename, param);
+free_option_parameters(create_options);
free_option_parameters(param);
if (ret < 0) {
@@ -543,14 +553,14 @@ static int img_convert(int argc, char **argv)
{
int c, ret, n, n1, bs_n, bs_i, flags, cluster_size, cluster_sectors;
const char *fmt, *out_fmt, *out_baseimg, *out_filename;
-BlockDriver *drv;
+BlockDriver *drv, *proto_drv;
Blo
[Qemu-devel] [PATCH 02/14] qcow2: Fix error handling in l2_allocate
l2_allocate has some intermediate states in which the image is inconsistent.
Change the order to write to the L1 table only after the new L2 table has
successfully been initialized.
Also reset the L2 cache in failure case, it's very likely wrong.
Signed-off-by: Kevin Wolf
---
block/qcow2-cluster.c | 23 +--
1 files changed, 13 insertions(+), 10 deletions(-)
diff --git a/block/qcow2-cluster.c b/block/qcow2-cluster.c
index ed5c4b2..244b4a7 100644
--- a/block/qcow2-cluster.c
+++ b/block/qcow2-cluster.c
@@ -239,14 +239,6 @@ static int l2_allocate(BlockDriverState *bs, int l1_index,
uint64_t **table)
return l2_offset;
}
-/* update the L1 entry */
-
-s->l1_table[l1_index] = l2_offset | QCOW_OFLAG_COPIED;
-ret = write_l1_entry(bs, l1_index);
-if (ret < 0) {
-return ret;
-}
-
/* allocate a new entry in the l2 cache */
min_index = l2_cache_new_entry(bs);
@@ -261,7 +253,7 @@ static int l2_allocate(BlockDriverState *bs, int l1_index,
uint64_t **table)
ret = bdrv_pread(bs->file, old_l2_offset, l2_table,
s->l2_size * sizeof(uint64_t));
if (ret < 0) {
-return ret;
+goto fail;
}
}
/* write the l2 table to the file */
@@ -269,7 +261,14 @@ static int l2_allocate(BlockDriverState *bs, int l1_index,
uint64_t **table)
ret = bdrv_pwrite(bs->file, l2_offset, l2_table,
s->l2_size * sizeof(uint64_t));
if (ret < 0) {
-return ret;
+goto fail;
+}
+
+/* update the L1 entry */
+s->l1_table[l1_index] = l2_offset | QCOW_OFLAG_COPIED;
+ret = write_l1_entry(bs, l1_index);
+if (ret < 0) {
+goto fail;
}
/* update the l2 cache entry */
@@ -279,6 +278,10 @@ static int l2_allocate(BlockDriverState *bs, int l1_index,
uint64_t **table)
*table = l2_table;
return 0;
+
+fail:
+qcow2_l2_cache_reset(bs);
+return ret;
}
static int count_contiguous_clusters(uint64_t nb_clusters, int cluster_size,
--
1.6.6.1
[Qemu-devel] [PATCH 09/14] qcow2: Allow qcow2_get_cluster_offset to return errors
qcow2_get_cluster_offset() looks up a given virtual disk offset and returns the
offset of the corresponding cluster in the image file. Errors (e.g. L2 table
can't be read) are currenctly indicated by a return value of 0, which is
unfortuately the same as for any unallocated cluster. So in effect we can't
check for errors.
This makes the old return value a by-reference parameter and returns the usual
0/-errno error code.
Signed-off-by: Kevin Wolf
---
block/qcow2-cluster.c | 36 ++--
block/qcow2.c | 16 +---
block/qcow2.h |4 ++--
3 files changed, 37 insertions(+), 19 deletions(-)
diff --git a/block/qcow2-cluster.c b/block/qcow2-cluster.c
index 244b4a7..ea98afc 100644
--- a/block/qcow2-cluster.c
+++ b/block/qcow2-cluster.c
@@ -345,7 +345,13 @@ static int qcow_read(BlockDriverState *bs, int64_t
sector_num,
while (nb_sectors > 0) {
n = nb_sectors;
-cluster_offset = qcow2_get_cluster_offset(bs, sector_num << 9, &n);
+
+ret = qcow2_get_cluster_offset(bs, sector_num << 9, &n,
+&cluster_offset);
+if (ret < 0) {
+return ret;
+}
+
index_in_cluster = sector_num & (s->cluster_sectors - 1);
if (!cluster_offset) {
if (bs->backing_hd) {
@@ -412,25 +418,25 @@ static int copy_sectors(BlockDriverState *bs, uint64_t
start_sect,
/*
* get_cluster_offset
*
- * For a given offset of the disk image, return cluster offset in
- * qcow2 file.
+ * For a given offset of the disk image, find the cluster offset in
+ * qcow2 file. The offset is stored in *cluster_offset.
*
* on entry, *num is the number of contiguous clusters we'd like to
* access following offset.
*
* on exit, *num is the number of contiguous clusters we can read.
*
- * Return 1, if the offset is found
- * Return 0, otherwise.
+ * Return 0, if the offset is found
+ * Return -errno, otherwise.
*
*/
-uint64_t qcow2_get_cluster_offset(BlockDriverState *bs, uint64_t offset,
-int *num)
+int qcow2_get_cluster_offset(BlockDriverState *bs, uint64_t offset,
+int *num, uint64_t *cluster_offset)
{
BDRVQcowState *s = bs->opaque;
unsigned int l1_index, l2_index;
-uint64_t l2_offset, *l2_table, cluster_offset;
+uint64_t l2_offset, *l2_table;
int l1_bits, c;
unsigned int index_in_cluster, nb_clusters;
uint64_t nb_available, nb_needed;
@@ -454,7 +460,7 @@ uint64_t qcow2_get_cluster_offset(BlockDriverState *bs,
uint64_t offset,
nb_needed = nb_available;
}
-cluster_offset = 0;
+*cluster_offset = 0;
/* seek the the l2 offset in the l1 table */
@@ -473,16 +479,17 @@ uint64_t qcow2_get_cluster_offset(BlockDriverState *bs,
uint64_t offset,
l2_offset &= ~QCOW_OFLAG_COPIED;
l2_table = l2_load(bs, l2_offset);
-if (l2_table == NULL)
-return 0;
+if (l2_table == NULL) {
+return -EIO;
+}
/* find the cluster offset for the given disk offset */
l2_index = (offset >> s->cluster_bits) & (s->l2_size - 1);
-cluster_offset = be64_to_cpu(l2_table[l2_index]);
+*cluster_offset = be64_to_cpu(l2_table[l2_index]);
nb_clusters = size_to_clusters(s, nb_needed << 9);
-if (!cluster_offset) {
+if (!*cluster_offset) {
/* how many empty clusters ? */
c = count_contiguous_free_clusters(nb_clusters, &l2_table[l2_index]);
} else {
@@ -498,7 +505,8 @@ out:
*num = nb_available - index_in_cluster;
-return cluster_offset & ~QCOW_OFLAG_COPIED;
+*cluster_offset &=~QCOW_OFLAG_COPIED;
+return 0;
}
/*
diff --git a/block/qcow2.c b/block/qcow2.c
index 5b72758..33fa9a9 100644
--- a/block/qcow2.c
+++ b/block/qcow2.c
@@ -297,9 +297,15 @@ static int qcow_is_allocated(BlockDriverState *bs, int64_t
sector_num,
int nb_sectors, int *pnum)
{
uint64_t cluster_offset;
+int ret;
*pnum = nb_sectors;
-cluster_offset = qcow2_get_cluster_offset(bs, sector_num << 9, pnum);
+/* FIXME We can get errors here, but the bdrv_is_allocated interface can't
+ * pass them on today */
+ret = qcow2_get_cluster_offset(bs, sector_num << 9, pnum, &cluster_offset);
+if (ret < 0) {
+*pnum = 0;
+}
return (cluster_offset != 0);
}
@@ -409,8 +415,12 @@ static void qcow_aio_read_cb(void *opaque, int ret)
/* prepare next AIO request */
acb->cur_nr_sectors = acb->remaining_sectors;
-acb->cluster_offset = qcow2_get_cluster_offset(bs, acb->sector_num << 9,
- &acb->cur_nr_sectors);
+ret = qcow2_get_cluster_offset(bs, acb->sector_num << 9,
+&acb->cur_nr_sectors, &acb->cluster_offset);
+if (ret < 0) {
+goto done;
+}
+
index_in_cluster = acb->sector_num & (s->cluster_sectors - 1);
if (!acb->cluster_offset) {
diff --git a/block/qcow2.h b/block/qcow2.h
index 01053b7..c59b827 100644
--- a/block/q
[Qemu-devel] [PATCH 06/14] drive: allow rerror, werror and readonly for if=none
From: Gerd Hoffmann
When creating guest disks the qdev way using ...
-drive if=none,id=$name,args
-device $driver,drive=$name
it is not possible to specify rerror, werror and readonly arguments
for drive as drive_init allows/blocks them based on the interface (if=)
specified and none isn't white-listed there.
Signed-off-by: Gerd Hoffmann
Signed-off-by: Kevin Wolf
---
vl.c |6 +++---
1 files changed, 3 insertions(+), 3 deletions(-)
diff --git a/vl.c b/vl.c
index 417554f..7121cd0 100644
--- a/vl.c
+++ b/vl.c
@@ -953,7 +953,7 @@ DriveInfo *drive_init(QemuOpts *opts, void *opaque,
on_write_error = BLOCK_ERR_STOP_ENOSPC;
if ((buf = qemu_opt_get(opts, "werror")) != NULL) {
-if (type != IF_IDE && type != IF_SCSI && type != IF_VIRTIO) {
+if (type != IF_IDE && type != IF_SCSI && type != IF_VIRTIO && type !=
IF_NONE) {
fprintf(stderr, "werror is no supported by this format\n");
return NULL;
}
@@ -966,7 +966,7 @@ DriveInfo *drive_init(QemuOpts *opts, void *opaque,
on_read_error = BLOCK_ERR_REPORT;
if ((buf = qemu_opt_get(opts, "rerror")) != NULL) {
-if (type != IF_IDE && type != IF_VIRTIO) {
+if (type != IF_IDE && type != IF_VIRTIO && type != IF_NONE) {
fprintf(stderr, "rerror is no supported by this format\n");
return NULL;
}
@@ -1114,7 +1114,7 @@ DriveInfo *drive_init(QemuOpts *opts, void *opaque,
/* CDROM is fine for any interface, don't check. */
ro = 1;
} else if (ro == 1) {
-if (type != IF_SCSI && type != IF_VIRTIO && type != IF_FLOPPY) {
+if (type != IF_SCSI && type != IF_VIRTIO && type != IF_FLOPPY && type
!= IF_NONE) {
fprintf(stderr, "qemu: readonly flag not supported for drive with
this interface\n");
return NULL;
}
--
1.6.6.1
[Qemu-devel] [PULL 00/14] Block patches
Hi Anthony, this includes again some patches that should be applied to stable-0.12, too: 86fa8da qcow2: Fix corruption after error in update_refcount 25408c0 qcow2: Fix corruption after refblock allocation cbf1dff block: Fix multiwrite with overlapping requests 175e115 qcow2: Fix error handling in l2_allocate 1b7c801 qcow2: Clear L2 table cache after write error Kevin The following changes since commit 29f91781bd300b228d9c38b9f6c1e0b6a38f25fb: Jes Sorensen (1): vhost_net.c: v2 Fix build failure introduced by 0bfcd599e3f5c5679cc7d0165a0a1822e2f60de2 are available in the git repository at: git://repo.or.cz/qemu/kevin.git for-anthony Gerd Hoffmann (1): drive: allow rerror, werror and readonly for if=none Jes Sorensen (1): block.h: Make BDRV_SECTOR_SIZE 64 bit safe Kevin Wolf (9): qcow2: Clear L2 table cache after write error qcow2: Fix error handling in l2_allocate block: Fix multiwrite with overlapping requests qemu-io: Add multiwrite command qcow2: Allow qcow2_get_cluster_offset to return errors qcow2: Change l2_load to return 0/-errno qcow2: Return right error code in write_refcount_block_entries qcow2: Fix corruption after refblock allocation qcow2: Fix corruption after error in update_refcount MORITA Kazutaka (1): add support for protocol driver create_options Nicholas A. Bellinger (1): block: Add missing bdrv_delete() for SG_IO BlockDriver in find_image_format() Stefan Hajnoczi (1): posix-aio-compat: Expand tabs that have crept in block.c| 13 ++-- block.h|3 +- block/qcow2-cluster.c | 94 ++-- block/qcow2-refcount.c | 42 +++ block/qcow2.c | 16 +++- block/qcow2.h |4 +- posix-aio-compat.c | 58 +++--- qemu-img.c | 49 + qemu-io.c | 192 qemu-option.c | 53 -- qemu-option.h |2 + vl.c |6 +- 12 files changed, 414 insertions(+), 118 deletions(-)
[Qemu-devel] [PATCH 01/14] qcow2: Clear L2 table cache after write error
If the L2 table was already updated in cache, but writing it to disk has
failed, we must not continue using the changed version in the cache to stay
consistent with what's on the disk.
Signed-off-by: Kevin Wolf
---
block/qcow2-cluster.c |1 +
1 files changed, 1 insertions(+), 0 deletions(-)
diff --git a/block/qcow2-cluster.c b/block/qcow2-cluster.c
index c11680d..ed5c4b2 100644
--- a/block/qcow2-cluster.c
+++ b/block/qcow2-cluster.c
@@ -696,6 +696,7 @@ int qcow2_alloc_cluster_link_l2(BlockDriverState *bs,
QCowL2Meta *m)
ret = write_l2_entries(bs, l2_table, l2_offset, l2_index, m->nb_clusters);
if (ret < 0) {
+qcow2_l2_cache_reset(bs);
goto err;
}
--
1.6.6.1
