Re: [Qemu-devel] [PATCH 2/2] Support for Cavium-Octeon specific instruction

[Khansa Butt]

We ported MIPS64 r2 user mode emulation. When a binary is given to
qemu-mips64, our code first check whether it is Octeon binary or not if yes
it  enable Octeon specific Instructions for. The following code snippet do
this job:

>
> > diff --git a/linux-user/elfload.c b/linux-user/elfload.c
> > index 2832a33..9399e44 100644
> > --- a/linux-user/elfload.c
> > +++ b/linux-user/elfload.c
> > @@ -1662,6 +1662,11 @@ int load_elf_binary(struct linux_binprm * bprm,
> > struct target_pt_regs * regs,
> > when we load the interpreter.  */
> >  elf_ex = *(struct elfhdr *)bprm->buf;
> >
> > +#if defined(TARGET_MIPS64)
> > +if ((elf_ex.e_flags & EF_MIPS_MARCH) == E_MIPS_MACH_OCTEON) {
> > +info->elf_arch = 1;
> > +}
> > +#endif
> > +++ b/linux-user/main.c
> > @@ -3348,6 +3348,11 @@ int main(int argc, char **argv, char **envp)
> >  if (regs->cp0_epc & 1) {
> >  env->hflags |= MIPS_HFLAG_M16;
> >  }
> > +#if defined(TARGET_MIPS64)
> > +if (info->elf_arch) {
> > +env->insn_flags |=  INSN_OCTEON;
> > +}
> > +#endif
> >  }
>

where we put elf_arch in image_info

and INSN_OCTEON is in target_mips/mips-defs.h as follows
  #define INSN_LOONGSON2E  0x2000
  #define INSN_LOONGSON2F  0x4000
  #define INSN_VR54XX 0x8000
+#defineINSN_OCTEON 0x1000

Is this solution acceptable for you?

[Qemu-devel] [PATCH v4 0/4] Fix -icount with iothread

[Paolo Bonzini]

This series finally fixes -icount with iothread and avoids deadlocks
due to the vm_clock not making progress when the VM is stopped.
The crux of the fix is in patch 1, while patch 2 implements the
"clock warping" that fixes deadlocks in v2.  Clock warping uses
the nanosecond resolution rt_clock timers introduced by my previous
series.

With this in place, patch 3 can revert the previous attempt(s).
Finally, patch 4 makes the icount code clearer by finishing the
bugfix/reorganization of qemu_next_deadline vs. qemu_next_alarm_deadline.

v1->v2:
reordered patches, renamed qemu_next_deadline

v2->v3:
introduced warp timer

v3->v4:
added comments to the code

Paolo Bonzini (4):
  really fix -icount in the iothread case
  enable vm_clock to "warp" in the iothread+icount case
  Revert wrong fixes for -icount in the iothread case
  qemu_next_deadline should not consider host-time timers

 cpus.c|   13 -
 qemu-common.h |1 +
 qemu-timer.c  |  169 -
 qemu-timer.h  |3 +-
 roms/seabios  |2 +-
 5 files changed, 146 insertions(+), 42 deletions(-)

-- 
1.7.4

[Qemu-devel] [PATCH v4 2/4] enable vm_clock to "warp" in the iothread+icount case

[Paolo Bonzini]

The previous patch however is not enough, because if the virtual CPU
goes to sleep waiting for a future timer interrupt to wake it up, qemu
deadlocks.  The timer interrupt never comes because time is driven by
icount, but the vCPU doesn't run any insns.

You could say that VCPUs should never go to sleep in icount
mode if there is a pending vm_clock timer; rather time should
just warp to the next vm_clock event with no sleep ever taking place.
Even better, you can sleep for some time related to the
time left until the next event, to avoid that the warps are too visible
externally; for example, you could be sending network packets continously
instead of every 100ms.

This is what this patch implements.  qemu_clock_warp is called: 1)
whenever a vm_clock timer is adjusted, to ensure the warp_timer is
synchronized; 2) at strategic points in the CPU thread, to make sure
the insn counter is synchronized before the CPU starts running.
In any case, the warp_timer is disabled while the CPU is running,
because the insn counter will then be making progress on its own.

Signed-off-by: Paolo Bonzini 
Tested-by: Edgar E. Iglesias 
---
 cpus.c|8 -
 qemu-common.h |1 +
 qemu-timer.c  |   94 -
 qemu-timer.h  |1 +
 roms/seabios  |2 +-
 5 files changed, 103 insertions(+), 3 deletions(-)

diff --git a/cpus.c b/cpus.c
index cbeac7a..6a50199 100644
--- a/cpus.c
+++ b/cpus.c
@@ -155,7 +155,7 @@ static bool cpu_thread_is_idle(CPUState *env)
 return true;
 }
 
-static bool all_cpu_threads_idle(void)
+bool all_cpu_threads_idle(void)
 {
 CPUState *env;
 
@@ -739,6 +739,9 @@ static void qemu_tcg_wait_io_event(void)
 CPUState *env;
 
 while (all_cpu_threads_idle()) {
+   /* Start accounting real time to the virtual clock if the CPUs
+  are idle.  */
+qemu_clock_warp(vm_clock);
 qemu_cond_wait(tcg_halt_cond, &qemu_global_mutex);
 }
 
@@ -1073,6 +1076,9 @@ bool cpu_exec_all(void)
 {
 int r;
 
+/* Account partial waits to the vm_clock.  */
+qemu_clock_warp(vm_clock);
+
 if (next_cpu == NULL) {
 next_cpu = first_cpu;
 }
diff --git a/qemu-common.h b/qemu-common.h
index 82e27c1..4f6037b 100644
--- a/qemu-common.h
+++ b/qemu-common.h
@@ -298,6 +298,7 @@ void qemu_notify_event(void);
 void qemu_cpu_kick(void *env);
 void qemu_cpu_kick_self(void);
 int qemu_cpu_is_self(void *env);
+bool all_cpu_threads_idle(void);
 
 /* work queue */
 struct qemu_work_item {
diff --git a/qemu-timer.c b/qemu-timer.c
index 50f1943..4959688 100644
--- a/qemu-timer.c
+++ b/qemu-timer.c
@@ -153,6 +153,8 @@ void cpu_disable_ticks(void)
 struct QEMUClock {
 int type;
 int enabled;
+
+QEMUTimer *warp_timer;
 };
 
 struct QEMUTimer {
@@ -386,6 +388,90 @@ void qemu_clock_enable(QEMUClock *clock, int enabled)
 clock->enabled = enabled;
 }
 
+static int64_t vm_clock_warp_start;
+
+static void icount_warp_rt(void *opaque)
+{
+if (vm_clock_warp_start == -1) {
+return;
+}
+
+if (vm_running) {
+int64_t clock = qemu_get_clock_ns(rt_clock);
+int64_t warp_delta = clock - vm_clock_warp_start;
+if (use_icount == 1) {
+qemu_icount_bias += warp_delta;
+} else {
+/*
+ * In adaptive mode, do not let the vm_clock run too
+ * far ahead of real time.
+ */
+int64_t cur_time = cpu_get_clock();
+int64_t cur_icount = qemu_get_clock_ns(vm_clock);
+int64_t delta = cur_time - cur_icount;
+qemu_icount_bias += MIN(warp_delta, delta);
+}
+if (qemu_timer_expired(active_timers[QEMU_CLOCK_VIRTUAL],
+   qemu_get_clock_ns(vm_clock))) {
+qemu_notify_event();
+}
+}
+vm_clock_warp_start = -1;
+}
+
+void qemu_clock_warp(QEMUClock *clock)
+{
+int64_t deadline;
+
+if (!clock->warp_timer) {
+return;
+}
+
+/*
+ * There are too many global variables to make the "warp" behavior
+ * applicable to other clocks.  But a clock argument removes the
+ * need for if statements all over the place.
+ */
+assert(clock == vm_clock);
+
+/*
+ * If the CPUs have been sleeping, advance the vm_clock timer now.  This
+ * ensures that the deadline for the timer is computed correctly below.
+ * This also makes sure that the insn counter is synchronized before the
+ * CPU starts running, in case the CPU is woken by an event other than
+ * the earliest vm_clock timer.
+ */
+icount_warp_rt(NULL);
+if (!all_cpu_threads_idle() || !active_timers[clock->type]) {
+qemu_del_timer(clock->warp_timer);
+return;
+}
+
+vm_clock_warp_start = qemu_get_clock_ns(rt_clock);
+deadline = qemu_next_deadline();
+if (deadline > 0) {
+/*
+ * Ensure the vm_clock proceeds even when the virtual CPU goes to
+ * sleep.  Otherwise

[Qemu-devel] [PATCH v4 4/4] qemu_next_deadline should not consider host-time timers

[Paolo Bonzini]

It is purely for icount-based virtual timers.  And now that we got the
code right, rename the function to clarify the intended scope.

Signed-off-by: Paolo Bonzini 
Tested-by: Edgar E. Iglesias 
---
 cpus.c   |4 ++--
 qemu-timer.c |   13 -
 qemu-timer.h |2 +-
 3 files changed, 7 insertions(+), 12 deletions(-)

diff --git a/cpus.c b/cpus.c
index 6a50199..1fc34b7 100644
--- a/cpus.c
+++ b/cpus.c
@@ -833,7 +833,7 @@ static void *qemu_tcg_cpu_thread_fn(void *arg)
 
 while (1) {
 cpu_exec_all();
-if (use_icount && qemu_next_deadline() <= 0) {
+if (use_icount && qemu_next_icount_deadline() <= 0) {
 qemu_notify_event();
 }
 qemu_tcg_wait_io_event();
@@ -1050,7 +1050,7 @@ static int tcg_cpu_exec(CPUState *env)
 qemu_icount -= (env->icount_decr.u16.low + env->icount_extra);
 env->icount_decr.u16.low = 0;
 env->icount_extra = 0;
-count = qemu_icount_round (qemu_next_deadline());
+count = qemu_icount_round(qemu_next_icount_deadline());
 qemu_icount += count;
 decr = (count > 0x) ? 0x : count;
 count -= decr;
diff --git a/qemu-timer.c b/qemu-timer.c
index 7998f37..b8c0c88 100644
--- a/qemu-timer.c
+++ b/qemu-timer.c
@@ -452,7 +452,7 @@ void qemu_clock_warp(QEMUClock *clock)
 }
 
 vm_clock_warp_start = qemu_get_clock_ns(rt_clock);
-deadline = qemu_next_deadline();
+deadline = qemu_next_icount_deadline();
 if (deadline > 0) {
 /*
  * Ensure the vm_clock proceeds even when the virtual CPU goes to
@@ -765,21 +765,16 @@ static void host_alarm_handler(int host_signum)
 }
 }
 
-int64_t qemu_next_deadline(void)
+int64_t qemu_next_icount_deadline(void)
 {
 /* To avoid problems with overflow limit this to 2^32.  */
 int64_t delta = INT32_MAX;
 
+assert(use_icount);
 if (active_timers[QEMU_CLOCK_VIRTUAL]) {
 delta = active_timers[QEMU_CLOCK_VIRTUAL]->expire_time -
  qemu_get_clock_ns(vm_clock);
 }
-if (active_timers[QEMU_CLOCK_HOST]) {
-int64_t hdelta = active_timers[QEMU_CLOCK_HOST]->expire_time -
- qemu_get_clock_ns(host_clock);
-if (hdelta < delta)
-delta = hdelta;
-}
 
 if (delta < 0)
 delta = 0;
@@ -1169,7 +1164,7 @@ int qemu_calculate_timeout(void)
 } else {
 /* Wait for either IO to occur or the next
timer event.  */
-add = qemu_next_deadline();
+add = qemu_next_icount_deadline();
 /* We advance the timer before checking for IO.
Limit the amount we advance so that early IO
activity won't get the guest too far ahead.  */
diff --git a/qemu-timer.h b/qemu-timer.h
index c01bcab..3a9228f 100644
--- a/qemu-timer.h
+++ b/qemu-timer.h
@@ -51,7 +51,7 @@ int qemu_timer_expired(QEMUTimer *timer_head, int64_t 
current_time);
 
 void qemu_run_all_timers(void);
 int qemu_alarm_pending(void);
-int64_t qemu_next_deadline(void);
+int64_t qemu_next_icount_deadline(void);
 void configure_alarms(char const *opt);
 void configure_icount(const char *option);
 int qemu_calculate_timeout(void);
-- 
1.7.4

[Qemu-devel] [PATCH v4 1/4] really fix -icount in the iothread case

[Paolo Bonzini]

The correct fix for -icount is to consider the biggest difference
between iothread and non-iothread modes.  In the traditional model,
CPUs run _before_ the iothread calls select (or WaitForMultipleObjects
for Win32).  In the iothread model, CPUs run while the iothread
isn't holding the mutex, i.e. _during_ those same calls.

So, the iothread should always block as long as possible to let
the CPUs run smoothly---the timeout might as well be infinite---and
either the OS or the CPU thread itself will let the iothread know
when something happens.  At this point, the iothread wakes up and
interrupts the CPU.

This is exactly the approach that this patch takes: when cpu_exec_all
returns in -icount mode, and it is because a vm_clock deadline has
been met, it wakes up the iothread to process the timers.  This is
really the "bulk" of fixing icount.

Signed-off-by: Paolo Bonzini 
Tested-by: Edgar E. Iglesias 
---
 cpus.c |3 +++
 1 files changed, 3 insertions(+), 0 deletions(-)

diff --git a/cpus.c b/cpus.c
index 41bec7c..cbeac7a 100644
--- a/cpus.c
+++ b/cpus.c
@@ -830,6 +830,9 @@ static void *qemu_tcg_cpu_thread_fn(void *arg)
 
 while (1) {
 cpu_exec_all();
+if (use_icount && qemu_next_deadline() <= 0) {
+qemu_notify_event();
+}
 qemu_tcg_wait_io_event();
 }
 
-- 
1.7.4

[Qemu-devel] [PATCH v4 3/4] Revert wrong fixes for -icount in the iothread case

[Paolo Bonzini]

This reverts commits 225d02cd and c9f7383c.  While some parts of
the latter could be saved, I preferred a smooth, complete revert.

Signed-off-by: Paolo Bonzini 
Tested-by: Edgar E. Iglesias 
---
 qemu-timer.c |   66 +++--
 1 files changed, 36 insertions(+), 30 deletions(-)

diff --git a/qemu-timer.c b/qemu-timer.c
index 4959688..7998f37 100644
--- a/qemu-timer.c
+++ b/qemu-timer.c
@@ -110,9 +110,12 @@ static int64_t cpu_get_clock(void)
 }
 }
 
+#ifndef CONFIG_IOTHREAD
 static int64_t qemu_icount_delta(void)
 {
-if (use_icount == 1) {
+if (!use_icount) {
+return 5000 * (int64_t) 100;
+} else if (use_icount == 1) {
 /* When not using an adaptive execution frequency
we tend to get badly out of sync with real time,
so just delay for a reasonable amount of time.  */
@@ -121,6 +124,7 @@ static int64_t qemu_icount_delta(void)
 return cpu_get_icount() - cpu_get_clock();
 }
 }
+#endif
 
 /* enable cpu_get_ticks() */
 void cpu_enable_ticks(void)
@@ -1147,39 +1151,41 @@ void quit_timers(void)
 
 int qemu_calculate_timeout(void)
 {
+#ifndef CONFIG_IOTHREAD
 int timeout;
-int64_t add;
-int64_t delta;
 
-/* When using icount, making forward progress with qemu_icount when the
-   guest CPU is idle is critical. We only use the static io-thread timeout
-   for non icount runs.  */
-if (!use_icount || !vm_running) {
-return 5000;
-}
-
-/* Advance virtual time to the next event.  */
-delta = qemu_icount_delta();
-if (delta > 0) {
-/* If virtual time is ahead of real time then just
-   wait for IO.  */
-timeout = (delta + 99) / 100;
-} else {
-/* Wait for either IO to occur or the next
-   timer event.  */
-add = qemu_next_deadline();
-/* We advance the timer before checking for IO.
-   Limit the amount we advance so that early IO
-   activity won't get the guest too far ahead.  */
-if (add > 1000)
-add = 1000;
-delta += add;
-qemu_icount += qemu_icount_round (add);
-timeout = delta / 100;
-if (timeout < 0)
-timeout = 0;
+if (!vm_running)
+timeout = 5000;
+else {
+ /* XXX: use timeout computed from timers */
+int64_t add;
+int64_t delta;
+/* Advance virtual time to the next event.  */
+   delta = qemu_icount_delta();
+if (delta > 0) {
+/* If virtual time is ahead of real time then just
+   wait for IO.  */
+timeout = (delta + 99) / 100;
+} else {
+/* Wait for either IO to occur or the next
+   timer event.  */
+add = qemu_next_deadline();
+/* We advance the timer before checking for IO.
+   Limit the amount we advance so that early IO
+   activity won't get the guest too far ahead.  */
+if (add > 1000)
+add = 1000;
+delta += add;
+qemu_icount += qemu_icount_round (add);
+timeout = delta / 100;
+if (timeout < 0)
+timeout = 0;
+}
 }
 
 return timeout;
+#else /* CONFIG_IOTHREAD */
+return 1000;
+#endif
 }
 
-- 
1.7.4

[Qemu-devel] [PATCH] vpc.c: Use get_option_parameter() does the search

[Mitnick Lyu]

Use get_option_parameter() to instead of duplicating the loop, and use 
BDRV_SECTOR_SIZE to instead of 512

Signed-off-by: Mitnick Lyu 
---
 block/vpc.c |8 ++--
 1 files changed, 2 insertions(+), 6 deletions(-)

diff --git a/block/vpc.c b/block/vpc.c
index 7b025be..56865da 100644
--- a/block/vpc.c
+++ b/block/vpc.c
@@ -505,12 +505,8 @@ static int vpc_create(const char *filename, 
QEMUOptionParameter *options)
 int ret = -EIO;
 
 // Read out options
-while (options && options->name) {
-if (!strcmp(options->name, "size")) {
-total_sectors = options->value.n / 512;
-}
-options++;
-}
+total_sectors = get_option_parameter(options, BLOCK_OPT_SIZE)->value.n /
+BDRV_SECTOR_SIZE;
 
 // Create the file
 fd = open(filename, O_WRONLY | O_CREAT | O_TRUNC | O_BINARY, 0644);
-- 
1.7.0.4

[Qemu-devel] [PATCH 0/4] Minor USB fixes

[Brad Hards]

1 fixes spellos in the mass-storage driver
2-4 fix issues in Linux usb pass-through code. 

[Qemu-devel] [PATCH 1/4] usb: trivial spelling fixes

[Brad Hards]

Signed-off-by: Brad Hards 
---
 hw/usb-msd.c |4 ++--
 1 files changed, 2 insertions(+), 2 deletions(-)

diff --git a/hw/usb-msd.c b/hw/usb-msd.c
index 76f5b02..947fd3f 100644
--- a/hw/usb-msd.c
+++ b/hw/usb-msd.c
@@ -33,7 +33,7 @@ do { printf("usb-msd: " fmt , ## __VA_ARGS__); } while (0)
 
 enum USBMSDMode {
 USB_MSDM_CBW, /* Command Block.  */
-USB_MSDM_DATAOUT, /* Tranfer data to device.  */
+USB_MSDM_DATAOUT, /* Transfer data to device.  */
 USB_MSDM_DATAIN, /* Transfer data from device.  */
 USB_MSDM_CSW /* Command Status.  */
 };
@@ -253,7 +253,7 @@ static void usb_msd_command_complete(SCSIBus *bus, int 
reason, uint32_t tag,
 usb_msd_copy_data(s);
 if (s->usb_len == 0) {
 /* Set s->packet to NULL before calling usb_packet_complete
-   because annother request may be issued before
+   because another request may be issued before
usb_packet_complete returns.  */
 DPRINTF("Packet complete %p\n", p);
 s->packet = NULL;
-- 
1.7.1

[Qemu-devel] [PATCH 2/4] usb: initialise data element in Linux USB_DISCONNECT ioctl.

[Brad Hards]

This isn't used, but leaving it empty causes valgrind noise.

Signed-off-by: Brad Hards 
---
 usb-linux.c |1 +
 1 files changed, 1 insertions(+), 0 deletions(-)

diff --git a/usb-linux.c b/usb-linux.c
index 255009f..d958853 100644
--- a/usb-linux.c
+++ b/usb-linux.c
@@ -344,6 +344,7 @@ static int usb_host_claim_interfaces(USBHostDevice *dev, 
int configuration)
 for (interface = 0; interface < nb_interfaces; interface++) {
 ctrl.ioctl_code = USBDEVFS_DISCONNECT;
 ctrl.ifno = interface;
+ctrl.data = 0;
 ret = ioctl(dev->fd, USBDEVFS_IOCTL, &ctrl);
 if (ret < 0 && errno != ENODATA) {
 perror("USBDEVFS_DISCONNECT");
-- 
1.7.1

[Qemu-devel] [PATCH 3/4] usb: fix spelling errors in usb-linux.c

[Brad Hards]

Signed-off-by: Brad Hards 
---
 usb-linux.c |4 ++--
 1 files changed, 2 insertions(+), 2 deletions(-)

diff --git a/usb-linux.c b/usb-linux.c
index d958853..1f33c2c 100644
--- a/usb-linux.c
+++ b/usb-linux.c
@@ -107,7 +107,7 @@ enum {
 /*
  * Control transfer state.
  * Note that 'buffer' _must_ follow 'req' field because
- * we need contigious buffer when we submit control URB.
+ * we need contiguous buffer when we submit control URB.
  */
 struct ctrl_struct {
 uint16_t len;
@@ -580,7 +580,7 @@ static int usb_host_handle_control(USBHostDevice *s, 
USBPacket *p)
 /*
  * Setup ctrl transfer.
  *
- * s->ctrl is layed out such that data buffer immediately follows
+ * s->ctrl is laid out such that data buffer immediately follows
  * 'req' struct which is exactly what usbdevfs expects.
  */
 urb = &aurb->urb;
-- 
1.7.1

[Qemu-devel] [PATCH 4/4] usb: use DPRINTF instead of printf for some simple cases

[Brad Hards]

Signed-off-by: Brad Hards 
---
 usb-linux.c |   16 
 1 files changed, 8 insertions(+), 8 deletions(-)

diff --git a/usb-linux.c b/usb-linux.c
index 1f33c2c..b02a0f9 100644
--- a/usb-linux.c
+++ b/usb-linux.c
@@ -233,8 +233,8 @@ static void async_complete(void *opaque)
 return;
 }
 if (errno == ENODEV && !s->closing) {
-printf("husb: device %d.%d disconnected\n",
-   s->bus_num, s->addr);
+DPRINTF("husb: device %d.%d disconnected\n",
+s->bus_num, s->addr);
 usb_host_close(s);
 usb_host_auto_check(NULL);
 return;
@@ -320,7 +320,7 @@ static int usb_host_claim_interfaces(USBHostDevice *dev, 
int configuration)
 }
 config_descr_len = dev->descr[i];
 
-printf("husb: config #%d need %d\n", dev->descr[i + 5], configuration);
+DPRINTF("husb: config #%d need %d\n", dev->descr[i + 5], 
configuration);
 
 if (configuration < 0 || configuration == dev->descr[i + 5]) {
 configuration = dev->descr[i + 5];
@@ -359,7 +359,7 @@ static int usb_host_claim_interfaces(USBHostDevice *dev, 
int configuration)
 ret = ioctl(dev->fd, USBDEVFS_CLAIMINTERFACE, &interface);
 if (ret < 0) {
 if (errno == EBUSY) {
-printf("husb: update iface. device already grabbed\n");
+DPRINTF("husb: update iface. device already grabbed\n");
 } else {
 perror("husb: failed to claim interface");
 }
@@ -368,8 +368,8 @@ static int usb_host_claim_interfaces(USBHostDevice *dev, 
int configuration)
 }
 }
 
-printf("husb: %d interfaces claimed for configuration %d\n",
-   nb_interfaces, configuration);
+DPRINTF("husb: %d interfaces claimed for configuration %d\n",
+nb_interfaces, configuration);
 
 dev->ninterfaces   = nb_interfaces;
 dev->configuration = configuration;
@@ -929,7 +929,7 @@ static int usb_host_open(USBHostDevice *dev, int bus_num,
 if (dev->fd != -1) {
 goto fail;
 }
-printf("husb: open device %d.%d\n", bus_num, addr);
+DPRINTF("husb: open device %d.%d\n", bus_num, addr);
 
 if (!usb_host_device_path) {
 perror("husb: USB Host Device Path not set");
@@ -984,7 +984,7 @@ static int usb_host_open(USBHostDevice *dev, int bus_num,
 goto fail;
 }
 
-printf("husb: grabbed usb device %d.%d\n", bus_num, addr);
+DPRINTF("husb: grabbed usb device %d.%d\n", bus_num, addr);
 
 ret = usb_linux_update_endp_table(dev);
 if (ret) {
-- 
1.7.1

Re: [Qemu-devel] [PATCH v5 0/5] atapi: Implement 'media' subcommand for GESN

[Kevin Wolf]

Am 12.04.2011 18:06, schrieb Amit Shah:
> The GET_EVENT_STATUS_NOTIFICATION ATAPI command is listed as a
> mandatory command in the spec but we don't really implement it any of
> its sub-commands.
> 
> The commit message for the last commit explains why implementing just
> the media subcommand is helpful and how it goes a long way in getting
> guests to behave as expected.
> 
> The difference from the RFC series sent earlier is:
> - Split into more patches
> - Add tray open/close notification (from Markus)
> 
> There certainly is much more work to be done for the other commands
> and also for state change handling (tray open / close / new media)
> overall for the block layer, but this is a good first step in being
> spec-compliant and at the same time making guests work.

Thanks, applied all to the block branch.

Kevin

Re: [Qemu-devel] [PATCH] vpc.c: Use get_option_parameter() does the search

[Kevin Wolf]

Am 13.04.2011 11:30, schrieb Mitnick Lyu:
> Use get_option_parameter() to instead of duplicating the loop, and use 
> BDRV_SECTOR_SIZE to instead of 512
> 
> Signed-off-by: Mitnick Lyu 

Thanks, applied to the block branch.

Kevin

Re: [Qemu-devel] [PATCH V12 05/17] xen: Add xenfv machine

[Stefano Stabellini]

On Tue, 12 Apr 2011, Jan Kiszka wrote:
> Well, either you have a use for the VCPU state (how do you do migration
> in Xen without it?), or you should probably teach QEMU in a careful &
> clean way to run its device model without VCPUs - and without any
> TCG-related memory consumption. For the latter, you would likely receive
> kudos from KVM people as well.
>
> BTW, if you happen to support that crazy vmport under Xen, not updating
> the VCPU state will break your neck. Also, lacking VCPUs prevent the
> usage of analysis and debugging features of QEMU (monitor, gdbstub).

We don't use the vcpu state in qemu because qemu takes care of device
emulation only; under xen the vcpu state is saved and restored by the
hypervisor.
We are currently using the number of vcpus just to know how many event
channels we have to bind to receive and send io notifications.
Thus your suggestion of teaching qemu to run without vcpus is probably
the right thing to do here.

Re: [Qemu-devel] [PATCH V12 05/17] xen: Add xenfv machine

[Jan Kiszka]

On 2011-04-13 12:56, Stefano Stabellini wrote:
> On Tue, 12 Apr 2011, Jan Kiszka wrote:
>> Well, either you have a use for the VCPU state (how do you do migration
>> in Xen without it?), or you should probably teach QEMU in a careful &
>> clean way to run its device model without VCPUs - and without any
>> TCG-related memory consumption. For the latter, you would likely receive
>> kudos from KVM people as well.
>>
>> BTW, if you happen to support that crazy vmport under Xen, not updating
>> the VCPU state will break your neck. Also, lacking VCPUs prevent the
>> usage of analysis and debugging features of QEMU (monitor, gdbstub).
> 
> We don't use the vcpu state in qemu because qemu takes care of device
> emulation only; under xen the vcpu state is saved and restored by the
> hypervisor.

Just out of curiosity: So you are extracting the device states out of
QEMU on migration, do the same with the VCPU states from the hypervisor
(which wouldn't be that different from KVM in fact), and then transfer
that to the destination node? Is there a technical or historical reason
for this split-up? I mean, you still need some managing instance that
does the state transportation and VM control on both sides, i.e. someone
for the job that QEMU is doing for TCG or KVM migrations.

Jan

-- 
Siemens AG, Corporate Technology, CT T DE IT 1
Corporate Competence Center Embedded Linux

[Qemu-devel] [PATCH] libcacard: fix opposite usage of isspace

[Alon Levy]

Signed-off-by: Alon Levy 
---
 libcacard/vcard_emul_nss.c |4 ++--
 1 files changed, 2 insertions(+), 2 deletions(-)

diff --git a/libcacard/vcard_emul_nss.c b/libcacard/vcard_emul_nss.c
index 71f2ba3..baada52 100644
--- a/libcacard/vcard_emul_nss.c
+++ b/libcacard/vcard_emul_nss.c
@@ -955,7 +955,7 @@ count_tokens(const char *str, char token, char token_end)
 static const char *
 strip(const char *str)
 {
-for (; *str && !isspace(*str); str++) {
+for (; *str && isspace(*str); str++) {
 }
 return str;
 }
@@ -963,7 +963,7 @@ strip(const char *str)
 static const char *
 find_blank(const char *str)
 {
-for (; *str && isspace(*str); str++) {
+for (; *str && !isspace(*str); str++) {
 }
 return str;
 }
-- 
1.7.4.2

Re: [Qemu-devel] [PATCH V12 05/17] xen: Add xenfv machine

[Stefano Stabellini]

On Wed, 13 Apr 2011, Jan Kiszka wrote:
> On 2011-04-13 12:56, Stefano Stabellini wrote:
> > On Tue, 12 Apr 2011, Jan Kiszka wrote:
> >> Well, either you have a use for the VCPU state (how do you do migration
> >> in Xen without it?), or you should probably teach QEMU in a careful &
> >> clean way to run its device model without VCPUs - and without any
> >> TCG-related memory consumption. For the latter, you would likely receive
> >> kudos from KVM people as well.
> >>
> >> BTW, if you happen to support that crazy vmport under Xen, not updating
> >> the VCPU state will break your neck. Also, lacking VCPUs prevent the
> >> usage of analysis and debugging features of QEMU (monitor, gdbstub).
> > 
> > We don't use the vcpu state in qemu because qemu takes care of device
> > emulation only; under xen the vcpu state is saved and restored by the
> > hypervisor.
> 
> Just out of curiosity: So you are extracting the device states out of
> QEMU on migration, do the same with the VCPU states from the hypervisor
> (which wouldn't be that different from KVM in fact), and then transfer
> that to the destination node? Is there a technical or historical reason
> for this split-up? I mean, you still need some managing instance that
> does the state transportation and VM control on both sides, i.e. someone
> for the job that QEMU is doing for TCG or KVM migrations.

That someone is the "toolstack", I guess libvirt would be the closest
thing to our toolstack in the kvm world.
The reason why we have a toolstack performing this task rather than qemu
is that pure PV guests don't need device emulation, so we don't even
have qemu running most of the times if there are only linux guests
installed in the system.

[Qemu-devel] [Bug 757702] Re: Undefined instruction exception starts at offset 0x8 instead of 0x4

[Peter Maydell]

> Were you able to replicate the problem with the steps that I had mentioned ?
> The key thing is is if you don't set breakpoint at 0x4 or 0x8 just follow
> the execution flow using "si" command of GDB.
> You will definitely hit the problem.

Ah, I had to find a different gdb to reproduce this with (arm-none-eabi-
gdb from the 2010.09 codesourcery toolchain). That gdb does single-step-
insn by asking the target to single step, and you get the behaviour
above. The gdb I was using does single-step-insn by setting breakpoints
at where it thinks the next insn will be, which means that "si" on the
UNDEF never returns because gdb has set a bp at 0x10005c which we of
course never hit. With the codesourcery gdb I see 'si' having the
behaviour you describe above.

However:

(gdb) target remote :1234
Remote debugging using :1234
0x0010 in ?? ()
(gdb) break *0x4
Breakpoint 1 at 0x4
(gdb) si
0x00100054 in ?? ()
(gdb) si
0x00100058 in ?? ()
(gdb) si

Breakpoint 1, 0x0004 in ?? ()

ie if we set an explicit breakpoint at 0x4 we do hit it. I think it's
just that the singlestep doesn't do what you expect: instead of stopping
before we execute the instruction at the UNDEF vector, we first execute
it and then stop afterwards [this sort of makes a twisted kind of sense
if you think about it -- we never actually executed the UNDEF insn
because we took the exception first, so single-step executes exactly one
instruction which is the one at 0x4. However it's hopelessly confusing
for the user so I'd consider it a bug.]

Can you confirm that if you set the breakpoint as I do in the transcript
above you see the same output?

So I think that what is happening here is that misbehaviour by qemu's
gdb interface is confusing you, rather than the actual qemu ARM
implementation being wrong.

If you revise your test program so that it installs some actual code
into the vectors rather than leaving them all as NOPs I think this will
be more obvious.

-- 
You received this bug notification because you are a member of qemu-
devel-ml, which is subscribed to QEMU.
https://bugs.launchpad.net/bugs/757702

Title:
  Undefined instruction exception starts at offset 0x8 instead of 0x4

Status in QEMU:
  New

Bug description:
  ARMv7a has lot of undefined instruction from its instruction opcode
  space. This undefined instructions are very useful for replacing
  sensitive non-priviledged instructions of guest operating systems
  (virtualization). The undefined instruction exception executes at
   + 0x4, where  can be 0x0 or
  0xfff0. Currently, in qemu 0.14.0 undefined instruction fault at
  0x8 offset instead of 0x4. This was not a problem with qemu 0.13.0,
  seems like this is a new bug. As as example, if we try to execute
  value "0xec019800" in qemu 0.14.0 then it should cause undefined
  exception at +0x4 since "0xec019800" is an undefined
  instruction.

[Qemu-devel] [PULL 00/10] Block patches

[Kevin Wolf]

The following changes since commit 9df38c47d01eb1fd7eb9d60ac70a4170e638b4a2:

  target-arm: Detect tininess before rounding for FP operations (2011-04-12 
23:33:33 +0200)

are available in the git repository at:
  git://repo.or.cz/qemu/kevin.git for-anthony

Amit Shah (7):
  atapi: Drives can be locked without media present
  atapi: Report correct errors on guest eject request
  atapi: Allow GET_EVENT_STATUS_NOTIFICATION after media change
  atapi: Move GET_EVENT_STATUS_NOTIFICATION command handling to its own 
function
  atapi: GESN: Use structs for commonly-used field types
  atapi: GESN: Standardise event response handling for future additions
  atapi: GESN: implement 'media' subcommand

Anthony Liguori (1):
  qed: Add support for zero clusters

Mitnick Lyu (1):
  vpc.c: Use get_option_parameter() does the search

Stefan Hajnoczi (1):
  docs: Describe zero data clusters in QED specification

 block/qed-check.c   |5 +-
 block/qed-cluster.c |   31 +---
 block/qed.c |   21 -
 block/qed.h |   26 ++
 block/vpc.c |8 +--
 docs/specs/qed_spec.txt |8 ++
 hw/ide/core.c   |  204 ---
 hw/ide/internal.h   |6 ++
 8 files changed, 258 insertions(+), 51 deletions(-)

[Qemu-devel] [PATCH 01/10] docs: Describe zero data clusters in QED specification

[Kevin Wolf]

From: Stefan Hajnoczi 

Zero data clusters are a space-efficient way of storing zeroed regions
of the image.

Signed-off-by: Stefan Hajnoczi 
Signed-off-by: Kevin Wolf 
---
 docs/specs/qed_spec.txt |8 
 1 files changed, 8 insertions(+), 0 deletions(-)

diff --git a/docs/specs/qed_spec.txt b/docs/specs/qed_spec.txt
index 1d5fa87..7982e05 100644
--- a/docs/specs/qed_spec.txt
+++ b/docs/specs/qed_spec.txt
@@ -89,6 +89,7 @@ L1, L2, and data cluster offsets must be aligned to 
header.cluster_size.  The fo
 
 ===Data cluster offsets===
 * 0 - unallocated.  The data cluster is not yet allocated.
+* 1 - zero.  The data cluster contents are all zeroes and no cluster is 
allocated.
 
 Future format extensions may wish to store per-offset information.  The least 
significant 12 bits of an offset are reserved for this purpose and must be set 
to zero.  Image files with cluster_size > 2^12 will have more unused bits which 
should also be zeroed.
 
@@ -97,6 +98,13 @@ Reads to an unallocated area of the image file access the 
backing file.  If ther
 
 Writes to an unallocated area cause a new data clusters to be allocated, and a 
new L2 table if that is also unallocated.  The new data cluster is populated 
with data from the backing file (or zeroes if no backing file) and the data 
being written.
 
+===Zero data clusters===
+Zero data clusters are a space-efficient way of storing zeroed regions of the 
image.
+
+Reads to a zero data cluster produce zeroes.  Note that the difference between 
an unallocated and a zero data cluster is that zero data clusters stop the 
reading of contents from the backing file.
+
+Writes to a zero data cluster cause a new data cluster to be allocated.  The 
new data cluster is populated with zeroes and the data being written.
+
 ===Logical offset translation===
 Logical offsets are translated into cluster offsets as follows:
 
-- 
1.7.2.3

[Qemu-devel] [PATCH 04/10] atapi: Report correct errors on guest eject request

[Kevin Wolf]

From: Amit Shah 

Table 629 of the MMC-5 spec mentions two different error conditions when
a CDROM eject is requested: a) while a disc is inserted and b) while a
disc is not inserted.

Ensure we return the appropriate error for the present condition of the
drive and disc status.

Signed-off-by: Amit Shah 
Signed-off-by: Kevin Wolf 
---
 hw/ide/core.c |8 ++--
 1 files changed, 6 insertions(+), 2 deletions(-)

diff --git a/hw/ide/core.c b/hw/ide/core.c
index a290142..b5de22e 100644
--- a/hw/ide/core.c
+++ b/hw/ide/core.c
@@ -1304,7 +1304,7 @@ static void ide_atapi_cmd(IDEState *s)
 break;
 case GPCMD_START_STOP_UNIT:
 {
-int start, eject, err = 0;
+int start, eject, sense, err = 0;
 start = packet[4] & 1;
 eject = (packet[4] >> 1) & 1;
 
@@ -1317,7 +1317,11 @@ static void ide_atapi_cmd(IDEState *s)
 ide_atapi_cmd_ok(s);
 break;
 case -EBUSY:
-ide_atapi_cmd_error(s, SENSE_NOT_READY,
+sense = SENSE_NOT_READY;
+if (bdrv_is_inserted(s->bs)) {
+sense = SENSE_ILLEGAL_REQUEST;
+}
+ide_atapi_cmd_error(s, sense,
 ASC_MEDIA_REMOVAL_PREVENTED);
 break;
 default:
-- 
1.7.2.3

[Qemu-devel] [PATCH 02/10] qed: Add support for zero clusters

[Kevin Wolf]

From: Anthony Liguori 

Zero clusters are similar to unallocated clusters except instead of reading
their value from a backing file when one is available, the cluster is always
read as zero.

This implements read support only.  At this stage, QED will never write a
zero cluster.

Signed-off-by: Anthony Liguori 
Signed-off-by: Stefan Hajnoczi 
Signed-off-by: Kevin Wolf 
---
 block/qed-check.c   |5 +++--
 block/qed-cluster.c |   31 +--
 block/qed.c |   21 -
 block/qed.h |   26 ++
 4 files changed, 66 insertions(+), 17 deletions(-)

diff --git a/block/qed-check.c b/block/qed-check.c
index 4600932..ea4ebc8 100644
--- a/block/qed-check.c
+++ b/block/qed-check.c
@@ -72,7 +72,8 @@ static unsigned int qed_check_l2_table(QEDCheck *check, 
QEDTable *table)
 for (i = 0; i < s->table_nelems; i++) {
 uint64_t offset = table->offsets[i];
 
-if (!offset) {
+if (qed_offset_is_unalloc_cluster(offset) ||
+qed_offset_is_zero_cluster(offset)) {
 continue;
 }
 
@@ -111,7 +112,7 @@ static int qed_check_l1_table(QEDCheck *check, QEDTable 
*table)
 unsigned int num_invalid_l2;
 uint64_t offset = table->offsets[i];
 
-if (!offset) {
+if (qed_offset_is_unalloc_cluster(offset)) {
 continue;
 }
 
diff --git a/block/qed-cluster.c b/block/qed-cluster.c
index 0ec864b..3e19ad1 100644
--- a/block/qed-cluster.c
+++ b/block/qed-cluster.c
@@ -23,7 +23,8 @@
  * @n:  Maximum number of clusters
  * @offset: Set to first cluster offset
  *
- * This function scans tables for contiguous allocated or free clusters.
+ * This function scans tables for contiguous clusters.  A contiguous run of
+ * clusters may be allocated, unallocated, or zero.
  */
 static unsigned int qed_count_contiguous_clusters(BDRVQEDState *s,
   QEDTable *table,
@@ -38,9 +39,14 @@ static unsigned int 
qed_count_contiguous_clusters(BDRVQEDState *s,
 *offset = last;
 
 for (i = index + 1; i < end; i++) {
-if (last == 0) {
-/* Counting free clusters */
-if (table->offsets[i] != 0) {
+if (qed_offset_is_unalloc_cluster(last)) {
+/* Counting unallocated clusters */
+if (!qed_offset_is_unalloc_cluster(table->offsets[i])) {
+break;
+}
+} else if (qed_offset_is_zero_cluster(last)) {
+/* Counting zero clusters */
+if (!qed_offset_is_zero_cluster(table->offsets[i])) {
 break;
 }
 } else {
@@ -87,14 +93,19 @@ static void qed_find_cluster_cb(void *opaque, int ret)
 n = qed_count_contiguous_clusters(s, request->l2_table->table,
   index, n, &offset);
 
-ret = offset ? QED_CLUSTER_FOUND : QED_CLUSTER_L2;
-len = MIN(find_cluster_cb->len, n * s->header.cluster_size -
-  qed_offset_into_cluster(s, find_cluster_cb->pos));
-
-if (offset && !qed_check_cluster_offset(s, offset)) {
+if (qed_offset_is_unalloc_cluster(offset)) {
+ret = QED_CLUSTER_L2;
+} else if (qed_offset_is_zero_cluster(offset)) {
+ret = QED_CLUSTER_ZERO;
+} else if (qed_check_cluster_offset(s, offset)) {
+ret = QED_CLUSTER_FOUND;
+} else {
 ret = -EINVAL;
 }
 
+len = MIN(find_cluster_cb->len, n * s->header.cluster_size -
+  qed_offset_into_cluster(s, find_cluster_cb->pos));
+
 out:
 find_cluster_cb->cb(find_cluster_cb->opaque, ret, offset, len);
 qemu_free(find_cluster_cb);
@@ -132,7 +143,7 @@ void qed_find_cluster(BDRVQEDState *s, QEDRequest *request, 
uint64_t pos,
 len = MIN(len, (((pos >> s->l1_shift) + 1) << s->l1_shift) - pos);
 
 l2_offset = s->l1_table->offsets[qed_l1_index(s, pos)];
-if (!l2_offset) {
+if (qed_offset_is_unalloc_cluster(l2_offset)) {
 cb(opaque, QED_CLUSTER_L1, 0, len);
 return;
 }
diff --git a/block/qed.c b/block/qed.c
index 75ae244..c8c5930 100644
--- a/block/qed.c
+++ b/block/qed.c
@@ -573,7 +573,7 @@ static void qed_is_allocated_cb(void *opaque, int ret, 
uint64_t offset, size_t l
 {
 QEDIsAllocatedCB *cb = opaque;
 *cb->pnum = len / BDRV_SECTOR_SIZE;
-cb->is_allocated = ret == QED_CLUSTER_FOUND;
+cb->is_allocated = (ret == QED_CLUSTER_FOUND || ret == QED_CLUSTER_ZERO);
 }
 
 static int bdrv_qed_is_allocated(BlockDriverState *bs, int64_t sector_num,
@@ -745,7 +745,10 @@ static void qed_copy_from_backing_file(BDRVQEDState *s, 
uint64_t pos,
  * @table:  L2 table
  * @index:  First cluster index
  * @n:  Number of contiguous clusters
- * @cluster:First cluster byte offset in image file
+ * @cluster:First cluster offset
+ *
+ * The cluster offset may be an allocated byte offset in the image file, the
+ * zero cluster marker, or the unallocate

[Qemu-devel] [PATCH 03/10] atapi: Drives can be locked without media present

[Kevin Wolf]

From: Amit Shah 

Drivers are free to lock drives without any media present.  Such a
condition should not result in an error condition.

See Table 341 in MMC-5 spec for details.

Signed-off-by: Amit Shah 
Signed-off-by: Kevin Wolf 
---
 hw/ide/core.c |9 ++---
 1 files changed, 2 insertions(+), 7 deletions(-)

diff --git a/hw/ide/core.c b/hw/ide/core.c
index c11d457..a290142 100644
--- a/hw/ide/core.c
+++ b/hw/ide/core.c
@@ -1230,13 +1230,8 @@ static void ide_atapi_cmd(IDEState *s)
 ide_atapi_cmd_reply(s, 18, max_len);
 break;
 case GPCMD_PREVENT_ALLOW_MEDIUM_REMOVAL:
-if (bdrv_is_inserted(s->bs)) {
-bdrv_set_locked(s->bs, packet[4] & 1);
-ide_atapi_cmd_ok(s);
-} else {
-ide_atapi_cmd_error(s, SENSE_NOT_READY,
-ASC_MEDIUM_NOT_PRESENT);
-}
+bdrv_set_locked(s->bs, packet[4] & 1);
+ide_atapi_cmd_ok(s);
 break;
 case GPCMD_READ_10:
 case GPCMD_READ_12:
-- 
1.7.2.3

[Qemu-devel] [PATCH 08/10] atapi: GESN: Standardise event response handling for future additions

[Kevin Wolf]

From: Amit Shah 

Handle GET_EVENT_STATUS_NOTIFICATION's No Event Available response in a
generic way so that future additions to the code to handle other
response types is easier.

Signed-off-by: Amit Shah 
Acked-by: Jes Sorensen 
Acked-by: Paolo Bonzini 
Signed-off-by: Kevin Wolf 
---
 hw/ide/core.c |   25 +++--
 1 files changed, 19 insertions(+), 6 deletions(-)

diff --git a/hw/ide/core.c b/hw/ide/core.c
index f976947..a38cc14 100644
--- a/hw/ide/core.c
+++ b/hw/ide/core.c
@@ -1098,9 +1098,17 @@ static void 
handle_get_event_status_notification(IDEState *s,
 uint8_t control;
 } __attribute__((packed)) *gesn_cdb;
 
-unsigned int max_len;
+struct {
+uint16_t len;
+uint8_t notification_class;
+uint8_t supported_events;
+} __attribute((packed)) *gesn_event_header;
+
+unsigned int max_len, used_len;
 
 gesn_cdb = (void *)packet;
+gesn_event_header = (void *)buf;
+
 max_len = be16_to_cpu(gesn_cdb->len);
 
 /* It is fine by the MMC spec to not support async mode operations */
@@ -,12 +1119,17 @@ static void 
handle_get_event_status_notification(IDEState *s,
 return;
 }
 
-/* polling */
+/* polling mode operation */
+
 /* We don't support any event class (yet). */
-cpu_to_ube16(buf, 0x00); /* No event descriptor returned */
-buf[2] = 0x80;   /* No Event Available (NEA) */
-buf[3] = 0x00;   /* Empty supported event classes */
-ide_atapi_cmd_reply(s, 4, max_len);
+gesn_event_header->supported_events = 0;
+
+gesn_event_header->notification_class = 0x80; /* No event available */
+used_len = sizeof(*gesn_event_header);
+
+gesn_event_header->len = cpu_to_be16(used_len
+ - sizeof(*gesn_event_header));
+ide_atapi_cmd_reply(s, used_len, max_len);
 }
 
 static void ide_atapi_cmd(IDEState *s)
-- 
1.7.2.3

[Qemu-devel] [PATCH 10/10] vpc.c: Use get_option_parameter() does the search

[Kevin Wolf]

From: Mitnick Lyu 

Use get_option_parameter() to instead of duplicating the loop, and
use BDRV_SECTOR_SIZE to instead of 512

Signed-off-by: Mitnick Lyu 
Signed-off-by: Kevin Wolf 
---
 block/vpc.c |8 ++--
 1 files changed, 2 insertions(+), 6 deletions(-)

diff --git a/block/vpc.c b/block/vpc.c
index 7b025be..56865da 100644
--- a/block/vpc.c
+++ b/block/vpc.c
@@ -505,12 +505,8 @@ static int vpc_create(const char *filename, 
QEMUOptionParameter *options)
 int ret = -EIO;
 
 // Read out options
-while (options && options->name) {
-if (!strcmp(options->name, "size")) {
-total_sectors = options->value.n / 512;
-}
-options++;
-}
+total_sectors = get_option_parameter(options, BLOCK_OPT_SIZE)->value.n /
+BDRV_SECTOR_SIZE;
 
 // Create the file
 fd = open(filename, O_WRONLY | O_CREAT | O_TRUNC | O_BINARY, 0644);
-- 
1.7.2.3

[Qemu-devel] [PATCH 05/10] atapi: Allow GET_EVENT_STATUS_NOTIFICATION after media change

[Kevin Wolf]

From: Amit Shah 

After a media change, the only commands allowed from the guest were
REQUEST_SENSE and INQUIRY.  The guest may also issue
GET_EVENT_STATUS_NOTIFICATION commands to get media
changed notification.

Signed-off-by: Amit Shah 
Acked-by: Jes Sorensen 
Acked-by: Paolo Bonzini 
Signed-off-by: Kevin Wolf 
---
 hw/ide/core.c |   20 ++--
 1 files changed, 14 insertions(+), 6 deletions(-)

diff --git a/hw/ide/core.c b/hw/ide/core.c
index b5de22e..f0da95d 100644
--- a/hw/ide/core.c
+++ b/hw/ide/core.c
@@ -1102,13 +1102,21 @@ static void ide_atapi_cmd(IDEState *s)
 printf("\n");
 }
 #endif
-/* If there's a UNIT_ATTENTION condition pending, only
-   REQUEST_SENSE and INQUIRY commands are allowed to complete. */
+/*
+ * If there's a UNIT_ATTENTION condition pending, only
+ * REQUEST_SENSE, INQUIRY, GET_CONFIGURATION and
+ * GET_EVENT_STATUS_NOTIFICATION commands are allowed to complete.
+ * MMC-5, section 4.1.6.1 lists only these commands being allowed
+ * to complete, with other commands getting a CHECK condition
+ * response unless a higher priority status, defined by the drive
+ * here, is pending.
+ */
 if (s->sense_key == SENSE_UNIT_ATTENTION &&
-   s->io_buffer[0] != GPCMD_REQUEST_SENSE &&
-   s->io_buffer[0] != GPCMD_INQUIRY) {
-   ide_atapi_cmd_check_status(s);
-   return;
+s->io_buffer[0] != GPCMD_REQUEST_SENSE &&
+s->io_buffer[0] != GPCMD_INQUIRY &&
+s->io_buffer[0] != GPCMD_GET_EVENT_STATUS_NOTIFICATION) {
+ide_atapi_cmd_check_status(s);
+return;
 }
 switch(s->io_buffer[0]) {
 case GPCMD_TEST_UNIT_READY:
-- 
1.7.2.3

[Qemu-devel] [PATCH 07/10] atapi: GESN: Use structs for commonly-used field types

[Kevin Wolf]

From: Amit Shah 

Instead of using magic numbers, use structs that are more descriptive of
the fields being used.

Signed-off-by: Amit Shah 
Acked-by: Jes Sorensen 
Acked-by: Paolo Bonzini 
Signed-off-by: Kevin Wolf 
---
 hw/ide/core.c |   16 ++--
 1 files changed, 14 insertions(+), 2 deletions(-)

diff --git a/hw/ide/core.c b/hw/ide/core.c
index 4e4ade2..f976947 100644
--- a/hw/ide/core.c
+++ b/hw/ide/core.c
@@ -1088,11 +1088,23 @@ static void 
handle_get_event_status_notification(IDEState *s,
  uint8_t *buf,
  const uint8_t *packet)
 {
+struct {
+uint8_t opcode;
+uint8_t polled;/* lsb bit is polled; others are reserved */
+uint8_t reserved2[2];
+uint8_t class;
+uint8_t reserved3[2];
+uint16_t len;
+uint8_t control;
+} __attribute__((packed)) *gesn_cdb;
+
 unsigned int max_len;
 
-max_len = ube16_to_cpu(packet + 7);
+gesn_cdb = (void *)packet;
+max_len = be16_to_cpu(gesn_cdb->len);
 
-if (!(packet[1] & 0x01)) { /* asynchronous mode */
+/* It is fine by the MMC spec to not support async mode operations */
+if (!(gesn_cdb->polled & 0x01)) { /* asynchronous mode */
 /* Only polling is supported, asynchronous mode is not. */
 ide_atapi_cmd_error(s, SENSE_ILLEGAL_REQUEST,
 ASC_INV_FIELD_IN_CMD_PACKET);
-- 
1.7.2.3

[Qemu-devel] [PATCH 09/10] atapi: GESN: implement 'media' subcommand

[Kevin Wolf]

From: Amit Shah 

Implement the 'media' sub-command of the GET_EVENT_STATUS_NOTIFICATION
command.  This helps us report tray open, tray closed, no media, media
present states to the guest.

Newer Linux kernels (2.6.38+) rely on this command to revalidate discs
after media change.

This patch also sends out tray open/closed status to the guest driver
when requested e.g. via the CDROM_DRIVE_STATUS ioctl (thanks Markus).
Without such notification, the guest and qemu's tray open/close status
was frequently out of sync, causing installers like Anaconda detecting
no disc instead of tray open, confusing them terribly.

Signed-off-by: Amit Shah 
Acked-by: Jes Sorensen 
Acked-by: Paolo Bonzini 
Signed-off-by: Kevin Wolf 
---
 hw/ide/core.c |  113 +++--
 hw/ide/internal.h |6 +++
 2 files changed, 115 insertions(+), 4 deletions(-)

diff --git a/hw/ide/core.c b/hw/ide/core.c
index a38cc14..f028ddb 100644
--- a/hw/ide/core.c
+++ b/hw/ide/core.c
@@ -1084,6 +1084,48 @@ static int ide_dvd_read_structure(IDEState *s, int 
format,
 }
 }
 
+static unsigned int event_status_media(IDEState *s,
+   uint8_t *buf)
+{
+enum media_event_code {
+MEC_NO_CHANGE = 0,   /* Status unchanged */
+MEC_EJECT_REQUESTED, /* received a request from user to eject */
+MEC_NEW_MEDIA,   /* new media inserted and ready for access */
+MEC_MEDIA_REMOVAL,   /* only for media changers */
+MEC_MEDIA_CHANGED,   /* only for media changers */
+MEC_BG_FORMAT_COMPLETED, /* MRW or DVD+RW b/g format completed */
+MEC_BG_FORMAT_RESTARTED, /* MRW or DVD+RW b/g format restarted */
+};
+enum media_status {
+MS_TRAY_OPEN = 1,
+MS_MEDIA_PRESENT = 2,
+};
+uint8_t event_code, media_status;
+
+media_status = 0;
+if (s->bs->tray_open) {
+media_status = MS_TRAY_OPEN;
+} else if (bdrv_is_inserted(s->bs)) {
+media_status = MS_MEDIA_PRESENT;
+}
+
+/* Event notification descriptor */
+event_code = MEC_NO_CHANGE;
+if (media_status != MS_TRAY_OPEN && s->events.new_media) {
+event_code = MEC_NEW_MEDIA;
+s->events.new_media = false;
+}
+
+buf[4] = event_code;
+buf[5] = media_status;
+
+/* These fields are reserved, just clear them. */
+buf[6] = 0;
+buf[7] = 0;
+
+return 8; /* We wrote to 4 extra bytes from the header */
+}
+
 static void handle_get_event_status_notification(IDEState *s,
  uint8_t *buf,
  const uint8_t *packet)
@@ -1104,6 +1146,26 @@ static void 
handle_get_event_status_notification(IDEState *s,
 uint8_t supported_events;
 } __attribute((packed)) *gesn_event_header;
 
+enum notification_class_request_type {
+NCR_RESERVED1 = 1 << 0,
+NCR_OPERATIONAL_CHANGE = 1 << 1,
+NCR_POWER_MANAGEMENT = 1 << 2,
+NCR_EXTERNAL_REQUEST = 1 << 3,
+NCR_MEDIA = 1 << 4,
+NCR_MULTI_HOST = 1 << 5,
+NCR_DEVICE_BUSY = 1 << 6,
+NCR_RESERVED2 = 1 << 7,
+};
+enum event_notification_class_field {
+ENC_NO_EVENTS = 0,
+ENC_OPERATIONAL_CHANGE,
+ENC_POWER_MANAGEMENT,
+ENC_EXTERNAL_REQUEST,
+ENC_MEDIA,
+ENC_MULTIPLE_HOSTS,
+ENC_DEVICE_BUSY,
+ENC_RESERVED,
+};
 unsigned int max_len, used_len;
 
 gesn_cdb = (void *)packet;
@@ -1121,12 +1183,32 @@ static void 
handle_get_event_status_notification(IDEState *s,
 
 /* polling mode operation */
 
-/* We don't support any event class (yet). */
-gesn_event_header->supported_events = 0;
+/*
+ * These are the supported events.
+ *
+ * We currently only support requests of the 'media' type.
+ */
+gesn_event_header->supported_events = NCR_MEDIA;
 
-gesn_event_header->notification_class = 0x80; /* No event available */
-used_len = sizeof(*gesn_event_header);
+/*
+ * We use |= below to set the class field; other bits in this byte
+ * are reserved now but this is useful to do if we have to use the
+ * reserved fields later.
+ */
+gesn_event_header->notification_class = 0;
 
+/*
+ * Responses to requests are to be based on request priority.  The
+ * notification_class_request_type enum above specifies the
+ * priority: upper elements are higher prio than lower ones.
+ */
+if (gesn_cdb->class & NCR_MEDIA) {
+gesn_event_header->notification_class |= ENC_MEDIA;
+used_len = event_status_media(s, buf);
+} else {
+gesn_event_header->notification_class = 0x80; /* No event available */
+used_len = sizeof(*gesn_event_header);
+}
 gesn_event_header->len = cpu_to_be16(used_len
  - sizeof(*gesn_event_header));
 ide_atapi_cmd_reply(s, used_len, max_len

[Qemu-devel] [PATCH 06/10] atapi: Move GET_EVENT_STATUS_NOTIFICATION command handling to its own function

[Kevin Wolf]

From: Amit Shah 

This makes the code more readable.

Also, there's a block like:

if () {
  ...
} else {
  ...
}

Split that into

if () {
  ...
  return;
}
...

Signed-off-by: Amit Shah 
Acked-by: Jes Sorensen 
Acked-by: Paolo Bonzini 
Signed-off-by: Kevin Wolf 
---
 hw/ide/core.c |   37 -
 1 files changed, 24 insertions(+), 13 deletions(-)

diff --git a/hw/ide/core.c b/hw/ide/core.c
index f0da95d..4e4ade2 100644
--- a/hw/ide/core.c
+++ b/hw/ide/core.c
@@ -1084,6 +1084,29 @@ static int ide_dvd_read_structure(IDEState *s, int 
format,
 }
 }
 
+static void handle_get_event_status_notification(IDEState *s,
+ uint8_t *buf,
+ const uint8_t *packet)
+{
+unsigned int max_len;
+
+max_len = ube16_to_cpu(packet + 7);
+
+if (!(packet[1] & 0x01)) { /* asynchronous mode */
+/* Only polling is supported, asynchronous mode is not. */
+ide_atapi_cmd_error(s, SENSE_ILLEGAL_REQUEST,
+ASC_INV_FIELD_IN_CMD_PACKET);
+return;
+}
+
+/* polling */
+/* We don't support any event class (yet). */
+cpu_to_ube16(buf, 0x00); /* No event descriptor returned */
+buf[2] = 0x80;   /* No Event Available (NEA) */
+buf[3] = 0x00;   /* Empty supported event classes */
+ide_atapi_cmd_reply(s, 4, max_len);
+}
+
 static void ide_atapi_cmd(IDEState *s)
 {
 const uint8_t *packet;
@@ -1529,19 +1552,7 @@ static void ide_atapi_cmd(IDEState *s)
 break;
 }
 case GPCMD_GET_EVENT_STATUS_NOTIFICATION:
-max_len = ube16_to_cpu(packet + 7);
-
-if (packet[1] & 0x01) { /* polling */
-/* We don't support any event class (yet). */
-cpu_to_ube16(buf, 0x00); /* No event descriptor returned */
-buf[2] = 0x80;   /* No Event Available (NEA) */
-buf[3] = 0x00;   /* Empty supported event classes */
-ide_atapi_cmd_reply(s, 4, max_len);
-} else { /* asynchronous mode */
-/* Only polling is supported, asynchronous mode is not. */
-ide_atapi_cmd_error(s, SENSE_ILLEGAL_REQUEST,
-ASC_INV_FIELD_IN_CMD_PACKET);
-}
+handle_get_event_status_notification(s, buf, packet);
 break;
 default:
 ide_atapi_cmd_error(s, SENSE_ILLEGAL_REQUEST,
-- 
1.7.2.3

Re: [Qemu-devel] [PATCH 4/4] usb: use DPRINTF instead of printf for some simple cases

[Stefan Hajnoczi]

On Wed, Apr 13, 2011 at 10:45 AM, Brad Hards  wrote:
> Signed-off-by: Brad Hards 
> ---
>  usb-linux.c |   16 
>  1 files changed, 8 insertions(+), 8 deletions(-)

Some of these printfs look like they might be useful given that the
current USB support is known to be imperfect and frequently causes
questions from users.  By changing them to DPRINTF() you are making
these message available only to developers and not users.

Any thoughts from people who use or have written the usb-linux.c code?

Stefan

Re: [Qemu-devel] [PATCH 0/4] Minor USB fixes

[Stefan Hajnoczi]

On Wed, Apr 13, 2011 at 10:45 AM, Brad Hards  wrote:
> 1 fixes spellos in the mass-storage driver
> 2-4 fix issues in Linux usb pass-through code.

I left a comment on patch 4 and will wait for activity on that email
thread.  Otherwise these could go via the trivial-patches tree and
I'll add them once discussion has finished.

Stefan

[Qemu-devel] [PATCH] lm32: fix build breakage due to uninitialized variable 'r'

[Anthony Liguori]

gcc 4.5.2 correctly complains that r is potentially uninitialized in this
function.

Signed-off-by: Anthony Liguori 
---
 hw/milkymist-pfpu.c |2 +-
 roms/seabios|2 +-
 2 files changed, 2 insertions(+), 2 deletions(-)

diff --git a/hw/milkymist-pfpu.c b/hw/milkymist-pfpu.c
index 4831e00..94e6315 100644
--- a/hw/milkymist-pfpu.c
+++ b/hw/milkymist-pfpu.c
@@ -163,7 +163,7 @@ static int pfpu_decode_insn(MilkymistPFPUState *s)
 uint32_t reg_b = (insn >> 11) & 0x7f;
 uint32_t op = (insn >> 7) & 0xf;
 uint32_t reg_d = insn & 0x7f;
-uint32_t r;
+uint32_t r = 0;
 int latency = 0;
 
 switch (op) {
diff --git a/roms/seabios b/roms/seabios
index cc97564..06d0bdd 16
--- a/roms/seabios
+++ b/roms/seabios
@@ -1 +1 @@
-Subproject commit cc975646af69f279396d4d5e1379ac6af80ee637
+Subproject commit 06d0bdd9e2e20377b3180e4986b14c8549b393e4
-- 
1.7.4.1

[Qemu-devel] Question about maximum disk size of a dynamic hard disk

[Lyu Mitnick]

Hello Kevin, Stefan and all

There is a sentence "The maximum size of a dynamic hard disk is 2040 GB.
The actual size is restricted by the underlying disk hardware protocol. For
example,
ATA hard disks have a 127-GB limit" in VHD specification. This limitation
infected the
algorithm of block/vpc.c:calculate_geometry(). However, SATA disk is used
to
replace traditional IDE disk now. I am wondering whether is possible to
support that
VHD is bigger than 127-GB(SATA disk underlying)??

Thanks

Mitnick

Re: [Qemu-devel] [PATCH 4/4] usb: use DPRINTF instead of printf for some simple cases

[Hans de Goede]

Hi,

On 04/13/2011 11:45 AM, Brad Hards wrote:

Signed-off-by: Brad Hards
---
  usb-linux.c |   16 
  1 files changed, 8 insertions(+), 8 deletions(-)

diff --git a/usb-linux.c b/usb-linux.c
index 1f33c2c..b02a0f9 100644
--- a/usb-linux.c
+++ b/usb-linux.c
@@ -233,8 +233,8 @@ static void async_complete(void *opaque)
  return;
  }
  if (errno == ENODEV&&  !s->closing) {
-printf("husb: device %d.%d disconnected\n",
-   s->bus_num, s->addr);
+DPRINTF("husb: device %d.%d disconnected\n",
+s->bus_num, s->addr);
  usb_host_close(s);
  usb_host_auto_check(NULL);
  return;


I think this one should stay a regular printf, in case the disconnect is
unintentional people may think it is a qemu problem without the printf.


@@ -320,7 +320,7 @@ static int usb_host_claim_interfaces(USBHostDevice *dev, 
int configuration)
  }
  config_descr_len = dev->descr[i];

-printf("husb: config #%d need %d\n", dev->descr[i + 5], configuration);
+DPRINTF("husb: config #%d need %d\n", dev->descr[i + 5], 
configuration);

  if (configuration<  0 || configuration == dev->descr[i + 5]) {
  configuration = dev->descr[i + 5];


Ack.


@@ -359,7 +359,7 @@ static int usb_host_claim_interfaces(USBHostDevice *dev, 
int configuration)
  ret = ioctl(dev->fd, USBDEVFS_CLAIMINTERFACE,&interface);
  if (ret<  0) {
  if (errno == EBUSY) {
-printf("husb: update iface. device already grabbed\n");
+DPRINTF("husb: update iface. device already grabbed\n");
  } else {
  perror("husb: failed to claim interface");
  }


Nack, this is an error condition, so it should not be a DPRINTF.


@@ -368,8 +368,8 @@ static int usb_host_claim_interfaces(USBHostDevice *dev, 
int configuration)
  }
  }

-printf("husb: %d interfaces claimed for configuration %d\n",
-   nb_interfaces, configuration);
+DPRINTF("husb: %d interfaces claimed for configuration %d\n",
+nb_interfaces, configuration);

  dev->ninterfaces   = nb_interfaces;
  dev->configuration = configuration;


Ack.


@@ -929,7 +929,7 @@ static int usb_host_open(USBHostDevice *dev, int bus_num,
  if (dev->fd != -1) {
  goto fail;
  }
-printf("husb: open device %d.%d\n", bus_num, addr);
+DPRINTF("husb: open device %d.%d\n", bus_num, addr);

  if (!usb_host_device_path) {
  perror("husb: USB Host Device Path not set");


Ack.


@@ -984,7 +984,7 @@ static int usb_host_open(USBHostDevice *dev, int bus_num,
  goto fail;
  }

-printf("husb: grabbed usb device %d.%d\n", bus_num, addr);
+DPRINTF("husb: grabbed usb device %d.%d\n", bus_num, addr);

  ret = usb_linux_update_endp_table(dev);
  if (ret) {


Ack.

Re: [Qemu-devel] [PATCH] libcacard: fix opposite usage of isspace

[Hans de Goede]

This is the result of an of the list discussion with
me, and I can confirm this fixes the issues I was seeing:

Tested-by: Hans de Goede 

On 04/13/2011 01:42 PM, Alon Levy wrote:

Signed-off-by: Alon Levy
---
  libcacard/vcard_emul_nss.c |4 ++--
  1 files changed, 2 insertions(+), 2 deletions(-)

diff --git a/libcacard/vcard_emul_nss.c b/libcacard/vcard_emul_nss.c
index 71f2ba3..baada52 100644
--- a/libcacard/vcard_emul_nss.c
+++ b/libcacard/vcard_emul_nss.c
@@ -955,7 +955,7 @@ count_tokens(const char *str, char token, char token_end)
  static const char *
  strip(const char *str)
  {
-for (; *str&&  !isspace(*str); str++) {
+for (; *str&&  isspace(*str); str++) {
  }
  return str;
  }
@@ -963,7 +963,7 @@ strip(const char *str)
  static const char *
  find_blank(const char *str)
  {
-for (; *str&&  isspace(*str); str++) {
+for (; *str&&  !isspace(*str); str++) {
  }
  return str;
  }

Re: [Qemu-devel] Question about maximum disk size of a dynamic hard disk

[Kevin Wolf]

Am 13.04.2011 14:47, schrieb Lyu Mitnick:
> Hello Kevin, Stefan and all
> 
> There is a sentence "The maximum size of a dynamic hard disk is 2040 GB. 
> The actual size is restricted by the underlying disk hardware protocol.
> For example, 
> ATA hard disks have a 127-GB limit" in VHD specification. This
> limitation infected the
> algorithm of block/vpc.c:calculate_geometry(). However, SATA disk is
> used to 
> replace traditional IDE disk now. I am wondering whether is possible to
> support that
> VHD is bigger than 127-GB(SATA disk underlying)??

The important thing is here really what VirtualPC can handle. I think
when I implemented qemu's write support for VHD back then, I wasn't able
to get VPC to cope with large images. If you want to know whether this
limitation still makes sense with current VPC versions, you need to
install VPC and try it out.

Kevin

Re: [Qemu-devel] [PATCH] lm32: fix build breakage due to uninitialized variable 'r'

[Stefan Hajnoczi]

On Wed, Apr 13, 2011 at 1:43 PM, Anthony Liguori  wrote:
> diff --git a/roms/seabios b/roms/seabios
> index cc97564..06d0bdd 16
> --- a/roms/seabios
> +++ b/roms/seabios
> @@ -1 +1 @@
> -Subproject commit cc975646af69f279396d4d5e1379ac6af80ee637
> +Subproject commit 06d0bdd9e2e20377b3180e4986b14c8549b393e4

This doesn't look intentional.

I've had the same problem when using git commit -a.  Any suggestions
to avoid adding these submodule commits by mistake?

Stefan

Re: [Qemu-devel] [PATCH V12 05/17] xen: Add xenfv machine

[Jan Kiszka]

On 2011-04-13 13:49, Stefano Stabellini wrote:
> On Wed, 13 Apr 2011, Jan Kiszka wrote:
>> On 2011-04-13 12:56, Stefano Stabellini wrote:
>>> On Tue, 12 Apr 2011, Jan Kiszka wrote:
 Well, either you have a use for the VCPU state (how do you do migration
 in Xen without it?), or you should probably teach QEMU in a careful &
 clean way to run its device model without VCPUs - and without any
 TCG-related memory consumption. For the latter, you would likely receive
 kudos from KVM people as well.

 BTW, if you happen to support that crazy vmport under Xen, not updating
 the VCPU state will break your neck. Also, lacking VCPUs prevent the
 usage of analysis and debugging features of QEMU (monitor, gdbstub).
>>>
>>> We don't use the vcpu state in qemu because qemu takes care of device
>>> emulation only; under xen the vcpu state is saved and restored by the
>>> hypervisor.
>>
>> Just out of curiosity: So you are extracting the device states out of
>> QEMU on migration, do the same with the VCPU states from the hypervisor
>> (which wouldn't be that different from KVM in fact), and then transfer
>> that to the destination node? Is there a technical or historical reason
>> for this split-up? I mean, you still need some managing instance that
>> does the state transportation and VM control on both sides, i.e. someone
>> for the job that QEMU is doing for TCG or KVM migrations.
> 
> That someone is the "toolstack", I guess libvirt would be the closest
> thing to our toolstack in the kvm world.
> The reason why we have a toolstack performing this task rather than qemu
> is that pure PV guests don't need device emulation, so we don't even
> have qemu running most of the times if there are only linux guests
> installed in the system.

Ah, for that use case it makes some sense to me.

I bet there would also be some value in consolidating the "toolstack"
functionality over bare qemu/libvirt infrastructure (if we ignored all
existing interfaces and dependencies for a moment).

Thanks,
Jan

-- 
Siemens AG, Corporate Technology, CT T DE IT 1
Corporate Competence Center Embedded Linux

Re: [Qemu-devel] [PATCH 2/2 V7] qemu, qmp: add inject-nmi qmp command

[Luiz Capitulino]

On Tue, 12 Apr 2011 21:31:18 +0300
Blue Swirl  wrote:

> On Tue, Apr 12, 2011 at 10:52 AM, Avi Kivity  wrote:
> > On 04/11/2011 08:15 PM, Blue Swirl wrote:
> >>
> >> On Mon, Apr 11, 2011 at 10:01 AM, Markus Armbruster
> >>  wrote:
> >> >  Avi Kivity  writes:
> >> >
> >> >>  On 04/08/2011 12:41 AM, Anthony Liguori wrote:
> >> >>>
> >> >>>  And it's a good thing to have, but exposing this as the only API to
> >> >>>  do something as simple as generating a guest crash dump is not the
> >> >>>  friendliest thing in the world to do to users.
> >> >>
> >> >>  nmi is a fine name for something that corresponds to a real-life nmi
> >> >>  button (often labeled "NMI").
> >> >
> >> >  Agree.
> >>
> >> We could also introduce an alias mechanism for user friendly names, so
> >> nmi could be used in addition of full path. Aliases could be useful
> >> for device paths as well.
> >
> > Yes.  Perhaps limited to the human monitor.
> 
> I'd limit all debugging commands (including NMI) to the human monitor.

Why?

Re: [Qemu-devel] [PATCH] lm32: fix build breakage due to uninitialized variable 'r'

[Anthony Liguori]

On 04/13/2011 08:04 AM, Stefan Hajnoczi wrote:

On Wed, Apr 13, 2011 at 1:43 PM, Anthony Liguori  wrote:

diff --git a/roms/seabios b/roms/seabios
index cc97564..06d0bdd 16
--- a/roms/seabios
+++ b/roms/seabios
@@ -1 +1 @@
-Subproject commit cc975646af69f279396d4d5e1379ac6af80ee637
+Subproject commit 06d0bdd9e2e20377b3180e4986b14c8549b393e4

This doesn't look intentional.


!~@#!@#!@#


I've had the same problem when using git commit -a.  Any suggestions
to avoid adding these submodule commits by mistake?


I've been meaning to just look at fixing git submodule.  The problem is 
that when you move between branches, the submodule doesn't get updated 
correctly.


Regards,

Anthony Liguori


Stefan

[Qemu-devel] [PATCH] qemu-img: allow rebase to a NULL backing file when unsafe

[Stefan Hajnoczi]

From: Anthony Liguori 

QEMU can drop a backing file so that an image file no longer depends on
the backing file, but this feature has not been exposed in qemu-img.
This is useful in an image streaming usecase or when an image file has
been fully allocated and no reads can hit the backing file anymore.

Since the dropping the backing file can make the image unusable, only
allow this when the unsafe flag has been set.

Signed-off-by: Anthony Liguori 
Signed-off-by: Stefan Hajnoczi 
---
 qemu-img.c |2 +-
 1 files changed, 1 insertions(+), 1 deletions(-)

diff --git a/qemu-img.c b/qemu-img.c
index d9c2c12..ed5ba91 100644
--- a/qemu-img.c
+++ b/qemu-img.c
@@ -1240,7 +1240,7 @@ static int img_rebase(int argc, char **argv)
 }
 }
 
-if ((optind >= argc) || !out_baseimg) {
+if ((optind >= argc) || (!unsafe && !out_baseimg)) {
 help();
 }
 filename = argv[optind++];
-- 
1.7.4.1

Re: [Qemu-devel] [PATCH 08/19] target-alpha: use new float64_unordered() function

[Peter Maydell]

On 12 April 2011 22:59, Aurelien Jarno  wrote:
> Use float64_unordered() in helper_cmptun() instead of doing the
> the comparison manually. This also fixes the wrong behaviours with
> sNaNs.
>
> Signed-off-by: Aurelien Jarno 
> ---
>  target-alpha/op_helper.c |    5 +++--
>  1 files changed, 3 insertions(+), 2 deletions(-)
>
> diff --git a/target-alpha/op_helper.c b/target-alpha/op_helper.c
> index 6c2ae20..e07ae69 100644
> --- a/target-alpha/op_helper.c
> +++ b/target-alpha/op_helper.c
> @@ -904,10 +904,11 @@ uint64_t helper_cmptun (uint64_t a, uint64_t b)
>     fa = t_to_float64(a);
>     fb = t_to_float64(b);
>
> -    if (float64_is_quiet_nan(fa) || float64_is_quiet_nan(fb))
> +    if (float64_unordered(fa, fb, &FP_STATUS)) {
>         return 0x4000ULL;
> -    else
> +    } else {
>         return 0;
> +    }
>  }

I'm not sure this is right. The Alpha Architecture Handbook is a
bit opaque, but the Compiler Writer's Guide is clearer:
www.compaq.com/cpq-alphaserver/technology/literature/cmpwrgd.pdf
page D-4 says that CMPTUN (like CMPTEQ) should generate InvalidOp
for SNaNs but not for QNaNs. (Contrast CMPTLT, CMPTLE, which set
InvalidOp for both SNaNs and QNaNs.)

So I think you want the _quiet version here. (And helper_cmpteq
needs to use float64_eq_quiet rather than float64_eq.)

-- PMM

Re: [Qemu-devel] [PATCH 16/19] target-alpha: fix wrong usage of float64_eq_quiet()

[Peter Maydell]

On 12 April 2011 22:59, Aurelien Jarno  wrote:
> On alpha, all NaN should trap during a comparison, not only sNaN. Fix
> this by using float64_eq() instead of float64_eq_quiet().

The Compiler Writer's Guide disagrees with you:
www.compaq.com/cpq-alphaserver/technology/literature/cmpwrgd.pdf
page D-4 says CMPTEQ and CMPTUN only raise InvalidOp for SNaN.
(the Architecture Handbook is a little less clear but I think
the equivalent table is pages B-8 and B-9).

So I think this patch which changes helper_cmpteq() isn't needed.

-- PMM

Re: [Qemu-devel] [PATCH V12 05/17] xen: Add xenfv machine

[Stefano Stabellini]

On Wed, 13 Apr 2011, Jan Kiszka wrote:
> On 2011-04-13 13:49, Stefano Stabellini wrote:
> > On Wed, 13 Apr 2011, Jan Kiszka wrote:
> >> On 2011-04-13 12:56, Stefano Stabellini wrote:
> >>> On Tue, 12 Apr 2011, Jan Kiszka wrote:
>  Well, either you have a use for the VCPU state (how do you do migration
>  in Xen without it?), or you should probably teach QEMU in a careful &
>  clean way to run its device model without VCPUs - and without any
>  TCG-related memory consumption. For the latter, you would likely receive
>  kudos from KVM people as well.
> 
>  BTW, if you happen to support that crazy vmport under Xen, not updating
>  the VCPU state will break your neck. Also, lacking VCPUs prevent the
>  usage of analysis and debugging features of QEMU (monitor, gdbstub).
> >>>
> >>> We don't use the vcpu state in qemu because qemu takes care of device
> >>> emulation only; under xen the vcpu state is saved and restored by the
> >>> hypervisor.
> >>
> >> Just out of curiosity: So you are extracting the device states out of
> >> QEMU on migration, do the same with the VCPU states from the hypervisor
> >> (which wouldn't be that different from KVM in fact), and then transfer
> >> that to the destination node? Is there a technical or historical reason
> >> for this split-up? I mean, you still need some managing instance that
> >> does the state transportation and VM control on both sides, i.e. someone
> >> for the job that QEMU is doing for TCG or KVM migrations.
> > 
> > That someone is the "toolstack", I guess libvirt would be the closest
> > thing to our toolstack in the kvm world.
> > The reason why we have a toolstack performing this task rather than qemu
> > is that pure PV guests don't need device emulation, so we don't even
> > have qemu running most of the times if there are only linux guests
> > installed in the system.
> 
> Ah, for that use case it makes some sense to me.
> 
> I bet there would also be some value in consolidating the "toolstack"
> functionality over bare qemu/libvirt infrastructure (if we ignored all
> existing interfaces and dependencies for a moment).

We have a libxenlight driver for libvirt already: it doesn't support
migration yet but when it does it will probably reuse the libvirt
infrastructure for doing that.
However it is probably going to be libvirt to make the libxenlight calls
to perfom the VCPU save/restore so that we don't add a qemu dependency
for traditional pv guests...

Re: [Qemu-devel] [PATCH] Slirp reverse UDP firewall

[Daisuke Nojiri]

Thanks, Jan. I split my patch into three and started a new thread. I also
put all options in -net user. Yes, TCP firewall is coming. You'll see some
of the added functions will be shared.

Dai

On Tue, Apr 12, 2011 at 9:38 AM, Jan Kiszka  wrote:

> On 2011-04-12 18:19, Daisuke Nojiri wrote:
> > This patch adds: -drop-udp, -allow-udp ADDR:PORT, -drop-log FILE
> >
> >   e.g.) $ qemu -net user -drop-log qemu.drop -drop-udp -allow-udp
> > 10.0.2.3:53
>
> No more stand-alone slirp arguments please. That syntax breaks when
> instantiating >1 back-ends.
>
> >
> > -drop-udp enables usermode firewall for out-going UDP packats from a
> guest.
> > All UDP packets except ones allowed by -allow-udp will be dropped.
> Dropped
> > packets are logged in the file specified by FILE. PORT can be a single
> > number
> > (e.g. 53) or a range (e.g. [80-81]). If ADDR is ommitted, all addresses
> > match
> > the rule.
>
> Will we see a TCP firewall as well? Can we prepare for a more generic
> infrastructure, or what makes UDP special?
>
> Also, please break up in smaller bits (example: logging would be a
> separate topic). And make sure that your patches aren't line-wrapped.
>
> Thanks,
> Jan
>
> --
> Siemens AG, Corporate Technology, CT T DE IT 1
> Corporate Competence Center Embedded Linux
>

Re: [Qemu-devel] [PATCH 08/19] target-alpha: use new float64_unordered() function

[Peter Maydell]

On 13 April 2011 16:38, Richard Henderson  wrote:
> [ Odd, the original thread doesn't seem to have arrived here. ]
>
> On 04/13/2011 07:52 AM, Peter Maydell wrote:
>> So I think you want the _quiet version here. (And helper_cmpteq
>> needs to use float64_eq_quiet rather than float64_eq.)
>
> Yes, the _quiet version is what's needed for all comparisons.

Really all comparisons, including CMPTLT, CMPTLE?

> (It looks like some of the Alpha code can be cleaned up a bit.
> I don't recall flush_inputs_to_zero option being there before,
> and we do that by hand in helper_ieee_input*.)

Yes, I added that softfloat feature for the benefit of ARM's
flush-to-zero mode.

-- PMM

Re: [Qemu-devel] [PATCH 00/19] softfloat and FPU fixes/improvements

[Peter Maydell]

On 12 April 2011 22:59, Aurelien Jarno  wrote:
> This patch series started with the goal of improving the build of
> target-i386 with softfloat (instead of softfloat-native), but it slowly
> became a collection of fixes and improvements with regard to softfloat
> and targets FPU.

For patches 01 02 03 04 05 06 07 09 10 11 12 13 14 18 19
[but not 08 15 16 17]:

Reviewed-by: Peter Maydell 

-- PMM

Re: [Qemu-devel] [Bug 757702] Re: Undefined instruction exception starts at offset 0x8 instead of 0x4

[Anup Patel]

I think you are right. This seems to be more of a GDB issue.

Any ways thanks for your support.

--Anup

On Wed, Apr 13, 2011 at 5:24 PM, Peter Maydell
wrote:

> > Were you able to replicate the problem with the steps that I had
> mentioned ?
> > The key thing is is if you don't set breakpoint at 0x4 or 0x8 just follow
> > the execution flow using "si" command of GDB.
> > You will definitely hit the problem.
>
> Ah, I had to find a different gdb to reproduce this with (arm-none-eabi-
> gdb from the 2010.09 codesourcery toolchain). That gdb does single-step-
> insn by asking the target to single step, and you get the behaviour
> above. The gdb I was using does single-step-insn by setting breakpoints
> at where it thinks the next insn will be, which means that "si" on the
> UNDEF never returns because gdb has set a bp at 0x10005c which we of
> course never hit. With the codesourcery gdb I see 'si' having the
> behaviour you describe above.
>
> However:
>
> (gdb) target remote :1234
> Remote debugging using :1234
> 0x0010 in ?? ()
> (gdb) break *0x4
> Breakpoint 1 at 0x4
> (gdb) si
> 0x00100054 in ?? ()
> (gdb) si
> 0x00100058 in ?? ()
> (gdb) si
>
> Breakpoint 1, 0x0004 in ?? ()
>
> ie if we set an explicit breakpoint at 0x4 we do hit it. I think it's
> just that the singlestep doesn't do what you expect: instead of stopping
> before we execute the instruction at the UNDEF vector, we first execute
> it and then stop afterwards [this sort of makes a twisted kind of sense
> if you think about it -- we never actually executed the UNDEF insn
> because we took the exception first, so single-step executes exactly one
> instruction which is the one at 0x4. However it's hopelessly confusing
> for the user so I'd consider it a bug.]
>
> Can you confirm that if you set the breakpoint as I do in the transcript
> above you see the same output?
>
> So I think that what is happening here is that misbehaviour by qemu's
> gdb interface is confusing you, rather than the actual qemu ARM
> implementation being wrong.
>
> If you revise your test program so that it installs some actual code
> into the vectors rather than leaving them all as NOPs I think this will
> be more obvious.
>
> --
> You received this bug notification because you are a direct subscriber
> of the bug.
> https://bugs.launchpad.net/bugs/757702
>
> Title:
>  Undefined instruction exception starts at offset 0x8 instead of 0x4
>
> Status in QEMU:
>  New
>
> Bug description:
>  ARMv7a has lot of undefined instruction from its instruction opcode
>  space. This undefined instructions are very useful for replacing
>  sensitive non-priviledged instructions of guest operating systems
>  (virtualization). The undefined instruction exception executes at
>   + 0x4, where  can be 0x0 or
>  0xfff0. Currently, in qemu 0.14.0 undefined instruction fault at
>  0x8 offset instead of 0x4. This was not a problem with qemu 0.13.0,
>  seems like this is a new bug. As as example, if we try to execute
>  value "0xec019800" in qemu 0.14.0 then it should cause undefined
>  exception at +0x4 since "0xec019800" is an undefined
>  instruction.
>
> To unsubscribe from this bug, go to:
> https://bugs.launchpad.net/qemu/+bug/757702/+subscribe
>

-- 
You received this bug notification because you are a member of qemu-
devel-ml, which is subscribed to QEMU.
https://bugs.launchpad.net/bugs/757702

Title:
  Undefined instruction exception starts at offset 0x8 instead of 0x4

Status in QEMU:
  New

Bug description:
  ARMv7a has lot of undefined instruction from its instruction opcode
  space. This undefined instructions are very useful for replacing
  sensitive non-priviledged instructions of guest operating systems
  (virtualization). The undefined instruction exception executes at
   + 0x4, where  can be 0x0 or
  0xfff0. Currently, in qemu 0.14.0 undefined instruction fault at
  0x8 offset instead of 0x4. This was not a problem with qemu 0.13.0,
  seems like this is a new bug. As as example, if we try to execute
  value "0xec019800" in qemu 0.14.0 then it should cause undefined
  exception at +0x4 since "0xec019800" is an undefined
  instruction.

[Qemu-devel] [Bug 757702] Re: ARM: singlestepping insn which UNDEFs should stop at UNDEF vector insn, not after it

[Peter Maydell]

> I think you are right. This seems to be more of a GDB issue.

The debug stub is still part of QEMU, so let's not close this bug just
yet :-)


** Summary changed:

- Undefined instruction exception starts at offset 0x8 instead of 0x4
+ ARM: singlestepping insn which UNDEFs should stop at UNDEF vector insn, not 
after it

-- 
You received this bug notification because you are a member of qemu-
devel-ml, which is subscribed to QEMU.
https://bugs.launchpad.net/bugs/757702

Title:
  ARM: singlestepping insn which UNDEFs should stop at UNDEF vector
  insn, not after it

Status in QEMU:
  New

Bug description:
  ARMv7a has lot of undefined instruction from its instruction opcode
  space. This undefined instructions are very useful for replacing
  sensitive non-priviledged instructions of guest operating systems
  (virtualization). The undefined instruction exception executes at
   + 0x4, where  can be 0x0 or
  0xfff0. Currently, in qemu 0.14.0 undefined instruction fault at
  0x8 offset instead of 0x4. This was not a problem with qemu 0.13.0,
  seems like this is a new bug. As as example, if we try to execute
  value "0xec019800" in qemu 0.14.0 then it should cause undefined
  exception at +0x4 since "0xec019800" is an undefined
  instruction.

[Qemu-devel] [PATCH 1/4] [arm] trivial whitespace/indentation fixes

[Lluís]

Signed-off-by: Lluís Vilanova 
---
 target-arm/helper.c|  246 ++--
 target-arm/iwmmxt_helper.c |   28 +++--
 target-arm/translate.c |   26 ++---
 3 files changed, 150 insertions(+), 150 deletions(-)

diff --git a/target-arm/helper.c b/target-arm/helper.c
index 9172fc7..d2e0bf4 100644
--- a/target-arm/helper.c
+++ b/target-arm/helper.c
@@ -959,7 +959,7 @@ static uint32_t get_level1_table_address(CPUState *env, 
uint32_t address)
 }
 
 static int get_phys_addr_v5(CPUState *env, uint32_t address, int access_type,
-   int is_user, uint32_t *phys_ptr, int *prot,
+int is_user, uint32_t *phys_ptr, int *prot,
 target_ulong *page_size)
 {
 int code;
@@ -996,13 +996,13 @@ static int get_phys_addr_v5(CPUState *env, uint32_t 
address, int access_type,
 *page_size = 1024 * 1024;
 } else {
 /* Lookup l2 entry.  */
-   if (type == 1) {
-   /* Coarse pagetable.  */
-   table = (desc & 0xfc00) | ((address >> 10) & 0x3fc);
-   } else {
-   /* Fine pagetable.  */
-   table = (desc & 0xf000) | ((address >> 8) & 0xffc);
-   }
+if (type == 1) {
+/* Coarse pagetable.  */
+table = (desc & 0xfc00) | ((address >> 10) & 0x3fc);
+} else {
+/* Fine pagetable.  */
+table = (desc & 0xf000) | ((address >> 8) & 0xffc);
+}
 desc = ldl_phys(table);
 switch (desc & 3) {
 case 0: /* Page translation fault.  */
@@ -1019,17 +1019,17 @@ static int get_phys_addr_v5(CPUState *env, uint32_t 
address, int access_type,
 *page_size = 0x1000;
 break;
 case 3: /* 1k page.  */
-   if (type == 1) {
-   if (arm_feature(env, ARM_FEATURE_XSCALE)) {
-   phys_addr = (desc & 0xf000) | (address & 0xfff);
-   } else {
-   /* Page translation fault.  */
-   code = 7;
-   goto do_fault;
-   }
-   } else {
-   phys_addr = (desc & 0xfc00) | (address & 0x3ff);
-   }
+if (type == 1) {
+if (arm_feature(env, ARM_FEATURE_XSCALE)) {
+phys_addr = (desc & 0xf000) | (address & 0xfff);
+} else {
+/* Page translation fault.  */
+code = 7;
+goto do_fault;
+}
+} else {
+phys_addr = (desc & 0xfc00) | (address & 0x3ff);
+}
 ap = (desc >> 4) & 3;
 *page_size = 0x400;
 break;
@@ -1052,7 +1052,7 @@ do_fault:
 }
 
 static int get_phys_addr_v6(CPUState *env, uint32_t address, int access_type,
-   int is_user, uint32_t *phys_ptr, int *prot,
+int is_user, uint32_t *phys_ptr, int *prot,
 target_ulong *page_size)
 {
 int code;
@@ -1155,7 +1155,7 @@ do_fault:
 }
 
 static int get_phys_addr_mpu(CPUState *env, uint32_t address, int access_type,
-int is_user, uint32_t *phys_ptr, int *prot)
+ int is_user, uint32_t *phys_ptr, int *prot)
 {
 int n;
 uint32_t mask;
@@ -1163,52 +1163,52 @@ static int get_phys_addr_mpu(CPUState *env, uint32_t 
address, int access_type,
 
 *phys_ptr = address;
 for (n = 7; n >= 0; n--) {
-   base = env->cp15.c6_region[n];
-   if ((base & 1) == 0)
-   continue;
-   mask = 1 << ((base >> 1) & 0x1f);
-   /* Keep this shift separate from the above to avoid an
-  (undefined) << 32.  */
-   mask = (mask << 1) - 1;
-   if (((base ^ address) & ~mask) == 0)
-   break;
+base = env->cp15.c6_region[n];
+if ((base & 1) == 0)
+continue;
+mask = 1 << ((base >> 1) & 0x1f);
+/* Keep this shift separate from the above to avoid an
+   (undefined) << 32.  */
+mask = (mask << 1) - 1;
+if (((base ^ address) & ~mask) == 0)
+break;
 }
 if (n < 0)
-   return 2;
+return 2;
 
 if (access_type == 2) {
-   mask = env->cp15.c5_insn;
+mask = env->cp15.c5_insn;
 } else {
-   mask = env->cp15.c5_data;
+mask = env->cp15.c5_data;
 }
 mask = (mask >> (n * 4)) & 0xf;
 switch (mask) {
 case 0:
-   return 1;
+return 1;
 case 1:
-   if (is_user)
- return 1;
-   *prot = PAGE_READ | PAGE_WRITE;
-   break;
+if (is_user)
+  return 1;
+*prot = PAGE_READ | PAGE_WRITE;
+break;
 case 2:
-   *prot = PAGE_READ;
-   if (!is_user)
-   *prot |= PAGE_WRITE;
-   break;
+*prot = PAGE_READ;
+if (!is_user)
+*prot |= PAGE_WRITE;
+break;
 case 3:
-  

[Qemu-devel] [PATCH 3/4] [m68k] trivial whitespace/indentation fixes

[Lluís]

Signed-off-by: Lluís Vilanova 
---
 target-m68k/translate.c |2 +-
 1 files changed, 1 insertions(+), 1 deletions(-)

diff --git a/target-m68k/translate.c b/target-m68k/translate.c
index 038c0af..15a650e 100644
--- a/target-m68k/translate.c
+++ b/target-m68k/translate.c
@@ -3022,7 +3022,7 @@ gen_intermediate_code_internal(CPUState *env, 
TranslationBlock *tb,
 if (num_insns + 1 == max_insns && (tb->cflags & CF_LAST_IO))
 gen_io_start();
 dc->insn_pc = dc->pc;
-   disas_m68k_insn(env, dc);
+disas_m68k_insn(env, dc);
 num_insns++;
 } while (!dc->is_jmp && gen_opc_ptr < gen_opc_end &&
  !env->singlestep_enabled &&

[Qemu-devel] [PATCH 4/4] [m68k] move helpers.h to helper.h

[Lluís]

This provides a consistent naming scheme across all targets.

Signed-off-by: Lluís Vilanova 
---
 target-m68k/helper.c|2 +-
 target-m68k/helper.h|   54 +++
 target-m68k/helpers.h   |   54 ---
 target-m68k/op_helper.c |2 +-
 target-m68k/translate.c |6 +++--
 5 files changed, 59 insertions(+), 59 deletions(-)
 create mode 100644 target-m68k/helper.h
 delete mode 100644 target-m68k/helpers.h

diff --git a/target-m68k/helper.c b/target-m68k/helper.c
index 514b039..6dc275a 100644
--- a/target-m68k/helper.c
+++ b/target-m68k/helper.c
@@ -27,7 +27,7 @@
 #include "qemu-common.h"
 #include "gdbstub.h"
 
-#include "helpers.h"
+#include "helper.h"
 
 #define SIGNBIT (1u << 31)
 
diff --git a/target-m68k/helper.h b/target-m68k/helper.h
new file mode 100644
index 000..cb8a0c7
--- /dev/null
+++ b/target-m68k/helper.h
@@ -0,0 +1,54 @@
+#include "def-helper.h"
+
+DEF_HELPER_1(bitrev, i32, i32)
+DEF_HELPER_1(ff1, i32, i32)
+DEF_HELPER_2(sats, i32, i32, i32)
+DEF_HELPER_2(divu, void, env, i32)
+DEF_HELPER_2(divs, void, env, i32)
+DEF_HELPER_3(addx_cc, i32, env, i32, i32)
+DEF_HELPER_3(subx_cc, i32, env, i32, i32)
+DEF_HELPER_3(shl_cc, i32, env, i32, i32)
+DEF_HELPER_3(shr_cc, i32, env, i32, i32)
+DEF_HELPER_3(sar_cc, i32, env, i32, i32)
+DEF_HELPER_2(xflag_lt, i32, i32, i32)
+DEF_HELPER_2(set_sr, void, env, i32)
+DEF_HELPER_3(movec, void, env, i32, i32)
+
+DEF_HELPER_2(f64_to_i32, f32, env, f64)
+DEF_HELPER_2(f64_to_f32, f32, env, f64)
+DEF_HELPER_2(i32_to_f64, f64, env, i32)
+DEF_HELPER_2(f32_to_f64, f64, env, f32)
+DEF_HELPER_2(iround_f64, f64, env, f64)
+DEF_HELPER_2(itrunc_f64, f64, env, f64)
+DEF_HELPER_2(sqrt_f64, f64, env, f64)
+DEF_HELPER_1(abs_f64, f64, f64)
+DEF_HELPER_1(chs_f64, f64, f64)
+DEF_HELPER_3(add_f64, f64, env, f64, f64)
+DEF_HELPER_3(sub_f64, f64, env, f64, f64)
+DEF_HELPER_3(mul_f64, f64, env, f64, f64)
+DEF_HELPER_3(div_f64, f64, env, f64, f64)
+DEF_HELPER_3(sub_cmp_f64, f64, env, f64, f64)
+DEF_HELPER_2(compare_f64, i32, env, f64)
+
+DEF_HELPER_3(mac_move, void, env, i32, i32)
+DEF_HELPER_3(macmulf, i64, env, i32, i32)
+DEF_HELPER_3(macmuls, i64, env, i32, i32)
+DEF_HELPER_3(macmulu, i64, env, i32, i32)
+DEF_HELPER_2(macsats, void, env, i32)
+DEF_HELPER_2(macsatu, void, env, i32)
+DEF_HELPER_2(macsatf, void, env, i32)
+DEF_HELPER_2(mac_set_flags, void, env, i32)
+DEF_HELPER_2(set_macsr, void, env, i32)
+DEF_HELPER_2(get_macf, i32, env, i64)
+DEF_HELPER_1(get_macs, i32, i64)
+DEF_HELPER_1(get_macu, i32, i64)
+DEF_HELPER_2(get_mac_extf, i32, env, i32)
+DEF_HELPER_2(get_mac_exti, i32, env, i32)
+DEF_HELPER_3(set_mac_extf, void, env, i32, i32)
+DEF_HELPER_3(set_mac_exts, void, env, i32, i32)
+DEF_HELPER_3(set_mac_extu, void, env, i32, i32)
+
+DEF_HELPER_2(flush_flags, void, env, i32)
+DEF_HELPER_1(raise_exception, void, i32)
+
+#include "def-helper.h"
diff --git a/target-m68k/helpers.h b/target-m68k/helpers.h
deleted file mode 100644
index cb8a0c7..000
--- a/target-m68k/helpers.h
+++ /dev/null
@@ -1,54 +0,0 @@
-#include "def-helper.h"
-
-DEF_HELPER_1(bitrev, i32, i32)
-DEF_HELPER_1(ff1, i32, i32)
-DEF_HELPER_2(sats, i32, i32, i32)
-DEF_HELPER_2(divu, void, env, i32)
-DEF_HELPER_2(divs, void, env, i32)
-DEF_HELPER_3(addx_cc, i32, env, i32, i32)
-DEF_HELPER_3(subx_cc, i32, env, i32, i32)
-DEF_HELPER_3(shl_cc, i32, env, i32, i32)
-DEF_HELPER_3(shr_cc, i32, env, i32, i32)
-DEF_HELPER_3(sar_cc, i32, env, i32, i32)
-DEF_HELPER_2(xflag_lt, i32, i32, i32)
-DEF_HELPER_2(set_sr, void, env, i32)
-DEF_HELPER_3(movec, void, env, i32, i32)
-
-DEF_HELPER_2(f64_to_i32, f32, env, f64)
-DEF_HELPER_2(f64_to_f32, f32, env, f64)
-DEF_HELPER_2(i32_to_f64, f64, env, i32)
-DEF_HELPER_2(f32_to_f64, f64, env, f32)
-DEF_HELPER_2(iround_f64, f64, env, f64)
-DEF_HELPER_2(itrunc_f64, f64, env, f64)
-DEF_HELPER_2(sqrt_f64, f64, env, f64)
-DEF_HELPER_1(abs_f64, f64, f64)
-DEF_HELPER_1(chs_f64, f64, f64)
-DEF_HELPER_3(add_f64, f64, env, f64, f64)
-DEF_HELPER_3(sub_f64, f64, env, f64, f64)
-DEF_HELPER_3(mul_f64, f64, env, f64, f64)
-DEF_HELPER_3(div_f64, f64, env, f64, f64)
-DEF_HELPER_3(sub_cmp_f64, f64, env, f64, f64)
-DEF_HELPER_2(compare_f64, i32, env, f64)
-
-DEF_HELPER_3(mac_move, void, env, i32, i32)
-DEF_HELPER_3(macmulf, i64, env, i32, i32)
-DEF_HELPER_3(macmuls, i64, env, i32, i32)
-DEF_HELPER_3(macmulu, i64, env, i32, i32)
-DEF_HELPER_2(macsats, void, env, i32)
-DEF_HELPER_2(macsatu, void, env, i32)
-DEF_HELPER_2(macsatf, void, env, i32)
-DEF_HELPER_2(mac_set_flags, void, env, i32)
-DEF_HELPER_2(set_macsr, void, env, i32)
-DEF_HELPER_2(get_macf, i32, env, i64)
-DEF_HELPER_1(get_macs, i32, i64)
-DEF_HELPER_1(get_macu, i32, i64)
-DEF_HELPER_2(get_mac_extf, i32, env, i32)
-DEF_HELPER_2(get_mac_exti, i32, env, i32)
-DEF_HELPER_3(set_mac_extf, void, env, i32, i32)
-DEF_HELPER_3(set_mac_exts, void, env, i32, i32)
-DEF_HELPER_3(set_mac_extu, void, env, i32, i32)
-
-DEF_HELPER_2(flush_flags, void, env, i32)
-DEF_HELPER_

[Qemu-devel] [PATCH 2/4] [arm] move helpers.h to helper.h

[Lluís]

This provides a consistent naming scheme across all targets.

Signed-off-by: Lluís Vilanova 
---
 target-arm/helper.c|2 
 target-arm/helper.h|  475 
 target-arm/helpers.h   |  475 
 target-arm/iwmmxt_helper.c |2 
 target-arm/neon_helper.c   |2 
 target-arm/op_helper.c |2 
 target-arm/translate.c |6 -
 7 files changed, 482 insertions(+), 482 deletions(-)
 create mode 100644 target-arm/helper.h
 delete mode 100644 target-arm/helpers.h

diff --git a/target-arm/helper.c b/target-arm/helper.c
index d2e0bf4..2adf3ca 100644
--- a/target-arm/helper.c
+++ b/target-arm/helper.c
@@ -5,7 +5,7 @@
 #include "cpu.h"
 #include "exec-all.h"
 #include "gdbstub.h"
-#include "helpers.h"
+#include "helper.h"
 #include "qemu-common.h"
 #include "host-utils.h"
 #if !defined(CONFIG_USER_ONLY)
diff --git a/target-arm/helper.h b/target-arm/helper.h
new file mode 100644
index 000..ae701e8
--- /dev/null
+++ b/target-arm/helper.h
@@ -0,0 +1,475 @@
+#include "def-helper.h"
+
+DEF_HELPER_1(clz, i32, i32)
+DEF_HELPER_1(sxtb16, i32, i32)
+DEF_HELPER_1(uxtb16, i32, i32)
+
+DEF_HELPER_2(add_setq, i32, i32, i32)
+DEF_HELPER_2(add_saturate, i32, i32, i32)
+DEF_HELPER_2(sub_saturate, i32, i32, i32)
+DEF_HELPER_2(add_usaturate, i32, i32, i32)
+DEF_HELPER_2(sub_usaturate, i32, i32, i32)
+DEF_HELPER_1(double_saturate, i32, s32)
+DEF_HELPER_2(sdiv, s32, s32, s32)
+DEF_HELPER_2(udiv, i32, i32, i32)
+DEF_HELPER_1(rbit, i32, i32)
+DEF_HELPER_1(abs, i32, i32)
+
+#define PAS_OP(pfx)  \
+DEF_HELPER_3(pfx ## add8, i32, i32, i32, ptr) \
+DEF_HELPER_3(pfx ## sub8, i32, i32, i32, ptr) \
+DEF_HELPER_3(pfx ## sub16, i32, i32, i32, ptr) \
+DEF_HELPER_3(pfx ## add16, i32, i32, i32, ptr) \
+DEF_HELPER_3(pfx ## addsubx, i32, i32, i32, ptr) \
+DEF_HELPER_3(pfx ## subaddx, i32, i32, i32, ptr)
+
+PAS_OP(s)
+PAS_OP(u)
+#undef PAS_OP
+
+#define PAS_OP(pfx)  \
+DEF_HELPER_2(pfx ## add8, i32, i32, i32) \
+DEF_HELPER_2(pfx ## sub8, i32, i32, i32) \
+DEF_HELPER_2(pfx ## sub16, i32, i32, i32) \
+DEF_HELPER_2(pfx ## add16, i32, i32, i32) \
+DEF_HELPER_2(pfx ## addsubx, i32, i32, i32) \
+DEF_HELPER_2(pfx ## subaddx, i32, i32, i32)
+PAS_OP(q)
+PAS_OP(sh)
+PAS_OP(uq)
+PAS_OP(uh)
+#undef PAS_OP
+
+DEF_HELPER_2(ssat, i32, i32, i32)
+DEF_HELPER_2(usat, i32, i32, i32)
+DEF_HELPER_2(ssat16, i32, i32, i32)
+DEF_HELPER_2(usat16, i32, i32, i32)
+
+DEF_HELPER_2(usad8, i32, i32, i32)
+
+DEF_HELPER_1(logicq_cc, i32, i64)
+
+DEF_HELPER_3(sel_flags, i32, i32, i32, i32)
+DEF_HELPER_1(exception, void, i32)
+DEF_HELPER_0(wfi, void)
+
+DEF_HELPER_2(cpsr_write, void, i32, i32)
+DEF_HELPER_0(cpsr_read, i32)
+
+DEF_HELPER_3(v7m_msr, void, env, i32, i32)
+DEF_HELPER_2(v7m_mrs, i32, env, i32)
+
+DEF_HELPER_3(set_cp15, void, env, i32, i32)
+DEF_HELPER_2(get_cp15, i32, env, i32)
+
+DEF_HELPER_3(set_cp, void, env, i32, i32)
+DEF_HELPER_2(get_cp, i32, env, i32)
+
+DEF_HELPER_2(get_r13_banked, i32, env, i32)
+DEF_HELPER_3(set_r13_banked, void, env, i32, i32)
+
+DEF_HELPER_1(get_user_reg, i32, i32)
+DEF_HELPER_2(set_user_reg, void, i32, i32)
+
+DEF_HELPER_1(vfp_get_fpscr, i32, env)
+DEF_HELPER_2(vfp_set_fpscr, void, env, i32)
+
+DEF_HELPER_3(vfp_adds, f32, f32, f32, env)
+DEF_HELPER_3(vfp_addd, f64, f64, f64, env)
+DEF_HELPER_3(vfp_subs, f32, f32, f32, env)
+DEF_HELPER_3(vfp_subd, f64, f64, f64, env)
+DEF_HELPER_3(vfp_muls, f32, f32, f32, env)
+DEF_HELPER_3(vfp_muld, f64, f64, f64, env)
+DEF_HELPER_3(vfp_divs, f32, f32, f32, env)
+DEF_HELPER_3(vfp_divd, f64, f64, f64, env)
+DEF_HELPER_1(vfp_negs, f32, f32)
+DEF_HELPER_1(vfp_negd, f64, f64)
+DEF_HELPER_1(vfp_abss, f32, f32)
+DEF_HELPER_1(vfp_absd, f64, f64)
+DEF_HELPER_2(vfp_sqrts, f32, f32, env)
+DEF_HELPER_2(vfp_sqrtd, f64, f64, env)
+DEF_HELPER_3(vfp_cmps, void, f32, f32, env)
+DEF_HELPER_3(vfp_cmpd, void, f64, f64, env)
+DEF_HELPER_3(vfp_cmpes, void, f32, f32, env)
+DEF_HELPER_3(vfp_cmped, void, f64, f64, env)
+
+DEF_HELPER_2(vfp_fcvtds, f64, f32, env)
+DEF_HELPER_2(vfp_fcvtsd, f32, f64, env)
+
+DEF_HELPER_2(vfp_uitos, f32, i32, env)
+DEF_HELPER_2(vfp_uitod, f64, i32, env)
+DEF_HELPER_2(vfp_sitos, f32, i32, env)
+DEF_HELPER_2(vfp_sitod, f64, i32, env)
+
+DEF_HELPER_2(vfp_touis, i32, f32, env)
+DEF_HELPER_2(vfp_touid, i32, f64, env)
+DEF_HELPER_2(vfp_touizs, i32, f32, env)
+DEF_HELPER_2(vfp_touizd, i32, f64, env)
+DEF_HELPER_2(vfp_tosis, i32, f32, env)
+DEF_HELPER_2(vfp_tosid, i32, f64, env)
+DEF_HELPER_2(vfp_tosizs, i32, f32, env)
+DEF_HELPER_2(vfp_tosizd, i32, f64, env)
+
+DEF_HELPER_3(vfp_toshs, i32, f32, i32, env)
+DEF_HELPER_3(vfp_tosls, i32, f32, i32, env)
+DEF_HELPER_3(vfp_touhs, i32, f32, i32, env)
+DEF_HELPER_3(vfp_touls, i32, f32, i32, env)
+DEF_HELPER_3(vfp_toshd, i64, f64, i32, env)
+DEF_HELPER_3(vfp_tosld, i64, f64, i32, env)
+DEF_HELPER_3(vfp_touhd, i64, f64, i32, env)
+DEF_HELPER_3(vfp_tould, i64, f64, i32, env)
+DEF_HELPER_3(vfp_shtos, f32, i32, i32, e

Re: [Qemu-devel] [PATCH 1/4] [arm] trivial whitespace/indentation fixes

[Peter Maydell]

On 13 April 2011 17:38, Lluís  wrote:
> Signed-off-by: Lluís Vilanova 
> ---
>  target-arm/helper.c        |  246 
> ++--
>  target-arm/iwmmxt_helper.c |   28 +++--
>  target-arm/translate.c     |   26 ++---
>  3 files changed, 150 insertions(+), 150 deletions(-)

My preference is not to do large-scale whitespace changes
unless the code's being touched in that area anyway, so
I'd prefer this not to be applied.

(They make things painful for forks and branches, and
they make git blame less useful; disadvantages outweigh
the minor benefits of the cleanup IMHO.)

-- PMM

Re: [Qemu-devel] [PATCH 08/19] target-alpha: use new float64_unordered() function

[Richard Henderson]

On 04/13/2011 08:42 AM, Peter Maydell wrote:
> On 13 April 2011 16:38, Richard Henderson  wrote:
>> [ Odd, the original thread doesn't seem to have arrived here. ]
>>
>> On 04/13/2011 07:52 AM, Peter Maydell wrote:
>>> So I think you want the _quiet version here. (And helper_cmpteq
>>> needs to use float64_eq_quiet rather than float64_eq.)
>>
>> Yes, the _quiet version is what's needed for all comparisons.
> 
> Really all comparisons, including CMPTLT, CMPTLE?

Oops, no.  CMPTLE and CMPTLT in Table B-2 are on the next page,
and clearly indicate that they signal InvalidOP for QNaN.

So it's just CMPTUN and CMPTEQ that should not signal on QNaN.


r~

Re: [Qemu-devel] [PATCH 08/19] target-alpha: use new float64_unordered() function

[Richard Henderson]

[ Odd, the original thread doesn't seem to have arrived here. ]

On 04/13/2011 07:52 AM, Peter Maydell wrote:
> So I think you want the _quiet version here. (And helper_cmpteq
> needs to use float64_eq_quiet rather than float64_eq.)

Yes, the _quiet version is what's needed for all comparisons.

For the record, the goal for QEMU should not be to emulate the
hardware exactly, but to emulate the entire HW+OS system.  Thus
when looking at Table B-2 one should look at the OS Completion
Handler and User Signal Handler columns.

That's for /s qualified instructions anyway.  For non-ieee code
we take care to inject the extra traps via helper_ieee_input*.

(It looks like some of the Alpha code can be cleaned up a bit.
I don't recall flush_inputs_to_zero option being there before,
and we do that by hand in helper_ieee_input*.)


r~

[Qemu-devel] [Bug 760060] [NEW] Open Solaris 2009 Assertion `size' failed

[Nigel Horne]

Public bug reported:

The latest git version of qemu (commit
9df38c47d01eb1fd7eb9d60ac70a4170e638b4a2) fails to boot the OpenSolaris
image from http://dlc.sun.com/osol/opensolaris/2009/06/osol-0906-ai-
sparc.iso.

qemu-img create opensolaris 3G
qemu-system-sparc -hda opensolaris -cdrom osol-0906-ai-sparc.iso -boot d -redir 
tcp:2232::22 -k en-us -m 256

gives:

qemu-system-sparc: /home/njh/src/qemu/exec.c:2614:
cpu_register_physical_memory_offset: Assertion `size' failed.

Host: Linux/x86_64
gcc4.5
./configure --enable-linux-aio --enable-io-thread --enable-kvm

** Affects: qemu
 Importance: Undecided
 Status: New

-- 
You received this bug notification because you are a member of qemu-
devel-ml, which is subscribed to QEMU.
https://bugs.launchpad.net/bugs/760060

Title:
  Open Solaris 2009 Assertion `size' failed

Status in QEMU:
  New

Bug description:
  The latest git version of qemu (commit
  9df38c47d01eb1fd7eb9d60ac70a4170e638b4a2) fails to boot the
  OpenSolaris image from
  http://dlc.sun.com/osol/opensolaris/2009/06/osol-0906-ai-sparc.iso.

  qemu-img create opensolaris 3G
  qemu-system-sparc -hda opensolaris -cdrom osol-0906-ai-sparc.iso -boot d 
-redir tcp:2232::22 -k en-us -m 256

  gives:

  qemu-system-sparc: /home/njh/src/qemu/exec.c:2614:
  cpu_register_physical_memory_offset: Assertion `size' failed.

  Host: Linux/x86_64
  gcc4.5
  ./configure --enable-linux-aio --enable-io-thread --enable-kvm

Re: [Qemu-devel] [PATCH 15/19] target-arm: fix wrong usage of floatx80_eq_quiet()

[Aurelien Jarno]

On Tue, Apr 12, 2011 at 11:41:49PM +0100, Peter Maydell wrote:
> On 12 April 2011 22:59, Aurelien Jarno  wrote:
> > I haven't look at the documentation, but for the neighbouring code it looks
> > clear that floatx80_eq() should be used instead of floatx80_eq_quiet().
> 
> Actually I think it's irrelevant -- PerformComparisonOperation()
> is called only once, and the code before it carefully checks for
> any NaNs and takes a different code path in that case (jumping
> to the 'unordered' label). So it doesn't matter which function
> we use here. I don't particularly object if you think using the
> non _quiet one is aesthetically tidier. (The nwfpe code is all
> hovering on the edge of total obsolescence anyhow; I certainly
> don't have any test cases for it.)
> 

Ok, I will simply drop it then.

-- 
Aurelien Jarno  GPG: 1024D/F1BCDB73
aurel...@aurel32.net http://www.aurel32.net

Re: [Qemu-devel] [PATCH 17/19] target-ppc: fix SPE comparison functions

[Aurelien Jarno]

On Tue, Apr 12, 2011 at 07:40:33PM -0700, Nathan Froyd wrote:
> On Tue, Apr 12, 2011 at 11:59:29PM +0200, Aurelien Jarno wrote:
> > Given that float32_*() functions are IEEE754 compliant, the efscmp*()
> > functions are correctly implemented, while efstst*() are not. This
> > patch reverse the implementation of this two groups of functions and
> > fix the comments. It also use float32_eq() instead of float32_eq_quiet()
> > as qNaNs should not be ignored.
> 
> Thanks for addressing this; the E500 emulation in QEMU is more like how
> we wish the hardware acted, rather than how it actually acts. :)
> 
> It's late here, but I think this change:
> 
> > -static inline uint32_t efscmplt(uint32_t op1, uint32_t op2)
> > +static inline uint32_t efststlt(uint32_t op1, uint32_t op2)
> >  {
> > -/* XXX: TODO: test special values (NaN, infinites, ...) */
> > +/* XXX: TODO: ignore special values (NaN, infinites, ...) */
> >  return efststlt(op1, op2);
> >  }
> 
> is not correct, as you've just turned this into an infinite (inlined!)
> loop.  You'd want to change the efststlt call into an efscmplt call.
> Similarly for efstst{gt,eq}.
> 

Thanks for catching that, I'll fix that in the next version.

-- 
Aurelien Jarno  GPG: 1024D/F1BCDB73
aurel...@aurel32.net http://www.aurel32.net

Re: [Qemu-devel] [PATCH 2/2] Support for Cavium-Octeon specific instruction

[Aurelien Jarno]

On Wed, Apr 13, 2011 at 12:26:01PM +0500, Khansa Butt wrote:
> We ported MIPS64 r2 user mode emulation. When a binary is given to
> qemu-mips64, our code first check whether it is Octeon binary or not if yes
> it  enable Octeon specific Instructions for. The following code snippet do
> this job:
> 
> >
> > > diff --git a/linux-user/elfload.c b/linux-user/elfload.c
> > > index 2832a33..9399e44 100644
> > > --- a/linux-user/elfload.c
> > > +++ b/linux-user/elfload.c
> > > @@ -1662,6 +1662,11 @@ int load_elf_binary(struct linux_binprm * bprm,
> > > struct target_pt_regs * regs,
> > > when we load the interpreter.  */
> > >  elf_ex = *(struct elfhdr *)bprm->buf;
> > >
> > > +#if defined(TARGET_MIPS64)
> > > +if ((elf_ex.e_flags & EF_MIPS_MARCH) == E_MIPS_MACH_OCTEON) {
> > > +info->elf_arch = 1;
> > > +}
> > > +#endif
> > >
> > > +++ b/linux-user/main.c
> > > @@ -3348,6 +3348,11 @@ int main(int argc, char **argv, char **envp)
> > >  if (regs->cp0_epc & 1) {
> > >  env->hflags |= MIPS_HFLAG_M16;
> > >  }
> > > +#if defined(TARGET_MIPS64)
> > > +if (info->elf_arch) {
> > > +env->insn_flags |=  INSN_OCTEON;
> > > +}
> > > +#endif
> > >  }
> >
>
> where we put elf_arch in image_info

I am not really sure about this name info->elf_arch, it is something
specific to octeon, but the name doesn't represent that. Also we
probably want a generic framework for changing a CPU to another one.

Note that in any case you can run qemu-mips64 with -cpu octeon if you
define an octeon CPU in translate_init.c.

> and INSN_OCTEON is in target_mips/mips-defs.h as follows
>   #define INSN_LOONGSON2E  0x2000
>   #define INSN_LOONGSON2F  0x4000
>   #define INSN_VR54XX 0x8000
> +#defineINSN_OCTEON 0x1000
> 
> Is this solution acceptable for you?

This part is clearly the way to go

-- 
Aurelien Jarno  GPG: 1024D/F1BCDB73
aurel...@aurel32.net http://www.aurel32.net

Re: [Qemu-devel] [PATCH 08/19] target-alpha: use new float64_unordered() function

[Aurelien Jarno]

On Wed, Apr 13, 2011 at 08:53:27AM -0700, Richard Henderson wrote:
> On 04/13/2011 08:42 AM, Peter Maydell wrote:
> > On 13 April 2011 16:38, Richard Henderson  wrote:
> >> [ Odd, the original thread doesn't seem to have arrived here. ]
> >>
> >> On 04/13/2011 07:52 AM, Peter Maydell wrote:
> >>> So I think you want the _quiet version here. (And helper_cmpteq
> >>> needs to use float64_eq_quiet rather than float64_eq.)
> >>
> >> Yes, the _quiet version is what's needed for all comparisons.
> > 
> > Really all comparisons, including CMPTLT, CMPTLE?
> 
> Oops, no.  CMPTLE and CMPTLT in Table B-2 are on the next page,
> and clearly indicate that they signal InvalidOP for QNaN.
> 
> So it's just CMPTUN and CMPTEQ that should not signal on QNaN.
> 

Thanks to both of you for digging into the manuals, the information I
have found in the manual I have were not so clear. I'll fix that in the
next version.

-- 
Aurelien Jarno  GPG: 1024D/F1BCDB73
aurel...@aurel32.net http://www.aurel32.net

Re: [Qemu-devel] [PATCH 1/4] [arm] trivial whitespace/indentation fixes

[Aurelien Jarno]

On Wed, Apr 13, 2011 at 06:16:55PM +0100, Peter Maydell wrote:
> On 13 April 2011 17:38, Lluís  wrote:
> > Signed-off-by: Lluís Vilanova 
> > ---
> >  target-arm/helper.c        |  246 
> > ++--
> >  target-arm/iwmmxt_helper.c |   28 +++--
> >  target-arm/translate.c     |   26 ++---
> >  3 files changed, 150 insertions(+), 150 deletions(-)
> 
> My preference is not to do large-scale whitespace changes
> unless the code's being touched in that area anyway, so
> I'd prefer this not to be applied.
> 
> (They make things painful for forks and branches, and
> they make git blame less useful; disadvantages outweigh
> the minor benefits of the cleanup IMHO.)
> 

I agree that this patch should not be applied.

-- 
Aurelien Jarno  GPG: 1024D/F1BCDB73
aurel...@aurel32.net http://www.aurel32.net

Re: [Qemu-devel] [PATCH 2/2 V7] qemu, qmp: add inject-nmi qmp command

[Blue Swirl]

On Wed, Apr 13, 2011 at 4:08 PM, Luiz Capitulino  wrote:
> On Tue, 12 Apr 2011 21:31:18 +0300
> Blue Swirl  wrote:
>
>> On Tue, Apr 12, 2011 at 10:52 AM, Avi Kivity  wrote:
>> > On 04/11/2011 08:15 PM, Blue Swirl wrote:
>> >>
>> >> On Mon, Apr 11, 2011 at 10:01 AM, Markus Armbruster
>> >>  wrote:
>> >> >  Avi Kivity  writes:
>> >> >
>> >> >>  On 04/08/2011 12:41 AM, Anthony Liguori wrote:
>> >> >>>
>> >> >>>  And it's a good thing to have, but exposing this as the only API to
>> >> >>>  do something as simple as generating a guest crash dump is not the
>> >> >>>  friendliest thing in the world to do to users.
>> >> >>
>> >> >>  nmi is a fine name for something that corresponds to a real-life nmi
>> >> >>  button (often labeled "NMI").
>> >> >
>> >> >  Agree.
>> >>
>> >> We could also introduce an alias mechanism for user friendly names, so
>> >> nmi could be used in addition of full path. Aliases could be useful
>> >> for device paths as well.
>> >
>> > Yes.  Perhaps limited to the human monitor.
>>
>> I'd limit all debugging commands (including NMI) to the human monitor.
>
> Why?

Do they have any real use in production environment? Also, we should
have the freedom to change the debugging facilities (for example, to
improve some internal implementation) as we want without regard to
compatibility to previous versions.

Re: [Qemu-devel] [PATCH 1/4] [arm] trivial whitespace/indentation fixes

[Lluís]

Aurelien Jarno writes:

> On Wed, Apr 13, 2011 at 06:16:55PM +0100, Peter Maydell wrote:
>> On 13 April 2011 17:38, Lluís  wrote:
>> > Signed-off-by: Lluís Vilanova 
>> > ---
>> >  target-arm/helper.c        |  246 
>> > ++--
>> >  target-arm/iwmmxt_helper.c |   28 +++--
>> >  target-arm/translate.c     |   26 ++---
>> >  3 files changed, 150 insertions(+), 150 deletions(-)
>> 
>> My preference is not to do large-scale whitespace changes
>> unless the code's being touched in that area anyway, so
>> I'd prefer this not to be applied.
>> 
>> (They make things painful for forks and branches, and
>> they make git blame less useful; disadvantages outweigh
>> the minor benefits of the cleanup IMHO.)
>> 

> I agree that this patch should not be applied.

Damned the day I decided to setup automatic whitespace and indentation
cleanup on my editor :)

Lluis

-- 
 "And it's much the same thing with knowledge, for whenever you learn
 something new, the whole world becomes that much richer."
 -- The Princess of Pure Reason, as told by Norton Juster in The Phantom
 Tollbooth

Re: [Qemu-devel] [PATCH 1/4] [arm] trivial whitespace/indentation fixes

[Lluís]

Aurelien Jarno writes:

> On Wed, Apr 13, 2011 at 06:16:55PM +0100, Peter Maydell wrote:
>> On 13 April 2011 17:38, Lluís  wrote:
>> > Signed-off-by: Lluís Vilanova 
>> > ---
>> >  target-arm/helper.c        |  246 
>> > ++--
>> >  target-arm/iwmmxt_helper.c |   28 +++--
>> >  target-arm/translate.c     |   26 ++---
>> >  3 files changed, 150 insertions(+), 150 deletions(-)
>>
>> My preference is not to do large-scale whitespace changes
>> unless the code's being touched in that area anyway, so
>> I'd prefer this not to be applied.
>>
>> (They make things painful for forks and branches, and
>> they make git blame less useful; disadvantages outweigh
>> the minor benefits of the cleanup IMHO.)
>>

> I agree that this patch should not be applied.

BTW, the next patch applies nicely without this one, so I'm assuming you
don't need me to re-send anything.

Lluis

--
 "And it's much the same thing with knowledge, for whenever you learn
 something new, the whole world becomes that much richer."
 -- The Princess of Pure Reason, as told by Norton Juster in The Phantom
 Tollbooth

Re: [Qemu-devel] [PATCH v2 0/3] io-thread optimizations

[Aurelien Jarno]

On Mon, Apr 11, 2011 at 10:27:41PM +0200, Jan Kiszka wrote:
> These patches were posted before. They bring down the overhead of the
> io-thread mode for TCG here, specifically when emulating SMP.
> 
> The major change in this version, besides rebasing, is the exclusion of
> KVM from the main loop polling optimization.
> 
> 
> 
> Jan Kiszka (3):
>   Do not drop global mutex for polled main loop runs
>   Poll main loop after I/O events were received
>   Do not kick vcpus in TCG mode
> 
>  cpus.c   |2 +-
>  sysemu.h |2 +-
>  vl.c |   22 --
>  3 files changed, 18 insertions(+), 8 deletions(-)
> 

Thanks for working on improving the io-thread with TCG. Your patches 
make sense, but they don't seems to fix the slowdown observed when
enabling the io-thread. Well maybe they were not supposed to. This is
for example the results of netperf between guest and host using virtio:

no io-thread122 MB/s
io-thread97 MB/s
io-thread + patches  98 MB/s

-- 
Aurelien Jarno  GPG: 1024D/F1BCDB73
aurel...@aurel32.net http://www.aurel32.net

[Qemu-devel] [PATCH] Remove unneeded function parameter from gen_pc_load

[Stefan Weil]

gen_pc_load was introduced in commit
d2856f1ad4c259e5766847c49acbb4e390731bd4.
The only reason for parameter searched_pc was
a debug statement in target-i386/translate.c.

Remove searched_pc from the debug statement
and from the parameter list of gen_pc_load.

Signed-off-by: Stefan Weil 
---
 exec-all.h|2 +-
 target-alpha/translate.c  |3 +--
 target-arm/translate.c|3 +--
 target-cris/translate.c   |3 +--
 target-i386/translate.c   |7 +++
 target-lm32/translate.c   |3 +--
 target-m68k/translate.c   |3 +--
 target-microblaze/translate.c |3 +--
 target-mips/translate.c   |3 +--
 target-ppc/translate.c|3 +--
 target-s390x/translate.c  |3 +--
 target-sh4/translate.c|3 +--
 target-sparc/translate.c  |3 +--
 target-unicore32/translate.c  |3 +--
 translate-all.c   |2 +-
 15 files changed, 17 insertions(+), 30 deletions(-)

diff --git a/exec-all.h b/exec-all.h
index 496c001..8466f2b 100644
--- a/exec-all.h
+++ b/exec-all.h
@@ -78,7 +78,7 @@ extern uint16_t gen_opc_icount[OPC_BUF_SIZE];
 void gen_intermediate_code(CPUState *env, struct TranslationBlock *tb);
 void gen_intermediate_code_pc(CPUState *env, struct TranslationBlock *tb);
 void gen_pc_load(CPUState *env, struct TranslationBlock *tb,
- unsigned long searched_pc, int pc_pos, void *puc);
+ int pc_pos, void *puc);
 
 void cpu_gen_init(void);
 int cpu_gen_code(CPUState *env, struct TranslationBlock *tb,
diff --git a/target-alpha/translate.c b/target-alpha/translate.c
index 96e922b..21f54ac 100644
--- a/target-alpha/translate.c
+++ b/target-alpha/translate.c
@@ -3367,8 +3367,7 @@ CPUAlphaState * cpu_alpha_init (const char *cpu_model)
 return env;
 }
 
-void gen_pc_load(CPUState *env, TranslationBlock *tb,
-unsigned long searched_pc, int pc_pos, void *puc)
+void gen_pc_load(CPUState *env, TranslationBlock *tb, int pc_pos, void *puc)
 {
 env->pc = gen_opc_pc[pc_pos];
 }
diff --git a/target-arm/translate.c b/target-arm/translate.c
index 6190028..64a4ffd 100644
--- a/target-arm/translate.c
+++ b/target-arm/translate.c
@@ -9817,8 +9817,7 @@ void cpu_dump_state(CPUState *env, FILE *f, 
fprintf_function cpu_fprintf,
 #endif
 }
 
-void gen_pc_load(CPUState *env, TranslationBlock *tb,
-unsigned long searched_pc, int pc_pos, void *puc)
+void gen_pc_load(CPUState *env, TranslationBlock *tb, int pc_pos, void *puc)
 {
 env->regs[15] = gen_opc_pc[pc_pos];
 env->condexec_bits = gen_opc_condexec_bits[pc_pos];
diff --git a/target-cris/translate.c b/target-cris/translate.c
index 1c03fa5..9c3ebb6 100644
--- a/target-cris/translate.c
+++ b/target-cris/translate.c
@@ -3604,8 +3604,7 @@ void cpu_reset (CPUCRISState *env)
 #endif
 }
 
-void gen_pc_load(CPUState *env, struct TranslationBlock *tb,
- unsigned long searched_pc, int pc_pos, void *puc)
+void gen_pc_load(CPUState *env, TranslationBlock *tb, int pc_pos, void *puc)
 {
env->pc = gen_opc_pc[pc_pos];
 }
diff --git a/target-i386/translate.c b/target-i386/translate.c
index 7d1340e..16d9cb7 100644
--- a/target-i386/translate.c
+++ b/target-i386/translate.c
@@ -7890,8 +7890,7 @@ void gen_intermediate_code_pc(CPUState *env, 
TranslationBlock *tb)
 gen_intermediate_code_internal(env, tb, 1);
 }
 
-void gen_pc_load(CPUState *env, TranslationBlock *tb,
-unsigned long searched_pc, int pc_pos, void *puc)
+void gen_pc_load(CPUState *env, TranslationBlock *tb, int pc_pos, void *puc)
 {
 int cc_op;
 #ifdef DEBUG_DISAS
@@ -7903,8 +7902,8 @@ void gen_pc_load(CPUState *env, TranslationBlock *tb,
 qemu_log("0x%04x: " TARGET_FMT_lx "\n", i, gen_opc_pc[i]);
 }
 }
-qemu_log("spc=0x%08lx pc_pos=0x%x eip=" TARGET_FMT_lx " cs_base=%x\n",
-searched_pc, pc_pos, gen_opc_pc[pc_pos] - tb->cs_base,
+qemu_log("pc_pos=0x%x eip=" TARGET_FMT_lx " cs_base=%x\n",
+pc_pos, gen_opc_pc[pc_pos] - tb->cs_base,
 (uint32_t)tb->cs_base);
 }
 #endif
diff --git a/target-lm32/translate.c b/target-lm32/translate.c
index efc9b5a..1939024 100644
--- a/target-lm32/translate.c
+++ b/target-lm32/translate.c
@@ -1212,8 +1212,7 @@ void cpu_dump_state(CPUState *env, FILE *f, 
fprintf_function cpu_fprintf,
 cpu_fprintf(f, "\n\n");
 }
 
-void gen_pc_load(CPUState *env, struct TranslationBlock *tb,
- unsigned long searched_pc, int pc_pos, void *puc)
+void gen_pc_load(CPUState *env, TranslationBlock *tb, int pc_pos, void *puc)
 {
 env->pc = gen_opc_pc[pc_pos];
 }
diff --git a/target-m68k/translate.c b/target-m68k/translate.c
index 038c0af..7438f9a 100644
--- a/target-m68k/translate.c
+++ b/target-m68k/translate.c
@@ -3113,8 +3113,7 @@ void cpu_dump_state(CPUState *env, FILE *f, 
fprintf_function cpu_fprintf,
 cpu_fprintf (f, "FPRESULT = %12g\n", *(double *)&env->fp_result);
 }
 
-vo

[Qemu-devel] [PATCH] Fix some typos in comments and documentation

[Stefan Weil]

helpfull -> helpful
usefull -> useful
cotrol -> control

and a grammar fix.

Signed-off-by: Stefan Weil 
---
 qemu-options.hx |4 ++--
 savevm.c|2 +-
 target-arm/helper.c |2 +-
 3 files changed, 4 insertions(+), 4 deletions(-)

diff --git a/qemu-options.hx b/qemu-options.hx
index ef60730..677c550 100644
--- a/qemu-options.hx
+++ b/qemu-options.hx
@@ -937,8 +937,8 @@ a lot of bandwidth at the expense of quality.
 Disable adaptive encodings. Adaptive encodings are enabled by default.
 An adaptive encoding will try to detect frequently updated screen regions,
 and send updates in these regions using a lossy encoding (like JPEG).
-This can be really helpfull to save bandwidth when playing videos. Disabling
-adaptive encodings allow to restore the original static behavior of encodings
+This can be really helpful to save bandwidth when playing videos. Disabling
+adaptive encodings allows to restore the original static behavior of encodings
 like Tight.
 
 @end table
diff --git a/savevm.c b/savevm.c
index 03fce62..c1c5467 100644
--- a/savevm.c
+++ b/savevm.c
@@ -1007,7 +1007,7 @@ const VMStateInfo vmstate_info_buffer = {
 };
 
 /* unused buffers: space that was used for some fields that are
-   not usefull anymore */
+   not useful anymore */
 
 static int get_unused_buffer(QEMUFile *f, void *pv, size_t size)
 {
diff --git a/target-arm/helper.c b/target-arm/helper.c
index 9172fc7..a0ec643 100644
--- a/target-arm/helper.c
+++ b/target-arm/helper.c
@@ -1378,7 +1378,7 @@ void HELPER(set_cp15)(CPUState *env, uint32_t insn, 
uint32_t val)
 /* This may enable/disable the MMU, so do a TLB flush.  */
 tlb_flush(env, 1);
 break;
-case 1: /* Auxiliary cotrol register.  */
+case 1: /* Auxiliary control register.  */
 if (arm_feature(env, ARM_FEATURE_XSCALE)) {
 env->cp15.c1_xscaleauxcr = val;
 break;
-- 
1.7.2.5

Re: [Qemu-devel] [PATCH] Slirp reverse UDP firewall

[Blue Swirl]

On Tue, Apr 12, 2011 at 7:19 PM, Daisuke Nojiri  wrote:
> This patch adds: -drop-udp, -allow-udp ADDR:PORT, -drop-log FILE
>   e.g.) $ qemu -net user -drop-log qemu.drop -drop-udp -allow-udp
> 10.0.2.3:53
> -drop-udp enables usermode firewall for out-going UDP packats from a guest.
> All UDP packets except ones allowed by -allow-udp will be dropped. Dropped
> packets are logged in the file specified by FILE. PORT can be a single
> number
> (e.g. 53) or a range (e.g. [80-81]). If ADDR is ommitted, all addresses
> match
> the rule.
> Signed-off-by: Daisuke Nojiri 

I missed somehow 1/3, so I'll comment to this one.

> --- a/qemu-options.hx
> +++ b/qemu-options.hx
> @@ -1119,6 +1119,24 @@ DEF("netdev", HAS_ARG, QEMU_OPTION_netdev,
>      "vde|"
>  #endif
>      "socket],id=str[,option][,option][,...]\n", QEMU_ARCH_ALL)
> +
> +DEF("drop-udp", 0, QEMU_OPTION_drop_udp,

With the TCP firewall in mind, I'd use a more general syntax,
something like "deny=proto:udp". More complete rules would need
denying a block inside allowed block, so address part should be used
here (or "all" for deny all).

> +"-drop-udp\tDrop UDP packets by usermode firewall\n",
> +QEMU_ARCH_ALL)
> +
> +DEF("allow-udp", HAS_ARG, QEMU_OPTION_allow_udp,

Likewise, "allow=proto:udp:addr:port". Then, if "udp" is left out, the
rule should apply to all protocols. The address part should allow for
range specifiers, like "10.0.0.0/24". Colon is not so great choice
when thinking also of IPv6 addresses.

> +    "-allow-udp addr:port\n"
> +    "                Add an allowed rule for -drop-udp. If destination
> matches\n"
> +    "                the rule, the packet won't be dropped. 'port' can be a
> single\n"
> +    "                number (e.g. 53) or a range (e.g. [80-81]. If 'addr'
> is omitted,
> +    "                all addresses match.\n",
> +    QEMU_ARCH_ALL)
> +
> +DEF("drop-log", HAS_ARG, QEMU_OPTION_drop_log,
> +    "-drop-log file\n"
> +    "                Set usermode firewall log filename to 'file'.\n",
> +    QEMU_ARCH_ALL)
> +
>  STEXI
>  @item -net nic[,vlan=@var{n}][,macaddr=@var{mac}][,model=@var{type}]
> [,name=@var{name}][,addr=@var{addr}][,vectors=@var{v}]
>  @findex -net
> diff --git a/slirp/libslirp.h b/slirp/libslirp.h
> index 67c70e3..1ce5d68 100644
> --- a/slirp/libslirp.h
> +++ b/slirp/libslirp.h
> @@ -44,6 +44,15 @@ void slirp_socket_recv(Slirp *slirp, struct in_addr
> guest_addr,
>  size_t slirp_socket_can_recv(Slirp *slirp, struct in_addr guest_addr,
>                               int guest_port);
>
> +/* Usermode firewall functions */
> +void slirp_enable_drop_udp(void);
> +void slirp_set_drop_log_fd(FILE *fd);
> +void slirp_add_allow(const char *optarg, u_int8_t proto);
> +int slirp_drop_log(const char *format, ...);
> +int slirp_should_drop(unsigned long dst_addr,
> +                      unsigned short dst_port,
> +                      u_int8_t proto);
> +
>  #else /* !CONFIG_SLIRP */
>
>  static inline void slirp_select_fill(int *pnfds, fd_set *readfds,
> diff --git a/slirp/slirp.c b/slirp/slirp.c
> index 1593be1..d321316 100644
> --- a/slirp/slirp.c
> +++ b/slirp/slirp.c
> @@ -,3 +,192 @@ static int slirp_state_load(QEMUFile *f, void
> *opaque, int version_id)
>
>      return 0;
>  }
> +
> +/*
> + * Allow rule for the usermode firewall
> + */
> +struct ufw_allowed {
> +    struct ufw_allowed *next;

Please use QLIST macros.

> +    unsigned long dst_addr;

This is not IPv6 safe, though Slirp does not implement IPv6. I'd still
use the proper address type.

> +    /* Port range. For a single port, dst_lport = dst_hport. */
> +    unsigned short dst_lport;   /* in host byte order */
> +    unsigned short dst_hport;   /* in host byte order */
> +};
> +
> +/*
> + * Global variables for the usermode firewall
> + */
> +static int drop_udp = 0;
> +static FILE *drop_log_fd = NULL;
> +static struct ufw_allowed *fw_allowed_udp = NULL;

Don't use global variables. It's possible to have several interfaces,
each on a different user mode stack, so each interface may have
different rules. There's struct Slirp defined in slirp.h, please put
these there.

> +
> +void slirp_enable_drop_udp(void)
> +{
> +    drop_udp = 1;
> +}
> +
> +void slirp_set_drop_log_fd(FILE *fd)
> +{
> +    drop_log_fd = fd;
> +}
> +
> +int slirp_should_drop(unsigned long dst_addr,
> +                      unsigned short dst_port,
> +                      u_int8_t proto) {
> +    struct ufw_allowed *fwa = NULL;
> +    unsigned short dport;   /* host byte order */
> +
> +    switch (proto) {
> +    case IPPROTO_UDP:
> +        if (drop_udp == 0) {
> +            return 0;
> +        } else {
> +            fwa = fw_allowed_udp;
> +        }
> +        break;
> +    case IPPROTO_TCP:
> +    default:
> +        return 1;   /* unrecognized protocol. default drop. */
> +    }
> +
> +    /* Find matching allow rule. 0 works as a wildcard for address. */
> +    for (; fwa; fwa = fwa->next) {
> +        dport = ntohs(dst_port);
> +        if ((fwa->dst_lpor

Re: [Qemu-devel] Question about total_sectors in block/vpc.c

[Lyu Mitnick]

Hello Stefan,

I have a question about get_option_parameter(). I am wondering whether
get_option_parameter  is suitable to use instead of doing the search by
myself
in the case like following:

/* Read out options */
while (options && options->name) {
if (!strcmp(options->name, BLOCK_OPT_SIZE)) {
// do something
} else if (!strcmp(options->name, BLOCK_OPT_CLUSTER_SIZE)) {
   // do something
}
options++;
}

Thanks

2011/4/11 Stefan Hajnoczi 

> On Sun, Apr 10, 2011 at 05:02:20PM +0800, Lyu Mitnick wrote:
> > diff --git a/block.c b/block.c
> > index f731c7a..a80ec49 100644
> > --- a/block.c
> > +++ b/block.c
> > @@ -239,6 +239,16 @@ int bdrv_create(BlockDriver *drv, const char*
> filename,
> > if (!drv->bdrv_create)
> > return -ENOTSUP;
> >
> > +   while (options && options->name) {
> > +   if (!strcmp(options->name, "size")) {
> > +   if (options->value.n % 512 == 0)
> > +   break;
> > +   else
> > +   return -EINVAL;
> > +   }
> > +   options++;
> > +   }
>
> Please use BDRV_SECTOR_SIZE instead of hardcoding 512.
>
> get_option_parameter() does the search for you, please use it instead of
> duplicating the loop.
>
> Please see the CODING_STYLE and HACKING files, new code should follow it:
>  * Indentation is 4 spaces
>  * Always use {} even for if/else with single-statement bodies
>
> Stefan
>

Mitnick

Re: [Qemu-devel] [PATCH] Remove unneeded function parameter from gen_pc_load

[Peter Maydell]

On 13 April 2011 21:38, Stefan Weil  wrote:
> gen_pc_load was introduced in commit
> d2856f1ad4c259e5766847c49acbb4e390731bd4.
> The only reason for parameter searched_pc was
> a debug statement in target-i386/translate.c.
>
> Remove searched_pc from the debug statement
> and from the parameter list of gen_pc_load.

No issues with the meat of the patch, but if we're going to
change all the callers and implementations of this anyway,
is there any appetite for giving it a more appropriate name?
It doesn't generate any code, it affects more than just the
pc, and it doesn't do a load...

restore_state_to_opc() ? set_env_for_opc() ?

-- PMM

Re: [Qemu-devel] [PATCH] target-arm: Don't overflow when calculating value for signed VABAL

[Aurelien Jarno]

On Tue, Apr 12, 2011 at 11:31:20PM +0100, Peter Maydell wrote:
> On 12 April 2011 22:32, Aurelien Jarno  wrote:
> > On Mon, Apr 11, 2011 at 04:32:08PM +0100, Peter Maydell wrote:
> 
> >> @@ -1524,12 +1528,12 @@ uint64_t HELPER(neon_abdl_u16)(uint32_t a, 
> >> uint32_t b)
> >>  {
> >>      uint64_t tmp;
> >>      uint64_t result;
> >> -    DO_ABD(result, a, b, uint8_t);
> >> -    DO_ABD(tmp, a >> 8, b >> 8, uint8_t);
> >> +    DO_ABD(result, a, b, uint8_t, uint32_t);
> >> +    DO_ABD(tmp, a >> 8, b >> 8, uint8_t, uint32_t);
> >>      result |= tmp << 16;
> >> -    DO_ABD(tmp, a >> 16, b >> 16, uint8_t);
> >> +    DO_ABD(tmp, a >> 16, b >> 16, uint8_t, uint32_t);
> >>      result |= tmp << 32;
> >> -    DO_ABD(tmp, a >> 24, b >> 24, uint8_t);
> >> +    DO_ABD(tmp, a >> 24, b >> 24, uint8_t, uint32_t);
> >>      result |= tmp << 48;
> >>      return result;
> >>  }
> >
> > Do we really need a 32-bit type for the computation here?
> 
> No, anything wider than 8 will do, but my guess was that in
> practice 32 bits would be fractionally more efficient than
> unnecessarily forcing 16 bit arithmetic. For that matter I
> guess we could just say "int" and "unsigned int" since C
> guarantees us at least 16 bits there.

My guess was that in 2011 a compiler can optimize that itself if it is
faster, and so it should be presented the size that is really needed.

It turns to be the case on x86_64, but not on arm or ia64. I have
therefore applied this patch as is.

-- 
Aurelien Jarno  GPG: 1024D/F1BCDB73
aurel...@aurel32.net http://www.aurel32.net

Re: [Qemu-devel] [PATCH 4/4] usb: use DPRINTF instead of printf for some simple cases

[Brad Hards]

On Wed, 13 Apr 2011 10:52:37 pm Hans de Goede wrote:
> > @@ -359,7 +359,7 @@ static int usb_host_claim_interfaces(USBHostDevice
> > *dev, int configuration)
> >
> >   ret = ioctl(dev->fd, USBDEVFS_CLAIMINTERFACE,&interface);
> >   if (ret<  0) {
> >   if (errno == EBUSY) {
> >
> > -printf("husb: update iface. device already grabbed\n");
> > +DPRINTF("husb: update iface. device already grabbed\n");
> >
> >   } else {
> >   perror("husb: failed to claim interface");
> >   }
> 
> Nack, this is an error condition, so it should not be a DPRINTF.
Then should it go to stderr instead of stdout?

(There are other places in this code where we use fprintf(stderr, ...) to 
indicate error conditions.)

Brad

[Qemu-devel] [PATCH v2 00/19] softfloat and FPU fixes/improvements

[Aurelien Jarno]

This patch series started with the goal of improving the build of
target-i386 with softfloat (instead of softfloat-native), but it slowly
became a collection of fixes and improvements with regard to softfloat
and targets FPU.

Aurelien Jarno (19):
  softfloat: use GCC builtins to count the leading zeros
  cpu-all.h: define CPU_LDoubleU
  target-i386: use CPU_LDoubleU instead of a private union
  target-i386: use float unions from cpu-all.h
  target-i386: add floatx_{add,mul,sub} and use them
  softfloat: add float*_unordered_{,quiet}() functions
  softfloat-native: add float*_unordered_quiet() functions
  target-alpha: use new float64_unordered_quiet() function
  target-mips: use new float*_unordered*() functions
  target-i386: fix CMPUNORDPS/D and CMPORDPS/D instructions
  softfloat: rename float*_eq() into float*_eq_quiet()
  softfloat: rename float*_eq_signaling() into float*_eq()
  softfloat: move float*_eq and float*_eq_quiet
  softfloat: improve description of comparison functions
  target-ppc: fix SPE comparison functions
  target-mips: simplify FP comparisons
  target-mips: don't hardcode softfloat exception bits
  target-mips: fix c.ps.* instructions
  target-mips: clear softfpu exception state for comparison instructions

 cpu-all.h |   10 ++
 fpu/softfloat-macros.h|   29 +++-
 fpu/softfloat-native.h|   27 ++-
 fpu/softfloat.c   |  317 +
 fpu/softfloat.h   |   16 ++-
 linux-user/arm/nwfpe/fpa11_cprt.c |2 +-
 target-alpha/op_helper.c  |9 +-
 target-i386/exec.h|   33 +---
 target-i386/helper.c  |   12 +-
 target-i386/op_helper.c   |   18 +--
 target-i386/ops_sse.h |   12 +-
 target-microblaze/op_helper.c |4 +-
 target-mips/op_helper.c   |  244 +---
 target-ppc/op_helper.c|   26 ++--
 14 files changed, 475 insertions(+), 284 deletions(-)

-- 
1.7.2.3

[Qemu-devel] [PATCH v2 05/19] target-i386: add floatx_{add, mul, sub} and use them

[Aurelien Jarno]

Add floatx_{add,mul,sub} defines, and use them instead of using direct
C operations.

Reviewed-by: Peter Maydell 
Signed-off-by: Aurelien Jarno 
---
 target-i386/exec.h  |6 ++
 target-i386/op_helper.c |   18 --
 2 files changed, 14 insertions(+), 10 deletions(-)

diff --git a/target-i386/exec.h b/target-i386/exec.h
index 63a23cd..ae6b947 100644
--- a/target-i386/exec.h
+++ b/target-i386/exec.h
@@ -110,6 +110,9 @@ static inline void svm_check_intercept(uint32_t type)
 #define float64_to_floatx float64_to_floatx80
 #define floatx_to_float32 floatx80_to_float32
 #define floatx_to_float64 floatx80_to_float64
+#define floatx_add floatx80_add
+#define floatx_mul floatx80_mul
+#define floatx_sub floatx80_sub
 #define floatx_abs floatx80_abs
 #define floatx_chs floatx80_chs
 #define floatx_round_to_int floatx80_round_to_int
@@ -126,6 +129,9 @@ static inline void svm_check_intercept(uint32_t type)
 #define float64_to_floatx(x, e) (x)
 #define floatx_to_float32 float64_to_float32
 #define floatx_to_float64(x, e) (x)
+#define floatx_add float64_add
+#define floatx_mul float64_mul
+#define floatx_sub float64_sub
 #define floatx_abs float64_abs
 #define floatx_chs float64_chs
 #define floatx_round_to_int float64_round_to_int
diff --git a/target-i386/op_helper.c b/target-i386/op_helper.c
index 43fbd0c..a73427f 100644
--- a/target-i386/op_helper.c
+++ b/target-i386/op_helper.c
@@ -3711,22 +3711,22 @@ void helper_fucomi_ST0_FT0(void)
 
 void helper_fadd_ST0_FT0(void)
 {
-ST0 += FT0;
+ST0 = floatx_add(ST0, FT0, &env->fp_status);
 }
 
 void helper_fmul_ST0_FT0(void)
 {
-ST0 *= FT0;
+ST0 = floatx_mul(ST0, FT0, &env->fp_status);
 }
 
 void helper_fsub_ST0_FT0(void)
 {
-ST0 -= FT0;
+ST0 = floatx_sub(ST0, FT0, &env->fp_status);
 }
 
 void helper_fsubr_ST0_FT0(void)
 {
-ST0 = FT0 - ST0;
+ST0 = floatx_sub(FT0, ST0, &env->fp_status);
 }
 
 void helper_fdiv_ST0_FT0(void)
@@ -3743,24 +3743,22 @@ void helper_fdivr_ST0_FT0(void)
 
 void helper_fadd_STN_ST0(int st_index)
 {
-ST(st_index) += ST0;
+ST(st_index) = floatx_add(ST(st_index), ST0, &env->fp_status);
 }
 
 void helper_fmul_STN_ST0(int st_index)
 {
-ST(st_index) *= ST0;
+ST(st_index) = floatx_mul(ST(st_index), ST0, &env->fp_status);
 }
 
 void helper_fsub_STN_ST0(int st_index)
 {
-ST(st_index) -= ST0;
+ST(st_index) = floatx_sub(ST(st_index), ST0, &env->fp_status);
 }
 
 void helper_fsubr_STN_ST0(int st_index)
 {
-CPU86_LDouble *p;
-p = &ST(st_index);
-*p = ST0 - *p;
+ST(st_index) = floatx_sub(ST0, ST(st_index), &env->fp_status);
 }
 
 void helper_fdiv_STN_ST0(int st_index)
-- 
1.7.2.3

[Qemu-devel] [PATCH v2 04/19] target-i386: use float unions from cpu-all.h

[Aurelien Jarno]

Use float unions from cpu-all.h instead of redefining new (wrong for arm)
ones in target-i386. This also allows building cpu-exec.o with softfloat.

Reviewed-by: Peter Maydell 
Signed-off-by: Aurelien Jarno 
---
 target-i386/exec.h |   27 ++-
 1 files changed, 2 insertions(+), 25 deletions(-)

diff --git a/target-i386/exec.h b/target-i386/exec.h
index 6f9f709..63a23cd 100644
--- a/target-i386/exec.h
+++ b/target-i386/exec.h
@@ -144,13 +144,7 @@ static inline void svm_check_intercept(uint32_t type)
 #ifdef USE_X86LDOUBLE
 
 /* only for x86 */
-typedef union {
-long double d;
-struct {
-unsigned long long lower;
-unsigned short upper;
-} l;
-} CPU86_LDoubleU;
+typedef CPU_LDoubleU CPU86_LDoubleU;
 
 /* the following deal with x86 long double-precision numbers */
 #define MAXEXPD 0x7fff
@@ -162,24 +156,7 @@ typedef union {
 
 #else
 
-/* NOTE: arm is horrible as double 32 bit words are stored in big endian ! */
-typedef union {
-double d;
-#if !defined(HOST_WORDS_BIGENDIAN) && !defined(__arm__)
-struct {
-uint32_t lower;
-int32_t upper;
-} l;
-#else
-struct {
-int32_t upper;
-uint32_t lower;
-} l;
-#endif
-#ifndef __arm__
-int64_t ll;
-#endif
-} CPU86_LDoubleU;
+typedef CPU_DoubleU CPU86_LDoubleU;
 
 /* the following deal with IEEE double-precision numbers */
 #define MAXEXPD 0x7ff
-- 
1.7.2.3

[Qemu-devel] [PATCH v2 02/19] cpu-all.h: define CPU_LDoubleU

[Aurelien Jarno]

Add a CPU_LDoubleU type, matching the floatx80 definition and the long
double type on x86 hosts.

Based on a patch from Laurent Vivier .

Cc: Laurent Vivier 
Reviewed-by: Peter Maydell 
Signed-off-by: Aurelien Jarno 
---
 cpu-all.h |   10 ++
 1 files changed, 10 insertions(+), 0 deletions(-)

diff --git a/cpu-all.h b/cpu-all.h
index dc0f2f0..0bae6df 100644
--- a/cpu-all.h
+++ b/cpu-all.h
@@ -138,6 +138,16 @@ typedef union {
 uint64_t ll;
 } CPU_DoubleU;
 
+#if defined(FLOATX80)
+typedef union {
+ floatx80 d;
+ struct {
+ uint64_t lower;
+ uint16_t upper;
+ } l;
+} CPU_LDoubleU;
+#endif
+
 #if defined(CONFIG_SOFTFLOAT)
 typedef union {
 float128 q;
-- 
1.7.2.3

[Qemu-devel] [PATCH v2 10/19] target-i386: fix CMPUNORDPS/D and CMPORDPS/D instructions

[Aurelien Jarno]

SSE instructions CMPUNORDPS/D and CMPORDPS/D do not trigger an invalid
exception if operands are qNANs.

Reviewed-by: Peter Maydell 
Signed-off-by: Aurelien Jarno 
---
 target-i386/ops_sse.h |4 ++--
 1 files changed, 2 insertions(+), 2 deletions(-)

diff --git a/target-i386/ops_sse.h b/target-i386/ops_sse.h
index 3232abd..986cbe3 100644
--- a/target-i386/ops_sse.h
+++ b/target-i386/ops_sse.h
@@ -924,11 +924,11 @@ void helper_ ## name ## sd (Reg *d, Reg *s)\
 #define FPU_CMPEQ(size, a, b) float ## size ## _eq(a, b, &env->sse_status) ? 
-1 : 0
 #define FPU_CMPLT(size, a, b) float ## size ## _lt(a, b, &env->sse_status) ? 
-1 : 0
 #define FPU_CMPLE(size, a, b) float ## size ## _le(a, b, &env->sse_status) ? 
-1 : 0
-#define FPU_CMPUNORD(size, a, b) float ## size ## _unordered(a, b, 
&env->sse_status) ? - 1 : 0
+#define FPU_CMPUNORD(size, a, b) float ## size ## _unordered_quiet(a, b, 
&env->sse_status) ? - 1 : 0
 #define FPU_CMPNEQ(size, a, b) float ## size ## _eq(a, b, &env->sse_status) ? 
0 : -1
 #define FPU_CMPNLT(size, a, b) float ## size ## _lt(a, b, &env->sse_status) ? 
0 : -1
 #define FPU_CMPNLE(size, a, b) float ## size ## _le(a, b, &env->sse_status) ? 
0 : -1
-#define FPU_CMPORD(size, a, b) float ## size ## _unordered(a, b, 
&env->sse_status) ? 0 : -1
+#define FPU_CMPORD(size, a, b) float ## size ## _unordered_quiet(a, b, 
&env->sse_status) ? 0 : -1
 
 SSE_HELPER_CMP(cmpeq, FPU_CMPEQ)
 SSE_HELPER_CMP(cmplt, FPU_CMPLT)
-- 
1.7.2.3

[Qemu-devel] [PATCH v2 07/19] softfloat-native: add float*_unordered_quiet() functions

[Aurelien Jarno]

Add float*_unordered_quiet() functions to march the softfloat versions.
As FPU status is not tracked with softfloat-native, they don't differ
from the signaling version.

Reviewed-by: Peter Maydell 
Signed-off-by: Aurelien Jarno 
---
 fpu/softfloat-native.h |   15 ---
 1 files changed, 12 insertions(+), 3 deletions(-)

diff --git a/fpu/softfloat-native.h b/fpu/softfloat-native.h
index 80b5f28..406e180 100644
--- a/fpu/softfloat-native.h
+++ b/fpu/softfloat-native.h
@@ -237,7 +237,10 @@ INLINE int float32_lt_quiet( float32 a, float32 b 
STATUS_PARAM)
 INLINE int float32_unordered( float32 a, float32 b STATUS_PARAM)
 {
 return isunordered(a, b);
-
+}
+INLINE int float32_unordered_quiet( float32 a, float32 b STATUS_PARAM)
+{
+return isunordered(a, b);
 }
 int float32_compare( float32, float32 STATUS_PARAM );
 int float32_compare_quiet( float32, float32 STATUS_PARAM );
@@ -346,7 +349,10 @@ INLINE int float64_lt_quiet( float64 a, float64 b 
STATUS_PARAM)
 INLINE int float64_unordered( float64 a, float64 b STATUS_PARAM)
 {
 return isunordered(a, b);
-
+}
+INLINE int float64_unordered_quiet( float64 a, float64 b STATUS_PARAM)
+{
+return isunordered(a, b);
 }
 int float64_compare( float64, float64 STATUS_PARAM );
 int float64_compare_quiet( float64, float64 STATUS_PARAM );
@@ -450,7 +456,10 @@ INLINE int floatx80_lt_quiet( floatx80 a, floatx80 b 
STATUS_PARAM)
 INLINE int floatx80_unordered( floatx80 a, floatx80 b STATUS_PARAM)
 {
 return isunordered(a, b);
-
+}
+INLINE int floatx80_unordered_quiet( floatx80 a, floatx80 b STATUS_PARAM)
+{
+return isunordered(a, b);
 }
 int floatx80_compare( floatx80, floatx80 STATUS_PARAM );
 int floatx80_compare_quiet( floatx80, floatx80 STATUS_PARAM );
-- 
1.7.2.3

[Qemu-devel] [PATCH v2 13/19] softfloat: move float*_eq and float*_eq_quiet

[Aurelien Jarno]

I am not a big fan of code moving, but having the signaling version in
the middle of quiet versions and vice versa doesn't make the code easy
to read.

This patch is a simple code move, basically swapping locations of
float*_eq and float*_eq_quiet.

Reviewed-by: Peter Maydell 
Signed-off-by: Aurelien Jarno 
---
 fpu/softfloat.c |  101 +++
 fpu/softfloat.h |   16 
 2 files changed, 58 insertions(+), 59 deletions(-)

diff --git a/fpu/softfloat.c b/fpu/softfloat.c
index 2e02940..efd718b 100644
--- a/fpu/softfloat.c
+++ b/fpu/softfloat.c
@@ -2314,26 +2314,26 @@ float32 float32_log2( float32 a STATUS_PARAM )
 
 /*
 | Returns 1 if the single-precision floating-point value `a' is equal to
-| the corresponding value `b', and 0 otherwise.  The comparison is performed
+| the corresponding value `b', and 0 otherwise.  The invalid exception is
+| raised if either operand is a NaN.  Otherwise, the comparison is performed
 | according to the IEC/IEEE Standard for Binary Floating-Point Arithmetic.
 **/
 
-int float32_eq_quiet( float32 a, float32 b STATUS_PARAM )
+int float32_eq( float32 a, float32 b STATUS_PARAM )
 {
+uint32_t av, bv;
 a = float32_squash_input_denormal(a STATUS_VAR);
 b = float32_squash_input_denormal(b STATUS_VAR);
 
 if (( ( extractFloat32Exp( a ) == 0xFF ) && extractFloat32Frac( a ) )
  || ( ( extractFloat32Exp( b ) == 0xFF ) && extractFloat32Frac( b ) )
) {
-if ( float32_is_signaling_nan( a ) || float32_is_signaling_nan( b ) ) {
-float_raise( float_flag_invalid STATUS_VAR);
-}
+float_raise( float_flag_invalid STATUS_VAR);
 return 0;
 }
-return ( float32_val(a) == float32_val(b) ) ||
-( (uint32_t) ( ( float32_val(a) | float32_val(b) )<<1 ) == 0 );
-
+av = float32_val(a);
+bv = float32_val(b);
+return ( av == bv ) || ( (uint32_t) ( ( av | bv )<<1 ) == 0 );
 }
 
 /*
@@ -2412,29 +2412,28 @@ int float32_unordered( float32 a, float32 b 
STATUS_PARAM )
 }
 return 0;
 }
+
 /*
 | Returns 1 if the single-precision floating-point value `a' is equal to
-| the corresponding value `b', and 0 otherwise.  The invalid exception is
-| raised if either operand is a NaN.  Otherwise, the comparison is performed
+| the corresponding value `b', and 0 otherwise.  The comparison is performed
 | according to the IEC/IEEE Standard for Binary Floating-Point Arithmetic.
 **/
 
-int float32_eq( float32 a, float32 b STATUS_PARAM )
+int float32_eq_quiet( float32 a, float32 b STATUS_PARAM )
 {
-uint32_t av, bv;
 a = float32_squash_input_denormal(a STATUS_VAR);
 b = float32_squash_input_denormal(b STATUS_VAR);
 
 if (( ( extractFloat32Exp( a ) == 0xFF ) && extractFloat32Frac( a ) )
  || ( ( extractFloat32Exp( b ) == 0xFF ) && extractFloat32Frac( b ) )
) {
-float_raise( float_flag_invalid STATUS_VAR);
+if ( float32_is_signaling_nan( a ) || float32_is_signaling_nan( b ) ) {
+float_raise( float_flag_invalid STATUS_VAR);
+}
 return 0;
 }
-av = float32_val(a);
-bv = float32_val(b);
-return ( av == bv ) || ( (uint32_t) ( ( av | bv )<<1 ) == 0 );
-
+return ( float32_val(a) == float32_val(b) ) ||
+( (uint32_t) ( ( float32_val(a) | float32_val(b) )<<1 ) == 0 );
 }
 
 /*
@@ -3578,11 +3577,12 @@ float64 float64_log2( float64 a STATUS_PARAM )
 
 /*
 | Returns 1 if the double-precision floating-point value `a' is equal to the
-| corresponding value `b', and 0 otherwise.  The comparison is performed
+| corresponding value `b', and 0 otherwise.  The invalid exception is raised
+| if either operand is a NaN.  Otherwise, the comparison is performed
 | according to the IEC/IEEE Standard for Binary Floating-Point Arithmetic.
 **/
 
-int float64_eq_quiet( float64 a, float64 b STATUS_PARAM )
+int float64_eq( float64 a, float64 b STATUS_PARAM )
 {
 uint64_t av, bv;
 a = float64_squash_input_denormal(a STATUS_VAR);
@@ -3591,9 +3591,7 @@ int float64_eq_quiet( float64 a, float64 b STATUS_PARAM )
 if (( ( extractFloat64Exp( a ) == 0x7FF ) && extractFloat64Frac( a ) )
  || ( ( extractFloat64Exp( b ) == 0x7FF ) && extractFloat64Frac( b ) )
) {
-if ( float64_is_signaling_nan( a ) || float64_is_signaling_nan( b ) ) {
-float_raise

[Qemu-devel] [PATCH v2 16/19] target-mips: simplify FP comparisons

[Aurelien Jarno]

As the softfloat comparison functions already test for NaN, there is no
need to always call the float*_unordered*() functions.

Reviewed-by: Peter Maydell 
Signed-off-by: Aurelien Jarno 
---
 target-mips/op_helper.c |   72 +++---
 1 files changed, 36 insertions(+), 36 deletions(-)

diff --git a/target-mips/op_helper.c b/target-mips/op_helper.c
index 31a19ba..abcb6eb 100644
--- a/target-mips/op_helper.c
+++ b/target-mips/op_helper.c
@@ -2893,21 +2893,21 @@ void helper_cmpabs_d_ ## op (uint64_t fdt0, uint64_t 
fdt1, int cc) \
  * but float64_unordered_quiet() is still called. */
 FOP_COND_D(f,   (float64_unordered_quiet(fdt1, fdt0, 
&env->active_fpu.fp_status), 0))
 FOP_COND_D(un,  float64_unordered_quiet(fdt1, fdt0, 
&env->active_fpu.fp_status))
-FOP_COND_D(eq,  !float64_unordered_quiet(fdt1, fdt0, 
&env->active_fpu.fp_status) && float64_eq_quiet(fdt0, fdt1, 
&env->active_fpu.fp_status))
+FOP_COND_D(eq,  float64_eq_quiet(fdt0, fdt1, &env->active_fpu.fp_status))
 FOP_COND_D(ueq, float64_unordered_quiet(fdt1, fdt0, 
&env->active_fpu.fp_status)  || float64_eq_quiet(fdt0, fdt1, 
&env->active_fpu.fp_status))
-FOP_COND_D(olt, !float64_unordered_quiet(fdt1, fdt0, 
&env->active_fpu.fp_status) && float64_lt(fdt0, fdt1, 
&env->active_fpu.fp_status))
-FOP_COND_D(ult, float64_unordered_quiet(fdt1, fdt0, 
&env->active_fpu.fp_status)  || float64_lt(fdt0, fdt1, 
&env->active_fpu.fp_status))
-FOP_COND_D(ole, !float64_unordered_quiet(fdt1, fdt0, 
&env->active_fpu.fp_status) && float64_le(fdt0, fdt1, 
&env->active_fpu.fp_status))
-FOP_COND_D(ule, float64_unordered_quiet(fdt1, fdt0, 
&env->active_fpu.fp_status)  || float64_le(fdt0, fdt1, 
&env->active_fpu.fp_status))
+FOP_COND_D(olt, float64_lt_quiet(fdt0, fdt1, &env->active_fpu.fp_status))
+FOP_COND_D(ult, float64_unordered_quiet(fdt1, fdt0, 
&env->active_fpu.fp_status)  || float64_lt_quiet(fdt0, fdt1, 
&env->active_fpu.fp_status))
+FOP_COND_D(ole, float64_le_quiet(fdt0, fdt1, &env->active_fpu.fp_status))
+FOP_COND_D(ule, float64_unordered_quiet(fdt1, fdt0, 
&env->active_fpu.fp_status)  || float64_le_quiet(fdt0, fdt1, 
&env->active_fpu.fp_status))
 /* NOTE: the comma operator will make "cond" to eval to false,
  * but float64_unordered() is still called. */
 FOP_COND_D(sf,  (float64_unordered(fdt1, fdt0, &env->active_fpu.fp_status), 0))
 FOP_COND_D(ngle,float64_unordered(fdt1, fdt0, &env->active_fpu.fp_status))
-FOP_COND_D(seq, !float64_unordered(fdt1, fdt0, &env->active_fpu.fp_status) && 
float64_eq_quiet(fdt0, fdt1, &env->active_fpu.fp_status))
-FOP_COND_D(ngl, float64_unordered(fdt1, fdt0, &env->active_fpu.fp_status)  || 
float64_eq_quiet(fdt0, fdt1, &env->active_fpu.fp_status))
-FOP_COND_D(lt,  !float64_unordered(fdt1, fdt0, &env->active_fpu.fp_status) && 
float64_lt(fdt0, fdt1, &env->active_fpu.fp_status))
+FOP_COND_D(seq, float64_eq(fdt0, fdt1, &env->active_fpu.fp_status))
+FOP_COND_D(ngl, float64_unordered(fdt1, fdt0, &env->active_fpu.fp_status)  || 
float64_eq(fdt0, fdt1, &env->active_fpu.fp_status))
+FOP_COND_D(lt,  float64_lt(fdt0, fdt1, &env->active_fpu.fp_status))
 FOP_COND_D(nge, float64_unordered(fdt1, fdt0, &env->active_fpu.fp_status)  || 
float64_lt(fdt0, fdt1, &env->active_fpu.fp_status))
-FOP_COND_D(le,  !float64_unordered(fdt1, fdt0, &env->active_fpu.fp_status) && 
float64_le(fdt0, fdt1, &env->active_fpu.fp_status))
+FOP_COND_D(le,  float64_le(fdt0, fdt1, &env->active_fpu.fp_status))
 FOP_COND_D(ngt, float64_unordered(fdt1, fdt0, &env->active_fpu.fp_status)  || 
float64_le(fdt0, fdt1, &env->active_fpu.fp_status))
 
 #define FOP_COND_S(op, cond)   \
@@ -2937,21 +2937,21 @@ void helper_cmpabs_s_ ## op (uint32_t fst0, uint32_t 
fst1, int cc) \
  * but float32_unordered_quiet() is still called. */
 FOP_COND_S(f,   (float32_unordered_quiet(fst1, fst0, 
&env->active_fpu.fp_status), 0))
 FOP_COND_S(un,  float32_unordered_quiet(fst1, fst0, 
&env->active_fpu.fp_status))
-FOP_COND_S(eq,  !float32_unordered_quiet(fst1, fst0, 
&env->active_fpu.fp_status) && float32_eq_quiet(fst0, fst1, 
&env->active_fpu.fp_status))
+FOP_COND_S(eq,  float32_eq_quiet(fst0, fst1, &env->active_fpu.fp_status))
 FOP_COND_S(ueq, float32_unordered_quiet(fst1, fst0, 
&env->active_fpu.fp_status)  || float32_eq_quiet(fst0, fst1, 
&env->active_fpu.fp_status))
-FOP_COND_S(olt, !float32_unordered_quiet(fst1, fst0, 
&env->active_fpu.fp_status) && float32_lt(fst0, fst1, 
&env->active_fpu.fp_status))
-FOP_COND_S(ult, float32_unordered_quiet(fst1, fst0, 
&env->active_fpu.fp_status)  || float32_lt(fst0, fst1, 
&env->active_fpu.fp_status))
-FOP_COND_S(ole, !float32_unordered_quiet(fst1, fst0, 
&env->active_fpu.fp_status) && float32_le(fst0, fst1, 
&env->active_fpu.fp_status))
-FOP_COND_S(ule, float32_unordered_quiet(fst1, fst0, 
&env->active_fpu.fp_status)  || float32_le(fst0, fst1, 
&env->active_fpu.fp_status))
+FOP_COND_S(olt, float32_lt_quiet(fst0, fst1, &env->active_fpu.fp_status))
+FOP_COND_S(ult, float32_unordered_quiet(fst1, f

[Qemu-devel] [PATCH v2 19/19] target-mips: clear softfpu exception state for comparison instructions

[Aurelien Jarno]

MIPS FPU instructions should start with a clean softfpu status. This
is done for the most instructions, but not for comparison ones.

Signed-off-by: Aurelien Jarno 
---
 target-mips/op_helper.c |   41 +
 1 files changed, 25 insertions(+), 16 deletions(-)

diff --git a/target-mips/op_helper.c b/target-mips/op_helper.c
index b35a6d2..8cba535 100644
--- a/target-mips/op_helper.c
+++ b/target-mips/op_helper.c
@@ -2874,7 +2874,9 @@ uint64_t helper_float_mulr_ps(uint64_t fdt0, uint64_t 
fdt1)
 #define FOP_COND_D(op, cond)   \
 void helper_cmp_d_ ## op (uint64_t fdt0, uint64_t fdt1, int cc)\
 {  \
-int c = cond;  \
+int c; \
+set_float_exception_flags(0, &env->active_fpu.fp_status);  \
+c = cond;  \
 update_fcr31();\
 if (c) \
 SET_FP_COND(cc, env->active_fpu);  \
@@ -2884,6 +2886,7 @@ void helper_cmp_d_ ## op (uint64_t fdt0, uint64_t fdt1, 
int cc)\
 void helper_cmpabs_d_ ## op (uint64_t fdt0, uint64_t fdt1, int cc) \
 {  \
 int c; \
+set_float_exception_flags(0, &env->active_fpu.fp_status);  \
 fdt0 = float64_abs(fdt0);  \
 fdt1 = float64_abs(fdt1);  \
 c = cond;  \
@@ -2918,7 +2921,9 @@ FOP_COND_D(ngt, float64_unordered(fdt1, fdt0, 
&env->active_fpu.fp_status)  || fl
 #define FOP_COND_S(op, cond)   \
 void helper_cmp_s_ ## op (uint32_t fst0, uint32_t fst1, int cc)\
 {  \
-int c = cond;  \
+int c; \
+set_float_exception_flags(0, &env->active_fpu.fp_status);  \
+c = cond;  \
 update_fcr31();\
 if (c) \
 SET_FP_COND(cc, env->active_fpu);  \
@@ -2928,6 +2933,7 @@ void helper_cmp_s_ ## op (uint32_t fst0, uint32_t fst1, 
int cc)\
 void helper_cmpabs_s_ ## op (uint32_t fst0, uint32_t fst1, int cc) \
 {  \
 int c; \
+set_float_exception_flags(0, &env->active_fpu.fp_status);  \
 fst0 = float32_abs(fst0);  \
 fst1 = float32_abs(fst1);  \
 c = cond;  \
@@ -2962,13 +2968,15 @@ FOP_COND_S(ngt, float32_unordered(fst1, fst0, 
&env->active_fpu.fp_status)  || fl
 #define FOP_COND_PS(op, condl, condh)   \
 void helper_cmp_ps_ ## op (uint64_t fdt0, uint64_t fdt1, int cc)\
 {   \
-uint32_t fst0 = fdt0 & 0X;  \
-uint32_t fsth0 = fdt0 >> 32;\
-uint32_t fst1 = fdt1 & 0X;  \
-uint32_t fsth1 = fdt1 >> 32;\
-int cl = condl; \
-int ch = condh; \
-\
+uint32_t fst0, fsth0, fst1, fsth1;  \
+int ch, cl; \
+set_float_exception_flags(0, &env->active_fpu.fp_status);   \
+fst0 = fdt0 & 0X;   \
+fsth0 = fdt0 >> 32; \
+fst1 = fdt1 & 0X;   \
+fsth1 = fdt1 >> 32; \
+cl = condl; \
+ch = condh; \
 update_fcr31(); \
 if (cl) \
 SET_FP_COND(cc, env->active_fpu);   \
@@ -2981,13 +2989,14 @@ void helper_cmp_ps_ ## op (uint64_t fdt0, uint64_t 
fdt1, int cc)\
 }   \
 void helper_cmpabs_ps_ ## op (uint64_t fdt0, uint64_t fdt1, int cc) \
 {   \
-uint32_t fst0 = float32_abs(fd

[Qemu-devel] [PATCH v2 01/19] softfloat: use GCC builtins to count the leading zeros

[Aurelien Jarno]

Softfloat has its own implementation to count the leading zeros. However
a lot of architectures have either a dedicated instruction or an
optimized to do that. When using GCC >= 3.4, this patch uses GCC builtins
instead of the handcoded implementation.

Note that I amware that QEMU_GNUC_PREREQ is defined in osdep.h and that
clz32() and clz64() are defined in host-utils.h, but I think it is better
to keep the softfloat implemntation self contained.

Reviewed-by: Peter Maydell 
Signed-off-by: Aurelien Jarno 
---
 fpu/softfloat-macros.h |   29 +++--
 1 files changed, 27 insertions(+), 2 deletions(-)

diff --git a/fpu/softfloat-macros.h b/fpu/softfloat-macros.h
index 3128e60..e82ce23 100644
--- a/fpu/softfloat-macros.h
+++ b/fpu/softfloat-macros.h
@@ -36,6 +36,17 @@ these four paragraphs for those parts of this code that are 
retained.
 =*/
 
 /*
+| This macro tests for minimum version of the GNU C compiler.
+**/
+#if defined(__GNUC__) && defined(__GNUC_MINOR__)
+# define SOFTFLOAT_GNUC_PREREQ(maj, min) \
+ ((__GNUC__ << 16) + __GNUC_MINOR__ >= ((maj) << 16) + (min))
+#else
+# define SOFTFLOAT_GNUC_PREREQ(maj, min) 0
+#endif
+
+
+/*
 | Shifts `a' right by the number of bits given in `count'.  If any nonzero
 | bits are shifted off, they are ``jammed'' into the least significant bit of
 | the result by setting the least significant bit to 1.  The value of `count'
@@ -616,6 +627,13 @@ static uint32_t estimateSqrt32( int16 aExp, uint32_t a )
 
 static int8 countLeadingZeros32( uint32_t a )
 {
+#if SOFTFLOAT_GNUC_PREREQ(3, 4)
+if (a) {
+return __builtin_clz(a);
+} else {
+return 32;
+}
+#else
 static const int8 countLeadingZerosHigh[] = {
 8, 7, 6, 6, 5, 5, 5, 5, 4, 4, 4, 4, 4, 4, 4, 4,
 3, 3, 3, 3, 3, 3, 3, 3, 3, 3, 3, 3, 3, 3, 3, 3,
@@ -647,7 +665,7 @@ static int8 countLeadingZeros32( uint32_t a )
 }
 shiftCount += countLeadingZerosHigh[ a>>24 ];
 return shiftCount;
-
+#endif
 }
 
 /*
@@ -657,6 +675,13 @@ static int8 countLeadingZeros32( uint32_t a )
 
 static int8 countLeadingZeros64( uint64_t a )
 {
+#if SOFTFLOAT_GNUC_PREREQ(3, 4)
+if (a) {
+return __builtin_clzll(a);
+} else {
+return 64;
+}
+#else
 int8 shiftCount;
 
 shiftCount = 0;
@@ -668,7 +693,7 @@ static int8 countLeadingZeros64( uint64_t a )
 }
 shiftCount += countLeadingZeros32( a );
 return shiftCount;
-
+#endif
 }
 
 /*
-- 
1.7.2.3

[Qemu-devel] [PATCH v2 03/19] target-i386: use CPU_LDoubleU instead of a private union

[Aurelien Jarno]

Use CPU_LDoubleU in cpu_dump_state() instead of redefining a union for
doing the conversion.

Based on a patch from Laurent Vivier .

Cc: Laurent Vivier 
Reviewed-by: Peter Maydell 
Signed-off-by: Aurelien Jarno 
---
 target-i386/helper.c |   12 +++-
 1 files changed, 3 insertions(+), 9 deletions(-)

diff --git a/target-i386/helper.c b/target-i386/helper.c
index d15fca5..89df997 100644
--- a/target-i386/helper.c
+++ b/target-i386/helper.c
@@ -404,16 +404,10 @@ void cpu_dump_state(CPUState *env, FILE *f, 
fprintf_function cpu_fprintf,
 env->mxcsr);
 for(i=0;i<8;i++) {
 #if defined(USE_X86LDOUBLE)
-union {
-long double d;
-struct {
-uint64_t lower;
-uint16_t upper;
-} l;
-} tmp;
-tmp.d = env->fpregs[i].d;
+CPU_LDoubleU u;
+u.d = env->fpregs[i].d;
 cpu_fprintf(f, "FPR%d=%016" PRIx64 " %04x",
-i, tmp.l.lower, tmp.l.upper);
+i, u.l.lower, u.l.upper);
 #else
 cpu_fprintf(f, "FPR%d=%016" PRIx64,
 i, env->fpregs[i].mmx.q);
-- 
1.7.2.3

[Qemu-devel] [PATCH v2 18/19] target-mips: fix c.ps.* instructions

[Aurelien Jarno]

Contrary to cabs.ps.* instructions, c.ps.* should not compare the absolute
value of the operand, but directly the operands.

Signed-off-by: Aurelien Jarno 
---
 target-mips/op_helper.c |8 
 1 files changed, 4 insertions(+), 4 deletions(-)

diff --git a/target-mips/op_helper.c b/target-mips/op_helper.c
index 0a62361..b35a6d2 100644
--- a/target-mips/op_helper.c
+++ b/target-mips/op_helper.c
@@ -2962,10 +2962,10 @@ FOP_COND_S(ngt, float32_unordered(fst1, fst0, 
&env->active_fpu.fp_status)  || fl
 #define FOP_COND_PS(op, condl, condh)   \
 void helper_cmp_ps_ ## op (uint64_t fdt0, uint64_t fdt1, int cc)\
 {   \
-uint32_t fst0 = float32_abs(fdt0 & 0X); \
-uint32_t fsth0 = float32_abs(fdt0 >> 32);   \
-uint32_t fst1 = float32_abs(fdt1 & 0X); \
-uint32_t fsth1 = float32_abs(fdt1 >> 32);   \
+uint32_t fst0 = fdt0 & 0X;  \
+uint32_t fsth0 = fdt0 >> 32;\
+uint32_t fst1 = fdt1 & 0X;  \
+uint32_t fsth1 = fdt1 >> 32;\
 int cl = condl; \
 int ch = condh; \
 \
-- 
1.7.2.3

[Qemu-devel] [PATCH v2 08/19] target-alpha: use new float64_unordered_quiet() function

[Aurelien Jarno]

Use float64_unordered_quiet() in helper_cmptun() instead of doing the
the comparison manually.

According to the "Alpha Compiler Writer's Guide", we should use the
_quiet version here, as CMPTUN and CMPTEQ should generate InvalidOp
for SNaNs but not for QNaNs.

Thanks to Peter Maydell  and Richard
Henderson  for digging into the manuals.

Signed-off-by: Aurelien Jarno 
---
 target-alpha/op_helper.c |5 +++--
 1 files changed, 3 insertions(+), 2 deletions(-)

v2: use float64_unordered_quiet() instead of float64_unordered()

diff --git a/target-alpha/op_helper.c b/target-alpha/op_helper.c
index 6c2ae20..36f4f6d 100644
--- a/target-alpha/op_helper.c
+++ b/target-alpha/op_helper.c
@@ -904,10 +904,11 @@ uint64_t helper_cmptun (uint64_t a, uint64_t b)
 fa = t_to_float64(a);
 fb = t_to_float64(b);
 
-if (float64_is_quiet_nan(fa) || float64_is_quiet_nan(fb))
+if (float64_unordered_quiet(fa, fb, &FP_STATUS)) {
 return 0x4000ULL;
-else
+} else {
 return 0;
+}
 }
 
 uint64_t helper_cmpteq(uint64_t a, uint64_t b)
-- 
1.7.2.3

[Qemu-devel] [PATCH v2 14/19] softfloat: improve description of comparison functions

[Aurelien Jarno]

Make clear for all comparison functions which ones trigger an exception
for all NaNs, and which one only for sNaNs.

Reviewed-by: Peter Maydell 
Signed-off-by: Aurelien Jarno 
---
 fpu/softfloat.c |   85 +++
 1 files changed, 48 insertions(+), 37 deletions(-)

diff --git a/fpu/softfloat.c b/fpu/softfloat.c
index efd718b..6ce0b61 100644
--- a/fpu/softfloat.c
+++ b/fpu/softfloat.c
@@ -2338,9 +2338,9 @@ int float32_eq( float32 a, float32 b STATUS_PARAM )
 
 /*
 | Returns 1 if the single-precision floating-point value `a' is less than
-| or equal to the corresponding value `b', and 0 otherwise.  The comparison
-| is performed according to the IEC/IEEE Standard for Binary Floating-Point
-| Arithmetic.
+| or equal to the corresponding value `b', and 0 otherwise.  The invalid
+| exception is raised if either operand is a NaN.  The comparison is performed
+| according to the IEC/IEEE Standard for Binary Floating-Point Arithmetic.
 **/
 
 int float32_le( float32 a, float32 b STATUS_PARAM )
@@ -2367,8 +2367,9 @@ int float32_le( float32 a, float32 b STATUS_PARAM )
 
 /*
 | Returns 1 if the single-precision floating-point value `a' is less than
-| the corresponding value `b', and 0 otherwise.  The comparison is performed
-| according to the IEC/IEEE Standard for Binary Floating-Point Arithmetic.
+| the corresponding value `b', and 0 otherwise.  The invalid exception is
+| raised if either operand is a NaN.  The comparison is performed according
+| to the IEC/IEEE Standard for Binary Floating-Point Arithmetic.
 **/
 
 int float32_lt( float32 a, float32 b STATUS_PARAM )
@@ -2395,8 +2396,9 @@ int float32_lt( float32 a, float32 b STATUS_PARAM )
 
 /*
 | Returns 1 if the single-precision floating-point values `a' and `b' cannot
-| be compared, and 0 otherwise.  The comparison is performed according to the
-| IEC/IEEE Standard for Binary Floating-Point Arithmetic.
+| be compared, and 0 otherwise.  The invalid exception is raised if either
+| operand is a NaN.  The comparison is performed according to the IEC/IEEE
+| Standard for Binary Floating-Point Arithmetic.
 **/
 
 int float32_unordered( float32 a, float32 b STATUS_PARAM )
@@ -2415,8 +2417,9 @@ int float32_unordered( float32 a, float32 b STATUS_PARAM )
 
 /*
 | Returns 1 if the single-precision floating-point value `a' is equal to
-| the corresponding value `b', and 0 otherwise.  The comparison is performed
-| according to the IEC/IEEE Standard for Binary Floating-Point Arithmetic.
+| the corresponding value `b', and 0 otherwise.  Quiet NaNs do not cause an
+| exception.  The comparison is performed according to the IEC/IEEE Standard
+| for Binary Floating-Point Arithmetic.
 **/
 
 int float32_eq_quiet( float32 a, float32 b STATUS_PARAM )
@@ -3602,9 +3605,9 @@ int float64_eq( float64 a, float64 b STATUS_PARAM )
 
 /*
 | Returns 1 if the double-precision floating-point value `a' is less than or
-| equal to the corresponding value `b', and 0 otherwise.  The comparison is
-| performed according to the IEC/IEEE Standard for Binary Floating-Point
-| Arithmetic.
+| equal to the corresponding value `b', and 0 otherwise.  The invalid
+| exception is raised if either operand is a NaN.  The comparison is performed
+| according to the IEC/IEEE Standard for Binary Floating-Point Arithmetic.
 **/
 
 int float64_le( float64 a, float64 b STATUS_PARAM )
@@ -3631,8 +3634,9 @@ int float64_le( float64 a, float64 b STATUS_PARAM )
 
 /*
 | Returns 1 if the double-precision floating-point value `a' is less than
-| the corresponding value `b', and 0 otherwise.  The comparison is performed
-| according to the IEC/IEEE Standard for Binary Floating-Point Arithmetic.
+| the corresponding value `b', and 0 otherwise.  The invalid exception is
+| raised if either operand is a NaN.  The comparison is performed according
+| to the IEC/IEEE Standard for Binary Floating-Point Arithmetic.
 **/
 
 int float64_lt( float64 a, float64 b STATUS_PARAM )
@@ -3659,8 +3663,9 @@ int float64_lt( float64 a, float64 b STATUS_PARAM )
 
 /*-

[Qemu-devel] [PATCH v2 17/19] target-mips: don't hardcode softfloat exception bits

[Aurelien Jarno]

Reviewed-by: Peter Maydell 
Signed-off-by: Aurelien Jarno 
---
 target-mips/op_helper.c |   35 ---
 1 files changed, 20 insertions(+), 15 deletions(-)

diff --git a/target-mips/op_helper.c b/target-mips/op_helper.c
index abcb6eb..0a62361 100644
--- a/target-mips/op_helper.c
+++ b/target-mips/op_helper.c
@@ -2077,22 +2077,27 @@ void helper_ctc1 (target_ulong arg1, uint32_t reg)
 helper_raise_exception(EXCP_FPE);
 }
 
-static inline char ieee_ex_to_mips(char xcpt)
+static inline int ieee_ex_to_mips(int xcpt)
 {
-return (xcpt & float_flag_inexact) >> 5 |
-   (xcpt & float_flag_underflow) >> 3 |
-   (xcpt & float_flag_overflow) >> 1 |
-   (xcpt & float_flag_divbyzero) << 1 |
-   (xcpt & float_flag_invalid) << 4;
-}
-
-static inline char mips_ex_to_ieee(char xcpt)
-{
-return (xcpt & FP_INEXACT) << 5 |
-   (xcpt & FP_UNDERFLOW) << 3 |
-   (xcpt & FP_OVERFLOW) << 1 |
-   (xcpt & FP_DIV0) >> 1 |
-   (xcpt & FP_INVALID) >> 4;
+int ret = 0;
+if (xcpt) {
+if (xcpt & float_flag_invalid) {
+ret |= FP_INVALID;
+}
+if (xcpt & float_flag_overflow) {
+ret |= FP_OVERFLOW;
+}
+if (xcpt & float_flag_underflow) {
+ret |= FP_UNDERFLOW;
+}
+if (xcpt & float_flag_divbyzero) {
+ret |= FP_DIV0;
+}
+if (xcpt & float_flag_inexact) {
+ret |= FP_INEXACT;
+}
+}
+return ret;
 }
 
 static inline void update_fcr31(void)
-- 
1.7.2.3

[Qemu-devel] [PATCH v2 09/19] target-mips: use new float*_unordered*() functions

[Aurelien Jarno]

Use the new float*_unordered*() functions from softfloat instead of
redefining a private version.

Reviewed-by: Peter Maydell 
Signed-off-by: Aurelien Jarno 
---
 target-mips/op_helper.c |  168 ---
 1 files changed, 70 insertions(+), 98 deletions(-)

diff --git a/target-mips/op_helper.c b/target-mips/op_helper.c
index bd16ce3..e9de692 100644
--- a/target-mips/op_helper.c
+++ b/target-mips/op_helper.c
@@ -2889,40 +2889,26 @@ void helper_cmpabs_d_ ## op (uint64_t fdt0, uint64_t 
fdt1, int cc) \
 CLEAR_FP_COND(cc, env->active_fpu);\
 }
 
-static int float64_is_unordered(int sig, float64 a, float64 b STATUS_PARAM)
-{
-if (float64_is_signaling_nan(a) ||
-float64_is_signaling_nan(b) ||
-(sig && (float64_is_quiet_nan(a) || float64_is_quiet_nan(b {
-float_raise(float_flag_invalid, status);
-return 1;
-} else if (float64_is_quiet_nan(a) || float64_is_quiet_nan(b)) {
-return 1;
-} else {
-return 0;
-}
-}
-
 /* NOTE: the comma operator will make "cond" to eval to false,
- * but float*_is_unordered() is still called. */
-FOP_COND_D(f,   (float64_is_unordered(0, fdt1, fdt0, 
&env->active_fpu.fp_status), 0))
-FOP_COND_D(un,  float64_is_unordered(0, fdt1, fdt0, 
&env->active_fpu.fp_status))
-FOP_COND_D(eq,  !float64_is_unordered(0, fdt1, fdt0, 
&env->active_fpu.fp_status) && float64_eq(fdt0, fdt1, 
&env->active_fpu.fp_status))
-FOP_COND_D(ueq, float64_is_unordered(0, fdt1, fdt0, 
&env->active_fpu.fp_status)  || float64_eq(fdt0, fdt1, 
&env->active_fpu.fp_status))
-FOP_COND_D(olt, !float64_is_unordered(0, fdt1, fdt0, 
&env->active_fpu.fp_status) && float64_lt(fdt0, fdt1, 
&env->active_fpu.fp_status))
-FOP_COND_D(ult, float64_is_unordered(0, fdt1, fdt0, 
&env->active_fpu.fp_status)  || float64_lt(fdt0, fdt1, 
&env->active_fpu.fp_status))
-FOP_COND_D(ole, !float64_is_unordered(0, fdt1, fdt0, 
&env->active_fpu.fp_status) && float64_le(fdt0, fdt1, 
&env->active_fpu.fp_status))
-FOP_COND_D(ule, float64_is_unordered(0, fdt1, fdt0, 
&env->active_fpu.fp_status)  || float64_le(fdt0, fdt1, 
&env->active_fpu.fp_status))
+ * but float64_unordered_quiet() is still called. */
+FOP_COND_D(f,   (float64_unordered_quiet(fdt1, fdt0, 
&env->active_fpu.fp_status), 0))
+FOP_COND_D(un,  float64_unordered_quiet(fdt1, fdt0, 
&env->active_fpu.fp_status))
+FOP_COND_D(eq,  !float64_unordered_quiet(fdt1, fdt0, 
&env->active_fpu.fp_status) && float64_eq(fdt0, fdt1, 
&env->active_fpu.fp_status))
+FOP_COND_D(ueq, float64_unordered_quiet(fdt1, fdt0, 
&env->active_fpu.fp_status)  || float64_eq(fdt0, fdt1, 
&env->active_fpu.fp_status))
+FOP_COND_D(olt, !float64_unordered_quiet(fdt1, fdt0, 
&env->active_fpu.fp_status) && float64_lt(fdt0, fdt1, 
&env->active_fpu.fp_status))
+FOP_COND_D(ult, float64_unordered_quiet(fdt1, fdt0, 
&env->active_fpu.fp_status)  || float64_lt(fdt0, fdt1, 
&env->active_fpu.fp_status))
+FOP_COND_D(ole, !float64_unordered_quiet(fdt1, fdt0, 
&env->active_fpu.fp_status) && float64_le(fdt0, fdt1, 
&env->active_fpu.fp_status))
+FOP_COND_D(ule, float64_unordered_quiet(fdt1, fdt0, 
&env->active_fpu.fp_status)  || float64_le(fdt0, fdt1, 
&env->active_fpu.fp_status))
 /* NOTE: the comma operator will make "cond" to eval to false,
- * but float*_is_unordered() is still called. */
-FOP_COND_D(sf,  (float64_is_unordered(1, fdt1, fdt0, 
&env->active_fpu.fp_status), 0))
-FOP_COND_D(ngle,float64_is_unordered(1, fdt1, fdt0, 
&env->active_fpu.fp_status))
-FOP_COND_D(seq, !float64_is_unordered(1, fdt1, fdt0, 
&env->active_fpu.fp_status) && float64_eq(fdt0, fdt1, 
&env->active_fpu.fp_status))
-FOP_COND_D(ngl, float64_is_unordered(1, fdt1, fdt0, 
&env->active_fpu.fp_status)  || float64_eq(fdt0, fdt1, 
&env->active_fpu.fp_status))
-FOP_COND_D(lt,  !float64_is_unordered(1, fdt1, fdt0, 
&env->active_fpu.fp_status) && float64_lt(fdt0, fdt1, 
&env->active_fpu.fp_status))
-FOP_COND_D(nge, float64_is_unordered(1, fdt1, fdt0, 
&env->active_fpu.fp_status)  || float64_lt(fdt0, fdt1, 
&env->active_fpu.fp_status))
-FOP_COND_D(le,  !float64_is_unordered(1, fdt1, fdt0, 
&env->active_fpu.fp_status) && float64_le(fdt0, fdt1, 
&env->active_fpu.fp_status))
-FOP_COND_D(ngt, float64_is_unordered(1, fdt1, fdt0, 
&env->active_fpu.fp_status)  || float64_le(fdt0, fdt1, 
&env->active_fpu.fp_status))
+ * but float64_unordered() is still called. */
+FOP_COND_D(sf,  (float64_unordered(fdt1, fdt0, &env->active_fpu.fp_status), 0))
+FOP_COND_D(ngle,float64_unordered(fdt1, fdt0, &env->active_fpu.fp_status))
+FOP_COND_D(seq, !float64_unordered(fdt1, fdt0, &env->active_fpu.fp_status) && 
float64_eq(fdt0, fdt1, &env->active_fpu.fp_status))
+FOP_COND_D(ngl, float64_unordered(fdt1, fdt0, &env->active_fpu.fp_status)  || 
float64_eq(fdt0, fdt1, &env->active_fpu.fp_status))
+FOP_COND_D(lt,  !float64_unordered(fdt1, fdt0, &env->active_fpu.fp_status) && 
float64_lt(fdt0, fdt1, &env->active_fpu.fp_status))
+FOP_COND_D(nge, float64_unordered(fdt1, fdt0, &env

[Qemu-devel] [PATCH v2 11/19] softfloat: rename float*_eq() into float*_eq_quiet()

[Aurelien Jarno]

float*_eq functions have a different semantics than other comparison
functions. Fix that by first renaming float*_quiet() into float*_eq_quiet().

Note that it is purely mechanical, and the behaviour should be unchanged.
That said it clearly highlight problems due to this different semantics,
they are fixed later in this patch series.

Cc: Edgar E. Iglesias 
Cc: Alexander Graf 
Reviewed-by: Peter Maydell 
Signed-off-by: Aurelien Jarno 
---
 fpu/softfloat-native.h|6 +++---
 fpu/softfloat.c   |8 
 fpu/softfloat.h   |8 
 linux-user/arm/nwfpe/fpa11_cprt.c |2 +-
 target-alpha/op_helper.c  |4 ++--
 target-i386/ops_sse.h |8 
 target-microblaze/op_helper.c |4 ++--
 target-mips/op_helper.c   |   32 
 target-ppc/op_helper.c|4 ++--
 9 files changed, 38 insertions(+), 38 deletions(-)

diff --git a/fpu/softfloat-native.h b/fpu/softfloat-native.h
index 406e180..0c7f48b 100644
--- a/fpu/softfloat-native.h
+++ b/fpu/softfloat-native.h
@@ -210,7 +210,7 @@ INLINE float32 float32_div( float32 a, float32 b 
STATUS_PARAM)
 }
 float32 float32_rem( float32, float32  STATUS_PARAM);
 float32 float32_sqrt( float32  STATUS_PARAM);
-INLINE int float32_eq( float32 a, float32 b STATUS_PARAM)
+INLINE int float32_eq_quiet( float32 a, float32 b STATUS_PARAM)
 {
 return a == b;
 }
@@ -321,7 +321,7 @@ INLINE float64 float64_div( float64 a, float64 b 
STATUS_PARAM)
 }
 float64 float64_rem( float64, float64 STATUS_PARAM );
 float64 float64_sqrt( float64 STATUS_PARAM );
-INLINE int float64_eq( float64 a, float64 b STATUS_PARAM)
+INLINE int float64_eq_quiet( float64 a, float64 b STATUS_PARAM)
 {
 return a == b;
 }
@@ -428,7 +428,7 @@ INLINE floatx80 floatx80_div( floatx80 a, floatx80 b 
STATUS_PARAM)
 }
 floatx80 floatx80_rem( floatx80, floatx80 STATUS_PARAM );
 floatx80 floatx80_sqrt( floatx80 STATUS_PARAM );
-INLINE int floatx80_eq( floatx80 a, floatx80 b STATUS_PARAM)
+INLINE int floatx80_eq_quiet( floatx80 a, floatx80 b STATUS_PARAM)
 {
 return a == b;
 }
diff --git a/fpu/softfloat.c b/fpu/softfloat.c
index 11f6584..492ef36 100644
--- a/fpu/softfloat.c
+++ b/fpu/softfloat.c
@@ -2318,7 +2318,7 @@ float32 float32_log2( float32 a STATUS_PARAM )
 | according to the IEC/IEEE Standard for Binary Floating-Point Arithmetic.
 **/
 
-int float32_eq( float32 a, float32 b STATUS_PARAM )
+int float32_eq_quiet( float32 a, float32 b STATUS_PARAM )
 {
 a = float32_squash_input_denormal(a STATUS_VAR);
 b = float32_squash_input_denormal(b STATUS_VAR);
@@ -3582,7 +3582,7 @@ float64 float64_log2( float64 a STATUS_PARAM )
 | according to the IEC/IEEE Standard for Binary Floating-Point Arithmetic.
 **/
 
-int float64_eq( float64 a, float64 b STATUS_PARAM )
+int float64_eq_quiet( float64 a, float64 b STATUS_PARAM )
 {
 uint64_t av, bv;
 a = float64_squash_input_denormal(a STATUS_VAR);
@@ -4592,7 +4592,7 @@ floatx80 floatx80_sqrt( floatx80 a STATUS_PARAM )
 | Arithmetic.
 **/
 
-int floatx80_eq( floatx80 a, floatx80 b STATUS_PARAM )
+int floatx80_eq_quiet( floatx80 a, floatx80 b STATUS_PARAM )
 {
 
 if ((( extractFloatx80Exp( a ) == 0x7FFF )
@@ -5754,7 +5754,7 @@ float128 float128_sqrt( float128 a STATUS_PARAM )
 | according to the IEC/IEEE Standard for Binary Floating-Point Arithmetic.
 **/
 
-int float128_eq( float128 a, float128 b STATUS_PARAM )
+int float128_eq_quiet( float128 a, float128 b STATUS_PARAM )
 {
 
 if ((( extractFloat128Exp( a ) == 0x7FFF )
diff --git a/fpu/softfloat.h b/fpu/softfloat.h
index 55c0c1c..738a50c 100644
--- a/fpu/softfloat.h
+++ b/fpu/softfloat.h
@@ -320,7 +320,7 @@ float32 float32_rem( float32, float32 STATUS_PARAM );
 float32 float32_sqrt( float32 STATUS_PARAM );
 float32 float32_exp2( float32 STATUS_PARAM );
 float32 float32_log2( float32 STATUS_PARAM );
-int float32_eq( float32, float32 STATUS_PARAM );
+int float32_eq_quiet( float32, float32 STATUS_PARAM );
 int float32_le( float32, float32 STATUS_PARAM );
 int float32_lt( float32, float32 STATUS_PARAM );
 int float32_unordered( float32, float32 STATUS_PARAM );
@@ -436,7 +436,7 @@ float64 float64_div( float64, float64 STATUS_PARAM );
 float64 float64_rem( float64, float64 STATUS_PARAM );
 float64 float64_sqrt( float64 STATUS_PARAM );
 float64 float64_log2( float64 STATUS_PARAM );
-int float64_eq( float64, float64 STATUS_PARAM );
+int float64_eq_quiet( float64, float64 STATUS_PARAM );
 int float64_le( float64, float64 STATUS_PARAM );
 int float64_lt( float64, float64 STATUS_PARAM );
 int float64_unordered( float64, float64 STATUS_PARAM );
@@ -539,7 +539,7 @@ f

[Qemu-devel] [PATCH v2 06/19] softfloat: add float*_unordered_{, quiet}() functions

[Aurelien Jarno]

Add float*_unordered() functions to softfloat, matching the softfloat-native
ones. Also add float*_unordered_quiet() functions to match the others
comparison functions.

This allow target-i386/ops_sse.h to be compiled with softfloat.

Reviewed-by: Peter Maydell 
Signed-off-by: Aurelien Jarno 
---
 fpu/softfloat.c |  167 +++
 fpu/softfloat.h |8 +++
 2 files changed, 175 insertions(+), 0 deletions(-)

diff --git a/fpu/softfloat.c b/fpu/softfloat.c
index 03fb948..11f6584 100644
--- a/fpu/softfloat.c
+++ b/fpu/softfloat.c
@@ -2394,6 +2394,25 @@ int float32_lt( float32 a, float32 b STATUS_PARAM )
 }
 
 /*
+| Returns 1 if the single-precision floating-point values `a' and `b' cannot
+| be compared, and 0 otherwise.  The comparison is performed according to the
+| IEC/IEEE Standard for Binary Floating-Point Arithmetic.
+**/
+
+int float32_unordered( float32 a, float32 b STATUS_PARAM )
+{
+a = float32_squash_input_denormal(a STATUS_VAR);
+b = float32_squash_input_denormal(b STATUS_VAR);
+
+if (( ( extractFloat32Exp( a ) == 0xFF ) && extractFloat32Frac( a ) )
+ || ( ( extractFloat32Exp( b ) == 0xFF ) && extractFloat32Frac( b ) )
+   ) {
+float_raise( float_flag_invalid STATUS_VAR);
+return 1;
+}
+return 0;
+}
+/*
 | Returns 1 if the single-precision floating-point value `a' is equal to
 | the corresponding value `b', and 0 otherwise.  The invalid exception is
 | raised if either operand is a NaN.  Otherwise, the comparison is performed
@@ -2481,6 +2500,29 @@ int float32_lt_quiet( float32 a, float32 b STATUS_PARAM )
 }
 
 /*
+| Returns 1 if the single-precision floating-point values `a' and `b' cannot
+| be compared, and 0 otherwise.  Quiet NaNs do not cause an exception.  The
+| comparison is performed according to the IEC/IEEE Standard for Binary
+| Floating-Point Arithmetic.
+**/
+
+int float32_unordered_quiet( float32 a, float32 b STATUS_PARAM )
+{
+a = float32_squash_input_denormal(a STATUS_VAR);
+b = float32_squash_input_denormal(b STATUS_VAR);
+
+if (( ( extractFloat32Exp( a ) == 0xFF ) && extractFloat32Frac( a ) )
+ || ( ( extractFloat32Exp( b ) == 0xFF ) && extractFloat32Frac( b ) )
+   ) {
+if ( float32_is_signaling_nan( a ) || float32_is_signaling_nan( b ) ) {
+float_raise( float_flag_invalid STATUS_VAR);
+}
+return 1;
+}
+return 0;
+}
+
+/*
 | Returns the result of converting the double-precision floating-point value
 | `a' to the 32-bit two's complement integer format.  The conversion is
 | performed according to the IEC/IEEE Standard for Binary Floating-Point
@@ -3618,6 +3660,26 @@ int float64_lt( float64 a, float64 b STATUS_PARAM )
 }
 
 /*
+| Returns 1 if the double-precision floating-point values `a' and `b' cannot
+| be compared, and 0 otherwise.  The comparison is performed according to the
+| IEC/IEEE Standard for Binary Floating-Point Arithmetic.
+**/
+
+int float64_unordered( float64 a, float64 b STATUS_PARAM )
+{
+a = float64_squash_input_denormal(a STATUS_VAR);
+b = float64_squash_input_denormal(b STATUS_VAR);
+
+if (( ( extractFloat64Exp( a ) == 0x7FF ) && extractFloat64Frac( a ) )
+ || ( ( extractFloat64Exp( b ) == 0x7FF ) && extractFloat64Frac( b ) )
+   ) {
+float_raise( float_flag_invalid STATUS_VAR);
+return 1;
+}
+return 0;
+}
+
+/*
 | Returns 1 if the double-precision floating-point value `a' is equal to the
 | corresponding value `b', and 0 otherwise.  The invalid exception is raised
 | if either operand is a NaN.  Otherwise, the comparison is performed
@@ -3704,6 +3766,29 @@ int float64_lt_quiet( float64 a, float64 b STATUS_PARAM )
 
 }
 
+/*
+| Returns 1 if the double-precision floating-point values `a' and `b' cannot
+| be compared, and 0 otherwise.  Quiet NaNs do not cause an exception.  The
+| comparison is performed according to the IEC/IEEE Standard for Binary
+| Floating-Point Arithmetic.
+**/
+
+int float64_unordered_quiet( float64 a, float64 b STATUS_PARAM )
+{
+a = float64_squash_input_denormal(a STATUS_VAR);
+b = flo

[Qemu-devel] [PATCH v2 12/19] softfloat: rename float*_eq_signaling() into float*_eq()

[Aurelien Jarno]

float*_eq_signaling functions have a different semantics than other
comparison functions. Fix that by renaming float*_quiet_signaling() into
float*_eq().

Note that it is purely mechanical, and the behaviour should be unchanged.

Reviewed-by: Peter Maydell 
Signed-off-by: Aurelien Jarno 
---
 fpu/softfloat-native.h |6 +++---
 fpu/softfloat.c|8 
 fpu/softfloat.h|8 
 3 files changed, 11 insertions(+), 11 deletions(-)

diff --git a/fpu/softfloat-native.h b/fpu/softfloat-native.h
index 0c7f48b..ea7a15e 100644
--- a/fpu/softfloat-native.h
+++ b/fpu/softfloat-native.h
@@ -222,7 +222,7 @@ INLINE int float32_lt( float32 a, float32 b STATUS_PARAM)
 {
 return a < b;
 }
-INLINE int float32_eq_signaling( float32 a, float32 b STATUS_PARAM)
+INLINE int float32_eq( float32 a, float32 b STATUS_PARAM)
 {
 return a <= b && a >= b;
 }
@@ -333,7 +333,7 @@ INLINE int float64_lt( float64 a, float64 b STATUS_PARAM)
 {
 return a < b;
 }
-INLINE int float64_eq_signaling( float64 a, float64 b STATUS_PARAM)
+INLINE int float64_eq( float64 a, float64 b STATUS_PARAM)
 {
 return a <= b && a >= b;
 }
@@ -440,7 +440,7 @@ INLINE int floatx80_lt( floatx80 a, floatx80 b STATUS_PARAM)
 {
 return a < b;
 }
-INLINE int floatx80_eq_signaling( floatx80 a, floatx80 b STATUS_PARAM)
+INLINE int floatx80_eq( floatx80 a, floatx80 b STATUS_PARAM)
 {
 return a <= b && a >= b;
 }
diff --git a/fpu/softfloat.c b/fpu/softfloat.c
index 492ef36..2e02940 100644
--- a/fpu/softfloat.c
+++ b/fpu/softfloat.c
@@ -2419,7 +2419,7 @@ int float32_unordered( float32 a, float32 b STATUS_PARAM )
 | according to the IEC/IEEE Standard for Binary Floating-Point Arithmetic.
 **/
 
-int float32_eq_signaling( float32 a, float32 b STATUS_PARAM )
+int float32_eq( float32 a, float32 b STATUS_PARAM )
 {
 uint32_t av, bv;
 a = float32_squash_input_denormal(a STATUS_VAR);
@@ -3686,7 +3686,7 @@ int float64_unordered( float64 a, float64 b STATUS_PARAM )
 | according to the IEC/IEEE Standard for Binary Floating-Point Arithmetic.
 **/
 
-int float64_eq_signaling( float64 a, float64 b STATUS_PARAM )
+int float64_eq( float64 a, float64 b STATUS_PARAM )
 {
 uint64_t av, bv;
 a = float64_squash_input_denormal(a STATUS_VAR);
@@ -4706,7 +4706,7 @@ int floatx80_unordered( floatx80 a, floatx80 b 
STATUS_PARAM )
 | according to the IEC/IEEE Standard for Binary Floating-Point Arithmetic.
 **/
 
-int floatx80_eq_signaling( floatx80 a, floatx80 b STATUS_PARAM )
+int floatx80_eq( floatx80 a, floatx80 b STATUS_PARAM )
 {
 
 if ((( extractFloatx80Exp( a ) == 0x7FFF )
@@ -5868,7 +5868,7 @@ int float128_unordered( float128 a, float128 b 
STATUS_PARAM )
 | according to the IEC/IEEE Standard for Binary Floating-Point Arithmetic.
 **/
 
-int float128_eq_signaling( float128 a, float128 b STATUS_PARAM )
+int float128_eq( float128 a, float128 b STATUS_PARAM )
 {
 
 if ((( extractFloat128Exp( a ) == 0x7FFF )
diff --git a/fpu/softfloat.h b/fpu/softfloat.h
index 738a50c..b9440b2 100644
--- a/fpu/softfloat.h
+++ b/fpu/softfloat.h
@@ -324,7 +324,7 @@ int float32_eq_quiet( float32, float32 STATUS_PARAM );
 int float32_le( float32, float32 STATUS_PARAM );
 int float32_lt( float32, float32 STATUS_PARAM );
 int float32_unordered( float32, float32 STATUS_PARAM );
-int float32_eq_signaling( float32, float32 STATUS_PARAM );
+int float32_eq( float32, float32 STATUS_PARAM );
 int float32_le_quiet( float32, float32 STATUS_PARAM );
 int float32_lt_quiet( float32, float32 STATUS_PARAM );
 int float32_unordered_quiet( float32, float32 STATUS_PARAM );
@@ -440,7 +440,7 @@ int float64_eq_quiet( float64, float64 STATUS_PARAM );
 int float64_le( float64, float64 STATUS_PARAM );
 int float64_lt( float64, float64 STATUS_PARAM );
 int float64_unordered( float64, float64 STATUS_PARAM );
-int float64_eq_signaling( float64, float64 STATUS_PARAM );
+int float64_eq( float64, float64 STATUS_PARAM );
 int float64_le_quiet( float64, float64 STATUS_PARAM );
 int float64_lt_quiet( float64, float64 STATUS_PARAM );
 int float64_unordered_quiet( float64, float64 STATUS_PARAM );
@@ -543,7 +543,7 @@ int floatx80_eq_quiet( floatx80, floatx80 STATUS_PARAM );
 int floatx80_le( floatx80, floatx80 STATUS_PARAM );
 int floatx80_lt( floatx80, floatx80 STATUS_PARAM );
 int floatx80_unordered( floatx80, floatx80 STATUS_PARAM );
-int floatx80_eq_signaling( floatx80, floatx80 STATUS_PARAM );
+int floatx80_eq( floatx80, floatx80 STATUS_PARAM );
 int floatx80_le_quiet( floatx80, floatx80 STATUS_PARAM );
 int floatx80_lt_quiet( floatx80, floatx80 STATUS_PARAM );
 int floatx80_unordered_quiet( floatx80, floatx80 STATUS_PARAM );
@@ -628,7 +628,7 @@ int float128

[Qemu-devel] [PATCH v2 15/19] target-ppc: fix SPE comparison functions

[Aurelien Jarno]

efstst*() functions are fast SPE funtions which do not take into account
special values (infinites, NaN, etc.), while efscmp*() functions are
IEEE754 compliant.

Given that float32_*() functions are IEEE754 compliant, the efscmp*()
functions are correctly implemented, while efstst*() are not. This
patch reverse the implementation of this two groups of functions and
fix the comments. It also use float32_eq() instead of float32_eq_quiet()
as qNaNs should not be ignored.

Cc: Alexander Graf 
Cc: Nathan Froyd 
Signed-off-by: Aurelien Jarno 
---
 target-ppc/op_helper.c |   26 +-
 1 files changed, 13 insertions(+), 13 deletions(-)

v2: fix calls to efscmp*, removing an infinite loop


diff --git a/target-ppc/op_helper.c b/target-ppc/op_helper.c
index f645f57..9aa108e 100644
--- a/target-ppc/op_helper.c
+++ b/target-ppc/op_helper.c
@@ -3331,7 +3331,7 @@ HELPER_SPE_VECTOR_ARITH(fsmul);
 HELPER_SPE_VECTOR_ARITH(fsdiv);
 
 /* Single-precision floating-point comparisons */
-static inline uint32_t efststlt(uint32_t op1, uint32_t op2)
+static inline uint32_t efscmplt(uint32_t op1, uint32_t op2)
 {
 CPU_FloatU u1, u2;
 u1.l = op1;
@@ -3339,7 +3339,7 @@ static inline uint32_t efststlt(uint32_t op1, uint32_t 
op2)
 return float32_lt(u1.f, u2.f, &env->vec_status) ? 4 : 0;
 }
 
-static inline uint32_t efststgt(uint32_t op1, uint32_t op2)
+static inline uint32_t efscmpgt(uint32_t op1, uint32_t op2)
 {
 CPU_FloatU u1, u2;
 u1.l = op1;
@@ -3347,30 +3347,30 @@ static inline uint32_t efststgt(uint32_t op1, uint32_t 
op2)
 return float32_le(u1.f, u2.f, &env->vec_status) ? 0 : 4;
 }
 
-static inline uint32_t efststeq(uint32_t op1, uint32_t op2)
+static inline uint32_t efscmpeq(uint32_t op1, uint32_t op2)
 {
 CPU_FloatU u1, u2;
 u1.l = op1;
 u2.l = op2;
-return float32_eq_quiet(u1.f, u2.f, &env->vec_status) ? 4 : 0;
+return float32_eq(u1.f, u2.f, &env->vec_status) ? 4 : 0;
 }
 
-static inline uint32_t efscmplt(uint32_t op1, uint32_t op2)
+static inline uint32_t efststlt(uint32_t op1, uint32_t op2)
 {
-/* XXX: TODO: test special values (NaN, infinites, ...) */
-return efststlt(op1, op2);
+/* XXX: TODO: ignore special values (NaN, infinites, ...) */
+return efscmplt(op1, op2);
 }
 
-static inline uint32_t efscmpgt(uint32_t op1, uint32_t op2)
+static inline uint32_t efststgt(uint32_t op1, uint32_t op2)
 {
-/* XXX: TODO: test special values (NaN, infinites, ...) */
-return efststgt(op1, op2);
+/* XXX: TODO: ignore special values (NaN, infinites, ...) */
+return efscmpgt(op1, op2);
 }
 
-static inline uint32_t efscmpeq(uint32_t op1, uint32_t op2)
+static inline uint32_t efststeq(uint32_t op1, uint32_t op2)
 {
-/* XXX: TODO: test special values (NaN, infinites, ...) */
-return efststeq(op1, op2);
+/* XXX: TODO: ignore special values (NaN, infinites, ...) */
+return efscmpeq(op1, op2);
 }
 
 #define HELPER_SINGLE_SPE_CMP(name)   \
-- 
1.7.2.3

Re: [Qemu-devel] [PATCH] Fix conversions from pointer to tcg_target_long

[TeLeMan]

On Sat, Apr 2, 2011 at 19:36, Stefan Weil  wrote:
> tcg_gen_exit_tb takes a parameter of type tcg_target_long,
> so the type casts of pointer to long should be replaced by
> type casts of pointer to tcg_target_long (suggested by Blue Swirl).
>
> These changes are needed for build environments where
> sizeof(long) != sizeof(void *), especially for w64.
There are many "(long)tb" in exec.c and the types of tb_next in
TranslationBlock, tc_ptr in tb_find_pc(), searched_pc etc. are
"unsigned long". So more patches for w64 are needed.

Re: [Qemu-devel] [PATCH] v4 revamp acpitable parsing and allow to specify complete (headerful) table

[Isaku Yamahata]

Ping.
Gleb, The issue of specifying both data and file is addressed.
Do you have any other comments? Otherwise can you provide your acked-by?

On Tue, Apr 05, 2011 at 10:53:16PM +0400, Michael Tokarev wrote:
> This patch almost rewrites acpi_table_add() function
> (but still leaves it using old get_param_value() interface).
> The result is that it's now possible to specify whole table
> (together with a header) in an external file, instead of just
> data portion, with a new file= parameter, but at the same time
> it's still possible to specify header fields as before.
> 
> Now with the checkpatch.pl formatting fixes, thanks to
> Stefan Hajnoczi for suggestions, with changes from
> Isaku Yamahata, and with my further refinements.
> 
> Signed-off-by: Michael Tokarev 
> ---
>  hw/acpi.c   |  293 
> ---
>  qemu-options.hx |7 +-
>  2 files changed, 176 insertions(+), 124 deletions(-)
> 
> diff --git a/hw/acpi.c b/hw/acpi.c
> index 237526d..3def259 100644
> --- a/hw/acpi.c
> +++ b/hw/acpi.c
> @@ -15,6 +15,7 @@
>   * You should have received a copy of the GNU Lesser General Public
>   * License along with this library; if not, see 
> 
>   */
> +
>  #include "hw.h"
>  #include "pc.h"
>  #include "acpi.h"
> @@ -24,17 +25,29 @@
>  
>  struct acpi_table_header
>  {
> -char signature [4];/* ACPI signature (4 ASCII characters) */
> +uint16_t _length; /* our length, not actual part of the hdr */
> +  /* XXX why we have 2 length fields here? */
> +char sig[4];  /* ACPI signature (4 ASCII characters) */
>  uint32_t length;  /* Length of table, in bytes, including header 
> */
>  uint8_t revision; /* ACPI Specification minor version # */
>  uint8_t checksum; /* To make sum of entire table == 0 */
> -char oem_id [6];   /* OEM identification */
> -char oem_table_id [8]; /* OEM table identification */
> +char oem_id[6];   /* OEM identification */
> +char oem_table_id[8]; /* OEM table identification */
>  uint32_t oem_revision;/* OEM revision number */
> -char asl_compiler_id [4]; /* ASL compiler vendor ID */
> +char asl_compiler_id[4];  /* ASL compiler vendor ID */
>  uint32_t asl_compiler_revision; /* ASL compiler revision number */
>  } __attribute__((packed));
>  
> +#define ACPI_TABLE_HDR_SIZE sizeof(struct acpi_table_header)
> +#define ACPI_TABLE_PFX_SIZE sizeof(uint16_t)  /* size of the extra prefix */
> +
> +static const char dfl_hdr[ACPI_TABLE_HDR_SIZE] =
> +"\0\0"   /* fake _length (2) */
> +"QEMU\0\0\0\0\1\0"   /* sig (4), len(4), revno (1), csum (1) */
> +"QEMUQEQEMUQEMU\1\0\0\0" /* OEM id (6), table (8), revno (4) */
> +"QEMU\1\0\0\0"   /* ASL compiler ID (4), version (4) */
> +;
> +
>  char *acpi_tables;
>  size_t acpi_tables_len;
>  
> @@ -47,156 +60,190 @@ static int acpi_checksum(const uint8_t *data, int len)
>  return (-sum) & 0xff;
>  }
>  
> +/* like strncpy() but zero-fills the tail of destination */
> +static void strzcpy(char *dst, const char *src, size_t size)
> +{
> +size_t len = strlen(src);
> +if (len >= size) {
> +len = size;
> +} else {
> +  memset(dst + len, 0, size - len);
> +}
> +memcpy(dst, src, len);
> +}
> +
> +/* XXX fixme: this function uses obsolete argument parsing interface */
>  int acpi_table_add(const char *t)
>  {
> -static const char *dfl_id = "QEMUQEMU";
>  char buf[1024], *p, *f;
> -struct acpi_table_header acpi_hdr;
>  unsigned long val;
> -uint32_t length;
> -struct acpi_table_header *acpi_hdr_p;
> -size_t off;
> +size_t len, start, allen;
> +bool has_header;
> +int changed;
> +int r;
> +struct acpi_table_header hdr;
> +
> +r = 0;
> +r |= get_param_value(buf, sizeof(buf), "data", t) ? 1 : 0;
> +r |= get_param_value(buf, sizeof(buf), "file", t) ? 2 : 0;
> +switch (r) {
> +case 0:
> +buf[0] = '\0';
> +case 1:
> +has_header = false;
> +break;
> +case 2:
> +has_header = true;
> +break;
> +default:
> +fprintf(stderr, "acpitable: both data and file are specified\n");
> +return -1;
> +}
> +
> +if (!acpi_tables) {
> +allen = sizeof(uint16_t);
> +acpi_tables = qemu_mallocz(allen);
> +}
> +else {
> +allen = acpi_tables_len;
> +}
> +
> +start = allen;
> +acpi_tables = qemu_realloc(acpi_tables, start + ACPI_TABLE_HDR_SIZE);
> +allen += has_header ? ACPI_TABLE_PFX_SIZE : ACPI_TABLE_HDR_SIZE;
> +
> +/* now read in the data files, reallocating buffer as needed */
> +
> +for (f = strtok(buf, ":"); f; f = strtok(NULL, ":")) {
> +int fd = open(f, O_RDONLY);
> +
> +if (fd < 0) {
> +fprintf(stderr, "can't open file %s: %s\n", f, strerror(errno));
> + 

Re: [Qemu-devel] [PATCH] Fix conversions from pointer to tcg_target_long

[Stefan Weil]

Am 14.04.2011 03:42, schrieb TeLeMan:

On Sat, Apr 2, 2011 at 19:36, Stefan Weil  wrote:

tcg_gen_exit_tb takes a parameter of type tcg_target_long,
so the type casts of pointer to long should be replaced by
type casts of pointer to tcg_target_long (suggested by Blue Swirl).

These changes are needed for build environments where
sizeof(long) != sizeof(void *), especially for w64.

There are many "(long)tb" in exec.c and the types of tb_next in
TranslationBlock, tc_ptr in tb_find_pc(), searched_pc etc. are
"unsigned long". So more patches for w64 are needed.


Yes, I am very aware of this fact. This is the third effort to
get QEMU code which is w64 clean. The first two were large
patches which were difficult to review. Now I send small
patches which will finally achieve the same goal. Sometimes
these small patches seem to be unrelated to w64 (like
a recent patch which removes a parameter). I think that
increasing portability of software has positive effects for
all targets, not only the new one. That's why I do this
although I don't use w64.

[Qemu-devel] [PATCH 2/2] Basic implementation of Sharp Zaurus SL-5500 collie PDA

[Dmitry Eremin-Solenikov]

Add very basic implementation of collie PDA emulation. The system lacks
LoCoMo and graphics/sound emulation. Linux kernel boots up to mounting
rootfs (theoretically it can be provided in pflash images).

Signed-off-by: Dmitry Eremin-Solenikov 
---
 Makefile.target |1 +
 hw/collie.c |   69 +++
 2 files changed, 70 insertions(+), 0 deletions(-)
 create mode 100644 hw/collie.c

diff --git a/Makefile.target b/Makefile.target
index 9e4cfc0..0e0ef36 100644
--- a/Makefile.target
+++ b/Makefile.target
@@ -353,6 +353,7 @@ obj-arm-y += syborg_serial.o syborg_timer.o 
syborg_pointer.o syborg_rtc.o
 obj-arm-y += syborg_virtio.o
 obj-arm-y += vexpress.o
 obj-arm-y += strongarm.o
+obj-arm-y += collie.o
 
 obj-sh4-y = shix.o r2d.o sh7750.o sh7750_regnames.o tc58128.o
 obj-sh4-y += sh_timer.o sh_serial.o sh_intc.o sh_pci.o sm501.o
diff --git a/hw/collie.c b/hw/collie.c
new file mode 100644
index 000..156404d
--- /dev/null
+++ b/hw/collie.c
@@ -0,0 +1,69 @@
+/*
+ * SA-1110-based Sharp Zaurus SL-5500 platform.
+ *
+ * Copyright (C) 2011 Dmitry Eremin-Solenikov
+ *
+ * This code is licensed under GNU GPL v2.
+ */
+#include "hw.h"
+#include "sysbus.h"
+#include "boards.h"
+#include "devices.h"
+#include "strongarm.h"
+#include "arm-misc.h"
+#include "flash.h"
+#include "blockdev.h"
+
+static struct arm_boot_info collie_binfo = {
+.loader_start = SA_SDCS0,
+.ram_size = 0x2000,
+};
+
+static void collie_init(ram_addr_t ram_size,
+const char *boot_device,
+const char *kernel_filename, const char *kernel_cmdline,
+const char *initrd_filename, const char *cpu_model)
+{
+StrongARMState *s;
+DriveInfo *dinfo;
+ram_addr_t phys_flash;
+
+if (!cpu_model) {
+cpu_model = "sa1110";
+}
+
+s = sa1110_init(collie_binfo.ram_size, cpu_model);
+
+phys_flash = qemu_ram_alloc(NULL, "collie.fl1", 0x0200);
+dinfo = drive_get(IF_PFLASH, 0, 0);
+pflash_cfi01_register(SA_CS0, phys_flash,
+dinfo ? dinfo->bdrv : NULL, (64 * 1024),
+512, 4, 0x00, 0x00, 0x00, 0x00, 0);
+
+phys_flash = qemu_ram_alloc(NULL, "collie.fl2", 0x0200);
+dinfo = drive_get(IF_PFLASH, 0, 1);
+pflash_cfi01_register(SA_CS1, phys_flash,
+dinfo ? dinfo->bdrv : NULL, (64 * 1024),
+512, 4, 0x00, 0x00, 0x00, 0x00, 0);
+
+sysbus_create_simple("scoop", 0x4080, NULL);
+
+collie_binfo.kernel_filename = kernel_filename;
+collie_binfo.kernel_cmdline = kernel_cmdline;
+collie_binfo.initrd_filename = initrd_filename;
+collie_binfo.board_id = 0x208;
+arm_load_kernel(s->env, &collie_binfo);
+}
+
+static QEMUMachine collie_machine = {
+.name = "collie",
+.desc = "Collie PDA (SA-1110)",
+.init = collie_init,
+};
+
+static void collie_machine_init(void)
+{
+qemu_register_machine(&collie_machine);
+}
+
+machine_init(collie_machine_init)
-- 
1.7.4.1

[Qemu-devel] [PATCH 1/2] Implement basic part of SA-1110/SA-1100

[Dmitry Eremin-Solenikov]

Basic implementation of DEC/Intel SA-1100/SA-1110 chips emulation.
Implemented:
 - IRQs
 - GPIO
 - PPC
 - RTC
 - UARTs (no IrDA/etc.)
 - OST reused from pxa25x

Everything else is TODO (esp. PM/idle/sleep!) - see the todo in the
hw/strongarm.c

V5:
  * syntax fixup

V4:
  * use bitnames to access RTC and UART registers
  * drop unused casts
  * disable debug printfs in GPIO code

V3:
  * fix the name of UART VMSD
  * fix RTSR reg offset
  * add SSP support

V2:
  * removed all strongarm variants except latest
  * dropped unused casts
  * fixed PIC vmstate
  * fixed new devices created with version_id = 1

Signed-off-by: Dmitry Eremin-Solenikov 
---
 Makefile.target |1 +
 hw/strongarm.c  | 1587 +++
 hw/strongarm.h  |   64 ++
 target-arm/cpu.h|3 +
 target-arm/helper.c |9 +
 5 files changed, 1664 insertions(+), 0 deletions(-)
 create mode 100644 hw/strongarm.c
 create mode 100644 hw/strongarm.h

diff --git a/Makefile.target b/Makefile.target
index d5761b7..9e4cfc0 100644
--- a/Makefile.target
+++ b/Makefile.target
@@ -352,6 +352,7 @@ obj-arm-y += syborg.o syborg_fb.o syborg_interrupt.o 
syborg_keyboard.o
 obj-arm-y += syborg_serial.o syborg_timer.o syborg_pointer.o syborg_rtc.o
 obj-arm-y += syborg_virtio.o
 obj-arm-y += vexpress.o
+obj-arm-y += strongarm.o
 
 obj-sh4-y = shix.o r2d.o sh7750.o sh7750_regnames.o tc58128.o
 obj-sh4-y += sh_timer.o sh_serial.o sh_intc.o sh_pci.o sm501.o
diff --git a/hw/strongarm.c b/hw/strongarm.c
new file mode 100644
index 000..3e0fefe
--- /dev/null
+++ b/hw/strongarm.c
@@ -0,0 +1,1587 @@
+/*
+ * StrongARM SA-1100/SA-1110 emulation
+ *
+ * Copyright (C) 2011 Dmitry Eremin-Solenikov
+ *
+ * Largely based on StrongARM emulation:
+ * Copyright (c) 2006 Openedhand Ltd.
+ * Written by Andrzej Zaborowski 
+ *
+ * UART code based on QEMU 16550A UART emulation
+ * Copyright (c) 2003-2004 Fabrice Bellard
+ * Copyright (c) 2008 Citrix Systems, Inc.
+ *
+ * This work is licensed under the terms of the GNU GPL, version 2.  See
+ * the COPYING file in the top-level directory.
+ */
+#include "sysbus.h"
+#include "strongarm.h"
+#include "qemu-error.h"
+#include "arm-misc.h"
+#include "sysemu.h"
+#include "ssi.h"
+
+/*
+ TODO
+ - Implement cp15, c14 ?
+ - Implement cp15, c15 !!! (idle used in L)
+ - Implement idle mode handling/DIM
+ - Implement sleep mode/Wake sources
+ - Implement reset control
+ - Implement memory control regs
+ - PCMCIA handling
+ - Maybe support MBGNT/MBREQ
+ - DMA channels
+ - GPCLK
+ - IrDA
+ - MCP
+ - Enhance UART with modem signals
+ */
+
+static struct {
+target_phys_addr_t io_base;
+int irq;
+} sa_serial[] = {
+{ 0x8001, SA_PIC_UART1 },
+{ 0x8003, SA_PIC_UART2 },
+{ 0x8005, SA_PIC_UART3 },
+{ 0, 0 }
+};
+
+/* Interrupt Controller */
+typedef struct {
+SysBusDevice busdev;
+qemu_irqirq;
+qemu_irqfiq;
+
+uint32_t pending;
+uint32_t enabled;
+uint32_t is_fiq;
+uint32_t int_idle;
+} StrongARMPICState;
+
+#define ICIP0x00
+#define ICMR0x04
+#define ICLR0x08
+#define ICFP0x10
+#define ICPR0x20
+#define ICCR0x0c
+
+#define SA_PIC_SRCS 32
+
+
+static void strongarm_pic_update(void *opaque)
+{
+StrongARMPICState *s = opaque;
+
+/* FIXME: reflect DIM */
+qemu_set_irq(s->fiq, s->pending & s->enabled &  s->is_fiq);
+qemu_set_irq(s->irq, s->pending & s->enabled & ~s->is_fiq);
+}
+
+static void strongarm_pic_set_irq(void *opaque, int irq, int level)
+{
+StrongARMPICState *s = opaque;
+
+if (level) {
+s->pending |= 1 << irq;
+} else {
+s->pending &= ~(1 << irq);
+}
+
+strongarm_pic_update(s);
+}
+
+static uint32_t strongarm_pic_mem_read(void *opaque, target_phys_addr_t offset)
+{
+StrongARMPICState *s = opaque;
+
+switch (offset) {
+case ICIP:
+return s->pending & ~s->is_fiq & s->enabled;
+case ICMR:
+return s->enabled;
+case ICLR:
+return s->is_fiq;
+case ICCR:
+return s->int_idle == 0;
+case ICFP:
+return s->pending & s->is_fiq & s->enabled;
+case ICPR:
+return s->pending;
+default:
+printf("%s: Bad register offset 0x" TARGET_FMT_plx "\n",
+__func__, offset);
+return 0;
+}
+}
+
+static void strongarm_pic_mem_write(void *opaque, target_phys_addr_t offset,
+uint32_t value)
+{
+StrongARMPICState *s = opaque;
+
+switch (offset) {
+case ICMR:
+s->enabled = value;
+break;
+case ICLR:
+s->is_fiq = value;
+break;
+case ICCR:
+s->int_idle = (value & 1) ? 0 : ~0;
+break;
+default:
+printf("%s: Bad register offset 0x" TARGET_FMT_plx "\n",
+__func__, offset);
+break;
+}
+strongarm_pic_update(s);
+}
+
+static CPUReadMemoryFunc * const strongarm_pic_readfn[] = {
+strongarm_pic_mem_read,
+strongarm_

Re: [Qemu-devel] [PATCH 2/2 V7] qemu, qmp: add inject-nmi qmp command

[Markus Armbruster]

Blue Swirl  writes:

> On Wed, Apr 13, 2011 at 4:08 PM, Luiz Capitulino  
> wrote:
>> On Tue, 12 Apr 2011 21:31:18 +0300
>> Blue Swirl  wrote:
>>
>>> On Tue, Apr 12, 2011 at 10:52 AM, Avi Kivity  wrote:
>>> > On 04/11/2011 08:15 PM, Blue Swirl wrote:
>>> >>
>>> >> On Mon, Apr 11, 2011 at 10:01 AM, Markus Armbruster
>>> >>  wrote:
>>> >> >  Avi Kivity  writes:
>>> >> >
>>> >> >>  On 04/08/2011 12:41 AM, Anthony Liguori wrote:
>>> >> >>>
>>> >> >>>  And it's a good thing to have, but exposing this as the only API to
>>> >> >>>  do something as simple as generating a guest crash dump is not the
>>> >> >>>  friendliest thing in the world to do to users.
>>> >> >>
>>> >> >>  nmi is a fine name for something that corresponds to a real-life nmi
>>> >> >>  button (often labeled "NMI").
>>> >> >
>>> >> >  Agree.
>>> >>
>>> >> We could also introduce an alias mechanism for user friendly names, so
>>> >> nmi could be used in addition of full path. Aliases could be useful
>>> >> for device paths as well.
>>> >
>>> > Yes.  Perhaps limited to the human monitor.
>>>
>>> I'd limit all debugging commands (including NMI) to the human monitor.
>>
>> Why?
>
> Do they have any real use in production environment? Also, we should
> have the freedom to change the debugging facilities (for example, to
> improve some internal implementation) as we want without regard to
> compatibility to previous versions.

For what it's worth, Lai (original poster) has been trying for many
months to get inject-nmi into QMP, and I suspect he has a really good
reason for his super-human persistence.