[Qemu-devel] [Bug 1278977] Re: qemu-system-sparc64 crash when initializing disk
Hi Mark, thanks for the tip. It works fine with virtio drivers. Is there any specific reason, why Qemu sparc64 virtualization have to use the cmd646 driver? For example mips emulator is using PIIX3/4 IDE driver. thanks so far, Waldemar -- You received this bug notification because you are a member of qemu- devel-ml, which is subscribed to QEMU. https://bugs.launchpad.net/bugs/1278977 Title: qemu-system-sparc64 crash when initializing disk Status in QEMU: New Bug description: Hi, I try to boot up Linux for SPARC64 in qemu-system-sparc64 (qemu 1.7.0). A self compiled kernel with initramfs as piggyback boots up fine. (http://www.openadk.org/qemu-sparc64-initramfs-piggyback-kernel) When trying to use a disk image I get following trace: qemu-system-sparc64 -nographic -kernel /home/wbx/openadk/bin/qemu_sparc64_eglibc/qemu-sparc64-archive-kernel qemu-sparc64.img -append root=/dev/sda1 [ 43.520705] ata1.00: ATA-7: QEMU HARDDISK, 1.7.0, max UDMA/100 [ 43.792734] ata1.00: 1048576 sectors, multi 16: LBA48 [ 44.100768] ata1.00: configured for UDMA/33 [ 44.316791] scsi 0:0:0:0: Direct-Access ATA QEMU HARDDISK1.7. PQ: 0 ANSI: 5 [ 44.724835] sd 0:0:0:0: [sda] 1048576 512-byte logical blocks: (536 MB/512 MiB) [ 45.172883] ata2.00: ATAPI: QEMU DVD-ROM, 1.7.0, max UDMA/100 [ 45.508920] ata2.00: configured for UDMA/33 [ 45.752946] scsi 1:0:0:0: CD-ROMQEMU QEMU DVD-ROM 1.7. PQ: 0 ANSI: 5 [ 46.309006] sd 0:0:0:0: [sda] Write Protect is off [ 46.737053] sd 0:0:0:0: [sda] Write cache: enabled, read cache: enabled, doesn't support DPO or FUA qemu: fatal: Trap 0x0032 while trap level (5) = MAXTL (5), Error state pc: 004055dc npc: 004055e0 %g0-3: 0200 f80006a3f170 0200 %g4-7: f5000464 f80006a3c000 f500 %o0-3: f80006a10140 f80006a10160 f80006900010 06a6c000 %o4-7: 0002 03e7 f80006a3e1c1 00593988 %l0-3: 00ff 2000 0001 %l4-7: f80006a0d980 0001 c0004000 %i0-3: ff00 0001 0001 %i4-7: f80006a11d50 f80006a1 f80006a3e271 00582444 %f00: %f08: %f16: 076e072707740720 0773077507700770 076f077207740720 07440750074f0720 %f24: 076f077207200746 0755074107200720 0720072007200720 0720072007200720 %f32: 0720072007200720 0720072007200720 0720072007200720 0720072007200720 %f40: 0720072007200720 0720072007200720 0720072007200720 0720072007200720 %f48: 0720072007200720 0755074107200720 0720072007200720 0720072007200720 %f56: 0720072007200720 0720072007200720 0720072007200720 0720072007200720 pstate: 0015 ccr: 00 (icc: xcc: ) asi: 80 tl: 5 pil: e cansave: 4 canrestore: 2 otherwin: 0 wstate: 0 cleanwin: 7 cwp: 4 fsr: y: fprs: Aborted Same happens when starting up Debian/wheezy 7.4 for sparc64: qemu-system-sparc64 -nographic -kernel vmlinuz -initrd initrd.gz qemu.img [ 102.943129] eth0: RealTek RTL-8029 found at 0x1fe02000400, IRQ 6, 52:54:00:12:34:56. [ 105.143367] scsi0 : pata_cmd64x [ 105.667424] scsi1 : pata_cmd64x [ 106.003460] ata1: PATA max UDMA/33 cmd 0x1fe02000500 ctl 0x1fe02000580 bmdma 0x1fe02000700 irq 7 [ 106.871554] ata2: PATA max UDMA/33 cmd 0x1fe02000600 ctl 0x1fe02000680 bmdma 0x1fe02000708 irq 7 [ 108.247703] ata1.00: ATA-7: QEMU HARDDISK, 1.7.0, max UDMA/100 [ 108.775760] ata1.00: 1048576 sectors, multi 16: LBA48 [ 109.399827] ata1.00: configured for UDMA/33 [ 109.815872] scsi 0:0:0:0: Direct-Access ATA QEMU HARDDISK1.7. PQ: 0 ANSI: 5 [ 111.004001] ata2.00: ATAPI: QEMU DVD-ROM, 1.7.0, max UDMA/100 [ 111.608066] ata2.00: configured for UDMA/33 [ 112.040113] scsi 1:0:0:0: CD-ROMQEMU QEMU DVD-ROM 1.7. PQ: 0 ANSI: 5 [ 114.344362] sd 0:0:0:0: [sda] 1048576 512-byte logical blocks: (536 MB/512 MiB) qemu: fatal: Trap 0x0032 while trap level (5) = MAXTL (5), Error state pc: 004055bc npc: 004055c0 %g0-3: 0200 f80007e6bd10 0200 %g4-7: f5000464 f80005d34000 f500 %o0-3: f80005f68148 f80005f68180 000c 0001 %o4-7: f80005d4b889 01fe02000600 f8000705b391 10064474 %l0-3: 007f6330 00200200 f80007e6be60 %l4-7: 00945bd8 00945fd8 009463d8 %i0-3: f80005f68000 f80005f68148 0058 0001 %i4-7: f80005f69ce8
Re: [Qemu-devel] [PATCH] virtio-net: Do not filter VLANs without F_CTRL_VLAN
On Wed, Feb 12, 2014 at 10:46:28PM +0100, Stefan Fritsch wrote:
If VIRTIO_NET_F_CTRL_VLAN is not negotiated, do not filter out all
VLAN-tagged packets but send them to the guest.
Signed-off-by: Stefan Fritsch s...@sfritsch.de
Thanks for the patch.
I think there are still some issues after this
patch: we need to notify management when
this bit state changes.
And I think libvirt still does not look at the filter info
so it's probably not too late, and cleaner to simply tell it:
all-vlans.
that is, add
'*vlan': 'RxState',
to the schema.
(is it true that it needs to be * because old qemu does not produce it?
maybe not ...)
Taking all this into account - this calls for checking
this bit in receive_filter like we do for e.g.
unicast addresses.
Amos, you wrote
commit b1be42803b31a913bab65bab563a8760ad2e7f7f
Author: Amos Kong ak...@redhat.com
Date: Fri Jun 14 15:45:52 2013 +0800
net: add support of mac-programming over macvtap in QEMU side
which conflicts here - could you take a look please?
Also Cc schema maintainers.
---
This time CCing the maintainers.
This fixes VLANs with OpenBSD guests (and probably NetBSD, too, because
the OpenBSD driver started as a port from NetBSD).
hw/net/virtio-net.c | 12 +++-
1 file changed, 11 insertions(+), 1 deletion(-)
diff --git a/hw/net/virtio-net.c b/hw/net/virtio-net.c
index 3626608..0ae9a91 100644
--- a/hw/net/virtio-net.c
+++ b/hw/net/virtio-net.c
@@ -315,7 +315,11 @@ static void virtio_net_reset(VirtIODevice *vdev)
memset(n-mac_table.macs, 0, MAC_TABLE_ENTRIES * ETH_ALEN);
memcpy(n-mac[0], n-nic-conf-macaddr, sizeof(n-mac));
qemu_format_nic_info_str(qemu_get_queue(n-nic), n-mac);
-memset(n-vlans, 0, MAX_VLAN 3);
+if (vdev-guest_features (1 VIRTIO_NET_F_CTRL_VLAN)) {
+memset(n-vlans, 0, MAX_VLAN 3);
+} else {
+memset(n-vlans, 0xff, MAX_VLAN 3);
+}
}
static void peer_test_vnet_hdr(VirtIONet *n)
This chunk doesn't make sense to me.
features are never set at reset, are they?
@@ -515,6 +519,12 @@ static void virtio_net_set_features(VirtIODevice *vdev,
uint32_t features)
}
vhost_net_ack_features(tap_get_vhost_net(nc-peer), features);
}
+
+if (vdev-guest_features (1 VIRTIO_NET_F_CTRL_VLAN)) {
+memset(n-vlans, 0, MAX_VLAN 3);
+} else {
+memset(n-vlans, 0xff, MAX_VLAN 3);
+}
}
static int virtio_net_handle_rx_mode(VirtIONet *n, uint8_t cmd,
--
1.7.10.4
[Qemu-devel] [PATCH v2] hw/timer/grlib_gptimer: Avoid integer overflows
The GPTIMER uses 32-bit registers. Use a 64-bit operation to get the ptimer count, otherwise we end up with a count of 0 for GPTIMER counter values of 0x. Use the GPTIMER counter value for tracing to avoid an overflow of the 32-bit value passed to trace_grlib_gptimer_enable(). Reviewed-by: Fabien Chouteau chout...@adacore.com Signed-off-by: Sebastian Huber sebastian.hu...@embedded-brains.de --- hw/timer/grlib_gptimer.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/hw/timer/grlib_gptimer.c b/hw/timer/grlib_gptimer.c index 74c16d6..7672d3a 100644 --- a/hw/timer/grlib_gptimer.c +++ b/hw/timer/grlib_gptimer.c @@ -106,9 +106,9 @@ static void grlib_gptimer_enable(GPTimer *timer) /* ptimer is triggered when the counter reach 0 but GPTimer is triggered at underflow. Set count + 1 to simulate the GPTimer behavior. */ -trace_grlib_gptimer_enable(timer-id, timer-counter + 1); +trace_grlib_gptimer_enable(timer-id, timer-counter); -ptimer_set_count(timer-ptimer, timer-counter + 1); +ptimer_set_count(timer-ptimer, (uint64_t)timer-counter + 1); ptimer_run(timer-ptimer, 1); } -- 1.8.1.4
Re: [Qemu-devel] RFC: ioapic polarity vs. qemu os-x guest
On Fri, Feb 14, 2014 at 11:13:04PM +0100, Alexander Graf wrote:
On 14.02.2014, at 23:06, Gabriel L. Somlo gso...@gmail.com wrote:
On Fri, Feb 14, 2014 at 10:21:09PM +0100, Alexander Graf wrote:
Can't you just turn the polarity around in the pci host adapter?
I tried this:
diff --git a/hw/pci/pci.c b/hw/pci/pci.c
index 1221f32..0e86d21 100644
--- a/hw/pci/pci.c
+++ b/hw/pci/pci.c
@@ -118,13 +118,13 @@ static int pci_bar(PCIDevice *d, int reg)
static inline int pci_irq_state(PCIDevice *d, int irq_num)
{
- return (d-irq_state irq_num) 0x1;
+ return !(d-irq_state irq_num) 0x1;
}
static inline void pci_set_irq_state(PCIDevice *d, int irq_num, int level)
{
d-irq_state = ~(0x1 irq_num);
- d-irq_state |= level irq_num;
+ d-irq_state = ~(level irq_num);
}
static void pci_change_irq_level(PCIDevice *pci_dev, int irq_num, int
change)
@@ -229,7 +229,7 @@ static void pcibus_reset(BusState *qbus)
}
for (i = 0; i bus-nirq; i++) {
-assert(bus-irq_count[i] == 0);
+assert(bus-irq_count[i] != 0);
}
}
---
but now OS X freezes during boot right after
[ PCI configuration begin ]
[ PCI configuration end, bridges 1, devices 10 ]
RTC: Only single RAM bank (128 bytes)
which all looks normal, except the process is supposed to continue on
from there and doesn't :)
On Linux, I get Fedora 20 live all the way up with no obvious/loud
complaints, but mouse and keyboard don't work at all...
I have to admit I'm a bit out of my depth here, though :)
Yeah, another thing we have to take into account is vhost-net which generates
IRQs directly through irqfd. I guess for those we'll have to configure the
polarity in the irq routing table?
Alex
This is using MSI-X interrupts which are edge though,
not going through IOAPIC at all.
Re: [Qemu-devel] RFC: ioapic polarity vs. qemu os-x guest
On Fri, Feb 14, 2014 at 04:13:11PM -0500, Gabriel L. Somlo wrote:
On Tue, Feb 11, 2014 at 09:54:44PM +0200, Michael S. Tsirkin wrote:
On Tue, Feb 11, 2014 at 01:23:31PM -0500, Gabriel L. Somlo wrote:
1. Regarding KVM and the polarity xor line in the patch above: Does
anyone have experience with any *other* guests which insist on setting
level-triggered interrupt polarity to 1/active-low ? Is that xor line
actually doing anything useful in practice, for any other guest, on
either QEMU or any other platform ?
2. Is there anything in QEMU (besides the ACPI DSDT .dsl files) which
has a hardcoded assumption re. polarity == 0, or active-high, for
level-triggered interrupts? I tried to dig through hw/i386/kvm/ioapic.c
and a bunch of other files, but couldn't isolate anything that I could
flip to fix things in userspace.
Any ideas or suggestions about the appropriate way to move forward would
be much appreciated !!!
Thanks much,
--Gabriel
I think changing ACPI is the right thing to
do really. But we'll need to fix some things
first of course.
So I followed your advice, and was able to boot OS X just fine (but
booting Linux after this patch still resulted in multiple no one
cared complaints on IRQs 17, 18, 19, etc.:
diff --git a/hw/i386/q35-acpi-dsdt.dsl b/hw/i386/q35-acpi-dsdt.dsl
index d618e9e..9c52f64 100644
--- a/hw/i386/q35-acpi-dsdt.dsl
+++ b/hw/i386/q35-acpi-dsdt.dsl
@@ -353,7 +353,7 @@ DefinitionBlock (
Method(IQCR, 1, Serialized) {
// _CRS method - get current settings
Name(PRR0, ResourceTemplate() {
-Interrupt(, Level, ActiveHigh, Shared) { 0 }
+Interrupt(, Level, ActiveLow, Shared) { 0 }
})
CreateDWordField(PRR0, 0x05, PRRI)
Store(And(Arg0, 0x0F), PRRI)
@@ -365,7 +365,7 @@ DefinitionBlock (
Name(_HID, EISAID(PNP0C0F)) \
Name(_UID, uid) \
Name(_PRS, ResourceTemplate() { \
-Interrupt(, Level, ActiveHigh, Shared) {\
+Interrupt(, Level, ActiveLow, Shared) {\
5, 10, 11 \
} \
}) \
@@ -398,12 +398,12 @@ DefinitionBlock (
Name(_HID, EISAID(PNP0C0F)) \
Name(_UID, uid) \
Name(_PRS, ResourceTemplate() { \
-Interrupt(, Level, ActiveHigh, Shared) {\
+Interrupt(, Level, ActiveLow, Shared) {\
gsi \
} \
}) \
Name(_CRS, ResourceTemplate() { \
-Interrupt(, Level, ActiveHigh, Shared) {\
+Interrupt(, Level, ActiveLow, Shared) {\
gsi \
} \
}) \
diff --git a/hw/isa/lpc_ich9.c b/hw/isa/lpc_ich9.c
index 51ce12d..fe1527a 100644
--- a/hw/isa/lpc_ich9.c
+++ b/hw/isa/lpc_ich9.c
@@ -206,17 +206,17 @@ static void ich9_lpc_update_pic(ICH9LPCState *lpc, int
pic_irq)
int i, pic_level;
/* The pic level is the logical OR of all the PCI irqs mapped to it */
-pic_level = 0;
+pic_level = 1;
for (i = 0; i ICH9_LPC_NB_PIRQS; i++) {
int tmp_irq;
int tmp_dis;
ich9_lpc_pic_irq(lpc, i, tmp_irq, tmp_dis);
if (!tmp_dis pic_irq == tmp_irq) {
-pic_level |= pci_bus_get_irq_level(lpc-d.bus, i);
+pic_level = !pci_bus_get_irq_level(lpc-d.bus, i);
}
}
if (pic_irq == ich9_lpc_sci_irq(lpc)) {
-pic_level |= lpc-sci_level;
+pic_level = !lpc-sci_level;
}
qemu_set_irq(lpc-pic[pic_irq], pic_level);
--
However, even on OS X, the Ethernet (e1000) card won't link up at all.
Fixing that requires another patch:
diff --git a/hw/net/e1000.c b/hw/net/e1000.c
index 58ba93b..c7a2c07 100644
--- a/hw/net/e1000.c
+++ b/hw/net/e1000.c
@@ -301,7 +301,7 @@ set_interrupt_cause(E1000State *s, int index, uint32_t
val)
s-mac_reg[ICS] = val;
pending_ints = (s-mac_reg[IMS] s-mac_reg[ICR]);
-if (!s-mit_irq_level pending_ints) {
+if (s-mit_irq_level pending_ints) {
/*
* Here we detect a potential raising edge. We postpone raising the
* interrupt line if we are inside the mitigation delay
Re: [Qemu-devel] RFC: ioapic polarity vs. qemu os-x guest
On Fri, Feb 14, 2014 at 04:13:11PM -0500, Gabriel L. Somlo wrote:
On Tue, Feb 11, 2014 at 09:54:44PM +0200, Michael S. Tsirkin wrote:
On Tue, Feb 11, 2014 at 01:23:31PM -0500, Gabriel L. Somlo wrote:
1. Regarding KVM and the polarity xor line in the patch above: Does
anyone have experience with any *other* guests which insist on setting
level-triggered interrupt polarity to 1/active-low ? Is that xor line
actually doing anything useful in practice, for any other guest, on
either QEMU or any other platform ?
2. Is there anything in QEMU (besides the ACPI DSDT .dsl files) which
has a hardcoded assumption re. polarity == 0, or active-high, for
level-triggered interrupts? I tried to dig through hw/i386/kvm/ioapic.c
and a bunch of other files, but couldn't isolate anything that I could
flip to fix things in userspace.
Any ideas or suggestions about the appropriate way to move forward would
be much appreciated !!!
Thanks much,
--Gabriel
I think changing ACPI is the right thing to
do really. But we'll need to fix some things
first of course.
So I followed your advice, and was able to boot OS X just fine (but
booting Linux after this patch still resulted in multiple no one
cared complaints on IRQs 17, 18, 19, etc.:
diff --git a/hw/i386/q35-acpi-dsdt.dsl b/hw/i386/q35-acpi-dsdt.dsl
index d618e9e..9c52f64 100644
--- a/hw/i386/q35-acpi-dsdt.dsl
+++ b/hw/i386/q35-acpi-dsdt.dsl
@@ -353,7 +353,7 @@ DefinitionBlock (
Method(IQCR, 1, Serialized) {
// _CRS method - get current settings
Name(PRR0, ResourceTemplate() {
-Interrupt(, Level, ActiveHigh, Shared) { 0 }
+Interrupt(, Level, ActiveLow, Shared) { 0 }
})
CreateDWordField(PRR0, 0x05, PRRI)
Store(And(Arg0, 0x0F), PRRI)
@@ -365,7 +365,7 @@ DefinitionBlock (
Name(_HID, EISAID(PNP0C0F)) \
Name(_UID, uid) \
Name(_PRS, ResourceTemplate() { \
-Interrupt(, Level, ActiveHigh, Shared) {\
+Interrupt(, Level, ActiveLow, Shared) {\
5, 10, 11 \
} \
}) \
@@ -398,12 +398,12 @@ DefinitionBlock (
Name(_HID, EISAID(PNP0C0F)) \
Name(_UID, uid) \
Name(_PRS, ResourceTemplate() { \
-Interrupt(, Level, ActiveHigh, Shared) {\
+Interrupt(, Level, ActiveLow, Shared) {\
gsi \
} \
}) \
Name(_CRS, ResourceTemplate() { \
-Interrupt(, Level, ActiveHigh, Shared) {\
+Interrupt(, Level, ActiveLow, Shared) {\
gsi \
} \
}) \
diff --git a/hw/isa/lpc_ich9.c b/hw/isa/lpc_ich9.c
index 51ce12d..fe1527a 100644
--- a/hw/isa/lpc_ich9.c
+++ b/hw/isa/lpc_ich9.c
@@ -206,17 +206,17 @@ static void ich9_lpc_update_pic(ICH9LPCState *lpc, int
pic_irq)
int i, pic_level;
/* The pic level is the logical OR of all the PCI irqs mapped to it */
-pic_level = 0;
+pic_level = 1;
for (i = 0; i ICH9_LPC_NB_PIRQS; i++) {
int tmp_irq;
int tmp_dis;
ich9_lpc_pic_irq(lpc, i, tmp_irq, tmp_dis);
if (!tmp_dis pic_irq == tmp_irq) {
-pic_level |= pci_bus_get_irq_level(lpc-d.bus, i);
+pic_level = !pci_bus_get_irq_level(lpc-d.bus, i);
}
}
if (pic_irq == ich9_lpc_sci_irq(lpc)) {
-pic_level |= lpc-sci_level;
+pic_level = !lpc-sci_level;
}
qemu_set_irq(lpc-pic[pic_irq], pic_level);
--
However, even on OS X, the Ethernet (e1000) card won't link up at all.
Fixing that requires another patch:
diff --git a/hw/net/e1000.c b/hw/net/e1000.c
index 58ba93b..c7a2c07 100644
--- a/hw/net/e1000.c
+++ b/hw/net/e1000.c
@@ -301,7 +301,7 @@ set_interrupt_cause(E1000State *s, int index, uint32_t
val)
s-mac_reg[ICS] = val;
pending_ints = (s-mac_reg[IMS] s-mac_reg[ICR]);
-if (!s-mit_irq_level pending_ints) {
+if (s-mit_irq_level pending_ints) {
/*
* Here we detect a potential raising edge. We postpone raising the
* interrupt line if we are inside the mitigation delay
Re: [Qemu-devel] RFC: ioapic polarity vs. qemu os-x guest
On Fri, Feb 14, 2014 at 11:13:04PM +0100, Alexander Graf wrote:
On 14.02.2014, at 23:06, Gabriel L. Somlo gso...@gmail.com wrote:
On Fri, Feb 14, 2014 at 10:21:09PM +0100, Alexander Graf wrote:
Can't you just turn the polarity around in the pci host adapter?
I tried this:
diff --git a/hw/pci/pci.c b/hw/pci/pci.c
index 1221f32..0e86d21 100644
--- a/hw/pci/pci.c
+++ b/hw/pci/pci.c
@@ -118,13 +118,13 @@ static int pci_bar(PCIDevice *d, int reg)
static inline int pci_irq_state(PCIDevice *d, int irq_num)
{
- return (d-irq_state irq_num) 0x1;
+ return !(d-irq_state irq_num) 0x1;
}
static inline void pci_set_irq_state(PCIDevice *d, int irq_num, int level)
{
d-irq_state = ~(0x1 irq_num);
- d-irq_state |= level irq_num;
+ d-irq_state = ~(level irq_num);
}
static void pci_change_irq_level(PCIDevice *pci_dev, int irq_num, int
change)
@@ -229,7 +229,7 @@ static void pcibus_reset(BusState *qbus)
}
for (i = 0; i bus-nirq; i++) {
-assert(bus-irq_count[i] == 0);
+assert(bus-irq_count[i] != 0);
}
}
---
but now OS X freezes during boot right after
[ PCI configuration begin ]
[ PCI configuration end, bridges 1, devices 10 ]
RTC: Only single RAM bank (128 bytes)
which all looks normal, except the process is supposed to continue on
from there and doesn't :)
On Linux, I get Fedora 20 live all the way up with no obvious/loud
complaints, but mouse and keyboard don't work at all...
I have to admit I'm a bit out of my depth here, though :)
Yeah, another thing we have to take into account is vhost-net which generates
IRQs directly through irqfd. I guess for those we'll have to configure the
polarity in the irq routing table?
Alex
What will be affected is VFIO which uses IRQFD
for level interrupts with KVM_IRQFD_FLAG_RESAMPLE.
I suspect this will need a kernel change, maybe
a new flag for IRQFD: KVM_IRQFD_FLAG_ACTIVE_LOW,
since at the moment that does:
static void
irqfd_inject(struct work_struct *work)
{
struct _irqfd *irqfd = container_of(work, struct _irqfd, inject);
struct kvm *kvm = irqfd-kvm;
if (!irqfd-resampler) {
kvm_set_irq(kvm, KVM_USERSPACE_IRQ_SOURCE_ID, irqfd-gsi, 1,
false);
kvm_set_irq(kvm, KVM_USERSPACE_IRQ_SOURCE_ID, irqfd-gsi, 0,
false);
} else
kvm_set_irq(kvm, KVM_IRQFD_RESAMPLE_IRQ_SOURCE_ID,
irqfd-gsi, 1, false);
}
--
MST
Re: [Qemu-devel] [RFC 4/9] acpi: replace opencoded opcodes with defines
On Fri, Feb 07, 2014 at 01:51:31PM +0100, Igor Mammedov wrote:
Signed-off-by: Igor Mammedov imamm...@redhat.com
The reason I avoided doing this is that this
conflicts with qemu coding style which
only uses camel case for types.
So as a minimum this needs a comment
explaining that we are using the names from
ACPI spec as-is, that's why we deviate from
the coding style, to simplify matching against
that.
Something like below:
---
hw/i386/acpi-build.c | 28 ++--
1 files changed, 18 insertions(+), 10 deletions(-)
diff --git a/hw/i386/acpi-build.c b/hw/i386/acpi-build.c
index 6a43a7d..1dbe5ce 100644
--- a/hw/i386/acpi-build.c
+++ b/hw/i386/acpi-build.c
@@ -224,6 +224,14 @@ static void acpi_get_pci_info(PcPciInfo *info)
#define ACPI_BUILD_TABLE_FILE etc/acpi/tables
#define ACPI_BUILD_RSDP_FILE etc/acpi/rsdp
/* Constants from ACPI spec 5.0a:
* ACPI Machine Language (AML) Specification
*/
We probably should add in spec link as well.
+#define BytePrefix 0x0A
+#define WordPrefix 0x0B
+#define DWordPrefix0x0C
Not sure about these ones.
There's a single user, and naming is different
from rest of operators which makes it
a bit confusing.
Maybe define near the user?
+
+#define NameOp 0x08
+#define ScopeOp0x10
+#define DeviceOp 0x82
Hmm if we are doing this let's do this for all Ops.
+
static void
build_header(GArray *linker, GArray *table_data,
AcpiTableHeader *h, uint32_t sig, int len, uint8_t rev)
@@ -364,13 +372,13 @@ static void build_append_value(GArray *table, uint32_t
value, int size)
switch (size) {
case 1:
-prefix = 0x0A; /* BytePrefix */
+prefix = BytePrefix;
break;
case 2:
-prefix = 0x0B; /* WordPrefix */
+prefix = WordPrefix;
break;
case 4:
-prefix = 0x0C; /* DWordPrefix */
+prefix = DWordPrefix;
break;
default:
assert(0);
@@ -762,24 +770,24 @@ static void build_pci_bus_end(PCIBus *bus, void
*bus_state)
bool bus_hotplug_support = false;
if (bus-parent_dev) {
-op = 0x82; /* DeviceOp */
+op = DeviceOp;
build_append_nameseg(bus_table, S%.02X_,
bus-parent_dev-devfn);
-build_append_byte(bus_table, 0x08); /* NameOp */
+build_append_byte(bus_table, NameOp);
build_append_nameseg(bus_table, _SUN);
build_append_value(bus_table, PCI_SLOT(bus-parent_dev-devfn), 1);
-build_append_byte(bus_table, 0x08); /* NameOp */
+build_append_byte(bus_table, NameOp);
build_append_nameseg(bus_table, _ADR);
build_append_value(bus_table, (PCI_SLOT(bus-parent_dev-devfn)
16) |
PCI_FUNC(bus-parent_dev-devfn), 4);
} else {
-op = 0x10; /* ScopeOp */;
+op = ScopeOp;
build_append_nameseg(bus_table, PCI0);
}
bsel = object_property_get_qobject(OBJECT(bus), ACPI_PCIHP_PROP_BSEL,
NULL);
if (bsel) {
-build_append_byte(bus_table, 0x08); /* NameOp */
+build_append_byte(bus_table, NameOp);
build_append_nameseg(bus_table, BSEL);
build_append_int(bus_table, qint_get_int(qobject_to_qint(bsel)));
}
@@ -962,7 +970,7 @@ build_ssdt(GArray *table_data, GArray *linker,
{
GArray *sb_scope = build_alloc_array();
-uint8_t op = 0x10; /* ScopeOp */
+uint8_t op = ScopeOp;
build_append_nameseg(sb_scope, _SB_);
@@ -983,7 +991,7 @@ build_ssdt(GArray *table_data, GArray *linker,
build_append_notify_method(sb_scope, NTFY, CP%0.02X, acpi_cpus);
/* build Name(CPON, Package() { One, One, ..., Zero, Zero, ... })
*/
-build_append_byte(sb_scope, 0x08); /* NameOp */
+build_append_byte(sb_scope, NameOp);
build_append_nameseg(sb_scope, CPON);
{
--
1.7.1
Re: [Qemu-devel] [RFC 5/9] acpi: add PNP0C02 to PCI0 bus
On Fri, Feb 07, 2014 at 01:51:32PM +0100, Igor Mammedov wrote:
Signed-off-by: Igor Mammedov imamm...@redhat.com
---
hw/i386/acpi-build.c | 55
++
1 files changed, 55 insertions(+), 0 deletions(-)
diff --git a/hw/i386/acpi-build.c b/hw/i386/acpi-build.c
index 1dbe5ce..f0bedbd 100644
--- a/hw/i386/acpi-build.c
+++ b/hw/i386/acpi-build.c
@@ -492,6 +492,55 @@ static inline void acpi_add_table(GArray *table_offsets,
GArray *table_data)
g_array_append_val(table_offsets, offset);
}
+static uint8_t Hex2Digit(char c)
+{
+if (c = 'A') {
+return c - 'A' + 10;
+}
+return c - '0';
+}
+
+static uint32_t encodeEisaId(const char *str)
+{
+uint32_t ret;
+g_assert(strlen(str) == 7);
+ret = (str[0] - 0x40) 26 |
+ (str[1] - 0x40) 21 |
+ (str[2] - 0x40) 16 |
+ Hex2Digit(str[3]) 12 |
+ Hex2Digit(str[4]) 8 |
+ Hex2Digit(str[5]) 4 |
+ Hex2Digit(str[6]);
+return bswap32(ret);
+}
+
Why the camel case here?
Seems uncalled for ...
+#define ACPI_SCOPE(ctx, name, ...) {\
+GArray *name = build_alloc_array(); \
+build_append_nameseg(name, stringify(name)); \
+__VA_ARGS__; \
+build_package(name, ScopeOp, 0); \
+build_append_array(ctx, name); \
+build_free_array(name); \
+}
+
+#define ACPI_NAME(ctx, name) { \
+build_append_byte(ctx, NameOp); \
+build_append_nameseg(ctx, name); \
+}
+
+#define ACPI_EISAID(ctx, val) { \
+build_append_value(ctx, encodeEisaId(val), sizeof(uint32_t)); \
+}
+
+#define ACPI_DEVICE(ctx, name, ...) {\
+GArray *name = build_alloc_array(); \
+build_append_nameseg(name, stringify(name)); \
+__VA_ARGS__; \
+build_extop_package(name, DeviceOp); \
+build_append_array(ctx, name); \
+build_free_array(name); \
+}
+
/* FACS */
static void
build_facs(GArray *table_data, GArray *linker, PcGuestInfo *guest_info)
@@ -1032,6 +1081,12 @@ build_ssdt(GArray *table_data, GArray *linker,
build_pci_bus_state_cleanup(hotplug_state);
}
+ACPI_SCOPE(sb_scope, PCI0,
+ACPI_DEVICE(PCI0, MRES,
+ACPI_NAME(MRES, _HID); ACPI_EISAID(MRES, PNP0C02);
+);
+);
+
Wow you managed to make C look like ACPI,
including 4-character identifier limitation.
This needs some thought.
build_package(sb_scope, op, 3);
build_append_array(table_data, sb_scope);
build_free_array(sb_scope);
--
1.7.1
Re: [Qemu-devel] [PATCH 0/8] tcg optimization improvements
Il 31/01/2014 15:46, Richard Henderson ha scritto: The first 4 of these are ones that Aurelien posted some time ago, and I reviewed, but never seemed to get committed. The second 4 address optimization issues that I noticed with the BMI instruction set extension, adding ANDC support to x86_64. r~ Aurelien Jarno (4): tcg/optimize: fix known-zero bits for right shift ops tcg/optimize: fix known-zero bits optimization tcg/optimize: improve known-zero bits for 32-bit ops tcg/optimize: add known-zero bits compute for load ops Richard Henderson (4): tcg/optimize: Handle known-zeros masks for ANDC tcg/optimize: Simply some logical ops to NOT tcg/optimize: Optmize ANDC X,Y,Y to MOV X,0 tcg/optimize: Add more identity simplifications tcg/optimize.c | 163 + 1 file changed, 142 insertions(+), 21 deletions(-) Reviewed-by: Paolo Bonzini pbonz...@redhat.com
Re: [Qemu-devel] [PATCH 5/5] tcg/i386: Use SHLX/SHRX/SARX instructions
Il 31/01/2014 15:43, Richard Henderson ha scritto:
+gen_shift_maybe_vex:
+if (have_bmi2 !const_args[2]) {
+tcg_out_vex_modrm(s, vexop + rexw, args[0], args[2], args[1]);
+break;
+}
+/* FALLTHRU */
What if args[2] happens to be ECX?
Apart from this,
Reviewed-by: Paolo Bonzini pbonz...@redhat.com
so feel free to post PATCH 6/5 and then squash it in the pull request.
Paolo
Re: [Qemu-devel] [PATCH 0/5] tcg/i386 support for bmi
Il 14/02/2014 22:44, Richard Henderson ha scritto: Ping. On 01/31/2014 06:43 AM, Richard Henderson wrote: There are three separate architecture extensions for logical operations, BMI, BMI2, and TBM. The first two are supported on Intel Haswell and AMD Excavator, while slightly earlier AMD support only BMI and TBM. The following adds support for the interesting BMI and BMI2 instructions, where it is easy to do so. Most of the rest of the new instructions are irrelevant to TCG. When I added support for the ANDC opcode, I noticed some optimization regressions when looking at ppc64 guest dumps. I will address these in a separate patch set. Just a small comment on patch 5, everything else looks fine. Paolo
Re: [Qemu-devel] RFC: ioapic polarity vs. qemu os-x guest
On Sun, 2014-02-16 at 13:41 +0200, Michael S. Tsirkin wrote:
On Fri, Feb 14, 2014 at 11:13:04PM +0100, Alexander Graf wrote:
On 14.02.2014, at 23:06, Gabriel L. Somlo gso...@gmail.com wrote:
On Fri, Feb 14, 2014 at 10:21:09PM +0100, Alexander Graf wrote:
Can't you just turn the polarity around in the pci host adapter?
I tried this:
diff --git a/hw/pci/pci.c b/hw/pci/pci.c
index 1221f32..0e86d21 100644
--- a/hw/pci/pci.c
+++ b/hw/pci/pci.c
@@ -118,13 +118,13 @@ static int pci_bar(PCIDevice *d, int reg)
static inline int pci_irq_state(PCIDevice *d, int irq_num)
{
- return (d-irq_state irq_num) 0x1;
+ return !(d-irq_state irq_num) 0x1;
}
static inline void pci_set_irq_state(PCIDevice *d, int irq_num, int level)
{
d-irq_state = ~(0x1 irq_num);
- d-irq_state |= level irq_num;
+ d-irq_state = ~(level irq_num);
}
static void pci_change_irq_level(PCIDevice *pci_dev, int irq_num, int
change)
@@ -229,7 +229,7 @@ static void pcibus_reset(BusState *qbus)
}
for (i = 0; i bus-nirq; i++) {
-assert(bus-irq_count[i] == 0);
+assert(bus-irq_count[i] != 0);
}
}
---
but now OS X freezes during boot right after
[ PCI configuration begin ]
[ PCI configuration end, bridges 1, devices 10 ]
RTC: Only single RAM bank (128 bytes)
which all looks normal, except the process is supposed to continue on
from there and doesn't :)
On Linux, I get Fedora 20 live all the way up with no obvious/loud
complaints, but mouse and keyboard don't work at all...
I have to admit I'm a bit out of my depth here, though :)
Yeah, another thing we have to take into account is vhost-net which
generates IRQs directly through irqfd. I guess for those we'll have to
configure the polarity in the irq routing table?
Alex
What will be affected is VFIO which uses IRQFD
for level interrupts with KVM_IRQFD_FLAG_RESAMPLE.
I suspect this will need a kernel change, maybe
a new flag for IRQFD: KVM_IRQFD_FLAG_ACTIVE_LOW,
since at the moment that does:
static void
irqfd_inject(struct work_struct *work)
{
struct _irqfd *irqfd = container_of(work, struct _irqfd, inject);
struct kvm *kvm = irqfd-kvm;
if (!irqfd-resampler) {
kvm_set_irq(kvm, KVM_USERSPACE_IRQ_SOURCE_ID, irqfd-gsi, 1,
false);
kvm_set_irq(kvm, KVM_USERSPACE_IRQ_SOURCE_ID, irqfd-gsi, 0,
false);
} else
kvm_set_irq(kvm, KVM_IRQFD_RESAMPLE_IRQ_SOURCE_ID,
irqfd-gsi, 1, false);
}
As you said in a previous message, devices just want assert de-assert,
1 0, which is what we have here. I would think that what asserted
means only needs to be interpreted at the IOAPIC, so I'd hope we could
get it right w/o an API change. Thanks,
Alex
Re: [Qemu-devel] RFC: ioapic polarity vs. qemu os-x guest
On 16 February 2014 11:34, Michael S. Tsirkin m...@redhat.com wrote: Hmm no this is all wrong, from API point of view, devices shoud not care about value of interrupt. They just assert/deassert interrupts. It so happens that 1 means assert 0 means deassert. Yeah, we generally model things as active-high even if the hardware really treats the signal as active-low. (Among other things there are some issues around how exactly device reset should interact with a signal that is supposed to be high coming out of reset, given you don't know whether the device at the other end of the line has reset yet or not.) This is great up until the point where you have a generic GPIO device one of whose GPIO output lines happens to be wired to an interrupt controller, of course. thanks -- PMM
Re: [Qemu-devel] [RFC 6/9] acpi: consume GPE0 IO resources in PNP0C02 device
On Fri, Feb 07, 2014 at 01:51:33PM +0100, Igor Mammedov wrote:
Signed-off-by: Igor Mammedov imamm...@redhat.com
---
hw/i386/acpi-build.c | 62
++
1 files changed, 62 insertions(+), 0 deletions(-)
diff --git a/hw/i386/acpi-build.c b/hw/i386/acpi-build.c
index f0bedbd..ce5f715 100644
--- a/hw/i386/acpi-build.c
+++ b/hw/i386/acpi-build.c
@@ -230,8 +230,13 @@ static void acpi_get_pci_info(PcPciInfo *info)
#define NameOp 0x08
#define ScopeOp0x10
+#define BufferOp 0x11
#define DeviceOp 0x82
+#define EndTag 0x79
I would say we should use the values from
Table 6-162 Small Resource Items.
Wrap them in a function to get the full resource.
+#define Decode16 0x1
+#define Decode10 0x0
+
This is the name from ASL, it's really _DEC value.
static void
build_header(GArray *linker, GArray *table_data,
AcpiTableHeader *h, uint32_t sig, int len, uint8_t rev)
@@ -406,6 +411,25 @@ static void build_append_int(GArray *table, uint32_t
value)
}
}
+static void build_prepend_int(GArray *array, uint32_t value)
+{
+GArray *data = build_alloc_array();
+
+build_append_int(data, value);
+g_array_prepend_vals(array, data-data, data-len);
+build_free_array(data);
+}
+
+static void build_buffer(GArray *package, unsigned BufferSize)
+{
+uint32_t len = package-len BufferSize ? package-len : BufferSize;
+
+/* TODO: buffer padding if BufferSize actual buffer length */
Not sure what this means.
So assert here?
Or just make it work ...
+build_prepend_int(package, len);
+build_prepend_package_length(package, 0);
+build_prepend_byte(package, BufferOp);
prepend is confusing.
Just do it like we do for methods:
build_append_and_cleanup_buffer(template, buffer);
+}
+
static GArray *build_alloc_method(const char *name, uint8_t arg_count)
{
GArray *method = build_alloc_array();
@@ -523,6 +547,14 @@ static uint32_t encodeEisaId(const char *str)
build_free_array(name); \
}
+#define ACPI_BUFFER(ctx, name, min_size, ...) { \
Why pass in min_size?
the only reason we have it in existing code
was I wanted ACPI to be bit for bit compatible
with what seabios generated.
We can drop minsize everywhere ...
+GArray *name = build_alloc_array(); \
+__VA_ARGS__; \
+build_buffer(name, min_size); \
+build_append_array(ctx, name); \
+build_free_array(name); \
+}
+
#define ACPI_NAME(ctx, name) { \
build_append_byte(ctx, NameOp); \
build_append_nameseg(ctx, name); \
@@ -541,6 +573,29 @@ static uint32_t encodeEisaId(const char *str)
build_free_array(name); \
}
+#define ACPI_ENDTAG(ctx) { \
+build_append_byte(ctx, EndTag); \
+build_append_byte(ctx, 0); \
Confused.
what's going on with the checksum here?
What fills it in?
why don't we add in the correct byte straight away?
+}
+
+#define ACPI_RESOURCE_TEMPLATE(ctx, name, ...) { \
+ACPI_BUFFER(ctx, name, 0, \
+__VA_ARGS__; \
+ACPI_ENDTAG(name); \
Ugh.
Not worth the ugliness in my opinion.
Just add end tag explicitly.
+) \
+}
+
+#define ACPI_IO(ctx, _DEC, _MIN_BASE, _MAX_BASE, _ALN, _LEN) { \
C spec says
— All identifiers that begin with an underscore and either an uppercase
letter or another
underscore are always reserved for any use.
— All identifiers that begin with an underscore are always reserved for
use as identifiers
so we try to avoid these.
+build_append_byte(ctx, 0x47 /* IO port descriptor */); \
+build_append_byte(ctx, _DEC); \
+build_append_byte(ctx, _MIN_BASE 0xff); \
+build_append_byte(ctx, (_MIN_BASE 8) 0xff); \
+build_append_byte(ctx, _MAX_BASE 0xff); \
+build_append_byte(ctx, (_MAX_BASE 8) 0xff); \
+build_append_byte(ctx, _ALN); \
+build_append_byte(ctx, _LEN); \
+}
+
/* FACS */
static void
build_facs(GArray *table_data, GArray *linker, PcGuestInfo *guest_info)
@@ -1084,6 +1139,13 @@ build_ssdt(GArray *table_data, GArray *linker,
ACPI_SCOPE(sb_scope, PCI0,
ACPI_DEVICE(PCI0, MRES,
ACPI_NAME(MRES, _HID); ACPI_EISAID(MRES, PNP0C02);
+ACPI_NAME(MRES, _CRS); ACPI_RESOURCE_TEMPLATE(MRES, RESBUF,
+ACPI_IO(RESBUF, Decode16,
+pm-gpe0_blk, /* _MIN */
+pm-gpe0_blk, /* _MAX */
+0x0, /* _ALN */
+pm-gpe0_blk_len); /* _LEN */
+);
);
);
Ugh, that's too tricky I'm afraid.
how about:
crs = build_alloc_array();
buf = build_alloc_buffer();
build_append_io(buf, );
build_append_and_cleanup_buffer(crs, buf);
make everything use static functions, not macros.
--
1.7.1
Re: [Qemu-devel] [RFC 7/9] acpi: consume CPU hotplug IO resource in PNP0C02 device
On Fri, Feb 07, 2014 at 01:51:34PM +0100, Igor Mammedov wrote:
Signed-off-by: Igor Mammedov imamm...@redhat.com
---
hw/i386/acpi-build.c | 10 ++
1 files changed, 10 insertions(+), 0 deletions(-)
diff --git a/hw/i386/acpi-build.c b/hw/i386/acpi-build.c
index ce5f715..5cd0c80 100644
--- a/hw/i386/acpi-build.c
+++ b/hw/i386/acpi-build.c
@@ -70,6 +70,8 @@ typedef struct AcpiPmInfo {
uint32_t gpe0_blk;
uint32_t gpe0_blk_len;
uint32_t io_base;
+uint16_t cpuhp_io_base;
+uint16_t cpuhp_io_len;
} AcpiPmInfo;
typedef struct AcpiMiscInfo {
@@ -141,11 +143,14 @@ static void acpi_get_pm_info(AcpiPmInfo *pm)
Object *obj = NULL;
QObject *o;
+pm-cpuhp_io_len = ACPI_GPE_PROC_LEN;
if (piix) {
obj = piix;
+pm-cpuhp_io_base = PIIX4_CPU_HOTPLUG_IO_BASE;
}
if (lpc) {
obj = lpc;
+pm-cpuhp_io_base = ICH9_CPU_HOTPLUG_IO_BASE;
}
assert(obj);
Not a must but would be nicer to get these as
device properties.
If we change this, cpuhp_io_len can be used directly ...
@@ -1145,6 +1150,11 @@ build_ssdt(GArray *table_data, GArray *linker,
pm-gpe0_blk, /* _MAX */
0x0, /* _ALN */
pm-gpe0_blk_len); /* _LEN */
+ACPI_IO(RESBUF, Decode16,
+pm-cpuhp_io_base, /* _MIN */
+pm-cpuhp_io_base, /* _MAX */
+0x0, /* _ALN */
+pm-cpuhp_io_len); /* _LEN */
);
);
);
--
1.7.1
Re: [Qemu-devel] [RFC 8/9] pcihp: expose PCI hotplug MMIO base/length as properties of piix4pm
On Fri, Feb 07, 2014 at 01:51:35PM +0100, Igor Mammedov wrote:
with introduction of PCIHP, MMIO range becomes changable
at runtime so it's not possible to statically punch hole
PCI bus _CRS.
Making IO base/length available as readonly properties
allow acpi builder to get values and reserve PCI hotplug
IO range at runtime later.
Signed-off-by: Igor Mammedov imamm...@redhat.com
No objection but I wonder: isn't it already possible to enumerate
memory regions?
---
hw/acpi/pcihp.c | 28
hw/acpi/piix4.c |1 +
include/hw/acpi/pcihp.h |4
3 files changed, 33 insertions(+), 0 deletions(-)
diff --git a/hw/acpi/pcihp.c b/hw/acpi/pcihp.c
index 1ce6fc2..629d364 100644
--- a/hw/acpi/pcihp.c
+++ b/hw/acpi/pcihp.c
@@ -37,6 +37,7 @@
#include hw/pci/pci_bus.h
#include qom/qom-qobject.h
#include qapi/qmp/qint.h
+#include qapi/visitor.h
//#define DEBUG
@@ -309,3 +310,30 @@ const VMStateDescription vmstate_acpi_pcihp_pci_status =
{
VMSTATE_END_OF_LIST()
}
};
+
+static void acpi_pcihp_get_io_addr(Object *obj, Visitor *v, void *opaque,
+ const char *name, Error **errp)
+{
+AcpiPciHpState *s = opaque;
+MemoryRegionSection mr_info = memory_region_find(s-io, 0, 1);
+uint16_t value = mr_info.offset_within_address_space;
+
+visit_type_uint16(v, value, name, errp);
+}
+
+static void acpi_pcihp_get_io_len(Object *obj, Visitor *v, void *opaque,
+ const char *name, Error **errp)
+{
+AcpiPciHpState *s = opaque;
+uint16_t value = memory_region_size(s-io);
+
+visit_type_uint16(v, value, name, errp);
+}
+
+void acpi_pcihp_add_mmio_properties(Object *obj, AcpiPciHpState *s)
+{
+object_property_add(obj, ACPI_PCIHP_IO_ADDR, uint16,
+acpi_pcihp_get_io_addr, NULL, NULL, s, NULL);
+object_property_add(obj, ACPI_PCIHP_IO_LEN, uint16,
+acpi_pcihp_get_io_len, NULL, NULL, s, NULL);
+}
diff --git a/hw/acpi/piix4.c b/hw/acpi/piix4.c
index 7a0efcb..034c5cd 100644
--- a/hw/acpi/piix4.c
+++ b/hw/acpi/piix4.c
@@ -558,6 +558,7 @@ static void piix4_acpi_system_hot_add_init(MemoryRegion
*parent,
acpi-gpe0, GPE_LEN);
memory_region_add_subregion(parent, GPE_BASE, s-io_gpe);
+acpi_pcihp_add_mmio_properties(OBJECT(s), s-acpi_pci_hotplug);
acpi_pcihp_init(s-acpi_pci_hotplug, bus, parent,
s-use_acpi_pci_hotplug);
diff --git a/include/hw/acpi/pcihp.h b/include/hw/acpi/pcihp.h
index 0a90e4a..0eb4e1c 100644
--- a/include/hw/acpi/pcihp.h
+++ b/include/hw/acpi/pcihp.h
@@ -70,4 +70,8 @@ extern const VMStateDescription
vmstate_acpi_pcihp_pci_status;
vmstate_acpi_pcihp_pci_status, \
AcpiPciHpPciStatus)
+#define ACPI_PCIHP_IO_ADDR pcihp-io-addr
+#define ACPI_PCIHP_IO_LEN pcihp-io-len
+
+void acpi_pcihp_add_mmio_properties(Object *obj, AcpiPciHpState *s);
#endif
--
1.7.1
Re: [Qemu-devel] [RFC 0/9] generate dynamic _CRS for motherboard resources
On Fri, Feb 07, 2014 at 01:51:27PM +0100, Igor Mammedov wrote: Since introduction of PCIHP, it became problematic to punch hole in PCI0._CRS statically since PCI hotplug region size became runtime changeable. What makes it runtime changeable? So replace static hole punching with dynamically consumed resources in a child device on PCI0 bus. i.e generate PNP0C02 device as a child of PCI0 bus at runtime and consume GPE0, PCI/CPU hotplug IO resources in it instead of punching holes in static PCI0._CRS. It seems that we are being too exact with IO resources here. Can't we roughly reserve 0xae00 to 0xafff and be done with it? Tested with Windows XPsp3, Vista, Windows Server 2003, 2008, 2012r2. PS: Series adds several ASL like macros to simplify code for dynamic generation of AML structures. Igor Mammedov (9): Revert pc: Q35 DSDT: exclude CPU hotplug IO range from PCI bus resources Revert pc: PIIX DSDT: exclude CPU/PCI hotplug GPE0 IO range from PCI bus resources Partial revert pc: ACPI: expose PRST IO range via _CRS acpi: replace opencoded opcodes with defines acpi: add PNP0C02 to PCI0 bus acpi: consume GPE0 IO resources in PNP0C02 device acpi: consume CPU hotplug IO resource in PNP0C02 device pcihp: expose PCI hotplug MMIO base/length as properties of piix4pm acpi: consume PCIHP IO resource in PNP0C02 device hw/acpi/pcihp.c | 28 ++ hw/acpi/piix4.c |1 + hw/i386/acpi-build.c | 177 ++-- hw/i386/acpi-dsdt-cpu-hotplug.dsl | 11 --- hw/i386/acpi-dsdt-pci-crs.dsl | 15 +++- hw/i386/acpi-dsdt.dsl | 39 hw/i386/q35-acpi-dsdt.dsl | 16 include/hw/acpi/pcihp.h |4 + 8 files changed, 214 insertions(+), 77 deletions(-)
Re: [Qemu-devel] [PATCH v2 01/20] nbd: produce a better error if neither host nor port is passed
Il 14/02/2014 17:54, Jeff Cody ha scritto:
On Tue, Feb 11, 2014 at 06:03:34PM +0100, Paolo Bonzini wrote:
Before:
$ qemu-io-old
qemu-io-old open -r -o file.driver=nbd
qemu-io-old: can't open device (null): Could not open image: Invalid
argument
$ ./qemu-io-old
qemu-io-old open -r -o file.driver=nbd,file.host=foo,file.path=bar
path and host may not be used at the same time.
qemu-io-old: can't open device (null): Could not open image: Invalid
argument
After:
$ ./qemu-io
qemu-io open -r -o file.driver=nbd
one of path and host must be specified.
qemu-io: can't open device (null): Could not open image: Invalid argument
$ ./qemu-io
qemu-io open -r -o file.driver=nbd,file.host=foo,file.path=bar
path and host may not be used at the same time.
qemu-io: can't open device (null): Could not open image: Invalid argument
This breaks test 051, which is parsing the error output. Could you
also update 051.out in this patch? This should fix it:
diff --git tests/qemu-iotests/051.out tests/qemu-iotests/051.out
index 30e2dbd..7de1870 100644
--- tests/qemu-iotests/051.out
+++ tests/qemu-iotests/051.out
@@ -231,7 +231,7 @@ Testing: -drive driver=file
QEMU_PROG: -drive driver=file: could not open disk image ide0-hd0: The 'file'
block driver requires a file name
Testing: -drive driver=nbd
-QEMU_PROG: -drive driver=nbd: could not open disk image ide0-hd0: Could not
open image: Invalid argument
+QEMU_PROG: -drive driver=nbd: could not open disk image ide0-hd0: one of path
and host must be specified.
Testing: -drive driver=raw
QEMU_PROG: -drive driver=raw: could not open disk image ide0-hd0: Can't use
'raw' as a block driver for the protocol level
@@ -240,7 +240,7 @@ Testing: -drive file.driver=file
QEMU_PROG: -drive file.driver=file: could not open disk image ide0-hd0: The
'file' block driver requires a file name
Testing: -drive file.driver=nbd
-QEMU_PROG: -drive file.driver=nbd: could not open disk image ide0-hd0: Could
not open image: Invalid argument
+QEMU_PROG: -drive file.driver=nbd: could not open disk image ide0-hd0: one of
path and host must be specified.
Testing: -drive file.driver=raw
QEMU_PROG: -drive file.driver=raw: could not open disk image ide0-hd0: Can't
use 'raw' as a block driver for the protocol level
Thanks, I was working on an older checkout. Fixed and tested now.
Paolo
Next patch will fix the error propagation.
Signed-off-by: Paolo Bonzini pbonz...@redhat.com
---
block/nbd.c | 13 ++---
1 file changed, 6 insertions(+), 7 deletions(-)
diff --git a/block/nbd.c b/block/nbd.c
index 327e913..fd89083 100644
--- a/block/nbd.c
+++ b/block/nbd.c
@@ -192,19 +192,18 @@ static int nbd_config(BDRVNBDState *s, QDict *options,
char **export)
{
Error *local_err = NULL;
-if (qdict_haskey(options, path)) {
-if (qdict_haskey(options, host)) {
+if (qdict_haskey(options, path) == qdict_haskey(options, host)) {
+if (qdict_haskey(options, path)) {
qerror_report(ERROR_CLASS_GENERIC_ERROR, path and host may not
be used at the same time.);
-return -EINVAL;
+} else {
+qerror_report(ERROR_CLASS_GENERIC_ERROR, one of path and host
+ must be specified.);
}
-s-client.is_unix = true;
-} else if (qdict_haskey(options, host)) {
-s-client.is_unix = false;
-} else {
return -EINVAL;
}
+s-client.is_unix = qdict_haskey(options, path);
s-socket_opts = qemu_opts_create(socket_optslist, NULL, 0,
error_abort);
--
1.8.5.3
[Qemu-devel] Hotplug vs. multifunction regression
Hi guys, Starting from the patch series in 9f117d41 the below error is observed... (reverting to the patch right before it works fine a1483f88) Here is the error: qemu-system-x86_64: hw/pci/pcie.c:240: pcie_cap_slot_hotplug_common: Assertion `((pci_dev-devfn) 0x07) == 0' failed. Here is the command that generated it... CMDLINE: $VAR1 = [ 'qemu-system-x86_64', '-m', '8G', '-machine', 'q35', '-cpu', 'qemu64', '-smp', '4,sockets=1,cores=4,threads=1', '-enable-kvm', '-device', 'ioh3420,bus=pcie.0,addr=1c.0,multifunction=on,port=1,chassis=1,id=root.1', '-device', 'vfio-pci,host=03:00.0,bus=root.1,addr=0.0,multifunction=on,x-vga=on', '-device', 'vfio-pci,host=03:00.1,bus=root.1,addr=0.1', '-device', 'ide-drive,drive=sata-disk0,bus=ide.0', '-drive', 'file=510-drive_sda.qcow2,id=sata-disk0,format=qcow2,cache=writeback,if=none', '-vga', 'none', '-nographic', '-boot', 'menu=on', ]; It seems the hotplug interface doesn't know how to handle multifunction devices. -N
Re: [Qemu-devel] [PATCH v2] discard rbd error output when not relevant in qemu-iotests
The Thursday 09 Jan 2014 à 09:45:14 (+0800), Stefan Hajnoczi wrote : On Wed, Jan 08, 2014 at 09:05:38PM +0100, Loic Dachary wrote: Suppress rbd progress messages with --no-progress so they are not confused with an error output when comparing test results ( progress is displayed on stderr ). Signed-off-by: Loic Dachary l...@dachary.org --- tests/qemu-iotests/common.rc | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) Thanks! Reviewed-by: Stefan Hajnoczi stefa...@redhat.com Should this be merged before 2.0 ? Best regards Benoît
Re: [Qemu-devel] RFC: ioapic polarity vs. qemu os-x guest
On Sun, Feb 16, 2014 at 07:47:00AM -0700, Alex Williamson wrote:
On Sun, 2014-02-16 at 13:41 +0200, Michael S. Tsirkin wrote:
On Fri, Feb 14, 2014 at 11:13:04PM +0100, Alexander Graf wrote:
On 14.02.2014, at 23:06, Gabriel L. Somlo gso...@gmail.com wrote:
On Fri, Feb 14, 2014 at 10:21:09PM +0100, Alexander Graf wrote:
Can't you just turn the polarity around in the pci host adapter?
I tried this:
diff --git a/hw/pci/pci.c b/hw/pci/pci.c
index 1221f32..0e86d21 100644
--- a/hw/pci/pci.c
+++ b/hw/pci/pci.c
@@ -118,13 +118,13 @@ static int pci_bar(PCIDevice *d, int reg)
static inline int pci_irq_state(PCIDevice *d, int irq_num)
{
- return (d-irq_state irq_num) 0x1;
+ return !(d-irq_state irq_num) 0x1;
}
static inline void pci_set_irq_state(PCIDevice *d, int irq_num, int
level)
{
d-irq_state = ~(0x1 irq_num);
- d-irq_state |= level irq_num;
+ d-irq_state = ~(level irq_num);
}
static void pci_change_irq_level(PCIDevice *pci_dev, int irq_num, int
change)
@@ -229,7 +229,7 @@ static void pcibus_reset(BusState *qbus)
}
for (i = 0; i bus-nirq; i++) {
-assert(bus-irq_count[i] == 0);
+assert(bus-irq_count[i] != 0);
}
}
---
but now OS X freezes during boot right after
[ PCI configuration begin ]
[ PCI configuration end, bridges 1, devices 10 ]
RTC: Only single RAM bank (128 bytes)
which all looks normal, except the process is supposed to continue on
from there and doesn't :)
On Linux, I get Fedora 20 live all the way up with no obvious/loud
complaints, but mouse and keyboard don't work at all...
I have to admit I'm a bit out of my depth here, though :)
Yeah, another thing we have to take into account is vhost-net which
generates IRQs directly through irqfd. I guess for those we'll have to
configure the polarity in the irq routing table?
Alex
What will be affected is VFIO which uses IRQFD
for level interrupts with KVM_IRQFD_FLAG_RESAMPLE.
I suspect this will need a kernel change, maybe
a new flag for IRQFD: KVM_IRQFD_FLAG_ACTIVE_LOW,
since at the moment that does:
static void
irqfd_inject(struct work_struct *work)
{
struct _irqfd *irqfd = container_of(work, struct _irqfd, inject);
struct kvm *kvm = irqfd-kvm;
if (!irqfd-resampler) {
kvm_set_irq(kvm, KVM_USERSPACE_IRQ_SOURCE_ID, irqfd-gsi, 1,
false);
kvm_set_irq(kvm, KVM_USERSPACE_IRQ_SOURCE_ID, irqfd-gsi, 0,
false);
} else
kvm_set_irq(kvm, KVM_IRQFD_RESAMPLE_IRQ_SOURCE_ID,
irqfd-gsi, 1, false);
}
As you said in a previous message, devices just want assert de-assert,
1 0, which is what we have here. I would think that what asserted
means only needs to be interpreted at the IOAPIC, so I'd hope we could
get it right w/o an API change.
Well there is a bigger issue: any interrupt with
multiple sources is broken.
__kvm_irq_line_state does a logical OR of all sources,
before XOR with polarity.
This makes no sense if polarity is active low.
One is beginning to think the simplest fix
would be Gabriel's patch after all:
- irq_level ^= entry.fields.polarity;
although it's ugly in that it perpetuates the
bug in more places instead of fixing it.
Thanks,
Alex
Re: [Qemu-devel] [PATCH] memory_region_present: return false if address is not found in child MemoryRegion
On Thu, Feb 06, 2014 at 11:24:33AM +0100, Igor Mammedov wrote:
Windows XP shows COM2 port as non functional in
Device Manager although no COM2 port backing device
is present in QEMU.
That is caused by the fact that QEMU reports to
OSPM that device is present by setting 5th bit in
PII4XPM.pci_conf[0x67] register when COM2 doesn't
exist.
It happens due to memory_region_present(io_as, 0x2f8)
returning false positive since 0x2f8 address eventually
translates into catchall io_as address space.
Fix memory_region_present(parent, addr) by returning
true only if addr maps into a MemoryRegion within
parent (excluding parent itself), to match its
doc comment.
While at it fix copy/paste error in
memory_region_present() doc comment.
Signed-off-by: Igor Mammedov imamm...@redhat.com
Applied, thanks!
---
include/exec/memory.h |6 +++---
memory.c |2 +-
2 files changed, 4 insertions(+), 4 deletions(-)
diff --git a/include/exec/memory.h b/include/exec/memory.h
index 296d6ab..a5eb4c8 100644
--- a/include/exec/memory.h
+++ b/include/exec/memory.h
@@ -838,13 +838,13 @@ void memory_region_set_alias_offset(MemoryRegion *mr,
hwaddr offset);
/**
- * memory_region_present: translate an address/size relative to a
- * MemoryRegion into a #MemoryRegionSection.
+ * memory_region_present: checks if an address relative to a @parent
+ * translates into #MemoryRegion within @parent
*
* Answer whether a #MemoryRegion within @parent covers the address
* @addr.
*
- * @parent: a MemoryRegion within which @addr is a relative address
+ * @parent: a #MemoryRegion within which @addr is a relative address
* @addr: the area within @parent to be searched
*/
bool memory_region_present(MemoryRegion *parent, hwaddr addr);
diff --git a/memory.c b/memory.c
index 59ecc28..3f1df23 100644
--- a/memory.c
+++ b/memory.c
@@ -1562,7 +1562,7 @@ static FlatRange *flatview_lookup(FlatView *view,
AddrRange addr)
bool memory_region_present(MemoryRegion *parent, hwaddr addr)
{
MemoryRegion *mr = memory_region_find(parent, addr, 1).mr;
-if (!mr) {
+if (!mr || (mr == parent)) {
return false;
}
memory_region_unref(mr);
--
1.7.1
Re: [Qemu-devel] [PATCH 5/5] tcg/i386: Use SHLX/SHRX/SARX instructions
On 02/16/2014 06:21 AM, Paolo Bonzini wrote:
Il 31/01/2014 15:43, Richard Henderson ha scritto:
+gen_shift_maybe_vex:
+if (have_bmi2 !const_args[2]) {
+tcg_out_vex_modrm(s, vexop + rexw, args[0], args[2], args[1]);
+break;
+}
+/* FALLTHRU */
What if args[2] happens to be ECX?
shlx handles that just fine. I don't think it's worth an extra check to
fall back to shl on the off-chance that ecx is used; it's pretty far down
on the register allocation order list, so it wouldn't happen often.
r~
Re: [Qemu-devel] [PATCH 1/5] disas/i386: Disassemble ANDN/SHLX/SHRX/SHAX
On Fri, Jan 31, 2014 at 08:43:34AM -0600, Richard Henderson wrote:
Signed-off-by: Richard Henderson r...@twiddle.net
---
disas/i386.c | 146
+--
1 file changed, 132 insertions(+), 14 deletions(-)
diff --git a/disas/i386.c b/disas/i386.c
index 044e02c..104524f 100644
--- a/disas/i386.c
+++ b/disas/i386.c
@@ -171,6 +171,7 @@ static void print_operand_value (char *buf, size_t
bufsize, int hex, bfd_vma dis
static void print_displacement (char *, bfd_vma);
static void OP_E (int, int);
static void OP_G (int, int);
+static void OP_ (int, int);
static bfd_vma get64 (void);
static bfd_signed_vma get32 (void);
static bfd_signed_vma get32s (void);
@@ -264,6 +265,9 @@ static int rex_used;
current instruction. */
static int used_prefixes;
+/* The VEX. register, unencoded. */
+static int vex_reg;
+
/* Flags stored in PREFIXES. */
#define PREFIX_REPZ 1
#define PREFIX_REPNZ 2
@@ -278,6 +282,10 @@ static int used_prefixes;
#define PREFIX_ADDR 0x400
#define PREFIX_FWAIT 0x800
+#define PREFIX_VEX_0F0x1000
+#define PREFIX_VEX_0F38 0x2000
+#define PREFIX_VEX_0F3A 0x4000
+
/* Make sure that bytes from INFO-PRIVATE_DATA-BUFFER (inclusive)
to ADDR (exclusive) are valid. Returns 1 for success, longjmps
on error. */
@@ -323,6 +331,7 @@ fetch_data(struct disassemble_info *info, bfd_byte *addr)
#define XX { NULL, 0 }
+#define Bv { OP_, v_mode }
#define Eb { OP_E, b_mode }
#define Ev { OP_E, v_mode }
#define Ed { OP_E, d_mode }
@@ -671,7 +680,8 @@ fetch_data(struct disassemble_info *info, bfd_byte *addr)
#define PREGRP102 NULL, { { NULL, USE_PREFIX_USER_TABLE }, { NULL, 102 } }
#define PREGRP103 NULL, { { NULL, USE_PREFIX_USER_TABLE }, { NULL, 103 } }
#define PREGRP104 NULL, { { NULL, USE_PREFIX_USER_TABLE }, { NULL, 104 } }
-
+#define PREGRP105 NULL, { { NULL, USE_PREFIX_USER_TABLE }, { NULL, 105 } }
+#define PREGRP106 NULL, { { NULL, USE_PREFIX_USER_TABLE }, { NULL, 106 } }
#define X86_64_0 NULL, { { NULL, X86_64_SPECIAL }, { NULL, 0 } }
#define X86_64_1 NULL, { { NULL, X86_64_SPECIAL }, { NULL, 1 } }
@@ -1449,7 +1459,7 @@ static const unsigned char
threebyte_0x38_uses_DATA_prefix[256] = {
/* c0 */ 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0, /* cf */
/* d0 */ 0,0,0,0,0,0,0,0,0,0,0,1,1,1,1,1, /* df */
/* e0 */ 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0, /* ef */
- /* f0 */ 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0, /* ff */
+ /* f0 */ 0,0,0,0,0,0,0,1,0,0,0,0,0,0,0,0, /* ff */
/* ---*/
/* 0 1 2 3 4 5 6 7 8 9 a b c d e f*/
};
@@ -1473,7 +1483,7 @@ static const unsigned char
threebyte_0x38_uses_REPNZ_prefix[256] = {
/* c0 */ 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0, /* cf */
/* d0 */ 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0, /* df */
/* e0 */ 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0, /* ef */
- /* f0 */ 1,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0, /* ff */
+ /* f0 */ 1,1,0,0,0,0,0,1,0,0,0,0,0,0,0,0, /* ff */
/* ---*/
/* 0 1 2 3 4 5 6 7 8 9 a b c d e f*/
};
@@ -1497,7 +1507,7 @@ static const unsigned char
threebyte_0x38_uses_REPZ_prefix[256] = {
/* c0 */ 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0, /* cf */
/* d0 */ 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0, /* df */
/* e0 */ 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0, /* ef */
- /* f0 */ 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0, /* ff */
+ /* f0 */ 0,0,0,0,0,0,0,1,0,0,0,0,0,0,0,0, /* ff */
/* ---*/
/* 0 1 2 3 4 5 6 7 8 9 a b c d e f*/
};
@@ -2774,6 +2784,22 @@ static const struct dis386 prefix_user_table[][4] = {
{ (bad), { XX } },
},
+ /* PREGRP105 */
+ {
+{ andnS, { Gv, Bv, Ev } },
+{ (bad), { XX } },
+{ (bad), { XX } },
+{ (bad), { XX } },
+ },
+
+ /* PREGRP106 */
+ {
+{ bextrS, { Gv, Ev, Bv } },
+{ sarxS, { Gv, Ev, Bv } },
+{ shlxS, { Gv, Ev, Bv } },
+{ shrxS, { Gv, Ev, Bv } },
+ },
+
};
static const struct dis386 x86_64_table[][2] = {
@@ -3071,12 +3097,12 @@ static const struct dis386 three_byte_table[][256] = {
/* f0 */
{ PREGRP87 },
{ PREGRP88 },
+{ PREGRP105 },
{ (bad), { XX } },
{ (bad), { XX } },
{ (bad), { XX } },
{ (bad), { XX } },
-{ (bad), { XX } },
-{ (bad), { XX } },
+{ PREGRP106 },
/* f8 */
{ (bad), { XX } },
{ (bad), { XX } },
@@ -3477,6 +3503,74 @@ ckprefix (void)
}
}
+static void
+ckvexprefix (void)
+{
+int op, vex2, vex3, newrex = REX_OPCODE, newpfx = prefixes;
+
+if (address_mode == mode_16bit) {
+return;
+}
+
+fetch_data(the_info, codep + 1);
+op = *codep;
+
+if (op != 0xc4 op != 0xc5) {
+return;
+}
+
+fetch_data(the_info, codep + 2);
+vex2 = codep[1];
Re: [Qemu-devel] [PATCH 2/5] tcg/i386: Move TCG_CT_CONST_* to tcg-target.c
On Fri, Jan 31, 2014 at 08:43:35AM -0600, Richard Henderson wrote:
These are not needed by users of tcg-target.h. No need to recompile
when we adjust them.
Signed-off-by: Richard Henderson r...@twiddle.net
---
tcg/i386/tcg-target.c | 4
tcg/i386/tcg-target.h | 3 ---
2 files changed, 4 insertions(+), 3 deletions(-)
diff --git a/tcg/i386/tcg-target.c b/tcg/i386/tcg-target.c
index 5d4cf93..7008b0e 100644
--- a/tcg/i386/tcg-target.c
+++ b/tcg/i386/tcg-target.c
@@ -88,6 +88,10 @@ static const int tcg_target_call_oarg_regs[] = {
#endif
};
+/* Constants we accept. */
+#define TCG_CT_CONST_S32 0x100
+#define TCG_CT_CONST_U32 0x200
+
/* Registers used with L constraint, which are the first argument
registers on x86_64, and two random call clobbered registers on
i386. */
diff --git a/tcg/i386/tcg-target.h b/tcg/i386/tcg-target.h
index 92c0fcd..747b797 100644
--- a/tcg/i386/tcg-target.h
+++ b/tcg/i386/tcg-target.h
@@ -64,9 +64,6 @@ typedef enum {
TCG_REG_RDI = TCG_REG_EDI,
} TCGReg;
-#define TCG_CT_CONST_S32 0x100
-#define TCG_CT_CONST_U32 0x200
-
/* used for function call generation */
#define TCG_REG_CALL_STACK TCG_REG_ESP
#define TCG_TARGET_STACK_ALIGN 16
Reviewed-by: Aurelien Jarno aurel...@aurel32.net
--
Aurelien Jarno GPG: 1024D/F1BCDB73
aurel...@aurel32.net http://www.aurel32.net
Re: [Qemu-devel] [PATCH 3/5] tcg/i386: Add tcg_out_vex_modrm
On Fri, Jan 31, 2014 at 08:43:36AM -0600, Richard Henderson wrote:
Prepare for emitting BMI insns which require VEX encoding.
Signed-off-by: Richard Henderson r...@twiddle.net
---
tcg/i386/tcg-target.c | 41 ++---
1 file changed, 38 insertions(+), 3 deletions(-)
diff --git a/tcg/i386/tcg-target.c b/tcg/i386/tcg-target.c
index 7008b0e..00dbc3b 100644
--- a/tcg/i386/tcg-target.c
+++ b/tcg/i386/tcg-target.c
@@ -402,9 +402,9 @@ static void tcg_out_opc(TCGContext *s, int opc, int r,
int rm, int x)
rex = 0;
rex |= (opc P_REXW) ? 0x8 : 0x0; /* REX.W */
-rex |= (r 8) 1; /* REX.R */
-rex |= (x 8) 2; /* REX.X */
-rex |= (rm 8) 3;/* REX.B */
+rex |= (r 8) 1;/* REX.R */
+rex |= (x 8) 2;/* REX.X */
+rex |= (rm 8) 3; /* REX.B */
/* P_REXB_{R,RM} indicates that the given register is the low byte.
For %[abcd]l we need no REX prefix, but for %{si,di,bp,sp}l we do,
@@ -453,6 +453,41 @@ static void tcg_out_modrm(TCGContext *s, int opc, int r,
int rm)
tcg_out8(s, 0xc0 | (LOWREGMASK(r) 3) | LOWREGMASK(rm));
}
+static void tcg_out_vex_modrm(TCGContext *s, int opc, int r, int v, int rm)
+{
+int tmp;
+
+if ((opc (P_REXW | P_EXT | P_EXT38)) || (rm 8)) {
+/* Three byte VEX prefix. */
+tcg_out8(s, 0xc4);
+
+/* VEX.m- */
+if (opc P_EXT38) {
+tmp = 2;
+} else if (opc P_EXT) {
+tmp = 1;
+} else {
+tcg_abort();
+}
+tmp |= 0x40; /* VEX.X */
+tmp |= (r 8 ? 0 : 0x80); /* VEX.R */
+tmp |= (rm 8 ? 0 : 0x20);/* VEX.B */
+tcg_out8(s, tmp);
+
+tmp = (opc P_REXW ? 0x80 : 0); /* VEX.W */
+} else {
+/* Two byte VEX prefix. */
+tcg_out8(s, 0xc5);
+
+tmp = (r 8 ? 0 : 0x80); /* VEX.R */
+}
+tmp |= (opc P_DATA16 ? 1 : 0); /* VEX.pp */
+tmp |= (~v 15) 3; /* VEX. */
+tcg_out8(s, tmp);
+tcg_out8(s, opc);
+tcg_out8(s, 0xc0 | (LOWREGMASK(r) 3) | LOWREGMASK(rm));
+}
+
/* Output an opcode with a full rm + (indexshift) + offset address mode.
We handle either RM and INDEX missing with a negative value. In 64-bit
mode for absolute addresses, ~RM is the size of the immediate operand
Reviewed-by: Aurelien Jarno aurel...@aurel32.net
--
Aurelien Jarno GPG: 1024D/F1BCDB73
aurel...@aurel32.net http://www.aurel32.net
Re: [Qemu-devel] [PATCH 4/5] tcg/i386: Use ANDN instruction
On Fri, Jan 31, 2014 at 08:43:37AM -0600, Richard Henderson wrote:
Note that the optimizer cannot simplify ANDC X,Y,C to AND X,Y,~C
so we must handle constants in the implementation of andc.
I do wonder if it actually won't be a better idea to add this
simplification to the optimizer instead of adding it to the backend.
The best to do that would be to check with tcg_target_const_match to
see if ANDC would accept such a constraint and to convert it to AND
if not.
The same can probably be done for ORC.
Signed-off-by: Richard Henderson r...@twiddle.net
---
tcg/i386/tcg-target.c | 52
---
tcg/i386/tcg-target.h | 6 --
2 files changed, 45 insertions(+), 13 deletions(-)
diff --git a/tcg/i386/tcg-target.c b/tcg/i386/tcg-target.c
index 00dbc3b..4f6b9c1 100644
--- a/tcg/i386/tcg-target.c
+++ b/tcg/i386/tcg-target.c
@@ -91,6 +91,7 @@ static const int tcg_target_call_oarg_regs[] = {
/* Constants we accept. */
#define TCG_CT_CONST_S32 0x100
#define TCG_CT_CONST_U32 0x200
+#define TCG_CT_CONST_I32 0x400
/* Registers used with L constraint, which are the first argument
registers on x86_64, and two random call clobbered registers on
@@ -128,6 +129,10 @@ static bool have_movbe;
# define have_movbe 0
#endif
+/* We need this symbol in tcg-target.h, and we can't properly conditionalize
+ it there. Therefore we always define the variable. */
+bool have_bmi1;
+
static uint8_t *tb_ret_addr;
static void patch_reloc(uint8_t *code_ptr, int type,
@@ -224,6 +229,9 @@ static int target_parse_constraint(TCGArgConstraint *ct,
const char **pct_str)
case 'Z':
ct-ct |= TCG_CT_CONST_U32;
break;
+case 'I':
+ct-ct |= TCG_CT_CONST_I32;
+break;
default:
return -1;
@@ -247,6 +255,9 @@ static inline int tcg_target_const_match(tcg_target_long
val,
if ((ct TCG_CT_CONST_U32) val == (uint32_t)val) {
return 1;
}
+if ((ct TCG_CT_CONST_I32) ~val == (int32_t)~val) {
+return 1;
+}
return 0;
}
@@ -276,6 +287,7 @@ static inline int tcg_target_const_match(tcg_target_long
val,
#define OPC_ARITH_EvIz (0x81)
#define OPC_ARITH_EvIb (0x83)
#define OPC_ARITH_GvEv (0x03) /* ... plus (ARITH_FOO 3) */
+#define OPC_ANDN(0xf2 | P_EXT38)
#define OPC_ADD_GvEv (OPC_ARITH_GvEv | (ARITH_ADD 3))
#define OPC_BSWAP(0xc8 | P_EXT)
#define OPC_CALL_Jz (0xe8)
@@ -1813,6 +1825,16 @@ static inline void tcg_out_op(TCGContext *s, TCGOpcode
opc,
}
break;
+OP_32_64(andc):
+if (const_args[2]) {
+tcg_out_mov(s, rexw ? TCG_TYPE_I64 : TCG_TYPE_I32,
+args[0], args[1]);
+tgen_arithi(s, ARITH_AND + rexw, args[0], ~args[2], 0);
+} else {
+tcg_out_vex_modrm(s, OPC_ANDN + rexw, args[0], args[2], args[1]);
+}
+break;
+
OP_32_64(mul):
if (const_args[2]) {
int32_t val;
@@ -2041,6 +2063,7 @@ static const TCGTargetOpDef x86_op_defs[] = {
{ INDEX_op_and_i32, { r, 0, ri } },
{ INDEX_op_or_i32, { r, 0, ri } },
{ INDEX_op_xor_i32, { r, 0, ri } },
+{ INDEX_op_andc_i32, { r, r, ri } },
{ INDEX_op_shl_i32, { r, 0, ci } },
{ INDEX_op_shr_i32, { r, 0, ci } },
@@ -2098,6 +2121,7 @@ static const TCGTargetOpDef x86_op_defs[] = {
{ INDEX_op_and_i64, { r, 0, reZ } },
{ INDEX_op_or_i64, { r, 0, re } },
{ INDEX_op_xor_i64, { r, 0, re } },
+{ INDEX_op_andc_i64, { r, r, rI } },
{ INDEX_op_shl_i64, { r, 0, ci } },
{ INDEX_op_shr_i64, { r, 0, ci } },
@@ -2235,25 +2259,31 @@ static void tcg_target_qemu_prologue(TCGContext *s)
static void tcg_target_init(TCGContext *s)
{
-#if !(defined(have_cmov) defined(have_movbe))
-{
-unsigned a, b, c, d;
-int ret = __get_cpuid(1, a, b, c, d);
+unsigned a, b, c, d;
+int max = __get_cpuid_max(0, 0);
-# ifndef have_cmov
+if (max = 1) {
+__cpuid(1, a, b, c, d);
+#ifndef have_cmov
/* For 32-bit, 99% certainty that we're running on hardware that
supports cmov, but we still need to check. In case cmov is not
available, we'll use a small forward branch. */
-have_cmov = ret (d bit_CMOV);
-# endif
-
-# ifndef have_movbe
+have_cmov = (d bit_CMOV) != 0;
+#endif
+#ifndef have_movbe
/* MOVBE is only available on Intel Atom and Haswell CPUs, so we
need to probe for it. */
-have_movbe = ret (c bit_MOVBE);
-# endif
+have_movbe = (c bit_MOVBE) != 0;
+#endif
}
+
+if (max = 7) {
+/* BMI1 is available on AMD Piledriver and Intel Haswell CPUs. */
+__cpuid_count(7, 0, a, b, c, d);
+#ifdef bit_BMI
+have_bmi1 = (b bit_BMI) != 0;
#endif
+}
if
Re: [Qemu-devel] [PATCH 5/8] tcg/optimize: Handle known-zeros masks for ANDC
On Fri, Jan 31, 2014 at 08:47:00AM -0600, Richard Henderson wrote:
Signed-off-by: Richard Henderson r...@twiddle.net
---
tcg/optimize.c | 11 +++
1 file changed, 11 insertions(+)
diff --git a/tcg/optimize.c b/tcg/optimize.c
index d3b099a..3291a08 100644
--- a/tcg/optimize.c
+++ b/tcg/optimize.c
@@ -727,6 +727,17 @@ static TCGArg *tcg_constant_folding(TCGContext *s,
uint16_t *tcg_opc_ptr,
mask = temps[args[1]].mask mask;
break;
+CASE_OP_32_64(andc):
+/* Known-zeros does not imply known-ones. Therefore unless
+ args[2] is constant, we can't infer anything from it. */
+if (temps[args[2]].state == TCG_TEMP_CONST) {
+mask = ~temps[args[2]].mask;
+goto and_const;
+}
+/* But we certainly know nothing outside args[1] may be set. */
+mask = temps[args[1]].mask;
+break;
+
case INDEX_op_sar_i32:
if (temps[args[2]].state == TCG_TEMP_CONST) {
mask = (int32_t)temps[args[1]].mask temps[args[2]].val;
Reviewed-by: Aurelien Jarno aurel...@aurel32.net
--
Aurelien Jarno GPG: 1024D/F1BCDB73
aurel...@aurel32.net http://www.aurel32.net
Re: [Qemu-devel] [PATCH 5/5] tcg/i386: Use SHLX/SHRX/SARX instructions
On Fri, Jan 31, 2014 at 08:43:38AM -0600, Richard Henderson wrote:
These three-operand shift instructions do not require the shift count
to be placed into ECX. This reduces the number of mov insns required,
with the mere addition of a new register constraint.
Don't attempt to get rid of the matching constraint, as that's impossible
to manipulate with just a new constraint. In addition, constant shifts
still need the matching constraint.
Signed-off-by: Richard Henderson r...@twiddle.net
---
tcg/i386/tcg-target.c | 61
+--
1 file changed, 50 insertions(+), 11 deletions(-)
diff --git a/tcg/i386/tcg-target.c b/tcg/i386/tcg-target.c
index 4f6b9c1..fef1717 100644
--- a/tcg/i386/tcg-target.c
+++ b/tcg/i386/tcg-target.c
@@ -133,6 +133,12 @@ static bool have_movbe;
it there. Therefore we always define the variable. */
bool have_bmi1;
+#if defined(CONFIG_CPUID_H) defined(bit_BMI2)
+static bool have_bmi2;
+#else
+# define have_bmi2 0
+#endif
+
static uint8_t *tb_ret_addr;
static void patch_reloc(uint8_t *code_ptr, int type,
@@ -175,6 +181,7 @@ static int target_parse_constraint(TCGArgConstraint *ct,
const char **pct_str)
tcg_regset_set_reg(ct-u.regs, TCG_REG_EBX);
break;
case 'c':
+case_c:
ct-ct |= TCG_CT_REG;
tcg_regset_set_reg(ct-u.regs, TCG_REG_ECX);
break;
@@ -203,6 +210,7 @@ static int target_parse_constraint(TCGArgConstraint *ct,
const char **pct_str)
tcg_regset_set32(ct-u.regs, 0, 0xf);
break;
case 'r':
+case_r:
ct-ct |= TCG_CT_REG;
if (TCG_TARGET_REG_BITS == 64) {
tcg_regset_set32(ct-u.regs, 0, 0x);
@@ -210,6 +218,13 @@ static int target_parse_constraint(TCGArgConstraint *ct,
const char **pct_str)
tcg_regset_set32(ct-u.regs, 0, 0xff);
}
break;
+case 'C':
+/* With SHRX et al, we need not use ECX as shift count register. */
+if (have_bmi2) {
+goto case_r;
+} else {
+goto case_c;
+}
/* qemu_ld/st address constraint */
case 'L':
@@ -283,6 +298,8 @@ static inline int tcg_target_const_match(tcg_target_long
val,
# define P_REXB_RM 0
# define P_GS 0
#endif
+#define P_SIMDF30x1 /* 0xf3 opcode prefix */
+#define P_SIMDF20x2 /* 0xf2 opcode prefix */
#define OPC_ARITH_EvIz (0x81)
#define OPC_ARITH_EvIb (0x83)
@@ -325,6 +342,9 @@ static inline int tcg_target_const_match(tcg_target_long
val,
#define OPC_SHIFT_1 (0xd1)
#define OPC_SHIFT_Ib (0xc1)
#define OPC_SHIFT_cl (0xd3)
+#define OPC_SARX(0xf7 | P_EXT38 | P_SIMDF3)
+#define OPC_SHLX(0xf7 | P_EXT38 | P_DATA16)
+#define OPC_SHRX(0xf7 | P_EXT38 | P_SIMDF2)
#define OPC_TESTL(0x85)
#define OPC_XCHG_ax_r32 (0x90)
@@ -493,7 +513,14 @@ static void tcg_out_vex_modrm(TCGContext *s, int opc,
int r, int v, int rm)
tmp = (r 8 ? 0 : 0x80); /* VEX.R */
}
-tmp |= (opc P_DATA16 ? 1 : 0); /* VEX.pp */
+/* VEX.pp */
+if (opc P_DATA16) {
+tmp |= 1; /* 0x66 */
+} else if (opc P_SIMDF3) {
+tmp |= 2; /* 0xf3 */
+} else if (opc P_SIMDF2) {
+tmp |= 3; /* 0xf2 */
+}
tmp |= (~v 15) 3; /* VEX. */
tcg_out8(s, tmp);
tcg_out8(s, opc);
@@ -1689,7 +1716,7 @@ static void tcg_out_qemu_st(TCGContext *s, const TCGArg
*args, bool is64)
static inline void tcg_out_op(TCGContext *s, TCGOpcode opc,
const TCGArg *args, const int *const_args)
{
-int c, rexw = 0;
+int c, vexop, rexw = 0;
#if TCG_TARGET_REG_BITS == 64
# define OP_32_64(x) \
@@ -1860,19 +1887,28 @@ static inline void tcg_out_op(TCGContext *s,
TCGOpcode opc,
OP_32_64(shl):
c = SHIFT_SHL;
-goto gen_shift;
+vexop = OPC_SHLX;
+goto gen_shift_maybe_vex;
OP_32_64(shr):
c = SHIFT_SHR;
-goto gen_shift;
+vexop = OPC_SHRX;
+goto gen_shift_maybe_vex;
OP_32_64(sar):
c = SHIFT_SAR;
-goto gen_shift;
+vexop = OPC_SARX;
+goto gen_shift_maybe_vex;
OP_32_64(rotl):
c = SHIFT_ROL;
goto gen_shift;
OP_32_64(rotr):
c = SHIFT_ROR;
goto gen_shift;
+gen_shift_maybe_vex:
+if (have_bmi2 !const_args[2]) {
+tcg_out_vex_modrm(s, vexop + rexw, args[0], args[2], args[1]);
+break;
+}
+/* FALLTHRU */
gen_shift:
if (const_args[2]) {
tcg_out_shifti(s, c + rexw, args[0], args[2]);
@@ -2065,9 +2101,9 @@ static const TCGTargetOpDef x86_op_defs[] = {
{
[Qemu-devel] [PATCH 1/6] target-arm: A64: Add opcode comments to disas_simd_three_reg_diff
The opcode switch in disas_simd_three_reg_diff() is missing the
customary comments indicating which cases correspond to which
instructions. Add them.
Signed-off-by: Peter Maydell peter.mayd...@linaro.org
---
target-arm/translate-a64.c | 22 +++---
1 file changed, 11 insertions(+), 11 deletions(-)
diff --git a/target-arm/translate-a64.c b/target-arm/translate-a64.c
index 3de9cad..d4e7a20 100644
--- a/target-arm/translate-a64.c
+++ b/target-arm/translate-a64.c
@@ -7091,24 +7091,24 @@ static void disas_simd_three_reg_diff(DisasContext *s,
uint32_t insn)
/* 128 x 128 - 64 */
unsupported_encoding(s, insn);
break;
-case 9:
-case 11:
-case 13:
-case 14:
+case 9: /* SQDMLAL, SQDMLAL2 */
+case 11: /* SQDMLSL, SQDMLSL2 */
+case 13: /* SQDMULL, SQDMULL2 */
+case 14: /* PMULL, PMULL2 */
if (is_u) {
unallocated_encoding(s);
return;
}
/* fall through */
-case 0:
-case 2:
+case 0: /* SADDL, SADDL2, UADDL, UADDL2 */
+case 2: /* SSUBL, SSUBL2, USUBL, USUBL2 */
unsupported_encoding(s, insn);
break;
-case 5:
-case 7:
-case 8:
-case 10:
-case 12:
+case 5: /* SABAL, SABAL2, UABAL, UABAL2 */
+case 7: /* SABDL, SABDL2, UABDL, UABDL2 */
+case 8: /* SMLAL, SMLAL2, UMLAL, UMLAL2 */
+case 10: /* SMLSL, SMLSL2, UMLSL, UMLSL2 */
+case 12: /* SMULL, SMULL2, UMULL, UMULL2 */
/* 64 x 64 - 128 */
if (size == 3) {
unallocated_encoding(s);
--
1.8.5
[Qemu-devel] [PATCH 5/6] target-arm: A64: Implement PMULL instruction
Implement the PMULL instruction; this is the last unimplemented insn
in the three-reg-diff group.
Note that PMULL with size 3 is considered part of the AES part
of the crypto extensions (see the ID_AA64ISAR0_EL1 register definition
in the v8 ARM ARM), so it isn't necessary to burn an extra feature
bit on it, even though we're using more feature bits than a single
crypto extension present/not present toggle.
Signed-off-by: Peter Maydell peter.mayd...@linaro.org
---
target-arm/helper-a64.c| 30 ++
target-arm/helper-a64.h| 2 ++
target-arm/translate-a64.c | 41 +++--
target-arm/translate.c | 1 +
target-arm/translate.h | 6 ++
5 files changed, 78 insertions(+), 2 deletions(-)
diff --git a/target-arm/helper-a64.c b/target-arm/helper-a64.c
index c2ce33e..84dd2cd 100644
--- a/target-arm/helper-a64.c
+++ b/target-arm/helper-a64.c
@@ -180,6 +180,36 @@ uint64_t HELPER(simd_tbl)(CPUARMState *env, uint64_t
result, uint64_t indices,
return result;
}
+/* Helper function for 64 bit polynomial multiply case:
+ * perform PolynomialMult(op1, op2) and return either the top or
+ * bottom half of the 128 bit result.
+ */
+uint64_t HELPER(neon_pmull_64_lo)(CPUARMState *env, uint64_t op1, uint64_t op2)
+{
+int bitnum;
+uint64_t res = 0;
+
+for (bitnum = 0; bitnum 64; bitnum++) {
+if (op1 (1ULL bitnum)) {
+res ^= op2 bitnum;
+}
+}
+return res;
+}
+uint64_t HELPER(neon_pmull_64_hi)(CPUARMState *env, uint64_t op1, uint64_t op2)
+{
+int bitnum;
+uint64_t res = 0;
+
+/* bit 0 of op1 can't influence the high 64 bits at all */
+for (bitnum = 1; bitnum 64; bitnum++) {
+if (op1 (1ULL bitnum)) {
+res ^= op2 (64 - bitnum);
+}
+}
+return res;
+}
+
/* 64bit/double versions of the neon float compare functions */
uint64_t HELPER(neon_ceq_f64)(float64 a, float64 b, void *fpstp)
{
diff --git a/target-arm/helper-a64.h b/target-arm/helper-a64.h
index ab9933c..95e4220 100644
--- a/target-arm/helper-a64.h
+++ b/target-arm/helper-a64.h
@@ -27,6 +27,8 @@ DEF_HELPER_3(vfp_cmpes_a64, i64, f32, f32, ptr)
DEF_HELPER_3(vfp_cmpd_a64, i64, f64, f64, ptr)
DEF_HELPER_3(vfp_cmped_a64, i64, f64, f64, ptr)
DEF_HELPER_FLAGS_5(simd_tbl, TCG_CALL_NO_RWG_SE, i64, env, i64, i64, i32, i32)
+DEF_HELPER_FLAGS_3(neon_pmull_64_lo, TCG_CALL_NO_RWG_SE, i64, env, i64, i64)
+DEF_HELPER_FLAGS_3(neon_pmull_64_hi, TCG_CALL_NO_RWG_SE, i64, env, i64, i64)
DEF_HELPER_FLAGS_3(vfp_mulxs, TCG_CALL_NO_RWG, f32, f32, f32, ptr)
DEF_HELPER_FLAGS_3(vfp_mulxd, TCG_CALL_NO_RWG, f64, f64, f64, ptr)
DEF_HELPER_FLAGS_3(neon_ceq_f64, TCG_CALL_NO_RWG, i64, i64, i64, ptr)
diff --git a/target-arm/translate-a64.c b/target-arm/translate-a64.c
index cb630d8..1ceaa8a 100644
--- a/target-arm/translate-a64.c
+++ b/target-arm/translate-a64.c
@@ -7087,6 +7087,10 @@ static void handle_3rd_widening(DisasContext *s, int
is_q, int is_u, int size,
gen_helper_neon_addl_saturate_s32(tcg_passres, cpu_env,
tcg_passres, tcg_passres);
break;
+case 14: /* PMULL */
+assert(size == 0);
+gen_helper_neon_mull_p8(tcg_passres, tcg_op1, tcg_op2);
+break;
default:
g_assert_not_reached();
}
@@ -7206,6 +7210,30 @@ static void handle_3rd_narrowing(DisasContext *s, int
is_q, int is_u, int size,
}
}
+static void handle_pmull_64(DisasContext *s, int is_q, int rd, int rn, int rm)
+{
+/* PMULL of 64 x 64 - 128 is an odd special case because it
+ * is the only three-reg-diff instruction which produces a
+ * 128-bit wide result from a single operation. However since
+ * it's possible to calculate the two halves more or less
+ * separately we just use two helper calls.
+ */
+TCGv_i64 tcg_op1 = tcg_temp_new_i64();
+TCGv_i64 tcg_op2 = tcg_temp_new_i64();
+TCGv_i64 tcg_res = tcg_temp_new_i64();
+
+read_vec_element(s, tcg_op1, rn, is_q, MO_64);
+read_vec_element(s, tcg_op2, rm, is_q, MO_64);
+gen_helper_neon_pmull_64_lo(tcg_res, cpu_env, tcg_op1, tcg_op2);
+write_vec_element(s, tcg_res, rd, 0, MO_64);
+gen_helper_neon_pmull_64_hi(tcg_res, cpu_env, tcg_op1, tcg_op2);
+write_vec_element(s, tcg_res, rd, 1, MO_64);
+
+tcg_temp_free_i64(tcg_op1);
+tcg_temp_free_i64(tcg_op2);
+tcg_temp_free_i64(tcg_res);
+}
+
/* C3.6.15 AdvSIMD three different
* 31 30 29 28 24 23 22 21 20 16 1512 11 10 95 40
* +---+---+---+---+--+---+--++-+--+--+
@@ -7256,8 +7284,15 @@ static void disas_simd_three_reg_diff(DisasContext *s,
uint32_t insn)
unallocated_encoding(s);
return;
}
-unsupported_encoding(s, insn);
-break;
+if (size == 3) {
+if
[Qemu-devel] [PATCH 0/6] A64: finish Neon 3-reg-diff category, add LDTR/STTR
Another patchset of random filling in the gaps in our Neon coverage. Patches 1 through 5 complete our handling of the three-reg-different category of Neon instructions. Patch 6 implements the unprivileged load/store LDTR/STTR instructions. (In fact AArch64 Linux doesn't use these, and they're pretty pointless in user mode, but they're easy enough to implement.) I haven't put in any of the fp_access_check() calls because I'm assuming these will pass code review before the system emulation patchset does; I'll update the latter to add the extra checks as necessary at that point. thanks -- PMM Peter Maydell (6): target-arm: A64: Add opcode comments to disas_simd_three_reg_diff target-arm: A64: Add most remaining three-reg-diff widening ops target-arm: A64: Implement the wide 3-reg-different operations target-arm: A64: Implement narrowing three-reg-diff operations target-arm: A64: Implement PMULL instruction target-arm: A64: Implement unprivileged load/store target-arm/helper-a64.c| 30 target-arm/helper-a64.h| 2 + target-arm/translate-a64.c | 336 - target-arm/translate.c | 1 + target-arm/translate.h | 6 + 5 files changed, 310 insertions(+), 65 deletions(-) -- 1.8.5
[Qemu-devel] [PATCH 6/6] target-arm: A64: Implement unprivileged load/store
Implement the unprivileged load and store instructions.
Signed-off-by: Peter Maydell peter.mayd...@linaro.org
---
target-arm/translate-a64.c | 69 +-
1 file changed, 37 insertions(+), 32 deletions(-)
diff --git a/target-arm/translate-a64.c b/target-arm/translate-a64.c
index 1ceaa8a..8f1da24 100644
--- a/target-arm/translate-a64.c
+++ b/target-arm/translate-a64.c
@@ -618,20 +618,26 @@ static void gen_adc_CC(int sf, TCGv_i64 dest, TCGv_i64
t0, TCGv_i64 t1)
*/
/*
- * Store from GPR register to memory
+ * Store from GPR register to memory.
*/
+static void do_gpr_st_memidx(DisasContext *s, TCGv_i64 source,
+ TCGv_i64 tcg_addr, int size, int memidx)
+{
+g_assert(size = 3);
+tcg_gen_qemu_st_i64(source, tcg_addr, memidx, MO_TE + size);
+}
+
static void do_gpr_st(DisasContext *s, TCGv_i64 source,
TCGv_i64 tcg_addr, int size)
{
-g_assert(size = 3);
-tcg_gen_qemu_st_i64(source, tcg_addr, get_mem_index(s), MO_TE + size);
+do_gpr_st_memidx(s, source, tcg_addr, size, get_mem_index(s));
}
/*
* Load from memory to GPR register
*/
-static void do_gpr_ld(DisasContext *s, TCGv_i64 dest, TCGv_i64 tcg_addr,
- int size, bool is_signed, bool extend)
+static void do_gpr_ld_memidx(DisasContext *s, TCGv_i64 dest, TCGv_i64 tcg_addr,
+ int size, bool is_signed, bool extend, int memidx)
{
TCGMemOp memop = MO_TE + size;
@@ -641,7 +647,7 @@ static void do_gpr_ld(DisasContext *s, TCGv_i64 dest,
TCGv_i64 tcg_addr,
memop += MO_SIGN;
}
-tcg_gen_qemu_ld_i64(dest, tcg_addr, get_mem_index(s), memop);
+tcg_gen_qemu_ld_i64(dest, tcg_addr, memidx, memop);
if (extend is_signed) {
g_assert(size 3);
@@ -649,6 +655,13 @@ static void do_gpr_ld(DisasContext *s, TCGv_i64 dest,
TCGv_i64 tcg_addr,
}
}
+static void do_gpr_ld(DisasContext *s, TCGv_i64 dest, TCGv_i64 tcg_addr,
+ int size, bool is_signed, bool extend)
+{
+do_gpr_ld_memidx(s, dest, tcg_addr, size, is_signed, extend,
+ get_mem_index(s));
+}
+
/*
* Store from FP register to memory
*/
@@ -1824,6 +1837,7 @@ static void disas_ldst_pair(DisasContext *s, uint32_t
insn)
* ++---+---+-+-+---++-+--+--+
*
* idx = 01 - post-indexed, 11 pre-indexed, 00 unscaled imm. (no writeback)
+ 10 - unprivileged
* V = 0 - non-vector
* size: 00 - 8 bit, 01 - 16 bit, 10 - 32 bit, 11 - 64bit
* opc: 00 - store, 01 - loadu, 10 - loads 64, 11 - loads 32
@@ -1839,6 +1853,7 @@ static void disas_ldst_reg_imm9(DisasContext *s, uint32_t
insn)
bool is_signed = false;
bool is_store = false;
bool is_extended = false;
+bool is_unpriv = (idx == 2);
bool is_vector = extract32(insn, 26, 1);
bool post_index;
bool writeback;
@@ -1847,7 +1862,7 @@ static void disas_ldst_reg_imm9(DisasContext *s, uint32_t
insn)
if (is_vector) {
size |= (opc 2) 1;
-if (size 4) {
+if (size 4 || is_unpriv) {
unallocated_encoding(s);
return;
}
@@ -1855,6 +1870,10 @@ static void disas_ldst_reg_imm9(DisasContext *s,
uint32_t insn)
} else {
if (size == 3 opc == 2) {
/* PRFM - prefetch */
+if (is_unpriv) {
+unallocated_encoding(s);
+return;
+}
return;
}
if (opc == 3 size 1) {
@@ -1868,6 +1887,7 @@ static void disas_ldst_reg_imm9(DisasContext *s, uint32_t
insn)
switch (idx) {
case 0:
+case 2:
post_index = false;
writeback = false;
break;
@@ -1879,9 +1899,6 @@ static void disas_ldst_reg_imm9(DisasContext *s, uint32_t
insn)
post_index = false;
writeback = true;
break;
-case 2:
-g_assert(false);
-break;
}
if (rn == 31) {
@@ -1901,10 +1918,13 @@ static void disas_ldst_reg_imm9(DisasContext *s,
uint32_t insn)
}
} else {
TCGv_i64 tcg_rt = cpu_reg(s, rt);
+int memidx = is_unpriv ? 1 : get_mem_index(s);
+
if (is_store) {
-do_gpr_st(s, tcg_rt, tcg_addr, size);
+do_gpr_st_memidx(s, tcg_rt, tcg_addr, size, memidx);
} else {
-do_gpr_ld(s, tcg_rt, tcg_addr, size, is_signed, is_extended);
+do_gpr_ld_memidx(s, tcg_rt, tcg_addr, size,
+ is_signed, is_extended, memidx);
}
}
@@ -2084,25 +2104,6 @@ static void disas_ldst_reg_unsigned_imm(DisasContext *s,
uint32_t insn)
}
}
-/* Load/store register (immediate forms) */
-static void disas_ldst_reg_imm(DisasContext *s, uint32_t insn)
-{
-switch (extract32(insn, 10, 2)) {
-case 0: case 1: case 3:
-/* Load/store register (unscaled immediate) */
-/* Load/store immediate pre/post-indexed */
-
[Qemu-devel] [PATCH 4/6] target-arm: A64: Implement narrowing three-reg-diff operations
Implement the narrowing three-reg-diff operations: ADDHN,
RADDHN, SUBHN and RSUBHN.
Signed-off-by: Peter Maydell peter.mayd...@linaro.org
---
target-arm/translate-a64.c | 60 +-
1 file changed, 59 insertions(+), 1 deletion(-)
diff --git a/target-arm/translate-a64.c b/target-arm/translate-a64.c
index 511f15e..cb630d8 100644
--- a/target-arm/translate-a64.c
+++ b/target-arm/translate-a64.c
@@ -7152,6 +7152,60 @@ static void handle_3rd_wide(DisasContext *s, int is_q,
int is_u, int size,
}
}
+static void do_narrow_high_u32(TCGv_i32 res, TCGv_i64 in)
+{
+tcg_gen_shri_i64(in, in, 32);
+tcg_gen_trunc_i64_i32(res, in);
+}
+
+static void do_narrow_round_high_u32(TCGv_i32 res, TCGv_i64 in)
+{
+tcg_gen_addi_i64(in, in, 1U 31);
+do_narrow_high_u32(res, in);
+}
+
+static void handle_3rd_narrowing(DisasContext *s, int is_q, int is_u, int size,
+ int opcode, int rd, int rn, int rm)
+{
+TCGv_i32 tcg_res[2];
+int part = is_q ? 2 : 0;
+int pass;
+
+for (pass = 0; pass 2; pass++) {
+TCGv_i64 tcg_op1 = tcg_temp_new_i64();
+TCGv_i64 tcg_op2 = tcg_temp_new_i64();
+TCGv_i64 tcg_wideres = tcg_temp_new_i64();
+static NeonGenNarrowFn * const narrowfns[3][2] = {
+{ gen_helper_neon_narrow_high_u8,
+ gen_helper_neon_narrow_round_high_u8 },
+{ gen_helper_neon_narrow_high_u16,
+ gen_helper_neon_narrow_round_high_u16 },
+{ do_narrow_high_u32, do_narrow_round_high_u32 },
+};
+NeonGenNarrowFn *gennarrow = narrowfns[size][is_u];
+
+read_vec_element(s, tcg_op1, rn, pass, MO_64);
+read_vec_element(s, tcg_op2, rm, pass, MO_64);
+
+gen_neon_addl(size, (opcode == 6), tcg_wideres, tcg_op1, tcg_op2);
+
+tcg_temp_free_i64(tcg_op1);
+tcg_temp_free_i64(tcg_op2);
+
+tcg_res[pass] = tcg_temp_new_i32();
+gennarrow(tcg_res[pass], tcg_wideres);
+tcg_temp_free_i64(tcg_wideres);
+}
+
+for (pass = 0; pass 2; pass++) {
+write_vec_element_i32(s, tcg_res[pass], rd, pass + part, MO_32);
+tcg_temp_free_i32(tcg_res[pass]);
+}
+if (!is_q) {
+clear_vec_high(s, rd);
+}
+}
+
/* C3.6.15 AdvSIMD three different
* 31 30 29 28 24 23 22 21 20 16 1512 11 10 95 40
* +---+---+---+---+--+---+--++-+--+--+
@@ -7191,7 +7245,11 @@ static void disas_simd_three_reg_diff(DisasContext *s,
uint32_t insn)
case 4: /* ADDHN, ADDHN2, RADDHN, RADDHN2 */
case 6: /* SUBHN, SUBHN2, RSUBHN, RSUBHN2 */
/* 128 x 128 - 64 */
-unsupported_encoding(s, insn);
+if (size == 3) {
+unallocated_encoding(s);
+return;
+}
+handle_3rd_narrowing(s, is_q, is_u, size, opcode, rd, rn, rm);
break;
case 14: /* PMULL, PMULL2 */
if (is_u || size == 1 || size == 2) {
--
1.8.5
Re: [Qemu-devel] [PATCH 6/8] tcg/optimize: Simply some logical ops to NOT
On Fri, Jan 31, 2014 at 08:47:01AM -0600, Richard Henderson wrote:
Given, of course, an appropriate constant. These could be generated
from the canonical operation for inversion on the guest, or via
other optimizations.
Signed-off-by: Richard Henderson r...@twiddle.net
---
tcg/optimize.c | 57 +
1 file changed, 57 insertions(+)
diff --git a/tcg/optimize.c b/tcg/optimize.c
index 3291a08..cdfc746 100644
--- a/tcg/optimize.c
+++ b/tcg/optimize.c
@@ -655,6 +655,63 @@ static TCGArg *tcg_constant_folding(TCGContext *s,
uint16_t *tcg_opc_ptr,
}
}
break;
+CASE_OP_32_64(xor):
+CASE_OP_32_64(nand):
+if (temps[args[1]].state != TCG_TEMP_CONST
+ temps[args[2]].state == TCG_TEMP_CONST
+ temps[args[2]].val == -1) {
+i = 1;
+goto try_not;
+}
+break;
+CASE_OP_32_64(nor):
+if (temps[args[1]].state != TCG_TEMP_CONST
+ temps[args[2]].state == TCG_TEMP_CONST
+ temps[args[2]].val == 0) {
+i = 1;
+goto try_not;
+}
+break;
+CASE_OP_32_64(andc):
+if (temps[args[2]].state != TCG_TEMP_CONST
+ temps[args[1]].state == TCG_TEMP_CONST
+ temps[args[1]].val == -1) {
+i = 2;
+goto try_not;
+}
+break;
+CASE_OP_32_64(orc):
+CASE_OP_32_64(eqv):
+if (temps[args[2]].state != TCG_TEMP_CONST
+ temps[args[1]].state == TCG_TEMP_CONST
+ temps[args[1]].val == 0) {
+i = 2;
+goto try_not;
+}
+break;
+try_not:
+{
+TCGOpcode not_op;
+bool have_not;
+
+if (def-flags TCG_OPF_64BIT) {
+not_op = INDEX_op_not_i64;
+have_not = TCG_TARGET_HAS_not_i64;
+} else {
+not_op = INDEX_op_not_i32;
+have_not = TCG_TARGET_HAS_not_i32;
+}
+if (!have_not) {
+break;
+}
+s-gen_opc_buf[op_index] = not_op;
+reset_temp(args[0]);
+gen_args[0] = args[0];
+gen_args[1] = args[i];
+args += 3;
+gen_args += 2;
+continue;
+}
default:
break;
}
Reviewed-by: Aurelien Jarno aurel...@aurel32.net
--
Aurelien Jarno GPG: 1024D/F1BCDB73
aurel...@aurel32.net http://www.aurel32.net
[Qemu-devel] [PATCH 2/6] target-arm: A64: Add most remaining three-reg-diff widening ops
Add the remainder of the 64x64-128 operations in the three-reg-diff
category except for PMULL, PMULL2.
Signed-off-by: Peter Maydell peter.mayd...@linaro.org
---
target-arm/translate-a64.c | 109 -
1 file changed, 88 insertions(+), 21 deletions(-)
diff --git a/target-arm/translate-a64.c b/target-arm/translate-a64.c
index d4e7a20..809fbdb 100644
--- a/target-arm/translate-a64.c
+++ b/target-arm/translate-a64.c
@@ -75,8 +75,10 @@ typedef struct AArch64DecodeTable {
/* Function prototype for gen_ functions for calling Neon helpers */
typedef void NeonGenTwoOpFn(TCGv_i32, TCGv_i32, TCGv_i32);
typedef void NeonGenTwoOpEnvFn(TCGv_i32, TCGv_ptr, TCGv_i32, TCGv_i32);
+typedef void NeonGenTwo64OpFn(TCGv_i64, TCGv_i64, TCGv_i64);
typedef void NeonGenNarrowFn(TCGv_i32, TCGv_i64);
typedef void NeonGenNarrowEnvFn(TCGv_i32, TCGv_ptr, TCGv_i64);
+typedef void NeonGenWidenFn(TCGv_i64, TCGv_i32);
typedef void NeonGenTwoSingleOPFn(TCGv_i32, TCGv_i32, TCGv_i32, TCGv_ptr);
typedef void NeonGenTwoDoubleOPFn(TCGv_i64, TCGv_i64, TCGv_i64, TCGv_ptr);
@@ -6879,6 +6881,24 @@ static void disas_simd_shift_imm(DisasContext *s,
uint32_t insn)
}
}
+/* Generate code to do a long addition or subtraction, ie one done in
+ * TCGv_i64 on vector lanes twice the width specified by size.
+ */
+static void gen_neon_addl(int size, bool is_sub, TCGv_i64 tcg_res,
+ TCGv_i64 tcg_op1, TCGv_i64 tcg_op2)
+{
+static NeonGenTwo64OpFn * const fns[3][2] = {
+{ gen_helper_neon_addl_u16, gen_helper_neon_subl_u16 },
+{ gen_helper_neon_addl_u32, gen_helper_neon_subl_u32 },
+{ tcg_gen_add_i64, tcg_gen_sub_i64 },
+};
+NeonGenTwo64OpFn *genfn;
+assert(size 3);
+
+genfn = fns[size][is_sub];
+genfn(tcg_res, tcg_op1, tcg_op2);
+}
+
static void handle_3rd_widening(DisasContext *s, int is_q, int is_u, int size,
int opcode, int rd, int rn, int rm)
{
@@ -6934,6 +6954,12 @@ static void handle_3rd_widening(DisasContext *s, int
is_q, int is_u, int size,
}
switch (opcode) {
+case 0: /* SADDL, SADDL2, UADDL, UADDL2 */
+tcg_gen_add_i64(tcg_passres, tcg_op1, tcg_op2);
+break;
+case 2: /* SSUBL, SSUBL2, USUBL, USUBL2 */
+tcg_gen_sub_i64(tcg_passres, tcg_op1, tcg_op2);
+break;
case 5: /* SABAL, SABAL2, UABAL, UABAL2 */
case 7: /* SABDL, SABDL2, UABDL, UABDL2 */
{
@@ -6954,15 +6980,31 @@ static void handle_3rd_widening(DisasContext *s, int
is_q, int is_u, int size,
case 12: /* UMULL, UMULL2, SMULL, SMULL2 */
tcg_gen_mul_i64(tcg_passres, tcg_op1, tcg_op2);
break;
+case 9: /* SQDMLAL, SQDMLAL2 */
+case 11: /* SQDMLSL, SQDMLSL2 */
+case 13: /* SQDMULL, SQDMULL2 */
+tcg_gen_mul_i64(tcg_passres, tcg_op1, tcg_op2);
+gen_helper_neon_addl_saturate_s64(tcg_passres, cpu_env,
+ tcg_passres, tcg_passres);
+break;
default:
g_assert_not_reached();
}
-if (accop 0) {
+if (opcode == 9 || opcode == 11) {
+/* saturating accumulate ops */
+if (accop 0) {
+tcg_gen_neg_i64(tcg_passres, tcg_passres);
+}
+gen_helper_neon_addl_saturate_s64(tcg_res[pass], cpu_env,
+ tcg_res[pass], tcg_passres);
+} else if (accop 0) {
tcg_gen_add_i64(tcg_res[pass], tcg_res[pass], tcg_passres);
-tcg_temp_free_i64(tcg_passres);
} else if (accop 0) {
tcg_gen_sub_i64(tcg_res[pass], tcg_res[pass], tcg_passres);
+}
+
+if (accop != 0) {
tcg_temp_free_i64(tcg_passres);
}
@@ -6987,6 +7029,23 @@ static void handle_3rd_widening(DisasContext *s, int
is_q, int is_u, int size,
}
switch (opcode) {
+case 0: /* SADDL, SADDL2, UADDL, UADDL2 */
+case 2: /* SSUBL, SSUBL2, USUBL, USUBL2 */
+{
+TCGv_i64 tcg_op2_64 = tcg_temp_new_i64();
+static NeonGenWidenFn * const widenfns[2][2] = {
+{ gen_helper_neon_widen_s8, gen_helper_neon_widen_u8 },
+{ gen_helper_neon_widen_s16, gen_helper_neon_widen_u16 },
+};
+NeonGenWidenFn *widenfn = widenfns[size][is_u];
+
+widenfn(tcg_op2_64, tcg_op2);
+widenfn(tcg_passres, tcg_op1);
+gen_neon_addl(size, (opcode == 2), tcg_passres,
+ tcg_passres, tcg_op2_64);
+tcg_temp_free_i64(tcg_op2_64);
+break;
+
[Qemu-devel] [PATCH 3/6] target-arm: A64: Implement the wide 3-reg-different operations
Implement the wide three-reg-different operations:
SADDW, UADDW, SSUBW and USUBW.
Signed-off-by: Peter Maydell peter.mayd...@linaro.org
---
target-arm/translate-a64.c | 41 -
1 file changed, 40 insertions(+), 1 deletion(-)
diff --git a/target-arm/translate-a64.c b/target-arm/translate-a64.c
index 809fbdb..511f15e 100644
--- a/target-arm/translate-a64.c
+++ b/target-arm/translate-a64.c
@@ -7117,6 +7117,41 @@ static void handle_3rd_widening(DisasContext *s, int
is_q, int is_u, int size,
tcg_temp_free_i64(tcg_res[1]);
}
+static void handle_3rd_wide(DisasContext *s, int is_q, int is_u, int size,
+int opcode, int rd, int rn, int rm)
+{
+TCGv_i64 tcg_res[2];
+int part = is_q ? 2 : 0;
+int pass;
+
+for (pass = 0; pass 2; pass++) {
+TCGv_i64 tcg_op1 = tcg_temp_new_i64();
+TCGv_i32 tcg_op2 = tcg_temp_new_i32();
+TCGv_i64 tcg_op2_wide = tcg_temp_new_i64();
+static NeonGenWidenFn * const widenfns[3][2] = {
+{ gen_helper_neon_widen_s8, gen_helper_neon_widen_u8 },
+{ gen_helper_neon_widen_s16, gen_helper_neon_widen_u16 },
+{ tcg_gen_ext_i32_i64, tcg_gen_extu_i32_i64 },
+};
+NeonGenWidenFn *widenfn = widenfns[size][is_u];
+
+read_vec_element(s, tcg_op1, rn, pass, MO_64);
+read_vec_element_i32(s, tcg_op2, rm, part + pass, MO_32);
+widenfn(tcg_op2_wide, tcg_op2);
+tcg_temp_free_i32(tcg_op2);
+tcg_res[pass] = tcg_temp_new_i64();
+gen_neon_addl(size, (opcode == 3),
+ tcg_res[pass], tcg_op1, tcg_op2_wide);
+tcg_temp_free_i64(tcg_op1);
+tcg_temp_free_i64(tcg_op2_wide);
+}
+
+for (pass = 0; pass 2; pass++) {
+write_vec_element(s, tcg_res[pass], rd, pass, MO_64);
+tcg_temp_free_i64(tcg_res[pass]);
+}
+}
+
/* C3.6.15 AdvSIMD three different
* 31 30 29 28 24 23 22 21 20 16 1512 11 10 95 40
* +---+---+---+---+--+---+--++-+--+--+
@@ -7147,7 +7182,11 @@ static void disas_simd_three_reg_diff(DisasContext *s,
uint32_t insn)
case 1: /* SADDW, SADDW2, UADDW, UADDW2 */
case 3: /* SSUBW, SSUBW2, USUBW, USUBW2 */
/* 64 x 128 - 128 */
-unsupported_encoding(s, insn);
+if (size == 3) {
+unallocated_encoding(s);
+return;
+}
+handle_3rd_wide(s, is_q, is_u, size, opcode, rd, rn, rm);
break;
case 4: /* ADDHN, ADDHN2, RADDHN, RADDHN2 */
case 6: /* SUBHN, SUBHN2, RSUBHN, RSUBHN2 */
--
1.8.5
Re: [Qemu-devel] [PATCH 7/8] tcg/optimize: Optmize ANDC X, Y, Y to MOV X, 0
On Fri, Jan 31, 2014 at 08:47:02AM -0600, Richard Henderson wrote:
Like we already do for SUB and XOR.
Signed-off-by: Richard Henderson r...@twiddle.net
---
tcg/optimize.c | 1 +
1 file changed, 1 insertion(+)
diff --git a/tcg/optimize.c b/tcg/optimize.c
index cdfc746..a703f8c 100644
--- a/tcg/optimize.c
+++ b/tcg/optimize.c
@@ -945,6 +945,7 @@ static TCGArg *tcg_constant_folding(TCGContext *s,
uint16_t *tcg_opc_ptr,
/* Simplify expression for op r, a, a = movi r, 0 cases */
switch (op) {
+CASE_OP_32_64(andc):
CASE_OP_32_64(sub):
CASE_OP_32_64(xor):
if (temps_are_copies(args[1], args[2])) {
Reviewed-by: Aurelien Jarno aurel...@aurel32.net
--
Aurelien Jarno GPG: 1024D/F1BCDB73
aurel...@aurel32.net http://www.aurel32.net
Re: [Qemu-devel] [PATCH 8/8] tcg/optimize: Add more identity simplifications
On Fri, Jan 31, 2014 at 08:47:03AM -0600, Richard Henderson wrote:
Recognize 0 operand to andc, and -1 operands to and, orc, eqv.
Signed-off-by: Richard Henderson r...@twiddle.net
---
tcg/optimize.c | 39 ---
1 file changed, 24 insertions(+), 15 deletions(-)
diff --git a/tcg/optimize.c b/tcg/optimize.c
index a703f8c..8d7100e 100644
--- a/tcg/optimize.c
+++ b/tcg/optimize.c
@@ -716,7 +716,7 @@ static TCGArg *tcg_constant_folding(TCGContext *s,
uint16_t *tcg_opc_ptr,
break;
}
-/* Simplify expression for op r, a, 0 = mov r, a cases */
+/* Simplify expression for op r, a, const = mov r, a cases */
switch (op) {
CASE_OP_32_64(add):
CASE_OP_32_64(sub):
@@ -727,23 +727,32 @@ static TCGArg *tcg_constant_folding(TCGContext *s,
uint16_t *tcg_opc_ptr,
CASE_OP_32_64(rotr):
CASE_OP_32_64(or):
CASE_OP_32_64(xor):
-if (temps[args[1]].state == TCG_TEMP_CONST) {
-/* Proceed with possible constant folding. */
-break;
-}
-if (temps[args[2]].state == TCG_TEMP_CONST
+CASE_OP_32_64(andc):
+if (temps[args[1]].state != TCG_TEMP_CONST
+ temps[args[2]].state == TCG_TEMP_CONST
temps[args[2]].val == 0) {
-if (temps_are_copies(args[0], args[1])) {
-s-gen_opc_buf[op_index] = INDEX_op_nop;
-} else {
-s-gen_opc_buf[op_index] = op_to_mov(op);
-tcg_opt_gen_mov(s, gen_args, args[0], args[1]);
-gen_args += 2;
-}
-args += 3;
-continue;
+goto do_mov3;
}
break;
+CASE_OP_32_64(and):
+CASE_OP_32_64(orc):
+CASE_OP_32_64(eqv):
+if (temps[args[1]].state != TCG_TEMP_CONST
+ temps[args[2]].state == TCG_TEMP_CONST
+ temps[args[2]].val == -1) {
+goto do_mov3;
+}
+break;
+do_mov3:
+if (temps_are_copies(args[0], args[1])) {
+s-gen_opc_buf[op_index] = INDEX_op_nop;
+} else {
+s-gen_opc_buf[op_index] = op_to_mov(op);
+tcg_opt_gen_mov(s, gen_args, args[0], args[1]);
+gen_args += 2;
+}
+args += 3;
+continue;
default:
break;
}
Reviewed-by: Aurelien Jarno aurel...@aurel32.net
--
Aurelien Jarno GPG: 1024D/F1BCDB73
aurel...@aurel32.net http://www.aurel32.net
Re: [Qemu-devel] [PATCH v1 2/2] Revert error: Don't use error_report() for assertion msgs.
On 30 January 2014 08:00, Markus Armbruster arm...@redhat.com wrote: Peter Maydell peter.mayd...@linaro.org writes: [MacOSX doesn't pull in common symbols from .o files in .a archives] Not ugly, but a sensible move (in my opinion) regardless of this specific issue: compile with -fno-common. Then both become not common. `-fno-common' In C code, controls the placement of uninitialized global variables. Unix C compilers have traditionally permitted multiple definitions of such variables in different compilation units by placing the variables in a common block. This is the behavior specified by `-fcommon', and is the default for GCC on most targets. On the other hand, this behavior is not required by ISO C, and on some targets may carry a speed or code size penalty on variable references. The `-fno-common' option specifies that the compiler should place uninitialized global variables in the data section of the object file, rather than generating them as common blocks. This has the effect that if the same variable is declared (without `extern') in two different compilations, you will get a multiple-definition error when you link them. In this case, you must compile with `-fcommon' instead. Compiling with `-fno-common' is useful on targets for which it provides better performance, or if you wish to verify that the program will work on other systems that always treat uninitialized variable declarations this way. This seems to work. Judging by that description, we could build with -fno-common everywhere. That would mean that accidentally declaring the same variable in two compilation units was a compile failure everywhere rather than just on MacOSX, which I think is preferable. Is there any reason we shouldn't just build with -fno-common for all platforms and compilers? thanks -- PMM
Re: [Qemu-devel] [PATCH v3] Fix QEMU build on OpenBSD on x86 archs
On 26/01/14 1:06 PM, Paolo Bonzini wrote: Il 26/01/2014 02:37, Brad Smith ha scritto: Reviewed-by: Stefan Hajnoczi stefa...@redhat.com Is there some sort of process I am missing to have build fixes commited so that QEMU actually builds? Right now we have problems getting patches committed at all. This patch and the other NetBSD patch is not lost. Paolo ping. -- This message has been scanned for viruses and dangerous content by MailScanner, and is believed to be clean.
[Qemu-devel] [PATCH] Sun4m : SCSI ESP controller
Two small fixes for the ESP (AM53C94) SCSI controller
* Signal the end of the DMA transfer after a SCSI command.
* The status register (RSTAT) is cleared after reading the interrupt
status register (RINTR), except for the TC bit (=Count To Zero) and the
scsi phase bits, which mirror SCSI signals levels.
Fixes the bug esp0: !TC on DATA XFER with NetBSD
https://bugs.launchpad.net/qemu/+bug/1055090
Signed-off-by: Olivier Danet oda...@caramail.com
---
hw/scsi/esp.c | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/hw/scsi/esp.c b/hw/scsi/esp.c
index 2d150bf..5e91077 100644
--- a/hw/scsi/esp.c
+++ b/hw/scsi/esp.c
@@ -246,6 +246,7 @@ static void esp_do_dma(ESPState *s)
s-cmdlen = 0;
s-do_cmd = 0;
do_cmd(s, s-cmdbuf);
+esp_dma_done(s);
return;
}
if (s-async_len == 0) {
@@ -417,10 +418,9 @@ uint64_t esp_reg_read(ESPState *s, uint32_t saddr)
except TC */
old_val = s-rregs[ESP_RINTR];
s-rregs[ESP_RINTR] = 0;
-s-rregs[ESP_RSTAT] = ~STAT_TC;
s-rregs[ESP_RSEQ] = SEQ_CD;
esp_lower_irq(s);
-
+s-rregs[ESP_RSTAT] = STAT_TC | STAT_MI;
return old_val;
default:
break;
--
1.8.1.5
[Qemu-devel] [PATCH] Sun4m: Set HostID in NVRAM
Ping. Repost ! On 30/12/2013 15:02, Artyom Tarasenko wrote: On Mon, Dec 30, 2013 at 12:51 AM, Olivier Danet oda...@caramail.com wrote: On SparcStations, the HostID field in the NVRAM is equal to the last three bytes of the MAC address (which is also stored in the NVRAM). This constant is used as an identification/serial number on Solaris. signed-off-by : Olivier Danet oda...@caramail.com Corresponds with http://www.squirrel.com/squirrel/sun-nvram-hostid.faq and Solaris 9 detects the hostid after this patch fine, so Reviewed-by: Artyom Tarasenko atar4q...@gmail.com --- include/hw/nvram/openbios_firmware_abi.h | 2 ++ 1 file changed, 2 insertions(+) diff --git a/include/hw/nvram/openbios_firmware_abi.h b/include/hw/nvram/openbios_firmware_abi.h index 5e6e5d4..492c8d5 100644 --- a/include/hw/nvram/openbios_firmware_abi.h +++ b/include/hw/nvram/openbios_firmware_abi.h @@ -62,6 +62,8 @@ Sun_init_header(struct Sun_nvram *header, const uint8_t *macaddr, int machine_id header-type = 1; header-machine_id = machine_id 0xff; memcpy(header-macaddr, macaddr, 6); +memcpy(header-hostid , macaddr[3],3); + /* Calculate checksum */ tmp = 0; tmpptr = (uint8_t *)header; -- 1.8.1.5
[Qemu-devel] [PATCH] Sun4m : Timer RUN/STOP bit.
The Sun4m architecture has one 'system' timer and one timer per CPU.
The CPU timers can be configured in two modes :
* 22bits Counter/Timer. Periodic interrupts.
* 54bits User timer. For profiling. In this mode, the Run/Stop bit
controls the timer.
The run/stop bit controls the timer only when it is in User mode, but
its state shall be persistent.
Signed-off-by: Olivier Danet oda...@caramail.com
---
hw/timer/slavio_timer.c | 25 ++---
1 file changed, 10 insertions(+), 15 deletions(-)
diff --git a/hw/timer/slavio_timer.c b/hw/timer/slavio_timer.c
index f75b914..e4dccea 100644
--- a/hw/timer/slavio_timer.c
+++ b/hw/timer/slavio_timer.c
@@ -51,7 +51,7 @@ typedef struct CPUTimerState {
ptimer_state *timer;
uint32_t count, counthigh, reached;
/* processor only */
-uint32_t running;
+uint32_t run;
uint64_t limit;
} CPUTimerState;
@@ -177,7 +177,7 @@ static uint64_t slavio_timer_mem_readl(void *opaque,
hwaddr addr,
// only available in processor counter/timer
// read start/stop status
if (timer_index 0) {
-ret = t-running;
+ret = t-run;
} else {
ret = 0;
}
@@ -260,16 +260,15 @@ static void slavio_timer_mem_writel(void *opaque,
hwaddr addr,
case TIMER_STATUS:
if (slavio_timer_is_user(tc)) {
// start/stop user counter
-if ((val 1) !t-running) {
+if (val 1) {
trace_slavio_timer_mem_writel_status_start(timer_index);
ptimer_run(t-timer, 0);
-t-running = 1;
-} else if (!(val 1) t-running) {
+} else {
trace_slavio_timer_mem_writel_status_stop(timer_index);
ptimer_stop(t-timer);
-t-running = 0;
}
}
+t-run = val 1;
break;
case TIMER_MODE:
if (timer_index == 0) {
@@ -284,8 +283,9 @@ static void slavio_timer_mem_writel(void *opaque,
hwaddr addr,
if (val processor) { // counter - user timer
qemu_irq_lower(curr_timer-irq);
// counters are always running
-ptimer_stop(curr_timer-timer);
-curr_timer-running = 0;
+if (!curr_timer-run) {
+ptimer_stop(curr_timer-timer);
+}
// user timer limit is always the same
curr_timer-limit = TIMER_MAX_COUNT64;
ptimer_set_limit(curr_timer-timer,
@@ -296,13 +296,8 @@ static void slavio_timer_mem_writel(void *opaque,
hwaddr addr,
s-cputimer_mode |= processor;
trace_slavio_timer_mem_writel_mode_user(timer_index);
} else { // user timer - counter
-// stop the user timer if it is running
-if (curr_timer-running) {
-ptimer_stop(curr_timer-timer);
-}
// start the counter
ptimer_run(curr_timer-timer, 0);
-curr_timer-running = 1;
// clear this processors user timer bit in config
// register
s-cputimer_mode = ~processor;
@@ -340,7 +335,7 @@ static const VMStateDescription vmstate_timer = {
VMSTATE_UINT32(count, CPUTimerState),
VMSTATE_UINT32(counthigh, CPUTimerState),
VMSTATE_UINT32(reached, CPUTimerState),
-VMSTATE_UINT32(running, CPUTimerState),
+VMSTATE_UINT32(run, CPUTimerState),
VMSTATE_PTIMER(timer, CPUTimerState),
VMSTATE_END_OF_LIST()
}
@@ -373,7 +368,7 @@ static void slavio_timer_reset(DeviceState *d)
ptimer_set_limit(curr_timer-timer,
LIMIT_TO_PERIODS(TIMER_MAX_COUNT32), 1);
ptimer_run(curr_timer-timer, 0);
-curr_timer-running = 1;
+curr_timer-run = 1;
}
}
s-cputimer_mode = 0;
--
1.8.1.5
[Qemu-devel] [PATCH 0/1] Sun4m : TCX framebuffer hardware acceleration
This patch adds hardware acceleration to QEMU's existing TCX emulation. Some features (the hardware cursor particularly) depends on properties set by OpenBIOS. Here is, for testing, the corresponding OpenBIOS TCX forth driver. These modifications are not yet comitted into OpenBIOS trunk. OpenBIOS diff : http://temlib.org/pub/openbios_tcx.diff Binary : http://temlib.org/pub/QEMU,tcx.bin O.Danet
[Qemu-devel] [PATCH 1/1] Sun4m : TCX framebuffer hardware acceleration
The S24/TCX framebuffer is a mildly accelerated video card, with
blitter, stippler and hardware cursor.
* Solaris and NetBSD 6.x use all the hardware acceleration features.
* The Xorg driver (used by Linux) can use the hardware cursor only.
This patch implements hardware acceleration in both 8bits and 24bits
modes. It is based on the NetBSD driver sources and from tests with Solaris.
Signed-off-by: Olivier Danet oda...@caramail.com
---
hw/display/tcx.c | 679
+--
hw/sparc/sun4m.c | 46 ++--
2 files changed, 589 insertions(+), 136 deletions(-)
diff --git a/hw/display/tcx.c b/hw/display/tcx.c
index 873b82c..bcd64e5 100644
--- a/hw/display/tcx.c
+++ b/hw/display/tcx.c
@@ -33,17 +33,26 @@
#define MAXX 1024
#define MAXY 768
-#define TCX_DAC_NREGS 16
-#define TCX_THC_NREGS_8 0x081c
-#define TCX_THC_NREGS_24 0x1000
+#define TCX_DAC_NREGS16
+#define TCX_THC_NREGS0x1000
+#define TCX_DHC_NREGS0x4000
#define TCX_TEC_NREGS0x1000
+#define TCX_ALT_NREGS0x8000
+#define TCX_STIP_NREGS 0x80
+#define TCX_BLIT_NREGS 0x80
+#define TCX_RSTIP_NREGS 0x80
+#define TCX_RBLIT_NREGS 0x80
+
+#define TCX_THC_MISC 0x818
+#define TCX_THC_CURSXY 0x8fc
+#define TCX_THC_CURSMASK 0x900
+#define TCX_THC_CURSBITS 0x980
#define TYPE_TCX SUNW,tcx
#define TCX(obj) OBJECT_CHECK(TCXState, (obj), TYPE_TCX)
typedef struct TCXState {
SysBusDevice parent_obj;
-
QemuConsole *con;
uint8_t *vram;
uint32_t *vram24, *cplane;
@@ -52,17 +61,30 @@ typedef struct TCXState {
MemoryRegion vram_mem;
MemoryRegion vram_8bit;
MemoryRegion vram_24bit;
+MemoryRegion stip;
+MemoryRegion blit;
MemoryRegion vram_cplane;
-MemoryRegion dac;
+MemoryRegion rstip;
+MemoryRegion rblit;
MemoryRegion tec;
+MemoryRegion dac;
+MemoryRegion thc;
+MemoryRegion dhc;
+MemoryRegion alt;
MemoryRegion thc24;
-MemoryRegion thc8;
+
ram_addr_t vram24_offset, cplane_offset;
+uint32_t tmpblit;
uint32_t vram_size;
-uint32_t palette[256];
-uint8_t r[256], g[256], b[256];
+uint32_t palette[260];
+uint8_t r[260], g[260], b[260];
uint16_t width, height, depth;
uint8_t dac_index, dac_state;
+uint32_t thcmisc;
+uint32_t cursmask[32];
+uint32_t cursbits[32];
+uint16_t cursx;
+uint16_t cursy;
} TCXState;
static void tcx_set_dirty(TCXState *s)
@@ -70,10 +92,36 @@ static void tcx_set_dirty(TCXState *s)
memory_region_set_dirty(s-vram_mem, 0, MAXX * MAXY);
}
-static void tcx24_set_dirty(TCXState *s)
+static inline int tcx24_check_dirty(TCXState *s, ram_addr_t page,
+ram_addr_t page24, ram_addr_t cpage)
{
-memory_region_set_dirty(s-vram_mem, s-vram24_offset, MAXX * MAXY
* 4);
-memory_region_set_dirty(s-vram_mem, s-cplane_offset, MAXX * MAXY
* 4);
+int ret;
+
+ret = memory_region_get_dirty(s-vram_mem, page, TARGET_PAGE_SIZE,
+ DIRTY_MEMORY_VGA);
+ret |= memory_region_get_dirty(s-vram_mem, page24,
TARGET_PAGE_SIZE * 4,
+ DIRTY_MEMORY_VGA);
+ret |= memory_region_get_dirty(s-vram_mem, cpage,
TARGET_PAGE_SIZE * 4,
+ DIRTY_MEMORY_VGA);
+return ret;
+}
+
+static inline void tcx24_reset_dirty(TCXState *ts, ram_addr_t page_min,
+ ram_addr_t page_max, ram_addr_t page24,
+ ram_addr_t cpage)
+{
+memory_region_reset_dirty(ts-vram_mem,
+ page_min,
+ (page_max - page_min) + TARGET_PAGE_SIZE,
+ DIRTY_MEMORY_VGA);
+memory_region_reset_dirty(ts-vram_mem,
+ page24 + page_min * 4,
+ (page_max - page_min) * 4 + TARGET_PAGE_SIZE,
+ DIRTY_MEMORY_VGA);
+memory_region_reset_dirty(ts-vram_mem,
+ cpage + page_min * 4,
+ (page_max - page_min) * 4 + TARGET_PAGE_SIZE,
+ DIRTY_MEMORY_VGA);
}
static void update_palette_entries(TCXState *s, int start, int end)
@@ -102,11 +150,7 @@ static void update_palette_entries(TCXState *s, int
start, int end)
break;
}
}
-if (s-depth == 24) {
-tcx24_set_dirty(s);
-} else {
-tcx_set_dirty(s);
-}
+tcx_set_dirty(s);
}
static void tcx_draw_line32(TCXState *s1, uint8_t *d,
@@ -116,7 +160,7 @@ static void tcx_draw_line32(TCXState *s1, uint8_t *d,
uint8_t val;
uint32_t *p = (uint32_t *)d;
-for(x = 0; x width; x++) {
+for (x = 0; x width; x++) {
val = *s++;
*p++ = s1-palette[val];
}
@@ -129,7 +173,7 @@ static void tcx_draw_line16(TCXState *s1, uint8_t *d,
uint8_t val;
uint16_t *p = (uint16_t *)d;
-for(x = 0; x
Re: [Qemu-devel] [PATCH v8 01/17] Convert -mem-path to QemuOpts and add prealloc and share properties
Il 15/02/2014 19:10, Michael Tokarev ha scritto: 13 февраля 2014 г. 16:03:12 GMT+04:00, Antonios Motakis a.mota...@virtualopensystems.com пишет: Extend -mem-path with additional properties: - prealloc=on|off - default off, same as -mem-prealloc - share=on|off - default off, memory is mmapped with MAP_SHARED Maybe we should combine -m and -mem-path options together to form something more sane? It's on the way: it would be something like -object mem-file,size=1024M,path=/path/to/foo,share=on,prealloc=on,id=mem \ -numa node,memdev=mem using the same host/guest split model that is already in use in many other places. Not 2.0 material though. Paolo
Re: [Qemu-devel] [PATCH v3 21/31] target-arm: Implement AArch64 DAIF system register
On Sun, Feb 16, 2014 at 2:07 AM, Peter Maydell peter.mayd...@linaro.org wrote:
Implement the DAIF system register which is a view of the
DAIF bits in PSTATE.
Signed-off-by: Peter Maydell peter.mayd...@linaro.org
Reviewed-by: Peter Crosthwaite peter.crosthwa...@xilinx.com
---
target-arm/helper.c | 24
1 file changed, 24 insertions(+)
diff --git a/target-arm/helper.c b/target-arm/helper.c
index 367fbbe..c50ca5a 100644
--- a/target-arm/helper.c
+++ b/target-arm/helper.c
@@ -1589,6 +1589,25 @@ static void aa64_fpsr_write(CPUARMState *env, const
ARMCPRegInfo *ri,
vfp_set_fpsr(env, value);
}
+static CPAccessResult aa64_daif_access(CPUARMState *env, const ARMCPRegInfo
*ri)
+{
+if (arm_current_pl(env) == 0 !(env-cp15.c1_sys SCTLR_UMA)) {
+return CP_ACCESS_TRAP;
+}
+return CP_ACCESS_OK;
+}
+
+static uint64_t aa64_daif_read(CPUARMState *env, const ARMCPRegInfo *ri)
+{
+return env-daif;
+}
Is it better to just define the .fieldoffset and do away with the
default-behaving read handler? My understanding is this will avoid a
call out to helper context when running under TCG as well, leading to
a slight perf increase.
Regards,
Peter
+
+static void aa64_daif_write(CPUARMState *env, const ARMCPRegInfo *ri,
+uint64_t value)
+{
+env-daif = value PSTATE_DAIF;
+}
+
static CPAccessResult aa64_cacheop_access(CPUARMState *env,
const ARMCPRegInfo *ri)
{
@@ -1632,6 +1651,11 @@ static const ARMCPRegInfo v8_cp_reginfo[] = {
{ .name = NZCV, .state = ARM_CP_STATE_AA64,
.opc0 = 3, .opc1 = 3, .opc2 = 0, .crn = 4, .crm = 2,
.access = PL0_RW, .type = ARM_CP_NZCV },
+{ .name = DAIF, .state = ARM_CP_STATE_AA64,
+ .opc0 = 3, .opc1 = 3, .opc2 = 1, .crn = 4, .crm = 2,
+ .type = ARM_CP_NO_MIGRATE,
+ .access = PL0_RW, .accessfn = aa64_daif_access,
+ .readfn = aa64_daif_read, .writefn = aa64_daif_write },
{ .name = FPCR, .state = ARM_CP_STATE_AA64,
.opc0 = 3, .opc1 = 3, .opc2 = 0, .crn = 4, .crm = 4,
.access = PL0_RW, .readfn = aa64_fpcr_read, .writefn = aa64_fpcr_write
},
--
1.8.5
[Qemu-devel] Broken build slaves
What's up with the broken build slaves? What changed over a week ago that has resulted in a bunch of them failing to work at all? -- This message has been scanned for viruses and dangerous content by MailScanner, and is believed to be clean.
[Qemu-devel] [PATCH target-arm v6 1/1] target-arm: Implements the ARM PMCCNTR register
This patch implements the ARM PMCCNTR register including
the disable and reset components of the PMCR register.
Signed-off-by: Alistair Francis alistair.fran...@xilinx.com
---
This patch assumes that non-invasive debugging is not permitted
when determining if the counter is disabled
V6: Rebase to include Peter Maydell's 'Convert performance monitor
reginfo to accesfn' patch. Remove the raw_fn's as the read/write
functions already do what is required.
V5: Implement the actual write function to make sure that
migration works correctly. Also includes the raw_read/write as
the normal read/write functions depend on the pmcr register. So
they don't allow for the pmccntr register to be written first.
V4: Some bug fixes pointed out by Peter Crosthwaite. Including
increasing the accuracy of the timer.
V3: Fixed up incorrect reset, disable and enable handling that
was submitted in V2. The patch should now also handle changing
of the clock scaling.
V2: Incorporated the comments that Peter Maydell and Peter
Crosthwaite had. Now the implementation only requires one
CPU state
target-arm/cpu.h|4 ++
target-arm/helper.c | 86 +-
2 files changed, 88 insertions(+), 2 deletions(-)
diff --git a/target-arm/cpu.h b/target-arm/cpu.h
index 3c8a2db..14fd1ae 100644
--- a/target-arm/cpu.h
+++ b/target-arm/cpu.h
@@ -215,6 +215,10 @@ typedef struct CPUARMState {
uint32_t c15_diagnostic; /* diagnostic register */
uint32_t c15_power_diagnostic;
uint32_t c15_power_control; /* power control */
+/* If the counter is enabled, this stores the last time the counter
+ * was reset. Otherwise it stores the counter value
+ */
+uint32_t c15_ccnt;
} cp15;
struct {
diff --git a/target-arm/helper.c b/target-arm/helper.c
index b547f04..abc2eb0 100644
--- a/target-arm/helper.c
+++ b/target-arm/helper.c
@@ -13,6 +13,12 @@ static inline int get_phys_addr(CPUARMState *env, uint32_t
address,
target_ulong *page_size);
#endif
+/* Definitions for the PMCCNTR and PMCR registers */
+#define PMCRDP 0x20
+#define PMCRD 0x8
+#define PMCRC 0x4
+#define PMCRE 0x1
+
static int vfp_gdb_get_reg(CPUARMState *env, uint8_t *buf, int reg)
{
int nregs;
@@ -478,9 +484,41 @@ static CPAccessResult pmreg_access(CPUARMState *env, const
ARMCPRegInfo *ri)
static void pmcr_write(CPUARMState *env, const ARMCPRegInfo *ri,
uint64_t value)
{
+uint32_t temp_ticks;
+
+temp_ticks = qemu_clock_get_us(QEMU_CLOCK_VIRTUAL) *
+ get_ticks_per_sec() / 100;
+
+/* This assumes that non-invasive debugging is not permitted */
+if (!(env-cp15.c9_pmcr PMCRDP) ||
+env-cp15.c9_pmcr PMCRE) {
+/* If the counter is enabled */
+if (env-cp15.c9_pmcr PMCRDP) {
+/* Increment once every 64 processor clock cycles */
+env-cp15.c15_ccnt = (temp_ticks/64) - env-cp15.c15_ccnt;
+} else {
+env-cp15.c15_ccnt = temp_ticks - env-cp15.c15_ccnt;
+}
+}
+
+if (value PMCRC) {
+/* The counter has been reset */
+env-cp15.c15_ccnt = 0;
+}
+
/* only the DP, X, D and E bits are writable */
env-cp15.c9_pmcr = ~0x39;
env-cp15.c9_pmcr |= (value 0x39);
+
+/* This assumes that non-invasive debugging is not permitted */
+if (!(env-cp15.c9_pmcr PMCRDP) ||
+env-cp15.c9_pmcr PMCRE) {
+if (env-cp15.c9_pmcr PMCRDP) {
+/* Increment once every 64 processor clock cycles */
+temp_ticks /= 64;
+}
+env-cp15.c15_ccnt = temp_ticks - env-cp15.c15_ccnt;
+}
}
static void pmcntenset_write(CPUARMState *env, const ARMCPRegInfo *ri,
@@ -536,6 +574,50 @@ static void vbar_write(CPUARMState *env, const
ARMCPRegInfo *ri,
env-cp15.c12_vbar = value ~0x1Ful;
}
+static uint64_t pmccntr_read(CPUARMState *env, const ARMCPRegInfo *ri)
+{
+uint32_t total_ticks;
+
+/* This assumes that non-invasive debugging is not permitted */
+if (env-cp15.c9_pmcr PMCRDP ||
+!(env-cp15.c9_pmcr PMCRE)) {
+/* Counter is disabled, do not change value */
+return env-cp15.c15_ccnt;
+}
+
+total_ticks = qemu_clock_get_us(QEMU_CLOCK_VIRTUAL) *
+ get_ticks_per_sec() / 100;
+
+if (env-cp15.c9_pmcr PMCRDP) {
+/* Increment once every 64 processor clock cycles */
+total_ticks /= 64;
+}
+return total_ticks - env-cp15.c15_ccnt;
+}
+
+static void pmccntr_write(CPUARMState *env, const ARMCPRegInfo *ri,
+uint64_t value)
+{
+uint32_t total_ticks;
+
+/* This assumes that non-invasive debugging is not permitted */
+if (env-cp15.c9_pmcr PMCRDP ||
+!(env-cp15.c9_pmcr PMCRE)) {
+/* Counter is disabled, set the absolute value */
+env-cp15.c15_ccnt = value;
+return;
+}
+
+total_ticks =
Re: [Qemu-devel] [PATCH V6 03/10] qapi script: check correctness of discriminator values in union
于 2014/2/14 17:23, Markus Armbruster 写道:
Wenchao Xia xiaw...@linux.vnet.ibm.com writes:
于 2014/2/13 23:14, Markus Armbruster 写道:
Wenchao Xia xiaw...@linux.vnet.ibm.com writes:
It will check whether the values specified are written correctly,
and whether all enum values are covered, when discriminator is a
pre-defined enum type
Signed-off-by: Wenchao Xia xiaw...@linux.vnet.ibm.com
Reviewed-by: Eric Blake ebl...@redhat.com
---
scripts/qapi-visit.py | 17 +
scripts/qapi.py | 31 +++
2 files changed, 48 insertions(+), 0 deletions(-)
diff --git a/scripts/qapi-visit.py b/scripts/qapi-visit.py
index 65f1a54..c0efb5f 100644
--- a/scripts/qapi-visit.py
+++ b/scripts/qapi-visit.py
@@ -255,6 +255,23 @@ def generate_visit_union(expr):
assert not base
return generate_visit_anon_union(name, members)
+# If discriminator is specified and it is a pre-defined enum in schema,
+# check its correctness
+enum_define = discriminator_find_enum_define(expr)
+if enum_define:
+for key in members:
+if not key in enum_define[enum_values]:
+sys.stderr.write(Discriminator value '%s' is not found in
+ enum '%s'\n %
+ (key, enum_define[enum_name]))
+sys.exit(1)
Can this happen? If yes, why isn't it diagnosed in qapi.py, like all
the other semantic errors?
I think the parse procedure contains two part:
1 read qapi-schema.json and parse it into exprs.
2 translate exprs into final output.
Looking at qapi.py, qapi-visit.py, qapi-types.py, it seems qapi.py is
in charge of step 1 handling literal error, and other two script are in
charge of step 2. The above error can be only detected in step 2 after
all enum defines are remembered in step 1, so I didn't add those things
into qapi.py.
The distribution of work between the qapi*py isn't spelled out anywhere,
but my working hypothesis is qapi.py is the frontend, and the
qapi-{commands,types,visit}.py are backends.
The frontend's job is lexical, syntax and semantic analysis.
The backends' job is source code generation.
This isn't the only possible split, but it's the orthodox way to split
compilers.
I guess you want to place the check inside parse_schema() to let
test case detect it easier, one way to go is, let qapi.py do checks
for step 2:
def parse_schema(fp):
try:
schema = QAPISchema(fp)
except QAPISchemaError, e:
print sys.stderr, e
exit(1)
exprs = []
for expr in schema.exprs:
if expr.has_key('enum'):
add_enum(expr['enum'])
elif expr.has_key('union'):
add_union(expr)
add_enum('%sKind' % expr['union'])
elif expr.has_key('type'):
add_struct(expr)
exprs.append(expr)
+for expr in schema.exprs:
+if expr.has_key('union'):
+#check code
return exprs
This way qapi.py can detect such errors. Disadvantage is that,
qapi.py is invloved for step 2 things, so some code in qapi.py
and qapi-visit.py may be dupicated, here the if union...
discriminator code may appear in both qapi.py and qapi-visit.py.
How much code would be duplicated?
Not many now, my concern is it may becomes more complex
when more check introduced in future.
However, your distribution of qapi*.py as complier make
sense, so I am OK to respin this series.
Luiz, could you apply or push Markus's series, so I
can pull it as my working base?
+for key in enum_define[enum_values]:
+if not key in members:
+ sys.stderr.write(Enum value '%s' is not covered by a branch
+ of union '%s'\n %
+ (key, name))
+sys.exit(1)
+
Likewise.
ret = generate_visit_enum('%sKind' % name, members.keys())
if base:
diff --git a/scripts/qapi.py b/scripts/qapi.py
index cf34768..0a3ab80 100644
--- a/scripts/qapi.py
+++ b/scripts/qapi.py
@@ -385,3 +385,34 @@ def guardend(name):
''',
name=guardname(name))
+
The funtions below are likely helper funtions, I planed to put them
into qapi_helper.py, but they are not much so kepted for easy.
That's fine with me.
+# This function can be used to check whether base is valid
+def find_base_fields(base):
+base_struct_define = find_struct(base)
+if not base_struct_define:
+return None
+return base_struct_define.get('data')
+
+# Return the discriminator enum define, if discriminator is specified in
+# @expr and it is a pre-defined enum type
+def discriminator_find_enum_define(expr):
+discriminator = expr.get('discriminator')
+base = expr.get('base')
+
+# Only support discriminator when base present
+if not (discriminator and base):
+return None
+
+base_fields = find_base_fields(base)
+
+if not base_fields:
+
[Qemu-devel] who do a send a link request to
PetiteCloud is a layer 0 cloud platform (see site for details of what that means and how it fits into the virtualization/cloud computing land scape) that supports among other hypervisors (I know qemu hates the term but that's what everyone else calls) QEMU. How do I go about getting a link on qemu.org for it (we already have several to qemu for example in our hypervisor support matrix) -- Aryeh M. Friedman, Lead Developer, http://www.PetiteCloud.org
[Qemu-devel] [PATCH] virtio-net: only output the vlan table when VIRTIO_NET_F_CTRL_VLAN is negotiated
Stefan Fritsch just fixed a virtio-net driver bug [1], virtio-net won't
filter out VLAN-tagged packets if VIRTIO_NET_F_CTRL_VLAN isn't negotiated.
We should also not send the vlan table to management, this patch makes
the vlan-talbe optional.
[1] http://lists.nongnu.org/archive/html/qemu-devel/2014-02/msg02604.html
Signed-off-by: Amos Kong ak...@redhat.com
---
hw/net/virtio-net.c | 38 +-
qapi-schema.json| 4 ++--
qmp-commands.hx | 2 +-
3 files changed, 28 insertions(+), 16 deletions(-)
diff --git a/hw/net/virtio-net.c b/hw/net/virtio-net.c
index 3626608..0b32e6a 100644
--- a/hw/net/virtio-net.c
+++ b/hw/net/virtio-net.c
@@ -222,13 +222,33 @@ static char *mac_strdup_printf(const uint8_t *mac)
mac[1], mac[2], mac[3], mac[4], mac[5]);
}
+static intList *get_vlan_table(VirtIONet *n)
+{
+intList *list, *entry;
+int i, j;
+
+list = NULL;
+for (i = 0; i MAX_VLAN 5; i++) {
+for (j = 0; n-vlans[i] j 0x1f; j++) {
+if (n-vlans[i] (1U j)) {
+entry = g_malloc0(sizeof(*entry));
+entry-value = (i 5) + j;
+entry-next = list;
+list = entry;
+}
+}
+}
+
+return list;
+}
+
static RxFilterInfo *virtio_net_query_rxfilter(NetClientState *nc)
{
VirtIONet *n = qemu_get_nic_opaque(nc);
+VirtIODevice *vdev = VIRTIO_DEVICE(n);
RxFilterInfo *info;
strList *str_list, *entry;
-intList *int_list, *int_entry;
-int i, j;
+int i;
info = g_malloc0(sizeof(*info));
info-name = g_strdup(nc-name);
@@ -274,18 +294,10 @@ static RxFilterInfo
*virtio_net_query_rxfilter(NetClientState *nc)
}
info-multicast_table = str_list;
-int_list = NULL;
-for (i = 0; i MAX_VLAN 5; i++) {
-for (j = 0; n-vlans[i] j 0x1f; j++) {
-if (n-vlans[i] (1U j)) {
-int_entry = g_malloc0(sizeof(*int_entry));
-int_entry-value = (i 5) + j;
-int_entry-next = int_list;
-int_list = int_entry;
-}
-}
+if ((1 VIRTIO_NET_F_CTRL_VLAN) vdev-guest_features) {
+info-has_vlan_table = true;
+info-vlan_table = get_vlan_table(n);
}
-info-vlan_table = int_list;
/* enable event notification after query */
nc-rxfilter_notify_enabled = 1;
diff --git a/qapi-schema.json b/qapi-schema.json
index 7cfb5e5..5d48fa9 100644
--- a/qapi-schema.json
+++ b/qapi-schema.json
@@ -4034,7 +4034,7 @@
#
# @main-mac: the main macaddr string
#
-# @vlan-table: a list of active vlan id
+# @vlan-table: #optional a list of active vlan id
#
# @unicast-table: a list of unicast macaddr string
#
@@ -4053,7 +4053,7 @@
'multicast-overflow': 'bool',
'unicast-overflow': 'bool',
'main-mac': 'str',
-'vlan-table': ['int'],
+'*vlan-table': ['int'],
'unicast-table': ['str'],
'multicast-table':['str'] }}
diff --git a/qmp-commands.hx b/qmp-commands.hx
index cce6b81..a1c1dfa 100644
--- a/qmp-commands.hx
+++ b/qmp-commands.hx
@@ -3308,7 +3308,7 @@ Each array entry contains the following:
- multicast-overflow: multicast table is overflowed (json-bool)
- unicast-overflow: unicast table is overflowed (json-bool)
- main-mac: main macaddr string (json-string)
-- vlan-table: a json-array of active vlan id
+- vlan-table: a json-array of active vlan id (optoinal)
- unicast-table: a json-array of unicast macaddr string
- multicast-table: a json-array of multicast macaddr string
--
1.8.5.3
Re: [Qemu-devel] qemu_rdma_cleanup seg - related to 5a91337?
On 02/06/2014 08:26 PM, Dr. David Alan Gilbert wrote:
Hi Isaku,
I hit a seg in qemu_rdma_cleanup in the code changed by your
'[PATCH] rdma: clean up of qemu_rdma_cleanup()'
migration-rdma.c ~ 2241
if (rdma-qp) {
rdma_destroy_qp(rdma-cm_id);
rdma-qp = NULL;
}
Your patch changed that to free cm_id at that point rather than
qp; but in my case cm_id is NULL and so rdma_destroy_qp segs.
given that there is a :
if (rdma-cm_id) {
rdma_destroy_id(rdma-cm_id);
rdma-cm_id = NULL;
}
later down, and there is now no longer any destroy of rdma-qp
I don't understand your change.
Your change text says:
'- RDMAContext::qp is created by rdma_create_qp() so that it should be
destroyed
by rdma_destroy_qp(). not ibv_destroy_qp()'
but the diff is:
if (rdma-qp) {
-ibv_destroy_qp(rdma-qp);
+rdma_destroy_qp(rdma-cm_id);
rdma-qp = NULL;
should that have been rdma_destroy_qp(rdma-qp)?
Dave (who doesn't yet know enough RDMA to be dangerous)
--
Dr. David Alan Gilbert / dgilb...@redhat.com / Manchester, UK
Responding for Isaku. Thanks for reporting the bug, but I need some help
in tracking down the cause of the bug, see below.
Actually, the parameter rdma-cm_id to the function is correct, it's just
that the variable never got initialized in the first place, which means
that either
the connection never got established or an early error happened during
the migration that required cleaning up the identifier.
Can you describe the conditions of the migration and the environment?
1. Did you migrate only one VM? Was the host under heavy load?
2. Did your migration lose connectivity? Did one of the hosts crash?
3. Was the connection abruptly broken for some reason?
4. Did you ever cancel the migration at some point and restart?
5. Did you use libvirt?
A simple fix would be to surround the rdma_destroy_qp() call with a check
to see if rdma-cm_id is valid, but that doesn't answer why rdma-cm_id
would be invalid
in the first place.
I need some additional information to try to reproduce the conditions of
the bug.
Thanks!
- Michael Hines
[Qemu-devel] [PATCH] acpi-build: append description for non-hotplug
As reported in
http://article.gmane.org/gmane.comp.emulators.qemu/253987
Mac OSX actually requires describing all occupied slots
in ACPI - even if hotplug isn't enabled.
I didn't expect this so I dropped description of all
non hotpluggable slots from ACPI.
As a result: before
commit 99fd437dee468609de8218f0eb3b16621fb6a9c9 (enable
hotplug for pci bridges), PCI cards show up in the device tree of OS X
(System Information). E.g., on MountainLion users have:
Hardware - PCI Cards:
Card Type Driver Installed Slot
*ethernet Ethernet Controller Yes PCI Slot 2
pci8086,2934 USB UHC Yes PCI Slot 29
ethernet:
Type: Ethernet Controller
Driver Installed: Yes
MSI: No
Bus: PCI
Slot PCI Slot 2
Vendor ID:0x8086
Device ID:0x100e
Subsystem Vendor ID: 0x1af4
Subsystem ID: 0x1100
Revision ID: 0x0003
Hardware - Ethernet Cards
ethernet:
Type: Ethernet Controller
Bus: PCI
Slot PCI Slot 2
Vendor ID:0x8086
Device ID:0x100e
Subsystem Vendor ID: 0x1af4
Subsystem ID: 0x1100
Revision ID: 0x0003
BSD name: en0
Kext name:AppleIntel8254XEthernet.kext
Location: /System/Library/Extensions/...
Version: 3.1.1b1
After commit 99fd437dee468609de8218f0eb3b16621fb6a9c9, users get:
Hardware - PCI Cards:
This computer doesn't contain any PCI cards. If you installed PCI
cards, make sure they're properly installed.
Hardware - Ethernet Cards
ethernet:
Type: Ethernet Controller
Bus: PCI
Vendor ID:0x8086
Device ID:0x100e
Subsystem Vendor ID: 0x1af4
Subsystem ID: 0x1100
Revision ID: 0x0003
BSD name: en0
Kext name:AppleIntel8254XEthernet.kext
Location: /System/Library/Extensions/...
Version: 3.1.1b1
Ethernet still works, but it's not showing up on the PCI bus, and it
no longer thinks it's plugged in to slot #2, as it used to before the
change.
To fix, append description for all occupied non hotpluggable PCI slots.
One need to be careful when doing this: VGA and ISA device were already
described, so we need to drop description from DSDT.
Reported-by: Gabriel L. Somlo gso...@gmail.com
Signed-off-by: Michael S. Tsirkin m...@redhat.com
---
hw/i386/acpi-build.c | 140 ++
tests/acpi-test.c | 2 +-
hw/i386/acpi-dsdt.dsl | 41 +++---
hw/i386/q35-acpi-dsdt.dsl | 29 ++
hw/i386/ssdt-pcihp.dsl| 56 +++
5 files changed, 184 insertions(+), 84 deletions(-)
diff --git a/hw/i386/acpi-build.c b/hw/i386/acpi-build.c
index b1a7ebb..5b0bb5a 100644
--- a/hw/i386/acpi-build.c
+++ b/hw/i386/acpi-build.c
@@ -643,6 +643,24 @@ static inline char acpi_get_hex(uint32_t val)
#define ACPI_PCIHP_SIZEOF (*ssdt_pcihp_end - *ssdt_pcihp_start)
#define ACPI_PCIHP_AML (ssdp_pcihp_aml + *ssdt_pcihp_start)
+#define ACPI_PCINOHP_OFFSET_HEX (*ssdt_pcinohp_name - *ssdt_pcinohp_start + 1)
+#define ACPI_PCINOHP_OFFSET_ID (*ssdt_pcinohp_id - *ssdt_pcinohp_start)
+#define ACPI_PCINOHP_OFFSET_ADR (*ssdt_pcinohp_adr - *ssdt_pcinohp_start)
+#define ACPI_PCINOHP_SIZEOF (*ssdt_pcinohp_end - *ssdt_pcinohp_start)
+#define ACPI_PCINOHP_AML (ssdp_pcihp_aml + *ssdt_pcinohp_start)
+
+#define ACPI_PCIVGA_OFFSET_HEX (*ssdt_pcivga_name - *ssdt_pcivga_start + 1)
+#define ACPI_PCIVGA_OFFSET_ID (*ssdt_pcivga_id - *ssdt_pcivga_start)
+#define ACPI_PCIVGA_OFFSET_ADR (*ssdt_pcivga_adr - *ssdt_pcivga_start)
+#define ACPI_PCIVGA_SIZEOF (*ssdt_pcivga_end - *ssdt_pcivga_start)
+#define ACPI_PCIVGA_AML (ssdp_pcihp_aml + *ssdt_pcivga_start)
+
+#define ACPI_PCIQXL_OFFSET_HEX (*ssdt_pciqxl_name - *ssdt_pciqxl_start + 1)
+#define ACPI_PCIQXL_OFFSET_ID (*ssdt_pciqxl_id - *ssdt_pciqxl_start)
+#define ACPI_PCIQXL_OFFSET_ADR (*ssdt_pciqxl_adr - *ssdt_pciqxl_start)
+#define ACPI_PCIQXL_SIZEOF (*ssdt_pciqxl_end - *ssdt_pciqxl_start)
+#define ACPI_PCIQXL_AML (ssdp_pcihp_aml + *ssdt_pciqxl_start)
+
#define ACPI_SSDT_SIGNATURE 0x54445353 /* SSDT */
#define ACPI_SSDT_HEADER_LENGTH 36
@@ -677,6 +695,36 @@ static void patch_pcihp(int slot, uint8_t *ssdt_ptr)
ssdt_ptr[ACPI_PCIHP_OFFSET_ADR + 2] = slot;
}
+static void patch_pcinohp(int slot, uint8_t *ssdt_ptr)
+{
+unsigned devfn = PCI_DEVFN(slot, 0);
+
+ssdt_ptr[ACPI_PCINOHP_OFFSET_HEX] = acpi_get_hex(devfn 4);
+ssdt_ptr[ACPI_PCINOHP_OFFSET_HEX + 1] = acpi_get_hex(devfn);
+ssdt_ptr[ACPI_PCINOHP_OFFSET_ID] = slot;
+ssdt_ptr[ACPI_PCINOHP_OFFSET_ADR + 2] = slot;
+}
+
+static void patch_pcivga(int slot, uint8_t *ssdt_ptr)
+{
+unsigned devfn =
Re: [Qemu-devel] [PATCH v8 01/17] Convert -mem-path to QemuOpts and add prealloc and share properties
On Mon, Feb 17, 2014 at 12:42:45AM +0100, Paolo Bonzini wrote: Il 15/02/2014 19:10, Michael Tokarev ha scritto: 13 февраля 2014 г. 16:03:12 GMT+04:00, Antonios Motakis a.mota...@virtualopensystems.com пишет: Extend -mem-path with additional properties: - prealloc=on|off - default off, same as -mem-prealloc - share=on|off - default off, memory is mmapped with MAP_SHARED Maybe we should combine -m and -mem-path options together to form something more sane? It's on the way: it would be something like -object mem-file,size=1024M,path=/path/to/foo,share=on,prealloc=on,id=mem \ -numa node,memdev=mem using the same host/guest split model that is already in use in many other places. Not 2.0 material though. Paolo Hmm in that case, let's not add prealloc as a property here. Stick to existing flag for that, this way we don't need to support 3 ways to do this.
