[Qemu-devel] [PATCH] add some tests for invalid JSON
Signed-off-by: Paolo Bonzini
---
check-qjson.c | 98 -
1 files changed, 97 insertions(+), 1 deletions(-)
diff --git a/check-qjson.c b/check-qjson.c
index 109e777..a04e334 100644
--- a/check-qjson.c
+++ b/check-qjson.c
@@ -628,11 +628,90 @@ START_TEST(simple_varargs)
}
END_TEST
+START_TEST(empty_input)
+{
+QObject *obj = qobject_from_json("");
+fail_unless(obj == NULL);
+}
+END_TEST
+
+START_TEST(unterminated_string)
+{
+QObject *obj = qobject_from_json("\"abc");
+fail_unless(obj == NULL);
+}
+END_TEST
+
+START_TEST(unterminated_sq_string)
+{
+QObject *obj = qobject_from_json("'abc");
+fail_unless(obj == NULL);
+}
+END_TEST
+
+START_TEST(unterminated_escape)
+{
+QObject *obj = qobject_from_json("\"abc\\\"");
+fail_unless(obj == NULL);
+}
+END_TEST
+
+START_TEST(unterminated_array)
+{
+QObject *obj = qobject_from_json("[32");
+fail_unless(obj == NULL);
+}
+END_TEST
+
+START_TEST(unterminated_array_comma)
+{
+QObject *obj = qobject_from_json("[32,");
+fail_unless(obj == NULL);
+}
+END_TEST
+
+START_TEST(invalid_array_comma)
+{
+QObject *obj = qobject_from_json("[32,}");
+fail_unless(obj == NULL);
+}
+END_TEST
+
+START_TEST(unterminated_dict)
+{
+QObject *obj = qobject_from_json("{'abc':32");
+fail_unless(obj == NULL);
+}
+END_TEST
+
+START_TEST(unterminated_dict_comma)
+{
+QObject *obj = qobject_from_json("{'abc':32,");
+fail_unless(obj == NULL);
+}
+END_TEST
+
+#if 0
+START_TEST(invalid_dict_comma)
+{
+QObject *obj = qobject_from_json("{'abc':32,}");
+fail_unless(obj == NULL);
+}
+END_TEST
+
+START_TEST(unterminated_literal)
+{
+QObject *obj = qobject_from_json("nul");
+fail_unless(obj == NULL);
+}
+END_TEST
+#endif
+
static Suite *qjson_suite(void)
{
Suite *suite;
TCase *string_literals, *number_literals, *keyword_literals;
-TCase *dicts, *lists, *whitespace, *varargs;
+TCase *dicts, *lists, *whitespace, *varargs, *errors;
string_literals = tcase_create("String Literals");
tcase_add_test(string_literals, simple_string);
@@ -658,6 +737,22 @@ static Suite *qjson_suite(void)
varargs = tcase_create("Varargs");
tcase_add_test(varargs, simple_varargs);
+errors = tcase_create("Invalid JSON");
+tcase_add_test(errors, empty_input);
+tcase_add_test(errors, unterminated_string);
+tcase_add_test(errors, unterminated_escape);
+tcase_add_test(errors, unterminated_sq_string);
+tcase_add_test(errors, unterminated_array);
+tcase_add_test(errors, unterminated_array_comma);
+tcase_add_test(errors, invalid_array_comma);
+tcase_add_test(errors, unterminated_dict);
+tcase_add_test(errors, unterminated_dict_comma);
+#if 0
+/* FIXME: this print parse error messages on stderr. */
+tcase_add_test(errors, invalid_dict_comma);
+tcase_add_test(errors, unterminated_literal);
+#endif
+
suite = suite_create("QJSON test-suite");
suite_add_tcase(suite, string_literals);
suite_add_tcase(suite, number_literals);
@@ -666,6 +761,7 @@ static Suite *qjson_suite(void)
suite_add_tcase(suite, lists);
suite_add_tcase(suite, whitespace);
suite_add_tcase(suite, varargs);
+suite_add_tcase(suite, errors);
return suite;
}
--
1.6.6.1
[Qemu-devel] [PATCH] do not require lookahead in json-lexer.c if not necessary
> Having look ahead operate differently for different states
> really complicates the lexer. I don't see this as a big
> problem in practice.
I also don't see this as a big problem in practice, except maybe
for a quit command. However, WRT the complication of the lexer,
it is really not so bad. The trick is to split
lexer->state = json_lexer[IN_START][(uint8_t)ch];
in two phases, namely transitioning to IN_START and (only if
lookahead was used) doing another iteration of the loop.
Signed-off-by: Paolo Bonzini
---
The patch is on top of Luiz's changes.
json-lexer.c | 85 +
1 files changed, 43 insertions(+), 42 deletions(-)
diff --git a/json-lexer.c b/json-lexer.c
index d1d8033..b9250c1 100644
--- a/json-lexer.c
+++ b/json-lexer.c
@@ -29,7 +29,6 @@
enum json_lexer_state {
ERROR = 0,
-IN_DONE_STRING,
IN_DQ_UCODE3,
IN_DQ_UCODE2,
IN_DQ_UCODE1,
@@ -59,17 +58,18 @@ enum json_lexer_state {
IN_ESCAPE_I64,
IN_ESCAPE_DONE,
IN_WHITESPACE,
-IN_OPERATOR_DONE,
IN_START,
};
#define TERMINAL(state) [0 ... 0x7F] = (state)
-static const uint8_t json_lexer[][256] = {
-[IN_DONE_STRING] = {
-TERMINAL(JSON_STRING),
-},
+/* Return whether TERMINAL is a terminal state and the transition to it
+ from OLD_STATE required lookahead. This can happens whenever the table
+ below uses the TERMINAL macro. */
+#define TERMINAL_NEEDED_LOOKAHEAD(old_state, terminal) \
+(json_lexer[(old_state)][0] == (terminal))
+static const uint8_t json_lexer[][256] = {
/* double quote string */
[IN_DQ_UCODE3] = {
['0' ... '9'] = IN_DQ_STRING,
@@ -104,7 +104,7 @@ static const uint8_t json_lexer[][256] = {
[IN_DQ_STRING] = {
[1 ... 0xFF] = IN_DQ_STRING,
['\\'] = IN_DQ_STRING_ESCAPE,
-['"'] = IN_DONE_STRING,
+['"'] = JSON_STRING,
},
/* single quote string */
@@ -141,7 +141,7 @@ static const uint8_t json_lexer[][256] = {
[IN_SQ_STRING] = {
[1 ... 0xFF] = IN_SQ_STRING,
['\\'] = IN_SQ_STRING_ESCAPE,
-['\''] = IN_DONE_STRING,
+['\''] = JSON_STRING,
},
/* Zero */
@@ -207,11 +207,6 @@ static const uint8_t json_lexer[][256] = {
['\n'] = IN_WHITESPACE,
},
-/* operator */
-[IN_OPERATOR_DONE] = {
-TERMINAL(JSON_OPERATOR),
-},
-
/* escape */
[IN_ESCAPE_DONE] = {
TERMINAL(JSON_ESCAPE),
@@ -255,12 +250,12 @@ static const uint8_t json_lexer[][256] = {
['0'] = IN_ZERO,
['1' ... '9'] = IN_NONZERO_NUMBER,
['-'] = IN_NEG_NONZERO_NUMBER,
-['{'] = IN_OPERATOR_DONE,
-['}'] = IN_OPERATOR_DONE,
-['['] = IN_OPERATOR_DONE,
-[']'] = IN_OPERATOR_DONE,
-[','] = IN_OPERATOR_DONE,
-[':'] = IN_OPERATOR_DONE,
+['{'] = JSON_OPERATOR,
+['}'] = JSON_OPERATOR,
+['['] = JSON_OPERATOR,
+[']'] = JSON_OPERATOR,
+[','] = JSON_OPERATOR,
+[':'] = JSON_OPERATOR,
['a' ... 'z'] = IN_KEYWORD,
['%'] = IN_ESCAPE,
[' '] = IN_WHITESPACE,
@@ -279,35 +274,41 @@ void json_lexer_init(JSONLexer *lexer, JSONLexerEmitter
func)
static int json_lexer_feed_char(JSONLexer *lexer, char ch)
{
+int char_consumed, new_state;
+
lexer->x++;
if (ch == '\n') {
lexer->x = 0;
lexer->y++;
}
-lexer->state = json_lexer[lexer->state][(uint8_t)ch];
-
-switch (lexer->state) {
-case JSON_OPERATOR:
-case JSON_ESCAPE:
-case JSON_INTEGER:
-case JSON_FLOAT:
-case JSON_KEYWORD:
-case JSON_STRING:
-lexer->emit(lexer, lexer->token, lexer->state, lexer->x, lexer->y);
-case JSON_SKIP:
-lexer->state = json_lexer[IN_START][(uint8_t)ch];
-QDECREF(lexer->token);
-lexer->token = qstring_new();
-break;
-case ERROR:
-return -EINVAL;
-default:
-break;
-}
-
-qstring_append_chr(lexer->token, ch);
+do {
+new_state = json_lexer[lexer->state][(uint8_t)ch];
+char_consumed = !TERMINAL_NEEDED_LOOKAHEAD(lexer->state, new_state);
+if (char_consumed) {
+qstring_append_chr(lexer->token, ch);
+}
+switch (new_state) {
+case JSON_OPERATOR:
+case JSON_ESCAPE:
+case JSON_INTEGER:
+case JSON_FLOAT:
+case JSON_KEYWORD:
+case JSON_STRING:
+lexer->emit(lexer, lexer->token, new_state, lexer->x, lexer->y);
+case JSON_SKIP:
+QDECREF(lexer->token);
+lexer->token = qstring_new();
+new_state = IN_START;
+break;
+case ERROR:
+return -EINVAL;
+default:
+break;
+}
+lexer->state = new_state;
+} while (!char_consumed);
return 0;
}
@@ -329,7 +330,7 @@ int json_lexer_feed(JSONLexer *lexer, const c
Re: [Qemu-devel] [PATCH 13/22] tcg-i386: Tidy push/pop.
On Wed, Apr 14, 2010 at 10:59:48AM -0700, Richard Henderson wrote:
> Move tcg_out_push/pop up in the file so that they can be used
> by qemu_ld/st. Define a tcg_out_pushi to be used as well.
>
> Signed-off-by: Richard Henderson
> ---
> tcg/i386/tcg-target.c | 50 +++-
> 1 files changed, 32 insertions(+), 18 deletions(-)
>
> diff --git a/tcg/i386/tcg-target.c b/tcg/i386/tcg-target.c
> index 06946e5..58fcd23 100644
> --- a/tcg/i386/tcg-target.c
> +++ b/tcg/i386/tcg-target.c
> @@ -183,6 +183,10 @@ static inline int tcg_target_const_match(tcg_target_long
> val,
> #define OPC_MOVZWL (0xb7 | P_EXT)
> #define OPC_MOVSBL (0xbe | P_EXT)
> #define OPC_MOVSWL (0xbf | P_EXT)
> +#define OPC_POP_r32 (0x58)
> +#define OPC_PUSH_r32 (0x50)
> +#define OPC_PUSH_Iv (0x68)
> +#define OPC_PUSH_Ib (0x6a)
> #define OPC_SHIFT_1 (0xd1)
> #define OPC_SHIFT_Ib (0xc1)
> #define OPC_SHIFT_cl (0xd3)
> @@ -311,6 +315,29 @@ static inline void tcg_out_movi(TCGContext *s, TCGType
> type,
> }
> }
>
> +#if defined(CONFIG_SOFTMMU)
> +static void tcg_out_pushi(TCGContext *s, tcg_target_long val)
> +{
> +if (val == (int8_t)val) {
> +tcg_out_opc(s, OPC_PUSH_Ib);
> +tcg_out8(s, val);
> +} else {
> +tcg_out_opc(s, OPC_PUSH_Iv);
> +tcg_out32(s, val);
> +}
> +}
> +#endif
It might be better to declare this function as inline, so that you can
remove the #if defined(CONFIG_SOFTMMU).
> +
> +static inline void tcg_out_push(TCGContext *s, int reg)
> +{
> +tcg_out_opc(s, OPC_PUSH_r32 + reg);
> +}
> +
> +static inline void tcg_out_pop(TCGContext *s, int reg)
> +{
> +tcg_out_opc(s, OPC_POP_r32 + reg);
> +}
> +
> static inline void tcg_out_ld(TCGContext *s, TCGType type, int ret,
>int arg1, tcg_target_long arg2)
> {
> @@ -910,8 +937,7 @@ static void tcg_out_qemu_st(TCGContext *s, const TCGArg
> *args,
> if (opc == 3) {
> tcg_out_mov(s, TCG_REG_EDX, data_reg);
> tcg_out_mov(s, TCG_REG_ECX, data_reg2);
> -tcg_out8(s, 0x6a); /* push Ib */
> -tcg_out8(s, mem_index);
> +tcg_out_pushi(s, mem_index);
> tcg_out8(s, 0xe8);
> tcg_out32(s, (tcg_target_long)qemu_st_helpers[s_bits] -
>(tcg_target_long)s->code_ptr - 4);
> @@ -936,10 +962,9 @@ static void tcg_out_qemu_st(TCGContext *s, const TCGArg
> *args,
> #else
> if (opc == 3) {
> tcg_out_mov(s, TCG_REG_EDX, addr_reg2);
> -tcg_out8(s, 0x6a); /* push Ib */
> -tcg_out8(s, mem_index);
> -tcg_out_opc(s, 0x50 + data_reg2); /* push */
> -tcg_out_opc(s, 0x50 + data_reg); /* push */
> +tcg_out_pushi(s, mem_index);
> +tcg_out_push(s, data_reg2);
> +tcg_out_push(s, data_reg);
> tcg_out8(s, 0xe8);
> tcg_out32(s, (tcg_target_long)qemu_st_helpers[s_bits] -
>(tcg_target_long)s->code_ptr - 4);
> @@ -957,8 +982,7 @@ static void tcg_out_qemu_st(TCGContext *s, const TCGArg
> *args,
> tcg_out_mov(s, TCG_REG_ECX, data_reg);
> break;
> }
> -tcg_out8(s, 0x6a); /* push Ib */
> -tcg_out8(s, mem_index);
> +tcg_out_pushi(s, mem_index);
> tcg_out8(s, 0xe8);
> tcg_out32(s, (tcg_target_long)qemu_st_helpers[s_bits] -
>(tcg_target_long)s->code_ptr - 4);
> @@ -1371,16 +1395,6 @@ static int tcg_target_callee_save_regs[] = {
> TCG_REG_EDI,
> };
>
> -static inline void tcg_out_push(TCGContext *s, int reg)
> -{
> -tcg_out_opc(s, 0x50 + reg);
> -}
> -
> -static inline void tcg_out_pop(TCGContext *s, int reg)
> -{
> -tcg_out_opc(s, 0x58 + reg);
> -}
> -
> /* Generate global QEMU prologue and epilogue code */
> void tcg_target_qemu_prologue(TCGContext *s)
> {
> --
> 1.6.6.1
>
>
>
>
--
Aurelien Jarno GPG: 1024D/F1BCDB73
aurel...@aurel32.net http://www.aurel32.net
Re: [Qemu-devel] [PATCH 10/22] tcg-i386: Tidy immediate arithmetic operations.
On Wed, Apr 14, 2010 at 08:38:34AM -0700, Richard Henderson wrote:
> Define OPC_ARITH_EvI[bz]; use throughout. Use tcg_out_ext8u
> directly in setcond. Use tgen_arithi in qemu_ld/st.
>
> Signed-off-by: Richard Henderson
Acked-by: Aurelien Jarno
> ---
> tcg/i386/tcg-target.c | 28 +++-
> 1 files changed, 11 insertions(+), 17 deletions(-)
>
> diff --git a/tcg/i386/tcg-target.c b/tcg/i386/tcg-target.c
> index aac2c5a..df1bdfc 100644
> --- a/tcg/i386/tcg-target.c
> +++ b/tcg/i386/tcg-target.c
> @@ -163,6 +163,8 @@ static inline int tcg_target_const_match(tcg_target_long
> val,
>
> #define P_EXT 0x100 /* 0x0f opcode prefix */
>
> +#define OPC_ARITH_EvIz (0x81)
> +#define OPC_ARITH_EvIb (0x83)
> #define OPC_BSWAP(0xc8 | P_EXT)
> #define OPC_JCC_long (0x80 | P_EXT) /* ... plus condition code */
> #define OPC_JCC_short(0x70) /* ... plus condition code */
> @@ -324,7 +326,7 @@ static void tcg_out_ext8u(TCGContext *s, int dest, int
> src)
> if (src >= 4) {
> tcg_out_mov(s, dest, src);
> if (dest >= 4) {
> -tcg_out_modrm(s, 0x81, ARITH_AND, dest);
> +tcg_out_modrm(s, OPC_ARITH_EvIz, ARITH_AND, dest);
> tcg_out32(s, 0xff);
> return;
> }
> @@ -381,14 +383,14 @@ static inline void tgen_arithi(TCGContext *s, int c,
> int r0, int32_t val, int cf
> /* dec */
> tcg_out_opc(s, 0x48 + r0);
> } else if (val == (int8_t)val) {
> -tcg_out_modrm(s, 0x83, c, r0);
> +tcg_out_modrm(s, OPC_ARITH_EvIb, c, r0);
> tcg_out8(s, val);
> } else if (c == ARITH_AND && val == 0xffu && r0 < 4) {
> tcg_out_ext8u(s, r0, r0);
> } else if (c == ARITH_AND && val == 0xu) {
> tcg_out_ext16u(s, r0, r0);
> } else {
> -tcg_out_modrm(s, 0x81, c, r0);
> +tcg_out_modrm(s, OPC_ARITH_EvIz, c, r0);
> tcg_out32(s, val);
> }
> }
> @@ -557,7 +559,7 @@ static void tcg_out_setcond(TCGContext *s, TCGCond cond,
> TCGArg dest,
> tcg_out_cmp(s, arg1, arg2, const_arg2);
> /* setcc */
> tcg_out_modrm(s, 0x90 | tcg_cond_to_jcc[cond] | P_EXT, 0, dest);
> -tgen_arithi(s, ARITH_AND, dest, 0xff, 0);
> +tcg_out_ext8u(s, dest, dest);
> }
>
> static void tcg_out_setcond2(TCGContext *s, const TCGArg *args,
> @@ -659,16 +661,12 @@ static void tcg_out_qemu_ld(TCGContext *s, const TCGArg
> *args,
>
> #if defined(CONFIG_SOFTMMU)
> tcg_out_mov(s, r1, addr_reg);
> -
> tcg_out_mov(s, r0, addr_reg);
> -
> +
> tcg_out_shifti(s, SHIFT_SHR, r1, TARGET_PAGE_BITS - CPU_TLB_ENTRY_BITS);
>
> -tcg_out_modrm(s, 0x81, 4, r0); /* andl $x, r0 */
> -tcg_out32(s, TARGET_PAGE_MASK | ((1 << s_bits) - 1));
> -
> -tcg_out_modrm(s, 0x81, 4, r1); /* andl $x, r1 */
> -tcg_out32(s, (CPU_TLB_SIZE - 1) << CPU_TLB_ENTRY_BITS);
> +tgen_arithi(s, ARITH_AND, r0, TARGET_PAGE_MASK | ((1 << s_bits) - 1), 0);
> +tgen_arithi(s, ARITH_AND, r1, (CPU_TLB_SIZE - 1) << CPU_TLB_ENTRY_BITS,
> 0);
>
> tcg_out_opc(s, 0x8d); /* lea offset(r1, %ebp), r1 */
> tcg_out8(s, 0x80 | (r1 << 3) | 0x04);
> @@ -853,16 +851,12 @@ static void tcg_out_qemu_st(TCGContext *s, const TCGArg
> *args,
>
> #if defined(CONFIG_SOFTMMU)
> tcg_out_mov(s, r1, addr_reg);
> -
> tcg_out_mov(s, r0, addr_reg);
>
> tcg_out_shifti(s, SHIFT_SHR, r1, TARGET_PAGE_BITS - CPU_TLB_ENTRY_BITS);
>
> -tcg_out_modrm(s, 0x81, 4, r0); /* andl $x, r0 */
> -tcg_out32(s, TARGET_PAGE_MASK | ((1 << s_bits) - 1));
> -
> -tcg_out_modrm(s, 0x81, 4, r1); /* andl $x, r1 */
> -tcg_out32(s, (CPU_TLB_SIZE - 1) << CPU_TLB_ENTRY_BITS);
> +tgen_arithi(s, ARITH_AND, r0, TARGET_PAGE_MASK | ((1 << s_bits) - 1), 0);
> +tgen_arithi(s, ARITH_AND, r1, (CPU_TLB_SIZE - 1) << CPU_TLB_ENTRY_BITS,
> 0);
>
> tcg_out_opc(s, 0x8d); /* lea offset(r1, %ebp), r1 */
> tcg_out8(s, 0x80 | (r1 << 3) | 0x04);
> --
> 1.6.6.1
>
>
>
>
--
Aurelien Jarno GPG: 1024D/F1BCDB73
aurel...@aurel32.net http://www.aurel32.net
Re: [Qemu-devel] [PATCH 11/22] tcg-i386: Tidy non-immediate arithmetic operations.
On Wed, Apr 14, 2010 at 10:16:33AM -0700, Richard Henderson wrote:
> Add more OPC values, and tgen_arithr. Use the later throughout.
>
> Note that normal reg/reg arithmetic now uses the Gv,Ev opcode form
> instead of the Ev,Gv opcode form used previously. Both forms
> disassemble properly, and so there's no visible change when diffing
> log files before and after the change. This change makes the operand
> ordering within the output routines more natural, and avoids the need
> to define an OPC_ARITH_EvGv since a read-modify-write with memory is
> not needed within TCG.
>
> Signed-off-by: Richard Henderson
Acked-by: Aurelien Jarno
> ---
> tcg/i386/tcg-target.c | 78
> ++---
> 1 files changed, 48 insertions(+), 30 deletions(-)
>
> diff --git a/tcg/i386/tcg-target.c b/tcg/i386/tcg-target.c
> index df1bdfc..b4e8e74 100644
> --- a/tcg/i386/tcg-target.c
> +++ b/tcg/i386/tcg-target.c
> @@ -165,7 +165,12 @@ static inline int tcg_target_const_match(tcg_target_long
> val,
>
> #define OPC_ARITH_EvIz (0x81)
> #define OPC_ARITH_EvIb (0x83)
> +#define OPC_ARITH_GvEv (0x03) /* ... plus (ARITH_FOO << 3) */
> +#define OPC_ADD_GvEv (OPC_ARITH_GvEv | (ARITH_ADD << 3))
> +#define OPC_CMP_GvEv (OPC_ARITH_GvEv | (ARITH_CMP << 3))
> +#define OPC_DEC_r32 (0x48)
> #define OPC_BSWAP(0xc8 | P_EXT)
> +#define OPC_INC_r32 (0x40)
> #define OPC_JCC_long (0x80 | P_EXT) /* ... plus condition code */
> #define OPC_JCC_short(0x70) /* ... plus condition code */
> #define OPC_JMP_long (0xe9)
> @@ -180,6 +185,7 @@ static inline int tcg_target_const_match(tcg_target_long
> val,
> #define OPC_SHIFT_1 (0xd1)
> #define OPC_SHIFT_Ib (0xc1)
> #define OPC_SHIFT_cl (0xd3)
> +#define OPC_TESTL(0x85)
>
> /* Group 1 opcode extensions for 0x80-0x83. */
> #define ARITH_ADD 0
> @@ -280,6 +286,12 @@ static inline void tcg_out_modrm_offset(TCGContext *s,
> int opc, int r, int rm,
> }
> }
>
> +/* Generate dest op= src. Uses the same ARITH_* codes as tgen_arithi. */
> +static inline void tgen_arithr(TCGContext *s, int subop, int dest, int src)
> +{
> +tcg_out_modrm(s, OPC_ARITH_GvEv + (subop << 3), dest, src);
> +}
> +
> static inline void tcg_out_mov(TCGContext *s, int ret, int arg)
> {
> if (arg != ret) {
> @@ -291,8 +303,7 @@ static inline void tcg_out_movi(TCGContext *s, TCGType
> type,
> int ret, int32_t arg)
> {
> if (arg == 0) {
> -/* xor r0,r0 */
> -tcg_out_modrm(s, 0x01 | (ARITH_XOR << 3), ret, ret);
> +tgen_arithr(s, ARITH_XOR, ret, ret);
> } else {
> tcg_out8(s, 0xb8 + ret);
> tcg_out32(s, arg);
> @@ -374,14 +385,15 @@ static inline void tcg_out_rolw_8(TCGContext *s, int
> reg)
> tcg_out_shifti(s, SHIFT_ROL, reg, 8);
> }
>
> -static inline void tgen_arithi(TCGContext *s, int c, int r0, int32_t val,
> int cf)
> +static inline void tgen_arithi(TCGContext *s, int c, int r0,
> + int32_t val, int cf)
> {
> -if (!cf && ((c == ARITH_ADD && val == 1) || (c == ARITH_SUB && val ==
> -1))) {
> -/* inc */
> -tcg_out_opc(s, 0x40 + r0);
> -} else if (!cf && ((c == ARITH_ADD && val == -1) || (c == ARITH_SUB &&
> val == 1))) {
> -/* dec */
> -tcg_out_opc(s, 0x48 + r0);
> +/* ??? While INC is 2 bytes shorter than ADDL $1, they also induce
> + partial flags update stalls on Pentium4 and are not recommended
> + by current Intel optimization manuals. */
> +if (!cf && (c == ARITH_ADD || c == ARITH_SUB) && (val == 1 || val ==
> -1)) {
> +int opc = ((c == ARITH_ADD) ^ (val < 0) ? OPC_INC_r32 : OPC_DEC_r32);
> +tcg_out_opc(s, opc + r0);
> } else if (val == (int8_t)val) {
> tcg_out_modrm(s, OPC_ARITH_EvIb, c, r0);
> tcg_out8(s, val);
> @@ -454,12 +466,12 @@ static void tcg_out_cmp(TCGContext *s, TCGArg arg1,
> TCGArg arg2,
> if (const_arg2) {
> if (arg2 == 0) {
> /* test r, r */
> -tcg_out_modrm(s, 0x85, arg1, arg1);
> +tcg_out_modrm(s, OPC_TESTL, arg1, arg1);
> } else {
> tgen_arithi(s, ARITH_CMP, arg1, arg2, 0);
> }
> } else {
> -tcg_out_modrm(s, 0x01 | (ARITH_CMP << 3), arg2, arg1);
> +tgen_arithr(s, ARITH_CMP, arg1, arg2);
> }
> }
>
> @@ -674,7 +686,7 @@ static void tcg_out_qemu_ld(TCGContext *s, const TCGArg
> *args,
> tcg_out32(s, offsetof(CPUState, tlb_table[mem_index][0].addr_read));
>
> /* cmp 0(r1), r0 */
> -tcg_out_modrm_offset(s, 0x3b, r0, r1, 0);
> +tcg_out_modrm_offset(s, OPC_CMP_GvEv, r0, r1, 0);
>
> tcg_out_mov(s, r0, addr_reg);
>
> @@ -690,7 +702,7 @@ static void tcg_out_qemu_ld(TCGContext *s, const TCGArg
> *args,
> s->code_ptr++;
>
> /* cmp 4(r1), addr_reg2 */
> -tcg_out_modrm_offset(s, 0x3b, addr_reg2, r1, 4);
Re: [Qemu-devel] [PATCH 14/22] tcg-i386: Tidy calls.
On Wed, Apr 14, 2010 at 11:02:32AM -0700, Richard Henderson wrote:
> Define OPC_CALL_Jz, generated by tcg_out_calli; use the later
> throughout. Unify the calls within qemu_st; adjust the stack
> with a single pop if applicable.
>
> Define and use EXT_CALLN_Ev for indirect calls.
>
> Signed-off-by: Richard Henderson
Acked-by: Aurelien Jarno
> ---
> tcg/i386/tcg-target.c | 49
> +++--
> 1 files changed, 27 insertions(+), 22 deletions(-)
>
> diff --git a/tcg/i386/tcg-target.c b/tcg/i386/tcg-target.c
> index 58fcd23..e82788d 100644
> --- a/tcg/i386/tcg-target.c
> +++ b/tcg/i386/tcg-target.c
> @@ -167,6 +167,7 @@ static inline int tcg_target_const_match(tcg_target_long
> val,
> #define OPC_ARITH_EvIb (0x83)
> #define OPC_ARITH_GvEv (0x03) /* ... plus (ARITH_FOO << 3) */
> #define OPC_ADD_GvEv (OPC_ARITH_GvEv | (ARITH_ADD << 3))
> +#define OPC_CALL_Jz (0xe8)
> #define OPC_CMP_GvEv (OPC_ARITH_GvEv | (ARITH_CMP << 3))
> #define OPC_DEC_r32 (0x48)
> #define OPC_BSWAP(0xc8 | P_EXT)
> @@ -210,6 +211,7 @@ static inline int tcg_target_const_match(tcg_target_long
> val,
> #define SHIFT_SAR 7
>
> /* Group 5 opcode extensions for 0xff. */
> +#define EXT_CALLN_Ev 2
> #define EXT_JMPN_Ev 4
>
> /* Condition codes to be added to OPC_JCC_{long,short}. */
> @@ -644,6 +646,12 @@ static void tcg_out_setcond2(TCGContext *s, const TCGArg
> *args,
> }
> }
>
> +static void tcg_out_calli(TCGContext *s, tcg_target_long dest)
> +{
> +tcg_out_opc(s, OPC_CALL_Jz);
> +tcg_out32(s, dest - (tcg_target_long)s->code_ptr - 4);
> +}
> +
> #if defined(CONFIG_SOFTMMU)
>
> #include "../../softmmu_defs.h"
> @@ -748,9 +756,7 @@ static void tcg_out_qemu_ld(TCGContext *s, const TCGArg
> *args,
> tcg_out_mov(s, TCG_REG_EDX, addr_reg2);
> tcg_out_movi(s, TCG_TYPE_I32, TCG_REG_ECX, mem_index);
> #endif
> -tcg_out8(s, 0xe8);
> -tcg_out32(s, (tcg_target_long)qemu_ld_helpers[s_bits] -
> - (tcg_target_long)s->code_ptr - 4);
> +tcg_out_calli(s, (tcg_target_long)qemu_ld_helpers[s_bits]);
>
> switch(opc) {
> case 0 | 4:
> @@ -865,6 +871,7 @@ static void tcg_out_qemu_st(TCGContext *s, const TCGArg
> *args,
> {
> int addr_reg, data_reg, data_reg2, r0, r1, mem_index, s_bits, bswap;
> #if defined(CONFIG_SOFTMMU)
> +int stack_adjust;
> uint8_t *label1_ptr, *label2_ptr;
> #endif
> #if TARGET_LONG_BITS == 64
> @@ -938,10 +945,7 @@ static void tcg_out_qemu_st(TCGContext *s, const TCGArg
> *args,
> tcg_out_mov(s, TCG_REG_EDX, data_reg);
> tcg_out_mov(s, TCG_REG_ECX, data_reg2);
> tcg_out_pushi(s, mem_index);
> -tcg_out8(s, 0xe8);
> -tcg_out32(s, (tcg_target_long)qemu_st_helpers[s_bits] -
> - (tcg_target_long)s->code_ptr - 4);
> -tcg_out_addi(s, TCG_REG_ESP, 4);
> +stack_adjust = 4;
> } else {
> switch(opc) {
> case 0:
> @@ -955,9 +959,7 @@ static void tcg_out_qemu_st(TCGContext *s, const TCGArg
> *args,
> break;
> }
> tcg_out_movi(s, TCG_TYPE_I32, TCG_REG_ECX, mem_index);
> -tcg_out8(s, 0xe8);
> -tcg_out32(s, (tcg_target_long)qemu_st_helpers[s_bits] -
> - (tcg_target_long)s->code_ptr - 4);
> +stack_adjust = 0;
> }
> #else
> if (opc == 3) {
> @@ -965,10 +967,7 @@ static void tcg_out_qemu_st(TCGContext *s, const TCGArg
> *args,
> tcg_out_pushi(s, mem_index);
> tcg_out_push(s, data_reg2);
> tcg_out_push(s, data_reg);
> -tcg_out8(s, 0xe8);
> -tcg_out32(s, (tcg_target_long)qemu_st_helpers[s_bits] -
> - (tcg_target_long)s->code_ptr - 4);
> -tcg_out_addi(s, TCG_REG_ESP, 12);
> +stack_adjust = 12;
> } else {
> tcg_out_mov(s, TCG_REG_EDX, addr_reg2);
> switch(opc) {
> @@ -983,13 +982,19 @@ static void tcg_out_qemu_st(TCGContext *s, const TCGArg
> *args,
> break;
> }
> tcg_out_pushi(s, mem_index);
> -tcg_out8(s, 0xe8);
> -tcg_out32(s, (tcg_target_long)qemu_st_helpers[s_bits] -
> - (tcg_target_long)s->code_ptr - 4);
> -tcg_out_addi(s, TCG_REG_ESP, 4);
> +stack_adjust = 4;
> }
> #endif
> -
> +
> +tcg_out_calli(s, (tcg_target_long)qemu_st_helpers[s_bits]);
> +
> +if (stack_adjust == 4) {
> +/* Pop and discard. This is 2 bytes smaller than the add. */
> +tcg_out_pop(s, TCG_REG_ECX);
> +} else if (stack_adjust != 0) {
> +tcg_out_addi(s, TCG_REG_ESP, stack_adjust);
> +}
> +
> /* jmp label2 */
> tcg_out8(s, OPC_JMP_short);
> label2_ptr = s->code_ptr;
> @@ -1082,10 +1087,10 @@ static inline void tcg_out_op(TCGContext *s,
> TCGOpcode opc,
> break;
> case INDEX_op_call:
> if (const_args[0]) {
> -tcg_out8(s, 0xe8);
> -tcg_out32
Re: [Qemu-devel] [PATCH 12/22] tcg-i386: Tidy movi.
On Wed, Apr 14, 2010 at 10:20:08AM -0700, Richard Henderson wrote:
> Define and use OPC_MOVL_Iv.
>
> Signed-off-by: Richard Henderson
Acked-by: Aurelien Jarno
> ---
> tcg/i386/tcg-target.c |3 ++-
> 1 files changed, 2 insertions(+), 1 deletions(-)
>
> diff --git a/tcg/i386/tcg-target.c b/tcg/i386/tcg-target.c
> index b4e8e74..06946e5 100644
> --- a/tcg/i386/tcg-target.c
> +++ b/tcg/i386/tcg-target.c
> @@ -178,6 +178,7 @@ static inline int tcg_target_const_match(tcg_target_long
> val,
> #define OPC_MOVB_EvGv(0x88) /* stores, more or less */
> #define OPC_MOVL_EvGv(0x89) /* stores, more or less */
> #define OPC_MOVL_GvEv(0x8b) /* loads, more or less */
> +#define OPC_MOVL_Iv (0xb8)
> #define OPC_MOVZBL (0xb6 | P_EXT)
> #define OPC_MOVZWL (0xb7 | P_EXT)
> #define OPC_MOVSBL (0xbe | P_EXT)
> @@ -305,7 +306,7 @@ static inline void tcg_out_movi(TCGContext *s, TCGType
> type,
> if (arg == 0) {
> tgen_arithr(s, ARITH_XOR, ret, ret);
> } else {
> -tcg_out8(s, 0xb8 + ret);
> +tcg_out8(s, OPC_MOVL_Iv + ret);
> tcg_out32(s, arg);
> }
> }
> --
> 1.6.6.1
>
>
>
>
--
Aurelien Jarno GPG: 1024D/F1BCDB73
aurel...@aurel32.net http://www.aurel32.net
[Qemu-devel] [PATCH] qemu-io: Add multiwrite command
The new multiwrite commands allows to use qemu-io for testing
bdrv_aio_multiwrite.
Signed-off-by: Kevin Wolf
---
qemu-io.c | 192 +
1 files changed, 192 insertions(+), 0 deletions(-)
diff --git a/qemu-io.c b/qemu-io.c
index 8517b90..e99c040 100644
--- a/qemu-io.c
+++ b/qemu-io.c
@@ -267,6 +267,47 @@ static int do_aio_writev(QEMUIOVector *qiov, int64_t
offset, int *total)
return async_ret < 0 ? async_ret : 1;
}
+struct multiwrite_async_ret {
+ int num_done;
+ int error;
+};
+
+static void multiwrite_cb(void *opaque, int ret)
+{
+ struct multiwrite_async_ret *async_ret = opaque;
+
+ async_ret->num_done++;
+ if (ret < 0) {
+ async_ret->error = ret;
+ }
+}
+
+static int do_aio_multiwrite(BlockRequest* reqs, int num_reqs, int *total)
+{
+ int i, ret;
+ struct multiwrite_async_ret async_ret = {
+ .num_done = 0,
+ .error = 0,
+ };
+
+ *total = 0;
+ for (i = 0; i < num_reqs; i++) {
+ reqs[i].cb = multiwrite_cb;
+ reqs[i].opaque = &async_ret;
+ *total += reqs[i].qiov->size;
+ }
+
+ ret = bdrv_aio_multiwrite(bs, reqs, num_reqs);
+ if (ret < 0) {
+ return ret;
+ }
+
+ while (async_ret.num_done < num_reqs) {
+ qemu_aio_wait();
+ }
+
+ return async_ret.error < 0 ? async_ret.error : 1;
+}
static void
read_help(void)
@@ -811,6 +852,156 @@ out:
return 0;
}
+static void
+multiwrite_help(void)
+{
+ printf(
+"\n"
+" writes a range of bytes from the given offset source from multiple
buffers,\n"
+" in a batch of requests that may be merged by qemu\n"
+"\n"
+" Example:\n"
+" 'multiwrite 512 1k 1k ; 4k 1k' \n"
+" writes 2 kB at 512 bytes and 1 kB at 4 kB into the open file\n"
+"\n"
+" Writes into a segment of the currently open file, using a buffer\n"
+" filled with a set pattern (0xcdcdcdcd). The pattern byte is increased\n"
+" by one for each request contained in the multiwrite command.\n"
+" -P, -- use different pattern to fill file\n"
+" -C, -- report statistics in a machine parsable format\n"
+" -q, -- quiet mode, do not show I/O statistics\n"
+"\n");
+}
+
+static int multiwrite_f(int argc, char **argv);
+
+static const cmdinfo_t multiwrite_cmd = {
+ .name = "multiwrite",
+ .cfunc = multiwrite_f,
+ .argmin = 2,
+ .argmax = -1,
+ .args = "[-Cq] [-P pattern ] off len [len..] [; off len
[len..]..]",
+ .oneline= "issues multiple write requests at once",
+ .help = multiwrite_help,
+};
+
+static int
+multiwrite_f(int argc, char **argv)
+{
+ struct timeval t1, t2;
+ int Cflag = 0, qflag = 0;
+ int c, cnt;
+ char **buf;
+ int64_t offset, first_offset = 0;
+ /* Some compilers get confused and warn if this is not initialized. */
+ int total = 0;
+ int nr_iov;
+ int nr_reqs;
+ int pattern = 0xcd;
+ QEMUIOVector *qiovs;
+ int i;
+ BlockRequest *reqs;
+
+ while ((c = getopt(argc, argv, "CqP:")) != EOF) {
+ switch (c) {
+ case 'C':
+ Cflag = 1;
+ break;
+ case 'q':
+ qflag = 1;
+ break;
+ case 'P':
+ pattern = parse_pattern(optarg);
+ if (pattern < 0)
+ return 0;
+ break;
+ default:
+ return command_usage(&writev_cmd);
+ }
+ }
+
+ if (optind > argc - 2)
+ return command_usage(&writev_cmd);
+
+ nr_reqs = 1;
+ for (i = optind; i < argc; i++) {
+ if (!strcmp(argv[i], ";")) {
+ nr_reqs++;
+ }
+ }
+
+ reqs = qemu_malloc(nr_reqs * sizeof(*reqs));
+ buf = qemu_malloc(nr_reqs * sizeof(*buf));
+ qiovs = qemu_malloc(nr_reqs * sizeof(*qiovs));
+
+ for (i = 0; i < nr_reqs; i++) {
+ int j;
+
+ /* Read the offset of the request */
+ offset = cvtnum(argv[optind]);
+ if (offset < 0) {
+ printf("non-numeric offset argument -- %s\n",
argv[optind]);
+ return 0;
+ }
+ optind++;
+
+ if (offset & 0x1ff) {
+ printf("offset %lld is not sector aligned\n",
+ (long long)offset);
+ return 0;
+ }
+
+if (i == 0) {
+first_offset = offset;
+}
+
+ /* Read lengths for qiov entries */
+ for (j = optind; j < argc; j++) {
+ if (!strcmp(argv[j], ";")) {
+
Re: [Qemu-devel] [PATCH 17/22] tcg-i386: Tidy unary arithmetic.
On Wed, Apr 14, 2010 at 11:22:39AM -0700, Richard Henderson wrote:
> Define OPC_GRP3 and EXT3_FOO to match. Use them instead of
> bare constants.
>
> Define OPC_GRP5 and rename the existing EXT_BAR to EXT5_BAR to
> make it clear which extension should be used with which opcode.
>
> Signed-off-by: Richard Henderson
Acked-by: Aurelien Jarno
> ---
> tcg/i386/tcg-target.c | 38 +-
> 1 files changed, 25 insertions(+), 13 deletions(-)
>
> diff --git a/tcg/i386/tcg-target.c b/tcg/i386/tcg-target.c
> index 0c1a53a..c3f3e4d 100644
> --- a/tcg/i386/tcg-target.c
> +++ b/tcg/i386/tcg-target.c
> @@ -195,7 +195,11 @@ static inline int tcg_target_const_match(tcg_target_long
> val,
> #define OPC_SHIFT_cl (0xd3)
> #define OPC_TESTL(0x85)
>
> -/* Group 1 opcode extensions for 0x80-0x83. */
> +#define OPC_GRP3_Ev (0xf7)
> +#define OPC_GRP5 (0xff)
> +
> +/* Group 1 opcode extensions for 0x80-0x83.
> + These are also used as modifiers for OPC_ARITH. */
> #define ARITH_ADD 0
> #define ARITH_OR 1
> #define ARITH_ADC 2
> @@ -212,9 +216,17 @@ static inline int tcg_target_const_match(tcg_target_long
> val,
> #define SHIFT_SHR 5
> #define SHIFT_SAR 7
>
> -/* Group 5 opcode extensions for 0xff. */
> -#define EXT_CALLN_Ev 2
> -#define EXT_JMPN_Ev 4
> +/* Group 3 opcode extensions for 0xf6, 0xf7. To be used with OPC_GRP3. */
> +#define EXT3_NOT 2
> +#define EXT3_NEG 3
> +#define EXT3_MUL 4
> +#define EXT3_IMUL 5
> +#define EXT3_DIV 6
> +#define EXT3_IDIV 7
> +
> +/* Group 5 opcode extensions for 0xff. To be used with OPC_GRP5. */
> +#define EXT5_CALLN_Ev2
> +#define EXT5_JMPN_Ev 4
>
> /* Condition codes to be added to OPC_JCC_{long,short}. */
> #define JCC_JMP (-1)
> @@ -1081,7 +1093,7 @@ static inline void tcg_out_op(TCGContext *s, TCGOpcode
> opc,
> tcg_out32(s, 0);
> } else {
> /* indirect jump method */
> -tcg_out_modrm_offset(s, 0xff, EXT_JMPN_Ev, -1,
> +tcg_out_modrm_offset(s, OPC_GRP5, EXT5_JMPN_Ev, -1,
> (tcg_target_long)(s->tb_next + args[0]));
> }
> s->tb_next_offset[args[0]] = s->code_ptr - s->code_buf;
> @@ -1091,7 +1103,7 @@ static inline void tcg_out_op(TCGContext *s, TCGOpcode
> opc,
> tcg_out_calli(s, args[0]);
> } else {
> /* call *reg */
> -tcg_out_modrm(s, 0xff, EXT_CALLN_Ev, args[0]);
> +tcg_out_modrm(s, OPC_GRP5, EXT5_CALLN_Ev, args[0]);
> }
> break;
> case INDEX_op_jmp:
> @@ -1100,7 +1112,7 @@ static inline void tcg_out_op(TCGContext *s, TCGOpcode
> opc,
> tcg_out32(s, args[0] - (tcg_target_long)s->code_ptr - 4);
> } else {
> /* jmp *reg */
> -tcg_out_modrm(s, 0xff, EXT_JMPN_Ev, args[0]);
> +tcg_out_modrm(s, OPC_GRP5, EXT5_JMPN_Ev, args[0]);
> }
> break;
> case INDEX_op_br:
> @@ -1177,13 +1189,13 @@ static inline void tcg_out_op(TCGContext *s,
> TCGOpcode opc,
> }
> break;
> case INDEX_op_mulu2_i32:
> -tcg_out_modrm(s, 0xf7, 4, args[3]);
> +tcg_out_modrm(s, OPC_GRP3_Ev, EXT3_MUL, args[3]);
> break;
> case INDEX_op_div2_i32:
> -tcg_out_modrm(s, 0xf7, 7, args[4]);
> +tcg_out_modrm(s, OPC_GRP3_Ev, EXT3_IDIV, args[4]);
> break;
> case INDEX_op_divu2_i32:
> -tcg_out_modrm(s, 0xf7, 6, args[4]);
> +tcg_out_modrm(s, OPC_GRP3_Ev, EXT3_DIV, args[4]);
> break;
> case INDEX_op_shl_i32:
> c = SHIFT_SHL;
> @@ -1247,11 +1259,11 @@ static inline void tcg_out_op(TCGContext *s,
> TCGOpcode opc,
> break;
>
> case INDEX_op_neg_i32:
> -tcg_out_modrm(s, 0xf7, 3, args[0]);
> +tcg_out_modrm(s, OPC_GRP3_Ev, EXT3_NEG, args[0]);
> break;
>
> case INDEX_op_not_i32:
> -tcg_out_modrm(s, 0xf7, 2, args[0]);
> +tcg_out_modrm(s, OPC_GRP3_Ev, EXT3_NOT, args[0]);
> break;
>
> case INDEX_op_ext8s_i32:
> @@ -1419,7 +1431,7 @@ void tcg_target_qemu_prologue(TCGContext *s)
> stack_addend = frame_size - push_size;
> tcg_out_addi(s, TCG_REG_ESP, -stack_addend);
>
> -tcg_out_modrm(s, 0xff, EXT_JMPN_Ev, TCG_REG_EAX); /* jmp *%eax */
> +tcg_out_modrm(s, OPC_GRP5, EXT5_JMPN_Ev, TCG_REG_EAX); /* jmp *%eax */
>
> /* TB epilogue */
> tb_ret_addr = s->code_ptr;
> --
> 1.6.6.1
>
>
>
>
--
Aurelien Jarno GPG: 1024D/F1BCDB73
aurel...@aurel32.net http://www.aurel32.net
Re: [Qemu-devel] [PATCH 18/22] tcg-i386: Tidy multiply.
On Wed, Apr 14, 2010 at 11:29:31AM -0700, Richard Henderson wrote:
> Define and use OPC_IMUL_GvEv{,Ib,Iz}.
>
> Signed-off-by: Richard Henderson
Acked-by: Aurelien Jarno
> ---
> tcg/i386/tcg-target.c |9 ++---
> 1 files changed, 6 insertions(+), 3 deletions(-)
>
> diff --git a/tcg/i386/tcg-target.c b/tcg/i386/tcg-target.c
> index c3f3e4d..020faf0 100644
> --- a/tcg/i386/tcg-target.c
> +++ b/tcg/i386/tcg-target.c
> @@ -184,6 +184,9 @@ static inline int tcg_target_const_match(tcg_target_long
> val,
> #define OPC_MOVZWL (0xb7 | P_EXT)
> #define OPC_MOVSBL (0xbe | P_EXT)
> #define OPC_MOVSWL (0xbf | P_EXT)
> +#define OPC_IMUL_GvEv(0xaf | P_EXT)
> +#define OPC_IMUL_GvEvIb (0x6b)
> +#define OPC_IMUL_GvEvIz (0x69)
> #define OPC_POP_r32 (0x58)
> #define OPC_PUSH_r32 (0x50)
> #define OPC_PUSH_Iv (0x68)
> @@ -1178,14 +1181,14 @@ static inline void tcg_out_op(TCGContext *s,
> TCGOpcode opc,
> int32_t val;
> val = args[2];
> if (val == (int8_t)val) {
> -tcg_out_modrm(s, 0x6b, args[0], args[0]);
> +tcg_out_modrm(s, OPC_IMUL_GvEvIb, args[0], args[0]);
> tcg_out8(s, val);
> } else {
> -tcg_out_modrm(s, 0x69, args[0], args[0]);
> +tcg_out_modrm(s, OPC_IMUL_GvEvIz, args[0], args[0]);
> tcg_out32(s, val);
> }
> } else {
> -tcg_out_modrm(s, 0xaf | P_EXT, args[0], args[2]);
> +tcg_out_modrm(s, OPC_IMUL_GvEv, args[0], args[2]);
> }
> break;
> case INDEX_op_mulu2_i32:
> --
> 1.6.6.1
>
>
>
>
--
Aurelien Jarno GPG: 1024D/F1BCDB73
aurel...@aurel32.net http://www.aurel32.net
[Qemu-devel] [PATCH] block: Fix multiwrite with overlapping requests
With overlapping requests, the total number of sectors is smaller than the sum of the nb_sectors of both requests. Signed-off-by: Kevin Wolf --- block.c |2 +- 1 files changed, 1 insertions(+), 1 deletions(-) diff --git a/block.c b/block.c index 72d9441..1586b79 100644 --- a/block.c +++ b/block.c @@ -2029,7 +2029,7 @@ static int multiwrite_merge(BlockDriverState *bs, BlockRequest *reqs, // Add the second request qemu_iovec_concat(qiov, reqs[i].qiov, reqs[i].qiov->size); -reqs[outidx].nb_sectors += reqs[i].nb_sectors; +reqs[outidx].nb_sectors = qiov->size >> 9; reqs[outidx].qiov = qiov; mcb->callbacks[i].free_qiov = reqs[outidx].qiov; -- 1.6.6.1
Re: [Qemu-devel] [PATCH 16/22] tcg-i386: Tidy setcc.
On Wed, Apr 14, 2010 at 11:07:27AM -0700, Richard Henderson wrote:
> Define and use OPC_SETCC.
>
> Signed-off-by: Richard Henderson
Acked-by: Aurelien Jarno
> ---
> tcg/i386/tcg-target.c |4 ++--
> 1 files changed, 2 insertions(+), 2 deletions(-)
>
> diff --git a/tcg/i386/tcg-target.c b/tcg/i386/tcg-target.c
> index 27e9e9e..0c1a53a 100644
> --- a/tcg/i386/tcg-target.c
> +++ b/tcg/i386/tcg-target.c
> @@ -189,6 +189,7 @@ static inline int tcg_target_const_match(tcg_target_long
> val,
> #define OPC_PUSH_Iv (0x68)
> #define OPC_PUSH_Ib (0x6a)
> #define OPC_RET (0xc3)
> +#define OPC_SETCC(0x90 | P_EXT) /* ... plus condition code */
> #define OPC_SHIFT_1 (0xd1)
> #define OPC_SHIFT_Ib (0xc1)
> #define OPC_SHIFT_cl (0xd3)
> @@ -600,8 +601,7 @@ static void tcg_out_setcond(TCGContext *s, TCGCond cond,
> TCGArg dest,
> TCGArg arg1, TCGArg arg2, int const_arg2)
> {
> tcg_out_cmp(s, arg1, arg2, const_arg2);
> -/* setcc */
> -tcg_out_modrm(s, 0x90 | tcg_cond_to_jcc[cond] | P_EXT, 0, dest);
> +tcg_out_modrm(s, OPC_SETCC | tcg_cond_to_jcc[cond], 0, dest);
> tcg_out_ext8u(s, dest, dest);
> }
>
> --
> 1.6.6.1
>
>
>
>
--
Aurelien Jarno GPG: 1024D/F1BCDB73
aurel...@aurel32.net http://www.aurel32.net
[Qemu-devel] [PATCH 2/2] trace: Trace write requests in virtio-blk, multiwrite, and paio_submit
Signed-off-by: Stefan Hajnoczi
---
block.c|7 +++
hw/virtio-blk.c|6 ++
posix-aio-compat.c |2 ++
trace.h| 42 +-
trace.py |8
5 files changed, 64 insertions(+), 1 deletions(-)
diff --git a/block.c b/block.c
index bfe46e3..a7fb040 100644
--- a/block.c
+++ b/block.c
@@ -27,6 +27,7 @@
#include "block_int.h"
#include "module.h"
#include "qemu-objects.h"
+#include "trace.h"
#ifdef CONFIG_BSD
#include
@@ -1913,6 +1914,8 @@ static void multiwrite_cb(void *opaque, int ret)
{
MultiwriteCB *mcb = opaque;
+trace_multiwrite_cb(mcb, ret);
+
if (ret < 0 && !mcb->error) {
mcb->error = ret;
multiwrite_user_cb(mcb);
@@ -2044,6 +2047,8 @@ int bdrv_aio_multiwrite(BlockDriverState *bs,
BlockRequest *reqs, int num_reqs)
// Check for mergable requests
num_reqs = multiwrite_merge(bs, reqs, num_reqs, mcb);
+trace_bdrv_aio_multiwrite(mcb, mcb->num_callbacks, num_reqs);
+
// Run the aio requests
for (i = 0; i < num_reqs; i++) {
acb = bdrv_aio_writev(bs, reqs[i].sector, reqs[i].qiov,
@@ -2054,9 +2059,11 @@ int bdrv_aio_multiwrite(BlockDriverState *bs,
BlockRequest *reqs, int num_reqs)
// submitted yet. Otherwise we'll wait for the submitted AIOs to
// complete and report the error in the callback.
if (mcb->num_requests == 0) {
+trace_bdrv_aio_multiwrite_earlyfail(mcb);
reqs[i].error = -EIO;
goto fail;
} else {
+trace_bdrv_aio_multiwrite_latefail(mcb, i);
mcb->num_requests++;
multiwrite_cb(mcb, -EIO);
break;
diff --git a/hw/virtio-blk.c b/hw/virtio-blk.c
index b05d15e..73b873e 100644
--- a/hw/virtio-blk.c
+++ b/hw/virtio-blk.c
@@ -13,6 +13,7 @@
#include
#include
+#include "trace.h"
#include "virtio-blk.h"
#include "block_int.h"
#ifdef __linux__
@@ -50,6 +51,8 @@ static void virtio_blk_req_complete(VirtIOBlockReq *req, int
status)
{
VirtIOBlock *s = req->dev;
+trace_virtio_blk_req_complete(req, status);
+
req->in->status = status;
virtqueue_push(s->vq, &req->elem, req->qiov.size + sizeof(*req->in));
virtio_notify(&s->vdev, s->vq);
@@ -87,6 +90,8 @@ static void virtio_blk_rw_complete(void *opaque, int ret)
{
VirtIOBlockReq *req = opaque;
+trace_virtio_blk_rw_complete(req, ret);
+
if (ret) {
int is_read = !(req->out->type & VIRTIO_BLK_T_OUT);
if (virtio_blk_handle_rw_error(req, -ret, is_read))
@@ -270,6 +275,7 @@ static void virtio_blk_handle_write(BlockRequest *blkreq,
int *num_writes,
blkreq[*num_writes].cb = virtio_blk_rw_complete;
blkreq[*num_writes].opaque = req;
blkreq[*num_writes].error = 0;
+trace_virtio_blk_handle_write(req, req->out->sector, req->qiov.size / 512);
(*num_writes)++;
}
diff --git a/posix-aio-compat.c b/posix-aio-compat.c
index b43c531..57d83f0 100644
--- a/posix-aio-compat.c
+++ b/posix-aio-compat.c
@@ -23,6 +23,7 @@
#include
#include "qemu-queue.h"
+#include "trace.h"
#include "osdep.h"
#include "qemu-common.h"
#include "block_int.h"
@@ -583,6 +584,7 @@ BlockDriverAIOCB *paio_submit(BlockDriverState *bs, int fd,
acb->next = posix_aio_state->first_aio;
posix_aio_state->first_aio = acb;
+trace_paio_submit(acb, opaque, sector_num, nb_sectors, type);
qemu_paio_submit(acb);
return &acb->common;
}
diff --git a/trace.h b/trace.h
index 144aa1e..3c4564f 100644
--- a/trace.h
+++ b/trace.h
@@ -1,5 +1,12 @@
typedef enum {
-TRACE_MAX
+TRACE_MULTIWRITE_CB,
+TRACE_BDRV_AIO_MULTIWRITE,
+TRACE_BDRV_AIO_MULTIWRITE_EARLYFAIL,
+TRACE_BDRV_AIO_MULTIWRITE_LATEFAIL,
+TRACE_VIRTIO_BLK_REQ_COMPLETE,
+TRACE_VIRTIO_BLK_RW_COMPLETE,
+TRACE_VIRTIO_BLK_HANDLE_WRITE,
+TRACE_PAIO_SUBMIT,
} TraceEvent;
void trace1(TraceEvent event, unsigned long x1);
@@ -7,3 +14,36 @@ void trace2(TraceEvent event, unsigned long x1, unsigned long
x2);
void trace3(TraceEvent event, unsigned long x1, unsigned long x2, unsigned
long x3);
void trace4(TraceEvent event, unsigned long x1, unsigned long x2, unsigned
long x3, unsigned long x4);
void trace5(TraceEvent event, unsigned long x1, unsigned long x2, unsigned
long x3, unsigned long x4, unsigned long x5);
+
+static inline void trace_multiwrite_cb(void *mcb, int ret) {
+trace2(TRACE_MULTIWRITE_CB, (unsigned long)mcb, ret);
+}
+
+static inline void trace_bdrv_aio_multiwrite(void *mcb, int num_callbacks, int
num_reqs) {
+trace3(TRACE_BDRV_AIO_MULTIWRITE, (unsigned long)mcb, num_callbacks,
num_reqs);
+}
+
+static inline void trace_bdrv_aio_multiwrite_earlyfail(void *mcb) {
+trace1(TRACE_BDRV_AIO_MULTIWRITE_EARLYFAIL, (unsigned long)mcb);
+}
+
+static inline void trace_bdrv_aio_multiwrite_latefail(void *mcb, int i) {
+trace2(TRACE_BDRV_AIO_MULTIWRITE_LATEFAIL, (
Re: [Qemu-devel] [PATCH 2/2] qcow2: Fix error handling in l2_allocate
On Thu, May 20, 2010 at 3:48 PM, Kevin Wolf wrote: > l2_allocate has some intermediate states in which the image is inconsistent. > Change the order to write to the L1 table only after the new L2 table has > successfully been initialized. Looks good. Stefan
[Qemu-devel] [PATCH 1/2] trace: Add simple tracing support
Trace events should be defined in trace.h. Events are written to
/tmp/trace.log and can be formatted using trace.py. Remember to add
events to trace.py for pretty-printing.
Signed-off-by: Stefan Hajnoczi
---
Makefile.objs |2 +-
trace.c | 64 +
trace.h |9
trace.py | 30 ++
4 files changed, 104 insertions(+), 1 deletions(-)
create mode 100644 trace.c
create mode 100644 trace.h
create mode 100755 trace.py
diff --git a/Makefile.objs b/Makefile.objs
index acbaf22..307e989 100644
--- a/Makefile.objs
+++ b/Makefile.objs
@@ -8,7 +8,7 @@ qobject-obj-y += qerror.o
# block-obj-y is code used by both qemu system emulation and qemu-img
block-obj-y = cutils.o cache-utils.o qemu-malloc.o qemu-option.o module.o
-block-obj-y += nbd.o block.o aio.o aes.o osdep.o qemu-config.o
+block-obj-y += nbd.o block.o aio.o aes.o osdep.o qemu-config.o trace.o
block-obj-$(CONFIG_POSIX) += posix-aio-compat.o
block-obj-$(CONFIG_LINUX_AIO) += linux-aio.o
diff --git a/trace.c b/trace.c
new file mode 100644
index 000..2fec4d3
--- /dev/null
+++ b/trace.c
@@ -0,0 +1,64 @@
+#include
+#include
+#include "trace.h"
+
+typedef struct {
+unsigned long event;
+unsigned long x1;
+unsigned long x2;
+unsigned long x3;
+unsigned long x4;
+unsigned long x5;
+} TraceRecord;
+
+enum {
+TRACE_BUF_LEN = 64 * 1024 / sizeof(TraceRecord),
+};
+
+static TraceRecord trace_buf[TRACE_BUF_LEN];
+static unsigned int trace_idx;
+static FILE *trace_fp;
+
+static void trace(TraceEvent event, unsigned long x1,
+ unsigned long x2, unsigned long x3,
+ unsigned long x4, unsigned long x5) {
+TraceRecord *rec = &trace_buf[trace_idx];
+rec->event = event;
+rec->x1 = x1;
+rec->x2 = x2;
+rec->x3 = x3;
+rec->x4 = x4;
+rec->x5 = x5;
+
+if (++trace_idx == TRACE_BUF_LEN) {
+trace_idx = 0;
+
+if (!trace_fp) {
+trace_fp = fopen("/tmp/trace.log", "w");
+}
+if (trace_fp) {
+size_t result = fwrite(trace_buf, sizeof trace_buf, 1, trace_fp);
+result = result;
+}
+}
+}
+
+void trace1(TraceEvent event, unsigned long x1) {
+trace(event, x1, 0, 0, 0, 0);
+}
+
+void trace2(TraceEvent event, unsigned long x1, unsigned long x2) {
+trace(event, x1, x2, 0, 0, 0);
+}
+
+void trace3(TraceEvent event, unsigned long x1, unsigned long x2, unsigned
long x3) {
+trace(event, x1, x2, x3, 0, 0);
+}
+
+void trace4(TraceEvent event, unsigned long x1, unsigned long x2, unsigned
long x3, unsigned long x4) {
+trace(event, x1, x2, x3, x4, 0);
+}
+
+void trace5(TraceEvent event, unsigned long x1, unsigned long x2, unsigned
long x3, unsigned long x4, unsigned long x5) {
+trace(event, x1, x2, x3, x4, x5);
+}
diff --git a/trace.h b/trace.h
new file mode 100644
index 000..144aa1e
--- /dev/null
+++ b/trace.h
@@ -0,0 +1,9 @@
+typedef enum {
+TRACE_MAX
+} TraceEvent;
+
+void trace1(TraceEvent event, unsigned long x1);
+void trace2(TraceEvent event, unsigned long x1, unsigned long x2);
+void trace3(TraceEvent event, unsigned long x1, unsigned long x2, unsigned
long x3);
+void trace4(TraceEvent event, unsigned long x1, unsigned long x2, unsigned
long x3, unsigned long x4);
+void trace5(TraceEvent event, unsigned long x1, unsigned long x2, unsigned
long x3, unsigned long x4, unsigned long x5);
diff --git a/trace.py b/trace.py
new file mode 100755
index 000..f38ab6b
--- /dev/null
+++ b/trace.py
@@ -0,0 +1,30 @@
+#!/usr/bin/env python
+import sys
+import struct
+
+trace_fmt = 'LL'
+trace_len = struct.calcsize(trace_fmt)
+
+events = {
+}
+
+def read_record(fobj):
+s = fobj.read(trace_len)
+if len(s) != trace_len:
+return None
+return struct.unpack(trace_fmt, s)
+
+def format_record(rec):
+event = events[rec[0]]
+fields = [event[0]]
+for i in xrange(1, len(event)):
+fields.append('%s=0x%x' % (event[i], rec[i]))
+return ' '.join(fields)
+
+f = open(sys.argv[1], 'rb')
+while True:
+rec = read_record(f)
+if rec is None:
+break
+
+print format_record(rec)
--
1.7.1
Re: [Qemu-devel] [PATCH 15/22] tcg-i386: Tidy ret.
On Wed, Apr 14, 2010 at 11:04:14AM -0700, Richard Henderson wrote:
> Define and use OPC_RET.
>
> Signed-off-by: Richard Henderson
Acked-by: Aurelien Jarno
> ---
> tcg/i386/tcg-target.c |3 ++-
> 1 files changed, 2 insertions(+), 1 deletions(-)
>
> diff --git a/tcg/i386/tcg-target.c b/tcg/i386/tcg-target.c
> index e82788d..27e9e9e 100644
> --- a/tcg/i386/tcg-target.c
> +++ b/tcg/i386/tcg-target.c
> @@ -188,6 +188,7 @@ static inline int tcg_target_const_match(tcg_target_long
> val,
> #define OPC_PUSH_r32 (0x50)
> #define OPC_PUSH_Iv (0x68)
> #define OPC_PUSH_Ib (0x6a)
> +#define OPC_RET (0xc3)
> #define OPC_SHIFT_1 (0xd1)
> #define OPC_SHIFT_Ib (0xc1)
> #define OPC_SHIFT_cl (0xd3)
> @@ -1426,7 +1427,7 @@ void tcg_target_qemu_prologue(TCGContext *s)
> for(i = ARRAY_SIZE(tcg_target_callee_save_regs) - 1; i >= 0; i--) {
> tcg_out_pop(s, tcg_target_callee_save_regs[i]);
> }
> -tcg_out8(s, 0xc3); /* ret */
> +tcg_out_opc(s, OPC_RET);
> }
>
> void tcg_target_init(TCGContext *s)
> --
> 1.6.6.1
>
>
>
>
--
Aurelien Jarno GPG: 1024D/F1BCDB73
aurel...@aurel32.net http://www.aurel32.net
Re: [Qemu-devel] [PATCH 19/22] tcg-i386: Tidy xchg.
On Wed, Apr 14, 2010 at 11:32:24AM -0700, Richard Henderson wrote:
> Define and use OPC_XCHG_ax_r32.
>
> Signed-off-by: Richard Henderson
Acked-by: Aurelien Jarno
> ---
> tcg/i386/tcg-target.c |4 +++-
> 1 files changed, 3 insertions(+), 1 deletions(-)
>
> diff --git a/tcg/i386/tcg-target.c b/tcg/i386/tcg-target.c
> index 020faf0..bf3c0d6 100644
> --- a/tcg/i386/tcg-target.c
> +++ b/tcg/i386/tcg-target.c
> @@ -197,6 +197,7 @@ static inline int tcg_target_const_match(tcg_target_long
> val,
> #define OPC_SHIFT_Ib (0xc1)
> #define OPC_SHIFT_cl (0xd3)
> #define OPC_TESTL(0x85)
> +#define OPC_XCHG_ax_r32 (0x90)
>
> #define OPC_GRP3_Ev (0xf7)
> #define OPC_GRP5 (0xff)
> @@ -793,7 +794,8 @@ static void tcg_out_qemu_ld(TCGContext *s, const TCGArg
> *args,
> break;
> case 3:
> if (data_reg == TCG_REG_EDX) {
> -tcg_out_opc(s, 0x90 + TCG_REG_EDX); /* xchg %edx, %eax */
> +/* xchg %edx, %eax */
> +tcg_out_opc(s, OPC_XCHG_ax_r32 + TCG_REG_EDX);
> tcg_out_mov(s, data_reg2, TCG_REG_EAX);
> } else {
> tcg_out_mov(s, data_reg, TCG_REG_EAX);
> --
> 1.6.6.1
>
>
>
>
--
Aurelien Jarno GPG: 1024D/F1BCDB73
aurel...@aurel32.net http://www.aurel32.net
Re: [Qemu-devel] [PATCH 21/22] tcg-i386: Use lea for three-operand add.
On Wed, Apr 14, 2010 at 01:29:27PM -0700, Richard Henderson wrote:
> The result is shorter than the mov+add that TCG would
> otherwise generate for us.
>
> Signed-off-by: Richard Henderson
Acked-by: Aurelien Jarno
> ---
> tcg/i386/tcg-target.c | 23 ---
> 1 files changed, 20 insertions(+), 3 deletions(-)
>
> diff --git a/tcg/i386/tcg-target.c b/tcg/i386/tcg-target.c
> index 755d46d..646a7b6 100644
> --- a/tcg/i386/tcg-target.c
> +++ b/tcg/i386/tcg-target.c
> @@ -1186,6 +1186,25 @@ static inline void tcg_out_op(TCGContext *s, TCGOpcode
> opc,
> case INDEX_op_st_i32:
> tcg_out_st(s, TCG_TYPE_I32, args[0], args[1], args[2]);
> break;
> +case INDEX_op_add_i32:
> +/* For 3-operand addition, use LEA. */
> +if (args[0] != args[1]) {
> +TCGArg a0 = args[0], a1 = args[1], a2 = args[2], c3 = 0;
> +
> +if (const_args[2]) {
> +c3 = a2, a2 = -1;
> +} else if (a0 == a2) {
> +/* Watch out for dest = src + dest, since we've removed
> + the matching constraint on the add. */
> +tgen_arithr(s, ARITH_ADD, a0, a1);
> +break;
> +}
> +
> +tcg_out_modrm_sib_offset(s, OPC_LEA, a0, a1, a2, 0, c3);
> +break;
> +}
> +c = ARITH_ADD;
> +goto gen_arith;
> case INDEX_op_sub_i32:
> c = ARITH_SUB;
> goto gen_arith;
> @@ -1198,8 +1217,6 @@ static inline void tcg_out_op(TCGContext *s, TCGOpcode
> opc,
> case INDEX_op_xor_i32:
> c = ARITH_XOR;
> goto gen_arith;
> -case INDEX_op_add_i32:
> -c = ARITH_ADD;
> gen_arith:
> if (const_args[2]) {
> tgen_arithi(s, c, args[0], args[2], 0);
> @@ -1374,7 +1391,7 @@ static const TCGTargetOpDef x86_op_defs[] = {
> { INDEX_op_st16_i32, { "r", "r" } },
> { INDEX_op_st_i32, { "r", "r" } },
>
> -{ INDEX_op_add_i32, { "r", "0", "ri" } },
> +{ INDEX_op_add_i32, { "r", "r", "ri" } },
> { INDEX_op_sub_i32, { "r", "0", "ri" } },
> { INDEX_op_mul_i32, { "r", "0", "ri" } },
> { INDEX_op_mulu2_i32, { "a", "d", "a", "r" } },
> --
> 1.6.6.1
>
>
>
>
--
Aurelien Jarno GPG: 1024D/F1BCDB73
aurel...@aurel32.net http://www.aurel32.net
[Qemu-devel] {PING}[PATCH 0/4] Support NPTL support for ColdFire and related fixes
On 3/1/10 10:19 PM, Maxim Kuvyrkov wrote: The following series of 4 patches adds NPTL support for ColdFire user-mode emulation and fixes several related issues, mainly in signal handling. 0001-Add-NPTL-support-for-ColdFire.patch Implement new kernel syscalls to support TLS storage and synchronization (merged to 2.6.34 kernel) 0002-Handle-SIGKILL-and-SIGCHLD.patch Target-independent improvement to add SIGKILL and SIGCHLD to the list of handled signals. 0003-Fix-signal-handling-for-ColdFire.patch Fix and improve signal handling support for ColdFire. 0004-Define-MMAP_SHIFT-for-ColdFire.patch Follow kernel behavior. The patches were tested on GCC and GLIBC testsuites. All signal handling and frame unwinding GCC tests pass. GLIBC testsuite now has more tests passing with no regressions. Ping. These patches implement NPTL support for m68k/ColdFire and improve signal handling for linux user-mode emulation. -- Maxim Kuvyrkov CodeSourcery ma...@codesourcery.com (650) 331-3385 x724
Re: [Qemu-devel] [PATCH 20/22] tcg-i386: Tidy lea.
On Wed, Apr 14, 2010 at 12:08:28PM -0700, Richard Henderson wrote:
> Implement full modrm+sib addressing mode processing.
> Use that in qemu_ld/st to output the LEA.
>
> Signed-off-by: Richard Henderson
Acked-by: Aurelien Jarno
> ---
> tcg/i386/tcg-target.c | 91
> -
> 1 files changed, 60 insertions(+), 31 deletions(-)
>
> diff --git a/tcg/i386/tcg-target.c b/tcg/i386/tcg-target.c
> index bf3c0d6..755d46d 100644
> --- a/tcg/i386/tcg-target.c
> +++ b/tcg/i386/tcg-target.c
> @@ -176,6 +176,7 @@ static inline int tcg_target_const_match(tcg_target_long
> val,
> #define OPC_JCC_short(0x70) /* ... plus condition code */
> #define OPC_JMP_long (0xe9)
> #define OPC_JMP_short(0xeb)
> +#define OPC_LEA (0x8d)
> #define OPC_MOVB_EvGv(0x88) /* stores, more or less */
> #define OPC_MOVL_EvGv(0x89) /* stores, more or less */
> #define OPC_MOVL_GvEv(0x8b) /* loads, more or less */
> @@ -277,40 +278,70 @@ static inline void tcg_out_modrm(TCGContext *s, int
> opc, int r, int rm)
> tcg_out8(s, 0xc0 | (r << 3) | rm);
> }
>
> -/* rm == -1 means no register index */
> -static inline void tcg_out_modrm_offset(TCGContext *s, int opc, int r, int
> rm,
> -int32_t offset)
> +/* Output an opcode with a full "rm + (index<
> + We handle either RM and INDEX missing with a -1 value. */
> +
> +static void tcg_out_modrm_sib_offset(TCGContext *s, int opc, int r, int rm,
> + int index, int shift, int32_t offset)
> {
> +int mod, len;
> +
> +if (index == -1 && rm == -1) {
> +/* Absolute address. */
> +tcg_out_opc(s, opc);
> +tcg_out8(s, (r << 3) | 5);
> +tcg_out32(s, offset);
> +return;
> +}
> +
> tcg_out_opc(s, opc);
> +
> +/* Find the length of the immediate addend. Note that the encoding
> + that would be used for (%ebp) indicates absolute addressing. */
> if (rm == -1) {
> -tcg_out8(s, 0x05 | (r << 3));
> -tcg_out32(s, offset);
> +mod = 0, len = 4, rm = 5;
> } else if (offset == 0 && rm != TCG_REG_EBP) {
> -if (rm == TCG_REG_ESP) {
> -tcg_out8(s, 0x04 | (r << 3));
> -tcg_out8(s, 0x24);
> -} else {
> -tcg_out8(s, 0x00 | (r << 3) | rm);
> -}
> -} else if ((int8_t)offset == offset) {
> -if (rm == TCG_REG_ESP) {
> -tcg_out8(s, 0x44 | (r << 3));
> -tcg_out8(s, 0x24);
> -} else {
> -tcg_out8(s, 0x40 | (r << 3) | rm);
> -}
> -tcg_out8(s, offset);
> +mod = 0, len = 0;
> +} else if (offset == (int8_t)offset) {
> +mod = 0x40, len = 1;
> } else {
> -if (rm == TCG_REG_ESP) {
> -tcg_out8(s, 0x84 | (r << 3));
> -tcg_out8(s, 0x24);
> +mod = 0x80, len = 4;
> +}
> +
> +/* Use a single byte MODRM format if possible. Note that the encoding
> + that would be used for %esp is the escape to the two byte form. */
> +if (index == -1 && rm != TCG_REG_ESP) {
> +/* Single byte MODRM format. */
> +tcg_out8(s, mod | (r << 3) | rm);
> +} else {
> +/* Two byte MODRM+SIB format. */
> +
> +/* Note that the encoding that would place %esp into the index
> + field indicates no index register. */
> +if (index == -1) {
> +index = 4;
> } else {
> -tcg_out8(s, 0x80 | (r << 3) | rm);
> +assert(index != TCG_REG_ESP);
> }
> +
> +tcg_out8(s, mod | (r << 3) | 4);
> +tcg_out8(s, (shift << 6) | (index << 3) | rm);
> +}
> +
> +if (len == 1) {
> +tcg_out8(s, offset);
> +} else if (len == 4) {
> tcg_out32(s, offset);
> }
> }
>
> +/* rm == -1 means no register index */
> +static inline void tcg_out_modrm_offset(TCGContext *s, int opc, int r, int
> rm,
> +int32_t offset)
> +{
> +tcg_out_modrm_sib_offset(s, opc, r, rm, -1, 0, offset);
> +}
> +
> /* Generate dest op= src. Uses the same ARITH_* codes as tgen_arithi. */
> static inline void tgen_arithr(TCGContext *s, int subop, int dest, int src)
> {
> @@ -733,10 +764,9 @@ static void tcg_out_qemu_ld(TCGContext *s, const TCGArg
> *args,
> tgen_arithi(s, ARITH_AND, r0, TARGET_PAGE_MASK | ((1 << s_bits) - 1), 0);
> tgen_arithi(s, ARITH_AND, r1, (CPU_TLB_SIZE - 1) << CPU_TLB_ENTRY_BITS,
> 0);
>
> -tcg_out_opc(s, 0x8d); /* lea offset(r1, %ebp), r1 */
> -tcg_out8(s, 0x80 | (r1 << 3) | 0x04);
> -tcg_out8(s, (5 << 3) | r1);
> -tcg_out32(s, offsetof(CPUState, tlb_table[mem_index][0].addr_read));
> +tcg_out_modrm_sib_offset(s, OPC_LEA, r1, TCG_AREG0, r1, 0,
> + offsetof(CPUState,
> + tlb_table
[Qemu-devel] Re: [PATCH 1/2] trace: Add simple tracing support
I should have used the "[RFC]" tag to make it clear that I'm not proposing these patches for merge, sorry. Stefan
[Qemu-devel] [PATCH 0/3] cursor patches
Hi, Respin of the cursor patches, now using xpm for the builtin pointers. cheers, Gerd Gerd Hoffmann (3): cursor: add cursor functions. use new cursor struct + functions for vmware vga and sdl. vnc: rich cursor support. Makefile.objs |3 +- console.h | 24 ++- cursor.c| 210 +++ cursor_hidden.xpm | 37 + cursor_left_ptr.xpm | 39 ++ hw/vmware_vga.c | 40 +- sdl.c | 52 +++-- vnc.c | 70 +++-- vnc.h |8 ++- vnchextile.h|7 +- 10 files changed, 431 insertions(+), 59 deletions(-) create mode 100644 cursor.c create mode 100644 cursor_hidden.xpm create mode 100644 cursor_left_ptr.xpm
Re: [Qemu-devel] [PATCH 22/22] tcg-i386: Tidy data16 prefixes.
On Wed, Apr 28, 2010 at 11:23:19AM -0700, Richard Henderson wrote:
> Include it in the opcode as an extension, as with P_EXT
> or the REX bits in the x86-64 port.
>
> Signed-off-by: Richard Henderson
Acked-by: Aurelien Jarno
> ---
> tcg/i386/tcg-target.c | 21 +
> 1 files changed, 13 insertions(+), 8 deletions(-)
>
> diff --git a/tcg/i386/tcg-target.c b/tcg/i386/tcg-target.c
> index 646a7b6..2f096fa 100644
> --- a/tcg/i386/tcg-target.c
> +++ b/tcg/i386/tcg-target.c
> @@ -161,7 +161,8 @@ static inline int tcg_target_const_match(tcg_target_long
> val,
> return 0;
> }
>
> -#define P_EXT 0x100 /* 0x0f opcode prefix */
> +#define P_EXT0x100 /* 0x0f opcode prefix */
> +#define P_DATA16 0x200 /* 0x66 opcode prefix */
>
> #define OPC_ARITH_EvIz (0x81)
> #define OPC_ARITH_EvIb (0x83)
> @@ -267,8 +268,12 @@ static const uint8_t tcg_cond_to_jcc[10] = {
>
> static inline void tcg_out_opc(TCGContext *s, int opc)
> {
> -if (opc & P_EXT)
> +if (opc & P_DATA16) {
> +tcg_out8(s, 0x66);
> +}
> +if (opc & P_EXT) {
> tcg_out8(s, 0x0f);
> +}
> tcg_out8(s, opc);
> }
>
> @@ -460,8 +465,8 @@ static inline void tcg_out_bswap32(TCGContext *s, int reg)
>
> static inline void tcg_out_rolw_8(TCGContext *s, int reg)
> {
> -tcg_out8(s, 0x66);
> -tcg_out_shifti(s, SHIFT_ROL, reg, 8);
> +tcg_out_modrm(s, OPC_SHIFT_Ib | P_DATA16, SHIFT_ROL, reg);
> +tcg_out8(s, 8);
> }
>
> static inline void tgen_arithi(TCGContext *s, int c, int r0,
> @@ -1074,8 +1079,8 @@ static void tcg_out_qemu_st(TCGContext *s, const TCGArg
> *args,
> data_reg = r1;
> }
> /* movw */
> -tcg_out8(s, 0x66);
> -tcg_out_modrm_offset(s, OPC_MOVL_EvGv, data_reg, r0, GUEST_BASE);
> +tcg_out_modrm_offset(s, OPC_MOVL_EvGv | P_DATA16,
> + data_reg, r0, GUEST_BASE);
> break;
> case 2:
> if (bswap) {
> @@ -1180,8 +1185,8 @@ static inline void tcg_out_op(TCGContext *s, TCGOpcode
> opc,
> break;
> case INDEX_op_st16_i32:
> /* movw */
> -tcg_out8(s, 0x66);
> -tcg_out_modrm_offset(s, OPC_MOVL_EvGv, args[0], args[1], args[2]);
> +tcg_out_modrm_offset(s, OPC_MOVL_EvGv | P_DATA16,
> + args[0], args[1], args[2]);
> break;
> case INDEX_op_st_i32:
> tcg_out_st(s, TCG_TYPE_I32, args[0], args[1], args[2]);
> --
> 1.6.6.1
>
>
>
>
--
Aurelien Jarno GPG: 1024D/F1BCDB73
aurel...@aurel32.net http://www.aurel32.net
[Qemu-devel] [PATCH 1/3] cursor: add cursor functions.
Add a new cursor type to console.h and a bunch of functions to
deal with cursors the (new) cursor.c file.
Signed-off-by: Gerd Hoffmann
---
Makefile.objs |3 +-
console.h | 24 ++-
cursor.c| 210 +++
cursor_hidden.xpm | 37 +
cursor_left_ptr.xpm | 39 ++
5 files changed, 310 insertions(+), 3 deletions(-)
create mode 100644 cursor.c
create mode 100644 cursor_hidden.xpm
create mode 100644 cursor_left_ptr.xpm
diff --git a/Makefile.objs b/Makefile.objs
index acbaf22..c73c8f0 100644
--- a/Makefile.objs
+++ b/Makefile.objs
@@ -48,7 +48,8 @@ common-obj-y = $(block-obj-y)
common-obj-y += $(net-obj-y)
common-obj-y += $(qobject-obj-y)
common-obj-$(CONFIG_LINUX) += $(fsdev-obj-$(CONFIG_LINUX))
-common-obj-y += readline.o console.o async.o qemu-error.o
+common-obj-y += readline.o console.o cursor.o async.o qemu-error.o
+
common-obj-y += tcg-runtime.o host-utils.o
common-obj-y += irq.o ioport.o input.o
common-obj-$(CONFIG_PTIMER) += ptimer.o
diff --git a/console.h b/console.h
index 6def115..88861cb 100644
--- a/console.h
+++ b/console.h
@@ -126,6 +126,27 @@ struct DisplaySurface {
struct PixelFormat pf;
};
+/* cursor data format is 32bit RGBA */
+typedef struct QEMUCursor {
+int width, height;
+int hot_x, hot_y;
+int refcount;
+uint32_tdata[];
+} QEMUCursor;
+
+QEMUCursor *cursor_alloc(int width, int height);
+void cursor_get(QEMUCursor *c);
+void cursor_put(QEMUCursor *c);
+QEMUCursor *cursor_builtin_hidden(void);
+QEMUCursor *cursor_builtin_left_ptr(void);
+void cursor_print_ascii_art(QEMUCursor *c, const char *prefix);
+int cursor_get_mono_bpl(QEMUCursor *c);
+void cursor_set_mono(QEMUCursor *c,
+ uint32_t foreground, uint32_t background, uint8_t *image,
+ int transparent, uint8_t *mask);
+void cursor_get_mono_image(QEMUCursor *c, int foreground, uint8_t *mask);
+void cursor_get_mono_mask(QEMUCursor *c, int transparent, uint8_t *mask);
+
struct DisplayChangeListener {
int idle;
uint64_t gui_timer_interval;
@@ -158,8 +179,7 @@ struct DisplayState {
struct DisplayChangeListener* listeners;
void (*mouse_set)(int x, int y, int on);
-void (*cursor_define)(int width, int height, int bpp, int hot_x, int hot_y,
- uint8_t *image, uint8_t *mask);
+void (*cursor_define)(QEMUCursor *cursor);
struct DisplayState *next;
};
diff --git a/cursor.c b/cursor.c
new file mode 100644
index 000..dfb9eef
--- /dev/null
+++ b/cursor.c
@@ -0,0 +1,210 @@
+#include "qemu-common.h"
+#include "console.h"
+
+#include "cursor_hidden.xpm"
+#include "cursor_left_ptr.xpm"
+
+/* for creating built-in cursors */
+static QEMUCursor *cursor_parse_xpm(const char *xpm[])
+{
+QEMUCursor *c;
+uint32_t ctab[128];
+unsigned int width, height, colors, chars;
+unsigned int line = 0, i, r, g, b, x, y, pixel;
+char name[16];
+uint8_t idx;
+
+/* parse header line: width, height, #colors, #chars */
+if (sscanf(xpm[line], "%d %d %d %d", &width, &height, &colors, &chars) !=
4) {
+fprintf(stderr, "%s: header parse error: \"%s\"\n",
+__FUNCTION__, xpm[line]);
+return NULL;
+}
+if (chars != 1) {
+fprintf(stderr, "%s: chars != 1 not supported\n", __FUNCTION__);
+return NULL;
+}
+line++;
+
+/* parse color table */
+for (i = 0; i < colors; i++, line++) {
+if (sscanf(xpm[line], "%c c %15s", &idx, name) == 2) {
+if (sscanf(name, "#%02x%02x%02x", &r, &g, &b) == 3) {
+ctab[idx] = (0xff << 24) | (b << 16) | (g << 8) | r;
+continue;
+}
+if (strcmp(name, "None") == 0) {
+ctab[idx] = 0x;
+continue;
+}
+}
+fprintf(stderr, "%s: color parse error: \"%s\"\n",
+__FUNCTION__, xpm[line]);
+return NULL;
+}
+
+/* parse pixel data */
+c = cursor_alloc(width, height);
+for (pixel = 0, y = 0; y < height; y++, line++) {
+for (x = 0; x < height; x++, pixel++) {
+idx = xpm[line][x];
+c->data[pixel] = ctab[idx];
+}
+}
+return c;
+}
+
+/* nice for debugging */
+void cursor_print_ascii_art(QEMUCursor *c, const char *prefix)
+{
+uint32_t *data = c->data;
+int x,y;
+
+for (y = 0; y < c->height; y++) {
+fprintf(stderr, "%s: %2d: |", prefix, y);
+for (x = 0; x < c->width; x++, data++) {
+if ((*data & 0xff00) != 0xff00) {
+fprintf(stderr, " "); /* transparent */
+} else if ((*data & 0x00ff) == 0x00ff) {
+fprintf(stderr, "."); /* white */
+} else if ((*data & 0x00ff) == 0x) {
+fprintf(stderr, "X"); /* black */
+} else {
Re: [Qemu-devel] [PATCH 00/22] tcg-i386 cleanup and improvement, v2
On Wed, Apr 28, 2010 at 11:24:33AM -0700, Richard Henderson wrote: > Changes v1->v2: > * Dropped controversial bswap changes; bswap16 continues to use rolw. > * Tidy data16 as the last of the hard-coded constants. > I have applied 1-2 and 5-9, but I can't apply the other without patches 3 and 4. The others are fine except a minor issue on patch 13. Could you please resend a series with the changes? > > Richard Henderson (22): > tcg-i386: Allocate call-saved registers first. > tcg-i386: Tidy initialization of tcg_target_call_clobber_regs. > tcg-i386: Tidy ext8u and ext16u operations. > tcg-i386: Tidy ext8s and ext16s operations. > tcg-i386: Tidy bswap operations. > tcg-i386: Tidy shift operations. > tcg-i386: Tidy move operations. > tcg-i386: Eliminate extra move from qemu_ld64. > tcg-i386: Tidy jumps. > tcg-i386: Tidy immediate arithmetic operations. > tcg-i386: Tidy non-immediate arithmetic operations. > tcg-i386: Tidy movi. > tcg-i386: Tidy push/pop. > tcg-i386: Tidy calls. > tcg-i386: Tidy ret. > tcg-i386: Tidy setcc. > tcg-i386: Tidy unary arithmetic. > tcg-i386: Tidy multiply. > tcg-i386: Tidy xchg. > tcg-i386: Tidy lea. > tcg-i386: Use lea for three-operand add. > tcg-i386: Tidy data16 prefixes. > > tcg/i386/tcg-target.c | 718 > + > 1 files changed, 433 insertions(+), 285 deletions(-) > > > > -- Aurelien Jarno GPG: 1024D/F1BCDB73 aurel...@aurel32.net http://www.aurel32.net
[Qemu-devel] [PATCH 3/3] vnc: rich cursor support.
Uses VNC_ENCODING_RICH_CURSOR. Adding XCURSOR support should be
possible without much trouble. Shouldn't be needed though as
RICH_CURSOR is a superset of XCURSOR.
Signed-off-by: Gerd Hoffmann
---
vnc.c| 70 +++--
vnc.h|8 +-
vnchextile.h |7 +++--
3 files changed, 73 insertions(+), 12 deletions(-)
diff --git a/vnc.c b/vnc.c
index 1f7ad73..11ae3e5 100644
--- a/vnc.c
+++ b/vnc.c
@@ -49,6 +49,8 @@
static VncDisplay *vnc_display; /* needed for info vnc */
static DisplayChangeListener *dcl;
+static int vnc_cursor_define(VncState *vs);
+
static char *addr_to_string(const char *format,
struct sockaddr_storage *sa,
socklen_t salen) {
@@ -549,12 +551,16 @@ static void vnc_dpy_resize(DisplayState *ds)
vnc_flush(vs);
}
}
+if (vs->vd->cursor) {
+vnc_cursor_define(vs);
+}
memset(vs->dirty, 0xFF, sizeof(vs->dirty));
}
}
/* fastest code */
-static void vnc_write_pixels_copy(VncState *vs, void *pixels, int size)
+static void vnc_write_pixels_copy(VncState *vs, struct PixelFormat *pf,
+ void *pixels, int size)
{
vnc_write(vs, pixels, size);
}
@@ -604,12 +610,12 @@ void vnc_convert_pixel(VncState *vs, uint8_t *buf,
uint32_t v)
}
}
-static void vnc_write_pixels_generic(VncState *vs, void *pixels1, int size)
+static void vnc_write_pixels_generic(VncState *vs, struct PixelFormat *pf,
+ void *pixels1, int size)
{
uint8_t buf[4];
-VncDisplay *vd = vs->vd;
-if (vd->server->pf.bytes_per_pixel == 4) {
+if (pf->bytes_per_pixel == 4) {
uint32_t *pixels = pixels1;
int n, i;
n = size >> 2;
@@ -617,7 +623,7 @@ static void vnc_write_pixels_generic(VncState *vs, void
*pixels1, int size)
vnc_convert_pixel(vs, buf, pixels[i]);
vnc_write(vs, buf, vs->clientds.pf.bytes_per_pixel);
}
-} else if (vd->server->pf.bytes_per_pixel == 2) {
+} else if (pf->bytes_per_pixel == 2) {
uint16_t *pixels = pixels1;
int n, i;
n = size >> 1;
@@ -625,7 +631,7 @@ static void vnc_write_pixels_generic(VncState *vs, void
*pixels1, int size)
vnc_convert_pixel(vs, buf, pixels[i]);
vnc_write(vs, buf, vs->clientds.pf.bytes_per_pixel);
}
-} else if (vd->server->pf.bytes_per_pixel == 1) {
+} else if (pf->bytes_per_pixel == 1) {
uint8_t *pixels = pixels1;
int n, i;
n = size;
@@ -646,7 +652,7 @@ void vnc_raw_send_framebuffer_update(VncState *vs, int x,
int y, int w, int h)
row = vd->server->data + y * ds_get_linesize(vs->ds) + x *
ds_get_bytes_per_pixel(vs->ds);
for (i = 0; i < h; i++) {
-vs->write_pixels(vs, row, w * ds_get_bytes_per_pixel(vs->ds));
+vs->write_pixels(vs, &vd->server->pf, row, w *
ds_get_bytes_per_pixel(vs->ds));
row += ds_get_linesize(vs->ds);
}
}
@@ -752,6 +758,50 @@ static void vnc_dpy_copy(DisplayState *ds, int src_x, int
src_y, int dst_x, int
}
}
+static void vnc_mouse_set(int x, int y, int visible)
+{
+/* can we ask the client(s) to move the pointer ??? */
+}
+
+static int vnc_cursor_define(VncState *vs)
+{
+QEMUCursor *c = vs->vd->cursor;
+PixelFormat pf = qemu_default_pixelformat(32);
+int isize;
+
+if (vnc_has_feature(vs, VNC_FEATURE_RICH_CURSOR)) {
+vnc_write_u8(vs, VNC_MSG_SERVER_FRAMEBUFFER_UPDATE);
+vnc_write_u8(vs, 0); /* padding */
+vnc_write_u16(vs, 1); /* # of rects */
+vnc_framebuffer_update(vs, c->hot_x, c->hot_y, c->width, c->height,
+ VNC_ENCODING_RICH_CURSOR);
+isize = c->width * c->height * vs->clientds.pf.bytes_per_pixel;
+vnc_write_pixels_generic(vs, &pf, c->data, isize);
+vnc_write(vs, vs->vd->cursor_mask, vs->vd->cursor_msize);
+return 0;
+}
+return -1;
+}
+
+static void vnc_dpy_cursor_define(QEMUCursor *c)
+{
+VncDisplay *vd = vnc_display;
+VncState *vs;
+
+cursor_put(vd->cursor);
+qemu_free(vd->cursor_mask);
+
+vd->cursor = c;
+cursor_get(vd->cursor);
+vd->cursor_msize = cursor_get_mono_bpl(c) * c->height;
+vd->cursor_mask = qemu_mallocz(vd->cursor_msize);
+cursor_get_mono_mask(c, 0, vd->cursor_mask);
+
+QTAILQ_FOREACH(vs, &vd->clients, next) {
+vnc_cursor_define(vs);
+}
+}
+
static int find_and_clear_dirty_height(struct VncState *vs,
int y, int last_x, int x)
{
@@ -1628,6 +1678,9 @@ static void set_encodings(VncState *vs, int32_t
*encodings, size_t n_encodings)
case VNC_ENCODING_POINTER_TYPE_CHANGE:
vs->features |= VNC_FEATURE_POINTER_TYPE_CHANGE_MASK;
break;
+case VNC_ENCODING_RICH_CURSOR:
+vs-
[Qemu-devel] [PATCH] do not require lookahead for escapes too
Signed-off-by: Paolo Bonzini
---
json-lexer.c | 21 -
roms/seabios |2 +-
2 files changed, 9 insertions(+), 14 deletions(-)
diff --git a/json-lexer.c b/json-lexer.c
index b9250c1..bc9dfae 100644
--- a/json-lexer.c
+++ b/json-lexer.c
@@ -56,7 +56,6 @@ enum json_lexer_state {
IN_ESCAPE_I,
IN_ESCAPE_I6,
IN_ESCAPE_I64,
-IN_ESCAPE_DONE,
IN_WHITESPACE,
IN_START,
};
@@ -208,21 +207,17 @@ static const uint8_t json_lexer[][256] = {
},
/* escape */
-[IN_ESCAPE_DONE] = {
-TERMINAL(JSON_ESCAPE),
-},
-
[IN_ESCAPE_LL] = {
-['d'] = IN_ESCAPE_DONE,
+['d'] = JSON_ESCAPE,
},
[IN_ESCAPE_L] = {
-['d'] = IN_ESCAPE_DONE,
+['d'] = JSON_ESCAPE,
['l'] = IN_ESCAPE_LL,
},
[IN_ESCAPE_I64] = {
-['d'] = IN_ESCAPE_DONE,
+['d'] = JSON_ESCAPE,
},
[IN_ESCAPE_I6] = {
@@ -234,11 +229,11 @@ static const uint8_t json_lexer[][256] = {
},
[IN_ESCAPE] = {
-['d'] = IN_ESCAPE_DONE,
-['i'] = IN_ESCAPE_DONE,
-['p'] = IN_ESCAPE_DONE,
-['s'] = IN_ESCAPE_DONE,
-['f'] = IN_ESCAPE_DONE,
+['d'] = JSON_ESCAPE,
+['i'] = JSON_ESCAPE,
+['p'] = JSON_ESCAPE,
+['s'] = JSON_ESCAPE,
+['f'] = JSON_ESCAPE,
['l'] = IN_ESCAPE_L,
['I'] = IN_ESCAPE_I,
},
diff --git a/roms/seabios b/roms/seabios
index 7d09d0e..8f469b9 16
--- a/roms/seabios
+++ b/roms/seabios
@@ -1 +1 @@
-Subproject commit 7d09d0e3ba11310e973d4302c7fcc3fc2184e04c
+Subproject commit 8f469b9676127ba6bb52609d89ec774e61db0ee1
--
1.6.6.1
[Qemu-devel] [PATCH 2/3] use new cursor struct + functions for vmware vga and sdl.
Signed-off-by: Gerd Hoffmann
---
hw/vmware_vga.c | 40 +++-
sdl.c | 52 +---
2 files changed, 48 insertions(+), 44 deletions(-)
diff --git a/hw/vmware_vga.c b/hw/vmware_vga.c
index e709369..bf2a699 100644
--- a/hw/vmware_vga.c
+++ b/hw/vmware_vga.c
@@ -477,13 +477,43 @@ struct vmsvga_cursor_definition_s {
static inline void vmsvga_cursor_define(struct vmsvga_state_s *s,
struct vmsvga_cursor_definition_s *c)
{
-int i;
-for (i = SVGA_BITMAP_SIZE(c->width, c->height) - 1; i >= 0; i --)
-c->mask[i] = ~c->mask[i];
+QEMUCursor *qc;
+int i, pixels;
+
+qc = cursor_alloc(c->width, c->height);
+qc->hot_x = c->hot_x;
+qc->hot_y = c->hot_y;
+switch (c->bpp) {
+case 1:
+cursor_set_mono(qc, 0xff, 0x00, (void*)c->image,
+1, (void*)c->mask);
+#ifdef DEBUG
+cursor_print_ascii_art(qc, "vmware/mono");
+#endif
+break;
+case 32:
+/* fill alpha channel from mask, set color to zero */
+cursor_set_mono(qc, 0x00, 0x00, (void*)c->mask,
+1, (void*)c->mask);
+/* add in rgb values */
+pixels = c->width * c->height;
+for (i = 0; i < pixels; i++) {
+qc->data[i] |= c->image[i] & 0xff;
+}
+#ifdef DEBUG
+cursor_print_ascii_art(qc, "vmware/32bit");
+#endif
+break;
+default:
+fprintf(stderr, "%s: unhandled bpp %d, using fallback cursor\n",
+__FUNCTION__, c->bpp);
+cursor_put(qc);
+qc = cursor_builtin_left_ptr();
+}
if (s->vga.ds->cursor_define)
-s->vga.ds->cursor_define(c->width, c->height, c->bpp, c->hot_x,
c->hot_y,
-(uint8_t *) c->image, (uint8_t *) c->mask);
+s->vga.ds->cursor_define(qc);
+cursor_put(qc);
}
#endif
diff --git a/sdl.c b/sdl.c
index 16a48e9..7c9ddbf 100644
--- a/sdl.c
+++ b/sdl.c
@@ -778,49 +778,23 @@ static void sdl_mouse_warp(int x, int y, int on)
guest_x = x, guest_y = y;
}
-static void sdl_mouse_define(int width, int height, int bpp,
- int hot_x, int hot_y,
- uint8_t *image, uint8_t *mask)
+static void sdl_mouse_define(QEMUCursor *c)
{
-uint8_t sprite[256], *line;
-int x, y, dst, bypl, src = 0;
+uint8_t *image, *mask;
+int bpl;
+
if (guest_sprite)
SDL_FreeCursor(guest_sprite);
-memset(sprite, 0, 256);
-bypl = ((width * bpp + 31) >> 5) << 2;
-for (y = 0, dst = 0; y < height; y ++, image += bypl) {
-line = image;
-for (x = 0; x < width; x ++, dst ++) {
-switch (bpp) {
-case 32:
-src = *(line ++); src |= *(line ++); src |= *(line ++); line++;
-break;
-case 24:
-src = *(line ++); src |= *(line ++); src |= *(line ++);
-break;
-case 16:
-case 15:
-src = *(line ++); src |= *(line ++);
-break;
-case 8:
-src = *(line ++);
-break;
-case 4:
-src = 0xf & (line[x >> 1] >> ((x & 1)) << 2);
-break;
-case 2:
-src = 3 & (line[x >> 2] >> ((x & 3)) << 1);
-break;
-case 1:
-src = 1 & (line[x >> 3] >> (x & 7));
-break;
-}
-if (!src)
-sprite[dst >> 3] |= (1 << (~dst & 7)) & mask[dst >> 3];
-}
-}
-guest_sprite = SDL_CreateCursor(sprite, mask, width, height, hot_x, hot_y);
+bpl = cursor_get_mono_bpl(c);
+image = qemu_mallocz(bpl * c->height);
+mask = qemu_mallocz(bpl * c->height);
+cursor_get_mono_image(c, 0x00, image);
+cursor_get_mono_mask(c, 0, mask);
+guest_sprite = SDL_CreateCursor(image, mask, c->width, c->height,
+c->hot_x, c->hot_y);
+qemu_free(image);
+qemu_free(mask);
if (guest_cursor &&
(gui_grab || kbd_mouse_is_absolute() || absolute_enabled))
--
1.6.6.1
Re: [Qemu-devel] [PATCH 1/2] arm_timer: reload timer when enabled
On Sun, May 02, 2010 at 03:20:51PM +0530, Rabin Vincent wrote:
> Reload the timer when TimerControl is written, if the timer is to be
> enabled. Otherwise, if an earlier write to TimerLoad was done while
> periodic mode was not set, s->delta may incorrectly still have the value
> of the maximum limit instead of the value written to TimerLoad.
>
> This problem is evident on versatileap on current linux-next, which
> enables TIMER_CTRL_32BIT before writing to TimerLoad and then enabling
> periodic mode and starting the timer. This causes the first periodic
> tick to be scheduled to occur after 0x periods, leading to a
> perceived hang while the kernel waits for the first timer tick.
>
> Signed-off-by: Rabin Vincent
Thanks, applied.
> ---
> hw/arm_timer.c |2 +-
> 1 files changed, 1 insertions(+), 1 deletions(-)
>
> diff --git a/hw/arm_timer.c b/hw/arm_timer.c
> index 9fef191..5b6947a 100644
> --- a/hw/arm_timer.c
> +++ b/hw/arm_timer.c
> @@ -113,7 +113,7 @@ static void arm_timer_write(void *opaque,
> target_phys_addr_t offset,
> case 1: freq >>= 4; break;
> case 2: freq >>= 8; break;
> }
> -arm_timer_recalibrate(s, 0);
> +arm_timer_recalibrate(s, s->control & TIMER_CTRL_ENABLE);
> ptimer_set_freq(s->timer, freq);
> if (s->control & TIMER_CTRL_ENABLE) {
> /* Restart the timer if still enabled. */
> --
> 1.7.0.4
>
>
>
>
--
Aurelien Jarno GPG: 1024D/F1BCDB73
aurel...@aurel32.net http://www.aurel32.net
Re: [Qemu-devel] [PATCH 2/2] arm_timer: fix oneshot mode
On Sun, May 02, 2010 at 03:20:52PM +0530, Rabin Vincent wrote:
> In oneshot mode, the delta needs to come from the TimerLoad register,
> not the maximum limit.
>
> Signed-off-by: Rabin Vincent
Thanks, applied.
> ---
> hw/arm_timer.c |2 +-
> 1 files changed, 1 insertions(+), 1 deletions(-)
>
> diff --git a/hw/arm_timer.c b/hw/arm_timer.c
> index 5b6947a..9073ffc 100644
> --- a/hw/arm_timer.c
> +++ b/hw/arm_timer.c
> @@ -71,7 +71,7 @@ static void arm_timer_recalibrate(arm_timer_state *s, int
> reload)
> {
> uint32_t limit;
>
> -if ((s->control & TIMER_CTRL_PERIODIC) == 0) {
> +if ((s->control & (TIMER_CTRL_PERIODIC | TIMER_CTRL_ONESHOT)) == 0) {
> /* Free running. */
> if (s->control & TIMER_CTRL_32BIT)
> limit = 0x;
> --
> 1.7.0.4
>
>
>
>
--
Aurelien Jarno GPG: 1024D/F1BCDB73
aurel...@aurel32.net http://www.aurel32.net
[Qemu-devel] Re: [[RfC PATCH]] linux fbdev display driver prototype.
On Thu, 20 May 2010, Gerd Hoffmann wrote: > Display works with 32 bpp (both host + guest) only. > Which surprisingly didn't cause much problems so far in my testing. > Host runs with kms and inteldrmfb. > > Mouse support isn't available yet. > I've cheated by passed through the hosts usb mouse for testing. > > Keyboard works. Guest screen has whatever keymap you load inside > the guest. Text windows (monitor, serial, ...) have a simple en-us > keymap. Good enougth to type monitor commands. Not goot enougth to > work seriously on a serial terminal. But the qemu terminal emulation > isn't good enougth for that anyway ;) > > Hot keys: > Ctrl-Alt-F -> host console switching. > Ctrl-Alt- -> qemu console switching. > Ctrl-Alt-ESC-> exit qemu. > > Special feature: Sane console switching. Switching away stops screen > updates. Switching back redraws the screen. When started from the > linux console qemu uses the vt you've started it from (requires just > read/write access to /dev/fb0). When starting from somewhere else qemu > tries to open a unused virtual terminal and switch to it (usually > requires root privileges to open /dev/tty). > > For some strange reason console switching from X11 to qemu doesn't work. > Anything else (including X11 -> text console -> qemu) works fine. To be > investigated ... > Not bad for quick start! Does qemu->qemu switching work when running multiple VMs?
[Qemu-devel] Re: [[RfC PATCH]] linux fbdev display driver prototype.
Hi, Does qemu->qemu switching work when running multiple VMs? Yes. cheers, Gerd
Re: [Qemu-devel] [PATCH] pflash_cfi01: add device ID read command
On Sat, May 01, 2010 at 07:34:06PM +0200, Michael Walle wrote:
> Add support to read manufacturer and device ID. For everything else (eg.
> lock bits) 0 is returned.
>
> Signed-off-by: Michael Walle
Thanks, applied.
> ---
> hw/pflash_cfi01.c | 20
> 1 files changed, 20 insertions(+), 0 deletions(-)
>
> diff --git a/hw/pflash_cfi01.c b/hw/pflash_cfi01.c
> index 6b2adba..bc901e6 100644
> --- a/hw/pflash_cfi01.c
> +++ b/hw/pflash_cfi01.c
> @@ -166,6 +166,22 @@ static uint32_t pflash_read (pflash_t *pfl,
> target_phys_addr_t offset,
> ret = pfl->status;
> DPRINTF("%s: status %x\n", __func__, ret);
> break;
> +case 0x90:
> +switch (boff) {
> +case 0:
> +ret = pfl->ident[0] << 8 | pfl->ident[1];
> +DPRINTF("%s: Manufacturer Code %04x\n", __func__, ret);
> +break;
> +case 1:
> +ret = pfl->ident[2] << 8 | pfl->ident[3];
> +DPRINTF("%s: Device ID Code %04x\n", __func__, ret);
> +break;
> +default:
> +DPRINTF("%s: Read Device Information boff=%x\n", __func__, boff);
> +ret = 0;
> +break;
> +}
> +break;
> case 0x98: /* Query mode */
> if (boff > pfl->cfi_len)
> ret = 0;
> @@ -283,6 +299,10 @@ static void pflash_write(pflash_t *pfl,
> target_phys_addr_t offset,
> DPRINTF("%s: Read status register\n", __func__);
> pfl->cmd = cmd;
> return;
> +case 0x90: /* Read Device ID */
> +DPRINTF("%s: Read Device information\n", __func__);
> +pfl->cmd = cmd;
> +return;
> case 0x98: /* CFI query */
> DPRINTF("%s: CFI query\n", __func__);
> break;
> --
> 1.5.6.5
>
>
>
>
--
Aurelien Jarno GPG: 1024D/F1BCDB73
aurel...@aurel32.net http://www.aurel32.net
[Qemu-devel] [RFC 0/2] Tracing
Trace events in QEMU/KVM can be very useful for debugging and performance analysis. I'd like to discuss tracing support and hope others have an interest in this feature, too. Following this email are patches I am using to debug virtio-blk and storage. The patches provide trivial tracing support, but they don't address the details of real tracing tools: enabling/disabling events at runtime, no overhead for disabled events, multithreading support, etc. It would be nice to have userland tracing facilities that work out-of-the-box on production systems. Unfortunately, I'm not aware of any such facilities out there right now on Linux. Perhaps SystemTap userspace tracing is the way to go, has anyone tried it with KVM? For the medium term, without userspace tracing facilities in the OS we could put something into QEMU to address the need for tracing. Here are my thoughts on fleshing out the tracing patch I have posted: 1. Make it possible to enable/disable events at runtime. Users enable only the events they are interested in and aren't flooded with trace data for all other events. 2. Either make trace events cheap or build without trace events by default. Disable by default still allows tracing to be used for development but less for production. 3. Allow events in any execution context (cpu, io, aio emulation threads). The current code does not support concurrency and is meant for when the iothread mutex is held. 4. Make it easy to add new events. Instead of keeping trace.h and trace.py in sync manually, use something like .hx to produce the appropriate C and Python. Summary: Tracing is useful, are there external tools we can use right now? If not, should we put in something that works well enough until external tools catch up? Stefan
[Qemu-devel] [PATCH] Add support for depth 15 to qemu_default_pixelformat()
Makes qemu_default_pixelformat(15) return pixelformat filled for 15 bit
color depth (16 bpp, 5 bits for red,green,blue each, 1 bit unused).
Signed-off-by: Gerd Hoffmann
---
console.c | 16
1 files changed, 16 insertions(+), 0 deletions(-)
diff --git a/console.c b/console.c
index 7070b1b..c91e2bb 100644
--- a/console.c
+++ b/console.c
@@ -1621,6 +1621,22 @@ PixelFormat qemu_default_pixelformat(int bpp)
pf.depth = bpp == 32 ? 24 : bpp;
switch (bpp) {
+case 15:
+pf.bits_per_pixel = 16;
+pf.bytes_per_pixel = 2;
+pf.rmask = 0x7c00;
+pf.gmask = 0x03E0;
+pf.bmask = 0x001F;
+pf.rmax = 31;
+pf.gmax = 31;
+pf.bmax = 31;
+pf.rshift = 10;
+pf.gshift = 5;
+pf.bshift = 0;
+pf.rbits = 5;
+pf.gbits = 5;
+pf.bbits = 5;
+break;
case 16:
pf.rmask = 0xF800;
pf.gmask = 0x07E0;
--
1.6.6.1
[Qemu-devel] Re: [PATCH 1/2] trace: Add simple tracing support
Stefan Hajnoczi wrote:
> Trace events should be defined in trace.h. Events are written to
> /tmp/trace.log and can be formatted using trace.py. Remember to add
> events to trace.py for pretty-printing.
When already writing to a file, why not reusing QEMU's logging
infrastructure ("log " / "-d foo")? Shouldn't make a huge
performance difference if the data is saved in clear-text.
Also, having support for ftrace's user space markers would be a very
nice option (only an option as it's Linux-specific), see
http://lwn.net/Articles/366796. This allows to correlate kernel events
(KVM as well as others) with what goes on in QEMU. It simply enables
integration with the whole kernel tracing infrastructure, e.g.
KernelShark (http://people.redhat.com/srostedt/kernelshark/HTML).
Jan
--
Siemens AG, Corporate Technology, CT T DE IT 1
Corporate Competence Center Embedded Linux
Re: [Qemu-devel] [PATCH] virtio-blk: Avoid zeroing every request structure
On Tue, May 18, 2010 at 9:43 PM, Stefan Hajnoczi wrote: > I'll rerun with profiling tomorrow to see if calloc() makes a > difference for general qemu_mallocz() usage. The results are unchanged for direct calloc() instead of malloc+memset. The memset() symbol is still at the top of the profile because glibc is using it internally for calloc(). In theory calloc() allows libc to do optimizations so I think changing qemu_mallocz() to use calloc() is reasonable. Stefan
Re: [Qemu-devel] [RFC 0/2] Tracing
Hi Stefan, Nice to see the patchset. I am working on something similar, on the lines of static trace events for QEMU, that collect traces in a qemu-internal buffer. This would employ monitor commands to read traces, as well as enable/disable trace events at runtime. I plan to post a prototype early next week. On 05/21/2010 03:12 PM, Stefan Hajnoczi wrote: Trace events in QEMU/KVM can be very useful for debugging and performance analysis. I'd like to discuss tracing support and hope others have an interest in this feature, too. Following this email are patches I am using to debug virtio-blk and storage. The patches provide trivial tracing support, but they don't address the details of real tracing tools: enabling/disabling events at runtime, no overhead for disabled events, multithreading support, etc. It would be nice to have userland tracing facilities that work out-of-the-box on production systems. Unfortunately, I'm not aware of any such facilities out there right now on Linux. Perhaps SystemTap userspace tracing is the way to go, has anyone tried it with KVM? For the medium term, without userspace tracing facilities in the OS we could put something into QEMU to address the need for tracing. Here are my thoughts on fleshing out the tracing patch I have posted: 1. Make it possible to enable/disable events at runtime. Users enable only the events they are interested in and aren't flooded with trace data for all other events. Agree, my upcoming patchset should address this. 2. Either make trace events cheap or build without trace events by default. Disable by default still allows tracing to be used for development but less for production. I'm trying to do this too, though quite a lot remains to be improved in my current implementation :-) 3. Allow events in any execution context (cpu, io, aio emulation threads). Agree. 4. Make it easy to add new events. Agree ! I'm trying to provide a unified macro interface like trace events which makes it easy enough to add new events. Regards, -- Prerna Saxena Linux Technology Centre, IBM Systems and Technology Lab, Bangalore, India
[Qemu-devel] Re: [PATCH] add support for protocol driver create_options
Am 20.05.2010 07:36, schrieb MORITA Kazutaka: > This patch enables protocol drivers to use their create options which > are not supported by the format. For example, protcol drivers can use > a backing_file option with raw format. > > Signed-off-by: MORITA Kazutaka Hm, this is not stackable, right? Though I do see that making it stackable would require some bigger changes, so maybe we can get away with claiming that this approach covers everything that happens in practice. If we accept that this is the desired behaviour, the code looks good to me. Kevin
Re: [Qemu-devel] [PATCH] fix curses update - v2
Hi, I pushed a modified patch to preserve attributes such as background colour. Please check if this works for you. Cheers
[Qemu-devel] [Bug 453617] Re: kvm hangs at 100% cpu when connecting to forwarded ports (when listed incorrectly on the command line)
** Branch linked: lp:ubuntu/qemu-kvm -- kvm hangs at 100% cpu when connecting to forwarded ports (when listed incorrectly on the command line) https://bugs.launchpad.net/bugs/453617 You received this bug notification because you are a member of qemu- devel-ml, which is subscribed to QEMU. Status in QEMU: Confirmed Status in “qemu-kvm” package in Ubuntu: Fix Released Status in “qemu-kvm” source package in Lucid: Fix Released Bug description: Binary package hint: qemu-kvm If kvm is started using two separate "-net user,hostfwd=" arguments to forward ports from the host to the client, it won't complain, but will return a connection refused error and hang at 100% cpu when trying to connect to either forwarded port. However, if kvm is started with the hostfwd rules combined together into a single "-net user" argument, it works fine. As an example, this command line doesn't generate any warnings or errors, but causes kvm to hang for me: kvm -net nic -net user,hostfwd=tcp:127.0.0.1:-:80 -net user,hostfwd=tcp:127.0.0.1:-:22 -m 128 -smp 1 -drive file=disk0.qcow2 ... but this command line works fine: kvm -net nic -net user,hostfwd=tcp:127.0.0.1:-:80,hostfwd=tcp:127.0.0.1:-:22 -m 128 -smp 1 -drive file=disk0.qcow2 ProblemType: Bug Architecture: amd64 Date: Fri Oct 16 17:19:59 2009 DistroRelease: Ubuntu 9.10 KvmCmdLine: Error: command ['ps', '-C', 'kvm', '-F'] failed with exit code 1: UIDPID PPID CSZ RSS PSR STIME TTY TIME CMD MachineType: Sony Corporation VGN-SZ650N NonfreeKernelModules: nvidia Package: kvm (not installed) PccardctlIdent: Socket 0: no product info available PccardctlStatus: Socket 0: no card ProcCmdLine: root=UUID=3ee4953e-48f0-497c-ae78-18cbb18cfef8 ro quiet splash ProcEnviron: LANGUAGE=en_US.UTF-8 PATH=(custom, user) LANG=en_US.UTF-8 SHELL=/bin/bash ProcVersionSignature: Ubuntu 2.6.31-14.47-generic SourcePackage: qemu-kvm Uname: Linux 2.6.31-14-generic x86_64 dmi.bios.date: 07/12/2007 dmi.bios.vendor: Phoenix Technologies LTD dmi.bios.version: R0081S5 dmi.board.asset.tag: N/A dmi.board.name: VAIO dmi.board.vendor: Sony Corporation dmi.board.version: N/A dmi.chassis.type: 10 dmi.chassis.vendor: Sony Corporation dmi.chassis.version: N/A dmi.modalias: dmi:bvnPhoenixTechnologiesLTD:bvrR0081S5:bd07/12/2007:svnSonyCorporation:pnVGN-SZ650N:pvrJ002VXGP:rvnSonyCorporation:rnVAIO:rvrN/A:cvnSonyCorporation:ct10:cvrN/A: dmi.product.name: VGN-SZ650N dmi.product.version: J002VXGP dmi.sys.vendor: Sony Corporation
Re: [Qemu-devel] [PATCH 1/3] cursor: add cursor functions.
On 05/21/2010 04:54 AM, Gerd Hoffmann wrote:
Add a new cursor type to console.h and a bunch of functions to
deal with cursors the (new) cursor.c file.
Signed-off-by: Gerd Hoffmann
I like this implementation. Blue, are you happy with it?
Regards,
Anthony Liguori
---
Makefile.objs |3 +-
console.h | 24 ++-
cursor.c| 210 +++
cursor_hidden.xpm | 37 +
cursor_left_ptr.xpm | 39 ++
5 files changed, 310 insertions(+), 3 deletions(-)
create mode 100644 cursor.c
create mode 100644 cursor_hidden.xpm
create mode 100644 cursor_left_ptr.xpm
diff --git a/Makefile.objs b/Makefile.objs
index acbaf22..c73c8f0 100644
--- a/Makefile.objs
+++ b/Makefile.objs
@@ -48,7 +48,8 @@ common-obj-y = $(block-obj-y)
common-obj-y += $(net-obj-y)
common-obj-y += $(qobject-obj-y)
common-obj-$(CONFIG_LINUX) += $(fsdev-obj-$(CONFIG_LINUX))
-common-obj-y += readline.o console.o async.o qemu-error.o
+common-obj-y += readline.o console.o cursor.o async.o qemu-error.o
+
common-obj-y += tcg-runtime.o host-utils.o
common-obj-y += irq.o ioport.o input.o
common-obj-$(CONFIG_PTIMER) += ptimer.o
diff --git a/console.h b/console.h
index 6def115..88861cb 100644
--- a/console.h
+++ b/console.h
@@ -126,6 +126,27 @@ struct DisplaySurface {
struct PixelFormat pf;
};
+/* cursor data format is 32bit RGBA */
+typedef struct QEMUCursor {
+int width, height;
+int hot_x, hot_y;
+int refcount;
+uint32_tdata[];
+} QEMUCursor;
+
+QEMUCursor *cursor_alloc(int width, int height);
+void cursor_get(QEMUCursor *c);
+void cursor_put(QEMUCursor *c);
+QEMUCursor *cursor_builtin_hidden(void);
+QEMUCursor *cursor_builtin_left_ptr(void);
+void cursor_print_ascii_art(QEMUCursor *c, const char *prefix);
+int cursor_get_mono_bpl(QEMUCursor *c);
+void cursor_set_mono(QEMUCursor *c,
+ uint32_t foreground, uint32_t background, uint8_t *image,
+ int transparent, uint8_t *mask);
+void cursor_get_mono_image(QEMUCursor *c, int foreground, uint8_t *mask);
+void cursor_get_mono_mask(QEMUCursor *c, int transparent, uint8_t *mask);
+
struct DisplayChangeListener {
int idle;
uint64_t gui_timer_interval;
@@ -158,8 +179,7 @@ struct DisplayState {
struct DisplayChangeListener* listeners;
void (*mouse_set)(int x, int y, int on);
-void (*cursor_define)(int width, int height, int bpp, int hot_x, int hot_y,
- uint8_t *image, uint8_t *mask);
+void (*cursor_define)(QEMUCursor *cursor);
struct DisplayState *next;
};
diff --git a/cursor.c b/cursor.c
new file mode 100644
index 000..dfb9eef
--- /dev/null
+++ b/cursor.c
@@ -0,0 +1,210 @@
+#include "qemu-common.h"
+#include "console.h"
+
+#include "cursor_hidden.xpm"
+#include "cursor_left_ptr.xpm"
+
+/* for creating built-in cursors */
+static QEMUCursor *cursor_parse_xpm(const char *xpm[])
+{
+QEMUCursor *c;
+uint32_t ctab[128];
+unsigned int width, height, colors, chars;
+unsigned int line = 0, i, r, g, b, x, y, pixel;
+char name[16];
+uint8_t idx;
+
+/* parse header line: width, height, #colors, #chars */
+if (sscanf(xpm[line], "%d %d %d %d",&width,&height,&colors,&chars) != 4) {
+fprintf(stderr, "%s: header parse error: \"%s\"\n",
+__FUNCTION__, xpm[line]);
+return NULL;
+}
+if (chars != 1) {
+fprintf(stderr, "%s: chars != 1 not supported\n", __FUNCTION__);
+return NULL;
+}
+line++;
+
+/* parse color table */
+for (i = 0; i< colors; i++, line++) {
+if (sscanf(xpm[line], "%c c %15s",&idx, name) == 2) {
+if (sscanf(name, "#%02x%02x%02x",&r,&g,&b) == 3) {
+ctab[idx] = (0xff<< 24) | (b<< 16) | (g<< 8) | r;
+continue;
+}
+if (strcmp(name, "None") == 0) {
+ctab[idx] = 0x;
+continue;
+}
+}
+fprintf(stderr, "%s: color parse error: \"%s\"\n",
+__FUNCTION__, xpm[line]);
+return NULL;
+}
+
+/* parse pixel data */
+c = cursor_alloc(width, height);
+for (pixel = 0, y = 0; y< height; y++, line++) {
+for (x = 0; x< height; x++, pixel++) {
+idx = xpm[line][x];
+c->data[pixel] = ctab[idx];
+}
+}
+return c;
+}
+
+/* nice for debugging */
+void cursor_print_ascii_art(QEMUCursor *c, const char *prefix)
+{
+uint32_t *data = c->data;
+int x,y;
+
+for (y = 0; y< c->height; y++) {
+fprintf(stderr, "%s: %2d: |", prefix, y);
+for (x = 0; x< c->width; x++, data++) {
+if ((*data& 0xff00) != 0xff00) {
+fprintf(stderr, " "); /* transparent */
+} else if ((*data& 0x00ff) == 0x00ff) {
+fprintf(stderr, "
[Qemu-devel] [Bug 427612] Re: does not pass pressed caps lock to client
** Branch linked: lp:ubuntu/qemu-kvm -- does not pass pressed caps lock to client https://bugs.launchpad.net/bugs/427612 You received this bug notification because you are a member of qemu- devel-ml, which is subscribed to QEMU. Status in QEMU: New Status in “libsdl1.2” package in Ubuntu: Invalid Status in “qemu-kvm” package in Ubuntu: Fix Released Status in “libsdl1.2” package in Debian: Fix Released Bug description: Binary package hint: qemu-kvm I have set the keyboard layout to German NEO 2 [1] in the host and the client (both current karmic). The caps lock is used as modifier (similar to shift) in NEO. When I press "caps lock" + "t", then the client prints a "t" instead of a "-". It seems that the pressed caps lock is not passed to the client. [1] http://www.neo-layout.org/ ProblemType: Bug Architecture: amd64 Date: Fri Sep 11 01:38:58 2009 DistroRelease: Ubuntu 9.10 KvmCmdLine: Error: command ['ps', '-C', 'kvm', '-F'] failed with exit code 1: UIDPID PPID CSZ RSS PSR STIME TTY TIME CMD Package: qemu-kvm 0.11.0~rc2-0ubuntu2 PccardctlIdent: PccardctlStatus: ProcCmdLine: BOOT_IMAGE=/boot/vmlinuz-2.6.31-10-generic root=UUID=37b01f5a-a578-49d6-a812-f166b103e68a ro quiet splash ProcEnviron: LANG=de_DE.UTF-8 SHELL=/bin/bash ProcVersionSignature: Ubuntu 2.6.31-10.31-generic SourcePackage: qemu-kvm Uname: Linux 2.6.31-10-generic x86_64 dmi.bios.date: 07/15/2009 dmi.bios.vendor: Intel Corp. dmi.bios.version: DPP3510J.86A.0572.2009.0715.2346 dmi.board.asset.tag: Base Board Asset Tag dmi.board.name: DG33TL dmi.board.vendor: Intel Corporation dmi.board.version: AAD89517-802 dmi.chassis.type: 3 dmi.modalias: dmi:bvnIntelCorp.:bvrDPP3510J.86A.0572.2009.0715.2346:bd07/15/2009:svn:pn:pvr:rvnIntelCorporation:rnDG33TL:rvrAAD89517-802:cvn:ct3:cvr:
Re: [Qemu-devel] [PATCH 1/2] trace: Add simple tracing support
On 05/21/2010 04:42 AM, Stefan Hajnoczi wrote:
Trace events should be defined in trace.h. Events are written to
/tmp/trace.log and can be formatted using trace.py. Remember to add
events to trace.py for pretty-printing.
Signed-off-by: Stefan Hajnoczi
---
Makefile.objs |2 +-
trace.c | 64 +
trace.h |9
trace.py | 30 ++
4 files changed, 104 insertions(+), 1 deletions(-)
create mode 100644 trace.c
create mode 100644 trace.h
create mode 100755 trace.py
diff --git a/Makefile.objs b/Makefile.objs
index acbaf22..307e989 100644
--- a/Makefile.objs
+++ b/Makefile.objs
@@ -8,7 +8,7 @@ qobject-obj-y += qerror.o
# block-obj-y is code used by both qemu system emulation and qemu-img
block-obj-y = cutils.o cache-utils.o qemu-malloc.o qemu-option.o module.o
-block-obj-y += nbd.o block.o aio.o aes.o osdep.o qemu-config.o
+block-obj-y += nbd.o block.o aio.o aes.o osdep.o qemu-config.o trace.o
block-obj-$(CONFIG_POSIX) += posix-aio-compat.o
block-obj-$(CONFIG_LINUX_AIO) += linux-aio.o
diff --git a/trace.c b/trace.c
new file mode 100644
index 000..2fec4d3
--- /dev/null
+++ b/trace.c
@@ -0,0 +1,64 @@
+#include
+#include
+#include "trace.h"
+
+typedef struct {
+unsigned long event;
+unsigned long x1;
+unsigned long x2;
+unsigned long x3;
+unsigned long x4;
+unsigned long x5;
+} TraceRecord;
+
+enum {
+TRACE_BUF_LEN = 64 * 1024 / sizeof(TraceRecord),
+};
+
+static TraceRecord trace_buf[TRACE_BUF_LEN];
+static unsigned int trace_idx;
+static FILE *trace_fp;
+
+static void trace(TraceEvent event, unsigned long x1,
+ unsigned long x2, unsigned long x3,
+ unsigned long x4, unsigned long x5) {
+TraceRecord *rec =&trace_buf[trace_idx];
+rec->event = event;
+rec->x1 = x1;
+rec->x2 = x2;
+rec->x3 = x3;
+rec->x4 = x4;
+rec->x5 = x5;
+
+if (++trace_idx == TRACE_BUF_LEN) {
+trace_idx = 0;
+
+if (!trace_fp) {
+trace_fp = fopen("/tmp/trace.log", "w");
+}
+if (trace_fp) {
+size_t result = fwrite(trace_buf, sizeof trace_buf, 1, trace_fp);
+result = result;
+}
+}
+}
It is probably worth while to read trace points via the monitor or
through some other mechanism. My concern would be that writing even 64k
out to disk would introduce enough performance overhead mainly because
it runs lock-step with the guest's VCPU.
Maybe it's worth adding a thread that syncs the ring to disk if we want
to write to disk?
+void trace1(TraceEvent event, unsigned long x1) {
+trace(event, x1, 0, 0, 0, 0);
+}
+
+void trace2(TraceEvent event, unsigned long x1, unsigned long x2) {
+trace(event, x1, x2, 0, 0, 0);
+}
+
+void trace3(TraceEvent event, unsigned long x1, unsigned long x2, unsigned
long x3) {
+trace(event, x1, x2, x3, 0, 0);
+}
+
+void trace4(TraceEvent event, unsigned long x1, unsigned long x2, unsigned
long x3, unsigned long x4) {
+trace(event, x1, x2, x3, x4, 0);
+}
+
+void trace5(TraceEvent event, unsigned long x1, unsigned long x2, unsigned
long x3, unsigned long x4, unsigned long x5) {
+trace(event, x1, x2, x3, x4, x5);
+}
diff --git a/trace.h b/trace.h
new file mode 100644
index 000..144aa1e
--- /dev/null
+++ b/trace.h
@@ -0,0 +1,9 @@
+typedef enum {
+TRACE_MAX
+} TraceEvent;
+
+void trace1(TraceEvent event, unsigned long x1);
+void trace2(TraceEvent event, unsigned long x1, unsigned long x2);
+void trace3(TraceEvent event, unsigned long x1, unsigned long x2, unsigned
long x3);
+void trace4(TraceEvent event, unsigned long x1, unsigned long x2, unsigned
long x3, unsigned long x4);
+void trace5(TraceEvent event, unsigned long x1, unsigned long x2, unsigned
long x3, unsigned long x4, unsigned long x5);
Looks good. I think we definitely need something like this.
Regards,
Anthony Liguori
diff --git a/trace.py b/trace.py
new file mode 100755
index 000..f38ab6b
--- /dev/null
+++ b/trace.py
@@ -0,0 +1,30 @@
+#!/usr/bin/env python
+import sys
+import struct
+
+trace_fmt = 'LL'
+trace_len = struct.calcsize(trace_fmt)
+
+events = {
+}
+
+def read_record(fobj):
+s = fobj.read(trace_len)
+if len(s) != trace_len:
+return None
+return struct.unpack(trace_fmt, s)
+
+def format_record(rec):
+event = events[rec[0]]
+fields = [event[0]]
+for i in xrange(1, len(event)):
+fields.append('%s=0x%x' % (event[i], rec[i]))
+return ' '.join(fields)
+
+f = open(sys.argv[1], 'rb')
+while True:
+rec = read_record(f)
+if rec is None:
+break
+
+print format_record(rec)
Re: [Qemu-devel] [PATCH] fix curses update - v2
On Fri, May 21, 2010 at 02:02:43PM +0200, andrzej zaborowski wrote: > I pushed a modified patch to preserve attributes such as background > colour. Good idea. > Please check if this works for you. Yes, this works. Thanks, Bernhard Kauer
Re: [Qemu-devel] forking i386 binaries on arm linux user mode
On Tue, 11 May 2010, Richard Henderson wrote: > On 05/11/2010 10:08 AM, Damion Yates wrote: > > Also is there some magic in gnemul-x86 beyond being a set of x86 > > libs? > > No. Okay, good to know. > > Does it do any shortcutting to system calls in native rather than > > sticking with the libs under emulation more? > > No. Okay, fine. I expect this has been thought of (or dismissed as not feasible) on the qemu mailing list over the years anyway. > > Could you explain what you did? I've tried the following: > > Use the binfmt_misc filesystem to set up qemu as the interpreter for > x86 binaries. Did that (mentioned in the original email). I think what I must have missed was making sure the qemu binary was found in matching paths in the chroot (in fact it's probably not needed outside the chroot really). I'm not quite sure how I missed that, I know what I'm doing but I think I just lacked faith in whether this could work at all on a fundamental level. Of course that was since confirmed on this list, so I just needed to try again harder. > > chroot ch/ ./ld-linux-arm.so --library-path `pwd`/armlibs \ > > ./qemu-i386 bin/sh > > You may find it easier to staticly link the arm qemu in that case. Yeah, I figured this was going to be the only way, it was that or the interpreter after the #! within any wrapper to run stuff. As I didn't even have a static sh (arm) around, I rechecked the build of qemu and found it trivial to statically compile*. I've now got it working as planned, I can chroot in, I've bind mounted /tmp/.X11-unix/ in to the chroot so X works (I think my phone has X with -nolisten tcp and changing that is phone-brickingly scary). So yeah... everything sort of works. I can run arbitrary (fairly) complex binaries like screen, xterm (both need to fork), graphical stuff like XV and of course wine sol.exe (which I think does some threading)! http://www.youtube.com/damionyates2 Thanks for all your help. I still have some issues, surprisingly a few reboots, which is odd as I'm su'ed to a user after needing root for the chroot, I suspect something I'm mapping with /dev/ or /proc/ mounts. I've found although a lot of stuff doesn't work if it needs those mounts working, my tests are more reliable for the binaries that don't need /proc or /dev being there, if I don't mount /proc or bindmount /dev/pts at all. It's also not quite doing what I want in terms of wine capabilities. I suspect the revisions of x86 libs and wine version, possibly NPTL. But I think the wine mailing list is the next best stop for me for that unless any of you are particularly interested in this? The other threads on this list are all developery with loads of patches and stuff so I'll stop annoying you all now and close this thread as a success :) Damion *This is increasingly hard, I think many modern GNU projects have given up providing a way to statically link stuff, and so many things pull in via dlopen now you can't even tell from an ldd whether it's likely to work. -- Damion Yates - Google UK Ltd Belgrave House, 76 Buckingham Palace Rd, London SW1W 9TQ - reg:3977902
[Qemu-devel] [PATCH] resent: x86/cpuid: Add kvm32 CPU model
Create a kvm32 CPU model that describes a least common denominator
for KVM capable guest CPUs. Useful for migration purposes.
Signed-off-by: Andre Przywara
---
target-i386/cpuid.c | 14 ++
1 files changed, 14 insertions(+), 0 deletions(-)
diff --git a/target-i386/cpuid.c b/target-i386/cpuid.c
index a80baa4..76b897d 100644
--- a/target-i386/cpuid.c
+++ b/target-i386/cpuid.c
@@ -363,6 +363,20 @@ static x86_def_t builtin_x86_defs[] = {
.model_id = "QEMU Virtual CPU version " QEMU_VERSION,
},
{
+.name = "kvm32",
+.level = 5,
+.family = 15,
+.model = 6,
+.stepping = 1,
+.features = PPRO_FEATURES |
+CPUID_MTRR | CPUID_CLFLUSH | CPUID_MCA | CPUID_PSE36,
+.ext_features = CPUID_EXT_SSE3,
+.ext2_features = PPRO_FEATURES & EXT2_FEATURE_MASK,
+.ext3_features = 0,
+.xlevel = 0x8008,
+.model_id = "Common 32-bit KVM processor"
+},
+{
.name = "coreduo",
.level = 10,
.family = 6,
--
1.6.4
[Qemu-devel] Re: [PATCH 1/2] trace: Add simple tracing support
Stefan Hajnoczi wrote:
> On Fri, May 21, 2010 at 12:13 PM, Jan Kiszka wrote:
>> Stefan Hajnoczi wrote:
>>> Trace events should be defined in trace.h. Events are written to
>>> /tmp/trace.log and can be formatted using trace.py. Remember to add
>>> events to trace.py for pretty-printing.
>> When already writing to a file, why not reusing QEMU's logging
>> infrastructure ("log " / "-d foo")? Shouldn't make a huge
>> performance difference if the data is saved in clear-text.
>
>> Also, having support for ftrace's user space markers would be a very
>> nice option (only an option as it's Linux-specific), see
>> http://lwn.net/Articles/366796.
>
> Thanks for the links.
>
> I think using the platform's tracing facility has many advantages.
> The main one being that we can focus on QEMU/KVM development rather
> than re-implementing tracing infrastructure :).
Indeed. :)
>
> It may be possible to have SystemTap, DTrace, or nop static trace
> event code. A platform with no tracing support can only use the nop
> backend, which results in a build without static trace events.
> Platforms with tracing support can build with the appropriate backend
> or nop. The backend tracing facility is abstracted and most of QEMU
> doesn't need to know which one is being used.
That would be ideal.
>
> I hadn't seen trace markers. However, I suspect they aren't ideal for
> static trace events because logging an event requires a write system
> call. They look useful for annotating kernel tracing information, but
> less for high frequency/low overhead userspace tracing.
You never know for sure until you tried :). There are surely lots of
scenarios where this overhead does not matter.
Moreover, I'm sure that something of LTTng's high-frequency/low-overhead
tracing capabilities will make it (in whatever form) into mainline
sooner or later. So we need that smart infrastructure to make use of it
once it's available (actually, LTTng is already available, just still
requires "some" kernel patching).
Jan
--
Siemens AG, Corporate Technology, CT T DE IT 1
Corporate Competence Center Embedded Linux
[Qemu-devel] Re: [PATCH 1/2] trace: Add simple tracing support
On Fri, May 21, 2010 at 12:13 PM, Jan Kiszka wrote:
> Stefan Hajnoczi wrote:
>> Trace events should be defined in trace.h. Events are written to
>> /tmp/trace.log and can be formatted using trace.py. Remember to add
>> events to trace.py for pretty-printing.
>
> When already writing to a file, why not reusing QEMU's logging
> infrastructure ("log " / "-d foo")? Shouldn't make a huge
> performance difference if the data is saved in clear-text.
> Also, having support for ftrace's user space markers would be a very
> nice option (only an option as it's Linux-specific), see
> http://lwn.net/Articles/366796.
Thanks for the links.
I think using the platform's tracing facility has many advantages.
The main one being that we can focus on QEMU/KVM development rather
than re-implementing tracing infrastructure :).
It may be possible to have SystemTap, DTrace, or nop static trace
event code. A platform with no tracing support can only use the nop
backend, which results in a build without static trace events.
Platforms with tracing support can build with the appropriate backend
or nop. The backend tracing facility is abstracted and most of QEMU
doesn't need to know which one is being used.
I hadn't seen trace markers. However, I suspect they aren't ideal for
static trace events because logging an event requires a write system
call. They look useful for annotating kernel tracing information, but
less for high frequency/low overhead userspace tracing.
Stefan
[Qemu-devel] Re: vgabios plans ( Re: [PATCH 1/5] Makefile cleanup)
On 05/20/10 15:04, Anthony Liguori wrote: Hmm. No response for weeks from vgabios folks on this patch series. How to go forward best with vgabios bits? Just upgrade http://git.qemu.org/vgabios.git/ to 0.6c, then apply patches there? Yeah, I think the long term goal should be to move to SeaBIOS's vgabios Isn't *that* trivial though as it has no vbe support ... fork but for now, I guess we'll have to do it. Ok. The vgabios git tree doesn't look like a straight "git cvsimport". It has fancy author names, no *.bin commits and different hashes than my self-created cvsimport. It is probably easiest if you just pull 0.6c version into the repo and I'll rebase my patches to that then. We might also cherry-pick af92284bec7ddbd76ddd105c40718627dda3407e into stable-0.12 to reduce the chance of unpleasant surprises in case someone combines the latest vgabios with stable. cheers, Gerd
[Qemu-devel] linux-user mmap bug
Hi
I ran into an mmap problem linux-user emulating CRIS (32bit) on x86_64 hosts.
Guest asks for a non fixed mmap, QEMU tries the mmap but the kernel returns a
high 64bit address. QEMU notices that it wont fit in the guests 32bit ptr size
and retries with a low address but doesn't set the MAP_FIXED flag.
Was something like the following patch the intended behaviour or did I
missunderstand something? (it fixes my problem at least...)
Cheers
commit 96fd8e3fdedb697ba249f32245751a28979c3fab
Author: Edgar E. Iglesias
Date: Fri May 21 15:22:11 2010 +0200
linux-user: Set MAP_FIXED for mmap address fixups.
Signed-off-by: Edgar E. Iglesias
diff --git a/linux-user/mmap.c b/linux-user/mmap.c
index 6a1d933..5308fe1 100644
--- a/linux-user/mmap.c
+++ b/linux-user/mmap.c
@@ -304,7 +304,11 @@ abi_ulong mmap_find_vma(abi_ulong start, abi_ulong size)
* - shmat() with SHM_REMAP flag
*/
ptr = mmap(g2h(addr), size, PROT_NONE,
- MAP_ANONYMOUS|MAP_PRIVATE|MAP_NORESERVE, -1, 0);
+ /* When the kernel returns addresses that the guest
+ cannot use we might need to fallback to fixed
+ allocations. */
+ (addr ? MAP_FIXED : 0)
+ | MAP_ANONYMOUS|MAP_PRIVATE|MAP_NORESERVE, -1, 0);
/* ENOMEM, if host address space has no memory */
if (ptr == MAP_FAILED) {
Re: [Qemu-devel] [PATCH 1/2] trace: Add simple tracing support
Anthony Liguori wrote:
> On 05/21/2010 04:42 AM, Stefan Hajnoczi wrote:
>> Trace events should be defined in trace.h. Events are written to
>> /tmp/trace.log and can be formatted using trace.py. Remember to add
>> events to trace.py for pretty-printing.
>>
>> Signed-off-by: Stefan Hajnoczi
>> ---
>> Makefile.objs |2 +-
>> trace.c | 64
>> +
>> trace.h |9
>> trace.py | 30 ++
>> 4 files changed, 104 insertions(+), 1 deletions(-)
>> create mode 100644 trace.c
>> create mode 100644 trace.h
>> create mode 100755 trace.py
>>
>> diff --git a/Makefile.objs b/Makefile.objs
>> index acbaf22..307e989 100644
>> --- a/Makefile.objs
>> +++ b/Makefile.objs
>> @@ -8,7 +8,7 @@ qobject-obj-y += qerror.o
>> # block-obj-y is code used by both qemu system emulation and qemu-img
>>
>> block-obj-y = cutils.o cache-utils.o qemu-malloc.o qemu-option.o
>> module.o
>> -block-obj-y += nbd.o block.o aio.o aes.o osdep.o qemu-config.o
>> +block-obj-y += nbd.o block.o aio.o aes.o osdep.o qemu-config.o trace.o
>> block-obj-$(CONFIG_POSIX) += posix-aio-compat.o
>> block-obj-$(CONFIG_LINUX_AIO) += linux-aio.o
>>
>> diff --git a/trace.c b/trace.c
>> new file mode 100644
>> index 000..2fec4d3
>> --- /dev/null
>> +++ b/trace.c
>> @@ -0,0 +1,64 @@
>> +#include
>> +#include
>> +#include "trace.h"
>> +
>> +typedef struct {
>> +unsigned long event;
>> +unsigned long x1;
>> +unsigned long x2;
>> +unsigned long x3;
>> +unsigned long x4;
>> +unsigned long x5;
>> +} TraceRecord;
>> +
>> +enum {
>> +TRACE_BUF_LEN = 64 * 1024 / sizeof(TraceRecord),
>> +};
>> +
>> +static TraceRecord trace_buf[TRACE_BUF_LEN];
>> +static unsigned int trace_idx;
>> +static FILE *trace_fp;
>> +
>> +static void trace(TraceEvent event, unsigned long x1,
>> + unsigned long x2, unsigned long x3,
>> + unsigned long x4, unsigned long x5) {
>> +TraceRecord *rec =&trace_buf[trace_idx];
>> +rec->event = event;
>> +rec->x1 = x1;
>> +rec->x2 = x2;
>> +rec->x3 = x3;
>> +rec->x4 = x4;
>> +rec->x5 = x5;
>> +
>> +if (++trace_idx == TRACE_BUF_LEN) {
>> +trace_idx = 0;
>> +
>> +if (!trace_fp) {
>> +trace_fp = fopen("/tmp/trace.log", "w");
>> +}
>> +if (trace_fp) {
>> +size_t result = fwrite(trace_buf, sizeof trace_buf, 1,
>> trace_fp);
>> +result = result;
>> +}
>> +}
>> +}
>>
>
> It is probably worth while to read trace points via the monitor or
> through some other mechanism. My concern would be that writing even 64k
> out to disk would introduce enough performance overhead mainly because
> it runs lock-step with the guest's VCPU.
>
> Maybe it's worth adding a thread that syncs the ring to disk if we want
> to write to disk?
That's not what QEMU should worry about. If somehow possible, let's push
this into the hands of a (user space) tracing framework, ideally one
that is already designed for such requirements. E.g. there exists quite
useful work in the context of LTTng (user space RCU for application
tracing).
We may need simple stubs for the case that no such framework is (yet)
available. But effort should focus on a QEMU infrastructure to add
useful tracepoints to the code. Specifically when tracing over KVM, you
usually need information about kernel states as well, so you depend on
an integrated approach, not Yet Another Log File.
Jan
--
Siemens AG, Corporate Technology, CT T DE IT 1
Corporate Competence Center Embedded Linux
Re: [Qemu-devel] [PATCH 1/2] trace: Add simple tracing support
On 05/21/2010 08:46 AM, Jan Kiszka wrote:
Anthony Liguori wrote:
On 05/21/2010 04:42 AM, Stefan Hajnoczi wrote:
Trace events should be defined in trace.h. Events are written to
/tmp/trace.log and can be formatted using trace.py. Remember to add
events to trace.py for pretty-printing.
Signed-off-by: Stefan Hajnoczi
---
Makefile.objs |2 +-
trace.c | 64
+
trace.h |9
trace.py | 30 ++
4 files changed, 104 insertions(+), 1 deletions(-)
create mode 100644 trace.c
create mode 100644 trace.h
create mode 100755 trace.py
diff --git a/Makefile.objs b/Makefile.objs
index acbaf22..307e989 100644
--- a/Makefile.objs
+++ b/Makefile.objs
@@ -8,7 +8,7 @@ qobject-obj-y += qerror.o
# block-obj-y is code used by both qemu system emulation and qemu-img
block-obj-y = cutils.o cache-utils.o qemu-malloc.o qemu-option.o
module.o
-block-obj-y += nbd.o block.o aio.o aes.o osdep.o qemu-config.o
+block-obj-y += nbd.o block.o aio.o aes.o osdep.o qemu-config.o trace.o
block-obj-$(CONFIG_POSIX) += posix-aio-compat.o
block-obj-$(CONFIG_LINUX_AIO) += linux-aio.o
diff --git a/trace.c b/trace.c
new file mode 100644
index 000..2fec4d3
--- /dev/null
+++ b/trace.c
@@ -0,0 +1,64 @@
+#include
+#include
+#include "trace.h"
+
+typedef struct {
+unsigned long event;
+unsigned long x1;
+unsigned long x2;
+unsigned long x3;
+unsigned long x4;
+unsigned long x5;
+} TraceRecord;
+
+enum {
+TRACE_BUF_LEN = 64 * 1024 / sizeof(TraceRecord),
+};
+
+static TraceRecord trace_buf[TRACE_BUF_LEN];
+static unsigned int trace_idx;
+static FILE *trace_fp;
+
+static void trace(TraceEvent event, unsigned long x1,
+ unsigned long x2, unsigned long x3,
+ unsigned long x4, unsigned long x5) {
+TraceRecord *rec =&trace_buf[trace_idx];
+rec->event = event;
+rec->x1 = x1;
+rec->x2 = x2;
+rec->x3 = x3;
+rec->x4 = x4;
+rec->x5 = x5;
+
+if (++trace_idx == TRACE_BUF_LEN) {
+trace_idx = 0;
+
+if (!trace_fp) {
+trace_fp = fopen("/tmp/trace.log", "w");
+}
+if (trace_fp) {
+size_t result = fwrite(trace_buf, sizeof trace_buf, 1,
trace_fp);
+result = result;
+}
+}
+}
It is probably worth while to read trace points via the monitor or
through some other mechanism. My concern would be that writing even 64k
out to disk would introduce enough performance overhead mainly because
it runs lock-step with the guest's VCPU.
Maybe it's worth adding a thread that syncs the ring to disk if we want
to write to disk?
That's not what QEMU should worry about. If somehow possible, let's push
this into the hands of a (user space) tracing framework, ideally one
that is already designed for such requirements. E.g. there exists quite
useful work in the context of LTTng (user space RCU for application
tracing).
From what I understand, none of the current kernel approaches to
userspace tracing have much momentum at the moment.
We may need simple stubs for the case that no such framework is (yet)
available. But effort should focus on a QEMU infrastructure to add
useful tracepoints to the code. Specifically when tracing over KVM, you
usually need information about kernel states as well, so you depend on
an integrated approach, not Yet Another Log File.
I think the simple code that Stefan pasted gives us 95% of what we need.
Regards,
Anthony Liguori
Jan
[Qemu-devel] [PATCH] resent: x86/cpuid: propagate further CPUID leafs when -cpu host
-cpu host currently only propagates the CPU's family/model/stepping,
the brand name and the feature bits.
Add a whitelist of safe CPUID leafs to let the guest see the actual
CPU's cache details and other things.
Signed-off-by: Andre Przywara
---
target-i386/cpu.h |6 +-
target-i386/cpuid.c | 45 +
2 files changed, 42 insertions(+), 9 deletions(-)
Again this patch was not yet applied, without any discussion I can remember.
Please apply.
Thanks,
Andre.
diff --git a/target-i386/cpu.h b/target-i386/cpu.h
index 548ab80..77cbbdb 100644
--- a/target-i386/cpu.h
+++ b/target-i386/cpu.h
@@ -581,6 +581,10 @@ typedef struct {
#define NB_MMU_MODES 2
+#define CPUID_FLAGS_BUILTIN (1 << 0)
+#define CPUID_FLAGS_VENDOR_OVERRIDE (1 << 1)
+#define CPUID_FLAGS_HOST (1 << 2)
+
typedef struct CPUX86State {
/* standard registers */
target_ulong regs[CPU_NB_REGS];
@@ -685,7 +689,7 @@ typedef struct CPUX86State {
uint32_t cpuid_ext2_features;
uint32_t cpuid_ext3_features;
uint32_t cpuid_apic_id;
-int cpuid_vendor_override;
+uint32_t cpuid_flags;
/* MTRRs */
uint64_t mtrr_fixed[11];
diff --git a/target-i386/cpuid.c b/target-i386/cpuid.c
index 99d1f44..a80baa4 100644
--- a/target-i386/cpuid.c
+++ b/target-i386/cpuid.c
@@ -213,7 +213,6 @@ typedef struct x86_def_t {
uint32_t features, ext_features, ext2_features, ext3_features,
kvm_features;
uint32_t xlevel;
char model_id[48];
-int vendor_override;
uint32_t flags;
} x86_def_t;
@@ -489,7 +488,7 @@ static int cpu_x86_fill_host(x86_def_t *x86_cpu_def)
x86_cpu_def->ext2_features = edx;
x86_cpu_def->ext3_features = ecx;
cpu_x86_fill_model_id(x86_cpu_def->model_id);
-x86_cpu_def->vendor_override = 0;
+x86_cpu_def->flags = CPUID_FLAGS_HOST;
return 0;
}
@@ -633,7 +632,7 @@ static int cpu_x86_find_by_name(x86_def_t *x86_cpu_def,
const char *cpu_model)
x86_cpu_def->vendor2 |= ((uint8_t)val[i + 4]) << (8 * i);
x86_cpu_def->vendor3 |= ((uint8_t)val[i + 8]) << (8 * i);
}
-x86_cpu_def->vendor_override = 1;
+x86_cpu_def->flags |= CPUID_FLAGS_VENDOR_OVERRIDE;
} else if (!strcmp(featurestr, "model_id")) {
pstrcpy(x86_cpu_def->model_id, sizeof(x86_cpu_def->model_id),
val);
@@ -731,7 +730,8 @@ void x86_cpu_list (FILE *f, int (*cpu_fprintf)(FILE *f,
const char *fmt, ...),
return;
}
for (def = x86_defs; def; def = def->next) {
-snprintf(buf, sizeof (buf), def->flags ? "[%s]": "%s", def->name);
+snprintf(buf, sizeof (buf),
+ def->flags & CPUID_FLAGS_BUILTIN ? "[%s]": "%s", def->name);
if (model || dump) {
(*cpu_fprintf)(f, "x86 %16s %-48s\n", buf, def->model_id);
} else {
@@ -785,7 +785,7 @@ int cpu_x86_register (CPUX86State *env, const char
*cpu_model)
env->cpuid_vendor2 = CPUID_VENDOR_INTEL_2;
env->cpuid_vendor3 = CPUID_VENDOR_INTEL_3;
}
-env->cpuid_vendor_override = def->vendor_override;
+env->cpuid_flags = def->flags;
env->cpuid_level = def->level;
if (def->family > 0x0f)
env->cpuid_version = 0xf00 | ((def->family - 0x0f) << 20);
@@ -941,7 +941,7 @@ void x86_cpudef_setup(void)
for (i = 0; i < ARRAY_SIZE(builtin_x86_defs); ++i) {
builtin_x86_defs[i].next = x86_defs;
-builtin_x86_defs[i].flags = 1;
+builtin_x86_defs[i].flags |= CPUID_FLAGS_BUILTIN;
x86_defs = &builtin_x86_defs[i];
}
#if !defined(CONFIG_USER_ONLY)
@@ -962,22 +962,51 @@ static void get_cpuid_vendor(CPUX86State *env, uint32_t
*ebx,
* this if you want to use KVM's sysenter/syscall emulation
* in compatibility mode and when doing cross vendor migration
*/
-if (kvm_enabled() && ! env->cpuid_vendor_override) {
+if (kvm_enabled() &&
+(env->cpuid_flags & CPUID_FLAGS_VENDOR_OVERRIDE) == 0) {
host_cpuid(0, 0, NULL, ebx, ecx, edx);
}
}
+/* safe CPUID leafs to propagate to guest if -cpu host is specified
+ * Intel defined leafs:
+ * Cache descriptors (0x02)
+ * Deterministic cache parameters (0x04)
+ * Monitor/MWAIT parameters (0x05)
+ */
+#define CPUID_LEAF_PROPAGATE ((1 << 0x02) | (1 << 0x04) | (1 << 0x05))
+
+/* AMD defined leafs:
+ * L1 Cache and TLB (0x05)
+ * L2+L3 TLB (0x06)
+ * LongMode address size (0x08)
+ * 1GB page TLB (0x19)
+ * Performance optimization (0x1A)
+ */
+#define CPUID_LEAF_PROPAGATE_EXTENDED ((1 << 0x05) | (1 << 0x06) |\
+ (1 << 0x08) | (1 << 0x19) | (1 << 0x1A))
+
void cpu_x86_cpuid(CPUX86State *env, uint32_t index, uint32_t count,
uint32_t *eax, uint32_t *ebx,
uint32_t *ecx, uint32_t *edx)
{
-/* test if maximum index reached */
if (index & 0x8000) {
+/* test if max
[Qemu-devel] [PATCH 00/15] tcg-i386 cleanup and improvement, v3
Changes v2->v3: * ext8u and ext8s operate on 'q' register inputs only. * pushi is inline and loses the ifdef. * trailing whitespace cleanup r~ Richard Henderson (15): tcg-i386: Tidy ext8u and ext16u operations. tcg-i386: Tidy ext8s and ext16s operations. tcg-i386: Tidy immediate arithmetic operations. tcg-i386: Tidy non-immediate arithmetic operations. tcg-i386: Tidy movi. tcg-i386: Tidy push/pop. tcg-i386: Tidy calls. tcg-i386: Tidy ret. tcg-i386: Tidy setcc. tcg-i386: Tidy unary arithmetic. tcg-i386: Tidy multiply. tcg-i386: Tidy xchg. tcg-i386: Tidy lea. tcg-i386: Use lea for three-operand add. tcg-i386: Nuke trailing whitespace. tcg/i386/tcg-target.c | 504 ++--- 1 files changed, 308 insertions(+), 196 deletions(-)
[Qemu-devel] [PATCH 01/15] tcg-i386: Tidy ext8u and ext16u operations.
Define OPC_MOVZBL and OPC_MOVZWL. Factor opcode emission to
separate functions.
Signed-off-by: Richard Henderson
---
tcg/i386/tcg-target.c | 57 ++--
1 files changed, 31 insertions(+), 26 deletions(-)
diff --git a/tcg/i386/tcg-target.c b/tcg/i386/tcg-target.c
index 904d2e5..4497010 100644
--- a/tcg/i386/tcg-target.c
+++ b/tcg/i386/tcg-target.c
@@ -166,6 +166,8 @@ static inline int tcg_target_const_match(tcg_target_long
val,
#define OPC_MOVB_EvGv (0x88) /* stores, more or less */
#define OPC_MOVL_EvGv (0x89) /* stores, more or less */
#define OPC_MOVL_GvEv (0x8b) /* loads, more or less */
+#define OPC_MOVZBL (0xb6 | P_EXT)
+#define OPC_MOVZWL (0xb7 | P_EXT)
#define OPC_SHIFT_1(0xd1)
#define OPC_SHIFT_Ib (0xc1)
#define OPC_SHIFT_cl (0xd3)
@@ -209,8 +211,6 @@ static inline int tcg_target_const_match(tcg_target_long
val,
#define JCC_JLE 0xe
#define JCC_JG 0xf
-#define P_EXT 0x100 /* 0x0f opcode prefix */
-
static const uint8_t tcg_cond_to_jcc[10] = {
[TCG_COND_EQ] = JCC_JE,
[TCG_COND_NE] = JCC_JNE,
@@ -323,6 +323,19 @@ static inline void tcg_out_rolw_8(TCGContext *s, int reg)
tcg_out_shifti(s, SHIFT_ROL, reg, 8);
}
+static inline void tcg_out_ext8u(TCGContext *s, int dest, int src)
+{
+/* movzbl */
+assert(src < 4);
+tcg_out_modrm(s, OPC_MOVZBL, dest, src);
+}
+
+static inline void tcg_out_ext16u(TCGContext *s, int dest, int src)
+{
+/* movzwl */
+tcg_out_modrm(s, OPC_MOVZWL, dest, src);
+}
+
static inline void tgen_arithi(TCGContext *s, int c, int r0, int32_t val, int
cf)
{
if (!cf && ((c == ARITH_ADD && val == 1) || (c == ARITH_SUB && val ==
-1))) {
@@ -335,11 +348,9 @@ static inline void tgen_arithi(TCGContext *s, int c, int
r0, int32_t val, int cf
tcg_out_modrm(s, 0x83, c, r0);
tcg_out8(s, val);
} else if (c == ARITH_AND && val == 0xffu && r0 < 4) {
-/* movzbl */
-tcg_out_modrm(s, 0xb6 | P_EXT, r0, r0);
+tcg_out_ext8u(s, r0, r0);
} else if (c == ARITH_AND && val == 0xu) {
-/* movzwl */
-tcg_out_modrm(s, 0xb7 | P_EXT, r0, r0);
+tcg_out_ext16u(s, r0, r0);
} else {
tcg_out_modrm(s, 0x81, c, r0);
tcg_out32(s, val);
@@ -677,12 +688,10 @@ static void tcg_out_qemu_ld(TCGContext *s, const TCGArg
*args,
tcg_out_modrm(s, 0xbf | P_EXT, data_reg, TCG_REG_EAX);
break;
case 0:
-/* movzbl */
-tcg_out_modrm(s, 0xb6 | P_EXT, data_reg, TCG_REG_EAX);
+tcg_out_ext8u(s, data_reg, TCG_REG_EAX);
break;
case 1:
-/* movzwl */
-tcg_out_modrm(s, 0xb7 | P_EXT, data_reg, TCG_REG_EAX);
+tcg_out_ext16u(s, data_reg, TCG_REG_EAX);
break;
case 2:
default:
@@ -722,7 +731,7 @@ static void tcg_out_qemu_ld(TCGContext *s, const TCGArg
*args,
switch(opc) {
case 0:
/* movzbl */
-tcg_out_modrm_offset(s, 0xb6 | P_EXT, data_reg, r0, GUEST_BASE);
+tcg_out_modrm_offset(s, OPC_MOVZBL, data_reg, r0, GUEST_BASE);
break;
case 0 | 4:
/* movsbl */
@@ -730,7 +739,7 @@ static void tcg_out_qemu_ld(TCGContext *s, const TCGArg
*args,
break;
case 1:
/* movzwl */
-tcg_out_modrm_offset(s, 0xb7 | P_EXT, data_reg, r0, GUEST_BASE);
+tcg_out_modrm_offset(s, OPC_MOVZWL, data_reg, r0, GUEST_BASE);
if (bswap) {
tcg_out_rolw_8(s, data_reg);
}
@@ -870,12 +879,10 @@ static void tcg_out_qemu_st(TCGContext *s, const TCGArg
*args,
} else {
switch(opc) {
case 0:
-/* movzbl */
-tcg_out_modrm(s, 0xb6 | P_EXT, TCG_REG_EDX, data_reg);
+tcg_out_ext8u(s, TCG_REG_EDX, data_reg);
break;
case 1:
-/* movzwl */
-tcg_out_modrm(s, 0xb7 | P_EXT, TCG_REG_EDX, data_reg);
+tcg_out_ext16u(s, TCG_REG_EDX, data_reg);
break;
case 2:
tcg_out_mov(s, TCG_REG_EDX, data_reg);
@@ -901,12 +908,10 @@ static void tcg_out_qemu_st(TCGContext *s, const TCGArg
*args,
tcg_out_mov(s, TCG_REG_EDX, addr_reg2);
switch(opc) {
case 0:
-/* movzbl */
-tcg_out_modrm(s, 0xb6 | P_EXT, TCG_REG_ECX, data_reg);
+tcg_out_ext8u(s, TCG_REG_ECX, data_reg);
break;
case 1:
-/* movzwl */
-tcg_out_modrm(s, 0xb7 | P_EXT, TCG_REG_ECX, data_reg);
+tcg_out_ext16u(s, TCG_REG_ECX, data_reg);
break;
case 2:
tcg_out_mov(s, TCG_REG_ECX, data_reg);
@@ -1035,7 +1040,7 @@ static inline void tcg_out_op(TCGContext *s, TCGOpcode
opc,
break;
case INDEX_op_ld8u_i32:
/* movzbl */
-tcg_out_modrm_offset(s, 0xb6 | P_EXT, args[0], args[1], args[2]);
+tcg_out_modrm_offset(s, OPC_MOVZBL, args[0], args[1], args[2]);
b
[Qemu-devel] [PATCH 06/15] tcg-i386: Tidy push/pop.
Move tcg_out_push/pop up in the file so that they can be used
by qemu_ld/st. Define a tcg_out_pushi to be used as well.
Signed-off-by: Richard Henderson
---
tcg/i386/tcg-target.c | 48 ++--
1 files changed, 30 insertions(+), 18 deletions(-)
diff --git a/tcg/i386/tcg-target.c b/tcg/i386/tcg-target.c
index 1d227db..a487375 100644
--- a/tcg/i386/tcg-target.c
+++ b/tcg/i386/tcg-target.c
@@ -178,6 +178,10 @@ static inline int tcg_target_const_match(tcg_target_long
val,
#define OPC_MOVSWL (0xbf | P_EXT)
#define OPC_MOVZBL (0xb6 | P_EXT)
#define OPC_MOVZWL (0xb7 | P_EXT)
+#define OPC_POP_r32(0x58)
+#define OPC_PUSH_r32 (0x50)
+#define OPC_PUSH_Iv(0x68)
+#define OPC_PUSH_Ib(0x6a)
#define OPC_SHIFT_1(0xd1)
#define OPC_SHIFT_Ib (0xc1)
#define OPC_SHIFT_cl (0xd3)
@@ -306,6 +310,27 @@ static inline void tcg_out_movi(TCGContext *s, TCGType
type,
}
}
+static inline void tcg_out_pushi(TCGContext *s, tcg_target_long val)
+{
+if (val == (int8_t)val) {
+tcg_out_opc(s, OPC_PUSH_Ib);
+tcg_out8(s, val);
+} else {
+tcg_out_opc(s, OPC_PUSH_Iv);
+tcg_out32(s, val);
+}
+}
+
+static inline void tcg_out_push(TCGContext *s, int reg)
+{
+tcg_out_opc(s, OPC_PUSH_r32 + reg);
+}
+
+static inline void tcg_out_pop(TCGContext *s, int reg)
+{
+tcg_out_opc(s, OPC_POP_r32 + reg);
+}
+
static inline void tcg_out_ld(TCGContext *s, TCGType type, int ret,
int arg1, tcg_target_long arg2)
{
@@ -891,8 +916,7 @@ static void tcg_out_qemu_st(TCGContext *s, const TCGArg
*args,
if (opc == 3) {
tcg_out_mov(s, TCG_REG_EDX, data_reg);
tcg_out_mov(s, TCG_REG_ECX, data_reg2);
-tcg_out8(s, 0x6a); /* push Ib */
-tcg_out8(s, mem_index);
+tcg_out_pushi(s, mem_index);
tcg_out8(s, 0xe8);
tcg_out32(s, (tcg_target_long)qemu_st_helpers[s_bits] -
(tcg_target_long)s->code_ptr - 4);
@@ -917,10 +941,9 @@ static void tcg_out_qemu_st(TCGContext *s, const TCGArg
*args,
#else
if (opc == 3) {
tcg_out_mov(s, TCG_REG_EDX, addr_reg2);
-tcg_out8(s, 0x6a); /* push Ib */
-tcg_out8(s, mem_index);
-tcg_out_opc(s, 0x50 + data_reg2); /* push */
-tcg_out_opc(s, 0x50 + data_reg); /* push */
+tcg_out_pushi(s, mem_index);
+tcg_out_push(s, data_reg2);
+tcg_out_push(s, data_reg);
tcg_out8(s, 0xe8);
tcg_out32(s, (tcg_target_long)qemu_st_helpers[s_bits] -
(tcg_target_long)s->code_ptr - 4);
@@ -938,8 +961,7 @@ static void tcg_out_qemu_st(TCGContext *s, const TCGArg
*args,
tcg_out_mov(s, TCG_REG_ECX, data_reg);
break;
}
-tcg_out8(s, 0x6a); /* push Ib */
-tcg_out8(s, mem_index);
+tcg_out_pushi(s, mem_index);
tcg_out8(s, 0xe8);
tcg_out32(s, (tcg_target_long)qemu_st_helpers[s_bits] -
(tcg_target_long)s->code_ptr - 4);
@@ -1352,16 +1374,6 @@ static int tcg_target_callee_save_regs[] = {
TCG_REG_EDI,
};
-static inline void tcg_out_push(TCGContext *s, int reg)
-{
-tcg_out_opc(s, 0x50 + reg);
-}
-
-static inline void tcg_out_pop(TCGContext *s, int reg)
-{
-tcg_out_opc(s, 0x58 + reg);
-}
-
/* Generate global QEMU prologue and epilogue code */
void tcg_target_qemu_prologue(TCGContext *s)
{
--
1.7.0.1
[Qemu-devel] [PATCH 03/15] tcg-i386: Tidy immediate arithmetic operations.
Define OPC_ARITH_EvI[bz]; use throughout. Use tcg_out_ext8u
directly in setcond. Use tgen_arithi in qemu_ld/st.
Signed-off-by: Richard Henderson
---
tcg/i386/tcg-target.c | 26 ++
1 files changed, 10 insertions(+), 16 deletions(-)
diff --git a/tcg/i386/tcg-target.c b/tcg/i386/tcg-target.c
index 949e974..5e8c58b 100644
--- a/tcg/i386/tcg-target.c
+++ b/tcg/i386/tcg-target.c
@@ -158,6 +158,8 @@ static inline int tcg_target_const_match(tcg_target_long
val,
#define P_EXT 0x100 /* 0x0f opcode prefix */
+#define OPC_ARITH_EvIz (0x81)
+#define OPC_ARITH_EvIb (0x83)
#define OPC_BSWAP (0xc8 | P_EXT)
#define OPC_JCC_long (0x80 | P_EXT) /* ... plus condition code */
#define OPC_JCC_short (0x70) /* ... plus condition code */
@@ -360,14 +362,14 @@ static inline void tgen_arithi(TCGContext *s, int c, int
r0, int32_t val, int cf
/* dec */
tcg_out_opc(s, 0x48 + r0);
} else if (val == (int8_t)val) {
-tcg_out_modrm(s, 0x83, c, r0);
+tcg_out_modrm(s, OPC_ARITH_EvIb, c, r0);
tcg_out8(s, val);
} else if (c == ARITH_AND && val == 0xffu && r0 < 4) {
tcg_out_ext8u(s, r0, r0);
} else if (c == ARITH_AND && val == 0xu) {
tcg_out_ext16u(s, r0, r0);
} else {
-tcg_out_modrm(s, 0x81, c, r0);
+tcg_out_modrm(s, OPC_ARITH_EvIz, c, r0);
tcg_out32(s, val);
}
}
@@ -536,7 +538,7 @@ static void tcg_out_setcond(TCGContext *s, TCGCond cond,
TCGArg dest,
tcg_out_cmp(s, arg1, arg2, const_arg2);
/* setcc */
tcg_out_modrm(s, 0x90 | tcg_cond_to_jcc[cond] | P_EXT, 0, dest);
-tgen_arithi(s, ARITH_AND, dest, 0xff, 0);
+tcg_out_ext8u(s, dest, dest);
}
static void tcg_out_setcond2(TCGContext *s, const TCGArg *args,
@@ -638,16 +640,12 @@ static void tcg_out_qemu_ld(TCGContext *s, const TCGArg
*args,
#if defined(CONFIG_SOFTMMU)
tcg_out_mov(s, r1, addr_reg);
-
tcg_out_mov(s, r0, addr_reg);
-
+
tcg_out_shifti(s, SHIFT_SHR, r1, TARGET_PAGE_BITS - CPU_TLB_ENTRY_BITS);
-tcg_out_modrm(s, 0x81, 4, r0); /* andl $x, r0 */
-tcg_out32(s, TARGET_PAGE_MASK | ((1 << s_bits) - 1));
-
-tcg_out_modrm(s, 0x81, 4, r1); /* andl $x, r1 */
-tcg_out32(s, (CPU_TLB_SIZE - 1) << CPU_TLB_ENTRY_BITS);
+tgen_arithi(s, ARITH_AND, r0, TARGET_PAGE_MASK | ((1 << s_bits) - 1), 0);
+tgen_arithi(s, ARITH_AND, r1, (CPU_TLB_SIZE - 1) << CPU_TLB_ENTRY_BITS, 0);
tcg_out_opc(s, 0x8d); /* lea offset(r1, %ebp), r1 */
tcg_out8(s, 0x80 | (r1 << 3) | 0x04);
@@ -834,16 +832,12 @@ static void tcg_out_qemu_st(TCGContext *s, const TCGArg
*args,
#if defined(CONFIG_SOFTMMU)
tcg_out_mov(s, r1, addr_reg);
-
tcg_out_mov(s, r0, addr_reg);
tcg_out_shifti(s, SHIFT_SHR, r1, TARGET_PAGE_BITS - CPU_TLB_ENTRY_BITS);
-tcg_out_modrm(s, 0x81, 4, r0); /* andl $x, r0 */
-tcg_out32(s, TARGET_PAGE_MASK | ((1 << s_bits) - 1));
-
-tcg_out_modrm(s, 0x81, 4, r1); /* andl $x, r1 */
-tcg_out32(s, (CPU_TLB_SIZE - 1) << CPU_TLB_ENTRY_BITS);
+tgen_arithi(s, ARITH_AND, r0, TARGET_PAGE_MASK | ((1 << s_bits) - 1), 0);
+tgen_arithi(s, ARITH_AND, r1, (CPU_TLB_SIZE - 1) << CPU_TLB_ENTRY_BITS, 0);
tcg_out_opc(s, 0x8d); /* lea offset(r1, %ebp), r1 */
tcg_out8(s, 0x80 | (r1 << 3) | 0x04);
--
1.7.0.1
[Qemu-devel] [PATCH 02/15] tcg-i386: Tidy ext8s and ext16s operations.
Define OPC_MOVSBL and OPC_MOVSWL. Factor opcode emission to
separate functions.
Signed-off-by: Richard Henderson
---
tcg/i386/tcg-target.c | 35 ---
1 files changed, 24 insertions(+), 11 deletions(-)
diff --git a/tcg/i386/tcg-target.c b/tcg/i386/tcg-target.c
index 4497010..949e974 100644
--- a/tcg/i386/tcg-target.c
+++ b/tcg/i386/tcg-target.c
@@ -166,6 +166,8 @@ static inline int tcg_target_const_match(tcg_target_long
val,
#define OPC_MOVB_EvGv (0x88) /* stores, more or less */
#define OPC_MOVL_EvGv (0x89) /* stores, more or less */
#define OPC_MOVL_GvEv (0x8b) /* loads, more or less */
+#define OPC_MOVSBL (0xbe | P_EXT)
+#define OPC_MOVSWL (0xbf | P_EXT)
#define OPC_MOVZBL (0xb6 | P_EXT)
#define OPC_MOVZWL (0xb7 | P_EXT)
#define OPC_SHIFT_1(0xd1)
@@ -330,12 +332,25 @@ static inline void tcg_out_ext8u(TCGContext *s, int dest,
int src)
tcg_out_modrm(s, OPC_MOVZBL, dest, src);
}
+static void tcg_out_ext8s(TCGContext *s, int dest, int src)
+{
+/* movsbl */
+assert(src < 4);
+tcg_out_modrm(s, OPC_MOVSBL, dest, src);
+}
+
static inline void tcg_out_ext16u(TCGContext *s, int dest, int src)
{
/* movzwl */
tcg_out_modrm(s, OPC_MOVZWL, dest, src);
}
+static inline void tcg_out_ext16s(TCGContext *s, int dest, int src)
+{
+/* movswl */
+tcg_out_modrm(s, OPC_MOVSWL, dest, src);
+}
+
static inline void tgen_arithi(TCGContext *s, int c, int r0, int32_t val, int
cf)
{
if (!cf && ((c == ARITH_ADD && val == 1) || (c == ARITH_SUB && val ==
-1))) {
@@ -680,12 +695,10 @@ static void tcg_out_qemu_ld(TCGContext *s, const TCGArg
*args,
switch(opc) {
case 0 | 4:
-/* movsbl */
-tcg_out_modrm(s, 0xbe | P_EXT, data_reg, TCG_REG_EAX);
+tcg_out_ext8s(s, data_reg, TCG_REG_EAX);
break;
case 1 | 4:
-/* movswl */
-tcg_out_modrm(s, 0xbf | P_EXT, data_reg, TCG_REG_EAX);
+tcg_out_ext16s(s, data_reg, TCG_REG_EAX);
break;
case 0:
tcg_out_ext8u(s, data_reg, TCG_REG_EAX);
@@ -735,7 +748,7 @@ static void tcg_out_qemu_ld(TCGContext *s, const TCGArg
*args,
break;
case 0 | 4:
/* movsbl */
-tcg_out_modrm_offset(s, 0xbe | P_EXT, data_reg, r0, GUEST_BASE);
+tcg_out_modrm_offset(s, OPC_MOVSBL, data_reg, r0, GUEST_BASE);
break;
case 1:
/* movzwl */
@@ -746,12 +759,12 @@ static void tcg_out_qemu_ld(TCGContext *s, const TCGArg
*args,
break;
case 1 | 4:
/* movswl */
-tcg_out_modrm_offset(s, 0xbf | P_EXT, data_reg, r0, GUEST_BASE);
+tcg_out_modrm_offset(s, OPC_MOVSWL, data_reg, r0, GUEST_BASE);
if (bswap) {
tcg_out_rolw_8(s, data_reg);
/* movswl data_reg, data_reg */
-tcg_out_modrm(s, 0xbf | P_EXT, data_reg, data_reg);
+tcg_out_modrm(s, OPC_MOVSWL, data_reg, data_reg);
}
break;
case 2:
@@ -1044,7 +1057,7 @@ static inline void tcg_out_op(TCGContext *s, TCGOpcode
opc,
break;
case INDEX_op_ld8s_i32:
/* movsbl */
-tcg_out_modrm_offset(s, 0xbe | P_EXT, args[0], args[1], args[2]);
+tcg_out_modrm_offset(s, OPC_MOVSBL, args[0], args[1], args[2]);
break;
case INDEX_op_ld16u_i32:
/* movzwl */
@@ -1052,7 +1065,7 @@ static inline void tcg_out_op(TCGContext *s, TCGOpcode
opc,
break;
case INDEX_op_ld16s_i32:
/* movswl */
-tcg_out_modrm_offset(s, 0xbf | P_EXT, args[0], args[1], args[2]);
+tcg_out_modrm_offset(s, OPC_MOVSWL, args[0], args[1], args[2]);
break;
case INDEX_op_ld_i32:
tcg_out_ld(s, TCG_TYPE_I32, args[0], args[1], args[2]);
@@ -1180,10 +1193,10 @@ static inline void tcg_out_op(TCGContext *s, TCGOpcode
opc,
break;
case INDEX_op_ext8s_i32:
-tcg_out_modrm(s, 0xbe | P_EXT, args[0], args[1]);
+tcg_out_ext8s(s, args[0], args[1]);
break;
case INDEX_op_ext16s_i32:
-tcg_out_modrm(s, 0xbf | P_EXT, args[0], args[1]);
+tcg_out_ext16s(s, args[0], args[1]);
break;
case INDEX_op_ext8u_i32:
tcg_out_ext8u(s, args[0], args[1]);
--
1.7.0.1
[Qemu-devel] [PATCH 09/15] tcg-i386: Tidy setcc.
Define and use OPC_SETCC.
Signed-off-by: Richard Henderson
---
tcg/i386/tcg-target.c |4 ++--
1 files changed, 2 insertions(+), 2 deletions(-)
diff --git a/tcg/i386/tcg-target.c b/tcg/i386/tcg-target.c
index c258775..a43dbfb 100644
--- a/tcg/i386/tcg-target.c
+++ b/tcg/i386/tcg-target.c
@@ -184,6 +184,7 @@ static inline int tcg_target_const_match(tcg_target_long
val,
#define OPC_PUSH_Iv(0x68)
#define OPC_PUSH_Ib(0x6a)
#define OPC_RET(0xc3)
+#define OPC_SETCC (0x90 | P_EXT) /* ... plus condition code */
#define OPC_SHIFT_1(0xd1)
#define OPC_SHIFT_Ib (0xc1)
#define OPC_SHIFT_cl (0xd3)
@@ -577,8 +578,7 @@ static void tcg_out_setcond(TCGContext *s, TCGCond cond,
TCGArg dest,
TCGArg arg1, TCGArg arg2, int const_arg2)
{
tcg_out_cmp(s, arg1, arg2, const_arg2);
-/* setcc */
-tcg_out_modrm(s, 0x90 | tcg_cond_to_jcc[cond] | P_EXT, 0, dest);
+tcg_out_modrm(s, OPC_SETCC | tcg_cond_to_jcc[cond], 0, dest);
tcg_out_ext8u(s, dest, dest);
}
--
1.7.0.1
[Qemu-devel] [PATCH 04/15] tcg-i386: Tidy non-immediate arithmetic operations.
Add more OPC values, and tgen_arithr. Use the later throughout.
Note that normal reg/reg arithmetic now uses the Gv,Ev opcode form
instead of the Ev,Gv opcode form used previously. Both forms
disassemble properly, and so there's no visible change when diffing
log files before and after the change. This change makes the operand
ordering within the output routines more natural, and avoids the need
to define an OPC_ARITH_EvGv since a read-modify-write with memory is
not needed within TCG.
Signed-off-by: Richard Henderson
---
tcg/i386/tcg-target.c | 78 ++---
1 files changed, 48 insertions(+), 30 deletions(-)
diff --git a/tcg/i386/tcg-target.c b/tcg/i386/tcg-target.c
index 5e8c58b..bc5985f 100644
--- a/tcg/i386/tcg-target.c
+++ b/tcg/i386/tcg-target.c
@@ -160,7 +160,12 @@ static inline int tcg_target_const_match(tcg_target_long
val,
#define OPC_ARITH_EvIz (0x81)
#define OPC_ARITH_EvIb (0x83)
+#define OPC_ARITH_GvEv (0x03) /* ... plus (ARITH_FOO << 3) */
+#define OPC_ADD_GvEv (OPC_ARITH_GvEv | (ARITH_ADD << 3))
#define OPC_BSWAP (0xc8 | P_EXT)
+#define OPC_CMP_GvEv (OPC_ARITH_GvEv | (ARITH_CMP << 3))
+#define OPC_DEC_r32(0x48)
+#define OPC_INC_r32(0x40)
#define OPC_JCC_long (0x80 | P_EXT) /* ... plus condition code */
#define OPC_JCC_short (0x70) /* ... plus condition code */
#define OPC_JMP_long (0xe9)
@@ -175,6 +180,7 @@ static inline int tcg_target_const_match(tcg_target_long
val,
#define OPC_SHIFT_1(0xd1)
#define OPC_SHIFT_Ib (0xc1)
#define OPC_SHIFT_cl (0xd3)
+#define OPC_TESTL (0x85)
/* Group 1 opcode extensions for 0x80-0x83. */
#define ARITH_ADD 0
@@ -275,6 +281,12 @@ static inline void tcg_out_modrm_offset(TCGContext *s, int
opc, int r, int rm,
}
}
+/* Generate dest op= src. Uses the same ARITH_* codes as tgen_arithi. */
+static inline void tgen_arithr(TCGContext *s, int subop, int dest, int src)
+{
+tcg_out_modrm(s, OPC_ARITH_GvEv + (subop << 3), dest, src);
+}
+
static inline void tcg_out_mov(TCGContext *s, int ret, int arg)
{
if (arg != ret) {
@@ -286,8 +298,7 @@ static inline void tcg_out_movi(TCGContext *s, TCGType type,
int ret, int32_t arg)
{
if (arg == 0) {
-/* xor r0,r0 */
-tcg_out_modrm(s, 0x01 | (ARITH_XOR << 3), ret, ret);
+tgen_arithr(s, ARITH_XOR, ret, ret);
} else {
tcg_out8(s, 0xb8 + ret);
tcg_out32(s, arg);
@@ -353,14 +364,15 @@ static inline void tcg_out_ext16s(TCGContext *s, int
dest, int src)
tcg_out_modrm(s, OPC_MOVSWL, dest, src);
}
-static inline void tgen_arithi(TCGContext *s, int c, int r0, int32_t val, int
cf)
+static inline void tgen_arithi(TCGContext *s, int c, int r0,
+ int32_t val, int cf)
{
-if (!cf && ((c == ARITH_ADD && val == 1) || (c == ARITH_SUB && val ==
-1))) {
-/* inc */
-tcg_out_opc(s, 0x40 + r0);
-} else if (!cf && ((c == ARITH_ADD && val == -1) || (c == ARITH_SUB && val
== 1))) {
-/* dec */
-tcg_out_opc(s, 0x48 + r0);
+/* ??? While INC is 2 bytes shorter than ADDL $1, they also induce
+ partial flags update stalls on Pentium4 and are not recommended
+ by current Intel optimization manuals. */
+if (!cf && (c == ARITH_ADD || c == ARITH_SUB) && (val == 1 || val == -1)) {
+int opc = ((c == ARITH_ADD) ^ (val < 0) ? OPC_INC_r32 : OPC_DEC_r32);
+tcg_out_opc(s, opc + r0);
} else if (val == (int8_t)val) {
tcg_out_modrm(s, OPC_ARITH_EvIb, c, r0);
tcg_out8(s, val);
@@ -433,12 +445,12 @@ static void tcg_out_cmp(TCGContext *s, TCGArg arg1,
TCGArg arg2,
if (const_arg2) {
if (arg2 == 0) {
/* test r, r */
-tcg_out_modrm(s, 0x85, arg1, arg1);
+tcg_out_modrm(s, OPC_TESTL, arg1, arg1);
} else {
tgen_arithi(s, ARITH_CMP, arg1, arg2, 0);
}
} else {
-tcg_out_modrm(s, 0x01 | (ARITH_CMP << 3), arg2, arg1);
+tgen_arithr(s, ARITH_CMP, arg1, arg2);
}
}
@@ -653,7 +665,7 @@ static void tcg_out_qemu_ld(TCGContext *s, const TCGArg
*args,
tcg_out32(s, offsetof(CPUState, tlb_table[mem_index][0].addr_read));
/* cmp 0(r1), r0 */
-tcg_out_modrm_offset(s, 0x3b, r0, r1, 0);
+tcg_out_modrm_offset(s, OPC_CMP_GvEv, r0, r1, 0);
tcg_out_mov(s, r0, addr_reg);
@@ -669,7 +681,7 @@ static void tcg_out_qemu_ld(TCGContext *s, const TCGArg
*args,
s->code_ptr++;
/* cmp 4(r1), addr_reg2 */
-tcg_out_modrm_offset(s, 0x3b, addr_reg2, r1, 4);
+tcg_out_modrm_offset(s, OPC_CMP_GvEv, addr_reg2, r1, 4);
/* je label1 */
tcg_out8(s, OPC_JCC_short + JCC_JE);
@@ -728,7 +740,8 @@ static void tcg_out_qemu_ld(TCGContext *s, const TCGArg
*args,
*label1_ptr = s->code_ptr - label1_ptr - 1;
/* add x(r1), r0 */
-tcg_out_modrm_offset(s, 0x03, r0, r1, offsetof(CPU
[Qemu-devel] [PATCH 07/15] tcg-i386: Tidy calls.
Define OPC_CALL_Jz, generated by tcg_out_calli; use the later
throughout. Unify the calls within qemu_st; adjust the stack
with a single pop if applicable.
Define and use EXT_CALLN_Ev for indirect calls.
Signed-off-by: Richard Henderson
---
tcg/i386/tcg-target.c | 49 +++--
1 files changed, 27 insertions(+), 22 deletions(-)
diff --git a/tcg/i386/tcg-target.c b/tcg/i386/tcg-target.c
index a487375..28a01f3 100644
--- a/tcg/i386/tcg-target.c
+++ b/tcg/i386/tcg-target.c
@@ -163,6 +163,7 @@ static inline int tcg_target_const_match(tcg_target_long
val,
#define OPC_ARITH_GvEv (0x03) /* ... plus (ARITH_FOO << 3) */
#define OPC_ADD_GvEv (OPC_ARITH_GvEv | (ARITH_ADD << 3))
#define OPC_BSWAP (0xc8 | P_EXT)
+#define OPC_CALL_Jz(0xe8)
#define OPC_CMP_GvEv (OPC_ARITH_GvEv | (ARITH_CMP << 3))
#define OPC_DEC_r32(0x48)
#define OPC_INC_r32(0x40)
@@ -205,6 +206,7 @@ static inline int tcg_target_const_match(tcg_target_long
val,
#define SHIFT_SAR 7
/* Group 5 opcode extensions for 0xff. */
+#define EXT_CALLN_Ev 2
#define EXT_JMPN_Ev4
/* Condition codes to be added to OPC_JCC_{long,short}. */
@@ -621,6 +623,12 @@ static void tcg_out_setcond2(TCGContext *s, const TCGArg
*args,
}
}
+static void tcg_out_calli(TCGContext *s, tcg_target_long dest)
+{
+tcg_out_opc(s, OPC_CALL_Jz);
+tcg_out32(s, dest - (tcg_target_long)s->code_ptr - 4);
+}
+
#if defined(CONFIG_SOFTMMU)
#include "../../softmmu_defs.h"
@@ -725,9 +733,7 @@ static void tcg_out_qemu_ld(TCGContext *s, const TCGArg
*args,
tcg_out_mov(s, TCG_REG_EDX, addr_reg2);
tcg_out_movi(s, TCG_TYPE_I32, TCG_REG_ECX, mem_index);
#endif
-tcg_out8(s, 0xe8);
-tcg_out32(s, (tcg_target_long)qemu_ld_helpers[s_bits] -
- (tcg_target_long)s->code_ptr - 4);
+tcg_out_calli(s, (tcg_target_long)qemu_ld_helpers[s_bits]);
switch(opc) {
case 0 | 4:
@@ -844,6 +850,7 @@ static void tcg_out_qemu_st(TCGContext *s, const TCGArg
*args,
{
int addr_reg, data_reg, data_reg2, r0, r1, mem_index, s_bits, bswap;
#if defined(CONFIG_SOFTMMU)
+int stack_adjust;
uint8_t *label1_ptr, *label2_ptr;
#endif
#if TARGET_LONG_BITS == 64
@@ -917,10 +924,7 @@ static void tcg_out_qemu_st(TCGContext *s, const TCGArg
*args,
tcg_out_mov(s, TCG_REG_EDX, data_reg);
tcg_out_mov(s, TCG_REG_ECX, data_reg2);
tcg_out_pushi(s, mem_index);
-tcg_out8(s, 0xe8);
-tcg_out32(s, (tcg_target_long)qemu_st_helpers[s_bits] -
- (tcg_target_long)s->code_ptr - 4);
-tcg_out_addi(s, TCG_REG_ESP, 4);
+stack_adjust = 4;
} else {
switch(opc) {
case 0:
@@ -934,9 +938,7 @@ static void tcg_out_qemu_st(TCGContext *s, const TCGArg
*args,
break;
}
tcg_out_movi(s, TCG_TYPE_I32, TCG_REG_ECX, mem_index);
-tcg_out8(s, 0xe8);
-tcg_out32(s, (tcg_target_long)qemu_st_helpers[s_bits] -
- (tcg_target_long)s->code_ptr - 4);
+stack_adjust = 0;
}
#else
if (opc == 3) {
@@ -944,10 +946,7 @@ static void tcg_out_qemu_st(TCGContext *s, const TCGArg
*args,
tcg_out_pushi(s, mem_index);
tcg_out_push(s, data_reg2);
tcg_out_push(s, data_reg);
-tcg_out8(s, 0xe8);
-tcg_out32(s, (tcg_target_long)qemu_st_helpers[s_bits] -
- (tcg_target_long)s->code_ptr - 4);
-tcg_out_addi(s, TCG_REG_ESP, 12);
+stack_adjust = 12;
} else {
tcg_out_mov(s, TCG_REG_EDX, addr_reg2);
switch(opc) {
@@ -962,13 +961,19 @@ static void tcg_out_qemu_st(TCGContext *s, const TCGArg
*args,
break;
}
tcg_out_pushi(s, mem_index);
-tcg_out8(s, 0xe8);
-tcg_out32(s, (tcg_target_long)qemu_st_helpers[s_bits] -
- (tcg_target_long)s->code_ptr - 4);
-tcg_out_addi(s, TCG_REG_ESP, 4);
+stack_adjust = 4;
}
#endif
-
+
+tcg_out_calli(s, (tcg_target_long)qemu_st_helpers[s_bits]);
+
+if (stack_adjust == 4) {
+/* Pop and discard. This is 2 bytes smaller than the add. */
+tcg_out_pop(s, TCG_REG_ECX);
+} else if (stack_adjust != 0) {
+tcg_out_addi(s, TCG_REG_ESP, stack_adjust);
+}
+
/* jmp label2 */
tcg_out8(s, OPC_JMP_short);
label2_ptr = s->code_ptr;
@@ -1061,10 +1066,10 @@ static inline void tcg_out_op(TCGContext *s, TCGOpcode
opc,
break;
case INDEX_op_call:
if (const_args[0]) {
-tcg_out8(s, 0xe8);
-tcg_out32(s, args[0] - (tcg_target_long)s->code_ptr - 4);
+tcg_out_calli(s, args[0]);
} else {
-tcg_out_modrm(s, 0xff, 2, args[0]);
+/* call *reg */
+tcg_out_modrm(s, 0xff, EXT_CALLN_Ev, args[0]);
}
break;
case INDEX_op_jmp:
--
1.7.0.1
[Qemu-devel] [PATCH 05/15] tcg-i386: Tidy movi.
Define and use OPC_MOVL_Iv.
Signed-off-by: Richard Henderson
---
tcg/i386/tcg-target.c |3 ++-
1 files changed, 2 insertions(+), 1 deletions(-)
diff --git a/tcg/i386/tcg-target.c b/tcg/i386/tcg-target.c
index bc5985f..1d227db 100644
--- a/tcg/i386/tcg-target.c
+++ b/tcg/i386/tcg-target.c
@@ -173,6 +173,7 @@ static inline int tcg_target_const_match(tcg_target_long
val,
#define OPC_MOVB_EvGv (0x88) /* stores, more or less */
#define OPC_MOVL_EvGv (0x89) /* stores, more or less */
#define OPC_MOVL_GvEv (0x8b) /* loads, more or less */
+#define OPC_MOVL_Iv (0xb8)
#define OPC_MOVSBL (0xbe | P_EXT)
#define OPC_MOVSWL (0xbf | P_EXT)
#define OPC_MOVZBL (0xb6 | P_EXT)
@@ -300,7 +301,7 @@ static inline void tcg_out_movi(TCGContext *s, TCGType type,
if (arg == 0) {
tgen_arithr(s, ARITH_XOR, ret, ret);
} else {
-tcg_out8(s, 0xb8 + ret);
+tcg_out8(s, OPC_MOVL_Iv + ret);
tcg_out32(s, arg);
}
}
--
1.7.0.1
[Qemu-devel] [PATCH 14/15] tcg-i386: Use lea for three-operand add.
The result is shorter than the mov+add that TCG would
otherwise generate for us.
Signed-off-by: Richard Henderson
---
tcg/i386/tcg-target.c | 23 ---
1 files changed, 20 insertions(+), 3 deletions(-)
diff --git a/tcg/i386/tcg-target.c b/tcg/i386/tcg-target.c
index 6562a5d..fc61e80 100644
--- a/tcg/i386/tcg-target.c
+++ b/tcg/i386/tcg-target.c
@@ -1165,6 +1165,25 @@ static inline void tcg_out_op(TCGContext *s, TCGOpcode
opc,
case INDEX_op_st_i32:
tcg_out_st(s, TCG_TYPE_I32, args[0], args[1], args[2]);
break;
+case INDEX_op_add_i32:
+/* For 3-operand addition, use LEA. */
+if (args[0] != args[1]) {
+TCGArg a0 = args[0], a1 = args[1], a2 = args[2], c3 = 0;
+
+if (const_args[2]) {
+c3 = a2, a2 = -1;
+} else if (a0 == a2) {
+/* Watch out for dest = src + dest, since we've removed
+ the matching constraint on the add. */
+tgen_arithr(s, ARITH_ADD, a0, a1);
+break;
+}
+
+tcg_out_modrm_sib_offset(s, OPC_LEA, a0, a1, a2, 0, c3);
+break;
+}
+c = ARITH_ADD;
+goto gen_arith;
case INDEX_op_sub_i32:
c = ARITH_SUB;
goto gen_arith;
@@ -1177,8 +1196,6 @@ static inline void tcg_out_op(TCGContext *s, TCGOpcode
opc,
case INDEX_op_xor_i32:
c = ARITH_XOR;
goto gen_arith;
-case INDEX_op_add_i32:
-c = ARITH_ADD;
gen_arith:
if (const_args[2]) {
tgen_arithi(s, c, args[0], args[2], 0);
@@ -1353,7 +1370,7 @@ static const TCGTargetOpDef x86_op_defs[] = {
{ INDEX_op_st16_i32, { "r", "r" } },
{ INDEX_op_st_i32, { "r", "r" } },
-{ INDEX_op_add_i32, { "r", "0", "ri" } },
+{ INDEX_op_add_i32, { "r", "r", "ri" } },
{ INDEX_op_sub_i32, { "r", "0", "ri" } },
{ INDEX_op_mul_i32, { "r", "0", "ri" } },
{ INDEX_op_mulu2_i32, { "a", "d", "a", "r" } },
--
1.7.0.1
[Qemu-devel] [PATCH 08/15] tcg-i386: Tidy ret.
Define and use OPC_RET.
Signed-off-by: Richard Henderson
---
tcg/i386/tcg-target.c |3 ++-
1 files changed, 2 insertions(+), 1 deletions(-)
diff --git a/tcg/i386/tcg-target.c b/tcg/i386/tcg-target.c
index 28a01f3..c258775 100644
--- a/tcg/i386/tcg-target.c
+++ b/tcg/i386/tcg-target.c
@@ -183,6 +183,7 @@ static inline int tcg_target_const_match(tcg_target_long
val,
#define OPC_PUSH_r32 (0x50)
#define OPC_PUSH_Iv(0x68)
#define OPC_PUSH_Ib(0x6a)
+#define OPC_RET(0xc3)
#define OPC_SHIFT_1(0xd1)
#define OPC_SHIFT_Ib (0xc1)
#define OPC_SHIFT_cl (0xd3)
@@ -1405,7 +1406,7 @@ void tcg_target_qemu_prologue(TCGContext *s)
for(i = ARRAY_SIZE(tcg_target_callee_save_regs) - 1; i >= 0; i--) {
tcg_out_pop(s, tcg_target_callee_save_regs[i]);
}
-tcg_out8(s, 0xc3); /* ret */
+tcg_out_opc(s, OPC_RET);
}
void tcg_target_init(TCGContext *s)
--
1.7.0.1
[Qemu-devel] [PATCH 12/15] tcg-i386: Tidy xchg.
Define and use OPC_XCHG_ax_r32.
Signed-off-by: Richard Henderson
---
tcg/i386/tcg-target.c |4 +++-
1 files changed, 3 insertions(+), 1 deletions(-)
diff --git a/tcg/i386/tcg-target.c b/tcg/i386/tcg-target.c
index 8eb88da..09a56e8 100644
--- a/tcg/i386/tcg-target.c
+++ b/tcg/i386/tcg-target.c
@@ -192,6 +192,7 @@ static inline int tcg_target_const_match(tcg_target_long
val,
#define OPC_SHIFT_Ib (0xc1)
#define OPC_SHIFT_cl (0xd3)
#define OPC_TESTL (0x85)
+#define OPC_XCHG_ax_r32(0x90)
#define OPC_GRP3_Ev(0xf7)
#define OPC_GRP5 (0xff)
@@ -770,7 +771,8 @@ static void tcg_out_qemu_ld(TCGContext *s, const TCGArg
*args,
break;
case 3:
if (data_reg == TCG_REG_EDX) {
-tcg_out_opc(s, 0x90 + TCG_REG_EDX); /* xchg %edx, %eax */
+/* xchg %edx, %eax */
+tcg_out_opc(s, OPC_XCHG_ax_r32 + TCG_REG_EDX);
tcg_out_mov(s, data_reg2, TCG_REG_EAX);
} else {
tcg_out_mov(s, data_reg, TCG_REG_EAX);
--
1.7.0.1
[Qemu-devel] [PATCH 10/15] tcg-i386: Tidy unary arithmetic.
Define OPC_GRP3 and EXT3_FOO to match. Use them instead of
bare constants.
Define OPC_GRP5 and rename the existing EXT_BAR to EXT5_BAR to
make it clear which extension should be used with which opcode.
Signed-off-by: Richard Henderson
---
tcg/i386/tcg-target.c | 38 +-
1 files changed, 25 insertions(+), 13 deletions(-)
diff --git a/tcg/i386/tcg-target.c b/tcg/i386/tcg-target.c
index a43dbfb..07da8c7 100644
--- a/tcg/i386/tcg-target.c
+++ b/tcg/i386/tcg-target.c
@@ -190,7 +190,11 @@ static inline int tcg_target_const_match(tcg_target_long
val,
#define OPC_SHIFT_cl (0xd3)
#define OPC_TESTL (0x85)
-/* Group 1 opcode extensions for 0x80-0x83. */
+#define OPC_GRP3_Ev(0xf7)
+#define OPC_GRP5 (0xff)
+
+/* Group 1 opcode extensions for 0x80-0x83.
+ These are also used as modifiers for OPC_ARITH. */
#define ARITH_ADD 0
#define ARITH_OR 1
#define ARITH_ADC 2
@@ -207,9 +211,17 @@ static inline int tcg_target_const_match(tcg_target_long
val,
#define SHIFT_SHR 5
#define SHIFT_SAR 7
-/* Group 5 opcode extensions for 0xff. */
-#define EXT_CALLN_Ev 2
-#define EXT_JMPN_Ev4
+/* Group 3 opcode extensions for 0xf6, 0xf7. To be used with OPC_GRP3. */
+#define EXT3_NOT 2
+#define EXT3_NEG 3
+#define EXT3_MUL 4
+#define EXT3_IMUL 5
+#define EXT3_DIV 6
+#define EXT3_IDIV 7
+
+/* Group 5 opcode extensions for 0xff. To be used with OPC_GRP5. */
+#define EXT5_CALLN_Ev 2
+#define EXT5_JMPN_Ev 4
/* Condition codes to be added to OPC_JCC_{long,short}. */
#define JCC_JMP (-1)
@@ -1060,7 +1072,7 @@ static inline void tcg_out_op(TCGContext *s, TCGOpcode
opc,
tcg_out32(s, 0);
} else {
/* indirect jump method */
-tcg_out_modrm_offset(s, 0xff, EXT_JMPN_Ev, -1,
+tcg_out_modrm_offset(s, OPC_GRP5, EXT5_JMPN_Ev, -1,
(tcg_target_long)(s->tb_next + args[0]));
}
s->tb_next_offset[args[0]] = s->code_ptr - s->code_buf;
@@ -1070,7 +1082,7 @@ static inline void tcg_out_op(TCGContext *s, TCGOpcode
opc,
tcg_out_calli(s, args[0]);
} else {
/* call *reg */
-tcg_out_modrm(s, 0xff, EXT_CALLN_Ev, args[0]);
+tcg_out_modrm(s, OPC_GRP5, EXT5_CALLN_Ev, args[0]);
}
break;
case INDEX_op_jmp:
@@ -1079,7 +1091,7 @@ static inline void tcg_out_op(TCGContext *s, TCGOpcode
opc,
tcg_out32(s, args[0] - (tcg_target_long)s->code_ptr - 4);
} else {
/* jmp *reg */
-tcg_out_modrm(s, 0xff, EXT_JMPN_Ev, args[0]);
+tcg_out_modrm(s, OPC_GRP5, EXT5_JMPN_Ev, args[0]);
}
break;
case INDEX_op_br:
@@ -1156,13 +1168,13 @@ static inline void tcg_out_op(TCGContext *s, TCGOpcode
opc,
}
break;
case INDEX_op_mulu2_i32:
-tcg_out_modrm(s, 0xf7, 4, args[3]);
+tcg_out_modrm(s, OPC_GRP3_Ev, EXT3_MUL, args[3]);
break;
case INDEX_op_div2_i32:
-tcg_out_modrm(s, 0xf7, 7, args[4]);
+tcg_out_modrm(s, OPC_GRP3_Ev, EXT3_IDIV, args[4]);
break;
case INDEX_op_divu2_i32:
-tcg_out_modrm(s, 0xf7, 6, args[4]);
+tcg_out_modrm(s, OPC_GRP3_Ev, EXT3_DIV, args[4]);
break;
case INDEX_op_shl_i32:
c = SHIFT_SHL;
@@ -1226,11 +1238,11 @@ static inline void tcg_out_op(TCGContext *s, TCGOpcode
opc,
break;
case INDEX_op_neg_i32:
-tcg_out_modrm(s, 0xf7, 3, args[0]);
+tcg_out_modrm(s, OPC_GRP3_Ev, EXT3_NEG, args[0]);
break;
case INDEX_op_not_i32:
-tcg_out_modrm(s, 0xf7, 2, args[0]);
+tcg_out_modrm(s, OPC_GRP3_Ev, EXT3_NOT, args[0]);
break;
case INDEX_op_ext8s_i32:
@@ -1398,7 +1410,7 @@ void tcg_target_qemu_prologue(TCGContext *s)
stack_addend = frame_size - push_size;
tcg_out_addi(s, TCG_REG_ESP, -stack_addend);
-tcg_out_modrm(s, 0xff, EXT_JMPN_Ev, TCG_REG_EAX); /* jmp *%eax */
+tcg_out_modrm(s, OPC_GRP5, EXT5_JMPN_Ev, TCG_REG_EAX); /* jmp *%eax */
/* TB epilogue */
tb_ret_addr = s->code_ptr;
--
1.7.0.1
[Qemu-devel] [PATCH 13/15] tcg-i386: Tidy lea.
Implement full modrm+sib addressing mode processing. Use that in qemu_ld/st to output the LEA. Signed-off-by: Richard Henderson --- tcg/i386/tcg-target.c | 91 - 1 files changed, 60 insertions(+), 31 deletions(-) diff --git a/tcg/i386/tcg-target.c b/tcg/i386/tcg-target.c index 09a56e8..6562a5d 100644 --- a/tcg/i386/tcg-target.c +++ b/tcg/i386/tcg-target.c @@ -174,6 +174,7 @@ static inline int tcg_target_const_match(tcg_target_long val, #define OPC_JCC_short (0x70) /* ... plus condition code */ #define OPC_JMP_long (0xe9) #define OPC_JMP_short (0xeb) +#define OPC_LEA (0x8d) #define OPC_MOVB_EvGv (0x88) /* stores, more or less */ #define OPC_MOVL_EvGv (0x89) /* stores, more or less */ #define OPC_MOVL_GvEv (0x8b) /* loads, more or less */ @@ -272,40 +273,70 @@ static inline void tcg_out_modrm(TCGContext *s, int opc, int r, int rm) tcg_out8(s, 0xc0 | (r << 3) | rm); } -/* rm == -1 means no register index */ -static inline void tcg_out_modrm_offset(TCGContext *s, int opc, int r, int rm, -int32_t offset) +/* Output an opcode with a full "rm + (index<
Re: [Qemu-devel] [Bug 453617] Re: kvm hangs at 100% cpu when connecting to forwarded ports (when listed incorrectly on the command line)
> ProblemType: Bug > Architecture: amd64 > Date: Fri Oct 16 17:19:59 2009 > DistroRelease: Ubuntu 9.10 What is the point forwarding distro bugs here? Can we have upstream bug tracker to report upstream issues? -- Gleb.
[Qemu-devel] [PATCH 11/15] tcg-i386: Tidy multiply.
Define and use OPC_IMUL_GvEv{,Ib,Iz}.
Signed-off-by: Richard Henderson
---
tcg/i386/tcg-target.c |9 ++---
1 files changed, 6 insertions(+), 3 deletions(-)
diff --git a/tcg/i386/tcg-target.c b/tcg/i386/tcg-target.c
index 07da8c7..8eb88da 100644
--- a/tcg/i386/tcg-target.c
+++ b/tcg/i386/tcg-target.c
@@ -166,6 +166,9 @@ static inline int tcg_target_const_match(tcg_target_long
val,
#define OPC_CALL_Jz(0xe8)
#define OPC_CMP_GvEv (OPC_ARITH_GvEv | (ARITH_CMP << 3))
#define OPC_DEC_r32(0x48)
+#define OPC_IMUL_GvEv (0xaf | P_EXT)
+#define OPC_IMUL_GvEvIb(0x6b)
+#define OPC_IMUL_GvEvIz(0x69)
#define OPC_INC_r32(0x40)
#define OPC_JCC_long (0x80 | P_EXT) /* ... plus condition code */
#define OPC_JCC_short (0x70) /* ... plus condition code */
@@ -1157,14 +1160,14 @@ static inline void tcg_out_op(TCGContext *s, TCGOpcode
opc,
int32_t val;
val = args[2];
if (val == (int8_t)val) {
-tcg_out_modrm(s, 0x6b, args[0], args[0]);
+tcg_out_modrm(s, OPC_IMUL_GvEvIb, args[0], args[0]);
tcg_out8(s, val);
} else {
-tcg_out_modrm(s, 0x69, args[0], args[0]);
+tcg_out_modrm(s, OPC_IMUL_GvEvIz, args[0], args[0]);
tcg_out32(s, val);
}
} else {
-tcg_out_modrm(s, 0xaf | P_EXT, args[0], args[2]);
+tcg_out_modrm(s, OPC_IMUL_GvEv, args[0], args[2]);
}
break;
case INDEX_op_mulu2_i32:
--
1.7.0.1
[Qemu-devel] Re: lsi: Handle removal of selected devices
This patch: 64d564094cac5f72eeaeb950c442b773a00d3586 is the first bad commit commit 64d564094cac5f72eeaeb950c442b773a00d3586 Author: Jan Kiszka Date: Tue May 4 14:21:03 2010 +0200 lsi: Handle removal of selected devices We must not store references to selected devices as they may be hot-removed. Instead, look up the device based on its tag right before using it. If the device disappeared, throw an interrupt and disconnect. Signed-off-by: Jan Kiszka Signed-off-by: Anthony Liguori breaks the versatile machine. qemu-system-arm segfaults during the boot. -- Aurelien Jarno GPG: 1024D/F1BCDB73 aurel...@aurel32.net http://www.aurel32.net
[Qemu-devel] [PATCH 15/15] tcg-i386: Nuke trailing whitespace.
Signed-off-by: Richard Henderson
---
tcg/i386/tcg-target.c | 52
1 files changed, 26 insertions(+), 26 deletions(-)
diff --git a/tcg/i386/tcg-target.c b/tcg/i386/tcg-target.c
index fc61e80..396a2f1 100644
--- a/tcg/i386/tcg-target.c
+++ b/tcg/i386/tcg-target.c
@@ -50,7 +50,7 @@ static const int tcg_target_call_oarg_regs[2] = {
TCG_REG_EAX, TCG_REG_EDX };
static uint8_t *tb_ret_addr;
-static void patch_reloc(uint8_t *code_ptr, int type,
+static void patch_reloc(uint8_t *code_ptr, int type,
tcg_target_long value, tcg_target_long addend)
{
value += addend;
@@ -273,7 +273,7 @@ static inline void tcg_out_modrm(TCGContext *s, int opc,
int r, int rm)
tcg_out8(s, 0xc0 | (r << 3) | rm);
}
-/* Output an opcode with a full "rm + (indexhas_value) {
val = l->u.value - (tcg_target_long)s->code_ptr;
val1 = val - 2;
@@ -733,8 +733,8 @@ static void tcg_out_qemu_ld(TCGContext *s, const TCGArg
*args,
r1 = TCG_REG_EDX;
#if defined(CONFIG_SOFTMMU)
-tcg_out_mov(s, r1, addr_reg);
-tcg_out_mov(s, r0, addr_reg);
+tcg_out_mov(s, r1, addr_reg);
+tcg_out_mov(s, r0, addr_reg);
tcg_out_shifti(s, SHIFT_SHR, r1, TARGET_PAGE_BITS - CPU_TLB_ENTRY_BITS);
@@ -747,9 +747,9 @@ static void tcg_out_qemu_ld(TCGContext *s, const TCGArg
*args,
/* cmp 0(r1), r0 */
tcg_out_modrm_offset(s, OPC_CMP_GvEv, r0, r1, 0);
-
+
tcg_out_mov(s, r0, addr_reg);
-
+
#if TARGET_LONG_BITS == 32
/* je label1 */
tcg_out8(s, OPC_JCC_short + JCC_JE);
@@ -760,7 +760,7 @@ static void tcg_out_qemu_ld(TCGContext *s, const TCGArg
*args,
tcg_out8(s, OPC_JCC_short + JCC_JNE);
label3_ptr = s->code_ptr;
s->code_ptr++;
-
+
/* cmp 4(r1), addr_reg2 */
tcg_out_modrm_offset(s, OPC_CMP_GvEv, addr_reg2, r1, 4);
@@ -768,7 +768,7 @@ static void tcg_out_qemu_ld(TCGContext *s, const TCGArg
*args,
tcg_out8(s, OPC_JCC_short + JCC_JE);
label1_ptr = s->code_ptr;
s->code_ptr++;
-
+
/* label3: */
*label3_ptr = s->code_ptr - label3_ptr - 1;
#endif
@@ -815,13 +815,13 @@ static void tcg_out_qemu_ld(TCGContext *s, const TCGArg
*args,
tcg_out8(s, OPC_JMP_short);
label2_ptr = s->code_ptr;
s->code_ptr++;
-
+
/* label1: */
*label1_ptr = s->code_ptr - label1_ptr - 1;
/* add x(r1), r0 */
tcg_out_modrm_offset(s, OPC_ADD_GvEv, r0, r1,
- offsetof(CPUTLBEntry, addend) -
+ offsetof(CPUTLBEntry, addend) -
offsetof(CPUTLBEntry, addr_read));
#else
r0 = addr_reg;
@@ -925,9 +925,9 @@ static void tcg_out_qemu_st(TCGContext *s, const TCGArg
*args,
r1 = TCG_REG_EDX;
#if defined(CONFIG_SOFTMMU)
-tcg_out_mov(s, r1, addr_reg);
-tcg_out_mov(s, r0, addr_reg);
-
+tcg_out_mov(s, r1, addr_reg);
+tcg_out_mov(s, r0, addr_reg);
+
tcg_out_shifti(s, SHIFT_SHR, r1, TARGET_PAGE_BITS - CPU_TLB_ENTRY_BITS);
tgen_arithi(s, ARITH_AND, r0, TARGET_PAGE_MASK | ((1 << s_bits) - 1), 0);
@@ -939,9 +939,9 @@ static void tcg_out_qemu_st(TCGContext *s, const TCGArg
*args,
/* cmp 0(r1), r0 */
tcg_out_modrm_offset(s, OPC_CMP_GvEv, r0, r1, 0);
-
+
tcg_out_mov(s, r0, addr_reg);
-
+
#if TARGET_LONG_BITS == 32
/* je label1 */
tcg_out8(s, OPC_JCC_short + JCC_JE);
@@ -952,7 +952,7 @@ static void tcg_out_qemu_st(TCGContext *s, const TCGArg
*args,
tcg_out8(s, OPC_JCC_short + JCC_JNE);
label3_ptr = s->code_ptr;
s->code_ptr++;
-
+
/* cmp 4(r1), addr_reg2 */
tcg_out_modrm_offset(s, OPC_CMP_GvEv, addr_reg2, r1, 4);
@@ -960,7 +960,7 @@ static void tcg_out_qemu_st(TCGContext *s, const TCGArg
*args,
tcg_out8(s, OPC_JCC_short + JCC_JE);
label1_ptr = s->code_ptr;
s->code_ptr++;
-
+
/* label3: */
*label3_ptr = s->code_ptr - label3_ptr - 1;
#endif
@@ -1025,13 +1025,13 @@ static void tcg_out_qemu_st(TCGContext *s, const TCGArg
*args,
tcg_out8(s, OPC_JMP_short);
label2_ptr = s->code_ptr;
s->code_ptr++;
-
+
/* label1: */
*label1_ptr = s->code_ptr - label1_ptr - 1;
/* add x(r1), r0 */
tcg_out_modrm_offset(s, OPC_ADD_GvEv, r0, r1,
- offsetof(CPUTLBEntry, addend) -
+ offsetof(CPUTLBEntry, addend) -
offsetof(CPUTLBEntry, addr_write));
#else
r0 = addr_reg;
@@ -1091,7 +1091,7 @@ static inline void tcg_out_op(TCGContext *s, TCGOpcode
opc,
const TCGArg *args, const int *const_args)
{
int c;
-
+
switch(opc) {
case INDEX_op_exit_tb:
tcg_out_movi(s, TCG_TYPE_I32, TCG_REG_EAX, args[0]);
@@ -1334,7 +1334,7 @@ static inline void tcg_out_op(TCGContext *s, TCGOpcode
opc,
case INDEX_op_qemu_ld64:
tcg_out_qemu_ld(s, args, 3);
break;
-
[Qemu-devel] [PATCH 0/5] tcg-i386: tidy softmmu code
This is sort-of part 2 of the patch series that I just edited and re-posted for you. The majority of the patch series deals with the SOFTMMU code. I think you saw a patch about the data16 prefix before, but this one's different. It's written the way it is here because I have a third patch series pending that merges the i386 and x86_64 targets, and in addition to propagating P_DATA16 for rolw we'll have P_REXW for all the shifts. r~ Richard Henderson (5): tcg-i386: Tidy data16 prefixes. tcg-i386: Split out TLB Hit path from qemu_ld/st. tcg-i386: Swap order of TLB hit and miss paths. tcg-i386: Split out tlb load function. tcg-i386: Remove some ifdefs in qemu_ld/st. tcg/i386/tcg-target.c | 549 - 1 files changed, 267 insertions(+), 282 deletions(-)
Re: [Qemu-devel] Problems changing dvdrom iso during execution
So do you have any idea whats causing the problem? Is there any other way I can mount a dvd in Qemu? Adnan _ From: David S. Ahern [mailto:daah...@cisco.com] To: ad...@khaleel.us Cc: Qemu-devel@nongnu.org Sent: Thu, 20 May 2010 17:45:11 -0500 Subject: Re: [Qemu-devel] Problems changing dvdrom iso during execution On 05/20/2010 03:48 PM, Adnan Khaleel wrote: > Thanks for your response. > > > Does it work if the guest uses ide based CD's: > rmmod ide-scsi > modprobe ide-cd > > There isn't an ide-scsi but there is a scsi_mod and when I try to remove > that it gives > ERROR: Module scsi_mod is in use by sr_mod,sg,sd_mod,libata > > modprobe ide-cd seems to work. Ok, I pulled those from a RHEL3 VM. Looks like SLES11 is using a newer 2.6 kernel. The idea I was poking at was to get the CD in the VM to go through the ide-cd layer and not the ata/scsi route. I had to do that for my RHEL3 guest to get some consistency with the DVD -- similar to the problem you are seeing. David > > However it doesn't fix the problem. > > Interestingly, before doing modprobe ide-cd, > linux> lsmod | grep ide > ide_pci_generic 46520 > ide_core 115068 2 ide_pci_generic, piix > > After the modprobe ide-cd, I get > ide_cd_mod 339840 > cdrom 362002 ide_cd_mod, sr_mod > ide_pci_generic 46520 > ide_core 115068 3 ide_cd_mod, ide_pci_generic, piix > > > >
[Qemu-devel] [PATCH 3/5] tcg-i386: Swap order of TLB hit and miss paths.
Make fallthru be TLB hit and branch be TLB miss. Doing this
both improves branch prediction and will allow further cleanup.
Signed-off-by: Richard Henderson
---
tcg/i386/tcg-target.c | 172 +++--
1 files changed, 80 insertions(+), 92 deletions(-)
diff --git a/tcg/i386/tcg-target.c b/tcg/i386/tcg-target.c
index 30c933c..0d85ec0 100644
--- a/tcg/i386/tcg-target.c
+++ b/tcg/i386/tcg-target.c
@@ -771,26 +771,21 @@ static void tcg_out_qemu_ld_direct(TCGContext *s, int
datalo, int datahi,
static void tcg_out_qemu_ld(TCGContext *s, const TCGArg *args,
int opc)
{
-int addr_reg, data_reg, data_reg2, r0, r1, mem_index, s_bits;
+int addr_reg, addr_reg2 = 0;
+int data_reg, data_reg2 = 0;
+int r0, r1, mem_index, s_bits;
#if defined(CONFIG_SOFTMMU)
-uint8_t *label1_ptr, *label2_ptr;
-#endif
-#if TARGET_LONG_BITS == 64
-#if defined(CONFIG_SOFTMMU)
-uint8_t *label3_ptr;
-#endif
-int addr_reg2;
+uint8_t *label_ptr[3];
#endif
data_reg = *args++;
-if (opc == 3)
+if (opc == 3) {
data_reg2 = *args++;
-else
-data_reg2 = 0;
+}
addr_reg = *args++;
-#if TARGET_LONG_BITS == 64
-addr_reg2 = *args++;
-#endif
+if (TARGET_LONG_BITS == 64) {
+addr_reg2 = *args++;
+}
mem_index = *args;
s_bits = opc & 3;
@@ -815,28 +810,42 @@ static void tcg_out_qemu_ld(TCGContext *s, const TCGArg
*args,
tcg_out_mov(s, r0, addr_reg);
-#if TARGET_LONG_BITS == 32
-/* je label1 */
-tcg_out8(s, OPC_JCC_short + JCC_JE);
-label1_ptr = s->code_ptr;
-s->code_ptr++;
-#else
-/* jne label3 */
+/* jne label1 */
tcg_out8(s, OPC_JCC_short + JCC_JNE);
-label3_ptr = s->code_ptr;
+label_ptr[0] = s->code_ptr;
s->code_ptr++;
-/* cmp 4(r1), addr_reg2 */
-tcg_out_modrm_offset(s, OPC_CMP_GvEv, addr_reg2, r1, 4);
+if (TARGET_LONG_BITS == 64) {
+/* cmp 4(r1), addr_reg2 */
+tcg_out_modrm_offset(s, OPC_CMP_GvEv, addr_reg2, r1, 4);
+
+/* jne label1 */
+tcg_out8(s, OPC_JCC_short + JCC_JNE);
+label_ptr[1] = s->code_ptr;
+s->code_ptr++;
+}
+
+/* TLB Hit. */
+
+/* add x(r1), r0 */
+tcg_out_modrm_offset(s, OPC_ADD_GvEv, r0, r1,
+ offsetof(CPUTLBEntry, addend) -
+ offsetof(CPUTLBEntry, addr_read));
+
+tcg_out_qemu_ld_direct(s, data_reg, data_reg2, r0, 0, opc);
-/* je label1 */
-tcg_out8(s, OPC_JCC_short + JCC_JE);
-label1_ptr = s->code_ptr;
+/* jmp label2 */
+tcg_out8(s, OPC_JMP_short);
+label_ptr[2] = s->code_ptr;
s->code_ptr++;
-/* label3: */
-*label3_ptr = s->code_ptr - label3_ptr - 1;
-#endif
+/* TLB Miss. */
+
+/* label1: */
+*label_ptr[0] = s->code_ptr - label_ptr[0] - 1;
+if (TARGET_LONG_BITS == 64) {
+*label_ptr[1] = s->code_ptr - label_ptr[1] - 1;
+}
/* XXX: move that code at the end of the TB */
#if TARGET_LONG_BITS == 32
@@ -876,23 +885,8 @@ static void tcg_out_qemu_ld(TCGContext *s, const TCGArg
*args,
break;
}
-/* jmp label2 */
-tcg_out8(s, OPC_JMP_short);
-label2_ptr = s->code_ptr;
-s->code_ptr++;
-
-/* label1: */
-*label1_ptr = s->code_ptr - label1_ptr - 1;
-
-/* add x(r1), r0 */
-tcg_out_modrm_offset(s, OPC_ADD_GvEv, r0, r1,
- offsetof(CPUTLBEntry, addend) -
- offsetof(CPUTLBEntry, addr_read));
-
-tcg_out_qemu_ld_direct(s, data_reg, data_reg2, r0, 0, opc);
-
/* label2: */
-*label2_ptr = s->code_ptr - label2_ptr - 1;
+*label_ptr[2] = s->code_ptr - label_ptr[2] - 1;
#else
tcg_out_qemu_ld_direct(s, data_reg, data_reg2, addr_reg, GUEST_BASE, opc);
#endif
@@ -955,27 +949,22 @@ static void tcg_out_qemu_st_direct(TCGContext *s, int
datalo, int datahi,
static void tcg_out_qemu_st(TCGContext *s, const TCGArg *args,
int opc)
{
-int addr_reg, data_reg, data_reg2, r0, r1, mem_index, s_bits;
+int addr_reg, addr_reg2 = 0;
+int data_reg, data_reg2 = 0;
+int r0, r1, mem_index, s_bits;
#if defined(CONFIG_SOFTMMU)
int stack_adjust;
-uint8_t *label1_ptr, *label2_ptr;
-#endif
-#if TARGET_LONG_BITS == 64
-#if defined(CONFIG_SOFTMMU)
-uint8_t *label3_ptr;
-#endif
-int addr_reg2;
+uint8_t *label_ptr[3];
#endif
data_reg = *args++;
-if (opc == 3)
+if (opc == 3) {
data_reg2 = *args++;
-else
-data_reg2 = 0;
+}
addr_reg = *args++;
-#if TARGET_LONG_BITS == 64
-addr_reg2 = *args++;
-#endif
+if (TARGET_LONG_BITS == 64) {
+addr_reg2 = *args++;
+}
mem_index = *args;
s_bits = opc;
@@ -1001,28 +990,42 @@ static void tcg_out_qemu_st(TCGContext *s, const TCGArg
*args,
tcg_out_mov(s, r0, addr_reg);
-#if TARGET_LONG_BITS == 32
-/* je label1 */
-tcg_out8(s, OPC_JCC_short + JCC_JE);
-
[Qemu-devel] Re: lsi: Handle removal of selected devices
Aurelien Jarno wrote: > This patch: > > 64d564094cac5f72eeaeb950c442b773a00d3586 is the first bad commit > commit 64d564094cac5f72eeaeb950c442b773a00d3586 > Author: Jan Kiszka > Date: Tue May 4 14:21:03 2010 +0200 > > lsi: Handle removal of selected devices > > We must not store references to selected devices as they may be > hot-removed. Instead, look up the device based on its tag right before > using it. If the device disappeared, throw an interrupt and disconnect. > > Signed-off-by: Jan Kiszka > Signed-off-by: Anthony Liguori > > breaks the versatile machie. qemu-system-arm segfaults during the boot. Do you have an image for me? Or some gdb backtrace? Thanks, Jan -- Siemens AG, Corporate Technology, CT T DE IT 1 Corporate Competence Center Embedded Linux
[Qemu-devel] [PATCH 2/5] tcg-i386: Split out TLB Hit path from qemu_ld/st.
Splitting out these functions will allow further cleanups.
Signed-off-by: Richard Henderson
---
tcg/i386/tcg-target.c | 197 +
1 files changed, 102 insertions(+), 95 deletions(-)
diff --git a/tcg/i386/tcg-target.c b/tcg/i386/tcg-target.c
index 9226c1e..30c933c 100644
--- a/tcg/i386/tcg-target.c
+++ b/tcg/i386/tcg-target.c
@@ -704,9 +704,66 @@ static void *qemu_st_helpers[4] = {
};
#endif
-#ifndef CONFIG_USER_ONLY
-#define GUEST_BASE 0
+static void tcg_out_qemu_ld_direct(TCGContext *s, int datalo, int datahi,
+ int base, tcg_target_long ofs, int sizeop)
+{
+#ifdef TARGET_WORDS_BIGENDIAN
+const int bswap = 1;
+#else
+const int bswap = 0;
#endif
+switch (sizeop) {
+case 0:
+/* movzbl */
+tcg_out_modrm_offset(s, OPC_MOVZBL, datalo, base, ofs);
+break;
+case 0 | 4:
+/* movsbl */
+tcg_out_modrm_offset(s, OPC_MOVSBL, datalo, base, ofs);
+break;
+case 1:
+/* movzwl */
+tcg_out_modrm_offset(s, OPC_MOVZWL, datalo, base, ofs);
+if (bswap) {
+tcg_out_rolw_8(s, datalo);
+}
+break;
+case 1 | 4:
+/* movswl */
+tcg_out_modrm_offset(s, OPC_MOVSWL, datalo, base, ofs);
+if (bswap) {
+tcg_out_rolw_8(s, datalo);
+tcg_out_modrm(s, OPC_MOVSWL, datalo, datalo);
+}
+break;
+case 2:
+tcg_out_ld(s, TCG_TYPE_I32, datalo, base, ofs);
+if (bswap) {
+tcg_out_bswap32(s, datalo);
+}
+break;
+case 3:
+if (bswap) {
+int t = datalo;
+datalo = datahi;
+datahi = t;
+}
+if (base != datalo) {
+tcg_out_ld(s, TCG_TYPE_I32, datalo, base, ofs);
+tcg_out_ld(s, TCG_TYPE_I32, datahi, base, ofs + 4);
+} else {
+tcg_out_ld(s, TCG_TYPE_I32, datahi, base, ofs + 4);
+tcg_out_ld(s, TCG_TYPE_I32, datalo, base, ofs);
+}
+if (bswap) {
+tcg_out_bswap32(s, datalo);
+tcg_out_bswap32(s, datahi);
+}
+break;
+default:
+tcg_abort();
+}
+}
/* XXX: qemu_ld and qemu_st could be modified to clobber only EDX and
EAX. It will be useful once fixed registers globals are less
@@ -714,7 +771,7 @@ static void *qemu_st_helpers[4] = {
static void tcg_out_qemu_ld(TCGContext *s, const TCGArg *args,
int opc)
{
-int addr_reg, data_reg, data_reg2, r0, r1, mem_index, s_bits, bswap;
+int addr_reg, data_reg, data_reg2, r0, r1, mem_index, s_bits;
#if defined(CONFIG_SOFTMMU)
uint8_t *label1_ptr, *label2_ptr;
#endif
@@ -831,80 +888,74 @@ static void tcg_out_qemu_ld(TCGContext *s, const TCGArg
*args,
tcg_out_modrm_offset(s, OPC_ADD_GvEv, r0, r1,
offsetof(CPUTLBEntry, addend) -
offsetof(CPUTLBEntry, addr_read));
+
+tcg_out_qemu_ld_direct(s, data_reg, data_reg2, r0, 0, opc);
+
+/* label2: */
+*label2_ptr = s->code_ptr - label2_ptr - 1;
#else
-r0 = addr_reg;
+tcg_out_qemu_ld_direct(s, data_reg, data_reg2, addr_reg, GUEST_BASE, opc);
#endif
+}
+static void tcg_out_qemu_st_direct(TCGContext *s, int datalo, int datahi,
+ int base, tcg_target_long ofs, int sizeop)
+{
#ifdef TARGET_WORDS_BIGENDIAN
-bswap = 1;
+const int bswap = 1;
#else
-bswap = 0;
+const int bswap = 0;
#endif
-switch(opc) {
+/* ??? Ideally we wouldn't need a scratch register. For user-only,
+ we could perform the bswap twice to restore the original value
+ instead of moving to the scratch. But as it is, the L constraint
+ means that EDX is definitely free here. */
+int scratch = TCG_REG_EDX;
+
+switch (sizeop) {
case 0:
-/* movzbl */
-tcg_out_modrm_offset(s, OPC_MOVZBL, data_reg, r0, GUEST_BASE);
-break;
-case 0 | 4:
-/* movsbl */
-tcg_out_modrm_offset(s, OPC_MOVSBL, data_reg, r0, GUEST_BASE);
+tcg_out_modrm_offset(s, OPC_MOVB_EvGv, datalo, base, ofs);
break;
case 1:
-/* movzwl */
-tcg_out_modrm_offset(s, OPC_MOVZWL, data_reg, r0, GUEST_BASE);
-if (bswap) {
-tcg_out_rolw_8(s, data_reg);
-}
-break;
-case 1 | 4:
-/* movswl */
-tcg_out_modrm_offset(s, OPC_MOVSWL, data_reg, r0, GUEST_BASE);
if (bswap) {
-tcg_out_rolw_8(s, data_reg);
-
-/* movswl data_reg, data_reg */
-tcg_out_modrm(s, OPC_MOVSWL, data_reg, data_reg);
+tcg_out_mov(s, scratch, datalo);
+tcg_out_rolw_8(s, scratch);
+datalo = scratch;
}
+/* movw */
+tcg_out_modrm_offset(s, OPC_MOVL_EvGv | P_DATA16,
+ datalo, base, ofs);
break;
case 2:
-tcg_out_ld
[Qemu-devel] [PATCH 1/5] tcg-i386: Tidy data16 prefixes.
Include it in the opcode as an extension, as with P_EXT
or the REX bits in the x86-64 port.
Signed-off-by: Richard Henderson
---
tcg/i386/tcg-target.c | 28 ++--
1 files changed, 18 insertions(+), 10 deletions(-)
diff --git a/tcg/i386/tcg-target.c b/tcg/i386/tcg-target.c
index 396a2f1..9226c1e 100644
--- a/tcg/i386/tcg-target.c
+++ b/tcg/i386/tcg-target.c
@@ -156,7 +156,8 @@ static inline int tcg_target_const_match(tcg_target_long
val,
return 0;
}
-#define P_EXT 0x100 /* 0x0f opcode prefix */
+#define P_EXT 0x100 /* 0x0f opcode prefix */
+#define P_DATA16 0x200 /* 0x66 opcode prefix */
#define OPC_ARITH_EvIz (0x81)
#define OPC_ARITH_EvIb (0x83)
@@ -262,8 +263,12 @@ static const uint8_t tcg_cond_to_jcc[10] = {
static inline void tcg_out_opc(TCGContext *s, int opc)
{
-if (opc & P_EXT)
+if (opc & P_DATA16) {
+tcg_out8(s, 0x66);
+}
+if (opc & P_EXT) {
tcg_out8(s, 0x0f);
+}
tcg_out8(s, opc);
}
@@ -396,10 +401,14 @@ static inline void tcg_out_st(TCGContext *s, TCGType
type, int arg,
static void tcg_out_shifti(TCGContext *s, int subopc, int reg, int count)
{
+/* Propagate an opcode prefix, such as P_DATA16. */
+int ext = subopc & ~0x7;
+subopc &= 0x7;
+
if (count == 1) {
-tcg_out_modrm(s, OPC_SHIFT_1, subopc, reg);
+tcg_out_modrm(s, OPC_SHIFT_1 | ext, subopc, reg);
} else {
-tcg_out_modrm(s, OPC_SHIFT_Ib, subopc, reg);
+tcg_out_modrm(s, OPC_SHIFT_Ib | ext, subopc, reg);
tcg_out8(s, count);
}
}
@@ -411,8 +420,7 @@ static inline void tcg_out_bswap32(TCGContext *s, int reg)
static inline void tcg_out_rolw_8(TCGContext *s, int reg)
{
-tcg_out8(s, 0x66);
-tcg_out_shifti(s, SHIFT_ROL, reg, 8);
+tcg_out_shifti(s, SHIFT_ROL | P_DATA16, reg, 8);
}
static inline void tcg_out_ext8u(TCGContext *s, int dest, int src)
@@ -1053,8 +1061,8 @@ static void tcg_out_qemu_st(TCGContext *s, const TCGArg
*args,
data_reg = r1;
}
/* movw */
-tcg_out8(s, 0x66);
-tcg_out_modrm_offset(s, OPC_MOVL_EvGv, data_reg, r0, GUEST_BASE);
+tcg_out_modrm_offset(s, OPC_MOVL_EvGv | P_DATA16,
+ data_reg, r0, GUEST_BASE);
break;
case 2:
if (bswap) {
@@ -1159,8 +1167,8 @@ static inline void tcg_out_op(TCGContext *s, TCGOpcode
opc,
break;
case INDEX_op_st16_i32:
/* movw */
-tcg_out8(s, 0x66);
-tcg_out_modrm_offset(s, OPC_MOVL_EvGv, args[0], args[1], args[2]);
+tcg_out_modrm_offset(s, OPC_MOVL_EvGv | P_DATA16,
+ args[0], args[1], args[2]);
break;
case INDEX_op_st_i32:
tcg_out_st(s, TCG_TYPE_I32, args[0], args[1], args[2]);
--
1.7.0.1
[Qemu-devel] [PATCH 5/5] tcg-i386: Remove some ifdefs in qemu_ld/st.
Tidy some code by replacing ifdefs by C ifs.
Signed-off-by: Richard Henderson
---
tcg/i386/tcg-target.c | 85 ++---
1 files changed, 38 insertions(+), 47 deletions(-)
diff --git a/tcg/i386/tcg-target.c b/tcg/i386/tcg-target.c
index cf621da..8a9122c 100644
--- a/tcg/i386/tcg-target.c
+++ b/tcg/i386/tcg-target.c
@@ -842,7 +842,7 @@ static void tcg_out_qemu_ld(TCGContext *s, const TCGArg
*args,
int data_reg, data_reg2 = 0;
int addrlo_idx;
#if defined(CONFIG_SOFTMMU)
-int mem_index, s_bits;
+int mem_index, s_bits, arg_idx;
uint8_t *label_ptr[3];
#endif
@@ -877,12 +877,14 @@ static void tcg_out_qemu_ld(TCGContext *s, const TCGArg
*args,
}
/* XXX: move that code at the end of the TB */
-#if TARGET_LONG_BITS == 32
-tcg_out_movi(s, TCG_TYPE_I32, TCG_REG_EDX, mem_index);
-#else
-tcg_out_mov(s, TCG_REG_EDX, args[addrlo_idx + 1]);
-tcg_out_movi(s, TCG_TYPE_I32, TCG_REG_ECX, mem_index);
-#endif
+/* EAX is already loaded. */
+arg_idx = 1;
+if (TARGET_LONG_BITS == 64) {
+tcg_out_mov(s, tcg_target_call_iarg_regs[arg_idx++],
+args[addrlo_idx + 1]);
+}
+tcg_out_movi(s, TCG_TYPE_I32, tcg_target_call_iarg_regs[arg_idx],
+ mem_index);
tcg_out_calli(s, (tcg_target_long)qemu_ld_helpers[s_bits]);
switch(opc) {
@@ -1018,51 +1020,40 @@ static void tcg_out_qemu_st(TCGContext *s, const TCGArg
*args,
}
/* XXX: move that code at the end of the TB */
-#if TARGET_LONG_BITS == 32
-if (opc == 3) {
+if (TARGET_LONG_BITS == 32) {
tcg_out_mov(s, TCG_REG_EDX, data_reg);
-tcg_out_mov(s, TCG_REG_ECX, data_reg2);
-tcg_out_pushi(s, mem_index);
-stack_adjust = 4;
-} else {
-switch(opc) {
-case 0:
-tcg_out_ext8u(s, TCG_REG_EDX, data_reg);
-break;
-case 1:
-tcg_out_ext16u(s, TCG_REG_EDX, data_reg);
-break;
-case 2:
-tcg_out_mov(s, TCG_REG_EDX, data_reg);
-break;
+if (opc == 3) {
+tcg_out_mov(s, TCG_REG_ECX, data_reg2);
+tcg_out_pushi(s, mem_index);
+stack_adjust = 4;
+} else {
+tcg_out_movi(s, TCG_TYPE_I32, TCG_REG_ECX, mem_index);
+stack_adjust = 0;
}
-tcg_out_movi(s, TCG_TYPE_I32, TCG_REG_ECX, mem_index);
-stack_adjust = 0;
-}
-#else
-if (opc == 3) {
-tcg_out_mov(s, TCG_REG_EDX, args[addrlo_idx + 1]);
-tcg_out_pushi(s, mem_index);
-tcg_out_push(s, data_reg2);
-tcg_out_push(s, data_reg);
-stack_adjust = 12;
} else {
-tcg_out_mov(s, TCG_REG_EDX, args[addrlo_idx + 1]);
-switch(opc) {
-case 0:
-tcg_out_ext8u(s, TCG_REG_ECX, data_reg);
-break;
-case 1:
-tcg_out_ext16u(s, TCG_REG_ECX, data_reg);
-break;
-case 2:
-tcg_out_mov(s, TCG_REG_ECX, data_reg);
-break;
+if (opc == 3) {
+tcg_out_mov(s, TCG_REG_EDX, args[addrlo_idx + 1]);
+tcg_out_pushi(s, mem_index);
+tcg_out_push(s, data_reg2);
+tcg_out_push(s, data_reg);
+stack_adjust = 12;
+} else {
+tcg_out_mov(s, TCG_REG_EDX, args[addrlo_idx + 1]);
+switch(opc) {
+case 0:
+tcg_out_ext8u(s, TCG_REG_ECX, data_reg);
+break;
+case 1:
+tcg_out_ext16u(s, TCG_REG_ECX, data_reg);
+break;
+case 2:
+tcg_out_mov(s, TCG_REG_ECX, data_reg);
+break;
+}
+tcg_out_pushi(s, mem_index);
+stack_adjust = 4;
}
-tcg_out_pushi(s, mem_index);
-stack_adjust = 4;
}
-#endif
tcg_out_calli(s, (tcg_target_long)qemu_st_helpers[s_bits]);
--
1.7.0.1
Re: [Qemu-devel] Re: lsi: Handle removal of selected devices
Jan Kiszka wrote: > Jan Kiszka wrote: >> Aurelien Jarno wrote: >>> On Fri, May 21, 2010 at 05:49:26PM +0200, Aurelien Jarno wrote: This patch: 64d564094cac5f72eeaeb950c442b773a00d3586 is the first bad commit commit 64d564094cac5f72eeaeb950c442b773a00d3586 Author: Jan Kiszka Date: Tue May 4 14:21:03 2010 +0200 lsi: Handle removal of selected devices We must not store references to selected devices as they may be hot-removed. Instead, look up the device based on its tag right before using it. If the device disappeared, throw an interrupt and disconnect. Signed-off-by: Jan Kiszka Signed-off-by: Anthony Liguori breaks the versatile machine. qemu-system-arm segfaults during the boot. >>> Actually it only seems to be the case with old kernels. I have put the >>> material to reproduce the bug here: >>> >>> http://temp.aurel32.net/qemu-versatile/ >>> >> Ah, perfect. Will have a look. >> > > Boots fine up to "Waiting for root file system". That's on a 64-bit > host. Are you on 32 bits? Forget it - shouldn't blindly run the suggested command line. With the right qemu is crashes properly. Jan -- Siemens AG, Corporate Technology, CT T DE IT 1 Corporate Competence Center Embedded Linux
Re: [Qemu-devel] Re: lsi: Handle removal of selected devices
Jan Kiszka wrote: > Aurelien Jarno wrote: >> On Fri, May 21, 2010 at 05:49:26PM +0200, Aurelien Jarno wrote: >>> This patch: >>> >>> 64d564094cac5f72eeaeb950c442b773a00d3586 is the first bad commit >>> commit 64d564094cac5f72eeaeb950c442b773a00d3586 >>> Author: Jan Kiszka >>> Date: Tue May 4 14:21:03 2010 +0200 >>> >>> lsi: Handle removal of selected devices >>> >>> We must not store references to selected devices as they may be >>> hot-removed. Instead, look up the device based on its tag right before >>> using it. If the device disappeared, throw an interrupt and disconnect. >>> >>> Signed-off-by: Jan Kiszka >>> Signed-off-by: Anthony Liguori >>> >>> breaks the versatile machine. qemu-system-arm segfaults during the boot. >> Actually it only seems to be the case with old kernels. I have put the >> material to reproduce the bug here: >> >> http://temp.aurel32.net/qemu-versatile/ >> > > Ah, perfect. Will have a look. > Boots fine up to "Waiting for root file system". That's on a 64-bit host. Are you on 32 bits? Jan -- Siemens AG, Corporate Technology, CT T DE IT 1 Corporate Competence Center Embedded Linux
[Qemu-devel] [Bug 583462] Re: qemu disables screensaver
Debian bugreport about this: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=578672 (#578672). I tried it here again, with your program (using 0.12.4 from debian) - and it works as expected for me, no resets every 4 secs, screen saver triggers after configured time even if the input is grabbed by kvm window (Ctrl+Alt). Hmmm? ** Bug watch added: Debian Bug tracker #578672 http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=578672 -- qemu disables screensaver https://bugs.launchpad.net/bugs/583462 You received this bug notification because you are a member of qemu- devel-ml, which is subscribed to QEMU. Status in QEMU: New Bug description: lucid, with compiz and fglrx: Screensaver on host will not kick in when qemu is running (kvm or no kvm). It seems to be related to the fact that the idle time reported by libXss.so on the host is being reset every four seconds or so when qemu is running, eventhough there is no activity on either guest or host.
Re: [Qemu-devel] [PATCH] [S390] Remove warning in tcg stub (tcg_out_reloc)
On Tue, May 11, 2010 at 06:23:32PM +0200, Alexander Graf wrote:
> On S390 we don't have a real TCG implementation but use a stub instead. This
> stub obviously doesn't call any of the TCG helper functions that are usually
> used by the other TCG targets.
>
> If such a helper function is static though, we end up getting a warning that
> turns into an error thanks to Werror. So to successfully compile qemu, we need
> to get rid of it. In this case it's tcg_out_reloc.
>
> To do that, I figured the easiest way is to call tcg_out_reloc with dumb
> parameters after an abort call. That way the code in question never gets
> executed, but we got rid of the warning.
>
> Signed-off-by: Alexander Graf
> ---
> tcg/s390/tcg-target.c |6 ++
> 1 files changed, 6 insertions(+), 0 deletions(-)
>
> diff --git a/tcg/s390/tcg-target.c b/tcg/s390/tcg-target.c
> index 265194a..f1a336d 100644
> --- a/tcg/s390/tcg-target.c
> +++ b/tcg/s390/tcg-target.c
> @@ -35,6 +35,12 @@ static void patch_reloc(uint8_t *code_ptr, int type,
> tcg_target_long value, tcg_target_long addend)
> {
> tcg_abort();
> +
> +/*
> + * XXX We need to call this function at least once, since it's static.
> + * Please remove that code when implementing real s390x tcg support.
> + */
> +tcg_out_reloc(NULL, NULL, 0, 0, 0);
> }
>
What about declaring tcg_out_reloc static inline?
--
Aurelien Jarno GPG: 1024D/F1BCDB73
aurel...@aurel32.net http://www.aurel32.net
Re: [Qemu-devel] [Bug 453617] Re: kvm hangs at 100% cpu when connecting to forwarded ports (when listed incorrectly on the command line)
21.05.2010 19:42, Gleb Natapov wrote: ProblemType: Bug Architecture: amd64 Date: Fri Oct 16 17:19:59 2009 DistroRelease: Ubuntu 9.10 What is the point forwarding distro bugs here? Can we have upstream bug tracker to report upstream issues? Um, this _is_ upstream issue, as far as I can see. It exists in qemu-kvm-0.12.4 at least, I just verified. What's wrong with that forwarding? /mjt
[Qemu-devel] [PATCH 4/5] tcg-i386: Split out tlb load function.
Share some code between qemu_ld and qemu_st.
Signed-off-by: Richard Henderson
---
tcg/i386/tcg-target.c | 203 +++-
1 files changed, 97 insertions(+), 106 deletions(-)
diff --git a/tcg/i386/tcg-target.c b/tcg/i386/tcg-target.c
index 0d85ec0..cf621da 100644
--- a/tcg/i386/tcg-target.c
+++ b/tcg/i386/tcg-target.c
@@ -702,6 +702,74 @@ static void *qemu_st_helpers[4] = {
__stl_mmu,
__stq_mmu,
};
+
+/* Perform the TLB load and compare.
+
+ Inputs:
+ ADDRLO_IDX contains the index into ARGS of the low part of the
+ address; the high part of the address is at ADDR_LOW_IDX+1.
+
+ MEM_INDEX and S_BITS are the memory context and log2 size of the load.
+
+ WHICH is the offset into the CPUTLBEntry structure of the slot to read.
+ This should be offsetof addr_read or addr_write.
+
+ Outputs:
+ LABEL_PTRS is filled with 1 (32-bit addresses) or 2 (64-bit addresses)
+ positions of the displacements of forward jumps to the TLB miss case.
+
+ EAX is loaded with the low part of the address. In the TLB hit case,
+ it has been adjusted as indicated by the TLB and so is a host address.
+ In the TLB miss case, it continues to hold a guest address.
+
+ EDX is clobbered. */
+
+static void tcg_out_tlb_load(TCGContext *s, int addrlo_idx, int mem_index,
+ int s_bits, const TCGArg *args,
+ uint8_t **label_ptr, int which)
+{
+const int addrlo = args[addrlo_idx];
+const int r0 = TCG_REG_EAX;
+const int r1 = TCG_REG_EDX;
+
+tcg_out_mov(s, r1, addrlo);
+tcg_out_mov(s, r0, addrlo);
+
+tcg_out_shifti(s, SHIFT_SHR, r1, TARGET_PAGE_BITS - CPU_TLB_ENTRY_BITS);
+
+tgen_arithi(s, ARITH_AND, r0, TARGET_PAGE_MASK | ((1 << s_bits) - 1), 0);
+tgen_arithi(s, ARITH_AND, r1, (CPU_TLB_SIZE - 1) << CPU_TLB_ENTRY_BITS, 0);
+
+tcg_out_modrm_sib_offset(s, OPC_LEA, r1, TCG_AREG0, r1, 0,
+ offsetof(CPUState, tlb_table[mem_index][0])
+ + which);
+
+/* cmp 0(r1), r0 */
+tcg_out_modrm_offset(s, OPC_CMP_GvEv, r0, r1, 0);
+
+tcg_out_mov(s, r0, addrlo);
+
+/* jne label1 */
+tcg_out8(s, OPC_JCC_short + JCC_JNE);
+label_ptr[0] = s->code_ptr;
+s->code_ptr++;
+
+if (TARGET_LONG_BITS == 64) {
+/* cmp 4(r1), addrhi */
+tcg_out_modrm_offset(s, OPC_CMP_GvEv, args[addrlo_idx+1], r1, 4);
+
+/* jne label1 */
+tcg_out8(s, OPC_JCC_short + JCC_JNE);
+label_ptr[1] = s->code_ptr;
+s->code_ptr++;
+}
+
+/* TLB Hit. */
+
+/* add addend(r1), r0 */
+tcg_out_modrm_offset(s, OPC_ADD_GvEv, r0, r1,
+ offsetof(CPUTLBEntry, addend) - which);
+}
#endif
static void tcg_out_qemu_ld_direct(TCGContext *s, int datalo, int datahi,
@@ -771,68 +839,29 @@ static void tcg_out_qemu_ld_direct(TCGContext *s, int
datalo, int datahi,
static void tcg_out_qemu_ld(TCGContext *s, const TCGArg *args,
int opc)
{
-int addr_reg, addr_reg2 = 0;
int data_reg, data_reg2 = 0;
-int r0, r1, mem_index, s_bits;
+int addrlo_idx;
#if defined(CONFIG_SOFTMMU)
+int mem_index, s_bits;
uint8_t *label_ptr[3];
#endif
-data_reg = *args++;
+data_reg = args[0];
+addrlo_idx = 1;
if (opc == 3) {
-data_reg2 = *args++;
+data_reg2 = args[1];
+addrlo_idx = 2;
}
-addr_reg = *args++;
-if (TARGET_LONG_BITS == 64) {
-addr_reg2 = *args++;
-}
-mem_index = *args;
-s_bits = opc & 3;
-
-r0 = TCG_REG_EAX;
-r1 = TCG_REG_EDX;
#if defined(CONFIG_SOFTMMU)
-tcg_out_mov(s, r1, addr_reg);
-tcg_out_mov(s, r0, addr_reg);
-
-tcg_out_shifti(s, SHIFT_SHR, r1, TARGET_PAGE_BITS - CPU_TLB_ENTRY_BITS);
-
-tgen_arithi(s, ARITH_AND, r0, TARGET_PAGE_MASK | ((1 << s_bits) - 1), 0);
-tgen_arithi(s, ARITH_AND, r1, (CPU_TLB_SIZE - 1) << CPU_TLB_ENTRY_BITS, 0);
-
-tcg_out_modrm_sib_offset(s, OPC_LEA, r1, TCG_AREG0, r1, 0,
- offsetof(CPUState,
- tlb_table[mem_index][0].addr_read));
-
-/* cmp 0(r1), r0 */
-tcg_out_modrm_offset(s, OPC_CMP_GvEv, r0, r1, 0);
-
-tcg_out_mov(s, r0, addr_reg);
-
-/* jne label1 */
-tcg_out8(s, OPC_JCC_short + JCC_JNE);
-label_ptr[0] = s->code_ptr;
-s->code_ptr++;
-
-if (TARGET_LONG_BITS == 64) {
-/* cmp 4(r1), addr_reg2 */
-tcg_out_modrm_offset(s, OPC_CMP_GvEv, addr_reg2, r1, 4);
+mem_index = args[addrlo_idx + (TARGET_LONG_BITS / 32)];
+s_bits = opc & 3;
-/* jne label1 */
-tcg_out8(s, OPC_JCC_short + JCC_JNE);
-label_ptr[1] = s->code_ptr;
-s->code_ptr++;
-}
+tcg_out_tlb_load(s, addrlo_idx, mem_index, s_bits, args,
+ label_ptr, offsetof(CPUTLBEntry, addr_read));
/* TLB Hit. */
-
-/* add x(r1), r0 */
-tcg_out_modrm_offset(s, OPC_ADD_Gv
Re: [Qemu-devel] [PATCH] linux-user: do not warn for missing pselect6
On Fri, May 07, 2010 at 12:28:05PM +, Riku Voipio wrote:
> Libc will fallback gracefully if pselect6 is not available. Thus put
> pselect6 to nowarn until the atomicity issues of the original pselect6
> patch are dealt with.
>
> Signed-off-by: Riku Voipio
> Cc: Michael Casadevall
Thanks, applied.
> ---
> linux-user/syscall.c |4
> 1 files changed, 4 insertions(+), 0 deletions(-)
>
> diff --git a/linux-user/syscall.c b/linux-user/syscall.c
> index 17599eb..09c16dc 100644
> --- a/linux-user/syscall.c
> +++ b/linux-user/syscall.c
> @@ -5199,6 +5199,10 @@ abi_long do_syscall(void *cpu_env, int num, abi_long
> arg1,
> }
> break;
> #endif
> +#ifdef TARGET_NR_pselect6
> +case TARGET_NR_pselect6:
> + goto unimplemented_nowarn;
> +#endif
> case TARGET_NR_symlink:
> {
> void *p2;
> --
> 1.6.5
>
>
>
>
--
Aurelien Jarno GPG: 1024D/F1BCDB73
aurel...@aurel32.net http://www.aurel32.net
Re: [Qemu-devel] [PATCH 0/7] alpha-linux syscall fixes
On Mon, May 03, 2010 at 10:07:48AM -0700, Richard Henderson wrote: > I've been doing a bit of testing of the alpha TCG port by running > QEMU compiled for alpha on QEMU compiled for x86-64. Which is an > interesting challenge for the linux-user code, and has found a > few bugs. > > > r~ > > > Richard Henderson (7): > alpha-linux-user: Fix brk error return. > alpha-linux-user: Fix siginfo.si_addr for SIGSEGV and SIGBUS. > alpha-linux-user: Add correct sigaction constants. > alpha-linux-user: Fix pipe return mechanism. > alpha-linux-user: Fix getxpid. > alpha-linux-user: Fix sigsuspend parameters. > alpha-linux-user: Fix sigprocmask. > > linux-user/main.c | 15 +-- > linux-user/syscall.c | 95 +++- > linux-user/syscall_defs.h |8 > 3 files changed, 94 insertions(+), 24 deletions(-) > Thanks, all applied. -- Aurelien Jarno GPG: 1024D/F1BCDB73 aurel...@aurel32.net http://www.aurel32.net
Re: [Qemu-devel] [PATCH 0/5] tcg: Initialize prologue after guest_base fixed
On Thu, May 06, 2010 at 08:50:40AM -0700, Richard Henderson wrote: > By doing this we can make any number of decisions about code generation > during the prologue. For instance, we can decide whether or not to > reserve a register to hold the value of GUEST_BASE. > > This fixes a latent bug in the two ppc ports in that GUEST_BASE was > being loaded as an immediate before the final value of GUEST_BASE is > computed. > > This also fixes some register reservation problems I noticed in the > ia64 port, while trying to decide which register to use for holding > GUEST_BASE across the TB. > > > r~ > > > > Richard Henderson (5): > tcg: Initialize the prologue after GUEST_BASE is fixed. > tcg-hppa: Load GUEST_BASE as an immediate. > tcg-ia64: Fix some register usage issues. > tcg-ia64: Load GUEST_BASE into a register. > tcg-ppc: Conditionally reserve TCG_GUEST_BASE_REG. > > bsd-user/main.c|9 ++- > exec.c |5 + > linux-user/main.c |9 ++- > tcg/hppa/tcg-target.c | 12 +-- > tcg/ia64/tcg-target.c | 199 > +++- > tcg/ppc/tcg-target.c |8 +- > tcg/ppc64/tcg-target.c |9 +- > tcg/tcg.c |3 + > tcg/tcg.h |1 + > 9 files changed, 167 insertions(+), 88 deletions(-) > Thanks, applied patches 1-4. -- Aurelien Jarno GPG: 1024D/F1BCDB73 aurel...@aurel32.net http://www.aurel32.net
Re: [Qemu-devel] [PATCH 0/5] tcg-i386: tidy softmmu code
On 05/21/2010 09:02 AM, Richard Henderson wrote: > This is sort-of part 2 of the patch series that I just edited and > re-posted for you. The majority of the patch series deals with > the SOFTMMU code. Gah. Sorry for the re-post of parts 10-15 of the previous series. r~
Re: [Qemu-devel] [PATCH] [S390] Remove warning in tcg stub (tcg_out_reloc)
On 05/21/2010 09:46 AM, Aurelien Jarno wrote: >> +tcg_out_reloc(NULL, NULL, 0, 0, 0); >> } >> > > What about declaring tcg_out_reloc static inline? I think we're not far away from a mergable s390 port. I think the smallest local change is best in the interim. r~
Re: [Qemu-devel] Re: lsi: Handle removal of selected devices
On Fri, May 21, 2010 at 05:49:26PM +0200, Aurelien Jarno wrote: > This patch: > > 64d564094cac5f72eeaeb950c442b773a00d3586 is the first bad commit > commit 64d564094cac5f72eeaeb950c442b773a00d3586 > Author: Jan Kiszka > Date: Tue May 4 14:21:03 2010 +0200 > > lsi: Handle removal of selected devices > > We must not store references to selected devices as they may be > hot-removed. Instead, look up the device based on its tag right before > using it. If the device disappeared, throw an interrupt and disconnect. > > Signed-off-by: Jan Kiszka > Signed-off-by: Anthony Liguori > > breaks the versatile machine. qemu-system-arm segfaults during the boot. Actually it only seems to be the case with old kernels. I have put the material to reproduce the bug here: http://temp.aurel32.net/qemu-versatile/ -- Aurelien Jarno GPG: 1024D/F1BCDB73 aurel...@aurel32.net http://www.aurel32.net
[Qemu-devel] Re: [PATCH] add support for protocol driver create_options
Am 20.05.2010 07:36, schrieb MORITA Kazutaka:
> This patch enables protocol drivers to use their create options which
> are not supported by the format. For example, protcol drivers can use
> a backing_file option with raw format.
>
> Signed-off-by: MORITA Kazutaka
> ---
> block.c |7 +++
> block.h |1 +
> qemu-img.c| 49 ++---
> qemu-option.c | 52 +---
> qemu-option.h |2 ++
> 5 files changed, 85 insertions(+), 26 deletions(-)
>
> diff --git a/block.c b/block.c
> index 48d8468..0ab9424 100644
> --- a/block.c
> +++ b/block.c
> @@ -56,7 +56,6 @@ static int bdrv_read_em(BlockDriverState *bs, int64_t
> sector_num,
> uint8_t *buf, int nb_sectors);
> static int bdrv_write_em(BlockDriverState *bs, int64_t sector_num,
> const uint8_t *buf, int nb_sectors);
> -static BlockDriver *find_protocol(const char *filename);
>
> static QTAILQ_HEAD(, BlockDriverState) bdrv_states =
> QTAILQ_HEAD_INITIALIZER(bdrv_states);
> @@ -210,7 +209,7 @@ int bdrv_create_file(const char* filename,
> QEMUOptionParameter *options)
> {
> BlockDriver *drv;
>
> -drv = find_protocol(filename);
> +drv = bdrv_find_protocol(filename);
> if (drv == NULL) {
> drv = bdrv_find_format("file");
> }
> @@ -283,7 +282,7 @@ static BlockDriver *find_hdev_driver(const char *filename)
> return drv;
> }
>
> -static BlockDriver *find_protocol(const char *filename)
> +BlockDriver *bdrv_find_protocol(const char *filename)
> {
> BlockDriver *drv1;
> char protocol[128];
> @@ -469,7 +468,7 @@ int bdrv_file_open(BlockDriverState **pbs, const char
> *filename, int flags)
> BlockDriver *drv;
> int ret;
>
> -drv = find_protocol(filename);
> +drv = bdrv_find_protocol(filename);
> if (!drv) {
> return -ENOENT;
> }
> diff --git a/block.h b/block.h
> index 24efeb6..9034ebb 100644
> --- a/block.h
> +++ b/block.h
> @@ -54,6 +54,7 @@ void bdrv_info_stats(Monitor *mon, QObject **ret_data);
>
> void bdrv_init(void);
> void bdrv_init_with_whitelist(void);
> +BlockDriver *bdrv_find_protocol(const char *filename);
> BlockDriver *bdrv_find_format(const char *format_name);
> BlockDriver *bdrv_find_whitelisted_format(const char *format_name);
> int bdrv_create(BlockDriver *drv, const char* filename,
> diff --git a/qemu-img.c b/qemu-img.c
> index d3c30a7..8ae7184 100644
> --- a/qemu-img.c
> +++ b/qemu-img.c
> @@ -252,8 +252,8 @@ static int img_create(int argc, char **argv)
> const char *base_fmt = NULL;
> const char *filename;
> const char *base_filename = NULL;
> -BlockDriver *drv;
> -QEMUOptionParameter *param = NULL;
> +BlockDriver *drv, *proto_drv;
> +QEMUOptionParameter *param = NULL, *create_options = NULL;
> char *options = NULL;
>
> flags = 0;
> @@ -286,33 +286,42 @@ static int img_create(int argc, char **argv)
> }
> }
>
> +/* Get the filename */
> +if (optind >= argc)
> +help();
> +filename = argv[optind++];
> +
> /* Find driver and parse its options */
> drv = bdrv_find_format(fmt);
> if (!drv)
> error("Unknown file format '%s'", fmt);
>
> +proto_drv = bdrv_find_protocol(filename);
> +if (!proto_drv)
> +error("Unknown protocol '%s'", filename);
> +
> +create_options = append_option_parameters(create_options,
> + drv->create_options);
> +create_options = append_option_parameters(create_options,
> + proto_drv->create_options);
> +
> if (options && !strcmp(options, "?")) {
> -print_option_help(drv->create_options);
> +print_option_help(create_options);
> return 0;
> }
>
> /* Create parameter list with default values */
> -param = parse_option_parameters("", drv->create_options, param);
> +param = parse_option_parameters("", create_options, param);
> set_option_parameter_int(param, BLOCK_OPT_SIZE, -1);
>
> /* Parse -o options */
> if (options) {
> -param = parse_option_parameters(options, drv->create_options, param);
> +param = parse_option_parameters(options, create_options, param);
> if (param == NULL) {
> error("Invalid options for file format '%s'.", fmt);
> }
> }
>
> -/* Get the filename */
> -if (optind >= argc)
> -help();
> -filename = argv[optind++];
> -
> /* Add size to parameters */
> if (optind < argc) {
> set_option_parameter(param, BLOCK_OPT_SIZE, argv[optind++]);
> @@ -362,6 +371,7 @@ static int img_create(int argc, char **argv)
> puts("");
>
> ret = bdrv_create(drv, filename, param);
> +free_option_parameters(create_options);
> free_option_parameters(param);
>
> if (ret < 0
[Qemu-devel] [PATCH] lsi: Fix value overflow in request tag processing
This fixes a mismerge of 64d564094cac5f72eeaeb950c442b773a00d3586 (wrong
patch version): We need to mask the tag value properly to obtain its
device ID.
Signed-off-by: Jan Kiszka
---
hw/lsi53c895a.c |4 ++--
1 files changed, 2 insertions(+), 2 deletions(-)
diff --git a/hw/lsi53c895a.c b/hw/lsi53c895a.c
index 9d3c44d..f5a91ba 100644
--- a/hw/lsi53c895a.c
+++ b/hw/lsi53c895a.c
@@ -543,7 +543,7 @@ static void lsi_do_dma(LSIState *s, int out)
return;
}
-id = s->current->tag >> 8;
+id = (s->current->tag >> 8) & 0xf;
dev = s->bus.devs[id];
if (!dev) {
lsi_bad_selection(s, id);
@@ -745,7 +745,7 @@ static void lsi_do_command(LSIState *s)
s->sfbr = buf[0];
s->command_complete = 0;
-id = s->select_tag >> 8;
+id = (s->select_tag >> 8) & 0xf;
dev = s->bus.devs[id];
if (!dev) {
lsi_bad_selection(s, id);
--
1.6.0.2
Re: [Qemu-devel] Re: lsi: Handle removal of selected devices
Jan Kiszka a écrit : > Aurelien Jarno wrote: >> On Fri, May 21, 2010 at 05:49:26PM +0200, Aurelien Jarno wrote: >>> This patch: >>> >>> 64d564094cac5f72eeaeb950c442b773a00d3586 is the first bad commit >>> commit 64d564094cac5f72eeaeb950c442b773a00d3586 >>> Author: Jan Kiszka >>> Date: Tue May 4 14:21:03 2010 +0200 >>> >>> lsi: Handle removal of selected devices >>> >>> We must not store references to selected devices as they may be >>> hot-removed. Instead, look up the device based on its tag right before >>> using it. If the device disappeared, throw an interrupt and disconnect. >>> >>> Signed-off-by: Jan Kiszka >>> Signed-off-by: Anthony Liguori >>> >>> breaks the versatile machine. qemu-system-arm segfaults during the boot. >> Actually it only seems to be the case with old kernels. I have put the >> material to reproduce the bug here: >> >> http://temp.aurel32.net/qemu-versatile/ >> > > Ah, perfect. Will have a look. > Thanks. -- Aurelien Jarno GPG: 1024D/F1BCDB73 aurel...@aurel32.net http://www.aurel32.net
[Qemu-devel] [PATCH] alpha-linux-user: Fill in SI_CODE for SIGSEGV.
Signed-off-by: Richard Henderson --- linux-user/main.c |3 ++- 1 files changed, 2 insertions(+), 1 deletions(-) diff --git a/linux-user/main.c b/linux-user/main.c index b240f29..de1076b 100644 --- a/linux-user/main.c +++ b/linux-user/main.c @@ -2433,7 +2433,8 @@ void cpu_loop (CPUState *env) env->lock_addr = -1; info.si_signo = TARGET_SIGSEGV; info.si_errno = 0; -info.si_code = 0; /* ??? SEGV_MAPERR vs SEGV_ACCERR. */ +info.si_code = (page_get_flags(env->ipr[IPR_EXC_ADDR]) & PAGE_VALID +? TARGET_SEGV_ACCERR : TARGET_SEGV_MAPERR); info._sifields._sigfault._addr = env->ipr[IPR_EXC_ADDR]; queue_signal(env, info.si_signo, &info); break; -- 1.7.0.1
Re: [Qemu-devel] Re: lsi: Handle removal of selected devices
Aurelien Jarno wrote: > On Fri, May 21, 2010 at 05:49:26PM +0200, Aurelien Jarno wrote: >> This patch: >> >> 64d564094cac5f72eeaeb950c442b773a00d3586 is the first bad commit >> commit 64d564094cac5f72eeaeb950c442b773a00d3586 >> Author: Jan Kiszka >> Date: Tue May 4 14:21:03 2010 +0200 >> >> lsi: Handle removal of selected devices >> >> We must not store references to selected devices as they may be >> hot-removed. Instead, look up the device based on its tag right before >> using it. If the device disappeared, throw an interrupt and disconnect. >> >> Signed-off-by: Jan Kiszka >> Signed-off-by: Anthony Liguori >> >> breaks the versatile machine. qemu-system-arm segfaults during the boot. > > Actually it only seems to be the case with old kernels. I have put the > material to reproduce the bug here: > > http://temp.aurel32.net/qemu-versatile/ > Ah, perfect. Will have a look. Jan -- Siemens AG, Corporate Technology, CT T DE IT 1 Corporate Competence Center Embedded Linux
[Qemu-devel] [PATCH] Fix --enable-user-pie compilation.
We forgot to propagate -fpie to the libdis-user directory. Signed-off-by: Richard Henderson --- configure |3 +++ 1 files changed, 3 insertions(+), 0 deletions(-) diff --git a/configure b/configure index 3cd2c5f..ba3aaac 100755 --- a/configure +++ b/configure @@ -2355,6 +2355,9 @@ for d in libdis libdis-user; do ln -s $source_path/Makefile.dis $d/Makefile echo > $d/config.mak done +if test "$static" = "no" -a "$user_pie" = "yes" ; then + echo "QEMU_CFLAGS+=-fpie" > libdis-user/config.mak +fi for target in $target_list; do target_dir="$target" -- 1.7.0.1
Re: [Qemu-devel] linux-user mmap bug
On 05/21/2010 06:28 AM, Edgar E. Iglesias wrote: > ptr = mmap(g2h(addr), size, PROT_NONE, > - MAP_ANONYMOUS|MAP_PRIVATE|MAP_NORESERVE, -1, 0); > + /* When the kernel returns addresses that the guest > + cannot use we might need to fallback to fixed > + allocations. */ > + (addr ? MAP_FIXED : 0) > + | MAP_ANONYMOUS|MAP_PRIVATE|MAP_NORESERVE, -1, 0); NACK. We are in fact probing for a free address in this loop, so you don't know that the address being tested is in fact free. I have a patch series that attempts to clean this up, but it isn't quite optimal. I'll post it for reference, however. r~
Re: [Qemu-devel] [PATCH 1/2] trace: Add simple tracing support
Anthony Liguori wrote:
> On 05/21/2010 08:46 AM, Jan Kiszka wrote:
>> Anthony Liguori wrote:
>>
>>> On 05/21/2010 04:42 AM, Stefan Hajnoczi wrote:
>>>
Trace events should be defined in trace.h. Events are written to
/tmp/trace.log and can be formatted using trace.py. Remember to add
events to trace.py for pretty-printing.
Signed-off-by: Stefan Hajnoczi
---
Makefile.objs |2 +-
trace.c | 64
+
trace.h |9
trace.py | 30 ++
4 files changed, 104 insertions(+), 1 deletions(-)
create mode 100644 trace.c
create mode 100644 trace.h
create mode 100755 trace.py
diff --git a/Makefile.objs b/Makefile.objs
index acbaf22..307e989 100644
--- a/Makefile.objs
+++ b/Makefile.objs
@@ -8,7 +8,7 @@ qobject-obj-y += qerror.o
# block-obj-y is code used by both qemu system emulation and qemu-img
block-obj-y = cutils.o cache-utils.o qemu-malloc.o qemu-option.o
module.o
-block-obj-y += nbd.o block.o aio.o aes.o osdep.o qemu-config.o
+block-obj-y += nbd.o block.o aio.o aes.o osdep.o qemu-config.o trace.o
block-obj-$(CONFIG_POSIX) += posix-aio-compat.o
block-obj-$(CONFIG_LINUX_AIO) += linux-aio.o
diff --git a/trace.c b/trace.c
new file mode 100644
index 000..2fec4d3
--- /dev/null
+++ b/trace.c
@@ -0,0 +1,64 @@
+#include
+#include
+#include "trace.h"
+
+typedef struct {
+unsigned long event;
+unsigned long x1;
+unsigned long x2;
+unsigned long x3;
+unsigned long x4;
+unsigned long x5;
+} TraceRecord;
+
+enum {
+TRACE_BUF_LEN = 64 * 1024 / sizeof(TraceRecord),
+};
+
+static TraceRecord trace_buf[TRACE_BUF_LEN];
+static unsigned int trace_idx;
+static FILE *trace_fp;
+
+static void trace(TraceEvent event, unsigned long x1,
+ unsigned long x2, unsigned long x3,
+ unsigned long x4, unsigned long x5) {
+TraceRecord *rec =&trace_buf[trace_idx];
+rec->event = event;
+rec->x1 = x1;
+rec->x2 = x2;
+rec->x3 = x3;
+rec->x4 = x4;
+rec->x5 = x5;
+
+if (++trace_idx == TRACE_BUF_LEN) {
+trace_idx = 0;
+
+if (!trace_fp) {
+trace_fp = fopen("/tmp/trace.log", "w");
+}
+if (trace_fp) {
+size_t result = fwrite(trace_buf, sizeof trace_buf, 1,
trace_fp);
+result = result;
+}
+}
+}
>>> It is probably worth while to read trace points via the monitor or
>>> through some other mechanism. My concern would be that writing even 64k
>>> out to disk would introduce enough performance overhead mainly because
>>> it runs lock-step with the guest's VCPU.
>>>
>>> Maybe it's worth adding a thread that syncs the ring to disk if we want
>>> to write to disk?
>>>
>> That's not what QEMU should worry about. If somehow possible, let's push
>> this into the hands of a (user space) tracing framework, ideally one
>> that is already designed for such requirements. E.g. there exists quite
>> useful work in the context of LTTng (user space RCU for application
>> tracing).
>>
>
> From what I understand, none of the current kernel approaches to
> userspace tracing have much momentum at the moment.
>
>> We may need simple stubs for the case that no such framework is (yet)
>> available. But effort should focus on a QEMU infrastructure to add
>> useful tracepoints to the code. Specifically when tracing over KVM, you
>> usually need information about kernel states as well, so you depend on
>> an integrated approach, not Yet Another Log File.
>>
>
> I think the simple code that Stefan pasted gives us 95% of what we need.
IMHO not 95%, but it is a start.
I would just like to avoid that too much efforts are spent on
re-inventing smart trace buffers, trace daemons, or trace visualization
tools. Then better pick up some semi-perfect approach (e.g. [1], it
unfortunately still seems to lack kernel integration) and drive it
according to our needs.
Jan
[1] http://lttng.org/ust
--
Siemens AG, Corporate Technology, CT T DE IT 1
Corporate Competence Center Embedded Linux
Re: [Qemu-devel] [PATCH 00/15] tcg-i386 cleanup and improvement, v3
On Fri, May 21, 2010 at 08:30:20AM -0700, Richard Henderson wrote: > Changes v2->v3: > * ext8u and ext8s operate on 'q' register inputs only. > * pushi is inline and loses the ifdef. > * trailing whitespace cleanup > > > r~ > > > Richard Henderson (15): > tcg-i386: Tidy ext8u and ext16u operations. > tcg-i386: Tidy ext8s and ext16s operations. > tcg-i386: Tidy immediate arithmetic operations. > tcg-i386: Tidy non-immediate arithmetic operations. > tcg-i386: Tidy movi. > tcg-i386: Tidy push/pop. > tcg-i386: Tidy calls. > tcg-i386: Tidy ret. > tcg-i386: Tidy setcc. > tcg-i386: Tidy unary arithmetic. > tcg-i386: Tidy multiply. > tcg-i386: Tidy xchg. > tcg-i386: Tidy lea. > tcg-i386: Use lea for three-operand add. > tcg-i386: Nuke trailing whitespace. > > tcg/i386/tcg-target.c | 504 > ++--- > 1 files changed, 308 insertions(+), 196 deletions(-) > Thanks, all applied. -- Aurelien Jarno GPG: 1024D/F1BCDB73 aurel...@aurel32.net http://www.aurel32.net
