[Qemu-devel] [PATCH] Don't translate pointer when in restore_sigcontext

[Mike McCormack]

Fixes crash in i386 when user emulation base address is non-zero.

21797 rt_sigreturn(8,1082124603,1,0,1082126048,1082126248)Exit reason and 
status: signal 11

Signed-off-by: Mike McCormack 
---
 linux-user/signal.c |4 ++--
 1 files changed, 2 insertions(+), 2 deletions(-)

diff --git a/linux-user/signal.c b/linux-user/signal.c
index ce033e9..55277fb 100644
--- a/linux-user/signal.c
+++ b/linux-user/signal.c
@@ -982,8 +982,8 @@ restore_sigcontext(CPUX86State *env, struct 
target_sigcontext *sc, int *peax)
 env->regs[R_ECX] = tswapl(sc->ecx);
 env->eip = tswapl(sc->eip);
 
-cpu_x86_load_seg(env, R_CS, lduw(&sc->cs) | 3);
-cpu_x86_load_seg(env, R_SS, lduw(&sc->ss) | 3);
+cpu_x86_load_seg(env, R_CS, lduw_p(&sc->cs) | 3);
+cpu_x86_load_seg(env, R_SS, lduw_p(&sc->ss) | 3);
 
 tmpflags = tswapl(sc->eflags);
 env->eflags = (env->eflags & ~0x40DD5) | (tmpflags & 0x40DD5);
-- 
1.7.0.4

Re: [Qemu-devel] [PATCH 1/3] pseries: Increase maximum CPUs to 256

[Alexander Graf]

On 20.04.2011, at 08:31, David Gibson wrote:

> On Tue, Apr 19, 2011 at 05:02:21PM +0200, Alexander Graf wrote:
>> On 04/19/2011 02:44 PM, David Gibson wrote:
>>> On Tue, Apr 19, 2011 at 09:38:58AM +0200, Alexander Graf wrote:
 On 19.04.2011, at 03:54, David Gibson wrote:
 
> From: Anton Blanchard
> 
> The original pSeries machine was limited to 32 CPUs, more or less
> arbitrarily.  Particularly when we get SMT KVM guests it will be
> pretty easy to exceed this.  Therefore, raise the max number of CPUs
> in a pseries machine guest to 256.
 Are the 256 limited by technical limits or arbitrary as well? :)
>>> Still arbitrary, just bigger.
>> 
>> Can't we set it to the real, technical limit then?
> 
> There is no clear real, technical limit.  It would depend on exactly
> what generation of pSeries we're talking about, and be in the
> thousands.

So I suppose we should set the max to the thousands then? Why limit it 
arbitrarily?


Alex

[Qemu-devel] [RFC PATCH 0/2] Multiqueue support for qemu(virtio-net)

[Jason Wang]

Inspired by Krishna's patch (http://www.spinics.net/lists/kvm/msg52098.html) and
Michael's suggestions.  The following series adds the multiqueue support for
qemu and enable it for virtio-net (both userspace and vhost).

The aim for this series is to simplified the management and achieve the same
performacne with less codes.

Follows are the differences between this series and Krishna's:

- Add the multiqueue support for qemu and also for userspace virtio-net
- Instead of hacking the vhost module to manipulate kthreads, this patch just
implement the userspace based multiqueues and thus can re-use the existed vhost 
kernel-side codes without any modification.
- Use 1:1 mapping between TX/RX pairs and vhost kthread because the
implementation is based on usersapce.
- The cli is also changed to make the mgmt easier, the -netdev option of qdev
can now accpet more than one ids. You can start a multiqueue virtio-net device
through:
./qemu-system-x86_64 -netdev tap,id=hn0,vhost=on,fd=X -netdev
tap,id=hn0,vhost=on,fd=Y -device virtio-net-pci,netdev=hn0#hn1,queues=2 ...

The series is very primitive and still need polished.

Suggestions are welcomed.
---

Jason Wang (2):
  net: Add multiqueue support
  virtio-net: add multiqueue support


 hw/qdev-properties.c |   37 -
 hw/qdev.h|3 
 hw/vhost.c   |   26 ++-
 hw/vhost.h   |1 
 hw/vhost_net.c   |7 +
 hw/vhost_net.h   |2 
 hw/virtio-net.c  |  409 --
 hw/virtio-net.h  |2 
 hw/virtio-pci.c  |1 
 hw/virtio.h  |1 
 net.c|   34 +++-
 net.h|   15 +-
 12 files changed, 353 insertions(+), 185 deletions(-)

-- 
Jason Wang

[Qemu-devel] [RFC PATCH 1/2] net: Add multiqueue support

[Jason Wang]

This patch adds the multiqueues support for emulated nics. Each VLANClientState
pairs are now abstract as a queue instead of a nic, and multiple VLANClientState
pointers were stored in the NICState and treated as the multiple queues of a
single nic. The netdev options of qdev were now expanded to accept more than one
netdev ids. A queue_index were also introduced to let the emulated nics know
which queue the packet were came from or sent out. Virtio-net would be the first
user.

The legacy single queue nics can still run happily without modification as the
the compatibility were kept.

Signed-off-by: Jason Wang 
---
 hw/qdev-properties.c |   37 ++---
 hw/qdev.h|3 ++-
 net.c|   34 ++
 net.h|   15 +++
 4 files changed, 69 insertions(+), 20 deletions(-)

diff --git a/hw/qdev-properties.c b/hw/qdev-properties.c
index 1088a26..dd371e1 100644
--- a/hw/qdev-properties.c
+++ b/hw/qdev-properties.c
@@ -384,14 +384,37 @@ PropertyInfo qdev_prop_chr = {
 
 static int parse_netdev(DeviceState *dev, Property *prop, const char *str)
 {
-VLANClientState **ptr = qdev_get_prop_ptr(dev, prop);
+VLANClientState ***nc = qdev_get_prop_ptr(dev, prop);
+const char *ptr = str;
+int i = 0;
+size_t len = strlen(str);
+*nc = qemu_malloc(MAX_QUEUE_NUM * sizeof(VLANClientState *));
+
+while (i < MAX_QUEUE_NUM && ptr < str + len) {
+char *name = NULL;
+char *this = strchr(ptr, '#');
+
+if (this == NULL) {
+name = strdup(ptr);
+} else {
+name = strndup(ptr, this - ptr);
+}
 
-*ptr = qemu_find_netdev(str);
-if (*ptr == NULL)
-return -ENOENT;
-if ((*ptr)->peer) {
-return -EEXIST;
+(*nc)[i] = qemu_find_netdev(name);
+if ((*nc)[i] == NULL) {
+return -ENOENT;
+}
+if (((*nc)[i])->peer) {
+return -EEXIST;
+}
+
+if (this == NULL) {
+break;
+}
+i++;
+ptr = this + 1;
 }
+
 return 0;
 }
 
@@ -409,7 +432,7 @@ static int print_netdev(DeviceState *dev, Property *prop, 
char *dest, size_t len
 PropertyInfo qdev_prop_netdev = {
 .name  = "netdev",
 .type  = PROP_TYPE_NETDEV,
-.size  = sizeof(VLANClientState*),
+.size  = sizeof(VLANClientState **),
 .parse = parse_netdev,
 .print = print_netdev,
 };
diff --git a/hw/qdev.h b/hw/qdev.h
index 8a13ec9..b438da0 100644
--- a/hw/qdev.h
+++ b/hw/qdev.h
@@ -257,6 +257,7 @@ extern PropertyInfo qdev_prop_pci_devfn;
 .defval= (bool[]) { (_defval) }, \
 }
 
+
 #define DEFINE_PROP_UINT8(_n, _s, _f, _d)   \
 DEFINE_PROP_DEFAULT(_n, _s, _f, _d, qdev_prop_uint8, uint8_t)
 #define DEFINE_PROP_UINT16(_n, _s, _f, _d)  \
@@ -281,7 +282,7 @@ extern PropertyInfo qdev_prop_pci_devfn;
 #define DEFINE_PROP_STRING(_n, _s, _f) \
 DEFINE_PROP(_n, _s, _f, qdev_prop_string, char*)
 #define DEFINE_PROP_NETDEV(_n, _s, _f) \
-DEFINE_PROP(_n, _s, _f, qdev_prop_netdev, VLANClientState*)
+DEFINE_PROP(_n, _s, _f, qdev_prop_netdev, VLANClientState**)
 #define DEFINE_PROP_VLAN(_n, _s, _f) \
 DEFINE_PROP(_n, _s, _f, qdev_prop_vlan, VLANState*)
 #define DEFINE_PROP_DRIVE(_n, _s, _f) \
diff --git a/net.c b/net.c
index 4f777c3..a937e5d 100644
--- a/net.c
+++ b/net.c
@@ -227,16 +227,36 @@ NICState *qemu_new_nic(NetClientInfo *info,
 {
 VLANClientState *nc;
 NICState *nic;
+int i;
 
 assert(info->type == NET_CLIENT_TYPE_NIC);
 assert(info->size >= sizeof(NICState));
 
-nc = qemu_new_net_client(info, conf->vlan, conf->peer, model, name);
+nc = qemu_new_net_client(info, conf->vlan, conf->peers[0], model, name);
 
 nic = DO_UPCAST(NICState, nc, nc);
 nic->conf = conf;
 nic->opaque = opaque;
 
+/* For compatiablity with single queue nic */
+nic->ncs[0] = nc;
+nc->opaque = nic;
+
+for (i = 1 ; i < conf->queues; i++) {
+VLANClientState *vc = qemu_mallocz(sizeof(*vc));
+vc->opaque = nic;
+nic->ncs[i] = vc;
+vc->peer = conf->peers[i];
+vc->info = info;
+vc->queue_index = i;
+vc->peer->peer = vc;
+QTAILQ_INSERT_TAIL(&non_vlan_clients, vc, next);
+
+vc->send_queue = qemu_new_net_queue(qemu_deliver_packet,
+qemu_deliver_packet_iov,
+vc);
+}
+
 return nic;
 }
 
@@ -272,11 +292,10 @@ void qemu_del_vlan_client(VLANClientState *vc)
 {
 /* If there is a peer NIC, delete and cleanup client, but do not free. */
 if (!vc->vlan && vc->peer && vc->peer->info->type == NET_CLIENT_TYPE_NIC) {
-NICState *nic = DO_UPCAST(NICState, nc, vc->peer);
-if (nic->peer_deleted) {
+if (vc->peer_deleted) {
 retur

[Qemu-devel] [RFC PATCH 2/2] virtio-net: add multiqueue support

[Jason Wang]

This patch add the multiqueue ability to virtio-net for both userapce and
vhost. With this patch the kernel side vhost could be reused without
modification to support multiqueue virtio-net nics.

Signed-off-by: Jason Wang 
---
 hw/vhost.c  |   26 ++-
 hw/vhost.h  |1 
 hw/vhost_net.c  |7 +
 hw/vhost_net.h  |2 
 hw/virtio-net.c |  409 +++
 hw/virtio-net.h |2 
 hw/virtio-pci.c |1 
 hw/virtio.h |1 
 8 files changed, 284 insertions(+), 165 deletions(-)

diff --git a/hw/vhost.c b/hw/vhost.c
index 14b571d..2301d53 100644
--- a/hw/vhost.c
+++ b/hw/vhost.c
@@ -450,10 +450,10 @@ static int vhost_virtqueue_init(struct vhost_dev *dev,
 target_phys_addr_t s, l, a;
 int r;
 struct vhost_vring_file file = {
-.index = idx,
+.index = idx % dev->nvqs,
 };
 struct vhost_vring_state state = {
-.index = idx,
+.index = idx % dev->nvqs,
 };
 struct VirtQueue *vvq = virtio_get_queue(vdev, idx);
 
@@ -504,12 +504,13 @@ static int vhost_virtqueue_init(struct vhost_dev *dev,
 goto fail_alloc_ring;
 }
 
-r = vhost_virtqueue_set_addr(dev, vq, idx, dev->log_enabled);
+r = vhost_virtqueue_set_addr(dev, vq, idx % dev->nvqs, dev->log_enabled);
 if (r < 0) {
 r = -errno;
 goto fail_alloc;
 }
 r = vdev->binding->set_host_notifier(vdev->binding_opaque, idx, true);
+
 if (r < 0) {
 fprintf(stderr, "Error binding host notifier: %d\n", -r);
 goto fail_host_notifier;
@@ -557,7 +558,7 @@ static void vhost_virtqueue_cleanup(struct vhost_dev *dev,
 unsigned idx)
 {
 struct vhost_vring_state state = {
-.index = idx,
+.index = idx % dev->nvqs,
 };
 int r;
 r = vdev->binding->set_host_notifier(vdev->binding_opaque, idx, false);
@@ -648,10 +649,13 @@ int vhost_dev_start(struct vhost_dev *hdev, VirtIODevice 
*vdev)
 goto fail;
 }
 
-r = vdev->binding->set_guest_notifiers(vdev->binding_opaque, true);
-if (r < 0) {
-fprintf(stderr, "Error binding guest notifier: %d\n", -r);
-goto fail_notifiers;
+for (i = 0; i < hdev->nvqs; i++) {
+r = vdev->binding->set_guest_notifier(vdev->binding_opaque,
+  hdev->start_idx + i, true);
+if (r < 0) {
+fprintf(stderr, "Error binding guest notifier: %d\n", -r);
+goto fail_notifiers;
+}
 }
 
 r = vhost_dev_set_features(hdev, hdev->log_enabled);
@@ -667,7 +671,7 @@ int vhost_dev_start(struct vhost_dev *hdev, VirtIODevice 
*vdev)
 r = vhost_virtqueue_init(hdev,
  vdev,
  hdev->vqs + i,
- i);
+ hdev->start_idx + i);
 if (r < 0) {
 goto fail_vq;
 }
@@ -694,7 +698,7 @@ fail_vq:
 vhost_virtqueue_cleanup(hdev,
 vdev,
 hdev->vqs + i,
-i);
+hdev->start_idx + i);
 }
 fail_mem:
 fail_features:
@@ -712,7 +716,7 @@ void vhost_dev_stop(struct vhost_dev *hdev, VirtIODevice 
*vdev)
 vhost_virtqueue_cleanup(hdev,
 vdev,
 hdev->vqs + i,
-i);
+hdev->start_idx + i);
 }
 vhost_client_sync_dirty_bitmap(&hdev->client, 0,
(target_phys_addr_t)~0x0ull);
diff --git a/hw/vhost.h b/hw/vhost.h
index c8c595a..48b9478 100644
--- a/hw/vhost.h
+++ b/hw/vhost.h
@@ -31,6 +31,7 @@ struct vhost_dev {
 struct vhost_memory *mem;
 struct vhost_virtqueue *vqs;
 int nvqs;
+int start_idx;
 unsigned long long features;
 unsigned long long acked_features;
 unsigned long long backend_features;
diff --git a/hw/vhost_net.c b/hw/vhost_net.c
index 420e05f..7fc87f8 100644
--- a/hw/vhost_net.c
+++ b/hw/vhost_net.c
@@ -128,7 +128,8 @@ bool vhost_net_query(VHostNetState *net, VirtIODevice *dev)
 }
 
 int vhost_net_start(struct vhost_net *net,
-VirtIODevice *dev)
+VirtIODevice *dev,
+int start_idx)
 {
 struct vhost_vring_file file = { };
 int r;
@@ -139,6 +140,7 @@ int vhost_net_start(struct vhost_net *net,
 
 net->dev.nvqs = 2;
 net->dev.vqs = net->vqs;
+net->dev.start_idx = start_idx;
 r = vhost_dev_start(&net->dev, dev);
 if (r < 0) {
 return r;
@@ -206,7 +208,8 @@ bool vhost_net_query(VHostNetState *net, VirtIODevice *dev)
 }
 
 int vhost_net_start(struct vhost_net *net,
-   VirtIODevice *dev)
+VirtIODevice *dev,
+int start_idx)
 {
 return -ENOSYS;
 }
diff --git a/hw/vhost_net.h b/hw/vhost_net.h
index 91

Re: [Qemu-devel] [RFC PATCH 0/2] Multiqueue support for qemu(virtio-net)

[Krishna Kumar2]

Thanks Jason!

So I can use my virtio-net guest driver and test with this patch?
Please provide the script you use to start MQ guest.

Regards,

- KK

Jason Wang  wrote on 04/20/2011 02:03:07 PM:

> Jason Wang 
> 04/20/2011 02:03 PM
>
> To
>
> Krishna Kumar2/India/IBM@IBMIN, k...@vger.kernel.org, m...@redhat.com,
> net...@vger.kernel.org, ru...@rustcorp.com.au, qemu-
> de...@nongnu.org, anth...@codemonkey.ws
>
> cc
>
> Subject
>
> [RFC PATCH 0/2] Multiqueue support for qemu(virtio-net)
>
> Inspired by Krishna's patch
(http://www.spinics.net/lists/kvm/msg52098.html
> ) and
> Michael's suggestions.  The following series adds the multiqueue support
for
> qemu and enable it for virtio-net (both userspace and vhost).
>
> The aim for this series is to simplified the management and achieve the
same
> performacne with less codes.
>
> Follows are the differences between this series and Krishna's:
>
> - Add the multiqueue support for qemu and also for userspace virtio-net
> - Instead of hacking the vhost module to manipulate kthreads, this patch
just
> implement the userspace based multiqueues and thus can re-use the
> existed vhost kernel-side codes without any modification.
> - Use 1:1 mapping between TX/RX pairs and vhost kthread because the
> implementation is based on usersapce.
> - The cli is also changed to make the mgmt easier, the -netdev option of
qdev
> can now accpet more than one ids. You can start a multiqueue virtio-net
device
> through:
> ./qemu-system-x86_64 -netdev tap,id=hn0,vhost=on,fd=X -netdev
> tap,id=hn0,vhost=on,fd=Y -device
virtio-net-pci,netdev=hn0#hn1,queues=2 ...
>
> The series is very primitive and still need polished.
>
> Suggestions are welcomed.
> ---
>
> Jason Wang (2):
>   net: Add multiqueue support
>   virtio-net: add multiqueue support
>
>
>  hw/qdev-properties.c |   37 -
>  hw/qdev.h|3
>  hw/vhost.c   |   26 ++-
>  hw/vhost.h   |1
>  hw/vhost_net.c   |7 +
>  hw/vhost_net.h   |2
>  hw/virtio-net.c  |  409 +++
> +--
>  hw/virtio-net.h  |2
>  hw/virtio-pci.c  |1
>  hw/virtio.h  |1
>  net.c|   34 +++-
>  net.h|   15 +-
>  12 files changed, 353 insertions(+), 185 deletions(-)
>
> --
> Jason Wang

Re: [Qemu-devel] [PATCH 01/20] softfloat: fix floatx80 handling of NaN

[Aurelien Jarno]

On Tue, Apr 19, 2011 at 11:53:50AM +0100, Peter Maydell wrote:
> On 18 April 2011 21:59, Aurelien Jarno  wrote:
> > The floatx80 format uses an explicit bit that should be taken into account
> > when converting to and from commonNaN format.
> >
> > When converting to commonNaN, the explicit bit should be removed if it is
> > a 1, and a default NaN should be used if it is 0.
> >
> > When converting from commonNan, the explicit bit should be added.
> >
> > Signed-off-by: Aurelien Jarno 
> > ---
> >  fpu/softfloat-specialize.h |   19 +--
> >  1 files changed, 13 insertions(+), 6 deletions(-)
> >
> > diff --git a/fpu/softfloat-specialize.h b/fpu/softfloat-specialize.h
> > index b110187..fb2b5b4 100644
> > --- a/fpu/softfloat-specialize.h
> > +++ b/fpu/softfloat-specialize.h
> > @@ -603,9 +603,15 @@ static commonNaNT floatx80ToCommonNaN( floatx80 a 
> > STATUS_PARAM)
> >     commonNaNT z;
> >
> >     if ( floatx80_is_signaling_nan( a ) ) float_raise( float_flag_invalid 
> > STATUS_VAR);
> > -    z.sign = a.high>>15;
> > -    z.low = 0;
> > -    z.high = a.low;
> > +    if ( a.low >> 63 ) {
> > +        z.sign = a.high >> 15;
> > +        z.low = 0;
> > +        z.high = a.low << 1;
> > +    } else {
> > +        z.sign = floatx80_default_nan_high >> 15;
> > +        z.low = 0;
> > +        z.high = floatx80_default_nan_low << 1;
> > +    }
> >     return z;
> >  }
> 
> The intel manuals don't seem to define what a number with non-zero exponent
> field but explicit bit clear actually means. Presumably this (generate a
> default NaN) is what the hardware does if you try to convert such a thing
> to float64?

I tested that on my hardware, on an Intel CPU, and it behaves like that.

> > @@ -624,10 +630,11 @@ static floatx80 commonNaNToFloatx80( commonNaNT a 
> > STATUS_PARAM)
> >         return z;
> >     }
> >
> > -    if (a.high)
> > -        z.low = a.high;
> > -    else
> > +    if (a.high) {
> > +        z.low = LIT64( 0x8000 ) | a.high >> 1;
> > +    } else {
> >         z.low = floatx80_default_nan_low;
> > +    }
> >     z.high = ( ( (uint16_t) a.sign )<<15 ) | 0x7FFF;
> >     return z;
> >  }
> 
> I think the condition here should be "if (a.high >> 1)" -- otherwise we
> might construct an infinity instead (explicit bit 1 but all fraction bits 0).
> Also we are keeping the sign of the input even if we return the default
> NaN. It might be better to start with
>  uint64_t mantissa = a.high >> 1;
> and then roll the 'mantissa == 0' check into the default_nan_mode if().
> 

Correct, good catch. Will fix that in v2.


-- 
Aurelien Jarno  GPG: 1024D/F1BCDB73
aurel...@aurel32.net http://www.aurel32.net

Re: [Qemu-devel] [PULL] Remove unused function parameters

[Stefan Weil]

Hello,

I updated the first patch as suggested by Peter Maydell
(Fix [] typo, fix copy+paste error with SHA1 object name
in commit message). The rest is identical, so I don't
resend it to qemu-devel.

Cheers,
Stefan Weil


The following changes since commit 8d5192ee15bc519f83741f5e413ebba5d57a6abd:
  Alexander Graf (1):
s390x: virtio machine storage keys

are available in the git repository at:

  git://qemu.weilnetz.de/git/qemu.git/ patches

Stefan Weil (2):
  Remove unused function parameters from gen_pc_load and rename the 
function

  Remove unused function parameter from cpu_restore_state

 cpu-exec.c|2 +-
 exec-all.h|7 +++
 exec.c|9 -
 target-alpha/op_helper.c  |2 +-
 target-alpha/translate.c  |3 +--
 target-arm/op_helper.c|2 +-
 target-arm/translate.c|7 +++
 target-cris/op_helper.c   |2 +-
 target-cris/translate.c   |3 +--
 target-i386/op_helper.c   |2 +-
 target-i386/translate.c   |7 +++
 target-lm32/op_helper.c   |2 +-
 target-lm32/translate.c   |3 +--
 target-m68k/op_helper.c   |2 +-
 target-m68k/translate.c   |3 +--
 target-microblaze/op_helper.c |2 +-
 target-microblaze/translate.c |3 +--
 target-mips/op_helper.c   |4 ++--
 target-mips/translate.c   |3 +--
 target-ppc/op_helper.c|2 +-
 target-ppc/translate.c|3 +--
 target-s390x/op_helper.c  |2 +-
 target-s390x/translate.c  |3 +--
 target-sh4/op_helper.c|2 +-
 target-sh4/translate.c|3 +--
 target-sparc/op_helper.c  |2 +-
 target-sparc/translate.c  |3 +--
 target-unicore32/translate.c  |3 +--
 translate-all.c   |5 ++---
 29 files changed, 40 insertions(+), 56 deletions(-)

Re: [Qemu-devel] [PATCH 00/24] Alpha system emulation, v2

[Tristan Gingold]

On Apr 19, 2011, at 5:04 PM, Richard Henderson wrote:

> Changes from v1 to v2:
>  - Split patch 5 up into little pieces.  These pieces were compile
>tested by applying patch 23 (Enable alpha-softmmu) out of sequence
>so that both softmmu and linux-user targets were built.  But in
>the end I chickened out and re-ordered the enable patch to last.
> 
>  - The TB->FLAGS patch is more comprehensive.  In doing the split I
>noticed that we were doing funny things with AMASK that really
>ought to have belonged in the TB in the first place.
> 
>  - The patch for unassigned addresses is more comprehensive.  I had
>previously failed to do the if-deffing dance in the generic part
>of QEMU.
> 
>  - The PALcode source is added as a submodule.

Richard,

it looks like I miss the v1.  Anyway, some random comments:

* thank you for working on that!

* sx164 is ev56 based, isn't it ?  It would be nice if cpu version specific 
code is clearly marked.
  In particular (and IIRC), pal mode for ev6 is much closer to ev4 than to ev5. 
 Don't know about ev7.
  It would be nice if we could easily support both ev5 and ev6.

* Yes, executive and supervisor are used only by VMS (well AFAIK).  I'd like to 
support it.
  Did you try to also support the windows mmu mode ?

* Again, thank you for working on that.

Tristan.

Re: [Qemu-devel] [PATCH 04/20] softfloat: add pi constants

[Aurelien Jarno]

On Tue, Apr 19, 2011 at 12:10:48PM +0100, Peter Maydell wrote:
> On 18 April 2011 21:59, Aurelien Jarno  wrote:
> > +#define float64_pi make_float32(0x400921fb54442d18LL)
> 
> This doesn't look quite right :-)
> 

Good catch, fixed.


-- 
Aurelien Jarno  GPG: 1024D/F1BCDB73
aurel...@aurel32.net http://www.aurel32.net

Re: [Qemu-devel] [PATCH 03/20] softfloat: add floatx80 constants

[Aurelien Jarno]

On Tue, Apr 19, 2011 at 12:07:26PM +0100, Peter Maydell wrote:
> On 18 April 2011 21:59, Aurelien Jarno  wrote:
> > Add floatx80 constants similarly to float32 or float64.
> >
> > Signed-off-by: Aurelien Jarno 
> 
> Reviewed-by: Peter Maydell 
> 
> NB: I didn't actually check you got the ln2 value right :-)
> Also for x86 these constants are stored internally with a 66 bit
> mantissa and then rounded according to the current rounding mode,
> so strictly speaking using these values isn't always the right
> thing, but I think that's being overly picky for now.
> 

Agreed, however it's probably something x86 specific, so that should be
handled in target-i386. That said except on old ARM Netwinder chips, 
only Intel is using floatx80.

-- 
Aurelien Jarno  GPG: 1024D/F1BCDB73
aurel...@aurel32.net http://www.aurel32.net

Re: [Qemu-devel] [PATCH 09/20] softfloat-native: add float*_is_any_nan() functions

[Aurelien Jarno]

On Tue, Apr 19, 2011 at 01:42:00PM +0100, Peter Maydell wrote:
> On 18 April 2011 22:00, Aurelien Jarno  wrote:
> 
> > @@ -511,4 +530,11 @@ int floatx80_is_quiet_nan( floatx80 a1 )
> >     return ( ( u.i.high & 0x7FFF ) == 0x7FFF ) && (uint64_t) ( u.i.low<<1 );
> >  }
> >
> > +int floatx80_is_any_nan( floatx80 a1 )
> > +{
> > +    floatx80u u;
> > +    u.f = a1;
> > +    return ((u.i.high & 0x7FFF) == 0x7FFF) && ( u.i.low<<1 );
> > +}
> > +
> >  #endif
> 
> As you can just see from the context, the new function is
> actually identical to the existing floatx80_is_quiet_nan(),
> but the latter is wrong, not this patch :-)
> 
> Nobody seems to use floatx80_is_quiet_nan() so if we're just
> going to nuke softfloat-native shortly there's no point fixing
> it I guess.
> 

IIRC, we already discovered that when changing the name of the nan()
functions. I also don't plan to fix it, it's one more reason to kill
softfloat-native.


-- 
Aurelien Jarno  GPG: 1024D/F1BCDB73
aurel...@aurel32.net http://www.aurel32.net

Re: [Qemu-devel] [PATCH 07/20] softfloat: fix float*_scalnb() corner cases

[Aurelien Jarno]

On Tue, Apr 19, 2011 at 12:57:23PM +0100, Peter Maydell wrote:
> On 18 April 2011 21:59, Aurelien Jarno  wrote:
> 
> > @@ -6349,6 +6352,12 @@ float32 float32_scalbn( float32 a, int n 
> > STATUS_PARAM )
> >     else if ( aSig == 0 )
> >         return a;
> >
> > +    if (n > 0x80) {
> > +        n = 0x80;
> > +    } else if (n < -0x80) {
> > +        n = -0x80;
> > +    }
> > +
> >     aExp += n - 1;
> >     aSig <<= 7;
> >     return normalizeRoundAndPackFloat32( aSign, aExp, aSig STATUS_VAR );
> 
> I don't think your if() condition is right here. Consider the
> float32 0080 (1.0 * 2 ^ -126 ; the smallest possible normalised
> number); you can multiply this by, say, 2^253, without overflowing
> to infinity. However your if() here means we'll incorrectly
> compute the result of multiplying by 2^128 instead. s/0x80/0x200/
> should work.
> 

Correct, will be fixed in the next version.


-- 
Aurelien Jarno  GPG: 1024D/F1BCDB73
aurel...@aurel32.net http://www.aurel32.net

Re: [Qemu-devel] [PATCH 11/20] target-i386: fix helper_flbd_ST0() wrt softfloat

[Aurelien Jarno]

On Tue, Apr 19, 2011 at 06:06:57PM +0100, Peter Maydell wrote:
> On 18 April 2011 22:00, Aurelien Jarno  wrote:
> > Signed-off-by: Aurelien Jarno 
> > ---
> >  target-i386/op_helper.c |    7 ---
> >  1 files changed, 4 insertions(+), 3 deletions(-)
> >
> > diff --git a/target-i386/op_helper.c b/target-i386/op_helper.c
> > index f614893..737 100644
> > --- a/target-i386/op_helper.c
> > +++ b/target-i386/op_helper.c
> > @@ -3920,9 +3920,10 @@ void helper_fbld_ST0(target_ulong ptr)
> >         v = ldub(ptr + i);
> >         val = (val * 100) + ((v >> 4) * 10) + (v & 0xf);
> >     }
> > -    tmp = val;
> > -    if (ldub(ptr + 9) & 0x80)
> > -        tmp = -tmp;
> > +    if (ldub(ptr + 9) & 0x80) {
> > +        val = -val;
> > +    }
> > +    tmp = int64_to_floatx(val, &env->fp_status);
> >     fpush();
> >     ST0 = tmp;
> >  }
> 
> This doesn't do the right thing for -0 (should generate -0,
> not +0). I think:
> 
>  tmp = int64_to_floatx(val, &env->fp_status);
>  if (ldub(ptr + 9) & 0x80) {
>  floatx_chs(tmp);
>  }
> 
> ought to do the right thing and work for both softfloat and
> sf-native, but I haven't tested it.
> 

Good catch, this solution works. Thanks.

-- 
Aurelien Jarno  GPG: 1024D/F1BCDB73
aurel...@aurel32.net http://www.aurel32.net

Re: [Qemu-devel] [PATCH 17/20] target-i386: fix logarithmic and trigonometric helpers wrt softfloat

[Aurelien Jarno]

On Tue, Apr 19, 2011 at 06:37:14PM +0100, Peter Maydell wrote:
> On 18 April 2011 22:00, Aurelien Jarno  wrote:
> > +#include 
> 
> Why does this patch need this? I couldn't see anywhere where
> the patch added calls to math functions we weren't calling before,
> or did I miss one?

Because softloat-native.h include it, but not softfloat.h.

> >  void helper_fptan(void)
> >  {
> > -    CPU86_LDouble fptemp;
> > +    double fptemp = CPU86_LDouble_to_double(ST0);
> >
> > -    fptemp = ST0;
> >     if((fptemp > MAXTAN)||(fptemp < -MAXTAN)) {
> >         env->fpus |= 0x400;
> >     } else {
> > -        ST0 = tan(fptemp);
> > +        fptemp = tan(fptemp);
> > +        ST0 = double_to_CPU86_LDouble(fptemp);
> >         fpush();
> > -        ST0 = 1.0;
> > +        ST0 = double_to_CPU86_LDouble(1.0);
> 
> You could just say:
>ST0 = floatx_one;
> 

Correct, will fix that.

-- 
Aurelien Jarno  GPG: 1024D/F1BCDB73
aurel...@aurel32.net http://www.aurel32.net

Re: [Qemu-devel] [PATCH 13/20] target-i386: fix helper_fdiv() wrt softfloat

[Aurelien Jarno]

On Tue, Apr 19, 2011 at 06:11:37PM +0100, Peter Maydell wrote:
> On 18 April 2011 22:00, Aurelien Jarno  wrote:
> > +++ b/target-i386/op_helper.c
> > @@ -3440,9 +3440,10 @@ static void fpu_set_exception(int mask)
> >
> >  static inline CPU86_LDouble helper_fdiv(CPU86_LDouble a, CPU86_LDouble b)
> >  {
> > -    if (b == 0.0)
> > +    if (floatx_is_zero(b)) {
> >         fpu_set_exception(FPUS_ZE);
> > -    return a / b;
> > +    }
> > +    return floatx_div(a, b, &env->fp_status);
> >  }
> 
> When we get rid of softfloat-native we should be able to just
> use softfloat's flag-raising code and get rid of this special
> case of zero, right?

Yes, this is already in my next series adding exception support.

> Reviewed-by: Peter Maydell 
> 
> -- PMM
> 
> 

-- 
Aurelien Jarno  GPG: 1024D/F1BCDB73
aurel...@aurel32.net http://www.aurel32.net

[Qemu-devel] [PATCH v2 01/20] softfloat: fix floatx80 handling of NaN

[Aurelien Jarno]

The floatx80 format uses an explicit bit that should be taken into account
when converting to and from commonNaN format.

When converting to commonNaN, the explicit bit should be removed if it is
a 1, and a default NaN should be used if it is 0.

When converting from commonNan, the explicit bit should be added.

Signed-off-by: Aurelien Jarno 
---
 fpu/softfloat-specialize.h |   19 +--
 1 files changed, 13 insertions(+), 6 deletions(-)

v1 -> v2: fix wrong condition that may create an infinity instead of a NaN.

diff --git a/fpu/softfloat-specialize.h b/fpu/softfloat-specialize.h
index b110187..29e30ce 100644
--- a/fpu/softfloat-specialize.h
+++ b/fpu/softfloat-specialize.h
@@ -603,9 +603,15 @@ static commonNaNT floatx80ToCommonNaN( floatx80 a 
STATUS_PARAM)
 commonNaNT z;
 
 if ( floatx80_is_signaling_nan( a ) ) float_raise( float_flag_invalid 
STATUS_VAR);
-z.sign = a.high>>15;
-z.low = 0;
-z.high = a.low;
+if ( a.low >> 63 ) {
+z.sign = a.high >> 15;
+z.low = 0;
+z.high = a.low << 1;
+} else {
+z.sign = floatx80_default_nan_high >> 15;
+z.low = 0;
+z.high = floatx80_default_nan_low << 1;
+}
 return z;
 }
 
@@ -624,10 +630,11 @@ static floatx80 commonNaNToFloatx80( commonNaNT a 
STATUS_PARAM)
 return z;
 }
 
-if (a.high)
-z.low = a.high;
-else
+if (a.high >> 1) {
+z.low = LIT64( 0x8000 ) | a.high >> 1;
+} else {
 z.low = floatx80_default_nan_low;
+}
 z.high = ( ( (uint16_t) a.sign )<<15 ) | 0x7FFF;
 return z;
 }
-- 
1.7.2.3

[Qemu-devel] [PATCH v2 00/20] *** SUBJECT HERE ***

[Aurelien Jarno]

The i386 target is the last one still using softfloat-native. Compared
to softfloat, it is faster but lacks exception handling, float80
(except on x86 hosts) and float128, as well as correctness (use NaN
propagation from the host, different corner cases, etc.). It's API has
also diverged from softfloat, meaning it's not easily possible to select
softfloat or softfloat-native at build-time.

This patch series adjust softfloat, softfloat-native, and target-i386,
so that it's possible to build this target with either implementation.
It's only a transient state until softfloat-native is definitely
removed. This also mean that some code changes in target-i386 are not
the best possible, as writing code that work on both is sometimes
difficult. This will have to be fixed after the softfloat removal.

For the trigonometic and logarithmic functions, which are not (yet)
available in softfloat (neither in softfloat-native actually), I have
chosen to convert the floatx80 value to double and use the host
function. This limits the precision to float64, but anyway the current
code was already using the double version of these functions (instead
of the long double version for floatx80 precision).

I have tested these patches by using the GNU libc testsuite, and
comparing the results before and after. This patch series already
globally improve the testsuite results, though on some trigonometric
functions some tests are now failing and some tests are now passing,
due to precision issues. In any case, these precision issues are limited
to the last two bits of the 80-bit value, so it's safe to ignore this
issue for now.

I already have another patch series in preparation, which does the
actual softfloat removal, clean the generic and target-i386 codes, add
exception support, and add a softfloat log2() function. However it's
the following step, and I prefer first to get this patch series
discussed and hopefully accepted before.

Aurelien Jarno (20):
  softfloat: fix floatx80 handling of NaN
  softfloat: fix floatx80_is_infinity()
  softfloat: add floatx80 constants
  softfloat: add pi constants
  softfloat-native: add a few constant values
  softfloat: add floatx80_compare*() functions
  softfloat: fix float*_scalnb() corner cases
  softfloat-native: fix float*_scalbn() functions
  softfloat-native: add float*_is_any_nan() functions
  target-i386: fix helper_fscale() wrt softfloat
  target-i386: fix helper_fbld_ST0() wrt softfloat
  target-i386: fix helper_fxtract() wrt softfloat
  target-i386: fix helper_fdiv() wrt softfloat
  target-i386: fix helper_fsqrt() wrt softfloat
  target-i386: replace approx_rsqrt and approx_rcp by softfloat ops
  target-i386: add CPU86_LDouble <-> double conversion functions
  target-i386: fix logarithmic and trigonometric helpers wrt softfloat
  target-i386: fix helper_fprem() and helper_fprem1() wrt softfloat
  target-i386: fix constants wrt softfloat
  target-i386: switch to softfloat

 configure  |9 +--
 fpu/softfloat-native.c |   26 ++
 fpu/softfloat-native.h |   36 +++-
 fpu/softfloat-specialize.h |   19 +++--
 fpu/softfloat.c|   93 +++-
 fpu/softfloat.h|   14 +++-
 target-i386/exec.h |   20 +
 target-i386/op_helper.c|  205 ++-
 target-i386/ops_sse.h  |   36 +---
 9 files changed, 342 insertions(+), 116 deletions(-)

-- 
1.7.2.3

[Qemu-devel] [PATCH v2 02/20] softfloat: fix floatx80_is_infinity()

[Aurelien Jarno]

With floatx80, the explicit bit is set for infinity.

Reviewed-by: Peter Maydell 
Signed-off-by: Aurelien Jarno 
---
 fpu/softfloat.h |2 +-
 1 files changed, 1 insertions(+), 1 deletions(-)

diff --git a/fpu/softfloat.h b/fpu/softfloat.h
index 340f0a9..3363128 100644
--- a/fpu/softfloat.h
+++ b/fpu/softfloat.h
@@ -566,7 +566,7 @@ INLINE floatx80 floatx80_chs(floatx80 a)
 
 INLINE int floatx80_is_infinity(floatx80 a)
 {
-return (a.high & 0x7fff) == 0x7fff && a.low == 0;
+return (a.high & 0x7fff) == 0x7fff && a.low == 0x8000LL;
 }
 
 INLINE int floatx80_is_neg(floatx80 a)
-- 
1.7.2.3

[Qemu-devel] [PATCH v2 04/20] softfloat: add pi constants

[Aurelien Jarno]

Add a pi constant for float32, float64, floatx80. It will be used by
target-i386 and later by the trigonometric functions.

Signed-off-by: Aurelien Jarno 
---
 fpu/softfloat.h |3 +++
 1 files changed, 3 insertions(+), 0 deletions(-)

v1 -> v2: fix typo creating a float64 constant with make_float32

diff --git a/fpu/softfloat.h b/fpu/softfloat.h
index 90e0c41..7b3b88f 100644
--- a/fpu/softfloat.h
+++ b/fpu/softfloat.h
@@ -387,6 +387,7 @@ INLINE float32 float32_set_sign(float32 a, int sign)
 #define float32_zero make_float32(0)
 #define float32_one make_float32(0x3f80)
 #define float32_ln2 make_float32(0x3f317218)
+#define float32_pi make_float32(0x40490fdb)
 #define float32_half make_float32(0x3f00)
 #define float32_infinity make_float32(0x7f80)
 
@@ -499,6 +500,7 @@ INLINE float64 float64_set_sign(float64 a, int sign)
 #define float64_zero make_float64(0)
 #define float64_one make_float64(0x3ff0LL)
 #define float64_ln2 make_float64(0x3fe62e42fefa39efLL)
+#define float64_pi make_float64(0x400921fb54442d18LL)
 #define float64_half make_float64(0x3fe0LL)
 #define float64_infinity make_float64(0x7ff0LL)
 
@@ -588,6 +590,7 @@ INLINE int floatx80_is_any_nan(floatx80 a)
 #define floatx80_zero make_floatx80(0x, 0xLL)
 #define floatx80_one make_floatx80(0x3fff, 0x8000LL)
 #define floatx80_ln2 make_floatx80(0x3ffe, 0xb17217f7d1cf79acLL)
+#define floatx80_pi make_floatx80(0x4000, 0xc90fdaa22168c235LL)
 #define floatx80_half make_floatx80(0x3ffe, 0x8000LL)
 #define floatx80_infinity make_floatx80(0x7fff, 0x8000LL)
 
-- 
1.7.2.3

[Qemu-devel] [PATCH v2 14/20] target-i386: fix helper_fsqrt() wrt softfloat

[Aurelien Jarno]

Reviewed-by: Peter Maydell 
Signed-off-by: Aurelien Jarno 
---
 target-i386/exec.h  |4 
 target-i386/op_helper.c |7 ++-
 2 files changed, 6 insertions(+), 5 deletions(-)

diff --git a/target-i386/exec.h b/target-i386/exec.h
index b2af894..292e0de 100644
--- a/target-i386/exec.h
+++ b/target-i386/exec.h
@@ -114,6 +114,7 @@ static inline void svm_check_intercept(uint32_t type)
 #define floatx_div floatx80_div
 #define floatx_mul floatx80_mul
 #define floatx_sub floatx80_sub
+#define floatx_sqrt floatx80_sqrt
 #define floatx_abs floatx80_abs
 #define floatx_chs floatx80_chs
 #define floatx_scalbn floatx80_scalbn
@@ -121,6 +122,7 @@ static inline void svm_check_intercept(uint32_t type)
 #define floatx_compare floatx80_compare
 #define floatx_compare_quiet floatx80_compare_quiet
 #define floatx_is_any_nan floatx80_is_any_nan
+#define floatx_is_neg floatx80_is_neg
 #define floatx_is_zero floatx80_is_zero
 #else
 #define floatx_to_int32 float64_to_int32
@@ -137,6 +139,7 @@ static inline void svm_check_intercept(uint32_t type)
 #define floatx_div float64_div
 #define floatx_mul float64_mul
 #define floatx_sub float64_sub
+#define floatx_sqrt float64_sqrt
 #define floatx_abs float64_abs
 #define floatx_chs float64_chs
 #define floatx_scalbn float64_scalbn
@@ -144,6 +147,7 @@ static inline void svm_check_intercept(uint32_t type)
 #define floatx_compare float64_compare
 #define floatx_compare_quiet float64_compare_quiet
 #define floatx_is_any_nan float64_is_any_nan
+#define floatx_is_neg float64_is_neg
 #define floatx_is_zero float64_is_zero
 #endif
 
diff --git a/target-i386/op_helper.c b/target-i386/op_helper.c
index b22462f..02edfea 100644
--- a/target-i386/op_helper.c
+++ b/target-i386/op_helper.c
@@ -4152,14 +4152,11 @@ void helper_fyl2xp1(void)
 
 void helper_fsqrt(void)
 {
-CPU86_LDouble fptemp;
-
-fptemp = ST0;
-if (fptemp<0.0) {
+if (floatx_is_neg(ST0)) {
 env->fpus &= (~0x4700);  /* (C3,C2,C1,C0) <--  */
 env->fpus |= 0x400;
 }
-ST0 = sqrt(fptemp);
+ST0 = floatx_sqrt(ST0, &env->fp_status);
 }
 
 void helper_fsincos(void)
-- 
1.7.2.3

[Qemu-devel] [PATCH v2 11/20] target-i386: fix helper_fbld_ST0() wrt softfloat

[Aurelien Jarno]

Signed-off-by: Aurelien Jarno 
---
 target-i386/op_helper.c |7 ---
 1 files changed, 4 insertions(+), 3 deletions(-)

v1 -> v2: fix handling of -0

diff --git a/target-i386/op_helper.c b/target-i386/op_helper.c
index f614893..22cb549 100644
--- a/target-i386/op_helper.c
+++ b/target-i386/op_helper.c
@@ -3920,9 +3920,10 @@ void helper_fbld_ST0(target_ulong ptr)
 v = ldub(ptr + i);
 val = (val * 100) + ((v >> 4) * 10) + (v & 0xf);
 }
-tmp = val;
-if (ldub(ptr + 9) & 0x80)
-tmp = -tmp;
+tmp = int64_to_floatx(val, &env->fp_status);
+if (ldub(ptr + 9) & 0x80) {
+floatx_chs(tmp);
+}
 fpush();
 ST0 = tmp;
 }
-- 
1.7.2.3

[Qemu-devel] [PATCH v2 06/20] softfloat: add floatx80_compare*() functions

[Aurelien Jarno]

Add floatx80_compare() and floatx80_compare_quiet() functions to match
the softfloat-native ones.

Reviewed-by: Peter Maydell 
Signed-off-by: Aurelien Jarno 
---
 fpu/softfloat.c |   46 ++
 fpu/softfloat.h |2 ++
 2 files changed, 48 insertions(+), 0 deletions(-)

diff --git a/fpu/softfloat.c b/fpu/softfloat.c
index 6ce0b61..4368069 100644
--- a/fpu/softfloat.c
+++ b/fpu/softfloat.c
@@ -6190,6 +6190,52 @@ int float ## s ## _compare_quiet( float ## s a, float ## 
s b STATUS_PARAM )  \
 COMPARE(32, 0xff)
 COMPARE(64, 0x7ff)
 
+INLINE int floatx80_compare_internal( floatx80 a, floatx80 b,
+  int is_quiet STATUS_PARAM )
+{
+flag aSign, bSign;
+
+if (( ( extractFloatx80Exp( a ) == 0x7fff ) &&
+  ( extractFloatx80Frac( a )<<1 ) ) ||
+( ( extractFloatx80Exp( b ) == 0x7fff ) &&
+  ( extractFloatx80Frac( b )<<1 ) )) {
+if (!is_quiet ||
+floatx80_is_signaling_nan( a ) ||
+floatx80_is_signaling_nan( b ) ) {
+float_raise( float_flag_invalid STATUS_VAR);
+}
+return float_relation_unordered;
+}
+aSign = extractFloatx80Sign( a );
+bSign = extractFloatx80Sign( b );
+if ( aSign != bSign ) {
+
+if ( ( ( (uint16_t) ( ( a.high | b.high ) << 1 ) ) == 0) &&
+ ( ( a.low | b.low ) == 0 ) ) {
+/* zero case */
+return float_relation_equal;
+} else {
+return 1 - (2 * aSign);
+}
+} else {
+if (a.low == b.low && a.high == b.high) {
+return float_relation_equal;
+} else {
+return 1 - 2 * (aSign ^ ( lt128( a.high, a.low, b.high, b.low ) ));
+}
+}
+}
+
+int floatx80_compare( floatx80 a, floatx80 b STATUS_PARAM )
+{
+return floatx80_compare_internal(a, b, 0 STATUS_VAR);
+}
+
+int floatx80_compare_quiet( floatx80 a, floatx80 b STATUS_PARAM )
+{
+return floatx80_compare_internal(a, b, 1 STATUS_VAR);
+}
+
 INLINE int float128_compare_internal( float128 a, float128 b,
   int is_quiet STATUS_PARAM )
 {
diff --git a/fpu/softfloat.h b/fpu/softfloat.h
index 7b3b88f..5eff085 100644
--- a/fpu/softfloat.h
+++ b/fpu/softfloat.h
@@ -550,6 +550,8 @@ int floatx80_eq_quiet( floatx80, floatx80 STATUS_PARAM );
 int floatx80_le_quiet( floatx80, floatx80 STATUS_PARAM );
 int floatx80_lt_quiet( floatx80, floatx80 STATUS_PARAM );
 int floatx80_unordered_quiet( floatx80, floatx80 STATUS_PARAM );
+int floatx80_compare( floatx80, floatx80 STATUS_PARAM );
+int floatx80_compare_quiet( floatx80, floatx80 STATUS_PARAM );
 int floatx80_is_quiet_nan( floatx80 );
 int floatx80_is_signaling_nan( floatx80 );
 floatx80 floatx80_maybe_silence_nan( floatx80 );
-- 
1.7.2.3

[Qemu-devel] [PATCH v2 03/20] softfloat: add floatx80 constants

[Aurelien Jarno]

Add floatx80 constants similarly to float32 or float64.

Reviewed-by: Peter Maydell 
Signed-off-by: Aurelien Jarno 
---
 fpu/softfloat.h |7 +++
 1 files changed, 7 insertions(+), 0 deletions(-)

diff --git a/fpu/softfloat.h b/fpu/softfloat.h
index 3363128..90e0c41 100644
--- a/fpu/softfloat.h
+++ b/fpu/softfloat.h
@@ -154,6 +154,7 @@ typedef struct {
 uint64_t low;
 uint16_t high;
 } floatx80;
+#define make_floatx80(exp, mant) ((floatx80) { mant, exp })
 #endif
 #ifdef FLOAT128
 typedef struct {
@@ -584,6 +585,12 @@ INLINE int floatx80_is_any_nan(floatx80 a)
 return ((a.high & 0x7fff) == 0x7fff) && (a.low<<1);
 }
 
+#define floatx80_zero make_floatx80(0x, 0xLL)
+#define floatx80_one make_floatx80(0x3fff, 0x8000LL)
+#define floatx80_ln2 make_floatx80(0x3ffe, 0xb17217f7d1cf79acLL)
+#define floatx80_half make_floatx80(0x3ffe, 0x8000LL)
+#define floatx80_infinity make_floatx80(0x7fff, 0x8000LL)
+
 /*
 | The pattern for a default generated extended double-precision NaN.  The
 | `high' and `low' values hold the most- and least-significant bits,
-- 
1.7.2.3

[Qemu-devel] [PATCH v2 15/20] target-i386: replace approx_rsqrt and approx_rcp by softfloat ops

[Aurelien Jarno]

Reviewed-by: Peter Maydell 
Signed-off-by: Aurelien Jarno 
---
 target-i386/op_helper.c |   10 --
 target-i386/ops_sse.h   |   36 
 2 files changed, 24 insertions(+), 22 deletions(-)

diff --git a/target-i386/op_helper.c b/target-i386/op_helper.c
index 02edfea..b47d825 100644
--- a/target-i386/op_helper.c
+++ b/target-i386/op_helper.c
@@ -4794,16 +4794,6 @@ void helper_boundl(target_ulong a0, int v)
 }
 }
 
-static float approx_rsqrt(float a)
-{
-return 1.0 / sqrt(a);
-}
-
-static float approx_rcp(float a)
-{
-return 1.0 / a;
-}
-
 #if !defined(CONFIG_USER_ONLY)
 
 #define MMUSUFFIX _mmu
diff --git a/target-i386/ops_sse.h b/target-i386/ops_sse.h
index ac0f150..703be99 100644
--- a/target-i386/ops_sse.h
+++ b/target-i386/ops_sse.h
@@ -778,28 +778,38 @@ int64_t helper_cvttsd2sq(XMMReg *s)
 
 void helper_rsqrtps(XMMReg *d, XMMReg *s)
 {
-d->XMM_S(0) = approx_rsqrt(s->XMM_S(0));
-d->XMM_S(1) = approx_rsqrt(s->XMM_S(1));
-d->XMM_S(2) = approx_rsqrt(s->XMM_S(2));
-d->XMM_S(3) = approx_rsqrt(s->XMM_S(3));
+d->XMM_S(0) = float32_div(float32_one,
+  float32_sqrt(s->XMM_S(0), &env->sse_status),
+  &env->sse_status);
+d->XMM_S(1) = float32_div(float32_one,
+  float32_sqrt(s->XMM_S(1), &env->sse_status),
+  &env->sse_status);
+d->XMM_S(2) = float32_div(float32_one,
+  float32_sqrt(s->XMM_S(2), &env->sse_status),
+  &env->sse_status);
+d->XMM_S(3) = float32_div(float32_one,
+  float32_sqrt(s->XMM_S(3), &env->sse_status),
+  &env->sse_status);
 }
 
 void helper_rsqrtss(XMMReg *d, XMMReg *s)
 {
-d->XMM_S(0) = approx_rsqrt(s->XMM_S(0));
+d->XMM_S(0) = float32_div(float32_one,
+  float32_sqrt(s->XMM_S(0), &env->sse_status),
+  &env->sse_status);
 }
 
 void helper_rcpps(XMMReg *d, XMMReg *s)
 {
-d->XMM_S(0) = approx_rcp(s->XMM_S(0));
-d->XMM_S(1) = approx_rcp(s->XMM_S(1));
-d->XMM_S(2) = approx_rcp(s->XMM_S(2));
-d->XMM_S(3) = approx_rcp(s->XMM_S(3));
+d->XMM_S(0) = float32_div(float32_one, s->XMM_S(0), &env->sse_status);
+d->XMM_S(1) = float32_div(float32_one, s->XMM_S(1), &env->sse_status);
+d->XMM_S(2) = float32_div(float32_one, s->XMM_S(2), &env->sse_status);
+d->XMM_S(3) = float32_div(float32_one, s->XMM_S(3), &env->sse_status);
 }
 
 void helper_rcpss(XMMReg *d, XMMReg *s)
 {
-d->XMM_S(0) = approx_rcp(s->XMM_S(0));
+d->XMM_S(0) = float32_div(float32_one, s->XMM_S(0), &env->sse_status);
 }
 
 static inline uint64_t helper_extrq(uint64_t src, int shift, int len)
@@ -1272,14 +1282,16 @@ void helper_pfpnacc(MMXReg *d, MMXReg *s)
 
 void helper_pfrcp(MMXReg *d, MMXReg *s)
 {
-d->MMX_S(0) = approx_rcp(s->MMX_S(0));
+d->MMX_S(0) = float32_div(float32_one, s->MMX_S(0), &env->mmx_status);
 d->MMX_S(1) = d->MMX_S(0);
 }
 
 void helper_pfrsqrt(MMXReg *d, MMXReg *s)
 {
 d->MMX_L(1) = s->MMX_L(0) & 0x7fff;
-d->MMX_S(1) = approx_rsqrt(d->MMX_S(1));
+d->MMX_S(1) = float32_div(float32_one,
+  float32_sqrt(d->MMX_S(1), &env->mmx_status),
+  &env->mmx_status);
 d->MMX_L(1) |= s->MMX_L(0) & 0x8000;
 d->MMX_L(0) = d->MMX_L(1);
 }
-- 
1.7.2.3

[Qemu-devel] [PATCH v2 05/20] softfloat-native: add a few constant values

[Aurelien Jarno]

Reviewed-by: Peter Maydell 
Signed-off-by: Aurelien Jarno 
---
 fpu/softfloat-native.h |   27 +++
 1 files changed, 27 insertions(+), 0 deletions(-)

diff --git a/fpu/softfloat-native.h b/fpu/softfloat-native.h
index ea7a15e..97fb3c7 100644
--- a/fpu/softfloat-native.h
+++ b/fpu/softfloat-native.h
@@ -172,6 +172,15 @@ float128 int64_to_float128( int64_t STATUS_PARAM);
 #endif
 
 /*
+| Software IEC/IEEE single-precision conversion constants.
+**/
+#define float32_zero (0.0)
+#define float32_one (1.0)
+#define float32_ln2 (0.6931471)
+#define float32_pi (3.1415926)
+#define float32_half (0.5)
+
+/*
 | Software IEC/IEEE single-precision conversion routines.
 **/
 int float32_to_int32( float32  STATUS_PARAM);
@@ -280,6 +289,15 @@ INLINE float32 float32_scalbn(float32 a, int n)
 }
 
 /*
+| Software IEC/IEEE double-precision conversion constants.
+**/
+#define float64_zero (0.0)
+#define float64_one (1.0)
+#define float64_ln2 (0.693147180559945)
+#define float64_pi (3.141592653589793)
+#define float64_half (0.5)
+
+/*
 | Software IEC/IEEE double-precision conversion routines.
 **/
 int float64_to_int32( float64 STATUS_PARAM );
@@ -394,6 +412,15 @@ INLINE float64 float64_scalbn(float64 a, int n)
 #ifdef FLOATX80
 
 /*
+| Software IEC/IEEE extended double-precision conversion constants.
+**/
+#define floatx80_zero (0.0L)
+#define floatx80_one (1.0L)
+#define floatx80_ln2 (0.69314718055994530943L)
+#define floatx80_pi (3.14159265358979323851L)
+#define floatx80_half (0.5L)
+
+/*
 | Software IEC/IEEE extended double-precision conversion routines.
 **/
 int floatx80_to_int32( floatx80 STATUS_PARAM );
-- 
1.7.2.3

[Qemu-devel] [PATCH v2 18/20] target-i386: fix helper_fprem() and helper_fprem1() wrt softfloat

[Aurelien Jarno]

Reviewed-by: Peter Maydell 
Signed-off-by: Aurelien Jarno 
---
 target-i386/op_helper.c |   48 +++---
 1 files changed, 28 insertions(+), 20 deletions(-)

diff --git a/target-i386/op_helper.c b/target-i386/op_helper.c
index f18c573..6a536e2 100644
--- a/target-i386/op_helper.c
+++ b/target-i386/op_helper.c
@@ -4053,21 +4053,24 @@ void helper_fxtract(void)
 
 void helper_fprem1(void)
 {
-CPU86_LDouble dblq, fpsrcop, fptemp;
+double st0, st1, dblq, fpsrcop, fptemp;
 CPU86_LDoubleU fpsrcop1, fptemp1;
 int expdif;
 signed long long int q;
 
-if (isinf(ST0) || isnan(ST0) || isnan(ST1) || (ST1 == 0.0)) {
-ST0 = 0.0 / 0.0; /* NaN */
+st0 = CPU86_LDouble_to_double(ST0);
+st1 = CPU86_LDouble_to_double(ST1);
+
+if (isinf(st0) || isnan(st0) || isnan(st1) || (st1 == 0.0)) {
+ST0 = double_to_CPU86_LDouble(0.0 / 0.0); /* NaN */
 env->fpus &= (~0x4700); /* (C3,C2,C1,C0) <--  */
 return;
 }
 
-fpsrcop = ST0;
-fptemp = ST1;
-fpsrcop1.d = fpsrcop;
-fptemp1.d = fptemp;
+fpsrcop = st0;
+fptemp = st1;
+fpsrcop1.d = ST0;
+fptemp1.d = ST1;
 expdif = EXPD(fpsrcop1) - EXPD(fptemp1);
 
 if (expdif < 0) {
@@ -4081,7 +4084,7 @@ void helper_fprem1(void)
 dblq = fpsrcop / fptemp;
 /* round dblq towards nearest integer */
 dblq = rint(dblq);
-ST0 = fpsrcop - fptemp * dblq;
+st0 = fpsrcop - fptemp * dblq;
 
 /* convert dblq to q by truncating towards zero */
 if (dblq < 0.0)
@@ -4097,31 +4100,35 @@ void helper_fprem1(void)
 } else {
 env->fpus |= 0x400;  /* C2 <-- 1 */
 fptemp = pow(2.0, expdif - 50);
-fpsrcop = (ST0 / ST1) / fptemp;
+fpsrcop = (st0 / st1) / fptemp;
 /* fpsrcop = integer obtained by chopping */
 fpsrcop = (fpsrcop < 0.0) ?
   -(floor(fabs(fpsrcop))) : floor(fpsrcop);
-ST0 -= (ST1 * fpsrcop * fptemp);
+st0 -= (st1 * fpsrcop * fptemp);
 }
+ST0 = double_to_CPU86_LDouble(st0);
 }
 
 void helper_fprem(void)
 {
-CPU86_LDouble dblq, fpsrcop, fptemp;
+double st0, st1, dblq, fpsrcop, fptemp;
 CPU86_LDoubleU fpsrcop1, fptemp1;
 int expdif;
 signed long long int q;
 
-if (isinf(ST0) || isnan(ST0) || isnan(ST1) || (ST1 == 0.0)) {
-   ST0 = 0.0 / 0.0; /* NaN */
+st0 = CPU86_LDouble_to_double(ST0);
+st1 = CPU86_LDouble_to_double(ST1);
+
+if (isinf(st0) || isnan(st0) || isnan(st1) || (st1 == 0.0)) {
+   ST0 = double_to_CPU86_LDouble(0.0 / 0.0); /* NaN */
env->fpus &= (~0x4700); /* (C3,C2,C1,C0) <--  */
return;
 }
 
-fpsrcop = (CPU86_LDouble)ST0;
-fptemp = (CPU86_LDouble)ST1;
-fpsrcop1.d = fpsrcop;
-fptemp1.d = fptemp;
+fpsrcop = st0;
+fptemp = st1;
+fpsrcop1.d = ST0;
+fptemp1.d = ST1;
 expdif = EXPD(fpsrcop1) - EXPD(fptemp1);
 
 if (expdif < 0) {
@@ -4135,7 +4142,7 @@ void helper_fprem(void)
 dblq = fpsrcop/*ST0*/ / fptemp/*ST1*/;
 /* round dblq towards zero */
 dblq = (dblq < 0.0) ? ceil(dblq) : floor(dblq);
-ST0 = fpsrcop/*ST0*/ - fptemp * dblq;
+st0 = fpsrcop/*ST0*/ - fptemp * dblq;
 
 /* convert dblq to q by truncating towards zero */
 if (dblq < 0.0)
@@ -4152,12 +4159,13 @@ void helper_fprem(void)
 int N = 32 + (expdif % 32); /* as per AMD docs */
 env->fpus |= 0x400;  /* C2 <-- 1 */
 fptemp = pow(2.0, (double)(expdif - N));
-fpsrcop = (ST0 / ST1) / fptemp;
+fpsrcop = (st0 / st1) / fptemp;
 /* fpsrcop = integer obtained by chopping */
 fpsrcop = (fpsrcop < 0.0) ?
   -(floor(fabs(fpsrcop))) : floor(fpsrcop);
-ST0 -= (ST1 * fpsrcop * fptemp);
+st0 -= (st1 * fpsrcop * fptemp);
 }
+ST0 = double_to_CPU86_LDouble(st0);
 }
 
 void helper_fyl2xp1(void)
-- 
1.7.2.3

[Qemu-devel] [PATCH v2 07/20] softfloat: fix float*_scalnb() corner cases

[Aurelien Jarno]

float*_scalnb() were not taking into account all cases. This patch fixes
some corner cases:
- NaN values in input were not properly propagated and the invalid flag
  not correctly raised. Use propagateFloat*NaN() for that.
- NaN or infinite values in input of floatx80_scalnb() were not correctly
  detected due to a typo.
- The sum of exponent and n could overflow, leading to strange results.
  Additionally having int16 defined to int make that happening for a very
  small range of values. Fix that by saturating n to the maximum exponent
  range, and using an explicit wider type if needed.

Signed-off-by: Aurelien Jarno 
---
 fpu/softfloat.c |   47 ++-
 1 files changed, 42 insertions(+), 5 deletions(-)

v1 -> v2: fix condition for float32

diff --git a/fpu/softfloat.c b/fpu/softfloat.c
index 4368069..baba1dc 100644
--- a/fpu/softfloat.c
+++ b/fpu/softfloat.c
@@ -6333,7 +6333,7 @@ MINMAX(64, 0x7ff)
 float32 float32_scalbn( float32 a, int n STATUS_PARAM )
 {
 flag aSign;
-int16 aExp;
+int16_t aExp;
 uint32_t aSig;
 
 a = float32_squash_input_denormal(a STATUS_VAR);
@@ -6342,6 +6342,9 @@ float32 float32_scalbn( float32 a, int n STATUS_PARAM )
 aSign = extractFloat32Sign( a );
 
 if ( aExp == 0xFF ) {
+if ( aSig ) {
+return propagateFloat32NaN( a, a STATUS_VAR );
+}
 return a;
 }
 if ( aExp != 0 )
@@ -6349,6 +6352,12 @@ float32 float32_scalbn( float32 a, int n STATUS_PARAM )
 else if ( aSig == 0 )
 return a;
 
+if (n > 0x200) {
+n = 0x200;
+} else if (n < -0x200) {
+n = -0x200;
+}
+
 aExp += n - 1;
 aSig <<= 7;
 return normalizeRoundAndPackFloat32( aSign, aExp, aSig STATUS_VAR );
@@ -6357,7 +6366,7 @@ float32 float32_scalbn( float32 a, int n STATUS_PARAM )
 float64 float64_scalbn( float64 a, int n STATUS_PARAM )
 {
 flag aSign;
-int16 aExp;
+int16_t aExp;
 uint64_t aSig;
 
 a = float64_squash_input_denormal(a STATUS_VAR);
@@ -6366,6 +6375,9 @@ float64 float64_scalbn( float64 a, int n STATUS_PARAM )
 aSign = extractFloat64Sign( a );
 
 if ( aExp == 0x7FF ) {
+if ( aSig ) {
+return propagateFloat64NaN( a, a STATUS_VAR );
+}
 return a;
 }
 if ( aExp != 0 )
@@ -6373,6 +6385,12 @@ float64 float64_scalbn( float64 a, int n STATUS_PARAM )
 else if ( aSig == 0 )
 return a;
 
+if (n > 0x1000) {
+n = 0x1000;
+} else if (n < -0x1000) {
+n = -0x1000;
+}
+
 aExp += n - 1;
 aSig <<= 10;
 return normalizeRoundAndPackFloat64( aSign, aExp, aSig STATUS_VAR );
@@ -6382,19 +6400,29 @@ float64 float64_scalbn( float64 a, int n STATUS_PARAM )
 floatx80 floatx80_scalbn( floatx80 a, int n STATUS_PARAM )
 {
 flag aSign;
-int16 aExp;
+int32_t aExp;
 uint64_t aSig;
 
 aSig = extractFloatx80Frac( a );
 aExp = extractFloatx80Exp( a );
 aSign = extractFloatx80Sign( a );
 
-if ( aExp == 0x7FF ) {
+if ( aExp == 0x7FFF ) {
+if ( aSig<<1 ) {
+return propagateFloatx80NaN( a, a STATUS_VAR );
+}
 return a;
 }
+
 if (aExp == 0 && aSig == 0)
 return a;
 
+if (n > 0x1) {
+n = 0x1;
+} else if (n < -0x1) {
+n = -0x1;
+}
+
 aExp += n;
 return normalizeRoundAndPackFloatx80( STATUS(floatx80_rounding_precision),
   aSign, aExp, aSig, 0 STATUS_VAR );
@@ -6405,7 +6433,7 @@ floatx80 floatx80_scalbn( floatx80 a, int n STATUS_PARAM )
 float128 float128_scalbn( float128 a, int n STATUS_PARAM )
 {
 flag aSign;
-int32 aExp;
+int32_t aExp;
 uint64_t aSig0, aSig1;
 
 aSig1 = extractFloat128Frac1( a );
@@ -6413,6 +6441,9 @@ float128 float128_scalbn( float128 a, int n STATUS_PARAM )
 aExp = extractFloat128Exp( a );
 aSign = extractFloat128Sign( a );
 if ( aExp == 0x7FFF ) {
+if ( aSig0 | aSig1 ) {
+return propagateFloat128NaN( a, a STATUS_VAR );
+}
 return a;
 }
 if ( aExp != 0 )
@@ -6420,6 +6451,12 @@ float128 float128_scalbn( float128 a, int n STATUS_PARAM 
)
 else if ( aSig0 == 0 && aSig1 == 0 )
 return a;
 
+if (n > 0x1) {
+n = 0x1;
+} else if (n < -0x1) {
+n = -0x1;
+}
+
 aExp += n - 1;
 return normalizeRoundAndPackFloat128( aSign, aExp, aSig0, aSig1
   STATUS_VAR );
-- 
1.7.2.3

[Qemu-devel] [PATCH v2 20/20] target-i386: switch to softfloat

[Aurelien Jarno]

This increase the correctness (precision, NaN values, corner cases) on
non-x86 machines, and add the possibility to handle the exception
correctly.

Signed-off-by: Aurelien Jarno 
---
 configure |9 +
 1 files changed, 1 insertions(+), 8 deletions(-)

v1 -> v2: remove case.

diff --git a/configure b/configure
index da2da04..f2eab30 100755
--- a/configure
+++ b/configure
@@ -3275,14 +3275,7 @@ if test ! -z "$gdb_xml_files" ; then
   echo "TARGET_XML_FILES=$list" >> $config_target_mak
 fi
 
-case "$target_arch2" in
-  i386|x86_64)
-echo "CONFIG_NOSOFTFLOAT=y" >> $config_target_mak
-;;
-  *)
-echo "CONFIG_SOFTFLOAT=y" >> $config_target_mak
-;;
-esac
+echo "CONFIG_SOFTFLOAT=y" >> $config_target_mak
 
 if test "$target_user_only" = "yes" -a "$bflt" = "yes"; then
   echo "TARGET_HAS_BFLT=y" >> $config_target_mak
-- 
1.7.2.3

[Qemu-devel] [PATCH v2 13/20] target-i386: fix helper_fdiv() wrt softfloat

[Aurelien Jarno]

Reviewed-by: Peter Maydell 
Signed-off-by: Aurelien Jarno 
---
 target-i386/exec.h  |4 
 target-i386/op_helper.c |5 +++--
 2 files changed, 7 insertions(+), 2 deletions(-)

diff --git a/target-i386/exec.h b/target-i386/exec.h
index 211cc8c..b2af894 100644
--- a/target-i386/exec.h
+++ b/target-i386/exec.h
@@ -111,6 +111,7 @@ static inline void svm_check_intercept(uint32_t type)
 #define floatx_to_float32 floatx80_to_float32
 #define floatx_to_float64 floatx80_to_float64
 #define floatx_add floatx80_add
+#define floatx_div floatx80_div
 #define floatx_mul floatx80_mul
 #define floatx_sub floatx80_sub
 #define floatx_abs floatx80_abs
@@ -120,6 +121,7 @@ static inline void svm_check_intercept(uint32_t type)
 #define floatx_compare floatx80_compare
 #define floatx_compare_quiet floatx80_compare_quiet
 #define floatx_is_any_nan floatx80_is_any_nan
+#define floatx_is_zero floatx80_is_zero
 #else
 #define floatx_to_int32 float64_to_int32
 #define floatx_to_int64 float64_to_int64
@@ -132,6 +134,7 @@ static inline void svm_check_intercept(uint32_t type)
 #define floatx_to_float32 float64_to_float32
 #define floatx_to_float64(x, e) (x)
 #define floatx_add float64_add
+#define floatx_div float64_div
 #define floatx_mul float64_mul
 #define floatx_sub float64_sub
 #define floatx_abs float64_abs
@@ -141,6 +144,7 @@ static inline void svm_check_intercept(uint32_t type)
 #define floatx_compare float64_compare
 #define floatx_compare_quiet float64_compare_quiet
 #define floatx_is_any_nan float64_is_any_nan
+#define floatx_is_zero float64_is_zero
 #endif
 
 #define RC_MASK 0xc00
diff --git a/target-i386/op_helper.c b/target-i386/op_helper.c
index a4bf734..b22462f 100644
--- a/target-i386/op_helper.c
+++ b/target-i386/op_helper.c
@@ -3440,9 +3440,10 @@ static void fpu_set_exception(int mask)
 
 static inline CPU86_LDouble helper_fdiv(CPU86_LDouble a, CPU86_LDouble b)
 {
-if (b == 0.0)
+if (floatx_is_zero(b)) {
 fpu_set_exception(FPUS_ZE);
-return a / b;
+}
+return floatx_div(a, b, &env->fp_status);
 }
 
 static void fpu_raise_exception(void)
-- 
1.7.2.3

[Qemu-devel] [PATCH v2 10/20] target-i386: fix helper_fscale() wrt softfloat

[Aurelien Jarno]

Use the scalbn softfloat function to implement helper_fscale(). This
fixes corner cases (e.g. NaN) and makes a few more GNU libc math tests
to pass.

Reviewed-by: Peter Maydell 
Signed-off-by: Aurelien Jarno 
---
 target-i386/exec.h  |4 
 target-i386/op_helper.c |7 ++-
 2 files changed, 10 insertions(+), 1 deletions(-)

diff --git a/target-i386/exec.h b/target-i386/exec.h
index ae6b947..211cc8c 100644
--- a/target-i386/exec.h
+++ b/target-i386/exec.h
@@ -115,9 +115,11 @@ static inline void svm_check_intercept(uint32_t type)
 #define floatx_sub floatx80_sub
 #define floatx_abs floatx80_abs
 #define floatx_chs floatx80_chs
+#define floatx_scalbn floatx80_scalbn
 #define floatx_round_to_int floatx80_round_to_int
 #define floatx_compare floatx80_compare
 #define floatx_compare_quiet floatx80_compare_quiet
+#define floatx_is_any_nan floatx80_is_any_nan
 #else
 #define floatx_to_int32 float64_to_int32
 #define floatx_to_int64 float64_to_int64
@@ -134,9 +136,11 @@ static inline void svm_check_intercept(uint32_t type)
 #define floatx_sub float64_sub
 #define floatx_abs float64_abs
 #define floatx_chs float64_chs
+#define floatx_scalbn float64_scalbn
 #define floatx_round_to_int float64_round_to_int
 #define floatx_compare float64_compare
 #define floatx_compare_quiet float64_compare_quiet
+#define floatx_is_any_nan float64_is_any_nan
 #endif
 
 #define RC_MASK 0xc00
diff --git a/target-i386/op_helper.c b/target-i386/op_helper.c
index a73427f..f614893 100644
--- a/target-i386/op_helper.c
+++ b/target-i386/op_helper.c
@@ -4174,7 +4174,12 @@ void helper_frndint(void)
 
 void helper_fscale(void)
 {
-ST0 = ldexp (ST0, (int)(ST1));
+if (floatx_is_any_nan(ST1)) {
+ST0 = ST1;
+} else {
+int n = floatx_to_int32_round_to_zero(ST1, &env->fp_status);
+ST0 = floatx_scalbn(ST0, n, &env->fp_status);
+}
 }
 
 void helper_fsin(void)
-- 
1.7.2.3

[Qemu-devel] [PATCH v2 19/20] target-i386: fix constants wrt softfloat

[Aurelien Jarno]

Reviewed-by: Peter Maydell 
Signed-off-by: Aurelien Jarno 
---
 target-i386/exec.h  |8 
 target-i386/op_helper.c |   24 +---
 2 files changed, 25 insertions(+), 7 deletions(-)

diff --git a/target-i386/exec.h b/target-i386/exec.h
index 292e0de..ee36a71 100644
--- a/target-i386/exec.h
+++ b/target-i386/exec.h
@@ -124,6 +124,10 @@ static inline void svm_check_intercept(uint32_t type)
 #define floatx_is_any_nan floatx80_is_any_nan
 #define floatx_is_neg floatx80_is_neg
 #define floatx_is_zero floatx80_is_zero
+#define floatx_zero floatx80_zero
+#define floatx_one floatx80_one
+#define floatx_ln2 floatx80_ln2
+#define floatx_pi floatx80_pi
 #else
 #define floatx_to_int32 float64_to_int32
 #define floatx_to_int64 float64_to_int64
@@ -149,6 +153,10 @@ static inline void svm_check_intercept(uint32_t type)
 #define floatx_is_any_nan float64_is_any_nan
 #define floatx_is_neg float64_is_neg
 #define floatx_is_zero float64_is_zero
+#define floatx_zero float64_zero
+#define floatx_one float64_one
+#define floatx_ln2 float64_ln2
+#define floatx_pi float64_pi
 #endif
 
 #define RC_MASK 0xc00
diff --git a/target-i386/op_helper.c b/target-i386/op_helper.c
index 6a536e2..49043bf 100644
--- a/target-i386/op_helper.c
+++ b/target-i386/op_helper.c
@@ -95,15 +95,25 @@ static const uint8_t rclb_table[32] = {
 6, 7, 8, 0, 1, 2, 3, 4,
 };
 
+#if defined(CONFIG_SOFTFLOAT)
+# define floatx_lg2 make_floatx80( 0x3ffd, 0x9a209a84fbcff799LL )
+# define floatx_l2e make_floatx80( 0x3fff, 0xb8aa3b295c17f0bcLL )
+# define floatx_l2t make_floatx80( 0x4000, 0xd49a784bcd1b8afeLL )
+#else
+# define floatx_lg2 (0.30102999566398119523L)
+# define floatx_l2e (1.44269504088896340739L)
+# define floatx_l2t (3.32192809488736234781L)
+#endif
+
 static const CPU86_LDouble f15rk[7] =
 {
-0.L,
-1.L,
-3.14159265358979323851L,  /*pi*/
-0.30102999566398119523L,  /*lg2*/
-0.69314718055994530943L,  /*ln2*/
-1.44269504088896340739L,  /*l2e*/
-3.32192809488736234781L,  /*l2t*/
+floatx_zero,
+floatx_one,
+floatx_pi,
+floatx_lg2,
+floatx_ln2,
+floatx_l2e,
+floatx_l2t,
 };
 
 /* broken thread support */
-- 
1.7.2.3

[Qemu-devel] [PATCH v2 17/20] target-i386: fix logarithmic and trigonometric helpers wrt softfloat

[Aurelien Jarno]

Use the new CPU86_LDouble <-> double conversion functions to make logarithmic
and trigonometric helpers working with softfloat.

Signed-off-by: Aurelien Jarno 
---
 target-i386/op_helper.c |   52 +++---
 1 files changed, 26 insertions(+), 26 deletions(-)

v1 -> v2: use floatx_one instead of double_to_CPU86_LDouble(1.0)

diff --git a/target-i386/op_helper.c b/target-i386/op_helper.c
index d9c8c1b..f18c573 100644
--- a/target-i386/op_helper.c
+++ b/target-i386/op_helper.c
@@ -17,6 +17,7 @@
  * License along with this library; if not, see .
  */
 
+#include 
 #include "exec.h"
 #include "exec-all.h"
 #include "host-utils.h"
@@ -3981,17 +3982,19 @@ void helper_fbst_ST0(target_ulong ptr)
 
 void helper_f2xm1(void)
 {
-ST0 = pow(2.0,ST0) - 1.0;
+double val = CPU86_LDouble_to_double(ST0);
+val = pow(2.0, val) - 1.0;
+ST0 = double_to_CPU86_LDouble(val);
 }
 
 void helper_fyl2x(void)
 {
-CPU86_LDouble fptemp;
+double fptemp = CPU86_LDouble_to_double(ST0);
 
-fptemp = ST0;
 if (fptemp>0.0){
-fptemp = log(fptemp)/log(2.0);  /* log2(ST) */
-ST1 *= fptemp;
+fptemp = log(fptemp)/log(2.0);/* log2(ST) */
+fptemp *= CPU86_LDouble_to_double(ST1);
+ST1 = double_to_CPU86_LDouble(fptemp);
 fpop();
 } else {
 env->fpus &= (~0x4700);
@@ -4001,15 +4004,15 @@ void helper_fyl2x(void)
 
 void helper_fptan(void)
 {
-CPU86_LDouble fptemp;
+double fptemp = CPU86_LDouble_to_double(ST0);
 
-fptemp = ST0;
 if((fptemp > MAXTAN)||(fptemp < -MAXTAN)) {
 env->fpus |= 0x400;
 } else {
-ST0 = tan(fptemp);
+fptemp = tan(fptemp);
+ST0 = double_to_CPU86_LDouble(fptemp);
 fpush();
-ST0 = 1.0;
+ST0 = floatx_one;
 env->fpus &= (~0x400);  /* C2 <-- 0 */
 /* the above code is for  |arg| < 2**52 only */
 }
@@ -4017,11 +4020,11 @@ void helper_fptan(void)
 
 void helper_fpatan(void)
 {
-CPU86_LDouble fptemp, fpsrcop;
+double fptemp, fpsrcop;
 
-fpsrcop = ST1;
-fptemp = ST0;
-ST1 = atan2(fpsrcop,fptemp);
+fpsrcop = CPU86_LDouble_to_double(ST1);
+fptemp = CPU86_LDouble_to_double(ST0);
+ST1 = double_to_CPU86_LDouble(atan2(fpsrcop, fptemp));
 fpop();
 }
 
@@ -4159,12 +4162,12 @@ void helper_fprem(void)
 
 void helper_fyl2xp1(void)
 {
-CPU86_LDouble fptemp;
+double fptemp = CPU86_LDouble_to_double(ST0);
 
-fptemp = ST0;
 if ((fptemp+1.0)>0.0) {
 fptemp = log(fptemp+1.0) / log(2.0); /* log2(ST+1.0) */
-ST1 *= fptemp;
+fptemp *= CPU86_LDouble_to_double(ST1);
+ST1 = double_to_CPU86_LDouble(fptemp);
 fpop();
 } else {
 env->fpus &= (~0x4700);
@@ -4183,15 +4186,14 @@ void helper_fsqrt(void)
 
 void helper_fsincos(void)
 {
-CPU86_LDouble fptemp;
+double fptemp = CPU86_LDouble_to_double(ST0);
 
-fptemp = ST0;
 if ((fptemp > MAXTAN)||(fptemp < -MAXTAN)) {
 env->fpus |= 0x400;
 } else {
-ST0 = sin(fptemp);
+ST0 = double_to_CPU86_LDouble(sin(fptemp));
 fpush();
-ST0 = cos(fptemp);
+ST0 = double_to_CPU86_LDouble(cos(fptemp));
 env->fpus &= (~0x400);  /* C2 <-- 0 */
 /* the above code is for  |arg| < 2**63 only */
 }
@@ -4214,13 +4216,12 @@ void helper_fscale(void)
 
 void helper_fsin(void)
 {
-CPU86_LDouble fptemp;
+double fptemp = CPU86_LDouble_to_double(ST0);
 
-fptemp = ST0;
 if ((fptemp > MAXTAN)||(fptemp < -MAXTAN)) {
 env->fpus |= 0x400;
 } else {
-ST0 = sin(fptemp);
+ST0 = double_to_CPU86_LDouble(sin(fptemp));
 env->fpus &= (~0x400);  /* C2 <-- 0 */
 /* the above code is for  |arg| < 2**53 only */
 }
@@ -4228,13 +4229,12 @@ void helper_fsin(void)
 
 void helper_fcos(void)
 {
-CPU86_LDouble fptemp;
+double fptemp = CPU86_LDouble_to_double(ST0);
 
-fptemp = ST0;
 if((fptemp > MAXTAN)||(fptemp < -MAXTAN)) {
 env->fpus |= 0x400;
 } else {
-ST0 = cos(fptemp);
+ST0 = double_to_CPU86_LDouble(cos(fptemp));
 env->fpus &= (~0x400);  /* C2 <-- 0 */
 /* the above code is for  |arg5 < 2**63 only */
 }
-- 
1.7.2.3

[Qemu-devel] [PATCH v2 09/20] softfloat-native: add float*_is_any_nan() functions

[Aurelien Jarno]

Add float*_is_any_nan() functions to match the softfloat API.

Reviewed-by: Peter Maydell 
Signed-off-by: Aurelien Jarno 
---
 fpu/softfloat-native.c |   26 ++
 fpu/softfloat-native.h |3 +++
 2 files changed, 29 insertions(+), 0 deletions(-)

diff --git a/fpu/softfloat-native.c b/fpu/softfloat-native.c
index 50355a4..8848651 100644
--- a/fpu/softfloat-native.c
+++ b/fpu/softfloat-native.c
@@ -263,6 +263,15 @@ int float32_is_quiet_nan( float32 a1 )
 return ( 0xFF80 < ( a<<1 ) );
 }
 
+int float32_is_any_nan( float32 a1 )
+{
+float32u u;
+uint32_t a;
+u.f = a1;
+a = u.i;
+return (a & ~(1 << 31)) > 0x7f80U;
+}
+
 /*
 | Software IEC/IEEE double-precision conversion routines.
 **/
@@ -422,6 +431,16 @@ int float64_is_quiet_nan( float64 a1 )
 
 }
 
+int float64_is_any_nan( float64 a1 )
+{
+float64u u;
+uint64_t a;
+u.f = a1;
+a = u.i;
+
+return (a & ~(1ULL << 63)) > LIT64 (0x7FF0 );
+}
+
 #ifdef FLOATX80
 
 /*
@@ -511,4 +530,11 @@ int floatx80_is_quiet_nan( floatx80 a1 )
 return ( ( u.i.high & 0x7FFF ) == 0x7FFF ) && (uint64_t) ( u.i.low<<1 );
 }
 
+int floatx80_is_any_nan( floatx80 a1 )
+{
+floatx80u u;
+u.f = a1;
+return ((u.i.high & 0x7FFF) == 0x7FFF) && ( u.i.low<<1 );
+}
+
 #endif
diff --git a/fpu/softfloat-native.h b/fpu/softfloat-native.h
index f497e64..6afb74a 100644
--- a/fpu/softfloat-native.h
+++ b/fpu/softfloat-native.h
@@ -255,6 +255,7 @@ int float32_compare( float32, float32 STATUS_PARAM );
 int float32_compare_quiet( float32, float32 STATUS_PARAM );
 int float32_is_signaling_nan( float32 );
 int float32_is_quiet_nan( float32 );
+int float32_is_any_nan( float32 );
 
 INLINE float32 float32_abs(float32 a)
 {
@@ -375,6 +376,7 @@ INLINE int float64_unordered_quiet( float64 a, float64 b 
STATUS_PARAM)
 int float64_compare( float64, float64 STATUS_PARAM );
 int float64_compare_quiet( float64, float64 STATUS_PARAM );
 int float64_is_signaling_nan( float64 );
+int float64_is_any_nan( float64 );
 int float64_is_quiet_nan( float64 );
 
 INLINE float64 float64_abs(float64 a)
@@ -492,6 +494,7 @@ int floatx80_compare( floatx80, floatx80 STATUS_PARAM );
 int floatx80_compare_quiet( floatx80, floatx80 STATUS_PARAM );
 int floatx80_is_signaling_nan( floatx80 );
 int floatx80_is_quiet_nan( floatx80 );
+int floatx80_is_any_nan( floatx80 );
 
 INLINE floatx80 floatx80_abs(floatx80 a)
 {
-- 
1.7.2.3

[Qemu-devel] [PATCH v2 12/20] target-i386: fix helper_fxtract() wrt softfloat

[Aurelien Jarno]

With softfloat it's not possible to play with the overflow of an
unsigned value to get the 0 case partially correct. Use a special case
for that. Using a division to generate an infinity is the easiest way
that works for both softfloat and softfloat-native.

Reviewed-by: Peter Maydell 
Signed-off-by: Aurelien Jarno 
---
 target-i386/op_helper.c |   23 ---
 1 files changed, 16 insertions(+), 7 deletions(-)

diff --git a/target-i386/op_helper.c b/target-i386/op_helper.c
index 22cb549..a4bf734 100644
--- a/target-i386/op_helper.c
+++ b/target-i386/op_helper.c
@@ -4005,15 +4005,24 @@ void helper_fpatan(void)
 void helper_fxtract(void)
 {
 CPU86_LDoubleU temp;
-unsigned int expdif;
 
 temp.d = ST0;
-expdif = EXPD(temp) - EXPBIAS;
-/*DP exponent bias*/
-ST0 = expdif;
-fpush();
-BIASEXPONENT(temp);
-ST0 = temp.d;
+
+if (floatx_is_zero(ST0)) {
+/* Easy way to generate -inf and raising division by 0 exception */
+ST0 = floatx_div(floatx_chs(floatx_one), floatx_zero, &env->fp_status);
+fpush();
+ST0 = temp.d;
+} else {
+int expdif;
+
+expdif = EXPD(temp) - EXPBIAS;
+/*DP exponent bias*/
+ST0 = int32_to_floatx(expdif, &env->fp_status);
+fpush();
+BIASEXPONENT(temp);
+ST0 = temp.d;
+}
 }
 
 void helper_fprem1(void)
-- 
1.7.2.3

[Qemu-devel] [PATCH v2 16/20] target-i386: add CPU86_LDouble <-> double conversion functions

[Aurelien Jarno]

Add functions to convert CPU86_LDouble to double and vice versa. They
are going to be used to implement logarithmic and trigonometric function
until softfloat implement them.

Reviewed-by: Peter Maydell 
Signed-off-by: Aurelien Jarno 
---
 target-i386/op_helper.c |   22 ++
 1 files changed, 22 insertions(+), 0 deletions(-)

diff --git a/target-i386/op_helper.c b/target-i386/op_helper.c
index b47d825..d9c8c1b 100644
--- a/target-i386/op_helper.c
+++ b/target-i386/op_helper.c
@@ -3431,6 +3431,28 @@ void helper_verw(target_ulong selector1)
 
 /* x87 FPU helpers */
 
+static inline double CPU86_LDouble_to_double(CPU86_LDouble a)
+{
+union {
+float64 f64;
+double d;
+} u;
+
+u.f64 = floatx_to_float64(a, &env->fp_status);
+return u.d;
+}
+
+static inline CPU86_LDouble double_to_CPU86_LDouble(double a)
+{
+union {
+float64 f64;
+double d;
+} u;
+
+u.d = a;
+return float64_to_floatx(u.f64, &env->fp_status);
+}
+
 static void fpu_set_exception(int mask)
 {
 env->fpus |= mask;
-- 
1.7.2.3

[Qemu-devel] [PATCH v2 08/20] softfloat-native: fix float*_scalbn() functions

[Aurelien Jarno]

float*_scalbn() should be able to take a status parameter. Fix that.

Reviewed-by: Peter Maydell 
Signed-off-by: Aurelien Jarno 
---
 fpu/softfloat-native.h |6 +++---
 1 files changed, 3 insertions(+), 3 deletions(-)

diff --git a/fpu/softfloat-native.h b/fpu/softfloat-native.h
index 97fb3c7..f497e64 100644
--- a/fpu/softfloat-native.h
+++ b/fpu/softfloat-native.h
@@ -283,7 +283,7 @@ INLINE float32 float32_is_zero(float32 a)
 return fpclassify(a) == FP_ZERO;
 }
 
-INLINE float32 float32_scalbn(float32 a, int n)
+INLINE float32 float32_scalbn(float32 a, int n STATUS_PARAM)
 {
 return scalbnf(a, n);
 }
@@ -404,7 +404,7 @@ INLINE float64 float64_is_zero(float64 a)
 return fpclassify(a) == FP_ZERO;
 }
 
-INLINE float64 float64_scalbn(float64 a, int n)
+INLINE float64 float64_scalbn(float64 a, int n STATUS_PARAM)
 {
 return scalbn(a, n);
 }
@@ -520,7 +520,7 @@ INLINE floatx80 floatx80_is_zero(floatx80 a)
 return fpclassify(a) == FP_ZERO;
 }
 
-INLINE floatx80 floatx80_scalbn(floatx80 a, int n)
+INLINE floatx80 floatx80_scalbn(floatx80 a, int n STATUS_PARAM)
 {
 return scalbnl(a, n);
 }
-- 
1.7.2.3

[Qemu-devel] [PATCH] linux-user/arm/nwfpe: rename REG_PC to ARM_REG_PC

[Peter Maydell]

The REG_PC constant used in the ARM nwfpe code is fine in the kernel
but when used in qemu can clash with a definition in the host system
include files (in particular on Ubuntu Lucid SPARC, including signal.h
will define a REG_PC). Rename the constant to avoid this issue.

Signed-off-by: Peter Maydell 
---
 linux-user/arm/nwfpe/fpa11.c  |2 +-
 linux-user/arm/nwfpe/fpa11.h  |2 +-
 linux-user/arm/nwfpe/fpa11_cpdt.c |8 
 3 files changed, 6 insertions(+), 6 deletions(-)

diff --git a/linux-user/arm/nwfpe/fpa11.c b/linux-user/arm/nwfpe/fpa11.c
index 0a87c43..eebd93f 100644
--- a/linux-user/arm/nwfpe/fpa11.c
+++ b/linux-user/arm/nwfpe/fpa11.c
@@ -144,7 +144,7 @@ unsigned int EmulateAll(unsigned int opcode, FPA11* qfpa, 
CPUARMState* qregs)
 
 #if 0
   fprintf(stderr,"emulating FP insn 0x%08x, PC=0x%08x\n",
-  opcode, qregs[REG_PC]);
+  opcode, qregs[ARM_REG_PC]);
 #endif
   fpa11 = GET_FPA11();
 
diff --git a/linux-user/arm/nwfpe/fpa11.h b/linux-user/arm/nwfpe/fpa11.h
index f17647b..002b3cb 100644
--- a/linux-user/arm/nwfpe/fpa11.h
+++ b/linux-user/arm/nwfpe/fpa11.h
@@ -111,7 +111,7 @@ static inline void writeConditionCodes(unsigned int x)
 cpsr_write(user_registers,x,CPSR_NZCV);
 }
 
-#define REG_PC 15
+#define ARM_REG_PC 15
 
 unsigned int EmulateAll(unsigned int opcode, FPA11* qfpa, CPUARMState* qregs);
 
diff --git a/linux-user/arm/nwfpe/fpa11_cpdt.c 
b/linux-user/arm/nwfpe/fpa11_cpdt.c
index b12e27d..3e7a938 100644
--- a/linux-user/arm/nwfpe/fpa11_cpdt.c
+++ b/linux-user/arm/nwfpe/fpa11_cpdt.c
@@ -220,7 +220,7 @@ static unsigned int PerformLDF(const unsigned int opcode)
//printk("PerformLDF(0x%08x), Fd = 0x%08x\n",opcode,getFd(opcode));
 
pBase = readRegister(getRn(opcode));
-   if (REG_PC == getRn(opcode))
+   if (ARM_REG_PC == getRn(opcode))
{
  pBase += 8;
  write_back = 0;
@@ -256,7 +256,7 @@ static unsigned int PerformSTF(const unsigned int opcode)
SetRoundingMode(ROUND_TO_NEAREST);
 
pBase = readRegister(getRn(opcode));
-   if (REG_PC == getRn(opcode))
+   if (ARM_REG_PC == getRn(opcode))
{
  pBase += 8;
  write_back = 0;
@@ -289,7 +289,7 @@ static unsigned int PerformLFM(const unsigned int opcode)
target_ulong pBase, pAddress, pFinal;
 
pBase = readRegister(getRn(opcode));
-   if (REG_PC == getRn(opcode))
+   if (ARM_REG_PC == getRn(opcode))
{
  pBase += 8;
  write_back = 0;
@@ -322,7 +322,7 @@ static unsigned int PerformSFM(const unsigned int opcode)
target_ulong pBase, pAddress, pFinal;
 
pBase = readRegister(getRn(opcode));
-   if (REG_PC == getRn(opcode))
+   if (ARM_REG_PC == getRn(opcode))
{
  pBase += 8;
  write_back = 0;
-- 
1.7.1

Re: [Qemu-devel] [PATCH 10/17] s390x: keep hint on virtio managing size

[Aurelien Jarno]

On Mon, Apr 18, 2011 at 11:03:59PM +0200, Alexander Graf wrote:
> 
> On 18.04.2011, at 21:06, Aurelien Jarno wrote:
> 
> > On Fri, Apr 15, 2011 at 05:32:51PM +0200, Alexander Graf wrote:
> >> The s390x virtio bus keeps management information on virtio after the top
> >> of the guest's RAM. We need to be able to tell the guest the size of its
> >> RAM (without virtio stuff), but also be able to trap when the guest 
> >> accesses
> >> RAM outside of its scope (including virtio stuff).
> >> 
> >> So we need a variable telling us the size of the virtio stuff, so we can
> >> calculate the highest available RAM address from that.
> >> 
> >> While at it, also increase the maximum number of virtio pages, so we play
> >> along well with more recent kernels that spawn a ridiculous number of 
> >> virtio
> >> console adapters.
> >> 
> >> Signed-off-by: Alexander Graf 
> >> ---
> >> hw/s390-virtio-bus.c |3 +++
> >> hw/s390-virtio-bus.h |2 +-
> >> target-s390x/cpu.h   |3 +++
> >> 3 files changed, 7 insertions(+), 1 deletions(-)
> >> 
> >> diff --git a/hw/s390-virtio-bus.c b/hw/s390-virtio-bus.c
> >> index bb49e39..a90963b 100644
> >> --- a/hw/s390-virtio-bus.c
> >> +++ b/hw/s390-virtio-bus.c
> >> @@ -60,6 +60,9 @@ static const VirtIOBindings virtio_s390_bindings;
> >> 
> >> static ram_addr_t s390_virtio_device_num_vq(VirtIOS390Device *dev);
> >> 
> >> +/* length of VirtIO device pages */
> >> +target_phys_addr_t virtio_size = S390_DEVICE_PAGES * TARGET_PAGE_SIZE;
> >> +
> > 
> > If this variable is never written, can it be declared const?
> 
> Does that improve anything for exported variables? Do they get put into a ro 
> section then?
> 

Unfortunately, that will still be an exported variable, and it's a pitty
to use that just because we can't have a #define in hw/* included in
target-*/* . That said I just realized that a lot of target are actually
doing that, maybe it's the solution here.

Adding a const here will clearly show to people reading the code that
it's nothing more than advanced #define.


-- 
Aurelien Jarno  GPG: 1024D/F1BCDB73
aurel...@aurel32.net http://www.aurel32.net

Re: [Qemu-devel] [PATCH v2 01/20] softfloat: fix floatx80 handling of NaN

[Peter Maydell]

On 20 April 2011 11:11, Aurelien Jarno  wrote:
> @@ -624,10 +630,11 @@ static floatx80 commonNaNToFloatx80( commonNaNT a 
> STATUS_PARAM)
>         return z;
>     }
>
> -    if (a.high)
> -        z.low = a.high;
> -    else
> +    if (a.high >> 1) {
> +        z.low = LIT64( 0x8000 ) | a.high >> 1;
> +    } else {
>         z.low = floatx80_default_nan_low;
> +    }
>     z.high = ( ( (uint16_t) a.sign )<<15 ) | 0x7FFF;
>     return z;
>  }

This is still retaining the sign bit from the input if it generates
a default NaN because the mantissa would have been zero. This isn't
consistent with the commonNaNToFloat64/32, which just return the
float64/32_default_nan with whatever sign it has.

-- PMM

Re: [Qemu-devel] [PATCH 11/17] s390x: helper functions for system emulation

[Aurelien Jarno]

On Fri, Apr 15, 2011 at 05:32:52PM +0200, Alexander Graf wrote:
> When running system emulation, we need to transverse through the MMU and
> deliver interrupts according to the specification.
> 
> This patch implements those two pieces and in addition adjusts the CPU
> initialization code to account for the new fields in CPUState.
> 
> Signed-off-by: Alexander Graf 
> 
> ---
> 
> v1 -> v2:
> 
>   - new clock syntax
> 
> v3 -> v4:
> 
>   - enable RAM boundary check
>   - bisectability
> ---
>  target-s390x/helper.c|  578 
> +-
>  target-s390x/op_helper.c |6 +
>  target-s390x/translate.c |4 +
>  3 files changed, 577 insertions(+), 11 deletions(-)
> 
> diff --git a/target-s390x/helper.c b/target-s390x/helper.c
> index 629dfd9..f45824a 100644
> --- a/target-s390x/helper.c
> +++ b/target-s390x/helper.c
> @@ -2,6 +2,7 @@
>   *  S/390 helpers
>   *
>   *  Copyright (c) 2009 Ulrich Hecht
> + *  Copyright (c) 2011 Alexander Graf
>   *
>   * This library is free software; you can redistribute it and/or
>   * modify it under the terms of the GNU Lesser General Public
> @@ -25,27 +26,108 @@
>  #include "exec-all.h"
>  #include "gdbstub.h"
>  #include "qemu-common.h"
> +#include "qemu-timer.h"
>  
> +#if !defined(CONFIG_USER_ONLY)
>  #include 
>  #include "kvm.h"
> +#endif
> +
> +//#define S390_PTE_PRINTF_HACK
> +//#define DEBUG_S390
> +//#define DEBUG_S390_PTE
> +//#define DEBUG_S390_STDOUT
> +
> +#ifdef DEBUG_S390
> +#ifdef DEBUG_S390_STDOUT
> +#define dprintf(fmt, ...) \
> +do { fprintf(stderr, fmt, ## __VA_ARGS__); \
> + qemu_log(fmt, ##__VA_ARGS__); } while (0)
> +#else
> +#define dprintf(fmt, ...) \
> +do { qemu_log(fmt, ## __VA_ARGS__); } while (0)
> +#endif
> +#else
> +#define dprintf(fmt, ...) \
> +do { } while (0)
> +#endif
> +
> +#ifdef DEBUG_S390_PTE
> +#define pte_dprintf dprintf
> +#else
> +#define pte_dprintf(fmt, ...) \
> +do { } while (0)
> +#endif
> +

Given all thoses are macros, it is probably better to name them in upper
case, to be consistent with code in other targets, but also so that they
are not mistaken for functions.

> +#ifndef CONFIG_USER_ONLY
> +static void s390x_tod_timer(void *opaque)
> +{
> +CPUState *env = opaque;
> +
> +env->pending_int |= INTERRUPT_TOD;
> +cpu_interrupt(env, CPU_INTERRUPT_HARD);
> +}
> +
> +static void s390x_cpu_timer(void *opaque)
> +{
> +CPUState *env = opaque;
> +
> +env->pending_int |= INTERRUPT_CPUTIMER;
> +cpu_interrupt(env, CPU_INTERRUPT_HARD);
> +}
> +#endif
>  
>  CPUS390XState *cpu_s390x_init(const char *cpu_model)
>  {
>  CPUS390XState *env;
> +#if !defined (CONFIG_USER_ONLY)
> +struct tm tm;
> +#endif
>  static int inited = 0;
> +static int cpu_num = 0;
>  
>  env = qemu_mallocz(sizeof(CPUS390XState));
>  cpu_exec_init(env);
>  if (!inited) {
>  inited = 1;
> +s390x_translate_init();
>  }
>  
> +#if !defined(CONFIG_USER_ONLY)
> +qemu_get_timedate(&tm, 0);
> +env->tod_offset = TOD_UNIX_EPOCH +
> +  (time2tod(mktimegm(&tm)) * 10ULL);
> +env->tod_basetime = 0;
> +env->tod_timer = qemu_new_timer_ns(vm_clock, s390x_tod_timer, env);
> +env->cpu_timer = qemu_new_timer_ns(vm_clock, s390x_cpu_timer, env);
> +#endif
>  env->cpu_model_str = cpu_model;
> +env->cpu_num = cpu_num++;
> +env->ext_index = -1;
>  cpu_reset(env);
>  qemu_init_vcpu(env);
>  return env;
>  }
>  
> +#if defined(CONFIG_USER_ONLY)
> +
> +void do_interrupt (CPUState *env)
> +{
> +env->exception_index = -1;
> +}
> +
> +int cpu_s390x_handle_mmu_fault (CPUState *env, target_ulong address, int rw,
> +  int mmu_idx, int is_softmmu)
> +{
> +/* fprintf(stderr,"%s: address 0x%lx rw %d mmu_idx %d is_softmmu %d\n",
> +__FUNCTION__, address, rw, mmu_idx, is_softmmu); */
> +env->exception_index = EXCP_ADDR;
> +env->__excp_addr = address; /* FIXME: find out how this works on a real 
> machine */
> +return 1;
> +}
> +
> +#endif /* CONFIG_USER_ONLY */
> +
>  void cpu_reset(CPUS390XState *env)
>  {
>  if (qemu_loglevel_mask(CPU_LOG_RESET)) {
> @@ -53,36 +135,510 @@ void cpu_reset(CPUS390XState *env)
>  log_cpu_state(env, 0);
>  }
>  
> -memset(env, 0, offsetof(CPUS390XState, breakpoints));
> +memset(env, 0, offsetof(CPUS390XState, cpu_num));

Why not moving cpu_num before the breakpoints in cpu.h instead? cpu_num
is likely to be used more often than breakpoints, so it's better to have
it at the beginning of the structure.

Also this current change makes the comment in cpu.h wrong.

>  /* FIXME: reset vector? */
>  tlb_flush(env, 1);
>  }
>  
> -target_phys_addr_t cpu_get_phys_page_debug(CPUState *env, target_ulong addr)
> +#ifndef CONFIG_USER_ONLY
> +
> +/* Ensure to exit the TB after this call! */
> +static void trigger_pgm_exception(CPUState *env, uint32_t code, uint32_t ilc)
> +{
> +env->except

Re: [Qemu-devel] [PATCH v2 04/20] softfloat: add pi constants

[Peter Maydell]

On 20 April 2011 11:11, Aurelien Jarno  wrote:
> Add a pi constant for float32, float64, floatx80. It will be used by
> target-i386 and later by the trigonometric functions.
>
> Signed-off-by: Aurelien Jarno 
> ---
>  fpu/softfloat.h |    3 +++
>  1 files changed, 3 insertions(+), 0 deletions(-)
>
> v1 -> v2: fix typo creating a float64 constant with make_float32

Reviewed-by: Peter Maydell 

-- PMM

Re: [Qemu-devel] [PATCH v2 07/20] softfloat: fix float*_scalnb() corner cases

[Peter Maydell]

On 20 April 2011 11:11, Aurelien Jarno  wrote:
> float*_scalnb() were not taking into account all cases. This patch fixes
> some corner cases:
> - NaN values in input were not properly propagated and the invalid flag
>  not correctly raised. Use propagateFloat*NaN() for that.
> - NaN or infinite values in input of floatx80_scalnb() were not correctly
>  detected due to a typo.
> - The sum of exponent and n could overflow, leading to strange results.
>  Additionally having int16 defined to int make that happening for a very
>  small range of values. Fix that by saturating n to the maximum exponent
>  range, and using an explicit wider type if needed.
>
> Signed-off-by: Aurelien Jarno 
> ---
>  fpu/softfloat.c |   47 ++-
>  1 files changed, 42 insertions(+), 5 deletions(-)
>
> v1 -> v2: fix condition for float32

Reviewed-by: Peter Maydell 

-- PMM

Re: [Qemu-devel] [PATCH v2 11/20] target-i386: fix helper_fbld_ST0() wrt softfloat

[Peter Maydell]

On 20 April 2011 11:12, Aurelien Jarno  wrote:
> Signed-off-by: Aurelien Jarno 
> ---
>  target-i386/op_helper.c |    7 ---
>  1 files changed, 4 insertions(+), 3 deletions(-)
>
> v1 -> v2: fix handling of -0

Reviewed-by: Peter Maydell 

-- PMM

Re: [Qemu-devel] [PATCH v2 17/20] target-i386: fix logarithmic and trigonometric helpers wrt softfloat

[Peter Maydell]

On 20 April 2011 11:12, Aurelien Jarno  wrote:
> Use the new CPU86_LDouble <-> double conversion functions to make logarithmic
> and trigonometric helpers working with softfloat.
>
> Signed-off-by: Aurelien Jarno 
> ---
>  target-i386/op_helper.c |   52 +++---
>  1 files changed, 26 insertions(+), 26 deletions(-)
>
> v1 -> v2: use floatx_one instead of double_to_CPU86_LDouble(1.0)

Reviewed-by: Peter Maydell 

-- PMM

Re: [Qemu-devel] [PATCH v2 20/20] target-i386: switch to softfloat

[Peter Maydell]

On 20 April 2011 11:12, Aurelien Jarno  wrote:
> This increase the correctness (precision, NaN values, corner cases) on
> non-x86 machines, and add the possibility to handle the exception
> correctly.
>
> Signed-off-by: Aurelien Jarno 
> ---
>  configure |    9 +
>  1 files changed, 1 insertions(+), 8 deletions(-)
>
> v1 -> v2: remove case.

Reviewed-by: Peter Maydell 

-- PMM

Re: [Qemu-devel] [PULL] Remove unused function parameters

[Aurelien Jarno]

On Wed, Apr 20, 2011 at 11:03:36AM +0200, Stefan Weil wrote:
> Hello,
> 
> I updated the first patch as suggested by Peter Maydell
> (Fix [] typo, fix copy+paste error with SHA1 object name
> in commit message). The rest is identical, so I don't
> resend it to qemu-devel.

Thanks, pulled. In the future please resend the patches on the mailing
list anyway if they differ from the previous patches. This can be in the
same thread as the pull. This is quite handy when you want to work on
QEMU without Internet access.

> Cheers,
> Stefan Weil
> 
> 
> The following changes since commit 8d5192ee15bc519f83741f5e413ebba5d57a6abd:
>   Alexander Graf (1):
> s390x: virtio machine storage keys
> 
> are available in the git repository at:
> 
>   git://qemu.weilnetz.de/git/qemu.git/ patches
> 
> Stefan Weil (2):
>   Remove unused function parameters from gen_pc_load and rename
> the function
>   Remove unused function parameter from cpu_restore_state
> 
>  cpu-exec.c|2 +-
>  exec-all.h|7 +++
>  exec.c|9 -
>  target-alpha/op_helper.c  |2 +-
>  target-alpha/translate.c  |3 +--
>  target-arm/op_helper.c|2 +-
>  target-arm/translate.c|7 +++
>  target-cris/op_helper.c   |2 +-
>  target-cris/translate.c   |3 +--
>  target-i386/op_helper.c   |2 +-
>  target-i386/translate.c   |7 +++
>  target-lm32/op_helper.c   |2 +-
>  target-lm32/translate.c   |3 +--
>  target-m68k/op_helper.c   |2 +-
>  target-m68k/translate.c   |3 +--
>  target-microblaze/op_helper.c |2 +-
>  target-microblaze/translate.c |3 +--
>  target-mips/op_helper.c   |4 ++--
>  target-mips/translate.c   |3 +--
>  target-ppc/op_helper.c|2 +-
>  target-ppc/translate.c|3 +--
>  target-s390x/op_helper.c  |2 +-
>  target-s390x/translate.c  |3 +--
>  target-sh4/op_helper.c|2 +-
>  target-sh4/translate.c|3 +--
>  target-sparc/op_helper.c  |2 +-
>  target-sparc/translate.c  |3 +--
>  target-unicore32/translate.c  |3 +--
>  translate-all.c   |5 ++---
>  29 files changed, 40 insertions(+), 56 deletions(-)
> 
> 
> 

-- 
Aurelien Jarno  GPG: 1024D/F1BCDB73
aurel...@aurel32.net http://www.aurel32.net

Re: [Qemu-devel] [PULL] Remove unused function parameters

[Peter Maydell]

On 20 April 2011 11:53, Aurelien Jarno  wrote:
> On Wed, Apr 20, 2011 at 11:03:36AM +0200, Stefan Weil wrote:
>> Hello,
>>
>> I updated the first patch as suggested by Peter Maydell
>> (Fix [] typo, fix copy+paste error with SHA1 object name
>> in commit message). The rest is identical, so I don't
>> resend it to qemu-devel.
>
> Thanks, pulled. In the future please resend the patches on the mailing
> list anyway if they differ from the previous patches. This can be in the
> same thread as the pull. This is quite handy when you want to work on
> QEMU without Internet access.

Maybe we should document "how to send a pull request" on the wiki?
I remember having to quiz Anthony on irc about the preferred format
the first time I did one...

-- PMM

Re: [Qemu-devel] [PATCH 1/2] Implement basic part of SA-1110/SA-1100

[Aurelien Jarno]

On Tue, Apr 19, 2011 at 06:56:45PM +0400, Dmitry Eremin-Solenikov wrote:
> Basic implementation of DEC/Intel SA-1100/SA-1110 chips emulation.
> Implemented:
>  - IRQs
>  - GPIO
>  - PPC
>  - RTC
>  - UARTs (no IrDA/etc.)
>  - OST reused from pxa25x
> 
> Everything else is TODO (esp. PM/idle/sleep!) - see the todo in the
> hw/strongarm.c
> 
> V6:
>   * license fixup
>   * DPRINTF
> 
> V5:
>   * syntax fixup
> 
> V4:
>   * use bitnames to access RTC and UART registers
>   * drop unused casts
>   * disable debug printfs in GPIO code
> 
> V3:
>   * fix the name of UART VMSD
>   * fix RTSR reg offset
>   * add SSP support
> 
> V2:
>   * removed all strongarm variants except latest
>   * dropped unused casts
>   * fixed PIC vmstate
>   * fixed new devices created with version_id = 1
> 
> Signed-off-by: Dmitry Eremin-Solenikov 
> 
> ---
>  Makefile.target |1 +
>  hw/strongarm.c  | 1600 
> +++
>  hw/strongarm.h  |   64 ++
>  target-arm/cpu.h|3 +
>  target-arm/helper.c |9 +
>  5 files changed, 1677 insertions(+), 0 deletions(-)
>  create mode 100644 hw/strongarm.c
>  create mode 100644 hw/strongarm.h

Thanks, applied.

> diff --git a/Makefile.target b/Makefile.target
> index d5761b7..9e4cfc0 100644
> --- a/Makefile.target
> +++ b/Makefile.target
> @@ -352,6 +352,7 @@ obj-arm-y += syborg.o syborg_fb.o syborg_interrupt.o 
> syborg_keyboard.o
>  obj-arm-y += syborg_serial.o syborg_timer.o syborg_pointer.o syborg_rtc.o
>  obj-arm-y += syborg_virtio.o
>  obj-arm-y += vexpress.o
> +obj-arm-y += strongarm.o
>  
>  obj-sh4-y = shix.o r2d.o sh7750.o sh7750_regnames.o tc58128.o
>  obj-sh4-y += sh_timer.o sh_serial.o sh_intc.o sh_pci.o sm501.o
> diff --git a/hw/strongarm.c b/hw/strongarm.c
> new file mode 100644
> index 000..c4d777d
> --- /dev/null
> +++ b/hw/strongarm.c
> @@ -0,0 +1,1600 @@
> +/*
> + * StrongARM SA-1100/SA-1110 emulation
> + *
> + * Copyright (C) 2011 Dmitry Eremin-Solenikov
> + *
> + * Largely based on StrongARM emulation:
> + * Copyright (c) 2006 Openedhand Ltd.
> + * Written by Andrzej Zaborowski 
> + *
> + * UART code based on QEMU 16550A UART emulation
> + * Copyright (c) 2003-2004 Fabrice Bellard
> + * Copyright (c) 2008 Citrix Systems, Inc.
> + *
> + *  This program is free software; you can redistribute it and/or modify
> + *  it under the terms of the GNU General Public License version 2 as
> + *  published by the Free Software Foundation.
> + *
> + *  This program is distributed in the hope that it will be useful,
> + *  but WITHOUT ANY WARRANTY; without even the implied warranty of
> + *  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
> + *  GNU General Public License for more details.
> + *
> + *  You should have received a copy of the GNU General Public License along
> + *  with this program; if not, see .
> + */
> +#include "sysbus.h"
> +#include "strongarm.h"
> +#include "qemu-error.h"
> +#include "arm-misc.h"
> +#include "sysemu.h"
> +#include "ssi.h"
> +
> +//#define DEBUG
> +
> +/*
> + TODO
> + - Implement cp15, c14 ?
> + - Implement cp15, c15 !!! (idle used in L)
> + - Implement idle mode handling/DIM
> + - Implement sleep mode/Wake sources
> + - Implement reset control
> + - Implement memory control regs
> + - PCMCIA handling
> + - Maybe support MBGNT/MBREQ
> + - DMA channels
> + - GPCLK
> + - IrDA
> + - MCP
> + - Enhance UART with modem signals
> + */
> +
> +#ifdef DEBUG
> +# define DPRINTF(format, ...) printf(format , ## __VA_ARGS__)
> +#else
> +# define DPRINTF(format, ...) do { } while (0)
> +#endif
> +
> +static struct {
> +target_phys_addr_t io_base;
> +int irq;
> +} sa_serial[] = {
> +{ 0x8001, SA_PIC_UART1 },
> +{ 0x8003, SA_PIC_UART2 },
> +{ 0x8005, SA_PIC_UART3 },
> +{ 0, 0 }
> +};
> +
> +/* Interrupt Controller */
> +typedef struct {
> +SysBusDevice busdev;
> +qemu_irqirq;
> +qemu_irqfiq;
> +
> +uint32_t pending;
> +uint32_t enabled;
> +uint32_t is_fiq;
> +uint32_t int_idle;
> +} StrongARMPICState;
> +
> +#define ICIP0x00
> +#define ICMR0x04
> +#define ICLR0x08
> +#define ICFP0x10
> +#define ICPR0x20
> +#define ICCR0x0c
> +
> +#define SA_PIC_SRCS 32
> +
> +
> +static void strongarm_pic_update(void *opaque)
> +{
> +StrongARMPICState *s = opaque;
> +
> +/* FIXME: reflect DIM */
> +qemu_set_irq(s->fiq, s->pending & s->enabled &  s->is_fiq);
> +qemu_set_irq(s->irq, s->pending & s->enabled & ~s->is_fiq);
> +}
> +
> +static void strongarm_pic_set_irq(void *opaque, int irq, int level)
> +{
> +StrongARMPICState *s = opaque;
> +
> +if (level) {
> +s->pending |= 1 << irq;
> +} else {
> +s->pending &= ~(1 << irq);
> +}
> +
> +strongarm_pic_update(s);
> +}
> +
> +static uint32_t strongarm_pic_mem_read(void *opaque, target_phys_addr_t 
> offset)
> +{
> +StrongARMPICState *s = opaque;
> +
> +switch (offset) {
> 

Re: [Qemu-devel] [PATCH 2/2] Basic implementation of Sharp Zaurus SL-5500 collie PDA

[Aurelien Jarno]

On Tue, Apr 19, 2011 at 06:56:46PM +0400, Dmitry Eremin-Solenikov wrote:
> Add very basic implementation of collie PDA emulation. The system lacks
> LoCoMo and graphics/sound emulation. Linux kernel boots up to mounting
> rootfs (theoretically it can be provided in pflash images).
> 
> Signed-off-by: Dmitry Eremin-Solenikov 
> ---
>  Makefile.target |1 +
>  hw/collie.c |   69 
> +++
>  2 files changed, 70 insertions(+), 0 deletions(-)
>  create mode 100644 hw/collie.c

Thanks, applied.

> diff --git a/Makefile.target b/Makefile.target
> index 9e4cfc0..0e0ef36 100644
> --- a/Makefile.target
> +++ b/Makefile.target
> @@ -353,6 +353,7 @@ obj-arm-y += syborg_serial.o syborg_timer.o 
> syborg_pointer.o syborg_rtc.o
>  obj-arm-y += syborg_virtio.o
>  obj-arm-y += vexpress.o
>  obj-arm-y += strongarm.o
> +obj-arm-y += collie.o
>  
>  obj-sh4-y = shix.o r2d.o sh7750.o sh7750_regnames.o tc58128.o
>  obj-sh4-y += sh_timer.o sh_serial.o sh_intc.o sh_pci.o sm501.o
> diff --git a/hw/collie.c b/hw/collie.c
> new file mode 100644
> index 000..156404d
> --- /dev/null
> +++ b/hw/collie.c
> @@ -0,0 +1,69 @@
> +/*
> + * SA-1110-based Sharp Zaurus SL-5500 platform.
> + *
> + * Copyright (C) 2011 Dmitry Eremin-Solenikov
> + *
> + * This code is licensed under GNU GPL v2.
> + */
> +#include "hw.h"
> +#include "sysbus.h"
> +#include "boards.h"
> +#include "devices.h"
> +#include "strongarm.h"
> +#include "arm-misc.h"
> +#include "flash.h"
> +#include "blockdev.h"
> +
> +static struct arm_boot_info collie_binfo = {
> +.loader_start = SA_SDCS0,
> +.ram_size = 0x2000,
> +};
> +
> +static void collie_init(ram_addr_t ram_size,
> +const char *boot_device,
> +const char *kernel_filename, const char *kernel_cmdline,
> +const char *initrd_filename, const char *cpu_model)
> +{
> +StrongARMState *s;
> +DriveInfo *dinfo;
> +ram_addr_t phys_flash;
> +
> +if (!cpu_model) {
> +cpu_model = "sa1110";
> +}
> +
> +s = sa1110_init(collie_binfo.ram_size, cpu_model);
> +
> +phys_flash = qemu_ram_alloc(NULL, "collie.fl1", 0x0200);
> +dinfo = drive_get(IF_PFLASH, 0, 0);
> +pflash_cfi01_register(SA_CS0, phys_flash,
> +dinfo ? dinfo->bdrv : NULL, (64 * 1024),
> +512, 4, 0x00, 0x00, 0x00, 0x00, 0);
> +
> +phys_flash = qemu_ram_alloc(NULL, "collie.fl2", 0x0200);
> +dinfo = drive_get(IF_PFLASH, 0, 1);
> +pflash_cfi01_register(SA_CS1, phys_flash,
> +dinfo ? dinfo->bdrv : NULL, (64 * 1024),
> +512, 4, 0x00, 0x00, 0x00, 0x00, 0);
> +
> +sysbus_create_simple("scoop", 0x4080, NULL);
> +
> +collie_binfo.kernel_filename = kernel_filename;
> +collie_binfo.kernel_cmdline = kernel_cmdline;
> +collie_binfo.initrd_filename = initrd_filename;
> +collie_binfo.board_id = 0x208;
> +arm_load_kernel(s->env, &collie_binfo);
> +}
> +
> +static QEMUMachine collie_machine = {
> +.name = "collie",
> +.desc = "Collie PDA (SA-1110)",
> +.init = collie_init,
> +};
> +
> +static void collie_machine_init(void)
> +{
> +qemu_register_machine(&collie_machine);
> +}
> +
> +machine_init(collie_machine_init)
> -- 
> 1.7.4.1
> 
> 
> 

-- 
Aurelien Jarno  GPG: 1024D/F1BCDB73
aurel...@aurel32.net http://www.aurel32.net

Re: [Qemu-devel] [PATCH] hw/arm_boot.c: move initrd load address up to accommodate large kernels

[Aurelien Jarno]

On Tue, Apr 19, 2011 at 04:32:34PM +0100, Peter Maydell wrote:
> Newer kernels are large enough that they can overlap the address
> where qemu places the initrd. Move the initrd up so that there is
> enough space for the kernel again.
> 
> Unfortunately it's not possible to automatically determine the
> size of the kernel if it is compressed, so this is the best we
> can do.
> 
> Signed-off-by: Peter Maydell 
> ---
> I think a variant of this patch was posted some time last year but didn't
> attract any comment. Anyway, bumping up the arbitrary initrd load address
> is a bit ugly but does at least let large kernels boot, and corresponds
> to what you'd do on real hardware (ie change the load address in your
> u-boot script)...
> 
> If anybody has a better solution then I'm happy to implement it; otherwise
> I think this patch should be committed.
> 
>  hw/arm_boot.c |2 +-
>  1 files changed, 1 insertions(+), 1 deletions(-)

Thanks, applied.

> diff --git a/hw/arm_boot.c b/hw/arm_boot.c
> index 41e99d1..bfac982 100644
> --- a/hw/arm_boot.c
> +++ b/hw/arm_boot.c
> @@ -15,7 +15,7 @@
>  
>  #define KERNEL_ARGS_ADDR 0x100
>  #define KERNEL_LOAD_ADDR 0x0001
> -#define INITRD_LOAD_ADDR 0x0080
> +#define INITRD_LOAD_ADDR 0x00d0
>  
>  /* The worlds second smallest bootloader.  Set r0-r2, then jump to kernel.  
> */
>  static uint32_t bootloader[] = {
> -- 
> 1.7.1
> 
> 
> 

-- 
Aurelien Jarno  GPG: 1024D/F1BCDB73
aurel...@aurel32.net http://www.aurel32.net

Re: [Qemu-devel] [PATCH] target-arm: Set Invalid flag for NaN in float-to-int conversions

[Aurelien Jarno]

On Tue, Apr 19, 2011 at 05:30:55PM +0100, Peter Maydell wrote:
> When we catch the special case of an input NaN in ARM float to int
> helper functions, set the Invalid flag as well as returning the
> correct result.
> 
> Signed-off-by: Peter Maydell 
> ---
>  target-arm/helper.c |9 +
>  1 files changed, 9 insertions(+), 0 deletions(-)

Thanks, applied.
 
> diff --git a/target-arm/helper.c b/target-arm/helper.c
> index 12127de..d5f2ace 100644
> --- a/target-arm/helper.c
> +++ b/target-arm/helper.c
> @@ -2542,6 +2542,7 @@ float64 VFP_HELPER(sito, d)(uint32_t x, CPUState *env)
>  uint32_t VFP_HELPER(toui, s)(float32 x, CPUState *env)
>  {
>  if (float32_is_any_nan(x)) {
> +float_raise(float_flag_invalid, &env->vfp.fp_status);
>  return 0;
>  }
>  return float32_to_uint32(x, &env->vfp.fp_status);
> @@ -2550,6 +2551,7 @@ uint32_t VFP_HELPER(toui, s)(float32 x, CPUState *env)
>  uint32_t VFP_HELPER(toui, d)(float64 x, CPUState *env)
>  {
>  if (float64_is_any_nan(x)) {
> +float_raise(float_flag_invalid, &env->vfp.fp_status);
>  return 0;
>  }
>  return float64_to_uint32(x, &env->vfp.fp_status);
> @@ -2558,6 +2560,7 @@ uint32_t VFP_HELPER(toui, d)(float64 x, CPUState *env)
>  uint32_t VFP_HELPER(tosi, s)(float32 x, CPUState *env)
>  {
>  if (float32_is_any_nan(x)) {
> +float_raise(float_flag_invalid, &env->vfp.fp_status);
>  return 0;
>  }
>  return float32_to_int32(x, &env->vfp.fp_status);
> @@ -2566,6 +2569,7 @@ uint32_t VFP_HELPER(tosi, s)(float32 x, CPUState *env)
>  uint32_t VFP_HELPER(tosi, d)(float64 x, CPUState *env)
>  {
>  if (float64_is_any_nan(x)) {
> +float_raise(float_flag_invalid, &env->vfp.fp_status);
>  return 0;
>  }
>  return float64_to_int32(x, &env->vfp.fp_status);
> @@ -2574,6 +2578,7 @@ uint32_t VFP_HELPER(tosi, d)(float64 x, CPUState *env)
>  uint32_t VFP_HELPER(touiz, s)(float32 x, CPUState *env)
>  {
>  if (float32_is_any_nan(x)) {
> +float_raise(float_flag_invalid, &env->vfp.fp_status);
>  return 0;
>  }
>  return float32_to_uint32_round_to_zero(x, &env->vfp.fp_status);
> @@ -2582,6 +2587,7 @@ uint32_t VFP_HELPER(touiz, s)(float32 x, CPUState *env)
>  uint32_t VFP_HELPER(touiz, d)(float64 x, CPUState *env)
>  {
>  if (float64_is_any_nan(x)) {
> +float_raise(float_flag_invalid, &env->vfp.fp_status);
>  return 0;
>  }
>  return float64_to_uint32_round_to_zero(x, &env->vfp.fp_status);
> @@ -2590,6 +2596,7 @@ uint32_t VFP_HELPER(touiz, d)(float64 x, CPUState *env)
>  uint32_t VFP_HELPER(tosiz, s)(float32 x, CPUState *env)
>  {
>  if (float32_is_any_nan(x)) {
> +float_raise(float_flag_invalid, &env->vfp.fp_status);
>  return 0;
>  }
>  return float32_to_int32_round_to_zero(x, &env->vfp.fp_status);
> @@ -2598,6 +2605,7 @@ uint32_t VFP_HELPER(tosiz, s)(float32 x, CPUState *env)
>  uint32_t VFP_HELPER(tosiz, d)(float64 x, CPUState *env)
>  {
>  if (float64_is_any_nan(x)) {
> +float_raise(float_flag_invalid, &env->vfp.fp_status);
>  return 0;
>  }
>  return float64_to_int32_round_to_zero(x, &env->vfp.fp_status);
> @@ -2636,6 +2644,7 @@ uint##fsz##_t VFP_HELPER(to##name, p)(float##fsz x, 
> uint32_t shift, \
>  { \
>  float##fsz tmp; \
>  if (float##fsz##_is_any_nan(x)) { \
> +float_raise(float_flag_invalid, &env->vfp.fp_status); \
>  return 0; \
>  } \
>  tmp = float##fsz##_scalbn(x, shift, &env->vfp.fp_status); \
> -- 
> 1.7.1
> 
> 
> 

-- 
Aurelien Jarno  GPG: 1024D/F1BCDB73
aurel...@aurel32.net http://www.aurel32.net

[Qemu-devel] [PATCH v3 01/20] softfloat: fix floatx80 handling of NaN

[Aurelien Jarno]

The floatx80 format uses an explicit bit that should be taken into account
when converting to and from commonNaN format.

When converting to commonNaN, the explicit bit should be removed if it is
a 1, and a default NaN should be used if it is 0.

When converting from commonNan, the explicit bit should be added.

Signed-off-by: Aurelien Jarno 
---
 fpu/softfloat-specialize.h |   23 ---
 1 files changed, 16 insertions(+), 7 deletions(-)

v1 -> v2: fix wrong condition that may create an infinity instead of a
  NaN
v2 -> v3: don't change the sign of the default NaN.

diff --git a/fpu/softfloat-specialize.h b/fpu/softfloat-specialize.h
index b110187..9d68aae 100644
--- a/fpu/softfloat-specialize.h
+++ b/fpu/softfloat-specialize.h
@@ -603,9 +603,15 @@ static commonNaNT floatx80ToCommonNaN( floatx80 a 
STATUS_PARAM)
 commonNaNT z;
 
 if ( floatx80_is_signaling_nan( a ) ) float_raise( float_flag_invalid 
STATUS_VAR);
-z.sign = a.high>>15;
-z.low = 0;
-z.high = a.low;
+if ( a.low >> 63 ) {
+z.sign = a.high >> 15;
+z.low = 0;
+z.high = a.low << 1;
+} else {
+z.sign = floatx80_default_nan_high >> 15;
+z.low = 0;
+z.high = floatx80_default_nan_low << 1;
+}
 return z;
 }
 
@@ -624,11 +630,14 @@ static floatx80 commonNaNToFloatx80( commonNaNT a 
STATUS_PARAM)
 return z;
 }
 
-if (a.high)
-z.low = a.high;
-else
+if (a.high >> 1) {
+z.low = LIT64( 0x8000 ) | a.high >> 1;
+z.high = ( ( (uint16_t) a.sign )<<15 ) | 0x7FFF;
+} else {
 z.low = floatx80_default_nan_low;
-z.high = ( ( (uint16_t) a.sign )<<15 ) | 0x7FFF;
+z.high = floatx80_default_nan_high;
+}
+
 return z;
 }
 
-- 
1.7.2.3

[Qemu-devel] [PATCH v2 0/5] atapi: Some code restructuring

[Kevin Wolf]

v2:
- Fixed commit messages
- Added a comment in cmd_test_unit_ready

Kevin Wolf (5):
  ide: Split atapi.c out
  ide/atapi: Factor commands out
  ide/atapi: Use table instead of switch for commands
  ide/atapi: Replace bdrv_get_geometry calls by s->nb_sectors
  ide/atapi: Introduce CHECK_READY flag for commands

 Makefile.objs |2 +-
 hw/ide/atapi.c| 1134 +
 hw/ide/core.c | 1065 +-
 hw/ide/internal.h |   14 +-
 4 files changed, 1149 insertions(+), 1066 deletions(-)
 create mode 100644 hw/ide/atapi.c

-- 
1.7.2.3

[Qemu-devel] [PATCH v2 3/5] ide/atapi: Use table instead of switch for commands

[Kevin Wolf]

Signed-off-by: Kevin Wolf 
---
 hw/ide/atapi.c |  115 +++
 1 files changed, 48 insertions(+), 67 deletions(-)

diff --git a/hw/ide/atapi.c b/hw/ide/atapi.c
index d161bf7..d0bf7fd 100644
--- a/hw/ide/atapi.c
+++ b/hw/ide/atapi.c
@@ -533,10 +533,11 @@ static unsigned int event_status_media(IDEState *s,
 return 8; /* We wrote to 4 extra bytes from the header */
 }
 
-static void handle_get_event_status_notification(IDEState *s,
- uint8_t *buf,
- const uint8_t *packet)
+static void cmd_get_event_status_notification(IDEState *s,
+  uint8_t *buf)
 {
+const uint8_t *packet = buf;
+
 struct {
 uint8_t opcode;
 uint8_t polled;/* lsb bit is polled; others are reserved */
@@ -1064,6 +1065,38 @@ static void cmd_set_speed(IDEState *s, uint8_t* buf)
 ide_atapi_cmd_ok(s);
 }
 
+enum {
+/*
+ * Only commands flagged as ALLOW_UA are allowed to run under a
+ * unit attention condition. (See MMC-5, section 4.1.6.1)
+ */
+ALLOW_UA = 0x01,
+};
+
+struct {
+void (*handler)(IDEState *s, uint8_t *buf);
+int flags;
+} atapi_cmd_table[0x100] = {
+[ 0x00 ] = { cmd_test_unit_ready,   0 },
+[ 0x03 ] = { cmd_request_sense, ALLOW_UA },
+[ 0x12 ] = { cmd_inquiry,   ALLOW_UA },
+[ 0x1a ] = { cmd_mode_sense, /* (6) */  0 },
+[ 0x1b ] = { cmd_start_stop_unit,   0 },
+[ 0x1e ] = { cmd_prevent_allow_medium_removal,  0 },
+[ 0x25 ] = { cmd_read_cdvd_capacity,0 },
+[ 0x28 ] = { cmd_read, /* (10) */   0 },
+[ 0x2b ] = { cmd_seek,  0 },
+[ 0x43 ] = { cmd_read_toc_pma_atip, 0 },
+[ 0x46 ] = { cmd_get_configuration, ALLOW_UA },
+[ 0x4a ] = { cmd_get_event_status_notification, ALLOW_UA },
+[ 0x5a ] = { cmd_mode_sense, /* (10) */ 0 },
+[ 0xa8 ] = { cmd_read, /* (12) */   0 },
+[ 0xad ] = { cmd_read_dvd_structure,0 },
+[ 0xbb ] = { cmd_set_speed, 0 },
+[ 0xbd ] = { cmd_mechanism_status,  0 },
+[ 0xbe ] = { cmd_read_cd,   0 },
+};
+
 void ide_atapi_cmd(IDEState *s)
 {
 const uint8_t *packet;
@@ -1082,21 +1115,17 @@ void ide_atapi_cmd(IDEState *s)
 }
 #endif
 /*
- * If there's a UNIT_ATTENTION condition pending, only
- * REQUEST_SENSE, INQUIRY, GET_CONFIGURATION and
- * GET_EVENT_STATUS_NOTIFICATION commands are allowed to complete.
- * MMC-5, section 4.1.6.1 lists only these commands being allowed
- * to complete, with other commands getting a CHECK condition
- * response unless a higher priority status, defined by the drive
+ * If there's a UNIT_ATTENTION condition pending, only command flagged with
+ * ALLOW_UA are allowed to complete. with other commands getting a CHECK
+ * condition response unless a higher priority status, defined by the drive
  * here, is pending.
  */
 if (s->sense_key == SENSE_UNIT_ATTENTION &&
-s->io_buffer[0] != GPCMD_REQUEST_SENSE &&
-s->io_buffer[0] != GPCMD_INQUIRY &&
-s->io_buffer[0] != GPCMD_GET_EVENT_STATUS_NOTIFICATION) {
+!(atapi_cmd_table[s->io_buffer[0]].flags & ALLOW_UA)) {
 ide_atapi_cmd_check_status(s);
 return;
 }
+
 if (bdrv_is_inserted(s->bs) && s->cdrom_changed) {
 ide_atapi_cmd_error(s, SENSE_NOT_READY, ASC_MEDIUM_NOT_PRESENT);
 
@@ -1105,60 +1134,12 @@ void ide_atapi_cmd(IDEState *s)
 s->asc = ASC_MEDIUM_MAY_HAVE_CHANGED;
 return;
 }
-switch(s->io_buffer[0]) {
-case GPCMD_TEST_UNIT_READY:
-cmd_test_unit_ready(s, buf);
-break;
-case GPCMD_MODE_SENSE_6:
-case GPCMD_MODE_SENSE_10:
-cmd_mode_sense(s, buf);
-break;
-case GPCMD_REQUEST_SENSE:
-cmd_request_sense(s, buf);
-break;
-case GPCMD_PREVENT_ALLOW_MEDIUM_REMOVAL:
-cmd_prevent_allow_medium_removal(s, buf);
-break;
-case GPCMD_READ_10:
-case GPCMD_READ_12:
-cmd_read(s, buf);
-break;
-case GPCMD_READ_CD:
-cmd_read_cd(s, buf);
-break;
-case GPCMD_SEEK:
-cmd_seek(s, buf);
-break;
-case GPCMD_START_STOP_UNIT:
-cmd_start_stop_unit(s, buf);
-break;
-case GPCMD_MECHANISM_STATUS:
-cmd_mechanism_status(s, buf);
-break;
-case GPCMD_READ_TOC_PMA_ATIP:
-cmd_read_toc_pma_atip(s, buf);
-break;
-case GPCMD_READ_CDVD_CAPACITY:
-cmd_read_cdvd_capacity(s, buf);
-break;
-case GPCMD_READ_DVD_STRUCTURE:
-cmd_read_dvd_structure(s, buf);
-break;
-case GPCMD_SET_SPEED:
-cmd_set_speed(s, buf);
-break;
-case GPCMD_INQUIRY:
-

[Qemu-devel] [PATCH v2 2/5] ide/atapi: Factor commands out

[Kevin Wolf]

In preparation for a table of function pointers, factor each command out from
ide_atapi_cmd() into its own function.

Signed-off-by: Kevin Wolf 
---
 hw/ide/atapi.c |  837 +++-
 1 files changed, 459 insertions(+), 378 deletions(-)

diff --git a/hw/ide/atapi.c b/hw/ide/atapi.c
index 25a636e..d161bf7 100644
--- a/hw/ide/atapi.c
+++ b/hw/ide/atapi.c
@@ -621,11 +621,453 @@ static void 
handle_get_event_status_notification(IDEState *s,
 ide_atapi_cmd_reply(s, used_len, max_len);
 }
 
+static void cmd_request_sense(IDEState *s, uint8_t *buf)
+{
+int max_len = buf[4];
+
+memset(buf, 0, 18);
+buf[0] = 0x70 | (1 << 7);
+buf[2] = s->sense_key;
+buf[7] = 10;
+buf[12] = s->asc;
+
+if (s->sense_key == SENSE_UNIT_ATTENTION) {
+s->sense_key = SENSE_NONE;
+}
+
+ide_atapi_cmd_reply(s, 18, max_len);
+}
+
+static void cmd_inquiry(IDEState *s, uint8_t *buf)
+{
+int max_len = buf[4];
+
+buf[0] = 0x05; /* CD-ROM */
+buf[1] = 0x80; /* removable */
+buf[2] = 0x00; /* ISO */
+buf[3] = 0x21; /* ATAPI-2 (XXX: put ATAPI-4 ?) */
+buf[4] = 31; /* additional length */
+buf[5] = 0; /* reserved */
+buf[6] = 0; /* reserved */
+buf[7] = 0; /* reserved */
+padstr8(buf + 8, 8, "QEMU");
+padstr8(buf + 16, 16, "QEMU DVD-ROM");
+padstr8(buf + 32, 4, s->version);
+ide_atapi_cmd_reply(s, 36, max_len);
+}
+
+static void cmd_get_configuration(IDEState *s, uint8_t *buf)
+{
+uint32_t len;
+uint8_t index = 0;
+int max_len;
+
+/* only feature 0 is supported */
+if (buf[2] != 0 || buf[3] != 0) {
+ide_atapi_cmd_error(s, SENSE_ILLEGAL_REQUEST,
+ASC_INV_FIELD_IN_CMD_PACKET);
+return;
+}
+
+/* XXX: could result in alignment problems in some architectures */
+max_len = ube16_to_cpu(buf + 7);
+
+/*
+ * XXX: avoid overflow for io_buffer if max_len is bigger than
+ *  the size of that buffer (dimensioned to max number of
+ *  sectors to transfer at once)
+ *
+ *  Only a problem if the feature/profiles grow.
+ */
+if (max_len > 512) {
+/* XXX: assume 1 sector */
+max_len = 512;
+}
+
+memset(buf, 0, max_len);
+/*
+ * the number of sectors from the media tells us which profile
+ * to use as current.  0 means there is no media
+ */
+if (media_is_dvd(s)) {
+cpu_to_ube16(buf + 6, MMC_PROFILE_DVD_ROM);
+} else if (media_is_cd(s)) {
+cpu_to_ube16(buf + 6, MMC_PROFILE_CD_ROM);
+}
+
+buf[10] = 0x02 | 0x01; /* persistent and current */
+len = 12; /* headers: 8 + 4 */
+len += ide_atapi_set_profile(buf, &index, MMC_PROFILE_DVD_ROM);
+len += ide_atapi_set_profile(buf, &index, MMC_PROFILE_CD_ROM);
+cpu_to_ube32(buf, len - 4); /* data length */
+
+ide_atapi_cmd_reply(s, len, max_len);
+}
+
+static void cmd_mode_sense(IDEState *s, uint8_t *buf)
+{
+int action, code;
+int max_len;
+
+if (buf[0] == GPCMD_MODE_SENSE_10) {
+max_len = ube16_to_cpu(buf + 7);
+} else {
+max_len = buf[4];
+}
+
+action = buf[2] >> 6;
+code = buf[2] & 0x3f;
+
+switch(action) {
+case 0: /* current values */
+switch(code) {
+case GPMODE_R_W_ERROR_PAGE: /* error recovery */
+cpu_to_ube16(&buf[0], 16 + 6);
+buf[2] = 0x70;
+buf[3] = 0;
+buf[4] = 0;
+buf[5] = 0;
+buf[6] = 0;
+buf[7] = 0;
+
+buf[8] = 0x01;
+buf[9] = 0x06;
+buf[10] = 0x00;
+buf[11] = 0x05;
+buf[12] = 0x00;
+buf[13] = 0x00;
+buf[14] = 0x00;
+buf[15] = 0x00;
+ide_atapi_cmd_reply(s, 16, max_len);
+break;
+case GPMODE_AUDIO_CTL_PAGE:
+cpu_to_ube16(&buf[0], 24 + 6);
+buf[2] = 0x70;
+buf[3] = 0;
+buf[4] = 0;
+buf[5] = 0;
+buf[6] = 0;
+buf[7] = 0;
+
+/* Fill with CDROM audio volume */
+buf[17] = 0;
+buf[19] = 0;
+buf[21] = 0;
+buf[23] = 0;
+
+ide_atapi_cmd_reply(s, 24, max_len);
+break;
+case GPMODE_CAPABILITIES_PAGE:
+cpu_to_ube16(&buf[0], 28 + 6);
+buf[2] = 0x70;
+buf[3] = 0;
+buf[4] = 0;
+buf[5] = 0;
+buf[6] = 0;
+buf[7] = 0;
+
+buf[8] = 0x2a;
+buf[9] = 0x12;
+buf[10] = 0x00;
+buf[11] = 0x00;
+
+/* Claim PLAY_AUDIO capability (0x01) since some Linux
+   code checks for this to automount media. */
+buf[12] = 0x71;
+buf[13] = 3 << 5;
+buf[14] = (1 << 0) | (1 << 3) | (1 << 5);
+if (bdrv_is_locked(s->bs))
+buf[6] |= 1 << 1;
+ 

[Qemu-devel] [PATCH v2 5/5] ide/atapi: Introduce CHECK_READY flag for commands

[Kevin Wolf]

Some commands are supposed to report a Not Ready Conmdition (i.e. they require
a medium to be present in order to execute successfully). Instead of
duplicating the check in each command implementation, let's add a flag and
check it before calling the command.

This patch only converts existing checks, it does not introduce new checks for
any of the other commands that can/should report a Not Ready Condition.

Signed-off-by: Kevin Wolf 
---
 hw/ide/atapi.c |   48 +++-
 1 files changed, 23 insertions(+), 25 deletions(-)

diff --git a/hw/ide/atapi.c b/hw/ide/atapi.c
index 5835caa..0c3f9d2 100644
--- a/hw/ide/atapi.c
+++ b/hw/ide/atapi.c
@@ -813,11 +813,9 @@ error_cmd:
 
 static void cmd_test_unit_ready(IDEState *s, uint8_t *buf)
 {
-if (bdrv_is_inserted(s->bs)) {
-ide_atapi_cmd_ok(s);
-} else {
-ide_atapi_cmd_error(s, SENSE_NOT_READY, ASC_MEDIUM_NOT_PRESENT);
-}
+/* Not Ready Conditions are already handled in ide_atapi_cmd(), so if we
+ * come here, we know that it's ready. */
+ide_atapi_cmd_ok(s);
 }
 
 static void cmd_prevent_allow_medium_removal(IDEState *s, uint8_t* buf)
@@ -883,11 +881,6 @@ static void cmd_seek(IDEState *s, uint8_t* buf)
 unsigned int lba;
 uint64_t total_sectors = s->nb_sectors >> 2;
 
-if (total_sectors == 0) {
-ide_atapi_cmd_error(s, SENSE_NOT_READY, ASC_MEDIUM_NOT_PRESENT);
-return;
-}
-
 lba = ube32_to_cpu(buf + 2);
 if (lba >= total_sectors) {
 ide_atapi_cmd_error(s, SENSE_ILLEGAL_REQUEST, ASC_LOGICAL_BLOCK_OOR);
@@ -941,13 +934,8 @@ static void cmd_mechanism_status(IDEState *s, uint8_t* buf)
 static void cmd_read_toc_pma_atip(IDEState *s, uint8_t* buf)
 {
 int format, msf, start_track, len;
-uint64_t total_sectors = s->nb_sectors >> 2;
 int max_len;
-
-if (total_sectors == 0) {
-ide_atapi_cmd_error(s, SENSE_NOT_READY, ASC_MEDIUM_NOT_PRESENT);
-return;
-}
+uint64_t total_sectors = s->nb_sectors >> 2;
 
 max_len = ube16_to_cpu(buf + 7);
 format = buf[9] >> 6;
@@ -986,11 +974,6 @@ static void cmd_read_cdvd_capacity(IDEState *s, uint8_t* 
buf)
 {
 uint64_t total_sectors = s->nb_sectors >> 2;
 
-if (total_sectors == 0) {
-ide_atapi_cmd_error(s, SENSE_NOT_READY, ASC_MEDIUM_NOT_PRESENT);
-return;
-}
-
 /* NOTE: it is really the number of sectors minus 1 */
 cpu_to_ube32(buf, total_sectors - 1);
 cpu_to_ube32(buf + 4, 2048);
@@ -1062,22 +1045,29 @@ enum {
  * unit attention condition. (See MMC-5, section 4.1.6.1)
  */
 ALLOW_UA = 0x01,
+
+/*
+ * Commands flagged with CHECK_READY can only execute if a medium is 
present.
+ * Otherwise they report the Not Ready Condition. (See MMC-5, section
+ * 4.1.8)
+ */
+CHECK_READY = 0x02,
 };
 
 struct {
 void (*handler)(IDEState *s, uint8_t *buf);
 int flags;
 } atapi_cmd_table[0x100] = {
-[ 0x00 ] = { cmd_test_unit_ready,   0 },
+[ 0x00 ] = { cmd_test_unit_ready,   CHECK_READY },
 [ 0x03 ] = { cmd_request_sense, ALLOW_UA },
 [ 0x12 ] = { cmd_inquiry,   ALLOW_UA },
 [ 0x1a ] = { cmd_mode_sense, /* (6) */  0 },
 [ 0x1b ] = { cmd_start_stop_unit,   0 },
 [ 0x1e ] = { cmd_prevent_allow_medium_removal,  0 },
-[ 0x25 ] = { cmd_read_cdvd_capacity,0 },
+[ 0x25 ] = { cmd_read_cdvd_capacity,CHECK_READY },
 [ 0x28 ] = { cmd_read, /* (10) */   0 },
-[ 0x2b ] = { cmd_seek,  0 },
-[ 0x43 ] = { cmd_read_toc_pma_atip, 0 },
+[ 0x2b ] = { cmd_seek,  CHECK_READY },
+[ 0x43 ] = { cmd_read_toc_pma_atip, CHECK_READY },
 [ 0x46 ] = { cmd_get_configuration, ALLOW_UA },
 [ 0x4a ] = { cmd_get_event_status_notification, ALLOW_UA },
 [ 0x5a ] = { cmd_mode_sense, /* (10) */ 0 },
@@ -1126,6 +1116,14 @@ void ide_atapi_cmd(IDEState *s)
 return;
 }
 
+/* Report a Not Ready condition if appropriate for the command */
+if ((atapi_cmd_table[s->io_buffer[0]].flags & CHECK_READY) &&
+(!media_present(s) || !bdrv_is_inserted(s->bs)))
+{
+ide_atapi_cmd_error(s, SENSE_NOT_READY, ASC_MEDIUM_NOT_PRESENT);
+return;
+}
+
 /* Execute the command */
 if (atapi_cmd_table[s->io_buffer[0]].handler) {
 atapi_cmd_table[s->io_buffer[0]].handler(s, buf);
-- 
1.7.2.3

Re: [Qemu-devel] [PATCH v3 01/20] softfloat: fix floatx80 handling of NaN

[Peter Maydell]

On 20 April 2011 12:24, Aurelien Jarno  wrote:
> The floatx80 format uses an explicit bit that should be taken into account
> when converting to and from commonNaN format.
>
> When converting to commonNaN, the explicit bit should be removed if it is
> a 1, and a default NaN should be used if it is 0.
>
> When converting from commonNan, the explicit bit should be added.
>
> Signed-off-by: Aurelien Jarno 
> ---
>  fpu/softfloat-specialize.h |   23 ---
>  1 files changed, 16 insertions(+), 7 deletions(-)
>
> v1 -> v2: fix wrong condition that may create an infinity instead of a
>          NaN
> v2 -> v3: don't change the sign of the default NaN.

Reviewed-by: Peter Maydell 

-- PMM

[Qemu-devel] [PATCH v2 4/5] ide/atapi: Replace bdrv_get_geometry calls by s->nb_sectors

[Kevin Wolf]

The disk size can only change when the medium is changed, and the change
callback takes care of updating s->nb_sectors in this case.

Signed-off-by: Kevin Wolf 
---
 hw/ide/atapi.c |   21 ++---
 1 files changed, 6 insertions(+), 15 deletions(-)

diff --git a/hw/ide/atapi.c b/hw/ide/atapi.c
index d0bf7fd..5835caa 100644
--- a/hw/ide/atapi.c
+++ b/hw/ide/atapi.c
@@ -416,10 +416,10 @@ static int ide_dvd_read_structure(IDEState *s, int format,
 if (layer != 0)
 return -ASC_INV_FIELD_IN_CMD_PACKET;
 
-bdrv_get_geometry(s->bs, &total_sectors);
-total_sectors >>= 2;
-if (total_sectors == 0)
+total_sectors = s->nb_sectors >> 2;
+if (total_sectors == 0) {
 return -ASC_MEDIUM_NOT_PRESENT;
+}
 
 buf[4] = 1;   /* DVD-ROM, part version 1 */
 buf[5] = 0xf; /* 120mm disc, minimum rate unspecified */
@@ -881,11 +881,8 @@ static void cmd_read_cd(IDEState *s, uint8_t* buf)
 static void cmd_seek(IDEState *s, uint8_t* buf)
 {
 unsigned int lba;
-uint64_t total_sectors;
-
-bdrv_get_geometry(s->bs, &total_sectors);
+uint64_t total_sectors = s->nb_sectors >> 2;
 
-total_sectors >>= 2;
 if (total_sectors == 0) {
 ide_atapi_cmd_error(s, SENSE_NOT_READY, ASC_MEDIUM_NOT_PRESENT);
 return;
@@ -944,12 +941,9 @@ static void cmd_mechanism_status(IDEState *s, uint8_t* buf)
 static void cmd_read_toc_pma_atip(IDEState *s, uint8_t* buf)
 {
 int format, msf, start_track, len;
-uint64_t total_sectors;
+uint64_t total_sectors = s->nb_sectors >> 2;
 int max_len;
 
-bdrv_get_geometry(s->bs, &total_sectors);
-
-total_sectors >>= 2;
 if (total_sectors == 0) {
 ide_atapi_cmd_error(s, SENSE_NOT_READY, ASC_MEDIUM_NOT_PRESENT);
 return;
@@ -990,11 +984,8 @@ static void cmd_read_toc_pma_atip(IDEState *s, uint8_t* 
buf)
 
 static void cmd_read_cdvd_capacity(IDEState *s, uint8_t* buf)
 {
-uint64_t total_sectors;
-
-bdrv_get_geometry(s->bs, &total_sectors);
+uint64_t total_sectors = s->nb_sectors >> 2;
 
-total_sectors >>= 2;
 if (total_sectors == 0) {
 ide_atapi_cmd_error(s, SENSE_NOT_READY, ASC_MEDIUM_NOT_PRESENT);
 return;
-- 
1.7.2.3

[Qemu-devel] [PATCH v2 2/3] target-ppc: use softfloat min/max functions

[Aurelien Jarno]

Use the new softfloat float32_min() and float32_max() to implement the
vminfp and vmaxfp instructions.

Cc: Alexander Graf 
Signed-off-by: Aurelien Jarno 
---
 target-ppc/op_helper.c |   20 ++--
 1 files changed, 2 insertions(+), 18 deletions(-)

diff --git a/target-ppc/op_helper.c b/target-ppc/op_helper.c
index f2c80a3..f1cdef9 100644
--- a/target-ppc/op_helper.c
+++ b/target-ppc/op_helper.c
@@ -2092,6 +2092,8 @@ VARITH(uwm, u32)
 }
 VARITHFP(addfp, float32_add)
 VARITHFP(subfp, float32_sub)
+VARITHFP(minfp, float32_min)
+VARITHFP(maxfp, float32_max)
 #undef VARITHFP
 
 #define VARITHSAT_CASE(type, op, cvt, element)  \
@@ -2369,24 +2371,6 @@ VMINMAX(uw, u32)
 #undef VMINMAX_DO
 #undef VMINMAX
 
-#define VMINMAXFP(suffix, rT, rF)   \
-void helper_v##suffix (ppc_avr_t *r, ppc_avr_t *a, ppc_avr_t *b)\
-{   \
-int i;  \
-for (i = 0; i < ARRAY_SIZE(r->f); i++) {\
-HANDLE_NAN2(r->f[i], a->f[i], b->f[i]) {\
-if (float32_lt_quiet(a->f[i], b->f[i], &env->vec_status)) { \
-r->f[i] = rT->f[i]; \
-} else {\
-r->f[i] = rF->f[i]; \
-}   \
-}   \
-}   \
-}
-VMINMAXFP(minfp, a, b)
-VMINMAXFP(maxfp, b, a)
-#undef VMINMAXFP
-
 void helper_vmladduhm (ppc_avr_t *r, ppc_avr_t *a, ppc_avr_t *b, ppc_avr_t *c)
 {
 int i;
-- 
1.7.2.3

[Qemu-devel] [PATCH v2 1/3] target-ppc: simplify NaN propagation for vector functions

[Aurelien Jarno]

Commit e024e881bb1a8b5085026589360d26ed97acdd64 provided a pickNaN()
function for PowerPC, implementing the correct NaN propagation rules.
Therefore there is no need to test the operands manually, we can rely
on the softfloat code to do that.

Cc: Alexander Graf 
Signed-off-by: Aurelien Jarno 
---
 target-ppc/op_helper.c |   26 +++---
 1 files changed, 7 insertions(+), 19 deletions(-)

Note: Unfortunately the current propagation rules implemented in 
softfloat only concerns 2 operands operations, so we have to keep
HANDLE_NAN3 for now.

diff --git a/target-ppc/op_helper.c b/target-ppc/op_helper.c
index d5db484..f2c80a3 100644
--- a/target-ppc/op_helper.c
+++ b/target-ppc/op_helper.c
@@ -2087,9 +2087,7 @@ VARITH(uwm, u32)
 {   \
 int i;  \
 for (i = 0; i < ARRAY_SIZE(r->f); i++) {\
-HANDLE_NAN2(r->f[i], a->f[i], b->f[i]) {\
-r->f[i] = func(a->f[i], b->f[i], &env->vec_status); \
-}   \
+r->f[i] = func(a->f[i], b->f[i], &env->vec_status); \
 }   \
 }
 VARITHFP(addfp, float32_add)
@@ -2650,9 +2648,7 @@ void helper_vrefp (ppc_avr_t *r, ppc_avr_t *b)
 {
 int i;
 for (i = 0; i < ARRAY_SIZE(r->f); i++) {
-HANDLE_NAN1(r->f[i], b->f[i]) {
-r->f[i] = float32_div(float32_one, b->f[i], &env->vec_status);
-}
+r->f[i] = float32_div(float32_one, b->f[i], &env->vec_status);
 }
 }
 
@@ -2663,9 +2659,7 @@ void helper_vrefp (ppc_avr_t *r, ppc_avr_t *b)
 float_status s = env->vec_status;   \
 set_float_rounding_mode(rounding, &s);  \
 for (i = 0; i < ARRAY_SIZE(r->f); i++) {\
-HANDLE_NAN1(r->f[i], b->f[i]) { \
-r->f[i] = float32_round_to_int (b->f[i], &s);   \
-}   \
+r->f[i] = float32_round_to_int (b->f[i], &s);   \
 }   \
 }
 VRFI(n, float_round_nearest_even)
@@ -2693,10 +2687,8 @@ void helper_vrsqrtefp (ppc_avr_t *r, ppc_avr_t *b)
 {
 int i;
 for (i = 0; i < ARRAY_SIZE(r->f); i++) {
-HANDLE_NAN1(r->f[i], b->f[i]) {
-float32 t = float32_sqrt(b->f[i], &env->vec_status);
-r->f[i] = float32_div(float32_one, t, &env->vec_status);
-}
+float32 t = float32_sqrt(b->f[i], &env->vec_status);
+r->f[i] = float32_div(float32_one, t, &env->vec_status);
 }
 }
 
@@ -2710,9 +2702,7 @@ void helper_vexptefp (ppc_avr_t *r, ppc_avr_t *b)
 {
 int i;
 for (i = 0; i < ARRAY_SIZE(r->f); i++) {
-HANDLE_NAN1(r->f[i], b->f[i]) {
-r->f[i] = float32_exp2(b->f[i], &env->vec_status);
-}
+r->f[i] = float32_exp2(b->f[i], &env->vec_status);
 }
 }
 
@@ -2720,9 +2710,7 @@ void helper_vlogefp (ppc_avr_t *r, ppc_avr_t *b)
 {
 int i;
 for (i = 0; i < ARRAY_SIZE(r->f); i++) {
-HANDLE_NAN1(r->f[i], b->f[i]) {
-r->f[i] = float32_log2(b->f[i], &env->vec_status);
-}
+r->f[i] = float32_log2(b->f[i], &env->vec_status);
 }
 }
 
-- 
1.7.2.3

[Qemu-devel] [PATCH v2 3/3] target-ppc: remove old CONFIG_SOFTFLOAT #ifdef

[Aurelien Jarno]

target-ppc has been switched to softfloat only long ago, but a
few #ifdef CONFIG_SOFTFLOAT have been forgotten. Remove them.

Cc: Alexander Graf 
Signed-off-by: Aurelien Jarno 
---
 target-ppc/helper.h|2 --
 target-ppc/op_helper.c |   11 ---
 target-ppc/translate.c |2 --
 3 files changed, 0 insertions(+), 15 deletions(-)

diff --git a/target-ppc/helper.h b/target-ppc/helper.h
index 7c02be9..ead0f12 100644
--- a/target-ppc/helper.h
+++ b/target-ppc/helper.h
@@ -51,9 +51,7 @@ DEF_HELPER_FLAGS_1(cntlzw32, TCG_CALL_CONST | TCG_CALL_PURE, 
i32, i32)
 DEF_HELPER_FLAGS_2(brinc, TCG_CALL_CONST | TCG_CALL_PURE, tl, tl, tl)
 
 DEF_HELPER_0(float_check_status, void)
-#ifdef CONFIG_SOFTFLOAT
 DEF_HELPER_0(reset_fpstatus, void)
-#endif
 DEF_HELPER_2(compute_fprf, i32, i64, i32)
 DEF_HELPER_2(store_fpscr, void, i64, i32)
 DEF_HELPER_1(fpscr_clrbit, void, i32)
diff --git a/target-ppc/op_helper.c b/target-ppc/op_helper.c
index f1cdef9..0b0cdb1 100644
--- a/target-ppc/op_helper.c
+++ b/target-ppc/op_helper.c
@@ -972,7 +972,6 @@ void helper_store_fpscr (uint64_t arg, uint32_t mask)
 
 void helper_float_check_status (void)
 {
-#ifdef CONFIG_SOFTFLOAT
 if (env->exception_index == POWERPC_EXCP_PROGRAM &&
 (env->error_code & POWERPC_EXCP_FP)) {
 /* Differred floating-point exception after target FPR update */
@@ -990,22 +989,12 @@ void helper_float_check_status (void)
 float_inexact_excp();
 }
 }
-#else
-if (env->exception_index == POWERPC_EXCP_PROGRAM &&
-(env->error_code & POWERPC_EXCP_FP)) {
-/* Differred floating-point exception after target FPR update */
-if (msr_fe0 != 0 || msr_fe1 != 0)
-helper_raise_exception_err(env->exception_index, env->error_code);
-}
-#endif
 }
 
-#ifdef CONFIG_SOFTFLOAT
 void helper_reset_fpstatus (void)
 {
 set_float_exception_flags(0, &env->fp_status);
 }
-#endif
 
 /* fadd - fadd. */
 uint64_t helper_fadd (uint64_t arg1, uint64_t arg2)
diff --git a/target-ppc/translate.c b/target-ppc/translate.c
index a943dbc..5659436 100644
--- a/target-ppc/translate.c
+++ b/target-ppc/translate.c
@@ -212,9 +212,7 @@ struct opc_handler_t {
 
 static inline void gen_reset_fpstatus(void)
 {
-#ifdef CONFIG_SOFTFLOAT
 gen_helper_reset_fpstatus();
-#endif
 }
 
 static inline void gen_compute_fprf(TCGv_i64 arg, int set_fprf, int set_rc)
-- 
1.7.2.3

Re: [Qemu-devel] [PATCH v2 1/3] target-ppc: simplify NaN propagation for vector functions

[Peter Maydell]

On 20 April 2011 12:32, Aurelien Jarno  wrote:
> Commit e024e881bb1a8b5085026589360d26ed97acdd64 provided a pickNaN()
> function for PowerPC, implementing the correct NaN propagation rules.
> Therefore there is no need to test the operands manually, we can rely
> on the softfloat code to do that.
>
> Cc: Alexander Graf 
> Signed-off-by: Aurelien Jarno 
> ---
>  target-ppc/op_helper.c |   26 +++---
>  1 files changed, 7 insertions(+), 19 deletions(-)
>
> Note: Unfortunately the current propagation rules implemented in
> softfloat only concerns 2 operands operations, so we have to keep
> HANDLE_NAN3 for now.

These first two patches remove all of the uses of HANDLE_NAN1 and
HANDLE_NAN2, so we can just delete those macro definitions, right?

You could clean up DO_HANDLE_NAN a little:

#define DO_HANDLE_NAN(result, x)   \
if (float32_is_any_nan(x)) {   \
result = float32_maybe_silence_nan(x); \
} else

On a slight tangent:

I need to add ARM support for fused multiply-accumulate (vfma,vfms),
so perhaps in the long run it would be better to make them softfloat
primitives? (they are after all in the new IEEE spec, so they're in
softfloat's domain in some sense.) That would move the 'propagate one
of 3 NaNs' logic into softfloat.

(I suspect that implementing fused-mac by doing intermediate results
mas float64 will set the Inexact bit for some cases where the hardware
will not, but I haven't thought too deeply about it yet.)

-- PMM

Re: [Qemu-devel] [PATCH] xen-upstream-qemu: get vncpassword through xenstore, enable VNC_AUTH_VNC

[Stefano Stabellini]

On Wed, 20 Apr 2011, ZhouPeng wrote:
> This pacth allows you to use vncpasswd for xen-upstream-qemu
> 
> Signed-off-by: Zhou Peng 
> 
> xen-upstream-qemu: get vncpassword through xenstore, enable VNC_AUTH_VNC
> 

This patch is for upstream qemu, right?
In that case you always need to CC qemu-devel@nongnu.org.
Also when submitting patches for upstream qemu we need to try to reuse
the existing infrastructure to do things.
In this particular example, we cannot use xenstore to communicate the
password to qemu, we have to use QMP that is the RPC mechanism exported
by Qemu. Unfortunately libxl doesn't speak QMP yet, but adding QMP
support to libxl is one of the next things that have to be done anyway.

Re: [Qemu-devel] [PATCH v2] Improve accuracy of block migration bandwidth calculation

[Kevin Wolf]

Am 03.04.2011 10:31, schrieb Avishay Traeger:
> 
> Revised patch for improving the accuracy of the block migration bandwidth
> calculation.  Thanks a lot to Michael Roth for the input.
> 
> For those that missed the original patch, here is the description:
> block_mig_state.total_time is currently the sum of the read request
> latencies.  This is not very accurate because block migration uses aio and
> so several requests can be submitted at once.  Bandwidth should be computed
> with wall-clock time, not by adding the latencies.  In this case,
> "total_time" has a higher value than it should, and so the computed
> bandwidth is lower than it is in reality.  This means that migration can
> take longer than it needs to.
> However, we don't want to use pure wall-clock time here.  We are computing
> bandwidth in the asynchronous phase, where the migration repeatedly wakes
> up and sends some aio requests.  The computed bandwidth will be used for
> synchronous transfer.
> 
> 
> Avishay
> 
> 
> Signed-off-by: Avishay Traeger 

Thanks. Fixed line wraps and coding style and applied to the block
branch. Please take care to avoid patch corruption next time - usually
such patches are not fixed manually, but rejected.

Kevin

Re: [Qemu-devel] [PATCH] virtio-serial: Fix endianness bug in the config space

[Amit Shah]

On (Tue) 19 Apr 2011 [12:03:46], David Gibson wrote:
> From: Alexey Kardashevskiy 
> 
> The virtio serial specification requres that the values in the config
> space are encoded in native endian of the guest.
> 
> The qemu virtio-serial code did not do conversion to the guest endian
> format what caused problems when host and guest use different format.
> 
> This patch corrects the qemu side, correctly doing host-native <->
> guest-native conversions when accessing the config space. This won't
> break any setups that aren't already broken, and fixes the case
> of different host and guest endianness.
> 
> Signed-off-by: Alexey Kardashevskiy 

Thanks; please put your sign-off as well.

I'd also like an ACK from someone else before I push this in.  Juan?

> ---
>  hw/virtio-serial-bus.c |   23 +--
>  1 files changed, 13 insertions(+), 10 deletions(-)
> 
> diff --git a/hw/virtio-serial-bus.c b/hw/virtio-serial-bus.c
> index 6227379..f10d48f 100644
> --- a/hw/virtio-serial-bus.c
> +++ b/hw/virtio-serial-bus.c
> @@ -494,7 +494,7 @@ static void virtio_serial_save(QEMUFile *f, void *opaque)
>  VirtIOSerial *s = opaque;
>  VirtIOSerialPort *port;
>  uint32_t nr_active_ports;
> -unsigned int i;
> +unsigned int i, max_nr_ports;
>  
>  /* The virtio device */
>  virtio_save(&s->vdev, f);
> @@ -506,8 +506,8 @@ static void virtio_serial_save(QEMUFile *f, void *opaque)
>  qemu_put_be32s(f, &s->config.max_nr_ports);
>  
>  /* The ports map */
> -
> -for (i = 0; i < (s->config.max_nr_ports + 31) / 32; i++) {
> +max_nr_ports = tswap32(s->config.max_nr_ports);
> +for (i = 0; i < (max_nr_ports + 31) / 32; i++) {
>  qemu_put_be32s(f, &s->ports_map[i]);
>  }
>  
> @@ -568,7 +568,8 @@ static int virtio_serial_load(QEMUFile *f, void *opaque, 
> int version_id)
>  qemu_get_be16s(f, &s->config.rows);
>  
>  qemu_get_be32s(f, &max_nr_ports);
> -if (max_nr_ports > s->config.max_nr_ports) {
> +tswap32s(&max_nr_ports);
> +if (max_nr_ports > tswap32(s->config.max_nr_ports)) {
>  /* Source could have had more ports than us. Fail migration. */
>  return -EINVAL;
>  }
> @@ -670,9 +671,10 @@ static void virtser_bus_dev_print(Monitor *mon, 
> DeviceState *qdev, int indent)
>  /* This function is only used if a port id is not provided by the user */
>  static uint32_t find_free_port_id(VirtIOSerial *vser)
>  {
> -unsigned int i;
> +unsigned int i, max_nr_ports;
>  
> -for (i = 0; i < (vser->config.max_nr_ports + 31) / 32; i++) {
> +max_nr_ports = tswap32(vser->config.max_nr_ports);
> +for (i = 0; i < (max_nr_ports + 31) / 32; i++) {
>  uint32_t map, bit;
>  
>  map = vser->ports_map[i];
> @@ -720,7 +722,7 @@ static int virtser_port_qdev_init(DeviceState *qdev, 
> DeviceInfo *base)
>  VirtIOSerialPort *port = DO_UPCAST(VirtIOSerialPort, dev, qdev);
>  VirtIOSerialPortInfo *info = DO_UPCAST(VirtIOSerialPortInfo, qdev, base);
>  VirtIOSerialBus *bus = DO_UPCAST(VirtIOSerialBus, qbus, 
> qdev->parent_bus);
> -int ret;
> +int ret, max_nr_ports;
>  bool plugging_port0;
>  
>  port->vser = bus->vser;
> @@ -750,9 +752,10 @@ static int virtser_port_qdev_init(DeviceState *qdev, 
> DeviceInfo *base)
>  }
>  }
>  
> -if (port->id >= port->vser->config.max_nr_ports) {
> +max_nr_ports = tswap32(port->vser->config.max_nr_ports);
> +if (port->id >= max_nr_ports) {
>  error_report("virtio-serial-bus: Out-of-range port id specified, 
> max. allowed: %u\n",
> - port->vser->config.max_nr_ports - 1);
> + max_nr_ports - 1);
>  return -1;
>  }
>  
> @@ -863,7 +866,7 @@ VirtIODevice *virtio_serial_init(DeviceState *dev, 
> virtio_serial_conf *conf)
>  vser->ovqs[i] = virtio_add_queue(vdev, 128, handle_output);
>  }
>  
> -vser->config.max_nr_ports = conf->max_virtserial_ports;
> +vser->config.max_nr_ports = tswap32(conf->max_virtserial_ports);
>  vser->ports_map = qemu_mallocz(((conf->max_virtserial_ports + 31) / 32)
>  * sizeof(vser->ports_map[0]));
>  /*
> -- 
> 1.7.1
> 

Amit

Re: [Qemu-devel] [PATCH v2 1/3] target-ppc: simplify NaN propagation for vector functions

[Nathan Froyd]

On Wed, Apr 20, 2011 at 01:04:48PM +0100, Peter Maydell wrote:
> I need to add ARM support for fused multiply-accumulate (vfma,vfms),
> so perhaps in the long run it would be better to make them softfloat
> primitives? (they are after all in the new IEEE spec, so they're in
> softfloat's domain in some sense.) That would move the 'propagate one
> of 3 NaNs' logic into softfloat.

+1 to implementing fma in softfloat.

-Nathan

Re: [Qemu-devel] [PATCH 00/24] Alpha system emulation, v2

[Brian Wheeler]

I'd like to second Tristan in saying that I'm glad someone is working on
alpha system emulation -- its long overdue!  

Brian

On Wed, 2011-04-20 at 11:06 +0200, Tristan Gingold wrote:
> On Apr 19, 2011, at 5:04 PM, Richard Henderson wrote:
> 
> > Changes from v1 to v2:
> >  - Split patch 5 up into little pieces.  These pieces were compile
> >tested by applying patch 23 (Enable alpha-softmmu) out of sequence
> >so that both softmmu and linux-user targets were built.  But in
> >the end I chickened out and re-ordered the enable patch to last.
> > 
> >  - The TB->FLAGS patch is more comprehensive.  In doing the split I
> >noticed that we were doing funny things with AMASK that really
> >ought to have belonged in the TB in the first place.
> > 
> >  - The patch for unassigned addresses is more comprehensive.  I had
> >previously failed to do the if-deffing dance in the generic part
> >of QEMU.
> > 
> >  - The PALcode source is added as a submodule.
> 
> Richard,
> 
> it looks like I miss the v1.  Anyway, some random comments:
> 
> * thank you for working on that!
> 
> * sx164 is ev56 based, isn't it ?  It would be nice if cpu version specific 
> code is clearly marked.
>   In particular (and IIRC), pal mode for ev6 is much closer to ev4 than to 
> ev5.  Don't know about ev7.
>   It would be nice if we could easily support both ev5 and ev6.
> 
> * Yes, executive and supervisor are used only by VMS (well AFAIK).  I'd like 
> to support it.
>   Did you try to also support the windows mmu mode ?
> 
> * Again, thank you for working on that.
> 
> Tristan.
> 
> 
> 

[Qemu-devel] [PULL] qemu-timer: Add and use new function qemu_timer_expired_ns and other patches

[Stefan Weil]

Hello,

the four qemu-timer related patches which I sent to qemu-devel can now 
be pulled.

Maybe this makes the commit to git master easier.

There was no feedback for the first three patches.

The fourth patch changes windows code only and is needed for native windows.

Cheers,
Stefan Weil


The following changes since commit ec52b8753a372de30b22d9b4765a799db612:

  target-arm: Set Invalid flag for NaN in float-to-int conversions 
(2011-04-20 13:01:05 +0200)


are available in the git repository at:
  git://qemu.weilnetz.de/git/qemu.git/ patches

Stefan Weil (4):
  qemu-timer: Add and use new function qemu_timer_expired_ns
  qemu-timer: Remove unneeded include statement (w32)
  qemu-timer: Avoid type casts
  qemu-timer: Fix timers for w32

 qemu-timer.c |  155 
--

 qemu-timer.h |1 -
 2 files changed, 128 insertions(+), 28 deletions(-)

Re: [Qemu-devel] QEMU-KVM and hardened (GRSEC/PaX) kernel

[Avi Kivity]

On 04/17/2011 01:45 AM, Антон Кочков wrote:

Good day!
I'm trying to make working qemu-kvm with hardened gentoo on hardened kernel.
When i'm using CONFIG_PAX_KERNPAGEXEC and CONFIG_PAX_MEM_UNDEREF qemu just start
and go to infinite loop and take 100% of one of my CPU core. adn it
even can't be killed.
Also it is dont give answer for qemu monitor/remote gdb.
When I'm changed these two values as disabled, qemu-kvm now start, and
stop (i mean qemu monitor show that virtual machine is running, but no
any activity/output). Also it's load about 0%.
See details in bug http://bugs.gentoo.org/show_bug.cgi?id=363713

Hope this info help improve qemu-kvm.



As Blue says, the problem is likely in kvm, not qemu.

Please try:
- hardened guest on soft host (I expect this to work)
- soft guest on hardened host (I expect this to fail).

Are you using an Intel or AMD host?

Note virtualization hardware will play with segmentation and defeat all 
those games the hardened kernel plays.


--
error compiling committee.c: too many arguments to function

Re: [Qemu-devel] [PATCH 00/24] Alpha system emulation, v2

[Richard Henderson]

On 04/20/2011 02:06 AM, Tristan Gingold wrote:
> * sx164 is ev56 based, isn't it ?  It would be nice if cpu version specific 
> code is clearly marked.

Yes, but most importantly it is the most evolved of the single hose systems.
QEMU is nowhere near ready to deal with multiple PCI host controllers, and
multiple ISA buses.

I actually planned on emulating an EV67 but using the SX164 HW.  I think the
Linux kernel will be that forgiving...

>   In particular (and IIRC), pal mode for ev6 is much closer to ev4 than to 
> ev5.  Don't know about ev7.
>   It would be nice if we could easily support both ev5 and ev6.

Ah, see, here's where there may be some confusion...

I'm not implementing any of the real cpu ISRs.  I'm not using any of the real
PALcode.  I'm implementing my own QEMU-specific ISRs and and writing my own
PALcode, starting with MILO's PALcode but I've diverged significantly since.

I'm also cheating a bit and implementing a number of the simple CALL_PALs
inline in QEMU.  But that really started when I discovered how confused gdb
could get attempting to step across a transition to/from PALmode.

> * Yes, executive and supervisor are used only by VMS (well AFAIK).  I'd like 
> to support it.

Well, if you'd like to help write the PALcode for VMS, sure.  It certainly
looks like a larger job than the Unix PALcode.

>   Did you try to also support the windows mmu mode ?

Nope.  I can't really imagine that being of interest to anyone.


r~

[Qemu-devel] [PATCH] target-arm: Move VLD/VST multiple into helper functions

[Peter Maydell]

Move VLD/VST multiple into helper functions, as some cases can
generate more TCG ops than the maximum per-instruction limit
and certainly more than the recommended 20.

Signed-off-by: Peter Maydell 
---
This patch is inspired by one from the meego tree:
 
http://git.linaro.org/gitweb?p=qemu/qemu-linaro.git;a=commitdiff;h=a5b2a79c7929726bac5157783de81d22793efd12
but I've reworked it to do the decoding at translate time rather
than in the helper function.

It is intended to apply on top of the neon load/store UNDEF fixes:
http://patchwork.ozlabs.org/patch/91824/
http://patchwork.ozlabs.org/patch/91825/

but I thought it would be better to push it out now for review
rather than waiting for those to be committed.

I hope you all like macros :-)

 target-arm/helper.h  |   40 +
 target-arm/neon_helper.c |  127 +
 target-arm/translate.c   |  140 +++---
 3 files changed, 199 insertions(+), 108 deletions(-)

diff --git a/target-arm/helper.h b/target-arm/helper.h
index ae701e8..7a25288 100644
--- a/target-arm/helper.h
+++ b/target-arm/helper.h
@@ -472,4 +472,44 @@ DEF_HELPER_2(neon_qzip8, void, i32, i32)
 DEF_HELPER_2(neon_qzip16, void, i32, i32)
 DEF_HELPER_2(neon_qzip32, void, i32, i32)
 
+/* The VLD/VST multiple ops have a particular set of 'op' fields
+ * which decode into specific (nregs,interleave,spacing) combinations.
+ * There are 11 valid combinations, each of which has a helper
+ * for load and store for four operand sizes.
+ */
+#define FOREACH_VLDST_L_SIZE(OP, N, I, S) \
+OP(st, 0, N, I, S) \
+OP(ld, 0, N, I, S) \
+OP(st, 1, N, I, S) \
+OP(ld, 1, N, I, S) \
+OP(st, 2, N, I, S) \
+OP(ld, 2, N, I, S) \
+OP(st, 3, N, I, S) \
+OP(ld, 3, N, I, S)
+
+#define FOREACH_VLDST_HELPER(OP)   \
+FOREACH_VLDST_L_SIZE(OP, 4, 4, 1) \
+FOREACH_VLDST_L_SIZE(OP, 4, 4, 2) \
+FOREACH_VLDST_L_SIZE(OP, 4, 1, 1) \
+FOREACH_VLDST_L_SIZE(OP, 4, 2, 1) \
+FOREACH_VLDST_L_SIZE(OP, 3, 3, 1) \
+FOREACH_VLDST_L_SIZE(OP, 3, 3, 2) \
+FOREACH_VLDST_L_SIZE(OP, 3, 1, 1) \
+FOREACH_VLDST_L_SIZE(OP, 1, 1, 1) \
+FOREACH_VLDST_L_SIZE(OP, 2, 2, 1) \
+FOREACH_VLDST_L_SIZE(OP, 2, 2, 2) \
+FOREACH_VLDST_L_SIZE(OP, 2, 1, 1)
+
+/* Get the index into a table created by FOREACH_VLDST_HELPER;
+ * the calculation has to match the order in which that macro expands things.
+ */
+#define VLDST_HELPER_INDEX(ld, sz, op) (((op) * 8) + ((sz) * 2) + (ld))
+
+#define VLDST_HELPER_NAME(ld, sz, n, i, s) neon_v##ld##_##sz##_##n##_##i##_##s
+
+#define DECLARE_VLDST_HELPER(ld, sz, n, i, s) \
+DEF_HELPER_2(VLDST_HELPER_NAME(ld, sz, n, i, s), void, i32, i32)
+
+FOREACH_VLDST_HELPER(DECLARE_VLDST_HELPER)
+
 #include "def-helper.h"
diff --git a/target-arm/neon_helper.c b/target-arm/neon_helper.c
index f5b173a..c88bbd8 100644
--- a/target-arm/neon_helper.c
+++ b/target-arm/neon_helper.c
@@ -2024,3 +2024,130 @@ void HELPER(neon_zip16)(uint32_t rd, uint32_t rm)
 env->vfp.regs[rm] = make_float64(m0);
 env->vfp.regs[rd] = make_float64(d0);
 }
+
+/* Note that these need to handle unaligned accesses */
+#if defined(CONFIG_USER_ONLY)
+#define LDB(addr) ldub(addr)
+#define LDW(addr) lduw(addr)
+#define LDL(addr) ldl(addr)
+#define LDQ(addr) ldq(addr)
+#define STB(addr, val) stb(addr, val)
+#define STW(addr, val) stw(addr, val)
+#define STL(addr, val) stl(addr, val)
+#define STQ(addr, val) stq(addr, val)
+#define DEFINE_USER_VAR do {} while (0)
+#else
+#define LDB(addr) slow_ldb_mmu(addr, user, GETPC())
+#define LDW(addr) slow_ldw_mmu(addr, user, GETPC())
+#define LDL(addr) slow_ldl_mmu(addr, user, GETPC())
+#define LDQ(addr) slow_ldq_mmu(addr, user, GETPC())
+#define STB(addr, val) slow_stb_mmu(addr, val, user, GETPC())
+#define STW(addr, val) slow_stw_mmu(addr, val, user, GETPC())
+#define STL(addr, val) slow_stl_mmu(addr, val, user, GETPC())
+#define STQ(addr, val) slow_stq_mmu(addr, val, user, GETPC())
+#define DEFINE_USER_VAR int user = cpu_mmu_index(env)
+#endif
+
+/* Helper functions for Neon VLDn/VSTn "multiple structures" forms. */
+
+#define NEON_VLDST_HELPER(ldst, size, nregs, interleave, spacing)   \
+void HELPER(VLDST_HELPER_NAME(ldst, size, nregs, interleave, spacing))  \
+(uint32_t startaddr, uint32_t rd)   \
+{   \
+const int stride = (1 << size) * interleave;\
+int reg;\
+uint32_t addr = startaddr;  \
+DEFINE_USER_VAR;\
+for (reg = 0; reg < nregs; reg++) { \
+if (interleave > 2 || (interleave == 2 && nregs == 2)) {\
+addr = startaddr + (1 << size) * reg;   \
+} else if (interleave == 2 && nregs == 4 

Re: [Qemu-devel] [PATCH] virtio-serial: Fix endianness bug in the config space

[David Gibson]

On Wed, Apr 20, 2011 at 06:06:45PM +0530, Amit Shah wrote:
> On (Tue) 19 Apr 2011 [12:03:46], David Gibson wrote:
> > From: Alexey Kardashevskiy 
> > 
> > The virtio serial specification requres that the values in the config
> > space are encoded in native endian of the guest.
> > 
> > The qemu virtio-serial code did not do conversion to the guest endian
> > format what caused problems when host and guest use different format.
> > 
> > This patch corrects the qemu side, correctly doing host-native <->
> > guest-native conversions when accessing the config space. This won't
> > break any setups that aren't already broken, and fixes the case
> > of different host and guest endianness.
> > 
> > Signed-off-by: Alexey Kardashevskiy 
> 
> Thanks; please put your sign-off as well.

Oops.

Signed-off-by: David Gibson 

-- 
David Gibson| I'll have my music baroque, and my code
david AT gibson.dropbear.id.au  | minimalist, thank you.  NOT _the_ _other_
| _way_ _around_!
http://www.ozlabs.org/~dgibson

Re: [Qemu-devel] [PATCH 00/24] Alpha system emulation, v2

[Tristan Gingold]

On Apr 20, 2011, at 4:46 PM, Richard Henderson wrote:

> On 04/20/2011 02:06 AM, Tristan Gingold wrote:
>> * sx164 is ev56 based, isn't it ?  It would be nice if cpu version specific 
>> code is clearly marked.
> 
> Yes, but most importantly it is the most evolved of the single hose systems.
> QEMU is nowhere near ready to deal with multiple PCI host controllers, and
> multiple ISA buses.

Right, but you could create an ev67 machine with a single PCI controller (or 
put all the devices on the same
PCI controller).

> I actually planned on emulating an EV67 but using the SX164 HW.  I think the
> Linux kernel will be that forgiving...
> 
>>  In particular (and IIRC), pal mode for ev6 is much closer to ev4 than to 
>> ev5.  Don't know about ev7.
>>  It would be nice if we could easily support both ev5 and ev6.
> 
> Ah, see, here's where there may be some confusion...
> 
> I'm not implementing any of the real cpu ISRs.  I'm not using any of the real
> PALcode.  I'm implementing my own QEMU-specific ISRs and and writing my own
> PALcode, starting with MILO's PALcode but I've diverged significantly since.

Ah, ok I understand.  I fear that if you implement your own ISR, you will only 
be able to boot linux...
which I suppose is your primary target.  OTOH, it will be much faster than a 
native ISR.

Tristan.

Re: [Qemu-devel] [PATCH 00/24] Alpha system emulation, v2

[Richard Henderson]

On 04/20/2011 08:46 AM, Tristan Gingold wrote:
> Right, but you could create an ev67 machine with a single PCI
> controller (or put all the devices on the same PCI controller).

Even the lowly ds10 has two hoses.

I'll admit I hadn't considered engineering the second hose to
be "present" but always appear empty.  It's something to consider.

> Ah, ok I understand.  I fear that if you implement your own ISR, you will 
> only be able to boot linux...
> which I suppose is your primary target.  OTOH, it will be much faster than a 
> native ISR.

Yes, Linux is the primary goal.

But I suspect that if I implemented enough of CALL_PAL CSERVE,
you could boot Tru64, or at least one of the BSDs.


r~

Re: [Qemu-devel] [PATCH] configure: Make epoll_create1 test work around SPARC glibc bug

[Blue Swirl]

On Wed, Apr 20, 2011 at 9:53 AM, Peter Maydell  wrote:
> On 19 April 2011 21:36, Blue Swirl  wrote:
>> Sorry, I just picked a define without much thought. A more specific
>> one would be flags parameter of epoll_create1(), like EPOLL_CLOEXEC or
>> EPOLL_NONBLOCK. We don't use them now since the target system call
>> argument is passed untranslated to host, but that is actually not
>> correct, since the bit definitions could be different. So checking for
>> one of those should be OK.
>
> Unfortunately the header file on the system in question defines
> both EPOLL_CLOEXEC and EPOLL_NONBLOCK even though it doesn't
> prototype epoll_create1(). So this idea won't work.
> The bug we are effectively trying to work around is the one fixed
> by this libc patch:
> http://sourceware.org/ml/libc-alpha/2010-08/msg00128.html
>
> The only problem with the header is that it doesn't declare the
> function, so the only way to detect it is to do something that
> will fail if the function isn't declared, like compiling -Werror.

This also fails without -Werror:
#include 

int main(void)
{
epoll_create1;
return 0;
}

[Qemu-devel] [PATCH V14 00/17] Xen device model support

[anthony.perard]

From: Anthony PERARD 

Hi all,

Update of the patch series that address comment from Jan Kiszka.

The change v13->v14:
  - Remove of ram_size parameter from pc_memory_init
  - set both below/above_4g_mem_size at the same place in the code.

Change v12->v13:
  - There are few changes in the xen init code. A xen_hvm_init function is new
in this patch set and is call from xenfv:machine->init.
  -> So "-xen-create -M xenpv" will continue to work as before this patch
series.
  - There is a new reset handler to set env->halted = 0 on the first vcpu.
  - One change have been made to pc_memory_init, the calculation of
below/above_4g_mem_size have been moved to pc_init1. This is to remove a
"random" "if (xen()) return;" in pc_memory_init.
  - xen_map_block is a new function to map RAMBlock that belong to a ROM/RAM of
a device.
  - fix cpu_physical_memory_unmap with mapcache, Because qemu_get_ram_ptr can
be called more than one time in cpu_physical_memory_map, qemu_put_ram_ptr
need to be called the same amount of time.
  - Add some trace_* call.


This series depends on the series "Introduce "machine" QemuOpts".

You can find a git tree here:

git://xenbits.xen.org/people/aperard/qemu-dm.git qemu-dm-v14



Anthony PERARD (13):
  xen: Replace some tab-indents with spaces (clean-up).
  xen: Make Xen build once.
  xen: Support new libxc calls from xen unstable.
  xen: Add initialisation of Xen
  pc_memory_init: Move memory calculation to the caller.
  xen: Add xenfv machine
  piix_pci: Introduces Xen specific call for irq.
  xen: Introduce Xen Interrupt Controller
  Introduce qemu_put_ram_ptr
  configure: Always use 64bits target physical addresses with xen
enabled.
  vl.c: Introduce getter for shutdown_requested and reset_requested.
  xen: Set running state in xenstore.
  xen: Add Xen hypercall for sleep state in the cmos_s3 callback.

Arun Sharma (1):
  xen: Initialize event channels and io rings

John Baboval (2):
  xen: Adds a cap to the number of map cache entries.
  pci: Use of qemu_put_ram_ptr in pci_add_option_rom.

Jun Nakajima (1):
  xen: Introduce the Xen mapcache

 Makefile.target  |   14 +-
 configure|   71 ++-
 cpu-common.h |1 +
 exec.c   |   86 +++-
 hw/pc.c  |   17 +--
 hw/pc.h  |8 +-
 hw/pc_piix.c |   69 ++-
 hw/pci.c |2 +
 hw/piix_pci.c|   47 -
 hw/xen.h |   41 
 hw/xen_backend.c |  421 +++
 hw/xen_backend.h |6 +-
 hw/xen_common.h  |  106 --
 hw/xen_disk.c|  496 ++---
 hw/xen_domainbuild.c |3 +-
 hw/xen_machine_pv.c  |1 +
 hw/xen_nic.c |  265 --
 sysemu.h |2 +
 trace-events |   13 +
 vl.c |   12 +
 xen-all.c|  605 ++
 xen-mapcache-stub.c  |   44 
 xen-mapcache.c   |  375 +++
 xen-mapcache.h   |   37 +++
 xen-stub.c   |   41 
 25 files changed, 2187 insertions(+), 596 deletions(-)
 create mode 100644 xen-all.c
 create mode 100644 xen-mapcache-stub.c
 create mode 100644 xen-mapcache.c
 create mode 100644 xen-mapcache.h
 create mode 100644 xen-stub.c

-- 
1.7.2.5

[Qemu-devel] [PATCH V14 02/17] xen: Make Xen build once.

[anthony.perard]

From: Anthony PERARD 

xen_domainbuild and xen_machine_pv are built only for i386 targets.

Signed-off-by: Anthony PERARD 
---
 Makefile.target |2 +-
 1 files changed, 1 insertions(+), 1 deletions(-)

diff --git a/Makefile.target b/Makefile.target
index d5761b7..6ce6987 100644
--- a/Makefile.target
+++ b/Makefile.target
@@ -206,7 +206,7 @@ QEMU_CFLAGS += $(VNC_JPEG_CFLAGS)
 QEMU_CFLAGS += $(VNC_PNG_CFLAGS)
 
 # xen backend driver support
-obj-$(CONFIG_XEN) += xen_machine_pv.o xen_domainbuild.o
+obj-i386-$(CONFIG_XEN) += xen_machine_pv.o xen_domainbuild.o
 
 # Inter-VM PCI shared memory
 CONFIG_IVSHMEM =
-- 
1.7.2.5

[Qemu-devel] [PATCH V14 05/17] pc_memory_init: Move memory calculation to the caller.

[anthony.perard]

From: Anthony PERARD 

This patch moves above_4g_mem_size and below_4g_mem_size calculation in
the caller of pc_memory_init (pc_init1). And the prototype of
pc_memory_init is changed because there is no need anymore to have
variable pointer and the ram_size parameter.

Signed-off-by: Anthony PERARD 
---
 hw/pc.c  |   17 +++--
 hw/pc.h  |7 +++
 hw/pc_piix.c |   12 ++--
 3 files changed, 16 insertions(+), 20 deletions(-)

diff --git a/hw/pc.c b/hw/pc.c
index 6939c04..ebdf3b0 100644
--- a/hw/pc.c
+++ b/hw/pc.c
@@ -957,29 +957,18 @@ void pc_cpus_init(const char *cpu_model)
 }
 }
 
-void pc_memory_init(ram_addr_t ram_size,
-const char *kernel_filename,
+void pc_memory_init(const char *kernel_filename,
 const char *kernel_cmdline,
 const char *initrd_filename,
-ram_addr_t *below_4g_mem_size_p,
-ram_addr_t *above_4g_mem_size_p)
+ram_addr_t below_4g_mem_size,
+ram_addr_t above_4g_mem_size)
 {
 char *filename;
 int ret, linux_boot, i;
 ram_addr_t ram_addr, bios_offset, option_rom_offset;
-ram_addr_t below_4g_mem_size, above_4g_mem_size = 0;
 int bios_size, isa_bios_size;
 void *fw_cfg;
 
-if (ram_size >= 0xe000 ) {
-above_4g_mem_size = ram_size - 0xe000;
-below_4g_mem_size = 0xe000;
-} else {
-below_4g_mem_size = ram_size;
-}
-*above_4g_mem_size_p = above_4g_mem_size;
-*below_4g_mem_size_p = below_4g_mem_size;
-
 linux_boot = (kernel_filename != NULL);
 
 /* allocate RAM */
diff --git a/hw/pc.h b/hw/pc.h
index feb8a7a..b7ee7f8 100644
--- a/hw/pc.h
+++ b/hw/pc.h
@@ -129,12 +129,11 @@ void pc_cmos_set_s3_resume(void *opaque, int irq, int 
level);
 void pc_acpi_smi_interrupt(void *opaque, int irq, int level);
 
 void pc_cpus_init(const char *cpu_model);
-void pc_memory_init(ram_addr_t ram_size,
-const char *kernel_filename,
+void pc_memory_init(const char *kernel_filename,
 const char *kernel_cmdline,
 const char *initrd_filename,
-ram_addr_t *below_4g_mem_size_p,
-ram_addr_t *above_4g_mem_size_p);
+ram_addr_t below_4g_mem_size,
+ram_addr_t above_4g_mem_size);
 qemu_irq *pc_allocate_cpu_irq(void);
 void pc_vga_init(PCIBus *pci_bus);
 void pc_basic_device_init(qemu_irq *isa_irq,
diff --git a/hw/pc_piix.c b/hw/pc_piix.c
index a85214b..23a6bfb 100644
--- a/hw/pc_piix.c
+++ b/hw/pc_piix.c
@@ -92,9 +92,17 @@ static void pc_init1(ram_addr_t ram_size,
 kvmclock_create();
 }
 
+if (ram_size >= 0xe000 ) {
+above_4g_mem_size = ram_size - 0xe000;
+below_4g_mem_size = 0xe000;
+} else {
+above_4g_mem_size = 0;
+below_4g_mem_size = ram_size;
+}
+
 /* allocate ram and load rom/bios */
-pc_memory_init(ram_size, kernel_filename, kernel_cmdline, initrd_filename,
-   &below_4g_mem_size, &above_4g_mem_size);
+pc_memory_init(kernel_filename, kernel_cmdline, initrd_filename,
+   below_4g_mem_size, above_4g_mem_size);
 
 cpu_irq = pc_allocate_cpu_irq();
 i8259 = i8259_init(cpu_irq[0]);
-- 
1.7.2.5

[Qemu-devel] [PATCH V14 04/17] xen: Add initialisation of Xen

[anthony.perard]

From: Anthony PERARD 

The xenpv machine use the common init function.

Signed-off-by: Anthony PERARD 
Acked-by: Alexander Graf 
---
 Makefile.target |9 +
 hw/xen.h|   13 +
 hw/xen_backend.c|3 +--
 hw/xen_machine_pv.c |1 +
 vl.c|2 ++
 xen-all.c   |   23 +++
 xen-stub.c  |   15 +++
 7 files changed, 64 insertions(+), 2 deletions(-)
 create mode 100644 xen-all.c
 create mode 100644 xen-stub.c

diff --git a/Makefile.target b/Makefile.target
index 6ce6987..6b2a41c 100644
--- a/Makefile.target
+++ b/Makefile.target
@@ -208,6 +208,15 @@ QEMU_CFLAGS += $(VNC_PNG_CFLAGS)
 # xen backend driver support
 obj-i386-$(CONFIG_XEN) += xen_machine_pv.o xen_domainbuild.o
 
+ifeq ($(TARGET_BASE_ARCH), i386)
+  CONFIG_NO_XEN = $(if $(subst n,,$(CONFIG_XEN)),n,y)
+else
+  CONFIG_NO_XEN = y
+endif
+# xen support
+obj-i386-$(CONFIG_XEN) += xen-all.o
+obj-$(CONFIG_NO_XEN) += xen-stub.o
+
 # Inter-VM PCI shared memory
 CONFIG_IVSHMEM =
 ifeq ($(CONFIG_KVM), y)
diff --git a/hw/xen.h b/hw/xen.h
index 780dcf7..1fefe3a 100644
--- a/hw/xen.h
+++ b/hw/xen.h
@@ -18,4 +18,17 @@ enum xen_mode {
 extern uint32_t xen_domid;
 extern enum xen_mode xen_mode;
 
+extern int xen_allowed;
+
+static inline int xen_enabled(void)
+{
+#ifdef CONFIG_XEN
+return xen_allowed;
+#else
+return 0;
+#endif
+}
+
+int xen_init(void);
+
 #endif /* QEMU_HW_XEN_H */
diff --git a/hw/xen_backend.c b/hw/xen_backend.c
index 5f58a3f..d881fa2 100644
--- a/hw/xen_backend.c
+++ b/hw/xen_backend.c
@@ -665,9 +665,8 @@ int xen_be_init(void)
 goto err;
 }
 
-xen_xc = xen_xc_interface_open(0, 0, 0);
 if (xen_xc == XC_HANDLER_INITIAL_VALUE) {
-xen_be_printf(NULL, 0, "can't open xen interface\n");
+/* Check if xen_init() have been called */
 goto err;
 }
 return 0;
diff --git a/hw/xen_machine_pv.c b/hw/xen_machine_pv.c
index 77a34bf..f77be7e 100644
--- a/hw/xen_machine_pv.c
+++ b/hw/xen_machine_pv.c
@@ -114,6 +114,7 @@ static QEMUMachine xenpv_machine = {
 .desc = "Xen Para-virtualized PC",
 .init = xen_init_pv,
 .max_cpus = 1,
+.default_machine_opts = "accel=xen",
 };
 
 static void xenpv_machine_init(void)
diff --git a/vl.c b/vl.c
index d06c1f9..b67068e 100644
--- a/vl.c
+++ b/vl.c
@@ -259,6 +259,7 @@ static NotifierList machine_init_done_notifiers =
 
 static int tcg_allowed = 1;
 int kvm_allowed = 0;
+int xen_allowed = 0;
 uint32_t xen_domid;
 enum xen_mode xen_mode = XEN_EMULATE;
 
@@ -1890,6 +1891,7 @@ static struct {
 int *allowed;
 } accel_list[] = {
 { "tcg", "tcg", tcg_available, tcg_init, &tcg_allowed },
+{ "xen", "Xen", xen_available, xen_init, &xen_allowed },
 { "kvm", "KVM", kvm_available, kvm_init, &kvm_allowed },
 };
 
diff --git a/xen-all.c b/xen-all.c
new file mode 100644
index 000..e2872f9
--- /dev/null
+++ b/xen-all.c
@@ -0,0 +1,23 @@
+/*
+ * Copyright (C) 2010   Citrix Ltd.
+ *
+ * This work is licensed under the terms of the GNU GPL, version 2.  See
+ * the COPYING file in the top-level directory.
+ *
+ */
+
+#include "hw/xen_common.h"
+#include "hw/xen_backend.h"
+
+/* Initialise Xen */
+
+int xen_init(void)
+{
+xen_xc = xen_xc_interface_open(0, 0, 0);
+if (xen_xc == XC_HANDLER_INITIAL_VALUE) {
+xen_be_printf(NULL, 0, "can't open xen interface\n");
+return -1;
+}
+
+return 0;
+}
diff --git a/xen-stub.c b/xen-stub.c
new file mode 100644
index 000..beb982f
--- /dev/null
+++ b/xen-stub.c
@@ -0,0 +1,15 @@
+/*
+ * Copyright (C) 2010   Citrix Ltd.
+ *
+ * This work is licensed under the terms of the GNU GPL, version 2.  See
+ * the COPYING file in the top-level directory.
+ *
+ */
+
+#include "qemu-common.h"
+#include "hw/xen.h"
+
+int xen_init(void)
+{
+return -ENOSYS;
+}
-- 
1.7.2.5

[Qemu-devel] [PATCH V14 07/17] piix_pci: Introduces Xen specific call for irq.

[anthony.perard]

From: Anthony PERARD 

This patch introduces Xen specific call in piix_pci.

The specific part for Xen is in write_config, set_irq and get_pirq.

Signed-off-by: Anthony PERARD 
Signed-off-by: Stefano Stabellini 
Acked-by: Alexander Graf 
---
 hw/pc.h   |1 +
 hw/pc_piix.c  |6 +-
 hw/piix_pci.c |   47 ---
 hw/xen.h  |6 ++
 xen-all.c |   31 +++
 xen-stub.c|   13 +
 6 files changed, 100 insertions(+), 4 deletions(-)

diff --git a/hw/pc.h b/hw/pc.h
index b7ee7f8..cc7ba58 100644
--- a/hw/pc.h
+++ b/hw/pc.h
@@ -175,6 +175,7 @@ struct PCII440FXState;
 typedef struct PCII440FXState PCII440FXState;
 
 PCIBus *i440fx_init(PCII440FXState **pi440fx_state, int *piix_devfn, qemu_irq 
*pic, ram_addr_t ram_size);
+PCIBus *i440fx_xen_init(PCII440FXState **pi440fx_state, int *piix3_devfn, 
qemu_irq *pic, ram_addr_t ram_size);
 void i440fx_init_memory_mappings(PCII440FXState *d);
 
 /* piix4.c */
diff --git a/hw/pc_piix.c b/hw/pc_piix.c
index aba3d58..b57ff01 100644
--- a/hw/pc_piix.c
+++ b/hw/pc_piix.c
@@ -120,7 +120,11 @@ static void pc_init1(ram_addr_t ram_size,
 isa_irq = qemu_allocate_irqs(isa_irq_handler, isa_irq_state, 24);
 
 if (pci_enabled) {
-pci_bus = i440fx_init(&i440fx_state, &piix3_devfn, isa_irq, ram_size);
+if (!xen_enabled()) {
+pci_bus = i440fx_init(&i440fx_state, &piix3_devfn, isa_irq, 
ram_size);
+} else {
+pci_bus = i440fx_xen_init(&i440fx_state, &piix3_devfn, isa_irq, 
ram_size);
+}
 } else {
 pci_bus = NULL;
 i440fx_state = NULL;
diff --git a/hw/piix_pci.c b/hw/piix_pci.c
index 358da58..c11a7f6 100644
--- a/hw/piix_pci.c
+++ b/hw/piix_pci.c
@@ -29,6 +29,7 @@
 #include "isa.h"
 #include "sysbus.h"
 #include "range.h"
+#include "xen.h"
 
 /*
  * I440FX chipset data sheet.
@@ -151,6 +152,13 @@ static void i440fx_write_config(PCIDevice *dev,
 }
 }
 
+static void i440fx_write_config_xen(PCIDevice *dev,
+uint32_t address, uint32_t val, int len)
+{
+xen_piix_pci_write_config_client(address, val, len);
+i440fx_write_config(dev, address, val, len);
+}
+
 static int i440fx_load_old(QEMUFile* f, void *opaque, int version_id)
 {
 PCII440FXState *d = opaque;
@@ -216,7 +224,10 @@ static int i440fx_initfn(PCIDevice *dev)
 return 0;
 }
 
-PCIBus *i440fx_init(PCII440FXState **pi440fx_state, int *piix3_devfn, qemu_irq 
*pic, ram_addr_t ram_size)
+static PCIBus *i440fx_common_init(const char *device_name,
+  PCII440FXState **pi440fx_state,
+  int *piix3_devfn,
+  qemu_irq *pic, ram_addr_t ram_size)
 {
 DeviceState *dev;
 PCIBus *b;
@@ -230,13 +241,13 @@ PCIBus *i440fx_init(PCII440FXState **pi440fx_state, int 
*piix3_devfn, qemu_irq *
 s->bus = b;
 qdev_init_nofail(dev);
 
-d = pci_create_simple(b, 0, "i440FX");
+d = pci_create_simple(b, 0, device_name);
 *pi440fx_state = DO_UPCAST(PCII440FXState, dev, d);
 
 piix3 = DO_UPCAST(PIIX3State, dev,
   pci_create_simple_multifunction(b, -1, true, "PIIX3"));
 piix3->pic = pic;
-pci_bus_irqs(b, piix3_set_irq, pci_slot_get_pirq, piix3, 4);
+
 (*pi440fx_state)->piix3 = piix3;
 
 *piix3_devfn = piix3->dev.devfn;
@@ -249,6 +260,28 @@ PCIBus *i440fx_init(PCII440FXState **pi440fx_state, int 
*piix3_devfn, qemu_irq *
 return b;
 }
 
+PCIBus *i440fx_init(PCII440FXState **pi440fx_state, int *piix3_devfn,
+qemu_irq *pic, ram_addr_t ram_size)
+{
+PCIBus *b;
+
+b = i440fx_common_init("i440FX", pi440fx_state, piix3_devfn, pic, 
ram_size);
+pci_bus_irqs(b, piix3_set_irq, pci_slot_get_pirq, (*pi440fx_state)->piix3, 
4);
+
+return b;
+}
+
+PCIBus *i440fx_xen_init(PCII440FXState **pi440fx_state, int *piix3_devfn,
+qemu_irq *pic, ram_addr_t ram_size)
+{
+PCIBus *b;
+
+b = i440fx_common_init("i440FX-xen", pi440fx_state, piix3_devfn, pic, 
ram_size);
+pci_bus_irqs(b, xen_piix3_set_irq, xen_pci_slot_get_pirq, 
(*pi440fx_state)->piix3, 4);
+
+return b;
+}
+
 /* PIIX3 PCI to ISA bridge */
 
 static void piix3_set_irq(void *opaque, int irq_num, int level)
@@ -352,6 +385,14 @@ static PCIDeviceInfo i440fx_info[] = {
 .init = i440fx_initfn,
 .config_write = i440fx_write_config,
 },{
+.qdev.name= "i440FX-xen",
+.qdev.desc= "Host bridge",
+.qdev.size= sizeof(PCII440FXState),
+.qdev.vmsd= &vmstate_i440fx,
+.qdev.no_user = 1,
+.init = i440fx_initfn,
+.config_write = i440fx_write_config_xen,
+},{
 .qdev.name= "PIIX3",
 .qdev.desc= "ISA bridge",
 .qdev.size= sizeof(PIIX3State),
diff --git a/hw/xen.h b/hw/xen.h
index bb4dcb5..a4096ca 100644
--- a/hw/xen.h
+++ b/hw/xen.h
@@ 

[Qemu-devel] [PATCH V14 06/17] xen: Add xenfv machine

[anthony.perard]

From: Anthony PERARD 

Introduce the Xen FV (Fully Virtualized) machine to Qemu, some more Xen
specific call will be added in further patches.

Signed-off-by: Anthony PERARD 
---
 hw/pc_piix.c |   41 +++--
 hw/xen.h |6 ++
 xen-all.c|   24 
 3 files changed, 69 insertions(+), 2 deletions(-)

diff --git a/hw/pc_piix.c b/hw/pc_piix.c
index 23a6bfb..aba3d58 100644
--- a/hw/pc_piix.c
+++ b/hw/pc_piix.c
@@ -38,6 +38,10 @@
 #include "arch_init.h"
 #include "blockdev.h"
 #include "smbus.h"
+#include "xen.h"
+#ifdef CONFIG_XEN
+#  include 
+#endif
 
 #define MAX_IDE_BUS 2
 
@@ -101,8 +105,10 @@ static void pc_init1(ram_addr_t ram_size,
 }
 
 /* allocate ram and load rom/bios */
-pc_memory_init(kernel_filename, kernel_cmdline, initrd_filename,
-   below_4g_mem_size, above_4g_mem_size);
+if (!xen_enabled()) {
+pc_memory_init(kernel_filename, kernel_cmdline, initrd_filename,
+   below_4g_mem_size, above_4g_mem_size);
+}
 
 cpu_irq = pc_allocate_cpu_irq();
 i8259 = i8259_init(cpu_irq[0]);
@@ -221,6 +227,24 @@ static void pc_init_isa(ram_addr_t ram_size,
  initrd_filename, cpu_model, 0, 1);
 }
 
+#ifdef CONFIG_XEN
+static void pc_xen_hvm_init(ram_addr_t ram_size,
+const char *boot_device,
+const char *kernel_filename,
+const char *kernel_cmdline,
+const char *initrd_filename,
+const char *cpu_model)
+{
+if (xen_hvm_init() != 0) {
+hw_error("xen hardware virtual machine initialisation failed");
+}
+pc_init_pci_no_kvmclock(ram_size, boot_device,
+kernel_filename, kernel_cmdline,
+initrd_filename, cpu_model);
+xen_vcpu_init();
+}
+#endif
+
 static QEMUMachine pc_machine = {
 .name = "pc-0.14",
 .alias = "pc",
@@ -385,6 +409,16 @@ static QEMUMachine isapc_machine = {
 .max_cpus = 1,
 };
 
+#ifdef CONFIG_XEN
+static QEMUMachine xenfv_machine = {
+.name = "xenfv",
+.desc = "Xen Fully-virtualized PC",
+.init = pc_xen_hvm_init,
+.max_cpus = HVM_MAX_VCPUS,
+.default_machine_opts = "accel=xen",
+};
+#endif
+
 static void pc_machine_init(void)
 {
 qemu_register_machine(&pc_machine);
@@ -393,6 +427,9 @@ static void pc_machine_init(void)
 qemu_register_machine(&pc_machine_v0_11);
 qemu_register_machine(&pc_machine_v0_10);
 qemu_register_machine(&isapc_machine);
+#ifdef CONFIG_XEN
+qemu_register_machine(&xenfv_machine);
+#endif
 }
 
 machine_init(pc_machine_init);
diff --git a/hw/xen.h b/hw/xen.h
index 1fefe3a..bb4dcb5 100644
--- a/hw/xen.h
+++ b/hw/xen.h
@@ -30,5 +30,11 @@ static inline int xen_enabled(void)
 }
 
 int xen_init(void);
+int xen_hvm_init(void);
+void xen_vcpu_init(void);
+
+#if defined(CONFIG_XEN) && CONFIG_XEN_CTRL_INTERFACE_VERSION < 400
+#  define HVM_MAX_VCPUS 32
+#endif
 
 #endif /* QEMU_HW_XEN_H */
diff --git a/xen-all.c b/xen-all.c
index e2872f9..0b984b2 100644
--- a/xen-all.c
+++ b/xen-all.c
@@ -9,6 +9,25 @@
 #include "hw/xen_common.h"
 #include "hw/xen_backend.h"
 
+/* VCPU Operations, MMIO, IO ring ... */
+
+static void xen_reset_vcpu(void *opaque)
+{
+CPUState *env = opaque;
+
+env->halted = 1;
+}
+
+void xen_vcpu_init(void)
+{
+CPUState *first_cpu;
+
+if ((first_cpu = qemu_get_cpu(0))) {
+qemu_register_reset(xen_reset_vcpu, first_cpu);
+xen_reset_vcpu(first_cpu);
+}
+}
+
 /* Initialise Xen */
 
 int xen_init(void)
@@ -21,3 +40,8 @@ int xen_init(void)
 
 return 0;
 }
+
+int xen_hvm_init(void)
+{
+return 0;
+}
-- 
1.7.2.5

[Qemu-devel] [PATCH V14 12/17] configure: Always use 64bits target physical addresses with xen enabled.

[anthony.perard]

From: Anthony PERARD 

With MapCache, we can handle a 64b target, even with a 32b host/qemu.
So, we need to have target_phys_addr_t to 64bits.

Signed-off-by: Anthony PERARD 
Acked-by: Alexander Graf 
---
 configure |1 +
 1 files changed, 1 insertions(+), 0 deletions(-)

diff --git a/configure b/configure
index 340a810..ef8c488 100755
--- a/configure
+++ b/configure
@@ -3282,6 +3282,7 @@ echo "TARGET_ABI_DIR=$TARGET_ABI_DIR" >> 
$config_target_mak
 case "$target_arch2" in
   i386|x86_64)
 if test "$xen" = "yes" -a "$target_softmmu" = "yes" ; then
+  target_phys_bits=64
   echo "CONFIG_XEN=y" >> $config_target_mak
   if test "$cpu" = "i386" -o "$cpu" = "x86_64"; then
   echo "CONFIG_XEN_MAPCACHE=y" >> $config_target_mak
-- 
1.7.2.5

[Qemu-devel] [PATCH V14 14/17] vl.c: Introduce getter for shutdown_requested and reset_requested.

[anthony.perard]

From: Anthony PERARD 

Introduce two functions qemu_shutdown_requested_get and
qemu_reset_requested_get to get the value of shutdown/reset_requested
without reset it.

Signed-off-by: Anthony PERARD 
Signed-off-by: Stefano Stabellini 
Acked-by: Alexander Graf 
---
 sysemu.h |2 ++
 vl.c |   10 ++
 2 files changed, 12 insertions(+), 0 deletions(-)

diff --git a/sysemu.h b/sysemu.h
index bbbd0fd..3d4be78 100644
--- a/sysemu.h
+++ b/sysemu.h
@@ -63,6 +63,8 @@ void qemu_system_shutdown_request(void);
 void qemu_system_powerdown_request(void);
 void qemu_system_debug_request(void);
 void qemu_system_vmstop_request(int reason);
+int qemu_shutdown_requested_get(void);
+int qemu_reset_requested_get(void);
 int qemu_shutdown_requested(void);
 int qemu_reset_requested(void);
 int qemu_powerdown_requested(void);
diff --git a/vl.c b/vl.c
index b67068e..d02a09e 100644
--- a/vl.c
+++ b/vl.c
@@ -1161,6 +1161,16 @@ static int powerdown_requested;
 static int debug_requested;
 static int vmstop_requested;
 
+int qemu_shutdown_requested_get(void)
+{
+return shutdown_requested;
+}
+
+int qemu_reset_requested_get(void)
+{
+return reset_requested;
+}
+
 int qemu_shutdown_requested(void)
 {
 int r = shutdown_requested;
-- 
1.7.2.5

[Qemu-devel] [PATCH V14 03/17] xen: Support new libxc calls from xen unstable.

[anthony.perard]

From: Anthony PERARD 

This patch updates the libxenctrl calls in Qemu to use the new interface,
otherwise Qemu wouldn't be able to build against new versions of the
library.

We check libxenctrl version in configure, from Xen 3.3.0 to Xen
unstable.

Signed-off-by: Anthony PERARD 
Signed-off-by: Stefano Stabellini 
Acked-by: Alexander Graf 
---
 configure|   67 ++-
 hw/xen_backend.c |   21 ++-
 hw/xen_backend.h |6 ++--
 hw/xen_common.h  |   95 ++---
 hw/xen_disk.c|4 +-
 hw/xen_domainbuild.c |3 +-
 6 files changed, 164 insertions(+), 32 deletions(-)

diff --git a/configure b/configure
index da2da04..98b79e2 100755
--- a/configure
+++ b/configure
@@ -127,6 +127,7 @@ vnc_jpeg=""
 vnc_png=""
 vnc_thread="no"
 xen=""
+xen_ctrl_version=""
 linux_aio=""
 attr=""
 vhost_net=""
@@ -1180,20 +1181,81 @@ fi
 
 if test "$xen" != "no" ; then
   xen_libs="-lxenstore -lxenctrl -lxenguest"
+
+  # Xen unstable
   cat > $TMPC <
 #include 
-int main(void) { xs_daemon_open(); xc_interface_open(); return 0; }
+#include 
+#include 
+#if !defined(HVM_MAX_VCPUS)
+# error HVM_MAX_VCPUS not defined
+#endif
+int main(void) {
+  xc_interface *xc;
+  xs_daemon_open();
+  xc = xc_interface_open(0, 0, 0);
+  xc_hvm_set_mem_type(0, 0, HVMMEM_ram_ro, 0, 0);
+  xc_gnttab_open(NULL, 0);
+  return 0;
+}
 EOF
   if compile_prog "" "$xen_libs" ; then
+xen_ctrl_version=410
 xen=yes
-libs_softmmu="$xen_libs $libs_softmmu"
+
+  # Xen 4.0.0
+  elif (
+  cat > $TMPC <
+#include 
+#include 
+#include 
+#if !defined(HVM_MAX_VCPUS)
+# error HVM_MAX_VCPUS not defined
+#endif
+int main(void) {
+  xs_daemon_open();
+  xc_interface_open();
+  xc_gnttab_open();
+  xc_hvm_set_mem_type(0, 0, HVMMEM_ram_ro, 0, 0);
+  return 0;
+}
+EOF
+  compile_prog "" "$xen_libs"
+) ; then
+xen_ctrl_version=400
+xen=yes
+
+  # Xen 3.3.0, 3.4.0
+  elif (
+  cat > $TMPC <
+#include 
+int main(void) {
+  xs_daemon_open();
+  xc_interface_open();
+  xc_gnttab_open();
+  xc_hvm_set_mem_type(0, 0, HVMMEM_ram_ro, 0, 0);
+  return 0;
+}
+EOF
+  compile_prog "" "$xen_libs"
+) ; then
+xen_ctrl_version=330
+xen=yes
+
+  # Xen not found or unsupported
   else
 if test "$xen" = "yes" ; then
   feature_not_found "xen"
 fi
 xen=no
   fi
+
+  if test "$xen" = yes; then
+libs_softmmu="$xen_libs $libs_softmmu"
+  fi
 fi
 
 ##
@@ -2847,6 +2909,7 @@ if test "$bluez" = "yes" ; then
 fi
 if test "$xen" = "yes" ; then
   echo "CONFIG_XEN=y" >> $config_host_mak
+  echo "CONFIG_XEN_CTRL_INTERFACE_VERSION=$xen_ctrl_version" >> 
$config_host_mak
 fi
 if test "$io_thread" = "yes" ; then
   echo "CONFIG_IOTHREAD=y" >> $config_host_mak
diff --git a/hw/xen_backend.c b/hw/xen_backend.c
index 9f4ec4b..5f58a3f 100644
--- a/hw/xen_backend.c
+++ b/hw/xen_backend.c
@@ -43,7 +43,8 @@
 /* - */
 
 /* public */
-int xen_xc;
+XenXC xen_xc = XC_HANDLER_INITIAL_VALUE;
+XenGnttab xen_xcg = XC_HANDLER_INITIAL_VALUE;
 struct xs_handle *xenstore = NULL;
 const char *xen_protocol;
 
@@ -214,8 +215,8 @@ static struct XenDevice *xen_be_get_xendev(const char 
*type, int dom, int dev,
 xendev->debug  = debug;
 xendev->local_port = -1;
 
-xendev->evtchndev = xc_evtchn_open();
-if (xendev->evtchndev < 0) {
+xendev->evtchndev = xen_xc_evtchn_open(NULL, 0);
+if (xendev->evtchndev == XC_HANDLER_INITIAL_VALUE) {
 xen_be_printf(NULL, 0, "can't open evtchn device\n");
 qemu_free(xendev);
 return NULL;
@@ -223,15 +224,15 @@ static struct XenDevice *xen_be_get_xendev(const char 
*type, int dom, int dev,
 fcntl(xc_evtchn_fd(xendev->evtchndev), F_SETFD, FD_CLOEXEC);
 
 if (ops->flags & DEVOPS_FLAG_NEED_GNTDEV) {
-xendev->gnttabdev = xc_gnttab_open();
-if (xendev->gnttabdev < 0) {
+xendev->gnttabdev = xen_xc_gnttab_open(NULL, 0);
+if (xendev->gnttabdev == XC_HANDLER_INITIAL_VALUE) {
 xen_be_printf(NULL, 0, "can't open gnttab device\n");
 xc_evtchn_close(xendev->evtchndev);
 qemu_free(xendev);
 return NULL;
 }
 } else {
-xendev->gnttabdev = -1;
+xendev->gnttabdev = XC_HANDLER_INITIAL_VALUE;
 }
 
 QTAILQ_INSERT_TAIL(&xendevs, xendev, next);
@@ -277,10 +278,10 @@ static struct XenDevice *xen_be_del_xendev(int dom, int 
dev)
 qemu_free(xendev->fe);
 }
 
-if (xendev->evtchndev >= 0) {
+if (xendev->evtchndev != XC_HANDLER_INITIAL_VALUE) {
 xc_evtchn_close(xendev->evtchndev);
 }
-if (xendev->gnttabdev >= 0) {
+if (xendev->gnttabdev != XC_HANDLER_INITIAL_VALUE) {
 xc_gnttab_close(xendev->gnttabdev);
 }
 
@@ -664,8 +665,8 @@ int xen_be_init(void)
 goto err;
 }
 
-xen_xc = xc_

[Qemu-devel] [PATCH V14 08/17] xen: Introduce Xen Interrupt Controller

[anthony.perard]

From: Anthony PERARD 

Every set_irq call makes a Xen hypercall.

Signed-off-by: Anthony PERARD 
Signed-off-by: Stefano Stabellini 
---
 hw/pc_piix.c |8 ++--
 hw/xen.h |2 ++
 xen-all.c|   12 
 xen-stub.c   |5 +
 4 files changed, 25 insertions(+), 2 deletions(-)

diff --git a/hw/pc_piix.c b/hw/pc_piix.c
index b57ff01..72864fc 100644
--- a/hw/pc_piix.c
+++ b/hw/pc_piix.c
@@ -110,8 +110,12 @@ static void pc_init1(ram_addr_t ram_size,
below_4g_mem_size, above_4g_mem_size);
 }
 
-cpu_irq = pc_allocate_cpu_irq();
-i8259 = i8259_init(cpu_irq[0]);
+if (!xen_enabled()) {
+cpu_irq = pc_allocate_cpu_irq();
+i8259 = i8259_init(cpu_irq[0]);
+} else {
+i8259 = xen_interrupt_controller_init();
+}
 isa_irq_state = qemu_mallocz(sizeof(*isa_irq_state));
 isa_irq_state->i8259 = i8259;
 if (pci_enabled) {
diff --git a/hw/xen.h b/hw/xen.h
index a4096ca..9f00c0b 100644
--- a/hw/xen.h
+++ b/hw/xen.h
@@ -35,6 +35,8 @@ int xen_pci_slot_get_pirq(PCIDevice *pci_dev, int irq_num);
 void xen_piix3_set_irq(void *opaque, int irq_num, int level);
 void xen_piix_pci_write_config_client(uint32_t address, uint32_t val, int len);
 
+qemu_irq *xen_interrupt_controller_init(void);
+
 int xen_init(void);
 int xen_hvm_init(void);
 void xen_vcpu_init(void);
diff --git a/xen-all.c b/xen-all.c
index acb051c..bb809ef 100644
--- a/xen-all.c
+++ b/xen-all.c
@@ -40,6 +40,18 @@ void xen_piix_pci_write_config_client(uint32_t address, 
uint32_t val, int len)
 }
 }
 
+/* Xen Interrupt Controller */
+
+static void xen_set_irq(void *opaque, int irq, int level)
+{
+xc_hvm_set_isa_irq_level(xen_xc, xen_domid, irq, level);
+}
+
+qemu_irq *xen_interrupt_controller_init(void)
+{
+return qemu_allocate_irqs(xen_set_irq, NULL, 16);
+}
+
 /* VCPU Operations, MMIO, IO ring ... */
 
 static void xen_reset_vcpu(void *opaque)
diff --git a/xen-stub.c b/xen-stub.c
index dc90f10..3a8449c 100644
--- a/xen-stub.c
+++ b/xen-stub.c
@@ -22,6 +22,11 @@ void xen_piix_pci_write_config_client(uint32_t address, 
uint32_t val, int len)
 {
 }
 
+qemu_irq *xen_interrupt_controller_init(void)
+{
+return NULL;
+}
+
 int xen_init(void)
 {
 return -ENOSYS;
-- 
1.7.2.5

[Qemu-devel] [PATCH V14 16/17] xen: Set running state in xenstore.

[anthony.perard]

From: Anthony PERARD 

This tells to the xen management tool that the machine can begin run.

Signed-off-by: Anthony PERARD 
Acked-by: Alexander Graf 
---
 xen-all.c |   23 +++
 1 files changed, 23 insertions(+), 0 deletions(-)

diff --git a/xen-all.c b/xen-all.c
index e849a38..19c2fe1 100644
--- a/xen-all.c
+++ b/xen-all.c
@@ -64,6 +64,8 @@ typedef struct XenIOState {
 /* which vcpu we are serving */
 int send_vcpu;
 
+struct xs_handle *xenstore;
+
 Notifier exit;
 } XenIOState;
 
@@ -450,6 +452,17 @@ static void cpu_handle_ioreq(void *opaque)
 }
 }
 
+static void xenstore_record_dm_state(XenIOState *s, const char *state)
+{
+char path[50];
+
+snprintf(path, sizeof (path), "/local/domain/0/device-model/%u/state", 
xen_domid);
+if (!xs_write(s->xenstore, XBT_NULL, path, state, strlen(state))) {
+fprintf(stderr, "error recording dm state\n");
+exit(1);
+}
+}
+
 static void xen_main_loop_prepare(XenIOState *state)
 {
 int evtchn_fd = -1;
@@ -465,6 +478,9 @@ static void xen_main_loop_prepare(XenIOState *state)
 if (evtchn_fd != -1) {
 qemu_set_fd_handler(evtchn_fd, cpu_handle_ioreq, NULL, state);
 }
+
+/* record state running */
+xenstore_record_dm_state(state, "running");
 }
 
 
@@ -483,6 +499,7 @@ static void xen_exit_notifier(Notifier *n)
 XenIOState *state = container_of(n, XenIOState, exit);
 
 xc_evtchn_close(state->xce_handle);
+xs_daemon_close(state->xenstore);
 }
 
 int xen_init(void)
@@ -510,6 +527,12 @@ int xen_hvm_init(void)
 return -errno;
 }
 
+state->xenstore = xs_daemon_open();
+if (state->xenstore == NULL) {
+perror("xen: xenstore open");
+return -errno;
+}
+
 state->exit.notify = xen_exit_notifier;
 qemu_add_exit_notifier(&state->exit);
 
-- 
1.7.2.5

[Qemu-devel] [PATCH V14 11/17] Introduce qemu_put_ram_ptr

[anthony.perard]

From: Anthony PERARD 

This function allows to unlock a ram_ptr give by qemu_get_ram_ptr. After
a call to qemu_put_ram_ptr, the pointer may be unmap from QEMU when
used with Xen.

Signed-off-by: Anthony PERARD 
Acked-by: Alexander Graf 
---
 cpu-common.h   |1 +
 exec.c |   38 +++---
 trace-events   |3 +++
 xen-mapcache.c |   33 +
 4 files changed, 72 insertions(+), 3 deletions(-)

diff --git a/cpu-common.h b/cpu-common.h
index 96c02ae..1d4fdbf 100644
--- a/cpu-common.h
+++ b/cpu-common.h
@@ -56,6 +56,7 @@ void *qemu_get_ram_ptr(ram_addr_t addr);
 /* Same but slower, to use for migration, where the order of
  * RAMBlocks must not change. */
 void *qemu_safe_ram_ptr(ram_addr_t addr);
+void qemu_put_ram_ptr(void *addr);
 /* This should not be used by devices.  */
 int qemu_ram_addr_from_host(void *ptr, ram_addr_t *ram_addr);
 ram_addr_t qemu_ram_addr_from_host_nofail(void *ptr);
diff --git a/exec.c b/exec.c
index 3f895eb..85553f4 100644
--- a/exec.c
+++ b/exec.c
@@ -3093,6 +3093,27 @@ void *qemu_safe_ram_ptr(ram_addr_t addr)
 return NULL;
 }
 
+void qemu_put_ram_ptr(void *addr)
+{
+trace_qemu_put_ram_ptr(addr);
+
+if (xen_mapcache_enabled()) {
+RAMBlock *block;
+
+QLIST_FOREACH(block, &ram_list.blocks, next) {
+if (addr == block->host) {
+break;
+}
+}
+if (block && block->host) {
+xen_unmap_block(block->host, block->length);
+block->host = NULL;
+} else {
+qemu_map_cache_unlock(addr);
+}
+}
+}
+
 int qemu_ram_addr_from_host(void *ptr, ram_addr_t *ram_addr)
 {
 RAMBlock *block;
@@ -3808,6 +3829,7 @@ void cpu_physical_memory_rw(target_phys_addr_t addr, 
uint8_t *buf,
 cpu_physical_memory_set_dirty_flags(
 addr1, (0xff & ~CODE_DIRTY_FLAG));
 }
+qemu_put_ram_ptr(ptr);
 }
 } else {
 if ((pd & ~TARGET_PAGE_MASK) > IO_MEM_ROM &&
@@ -3835,9 +3857,9 @@ void cpu_physical_memory_rw(target_phys_addr_t addr, 
uint8_t *buf,
 }
 } else {
 /* RAM case */
-ptr = qemu_get_ram_ptr(pd & TARGET_PAGE_MASK) +
-(addr & ~TARGET_PAGE_MASK);
-memcpy(buf, ptr, l);
+ptr = qemu_get_ram_ptr(pd & TARGET_PAGE_MASK);
+memcpy(buf, ptr + (addr & ~TARGET_PAGE_MASK), l);
+qemu_put_ram_ptr(ptr);
 }
 }
 len -= l;
@@ -3878,6 +3900,7 @@ void cpu_physical_memory_write_rom(target_phys_addr_t 
addr,
 /* ROM/RAM case */
 ptr = qemu_get_ram_ptr(addr1);
 memcpy(ptr, buf, l);
+qemu_put_ram_ptr(ptr);
 }
 len -= l;
 buf += l;
@@ -4019,6 +4042,15 @@ void cpu_physical_memory_unmap(void *buffer, 
target_phys_addr_t len,
 access_len -= l;
 }
 }
+if (xen_mapcache_enabled()) {
+uint8_t *buffer1 = buffer;
+uint8_t *end_buffer = buffer + len;
+
+while (buffer1 < end_buffer) {
+qemu_put_ram_ptr(buffer1);
+buffer1 += TARGET_PAGE_SIZE;
+}
+}
 return;
 }
 if (is_write) {
diff --git a/trace-events b/trace-events
index 27e5134..454ba89 100644
--- a/trace-events
+++ b/trace-events
@@ -370,3 +370,6 @@ disable qemu_remap_bucket(uint64_t index) "index %#"PRIx64""
 disable qemu_map_cache_return(void* ptr) "%p"
 disable xen_map_block(uint64_t phys_addr, uint64_t size) "%#"PRIx64", size 
%#"PRIx64""
 disable xen_unmap_block(void* addr, unsigned long size) "%p, size %#lx"
+
+# exec.c
+disable qemu_put_ram_ptr(void* addr) "%p"
diff --git a/xen-mapcache.c b/xen-mapcache.c
index 2ca18ce..349cc62 100644
--- a/xen-mapcache.c
+++ b/xen-mapcache.c
@@ -196,6 +196,39 @@ uint8_t *qemu_map_cache(target_phys_addr_t phys_addr, 
target_phys_addr_t size, u
 return mapcache->last_address_vaddr + address_offset;
 }
 
+void qemu_map_cache_unlock(void *buffer)
+{
+MapCacheEntry *entry = NULL, *pentry = NULL;
+MapCacheRev *reventry;
+target_phys_addr_t paddr_index;
+int found = 0;
+
+QTAILQ_FOREACH(reventry, &mapcache->locked_entries, next) {
+if (reventry->vaddr_req == buffer) {
+paddr_index = reventry->paddr_index;
+found = 1;
+break;
+}
+}
+if (!found) {
+return;
+}
+QTAILQ_REMOVE(&mapcache->locked_entries, reventry, next);
+qemu_free(reventry);
+
+entry = &mapcache->entry[paddr_index % mapcache->nr_buckets];
+while (entry && entry->paddr_index != paddr_index) {
+pentry = entry;
+entry = entry->next;
+}
+if (!entry) {
+return;
+}
+if (entry->lock > 0) {
+entry->lock--;
+}
+}
+
 ram_addr_t qemu_ram_addr_from_mapcache(void *ptr)

[Qemu-devel] [PATCH V14 15/17] xen: Initialize event channels and io rings

[anthony.perard]

From: Arun Sharma 

Open and bind event channels; map ioreq and buffered ioreq rings.

Signed-off-by: Arun Sharma 
Signed-off-by: Anthony PERARD 
Signed-off-by: Stefano Stabellini 
Acked-by: Alexander Graf 
---
 hw/xen_common.h |2 +
 xen-all.c   |  417 +++
 2 files changed, 419 insertions(+), 0 deletions(-)

diff --git a/hw/xen_common.h b/hw/xen_common.h
index dd3e896..a1958a0 100644
--- a/hw/xen_common.h
+++ b/hw/xen_common.h
@@ -107,4 +107,6 @@ static inline int xc_fd(xc_interface *xen_xc)
 }
 #endif
 
+void destroy_hvm_domain(void);
+
 #endif /* QEMU_HW_XEN_COMMON_H */
diff --git a/xen-all.c b/xen-all.c
index cb01ab9..e849a38 100644
--- a/xen-all.c
+++ b/xen-all.c
@@ -6,6 +6,8 @@
  *
  */
 
+#include 
+
 #include "hw/pci.h"
 #include "hw/xen_common.h"
 #include "hw/xen_backend.h"
@@ -13,6 +15,58 @@
 #include "xen-mapcache.h"
 #include "trace.h"
 
+#include 
+#include 
+
+//#define DEBUG_XEN
+
+#ifdef DEBUG_XEN
+#define DPRINTF(fmt, ...) \
+do { fprintf(stderr, "xen: " fmt, ## __VA_ARGS__); } while (0)
+#else
+#define DPRINTF(fmt, ...) \
+do { } while (0)
+#endif
+
+/* Compatibility with older version */
+#if __XEN_LATEST_INTERFACE_VERSION__ < 0x0003020a
+static inline uint32_t xen_vcpu_eport(shared_iopage_t *shared_page, int i)
+{
+return shared_page->vcpu_iodata[i].vp_eport;
+}
+static inline ioreq_t *xen_vcpu_ioreq(shared_iopage_t *shared_page, int vcpu)
+{
+return &shared_page->vcpu_iodata[vcpu].vp_ioreq;
+}
+#  define FMT_ioreq_size PRIx64
+#else
+static inline uint32_t xen_vcpu_eport(shared_iopage_t *shared_page, int i)
+{
+return shared_page->vcpu_ioreq[i].vp_eport;
+}
+static inline ioreq_t *xen_vcpu_ioreq(shared_iopage_t *shared_page, int vcpu)
+{
+return &shared_page->vcpu_ioreq[vcpu];
+}
+#  define FMT_ioreq_size "u"
+#endif
+
+#define BUFFER_IO_MAX_DELAY  100
+
+typedef struct XenIOState {
+shared_iopage_t *shared_page;
+buffered_iopage_t *buffered_io_page;
+QEMUTimer *buffered_io_timer;
+/* the evtchn port for polling the notification, */
+evtchn_port_t *ioreq_local_port;
+/* the evtchn fd for polling */
+XenEvtchn xce_handle;
+/* which vcpu we are serving */
+int send_vcpu;
+
+Notifier exit;
+} XenIOState;
+
 /* Xen specific function for piix pci */
 
 int xen_pci_slot_get_pirq(PCIDevice *pci_dev, int irq_num)
@@ -133,8 +187,304 @@ void xen_vcpu_init(void)
 }
 }
 
+/* get the ioreq packets from share mem */
+static ioreq_t *cpu_get_ioreq_from_shared_memory(XenIOState *state, int vcpu)
+{
+ioreq_t *req = xen_vcpu_ioreq(state->shared_page, vcpu);
+
+if (req->state != STATE_IOREQ_READY) {
+DPRINTF("I/O request not ready: "
+"%x, ptr: %x, port: %"PRIx64", "
+"data: %"PRIx64", count: %" FMT_ioreq_size ", size: %" 
FMT_ioreq_size "\n",
+req->state, req->data_is_ptr, req->addr,
+req->data, req->count, req->size);
+return NULL;
+}
+
+xen_rmb(); /* see IOREQ_READY /then/ read contents of ioreq */
+
+req->state = STATE_IOREQ_INPROCESS;
+return req;
+}
+
+/* use poll to get the port notification */
+/* ioreq_vec--out,the */
+/* retval--the number of ioreq packet */
+static ioreq_t *cpu_get_ioreq(XenIOState *state)
+{
+int i;
+evtchn_port_t port;
+
+port = xc_evtchn_pending(state->xce_handle);
+if (port != -1) {
+for (i = 0; i < smp_cpus; i++) {
+if (state->ioreq_local_port[i] == port) {
+break;
+}
+}
+
+if (i == smp_cpus) {
+hw_error("Fatal error while trying to get io event!\n");
+}
+
+/* unmask the wanted port again */
+xc_evtchn_unmask(state->xce_handle, port);
+
+/* get the io packet from shared memory */
+state->send_vcpu = i;
+return cpu_get_ioreq_from_shared_memory(state, i);
+}
+
+/* read error or read nothing */
+return NULL;
+}
+
+static uint32_t do_inp(pio_addr_t addr, unsigned long size)
+{
+switch (size) {
+case 1:
+return cpu_inb(addr);
+case 2:
+return cpu_inw(addr);
+case 4:
+return cpu_inl(addr);
+default:
+hw_error("inp: bad size: %04"FMT_pioaddr" %lx", addr, size);
+}
+}
+
+static void do_outp(pio_addr_t addr,
+unsigned long size, uint32_t val)
+{
+switch (size) {
+case 1:
+return cpu_outb(addr, val);
+case 2:
+return cpu_outw(addr, val);
+case 4:
+return cpu_outl(addr, val);
+default:
+hw_error("outp: bad size: %04"FMT_pioaddr" %lx", addr, size);
+}
+}
+
+static void cpu_ioreq_pio(ioreq_t *req)
+{
+int i, sign;
+
+sign = req->df ? -1 : 1;
+
+if (req->dir == IOREQ_READ) {
+if (!req->data_is_ptr) {
+req->data = do_inp(req->addr, req->size);
+} else {
+uint32_t tmp;
+
+   

[Qemu-devel] [PATCH V14 10/17] xen: Adds a cap to the number of map cache entries.

[anthony.perard]

From: John Baboval 

Adds a cap to the number of map cache entries. This prevents the map
cache from overwhelming system memory.

I also removed the bitmap macros and #included bitmap.h instead.

Signed-off-By: John Baboval 
Signed-off-by: Anthony PERARD 
---
 xen-mapcache.c |   37 +++--
 1 files changed, 15 insertions(+), 22 deletions(-)

diff --git a/xen-mapcache.c b/xen-mapcache.c
index a539358..2ca18ce 100644
--- a/xen-mapcache.c
+++ b/xen-mapcache.c
@@ -12,6 +12,7 @@
 
 #include "hw/xen_backend.h"
 #include "blockdev.h"
+#include "bitmap.h"
 
 #include 
 #include 
@@ -32,15 +33,13 @@
 
 #if defined(__i386__)
 #  define MCACHE_BUCKET_SHIFT 16
+#  define MCACHE_MAX_SIZE (1UL<<31) /* 2GB Cap */
 #elif defined(__x86_64__)
 #  define MCACHE_BUCKET_SHIFT 20
+#  define MCACHE_MAX_SIZE (1UL<<35) /* 32GB Cap */
 #endif
 #define MCACHE_BUCKET_SIZE (1UL << MCACHE_BUCKET_SHIFT)
 
-#define BITS_PER_LONG (sizeof(long) * 8)
-#define BITS_TO_LONGS(bits) (((bits) + BITS_PER_LONG - 1) / BITS_PER_LONG)
-#define DECLARE_BITMAP(name, bits) unsigned long name[BITS_TO_LONGS(bits)]
-
 typedef struct MapCacheEntry {
 target_phys_addr_t paddr_index;
 uint8_t *vaddr_base;
@@ -69,11 +68,6 @@ typedef struct MapCache {
 
 static MapCache *mapcache;
 
-static inline int test_bit(unsigned int bit, const unsigned long *map)
-{
-return !!((map)[(bit) / BITS_PER_LONG] & (1UL << ((bit) % BITS_PER_LONG)));
-}
-
 void qemu_map_cache_init(void)
 {
 unsigned long size;
@@ -85,9 +79,14 @@ void qemu_map_cache_init(void)
 mapcache->last_address_index = -1;
 
 getrlimit(RLIMIT_AS, &rlimit_as);
-rlimit_as.rlim_cur = rlimit_as.rlim_max;
+if (rlimit_as.rlim_max < MCACHE_MAX_SIZE) {
+rlimit_as.rlim_cur = rlimit_as.rlim_max;
+} else {
+rlimit_as.rlim_cur = MCACHE_MAX_SIZE;
+}
+
 setrlimit(RLIMIT_AS, &rlimit_as);
-mapcache->max_mcache_size = rlimit_as.rlim_max;
+mapcache->max_mcache_size = rlimit_as.rlim_cur;
 
 mapcache->nr_buckets =
 (((mapcache->max_mcache_size >> XC_PAGE_SHIFT) +
@@ -107,7 +106,7 @@ static void qemu_remap_bucket(MapCacheEntry *entry,
 uint8_t *vaddr_base;
 xen_pfn_t *pfns;
 int *err;
-unsigned int i, j;
+unsigned int i;
 target_phys_addr_t nb_pfn = size >> XC_PAGE_SHIFT;
 
 trace_qemu_remap_bucket(address_index);
@@ -136,17 +135,11 @@ static void qemu_remap_bucket(MapCacheEntry *entry,
 entry->vaddr_base = vaddr_base;
 entry->paddr_index = address_index;
 
-for (i = 0; i < nb_pfn; i += BITS_PER_LONG) {
-unsigned long word = 0;
-if ((i + BITS_PER_LONG) > nb_pfn) {
-j = nb_pfn % BITS_PER_LONG;
-} else {
-j = BITS_PER_LONG;
-}
-while (j > 0) {
-word = (word << 1) | !err[i + --j];
+bitmap_zero(entry->valid_mapping, nb_pfn);
+for (i = 0; i < nb_pfn; i++) {
+if (!err[i]) {
+bitmap_set(entry->valid_mapping, i, 1);
 }
-entry->valid_mapping[i / BITS_PER_LONG] = word;
 }
 
 qemu_free(pfns);
-- 
1.7.2.5

[Qemu-devel] [PATCH V14 17/17] xen: Add Xen hypercall for sleep state in the cmos_s3 callback.

[anthony.perard]

From: Anthony PERARD 

Signed-off-by: Anthony PERARD 
---
 hw/pc_piix.c |6 +-
 hw/xen.h |1 +
 xen-all.c|9 +
 xen-stub.c   |4 
 4 files changed, 19 insertions(+), 1 deletions(-)

diff --git a/hw/pc_piix.c b/hw/pc_piix.c
index 72864fc..4ff4a55 100644
--- a/hw/pc_piix.c
+++ b/hw/pc_piix.c
@@ -179,7 +179,11 @@ static void pc_init1(ram_addr_t ram_size,
 if (pci_enabled && acpi_enabled) {
 i2c_bus *smbus;
 
-cmos_s3 = qemu_allocate_irqs(pc_cmos_set_s3_resume, rtc_state, 1);
+if (!xen_enabled()) {
+cmos_s3 = qemu_allocate_irqs(pc_cmos_set_s3_resume, rtc_state, 1);
+} else {
+cmos_s3 = qemu_allocate_irqs(xen_cmos_set_s3_resume, rtc_state, 1);
+}
 smi_irq = qemu_allocate_irqs(pc_acpi_smi_interrupt, first_cpu, 1);
 /* TODO: Populate SPD eeprom data.  */
 smbus = piix4_pm_init(pci_bus, piix3_devfn + 3, 0xb100,
diff --git a/hw/xen.h b/hw/xen.h
index 6245b38..d435ca0 100644
--- a/hw/xen.h
+++ b/hw/xen.h
@@ -43,6 +43,7 @@ static inline int xen_mapcache_enabled(void)
 int xen_pci_slot_get_pirq(PCIDevice *pci_dev, int irq_num);
 void xen_piix3_set_irq(void *opaque, int irq_num, int level);
 void xen_piix_pci_write_config_client(uint32_t address, uint32_t val, int len);
+void xen_cmos_set_s3_resume(void *opaque, int irq, int level);
 
 qemu_irq *xen_interrupt_controller_init(void);
 
diff --git a/xen-all.c b/xen-all.c
index 19c2fe1..0eac202 100644
--- a/xen-all.c
+++ b/xen-all.c
@@ -9,6 +9,7 @@
 #include 
 
 #include "hw/pci.h"
+#include "hw/pc.h"
 #include "hw/xen_common.h"
 #include "hw/xen_backend.h"
 
@@ -99,6 +100,14 @@ void xen_piix_pci_write_config_client(uint32_t address, 
uint32_t val, int len)
 }
 }
 
+void xen_cmos_set_s3_resume(void *opaque, int irq, int level)
+{
+pc_cmos_set_s3_resume(opaque, irq, level);
+if (level) {
+xc_set_hvm_param(xen_xc, xen_domid, HVM_PARAM_ACPI_S_STATE, 3);
+}
+}
+
 /* Xen Interrupt Controller */
 
 static void xen_set_irq(void *opaque, int irq, int level)
diff --git a/xen-stub.c b/xen-stub.c
index 8d2fa54..a4f35a1 100644
--- a/xen-stub.c
+++ b/xen-stub.c
@@ -22,6 +22,10 @@ void xen_piix_pci_write_config_client(uint32_t address, 
uint32_t val, int len)
 {
 }
 
+void xen_cmos_set_s3_resume(void *opaque, int irq, int level)
+{
+}
+
 void xen_ram_alloc(ram_addr_t ram_addr, ram_addr_t size)
 {
 }
-- 
1.7.2.5

[Qemu-devel] [PATCH V14 13/17] pci: Use of qemu_put_ram_ptr in pci_add_option_rom.

[anthony.perard]

From: John Baboval 

Prevent a deadlock caused by leaving a map cache bucket locked by the
preceding qemu_get_ram_ptr() call.

Signed-off-By: John Baboval 
Signed-off-by: Anthony PERARD 
---
 hw/pci.c |2 ++
 1 files changed, 2 insertions(+), 0 deletions(-)

diff --git a/hw/pci.c b/hw/pci.c
index 6b577e1..2b24dd4 100644
--- a/hw/pci.c
+++ b/hw/pci.c
@@ -1897,6 +1897,8 @@ static int pci_add_option_rom(PCIDevice *pdev, bool 
is_default_rom)
 pci_patch_ids(pdev, ptr, size);
 }
 
+qemu_put_ram_ptr(ptr);
+
 pci_register_bar(pdev, PCI_ROM_SLOT, size,
  0, pci_map_option_rom);
 
-- 
1.7.2.5

[Qemu-devel] [PATCH V14 09/17] xen: Introduce the Xen mapcache

[anthony.perard]

From: Jun Nakajima 

On IA32 host or IA32 PAE host, at present, generally, we can't create
an HVM guest with more than 2G memory, because generally it's almost
impossible for Qemu to find a large enough and consecutive virtual
address space to map an HVM guest's whole physical address space.
The attached patch fixes this issue using dynamic mapping based on
little blocks of memory.

Each call to qemu_get_ram_ptr makes a call to qemu_map_cache with the
lock option, so mapcache will not unmap these ram_ptr.

Blocks that do not belong to the RAM, but usually to a device ROM or to
a framebuffer, are handled in a separate function. So the whole RAMBlock
can be map.

Signed-off-by: Jun Nakajima 
Signed-off-by: Anthony PERARD 
Signed-off-by: Stefano Stabellini 
---
 Makefile.target |3 +
 configure   |3 +
 exec.c  |   48 +++-
 hw/xen.h|   13 ++
 hw/xen_common.h |9 ++
 trace-events|   10 ++
 xen-all.c   |   66 ++
 xen-mapcache-stub.c |   44 +++
 xen-mapcache.c  |  349 +++
 xen-mapcache.h  |   37 ++
 xen-stub.c  |4 +
 11 files changed, 582 insertions(+), 4 deletions(-)
 create mode 100644 xen-mapcache-stub.c
 create mode 100644 xen-mapcache.c
 create mode 100644 xen-mapcache.h

diff --git a/Makefile.target b/Makefile.target
index 6b2a41c..c964c0d 100644
--- a/Makefile.target
+++ b/Makefile.target
@@ -214,8 +214,11 @@ else
   CONFIG_NO_XEN = y
 endif
 # xen support
+CONFIG_NO_XEN_MAPCACHE = $(if $(subst n,,$(CONFIG_XEN_MAPCACHE)),n,y)
 obj-i386-$(CONFIG_XEN) += xen-all.o
 obj-$(CONFIG_NO_XEN) += xen-stub.o
+obj-i386-$(CONFIG_XEN_MAPCACHE) += xen-mapcache.o
+obj-$(CONFIG_NO_XEN_MAPCACHE) += xen-mapcache-stub.o
 
 # Inter-VM PCI shared memory
 CONFIG_IVSHMEM =
diff --git a/configure b/configure
index 98b79e2..340a810 100755
--- a/configure
+++ b/configure
@@ -3283,6 +3283,9 @@ case "$target_arch2" in
   i386|x86_64)
 if test "$xen" = "yes" -a "$target_softmmu" = "yes" ; then
   echo "CONFIG_XEN=y" >> $config_target_mak
+  if test "$cpu" = "i386" -o "$cpu" = "x86_64"; then
+  echo "CONFIG_XEN_MAPCACHE=y" >> $config_target_mak
+  fi
 fi
 esac
 case "$target_arch2" in
diff --git a/exec.c b/exec.c
index b1ee52a..3f895eb 100644
--- a/exec.c
+++ b/exec.c
@@ -32,6 +32,7 @@
 #include "hw/qdev.h"
 #include "osdep.h"
 #include "kvm.h"
+#include "hw/xen.h"
 #include "qemu-timer.h"
 #if defined(CONFIG_USER_ONLY)
 #include 
@@ -51,6 +52,8 @@
 #include 
 #endif
 #endif
+#else /* !CONFIG_USER_ONLY */
+#include "xen-mapcache.h"
 #endif
 
 //#define DEBUG_TB_INVALIDATE
@@ -2872,6 +2875,7 @@ ram_addr_t qemu_ram_alloc_from_ptr(DeviceState *dev, 
const char *name,
 }
 }
 
+new_block->offset = find_ram_offset(size);
 if (host) {
 new_block->host = host;
 new_block->flags |= RAM_PREALLOC_MASK;
@@ -2894,13 +2898,15 @@ ram_addr_t qemu_ram_alloc_from_ptr(DeviceState *dev, 
const char *name,
PROT_EXEC|PROT_READ|PROT_WRITE,
MAP_SHARED | MAP_ANONYMOUS, -1, 0);
 #else
-new_block->host = qemu_vmalloc(size);
+if (xen_mapcache_enabled()) {
+xen_ram_alloc(new_block->offset, size);
+} else {
+new_block->host = qemu_vmalloc(size);
+}
 #endif
 qemu_madvise(new_block->host, size, QEMU_MADV_MERGEABLE);
 }
 }
-
-new_block->offset = find_ram_offset(size);
 new_block->length = size;
 
 QLIST_INSERT_HEAD(&ram_list.blocks, new_block, next);
@@ -2945,7 +2951,11 @@ void qemu_ram_free(ram_addr_t addr)
 #if defined(TARGET_S390X) && defined(CONFIG_KVM)
 munmap(block->host, block->length);
 #else
-qemu_vfree(block->host);
+if (xen_mapcache_enabled()) {
+qemu_invalidate_entry(block->host);
+} else {
+qemu_vfree(block->host);
+}
 #endif
 }
 qemu_free(block);
@@ -3034,6 +3044,16 @@ void *qemu_get_ram_ptr(ram_addr_t addr)
 QLIST_REMOVE(block, next);
 QLIST_INSERT_HEAD(&ram_list.blocks, block, next);
 }
+if (xen_mapcache_enabled()) {
+/* We need to check if the requested address is in the RAM
+ * because we don't want to map the entire memory in QEMU.
+ */
+if (block->offset == 0) {
+return qemu_map_cache(addr, 0, 1);
+} else if (block->host == NULL) {
+block->host = xen_map_block(block->offset, block->length);
+}
+}
 return block->host + (addr - block->offset);
 }
 }
@@ -3053,6 +3073,16 @@ void *qemu_safe_ram_ptr(ram_addr_t addr)
 
 QLIST_FOREACH(block, &ram_list.blocks, next) {
 if (addr - blo

Re: [Qemu-devel] [PATCH v2 3/5] ide/atapi: Use table instead of switch for commands

[Blue Swirl]

On Wed, Apr 20, 2011 at 2:30 PM, Kevin Wolf  wrote:
> Signed-off-by: Kevin Wolf 
> ---
>  hw/ide/atapi.c |  115 +++
>  1 files changed, 48 insertions(+), 67 deletions(-)
>
> diff --git a/hw/ide/atapi.c b/hw/ide/atapi.c
> index d161bf7..d0bf7fd 100644
> --- a/hw/ide/atapi.c
> +++ b/hw/ide/atapi.c
> @@ -533,10 +533,11 @@ static unsigned int event_status_media(IDEState *s,
>     return 8; /* We wrote to 4 extra bytes from the header */
>  }
>
> -static void handle_get_event_status_notification(IDEState *s,
> -                                                 uint8_t *buf,
> -                                                 const uint8_t *packet)
> +static void cmd_get_event_status_notification(IDEState *s,
> +                                              uint8_t *buf)
>  {
> +    const uint8_t *packet = buf;
> +
>     struct {
>         uint8_t opcode;
>         uint8_t polled;        /* lsb bit is polled; others are reserved */
> @@ -1064,6 +1065,38 @@ static void cmd_set_speed(IDEState *s, uint8_t* buf)
>     ide_atapi_cmd_ok(s);
>  }
>
> +enum {
> +    /*
> +     * Only commands flagged as ALLOW_UA are allowed to run under a
> +     * unit attention condition. (See MMC-5, section 4.1.6.1)
> +     */
> +    ALLOW_UA = 0x01,
> +};
> +
> +struct {
> +    void (*handler)(IDEState *s, uint8_t *buf);
> +    int flags;
> +} atapi_cmd_table[0x100] = {
> +    [ 0x00 ] = { cmd_test_unit_ready,               0 },

How about using symbols here, like
[ GPCMD_TEST_UNIT_READY ] = { cmd_test_unit_ready, 0 },
?

The table can probably be static const.

> +    [ 0x03 ] = { cmd_request_sense,                 ALLOW_UA },
> +    [ 0x12 ] = { cmd_inquiry,                       ALLOW_UA },
> +    [ 0x1a ] = { cmd_mode_sense, /* (6) */          0 },
> +    [ 0x1b ] = { cmd_start_stop_unit,               0 },
> +    [ 0x1e ] = { cmd_prevent_allow_medium_removal,  0 },
> +    [ 0x25 ] = { cmd_read_cdvd_capacity,            0 },
> +    [ 0x28 ] = { cmd_read, /* (10) */               0 },
> +    [ 0x2b ] = { cmd_seek,                          0 },
> +    [ 0x43 ] = { cmd_read_toc_pma_atip,             0 },
> +    [ 0x46 ] = { cmd_get_configuration,             ALLOW_UA },
> +    [ 0x4a ] = { cmd_get_event_status_notification, ALLOW_UA },
> +    [ 0x5a ] = { cmd_mode_sense, /* (10) */         0 },
> +    [ 0xa8 ] = { cmd_read, /* (12) */               0 },
> +    [ 0xad ] = { cmd_read_dvd_structure,            0 },
> +    [ 0xbb ] = { cmd_set_speed,                     0 },
> +    [ 0xbd ] = { cmd_mechanism_status,              0 },
> +    [ 0xbe ] = { cmd_read_cd,                       0 },
> +};
> +
>  void ide_atapi_cmd(IDEState *s)
>  {
>     const uint8_t *packet;
> @@ -1082,21 +1115,17 @@ void ide_atapi_cmd(IDEState *s)
>     }
>  #endif
>     /*
> -     * If there's a UNIT_ATTENTION condition pending, only
> -     * REQUEST_SENSE, INQUIRY, GET_CONFIGURATION and
> -     * GET_EVENT_STATUS_NOTIFICATION commands are allowed to complete.
> -     * MMC-5, section 4.1.6.1 lists only these commands being allowed
> -     * to complete, with other commands getting a CHECK condition
> -     * response unless a higher priority status, defined by the drive
> +     * If there's a UNIT_ATTENTION condition pending, only command flagged 
> with
> +     * ALLOW_UA are allowed to complete. with other commands getting a CHECK
> +     * condition response unless a higher priority status, defined by the 
> drive
>      * here, is pending.
>      */
>     if (s->sense_key == SENSE_UNIT_ATTENTION &&
> -        s->io_buffer[0] != GPCMD_REQUEST_SENSE &&
> -        s->io_buffer[0] != GPCMD_INQUIRY &&
> -        s->io_buffer[0] != GPCMD_GET_EVENT_STATUS_NOTIFICATION) {
> +        !(atapi_cmd_table[s->io_buffer[0]].flags & ALLOW_UA)) {
>         ide_atapi_cmd_check_status(s);
>         return;
>     }
> +
>     if (bdrv_is_inserted(s->bs) && s->cdrom_changed) {
>         ide_atapi_cmd_error(s, SENSE_NOT_READY, ASC_MEDIUM_NOT_PRESENT);
>
> @@ -1105,60 +1134,12 @@ void ide_atapi_cmd(IDEState *s)
>         s->asc = ASC_MEDIUM_MAY_HAVE_CHANGED;
>         return;
>     }
> -    switch(s->io_buffer[0]) {
> -    case GPCMD_TEST_UNIT_READY:
> -        cmd_test_unit_ready(s, buf);
> -        break;
> -    case GPCMD_MODE_SENSE_6:
> -    case GPCMD_MODE_SENSE_10:
> -        cmd_mode_sense(s, buf);
> -        break;
> -    case GPCMD_REQUEST_SENSE:
> -        cmd_request_sense(s, buf);
> -        break;
> -    case GPCMD_PREVENT_ALLOW_MEDIUM_REMOVAL:
> -        cmd_prevent_allow_medium_removal(s, buf);
> -        break;
> -    case GPCMD_READ_10:
> -    case GPCMD_READ_12:
> -        cmd_read(s, buf);
> -        break;
> -    case GPCMD_READ_CD:
> -        cmd_read_cd(s, buf);
> -        break;
> -    case GPCMD_SEEK:
> -        cmd_seek(s, buf);
> -        break;
> -    case GPCMD_START_STOP_UNIT:
> -        cmd_start_stop_unit(s, buf);
> -        break;
> -    case GPCMD_MECHANISM_STATUS:
> -        cmd_mechan

Re: [Qemu-devel] [PATCH 00/26] q35 chipset support for native pci express support

[Isaku Yamahata]

I forgot to changet its HEAD. Now it's fixed.
So please change the branch manually or clone the repo again.

On Tue, Apr 19, 2011 at 04:58:32PM +0800, Hu Tao wrote:
> On Tue, Apr 19, 2011 at 05:51:27PM +0900, Isaku Yamahata wrote:
> > On Tue, Apr 19, 2011 at 04:28:01PM +0800, Hu Tao wrote:
> > > On Wed, Mar 16, 2011 at 06:29:11PM +0900, Isaku Yamahata wrote:
> > > > This patch series adds basic q35 chipset support for native pci express
> > > > support. Some bios related patches are still needed.
> > > > For those who want to try it, the following repo is avaiable.
> > > > (vgabios doesn't need patches, so use the upstream one)
> > > > 
> > > > git clone http://people.valinux.co.jp/~yamahata/qemu/q35/20110316/qemu
> > > > git clone 
> > > > http://people.valinux.co.jp/~yamahata/qemu/q35/20110316/seabios
> > > 
> > > Hi,
> > > 
> > > When I visit the links, the pages say 'You dont have permission'. Could
> > > you make these git-repos avaiable again?  Thanks in advance.
> > 
> > The link is not for human-reading. Just issue the git command.
> 
> Done. Thanks:)
> 
> > -- 
> > yamahata
> 

-- 
yamahata

[Qemu-devel] [PATCH 1/3] rtl8139: use TARGET_FMT_plx in debug messages

[Benjamin Poirier]

Prevents a compilation failure when DEBUG_RTL8139 is defined:

CClibhw32/rtl8139.o
cc1: warnings being treated as errors
hw/rtl8139.c: In function ‘rtl8139_cplus_transmit_one’:
hw/rtl8139.c:1960: error: format ‘%8lx’ expects type ‘long unsigned int’, but 
argument 5 has type ‘target_phys_addr_t’
make[1]: *** [rtl8139.o] Error 1

Signed-off-by: Benjamin Poirier 
Cc: Igor V. Kovalenko 
---
 hw/rtl8139.c |   15 +--
 1 files changed, 9 insertions(+), 6 deletions(-)

diff --git a/hw/rtl8139.c b/hw/rtl8139.c
index d545933..9a759e7 100644
--- a/hw/rtl8139.c
+++ b/hw/rtl8139.c
@@ -978,8 +978,9 @@ static ssize_t rtl8139_do_receive(VLANClientState *nc, 
const uint8_t *buf, size_
 cplus_rx_ring_desc = rtl8139_addr64(s->RxRingAddrLO, s->RxRingAddrHI);
 cplus_rx_ring_desc += 16 * descriptor;
 
-DEBUG_PRINT(("RTL8139: +++ C+ mode reading RX descriptor %d from host 
memory at %08x %08x = %016" PRIx64 "\n",
-   descriptor, s->RxRingAddrHI, s->RxRingAddrLO, 
(uint64_t)cplus_rx_ring_desc));
+DEBUG_PRINT(("RTL8139: +++ C+ mode reading RX descriptor %d from "
+"host memory at %08x %08x = " TARGET_FMT_plx "\n", descriptor,
+s->RxRingAddrHI, s->RxRingAddrLO, cplus_rx_ring_desc));
 
 uint32_t val, rxdw0,rxdw1,rxbufLO,rxbufHI;
 
@@ -1957,8 +1958,9 @@ static int rtl8139_cplus_transmit_one(RTL8139State *s)
 /* Normal priority ring */
 cplus_tx_ring_desc += 16 * descriptor;
 
-DEBUG_PRINT(("RTL8139: +++ C+ mode reading TX descriptor %d from host 
memory at %08x0x%08x = 0x%8lx\n",
-   descriptor, s->TxAddr[1], s->TxAddr[0], cplus_tx_ring_desc));
+DEBUG_PRINT(("RTL8139: +++ C+ mode reading TX descriptor %d from host "
+"memory at %08x0x%08x = 0x" TARGET_FMT_plx "\n", descriptor,
+s->TxAddr[1], s->TxAddr[0], cplus_tx_ring_desc));
 
 uint32_t val, txdw0,txdw1,txbufLO,txbufHI;
 
@@ -2069,8 +2071,9 @@ static int rtl8139_cplus_transmit_one(RTL8139State *s)
 
 /* append more data to the packet */
 
-DEBUG_PRINT(("RTL8139: +++ C+ mode transmit reading %d bytes from host 
memory at %016" PRIx64 " to offset %d\n",
- txsize, (uint64_t)tx_addr, s->cplus_txbuffer_offset));
+DEBUG_PRINT(("RTL8139: +++ C+ mode transmit reading %d bytes from host "
+"memory at " TARGET_FMT_plx " to offset %d\n", txsize, tx_addr,
+s->cplus_txbuffer_offset));
 
 cpu_physical_memory_read(tx_addr, s->cplus_txbuffer + 
s->cplus_txbuffer_offset, txsize);
 s->cplus_txbuffer_offset += txsize;
-- 
1.7.4.1

[Qemu-devel] [PATCH 3/3] rtl8139: add format attribute to DPRINTF

[Benjamin Poirier]

gcc can check the format string for correctness even when debugging output is
not enabled.
Have to make sure arguments are always available. They are optimized out if
unneeded.

Signed-off-by: Benjamin Poirier 
Cc: Igor V. Kovalenko 
---
 hw/rtl8139.c |9 ++---
 1 files changed, 6 insertions(+), 3 deletions(-)

diff --git a/hw/rtl8139.c b/hw/rtl8139.c
index 16ccd1e..15698ce 100644
--- a/hw/rtl8139.c
+++ b/hw/rtl8139.c
@@ -88,7 +88,11 @@
 #  define DPRINTF(fmt, ...) \
 do { fprintf(stderr, "RTL8139: " fmt, ## __VA_ARGS__); } while (0)
 #else
-#  define DPRINTF(fmt, ...) do { } while (0)
+static inline __attribute__ ((format (printf, 1, 2)))
+int DPRINTF(const char *fmt, ...)
+{
+return 0;
+}
 #endif
 
 /* Symbolic offsets to registers. */
@@ -2201,9 +2205,8 @@ static int rtl8139_cplus_transmit_one(RTL8139State *s)
 
 if ((txdw0 & CP_TX_LGSEN) && ip_protocol == IP_PROTO_TCP)
 {
-#if defined (DEBUG_RTL8139)
 int large_send_mss = (txdw0 >> 16) & CP_TC_LGSEN_MSS_MASK;
-#endif
+
 DPRINTF("+++ C+ mode offloaded task TSO MTU=%d IP data %d "
 "frame data %d specified MSS=%d\n", ETH_MTU,
 ip_data_len, saved_size - ETH_HLEN, large_send_mss);
-- 
1.7.4.1

Re: [Qemu-devel] [PATCH 00/26] q35 chipset support for native pci express support

[Adnan Khaleel]

Something is still wrong,


I get the following errors now:


:

error: cannot unpack fffd440d2ca664a03ee83eabc00107eaf74d7af4 from 
/users/akhaleel/akhaleel/MergeSpace/qemu_0.14_q35/qemu/.git/objects/pack/pack-c0c6d1b7fc8ae79abf99bfb6a402b50e2ec98557.pack
error: Unable to find ad620c29c2da573e3a5f13f5b1eb2694fee64cfb under 
http://people.valinux.co.jp/~yamahata/qemu/q35/20110316/qemu/
Cannot obtain needed none ad620c29c2da573e3a5f13f5b1eb2694fee64cfb
while processing commit .
rm: cannot remove directory 
`/users/akhaleel/akhaleel/MergeSpace/qemu_0.14_q35/qemu/.git/clone-tmp': 
Directory not empty


Adnan

  _  

From: Isaku Yamahata [mailto:yamah...@valinux.co.jp]
To: Hu Tao [mailto:hu...@cn.fujitsu.com], Adnan Khaleel 
[mailto:ad...@khaleel.us]
Cc: qemu-devel@nongnu.org
Sent: Wed, 20 Apr 2011 17:46:44 -0500
Subject: Re: [Qemu-devel] [PATCH 00/26] q35 chipset support for native pci 
express support

I forgot to changet its HEAD. Now it's fixed.
  So please change the branch manually or clone the repo again.
  
  On Tue, Apr 19, 2011 at 04:58:32PM +0800, Hu Tao wrote:
  > On Tue, Apr 19, 2011 at 05:51:27PM +0900, Isaku Yamahata wrote:
  > > On Tue, Apr 19, 2011 at 04:28:01PM +0800, Hu Tao wrote:
  > > > On Wed, Mar 16, 2011 at 06:29:11PM +0900, Isaku Yamahata wrote:
  > > > > This patch series adds basic q35 chipset support for native pci 
express
  > > > > support. Some bios related patches are still needed.
  > > > > For those who want to try it, the following repo is avaiable.
  > > > > (vgabios doesn't need patches, so use the upstream one)
  > > > > 
  > > > > git clone http://people.valinux.co.jp/~yamahata/qemu/q35/20110316/qemu
  > > > > git clone 
http://people.valinux.co.jp/~yamahata/qemu/q35/20110316/seabios
  > > > 
  > > > Hi,
  > > > 
  > > > When I visit the links, the pages say 'You dont have permission'. Could
  > > > you make these git-repos avaiable again?  Thanks in advance.
  > > 
  > > The link is not for human-reading. Just issue the git command.
  > 
  > Done. Thanks:)
  > 
  > > -- 
  > > yamahata
  > 
  
  -- 
  yamahata

Re: [Qemu-devel] [PATCH 00/26] q35 chipset support for native pci?express support

[Isaku Yamahata]

Okay. Can you please try git clone again?

On Wed, Apr 20, 2011 at 06:41:56PM -0500, Adnan Khaleel wrote:
> Something is still wrong,
> 
> I get the following errors now:
> 
> :
> error: cannot unpack fffd440d2ca664a03ee83eabc00107eaf74d7af4 from /users/
> akhaleel/akhaleel/MergeSpace/qemu_0.14_q35/qemu/.git/objects/pack/
> pack-c0c6d1b7fc8ae79abf99bfb6a402b50e2ec98557.pack
> error: Unable to find ad620c29c2da573e3a5f13f5b1eb2694fee64cfb under http://
> people.valinux.co.jp/~yamahata/qemu/q35/20110316/qemu/
> Cannot obtain needed none ad620c29c2da573e3a5f13f5b1eb2694fee64cfb
> while processing commit .
> rm: cannot remove directory 
> `/users/akhaleel/akhaleel/MergeSpace/qemu_0.14_q35/
> qemu/.git/clone-tmp': Directory not empty
> 
> Adnan
> 
> 
> ━
> From: Isaku Yamahata [mailto:yamah...@valinux.co.jp]
> To: Hu Tao [mailto:hu...@cn.fujitsu.com], Adnan Khaleel
> [mailto:ad...@khaleel.us]
> Cc: qemu-devel@nongnu.org
> Sent: Wed, 20 Apr 2011 17:46:44 -0500
> Subject: Re: [Qemu-devel] [PATCH 00/26] q35 chipset support for native pci
> express support
> 
> I forgot to changet its HEAD. Now it's fixed.
> So please change the branch manually or clone the repo again.
> 
> On Tue, Apr 19, 2011 at 04:58:32PM +0800, Hu Tao wrote:
> > On Tue, Apr 19, 2011 at 05:51:27PM +0900, Isaku Yamahata wrote:
> > > On Tue, Apr 19, 2011 at 04:28:01PM +0800, Hu Tao wrote:
> > > > On Wed, Mar 16, 2011 at 06:29:11PM +0900, Isaku Yamahata wrote:
> > > > > This patch series adds basic q35 chipset support for native pci
> express
> > > > > support. Some bios related patches are still needed.
> > > > > For those who want to try it, the following repo is avaiable.
> > > > > (vgabios doesn't need patches, so use the upstream one)
> > > > >
> > > > > git clone http://people.valinux.co.jp/~yamahata/qemu/q35/20110316/
> qemu
> > > > > git clone http://people.valinux.co.jp/~yamahata/qemu/q35/20110316/
> seabios
> > > >
> > > > Hi,
> > > >
> > > > When I visit the links, the pages say 'You dont have permission'.
> Could
> > > > you make these git-repos avaiable again? Thanks in advance.
> > >
> > > The link is not for human-reading. Just issue the git command.
> >
> > Done. Thanks:)
> >
> > > --
> > > yamahata
> >
> 
> --
> yamahata
> 

-- 
yamahata

Re: [Qemu-devel] [RFC PATCH 0/3 V8] QAPI: add inject-nmi qmp command

[Lai Jiangshan]

Hi, Anthony Liguori

Any suggestion?

Although all command line interfaces will be converted to to use QMP interfaces 
in 0.16,
I hope inject-nmi come into QAPI earlier, 0.15.

Thanks,
Lai