[Qemu-devel] qemu/hw ppc.c
CVSROOT:/sources/qemu Module name:qemu Changes by: Jocelyn Mayer j_mayer 07/04/24 06:32:01 Modified files: hw : ppc.c Log message: PowerPC embedded timers fixes. Improve PowerPC timers debug. CVSWeb URLs: http://cvs.savannah.gnu.org/viewcvs/qemu/hw/ppc.c?cvsroot=qemur1=1.21r2=1.22
[Qemu-devel] qemu/hw ppc405.h ppc405_uc.c
CVSROOT:/sources/qemu Module name:qemu Changes by: Jocelyn Mayer j_mayer 07/04/24 06:37:21 Modified files: hw : ppc405.h ppc405_uc.c Log message: PowerPC 405 microcontrollers fixes and improvments: - use target_phys_addr_t for physical addresses / offsets - implement fake general purpose timers and memory access layer for PowerPC 405EP - more assigned internal IRQs. CVSWeb URLs: http://cvs.savannah.gnu.org/viewcvs/qemu/hw/ppc405.h?cvsroot=qemur1=1.2r2=1.3 http://cvs.savannah.gnu.org/viewcvs/qemu/hw/ppc405_uc.c?cvsroot=qemur1=1.2r2=1.3
[Qemu-devel] qemu/target-ppc cpu.h exec.h op.c op_helper.c o...
CVSROOT:/sources/qemu Module name:qemu Changes by: Jocelyn Mayer j_mayer 07/04/24 06:50:21 Modified files: target-ppc : cpu.h exec.h op.c op_helper.c op_helper.h op_mem.h op_template.h translate.c Log message: Code provision for new PowerPC embedded target support with: - 1 kB page size - 64 bits GPR - 64 bits physical address space - SPE extension support. Change TARGET_PPCSPE into TARGET_PPCEMB CVSWeb URLs: http://cvs.savannah.gnu.org/viewcvs/qemu/target-ppc/cpu.h?cvsroot=qemur1=1.45r2=1.46 http://cvs.savannah.gnu.org/viewcvs/qemu/target-ppc/exec.h?cvsroot=qemur1=1.19r2=1.20 http://cvs.savannah.gnu.org/viewcvs/qemu/target-ppc/op.c?cvsroot=qemur1=1.35r2=1.36 http://cvs.savannah.gnu.org/viewcvs/qemu/target-ppc/op_helper.c?cvsroot=qemur1=1.30r2=1.31 http://cvs.savannah.gnu.org/viewcvs/qemu/target-ppc/op_helper.h?cvsroot=qemur1=1.9r2=1.10 http://cvs.savannah.gnu.org/viewcvs/qemu/target-ppc/op_mem.h?cvsroot=qemur1=1.12r2=1.13 http://cvs.savannah.gnu.org/viewcvs/qemu/target-ppc/op_template.h?cvsroot=qemur1=1.7r2=1.8 http://cvs.savannah.gnu.org/viewcvs/qemu/target-ppc/translate.c?cvsroot=qemur1=1.57r2=1.58
[Qemu-devel] qemu vl.c vl.h
CVSROOT:/sources/qemu Module name:qemu Changes by: Jocelyn Mayer j_mayer 07/04/24 06:52:59 Modified files: . : vl.c vl.h Log message: Add -pflash option to register parallel flash bloc devices. CVSWeb URLs: http://cvs.savannah.gnu.org/viewcvs/qemu/vl.c?cvsroot=qemur1=1.283r2=1.284 http://cvs.savannah.gnu.org/viewcvs/qemu/vl.h?cvsroot=qemur1=1.218r2=1.219
Re: [Qemu-devel] Re: Detecting an assembly instruction in QEMU
Hi Eduardo, I have finished implementing the implementing the roll-back functionality for transactional memory. There is one thing that I wanted to ask you. In order to roll-back, I need to log all the memory references. So that in that case when a transaction fails and roll-back occurs, memory state can also be rolled back. I will really apprecaite if you could direct me to the piece of code in QEMU for i386, where I can intercept the memory references. Thanks, Atif On 4/22/07, Eduardo Felipe [EMAIL PROTECTED] wrote: Hi Atif, Your code seems quite ok to me. Just try including stored_eip inside the DisasContext, otherwise you'll lose its value between calls to disas_insn function. Also make sure that the instructions you are using as markers are not executed elsewhere, as your compiler could generate them inside regular code or they could already exist in your OS. Regards, Eduardo
[Qemu-devel] qemu Makefile Makefile.target configure
CVSROOT:/sources/qemu Module name:qemu Changes by: Jocelyn Mayer j_mayer 07/04/24 07:34:03 Modified files: . : Makefile Makefile.target configure Log message: New target for embedded PowerPC emulation (only system emulation, for now). CVSWeb URLs: http://cvs.savannah.gnu.org/viewcvs/qemu/Makefile?cvsroot=qemur1=1.117r2=1.118 http://cvs.savannah.gnu.org/viewcvs/qemu/Makefile.target?cvsroot=qemur1=1.163r2=1.164 http://cvs.savannah.gnu.org/viewcvs/qemu/configure?cvsroot=qemur1=1.138r2=1.139
[Qemu-devel] qemu/target-ppc op_helper.c
CVSROOT:/sources/qemu Module name:qemu Changes by: Jocelyn Mayer j_mayer 07/04/24 07:36:03 Modified files: target-ppc : op_helper.c Log message: Debug traces fixes. CVSWeb URLs: http://cvs.savannah.gnu.org/viewcvs/qemu/target-ppc/op_helper.c?cvsroot=qemur1=1.31r2=1.32
[Qemu-devel] qemu Makefile.target vl.c vl.h hw/ppc405_boards.c
CVSROOT:/sources/qemu Module name:qemu Changes by: Jocelyn Mayer j_mayer 07/04/24 07:40:49 Modified files: . : Makefile.target vl.c vl.h Added files: hw : ppc405_boards.c Log message: Evaluation boards for PowerPC 405EP. CVSWeb URLs: http://cvs.savannah.gnu.org/viewcvs/qemu/Makefile.target?cvsroot=qemur1=1.164r2=1.165 http://cvs.savannah.gnu.org/viewcvs/qemu/vl.c?cvsroot=qemur1=1.284r2=1.285 http://cvs.savannah.gnu.org/viewcvs/qemu/vl.h?cvsroot=qemur1=1.219r2=1.220 http://cvs.savannah.gnu.org/viewcvs/qemu/hw/ppc405_boards.c?cvsroot=qemurev=1.1
[Qemu-devel] qemu .cvsignore
CVSROOT:/sources/qemu Module name:qemu Changes by: Jocelyn Mayer j_mayer 07/04/24 07:43:37 Modified files: . : .cvsignore Log message: Update .cvsignore for new PowerPC embedded target. CVSWeb URLs: http://cvs.savannah.gnu.org/viewcvs/qemu/.cvsignore?cvsroot=qemur1=1.18r2=1.19
[Qemu-devel] [PATCH] MIPS Malta/YAMON SP initialization
Hi! This patch adds SP initialization fot the Malta YAMON pseudo-loader. It allows to run standalone (written in C) applications: http://www.nwpi.ru/~alec/mips/yamon_test_salone.tgz $ qemu-system-mipsel -nographic -M malta -kernel yamon_test.elf Could not configure '/dev/rtc' to have a 1024 Hz timer. This is not a fatal error, but for better emulation accuracy either use a 2.6 host Linux kernel or type 'echo 1024 /proc/sys/dev/rtc/max-user-freq' as root. YAMON TEST argc = 0002 argv = 80002000 argv[] = yamon_test.elf argv[0001] = envp = 80002008 envp-name = memsize envp-val = 134217728 envp-name = modetty0 envp-val = 38400n8r memsize = 0800 -- -=AV=- malta-stack.patch Description: Binary data
Re: [Qemu-devel] Re: Detecting an assembly instruction in QEMU
Hi, You have a description of memory access instruction format in cpu-all.h, under /* CPU memory access without any memory or io remapping */ These instructions are defined in softmmu_header.h. If you don't care too much about performance it will be easier to modify the code written in C (undef ASM_SOFTMMU in op.c). Regards, Eduardo
[Qemu-devel] IDE disk IO
Hello, I'm trying to understand the ide.c - how it is structured, how it works, etc. I see that the functions in ide.c get called from vl.c through ioport_read_table. But I'm wondering how ide_data_readw(), ide_ioport_read(), and ide_sector_read() are different, and also where the actual requests to harddrives are issued in the code. Or even just overall picture of ide IO would be nice. Can somebody give me some info? - Steve
[Qemu-devel] MIPS64 problem with x86-64 linux
Hi, There is some kind of problem in x86-64 Linux with MIPS64 emulation. I was trying the Acer Pica 61 with the patch for memory mapped VGA and got the following results: Linux x86-64: MIPS32: Ok MIPS32EL: Ok MIPS64: Blank screen MIPS64EL: Blank screen Linux x86: MIPS32: Ok MIPS32EL: Ok MIPS64: Ok MIPS64EL: Ok Poussineau says me also that under Win32 everything is fine to him. Regards Natalia Portillo
[Qemu-devel] qemu/hw mips_malta.c
CVSROOT:/sources/qemu Module name:qemu Changes by: Thiemo Seufer ths 07/04/24 22:57:37 Modified files: hw : mips_malta.c Log message: Improved mini-bootloader, based on a patch by Alec Voropay. CVSWeb URLs: http://cvs.savannah.gnu.org/viewcvs/qemu/hw/mips_malta.c?cvsroot=qemur1=1.24r2=1.25
[Qemu-devel] OpenVPN treo?
Has anyone thought about this? Is it even possible? Am I barking up the wrong tree? jonathan -- -- Jonathan Kalbfeld +1 323 620 6682
[Qemu-devel] How to debug Linux kernel on qemu with kgdb?
hi, I am trying to use debug kgdb patched linux kernel on my qemu. Both the native and target platform are IA32. I am wondering if there is anyone can show me the procedure? Thanks, Neo -- I would remember that if researchers were not ambitious probably today we haven't the technology we are using!
[Qemu-devel] [PATCH] fix exception precision for cmpxchg8b
In qemu-0.9.0, an exception in cmpxchg8b (e.g. page fault due to a missing TLB entry) causes the wrong eip value to be pushed onto the exception stack -- it seems to be the eip of the last exception or the start of the translation block, whichever happened last. This makes it impossible to resume execution after such an exception. The simple patch below fixes it, by explicitly saving the current eip before invoking the cmpxchg8b helper; the same approach appears to be taken in many other instructions before generating code that could raise an exception. Apologies for the non-tab-clean patch, but it's simple enough to apply by hand. I can't quite understand what's generating the equivalent piece of code (to save pc_start into eip) for the cmpxchgl instruction (defined right above cmpxchg8b in translate.c). I'd be thankful if someone could explain to me where it's getting saved. Nickolai. --- qemu-0.9.0/target-i386/translate.c 2007-02-05 15:01:54.0 -0800 +++ /home/nickolai/build/qemu-0.9.0/target-i386/translate.c 2007-04-24 19:33:47.0 -0700 @@ -3800,6 +3800,7 @@ if (s-cc_op != CC_OP_DYNAMIC) gen_op_set_cc_op(s-cc_op); gen_lea_modrm(s, modrm, reg_addr, offset_addr); +gen_jmp_im(pc_start - s-cs_base); gen_op_cmpxchg8b(); s-cc_op = CC_OP_EFLAGS; break;
Re: [Qemu-devel] [PATCH] fix exception precision for cmpxchg8b
a patch like this was posted about 6 weeks ago. the only difference I can see between this and the previous patch is the location of the inserted function. take a look at http://lists.gnu.org/archive/html/qemu-devel/2007-03/msg00123.html for hints. This patch fixed the Solaris/express install in a qemu guest. Ben Nickolai Zeldovich [EMAIL PROTECTED] wrote: In qemu-0.9.0, an exception in cmpxchg8b (e.g. page fault due to a missing TLB entry) causes the wrong eip value to be pushed onto the exception stack -- it seems to be the eip of the last exception or the start of the translation block, whichever happened last. This makes it impossible to resume execution after such an exception. The simple patch below fixes it, by explicitly saving the current eip before invoking the cmpxchg8b helper; the same approach appears to be taken in many other instructions before generating code that could raise an exception. Apologies for the non-tab-clean patch, but it's simple enough to apply by hand. I can't quite understand what's generating the equivalent piece of code (to save pc_start into eip) for the cmpxchgl instruction (defined right above cmpxchg8b in translate.c). I'd be thankful if someone could explain to me where it's getting saved. Nickolai. --- qemu-0.9.0/target-i386/translate.c2007-02-05 15:01:54.0 -0800 +++ /home/nickolai/build/qemu-0.9.0/target-i386/translate.c 2007-04-24 19:33:47.0 -0700 @@ -3800,6 +3800,7 @@ if (s-cc_op != CC_OP_DYNAMIC) gen_op_set_cc_op(s-cc_op); gen_lea_modrm(s, modrm, reg_addr, offset_addr); +gen_jmp_im(pc_start - s-cs_base); gen_op_cmpxchg8b(); s-cc_op = CC_OP_EFLAGS; break;
Re: [Qemu-devel] [PATCH] fix exception precision for cmpxchg8b
Thanks. Looks like inline-generated instructions use cpu_restore_state() to invert the translated PC into the simulated PC. Nickolai.
[Qemu-devel] scsi patch
scsi.tex patch reduces unnecessary mismatch.
lsi.txt corrects mismatch condition.
When the mismatch happens, register ia saves the instruction address.
However, QEMU call lsi_bad_phase first, update new dsp and
then save it into register ia.
The patch correct this problem.
Another fix is in the table indirect addressing.
s-rbc is the same as s-dbc in direct, indirect, and table indirect mode.
I test 25 times debian installation automatically and there is no problem in
scsi.
The steps follow http://www.aurel32.net/info/debian_arm_qemu.php
will work well !!!
Index: hw/scsi-disk.c
===
RCS file: /sources/qemu/qemu/hw/scsi-disk.c,v
retrieving revision 1.13
diff -u -p -r1.13 scsi-disk.c
--- hw/scsi-disk.c 29 Aug 2006 04:52:16 - 1.13
+++ hw/scsi-disk.c 25 Apr 2007 04:55:11 -
@@ -345,7 +345,7 @@ int32_t scsi_send_command(SCSIDevice *s,
DPRINTF(Request Sense (len %d)\n, len);
if (len 4)
goto fail;
-memset(buf, 0, 4);
+memset(outbuf, 0, 4);
outbuf[0] = 0xf0;
outbuf[1] = 0;
outbuf[2] = s-sense;
@@ -371,7 +371,7 @@ int32_t scsi_send_command(SCSIDevice *s,
Some later commands are also implemented. */
outbuf[2] = 3;
outbuf[3] = 2; /* Format 2 */
- outbuf[4] = 32;
+ outbuf[4] = 31;
/* Sync data transfer and TCQ. */
outbuf[7] = 0x10 | (s-tcq ? 0x02 : 0);
r-buf_len = 36;
@@ -404,10 +404,11 @@ int32_t scsi_send_command(SCSIDevice *s,
p += 4;
if ((page == 8 || page == 0x3f)) {
/* Caching page. */
+memset(p,0,20);
p[0] = 8;
p[1] = 0x12;
p[2] = 4; /* WCE */
-p += 19;
+p += 20;
}
if ((page == 0x3f || page == 0x2a)
(bdrv_get_type_hint(s-bdrv) == BDRV_TYPE_CDROM)) {
@@ -437,7 +438,7 @@ int32_t scsi_send_command(SCSIDevice *s,
p[19] = (16 * 176) 0xff;
p[20] = (16 * 176) 8; // 16x write speed current
p[21] = (16 * 176) 0xff;
-p += 21;
+p += 22;
}
r-buf_len = p - outbuf;
outbuf[0] = r-buf_len - 4;
Index: hw/lsi53c895a.c
===
RCS file: /sources/qemu/qemu/hw/lsi53c895a.c,v
retrieving revision 1.8
diff -u -p -r1.8 lsi53c895a.c
--- hw/lsi53c895a.c 22 Apr 2007 17:18:38 - 1.8
+++ hw/lsi53c895a.c 25 Apr 2007 04:55:11 -
@@ -855,6 +855,7 @@ again:
offset = sxt24(addr);
cpu_physical_memory_read(s-dsa + offset, (uint8_t *)buf, 8);
s-dbc = cpu_to_le32(buf[0]);
+s-rbc = s-dbc;
addr = cpu_to_le32(buf[1]);
}
if ((s-sstat1 PHASE_MASK) != ((insn 24) 7)) {
@@ -864,6 +865,8 @@ again:
break;
}
s-dnad = addr;
+/* ??? Set ESA. */
+s-ia = s-dsp - 8;
switch (s-sstat1 0x7) {
case PHASE_DO:
s-waiting = 2;
@@ -898,8 +901,6 @@ again:
s-sbc = s-dbc;
s-rbc -= s-dbc;
s-ua = addr + s-dbc;
-/* ??? Set ESA. */
-s-ia = s-dsp - 8;
break;
case 1: /* IO or Read/Write instruction. */
