Re: [Qemu-devel] [PATCH 5/8] tcg: Add interpreter for bytecode

[Paolo Bonzini]

On 09/18/2011 07:49 AM, Stefan Weil wrote:

Is there really any difference in the generated code?
gcc already uses a jump table internally to handle the
switch cases.


You typically save something on range checks, and it enables a lot more 
tricks for use later (e.g. using multiple jump tables to perform simple 
peephole optimizations, or to divert code execution on interrupts).


Paolo

Re: [Qemu-devel] [PATCH] Add iSCSI support for QEMU

[Paolo Bonzini]

On 09/17/2011 09:08 PM, Laurent Vivier wrote:

>  The NBD protocol supports multiple named exports, just not QEMU's
>  implementation.

Named exports are supported since commit
1d45f8b542f6b80b24c44533ef0dd9e1a3b17ea5


Yes, not in the qemu-nbd server though.

Paolo

Re: [Qemu-devel] windows XP fail to enter standby mode

[Alon Levy]

On Fri, Sep 16, 2011 at 02:28:05PM +0800, hkran wrote:
> On 09/15/2011 06:42 PM, Alon Levy wrote:
> >On Thu, Sep 15, 2011 at 05:23:01PM +0800, hkran wrote:
> >>Hi,
> >>
> >>If I select to let my guest XP enter standby mode by clicking the button
> >>manually. qemu will exit with the following message left:
> >>
> >>ioport_write: PANIC d->guest_slots[val].active failed
> >>
> >>the following is my command to start qemu:
> >>
> >>/home/huikai/qemu15/bin/qemu --enable-kvm  -m 768  -drive
> >>file=/home/huikai/winxp_dev.img,if=virtio  -net nic,model=virtio -net
> >>user -usb -usbdevice tablet -vga qxl  -localtime  -device virtio-serial
> >>-chardev spicevmc,name=vdagent,id=vdagent -device
> >>virtserialport,chardev=vdagent,name=spice0 -spice
> >>port=1234,disable-ticketing -monitor telnet:localhost:12341,server,nowait
> >>
> >>Qemu is 0.15v
> >>gxl driver 
> >>isqxl-0.10-20112808.zip
> >>   from http://spice-space.org/download.html
> >What bios are you using? Is there a reset event? can you paste the complete 
> >log before the PANIC?
> >
> >Thanks,
> >Alon
> >
> BIOS:
> (qemu) info roms
> addr=fffe size=0x02 mem=rom name="bios.bin"

This just shows you have a bios, but where is that file from? i.e. is
it compiled by you, or from an rpm, if so which and what version?

> >the entire log:
> [root@oc0100708617 ~]# /home/huikai/qemu15/bin/qemu  --enable-kvm
> -m 768  -drive file=/home/huikai/winxp_dev.img,if=virtio  -net
> nic,model=virtio -net user -usb -usbdevice tablet  -localtime -vga
> qxl -device virtio-serial -chardev spicevmc,name=vdagent,id=vdagent
> -device virtserialport,chardev=vdagent,name=spice0 -spice
> port=1234,disable-ticketing   -monitor
> telnet:localhost:12341,server,nowait -cdrom
> /home/huikai/iso/GRMWDK_EN_7600_1.ISO
> do_spice_init: starting 0.8.0
> spice_server_add_interface: SPICE_INTERFACE_KEYBOARD
> spice_server_add_interface: SPICE_INTERFACE_MOUSE
> spice_server_add_interface: SPICE_INTERFACE_QXL
> red_worker_main: begin
> handle_dev_destroy_surfaces:
> handle_dev_destroy_surfaces:
> handle_dev_input: start
> spice_server_add_interface: SPICE_INTERFACE_TABLET
> handle_dev_destroy_surfaces:
> reds_handle_main_link:
> reds_show_new_channel: channel 1:0, connected successfully, over Non
> Secure link
> handle_dev_input: mouse mode 2
> reds_main_handle_message: net test: latency 1.043000 ms, bitrate
> 3413 bps (325520.83 Mbps)
> reds_show_new_channel: channel 4:0, connected successfully, over Non
> Secure link
> red_dispatcher_set_cursor_peer:
> handle_dev_input: cursor connect
> reds_show_new_channel: channel 2:0, connected successfully, over Non
> Secure link
> red_dispatcher_set_peer:
> handle_dev_input: connect
> handle_new_display_channel: jpeg disabled
> handle_new_display_channel: zlib-over-glz disabled
> reds_show_new_channel: channel 3:0, connected successfully, over Non
> Secure link
> inputs_link:
> handle_dev_destroy_surfaces:
> handle_dev_destroy_surfaces:
> ioport_write: PANIC d->guest_slots[val].active failed
> 
> As for reset event, Alon, Do you know how to tell a reset event
> posted in qemu?
> In addition, if I use the default -vga std, qemu will not exit when
> VM entering standby.It seems that there is something wrong about qxl
> driver.

You can enable bios debug, that should show it. Also, you can do a reset (via
guest for instance) and see the qemu messages you get from it, and then compare.

To enable bios debugging add the following to the command line for upstream 
qemu:
 -chardev stdio,id=muxstdio,mux=on -mon chardev=muxstdio,mode=readline
 -device isa-debugcon,iobase=0x402,chardev=muxstdio

This assumes you don't mind/want to have the monitor on stdio, if you use a qmp 
or hmp
on something else the stdio (unix domain socket / tcp) then you can just forgoe
the whole mux part.

For rhel6 that device is not backported, but you can still get bios debugging 
information
by uncommenting theline "//#define DEBUG_BIOS" in hw/pc.c

Also you can just enable debugging for the qxl device, for the primary (-vga 
qxl) you need to add:
-global qxl-vga.debug=1

For instance, do system_reset from monitor after running:
qemu -vga qxl -monitor stdio -global qxl-vga.debug=1,

I don't see a reset happening. You should see something like:

qxl-0: qxl_hard_reset: start
qxl-0: qxl_reset_surfaces:
qxl-0: qxl_reset_memslots:
qxl-0: qxl_soft_reset:
qxl-0: qxl_enter_vga_mode
qxl-0: qxl_hard_reset: done

(It repeats a few times - system_reset actually calls reset more then once on 
each device).

> 
> >>___
> >>kvm-cstl mailing list
> >>To unsubscribe from the list, change your list options
> >>or if you have forgotten your list password visit:
> >>http://lists.linux.ibm.com/mailman/listinfo/kvm-cstl
> >>
> 
> 

Re: [Qemu-devel] [RFC] Plan for moving forward with QOM

[Avi Kivity]

On 09/15/2011 11:52 PM, Anthony Liguori wrote:
Also, NE2000 methods have to call ISA_NE2000 and PCI_NE2000 methods, 
yes?



I don't think so.  The NE2k would export an IRQ and the ISA_NE2K and 
PCI_NE2k would have to route that IRQ.  But I think that's the extent 
of the communication in that direction.


Am I missing something?


I guess for simple devices it's unlikely that anything further is needed.

The most complicated device with a dual interface I can think of is vga, 
it needs to register memory regions dynamically.  But even that can be 
done by registering a container on startup, and doing the dynamic stuff 
within the container.


--
I have a truly marvellous patch that fixes the bug which this
signature is too narrow to contain.

Re: [Qemu-devel] [PATCH] spice: set qxl->ssd.running=true before telling spice to start, RHBZ #733993

[Alon Levy]

On Mon, Sep 05, 2011 at 05:39:50PM +0300, Yonit Halperin wrote:
> If qxl->ssd.running=true is set after telling spice to start, the spice server
> thread can call qxl_send_events while qxl->ssd.running is still false. This 
> leads to
> assert(d->ssd.running).
> 

Looks good.

Acked-by: Alon Levy 

> Signed-off-by: Yonit Halperin 
> ---
> Since it looks like the purpose of the assert in qxl_send_event is preventing 
> changes
> in the guest when the vm is stopped, I think it is not necessary for 
> ssd.running to be
> exactly synchronized with the spice server status, but just be true before
> the spice worker starts.
> 
>  ui/spice-display.c |3 ++-
>  1 files changed, 2 insertions(+), 1 deletions(-)
> 
> diff --git a/ui/spice-display.c b/ui/spice-display.c
> index 683d454..3224f99 100644
> --- a/ui/spice-display.c
> +++ b/ui/spice-display.c
> @@ -260,11 +260,12 @@ void qemu_spice_vm_change_state_handler(void *opaque, 
> int running, int reason)
>  SimpleSpiceDisplay *ssd = opaque;
>  
>  if (running) {
> +ssd->running = true;
>  qemu_spice_start(ssd);
>  } else {
>  qemu_spice_stop(ssd);
> +ssd->running = false;
>  }
> -ssd->running = running;
>  }
>  
>  void qemu_spice_display_init_common(SimpleSpiceDisplay *ssd, DisplayState 
> *ds)
> -- 
> 1.7.4.4
> 
> 

[Qemu-devel] [PATCH 0/4] Set of patches for chrooted environment

[Laurent Vivier]

This set of patches helps to use qemu-linux-user in a chrooted environment.

It mostly allows to define the default cpu model as we can't use '-cpu' 
argument.
The last one defines enviromnent variables to be able to use log file and 
gdb server  ('-d' and '-g' arguments).

[PATCH 1/4] linux-user: define default cpu model in configure instead of 
linux-user/main.c
[PATCH 2/4] linux-user: specify the cpu model during configure
[PATCH 3/4] linux-user,m68k: display default cpu
[PATCH 4/4] linux-user: define new environment variables

[Qemu-devel] [PATCH 2/4] linux-user: specify the cpu model during configure

[Laurent Vivier]

From: Laurent Vivier 

This patch allows to set the default cpu model for a given architecture,
for instance:

 configure --target-list=m68k-linux-user --m68k-default-cpu=m68040

Signed-off-by: Laurent Vivier 
---
 configure |9 +
 1 files changed, 9 insertions(+), 0 deletions(-)

diff --git a/configure b/configure
index 5e10055..5f2c073 100755
--- a/configure
+++ b/configure
@@ -536,6 +536,10 @@ for opt do
   ;;
   --target-list=*) target_list="$optarg"
   ;;
+  --*-default-cpu=*)
+tmp=`expr "x$opt" : 'x--\(.*\)-default-cpu=.*'`
+eval ${tmp}_default_cpu="$optarg"
+  ;;
   --enable-trace-backend=*) trace_backend="$optarg"
   ;;
   --with-trace-file=*) trace_file="$optarg"
@@ -932,6 +936,7 @@ echo "   use %M for cpu name 
[$interp_prefix]"
 echo "  --target-list=LIST   set target list (default: build everything)"
 echo "Available targets: $default_target_list" | \
 fold -s -w 53 | sed -e 's/^/   /'
+echo "  --ARCH-default-cpu=CPU   set the default cpu for a given architecture"
 echo ""
 echo "Advanced options (experts only):"
 echo "  --source-path=PATH   path of source code [$source_path]"
@@ -3369,6 +3374,10 @@ case "$target_arch2" in
 exit 1
   ;;
 esac
+tmp_target_default_cpu=`eval echo \\$${target_arch2}_default_cpu`
+if [ "x$tmp_target_default_cpu" != "x" ] ; then
+  target_default_cpu="$tmp_target_default_cpu"
+fi
 echo "TARGET_SHORT_ALIGNMENT=$target_short_alignment" >> $config_target_mak
 echo "TARGET_INT_ALIGNMENT=$target_int_alignment" >> $config_target_mak
 echo "TARGET_LONG_ALIGNMENT=$target_long_alignment" >> $config_target_mak
-- 
1.7.1

Re: [Qemu-devel] [PATCH 7/8] tcg: Add tcg interpreter to configure / make

[Blue Swirl]

On Sat, Sep 17, 2011 at 8:00 PM, Stefan Weil  wrote:
> Signed-off-by: Stefan Weil 
> ---
>  Makefile.target |    1 +
>  configure       |   30 --
>  2 files changed, 29 insertions(+), 2 deletions(-)
>
> diff --git a/Makefile.target b/Makefile.target
> index 88d2f1f..a2c3a4a 100644
> --- a/Makefile.target
> +++ b/Makefile.target
> @@ -69,6 +69,7 @@ all: $(PROGS) stap
>  # cpu emulator library
>  libobj-y = exec.o translate-all.o cpu-exec.o translate.o
>  libobj-y += tcg/tcg.o tcg/optimize.o
> +libobj-$(CONFIG_TCG_INTERPRETER) += tcg/tci.o
>  libobj-y += fpu/softfloat.o
>  libobj-y += op_helper.o helper.o
>  ifeq ($(TARGET_BASE_ARCH), i386)
> diff --git a/configure b/configure
> index ad924c4..1d800e1 100755
> --- a/configure
> +++ b/configure
> @@ -138,6 +138,7 @@ debug_tcg="no"
>  debug_mon="no"
>  debug="no"
>  strip_opt="yes"
> +tcg_interpreter="no"
>  bigendian="no"
>  mingw32="no"
>  EXESUF=""
> @@ -647,6 +648,10 @@ for opt do
>   ;;
>   --enable-kvm) kvm="yes"
>   ;;
> +  --disable-tcg-interpreter) tcg_interpreter="no"
> +  ;;
> +  --enable-tcg-interpreter) tcg_interpreter="yes"
> +  ;;
>   --disable-spice) spice="no"
>   ;;
>   --enable-spice) spice="yes"
> @@ -997,6 +1002,7 @@ echo "  --enable-bluez           enable bluez stack 
> connectivity"
>  echo "  --disable-slirp          disable SLIRP userspace network 
> connectivity"
>  echo "  --disable-kvm            disable KVM acceleration support"
>  echo "  --enable-kvm             enable KVM acceleration support"
> +echo "  --enable-tcg-interpreter enable TCG with bytecode interpreter (TCI)"
>  echo "  --disable-nptl           disable usermode NPTL support"
>  echo "  --enable-nptl            enable usermode NPTL support"
>  echo "  --enable-system          enable all system emulation targets"
> @@ -2714,6 +2720,7 @@ echo "Linux AIO support $linux_aio"
>  echo "ATTR/XATTR support $attr"
>  echo "Install blobs     $blobs"
>  echo "KVM support       $kvm"
> +echo "TCG interpreter   $tcg_interpreter"
>  echo "fdt support       $fdt"
>  echo "preadv support    $preadv"
>  echo "fdatasync         $fdatasync"
> @@ -2761,6 +2768,15 @@ case "$cpu" in
>   armv4b|armv4l)
>     ARCH=arm
>   ;;
> +  *)
> +    if test "$tcg_interpreter" = "yes" ; then
> +        echo "Unsupported CPU = $cpu, will use TCG with TCI (experimental)"
> +        ARCH=unknown

ARCH=TCI or 'all' would be more accurate.

> +    else
> +        echo "Unsupported CPU = $cpu, try --enable-tcg-interpreter"
> +        exit 1
> +    fi
> +  ;;
>  esac
>  echo "ARCH=$ARCH" >> $config_host_mak
>  if test "$debug_tcg" = "yes" ; then
> @@ -2994,6 +3010,9 @@ fi
>  if test "$signalfd" = "yes" ; then
>   echo "CONFIG_SIGNALFD=y" >> $config_host_mak
>  fi
> +if test "$tcg_interpreter" = "yes" ; then
> +  echo "CONFIG_TCG_INTERPRETER=y" >> $config_host_mak
> +fi
>  if test "$need_offsetof" = "yes" ; then
>   echo "CONFIG_NEED_OFFSETOF=y" >> $config_host_mak
>  fi
> @@ -3454,7 +3473,9 @@ cflags=""
>  includes=""
>  ldflags=""
>
> -if test "$ARCH" = "sparc64" ; then
> +if test "$tcg_interpreter" = "yes"; then

Here the test should be against ARCH for consistency.

> +  includes="-I\$(SRC_PATH)/tcg/bytecode $includes"
> +elif test "$ARCH" = "sparc64" ; then
>   includes="-I\$(SRC_PATH)/tcg/sparc $includes"
>  elif test "$ARCH" = "s390x" ; then
>   includes="-I\$(SRC_PATH)/tcg/s390 $includes"
> @@ -3577,7 +3598,12 @@ if test "$gprof" = "yes" ; then
>   fi
>  fi
>
> -linker_script="-Wl,-T../config-host.ld -Wl,-T,\$(SRC_PATH)/\$(ARCH).ld"
> +if test "$ARCH" = "unknown"; then
> +  linker_script=""
> +else
> +  linker_script="-Wl,-T../config-host.ld -Wl,-T,\$(SRC_PATH)/\$(ARCH).ld"
> +fi
> +
>  if test "$target_linux_user" = "yes" -o "$target_bsd_user" = "yes" ; then
>   case "$ARCH" in
>   sparc)
> --
> 1.7.2.5
>
>
>

[Qemu-devel] [PATCH 3/4] linux-user,m68k: display default cpu

[Laurent Vivier]

From: Laurent Vivier 

Signed-off-by: Laurent Vivier 
---
 target-m68k/helper.c |5 +
 1 files changed, 5 insertions(+), 0 deletions(-)

diff --git a/target-m68k/helper.c b/target-m68k/helper.c
index 674c8e6..ede5180 100644
--- a/target-m68k/helper.c
+++ b/target-m68k/helper.c
@@ -57,6 +57,11 @@ void m68k_cpu_list(FILE *f, fprintf_function cpu_fprintf)
 unsigned int i;
 
 for (i = 0; m68k_cpu_defs[i].name; i++) {
+if (strcmp(m68k_cpu_defs[i].name, TARGET_DEFAULT_CPU) == 0) {
+(*cpu_fprintf)(f, " >");
+} else {
+(*cpu_fprintf)(f, "  ");
+}
 (*cpu_fprintf)(f, "%s\n", m68k_cpu_defs[i].name);
 }
 }
-- 
1.7.1

[Qemu-devel] [PATCH 1/4] linux-user: define default cpu model in configure instead of linux-user/main.c

[Laurent Vivier]

From: Laurent Vivier 

Signed-off-by: Laurent Vivier 
---
 configure |   14 ++
 linux-user/main.c |   34 +-
 2 files changed, 15 insertions(+), 33 deletions(-)

diff --git a/configure b/configure
index ad924c4..5e10055 100755
--- a/configure
+++ b/configure
@@ -3150,6 +3150,7 @@ target_dir="$target"
 config_target_mak=$target_dir/config-target.mak
 target_arch2=`echo $target | cut -d '-' -f 1`
 target_bigendian="no"
+target_default_cpu="any"
 
 case "$target_arch2" in
   
armeb|lm32|m68k|microblaze|mips|mipsn32|mips64|ppc|ppcemb|ppc64|ppc64abi32|s390x|sh4eb|sparc|sparc64|sparc32plus|xtensaeb)
@@ -3226,11 +3227,13 @@ TARGET_ABI_DIR=""
 case "$target_arch2" in
   i386)
 target_phys_bits=64
+target_default_cpu="qemu32"
   ;;
   x86_64)
 TARGET_BASE_ARCH=i386
 target_phys_bits=64
 target_long_alignment=8
+target_default_cpu="qemu64"
   ;;
   alpha)
 target_phys_bits=64
@@ -3273,12 +3276,14 @@ case "$target_arch2" in
 echo "TARGET_ABI_MIPSO32=y" >> $config_target_mak
 target_nptl="yes"
 target_phys_bits=64
+target_default_cpu="24Kf"
   ;;
   mipsn32|mipsn32el)
 TARGET_ARCH=mipsn32
 TARGET_BASE_ARCH=mips
 echo "TARGET_ABI_MIPSN32=y" >> $config_target_mak
 target_phys_bits=64
+target_default_cpu="20Kc"
   ;;
   mips64|mips64el)
 TARGET_ARCH=mips64
@@ -3286,12 +3291,14 @@ case "$target_arch2" in
 echo "TARGET_ABI_MIPSN64=y" >> $config_target_mak
 target_phys_bits=64
 target_long_alignment=8
+target_default_cpu="20Kc"
   ;;
   ppc)
 gdb_xml_files="power-core.xml power-fpu.xml power-altivec.xml 
power-spe.xml"
 target_phys_bits=32
 target_nptl="yes"
 target_libs_softmmu="$fdt_libs"
+target_default_cpu="750"
   ;;
   ppcemb)
 TARGET_BASE_ARCH=ppc
@@ -3300,6 +3307,7 @@ case "$target_arch2" in
 target_phys_bits=64
 target_nptl="yes"
 target_libs_softmmu="$fdt_libs"
+target_default_cpu="750"
   ;;
   ppc64)
 TARGET_BASE_ARCH=ppc
@@ -3308,6 +3316,7 @@ case "$target_arch2" in
 target_phys_bits=64
 target_long_alignment=8
 target_libs_softmmu="$fdt_libs"
+target_default_cpu="970fx"
   ;;
   ppc64abi32)
 TARGET_ARCH=ppc64
@@ -3317,6 +3326,7 @@ case "$target_arch2" in
 gdb_xml_files="power64-core.xml power-fpu.xml power-altivec.xml 
power-spe.xml"
 target_phys_bits=64
 target_libs_softmmu="$fdt_libs"
+target_default_cpu="750"
   ;;
   sh4|sh4eb)
 TARGET_ARCH=sh4
@@ -3326,11 +3336,13 @@ case "$target_arch2" in
   ;;
   sparc)
 target_phys_bits=64
+target_default_cpu="Fujitsu MB86904"
   ;;
   sparc64)
 TARGET_BASE_ARCH=sparc
 target_phys_bits=64
 target_long_alignment=8
+target_default_cpu="TI UltraSparc II"
   ;;
   sparc32plus)
 TARGET_ARCH=sparc64
@@ -3338,6 +3350,7 @@ case "$target_arch2" in
 TARGET_ABI_DIR=sparc
 echo "TARGET_ABI32=y" >> $config_target_mak
 target_phys_bits=64
+target_default_cpu="Fujitsu MB86904"
   ;;
   s390x)
 target_nptl="yes"
@@ -3360,6 +3373,7 @@ echo "TARGET_SHORT_ALIGNMENT=$target_short_alignment" >> 
$config_target_mak
 echo "TARGET_INT_ALIGNMENT=$target_int_alignment" >> $config_target_mak
 echo "TARGET_LONG_ALIGNMENT=$target_long_alignment" >> $config_target_mak
 echo "TARGET_LLONG_ALIGNMENT=$target_llong_alignment" >> $config_target_mak
+echo "TARGET_DEFAULT_CPU=\"$target_default_cpu\"" >> $config_target_mak
 echo "TARGET_ARCH=$TARGET_ARCH" >> $config_target_mak
 target_arch_name="`echo $TARGET_ARCH | tr '[:lower:]' '[:upper:]'`"
 echo "TARGET_$target_arch_name=y" >> $config_target_mak
diff --git a/linux-user/main.c b/linux-user/main.c
index 89a51d7..40d76b4 100644
--- a/linux-user/main.c
+++ b/linux-user/main.c
@@ -3090,39 +3090,7 @@ int main(int argc, char **argv, char **envp)
 init_paths(interp_prefix);
 
 if (cpu_model == NULL) {
-#if defined(TARGET_I386)
-#ifdef TARGET_X86_64
-cpu_model = "qemu64";
-#else
-cpu_model = "qemu32";
-#endif
-#elif defined(TARGET_ARM)
-cpu_model = "any";
-#elif defined(TARGET_UNICORE32)
-cpu_model = "any";
-#elif defined(TARGET_M68K)
-cpu_model = "any";
-#elif defined(TARGET_SPARC)
-#ifdef TARGET_SPARC64
-cpu_model = "TI UltraSparc II";
-#else
-cpu_model = "Fujitsu MB86904";
-#endif
-#elif defined(TARGET_MIPS)
-#if defined(TARGET_ABI_MIPSN32) || defined(TARGET_ABI_MIPSN64)
-cpu_model = "20Kc";
-#else
-cpu_model = "24Kf";
-#endif
-#elif defined(TARGET_PPC)
-#ifdef TARGET_PPC64
-cpu_model = "970fx";
-#else
-cpu_model = "750";
-#endif
-#else
-cpu_model = "any";
-#endif
+cpu_model = TARGET_DEFAULT_CPU;
 }
 tcg_exec_init(0);
 cpu_exec_init_all();
-- 
1.7.1

[Qemu-devel] [PATCH 4/4] linux-user: define new environment variables

[Laurent Vivier]

From: Laurent Vivier 

QEMU_GDB=port allows to define gdb server port to wait on.
QEMU_DEBUG=options allows to activate log file (like -d options)

Signed-off-by: Laurent Vivier 
---
 linux-user/main.c |   14 +++---
 qemu-doc.texi |4 
 2 files changed, 15 insertions(+), 3 deletions(-)

diff --git a/linux-user/main.c b/linux-user/main.c
index 40d76b4..9d161c4 100644
--- a/linux-user/main.c
+++ b/linux-user/main.c
@@ -2822,8 +2822,10 @@ static void usage(void)
"-strace  log system calls\n"
"\n"
"Environment variables:\n"
-   "QEMU_STRACE   Print system calls and arguments similar to 
the\n"
-   "  'strace' program.  Enable by setting to any 
value.\n"
+   "QEMU_STRACEPrint system calls and arguments similar to 
the\n"
+   "   'strace' program.  Enable by setting to any 
value.\n"
+   "QEMU_DEBUG=options Activate log. Use same options as '-d' 
options\n"
+   "QEMU_GDB=port  Wait gdb connection to port\n"
"You can use -E and -U options to set/unset environment variables\n"
"for target process.  It is possible to provide several variables\n"
"by repeating the option.  For example:\n"
@@ -2879,7 +2881,7 @@ int main(int argc, char **argv, char **envp)
 const char *filename;
 const char *cpu_model;
 const char *log_file = DEBUG_LOGFILE;
-const char *log_mask = NULL;
+const char *log_mask = getenv("QEMU_DEBUG");
 struct target_pt_regs regs1, *regs = ®s1;
 struct image_info info1, *info = &info1;
 struct linux_binprm bprm;
@@ -2926,6 +2928,12 @@ int main(int argc, char **argv, char **envp)
 #if defined(cpudef_setup)
 cpudef_setup(); /* parse cpu definitions in target config file (TBD) */
 #endif
+if (getenv("QEMU_GDB")) {
+  gdbstub_port = atoi(getenv("QEMU_GDB"));
+}
+/* don't propagate QEMU_DEBUG and _GDB to children */
+unsetenv("QEMU_DEBUG");
+unsetenv("QEMU_GDB");
 
 optind = 1;
 for(;;) {
diff --git a/qemu-doc.texi b/qemu-doc.texi
index 31199f6..2193463 100644
--- a/qemu-doc.texi
+++ b/qemu-doc.texi
@@ -2293,6 +2293,10 @@ space emulator hasn't implemented ptrace).  At the 
moment this is
 incomplete.  All system calls that don't have a specific argument
 format are printed with information for six arguments.  Many
 flag-style arguments don't have decoders and will show up as numbers.
+@item QEMU_DEBUG=options
+Activate log. Use same options as '-d' options.
+@item QEMU_GDB=port
+Wait gdb connection to port.
 @end table
 
 @node Other binaries
-- 
1.7.1

Re: [Qemu-devel] [PATCH 7/8] tcg: Add tcg interpreter to configure / make

[Stefan Weil]

Am 18.09.2011 11:37, schrieb Blue Swirl:

On Sat, Sep 17, 2011 at 8:00 PM, Stefan Weil  wrote:

Signed-off-by: Stefan Weil 
---
 Makefile.target |1 +
 configure   |   30 --
 2 files changed, 29 insertions(+), 2 deletions(-)

diff --git a/Makefile.target b/Makefile.target
index 88d2f1f..a2c3a4a 100644
--- a/Makefile.target
+++ b/Makefile.target
@@ -69,6 +69,7 @@ all: $(PROGS) stap
 # cpu emulator library
 libobj-y = exec.o translate-all.o cpu-exec.o translate.o
 libobj-y += tcg/tcg.o tcg/optimize.o
+libobj-$(CONFIG_TCG_INTERPRETER) += tcg/tci.o
 libobj-y += fpu/softfloat.o
 libobj-y += op_helper.o helper.o
 ifeq ($(TARGET_BASE_ARCH), i386)
diff --git a/configure b/configure

[snip]

@@ -2761,6 +2768,15 @@ case "$cpu" in
  armv4b|armv4l)
ARCH=arm
  ;;
+  *)
+if test "$tcg_interpreter" = "yes" ; then
+echo "Unsupported CPU = $cpu, will use TCG with TCI 
(experimental)"

+ARCH=unknown


ARCH=TCI or 'all' would be more accurate.


Ok, I'll change it to ARCH=all (or 'any' or 'tci', if that is preferred).


+if test "$tcg_interpreter" = "yes"; then


Here the test should be against ARCH for consistency.


That would not work:

There are 3 supported setups: no tcg interpreter, tcg interpreter
with known ARCH and tcg interpreter with unknown ARCH.

For the include path, I must test $tcg_interpreter.
For the linker script, I test $ARCH (see below).


+  includes="-I\$(SRC_PATH)/tcg/bytecode $includes"
+elif test "$ARCH" = "sparc64" ; then
   includes="-I\$(SRC_PATH)/tcg/sparc $includes"
  elif test "$ARCH" = "s390x" ; then
   includes="-I\$(SRC_PATH)/tcg/s390 $includes"
@@ -3577,7 +3598,12 @@ if test "$gprof" = "yes" ; then
   fi
  fi

-linker_script="-Wl,-T../config-host.ld -Wl,-T,\$(SRC_PATH)/\$(ARCH).ld"
+if test "$ARCH" = "unknown"; then
+  linker_script=""
+else
+  linker_script="-Wl,-T../config-host.ld -Wl,-T,\$(SRC_PATH)/\$(ARCH).ld"
+fi
+

Re: [Qemu-devel] [PATCH 0/8] tcg/interpreter: Add TCG + interpreter for bytecode (virtual machine)

[Blue Swirl]

On Sat, Sep 17, 2011 at 7:59 PM, Stefan Weil  wrote:
> Hello,
>
> these patches add a new code generator (TCG target) to qemu.
>
> Unlike other tcg target code generators, this one does not generate
> machine code for some cpu. It generates machine independent bytecode
> which is interpreted later. That's why I called it TCI (tiny code
> interpreter).
>
> I wrote most of the code two years ago and included feedback and
> contributions from several QEMU developers, notably TeleMan,
> Stuart Brady, Blue Swirl and Malc. See the history here:
> http://lists.nongnu.org/archive/html/qemu-devel/2009-09/msg01710.html
>
> Since that time, I used TCI regularly, added small fixes and improvements
> and rebased it to latest QEMU. Some versions were tested using
> ARM (emulated and real), PowerPC (emulated) and MIPS (emulated) hosts,
> but normally I run it on i386 and x86_64 hosts.
>
> I'd appreciate to see TCI in QEMU 1.0.
>
> Regards,
> Stefan Weil
>
> The patches 2 and 4 are optional, patch 8 is only needed for running
> TCI on a PowerPC host.

I think patches 1 to 4 and 8 could be applied soon as they are now,
they should benefit plain TCG too. I had some comments to other
patches, but otherwise everything looks great.

Comparisons to other bytecode interpreters (for example Python) would
be interesting, maybe there are also tricks that can be reused.

> [PATCH 1/8] tcg: Declare TCG_TARGET_REG_BITS in tcg.h
> [PATCH 2/8] tcg: Don't declare TCG_TARGET_REG_BITS in tcg-target.h
> [PATCH 3/8] tcg: Add forward declarations for local functions
> [PATCH 4/8] tcg: Add some assertions
> [PATCH 5/8] tcg: Add interpreter for bytecode
> [PATCH 6/8] tcg: Add bytecode generator for tcg interpreter
> [PATCH 7/8] tcg: Add tcg interpreter to configure / make
> [PATCH 8/8] ppc: Support tcg interpreter on ppc hosts
>
>

Re: [Qemu-devel] [PATCH 0/8] tcg/interpreter: Add TCG + interpreter for bytecode (virtual machine)

[malc]

On Sun, 18 Sep 2011, Blue Swirl wrote:

> On Sat, Sep 17, 2011 at 7:59 PM, Stefan Weil  wrote:
> > Hello,
> >
> > these patches add a new code generator (TCG target) to qemu.
> >
> > Unlike other tcg target code generators, this one does not generate
> > machine code for some cpu. It generates machine independent bytecode
> > which is interpreted later. That's why I called it TCI (tiny code
> > interpreter).
> >
> > I wrote most of the code two years ago and included feedback and
> > contributions from several QEMU developers, notably TeleMan,
> > Stuart Brady, Blue Swirl and Malc. See the history here:
> > http://lists.nongnu.org/archive/html/qemu-devel/2009-09/msg01710.html
> >
> > Since that time, I used TCI regularly, added small fixes and improvements
> > and rebased it to latest QEMU. Some versions were tested using
> > ARM (emulated and real), PowerPC (emulated) and MIPS (emulated) hosts,
> > but normally I run it on i386 and x86_64 hosts.
> >
> > I'd appreciate to see TCI in QEMU 1.0.
> >
> > Regards,
> > Stefan Weil
> >
> > The patches 2 and 4 are optional, patch 8 is only needed for running
> > TCI on a PowerPC host.
> 
> I think patches 1 to 4 and 8 could be applied soon as they are now,
> they should benefit plain TCG too. I had some comments to other
> patches, but otherwise everything looks great.

Hold the horses untill Stefan settles the licensing issues.

> 
> Comparisons to other bytecode interpreters (for example Python) would
> be interesting, maybe there are also tricks that can be reused.
> 
> > [PATCH 1/8] tcg: Declare TCG_TARGET_REG_BITS in tcg.h
> > [PATCH 2/8] tcg: Don't declare TCG_TARGET_REG_BITS in tcg-target.h
> > [PATCH 3/8] tcg: Add forward declarations for local functions
> > [PATCH 4/8] tcg: Add some assertions
> > [PATCH 5/8] tcg: Add interpreter for bytecode
> > [PATCH 6/8] tcg: Add bytecode generator for tcg interpreter
> > [PATCH 7/8] tcg: Add tcg interpreter to configure / make
> > [PATCH 8/8] ppc: Support tcg interpreter on ppc hosts
> >
> >
> 

-- 
mailto:av1...@comtv.ru

Re: [Qemu-devel] [PATCH v3 5/6] vga: Use linear mapping + dirty logging in chain 4 memory access mode

[Avi Kivity]

On 09/18/2011 12:40 AM, Blue Swirl wrote:

On Thu, Sep 15, 2011 at 11:31 AM, Avi Kivity  wrote:
>  On 09/15/2011 01:01 PM, Benjamin Herrenschmidt wrote:
>>
>>  >Sure :). So the problem is that when emulating the G3 Beige machine in
>>  >QEMU (default ppc32 target) we also add a PCI VGA adapter. Apparently,
>>  >on x86 that PCI VGA adapter can map the special VGA regions to
>>  >somewhere, namely 0xa. With the memory api overhaul, this also
>>  >slipped into the PPC world where mapping 0xa with VGA adapters is
>>  >a pretty bad idea, as it's occupied by RAM.
>>  >
>>  >Now the discussion was on which level that mapping would happen and
>>  >which devices go through which buses which then would filter certain
>>  >ranges from being mapped. Basically, which way does a memory request
>>  >from the CPU go on a G3 Beige machine until it arrives the VGA
>>  >adapter?
>>  >
>>  >I hope that concludes the actual question. Avi, if I explained this
>>  >wrong, please correct me.
>>
>>  Ok so there's several things here.
>>
>>  First, the mapping from CPU addresses to PCI addresses. This depends on
>>  the host bridge chip. The MPC106, used in the Beige G3, itself supports
>>  different type of mappings.
>>
>>From memory, the way it's configured in a G3 is to have a 1:1 mapping of
>>  8000 CPU to 8000 PCI.
>>
>>  That means that with this basic mapping, you cannot generate memory
>>  accesses to low PCI addresses such as 0xa.
>
>  Alex, what this means (I think is) that: pci_grackle_init() needs to create
>  a container memory region and pass it to pc_register_bus() as the pci
>  address space, and create and alias starting at 0x8000 of the pci
>  address space, and map that alias at address 0x8000 of the system
>  address space.
>
>  See pc_init1() creating pci_memory and passing it to i440fx_init(), which
>  then maps some aliases into the system address space and also gives it to
>  pci_bus_new().  It's essentially the same thing with different details.

I think the attached patch (on top of ppc-next) should do it, but it
doesn't. Only the top area of the screen is shown, the rest is black.


I can't see anything wrong with the patch either.

--
error compiling committee.c: too many arguments to function

Re: [Qemu-devel] [PATCH] sun4u: don't set up isa_mem_base

[Avi Kivity]

On 09/17/2011 10:28 PM, Blue Swirl wrote:

Since we use memory API in sun4u.c, after
71579cae30b53c910cd6c47ab4e683f647d36519, setting up isa_mem_base
puts vga.chain4 outside of the physical address space.

Fix by removing obsolete isa_mem_base set up.

Signed-off-by: Blue Swirl
---
  hw/sun4u.c |1 -
  1 files changed, 0 insertions(+), 1 deletions(-)

diff --git a/hw/sun4u.c b/hw/sun4u.c
index 32e6ab9..6afb0e7 100644
--- a/hw/sun4u.c
+++ b/hw/sun4u.c
@@ -763,7 +763,6 @@ static void sun4uv_init(ram_addr_t RAM_size,
  irq = qemu_allocate_irqs(cpu_set_irq, env, MAX_PILS);
  pci_bus = pci_apb_init(APB_SPECIAL_BASE, APB_MEM_BASE, irq,&pci_bus2,
 &pci_bus3);
-isa_mem_base = APB_PCI_IO_BASE;
  pci_vga_init(pci_bus);


Good catch, I wonder how many more such cases remain.

I guess we should prioritize their conversion.

--
error compiling committee.c: too many arguments to function

Re: [Qemu-devel] [PATCH] memory: fix subregion collision warning

[Avi Kivity]

On 09/16/2011 12:16 AM, Michael Walle wrote:

Instead of the offset property use the proper addr property to calculate
the offsets.

Additionally, be a little more verbose on the warning and print the
subregion name.




Thanks, applied to memory/core.

--
error compiling committee.c: too many arguments to function

Re: [Qemu-devel] [PATCH] mips_malta: move i8259 initialization after piix4 initialization

[Avi Kivity]

On 09/14/2011 11:52 PM, Edgar E. Iglesias wrote:

On Wed, Sep 14, 2011 at 11:17:54PM +0300, Avi Kivity wrote:
>  On 09/14/2011 07:19 PM, Andreas Färber wrote:
>  >>
>  >>   Can this please be reviewed?  It's in the front of the memory queue
>  >>   logjam.
>  >
>  >With or without this patch, the mips and mipsel test images on qemu.org
>  >produce no output at all, on x64 host.
>  >
>
>  AFAICT this problem predates the memory API.  I'm looking more for
>  criticism on the approach.

Hi, i think the images on the wiki are meant to run on a -M mips board.
Maybe the scripts predate a change to Malta as default board, don't know.

The patch looks OK to me to, but you could maybe put a comment in the code
to explain the indirection.



Thanks, added a comment and your acked-by.

--
error compiling committee.c: too many arguments to function

Re: [Qemu-devel] [PATCH] sun4u: don't set up isa_mem_base

[Blue Swirl]

On Sun, Sep 18, 2011 at 11:30 AM, Avi Kivity  wrote:
> On 09/17/2011 10:28 PM, Blue Swirl wrote:
>>
>> Since we use memory API in sun4u.c, after
>> 71579cae30b53c910cd6c47ab4e683f647d36519, setting up isa_mem_base
>> puts vga.chain4 outside of the physical address space.
>>
>> Fix by removing obsolete isa_mem_base set up.
>>
>> Signed-off-by: Blue Swirl
>> ---
>>  hw/sun4u.c |    1 -
>>  1 files changed, 0 insertions(+), 1 deletions(-)
>>
>> diff --git a/hw/sun4u.c b/hw/sun4u.c
>> index 32e6ab9..6afb0e7 100644
>> --- a/hw/sun4u.c
>> +++ b/hw/sun4u.c
>> @@ -763,7 +763,6 @@ static void sun4uv_init(ram_addr_t RAM_size,
>>      irq = qemu_allocate_irqs(cpu_set_irq, env, MAX_PILS);
>>      pci_bus = pci_apb_init(APB_SPECIAL_BASE, APB_MEM_BASE, irq,&pci_bus2,
>>                             &pci_bus3);
>> -    isa_mem_base = APB_PCI_IO_BASE;
>>      pci_vga_init(pci_bus);
>
> Good catch, I wonder how many more such cases remain.

Thanks, I applied the patch. The cases excluding VGA are:

./hw/bonito.c:isa_mem_base = s->bonito_pciio_start;
./hw/ppc_newworld.c:isa_mem_base = 0x8000;
./hw/ppc_oldworld.c:isa_mem_base = 0x8000;
./hw/mips_r4k.c:isa_mem_base = 0x1000;
./hw/ppc_prep.c:isa_mem_base = 0xc000;
./hw/gt64xxx.c:  isa_mem_base = s->PCI0IO_start;
./hw/gt64xxx.c:isa_mem_base = 0x1000;
./hw/mips_jazz.c:isa_mem_base = 0x1100;

> I guess we should prioritize their conversion.

I guess only ISA bus machines (gt64xxx.c and mips_jazz.c) need the
base until ISA has been converted to memory API.

Re: [Qemu-devel] [PATCH 0/8] tcg/interpreter: Add TCG + interpreter for bytecode (virtual machine)

[Blue Swirl]

On Sun, Sep 18, 2011 at 10:49 AM, malc  wrote:
> On Sun, 18 Sep 2011, Blue Swirl wrote:
>
>> On Sat, Sep 17, 2011 at 7:59 PM, Stefan Weil  wrote:
>> > Hello,
>> >
>> > these patches add a new code generator (TCG target) to qemu.
>> >
>> > Unlike other tcg target code generators, this one does not generate
>> > machine code for some cpu. It generates machine independent bytecode
>> > which is interpreted later. That's why I called it TCI (tiny code
>> > interpreter).
>> >
>> > I wrote most of the code two years ago and included feedback and
>> > contributions from several QEMU developers, notably TeleMan,
>> > Stuart Brady, Blue Swirl and Malc. See the history here:
>> > http://lists.nongnu.org/archive/html/qemu-devel/2009-09/msg01710.html
>> >
>> > Since that time, I used TCI regularly, added small fixes and improvements
>> > and rebased it to latest QEMU. Some versions were tested using
>> > ARM (emulated and real), PowerPC (emulated) and MIPS (emulated) hosts,
>> > but normally I run it on i386 and x86_64 hosts.
>> >
>> > I'd appreciate to see TCI in QEMU 1.0.
>> >
>> > Regards,
>> > Stefan Weil
>> >
>> > The patches 2 and 4 are optional, patch 8 is only needed for running
>> > TCI on a PowerPC host.
>>
>> I think patches 1 to 4 and 8 could be applied soon as they are now,
>> they should benefit plain TCG too. I had some comments to other
>> patches, but otherwise everything looks great.
>
> Hold the horses untill Stefan settles the licensing issues.

Which issues? For which patches?

>>
>> Comparisons to other bytecode interpreters (for example Python) would
>> be interesting, maybe there are also tricks that can be reused.
>>
>> > [PATCH 1/8] tcg: Declare TCG_TARGET_REG_BITS in tcg.h
>> > [PATCH 2/8] tcg: Don't declare TCG_TARGET_REG_BITS in tcg-target.h
>> > [PATCH 3/8] tcg: Add forward declarations for local functions
>> > [PATCH 4/8] tcg: Add some assertions
>> > [PATCH 5/8] tcg: Add interpreter for bytecode
>> > [PATCH 6/8] tcg: Add bytecode generator for tcg interpreter
>> > [PATCH 7/8] tcg: Add tcg interpreter to configure / make
>> > [PATCH 8/8] ppc: Support tcg interpreter on ppc hosts
>> >
>> >
>>
>
> --
> mailto:av1...@comtv.ru
>

[Qemu-devel] [PATCH 1/2] memory: Fix old portio word accesses

[Jan Kiszka]

From: Jan Kiszka 

As we register old portio regions via ioport_register, we are also
responsible for providing the word access wrapper.

Signed-off-by: Jan Kiszka 
---
 memory.c |   10 ++
 1 files changed, 10 insertions(+), 0 deletions(-)

diff --git a/memory.c b/memory.c
index b3ee232..f712d95 100644
--- a/memory.c
+++ b/memory.c
@@ -397,6 +397,11 @@ static void memory_region_iorange_read(IORange *iorange,
 *data = ((uint64_t)1 << (width * 8)) - 1;
 if (mrp) {
 *data = mrp->read(mr->opaque, offset + mr->offset);
+} else if (width == 2) {
+mrp = find_portio(mr, offset, 1, false);
+assert(mrp);
+*data = mrp->read(mr->opaque, offset + mr->offset) |
+mrp->read(mr->opaque, offset + mr->offset + 1);
 }
 return;
 }
@@ -419,6 +424,11 @@ static void memory_region_iorange_write(IORange *iorange,
 
 if (mrp) {
 mrp->write(mr->opaque, offset + mr->offset, data);
+} else if (width == 2) {
+mrp = find_portio(mr, offset, 1, false);
+assert(mrp);
+mrp->write(mr->opaque, offset + mr->offset, data & 0xff);
+mrp->write(mr->opaque, offset + mr->offset + 1, data >> 8);
 }
 return;
 }
-- 
1.7.3.4

[Qemu-devel] [PATCH 2/2] vga: Fix portio list conversion fallouts

[Jan Kiszka]

From: Jan Kiszka 

Fix copy&paste errors and reduce duplications of the BOCHS VBE ranges.

Signed-off-by: Jan Kiszka 
---

This and the previous patch unbreaks VGA over memory/master.

 hw/vga.c |9 -
 1 files changed, 4 insertions(+), 5 deletions(-)

diff --git a/hw/vga.c b/hw/vga.c
index 513a5f6..22160e8 100644
--- a/hw/vga.c
+++ b/hw/vga.c
@@ -2244,19 +2244,18 @@ static const MemoryRegionPortio vga_portio_list[] = {
 { 0x04,  2, 1, .read = vga_ioport_read, .write = vga_ioport_write }, /* 
3b4 */
 { 0x0a,  1, 1, .read = vga_ioport_read, .write = vga_ioport_write }, /* 
3ba */
 { 0x10, 16, 1, .read = vga_ioport_read, .write = vga_ioport_write }, /* 
3c0 */
-{ 0x14,  2, 1, .read = vga_ioport_read, .write = vga_ioport_write }, /* 
3d4 */
-{ 0x1a,  1, 1, .read = vga_ioport_read, .write = vga_ioport_write }, /* 
3da */
+{ 0x24,  2, 1, .read = vga_ioport_read, .write = vga_ioport_write }, /* 
3d4 */
+{ 0x2a,  1, 1, .read = vga_ioport_read, .write = vga_ioport_write }, /* 
3da */
 PORTIO_END_OF_LIST(),
 };
 
 #ifdef CONFIG_BOCHS_VBE
 static const MemoryRegionPortio vbe_portio_list[] = {
-# ifdef TARGET_I386
 { 0, 1, 2, .read = vbe_ioport_read_index, .write = vbe_ioport_write_index 
},
+# ifdef TARGET_I386
 { 1, 1, 2, .read = vbe_ioport_read_data, .write = vbe_ioport_write_data },
 # else
-{ 0, 2, 2, .read = vbe_ioport_read_index, .write = vbe_ioport_write_index 
},
-{ 2, 2, 2, .read = vbe_ioport_read_data, .write = vbe_ioport_write_data },
+{ 2, 1, 2, .read = vbe_ioport_read_data, .write = vbe_ioport_write_data },
 # endif
 PORTIO_END_OF_LIST(),
 };

Re: [Qemu-devel] [PATCH 0/8] tcg/interpreter: Add TCG + interpreter for bytecode (virtual machine)

[malc]

On Sun, 18 Sep 2011, Blue Swirl wrote:

> On Sun, Sep 18, 2011 at 10:49 AM, malc  wrote:
> > On Sun, 18 Sep 2011, Blue Swirl wrote:
> >
> >> On Sat, Sep 17, 2011 at 7:59 PM, Stefan Weil  wrote:
> >> > Hello,
> >> >
> >> > these patches add a new code generator (TCG target) to qemu.
> >> >
> >> > Unlike other tcg target code generators, this one does not generate
> >> > machine code for some cpu. It generates machine independent bytecode
> >> > which is interpreted later. That's why I called it TCI (tiny code
> >> > interpreter).
> >> >
> >> > I wrote most of the code two years ago and included feedback and
> >> > contributions from several QEMU developers, notably TeleMan,
> >> > Stuart Brady, Blue Swirl and Malc. See the history here:
> >> > http://lists.nongnu.org/archive/html/qemu-devel/2009-09/msg01710.html
> >> >
> >> > Since that time, I used TCI regularly, added small fixes and improvements
> >> > and rebased it to latest QEMU. Some versions were tested using
> >> > ARM (emulated and real), PowerPC (emulated) and MIPS (emulated) hosts,
> >> > but normally I run it on i386 and x86_64 hosts.
> >> >
> >> > I'd appreciate to see TCI in QEMU 1.0.
> >> >
> >> > Regards,
> >> > Stefan Weil
> >> >
> >> > The patches 2 and 4 are optional, patch 8 is only needed for running
> >> > TCI on a PowerPC host.
> >>
> >> I think patches 1 to 4 and 8 could be applied soon as they are now,
> >> they should benefit plain TCG too. I had some comments to other
> >> patches, but otherwise everything looks great.
> >
> > Hold the horses untill Stefan settles the licensing issues.
> 
> Which issues? For which patches?
> 

Read tcg/LICENSE.

> >>
> >> Comparisons to other bytecode interpreters (for example Python) would
> >> be interesting, maybe there are also tricks that can be reused.
> >>
> >> > [PATCH 1/8] tcg: Declare TCG_TARGET_REG_BITS in tcg.h
> >> > [PATCH 2/8] tcg: Don't declare TCG_TARGET_REG_BITS in tcg-target.h
> >> > [PATCH 3/8] tcg: Add forward declarations for local functions
> >> > [PATCH 4/8] tcg: Add some assertions
> >> > [PATCH 5/8] tcg: Add interpreter for bytecode
> >> > [PATCH 6/8] tcg: Add bytecode generator for tcg interpreter
> >> > [PATCH 7/8] tcg: Add tcg interpreter to configure / make
> >> > [PATCH 8/8] ppc: Support tcg interpreter on ppc hosts
> >> >
> >> >
> >>
> >
> > --
> > mailto:av1...@comtv.ru
> >
> 

-- 
mailto:av1...@comtv.ru

[Qemu-devel] [PATCH v2 1/2] memory: Fix old portio word accesses

[Jan Kiszka]

From: Jan Kiszka 

As we register old portio regions via ioport_register, we are also
responsible for providing the word access wrapper.

Signed-off-by: Jan Kiszka 
---

Oops, was lacking a shift for word reads.

 memory.c |   10 ++
 1 files changed, 10 insertions(+), 0 deletions(-)

diff --git a/memory.c b/memory.c
index b3ee232..aef4702 100644
--- a/memory.c
+++ b/memory.c
@@ -397,6 +397,11 @@ static void memory_region_iorange_read(IORange *iorange,
 *data = ((uint64_t)1 << (width * 8)) - 1;
 if (mrp) {
 *data = mrp->read(mr->opaque, offset + mr->offset);
+} else if (width == 2) {
+mrp = find_portio(mr, offset, 1, false);
+assert(mrp);
+*data = mrp->read(mr->opaque, offset + mr->offset) |
+(mrp->read(mr->opaque, offset + mr->offset + 1) << 8);
 }
 return;
 }
@@ -419,6 +424,11 @@ static void memory_region_iorange_write(IORange *iorange,
 
 if (mrp) {
 mrp->write(mr->opaque, offset + mr->offset, data);
+} else if (width == 2) {
+mrp = find_portio(mr, offset, 1, false);
+assert(mrp);
+mrp->write(mr->opaque, offset + mr->offset, data & 0xff);
+mrp->write(mr->opaque, offset + mr->offset + 1, data >> 8);
 }
 return;
 }
-- 
1.7.3.4

[Qemu-devel] [PATCH] isa: Avoid using obsolete memory_region_set_offset for old portio

[Jan Kiszka]

From: Jan Kiszka 

We can express the offset of old portio completely via
MemoryRegionPortio::offset by splitting up regions of different offsets
and adjusting those offsets appropriately.

Signed-off-by: Jan Kiszka 
---

Will write a patch to remove MemoryRegion::offset now.

 hw/isa-bus.c |   28 ++--
 memory.c |   15 +++
 2 files changed, 17 insertions(+), 26 deletions(-)

diff --git a/hw/isa-bus.c b/hw/isa-bus.c
index 27c76b4..558312d 100644
--- a/hw/isa-bus.c
+++ b/hw/isa-bus.c
@@ -107,19 +107,14 @@ static void isa_register_portio_1(ISADevice *dev,
 MemoryRegion *region;
 unsigned i;
 
-if (off_low == 0 && pio_init[count].size == 0) {
-/* Special case simple adjustments.  */
-pio = (MemoryRegionPortio *) pio_init;
-} else {
-/* Copy the sub-list and null-terminate it.  */
-pio = g_new(MemoryRegionPortio, count + 1);
-memcpy(pio, pio_init, sizeof(MemoryRegionPortio) * count);
-memset(pio + count, 0, sizeof(MemoryRegionPortio));
-
-/* Adjust the offsets to all be zero-based for the region.  */
-for (i = 0; i < count; ++i) {
-pio[i].offset -= off_low;
-}
+/* Copy the sub-list and null-terminate it.  */
+pio = g_new(MemoryRegionPortio, count + 1);
+memcpy(pio, pio_init, sizeof(MemoryRegionPortio) * count);
+memset(pio + count, 0, sizeof(MemoryRegionPortio));
+
+/* Adjust the offsets to be absolute.  */
+for (i = 0; i < count; ++i) {
+pio[i].offset += start;
 }
 
 ops = g_new0(MemoryRegionOps, 1);
@@ -127,7 +122,6 @@ static void isa_register_portio_1(ISADevice *dev,
 
 region = g_new(MemoryRegion, 1);
 memory_region_init_io(region, ops, opaque, name, off_high - off_low);
-memory_region_set_offset(region, start + off_low);
 memory_region_add_subregion(isabus->address_space_io,
 start + off_low, region);
 }
@@ -154,8 +148,8 @@ void isa_register_portio_list(ISADevice *dev, uint16_t 
start,
 assert(pio->offset >= off_last);
 off_last = pio->offset;
 
-/* If we see a hole, break the region.  */
-if (off_last > off_high) {
+/* If we see a new offset, break the region. */
+if (off_last > off_low) {
 isa_register_portio_1(dev, pio_start, count, start, off_low,
   off_high, opaque, name);
 /* ... and start collecting anew.  */
@@ -163,8 +157,6 @@ void isa_register_portio_list(ISADevice *dev, uint16_t 
start,
 off_low = off_last;
 off_high = off_low + pio->len;
 count = 0;
-} else if (off_last + pio->len > off_high) {
-off_high = off_last + pio->len;
 }
 }
 
diff --git a/memory.c b/memory.c
index aef4702..51f0297 100644
--- a/memory.c
+++ b/memory.c
@@ -375,8 +375,7 @@ static const MemoryRegionPortio *find_portio(MemoryRegion 
*mr, uint64_t offset,
 const MemoryRegionPortio *mrp;
 
 for (mrp = mr->ops->old_portio; mrp->size; ++mrp) {
-if (offset >= mrp->offset && offset < mrp->offset + mrp->len
-&& width == mrp->size
+if (offset < mrp->len && width == mrp->size
 && (write ? (bool)mrp->write : (bool)mrp->read)) {
 return mrp;
 }
@@ -396,12 +395,12 @@ static void memory_region_iorange_read(IORange *iorange,
 
 *data = ((uint64_t)1 << (width * 8)) - 1;
 if (mrp) {
-*data = mrp->read(mr->opaque, offset + mr->offset);
+*data = mrp->read(mr->opaque, offset + mrp->offset);
 } else if (width == 2) {
 mrp = find_portio(mr, offset, 1, false);
 assert(mrp);
-*data = mrp->read(mr->opaque, offset + mr->offset) |
-(mrp->read(mr->opaque, offset + mr->offset + 1) << 8);
+*data = mrp->read(mr->opaque, offset + mrp->offset) |
+(mrp->read(mr->opaque, offset + mrp->offset + 1) << 8);
 }
 return;
 }
@@ -423,12 +422,12 @@ static void memory_region_iorange_write(IORange *iorange,
 const MemoryRegionPortio *mrp = find_portio(mr, offset, width, true);
 
 if (mrp) {
-mrp->write(mr->opaque, offset + mr->offset, data);
+mrp->write(mr->opaque, offset + mrp->offset, data);
 } else if (width == 2) {
 mrp = find_portio(mr, offset, 1, false);
 assert(mrp);
-mrp->write(mr->opaque, offset + mr->offset, data & 0xff);
-mrp->write(mr->opaque, offset + mr->offset + 1, data >> 8);
+mrp->write(mr->opaque, offset + mrp->offset, data & 0xff);
+mrp->write(mr->opaque, offset + mrp->offset + 1, data >> 8);
 }
 return;
 }
-- 
1.7.3.4

Re: [Qemu-devel] [PATCH v2] memory: simple memory tree printer

[Jan Kiszka]

On 2011-09-17 21:27, Blue Swirl wrote:
> Add a monitor command 'info mtree' to show the memory hierarchy
> much like /proc/iomem in Linux.
> 
> Signed-off-by: Blue Swirl 
> ---
> v1->v2: use /proc/iomem format.
> ---
>  memory.c  |   27 +++
>  memory.h  |2 ++
>  monitor.c |7 +++
>  3 files changed, 36 insertions(+), 0 deletions(-)
> 
> diff --git a/memory.c b/memory.c
> index 101b67c..275f5cf 100644
> --- a/memory.c
> +++ b/memory.c
> @@ -17,6 +17,7 @@
>  #include "bitops.h"
>  #include "kvm.h"
>  #include 
> +#include "monitor.h"
> 
>  unsigned memory_region_transaction_depth = 0;
> 
> @@ -1253,3 +1254,29 @@ void set_system_io_map(MemoryRegion *mr)
>  address_space_io.root = mr;
>  memory_region_update_topology();
>  }
> +
> +static void mtree_print_mr(Monitor *mon, MemoryRegion *mr, unsigned int 
> level)
> +{
> +MemoryRegion *submr;
> +unsigned int i;
> +
> +for (i = 0; i < level; i++) {
> +monitor_printf(mon, "  ");
> +}
> +monitor_printf(mon, TARGET_FMT_plx "-" TARGET_FMT_plx " : %s\n",
> +   mr->addr, mr->addr + (target_phys_addr_t)mr->size - 1,
> +   mr->name);

I would prefer absolute addresses here. And the priority field needs to
be dumped as well.

Jan



signature.asc
Description: OpenPGP digital signature

[Qemu-devel] [PATCH] irq: introduce qemu_irq_proxy()

[Avi Kivity]

In some cases we have a circular dependency involving irqs - the irq
controller depends on a bus, which in turn depends on the irq controller.
Add qemu_irq_proxy() which acts as a passthrough, except that the target
irq may be set later on.

Signed-off-by: Avi Kivity 
---

Turns out the circular dependency i8259->isa->pci->i8259 is widespread,
so introduce a general means of fixing it up.  I'll update the patchset to
make use of it everywhere it occurs.

 hw/irq.c |   14 ++
 hw/irq.h |5 +
 2 files changed, 19 insertions(+), 0 deletions(-)

diff --git a/hw/irq.c b/hw/irq.c
index 60eabe8..62f766e 100644
--- a/hw/irq.c
+++ b/hw/irq.c
@@ -90,3 +90,17 @@ qemu_irq qemu_irq_split(qemu_irq irq1, qemu_irq irq2)
 s[1] = irq2;
 return qemu_allocate_irqs(qemu_splitirq, s, 1)[0];
 }
+
+static void proxy_irq_handler(void *opaque, int n, int level)
+{
+qemu_irq **target = opaque;
+
+if (*target) {
+qemu_set_irq((*target)[n], level);
+}
+}
+
+qemu_irq *qemu_irq_proxy(qemu_irq **target, int n)
+{
+return qemu_allocate_irqs(proxy_irq_handler, target, n);
+}
diff --git a/hw/irq.h b/hw/irq.h
index 389ed7a..64da2fd 100644
--- a/hw/irq.h
+++ b/hw/irq.h
@@ -33,4 +33,9 @@ qemu_irq qemu_irq_invert(qemu_irq irq);
 /* Returns a new IRQ which feeds into both the passed IRQs */
 qemu_irq qemu_irq_split(qemu_irq irq1, qemu_irq irq2);
 
+/* Returns a new IRQ set which connects 1:1 to another IRQ set, which
+ * may be set later.
+ */
+qemu_irq *qemu_irq_proxy(qemu_irq **target, int n);
+
 #endif
-- 
1.7.6.3

Re: [Qemu-devel] [PATCH 0/8] tcg/interpreter: Add TCG + interpreter for bytecode (virtual machine)

[Blue Swirl]

On Sun, Sep 18, 2011 at 12:46 PM, malc  wrote:
> On Sun, 18 Sep 2011, Blue Swirl wrote:
>
>> On Sun, Sep 18, 2011 at 10:49 AM, malc  wrote:
>> > On Sun, 18 Sep 2011, Blue Swirl wrote:
>> >
>> >> On Sat, Sep 17, 2011 at 7:59 PM, Stefan Weil  wrote:
>> >> > Hello,
>> >> >
>> >> > these patches add a new code generator (TCG target) to qemu.
>> >> >
>> >> > Unlike other tcg target code generators, this one does not generate
>> >> > machine code for some cpu. It generates machine independent bytecode
>> >> > which is interpreted later. That's why I called it TCI (tiny code
>> >> > interpreter).
>> >> >
>> >> > I wrote most of the code two years ago and included feedback and
>> >> > contributions from several QEMU developers, notably TeleMan,
>> >> > Stuart Brady, Blue Swirl and Malc. See the history here:
>> >> > http://lists.nongnu.org/archive/html/qemu-devel/2009-09/msg01710.html
>> >> >
>> >> > Since that time, I used TCI regularly, added small fixes and 
>> >> > improvements
>> >> > and rebased it to latest QEMU. Some versions were tested using
>> >> > ARM (emulated and real), PowerPC (emulated) and MIPS (emulated) hosts,
>> >> > but normally I run it on i386 and x86_64 hosts.
>> >> >
>> >> > I'd appreciate to see TCI in QEMU 1.0.
>> >> >
>> >> > Regards,
>> >> > Stefan Weil
>> >> >
>> >> > The patches 2 and 4 are optional, patch 8 is only needed for running
>> >> > TCI on a PowerPC host.
>> >>
>> >> I think patches 1 to 4 and 8 could be applied soon as they are now,
>> >> they should benefit plain TCG too. I had some comments to other
>> >> patches, but otherwise everything looks great.
>> >
>> > Hold the horses untill Stefan settles the licensing issues.
>>
>> Which issues? For which patches?
>>
>
> Read tcg/LICENSE.

"All the files in this directory and subdirectories are released under
a BSD like license (see header in each file). No other license is
accepted."

The wording of the file should be changed to list the files for which
the BSD like license applies (and for which no other license is
accepted), the file can't stop us adding new files with different
licenses.

>> >>
>> >> Comparisons to other bytecode interpreters (for example Python) would
>> >> be interesting, maybe there are also tricks that can be reused.
>> >>
>> >> > [PATCH 1/8] tcg: Declare TCG_TARGET_REG_BITS in tcg.h
>> >> > [PATCH 2/8] tcg: Don't declare TCG_TARGET_REG_BITS in tcg-target.h
>> >> > [PATCH 3/8] tcg: Add forward declarations for local functions
>> >> > [PATCH 4/8] tcg: Add some assertions
>> >> > [PATCH 5/8] tcg: Add interpreter for bytecode
>> >> > [PATCH 6/8] tcg: Add bytecode generator for tcg interpreter
>> >> > [PATCH 7/8] tcg: Add tcg interpreter to configure / make
>> >> > [PATCH 8/8] ppc: Support tcg interpreter on ppc hosts
>> >> >
>> >> >
>> >>
>> >
>> > --
>> > mailto:av1...@comtv.ru
>> >
>>
>
> --
> mailto:av1...@comtv.ru
>

[Qemu-devel] [PATCH] memory: Eliminate region offset

[Jan Kiszka]

From: Jan Kiszka 

Before anything makes use of this legacy mechanism again, remove it.
This will enforce proper conversion of device models while they are
ported over the memory API.

Signed-off-by: Jan Kiszka 
---
 memory.c |   14 --
 memory.h |9 -
 2 files changed, 4 insertions(+), 19 deletions(-)

diff --git a/memory.c b/memory.c
index 51f0297..4dd63cc 100644
--- a/memory.c
+++ b/memory.c
@@ -405,7 +405,7 @@ static void memory_region_iorange_read(IORange *iorange,
 return;
 }
 *data = 0;
-access_with_adjusted_size(offset + mr->offset, data, width,
+access_with_adjusted_size(offset, data, width,
   mr->ops->impl.min_access_size,
   mr->ops->impl.max_access_size,
   memory_region_read_accessor, mr);
@@ -431,7 +431,7 @@ static void memory_region_iorange_write(IORange *iorange,
 }
 return;
 }
-access_with_adjusted_size(offset + mr->offset, &data, width,
+access_with_adjusted_size(offset, &data, width,
   mr->ops->impl.min_access_size,
   mr->ops->impl.max_access_size,
   memory_region_write_accessor, mr);
@@ -778,7 +778,6 @@ void memory_region_init(MemoryRegion *mr,
 mr->parent = NULL;
 mr->size = size;
 mr->addr = 0;
-mr->offset = 0;
 mr->terminates = false;
 mr->readable = true;
 mr->destructor = memory_region_destructor_none;
@@ -830,7 +829,7 @@ static uint32_t memory_region_read_thunk_n(void *_mr,
 }
 
 /* FIXME: support unaligned access */
-access_with_adjusted_size(addr + mr->offset, &data, size,
+access_with_adjusted_size(addr, &data, size,
   mr->ops->impl.min_access_size,
   mr->ops->impl.max_access_size,
   memory_region_read_accessor, mr);
@@ -855,7 +854,7 @@ static void memory_region_write_thunk_n(void *_mr,
 }
 
 /* FIXME: support unaligned access */
-access_with_adjusted_size(addr + mr->offset, &data, size,
+access_with_adjusted_size(addr, &data, size,
   mr->ops->impl.min_access_size,
   mr->ops->impl.max_access_size,
   memory_region_write_accessor, mr);
@@ -1004,11 +1003,6 @@ uint64_t memory_region_size(MemoryRegion *mr)
 return mr->size;
 }
 
-void memory_region_set_offset(MemoryRegion *mr, target_phys_addr_t offset)
-{
-mr->offset = offset;
-}
-
 void memory_region_set_log(MemoryRegion *mr, bool log, unsigned client)
 {
 uint8_t mask = 1 << client;
diff --git a/memory.h b/memory.h
index 06b83ae..b07cd55 100644
--- a/memory.h
+++ b/memory.h
@@ -107,7 +107,6 @@ struct MemoryRegion {
 MemoryRegion *parent;
 uint64_t size;
 target_phys_addr_t addr;
-target_phys_addr_t offset;
 bool backend_registered;
 void (*destructor)(MemoryRegion *mr);
 ram_addr_t ram_addr;
@@ -268,14 +267,6 @@ uint64_t memory_region_size(MemoryRegion *mr);
 void *memory_region_get_ram_ptr(MemoryRegion *mr);
 
 /**
- * memory_region_set_offset: Sets an offset to be added to MemoryRegionOps
- *   callbacks.
- *
- * This function is deprecated and should not be used in new code.
- */
-void memory_region_set_offset(MemoryRegion *mr, target_phys_addr_t offset);
-
-/**
  * memory_region_set_log: Turn dirty logging on or off for a region.
  *
  * Turns dirty logging on or off for a specified client (display, migration).
-- 
1.7.3.4

Re: [Qemu-devel] [PATCH 0/8] tcg/interpreter: Add TCG + interpreter for bytecode (virtual machine)

[malc]

On Sun, 18 Sep 2011, Blue Swirl wrote:

> On Sun, Sep 18, 2011 at 12:46 PM, malc  wrote:
> > On Sun, 18 Sep 2011, Blue Swirl wrote:
> >

[..snip..]

> 
> "All the files in this directory and subdirectories are released under
> a BSD like license (see header in each file). No other license is
> accepted."
> 
> The wording of the file should be changed to list the files for which
> the BSD like license applies (and for which no other license is
> accepted), the file can't stop us adding new files with different
> licenses.
> 

As i said to Stefan this should be talked over with Fabrice, not me or
anyone else.

-- 
mailto:av1...@comtv.ru

Re: [Qemu-devel] [PATCH 0/8] tcg/interpreter: Add TCG + interpreter for bytecode (virtual machine)

[Blue Swirl]

On Sun, Sep 18, 2011 at 1:13 PM, malc  wrote:
> On Sun, 18 Sep 2011, Blue Swirl wrote:
>
>> On Sun, Sep 18, 2011 at 12:46 PM, malc  wrote:
>> > On Sun, 18 Sep 2011, Blue Swirl wrote:
>> >
>
> [..snip..]
>
>>
>> "All the files in this directory and subdirectories are released under
>> a BSD like license (see header in each file). No other license is
>> accepted."
>>
>> The wording of the file should be changed to list the files for which
>> the BSD like license applies (and for which no other license is
>> accepted), the file can't stop us adding new files with different
>> licenses.
>>
>
> As i said to Stefan

[citation needed]

> this should be talked over with Fabrice, not me or
> anyone else.

IANAL, but I don't see any problem adding new files with different
licenses. As the LICENSE file is clearly conflicting with this, it
should be changed but that does not change the license situation of
old files. Each file contains a header which tells the license, so
LICENSE is redundant.

Re: [Qemu-devel] [PATCH] irq: introduce qemu_irq_proxy()

[Avi Kivity]

On 09/18/2011 03:58 PM, Avi Kivity wrote:

In some cases we have a circular dependency involving irqs - the irq
controller depends on a bus, which in turn depends on the irq controller.
Add qemu_irq_proxy() which acts as a passthrough, except that the target
irq may be set later on.

Signed-off-by: Avi Kivity
---

Turns out the circular dependency i8259->isa->pci->i8259 is widespread,
so introduce a general means of fixing it up.  I'll update the patchset to
make use of it everywhere it occurs.


In fact the other cases were solved without qemu_irq_proxy(), but I 
think qemu_irq_proxy() is nicer than the previous patch, so I'll keep it 
if no one objects.


--
error compiling committee.c: too many arguments to function

Re: [Qemu-devel] [PATCH 12/16] vga: Convert to isa_register_portio_list.

[Avi Kivity]

On 08/24/2011 03:13 AM, Richard Henderson wrote:

Signed-off-by: Richard Henderson


Breaks qemu-system-ppc -M mac99


+/* Used by both ISA and PCI */
  MemoryRegion *vga_init_io(VGACommonState *s)
  {
  MemoryRegion *vga_mem;

-register_ioport_write(0x3c0, 16, 1, vga_ioport_write, s);
-
-register_ioport_write(0x3b4, 2, 1, vga_ioport_write, s);
-register_ioport_write(0x3d4, 2, 1, vga_ioport_write, s);
-register_ioport_write(0x3ba, 1, 1, vga_ioport_write, s);
-register_ioport_write(0x3da, 1, 1, vga_ioport_write, s);
-
-register_ioport_read(0x3c0, 16, 1, vga_ioport_read, s);
-
-register_ioport_read(0x3b4, 2, 1, vga_ioport_read, s);
-register_ioport_read(0x3d4, 2, 1, vga_ioport_read, s);
-register_ioport_read(0x3ba, 1, 1, vga_ioport_read, s);
-register_ioport_read(0x3da, 1, 1, vga_ioport_read, s);
+/* The PCI-ISA bridge should have been configured properly such that
+   this works for PCI devices as well.  This only supports one bridge,
+   but "secondary" VGA cards are generally accessed by MMIO only anyway.  
*/
+isa_register_portio_list(NULL, 0x3b0, vga_portio_list, s, "vga");

  memory_region_init_io(vga_mem,&vga_mem_ops, s,


This is called even for pci machines which have no ISA bus (and even if 
they did, the code should work wit the pci bus, not ISA).  The code 
should return the portio list of the caller to register, or perhaps 
accept a callback to do the registration.


--
error compiling committee.c: too many arguments to function

Re: [Qemu-devel] [PATCH v2] memory: simple memory tree printer

[Avi Kivity]

On 09/17/2011 10:27 PM, Blue Swirl wrote:

Add a monitor command 'info mtree' to show the memory hierarchy
much like /proc/iomem in Linux.




Still missing alias support.  PCI would be invisible on a PC (or any 
machine which has PCI holes implemented properly).


Maybe we need to dump both the memory tree and the flat view - the 
memory tree for the logical hierarchy and the flat view to see what 
actually happens (I have an address, where does it go?)


--
error compiling committee.c: too many arguments to function

Re: [Qemu-devel] [RFC] Plan for moving forward with QOM

[Avi Kivity]

On 09/18/2011 10:56 AM, Avi Kivity wrote:

On 09/15/2011 11:52 PM, Anthony Liguori wrote:
Also, NE2000 methods have to call ISA_NE2000 and PCI_NE2000 methods, 
yes?



I don't think so.  The NE2k would export an IRQ and the ISA_NE2K and 
PCI_NE2k would have to route that IRQ.  But I think that's the extent 
of the communication in that direction.


Am I missing something?


I guess for simple devices it's unlikely that anything further is needed.

The most complicated device with a dual interface I can think of is 
vga, it needs to register memory regions dynamically.  But even that 
can be done by registering a container on startup, and doing the 
dynamic stuff within the container.




And in fact this exact problem has just hit us with the vga portio_list 
conversion.  And note we can't just use a container, because 
isa_register_portio_list() does more than just register the memory regions.


(problems are in memory/queue, not upstream).

--
error compiling committee.c: too many arguments to function

Re: [Qemu-devel] [PATCH v2] memory: simple memory tree printer

[Blue Swirl]

On Sun, Sep 18, 2011 at 1:53 PM, Avi Kivity  wrote:
> On 09/17/2011 10:27 PM, Blue Swirl wrote:
>>
>> Add a monitor command 'info mtree' to show the memory hierarchy
>> much like /proc/iomem in Linux.
>>
>>
>
> Still missing alias support.  PCI would be invisible on a PC (or any machine
> which has PCI holes implemented properly).

Yes, that annoyed me too when debugging the PPC patch. But how should
that look like? Consider for example that in the PPC case, range 0 to
0x8000 is RAM from CPU point of view but only PCI MMIO space when
looking after the PCI bridge. I/O shouldn't need separate handling if
the CPU does not have PIO instructions, but instead PIO space is
mapped as MMIO as on Sparc64 and PPC. I/O should be visible there.

> Maybe we need to dump both the memory tree and the flat view - the memory
> tree for the logical hierarchy and the flat view to see what actually
> happens (I have an address, where does it go?)

I have some trouble thinking about how to print fully converted,
per-CPU memory trees. Also, if the memory API is fully embraced and
extended to handle DMA and IOMMUs, each device could have a different
view on the system memory. Perhaps the tool should take a device ID
(also CPU ID) as a parameter to give it a starting point.

[Qemu-devel] [PATCH 00/13] Memory API conversion, batch 8

[Avi Kivity]

Batch 7 has some issues due to the ISA conversion, so I reordered some
patches and am posting this for your review and testing.  It should be
straightforward but this stuff never is.

Also available on git://github.com/avikivity/qemu.git memory/batch

Avi Kivity (13):
  mips_jazz: convert to memory API
  mips_malta: convert to memory API
  mips_mipssim: convert to memory API
  mips_r4k: convert to memory API
  musicpal: convert to memory API
  omap1: convert to memory API (part I)
  omap1: convert to memory API (part II)
  omap1: convert to memory API (part III)
  omap1: convert to memory API (part IV)
  omap1: convert to memory API (part V)
  omap_lcdc: remove imif, emiff from structure
  soc_dma: drop soc_dma_port_add_mem_ram()
  omap1: convert to memory API (part VI)

 hw/mips_jazz.c|   90 +++---
 hw/mips_malta.c   |   53 ++--
 hw/mips_mipssim.c |   15 +-
 hw/mips_r4k.c |   39 +--
 hw/musicpal.c |  243 ++-
 hw/omap.h |   32 ++-
 hw/omap1.c|  859 +
 hw/omap2.c|6 +-
 hw/omap_lcdc.c|7 +-
 hw/omap_sx1.c |4 +-
 hw/palm.c |4 +-
 hw/soc_dma.h  |8 +-
 12 files changed, 705 insertions(+), 655 deletions(-)

-- 
1.7.6.3

[Qemu-devel] [PATCH 02/13] mips_malta: convert to memory API

[Avi Kivity]

Signed-off-by: Avi Kivity 
---
 hw/mips_malta.c |   53 ++---
 1 files changed, 26 insertions(+), 27 deletions(-)

diff --git a/hw/mips_malta.c b/hw/mips_malta.c
index e7cdf20..0110daa 100644
--- a/hw/mips_malta.c
+++ b/hw/mips_malta.c
@@ -57,6 +57,9 @@
 #define MAX_IDE_BUS 2
 
 typedef struct {
+MemoryRegion iomem;
+MemoryRegion iomem_lo; /* 0 - 0x900 */
+MemoryRegion iomem_hi; /* 0xa00 - 0x10 */
 uint32_t leds;
 uint32_t brk;
 uint32_t gpout;
@@ -215,7 +218,8 @@ static void eeprom24c0x_write(int scl, int sda)
 eeprom.sda = sda;
 }
 
-static uint32_t malta_fpga_readl(void *opaque, target_phys_addr_t addr)
+static uint64_t malta_fpga_read(void *opaque, target_phys_addr_t addr,
+unsigned size)
 {
 MaltaFPGAState *s = opaque;
 uint32_t val = 0;
@@ -302,8 +306,8 @@ static uint32_t malta_fpga_readl(void *opaque, 
target_phys_addr_t addr)
 return val;
 }
 
-static void malta_fpga_writel(void *opaque, target_phys_addr_t addr,
-  uint32_t val)
+static void malta_fpga_write(void *opaque, target_phys_addr_t addr,
+ uint64_t val, unsigned size)
 {
 MaltaFPGAState *s = opaque;
 uint32_t saddr;
@@ -328,7 +332,7 @@ static void malta_fpga_writel(void *opaque, 
target_phys_addr_t addr,
 
 /* ASCIIWORD Register */
 case 0x00410:
-snprintf(s->display_text, 9, "%08X", val);
+snprintf(s->display_text, 9, "%08X", (uint32_t)val);
 malta_fpga_update_display(s);
 break;
 
@@ -388,16 +392,10 @@ static void malta_fpga_writel(void *opaque, 
target_phys_addr_t addr,
 }
 }
 
-static CPUReadMemoryFunc * const malta_fpga_read[] = {
-   malta_fpga_readl,
-   malta_fpga_readl,
-   malta_fpga_readl
-};
-
-static CPUWriteMemoryFunc * const malta_fpga_write[] = {
-   malta_fpga_writel,
-   malta_fpga_writel,
-   malta_fpga_writel
+static const MemoryRegionOps malta_fpga_ops = {
+.read = malta_fpga_read,
+.write = malta_fpga_write,
+.endianness = DEVICE_NATIVE_ENDIAN,
 };
 
 static void malta_fpga_reset(void *opaque)
@@ -429,20 +427,22 @@ static void malta_fpga_led_init(CharDriverState *chr)
 qemu_chr_fe_printf(chr, "++\r\n");
 }
 
-static MaltaFPGAState *malta_fpga_init(target_phys_addr_t base, qemu_irq 
uart_irq, CharDriverState *uart_chr)
+static MaltaFPGAState *malta_fpga_init(MemoryRegion *address_space,
+ target_phys_addr_t base, qemu_irq uart_irq, CharDriverState *uart_chr)
 {
 MaltaFPGAState *s;
-int malta;
 
 s = (MaltaFPGAState *)g_malloc0(sizeof(MaltaFPGAState));
 
-malta = cpu_register_io_memory(malta_fpga_read,
-   malta_fpga_write, s,
-   DEVICE_NATIVE_ENDIAN);
+memory_region_init_io(&s->iomem, &malta_fpga_ops, s,
+  "malta-fpga", 0x10);
+memory_region_init_alias(&s->iomem_lo, "malta-fpga",
+ &s->iomem, 0, 0x900);
+memory_region_init_alias(&s->iomem_hi, "malta-fpga",
+ &s->iomem, 0xa00, 0x1-0xa00);
 
-cpu_register_physical_memory(base, 0x900, malta);
-/* 0xa00 is less than a page, so will still get the right offsets.  */
-cpu_register_physical_memory(base + 0xa00, 0x10 - 0xa00, malta);
+memory_region_add_subregion(address_space, base, &s->iomem_lo);
+memory_region_add_subregion(address_space, base + 0xa00, &s->iomem_hi);
 
 s->display = qemu_chr_new("fpga", "vc:320x200", malta_fpga_led_init);
 
@@ -771,8 +771,8 @@ void mips_malta_init (ram_addr_t ram_size,
 {
 char *filename;
 pflash_t *fl;
-ram_addr_t ram_offset;
 MemoryRegion *system_memory = get_system_memory();
+MemoryRegion *ram = g_new(MemoryRegion, 1);
 MemoryRegion *bios, *bios_alias = g_new(MemoryRegion, 1);
 target_long bios_size;
 int64_t kernel_entry;
@@ -828,9 +828,8 @@ void mips_malta_init (ram_addr_t ram_size,
 ((unsigned int)ram_size / (1 << 20)));
 exit(1);
 }
-ram_offset = qemu_ram_alloc(NULL, "mips_malta.ram", ram_size);
-
-cpu_register_physical_memory(0, ram_size, ram_offset | IO_MEM_RAM);
+memory_region_init_ram(ram, NULL, "mips_malta.ram", ram_size);
+memory_region_add_subregion(system_memory, 0, ram);
 
 #ifdef TARGET_WORDS_BIGENDIAN
 be = 1;
@@ -838,7 +837,7 @@ void mips_malta_init (ram_addr_t ram_size,
 be = 0;
 #endif
 /* FPGA */
-malta_fpga_init(0x1f00LL, env->irq[2], serial_hds[2]);
+malta_fpga_init(system_memory, 0x1f00LL, env->irq[2], serial_hds[2]);
 
 /* Load firmware in flash / BIOS unless we boot directly into a kernel. */
 if (kernel_filename) {
-- 
1.7.6.3

[Qemu-devel] [PATCH 11/13] omap_lcdc: remove imif, emiff from structure

[Avi Kivity]

Not used.

Signed-off-by: Avi Kivity 
---
 hw/omap.h  |3 +--
 hw/omap1.c |3 +--
 hw/omap_lcdc.c |7 +--
 3 files changed, 3 insertions(+), 10 deletions(-)

diff --git a/hw/omap.h b/hw/omap.h
index 25d10f3..de83452 100644
--- a/hw/omap.h
+++ b/hw/omap.h
@@ -744,8 +744,7 @@ void omap_tap_init(struct omap_target_agent_s *ta,
 struct omap_lcd_panel_s;
 void omap_lcdc_reset(struct omap_lcd_panel_s *s);
 struct omap_lcd_panel_s *omap_lcdc_init(target_phys_addr_t base, qemu_irq irq,
-struct omap_dma_lcd_channel_s *dma,
-ram_addr_t imif_base, ram_addr_t emiff_base, omap_clk clk);
+struct omap_dma_lcd_channel_s *dma, omap_clk clk);
 
 /* omap_dss.c */
 struct rfbi_chip_s {
diff --git a/hw/omap1.c b/hw/omap1.c
index f48aa8a..09eb363 100644
--- a/hw/omap1.c
+++ b/hw/omap1.c
@@ -3872,8 +3872,7 @@ struct omap_mpu_state_s *omap310_mpu_init(MemoryRegion 
*system_memory,
 omap_findclk(s, "clk32-kHz"));
 
 s->lcd = omap_lcdc_init(0xfffec000, s->irq[0][OMAP_INT_LCD_CTRL],
-omap_dma_get_lcdch(s->dma), imif_base, emiff_base,
-omap_findclk(s, "lcd_ck"));
+omap_dma_get_lcdch(s->dma), omap_findclk(s, "lcd_ck"));
 
 omap_ulpd_pm_init(system_memory, 0xfffe0800, s);
 omap_pin_cfg_init(system_memory, 0xfffe1000, s);
diff --git a/hw/omap_lcdc.c b/hw/omap_lcdc.c
index a905422..29e6048 100644
--- a/hw/omap_lcdc.c
+++ b/hw/omap_lcdc.c
@@ -24,8 +24,6 @@
 struct omap_lcd_panel_s {
 qemu_irq irq;
 DisplayState *state;
-ram_addr_t imif_base;
-ram_addr_t emiff_base;
 
 int plm;
 int tft;
@@ -436,8 +434,7 @@ void omap_lcdc_reset(struct omap_lcd_panel_s *s)
 }
 
 struct omap_lcd_panel_s *omap_lcdc_init(target_phys_addr_t base, qemu_irq irq,
-struct omap_dma_lcd_channel_s *dma,
-ram_addr_t imif_base, ram_addr_t emiff_base, omap_clk clk)
+struct omap_dma_lcd_channel_s *dma, omap_clk clk)
 {
 int iomemtype;
 struct omap_lcd_panel_s *s = (struct omap_lcd_panel_s *)
@@ -445,8 +442,6 @@ struct omap_lcd_panel_s *omap_lcdc_init(target_phys_addr_t 
base, qemu_irq irq,
 
 s->irq = irq;
 s->dma = dma;
-s->imif_base = imif_base;
-s->emiff_base = emiff_base;
 omap_lcdc_reset(s);
 
 iomemtype = cpu_register_io_memory(omap_lcdc_readfn,
-- 
1.7.6.3

Re: [Qemu-devel] [PATCH 12/16] vga: Convert to isa_register_portio_list.

[Richard Henderson]

On 09/18/2011 06:45 AM, Avi Kivity wrote:
>> +/* The PCI-ISA bridge should have been configured properly such that
>> +   this works for PCI devices as well.  This only supports one bridge,
>> +   but "secondary" VGA cards are generally accessed by MMIO only 
>> anyway.  */
>> +isa_register_portio_list(NULL, 0x3b0, vga_portio_list, s, "vga");
>>
>>   memory_region_init_io(vga_mem,&vga_mem_ops, s,
> 
> This is called even for pci machines which have no ISA bus (and even
> if they did, the code should work wit the pci bus, not ISA). The code
> should return the portio list of the caller to register, or perhaps
> accept a callback to do the registration.

You're over-thinking this.  It's all legacy ISA crap full stop.
If the machine doesn't have a PCI-ISA bridge, then the machine will
also be prepared to access the VGA registers via its BARs.

In such a case we just should skip this entire section.  Probably
isa_register_portio_list should simply notice no ISA bus has been
registered and do nothing.


r~

Re: [Qemu-devel] [PATCH] irq: introduce qemu_irq_proxy()

[Richard Henderson]

On 09/18/2011 05:58 AM, Avi Kivity wrote:
> In some cases we have a circular dependency involving irqs - the irq
> controller depends on a bus, which in turn depends on the irq controller.
> Add qemu_irq_proxy() which acts as a passthrough, except that the target
> irq may be set later on.
> 
> Signed-off-by: Avi Kivity 

Reviewed-by: Richard Henderson 

> ---
> 
> Turns out the circular dependency i8259->isa->pci->i8259 is widespread,
> so introduce a general means of fixing it up.  I'll update the patchset to
> make use of it everywhere it occurs.
> 
>  hw/irq.c |   14 ++
>  hw/irq.h |5 +
>  2 files changed, 19 insertions(+), 0 deletions(-)
> 
> diff --git a/hw/irq.c b/hw/irq.c
> index 60eabe8..62f766e 100644
> --- a/hw/irq.c
> +++ b/hw/irq.c
> @@ -90,3 +90,17 @@ qemu_irq qemu_irq_split(qemu_irq irq1, qemu_irq irq2)
>  s[1] = irq2;
>  return qemu_allocate_irqs(qemu_splitirq, s, 1)[0];
>  }
> +
> +static void proxy_irq_handler(void *opaque, int n, int level)
> +{
> +qemu_irq **target = opaque;
> +
> +if (*target) {
> +qemu_set_irq((*target)[n], level);
> +}
> +}
> +
> +qemu_irq *qemu_irq_proxy(qemu_irq **target, int n)
> +{
> +return qemu_allocate_irqs(proxy_irq_handler, target, n);
> +}
> diff --git a/hw/irq.h b/hw/irq.h
> index 389ed7a..64da2fd 100644
> --- a/hw/irq.h
> +++ b/hw/irq.h
> @@ -33,4 +33,9 @@ qemu_irq qemu_irq_invert(qemu_irq irq);
>  /* Returns a new IRQ which feeds into both the passed IRQs */
>  qemu_irq qemu_irq_split(qemu_irq irq1, qemu_irq irq2);
>  
> +/* Returns a new IRQ set which connects 1:1 to another IRQ set, which
> + * may be set later.
> + */
> +qemu_irq *qemu_irq_proxy(qemu_irq **target, int n);
> +
>  #endif

Re: [Qemu-devel] [PATCH v2] memory: simple memory tree printer

[Avi Kivity]

On 09/18/2011 05:07 PM, Blue Swirl wrote:

On Sun, Sep 18, 2011 at 1:53 PM, Avi Kivity  wrote:
>  On 09/17/2011 10:27 PM, Blue Swirl wrote:
>>
>>  Add a monitor command 'info mtree' to show the memory hierarchy
>>  much like /proc/iomem in Linux.
>>
>>
>
>  Still missing alias support.  PCI would be invisible on a PC (or any machine
>  which has PCI holes implemented properly).

Yes, that annoyed me too when debugging the PPC patch. But how should
that look like? Consider for example that in the PPC case, range 0 to
0x8000 is RAM from CPU point of view but only PCI MMIO space when
looking after the PCI bridge. I/O shouldn't need separate handling if
the CPU does not have PIO instructions, but instead PIO space is
mapped as MMIO as on Sparc64 and PPC. I/O should be visible there.


Have some notation for a reference.  Example for PC:

Memory:
-7fff system-memory container
  -0009 alias @ram -0009
  000a-000b alias @pci 000a-000b
  ...
  e000- alias @pci e000-

pci:
-ff pci container
  000a-000b alias @vgam -0001
  e000-e1ff alias @vram -01ff
  e200-e2001000 e1000-mmio

vram:
-01ff vram ram

(each time you encounter a new alias target, add it to the print queue, 
it should work itself out naturally)




>  Maybe we need to dump both the memory tree and the flat view - the memory
>  tree for the logical hierarchy and the flat view to see what actually
>  happens (I have an address, where does it go?)

I have some trouble thinking about how to print fully converted,
per-CPU memory trees. Also, if the memory API is fully embraced and
extended to handle DMA and IOMMUs, each device could have a different
view on the system memory. Perhaps the tool should take a device ID
(also CPU ID) as a parameter to give it a starting point.


The possibilities are endless.

--
error compiling committee.c: too many arguments to function

[Qemu-devel] [PATCH] adlib: remove write-only variable

[Hervé Poussineau]

Signed-off-by: Hervé Poussineau 
---
 hw/adlib.c |5 ++---
 1 files changed, 2 insertions(+), 3 deletions(-)

diff --git a/hw/adlib.c b/hw/adlib.c
index d98aebc..66db797 100644
--- a/hw/adlib.c
+++ b/hw/adlib.c
@@ -119,7 +119,6 @@ static IO_WRITE_PROTO (adlib_write)
 {
 AdlibState *s = opaque;
 int a = nport & 3;
-int status;
 
 s->active = 1;
 AUD_set_active_out (s->voice, 1);
@@ -127,9 +126,9 @@ static IO_WRITE_PROTO (adlib_write)
 adlib_kill_timers (s);
 
 #ifdef HAS_YMF262
-status = YMF262Write (0, a, val);
+YMF262Write (0, a, val);
 #else
-status = OPLWrite (s->opl, a, val);
+OPLWrite (s->opl, a, val);
 #endif
 }
 
-- 
1.7.5.4

Re: [Qemu-devel] [PATCH 12/16] vga: Convert to isa_register_portio_list.

[Avi Kivity]

On 09/18/2011 05:16 PM, Richard Henderson wrote:

On 09/18/2011 06:45 AM, Avi Kivity wrote:
>>  +/* The PCI-ISA bridge should have been configured properly such that
>>  +   this works for PCI devices as well.  This only supports one bridge,
>>  +   but "secondary" VGA cards are generally accessed by MMIO only 
anyway.  */
>>  +isa_register_portio_list(NULL, 0x3b0, vga_portio_list, s, "vga");
>>
>>memory_region_init_io(vga_mem,&vga_mem_ops, s,
>
>  This is called even for pci machines which have no ISA bus (and even
>  if they did, the code should work wit the pci bus, not ISA). The code
>  should return the portio list of the caller to register, or perhaps
>  accept a callback to do the registration.

You're over-thinking this.  It's all legacy ISA crap full stop.
If the machine doesn't have a PCI-ISA bridge, then the machine will
also be prepared to access the VGA registers via its BARs.

In such a case we just should skip this entire section.  Probably
isa_register_portio_list should simply notice no ISA bus has been
registered and do nothing.


Depends, if it doesn't need those ports, then vga_init_io() can be 
passed a parameter not to register them, or perhaps it can be split into 
two.


But is this the case? Alex?

--
error compiling committee.c: too many arguments to function

Re: [Qemu-devel] [PATCH 1/2] memory: Fix old portio word accesses

[Richard Henderson]

On 09/18/2011 05:44 AM, Jan Kiszka wrote:
> +*data = mrp->read(mr->opaque, offset + mr->offset) |
> +mrp->read(mr->opaque, offset + mr->offset + 1);

Missing shift.

Also, a comment about the fact that the legacy interface doesn't
handle size 4 would also be welcome.


r~

[Qemu-devel] [PATCH 01/13] mips_jazz: convert to memory API

[Avi Kivity]

Signed-off-by: Avi Kivity 
---
 hw/mips_jazz.c |   90 
 1 files changed, 45 insertions(+), 45 deletions(-)

diff --git a/hw/mips_jazz.c b/hw/mips_jazz.c
index f3c9f93..7cac5da 100644
--- a/hw/mips_jazz.c
+++ b/hw/mips_jazz.c
@@ -52,44 +52,42 @@ static void main_cpu_reset(void *opaque)
 cpu_reset(env);
 }
 
-static uint32_t rtc_readb(void *opaque, target_phys_addr_t addr)
+static uint64_t rtc_read(void *opaque, target_phys_addr_t addr, unsigned size)
 {
 return cpu_inw(0x71);
 }
 
-static void rtc_writeb(void *opaque, target_phys_addr_t addr, uint32_t val)
+static void rtc_write(void *opaque, target_phys_addr_t addr,
+  uint64_t val, unsigned size)
 {
 cpu_outw(0x71, val & 0xff);
 }
 
-static CPUReadMemoryFunc * const rtc_read[3] = {
-rtc_readb,
-rtc_readb,
-rtc_readb,
+static const MemoryRegionOps rtc_ops = {
+.read = rtc_read,
+.write = rtc_write,
+.endianness = DEVICE_NATIVE_ENDIAN,
 };
 
-static CPUWriteMemoryFunc * const rtc_write[3] = {
-rtc_writeb,
-rtc_writeb,
-rtc_writeb,
-};
-
-static void dma_dummy_writeb(void *opaque, target_phys_addr_t addr, uint32_t 
val)
+static uint64_t dma_dummy_read(void *opaque, target_phys_addr_t addr,
+   unsigned size)
 {
 /* Nothing to do. That is only to ensure that
  * the current DMA acknowledge cycle is completed. */
+return 0xff;
 }
 
-static CPUReadMemoryFunc * const dma_dummy_read[3] = {
-NULL,
-NULL,
-NULL,
-};
+static void dma_dummy_write(void *opaque, target_phys_addr_t addr,
+uint64_t val, unsigned size)
+{
+/* Nothing to do. That is only to ensure that
+ * the current DMA acknowledge cycle is completed. */
+}
 
-static CPUWriteMemoryFunc * const dma_dummy_write[3] = {
-dma_dummy_writeb,
-dma_dummy_writeb,
-dma_dummy_writeb,
+static const MemoryRegionOps dma_dummy_ops = {
+.read = dma_dummy_read,
+.write = dma_dummy_write,
+.endianness = DEVICE_NATIVE_ENDIAN,
 };
 
 #define MAGNUM_BIOS_SIZE_MAX 0x7e000
@@ -105,7 +103,7 @@ static void cpu_request_exit(void *opaque, int irq, int 
level)
 }
 
 static
-void mips_jazz_init (ram_addr_t ram_size,
+void mips_jazz_init (MemoryRegion *address_space, ram_addr_t ram_size,
  const char *cpu_model,
  enum jazz_model_e jazz_model)
 {
@@ -115,7 +113,8 @@ void mips_jazz_init (ram_addr_t ram_size,
 qemu_irq *rc4030, *i8259;
 rc4030_dma *dmas;
 void* rc4030_opaque;
-int s_rtc, s_dma_dummy;
+MemoryRegion *rtc = g_new(MemoryRegion, 1);
+MemoryRegion *dma_dummy = g_new(MemoryRegion, 1);
 NICInfo *nd;
 DeviceState *dev;
 SysBusDevice *sysbus;
@@ -123,8 +122,9 @@ void mips_jazz_init (ram_addr_t ram_size,
 DriveInfo *fds[MAX_FD];
 qemu_irq esp_reset, dma_enable;
 qemu_irq *cpu_exit_irq;
-ram_addr_t ram_offset;
-ram_addr_t bios_offset;
+MemoryRegion *ram = g_new(MemoryRegion, 1);
+MemoryRegion *bios = g_new(MemoryRegion, 1);
+MemoryRegion *bios2 = g_new(MemoryRegion, 1);
 
 /* init CPUs */
 if (cpu_model == NULL) {
@@ -143,14 +143,15 @@ void mips_jazz_init (ram_addr_t ram_size,
 qemu_register_reset(main_cpu_reset, env);
 
 /* allocate RAM */
-ram_offset = qemu_ram_alloc(NULL, "mips_jazz.ram", ram_size);
-cpu_register_physical_memory(0, ram_size, ram_offset | IO_MEM_RAM);
+memory_region_init_ram(ram, NULL, "mips_jazz.ram", ram_size);
+memory_region_add_subregion(address_space, 0, ram);
 
-bios_offset = qemu_ram_alloc(NULL, "mips_jazz.bios", MAGNUM_BIOS_SIZE);
-cpu_register_physical_memory(0x1fc0LL,
- MAGNUM_BIOS_SIZE, bios_offset | IO_MEM_ROM);
-cpu_register_physical_memory(0xfff0LL,
- MAGNUM_BIOS_SIZE, bios_offset | IO_MEM_ROM);
+memory_region_init_ram(bios, NULL, "mips_jazz.bios", MAGNUM_BIOS_SIZE);
+memory_region_set_readonly(bios, true);
+memory_region_init_alias(bios2, "mips_jazz.bios", bios,
+ 0, MAGNUM_BIOS_SIZE);
+memory_region_add_subregion(address_space, 0x1fc0LL, bios);
+memory_region_add_subregion(address_space, 0xfff0LL, bios2);
 
 /* load the BIOS image. */
 if (bios_name == NULL)
@@ -175,9 +176,8 @@ void mips_jazz_init (ram_addr_t ram_size,
 
 /* Chipset */
 rc4030_opaque = rc4030_init(env->irq[6], env->irq[3], &rc4030, &dmas);
-s_dma_dummy = cpu_register_io_memory(dma_dummy_read, dma_dummy_write, NULL,
- DEVICE_NATIVE_ENDIAN);
-cpu_register_physical_memory(0x8000d000, 0x1000, s_dma_dummy);
+memory_region_init_io(dma_dummy, &dma_dummy_ops, NULL, "dummy_dma", 
0x1000);
+memory_region_add_subregion(address_space, 0x8000d000, dma_dummy);
 
 /* ISA devices */
 i8259 = i8259_init(env->irq[4]);
@@ -203,10 +203,11 @@ void mips_jazz_init 

[Qemu-devel] [PATCH 00/11] ISA bus improvements

[Hervé Poussineau]

Following patches aim to change ISA bus to a first-citizen class in Qemu.

They add ISA bus ops, like for scsi and usb buses.

Current ISA bridges (PIIX3, PIIX4, EBUS and VT82C686) are converted
to this new API, and a simple 'isabus-bridge' device is added.

isa_address_space() operation can probably be used to remove the
infamous isa_mem_base variable. However, some work is already done
in this direction on the ML, so I didn't change anything.

Finally, add bus argument to isa_create() functions, so architectures
with multiple ISA buses (like some Alpha systems) can be emulated.

As RFC didn't receive much comments, I put this serie as patches.

Hervé Poussineau (11):
  isa: rename isa_bus_new to isa_bus_bridge_init
  isa: rework ISA bus internals, and add ISA bus ops structure
  isa: implement isa_address_space() as a method of ISA bus
  audio: give ISA bus to sound cards, instead of PIC
  pc: improve bus implementation of PIIX3 bridge
  fulong2e: move pic initialization + ISA bus creation to south bridge
  sun4u: improve bus implementation of EBus bridge
  malta: improve bus implementation of PIIX4 bridge
  isa: remove unused parameter to isa_bus_bridge_init()
  isa: give bus to isa_create() methods
  isa: remove limitation of only one ISA bus

 Makefile.objs  |2 +-
 arch_init.c|   10 +++---
 arch_init.h|2 +-
 hw/adlib.c |2 +-
 hw/audiodev.h  |8 ++--
 hw/cs4231a.c   |4 +-
 hw/fdc.h   |2 +-
 hw/gus.c   |4 +-
 hw/ide/isa.c   |2 +-
 hw/isa-bridge.c|   77 +
 hw/isa-bus.c   |   88 +++
 hw/isa.h   |   25 ---
 hw/m48t59.c|2 +-
 hw/mc146818rtc.c   |2 +-
 hw/mips_fulong2e.c |   11 ++-
 hw/mips_jazz.c |5 ++-
 hw/mips_malta.c|5 +--
 hw/mips_r4k.c  |4 +-
 hw/pc.c|8 ++--
 hw/pc.h|   18 +-
 hw/pc_piix.c   |7 ++--
 hw/pcspk.c |2 +-
 hw/piix4.c |   23 -
 hw/piix_pci.c  |   38 +++---
 hw/ppc_prep.c  |4 +-
 hw/sb16.c  |4 +-
 hw/sun4u.c |   25 ++
 hw/vt82c686.c  |   24 +-
 hw/vt82c686.h  |2 +-
 qemu-common.h  |1 +
 30 files changed, 285 insertions(+), 126 deletions(-)
 create mode 100644 hw/isa-bridge.c

-- 
1.7.5.4

[Qemu-devel] [PATCH 01/11] isa: rename isa_bus_new to isa_bus_bridge_init

[Hervé Poussineau]

Signed-off-by: Hervé Poussineau 
---
 hw/isa-bus.c   |2 +-
 hw/isa.h   |2 +-
 hw/mips_jazz.c |2 +-
 hw/mips_r4k.c  |2 +-
 hw/pc_piix.c   |2 +-
 hw/piix4.c |2 +-
 hw/piix_pci.c  |2 +-
 hw/ppc_prep.c  |2 +-
 hw/sun4u.c |2 +-
 hw/vt82c686.c  |2 +-
 10 files changed, 10 insertions(+), 10 deletions(-)

diff --git a/hw/isa-bus.c b/hw/isa-bus.c
index 1cb497f..0f8b682 100644
--- a/hw/isa-bus.c
+++ b/hw/isa-bus.c
@@ -39,7 +39,7 @@ static struct BusInfo isa_bus_info = {
 .get_fw_dev_path = isabus_get_fw_dev_path,
 };
 
-ISABus *isa_bus_new(DeviceState *dev)
+ISABus *isa_bus_bridge_init(DeviceState *dev)
 {
 if (isabus) {
 fprintf(stderr, "Can't create a second ISA bus\n");
diff --git a/hw/isa.h b/hw/isa.h
index f344699..210b3fe 100644
--- a/hw/isa.h
+++ b/hw/isa.h
@@ -25,7 +25,7 @@ struct ISADeviceInfo {
 isa_qdev_initfn init;
 };
 
-ISABus *isa_bus_new(DeviceState *dev);
+ISABus *isa_bus_bridge_init(DeviceState *dev);
 void isa_bus_irqs(qemu_irq *irqs);
 qemu_irq isa_get_irq(int isairq);
 void isa_init_irq(ISADevice *dev, qemu_irq *p, int isairq);
diff --git a/hw/mips_jazz.c b/hw/mips_jazz.c
index f3c9f93..f9581f7 100644
--- a/hw/mips_jazz.c
+++ b/hw/mips_jazz.c
@@ -181,7 +181,7 @@ void mips_jazz_init (ram_addr_t ram_size,
 
 /* ISA devices */
 i8259 = i8259_init(env->irq[4]);
-isa_bus_new(NULL);
+isa_bus_bridge_init(NULL);
 isa_bus_irqs(i8259);
 cpu_exit_irq = qemu_allocate_irqs(cpu_request_exit, NULL, 1);
 DMA_init(0, cpu_exit_irq);
diff --git a/hw/mips_r4k.c b/hw/mips_r4k.c
index 5d002c5..d1a841b 100644
--- a/hw/mips_r4k.c
+++ b/hw/mips_r4k.c
@@ -266,7 +266,7 @@ void mips_r4k_init (ram_addr_t ram_size,
 
 /* The PIC is attached to the MIPS CPU INT0 pin */
 i8259 = i8259_init(env->irq[2]);
-isa_bus_new(NULL);
+isa_bus_bridge_init(NULL);
 isa_bus_irqs(i8259);
 
 rtc_init(2000, NULL);
diff --git a/hw/pc_piix.c b/hw/pc_piix.c
index 75d96d9..67127da 100644
--- a/hw/pc_piix.c
+++ b/hw/pc_piix.c
@@ -149,7 +149,7 @@ static void pc_init1(MemoryRegion *system_memory,
 } else {
 pci_bus = NULL;
 i440fx_state = NULL;
-isa_bus_new(NULL);
+isa_bus_bridge_init(NULL);
 }
 isa_bus_irqs(isa_irq);
 
diff --git a/hw/piix4.c b/hw/piix4.c
index 9590e7b..984de8b 100644
--- a/hw/piix4.c
+++ b/hw/piix4.c
@@ -87,7 +87,7 @@ static int piix4_initfn(PCIDevice *dev)
 {
 PIIX4State *d = DO_UPCAST(PIIX4State, dev, dev);
 
-isa_bus_new(&d->dev.qdev);
+isa_bus_bridge_init(&d->dev.qdev);
 piix4_dev = &d->dev;
 qemu_register_reset(piix4_reset, d);
 return 0;
diff --git a/hw/piix_pci.c b/hw/piix_pci.c
index 8f6ea42..7a5a44c 100644
--- a/hw/piix_pci.c
+++ b/hw/piix_pci.c
@@ -504,7 +504,7 @@ static int piix3_initfn(PCIDevice *dev)
 {
 PIIX3State *d = DO_UPCAST(PIIX3State, dev, dev);
 
-isa_bus_new(&d->dev.qdev);
+isa_bus_bridge_init(&d->dev.qdev);
 qemu_register_reset(piix3_reset, d);
 return 0;
 }
diff --git a/hw/ppc_prep.c b/hw/ppc_prep.c
index 515de42..ebcc6fe 100644
--- a/hw/ppc_prep.c
+++ b/hw/ppc_prep.c
@@ -651,7 +651,7 @@ static void ppc_prep_init (ram_addr_t ram_size,
 i8259 = i8259_init(first_cpu->irq_inputs[PPC6xx_INPUT_INT]);
 pci_bus = pci_prep_init(i8259, get_system_memory(), get_system_io());
 /* Hmm, prep has no pci-isa bridge ??? */
-isa_bus_new(NULL);
+isa_bus_bridge_init(NULL);
 isa_bus_irqs(i8259);
 //pci_bus = i440fx_init();
 /* Register 8 MB of ISA IO space (needed for non-contiguous map) */
diff --git a/hw/sun4u.c b/hw/sun4u.c
index 32e6ab9..cdd9497 100644
--- a/hw/sun4u.c
+++ b/hw/sun4u.c
@@ -548,7 +548,7 @@ pci_ebus_init1(PCIDevice *pci_dev)
 {
 EbusState *s = DO_UPCAST(EbusState, pci_dev, pci_dev);
 
-isa_bus_new(&pci_dev->qdev);
+isa_bus_bridge_init(&pci_dev->qdev);
 
 pci_dev->config[0x04] = 0x06; // command = bus master, pci mem
 pci_dev->config[0x05] = 0x00;
diff --git a/hw/vt82c686.c b/hw/vt82c686.c
index b9fcc0e..37c64d4 100644
--- a/hw/vt82c686.c
+++ b/hw/vt82c686.c
@@ -490,7 +490,7 @@ static int vt82c686b_initfn(PCIDevice *d)
 uint8_t *wmask;
 int i;
 
-isa_bus_new(&d->qdev);
+isa_bus_bridge_init(&d->qdev);
 
 pci_conf = d->config;
 pci_config_set_prog_interface(pci_conf, 0x0);
-- 
1.7.5.4

[Qemu-devel] [PATCH 02/11] isa: rework ISA bus internals, and add ISA bus ops structure

[Hervé Poussineau]

This allows future implementations of real pci-isa bridges

Signed-off-by: Hervé Poussineau 
---
 Makefile.objs   |2 +-
 hw/isa-bridge.c |   71 +++
 hw/isa-bus.c|   69 ++---
 hw/isa.h|   16 +++-
 qemu-common.h   |1 +
 5 files changed, 127 insertions(+), 32 deletions(-)
 create mode 100644 hw/isa-bridge.c

diff --git a/Makefile.objs b/Makefile.objs
index 1c65087..fa0746e 100644
--- a/Makefile.objs
+++ b/Makefile.objs
@@ -276,7 +276,7 @@ hw-obj-$(CONFIG_AHCI) += ide/ich.o
 hw-obj-$(CONFIG_LSI_SCSI_PCI) += lsi53c895a.o
 hw-obj-$(CONFIG_ESP) += esp.o
 
-hw-obj-y += dma-helpers.o sysbus.o isa-bus.o
+hw-obj-y += dma-helpers.o sysbus.o isa-bus.o isa-bridge.o
 hw-obj-y += qdev-addr.o
 
 # VGA
diff --git a/hw/isa-bridge.c b/hw/isa-bridge.c
new file mode 100644
index 000..49fa033
--- /dev/null
+++ b/hw/isa-bridge.c
@@ -0,0 +1,71 @@
+/*
+ * Simple ISA bus bridge
+ *
+ * Copyright (c) 2011 Herve Poussineau
+ *
+ * This library is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public
+ * License as published by the Free Software Foundation; either
+ * version 2 of the License, or (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this library; if not, see .
+ */
+
+#include "isa.h"
+#include "sysbus.h"
+#include "exec-memory.h"
+
+typedef struct {
+SysBusDevice busdev;
+ISABus bus;
+qemu_irq *irqs;
+} ISABridgeSysBusState;
+
+static void isabus_bridge_set_irqs(ISABus *bus, qemu_irq *irqs)
+{
+ISABridgeSysBusState *s = container_of(bus, ISABridgeSysBusState, bus);
+s->irqs = irqs;
+}
+
+static qemu_irq isabus_bridge_get_irq(ISABus *bus, int isairq)
+{
+ISABridgeSysBusState *s = container_of(bus, ISABridgeSysBusState, bus);
+if (!s->irqs || isairq < 0 || isairq > 15) {
+hw_error("isa irq %d invalid", isairq);
+}
+return s->irqs[isairq];
+}
+
+static ISABusOps isabus_bridge_ops = {
+.set_irqs = isabus_bridge_set_irqs,
+.get_irq = isabus_bridge_get_irq,
+};
+
+static int isabus_bridge_init(SysBusDevice *dev)
+{
+ISABridgeSysBusState *isa = FROM_SYSBUS(ISABridgeSysBusState, dev);
+isa_bus_new(&isa->bus, &isabus_bridge_ops, &dev->qdev);
+return 0;
+}
+
+static SysBusDeviceInfo isabus_bridge_info = {
+.init = isabus_bridge_init,
+.qdev.name  = "isabus-bridge",
+.qdev.fw_name  = "isa",
+.qdev.size  = sizeof(ISABridgeSysBusState),
+.qdev.no_user = 1,
+};
+
+static void isabus_bridge_register_devices(void)
+{
+sysbus_register_withprop(&isabus_bridge_info);
+}
+
+device_init(isabus_bridge_register_devices)
+
diff --git a/hw/isa-bus.c b/hw/isa-bus.c
index 0f8b682..27cffb3 100644
--- a/hw/isa-bus.c
+++ b/hw/isa-bus.c
@@ -22,12 +22,9 @@
 #include "isa.h"
 #include "exec-memory.h"
 
-struct ISABus {
-BusState qbus;
-qemu_irq *irqs;
-};
 static ISABus *isabus;
 target_phys_addr_t isa_mem_base = 0;
+static qemu_irq *isa_bus_default_irqs;
 
 static void isabus_dev_print(Monitor *mon, DeviceState *dev, int indent);
 static char *isabus_get_fw_dev_path(DeviceState *dev);
@@ -39,6 +36,24 @@ static struct BusInfo isa_bus_info = {
 .get_fw_dev_path = isabus_get_fw_dev_path,
 };
 
+static void isa_bus_default_set_irqs(ISABus *bus, qemu_irq *irqs)
+{
+isa_bus_default_irqs = irqs;
+}
+
+static qemu_irq isa_bus_default_get_irq(ISABus *bus, int isairq)
+{
+if (isairq < 0 || isairq > 15) {
+hw_error("isa irq %d invalid", isairq);
+}
+return isa_bus_default_irqs[isairq];
+}
+
+static ISABusOps isa_bus_default_ops = {
+.set_irqs = isa_bus_default_set_irqs,
+.get_irq = isa_bus_default_get_irq,
+};
+
 ISABus *isa_bus_bridge_init(DeviceState *dev)
 {
 if (isabus) {
@@ -48,15 +63,29 @@ ISABus *isa_bus_bridge_init(DeviceState *dev)
 if (NULL == dev) {
 dev = qdev_create(NULL, "isabus-bridge");
 qdev_init_nofail(dev);
+} else {
+isabus = FROM_QBUS(ISABus, qbus_create(&isa_bus_info, dev, NULL));
+isabus->ops = &isa_bus_default_ops;
 }
-
-isabus = FROM_QBUS(ISABus, qbus_create(&isa_bus_info, dev, NULL));
 return isabus;
 }
 
+void isa_bus_new(ISABus *bus, ISABusOps *ops, DeviceState *host)
+{
+if (isabus) {
+hw_error("Can't create a second ISA bus");
+}
+qbus_create_inplace(&bus->qbus, &isa_bus_info, host, NULL);
+bus->ops = ops;
+isabus = bus;
+}
+
 void isa_bus_irqs(qemu_irq *irqs)
 {
-isabus->irqs = irqs;
+if (!isabus || !isabus->ops->set_irqs) {
+hw_error("Tried to set isa irqs

Re: [Qemu-devel] [PATCH 12/16] vga: Convert to isa_register_portio_list.

[Avi Kivity]

On 09/18/2011 05:27 PM, Avi Kivity wrote:

On 09/18/2011 05:16 PM, Richard Henderson wrote:

On 09/18/2011 06:45 AM, Avi Kivity wrote:
>>  +/* The PCI-ISA bridge should have been configured properly 
such that
>>  +   this works for PCI devices as well.  This only supports 
one bridge,
>>  +   but "secondary" VGA cards are generally accessed by MMIO 
only anyway.  */
>>  +isa_register_portio_list(NULL, 0x3b0, vga_portio_list, s, 
"vga");

>>
>>memory_region_init_io(vga_mem,&vga_mem_ops, s,
>
>  This is called even for pci machines which have no ISA bus (and even
>  if they did, the code should work wit the pci bus, not ISA). The code
>  should return the portio list of the caller to register, or perhaps
>  accept a callback to do the registration.

You're over-thinking this.  It's all legacy ISA crap full stop.
If the machine doesn't have a PCI-ISA bridge, then the machine will
also be prepared to access the VGA registers via its BARs.

In such a case we just should skip this entire section.  Probably
isa_register_portio_list should simply notice no ISA bus has been
registered and do nothing.


Depends, if it doesn't need those ports, then vga_init_io() can be 
passed a parameter not to register them, or perhaps it can be split 
into two.




It's also wrong for cirrus.  Even though it is a legacy address, it's 
not an ISA address, it's on the PCI bus (though not mapped by a BAR).


--
error compiling committee.c: too many arguments to function

[Qemu-devel] [PATCH 05/13] musicpal: convert to memory API

[Avi Kivity]

Signed-off-by: Avi Kivity 
---
 hw/musicpal.c |  243 +++--
 1 files changed, 99 insertions(+), 144 deletions(-)

diff --git a/hw/musicpal.c b/hw/musicpal.c
index ade5a91..9b1f380 100644
--- a/hw/musicpal.c
+++ b/hw/musicpal.c
@@ -19,6 +19,7 @@
 #include "console.h"
 #include "i2c.h"
 #include "blockdev.h"
+#include "exec-memory.h"
 
 #define MP_MISC_BASE0x80002000
 #define MP_MISC_SIZE0x1000
@@ -142,6 +143,7 @@
 
 typedef struct mv88w8618_eth_state {
 SysBusDevice busdev;
+MemoryRegion iomem;
 qemu_irq irq;
 uint32_t smir;
 uint32_t icr;
@@ -260,7 +262,8 @@ static void eth_send(mv88w8618_eth_state *s, int 
queue_index)
 } while (desc_addr != s->tx_queue[queue_index]);
 }
 
-static uint32_t mv88w8618_eth_read(void *opaque, target_phys_addr_t offset)
+static uint64_t mv88w8618_eth_read(void *opaque, target_phys_addr_t offset,
+   unsigned size)
 {
 mv88w8618_eth_state *s = opaque;
 
@@ -302,7 +305,7 @@ static uint32_t mv88w8618_eth_read(void *opaque, 
target_phys_addr_t offset)
 }
 
 static void mv88w8618_eth_write(void *opaque, target_phys_addr_t offset,
-uint32_t value)
+uint64_t value, unsigned size)
 {
 mv88w8618_eth_state *s = opaque;
 
@@ -353,16 +356,10 @@ static void mv88w8618_eth_write(void *opaque, 
target_phys_addr_t offset,
 }
 }
 
-static CPUReadMemoryFunc * const mv88w8618_eth_readfn[] = {
-mv88w8618_eth_read,
-mv88w8618_eth_read,
-mv88w8618_eth_read
-};
-
-static CPUWriteMemoryFunc * const mv88w8618_eth_writefn[] = {
-mv88w8618_eth_write,
-mv88w8618_eth_write,
-mv88w8618_eth_write
+static const MemoryRegionOps mv88w8618_eth_ops = {
+.read = mv88w8618_eth_read,
+.write = mv88w8618_eth_write,
+.endianness = DEVICE_NATIVE_ENDIAN,
 };
 
 static void eth_cleanup(VLANClientState *nc)
@@ -387,10 +384,9 @@ static int mv88w8618_eth_init(SysBusDevice *dev)
 sysbus_init_irq(dev, &s->irq);
 s->nic = qemu_new_nic(&net_mv88w8618_info, &s->conf,
   dev->qdev.info->name, dev->qdev.id, s);
-s->mmio_index = cpu_register_io_memory(mv88w8618_eth_readfn,
-   mv88w8618_eth_writefn, s,
-   DEVICE_NATIVE_ENDIAN);
-sysbus_init_mmio(dev, MP_ETH_SIZE, s->mmio_index);
+memory_region_init_io(&s->iomem, &mv88w8618_eth_ops, s, "mv88w8618-eth",
+  MP_ETH_SIZE);
+sysbus_init_mmio_region(dev, &s->iomem);
 return 0;
 }
 
@@ -444,6 +440,7 @@ static int mv88w8618_eth_init(SysBusDevice *dev)
 
 typedef struct musicpal_lcd_state {
 SysBusDevice busdev;
+MemoryRegion iomem;
 uint32_t brightness;
 uint32_t mode;
 uint32_t irqctrl;
@@ -528,7 +525,8 @@ static void musicpal_lcd_gpio_brigthness_in(void *opaque, 
int irq, int level)
 s->brightness |= level << irq;
 }
 
-static uint32_t musicpal_lcd_read(void *opaque, target_phys_addr_t offset)
+static uint64_t musicpal_lcd_read(void *opaque, target_phys_addr_t offset,
+  unsigned size)
 {
 musicpal_lcd_state *s = opaque;
 
@@ -542,7 +540,7 @@ static uint32_t musicpal_lcd_read(void *opaque, 
target_phys_addr_t offset)
 }
 
 static void musicpal_lcd_write(void *opaque, target_phys_addr_t offset,
-   uint32_t value)
+   uint64_t value, unsigned size)
 {
 musicpal_lcd_state *s = opaque;
 
@@ -581,29 +579,21 @@ static void musicpal_lcd_write(void *opaque, 
target_phys_addr_t offset,
 }
 }
 
-static CPUReadMemoryFunc * const musicpal_lcd_readfn[] = {
-musicpal_lcd_read,
-musicpal_lcd_read,
-musicpal_lcd_read
-};
-
-static CPUWriteMemoryFunc * const musicpal_lcd_writefn[] = {
-musicpal_lcd_write,
-musicpal_lcd_write,
-musicpal_lcd_write
+static const MemoryRegionOps musicpal_lcd_ops = {
+.read = musicpal_lcd_read,
+.write = musicpal_lcd_write,
+.endianness = DEVICE_NATIVE_ENDIAN,
 };
 
 static int musicpal_lcd_init(SysBusDevice *dev)
 {
 musicpal_lcd_state *s = FROM_SYSBUS(musicpal_lcd_state, dev);
-int iomemtype;
 
 s->brightness = 7;
 
-iomemtype = cpu_register_io_memory(musicpal_lcd_readfn,
-   musicpal_lcd_writefn, s,
-   DEVICE_NATIVE_ENDIAN);
-sysbus_init_mmio(dev, MP_LCD_SIZE, iomemtype);
+memory_region_init_io(&s->iomem, &musicpal_lcd_ops, s,
+  "musicpal-lcd", MP_LCD_SIZE);
+sysbus_init_mmio_region(dev, &s->iomem);
 
 s->ds = graphic_console_init(lcd_refresh, lcd_invalidate,
  NULL, NULL, s);
@@ -645,6 +635,7 @@ static int musicpal_lcd_init(SysBusDevice *dev)
 typedef struct mv88w8618_pic_state
 {
 SysBusDevice busdev;
+MemoryRegion iomem;
 uint32_t level;
 uin

Re: [Qemu-devel] [PATCH 0/8] tcg/interpreter: Add TCG + interpreter for bytecode (virtual machine)

[Mulyadi Santosa]

Hi :)

On Sun, Sep 18, 2011 at 02:59, Stefan Weil  wrote:
> Hello,
>
> these patches add a new code generator (TCG target) to qemu.

I personally congrats you for your hard work. So, here's a question
from who are not so keen with Qemu internals: what is the biggest
advantage of using TCI instead of directly using TCG?


-- 
regards,

Mulyadi Santosa
Freelance Linux trainer and consultant

blog: the-hydra.blogspot.com
training: mulyaditraining.blogspot.com

[Qemu-devel] [PATCH 05/11] pc: improve bus implementation of PIIX3 bridge

[Hervé Poussineau]

Signed-off-by: Hervé Poussineau 
---
 hw/pc.h   |2 +-
 hw/pc_piix.c  |3 ++-
 hw/piix_pci.c |   38 +-
 3 files changed, 36 insertions(+), 7 deletions(-)

diff --git a/hw/pc.h b/hw/pc.h
index c3e85e9..5489039 100644
--- a/hw/pc.h
+++ b/hw/pc.h
@@ -181,7 +181,7 @@ struct PCII440FXState;
 typedef struct PCII440FXState PCII440FXState;
 
 PCIBus *i440fx_init(PCII440FXState **pi440fx_state, int *piix_devfn,
-qemu_irq *pic,
+ISABus **isa_bus,
 MemoryRegion *address_space_mem,
 MemoryRegion *address_space_io,
 ram_addr_t ram_size,
diff --git a/hw/pc_piix.c b/hw/pc_piix.c
index 16c6f41..d554bd0 100644
--- a/hw/pc_piix.c
+++ b/hw/pc_piix.c
@@ -84,6 +84,7 @@ static void pc_init1(MemoryRegion *system_memory,
 int i;
 ram_addr_t below_4g_mem_size, above_4g_mem_size;
 PCIBus *pci_bus;
+ISABus *isa_bus;
 PCII440FXState *i440fx_state;
 int piix3_devfn = -1;
 qemu_irq *cpu_irq;
@@ -137,7 +138,7 @@ static void pc_init1(MemoryRegion *system_memory,
 isa_irq = qemu_allocate_irqs(isa_irq_handler, isa_irq_state, 24);
 
 if (pci_enabled) {
-pci_bus = i440fx_init(&i440fx_state, &piix3_devfn, isa_irq,
+pci_bus = i440fx_init(&i440fx_state, &piix3_devfn, &isa_bus,
   system_memory, system_io, ram_size,
   below_4g_mem_size,
   0x1ULL - below_4g_mem_size,
diff --git a/hw/piix_pci.c b/hw/piix_pci.c
index 7a5a44c..6000141 100644
--- a/hw/piix_pci.c
+++ b/hw/piix_pci.c
@@ -30,6 +30,7 @@
 #include "sysbus.h"
 #include "range.h"
 #include "xen.h"
+#include "exec-memory.h"
 
 /*
  * I440FX chipset data sheet.
@@ -45,6 +46,7 @@ typedef PCIHostState I440FXState;
 
 typedef struct PIIX3State {
 PCIDevice dev;
+ISABus bus;
 
 /*
  * bitmap to track pic levels.
@@ -263,7 +265,7 @@ static int i440fx_initfn(PCIDevice *dev)
 static PCIBus *i440fx_common_init(const char *device_name,
   PCII440FXState **pi440fx_state,
   int *piix3_devfn,
-  qemu_irq *pic,
+  ISABus **isa_bus,
   MemoryRegion *address_space_mem,
   MemoryRegion *address_space_io,
   ram_addr_t ram_size,
@@ -324,7 +326,7 @@ static PCIBus *i440fx_common_init(const char *device_name,
 pci_bus_irqs(b, piix3_set_irq, pci_slot_get_pirq, piix3,
 PIIX_NUM_PIRQS);
 }
-piix3->pic = pic;
+*isa_bus = &piix3->bus;
 
 (*pi440fx_state)->piix3 = piix3;
 
@@ -341,7 +343,7 @@ static PCIBus *i440fx_common_init(const char *device_name,
 }
 
 PCIBus *i440fx_init(PCII440FXState **pi440fx_state, int *piix3_devfn,
-qemu_irq *pic,
+ISABus **isa_bus,
 MemoryRegion *address_space_mem,
 MemoryRegion *address_space_io,
 ram_addr_t ram_size,
@@ -354,7 +356,7 @@ PCIBus *i440fx_init(PCII440FXState **pi440fx_state, int 
*piix3_devfn,
 {
 PCIBus *b;
 
-b = i440fx_common_init("i440FX", pi440fx_state, piix3_devfn, pic,
+b = i440fx_common_init("i440FX", pi440fx_state, piix3_devfn, isa_bus,
address_space_mem, address_space_io, ram_size,
pci_hole_start, pci_hole_size,
pci_hole64_size, pci_hole64_size,
@@ -500,11 +502,37 @@ static const VMStateDescription vmstate_piix3 = {
 }
 };
 
+static void piix3_bus_set_irqs(ISABus *bus, qemu_irq *irqs)
+{
+PIIX3State *d = container_of(bus, PIIX3State, bus);
+d->pic = irqs;
+}
+
+static qemu_irq piix3_bus_get_irq(ISABus *bus, int isairq)
+{
+PIIX3State *d = container_of(bus, PIIX3State, bus);
+if (isairq < 0 || isairq >= PIIX_NUM_PIC_IRQS) {
+hw_error("isa irq %d invalid", isairq);
+}
+return d->pic[isairq];
+}
+
+static MemoryRegion *piix3_bus_get_address_space(ISABus *bus)
+{
+return get_system_memory();
+}
+
+static ISABusOps piix3_bus_ops = {
+.set_irqs = piix3_bus_set_irqs,
+.get_irq = piix3_bus_get_irq,
+.get_address_space = piix3_bus_get_address_space,
+};
+
 static int piix3_initfn(PCIDevice *dev)
 {
 PIIX3State *d = DO_UPCAST(PIIX3State, dev, dev);
 
-isa_bus_bridge_init(&d->dev.qdev);
+isa_bus_new(&d->bus, &piix3_bus_ops, &dev->qdev);
 qemu_register_reset(piix3_reset, d);
 return 0;
 }
-- 
1.7.5.4

[Qemu-devel] [PATCH 04/11] audio: give ISA bus to sound cards, instead of PIC

[Hervé Poussineau]

Signed-off-by: Hervé Poussineau 
---
 arch_init.c|   10 +-
 arch_init.h|2 +-
 hw/adlib.c |2 +-
 hw/audiodev.h  |8 
 hw/cs4231a.c   |2 +-
 hw/gus.c   |2 +-
 hw/mips_jazz.c |5 +++--
 hw/pc.h|2 +-
 hw/pc_piix.c   |4 ++--
 hw/pcspk.c |2 +-
 hw/sb16.c  |2 +-
 11 files changed, 21 insertions(+), 20 deletions(-)

diff --git a/arch_init.c b/arch_init.c
index 9a5a0e3..465a260 100644
--- a/arch_init.c
+++ b/arch_init.c
@@ -471,7 +471,7 @@ struct soundhw {
 int enabled;
 int isa;
 union {
-int (*init_isa) (qemu_irq *pic);
+int (*init_isa) (ISABus *bus);
 int (*init_pci) (PCIBus *bus);
 } init;
 };
@@ -626,15 +626,15 @@ void select_soundhw(const char *optarg)
 }
 }
 
-void audio_init(qemu_irq *isa_pic, PCIBus *pci_bus)
+void audio_init(ISABus *isa_bus, PCIBus *pci_bus)
 {
 struct soundhw *c;
 
 for (c = soundhw; c->name; ++c) {
 if (c->enabled) {
 if (c->isa) {
-if (isa_pic) {
-c->init.init_isa(isa_pic);
+if (isa_bus) {
+c->init.init_isa(isa_bus);
 }
 } else {
 if (pci_bus) {
@@ -648,7 +648,7 @@ void audio_init(qemu_irq *isa_pic, PCIBus *pci_bus)
 void select_soundhw(const char *optarg)
 {
 }
-void audio_init(qemu_irq *isa_pic, PCIBus *pci_bus)
+void audio_init(ISABus *isa_bus, PCIBus *pci_bus)
 {
 }
 #endif
diff --git a/arch_init.h b/arch_init.h
index a74187a..828256c 100644
--- a/arch_init.h
+++ b/arch_init.h
@@ -27,7 +27,7 @@ void do_acpitable_option(const char *optarg);
 void do_smbios_option(const char *optarg);
 void cpudef_init(void);
 int audio_available(void);
-void audio_init(qemu_irq *isa_pic, PCIBus *pci_bus);
+void audio_init(ISABus *isa_bus, PCIBus *pci_bus);
 int tcg_available(void);
 int kvm_available(void);
 int xen_available(void);
diff --git a/hw/adlib.c b/hw/adlib.c
index c1c46e3..d98aebc 100644
--- a/hw/adlib.c
+++ b/hw/adlib.c
@@ -276,7 +276,7 @@ static void Adlib_fini (AdlibState *s)
 AUD_remove_card (&s->card);
 }
 
-int Adlib_init (qemu_irq *pic)
+int Adlib_init(ISABus *bus)
 {
 AdlibState *s = &glob_adlib;
 struct audsettings as;
diff --git a/hw/audiodev.h b/hw/audiodev.h
index 8e930b2..1d34a4b 100644
--- a/hw/audiodev.h
+++ b/hw/audiodev.h
@@ -2,19 +2,19 @@
 int es1370_init(PCIBus *bus);
 
 /* sb16.c */
-int SB16_init(qemu_irq *pic);
+int SB16_init(ISABus *bus);
 
 /* adlib.c */
-int Adlib_init(qemu_irq *pic);
+int Adlib_init(ISABus *bus);
 
 /* gus.c */
-int GUS_init(qemu_irq *pic);
+int GUS_init(ISABus *bus);
 
 /* ac97.c */
 int ac97_init(PCIBus *buf);
 
 /* cs4231a.c */
-int cs4231a_init(qemu_irq *pic);
+int cs4231a_init(ISABus *bus);
 
 /* intel-hda.c + hda-audio.c */
 int intel_hda_and_codec_init(PCIBus *bus);
diff --git a/hw/cs4231a.c b/hw/cs4231a.c
index 598f032..e16f9a3 100644
--- a/hw/cs4231a.c
+++ b/hw/cs4231a.c
@@ -659,7 +659,7 @@ static int cs4231a_initfn (ISADevice *dev)
 return 0;
 }
 
-int cs4231a_init (qemu_irq *pic)
+int cs4231a_init(ISABus *bus)
 {
 isa_create_simple ("cs4231a");
 return 0;
diff --git a/hw/gus.c b/hw/gus.c
index 37e543a..e4dbc8a 100644
--- a/hw/gus.c
+++ b/hw/gus.c
@@ -294,7 +294,7 @@ static int gus_initfn (ISADevice *dev)
 return 0;
 }
 
-int GUS_init (qemu_irq *pic)
+int GUS_init(ISABus *bus)
 {
 isa_create_simple ("gus");
 return 0;
diff --git a/hw/mips_jazz.c b/hw/mips_jazz.c
index f9581f7..3990c0d 100644
--- a/hw/mips_jazz.c
+++ b/hw/mips_jazz.c
@@ -113,6 +113,7 @@ void mips_jazz_init (ram_addr_t ram_size,
 int bios_size, n;
 CPUState *env;
 qemu_irq *rc4030, *i8259;
+ISABus *isa_bus;
 rc4030_dma *dmas;
 void* rc4030_opaque;
 int s_rtc, s_dma_dummy;
@@ -181,7 +182,7 @@ void mips_jazz_init (ram_addr_t ram_size,
 
 /* ISA devices */
 i8259 = i8259_init(env->irq[4]);
-isa_bus_bridge_init(NULL);
+isa_bus = isa_bus_bridge_init(NULL);
 isa_bus_irqs(i8259);
 cpu_exit_irq = qemu_allocate_irqs(cpu_request_exit, NULL, 1);
 DMA_init(0, cpu_exit_irq);
@@ -281,7 +282,7 @@ void mips_jazz_init (ram_addr_t ram_size,
 
 /* Sound card */
 /* FIXME: missing Jazz sound at 0x8000c000, rc4030[2] */
-audio_init(i8259, NULL);
+audio_init(isa_bus, NULL);
 
 /* NVRAM */
 dev = qdev_create(NULL, "ds1225y");
diff --git a/hw/pc.h b/hw/pc.h
index dae736e..c3e85e9 100644
--- a/hw/pc.h
+++ b/hw/pc.h
@@ -174,7 +174,7 @@ extern int no_hpet;
 
 /* pcspk.c */
 void pcspk_init(ISADevice *pit);
-int pcspk_audio_init(qemu_irq *pic);
+int pcspk_audio_init(ISABus *bus);
 
 /* piix_pci.c */
 struct PCII440FXState;
diff --git a/hw/pc_piix.c b/hw/pc_piix.c
index 67127da..16c6f41 100644
--- a/hw/pc_piix.c
+++ b/hw/pc_piix.c
@@ -149,7 +149,7 @@ static void pc_init1(MemoryRegion *system_memory,
 } else {
 pci_bus = NULL;
 i440fx_state = NULL;
-isa_bus_bridge_init(NULL);
+isa_b

[Qemu-devel] [PATCH 03/11] isa: implement isa_address_space() as a method of ISA bus

[Hervé Poussineau]

Signed-off-by: Hervé Poussineau 
---
 hw/isa-bridge.c |6 ++
 hw/isa-bus.c|   11 ++-
 hw/isa.h|1 +
 3 files changed, 17 insertions(+), 1 deletions(-)

diff --git a/hw/isa-bridge.c b/hw/isa-bridge.c
index 49fa033..bb2d8b0 100644
--- a/hw/isa-bridge.c
+++ b/hw/isa-bridge.c
@@ -42,9 +42,15 @@ static qemu_irq isabus_bridge_get_irq(ISABus *bus, int 
isairq)
 return s->irqs[isairq];
 }
 
+static MemoryRegion *isabus_bridge_get_address_space(ISABus *bus)
+{
+return get_system_memory();
+}
+
 static ISABusOps isabus_bridge_ops = {
 .set_irqs = isabus_bridge_set_irqs,
 .get_irq = isabus_bridge_get_irq,
+.get_address_space = isabus_bridge_get_address_space,
 };
 
 static int isabus_bridge_init(SysBusDevice *dev)
diff --git a/hw/isa-bus.c b/hw/isa-bus.c
index 27cffb3..03e7381 100644
--- a/hw/isa-bus.c
+++ b/hw/isa-bus.c
@@ -49,9 +49,15 @@ static qemu_irq isa_bus_default_get_irq(ISABus *bus, int 
isairq)
 return isa_bus_default_irqs[isairq];
 }
 
+static MemoryRegion *isa_bus_default_get_address_space(ISABus *bus)
+{
+return get_system_memory();
+}
+
 static ISABusOps isa_bus_default_ops = {
 .set_irqs = isa_bus_default_set_irqs,
 .get_irq = isa_bus_default_get_irq,
+.get_address_space = isa_bus_default_get_address_space,
 };
 
 ISABus *isa_bus_bridge_init(DeviceState *dev)
@@ -215,6 +221,9 @@ static char *isabus_get_fw_dev_path(DeviceState *dev)
 
 MemoryRegion *isa_address_space(ISADevice *dev)
 {
-return get_system_memory();
+if (!isabus || !isabus->ops->get_address_space) {
+hw_error("Tried to get isa address space with no isa bus present.");
+}
+return isabus->ops->get_address_space(isabus);
 }
 
diff --git a/hw/isa.h b/hw/isa.h
index 129f129..22a2783 100644
--- a/hw/isa.h
+++ b/hw/isa.h
@@ -35,6 +35,7 @@ struct ISABus {
 struct ISABusOps {
 void (*set_irqs)(ISABus *bus, qemu_irq *irqs);
 qemu_irq (*get_irq)(ISABus *bus, int isairq);
+MemoryRegion *(*get_address_space)(ISABus *bus);
 };
 
 ISABus *isa_bus_bridge_init(DeviceState *dev);
-- 
1.7.5.4

[Qemu-devel] [PATCH 08/11] malta: improve bus implementation of PIIX4 bridge

[Hervé Poussineau]

Signed-off-by: Hervé Poussineau 
---
 hw/mips_malta.c |3 +--
 hw/pc.h |2 +-
 hw/piix4.c  |   23 +--
 3 files changed, 23 insertions(+), 5 deletions(-)

diff --git a/hw/mips_malta.c b/hw/mips_malta.c
index e7cdf20..65e5915 100644
--- a/hw/mips_malta.c
+++ b/hw/mips_malta.c
@@ -939,8 +939,7 @@ void mips_malta_init (ram_addr_t ram_size,
 /* Southbridge */
 ide_drive_get(hd, MAX_IDE_BUS);
 
-piix4_devfn = piix4_init(pci_bus, 80);
-isa_bus_irqs(i8259);
+piix4_devfn = piix4_init(pci_bus, 80, i8259);
 pci_piix4_ide_init(pci_bus, hd, piix4_devfn + 1);
 usb_uhci_piix4_init(pci_bus, piix4_devfn + 2);
 smbus = piix4_pm_init(pci_bus, piix4_devfn + 3, 0x1100, isa_get_irq(9),
diff --git a/hw/pc.h b/hw/pc.h
index 5489039..8d1573f 100644
--- a/hw/pc.h
+++ b/hw/pc.h
@@ -194,7 +194,7 @@ PCIBus *i440fx_init(PCII440FXState **pi440fx_state, int 
*piix_devfn,
 
 /* piix4.c */
 extern PCIDevice *piix4_dev;
-int piix4_init(PCIBus *bus, int devfn);
+int piix4_init(PCIBus *bus, int devfn, qemu_irq *isa_irqs);
 
 /* vga.c */
 enum vga_retrace_method {
diff --git a/hw/piix4.c b/hw/piix4.c
index 984de8b..f6437ce 100644
--- a/hw/piix4.c
+++ b/hw/piix4.c
@@ -32,6 +32,8 @@ PCIDevice *piix4_dev;
 
 typedef struct PIIX4State {
 PCIDevice dev;
+ISABus bus;
+qemu_irq *isa_irq;
 } PIIX4State;
 
 static void piix4_reset(void *opaque)
@@ -83,21 +85,38 @@ static const VMStateDescription vmstate_piix4 = {
 }
 };
 
+static qemu_irq pci_piix4_get_irq(ISABus *bus, int isairq)
+{
+PIIX4State *s = container_of(bus, PIIX4State, bus);
+if (isairq < 0 || isairq >= 16) {
+hw_error("isa irq %d invalid", isairq);
+}
+return s->isa_irq[isairq];
+}
+
+static ISABusOps pci_piix4_ops = {
+.get_irq = pci_piix4_get_irq,
+};
+
 static int piix4_initfn(PCIDevice *dev)
 {
 PIIX4State *d = DO_UPCAST(PIIX4State, dev, dev);
 
-isa_bus_bridge_init(&d->dev.qdev);
+isa_bus_new(&d->bus, &pci_piix4_ops, &d->dev.qdev);
 piix4_dev = &d->dev;
 qemu_register_reset(piix4_reset, d);
 return 0;
 }
 
-int piix4_init(PCIBus *bus, int devfn)
+int piix4_init(PCIBus *bus, int devfn, qemu_irq *isa_irqs)
 {
 PCIDevice *d;
+PIIX4State *s;
 
 d = pci_create_simple_multifunction(bus, devfn, true, "PIIX4");
+s = DO_UPCAST(PIIX4State, dev, d);
+s->isa_irq = isa_irqs;
+
 return d->devfn;
 }
 
-- 
1.7.5.4

[Qemu-devel] [PATCH 08/13] omap1: convert to memory API (part III)

[Avi Kivity]

Signed-off-by: Avi Kivity 
---
 hw/omap.h  |8 ++-
 hw/omap1.c |  209 +--
 2 files changed, 123 insertions(+), 94 deletions(-)

diff --git a/hw/omap.h b/hw/omap.h
index cb3b524..059b48f 100644
--- a/hw/omap.h
+++ b/hw/omap.h
@@ -692,7 +692,8 @@ struct uWireSlave {
 void *opaque;
 };
 struct omap_uwire_s;
-struct omap_uwire_s *omap_uwire_init(target_phys_addr_t base,
+struct omap_uwire_s *omap_uwire_init(MemoryRegion *system_memory,
+target_phys_addr_t base,
 qemu_irq *irq, qemu_irq dma, omap_clk clk);
 void omap_uwire_attach(struct omap_uwire_s *s,
 uWireSlave *slave, int chipselect);
@@ -731,7 +732,8 @@ struct I2SCodec {
 } in, out;
 };
 struct omap_mcbsp_s;
-struct omap_mcbsp_s *omap_mcbsp_init(target_phys_addr_t base,
+struct omap_mcbsp_s *omap_mcbsp_init(MemoryRegion *system_memory,
+target_phys_addr_t base,
 qemu_irq *irq, qemu_irq *dma, omap_clk clk);
 void omap_mcbsp_i2s_attach(struct omap_mcbsp_s *s, I2SCodec *slave);
 
@@ -837,6 +839,8 @@ struct omap_mpu_state_s {
 MemoryRegion tcmi_iomem;
 MemoryRegion clkm_iomem;
 MemoryRegion clkdsp_iomem;
+MemoryRegion pwl_iomem;
+MemoryRegion pwt_iomem;
 
 struct omap_dma_port_if_s {
 uint32_t (*read[3])(struct omap_mpu_state_s *s,
diff --git a/hw/omap1.c b/hw/omap1.c
index 05e38fc..fb22d75 100644
--- a/hw/omap1.c
+++ b/hw/omap1.c
@@ -2116,6 +2116,7 @@ void omap_mpuio_key(struct omap_mpuio_s *s, int row, int 
col, int down)
 
 /* MicroWire Interface */
 struct omap_uwire_s {
+MemoryRegion iomem;
 qemu_irq txirq;
 qemu_irq rxirq;
 qemu_irq txdrq;
@@ -2153,11 +2154,16 @@ static void omap_uwire_transfer_start(struct 
omap_uwire_s *s)
 }
 }
 
-static uint32_t omap_uwire_read(void *opaque, target_phys_addr_t addr)
+static uint64_t omap_uwire_read(void *opaque, target_phys_addr_t addr,
+unsigned size)
 {
 struct omap_uwire_s *s = (struct omap_uwire_s *) opaque;
 int offset = addr & OMAP_MPUI_REG_MASK;
 
+if (size != 2) {
+return omap_badwidth_read16(opaque, addr);
+}
+
 switch (offset) {
 case 0x00: /* RDR */
 s->control &= ~(1 << 15);  /* RDRB */
@@ -2183,11 +2189,15 @@ static uint32_t omap_uwire_read(void *opaque, 
target_phys_addr_t addr)
 }
 
 static void omap_uwire_write(void *opaque, target_phys_addr_t addr,
-uint32_t value)
+ uint64_t value, unsigned size)
 {
 struct omap_uwire_s *s = (struct omap_uwire_s *) opaque;
 int offset = addr & OMAP_MPUI_REG_MASK;
 
+if (size != 2) {
+return omap_badwidth_write16(opaque, addr, value);
+}
+
 switch (offset) {
 case 0x00: /* TDR */
 s->txbuf = value;  /* TD */
@@ -2231,16 +2241,10 @@ static void omap_uwire_write(void *opaque, 
target_phys_addr_t addr,
 }
 }
 
-static CPUReadMemoryFunc * const omap_uwire_readfn[] = {
-omap_badwidth_read16,
-omap_uwire_read,
-omap_badwidth_read16,
-};
-
-static CPUWriteMemoryFunc * const omap_uwire_writefn[] = {
-omap_badwidth_write16,
-omap_uwire_write,
-omap_badwidth_write16,
+static const MemoryRegionOps omap_uwire_ops = {
+.read = omap_uwire_read,
+.write = omap_uwire_write,
+.endianness = DEVICE_NATIVE_ENDIAN,
 };
 
 static void omap_uwire_reset(struct omap_uwire_s *s)
@@ -2253,10 +2257,10 @@ static void omap_uwire_reset(struct omap_uwire_s *s)
 s->setup[4] = 0;
 }
 
-struct omap_uwire_s *omap_uwire_init(target_phys_addr_t base,
+struct omap_uwire_s *omap_uwire_init(MemoryRegion *system_memory,
+target_phys_addr_t base,
 qemu_irq *irq, qemu_irq dma, omap_clk clk)
 {
-int iomemtype;
 struct omap_uwire_s *s = (struct omap_uwire_s *)
 g_malloc0(sizeof(struct omap_uwire_s));
 
@@ -2265,9 +2269,8 @@ struct omap_uwire_s *omap_uwire_init(target_phys_addr_t 
base,
 s->txdrq = dma;
 omap_uwire_reset(s);
 
-iomemtype = cpu_register_io_memory(omap_uwire_readfn,
-omap_uwire_writefn, s, DEVICE_NATIVE_ENDIAN);
-cpu_register_physical_memory(base, 0x800, iomemtype);
+memory_region_init_io(&s->iomem, &omap_uwire_ops, s, "omap-uwire", 0x800);
+memory_region_add_subregion(system_memory, base, &s->iomem);
 
 return s;
 }
@@ -2294,11 +2297,16 @@ static void omap_pwl_update(struct omap_mpu_state_s *s)
 }
 }
 
-static uint32_t omap_pwl_read(void *opaque, target_phys_addr_t addr)
+static uint64_t omap_pwl_read(void *opaque, target_phys_addr_t addr,
+  unsigned size)
 {
 struct omap_mpu_state_s *s = (struct omap_mpu_state_s *) opaque;
 int offset = addr & OMAP_MPUI_REG_MASK;
 
+if (size != 1) {
+return omap_badwidth_read8(opaque, addr);
+}
+
 switch (offset) {
 case 0x00: /* PWL_LEVEL */
 return s->

Re: [Qemu-devel] [PATCH 0/8] tcg/interpreter: Add TCG + interpreter for bytecode (virtual machine)

[Stefan Weil]

Am 18.09.2011 17:02, schrieb Mulyadi Santosa:

Hi :)

On Sun, Sep 18, 2011 at 02:59, Stefan Weil  wrote:

Hello,

these patches add a new code generator (TCG target) to qemu.


I personally congrats you for your hard work. So, here's a question
from who are not so keen with Qemu internals: what is the biggest
advantage of using TCI instead of directly using TCG?


TCG with native code support is much faster (6x to 10x),
so for emulation on a supported host, TCI has no advantage
for normal users.

Its primary purpose was support of new hosts without a native
TCG.

In addition, it's easier to trace TCG operations in TCI
than in generated native code, so TCI is really good to
examine code, to test new TCG opcodes, to make statistics
(I did some with Valgrind which now now longer works
thanks to coroutines), to test the influence of TCG parameters
like the number of available registers. I'm sure there are
even more interesting applications for which TCI could be
used.

Cheers,
Stefan

[Qemu-devel] [PATCH 13/13] omap1: convert to memory API (part VI)

[Avi Kivity]

Easy RAM stuff.

Signed-off-by: Avi Kivity 
---
 hw/omap.h|2 ++
 hw/omap1.c   |   17 +++--
 hw/soc_dma.h |2 ++
 3 files changed, 11 insertions(+), 10 deletions(-)

diff --git a/hw/omap.h b/hw/omap.h
index de83452..0260cc0 100644
--- a/hw/omap.h
+++ b/hw/omap.h
@@ -841,6 +841,8 @@ struct omap_mpu_state_s {
 MemoryRegion pwl_iomem;
 MemoryRegion pwt_iomem;
 MemoryRegion mpui_io_iomem;
+MemoryRegion imif_ram;
+MemoryRegion emiff_ram;
 
 struct omap_dma_port_if_s {
 uint32_t (*read[3])(struct omap_mpu_state_s *s,
diff --git a/hw/omap1.c b/hw/omap1.c
index 4b2abb9..f747321 100644
--- a/hw/omap1.c
+++ b/hw/omap1.c
@@ -3793,7 +3793,6 @@ struct omap_mpu_state_s *omap310_mpu_init(MemoryRegion 
*system_memory,
 int i;
 struct omap_mpu_state_s *s = (struct omap_mpu_state_s *)
 g_malloc0(sizeof(struct omap_mpu_state_s));
-ram_addr_t imif_base, emiff_base;
 qemu_irq *cpu_irq;
 qemu_irq dma_irqs[6];
 DriveInfo *dinfo;
@@ -3817,12 +3816,10 @@ struct omap_mpu_state_s *omap310_mpu_init(MemoryRegion 
*system_memory,
 omap_clk_init(s);
 
 /* Memory-mapped stuff */
-cpu_register_physical_memory(OMAP_EMIFF_BASE, s->sdram_size,
-(emiff_base = qemu_ram_alloc(NULL, "omap1.dram",
- s->sdram_size)) | IO_MEM_RAM);
-cpu_register_physical_memory(OMAP_IMIF_BASE, s->sram_size,
-(imif_base = qemu_ram_alloc(NULL, "omap1.sram",
-s->sram_size)) | IO_MEM_RAM);
+memory_region_init_ram(&s->emiff_ram, NULL, "omap1.dram", s->sdram_size);
+memory_region_add_subregion(system_memory, OMAP_EMIFF_BASE, &s->emiff_ram);
+memory_region_init_ram(&s->imif_ram, NULL, "omap1.sram", s->sram_size);
+memory_region_add_subregion(system_memory, OMAP_IMIF_BASE, &s->imif_ram);
 
 omap_clkm_init(system_memory, 0xfffece00, 0xe1008000, s);
 
@@ -3848,9 +3845,9 @@ struct omap_mpu_state_s *omap310_mpu_init(MemoryRegion 
*system_memory,
 s->port[tipb_mpui].addr_valid = omap_validate_tipb_mpui_addr;
 
 /* Register SDRAM and SRAM DMA ports for fast transfers.  */
-soc_dma_port_add_mem(s->dma, qemu_get_ram_ptr(emiff_base),
- OMAP_EMIFF_BASE, s->sdram_size);
-soc_dma_port_add_mem(s->dma, qemu_get_ram_ptr(imif_base),
+soc_dma_port_add_mem(s->dma, memory_region_get_ram_ptr(&s->emiff_ram),
+ OMAP_EMIFF_BASE, s->sdram_size);
+soc_dma_port_add_mem(s->dma, memory_region_get_ram_ptr(&s->imif_ram),
  OMAP_IMIF_BASE, s->sram_size);
 
 s->timer[0] = omap_mpu_timer_init(system_memory, 0xfffec500,
diff --git a/hw/soc_dma.h b/hw/soc_dma.h
index 026479e..904b26c 100644
--- a/hw/soc_dma.h
+++ b/hw/soc_dma.h
@@ -18,6 +18,8 @@
  * with this program; if not, see .
  */
 
+#include "memory.h"
+
 struct soc_dma_s;
 struct soc_dma_ch_s;
 typedef void (*soc_dma_io_t)(void *opaque, uint8_t *buf, int len);
-- 
1.7.6.3

Re: [Qemu-devel] [PATCH 12/16] vga: Convert to isa_register_portio_list.

[Richard Henderson]

On 09/18/2011 07:56 AM, Avi Kivity wrote:
> It's also wrong for cirrus. Even though it is a legacy address, it's
> not an ISA address, it's on the PCI bus (though not mapped by a BAR).

Huh?  How do define that as not an ISA address?  Especially
since all that's called from isa_cirrus_vga_init?


r~

[Qemu-devel] [PATCH 09/13] omap1: convert to memory API (part IV)

[Avi Kivity]

Signed-off-by: Avi Kivity 
---
 hw/omap.h  |1 +
 hw/omap1.c |   81 ++-
 2 files changed, 48 insertions(+), 34 deletions(-)

diff --git a/hw/omap.h b/hw/omap.h
index 059b48f..25d10f3 100644
--- a/hw/omap.h
+++ b/hw/omap.h
@@ -841,6 +841,7 @@ struct omap_mpu_state_s {
 MemoryRegion clkdsp_iomem;
 MemoryRegion pwl_iomem;
 MemoryRegion pwt_iomem;
+MemoryRegion mpui_io_iomem;
 
 struct omap_dma_port_if_s {
 uint32_t (*read[3])(struct omap_mpu_state_s *s,
diff --git a/hw/omap1.c b/hw/omap1.c
index fb22d75..df5d68b 100644
--- a/hw/omap1.c
+++ b/hw/omap1.c
@@ -3452,6 +3452,7 @@ void omap_mcbsp_i2s_attach(struct omap_mcbsp_s *s, 
I2SCodec *slave)
 
 /* LED Pulse Generators */
 struct omap_lpg_s {
+MemoryRegion iomem;
 QEMUTimer *tm;
 
 uint8_t control;
@@ -3516,11 +3517,16 @@ static void omap_lpg_reset(struct omap_lpg_s *s)
 omap_lpg_update(s);
 }
 
-static uint32_t omap_lpg_read(void *opaque, target_phys_addr_t addr)
+static uint64_t omap_lpg_read(void *opaque, target_phys_addr_t addr,
+  unsigned size)
 {
 struct omap_lpg_s *s = (struct omap_lpg_s *) opaque;
 int offset = addr & OMAP_MPUI_REG_MASK;
 
+if (size != 1) {
+return omap_badwidth_read8(opaque, addr);
+}
+
 switch (offset) {
 case 0x00: /* LCR */
 return s->control;
@@ -3534,11 +3540,15 @@ static uint32_t omap_lpg_read(void *opaque, 
target_phys_addr_t addr)
 }
 
 static void omap_lpg_write(void *opaque, target_phys_addr_t addr,
-uint32_t value)
+   uint64_t value, unsigned size)
 {
 struct omap_lpg_s *s = (struct omap_lpg_s *) opaque;
 int offset = addr & OMAP_MPUI_REG_MASK;
 
+if (size != 1) {
+return omap_badwidth_write8(opaque, addr, value);
+}
+
 switch (offset) {
 case 0x00: /* LCR */
 if (~value & (1 << 6)) /* LPGRES */
@@ -3558,16 +3568,10 @@ static void omap_lpg_write(void *opaque, 
target_phys_addr_t addr,
 }
 }
 
-static CPUReadMemoryFunc * const omap_lpg_readfn[] = {
-omap_lpg_read,
-omap_badwidth_read8,
-omap_badwidth_read8,
-};
-
-static CPUWriteMemoryFunc * const omap_lpg_writefn[] = {
-omap_lpg_write,
-omap_badwidth_write8,
-omap_badwidth_write8,
+static const MemoryRegionOps omap_lpg_ops = {
+.read = omap_lpg_read,
+.write = omap_lpg_write,
+.endianness = DEVICE_NATIVE_ENDIAN,
 };
 
 static void omap_lpg_clk_update(void *opaque, int line, int on)
@@ -3578,9 +3582,9 @@ static void omap_lpg_clk_update(void *opaque, int line, 
int on)
 omap_lpg_update(s);
 }
 
-static struct omap_lpg_s *omap_lpg_init(target_phys_addr_t base, omap_clk clk)
+static struct omap_lpg_s *omap_lpg_init(MemoryRegion *system_memory,
+target_phys_addr_t base, omap_clk clk)
 {
-int iomemtype;
 struct omap_lpg_s *s = (struct omap_lpg_s *)
 g_malloc0(sizeof(struct omap_lpg_s));
 
@@ -3588,9 +3592,8 @@ static void omap_lpg_clk_update(void *opaque, int line, 
int on)
 
 omap_lpg_reset(s);
 
-iomemtype = cpu_register_io_memory(omap_lpg_readfn,
-omap_lpg_writefn, s, DEVICE_NATIVE_ENDIAN);
-cpu_register_physical_memory(base, 0x800, iomemtype);
+memory_region_init_io(&s->iomem, &omap_lpg_ops, s, "omap-lpg", 0x800);
+memory_region_add_subregion(system_memory, base, &s->iomem);
 
 omap_clk_adduser(clk, qemu_allocate_irqs(omap_lpg_clk_update, s, 1)[0]);
 
@@ -3598,8 +3601,13 @@ static void omap_lpg_clk_update(void *opaque, int line, 
int on)
 }
 
 /* MPUI Peripheral Bridge configuration */
-static uint32_t omap_mpui_io_read(void *opaque, target_phys_addr_t addr)
+static uint64_t omap_mpui_io_read(void *opaque, target_phys_addr_t addr,
+  unsigned size)
 {
+if (size != 2) {
+return omap_badwidth_read16(opaque, addr);
+}
+
 if (addr == OMAP_MPUI_BASE)/* CMR */
 return 0xfe4d;
 
@@ -3607,23 +3615,26 @@ static uint32_t omap_mpui_io_read(void *opaque, 
target_phys_addr_t addr)
 return 0;
 }
 
-static CPUReadMemoryFunc * const omap_mpui_io_readfn[] = {
-omap_badwidth_read16,
-omap_mpui_io_read,
-omap_badwidth_read16,
-};
+static void omap_mpui_io_write(void *opaque, target_phys_addr_t addr,
+   uint64_t value, unsigned size)
+{
+/* FIXME: infinite loop */
+omap_badwidth_write16(opaque, addr, value);
+}
 
-static CPUWriteMemoryFunc * const omap_mpui_io_writefn[] = {
-omap_badwidth_write16,
-omap_badwidth_write16,
-omap_badwidth_write16,
+static const MemoryRegionOps omap_mpui_io_ops = {
+.read = omap_mpui_io_read,
+.write = omap_mpui_io_write,
+.endianness = DEVICE_NATIVE_ENDIAN,
 };
 
-static void omap_setup_mpui_io(struct omap_mpu_state_s *mpu)
+static void omap_setup_mpui_io(MemoryRegion *system_memory,
+ 

[Qemu-devel] [PATCH 04/13] mips_r4k: convert to memory API

[Avi Kivity]

Signed-off-by: Avi Kivity 
---
 hw/mips_r4k.c |   39 +++
 1 files changed, 15 insertions(+), 24 deletions(-)

diff --git a/hw/mips_r4k.c b/hw/mips_r4k.c
index 5d002c5..805d02a 100644
--- a/hw/mips_r4k.c
+++ b/hw/mips_r4k.c
@@ -42,8 +42,8 @@
 const char *initrd_filename;
 } loaderparams;
 
-static void mips_qemu_writel (void *opaque, target_phys_addr_t addr,
- uint32_t val)
+static void mips_qemu_write (void *opaque, target_phys_addr_t addr,
+ uint64_t val, unsigned size)
 {
 if ((addr & 0x) == 0 && val == 42)
 qemu_system_reset_request ();
@@ -51,25 +51,18 @@ static void mips_qemu_writel (void *opaque, 
target_phys_addr_t addr,
 qemu_system_shutdown_request ();
 }
 
-static uint32_t mips_qemu_readl (void *opaque, target_phys_addr_t addr)
+static uint64_t mips_qemu_read (void *opaque, target_phys_addr_t addr,
+unsigned size)
 {
 return 0;
 }
 
-static CPUWriteMemoryFunc * const mips_qemu_write[] = {
-&mips_qemu_writel,
-&mips_qemu_writel,
-&mips_qemu_writel,
+static const MemoryRegionOps mips_qemu_ops = {
+.read = mips_qemu_read,
+.write = mips_qemu_write,
+.endianness = DEVICE_NATIVE_ENDIAN,
 };
 
-static CPUReadMemoryFunc * const mips_qemu_read[] = {
-&mips_qemu_readl,
-&mips_qemu_readl,
-&mips_qemu_readl,
-};
-
-static int mips_qemu_iomemtype = 0;
-
 typedef struct ResetData {
 CPUState *env;
 uint64_t vector;
@@ -163,8 +156,10 @@ void mips_r4k_init (ram_addr_t ram_size,
 const char *initrd_filename, const char *cpu_model)
 {
 char *filename;
-ram_addr_t ram_offset;
+MemoryRegion *address_space_mem = get_system_memory();
+MemoryRegion *ram = g_new(MemoryRegion, 1);
 MemoryRegion *bios;
+MemoryRegion *iomem = g_new(MemoryRegion, 1);
 int bios_size;
 CPUState *env;
 ResetData *reset_info;
@@ -199,16 +194,12 @@ void mips_r4k_init (ram_addr_t ram_size,
 ((unsigned int)ram_size / (1 << 20)));
 exit(1);
 }
-ram_offset = qemu_ram_alloc(NULL, "mips_r4k.ram", ram_size);
+memory_region_init_ram(ram, NULL, "mips_r4k.ram", ram_size);
 
-cpu_register_physical_memory(0, ram_size, ram_offset | IO_MEM_RAM);
+memory_region_add_subregion(address_space_mem, 0, ram);
 
-if (!mips_qemu_iomemtype) {
-mips_qemu_iomemtype = cpu_register_io_memory(mips_qemu_read,
- mips_qemu_write, NULL,
- DEVICE_NATIVE_ENDIAN);
-}
-cpu_register_physical_memory(0x1fbf, 0x1, mips_qemu_iomemtype);
+memory_region_init_io(iomem, &mips_qemu_ops, NULL, "mips-qemu", 0x1);
+memory_region_add_subregion(address_space_mem, 0x1fbf, iomem);
 
 /* Try to load a BIOS image. If this fails, we continue regardless,
but initialize the hardware ourselves. When a kernel gets
-- 
1.7.6.3

Re: [Qemu-devel] [PATCH 12/16] vga: Convert to isa_register_portio_list.

[Avi Kivity]

On 09/18/2011 06:15 PM, Richard Henderson wrote:

On 09/18/2011 07:56 AM, Avi Kivity wrote:
>  It's also wrong for cirrus. Even though it is a legacy address, it's
>  not an ISA address, it's on the PCI bus (though not mapped by a BAR).

Huh?  How do define that as not an ISA address?  Especially
since all that's called from isa_cirrus_vga_init?



Ah, sorry, cirrus/pci indeed has its own ioports registration which 
doesn't go through isa.


So it's actually the opposite problem - generic port registration 
instead of bus-specific registration.  As soon as we convert it, we'll 
have the same problem again.


--
error compiling committee.c: too many arguments to function

[Qemu-devel] [PATCH 10/13] omap1: convert to memory API (part V)

[Avi Kivity]

Tricky aliases.

Signed-off-by: Avi Kivity 
---
 hw/omap1.c |   14 --
 1 files changed, 8 insertions(+), 6 deletions(-)

diff --git a/hw/omap1.c b/hw/omap1.c
index df5d68b..f48aa8a 100644
--- a/hw/omap1.c
+++ b/hw/omap1.c
@@ -3708,14 +3708,16 @@ static void omap1_mpu_reset(void *opaque)
 { 0 }
 };
 
-static void omap_setup_dsp_mapping(const struct omap_map_s *map)
+static void omap_setup_dsp_mapping(MemoryRegion *system_memory,
+   const struct omap_map_s *map)
 {
-int io;
+MemoryRegion *io;
 
 for (; map->phys_dsp; map ++) {
-io = cpu_get_physical_page_desc(map->phys_mpu);
-
-cpu_register_physical_memory(map->phys_dsp, map->size, io);
+io = g_new(MemoryRegion, 1);
+memory_region_init_alias(io, map->name,
+ system_memory, map->phys_mpu, map->size);
+memory_region_add_subregion(system_memory, map->phys_dsp, io);
 }
 }
 
@@ -3978,7 +3980,7 @@ struct omap_mpu_state_s *omap310_mpu_init(MemoryRegion 
*system_memory,
  * DSP MMU fffed200 - fffed2ff
  */
 
-omap_setup_dsp_mapping(omap15xx_dsp_mm);
+omap_setup_dsp_mapping(system_memory, omap15xx_dsp_mm);
 omap_setup_mpui_io(system_memory, s);
 
 qemu_register_reset(omap1_mpu_reset, s);
-- 
1.7.6.3

[Qemu-devel] [PATCH 09/11] isa: remove unused parameter to isa_bus_bridge_init()

[Hervé Poussineau]

Remove code which is now dead

Signed-off-by: Hervé Poussineau 
---
 hw/isa-bus.c   |   43 +--
 hw/isa.h   |2 +-
 hw/mips_jazz.c |2 +-
 hw/mips_r4k.c  |2 +-
 hw/pc_piix.c   |2 +-
 hw/ppc_prep.c  |2 +-
 6 files changed, 10 insertions(+), 43 deletions(-)

diff --git a/hw/isa-bus.c b/hw/isa-bus.c
index 03e7381..37642b7 100644
--- a/hw/isa-bus.c
+++ b/hw/isa-bus.c
@@ -24,7 +24,6 @@
 
 static ISABus *isabus;
 target_phys_addr_t isa_mem_base = 0;
-static qemu_irq *isa_bus_default_irqs;
 
 static void isabus_dev_print(Monitor *mon, DeviceState *dev, int indent);
 static char *isabus_get_fw_dev_path(DeviceState *dev);
@@ -36,44 +35,12 @@ static struct BusInfo isa_bus_info = {
 .get_fw_dev_path = isabus_get_fw_dev_path,
 };
 
-static void isa_bus_default_set_irqs(ISABus *bus, qemu_irq *irqs)
+ISABus *isa_bus_bridge_init(void)
 {
-isa_bus_default_irqs = irqs;
-}
-
-static qemu_irq isa_bus_default_get_irq(ISABus *bus, int isairq)
-{
-if (isairq < 0 || isairq > 15) {
-hw_error("isa irq %d invalid", isairq);
-}
-return isa_bus_default_irqs[isairq];
-}
-
-static MemoryRegion *isa_bus_default_get_address_space(ISABus *bus)
-{
-return get_system_memory();
-}
-
-static ISABusOps isa_bus_default_ops = {
-.set_irqs = isa_bus_default_set_irqs,
-.get_irq = isa_bus_default_get_irq,
-.get_address_space = isa_bus_default_get_address_space,
-};
-
-ISABus *isa_bus_bridge_init(DeviceState *dev)
-{
-if (isabus) {
-fprintf(stderr, "Can't create a second ISA bus\n");
-return NULL;
-}
-if (NULL == dev) {
-dev = qdev_create(NULL, "isabus-bridge");
-qdev_init_nofail(dev);
-} else {
-isabus = FROM_QBUS(ISABus, qbus_create(&isa_bus_info, dev, NULL));
-isabus->ops = &isa_bus_default_ops;
-}
-return isabus;
+DeviceState *dev;
+dev = qdev_create(NULL, "isabus-bridge");
+qdev_init_nofail(dev);
+return FROM_QBUS(ISABus, QLIST_FIRST(&dev->child_bus));
 }
 
 void isa_bus_new(ISABus *bus, ISABusOps *ops, DeviceState *host)
diff --git a/hw/isa.h b/hw/isa.h
index 22a2783..5219b98 100644
--- a/hw/isa.h
+++ b/hw/isa.h
@@ -38,7 +38,7 @@ struct ISABusOps {
 MemoryRegion *(*get_address_space)(ISABus *bus);
 };
 
-ISABus *isa_bus_bridge_init(DeviceState *dev);
+ISABus *isa_bus_bridge_init(void);
 
 void isa_bus_new(ISABus *bus, ISABusOps *ops, DeviceState *host);
 void isa_bus_irqs(qemu_irq *irqs);
diff --git a/hw/mips_jazz.c b/hw/mips_jazz.c
index 3990c0d..98f8d82 100644
--- a/hw/mips_jazz.c
+++ b/hw/mips_jazz.c
@@ -182,7 +182,7 @@ void mips_jazz_init (ram_addr_t ram_size,
 
 /* ISA devices */
 i8259 = i8259_init(env->irq[4]);
-isa_bus = isa_bus_bridge_init(NULL);
+isa_bus = isa_bus_bridge_init();
 isa_bus_irqs(i8259);
 cpu_exit_irq = qemu_allocate_irqs(cpu_request_exit, NULL, 1);
 DMA_init(0, cpu_exit_irq);
diff --git a/hw/mips_r4k.c b/hw/mips_r4k.c
index d1a841b..aaa38b0 100644
--- a/hw/mips_r4k.c
+++ b/hw/mips_r4k.c
@@ -266,7 +266,7 @@ void mips_r4k_init (ram_addr_t ram_size,
 
 /* The PIC is attached to the MIPS CPU INT0 pin */
 i8259 = i8259_init(env->irq[2]);
-isa_bus_bridge_init(NULL);
+isa_bus_bridge_init();
 isa_bus_irqs(i8259);
 
 rtc_init(2000, NULL);
diff --git a/hw/pc_piix.c b/hw/pc_piix.c
index d554bd0..da6fa55 100644
--- a/hw/pc_piix.c
+++ b/hw/pc_piix.c
@@ -150,7 +150,7 @@ static void pc_init1(MemoryRegion *system_memory,
 } else {
 pci_bus = NULL;
 i440fx_state = NULL;
-isa_bus = isa_bus_bridge_init(NULL);
+isa_bus = isa_bus_bridge_init();
 }
 isa_bus_irqs(isa_irq);
 
diff --git a/hw/ppc_prep.c b/hw/ppc_prep.c
index ebcc6fe..5b313c8 100644
--- a/hw/ppc_prep.c
+++ b/hw/ppc_prep.c
@@ -651,7 +651,7 @@ static void ppc_prep_init (ram_addr_t ram_size,
 i8259 = i8259_init(first_cpu->irq_inputs[PPC6xx_INPUT_INT]);
 pci_bus = pci_prep_init(i8259, get_system_memory(), get_system_io());
 /* Hmm, prep has no pci-isa bridge ??? */
-isa_bus_bridge_init(NULL);
+isa_bus_bridge_init();
 isa_bus_irqs(i8259);
 //pci_bus = i440fx_init();
 /* Register 8 MB of ISA IO space (needed for non-contiguous map) */
-- 
1.7.5.4

[Qemu-devel] [PATCH 11/11] isa: remove limitation of only one ISA bus

[Hervé Poussineau]

Default ISA bus will be the first created

Signed-off-by: Hervé Poussineau 
---
 hw/isa-bus.c |7 +++
 1 files changed, 3 insertions(+), 4 deletions(-)

diff --git a/hw/isa-bus.c b/hw/isa-bus.c
index b697f65..9e668ef 100644
--- a/hw/isa-bus.c
+++ b/hw/isa-bus.c
@@ -45,12 +45,11 @@ ISABus *isa_bus_bridge_init(void)
 
 void isa_bus_new(ISABus *bus, ISABusOps *ops, DeviceState *host)
 {
-if (isabus) {
-hw_error("Can't create a second ISA bus");
-}
 qbus_create_inplace(&bus->qbus, &isa_bus_info, host, NULL);
 bus->ops = ops;
-isabus = bus;
+if (!isabus) {
+isabus = bus;
+}
 }
 
 void isa_bus_irqs(qemu_irq *irqs)
-- 
1.7.5.4

[Qemu-devel] [PATCH 07/11] sun4u: improve bus implementation of EBus bridge

[Hervé Poussineau]

Signed-off-by: Hervé Poussineau 
---
 hw/sun4u.c |   23 +--
 1 files changed, 17 insertions(+), 6 deletions(-)

diff --git a/hw/sun4u.c b/hw/sun4u.c
index cdd9497..211a9bd 100644
--- a/hw/sun4u.c
+++ b/hw/sun4u.c
@@ -93,6 +93,8 @@ struct hwdef {
 
 typedef struct EbusState {
 PCIDevice pci_dev;
+ISABus bus;
+qemu_irq *isa_irq;
 MemoryRegion bar0;
 MemoryRegion bar1;
 } EbusState;
@@ -536,20 +538,29 @@ static void dummy_isa_irq_handler(void *opaque, int n, 
int level)
 static void
 pci_ebus_init(PCIBus *bus, int devfn)
 {
-qemu_irq *isa_irq;
-
 pci_create_simple(bus, devfn, "ebus");
-isa_irq = qemu_allocate_irqs(dummy_isa_irq_handler, NULL, 16);
-isa_bus_irqs(isa_irq);
 }
 
+static qemu_irq pci_ebus_get_irq(ISABus *bus, int isairq)
+{
+EbusState *s = container_of(bus, EbusState, bus);
+if (isairq < 0 || isairq >= 16) {
+hw_error("isa irq %d invalid", isairq);
+}
+return s->isa_irq[isairq];
+}
+
+static ISABusOps pci_ebus_ops = {
+.get_irq = pci_ebus_get_irq,
+};
+
 static int
 pci_ebus_init1(PCIDevice *pci_dev)
 {
 EbusState *s = DO_UPCAST(EbusState, pci_dev, pci_dev);
 
-isa_bus_bridge_init(&pci_dev->qdev);
-
+isa_bus_new(&s->bus, &pci_ebus_ops, &pci_dev->qdev);
+s->isa_irq = qemu_allocate_irqs(dummy_isa_irq_handler, NULL, 16);
 pci_dev->config[0x04] = 0x06; // command = bus master, pci mem
 pci_dev->config[0x05] = 0x00;
 pci_dev->config[0x06] = 0xa0; // status = fast back-to-back, 66MHz, no 
error
-- 
1.7.5.4

[Qemu-devel] [PATCH 06/13] omap1: convert to memory API (part I)

[Avi Kivity]

Signed-off-by: Avi Kivity 
---
 hw/omap.h |   11 ++-
 hw/omap1.c|  338 +++-
 hw/omap_sx1.c |4 +-
 hw/palm.c |4 +-
 4 files changed, 203 insertions(+), 154 deletions(-)

diff --git a/hw/omap.h b/hw/omap.h
index d9ab006..eec8f04 100644
--- a/hw/omap.h
+++ b/hw/omap.h
@@ -826,6 +826,14 @@ struct omap_mpu_state_s {
 
 qemu_irq wakeup;
 
+MemoryRegion ulpd_pm_iomem;
+MemoryRegion pin_cfg_iomem;
+MemoryRegion id_iomem;
+MemoryRegion id_iomem_e18;
+MemoryRegion id_iomem_ed4;
+MemoryRegion id_iomem_e20;
+MemoryRegion mpui_iomem;
+
 struct omap_dma_port_if_s {
 uint32_t (*read[3])(struct omap_mpu_state_s *s,
 target_phys_addr_t offset);
@@ -947,7 +955,8 @@ struct omap_mpu_state_s {
 };
 
 /* omap1.c */
-struct omap_mpu_state_s *omap310_mpu_init(unsigned long sdram_size,
+struct omap_mpu_state_s *omap310_mpu_init(MemoryRegion *system_memory,
+unsigned long sdram_size,
 const char *core);
 
 /* omap2.c */
diff --git a/hw/omap1.c b/hw/omap1.c
index 614fd31..0f7e14f 100644
--- a/hw/omap1.c
+++ b/hw/omap1.c
@@ -84,6 +84,7 @@ void omap_badwidth_write32(void *opaque, target_phys_addr_t 
addr,
 
 /* MPU OS timers */
 struct omap_mpu_timer_s {
+MemoryRegion iomem;
 qemu_irq irq;
 omap_clk clk;
 uint32_t val;
@@ -179,10 +180,15 @@ static void omap_timer_clk_setup(struct omap_mpu_timer_s 
*timer)
 timer->rate = omap_clk_getrate(timer->clk);
 }
 
-static uint32_t omap_mpu_timer_read(void *opaque, target_phys_addr_t addr)
+static uint64_t omap_mpu_timer_read(void *opaque, target_phys_addr_t addr,
+unsigned size)
 {
 struct omap_mpu_timer_s *s = (struct omap_mpu_timer_s *) opaque;
 
+if (size != 4) {
+return omap_badwidth_read32(opaque, addr);
+}
+
 switch (addr) {
 case 0x00: /* CNTL_TIMER */
 return (s->enable << 5) | (s->ptv << 2) | (s->ar << 1) | s->st;
@@ -199,10 +205,14 @@ static uint32_t omap_mpu_timer_read(void *opaque, 
target_phys_addr_t addr)
 }
 
 static void omap_mpu_timer_write(void *opaque, target_phys_addr_t addr,
-uint32_t value)
+ uint64_t value, unsigned size)
 {
 struct omap_mpu_timer_s *s = (struct omap_mpu_timer_s *) opaque;
 
+if (size != 4) {
+return omap_badwidth_write32(opaque, addr, value);
+}
+
 switch (addr) {
 case 0x00: /* CNTL_TIMER */
 omap_timer_sync(s);
@@ -226,16 +236,10 @@ static void omap_mpu_timer_write(void *opaque, 
target_phys_addr_t addr,
 }
 }
 
-static CPUReadMemoryFunc * const omap_mpu_timer_readfn[] = {
-omap_badwidth_read32,
-omap_badwidth_read32,
-omap_mpu_timer_read,
-};
-
-static CPUWriteMemoryFunc * const omap_mpu_timer_writefn[] = {
-omap_badwidth_write32,
-omap_badwidth_write32,
-omap_mpu_timer_write,
+static const MemoryRegionOps omap_mpu_timer_ops = {
+.read = omap_mpu_timer_read,
+.write = omap_mpu_timer_write,
+.endianness = DEVICE_LITTLE_ENDIAN,
 };
 
 static void omap_mpu_timer_reset(struct omap_mpu_timer_s *s)
@@ -250,10 +254,10 @@ static void omap_mpu_timer_reset(struct omap_mpu_timer_s 
*s)
 s->it_ena = 1;
 }
 
-static struct omap_mpu_timer_s *omap_mpu_timer_init(target_phys_addr_t base,
+static struct omap_mpu_timer_s *omap_mpu_timer_init(MemoryRegion 
*system_memory,
+target_phys_addr_t base,
 qemu_irq irq, omap_clk clk)
 {
-int iomemtype;
 struct omap_mpu_timer_s *s = (struct omap_mpu_timer_s *)
 g_malloc0(sizeof(struct omap_mpu_timer_s));
 
@@ -264,9 +268,10 @@ static void omap_mpu_timer_reset(struct omap_mpu_timer_s 
*s)
 omap_mpu_timer_reset(s);
 omap_timer_clk_setup(s);
 
-iomemtype = cpu_register_io_memory(omap_mpu_timer_readfn,
-omap_mpu_timer_writefn, s, DEVICE_NATIVE_ENDIAN);
-cpu_register_physical_memory(base, 0x100, iomemtype);
+memory_region_init_io(&s->iomem, &omap_mpu_timer_ops, s,
+  "omap-mpu-timer", 0x100);
+
+memory_region_add_subregion(system_memory, base, &s->iomem);
 
 return s;
 }
@@ -274,16 +279,22 @@ static void omap_mpu_timer_reset(struct omap_mpu_timer_s 
*s)
 /* Watchdog timer */
 struct omap_watchdog_timer_s {
 struct omap_mpu_timer_s timer;
+MemoryRegion iomem;
 uint8_t last_wr;
 int mode;
 int free;
 int reset;
 };
 
-static uint32_t omap_wd_timer_read(void *opaque, target_phys_addr_t addr)
+static uint64_t omap_wd_timer_read(void *opaque, target_phys_addr_t addr,
+   unsigned size)
 {
 struct omap_watchdog_timer_s *s = (struct omap_watchdog_timer_s *) opaque;
 
+if (size != 2) {
+return omap_badwidth_read16(opaque, addr);
+}
+
 switch (addr) {
 case 0x00: /* CNTL_TIMER */
 return (s->timer.ptv << 9) | (s->timer.ar << 8) |
@@ -301,10 +312,

[Qemu-devel] [PATCH 06/11] fulong2e: move pic initialization + ISA bus creation to south bridge

[Hervé Poussineau]

Signed-off-by: Hervé Poussineau 
---
 hw/mips_fulong2e.c |9 ++---
 hw/vt82c686.c  |   24 ++--
 hw/vt82c686.h  |2 +-
 3 files changed, 25 insertions(+), 10 deletions(-)

diff --git a/hw/mips_fulong2e.c b/hw/mips_fulong2e.c
index f52b8c5..3034a9c 100644
--- a/hw/mips_fulong2e.c
+++ b/hw/mips_fulong2e.c
@@ -262,7 +262,6 @@ static void mips_fulong2e_init(ram_addr_t ram_size, const 
char *boot_device,
 MemoryRegion *bios = g_new(MemoryRegion, 1);
 long bios_size;
 int64_t kernel_entry;
-qemu_irq *i8259;
 qemu_irq *cpu_exit_irq;
 int via_devfn;
 PCIBus *pci_bus;
@@ -331,23 +330,19 @@ static void mips_fulong2e_init(ram_addr_t ram_size, const 
char *boot_device,
 cpu_mips_irq_init_cpu(env);
 cpu_mips_clock_init(env);
 
-/* Interrupt controller */
-/* The 8259 -> IP5  */
-i8259 = i8259_init(env->irq[5]);
-
 /* North bridge, Bonito --> IP2 */
 pci_bus = bonito_init((qemu_irq *)&(env->irq[2]));
 
 /* South bridge */
 ide_drive_get(hd, MAX_IDE_BUS);
 
-via_devfn = vt82c686b_init(pci_bus, PCI_DEVFN(FULONG2E_VIA_SLOT, 0));
+via_devfn = vt82c686b_init(pci_bus, PCI_DEVFN(FULONG2E_VIA_SLOT, 0),
+   env->irq[5]);
 if (via_devfn < 0) {
 fprintf(stderr, "vt82c686b_init error\n");
 exit(1);
 }
 
-isa_bus_irqs(i8259);
 vt82c686b_ide_init(pci_bus, hd, PCI_DEVFN(FULONG2E_VIA_SLOT, 1));
 usb_uhci_vt82c686b_init(pci_bus, PCI_DEVFN(FULONG2E_VIA_SLOT, 2));
 usb_uhci_vt82c686b_init(pci_bus, PCI_DEVFN(FULONG2E_VIA_SLOT, 3));
diff --git a/hw/vt82c686.c b/hw/vt82c686.c
index 37c64d4..59941fc 100644
--- a/hw/vt82c686.c
+++ b/hw/vt82c686.c
@@ -41,6 +41,8 @@ typedef struct SuperIOConfig
 
 typedef struct VT82C686BState {
 PCIDevice dev;
+ISABus bus;
+qemu_irq *pic;
 SuperIOConfig superio_conf;
 } VT82C686BState;
 
@@ -483,14 +485,28 @@ static const VMStateDescription vmstate_via = {
 }
 };
 
+static qemu_irq vt82c_bus_get_irq(ISABus *bus, int isairq)
+{
+VT82C686BState *vt82c = container_of(bus, VT82C686BState, bus);
+if (isairq < 0 || isairq >= 16) {
+hw_error("isa irq %d invalid", isairq);
+}
+return vt82c->pic[isairq];
+}
+
+static ISABusOps vt82c_bus_ops = {
+.get_irq = vt82c_bus_get_irq,
+};
+
 /* init the PCI-to-ISA bridge */
 static int vt82c686b_initfn(PCIDevice *d)
 {
+VT82C686BState *vt82c = DO_UPCAST(VT82C686BState, dev, d);
 uint8_t *pci_conf;
 uint8_t *wmask;
 int i;
 
-isa_bus_bridge_init(&d->qdev);
+isa_bus_new(&vt82c->bus, &vt82c_bus_ops, &d->qdev);
 
 pci_conf = d->config;
 pci_config_set_prog_interface(pci_conf, 0x0);
@@ -507,12 +523,16 @@ static int vt82c686b_initfn(PCIDevice *d)
 return 0;
 }
 
-int vt82c686b_init(PCIBus *bus, int devfn)
+int vt82c686b_init(PCIBus *bus, int devfn, qemu_irq parent_irq)
 {
 PCIDevice *d;
+VT82C686BState *vt82c;
 
 d = pci_create_simple_multifunction(bus, devfn, true, "VT82C686B");
 
+vt82c = DO_UPCAST(VT82C686BState, dev, d);
+vt82c->pic = i8259_init(parent_irq);
+
 return d->devfn;
 }
 
diff --git a/hw/vt82c686.h b/hw/vt82c686.h
index e3270ca..1a026c2 100644
--- a/hw/vt82c686.h
+++ b/hw/vt82c686.h
@@ -2,7 +2,7 @@
 #define HW_VT82C686_H
 
 /* vt82c686.c */
-int vt82c686b_init(PCIBus * bus, int devfn);
+int vt82c686b_init(PCIBus *bus, int devfn, qemu_irq parent_irq);
 void vt82c686b_ac97_init(PCIBus *bus, int devfn);
 void vt82c686b_mc97_init(PCIBus *bus, int devfn);
 i2c_bus *vt82c686b_pm_init(PCIBus *bus, int devfn, uint32_t smb_io_base,
-- 
1.7.5.4

[Qemu-devel] [PATCH 12/13] soc_dma: drop soc_dma_port_add_mem_ram()

[Avi Kivity]

It's a trivial wrapper for soc_dma_port_add_mem(), which makes
the memory API conversion more difficult because it takes a ram
addr_t.  Drop.

Signed-off-by: Avi Kivity 
---
 hw/omap1.c   |8 
 hw/omap2.c   |6 --
 hw/soc_dma.h |6 --
 3 files changed, 8 insertions(+), 12 deletions(-)

diff --git a/hw/omap1.c b/hw/omap1.c
index 09eb363..4b2abb9 100644
--- a/hw/omap1.c
+++ b/hw/omap1.c
@@ -3848,10 +3848,10 @@ struct omap_mpu_state_s *omap310_mpu_init(MemoryRegion 
*system_memory,
 s->port[tipb_mpui].addr_valid = omap_validate_tipb_mpui_addr;
 
 /* Register SDRAM and SRAM DMA ports for fast transfers.  */
-soc_dma_port_add_mem_ram(s->dma,
-emiff_base, OMAP_EMIFF_BASE, s->sdram_size);
-soc_dma_port_add_mem_ram(s->dma,
-imif_base, OMAP_IMIF_BASE, s->sram_size);
+soc_dma_port_add_mem(s->dma, qemu_get_ram_ptr(emiff_base),
+ OMAP_EMIFF_BASE, s->sdram_size);
+soc_dma_port_add_mem(s->dma, qemu_get_ram_ptr(imif_base),
+ OMAP_IMIF_BASE, s->sram_size);
 
 s->timer[0] = omap_mpu_timer_init(system_memory, 0xfffec500,
 s->irq[0][OMAP_INT_TIMER1],
diff --git a/hw/omap2.c b/hw/omap2.c
index ca088d9..3d529ce 100644
--- a/hw/omap2.c
+++ b/hw/omap2.c
@@ -2284,8 +2284,10 @@ struct omap_mpu_state_s *omap2420_mpu_init(unsigned long 
sdram_size,
 s->port->addr_valid = omap2_validate_addr;
 
 /* Register SDRAM and SRAM ports for fast DMA transfers.  */
-soc_dma_port_add_mem_ram(s->dma, q2_base, OMAP2_Q2_BASE, s->sdram_size);
-soc_dma_port_add_mem_ram(s->dma, sram_base, OMAP2_SRAM_BASE, s->sram_size);
+soc_dma_port_add_mem(s->dma, qemu_get_ram_ptr(q2_base),
+ OMAP2_Q2_BASE, s->sdram_size);
+soc_dma_port_add_mem(s->dma, qemu_get_ram_ptr(sram_base),
+ OMAP2_SRAM_BASE, s->sram_size);
 
 s->uart[0] = omap2_uart_init(omap_l4ta(s->l4, 19),
 s->irq[0][OMAP_INT_24XX_UART1_IRQ],
diff --git a/hw/soc_dma.h b/hw/soc_dma.h
index c0ebb8d..026479e 100644
--- a/hw/soc_dma.h
+++ b/hw/soc_dma.h
@@ -105,9 +105,3 @@ static inline void soc_dma_port_add_fifo_out(struct 
soc_dma_s *dma,
 {
 return soc_dma_port_add_fifo(dma, virt_base, fn, opaque, 1);
 }
-
-static inline void soc_dma_port_add_mem_ram(struct soc_dma_s *dma,
-ram_addr_t offset, target_phys_addr_t virt_base, size_t size)
-{
-return soc_dma_port_add_mem(dma, qemu_get_ram_ptr(offset), virt_base, 
size);
-}
-- 
1.7.6.3

[Qemu-devel] [PATCH 03/13] mips_mipssim: convert to memory API

[Avi Kivity]

Signed-off-by: Avi Kivity 
---
 hw/mips_mipssim.c |   15 ---
 1 files changed, 8 insertions(+), 7 deletions(-)

diff --git a/hw/mips_mipssim.c b/hw/mips_mipssim.c
index ac6..7407158 100644
--- a/hw/mips_mipssim.c
+++ b/hw/mips_mipssim.c
@@ -137,8 +137,9 @@ static void mipsnet_init(int base, qemu_irq irq, NICInfo 
*nd)
const char *initrd_filename, const char *cpu_model)
 {
 char *filename;
-ram_addr_t ram_offset;
-ram_addr_t bios_offset;
+MemoryRegion *address_space_mem = get_system_memory();
+MemoryRegion *ram = g_new(MemoryRegion, 1);
+MemoryRegion *bios = g_new(MemoryRegion, 1);
 CPUState *env;
 ResetData *reset_info;
 int bios_size;
@@ -162,14 +163,14 @@ static void mipsnet_init(int base, qemu_irq irq, NICInfo 
*nd)
 qemu_register_reset(main_cpu_reset, reset_info);
 
 /* Allocate RAM. */
-ram_offset = qemu_ram_alloc(NULL, "mips_mipssim.ram", ram_size);
-bios_offset = qemu_ram_alloc(NULL, "mips_mipssim.bios", BIOS_SIZE);
+memory_region_init_ram(ram, NULL, "mips_mipssim.ram", ram_size);
+memory_region_init_ram(bios, NULL, "mips_mipssim.bios", BIOS_SIZE);
+memory_region_set_readonly(bios, true);
 
-cpu_register_physical_memory(0, ram_size, ram_offset | IO_MEM_RAM);
+memory_region_add_subregion(address_space_mem, 0, ram);
 
 /* Map the BIOS / boot exception handler. */
-cpu_register_physical_memory(0x1fc0LL,
- BIOS_SIZE, bios_offset | IO_MEM_ROM);
+memory_region_add_subregion(address_space_mem, 0x1fc0LL, bios);
 /* Load a BIOS / boot exception handler image. */
 if (bios_name == NULL)
 bios_name = BIOS_FILENAME;
-- 
1.7.6.3

Re: [Qemu-devel] [PATCH v2 1/2] memory: Fix old portio word accesses

[Avi Kivity]

On 09/18/2011 03:51 PM, Jan Kiszka wrote:

From: Jan Kiszka

As we register old portio regions via ioport_register, we are also
responsible for providing the word access wrapper.

Signed-off-by: Jan Kiszka
---

Oops, was lacking a shift for word reads.

  memory.c |   10 ++
  1 files changed, 10 insertions(+), 0 deletions(-)

diff --git a/memory.c b/memory.c
index b3ee232..aef4702 100644
--- a/memory.c
+++ b/memory.c
@@ -397,6 +397,11 @@ static void memory_region_iorange_read(IORange *iorange,
  *data = ((uint64_t)1<<  (width * 8)) - 1;
  if (mrp) {
  *data = mrp->read(mr->opaque, offset + mr->offset);
+} else if (width == 2) {
+mrp = find_portio(mr, offset, 1, false);
+assert(mrp);
+*data = mrp->read(mr->opaque, offset + mr->offset) |
+(mrp->read(mr->opaque, offset + mr->offset + 1)<<  8);
  }


What about width 4?  Why not use access_with_adjusted_size()?

--
error compiling committee.c: too many arguments to function

[Qemu-devel] [PATCH 10/11] isa: give bus to isa_create() methods

[Hervé Poussineau]

This allows to create a device on requested ISA bus. If argument
is not provided, 'default' ISA bus is used.

Signed-off-by: Hervé Poussineau 
---
 hw/cs4231a.c   |2 +-
 hw/fdc.h   |2 +-
 hw/gus.c   |2 +-
 hw/ide/isa.c   |2 +-
 hw/isa-bus.c   |   30 +++---
 hw/isa.h   |6 +++---
 hw/m48t59.c|2 +-
 hw/mc146818rtc.c   |2 +-
 hw/mips_fulong2e.c |2 +-
 hw/mips_malta.c|2 +-
 hw/mips_r4k.c  |2 +-
 hw/pc.c|8 
 hw/pc.h|   12 ++--
 hw/ppc_prep.c  |2 +-
 hw/sb16.c  |2 +-
 hw/sun4u.c |2 +-
 16 files changed, 44 insertions(+), 36 deletions(-)

diff --git a/hw/cs4231a.c b/hw/cs4231a.c
index e16f9a3..9e6fbaa 100644
--- a/hw/cs4231a.c
+++ b/hw/cs4231a.c
@@ -661,7 +661,7 @@ static int cs4231a_initfn (ISADevice *dev)
 
 int cs4231a_init(ISABus *bus)
 {
-isa_create_simple ("cs4231a");
+isa_create_simple(bus, "cs4231a");
 return 0;
 }
 
diff --git a/hw/fdc.h b/hw/fdc.h
index 09f73c6..65a4a8d 100644
--- a/hw/fdc.h
+++ b/hw/fdc.h
@@ -11,7 +11,7 @@ static inline void fdctrl_init_isa(DriveInfo **fds)
 {
 ISADevice *dev;
 
-dev = isa_try_create("isa-fdc");
+dev = isa_try_create(NULL, "isa-fdc");
 if (!dev) {
 return;
 }
diff --git a/hw/gus.c b/hw/gus.c
index e4dbc8a..fa56f8f 100644
--- a/hw/gus.c
+++ b/hw/gus.c
@@ -296,7 +296,7 @@ static int gus_initfn (ISADevice *dev)
 
 int GUS_init(ISABus *bus)
 {
-isa_create_simple ("gus");
+isa_create_simple(bus, "gus");
 return 0;
 }
 
diff --git a/hw/ide/isa.c b/hw/ide/isa.c
index 28b69d2..032f105 100644
--- a/hw/ide/isa.c
+++ b/hw/ide/isa.c
@@ -81,7 +81,7 @@ ISADevice *isa_ide_init(int iobase, int iobase2, int isairq,
 ISADevice *dev;
 ISAIDEState *s;
 
-dev = isa_create("isa-ide");
+dev = isa_create(NULL, "isa-ide");
 qdev_prop_set_uint32(&dev->qdev, "iobase",  iobase);
 qdev_prop_set_uint32(&dev->qdev, "iobase2", iobase2);
 qdev_prop_set_uint32(&dev->qdev, "irq", isairq);
diff --git a/hw/isa-bus.c b/hw/isa-bus.c
index 37642b7..b697f65 100644
--- a/hw/isa-bus.c
+++ b/hw/isa-bus.c
@@ -126,35 +126,41 @@ void isa_qdev_register(ISADeviceInfo *info)
 qdev_register(&info->qdev);
 }
 
-ISADevice *isa_create(const char *name)
+ISADevice *isa_create(ISABus *bus, const char *name)
 {
 DeviceState *dev;
 
-if (!isabus) {
+if (!bus) {
+bus = isabus;
+}
+if (!bus) {
 hw_error("Tried to create isa device %s with no isa bus present.",
  name);
 }
-dev = qdev_create(&isabus->qbus, name);
+dev = qdev_create(&bus->qbus, name);
 return DO_UPCAST(ISADevice, qdev, dev);
 }
 
-ISADevice *isa_try_create(const char *name)
+ISADevice *isa_try_create(ISABus *bus, const char *name)
 {
 DeviceState *dev;
 
-if (!isabus) {
+if (!bus) {
+bus = isabus;
+}
+if (!bus) {
 hw_error("Tried to create isa device %s with no isa bus present.",
  name);
 }
-dev = qdev_try_create(&isabus->qbus, name);
+dev = qdev_try_create(&bus->qbus, name);
 return DO_UPCAST(ISADevice, qdev, dev);
 }
 
-ISADevice *isa_create_simple(const char *name)
+ISADevice *isa_create_simple(ISABus *bus, const char *name)
 {
 ISADevice *dev;
 
-dev = isa_create(name);
+dev = isa_create(bus, name);
 qdev_init_nofail(&dev->qdev);
 return dev;
 }
@@ -188,9 +194,11 @@ static char *isabus_get_fw_dev_path(DeviceState *dev)
 
 MemoryRegion *isa_address_space(ISADevice *dev)
 {
-if (!isabus || !isabus->ops->get_address_space) {
-hw_error("Tried to get isa address space with no isa bus present.");
+ISABus *bus = FROM_QBUS(ISABus, qdev_get_parent_bus(&dev->qdev));
+
+if (!bus->ops->get_address_space) {
+hw_error("Tried to get isa address space on invalid isa bus.");
 }
-return isabus->ops->get_address_space(isabus);
+return bus->ops->get_address_space(bus);
 }
 
diff --git a/hw/isa.h b/hw/isa.h
index 5219b98..03ecd55 100644
--- a/hw/isa.h
+++ b/hw/isa.h
@@ -48,9 +48,9 @@ void isa_init_ioport(ISADevice *dev, uint16_t ioport);
 void isa_init_ioport_range(ISADevice *dev, uint16_t start, uint16_t length);
 void isa_qdev_register(ISADeviceInfo *info);
 MemoryRegion *isa_address_space(ISADevice *dev);
-ISADevice *isa_create(const char *name);
-ISADevice *isa_try_create(const char *name);
-ISADevice *isa_create_simple(const char *name);
+ISADevice *isa_create(ISABus *bus, const char *name);
+ISADevice *isa_try_create(ISABus *bus, const char *name);
+ISADevice *isa_create_simple(ISABus *bus, const char *name);
 
 extern target_phys_addr_t isa_mem_base;
 
diff --git a/hw/m48t59.c b/hw/m48t59.c
index 0cc361e..91b8c47 100644
--- a/hw/m48t59.c
+++ b/hw/m48t59.c
@@ -661,7 +661,7 @@ M48t59State *m48t59_init_isa(uint32_t io_base, uint16_t 
size, int type)
 ISADevice *dev;
 M48t59State *s;
 
-dev = isa_c

Re: [Qemu-devel] [PATCH v2 1/2] memory: Fix old portio word accesses

[Jan Kiszka]

On 2011-09-18 17:37, Avi Kivity wrote:
> On 09/18/2011 03:51 PM, Jan Kiszka wrote:
>> From: Jan Kiszka
>>
>> As we register old portio regions via ioport_register, we are also
>> responsible for providing the word access wrapper.
>>
>> Signed-off-by: Jan Kiszka
>> ---
>>
>> Oops, was lacking a shift for word reads.
>>
>>   memory.c |   10 ++
>>   1 files changed, 10 insertions(+), 0 deletions(-)
>>
>> diff --git a/memory.c b/memory.c
>> index b3ee232..aef4702 100644
>> --- a/memory.c
>> +++ b/memory.c
>> @@ -397,6 +397,11 @@ static void memory_region_iorange_read(IORange
>> *iorange,
>>   *data = ((uint64_t)1<<  (width * 8)) - 1;
>>   if (mrp) {
>>   *data = mrp->read(mr->opaque, offset + mr->offset);
>> +} else if (width == 2) {
>> +mrp = find_portio(mr, offset, 1, false);
>> +assert(mrp);
>> +*data = mrp->read(mr->opaque, offset + mr->offset) |
>> +(mrp->read(mr->opaque, offset + mr->offset +
>> 1)<<  8);
>>   }
> 
> What about width 4?

This is PIO, limited by the x86 address space to 16 bit. Will add a comment.

>  Why not use access_with_adjusted_size()?

Because of different accessor prototypes.

Jan



signature.asc
Description: OpenPGP digital signature

[Qemu-devel] [PATCH 07/13] omap1: convert to memory API (part II)

[Avi Kivity]

Signed-off-by: Avi Kivity 
---
 hw/omap.h  |7 ++-
 hw/omap1.c |  195 
 2 files changed, 111 insertions(+), 91 deletions(-)

diff --git a/hw/omap.h b/hw/omap.h
index eec8f04..cb3b524 100644
--- a/hw/omap.h
+++ b/hw/omap.h
@@ -678,7 +678,8 @@ void omap_uart_reset(struct omap_uart_s *s);
 void omap_uart_attach(struct omap_uart_s *s, CharDriverState *chr);
 
 struct omap_mpuio_s;
-struct omap_mpuio_s *omap_mpuio_init(target_phys_addr_t base,
+struct omap_mpuio_s *omap_mpuio_init(MemoryRegion *system_memory,
+target_phys_addr_t base,
 qemu_irq kbd_int, qemu_irq gpio_int, qemu_irq wakeup,
 omap_clk clk);
 qemu_irq *omap_mpuio_in_get(struct omap_mpuio_s *s);
@@ -833,6 +834,9 @@ struct omap_mpu_state_s {
 MemoryRegion id_iomem_ed4;
 MemoryRegion id_iomem_e20;
 MemoryRegion mpui_iomem;
+MemoryRegion tcmi_iomem;
+MemoryRegion clkm_iomem;
+MemoryRegion clkdsp_iomem;
 
 struct omap_dma_port_if_s {
 uint32_t (*read[3])(struct omap_mpu_state_s *s,
@@ -915,6 +919,7 @@ struct omap_mpu_state_s {
 uint32_t tcmi_regs[17];
 
 struct dpll_ctl_s {
+MemoryRegion iomem;
 uint16_t mode;
 omap_clk dpll;
 } dpll[3];
diff --git a/hw/omap1.c b/hw/omap1.c
index 0f7e14f..05e38fc 100644
--- a/hw/omap1.c
+++ b/hw/omap1.c
@@ -1236,11 +1236,16 @@ static void omap_tipb_bridge_reset(struct 
omap_tipb_bridge_s *s)
 }
 
 /* Dummy Traffic Controller's Memory Interface */
-static uint32_t omap_tcmi_read(void *opaque, target_phys_addr_t addr)
+static uint64_t omap_tcmi_read(void *opaque, target_phys_addr_t addr,
+   unsigned size)
 {
 struct omap_mpu_state_s *s = (struct omap_mpu_state_s *) opaque;
 uint32_t ret;
 
+if (size != 4) {
+return omap_badwidth_read32(opaque, addr);
+}
+
 switch (addr) {
 case 0x00: /* IMIF_PRIO */
 case 0x04: /* EMIFS_PRIO */
@@ -1270,10 +1275,14 @@ static uint32_t omap_tcmi_read(void *opaque, 
target_phys_addr_t addr)
 }
 
 static void omap_tcmi_write(void *opaque, target_phys_addr_t addr,
-uint32_t value)
+uint64_t value, unsigned size)
 {
 struct omap_mpu_state_s *s = (struct omap_mpu_state_s *) opaque;
 
+if (size != 4) {
+return omap_badwidth_write32(opaque, addr, value);
+}
+
 switch (addr) {
 case 0x00: /* IMIF_PRIO */
 case 0x04: /* EMIFS_PRIO */
@@ -1300,16 +1309,10 @@ static void omap_tcmi_write(void *opaque, 
target_phys_addr_t addr,
 }
 }
 
-static CPUReadMemoryFunc * const omap_tcmi_readfn[] = {
-omap_badwidth_read32,
-omap_badwidth_read32,
-omap_tcmi_read,
-};
-
-static CPUWriteMemoryFunc * const omap_tcmi_writefn[] = {
-omap_badwidth_write32,
-omap_badwidth_write32,
-omap_tcmi_write,
+static const MemoryRegionOps omap_tcmi_ops = {
+.read = omap_tcmi_read,
+.write = omap_tcmi_write,
+.endianness = DEVICE_NATIVE_ENDIAN,
 };
 
 static void omap_tcmi_reset(struct omap_mpu_state_s *mpu)
@@ -1331,21 +1334,25 @@ static void omap_tcmi_reset(struct omap_mpu_state_s 
*mpu)
 mpu->tcmi_regs[0x40 >> 2] = 0x;
 }
 
-static void omap_tcmi_init(target_phys_addr_t base,
+static void omap_tcmi_init(MemoryRegion *memory, target_phys_addr_t base,
 struct omap_mpu_state_s *mpu)
 {
-int iomemtype = cpu_register_io_memory(omap_tcmi_readfn,
-omap_tcmi_writefn, mpu, DEVICE_NATIVE_ENDIAN);
-
-cpu_register_physical_memory(base, 0x100, iomemtype);
+memory_region_init_io(&mpu->tcmi_iomem, &omap_tcmi_ops, mpu,
+  "omap-tcmi", 0x100);
+memory_region_add_subregion(memory, base, &mpu->tcmi_iomem);
 omap_tcmi_reset(mpu);
 }
 
 /* Digital phase-locked loops control */
-static uint32_t omap_dpll_read(void *opaque, target_phys_addr_t addr)
+static uint64_t omap_dpll_read(void *opaque, target_phys_addr_t addr,
+   unsigned size)
 {
 struct dpll_ctl_s *s = (struct dpll_ctl_s *) opaque;
 
+if (size != 2) {
+return omap_badwidth_read16(opaque, addr);
+}
+
 if (addr == 0x00)  /* CTL_REG */
 return s->mode;
 
@@ -1354,13 +1361,17 @@ static uint32_t omap_dpll_read(void *opaque, 
target_phys_addr_t addr)
 }
 
 static void omap_dpll_write(void *opaque, target_phys_addr_t addr,
-uint32_t value)
+uint64_t value, unsigned size)
 {
 struct dpll_ctl_s *s = (struct dpll_ctl_s *) opaque;
 uint16_t diff;
 static const int bypass_div[4] = { 1, 2, 4, 4 };
 int div, mult;
 
+if (size != 2) {
+return omap_badwidth_write16(opaque, addr, value);
+}
+
 if (addr == 0x00) {/* CTL_REG */
 /* See omap_ulpd_pm_write() too */
 diff = s->mode & value;
@@ -1386,16 +1397,10 @@ static void omap_dpll_write(void *opaque, 
target_phys_addr_t addr,
 }
 }
 
-static CPU

Re: [Qemu-devel] [PATCH v2 1/2] memory: Fix old portio word accesses

[Avi Kivity]

On 09/18/2011 06:43 PM, Jan Kiszka wrote:

On 2011-09-18 17:37, Avi Kivity wrote:
>  On 09/18/2011 03:51 PM, Jan Kiszka wrote:
>>  From: Jan Kiszka
>>
>>  As we register old portio regions via ioport_register, we are also
>>  responsible for providing the word access wrapper.
>>
>>  Signed-off-by: Jan Kiszka
>>  ---
>>
>>  Oops, was lacking a shift for word reads.
>>
>>memory.c |   10 ++
>>1 files changed, 10 insertions(+), 0 deletions(-)
>>
>>  diff --git a/memory.c b/memory.c
>>  index b3ee232..aef4702 100644
>>  --- a/memory.c
>>  +++ b/memory.c
>>  @@ -397,6 +397,11 @@ static void memory_region_iorange_read(IORange
>>  *iorange,
>>*data = ((uint64_t)1<<   (width * 8)) - 1;
>>if (mrp) {
>>*data = mrp->read(mr->opaque, offset + mr->offset);
>>  +} else if (width == 2) {
>>  +mrp = find_portio(mr, offset, 1, false);
>>  +assert(mrp);
>>  +*data = mrp->read(mr->opaque, offset + mr->offset) |
>>  +(mrp->read(mr->opaque, offset + mr->offset +
>>  1)<<   8);
>>}
>
>  What about width 4?

This is PIO, limited by the x86 address space to 16 bit. Will add a comment.


x86 PIO is not limited to 16 bits, just ISA, which memory.c knows 
nothing about.



>   Why not use access_with_adjusted_size()?

Because of different accessor prototypes.



Can be thunked.  There is a different issue, a_w_a_s() can use small 
accesses to emulate large ones, but not vice versa.  It needs fixing anyway.


--
error compiling committee.c: too many arguments to function

Re: [Qemu-devel] [PATCH 2/2] vga: Fix portio list conversion fallouts

[Avi Kivity]

On 09/18/2011 03:44 PM, Jan Kiszka wrote:

From: Jan Kiszka

Fix copy&paste errors and reduce duplications of the BOCHS VBE ranges.

Signed-off-by: Jan Kiszka
---

  #ifdef CONFIG_BOCHS_VBE
  static const MemoryRegionPortio vbe_portio_list[] = {
-# ifdef TARGET_I386
  { 0, 1, 2, .read = vbe_ioport_read_index, .write = vbe_ioport_write_index 
},
+# ifdef TARGET_I386


Strange how the card knows what target it's plugged into.  Fixing this 
is going to involve major pain - need to update the bios and need to 
provide backwards compatibility.  All this assuming guests don't 
hardcode the address.


Anyway I find the deduplication makes the code harder to read.


  { 1, 1, 2, .read = vbe_ioport_read_data, .write = vbe_ioport_write_data },
  # else
-{ 0, 2, 2, .read = vbe_ioport_read_index, .write = vbe_ioport_write_index 
},
-{ 2, 2, 2, .read = vbe_ioport_read_data, .write = vbe_ioport_write_data },
+{ 2, 1, 2, .read = vbe_ioport_read_data, .write = vbe_ioport_write_data },


Is this correct?  length 1 region with size 2?


--
error compiling committee.c: too many arguments to function

Re: [Qemu-devel] [PATCH] isa: Avoid using obsolete memory_region_set_offset for old portio

[Avi Kivity]

On 09/18/2011 03:54 PM, Jan Kiszka wrote:

From: Jan Kiszka

We can express the offset of old portio completely via
MemoryRegionPortio::offset by splitting up regions of different offsets
and adjusting those offsets appropriately.


Please split into two patches - core and isa.


+/* Copy the sub-list and null-terminate it.  */
+pio = g_new(MemoryRegionPortio, count + 1);
+memcpy(pio, pio_init, sizeof(MemoryRegionPortio) * count);
+memset(pio + count, 0, sizeof(MemoryRegionPortio));


Wish: g_copy(pio, pio_init, count);  // aka std::copy()


@@ -396,12 +395,12 @@ static void memory_region_iorange_read(IORange *iorange,

  *data = ((uint64_t)1<<  (width * 8)) - 1;
  if (mrp) {
-*data = mrp->read(mr->opaque, offset + mr->offset);
+*data = mrp->read(mr->opaque, offset + mrp->offset);
  } else if (width == 2) {
  mrp = find_portio(mr, offset, 1, false);
  assert(mrp);
-*data = mrp->read(mr->opaque, offset + mr->offset) |
-(mrp->read(mr->opaque, offset + mr->offset + 1)<<  8);
+*data = mrp->read(mr->opaque, offset + mrp->offset) |
+(mrp->read(mr->opaque, offset + mrp->offset + 1)<<  8);
  }
  return;
  }


So long as mr->offset exists, you need to take it into account.  And I 
don't want to remove memory_region_set_offset() until everything (that 
can potentially use it, at least) has been converted.


--
error compiling committee.c: too many arguments to function

[Qemu-devel] [PATCH] isapc: give system address space when pci is disabled

[Hervé Poussineau]

Signed-off-by: Hervé Poussineau 
---
 hw/pc_piix.c |2 +-
 1 files changed, 1 insertions(+), 1 deletions(-)

diff --git a/hw/pc_piix.c b/hw/pc_piix.c
index da6fa55..c0b8a3a 100644
--- a/hw/pc_piix.c
+++ b/hw/pc_piix.c
@@ -121,7 +121,7 @@ static void pc_init1(MemoryRegion *system_memory,
 pc_memory_init(system_memory,
kernel_filename, kernel_cmdline, initrd_filename,
below_4g_mem_size, above_4g_mem_size,
-   pci_memory, &ram_memory);
+   pci_enabled ? pci_memory : system_memory, &ram_memory);
 }
 
 if (!xen_enabled()) {
-- 
1.7.5.4

Re: [Qemu-devel] [PATCH v2 1/2] memory: Fix old portio word accesses

[Jan Kiszka]

On 2011-09-18 17:45, Avi Kivity wrote:
> On 09/18/2011 06:43 PM, Jan Kiszka wrote:
>> On 2011-09-18 17:37, Avi Kivity wrote:
>> >  On 09/18/2011 03:51 PM, Jan Kiszka wrote:
>> >>  From: Jan Kiszka
>> >>
>> >>  As we register old portio regions via ioport_register, we are also
>> >>  responsible for providing the word access wrapper.
>> >>
>> >>  Signed-off-by: Jan Kiszka
>> >>  ---
>> >>
>> >>  Oops, was lacking a shift for word reads.
>> >>
>> >>memory.c |   10 ++
>> >>1 files changed, 10 insertions(+), 0 deletions(-)
>> >>
>> >>  diff --git a/memory.c b/memory.c
>> >>  index b3ee232..aef4702 100644
>> >>  --- a/memory.c
>> >>  +++ b/memory.c
>> >>  @@ -397,6 +397,11 @@ static void memory_region_iorange_read(IORange
>> >>  *iorange,
>> >>*data = ((uint64_t)1<<   (width * 8)) - 1;
>> >>if (mrp) {
>> >>*data = mrp->read(mr->opaque, offset + mr->offset);
>> >>  +} else if (width == 2) {
>> >>  +mrp = find_portio(mr, offset, 1, false);
>> >>  +assert(mrp);
>> >>  +*data = mrp->read(mr->opaque, offset + mr->offset) |
>> >>  +(mrp->read(mr->opaque, offset + mr->offset +
>> >>  1)<<   8);
>> >>}
>> >
>> >  What about width 4?
>>
>> This is PIO, limited by the x86 address space to 16 bit. Will add a
>> comment.
> 
> x86 PIO is not limited to 16 bits, just ISA, which memory.c knows
> nothing about.

Confused address and data, the former is limited 16, the latter can be
32 as well. But I guess only ISA models made use of the core's split up
service, and that's why QEMU limited itself accordingly.

> 
>> >   Why not use access_with_adjusted_size()?
>>
>> Because of different accessor prototypes.
>>
> 
> Can be thunked.  There is a different issue, a_w_a_s() can use small
> accesses to emulate large ones, but not vice versa.  It needs fixing
> anyway.
> 

IIRC, that's a feature: Devices not implementing small accesses tend to
refuse them in reality.

Jan



signature.asc
Description: OpenPGP digital signature

Re: [Qemu-devel] [PATCH 2/2] vga: Fix portio list conversion fallouts

[Jan Kiszka]

On 2011-09-18 17:51, Avi Kivity wrote:
> On 09/18/2011 03:44 PM, Jan Kiszka wrote:
>> From: Jan Kiszka
>>
>> Fix copy&paste errors and reduce duplications of the BOCHS VBE ranges.
>>
>> Signed-off-by: Jan Kiszka
>> ---
>>
>>   #ifdef CONFIG_BOCHS_VBE
>>   static const MemoryRegionPortio vbe_portio_list[] = {
>> -# ifdef TARGET_I386
>>   { 0, 1, 2, .read = vbe_ioport_read_index, .write =
>> vbe_ioport_write_index },
>> +# ifdef TARGET_I386
> 
> Strange how the card knows what target it's plugged into.  Fixing this
> is going to involve major pain - need to update the bios and need to
> provide backwards compatibility.  All this assuming guests don't
> hardcode the address.
> 
> Anyway I find the deduplication makes the code harder to read.

That line is rather tricky to deduplicate in mind. So it's not nice for
our readers keeping it duplicated around.

> 
>>   { 1, 1, 2, .read = vbe_ioport_read_data, .write =
>> vbe_ioport_write_data },
>>   # else
>> -{ 0, 2, 2, .read = vbe_ioport_read_index, .write =
>> vbe_ioport_write_index },
>> -{ 2, 2, 2, .read = vbe_ioport_read_data, .write =
>> vbe_ioport_write_data },
>> +{ 2, 1, 2, .read = vbe_ioport_read_data, .write =
>> vbe_ioport_write_data },
> 
> Is this correct?  length 1 region with size 2?

Yes, it prevents accesses on base+1.

Jan



signature.asc
Description: OpenPGP digital signature

Re: [Qemu-devel] [PATCH] isa: Avoid using obsolete memory_region_set_offset for old portio

[Jan Kiszka]

On 2011-09-18 17:57, Avi Kivity wrote:
> On 09/18/2011 03:54 PM, Jan Kiszka wrote:
>> From: Jan Kiszka
>>
>> We can express the offset of old portio completely via
>> MemoryRegionPortio::offset by splitting up regions of different offsets
>> and adjusting those offsets appropriately.
> 
> Please split into two patches - core and isa.

They depend on each other.

> 
>> +/* Copy the sub-list and null-terminate it.  */
>> +pio = g_new(MemoryRegionPortio, count + 1);
>> +memcpy(pio, pio_init, sizeof(MemoryRegionPortio) * count);
>> +memset(pio + count, 0, sizeof(MemoryRegionPortio));
> 
> Wish: g_copy(pio, pio_init, count);  // aka std::copy()
> 
>> @@ -396,12 +395,12 @@ static void memory_region_iorange_read(IORange
>> *iorange,
>>
>>   *data = ((uint64_t)1<<  (width * 8)) - 1;
>>   if (mrp) {
>> -*data = mrp->read(mr->opaque, offset + mr->offset);
>> +*data = mrp->read(mr->opaque, offset + mrp->offset);
>>   } else if (width == 2) {
>>   mrp = find_portio(mr, offset, 1, false);
>>   assert(mrp);
>> -*data = mrp->read(mr->opaque, offset + mr->offset) |
>> -(mrp->read(mr->opaque, offset + mr->offset +
>> 1)<<  8);
>> +*data = mrp->read(mr->opaque, offset + mrp->offset) |
>> +(mrp->read(mr->opaque, offset + mrp->offset +
>> 1)<<  8);
>>   }
>>   return;
>>   }
> 
> So long as mr->offset exists, you need to take it into account.

Only fair.

>  And I
> don't want to remove memory_region_set_offset() until everything (that
> can potentially use it, at least) has been converted.

IMO it's easier to fix those potential users before converting them. You
need to review them anyway to decide if an offset might be needed, and
which one precisely.

Are you aware of any candidates? For PIO, there should be none now.

Jan



signature.asc
Description: OpenPGP digital signature

Re: [Qemu-devel] [PATCH 0/8] tcg/interpreter: Add TCG + interpreter for bytecode (virtual machine)

[Mulyadi Santosa]

Hi Stefan...

On Sun, Sep 18, 2011 at 22:13, Stefan Weil  wrote:
> Its primary purpose was support of new hosts without a native
> TCG.

Thanks for the explanation, I got better picture now. However, still,
an interpreter must be ready to grab the bytecode and execute it,
right?

So, that interpreter, should it be build inside Qemu too? Or can we
use/write external one? let's say creating one in python and TCI
passes the generated bytecode via UNIX socket to the listening Python
script, is that doable or one of the goal your design?


-- 
regards,

Mulyadi Santosa
Freelance Linux trainer and consultant

blog: the-hydra.blogspot.com
training: mulyaditraining.blogspot.com

Re: [Qemu-devel] [PATCH] isa: Avoid using obsolete memory_region_set_offset for old portio

[Avi Kivity]

On 09/18/2011 07:29 PM, Jan Kiszka wrote:

On 2011-09-18 17:57, Avi Kivity wrote:
>  On 09/18/2011 03:54 PM, Jan Kiszka wrote:
>>  From: Jan Kiszka
>>
>>  We can express the offset of old portio completely via
>>  MemoryRegionPortio::offset by splitting up regions of different offsets
>>  and adjusting those offsets appropriately.
>
>  Please split into two patches - core and isa.

They depend on each other.


How can memory.c depend on isa.c?

If you make the core patch add both mr->offset and mrp->offset, then 
change isa to drop memory_region_set_offset(), instead adding the delta 
to mrp->offset, does that not work out?



>   And I
>  don't want to remove memory_region_set_offset() until everything (that
>  can potentially use it, at least) has been converted.

IMO it's easier to fix those potential users before converting them. You
need to review them anyway to decide if an offset might be needed, and
which one precisely.

Are you aware of any candidates? For PIO, there should be none now.


For pio, none, but mmio has some:

hw/sh7750.c:cpu_register_physical_memory_offset(0x1f00, 0x1000,
hw/sh7750.c:cpu_register_physical_memory_offset(0xff00, 0x1000,
hw/sh7750.c:cpu_register_physical_memory_offset(0x1f80, 0x1000,
hw/sh7750.c:cpu_register_physical_memory_offset(0xff80, 0x1000,
hw/sh7750.c:cpu_register_physical_memory_offset(0x1fc0, 0x1000,
hw/sh7750.c:cpu_register_physical_memory_offset(0xffc0, 0x1000,
hw/sh_intc.c:cpu_register_physical_memory_offset(P4ADDR(address), 4,
hw/sh_intc.c:cpu_register_physical_memory_offset(A7ADDR(address), 4,



--
error compiling committee.c: too many arguments to function

Re: [Qemu-devel] [PATCH] isa: Avoid using obsolete memory_region_set_offset for old portio

[Richard Henderson]

On 09/18/2011 05:54 AM, Jan Kiszka wrote:
> @@ -375,8 +375,7 @@ static const MemoryRegionPortio *find_portio(MemoryRegion 
> *mr, uint64_t offset,
>  const MemoryRegionPortio *mrp;
>  
>  for (mrp = mr->ops->old_portio; mrp->size; ++mrp) {
> -if (offset >= mrp->offset && offset < mrp->offset + mrp->len
> -&& width == mrp->size
> +if (offset < mrp->len && width == mrp->size

This change looks broken to me.  How, exactly, are you 
disambiguating different entries?



r~

Re: [Qemu-devel] [PATCH v2 1/2] memory: Fix old portio word accesses

[Avi Kivity]

On 09/18/2011 07:28 PM, Jan Kiszka wrote:

>>
>>  This is PIO, limited by the x86 address space to 16 bit. Will add a
>>  comment.
>
>  x86 PIO is not limited to 16 bits, just ISA, which memory.c knows
>  nothing about.

Confused address and data, the former is limited 16, the latter can be
32 as well. But I guess only ISA models made use of the core's split up
service, and that's why QEMU limited itself accordingly.


Let's not bury such details in the core.



>
>>  >Why not use access_with_adjusted_size()?
>>
>>  Because of different accessor prototypes.
>>
>
>  Can be thunked.  There is a different issue, a_w_a_s() can use small
>  accesses to emulate large ones, but not vice versa.  It needs fixing
>  anyway.
>

IIRC, that's a feature: Devices not implementing small accesses tend to
refuse them in reality.


I don't think this holds for pci; there the bus always generates 32-bit 
writes with separate byte enables for each lane.  The device need not 
even be aware of a sub-word access, for reads.


--
error compiling committee.c: too many arguments to function

Re: [Qemu-devel] [PATCH 2/2] vga: Fix portio list conversion fallouts

[Avi Kivity]

On 09/18/2011 07:28 PM, Jan Kiszka wrote:

On 2011-09-18 17:51, Avi Kivity wrote:
>  On 09/18/2011 03:44 PM, Jan Kiszka wrote:
>>  From: Jan Kiszka
>>
>>  Fix copy&paste errors and reduce duplications of the BOCHS VBE ranges.
>>
>>  Signed-off-by: Jan Kiszka
>>  ---
>>
>>#ifdef CONFIG_BOCHS_VBE
>>static const MemoryRegionPortio vbe_portio_list[] = {
>>  -# ifdef TARGET_I386
>>{ 0, 1, 2, .read = vbe_ioport_read_index, .write =
>>  vbe_ioport_write_index },
>>  +# ifdef TARGET_I386
>
>  Strange how the card knows what target it's plugged into.  Fixing this
>  is going to involve major pain - need to update the bios and need to
>  provide backwards compatibility.  All this assuming guests don't
>  hardcode the address.
>
>  Anyway I find the deduplication makes the code harder to read.

That line is rather tricky to deduplicate in mind. So it's not nice for
our readers keeping it duplicated around.


I don't think it should be deduplicated.  The device is providing two 
separate ABIs.



>
>>{ 1, 1, 2, .read = vbe_ioport_read_data, .write =
>>  vbe_ioport_write_data },
>># else
>>  -{ 0, 2, 2, .read = vbe_ioport_read_index, .write =
>>  vbe_ioport_write_index },
>>  -{ 2, 2, 2, .read = vbe_ioport_read_data, .write =
>>  vbe_ioport_write_data },
>>  +{ 2, 1, 2, .read = vbe_ioport_read_data, .write =
>>  vbe_ioport_write_data },
>
>  Is this correct?  length 1 region with size 2?

Yes, it prevents accesses on base+1.



Why disallow it?

For the general case or a 2-byte access near the end of a region, we 
need to provide a general fix.


--
error compiling committee.c: too many arguments to function

Re: [Qemu-devel] [PATCH 5/8] tcg: Add interpreter for bytecode

[Avi Kivity]

On 09/18/2011 10:22 AM, Paolo Bonzini wrote:

On 09/18/2011 07:49 AM, Stefan Weil wrote:

Is there really any difference in the generated code?
gcc already uses a jump table internally to handle the
switch cases.


You typically save something on range checks, and it enables a lot 
more tricks for use later (e.g. using multiple jump tables to perform 
simple peephole optimizations, or to divert code execution on 
interrupts).


I think it also improves branch target prediction - if you have a tight 
loop of a few opcodes the predictor can guess where you're headed (since 
there is a separate lookup key for each opcode), whereas with the 
original code, there's a single key which cannot be used to predict the 
branch target.


--
error compiling committee.c: too many arguments to function

Re: [Qemu-devel] [PATCH 0/8] tcg/interpreter: Add TCG + interpreter for bytecode (virtual machine)

[Avi Kivity]

On 09/17/2011 10:59 PM, Stefan Weil wrote:

Hello,

these patches add a new code generator (TCG target) to qemu.

Unlike other tcg target code generators, this one does not generate
machine code for some cpu. It generates machine independent bytecode
which is interpreted later. That's why I called it TCI (tiny code
interpreter).

I wrote most of the code two years ago and included feedback and
contributions from several QEMU developers, notably TeleMan,
Stuart Brady, Blue Swirl and Malc. See the history here:
http://lists.nongnu.org/archive/html/qemu-devel/2009-09/msg01710.html

Since that time, I used TCI regularly, added small fixes and improvements
and rebased it to latest QEMU. Some versions were tested using
ARM (emulated and real), PowerPC (emulated) and MIPS (emulated) hosts,
but normally I run it on i386 and x86_64 hosts.

I'd appreciate to see TCI in QEMU 1.0.


Next: a gcc target of (and a port of Linux to) tci, so we can run guests 
with tcg disabled.


--
error compiling committee.c: too many arguments to function

Re: [Qemu-devel] [PATCH] isa: Avoid using obsolete memory_region_set_offset for old portio

[Jan Kiszka]

On 2011-09-18 18:46, Avi Kivity wrote:
> On 09/18/2011 07:29 PM, Jan Kiszka wrote:
>> On 2011-09-18 17:57, Avi Kivity wrote:
>> >  On 09/18/2011 03:54 PM, Jan Kiszka wrote:
>> >>  From: Jan Kiszka
>> >>
>> >>  We can express the offset of old portio completely via
>> >>  MemoryRegionPortio::offset by splitting up regions of different
>> offsets
>> >>  and adjusting those offsets appropriately.
>> >
>> >  Please split into two patches - core and isa.
>>
>> They depend on each other.
> 
> How can memory.c depend on isa.c?
> 
> If you make the core patch add both mr->offset and mrp->offset, then
> change isa to drop memory_region_set_offset(), instead adding the delta
> to mrp->offset, does that not work out?

Nope. The old API accepted arbitrary portio lists per memory region, the
new requires one region with a consistent offset per range. I should
have documented it...

> 
>> >   And I
>> >  don't want to remove memory_region_set_offset() until everything (that
>> >  can potentially use it, at least) has been converted.
>>
>> IMO it's easier to fix those potential users before converting them. You
>> need to review them anyway to decide if an offset might be needed, and
>> which one precisely.
>>
>> Are you aware of any candidates? For PIO, there should be none now.
> 
> For pio, none, but mmio has some:
> 
> hw/sh7750.c:cpu_register_physical_memory_offset(0x1f00, 0x1000,
> hw/sh7750.c:cpu_register_physical_memory_offset(0xff00, 0x1000,
> hw/sh7750.c:cpu_register_physical_memory_offset(0x1f80, 0x1000,
> hw/sh7750.c:cpu_register_physical_memory_offset(0xff80, 0x1000,
> hw/sh7750.c:cpu_register_physical_memory_offset(0x1fc0, 0x1000,
> hw/sh7750.c:cpu_register_physical_memory_offset(0xffc0, 0x1000,
> hw/sh_intc.c:   
> cpu_register_physical_memory_offset(P4ADDR(address), 4,
> hw/sh_intc.c:   
> cpu_register_physical_memory_offset(A7ADDR(address), 4,

Cool, that's all. Trivial to fix, just push the offset math into those
few handler. Then we can drop cpu_register_physical_memory_offset as well.

Jan



signature.asc
Description: OpenPGP digital signature

Re: [Qemu-devel] [PATCH v2 1/2] memory: Fix old portio word accesses

[Jan Kiszka]

On 2011-09-18 18:49, Avi Kivity wrote:
> On 09/18/2011 07:28 PM, Jan Kiszka wrote:
>> >>
>> >>  This is PIO, limited by the x86 address space to 16 bit. Will add a
>> >>  comment.
>> >
>> >  x86 PIO is not limited to 16 bits, just ISA, which memory.c knows
>> >  nothing about.
>>
>> Confused address and data, the former is limited 16, the latter can be
>> 32 as well. But I guess only ISA models made use of the core's split up
>> service, and that's why QEMU limited itself accordingly.
> 
> Let's not bury such details in the core.

It's already in the core (ioport), and would refrain from changing it in
this fix.

> 
>>
>> >
>> >>  >Why not use access_with_adjusted_size()?
>> >>
>> >>  Because of different accessor prototypes.
>> >>
>> >
>> >  Can be thunked.  There is a different issue, a_w_a_s() can use small
>> >  accesses to emulate large ones, but not vice versa.  It needs fixing
>> >  anyway.
>> >
>>
>> IIRC, that's a feature: Devices not implementing small accesses tend to
>> refuse them in reality.
> 
> I don't think this holds for pci; there the bus always generates 32-bit
> writes with separate byte enables for each lane.  The device need not
> even be aware of a sub-word access, for reads.

The problem is that once we "enhance" the core with such a support to
potentially help one use case, we need to validate all users again if
they depend on the old behavior. That's tricky as breakage may only show
up with odd guests that issue invalid but so far harmless requests.

Jan



signature.asc
Description: OpenPGP digital signature

Re: [Qemu-devel] [PATCH 2/2] vga: Fix portio list conversion fallouts

[Jan Kiszka]

On 2011-09-18 18:51, Avi Kivity wrote:
> On 09/18/2011 07:28 PM, Jan Kiszka wrote:
>> On 2011-09-18 17:51, Avi Kivity wrote:
>> >  On 09/18/2011 03:44 PM, Jan Kiszka wrote:
>> >>  From: Jan Kiszka
>> >>
>> >>  Fix copy&paste errors and reduce duplications of the BOCHS VBE
>> ranges.
>> >>
>> >>  Signed-off-by: Jan Kiszka
>> >>  ---
>> >>
>> >>#ifdef CONFIG_BOCHS_VBE
>> >>static const MemoryRegionPortio vbe_portio_list[] = {
>> >>  -# ifdef TARGET_I386
>> >>{ 0, 1, 2, .read = vbe_ioport_read_index, .write =
>> >>  vbe_ioport_write_index },
>> >>  +# ifdef TARGET_I386
>> >
>> >  Strange how the card knows what target it's plugged into.  Fixing this
>> >  is going to involve major pain - need to update the bios and need to
>> >  provide backwards compatibility.  All this assuming guests don't
>> >  hardcode the address.
>> >
>> >  Anyway I find the deduplication makes the code harder to read.
>>
>> That line is rather tricky to deduplicate in mind. So it's not nice for
>> our readers keeping it duplicated around.
> 
> I don't think it should be deduplicated.  The device is providing two
> separate ABIs.

Yes, two ABIs, and the only difference is the offset of the data register.

> 
>> >
>> >>{ 1, 1, 2, .read = vbe_ioport_read_data, .write =
>> >>  vbe_ioport_write_data },
>> >># else
>> >>  -{ 0, 2, 2, .read = vbe_ioport_read_index, .write =
>> >>  vbe_ioport_write_index },
>> >>  -{ 2, 2, 2, .read = vbe_ioport_read_data, .write =
>> >>  vbe_ioport_write_data },
>> >>  +{ 2, 1, 2, .read = vbe_ioport_read_data, .write =
>> >>  vbe_ioport_write_data },
>> >
>> >  Is this correct?  length 1 region with size 2?
>>
>> Yes, it prevents accesses on base+1.
>>
> 
> Why disallow it?

Did anyone check that something useful or at least valid comes out of
the handlers when doing this so far impossible access?

Jan



signature.asc
Description: OpenPGP digital signature

Re: [Qemu-devel] [PATCH] isa: Avoid using obsolete memory_region_set_offset for old portio

[Jan Kiszka]

On 2011-09-18 18:49, Richard Henderson wrote:
> On 09/18/2011 05:54 AM, Jan Kiszka wrote:
>> @@ -375,8 +375,7 @@ static const MemoryRegionPortio 
>> *find_portio(MemoryRegion *mr, uint64_t offset,
>>  const MemoryRegionPortio *mrp;
>>  
>>  for (mrp = mr->ops->old_portio; mrp->size; ++mrp) {
>> -if (offset >= mrp->offset && offset < mrp->offset + mrp->len
>> -&& width == mrp->size
>> +if (offset < mrp->len && width == mrp->size
> 
> This change looks broken to me.  How, exactly, are you 
> disambiguating different entries?

See my reply to Avi: all offsets of an portio region must be the same.

They should actually only differ in access width, but there is still at
least one counter example (of course IDE...). Given that this is just a
portability helper, all this will likely be reviewed and cleaned up when
getting rid of old portio.

Jan



signature.asc
Description: OpenPGP digital signature

Re: [Qemu-devel] [PATCH 00/11] ISA bus improvements

[Jan Kiszka]

On 2011-09-18 16:56, Hervé Poussineau wrote:
> Following patches aim to change ISA bus to a first-citizen class in Qemu.
> 
> They add ISA bus ops, like for scsi and usb buses.
> 
> Current ISA bridges (PIIX3, PIIX4, EBUS and VT82C686) are converted
> to this new API, and a simple 'isabus-bridge' device is added.
> 
> isa_address_space() operation can probably be used to remove the
> infamous isa_mem_base variable. However, some work is already done
> in this direction on the ML, so I didn't change anything.
> 
> Finally, add bus argument to isa_create() functions, so architectures
> with multiple ISA buses (like some Alpha systems) can be emulated.
> 
> As RFC didn't receive much comments, I put this serie as patches.

Nice work. I had something similar unfinished here, but this one looks
better on first glace.

Still, I would go one step further and kill the global default isa_bus:
all ISA API user should pass in the bus they created and obtained from
some creator.

Jan



signature.asc
Description: OpenPGP digital signature

Re: [Qemu-devel] [PATCH 00/11] ISA bus improvements

[Hervé Poussineau]

Jan Kiszka a écrit :

On 2011-09-18 16:56, Hervé Poussineau wrote:

Following patches aim to change ISA bus to a first-citizen class in Qemu.

They add ISA bus ops, like for scsi and usb buses.

Current ISA bridges (PIIX3, PIIX4, EBUS and VT82C686) are converted
to this new API, and a simple 'isabus-bridge' device is added.

isa_address_space() operation can probably be used to remove the
infamous isa_mem_base variable. However, some work is already done
in this direction on the ML, so I didn't change anything.

Finally, add bus argument to isa_create() functions, so architectures
with multiple ISA buses (like some Alpha systems) can be emulated.

As RFC didn't receive much comments, I put this serie as patches.


Nice work. I had something similar unfinished here, but this one looks
better on first glace.


Thanks.



Still, I would go one step further and kill the global default isa_bus:
all ISA API user should pass in the bus they created and obtained from
some creator.



That's indeed the next step I have in mind.
It shouldn't be hard to do; that's mostly adding an isa_bus parameter in 
all functions from ISA bridge creation to all ISA devices. However, lots 
of prototypes will probably have to be changed, so I wanted to do it in 
a second patchset.


Hervé

Re: [Qemu-devel] [PATCH 0/3] Remove QEMUFile abuse

[Juan Quintela]

malc  wrote:
> On Fri, 16 Sep 2011, Anthony Liguori wrote:
>
>> Reviewed-by: Anthony Liguori 
>> 
>> malc, please Ack.
>> 
>
> I don't like the commit message.

Can you be more specific?

Can you say what you will preffer?


>> On 09/13/2011 07:52 AM, Juan Quintela wrote:
>> > Hi
>> > 
>> > QEMUFile is intended to be used only for migration.  Change the other
>> > three users to use FILE * operations directly.  gcc on Fedora 15
>> > complains about fread/write not checking its return value, so I added
>> > checks.  But in several places only print an error message (there is
>> > no error handly that I can hook into).  Notice that this is not worse
>> > than it is today.
>> > 
>> > Later, Juan.
>> > 
>> > Juan Quintela (3):
>> >vawaudio: port to FILE*
>> >wavcapture: port to FILE*
>> >ds1225y: port to FILE*
>> > 
>> >   audio/wavaudio.c   |   28 +++-
>> >   audio/wavcapture.c |   38 +-
>> >   hw/ds1225y.c   |   28 
>> >   3 files changed, 60 insertions(+), 34 deletions(-)
>> > 
>> 

Re: [Qemu-devel] [PATCH 0/8] tcg/interpreter: Add TCG + interpreter for bytecode (virtual machine)

[Stefan Weil]

Am 18.09.2011 18:39, schrieb Mulyadi Santosa:

Hi Stefan...

On Sun, Sep 18, 2011 at 22:13, Stefan Weil  wrote:

Its primary purpose was support of new hosts without a native
TCG.


Thanks for the explanation, I got better picture now. However, still,
an interpreter must be ready to grab the bytecode and execute it,
right?

So, that interpreter, should it be build inside Qemu too? Or can we
use/write external one? let's say creating one in python and TCI
passes the generated bytecode via UNIX socket to the listening Python
script, is that doable or one of the goal your design?


Do you think of something like http://bellard.org/jslinux/?

The current interpreter is built inside QEMU, and I'm afraid
that separating code generator and interpreter in different
processes might be a lot of work. Maybe running both in
separate threads would be possible, so the code generator
could prepare new bytecode while the interpreter is still
running the previous one.

Re: [Qemu-devel] [PATCH 0/3] Remove QEMUFile abuse

[malc]

On Sun, 18 Sep 2011, Juan Quintela wrote:

> malc  wrote:
> > On Fri, 16 Sep 2011, Anthony Liguori wrote:
> >
> >> Reviewed-by: Anthony Liguori 
> >> 
> >> malc, please Ack.
> >> 
> >
> > I don't like the commit message.
> 
> Can you be more specific?

QEMUFile predates migration by a few years so could have never been
inteneded to be used for it (leave alone only). There's no such thing
as "vawaudio" (i.e. v vs w).

Commentary aside: fcalls (seek/tell/read/close) can fail and the code 
in the patch doesn't handle it, error path for fwrite does not supply 
information on why the call has failed and furthermore does it via printf, 
also, i believe i mentioned this once before, fwrite (p, 1, n, f) should
really be (p, n, 1, f).

> 
> Can you say what you will preffer?
> 

"Use stdio instead of QEMUFile"

> 
> >> On 09/13/2011 07:52 AM, Juan Quintela wrote:
> >> > Hi
> >> > 
> >> > QEMUFile is intended to be used only for migration.  Change the other
> >> > three users to use FILE * operations directly.  gcc on Fedora 15
> >> > complains about fread/write not checking its return value, so I added
> >> > checks.  But in several places only print an error message (there is
> >> > no error handly that I can hook into).  Notice that this is not worse
> >> > than it is today.
> >> > 
> >> > Later, Juan.
> >> > 
> >> > Juan Quintela (3):
> >> >vawaudio: port to FILE*
> >> >wavcapture: port to FILE*
> >> >ds1225y: port to FILE*
> >> > 
> >> >   audio/wavaudio.c   |   28 +++-
> >> >   audio/wavcapture.c |   38 +-
> >> >   hw/ds1225y.c   |   28 
> >> >   3 files changed, 60 insertions(+), 34 deletions(-)
> >> > 
> >> 
> 

-- 
mailto:av1...@comtv.ru

[Qemu-devel] [PATCH] VMDK: fix leak of extent_file

[Fam Zheng]

Release extent_file on error in vmdk_parse_extents. Added closing files
in freeing extents.

Signed-off-by: Fam Zheng 
---
 block/vmdk.c |   14 ++
 1 files changed, 10 insertions(+), 4 deletions(-)

diff --git a/block/vmdk.c b/block/vmdk.c
index 6c8edfc..5d16ec4 100644
--- a/block/vmdk.c
+++ b/block/vmdk.c
@@ -179,11 +179,16 @@ static void vmdk_free_extents(BlockDriverState *bs)
 {
 int i;
 BDRVVmdkState *s = bs->opaque;
+VmdkExtent *e;
 
 for (i = 0; i < s->num_extents; i++) {
-g_free(s->extents[i].l1_table);
-g_free(s->extents[i].l2_cache);
-g_free(s->extents[i].l1_backup_table);
+e = &s->extents[i];
+g_free(e->l1_table);
+g_free(e->l2_cache);
+g_free(e->l1_backup_table);
+if (e->file != bs->file) {
+bdrv_delete(e->file);
+}
 }
 g_free(s->extents);
 }
@@ -619,12 +624,13 @@ static int vmdk_open_desc_file(BlockDriverState *bs, int 
flags,
 s->desc_offset = 0;
 ret = vmdk_parse_extents(buf, bs, bs->file->filename);
 if (ret) {
+vmdk_free_extents(bs);
 return ret;
 }
 
 /* try to open parent images, if exist */
 if (vmdk_parent_open(bs)) {
-g_free(s->extents);
+vmdk_free_extents(bs);
 return -EINVAL;
 }
 s->parent_cid = vmdk_read_cid(bs, 1);

Re: [Qemu-devel] [PATCH] hid: vmstat fix

[TeLeMan]

On Thu, Sep 15, 2011 at 21:40, Gerd Hoffmann  wrote:
> On 09/14/11 09:59, Paolo Bonzini wrote:
>>
>> On 09/14/2011 09:40 AM, TeLeMan wrote:
>
> >>
> >> The commit "usb/hid: add hid_pointer_activate, use it" used
> >> HIDMouseState.mouse_grabbed in hid_pointer_activate(), so
> >> mouse_grabbed should be added into vmstat.

 >
 > Does this fix a bug? qemu_activate_mouse_event_handler is meant to be
 > called once per execution of the VM, it is not guest state.
>>>
>>> Yes, this patch fixes the usb mouse not be working after loadvm in the
>>> guest windows.
>>
>> I'm wondering if, with your patch, Windows is actually using the PS/2
>> mouse after loadvm... If that is the case, perhaps instead you can move
>>
>> if (hs->kind == HID_MOUSE || hs->kind == HID_TABLET) {
>> hid_pointer_activate(hs);
>> }
>>
>> from hw/usb-hid.c to hid_set_next_idle, which is called at post-load time.
>
> Makes sense to me.  Did you try whenever that fixes the winxp issue?
I tested, it didn't fix this issue.
>
> thanks,
>  Gerd
>
>