Re: [Qemu-devel] [RFC 1/8] cputlb: add physical address to CPUTLBEntry

[Emilio G. Cota]

On Fri, May 08, 2015 at 14:51:58 -0700, Richard Henderson wrote:
> Ouch.  24 of 64 wasted bytes for 64-bit?
> 
> I wonder if there's a better way we can encode this to avoid 3 copies of the
> virtual address for read/write/code.  Or if we're better off using more than
> one insn to multiply by a non-power-of-two.

Adding one more instruction works well. Perf tests
(# time ./selftest.sh for [1]) show no appreciable difference.

Patch (i386-only) appended.

[1] http://wiki.qemu.org/download/ppc-virtexml507-linux-2_6_34.tgz

> Or if the hardware multiplier is
> fast enough just multiply by the proper constant.

This option should be slower (3-cycle latency for IMUL
on Ivy Bridge/Haswell, probably slower on others),
but would make the code very simple.
Unfortunately I couldn't write a patch to do it due to
my poor grasp of TCG backend code. If someone provides a
patch I'd be glad to test it.

If the appended ends up being the preferred option I
can extend it to support all the TCG targets. I cannot
however test all of them--only have access to x86 and ppc
hardware at the moment.

Thanks,

Emilio

[PATCH] i386-only: remove sizeof(CPUTLBEntry)=pow2 constraint

Breaks all non-i386 TCG backends! Do not apply.

Signed-off-by: Emilio G. Cota 
---
 include/exec/cpu-defs.h | 23 +--
 tcg/i386/tcg-target.c   | 12 +++-
 2 files changed, 24 insertions(+), 11 deletions(-)

diff --git a/include/exec/cpu-defs.h b/include/exec/cpu-defs.h
index 8891f16..716052a 100644
--- a/include/exec/cpu-defs.h
+++ b/include/exec/cpu-defs.h
@@ -96,14 +96,25 @@ typedef struct CPUTLBEntry {
 /* Addend to virtual address to get host address.  IO accesses
use the corresponding iotlb value.  */
 uintptr_t addend;
-/* padding to get a power of two size */
-uint8_t dummy[(1 << CPU_TLB_ENTRY_BITS) -
-  (sizeof(target_ulong) * 4 +
-   ((-sizeof(target_ulong) * 4) & (sizeof(uintptr_t) - 1)) +
-   sizeof(uintptr_t))];
 } CPUTLBEntry;
 
-QEMU_BUILD_BUG_ON(sizeof(CPUTLBEntry) != (1 << CPU_TLB_ENTRY_BITS));
+/*
+ * Fast TLB hits are essential for softmmu performance. Since we hand-code in
+ * assembly the TCG check for TLB hits, we define here a pair of constants that
+ * allow us to use only shifts to obtain a TLBEntry address given its index.
+ * NOTE: The constants below should thus be updated every time changes are
+ * made to the CPUTLBEntry struct. See the compile-time consistency check 
below.
+ */
+#if TARGET_LONG_BITS == 64
+#define CPU_TLB_ENTRY_OUT_SHIFT 3
+#define CPU_TLB_ENTRY_IN_SHIFT  2
+#else
+#define CPU_TLB_ENTRY_OUT_SHIFT (HOST_LONG_BITS == 32 ? 2 : 3)
+#define CPU_TLB_ENTRY_IN_SHIFT  (HOST_LONG_BITS == 32 ? 2 : 1)
+#endif
+
+QEMU_BUILD_BUG_ON(sizeof(CPUTLBEntry) != \
+(1 + BIT(CPU_TLB_ENTRY_IN_SHIFT)) << CPU_TLB_ENTRY_OUT_SHIFT);
 
 /* The IOTLB is not accessed directly inline by generated TCG code,
  * so the CPUIOTLBEntry layout is not as critical as that of the
diff --git a/tcg/i386/tcg-target.c b/tcg/i386/tcg-target.c
index ab63823..54250f5 100644
--- a/tcg/i386/tcg-target.c
+++ b/tcg/i386/tcg-target.c
@@ -1195,15 +1195,17 @@ static inline void tcg_out_tlb_load(TCGContext *s, 
TCGReg addrlo, TCGReg addrhi,
 tcg_out_mov(s, htype, r0, addrlo);
 tcg_out_mov(s, ttype, r1, addrlo);
 
-tcg_out_shifti(s, SHIFT_SHR + hrexw, r0,
-   TARGET_PAGE_BITS - CPU_TLB_ENTRY_BITS);
+tcg_out_shifti(s, SHIFT_SHR + hrexw, r0, TARGET_PAGE_BITS);
 
 tgen_arithi(s, ARITH_AND + trexw, r1,
 TARGET_PAGE_MASK | ((1 << s_bits) - 1), 0);
-tgen_arithi(s, ARITH_AND + hrexw, r0,
-(CPU_TLB_SIZE - 1) << CPU_TLB_ENTRY_BITS, 0);
+tgen_arithi(s, ARITH_AND + hrexw, r0, CPU_TLB_SIZE - 1, 0);
 
-tcg_out_modrm_sib_offset(s, OPC_LEA + hrexw, r0, TCG_AREG0, r0, 0,
+tcg_out_modrm_sib_offset(s, OPC_LEA + hrexw, r0, r0, r0,
+ CPU_TLB_ENTRY_IN_SHIFT, 0);
+
+tcg_out_modrm_sib_offset(s, OPC_LEA + hrexw, r0, TCG_AREG0, r0,
+ CPU_TLB_ENTRY_OUT_SHIFT,
  offsetof(CPUArchState, tlb_table[mem_index][0])
  + which);
 
-- 
1.8.3

Re: [Qemu-devel] [PATCH 06/12 v9] target-tilegx: Add cpu basic features for linux-user

[Chen Gang]

After have a check again, for me, I'd like to simply remove it firstly,
since it is only for system mode.

 - At present, we are only focus on user mode, and which I haven't done
   quite well.

 - After we finish user mode, and start system mode, then can add it.

 - In this way, this feature will have no any negative effect with our
   current coding/reviewing, either no any negative effect for our next
   coding/reviewing.

Thanks.

On 4/11/15 05:04, Chen Gang wrote:
>>> +static const VMStateDescription vmstate_tilegx_cpu = {
>>> >> +.name = "cpu",
>>> >> +.unmigratable = 1,
>>> >> +};
>> > 
>> > I'd prefer to see a correct VMState from the start -- it's
>> > not very difficult. Migration/snapshotting is much easier
>> > to enforce at the point where we let code in to the tree
>> > than if we let in non-migratable devices and CPUs and then
>> > have to fix them up later...
>> > 
>> > 
> OK, thanks. I shall try.

-- 
Chen Gang

Open, share, and attitude like air, water, and life which God blessed

Re: [Qemu-devel] [PATCH v2 0/5] Some fixes related to scsi-generic

[Paolo Bonzini]

On 08/05/2015 19:47, Dimitris Aragiorgis wrote:
> Hi all,
> 
> These four patches make slight changes to the way QEMU handles SCSI
> generic devices to fix a number of small problems.
> 
> I am sending them against the master branch, since I don't know if they
> can be considered bugfixes.
> 
> Thanks,
> dimara
> 
> v2:
> * remove duplicate check for sg inside iscsi_co_flush()
> * remove DEBUG_BLOCK_PRINT in block/raw-posix.c
> * use DPRINTF for debugging in block/raw-posix.c
> 
> PS: Paolo suggested to use a tracepoint inside hdev_is_sg() but I chose 
> DPRINTF
> instead. It would make sense to add a tracepoint for bdrv_is_sg() (just like
> most bdrv_* commands) but this is too much for now since it just returns the
> bs->sg flag (and is not an actual driver function). If you insist I'll change
> it in v3.
> 
> Dimitris Aragiorgis (5):
>   block: Use bdrv_is_sg() everywhere
>   Fix migration in case of scsi-generic
>   raw-posix: DPRINTF instead of DEBUG_BLOCK_PRINT
>   raw-posix: Use DPRINTF for DEBUG_FLOPPY
>   raw-posix: Introduce hdev_is_sg()
> 
>  block.c   |6 ++---
>  block/io.c|2 +-
>  block/iscsi.c |4 ---
>  block/raw-posix.c |   75 
> +
>  4 files changed, 45 insertions(+), 42 deletions(-)
> 

I am okay with the debug printf, even though the problem with debug
printfs is that no one uses them and they bitrot.

Reviewed-by: Paolo Bonzini 

Paolo

Re: [Qemu-devel] Help with deadlock when using sound

[Programmingkid]

On May 9, 2015, at 6:00 PM, Peter Maydell wrote:

> On 9 May 2015 at 22:42, Programmingkid  wrote:
>> Where you able to see the new stack trace I sent? If so, any idea what could 
>> be wrong?
> 
> Did you see the mail I sent where I asked you to try sending
> the monitor somewhere other than the GUI?
> 
> thanks
> -- PMM

Ok, I sent the monitor to the stdio using this command:  -soundhw pcspk 
-monitor stdio

Here is the stack trace of QEMU after it has froze:

Program received signal SIGINT, Interrupt.
[Switching to process 4291 thread 0xa0f]
0x7fff824e2dc2 in semaphore_wait_signal_trap ()
(gdb) thread apply all backtrace

Thread 8 (process 4291):
#0  0x7fff824e2dda in semaphore_timedwait_signal_trap ()
#1  0x7fff82521772 in _pthread_cond_wait ()
#2  0x7fff8423468c in CAGuard::WaitFor ()
#3  0x7fff84236c1b in CAGuard::WaitUntil ()
#4  0x7fff84234d85 in HP_IOThread::WorkLoop ()
#5  0x7fff84234827 in HP_IOThread::ThreadEntry ()
#6  0x7fff84234755 in CAPThread::Entry ()
#7  0x7fff8251bfd6 in _pthread_start ()
#8  0x7fff8251be89 in thread_start ()

Thread 7 (process 4291):
#0  0x0001160df83f in ?? ()

Thread 6 (process 4291):
#0  0x7fff8254499e in __sigwait ()
#1  0x7fff82544977 in sigwait ()
#2  0x00010036e3d0 in sigwait_compat (opaque=0x101d735d0) at 
util/compatfd.c:36
#3  0x7fff8251bfd6 in _pthread_start ()
#4  0x7fff8251be89 in thread_start ()

Thread 3 (process 4291):
#0  0x7fff824fbc0a in kevent ()
#1  0x7fff824fdadd in _dispatch_mgr_invoke ()
#2  0x7fff824fd7b4 in _dispatch_queue_invoke ()
#3  0x7fff824fd2de in _dispatch_worker_thread2 ()
#4  0x7fff824fcc08 in _pthread_wqthread ()
#5  0x7fff824fcaa5 in start_wqthread ()

Thread 2 (process 4291):
#0  0x7fff8251da6a in __semwait_signal ()
#1  0x7fff82521881 in _pthread_cond_wait ()
#2  0x00010036a8ea in futex_wait (ev=0x100a9e280, val=4294967295) at 
util/qemu-thread-posix.c:328
#3  0x00010036aa64 in qemu_event_wait (ev=0x100a9e280) at 
util/qemu-thread-posix.c:408
#4  0x00010037ee92 in call_rcu_thread (opaque=0x0) at util/rcu.c:233
#5  0x7fff8251bfd6 in _pthread_start ()
#6  0x7fff8251be89 in thread_start ()

Thread 1 (process 4291):
#0  0x7fff824e2dc2 in semaphore_wait_signal_trap ()
#1  0x7fff824e840d in pthread_mutex_lock ()
#2  0x00010036a348 in qemu_mutex_lock (mutex=0x10067ed40) at 
util/qemu-thread-posix.c:82
#3  0x000100039c2e in qemu_mutex_lock_iothread () at 
/Users/user/Documents/Development/Projects/Qemu/qemu-git/cpus.c:1128
#4  0x0001002d7e05 in os_host_main_loop_wait (timeout=6221000) at 
main-loop.c:242
#5  0x0001002d7eca in main_loop_wait (nonblocking=0) at main-loop.c:494
#6  0x000100114909 in main_loop () at vl.c:1798
#7  0x00010011c3c4 in qemu_main (argc=5, argv=0x7fff5fbff468, 
envp=0x7fff5fbff498) at vl.c:4362
#8  0x0001002a4339 in -[QemuCocoaAppController 
startEmulationWithArgc:argv:] (self=0x101937740, _cmd=0x1003f095e, argc=5, 
argv=0x7fff5fbff468) at cocoa.m:897
#9  0x0001002a4192 in -[QemuCocoaAppController 
applicationDidFinishLaunching:] (self=0x101937740, _cmd=0x7fff8064d906, 
note=0x101d3b250) at cocoa.m:875
#10 0x7fff8a50dbc5 in _nsnote_callback ()
#11 0x7fff83a7b000 in __CFXNotificationPost ()
#12 0x7fff83a67578 in _CFXNotificationPostNotification ()
#13 0x7fff8a504b26 in -[NSNotificationCenter 
postNotificationName:object:userInfo:] ()
#14 0x7fff80a1c44a in -[NSApplication _postDidFinishNotification] ()
#15 0x7fff80a1c37f in -[NSApplication _sendFinishLaunchingNotification] ()
#16 0x7fff80ae735d in -[NSApplication(NSAppleEventHandling) _handleAEOpen:] 
()
#17 0x7fff80ae6fd9 in -[NSApplication(NSAppleEventHandling) 
_handleCoreEvent:withReplyEvent:] ()
#18 0x7fff8a53c1c6 in -[NSAppleEventManager 
dispatchRawAppleEvent:withRawReply:handlerRefCon:] ()
#19 0x7fff8a53bff6 in _NSAppleEventManagerGenericHandler ()
#20 0x7fff84a6f32b in aeDispatchAppleEvent ()
#21 0x7fff84a6f224 in dispatchEventAndSendReply ()
#22 0x7fff84a6f12b in aeProcessAppleEvent ()
#23 0x7fff87300619 in AEProcessAppleEvent ()
#24 0x7fff809ec095 in _DPSNextEvent ()
#25 0x7fff809eb801 in -[NSApplication 
nextEventMatchingMask:untilDate:inMode:dequeue:] ()
#26 0x7fff809b168f in -[NSApplication run] ()
#27 0x0001002a50ea in main (argc=5, argv=0x7fff5fbff468) at cocoa.m:1034

Re: [Qemu-devel] [PULL 1/9] kvm: Silence warning from valgrind

[Paolo Bonzini]

On 09/05/2015 08:51, Thomas Huth wrote:
> On Fri,  8 May 2015 14:48:56 +0200
> Paolo Bonzini  wrote:
> 
>> From: Thomas Huth 
>>
>> valgrind complains here about uninitialized bytes with the following message:
>>
>> ==17814== Syscall param ioctl(generic) points to uninitialised byte(s)
>> ==17814==at 0x466A780: ioctl (in /usr/lib64/power8/libc-2.17.so)
>> ==17814==by 0x100735B7: kvm_vm_ioctl (kvm-all.c:1920)
>> ==17814==by 0x10074583: kvm_set_ioeventfd_mmio (kvm-all.c:574)
>>
>> Let's fix it by using a proper struct initializer in 
>> kvm_set_ioeventfd_mmio().
>>
>> Signed-off-by: Thomas Huth 
>> Message-Id: <1430153944-24368-1-git-send-email-th...@redhat.com>
>> Signed-off-by: Paolo Bonzini 
> 
>  Hi Paolo,
> 
> I think this patch already got included through the trivial tree,
> didn't it?

Ah, I had missed that.  Duplicate commits don't hurt anyway.

Paolo

Re: [Qemu-devel] Help with deadlock when using sound

[Paolo Bonzini]

On 06/05/2015 18:40, Programmingkid wrote:
> When I try to use the pcspk sound hardware, QEMU freezes and uses
> 100% of the cpu time. This is the command I use:
> 
> qemu-system-i386 -cdrom  -soundhw pcspk
> 
> This looks like a deadlock situation because some unknown code called
> qemu_mutex_lock(). Here is the stack trace at the freeze:
> 
> (gdb) bt #0  0x7fff824e2db6 in semaphore_wait_trap () #1
> 0x7fff824e8417 in pthread_mutex_lock () #2  0x000100267199 in
> qemu_mutex_lock (mutex= optimizations>) at util/qemu-thread-posix.c:73 #3  0x003c44016e95153b
> in ?? ()
> 
> My host is Mac OS 10.6.8. My guest isn't really anything. I have used
> Windows XP before but it isn't necessary to reproduce the problem.
> 
> The ?? is what appears to be the problem. I can't even print
> instructions at that address. Any ideas as to what is calling the
> qemu_mutex_lock() function could help.

Reproduced with a FreeDOS image from QEMU Advent Calendar.  It locks up
as soon as you type "beep".

It works with the PulseAudio and ALSA backends, but it doesn't with the
SDL backend, even on Linux.

Also, it deadlocks even with KVM enabled.

Paolo

Re: [Qemu-devel] [PATCH v4] block/vdi: Use bdrv_flush after metadata updates

[Paolo Bonzini]

On 09/05/2015 05:54, phoeagon wrote:
> zheq-PC sdb # time ~/qemu-sync-test/bin/qemu-img convert -f raw -t writeback 
> -O vdi /run/shm/rand 1.vdi
> 
> real0m8.678s
> user0m0.169s
> sys0m0.500s
> 
> zheq-PC sdb # time qemu-img convert -f raw -t writeback -O vdi /run/shm/rand 
> 1.vdi
> real0m4.320s
> user0m0.148s
> sys0m0.471s

This means that 3.83 seconds are spent when bdrv_close() calls
bdrv_flush().  That's the only difference between writeback
and unsafe in qemu-img convert.

The remaining part of the time (4.85 seconds instead of 0.49
seconds) means that, at least on your hardware, sequential writes
to unallocated space become 10 times slower with your patch.

Since the default qemu-img convert case isn't slowed down, I
would think that correctness trumps performance.  Nevertheless,
it's a huge difference.

Paolo

> zheq-PC sdb # time qemu-img convert -f raw -t unsafe -O vdi /run/shm/rand 
> 1.vdi
> real  0m0.489s
> user  0m0.173s
> sys   0m0.325s

Re: [Qemu-devel] Help with deadlock when using sound

[Paolo Bonzini]

On 10/05/2015 16:54, Paolo Bonzini wrote:
> Reproduced with a FreeDOS image from QEMU Advent Calendar.  It locks up
> as soon as you type "beep".
> 
> It works with the PulseAudio and ALSA backends, but it doesn't with the
> SDL backend, even on Linux.
> 
> Also, it deadlocks even with KVM enabled.

Hmm, looks like SDL audio is broken; it's not pcspk's fault.
I get an instant deadlock from

QEMU_AUDIO_DRV=sdl qemu-system-x86_64 -soundhw gus /mnt/vm/freedos.raw

even if I add "-display sdl", "-monitor stdio", etc.

Paolo

Re: [Qemu-devel] [PATCH v4] block/vdi: Use bdrv_flush after metadata updates

[phoeagon]

Just for clarity, I was not writing to tmpfs. I was READING from tmpfs. I
was writing to a path named 'sdb' (as you see in the prompt) which is a
btrfs on an SSD Drive. I don't have an HDD to test on though.

On Mon, May 11, 2015 at 12:02 AM Stefan Weil  wrote:

> Am 10.05.2015 um 17:01 schrieb Paolo Bonzini:
> >
> > On 09/05/2015 05:54, phoeagon wrote:
> >> zheq-PC sdb # time ~/qemu-sync-test/bin/qemu-img convert -f raw -t
> writeback -O vdi /run/shm/rand 1.vdi
> >>
> >> real0m8.678s
> >> user0m0.169s
> >> sys0m0.500s
> >>
> >> zheq-PC sdb # time qemu-img convert -f raw -t writeback -O vdi
> /run/shm/rand 1.vdi
> >> real0m4.320s
> >> user0m0.148s
> >> sys0m0.471s
> > This means that 3.83 seconds are spent when bdrv_close() calls
> > bdrv_flush().  That's the only difference between writeback
> > and unsafe in qemu-img convert.
> >
> > The remaining part of the time (4.85 seconds instead of 0.49
> > seconds) means that, at least on your hardware, sequential writes
> > to unallocated space become 10 times slower with your patch.
> >
> > Since the default qemu-img convert case isn't slowed down, I
> > would think that correctness trumps performance.  Nevertheless,
> > it's a huge difference.
> >
> > Paolo
>
> I doubt that the convert case isn't slowed down.
>
> Writing to a tmpfs as it was obviously done for the test is not a
> typical use case.
> With real hard disks I expect a significant slowdown.
>
> Stefan
>
>

Re: [Qemu-devel] [PATCH v4] block/vdi: Use bdrv_flush after metadata updates

[Paolo Bonzini]

On 10/05/2015 18:02, Stefan Weil wrote:
>> Since the default qemu-img convert case isn't slowed down, I
>> would think that correctness trumps performance.  Nevertheless,
>> it's a huge difference.
> 
> I doubt that the convert case isn't slowed down.

The *default* convert case isn't slowed down because "qemu-img convert"
defaults to the "unsafe" cache mode.

The *non-default* convert case with flushes was slowed down indeed: 2x
in total (if you include the final flush done by bdrv_close), and 10x if
you only consider the sequential write part of convert.

Paolo

> Writing to a tmpfs as it was obviously done for the test is not a
> typical use case.
> With real hard disks I expect a significant slowdown.
> 
> Stefan

Re: [Qemu-devel] [PATCH v4] block/vdi: Use bdrv_flush after metadata updates

[Stefan Weil]

Am 10.05.2015 um 17:01 schrieb Paolo Bonzini:


On 09/05/2015 05:54, phoeagon wrote:

zheq-PC sdb # time ~/qemu-sync-test/bin/qemu-img convert -f raw -t writeback -O 
vdi /run/shm/rand 1.vdi

real0m8.678s
user0m0.169s
sys0m0.500s

zheq-PC sdb # time qemu-img convert -f raw -t writeback -O vdi /run/shm/rand 
1.vdi
real0m4.320s
user0m0.148s
sys0m0.471s

This means that 3.83 seconds are spent when bdrv_close() calls
bdrv_flush().  That's the only difference between writeback
and unsafe in qemu-img convert.

The remaining part of the time (4.85 seconds instead of 0.49
seconds) means that, at least on your hardware, sequential writes
to unallocated space become 10 times slower with your patch.

Since the default qemu-img convert case isn't slowed down, I
would think that correctness trumps performance.  Nevertheless,
it's a huge difference.

Paolo


I doubt that the convert case isn't slowed down.

Writing to a tmpfs as it was obviously done for the test is not a 
typical use case.

With real hard disks I expect a significant slowdown.

Stefan

Re: [Qemu-devel] [PATCH v4] block/vdi: Use bdrv_flush after metadata updates

[Stefan Weil]

Am 10.05.2015 um 18:10 schrieb Paolo Bonzini:

On 10/05/2015 18:02, Stefan Weil wrote:

Since the default qemu-img convert case isn't slowed down, I
would think that correctness trumps performance.  Nevertheless,
it's a huge difference.

I doubt that the convert case isn't slowed down.

The *default* convert case isn't slowed down because "qemu-img convert"
defaults to the "unsafe" cache mode.

The *non-default* convert case with flushes was slowed down indeed: 2x
in total (if you include the final flush done by bdrv_close), and 10x if
you only consider the sequential write part of convert.

Paolo



For those who might be interested:

The relevant GPL source code from VirtualBox is available here:

https://www.virtualbox.org/browser/vbox/trunk/src/VBox/Storage

If I interpret that code correctly, blocks are normally written 
asynchronously,

but changes of metadata (new block allocation) are written synchronously.

See file VDI.cpp (function vdiBlockAllocUpdate) and VD.cpp 
(vdIOIntWriteMeta).


Stefan

Re: [Qemu-devel] [PATCH v4] block/vdi: Use bdrv_flush after metadata updates

[phoeagon]

I'm not familiar with the VirtualBox code base, but looks like "
vdIOIntWriteMeta" can work both synchronously & asynchronously, and
"vdiBlockAllocUpdate" looks async to me. Frankly, skimming through the code
for 5 min doesn't enlighten me too much on its detailed implementation, but
looks like at least Virtualbox has VDI-repair that fixes block leaks
relatively easily.

I would agree that a more complete implementation on VDI-check-and-repair
might be better in this particular situation. I'm not sure if there are
other cases where flush after metadata update might be better, but doesn't
look like qemu-img auto repair is coming to other writable image formats in
the near future.

Also, I think that memory exhaustion and consequent page cache eviction are
not too uncommon on computers not originally designed to run VMs. Many
laptops are still trapped with 4GB memory and there seem to widespread
instructions on tuning down the swappiness to favor page cache drops than
swapping out memory, all of which adds to the odds of metadata
inconsistency.

On Mon, May 11, 2015 at 12:26 AM Stefan Weil  wrote:

> Am 10.05.2015 um 18:10 schrieb Paolo Bonzini:
> > On 10/05/2015 18:02, Stefan Weil wrote:
> >>> Since the default qemu-img convert case isn't slowed down, I
> >>> would think that correctness trumps performance.  Nevertheless,
> >>> it's a huge difference.
> >> I doubt that the convert case isn't slowed down.
> > The *default* convert case isn't slowed down because "qemu-img convert"
> > defaults to the "unsafe" cache mode.
> >
> > The *non-default* convert case with flushes was slowed down indeed: 2x
> > in total (if you include the final flush done by bdrv_close), and 10x if
> > you only consider the sequential write part of convert.
> >
> > Paolo
>
>
> For those who might be interested:
>
> The relevant GPL source code from VirtualBox is available here:
>
> https://www.virtualbox.org/browser/vbox/trunk/src/VBox/Storage
>
> If I interpret that code correctly, blocks are normally written
> asynchronously,
> but changes of metadata (new block allocation) are written synchronously.
>
> See file VDI.cpp (function vdiBlockAllocUpdate) and VD.cpp
> (vdIOIntWriteMeta).
>
> Stefan
>
>

Re: [Qemu-devel] [PATCH v2] Fixes key mapping so all keys work

[Peter Maydell]

On 15 January 2015 at 21:13, Programmingkid  wrote:
> Fixes keyboard mapping so right shift, right command, right option, right 
> control, keypad period, keypad '=', keypad enter, and F13 all work.
>
> Signed-off-by: John Arbuckle 
>
> ---
> Undid most changes to keyboard map in cocoa.m.
> Most changes made to keyboard map in adb.c.
> Since there is no keypad '=' key for the PC/AT or PC/XT layouts, I had to 
> invent my own number for it. It works for the Mac OS X guest. Guest like 
> Windows XP are not effected because they don't use the Macintosh keyboard 
> layout.
>
> Signed-off-by: John Arbuckle 
>
> ---
>  hw/input/adb.c |8 
>  ui/cocoa.m |4 ++--

This is two conceptually separate fixes:
 (1) better handle key input to the ADB keyboard
 (2) output the right keycodes on the OSX cocoa UI
which should be in separate patches.

We should also be doing the support for keypad-= by converting both
the cocoa UI and the ADB keyboard device to the QKeyCode APIs,
which can cleanly handle these key without inventing fake PC
keycode numbers, as suggested by Gerd:
https://lists.gnu.org/archive/html/qemu-devel/2015-02/msg01322.html

My apologies for this review being so delayed; I'm now
trying to process my queue of OSX to-review patches.

-- PMM

Re: [Qemu-devel] [aswg-chair] register QEMU ACPI ID

[Doran, Mark]

Hi Michael:

Fortunately the ID element of ACPI in and of itself can be discussed in
public forum venues so no problem to copy the mailing list (added to cc for
this reply).

I don't know that naming a project that is not a legally identifiable entity
will cause an issue.  I just live in the school of not asking questions that
I don't know the answers to for this sort of thing as much as possible.  If,
for example, it would equally make sense to name a company (like say Red
Hat) or an incorporated organization (like say Linux Foundation) then I know
there's not going to be a question.  There _may_ be no question about name a
project as the owner; it's just an unknown so I wanted to bring that to your
attention -- I'm not sure what your urgency is and/or whether searching for
the absolute line of least resistance path matters to you or not.

If a guess OS is required to load QEMU-specific drivers for certain "soft"
devices to function correctly then I think your use case should not run us
into any hard questions.  I asked just to make sure, not being personally
familiar with the way QEMU works at that level.

In other words, I don't think there are problems here, I'm just trying to
make sure I know what to tell the review group (if anything) about a
slightly unusual request to minimize back-and-forth (I can't include the
qemu-devel mailing list on the Forum internal list review thread as that one
is in a UEFI Forum Confidential venue).

Just reply and let me know whether you want me to go ahead with the project
as the named owner or not and I can take it from there.
--
Cheers,
 
Mark.
 

> -Original Message-
> From: Michael S. Tsirkin [mailto:m...@redhat.com]
> Sent: Sunday, May 10, 2015 3:09 AM
> To: Doran, Mark
> Subject: Re: [aswg-chair] register QEMU ACPI ID
> 
> On Fri, May 08, 2015 at 06:57:36PM +, Doran, Mark wrote:
> > Hi Michael:
> >
> > First, sorry for the delay in reply; entirely down to me I'm afraid.
> >
> > That said, I anticipate there may be some questions raised if I ask
> > the work group to review this request.  It's unusual but not
> > unprecedented to register something with UEFI on behalf of a project
> > that's not a legally identifiable entity...that may raise an eyebrow
> > though because we haven't done it for ACPI IDs as yet.
> 
> If this is a problem, we'd like to discuss this on the mailing list.
> I would like to add the project mailing list: qemu-devel@nongnu.org to
> Cc - can I do this?
> 
> >  Secondly, I'm wondering what the intended use model is -- quasi
> > technical curiosity perhaps.  Normally vendors IDs are used to make up
> > device IDs that match device drivers to devices in the platform and as
> > such it's usually a device vendor that has the need for an ID.  Is
> > there some notional device "manufactured" by the QEMU project that
> > needs to be so identified??  Or are you considering some other kind of
> > usage??
> >
> > --
> > Cheers,
> >
> > Mark.
> 
> Yes. QEMU is a hypervisor, and so presents virtual devices and a set of
> ACPI tables describing them to operating systems it runs.
> 
> Some of these devices need the operating system within the guest to load
> matching drivers, and we've been using IDs such as QEMU0001 for this
> purpose.
> 
> 
> >
> > > -Original Message-
> > > From: aswg-ch...@uefi.org [mailto:aswg-ch...@uefi.org] On Behalf Of
> > > Michael S. Tsirkin
> > > Sent: Tuesday, April 28, 2015 7:29 AM
> > > To: qemu-devel@nongnu.org
> > > Cc: aswg-ch...@uefi.org
> > > Subject: [aswg-chair] register QEMU ACPI ID
> > >
> > > Hello!
> > > Please register the ACPI Vendor ID "QEMU" to the qemu emulator
> project.
> > >
> > > Thanks!
> > >
> > > --
> > > MST
> 



smime.p7s
Description: S/MIME cryptographic signature

Re: [Qemu-devel] [PATCH v3] Fixes several full screen issues on Mac OS X

[Peter Maydell]

On 21 January 2015 at 19:25, Programmingkid  wrote:
> This patch makes several changes:
> - Minimizes distorted full screen display by respecting aspect
> ratios.
> - Makes full screen mode available on Mac OS 10.7 and higher.
> - Allows user to decide if video should be stretched to fill the
> screen, using a menu item called "Zoom To Fit".
> - Hides the normalWindow so it won't show up in full screen mode.
> - Allows user to exit full screen mode.
>
> Signed-off-by: John Arbuckle 
>
> ---
> Changes in version 2:
> - Completely rewritten.
> - Eliminated depreciated API's.
> - Does not change host monitor resolution.
>
> Change in version 3:
> - Fixed full screen window not receiving mouse moved events.
> @@ -1005,7 +1043,8 @@ int main (int argc, const char * argv[]) {
>
>  // View menu
>  menu = [[NSMenu alloc] initWithTitle:@"View"];
> -[menu addItem: [[[NSMenuItem alloc] initWithTitle:@"Enter Fullscreen" 
> action:@selector(toggleFullScreen:) keyEquivalent:@"f"] autorelease]]; // 
> Fullscreen
> +[menu addItem: [[[NSMenuItem alloc] initWithTitle:@"Enter Fullscreen" 
> action:@selector(doToggleFullScreen:) keyEquivalent:@"f"] autorelease]]; // 
> Fullscreen
> +[menu addItem: [[[NSMenuItem alloc] initWithTitle:@"Zoom To Fit" 
> action:@selector(zoomToFit:) keyEquivalent:@"f"] autorelease]];

This creates two menu items with the same keyEquivalent, which
looks like a cut and paste error? It doesn't seem to me like
we need an accelerator for zoom-to-fit, so we can just make
that @"" instead I think.

Unless you'd rather do something else, I'm going to apply this
patch to my cocoa queue with that change and a couple of other
minor whitespace-formatting tweaks.

(Looking again at whether zoom-to-fit should be default,
I think I must have been deceived by the 1400x900 builtin
MBA screen being a nice multiple of the VGA screen size;
doing full-screen-zoomed on my other monitor looks much
worse. So I'm leaving that as you wrote it.)

Sorry it's taken me so long to get back to this.

thanks
-- PMM

Re: [Qemu-devel] [PATCH v3] ui/cocoa.m: Adds console items to the View menu

[Peter Maydell]

On 14 February 2015 at 15:50, Programmingkid  wrote:
> Adds these items to the View menu:
> VGA
> Monitor
> Serial
> Parallel
>
> Signed-off-by: John Arbuckle 

> +// Creates the view menu
> +static void create_view_menu()
> +{
> +NSMenu * menu;
> +NSMenuItem * menuItem;
> +menu = [[NSMenu alloc] initWithTitle:@"View"];
> +[menu addItem: [[[NSMenuItem alloc] initWithTitle:@"Enter Fullscreen"
> action:@selector(toggleFullScreen:) keyEquivalent:@"f"] autorelease]]; //
> Fullscreen
> +[menu addItem:[NSMenuItem separatorItem]]; //Separator
> +if(get_console_index("graphic") != -1)
> +[menu addItem: [[[NSMenuItem alloc] initWithTitle:@"VGA"
> action:@selector(displayVGA:) keyEquivalent:@""] autorelease]]; // VGA
> +if(get_console_index("monitor") != -1)
> +[menu addItem: [[[NSMenuItem alloc] initWithTitle:@"QEMU Monitor"
> action:@selector(displayMonitor:) keyEquivalent:@""] autorelease]]; // QEMU
> Monitor
> +if (get_console_index("serial") != -1)
> +[menu addItem: [[[NSMenuItem alloc] initWithTitle:@"Serial"
> action:@selector(displaySerial:) keyEquivalent:@""] autorelease]]; // Serial
> +if(get_console_index("parallel") != -1)
> +[menu addItem: [[[NSMenuItem alloc] initWithTitle:@"Parallel"
> action:@selector(displayParallel:) keyEquivalent:@""] autorelease]]; //
> Parallel
> +menuItem = [[[NSMenuItem alloc] initWithTitle:@"View" action:nil
> keyEquivalent:@""] autorelease];
> +[menuItem setSubmenu:menu];
> +[[NSApp mainMenu] insertItem: menuItem atIndex: 1]; // insert View menu
> after Application menu
> +}
> +

This patch needs to be reworked to use the new qemu_console_get_label(),
right?

thanks
-- PMM

Re: [Qemu-devel] [PATCH v5] ui/cocoa.m: Machine menu patch for Mac OS X

[Peter Maydell]

On 17 February 2015 at 04:55, Programmingkid  wrote:
> Added features:
> Menu items to switch floppy and CD image files.
> Menu items to eject floppy and CD image files.
> Menu item to use /dev/cdrom.
> Verifies with the user before quitting QEMU by displaying a dialog box.
> Pause and resume menu items with the word paused displayed on the window.
>
> Signed-off-by: John Arbuckle 

This needs to be split up into a multipatch series,
because it's doing too many things at once. Probably
something like:
 * powerdown/reset/pause/resume menu entries
 * display 'paused' on window when paused
 * floppy/cd menu items

> +/* Determine if the current emulator has a floppy drive */
> +static bool emulatorHasFloppy()
> +{
> +if (emulatorHasDevice("floppy", floppy_drive_name)) {
> +return true;
> +} else {
> +return false;
> +}
> +}
> +
> +/* Determine if the current emulator has a CDROM drive */
> +static bool emulatorHasCDROM()
> +{
> +if (emulatorHasDevice("cd", cdrom_drive_name)) {
> +return true;
> +} else {
> +return false;
> +}
> +}
> +
> +/* Determines if the given device is a floppy drive */
> +static bool isFloppyDevice(BlockInfo * current_device)
> +{
> +if(strstr(current_device->device, "floppy")) {
> +return true;
> +} else {
> +return false;
> +}
> +
> +}
> +
> +/* Determines if the given device is a CD drive */
> +static bool isCdromDevice(BlockInfo * current_device)
> +{
> +if(strstr(current_device->device, "-cd")) {
> +return true;
> +} else {
> +return false;
> +}
> +}
> +
> +/* Returns a floppy device */
> +static NSString * getFloppyDevice(int index)
> +{
> +int count = 0;
> +BlockInfoList *current_device;
> +current_device = qmp_query_block(false);
> +if(current_device == NULL) {
> +NSBeep();
> +NSRunAlertPanel(@"Alert", @"Could not query block devices!", @"OK", 
> nil, nil);
> +printf("Error: could not query block devices!\nFunction: 
> getFloppyDevice()\n");
> +return @"FAILED TO QUERY FOR FLOPPY DRIVES";
> +}
> +
> +// look thru all the devices
> +while (current_device) {
> +if(isFloppyDevice(current_device->value)) {  /* If found a floppy 
> drive */
> +if(count == index) { /* The drive we want */
> +return [NSString stringWithFormat: @"%s", 
> current_device->value->device];
> +}
> +count++;
> +}
> +current_device = current_device->next;
> +}
> +
> +/* If failed to find the drive */
> +NSRunAlertPanel(@"Alert", @"Could not find floppy drive.", @"OK", nil, 
> nil);
> +printf("Error: No floppy drive found at index %d\n\a", index);
> +return [NSString stringWithFormat: @"NO FLOPPY DRIVE FOUND AT INDEX %d", 
> index ];
> +}
> +
> +/* Returns a cdrom device */
> +static NSString * getCdromDevice(int index)
> +{
> +int count = 0;
> +BlockInfoList *current_device;
> +current_device = qmp_query_block(false);
> +if(current_device == NULL) {
> +NSBeep();
> +NSRunAlertPanel(@"Alert", @"Could not query block devices!", @"OK", 
> nil, nil);
> +printf("Error: could not query block devices!\nFunction: 
> getCdromDevice()");
> +return @"FAILED TO QUERY FOR CDROM DRIVES";
> +}
> +
> +// look thru all the devices
> +while (current_device) {
> +if(isCdromDevice(current_device->value)) {  /* If found a cd drive */
> +if(count == index) { /* The drive we want */
> +return [NSString stringWithFormat: @"%s", 
> current_device->value->device];
> +}
> +count++;
> +}
> +current_device = current_device->next;
> +}
> +
> +/* If failed to find the drive */
> +NSRunAlertPanel(@"Alert", @"Could not find cdrom.", @"OK", nil, nil);
> +printf("Error: could not find cdrom drive.\n");
> +return [NSString stringWithFormat: @"NO CDROM DRIVE FOUND AT INDEX %d", 
> index ];
> +}

You seem to have a lot of functions which look very similar
to each other, which surely could be refactored to avoid
the duplication.

thanks
-- PMM

Re: [Qemu-devel] Help with deadlock when using sound

[Programmingkid]

On May 10, 2015, at 10:54 AM, Paolo Bonzini wrote:

> 
> 
> On 06/05/2015 18:40, Programmingkid wrote:
>> When I try to use the pcspk sound hardware, QEMU freezes and uses
>> 100% of the cpu time. This is the command I use:
>> 
>> qemu-system-i386 -cdrom  -soundhw pcspk
>> 
>> This looks like a deadlock situation because some unknown code called
>> qemu_mutex_lock(). Here is the stack trace at the freeze:
>> 
>> (gdb) bt #0  0x7fff824e2db6 in semaphore_wait_trap () #1
>> 0x7fff824e8417 in pthread_mutex_lock () #2  0x000100267199 in
>> qemu_mutex_lock (mutex=> optimizations>) at util/qemu-thread-posix.c:73 #3  0x003c44016e95153b
>> in ?? ()
>> 
>> My host is Mac OS 10.6.8. My guest isn't really anything. I have used
>> Windows XP before but it isn't necessary to reproduce the problem.
>> 
>> The ?? is what appears to be the problem. I can't even print
>> instructions at that address. Any ideas as to what is calling the
>> qemu_mutex_lock() function could help.
> 
> Reproduced with a FreeDOS image from QEMU Advent Calendar.  It locks up
> as soon as you type "beep".
> 
> It works with the PulseAudio and ALSA backends, but it doesn't with the
> SDL backend, even on Linux.
> 
> Also, it deadlocks even with KVM enabled.
> 
> Paolo

Thank you very much for finding this out. Any theories as to what is wrong?

This is my list of theories:
- Compiler bug
- Bug with a dependency 
- Host operating system bug/untrue assumption
- Emulated sound cards not implementing some required functionality
- Missing/broken deadlock prevention code

Re: [Qemu-devel] [PATCH v4] Makefile.target: set icon for binary file on Mac OS X

[Peter Maydell]

On 21 February 2015 at 16:14, Programmingkid  wrote:
> Implements setting the icon for the binary file in Mac OS X.
>
> Signed-off-by: John Arbuckle 
>
> ---
> Added $(SRC_PATH) to the path of the rsrc file.
>
>  Makefile.target   |4 +
>  pc-bios/qemu.rsrc | 1504 
> +
>  2 files changed, 1508 insertions(+), 0 deletions(-)
>  create mode 100644 pc-bios/qemu.rsrc
>
> diff --git a/Makefile.target b/Makefile.target
> index e9ff1ee..9661c87 100644
> --- a/Makefile.target
> +++ b/Makefile.target
> @@ -178,6 +178,10 @@ all-obj-$(CONFIG_SOFTMMU) += $(block-obj-y)
>  # build either PROG or PROGW
>  $(QEMU_PROG_BUILD): $(all-obj-y) ../libqemuutil.a ../libqemustub.a
> $(call LINK,$^)
> +ifdef CONFIG_DARWIN
> +   Rez -append $(SRC_PATH)/pc-bios/qemu.rsrc -o $(QEMU_PROG)
> +   SetFile -a C $(QEMU_PROG)
> +endif

When I came to look at this patch this hunk didn't quite apply
cleanly any more. It also is missing the quiet-command use that
makes the output look nice, and it would be cleaner to use $@
rather than $(QEMU_PROG). The tweaked Makefile.target hunk I came
up with is:

===begin===
diff --git a/Makefile.target b/Makefile.target
index 1083377..be01dd3 100644
--- a/Makefile.target
+++ b/Makefile.target
@@ -180,6 +180,10 @@ $(QEMU_PROG_BUILD): config-devices.mak
 # build either PROG or PROGW
 $(QEMU_PROG_BUILD): $(all-obj-y) ../libqemuutil.a ../libqemustub.a
$(call LINK, $(filter-out %.mak, $^))
+ifdef CONFIG_DARWIN
+   $(call quiet-command,Rez -append $(SRC_PATH)/pc-bios/qemu.rsrc
-o $@,"  REZ   $(TARGET_DIR)$@")
+   $(call quiet-command,SetFile -a C $@,"  SETFILE $(TARGET_DIR)$@")
+endif

 gdbstub-xml.c: $(TARGET_XML_FILES) $(SRC_PATH)/scripts/feature_to_c.sh
$(call quiet-command,rm -f $@ && $(SHELL)
$(SRC_PATH)/scripts/feature_to_c.sh $@ $(TARGET_XML_FILES
),"  GEN   $(TARGET_DIR)$@")
===endit===

Unless anybody objects or Paolo particularly wants to take this
through his tree I'll add this modified version to my cocoa tree.

thanks
-- PMM

Re: [Qemu-devel] [PATCH] Fix default CPU model for ARM64

[Cole Robinson]

On 05/08/2015 03:14 AM, Pavel Fedin wrote:
>  Hello!
> 
>> FWIW virt-manager 1.2.0 (just released) will do the following when creating a
>> new VM:
>>
>> - aarch64 + kvm : -cpu host
>> - aarch64 + tcg : -cpu cortex-a57
>> - arm32 + kvm : -cpu host
>> - arm32 + tcg : defer to qemu
>>
>> Though if you explicitly request 'hypervisor default' then we won't specify
>> any -cpu and defer to qemu, which will hit the cortex-a15 default for aarch64
> 
>  virt-manager is not the only tool to create VMs...
>  But, okay. Seems you just don't want to change this. Well... I still don't 
> agree and this
> default looks strange for me, but it's just me. I'm out of further arguments.
> 

I wasn't implying any opinion about your proposed patch, just clarifying the
details about how latest virt-manager performs since you mentioned it
upthread. FWIW I agree with the idea of your patch

- Cole

Re: [Qemu-devel] [PATCH v3] Fixes several full screen issues on Mac OS X

[Programmingkid]

On May 10, 2015, at 3:13 PM, Peter Maydell wrote:

> On 21 January 2015 at 19:25, Programmingkid  wrote:
>> This patch makes several changes:
>> - Minimizes distorted full screen display by respecting aspect
>> ratios.
>> - Makes full screen mode available on Mac OS 10.7 and higher.
>> - Allows user to decide if video should be stretched to fill the
>> screen, using a menu item called "Zoom To Fit".
>> - Hides the normalWindow so it won't show up in full screen mode.
>> - Allows user to exit full screen mode.
>> 
>> Signed-off-by: John Arbuckle 
>> 
>> ---
>> Changes in version 2:
>> - Completely rewritten.
>> - Eliminated depreciated API's.
>> - Does not change host monitor resolution.
>> 
>> Change in version 3:
>> - Fixed full screen window not receiving mouse moved events.
>> @@ -1005,7 +1043,8 @@ int main (int argc, const char * argv[]) {
>> 
>> // View menu
>> menu = [[NSMenu alloc] initWithTitle:@"View"];
>> -[menu addItem: [[[NSMenuItem alloc] initWithTitle:@"Enter Fullscreen" 
>> action:@selector(toggleFullScreen:) keyEquivalent:@"f"] autorelease]]; // 
>> Fullscreen
>> +[menu addItem: [[[NSMenuItem alloc] initWithTitle:@"Enter Fullscreen" 
>> action:@selector(doToggleFullScreen:) keyEquivalent:@"f"] autorelease]]; // 
>> Fullscreen
>> +[menu addItem: [[[NSMenuItem alloc] initWithTitle:@"Zoom To Fit" 
>> action:@selector(zoomToFit:) keyEquivalent:@"f"] autorelease]];
> 
> This creates two menu items with the same keyEquivalent, which
> looks like a cut and paste error? It doesn't seem to me like
> we need an accelerator for zoom-to-fit, so we can just make
> that @"" instead I think.
> 
> Unless you'd rather do something else, I'm going to apply this
> patch to my cocoa queue with that change and a couple of other
> minor whitespace-formatting tweaks.
> 
> (Looking again at whether zoom-to-fit should be default,
> I think I must have been deceived by the 1400x900 builtin
> MBA screen being a nice multiple of the VGA screen size;
> doing full-screen-zoomed on my other monitor looks much
> worse. So I'm leaving that as you wrote it.)
> 
> Sorry it's taken me so long to get back to this.
> 
> thanks
> -- PMM

Thank you for reviewing my patch and correcting the double command-f shortcut 
mistake. 

[Qemu-devel] [Bug 1453608] [NEW] explain what pcsys_monitor in manpage

[Karl-Philipp Richter]

Public bug reported:

The specification of vnc passwords seems to have changed. `man qemu-
system-x86_64` mentions `set_password` to be used in `pcsys_monitor`.
Both are are not further mentioned in the man page and misteriously
inexisting in both the web and the source root (as far as `grep -r -I
'pcsys_monitor' .` is concerned). That's too vage to be usable.

experienced with 2.3.0

** Affects: qemu
 Importance: Undecided
 Status: New

-- 
You received this bug notification because you are a member of qemu-
devel-ml, which is subscribed to QEMU.
https://bugs.launchpad.net/bugs/1453608

Title:
  explain what pcsys_monitor in manpage

Status in QEMU:
  New

Bug description:
  The specification of vnc passwords seems to have changed. `man qemu-
  system-x86_64` mentions `set_password` to be used in `pcsys_monitor`.
  Both are are not further mentioned in the man page and misteriously
  inexisting in both the web and the source root (as far as `grep -r -I
  'pcsys_monitor' .` is concerned). That's too vage to be usable.

  experienced with 2.3.0

To manage notifications about this bug go to:
https://bugs.launchpad.net/qemu/+bug/1453608/+subscriptions

[Qemu-devel] [Bug 1453612] [NEW] set_password command of monitor has poor feedback on failure

[Karl-Philipp Richter]

Public bug reported:

running `set_password vnc NkkmEz5icvTAGo6MECzBVEUxP` in qemu monitor
(which is the appropriate way to set a vnc password according to `man
qemu-system-x86_64`) started with `-monitor stdio` gives feedback `Could
not set password` which is unhelpful because it doesn't specify the
reason of the failure.

experienced with 2.3.0

** Affects: qemu
 Importance: Undecided
 Status: New

** Description changed:

  running `set_password vnc NkkmEz5icvTAGo6MECzBVEUxP` in qemu monitor
- started with `-monitor stdio` gives feedback `Could not set password`
- which is unhelpful because it doesn't specify the reason of the failure.
+ (which is the appropriate way to set a vnc password according to `man
+ qemu-system-x86_64`) started with `-monitor stdio` gives feedback `Could
+ not set password` which is unhelpful because it doesn't specify the
+ reason of the failure.
  
  experienced with 2.3.0

-- 
You received this bug notification because you are a member of qemu-
devel-ml, which is subscribed to QEMU.
https://bugs.launchpad.net/bugs/1453612

Title:
  set_password command of monitor has poor feedback on failure

Status in QEMU:
  New

Bug description:
  running `set_password vnc NkkmEz5icvTAGo6MECzBVEUxP` in qemu monitor
  (which is the appropriate way to set a vnc password according to `man
  qemu-system-x86_64`) started with `-monitor stdio` gives feedback
  `Could not set password` which is unhelpful because it doesn't specify
  the reason of the failure.

  experienced with 2.3.0

To manage notifications about this bug go to:
https://bugs.launchpad.net/qemu/+bug/1453612/+subscriptions

[Qemu-devel] [Bug 1453613] [NEW] the help message of the set_password subcommand of the qemu monitor isn't usable

[Karl-Philipp Richter]

Public bug reported:

`help set_password` in qemu monitor prints `set_password protocol
password action-if-connected -- set spice/vnc password` which doesn't
allow to figure out how to use this subcommand.

** Affects: qemu
 Importance: Undecided
 Status: New

-- 
You received this bug notification because you are a member of qemu-
devel-ml, which is subscribed to QEMU.
https://bugs.launchpad.net/bugs/1453613

Title:
  the help message of the set_password subcommand of the qemu monitor
  isn't usable

Status in QEMU:
  New

Bug description:
  `help set_password` in qemu monitor prints `set_password protocol
  password action-if-connected -- set spice/vnc password` which doesn't
  allow to figure out how to use this subcommand.

To manage notifications about this bug go to:
https://bugs.launchpad.net/qemu/+bug/1453613/+subscriptions

Re: [Qemu-devel] [PULL 18/19] usb: usb-serial QOMify

[Samuel Thibault]

Gerd Hoffmann, le Fri 08 May 2015 13:45:52 +0200, a écrit :
> From: Gonglei 
> 
> Signed-off-by: Gonglei 
> Signed-off-by: Gerd Hoffmann 

Acked-by: Samuel Thibault 
Tested-by: Samuel Thibault 

> ---
>  hw/usb/dev-serial.c | 43 +++
>  1 file changed, 27 insertions(+), 16 deletions(-)
> 
> diff --git a/hw/usb/dev-serial.c b/hw/usb/dev-serial.c
> index 67c2072..6ca3da9 100644
> --- a/hw/usb/dev-serial.c
> +++ b/hw/usb/dev-serial.c
> @@ -103,6 +103,9 @@ typedef struct {
>  CharDriverState *cs;
>  } USBSerialState;
>  
> +#define TYPE_USB_SERIAL "usb-serial-dev"
> +#define USB_SERIAL_DEV(obj) OBJECT_CHECK(USBSerialState, (obj), 
> TYPE_USB_SERIAL)
> +
>  enum {
>  STR_MANUFACTURER = 1,
>  STR_PRODUCT_SERIAL,
> @@ -473,7 +476,7 @@ static void usb_serial_event(void *opaque, int event)
>  
>  static void usb_serial_realize(USBDevice *dev, Error **errp)
>  {
> -USBSerialState *s = DO_UPCAST(USBSerialState, dev, dev);
> +USBSerialState *s = USB_SERIAL_DEV(dev);
>  Error *local_err = NULL;
>  
>  usb_desc_create_serial(dev);
> @@ -576,26 +579,40 @@ static Property serial_properties[] = {
>  DEFINE_PROP_END_OF_LIST(),
>  };
>  
> -static void usb_serial_class_initfn(ObjectClass *klass, void *data)
> +static void usb_serial_dev_class_init(ObjectClass *klass, void *data)
>  {
>  DeviceClass *dc = DEVICE_CLASS(klass);
>  USBDeviceClass *uc = USB_DEVICE_CLASS(klass);
>  
> -uc->realize = usb_serial_realize;
> -uc->product_desc   = "QEMU USB Serial";
> -uc->usb_desc   = &desc_serial;
> +uc->realize= usb_serial_realize;
>  uc->handle_reset   = usb_serial_handle_reset;
>  uc->handle_control = usb_serial_handle_control;
>  uc->handle_data= usb_serial_handle_data;
>  dc->vmsd = &vmstate_usb_serial;
> -dc->props = serial_properties;
>  set_bit(DEVICE_CATEGORY_INPUT, dc->categories);
>  }
>  
> +static const TypeInfo usb_serial_dev_type_info = {
> +.name = TYPE_USB_SERIAL,
> +.parent = TYPE_USB_DEVICE,
> +.instance_size = sizeof(USBSerialState),
> +.abstract = true,
> +.class_init = usb_serial_dev_class_init,
> +};
> +
> +static void usb_serial_class_initfn(ObjectClass *klass, void *data)
> +{
> +DeviceClass *dc = DEVICE_CLASS(klass);
> +USBDeviceClass *uc = USB_DEVICE_CLASS(klass);
> +
> +uc->product_desc   = "QEMU USB Serial";
> +uc->usb_desc   = &desc_serial;
> +dc->props = serial_properties;
> +}
> +
>  static const TypeInfo serial_info = {
>  .name  = "usb-serial",
> -.parent= TYPE_USB_DEVICE,
> -.instance_size = sizeof(USBSerialState),
> +.parent= TYPE_USB_SERIAL,
>  .class_init= usb_serial_class_initfn,
>  };
>  
> @@ -609,26 +626,20 @@ static void usb_braille_class_initfn(ObjectClass 
> *klass, void *data)
>  DeviceClass *dc = DEVICE_CLASS(klass);
>  USBDeviceClass *uc = USB_DEVICE_CLASS(klass);
>  
> -uc->realize= usb_serial_realize;
>  uc->product_desc   = "QEMU USB Braille";
>  uc->usb_desc   = &desc_braille;
> -uc->handle_reset   = usb_serial_handle_reset;
> -uc->handle_control = usb_serial_handle_control;
> -uc->handle_data= usb_serial_handle_data;
> -dc->vmsd = &vmstate_usb_serial;
>  dc->props = braille_properties;
> -set_bit(DEVICE_CATEGORY_INPUT, dc->categories);
>  }
>  
>  static const TypeInfo braille_info = {
>  .name  = "usb-braille",
> -.parent= TYPE_USB_DEVICE,
> -.instance_size = sizeof(USBSerialState),
> +.parent= TYPE_USB_SERIAL,
>  .class_init= usb_braille_class_initfn,
>  };
>  
>  static void usb_serial_register_types(void)
>  {
> +type_register_static(&usb_serial_dev_type_info);
>  type_register_static(&serial_info);
>  usb_legacy_register("usb-serial", "serial", usb_serial_init);
>  type_register_static(&braille_info);
> -- 
> 1.8.3.1
> 

-- 
Samuel
 tohi.cybercable.fr (212.198.0.3) si une personne se reconnait derriere
 cette adresse que ce soit un pirate ou une victime qu'il se manifeste,
 cette personne pourrait bien etre un petit malin
 -+- Fred in NPC : Maman, y a le routeur qui veut me hacker -+-

[Qemu-devel] [PATCH 0/6] ui/cocoa: Fix OSX 10.10 warnings (and drop 10.4 support)

[Peter Maydell]

This patchset fixes a number of new compile warnings when building
on OSX10.10 which were not present on 10.9, which are mostly fixes
to avoid deprecated APIs.

I've chosen to implement some of them by simply dropping the
backward-compatibility support for OSX 10.4. This is basically
a pragmatic decision since I don't think we can support ancient
versions forever, especially when I don't actually have a system
to test compiling them on. (Last time I tried building QEMU on 10.4
it was an insane pain because you had to start by building all
the dependencies and a new compiler too.) I would not be terribly
surprised somebody told me we'd already accidentally broken 10.4
compilation, in fact.

10.5 is the last PPC OSX release so it seems like a reasonable
minimum-version requirement (though I don't have a 10.5 setup
either, so am reliant on people telling me if it breaks.)

This patchset sits on top of my current cocoa.next branch which
you can find here:
https://git.linaro.org/people/peter.maydell/qemu-arm.git cocoa.next

If you have a pre-10.10 system and can test that this patchset
doesn't break compilation that would be nice. (I checked the
Apple documentation's notes about when functions and constants
were first defined, so it should be OK...)

Peter Maydell (6):
  ui/cocoa: Drop tests for CGImageCreateWithImageInRect support
  ui/cocoa: Remove compatibility ifdefs for OSX 10.4
  ui/cocoa: openPanelDidEnd returnCode should be NSInteger, not int
  ui/cocoa: Declare that QemuCocoaAppController implements
NSApplicationDelegate
  ui/cocoa: Don't use NSWindow useOptimizedDrawing on OSX 10.10 and up
  ui/cocoa: Avoid deprecated NSOKButton/NSCancelButton constants

 ui/cocoa.m | 87 ++
 1 file changed, 37 insertions(+), 50 deletions(-)

-- 
2.2.1

[Qemu-devel] [PATCH 6/6] ui/cocoa: Avoid deprecated NSOKButton/NSCancelButton constants

[Peter Maydell]

In OSX 10.10, the NSOKButton and NSCancelButton constants are deprecated
and provoke compiler warnings. Avoid them by using the
NSFileHandlingPanelCancelButton and NSFileHandlingPanelOKButton constants
instead. These are the documented correct constants for the 10.6-and-up
beginSheetModalForWindow API we use. We also use the same method for
the pre-10.6 compatibility code path, but conveniently the constant
values are the same and the constant names have been present since 10.0.
Preferring the constant names that match the non-legacy API makes more
sense anyway.

Signed-off-by: Peter Maydell 
---
 ui/cocoa.m | 10 --
 1 file changed, 8 insertions(+), 2 deletions(-)

diff --git a/ui/cocoa.m b/ui/cocoa.m
index fade0fd..0a51fbc 100644
--- a/ui/cocoa.m
+++ b/ui/cocoa.m
@@ -902,9 +902,15 @@ QemuCocoaView *cocoaView;
 {
 COCOA_DEBUG("QemuCocoaAppController: openPanelDidEnd\n");
 
-if(returnCode == NSCancelButton) {
+/* The NSFileHandlingPanelOKButton/NSFileHandlingPanelCancelButton values 
for
+ * returnCode strictly only apply for the 10.6-and-up 
beginSheetModalForWindow
+ * API. For the legacy pre-10.6 beginSheetForDirectory API they are 
NSOKButton
+ * and NSCancelButton. However conveniently the values are the same.
+ * We use the non-legacy names because the others are deprecated in OSX 
10.10.
+ */
+if (returnCode == NSFileHandlingPanelCancelButton) {
 exit(0);
-} else if(returnCode == NSOKButton) {
+} else if (returnCode == NSFileHandlingPanelOKButton) {
 char *img = (char*)[ [ [ sheet URL ] path ] 
cStringUsingEncoding:NSASCIIStringEncoding];
 
 char **argv = g_new(char *, 4);
-- 
2.2.1

[Qemu-devel] [PATCH 3/6] ui/cocoa: openPanelDidEnd returnCode should be NSInteger, not int

[Peter Maydell]

The type for openPanelDidEnd's returnCode argument should be NSInteger,
not int. This only matters for the OSX 10.5 code path where we pass
the method directly to an OSX function to call.

Signed-off-by: Peter Maydell 
---
 ui/cocoa.m | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/ui/cocoa.m b/ui/cocoa.m
index f6c5fb4..563ea47 100644
--- a/ui/cocoa.m
+++ b/ui/cocoa.m
@@ -787,7 +787,7 @@ QemuCocoaView *cocoaView;
 {
 }
 - (void)startEmulationWithArgc:(int)argc argv:(char**)argv;
-- (void)openPanelDidEnd:(NSOpenPanel *)sheet returnCode:(int)returnCode 
contextInfo:(void *)contextInfo;
+- (void)openPanelDidEnd:(NSOpenPanel *)sheet returnCode:(NSInteger)returnCode 
contextInfo:(void *)contextInfo;
 - (void)doToggleFullScreen:(id)sender;
 - (void)toggleFullScreen:(id)sender;
 - (void)showQEMUDoc:(id)sender;
@@ -890,7 +890,7 @@ QemuCocoaView *cocoaView;
 exit(status);
 }
 
-- (void)openPanelDidEnd:(NSOpenPanel *)sheet returnCode:(int)returnCode 
contextInfo:(void *)contextInfo
+- (void)openPanelDidEnd:(NSOpenPanel *)sheet returnCode:(NSInteger)returnCode 
contextInfo:(void *)contextInfo
 {
 COCOA_DEBUG("QemuCocoaAppController: openPanelDidEnd\n");
 
-- 
2.2.1

[Qemu-devel] [PATCH 5/6] ui/cocoa: Don't use NSWindow useOptimizedDrawing on OSX 10.10 and up

[Peter Maydell]

Starting in OSX 10.10, NSWindow useOptimizedDrawing is deprecated, so
don't use it there.

Signed-off-by: Peter Maydell 
---
 ui/cocoa.m | 5 +
 1 file changed, 5 insertions(+)

diff --git a/ui/cocoa.m b/ui/cocoa.m
index e7b29e0..fade0fd 100644
--- a/ui/cocoa.m
+++ b/ui/cocoa.m
@@ -36,6 +36,9 @@
 #ifndef MAC_OS_X_VERSION_10_6
 #define MAC_OS_X_VERSION_10_6 1060
 #endif
+#ifndef MAC_OS_X_VERSION_10_10
+#define MAC_OS_X_VERSION_10_10 101000
+#endif
 
 
 //#define DEBUG
@@ -824,7 +827,9 @@ QemuCocoaView *cocoaView;
 [normalWindow setAcceptsMouseMovedEvents:YES];
 [normalWindow setTitle:[NSString stringWithFormat:@"QEMU"]];
 [normalWindow setContentView:cocoaView];
+#if (MAC_OS_X_VERSION_MAX_ALLOWED < MAC_OS_X_VERSION_10_10)
 [normalWindow useOptimizedDrawing:YES];
+#endif
 [normalWindow makeKeyAndOrderFront:self];
 [normalWindow center];
 stretch_video = false;
-- 
2.2.1

[Qemu-devel] [PATCH 4/6] ui/cocoa: Declare that QemuCocoaAppController implements NSApplicationDelegate

[Peter Maydell]

Our class QemuCocoaAppController implements the NSApplicationDelegate
interface, and we pass an object of this class to [NSApp setDelegate].
However, we weren't declaring in the class definition that we implemented
this interface; in OSX 10.10 this provokes the following (slighly
misleading) warning:
ui/cocoa.m:1031:24: warning: sending 'QemuCocoaAppController *' to parameter of
  incompatible type 'id'
[NSApp setDelegate:appController];
   ^
/System/Library/Frameworks/Foundation.framework/Headers/NSFileManager.h:109:47:
note: passing argument to parameter 'delegate' here
@property (assign) id  delegate NS_AVAILABLE(10_5,
2_0);
  ^

Annoyingly, this interface wasn't formally defined until OSX 10.6, so we
have to surround the relevant part of the @interface line with an ifdef.

Signed-off-by: Peter Maydell 
---
 ui/cocoa.m | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/ui/cocoa.m b/ui/cocoa.m
index 563ea47..e7b29e0 100644
--- a/ui/cocoa.m
+++ b/ui/cocoa.m
@@ -784,6 +784,9 @@ QemuCocoaView *cocoaView;
  --
 */
 @interface QemuCocoaAppController : NSObject
+#if (MAC_OS_X_VERSION_MAX_ALLOWED >= MAC_OS_X_VERSION_10_6)
+ 
+#endif
 {
 }
 - (void)startEmulationWithArgc:(int)argc argv:(char**)argv;
-- 
2.2.1

[Qemu-devel] [PATCH 2/6] ui/cocoa: Remove compatibility ifdefs for OSX 10.4

[Peter Maydell]

Remove compatibility ifdefs that work around OSX 10.4 not providing
various typedefs and functions.

Signed-off-by: Peter Maydell 
---
 ui/cocoa.m | 17 -
 1 file changed, 17 deletions(-)

diff --git a/ui/cocoa.m b/ui/cocoa.m
index 6e69952..f6c5fb4 100644
--- a/ui/cocoa.m
+++ b/ui/cocoa.m
@@ -30,9 +30,6 @@
 #include "ui/input.h"
 #include "sysemu/sysemu.h"
 
-#ifndef MAC_OS_X_VERSION_10_4
-#define MAC_OS_X_VERSION_10_4 1040
-#endif
 #ifndef MAC_OS_X_VERSION_10_5
 #define MAC_OS_X_VERSION_10_5 1050
 #endif
@@ -376,11 +373,7 @@ QemuCocoaView *cocoaView;
 );
 // selective drawing code (draws only dirty rectangles) (OS X >= 10.4)
 const NSRect *rectList;
-#if (MAC_OS_X_VERSION_MAX_ALLOWED >= MAC_OS_X_VERSION_10_5)
 NSInteger rectCount;
-#else
-int rectCount;
-#endif
 int i;
 CGImageRef clipImageRef;
 CGRect clipRect;
@@ -490,33 +483,25 @@ QemuCocoaView *cocoaView;
 isFullscreen = FALSE;
 [self ungrabMouse];
 [self setContentDimensions];
-// test if host supports "exitFullScreenModeWithOptions" at compile time
-#if (MAC_OS_X_VERSION_MAX_ALLOWED >= MAC_OS_X_VERSION_10_5)
 if ([NSView 
respondsToSelector:@selector(exitFullScreenModeWithOptions:)]) { // test if 
"exitFullScreenModeWithOptions" is supported on host at runtime
 [self exitFullScreenModeWithOptions:nil];
 } else {
-#endif
 [fullScreenWindow close];
 [normalWindow setContentView: self];
 [normalWindow makeKeyAndOrderFront: self];
 [NSMenu setMenuBarVisible:YES];
-#if (MAC_OS_X_VERSION_MAX_ALLOWED >= MAC_OS_X_VERSION_10_5)
 }
-#endif
 } else { // switch from desktop to fullscreen
 isFullscreen = TRUE;
 [normalWindow orderOut: nil]; /* Hide the window */
 [self grabMouse];
 [self setContentDimensions];
-// test if host supports "enterFullScreenMode:withOptions" at compile time
-#if (MAC_OS_X_VERSION_MAX_ALLOWED >= MAC_OS_X_VERSION_10_5)
 if ([NSView 
respondsToSelector:@selector(enterFullScreenMode:withOptions:)]) { // test if 
"enterFullScreenMode:withOptions" is supported on host at runtime
 [self enterFullScreenMode:[NSScreen mainScreen] 
withOptions:[NSDictionary dictionaryWithObjectsAndKeys:
 [NSNumber numberWithBool:NO], NSFullScreenModeAllScreens,
 [NSDictionary dictionaryWithObjectsAndKeys:[NSNumber 
numberWithBool:NO], kCGDisplayModeIsStretched, nil], NSFullScreenModeSetting,
  nil]];
 } else {
-#endif
 [NSMenu setMenuBarVisible:NO];
 fullScreenWindow = [[NSWindow alloc] 
initWithContentRect:[[NSScreen mainScreen] frame]
 styleMask:NSBorderlessWindowMask
@@ -528,9 +513,7 @@ QemuCocoaView *cocoaView;
 [self setFrame:NSMakeRect(cx, cy, cw, ch)];
 [[fullScreenWindow contentView] addSubview: self];
 [fullScreenWindow makeKeyAndOrderFront:self];
-#if (MAC_OS_X_VERSION_MAX_ALLOWED >= MAC_OS_X_VERSION_10_5)
 }
-#endif
 }
 }
 
-- 
2.2.1

[Qemu-devel] [PATCH 1/6] ui/cocoa: Drop tests for CGImageCreateWithImageInRect support

[Peter Maydell]

The code that tries to test at both compiletime and runtime
for whether CGImageCreateWithImageInRect is supported provokes
a compile warning on OSX 10.3:

ui/cocoa.m:378:13: warning: comparison of function 
'CGImageCreateWithImageInRect'
  equal to a null pointer is always false[-Wtautological-pointer-compare]
if (CGImageCreateWithImageInRect == NULL) { // test if 
"CGImageCreateWithImageInRect" is
supported on host at runtime
^~~~

The simplest way to deal with this is just to drop this code,
since we don't in practice support OSX 10.4 anyway. (10.5 was
released in 2007 and is the last PPC version, so is the earliest
we really need to continue to support at all.)

Signed-off-by: Peter Maydell 
---
 ui/cocoa.m | 50 --
 1 file changed, 20 insertions(+), 30 deletions(-)

diff --git a/ui/cocoa.m b/ui/cocoa.m
index d1d29bc..6e69952 100644
--- a/ui/cocoa.m
+++ b/ui/cocoa.m
@@ -374,40 +374,30 @@ QemuCocoaView *cocoaView;
 0, //interpolate
 kCGRenderingIntentDefault //intent
 );
-// test if host supports "CGImageCreateWithImageInRect" at compile time
-#if (MAC_OS_X_VERSION_MAX_ALLOWED >= MAC_OS_X_VERSION_10_4)
-if (CGImageCreateWithImageInRect == NULL) { // test if 
"CGImageCreateWithImageInRect" is supported on host at runtime
-#endif
-// compatibility drawing code (draws everything) (OS X < 10.4)
-CGContextDrawImage (viewContextRef, CGRectMake(0, 0, [self 
bounds].size.width, [self bounds].size.height), imageRef);
-#if (MAC_OS_X_VERSION_MAX_ALLOWED >= MAC_OS_X_VERSION_10_4)
-} else {
-// selective drawing code (draws only dirty rectangles) (OS X >= 
10.4)
-const NSRect *rectList;
+// selective drawing code (draws only dirty rectangles) (OS X >= 10.4)
+const NSRect *rectList;
 #if (MAC_OS_X_VERSION_MAX_ALLOWED >= MAC_OS_X_VERSION_10_5)
-NSInteger rectCount;
+NSInteger rectCount;
 #else
-int rectCount;
+int rectCount;
 #endif
-int i;
-CGImageRef clipImageRef;
-CGRect clipRect;
-
-[self getRectsBeingDrawn:&rectList count:&rectCount];
-for (i = 0; i < rectCount; i++) {
-clipRect.origin.x = rectList[i].origin.x / cdx;
-clipRect.origin.y = (float)screen.height - 
(rectList[i].origin.y + rectList[i].size.height) / cdy;
-clipRect.size.width = rectList[i].size.width / cdx;
-clipRect.size.height = rectList[i].size.height / cdy;
-clipImageRef = CGImageCreateWithImageInRect(
-imageRef,
-clipRect
-);
-CGContextDrawImage (viewContextRef, cgrect(rectList[i]), 
clipImageRef);
-CGImageRelease (clipImageRef);
-}
+int i;
+CGImageRef clipImageRef;
+CGRect clipRect;
+
+[self getRectsBeingDrawn:&rectList count:&rectCount];
+for (i = 0; i < rectCount; i++) {
+clipRect.origin.x = rectList[i].origin.x / cdx;
+clipRect.origin.y = (float)screen.height - (rectList[i].origin.y + 
rectList[i].size.height) / cdy;
+clipRect.size.width = rectList[i].size.width / cdx;
+clipRect.size.height = rectList[i].size.height / cdy;
+clipImageRef = CGImageCreateWithImageInRect(
+imageRef,
+clipRect
+);
+CGContextDrawImage (viewContextRef, cgrect(rectList[i]), 
clipImageRef);
+CGImageRelease (clipImageRef);
 }
-#endif
 CGImageRelease (imageRef);
 }
 }
-- 
2.2.1

Re: [Qemu-devel] [PATCH] ui/cocoa.m: Give laptop users ability to scroll in monitor

[Peter Maydell]

On 16 March 2015 at 14:45, Programmingkid  wrote:
> On Mar 16, 2015, at 10:43 AM, Peter Maydell wrote:
>> On 16 March 2015 at 14:38, Programmingkid  wrote:
>>> On Mar 16, 2015, at 10:00 AM, Peter Maydell wrote:
 On 16 March 2015 at 13:48, Daniel P. Berrange  wrote:
> The docs[1] still refer to fn+up/down as the way to achieve page up/down,
> so perhaps your install has simply lost the shortcut mappings ?

 Works for me on a 2011 MacBook Air running Mavericks, anyway.
>>
>>> Are you saying you are able to scroll up and down in QEMU's monitor
>>> using your MacBook Air's keyboard?
>>
>> I haven't attempted to use the monitor. I'm just saying that
>> on my OSX it does turn those keys into pageup/down.
>
> Please try scrolling in the Monitor. I don't think it will work due
> to missing functionality.

I've now tested again with my not-just-the-laptop setup, and:

 * in the guest OS (I tested with a Linux guest), PageUp/Down
   work OK and work the same whether I use an external USB
   keyboard with a physical PgUp/Down key or the MacBook Air's
   keyboard with Fn+UpArrow/Fn+DownArrow as the chord to
   input pageup/down
 * in the monitor window, neither way of inputting PageUp/Down
   works: all you get is a ',' input into the monitor

So my conclusion is that we should fix the underlying
problem that the monitor isn't handling PgUp/PgDown
correctly (not sure exactly why that's not working yet).

If your particular OSX version really doesn't implement
the Fn+Up/Down == PageUp/Down chord then I think you should
address that at the OSX level, not in QEMU (there are
likely several OSX utilities that will do the job).

thanks
-- PMM

[Qemu-devel] [PATCH 00/10 v10] tilegx: Firstly add tilegx target for linux-user

[Chen Gang]

At present, it can run into glibc _init_malloc(), but cause assertion,
which should be fixed, next.

Since it already has quite a few of code, so send patches firstly, and
next, continue fixing the issue.


Chen Gang (10):
  linux-user: tilegx: Firstly add architecture related features
  linux-user: Support tilegx architecture in linux-user
  linux-user/syscall.c: conditionalize syscalls which are not defined in
tilegx
  target-tilegx: Add opcode basic implementation from Tilera Corporation
  target-tilegx/opcode_tilegx.h: Modify it to fit qemu using
  target-tilegx: Add special register information from Tilera
Corporation
  target-tilegx: Add cpu basic features for linux-user
  target-tilegx: Add helper features for linux-user
  target-tilegx: Generate tcg instructions to execute to _init_malloc in
glib
  target-tilegx: Add TILE-Gx building files

 configure |2 +
 default-configs/tilegx-linux-user.mak |1 +
 include/elf.h |2 +
 linux-user/elfload.c  |   23 +
 linux-user/main.c |  148 ++
 linux-user/syscall.c  |   50 +-
 linux-user/syscall_defs.h |   14 +-
 linux-user/tilegx/syscall.h   |   35 +
 linux-user/tilegx/syscall_nr.h|  278 
 linux-user/tilegx/target_cpu.h|   35 +
 linux-user/tilegx/target_signal.h |   29 +
 linux-user/tilegx/target_structs.h|   48 +
 linux-user/tilegx/termbits.h  |  285 
 target-tilegx/Makefile.objs   |1 +
 target-tilegx/cpu.c   |  143 ++
 target-tilegx/cpu.h   |  156 ++
 target-tilegx/helper.c|   41 +
 target-tilegx/helper.h|3 +
 target-tilegx/opcode_tilegx.h | 1405 
 target-tilegx/spr_def_64.h|  216 +++
 target-tilegx/translate.c | 2889 +
 21 files changed, 5798 insertions(+), 6 deletions(-)
 create mode 100644 default-configs/tilegx-linux-user.mak
 create mode 100644 linux-user/tilegx/syscall.h
 create mode 100644 linux-user/tilegx/syscall_nr.h
 create mode 100644 linux-user/tilegx/target_cpu.h
 create mode 100644 linux-user/tilegx/target_signal.h
 create mode 100644 linux-user/tilegx/target_structs.h
 create mode 100644 linux-user/tilegx/termbits.h
 create mode 100644 target-tilegx/Makefile.objs
 create mode 100644 target-tilegx/cpu.c
 create mode 100644 target-tilegx/cpu.h
 create mode 100644 target-tilegx/helper.c
 create mode 100644 target-tilegx/helper.h
 create mode 100644 target-tilegx/opcode_tilegx.h
 create mode 100644 target-tilegx/spr_def_64.h
 create mode 100644 target-tilegx/translate.c

-- 
1.9.3

[Qemu-devel] [PATCH 01/10 v10] linux-user: tilegx: Firstly add architecture related features

[Chen Gang]

They are based on Linux kernel tilegx architecture for 64 bit binary,
and also based on tilegx ABI reference document, and also reference from
other targets implementations.

Signed-off-by: Chen Gang 
---
 linux-user/tilegx/syscall.h|  35 +
 linux-user/tilegx/syscall_nr.h | 278 
 linux-user/tilegx/target_cpu.h |  35 +
 linux-user/tilegx/target_signal.h  |  29 
 linux-user/tilegx/target_structs.h |  48 +++
 linux-user/tilegx/termbits.h   | 285 +
 6 files changed, 710 insertions(+)
 create mode 100644 linux-user/tilegx/syscall.h
 create mode 100644 linux-user/tilegx/syscall_nr.h
 create mode 100644 linux-user/tilegx/target_cpu.h
 create mode 100644 linux-user/tilegx/target_signal.h
 create mode 100644 linux-user/tilegx/target_structs.h
 create mode 100644 linux-user/tilegx/termbits.h

diff --git a/linux-user/tilegx/syscall.h b/linux-user/tilegx/syscall.h
new file mode 100644
index 000..df55ec7
--- /dev/null
+++ b/linux-user/tilegx/syscall.h
@@ -0,0 +1,35 @@
+#ifndef TILEGX_SYSCALLS_H
+#define TILEGX_SYSCALLS_H
+
+#define UNAME_MACHINE "tilegx"
+#define UNAME_MINIMUM_RELEASE "3.19"
+
+typedef uint64_t tilegx_reg_t;
+
+struct target_pt_regs {
+
+union {
+/* Saved main processor registers; 56..63 are special. */
+tilegx_reg_t regs[56];
+struct {
+tilegx_reg_t __regs[53];
+tilegx_reg_t tp;/* aliases regs[TREG_TP] */
+tilegx_reg_t sp;/* aliases regs[TREG_SP] */
+tilegx_reg_t lr;/* aliases regs[TREG_LR] */
+};
+};
+
+/* Saved special registers. */
+tilegx_reg_t pc;/* stored in EX_CONTEXT_K_0 */
+tilegx_reg_t ex1;   /* stored in EX_CONTEXT_K_1 (PL and ICS bit) */
+tilegx_reg_t faultnum;  /* fault number (INT_SWINT_1 for syscall) */
+tilegx_reg_t orig_r0;   /* r0 at syscall entry, else zero */
+tilegx_reg_t flags; /* flags (see below) */
+tilegx_reg_t cmpexch;   /* value of CMPEXCH_VALUE SPR at interrupt */
+tilegx_reg_t pad[2];
+};
+
+#define TARGET_MLOCKALL_MCL_CURRENT 1
+#define TARGET_MLOCKALL_MCL_FUTURE  2
+
+#endif
diff --git a/linux-user/tilegx/syscall_nr.h b/linux-user/tilegx/syscall_nr.h
new file mode 100644
index 000..8121154
--- /dev/null
+++ b/linux-user/tilegx/syscall_nr.h
@@ -0,0 +1,278 @@
+#ifndef TILEGX_SYSCALL_NR
+#define TILEGX_SYSCALL_NR
+
+/*
+ * Copy from linux kernel asm-generic/unistd.h, which tilegx uses.
+ */
+#define TARGET_NR_io_setup  0
+#define TARGET_NR_io_destroy1
+#define TARGET_NR_io_submit 2
+#define TARGET_NR_io_cancel 3
+#define TARGET_NR_io_getevents  4
+#define TARGET_NR_setxattr  5
+#define TARGET_NR_lsetxattr 6
+#define TARGET_NR_fsetxattr 7
+#define TARGET_NR_getxattr  8
+#define TARGET_NR_lgetxattr 9
+#define TARGET_NR_fgetxattr 10
+#define TARGET_NR_listxattr 11
+#define TARGET_NR_llistxattr12
+#define TARGET_NR_flistxattr13
+#define TARGET_NR_removexattr   14
+#define TARGET_NR_lremovexattr  15
+#define TARGET_NR_fremovexattr  16
+#define TARGET_NR_getcwd17
+#define TARGET_NR_lookup_dcookie18
+#define TARGET_NR_eventfd2  19
+#define TARGET_NR_epoll_create1 20
+#define TARGET_NR_epoll_ctl 21
+#define TARGET_NR_epoll_pwait   22
+#define TARGET_NR_dup   23
+#define TARGET_NR_dup3  24
+#define TARGET_NR_fcntl 25
+#define TARGET_NR_inotify_init1 26
+#define TARGET_NR_inotify_add_watch 27
+#define TARGET_NR_inotify_rm_watch  28
+#define TARGET_NR_ioctl 29
+#define TARGET_NR_ioprio_set30
+#define TARGET_NR_ioprio_get31
+#define TARGET_NR_flock 32
+#define TARGET_NR_mknodat   33
+#define TARGET_NR_mkdirat   34
+#define TARGET_NR_unlinkat  35
+#define TARGET_NR_symlinkat 36
+#define TARGET_NR_linkat37
+#define TARGET_NR_renameat  38
+#define TARGET_NR_umount2   39
+#define TARGET_NR_mount 40
+#define TARGET_NR_pivot_root41
+#define TARGET_NR_nfsservctl42
+#define TARGET_NR_statfs43
+#define TARGET_NR_fstatfs   44
+#define TARGET_NR_truncate  45
+#define TARGET_NR_ftruncate 46
+#define TARG

[Qemu-devel] [PATCH 02/10 v10] linux-user: Support tilegx architecture in linux-user

[Chen Gang]

Add main working flow feature, system call processing feature, and elf64
tilegx binary loading feature, based on Linux kernel tilegx 64-bit
implementation.

Signed-off-by: Chen Gang 
---
 include/elf.h |   2 +
 linux-user/elfload.c  |  23 +++
 linux-user/main.c | 148 ++
 linux-user/syscall_defs.h |  14 +++--
 4 files changed, 182 insertions(+), 5 deletions(-)

diff --git a/include/elf.h b/include/elf.h
index 3e75f05..154144e 100644
--- a/include/elf.h
+++ b/include/elf.h
@@ -133,6 +133,8 @@ typedef int64_t  Elf64_Sxword;
 
 #define EM_AARCH64  183
 
+#define EM_TILEGX   191 /* TILE-Gx */
+
 /* This is the info that is needed to parse the dynamic section of the file */
 #define DT_NULL0
 #define DT_NEEDED  1
diff --git a/linux-user/elfload.c b/linux-user/elfload.c
index 0ba9706..fbf9212 100644
--- a/linux-user/elfload.c
+++ b/linux-user/elfload.c
@@ -1189,6 +1189,29 @@ static inline void init_thread(struct target_pt_regs 
*regs, struct image_info *i
 
 #endif /* TARGET_S390X */
 
+#ifdef TARGET_TILEGX
+
+/* 42 bits real used address, a half for user mode */
+#define ELF_START_MMAP (0x00200ULL)
+
+#define elf_check_arch(x) ((x) == EM_TILEGX)
+
+#define ELF_CLASS   ELFCLASS64
+#define ELF_DATAELFDATA2LSB
+#define ELF_ARCHEM_TILEGX
+
+static inline void init_thread(struct target_pt_regs *regs,
+   struct image_info *infop)
+{
+regs->pc = infop->entry;
+regs->sp = infop->start_stack;
+
+}
+
+#define ELF_EXEC_PAGESIZE65536 /* TILE-Gx page size is 64KB */
+
+#endif /* TARGET_TILEGX */
+
 #ifndef ELF_PLATFORM
 #define ELF_PLATFORM (NULL)
 #endif
diff --git a/linux-user/main.c b/linux-user/main.c
index 3f32db0..38fa01c 100644
--- a/linux-user/main.c
+++ b/linux-user/main.c
@@ -3416,6 +3416,143 @@ void cpu_loop(CPUS390XState *env)
 
 #endif /* TARGET_S390X */
 
+#ifdef TARGET_TILEGX
+
+static uint64_t get_regval(CPUTLGState *env, uint8_t reg)
+{
+if (likely(reg < TILEGX_R_COUNT)) {
+return env->regs[reg];
+} else if (reg != TILEGX_R_ZERO) {
+fprintf(stderr, "invalid register r%d for reading.\n", reg);
+g_assert_not_reached();
+}
+return 0;
+}
+
+static void set_regval(CPUTLGState *env, uint8_t reg, uint64_t val)
+{
+if (likely(reg < TILEGX_R_COUNT)) {
+env->regs[reg] = val;
+} else if (reg != TILEGX_R_ZERO) {
+fprintf(stderr, "invalid register r%d for writing.\n", reg);
+g_assert_not_reached();
+}
+}
+
+/*
+ * Compare the 8-byte contents of the CmpValue SPR with the 8-byte value in
+ * memory at the address held in the first source register. If the values are
+ * not equal, then no memory operation is performed. If the values are equal,
+ * the 8-byte quantity from the second source register is written into memory
+ * at the address held in the first source register. In either case, the result
+ * of the instruc- tion is the value read from memory. The compare and write to
+ * memory are atomic and thus can be used for synchronization purposes. This
+ * instruction only operates for addresses aligned to a 8-byte boundary.
+ * Unaligned memory access causes an Unaligned Data Reference interrupt.
+ *
+ * Functional Description (64-bit)
+ *   uint64_t memVal = memoryReadDoubleWord (rf[SrcA]);
+ *   rf[Dest] = memVal;
+ *   if (memVal == SPR[CmpValueSPR])
+ *   memoryWriteDoubleWord (rf[SrcA], rf[SrcB]);
+ *
+ * Functional Description (32-bit)
+ *   uint64_t memVal = signExtend32 (memoryReadWord (rf[SrcA]));
+ *   rf[Dest] = memVal;
+ *   if (memVal == signExtend32 (SPR[CmpValueSPR]))
+ *   memoryWriteWord (rf[SrcA], rf[SrcB]);
+ *
+ *
+ * For exch(4), will no cmp spr.
+ */
+static void do_exch(CPUTLGState *env, int8_t quad, int8_t cmp)
+{
+uint8_t rdst, rsrc, rsrcb;
+target_ulong addr, tmp;
+target_long val, sprval;
+target_siginfo_t info;
+
+start_exclusive();
+
+rdst = (env->cmpexch >> 16) & 0xff;
+rsrc = (env->cmpexch >> 8) & 0xff;
+rsrcb = env->cmpexch & 0xff;
+
+addr = get_regval(env, rsrc);
+if (quad ? get_user_s64(val, addr) : get_user_s32(val, addr)) {
+goto do_sigsegv;
+}
+tmp = (target_ulong)val;  /* rdst may be the same to rsrcb, so buffer it */
+
+if (cmp) {
+if (quad) {
+sprval = (target_long)env->spregs[TILEGX_SPR_CMPEXCH];
+} else {
+sprval = (int32_t)(env->spregs[TILEGX_SPR_CMPEXCH] & 0x);
+}
+}
+
+if (!cmp || val == sprval) {
+val = get_regval(env, rsrcb);
+if (quad ? put_user_u64(val, addr) : put_user_u32(val, addr)) {
+goto do_sigsegv;
+}
+}
+
+set_regval(env, rdst, tmp);
+
+end_exclusive();
+return;
+
+do_sigsegv:
+end_exclusive();
+
+info.si_signo = TARGET_SIGSEGV;
+info.si_errno = 0;
+info.si_code = TARGET_SEGV_MAPERR;
+info._sifields._si

[Qemu-devel] [PATCH 03/10 v10] linux-user/syscall.c: Conditionalize syscalls which are not defined in tilegx

[Chen Gang]

Some of architectures (e.g. tilegx), several syscall macros are not
supported, so switch them.

Signed-off-by: Chen Gang 
---
 linux-user/syscall.c | 50 +-
 1 file changed, 49 insertions(+), 1 deletion(-)

diff --git a/linux-user/syscall.c b/linux-user/syscall.c
index 1622ad6..a503673 100644
--- a/linux-user/syscall.c
+++ b/linux-user/syscall.c
@@ -213,7 +213,7 @@ static int gettid(void) {
 return -ENOSYS;
 }
 #endif
-#ifdef __NR_getdents
+#if defined(TARGET_NR_getdents) && defined(__NR_getdents)
 _syscall3(int, sys_getdents, uint, fd, struct linux_dirent *, dirp, uint, 
count);
 #endif
 #if !defined(__NR_getdents) || \
@@ -5581,6 +5581,7 @@ abi_long do_syscall(void *cpu_env, int num, abi_long arg1,
 ret = get_errno(write(arg1, p, arg3));
 unlock_user(p, arg2, 0);
 break;
+#ifdef TARGET_NR_open
 case TARGET_NR_open:
 if (!(p = lock_user_string(arg1)))
 goto efault;
@@ -5589,6 +5590,7 @@ abi_long do_syscall(void *cpu_env, int num, abi_long arg1,
   arg3));
 unlock_user(p, arg1, 0);
 break;
+#endif
 case TARGET_NR_openat:
 if (!(p = lock_user_string(arg2)))
 goto efault;
@@ -5603,9 +5605,11 @@ abi_long do_syscall(void *cpu_env, int num, abi_long 
arg1,
 case TARGET_NR_brk:
 ret = do_brk(arg1);
 break;
+#ifdef TARGET_NR_fork
 case TARGET_NR_fork:
 ret = get_errno(do_fork(cpu_env, SIGCHLD, 0, 0, 0, 0));
 break;
+#endif
 #ifdef TARGET_NR_waitpid
 case TARGET_NR_waitpid:
 {
@@ -5640,6 +5644,7 @@ abi_long do_syscall(void *cpu_env, int num, abi_long arg1,
 unlock_user(p, arg1, 0);
 break;
 #endif
+#ifdef TARGET_NR_link
 case TARGET_NR_link:
 {
 void * p2;
@@ -5653,6 +5658,7 @@ abi_long do_syscall(void *cpu_env, int num, abi_long arg1,
 unlock_user(p, arg1, 0);
 }
 break;
+#endif
 #if defined(TARGET_NR_linkat)
 case TARGET_NR_linkat:
 {
@@ -5670,12 +5676,14 @@ abi_long do_syscall(void *cpu_env, int num, abi_long 
arg1,
 }
 break;
 #endif
+#ifdef TARGET_NR_unlink
 case TARGET_NR_unlink:
 if (!(p = lock_user_string(arg1)))
 goto efault;
 ret = get_errno(unlink(p));
 unlock_user(p, arg1, 0);
 break;
+#endif
 #if defined(TARGET_NR_unlinkat)
 case TARGET_NR_unlinkat:
 if (!(p = lock_user_string(arg2)))
@@ -5792,12 +5800,14 @@ abi_long do_syscall(void *cpu_env, int num, abi_long 
arg1,
 }
 break;
 #endif
+#ifdef TARGET_NR_mknod
 case TARGET_NR_mknod:
 if (!(p = lock_user_string(arg1)))
 goto efault;
 ret = get_errno(mknod(p, arg2, arg3));
 unlock_user(p, arg1, 0);
 break;
+#endif
 #if defined(TARGET_NR_mknodat)
 case TARGET_NR_mknodat:
 if (!(p = lock_user_string(arg2)))
@@ -5806,12 +5816,14 @@ abi_long do_syscall(void *cpu_env, int num, abi_long 
arg1,
 unlock_user(p, arg2, 0);
 break;
 #endif
+#ifdef TARGET_NR_chmod
 case TARGET_NR_chmod:
 if (!(p = lock_user_string(arg1)))
 goto efault;
 ret = get_errno(chmod(p, arg2));
 unlock_user(p, arg1, 0);
 break;
+#endif
 #ifdef TARGET_NR_break
 case TARGET_NR_break:
 goto unimplemented;
@@ -5946,6 +5958,7 @@ abi_long do_syscall(void *cpu_env, int num, abi_long arg1,
 }
 break;
 #endif
+#ifdef TARGET_NR_utimes
 case TARGET_NR_utimes:
 {
 struct timeval *tvp, tv[2];
@@ -5964,6 +5977,7 @@ abi_long do_syscall(void *cpu_env, int num, abi_long arg1,
 unlock_user(p, arg1, 0);
 }
 break;
+#endif
 #if defined(TARGET_NR_futimesat)
 case TARGET_NR_futimesat:
 {
@@ -5992,12 +6006,14 @@ abi_long do_syscall(void *cpu_env, int num, abi_long 
arg1,
 case TARGET_NR_gtty:
 goto unimplemented;
 #endif
+#ifdef TARGET_NR_access
 case TARGET_NR_access:
 if (!(p = lock_user_string(arg1)))
 goto efault;
 ret = get_errno(access(path(p), arg2));
 unlock_user(p, arg1, 0);
 break;
+#endif
 #if defined(TARGET_NR_faccessat) && defined(__NR_faccessat)
 case TARGET_NR_faccessat:
 if (!(p = lock_user_string(arg2)))
@@ -6022,6 +6038,7 @@ abi_long do_syscall(void *cpu_env, int num, abi_long arg1,
 case TARGET_NR_kill:
 ret = get_errno(kill(arg1, target_to_host_signal(arg2)));
 break;
+#ifdef TARGET_NR_rename
 case TARGET_NR_rename:
 {
 void *p2;
@@ -6035,6 +6052,7 @@ abi_long do_syscall(void *cpu_env, int num, abi_long arg1,
 unlock_user(p, arg1, 0);
 }
 break;
+#endif
 #if defined(TARGET_NR_renameat)
 case TARGET_NR_renameat:
 {
@@ -6050,12 +6068,14 @@ abi_long do_syscall(void *cpu_env, int num, abi_long 
arg1,
 }
 break;
 #endif
+#ifdef TAR

[Qemu-devel] [PATCH 04/10 v10] target-tilegx: Add opcode basic implementation from Tilera Corporation

[Chen Gang]

It is copied from Linux kernel "arch/tile/include/uapi/arch/
opcode_tilegx.h".

Signed-off-by: Chen Gang 
---
 target-tilegx/opcode_tilegx.h | 1406 +
 1 file changed, 1406 insertions(+)
 create mode 100644 target-tilegx/opcode_tilegx.h

diff --git a/target-tilegx/opcode_tilegx.h b/target-tilegx/opcode_tilegx.h
new file mode 100644
index 000..d76ff2d
--- /dev/null
+++ b/target-tilegx/opcode_tilegx.h
@@ -0,0 +1,1406 @@
+/* TILE-Gx opcode information.
+ *
+ * Copyright 2011 Tilera Corporation. All Rights Reserved.
+ *
+ *   This program is free software; you can redistribute it and/or
+ *   modify it under the terms of the GNU General Public License
+ *   as published by the Free Software Foundation, version 2.
+ *
+ *   This program is distributed in the hope that it will be useful, but
+ *   WITHOUT ANY WARRANTY; without even the implied warranty of
+ *   MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE, GOOD TITLE or
+ *   NON INFRINGEMENT.  See the GNU General Public License for
+ *   more details.
+ *
+ *
+ *
+ *
+ *
+ */
+
+#ifndef __ARCH_OPCODE_H__
+#define __ARCH_OPCODE_H__
+
+#ifndef __ASSEMBLER__
+
+typedef unsigned long long tilegx_bundle_bits;
+
+/* These are the bits that determine if a bundle is in the X encoding. */
+#define TILEGX_BUNDLE_MODE_MASK ((tilegx_bundle_bits)3 << 62)
+
+enum
+{
+  /* Maximum number of instructions in a bundle (2 for X, 3 for Y). */
+  TILEGX_MAX_INSTRUCTIONS_PER_BUNDLE = 3,
+
+  /* How many different pipeline encodings are there? X0, X1, Y0, Y1, Y2. */
+  TILEGX_NUM_PIPELINE_ENCODINGS = 5,
+
+  /* Log base 2 of TILEGX_BUNDLE_SIZE_IN_BYTES. */
+  TILEGX_LOG2_BUNDLE_SIZE_IN_BYTES = 3,
+
+  /* Instructions take this many bytes. */
+  TILEGX_BUNDLE_SIZE_IN_BYTES = 1 << TILEGX_LOG2_BUNDLE_SIZE_IN_BYTES,
+
+  /* Log base 2 of TILEGX_BUNDLE_ALIGNMENT_IN_BYTES. */
+  TILEGX_LOG2_BUNDLE_ALIGNMENT_IN_BYTES = 3,
+
+  /* Bundles should be aligned modulo this number of bytes. */
+  TILEGX_BUNDLE_ALIGNMENT_IN_BYTES =
+(1 << TILEGX_LOG2_BUNDLE_ALIGNMENT_IN_BYTES),
+
+  /* Number of registers (some are magic, such as network I/O). */
+  TILEGX_NUM_REGISTERS = 64,
+};
+
+/* Make a few "tile_" variables to simplify common code between
+   architectures.  */
+
+typedef tilegx_bundle_bits tile_bundle_bits;
+#define TILE_BUNDLE_SIZE_IN_BYTES TILEGX_BUNDLE_SIZE_IN_BYTES
+#define TILE_BUNDLE_ALIGNMENT_IN_BYTES TILEGX_BUNDLE_ALIGNMENT_IN_BYTES
+#define TILE_LOG2_BUNDLE_ALIGNMENT_IN_BYTES \
+  TILEGX_LOG2_BUNDLE_ALIGNMENT_IN_BYTES
+#define TILE_BPT_BUNDLE TILEGX_BPT_BUNDLE
+
+/* 64-bit pattern for a { bpt ; nop } bundle. */
+#define TILEGX_BPT_BUNDLE 0x286a44ae51485000ULL
+
+static __inline unsigned int
+get_BFEnd_X0(tilegx_bundle_bits num)
+{
+  const unsigned int n = (unsigned int)num;
+  return (((n >> 12)) & 0x3f);
+}
+
+static __inline unsigned int
+get_BFOpcodeExtension_X0(tilegx_bundle_bits num)
+{
+  const unsigned int n = (unsigned int)num;
+  return (((n >> 24)) & 0xf);
+}
+
+static __inline unsigned int
+get_BFStart_X0(tilegx_bundle_bits num)
+{
+  const unsigned int n = (unsigned int)num;
+  return (((n >> 18)) & 0x3f);
+}
+
+static __inline unsigned int
+get_BrOff_X1(tilegx_bundle_bits n)
+{
+  return (((unsigned int)(n >> 31)) & 0x003f) |
+ (((unsigned int)(n >> 37)) & 0x0001ffc0);
+}
+
+static __inline unsigned int
+get_BrType_X1(tilegx_bundle_bits n)
+{
+  return (((unsigned int)(n >> 54)) & 0x1f);
+}
+
+static __inline unsigned int
+get_Dest_Imm8_X1(tilegx_bundle_bits n)
+{
+  return (((unsigned int)(n >> 31)) & 0x003f) |
+ (((unsigned int)(n >> 43)) & 0x00c0);
+}
+
+static __inline unsigned int
+get_Dest_X0(tilegx_bundle_bits num)
+{
+  const unsigned int n = (unsigned int)num;
+  return (((n >> 0)) & 0x3f);
+}
+
+static __inline unsigned int
+get_Dest_X1(tilegx_bundle_bits n)
+{
+  return (((unsigned int)(n >> 31)) & 0x3f);
+}
+
+static __inline unsigned int
+get_Dest_Y0(tilegx_bundle_bits num)
+{
+  const unsigned int n = (unsigned int)num;
+  return (((n >> 0)) & 0x3f);
+}
+
+static __inline unsigned int
+get_Dest_Y1(tilegx_bundle_bits n)
+{
+  return (((unsigned int)(n >> 31)) & 0x3f);
+}
+
+static __inline unsigned int
+get_Imm16_X0(tilegx_bundle_bits num)
+{
+  const unsigned int n = (unsigned int)num;
+  return (((n >> 12)) & 0x);
+}
+
+static __inline unsigned int
+get_Imm16_X1(tilegx_bundle_bits n)
+{
+  return (((unsigned int)(n >> 43)) & 0x);
+}
+
+static __inline unsigned int
+get_Imm8OpcodeExtension_X0(tilegx_bundle_bits num)
+{
+  const unsigned int n = (unsigned int)num;
+  return (((n >> 20)) & 0xff);
+}
+
+static __inline unsigned int
+get_Imm8OpcodeExtension_X1(tilegx_bundle_bits n)
+{
+  return (((unsigned int)(n >> 51)) & 0xff);
+}
+
+static __inline unsigned int
+get_Imm8_X0(tilegx_bundle_bits num)
+{
+  const unsigned int n = (unsigned int)num;
+  return (((n >> 12)) & 0xff);
+}
+
+static __inline unsigned int
+get_Imm8_X1(tilegx_bundle_bits n)
+{
+  return (((unsign

[Qemu-devel] [PATCH 06/10 v10] target-tilegx: Add special register information from Tilera Corporation

[Chen Gang]

The related copy is from Linux kernel "arch/tile/include/uapi/arch/
spr_def_64.h".

Signed-off-by: Chen Gang 
---
 target-tilegx/spr_def_64.h | 216 +
 1 file changed, 216 insertions(+)
 create mode 100644 target-tilegx/spr_def_64.h

diff --git a/target-tilegx/spr_def_64.h b/target-tilegx/spr_def_64.h
new file mode 100644
index 000..67a6c17
--- /dev/null
+++ b/target-tilegx/spr_def_64.h
@@ -0,0 +1,216 @@
+/*
+ * Copyright 2011 Tilera Corporation. All Rights Reserved.
+ *
+ *   This program is free software; you can redistribute it and/or
+ *   modify it under the terms of the GNU General Public License
+ *   as published by the Free Software Foundation, version 2.
+ *
+ *   This program is distributed in the hope that it will be useful, but
+ *   WITHOUT ANY WARRANTY; without even the implied warranty of
+ *   MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE, GOOD TITLE or
+ *   NON INFRINGEMENT.  See the GNU General Public License for
+ *   more details.
+ */
+
+#ifndef __DOXYGEN__
+
+#ifndef __ARCH_SPR_DEF_64_H__
+#define __ARCH_SPR_DEF_64_H__
+
+#define SPR_AUX_PERF_COUNT_0 0x2105
+#define SPR_AUX_PERF_COUNT_1 0x2106
+#define SPR_AUX_PERF_COUNT_CTL 0x2107
+#define SPR_AUX_PERF_COUNT_STS 0x2108
+#define SPR_CMPEXCH_VALUE 0x2780
+#define SPR_CYCLE 0x2781
+#define SPR_DONE 0x2705
+#define SPR_DSTREAM_PF 0x2706
+#define SPR_EVENT_BEGIN 0x2782
+#define SPR_EVENT_END 0x2783
+#define SPR_EX_CONTEXT_0_0 0x2580
+#define SPR_EX_CONTEXT_0_1 0x2581
+#define SPR_EX_CONTEXT_0_1__PL_SHIFT 0
+#define SPR_EX_CONTEXT_0_1__PL_RMASK 0x3
+#define SPR_EX_CONTEXT_0_1__PL_MASK  0x3
+#define SPR_EX_CONTEXT_0_1__ICS_SHIFT 2
+#define SPR_EX_CONTEXT_0_1__ICS_RMASK 0x1
+#define SPR_EX_CONTEXT_0_1__ICS_MASK  0x4
+#define SPR_EX_CONTEXT_1_0 0x2480
+#define SPR_EX_CONTEXT_1_1 0x2481
+#define SPR_EX_CONTEXT_1_1__PL_SHIFT 0
+#define SPR_EX_CONTEXT_1_1__PL_RMASK 0x3
+#define SPR_EX_CONTEXT_1_1__PL_MASK  0x3
+#define SPR_EX_CONTEXT_1_1__ICS_SHIFT 2
+#define SPR_EX_CONTEXT_1_1__ICS_RMASK 0x1
+#define SPR_EX_CONTEXT_1_1__ICS_MASK  0x4
+#define SPR_EX_CONTEXT_2_0 0x2380
+#define SPR_EX_CONTEXT_2_1 0x2381
+#define SPR_EX_CONTEXT_2_1__PL_SHIFT 0
+#define SPR_EX_CONTEXT_2_1__PL_RMASK 0x3
+#define SPR_EX_CONTEXT_2_1__PL_MASK  0x3
+#define SPR_EX_CONTEXT_2_1__ICS_SHIFT 2
+#define SPR_EX_CONTEXT_2_1__ICS_RMASK 0x1
+#define SPR_EX_CONTEXT_2_1__ICS_MASK  0x4
+#define SPR_FAIL 0x2707
+#define SPR_IDN_AVAIL_EN 0x1a05
+#define SPR_IDN_DATA_AVAIL 0x0a80
+#define SPR_IDN_DEADLOCK_TIMEOUT 0x1806
+#define SPR_IDN_DEMUX_COUNT_0 0x0a05
+#define SPR_IDN_DEMUX_COUNT_1 0x0a06
+#define SPR_IDN_DIRECTION_PROTECT 0x1405
+#define SPR_IDN_PENDING 0x0a08
+#define SPR_ILL_TRANS_REASON__I_STREAM_VA_RMASK 0x1
+#define SPR_INTCTRL_0_STATUS 0x2505
+#define SPR_INTCTRL_1_STATUS 0x2405
+#define SPR_INTCTRL_2_STATUS 0x2305
+#define SPR_INTERRUPT_CRITICAL_SECTION 0x2708
+#define SPR_INTERRUPT_MASK_0 0x2506
+#define SPR_INTERRUPT_MASK_1 0x2406
+#define SPR_INTERRUPT_MASK_2 0x2306
+#define SPR_INTERRUPT_MASK_RESET_0 0x2507
+#define SPR_INTERRUPT_MASK_RESET_1 0x2407
+#define SPR_INTERRUPT_MASK_RESET_2 0x2307
+#define SPR_INTERRUPT_MASK_SET_0 0x2508
+#define SPR_INTERRUPT_MASK_SET_1 0x2408
+#define SPR_INTERRUPT_MASK_SET_2 0x2308
+#define SPR_INTERRUPT_VECTOR_BASE_0 0x2509
+#define SPR_INTERRUPT_VECTOR_BASE_1 0x2409
+#define SPR_INTERRUPT_VECTOR_BASE_2 0x2309
+#define SPR_INTERRUPT_VECTOR_BASE_3 0x2209
+#define SPR_IPI_EVENT_0 0x1f05
+#define SPR_IPI_EVENT_1 0x1e05
+#define SPR_IPI_EVENT_2 0x1d05
+#define SPR_IPI_EVENT_RESET_0 0x1f06
+#define SPR_IPI_EVENT_RESET_1 0x1e06
+#define SPR_IPI_EVENT_RESET_2 0x1d06
+#define SPR_IPI_EVENT_SET_0 0x1f07
+#define SPR_IPI_EVENT_SET_1 0x1e07
+#define SPR_IPI_EVENT_SET_2 0x1d07
+#define SPR_IPI_MASK_0 0x1f08
+#define SPR_IPI_MASK_1 0x1e08
+#define SPR_IPI_MASK_2 0x1d08
+#define SPR_IPI_MASK_RESET_0 0x1f09
+#define SPR_IPI_MASK_RESET_1 0x1e09
+#define SPR_IPI_MASK_RESET_2 0x1d09
+#define SPR_IPI_MASK_SET_0 0x1f0a
+#define SPR_IPI_MASK_SET_1 0x1e0a
+#define SPR_IPI_MASK_SET_2 0x1d0a
+#define SPR_MPL_AUX_PERF_COUNT_SET_0 0x2100
+#define SPR_MPL_AUX_PERF_COUNT_SET_1 0x2101
+#define SPR_MPL_AUX_PERF_COUNT_SET_2 0x2102
+#define SPR_MPL_AUX_TILE_TIMER_SET_0 0x1700
+#define SPR_MPL_AUX_TILE_TIMER_SET_1 0x1701
+#define SPR_MPL_AUX_TILE_TIMER_SET_2 0x1702
+#define SPR_MPL_IDN_ACCESS_SET_0 0x0a00
+#define SPR_MPL_IDN_ACCESS_SET_1 0x0a01
+#define SPR_MPL_IDN_ACCESS_SET_2 0x0a02
+#define SPR_MPL_IDN_AVAIL_SET_0 0x1a00
+#define SPR_MPL_IDN_AVAIL_SET_1 0x1a01
+#define SPR_MPL_IDN_AVAIL_SET_2 0x1a02
+#define SPR_MPL_IDN_COMPLETE_SET_0 0x0500
+#define SPR_MPL_IDN_COMPLETE_SET_1 0x0501
+#define SPR_MPL_IDN_COMPLETE_SET_2 0x0502
+#define SPR_MPL_IDN_FIREWALL_SET_0 0x1400
+#define SPR_MPL_IDN_FIREWALL_SET_1 0x1401
+#define SPR_MPL_IDN_FIREWALL_SET_2 0x1402
+#define SPR_MPL_IDN_TIMER_SET_0 0x1800
+#define SPR_MPL_IDN_TIMER_SET_1 0x1801
+#define SPR_MPL_IDN_TIMER_SET_2 0x1802
+#define SPR_MPL_INTCTRL_0_SET_0 0x2500

[Qemu-devel] [PATCH 07/10 v10] target-tilegx: Add cpu basic features for linux-user

[Chen Gang]

It implements minimized cpu features for linux-user.

Signed-off-by: Chen Gang 
---
 target-tilegx/cpu.c | 143 +++
 target-tilegx/cpu.h | 156 
 2 files changed, 299 insertions(+)
 create mode 100644 target-tilegx/cpu.c
 create mode 100644 target-tilegx/cpu.h

diff --git a/target-tilegx/cpu.c b/target-tilegx/cpu.c
new file mode 100644
index 000..663fcb6
--- /dev/null
+++ b/target-tilegx/cpu.c
@@ -0,0 +1,143 @@
+/*
+ * QEMU TILE-Gx CPU
+ *
+ *  Copyright (c) 2015 Chen Gang
+ *
+ * This library is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public
+ * License as published by the Free Software Foundation; either
+ * version 2.1 of the License, or (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this library; if not, see
+ * 
+ */
+
+#include "cpu.h"
+#include "qemu-common.h"
+#include "hw/qdev-properties.h"
+#include "migration/vmstate.h"
+
+TileGXCPU *cpu_tilegx_init(const char *cpu_model)
+{
+TileGXCPU *cpu;
+
+cpu = TILEGX_CPU(object_new(TYPE_TILEGX_CPU));
+
+object_property_set_bool(OBJECT(cpu), true, "realized", NULL);
+
+return cpu;
+}
+
+static void tilegx_cpu_set_pc(CPUState *cs, vaddr value)
+{
+TileGXCPU *cpu = TILEGX_CPU(cs);
+
+cpu->env.pc = value;
+}
+
+static bool tilegx_cpu_has_work(CPUState *cs)
+{
+return true;
+}
+
+static void tilegx_cpu_reset(CPUState *s)
+{
+TileGXCPU *cpu = TILEGX_CPU(s);
+TileGXCPUClass *tcc = TILEGX_CPU_GET_CLASS(cpu);
+CPUTLGState *env = &cpu->env;
+
+tcc->parent_reset(s);
+
+memset(env, 0, sizeof(CPUTLGState));
+tlb_flush(s, 1);
+}
+
+static void tilegx_cpu_realizefn(DeviceState *dev, Error **errp)
+{
+CPUState *cs = CPU(dev);
+TileGXCPUClass *tcc = TILEGX_CPU_GET_CLASS(dev);
+
+cpu_reset(cs);
+qemu_init_vcpu(cs);
+
+tcc->parent_realize(dev, errp);
+}
+
+static void tilegx_cpu_initfn(Object *obj)
+{
+CPUState *cs = CPU(obj);
+TileGXCPU *cpu = TILEGX_CPU(obj);
+CPUTLGState *env = &cpu->env;
+static bool tcg_initialized;
+
+cs->env_ptr = env;
+cpu_exec_init(env);
+
+if (tcg_enabled() && !tcg_initialized) {
+tcg_initialized = true;
+tilegx_tcg_init();
+}
+}
+
+static void tilegx_cpu_do_interrupt(CPUState *cs)
+{
+cs->exception_index = -1;
+}
+
+static int tilegx_cpu_handle_mmu_fault(CPUState *cs, vaddr address, int rw,
+   int mmu_idx)
+{
+cpu_dump_state(cs, stderr, fprintf, 0);
+return 1;
+}
+
+static bool tilegx_cpu_exec_interrupt(CPUState *cs, int interrupt_request)
+{
+if (interrupt_request & CPU_INTERRUPT_HARD) {
+tilegx_cpu_do_interrupt(cs);
+return true;
+}
+return false;
+}
+
+static void tilegx_cpu_class_init(ObjectClass *oc, void *data)
+{
+DeviceClass *dc = DEVICE_CLASS(oc);
+CPUClass *cc = CPU_CLASS(oc);
+TileGXCPUClass *tcc = TILEGX_CPU_CLASS(oc);
+
+tcc->parent_realize = dc->realize;
+dc->realize = tilegx_cpu_realizefn;
+
+tcc->parent_reset = cc->reset;
+cc->reset = tilegx_cpu_reset;
+
+cc->has_work = tilegx_cpu_has_work;
+cc->do_interrupt = tilegx_cpu_do_interrupt;
+cc->cpu_exec_interrupt = tilegx_cpu_exec_interrupt;
+cc->set_pc = tilegx_cpu_set_pc;
+cc->handle_mmu_fault = tilegx_cpu_handle_mmu_fault;
+cc->gdb_num_core_regs = 0;
+}
+
+static const TypeInfo tilegx_cpu_type_info = {
+.name = TYPE_TILEGX_CPU,
+.parent = TYPE_CPU,
+.instance_size = sizeof(TileGXCPU),
+.instance_init = tilegx_cpu_initfn,
+.class_size = sizeof(TileGXCPUClass),
+.class_init = tilegx_cpu_class_init,
+};
+
+static void tilegx_cpu_register_types(void)
+{
+type_register_static(&tilegx_cpu_type_info);
+}
+
+type_init(tilegx_cpu_register_types)
diff --git a/target-tilegx/cpu.h b/target-tilegx/cpu.h
new file mode 100644
index 000..30f1828
--- /dev/null
+++ b/target-tilegx/cpu.h
@@ -0,0 +1,156 @@
+/*
+ *  TILE-Gx virtual CPU header
+ *
+ *  Copyright (c) 2015 Chen Gang
+ *
+ * This library is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public
+ * License as published by the Free Software Foundation; either
+ * version 2 of the License, or (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+ * General Public License for more details

[Qemu-devel] [PATCH 08/10 v10] target-tilegx: Add helper features for linux-user

[Chen Gang]

Add several helpers for translation.

Signed-off-by: Chen Gang 
---
 target-tilegx/helper.c | 41 +
 target-tilegx/helper.h |  3 +++
 2 files changed, 44 insertions(+)
 create mode 100644 target-tilegx/helper.c
 create mode 100644 target-tilegx/helper.h

diff --git a/target-tilegx/helper.c b/target-tilegx/helper.c
new file mode 100644
index 000..5fc53a8
--- /dev/null
+++ b/target-tilegx/helper.c
@@ -0,0 +1,41 @@
+/*
+ * QEMU TILE-Gx helpers
+ *
+ *  Copyright (c) 2015 Chen Gang
+ *
+ * This library is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public
+ * License as published by the Free Software Foundation; either
+ * version 2.1 of the License, or (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this library; if not, see
+ * 
+ */
+
+#include "cpu.h"
+#include "qemu-common.h"
+#include "exec/helper-proto.h"
+
+void helper_exception(CPUTLGState *env, uint32_t excp)
+{
+CPUState *cs = CPU(tilegx_env_get_cpu(env));
+
+cs->exception_index = excp;
+cpu_loop_exit(cs);
+}
+
+uint64_t helper_cntlz(uint64_t arg)
+{
+return clz64(arg);
+}
+
+uint64_t helper_cnttz(uint64_t arg)
+{
+return ctz64(arg);
+}
diff --git a/target-tilegx/helper.h b/target-tilegx/helper.h
new file mode 100644
index 000..15f841f
--- /dev/null
+++ b/target-tilegx/helper.h
@@ -0,0 +1,3 @@
+DEF_HELPER_2(exception, noreturn, env, i32)
+DEF_HELPER_FLAGS_1(cntlz, TCG_CALL_NO_RWG_SE, i64, i64)
+DEF_HELPER_FLAGS_1(cnttz, TCG_CALL_NO_RWG_SE, i64, i64)
-- 
1.9.3

[Qemu-devel] [PATCH 09/10 v10] target-tilegx: Generate tcg instructions to execute to _init_malloc in glib

[Chen Gang]

Generate related tcg instructions, and qemu tilegx runs to _init_malloc,
but causes assert in _init_malloc.

Signed-off-by: Chen Gang 
---
 target-tilegx/translate.c | 2889 +
 1 file changed, 2889 insertions(+)
 create mode 100644 target-tilegx/translate.c

diff --git a/target-tilegx/translate.c b/target-tilegx/translate.c
new file mode 100644
index 000..3d7d327
--- /dev/null
+++ b/target-tilegx/translate.c
@@ -0,0 +1,2889 @@
+/*
+ * QEMU TILE-Gx CPU
+ *
+ *  Copyright (c) 2015 Chen Gang
+ *
+ * This library is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public
+ * License as published by the Free Software Foundation; either
+ * version 2.1 of the License, or (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this library; if not, see
+ * 
+ */
+
+#include "cpu.h"
+#include "qemu/log.h"
+#include "disas/disas.h"
+#include "tcg-op.h"
+#include "exec/cpu_ldst.h"
+#include "opcode_tilegx.h"
+#include "spr_def_64.h"
+
+#define FMT64X  "%016" PRIx64
+
+#define TILEGX_OPCODE_MAX_X0164  /* include 164 */
+#define TILEGX_OPCODE_MAX_X1107  /* include 107 */
+#define TILEGX_OPCODE_MAX_Y0 15  /* include 15 */
+#define TILEGX_OPCODE_MAX_Y1 15  /* include 15 */
+#define TILEGX_OPCODE_MAX_Y2  3  /* include 3 */
+
+static TCGv_ptr cpu_env;
+static TCGv cpu_pc;
+static TCGv cpu_regs[TILEGX_R_COUNT];
+static TCGv cpu_spregs[TILEGX_SPR_COUNT];
+#if defined(CONFIG_USER_ONLY)
+static TCGv_i32 cpu_cmpexch;
+#endif
+
+static const char * const reg_names[] = {
+ "r0",  "r1",  "r2",  "r3",  "r4",  "r5",  "r6",  "r7",
+ "r8",  "r9", "r10", "r11", "r12", "r13", "r14", "r15",
+"r16", "r17", "r18", "r19", "r20", "r21", "r22", "r23",
+"r24", "r25", "r26", "r27", "r28", "r29", "r30", "r31",
+"r32", "r33", "r34", "r35", "r36", "r37", "r38", "r39",
+"r40", "r41", "r42", "r43", "r44", "r45", "r46", "r47",
+"r48", "r49", "r50", "r51",  "bp",  "tp",  "sp",  "lr"
+};
+
+static const char * const spreg_names[] = {
+"cmpexch"
+};
+
+/* It is for temporary registers */
+typedef struct DisasContextTemp {
+uint8_t idx;   /* index */
+TCGv val;  /* value */
+} DisasContextTemp;
+
+/* This is the state at translation time.  */
+typedef struct DisasContext {
+uint64_t pc;   /* Current pc */
+uint64_t exception;/* Current exception */
+
+TCGv zero; /* For zero register */
+
+DisasContextTemp *tmp_regcur;  /* Current temporary registers */
+DisasContextTemp tmp_regs[TILEGX_MAX_INSTRUCTIONS_PER_BUNDLE];
+   /* All temporary registers */
+struct {
+TCGCond cond;  /* Branch condition */
+TCGv dest; /* pc jump destination, if will jump */
+TCGv val1; /* Firt value for condition comparing */
+TCGv val2; /* Second value for condition comparing */
+} jmp; /* Jump object, only once in each TB block 
*/
+} DisasContext;
+
+#include "exec/gen-icount.h"
+
+static TCGv load_zero(DisasContext *dc)
+{
+if (TCGV_IS_UNUSED_I64(dc->zero)) {
+dc->zero = tcg_const_local_i64(0);
+}
+return dc->zero;
+}
+
+static TCGv load_gr(DisasContext *dc, uint8_t reg)
+{
+if (likely(reg < TILEGX_R_COUNT)) {
+return cpu_regs[reg];
+} else if (reg != TILEGX_R_ZERO) {
+dc->exception = TILEGX_EXCP_REG_UNSUPPORTED;
+}
+return load_zero(dc);
+}
+
+static TCGv dest_gr(DisasContext *dc, uint8_t rdst)
+{
+DisasContextTemp *tmp = dc->tmp_regcur;
+tmp->idx = rdst;
+tmp->val = tcg_temp_new_i64();
+return tmp->val;
+}
+
+static void gen_exception(DisasContext *dc, int num)
+{
+TCGv_i32 tmp = tcg_const_i32(num);
+
+gen_helper_exception(cpu_env, tmp);
+tcg_temp_free_i32(tmp);
+}
+
+/* mfspr can be only in X1 pipe, so it doesn't need to be bufferd */
+static void gen_mfspr(struct DisasContext *dc, uint8_t rdst, uint16_t imm14)
+{
+qemu_log_mask(CPU_LOG_TB_IN_ASM, "mfspr r%d, 0x%x\n", rdst, imm14);
+
+if (rdst >= TILEGX_R_COUNT) {
+if (rdst != TILEGX_R_ZERO) {
+dc->exception = TILEGX_EXCP_REG_UNSUPPORTED;
+}
+return;
+}
+
+switch (imm14) {
+case SPR_CMPEXCH_VALUE:
+tcg_gen_mov_i64(cpu_regs[rdst], cpu_spregs[TILEGX_SPR_CMPEXCH]);
+return;
+default:
+qemu_log_mask(LOG_UNIMP, "UNIMP m

[Qemu-devel] [PATCH 10/10 v10] target-tilegx: Add TILE-Gx building files

[Chen Gang]

Add related configuration, make files for tilegx. Now, qemu tilegx can
pass building.

Signed-off-by: Chen Gang 
---
 configure | 2 ++
 default-configs/tilegx-linux-user.mak | 1 +
 target-tilegx/Makefile.objs   | 1 +
 3 files changed, 4 insertions(+)
 create mode 100644 default-configs/tilegx-linux-user.mak
 create mode 100644 target-tilegx/Makefile.objs

diff --git a/configure b/configure
index b18aa9e..0a32741 100755
--- a/configure
+++ b/configure
@@ -5243,6 +5243,8 @@ case "$target_name" in
   s390x)
 gdb_xml_files="s390x-core64.xml s390-acr.xml s390-fpr.xml"
   ;;
+  tilegx)
+  ;;
   tricore)
   ;;
   unicore32)
diff --git a/default-configs/tilegx-linux-user.mak 
b/default-configs/tilegx-linux-user.mak
new file mode 100644
index 000..3e47493
--- /dev/null
+++ b/default-configs/tilegx-linux-user.mak
@@ -0,0 +1 @@
+# Default configuration for tilegx-linux-user
diff --git a/target-tilegx/Makefile.objs b/target-tilegx/Makefile.objs
new file mode 100644
index 000..8b3dc76
--- /dev/null
+++ b/target-tilegx/Makefile.objs
@@ -0,0 +1 @@
+obj-y += cpu.o translate.o helper.o
-- 
1.9.3

Re: [Qemu-devel] [PATCH] ui/cocoa.m: Give laptop users ability to scroll in monitor

[Peter Maydell]

On 10 May 2015 at 23:34, Peter Maydell  wrote:
> I've now tested again with my not-just-the-laptop setup, and:
>
>  * in the guest OS (I tested with a Linux guest), PageUp/Down
>work OK and work the same whether I use an external USB
>keyboard with a physical PgUp/Down key or the MacBook Air's
>keyboard with Fn+UpArrow/Fn+DownArrow as the chord to
>input pageup/down
>  * in the monitor window, neither way of inputting PageUp/Down
>works: all you get is a ',' input into the monitor
>
> So my conclusion is that we should fix the underlying
> problem that the monitor isn't handling PgUp/PgDown
> correctly (not sure exactly why that's not working yet).

So looking at the code in ui/console.c that implements our
virtual consoles, the scrolling is hooked up to the keycodes
QEMU_KEY_CTRL_{UP,DOWN,PAGEUP,PAGEDOWN}. These only seem
to be output by one of our UI frontends, SDL.

Gerd, how is this supposed to work? Shouldn't something
in the generic console code be handling converting the
Q_KEY_CODE_CTRL/CTRL_R + Q_KEY_CODE_PGUP/DOWN/etc into
what the vc layer expects, rather than having each of the
ui frontends doing it?

thanks
-- PMM

[Qemu-devel] KVM call for agenda 2015-05-12

[Juan Quintela]

Hi

Please, send any topic that you are interested in covering.


 Call details:

By popular demand, a google calendar public entry with it

  
https://www.google.com/calendar/embed?src=dG9iMXRqcXAzN3Y4ZXZwNzRoMHE4a3BqcXNAZ3JvdXAuY2FsZW5kYXIuZ29vZ2xlLmNvbQ

(Let me know if you have any problems with the calendar entry.  I just
gave up about getting right at the same time CEST, CET, EDT and DST).

If you need phone number details,  contact me privately

Thanks, Juan.

[Qemu-devel] [PATCH v4] ui/cocoa.m: Adds console items to the View menu

[Programmingkid]

This patch adds the VGA, Monitor, Serial, and Parallel menu item to the view 
menu. 

Signed-off-by: John Arbuckle 

---
Removed all code added in console.c.
Used existing console code in place of new console code.
Added several console global variables to keep track of usable consoles. 
Simplified console switching code. 

 ui/cocoa.m |   94 ++-
 1 files changed, 86 insertions(+), 8 deletions(-)

diff --git a/ui/cocoa.m b/ui/cocoa.m
index d37c29b..8760fb0 100644
--- a/ui/cocoa.m
+++ b/ui/cocoa.m
@@ -64,6 +64,8 @@ static int last_buttons;
 
 int gArgc;
 char **gArgv;
+int graphics_console, monitor_console, serial_console, parallel_console;
+
 
 // keymap conversion
 int keymap[] =
@@ -801,6 +803,10 @@ QemuCocoaView *cocoaView;
 - (void)toggleFullScreen:(id)sender;
 - (void)showQEMUDoc:(id)sender;
 - (void)showQEMUTec:(id)sender;
+- (void)displayVGA:(id)sender;
+- (void)displayMonitor:(id)sender;
+- (void)displayParallel:(id)sender;
+- (void)displaySerial:(id)sender;
 @end
 
 @implementation QemuCocoaAppController
@@ -943,8 +949,32 @@ QemuCocoaView *cocoaView;
 [[NSWorkspace sharedWorkspace] openFile:[NSString 
stringWithFormat:@"%@/../doc/qemu/qemu-tech.html",
 [[NSBundle mainBundle] resourcePath]] withApplication:@"Help Viewer"];
 }
-@end
 
+/* Displays the VGA screen */
+- (void)displayVGA:(id)sender
+{
+console_select(graphics_console);
+}
+
+/* Displays the QEMU Monitor screen */
+- (void)displayMonitor:(id)sender
+{
+console_select(monitor_console);
+}
+
+/* Displays the serial port screen */
+- (void)displaySerial:(id)sender
+{
+console_select(serial_console);
+}
+
+/* Displays the parallel port screen */
+- (void)displayParallel:(id)sender
+{
+console_select(parallel_console);
+}
+
+@end
 
 
 int main (int argc, const char * argv[]) {
@@ -1003,13 +1033,6 @@ int main (int argc, const char * argv[]) {
 [[NSApp mainMenu] addItem:menuItem];
 [NSApp performSelector:@selector(setAppleMenu:) withObject:menu]; // 
Workaround (this method is private since 10.4+)
 
-// View menu
-menu = [[NSMenu alloc] initWithTitle:@"View"];
-[menu addItem: [[[NSMenuItem alloc] initWithTitle:@"Enter Fullscreen" 
action:@selector(toggleFullScreen:) keyEquivalent:@"f"] autorelease]]; // 
Fullscreen
-menuItem = [[[NSMenuItem alloc] initWithTitle:@"View" action:nil 
keyEquivalent:@""] autorelease];
-[menuItem setSubmenu:menu];
-[[NSApp mainMenu] addItem:menuItem];
-
 // Window menu
 menu = [[NSMenu alloc] initWithTitle:@"Window"];
 [menu addItem: [[[NSMenuItem alloc] initWithTitle:@"Minimize" 
action:@selector(performMiniaturize:) keyEquivalent:@"m"] autorelease]]; // 
Miniaturize
@@ -1116,6 +1139,57 @@ static const DisplayChangeListenerOps dcl_ops = {
 .dpy_refresh = cocoa_refresh,
 };
 
+// Creates the view menu
+static void create_view_menu()
+{
+NSMenu * menu;
+NSMenuItem * menuItem;
+menu = [[NSMenu alloc] initWithTitle:@"View"];
+[menu addItem: [[[NSMenuItem alloc] initWithTitle:@"Enter Fullscreen" 
action:@selector(toggleFullScreen:) keyEquivalent:@"f"] autorelease]]; // 
Fullscreen
+[menu addItem:[NSMenuItem separatorItem]]; //Separator
+if(graphics_console != -1)
+[menu addItem: [[[NSMenuItem alloc] initWithTitle:@"VGA" 
action:@selector(displayVGA:) keyEquivalent:@""] autorelease]]; // VGA
+if(monitor_console != -1)
+[menu addItem: [[[NSMenuItem alloc] initWithTitle:@"QEMU Monitor" 
action:@selector(displayMonitor:) keyEquivalent:@""] autorelease]]; // QEMU 
Monitor
+if(serial_console != -1)
+[menu addItem: [[[NSMenuItem alloc] initWithTitle:@"Serial" 
action:@selector(displaySerial:) keyEquivalent:@""] autorelease]]; // Serial
+if(parallel_console != -1)
+[menu addItem: [[[NSMenuItem alloc] initWithTitle:@"Parallel" 
action:@selector(displayParallel:) keyEquivalent:@""] autorelease]]; // Parallel
+menuItem = [[[NSMenuItem alloc] initWithTitle:@"View" action:nil 
keyEquivalent:@""] autorelease];
+[menuItem setSubmenu:menu];
+[[NSApp mainMenu] insertItem: menuItem atIndex: 1]; // insert View menu 
after Application menu
+}
+
+// sets the console variables to the actual console' indexes
+static void init_console_variables()
+{
+int index = 0;
+char * console_name;
+
+// set the console variables to -1 so we know which ones do not exist
+graphics_console = -1;
+monitor_console = -1;
+serial_console = -1;
+parallel_console = -1;
+
+// set the console variables for the consoles we have
+while(qemu_console_lookup_by_index(index) != NULL) {
+console_name = 
qemu_console_get_label(qemu_console_lookup_by_index(index));
+if(strstr(console_name, "VGA") != NULL) {
+graphics_console = index;
+} else if (strstr(console_name, "monitor") != NULL) {
+monitor_console = index;
+} else if (strstr(console_name, "serial") != NULL) {
+

[Qemu-devel] [patch] ui/cocoa.m: Add Machine menu with pause and resume items

[Programmingkid]

Adds a Machine menu with a pause and resume menu item.
Adds feature that displays the word pause on the screen when paused.

Signed-off-by: John Arbuckle 

---
 ui/cocoa.m |   79 +++-
 1 files changed, 78 insertions(+), 1 deletions(-)

diff --git a/ui/cocoa.m b/ui/cocoa.m
index d37c29b..8122566 100644
--- a/ui/cocoa.m
+++ b/ui/cocoa.m
@@ -29,6 +29,7 @@
 #include "ui/console.h"
 #include "ui/input.h"
 #include "sysemu/sysemu.h"
+#include "qmp-commands.h"
 
 #ifndef MAC_OS_X_VERSION_10_4
 #define MAC_OS_X_VERSION_10_4 1040
@@ -64,6 +65,7 @@ static int last_buttons;
 
 int gArgc;
 char **gArgv;
+NSTextField * pauseLabel;
 
 // keymap conversion
 int keymap[] =
@@ -239,7 +241,26 @@ static int cocoa_keycode_to_qemu(int keycode)
 return keymap[keycode];
 }
 
-
+/*
+   Adds the Machine menu to the menu bar.
+   Has to be added separately because QEMU needs
+   to be running to determine used items.
+*/
+static void createMachineMenu()
+{
+NSMenu * menu;
+NSMenuItem * menuItem;
+
+// Machine menu
+ menu = [[NSMenu alloc] initWithTitle: @"Machine"];
+[menu setAutoenablesItems: NO];
+[menu addItem: [[[NSMenuItem alloc] initWithTitle: @"Pause" action: 
@selector(pauseQemu:) keyEquivalent: @""] autorelease]];
+[menu addItem: [[[NSMenuItem alloc] initWithTitle: @"Resume" action: 
@selector(resumeQemu:) keyEquivalent: @""] autorelease]];
+menuItem = [[[NSMenuItem alloc] initWithTitle: @"Machine" action:nil 
keyEquivalent:@""] autorelease];
+[menuItem setSubmenu:menu];
+[[NSApp mainMenu] insertItem: menuItem atIndex: 2]; // Insert after View 
menu
+[[menu itemWithTitle: @"Resume"] setEnabled: NO];  // Disables the Resume 
menu item because it isn't needed right now.
+}
 
 /*
  --
@@ -801,6 +822,10 @@ QemuCocoaView *cocoaView;
 - (void)toggleFullScreen:(id)sender;
 - (void)showQEMUDoc:(id)sender;
 - (void)showQEMUTec:(id)sender;
+- (void)pauseQemu:(id)sender;
+- (void)resumeQemu: (id) sender;
+- (void)displayPause;
+- (void)removePause;
 @end
 
 @implementation QemuCocoaAppController
@@ -833,6 +858,17 @@ QemuCocoaView *cocoaView;
 [normalWindow makeKeyAndOrderFront:self];
 [normalWindow center];
 
+/* Used for displaying pause on the screen */
+pauseLabel = [NSTextField new];
+[pauseLabel setBezeled:YES];
+[pauseLabel setDrawsBackground:YES];
+[pauseLabel setBackgroundColor: [NSColor whiteColor]];
+[pauseLabel setEditable:NO];
+[pauseLabel setSelectable:NO];
+[pauseLabel setStringValue: @"Paused"];
+[pauseLabel setFont: [NSFont fontWithName: @"Helvetica" size: 90]];
+[pauseLabel setTextColor: [NSColor blackColor]];
+[pauseLabel sizeToFit];
 }
 return self;
 }
@@ -943,6 +979,44 @@ QemuCocoaView *cocoaView;
 [[NSWorkspace sharedWorkspace] openFile:[NSString 
stringWithFormat:@"%@/../doc/qemu/qemu-tech.html",
 [[NSBundle mainBundle] resourcePath]] withApplication:@"Help Viewer"];
 }
+
+/* Pause the guest */
+- (void)pauseQemu:(id)sender
+{
+qmp_stop(NULL);
+[sender setEnabled: NO];
+[[[sender menu] itemWithTitle: @"Resume"] setEnabled: YES];
+[self displayPause];
+}
+
+/* Resume running the guest operating system */
+- (void)resumeQemu: (id) sender
+{
+qmp_cont(NULL);
+[sender setEnabled: NO];
+[[[sender menu] itemWithTitle: @"Pause"] setEnabled: YES];
+[self removePause];
+}
+
+/* Displays the word pause on the screen */
+- (void)displayPause
+{
+/* Coordinates have to be calculated each time because the window can 
change its size */
+int xCoord, yCoord, width, height;
+xCoord = ([normalWindow frame].size.width - [pauseLabel 
frame].size.width)/2;
+yCoord = [normalWindow frame].size.height - [pauseLabel frame].size.height 
- ([pauseLabel frame].size.height * .5);
+width = [pauseLabel frame].size.width;
+height = [pauseLabel frame].size.height;
+[pauseLabel setFrame: NSMakeRect(xCoord, yCoord, width, height)];
+[cocoaView addSubview: pauseLabel];
+}
+
+/* Removes the word pause from the screen */
+- (void)removePause
+{
+[pauseLabel removeFromSuperview];
+}
+
 @end
 
 
@@ -1128,4 +1202,7 @@ void cocoa_display_init(DisplayState *ds, int full_screen)
 
 // register cleanup function
 atexit(cocoa_cleanup);
+
+// Creates and adds the Machine menu to the menubar
+createMachineMenu();
 }
-- 
1.7.5.4

Re: [Qemu-devel] [RFC v1 PATCH 2/3] cpus: Convert cpu_index into a bitmap

[Bharata B Rao]

On Fri, May 08, 2015 at 11:55:00AM -0300, Eduardo Habkost wrote:
> On Fri, May 08, 2015 at 03:21:35PM +0530, Bharata B Rao wrote:
> > Currently CPUState.cpu_index is monotonically increasing and a newly
> > created CPU always gets the next higher index. The next available
> > index is calculated by counting the existing number of CPUs. This is
> > fine as long as we only add CPUs, but there are architectures which
> > are starting to support CPU removal too. For an architecture like PowerPC
> > which derives its CPU identifier (device tree ID) from cpu_index, the
> > existing logic of generating cpu_index values causes problems.
> > 
> > With the currently proposed method of handling vCPU removal by parking
> > the vCPU fd in QEMU
> > (Ref: http://lists.gnu.org/archive/html/qemu-devel/2015-02/msg02604.html),
> > generating cpu_index this way will not work for PowerPC.
> > 
> > This patch changes the way cpu_index is handed out by maintaining
> > a bit map of the CPUs that tracks both addition and removal of CPUs.
> > 
> > The CPU bitmap allocation logic is part of cpu_exec_init() which is
> > called by instance_init routines of various CPU targets. This patch
> > also adds corresponding instance_finalize routine if needed for these
> > CPU targets so that CPU can be marked free when it is removed.
> > 
> > Signed-off-by: Bharata B Rao 
> > ---
> >  exec.c  | 37 ++---
> >  include/qom/cpu.h   |  8 
> >  target-alpha/cpu.c  |  6 ++
> >  target-arm/cpu.c|  1 +
> >  target-cris/cpu.c   |  6 ++
> >  target-i386/cpu.c   |  6 ++
> >  target-lm32/cpu.c   |  6 ++
> >  target-m68k/cpu.c   |  6 ++
> >  target-microblaze/cpu.c |  6 ++
> >  target-mips/cpu.c   |  6 ++
> >  target-moxie/cpu.c  |  6 ++
> >  target-openrisc/cpu.c   |  6 ++
> >  target-ppc/translate_init.c |  6 ++
> >  target-s390x/cpu.c  |  1 +
> >  target-sh4/cpu.c|  6 ++
> >  target-sparc/cpu.c  |  1 +
> >  target-tricore/cpu.c|  5 +
> >  target-unicore32/cpu.c  |  6 ++
> >  target-xtensa/cpu.c |  6 ++
> >  19 files changed, 128 insertions(+), 3 deletions(-)
> 
> Why not simply call cpu_exec_exit() on generic CPU::instance_finalize,
> to avoid forcing every architecture to call it manually? Calling
> cpu_exec_exit() twice would be harmless, anyway.

Yes cpu_exec_exit() can be called from generic CPU::instance_finalize and
it does appear harmless calling it twice but,

Can there be a situation where cpu_index freed from the first cpu_exec_exit()
call from ->unrealize() be allocated (to a different caller) again before
the 2nd call for the same CPU from CPU::instance_finalize ? If yes,
cpu_exec_exit() needs to be more intelligent than what it is currently is.

> 
> (It would just need an additional check to make sure the bit will be
> cleared only if cpu_exec_init() was really called and cpu_index was
> properly set.)

If the situation I describe above can indeed happen, then cpu_exec_exit()
needs to maintain state to safely fail the double free for the same CPU
from the same caller. I think touching all archs and adding instance_finalize
would be much more simpler, cleaner and correct. When archs want to move
cpu_exec_init() and cpu_exec_exit() to realize/unlrealize, they can do
so.

Regards,
Bharata.

Re: [Qemu-devel] [RFC v1 PATCH 2/3] cpus: Convert cpu_index into a bitmap

[Bharata B Rao]

On Fri, May 08, 2015 at 11:57:40AM -0300, Eduardo Habkost wrote:
> On Fri, May 08, 2015 at 03:21:35PM +0530, Bharata B Rao wrote:
> [...]
> >  void cpu_exec_init(CPUArchState *env, Error **errp)
> >  {
> >  CPUState *cpu = ENV_GET_CPU(env);
> >  CPUClass *cc = CPU_GET_CLASS(cpu);
> > -CPUState *some_cpu;
> >  int cpu_index;
> > -
> >  #if defined(CONFIG_USER_ONLY)
> > +CPUState *some_cpu;
> > +
> >  cpu_list_lock();
> > -#endif
> >  cpu_index = 0;
> >  CPU_FOREACH(some_cpu) {
> >  cpu_index++;
> >  }
> >  cpu->cpu_index = cpu_index;
> 
> Why not use the bitmap on CONFIG_USER too?

I was doing like that in v1 and it required me to cook up a max_cpus value
for CONFIG_USER case to define the bitmap.

Andreas pointed out that it is better not to touch the allocation
logic for CONFIG_USER.

https://lists.gnu.org/archive/html/qemu-devel/2015-03/msg03571.html

Regards,
Bharata.

Re: [Qemu-devel] [PATCH target-arm v8 04/14] arm: xlnx-zynqmp: Add GIC

[Edgar E. Iglesias]

On Thu, May 07, 2015 at 05:57:12PM -0700, Peter Crosthwaite wrote:
> Add the GIC and connect IRQ outputs to the CPUs. The GIC regions are
> under-decoded through a 64k address region so implement aliases
> accordingly.
> 
> Signed-off-by: Peter Crosthwaite 
> ---
> changed since v7:
> Made GIC region size definition board specific
> changed since v6:
> Added aliases.
> changed since v5:
> Make commit msg body standalone
> Add reset-cbar configuration
> 
>  hw/arm/xlnx-zynqmp.c | 59 
> 
>  include/hw/arm/xlnx-zynqmp.h | 14 +++
>  2 files changed, 73 insertions(+)
> 
> diff --git a/hw/arm/xlnx-zynqmp.c b/hw/arm/xlnx-zynqmp.c
> index ec0ebaa..a8ab7e7 100644
> --- a/hw/arm/xlnx-zynqmp.c
> +++ b/hw/arm/xlnx-zynqmp.c
> @@ -16,6 +16,23 @@
>   */
>  
>  #include "hw/arm/xlnx-zynqmp.h"
> +#include "exec/address-spaces.h"
> +
> +#define GIC_NUM_SPI_INTR 128


Is this correct? I think it should be 160.



> +
> +#define GIC_BASE_ADDR   0xf900
> +#define GIC_DIST_ADDR   0xf901
> +#define GIC_CPU_ADDR0xf902
> +
> +typedef struct XlnxZynqMPGICRegion {
> +int region_index;
> +uint32_t address;
> +} XlnxZynqMPGICRegion;
> +
> +static const XlnxZynqMPGICRegion xlnx_zynqmp_gic_regions[] = {
> +{ .region_index = 0, .address = GIC_DIST_ADDR, },
> +{ .region_index = 1, .address = GIC_CPU_ADDR,  },
> +};
>  
>  static void xlnx_zynqmp_init(Object *obj)
>  {
> @@ -28,14 +45,46 @@ static void xlnx_zynqmp_init(Object *obj)
>  object_property_add_child(obj, "cpu[*]", OBJECT(&s->cpu[i]),
>&error_abort);
>  }
> +
> +object_initialize(&s->gic, sizeof(s->gic), TYPE_ARM_GIC);
> +qdev_set_parent_bus(DEVICE(&s->gic), sysbus_get_default());
>  }
>  
>  static void xlnx_zynqmp_realize(DeviceState *dev, Error **errp)
>  {
>  XlnxZynqMPState *s = XLNX_ZYNQMP(dev);
> +MemoryRegion *system_memory = get_system_memory();
>  uint8_t i;
>  Error *err = NULL;
>  
> +qdev_prop_set_uint32(DEVICE(&s->gic), "num-irq", GIC_NUM_SPI_INTR + 32);
> +qdev_prop_set_uint32(DEVICE(&s->gic), "revision", 2);
> +qdev_prop_set_uint32(DEVICE(&s->gic), "num-cpu", XLNX_ZYNQMP_NUM_CPUS);
> +object_property_set_bool(OBJECT(&s->gic), true, "realized", &err);
> +if (err) {
> +error_propagate((errp), (err));
> +return;
> +}
> +assert(ARRAY_SIZE(xlnx_zynqmp_gic_regions) == XLNX_ZYNQMP_GIC_REGIONS);
> +for (i = 0; i < XLNX_ZYNQMP_GIC_REGIONS; i++) {
> +SysBusDevice *gic = SYS_BUS_DEVICE(&s->gic);
> +const XlnxZynqMPGICRegion *r = &xlnx_zynqmp_gic_regions[i];
> +MemoryRegion *mr = sysbus_mmio_get_region(gic, r->region_index);
> +uint32_t addr = r->address;
> +int j;
> +
> +sysbus_mmio_map(gic, r->region_index, addr);
> +
> +for (j = 0; j < XLNX_ZYNQMP_GIC_ALIASES; j++) {
> +MemoryRegion *alias = &s->gic_mr[i][j];
> +
> +addr += XLNX_ZYNQMP_GIC_REGION_SIZE;
> +memory_region_init_alias(alias, OBJECT(s), "zynqmp-gic-alias", 
> mr,
> + 0, XLNX_ZYNQMP_GIC_REGION_SIZE);
> +memory_region_add_subregion(system_memory, addr, alias);
> +}
> +}
> +
>  for (i = 0; i < XLNX_ZYNQMP_NUM_CPUS; i++) {
>  object_property_set_int(OBJECT(&s->cpu[i]), QEMU_PSCI_CONDUIT_SMC,
>  "psci-conduit", &error_abort);
> @@ -45,11 +94,21 @@ static void xlnx_zynqmp_realize(DeviceState *dev, Error 
> **errp)
>   "start-powered-off", &error_abort);
>  }
>  
> +object_property_set_int(OBJECT(&s->cpu[i]), GIC_BASE_ADDR,
> +"reset-cbar", &err);
> +if (err) {
> +error_propagate((errp), (err));
> +return;
> +}
> +
>  object_property_set_bool(OBJECT(&s->cpu[i]), true, "realized", &err);
>  if (err) {
>  error_propagate((errp), (err));
>  return;
>  }
> +
> +sysbus_connect_irq(SYS_BUS_DEVICE(&s->gic), i,
> +   qdev_get_gpio_in(DEVICE(&s->cpu[i]), 
> ARM_CPU_IRQ));
>  }
>  }
>  
> diff --git a/include/hw/arm/xlnx-zynqmp.h b/include/hw/arm/xlnx-zynqmp.h
> index 62f6b6f..719bc8b 100644
> --- a/include/hw/arm/xlnx-zynqmp.h
> +++ b/include/hw/arm/xlnx-zynqmp.h
> @@ -19,6 +19,7 @@
>  
>  #include "qemu-common.h"
>  #include "hw/arm/arm.h"
> +#include "hw/intc/arm_gic.h"
>  
>  #define TYPE_XLNX_ZYNQMP "xlnx,zynqmp"
>  #define XLNX_ZYNQMP(obj) OBJECT_CHECK(XlnxZynqMPState, (obj), \
> @@ -26,12 +27,25 @@
>  
>  #define XLNX_ZYNQMP_NUM_CPUS 4
>  
> +#define XLNX_ZYNQMP_GIC_REGIONS 2
> +
> +/* ZynqMP maps the ARM GIC regions (GICC, GICD ...) at consecutive 64k 
> offsets
> + * and under-decodes the 64k region. This mirrors the 4k regions to every 4k
> + * aligned address in the 64k region. To implement each GIC re

[Qemu-devel] [PATCHv2] parallel: Allow to disable CONFIG_PARALLEL

[mrezanin]

From: Miroslav Rezanina 

Disabling CONFIG_PARALLEL cause build failure as commit 07dc788 factored
out initialization to parallel_hds_isa_init function in hw/char/parallel.c 
that is not build. 

Stub file is added to be able to disable CONFIG_PARALLEL. This file is used
in targets using parallel_hds_isa_init and provide empty definition of this
function.

Signed-off-by: Miroslav Rezanina 

---
 hw/i386/Makefile.objs| 1 +
 hw/mips/Makefile.objs| 2 ++
 hw/sparc64/Makefile.objs | 2 ++
 stubs/parallel-stub.c| 7 +++
 4 files changed, 12 insertions(+)
 create mode 100644 stubs/parallel-stub.c

diff --git a/hw/i386/Makefile.objs b/hw/i386/Makefile.objs
index e058a39..2b7131a 100644
--- a/hw/i386/Makefile.objs
+++ b/hw/i386/Makefile.objs
@@ -4,6 +4,7 @@ obj-y += pc.o pc_piix.o pc_q35.o
 obj-y += pc_sysfw.o
 obj-y += intel_iommu.o
 obj-$(CONFIG_XEN) += ../xenpv/ xen/
+obj-$(call lnot,$(CONFIG_PARALLEL)) += ../../stubs/parallel-stub.o
 
 obj-y += kvmvapic.o
 obj-y += acpi-build.o
diff --git a/hw/mips/Makefile.objs b/hw/mips/Makefile.objs
index 0a652f8..2e65305 100644
--- a/hw/mips/Makefile.objs
+++ b/hw/mips/Makefile.objs
@@ -2,3 +2,5 @@ obj-y += mips_r4k.o mips_jazz.o mips_malta.o mips_mipssim.o
 obj-y += addr.o cputimer.o mips_int.o
 obj-$(CONFIG_FULONG) += mips_fulong2e.o
 obj-y += gt64xxx_pci.o
+obj-$(call lnot,$(CONFIG_PARALLEL)) += ../../stubs/parallel-stub.o
+
diff --git a/hw/sparc64/Makefile.objs b/hw/sparc64/Makefile.objs
index a84cfe3..7696611 100644
--- a/hw/sparc64/Makefile.objs
+++ b/hw/sparc64/Makefile.objs
@@ -1 +1,3 @@
 obj-y += sun4u.o
+obj-$(call lnot,$(CONFIG_PARALLEL)) += ../../stubs/parallel-stub.o
+
diff --git a/stubs/parallel-stub.c b/stubs/parallel-stub.c
new file mode 100644
index 000..949c1b2
--- /dev/null
+++ b/stubs/parallel-stub.c
@@ -0,0 +1,7 @@
+#include "qemu/typedefs.h"
+#include "hw/isa/isa.h"
+#include "hw/i386/pc.h"
+
+void parallel_hds_isa_init(ISABus *bus, int n)
+{
+}
-- 
2.1.0

[Qemu-devel] [RFC PATCH 34/34] HACK: mb: boot: Disable dtb load in multi-arch

[Peter Crosthwaite]

Linux kernel booting is not yet defined for multi-arch and Microblazes
DTB loader sometimes gets in the way of elfs. Just disable it for
multi-arch.

Signed-off-by: Peter Crosthwaite 
---
 hw/microblaze/boot.c | 4 
 1 file changed, 4 insertions(+)

diff --git a/hw/microblaze/boot.c b/hw/microblaze/boot.c
index 082238b..d6b3298 100644
--- a/hw/microblaze/boot.c
+++ b/hw/microblaze/boot.c
@@ -60,6 +60,7 @@ static void main_cpu_reset(void *opaque)
 }
 }
 
+#ifndef TARGET_MULTI
 static int microblaze_load_dtb(hwaddr addr,
uint32_t ramsize,
uint32_t initrd_start,
@@ -97,6 +98,7 @@ static int microblaze_load_dtb(hwaddr addr,
 cpu_physical_memory_write(addr, fdt, fdt_size);
 return fdt_size;
 }
+#endif
 
 static uint64_t translate_kernel_address(void *opaque, uint64_t addr)
 {
@@ -203,12 +205,14 @@ void microblaze_load_kernel(MicroBlazeCPU *cpu, hwaddr 
ddr_base,
 }
 /* Provide a device-tree.  */
 boot_info.fdt = boot_info.cmdline + 4096;
+#ifndef TARGET_MULTI
 microblaze_load_dtb(boot_info.fdt, ram_size,
 boot_info.initrd_start,
 boot_info.initrd_end,
 kernel_cmdline,
 /* Preference a -dtb argument */
 dtb_arg ? dtb_arg : filename);
+#endif
 }
 g_free(filename);
 }
-- 
1.9.1

[Qemu-devel] [RFC PATCH 33/34] HACK: mb: boot: Assume using -firmware for mb software

[Peter Crosthwaite]

Assume that when using MULTI arch, the -firmare switch dictates the
software to load on microblaze. A hack until we get generic bootloading
working.

Signed-off-by: Peter Crosthwaite 
---
 hw/microblaze/boot.c | 4 
 1 file changed, 4 insertions(+)

diff --git a/hw/microblaze/boot.c b/hw/microblaze/boot.c
index b3d7c99..082238b 100644
--- a/hw/microblaze/boot.c
+++ b/hw/microblaze/boot.c
@@ -116,7 +116,11 @@ void microblaze_load_kernel(MicroBlazeCPU *cpu, hwaddr 
ddr_base,
 char *filename = NULL;
 
 machine_opts = qemu_get_machine_opts();
+#ifdef TARGET_MULTI
+kernel_filename = qemu_opt_get(machine_opts, "firmware");
+#else
 kernel_filename = qemu_opt_get(machine_opts, "kernel");
+#endif
 kernel_cmdline = qemu_opt_get(machine_opts, "append");
 dtb_arg = qemu_opt_get(machine_opts, "dtb");
 /* default to pcbios dtb as passed by machine_init */
-- 
1.9.1

[Qemu-devel] [RFC PATCH 31/34] arm: boot: Don't assume all CPUs are ARM

[Peter Crosthwaite]

Multi-arch platforms may wish to use the ARM bootloader. Dont assert
that all CPUs in the CPU list are ARM.

Signed-off-by: Peter Crosthwaite 
---
 hw/arm/boot.c | 8 ++--
 1 file changed, 6 insertions(+), 2 deletions(-)

diff --git a/hw/arm/boot.c b/hw/arm/boot.c
index fa69503..4e4034d 100644
--- a/hw/arm/boot.c
+++ b/hw/arm/boot.c
@@ -575,7 +575,9 @@ void arm_load_kernel(ARMCPU *cpu, struct arm_boot_info 
*info)
  * arranging that we start it correctly.
  */
 for (cs = CPU(cpu); cs; cs = CPU_NEXT(cs)) {
-qemu_register_reset(do_cpu_reset, ARM_CPU(cs));
+if (object_dynamic_cast(OBJECT(cs), TYPE_ARM_CPU)) {
+qemu_register_reset(do_cpu_reset, ARM_CPU(cs));
+}
 }
 
 /* Load the kernel.  */
@@ -772,6 +774,8 @@ void arm_load_kernel(ARMCPU *cpu, struct arm_boot_info 
*info)
 info->is_linux = is_linux;
 
 for (cs = CPU(cpu); cs; cs = CPU_NEXT(cs)) {
-ARM_CPU(cs)->env.boot_info = info;
+if (object_dynamic_cast(OBJECT(cs), TYPE_ARM_CPU)) {
+ARM_CPU(cs)->env.boot_info = info;
+}
 }
 }
-- 
1.9.1

[Qemu-devel] [RFC PATCH 29/34] arm: cpu: Multi-define guard deep CPU specifics

[Peter Crosthwaite]

If MMU_USER_IDX or ENV_OFFSET is already defined, undefine it.
The undef will cause a compile error on the ambiguous case where
multiple cpu.h's are included yet either of these defs
is needed. This shouldn't happen, as the multi-include should only
happen in device-land system level code that need CPU defs from
multiple arches - e.g. a machine model with two different arch CPUs.
Such device code has no bussiness using MMU_USER_IDX or ENV_OFFSET.

ENV_GET_CPU s also multi-guarded to perform no action on second define.
This is for multi-arch where target-multi provides a working
implementation already

Signed-off-by: Peter Crosthwaite 
---
 target-arm/cpu-qom.h | 7 +++
 target-arm/cpu.h | 5 +
 2 files changed, 12 insertions(+)

diff --git a/target-arm/cpu-qom.h b/target-arm/cpu-qom.h
index ed5a644..ad742ed 100644
--- a/target-arm/cpu-qom.h
+++ b/target-arm/cpu-qom.h
@@ -188,9 +188,16 @@ static inline ARMCPU *arm_env_get_cpu(CPUARMState *env)
 return container_of(env, ARMCPU, env);
 }
 
+#ifndef ENV_GET_CPU
 #define ENV_GET_CPU(e) CPU(arm_env_get_cpu(e))
+#endif
 
+#ifndef ENV_OFFSET
 #define ENV_OFFSET offsetof(ARMCPU, env)
+#else
+/* Try and cause a compile bug on any (invalid) users of the multiple def */
+#undef ENV_OFFSET
+#endif
 
 #ifndef CONFIG_USER_ONLY
 extern const struct VMStateDescription vmstate_arm_cpu;
diff --git a/target-arm/cpu.h b/target-arm/cpu.h
index e0363a2..53a8051 100644
--- a/target-arm/cpu.h
+++ b/target-arm/cpu.h
@@ -1627,7 +1627,12 @@ typedef enum ARMMMUIdx {
 ARMMMUIdx_S1NSE1 = 8,
 } ARMMMUIdx;
 
+#ifdef MMU_USER_IDX
+/* Try and cause a compile bug on any (invalid) users of the multiple def */
+#undef MMU_USER_IDX
+#else
 #define MMU_USER_IDX 0
+#endif
 
 /* Return the exception level we're running at if this is our mmu_idx */
 static inline int arm_mmu_idx_to_el(ARMMMUIdx mmu_idx)
-- 
1.9.1

[Qemu-devel] [RFC PATCH 25/34] arm: cpu: Move CPU_COMMON to front of env

[Peter Crosthwaite]

To allow pointer casts to the the multi-arch CPUArchState which
contains just the CPU_COMMON components.

Signed-off-by: Peter Crosthwaite 
---
 target-arm/cpu.h | 5 ++---
 1 file changed, 2 insertions(+), 3 deletions(-)

diff --git a/target-arm/cpu.h b/target-arm/cpu.h
index bdcd331..61d0964 100644
--- a/target-arm/cpu.h
+++ b/target-arm/cpu.h
@@ -120,6 +120,7 @@ typedef struct {
 } TCR;
 
 typedef struct CPUARMState {
+CPU_COMMON
 /* Regs for current mode.  */
 uint32_t regs[16];
 
@@ -472,9 +473,7 @@ typedef struct CPUARMState {
 struct CPUBreakpoint *cpu_breakpoint[16];
 struct CPUWatchpoint *cpu_watchpoint[16];
 
-CPU_COMMON
-
-/* These fields after the common ones so they are preserved on reset.  */
+/* These fields are preserved on reset.  */
 
 /* Internal CPU feature flags.  */
 uint64_t features;
-- 
1.9.1

[Qemu-devel] [RFC PATCH 22/34] arm: Remove ELF_MACHINE from cpu.h

[Peter Crosthwaite]

The only generic code relying on this is linux-user. Linux user already
has a lot of #ifdef TARGET_ customisation so just define ELF_MACHINE
locally there.

The armv7m bootloader can just pass EM_ARM directly, as that
is architecture specific code.

This remove another architecture specific definition from the global
namespace.

Signed-off-by: Peter Crosthwaite 
---
 hw/arm/armv7m.c  | 2 +-
 linux-user/elfload.c | 2 ++
 target-arm/cpu.h | 2 --
 3 files changed, 3 insertions(+), 3 deletions(-)

diff --git a/hw/arm/armv7m.c b/hw/arm/armv7m.c
index c6eab6d..ad89073 100644
--- a/hw/arm/armv7m.c
+++ b/hw/arm/armv7m.c
@@ -215,7 +215,7 @@ qemu_irq *armv7m_init(MemoryRegion *system_memory, int 
mem_size, int num_irq,
 
 if (kernel_filename) {
 image_size = load_elf(kernel_filename, NULL, NULL, &entry, &lowaddr,
-  NULL, big_endian, ELF_MACHINE, 1);
+  NULL, big_endian, EM_ARM, 1);
 if (image_size < 0) {
 image_size = load_image_targphys(kernel_filename, 0, mem_size);
 lowaddr = 0;
diff --git a/linux-user/elfload.c b/linux-user/elfload.c
index de7fe14..5239f0b 100644
--- a/linux-user/elfload.c
+++ b/linux-user/elfload.c
@@ -272,6 +272,7 @@ static void elf_core_copy_regs(target_elf_gregset_t *regs, 
const CPUX86State *en
 /* 32 bit ARM definitions */
 
 #define ELF_START_MMAP 0x8000
+#  define ELF_MACHINE EM_ARM
 
 #define elf_check_arch(x) ((x) == ELF_MACHINE)
 
@@ -480,6 +481,7 @@ static uint32_t get_elf_hwcap2(void)
 #else
 /* 64 bit ARM definitions */
 #define ELF_START_MMAP 0x8000
+#define ELF_MACHINE EM_AARCH64
 
 #define elf_check_arch(x) ((x) == ELF_MACHINE)
 
diff --git a/target-arm/cpu.h b/target-arm/cpu.h
index 7d08301..5333b1b 100644
--- a/target-arm/cpu.h
+++ b/target-arm/cpu.h
@@ -26,10 +26,8 @@
 #if defined(TARGET_AARCH64)
   /* AArch64 definitions */
 #  define TARGET_LONG_BITS 64
-#  define ELF_MACHINE EM_AARCH64
 #else
 #  define TARGET_LONG_BITS 32
-#  define ELF_MACHINE EM_ARM
 #endif
 
 #define TARGET_IS_BIENDIAN 1
-- 
1.9.1

[Qemu-devel] [RFC PATCH 32/34] arm: xilinx_zynq: Add a microblaze

[Peter Crosthwaite]

Signed-off-by: Peter Crosthwaite 
---
 hw/arm/xilinx_zynq.c | 13 +
 1 file changed, 13 insertions(+)

diff --git a/hw/arm/xilinx_zynq.c b/hw/arm/xilinx_zynq.c
index a4e7b5c..0f2da84 100644
--- a/hw/arm/xilinx_zynq.c
+++ b/hw/arm/xilinx_zynq.c
@@ -25,6 +25,9 @@
 #include "sysemu/block-backend.h"
 #include "hw/loader.h"
 #include "hw/ssi.h"
+
+#include "hw/microblaze/boot.h"
+
 #include "qemu/error-report.h"
 
 #define NUM_SPI_FLASHES 4
@@ -110,6 +113,9 @@ static void zynq_init(MachineState *machine)
 const char *initrd_filename = machine->initrd_filename;
 ObjectClass *cpu_oc;
 ARMCPU *cpu;
+#ifdef TARGET_MULTI
+MicroBlazeCPU *mb_cpu;
+#endif
 MemoryRegion *address_space_mem = get_system_memory();
 MemoryRegion *ext_ram = g_new(MemoryRegion, 1);
 MemoryRegion *ocm_ram = g_new(MemoryRegion, 1);
@@ -160,6 +166,13 @@ static void zynq_init(MachineState *machine)
 ram_size = 0x8000;
 }
 
+#ifdef TARGET_MULTI
+mb_cpu = MICROBLAZE_CPU(object_new(TYPE_MICROBLAZE_CPU));
+object_property_set_bool(OBJECT(mb_cpu), true, "realized", &error_abort);
+microblaze_load_kernel(mb_cpu, 0, ram_size, NULL, NULL, NULL);
+#endif
+
+
 /* DDR remapped to address zero.  */
 memory_region_allocate_system_memory(ext_ram, NULL, "zynq.ext_ram",
  ram_size);
-- 
1.9.1

[Qemu-devel] [RFC PATCH 28/34] arm: cpu: Guard cpu_init definition for user mode

[Peter Crosthwaite]

cpu_init is only used by user-mode code. Don't define it for system
emulation. This prepares support for multi-arch as in multi-arch
system mode multiple cpu.h's from different archs may get included
together and this guards against a multiple def.

It also has the added bonus of no new system machine models being
able to use the legacy cpu_init() call.

Signed-off-by: Peter Crosthwaite 
---
 target-arm/cpu.h | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/target-arm/cpu.h b/target-arm/cpu.h
index 7833ff9..e0363a2 100644
--- a/target-arm/cpu.h
+++ b/target-arm/cpu.h
@@ -1555,7 +1555,9 @@ static inline bool arm_excp_unmasked(CPUState *cs, 
unsigned int excp_idx)
 return unmasked || pstate_unmasked;
 }
 
+#ifdef CONFIG_USER_ONLY
 #define cpu_init(cpu_model) CPU(cpu_arm_init(cpu_model))
+#endif
 
 #define cpu_list arm_cpu_list
 
-- 
1.9.1

[Qemu-devel] [RFC PATCH 26/34] arm: Use qomified tcg defintions

[Peter Crosthwaite]

Prepare support for multi-arch. TCG core code will have to get the
architecture specific variant of these definitions.

Signed-off-by: Peter Crosthwaite 
---
 target-arm/cpu.c   | 93 ++
 target-arm/cpu.h   | 89 ++-
 target-arm/op_helper.c |  4 +--
 target-arm/translate.c |  8 +++--
 4 files changed, 110 insertions(+), 84 deletions(-)

diff --git a/target-arm/cpu.c b/target-arm/cpu.c
index 566deb9..2ed6390 100644
--- a/target-arm/cpu.c
+++ b/target-arm/cpu.c
@@ -1176,6 +1176,90 @@ static void arm_any_initfn(Object *obj)
 
 #endif /* !defined(CONFIG_USER_ONLY) || !defined(TARGET_AARCH64) */
 
+static int arm_cpu_mmu_index(CPUState *cpu)
+{
+CPUARMState *env = cpu->env_ptr;
+int el = arm_current_el(env);
+
+if (el < 2 && arm_is_secure_below_el3(env)) {
+return ARMMMUIdx_S1SE0 + el;
+}
+return el;
+}
+
+static void arm_cpu_get_tb_cpu_state(CPUState *cpu, void *pc_ptr,
+ void *cs_base_ptr, int *flags)
+{
+CPUARMState *env = cpu->env_ptr;
+int fpen;
+target_ulong *pc = pc_ptr;
+target_ulong *cs_base = cs_base_ptr;
+
+if (arm_feature(env, ARM_FEATURE_V6)) {
+fpen = extract32(env->cp15.cpacr_el1, 20, 2);
+} else {
+/* CPACR doesn't exist before v6, so VFP is always accessible */
+fpen = 3;
+}
+
+if (is_a64(env)) {
+*pc = env->pc;
+*flags = ARM_TBFLAG_AARCH64_STATE_MASK;
+if (fpen == 3 || (fpen == 1 && arm_current_el(env) != 0)) {
+*flags |= ARM_TBFLAG_AA64_FPEN_MASK;
+}
+/* The SS_ACTIVE and PSTATE_SS bits correspond to the state machine
+ * states defined in the ARM ARM for software singlestep:
+ *  SS_ACTIVE   PSTATE.SS   State
+ * 0x   Inactive (the TB flag for SS is always 0)
+ * 10   Active-pending
+ * 11   Active-not-pending
+ */
+if (arm_singlestep_active(env)) {
+*flags |= ARM_TBFLAG_AA64_SS_ACTIVE_MASK;
+if (env->pstate & PSTATE_SS) {
+*flags |= ARM_TBFLAG_AA64_PSTATE_SS_MASK;
+}
+}
+} else {
+*pc = env->regs[15];
+*flags = (env->thumb << ARM_TBFLAG_THUMB_SHIFT)
+| (env->vfp.vec_len << ARM_TBFLAG_VECLEN_SHIFT)
+| (env->vfp.vec_stride << ARM_TBFLAG_VECSTRIDE_SHIFT)
+| (env->condexec_bits << ARM_TBFLAG_CONDEXEC_SHIFT)
+| (env->bswap_code << ARM_TBFLAG_BSWAP_CODE_SHIFT);
+if (!(access_secure_reg(env))) {
+*flags |= ARM_TBFLAG_NS_MASK;
+}
+if (env->vfp.xregs[ARM_VFP_FPEXC] & (1 << 30)
+|| arm_el_is_aa64(env, 1)) {
+*flags |= ARM_TBFLAG_VFPEN_MASK;
+}
+if (fpen == 3 || (fpen == 1 && arm_current_el(env) != 0)) {
+*flags |= ARM_TBFLAG_CPACR_FPEN_MASK;
+}
+/* The SS_ACTIVE and PSTATE_SS bits correspond to the state machine
+ * states defined in the ARM ARM for software singlestep:
+ *  SS_ACTIVE   PSTATE.SS   State
+ * 0x   Inactive (the TB flag for SS is always 0)
+ * 10   Active-pending
+ * 11   Active-not-pending
+ */
+if (arm_singlestep_active(env)) {
+*flags |= ARM_TBFLAG_SS_ACTIVE_MASK;
+if (env->uncached_cpsr & PSTATE_SS) {
+*flags |= ARM_TBFLAG_PSTATE_SS_MASK;
+}
+}
+*flags |= (extract32(env->cp15.c15_cpar, 0, 2)
+   << ARM_TBFLAG_XSCALE_CPAR_SHIFT);
+}
+
+*flags |= (cpu_mmu_index(env) << ARM_TBFLAG_MMUIDX_SHIFT);
+
+*cs_base = 0;
+}
+
 typedef struct ARMCPUInfo {
 const char *name;
 void (*initfn)(Object *obj);
@@ -1264,6 +1348,15 @@ static void arm_cpu_class_init(ObjectClass *oc, void 
*data)
 cc->debug_excp_handler = arm_debug_excp_handler;
 
 cc->disas_set_info = arm_disas_set_info;
+
+cc->cpu_mmu_index = arm_cpu_mmu_index;
+cc->cpu_get_tb_cpu_state = arm_cpu_get_tb_cpu_state;
+cc->gen_intermediate_code = arm_gen_intermediate_code;
+cc->gen_intermediate_code_pc = arm_gen_intermediate_code_pc;
+cc->restore_state_to_opc = arm_restore_state_to_opc;
+#ifndef CONFIG_USER_ONLY
+cc->tlb_fill = arm_tlb_fill;
+#endif
 }
 
 static void cpu_register(const ARMCPUInfo *info)
diff --git a/target-arm/cpu.h b/target-arm/cpu.h
index 61d0964..7833ff9 100644
--- a/target-arm/cpu.h
+++ b/target-arm/cpu.h
@@ -1634,17 +1634,6 @@ static inline int arm_mmu_idx_to_el(ARMMMUIdx mmu_idx)
 return mmu_idx & 3;
 }
 
-/* Determine the current mmu_idx to use for normal loads/stores */
-static inline int cpu_mmu_index(CPUARMState *env)
-{
-int el = arm_current_el(env);
-
-if (el < 2 && arm_is_secure_below_el3(env)) {
-return ARMMMUIdx_S1SE0 + el;
-}
-

[Qemu-devel] [RFC PATCH 21/34] arm: Rename all exceptions

[Peter Crosthwaite]

These are architecture specific, and via cpu.h visibile in common
and global namespaces. Preface them with "ARMAR_" to avoid namespace
collisions. Prepares support for multi-arch where multiple cpu.h's
can be included by device land code and namespace issues happen with
such generic names.

Use prefix ARM"AR" as the trap table is separate from the M-profile
support, so qualify with AR to make it specific to A/R profile.

Signed-off-by: Peter Crosthwaite 
---
 linux-user/main.c  | 28 +++
 target-arm/cpu.c   | 20 -
 target-arm/cpu.h   | 38 +++
 target-arm/helper-a64.c| 24 ++--
 target-arm/helper.c| 56 +++---
 target-arm/internals.h | 36 ++---
 target-arm/op_helper.c | 20 -
 target-arm/psci.c  |  4 ++--
 target-arm/translate-a64.c | 18 +++
 target-arm/translate.c | 44 ++--
 10 files changed, 144 insertions(+), 144 deletions(-)

diff --git a/linux-user/main.c b/linux-user/main.c
index 60b5a5f..50fbd7e 100644
--- a/linux-user/main.c
+++ b/linux-user/main.c
@@ -681,7 +681,7 @@ void cpu_loop(CPUARMState *env)
 trapnr = cpu_arm_exec(env);
 cpu_exec_end(cs);
 switch(trapnr) {
-case EXCP_UDEF:
+case ARMAR_EXCP_UDEF:
 {
 TaskState *ts = cs->opaque;
 uint32_t opcode;
@@ -752,12 +752,12 @@ void cpu_loop(CPUARMState *env)
 }
 }
 break;
-case EXCP_SWI:
-case EXCP_BKPT:
+case ARMAR_EXCP_SWI:
+case ARMAR_EXCP_BKPT:
 {
 env->eabi = 1;
 /* system call */
-if (trapnr == EXCP_BKPT) {
+if (trapnr == ARMAR_EXCP_BKPT) {
 if (env->thumb) {
 /* FIXME - what to do if get_user() fails? */
 get_user_code_u16(insn, env->regs[15], 
env->bswap_code);
@@ -833,13 +833,13 @@ void cpu_loop(CPUARMState *env)
 case EXCP_INTERRUPT:
 /* just indicate that signals should be handled asap */
 break;
-case EXCP_STREX:
+case ARMAR_EXCP_STREX:
 if (!do_strex(env)) {
 break;
 }
 /* fall through for segv */
-case EXCP_PREFETCH_ABORT:
-case EXCP_DATA_ABORT:
+case ARMAR_EXCP_PREFETCH_ABORT:
+case ARMAR_EXCP_DATA_ABORT:
 addr = env->exception.vaddress;
 {
 info.si_signo = TARGET_SIGSEGV;
@@ -865,7 +865,7 @@ void cpu_loop(CPUARMState *env)
   }
 }
 break;
-case EXCP_KERNEL_TRAP:
+case ARMAR_EXCP_KERNEL_TRAP:
 if (do_kernel_trap(env))
   goto error;
 break;
@@ -1013,7 +1013,7 @@ void cpu_loop(CPUARMState *env)
 cpu_exec_end(cs);
 
 switch (trapnr) {
-case EXCP_SWI:
+case ARMAR_EXCP_SWI:
 env->xregs[0] = do_syscall(env,
env->xregs[8],
env->xregs[0],
@@ -1027,20 +1027,20 @@ void cpu_loop(CPUARMState *env)
 case EXCP_INTERRUPT:
 /* just indicate that signals should be handled asap */
 break;
-case EXCP_UDEF:
+case ARMAR_EXCP_UDEF:
 info.si_signo = TARGET_SIGILL;
 info.si_errno = 0;
 info.si_code = TARGET_ILL_ILLOPN;
 info._sifields._sigfault._addr = env->pc;
 queue_signal(env, info.si_signo, &info);
 break;
-case EXCP_STREX:
+case ARMAR_EXCP_STREX:
 if (!do_strex_a64(env)) {
 break;
 }
 /* fall through for segv */
-case EXCP_PREFETCH_ABORT:
-case EXCP_DATA_ABORT:
+case ARMAR_EXCP_PREFETCH_ABORT:
+case ARMAR_EXCP_DATA_ABORT:
 info.si_signo = TARGET_SIGSEGV;
 info.si_errno = 0;
 /* XXX: check env->error_code */
@@ -1049,7 +1049,7 @@ void cpu_loop(CPUARMState *env)
 queue_signal(env, info.si_signo, &info);
 break;
 case EXCP_DEBUG:
-case EXCP_BKPT:
+case ARMAR_EXCP_BKPT:
 sig = gdb_handlesig(cs, TARGET_SIGTRAP);
 if (sig) {
 info.si_signo = sig;
diff --git a/target-arm/cpu.c b/target-arm/cpu.c
index cfa761a..566deb9 100644
--- a/target-arm/cpu.c
+++ b/target-arm/cpu.c
@@ -209,26 +209,26 @@ bool arm_cpu_exec_interrupt(CPUState *cs, int 
interrupt_request)
 bool ret = false;
 
 if (interrupt_request & CPU_INTERRUPT_FIQ
-&& arm_excp_unmasked(cs, EXCP_FIQ)) {
-cs->exception_index = EXCP_FIQ;
+&& arm_excp_unmasked(cs, ARMAR_EXCP_FIQ)) {
+cs->exception_index = ARM

[Qemu-devel] [RFC PATCH 30/34] arm: Enable multi-arch

[Peter Crosthwaite]

Signed-off-by: Peter Crosthwaite 
---
 Makefile.target|  2 +-
 configure  |  3 ++-
 target-arm/cpu.h   | 40 +++-
 target-arm/translate.c |  3 +--
 target-arm/translate.h |  4 ++--
 target-multi/helper.h  |  1 +
 6 files changed, 22 insertions(+), 31 deletions(-)

diff --git a/Makefile.target b/Makefile.target
index 0043286..c02be7d 100644
--- a/Makefile.target
+++ b/Makefile.target
@@ -13,7 +13,7 @@ QEMU_CFLAGS += -I.. -I$(SRC_PATH)/target-$(TARGET_BASE_ARCH) 
-DNEED_CPU_H
 
 ARCH_DIRS = $(TARGET_BASE_ARCH)
 ifeq ($(TARGET_BASE_ARCH), multi)
-ARCH_DIRS += microblaze
+ARCH_DIRS += microblaze arm
 endif
 
 QEMU_CFLAGS+=-I$(SRC_PATH)/include
diff --git a/configure b/configure
index 880faa4..6116f65 100755
--- a/configure
+++ b/configure
@@ -5281,7 +5281,7 @@ if [ "$HOST_VARIANT_DIR" != "" ]; then
 fi
 case "$target_name" in
   multi)
-MULTI_TARGETS="microblaze"
+MULTI_TARGETS="microblaze aarch64"
 esac
 case "$target_name" in
   i386|x86_64)
@@ -5362,6 +5362,7 @@ for i in $ARCH $TARGET_BASE_ARCH $MULTI_TARGETS; do
 echo "CONFIG_ALPHA_DIS=y"  >> config-all-disas.mak
   ;;
   arm|aarch64)
+echo "CONFIG_ARCH_MULTI=y" >> $config_target_mak
 echo "CONFIG_ARM_DIS=y"  >> $config_target_mak
 echo "CONFIG_ARM_DIS=y"  >> config-all-disas.mak
 if test -n "${cxx}"; then
diff --git a/target-arm/cpu.h b/target-arm/cpu.h
index 53a8051..a57ef77 100644
--- a/target-arm/cpu.h
+++ b/target-arm/cpu.h
@@ -23,18 +23,18 @@
 
 #include "kvm-consts.h"
 
-#if defined(TARGET_AARCH64)
-  /* AArch64 definitions */
-#  define TARGET_LONG_BITS 64
-#else
-#  define TARGET_LONG_BITS 32
-#endif
+#include "qemu-common.h"
 
-#define TARGET_IS_BIENDIAN 1
+#include "target-multi/cpu-head.h"
 
+#undef CPUArchState
 #define CPUArchState struct CPUARMState
 
-#include "qemu-common.h"
+#ifndef TARGET_AARCH64
+#  undef TARGET_LONG_BITS
+#  define TARGET_LONG_BITS 32
+#endif
+
 #include "exec/cpu-defs.h"
 
 #include "fpu/softfloat.h"
@@ -93,8 +93,6 @@
 
 struct arm_boot_info;
 
-#define NB_MMU_MODES 7
-
 /* We currently assume float and double are IEEE single and double
precision respectively.
Doing runtime conversions is tricky because VFP registers may contain
@@ -1457,21 +1455,19 @@ bool write_cpustate_to_list(ARMCPU *cpu);
 #define ARM_CPUID_TI915T  0x54029152
 #define ARM_CPUID_TI925T  0x54029252
 
-#if defined(CONFIG_USER_ONLY)
-#define TARGET_PAGE_BITS 12
-#else
 /* The ARM MMU allows 1k pages.  */
 /* ??? Linux doesn't actually use these, and they're deprecated in recent
architecture revisions.  Maybe a configure option to disable them.  */
+#if !defined(CONFIG_USER_ONLY) && !defined(TARGET_MULTI)
+#undef TARGET_PAGE_BITS
 #define TARGET_PAGE_BITS 10
 #endif
 
-#if defined(TARGET_AARCH64)
-#  define TARGET_PHYS_ADDR_SPACE_BITS 48
-#  define TARGET_VIRT_ADDR_SPACE_BITS 64
-#else
-#  define TARGET_PHYS_ADDR_SPACE_BITS 40
-#  define TARGET_VIRT_ADDR_SPACE_BITS 32
+#if !defined(TARGET_AARCH64)
+#undef TARGET_PHYS_ADDR_SPACE_BITS
+#undef TARGET_VIRT_ADDR_SPACE_BITS
+#define TARGET_PHYS_ADDR_SPACE_BITS 40
+#define TARGET_VIRT_ADDR_SPACE_BITS 32
 #endif
 
 static inline bool arm_excp_unmasked(CPUState *cs, unsigned int excp_idx)
@@ -1784,12 +1780,6 @@ static inline bool arm_singlestep_active(CPUARMState 
*env)
 #define ARM_TBFLAG_NS(F) \
 (((F) & ARM_TBFLAG_NS_MASK) >> ARM_TBFLAG_NS_SHIFT)
 
-#define cpu_get_tb_cpu_state(env, pc, cs_base, flags) \
-((env)->container->cpu_get_tb_cpu_state((env)->container, (pc), \
-(cs_base), (flags)))
-
-#define cpu_mmu_index(env) ((env)->container->cpu_mmu_index((env)->container))
-
 #include "exec/cpu-all.h"
 #include "exec/exec-all.h"
 
diff --git a/target-arm/translate.c b/target-arm/translate.c
index a33343d..9d5901e 100644
--- a/target-arm/translate.c
+++ b/target-arm/translate.c
@@ -60,7 +60,6 @@ static uint32_t gen_opc_condexec_bits[OPC_BUF_SIZE];
 #define IS_USER(s) (s->user)
 #endif
 
-TCGv_ptr cpu_env;
 /* We reuse the same 64-bit temporaries for efficiency.  */
 static TCGv_i64 cpu_V0, cpu_V1, cpu_M0;
 static TCGv_i32 cpu_R[16];
@@ -87,7 +86,7 @@ void arm_translate_init(void)
 {
 int i;
 
-cpu_env = tcg_global_reg_new_ptr(TCG_AREG0, "env");
+multi_translate_init();
 
 for (i = 0; i < 16; i++) {
 cpu_R[i] = tcg_global_mem_new_i32(TCG_AREG0,
diff --git a/target-arm/translate.h b/target-arm/translate.h
index 9829576..4150198 100644
--- a/target-arm/translate.h
+++ b/target-arm/translate.h
@@ -1,6 +1,8 @@
 #ifndef TARGET_ARM_TRANSLATE_H
 #define TARGET_ARM_TRANSLATE_H
 
+#include "target-multi/translate.h"
+
 /* internal defines */
 typedef struct DisasContext {
 target_ulong pc;
@@ -61,8 +63,6 @@ typedef struct DisasContext {
 TCGv_i64 tmp_a64[TMP_A64_MAX];
 } DisasContext;
 
-extern TCGv_ptr cpu_env;
-
 static inline int arm_dc_feature(DisasContext *dc, int feature)
 {
 return (dc->features & (1ULL << feature)) != 0

[Qemu-devel] [RFC PATCH 16/34] mb: cpu: Guard cpu_init definition for user mode

[Peter Crosthwaite]

cpu_init is only used by user-mode code. Don't define it for system
emulation. This prepares support for multi-arch as in multi-arch
system mode multiple cpu.h's from different archs may get included
together and this guards against a multiple def.

It also has the added bonus of no new system machine models being
able to use the legacy cpu_init() call.

Signed-off-by: Peter Crosthwaite 
---
 target-microblaze/cpu.h | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/target-microblaze/cpu.h b/target-microblaze/cpu.h
index bcaff1f..da42483 100644
--- a/target-microblaze/cpu.h
+++ b/target-microblaze/cpu.h
@@ -281,7 +281,9 @@ MicroBlazeCPU *cpu_mb_init(const char *cpu_model);
 #define TARGET_PHYS_ADDR_SPACE_BITS 48
 #define TARGET_VIRT_ADDR_SPACE_BITS 64
 
+#ifdef CONFIG_USER_ONLY
 #define cpu_init(cpu_model) CPU(cpu_mb_init(cpu_model))
+#endif
 
 /* MMU modes definitions */
 #define MMU_NOMMU_IDX   0
-- 
1.9.1

[Qemu-devel] [RFC PATCH 14/34] mb: Use qomified tcg defintions

[Peter Crosthwaite]

Prepare support for multi-arch. TCG core code will have to get the
architecture specific variant of these definitions.

Signed-off-by: Peter Crosthwaite 
---
 target-microblaze/cpu.c   | 34 ++
 target-microblaze/cpu.h   | 32 
 target-microblaze/op_helper.c |  4 ++--
 target-microblaze/translate.c |  8 +---
 4 files changed, 53 insertions(+), 25 deletions(-)

diff --git a/target-microblaze/cpu.c b/target-microblaze/cpu.c
index 89b8363..4e5489e 100644
--- a/target-microblaze/cpu.c
+++ b/target-microblaze/cpu.c
@@ -54,6 +54,31 @@ static void microblaze_cpu_set_irq(void *opaque, int irq, 
int level)
 }
 #endif
 
+static int mb_cpu_mmu_index (CPUState *cpu) {
+CPUMBState *env = cpu->env_ptr;
+
+/* Are we in nommu mode?.  */
+if (!(env->sregs[SR_MSR] & MSR_VM))
+return MMU_NOMMU_IDX;
+
+   if (env->sregs[SR_MSR] & MSR_UM)
+return MMU_USER_IDX;
+return MMU_KERNEL_IDX;
+}
+
+static void mb_cpu_get_tb_cpu_state(CPUState *cpu, void *pc_ptr,
+void *cs_base_ptr, int *flags)
+{
+CPUMBState *env = cpu->env_ptr;
+target_ulong *pc = pc_ptr;
+target_ulong *cs_base = cs_base_ptr;
+
+*pc = env->sregs[SR_PC];
+*cs_base = 0;
+*flags = (env->iflags & IFLAGS_TB_MASK) |
+ (env->sregs[SR_MSR] & (MSR_UM | MSR_VM | MSR_EE));
+}
+
 /* CPUClass::reset() */
 static void mb_cpu_reset(CPUState *s)
 {
@@ -191,6 +216,15 @@ static void mb_cpu_class_init(ObjectClass *oc, void *data)
 cc->gdb_num_core_regs = 32 + 5;
 
 cc->disas_set_info = mb_disas_set_info;
+
+cc->cpu_mmu_index = mb_cpu_mmu_index;
+cc->cpu_get_tb_cpu_state = mb_cpu_get_tb_cpu_state;
+cc->gen_intermediate_code = mb_gen_intermediate_code;
+cc->gen_intermediate_code_pc = mb_gen_intermediate_code_pc;
+cc->restore_state_to_opc = mb_restore_state_to_opc;
+#ifndef CONFIG_USER_ONLY
+cc->tlb_fill = mb_tlb_fill;
+#endif
 }
 
 static const TypeInfo mb_cpu_type_info = {
diff --git a/target-microblaze/cpu.h b/target-microblaze/cpu.h
index 51a49f2..bcaff1f 100644
--- a/target-microblaze/cpu.h
+++ b/target-microblaze/cpu.h
@@ -289,36 +289,28 @@ MicroBlazeCPU *cpu_mb_init(const char *cpu_model);
 #define MMU_USER_IDX2
 /* See NB_MMU_MODES further up the file.  */
 
-static inline int cpu_mmu_index (CPUMBState *env)
-{
-/* Are we in nommu mode?.  */
-if (!(env->sregs[SR_MSR] & MSR_VM))
-return MMU_NOMMU_IDX;
-
-   if (env->sregs[SR_MSR] & MSR_UM)
-return MMU_USER_IDX;
-return MMU_KERNEL_IDX;
-}
-
 int mb_cpu_handle_mmu_fault(CPUState *cpu, vaddr address, int rw,
 int mmu_idx);
 
-static inline void cpu_get_tb_cpu_state(CPUMBState *env, target_ulong *pc,
-target_ulong *cs_base, int *flags)
-{
-*pc = env->sregs[SR_PC];
-*cs_base = 0;
-*flags = (env->iflags & IFLAGS_TB_MASK) |
- (env->sregs[SR_MSR] & (MSR_UM | MSR_VM | MSR_EE));
-}
-
 #if !defined(CONFIG_USER_ONLY)
 void mb_cpu_unassigned_access(CPUState *cpu, hwaddr addr,
   bool is_write, bool is_exec, int is_asi,
   unsigned size);
 #endif
 
+#define cpu_get_tb_cpu_state(env, pc, cs_base, flags) \
+(ENV_GET_CPU(env)->cpu_get_tb_cpu_state(ENV_GET_CPU(env), (pc), \
+(cs_base), (flags)))
+
+#define cpu_mmu_index(env) (ENV_GET_CPU(env)->cpu_mmu_index(ENV_GET_CPU(env)))
+
 #include "exec/cpu-all.h"
 #include "exec/exec-all.h"
 
+void mb_gen_intermediate_code(void *env, struct TranslationBlock *tb);
+void mb_gen_intermediate_code_pc(void *env, struct TranslationBlock *tb);
+void mb_restore_state_to_opc(void *env_ptr, TranslationBlock *tb, int pc_pos);
+void mb_tlb_fill(CPUState *cs, uint64_t addr, int is_write, int mmu_idx,
+ uintptr_t retaddr);
+
 #endif
diff --git a/target-microblaze/op_helper.c b/target-microblaze/op_helper.c
index df2d74f..1fceb24 100644
--- a/target-microblaze/op_helper.c
+++ b/target-microblaze/op_helper.c
@@ -32,8 +32,8 @@
  * NULL, it means that the function was called in C code (i.e. not
  * from generated code or from helper.c)
  */
-void tlb_fill(CPUState *cs, target_ulong addr, int is_write, int mmu_idx,
-  uintptr_t retaddr)
+void mb_tlb_fill(CPUState *cs, uint64_t addr, int is_write, int mmu_idx,
+ uintptr_t retaddr)
 {
 int ret;
 
diff --git a/target-microblaze/translate.c b/target-microblaze/translate.c
index ec655fd..88b35ff 100644
--- a/target-microblaze/translate.c
+++ b/target-microblaze/translate.c
@@ -1878,12 +1878,12 @@ gen_intermediate_code_internal(MicroBlazeCPU *cpu, 
TranslationBlock *tb,
 assert(!dc->abort_at_next_insn);
 }
 
-void gen_intermediate_code (CPUMBState *env, struct TranslationBlock *tb)
+void mb_gen_intermediate_code(void *env, struct TranslationBlock *tb)
 {
 

[Qemu-devel] [RFC PATCH 11/34] mb: cpu: Remove MMUx macros

[Peter Crosthwaite]

AFAICS these aren't used by QEMU code anymore.

Signed-off-by: Peter Crosthwaite 
---
 target-microblaze/cpu.h | 3 ---
 1 file changed, 3 deletions(-)

diff --git a/target-microblaze/cpu.h b/target-microblaze/cpu.h
index ad3466e..dee645d 100644
--- a/target-microblaze/cpu.h
+++ b/target-microblaze/cpu.h
@@ -284,9 +284,6 @@ MicroBlazeCPU *cpu_mb_init(const char *cpu_model);
 #define cpu_init(cpu_model) CPU(cpu_mb_init(cpu_model))
 
 /* MMU modes definitions */
-#define MMU_MODE0_SUFFIX _nommu
-#define MMU_MODE1_SUFFIX _kernel
-#define MMU_MODE2_SUFFIX _user
 #define MMU_NOMMU_IDX   0
 #define MMU_KERNEL_IDX  1
 #define MMU_USER_IDX2
-- 
1.9.1

[Qemu-devel] [RFC PATCH 27/34] hw: arm: Explicitly include cpu.h for consumers

[Peter Crosthwaite]

Device land code that needs cpu.h only needs it for architecture
speific reasons. So include target-arm/cpu.h explicitly rather than
the one provided by common code.

This prepares support for multi-arch where the common cpu.h will be
minimal and not contain any arch specifics.

Signed-off-by: Peter Crosthwaite 
---
 hw/arm/strongarm.h  | 2 ++
 include/hw/arm/arm.h| 2 ++
 include/hw/arm/digic.h  | 2 ++
 include/hw/arm/exynos4210.h | 2 ++
 include/hw/arm/omap.h   | 2 ++
 include/hw/arm/pxa.h| 2 ++
 6 files changed, 12 insertions(+)

diff --git a/hw/arm/strongarm.h b/hw/arm/strongarm.h
index 2893f94..6f5d163 100644
--- a/hw/arm/strongarm.h
+++ b/hw/arm/strongarm.h
@@ -3,6 +3,8 @@
 
 #include "exec/memory.h"
 
+#include "target-arm/cpu.h"
+
 #define SA_CS0  0x
 #define SA_CS1  0x0800
 #define SA_CS2  0x1000
diff --git a/include/hw/arm/arm.h b/include/hw/arm/arm.h
index 5c940eb..3395810 100644
--- a/include/hw/arm/arm.h
+++ b/include/hw/arm/arm.h
@@ -11,6 +11,8 @@
 #ifndef ARM_MISC_H
 #define ARM_MISC_H 1
 
+#include "target-arm/cpu.h"
+
 #include "exec/memory.h"
 #include "hw/irq.h"
 
diff --git a/include/hw/arm/digic.h b/include/hw/arm/digic.h
index a739d6a..9f4bd52 100644
--- a/include/hw/arm/digic.h
+++ b/include/hw/arm/digic.h
@@ -23,6 +23,8 @@
 #include "hw/timer/digic-timer.h"
 #include "hw/char/digic-uart.h"
 
+#include "target-arm/cpu.h"
+
 #define TYPE_DIGIC "digic"
 
 #define DIGIC(obj) OBJECT_CHECK(DigicState, (obj), TYPE_DIGIC)
diff --git a/include/hw/arm/exynos4210.h b/include/hw/arm/exynos4210.h
index 5c1820f..3fb9684 100644
--- a/include/hw/arm/exynos4210.h
+++ b/include/hw/arm/exynos4210.h
@@ -29,6 +29,8 @@
 #include "qemu-common.h"
 #include "exec/memory.h"
 
+#include "target-arm/cpu.h"
+
 #define EXYNOS4210_NCPUS2
 
 #define EXYNOS4210_DRAM0_BASE_ADDR  0x4000
diff --git a/include/hw/arm/omap.h b/include/hw/arm/omap.h
index 0ad5fb8..7e0d0e4 100644
--- a/include/hw/arm/omap.h
+++ b/include/hw/arm/omap.h
@@ -21,6 +21,8 @@
 # define hw_omap_h "omap.h"
 #include "hw/irq.h"
 
+#include "target-arm/cpu.h"
+
 # define OMAP_EMIFS_BASE   0x
 # define OMAP2_Q0_BASE 0x
 # define OMAP_CS0_BASE 0x
diff --git a/include/hw/arm/pxa.h b/include/hw/arm/pxa.h
index 259b852..4d2f1f3 100644
--- a/include/hw/arm/pxa.h
+++ b/include/hw/arm/pxa.h
@@ -11,6 +11,8 @@
 
 #include "exec/memory.h"
 
+#include "target-arm/cpu.h"
+
 /* Interrupt numbers */
 # define PXA2XX_PIC_SSP3   0
 # define PXA2XX_PIC_USBH2  2
-- 
1.9.1

[Qemu-devel] [RFC PATCH 23/34] arm: cpu.h: Move cpu-all include

[Peter Crosthwaite]

The defs that follow dont need cpu-all. Move cpu-all include further
down to group it with exec-all.h.

Signed-off-by: Peter Crosthwaite 
---
 target-arm/cpu.h | 3 +--
 1 file changed, 1 insertion(+), 2 deletions(-)

diff --git a/target-arm/cpu.h b/target-arm/cpu.h
index 5333b1b..147aaeb 100644
--- a/target-arm/cpu.h
+++ b/target-arm/cpu.h
@@ -1715,8 +1715,6 @@ static inline bool arm_singlestep_active(CPUARMState *env)
 && arm_generate_debug_exceptions(env);
 }
 
-#include "exec/cpu-all.h"
-
 /* Bit usage in the TB flags field: bit 31 indicates whether we are
  * in 32 or 64 bit mode. The meaning of the other bits depends on that.
  * We put flags which are shared between 32 and 64 bit mode at the top
@@ -1870,6 +1868,7 @@ static inline void cpu_get_tb_cpu_state(CPUARMState *env, 
target_ulong *pc,
 *cs_base = 0;
 }
 
+#include "exec/cpu-all.h"
 #include "exec/exec-all.h"
 
 enum {
-- 
1.9.1

[Qemu-devel] [RFC PATCH 20/34] configure: Unify arm and aarch64 disas configury

[Peter Crosthwaite]

The "arm" variant for this case already contains everything needed
for aarch64. As aarch64 already uses arm as a base architecture, it
will already have the CONFIG_ARM_DIS defined meaning no functional
change. So just make the configure code simpler.

Signed-off-by: Peter Crosthwaite 
---
 configure | 8 +---
 1 file changed, 1 insertion(+), 7 deletions(-)

diff --git a/configure b/configure
index 1cce60c..880faa4 100755
--- a/configure
+++ b/configure
@@ -5361,13 +5361,7 @@ for i in $ARCH $TARGET_BASE_ARCH $MULTI_TARGETS; do
 echo "CONFIG_ALPHA_DIS=y"  >> $config_target_mak
 echo "CONFIG_ALPHA_DIS=y"  >> config-all-disas.mak
   ;;
-  aarch64)
-if test -n "${cxx}"; then
-  echo "CONFIG_ARM_A64_DIS=y"  >> $config_target_mak
-  echo "CONFIG_ARM_A64_DIS=y"  >> config-all-disas.mak
-fi
-  ;;
-  arm)
+  arm|aarch64)
 echo "CONFIG_ARM_DIS=y"  >> $config_target_mak
 echo "CONFIG_ARM_DIS=y"  >> config-all-disas.mak
 if test -n "${cxx}"; then
-- 
1.9.1

[Qemu-devel] [RFC PATCH 01/34] cpu-all: Prototype cpu_exec and cpu_signal_handler

[Peter Crosthwaite]

Rather than rely on the arch specific ones. If an arch specific one
is defined nothing happens as we ifdef guard the generic prototypes.

This does then allow for removal of the arch specific dummy
prototypes for those archs that dont need to provide an override.

Signed-off-by: Peter Crosthwaite 
---
 include/exec/cpu-all.h | 9 +
 1 file changed, 9 insertions(+)

diff --git a/include/exec/cpu-all.h b/include/exec/cpu-all.h
index ac06c67..5133684 100644
--- a/include/exec/cpu-all.h
+++ b/include/exec/cpu-all.h
@@ -322,4 +322,13 @@ void qemu_mutex_unlock_ramlist(void);
 int cpu_memory_rw_debug(CPUState *cpu, target_ulong addr,
 uint8_t *buf, int len, int is_write);
 
+#ifndef cpu_exec
+int cpu_exec(CPUArchState *s);
+#endif
+
+#ifndef cpu_signal_handler
+int cpu_signal_handler(int host_signum, void *pinfo,
+   void *puc);
+#endif
+
 #endif /* CPU_ALL_H */
-- 
1.9.1

[Qemu-devel] [RFC PATCH 24/34] arm: delete dummy prototypes

[Peter Crosthwaite]

All these do now is rename the generic exec functions. Remove.

Signed-off-by: Peter Crosthwaite 
---
 linux-user/main.c | 4 ++--
 target-arm/cpu.h  | 9 -
 2 files changed, 2 insertions(+), 11 deletions(-)

diff --git a/linux-user/main.c b/linux-user/main.c
index 50fbd7e..fb7b138 100644
--- a/linux-user/main.c
+++ b/linux-user/main.c
@@ -678,7 +678,7 @@ void cpu_loop(CPUARMState *env)
 
 for(;;) {
 cpu_exec_start(cs);
-trapnr = cpu_arm_exec(env);
+trapnr = cpu_exec(env);
 cpu_exec_end(cs);
 switch(trapnr) {
 case ARMAR_EXCP_UDEF:
@@ -1009,7 +1009,7 @@ void cpu_loop(CPUARMState *env)
 
 for (;;) {
 cpu_exec_start(cs);
-trapnr = cpu_arm_exec(env);
+trapnr = cpu_exec(env);
 cpu_exec_end(cs);
 
 switch (trapnr) {
diff --git a/target-arm/cpu.h b/target-arm/cpu.h
index 147aaeb..bdcd331 100644
--- a/target-arm/cpu.h
+++ b/target-arm/cpu.h
@@ -486,7 +486,6 @@ typedef struct CPUARMState {
 #include "cpu-qom.h"
 
 ARMCPU *cpu_arm_init(const char *cpu_model);
-int cpu_arm_exec(CPUARMState *s);
 uint32_t do_arm_semihosting(CPUARMState *env);
 void aarch64_sync_32_to_64(CPUARMState *env);
 void aarch64_sync_64_to_32(CPUARMState *env);
@@ -496,11 +495,6 @@ static inline bool is_a64(CPUARMState *env)
 return env->aarch64;
 }
 
-/* you can call this signal handler from your SIGBUS and SIGSEGV
-   signal handlers to inform the virtual CPU of exceptions. non zero
-   is returned if the signal was handled by the virtual CPU.  */
-int cpu_arm_signal_handler(int host_signum, void *pinfo,
-   void *puc);
 int arm_cpu_handle_mmu_fault(CPUState *cpu, vaddr address, int rw,
  int mmu_idx);
 
@@ -1564,9 +1558,6 @@ static inline bool arm_excp_unmasked(CPUState *cs, 
unsigned int excp_idx)
 
 #define cpu_init(cpu_model) CPU(cpu_arm_init(cpu_model))
 
-#define cpu_exec cpu_arm_exec
-#define cpu_gen_code cpu_arm_gen_code
-#define cpu_signal_handler cpu_arm_signal_handler
 #define cpu_list arm_cpu_list
 
 /* ARM has the following "translation regimes" (as the ARM ARM calls them):
-- 
1.9.1

[Qemu-devel] [RFC PATCH 17/34] mb: cpu: Multi-define guard deep CPU specifics

[Peter Crosthwaite]

If MMU_USER_IDX or ENV_OFFSET is already defined, undefine it.
The undef will cause a compile error on the ambiguous case where
multiple cpu.h's are included yet either of these defs
is needed. This shouldn't happen, as the multi-include should only
happen in device-land system level code that need CPU defs from
multiple arches - e.g. a machine model with two different arch CPUs.
Such device code has no bussiness using MMU_USER_IDX or ENV_OFFSET.

ENV_GET_CPU s also multi-guarded to perform no action on second define.
This is for multi-arch where target-multi provides a working
implementation already

Signed-off-by: Peter Crosthwaite 
---
 target-microblaze/cpu-qom.h | 7 +++
 target-microblaze/cpu.h | 6 ++
 2 files changed, 13 insertions(+)

diff --git a/target-microblaze/cpu-qom.h b/target-microblaze/cpu-qom.h
index e3e0701..f3960ac 100644
--- a/target-microblaze/cpu-qom.h
+++ b/target-microblaze/cpu-qom.h
@@ -67,9 +67,16 @@ static inline MicroBlazeCPU *mb_env_get_cpu(CPUMBState *env)
 return container_of(env, MicroBlazeCPU, env);
 }
 
+#ifndef ENV_GET_CPU
 #define ENV_GET_CPU(e) CPU(mb_env_get_cpu(e))
+#endif
 
+#ifndef ENV_OFFSET
 #define ENV_OFFSET offsetof(MicroBlazeCPU, env)
+#else
+/* Try and cause a compile bug on any (invalid) users of the multiple def */
+#undef ENV_OFFSET
+#endif
 
 void mb_cpu_do_interrupt(CPUState *cs);
 bool mb_cpu_exec_interrupt(CPUState *cs, int int_req);
diff --git a/target-microblaze/cpu.h b/target-microblaze/cpu.h
index da42483..5f15ca9 100644
--- a/target-microblaze/cpu.h
+++ b/target-microblaze/cpu.h
@@ -288,7 +288,13 @@ MicroBlazeCPU *cpu_mb_init(const char *cpu_model);
 /* MMU modes definitions */
 #define MMU_NOMMU_IDX   0
 #define MMU_KERNEL_IDX  1
+
+#ifdef MMU_USER_IDX
+/* Try and cause a compile bug on any (invalid) users of the multiple def */
+#undef MMU_USER_IDX
+#else
 #define MMU_USER_IDX2
+#endif
 /* See NB_MMU_MODES further up the file.  */
 
 int mb_cpu_handle_mmu_fault(CPUState *cpu, vaddr address, int rw,
-- 
1.9.1

[Qemu-devel] [RFC PATCH 12/34] mb: cpu: Move CPU_COMMON to front of env

[Peter Crosthwaite]

To allow pointer casts to the the multi-arch CPUArchState which
contains just the CPU_COMMON components.

Signed-off-by: Peter Crosthwaite 
---
 target-microblaze/cpu.h | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/target-microblaze/cpu.h b/target-microblaze/cpu.h
index dee645d..eaeb82f 100644
--- a/target-microblaze/cpu.h
+++ b/target-microblaze/cpu.h
@@ -230,6 +230,8 @@ typedef struct CPUMBState CPUMBState;
 #define STREAM_NONBLOCK  (1 << 4)
 
 struct CPUMBState {
+CPU_COMMON
+
 uint32_t debug;
 uint32_t btaken;
 uint32_t btarget;
@@ -266,8 +268,6 @@ struct CPUMBState {
 /* Unified MMU.  */
 struct microblaze_mmu mmu;
 #endif
-
-CPU_COMMON
 };
 
 #include "cpu-qom.h"
-- 
1.9.1

[Qemu-devel] [RFC PATCH 18/34] mb: cpu-qom: Put the ENV first

[Peter Crosthwaite]

To allow for consistent non-architecuture specific calculation of
the ENV_OFFSET (now just sizeof(CPUState)).

Signed-off-by: Peter Crosthwaite 
---
 target-microblaze/cpu-qom.h | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/target-microblaze/cpu-qom.h b/target-microblaze/cpu-qom.h
index f3960ac..690c132 100644
--- a/target-microblaze/cpu-qom.h
+++ b/target-microblaze/cpu-qom.h
@@ -56,10 +56,10 @@ typedef struct MicroBlazeCPUClass {
 typedef struct MicroBlazeCPU {
 /*< private >*/
 CPUState parent_obj;
-uint32_t base_vectors;
-/*< public >*/
 
+/*< public >*/
 CPUMBState env;
+uint32_t base_vectors;
 } MicroBlazeCPU;
 
 static inline MicroBlazeCPU *mb_env_get_cpu(CPUMBState *env)
-- 
1.9.1

[Qemu-devel] [RFC PATCH 15/34] hw: mb: Explicitly include cpu.h for consumers

[Peter Crosthwaite]

Device land code that needs cpu.h only needs it for architecture
speific reasons. So include target-microblaze/cpu.h explicitly rather
than the just the one provided by common code.

This prepares support for multi-arch where the common cpu.h will be
minimal and not contain any arch specifics.

Signed-off-by: Peter Crosthwaite 
---
 hw/microblaze/boot.h | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/hw/microblaze/boot.h b/hw/microblaze/boot.h
index 0eb7f8e..a4d7740 100644
--- a/hw/microblaze/boot.h
+++ b/hw/microblaze/boot.h
@@ -3,6 +3,8 @@
 
 #include "hw/hw.h"
 
+#include "target-microblaze/cpu.h"
+
 void microblaze_load_kernel(MicroBlazeCPU *cpu, hwaddr ddr_base,
 uint32_t ramsize,
 const char *initrd_filename,
-- 
1.9.1

[Qemu-devel] [RFC PATCH 19/34] mb: Enable multi-arch

[Peter Crosthwaite]

Convert Microblaze to a multi-arch enabled architecture.

Signed-off-by: Peter Crosthwaite 
---
 Makefile.target   |  2 +-
 configure |  3 ++-
 target-microblaze/cpu.h   | 17 ++---
 target-microblaze/translate.c |  4 ++--
 target-multi/helper.h |  1 +
 5 files changed, 8 insertions(+), 19 deletions(-)

diff --git a/Makefile.target b/Makefile.target
index 3e5a4f9..0043286 100644
--- a/Makefile.target
+++ b/Makefile.target
@@ -13,7 +13,7 @@ QEMU_CFLAGS += -I.. -I$(SRC_PATH)/target-$(TARGET_BASE_ARCH) 
-DNEED_CPU_H
 
 ARCH_DIRS = $(TARGET_BASE_ARCH)
 ifeq ($(TARGET_BASE_ARCH), multi)
-ARCH_DIRS +=
+ARCH_DIRS += microblaze
 endif
 
 QEMU_CFLAGS+=-I$(SRC_PATH)/include
diff --git a/configure b/configure
index 270a87c..1cce60c 100755
--- a/configure
+++ b/configure
@@ -5281,7 +5281,7 @@ if [ "$HOST_VARIANT_DIR" != "" ]; then
 fi
 case "$target_name" in
   multi)
-MULTI_TARGETS=""
+MULTI_TARGETS="microblaze"
 esac
 case "$target_name" in
   i386|x86_64)
@@ -5400,6 +5400,7 @@ for i in $ARCH $TARGET_BASE_ARCH $MULTI_TARGETS; do
 echo "CONFIG_M68K_DIS=y"  >> config-all-disas.mak
   ;;
   microblaze*)
+echo "CONFIG_ARCH_MULTI=y" >> $config_target_mak
 echo "CONFIG_MICROBLAZE_DIS=y"  >> $config_target_mak
 echo "CONFIG_MICROBLAZE_DIS=y"  >> config-all-disas.mak
   ;;
diff --git a/target-microblaze/cpu.h b/target-microblaze/cpu.h
index 5f15ca9..4244aa0 100644
--- a/target-microblaze/cpu.h
+++ b/target-microblaze/cpu.h
@@ -22,8 +22,9 @@
 #include "config.h"
 #include "qemu-common.h"
 
-#define TARGET_LONG_BITS 64
+#include "target-multi/cpu-head.h"
 
+#undef CPUArchState
 #define CPUArchState struct CPUMBState
 
 #include "exec/cpu-defs.h"
@@ -221,8 +222,6 @@ typedef struct CPUMBState CPUMBState;
 #define CC_NE  1
 #define CC_EQ  0
 
-#define NB_MMU_MODES3
-
 #define STREAM_EXCEPTION (1 << 0)
 #define STREAM_ATOMIC(1 << 1)
 #define STREAM_TEST  (1 << 2)
@@ -275,12 +274,6 @@ struct CPUMBState {
 void mb_tcg_init(void);
 MicroBlazeCPU *cpu_mb_init(const char *cpu_model);
 
-/* FIXME: MB uses variable pages down to 1K but linux only uses 4k.  */
-#define TARGET_PAGE_BITS 12
-
-#define TARGET_PHYS_ADDR_SPACE_BITS 48
-#define TARGET_VIRT_ADDR_SPACE_BITS 64
-
 #ifdef CONFIG_USER_ONLY
 #define cpu_init(cpu_model) CPU(cpu_mb_init(cpu_model))
 #endif
@@ -306,12 +299,6 @@ void mb_cpu_unassigned_access(CPUState *cpu, hwaddr addr,
   unsigned size);
 #endif
 
-#define cpu_get_tb_cpu_state(env, pc, cs_base, flags) \
-(ENV_GET_CPU(env)->cpu_get_tb_cpu_state(ENV_GET_CPU(env), (pc), \
-(cs_base), (flags)))
-
-#define cpu_mmu_index(env) (ENV_GET_CPU(env)->cpu_mmu_index(ENV_GET_CPU(env)))
-
 #include "exec/cpu-all.h"
 #include "exec/exec-all.h"
 
diff --git a/target-microblaze/translate.c b/target-microblaze/translate.c
index 88b35ff..3401799 100644
--- a/target-microblaze/translate.c
+++ b/target-microblaze/translate.c
@@ -28,6 +28,7 @@
 
 #include "trace-tcg.h"
 
+#include "target-multi/translate.h"
 
 #define SIM_COMPAT 0
 #define DISAS_GNU 1
@@ -49,7 +50,6 @@
  */
 
 static TCGv_i32 env_debug;
-static TCGv_ptr cpu_env;
 static TCGv_i32 cpu_R[32];
 static TCGv_i32 cpu_SR[18];
 static TCGv_i32 env_imm;
@@ -1933,7 +1933,7 @@ void mb_tcg_init(void)
 {
 int i;
 
-cpu_env = tcg_global_reg_new_ptr(TCG_AREG0, "env");
+multi_translate_init();
 
 env_debug = tcg_global_mem_new_i32(TCG_AREG0, 
 offsetof(CPUMBState, debug),
diff --git a/target-multi/helper.h b/target-multi/helper.h
index e69de29..9308cc5 100644
--- a/target-multi/helper.h
+++ b/target-multi/helper.h
@@ -0,0 +1 @@
+#include 
-- 
1.9.1

[Qemu-devel] [RFC PATCH 13/34] mb: cpu: Change phys and virt address ranges.

[Peter Crosthwaite]

Change the phys and virt address ranges of microblaze to match
aarch64. This allows for unification with aarch64 under multi-arch.

Signed-off-by: Peter Crosthwaite 
---
 target-microblaze/cpu.h | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/target-microblaze/cpu.h b/target-microblaze/cpu.h
index eaeb82f..51a49f2 100644
--- a/target-microblaze/cpu.h
+++ b/target-microblaze/cpu.h
@@ -278,8 +278,8 @@ MicroBlazeCPU *cpu_mb_init(const char *cpu_model);
 /* FIXME: MB uses variable pages down to 1K but linux only uses 4k.  */
 #define TARGET_PAGE_BITS 12
 
-#define TARGET_PHYS_ADDR_SPACE_BITS 32
-#define TARGET_VIRT_ADDR_SPACE_BITS 32
+#define TARGET_PHYS_ADDR_SPACE_BITS 48
+#define TARGET_VIRT_ADDR_SPACE_BITS 64
 
 #define cpu_init(cpu_model) CPU(cpu_mb_init(cpu_model))
 
-- 
1.9.1

[Qemu-devel] [RFC PATCH 05/34] mb: cpu: Delete MMAP_SHIFT definition

[Peter Crosthwaite]

Just fallback on the default of 12 like other architectures. This
allows us to change the hw without affecting linux user.

Signed-off-by: Peter Crosthwaite 
---
 target-microblaze/cpu.h | 1 -
 1 file changed, 1 deletion(-)

diff --git a/target-microblaze/cpu.h b/target-microblaze/cpu.h
index 9d01bb4..ff38661 100644
--- a/target-microblaze/cpu.h
+++ b/target-microblaze/cpu.h
@@ -285,7 +285,6 @@ int cpu_mb_signal_handler(int host_signum, void *pinfo,
 
 /* FIXME: MB uses variable pages down to 1K but linux only uses 4k.  */
 #define TARGET_PAGE_BITS 12
-#define MMAP_SHIFT TARGET_PAGE_BITS
 
 #define TARGET_PHYS_ADDR_SPACE_BITS 32
 #define TARGET_VIRT_ADDR_SPACE_BITS 32
-- 
1.9.1

[Qemu-devel] [RFC PATCH 02/34] tcg+qom: QOMify core CPU defintions

[Peter Crosthwaite]

These definitions are defined per-target and globall linked/defined
between core code and target-foo. QOMify them. Provide weakly linked
conditional default implementations for the non-qomified global fns.
This means converted architectures which install a QOM hook do not need
to define a function for the old globals even the common code expects
to link against something.

The top level definition of some functions is still left up to the
individual target cpu.h files, making the QOMified code paths opt-in
per target.

Signed-off-by: Peter Crosthwaite 
---
 include/qom/cpu.h  | 24 
 qom/cpu.c  |  6 ++
 softmmu_template.h |  6 ++
 translate-all.c| 47 ---
 4 files changed, 80 insertions(+), 3 deletions(-)

diff --git a/include/qom/cpu.h b/include/qom/cpu.h
index 363c928..2cb89ab 100644
--- a/include/qom/cpu.h
+++ b/include/qom/cpu.h
@@ -119,6 +119,7 @@ struct TranslationBlock;
  * @cpu_exec_exit: Callback for cpu_exec cleanup.
  * @cpu_exec_interrupt: Callback for processing interrupts in cpu_exec.
  * @disas_set_info: Setup architecture specific components of disassembly info
+ * @cpu_mmu_index: Get MMU index for normal load stores
  *
  * Represents a CPU family or model.
  */
@@ -176,6 +177,17 @@ typedef struct CPUClass {
 bool (*cpu_exec_interrupt)(CPUState *cpu, int interrupt_request);
 
 void (*disas_set_info)(CPUState *cpu, disassemble_info *info);
+int (*cpu_mmu_index)(CPUState *cpu);
+void (*cpu_get_tb_cpu_state)(CPUState *cpu,
+ void *pc, /* target_long * */
+ void *cs_base, /* target_long */
+ int *flags);
+void (*gen_intermediate_code)(void *env, struct TranslationBlock *tb);
+void (*gen_intermediate_code_pc)(void *env, struct TranslationBlock *tb);
+void (*restore_state_to_opc)(void *env, struct TranslationBlock *tb,
+ int pc_pos);
+void (*tlb_fill)(CPUState *cs, uint64_t addr, int is_write, int mmu_idx,
+ uintptr_t retaddr);
 } CPUClass;
 
 #ifdef HOST_WORDS_BIGENDIAN
@@ -319,6 +331,18 @@ struct CPUState {
(absolute value) offset as small as possible.  This reduces code
size, especially for hosts without large memory offsets.  */
 volatile sig_atomic_t tcg_exit_req;
+
+int (*cpu_mmu_index)(CPUState *cpu);
+void (*cpu_get_tb_cpu_state)(CPUState *cpu,
+ void *pc, /* target_long * */
+ void *cs_base, /* target_long */
+ int *flags);
+void (*gen_intermediate_code)(void *env, struct TranslationBlock *tb);
+void (*gen_intermediate_code_pc)(void *env, struct TranslationBlock *tb);
+void (*restore_state_to_opc)(void *env, struct TranslationBlock *tb,
+ int pc_pos);
+void (*tlb_fill)(CPUState *cs, uint64_t addr, int is_write, int mmu_idx,
+ uintptr_t retaddr);
 };
 
 QTAILQ_HEAD(CPUTailQ, CPUState);
diff --git a/qom/cpu.c b/qom/cpu.c
index 108bfa2..3fd7869 100644
--- a/qom/cpu.c
+++ b/qom/cpu.c
@@ -313,6 +313,12 @@ static void cpu_common_initfn(Object *obj)
 CPUClass *cc = CPU_GET_CLASS(obj);
 
 cpu->gdb_num_regs = cpu->gdb_num_g_regs = cc->gdb_num_core_regs;
+cpu->cpu_mmu_index = cc->cpu_mmu_index;
+cpu->cpu_get_tb_cpu_state = cc->cpu_get_tb_cpu_state;
+cpu->gen_intermediate_code = cc->gen_intermediate_code;
+cpu->gen_intermediate_code_pc = cc->gen_intermediate_code_pc;
+cpu->restore_state_to_opc = cc->restore_state_to_opc;
+cpu->tlb_fill = cc->tlb_fill;
 }
 
 static int64_t cpu_common_get_arch_id(CPUState *cpu)
diff --git a/softmmu_template.h b/softmmu_template.h
index 16b0852..dea12d2 100644
--- a/softmmu_template.h
+++ b/softmmu_template.h
@@ -141,6 +141,10 @@
 vidx >= 0;\
 })
 
+#define tlb_fill(cpu, a, f, i, r) \
+((cpu)->tlb_fill ? (cpu)->tlb_fill((cpu), (a), (f), (i), (r)) \
+ : tlb_fill((cpu), (a), (f), (i), (r)))
+
 #ifndef SOFTMMU_CODE_ACCESS
 static inline DATA_TYPE glue(io_read, SUFFIX)(CPUArchState *env,
   CPUIOTLBEntry *iotlbentry,
@@ -576,3 +580,5 @@ glue(glue(helper_st, SUFFIX), MMUSUFFIX)(CPUArchState *env, 
target_ulong addr,
 #undef helper_be_st_name
 #undef helper_te_ld_name
 #undef helper_te_st_name
+
+#undef tlb_fill
diff --git a/translate-all.c b/translate-all.c
index 65a76c5..1b9a405 100644
--- a/translate-all.c
+++ b/translate-all.c
@@ -144,6 +144,7 @@ void cpu_gen_init(void)
 */
 int cpu_gen_code(CPUArchState *env, TranslationBlock *tb, int 
*gen_code_size_ptr)
 {
+CPUState *cs = ENV_GET_CPU(env);
 TCGContext *s = &tcg_ctx;
 tcg_insn_unit *gen_code_buf;
 int gen_code_size;
@@ -158,7 +159,11 @@ int cpu_gen_code(CPUArchState *env, TranslationBloc

[Qemu-devel] [RFC PATCH 08/34] mb: cpu.h: Move cpu-all include

[Peter Crosthwaite]

The defs that follow dont need cpu-all. Move cpu-all include further
down to group it with exec-all.h.

Signed-off-by: Peter Crosthwaite 
---
 target-microblaze/cpu.h | 3 +--
 1 file changed, 1 insertion(+), 2 deletions(-)

diff --git a/target-microblaze/cpu.h b/target-microblaze/cpu.h
index 7030123..18071f5 100644
--- a/target-microblaze/cpu.h
+++ b/target-microblaze/cpu.h
@@ -316,8 +316,6 @@ static inline int cpu_mmu_index (CPUMBState *env)
 int mb_cpu_handle_mmu_fault(CPUState *cpu, vaddr address, int rw,
 int mmu_idx);
 
-#include "exec/cpu-all.h"
-
 static inline void cpu_get_tb_cpu_state(CPUMBState *env, target_ulong *pc,
 target_ulong *cs_base, int *flags)
 {
@@ -333,6 +331,7 @@ void mb_cpu_unassigned_access(CPUState *cpu, hwaddr addr,
   unsigned size);
 #endif
 
+#include "exec/cpu-all.h"
 #include "exec/exec-all.h"
 
 #endif
-- 
1.9.1

[Qemu-devel] [RFC PATCH 00/34] Multi Architecture System Emulation

[Peter Crosthwaite]

Hi All,

This is target-multi, a system-mode build that can support multiple
cpu-types. Patches 1-3 are the main infrastructure. The hard part
is the per-target changes needed to get each arch into an includable
state.

Two architectures are initially converted. Microblaze and ARM. Step
by step conversion in done for each. A microblaze is added to
Xilinx Zynq platform as a test case. This will be elaborted more in
future spins. This use case is valid, as Microblazes can be added (any
number of them!) in Zynq FPGA programmable logic configuration.

The hardest part is what to do about bootloading. Currently each arch
has it's own architecture specific bootloading which may assume a
single architecture. I have applied some hacks to at least get this
RFC testable using a -kernel -firmware split but going forward being
able to associate an elf/image with a cpu explictitly needs to be
solved.

For the implementation of this series, the trickiest part is cpu.h
inclusion management. There are now more than one cpu.h's and different
parts of the tree need a different include scheme. target-multi defines
it's own cpu.h which is bare minimum defs as needed by core code only.
target-foo/cpu.h are mostly the same but refactored to reuse common
code (with target-multi/cpu-head.h). Inclusion scheme goes something like
this (for the multi-arch build):

1: All obj-y modules include target-multi/cpu.h
2: Core code includes no other cpu.h's
3: target-foo/ implementation code includes target-foo/cpu.h
4: System level code (e.g. mach models) can use multiple target-foo/cpu.h's

Point 4 means that cpu.h's needs to be refactored to be able to include one
after the other. The interrupts for ARM and MB needed to be renamed to avoid
namespace collision. A few other defs needed multiple include guards, and
a few defs which where only for user mode are compiled out or relocated. No
attempt at support for multi-arch linux-user mode (if that even makes sense?).

The env as handle by common code now needs to architecture-agnostic. The
MB and ARM envs are refactored to have CPU_COMMON as the first field(s)
allowing QOM-style pointer casts to/from a generic env which contains only
CPU_COMMON. Might need to lock down some struct packing for that but it
works for me so far.

The helper function namespace is going to be tricky. I haven't tackled the
problem just yet, but looking for ideas on how we can avoid prefacing all
helpers with arch prefixes to avoid link-time collisions because multiple
arches use the same helper names.

A lowest common denomintor approach is taken on architecture specifics. E.g.
TARGET_LONG is 64-bit, and the address space sizes and NUM_MMU_MODES is set
to the maximum of all the supported arches.

The remaining globally defined interfaces between core code and CPUs are
QOMified per-cpu (P2)

Microblaze translation needs a change pattern to allow conversion to 64-bit
TARGET_LONG. Uses of TCGv need to be removed and explicited to 32-bit.

This RFC will serve as a reference as I send bits and piece to the respective
maintainers (many major subsystems are patched).

No support for KVM, im not sure if a mix of TCG and KVM is supported even for
a single arch? (which would be prerequisite to MA KVM).

Depends (not heavily) on my on-list disas QOMification. Test instructions
available on request. I have tested ARM & MB elfs handshaking through shared
memory and both printfing to the same UART (verifying system level
connectivity). -d in_asm works with the mix of disas arches comming out.

Regards,
Peter

Peter Crosthwaite (34):
  cpu-all: Prototype cpu_exec and cpu_signal_handler
  tcg+qom: QOMify core CPU defintions
  target-multi: Add
  mb: Change target long to 64b
  mb: cpu: Delete MMAP_SHIFT definition
  mb: rename EXCP macros
  mb: Remove ELF_MACHINE from cpu.h
  mb: cpu.h: Move cpu-all include
  mb: delete dummy prototypes
  HACK: microblaze: rename clz helper
  mb: cpu: Remove MMUx macros
  mb: cpu: Move CPU_COMMON to front of env
  mb: cpu: Change phys and virt address ranges.
  mb: Use qomified tcg defintions
  hw: mb: Explicitly include cpu.h for consumers
  mb: cpu: Guard cpu_init definition for user mode
  mb: cpu: Multi-define guard deep CPU specifics
  mb: cpu-qom: Put the ENV first
  mb: Enable multi-arch
  configure: Unify arm and aarch64 disas configury
  arm: Rename all exceptions
  arm: Remove ELF_MACHINE from cpu.h
  arm: cpu.h: Move cpu-all include
  arm: delete dummy prototypes
  arm: cpu: Move CPU_COMMON to front of env
  arm: Use qomified tcg defintions
  hw: arm: Explicitly include cpu.h for consumers
  arm: cpu: Guard cpu_init definition for user mode
  arm: cpu: Multi-define guard deep CPU specifics
  arm: Enable multi-arch
  arm: boot: Don't assume all CPUs are ARM
  arm: xilinx_zynq: Add a microblaze
  HACK: mb: boot: Assume using -firmware for mb software
  HACK: mb: boot: Disable dtb load in multi-arch

 Makefile.target   |  10 +-
 arch_init.c   |   4 +-
 

[Qemu-devel] [RFC PATCH 09/34] mb: delete dummy prototypes

[Peter Crosthwaite]

All these do now is rename the generic exec functions. Remove.

Signed-off-by: Peter Crosthwaite 
---
 linux-user/main.c   |  2 +-
 target-microblaze/cpu.h | 10 --
 2 files changed, 1 insertion(+), 11 deletions(-)

diff --git a/linux-user/main.c b/linux-user/main.c
index a113e87..60b5a5f 100644
--- a/linux-user/main.c
+++ b/linux-user/main.c
@@ -2872,7 +2872,7 @@ void cpu_loop(CPUMBState *env)
 
 while (1) {
 cpu_exec_start(cs);
-trapnr = cpu_mb_exec (env);
+trapnr = cpu_exec(env);
 cpu_exec_end(cs);
 switch (trapnr) {
 case 0xaa:
diff --git a/target-microblaze/cpu.h b/target-microblaze/cpu.h
index 18071f5..ad3466e 100644
--- a/target-microblaze/cpu.h
+++ b/target-microblaze/cpu.h
@@ -274,12 +274,6 @@ struct CPUMBState {
 
 void mb_tcg_init(void);
 MicroBlazeCPU *cpu_mb_init(const char *cpu_model);
-int cpu_mb_exec(CPUMBState *s);
-/* you can call this signal handler from your SIGBUS and SIGSEGV
-   signal handlers to inform the virtual CPU of exceptions. non zero
-   is returned if the signal was handled by the virtual CPU.  */
-int cpu_mb_signal_handler(int host_signum, void *pinfo,
-  void *puc);
 
 /* FIXME: MB uses variable pages down to 1K but linux only uses 4k.  */
 #define TARGET_PAGE_BITS 12
@@ -289,10 +283,6 @@ int cpu_mb_signal_handler(int host_signum, void *pinfo,
 
 #define cpu_init(cpu_model) CPU(cpu_mb_init(cpu_model))
 
-#define cpu_exec cpu_mb_exec
-#define cpu_gen_code cpu_mb_gen_code
-#define cpu_signal_handler cpu_mb_signal_handler
-
 /* MMU modes definitions */
 #define MMU_MODE0_SUFFIX _nommu
 #define MMU_MODE1_SUFFIX _kernel
-- 
1.9.1

[Qemu-devel] [RFC PATCH 06/34] mb: rename EXCP macros

[Peter Crosthwaite]

These are architecture specific, and via cpu.h visibile in common
and global namespaces. Preface them with "MB_" to avoid namespace
collisions. Prepares support for multi-arch where multiple cpu.h's
can be included by device land code and namespace issues happen with
such generic names.

Signed-off-by: Peter Crosthwaite 
---
 linux-user/main.c |  4 ++--
 target-microblaze/cpu.h   | 10 +-
 target-microblaze/helper.c| 18 +-
 target-microblaze/op_helper.c | 12 ++--
 target-microblaze/translate.c | 42 +-
 5 files changed, 43 insertions(+), 43 deletions(-)

diff --git a/linux-user/main.c b/linux-user/main.c
index 3f32db0..a113e87 100644
--- a/linux-user/main.c
+++ b/linux-user/main.c
@@ -2888,7 +2888,7 @@ void cpu_loop(CPUMBState *env)
case EXCP_INTERRUPT:
  /* just indicate that signals should be handled asap */
  break;
-case EXCP_BREAK:
+case MB_EXCP_BREAK:
 /* Return address is 4 bytes after the call.  */
 env->regs[14] += 4;
 env->sregs[SR_PC] = env->regs[14];
@@ -2903,7 +2903,7 @@ void cpu_loop(CPUMBState *env)
  0, 0);
 env->regs[3] = ret;
 break;
-case EXCP_HW_EXCP:
+case MB_EXCP_HW_EXCP:
 env->regs[17] = env->sregs[SR_PC] + 4;
 if (env->iflags & D_FLAG) {
 env->sregs[SR_ESR] |= 1 << 12;
diff --git a/target-microblaze/cpu.h b/target-microblaze/cpu.h
index ff38661..ba02a87 100644
--- a/target-microblaze/cpu.h
+++ b/target-microblaze/cpu.h
@@ -36,11 +36,11 @@ typedef struct CPUMBState CPUMBState;
 
 #define ELF_MACHINEEM_MICROBLAZE
 
-#define EXCP_MMU1
-#define EXCP_IRQ2
-#define EXCP_BREAK  3
-#define EXCP_HW_BREAK   4
-#define EXCP_HW_EXCP5
+#define MB_EXCP_MMU1
+#define MB_EXCP_IRQ2
+#define MB_EXCP_BREAK  3
+#define MB_EXCP_HW_BREAK   4
+#define MB_EXCP_HW_EXCP5
 
 /* MicroBlaze-specific interrupt pending bits.  */
 #define CPU_INTERRUPT_NMI   CPU_INTERRUPT_TGT_EXT_3
diff --git a/target-microblaze/helper.c b/target-microblaze/helper.c
index 839680b..2f45d38 100644
--- a/target-microblaze/helper.c
+++ b/target-microblaze/helper.c
@@ -97,12 +97,12 @@ int mb_cpu_handle_mmu_fault(CPUState *cs, vaddr address, 
int rw,
 break;
 }
 
-if (cs->exception_index == EXCP_MMU) {
+if (cs->exception_index == MB_EXCP_MMU) {
 cpu_abort(cs, "recursive faults\n");
 }
 
 /* TLB miss.  */
-cs->exception_index = EXCP_MMU;
+cs->exception_index = MB_EXCP_MMU;
 }
 } else {
 /* MMU disabled or not available.  */
@@ -126,7 +126,7 @@ void mb_cpu_do_interrupt(CPUState *cs)
 /*assert(env->sregs[SR_MSR] & (MSR_EE)); Only for HW exceptions.  */
 env->res_addr = RES_ADDR_NONE;
 switch (cs->exception_index) {
-case EXCP_HW_EXCP:
+case MB_EXCP_HW_EXCP:
 if (!(env->pvr.regs[0] & PVR0_USE_EXC_MASK)) {
 qemu_log("Exception raised on system without exceptions!\n");
 return;
@@ -157,7 +157,7 @@ void mb_cpu_do_interrupt(CPUState *cs)
 env->sregs[SR_PC] = cpu->base_vectors + 0x20;
 break;
 
-case EXCP_MMU:
+case MB_EXCP_MMU:
 env->regs[17] = env->sregs[SR_PC];
 
 env->sregs[SR_ESR] &= ~(1 << 12);
@@ -197,7 +197,7 @@ void mb_cpu_do_interrupt(CPUState *cs)
 env->sregs[SR_PC] = cpu->base_vectors + 0x20;
 break;
 
-case EXCP_IRQ:
+case MB_EXCP_IRQ:
 assert(!(env->sregs[SR_MSR] & (MSR_EIP | MSR_BIP)));
 assert(env->sregs[SR_MSR] & MSR_IE);
 assert(!(env->iflags & D_FLAG));
@@ -239,8 +239,8 @@ void mb_cpu_do_interrupt(CPUState *cs)
 //log_cpu_state_mask(CPU_LOG_INT, cs, 0);
 break;
 
-case EXCP_BREAK:
-case EXCP_HW_BREAK:
+case MB_EXCP_BREAK:
+case MB_EXCP_HW_BREAK:
 assert(!(env->iflags & IMM_FLAG));
 assert(!(env->iflags & D_FLAG));
 t = (env->sregs[SR_MSR] & (MSR_VM | MSR_UM)) << 1;
@@ -251,7 +251,7 @@ void mb_cpu_do_interrupt(CPUState *cs)
 env->sregs[SR_MSR] &= ~(MSR_VMS | MSR_UMS | MSR_VM | MSR_UM);
 env->sregs[SR_MSR] |= t;
 env->sregs[SR_MSR] |= MSR_BIP;
-if (cs->exception_index == EXCP_HW_BREAK) {
+if (cs->exception_index == MB_EXCP_HW_BREAK) {
 env->regs[16] = env->sregs[SR_PC];
 env->sregs[SR_MSR] |= MSR_BIP;
 env->sregs[SR_PC] = cpu->base_vectors + 0x18;
@@ -296,7 +296,7 @@ bool mb_cpu_exec_interrupt(CPUState *cs, int 
interrupt_request)
 && (env->sregs[SR_MSR] & MSR_IE)
 && !(env->sregs[SR_MSR] & (MSR_EIP | MSR_BIP))
 && !(env->iflags & (D_FLAG |

[Qemu-devel] [RFC PATCH 04/34] mb: Change target long to 64b

[Peter Crosthwaite]

To be consistent with aarch64. Microblaze is still ulitmately only
32b. So all uses of the _tl tcg APIs and unqualified TCGv variables
need to specified to their 32b variants. The load and store operations
need some zero extension operands.

Signed-off-by: Peter Crosthwaite 
---
 target-microblaze/cpu.h   |   2 +-
 target-microblaze/helper.c|   4 +-
 target-microblaze/translate.c | 613 +-
 3 files changed, 316 insertions(+), 303 deletions(-)

diff --git a/target-microblaze/cpu.h b/target-microblaze/cpu.h
index 4ea04ac..9d01bb4 100644
--- a/target-microblaze/cpu.h
+++ b/target-microblaze/cpu.h
@@ -22,7 +22,7 @@
 #include "config.h"
 #include "qemu-common.h"
 
-#define TARGET_LONG_BITS 32
+#define TARGET_LONG_BITS 64
 
 #define CPUArchState struct CPUMBState
 
diff --git a/target-microblaze/helper.c b/target-microblaze/helper.c
index 32896f4..839680b 100644
--- a/target-microblaze/helper.c
+++ b/target-microblaze/helper.c
@@ -66,7 +66,7 @@ int mb_cpu_handle_mmu_fault(CPUState *cs, vaddr address, int 
rw,
 
 /* Translate if the MMU is available and enabled.  */
 if (mmu_available && (env->sregs[SR_MSR] & MSR_VM)) {
-target_ulong vaddr, paddr;
+uint32_t vaddr, paddr;
 struct microblaze_mmu_lookup lu;
 
 hit = mmu_translate(&env->mmu, &lu, address, rw, mmu_idx);
@@ -269,7 +269,7 @@ hwaddr mb_cpu_get_phys_page_debug(CPUState *cs, vaddr addr)
 {
 MicroBlazeCPU *cpu = MICROBLAZE_CPU(cs);
 CPUMBState *env = &cpu->env;
-target_ulong vaddr, paddr = 0;
+uint32_t vaddr, paddr = 0;
 struct microblaze_mmu_lookup lu;
 unsigned int hit;
 
diff --git a/target-microblaze/translate.c b/target-microblaze/translate.c
index 4068946..14e7a31 100644
--- a/target-microblaze/translate.c
+++ b/target-microblaze/translate.c
@@ -43,23 +43,28 @@
 #define EXTRACT_FIELD(src, start, end) \
 (((src) >> start) & ((1 << (end - start + 1)) - 1))
 
-static TCGv env_debug;
+/*
+ * Microblaze does not support direct use of the target long type
+ * All TCG vars must be TCGv_i32
+ */
+
+static TCGv_i32 env_debug;
 static TCGv_ptr cpu_env;
-static TCGv cpu_R[32];
-static TCGv cpu_SR[18];
-static TCGv env_imm;
-static TCGv env_btaken;
-static TCGv env_btarget;
-static TCGv env_iflags;
-static TCGv env_res_addr;
-static TCGv env_res_val;
+static TCGv_i32 cpu_R[32];
+static TCGv_i32 cpu_SR[18];
+static TCGv_i32 env_imm;
+static TCGv_i32 env_btaken;
+static TCGv_i32 env_btarget;
+static TCGv_i32 env_iflags;
+static TCGv_i32 env_res_addr;
+static TCGv_i32 env_res_val;
 
 #include "exec/gen-icount.h"
 
 /* This is the state at translation time.  */
 typedef struct DisasContext {
 MicroBlazeCPU *cpu;
-target_ulong pc;
+uint32_t pc;
 
 /* Decoder.  */
 int type_b;
@@ -106,7 +111,7 @@ static inline void t_sync_flags(DisasContext *dc)
 {
 /* Synch the tb dependent flags between translator and runtime.  */
 if (dc->tb_flags != dc->synced_flags) {
-tcg_gen_movi_tl(env_iflags, dc->tb_flags);
+tcg_gen_movi_i32(env_iflags, dc->tb_flags);
 dc->synced_flags = dc->tb_flags;
 }
 }
@@ -116,53 +121,53 @@ static inline void t_gen_raise_exception(DisasContext 
*dc, uint32_t index)
 TCGv_i32 tmp = tcg_const_i32(index);
 
 t_sync_flags(dc);
-tcg_gen_movi_tl(cpu_SR[SR_PC], dc->pc);
+tcg_gen_movi_i32(cpu_SR[SR_PC], dc->pc);
 gen_helper_raise_exception(cpu_env, tmp);
 tcg_temp_free_i32(tmp);
 dc->is_jmp = DISAS_UPDATE;
 }
 
-static void gen_goto_tb(DisasContext *dc, int n, target_ulong dest)
+static void gen_goto_tb(DisasContext *dc, int n, uint32_t dest)
 {
 TranslationBlock *tb;
 tb = dc->tb;
 if ((tb->pc & TARGET_PAGE_MASK) == (dest & TARGET_PAGE_MASK)) {
 tcg_gen_goto_tb(n);
-tcg_gen_movi_tl(cpu_SR[SR_PC], dest);
+tcg_gen_movi_i32(cpu_SR[SR_PC], dest);
 tcg_gen_exit_tb((uintptr_t)tb + n);
 } else {
-tcg_gen_movi_tl(cpu_SR[SR_PC], dest);
+tcg_gen_movi_i32(cpu_SR[SR_PC], dest);
 tcg_gen_exit_tb(0);
 }
 }
 
-static void read_carry(DisasContext *dc, TCGv d)
+static void read_carry(DisasContext *dc, TCGv_i32 d)
 {
-tcg_gen_shri_tl(d, cpu_SR[SR_MSR], 31);
+tcg_gen_shri_i32(d, cpu_SR[SR_MSR], 31);
 }
 
 /*
  * write_carry sets the carry bits in MSR based on bit 0 of v.
  * v[31:1] are ignored.
  */
-static void write_carry(DisasContext *dc, TCGv v)
+static void write_carry(DisasContext *dc, TCGv_i32 v)
 {
-TCGv t0 = tcg_temp_new();
-tcg_gen_shli_tl(t0, v, 31);
-tcg_gen_sari_tl(t0, t0, 31);
-tcg_gen_andi_tl(t0, t0, (MSR_C | MSR_CC));
-tcg_gen_andi_tl(cpu_SR[SR_MSR], cpu_SR[SR_MSR],
+TCGv_i32 t0 = tcg_temp_new_i32();
+tcg_gen_shli_i32(t0, v, 31);
+tcg_gen_sari_i32(t0, t0, 31);
+tcg_gen_andi_i32(t0, t0, (MSR_C | MSR_CC));
+tcg_gen_andi_i32(cpu_SR[SR_MSR], cpu_SR[SR_MSR],
 ~(MSR_C | MSR_CC));
-tcg_gen_or_tl(cpu_SR[SR_MSR], cpu_SR[SR_M

[Qemu-devel] [RFC PATCH 10/34] HACK: microblaze: rename clz helper

[Peter Crosthwaite]

To avoid namespace collision with ARM helper of the same name.

Marking hack, as really all helpers should be consistently renamed
or something should be figured out to allow per-target separation
of the helper.h namespace.

Signed-off-by: Peter Crosthwaite 
---
 target-microblaze/helper.h| 2 +-
 target-microblaze/op_helper.c | 2 +-
 target-microblaze/translate.c | 2 +-
 3 files changed, 3 insertions(+), 3 deletions(-)

diff --git a/target-microblaze/helper.h b/target-microblaze/helper.h
index bd13826..c7d1c9e 100644
--- a/target-microblaze/helper.h
+++ b/target-microblaze/helper.h
@@ -3,7 +3,7 @@ DEF_HELPER_1(debug, void, env)
 DEF_HELPER_FLAGS_3(carry, TCG_CALL_NO_RWG_SE, i32, i32, i32, i32)
 DEF_HELPER_2(cmp, i32, i32, i32)
 DEF_HELPER_2(cmpu, i32, i32, i32)
-DEF_HELPER_FLAGS_1(clz, TCG_CALL_NO_RWG_SE, i32, i32)
+DEF_HELPER_FLAGS_1(mb_clz, TCG_CALL_NO_RWG_SE, i32, i32)
 
 DEF_HELPER_3(divs, i32, env, i32, i32)
 DEF_HELPER_3(divu, i32, env, i32, i32)
diff --git a/target-microblaze/op_helper.c b/target-microblaze/op_helper.c
index 1e7db6a..df2d74f 100644
--- a/target-microblaze/op_helper.c
+++ b/target-microblaze/op_helper.c
@@ -144,7 +144,7 @@ uint32_t helper_cmpu(uint32_t a, uint32_t b)
 return t;
 }
 
-uint32_t helper_clz(uint32_t t0)
+uint32_t helper_mb_clz(uint32_t t0)
 {
 return clz32(t0);
 }
diff --git a/target-microblaze/translate.c b/target-microblaze/translate.c
index b199d1d..ec655fd 100644
--- a/target-microblaze/translate.c
+++ b/target-microblaze/translate.c
@@ -821,7 +821,7 @@ static void dec_bit(DisasContext *dc)
 t_gen_raise_exception(dc, MB_EXCP_HW_EXCP);
 }
 if (dc->cpu->env.pvr.regs[2] & PVR2_USE_PCMP_INSTR) {
-gen_helper_clz(cpu_R[dc->rd], cpu_R[dc->ra]);
+gen_helper_mb_clz(cpu_R[dc->rd], cpu_R[dc->ra]);
 }
 break;
 case 0x1e0:
-- 
1.9.1

[Qemu-devel] [RFC PATCH 07/34] mb: Remove ELF_MACHINE from cpu.h

[Peter Crosthwaite]

The only generic code relying on this is linux-user. Linux user already
has a lot of #ifdef TARGET_ customisation so just define ELF_MACHINE
locally there.

The microblaze bootloader can just pass EM_MICROBLAZE directly, as that
is architecture specific code.

This remove another architecture specific definition from the global
namespace.

Signed-off-by: Peter Crosthwaite 
---
 hw/microblaze/boot.c| 4 ++--
 linux-user/elfload.c| 1 +
 target-microblaze/cpu.h | 2 --
 3 files changed, 3 insertions(+), 4 deletions(-)

diff --git a/hw/microblaze/boot.c b/hw/microblaze/boot.c
index 4c44317..b3d7c99 100644
--- a/hw/microblaze/boot.c
+++ b/hw/microblaze/boot.c
@@ -140,12 +140,12 @@ void microblaze_load_kernel(MicroBlazeCPU *cpu, hwaddr 
ddr_base,
 /* Boots a kernel elf binary.  */
 kernel_size = load_elf(kernel_filename, NULL, NULL,
&entry, &low, &high,
-   big_endian, ELF_MACHINE, 0);
+   big_endian, EM_MICROBLAZE, 0);
 base32 = entry;
 if (base32 == 0xc000) {
 kernel_size = load_elf(kernel_filename, translate_kernel_address,
NULL, &entry, NULL, NULL,
-   big_endian, ELF_MACHINE, 0);
+   big_endian, EM_MICROBLAZE, 0);
 }
 /* Always boot into physical ram.  */
 boot_info.bootstrap_pc = (uint32_t)entry;
diff --git a/linux-user/elfload.c b/linux-user/elfload.c
index 0ba9706..de7fe14 100644
--- a/linux-user/elfload.c
+++ b/linux-user/elfload.c
@@ -945,6 +945,7 @@ static void elf_core_copy_regs(target_elf_gregset_t *regs, 
const CPUMIPSState *e
 #ifdef TARGET_MICROBLAZE
 
 #define ELF_START_MMAP 0x8000
+#define ELF_MACHINEEM_MICROBLAZE
 
 #define elf_check_arch(x) ( (x) == EM_MICROBLAZE || (x) == EM_MICROBLAZE_OLD)
 
diff --git a/target-microblaze/cpu.h b/target-microblaze/cpu.h
index ba02a87..7030123 100644
--- a/target-microblaze/cpu.h
+++ b/target-microblaze/cpu.h
@@ -34,8 +34,6 @@ typedef struct CPUMBState CPUMBState;
 #include "mmu.h"
 #endif
 
-#define ELF_MACHINEEM_MICROBLAZE
-
 #define MB_EXCP_MMU1
 #define MB_EXCP_IRQ2
 #define MB_EXCP_BREAK  3
-- 
1.9.1

[Qemu-devel] [RFC PATCH 03/34] target-multi: Add

[Peter Crosthwaite]

Create the multi-arch target architecture. The arch can create system
mode emulations with multiple target- cpu types. The page size and
target long size are fixed based on AArch64 but this forms a superset
of the immediately supportable multi-arch CPU targets anyway.

All supported arches have their target-foo and hw/foo code compiled.
The auto-included cpu.h comes from target-multi/cpu.h which defines
the minimal defs needed only by core code only.

Each supported arch will also always compile-in target-multi, as
supported arches can rely of target-multi code even for single-arch
functionality.

Signed-off-by: Peter Crosthwaite 
---
 Makefile.target   | 10 --
 arch_init.c   |  4 +++-
 configure | 14 +-
 default-configs/multi-softmmu.mak |  3 +++
 include/sysemu/arch_init.h|  1 +
 target-multi/Makefile.objs|  1 +
 target-multi/cpu-head.h   | 24 +++
 target-multi/cpu.h| 40 +++
 target-multi/helper.h |  0
 target-multi/translate.c  | 15 +++
 target-multi/translate.h  | 10 ++
 11 files changed, 118 insertions(+), 4 deletions(-)
 create mode 100644 default-configs/multi-softmmu.mak
 create mode 100644 target-multi/Makefile.objs
 create mode 100644 target-multi/cpu-head.h
 create mode 100644 target-multi/cpu.h
 create mode 100644 target-multi/helper.h
 create mode 100644 target-multi/translate.c
 create mode 100644 target-multi/translate.h

diff --git a/Makefile.target b/Makefile.target
index 1083377..3e5a4f9 100644
--- a/Makefile.target
+++ b/Makefile.target
@@ -11,6 +11,11 @@ QEMU_CFLAGS += -I../linux-headers
 endif
 QEMU_CFLAGS += -I.. -I$(SRC_PATH)/target-$(TARGET_BASE_ARCH) -DNEED_CPU_H
 
+ARCH_DIRS = $(TARGET_BASE_ARCH)
+ifeq ($(TARGET_BASE_ARCH), multi)
+ARCH_DIRS +=
+endif
+
 QEMU_CFLAGS+=-I$(SRC_PATH)/include
 
 ifdef CONFIG_USER_ONLY
@@ -87,7 +92,8 @@ obj-y += tcg/tcg.o tcg/tcg-op.o tcg/optimize.o
 obj-$(CONFIG_TCG_INTERPRETER) += tci.o
 obj-$(CONFIG_TCG_INTERPRETER) += disas/tci.o
 obj-y += fpu/softfloat.o
-obj-y += target-$(TARGET_BASE_ARCH)/
+obj-y += $(foreach a, $(ARCH_DIRS), target-$(a)/)
+obj-$(CONFIG_ARCH_MULTI) += target-multi/
 obj-y += disas.o
 obj-$(call notempty,$(TARGET_XML_FILES)) += gdbstub-xml.o
 obj-$(call lnot,$(CONFIG_KVM)) += kvm-stub.o
@@ -146,7 +152,7 @@ obj-$(call lnot,$(CONFIG_XEN_I386)) += xen-hvm-stub.o
 ifeq ($(TARGET_NAME), sparc64)
 obj-y += hw/sparc64/
 else
-obj-y += hw/$(TARGET_BASE_ARCH)/
+obj-y += $(foreach a, $(ARCH_DIRS), hw/$(a)/)
 endif
 
 GENERATED_HEADERS += hmp-commands.h qmp-commands-old.h
diff --git a/arch_init.c b/arch_init.c
index 4c8fcee..7479eae 100644
--- a/arch_init.c
+++ b/arch_init.c
@@ -73,7 +73,9 @@ int graphic_depth = 32;
 #endif
 
 
-#if defined(TARGET_ALPHA)
+#if defined(TARGET_MULTI)
+#define QEMU_ARCH QEMU_ARCH_MULTI
+#elif defined(TARGET_ALPHA)
 #define QEMU_ARCH QEMU_ARCH_ALPHA
 #elif defined(TARGET_ARM)
 #define QEMU_ARCH QEMU_ARCH_ARM
diff --git a/configure b/configure
index 255d85b..270a87c 100755
--- a/configure
+++ b/configure
@@ -5195,6 +5195,9 @@ case "$target_name" in
   ;;
   moxie)
   ;;
+  multi)
+bflt="yes"
+  ;;
   or32)
 TARGET_ARCH=openrisc
 TARGET_BASE_ARCH=openrisc
@@ -5277,6 +5280,10 @@ if [ "$HOST_VARIANT_DIR" != "" ]; then
 echo "HOST_VARIANT_DIR=$HOST_VARIANT_DIR" >> $config_target_mak
 fi
 case "$target_name" in
+  multi)
+MULTI_TARGETS=""
+esac
+case "$target_name" in
   i386|x86_64)
 if test "$xen" = "yes" -a "$target_softmmu" = "yes" ; then
   echo "CONFIG_XEN=y" >> $config_target_mak
@@ -5343,7 +5350,12 @@ fi
 cflags=""
 ldflags=""
 
-for i in $ARCH $TARGET_BASE_ARCH ; do
+for i in $MULTI_TARGETS; do
+i_upper="`upper $i`"
+echo "TARGET_$i_upper=y" >> $config_target_mak
+done;
+
+for i in $ARCH $TARGET_BASE_ARCH $MULTI_TARGETS; do
   case "$i" in
   alpha)
 echo "CONFIG_ALPHA_DIS=y"  >> $config_target_mak
diff --git a/default-configs/multi-softmmu.mak 
b/default-configs/multi-softmmu.mak
new file mode 100644
index 000..f76eb8f
--- /dev/null
+++ b/default-configs/multi-softmmu.mak
@@ -0,0 +1,3 @@
+
+include microblazeel-softmmu.mak
+include aarch64-softmmu.mak
diff --git a/include/sysemu/arch_init.h b/include/sysemu/arch_init.h
index 54b36c1..c539dec 100644
--- a/include/sysemu/arch_init.h
+++ b/include/sysemu/arch_init.h
@@ -23,6 +23,7 @@ enum {
 QEMU_ARCH_UNICORE32 = (1 << 14),
 QEMU_ARCH_MOXIE = (1 << 15),
 QEMU_ARCH_TRICORE = (1 << 16),
+QEMU_ARCH_MULTI = (1 << 17),
 };
 
 extern const uint32_t arch_type;
diff --git a/target-multi/Makefile.objs b/target-multi/Makefile.objs
new file mode 100644
index 000..4406ab9
--- /dev/null
+++ b/target-multi/Makefile.objs
@@ -0,0 +1 @@
+obj-y += translate.o
diff --git a/target-multi/cpu-head.h b/target-multi/cpu-head.h
new file mode 100644
index 000..fb6628e
--- /dev/null
+++ b/target-multi

Re: [Qemu-devel] [PATCHv2] parallel: Allow to disable CONFIG_PARALLEL

[Markus Armbruster]

mreza...@redhat.com writes:

> From: Miroslav Rezanina 
>
> Disabling CONFIG_PARALLEL cause build failure as commit 07dc788 factored
> out initialization to parallel_hds_isa_init function in hw/char/parallel.c 
> that is not build. 
>
> Stub file is added to be able to disable CONFIG_PARALLEL. This file is used
> in targets using parallel_hds_isa_init and provide empty definition of this
> function.
>
> Signed-off-by: Miroslav Rezanina 
>
> ---
>  hw/i386/Makefile.objs| 1 +
>  hw/mips/Makefile.objs| 2 ++
>  hw/sparc64/Makefile.objs | 2 ++
>  stubs/parallel-stub.c| 7 +++

Nitpick: the existing stub/*.c naming practice suggests
stubs/parallel.c.

>  4 files changed, 12 insertions(+)
>  create mode 100644 stubs/parallel-stub.c
>
> diff --git a/hw/i386/Makefile.objs b/hw/i386/Makefile.objs
> index e058a39..2b7131a 100644
> --- a/hw/i386/Makefile.objs
> +++ b/hw/i386/Makefile.objs
> @@ -4,6 +4,7 @@ obj-y += pc.o pc_piix.o pc_q35.o
>  obj-y += pc_sysfw.o
>  obj-y += intel_iommu.o
>  obj-$(CONFIG_XEN) += ../xenpv/ xen/
> +obj-$(call lnot,$(CONFIG_PARALLEL)) += ../../stubs/parallel-stub.o
>  
>  obj-y += kvmvapic.o
>  obj-y += acpi-build.o

Can we rely on the linker to pull parallel-stub.o from a suitable .a
libqemustub.a when needed?

> diff --git a/hw/mips/Makefile.objs b/hw/mips/Makefile.objs
> index 0a652f8..2e65305 100644
> --- a/hw/mips/Makefile.objs
> +++ b/hw/mips/Makefile.objs
> @@ -2,3 +2,5 @@ obj-y += mips_r4k.o mips_jazz.o mips_malta.o mips_mipssim.o
>  obj-y += addr.o cputimer.o mips_int.o
>  obj-$(CONFIG_FULONG) += mips_fulong2e.o
>  obj-y += gt64xxx_pci.o
> +obj-$(call lnot,$(CONFIG_PARALLEL)) += ../../stubs/parallel-stub.o
> +
> diff --git a/hw/sparc64/Makefile.objs b/hw/sparc64/Makefile.objs
> index a84cfe3..7696611 100644
> --- a/hw/sparc64/Makefile.objs
> +++ b/hw/sparc64/Makefile.objs
> @@ -1 +1,3 @@
>  obj-y += sun4u.o
> +obj-$(call lnot,$(CONFIG_PARALLEL)) += ../../stubs/parallel-stub.o
> +
> diff --git a/stubs/parallel-stub.c b/stubs/parallel-stub.c
> new file mode 100644
> index 000..949c1b2
> --- /dev/null
> +++ b/stubs/parallel-stub.c
> @@ -0,0 +1,7 @@
> +#include "qemu/typedefs.h"
> +#include "hw/isa/isa.h"
> +#include "hw/i386/pc.h"
> +
> +void parallel_hds_isa_init(ISABus *bus, int n)
> +{
> +}

Re: [Qemu-devel] [PATCH] ui/cocoa.m: Give laptop users ability to scroll in monitor

[Gerd Hoffmann]

On So, 2015-05-10 at 23:51 +0100, Peter Maydell wrote:
> On 10 May 2015 at 23:34, Peter Maydell  wrote:
> > I've now tested again with my not-just-the-laptop setup, and:
> >
> >  * in the guest OS (I tested with a Linux guest), PageUp/Down
> >work OK and work the same whether I use an external USB
> >keyboard with a physical PgUp/Down key or the MacBook Air's
> >keyboard with Fn+UpArrow/Fn+DownArrow as the chord to
> >input pageup/down
> >  * in the monitor window, neither way of inputting PageUp/Down
> >works: all you get is a ',' input into the monitor
> >
> > So my conclusion is that we should fix the underlying
> > problem that the monitor isn't handling PgUp/PgDown
> > correctly (not sure exactly why that's not working yet).
> 
> So looking at the code in ui/console.c that implements our
> virtual consoles, the scrolling is hooked up to the keycodes
> QEMU_KEY_CTRL_{UP,DOWN,PAGEUP,PAGEDOWN}. These only seem
> to be output by one of our UI frontends, SDL.
> 
> Gerd, how is this supposed to work? Shouldn't something
> in the generic console code be handling converting the
> Q_KEY_CODE_CTRL/CTRL_R + Q_KEY_CODE_PGUP/DOWN/etc into
> what the vc layer expects, rather than having each of the
> ui frontends doing it?

Unfortunaly it isn't that easy as we have two very different modes of
operation here:  For vc's we need the keyboard input already mapped to
your local keyboard layout (i.e. the keysyms).  For guest input we need
the raw scancodes of the keys as the keyboard layout handling is done by
the guest.  The differences between the UIs (especially when it comes to
raw scancodes) are big enough that it is next to impossible to hide all
that in common code.

Specifically for the vc control keys there is a little helper function
though: kbd_put_qcode_console(), used by sdl2 and gtk, which might be
useful for cocoa too.

cheers,
  Gerd