Re: [Qemu-devel] [PATCH v3 03/20] arm: add Faraday FTAHBC020 support

[Peter Crosthwaite]

Hi Dante,

On Wed, Feb 6, 2013 at 7:45 PM, Kuo-Jung Su  wrote:
> From: Kuo-Jung Su 
>
> It's used to perform AHB remap and also QEMU RAM initialization
> when SDRAM is initialized before AHB remap process activated.
>
> Signed-off-by: Kuo-Jung Su 
> ---
>  hw/arm/Makefile.objs  |1 +
>  hw/arm/faraday_a369.c |6 ++
>  hw/arm/ftahbc020.c|  185 
> +
>  3 files changed, 192 insertions(+)
>  create mode 100644 hw/arm/ftahbc020.c
>
> diff --git a/hw/arm/Makefile.objs b/hw/arm/Makefile.objs
> index 02d1a7b..5825c63 100644
> --- a/hw/arm/Makefile.objs
> +++ b/hw/arm/Makefile.objs
> @@ -35,3 +35,4 @@ obj-$(CONFIG_FDT) += ../device_tree.o
>  obj-y := $(addprefix ../,$(obj-y))
>  obj-y += faraday_a360.o faraday_a360_pmu.o
>  obj-y += faraday_a369.o faraday_a369_scu.o faraday_a369_keypad.o
> +obj-y += ftahbc020.o
> diff --git a/hw/arm/faraday_a369.c b/hw/arm/faraday_a369.c
> index e32dc7f..ae6c445 100644
> --- a/hw/arm/faraday_a369.c
> +++ b/hw/arm/faraday_a369.c
> @@ -54,6 +54,12 @@ a369_device_init(A369State *s)
>
>  /* ftkbc010 */
>  sysbus_create_simple("a369.keypad", 0x92f0, NULL);
> +
> +/* ftahbc020 */
> +s->ahbc = qdev_create(NULL, "ftahbc020");
> +qdev_prop_set_ptr(s->ahbc, "mach", s);
> +qdev_init_nofail(s->ahbc);
> +sysbus_mmio_map(SYS_BUS_DEVICE(s->ahbc), 0, 0x9400);
>  }
>
>  static void
> diff --git a/hw/arm/ftahbc020.c b/hw/arm/ftahbc020.c
> new file mode 100644
> index 000..d68676c
> --- /dev/null
> +++ b/hw/arm/ftahbc020.c
> @@ -0,0 +1,185 @@
> +/*
> + * Faraday AHB controller
> + *
> + * Copyright (c) 2012 Faraday Technology
> + * Written by Dante Su 
> + *
> + * This code is licensed under GNU GPL v2+
> + */
> +
> +#include 
> +#include 
> +#include 
> +#include 
> +#include 
> +#include 
> +
> +#include "faraday.h"
> +
> +#define REG_SLAVE(n)(n * 4) /* Slave device config (base & size) */
> +#define REG_PRIR0x80/* Priority register */
> +#define REG_IDLECR  0x84/* IDLE count register */
> +#define REG_CR  0x88/* Control register */
> +#define REG_REVR0x8c/* Revision register */
> +
> +#define TYPE_FTAHBC020  "ftahbc020"
> +
> +typedef struct Ftahbc020State {
> +SysBusDevice busdev;
> +MemoryRegion iomem;
> +void *mach;
> +
> +/* HW register cache */
> +uint32_t slave4;
> +uint32_t slave6;
> +uint32_t cr;
> +} Ftahbc020State;
> +
> +#define FTAHBC020(obj) \
> +OBJECT_CHECK(Ftahbc020State, obj, TYPE_FTAHBC020)
> +
> +static uint64_t
> +ftahbc020_mem_read(void *opaque, hwaddr addr, unsigned size)
> +{
> +Ftahbc020State *s = FTAHBC020(opaque);
> +uint64_t ret = 0;
> +
> +switch (addr) {
> +case REG_SLAVE(4):
> +ret = s->slave4;
> +break;
> +case REG_SLAVE(6):
> +ret = s->slave6;
> +break;
> +case REG_CR:
> +ret = s->cr;
> +break;
> +case REG_REVR:
> +ret = 0x00010301;
> +break;
> +}
> +
> +return ret;
> +}
> +
> +static void
> +ftahbc020_mem_write(void *opaque, hwaddr addr, uint64_t val, unsigned size)
> +{
> +Ftahbc020State *s = FTAHBC020(opaque);
> +FaradayMachState *mach = s->mach;

I think this breaks the device model and QOM abstractions. You device
has this ad-hoc total machine visibility through these structs. I
think it would be better to use links from device to device that
better reflect you machines interconnect.

> +uint32_t base;
> +
> +if (!mach) {
> +hw_error("ftahbc020: mach is not yet registered!\n");
> +exit(1);
> +}
> +
> +switch (addr) {
> +case REG_CR:
> +s->cr = (uint32_t)val;
> +if (!mach->ahb_remapped && (s->cr & 0x01)) {
> +/* Remap AHB slave 4 (ROM) & slave 6 (RAM) */
> +/* 1. Remap ROM to (0x + size of RAM) */
> +base = (1 << ((s->slave6 >> 16) & 0x0f)) << 20;
> +sysbus_mmio_map(SYS_BUS_DEVICE(mach->rom), 0, base);
> +/* 2. Update slave4(ROM) & slave6(RAM) */
> +s->slave4 = base | (s->slave4 & 0x000f);
> +s->slave6 = s->slave6 & 0x000f;
> +/* 3. Update SDRAM map if it has been initialized. */
> +if (mach->ddr_inited) {
> +memory_region_del_subregion(mach->as, mach->ram_alias);
> +memory_region_add_subregion(mach->as, 0, mach->ram);
> +}
> +mach->ahb_remapped = 1;

Strange, is the device only capable of one-shot remapping or is this
just a limitation of this device due to usage of sysbus_mmio_map?

> +}
> +break;
> +}
> +}
> +
> +static const MemoryRegionOps ftahbc020_mem_ops = {
> +.read  = ftahbc020_mem_read,
> +.write = ftahbc020_mem_write,
> +.endianness = DEVICE_LITTLE_ENDIAN,
> +};
> +
> +static void ftahbc020_reset(DeviceState *ds)
> +{
> +SysBusDevice *busdev = SYS_BUS_DEVICE(ds);
> +Ftahbc020State *s = FTAHBC020(FROM_SY

Re: [Qemu-devel] [PATCH v3 15/20] arm: add Faraday FTMAC110 10/100Mbps ethernet support

[Peter Crosthwaite]

On Wed, Feb 6, 2013 at 7:45 PM, Kuo-Jung Su  wrote:
> From: Kuo-Jung Su 
>
> The FTMAC110 is an Ethernet controller that provides AHB master capability
> and is in full compliance with the IEEE 802.3 10/100 Mbps specifications.
> Its DMA controller handles all data transfers between system memory
> and on-chip memories.
> It supports half-word data transfer for Linux. However it has a weird DMA
> alignment issue:
>
> (1) Tx DMA Buffer Address:
> 1 bytes aligned: Invalid
> 2 bytes aligned: O.K
> 4 bytes aligned: O.K
>
> (2) Rx DMA Buffer Address:
> 1 bytes aligned: Invalid
> 2 bytes aligned: O.K
> 4 bytes aligned: Invalid (It means 0x0, 0x4, 0x8, 0xC are invalid)
>
> Signed-off-by: Kuo-Jung Su 
> ---
>  hw/arm/Makefile.objs  |1 +
>  hw/arm/faraday_a360.c |   10 +
>  hw/arm/ftmac110.c |  681 
> +
>  hw/arm/ftmac110.h |  131 ++
>  4 files changed, 823 insertions(+)
>  create mode 100644 hw/arm/ftmac110.c
>  create mode 100644 hw/arm/ftmac110.h
>
> diff --git a/hw/arm/Makefile.objs b/hw/arm/Makefile.objs
> index 70d4f25..f5eeaeb 100644
> --- a/hw/arm/Makefile.objs
> +++ b/hw/arm/Makefile.objs
> @@ -47,3 +47,4 @@ obj-y += ftapbbrg020.o
>  obj-y += ftnandc021.o
>  obj-y += fti2c010.o
>  obj-y += ftssp010.o
> +obj-y += ftmac110.o
> diff --git a/hw/arm/faraday_a360.c b/hw/arm/faraday_a360.c
> index 52cfcec..51e8649 100644
> --- a/hw/arm/faraday_a360.c
> +++ b/hw/arm/faraday_a360.c
> @@ -31,6 +31,7 @@ a360_device_init(A360State *s)
>  qemu_irq *pic;
>  DeviceState *ds, *fl;
>  SSIBus *spi;
> +int done_nic = 0;
>  int i, nr_flash;
>  qemu_irq cs_line;
>  qemu_irq ack, req;
> @@ -122,6 +123,15 @@ a360_device_init(A360State *s)
>  req = qdev_get_gpio_in(s->pdma[0], 2);
>  qdev_connect_gpio_out(s->pdma[0], 2, ack);
>  qdev_connect_gpio_out(ds, 1, req);
> +
> +/* ftmac110 */
> +for (i = 0; i < nb_nics; i++) {
> +NICInfo *nd = &nd_table[i];
> +if (!done_nic && (!nd->model || strcmp(nd->model, "ftmac110") == 0)) 
> {
> +ftmac110_init(nd, 0x9090, pic[25]);
> +done_nic = 1;
> +}
> +}
>  }
>
>  static void
> diff --git a/hw/arm/ftmac110.c b/hw/arm/ftmac110.c
> new file mode 100644
> index 000..d45f4ba
> --- /dev/null
> +++ b/hw/arm/ftmac110.c
> @@ -0,0 +1,681 @@
> +/*
> + * QEMU model of the FTMAC110 Controller
> + *
> + * Copyright (C) 2012 Faraday Technology
> + * Written by Dante Su 
> + *
> + * This file is licensed under GNU GPL v2+.
> + */
> +
> +/***/
> +/*   FTMAC110 DMA design issue */
> +/* Dante Su 2010.02.03 */
> +/* */
> +/* The DMA engine has a weird restriction that its Rx DMA engine   */
> +/* accepts only 16-bits aligned address, 32-bits aligned is still  */
> +/* invalid. However this restriction does not apply to Tx DMA. */
> +/* Conclusion: */
> +/* (1) Tx DMA Buffer Address:  */
> +/* 1 bytes aligned: Invalid*/
> +/* 2 bytes aligned: O.K*/
> +/* 4 bytes aligned: O.K (-> u-boot ZeroCopy is possible)   */
> +/* (2) Rx DMA Buffer Address:  */
> +/* 1 bytes aligned: Invalid*/
> +/* 2 bytes aligned: O.K*/
> +/* 4 bytes aligned: Invalid*/
> +/***/
> +

> +#include 
> +#include 
> +#include 
> +
> +#include "faraday.h"
> +#include "ftmac110.h"
> +
> +#define TYPE_FTMAC110"ftmac110"
> +
> +typedef struct Ftmac110State {
> +SysBusDevice busdev;
> +MemoryRegion mmio;
> +
> +QEMUBH *bh;
> +qemu_irq irq;
> +NICState *nic;
> +NICConf conf;
> +
> +uint32_t isr;
> +uint32_t ier;
> +uint32_t mhash[2];
> +uint32_t tx_bar;
> +uint32_t rx_bar;
> +uint32_t tx_idx;
> +uint32_t rx_idx;
> +uint32_t maccr;
> +uint32_t macsr;
> +uint32_t phycr;
> +uint32_t phycr_rd;
> +
> +struct {
> +uint8_t  buf[2048];

Magic number

> +uint32_t len;
> +} txbuff;
> +
> +uint32_t rx_pkt;
> +uint32_t rx_bcst;
> +uint32_t rx_mcst;
> +uint16_t rx_runt;
> +uint16_t rx_drop;
> +uint16_t rx_crc;
> +uint16_t rx_ftl;
> +uint32_t tx_pkt;
> +
> +} Ftmac110State;
> +
> +#define FTMAC110(obj) \
> +OBJECT_CHECK(Ftmac110State, obj, TYPE_FTMAC110)
> +
> +static uint8_t bitrev8(uint8_t v)
> +{
> +int i;
> +uint8_t r = 0;
> +for (i = 0; i < 8; ++i) {
> +if (v & (1 << i)) {
> +r |= (1 << (7 - i));
> +

Re: [Qemu-devel] [Qemu-ppc] [PATCH] pseries: Implements h_read hcall

[David Gibson]

On Sat, Feb 16, 2013 at 11:42:35PM -0300, Erlon Cruz wrote:
> I left them only to make it easy to read and keep the same sintax used
> in the other functions.

I don't see how having the arrays helps either of those goals.

-- 
David Gibson| I'll have my music baroque, and my code
david AT gibson.dropbear.id.au  | minimalist, thank you.  NOT _the_ _other_
| _way_ _around_!
http://www.ozlabs.org/~dgibson


signature.asc
Description: Digital signature

Re: [Qemu-devel] [Qemu-ppc] [PATCH] pseries: Implements h_read hcall

[Erlon Cruz]

I left them only to make it easy to read and keep the same sintax used
in the other functions.

On Sat, Feb 16, 2013 at 9:46 PM, David Gibson  wrote:
> On Fri, Feb 15, 2013 at 08:59:35AM -0200, Erlon Cruz wrote:
>> From: Erlon Cruz 
>>
>> This h_call is useful for DLPAR in future amongst other things. Given an 
>> index
>> it fetches the corresponding PTE stored in the htab.
>>
>> Signed-off-by: Erlon Cruz 
>> ---
>>  hw/spapr_hcall.c |   34 ++
>>  1 file changed, 34 insertions(+)
>>
>> diff --git a/hw/spapr_hcall.c b/hw/spapr_hcall.c
>> index 2889742..1065277 100644
>> --- a/hw/spapr_hcall.c
>> +++ b/hw/spapr_hcall.c
>> @@ -323,6 +323,39 @@ static target_ulong h_protect(PowerPCCPU *cpu, 
>> sPAPREnvironment *spapr,
>>  return H_SUCCESS;
>>  }
>>
>> +static target_ulong h_read(PowerPCCPU *cpu, sPAPREnvironment *spapr,
>> +target_ulong opcode, target_ulong *args)
>> +{
>> +CPUPPCState *env = &cpu->env;
>> +target_ulong flags = args[0];
>> +target_ulong pte_index = args[1];
>> +target_ulong v[4], r[4];
>> +uint8_t *hpte;
>> +int i, ridx, n_entries = 1;
>> +
>> +if ((pte_index * HASH_PTE_SIZE_64) & ~env->htab_mask) {
>> +return H_PARAMETER;
>> +}
>> +
>> +if (flags & H_READ_4) {
>> +/* Clear the two low order bits */
>> +pte_index &= ~(3ULL);
>> +n_entries = 4;
>> +}
>> +
>> +hpte = env->external_htab + (pte_index * HASH_PTE_SIZE_64);
>> +
>> +for (i = 0, ridx = 0; i < n_entries; i++) {
>> +v[i] = ldq_p(hpte);
>> +r[i] = ldq_p(hpte + (HASH_PTE_SIZE_64/2));
>
> There's no need for the v and r arrays.  You can just need temporaries
> for one entry as you store them one-by-one into args.
>
> Otherwise looks good.
>
> --
> David Gibson| I'll have my music baroque, and my code
> david AT gibson.dropbear.id.au  | minimalist, thank you.  NOT _the_ _other_
> | _way_ _around_!
> http://www.ozlabs.org/~dgibson

Re: [Qemu-devel] [Qemu-ppc] [PATCH qom-cpu-next] spapr_hcall: Replace open-coded CPU loop with qemu_get_cpu()

[David Gibson]

On Fri, Feb 15, 2013 at 05:44:16PM +0100, Alexander Graf wrote:
> 
> On 15.02.2013, at 16:49, Andreas Färber wrote:
> 
> > The helper functions all access ppc-specific fields only so don't bother
> > to change arguments to PowerPCCPU and use env_ptr instead.
> > 
> > No functional change.
> > 
> > Signed-off-by: Andreas Färber 
> 
> Acked-by: Alexander Graf 
Acked-by: David Gibson 

-- 
David Gibson| I'll have my music baroque, and my code
david AT gibson.dropbear.id.au  | minimalist, thank you.  NOT _the_ _other_
| _way_ _around_!
http://www.ozlabs.org/~dgibson


signature.asc
Description: Digital signature

Re: [Qemu-devel] [Qemu-ppc] [PATCH] pseries: Implements h_read hcall

[David Gibson]

On Fri, Feb 15, 2013 at 08:59:35AM -0200, Erlon Cruz wrote:
> From: Erlon Cruz 
> 
> This h_call is useful for DLPAR in future amongst other things. Given an index
> it fetches the corresponding PTE stored in the htab.
> 
> Signed-off-by: Erlon Cruz 
> ---
>  hw/spapr_hcall.c |   34 ++
>  1 file changed, 34 insertions(+)
> 
> diff --git a/hw/spapr_hcall.c b/hw/spapr_hcall.c
> index 2889742..1065277 100644
> --- a/hw/spapr_hcall.c
> +++ b/hw/spapr_hcall.c
> @@ -323,6 +323,39 @@ static target_ulong h_protect(PowerPCCPU *cpu, 
> sPAPREnvironment *spapr,
>  return H_SUCCESS;
>  }
>  
> +static target_ulong h_read(PowerPCCPU *cpu, sPAPREnvironment *spapr,
> +target_ulong opcode, target_ulong *args)
> +{
> +CPUPPCState *env = &cpu->env;
> +target_ulong flags = args[0];
> +target_ulong pte_index = args[1];
> +target_ulong v[4], r[4];
> +uint8_t *hpte;
> +int i, ridx, n_entries = 1;
> +
> +if ((pte_index * HASH_PTE_SIZE_64) & ~env->htab_mask) {
> +return H_PARAMETER;
> +}
> +
> +if (flags & H_READ_4) {
> +/* Clear the two low order bits */
> +pte_index &= ~(3ULL);
> +n_entries = 4;
> +}
> +
> +hpte = env->external_htab + (pte_index * HASH_PTE_SIZE_64);
> +
> +for (i = 0, ridx = 0; i < n_entries; i++) {
> +v[i] = ldq_p(hpte);
> +r[i] = ldq_p(hpte + (HASH_PTE_SIZE_64/2));

There's no need for the v and r arrays.  You can just need temporaries
for one entry as you store them one-by-one into args.

Otherwise looks good.

-- 
David Gibson| I'll have my music baroque, and my code
david AT gibson.dropbear.id.au  | minimalist, thank you.  NOT _the_ _other_
| _way_ _around_!
http://www.ozlabs.org/~dgibson


signature.asc
Description: Digital signature

[Qemu-devel] [Bug 1123975] Re: QEmu 1.3.90 cannot restore a 1.1.2 live snapshot

[Francois Gouget]

> And one more thing -- from what to what are you trying to migrate?

I believe kvm is being used in both cases, though the command is
different with QEmu 1.3.90. I have redone tests where I kept libvirt set
to 1.0.2 and only switched between QEmu 1.1.2 and 1.3.90 to minimize the
changes. So here the only difference is 'apt-get install -t experimental
qemu'.

Here is what 'ps aux' shows me:

libvirt 1.0.2-2 + QEmu 1.1.2

127  12841 92.7  4.6 1078272 189128 ?  Sl   00:45  10:46
/usr/bin/kvm -name fgtbwinxp -S -M pc-1.1 -cpu
Penryn,+pdcm,+xtpr,+tm2,+est,+smx,+vmx,+ds_cpl,+monitor,+dtes64,+pbe,+tm,+ht,+ss,+acpi,+ds,+vme
-enable-kvm -m 768 -smp 2,sockets=2,cores=1,threads=1 -uuid e624f2c9
-80fd-26c7-a38a-0f0e49b6b719 -no-user-config -nodefaults -chardev
socket,id=charmonitor,path=/var/lib/libvirt/qemu/fgtbwinxp.monitor,server,nowait
-mon chardev=charmonitor,id=monitor,mode=control -rtc base=localtime
-no-shutdown -device piix3-usb-uhci,id=usb,bus=pci.0,addr=0x1.0x2 -drive
file=/mnt/storage1/qemu/fgtbwinxp.img,if=none,id=drive-
ide0-0-0,format=qcow2,cache=writeback -device ide-
hd,bus=ide.0,unit=0,drive=drive-ide0-0-0,id=ide0-0-0,bootindex=1 -drive
if=none,id=drive-ide0-1-0,readonly=on,format=raw -device ide-
cd,bus=ide.1,unit=0,drive=drive-ide0-1-0,id=ide0-1-0 -netdev
tap,fd=23,id=hostnet0 -device
rtl8139,netdev=hostnet0,id=net0,mac=52:54:00:c7:0e:97,bus=pci.0,addr=0x3
-chardev pty,id=charserial0 -device isa-
serial,chardev=charserial0,id=serial0 -device usb-tablet,id=input0 -vnc
127.0.0.1:0 -vga vmware -device intel-hda,id=sound0,bus=pci.0,addr=0x4
-device hda-duplex,id=sound0-codec0,bus=sound0.0,cad=0 -device virtio-
balloon-pci,id=balloon0,bus=pci.0,addr=0x5 -loadvm wtb

With libvirt 1.0.2-2 + QEmu 1.3.90
127  18709 39.7  0.8 1075732 35304 ?   Sl   01:39   0:05 
qemu-system-x86_64 -machine accel=kvm:tcg -name fgtbwinxp -S -M pc-1.1 -cpu 
Penryn,+pdcm,+xtpr,+tm2,+est,+smx,+vmx,+ds_cpl,+monitor,+dtes64,+pbe,+tm,+ht,+ss,+acpi,+ds,+vme
 -m 768 -smp 2,sockets=2,cores=1,threads=1 -uuid 
e624f2c9-80fd-26c7-a38a-0f0e49b6b719 -no-user-config -nodefaults -chardev 
socket,id=charmonitor,path=/var/lib/libvirt/qemu/fgtbwinxp.monitor,server,nowait
 -mon chardev=charmonitor,id=monitor,mode=control -rtc base=localtime 
-no-shutdown -device piix3-usb-uhci,id=usb,bus=pci.0,addr=0x1.0x2 -drive 
file=/mnt/storage1/qemu/fgtbwinxp.img,if=none,id=drive-ide0-0-0,format=qcow2,cache=writeback
 -device ide-hd,bus=ide.0,unit=0,drive=drive-ide0-0-0,id=ide0-0-0,bootindex=1 
-drive if=none,id=drive-ide0-1-0,readonly=on,format=raw -device 
ide-cd,bus=ide.1,unit=0,drive=drive-ide0-1-0,id=ide0-1-0 -netdev 
tap,fd=23,id=hostnet0 -device 
rtl8139,netdev=hostnet0,id=net0,mac=52:54:00:c7:0e:97,bus=pci.0,addr=0x3 
-chardev pty,id=charserial0 -device isa-serial,chardev=charserial0,id=serial0 
-device usb-tablet,id=input0 -vnc 127.0.0.1:0 -vga vmware -device 
intel-hda,id=sound0,bus=pci.0,addr=0x4 -device 
hda-duplex,id=sound0-codec0,bus=sound0.0,cad=0 -device 
virtio-balloon-pci,id=balloon0,bus=pci.0,addr=0x5 -loadvm wtb


There's a wrinkle I missed in my original report: the behavior is different 
depending on whether the VM is already running or not.

$ virsh --connect qemu:///system destroy fgtbwinxp
$ virsh --connect qemu:///system snapshot-revert fgtbwinxp wtb;echo $?
0
# This command looks like it succeeds but in fact I see the VM booting Windows. 
So either the live state was not restored at all or it crashed before 
virt-viewer could connect.
$ virsh --connect qemu:///system snapshot-revert fgtbwinxp wtb;echo $?
error: operation failed: Error -22 while loading VM state
1


> But at any rate, I never recommended any sort of cross-version migration
> as in practice, despite countless efforts spent to make it to work, it
> almost always does NOT work.

Ouch. I expect to end up with about 50 live snapshots. It would be
pretty annoying to have to redo all of them every time I upgrade QEmu /
KVM :-(

-- 
You received this bug notification because you are a member of qemu-
devel-ml, which is subscribed to QEMU.
https://bugs.launchpad.net/bugs/1123975

Title:
  QEmu 1.3.90 cannot restore a 1.1.2 live snapshot

Status in QEMU:
  New

Bug description:
  I have upgraded to QEmu 1.3.90 (Debian 1.4.0~rc0+dfsg-1exp) but now
  when I try to restore a live snapshot made in QEmu 1.1.2 (Debian
  1.1.2+dfsg-5) I get the following message:

  virsh # snapshot-revert fgtbbuild wtb
  error: operation failed: Error -22 while loading VM state

  I have test VMs with live snapshots coreresponding to different
  testing configurations. So I typically revert the VMs in one of the
  live snapshots and run the tests. It would be pretty annoying to have
  to recreate all these live snapshots any time I upgrade QEmu.

  
  ipxe-qemu  1.0.0+git-20120202.f6840ba-3
  qemu   1.4.0~rc0+dfsg-1exp
  qemu-keymaps   1.4.0~rc0+dfsg-1exp
  qemu-kvm   1.4

Re: [Qemu-devel] [PATCH 1/1] highbank: set default power domain register

[Peter Maydell]

On 16 February 2013 22:27, Jean-Christophe PLAGNIOL-VILLARD
 wrote:
> at 0xfff3cf20 enable SATA, MMC, PCI

This commit message is way too cryptic.

> c: Rob Herring 

You typo'd "cc" here so git didn't auto-cc Rob; I've added him to the
cc list by hand.

> Signed-off-by: Jean-Christophe PLAGNIOL-VILLARD 
> ---
>  hw/highbank.c |2 ++
>  1 file changed, 2 insertions(+)
>
> diff --git a/hw/highbank.c b/hw/highbank.c
> index defcc09..64aef30 100644
> --- a/hw/highbank.c
> +++ b/hw/highbank.c
> @@ -143,6 +143,7 @@ static void highbank_regs_reset(DeviceState *dev)
>  s->regs[0x41] = 0x2;
>  s->regs[0x42] = 0x05F30121;
>  s->regs[0x43] = 0x05F40121;
> +s->regs[0x3C8] = 0xE000;
>  }
>
>  static int highbank_regs_init(SysBusDevice *dev)
> @@ -153,6 +154,7 @@ static int highbank_regs_init(SysBusDevice *dev)
>  memory_region_init_io(s->iomem, &hb_mem_ops, s->regs, "highbank_regs",
>0x1000);
>  sysbus_init_mmio(dev, s->iomem);
> +s->regs[0x3C8] = 0xE000;

This line is definitely unnecessary -- the reset function will
be called after init.

>  return 0;
>  }
> --
> 1.7.10.4
>

thanks
-- PMM

Re: [Qemu-devel] qemu on MacOS, failing to respond to ctrl-C

[Peter Maydell]

On 17 February 2013 00:19, Peter Maydell  wrote:
> [why doesn't MacOS QEMU exit on ctrl-C?]
> What seems to happen is that the other thread nips in and
> does the sigreturn/sigprocmask/sigaltstack stuff, and
> it's messing with the signal mask for the whole process.
> (dtruss also tell me 0x6f8c53 is the TCG CPU thread.)

Found it! The culprit is the setjmp/longjmp in cpu-exec.c.
On Linux these don't save and restore the process signal mask
(you use sigsetjmp/siglongjmp for that). However on BSD setjmp
and longjmp do save and restore the process signal mask, so
when we do the longjmp in the CPU thread we end up setting the
mask for every thread to the restrictive mask used by the
CPU thread. Then SIGTERM and SIGINT are blocked for every
thread and have no effect on QEMU.

So, we can fix this MacOS issue by replacing all our current
setjmp() and longjmp() with sigsetjmp(buf, 0) and siglongjmp()
[which is the POSIX mandated way to say "definitely don't
change the signal mask", avoiding the undefined effect
on the signal mask that plain longjmp has.] (I guess that
might require some compat layer for win32 builds, which
is trivial enough.)

However, having thought about this I'm now a bit dubious about
the use of longjmp in cpu_resume_from_signal() -- this is
jumping out of a signal handler, so if we do nothing with
the signal mask surely we'll end up running the CPU thread
with that signal blocked when it was not before? I don't know
why this doesn't cause issues on Linux...

-- PMM

[Qemu-devel] qemu on MacOS, failing to respond to ctrl-C

[Peter Maydell]

So I spent some time today investigating why ctrl-C doesn't quit
QEMU on MacOS. This is a specific instance of a general issue which
is that signals like SIGINT and SIGTERM don't end up in the os-posix.c
termination handler like they should.

(1) MacOS debug tools are deeply unhelpful here:
 (a) running under gdb() breaks sigwait()
 (b) dtrace probes for signal-send/signal-discard don't actually
 cover all the cases of a signal being sent, so neither trigger
 when you do a 'kill -TERM' of QEMU in this state

(2) Weird Stuff seems to be happening: it turns out the the reason
these signals don't work is that the main thread ends up with them
blocked, so with no thread with SIGTERM &c unblocked they just get
endlessly ignored.

I ended up adding logging printf()s all over the place which print the
thread ID and the current state of SIGTERM (blocked/unblocked).
The interesting bit is in this logging:

sigdebug: about to pthread_mutex_lock: TID 0x7fff7c1c1180: SIGTERM: unblocked
sigdebug: done pthread_mutex_lock: TID 0x7fff7c1c1180: SIGTERM: blocked

which is around the pthread_mutex_lock() call in qemu_mutex_lock().
We go in with SIGTERM unblocked, we come out with it locked...

dtruss says:

13176/0x6f8c35:  __pthread_sigmask(0x3, 0x0, 0x7FFF59F311AC) = 0 0
13176/0x6f8c35:  write_nocancel(0x1, "sigdebug: about to
pthread_mutex_lock: TID 0x7fff7c1c1180: SIGTERM: unblocked\n\0", 0x4E)
 = 78 0
13176/0x6f8c53:  sigreturn(0x10BB07878, 0x1E, 0xAB5BB6621A84A222)
  = 0 Err#-2
13176/0x6f8c53:  sigprocmask(0x3, 0x10BB07DB0, 0x0)  = 0x0 0
13176/0x6f8c53:  sigreturn(0x0, 0x8000, 0x0) = 0 0
13176/0x6f8c53:  sigprocmask(0x1, 0x0, 0x10BB07DD0)  = 0x0 0
13176/0x6f8c53:  sigaltstack(0x0, 0x10BB07DC0, 0x0)  = 0 0
13176/0x6f8c53:  psynch_cvwait(0x106714B78, 0x10100, 0x0)= 0 0
13176/0x6f8c35:  psynch_mutexwait(0x106714BA8, 0x543, 0x300)
  = 1283 0
13176/0x6f8c35:  __pthread_sigmask(0x3, 0x0, 0x7FFF59F311AC) = 0 0
13176/0x6f8c35:  write_nocancel(0x1, "sigdebug: done
pthread_mutex_lock: TID 0x7fff7c1c1180: SIGTERM: blocked\n\0", 0x48)
 = 72 0

What seems to happen is that the other thread nips in and
does the sigreturn/sigprocmask/sigaltstack stuff, and
it's messing with the signal mask for the whole process.
(dtruss also tell me 0x6f8c53 is the TCG CPU thread.)

However I have no idea where the sigaltstack comes from,
since we're using the gthread coroutine backend, not the
sigaltstack one. Anybody got any ideas?

(I may look further at this tomorrow...)

-- PMM

[Qemu-devel] [PATCH 1/1] highbank: set default power domain register

[Jean-Christophe PLAGNIOL-VILLARD]

at 0xfff3cf20 enable SATA, MMC, PCI

c: Rob Herring 
Signed-off-by: Jean-Christophe PLAGNIOL-VILLARD 
---
 hw/highbank.c |2 ++
 1 file changed, 2 insertions(+)

diff --git a/hw/highbank.c b/hw/highbank.c
index defcc09..64aef30 100644
--- a/hw/highbank.c
+++ b/hw/highbank.c
@@ -143,6 +143,7 @@ static void highbank_regs_reset(DeviceState *dev)
 s->regs[0x41] = 0x2;
 s->regs[0x42] = 0x05F30121;
 s->regs[0x43] = 0x05F40121;
+s->regs[0x3C8] = 0xE000;
 }
 
 static int highbank_regs_init(SysBusDevice *dev)
@@ -153,6 +154,7 @@ static int highbank_regs_init(SysBusDevice *dev)
 memory_region_init_io(s->iomem, &hb_mem_ops, s->regs, "highbank_regs",
   0x1000);
 sysbus_init_mmio(dev, s->iomem);
+s->regs[0x3C8] = 0xE000;
 
 return 0;
 }
-- 
1.7.10.4

[Qemu-devel] [PATCH buildfix] tcg/ppc: Fix build of tcg_qemu_tb_exec()

[Andreas Färber]

Commit 0b0d3320db74cde233ee7855ad32a9c121d20eb4 (TCG: Final globals
clean-up) moved code_gen_prologue but forgot to update ppc code.
This broke the build on 32-bit ppc. ppc64 is unaffected.

Cc: Evgeny Voevodin 
Cc: Blue Swirl 
Signed-off-by: Andreas Färber 
---
 tcg/ppc/tcg-target.h |2 +-
 1 Datei geändert, 1 Zeile hinzugefügt(+), 1 Zeile entfernt(-)

diff --git a/tcg/ppc/tcg-target.h b/tcg/ppc/tcg-target.h
index ea26769..0fdad04 100644
--- a/tcg/ppc/tcg-target.h
+++ b/tcg/ppc/tcg-target.h
@@ -99,6 +99,6 @@ typedef enum {
 
 #define tcg_qemu_tb_exec(env, tb_ptr) \
 ((long __attribute__ ((longcall)) \
-  (*)(void *, void *))code_gen_prologue)(env, tb_ptr)
+  (*)(void *, void *))tcg_ctx.code_gen_prologue)(env, tb_ptr)
 
 #endif
-- 
1.7.10.4

Re: [Qemu-devel] [PATCH V23 4/7] Build the TPM frontend code

[Stefan Berger]

On 02/16/2013 06:19 AM, Andreas Färber wrote:

@@ -1 +1,2 @@
  common-obj-y = tpm.o
+common-obj-$(CONFIG_TPM) += tpm_tis.o
Some softmmus might not even support ISA, so this needs to be
conditional on more than just the host's $(CONFIG_TPM), it should be a
combination of the host's CONFIG_TPM=y and CONFIG_TPM_TIS=y in
default-configs/{i386,x86_64}-softmmu.config or similar.


I am having some tough problems here getting the above suggestion 
implemented and building for example for i386 and x86_64 while not 
building TPM for other targets. as Andreas suggested, ISA may not be 
available or TPM may not be typically available. The problems I am 
facing are related to CONFIG_TPM and CONFIG_TPM_PASSTHROUGH being used 
in vl.c and qemu-options.hx and for example vl.c #include'ing 
config-host.h, which then gives it access to those #defines.


from qemu-options.hx

 #ifdef CONFIG_TPM
+# ifdef CONFIG_TPM_PASSTHROUGH
 DEFHEADING(TPM device options:)

 DEF("tpmdev", HAS_ARG, QEMU_OPTION_tpmdev, \
-"-tpmdev [],id=str[,option][,option][,...]\n",
+"-tpmdev passthrough,id=id[,path=path]\n"
+"use path to provide path to a character device; default is 
/dev/tpm0\n",
 QEMU_ARCH_ALL)
 STEXI


I believe the above makes sense. It only shows the -tpmdev passthrough option 
as being available if in fact the passthrough device has been compiled in. 
CONFIG_TPM and CONFIG_TPM_PASSTHROUGH are created through ./configure 
--enable-tpm and --enable-tpm-passthrough respectively and end up in 
config-host.h. Config-host.h is not a problem to include in qemu-options.hx and 
also not in vl.c:

The following is from vl.c where we restrict the -tpmdev option to only be 
available if the TPM passthrough was compiled in. The restriction with the 
#define's is necessary due to similar restrictions in qemu-options.hx.

 #ifdef CONFIG_TPM
+# ifdef CONFIG_TPM_PASSTHROUGH
 case QEMU_OPTION_tpmdev:
 if (tpm_config_parse(qemu_find_opts("tpmdev"), optarg) < 0) {
 exit(1);
 }
 break;
+# endif
 #endif

I have tried to make CONFIG_TPM and CONFIG_TPM_PASSTHROUGH target-specific 
#defines by having them written for example into i386-softmmu/config-target.h. 
Once I do that I get problems #includ'ing the config-target.h from vl.c for 
example. Vl.c does not see the necessary -include path to config-target.h via 
gcc as for example exec.c sees it. So it's not compileable this way and I would 
have to have vl.c built as part of obj-y rather than common-obj-y.

Even though soundhw may not be considered a good model to follow, the following 
patch allows me to build for different architectures and simply disable the 
usage of the TPM by reducing the choices the user has:


---
 Makefile.objs |1 +
 configure |8 
 tpm/Makefile.objs |2 +-
 3 files changed, 10 insertions(+), 1 deletion(-)

Index: qemu-git.pt/configure
===
--- qemu-git.pt.orig/configure
+++ qemu-git.pt/configure
@@ -4279,6 +4279,14 @@ if test "$tpm" = "yes"; then
   fi
 fi
 
+if test "$target_softmmu" = "yes" ; then

+  case "$TARGET_BASE_ARCH" in
+  i386|x86_64)
+cflags="-DHAS_TPM_CHOICE $cflags"
+  ;;
+  esac
+fi
+
 if test "$ARCH" = "tci"; then
   linker_script=""
 else
Index: qemu-git.pt/tpm/Makefile.objs
===
--- qemu-git.pt.orig/tpm/Makefile.objs
+++ qemu-git.pt/tpm/Makefile.objs
@@ -1,3 +1,3 @@
-common-obj-y = tpm.o
+obj-y = tpm.o
 common-obj-$(CONFIG_TPM) += tpm_tis.o tpm_backend.o
 common-obj-$(CONFIG_TPM_PASSTHROUGH) += tpm_passthrough.o
Index: qemu-git.pt/Makefile.objs
===
--- qemu-git.pt.orig/Makefile.objs
+++ qemu-git.pt/Makefile.objs
@@ -75,6 +75,7 @@ common-obj-y += dma-helpers.o
 common-obj-y += qtest.o
 common-obj-y += vl.o
 common-obj-y += tpm/
+obj-y += tpm/
 
 common-obj-$(CONFIG_SLIRP) += slirp/
 

tpm/tpm.o has to be built as part of obj-y to 'see' -DHAS_TPM_CHOICE. 
This is similar to arch_init.o being built as part of obj-y to see 
-DHAS_AUDIO_CHOICE.


I have now been wrestling with this challenge for a couple of hours. 
Please let me know how to go about it. I tried several paths but some 
end up with above mentioned compilation problems.


Thanks and regards,
Stefan

Re: [Qemu-devel] fixing qemu busy wait

[Richard Henderson]

On 2013-02-15 03:12, Orr Dvory wrote:

when debugging with qemu(user mode), qemu waits in infinite loop to read
a signal from gdb (when it waits on breakpoint for example).
I added sleeps to reduce the cpu usage from 100% to about ~0%.



Wouldn't it be better to toggle the O_NONBLOCK state of the file 
descriptor across this loop?



r~

[Qemu-devel] [PATCH v4 1/3] libqtest: Convert macros to functions and clean up documentation

[Andreas Färber]

libqtest.h provides a number of shortcut macros to avoid tests feeding
it the QTestState they operate on. Most of these can easily be turned
into static inline functions, so let's do that for clarity.
This avoids getting off-by-one error messages when passing wrong args.

Some macros had a val argument but documented @value argument. Fix this.

While touching things, enforce gtk-doc markup for return values and for
referencing types.

Signed-off-by: Andreas Färber 
---
 tests/libqtest.h |  160 +-
 1 Datei geändert, 110 Zeilen hinzugefügt(+), 50 Zeilen entfernt(-)

diff --git a/tests/libqtest.h b/tests/libqtest.h
index 110e2ec..a111c9c 100644
--- a/tests/libqtest.h
+++ b/tests/libqtest.h
@@ -26,12 +26,14 @@ extern QTestState *global_qtest;
 /**
  * qtest_init:
  * @extra_args: other arguments to pass to QEMU.
+ *
+ * Returns: #QTestState instance.
  */
 QTestState *qtest_init(const char *extra_args);
 
 /**
  * qtest_quit:
- * @s: QTestState instance to operate on.
+ * @s: #QTestState instance to operate on.
  *
  * Shut down the QEMU process associated to @s.
  */
@@ -39,7 +41,7 @@ void qtest_quit(QTestState *s);
 
 /**
  * qtest_qmp:
- * @s: QTestState instance to operate on.
+ * @s: #QTestState instance to operate on.
  * @fmt...: QMP message to send to qemu
  *
  * Sends a QMP message to QEMU
@@ -48,16 +50,16 @@ void qtest_qmp(QTestState *s, const char *fmt, ...);
 
 /**
  * qtest_get_irq:
- * @s: QTestState instance to operate on.
+ * @s: #QTestState instance to operate on.
  * @num: Interrupt to observe.
  *
- * Return the level of the @num interrupt.
+ * Returns: The level of the @num interrupt.
  */
 bool qtest_get_irq(QTestState *s, int num);
 
 /**
  * qtest_irq_intercept_in:
- * @s: QTestState instance to operate on.
+ * @s: #QTestState instance to operate on.
  * @string: QOM path of a device.
  *
  * Associate qtest irqs with the GPIO-in pins of the device
@@ -67,7 +69,7 @@ void qtest_irq_intercept_in(QTestState *s, const char 
*string);
 
 /**
  * qtest_irq_intercept_out:
- * @s: QTestState instance to operate on.
+ * @s: #QTestState instance to operate on.
  * @string: QOM path of a device.
  *
  * Associate qtest irqs with the GPIO-out pins of the device
@@ -77,7 +79,7 @@ void qtest_irq_intercept_out(QTestState *s, const char 
*string);
 
 /**
  * qtest_outb:
- * @s: QTestState instance to operate on.
+ * @s: #QTestState instance to operate on.
  * @addr: I/O port to write to.
  * @value: Value being written.
  *
@@ -87,7 +89,7 @@ void qtest_outb(QTestState *s, uint16_t addr, uint8_t value);
 
 /**
  * qtest_outw:
- * @s: QTestState instance to operate on.
+ * @s: #QTestState instance to operate on.
  * @addr: I/O port to write to.
  * @value: Value being written.
  *
@@ -97,7 +99,7 @@ void qtest_outw(QTestState *s, uint16_t addr, uint16_t value);
 
 /**
  * qtest_outl:
- * @s: QTestState instance to operate on.
+ * @s: #QTestState instance to operate on.
  * @addr: I/O port to write to.
  * @value: Value being written.
  *
@@ -107,7 +109,7 @@ void qtest_outl(QTestState *s, uint16_t addr, uint32_t 
value);
 
 /**
  * qtest_inb:
- * @s: QTestState instance to operate on.
+ * @s: #QTestState instance to operate on.
  * @addr: I/O port to read from.
  *
  * Returns an 8-bit value from an I/O port.
@@ -116,7 +118,7 @@ uint8_t qtest_inb(QTestState *s, uint16_t addr);
 
 /**
  * qtest_inw:
- * @s: QTestState instance to operate on.
+ * @s: #QTestState instance to operate on.
  * @addr: I/O port to read from.
  *
  * Returns a 16-bit value from an I/O port.
@@ -125,7 +127,7 @@ uint16_t qtest_inw(QTestState *s, uint16_t addr);
 
 /**
  * qtest_inl:
- * @s: QTestState instance to operate on.
+ * @s: #QTestState instance to operate on.
  * @addr: I/O port to read from.
  *
  * Returns a 32-bit value from an I/O port.
@@ -134,7 +136,7 @@ uint32_t qtest_inl(QTestState *s, uint16_t addr);
 
 /**
  * qtest_memread:
- * @s: QTestState instance to operate on.
+ * @s: #QTestState instance to operate on.
  * @addr: Guest address to read from.
  * @data: Pointer to where memory contents will be stored.
  * @size: Number of bytes to read.
@@ -145,7 +147,7 @@ void qtest_memread(QTestState *s, uint64_t addr, void 
*data, size_t size);
 
 /**
  * qtest_memwrite:
- * @s: QTestState instance to operate on.
+ * @s: #QTestState instance to operate on.
  * @addr: Guest address to write to.
  * @data: Pointer to the bytes that will be written to guest memory.
  * @size: Number of bytes to write.
@@ -156,10 +158,11 @@ void qtest_memwrite(QTestState *s, uint64_t addr, const 
void *data, size_t size)
 
 /**
  * qtest_clock_step_next:
- * @s: QTestState instance to operate on.
+ * @s: #QTestState instance to operate on.
+ *
+ * Advance the vm_clock to the next deadline.
  *
- * Advance the vm_clock to the next deadline.  Return the current
- * value of the vm_clock in nanoseconds.
+ * Returns: The current value of the vm_clock in nanoseconds.
  */
 int64_t qtest_clock_step

[Qemu-devel] [PATCH v4 3/3] qtest: Add MMIO support

[Andreas Färber]

Introduce [qtest_]{read,write}[bwlq]() libqtest functions and
corresponding QTest protocol commands to replace local versions in
libi2c-omap.c.

Also convert m48t59-test's cmos_{read,write}_mmio() to {read,write}b().

Signed-off-by: Andreas Färber 
---
 Makefile.objs   |1 -
 Makefile.target |1 +
 qtest.c |   81 ++
 tests/libi2c-omap.c |   23 ---
 tests/libqtest.c|   62 +
 tests/libqtest.h|  186 +++
 tests/m48t59-test.c |7 +-
 7 Dateien geändert, 332 Zeilen hinzugefügt(+), 29 Zeilen entfernt(-)

diff --git a/Makefile.objs b/Makefile.objs
index 21e9c91..a68cdac 100644
--- a/Makefile.objs
+++ b/Makefile.objs
@@ -72,7 +72,6 @@ common-obj-y += ui/
 common-obj-y += bt-host.o bt-vhci.o
 
 common-obj-y += dma-helpers.o
-common-obj-y += qtest.o
 common-obj-y += vl.o
 
 common-obj-$(CONFIG_SLIRP) += slirp/
diff --git a/Makefile.target b/Makefile.target
index 760da1e..ca657b3 100644
--- a/Makefile.target
+++ b/Makefile.target
@@ -109,6 +109,7 @@ CONFIG_NO_GET_MEMORY_MAPPING = $(if $(subst 
n,,$(CONFIG_HAVE_GET_MEMORY_MAPPING)
 CONFIG_NO_CORE_DUMP = $(if $(subst n,,$(CONFIG_HAVE_CORE_DUMP)),n,y)
 
 obj-y += arch_init.o cpus.o monitor.o gdbstub.o balloon.o ioport.o
+obj-y += qtest.o
 obj-y += hw/
 obj-$(CONFIG_KVM) += kvm-all.o
 obj-$(CONFIG_NO_KVM) += kvm-stub.o
diff --git a/qtest.c b/qtest.c
index 4663a38..5e0e9ec 100644
--- a/qtest.c
+++ b/qtest.c
@@ -87,6 +87,30 @@ static bool qtest_opened;
  *  > inl ADDR
  *  < OK VALUE
  *
+ *  > writeb ADDR VALUE
+ *  < OK
+ *
+ *  > writew ADDR VALUE
+ *  < OK
+ *
+ *  > writel ADDR VALUE
+ *  < OK
+ *
+ *  > writeq ADDR VALUE
+ *  < OK
+ *
+ *  > readb ADDR
+ *  < OK VALUE
+ *
+ *  > readw ADDR
+ *  < OK VALUE
+ *
+ *  > readl ADDR
+ *  < OK VALUE
+ *
+ *  > readq ADDR
+ *  < OK VALUE
+ *
  *  > read ADDR SIZE
  *  < OK DATA
  *
@@ -277,6 +301,63 @@ static void qtest_process_command(CharDriverState *chr, 
gchar **words)
 }
 qtest_send_prefix(chr);
 qtest_send(chr, "OK 0x%04x\n", value);
+} else if (strcmp(words[0], "writeb") == 0 ||
+   strcmp(words[0], "writew") == 0 ||
+   strcmp(words[0], "writel") == 0 ||
+   strcmp(words[0], "writeq") == 0) {
+uint64_t addr;
+uint64_t value;
+
+g_assert(words[1] && words[2]);
+addr = strtoull(words[1], NULL, 0);
+value = strtoull(words[2], NULL, 0);
+
+if (words[0][5] == 'b') {
+uint8_t data = value;
+cpu_physical_memory_write(addr, &data, 1);
+} else if (words[0][5] == 'w') {
+uint16_t data = value;
+tswap16s(&data);
+cpu_physical_memory_write(addr, &data, 2);
+} else if (words[0][5] == 'l') {
+uint32_t data = value;
+tswap32s(&data);
+cpu_physical_memory_write(addr, &data, 4);
+} else if (words[0][5] == 'q') {
+uint64_t data = value;
+tswap64s(&data);
+cpu_physical_memory_write(addr, &data, 8);
+}
+qtest_send_prefix(chr);
+qtest_send(chr, "OK\n");
+} else if (strcmp(words[0], "readb") == 0 ||
+   strcmp(words[0], "readw") == 0 ||
+   strcmp(words[0], "readl") == 0 ||
+   strcmp(words[0], "readq") == 0) {
+uint64_t addr;
+uint64_t value = UINT64_C(-1);
+
+g_assert(words[1]);
+addr = strtoull(words[1], NULL, 0);
+
+if (words[0][4] == 'b') {
+uint8_t data;
+cpu_physical_memory_read(addr, &data, 1);
+value = data;
+} else if (words[0][4] == 'w') {
+uint16_t data;
+cpu_physical_memory_read(addr, &data, 2);
+value = tswap16(data);
+} else if (words[0][4] == 'l') {
+uint32_t data;
+cpu_physical_memory_read(addr, &data, 4);
+value = tswap32(data);
+} else if (words[0][4] == 'q') {
+cpu_physical_memory_read(addr, &value, 8);
+tswap64s(&value);
+}
+qtest_send_prefix(chr);
+qtest_send(chr, "OK 0x%016" PRIx64 "\n", value);
 } else if (strcmp(words[0], "read") == 0) {
 uint64_t addr, len, i;
 uint8_t *data;
diff --git a/tests/libi2c-omap.c b/tests/libi2c-omap.c
index b7b10b5..c52458c 100644
--- a/tests/libi2c-omap.c
+++ b/tests/libi2c-omap.c
@@ -49,29 +49,6 @@ typedef struct OMAPI2C {
 } OMAPI2C;
 
 
-/* FIXME Use TBD readw qtest API */
-static inline uint16_t readw(uint64_t addr)
-{
-uint16_t data;
-
-memread(addr, &data, 2);
-return le16_to_cpu(data);
-}
-
-/* FIXME Use TBD writew qtest API */
-static inline void writew(uint64_t addr, uint16_t data)
-{
-data = cpu_to_le16(data);
-memwrite(addr, &data, 2);
-}
-
-#ifdef __GNUC__
-#undef memread
-#undef memwrite
-#pragma GCC poison memread
-#pragma GCC poison memwrite
-#endif
-
 static void om

[Qemu-devel] [PATCH v4 2/3] libqtest: Introduce qtest_qmpv() and convert remaining macro

[Andreas Färber]

In order to convert qmp() macro to an inline function, expose a
qtest_qmpv() function, reused by qtest_qmp().

We can't apply GCC_FMT_ATTR() since fdc-test is using zero-length format
strings, which would result in warnings treated as errors.

Signed-off-by: Andreas Färber 
---
 tests/libqtest.c |   14 ++
 tests/libqtest.h |   20 +++-
 2 Dateien geändert, 29 Zeilen hinzugefügt(+), 5 Zeilen entfernt(-)

diff --git a/tests/libqtest.c b/tests/libqtest.c
index 762dec4..da58ff5 100644
--- a/tests/libqtest.c
+++ b/tests/libqtest.c
@@ -288,16 +288,13 @@ redo:
 return words;
 }
 
-void qtest_qmp(QTestState *s, const char *fmt, ...)
+void qtest_qmpv(QTestState *s, const char *fmt, va_list ap)
 {
-va_list ap;
 bool has_reply = false;
 int nesting = 0;
 
 /* Send QMP request */
-va_start(ap, fmt);
 socket_sendf(s->qmp_fd, fmt, ap);
-va_end(ap);
 
 /* Receive reply */
 while (!has_reply || nesting > 0) {
@@ -326,6 +323,15 @@ void qtest_qmp(QTestState *s, const char *fmt, ...)
 }
 }
 
+void qtest_qmp(QTestState *s, const char *fmt, ...)
+{
+va_list ap;
+
+va_start(ap, fmt);
+qtest_qmpv(s, fmt, ap);
+va_end(ap);
+}
+
 const char *qtest_get_arch(void)
 {
 const char *qemu = getenv("QTEST_QEMU_BINARY");
diff --git a/tests/libqtest.h b/tests/libqtest.h
index a111c9c..f5c6e21 100644
--- a/tests/libqtest.h
+++ b/tests/libqtest.h
@@ -17,6 +17,7 @@
 
 #include 
 #include 
+#include 
 #include 
 
 typedef struct QTestState QTestState;
@@ -49,6 +50,16 @@ void qtest_quit(QTestState *s);
 void qtest_qmp(QTestState *s, const char *fmt, ...);
 
 /**
+ * qtest_qmpv:
+ * @s: #QTestState instance to operate on.
+ * @fmt: QMP message to send to QEMU
+ * @ap: QMP message arguments
+ *
+ * Sends a QMP message to QEMU.
+ */
+void qtest_qmpv(QTestState *s, const char *fmt, va_list ap);
+
+/**
  * qtest_get_irq:
  * @s: #QTestState instance to operate on.
  * @num: Interrupt to observe.
@@ -227,7 +238,14 @@ static inline QTestState *qtest_start(const char *args)
  *
  * Sends a QMP message to QEMU
  */
-#define qmp(fmt, ...) qtest_qmp(global_qtest, fmt, ## __VA_ARGS__)
+static inline void qmp(const char *fmt, ...)
+{
+va_list ap;
+
+va_start(ap, fmt);
+qtest_qmpv(global_qtest, fmt, ap);
+va_end(ap);
+}
 
 /**
  * get_irq:
-- 
1.7.10.4

[Qemu-devel] [PATCH v4 0/3] qtest: tmp105 cleanups and MMIO support

[Andreas Färber]

Hello Anthony,

These are the follow-ups to permanently fix qtest endianness issues.

v4 is a resend of just the qtest stuff from v3, to buy me time to respin tmp105
debug output separately.

Regards,
Andreas

v3 -> v4:
* Split off tmp105-test and tmp105 changes.

v2 -> v3:
* Split off libi2c-omap endianness fix and strtoul() into dedicated for-1.4 
series.
* Compile qtest.c per target to allow target-specific byte swapping.
* Rebased onto libqtest.h documentation fix for 1.4.
* Inserted patches that convert all macros to inline functions.
* Added gtk-doc documentation for functions and for protocol commands.
* Update m48t59-test.c to use readb/writeb as well.

v1 -> v2:
* Add patch with debug output for tmp105.c.
* Add proposal for QTest-level {read,write}w support.

Cc: Anthony Liguori 
Cc: Blue Swirl 
Cc: Alexander Graf 
Cc: Peter Maydell 

Andreas Färber (3):
  libqtest: Convert macros to functions and clean up documentation
  libqtest: Introduce qtest_qmpv() and convert remaining macro
  qtest: Add MMIO support

 Makefile.objs   |1 -
 Makefile.target |1 +
 qtest.c |   81 
 tests/libi2c-omap.c |   23 
 tests/libqtest.c|   76 ++-
 tests/libqtest.h|  366 ---
 tests/m48t59-test.c |7 +-
 7 Dateien geändert, 471 Zeilen hinzugefügt(+), 84 Zeilen entfernt(-)

-- 
1.7.10.4

[Qemu-devel] [PATCH 2/3] host-utils: Improve mulu64 and muls64

[Richard Henderson]

The new formulation makes better use of add-with-carry type insns
that the host may have.  Use gcc's sign adjustment trick to avoid
having to perform a 128-bit negation.

Signed-off-by: Richard Henderson 
---
 util/host-utils.c | 92 +++
 1 file changed, 38 insertions(+), 54 deletions(-)

diff --git a/util/host-utils.c b/util/host-utils.c
index 2d06a2c..f0784d6 100644
--- a/util/host-utils.c
+++ b/util/host-utils.c
@@ -27,79 +27,63 @@
 #include 
 #include "qemu/host-utils.h"
 
-//#define DEBUG_MULDIV
-
 /* Long integer helpers */
 #ifndef CONFIG_INT128
-static void add128 (uint64_t *plow, uint64_t *phigh, uint64_t a, uint64_t b)
-{
-*plow += a;
-/* carry test */
-if (*plow < a)
-(*phigh)++;
-*phigh += b;
-}
-
-static void neg128 (uint64_t *plow, uint64_t *phigh)
+static inline void mul64(uint64_t *plow, uint64_t *phigh,
+ uint64_t a, uint64_t b)
 {
-*plow = ~*plow;
-*phigh = ~*phigh;
-add128(plow, phigh, 1, 0);
-}
-
-static void mul64 (uint64_t *plow, uint64_t *phigh, uint64_t a, uint64_t b)
-{
-uint32_t a0, a1, b0, b1;
-uint64_t v;
-
-a0 = a;
-a1 = a >> 32;
-
-b0 = b;
-b1 = b >> 32;
+typedef union {
+uint64_t ll;
+struct {
+#ifdef HOST_WORDS_BIGENDIAN
+uint32_t high, low;
+#else
+uint32_t low, high;
+#endif
+} l;
+} LL;
+LL rl, rm, rn, rh, a0, b0;
+uint64_t c;
 
-v = (uint64_t)a0 * (uint64_t)b0;
-*plow = v;
-*phigh = 0;
+a0.ll = a;
+b0.ll = b;
 
-v = (uint64_t)a0 * (uint64_t)b1;
-add128(plow, phigh, v << 32, v >> 32);
+rl.ll = (uint64_t)a0.l.low * b0.l.low;
+rm.ll = (uint64_t)a0.l.low * b0.l.high;
+rn.ll = (uint64_t)a0.l.high * b0.l.low;
+rh.ll = (uint64_t)a0.l.high * b0.l.high;
 
-v = (uint64_t)a1 * (uint64_t)b0;
-add128(plow, phigh, v << 32, v >> 32);
+c = (uint64_t)rl.l.high + rm.l.low + rn.l.low;
+rl.l.high = c;
+c >>= 32;
+c = c + rm.l.high + rn.l.high + rh.l.low;
+rh.l.low = c;
+rh.l.high += (uint32_t)(c >> 32);
 
-v = (uint64_t)a1 * (uint64_t)b1;
-*phigh += v;
+*plow = rl.ll;
+*phigh = rh.ll;
 }
 
 /* Unsigned 64x64 -> 128 multiplication */
 void mulu64 (uint64_t *plow, uint64_t *phigh, uint64_t a, uint64_t b)
 {
 mul64(plow, phigh, a, b);
-#if defined(DEBUG_MULDIV)
-printf("mulu64: 0x%016llx * 0x%016llx = 0x%016llx%016llx\n",
-   a, b, *phigh, *plow);
-#endif
 }
 
 /* Signed 64x64 -> 128 multiplication */
 void muls64 (uint64_t *plow, uint64_t *phigh, int64_t a, int64_t b)
 {
-int sa, sb;
+uint64_t rh;
 
-sa = (a < 0);
-if (sa)
-a = -a;
-sb = (b < 0);
-if (sb)
-b = -b;
-mul64(plow, phigh, a, b);
-if (sa ^ sb) {
-neg128(plow, phigh);
+mul64(plow, &rh, a, b);
+
+/* Adjust for signs.  */
+if (b < 0) {
+rh -= a;
 }
-#if defined(DEBUG_MULDIV)
-printf("muls64: 0x%016llx * 0x%016llx = 0x%016llx%016llx\n",
-   a, b, *phigh, *plow);
-#endif
+if (a < 0) {
+rh -= b;
+}
+*phigh = rh;
 }
 #endif /* !CONFIG_INT128 */
-- 
1.8.1.2

[Qemu-devel] [PATCH 3/3] tests: Add unit tests for mulu64 and muls64

[Richard Henderson]

Signed-off-by: Richard Henderson 
---
 tests/Makefile |  6 -
 tests/test-mul64.c | 70 ++
 2 files changed, 75 insertions(+), 1 deletion(-)
 create mode 100644 tests/test-mul64.c

diff --git a/tests/Makefile b/tests/Makefile
index a2d62b8..567e36e 100644
--- a/tests/Makefile
+++ b/tests/Makefile
@@ -54,6 +54,8 @@ check-unit-y += tests/test-xbzrle$(EXESUF)
 gcov-files-test-xbzrle-y = xbzrle.c
 check-unit-y += tests/test-cutils$(EXESUF)
 gcov-files-test-cutils-y += util/cutils.c
+check-unit-y += tests/test-mul64$(EXESUF)
+gcov-files-test-mul64-y = util/host-utils.c
 
 check-block-$(CONFIG_POSIX) += tests/qemu-iotests-quick.sh
 
@@ -82,7 +84,7 @@ test-obj-y = tests/check-qint.o tests/check-qstring.o 
tests/check-qdict.o \
tests/test-string-input-visitor.o tests/test-qmp-output-visitor.o \
tests/test-qmp-input-visitor.o tests/test-qmp-input-strict.o \
tests/test-qmp-commands.o tests/test-visitor-serialization.o \
-   tests/test-x86-cpuid.o
+   tests/test-x86-cpuid.o tests/test-mul64.o
 
 test-qapi-obj-y = tests/test-qapi-visit.o tests/test-qapi-types.o
 
@@ -124,6 +126,8 @@ tests/test-qmp-input-strict$(EXESUF): 
tests/test-qmp-input-strict.o $(test-qapi-
 tests/test-qmp-commands$(EXESUF): tests/test-qmp-commands.o 
tests/test-qmp-marshal.o $(test-qapi-obj-y) qapi-types.o qapi-visit.o 
libqemuutil.a libqemustub.a
 tests/test-visitor-serialization$(EXESUF): tests/test-visitor-serialization.o 
$(test-qapi-obj-y) libqemuutil.a libqemustub.a
 
+tests/test-mul64$(EXESUF): tests/test-mul64.o libqemuutil.a
+
 tests/rtc-test$(EXESUF): tests/rtc-test.o
 tests/m48t59-test$(EXESUF): tests/m48t59-test.o
 tests/fdc-test$(EXESUF): tests/fdc-test.o
diff --git a/tests/test-mul64.c b/tests/test-mul64.c
new file mode 100644
index 000..a0a17f7
--- /dev/null
+++ b/tests/test-mul64.c
@@ -0,0 +1,70 @@
+/*
+ * Test 64x64 -> 128 multiply subroutines
+ *
+ * This work is licensed under the terms of the GNU LGPL, version 2 or later.
+ * See the COPYING.LIB file in the top-level directory.
+ *
+ */
+
+#include 
+#include 
+#include "qemu/host-utils.h"
+#include "qemu/osdep.h"
+
+
+typedef struct {
+uint64_t a, b;
+uint64_t rh, rl;
+} Test;
+
+static const Test test_u_data[] = {
+{ 1, 1, 0, 1 },
+{ 1, 1, 0, 1 },
+{ 0xULL, 2, 1, 0xfffeULL },
+{ 0xULL, 0xULL,
+  0xfffeULL, 0x0001ULL },
+{ 0x1122334455667788ull, 0x8877665544332211ull,
+  0x092228fb777ae38full, 0x0a3e963337c60008ull },
+};
+
+static const Test test_s_data[] = {
+{ 1, 1, 0, 1 },
+{ 1, -1, -1, -1 },
+{ -10, -10, 0, 100 },
+{ 1, 1, 0, 1 },
+{ -1, 2, -1, -2 },
+{ 0x1122334455667788ULL, 0x1122334455667788ULL,
+  0x01258f60bbc2975cULL, 0x1eace4a3c82fb840ULL },
+};
+
+static void test_u(void)
+{
+int i;
+
+for (i = 0; i < ARRAY_SIZE(test_u_data); ++i) {
+uint64_t rl, rh;
+mulu64(&rl, &rh, test_u_data[i].a, test_u_data[i].b);
+g_assert_cmpuint(rl, ==, test_u_data[i].rl);
+g_assert_cmpuint(rh, ==, test_u_data[i].rh);
+}
+}
+
+static void test_s(void)
+{
+int i;
+
+for (i = 0; i < ARRAY_SIZE(test_s_data); ++i) {
+uint64_t rl, rh;
+muls64(&rl, &rh, test_s_data[i].a, test_s_data[i].b);
+g_assert_cmpuint(rl, ==, test_s_data[i].rl);
+g_assert_cmpint(rh, ==, test_s_data[i].rh);
+}
+}
+
+int main(int argc, char **argv)
+{
+g_test_init(&argc, &argv, NULL);
+g_test_add_func("/host-utils/mulu64", test_u);
+g_test_add_func("/host-utils/muls64", test_s);
+return g_test_run();
+}
-- 
1.8.1.2

[Qemu-devel] [PATCH 1/3] host-utils: Use __int128_t for mul[us]64

[Richard Henderson]

Replace some x86_64 specific inline assembly with something that
all 64-bit hosts ought to optimize well.  At worst this becomes
a call to the gcc __multi3 routine, which is no worse than our
implementation in util/host-utils.c.

With gcc 4.7, we get identical code generation for x86_64.  We
now get native multiplication on ia64 and s390x hosts.  With minor
improvements to gcc we can get it for ppc64 as well.

Signed-off-by: Richard Henderson 
---
 configure | 20 
 include/qemu/host-utils.h | 17 -
 util/host-utils.c |  4 ++--
 3 files changed, 30 insertions(+), 11 deletions(-)

diff --git a/configure b/configure
index 8789324..bf5970f 100755
--- a/configure
+++ b/configure
@@ -3150,6 +3150,22 @@ if compile_prog "" "" ; then
 cpuid_h=yes
 fi
 
+
+# check if __[u]int128_t is usable.
+
+int128=no
+cat > $TMPC << EOF
+__int128_t a;
+__uint128_t b;
+int main (void) {
+  a = a + b;
+  b = a * b;
+  return 0;
+}
+EOF
+if compile_prog "" "" ; then
+int128=yes
+fi
 
 ##
 # End of CC checks
@@ -3692,6 +3708,10 @@ if test "$cpuid_h" = "yes" ; then
   echo "CONFIG_CPUID_H=y" >> $config_host_mak
 fi
 
+if test "$int128" = "yes" ; then
+  echo "CONFIG_INT128=y" >> $config_host_mak
+fi
+
 if test "$glusterfs" = "yes" ; then
   echo "CONFIG_GLUSTERFS=y" >> $config_host_mak
 fi
diff --git a/include/qemu/host-utils.h b/include/qemu/host-utils.h
index f0dd850..0f688c1 100644
--- a/include/qemu/host-utils.h
+++ b/include/qemu/host-utils.h
@@ -28,22 +28,21 @@
 #include "qemu/compiler.h"   /* QEMU_GNUC_PREREQ */
 #include 
 
-#if defined(__x86_64__)
-#define __HAVE_FAST_MULU64__
+#ifdef CONFIG_INT128
 static inline void mulu64(uint64_t *plow, uint64_t *phigh,
   uint64_t a, uint64_t b)
 {
-__asm__ ("mul %0\n\t"
- : "=d" (*phigh), "=a" (*plow)
- : "a" (a), "0" (b));
+__uint128_t r = (__uint128_t)a * b;
+*plow = r;
+*phigh = r >> 64;
 }
-#define __HAVE_FAST_MULS64__
+
 static inline void muls64(uint64_t *plow, uint64_t *phigh,
   int64_t a, int64_t b)
 {
-__asm__ ("imul %0\n\t"
- : "=d" (*phigh), "=a" (*plow)
- : "a" (a), "0" (b));
+__int128_t r = (__int128_t)a * b;
+*plow = r;
+*phigh = r >> 64;
 }
 #else
 void muls64(uint64_t *phigh, uint64_t *plow, int64_t a, int64_t b);
diff --git a/util/host-utils.c b/util/host-utils.c
index 5e3915a..2d06a2c 100644
--- a/util/host-utils.c
+++ b/util/host-utils.c
@@ -30,7 +30,7 @@
 //#define DEBUG_MULDIV
 
 /* Long integer helpers */
-#if !defined(__x86_64__)
+#ifndef CONFIG_INT128
 static void add128 (uint64_t *plow, uint64_t *phigh, uint64_t a, uint64_t b)
 {
 *plow += a;
@@ -102,4 +102,4 @@ void muls64 (uint64_t *plow, uint64_t *phigh, int64_t a, 
int64_t b)
a, b, *phigh, *plow);
 #endif
 }
-#endif /* !defined(__x86_64__) */
+#endif /* !CONFIG_INT128 */
-- 
1.8.1.2

[Qemu-devel] [PATCH v2 0/3] Improve 64-bit widening multiply

[Richard Henderson]

Version 2 is a simple rebase and conflict fix in the tests/Makefile.


r~


Richard Henderson (3):
  host-utils: Use __int128_t for mul[us]64
  host-utils: Improve mulu64 and muls64
  tests: Add unit tests for mulu64 and muls64

 configure | 20 ++
 include/qemu/host-utils.h | 17 -
 tests/Makefile|  6 ++-
 tests/test-mul64.c| 70 ++
 util/host-utils.c | 96 ---
 5 files changed, 143 insertions(+), 66 deletions(-)
 create mode 100644 tests/test-mul64.c

-- 
1.8.1.2

Re: [Qemu-devel] [PATCH V23 1/7] Support for TPM command line options

[Andreas Färber]

Am 16.02.2013 17:48, schrieb Stefan Berger:
> On 02/16/2013 06:04 AM, Andreas Färber wrote:
>> Am 15.02.2013 20:39, schrieb Stefan Berger:
>>> diff --git a/tpm/tpm_tis.h b/tpm/tpm_tis.h
>>> new file mode 100644
>>> index 000..6cf18bc
>>> --- /dev/null
>>> +++ b/tpm/tpm_tis.h
>>> @@ -0,0 +1,78 @@
>>> +/*
>>> + * tpm_tis.h - QEMU's TPM TIS interface emulator
>>> + *
>>> + * Copyright (C) 2006, 2010-2013 IBM Corporation
>>> + *
>>> + * Authors:
>>> + *  Stefan Berger 
>>> + *  David Safford 
>> Typo in email address?
> 
> No, both are valid email addresses.

Sorry, dunno what I read there...

>>
>>> + *
>>> + * This work is licensed under the terms of the GNU GPL, version 2
>>> or later.
>>> + * See the COPYING file in the top-level directory.
>>> + *
>>> + * Implementation of the TIS interface according to specs found at
>>> + * http://www.trustedcomputiggroup.org
>> Typo.
> Fixed.

Same in 2/7.

Andreas

-- 
SUSE LINUX Products GmbH, Maxfeldstr. 5, 90409 Nürnberg, Germany
GF: Jeff Hawn, Jennifer Guild, Felix Imendörffer; HRB 16746 AG Nürnberg

[Qemu-devel] [PATCH 18/47] target-cris: Move TCG initialization to CRISCPU initfn

[Andreas Färber]

Split out TCG initialization from cpu_cris_init(). Avoid CPUCRISState
dependency for v10-specific initialization and for non-v10 by inlining
the decision into the initfn as well.

Signed-off-by: Andreas Färber 
---
 target-cris/cpu.c   |   10 ++
 target-cris/cpu.h   |3 +++
 target-cris/translate.c |   19 +--
 target-cris/translate_v10.c |5 +
 4 Dateien geändert, 19 Zeilen hinzugefügt(+), 18 Zeilen entfernt(-)

diff --git a/target-cris/cpu.c b/target-cris/cpu.c
index 34c4f75..fedf641 100644
--- a/target-cris/cpu.c
+++ b/target-cris/cpu.c
@@ -70,8 +70,18 @@ static void cris_cpu_initfn(Object *obj)
 {
 CRISCPU *cpu = CRIS_CPU(obj);
 CPUCRISState *env = &cpu->env;
+static bool tcg_initialized;
 
 cpu_exec_init(env);
+
+if (tcg_enabled() && !tcg_initialized) {
+tcg_initialized = true;
+if (env->pregs[PR_VR] < 32) {
+cris_initialize_crisv10_tcg();
+} else {
+cris_initialize_tcg();
+}
+}
 }
 
 static void cris_cpu_class_init(ObjectClass *oc, void *data)
diff --git a/target-cris/cpu.h b/target-cris/cpu.h
index 257cb52..ebf2d40 100644
--- a/target-cris/cpu.h
+++ b/target-cris/cpu.h
@@ -182,6 +182,9 @@ void do_interrupt(CPUCRISState *env);
 int cpu_cris_signal_handler(int host_signum, void *pinfo,
void *puc);
 
+void cris_initialize_tcg(void);
+void cris_initialize_crisv10_tcg(void);
+
 enum {
 CC_OP_DYNAMIC, /* Use env->cc_op  */
 CC_OP_FLAGS,
diff --git a/target-cris/translate.c b/target-cris/translate.c
index 25ff490..25a43fa 100644
--- a/target-cris/translate.c
+++ b/target-cris/translate.c
@@ -3550,8 +3550,6 @@ CRISCPU *cpu_cris_init(const char *cpu_model)
 {
 CRISCPU *cpu;
 CPUCRISState *env;
-static int tcg_initialized = 0;
-int i;
 
 cpu = CRIS_CPU(object_new(TYPE_CRIS_CPU));
 env = &cpu->env;
@@ -3560,21 +3558,16 @@ CRISCPU *cpu_cris_init(const char *cpu_model)
 
 object_property_set_bool(OBJECT(cpu), true, "realized", NULL);
 
-if (tcg_initialized) {
-return cpu;
-}
+return cpu;
+}
 
-tcg_initialized = 1;
+void cris_initialize_tcg(void)
+{
+int i;
 
 #define GEN_HELPER 2
 #include "helper.h"
 
-if (env->pregs[PR_VR] < 32) {
-cpu_crisv10_init(env);
-return cpu;
-}
-
-
 cpu_env = tcg_global_reg_new_ptr(TCG_AREG0, "env");
 cc_x = tcg_global_mem_new(TCG_AREG0,
   offsetof(CPUCRISState, cc_x), "cc_x");
@@ -3614,8 +3607,6 @@ CRISCPU *cpu_cris_init(const char *cpu_model)
offsetof(CPUCRISState, pregs[i]),
pregnames[i]);
 }
-
-return cpu;
 }
 
 void restore_state_to_opc(CPUCRISState *env, TranslationBlock *tb, int pc_pos)
diff --git a/target-cris/translate_v10.c b/target-cris/translate_v10.c
index d2cca89..d6ef084 100644
--- a/target-cris/translate_v10.c
+++ b/target-cris/translate_v10.c
@@ -1257,7 +1257,7 @@ static unsigned int crisv10_decoder(CPUCRISState *env, 
DisasContext *dc)
 return insn_len;
 }
 
-static CPUCRISState *cpu_crisv10_init (CPUCRISState *env)
+void cris_initialize_crisv10_tcg(void)
 {
int i;
 
@@ -1300,7 +1300,4 @@ static CPUCRISState *cpu_crisv10_init (CPUCRISState *env)
   offsetof(CPUCRISState, pregs[i]),
   pregnames_v10[i]);
}
-
-   return env;
 }
-
-- 
1.7.10.4

[Qemu-devel] [PATCH 32/47] mcf_intc: Pass M68kCPU to mcf_intc_init()

[Andreas Färber]

Store it in mcf_intc_state.
Prepares for passing it to m68k_set_irq_level().

Signed-off-by: Andreas Färber 
---
 hw/mcf.h  |2 +-
 hw/mcf5208.c  |   11 +++
 hw/mcf_intc.c |8 
 3 Dateien geändert, 12 Zeilen hinzugefügt(+), 9 Zeilen entfernt(-)

diff --git a/hw/mcf.h b/hw/mcf.h
index dc21028..fbc8dc2 100644
--- a/hw/mcf.h
+++ b/hw/mcf.h
@@ -17,7 +17,7 @@ void mcf_uart_mm_init(struct MemoryRegion *sysmem,
 /* mcf_intc.c */
 qemu_irq *mcf_intc_init(struct MemoryRegion *sysmem,
 hwaddr base,
-CPUM68KState *env);
+M68kCPU *cpu);
 
 /* mcf_fec.c */
 void mcf_fec_init(struct MemoryRegion *sysmem, NICInfo *nd,
diff --git a/hw/mcf5208.c b/hw/mcf5208.c
index 2c9a5dc..86402d3 100644
--- a/hw/mcf5208.c
+++ b/hw/mcf5208.c
@@ -192,6 +192,7 @@ static void mcf5208evb_init(QEMUMachineInitArgs *args)
 ram_addr_t ram_size = args->ram_size;
 const char *cpu_model = args->cpu_model;
 const char *kernel_filename = args->kernel_filename;
+M68kCPU *cpu;
 CPUM68KState *env;
 int kernel_size;
 uint64_t elf_entry;
@@ -201,13 +202,15 @@ static void mcf5208evb_init(QEMUMachineInitArgs *args)
 MemoryRegion *ram = g_new(MemoryRegion, 1);
 MemoryRegion *sram = g_new(MemoryRegion, 1);
 
-if (!cpu_model)
+if (!cpu_model) {
 cpu_model = "m5208";
-env = cpu_init(cpu_model);
-if (!env) {
+}
+cpu = cpu_m68k_init(cpu_model);
+if (!cpu) {
 fprintf(stderr, "Unable to find m68k CPU definition\n");
 exit(1);
 }
+env = &cpu->env;
 
 /* Initialize CPU registers.  */
 env->vbr = 0;
@@ -224,7 +227,7 @@ static void mcf5208evb_init(QEMUMachineInitArgs *args)
 memory_region_add_subregion(address_space_mem, 0x8000, sram);
 
 /* Internal peripherals.  */
-pic = mcf_intc_init(address_space_mem, 0xfc048000, env);
+pic = mcf_intc_init(address_space_mem, 0xfc048000, cpu);
 
 mcf_uart_mm_init(address_space_mem, 0xfc06, pic[26], serial_hds[0]);
 mcf_uart_mm_init(address_space_mem, 0xfc064000, pic[27], serial_hds[1]);
diff --git a/hw/mcf_intc.c b/hw/mcf_intc.c
index 3bed3a2..450f622 100644
--- a/hw/mcf_intc.c
+++ b/hw/mcf_intc.c
@@ -16,7 +16,7 @@ typedef struct {
 uint64_t ifr;
 uint64_t enabled;
 uint8_t icr[64];
-CPUM68KState *env;
+M68kCPU *cpu;
 int active_vector;
 } mcf_intc_state;
 
@@ -40,7 +40,7 @@ static void mcf_intc_update(mcf_intc_state *s)
 }
 }
 s->active_vector = ((best == 64) ? 24 : (best + 64));
-m68k_set_irq_level(s->env, best_level, s->active_vector);
+m68k_set_irq_level(&s->cpu->env, best_level, s->active_vector);
 }
 
 static uint64_t mcf_intc_read(void *opaque, hwaddr addr,
@@ -139,12 +139,12 @@ static const MemoryRegionOps mcf_intc_ops = {
 
 qemu_irq *mcf_intc_init(MemoryRegion *sysmem,
 hwaddr base,
-CPUM68KState *env)
+M68kCPU *cpu)
 {
 mcf_intc_state *s;
 
 s = g_malloc0(sizeof(mcf_intc_state));
-s->env = env;
+s->cpu = cpu;
 mcf_intc_reset(s);
 
 memory_region_init_io(&s->iomem, &mcf_intc_ops, s, "mcf", 0x100);
-- 
1.7.10.4

[Qemu-devel] [PATCH 28/47] target-xtensa: Move TCG initialization to XtensaCPU initfn

[Andreas Färber]

Combine this with breakpoint handler registration, guarding both with
tcg_enabled() to suppress also TCG init for qtest. Rename the handler to
xtensa_breakpoint_handler() since it needs to become global.

Signed-off-by: Andreas Färber 
---
 target-xtensa/cpu.c|7 +++
 target-xtensa/cpu.h|1 +
 target-xtensa/helper.c |   14 +-
 3 Dateien geändert, 9 Zeilen hinzugefügt(+), 13 Zeilen entfernt(-)

diff --git a/target-xtensa/cpu.c b/target-xtensa/cpu.c
index d3706a3..309bb16 100644
--- a/target-xtensa/cpu.c
+++ b/target-xtensa/cpu.c
@@ -71,8 +71,15 @@ static void xtensa_cpu_initfn(Object *obj)
 {
 XtensaCPU *cpu = XTENSA_CPU(obj);
 CPUXtensaState *env = &cpu->env;
+static bool tcg_inited;
 
 cpu_exec_init(env);
+
+if (tcg_enabled() && !tcg_inited) {
+tcg_inited = true;
+xtensa_translate_init();
+cpu_set_debug_excp_handler(xtensa_breakpoint_handler);
+}
 }
 
 static const VMStateDescription vmstate_xtensa_cpu = {
diff --git a/target-xtensa/cpu.h b/target-xtensa/cpu.h
index 5acf78c..dece224 100644
--- a/target-xtensa/cpu.h
+++ b/target-xtensa/cpu.h
@@ -385,6 +385,7 @@ static inline CPUXtensaState *cpu_init(const char 
*cpu_model)
 }
 
 void xtensa_translate_init(void);
+void xtensa_breakpoint_handler(CPUXtensaState *env);
 int cpu_xtensa_exec(CPUXtensaState *s);
 void xtensa_register_core(XtensaConfigList *node);
 void do_interrupt(CPUXtensaState *s);
diff --git a/target-xtensa/helper.c b/target-xtensa/helper.c
index 14bcc7e..a8a6493 100644
--- a/target-xtensa/helper.c
+++ b/target-xtensa/helper.c
@@ -54,7 +54,7 @@ static uint32_t check_hw_breakpoints(CPUXtensaState *env)
 return 0;
 }
 
-static void breakpoint_handler(CPUXtensaState *env)
+void xtensa_breakpoint_handler(CPUXtensaState *env)
 {
 if (env->watchpoint_hit) {
 if (env->watchpoint_hit->flags & BP_CPU) {
@@ -72,8 +72,6 @@ static void breakpoint_handler(CPUXtensaState *env)
 
 XtensaCPU *cpu_xtensa_init(const char *cpu_model)
 {
-static int tcg_inited;
-static int debug_handler_inited;
 XtensaCPU *cpu;
 CPUXtensaState *env;
 const XtensaConfig *config = NULL;
@@ -93,16 +91,6 @@ XtensaCPU *cpu_xtensa_init(const char *cpu_model)
 env = &cpu->env;
 env->config = config;
 
-if (!tcg_inited) {
-tcg_inited = 1;
-xtensa_translate_init();
-}
-
-if (!debug_handler_inited && tcg_enabled()) {
-debug_handler_inited = 1;
-cpu_set_debug_excp_handler(breakpoint_handler);
-}
-
 xtensa_irq_init(env);
 
 object_property_set_bool(OBJECT(cpu), true, "realized", NULL);
-- 
1.7.10.4

Re: [Qemu-devel] [PATCH] w32: Always compile with __builtin_ffs

[Jacob Kroon]

Hi Stefan,

On Sat, Feb 16, 2013 at 7:30 PM, Stefan Weil  wrote:
> Not all MinGW build environments include a library which provides ffs(),
> and some versions of gcc create a function call instead of inline code.
>
> When gcc is called with -ansi, it will always create a function call.
> This usually results in an unresolved symbol "ffs" at link time.
>
> The patch enforces inline code for this special case.
>
> Cc: Jacob Kroon 
> Signed-off-by: Stefan Weil 
> ---
>
> Hi Jacob,
>
> please try the patch below. If it does not fix the linker problem,
> you can define ffs unconditionally.

Thanks for looking into this. The patch as it is still results in
linker errors on my machine,
but yes, defining "ffs" unconditionally like below does fix the problem here.

diff --git a/include/sysemu/os-win32.h b/include/sysemu/os-win32.h
index bf9edeb..e2972c8 100644
--- a/include/sysemu/os-win32.h
+++ b/include/sysemu/os-win32.h
@@ -66,6 +66,7 @@

 /* Declaration of ffs() is missing in MinGW's strings.h. */
 int ffs(int i);
+#define ffs(i) __builtin_ffs(i)

 /* Missing POSIX functions. Don't use MinGW-w64 macros. */
 #undef gmtime_r

Regards
Jacob

[Qemu-devel] [PATCH 23/47] target-ppc: Move TCG initialization to PowerPCCPU initfn

[Andreas Färber]

Ensures that a QOM-created PowerPCCPU is usable.

Signed-off-by: Andreas Färber 
---
 target-ppc/translate_init.c |9 -
 1 Datei geändert, 4 Zeilen hinzugefügt(+), 5 Zeilen entfernt(-)

diff --git a/target-ppc/translate_init.c b/target-ppc/translate_init.c
index 49eaeac..5a2acaa 100644
--- a/target-ppc/translate_init.c
+++ b/target-ppc/translate_init.c
@@ -10349,11 +10349,6 @@ PowerPCCPU *cpu_ppc_init(const char *cpu_model)
 
 cpu = POWERPC_CPU(object_new(object_class_get_name(oc)));
 env = &cpu->env;
-
-if (tcg_enabled()) {
-ppc_translate_init();
-}
-
 env->cpu_model_str = cpu_model;
 
 object_property_set_bool(OBJECT(cpu), true, "realized", &err);
@@ -10571,6 +10566,10 @@ static void ppc_cpu_initfn(Object *obj)
 env->sps = defsps;
 }
 #endif /* defined(TARGET_PPC64) */
+
+if (tcg_enabled()) {
+ppc_translate_init();
+}
 }
 
 static void ppc_cpu_class_init(ObjectClass *oc, void *data)
-- 
1.7.10.4

[Qemu-devel] [PATCH 25/47] target-sh4: Move TCG initialization to SuperHCPU initfn

[Andreas Färber]

Add a tcg_enabled() check to suppress it for qtest.

Signed-off-by: Andreas Färber 
---
 target-sh4/cpu.c   |4 
 target-sh4/cpu.h   |1 +
 target-sh4/translate.c |3 +--
 3 Dateien geändert, 6 Zeilen hinzugefügt(+), 2 Zeilen entfernt(-)

diff --git a/target-sh4/cpu.c b/target-sh4/cpu.c
index c66442f..dc5d756 100644
--- a/target-sh4/cpu.c
+++ b/target-sh4/cpu.c
@@ -73,6 +73,10 @@ static void superh_cpu_initfn(Object *obj)
 cpu_exec_init(env);
 
 env->movcal_backup_tail = &(env->movcal_backup);
+
+if (tcg_enabled()) {
+sh4_translate_init();
+}
 }
 
 static const VMStateDescription vmstate_sh_cpu = {
diff --git a/target-sh4/cpu.h b/target-sh4/cpu.h
index 34e9b0a..49dcd9e 100644
--- a/target-sh4/cpu.h
+++ b/target-sh4/cpu.h
@@ -191,6 +191,7 @@ typedef struct CPUSH4State {
 
 #include "cpu-qom.h"
 
+void sh4_translate_init(void);
 SuperHCPU *cpu_sh4_init(const char *cpu_model);
 int cpu_sh4_exec(CPUSH4State * s);
 int cpu_sh4_signal_handler(int host_signum, void *pinfo,
diff --git a/target-sh4/translate.c b/target-sh4/translate.c
index 2409a10..c58d79a 100644
--- a/target-sh4/translate.c
+++ b/target-sh4/translate.c
@@ -71,7 +71,7 @@ static uint32_t gen_opc_hflags[OPC_BUF_SIZE];
 
 #include "exec/gen-icount.h"
 
-static void sh4_translate_init(void)
+void sh4_translate_init(void)
 {
 int i;
 static int done_init = 0;
@@ -251,7 +251,6 @@ SuperHCPU *cpu_sh4_init(const char *cpu_model)
 cpu = SUPERH_CPU(object_new(TYPE_SUPERH_CPU));
 env = &cpu->env;
 env->features = def->features;
-sh4_translate_init();
 env->cpu_model_str = cpu_model;
 cpu_register(env, def);
 
-- 
1.7.10.4

[Qemu-devel] [PATCH] w32: Always compile with __builtin_ffs

[Stefan Weil]

Not all MinGW build environments include a library which provides ffs(),
and some versions of gcc create a function call instead of inline code.

When gcc is called with -ansi, it will always create a function call.
This usually results in an unresolved symbol "ffs" at link time.

The patch enforces inline code for this special case.

Cc: Jacob Kroon 
Signed-off-by: Stefan Weil 
---

Hi Jacob,

please try the patch below. If it does not fix the linker problem,
you can define ffs unconditionally.

Regards
Stefan


 include/sysemu/os-win32.h |3 +++
 1 file changed, 3 insertions(+)

diff --git a/include/sysemu/os-win32.h b/include/sysemu/os-win32.h
index bf9edeb..a885162 100644
--- a/include/sysemu/os-win32.h
+++ b/include/sysemu/os-win32.h
@@ -66,6 +66,9 @@
 
 /* Declaration of ffs() is missing in MinGW's strings.h. */
 int ffs(int i);
+#if defined(__STRICT_ANSI__)
+# define ffs(i) __builtin_ffs(i)
+#endif
 
 /* Missing POSIX functions. Don't use MinGW-w64 macros. */
 #undef gmtime_r
-- 
1.7.10.4

[Qemu-devel] [PATCH] move qemu-ga from bin to libexec dir, use $HELPERS

[Michael Tokarev]

This patch does 3 things:

1. Renames HELPERS-y Makefile variable to HELPERS
2. Moves its definition from Makefile to configure
3. Moves qemu-ga binary from TOOLS to HELPERS.

The effects are:

1. qemu-ga binary is now installed into libexecdir, not bindir.
This is the main effect/motivation of this patch, -- this binary
has no business being in a public binary directory, it is a system
helper which must be run by a system startup script or some event
daemon.

2. Another helper, qemu-bridge-helper, which is already installed
in libexecdir, is built only when we're building one of softmmu
targets on linux (initially it was just linux-specific, but not
softmmu-specific).

Signed-off-by: Michael Tokarev 
---
 Makefile  |   10 --
 configure |7 ++-
 2 files changed, 10 insertions(+), 7 deletions(-)

diff --git a/Makefile b/Makefile
index 0d9099a..ba0cd98 100644
--- a/Makefile
+++ b/Makefile
@@ -53,8 +53,6 @@ $(call set-vpath, $(SRC_PATH))
 
 LIBS+=-lz $(LIBS_TOOLS)
 
-HELPERS-$(CONFIG_LINUX) = qemu-bridge-helper$(EXESUF)
-
 ifdef BUILD_DOCS
 DOCS=qemu-doc.html qemu-tech.html qemu.1 qemu-img.1 qemu-nbd.8 
QMP/qmp-commands.txt
 ifdef CONFIG_VIRTFS
@@ -115,7 +113,7 @@ ifeq ($(CONFIG_SMARTCARD_NSS),y)
 include $(SRC_PATH)/libcacard/Makefile
 endif
 
-all: $(DOCS) $(TOOLS) $(HELPERS-y) recurse-all
+all: $(DOCS) $(TOOLS) $(HELPERS) recurse-all
 
 config-host.h: config-host.h-timestamp
 config-host.h-timestamp: config-host.mak
@@ -215,7 +213,7 @@ clean:
rm -f qemu-options.def
find . -name '*.[oda]' -type f -exec rm -f {} +
find . -name '*.l[oa]' -type f -exec rm -f {} +
-   rm -f $(TOOLS) $(HELPERS-y) qemu-ga TAGS cscope.* *.pod *~ */*~
+   rm -f $(TOOLS) $(HELPERS) qemu-ga TAGS cscope.* *.pod *~ */*~
rm -Rf .libs
rm -f qemu-img-cmds.h
@# May not be present in GENERATED_HEADERS
@@ -305,9 +303,9 @@ install: all $(if $(BUILD_DOCS),install-doc) 
install-sysconfig install-datadir
 ifneq ($(TOOLS),)
$(INSTALL_PROG) $(STRIP_OPT) $(TOOLS) "$(DESTDIR)$(bindir)"
 endif
-ifneq ($(HELPERS-y),)
+ifneq ($(HELPERS),)
$(INSTALL_DIR) "$(DESTDIR)$(libexecdir)"
-   $(INSTALL_PROG) $(STRIP_OPT) $(HELPERS-y) "$(DESTDIR)$(libexecdir)"
+   $(INSTALL_PROG) $(STRIP_OPT) $(HELPERS) "$(DESTDIR)$(libexecdir)"
 endif
 ifneq ($(BLOBS),)
set -e; for x in $(BLOBS); do \
diff --git a/configure b/configure
index 8789324..304c648 100755
--- a/configure
+++ b/configure
@@ -3204,6 +3204,7 @@ qemu_confdir=$sysconfdir$confsuffix
 qemu_datadir=$datadir$confsuffix
 
 tools=""
+helpers=""
 if test "$want_tools" = "yes" ; then
   tools="qemu-img\$(EXESUF) qemu-io\$(EXESUF) $tools"
   if [ "$linux" = "yes" -o "$bsd" = "yes" -o "$solaris" = "yes" ] ; then
@@ -3225,9 +3226,12 @@ if test "$softmmu" = yes ; then
   fi
   if [ "$linux" = "yes" -o "$bsd" = "yes" -o "$solaris" = "yes" ] ; then
 if [ "$guest_agent" = "yes" ]; then
-  tools="qemu-ga\$(EXESUF) $tools"
+  helpers="qemu-ga\$(EXESUF) $helpers"
 fi
   fi
+  if [ "$linux" = "yes"  ] ; then
+ helpers="qemu-bridge-helper\$(EXESUF) $helpers"
+  fi
 fi
 
 # Mac OS X ships with a broken assembler
@@ -3744,6 +3748,7 @@ if test "$trace_default" = "yes"; then
 fi
 
 echo "TOOLS=$tools" >> $config_host_mak
+echo "HELPERS=$helpers" >> $config_host_mak
 echo "ROMS=$roms" >> $config_host_mak
 echo "MAKE=$make" >> $config_host_mak
 echo "INSTALL=$install" >> $config_host_mak
-- 
1.7.10.4

[Qemu-devel] [PATCH 42/47] ppce500_spin: Replace open-coded CPU loop with qemu_get_cpu()

[Andreas Färber]

Potentially env could be NULL whereas cpu would still be valid and
correspond to a previous env.

Wrapping this in qemu_get_cpu(), env is no longer needed, so simplify
code that existed before 55e5c2850293547203874098f7cec148ffd12dfa.

Acked-by: Alexander Graf 
Signed-off-by: Andreas Färber 
---
 hw/ppce500_spin.c |   15 ---
 1 Datei geändert, 4 Zeilen hinzugefügt(+), 11 Zeilen entfernt(-)

diff --git a/hw/ppce500_spin.c b/hw/ppce500_spin.c
index 7e90fb9..5bdce52 100644
--- a/hw/ppce500_spin.c
+++ b/hw/ppce500_spin.c
@@ -123,18 +123,11 @@ static void spin_write(void *opaque, hwaddr addr, 
uint64_t value,
 {
 SpinState *s = opaque;
 int env_idx = addr / sizeof(SpinInfo);
-CPUPPCState *env;
-CPUState *cpu = NULL;
+CPUState *cpu;
 SpinInfo *curspin = &s->spin[env_idx];
 uint8_t *curspin_p = (uint8_t*)curspin;
 
-for (env = first_cpu; env != NULL; env = env->next_cpu) {
-cpu = CPU(ppc_env_get_cpu(env));
-if (cpu->cpu_index == env_idx) {
-break;
-}
-}
-
+cpu = qemu_get_cpu(env_idx);
 if (cpu == NULL) {
 /* Unknown CPU */
 return;
@@ -161,11 +154,11 @@ static void spin_write(void *opaque, hwaddr addr, 
uint64_t value,
 if (!(ldq_p(&curspin->addr) & 1)) {
 /* run CPU */
 SpinKick kick = {
-.cpu = ppc_env_get_cpu(env),
+.cpu = POWERPC_CPU(cpu),
 .spin = curspin,
 };
 
-run_on_cpu(CPU(kick.cpu), spin_kick, &kick);
+run_on_cpu(cpu, spin_kick, &kick);
 }
 }
 
-- 
1.7.10.4

[Qemu-devel] [PATCH 38/47] cpu: Move current_tb field to CPUState

[Andreas Färber]

Explictly NULL it on CPU reset since it was located before breakpoints.

Change vapic_report_tpr_access() argument to CPUState. This also
resolves the use of void* for cpu.h independence.
Change vAPIC patch_instruction() argument to X86CPU.

Signed-off-by: Andreas Färber 
---
 cpu-exec.c  |   13 -
 cputlb.c|6 --
 hw/apic_common.c|2 +-
 hw/apic_internal.h  |2 +-
 hw/kvmvapic.c   |   13 -
 include/exec/cpu-defs.h |1 -
 include/exec/exec-all.h |4 +++-
 include/qom/cpu.h   |3 +++
 qom/cpu.c   |1 +
 translate-all.c |   29 +++--
 10 Dateien geändert, 48 Zeilen hinzugefügt(+), 26 Zeilen entfernt(-)

diff --git a/cpu-exec.c b/cpu-exec.c
index cf103f2..9fcfe9e 100644
--- a/cpu-exec.c
+++ b/cpu-exec.c
@@ -32,7 +32,9 @@ bool qemu_cpu_has_work(CPUState *cpu)
 
 void cpu_loop_exit(CPUArchState *env)
 {
-env->current_tb = NULL;
+CPUState *cpu = ENV_GET_CPU(env);
+
+cpu->current_tb = NULL;
 longjmp(env->jmp_env, 1);
 }
 
@@ -54,6 +56,7 @@ void cpu_resume_from_signal(CPUArchState *env, void *puc)
 static void cpu_exec_nocache(CPUArchState *env, int max_cycles,
  TranslationBlock *orig_tb)
 {
+CPUState *cpu = ENV_GET_CPU(env);
 tcg_target_ulong next_tb;
 TranslationBlock *tb;
 
@@ -64,10 +67,10 @@ static void cpu_exec_nocache(CPUArchState *env, int 
max_cycles,
 
 tb = tb_gen_code(env, orig_tb->pc, orig_tb->cs_base, orig_tb->flags,
  max_cycles);
-env->current_tb = tb;
+cpu->current_tb = tb;
 /* execute the generated code */
 next_tb = tcg_qemu_tb_exec(env, tb->tc_ptr);
-env->current_tb = NULL;
+cpu->current_tb = NULL;
 
 if ((next_tb & 3) == 2) {
 /* Restore PC.  This may happen if async event occurs before
@@ -589,7 +592,7 @@ int cpu_exec(CPUArchState *env)
TB, but before it is linked into a potentially
infinite loop and becomes env->current_tb. Avoid
starting execution if there is a pending interrupt. */
-env->current_tb = tb;
+cpu->current_tb = tb;
 barrier();
 if (likely(!cpu->exit_request)) {
 tc_ptr = tb->tc_ptr;
@@ -623,7 +626,7 @@ int cpu_exec(CPUArchState *env)
 }
 }
 }
-env->current_tb = NULL;
+cpu->current_tb = NULL;
 /* reset soft MMU for next block (it can currently
only be set by a memory fault) */
 } /* for(;;) */
diff --git a/cputlb.c b/cputlb.c
index 88239c4..aba7e44 100644
--- a/cputlb.c
+++ b/cputlb.c
@@ -54,6 +54,7 @@ static const CPUTLBEntry s_cputlb_empty_entry = {
  */
 void tlb_flush(CPUArchState *env, int flush_global)
 {
+CPUState *cpu = ENV_GET_CPU(env);
 int i;
 
 #if defined(DEBUG_TLB)
@@ -61,7 +62,7 @@ void tlb_flush(CPUArchState *env, int flush_global)
 #endif
 /* must reset current TB so that interrupts cannot modify the
links while we are modifying them */
-env->current_tb = NULL;
+cpu->current_tb = NULL;
 
 for (i = 0; i < CPU_TLB_SIZE; i++) {
 int mmu_idx;
@@ -92,6 +93,7 @@ static inline void tlb_flush_entry(CPUTLBEntry *tlb_entry, 
target_ulong addr)
 
 void tlb_flush_page(CPUArchState *env, target_ulong addr)
 {
+CPUState *cpu = ENV_GET_CPU(env);
 int i;
 int mmu_idx;
 
@@ -110,7 +112,7 @@ void tlb_flush_page(CPUArchState *env, target_ulong addr)
 }
 /* must reset current TB so that interrupts cannot modify the
links while we are modifying them */
-env->current_tb = NULL;
+cpu->current_tb = NULL;
 
 addr &= TARGET_PAGE_MASK;
 i = (addr >> TARGET_PAGE_BITS) & (CPU_TLB_SIZE - 1);
diff --git a/hw/apic_common.c b/hw/apic_common.c
index 6e1b1e0..d8c9810 100644
--- a/hw/apic_common.c
+++ b/hw/apic_common.c
@@ -103,7 +103,7 @@ void apic_handle_tpr_access_report(DeviceState *d, 
target_ulong ip,
 {
 APICCommonState *s = DO_UPCAST(APICCommonState, busdev.qdev, d);
 
-vapic_report_tpr_access(s->vapic, &s->cpu->env, ip, access);
+vapic_report_tpr_access(s->vapic, CPU(s->cpu), ip, access);
 }
 
 void apic_report_irq_delivered(int delivered)
diff --git a/hw/apic_internal.h b/hw/apic_internal.h
index dcbbfd4..9265e52 100644
--- a/hw/apic_internal.h
+++ b/hw/apic_internal.h
@@ -143,7 +143,7 @@ bool apic_next_timer(APICCommonState *s, int64_t 
current_time);
 void apic_enable_tpr_access_reporting(DeviceState *d, bool enable);
 void apic_enable_vapic(DeviceState *d, hwaddr paddr);
 
-void vapic_report_tpr_access(DeviceState *dev, void *cpu, target_ulong ip,
+void vapic_report_tpr_access(DeviceState *dev, CPUState *cpu, target_ulong ip,
  TPRAccess access);
 
 #endif /* !QEMU_APIC_INTERNAL_H */
diff --git a/hw/kvmvapic.c b/hw/kvmvapic.c
ind

[Qemu-devel] [Bug 925412] Re: Cannot build on Mac using Xcode 4 and LLVM

[Rui Carmo]

Awesome, thanks.

-- 
You received this bug notification because you are a member of qemu-
devel-ml, which is subscribed to QEMU.
https://bugs.launchpad.net/bugs/925412

Title:
  Cannot build on Mac using Xcode 4 and LLVM

Status in QEMU:
  Fix Released

Bug description:
  As detailed in the mailing-list and the brew project (see below), QEMU
  currently either doesn't build with LLVM or builds and crashes upon
  runtime on Mac OS X Lion (or Snow Leopard if you've upgraded your
  compiler from gcc-4.2).

  This seems to be tied to the internal representation of UINT16, but
  effectively means that you currently cannot run QEMU 1.0 or HEAD (for
  any target arch - I'm focusing on ARM and Intel) on a Mac.

  References:

  [1]: http://lists.gnu.org/archive/html/qemu-devel/2012-01/msg01330.html
  [2]: https://github.com/mxcl/homebrew/pull/9520

To manage notifications about this bug go to:
https://bugs.launchpad.net/qemu/+bug/925412/+subscriptions

[Qemu-devel] [PATCH 40/47] cpu: Add CPUArchState pointer to CPUState

[Andreas Färber]

The target-specific ENV_GET_CPU() macros have allowed us to navigate
from CPUArchState to CPUState. The reverse direction was not supported.
Avoid introducing CPU_GET_ENV() macros by initializing an untyped
pointer that is initialized in derived instance_init functions.

The field may not be called "env" due to it being poisoned.

Acked-by: Richard Henderson 
Signed-off-by: Andreas Färber 
---
 include/qom/cpu.h   |2 ++
 target-alpha/cpu.c  |2 ++
 target-arm/cpu.c|2 ++
 target-cris/cpu.c   |2 ++
 target-i386/cpu.c   |1 +
 target-lm32/cpu.c   |2 ++
 target-m68k/cpu.c   |2 ++
 target-microblaze/cpu.c |2 ++
 target-mips/cpu.c   |2 ++
 target-openrisc/cpu.c   |2 ++
 target-ppc/translate_init.c |2 ++
 target-s390x/cpu.c  |2 ++
 target-sh4/cpu.c|2 ++
 target-sparc/cpu.c  |2 ++
 target-unicore32/cpu.c  |2 ++
 target-xtensa/cpu.c |2 ++
 16 Dateien geändert, 31 Zeilen hinzugefügt(+)

diff --git a/include/qom/cpu.h b/include/qom/cpu.h
index c25a997..ee1a7c8 100644
--- a/include/qom/cpu.h
+++ b/include/qom/cpu.h
@@ -71,6 +71,7 @@ struct kvm_run;
  * @created: Indicates whether the CPU thread has been successfully created.
  * @stop: Indicates a pending stop request.
  * @stopped: Indicates the CPU has been artificially stopped.
+ * @env_ptr: Pointer to subclass-specific CPUArchState field.
  * @current_tb: Currently executing TB.
  * @kvm_fd: vCPU file descriptor for KVM.
  *
@@ -100,6 +101,7 @@ struct CPUState {
 bool stopped;
 volatile sig_atomic_t exit_request;
 
+void *env_ptr; /* CPUArchState */
 struct TranslationBlock *current_tb;
 
 int kvm_fd;
diff --git a/target-alpha/cpu.c b/target-alpha/cpu.c
index 0cdae69..cec9989 100644
--- a/target-alpha/cpu.c
+++ b/target-alpha/cpu.c
@@ -233,9 +233,11 @@ static const TypeInfo ev68_cpu_type_info = {
 
 static void alpha_cpu_initfn(Object *obj)
 {
+CPUState *cs = CPU(obj);
 AlphaCPU *cpu = ALPHA_CPU(obj);
 CPUAlphaState *env = &cpu->env;
 
+cs->env_ptr = env;
 cpu_exec_init(env);
 tlb_flush(env, 1);
 
diff --git a/target-arm/cpu.c b/target-arm/cpu.c
index f54d200..5dfcb74 100644
--- a/target-arm/cpu.c
+++ b/target-arm/cpu.c
@@ -134,9 +134,11 @@ static inline void set_feature(CPUARMState *env, int 
feature)
 
 static void arm_cpu_initfn(Object *obj)
 {
+CPUState *cs = CPU(obj);
 ARMCPU *cpu = ARM_CPU(obj);
 static bool inited;
 
+cs->env_ptr = &cpu->env;
 cpu_exec_init(&cpu->env);
 cpu->cp_regs = g_hash_table_new_full(g_int_hash, g_int_equal,
  g_free, g_free);
diff --git a/target-cris/cpu.c b/target-cris/cpu.c
index 8008988..7974be3 100644
--- a/target-cris/cpu.c
+++ b/target-cris/cpu.c
@@ -146,11 +146,13 @@ static void cris_cpu_realizefn(DeviceState *dev, Error 
**errp)
 
 static void cris_cpu_initfn(Object *obj)
 {
+CPUState *cs = CPU(obj);
 CRISCPU *cpu = CRIS_CPU(obj);
 CRISCPUClass *ccc = CRIS_CPU_GET_CLASS(obj);
 CPUCRISState *env = &cpu->env;
 static bool tcg_initialized;
 
+cs->env_ptr = env;
 cpu_exec_init(env);
 
 env->pregs[PR_VR] = ccc->vr;
diff --git a/target-i386/cpu.c b/target-i386/cpu.c
index e2fd626..635f334 100644
--- a/target-i386/cpu.c
+++ b/target-i386/cpu.c
@@ -2164,6 +2164,7 @@ static void x86_cpu_initfn(Object *obj)
 CPUX86State *env = &cpu->env;
 static int inited;
 
+cs->env_ptr = env;
 cpu_exec_init(env);
 
 object_property_add(obj, "family", "int",
diff --git a/target-lm32/cpu.c b/target-lm32/cpu.c
index 5f16734..a2badb5 100644
--- a/target-lm32/cpu.c
+++ b/target-lm32/cpu.c
@@ -56,10 +56,12 @@ static void lm32_cpu_realizefn(DeviceState *dev, Error 
**errp)
 
 static void lm32_cpu_initfn(Object *obj)
 {
+CPUState *cs = CPU(obj);
 LM32CPU *cpu = LM32_CPU(obj);
 CPULM32State *env = &cpu->env;
 static bool tcg_initialized;
 
+cs->env_ptr = env;
 cpu_exec_init(env);
 
 env->flags = 0;
diff --git a/target-m68k/cpu.c b/target-m68k/cpu.c
index 42735db..f5a1098 100644
--- a/target-m68k/cpu.c
+++ b/target-m68k/cpu.c
@@ -154,10 +154,12 @@ static void m68k_cpu_realizefn(DeviceState *dev, Error 
**errp)
 
 static void m68k_cpu_initfn(Object *obj)
 {
+CPUState *cs = CPU(obj);
 M68kCPU *cpu = M68K_CPU(obj);
 CPUM68KState *env = &cpu->env;
 static bool inited;
 
+cs->env_ptr = env;
 cpu_exec_init(env);
 
 if (tcg_enabled() && !inited) {
diff --git a/target-microblaze/cpu.c b/target-microblaze/cpu.c
index 28b5a88..81359db 100644
--- a/target-microblaze/cpu.c
+++ b/target-microblaze/cpu.c
@@ -98,10 +98,12 @@ static void mb_cpu_realizefn(DeviceState *dev, Error **errp)
 
 static void mb_cpu_initfn(Object *obj)
 {
+CPUState *cs = CPU(obj);
 MicroBlazeCPU *cpu = MICROBLAZE_CPU(obj);
 CPUMBState *env = &cpu->env;
 static bool tcg_initialized;
 
+cs->env_p

[Qemu-devel] [PATCH 34/47] target-cris: Introduce CRISCPU subclasses

[Andreas Färber]

Use class_init functions to initialize the VR in preparation for
overriding v32+ behavior there.

Move cpu_cris_init() to cpu.c and hook up a class_by_name callback.

This change leads to unknown -cpu model names no longer falling back
to a CPU with VR 32 but instead returning NULL.

Acked-by: Edgar E. Iglesias 
Signed-off-by: Andreas Färber 
---
 target-cris/cpu-qom.h   |3 +
 target-cris/cpu.c   |  153 ++-
 target-cris/translate.c |   48 ---
 3 Dateien geändert, 155 Zeilen hinzugefügt(+), 49 Zeilen entfernt(-)

diff --git a/target-cris/cpu-qom.h b/target-cris/cpu-qom.h
index 7ad8398..2bac71f 100644
--- a/target-cris/cpu-qom.h
+++ b/target-cris/cpu-qom.h
@@ -35,6 +35,7 @@
  * CRISCPUClass:
  * @parent_realize: The parent class' realize handler.
  * @parent_reset: The parent class' reset handler.
+ * @vr: Version Register value.
  *
  * A CRIS CPU model.
  */
@@ -45,6 +46,8 @@ typedef struct CRISCPUClass {
 
 DeviceRealize parent_realize;
 void (*parent_reset)(CPUState *cpu);
+
+uint32_t vr;
 } CRISCPUClass;
 
 /**
diff --git a/target-cris/cpu.c b/target-cris/cpu.c
index fedf641..8008988 100644
--- a/target-cris/cpu.c
+++ b/target-cris/cpu.c
@@ -55,6 +55,84 @@ static void cris_cpu_reset(CPUState *s)
 #endif
 }
 
+static ObjectClass *cris_cpu_class_by_name(const char *cpu_model)
+{
+ObjectClass *oc;
+char *typename;
+
+if (cpu_model == NULL) {
+return NULL;
+}
+
+typename = g_strdup_printf("%s-" TYPE_CRIS_CPU, cpu_model);
+oc = object_class_by_name(typename);
+g_free(typename);
+if (oc != NULL && (!object_class_dynamic_cast(oc, TYPE_CRIS_CPU) ||
+   object_class_is_abstract(oc))) {
+oc = NULL;
+}
+return oc;
+}
+
+CRISCPU *cpu_cris_init(const char *cpu_model)
+{
+CRISCPU *cpu;
+ObjectClass *oc;
+
+oc = cris_cpu_class_by_name(cpu_model);
+if (oc == NULL) {
+return NULL;
+}
+cpu = CRIS_CPU(object_new(object_class_get_name(oc)));
+
+object_property_set_bool(OBJECT(cpu), true, "realized", NULL);
+
+return cpu;
+}
+
+/* Sort alphabetically by VR. */
+static gint cris_cpu_list_compare(gconstpointer a, gconstpointer b)
+{
+CRISCPUClass *ccc_a = CRIS_CPU_CLASS(a);
+CRISCPUClass *ccc_b = CRIS_CPU_CLASS(b);
+
+/*  */
+if (ccc_a->vr > ccc_b->vr) {
+return 1;
+} else if (ccc_a->vr < ccc_b->vr) {
+return -1;
+} else {
+return 0;
+}
+}
+
+static void cris_cpu_list_entry(gpointer data, gpointer user_data)
+{
+ObjectClass *oc = data;
+CPUListState *s = user_data;
+const char *typename = object_class_get_name(oc);
+char *name;
+
+name = g_strndup(typename, strlen(typename) - strlen("-" TYPE_CRIS_CPU));
+(*s->cpu_fprintf)(s->file, "  %s\n", name);
+g_free(name);
+}
+
+void cris_cpu_list(FILE *f, fprintf_function cpu_fprintf)
+{
+CPUListState s = {
+.file = f,
+.cpu_fprintf = cpu_fprintf,
+};
+GSList *list;
+
+list = object_class_get_list(TYPE_CRIS_CPU, false);
+list = g_slist_sort(list, cris_cpu_list_compare);
+(*cpu_fprintf)(f, "Available CPUs:\n");
+g_slist_foreach(list, cris_cpu_list_entry, &s);
+g_slist_free(list);
+}
+
 static void cris_cpu_realizefn(DeviceState *dev, Error **errp)
 {
 CRISCPU *cpu = CRIS_CPU(dev);
@@ -69,11 +147,14 @@ static void cris_cpu_realizefn(DeviceState *dev, Error 
**errp)
 static void cris_cpu_initfn(Object *obj)
 {
 CRISCPU *cpu = CRIS_CPU(obj);
+CRISCPUClass *ccc = CRIS_CPU_GET_CLASS(obj);
 CPUCRISState *env = &cpu->env;
 static bool tcg_initialized;
 
 cpu_exec_init(env);
 
+env->pregs[PR_VR] = ccc->vr;
+
 if (tcg_enabled() && !tcg_initialized) {
 tcg_initialized = true;
 if (env->pregs[PR_VR] < 32) {
@@ -84,6 +165,69 @@ static void cris_cpu_initfn(Object *obj)
 }
 }
 
+static void crisv8_cpu_class_init(ObjectClass *oc, void *data)
+{
+CRISCPUClass *ccc = CRIS_CPU_CLASS(oc);
+
+ccc->vr = 8;
+}
+
+static void crisv9_cpu_class_init(ObjectClass *oc, void *data)
+{
+CRISCPUClass *ccc = CRIS_CPU_CLASS(oc);
+
+ccc->vr = 9;
+}
+
+static void crisv10_cpu_class_init(ObjectClass *oc, void *data)
+{
+CRISCPUClass *ccc = CRIS_CPU_CLASS(oc);
+
+ccc->vr = 10;
+}
+
+static void crisv11_cpu_class_init(ObjectClass *oc, void *data)
+{
+CRISCPUClass *ccc = CRIS_CPU_CLASS(oc);
+
+ccc->vr = 11;
+}
+
+static void crisv32_cpu_class_init(ObjectClass *oc, void *data)
+{
+CRISCPUClass *ccc = CRIS_CPU_CLASS(oc);
+
+ccc->vr = 32;
+}
+
+#define TYPE(model) model "-" TYPE_CRIS_CPU
+
+static const TypeInfo cris_cpu_model_type_infos[] = {
+{
+.name = TYPE("crisv8"),
+.parent = TYPE_CRIS_CPU,
+.class_init = crisv8_cpu_class_init,
+}, {
+.name = TYPE("crisv9"),
+.parent = TYPE_CRIS_CPU,
+.class_init = crisv9_cpu_class_init,
+}, {
+.name = TYPE("crisv10")

[Qemu-devel] [PATCH 14/47] target-sparc: Introduce QOM realizefn for SPARCCPU

[Andreas Färber]

Introduce realizefn and set realized = true in cpu_sparc_init().

Signed-off-by: Andreas Färber 
---
 target-sparc/cpu-qom.h |2 ++
 target-sparc/cpu.c |   17 -
 2 Dateien geändert, 18 Zeilen hinzugefügt(+), 1 Zeile entfernt(-)

diff --git a/target-sparc/cpu-qom.h b/target-sparc/cpu-qom.h
index 2a738ae..89cd1cf 100644
--- a/target-sparc/cpu-qom.h
+++ b/target-sparc/cpu-qom.h
@@ -38,6 +38,7 @@
 
 /**
  * SPARCCPUClass:
+ * @parent_realize: The parent class' realize handler.
  * @parent_reset: The parent class' reset handler.
  *
  * A SPARC CPU model.
@@ -47,6 +48,7 @@ typedef struct SPARCCPUClass {
 CPUClass parent_class;
 /*< public >*/
 
+DeviceRealize parent_realize;
 void (*parent_reset)(CPUState *cpu);
 } SPARCCPUClass;
 
diff --git a/target-sparc/cpu.c b/target-sparc/cpu.c
index 4bc1afc..1690cf5 100644
--- a/target-sparc/cpu.c
+++ b/target-sparc/cpu.c
@@ -122,7 +122,8 @@ SPARCCPU *cpu_sparc_init(const char *cpu_model)
 object_unref(OBJECT(cpu));
 return NULL;
 }
-qemu_init_vcpu(env);
+
+object_property_set_bool(OBJECT(cpu), true, "realized", NULL);
 
 return cpu;
 }
@@ -851,6 +852,16 @@ void cpu_dump_state(CPUSPARCState *env, FILE *f, 
fprintf_function cpu_fprintf,
 cpu_fprintf(f, "\n");
 }
 
+static void sparc_cpu_realizefn(DeviceState *dev, Error **errp)
+{
+SPARCCPU *cpu = SPARC_CPU(dev);
+SPARCCPUClass *scc = SPARC_CPU_GET_CLASS(dev);
+
+qemu_init_vcpu(&cpu->env);
+
+scc->parent_realize(dev, errp);
+}
+
 static void sparc_cpu_initfn(Object *obj)
 {
 SPARCCPU *cpu = SPARC_CPU(obj);
@@ -871,6 +882,10 @@ static void sparc_cpu_class_init(ObjectClass *oc, void 
*data)
 {
 SPARCCPUClass *scc = SPARC_CPU_CLASS(oc);
 CPUClass *cc = CPU_CLASS(oc);
+DeviceClass *dc = DEVICE_CLASS(oc);
+
+scc->parent_realize = dc->realize;
+dc->realize = sparc_cpu_realizefn;
 
 scc->parent_reset = cc->reset;
 cc->reset = sparc_cpu_reset;
-- 
1.7.10.4

[Qemu-devel] [PATCH 09/47] target-m68k: Introduce QOM realizefn for M68kCPU

[Andreas Färber]

Introduce realizefn and set realized = true in cpu_m68k_init().

Split off GDB registration to a new m68k_cpu_init_gdb() so that it can
be called from the realizefn.

Signed-off-by: Andreas Färber 
---
 target-m68k/cpu-qom.h |2 ++
 target-m68k/cpu.c |   16 
 target-m68k/cpu.h |1 +
 target-m68k/helper.c  |   14 ++
 4 Dateien geändert, 29 Zeilen hinzugefügt(+), 4 Zeilen entfernt(-)

diff --git a/target-m68k/cpu-qom.h b/target-m68k/cpu-qom.h
index 170daa7..20e5684 100644
--- a/target-m68k/cpu-qom.h
+++ b/target-m68k/cpu-qom.h
@@ -33,6 +33,7 @@
 
 /**
  * M68kCPUClass:
+ * @parent_realize: The parent class' realize handler.
  * @parent_reset: The parent class' reset handler.
  *
  * A Motorola 68k CPU model.
@@ -42,6 +43,7 @@ typedef struct M68kCPUClass {
 CPUClass parent_class;
 /*< public >*/
 
+DeviceRealize parent_realize;
 void (*parent_reset)(CPUState *cpu);
 } M68kCPUClass;
 
diff --git a/target-m68k/cpu.c b/target-m68k/cpu.c
index c71f715..e3eaffc 100644
--- a/target-m68k/cpu.c
+++ b/target-m68k/cpu.c
@@ -139,6 +139,19 @@ static const M68kCPUInfo m68k_cpus[] = {
 { .name = "any",   .instance_init = any_cpu_initfn },
 };
 
+static void m68k_cpu_realizefn(DeviceState *dev, Error **errp)
+{
+M68kCPU *cpu = M68K_CPU(dev);
+M68kCPUClass *mcc = M68K_CPU_GET_CLASS(dev);
+
+m68k_cpu_init_gdb(cpu);
+
+cpu_reset(CPU(cpu));
+qemu_init_vcpu(&cpu->env);
+
+mcc->parent_realize(dev, errp);
+}
+
 static void m68k_cpu_initfn(Object *obj)
 {
 M68kCPU *cpu = M68K_CPU(obj);
@@ -158,6 +171,9 @@ static void m68k_cpu_class_init(ObjectClass *c, void *data)
 CPUClass *cc = CPU_CLASS(c);
 DeviceClass *dc = DEVICE_CLASS(c);
 
+mcc->parent_realize = dc->realize;
+dc->realize = m68k_cpu_realizefn;
+
 mcc->parent_reset = cc->reset;
 cc->reset = m68k_cpu_reset;
 
diff --git a/target-m68k/cpu.h b/target-m68k/cpu.h
index adaf56c..94937c4 100644
--- a/target-m68k/cpu.h
+++ b/target-m68k/cpu.h
@@ -116,6 +116,7 @@ typedef struct CPUM68KState {
 #include "cpu-qom.h"
 
 void m68k_tcg_init(void);
+void m68k_cpu_init_gdb(M68kCPU *cpu);
 CPUM68KState *cpu_m68k_init(const char *cpu_model);
 int cpu_m68k_exec(CPUM68KState *s);
 void do_interrupt(CPUM68KState *env1);
diff --git a/target-m68k/helper.c b/target-m68k/helper.c
index 5ddcd70..3ae6fa0 100644
--- a/target-m68k/helper.c
+++ b/target-m68k/helper.c
@@ -120,15 +120,21 @@ CPUM68KState *cpu_m68k_init(const char *cpu_model)
 env->cpu_model_str = cpu_model;
 
 register_m68k_insns(env);
+
+object_property_set_bool(OBJECT(cpu), true, "realized", NULL);
+
+return env;
+}
+
+void m68k_cpu_init_gdb(M68kCPU *cpu)
+{
+CPUM68KState *env = &cpu->env;
+
 if (m68k_feature(env, M68K_FEATURE_CF_FPU)) {
 gdb_register_coprocessor(env, fpu_gdb_get_reg, fpu_gdb_set_reg,
  11, "cf-fp.xml", 18);
 }
 /* TODO: Add [E]MAC registers.  */
-
-cpu_reset(ENV_GET_CPU(env));
-qemu_init_vcpu(env);
-return env;
 }
 
 void cpu_m68k_flush_flags(CPUM68KState *env, int cc_op)
-- 
1.7.10.4

[Qemu-devel] [Bug 1127053] [NEW] assertion failed in exec.c while attempting to start a guest (latest commit)

[Milos Ivanovic]

Public bug reported:

Hi team,

I decided to try the latest commit on git (previously used version
1.3.0), and I got failed assertions while attempting to start my guests:

eclipse ~ # qemu-kvm -enable-kvm -hda arch.img -m 4096 -smp sockets=1,cores=4 
-vnc :0 -cpu host -vga std -net nic,model=e1000,macaddr=00:00:00:00:00:00 -net 
tap,ifname=vm0 -qmp tcp:0.0.0.0:4900,server,nowait
qemu-kvm: /var/tmp/portage/app-emulation/qemu-/work/qemu-/exec.c:982: 
qemu_ram_set_idstr: Assertion `!new_block->idstr[0]' failed.
Aborted

The assertion seems valid, so whatever's causing it is probably to
blame. I haven't dug around much to find out what calls the method
(qemu_ram_set_idstr()), but that is probably the best place to start.

The host contains a Xeon E3-1240 CPU, virtualising a bunch of guests one
of which is Arch Linux 64-bit, if that helps.

eclipse ~ # qemu-kvm -version
QEMU emulator version 1.4.50, Copyright (c) 2003-2008 Fabrice Bellard

It looks like this assertion happens if you call the executable without
any parameters as well:

eclipse ~ # qemu-kvm
qemu-kvm: /var/tmp/portage/app-emulation/qemu-/work/qemu-/exec.c:982: 
qemu_ram_set_idstr: Assertion `!new_block->idstr[0]' failed.
Aborted

Thanks.

** Affects: qemu
 Importance: Undecided
 Status: New


** Tags: assertion exec.c failed

-- 
You received this bug notification because you are a member of qemu-
devel-ml, which is subscribed to QEMU.
https://bugs.launchpad.net/bugs/1127053

Title:
  assertion failed in exec.c while attempting to start a guest (latest
  commit)

Status in QEMU:
  New

Bug description:
  Hi team,

  I decided to try the latest commit on git (previously used version
  1.3.0), and I got failed assertions while attempting to start my
  guests:

  eclipse ~ # qemu-kvm -enable-kvm -hda arch.img -m 4096 -smp sockets=1,cores=4 
-vnc :0 -cpu host -vga std -net nic,model=e1000,macaddr=00:00:00:00:00:00 -net 
tap,ifname=vm0 -qmp tcp:0.0.0.0:4900,server,nowait
  qemu-kvm: /var/tmp/portage/app-emulation/qemu-/work/qemu-/exec.c:982: 
qemu_ram_set_idstr: Assertion `!new_block->idstr[0]' failed.
  Aborted

  The assertion seems valid, so whatever's causing it is probably to
  blame. I haven't dug around much to find out what calls the method
  (qemu_ram_set_idstr()), but that is probably the best place to start.

  The host contains a Xeon E3-1240 CPU, virtualising a bunch of guests
  one of which is Arch Linux 64-bit, if that helps.

  eclipse ~ # qemu-kvm -version
  QEMU emulator version 1.4.50, Copyright (c) 2003-2008 Fabrice Bellard

  It looks like this assertion happens if you call the executable
  without any parameters as well:

  eclipse ~ # qemu-kvm
  qemu-kvm: /var/tmp/portage/app-emulation/qemu-/work/qemu-/exec.c:982: 
qemu_ram_set_idstr: Assertion `!new_block->idstr[0]' failed.
  Aborted

  Thanks.

To manage notifications about this bug go to:
https://bugs.launchpad.net/qemu/+bug/1127053/+subscriptions

[Qemu-devel] [PATCH 44/47] target-s390x: Drop unused cpu_s390x_close() prototype

[Andreas Färber]

It was never implemented.

Signed-off-by: Andreas Färber 
---
 target-s390x/cpu.h |1 -
 1 Datei geändert, 1 Zeile entfernt(-)

diff --git a/target-s390x/cpu.h b/target-s390x/cpu.h
index fa8dfe0..e450db7 100644
--- a/target-s390x/cpu.h
+++ b/target-s390x/cpu.h
@@ -315,7 +315,6 @@ static inline int get_ilen(uint8_t opc)
 S390CPU *cpu_s390x_init(const char *cpu_model);
 void s390x_translate_init(void);
 int cpu_s390x_exec(CPUS390XState *s);
-void cpu_s390x_close(CPUS390XState *s);
 void do_interrupt (CPUS390XState *env);
 
 /* you can call this signal handler from your SIGBUS and SIGSEGV
-- 
1.7.10.4

[Qemu-devel] [PATCH 37/47] cpu: Move exit_request field to CPUState

[Andreas Färber]

Since it was located before breakpoints field, it needs to be reset.

Signed-off-by: Andreas Färber 
---
 cpu-exec.c  |8 
 exec.c  |4 +++-
 hw/spapr_hcall.c|5 +++--
 include/exec/cpu-defs.h |2 --
 include/qom/cpu.h   |2 ++
 kvm-all.c   |6 +++---
 qom/cpu.c   |1 +
 target-i386/kvm.c   |4 ++--
 8 Dateien geändert, 18 Zeilen hinzugefügt(+), 14 Zeilen entfernt(-)

diff --git a/cpu-exec.c b/cpu-exec.c
index ff9a884..cf103f2 100644
--- a/cpu-exec.c
+++ b/cpu-exec.c
@@ -196,7 +196,7 @@ int cpu_exec(CPUArchState *env)
 cpu_single_env = env;
 
 if (unlikely(exit_request)) {
-env->exit_request = 1;
+cpu->exit_request = 1;
 }
 
 #if defined(TARGET_I386)
@@ -537,8 +537,8 @@ int cpu_exec(CPUArchState *env)
 next_tb = 0;
 }
 }
-if (unlikely(env->exit_request)) {
-env->exit_request = 0;
+if (unlikely(cpu->exit_request)) {
+cpu->exit_request = 0;
 env->exception_index = EXCP_INTERRUPT;
 cpu_loop_exit(env);
 }
@@ -591,7 +591,7 @@ int cpu_exec(CPUArchState *env)
starting execution if there is a pending interrupt. */
 env->current_tb = tb;
 barrier();
-if (likely(!env->exit_request)) {
+if (likely(!cpu->exit_request)) {
 tc_ptr = tb->tc_ptr;
 /* execute the generated code */
 next_tb = tcg_qemu_tb_exec(env, tc_ptr);
diff --git a/exec.c b/exec.c
index b85508b..dbb893a 100644
--- a/exec.c
+++ b/exec.c
@@ -492,7 +492,9 @@ void cpu_reset_interrupt(CPUArchState *env, int mask)
 
 void cpu_exit(CPUArchState *env)
 {
-env->exit_request = 1;
+CPUState *cpu = ENV_GET_CPU(env);
+
+cpu->exit_request = 1;
 cpu_unlink_tb(env);
 }
 
diff --git a/hw/spapr_hcall.c b/hw/spapr_hcall.c
index 2889742..af1db6e 100644
--- a/hw/spapr_hcall.c
+++ b/hw/spapr_hcall.c
@@ -513,13 +513,14 @@ static target_ulong h_cede(PowerPCCPU *cpu, 
sPAPREnvironment *spapr,
target_ulong opcode, target_ulong *args)
 {
 CPUPPCState *env = &cpu->env;
+CPUState *cs = CPU(cpu);
 
 env->msr |= (1ULL << MSR_EE);
 hreg_compute_hflags(env);
-if (!cpu_has_work(CPU(cpu))) {
+if (!cpu_has_work(cs)) {
 env->halted = 1;
 env->exception_index = EXCP_HLT;
-env->exit_request = 1;
+cs->exit_request = 1;
 }
 return H_SUCCESS;
 }
diff --git a/include/exec/cpu-defs.h b/include/exec/cpu-defs.h
index ba814ff..ca39f05 100644
--- a/include/exec/cpu-defs.h
+++ b/include/exec/cpu-defs.h
@@ -26,7 +26,6 @@
 #include "config.h"
 #include 
 #include 
-#include 
 #include "qemu/osdep.h"
 #include "qemu/queue.h"
 #include "exec/hwaddr.h"
@@ -160,7 +159,6 @@ typedef struct CPUWatchpoint {
  memory was accessed */ \
 uint32_t halted; /* Nonzero if the CPU is in suspend state */   \
 uint32_t interrupt_request; \
-volatile sig_atomic_t exit_request; \
 CPU_COMMON_TLB  \
 struct TranslationBlock *tb_jmp_cache[TB_JMP_CACHE_SIZE];   \
 /* buffer for temporaries in the code generator */  \
diff --git a/include/qom/cpu.h b/include/qom/cpu.h
index c465d88..42f3f34 100644
--- a/include/qom/cpu.h
+++ b/include/qom/cpu.h
@@ -20,6 +20,7 @@
 #ifndef QEMU_CPU_H
 #define QEMU_CPU_H
 
+#include 
 #include "hw/qdev-core.h"
 #include "qemu/thread.h"
 
@@ -96,6 +97,7 @@ struct CPUState {
 bool created;
 bool stop;
 bool stopped;
+volatile sig_atomic_t exit_request;
 
 int kvm_fd;
 bool kvm_vcpu_dirty;
diff --git a/kvm-all.c b/kvm-all.c
index 04ec2d5..4decfdc 100644
--- a/kvm-all.c
+++ b/kvm-all.c
@@ -1537,7 +1537,7 @@ int kvm_cpu_exec(CPUArchState *env)
 DPRINTF("kvm_cpu_exec()\n");
 
 if (kvm_arch_process_async_events(cpu)) {
-env->exit_request = 0;
+cpu->exit_request = 0;
 return EXCP_HLT;
 }
 
@@ -1548,7 +1548,7 @@ int kvm_cpu_exec(CPUArchState *env)
 }
 
 kvm_arch_pre_run(cpu, run);
-if (env->exit_request) {
+if (cpu->exit_request) {
 DPRINTF("interrupt exit requested\n");
 /*
  * KVM requires us to reenter the kernel after IO exits to complete
@@ -1622,7 +1622,7 @@ int kvm_cpu_exec(CPUArchState *env)
 vm_stop(RUN_STATE_INTERNAL_ERROR);
 }
 
-env->exit_request = 0;
+cpu->exit_request = 0;
 return ret;
 }
 
diff --git a/qom/cpu.c b/qom/cpu.c
index 870e9ba..7d8c675 100644
--- a/qom/cpu.c
+++ b/qom/cpu.c
@@ -32,6 +32,7 @@ void cpu_reset(CPUState *cpu)
 
 static void cpu_common_reset(C

[Qemu-devel] [PATCH 39/47] cputlb: Pass CPUState to cpu_unlink_tb()

[Andreas Färber]

CPUArchState is no longer needed.

Signed-off-by: Andreas Färber 
---
 exec.c  |2 +-
 translate-all.c |9 +
 translate-all.h |2 +-
 3 Dateien geändert, 7 Zeilen hinzugefügt(+), 6 Zeilen entfernt(-)

diff --git a/exec.c b/exec.c
index dbb893a..a41bcb8 100644
--- a/exec.c
+++ b/exec.c
@@ -495,7 +495,7 @@ void cpu_exit(CPUArchState *env)
 CPUState *cpu = ENV_GET_CPU(env);
 
 cpu->exit_request = 1;
-cpu_unlink_tb(env);
+cpu_unlink_tb(cpu);
 }
 
 void cpu_abort(CPUArchState *env, const char *fmt, ...)
diff --git a/translate-all.c b/translate-all.c
index 52128aa..b50fb89 100644
--- a/translate-all.c
+++ b/translate-all.c
@@ -1416,13 +1416,12 @@ void tb_invalidate_phys_addr(hwaddr addr)
 }
 #endif /* TARGET_HAS_ICE && !defined(CONFIG_USER_ONLY) */
 
-void cpu_unlink_tb(CPUArchState *env)
+void cpu_unlink_tb(CPUState *cpu)
 {
 /* FIXME: TB unchaining isn't SMP safe.  For now just ignore the
problem and hope the cpu will stop of its own accord.  For userspace
emulation this often isn't actually as bad as it sounds.  Often
signals are used primarily to interrupt blocking syscalls.  */
-CPUState *cpu = ENV_GET_CPU(env);
 TranslationBlock *tb;
 static spinlock_t interrupt_lock = SPIN_LOCK_UNLOCKED;
 
@@ -1476,7 +1475,7 @@ static void tcg_handle_interrupt(CPUArchState *env, int 
mask)
 cpu_abort(env, "Raised interrupt while not in I/O function");
 }
 } else {
-cpu_unlink_tb(env);
+cpu_unlink_tb(cpu);
 }
 }
 
@@ -1624,8 +1623,10 @@ void dump_exec_info(FILE *f, fprintf_function 
cpu_fprintf)
 
 void cpu_interrupt(CPUArchState *env, int mask)
 {
+CPUState *cpu = ENV_GET_CPU(env);
+
 env->interrupt_request |= mask;
-cpu_unlink_tb(env);
+cpu_unlink_tb(cpu);
 }
 
 /*
diff --git a/translate-all.h b/translate-all.h
index b181fb4..5c38819 100644
--- a/translate-all.h
+++ b/translate-all.h
@@ -28,7 +28,7 @@
 
 /* translate-all.c */
 void tb_invalidate_phys_page_fast(tb_page_addr_t start, int len);
-void cpu_unlink_tb(CPUArchState *env);
+void cpu_unlink_tb(CPUState *cpu);
 void tb_check_watchpoint(CPUArchState *env);
 
 #endif /* TRANSLATE_ALL_H */
-- 
1.7.10.4

[Qemu-devel] [PATCH 10/47] target-microblaze: Introduce QOM realizefn for MicroBlazeCPU

[Andreas Färber]

Introduce realizefn and set realized = true from cpu_mb_init().

Signed-off-by: Andreas Färber 
---
 target-microblaze/cpu-qom.h   |2 ++
 target-microblaze/cpu.c   |   14 ++
 target-microblaze/translate.c |3 +--
 3 Dateien geändert, 17 Zeilen hinzugefügt(+), 2 Zeilen entfernt(-)

diff --git a/target-microblaze/cpu-qom.h b/target-microblaze/cpu-qom.h
index f75549d..5ea911c 100644
--- a/target-microblaze/cpu-qom.h
+++ b/target-microblaze/cpu-qom.h
@@ -33,6 +33,7 @@
 
 /**
  * MicroBlazeCPUClass:
+ * @parent_realize: The parent class' realize handler.
  * @parent_reset: The parent class' reset handler.
  *
  * A MicroBlaze CPU model.
@@ -42,6 +43,7 @@ typedef struct MicroBlazeCPUClass {
 CPUClass parent_class;
 /*< public >*/
 
+DeviceRealize parent_realize;
 void (*parent_reset)(CPUState *cpu);
 } MicroBlazeCPUClass;
 
diff --git a/target-microblaze/cpu.c b/target-microblaze/cpu.c
index 39230fd..baae47b 100644
--- a/target-microblaze/cpu.c
+++ b/target-microblaze/cpu.c
@@ -85,6 +85,17 @@ static void mb_cpu_reset(CPUState *s)
 #endif
 }
 
+static void mb_cpu_realizefn(DeviceState *dev, Error **errp)
+{
+MicroBlazeCPU *cpu = MICROBLAZE_CPU(dev);
+MicroBlazeCPUClass *mcc = MICROBLAZE_CPU_GET_CLASS(dev);
+
+cpu_reset(CPU(cpu));
+qemu_init_vcpu(&cpu->env);
+
+mcc->parent_realize(dev, errp);
+}
+
 static void mb_cpu_initfn(Object *obj)
 {
 MicroBlazeCPU *cpu = MICROBLAZE_CPU(obj);
@@ -106,6 +117,9 @@ static void mb_cpu_class_init(ObjectClass *oc, void *data)
 CPUClass *cc = CPU_CLASS(oc);
 MicroBlazeCPUClass *mcc = MICROBLAZE_CPU_CLASS(oc);
 
+mcc->parent_realize = dc->realize;
+dc->realize = mb_cpu_realizefn;
+
 mcc->parent_reset = cc->reset;
 cc->reset = mb_cpu_reset;
 
diff --git a/target-microblaze/translate.c b/target-microblaze/translate.c
index 58ce712..a84856b 100644
--- a/target-microblaze/translate.c
+++ b/target-microblaze/translate.c
@@ -1970,8 +1970,7 @@ MicroBlazeCPU *cpu_mb_init(const char *cpu_model)
 
 cpu = MICROBLAZE_CPU(object_new(TYPE_MICROBLAZE_CPU));
 
-cpu_reset(CPU(cpu));
-qemu_init_vcpu(&cpu->env);
+object_property_set_bool(OBJECT(cpu), true, "realized", NULL);
 
 if (tcg_initialized) {
 return cpu;
-- 
1.7.10.4

[Qemu-devel] [PATCH 35/47] cpu: Move host_tid field to CPUState

[Andreas Färber]

Change gdbstub's cpu_index() argument to CPUState now that CPUArchState
is no longer used.

Signed-off-by: Andreas Färber 
---
 dump.c  |8 ++--
 gdbstub.c   |   14 +-
 include/exec/cpu-defs.h |1 -
 include/exec/gdbstub.h  |5 ++---
 include/qom/cpu.h   |2 ++
 linux-user/syscall.c|4 +++-
 6 Dateien geändert, 22 Zeilen hinzugefügt(+), 12 Zeilen entfernt(-)

diff --git a/dump.c b/dump.c
index 4ed1fa8..a25f509 100644
--- a/dump.c
+++ b/dump.c
@@ -271,11 +271,13 @@ static int write_elf64_note(DumpState *s)
 static int write_elf64_notes(DumpState *s)
 {
 CPUArchState *env;
+CPUState *cpu;
 int ret;
 int id;
 
 for (env = first_cpu; env != NULL; env = env->next_cpu) {
-id = cpu_index(env);
+cpu = ENV_GET_CPU(env);
+id = cpu_index(cpu);
 ret = cpu_write_elf64_note(fd_write_vmcore, env, id, s);
 if (ret < 0) {
 dump_error(s, "dump: failed to write elf notes.\n");
@@ -321,11 +323,13 @@ static int write_elf32_note(DumpState *s)
 static int write_elf32_notes(DumpState *s)
 {
 CPUArchState *env;
+CPUState *cpu;
 int ret;
 int id;
 
 for (env = first_cpu; env != NULL; env = env->next_cpu) {
-id = cpu_index(env);
+cpu = ENV_GET_CPU(env);
+id = cpu_index(cpu);
 ret = cpu_write_elf32_note(fd_write_vmcore, env, id, s);
 if (ret < 0) {
 dump_error(s, "dump: failed to write elf notes.\n");
diff --git a/gdbstub.c b/gdbstub.c
index 6cd26f1..32dfea9 100644
--- a/gdbstub.c
+++ b/gdbstub.c
@@ -2066,9 +2066,11 @@ static void gdb_set_cpu_pc(GDBState *s, target_ulong pc)
 static CPUArchState *find_cpu(uint32_t thread_id)
 {
 CPUArchState *env;
+CPUState *cpu;
 
 for (env = first_cpu; env != NULL; env = env->next_cpu) {
-if (cpu_index(env) == thread_id) {
+cpu = ENV_GET_CPU(env);
+if (cpu_index(cpu) == thread_id) {
 return env;
 }
 }
@@ -2096,7 +2098,7 @@ static int gdb_handle_packet(GDBState *s, const char 
*line_buf)
 case '?':
 /* TODO: Make this return the correct value for user-mode.  */
 snprintf(buf, sizeof(buf), "T%02xthread:%02x;", GDB_SIGNAL_TRAP,
- cpu_index(s->c_cpu));
+ cpu_index(ENV_GET_CPU(s->c_cpu)));
 put_packet(s, buf);
 /* Remove all the breakpoints when this query is issued,
  * because gdb is doing and initial connect and the state
@@ -2391,7 +2393,8 @@ static int gdb_handle_packet(GDBState *s, const char 
*line_buf)
 } else if (strcmp(p,"sThreadInfo") == 0) {
 report_cpuinfo:
 if (s->query_cpu) {
-snprintf(buf, sizeof(buf), "m%x", cpu_index(s->query_cpu));
+snprintf(buf, sizeof(buf), "m%x",
+ cpu_index(ENV_GET_CPU(s->query_cpu)));
 put_packet(s, buf);
 s->query_cpu = s->query_cpu->next_cpu;
 } else
@@ -2512,6 +2515,7 @@ static void gdb_vm_state_change(void *opaque, int 
running, RunState state)
 {
 GDBState *s = gdbserver_state;
 CPUArchState *env = s->c_cpu;
+CPUState *cpu = ENV_GET_CPU(env);
 char buf[256];
 const char *type;
 int ret;
@@ -2540,7 +2544,7 @@ static void gdb_vm_state_change(void *opaque, int 
running, RunState state)
 }
 snprintf(buf, sizeof(buf),
  "T%02xthread:%02x;%swatch:" TARGET_FMT_lx ";",
- GDB_SIGNAL_TRAP, cpu_index(env), type,
+ GDB_SIGNAL_TRAP, cpu_index(cpu), type,
  env->watchpoint_hit->vaddr);
 env->watchpoint_hit = NULL;
 goto send_packet;
@@ -2573,7 +2577,7 @@ static void gdb_vm_state_change(void *opaque, int 
running, RunState state)
 ret = GDB_SIGNAL_UNKNOWN;
 break;
 }
-snprintf(buf, sizeof(buf), "T%02xthread:%02x;", ret, cpu_index(env));
+snprintf(buf, sizeof(buf), "T%02xthread:%02x;", ret, cpu_index(cpu));
 
 send_packet:
 put_packet(s, buf);
diff --git a/include/exec/cpu-defs.h b/include/exec/cpu-defs.h
index 2911b9f..ae832a9 100644
--- a/include/exec/cpu-defs.h
+++ b/include/exec/cpu-defs.h
@@ -191,7 +191,6 @@ typedef struct CPUWatchpoint {
 int exception_index;\
 \
 CPUArchState *next_cpu; /* next CPU sharing TB cache */ \
-uint32_t host_tid; /* host thread ID */ \
 int running; /* Nonzero if cpu is currently running(usermode).  */  \
 /* user data */ \
 void *opaque;   \
diff --git a/include/exec/gdbstub.h b/include/exec/gdbstub.h
index 49231fe..ba20afa 100644
--- a/include/exec/gdbstub.h
+++ b/include/exec/gdbstub.h
@@ -30,12 +30,11 @@

[Qemu-devel] [Bug 1127053] Re: assertion failed in exec.c while attempting to start a guest (latest commit)

[Milos Ivanovic]

For what it's worth, I got the same problem in 1.4 - not sure what's
going on there:

eclipse ~ # qemu-kvm --version
QEMU emulator version 1.4.0, Copyright (c) 2003-2008 Fabrice Bellard

eclipse ~ # qemu-kvm
qemu-kvm: /var/tmp/portage/app-emulation/qemu-1.4.0/work/qemu-1.4.0/exec.c:982: 
qemu_ram_set_idstr: Assertion `!new_block->idstr[0]' failed.
Aborted

-- 
You received this bug notification because you are a member of qemu-
devel-ml, which is subscribed to QEMU.
https://bugs.launchpad.net/bugs/1127053

Title:
  assertion failed in exec.c while attempting to start a guest (latest
  commit)

Status in QEMU:
  New

Bug description:
  Hi team,

  I decided to try the latest commit on git (previously used version
  1.3.0), and I got failed assertions while attempting to start my
  guests:

  eclipse ~ # qemu-kvm -enable-kvm -hda arch.img -m 4096 -smp sockets=1,cores=4 
-vnc :0 -cpu host -vga std -net nic,model=e1000,macaddr=00:00:00:00:00:00 -net 
tap,ifname=vm0 -qmp tcp:0.0.0.0:4900,server,nowait
  qemu-kvm: /var/tmp/portage/app-emulation/qemu-/work/qemu-/exec.c:982: 
qemu_ram_set_idstr: Assertion `!new_block->idstr[0]' failed.
  Aborted

  The assertion seems valid, so whatever's causing it is probably to
  blame. I haven't dug around much to find out what calls the method
  (qemu_ram_set_idstr()), but that is probably the best place to start.

  The host contains a Xeon E3-1240 CPU, virtualising a bunch of guests
  one of which is Arch Linux 64-bit, if that helps.

  eclipse ~ # qemu-kvm -version
  QEMU emulator version 1.4.50, Copyright (c) 2003-2008 Fabrice Bellard

  It looks like this assertion happens if you call the executable
  without any parameters as well:

  eclipse ~ # qemu-kvm
  qemu-kvm: /var/tmp/portage/app-emulation/qemu-/work/qemu-/exec.c:982: 
qemu_ram_set_idstr: Assertion `!new_block->idstr[0]' failed.
  Aborted

  Thanks.

To manage notifications about this bug go to:
https://bugs.launchpad.net/qemu/+bug/1127053/+subscriptions

[Qemu-devel] [PATCH 06/47] target-ppc: Update PowerPCCPU to QOM realizefn

[Andreas Färber]

Adapt ppc_cpu_realize() signature, hook it up to DeviceClass and set
realized = true in cpu_ppc_init().

Reviewed-by: Eduardo Habkost 
Signed-off-by: Andreas Färber 
---
 target-ppc/cpu-qom.h|2 ++
 target-ppc/translate_init.c |   12 +---
 2 Dateien geändert, 11 Zeilen hinzugefügt(+), 3 Zeilen entfernt(-)

diff --git a/target-ppc/cpu-qom.h b/target-ppc/cpu-qom.h
index b338f8f..2b82cdb 100644
--- a/target-ppc/cpu-qom.h
+++ b/target-ppc/cpu-qom.h
@@ -40,6 +40,7 @@
 
 /**
  * PowerPCCPUClass:
+ * @parent_realize: The parent class' realize handler.
  * @parent_reset: The parent class' reset handler.
  *
  * A PowerPC CPU model.
@@ -49,6 +50,7 @@ typedef struct PowerPCCPUClass {
 CPUClass parent_class;
 /*< public >*/
 
+DeviceRealize parent_realize;
 void (*parent_reset)(CPUState *cpu);
 
 /* TODO inline fields here */
diff --git a/target-ppc/translate_init.c b/target-ppc/translate_init.c
index 6cebaa1..49eaeac 100644
--- a/target-ppc/translate_init.c
+++ b/target-ppc/translate_init.c
@@ -10030,9 +10030,9 @@ static int ppc_fixup_cpu(PowerPCCPU *cpu)
 return 0;
 }
 
-static void ppc_cpu_realize(Object *obj, Error **errp)
+static void ppc_cpu_realizefn(DeviceState *dev, Error **errp)
 {
-PowerPCCPU *cpu = POWERPC_CPU(obj);
+PowerPCCPU *cpu = POWERPC_CPU(dev);
 CPUPPCState *env = &cpu->env;
 PowerPCCPUClass *pcc = POWERPC_CPU_GET_CLASS(cpu);
 ppc_def_t *def = pcc->info;
@@ -10083,6 +10083,8 @@ static void ppc_cpu_realize(Object *obj, Error **errp)
 
 qemu_init_vcpu(env);
 
+pcc->parent_realize(dev, errp);
+
 #if defined(PPC_DUMP_CPU)
 {
 const char *mmu_model, *excp_model, *bus_model;
@@ -10354,7 +10356,7 @@ PowerPCCPU *cpu_ppc_init(const char *cpu_model)
 
 env->cpu_model_str = cpu_model;
 
-ppc_cpu_realize(OBJECT(cpu), &err);
+object_property_set_bool(OBJECT(cpu), true, "realized", &err);
 if (err != NULL) {
 fprintf(stderr, "%s\n", error_get_pretty(err));
 error_free(err);
@@ -10575,6 +10577,10 @@ static void ppc_cpu_class_init(ObjectClass *oc, void 
*data)
 {
 PowerPCCPUClass *pcc = POWERPC_CPU_CLASS(oc);
 CPUClass *cc = CPU_CLASS(oc);
+DeviceClass *dc = DEVICE_CLASS(oc);
+
+pcc->parent_realize = dc->realize;
+dc->realize = ppc_cpu_realizefn;
 
 pcc->parent_reset = cc->reset;
 cc->reset = ppc_cpu_reset;
-- 
1.7.10.4

[Qemu-devel] [PATCH 22/47] target-mips: Move TCG initialization to MIPSCPU initfn

[Andreas Färber]

Make mips_tcg_init() non-static and add tcg_enabled() check to suppress
it for qtest.

Signed-off-by: Andreas Färber 
---
 target-mips/cpu.c   |4 
 target-mips/cpu.h   |1 +
 target-mips/translate.c |3 +--
 3 Dateien geändert, 6 Zeilen hinzugefügt(+), 2 Zeilen entfernt(-)

diff --git a/target-mips/cpu.c b/target-mips/cpu.c
index 18895da..09d6172 100644
--- a/target-mips/cpu.c
+++ b/target-mips/cpu.c
@@ -59,6 +59,10 @@ static void mips_cpu_initfn(Object *obj)
 CPUMIPSState *env = &cpu->env;
 
 cpu_exec_init(env);
+
+if (tcg_enabled()) {
+mips_tcg_init();
+}
 }
 
 static void mips_cpu_class_init(ObjectClass *c, void *data)
diff --git a/target-mips/cpu.h b/target-mips/cpu.h
index 5963d62..0e198b1 100644
--- a/target-mips/cpu.h
+++ b/target-mips/cpu.h
@@ -629,6 +629,7 @@ enum {
 #define CPU_INTERRUPT_WAKE CPU_INTERRUPT_TGT_INT_0
 
 int cpu_mips_exec(CPUMIPSState *s);
+void mips_tcg_init(void);
 MIPSCPU *cpu_mips_init(const char *cpu_model);
 int cpu_mips_signal_handler(int host_signum, void *pinfo, void *puc);
 
diff --git a/target-mips/translate.c b/target-mips/translate.c
index d7f650e..4ee9615 100644
--- a/target-mips/translate.c
+++ b/target-mips/translate.c
@@ -15836,7 +15836,7 @@ void cpu_dump_state (CPUMIPSState *env, FILE *f, 
fprintf_function cpu_fprintf,
 #endif
 }
 
-static void mips_tcg_init(void)
+void mips_tcg_init(void)
 {
 int i;
 static int inited;
@@ -15915,7 +15915,6 @@ MIPSCPU *cpu_mips_init(const char *cpu_model)
 #endif
 fpu_init(env, def);
 mvp_init(env, def);
-mips_tcg_init();
 
 object_property_set_bool(OBJECT(cpu), true, "realized", NULL);
 
-- 
1.7.10.4

[Qemu-devel] [PATCH 41/47] e500: Replace open-coded loop with qemu_get_cpu()

[Andreas Färber]

Since we still need env for ppc-specific fields, obtain it via the new
env_ptr fields to avoid "cpu" name conflicts between CPUState and
PowerPCCPU for now.

This fixes a potential issue with env being NULL at the end of the loop
but cpu still being a valid pointer corresponding to a previous env.

Acked-by: Alexander Graf 
Signed-off-by: Andreas Färber 
---
 hw/ppc/e500.c |   11 +++
 1 Datei geändert, 3 Zeilen hinzugefügt(+), 8 Zeilen entfernt(-)

diff --git a/hw/ppc/e500.c b/hw/ppc/e500.c
index b7474c0..451682c 100644
--- a/hw/ppc/e500.c
+++ b/hw/ppc/e500.c
@@ -240,20 +240,15 @@ static int ppce500_load_device_tree(CPUPPCState *env,
 /* We need to generate the cpu nodes in reverse order, so Linux can pick
the first node as boot node and be happy */
 for (i = smp_cpus - 1; i >= 0; i--) {
-CPUState *cpu = NULL;
+CPUState *cpu;
 char cpu_name[128];
 uint64_t cpu_release_addr = MPC8544_SPIN_BASE + (i * 0x20);
 
-for (env = first_cpu; env != NULL; env = env->next_cpu) {
-cpu = ENV_GET_CPU(env);
-if (cpu->cpu_index == i) {
-break;
-}
-}
-
+cpu = qemu_get_cpu(i);
 if (cpu == NULL) {
 continue;
 }
+env = cpu->env_ptr;
 
 snprintf(cpu_name, sizeof(cpu_name), "/cpus/PowerPC,8544@%x",
  cpu->cpu_index);
-- 
1.7.10.4

[Qemu-devel] [PATCH 02/47] target-alpha: Update AlphaCPU to QOM realizefn

[Andreas Färber]

Update the alpha_cpu_realize() signature and hook up to
DeviceClass::realize. Set realized = true in cpu_alpha_init().

qapi/error.h is included through qdev now and no longer needed.

Acked-by: Richard Henderson 
[AF: Invoke parent's realizefn]
Signed-off-by: Andreas Färber 
---
 target-alpha/cpu-qom.h |2 ++
 target-alpha/cpu.c |   16 
 2 Dateien geändert, 14 Zeilen hinzugefügt(+), 4 Zeilen entfernt(-)

diff --git a/target-alpha/cpu-qom.h b/target-alpha/cpu-qom.h
index 16367d2..c0f6c6d 100644
--- a/target-alpha/cpu-qom.h
+++ b/target-alpha/cpu-qom.h
@@ -34,6 +34,7 @@
 
 /**
  * AlphaCPUClass:
+ * @parent_realize: The parent class' realize handler.
  * @parent_reset: The parent class' reset handler.
  *
  * An Alpha CPU model.
@@ -43,6 +44,7 @@ typedef struct AlphaCPUClass {
 CPUClass parent_class;
 /*< public >*/
 
+DeviceRealize parent_realize;
 void (*parent_reset)(CPUState *cpu);
 } AlphaCPUClass;
 
diff --git a/target-alpha/cpu.c b/target-alpha/cpu.c
index 0ad69f0..0cdae69 100644
--- a/target-alpha/cpu.c
+++ b/target-alpha/cpu.c
@@ -21,14 +21,16 @@
 
 #include "cpu.h"
 #include "qemu-common.h"
-#include "qapi/error.h"
 
 
-static void alpha_cpu_realize(Object *obj, Error **errp)
+static void alpha_cpu_realizefn(DeviceState *dev, Error **errp)
 {
-AlphaCPU *cpu = ALPHA_CPU(obj);
+AlphaCPU *cpu = ALPHA_CPU(dev);
+AlphaCPUClass *acc = ALPHA_CPU_GET_CLASS(dev);
 
 qemu_init_vcpu(&cpu->env);
+
+acc->parent_realize(dev, errp);
 }
 
 /* Sort alphabetically by type name. */
@@ -134,7 +136,8 @@ AlphaCPU *cpu_alpha_init(const char *cpu_model)
 
 env->cpu_model_str = cpu_model;
 
-alpha_cpu_realize(OBJECT(cpu), NULL);
+object_property_set_bool(OBJECT(cpu), true, "realized", NULL);
+
 return cpu;
 }
 
@@ -250,7 +253,12 @@ static void alpha_cpu_initfn(Object *obj)
 
 static void alpha_cpu_class_init(ObjectClass *oc, void *data)
 {
+DeviceClass *dc = DEVICE_CLASS(oc);
 CPUClass *cc = CPU_CLASS(oc);
+AlphaCPUClass *acc = ALPHA_CPU_CLASS(oc);
+
+acc->parent_realize = dc->realize;
+dc->realize = alpha_cpu_realizefn;
 
 cc->class_by_name = alpha_cpu_class_by_name;
 }
-- 
1.7.10.4

[Qemu-devel] [PATCH 15/47] target-unicore32: Introduce QOM realizefn for UniCore32CPU

[Andreas Färber]

Introduce a realizefn and set realized = true in uc32_cpu_init().

Acked-by: Guan Xuetao 
[AF: Invoke the parent's realizefn]
Signed-off-by: Andreas Färber 
---
 target-unicore32/cpu-qom.h |3 +++
 target-unicore32/cpu.c |   14 ++
 target-unicore32/helper.c  |3 ++-
 3 Dateien geändert, 19 Zeilen hinzugefügt(+), 1 Zeile entfernt(-)

diff --git a/target-unicore32/cpu-qom.h b/target-unicore32/cpu-qom.h
index fe40b2d..625c614 100644
--- a/target-unicore32/cpu-qom.h
+++ b/target-unicore32/cpu-qom.h
@@ -25,6 +25,7 @@
 
 /**
  * UniCore32CPUClass:
+ * @parent_realize: The parent class' realize handler.
  *
  * A UniCore32 CPU model.
  */
@@ -32,6 +33,8 @@ typedef struct UniCore32CPUClass {
 /*< private >*/
 CPUClass parent_class;
 /*< public >*/
+
+DeviceRealize parent_realize;
 } UniCore32CPUClass;
 
 /**
diff --git a/target-unicore32/cpu.c b/target-unicore32/cpu.c
index 4e4177f..8de17a4 100644
--- a/target-unicore32/cpu.c
+++ b/target-unicore32/cpu.c
@@ -81,6 +81,16 @@ static const UniCore32CPUInfo uc32_cpus[] = {
 { .name = "any",.instance_init = uc32_any_cpu_initfn },
 };
 
+static void uc32_cpu_realizefn(DeviceState *dev, Error **errp)
+{
+UniCore32CPU *cpu = UNICORE32_CPU(dev);
+UniCore32CPUClass *ucc = UNICORE32_CPU_GET_CLASS(dev);
+
+qemu_init_vcpu(&cpu->env);
+
+ucc->parent_realize(dev, errp);
+}
+
 static void uc32_cpu_initfn(Object *obj)
 {
 UniCore32CPU *cpu = UNICORE32_CPU(obj);
@@ -108,6 +118,10 @@ static void uc32_cpu_class_init(ObjectClass *oc, void 
*data)
 {
 DeviceClass *dc = DEVICE_CLASS(oc);
 CPUClass *cc = CPU_CLASS(oc);
+UniCore32CPUClass *ucc = UNICORE32_CPU_CLASS(oc);
+
+ucc->parent_realize = dc->realize;
+dc->realize = uc32_cpu_realizefn;
 
 cc->class_by_name = uc32_cpu_class_by_name;
 dc->vmsd = &vmstate_uc32_cpu;
diff --git a/target-unicore32/helper.c b/target-unicore32/helper.c
index 3a92232..2442133 100644
--- a/target-unicore32/helper.c
+++ b/target-unicore32/helper.c
@@ -45,7 +45,8 @@ CPUUniCore32State *uc32_cpu_init(const char *cpu_model)
 uc32_translate_init();
 }
 
-qemu_init_vcpu(env);
+object_property_set_bool(OBJECT(cpu), true, "realized", NULL);
+
 return env;
 }
 
-- 
1.7.10.4

Re: [Qemu-devel] [PATCH V23 4/7] Build the TPM frontend code

[Stefan Berger]

On 02/16/2013 06:19 AM, Andreas Färber wrote:

Am 15.02.2013 20:39, schrieb Stefan Berger:
  if test "$sdl_too_old" = "yes"; then
  echo "-> Your SDL version is too old - please upgrade to have SDL support"
@@ -4251,6 +4256,12 @@ if test "$gprof" = "yes" ; then
fi
  fi
  
+if test "$tpm" = "yes"; then

+  if test "$target_softmmu" = "yes" ; then
+echo "CONFIG_TPM=y" >> $config_host_mak
+  fi
+fi
So if some softmmu is being built and --enabled-tpm was chosen, we set
CONFIG_TPM=y for the host. Fine.


+
  if test "$ARCH" = "tci"; then
linker_script=""
  else
diff --git a/tpm/Makefile.objs b/tpm/Makefile.objs
index dffb567..63bfcea 100644
--- a/tpm/Makefile.objs
+++ b/tpm/Makefile.objs
@@ -1 +1,2 @@
  common-obj-y = tpm.o
+common-obj-$(CONFIG_TPM) += tpm_tis.o

Some softmmus might not even support ISA, so this needs to be
conditional on more than just the host's $(CONFIG_TPM), it should be a
combination of the host's CONFIG_TPM=y and CONFIG_TPM_TIS=y in
default-configs/{i386,x86_64}-softmmu.config or similar.


I need some help with this... From what I can see at least in hw/Makefile.objs 
isa-bus.o is unconditionally added to common-obj-y. Similarly the sb16.c, also 
an ISA device, ends up in config-host.mak. Does this imply that any softmmu 
will have isa-bus.o and sb16 compile in ?

Regards,
   Stefan

[Qemu-devel] [PATCH 33/47] target-m68k: Pass M68kCPU to m68k_set_irq_level()

[Andreas Färber]

Simplifies use of cpu_reset_interrupt() et al.

Signed-off-by: Andreas Färber 
---
 hw/mcf5206.c |2 +-
 hw/mcf_intc.c|2 +-
 target-m68k/cpu.h|2 +-
 target-m68k/helper.c |4 +++-
 4 Dateien geändert, 6 Zeilen hinzugefügt(+), 4 Zeilen entfernt(-)

diff --git a/hw/mcf5206.c b/hw/mcf5206.c
index 9bb393e..ea2db23 100644
--- a/hw/mcf5206.c
+++ b/hw/mcf5206.c
@@ -226,7 +226,7 @@ static void m5206_mbar_update(m5206_mbar_state *s)
 level = 0;
 vector = 0;
 }
-m68k_set_irq_level(&s->cpu->env, level, vector);
+m68k_set_irq_level(s->cpu, level, vector);
 }
 
 static void m5206_mbar_set_irq(void *opaque, int irq, int level)
diff --git a/hw/mcf_intc.c b/hw/mcf_intc.c
index 450f622..b213656 100644
--- a/hw/mcf_intc.c
+++ b/hw/mcf_intc.c
@@ -40,7 +40,7 @@ static void mcf_intc_update(mcf_intc_state *s)
 }
 }
 s->active_vector = ((best == 64) ? 24 : (best + 64));
-m68k_set_irq_level(&s->cpu->env, best_level, s->active_vector);
+m68k_set_irq_level(s->cpu, best_level, s->active_vector);
 }
 
 static uint64_t mcf_intc_read(void *opaque, hwaddr addr,
diff --git a/target-m68k/cpu.h b/target-m68k/cpu.h
index ed9be80..2672eae 100644
--- a/target-m68k/cpu.h
+++ b/target-m68k/cpu.h
@@ -169,7 +169,7 @@ enum {
 #define MACSR_V 0x002
 #define MACSR_EV0x001
 
-void m68k_set_irq_level(CPUM68KState *env, int level, uint8_t vector);
+void m68k_set_irq_level(M68kCPU *cpu, int level, uint8_t vector);
 void m68k_set_macsr(CPUM68KState *env, uint32_t val);
 void m68k_switch_sp(CPUM68KState *env);
 
diff --git a/target-m68k/helper.c b/target-m68k/helper.c
index 7d3fd94..1bae3ab 100644
--- a/target-m68k/helper.c
+++ b/target-m68k/helper.c
@@ -310,8 +310,10 @@ int cpu_m68k_handle_mmu_fault (CPUM68KState *env, 
target_ulong address, int rw,
be handled by the interrupt controller.  Real hardware only requests
the vector when the interrupt is acknowledged by the CPU.  For
simplicitly we calculate it when the interrupt is signalled.  */
-void m68k_set_irq_level(CPUM68KState *env, int level, uint8_t vector)
+void m68k_set_irq_level(M68kCPU *cpu, int level, uint8_t vector)
 {
+CPUM68KState *env = &cpu->env;
+
 env->pending_level = level;
 env->pending_vector = vector;
 if (level)
-- 
1.7.10.4

[Qemu-devel] [PATCH 03/47] target-arm: Update ARMCPU to QOM realizefn

[Andreas Färber]

Turn arm_cpu_realize() into a QOM realize function, no longer called
via cpu.h prototype. To maintain the semantics of cpu_init(), set
realized = true explicitly in cpu_arm_init().

Move GDB coprocessor registration, CPU reset and vCPU initialization
into the realizefn.

Signed-off-by: Andreas Färber 
---
 target-arm/cpu-qom.h |3 ++-
 target-arm/cpu.c |   21 ++---
 target-arm/cpu.h |1 +
 target-arm/helper.c  |   14 ++
 4 Dateien geändert, 27 Zeilen hinzugefügt(+), 12 Zeilen entfernt(-)

diff --git a/target-arm/cpu-qom.h b/target-arm/cpu-qom.h
index 0f455c4..aff7bf3 100644
--- a/target-arm/cpu-qom.h
+++ b/target-arm/cpu-qom.h
@@ -33,6 +33,7 @@
 
 /**
  * ARMCPUClass:
+ * @parent_realize: The parent class' realize handler.
  * @parent_reset: The parent class' reset handler.
  *
  * An ARM CPU model.
@@ -42,6 +43,7 @@ typedef struct ARMCPUClass {
 CPUClass parent_class;
 /*< public >*/
 
+DeviceRealize parent_realize;
 void (*parent_reset)(CPUState *cpu);
 } ARMCPUClass;
 
@@ -107,7 +109,6 @@ static inline ARMCPU *arm_env_get_cpu(CPUARMState *env)
 
 #define ENV_GET_CPU(e) CPU(arm_env_get_cpu(e))
 
-void arm_cpu_realize(ARMCPU *cpu);
 void register_cp_regs_for_features(ARMCPU *cpu);
 
 #endif
diff --git a/target-arm/cpu.c b/target-arm/cpu.c
index 1c6a628..9915172 100644
--- a/target-arm/cpu.c
+++ b/target-arm/cpu.c
@@ -147,15 +147,12 @@ static void arm_cpu_finalizefn(Object *obj)
 g_hash_table_destroy(cpu->cp_regs);
 }
 
-void arm_cpu_realize(ARMCPU *cpu)
+static void arm_cpu_realizefn(DeviceState *dev, Error **errp)
 {
-/* This function is called by cpu_arm_init() because it
- * needs to do common actions based on feature bits, etc
- * that have been set by the subclass init functions.
- * When we have QOM realize support it should become
- * a true realize function instead.
- */
+ARMCPU *cpu = ARM_CPU(dev);
+ARMCPUClass *acc = ARM_CPU_GET_CLASS(dev);
 CPUARMState *env = &cpu->env;
+
 /* Some features automatically imply others: */
 if (arm_feature(env, ARM_FEATURE_V7)) {
 set_feature(env, ARM_FEATURE_VAPA);
@@ -197,6 +194,12 @@ void arm_cpu_realize(ARMCPU *cpu)
 }
 
 register_cp_regs_for_features(cpu);
+arm_cpu_register_gdb_regs_for_features(cpu);
+
+cpu_reset(CPU(cpu));
+qemu_init_vcpu(env);
+
+acc->parent_realize(dev, errp);
 }
 
 /* CPU models */
@@ -782,6 +785,10 @@ static void arm_cpu_class_init(ObjectClass *oc, void *data)
 {
 ARMCPUClass *acc = ARM_CPU_CLASS(oc);
 CPUClass *cc = CPU_CLASS(acc);
+DeviceClass *dc = DEVICE_CLASS(oc);
+
+acc->parent_realize = dc->realize;
+dc->realize = arm_cpu_realizefn;
 
 acc->parent_reset = cc->reset;
 cc->reset = arm_cpu_reset;
diff --git a/target-arm/cpu.h b/target-arm/cpu.h
index ffddfcb..2902ba5 100644
--- a/target-arm/cpu.h
+++ b/target-arm/cpu.h
@@ -234,6 +234,7 @@ typedef struct CPUARMState {
 
 ARMCPU *cpu_arm_init(const char *cpu_model);
 void arm_translate_init(void);
+void arm_cpu_register_gdb_regs_for_features(ARMCPU *cpu);
 int cpu_arm_exec(CPUARMState *s);
 void do_interrupt(CPUARMState *);
 void switch_mode(CPUARMState *, int);
diff --git a/target-arm/helper.c b/target-arm/helper.c
index eb7b291..4538a09 100644
--- a/target-arm/helper.c
+++ b/target-arm/helper.c
@@ -1272,14 +1272,22 @@ ARMCPU *cpu_arm_init(const char *cpu_model)
 cpu = ARM_CPU(object_new(object_class_get_name(oc)));
 env = &cpu->env;
 env->cpu_model_str = cpu_model;
-arm_cpu_realize(cpu);
+
+/* TODO this should be set centrally, once possible */
+object_property_set_bool(OBJECT(cpu), true, "realized", NULL);
 
 if (tcg_enabled() && !inited) {
 inited = 1;
 arm_translate_init();
 }
 
-cpu_reset(CPU(cpu));
+return cpu;
+}
+
+void arm_cpu_register_gdb_regs_for_features(ARMCPU *cpu)
+{
+CPUARMState *env = &cpu->env;
+
 if (arm_feature(env, ARM_FEATURE_NEON)) {
 gdb_register_coprocessor(env, vfp_gdb_get_reg, vfp_gdb_set_reg,
  51, "arm-neon.xml", 0);
@@ -1290,8 +1298,6 @@ ARMCPU *cpu_arm_init(const char *cpu_model)
 gdb_register_coprocessor(env, vfp_gdb_get_reg, vfp_gdb_set_reg,
  19, "arm-vfp.xml", 0);
 }
-qemu_init_vcpu(env);
-return cpu;
 }
 
 /* Sort alphabetically by type name, except for "any". */
-- 
1.7.10.4

[Qemu-devel] [PATCH 46/47] target-i386: Move cpu_x86_init()

[Andreas Färber]

Consolidate CPU functions in cpu.c.
Allows to make cpu_x86_register() static.

No functional changes.

Reviewed-by: Eduardo Habkost 
Reviewed-by: Igor Mammedov 
Signed-off-by: Andreas Färber 
---
 target-i386/cpu.c|   26 +-
 target-i386/cpu.h|1 -
 target-i386/helper.c |   24 
 3 Dateien geändert, 25 Zeilen hinzugefügt(+), 26 Zeilen entfernt(-)

diff --git a/target-i386/cpu.c b/target-i386/cpu.c
index 635f334..462d6c9 100644
--- a/target-i386/cpu.c
+++ b/target-i386/cpu.c
@@ -1516,7 +1516,7 @@ static void filter_features_for_kvm(X86CPU *cpu)
 }
 #endif
 
-int cpu_x86_register(X86CPU *cpu, const char *cpu_model)
+static int cpu_x86_register(X86CPU *cpu, const char *cpu_model)
 {
 CPUX86State *env = &cpu->env;
 x86_def_t def1, *def = &def1;
@@ -1576,6 +1576,30 @@ out:
 return 0;
 }
 
+X86CPU *cpu_x86_init(const char *cpu_model)
+{
+X86CPU *cpu;
+CPUX86State *env;
+Error *error = NULL;
+
+cpu = X86_CPU(object_new(TYPE_X86_CPU));
+env = &cpu->env;
+env->cpu_model_str = cpu_model;
+
+if (cpu_x86_register(cpu, cpu_model) < 0) {
+object_unref(OBJECT(cpu));
+return NULL;
+}
+
+object_property_set_bool(OBJECT(cpu), true, "realized", &error);
+if (error) {
+error_free(error);
+object_unref(OBJECT(cpu));
+return NULL;
+}
+return cpu;
+}
+
 #if !defined(CONFIG_USER_ONLY)
 
 void cpu_clear_apic_feature(CPUX86State *env)
diff --git a/target-i386/cpu.h b/target-i386/cpu.h
index 9e6e1a6..7577e4f 100644
--- a/target-i386/cpu.h
+++ b/target-i386/cpu.h
@@ -1002,7 +1002,6 @@ int cpu_x86_signal_handler(int host_signum, void *pinfo,
 void cpu_x86_cpuid(CPUX86State *env, uint32_t index, uint32_t count,
uint32_t *eax, uint32_t *ebx,
uint32_t *ecx, uint32_t *edx);
-int cpu_x86_register(X86CPU *cpu, const char *cpu_model);
 void cpu_clear_apic_feature(CPUX86State *env);
 void host_cpuid(uint32_t function, uint32_t count,
 uint32_t *eax, uint32_t *ebx, uint32_t *ecx, uint32_t *edx);
diff --git a/target-i386/helper.c b/target-i386/helper.c
index 1a872fa..4bf9db7 100644
--- a/target-i386/helper.c
+++ b/target-i386/helper.c
@@ -1267,30 +1267,6 @@ int cpu_x86_get_descr_debug(CPUX86State *env, unsigned 
int selector,
 return 1;
 }
 
-X86CPU *cpu_x86_init(const char *cpu_model)
-{
-X86CPU *cpu;
-CPUX86State *env;
-Error *error = NULL;
-
-cpu = X86_CPU(object_new(TYPE_X86_CPU));
-env = &cpu->env;
-env->cpu_model_str = cpu_model;
-
-if (cpu_x86_register(cpu, cpu_model) < 0) {
-object_unref(OBJECT(cpu));
-return NULL;
-}
-
-object_property_set_bool(OBJECT(cpu), true, "realized", &error);
-if (error) {
-error_free(error);
-object_unref(OBJECT(cpu));
-return NULL;
-}
-return cpu;
-}
-
 #if !defined(CONFIG_USER_ONLY)
 void do_cpu_init(X86CPU *cpu)
 {
-- 
1.7.10.4

[Qemu-devel] [PATCH 31/47] mcf5206: Pass M68kCPU to mcf5206_init()

[Andreas Färber]

Store it in m5206_mbar_state. Prepares for passing M68kCPU to
m68k_set_irq_level().

Signed-off-by: Andreas Färber 
---
 hw/an5206.c  |   11 +++
 hw/mcf.h |2 +-
 hw/mcf5206.c |8 
 3 Dateien geändert, 12 Zeilen hinzugefügt(+), 9 Zeilen entfernt(-)

diff --git a/hw/an5206.c b/hw/an5206.c
index 750115a..924be81 100644
--- a/hw/an5206.c
+++ b/hw/an5206.c
@@ -24,6 +24,7 @@ static void an5206_init(QEMUMachineInitArgs *args)
 ram_addr_t ram_size = args->ram_size;
 const char *cpu_model = args->cpu_model;
 const char *kernel_filename = args->kernel_filename;
+M68kCPU *cpu;
 CPUM68KState *env;
 int kernel_size;
 uint64_t elf_entry;
@@ -32,12 +33,14 @@ static void an5206_init(QEMUMachineInitArgs *args)
 MemoryRegion *ram = g_new(MemoryRegion, 1);
 MemoryRegion *sram = g_new(MemoryRegion, 1);
 
-if (!cpu_model)
+if (!cpu_model) {
 cpu_model = "m5206";
-env = cpu_init(cpu_model);
-if (!env) {
+}
+cpu = cpu_m68k_init(cpu_model);
+if (!cpu) {
 hw_error("Unable to find m68k CPU definition\n");
 }
+env = &cpu->env;
 
 /* Initialize CPU registers.  */
 env->vbr = 0;
@@ -55,7 +58,7 @@ static void an5206_init(QEMUMachineInitArgs *args)
 vmstate_register_ram_global(sram);
 memory_region_add_subregion(address_space_mem, AN5206_RAMBAR_ADDR, sram);
 
-mcf5206_init(address_space_mem, AN5206_MBAR_ADDR, env);
+mcf5206_init(address_space_mem, AN5206_MBAR_ADDR, cpu);
 
 /* Load kernel.  */
 if (!kernel_filename) {
diff --git a/hw/mcf.h b/hw/mcf.h
index f929910..dc21028 100644
--- a/hw/mcf.h
+++ b/hw/mcf.h
@@ -25,6 +25,6 @@ void mcf_fec_init(struct MemoryRegion *sysmem, NICInfo *nd,
 
 /* mcf5206.c */
 qemu_irq *mcf5206_init(struct MemoryRegion *sysmem,
-   uint32_t base, CPUM68KState *env);
+   uint32_t base, M68kCPU *cpu);
 
 #endif
diff --git a/hw/mcf5206.c b/hw/mcf5206.c
index d8c0059..9bb393e 100644
--- a/hw/mcf5206.c
+++ b/hw/mcf5206.c
@@ -145,7 +145,7 @@ static m5206_timer_state *m5206_timer_init(qemu_irq irq)
 /* System Integration Module.  */
 
 typedef struct {
-CPUM68KState *env;
+M68kCPU *cpu;
 MemoryRegion iomem;
 m5206_timer_state *timer[2];
 void *uart[2];
@@ -226,7 +226,7 @@ static void m5206_mbar_update(m5206_mbar_state *s)
 level = 0;
 vector = 0;
 }
-m68k_set_irq_level(s->env, level, vector);
+m68k_set_irq_level(&s->cpu->env, level, vector);
 }
 
 static void m5206_mbar_set_irq(void *opaque, int irq, int level)
@@ -525,7 +525,7 @@ static const MemoryRegionOps m5206_mbar_ops = {
 .endianness = DEVICE_NATIVE_ENDIAN,
 };
 
-qemu_irq *mcf5206_init(MemoryRegion *sysmem, uint32_t base, CPUM68KState *env)
+qemu_irq *mcf5206_init(MemoryRegion *sysmem, uint32_t base, M68kCPU *cpu)
 {
 m5206_mbar_state *s;
 qemu_irq *pic;
@@ -541,7 +541,7 @@ qemu_irq *mcf5206_init(MemoryRegion *sysmem, uint32_t base, 
CPUM68KState *env)
 s->timer[1] = m5206_timer_init(pic[10]);
 s->uart[0] = mcf_uart_init(pic[12], serial_hds[0]);
 s->uart[1] = mcf_uart_init(pic[13], serial_hds[1]);
-s->env = env;
+s->cpu = cpu;
 
 m5206_mbar_reset(s);
 return pic;
-- 
1.7.10.4

[Qemu-devel] [PATCH 47/47] target-i386: Split command line parsing out of cpu_x86_register()

[Andreas Färber]

In order to instantiate a CPU subtype we will need to know which type,
so move the cpu_model splitting into cpu_x86_init().

Parameters need to be set on the X86CPU instance, so move
cpu_x86_parse_featurestr() into cpu_x86_init() as well.

This leaves cpu_x86_register() operating on the model name only.

Signed-off-by: Andreas Färber 
Signed-off-by: Igor Mammedov 
Reviewed-by: Eduardo Habkost 
Signed-off-by: Andreas Färber 
---
 hw/pc.c   |1 -
 target-i386/cpu.c |   80 ++---
 2 Dateien geändert, 40 Zeilen hinzugefügt(+), 41 Zeilen entfernt(-)

diff --git a/hw/pc.c b/hw/pc.c
index 53cc173..07caba7 100644
--- a/hw/pc.c
+++ b/hw/pc.c
@@ -876,7 +876,6 @@ void pc_cpus_init(const char *cpu_model)
 
 for (i = 0; i < smp_cpus; i++) {
 if (!cpu_x86_init(cpu_model)) {
-fprintf(stderr, "Unable to find x86 CPU definition\n");
 exit(1);
 }
 }
diff --git a/target-i386/cpu.c b/target-i386/cpu.c
index 462d6c9..dfcf86e 100644
--- a/target-i386/cpu.c
+++ b/target-i386/cpu.c
@@ -1516,27 +1516,16 @@ static void filter_features_for_kvm(X86CPU *cpu)
 }
 #endif
 
-static int cpu_x86_register(X86CPU *cpu, const char *cpu_model)
+static void cpu_x86_register(X86CPU *cpu, const char *name, Error **errp)
 {
 CPUX86State *env = &cpu->env;
 x86_def_t def1, *def = &def1;
-Error *error = NULL;
-char *name, *features;
-gchar **model_pieces;
 
 memset(def, 0, sizeof(*def));
 
-model_pieces = g_strsplit(cpu_model, ",", 2);
-if (!model_pieces[0]) {
-error_setg(&error, "Invalid/empty CPU model name");
-goto out;
-}
-name = model_pieces[0];
-features = model_pieces[1];
-
 if (cpu_x86_find_by_name(def, name) < 0) {
-error_setg(&error, "Unable to find CPU definition: %s", name);
-goto out;
+error_setg(errp, "Unable to find CPU definition: %s", name);
+return;
 }
 
 if (kvm_enabled()) {
@@ -1544,58 +1533,69 @@ static int cpu_x86_register(X86CPU *cpu, const char 
*cpu_model)
 }
 def->ext_features |= CPUID_EXT_HYPERVISOR;
 
-object_property_set_str(OBJECT(cpu), def->vendor, "vendor", &error);
-object_property_set_int(OBJECT(cpu), def->level, "level", &error);
-object_property_set_int(OBJECT(cpu), def->family, "family", &error);
-object_property_set_int(OBJECT(cpu), def->model, "model", &error);
-object_property_set_int(OBJECT(cpu), def->stepping, "stepping", &error);
+object_property_set_str(OBJECT(cpu), def->vendor, "vendor", errp);
+object_property_set_int(OBJECT(cpu), def->level, "level", errp);
+object_property_set_int(OBJECT(cpu), def->family, "family", errp);
+object_property_set_int(OBJECT(cpu), def->model, "model", errp);
+object_property_set_int(OBJECT(cpu), def->stepping, "stepping", errp);
 env->cpuid_features = def->features;
 env->cpuid_ext_features = def->ext_features;
 env->cpuid_ext2_features = def->ext2_features;
 env->cpuid_ext3_features = def->ext3_features;
-object_property_set_int(OBJECT(cpu), def->xlevel, "xlevel", &error);
+object_property_set_int(OBJECT(cpu), def->xlevel, "xlevel", errp);
 env->cpuid_kvm_features = def->kvm_features;
 env->cpuid_svm_features = def->svm_features;
 env->cpuid_ext4_features = def->ext4_features;
 env->cpuid_7_0_ebx_features = def->cpuid_7_0_ebx_features;
 env->cpuid_xlevel2 = def->xlevel2;
 
-object_property_set_str(OBJECT(cpu), def->model_id, "model-id", &error);
-if (error) {
-goto out;
-}
-
-cpu_x86_parse_featurestr(cpu, features, &error);
-out:
-g_strfreev(model_pieces);
-if (error) {
-fprintf(stderr, "%s\n", error_get_pretty(error));
-error_free(error);
-return -1;
-}
-return 0;
+object_property_set_str(OBJECT(cpu), def->model_id, "model-id", errp);
 }
 
 X86CPU *cpu_x86_init(const char *cpu_model)
 {
-X86CPU *cpu;
+X86CPU *cpu = NULL;
 CPUX86State *env;
+gchar **model_pieces;
+char *name, *features;
 Error *error = NULL;
 
+model_pieces = g_strsplit(cpu_model, ",", 2);
+if (!model_pieces[0]) {
+error_setg(&error, "Invalid/empty CPU model name");
+goto out;
+}
+name = model_pieces[0];
+features = model_pieces[1];
+
 cpu = X86_CPU(object_new(TYPE_X86_CPU));
 env = &cpu->env;
 env->cpu_model_str = cpu_model;
 
-if (cpu_x86_register(cpu, cpu_model) < 0) {
-object_unref(OBJECT(cpu));
-return NULL;
+cpu_x86_register(cpu, name, &error);
+if (error) {
+goto out;
+}
+
+cpu_x86_parse_featurestr(cpu, features, &error);
+if (error) {
+goto out;
 }
 
 object_property_set_bool(OBJECT(cpu), true, "realized", &error);
 if (error) {
+goto out;
+}
+
+out:
+g_strfreev(model_pieces);
+if (error) {
+fprintf(stderr, "%s\n", error_get_pretty(error));
 error_free(error);
- 

[Qemu-devel] [Bug 1127369] [NEW] i386 emulation unreliable since commit b76f0d8c2e3eac94bc7fd90a510cb7426b2a2699

[Andreas Gustafsson]

Public bug reported:

I am running daily automated tests of the qemu git mainline that
involve building qemu on a Linux host (32-bit), booting a NetBSD guest
in qemu-system-i386, and running the NetBSD operating system test
suite on the guest.

Since commit b76f0d8c2e3eac94bc7fd90a510cb7426b2a2699, there has been
a marked increase in the number of failing test cases.  Before that
commit, the number of failing test cases was typically in the range 3
to 6, but since that commit, test runs often show 10 or more failed
tests, or they end prematurely due to a segmentation fault in the test
framework itself.

To aid in reproducing the problem, I have prepared a disk image
containing a NetBSD 6.0.1 system configured to automatically run
the test suite on boot.

To reproduce the problem, run the following shell commands:

  wget http://www.gson.org/bugs/qemu/NetBSD-6.0.1-i386-test.img.gz
  gunzip NetBSD-6.0.1-i386-test.img.gz
  qemu-system-i386 -m 32 -nographic -snapshot -hda NetBSD-6.0.1-i386-test.img

The disk image is about 144 MB in size and uncompresses to 2 GB.  The
test run typically takes a couple of hours, printing progress messages
to the terminal as it goes.  When it finishes, the virtual machine
will be automatically powered down, causing qemu to exit.

Near the end of the output, before the shutdown messages, there should
be a summary of the test results.  The expected output looks like this:

  Summary for 500 test programs:
  2958 passed test cases.
  5 failed test cases.
  45 expected failed test cases.
  70 skipped test cases.

A number of "failed test cases" in the range 3 to 6 should be
considered normal.  Please ignore the "expected failed test cases".
Using a version of qemu affected by the bug, the summary will look
more like this:

  Summary for 500 test programs:
  2951 passed test cases.
  12 failed test cases.
  45 expected failed test cases.
  69 skipped test cases.

Or it may end with a segmentation fault like this:

   p2k_ffs_race: atf-report: ERROR: 10912: Unexpected token `<>'; expected 
end of test case or test case's stdout/stderr line
[1]   Segmentation fault (core dumped) atf-run |
  Done(1) atf-report

The problem goes away if the "-m 32" is omitted from the qemu command line,
which leads me to suspect that the problem may be related to paging or
swapping activity in the guest.

The revision listed in the subject, b76f0d8c2e3eac94bc7fd90a510cb7426b2a2699,
is the first one exhibiting the excessive test failures, but the bug may already
have been introduced in the previous commit, 
fdbb84d1332ae0827d60f1a2ca03c7d5678c6edd.
If I attempt to run the test on fdbb84d1332ae0827d60f1a2ca03c7d5678c6edd, the
guest fails to boot.  The revision before that, 
32761257c0b9fa7ee04d2871a6e48a41f119c469,
works as expected.
--
Andreas Gustafsson, g...@gson.org

** Affects: qemu
 Importance: Undecided
 Status: New

-- 
You received this bug notification because you are a member of qemu-
devel-ml, which is subscribed to QEMU.
https://bugs.launchpad.net/bugs/1127369

Title:
  i386 emulation unreliable since commit
  b76f0d8c2e3eac94bc7fd90a510cb7426b2a2699

Status in QEMU:
  New

Bug description:
  I am running daily automated tests of the qemu git mainline that
  involve building qemu on a Linux host (32-bit), booting a NetBSD guest
  in qemu-system-i386, and running the NetBSD operating system test
  suite on the guest.

  Since commit b76f0d8c2e3eac94bc7fd90a510cb7426b2a2699, there has been
  a marked increase in the number of failing test cases.  Before that
  commit, the number of failing test cases was typically in the range 3
  to 6, but since that commit, test runs often show 10 or more failed
  tests, or they end prematurely due to a segmentation fault in the test
  framework itself.

  To aid in reproducing the problem, I have prepared a disk image
  containing a NetBSD 6.0.1 system configured to automatically run
  the test suite on boot.

  To reproduce the problem, run the following shell commands:

wget http://www.gson.org/bugs/qemu/NetBSD-6.0.1-i386-test.img.gz
gunzip NetBSD-6.0.1-i386-test.img.gz
qemu-system-i386 -m 32 -nographic -snapshot -hda NetBSD-6.0.1-i386-test.img

  The disk image is about 144 MB in size and uncompresses to 2 GB.  The
  test run typically takes a couple of hours, printing progress messages
  to the terminal as it goes.  When it finishes, the virtual machine
  will be automatically powered down, causing qemu to exit.

  Near the end of the output, before the shutdown messages, there should
  be a summary of the test results.  The expected output looks like this:

Summary for 500 test programs:
2958 passed test cases.
5 failed test cases.
45 expected failed test cases.
70 skipped test cases.

  A number of "failed test cases" in the range 3 to 6 should be
  considered normal.  Please ignore the "expected failed test cases".
  Using a version of qemu a

[Qemu-devel] [PATCH 19/47] target-lm32: Move TCG initialization to LM32CPU initfn

[Andreas Färber]

Signed-off-by: Andreas Färber 
---
 target-lm32/cpu.c|6 ++
 target-lm32/helper.c |6 --
 2 Dateien geändert, 6 Zeilen hinzugefügt(+), 6 Zeilen entfernt(-)

diff --git a/target-lm32/cpu.c b/target-lm32/cpu.c
index 6a84f51..5f16734 100644
--- a/target-lm32/cpu.c
+++ b/target-lm32/cpu.c
@@ -58,10 +58,16 @@ static void lm32_cpu_initfn(Object *obj)
 {
 LM32CPU *cpu = LM32_CPU(obj);
 CPULM32State *env = &cpu->env;
+static bool tcg_initialized;
 
 cpu_exec_init(env);
 
 env->flags = 0;
+
+if (tcg_enabled() && !tcg_initialized) {
+tcg_initialized = true;
+lm32_translate_init();
+}
 }
 
 static void lm32_cpu_class_init(ObjectClass *oc, void *data)
diff --git a/target-lm32/helper.c b/target-lm32/helper.c
index a6691ad..47ae7e7 100644
--- a/target-lm32/helper.c
+++ b/target-lm32/helper.c
@@ -197,7 +197,6 @@ LM32CPU *cpu_lm32_init(const char *cpu_model)
 LM32CPU *cpu;
 CPULM32State *env;
 const LM32Def *def;
-static int tcg_initialized;
 
 def = cpu_lm32_find_by_name(cpu_model);
 if (!def) {
@@ -212,11 +211,6 @@ LM32CPU *cpu_lm32_init(const char *cpu_model)
 env->num_wps = def->num_watchpoints;
 env->cfg = cfg_by_def(def);
 
-if (tcg_enabled() && !tcg_initialized) {
-tcg_initialized = 1;
-lm32_translate_init();
-}
-
 object_property_set_bool(OBJECT(cpu), true, "realized", NULL);
 
 return cpu;
-- 
1.7.10.4

[Qemu-devel] [PATCH 30/47] target-m68k: Return M68kCPU from cpu_m68k_init()

[Andreas Färber]

Turn cpu_init() into a static inline function for backwards
compatibility.

Signed-off-by: Andreas Färber 
---
 target-m68k/cpu.h|   12 ++--
 target-m68k/helper.c |4 ++--
 2 Dateien geändert, 12 Zeilen hinzugefügt(+), 4 Zeilen entfernt(-)

diff --git a/target-m68k/cpu.h b/target-m68k/cpu.h
index 94937c4..ed9be80 100644
--- a/target-m68k/cpu.h
+++ b/target-m68k/cpu.h
@@ -117,7 +117,7 @@ typedef struct CPUM68KState {
 
 void m68k_tcg_init(void);
 void m68k_cpu_init_gdb(M68kCPU *cpu);
-CPUM68KState *cpu_m68k_init(const char *cpu_model);
+M68kCPU *cpu_m68k_init(const char *cpu_model);
 int cpu_m68k_exec(CPUM68KState *s);
 void do_interrupt(CPUM68KState *env1);
 void do_interrupt_m68k_hardirq(CPUM68KState *env1);
@@ -215,7 +215,15 @@ void register_m68k_insns (CPUM68KState *env);
 #define TARGET_PHYS_ADDR_SPACE_BITS 32
 #define TARGET_VIRT_ADDR_SPACE_BITS 32
 
-#define cpu_init cpu_m68k_init
+static inline CPUM68KState *cpu_init(const char *cpu_model)
+{
+M68kCPU *cpu = cpu_m68k_init(cpu_model);
+if (cpu == NULL) {
+return NULL;
+}
+return &cpu->env;
+}
+
 #define cpu_exec cpu_m68k_exec
 #define cpu_gen_code cpu_m68k_gen_code
 #define cpu_signal_handler cpu_m68k_signal_handler
diff --git a/target-m68k/helper.c b/target-m68k/helper.c
index 6030807..7d3fd94 100644
--- a/target-m68k/helper.c
+++ b/target-m68k/helper.c
@@ -98,7 +98,7 @@ static int fpu_gdb_set_reg(CPUM68KState *env, uint8_t 
*mem_buf, int n)
 return 0;
 }
 
-CPUM68KState *cpu_m68k_init(const char *cpu_model)
+M68kCPU *cpu_m68k_init(const char *cpu_model)
 {
 M68kCPU *cpu;
 CPUM68KState *env;
@@ -116,7 +116,7 @@ CPUM68KState *cpu_m68k_init(const char *cpu_model)
 
 object_property_set_bool(OBJECT(cpu), true, "realized", NULL);
 
-return env;
+return cpu;
 }
 
 void m68k_cpu_init_gdb(M68kCPU *cpu)
-- 
1.7.10.4

[Qemu-devel] [PATCH 45/47] target-lm32: Drop unused cpu_lm32_close() prototype

[Andreas Färber]

It was never implemented.

Signed-off-by: Andreas Färber 
---
 target-lm32/cpu.h |1 -
 1 Datei geändert, 1 Zeile entfernt(-)

diff --git a/target-lm32/cpu.h b/target-lm32/cpu.h
index 4e202db..6948d0e 100644
--- a/target-lm32/cpu.h
+++ b/target-lm32/cpu.h
@@ -189,7 +189,6 @@ struct CPULM32State {
 LM32CPU *cpu_lm32_init(const char *cpu_model);
 void cpu_lm32_list(FILE *f, fprintf_function cpu_fprintf);
 int cpu_lm32_exec(CPULM32State *s);
-void cpu_lm32_close(CPULM32State *s);
 void do_interrupt(CPULM32State *env);
 /* you can call this signal handler from your SIGBUS and SIGSEGV
signal handlers to inform the virtual CPU of exceptions. non zero
-- 
1.7.10.4

[Qemu-devel] [PATCH 24/47] target-s390x: Move TCG initialization to S390CPU initfn

[Andreas Färber]

Ensures that a QOM-created S390CPU is usable.

Acked-by: Richard Henderson 
Signed-off-by: Andreas Färber 
---
 target-s390x/cpu.c|6 ++
 target-s390x/helper.c |7 ---
 2 Dateien geändert, 6 Zeilen hinzugefügt(+), 7 Zeilen entfernt(-)

diff --git a/target-s390x/cpu.c b/target-s390x/cpu.c
index ee15783..787c937 100644
--- a/target-s390x/cpu.c
+++ b/target-s390x/cpu.c
@@ -112,6 +112,7 @@ static void s390_cpu_initfn(Object *obj)
 {
 S390CPU *cpu = S390_CPU(obj);
 CPUS390XState *env = &cpu->env;
+static bool inited;
 static int cpu_num = 0;
 #if !defined(CONFIG_USER_ONLY)
 struct tm tm;
@@ -133,6 +134,11 @@ static void s390_cpu_initfn(Object *obj)
 #endif
 env->cpu_num = cpu_num++;
 env->ext_index = -1;
+
+if (tcg_enabled() && !inited) {
+inited = true;
+s390x_translate_init();
+}
 }
 
 static void s390_cpu_finalize(Object *obj)
diff --git a/target-s390x/helper.c b/target-s390x/helper.c
index d3bb456..1183b45 100644
--- a/target-s390x/helper.c
+++ b/target-s390x/helper.c
@@ -74,16 +74,9 @@ S390CPU *cpu_s390x_init(const char *cpu_model)
 {
 S390CPU *cpu;
 CPUS390XState *env;
-static int inited;
 
 cpu = S390_CPU(object_new(TYPE_S390_CPU));
 env = &cpu->env;
-
-if (tcg_enabled() && !inited) {
-inited = 1;
-s390x_translate_init();
-}
-
 env->cpu_model_str = cpu_model;
 
 object_property_set_bool(OBJECT(cpu), true, "realized", NULL);
-- 
1.7.10.4

[Qemu-devel] [PATCH 27/47] target-unicore32: Move TCG initialization to UniCore32CPU initfn

[Andreas Färber]

Normalize the "inited" logic and add a tcg_enabled() check to suppress
it for qtest.

Ensures that a QOM-created UniCore32CPU is usable.

Acked-by: Guan Xuetao 
Signed-off-by: Andreas Färber 
---
 target-unicore32/cpu.c|6 ++
 target-unicore32/helper.c |6 --
 2 Dateien geändert, 6 Zeilen hinzugefügt(+), 6 Zeilen entfernt(-)

diff --git a/target-unicore32/cpu.c b/target-unicore32/cpu.c
index 8de17a4..7bcf3b3 100644
--- a/target-unicore32/cpu.c
+++ b/target-unicore32/cpu.c
@@ -95,6 +95,7 @@ static void uc32_cpu_initfn(Object *obj)
 {
 UniCore32CPU *cpu = UNICORE32_CPU(obj);
 CPUUniCore32State *env = &cpu->env;
+static bool inited;
 
 cpu_exec_init(env);
 
@@ -107,6 +108,11 @@ static void uc32_cpu_initfn(Object *obj)
 #endif
 
 tlb_flush(env, 1);
+
+if (tcg_enabled() && !inited) {
+inited = true;
+uc32_translate_init();
+}
 }
 
 static const VMStateDescription vmstate_uc32_cpu = {
diff --git a/target-unicore32/helper.c b/target-unicore32/helper.c
index 2442133..7eeb9bc 100644
--- a/target-unicore32/helper.c
+++ b/target-unicore32/helper.c
@@ -30,7 +30,6 @@ CPUUniCore32State *uc32_cpu_init(const char *cpu_model)
 UniCore32CPU *cpu;
 CPUUniCore32State *env;
 ObjectClass *oc;
-static int inited = 1;
 
 oc = cpu_class_by_name(TYPE_UNICORE32_CPU, cpu_model);
 if (oc == NULL) {
@@ -40,11 +39,6 @@ CPUUniCore32State *uc32_cpu_init(const char *cpu_model)
 env = &cpu->env;
 env->cpu_model_str = cpu_model;
 
-if (inited) {
-inited = 0;
-uc32_translate_init();
-}
-
 object_property_set_bool(OBJECT(cpu), true, "realized", NULL);
 
 return env;
-- 
1.7.10.4

Re: [Qemu-devel] [PATCH for-1.4 07/19] target-sparc: Fix debug output for DEBUG_MMU

[Blue Swirl]

Thanks, applied.

On Sun, Jan 27, 2013 at 1:32 PM, Andreas Färber  wrote:
> Signed-off-by: Andreas Färber 
> ---
>  target-sparc/ldst_helper.c |2 +-
>  1 Datei geändert, 1 Zeile hinzugefügt(+), 1 Zeile entfernt(-)
>
> diff --git a/target-sparc/ldst_helper.c b/target-sparc/ldst_helper.c
> index cf1bddf..7decd66 100644
> --- a/target-sparc/ldst_helper.c
> +++ b/target-sparc/ldst_helper.c
> @@ -1850,7 +1850,7 @@ void helper_st_asi(CPUSPARCState *env, target_ulong 
> addr, target_ulong val,
>  DPRINTF_MMU("LSU change: 0x%" PRIx64 " -> 0x%" PRIx64 "\n",
>  oldreg, env->lsu);
>  #ifdef DEBUG_MMU
> -dump_mmu(stdout, fprintf, env1);
> +dump_mmu(stdout, fprintf, env);
>  #endif
>  tlb_flush(env, 1);
>  }
> --
> 1.7.10.4
>

[Qemu-devel] [PATCH 07/47] target-cris: Introduce QOM realizefn for CRISCPU

[Andreas Färber]

Introduce realizefn and set realized = true from cpu_cris_init().

Reviewed-by: Eduardo Habkost 
Signed-off-by: Andreas Färber 
---
 target-cris/cpu-qom.h   |2 ++
 target-cris/cpu.c   |   15 +++
 target-cris/translate.c |3 +--
 3 Dateien geändert, 18 Zeilen hinzugefügt(+), 2 Zeilen entfernt(-)

diff --git a/target-cris/cpu-qom.h b/target-cris/cpu-qom.h
index 41ab9b2..7ad8398 100644
--- a/target-cris/cpu-qom.h
+++ b/target-cris/cpu-qom.h
@@ -33,6 +33,7 @@
 
 /**
  * CRISCPUClass:
+ * @parent_realize: The parent class' realize handler.
  * @parent_reset: The parent class' reset handler.
  *
  * A CRIS CPU model.
@@ -42,6 +43,7 @@ typedef struct CRISCPUClass {
 CPUClass parent_class;
 /*< public >*/
 
+DeviceRealize parent_realize;
 void (*parent_reset)(CPUState *cpu);
 } CRISCPUClass;
 
diff --git a/target-cris/cpu.c b/target-cris/cpu.c
index 3f64a57..34c4f75 100644
--- a/target-cris/cpu.c
+++ b/target-cris/cpu.c
@@ -55,6 +55,17 @@ static void cris_cpu_reset(CPUState *s)
 #endif
 }
 
+static void cris_cpu_realizefn(DeviceState *dev, Error **errp)
+{
+CRISCPU *cpu = CRIS_CPU(dev);
+CRISCPUClass *ccc = CRIS_CPU_GET_CLASS(dev);
+
+cpu_reset(CPU(cpu));
+qemu_init_vcpu(&cpu->env);
+
+ccc->parent_realize(dev, errp);
+}
+
 static void cris_cpu_initfn(Object *obj)
 {
 CRISCPU *cpu = CRIS_CPU(obj);
@@ -65,9 +76,13 @@ static void cris_cpu_initfn(Object *obj)
 
 static void cris_cpu_class_init(ObjectClass *oc, void *data)
 {
+DeviceClass *dc = DEVICE_CLASS(oc);
 CPUClass *cc = CPU_CLASS(oc);
 CRISCPUClass *ccc = CRIS_CPU_CLASS(oc);
 
+ccc->parent_realize = dc->realize;
+dc->realize = cris_cpu_realizefn;
+
 ccc->parent_reset = cc->reset;
 cc->reset = cris_cpu_reset;
 }
diff --git a/target-cris/translate.c b/target-cris/translate.c
index 09e6011..25ff490 100644
--- a/target-cris/translate.c
+++ b/target-cris/translate.c
@@ -3558,8 +3558,7 @@ CRISCPU *cpu_cris_init(const char *cpu_model)
 
 env->pregs[PR_VR] = vr_by_name(cpu_model);
 
-cpu_reset(CPU(cpu));
-qemu_init_vcpu(env);
+object_property_set_bool(OBJECT(cpu), true, "realized", NULL);
 
 if (tcg_initialized) {
 return cpu;
-- 
1.7.10.4

[Qemu-devel] [PATCH 13/47] target-sh4: Introduce QOM realizefn for SuperHCPU

[Andreas Färber]

Introduce a realizefn and set realized = true in cpu_sh4_init().

Signed-off-by: Andreas Färber 
---
 target-sh4/cpu-qom.h   |2 ++
 target-sh4/cpu.c   |   14 ++
 target-sh4/translate.c |5 +++--
 3 Dateien geändert, 19 Zeilen hinzugefügt(+), 2 Zeilen entfernt(-)

diff --git a/target-sh4/cpu-qom.h b/target-sh4/cpu-qom.h
index 09573c9..d368db1 100644
--- a/target-sh4/cpu-qom.h
+++ b/target-sh4/cpu-qom.h
@@ -33,6 +33,7 @@
 
 /**
  * SuperHCPUClass:
+ * @parent_realize: The parent class' realize handler.
  * @parent_reset: The parent class' reset handler.
  *
  * A SuperH CPU model.
@@ -42,6 +43,7 @@ typedef struct SuperHCPUClass {
 CPUClass parent_class;
 /*< public >*/
 
+DeviceRealize parent_realize;
 void (*parent_reset)(CPUState *cpu);
 } SuperHCPUClass;
 
diff --git a/target-sh4/cpu.c b/target-sh4/cpu.c
index d283122..c66442f 100644
--- a/target-sh4/cpu.c
+++ b/target-sh4/cpu.c
@@ -54,6 +54,17 @@ static void superh_cpu_reset(CPUState *s)
 set_default_nan_mode(1, &env->fp_status);
 }
 
+static void superh_cpu_realizefn(DeviceState *dev, Error **errp)
+{
+SuperHCPU *cpu = SUPERH_CPU(dev);
+SuperHCPUClass *scc = SUPERH_CPU_GET_CLASS(dev);
+
+cpu_reset(CPU(cpu));
+qemu_init_vcpu(&cpu->env);
+
+scc->parent_realize(dev, errp);
+}
+
 static void superh_cpu_initfn(Object *obj)
 {
 SuperHCPU *cpu = SUPERH_CPU(obj);
@@ -75,6 +86,9 @@ static void superh_cpu_class_init(ObjectClass *oc, void *data)
 CPUClass *cc = CPU_CLASS(oc);
 SuperHCPUClass *scc = SUPERH_CPU_CLASS(oc);
 
+scc->parent_realize = dc->realize;
+dc->realize = superh_cpu_realizefn;
+
 scc->parent_reset = cc->reset;
 cc->reset = superh_cpu_reset;
 
diff --git a/target-sh4/translate.c b/target-sh4/translate.c
index 260aaab..2409a10 100644
--- a/target-sh4/translate.c
+++ b/target-sh4/translate.c
@@ -253,9 +253,10 @@ SuperHCPU *cpu_sh4_init(const char *cpu_model)
 env->features = def->features;
 sh4_translate_init();
 env->cpu_model_str = cpu_model;
-cpu_reset(CPU(cpu));
 cpu_register(env, def);
-qemu_init_vcpu(env);
+
+object_property_set_bool(OBJECT(cpu), true, "realized", NULL);
+
 return cpu;
 }
 
-- 
1.7.10.4

[Qemu-devel] [PATCH 05/47] target-openrisc: Update OpenRISCCPU to QOM realizefn

[Andreas Färber]

Update the openrisc_cpu_realize() signature, hook it up to
DeviceClass::realize and set realized = true in cpu_openrisc_init().

qapi/error.h is now included through qdev and no longer needed.

Signed-off-by: Andreas Färber 
Cc: Jia Liu 
---
 target-openrisc/cpu.c |   13 ++---
 target-openrisc/cpu.h |4 ++--
 2 Dateien geändert, 12 Zeilen hinzugefügt(+), 5 Zeilen entfernt(-)

diff --git a/target-openrisc/cpu.c b/target-openrisc/cpu.c
index a7a8de8..d8cc533 100644
--- a/target-openrisc/cpu.c
+++ b/target-openrisc/cpu.c
@@ -62,12 +62,15 @@ static inline void set_feature(OpenRISCCPU *cpu, int 
feature)
 cpu->env.cpucfgr = cpu->feature;
 }
 
-void openrisc_cpu_realize(Object *obj, Error **errp)
+static void openrisc_cpu_realizefn(DeviceState *dev, Error **errp)
 {
-OpenRISCCPU *cpu = OPENRISC_CPU(obj);
+OpenRISCCPU *cpu = OPENRISC_CPU(dev);
+OpenRISCCPUClass *occ = OPENRISC_CPU_GET_CLASS(dev);
 
 qemu_init_vcpu(&cpu->env);
 cpu_reset(CPU(cpu));
+
+occ->parent_realize(dev, errp);
 }
 
 static void openrisc_cpu_initfn(Object *obj)
@@ -134,6 +137,10 @@ static void openrisc_cpu_class_init(ObjectClass *oc, void 
*data)
 {
 OpenRISCCPUClass *occ = OPENRISC_CPU_CLASS(oc);
 CPUClass *cc = CPU_CLASS(occ);
+DeviceClass *dc = DEVICE_CLASS(oc);
+
+occ->parent_realize = dc->realize;
+dc->realize = openrisc_cpu_realizefn;
 
 occ->parent_reset = cc->reset;
 cc->reset = openrisc_cpu_reset;
@@ -187,7 +194,7 @@ OpenRISCCPU *cpu_openrisc_init(const char *cpu_model)
 cpu = OPENRISC_CPU(object_new(object_class_get_name(oc)));
 cpu->env.cpu_model_str = cpu_model;
 
-openrisc_cpu_realize(OBJECT(cpu), NULL);
+object_property_set_bool(OBJECT(cpu), true, "realized", NULL);
 
 return cpu;
 }
diff --git a/target-openrisc/cpu.h b/target-openrisc/cpu.h
index 3beab45..419f007 100644
--- a/target-openrisc/cpu.h
+++ b/target-openrisc/cpu.h
@@ -33,7 +33,6 @@ struct OpenRISCCPU;
 #include "exec/cpu-defs.h"
 #include "fpu/softfloat.h"
 #include "qom/cpu.h"
-#include "qapi/error.h"
 
 #define TYPE_OPENRISC_CPU "or32-cpu"
 
@@ -46,6 +45,7 @@ struct OpenRISCCPU;
 
 /**
  * OpenRISCCPUClass:
+ * @parent_realize: The parent class' realize handler.
  * @parent_reset: The parent class' reset handler.
  *
  * A OpenRISC CPU model.
@@ -55,6 +55,7 @@ typedef struct OpenRISCCPUClass {
 CPUClass parent_class;
 /*< public >*/
 
+DeviceRealize parent_realize;
 void (*parent_reset)(CPUState *cpu);
 } OpenRISCCPUClass;
 
@@ -340,7 +341,6 @@ static inline OpenRISCCPU 
*openrisc_env_get_cpu(CPUOpenRISCState *env)
 #define ENV_GET_CPU(e) CPU(openrisc_env_get_cpu(e))
 
 OpenRISCCPU *cpu_openrisc_init(const char *cpu_model);
-void openrisc_cpu_realize(Object *obj, Error **errp);
 
 void cpu_openrisc_list(FILE *f, fprintf_function cpu_fprintf);
 int cpu_openrisc_exec(CPUOpenRISCState *s);
-- 
1.7.10.4

[Qemu-devel] [PATCH 29/47] ppc405_uc: Pass PowerPCCPU to ppc40x_{core, chip, system}_reset()

[Andreas Färber]

Prepares for changing cpu_interrupt() argument to CPUState.

Signed-off-by: Andreas Färber 
Acked-by: Alexander Graf 
---
 hw/ppc.c   |   12 ++--
 hw/ppc.h   |6 +++---
 hw/ppc405_uc.c |   16 ++--
 3 Dateien geändert, 19 Zeilen hinzugefügt(+), 15 Zeilen entfernt(-)

diff --git a/hw/ppc.c b/hw/ppc.c
index 6053bd5..8cfb84f 100644
--- a/hw/ppc.c
+++ b/hw/ppc.c
@@ -300,20 +300,20 @@ static void ppc40x_set_irq(void *opaque, int pin, int 
level)
 if (level) {
 LOG_IRQ("%s: reset the PowerPC system\n",
 __func__);
-ppc40x_system_reset(env);
+ppc40x_system_reset(cpu);
 }
 break;
 case PPC40x_INPUT_RESET_CHIP:
 if (level) {
 LOG_IRQ("%s: reset the PowerPC chip\n", __func__);
-ppc40x_chip_reset(env);
+ppc40x_chip_reset(cpu);
 }
 break;
 case PPC40x_INPUT_RESET_CORE:
 /* XXX: TODO: update DBSR[MRR] */
 if (level) {
 LOG_IRQ("%s: reset the PowerPC core\n", __func__);
-ppc40x_core_reset(env);
+ppc40x_core_reset(cpu);
 }
 break;
 case PPC40x_INPUT_CINT:
@@ -1011,13 +1011,13 @@ static void cpu_4xx_wdt_cb (void *opaque)
 /* No reset */
 break;
 case 0x1: /* Core reset */
-ppc40x_core_reset(env);
+ppc40x_core_reset(cpu);
 break;
 case 0x2: /* Chip reset */
-ppc40x_chip_reset(env);
+ppc40x_chip_reset(cpu);
 break;
 case 0x3: /* System reset */
-ppc40x_system_reset(env);
+ppc40x_system_reset(cpu);
 break;
 }
 }
diff --git a/hw/ppc.h b/hw/ppc.h
index ee0cd16..acaf0d6 100644
--- a/hw/ppc.h
+++ b/hw/ppc.h
@@ -58,9 +58,9 @@ clk_setup_cb ppc_40x_timers_init (CPUPPCState *env, uint32_t 
freq,
   unsigned int decr_excp);
 
 /* Embedded PowerPC reset */
-void ppc40x_core_reset (CPUPPCState *env);
-void ppc40x_chip_reset (CPUPPCState *env);
-void ppc40x_system_reset (CPUPPCState *env);
+void ppc40x_core_reset(PowerPCCPU *cpu);
+void ppc40x_chip_reset(PowerPCCPU *cpu);
+void ppc40x_system_reset(PowerPCCPU *cpu);
 void PREP_debug_write (void *opaque, uint32_t addr, uint32_t val);
 
 extern CPUWriteMemoryFunc * const PPC_io_write[];
diff --git a/hw/ppc405_uc.c b/hw/ppc405_uc.c
index c96d103..d8cbe87 100644
--- a/hw/ppc405_uc.c
+++ b/hw/ppc405_uc.c
@@ -1770,8 +1770,9 @@ static void ppc405_mal_init(CPUPPCState *env, qemu_irq 
irqs[4])
 
 /*/
 /* SPR */
-void ppc40x_core_reset (CPUPPCState *env)
+void ppc40x_core_reset(PowerPCCPU *cpu)
 {
+CPUPPCState *env = &cpu->env;
 target_ulong dbsr;
 
 printf("Reset PowerPC core\n");
@@ -1782,8 +1783,9 @@ void ppc40x_core_reset (CPUPPCState *env)
 env->spr[SPR_40x_DBSR] = dbsr;
 }
 
-void ppc40x_chip_reset (CPUPPCState *env)
+void ppc40x_chip_reset(PowerPCCPU *cpu)
 {
+CPUPPCState *env = &cpu->env;
 target_ulong dbsr;
 
 printf("Reset PowerPC chip\n");
@@ -1795,7 +1797,7 @@ void ppc40x_chip_reset (CPUPPCState *env)
 env->spr[SPR_40x_DBSR] = dbsr;
 }
 
-void ppc40x_system_reset (CPUPPCState *env)
+void ppc40x_system_reset(PowerPCCPU *cpu)
 {
 printf("Reset PowerPC system\n");
 qemu_system_reset_request();
@@ -1803,21 +1805,23 @@ void ppc40x_system_reset (CPUPPCState *env)
 
 void store_40x_dbcr0 (CPUPPCState *env, uint32_t val)
 {
+PowerPCCPU *cpu = ppc_env_get_cpu(env);
+
 switch ((val >> 28) & 0x3) {
 case 0x0:
 /* No action */
 break;
 case 0x1:
 /* Core reset */
-ppc40x_core_reset(env);
+ppc40x_core_reset(cpu);
 break;
 case 0x2:
 /* Chip reset */
-ppc40x_chip_reset(env);
+ppc40x_chip_reset(cpu);
 break;
 case 0x3:
 /* System reset */
-ppc40x_system_reset(env);
+ppc40x_system_reset(cpu);
 break;
 }
 }
-- 
1.7.10.4

[Qemu-devel] [PATCH 01/47] cpu: Prepare QOM realizefn

[Andreas Färber]

Overwrite the default implementation with a no-op, no longer
attempting to call DeviceClass::init.

Signed-off-by: Andreas Färber 
---
 qom/cpu.c |5 +
 1 Datei geändert, 5 Zeilen hinzugefügt(+)

diff --git a/qom/cpu.c b/qom/cpu.c
index 8fb538b..870e9ba 100644
--- a/qom/cpu.c
+++ b/qom/cpu.c
@@ -46,6 +46,10 @@ static ObjectClass *cpu_common_class_by_name(const char 
*cpu_model)
 return NULL;
 }
 
+static void cpu_common_realizefn(DeviceState *dev, Error **errp)
+{
+}
+
 static void cpu_class_init(ObjectClass *klass, void *data)
 {
 DeviceClass *dc = DEVICE_CLASS(klass);
@@ -53,6 +57,7 @@ static void cpu_class_init(ObjectClass *klass, void *data)
 
 k->class_by_name = cpu_common_class_by_name;
 k->reset = cpu_common_reset;
+dc->realize = cpu_common_realizefn;
 dc->no_user = 1;
 }
 
-- 
1.7.10.4

Re: [Qemu-devel] [PATCH V23 2/7] Add TPM (frontend) hardware interface (TPM TIS) to QEMU

[Stefan Berger]

On 02/16/2013 05:56 AM, Andreas Färber wrote:

Am 15.02.2013 20:39, schrieb Stefan Berger:

diff --git a/tpm/tpm_tis.c b/tpm/tpm_tis.c
new file mode 100644
index 000..565e28d
--- /dev/null
+++ b/tpm/tpm_tis.c

[...]

+/*
+ * This function is called when the machine starts, resets or due to
+ * S3 resume.
+ */
+static void tpm_tis_reset(DeviceState *d)
+{
+TPMState *s = DO_UPCAST(TPMState, busdev.qdev, d);

Please introduce a QOM cast macro in tpm_int.h (e.g., TPM_TIS() or
TPM(), preferably in this patch for better review) and use that instead
of DO_UPCAST().


Ok, this and the rest I fixed for the next version.

   Stefan

Re: [Qemu-devel] [PATCH V23 1/7] Support for TPM command line options

[Stefan Berger]

On 02/16/2013 06:04 AM, Andreas Färber wrote:

Am 15.02.2013 20:39, schrieb Stefan Berger:

diff --git a/tpm/tpm_tis.h b/tpm/tpm_tis.h
new file mode 100644
index 000..6cf18bc
--- /dev/null
+++ b/tpm/tpm_tis.h
@@ -0,0 +1,78 @@
+/*
+ * tpm_tis.h - QEMU's TPM TIS interface emulator
+ *
+ * Copyright (C) 2006, 2010-2013 IBM Corporation
+ *
+ * Authors:
+ *  Stefan Berger 
+ *  David Safford 

Typo in email address?


No, both are valid email addresses.




+ *
+ * This work is licensed under the terms of the GNU GPL, version 2 or later.
+ * See the COPYING file in the top-level directory.
+ *
+ * Implementation of the TIS interface according to specs found at
+ * http://www.trustedcomputiggroup.org

Typo.

Fixed.

Stefan

[Qemu-devel] [PATCH 04/47] target-i386: Update X86CPU to QOM realizefn

[Andreas Färber]

Adapt the signature of x86_cpu_realize(), hook up to
DeviceClass::realize and set realized = true in cpu_x86_init().

The QOM realizefn cannot depend on errp being non-NULL as in
cpu_x86_init(), so use a local Error to preserve error handling behavior
on APIC initialization errors.

Reviewed-by: Igor Mammedov 
Reviewed-by: Eduardo Habkost 
[AF: Invoke parent's realizefn]
Signed-off-by: Andreas Färber 
---
 target-i386/cpu-qom.h |5 ++---
 target-i386/cpu.c |   19 +++
 target-i386/helper.c  |2 +-
 3 Dateien geändert, 18 Zeilen hinzugefügt(+), 8 Zeilen entfernt(-)

diff --git a/target-i386/cpu-qom.h b/target-i386/cpu-qom.h
index 332916a..48e6b54 100644
--- a/target-i386/cpu-qom.h
+++ b/target-i386/cpu-qom.h
@@ -39,6 +39,7 @@
 
 /**
  * X86CPUClass:
+ * @parent_realize: The parent class' realize handler.
  * @parent_reset: The parent class' reset handler.
  *
  * An x86 CPU model or family.
@@ -48,6 +49,7 @@ typedef struct X86CPUClass {
 CPUClass parent_class;
 /*< public >*/
 
+DeviceRealize parent_realize;
 void (*parent_reset)(CPUState *cpu);
 } X86CPUClass;
 
@@ -72,8 +74,5 @@ static inline X86CPU *x86_env_get_cpu(CPUX86State *env)
 
 #define ENV_GET_CPU(e) CPU(x86_env_get_cpu(e))
 
-/* TODO Drop once ObjectClass::realize is available */
-void x86_cpu_realize(Object *obj, Error **errp);
-
 
 #endif
diff --git a/target-i386/cpu.c b/target-i386/cpu.c
index aab35c7..e2fd626 100644
--- a/target-i386/cpu.c
+++ b/target-i386/cpu.c
@@ -2060,10 +2060,14 @@ static void x86_cpu_apic_init(X86CPU *cpu, Error **errp)
 }
 #endif
 
-void x86_cpu_realize(Object *obj, Error **errp)
+static void x86_cpu_realizefn(DeviceState *dev, Error **errp)
 {
-X86CPU *cpu = X86_CPU(obj);
+X86CPU *cpu = X86_CPU(dev);
+X86CPUClass *xcc = X86_CPU_GET_CLASS(dev);
 CPUX86State *env = &cpu->env;
+#ifndef CONFIG_USER_ONLY
+Error *local_err = NULL;
+#endif
 
 if (env->cpuid_7_0_ebx_features && env->cpuid_level < 7) {
 env->cpuid_level = 7;
@@ -2105,8 +2109,9 @@ void x86_cpu_realize(Object *obj, Error **errp)
 qemu_register_reset(x86_cpu_machine_reset_cb, cpu);
 
 if (cpu->env.cpuid_features & CPUID_APIC || smp_cpus > 1) {
-x86_cpu_apic_init(cpu, errp);
-if (error_is_set(errp)) {
+x86_cpu_apic_init(cpu, &local_err);
+if (local_err != NULL) {
+error_propagate(errp, local_err);
 return;
 }
 }
@@ -2115,6 +2120,8 @@ void x86_cpu_realize(Object *obj, Error **errp)
 mce_init(cpu);
 qemu_init_vcpu(&cpu->env);
 cpu_reset(CPU(cpu));
+
+xcc->parent_realize(dev, errp);
 }
 
 /* Enables contiguous-apic-ID mode, for compatibility */
@@ -2200,6 +2207,10 @@ static void x86_cpu_common_class_init(ObjectClass *oc, 
void *data)
 {
 X86CPUClass *xcc = X86_CPU_CLASS(oc);
 CPUClass *cc = CPU_CLASS(oc);
+DeviceClass *dc = DEVICE_CLASS(oc);
+
+xcc->parent_realize = dc->realize;
+dc->realize = x86_cpu_realizefn;
 
 xcc->parent_reset = cc->reset;
 cc->reset = x86_cpu_reset;
diff --git a/target-i386/helper.c b/target-i386/helper.c
index d1cb4e2..1a872fa 100644
--- a/target-i386/helper.c
+++ b/target-i386/helper.c
@@ -1282,7 +1282,7 @@ X86CPU *cpu_x86_init(const char *cpu_model)
 return NULL;
 }
 
-x86_cpu_realize(OBJECT(cpu), &error);
+object_property_set_bool(OBJECT(cpu), true, "realized", &error);
 if (error) {
 error_free(error);
 object_unref(OBJECT(cpu));
-- 
1.7.10.4

[Qemu-devel] [PATCH 36/47] cpu: Move running field to CPUState

[Andreas Färber]

Pass CPUState to cpu_exec_{start,end}() functions.

Signed-off-by: Andreas Färber 
---
 include/exec/cpu-defs.h |1 -
 include/qom/cpu.h   |2 ++
 linux-user/main.c   |   37 ++---
 3 Dateien geändert, 24 Zeilen hinzugefügt(+), 16 Zeilen entfernt(-)

diff --git a/include/exec/cpu-defs.h b/include/exec/cpu-defs.h
index ae832a9..ba814ff 100644
--- a/include/exec/cpu-defs.h
+++ b/include/exec/cpu-defs.h
@@ -191,7 +191,6 @@ typedef struct CPUWatchpoint {
 int exception_index;\
 \
 CPUArchState *next_cpu; /* next CPU sharing TB cache */ \
-int running; /* Nonzero if cpu is currently running(usermode).  */  \
 /* user data */ \
 void *opaque;   \
 \
diff --git a/include/qom/cpu.h b/include/qom/cpu.h
index e371655..c465d88 100644
--- a/include/qom/cpu.h
+++ b/include/qom/cpu.h
@@ -66,6 +66,7 @@ struct kvm_run;
  * @nr_threads: Number of threads within this CPU.
  * @numa_node: NUMA node this CPU is belonging to.
  * @host_tid: Host thread ID.
+ * @running: #true if CPU is currently running (usermode).
  * @created: Indicates whether the CPU thread has been successfully created.
  * @stop: Indicates a pending stop request.
  * @stopped: Indicates the CPU has been artificially stopped.
@@ -88,6 +89,7 @@ struct CPUState {
 #endif
 int thread_id;
 uint32_t host_tid;
+bool running;
 struct QemuCond *halt_cond;
 struct qemu_work_item *queued_work_first, *queued_work_last;
 bool thread_kicked;
diff --git a/linux-user/main.c b/linux-user/main.c
index 146a468..e515684 100644
--- a/linux-user/main.c
+++ b/linux-user/main.c
@@ -151,13 +151,16 @@ static inline void exclusive_idle(void)
 static inline void start_exclusive(void)
 {
 CPUArchState *other;
+CPUState *other_cpu;
+
 pthread_mutex_lock(&exclusive_lock);
 exclusive_idle();
 
 pending_cpus = 1;
 /* Make all other cpus stop executing.  */
 for (other = first_cpu; other; other = other->next_cpu) {
-if (other->running) {
+other_cpu = ENV_GET_CPU(other);
+if (other_cpu->running) {
 pending_cpus++;
 cpu_exit(other);
 }
@@ -176,19 +179,19 @@ static inline void end_exclusive(void)
 }
 
 /* Wait for exclusive ops to finish, and begin cpu execution.  */
-static inline void cpu_exec_start(CPUArchState *env)
+static inline void cpu_exec_start(CPUState *cpu)
 {
 pthread_mutex_lock(&exclusive_lock);
 exclusive_idle();
-env->running = 1;
+cpu->running = true;
 pthread_mutex_unlock(&exclusive_lock);
 }
 
 /* Mark cpu as not executing, and release pending exclusive ops.  */
-static inline void cpu_exec_end(CPUArchState *env)
+static inline void cpu_exec_end(CPUState *cpu)
 {
 pthread_mutex_lock(&exclusive_lock);
-env->running = 0;
+cpu->running = false;
 if (pending_cpus > 1) {
 pending_cpus--;
 if (pending_cpus == 1) {
@@ -210,11 +213,11 @@ void cpu_list_unlock(void)
 }
 #else /* if !CONFIG_USE_NPTL */
 /* These are no-ops because we are not threadsafe.  */
-static inline void cpu_exec_start(CPUArchState *env)
+static inline void cpu_exec_start(CPUState *cpu)
 {
 }
 
-static inline void cpu_exec_end(CPUArchState *env)
+static inline void cpu_exec_end(CPUState *cpu)
 {
 }
 
@@ -697,15 +700,16 @@ done:
 
 void cpu_loop(CPUARMState *env)
 {
+CPUState *cs = CPU(arm_env_get_cpu(env));
 int trapnr;
 unsigned int n, insn;
 target_siginfo_t info;
 uint32_t addr;
 
 for(;;) {
-cpu_exec_start(env);
+cpu_exec_start(cs);
 trapnr = cpu_arm_exec(env);
-cpu_exec_end(env);
+cpu_exec_end(cs);
 switch(trapnr) {
 case EXCP_UDEF:
 {
@@ -912,14 +916,15 @@ void cpu_loop(CPUARMState *env)
 
 void cpu_loop(CPUUniCore32State *env)
 {
+CPUState *cs = CPU(uc32_env_get_cpu(env));
 int trapnr;
 unsigned int n, insn;
 target_siginfo_t info;
 
 for (;;) {
-cpu_exec_start(env);
+cpu_exec_start(cs);
 trapnr = uc32_cpu_exec(env);
-cpu_exec_end(env);
+cpu_exec_end(cs);
 switch (trapnr) {
 case UC32_EXCP_PRIV:
 {
@@ -1367,14 +1372,15 @@ static int do_store_exclusive(CPUPPCState *env)
 
 void cpu_loop(CPUPPCState *env)
 {
+CPUState *cs = CPU(ppc_env_get_cpu(env));
 target_siginfo_t info;
 int trapnr;
 target_ulong ret;
 
 for(;;) {
-cpu_exec_start(env);
+cpu_exec_start(cs);
 trapnr = cpu_ppc_exec(env);
-cpu_exec_end(env);
+cpu_exec_end(cs);
 switch(trapnr) {
 case POWERPC_EXCP_NONE:
 /* Just go on */
@@ -2184,14 +2190,15 @@ stati

[Qemu-devel] [PATCH 08/47] target-lm32: Introduce QOM realizefn for LM32CPU

[Andreas Färber]

Introduce a realizefn and set realized = true in cpu_lm32_init().

Also move cpu_reset() call from initfn to realizefn.

Signed-off-by: Andreas Färber 
---
 target-lm32/cpu-qom.h |2 ++
 target-lm32/cpu.c |   18 --
 target-lm32/helper.c  |4 ++--
 3 Dateien geändert, 20 Zeilen hinzugefügt(+), 4 Zeilen entfernt(-)

diff --git a/target-lm32/cpu-qom.h b/target-lm32/cpu-qom.h
index 400cdbd..d7525b3 100644
--- a/target-lm32/cpu-qom.h
+++ b/target-lm32/cpu-qom.h
@@ -34,6 +34,7 @@
 
 /**
  * LM32CPUClass:
+ * @parent_realize: The parent class' realize handler.
  * @parent_reset: The parent class' reset handler.
  *
  * A LatticeMico32 CPU model.
@@ -43,6 +44,7 @@ typedef struct LM32CPUClass {
 CPUClass parent_class;
 /*< public >*/
 
+DeviceRealize parent_realize;
 void (*parent_reset)(CPUState *cpu);
 } LM32CPUClass;
 
diff --git a/target-lm32/cpu.c b/target-lm32/cpu.c
index eca2dca..6a84f51 100644
--- a/target-lm32/cpu.c
+++ b/target-lm32/cpu.c
@@ -42,6 +42,18 @@ static void lm32_cpu_reset(CPUState *s)
 memset(env, 0, offsetof(CPULM32State, breakpoints));
 }
 
+static void lm32_cpu_realizefn(DeviceState *dev, Error **errp)
+{
+LM32CPU *cpu = LM32_CPU(dev);
+LM32CPUClass *lcc = LM32_CPU_GET_CLASS(dev);
+
+cpu_reset(CPU(cpu));
+
+qemu_init_vcpu(&cpu->env);
+
+lcc->parent_realize(dev, errp);
+}
+
 static void lm32_cpu_initfn(Object *obj)
 {
 LM32CPU *cpu = LM32_CPU(obj);
@@ -50,14 +62,16 @@ static void lm32_cpu_initfn(Object *obj)
 cpu_exec_init(env);
 
 env->flags = 0;
-
-cpu_reset(CPU(cpu));
 }
 
 static void lm32_cpu_class_init(ObjectClass *oc, void *data)
 {
 LM32CPUClass *lcc = LM32_CPU_CLASS(oc);
 CPUClass *cc = CPU_CLASS(oc);
+DeviceClass *dc = DEVICE_CLASS(oc);
+
+lcc->parent_realize = dc->realize;
+dc->realize = lm32_cpu_realizefn;
 
 lcc->parent_reset = cc->reset;
 cc->reset = lm32_cpu_reset;
diff --git a/target-lm32/helper.c b/target-lm32/helper.c
index d76ea3f..a6691ad 100644
--- a/target-lm32/helper.c
+++ b/target-lm32/helper.c
@@ -212,13 +212,13 @@ LM32CPU *cpu_lm32_init(const char *cpu_model)
 env->num_wps = def->num_watchpoints;
 env->cfg = cfg_by_def(def);
 
-qemu_init_vcpu(env);
-
 if (tcg_enabled() && !tcg_initialized) {
 tcg_initialized = 1;
 lm32_translate_init();
 }
 
+object_property_set_bool(OBJECT(cpu), true, "realized", NULL);
+
 return cpu;
 }
 
-- 
1.7.10.4

[Qemu-devel] [PULL 00/47] QOM CPUState patch queue 2013-02-16

[Andreas Färber]

Hello,

This is my current QOM CPU patch queue. Please pull.

It includes:
* QOM realize support for CPUs, cleaning up cpu_init(),
* cpu_init() TCG cleanups for device_add,
* preparations for CPUState refactorings,
* CRIS CPU subclasses,
* CPUState part 8 refactorings,
* bug fixes for e500 CPU iterations,
* preparations for x86 CPU subclasses.

Due to our ambitious hotplug plans I have been pushy applying patches early
to qom-cpu-next queue during Soft and Hard Freeze, but target maintainers
should've had sufficient time to ack/nack by now.

Tested with x86_64/ppc64/s390x KVM as well as MinGW cross-builds and OpenBSD.

Regards,
Andreas

Cc: Anthony Liguori 
Cc: Blue Swirl 

Cc: Eduardo Habkost 
Cc: Igor Mammedov 
Cc: Richard Henderson 
Cc: Edgar E. Iglesias 
Cc: Alexander Graf 
Cc: qemu-...@nongnu.org


The following changes since commit 453776e5746be23c66df65fadf12e115b7d2dadd:

  bitops: Remove routines redundant with host-utils (2013-02-16 11:12:52 +)

are available in the git repository at:

  git://github.com/afaerber/qemu-cpu.git qom-cpu

for you to fetch changes up to 2d64255bd7c0d3933ff5ab2cabff11bcb09117a8:

  target-i386: Split command line parsing out of cpu_x86_register() (2013-02-16 
14:51:01 +0100)


Andreas Färber (47):
  cpu: Prepare QOM realizefn
  target-alpha: Update AlphaCPU to QOM realizefn
  target-arm: Update ARMCPU to QOM realizefn
  target-i386: Update X86CPU to QOM realizefn
  target-openrisc: Update OpenRISCCPU to QOM realizefn
  target-ppc: Update PowerPCCPU to QOM realizefn
  target-cris: Introduce QOM realizefn for CRISCPU
  target-lm32: Introduce QOM realizefn for LM32CPU
  target-m68k: Introduce QOM realizefn for M68kCPU
  target-microblaze: Introduce QOM realizefn for MicroBlazeCPU
  target-mips: Introduce QOM realizefn for MIPSCPU
  target-s390x: Introduce QOM realizefn for S390CPU
  target-sh4: Introduce QOM realizefn for SuperHCPU
  target-sparc: Introduce QOM realizefn for SPARCCPU
  target-unicore32: Introduce QOM realizefn for UniCore32CPU
  target-xtensa: Introduce QOM realizefn for XtensaCPU
  target-arm: Move TCG initialization to ARMCPU initfn
  target-cris: Move TCG initialization to CRISCPU initfn
  target-lm32: Move TCG initialization to LM32CPU initfn
  target-m68k: Move TCG initialization to M68kCPU initfn
  target-microblaze: Move TCG initialization to MicroBlazeCPU initfn
  target-mips: Move TCG initialization to MIPSCPU initfn
  target-ppc: Move TCG initialization to PowerPCCPU initfn
  target-s390x: Move TCG initialization to S390CPU initfn
  target-sh4: Move TCG initialization to SuperHCPU initfn
  target-sparc: Move TCG initialization to SPARCCPU initfn
  target-unicore32: Move TCG initialization to UniCore32CPU initfn
  target-xtensa: Move TCG initialization to XtensaCPU initfn
  ppc405_uc: Pass PowerPCCPU to ppc40x_{core,chip,system}_reset()
  target-m68k: Return M68kCPU from cpu_m68k_init()
  mcf5206: Pass M68kCPU to mcf5206_init()
  mcf_intc: Pass M68kCPU to mcf_intc_init()
  target-m68k: Pass M68kCPU to m68k_set_irq_level()
  target-cris: Introduce CRISCPU subclasses
  cpu: Move host_tid field to CPUState
  cpu: Move running field to CPUState
  cpu: Move exit_request field to CPUState
  cpu: Move current_tb field to CPUState
  cputlb: Pass CPUState to cpu_unlink_tb()
  cpu: Add CPUArchState pointer to CPUState
  e500: Replace open-coded loop with qemu_get_cpu()
  ppce500_spin: Replace open-coded CPU loop with qemu_get_cpu()
  spapr_hcall: Replace open-coded CPU loop with qemu_get_cpu()
  target-s390x: Drop unused cpu_s390x_close() prototype
  target-lm32: Drop unused cpu_lm32_close() prototype
  target-i386: Move cpu_x86_init()
  target-i386: Split command line parsing out of cpu_x86_register()

 cpu-exec.c|   21 ++---
 cputlb.c  |6 +-
 dump.c|8 +-
 exec.c|6 +-
 gdbstub.c |   14 ++--
 hw/an5206.c   |   11 ++-
 hw/apic_common.c  |2 +-
 hw/apic_internal.h|2 +-
 hw/kvmvapic.c |   13 +--
 hw/mcf.h  |4 +-
 hw/mcf5206.c  |8 +-
 hw/mcf5208.c  |   11 ++-
 hw/mcf_intc.c |8 +-
 hw/pc.c   |1 -
 hw/ppc.c  |   12 +--
 hw/ppc.h  |6 +-
 hw/ppc/e500.c |   11 +--
 hw/ppc405_uc.c|   16 ++--
 hw/ppce500_spin.c |   15 +---
 hw/spapr_hcall.c  |   16 ++--
 include/exec/cpu-defs.h   |5 --
 include/exec/exec-all.h   |4 +-
 include/exec/gdbstub.h|5 +-
 include/qom/cpu.h |   11 +++
 kvm-all.c   

[Qemu-devel] [PATCH] kvmvapic: add read operation to the MemoryRegionOps to fix segfault

[Tommi Rantala]

QEMU would occasionally segfault when fuzzing the linux kernel with
Trinity. Add a read op (copied from hw/kvm/apic.c) to vapic_ops to
prevent the crash.

 Program received signal SIGSEGV, Segmentation fault.
 [Switching to Thread 0x7fffeddcc700 (LWP 15999)]
 0x in ?? ()
 (gdb) bt
 #0  0x in ?? ()
 #1  0x557bbd2d in memory_region_read_accessor (opaque=0x56be77c8,
 addr=, value=0x7fffeddcbaf0, size=1, shift=0, mask=255) at
 /home/ttrantal/git/qemu/memory.c:316
 #2  0x557bb612 in access_with_adjusted_size (addr=addr@entry=0,
 value=value@entry=0x7fffeddcbaf0, size=1, access_size_min=,
 access_size_max=, access=access@entry= 0x557bbcd0
 , opaque=opaque@entry=0x56be77c8) at
 /home/ttrantal/git/qemu/memory.c:364
 #3  0x557bcde8 in memory_region_iorange_read (iorange=0x56874d90,
 offset=0, width=1, data=0x7fffeddcbaf0) at 
/home/ttrantal/git/qemu/memory.c:409
 #4  0x557b6c37 in ioport_readb_thunk (opaque=,
 addr=) at /home/ttrantal/git/qemu/ioport.c:186
 #5  0x557b74ee in ioport_read (address=0, index=0) at
 /home/ttrantal/git/qemu/ioport.c:70
 #6  cpu_inb (addr=addr@entry=126) at /home/ttrantal/git/qemu/ioport.c:309
 #7  0x557b98a3 in kvm_handle_io (count=1, size=1, direction=0,
 data=, port=126) at /home/ttrantal/git/qemu/kvm-all.c:1414
 #8  kvm_cpu_exec (env=env@entry=0x56bcc870) at
 /home/ttrantal/git/qemu/kvm-all.c:1581
 #9  0x55763bb1 in qemu_kvm_cpu_thread_fn (arg=0x56bcc870) at
 /home/ttrantal/git/qemu/cpus.c:759
 #10 0x76487d15 in start_thread (arg=0x7fffeddcc700) at 
pthread_create.c:308
 #11 0x7297946d in clone () at 
../sysdeps/unix/sysv/linux/x86_64/clone.S:114
 (gdb)

Signed-off-by: Tommi Rantala 
---
 hw/kvmvapic.c | 7 +++
 1 file changed, 7 insertions(+)

diff --git a/hw/kvmvapic.c b/hw/kvmvapic.c
index 1b5f416..d4420fe 100644
--- a/hw/kvmvapic.c
+++ b/hw/kvmvapic.c
@@ -615,6 +615,12 @@ static int vapic_prepare(VAPICROMState *s)
 return 0;
 }
 
+static uint64_t vapic_read(void *opaque, hwaddr addr,
+   unsigned int size)
+{
+return ~(uint64_t)0;
+}
+
 static void vapic_write(void *opaque, hwaddr addr, uint64_t data,
 unsigned int size)
 {
@@ -683,6 +689,7 @@ static void vapic_write(void *opaque, hwaddr addr, uint64_t 
data,
 }
 
 static const MemoryRegionOps vapic_ops = {
+.read = vapic_read,
 .write = vapic_write,
 .endianness = DEVICE_NATIVE_ENDIAN,
 };
-- 
1.8.1

[Qemu-devel] [PATCH 43/47] spapr_hcall: Replace open-coded CPU loop with qemu_get_cpu()

[Andreas Färber]

The helper functions all access ppc-specific fields only so don't bother
to change arguments to PowerPCCPU and use env_ptr instead.

No functional change.

Acked-by: Alexander Graf 
Signed-off-by: Andreas Färber 
---
 hw/spapr_hcall.c |   11 +++
 1 Datei geändert, 3 Zeilen hinzugefügt(+), 8 Zeilen entfernt(-)

diff --git a/hw/spapr_hcall.c b/hw/spapr_hcall.c
index af1db6e..7b89594 100644
--- a/hw/spapr_hcall.c
+++ b/hw/spapr_hcall.c
@@ -469,16 +469,11 @@ static target_ulong h_register_vpa(PowerPCCPU *cpu, 
sPAPREnvironment *spapr,
 CPUPPCState *tenv;
 CPUState *tcpu;
 
-for (tenv = first_cpu; tenv; tenv = tenv->next_cpu) {
-tcpu = CPU(ppc_env_get_cpu(tenv));
-if (tcpu->cpu_index == procno) {
-break;
-}
-}
-
-if (!tenv) {
+tcpu = qemu_get_cpu(procno);
+if (!tcpu) {
 return H_PARAMETER;
 }
+tenv = tcpu->env_ptr;
 
 switch (flags) {
 case FLAGS_REGISTER_VPA:
-- 
1.7.10.4

[Qemu-devel] [PATCH] hw/ds1338.c: implement clock enable/disable (CH bit)

[Antoine Mathys]

Signed-off-by: Antoine Mathys 
---
 hw/ds1338.c |  156 ---
 1 file changed, 95 insertions(+), 61 deletions(-)

diff --git a/hw/ds1338.c b/hw/ds1338.c
index 1da0f96..5a93fb6 100644
--- a/hw/ds1338.c
+++ b/hw/ds1338.c
@@ -48,17 +48,32 @@ static const VMStateDescription vmstate_ds1338 = {
 }
 };
 
-static void capture_current_time(DS1338State *s)
+/* This mask is used to clear the read as zero bits in the RTC registers */
+static const uint8_t nvram_mask[8] = {
+0xff, 0x7f, 0x7f, 0x7, 0x3f, 0x1f, 0xff, 0xb3
+};
+
+
+static int compute_wday(int y, int m, int d)
 {
-/* Capture the current time into the secondary registers
- * which will be actually read by the data transfer operation.
- */
-struct tm now;
-qemu_get_timedate(&now, s->offset);
-s->nvram[0] = to_bcd(now.tm_sec);
-s->nvram[1] = to_bcd(now.tm_min);
+static int t[12] = {0, 3, 2, 5, 0, 3, 5, 1, 4, 6, 2, 4};
+
+if (m < 2) {
+y--;
+}
+return (y + y/4 - y/100 + y/400 + t[m] + d) % 7;
+}
+
+/* Write TM to the RTC registers. */
+static void write_time(DS1338State *s, const struct tm *tm)
+{
+/* Preserve the CH flag. */
+s->nvram[0] &= SECONDS_CH;
+s->nvram[0] |= to_bcd(tm->tm_sec);
+
+s->nvram[1] = to_bcd(tm->tm_min);
 if (s->nvram[2] & HOURS_12) {
-int tmp = now.tm_hour;
+int tmp = tm->tm_hour;
 if (tmp % 12 == 0) {
 tmp += 12;
 }
@@ -68,12 +83,50 @@ static void capture_current_time(DS1338State *s)
 s->nvram[2] = HOURS_12 | HOURS_PM | to_bcd(tmp - 12);
 }
 } else {
-s->nvram[2] = to_bcd(now.tm_hour);
+s->nvram[2] = to_bcd(tm->tm_hour);
+}
+s->nvram[3] = (tm->tm_wday + s->wday_offset) % 7 + 1;
+s->nvram[4] = to_bcd(tm->tm_mday);
+s->nvram[5] = to_bcd(tm->tm_mon + 1);
+s->nvram[6] = to_bcd(tm->tm_year - 100);
+}
+
+/* Read TM from the RTC registers. */
+static void read_time(DS1338State *s, struct tm *tm)
+{
+tm->tm_sec = from_bcd(s->nvram[0] & 0x7f);
+tm->tm_min = from_bcd(s->nvram[1] & 0x7f);
+if (s->nvram[2] & HOURS_12) {
+int tmp = from_bcd(s->nvram[2] & (HOURS_PM - 1));
+if (s->nvram[2] & HOURS_PM) {
+tmp += 12;
+}
+if (tmp % 12 == 0) {
+tmp -= 12;
+}
+tm->tm_hour = tmp;
+} else {
+tm->tm_hour = from_bcd(s->nvram[2] & (HOURS_12 - 1));
+}
+tm->tm_mday = from_bcd(s->nvram[4] & 0x3f);
+tm->tm_mon = from_bcd(s->nvram[5] & 0x1f) - 1;
+tm->tm_year = from_bcd(s->nvram[6]) + 100;
+tm->tm_wday = compute_wday(tm->tm_year + 1900, tm->tm_mon, tm->tm_mday);
+}
+
+static bool clock_running(DS1338State *s)
+{
+return !(s->nvram[0] & SECONDS_CH);
+}
+
+static void capture_current_time(DS1338State *s)
+{
+if (clock_running(s)) {
+/* Write current time. */
+struct tm tmp;
+qemu_get_timedate(&tmp, s->offset);
+write_time(s, &tmp);
 }
-s->nvram[3] = (now.tm_wday + s->wday_offset) % 7 + 1;
-s->nvram[4] = to_bcd(now.tm_mday);
-s->nvram[5] = to_bcd(now.tm_mon + 1);
-s->nvram[6] = to_bcd(now.tm_year - 100);
 }
 
 static void inc_regptr(DS1338State *s)
@@ -129,65 +182,46 @@ static int ds1338_send(I2CSlave *i2c, uint8_t data)
 }
 if (s->ptr < 7) {
 /* Time register. */
-struct tm now;
-qemu_get_timedate(&now, s->offset);
-switch(s->ptr) {
-case 0:
-/* TODO: Implement CH (stop) bit.  */
-now.tm_sec = from_bcd(data & 0x7f);
-break;
-case 1:
-now.tm_min = from_bcd(data & 0x7f);
-break;
-case 2:
-if (data & HOURS_12) {
-int tmp = from_bcd(data & (HOURS_PM - 1));
-if (data & HOURS_PM) {
-tmp += 12;
-}
-if (tmp % 12 == 0) {
-tmp -= 12;
-}
-now.tm_hour = tmp;
-} else {
-now.tm_hour = from_bcd(data & (HOURS_12 - 1));
-}
-break;
-case 3:
-{
-/* The day field is supposed to contain a value in
-   the range 1-7. Otherwise behavior is undefined.
- */
-int user_wday = (data & 7) - 1;
-s->wday_offset = (user_wday - now.tm_wday + 7) % 7;
+bool was_running = clock_running(s);
+
+capture_current_time(s);
+
+s->nvram[s->ptr] = data & nvram_mask[s->ptr];
+
+if (clock_running(s)) {
+/* Read the new time */
+struct tm tmp;
+int user_wday;
+
+read_time(s, &tmp);
+s->offset = qemu_timedate_diff(&tmp);
+
+/* The day field is supposed to contain a value in
+   the range 1-7. Otherwise behavior is undefined.
+*/
+user_wday = (s->nvram[3] & 7

[Qemu-devel] [PATCH 20/47] target-m68k: Move TCG initialization to M68kCPU initfn

[Andreas Färber]

Add a tcg_enabled() check to suppress it for qtest.

Signed-off-by: Andreas Färber 
---
 target-m68k/cpu.c|6 ++
 target-m68k/helper.c |7 ---
 2 Dateien geändert, 6 Zeilen hinzugefügt(+), 7 Zeilen entfernt(-)

diff --git a/target-m68k/cpu.c b/target-m68k/cpu.c
index e3eaffc..42735db 100644
--- a/target-m68k/cpu.c
+++ b/target-m68k/cpu.c
@@ -156,8 +156,14 @@ static void m68k_cpu_initfn(Object *obj)
 {
 M68kCPU *cpu = M68K_CPU(obj);
 CPUM68KState *env = &cpu->env;
+static bool inited;
 
 cpu_exec_init(env);
+
+if (tcg_enabled() && !inited) {
+inited = true;
+m68k_tcg_init();
+}
 }
 
 static const VMStateDescription vmstate_m68k_cpu = {
diff --git a/target-m68k/helper.c b/target-m68k/helper.c
index 3ae6fa0..6030807 100644
--- a/target-m68k/helper.c
+++ b/target-m68k/helper.c
@@ -103,7 +103,6 @@ CPUM68KState *cpu_m68k_init(const char *cpu_model)
 M68kCPU *cpu;
 CPUM68KState *env;
 ObjectClass *oc;
-static int inited;
 
 oc = cpu_class_by_name(TYPE_M68K_CPU, cpu_model);
 if (oc == NULL) {
@@ -111,12 +110,6 @@ CPUM68KState *cpu_m68k_init(const char *cpu_model)
 }
 cpu = M68K_CPU(object_new(object_class_get_name(oc)));
 env = &cpu->env;
-
-if (!inited) {
-inited = 1;
-m68k_tcg_init();
-}
-
 env->cpu_model_str = cpu_model;
 
 register_m68k_insns(env);
-- 
1.7.10.4

[Qemu-devel] [PATCH 26/47] target-sparc: Move TCG initialization to SPARCCPU initfn

[Andreas Färber]

Signed-off-by: Andreas Färber 
---
 target-sparc/cpu.c |8 
 1 Datei geändert, 4 Zeilen hinzugefügt(+), 4 Zeilen entfernt(-)

diff --git a/target-sparc/cpu.c b/target-sparc/cpu.c
index 1690cf5..759be53 100644
--- a/target-sparc/cpu.c
+++ b/target-sparc/cpu.c
@@ -114,10 +114,6 @@ SPARCCPU *cpu_sparc_init(const char *cpu_model)
 cpu = SPARC_CPU(object_new(TYPE_SPARC_CPU));
 env = &cpu->env;
 
-if (tcg_enabled()) {
-gen_intermediate_code_init(env);
-}
-
 if (cpu_sparc_register(env, cpu_model) < 0) {
 object_unref(OBJECT(cpu));
 return NULL;
@@ -868,6 +864,10 @@ static void sparc_cpu_initfn(Object *obj)
 CPUSPARCState *env = &cpu->env;
 
 cpu_exec_init(env);
+
+if (tcg_enabled()) {
+gen_intermediate_code_init(env);
+}
 }
 
 static void sparc_cpu_uninitfn(Object *obj)
-- 
1.7.10.4

[Qemu-devel] [PATCH 16/47] target-xtensa: Introduce QOM realizefn for XtensaCPU

[Andreas Färber]

Introduce realizefn and set realized = true in cpu_xtensa_init().

Signed-off-by: Andreas Färber 
---
 target-xtensa/cpu-qom.h |2 ++
 target-xtensa/cpu.c |   13 +
 target-xtensa/helper.c  |4 +++-
 3 Dateien geändert, 18 Zeilen hinzugefügt(+), 1 Zeile entfernt(-)

diff --git a/target-xtensa/cpu-qom.h b/target-xtensa/cpu-qom.h
index e344a9a..270de16 100644
--- a/target-xtensa/cpu-qom.h
+++ b/target-xtensa/cpu-qom.h
@@ -43,6 +43,7 @@
 
 /**
  * XtensaCPUClass:
+ * @parent_realize: The parent class' realize handler.
  * @parent_reset: The parent class' reset handler.
  *
  * An Xtensa CPU model.
@@ -52,6 +53,7 @@ typedef struct XtensaCPUClass {
 CPUClass parent_class;
 /*< public >*/
 
+DeviceRealize parent_realize;
 void (*parent_reset)(CPUState *cpu);
 } XtensaCPUClass;
 
diff --git a/target-xtensa/cpu.c b/target-xtensa/cpu.c
index ebc7e99..d3706a3 100644
--- a/target-xtensa/cpu.c
+++ b/target-xtensa/cpu.c
@@ -57,6 +57,16 @@ static void xtensa_cpu_reset(CPUState *s)
 reset_mmu(env);
 }
 
+static void xtensa_cpu_realizefn(DeviceState *dev, Error **errp)
+{
+XtensaCPU *cpu = XTENSA_CPU(dev);
+XtensaCPUClass *xcc = XTENSA_CPU_GET_CLASS(dev);
+
+qemu_init_vcpu(&cpu->env);
+
+xcc->parent_realize(dev, errp);
+}
+
 static void xtensa_cpu_initfn(Object *obj)
 {
 XtensaCPU *cpu = XTENSA_CPU(obj);
@@ -76,6 +86,9 @@ static void xtensa_cpu_class_init(ObjectClass *oc, void *data)
 CPUClass *cc = CPU_CLASS(oc);
 XtensaCPUClass *xcc = XTENSA_CPU_CLASS(cc);
 
+xcc->parent_realize = dc->realize;
+dc->realize = xtensa_cpu_realizefn;
+
 xcc->parent_reset = cc->reset;
 cc->reset = xtensa_cpu_reset;
 
diff --git a/target-xtensa/helper.c b/target-xtensa/helper.c
index 94c03a1..14bcc7e 100644
--- a/target-xtensa/helper.c
+++ b/target-xtensa/helper.c
@@ -104,7 +104,9 @@ XtensaCPU *cpu_xtensa_init(const char *cpu_model)
 }
 
 xtensa_irq_init(env);
-qemu_init_vcpu(env);
+
+object_property_set_bool(OBJECT(cpu), true, "realized", NULL);
+
 return cpu;
 }
 
-- 
1.7.10.4

[Qemu-devel] [PATCH 17/47] target-arm: Move TCG initialization to ARMCPU initfn

[Andreas Färber]

Ensures that a QOM-created ARMCPU is usable.

Signed-off-by: Andreas Färber 
---
 target-arm/cpu.c|6 ++
 target-arm/helper.c |6 --
 2 Dateien geändert, 6 Zeilen hinzugefügt(+), 6 Zeilen entfernt(-)

diff --git a/target-arm/cpu.c b/target-arm/cpu.c
index 9915172..f54d200 100644
--- a/target-arm/cpu.c
+++ b/target-arm/cpu.c
@@ -135,10 +135,16 @@ static inline void set_feature(CPUARMState *env, int 
feature)
 static void arm_cpu_initfn(Object *obj)
 {
 ARMCPU *cpu = ARM_CPU(obj);
+static bool inited;
 
 cpu_exec_init(&cpu->env);
 cpu->cp_regs = g_hash_table_new_full(g_int_hash, g_int_equal,
  g_free, g_free);
+
+if (tcg_enabled() && !inited) {
+inited = true;
+arm_translate_init();
+}
 }
 
 static void arm_cpu_finalizefn(Object *obj)
diff --git a/target-arm/helper.c b/target-arm/helper.c
index 4538a09..e63da57 100644
--- a/target-arm/helper.c
+++ b/target-arm/helper.c
@@ -1263,7 +1263,6 @@ ARMCPU *cpu_arm_init(const char *cpu_model)
 ARMCPU *cpu;
 CPUARMState *env;
 ObjectClass *oc;
-static int inited = 0;
 
 oc = cpu_class_by_name(TYPE_ARM_CPU, cpu_model);
 if (!oc) {
@@ -1276,11 +1275,6 @@ ARMCPU *cpu_arm_init(const char *cpu_model)
 /* TODO this should be set centrally, once possible */
 object_property_set_bool(OBJECT(cpu), true, "realized", NULL);
 
-if (tcg_enabled() && !inited) {
-inited = 1;
-arm_translate_init();
-}
-
 return cpu;
 }
 
-- 
1.7.10.4

[Qemu-devel] [PATCH 12/47] target-s390x: Introduce QOM realizefn for S390CPU

[Andreas Färber]

Introduce realizefn and set realized = true in cpu_s390x_init().

Defer CPU reset from initfn to realizefn.

Acked-by: Richard Henderson 
[AF: Invoke parent's realizefn]
Signed-off-by: Andreas Färber 
---
 target-s390x/cpu-qom.h |2 ++
 target-s390x/cpu.c |   16 ++--
 target-s390x/helper.c  |4 +++-
 3 Dateien geändert, 19 Zeilen hinzugefügt(+), 3 Zeilen entfernt(-)

diff --git a/target-s390x/cpu-qom.h b/target-s390x/cpu-qom.h
index d54e4a2..237184f 100644
--- a/target-s390x/cpu-qom.h
+++ b/target-s390x/cpu-qom.h
@@ -34,6 +34,7 @@
 
 /**
  * S390CPUClass:
+ * @parent_realize: The parent class' realize handler.
  * @parent_reset: The parent class' reset handler.
  *
  * An S/390 CPU model.
@@ -43,6 +44,7 @@ typedef struct S390CPUClass {
 CPUClass parent_class;
 /*< public >*/
 
+DeviceRealize parent_realize;
 void (*parent_reset)(CPUState *cpu);
 } S390CPUClass;
 
diff --git a/target-s390x/cpu.c b/target-s390x/cpu.c
index d765e7b..ee15783 100644
--- a/target-s390x/cpu.c
+++ b/target-s390x/cpu.c
@@ -97,6 +97,17 @@ static void s390_cpu_machine_reset_cb(void *opaque)
 }
 #endif
 
+static void s390_cpu_realizefn(DeviceState *dev, Error **errp)
+{
+S390CPU *cpu = S390_CPU(dev);
+S390CPUClass *scc = S390_CPU_GET_CLASS(dev);
+
+qemu_init_vcpu(&cpu->env);
+cpu_reset(CPU(cpu));
+
+scc->parent_realize(dev, errp);
+}
+
 static void s390_cpu_initfn(Object *obj)
 {
 S390CPU *cpu = S390_CPU(obj);
@@ -122,8 +133,6 @@ static void s390_cpu_initfn(Object *obj)
 #endif
 env->cpu_num = cpu_num++;
 env->ext_index = -1;
-
-cpu_reset(CPU(cpu));
 }
 
 static void s390_cpu_finalize(Object *obj)
@@ -146,6 +155,9 @@ static void s390_cpu_class_init(ObjectClass *oc, void *data)
 CPUClass *cc = CPU_CLASS(scc);
 DeviceClass *dc = DEVICE_CLASS(oc);
 
+scc->parent_realize = dc->realize;
+dc->realize = s390_cpu_realizefn;
+
 scc->parent_reset = cc->reset;
 cc->reset = s390_cpu_reset;
 
diff --git a/target-s390x/helper.c b/target-s390x/helper.c
index 7626831..d3bb456 100644
--- a/target-s390x/helper.c
+++ b/target-s390x/helper.c
@@ -85,7 +85,9 @@ S390CPU *cpu_s390x_init(const char *cpu_model)
 }
 
 env->cpu_model_str = cpu_model;
-qemu_init_vcpu(env);
+
+object_property_set_bool(OBJECT(cpu), true, "realized", NULL);
+
 return cpu;
 }
 
-- 
1.7.10.4

[Qemu-devel] [PATCH 11/47] target-mips: Introduce QOM realizefn for MIPSCPU

[Andreas Färber]

Introduce a realizefn and set realized = true from cpu_mips_init().

Signed-off-by: Andreas Färber 
---
 target-mips/cpu-qom.h   |2 ++
 target-mips/cpu.c   |   15 +++
 target-mips/translate.c |5 +++--
 3 Dateien geändert, 20 Zeilen hinzugefügt(+), 2 Zeilen entfernt(-)

diff --git a/target-mips/cpu-qom.h b/target-mips/cpu-qom.h
index 2a4b812..55aa692 100644
--- a/target-mips/cpu-qom.h
+++ b/target-mips/cpu-qom.h
@@ -37,6 +37,7 @@
 
 /**
  * MIPSCPUClass:
+ * @parent_realize: The parent class' realize handler.
  * @parent_reset: The parent class' reset handler.
  *
  * A MIPS CPU model.
@@ -46,6 +47,7 @@ typedef struct MIPSCPUClass {
 CPUClass parent_class;
 /*< public >*/
 
+DeviceRealize parent_realize;
 void (*parent_reset)(CPUState *cpu);
 } MIPSCPUClass;
 
diff --git a/target-mips/cpu.c b/target-mips/cpu.c
index 10ff46d..18895da 100644
--- a/target-mips/cpu.c
+++ b/target-mips/cpu.c
@@ -42,6 +42,17 @@ static void mips_cpu_reset(CPUState *s)
 cpu_state_reset(env);
 }
 
+static void mips_cpu_realizefn(DeviceState *dev, Error **errp)
+{
+MIPSCPU *cpu = MIPS_CPU(dev);
+MIPSCPUClass *mcc = MIPS_CPU_GET_CLASS(dev);
+
+cpu_reset(CPU(cpu));
+qemu_init_vcpu(&cpu->env);
+
+mcc->parent_realize(dev, errp);
+}
+
 static void mips_cpu_initfn(Object *obj)
 {
 MIPSCPU *cpu = MIPS_CPU(obj);
@@ -54,6 +65,10 @@ static void mips_cpu_class_init(ObjectClass *c, void *data)
 {
 MIPSCPUClass *mcc = MIPS_CPU_CLASS(c);
 CPUClass *cc = CPU_CLASS(c);
+DeviceClass *dc = DEVICE_CLASS(c);
+
+mcc->parent_realize = dc->realize;
+dc->realize = mips_cpu_realizefn;
 
 mcc->parent_reset = cc->reset;
 cc->reset = mips_cpu_reset;
diff --git a/target-mips/translate.c b/target-mips/translate.c
index 3b77b53..d7f650e 100644
--- a/target-mips/translate.c
+++ b/target-mips/translate.c
@@ -15916,8 +15916,9 @@ MIPSCPU *cpu_mips_init(const char *cpu_model)
 fpu_init(env, def);
 mvp_init(env, def);
 mips_tcg_init();
-cpu_reset(CPU(cpu));
-qemu_init_vcpu(env);
+
+object_property_set_bool(OBJECT(cpu), true, "realized", NULL);
+
 return cpu;
 }
 
-- 
1.7.10.4

[Qemu-devel] [PATCH 21/47] target-microblaze: Move TCG initialization to MicroBlazeCPU initfn

[Andreas Färber]

Split off TCG initialization from cpu_mb_init() into mb_tcg_init() to
call it from the initfn.

Ensures that a QOM-created MicroBlazeCPU is usable.

Signed-off-by: Andreas Färber 
---
 target-microblaze/cpu.c   |6 ++
 target-microblaze/cpu.h   |1 +
 target-microblaze/translate.c |   13 +
 3 Dateien geändert, 12 Zeilen hinzugefügt(+), 8 Zeilen entfernt(-)

diff --git a/target-microblaze/cpu.c b/target-microblaze/cpu.c
index baae47b..28b5a88 100644
--- a/target-microblaze/cpu.c
+++ b/target-microblaze/cpu.c
@@ -100,10 +100,16 @@ static void mb_cpu_initfn(Object *obj)
 {
 MicroBlazeCPU *cpu = MICROBLAZE_CPU(obj);
 CPUMBState *env = &cpu->env;
+static bool tcg_initialized;
 
 cpu_exec_init(env);
 
 set_float_rounding_mode(float_round_nearest_even, &env->fp_status);
+
+if (tcg_enabled() && !tcg_initialized) {
+tcg_initialized = true;
+mb_tcg_init();
+}
 }
 
 static const VMStateDescription vmstate_mb_cpu = {
diff --git a/target-microblaze/cpu.h b/target-microblaze/cpu.h
index 41480e7..c3dd7f6 100644
--- a/target-microblaze/cpu.h
+++ b/target-microblaze/cpu.h
@@ -272,6 +272,7 @@ struct CPUMBState {
 
 #include "cpu-qom.h"
 
+void mb_tcg_init(void);
 MicroBlazeCPU *cpu_mb_init(const char *cpu_model);
 int cpu_mb_exec(CPUMBState *s);
 void do_interrupt(CPUMBState *env);
diff --git a/target-microblaze/translate.c b/target-microblaze/translate.c
index a84856b..12ea820 100644
--- a/target-microblaze/translate.c
+++ b/target-microblaze/translate.c
@@ -1965,18 +1965,17 @@ void cpu_dump_state (CPUMBState *env, FILE *f, 
fprintf_function cpu_fprintf,
 MicroBlazeCPU *cpu_mb_init(const char *cpu_model)
 {
 MicroBlazeCPU *cpu;
-static int tcg_initialized = 0;
-int i;
 
 cpu = MICROBLAZE_CPU(object_new(TYPE_MICROBLAZE_CPU));
 
 object_property_set_bool(OBJECT(cpu), true, "realized", NULL);
 
-if (tcg_initialized) {
-return cpu;
-}
+return cpu;
+}
 
-tcg_initialized = 1;
+void mb_tcg_init(void)
+{
+int i;
 
 cpu_env = tcg_global_reg_new_ptr(TCG_AREG0, "env");
 
@@ -2007,8 +2006,6 @@ MicroBlazeCPU *cpu_mb_init(const char *cpu_model)
 }
 #define GEN_HELPER 2
 #include "helper.h"
-
-return cpu;
 }
 
 void restore_state_to_opc(CPUMBState *env, TranslationBlock *tb, int pc_pos)
-- 
1.7.10.4

Re: [Qemu-devel] [PATCH for-1.4? qom-cpu-next 2/9] target-lm32: Drop unused cpu_lm32_close() prototype

[Andreas Färber]

Am 02.02.2013 12:57, schrieb Andreas Färber:
> It was never implemented.
> 
> Signed-off-by: Andreas Färber 

Applied to qom-cpu:
https://github.com/afaerber/qemu-cpu/commits/qom-cpu

Andreas

> ---
>  target-lm32/cpu.h |1 -
>  1 Datei geändert, 1 Zeile entfernt(-)
> 
> diff --git a/target-lm32/cpu.h b/target-lm32/cpu.h
> index 4e202db..6948d0e 100644
> --- a/target-lm32/cpu.h
> +++ b/target-lm32/cpu.h
> @@ -189,7 +189,6 @@ struct CPULM32State {
>  LM32CPU *cpu_lm32_init(const char *cpu_model);
>  void cpu_lm32_list(FILE *f, fprintf_function cpu_fprintf);
>  int cpu_lm32_exec(CPULM32State *s);
> -void cpu_lm32_close(CPULM32State *s);
>  void do_interrupt(CPULM32State *env);
>  /* you can call this signal handler from your SIGBUS and SIGSEGV
> signal handlers to inform the virtual CPU of exceptions. non zero
> 


-- 
SUSE LINUX Products GmbH, Maxfeldstr. 5, 90409 Nürnberg, Germany
GF: Jeff Hawn, Jennifer Guild, Felix Imendörffer; HRB 16746 AG Nürnberg

Re: [Qemu-devel] [PATCH for-1.4? qom-cpu-next 1/9] target-s390x: Drop unused cpu_s390x_close() prototype

[Andreas Färber]

Am 15.02.2013 18:47, schrieb Alexander Graf:
> 
> On 15.02.2013, at 18:44, Andreas Färber wrote:
> 
>> Alex,
>>
>> Am 02.02.2013 12:57, schrieb Andreas Färber:
>>> It was never implemented.
>>>
>>> Signed-off-by: Andreas Färber 
>>
>> Too late for 1.4 now obviously. ;)
>>
>> Do you want to queue this on s390-next (i.e.,do you plan an early pull)?
>> Or should I put it in qom-cpu-next?
> 
> Just put it into qom-cpu-next :)

Thanks, applied to qom-cpu:
https://github.com/afaerber/qemu-cpu/commits/qom-cpu

Andreas

-- 
SUSE LINUX Products GmbH, Maxfeldstr. 5, 90409 Nürnberg, Germany
GF: Jeff Hawn, Jennifer Guild, Felix Imendörffer; HRB 16746 AG Nürnberg

[Qemu-devel] [PATCH v2] pc-bios: build OpenBIOS if possible

[Blue Swirl]

Check if xsltproc and Sparc32, Sparc64 and PPC compilers
are available. If found, rebuild OpenBIOS ROMs from submodule.

Signed-off-by: Blue Swirl 
---
v2:
 fix crossgcc check
 print which ROMs will be built
 create the build directory in configure 
 don't overwrite source versions when building out of tree

I've pushed the OpenBIOS patch (r1099).
---
 configure |   25 +
 pc-bios/openbios/Makefile |   29 +
 2 files changed, 54 insertions(+), 0 deletions(-)
 create mode 100644 pc-bios/openbios/Makefile

diff --git a/configure b/configure
index 8789324..ded5c7b 100755
--- a/configure
+++ b/configure
@@ -76,6 +76,20 @@ has() {
 type "$1" >/dev/null 2>&1
 }
 
+# check for cross compile or native tools for arch $1
+has_crossgcc() {
+if test "$cpu" = "$1"; then
+return 1
+fi
+for ccprefix in "${1}-linux-gnu-" "${1}-linux-" \
+"${1}-elf-" "${1}-eabi-"; do
+if has "${ccprefix}gcc"; then
+return 1
+fi
+done
+return 0
+}
+
 # search for an executable in PATH
 path_of() {
 local_command="$1"
@@ -3241,6 +3255,14 @@ if test "$cpu" = "ppc64" -a "$targetos" != "Darwin" ; 
then
   roms="$roms spapr-rtas"
 fi
 
+# OpenBIOS needs xsltproc, and Sparc32, Sparc64 and PPC cross compilers
+if has xsltproc; then
+if has_crossgcc "sparc" && has_crossgcc "sparc64" && \
+\( has_crossgcc "powerpc" ||  has_crossgcc "ppc" \); then
+roms="$roms openbios"
+fi
+fi
+
 # add pixman flags after all config tests are done
 QEMU_CFLAGS="$QEMU_CFLAGS $pixman_cflags"
 libs_softmmu="$libs_softmmu $pixman_libs"
@@ -3344,6 +3366,7 @@ echo "GlusterFS support $glusterfs"
 echo "virtio-blk-data-plane $virtio_blk_data_plane"
 echo "gcov  $gcov_tool"
 echo "gcov enabled  $gcov"
+echo "build ROMs$roms"
 
 if test "$sdl_too_old" = "yes"; then
 echo "-> Your SDL version is too old - please upgrade to have SDL support"
@@ -4281,6 +4304,7 @@ fi
 # build tree in object directory in case the source is not in the current 
directory
 DIRS="tests tests/tcg tests/tcg/cris tests/tcg/lm32"
 DIRS="$DIRS pc-bios/optionrom pc-bios/spapr-rtas"
+DIRS="$DIRS pc-bios/openbios pc-bios/openbios/build"
 DIRS="$DIRS roms/seabios roms/vgabios"
 DIRS="$DIRS qapi-generated"
 FILES="Makefile tests/tcg/Makefile qdict-test-data.txt"
@@ -4288,6 +4312,7 @@ FILES="$FILES tests/tcg/cris/Makefile 
tests/tcg/cris/.gdbinit"
 FILES="$FILES tests/tcg/lm32/Makefile"
 FILES="$FILES pc-bios/optionrom/Makefile pc-bios/keymaps"
 FILES="$FILES pc-bios/spapr-rtas/Makefile"
+FILES="$FILES pc-bios/openbios/Makefile"
 FILES="$FILES roms/seabios/Makefile roms/vgabios/Makefile"
 for bios_file in \
 $source_path/pc-bios/*.bin \
diff --git a/pc-bios/openbios/Makefile b/pc-bios/openbios/Makefile
new file mode 100644
index 000..0849cf8
--- /dev/null
+++ b/pc-bios/openbios/Makefile
@@ -0,0 +1,29 @@
+all: build-all
+# Dummy command so that make thinks it has done something
+   @true
+
+include ../../config-host.mak
+
+.PHONY : all clean build-all
+
+# Avoid polluting sub-make environment, especially MAKEFLAGS causes build to 
fail
+unexport AS AS_FLAGS CC CFLAGS CPP INCLUDES LD LDFLAGS VERSION SRCDIR ODIR
+unexport HOSTCC HOSTCFLAGS HOSTARCH HOSTINCLUDES TARGET MAKE MAKEFLAGS MFLAGS
+
+build-all: config
+   make -C build build-verbose
+   rm -f ../openbios-*
+   cp build/obj-sparc32/openbios-builtin.elf ../openbios-sparc32
+   cp build/obj-sparc64/openbios-builtin.elf ../openbios-sparc64
+   cp build/obj-ppc/openbios-qemu.elf ../openbios-ppc
+
+config: config-timestamp
+   @cmp $< $@ >/dev/null 2>&1 || cp $< $@
+
+config-timestamp: $(SRC_PATH)/roms/openbios/config/scripts/switch-arch
+   cd build && sh $(SRC_PATH)/roms/openbios/config/scripts/switch-arch 
sparc32 sparc64 ppc
+   touch $@
+
+clean:
+   make -C build $@
+   rm -f config config-timestamp
-- 
1.7.2.5

Re: [Qemu-devel] [PATCH] e600 core for MPC86xx processors

[Julio Guerra]

2013/2/16 Andreas Färber :
>
> This patch is just as broken as the PReP one...
>
> The patch contradicts your description. Did you diff the wrong way?!
>

Indeed... Forget it, I'll resubmit it.

> This patch conflicts with our ongoing CPU definition refactoring:
> http://lists.nongnu.org/archive/html/qemu-devel/2013-02/msg01672.html
> We are extracting some of the definitions into an alias list and as a
> follow-up preparing to use QOM for CPU model -> CPU type relationships.
> It may need to be delayed to apply on top.
>

Ok. I'll keep an eye on the updates and rework it as soon as yours is
integrated.

Regards,

-- 
Julio Guerra

[Qemu-devel] correct step to invoke a single step?

[Peter Cheung]

Hi AllIs it the correct step to invoke a single step? It will fail when 
currec IP hit a breakpoint, but i can't find any different than the gdb stub.
static int sstep_flags = SSTEP_ENABLE | SSTEP_NOIRQ | 
SSTEP_NOTIMER;CPUArchState *cpu = first_cpu;cpu_single_step(cpu, 
sstep_flags);vm_start();
Thanksfrom Peter  

[Qemu-devel] [PATCH] prep: Fix software reset

[Julio Guerra]

The software reset of a PReP machine should reset the entire system
and not only the processor. It occurs when changing the 7th bit of
port 0092 from 0 to 1.

Adding a new variable in PReP's sysctrl_t to store the soft reset bit
makes possible to be compliant with PReP specification :
* reset the system when changing soft reset bit from 0 to 1.
* the soft reset bit value is 1 after a soft reset.
* Port 0092 is read/write.

qemu_system_reset_request() does the required job (calling the reset
handlers) when the software reset is needed.

reset_irq is no longer needed, the CPU reset (calling ppc_prep_reset)
is called when qemu_system_reset calls every reset handlers.

Signed-off-by: Julio Guerra 
---
 hw/ppc/prep.c | 13 -
 1 file changed, 8 insertions(+), 5 deletions(-)

diff --git a/hw/ppc/prep.c b/hw/ppc/prep.c
index e06dded..64dab8b 100644
--- a/hw/ppc/prep.c
+++ b/hw/ppc/prep.c
@@ -178,12 +178,12 @@ static const MemoryRegionOps PPC_XCSR_ops = {

 /* Fake super-io ports for PREP platform (Intel 82378ZB) */
 typedef struct sysctrl_t {
-qemu_irq reset_irq;
 M48t59State *nvram;
 uint8_t state;
 uint8_t syscontrol;
 int contiguous_map;
 int endian;
+uint8_t sreset;
 } sysctrl_t;

 enum {
@@ -203,9 +203,11 @@ static void PREP_io_800_writeb (void *opaque, uint32_t 
addr, uint32_t val)
 /* Special port 92 */
 /* Check soft reset asked */
 if (val & 0x01) {
-qemu_irq_raise(sysctrl->reset_irq);
+   if (!sysctrl->sreset)
+qemu_system_reset_request();
+sysctrl->sreset = 1;
 } else {
-qemu_irq_lower(sysctrl->reset_irq);
+sysctrl->sreset = 0;
 }
 /* Check LE mode */
 if (val & 0x02) {
@@ -267,7 +269,7 @@ static uint32_t PREP_io_800_readb (void *opaque, uint32_t 
addr)
 switch (addr) {
 case 0x0092:
 /* Special port 92 */
-retval = 0x00;
+retval = (sysctrl->endian << 1) | sysctrl->sreset;
 break;
 case 0x0800:
 /* Motorola CPU configuration register */
@@ -624,7 +626,8 @@ static void ppc_prep_init(QEMUMachineInitArgs *args)
 }
 isa_create_simple(isa_bus, "i8042");

-sysctrl->reset_irq = first_cpu->irq_inputs[PPC6xx_INPUT_HRESET];
+sysctrl->sreset = 0;
+sysctrl->endian = 0;
 /* System control ports */
 register_ioport_read(0x0092, 0x01, 1, &PREP_io_800_readb, sysctrl);
 register_ioport_write(0x0092, 0x01, 1, &PREP_io_800_writeb, sysctrl);
--
1.8.1.2

Re: [Qemu-devel] [PATCH v2 00/10] Cleanup bitops vs host-utils

[Blue Swirl]

Thanks, applied.

On Thu, Feb 14, 2013 at 1:47 AM, Richard Henderson  wrote:
> Version 1 merely tried to adjust bitops_flsl, here I instead eliminate
> it all from bitops.h, and standardizes on the routines from host-utils.h.
>
>
> r~
>
>
> Richard Henderson (10):
>   host-utils: Add host long specific aliases for clz, ctz, ctpop
>   host-utils: Fix coding style and add comments
>   hbitmap: Use non-bitops ctzl
>   bitops: Use non-bitops ctzl
>   memory: Use non-bitops ctzl
>   bitops: Write bitops_flsl in terms of clzl
>   target-i386: Inline bitops_flsl
>   bitops: Inline bitops_flsl
>   bitops: Replace bitops_ctol with ctzl
>   bitops: Remove routines redundant with host-utils
>
>  include/qemu/bitops.h |  75 -
>  include/qemu/hbitmap.h|   3 +-
>  include/qemu/host-utils.h | 119 
> +++---
>  memory.c  |   4 +-
>  target-i386/topology.h|   6 +--
>  util/bitops.c |   6 +--
>  util/hbitmap.c|   3 +-
>  7 files changed, 112 insertions(+), 104 deletions(-)
>
> --
> 1.8.1.2
>

Re: [Qemu-devel] [PATCH 0/6] qemu_log: remove 'cpu' from qemu log function names

[Blue Swirl]

Thanks, applied.

On Mon, Feb 11, 2013 at 4:41 PM, Peter Maydell  wrote:
> This patchset is just cleanups; it has two major aims:
>  * remove 'cpu' from public-facing qemu_log function/type/etc
>names, since the logging is now entirely generic and not
>tied to TCG CPU debug logging at all
>  * remove unnecessary indirection through cpus.c (ie set_cpu_log
>and set_cpu_log_filename) in favour of just having vl.c
>call the appropriate qemu_log functions. [I think this indirection
>was a legacy from before commit 3b823210, when qemu-log.h
>could not be included in files that were in libhw.]
>
> thanks
> -- PMM
>
> Peter Maydell (6):
>   qemu-log: Unify {cpu_set,set_cpu}_log_filename as
> qemu_set_log_filename
>   qemu-log: Abstract out "print usage message about valid log
> categories"
>   qemu-log: Rename cpu_str_to_log_mask to qemu_str_to_log_mask
>   qemu-log: Rename the public-facing cpu_set_log function to
> qemu_set_log
>   cpus.c: Drop unnecessary set_cpu_log()
>   qemu-log: Rename CPULogItem, cpu_log_items to QEMULogItem,
> qemu_log_items
>
>  bsd-user/main.c |   12 
>  cpus.c  |   21 -
>  hw/ppc.c|2 +-
>  include/qemu/log.h  |   27 ++-
>  include/sysemu/cpus.h   |2 --
>  linux-user/main.c   |   14 +-
>  monitor.c   |   10 +-
>  qemu-log.c  |   25 +
>  target-i386/translate.c |2 +-
>  tcg/tci/tcg-target.c|2 +-
>  vl.c|   11 +--
>  11 files changed, 61 insertions(+), 67 deletions(-)
>
> --
> 1.7.9.5
>

Re: [Qemu-devel] [PATCH qom-cpu-next v5] target-i386: Split command line parsing out of cpu_x86_register()

[Andreas Färber]

Am 15.02.2013 14:06, schrieb Igor Mammedov:
> From: Andreas Färber 
> 
> In order to instantiate a CPU subtype we will need to know which type,
> so move the cpu_model splitting into cpu_x86_init().
> 
> Parameters need to be set on the X86CPU instance, so move
> cpu_x86_parse_featurestr() into cpu_x86_init() as well.
> 
> This leaves cpu_x86_register() operating on the model name only.
> 
> Signed-off-by: Andreas Färber 
> Signed-off-by: Igor Mammedov 
> ---
>  v5:
>   * get error to report from cpu_x86_register()
>  v4:
>   * consolidate resource cleanup in when leaving cpu_x86_init(),
> to avoid clean code duplication.
>   * remove unnecessary error message from hw/pc.c

This version still has the flaw of printing an x86-specific error
message in the model-not-found NULL return case, leading to duplicate
error messages for qemu-i386 / qemu-x86_64.

But I think the progress towards x86 hotplug outweighs that nit, and
adding #ifdef TARGET_I386 to linux-user and bsd-user seemed
unnecessarily ugly to me. Fixing this (or q35?) can be done as follow-up.

Thanks, applied to qom-cpu:
https://github.com/afaerber/qemu-cpu/commits/qom-cpu

Andreas

-- 
SUSE LINUX Products GmbH, Maxfeldstr. 5, 90409 Nürnberg, Germany
GF: Jeff Hawn, Jennifer Guild, Felix Imendörffer; HRB 16746 AG Nürnberg

Re: [Qemu-devel] [PATCH 0/2] Fainal TCG clean-up patches

[Blue Swirl]

Thanks, applied.

On Thu, Jan 31, 2013 at 6:47 PM, Evgeny Voevodin
 wrote:
>
> This set of patches moves rest global variables to tcg_ctx.
> Also second patch introduces new TBContext for translation blocks
> ans moves translation block globals there. We place tb_ctx inside
> tcg_ctx and get noticable speed-up.
>
>
> After this patchset was aplied,
> I noticed ~4-5% speed-up of code generation.
>
> Here is the test procedure:
> 1. Boot Linux Kernel 5 times.
> 2. For each iteration wait while "JIT cycles" is stable for ~10 seconds
> 3. Write down the "cycles/op"
>
> Here are the results (tested on gcc-4.6):
>
> Before clean-up:
> min: 662.4
> max: 696
> avg: 672.28
> standard deviation: ~17 ~= 3.5%
>
> Average cycles/op = 672 +- 17
>
>
> After clean-up:
> min: 635
> max: 650.5
> avg: 640.14
> standard deviation: ~8 ~= 1.6%
>
> Average cycles/op = 640 +- 8
>
> Evgeny Voevodin (2):
>   TCG: Final globals clean-up
>   TCG: Move translation block variables to new context inside tcg_ctx:
> tb_ctx
>
>  cpu-exec.c  |   18 +++--
>  include/exec/exec-all.h |   27 +---
>  linux-user/main.c   |6 +-
>  tcg/tcg.c   |2 +-
>  tcg/tcg.h   |   16 -
>  translate-all.c |  173 
> +++
>  6 files changed, 130 insertions(+), 112 deletions(-)
>
> --
> 1.7.9.5
>

[Qemu-devel] [PATCH] qemu-log: Introduce qemu_log_mask_vprintf()

[Andreas Färber]

Corresponds to existing qemu_log_vprintf() but uses a mask.

Signed-off-by: Andreas Färber 
---
 include/qemu/log.h |8 
 1 Datei geändert, 8 Zeilen hinzugefügt(+)

diff --git a/include/qemu/log.h b/include/qemu/log.h
index 58f69cb..4bfa60c 100644
--- a/include/qemu/log.h
+++ b/include/qemu/log.h
@@ -64,6 +64,14 @@ qemu_log_vprintf(const char *fmt, va_list va)
  */
 void GCC_FMT_ATTR(2, 3) qemu_log_mask(int mask, const char *fmt, ...);
 
+static inline void GCC_FMT_ATTR(2, 0)
+qemu_log_mask_vprintf(int mask, const char *fmt, va_list va)
+{
+if ((qemu_loglevel & mask) && qemu_logfile) {
+vfprintf(qemu_logfile, fmt, va);
+}
+}
+
 
 /* Special cases: */
 
-- 
1.7.10.4

Re: [Qemu-devel] [PATCH] qemu-log: Remove qemu_log_try_set_file() and its users

[Blue Swirl]

Thanks, applied.

On Tue, Feb 12, 2013 at 4:13 PM, Peter Maydell  wrote:
> Remove the function qemu_log_try_set_file() and its users (which
> are all in TCG code generation functions for various targets).
> This function was added to abstract out code which was originally
> written as "if (!logfile) logfile = stderr;" in order that BUG:
> case code which did an unguarded "fprintf(logfile, ...)" would
> not crash if debug logging was not enabled. Since those direct
> uses of logfile have also been abstracted away into qemu_log()
> calls which check for a NULL logfile, there is no need for the
> target-* files to mess with the user's chosen logging settings.
>
> Signed-off-by: Peter Maydell 
> ---
>  include/qemu/log.h|8 
>  target-cris/translate.c   |2 --
>  target-lm32/translate.c   |2 --
>  target-microblaze/translate.c |2 --
>  target-openrisc/translate.c   |2 --
>  5 files changed, 16 deletions(-)
>
> diff --git a/include/qemu/log.h b/include/qemu/log.h
> index 5a46555..4527003 100644
> --- a/include/qemu/log.h
> +++ b/include/qemu/log.h
> @@ -126,14 +126,6 @@ static inline void qemu_log_set_file(FILE *f)
>  qemu_logfile = f;
>  }
>
> -/* Set up a new log file, only if none is set */
> -static inline void qemu_log_try_set_file(FILE *f)
> -{
> -if (!qemu_logfile) {
> -qemu_logfile = f;
> -}
> -}
> -
>  /* define log items */
>  typedef struct QEMULogItem {
>  int mask;
> diff --git a/target-cris/translate.c b/target-cris/translate.c
> index 09e6011..2964a21 100644
> --- a/target-cris/translate.c
> +++ b/target-cris/translate.c
> @@ -3215,8 +3215,6 @@ gen_intermediate_code_internal(CPUCRISState *env, 
> TranslationBlock *tb,
>  int num_insns;
>  int max_insns;
>
> -qemu_log_try_set_file(stderr);
> -
>  if (env->pregs[PR_VR] == 32) {
>  dc->decoder = crisv32_decoder;
>  dc->clear_locked_irq = 0;
> diff --git a/target-lm32/translate.c b/target-lm32/translate.c
> index 6b87340..ccaf838 100644
> --- a/target-lm32/translate.c
> +++ b/target-lm32/translate.c
> @@ -1012,8 +1012,6 @@ static void gen_intermediate_code_internal(CPULM32State 
> *env,
>  int num_insns;
>  int max_insns;
>
> -qemu_log_try_set_file(stderr);
> -
>  pc_start = tb->pc;
>  dc->env = env;
>  dc->tb = tb;
> diff --git a/target-microblaze/translate.c b/target-microblaze/translate.c
> index 58ce712..0b05264 100644
> --- a/target-microblaze/translate.c
> +++ b/target-microblaze/translate.c
> @@ -1734,8 +1734,6 @@ gen_intermediate_code_internal(CPUMBState *env, 
> TranslationBlock *tb,
>  int num_insns;
>  int max_insns;
>
> -qemu_log_try_set_file(stderr);
> -
>  pc_start = tb->pc;
>  dc->env = env;
>  dc->tb = tb;
> diff --git a/target-openrisc/translate.c b/target-openrisc/translate.c
> index 1e1b30c..23e853e 100644
> --- a/target-openrisc/translate.c
> +++ b/target-openrisc/translate.c
> @@ -1670,8 +1670,6 @@ static inline void 
> gen_intermediate_code_internal(OpenRISCCPU *cpu,
>  int num_insns;
>  int max_insns;
>
> -qemu_log_try_set_file(stderr);
> -
>  pc_start = tb->pc;
>  dc->tb = tb;
>
> --
> 1.7.9.5
>
>

Re: [Qemu-devel] [PATCH] e600 core for MPC86xx processors

[Andreas Färber]

Am 16.02.2013 13:48, schrieb Julio Guerra:
> The MPC86xx processors are based on a e600 core which is not currently
> the case in qemu where they are based on the 7400 processor.
> 
> This patch creates the e600 core and instantiates the MPC86xx
> processors based on it. Therefore, adding the high BATs and the SPRG
> 4..7 registers, which are e600-specific [1].
> 
> This allows to define the MPC8610 processor too and my program running
> on a real MPC8610 target is now able to run on qemu :)
> 
> [1] http://cache.freescale.com/files/32bit/doc/ref_manual/E600CORERM.pdf
> 
> Signed-off-by: Julio Guerra mailto:gu...@julio.in>>
> ---
>  translate_init.c |  119
> ---
>  1 file changed, 9 insertions(+), 110 deletions(-)

This patch is just as broken as the PReP one...

The patch contradicts your description. Did you diff the wrong way?!

This patch conflicts with our ongoing CPU definition refactoring:
http://lists.nongnu.org/archive/html/qemu-devel/2013-02/msg01672.html
We are extracting some of the definitions into an alias list and as a
follow-up preparing to use QOM for CPU model -> CPU type relationships.
It may need to be delayed to apply on top.

Regards,
Andreas

-- 
SUSE LINUX Products GmbH, Maxfeldstr. 5, 90409 Nürnberg, Germany
GF: Jeff Hawn, Jennifer Guild, Felix Imendörffer; HRB 16746 AG Nürnberg

[Qemu-devel] [PATCH] e600 core for MPC86xx processors

[Julio Guerra]

The MPC86xx processors are based on a e600 core which is not currently
the case in qemu where they are based on the 7400 processor.

This patch creates the e600 core and instantiates the MPC86xx
processors based on it. Therefore, adding the high BATs and the SPRG
4..7 registers, which are e600-specific [1].

This allows to define the MPC8610 processor too and my program running
on a real MPC8610 target is now able to run on qemu :)

[1] http://cache.freescale.com/files/32bit/doc/ref_manual/E600CORERM.pdf

Signed-off-by: Julio Guerra 
---
 translate_init.c |  119
---
 1 file changed, 9 insertions(+), 110 deletions(-)

diff --git a/target-ppc/translate_init.c b/target-ppc/translate_init.c
index a8dde96..f038850 100644
--- a/target-ppc/translate_init.c
+++ b/target-ppc/translate_init.c
@@ -6292,111 +6292,6 @@ static void init_proc_7457 (CPUPPCState *env)
 ppc6xx_irq_init(env);
 }

-/* PowerPC e600
   */
-#define POWERPC_INSNS_e600   (PPC_INSNS_BASE | PPC_STRING | PPC_MFTB |
   \
-  PPC_FLOAT | PPC_FLOAT_FSEL | PPC_FLOAT_FRES
|   \
-  PPC_FLOAT_FSQRT | PPC_FLOAT_FRSQRTE |
\
-  PPC_FLOAT_STFIWX |
   \
-  PPC_CACHE | PPC_CACHE_ICBI |
   \
-  PPC_CACHE_DCBA | PPC_CACHE_DCBZ |
\
-  PPC_MEM_SYNC | PPC_MEM_EIEIO |
   \
-  PPC_MEM_TLBIE | PPC_MEM_TLBSYNC |
\
-  PPC_MEM_TLBIA | PPC_74xx_TLB |
   \
-  PPC_SEGMENT | PPC_EXTERN |
   \
-  PPC_ALTIVEC)
-#define POWERPC_INSNS2_e600  (PPC_NONE)
-#define POWERPC_MSRM_e600(0x0205FF77ULL)
-#define POWERPC_MMU_e600 (POWERPC_MMU_32B)
-#define POWERPC_EXCP_e600(POWERPC_EXCP_74xx)
-#define POWERPC_INPUT_e600   (PPC_FLAGS_INPUT_6xx)
-#define POWERPC_BFDM_e600(bfd_mach_ppc_7400)
-#define POWERPC_FLAG_e600(POWERPC_FLAG_VRE | POWERPC_FLAG_SE |
   \
-  POWERPC_FLAG_BE | POWERPC_FLAG_PMM |
   \
-  POWERPC_FLAG_BUS_CLK)
-#define check_pow_e600   check_pow_hid0_74xx
-
-__attribute__ (( unused ))
-static void init_proc_e600 (CPUPPCState *env)
-{
-gen_spr_ne_601(env);
-gen_spr_7xx(env);
-/* Time base */
-gen_tbl(env);
-/* 74xx specific SPR */
-gen_spr_74xx(env);
-/* XXX : not implemented */
-spr_register(env, SPR_UBAMR, "UBAMR",
- &spr_read_ureg, SPR_NOACCESS,
- &spr_read_ureg, SPR_NOACCESS,
- 0x);
-/* LDSTCR */
-/* XXX : not implemented */
-spr_register(env, SPR_LDSTCR, "LDSTCR",
- SPR_NOACCESS, SPR_NOACCESS,
- &spr_read_generic, &spr_write_generic,
- 0x);
-/* ICTRL */
-/* XXX : not implemented */
-spr_register(env, SPR_ICTRL, "ICTRL",
- SPR_NOACCESS, SPR_NOACCESS,
- &spr_read_generic, &spr_write_generic,
- 0x);
-/* MSSSR0 */
-/* XXX : not implemented */
-spr_register(env, SPR_MSSSR0, "MSSSR0",
- SPR_NOACCESS, SPR_NOACCESS,
- &spr_read_generic, &spr_write_generic,
- 0x);
-/* PMC */
-/* XXX : not implemented */
-spr_register(env, SPR_PMC5, "PMC5",
- SPR_NOACCESS, SPR_NOACCESS,
- &spr_read_generic, &spr_write_generic,
- 0x);
-/* XXX : not implemented */
-spr_register(env, SPR_UPMC5, "UPMC5",
- &spr_read_ureg, SPR_NOACCESS,
- &spr_read_ureg, SPR_NOACCESS,
- 0x);
-/* XXX : not implemented */
-spr_register(env, SPR_PMC6, "PMC6",
- SPR_NOACCESS, SPR_NOACCESS,
- &spr_read_generic, &spr_write_generic,
- 0x);
-/* XXX : not implemented */
-spr_register(env, SPR_UPMC6, "UPMC6",
- &spr_read_ureg, SPR_NOACCESS,
- &spr_read_ureg, SPR_NOACCESS,
- 0x);
-/* SPRGs */
-spr_register(env, SPR_SPRG4, "SPRG4",
- SPR_NOACCESS, SPR_NOACCESS,
- &spr_read_generic, &spr_write_generic,
- 0x);
-spr_register(env, SPR_SPRG5, "SPRG5",
- SPR_NOACCESS, SPR_NOACCESS,
- &spr_read_generic, &spr_write_generic,
- 0x);
-spr_register(env, SPR_SPRG6, "SPRG6",
- SPR_NOACCESS, SPR_NOACCESS,
- &spr_read_generic, &spr_write_generic,
- 0x);
-spr_register(env, SPR_SPRG7, "SPRG7",
- SPR_NOACCESS, SPR_NOACCESS,
- &spr_read_generic, &spr_write_generic,
- 0x);
-
-/* Memory management */
-gen_low_BATs(env);
-gen_high_BATs(e

Re: [Qemu-devel] HP-UX 10.20 C180 emulation

[Andreas Färber]

Hi,

Am 16.02.2013 13:29, schrieb Philippe Leduc:
> What is the current state of the HPPA support in qemu ? (I can't find
> many informations on that) and do you have any tips to start (I started
> to read the code, but without an entry point, it can be very long)?

In short there is tcg/hppa/ for emulating x86 etc. on hppa but no
target-hppa/ for emulating hppa on whatever platform.

There should be an incomplete hppa emulation linked from the Wiki, but
it will need quite some overhaul due to CPU and Memory API refactorings,
the introduction of the QEMU Object Model QOM and directory/Makefile
restructurings.

Regards,
Andreas

-- 
SUSE LINUX Products GmbH, Maxfeldstr. 5, 90409 Nürnberg, Germany
GF: Jeff Hawn, Jennifer Guild, Felix Imendörffer; HRB 16746 AG Nürnberg

Re: [Qemu-devel] [PATCH] PReP Software Reset

[Julio Guerra]

2013/2/16 Andreas Färber 
>
> Am 16.02.2013 13:19, schrieb Julio Guerra:
> How did you test this change?
>

With a program (a kernel debugger) doing a software reset (when
leaving the debug session). Hence, it is not possible to reconnect
without this patch since the platform has not been corretly reset.

--
Julio Guerra