Re: [Qemu-devel] [PATCH] util/error: do not free error on error_abort

[Markus Armbruster]

Vladimir Sementsov-Ogievskiy  writes:

> It would be nice to have Error object not freed away when debugging a
> coredump.
>
> Signed-off-by: Vladimir Sementsov-Ogievskiy 
> ---
>  util/error.c | 8 +---
>  1 file changed, 5 insertions(+), 3 deletions(-)
>
> diff --git a/util/error.c b/util/error.c
> index 934a78e1b1..f9180c0f30 100644
> --- a/util/error.c
> +++ b/util/error.c
> @@ -32,9 +32,11 @@ Error *error_fatal;
>  static void error_handle_fatal(Error **errp, Error *err)
>  {
>  if (errp == _abort) {
> -fprintf(stderr, "Unexpected error in %s() at %s:%d:\n",
> -err->func, err->src, err->line);
> -error_report_err(err);
> +error_report("Unexpected error in %s() at %s:%d: %s",
> + err->func, err->src, err->line, error_get_pretty(err));
> +if (err->hint) {
> +error_printf_unless_qmp("%s", err->hint->str);
> +}
>  abort();
>  }
>  if (errp == _fatal) {

No objections to not freeing the error object on the path to abort().

You also format the error message differently.  Commit 1e9b65bb1ba's
example

Unexpected error in parse_block_error_action() at 
.../qemu/blockdev.c:322:
qemu-system-x86_64: -drive if=none,werror=foo: 'foo' invalid write 
error action
Aborted (core dumped)

changes to (guesswork, not tested):

qemu-system-x86_64: -drive if=none,werror=foo: Unexpected error in 
parse_block_error_action() at .../qemu/blockdev.c:322: 'foo' invalid write 
error action
Aborted (core dumped)

Intentional?  It makes sense as an error message, but readability
suffers due to the long line.  If we decide we want this change, it
needs to be mentioned in the commit message.

Open-coding error_report_err() here so you can delete the error_free()
and a newline is a bit ugly, but factoring out the common part doesn't
seem worthwhile.

Hmm, perhaps factoring out

if (err->hint) {
error_printf_unless_qmp("%s", err->hint->str);
}

into a static helper would be worthwhile.  We already have two copies.

[Qemu-devel] [Bug 1824744] Re: ivshmem PCI device exposes wrong endianness on ppc64le

[shawn via Qemu-devel]

** Summary changed:

- ivshmem device PCI device exposes wrong endianness on ppc64le
+ ivshmem PCI device exposes wrong endianness on ppc64le

-- 
You received this bug notification because you are a member of qemu-
devel-ml, which is subscribed to QEMU.
https://bugs.launchpad.net/bugs/1824744

Title:
  ivshmem PCI device exposes wrong endianness on ppc64le

Status in QEMU:
  New

Bug description:
  On a ppc64le host with a ppc64le guest running on QEMU 3.1.0 when an
  ivshmem device is used, the ivshmem device appears to expose the wrong
  endianness for the values in BAR 0.

  For example, when the guest is assigned an ivshmem device ID of 1, the
  IVPosition register (u32, offset 8 in BAR 0) returns 0x100 instead
  of 0x1. I tested on an x86_64 machine and the IVPosition reads 0x1 as
  expected.

  It seems possible that there's a ppc64*==bigendian assumption
  somewhere that is erroneously affecting ppc64le.

To manage notifications about this bug go to:
https://bugs.launchpad.net/qemu/+bug/1824744/+subscriptions

[Qemu-devel] [Bug 1824744] [NEW] ivshmem device PCI device exposes wrong endianness on ppc64le

[shawn via Qemu-devel]

Public bug reported:

On a ppc64le host with a ppc64le guest running on QEMU 3.1.0 when an
ivshmem device is used, the ivshmem device appears to expose the wrong
endianness for the values in BAR 0.

For example, when the guest is assigned an ivshmem device ID of 1, the
IVPosition register (u32, offset 8 in BAR 0) returns 0x100 instead
of 0x1. I tested on an x86_64 machine and the IVPosition reads 0x1 as
expected.

It seems possible that there's a ppc64*==bigendian assumption somewhere
that is erroneously affecting ppc64le.

** Affects: qemu
 Importance: Undecided
 Status: New


** Tags: ppc

-- 
You received this bug notification because you are a member of qemu-
devel-ml, which is subscribed to QEMU.
https://bugs.launchpad.net/bugs/1824744

Title:
  ivshmem device PCI device exposes wrong endianness on ppc64le

Status in QEMU:
  New

Bug description:
  On a ppc64le host with a ppc64le guest running on QEMU 3.1.0 when an
  ivshmem device is used, the ivshmem device appears to expose the wrong
  endianness for the values in BAR 0.

  For example, when the guest is assigned an ivshmem device ID of 1, the
  IVPosition register (u32, offset 8 in BAR 0) returns 0x100 instead
  of 0x1. I tested on an x86_64 machine and the IVPosition reads 0x1 as
  expected.

  It seems possible that there's a ppc64*==bigendian assumption
  somewhere that is erroneously affecting ppc64le.

To manage notifications about this bug go to:
https://bugs.launchpad.net/qemu/+bug/1824744/+subscriptions

[Qemu-devel] [PATCH RFC v7 12/12] hw/registerfields.h: Add 8bit and 16bit register macros.

[Yoshinori Sato]

Some RX peripheral using 8bit and 16bit registers.
Added 8bit and 16bit APIs.

Signed-off-by: Yoshinori Sato 
---
 include/hw/registerfields.h | 28 +++-
 1 file changed, 27 insertions(+), 1 deletion(-)

diff --git a/include/hw/registerfields.h b/include/hw/registerfields.h
index 2659a58737..51bfd0cf67 100644
--- a/include/hw/registerfields.h
+++ b/include/hw/registerfields.h
@@ -22,6 +22,14 @@
 enum { A_ ## reg = (addr) };  \
 enum { R_ ## reg = (addr) / 4 };
 
+#define REG8(reg, addr)  \
+enum { A_ ## reg = (addr) };  \
+enum { R_ ## reg = (addr) };
+
+#define REG16(reg, addr)  \
+enum { A_ ## reg = (addr) };  \
+enum { R_ ## reg = (addr) / 2 };
+
 /* Define SHIFT, LENGTH and MASK constants for a field within a register */
 
 /* This macro will define R_FOO_BAR_MASK, R_FOO_BAR_SHIFT and R_FOO_BAR_LENGTH
@@ -40,6 +48,8 @@
 #define FIELD_EX64(storage, reg, field)   \
 extract64((storage), R_ ## reg ## _ ## field ## _SHIFT,   \
   R_ ## reg ## _ ## field ## _LENGTH)
+#define FIELD_EX8  FIELD_EX32
+#define FIELD_EX16 FIELD_EX32
 
 /* Extract a field from an array of registers */
 #define ARRAY_FIELD_EX32(regs, reg, field)\
@@ -49,6 +59,22 @@
  * Assigning values larger then the target field will result in
  * compilation warnings.
  */
+#define FIELD_DP8(storage, reg, field, val) ({\
+struct {  \
+unsigned int v:R_ ## reg ## _ ## field ## _LENGTH;\
+} v = { .v = val };   \
+uint8_t d;\
+d = deposit32((storage), R_ ## reg ## _ ## field ## _SHIFT,   \
+  R_ ## reg ## _ ## field ## _LENGTH, v.v);   \
+d; })
+#define FIELD_DP16(storage, reg, field, val) ({   \
+struct {  \
+unsigned int v:R_ ## reg ## _ ## field ## _LENGTH;\
+} v = { .v = val };   \
+uint16_t d;   \
+d = deposit32((storage), R_ ## reg ## _ ## field ## _SHIFT,   \
+  R_ ## reg ## _ ## field ## _LENGTH, v.v);   \
+d; })
 #define FIELD_DP32(storage, reg, field, val) ({   \
 struct {  \
 unsigned int v:R_ ## reg ## _ ## field ## _LENGTH;\
@@ -57,7 +83,7 @@
 d = deposit32((storage), R_ ## reg ## _ ## field ## _SHIFT,   \
   R_ ## reg ## _ ## field ## _LENGTH, v.v);   \
 d; })
-#define FIELD_DP64(storage, reg, field, val) ({   \
+#define FIELD_DP64(storage, reg, field, val) ({ \
 struct {  \
 unsigned int v:R_ ## reg ## _ ## field ## _LENGTH;\
 } v = { .v = val };   \
-- 
2.11.0

[Qemu-devel] [PATCH RFC v7 09/12] hw/rx: RX Target hardware definition

[Yoshinori Sato]

rx62n - RX62N cpu.
rxqemu - QEMU virtual target.

Signed-off-by: Yoshinori Sato 
---
 include/hw/rx/rx.h|   7 ++
 include/hw/rx/rx62n.h |  54 
 hw/rx/rx62n.c | 226 ++
 hw/rx/rxqemu.c| 100 ++
 hw/rx/Kconfig |   2 +
 hw/rx/Makefile.objs   |   1 +
 6 files changed, 390 insertions(+)
 create mode 100644 include/hw/rx/rx.h
 create mode 100644 include/hw/rx/rx62n.h
 create mode 100644 hw/rx/rx62n.c
 create mode 100644 hw/rx/rxqemu.c
 create mode 100644 hw/rx/Kconfig
 create mode 100644 hw/rx/Makefile.objs

diff --git a/include/hw/rx/rx.h b/include/hw/rx/rx.h
new file mode 100644
index 00..ff5924b81f
--- /dev/null
+++ b/include/hw/rx/rx.h
@@ -0,0 +1,7 @@
+#ifndef QEMU_RX_H
+#define QEMU_RX_H
+/* Definitions for RX board emulation.  */
+
+#include "target/rx/cpu-qom.h"
+
+#endif
diff --git a/include/hw/rx/rx62n.h b/include/hw/rx/rx62n.h
new file mode 100644
index 00..8c15399ce0
--- /dev/null
+++ b/include/hw/rx/rx62n.h
@@ -0,0 +1,54 @@
+/*
+ * RX62N Object
+ *
+ * Copyright (c) 2019 Yoshinori Sato
+ *
+ * This program is free software; you can redistribute it and/or modify it
+ * under the terms and conditions of the GNU General Public License,
+ * version 2 or later, as published by the Free Software Foundation.
+ *
+ * This program is distributed in the hope it will be useful, but WITHOUT
+ * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
+ * FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License for
+ * more details.
+ *
+ * You should have received a copy of the GNU General Public License along with
+ * this program.  If not, see .
+ */
+
+#ifndef HW_RX_RX62N_H
+#define HW_RX_RX62N_H
+
+#include "hw/sysbus.h"
+#include "hw/rx/rx.h"
+#include "hw/intc/rx_icu.h"
+#include "hw/timer/renesas_tmr.h"
+#include "hw/timer/renesas_cmt.h"
+#include "hw/char/renesas_sci.h"
+
+#define TYPE_RX62N "rx62n"
+#define TYPE_RX62N_CPU RX_CPU_TYPE_NAME(TYPE_RX62N)
+#define RX62N(obj) OBJECT_CHECK(RX62NState, (obj), TYPE_RX62N)
+
+typedef struct RX62NState {
+SysBusDevice parent_obj;
+
+RXCPU *cpu;
+RXICUState *icu;
+RTMRState *tmr[2];
+RCMTState *cmt[2];
+RSCIState *sci[6];
+
+MemoryRegion *sysmem;
+bool kernel;
+
+MemoryRegion iram;
+MemoryRegion iomem1;
+MemoryRegion d_flash;
+MemoryRegion iomem2;
+MemoryRegion iomem3;
+MemoryRegion c_flash;
+qemu_irq irq[256];
+} RX62NState;
+
+#endif
diff --git a/hw/rx/rx62n.c b/hw/rx/rx62n.c
new file mode 100644
index 00..b303aefe8c
--- /dev/null
+++ b/hw/rx/rx62n.c
@@ -0,0 +1,226 @@
+/*
+ * RX62N device
+ *
+ * Copyright (c) 2019 Yoshinori Sato
+ *
+ * This program is free software; you can redistribute it and/or modify it
+ * under the terms and conditions of the GNU General Public License,
+ * version 2 or later, as published by the Free Software Foundation.
+ *
+ * This program is distributed in the hope it will be useful, but WITHOUT
+ * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
+ * FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License for
+ * more details.
+ *
+ * You should have received a copy of the GNU General Public License along with
+ * this program.  If not, see .
+ */
+
+#include "qemu/osdep.h"
+#include "qapi/error.h"
+#include "hw/hw.h"
+#include "hw/rx/rx62n.h"
+#include "hw/loader.h"
+#include "hw/sysbus.h"
+#include "sysemu/sysemu.h"
+#include "cpu.h"
+#include "exec/exec-all.h"
+#include "exec/address-spaces.h"
+
+static const int ipr_table[] = {
+0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
+0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, /* 15 */
+0x00, 0xff, 0xff, 0xff, 0xff, 0x01, 0xff, 0x02,
+0xff, 0xff, 0xff, 0x03, 0x04, 0x05, 0x06, 0x07, /* 31 */
+0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f,
+0x10, 0x11, 0x12, 0x13, 0x14, 0x14, 0x14, 0x14, /* 47 */
+0x15, 0x15, 0x15, 0x15, 0xff, 0xff, 0xff, 0xff,
+0x18, 0x18, 0x18, 0x18, 0x18, 0x1d, 0x1e, 0x1f, /* 63 */
+0x20, 0x21, 0x22, 0x23, 0x24, 0x25, 0x26, 0x27,
+0x28, 0x29, 0x2a, 0x2b, 0x2c, 0x2d, 0x2e, 0x2f, /* 79 */
+0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
+0xff, 0xff, 0x3a, 0x3b, 0x3c, 0xff, 0xff, 0xff, /* 95 */
+0x40, 0xff, 0x44, 0x45, 0xff, 0xff, 0x48, 0xff,
+0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, /* 111 */
+0xff, 0xff, 0x51, 0x51, 0x51, 0x51, 0x52, 0x52,
+0x52, 0x53, 0x53, 0x54, 0x54, 0x55, 0x55, 0x56, /* 127 */
+0x56, 0x57, 0x57, 0x57, 0x57, 0x58, 0x59, 0x59,
+0x59, 0x59, 0x5a, 0x5b, 0x5b, 0x5b, 0x5c, 0x5c, /* 143 */
+0x5c, 0x5c, 0x5d, 0x5d, 0x5d, 0x5e, 0x5e, 0x5f,
+0x5f, 0x60, 0x60, 0x61, 0x61, 0x62, 0x62, 0x62, /* 159 */
+0x62, 0x63, 0x64, 0x64, 0x64, 0x64, 0x65, 0x66,
+0x66, 0x66, 0x67, 0x67, 0x67, 0x67, 0x68, 0x68, /* 175 */
+0x68, 0x69, 0x69, 0x69, 0x6a, 0x6a, 0x6a, 0x6b,

[Qemu-devel] [PATCH RFC v7 04/12] target/rx: RX disassembler

[Yoshinori Sato]

Signed-off-by: Yoshinori Sato 
---
 include/disas/bfd.h |5 +
 target/rx/disas.c   | 1481 +++
 2 files changed, 1486 insertions(+)
 create mode 100644 target/rx/disas.c

diff --git a/include/disas/bfd.h b/include/disas/bfd.h
index 41b61c85f9..b2c34274dd 100644
--- a/include/disas/bfd.h
+++ b/include/disas/bfd.h
@@ -228,6 +228,10 @@ enum bfd_architecture
 #define bfd_mach_nios2r22
   bfd_arch_lm32,   /* Lattice Mico32 */
 #define bfd_mach_lm32 1
+  bfd_arch_rx,   /* Renesas RX */
+#define bfd_mach_rx0x75
+#define bfd_mach_rx_v2 0x76
+#define bfd_mach_rx_v3 0x77
   bfd_arch_last
   };
 #define bfd_mach_s390_31 31
@@ -432,6 +436,7 @@ int print_insn_little_nios2 (bfd_vma, 
disassemble_info*);
 int print_insn_xtensa   (bfd_vma, disassemble_info*);
 int print_insn_riscv32  (bfd_vma, disassemble_info*);
 int print_insn_riscv64  (bfd_vma, disassemble_info*);
+int print_insn_rx(bfd_vma, disassemble_info *);
 
 #if 0
 /* Fetch the disassembler for a given BFD, if that support is available.  */
diff --git a/target/rx/disas.c b/target/rx/disas.c
new file mode 100644
index 00..cc43cd5aa2
--- /dev/null
+++ b/target/rx/disas.c
@@ -0,0 +1,1481 @@
+/*
+ * Renesas RX Disassembler
+ *
+ * Copyright (c) 2019 Yoshinori Sato 
+ *
+ * This program is free software; you can redistribute it and/or modify it
+ * under the terms and conditions of the GNU General Public License,
+ * version 2 or later, as published by the Free Software Foundation.
+ *
+ * This program is distributed in the hope it will be useful, but WITHOUT
+ * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
+ * FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License for
+ * more details.
+ *
+ * You should have received a copy of the GNU General Public License along with
+ * this program.  If not, see .
+ */
+
+#include "qemu/osdep.h"
+#include "disas/bfd.h"
+#include "qemu/bitops.h"
+#include "cpu.h"
+
+typedef struct DisasContext {
+disassemble_info *dis;
+uint32_t addr;
+uint32_t pc;
+} DisasContext;
+
+
+static uint32_t decode_load_bytes(DisasContext *ctx, uint32_t insn,
+   int i, int n)
+{
+bfd_byte buf;
+while (++i <= n) {
+ctx->dis->read_memory_func(ctx->addr++, , 1, ctx->dis);
+insn |= buf << (32 - i * 8);
+}
+return insn;
+}
+
+static int32_t li(DisasContext *ctx, int sz)
+{
+int32_t addr;
+bfd_byte buf[4];
+addr = ctx->addr;
+
+switch (sz) {
+case 1:
+ctx->addr += 1;
+ctx->dis->read_memory_func(addr, buf, 1, ctx->dis);
+return buf[0];
+case 2:
+ctx->addr += 2;
+ctx->dis->read_memory_func(addr, buf, 2, ctx->dis);
+return buf[1] << 8 | buf[0];
+case 3:
+ctx->addr += 3;
+ctx->dis->read_memory_func(addr, buf, 3, ctx->dis);
+return buf[2] << 16 | buf[1] << 8 | buf[0];
+case 0:
+ctx->addr += 4;
+ctx->dis->read_memory_func(addr, buf, 4, ctx->dis);
+return buf[3] << 24 | buf[2] << 16 | buf[1] << 8 | buf[0];
+default:
+g_assert_not_reached();
+}
+}
+
+static int bdsp_s(DisasContext *ctx, int d)
+{
+/*
+ * 0 -> 8
+ * 1 -> 9
+ * 2 -> 10
+ * 3 -> 3
+ * :
+ * 7 -> 7
+ */
+if (d < 3) {
+d += 8;
+}
+return d;
+}
+
+/* Include the auto-generated decoder.  */
+#include "decode.inc.c"
+
+#define prt(...) (ctx->dis->fprintf_func)((ctx->dis->stream), __VA_ARGS__)
+
+#define RX_MEMORY_BYTE 0
+#define RX_MEMORY_WORD 1
+#define RX_MEMORY_LONG 2
+
+#define RX_IM_BYTE 0
+#define RX_IM_WORD 1
+#define RX_IM_LONG 2
+#define RX_IM_UWORD 3
+
+static const char size[] = {'b', 'w', 'l'};
+static const char cond[][4] = {
+"eq", "ne", "c", "nc", "gtu", "leu", "pz", "n",
+"ge", "lt", "gt", "le", "o", "no", "ra", "f"
+};
+static const char psw[] = {
+'c', 'z', 's', 'o', 0, 0, 0, 0,
+'i', 'u', 0, 0, 0, 0, 0, 0,
+};
+
+static uint32_t rx_index_addr(int ld, int size, DisasContext *ctx)
+{
+bfd_byte buf[2];
+switch (ld) {
+case 0:
+return 0;
+case 1:
+ctx->dis->read_memory_func(ctx->addr, buf, 1, ctx->dis);
+ctx->addr += 1;
+return buf[0];
+case 2:
+ctx->dis->read_memory_func(ctx->addr, buf, 2, ctx->dis);
+ctx->addr += 2;
+return buf[1] << 8 | buf[0];
+}
+g_assert_not_reached();
+}
+
+static void operand(DisasContext *ctx, int ld, int mi, int rs, int rd)
+{
+int dsp;
+static const char sizes[][4] = {".b", ".w", ".l", ".uw", ".ub"};
+if (ld < 3) {
+switch (mi) {
+case 4:
+/* dsp[rs].ub */
+dsp = rx_index_addr(ld, RX_MEMORY_BYTE, ctx);
+break;
+case 3:
+/* dsp[rs].uw */
+dsp = rx_index_addr(ld, RX_MEMORY_WORD, ctx);
+break;
+

[Qemu-devel] [PATCH RFC v7 08/12] hw/char: RX62N serical communication interface (SCI)

[Yoshinori Sato]

This module supported only non FIFO type.
Hardware manual.
https://www.renesas.com/us/en/doc/products/mpumcu/doc/rx_family/r01uh0033ej0140_rx62n.pdf

Signed-off-by: Yoshinori Sato 
---
 include/hw/char/renesas_sci.h |  45 ++
 hw/char/renesas_sci.c | 341 ++
 hw/char/Kconfig   |   3 +
 hw/char/Makefile.objs |   2 +-
 4 files changed, 390 insertions(+), 1 deletion(-)
 create mode 100644 include/hw/char/renesas_sci.h
 create mode 100644 hw/char/renesas_sci.c

diff --git a/include/hw/char/renesas_sci.h b/include/hw/char/renesas_sci.h
new file mode 100644
index 00..50d1336944
--- /dev/null
+++ b/include/hw/char/renesas_sci.h
@@ -0,0 +1,45 @@
+/*
+ * Renesas Serial Communication Interface
+ *
+ * Copyright (c) 2018 Yoshinori Sato
+ *
+ * This code is licensed under the GPL version 2 or later.
+ *
+ */
+
+#include "chardev/char-fe.h"
+#include "qemu/timer.h"
+#include "hw/sysbus.h"
+
+#define TYPE_RENESAS_SCI "renesas-sci"
+#define RSCI(obj) OBJECT_CHECK(RSCIState, (obj), TYPE_RENESAS_SCI)
+
+enum {
+ERI = 0,
+RXI = 1,
+TXI = 2,
+TEI = 3,
+SCI_NR_IRQ = 4,
+};
+
+typedef struct {
+SysBusDevice parent_obj;
+MemoryRegion memory;
+
+uint8_t smr;
+uint8_t brr;
+uint8_t scr;
+uint8_t tdr;
+uint8_t ssr;
+uint8_t rdr;
+uint8_t scmr;
+uint8_t semr;
+
+uint8_t read_ssr;
+int64_t trtime;
+int64_t rx_next;
+QEMUTimer *timer;
+CharBackend chr;
+uint64_t input_freq;
+qemu_irq irq[SCI_NR_IRQ];
+} RSCIState;
diff --git a/hw/char/renesas_sci.c b/hw/char/renesas_sci.c
new file mode 100644
index 00..719fa2f938
--- /dev/null
+++ b/hw/char/renesas_sci.c
@@ -0,0 +1,341 @@
+/*
+ * Renesas Serial Communication Interface
+ *
+ * Datasheet: RX62N Group, RX621 Group User's Manual: Hardware
+ * (Rev.1.40 R01UH0033EJ0140)
+ *
+ * Copyright (c) 2019 Yoshinori Sato
+ *
+ * This program is free software; you can redistribute it and/or modify it
+ * under the terms and conditions of the GNU General Public License,
+ * version 2 or later, as published by the Free Software Foundation.
+ *
+ * This program is distributed in the hope it will be useful, but WITHOUT
+ * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
+ * FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License for
+ * more details.
+ *
+ * You should have received a copy of the GNU General Public License along with
+ * this program.  If not, see .
+ */
+
+#include "qemu/osdep.h"
+#include "qemu/log.h"
+#include "qapi/error.h"
+#include "qemu-common.h"
+#include "cpu.h"
+#include "hw/hw.h"
+#include "hw/sysbus.h"
+#include "hw/registerfields.h"
+#include "hw/char/renesas_sci.h"
+#include "qemu/error-report.h"
+
+/* SCI register map */
+REG8(SMR, 0)
+  FIELD(SMR, CKS,  0, 2)
+  FIELD(SMR, MP,   2, 1)
+  FIELD(SMR, STOP, 3, 1)
+  FIELD(SMR, PM,   4, 1)
+  FIELD(SMR, PE,   5, 1)
+  FIELD(SMR, CHR,  6, 1)
+  FIELD(SMR, CM,   7, 1)
+REG8(BRR, 1)
+REG8(SCR, 2)
+  FIELD(SCR, CKE, 0, 2)
+  FIELD(SCR, TEIE, 2, 1)
+  FIELD(SCR, MPIE, 3, 1)
+  FIELD(SCR, RE,   4, 1)
+  FIELD(SCR, TE,   5, 1)
+  FIELD(SCR, RIE,  6, 1)
+  FIELD(SCR, TIE,  7, 1)
+REG8(TDR, 3)
+REG8(SSR, 4)
+  FIELD(SSR, MPBT, 0, 1)
+  FIELD(SSR, MPB,  1, 1)
+  FIELD(SSR, TEND, 2, 1)
+  FIELD(SSR, ERR, 3, 3)
+FIELD(SSR, PER,  3, 1)
+FIELD(SSR, FER,  4, 1)
+FIELD(SSR, ORER, 5, 1)
+  FIELD(SSR, RDRF, 6, 1)
+  FIELD(SSR, TDRE, 7, 1)
+REG8(RDR, 5)
+REG8(SCMR, 6)
+  FIELD(SCMR, SMIF, 0, 1)
+  FIELD(SCMR, SINV, 2, 1)
+  FIELD(SCMR, SDIR, 3, 1)
+  FIELD(SCMR, BCP2, 7, 1)
+REG8(SEMR, 7)
+  FIELD(SEMR, ACS0, 0, 1)
+  FIELD(SEMR, ABCS, 4, 1)
+
+static int can_receive(void *opaque)
+{
+RSCIState *sci = RSCI(opaque);
+if (sci->rx_next > qemu_clock_get_ns(QEMU_CLOCK_VIRTUAL)) {
+return 0;
+} else {
+return FIELD_EX8(sci->scr, SCR, RE);
+}
+}
+
+static void receive(void *opaque, const uint8_t *buf, int size)
+{
+RSCIState *sci = RSCI(opaque);
+sci->rx_next = qemu_clock_get_ns(QEMU_CLOCK_VIRTUAL) + sci->trtime;
+if (FIELD_EX8(sci->ssr, SSR, RDRF) || size > 1) {
+sci->ssr = FIELD_DP8(sci->ssr, SSR, ORER, 1);
+if (FIELD_EX8(sci->scr, SCR, RIE)) {
+qemu_set_irq(sci->irq[ERI], 1);
+}
+} else {
+sci->rdr = buf[0];
+sci->ssr = FIELD_DP8(sci->ssr, SSR, RDRF, 1);
+if (FIELD_EX8(sci->scr, SCR, RIE)) {
+qemu_irq_pulse(sci->irq[RXI]);
+}
+}
+}
+
+static void send_byte(RSCIState *sci)
+{
+if (qemu_chr_fe_backend_connected(>chr)) {
+qemu_chr_fe_write_all(>chr, >tdr, 1);
+}
+timer_mod(sci->timer,
+  qemu_clock_get_ns(QEMU_CLOCK_VIRTUAL) + sci->trtime);
+sci->ssr = FIELD_DP8(sci->ssr, SSR, TEND, 0);
+sci->ssr = FIELD_DP8(sci->ssr, SSR, TDRE, 1);
+qemu_set_irq(sci->irq[TEI], 0);
+if (FIELD_EX8(sci->scr, SCR, TIE)) {
+

[Qemu-devel] [PATCH RFC v7 02/12] target/rx: TCG helper

[Yoshinori Sato]

Signed-off-by: Yoshinori Sato 
---
 target/rx/helper.h|  31 
 target/rx/helper.c| 148 
 target/rx/op_helper.c | 481 ++
 3 files changed, 660 insertions(+)
 create mode 100644 target/rx/helper.h
 create mode 100644 target/rx/helper.c
 create mode 100644 target/rx/op_helper.c

diff --git a/target/rx/helper.h b/target/rx/helper.h
new file mode 100644
index 00..f0b7ebbbf7
--- /dev/null
+++ b/target/rx/helper.h
@@ -0,0 +1,31 @@
+DEF_HELPER_1(raise_illegal_instruction, noreturn, env)
+DEF_HELPER_1(raise_access_fault, noreturn, env)
+DEF_HELPER_1(raise_privilege_violation, noreturn, env)
+DEF_HELPER_1(wait, noreturn, env)
+DEF_HELPER_1(debug, noreturn, env)
+DEF_HELPER_2(rxint, noreturn, env, i32)
+DEF_HELPER_1(rxbrk, noreturn, env)
+DEF_HELPER_FLAGS_3(fadd, TCG_CALL_NO_WG, f32, env, f32, f32)
+DEF_HELPER_FLAGS_3(fsub, TCG_CALL_NO_WG, f32, env, f32, f32)
+DEF_HELPER_FLAGS_3(fmul, TCG_CALL_NO_WG, f32, env, f32, f32)
+DEF_HELPER_FLAGS_3(fdiv, TCG_CALL_NO_WG, f32, env, f32, f32)
+DEF_HELPER_FLAGS_3(fcmp, TCG_CALL_NO_WG, void, env, f32, f32)
+DEF_HELPER_FLAGS_2(ftoi, TCG_CALL_NO_WG, i32, env, f32)
+DEF_HELPER_FLAGS_2(round, TCG_CALL_NO_WG, i32, env, f32)
+DEF_HELPER_FLAGS_2(itof, TCG_CALL_NO_WG, f32, env, i32)
+DEF_HELPER_2(set_fpsw, void, env, i32)
+DEF_HELPER_FLAGS_2(racw, TCG_CALL_NO_WG, void, env, i32)
+DEF_HELPER_FLAGS_2(set_psw_rte, TCG_CALL_NO_WG, void, env, i32)
+DEF_HELPER_FLAGS_2(set_psw, TCG_CALL_NO_WG, void, env, i32)
+DEF_HELPER_1(pack_psw, i32, env)
+DEF_HELPER_FLAGS_3(div, TCG_CALL_NO_WG, i32, env, i32, i32)
+DEF_HELPER_FLAGS_3(divu, TCG_CALL_NO_WG, i32, env, i32, i32)
+DEF_HELPER_FLAGS_1(scmpu, TCG_CALL_NO_WG, void, env)
+DEF_HELPER_1(smovu, void, env)
+DEF_HELPER_1(smovf, void, env)
+DEF_HELPER_1(smovb, void, env)
+DEF_HELPER_2(sstr, void, env, i32)
+DEF_HELPER_FLAGS_2(swhile, TCG_CALL_NO_WG, void, env, i32)
+DEF_HELPER_FLAGS_2(suntil, TCG_CALL_NO_WG, void, env, i32)
+DEF_HELPER_FLAGS_2(rmpa, TCG_CALL_NO_WG, void, env, i32)
+DEF_HELPER_1(satr, void, env)
diff --git a/target/rx/helper.c b/target/rx/helper.c
new file mode 100644
index 00..8e598c9c1d
--- /dev/null
+++ b/target/rx/helper.c
@@ -0,0 +1,148 @@
+/*
+ *  RX emulation
+ *
+ *  Copyright (c) 2019 Yoshinori Sato
+ *
+ * This program is free software; you can redistribute it and/or modify it
+ * under the terms and conditions of the GNU General Public License,
+ * version 2 or later, as published by the Free Software Foundation.
+ *
+ * This program is distributed in the hope it will be useful, but WITHOUT
+ * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
+ * FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License for
+ * more details.
+ *
+ * You should have received a copy of the GNU General Public License along with
+ * this program.  If not, see .
+ */
+
+#include "qemu/osdep.h"
+#include "qemu/bitops.h"
+#include "cpu.h"
+#include "exec/log.h"
+#include "exec/cpu_ldst.h"
+#include "sysemu/sysemu.h"
+
+void rx_cpu_unpack_psw(CPURXState *env, uint32_t psw, int rte)
+{
+if (env->psw_pm == 0) {
+env->psw_ipl = FIELD_EX32(psw, PSW, IPL);
+if (rte) {
+/* PSW.PM can write RTE and RTFI */
+env->psw_pm = FIELD_EX32(psw, PSW, PM);
+}
+env->psw_u = FIELD_EX32(psw, PSW, U);
+env->psw_i = FIELD_EX32(psw, PSW, I);
+}
+env->psw_o = FIELD_EX32(psw, PSW, O) << 31;
+env->psw_s = FIELD_EX32(psw, PSW, S) << 31;
+env->psw_z = 1 - FIELD_EX32(psw, PSW, Z);
+env->psw_c = FIELD_EX32(psw, PSW, C);
+}
+
+#define INT_FLAGS (CPU_INTERRUPT_HARD | CPU_INTERRUPT_FIR)
+void rx_cpu_do_interrupt(CPUState *cs)
+{
+RXCPU *cpu = RXCPU(cs);
+CPURXState *env = >env;
+int do_irq = cs->interrupt_request & INT_FLAGS;
+uint32_t save_psw;
+
+env->in_sleep = 0;
+
+if (env->psw_u) {
+env->usp = env->regs[0];
+} else {
+env->isp = env->regs[0];
+}
+save_psw = rx_cpu_pack_psw(env);
+env->psw_pm = env->psw_i = env->psw_u = 0;
+
+if (do_irq) {
+if (do_irq & CPU_INTERRUPT_FIR) {
+env->bpc = env->pc;
+env->bpsw = save_psw;
+env->pc = env->fintv;
+env->psw_ipl = 15;
+cs->interrupt_request &= ~CPU_INTERRUPT_FIR;
+qemu_set_irq(env->ack, env->ack_irq);
+qemu_log_mask(CPU_LOG_INT, "fast interrupt raised\n");
+} else if (do_irq & CPU_INTERRUPT_HARD) {
+env->isp -= 4;
+cpu_stl_all(env, env->isp, save_psw);
+env->isp -= 4;
+cpu_stl_all(env, env->isp, env->pc);
+env->pc = cpu_ldl_all(env, env->intb + env->ack_irq * 4);
+env->psw_ipl = env->ack_ipl;
+cs->interrupt_request &= ~CPU_INTERRUPT_HARD;
+qemu_set_irq(env->ack, env->ack_irq);
+qemu_log_mask(CPU_LOG_INT,
+  

[Qemu-devel] [PATCH RFC v7 07/12] hw/timer: RX62N internal timer modules

[Yoshinori Sato]

renesas_tmr: 8bit timer modules.
renesas_cmt: 16bit compare match timer modules.
This part use many renesas's CPU.
Hardware manual.
https://www.renesas.com/us/en/doc/products/mpumcu/doc/rx_family/r01uh0033ej0140_rx62n.pdf

Signed-off-by: Yoshinori Sato 
---
 include/hw/timer/renesas_cmt.h |  33 +++
 include/hw/timer/renesas_tmr.h |  46 +
 hw/timer/renesas_cmt.c | 277 +
 hw/timer/renesas_tmr.c | 458 +
 hw/timer/Kconfig   |   6 +
 hw/timer/Makefile.objs |   3 +
 6 files changed, 823 insertions(+)
 create mode 100644 include/hw/timer/renesas_cmt.h
 create mode 100644 include/hw/timer/renesas_tmr.h
 create mode 100644 hw/timer/renesas_cmt.c
 create mode 100644 hw/timer/renesas_tmr.c

diff --git a/include/hw/timer/renesas_cmt.h b/include/hw/timer/renesas_cmt.h
new file mode 100644
index 00..7e393d7ad3
--- /dev/null
+++ b/include/hw/timer/renesas_cmt.h
@@ -0,0 +1,33 @@
+/*
+ * Renesas Compare-match timer Object
+ *
+ * Copyright (c) 2019 Yoshinori Sato
+ *
+ * This code is licensed under the GPL version 2 or later.
+ *
+ */
+
+#ifndef HW_RENESAS_CMT_H
+#define HW_RENESAS_CMT_H
+
+#include "hw/sysbus.h"
+
+#define TYPE_RENESAS_CMT "renesas-cmt"
+#define RCMT(obj) OBJECT_CHECK(RCMTState, (obj), TYPE_RENESAS_CMT)
+
+typedef struct RCMTState {
+SysBusDevice parent_obj;
+
+uint64_t input_freq;
+MemoryRegion memory;
+
+uint16_t cmstr;
+uint16_t cmcr[2];
+uint16_t cmcnt[2];
+uint16_t cmcor[2];
+int64_t tick[2];
+qemu_irq cmi[2];
+QEMUTimer *timer[2];
+} RCMTState;
+
+#endif
diff --git a/include/hw/timer/renesas_tmr.h b/include/hw/timer/renesas_tmr.h
new file mode 100644
index 00..718d9dc4ff
--- /dev/null
+++ b/include/hw/timer/renesas_tmr.h
@@ -0,0 +1,46 @@
+/*
+ * Renesas 8bit timer Object
+ *
+ * Copyright (c) 2018 Yoshinori Sato
+ *
+ * This code is licensed under the GPL version 2 or later.
+ *
+ */
+
+#ifndef HW_RENESAS_TMR_H
+#define HW_RENESAS_TMR_H
+
+#include "hw/sysbus.h"
+
+#define TYPE_RENESAS_TMR "renesas-tmr"
+#define RTMR(obj) OBJECT_CHECK(RTMRState, (obj), TYPE_RENESAS_TMR)
+
+enum timer_event {cmia = 0,
+  cmib = 1,
+  ovi = 2,
+  none = 3,
+  TMR_NR_EVENTS = 4};
+enum {CH = 2};
+typedef struct RTMRState {
+SysBusDevice parent_obj;
+
+uint64_t input_freq;
+MemoryRegion memory;
+
+uint8_t tcnt[CH];
+uint8_t tcora[CH];
+uint8_t tcorb[CH];
+uint8_t tcr[CH];
+uint8_t tccr[CH];
+uint8_t tcor[CH];
+uint8_t tcsr[CH];
+int64_t tick;
+int64_t div_round[CH];
+enum timer_event next[CH];
+qemu_irq cmia[CH];
+qemu_irq cmib[CH];
+qemu_irq ovi[CH];
+QEMUTimer *timer[CH];
+} RTMRState;
+
+#endif
diff --git a/hw/timer/renesas_cmt.c b/hw/timer/renesas_cmt.c
new file mode 100644
index 00..b82250dbc2
--- /dev/null
+++ b/hw/timer/renesas_cmt.c
@@ -0,0 +1,277 @@
+/*
+ * Renesas 16bit Compare-match timer
+ *
+ * Datasheet: RX62N Group, RX621 Group User's Manual: Hardware
+ * (Rev.1.40 R01UH0033EJ0140)
+ *
+ * Copyright (c) 2019 Yoshinori Sato
+ *
+ * This program is free software; you can redistribute it and/or modify it
+ * under the terms and conditions of the GNU General Public License,
+ * version 2 or later, as published by the Free Software Foundation.
+ *
+ * This program is distributed in the hope it will be useful, but WITHOUT
+ * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
+ * FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License for
+ * more details.
+ *
+ * You should have received a copy of the GNU General Public License along with
+ * this program.  If not, see .
+ */
+
+#include "qemu/osdep.h"
+#include "qemu-common.h"
+#include "qemu/log.h"
+#include "qapi/error.h"
+#include "qemu/timer.h"
+#include "cpu.h"
+#include "hw/hw.h"
+#include "hw/sysbus.h"
+#include "hw/registerfields.h"
+#include "hw/timer/renesas_cmt.h"
+#include "qemu/error-report.h"
+
+/*
+ *  +0 CMSTR - common control
+ *  +2 CMCR  - ch0
+ *  +4 CMCNT - ch0
+ *  +6 CMCOR - ch0
+ *  +8 CMCR  - ch1
+ * +10 CMCNT - ch1
+ * +12 CMCOR - ch1
+ * If we think that the address of CH 0 has an offset of +2,
+ * we can treat it with the same address as CH 1, so define it like that.
+ */
+REG16(CMSTR, 0)
+  FIELD(CMSTR, STR0, 0, 1)
+  FIELD(CMSTR, STR1, 1, 1)
+  FIELD(CMSTR, STR,  0, 2)
+/* This addeess is channel offset */
+REG16(CMCR, 0)
+  FIELD(CMCR, CKS, 0, 2)
+  FIELD(CMCR, CMIE, 6, 1)
+REG16(CMCNT, 2)
+REG16(CMCOR, 4)
+
+static void update_events(RCMTState *cmt, int ch)
+{
+int64_t next_time;
+
+if ((cmt->cmstr & (1 << ch)) == 0) {
+/* count disable, so not happened next event. */
+return ;
+}
+next_time = cmt->cmcor[ch] - cmt->cmcnt[ch];
+next_time *= NANOSECONDS_PER_SECOND;
+next_time /= cmt->input_freq;
+/*
+ * CKS -> div rate
+ 

[Qemu-devel] [PATCH RFC v7 03/12] target/rx: CPU definition

[Yoshinori Sato]

Signed-off-by: Yoshinori Sato 
---
 target/rx/cpu-qom.h |  52 
 target/rx/cpu.h | 197 
 target/rx/cpu.c | 232 
 3 files changed, 481 insertions(+)
 create mode 100644 target/rx/cpu-qom.h
 create mode 100644 target/rx/cpu.h
 create mode 100644 target/rx/cpu.c

diff --git a/target/rx/cpu-qom.h b/target/rx/cpu-qom.h
new file mode 100644
index 00..bad6d2c75d
--- /dev/null
+++ b/target/rx/cpu-qom.h
@@ -0,0 +1,52 @@
+/*
+ * QEMU RX CPU
+ *
+ * Copyright (c) 2019 Yoshinori Sato
+ *
+ * This program is free software; you can redistribute it and/or modify it
+ * under the terms and conditions of the GNU General Public License,
+ * version 2 or later, as published by the Free Software Foundation.
+ *
+ * This program is distributed in the hope it will be useful, but WITHOUT
+ * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
+ * FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License for
+ * more details.
+ *
+ * You should have received a copy of the GNU General Public License along with
+ * this program.  If not, see .
+ */
+
+#ifndef QEMU_RX_CPU_QOM_H
+#define QEMU_RX_CPU_QOM_H
+
+#include "qom/cpu.h"
+
+#define TYPE_RXCPU "rxcpu"
+
+#define RXCPU_CLASS(klass) \
+OBJECT_CLASS_CHECK(RXCPUClass, (klass), TYPE_RXCPU)
+#define RXCPU(obj) \
+OBJECT_CHECK(RXCPU, (obj), TYPE_RXCPU)
+#define RXCPU_GET_CLASS(obj) \
+OBJECT_GET_CLASS(RXCPUClass, (obj), TYPE_RXCPU)
+
+/*
+ * RXCPUClass:
+ * @parent_realize: The parent class' realize handler.
+ * @parent_reset: The parent class' reset handler.
+ *
+ * A RX CPU model.
+ */
+typedef struct RXCPUClass {
+/*< private >*/
+CPUClass parent_class;
+/*< public >*/
+
+DeviceRealize parent_realize;
+void (*parent_reset)(CPUState *cpu);
+
+} RXCPUClass;
+
+typedef struct RXCPU RXCPU;
+
+#endif
diff --git a/target/rx/cpu.h b/target/rx/cpu.h
new file mode 100644
index 00..2140cd4936
--- /dev/null
+++ b/target/rx/cpu.h
@@ -0,0 +1,197 @@
+/*
+ *  RX emulation definition
+ *
+ *  Copyright (c) 2019 Yoshinori Sato
+ *
+ * This program is free software; you can redistribute it and/or modify it
+ * under the terms and conditions of the GNU General Public License,
+ * version 2 or later, as published by the Free Software Foundation.
+ *
+ * This program is distributed in the hope it will be useful, but WITHOUT
+ * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
+ * FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License for
+ * more details.
+ *
+ * You should have received a copy of the GNU General Public License along with
+ * this program.  If not, see .
+ */
+
+#ifndef RX_CPU_H
+#define RX_CPU_H
+
+#include "qemu/bitops.h"
+#include "qemu-common.h"
+#include "hw/registerfields.h"
+#include "cpu-qom.h"
+
+#define TARGET_LONG_BITS 32
+#define TARGET_PAGE_BITS 12
+
+#define CPUArchState struct CPURXState
+
+#include "exec/cpu-defs.h"
+
+#define TARGET_PHYS_ADDR_SPACE_BITS 32
+#define TARGET_VIRT_ADDR_SPACE_BITS 32
+
+/* PSW define */
+REG32(PSW, 0)
+FIELD(PSW, C, 0, 1)
+FIELD(PSW, Z, 1, 1)
+FIELD(PSW, S, 2, 1)
+FIELD(PSW, O, 3, 1)
+FIELD(PSW, I, 16, 1)
+FIELD(PSW, U, 17, 1)
+FIELD(PSW, PM, 20, 1)
+FIELD(PSW, IPL, 24, 4)
+
+/* FPSW define */
+REG32(FPSW, 0)
+FIELD(FPSW, RM, 0, 2)
+FIELD(FPSW, CV, 2, 1)
+FIELD(FPSW, CO, 3, 1)
+FIELD(FPSW, CZ, 4, 1)
+FIELD(FPSW, CU, 5, 1)
+FIELD(FPSW, CX, 6, 1)
+FIELD(FPSW, CE, 7, 1)
+FIELD(FPSW, CAUSE, 2, 6)
+FIELD(FPSW, DN, 8, 1)
+FIELD(FPSW, EV, 10, 1)
+FIELD(FPSW, EO, 11, 1)
+FIELD(FPSW, EZ, 12, 1)
+FIELD(FPSW, EU, 13, 1)
+FIELD(FPSW, EX, 14, 1)
+FIELD(FPSW, ENABLE, 10, 5)
+FIELD(FPSW, FV, 26, 1)
+FIELD(FPSW, FO, 27, 1)
+FIELD(FPSW, FZ, 28, 1)
+FIELD(FPSW, FU, 29, 1)
+FIELD(FPSW, FX, 30, 1)
+FIELD(FPSW, FLAGS, 26, 4)
+FIELD(FPSW, FS, 31, 1)
+
+#define NB_MMU_MODES 1
+#define MMU_MODE0_SUFFIX _all
+
+typedef struct CPURXState {
+/* CPU registers */
+uint32_t regs[16];  /* general registers */
+uint32_t psw_o; /* O bit of status register */
+uint32_t psw_s; /* S bit of status register */
+uint32_t psw_z; /* Z bit of status register */
+uint32_t psw_c; /* C bit of status register */
+uint32_t psw_u;
+uint32_t psw_i;
+uint32_t psw_pm;
+uint32_t psw_ipl;
+uint32_t bpsw;  /* backup status */
+uint32_t bpc;   /* backup pc */
+uint32_t isp;   /* global base register */
+uint32_t usp;   /* vector base register */
+uint32_t pc;/* program counter */
+uint32_t intb;  /* interrupt vector */
+uint32_t fintv;
+uint32_t fpsw;
+uint64_t acc;
+
+/* Internal use */
+uint32_t in_sleep;
+uint32_t req_irq;   /* Requested interrupt 

[Qemu-devel] [PATCH RFC v7 11/12] MAINTAINERS: Add RX

[Yoshinori Sato]

Signed-off-by: Yoshinori Sato 
---
 MAINTAINERS | 19 +++
 1 file changed, 19 insertions(+)

diff --git a/MAINTAINERS b/MAINTAINERS
index 56139ac8ab..99d3428f04 100644
--- a/MAINTAINERS
+++ b/MAINTAINERS
@@ -272,6 +272,13 @@ F: include/hw/riscv/
 F: linux-user/host/riscv32/
 F: linux-user/host/riscv64/
 
+RENESAS RX
+M: Yoshinori Sato 
+S: Maintained
+F: target/rx/
+F: hw/rx/
+F: include/hw/rx/
+
 S390
 M: Richard Henderson 
 M: David Hildenbrand 
@@ -1099,6 +1106,18 @@ F: pc-bios/canyonlands.dt[sb]
 F: pc-bios/u-boot-sam460ex-20100605.bin
 F: roms/u-boot-sam460ex
 
+RX Machines
+---
+RX-QEMU
+M: Yoshinori Sato 
+S: Maintained
+F: hw/rx/rxqemu.c
+F: hw/intc/rx_icu.c
+F: hw/timer/renesas_*.c
+F: hw/char/renesas_sci.c
+F: include/hw/timer/renesas_*.h
+F: include/hw/char/renesas_sci.h
+
 SH4 Machines
 
 R2D
-- 
2.11.0

[Qemu-devel] [PATCH RFC v7 01/12] target/rx: TCG translation

[Yoshinori Sato]

This part only supported RXv1 instructions.
Instruction manual.
https://www.renesas.com/us/en/doc/products/mpumcu/doc/rx_family/r01us0032ej0120_rxsm.pdf

Signed-off-by: Yoshinori Sato 
---
 target/rx/translate.c  | 2433 
 target/rx/insns.decode |  617 
 2 files changed, 3050 insertions(+)
 create mode 100644 target/rx/translate.c
 create mode 100644 target/rx/insns.decode

diff --git a/target/rx/translate.c b/target/rx/translate.c
new file mode 100644
index 00..bbe36a5397
--- /dev/null
+++ b/target/rx/translate.c
@@ -0,0 +1,2433 @@
+/*
+ *  RX translation
+ *
+ *  Copyright (c) 2019 Yoshinori Sato
+ *
+ * This program is free software; you can redistribute it and/or modify it
+ * under the terms and conditions of the GNU General Public License,
+ * version 2 or later, as published by the Free Software Foundation.
+ *
+ * This program is distributed in the hope it will be useful, but WITHOUT
+ * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
+ * FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License for
+ * more details.
+ *
+ * You should have received a copy of the GNU General Public License along with
+ * this program.  If not, see .
+ */
+
+#include "qemu/osdep.h"
+#include "qemu/bswap.h"
+#include "cpu.h"
+#include "disas/disas.h"
+#include "exec/exec-all.h"
+#include "tcg-op.h"
+#include "exec/cpu_ldst.h"
+#include "exec/helper-proto.h"
+#include "exec/helper-gen.h"
+#include "exec/translator.h"
+#include "hw/registerfields.h"
+#include "trace-tcg.h"
+#include "exec/log.h"
+
+typedef struct DisasContext {
+DisasContextBase base;
+CPURXState *env;
+uint32_t pc;
+} DisasContext;
+
+typedef struct DisasCompare {
+TCGv value;
+TCGv temp;
+TCGCond cond;
+} DisasCompare;
+
+const char rx_crname[][6] = {
+"psw", "pc", "usp", "fpsw", "", "", "", "",
+"bpsw", "bpc", "isp", "fintv", "intb", "", "", "",
+};
+
+/* Target-specific values for dc->base.is_jmp.  */
+#define DISAS_JUMPDISAS_TARGET_0
+#define DISAS_UPDATE  DISAS_TARGET_1
+#define DISAS_EXITDISAS_TARGET_2
+
+/* global register indexes */
+static TCGv cpu_regs[16];
+static TCGv cpu_psw_o, cpu_psw_s, cpu_psw_z, cpu_psw_c;
+static TCGv cpu_psw_i, cpu_psw_pm, cpu_psw_u, cpu_psw_ipl;
+static TCGv cpu_usp, cpu_fpsw, cpu_bpsw, cpu_bpc, cpu_isp;
+static TCGv cpu_fintv, cpu_intb, cpu_pc;
+static TCGv_i64 cpu_acc;
+
+#define cpu_sp cpu_regs[0]
+
+#include "exec/gen-icount.h"
+
+/* decoder helper */
+static uint32_t decode_load_bytes(DisasContext *ctx, uint32_t insn,
+   int i, int n)
+{
+while (++i <= n) {
+uint8_t b = cpu_ldub_code(ctx->env, ctx->base.pc_next++);
+insn |= b << (32 - i * 8);
+}
+return insn;
+}
+
+static uint32_t li(DisasContext *ctx, int sz)
+{
+int32_t tmp, addr;
+CPURXState *env = ctx->env;
+addr = ctx->base.pc_next;
+
+tcg_debug_assert(sz < 4);
+switch (sz) {
+case 1:
+ctx->base.pc_next += 1;
+return cpu_ldsb_code(env, addr);
+case 2:
+ctx->base.pc_next += 2;
+return cpu_ldsw_code(env, addr);
+case 3:
+ctx->base.pc_next += 3;
+tmp = cpu_ldsb_code(env, addr + 2) << 16;
+tmp |= cpu_lduw_code(env, addr) & 0x;
+return tmp;
+case 0:
+ctx->base.pc_next += 4;
+return cpu_ldl_code(env, addr);
+}
+return 0;
+}
+
+static int bdsp_s(DisasContext *ctx, int d)
+{
+/*
+ * 0 -> 8
+ * 1 -> 9
+ * 2 -> 10
+ * 3 -> 3
+ * :
+ * 7 -> 7
+ */
+if (d < 3) {
+d += 8;
+}
+return d;
+}
+
+/* Include the auto-generated decoder. */
+#include "decode.inc.c"
+
+void rx_cpu_dump_state(CPUState *cs, FILE *f,
+   fprintf_function cpu_fprintf, int flags)
+{
+RXCPU *cpu = RXCPU(cs);
+CPURXState *env = >env;
+int i;
+uint32_t psw;
+
+psw = rx_cpu_pack_psw(env);
+cpu_fprintf(f, "pc=0x%08x psw=0x%08x\n",
+env->pc, psw);
+for (i = 0; i < 16; i += 4) {
+cpu_fprintf(f, "r%d=0x%08x r%d=0x%08x r%d=0x%08x r%d=0x%08x\n",
+i, env->regs[i], i + 1, env->regs[i + 1],
+i + 2, env->regs[i + 2], i + 3, env->regs[i + 3]);
+}
+}
+
+static bool use_goto_tb(DisasContext *dc, target_ulong dest)
+{
+if (unlikely(dc->base.singlestep_enabled)) {
+return false;
+} else {
+return true;
+}
+}
+
+static void gen_goto_tb(DisasContext *dc, int n, target_ulong dest)
+{
+if (use_goto_tb(dc, dest)) {
+tcg_gen_goto_tb(n);
+tcg_gen_movi_i32(cpu_pc, dest);
+tcg_gen_exit_tb(dc->base.tb, n);
+} else {
+tcg_gen_movi_i32(cpu_pc, dest);
+if (dc->base.singlestep_enabled) {
+gen_helper_debug(cpu_env);
+} else {
+tcg_gen_lookup_and_goto_ptr();
+}
+}
+dc->base.is_jmp = 

[Qemu-devel] [PATCH RFC v7 12/12] include/hw/regiserfields.h: Add 8bit and 16bit registers

[Yoshinori Sato]

Some RX peripheral using 8bit and 16bit registers.
Added 8bit and 16bit APIs.

Signed-off-by: Yoshinori Sato 
---
 include/hw/registerfields.h | 10 ++
 1 file changed, 10 insertions(+)

diff --git a/include/hw/registerfields.h b/include/hw/registerfields.h
index 2659a58737..f6bf911990 100644
--- a/include/hw/registerfields.h
+++ b/include/hw/registerfields.h
@@ -22,6 +22,14 @@
 enum { A_ ## reg = (addr) };  \
 enum { R_ ## reg = (addr) / 4 };
 
+#define REG8(reg, addr)  \
+enum { A_ ## reg = (addr) };  \
+enum { R_ ## reg = (addr) };
+
+#define REG16(reg, addr)  \
+enum { A_ ## reg = (addr) };  \
+enum { R_ ## reg = (addr) / 2 };
+
 /* Define SHIFT, LENGTH and MASK constants for a field within a register */
 
 /* This macro will define R_FOO_BAR_MASK, R_FOO_BAR_SHIFT and R_FOO_BAR_LENGTH
@@ -40,6 +48,8 @@
 #define FIELD_EX64(storage, reg, field)   \
 extract64((storage), R_ ## reg ## _ ## field ## _SHIFT,   \
   R_ ## reg ## _ ## field ## _LENGTH)
+#define FIELD_EX8  FIELD_EX32
+#define FIELD_EX16 FIELD_EX32
 
 /* Extract a field from an array of registers */
 #define ARRAY_FIELD_EX32(regs, reg, field)\
-- 
2.11.0

[Qemu-devel] [PATCH RFC v7 10/12] Add rx-softmmu

[Yoshinori Sato]

Signed-off-by: Yoshinori Sato 
---
 configure  | 8 
 default-configs/rx-softmmu.mak | 7 +++
 include/sysemu/arch_init.h | 1 +
 arch_init.c| 2 ++
 hw/Kconfig | 1 +
 5 files changed, 19 insertions(+)
 create mode 100644 default-configs/rx-softmmu.mak

diff --git a/configure b/configure
index 1c563a7027..c88af7cda9 100755
--- a/configure
+++ b/configure
@@ -7551,6 +7551,11 @@ case "$target_name" in
 gdb_xml_files="riscv-64bit-cpu.xml riscv-64bit-fpu.xml riscv-64bit-csr.xml"
 target_compiler=$cross_cc_riscv64
   ;;
+  rx)
+TARGET_ARCH=rx
+bflt="yes"
+target_compiler=$cross_cc_rx
+  ;;
   sh4|sh4eb)
 TARGET_ARCH=sh4
 bflt="yes"
@@ -7771,6 +7776,9 @@ for i in $ARCH $TARGET_BASE_ARCH ; do
   riscv*)
 disas_config "RISCV"
   ;;
+  rx)
+disas_config "RX"
+  ;;
   s390*)
 disas_config "S390"
   ;;
diff --git a/default-configs/rx-softmmu.mak b/default-configs/rx-softmmu.mak
new file mode 100644
index 00..3f62f04e9b
--- /dev/null
+++ b/default-configs/rx-softmmu.mak
@@ -0,0 +1,7 @@
+# Default configuration for rx-softmmu
+
+CONFIG_SERIAL=y
+CONFIG_RX=y
+CONFIG_RENESAS_SCI=y
+CONFIG_RENESAS_TMR=y
+CONFIG_RENESAS_CMT=y
diff --git a/include/sysemu/arch_init.h b/include/sysemu/arch_init.h
index 10cbafe970..3f4f844f7b 100644
--- a/include/sysemu/arch_init.h
+++ b/include/sysemu/arch_init.h
@@ -25,6 +25,7 @@ enum {
 QEMU_ARCH_NIOS2 = (1 << 17),
 QEMU_ARCH_HPPA = (1 << 18),
 QEMU_ARCH_RISCV = (1 << 19),
+QEMU_ARCH_RX = (1 << 20),
 };
 
 extern const uint32_t arch_type;
diff --git a/arch_init.c b/arch_init.c
index f4f3f610c8..cc25ddd7ca 100644
--- a/arch_init.c
+++ b/arch_init.c
@@ -74,6 +74,8 @@ int graphic_depth = 32;
 #define QEMU_ARCH QEMU_ARCH_PPC
 #elif defined(TARGET_RISCV)
 #define QEMU_ARCH QEMU_ARCH_RISCV
+#elif defined(TARGET_RX)
+#define QEMU_ARCH QEMU_ARCH_RX
 #elif defined(TARGET_S390X)
 #define QEMU_ARCH QEMU_ARCH_S390X
 #elif defined(TARGET_SH4)
diff --git a/hw/Kconfig b/hw/Kconfig
index 88b9f15007..63a071092e 100644
--- a/hw/Kconfig
+++ b/hw/Kconfig
@@ -53,6 +53,7 @@ source nios2/Kconfig
 source openrisc/Kconfig
 source ppc/Kconfig
 source riscv/Kconfig
+source rx/Kconfig
 source s390x/Kconfig
 source sh4/Kconfig
 source sparc/Kconfig
-- 
2.11.0

[Qemu-devel] [PATCH RFC v7 00/12] Add RX archtecture support

[Yoshinori Sato]

Hello.
This patch series is added Renesas RX target emulation.

It was corrected because the correspondence to registerfield was insufficient.

My git repository is bellow.
git://git.pf.osdn.net/gitroot/y/ys/ysato/qemu.git

Testing binaries bellow.
u-boot
Download - https://osdn.net/users/ysato/pf/qemu/dl/u-boot.bin.gz

starting
$ gzip -d u-boot.bin.gz
$ qemu-system-rx -bios u-boot.bin

linux and pico-root (only sash)
Download - https://osdn.net/users/ysato/pf/qemu/dl/zImage (kernel)
   https://osdn.net/users/ysato/pf/qemu/dl/rx-qemu.dtb (DeviceTree)

starting
$ qemu-system-rx -kernel zImage -dtb rx-qemu.dtb -append "earlycon"

Changes v6.
Add FIELD_DP8 and FIELD_DP16 to hw/registerfields.h.
Fixed registerfield support in timer and serial emulation.

Yoshinori Sato (12):
  target/rx: TCG translation
  target/rx: TCG helper
  target/rx: CPU definition
  target/rx: RX disassembler
  target/rx: Miscellaneous files
  hw/intc: RX62N interrupt controller (ICUa)
  hw/timer: RX62N internal timer modules
  hw/char: RX62N serical communication interface (SCI)
  hw/rx: RX Target hardware definition
  Add rx-softmmu
  MAINTAINERS: Add RX
  hw/registerfields.h: Add 8bit and 16bit register macros.

 configure  |8 +
 default-configs/rx-softmmu.mak |7 +
 include/disas/bfd.h|5 +
 include/hw/char/renesas_sci.h  |   45 +
 include/hw/intc/rx_icu.h   |   49 +
 include/hw/registerfields.h|   28 +-
 include/hw/rx/rx.h |7 +
 include/hw/rx/rx62n.h  |   54 +
 include/hw/timer/renesas_cmt.h |   33 +
 include/hw/timer/renesas_tmr.h |   46 +
 include/sysemu/arch_init.h |1 +
 target/rx/cpu-qom.h|   52 +
 target/rx/cpu.h|  197 
 target/rx/helper.h |   31 +
 arch_init.c|2 +
 hw/char/renesas_sci.c  |  341 ++
 hw/intc/rx_icu.c   |  373 ++
 hw/rx/rx62n.c  |  226 
 hw/rx/rxqemu.c |  100 ++
 hw/timer/renesas_cmt.c |  277 +
 hw/timer/renesas_tmr.c |  458 
 target/rx/cpu.c|  232 
 target/rx/disas.c  | 1481 
 target/rx/gdbstub.c|  112 ++
 target/rx/helper.c |  148 +++
 target/rx/monitor.c|   38 +
 target/rx/op_helper.c  |  481 
 target/rx/translate.c  | 2433 
 MAINTAINERS|   19 +
 hw/Kconfig |1 +
 hw/char/Kconfig|3 +
 hw/char/Makefile.objs  |2 +-
 hw/intc/Makefile.objs  |1 +
 hw/rx/Kconfig  |2 +
 hw/rx/Makefile.objs|1 +
 hw/timer/Kconfig   |6 +
 hw/timer/Makefile.objs |3 +
 target/rx/Makefile.objs|   11 +
 target/rx/insns.decode |  617 ++
 39 files changed, 7929 insertions(+), 2 deletions(-)
 create mode 100644 default-configs/rx-softmmu.mak
 create mode 100644 include/hw/char/renesas_sci.h
 create mode 100644 include/hw/intc/rx_icu.h
 create mode 100644 include/hw/rx/rx.h
 create mode 100644 include/hw/rx/rx62n.h
 create mode 100644 include/hw/timer/renesas_cmt.h
 create mode 100644 include/hw/timer/renesas_tmr.h
 create mode 100644 target/rx/cpu-qom.h
 create mode 100644 target/rx/cpu.h
 create mode 100644 target/rx/helper.h
 create mode 100644 hw/char/renesas_sci.c
 create mode 100644 hw/intc/rx_icu.c
 create mode 100644 hw/rx/rx62n.c
 create mode 100644 hw/rx/rxqemu.c
 create mode 100644 hw/timer/renesas_cmt.c
 create mode 100644 hw/timer/renesas_tmr.c
 create mode 100644 target/rx/cpu.c
 create mode 100644 target/rx/disas.c
 create mode 100644 target/rx/gdbstub.c
 create mode 100644 target/rx/helper.c
 create mode 100644 target/rx/monitor.c
 create mode 100644 target/rx/op_helper.c
 create mode 100644 target/rx/translate.c
 create mode 100644 hw/rx/Kconfig
 create mode 100644 hw/rx/Makefile.objs
 create mode 100644 target/rx/Makefile.objs
 create mode 100644 target/rx/insns.decode

-- 
2.11.0

[Qemu-devel] [PATCH RFC v7 06/12] hw/intc: RX62N interrupt controller (ICUa)

[Yoshinori Sato]

This implementation supported only ICUa.
Hardware manual.
https://www.renesas.com/us/en/doc/products/mpumcu/doc/rx_family/r01uh0033ej0140_rx62n.pdf

Signed-off-by: Yoshinori Sato 
---
 include/hw/intc/rx_icu.h |  49 +++
 hw/intc/rx_icu.c | 373 +++
 hw/intc/Makefile.objs|   1 +
 3 files changed, 423 insertions(+)
 create mode 100644 include/hw/intc/rx_icu.h
 create mode 100644 hw/intc/rx_icu.c

diff --git a/include/hw/intc/rx_icu.h b/include/hw/intc/rx_icu.h
new file mode 100644
index 00..bc46b3079b
--- /dev/null
+++ b/include/hw/intc/rx_icu.h
@@ -0,0 +1,49 @@
+#ifndef RX_ICU_H
+#define RX_ICU_H
+
+#include "qemu-common.h"
+#include "hw/irq.h"
+
+struct IRQSource {
+int sense;
+int level;
+};
+
+struct RXICUState {
+SysBusDevice parent_obj;
+
+MemoryRegion memory;
+struct IRQSource src[256];
+char *icutype;
+uint32_t nr_irqs;
+uint32_t *map;
+uint32_t nr_sense;
+uint32_t *init_sense;
+
+uint8_t ir[256];
+uint8_t dtcer[256];
+uint8_t ier[32];
+uint8_t ipr[142];
+uint8_t dmasr[4];
+uint16_t fir;
+uint8_t nmisr;
+uint8_t nmier;
+uint8_t nmiclr;
+uint8_t nmicr;
+int req_irq;
+qemu_irq _irq;
+qemu_irq _fir;
+qemu_irq _swi;
+};
+typedef struct RXICUState RXICUState;
+
+#define TYPE_RXICU "rxicu"
+#define RXICU(obj) OBJECT_CHECK(RXICUState, (obj), TYPE_RXICU)
+
+#define SWI 27
+#define TRG_LEVEL 0
+#define TRG_NEDGE 1
+#define TRG_PEDGE 2
+#define TRG_BEDGE 3
+
+#endif /* RX_ICU_H */
diff --git a/hw/intc/rx_icu.c b/hw/intc/rx_icu.c
new file mode 100644
index 00..7c7336960d
--- /dev/null
+++ b/hw/intc/rx_icu.c
@@ -0,0 +1,373 @@
+/*
+ * RX Interrupt control unit
+ *
+ * Datasheet: RX62N Group, RX621 Group User's Manual: Hardware
+ * (Rev.1.40 R01UH0033EJ0140)
+ *
+ * Copyright (c) 2019 Yoshinori Sato
+ *
+ * This program is free software; you can redistribute it and/or modify it
+ * under the terms and conditions of the GNU General Public License,
+ * version 2 or later, as published by the Free Software Foundation.
+ *
+ * This program is distributed in the hope it will be useful, but WITHOUT
+ * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
+ * FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License for
+ * more details.
+ *
+ * You should have received a copy of the GNU General Public License along with
+ * this program.  If not, see .
+ */
+
+#include "qemu/osdep.h"
+#include "qemu-common.h"
+#include "qemu/log.h"
+#include "qapi/error.h"
+#include "cpu.h"
+#include "hw/hw.h"
+#include "hw/sysbus.h"
+#include "hw/registerfields.h"
+#include "hw/intc/rx_icu.h"
+#include "qemu/error-report.h"
+
+REG8(IR, 0)
+  FIELD(IR, IR,  0, 1)
+REG8(DTCER, 0x100)
+  FIELD(DTCER, DTCE,  0, 1)
+REG8(IER, 0x200)
+REG8(SWINTR, 0x2e0)
+  FIELD(SWINTR, SWINT, 0, 1)
+REG16(FIR, 0x2f0)
+  FIELD(FIR, FVCT, 0, 8)
+  FIELD(FIR, FIEN, 15, 1)
+REG8(IPR, 0x300)
+  FIELD(IPR, IPR, 0, 4)
+REG8(DMRSR, 0x400)
+REG8(IRQCR, 0x500)
+  FIELD(IRQCR, IRQMD, 2, 2)
+REG8(NMISR, 0x580)
+  FIELD(NMISR, NMIST, 0, 1)
+  FIELD(NMISR, LVDST, 1, 1)
+  FIELD(NMISR, OSTST, 2, 1)
+REG8(NMIER, 0x581)
+  FIELD(NMIER, NMIEN, 0, 1)
+  FIELD(NMIER, LVDEN, 1, 1)
+  FIELD(NMIER, OSTEN, 2, 1)
+REG8(NMICLR, 0x582)
+  FIELD(NMICLR, NMICLR, 0, 1)
+  FIELD(NMICLR, OSTCLR, 2, 1)
+REG8(NMICR, 0x583)
+  FIELD(NMICR, NMIMD, 3, 1)
+
+#define request(icu, n) (icu->ipr[icu->map[n]] << 8 | n)
+
+static qemu_irq *rxicu_pin(RXICUState *icu, int n_IRQ)
+{
+if ((icu->fir & R_FIR_FIEN_MASK) &&
+(icu->fir & R_FIR_FVCT_MASK) == n_IRQ) {
+return >_fir;
+} else {
+return >_irq;
+}
+}
+
+static void rxicu_request(RXICUState *icu, int n_IRQ)
+{
+int enable;
+
+enable = icu->ier[n_IRQ / 8] & (1 << (n_IRQ & 7));
+if (n_IRQ > 0 && enable != 0 && atomic_read(>req_irq) < 0) {
+atomic_set(>req_irq, n_IRQ);
+qemu_set_irq(*rxicu_pin(icu, n_IRQ), request(icu, n_IRQ));
+}
+}
+
+static void rxicu_set_irq(void *opaque, int n_IRQ, int level)
+{
+RXICUState *icu = opaque;
+struct IRQSource *src;
+int issue;
+
+if (n_IRQ >= 256) {
+error_report("%s: IRQ %d out of range", __func__, n_IRQ);
+return;
+}
+
+src = >src[n_IRQ];
+
+level = (level != 0);
+switch (src->sense) {
+case TRG_LEVEL:
+/* level-sensitive irq */
+issue = level;
+src->level = level;
+break;
+case TRG_NEDGE:
+issue = (level == 0 && src->level == 1);
+src->level = level;
+break;
+case TRG_PEDGE:
+issue = (level == 1 && src->level == 0);
+src->level = level;
+break;
+case TRG_BEDGE:
+issue = ((level ^ src->level) & 1);
+src->level = level;
+break;
+}
+if (issue == 0 && src->sense == TRG_LEVEL) {
+icu->ir[n_IRQ] = 0;
+if (atomic_read(>req_irq) == n_IRQ) 

[Qemu-devel] [PATCH RFC v7 05/12] target/rx: Miscellaneous files

[Yoshinori Sato]

Signed-off-by: Yoshinori Sato 
---
 target/rx/gdbstub.c | 112 
 target/rx/monitor.c |  38 
 target/rx/Makefile.objs |  11 +
 3 files changed, 161 insertions(+)
 create mode 100644 target/rx/gdbstub.c
 create mode 100644 target/rx/monitor.c
 create mode 100644 target/rx/Makefile.objs

diff --git a/target/rx/gdbstub.c b/target/rx/gdbstub.c
new file mode 100644
index 00..d76ca52e82
--- /dev/null
+++ b/target/rx/gdbstub.c
@@ -0,0 +1,112 @@
+/*
+ * RX gdb server stub
+ *
+ * Copyright (c) 2019 Yoshinori Sato
+ *
+ * This program is free software; you can redistribute it and/or modify it
+ * under the terms and conditions of the GNU General Public License,
+ * version 2 or later, as published by the Free Software Foundation.
+ *
+ * This program is distributed in the hope it will be useful, but WITHOUT
+ * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
+ * FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License for
+ * more details.
+ *
+ * You should have received a copy of the GNU General Public License along with
+ * this program.  If not, see .
+ */
+#include "qemu/osdep.h"
+#include "qemu-common.h"
+#include "cpu.h"
+#include "exec/gdbstub.h"
+
+int rx_cpu_gdb_read_register(CPUState *cs, uint8_t *mem_buf, int n)
+{
+RXCPU *cpu = RXCPU(cs);
+CPURXState *env = >env;
+
+switch (n) {
+case 0 ... 15:
+return gdb_get_regl(mem_buf, env->regs[n]);
+case 16:
+return gdb_get_regl(mem_buf, (env->psw_u) ? env->regs[0] : env->usp);
+case 17:
+return gdb_get_regl(mem_buf, (!env->psw_u) ? env->regs[0] : env->isp);
+case 18:
+return gdb_get_regl(mem_buf, rx_cpu_pack_psw(env));
+case 19:
+return gdb_get_regl(mem_buf, env->pc);
+case 20:
+return gdb_get_regl(mem_buf, env->intb);
+case 21:
+return gdb_get_regl(mem_buf, env->bpsw);
+case 22:
+return gdb_get_regl(mem_buf, env->bpc);
+case 23:
+return gdb_get_regl(mem_buf, env->fintv);
+case 24:
+return gdb_get_regl(mem_buf, env->fpsw);
+case 25:
+return 0;
+}
+return 0;
+}
+
+int rx_cpu_gdb_write_register(CPUState *cs, uint8_t *mem_buf, int n)
+{
+RXCPU *cpu = RXCPU(cs);
+CPURXState *env = >env;
+uint32_t psw;
+switch (n) {
+case 0 ... 15:
+env->regs[n] = ldl_p(mem_buf);
+if (n == 0) {
+if (env->psw_u) {
+env->usp = env->regs[0];
+} else {
+env->isp = env->regs[0];
+}
+}
+break;
+case 16:
+env->usp = ldl_p(mem_buf);
+if (env->psw_u) {
+env->regs[0] = ldl_p(mem_buf);
+}
+break;
+case 17:
+env->isp = ldl_p(mem_buf);
+if (!env->psw_u) {
+env->regs[0] = ldl_p(mem_buf);
+}
+break;
+case 18:
+psw = ldl_p(mem_buf);
+rx_cpu_unpack_psw(env, psw, 1);
+break;
+case 19:
+env->pc = ldl_p(mem_buf);
+break;
+case 20:
+env->intb = ldl_p(mem_buf);
+break;
+case 21:
+env->bpsw = ldl_p(mem_buf);
+break;
+case 22:
+env->bpc = ldl_p(mem_buf);
+break;
+case 23:
+env->fintv = ldl_p(mem_buf);
+break;
+case 24:
+env->fpsw = ldl_p(mem_buf);
+break;
+case 25:
+return 8;
+default:
+return 0;
+}
+
+return 4;
+}
diff --git a/target/rx/monitor.c b/target/rx/monitor.c
new file mode 100644
index 00..5d7a1e58b5
--- /dev/null
+++ b/target/rx/monitor.c
@@ -0,0 +1,38 @@
+/*
+ * QEMU monitor
+ *
+ * Copyright (c) 2003-2004 Fabrice Bellard
+ *
+ * Permission is hereby granted, free of charge, to any person obtaining a copy
+ * of this software and associated documentation files (the "Software"), to 
deal
+ * in the Software without restriction, including without limitation the rights
+ * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+ * copies of the Software, and to permit persons to whom the Software is
+ * furnished to do so, subject to the following conditions:
+ *
+ * The above copyright notice and this permission notice shall be included in
+ * all copies or substantial portions of the Software.
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+ * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+ * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL
+ * THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+ * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING 
FROM,
+ * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
+ * THE SOFTWARE.
+ */
+#include "qemu/osdep.h"
+#include "cpu.h"
+#include "monitor/monitor.h"
+#include "monitor/hmp-target.h"

Re: [Qemu-devel] [PATCH 5/6] memory_ldst: Add atomic ops for PTE updates

[Benjamin Herrenschmidt]

On Mon, 2019-04-15 at 13:38 +1000, David Gibson wrote:
> On Thu, Apr 11, 2019 at 10:00:03AM +0200, Cédric Le Goater wrote:
> > From: Benjamin Herrenschmidt 
> > 
> > On some architectures, PTE updates for dirty and changed bits need
> > to be performed atomically. This adds a couple of
> > address_space_cmpxchg*
> > helpers for that purpose.
> > 
> > Signed-off-by: Benjamin Herrenschmidt 
> > Signed-off-by: Cédric Le Goater 
> 
> Reviewed-by: David Gibson 
> 
> But I think this needs to go past Paolo for review as memory
> subsystem maintainer.

This needs to go to rth and Peter. They were talking about a change in
the abstraction to do these more cleanly... that said, it might be
worthwhile merging the fixes first.

Cheers,
Ben.

> 
> > ---
> >  include/exec/memory_ldst.inc.h |  6 +++
> >  memory_ldst.inc.c  | 80
> > ++
> >  2 files changed, 86 insertions(+)
> > 
> > diff --git a/include/exec/memory_ldst.inc.h
> > b/include/exec/memory_ldst.inc.h
> > index 272c20f02eae..f3cfa7e9a622 100644
> > --- a/include/exec/memory_ldst.inc.h
> > +++ b/include/exec/memory_ldst.inc.h
> > @@ -28,6 +28,12 @@ extern uint64_t glue(address_space_ldq,
> > SUFFIX)(ARG1_DECL,
> >  hwaddr addr, MemTxAttrs attrs, MemTxResult *result);
> >  extern void glue(address_space_stl_notdirty, SUFFIX)(ARG1_DECL,
> >  hwaddr addr, uint32_t val, MemTxAttrs attrs, MemTxResult
> > *result);
> > +extern uint32_t glue(address_space_cmpxchgl_notdirty,
> > SUFFIX)(ARG1_DECL,
> > +hwaddr addr, uint32_t old, uint32_t new, MemTxAttrs attrs,
> > +MemTxResult *result);
> > +extern uint32_t glue(address_space_cmpxchgq_notdirty,
> > SUFFIX)(ARG1_DECL,
> > +hwaddr addr, uint64_t old, uint64_t new, MemTxAttrs attrs,
> > +MemTxResult *result);
> >  extern void glue(address_space_stw, SUFFIX)(ARG1_DECL,
> >  hwaddr addr, uint32_t val, MemTxAttrs attrs, MemTxResult
> > *result);
> >  extern void glue(address_space_stl, SUFFIX)(ARG1_DECL,
> > diff --git a/memory_ldst.inc.c b/memory_ldst.inc.c
> > index acf865b900d7..1d58d2fea67d 100644
> > --- a/memory_ldst.inc.c
> > +++ b/memory_ldst.inc.c
> > @@ -320,6 +320,86 @@ void glue(address_space_stl_notdirty,
> > SUFFIX)(ARG1_DECL,
> >  RCU_READ_UNLOCK();
> >  }
> >  
> > +/* This is meant to be used for atomic PTE updates under MT-TCG */
> > +uint32_t glue(address_space_cmpxchgl_notdirty, SUFFIX)(ARG1_DECL,
> > +hwaddr addr, uint32_t old, uint32_t new, MemTxAttrs attrs,
> > +MemTxResult *result)
> > +{
> > +uint8_t *ptr;
> > +MemoryRegion *mr;
> > +hwaddr l = 4;
> > +hwaddr addr1;
> > +MemTxResult r;
> > +uint8_t dirty_log_mask;
> > +
> > +/* Must test result */
> > +assert(result);
> > +
> > +RCU_READ_LOCK();
> > +mr = TRANSLATE(addr, , , true, attrs);
> > +if (l < 4 || !memory_access_is_direct(mr, true)) {
> > +r = MEMTX_ERROR;
> > +} else {
> > +uint32_t orig = old;
> > +
> > +ptr = qemu_map_ram_ptr(mr->ram_block, addr1);
> > +old = atomic_cmpxchg(ptr, orig, new);
> > +
> > +if (old == orig) {
> > +dirty_log_mask = memory_region_get_dirty_log_mask(mr);
> > +dirty_log_mask &= ~(1 << DIRTY_MEMORY_CODE);
> > +cpu_physical_memory_set_dirty_range(memory_region_get_
> > ram_addr(mr) +
> > +addr, 4,
> > dirty_log_mask);
> > +}
> > +r = MEMTX_OK;
> > +}
> > +*result = r;
> > +RCU_READ_UNLOCK();
> > +
> > +return old;
> > +}
> > +
> > +#ifdef CONFIG_ATOMIC64
> > +/* This is meant to be used for atomic PTE updates under MT-TCG */
> > +uint32_t glue(address_space_cmpxchgq_notdirty, SUFFIX)(ARG1_DECL,
> > +hwaddr addr, uint64_t old, uint64_t new, MemTxAttrs attrs,
> > +MemTxResult *result)
> > +{
> > +uint8_t *ptr;
> > +MemoryRegion *mr;
> > +hwaddr l = 8;
> > +hwaddr addr1;
> > +MemTxResult r;
> > +uint8_t dirty_log_mask;
> > +
> > +/* Must test result */
> > +assert(result);
> > +
> > +RCU_READ_LOCK();
> > +mr = TRANSLATE(addr, , , true, attrs);
> > +if (l < 8 || !memory_access_is_direct(mr, true)) {
> > +r = MEMTX_ERROR;
> > +} else {
> > +uint32_t orig = old;
> > +
> > +ptr = qemu_map_ram_ptr(mr->ram_block, addr1);
> > +old = atomic_cmpxchg(ptr, orig, new);
> > +
> > +if (old == orig) {
> > +dirty_log_mask = memory_region_get_dirty_log_mask(mr);
> > +dirty_log_mask &= ~(1 << DIRTY_MEMORY_CODE);
> > +cpu_physical_memory_set_dirty_range(memory_region_get_
> > ram_addr(mr) +
> > +addr, 8,
> > dirty_log_mask);
> > +}
> > +r = MEMTX_OK;
> > +}
> > +*result = r;
> > +RCU_READ_UNLOCK();
> > +
> > +return old;
> > +}
> > +#endif /* CONFIG_ATOMIC64 */
> > +
> >  /* warning: addr must be aligned */
> >  static inline void 

Re: [Qemu-devel] [PATCH v2] spapr: add splpar hcalls H_JOIN, H_PROD, H_CONFER

[Nicholas Piggin]

David Gibson's on April 15, 2019 2:13 pm:
> On Fri, Apr 12, 2019 at 07:36:03PM +1000, Nicholas Piggin wrote:
>> These implementations have a few deficiencies that are noted, but are
>> good enough for Linux to use.
>> 
>> Signed-off-by: Nicholas Piggin 
>> ---
>> 
>> Cleaned up checkpatch warnings, sorry I didn't realise that exists.
>> 
>>  hw/ppc/spapr_hcall.c | 88 
>>  1 file changed, 88 insertions(+)
>> 
>> diff --git a/hw/ppc/spapr_hcall.c b/hw/ppc/spapr_hcall.c
>> index 8a736797b9..e985bb694d 100644
>> --- a/hw/ppc/spapr_hcall.c
>> +++ b/hw/ppc/spapr_hcall.c
>> @@ -1065,6 +1065,90 @@ static target_ulong h_cede(PowerPCCPU *cpu, 
>> SpaprMachineState *spapr,
>>  return H_SUCCESS;
>>  }
>>  
>> +static target_ulong h_join(PowerPCCPU *cpu, SpaprMachineState *spapr,
>> +   target_ulong opcode, target_ulong *args)
>> +{
>> +CPUPPCState *env = >env;
>> +CPUState *cs = CPU(cpu);
>> +
>> +if (env->msr & (1ULL << MSR_EE)) {
>> +return H_BAD_MODE;
>> +}
>> +
>> +/*
>> + * This should check for single-threaded mode. In practice, Linux
>> + * does not try to H_JOIN all CPUs.
>> + */
>> +
>> +cs->halted = 1;
>> +cs->exception_index = EXCP_HALTED;
>> +cs->exit_request = 1;
>> +
>> +return H_SUCCESS;
>> +}
>> +
>> +static target_ulong h_confer(PowerPCCPU *cpu, SpaprMachineState *spapr,
>> +   target_ulong opcode, target_ulong *args)
>> +{
>> +target_long target = args[0];
>> +CPUState *cs = CPU(cpu);
>> +
>> +/*
>> + * This does not do a targeted yield or confer, but check the parameter
>> + * anyway. -1 means confer to all/any other CPUs.
>> + */
>> +if (target != -1 && !CPU(spapr_find_cpu(target))) {
>> +return H_PARAMETER;
>> +}
>> +
>> +/*
>> + * H_CONFER with target == this is not exactly the same as H_JOIN
>> + * according to PAPR (e.g., MSR[EE] check and single threaded check
>> + * is not done in this case), but unlikely to matter.
>> + */
>> +if (cpu == spapr_find_cpu(target)) {
>> +return h_join(cpu, spapr, opcode, args);
>> +}
>> +
>> +/*
>> + * This does not implement the dispatch sequence check that PAPR calls 
>> for,
>> + * but PAPR also specifies a stronger implementation where the target 
>> must
>> + * be run (or EE, or H_PROD) before H_CONFER returns. Without such a 
>> hard
>> + * scheduling requirement implemented, there is no correctness reason to
>> + * implement the dispatch sequence check.
>> + */
>> +cs->exception_index = EXCP_YIELD;
>> +cpu_loop_exit(cs);
>> +
>> +return H_SUCCESS;
>> +}
>> +
>> +/*
>> + * H_PROD and H_CONFER are specified to only modify GPR r3, which is not
>> + * achievable running under KVM,
> 
> Uh.. why not?

sc 1 handler kills ctr and cr0, but I misread the spec, they are not
specified to modify _only_ GPR r3, but rather the only GPR modified
is r3. cr0 and ctr still in the kill set.

>> although KVM already implements H_CONFER
>> + * this way.
> 
> And this seems to contradict the above.

I just meat it already is implemented with those clobbers, but as
above that's not a problem. I'll take the comment out.

>> + */
>> +static target_ulong h_prod(PowerPCCPU *cpu, SpaprMachineState *spapr,
>> +   target_ulong opcode, target_ulong *args)
>> +{
>> +target_long target = args[0];
>> +CPUState *cs;
>> +
>> +/*
>> + * Should set the prod flag in the VPA.
> 
> So.. why doesn't it?

It needs to be cleared at all vCPU dispatch points to SPEC, not just
when calling H_CEDE as Ben's patch had. I think complexity would be
significant for questionable benefit. Like the dispatch sequence, it
seems like the test is trying to cover some race condition for the
client but does not really do it well (and for Linux not necessary).

prod bit is cleared after vCPU returns from preemption, so it can 
clear at any time and you can't rely on it, unless you look at 
dispatch sequence numbers to decipher if it was reset or not.

KVM does implement something like the prodded flag as Ben's patch did
but that's not to spec AFAIKS.

> 
>> + */
>> +
>> +cs = CPU(spapr_find_cpu(target));
>> +if (!cs) {
>> +return H_PARAMETER;
>> +}
>> +
>> +cs->halted = 0;
>> +qemu_cpu_kick(cs);
>> +
>> +return H_SUCCESS;
>> +}
>> +
>>  static target_ulong h_rtas(PowerPCCPU *cpu, SpaprMachineState *spapr,
>> target_ulong opcode, target_ulong *args)
>>  {
>> @@ -1860,6 +1944,10 @@ static void hypercall_register_types(void)
>>  /* hcall-splpar */
>>  spapr_register_hypercall(H_REGISTER_VPA, h_register_vpa);
>>  spapr_register_hypercall(H_CEDE, h_cede);
>> +spapr_register_hypercall(H_CONFER, h_confer);
>> +spapr_register_hypercall(H_JOIN, h_join);
> 
> I don't see any sign that H_JOIN is implemented in KVM, although
> H_CONFER and 

[Qemu-devel] [Bug 1824053] Re: Qemu-img convert appears to be stuck on aarch64 host with low probability

[贞贵李]

I  can't reproduce this problem with  qemu.git/matser?  It seems to have
been fixed in qemu.git/matser.

But  I haven't found which patch fixed this problem from QEMU version
2.8.1 to  qemu.git/matser.

Could anybody give me some suggestions? Thanks for your reply.

-- 
You received this bug notification because you are a member of qemu-
devel-ml, which is subscribed to QEMU.
https://bugs.launchpad.net/bugs/1824053

Title:
  Qemu-img convert appears to be stuck on aarch64 host with low
  probability

Status in QEMU:
  New

Bug description:
  Hi,  I found a problem that qemu-img convert appears to be stuck on
  aarch64 host with low probability.

  The convert command  line is  "qemu-img convert -f qcow2 -O raw
  disk.qcow2 disk.raw ".

  The bt is below:

  Thread 2 (Thread 0x4b776e50 (LWP 27215)):
  #0  0x4a3f2994 in sigtimedwait () from /lib64/libc.so.6
  #1  0x4a39c60c in sigwait () from /lib64/libpthread.so.0
  #2  0xaae82610 in sigwait_compat (opaque=0xc5163b00) at 
util/compatfd.c:37
  #3  0xaae85038 in qemu_thread_start (args=args@entry=0xc5163b90) 
at util/qemu_thread_posix.c:496
  #4  0x4a3918bc in start_thread () from /lib64/libpthread.so.0
  #5  0x4a492b2c in thread_start () from /lib64/libc.so.6

  Thread 1 (Thread 0x4b573370 (LWP 27214)):
  #0  0x4a489020 in ppoll () from /lib64/libc.so.6
  #1  0xaadaefc0 in ppoll (__ss=0x0, __timeout=0x0, __nfds=, __fds=) at /usr/include/bits/poll2.h:77
  #2  qemu_poll_ns (fds=, nfds=, 
timeout=) at qemu_timer.c:391
  #3  0xaadae014 in os_host_main_loop_wait (timeout=) at 
main_loop.c:272
  #4  0xaadae190 in main_loop_wait (nonblocking=) at 
main_loop.c:534
  #5  0xaad97be0 in convert_do_copy (s=0xdc32eb48) at 
qemu-img.c:1923
  #6  0xaada2d70 in img_convert (argc=, argv=) at qemu-img.c:2414
  #7  0xaad99ac4 in main (argc=7, argv=) at 
qemu-img.c:5305

  
  The problem seems to be very similar to the phenomenon described by this 
patch 
(https://resources.ovirt.org/pub/ovirt-4.1/src/qemu-kvm-ev/0025-aio_notify-force-main-loop-wakeup-with-SIGIO-aarch64.patch),
 

  which force main loop wakeup with SIGIO.  But this patch was reverted
  by the patch (http://ovirt.repo.nfrance.com/src/qemu-kvm-ev/kvm-
  Revert-aio_notify-force-main-loop-wakeup-with-SIGIO-.patch).

  The problem still seems to exist in aarch64 host. The qemu version I used is 
2.8.1. The host version is 4.19.28-1.2.108.aarch64.
   Do you have any solutions to fix it?  Thanks for your reply !

To manage notifications about this bug go to:
https://bugs.launchpad.net/qemu/+bug/1824053/+subscriptions

Re: [Qemu-devel] [PATCH v2] spapr: add splpar hcalls H_JOIN, H_PROD, H_CONFER

[David Gibson]

On Fri, Apr 12, 2019 at 07:36:03PM +1000, Nicholas Piggin wrote:
> These implementations have a few deficiencies that are noted, but are
> good enough for Linux to use.
> 
> Signed-off-by: Nicholas Piggin 
> ---
> 
> Cleaned up checkpatch warnings, sorry I didn't realise that exists.
> 
>  hw/ppc/spapr_hcall.c | 88 
>  1 file changed, 88 insertions(+)
> 
> diff --git a/hw/ppc/spapr_hcall.c b/hw/ppc/spapr_hcall.c
> index 8a736797b9..e985bb694d 100644
> --- a/hw/ppc/spapr_hcall.c
> +++ b/hw/ppc/spapr_hcall.c
> @@ -1065,6 +1065,90 @@ static target_ulong h_cede(PowerPCCPU *cpu, 
> SpaprMachineState *spapr,
>  return H_SUCCESS;
>  }
>  
> +static target_ulong h_join(PowerPCCPU *cpu, SpaprMachineState *spapr,
> +   target_ulong opcode, target_ulong *args)
> +{
> +CPUPPCState *env = >env;
> +CPUState *cs = CPU(cpu);
> +
> +if (env->msr & (1ULL << MSR_EE)) {
> +return H_BAD_MODE;
> +}
> +
> +/*
> + * This should check for single-threaded mode. In practice, Linux
> + * does not try to H_JOIN all CPUs.
> + */
> +
> +cs->halted = 1;
> +cs->exception_index = EXCP_HALTED;
> +cs->exit_request = 1;
> +
> +return H_SUCCESS;
> +}
> +
> +static target_ulong h_confer(PowerPCCPU *cpu, SpaprMachineState *spapr,
> +   target_ulong opcode, target_ulong *args)
> +{
> +target_long target = args[0];
> +CPUState *cs = CPU(cpu);
> +
> +/*
> + * This does not do a targeted yield or confer, but check the parameter
> + * anyway. -1 means confer to all/any other CPUs.
> + */
> +if (target != -1 && !CPU(spapr_find_cpu(target))) {
> +return H_PARAMETER;
> +}
> +
> +/*
> + * H_CONFER with target == this is not exactly the same as H_JOIN
> + * according to PAPR (e.g., MSR[EE] check and single threaded check
> + * is not done in this case), but unlikely to matter.
> + */
> +if (cpu == spapr_find_cpu(target)) {
> +return h_join(cpu, spapr, opcode, args);
> +}
> +
> +/*
> + * This does not implement the dispatch sequence check that PAPR calls 
> for,
> + * but PAPR also specifies a stronger implementation where the target 
> must
> + * be run (or EE, or H_PROD) before H_CONFER returns. Without such a hard
> + * scheduling requirement implemented, there is no correctness reason to
> + * implement the dispatch sequence check.
> + */
> +cs->exception_index = EXCP_YIELD;
> +cpu_loop_exit(cs);
> +
> +return H_SUCCESS;
> +}
> +
> +/*
> + * H_PROD and H_CONFER are specified to only modify GPR r3, which is not
> + * achievable running under KVM,

Uh.. why not?

> although KVM already implements H_CONFER
> + * this way.

And this seems to contradict the above.

> + */
> +static target_ulong h_prod(PowerPCCPU *cpu, SpaprMachineState *spapr,
> +   target_ulong opcode, target_ulong *args)
> +{
> +target_long target = args[0];
> +CPUState *cs;
> +
> +/*
> + * Should set the prod flag in the VPA.

So.. why doesn't it?

> + */
> +
> +cs = CPU(spapr_find_cpu(target));
> +if (!cs) {
> +return H_PARAMETER;
> +}
> +
> +cs->halted = 0;
> +qemu_cpu_kick(cs);
> +
> +return H_SUCCESS;
> +}
> +
>  static target_ulong h_rtas(PowerPCCPU *cpu, SpaprMachineState *spapr,
> target_ulong opcode, target_ulong *args)
>  {
> @@ -1860,6 +1944,10 @@ static void hypercall_register_types(void)
>  /* hcall-splpar */
>  spapr_register_hypercall(H_REGISTER_VPA, h_register_vpa);
>  spapr_register_hypercall(H_CEDE, h_cede);
> +spapr_register_hypercall(H_CONFER, h_confer);
> +spapr_register_hypercall(H_JOIN, h_join);

I don't see any sign that H_JOIN is implemented in KVM, although
H_CONFER and H_PROD certainly are.

> +spapr_register_hypercall(H_PROD, h_prod);
> +
>  spapr_register_hypercall(H_SIGNAL_SYS_RESET, h_signal_sys_reset);
>  
>  /* processor register resource access h-calls */

Don't we also need to add something to hypertas-calls to advertise the
availability of these calls to the guest?

-- 
David Gibson| I'll have my music baroque, and my code
david AT gibson.dropbear.id.au  | minimalist, thank you.  NOT _the_ _other_
| _way_ _around_!
http://www.ozlabs.org/~dgibson


signature.asc
Description: PGP signature

Re: [Qemu-devel] [PATCH 5/6] memory_ldst: Add atomic ops for PTE updates

[David Gibson]

On Thu, Apr 11, 2019 at 10:00:03AM +0200, Cédric Le Goater wrote:
> From: Benjamin Herrenschmidt 
> 
> On some architectures, PTE updates for dirty and changed bits need
> to be performed atomically. This adds a couple of address_space_cmpxchg*
> helpers for that purpose.
> 
> Signed-off-by: Benjamin Herrenschmidt 
> Signed-off-by: Cédric Le Goater 

Reviewed-by: David Gibson 

But I think this needs to go past Paolo for review as memory subsystem 
maintainer.

> ---
>  include/exec/memory_ldst.inc.h |  6 +++
>  memory_ldst.inc.c  | 80 ++
>  2 files changed, 86 insertions(+)
> 
> diff --git a/include/exec/memory_ldst.inc.h b/include/exec/memory_ldst.inc.h
> index 272c20f02eae..f3cfa7e9a622 100644
> --- a/include/exec/memory_ldst.inc.h
> +++ b/include/exec/memory_ldst.inc.h
> @@ -28,6 +28,12 @@ extern uint64_t glue(address_space_ldq, SUFFIX)(ARG1_DECL,
>  hwaddr addr, MemTxAttrs attrs, MemTxResult *result);
>  extern void glue(address_space_stl_notdirty, SUFFIX)(ARG1_DECL,
>  hwaddr addr, uint32_t val, MemTxAttrs attrs, MemTxResult *result);
> +extern uint32_t glue(address_space_cmpxchgl_notdirty, SUFFIX)(ARG1_DECL,
> +hwaddr addr, uint32_t old, uint32_t new, MemTxAttrs attrs,
> +MemTxResult *result);
> +extern uint32_t glue(address_space_cmpxchgq_notdirty, SUFFIX)(ARG1_DECL,
> +hwaddr addr, uint64_t old, uint64_t new, MemTxAttrs attrs,
> +MemTxResult *result);
>  extern void glue(address_space_stw, SUFFIX)(ARG1_DECL,
>  hwaddr addr, uint32_t val, MemTxAttrs attrs, MemTxResult *result);
>  extern void glue(address_space_stl, SUFFIX)(ARG1_DECL,
> diff --git a/memory_ldst.inc.c b/memory_ldst.inc.c
> index acf865b900d7..1d58d2fea67d 100644
> --- a/memory_ldst.inc.c
> +++ b/memory_ldst.inc.c
> @@ -320,6 +320,86 @@ void glue(address_space_stl_notdirty, SUFFIX)(ARG1_DECL,
>  RCU_READ_UNLOCK();
>  }
>  
> +/* This is meant to be used for atomic PTE updates under MT-TCG */
> +uint32_t glue(address_space_cmpxchgl_notdirty, SUFFIX)(ARG1_DECL,
> +hwaddr addr, uint32_t old, uint32_t new, MemTxAttrs attrs,
> +MemTxResult *result)
> +{
> +uint8_t *ptr;
> +MemoryRegion *mr;
> +hwaddr l = 4;
> +hwaddr addr1;
> +MemTxResult r;
> +uint8_t dirty_log_mask;
> +
> +/* Must test result */
> +assert(result);
> +
> +RCU_READ_LOCK();
> +mr = TRANSLATE(addr, , , true, attrs);
> +if (l < 4 || !memory_access_is_direct(mr, true)) {
> +r = MEMTX_ERROR;
> +} else {
> +uint32_t orig = old;
> +
> +ptr = qemu_map_ram_ptr(mr->ram_block, addr1);
> +old = atomic_cmpxchg(ptr, orig, new);
> +
> +if (old == orig) {
> +dirty_log_mask = memory_region_get_dirty_log_mask(mr);
> +dirty_log_mask &= ~(1 << DIRTY_MEMORY_CODE);
> +
> cpu_physical_memory_set_dirty_range(memory_region_get_ram_addr(mr) +
> +addr, 4, dirty_log_mask);
> +}
> +r = MEMTX_OK;
> +}
> +*result = r;
> +RCU_READ_UNLOCK();
> +
> +return old;
> +}
> +
> +#ifdef CONFIG_ATOMIC64
> +/* This is meant to be used for atomic PTE updates under MT-TCG */
> +uint32_t glue(address_space_cmpxchgq_notdirty, SUFFIX)(ARG1_DECL,
> +hwaddr addr, uint64_t old, uint64_t new, MemTxAttrs attrs,
> +MemTxResult *result)
> +{
> +uint8_t *ptr;
> +MemoryRegion *mr;
> +hwaddr l = 8;
> +hwaddr addr1;
> +MemTxResult r;
> +uint8_t dirty_log_mask;
> +
> +/* Must test result */
> +assert(result);
> +
> +RCU_READ_LOCK();
> +mr = TRANSLATE(addr, , , true, attrs);
> +if (l < 8 || !memory_access_is_direct(mr, true)) {
> +r = MEMTX_ERROR;
> +} else {
> +uint32_t orig = old;
> +
> +ptr = qemu_map_ram_ptr(mr->ram_block, addr1);
> +old = atomic_cmpxchg(ptr, orig, new);
> +
> +if (old == orig) {
> +dirty_log_mask = memory_region_get_dirty_log_mask(mr);
> +dirty_log_mask &= ~(1 << DIRTY_MEMORY_CODE);
> +
> cpu_physical_memory_set_dirty_range(memory_region_get_ram_addr(mr) +
> +addr, 8, dirty_log_mask);
> +}
> +r = MEMTX_OK;
> +}
> +*result = r;
> +RCU_READ_UNLOCK();
> +
> +return old;
> +}
> +#endif /* CONFIG_ATOMIC64 */
> +
>  /* warning: addr must be aligned */
>  static inline void glue(address_space_stl_internal, SUFFIX)(ARG1_DECL,
>  hwaddr addr, uint32_t val, MemTxAttrs attrs,

-- 
David Gibson| I'll have my music baroque, and my code
david AT gibson.dropbear.id.au  | minimalist, thank you.  NOT _the_ _other_
| _way_ _around_!
http://www.ozlabs.org/~dgibson


signature.asc
Description: PGP signature

Re: [Qemu-devel] [PATCH 0/2] ui/cocoa: Fix absolute and relative input issues on Mojave

[Chen Zhang via Qemu-devel]

ping

> On Apr 8, 2019, at 10:04 AM, Chen Zhang  wrote:
> 
> The following patches fixed absolute and relative input device issues on 
> macOS Mojave.
> 
> Chen Zhang (2):
>   ui/cocoa: Fix absolute input device grabbing issue on Mojave
>   ui/cocoa: Fix mouse grabbing in fullscreen mode for relative input
> device
> 
>  ui/cocoa.m | 50 +++---
>  1 file changed, 47 insertions(+), 3 deletions(-)
> 
> -- 
> 2.19.2
> 

Re: [Qemu-devel] [PATCH] e1000: Never increment the RX undersize count register

[Jason Wang]

On 2019/4/15 上午11:29, Jason Wang wrote:


On 2019/4/5 下午6:31, Stefano Garzarella wrote:

On Thu, Apr 04, 2019 at 10:21:26AM -0500, Mark Kanda wrote:

From: Chris Kenna 

In situations where e1000 receives an undersized Ethernet frame,
QEMU increments the emulated "Receive Undersize Count (RUC)"
register when padding the frame.

This is incorrect because this an expected scenario (e.g. with
VLAN tag stripping) and not an error. As such, QEMU should not
increment the emulated RUC.

Fixes: 3b2743017749 ("e1000: Implementing various counters")

Reviewed-by: Mark Kanda 
Reviewed-by: Bhavesh Davda 
Signed-off-by: Chris Kenna 
---
  hw/net/e1000.c | 1 -
  1 file changed, 1 deletion(-)

CCing Jason.

LGTM, if we don't discard it, we shouldn't increase the RUC counter.

Reviewed-by: Stefano Garzarella 

Thanks,
Stefano



Applied.

Thanks



Actually queued for 4.1 consider it was not a series issue.

Thanks

Re: [Qemu-devel] [PATCH] e1000: Never increment the RX undersize count register

[Jason Wang]

On 2019/4/5 下午6:31, Stefano Garzarella wrote:

On Thu, Apr 04, 2019 at 10:21:26AM -0500, Mark Kanda wrote:

From: Chris Kenna 

In situations where e1000 receives an undersized Ethernet frame,
QEMU increments the emulated "Receive Undersize Count (RUC)"
register when padding the frame.

This is incorrect because this an expected scenario (e.g. with
VLAN tag stripping) and not an error. As such, QEMU should not
increment the emulated RUC.

Fixes: 3b2743017749 ("e1000: Implementing various counters")

Reviewed-by: Mark Kanda 
Reviewed-by: Bhavesh Davda 
Signed-off-by: Chris Kenna 
---
  hw/net/e1000.c | 1 -
  1 file changed, 1 deletion(-)

CCing Jason.

LGTM, if we don't discard it, we shouldn't increase the RUC counter.

Reviewed-by: Stefano Garzarella 

Thanks,
Stefano



Applied.

Thanks

Re: [Qemu-devel] [RFC PATCH] hw/arm/virt: use variable size of flash device to save memory

[Xiang Zheng]

On 2019/4/12 18:57, Kevin Wolf wrote:
> Am 12.04.2019 um 11:50 hat Xiang Zheng geschrieben:
>>
>> On 2019/4/12 9:52, Xiang Zheng wrote:
>>> On 2019/4/11 20:22, Kevin Wolf wrote:
 Okay, so your problem is that blk_pread() writes to the whole buffer,
 writing explicit zeroes for unallocated parts of the image, while you
 would like to leave those parts of the buffer untouched so that we don't
 actually allocate the memory, but can just use the shared zero page.

 If you just want to read the non-zero parts of the image, that can be
 done by using a loop that calls bdrv_block_status() and only reads from
 the image if the BDRV_BLOCK_ZERO bit is clear.

 Would this solve your problem?
>>>
>>> Sounds good! What if guest tried to read/write the zero parts?
>>>
>>
>> I wrote the below patch (refer to bdrv_make_zero()) for test, it seems
>> that everything is OK and the memory is also exactly allocated on demand.
>>
>> This requires pflash devices to use sparse files backend. Thus I have to
>> create images like:
>>
>>dd of="QEMU_EFI-pflash.raw" if="/dev/zero" bs=1M seek=64 count=0
>>dd of="QEMU_EFI-pflash.raw" if="QEMU_EFI.fd" conv=notrunc
>>
>>dd of="empty_VARS.fd" if="/dev/zero" bs=1M seek=64 count=0
>>
>>
>> ---8>---
>>
>> diff --git a/block/block-backend.c b/block/block-backend.c
>> index f78e82a..ed8ca87 100644
>> --- a/block/block-backend.c
>> +++ b/block/block-backend.c
>> @@ -1379,6 +1379,12 @@ BlockAIOCB *blk_aio_pwrite_zeroes(BlockBackend *blk, 
>> int64_t offset,
>>  flags | BDRV_REQ_ZERO_WRITE, cb, opaque);
>>  }
>>
>> +int blk_pread_nonzeroes(BlockBackend *blk, void *buf)
>> +{
>> +int ret = bdrv_pread_nonzeroes(blk->root, buf);
>> +return ret;
>> +}
> 
> I don't think this deserves a place in the public block layer interface,
> as it's only a single device that makes use of it.
> 
> Maybe you wrote things this way because there is no blk_block_status(),
> but you can get the BlockDriverState with blk_bs(blk) and then implement
> everything inside hw/block/block.c.

Yes, you are right.

> 
>>  int blk_pread(BlockBackend *blk, int64_t offset, void *buf, int count)
>>  {
>>  int ret = blk_prw(blk, offset, buf, count, blk_read_entry, 0);
>> diff --git a/block/io.c b/block/io.c
>> index dfc153b..83e5ea7 100644
>> --- a/block/io.c
>> +++ b/block/io.c
>> @@ -882,6 +882,38 @@ int bdrv_pwrite_zeroes(BdrvChild *child, int64_t offset,
>>  BDRV_REQ_ZERO_WRITE | flags);
>>  }
>>
>> +int bdrv_pread_nonzeroes(BdrvChild *child, void *buf)
>> +{
>> +int ret;
>> +int64_t target_size, bytes, offset = 0;
>> +BlockDriverState *bs = child->bs;
>> +
>> +target_size = bdrv_getlength(bs);
>> +if (target_size < 0) {
>> +return target_size;
>> +}
>> +
>> +for (;;) {
>> +bytes = MIN(target_size - offset, BDRV_REQUEST_MAX_BYTES);
>> +if (bytes <= 0) {
>> +return 0;
>> +}
>> +ret = bdrv_block_status(bs, offset, bytes, , NULL, NULL);
>> +if (ret < 0) {
>> +return ret;
>> +}
>> +if (ret & BDRV_BLOCK_ZERO) {
>> +offset += bytes;
>> +continue;
>> +}
>> +ret = bdrv_pread(child, offset, buf, bytes);
>> +if (ret < 0) {
>> +return ret;
>> +}
>> +offset += bytes;
> 
> I think the code becomes simpler the other way round:
> 
> if (!(ret & BDRV_BLOCK_ZERO)) {
> ret = bdrv_pread(child, offset, buf, bytes);
> if (ret < 0) {
> return ret;
> }
> }
> offset += bytes;
> 
> You don't increment buf, so if you have a hole in the file, this will
> corrupt the buffer. You need to either increment buf, too, or use
> (uint8_t*) buf + offset for the bdrv_pread() call.
> 

Yes, I didn't notice it. I think the latter is better. Does *BDRV_BLOCK_ZERO*
mean that there are all-zeroes data or a hole in the sector? But if I use an
image filled with zeroes, it will not set BDRV_BLOCK_ZERO bit on return.

Should I resend a patch?

---8>---

>From 4dbfe4955aa9fe23404cbe1890fbe148be2ff10e Mon Sep 17 00:00:00 2001
From: Xiang Zheng 
Date: Sat, 13 Apr 2019 02:27:03 +0800
Subject: [PATCH] pflash: Only read non-zero parts of backend image

Currently we fill the VIRT_FLASH memory space with two 64MB NOR images
when using persistent UEFI variables on virt board. Actually we only use
a very small(non-zero) part of the memory while the rest significant
large(zero) part of memory is wasted.

So this patch checks the block status and only writes the non-zero part
into memory. This requires pflash devices to use sparse files for
backends.

Signed-off-by: Xiang Zheng 
---
 hw/block/block.c | 40 +++-
 1 file changed, 39 insertions(+), 1 deletion(-)

diff --git a/hw/block/block.c b/hw/block/block.c
index bf56c76..3cb9d4c 100644
--- a/hw/block/block.c
+++ b/hw/block/block.c
@@ -15,6 +15,44 @@
 

Re: [Qemu-devel] [PATCH 3/4] target/ppc: improve performance of large BAT invalidations

[David Gibson]

On Fri, Apr 12, 2019 at 11:06:17PM +0200, Artyom Tarasenko wrote:
> Performing a complete flush is ~ 100 times faster than flushing
> 256MiB of 4KiB pages. Set a limit of 1024 pages and perform a complete
> flush afterwards.
> 
> This patch significantly speeds up AIX 5.1 and NetBSD-ofppc.
> 
> Signed-off-by: Artyom Tarasenko 

LGTM, applied to ppc-for-4.1.

> ---
>  target/ppc/mmu_helper.c | 7 +++
>  1 file changed, 7 insertions(+)
> 
> diff --git a/target/ppc/mmu_helper.c b/target/ppc/mmu_helper.c
> index 4a6be4d..d7eed3a 100644
> --- a/target/ppc/mmu_helper.c
> +++ b/target/ppc/mmu_helper.c
> @@ -1809,6 +1809,13 @@ static inline void do_invalidate_BAT(CPUPPCState *env, 
> target_ulong BATu,
>  
>  base = BATu & ~0x0001;
>  end = base + mask + 0x0002;
> +if (((end - base) >> TARGET_PAGE_BITS) > 1024) {
> +/* Flushing 1024 4K pages is slower than a complete flush */
> +LOG_BATS("Flush all BATs\n");
> +tlb_flush(CPU(cs));
> +LOG_BATS("Flush done\n");
> +return;
> +}
>  LOG_BATS("Flush BAT from " TARGET_FMT_lx " to " TARGET_FMT_lx " ("
>   TARGET_FMT_lx ")\n", base, end, mask);
>  for (page = base; page != end; page += TARGET_PAGE_SIZE) {

-- 
David Gibson| I'll have my music baroque, and my code
david AT gibson.dropbear.id.au  | minimalist, thank you.  NOT _the_ _other_
| _way_ _around_!
http://www.ozlabs.org/~dgibson


signature.asc
Description: PGP signature

[Qemu-devel] Booting from a Bootcamp partition

[Programmingkid]

Hi I was wondering if anyone has been able to boot from a bootcamp partition 
inside of QEMU. I know this partition can be used in QEMU but my own attempts 
at booting Windows 7 on my bootcamp partition did not work. I always see "A 
disk read error occurred". Has anyone else been successful at this? 

Re: [Qemu-devel] [PATCH 4/4] hw/isa/i82378.c: use 1900 as a base year

[Hervé Poussineau]

Le 14/04/2019 à 20:53, Artyom Tarasenko a écrit :

On Sun, Apr 14, 2019 at 7:01 PM Hervé Poussineau  wrote:


Le 12/04/2019 à 23:06, Artyom Tarasenko a écrit :

AIX 5.1 expects the base year to be 1900. Adjust accordingly.

Signed-off-by: Artyom Tarasenko 
---
   hw/isa/i82378.c | 4 +++-
   1 file changed, 3 insertions(+), 1 deletion(-)

diff --git a/hw/isa/i82378.c b/hw/isa/i82378.c
index a5d67bc..546c928 100644
--- a/hw/isa/i82378.c
+++ b/hw/isa/i82378.c
@@ -107,7 +107,9 @@ static void i82378_realize(PCIDevice *pci, Error **errp)
   isa = isa_create_simple(isabus, "i82374");

   /* timer */
-isa_create_simple(isabus, TYPE_MC146818_RTC);
+isa = isa_create(isabus, TYPE_MC146818_RTC);
+qdev_prop_set_int32(DEVICE(isa), "base_year", 1900);
+qdev_init_nofail(DEVICE(isa));


I am not sure the base_year should be hardcoded in i82378. I can assume other 
machines with a i82378 can have another base_year.


I doubt it to be honest. How would it work in the hardware? Is there a
pin which would switch a year?
I do believe the different i823xx may have the different base years though.


OK, I don't really know. So, your patch looks fine.

Reviewed-by: Hervé Poussineau 




Maybe you can you add a base_year property to i82378, and forward it to 
mc146818 with object_property_add_alias?
Then, change 40p machine to set it to 1900, without changing it for prep 
machine.


Were you not going to drop the -M prep ? Because I sort of dropped the
support for it in OFW.
I had a branch were I added some registers to -M prep  enough that it
would be able to turn itself out as a PowerStack II Utah,
but then again I couldn't find any advantage of having two PReP machines.
AFAIK, the only OS which can run on Powerstack, but not on 40p is Motorola AIX.
But since we can have IBM AIX, I don't see why would we want to keep -M prep.


I really want to drop support for prep. But, as long as prep is in code base, 
we shouldn't regress it too much.



On the other hand, if you plan to revive it, I'll think about adding
the support for it to OFW.
PowerStack had a Cirrus VGA which we already have.


   }

   static void i82378_init(Object *obj)



Hervé

Re: [Qemu-devel] [PATCH] ati-vga: Fix check for blt outside vram

[BALATON Zoltan]

On Tue, 9 Apr 2019, Philippe Mathieu-Daudé wrote:

This patch looks 4.0 worthwhile.


Now that it seems we'll have another rc, will this get in? Gerd, I think 
you have to send a pull request with it for that.


Regards,
BALATON Zoltan


On 4/9/19 12:56 PM, BALATON Zoltan wrote:

Fix the check preventing calling pixman functions that would access
memory outside allocated vram. The r128 X driver sometimes seem to try
blits that span outside vram, this check prevents crashing QEMU in
that case. (The r128 X driver may have problems even on real hardware
so I'm not sure if it's a client bug or emulation problem but at least
QEMU should survive.)

Signed-off-by: BALATON Zoltan 
Tested-by: Andrew Randrianasulu 
---
 hw/display/ati_2d.c | 12 ++--
 1 file changed, 6 insertions(+), 6 deletions(-)

diff --git a/hw/display/ati_2d.c b/hw/display/ati_2d.c
index bc98ba6eeb..fe3ae14864 100644
--- a/hw/display/ati_2d.c
+++ b/hw/display/ati_2d.c
@@ -79,10 +79,10 @@ void ati_2d_blt(ATIVGAState *s)
 s->regs.dst_width, s->regs.dst_height);
 end = s->vga.vram_ptr + s->vga.vram_size;
 if (src_bits >= end || dst_bits >= end ||
-src_bits + (s->regs.src_y + s->regs.dst_height) * src_stride +
-s->regs.src_x >= end ||
-dst_bits + (s->regs.dst_y + s->regs.dst_height) * dst_stride +
-s->regs.dst_x >= end) {
+src_bits + s->regs.src_x + (s->regs.src_y + s->regs.dst_height) *
+src_stride * sizeof(uint32_t) >= end ||
+dst_bits + s->regs.dst_x + (s->regs.dst_y + s->regs.dst_height) *
+dst_stride * sizeof(uint32_t) >= end) {
 qemu_log_mask(LOG_UNIMP, "blt outside vram not implemented\n");
 return;
 }
@@ -140,8 +140,8 @@ void ati_2d_blt(ATIVGAState *s)
 filler);
 end = s->vga.vram_ptr + s->vga.vram_size;
 if (dst_bits >= end ||
-dst_bits + (s->regs.dst_y + s->regs.dst_height) * dst_stride +
-s->regs.dst_x >= end) {
+dst_bits + s->regs.dst_x + (s->regs.dst_y + s->regs.dst_height) *
+dst_stride * sizeof(uint32_t) >= end) {
 qemu_log_mask(LOG_UNIMP, "blt outside vram not implemented\n");
 return;
 }

Re: [Qemu-devel] [PATCH] target/arm: Implement NSACR gating of floating point

[Richard Henderson]

On 4/14/19 8:02 AM, Peter Maydell wrote:
> There's similar wording for the effect of NSACR on CPACR, so
> again I think we need to actually make the bits RAZ/WI
> regardless of their underlying value, not just force them
> to 0.

I don't see that language for CPACR, just "the corresponding bits in the CPACR
ignore writes and read as 0b00".  I'm willing to believe the manual is sloppy
on this point though, and the "correct" language appears only once, somewhere.

You might want to something akin to arm_hcr_el2_eff so that you don't have to
replicate the NSACR logic in too many places...


r~

Re: [Qemu-devel] [PULL 0/2] Block layer patches for 4.0-rc4

[Peter Maydell]

On Fri, 12 Apr 2019 at 17:05, Kevin Wolf  wrote:
>
> The following changes since commit 13c24edaa742181af8d9c6b027ee366b04de1ea1:
>
>   qemu-img: fix .hx and .texi disparity (2019-04-12 14:17:10 +0100)
>
> are available in the Git repository at:
>
>   git://repo.or.cz/qemu/kevin.git tags/for-upstream
>
> for you to fetch changes up to 9749636b005d118259810afb92482df2fe0ae2ad:
>
>   iotest: Fix 241 to run in generic directory (2019-04-12 18:03:01 +0200)
>
> 
> Block layer patches:
>
> - iotests fixes

Applied, thanks.

Please update the changelog at https://wiki.qemu.org/ChangeLog/4.0
for any user-visible changes.

-- PMM

Re: [Qemu-devel] How to I trigger a rebuild?

[Joachim Durchholz]

Am 14.04.19 um 20:12 schrieb Peter Maydell:

On Sun, 14 Apr 2019 at 17:08, Joachim Durchholz  wrote:


Am 14.04.19 um 03:15 schrieb Max Filippov:

On Sat, Apr 13, 2019 at 8:28 AM Joachim Durchholz  wrote:

I did the usual ./configure; make dance.
Then modified a source file (ui/curses.c), called make again, but didn't
see curses.c recompiled, and the change was indeed ineffective.
make clean; make didn't help either.


Perhaps you don't have CONFIG_CURSES enabled?
Did you call configure with --enable-curses ?


Strange. "make help" tells me that everything is enabled by default if
possible, and I didn't tell configure to do anything specific.

But I find that curses is disabled indeed.
Heh. An explicit --enable-curses tells me it was missing the dev version
of ncurses.


Configure's default behaviour is "enable everything that we can
enable, but don't complain about not enabling optional features
which we can't build (eg because of missing -dev libraries)".
For "insist that foo is built and error out if it can't be done",
use "--enable-foo". For "definitely don't build foo even if we
could", use --disable-foo.


Well, that's what I guessed after the fact... it didn't occur to me that 
"what's possible" was defined as "what libraries are available".

Now that I know this, I know what to watch out for.


However... even with curses enabled, "make" does not do anything  after
modifying ui/curses.c.
In fact, just "make" tell's me I should have run ./config (WTF I did??),
and "make all"
But after ./configure is recompiles everything... nothing of this is
something that "make" should do, so I'm pretty confused.


This sounds like maybe you got confused somewhere along the line
about whether you'd (re-)run configure or not (or didn't
do a 'make clean' after running configure with the curses
support enabled).


Actually I got confused about where I was building.
I had set up things for an out-of-tree build but accidentally hit "make" 
in the source tree.



The other thing that might confuse you is that make will try
to spot when it needs to rerun configure and will rerun it
for you.


Oh dear. That didn't happen to me, but I see the trap-in-waiting.


I recommend doing builds only in a separate directory, by the way:
  mkdir build
  (cd build && ../configure [configure args])
  make -C build -j8


Yep, doing that already.

Regards,
Jo

Re: [Qemu-devel] [PATCH 4/4] hw/isa/i82378.c: use 1900 as a base year

[Artyom Tarasenko]

On Sun, Apr 14, 2019 at 7:01 PM Hervé Poussineau  wrote:
>
> Le 12/04/2019 à 23:06, Artyom Tarasenko a écrit :
> > AIX 5.1 expects the base year to be 1900. Adjust accordingly.
> >
> > Signed-off-by: Artyom Tarasenko 
> > ---
> >   hw/isa/i82378.c | 4 +++-
> >   1 file changed, 3 insertions(+), 1 deletion(-)
> >
> > diff --git a/hw/isa/i82378.c b/hw/isa/i82378.c
> > index a5d67bc..546c928 100644
> > --- a/hw/isa/i82378.c
> > +++ b/hw/isa/i82378.c
> > @@ -107,7 +107,9 @@ static void i82378_realize(PCIDevice *pci, Error **errp)
> >   isa = isa_create_simple(isabus, "i82374");
> >
> >   /* timer */
> > -isa_create_simple(isabus, TYPE_MC146818_RTC);
> > +isa = isa_create(isabus, TYPE_MC146818_RTC);
> > +qdev_prop_set_int32(DEVICE(isa), "base_year", 1900);
> > +qdev_init_nofail(DEVICE(isa));
>
> I am not sure the base_year should be hardcoded in i82378. I can assume other 
> machines with a i82378 can have another base_year.

I doubt it to be honest. How would it work in the hardware? Is there a
pin which would switch a year?
I do believe the different i823xx may have the different base years though.

> Maybe you can you add a base_year property to i82378, and forward it to 
> mc146818 with object_property_add_alias?
> Then, change 40p machine to set it to 1900, without changing it for prep 
> machine.

Were you not going to drop the -M prep ? Because I sort of dropped the
support for it in OFW.
I had a branch were I added some registers to -M prep  enough that it
would be able to turn itself out as a PowerStack II Utah,
but then again I couldn't find any advantage of having two PReP machines.
AFAIK, the only OS which can run on Powerstack, but not on 40p is Motorola AIX.
But since we can have IBM AIX, I don't see why would we want to keep -M prep.

On the other hand, if you plan to revive it, I'll think about adding
the support for it to OFW.
PowerStack had a Cirrus VGA which we already have.

> >   }
> >
> >   static void i82378_init(Object *obj)
> >
>
> Hervé



-- 
Regards,
Artyom Tarasenko

SPARC and PPC PReP under qemu blog: http://tyom.blogspot.com/search/label/qemu

Re: [Qemu-devel] [PATCH 1/4] lsi53c895a: hide 53c895a registers in 53c810

[Artyom Tarasenko]

On Sun, Apr 14, 2019 at 5:43 PM Hervé Poussineau  wrote:
>
> Le 12/04/2019 à 23:06, Artyom Tarasenko a écrit :
> > AIX/PReP does access to the aliased IO registers of 53810.
> > Implement aliasing to make the AIX driver work.
> >
> > Signed-off-by: Artyom Tarasenko 
> > ---
> >   hw/scsi/lsi53c895a.c | 31 ++-
> >   1 file changed, 26 insertions(+), 5 deletions(-)
> >
> > diff --git a/hw/scsi/lsi53c895a.c b/hw/scsi/lsi53c895a.c
> > index da7239d..08841e0 100644
> > --- a/hw/scsi/lsi53c895a.c
> > +++ b/hw/scsi/lsi53c895a.c
> > @@ -2266,11 +2266,13 @@ static const struct SCSIBusInfo lsi_scsi_info = {
> >   .cancel = lsi_request_cancelled
> >   };
> >
> > -static void lsi_scsi_realize(PCIDevice *dev, Error **errp)
> > +static void lsi_scsi_realize_8xx(PCIDevice *dev, Error **errp, uint16_t 
> > type)
>
> You can probably remove this change, and replace it by
> uint16_t type = PCI_DEVICE_GET_CLASS(dev)->device_id;

Brilliant! Will do in V2, thainks.

Regards,
Artyom
> >   {
> >   LSIState *s = LSI53C895A(dev);
> >   DeviceState *d = DEVICE(dev);
> >   uint8_t *pci_conf;
> > +uint64_t mmio_size;
> > +MemoryRegion *mr;
> >
> >   pci_conf = dev->config;
> >
> > @@ -2279,13 +2281,21 @@ static void lsi_scsi_realize(PCIDevice *dev, Error 
> > **errp)
> >   /* Interrupt pin A */
> >   pci_conf[PCI_INTERRUPT_PIN] = 0x01;
> >
> > -memory_region_init_io(>mmio_io, OBJECT(s), _mmio_ops, s,
> > -  "lsi-mmio", 0x400);
> >   memory_region_init_io(>ram_io, OBJECT(s), _ram_ops, s,
> > "lsi-ram", 0x2000);
> >   memory_region_init_io(>io_io, OBJECT(s), _io_ops, s,
> > "lsi-io", 256);
> > -
> > +if (type == PCI_DEVICE_ID_LSI_53C895A) {
> > +mmio_size = 0x400;
> > +} else {
> > +mr = g_new(MemoryRegion, 1);
> > +memory_region_init_alias(mr, OBJECT(d), "lsi-io-alias", >io_io,
> > + 0, 0x80);
> > +memory_region_add_subregion_overlap(>io_io, 0x80, mr, -1);
> > +mmio_size = 0x80;
> > +}
> > +memory_region_init_io(>mmio_io, OBJECT(s), _mmio_ops, s,
> > +  "lsi-mmio", mmio_size);
> >   address_space_init(>pci_io_as, pci_address_space_io(dev), 
> > "lsi-pci-io");
> >   qdev_init_gpio_out(d, >ext_irq, 1);
> >
> > @@ -2297,6 +2307,16 @@ static void lsi_scsi_realize(PCIDevice *dev, Error 
> > **errp)
> >   scsi_bus_new(>bus, sizeof(s->bus), d, _scsi_info, NULL);
> >   }
> >
> > +static void lsi_scsi_realize_895A(PCIDevice *dev, Error **errp)
> > +{
> > +lsi_scsi_realize_8xx(dev, errp, PCI_DEVICE_ID_LSI_53C895A);
> > +}
> > +
> > +static void lsi_scsi_realize_810(PCIDevice *dev, Error **errp)
> > +{
> > +lsi_scsi_realize_8xx(dev, errp, PCI_DEVICE_ID_LSI_53C810);
> > +}
>
> ... so you can also remove these functions
> > +
> >   static void lsi_scsi_unrealize(DeviceState *dev, Error **errp)
> >   {
> >   LSIState *s = LSI53C895A(dev);
> > @@ -2309,7 +2329,7 @@ static void lsi_class_init(ObjectClass *klass, void 
> > *data)
> >   DeviceClass *dc = DEVICE_CLASS(klass);
> >   PCIDeviceClass *k = PCI_DEVICE_CLASS(klass);
> >
> > -k->realize = lsi_scsi_realize;
> > +k->realize = lsi_scsi_realize_895A;
>
> ... so you can also remove this change
> >   k->vendor_id = PCI_VENDOR_ID_LSI_LOGIC;
> >   k->device_id = PCI_DEVICE_ID_LSI_53C895A;
> >   k->class_id = PCI_CLASS_STORAGE_SCSI;
> > @@ -2335,6 +2355,7 @@ static void lsi53c810_class_init(ObjectClass *klass, 
> > void *data)
> >   {
> >   PCIDeviceClass *k = PCI_DEVICE_CLASS(klass);
> >
> > +k->realize = lsi_scsi_realize_810;
> ... and this one.
>
> >   k->device_id = PCI_DEVICE_ID_LSI_53C810;
> >   }
> >
> >
>
> Hervé



-- 
Regards,
Artyom Tarasenko

SPARC and PPC PReP under qemu blog: http://tyom.blogspot.com/search/label/qemu

Re: [Qemu-devel] How to I trigger a rebuild?

[Peter Maydell]

On Sun, 14 Apr 2019 at 17:08, Joachim Durchholz  wrote:
>
> Am 14.04.19 um 03:15 schrieb Max Filippov:
> > On Sat, Apr 13, 2019 at 8:28 AM Joachim Durchholz  
> > wrote:
> >> I did the usual ./configure; make dance.
> >> Then modified a source file (ui/curses.c), called make again, but didn't
> >> see curses.c recompiled, and the change was indeed ineffective.
> >> make clean; make didn't help either.
> >
> > Perhaps you don't have CONFIG_CURSES enabled?
> > Did you call configure with --enable-curses ?
>
> Strange. "make help" tells me that everything is enabled by default if
> possible, and I didn't tell configure to do anything specific.
>
> But I find that curses is disabled indeed.
> Heh. An explicit --enable-curses tells me it was missing the dev version
> of ncurses.

Configure's default behaviour is "enable everything that we can
enable, but don't complain about not enabling optional features
which we can't build (eg because of missing -dev libraries)".
For "insist that foo is built and error out if it can't be done",
use "--enable-foo". For "definitely don't build foo even if we
could", use --disable-foo.

> However... even with curses enabled, "make" does not do anything  after
> modifying ui/curses.c.
> In fact, just "make" tell's me I should have run ./config (WTF I did??),
> and "make all"
> But after ./configure is recompiles everything... nothing of this is
> something that "make" should do, so I'm pretty confused.

This sounds like maybe you got confused somewhere along the line
about whether you'd (re-)run configure or not (or didn't
do a 'make clean' after running configure with the curses
support enabled).

The other thing that might confuse you is that make will try
to spot when it needs to rerun configure and will rerun it
for you.

I recommend doing builds only in a separate directory, by the way:
 mkdir build
 (cd build && ../configure [configure args])
 make -C build -j8

Then you can always just rm -rf the build dir and it doesn't
leave stuff lying around in the source tree. You can also
do multiple different builds with different configure
setups without having to do a complete build from clean.
(If you've previously done an in-source-directory build
you'll need to 'make distclean' it before doing out of tree
builds.)

thanks
-- PMM

Re: [Qemu-devel] [PATCH] target/arm: Implement NSACR gating of floating point

[Peter Maydell]

On Sat, 13 Apr 2019 at 08:07, Richard Henderson
 wrote:
>
> On 4/11/19 5:39 AM, Peter Maydell wrote:
> > +static uint64_t cptr_el2_read(CPUARMState *env, const ARMCPRegInfo *ri)
> > +{
> > +/*
> > + * For A-profile AArch32 EL3, if NSACR.CP10
> > + * is 0 then HCPTR.{TCP11,TCP10} ignore writes and read as 1.
> > + */
> > +uint64_t value = env->cp15.cptr_el[2];
> > +
> > +if (arm_feature(env, ARM_FEATURE_EL3) && !arm_el_is_aa64(env, 3) &&
> > +!arm_is_secure(env) && !extract32(env->cp15.nsacr, 10, 1)) {
> > +value &= ~(0x3 << 10);
>
> Read as 1, and yet you're clearing the value?  Cut-n-paste error from CPACR?
> Surely better to do nothing on read, but set on write (to either HCPTR or 
> NSACR).

The spec says the HCPTR bits must "behave as RAO/WI, regardless of
their actual value", which I interpret as being 'we must make
read and write do RAO/WI but preserve whatever the underlying
bit values happen to be'. You're right that I've incorrectly
made it clear the bits rather than set them, though.

> > +static uint64_t cpacr_read(CPUARMState *env, const ARMCPRegInfo *ri)
> > +{
> > +/*
> > + * For A-profile AArch32 EL3 (but not M-profile secure mode), if 
> > NSACR.CP10
> > + * is 0 then CPACR.{CP11,CP10} ignore writes and read as 0b00.
> > + */
> > +uint64_t value = env->cp15.cpacr_el1;
> > +
> > +if (arm_feature(env, ARM_FEATURE_EL3) && !arm_el_is_aa64(env, 3) &&
> > +!arm_is_secure(env) && !extract32(env->cp15.nsacr, 10, 1)) {
> > +value &= ~(0xf << 20);
> > +}
>
> This one does do the right thing, but better to clear the bits on write to
> NSACR.  This lets you avoid the change to fp_exception_el, and the missing
> change to sve_exception_el.

There's similar wording for the effect of NSACR on CPACR, so
again I think we need to actually make the bits RAZ/WI
regardless of their underlying value, not just force them
to 0.

thanks
-- PMM

Re: [Qemu-devel] How to use QEMU's "cpu_physical_memory_" functions?

[Peter Maydell]

On Sat, 13 Apr 2019 at 10:47, 宋延杰  wrote:
> I have started a project which requires the host to continuously write to
> VM's memory. VM reads its memory and performs some operations.
> I've found in this thread
>  that
> I can use QEMU's "cpu_physical_memory_" functions. And I have found their
> definitions in "include/exec/cpu-common.h" in the source code of QEMU.

For QEMU functions which access guest memory, see
docs/devel/loads-stores.rst. cpu_physical_memory_* are
generally not what you want to use in current QEMU,
though some legacy code does.

thanks
-- PMM

Re: [Qemu-devel] [PATCH 4/4] hw/isa/i82378.c: use 1900 as a base year

[Hervé Poussineau]

Le 12/04/2019 à 23:06, Artyom Tarasenko a écrit :

AIX 5.1 expects the base year to be 1900. Adjust accordingly.

Signed-off-by: Artyom Tarasenko 
---
  hw/isa/i82378.c | 4 +++-
  1 file changed, 3 insertions(+), 1 deletion(-)

diff --git a/hw/isa/i82378.c b/hw/isa/i82378.c
index a5d67bc..546c928 100644
--- a/hw/isa/i82378.c
+++ b/hw/isa/i82378.c
@@ -107,7 +107,9 @@ static void i82378_realize(PCIDevice *pci, Error **errp)
  isa = isa_create_simple(isabus, "i82374");
  
  /* timer */

-isa_create_simple(isabus, TYPE_MC146818_RTC);
+isa = isa_create(isabus, TYPE_MC146818_RTC);
+qdev_prop_set_int32(DEVICE(isa), "base_year", 1900);
+qdev_init_nofail(DEVICE(isa));


I am not sure the base_year should be hardcoded in i82378. I can assume other 
machines with a i82378 can have another base_year.
Maybe you can you add a base_year property to i82378, and forward it to 
mc146818 with object_property_add_alias?
Then, change 40p machine to set it to 1900, without changing it for prep 
machine.


  }
  
  static void i82378_init(Object *obj)




Hervé

Re: [Qemu-devel] How to I trigger a rebuild?

[Joachim Durchholz]

Am 14.04.19 um 03:15 schrieb Max Filippov:

On Sat, Apr 13, 2019 at 8:28 AM Joachim Durchholz  wrote:

I did the usual ./configure; make dance.
Then modified a source file (ui/curses.c), called make again, but didn't
see curses.c recompiled, and the change was indeed ineffective.
make clean; make didn't help either.


Perhaps you don't have CONFIG_CURSES enabled?
Did you call configure with --enable-curses ?


Strange. "make help" tells me that everything is enabled by default if 
possible, and I didn't tell configure to do anything specific.


But I find that curses is disabled indeed.
Heh. An explicit --enable-curses tells me it was missing the dev version 
of ncurses.


However... even with curses enabled, "make" does not do anything  after 
modifying ui/curses.c.
In fact, just "make" tell's me I should have run ./config (WTF I did??), 
and "make all"
But after ./configure is recompiles everything... nothing of this is 
something that "make" should do, so I'm pretty confused.


Regards,
Jo

Re: [Qemu-devel] [PATCH 3/4] target/ppc: improve performance of large BAT invalidations

[Hervé Poussineau]

Le 12/04/2019 à 23:06, Artyom Tarasenko a écrit :

Performing a complete flush is ~ 100 times faster than flushing
256MiB of 4KiB pages. Set a limit of 1024 pages and perform a complete
flush afterwards.

This patch significantly speeds up AIX 5.1 and NetBSD-ofppc.

Signed-off-by: Artyom Tarasenko 
---
  target/ppc/mmu_helper.c | 7 +++
  1 file changed, 7 insertions(+)


Reviewed-by: Hervé Poussineau 

Re: [Qemu-devel] [PATCH 1/4] lsi53c895a: hide 53c895a registers in 53c810

[Hervé Poussineau]

Le 12/04/2019 à 23:06, Artyom Tarasenko a écrit :

AIX/PReP does access to the aliased IO registers of 53810.
Implement aliasing to make the AIX driver work.

Signed-off-by: Artyom Tarasenko 
---
  hw/scsi/lsi53c895a.c | 31 ++-
  1 file changed, 26 insertions(+), 5 deletions(-)

diff --git a/hw/scsi/lsi53c895a.c b/hw/scsi/lsi53c895a.c
index da7239d..08841e0 100644
--- a/hw/scsi/lsi53c895a.c
+++ b/hw/scsi/lsi53c895a.c
@@ -2266,11 +2266,13 @@ static const struct SCSIBusInfo lsi_scsi_info = {
  .cancel = lsi_request_cancelled
  };
  
-static void lsi_scsi_realize(PCIDevice *dev, Error **errp)

+static void lsi_scsi_realize_8xx(PCIDevice *dev, Error **errp, uint16_t type)


You can probably remove this change, and replace it by
uint16_t type = PCI_DEVICE_GET_CLASS(dev)->device_id;


  {
  LSIState *s = LSI53C895A(dev);
  DeviceState *d = DEVICE(dev);
  uint8_t *pci_conf;
+uint64_t mmio_size;
+MemoryRegion *mr;
  
  pci_conf = dev->config;
  
@@ -2279,13 +2281,21 @@ static void lsi_scsi_realize(PCIDevice *dev, Error **errp)

  /* Interrupt pin A */
  pci_conf[PCI_INTERRUPT_PIN] = 0x01;
  
-memory_region_init_io(>mmio_io, OBJECT(s), _mmio_ops, s,

-  "lsi-mmio", 0x400);
  memory_region_init_io(>ram_io, OBJECT(s), _ram_ops, s,
"lsi-ram", 0x2000);
  memory_region_init_io(>io_io, OBJECT(s), _io_ops, s,
"lsi-io", 256);
-
+if (type == PCI_DEVICE_ID_LSI_53C895A) {
+mmio_size = 0x400;
+} else {
+mr = g_new(MemoryRegion, 1);
+memory_region_init_alias(mr, OBJECT(d), "lsi-io-alias", >io_io,
+ 0, 0x80);
+memory_region_add_subregion_overlap(>io_io, 0x80, mr, -1);
+mmio_size = 0x80;
+}
+memory_region_init_io(>mmio_io, OBJECT(s), _mmio_ops, s,
+  "lsi-mmio", mmio_size);
  address_space_init(>pci_io_as, pci_address_space_io(dev), 
"lsi-pci-io");
  qdev_init_gpio_out(d, >ext_irq, 1);
  
@@ -2297,6 +2307,16 @@ static void lsi_scsi_realize(PCIDevice *dev, Error **errp)

  scsi_bus_new(>bus, sizeof(s->bus), d, _scsi_info, NULL);
  }
  
+static void lsi_scsi_realize_895A(PCIDevice *dev, Error **errp)

+{
+lsi_scsi_realize_8xx(dev, errp, PCI_DEVICE_ID_LSI_53C895A);
+}
+
+static void lsi_scsi_realize_810(PCIDevice *dev, Error **errp)
+{
+lsi_scsi_realize_8xx(dev, errp, PCI_DEVICE_ID_LSI_53C810);
+}


... so you can also remove these functions

+
  static void lsi_scsi_unrealize(DeviceState *dev, Error **errp)
  {
  LSIState *s = LSI53C895A(dev);
@@ -2309,7 +2329,7 @@ static void lsi_class_init(ObjectClass *klass, void *data)
  DeviceClass *dc = DEVICE_CLASS(klass);
  PCIDeviceClass *k = PCI_DEVICE_CLASS(klass);
  
-k->realize = lsi_scsi_realize;

+k->realize = lsi_scsi_realize_895A;


... so you can also remove this change

  k->vendor_id = PCI_VENDOR_ID_LSI_LOGIC;
  k->device_id = PCI_DEVICE_ID_LSI_53C895A;
  k->class_id = PCI_CLASS_STORAGE_SCSI;
@@ -2335,6 +2355,7 @@ static void lsi53c810_class_init(ObjectClass *klass, void 
*data)
  {
  PCIDeviceClass *k = PCI_DEVICE_CLASS(klass);
  
+k->realize = lsi_scsi_realize_810;

... and this one.


  k->device_id = PCI_DEVICE_ID_LSI_53C810;
  }
  



Hervé

Re: [Qemu-devel] [PATCH 2/4] 40p and prep: implement PCI bus mastering

[Hervé Poussineau]

Le 12/04/2019 à 23:06, Artyom Tarasenko a écrit :

Signed-off-by: Artyom Tarasenko 
---
  hw/pci-host/prep.c | 16 
  1 file changed, 12 insertions(+), 4 deletions(-)


Reviewed-by: Hervé Poussineau 

Re: [Qemu-devel] [PATCH RFC 1/1] block/rbd: increase dynamically the image size

[Jason Dillaman]

On Sun, Apr 14, 2019 at 9:20 AM Stefano Garzarella  wrote:
>
> On Thu, Apr 11, 2019 at 01:06:49PM -0400, Jason Dillaman wrote:
> > On Thu, Apr 11, 2019 at 9:02 AM Stefano Garzarella  
> > wrote:
> > >
> > > On Thu, Apr 11, 2019 at 08:35:44AM -0400, Jason Dillaman wrote:
> > > > On Thu, Apr 11, 2019 at 7:00 AM Stefano Garzarella 
> > > >  wrote:
> > > > >
> > > > > RBD APIs don't allow us to write more than the size set with 
> > > > > rbd_create()
> > > > > or rbd_resize().
> > > > > In order to support growing images (eg. qcow2), we resize the image
> > > > > before RW operations that exceed the current size.
> > > >
> > > > What's the use-case for storing qcow2 images within a RBD image? RBD
> > > > images are already thinly provisioned, they support snapshots, they
> > > > can form a parent/child linked image hierarchy.
> > > >
> > >
> > > Hi Jason,
> > > I understand your point of view, maybe one use case could be if you have
> > > a qcow2 image and you want to put it in the rdb pool without convert it.
> > >
> > > I'm going through this BZ [1] and I'll ask if they have other
> > > use cases in mind.
> >
> > Assuming no good use-cases, perhaps it would just be better to make
> > the qemu-img error messages more clear.
> >
>
> Hi Jason,
> I asked about use-cases and they want to use qcow2 on rbd in order to
> take advantage of these qcow2 features [1]: external snapshots,
> Copy-on-write, and optional compression and encryption.
>
> Maybe the more interesting are external snapshots and Copy-on-write,

Copy-on-write is natively supported by RBD. The concept of external
snapshots seems similar to just automating the process of creating a
new copy-on-write image. Compression is also supported by Ceph on the
cluster side by recent releases.

> since encryption can be achieved with LUKS and rbd should support
> compression for a specified pool.
>
> [1] https://bugzilla.redhat.com/show_bug.cgi?id=1171007#c13
>
> Cheers,
> Stefano



-- 
Jason

Re: [Qemu-devel] [PATCH RFC v6 12/12] include/hw/regiserfields.h: Add 8bit and 16bit registers

[Yoshinori Sato]

On Thu, 11 Apr 2019 19:09:38 +0900,
Philippe Mathieu-Daudé wrote:
> 
> Hi Yoshinori,
> 
> Note about the patch subject:
> - typo in regiserfields (missing 't') -> registerfields
> - I'd simply use "hw/registerfields: Add 8bit and 16bit register macros"

OK.

> On 4/1/19 4:03 PM, Yoshinori Sato wrote:
> > Some RX peripheral using 8bit and 16bit registers.
> > Added 8bit and 16bit APIs.
> > 
> > Signed-off-by: Yoshinori Sato 
> > ---
> >  include/hw/registerfields.h | 10 ++
> >  1 file changed, 10 insertions(+)
> > 
> > diff --git a/include/hw/registerfields.h b/include/hw/registerfields.h
> > index 2659a58737..f6bf911990 100644
> > --- a/include/hw/registerfields.h
> > +++ b/include/hw/registerfields.h
> > @@ -22,6 +22,14 @@
> >  enum { A_ ## reg = (addr) };  \
> >  enum { R_ ## reg = (addr) / 4 };
> >  
> > +#define REG8(reg, addr)  \
> > +enum { A_ ## reg = (addr) };  \
> > +enum { R_ ## reg = (addr) };
> > +
> > +#define REG16(reg, addr)  \
> > +enum { A_ ## reg = (addr) };  \
> > +enum { R_ ## reg = (addr) / 2 };
> > +
> >  /* Define SHIFT, LENGTH and MASK constants for a field within a register */
> >  
> >  /* This macro will define R_FOO_BAR_MASK, R_FOO_BAR_SHIFT and 
> > R_FOO_BAR_LENGTH
> > @@ -40,6 +48,8 @@
> >  #define FIELD_EX64(storage, reg, field)   \
> >  extract64((storage), R_ ## reg ## _ ## field ## _SHIFT,   \
> >R_ ## reg ## _ ## field ## _LENGTH)
> > +#define FIELD_EX8  FIELD_EX32
> > +#define FIELD_EX16 FIELD_EX32
> >  
> >  /* Extract a field from an array of registers */
> >  #define ARRAY_FIELD_EX32(regs, reg, field)\
> 
> For completeness, what about adding FIELD_DP8() and FIELD_DP16()?

I did not add it because I did not use it.
Certainly it is strange that there is no these, so I will add it.
As the registerfields support is incomplete, we will fix it together.

> Regards,
> 
> Phil.
> 

-- 
Yosinori Sato

Re: [Qemu-devel] [PATCH RFC 1/1] block/rbd: increase dynamically the image size

[Stefano Garzarella]

On Thu, Apr 11, 2019 at 01:06:49PM -0400, Jason Dillaman wrote:
> On Thu, Apr 11, 2019 at 9:02 AM Stefano Garzarella  
> wrote:
> >
> > On Thu, Apr 11, 2019 at 08:35:44AM -0400, Jason Dillaman wrote:
> > > On Thu, Apr 11, 2019 at 7:00 AM Stefano Garzarella  
> > > wrote:
> > > >
> > > > RBD APIs don't allow us to write more than the size set with 
> > > > rbd_create()
> > > > or rbd_resize().
> > > > In order to support growing images (eg. qcow2), we resize the image
> > > > before RW operations that exceed the current size.
> > >
> > > What's the use-case for storing qcow2 images within a RBD image? RBD
> > > images are already thinly provisioned, they support snapshots, they
> > > can form a parent/child linked image hierarchy.
> > >
> >
> > Hi Jason,
> > I understand your point of view, maybe one use case could be if you have
> > a qcow2 image and you want to put it in the rdb pool without convert it.
> >
> > I'm going through this BZ [1] and I'll ask if they have other
> > use cases in mind.
> 
> Assuming no good use-cases, perhaps it would just be better to make
> the qemu-img error messages more clear.
> 

Hi Jason,
I asked about use-cases and they want to use qcow2 on rbd in order to
take advantage of these qcow2 features [1]: external snapshots,
Copy-on-write, and optional compression and encryption.

Maybe the more interesting are external snapshots and Copy-on-write,
since encryption can be achieved with LUKS and rbd should support
compression for a specified pool.

[1] https://bugzilla.redhat.com/show_bug.cgi?id=1171007#c13

Cheers,
Stefano

Re: [Qemu-devel] [RFC-PATCH] Introducing virtio-example device.

[Yoni Bettan]

On 4/10/19 10:25 PM, Stefan Hajnoczi wrote:

On Wed, Apr 10, 2019 at 4:45 PM Yoni Bettan  wrote:

On 4/9/19 4:17 PM, Stefan Hajnoczi wrote:

On Mon, Apr 01, 2019 at 02:18:43PM +0300, Yoni Bettan wrote:
There are multiple problems with the code, but the larger issue is that
this example device is just helping people shoot themselves in the foot
more easily.


If you can point me to those problem I will be glad so I can update the
code and understand those problems you are talking about.

Please see Eduardo's reply.  I didn't review much since he already
pointed out many things.

One thing he didn't mention:
+elem = virtqueue_pop(vq, sizeof(VirtQueueElement));

The return value can be NULL.  Spurious notifications could happen so
the code shouldn't crash when this returns NULL.

I apologize for the critical replies.  What you're doing is valuable.
I think explaining the VIRTIO device model and the order in which
things are done will lead to higher quality devices so I'm making a
lot of noise about it :).



It is OK, I will write some basic specification for the device and start 
iterating spec-device-driver according to Rustie's paper, Eduardo's 
review, and you advice.



Thanks.



Stefan