[Qemu-devel] [FYI] sh: QEMU-SH patch list

[Qemu-devel] [FYI] sh: QEMU-SH patch list

[Shin-ichiro KAWASAKI]

Hi, all.

I've made a list for those who interested in SuperH emulation by QEMU.
These are patches related to SH emulation and not yet merged into the trunk.
Some of them need review, and some of them need brushing up.
I hope this list encourages cross review.

Please tell me any mistakes, problems, or something to add.

Regards,
Shin-ichiro KAWASAKI

-----------------------------------------------------------------------------

* Fix struct target_stat64 for 64bit host
- Signed-off-by: Takashi YOSHII
- posted date : 2008/10/20
- status : 2nd patch posted by the author (2008/10/27)
- history : Pointed out struct member type change by michael.
            Laurant Desnogues and Mans Rullgard reported that this patch
            solve their problem (2009/01/10).

* implement ftrv instruction
- Signed-off-by: Mans Rullgard
- posted date : 2008/11/22
- status : No reaction?

* Followup to commit #5849 "Change MMIO	callbacks..."
- Signed-off-by: Takashi YOSHII
- posted date : 2008/12/03
- status : ???

* usb-ohci: Add address masking.
- Signed-off-by: Takashi YOSHII
- posted date : 2008/12/05
- status : ???

* SH7750/51: add register BCR3, NCR4, PCR, RTCOR, RTCNT, RTCSR, SDMR2, SDMR3 and fix BCR2 support
- Signed-off-by: Jean-Christophe PLAGNIOL-VILLARD
- posted date : 2008/12/05
- status : Reviewed by Shin-ichiro KAWASAKI.
            [1] difference of SH775x and SH775xR not handled?
            [2] overwraps of SDMR[23] and PRECHARGED[0/1]
           Aurelian Jarno suggested to utilize feature field for [1], and
           pointed out useless assertion.
           The author sent out 4th patch (2008/12/19).
           The patch is in qemu-sh staging repository.

* Implement MOVCO.L and MOVLI.L
- author : Vladimir Plus
- posted date : 2008/12/12
- status : Reviewed by Paul Brook, meaning less FIXME comment was pointed out.
           Vladimir reposted the patch which removes it.
           The patch is in qemu-sh staging repository.

* Fix movca.l/ocbi emulation.
- author : Vladimir Plus
- posted date : 2008/12/12
- status : Reviewed by Edgar Iglesias.
             [1] possibility of TLB exception on movca.l.
             [2] stl/store sequence mistake?
             [3] cache line comparison suggested
             [4] question on explanation for movca.l use case
           Shin-ichiro KAWASAKI posted similar patch, and Edgar Iglesias and
           Paul Mundt gave it comments about the cache availability : 
           This patch need to consider cache on/off status(CCR), area type
           (address top 3 bits), and tlb entry's cache flag(i/u tlb array
           C bit).
           The patch is in qemu-sh staging repository.

* Improve the interrupt controller
- author : Vladimir Plus
- posted date : 2008/12/12
- status : Reviewed by Jean-Christophe, and patch split and code style cleanup
           were suggested.  More precise pointing was requested by the author.
           Tested by Takashi YOSHII and reported the patch does not work for
           r2d+.  Test environment was requested by the author.

* sh_pci. Register resouces both at A7 and P4.
- Signed-off-by: Takashi YOSHII
- posted date : 2008/12/15
- status : Tested by Jean-Christophe for u-boot and found no problem.
           The patch is in qemu-sh staging repository.

* Add rtl8139b
- Signed-off-by: Takashi YOSHII 
- posted date : 2008/12/15
- status : RTL NIC model type categorizing way is discussed.
           The author posted the second version patch (2008/12/20).

* r2d. Endian conversion for peripheral register initialization.
- Signed-off-by: Takashi YOSHII
- posted date : 2008/12/15
- status : No response yet.

* SM501 usb host emulation
- Signed-off-by: Shin-ichiro KAWASAKI 
- posted date : 2008/12/28
- status : No response yet.

* SE7750 board definition
- Signed-off-by: Shin-ichiro KAWASAKI 
- posted date : 2009/01/11
- status : The reason to support SE7750 is discussed, and pointed out that
           the board is not available now.
           The generic virtual board for SH is discussed.

* movca.l cancel by ocbi
- Signed-off-by: Shin-ichiro KAWASAKI 
- posted date : 2009/01/11
- status : This patch tries to solve the same problem with patch by
           Vladimir Plus.  It will be canceled.

* SCI improvements
- Signed-off-by: Shin-ichiro KAWASAKI
- posted date : 2009/01/11
- status : Tested by Jean Christophe and reported that it does not
           work for u-boot console.

* sh/serial: allow cpu regs definition
- Signed-off-by: Jean-Christophe PLAGNIOL-VILLARD
- posted date : 2009/01/12
- status : No response yet.

* Make atomic tas.b instruction thread safe
- Signed-off-by: Lionel Landwerlin
- posted date : 2009/01/15
- status : Reviewed by Paul Brook and pointed out the possibility of dead lock.

[Qemu-devel] [PATCH 1/1] sh: fix TMU init

[Jean-Christophe PLAGNIOL-VILLARD]

init the TMU and the ptimer with the correct cpu reset value

Signed-off-by: Jean-Christophe PLAGNIOL-VILLARD <plagnioj@jcrosoft.com>
---
 hw/sh_timer.c |   28 +++++++++++++++++++---------
 1 files changed, 19 insertions(+), 9 deletions(-)

diff --git a/hw/sh_timer.c b/hw/sh_timer.c
index c5c45f5..da3ace2 100644
--- a/hw/sh_timer.c
+++ b/hw/sh_timer.c
@@ -25,6 +25,11 @@
 #define TIMER_FEAT_CAPT   (1 << 0)
 #define TIMER_FEAT_EXTCLK (1 << 1)
 
+#define OFFSET_TCOR   0
+#define OFFSET_TCNT   1
+#define OFFSET_TCR    2
+#define OFFSET_TCPR   3
+
 typedef struct {
     ptimer_state *timer;
     uint32_t tcnt;
@@ -57,13 +62,13 @@ static uint32_t sh_timer_read(void *opaque, target_phys_addr_t offset)
     sh_timer_state *s = (sh_timer_state *)opaque;
 
     switch (offset >> 2) {
-    case 0:
+    case OFFSET_TCOR:
         return s->tcor;
-    case 1:
+    case OFFSET_TCNT:
         return ptimer_get_count(s->timer);
-    case 2:
+    case OFFSET_TCR:
         return s->tcr | (s->int_level ? TIMER_TCR_UNF : 0);
-    case 3:
+    case OFFSET_TCPR:
         if (s->feat & TIMER_FEAT_CAPT)
             return s->tcpr;
     default:
@@ -80,15 +85,15 @@ static void sh_timer_write(void *opaque, target_phys_addr_t offset,
     int freq;
 
     switch (offset >> 2) {
-    case 0:
+    case OFFSET_TCOR:
         s->tcor = value;
         ptimer_set_limit(s->timer, s->tcor, 0);
         break;
-    case 1:
+    case OFFSET_TCNT:
         s->tcnt = value;
         ptimer_set_count(s->timer, s->tcnt);
         break;
-    case 2:
+    case OFFSET_TCR:
         if (s->enabled) {
             /* Pause the timer if it is running.  This may cause some
                inaccuracy dure to rounding, but avoids a whole lot of other
@@ -145,7 +150,7 @@ static void sh_timer_write(void *opaque, target_phys_addr_t offset,
             ptimer_run(s->timer, 0);
         }
         break;
-    case 3:
+    case OFFSET_TCPR:
         if (s->feat & TIMER_FEAT_CAPT) {
             s->tcpr = value;
 	    break;
@@ -196,12 +201,17 @@ static void *sh_timer_init(uint32_t freq, int feat, qemu_irq irq)
     s->tcor = 0xffffffff;
     s->tcnt = 0xffffffff;
     s->tcpr = 0xdeadbeef;
-    s->tcor = 0;
+    s->tcr = 0;
     s->enabled = 0;
     s->irq = irq;
 
     bh = qemu_bh_new(sh_timer_tick, s);
     s->timer = ptimer_init(bh);
+
+    sh_timer_write(s, OFFSET_TCOR >> 2, s->tcor);
+    sh_timer_write(s, OFFSET_TCNT >> 2, s->tcnt);
+    sh_timer_write(s, OFFSET_TCPR >> 2, s->tcpr);
+    sh_timer_write(s, OFFSET_TCR  >> 2, s->tcpr);
     /* ??? Save/restore.  */
     return s;
 }
-- 
1.5.6.5

[Qemu-devel] [RFC] [PATCH] r2d add pflash support

[Jean-Christophe PLAGNIOL-VILLARD]

Signed-off-by: Jean-Christophe PLAGNIOL-VILLARD <plagnioj@jcrosoft.com>
Cc: Shin-ichiro KAWASAKI <kawasaki@juno.dti.ne.jp>
Cc: Takashi YOSHII <takasi-y@ops.dti.ne.jp>
---
please use to style of cmdline
qemu-system-sh4 -M r2d -pflash r2dplus/u-boot.bin -nographic -monitor null -serial pty -serial stdio

Best Regards,
J.
 Makefile.target     |    2 +-
 hw/r2d.c            |   20 ++++++++++++++++++--
 target-sh4/helper.c |    4 ++--
 3 files changed, 21 insertions(+), 5 deletions(-)

diff --git a/Makefile.target b/Makefile.target
index 7060385..7c50172 100644
--- a/Makefile.target
+++ b/Makefile.target
@@ -721,7 +721,7 @@ endif
 ifeq ($(TARGET_BASE_ARCH), sh4)
 OBJS+= shix.o r2d.o sh7750.o sh7750_regnames.o tc58128.o
 OBJS+= sh_timer.o ptimer.o sh_serial.o sh_intc.o sh_pci.o sm501.o serial.o
-OBJS+= ide.o
+OBJS+= ide.o pflash_cfi01.o
 endif
 ifeq ($(TARGET_BASE_ARCH), m68k)
 OBJS+= an5206.o mcf5206.o ptimer.o mcf_uart.o mcf_intc.o mcf5208.o mcf_fec.o
diff --git a/hw/r2d.c b/hw/r2d.c
index a8207c2..24e1328 100644
--- a/hw/r2d.c
+++ b/hw/r2d.c
@@ -31,9 +31,12 @@
 #include "pci.h"
 #include "net.h"
 #include "sh7750_regs.h"
+#include "flash.h"
 
 #define SDRAM_BASE 0x0c000000 /* Physical location of SDRAM: Area 3 */
 #define SDRAM_SIZE 0x04000000
+#define FLASH_BASE 0xa0000000
+#define FLASH_SIZE 0x02000000
 
 #define SM501_VRAM_SIZE 0x800000
 
@@ -203,6 +206,7 @@ static void r2d_init(ram_addr_t ram_size, int vga_ram_size,
     qemu_irq *irq;
     PCIBus *pci;
     int i;
+    int index;
 
     if (!cpu_model)
         cpu_model = "SH7751R";
@@ -247,6 +251,18 @@ static void r2d_init(ram_addr_t ram_size, int vga_ram_size,
         usb_ohci_init_pci(pci, 4, -1);
 
     /* Todo: register on board registers */
+    if ((index = drive_get_index(IF_PFLASH, 0, 0)) > -1) {
+        uint32_t sector_len = 128 * 1024;
+
+        if (!pflash_cfi01_register(FLASH_BASE, qemu_ram_alloc(FLASH_SIZE),
+            drives_table[index].bdrv, sector_len, FLASH_SIZE / sector_len,
+            4, 0, 0, 0, 0)) {
+            fprintf(stderr, "qemu: Error registering flash memory.\n");
+	} else {
+            env->pc = FLASH_BASE;
+	}
+    }
+
     if (kernel_filename) {
       int kernel_size;
       /* initialization which should be done by firmware */
@@ -257,11 +273,11 @@ static void r2d_init(ram_addr_t ram_size, int vga_ram_size,
 
       if (kernel_cmdline) {
           kernel_size = load_image(kernel_filename, phys_ram_base + 0x80000);
-          env->pc = (SDRAM_BASE + 0x80000) | 0xa0000000;
+          env->pc = (SDRAM_BASE + 0x80000) | FLASH_BASE;
           pstrcpy(phys_ram_base + 0x10100, 256, kernel_cmdline);
       } else {
           kernel_size = load_image(kernel_filename, phys_ram_base);
-          env->pc = SDRAM_BASE | 0xa0000000; /* Start from P2 area */
+          env->pc = SDRAM_BASE | FLASH_BASE; /* Start from P2 area */
       }
       if (kernel_size < 0) {
         fprintf(stderr, "qemu: could not load kernel '%s'\n", kernel_filename);
diff --git a/target-sh4/helper.c b/target-sh4/helper.c
index a790aeb..221ce20 100644
--- a/target-sh4/helper.c
+++ b/target-sh4/helper.c
@@ -436,8 +436,8 @@ int get_physical_address(CPUState * env, target_ulong * physical,
 	    else
 		return MMU_IADDR_ERROR;
 	}
-	if (address >= 0x80000000 && address < 0xc0000000) {
-	    /* Mask upper 3 bits for P1 and P2 areas */
+	if (address >= 0x80000000 && address < 0xa0000000) {
+	    /* Mask upper 3 bits for P1 area */
 	    *physical = address & 0x1fffffff;
 	} else {
 	    *physical = address;
-- 
1.5.6.5

Re: [Qemu-devel] [RFC] [PATCH] r2d add pflash support

[takasi-y]

Hi,
Sorry for slow response (as is usual....)

> +#define FLASH_BASE 0xa0000000
I think this should be physical address but P2.
Like #define FLASH_BASE 0x00000000

> +	} else {
> +            env->pc = FLASH_BASE;
> +	}
I think "-pflash" should not set PC, but simply provede initial content
 of FLASH.
On the other hand, "-kernel" sets PC because it is a pseudo firmware task.

> -          env->pc = (SDRAM_BASE + 0x80000) | 0xa0000000;
> +          env->pc = (SDRAM_BASE + 0x80000) | FLASH_BASE;
...
> -          env->pc = SDRAM_BASE | 0xa0000000; /* Start from P2 area */
> +          env->pc = SDRAM_BASE | FLASH_BASE; /* Start from P2 area */
These are not needed.
These 0xa0000000 mean P2, nothing related with FLASH.

> --- a/target-sh4/helper.c
> +++ b/target-sh4/helper.c
> @@ -436,8 +436,8 @@ int get_physical_address(CPUState * env, target_ulong * physical,
>  	    else
>  		return MMU_IADDR_ERROR;
>  	}
> -	if (address >= 0x80000000 && address < 0xc0000000) {
> -	    /* Mask upper 3 bits for P1 and P2 areas */
> +	if (address >= 0x80000000 && address < 0xa0000000) {
> +	    /* Mask upper 3 bits for P1 area */
>  	    *physical = address & 0x1fffffff;
>  	} else {
>  	    *physical = address;
You needed this because you have defined FLASH address as P2.
Chaning it to physical as shown above makes this not be needed.

Perhaps, you need increase "ram_require" for FLASH.
@@ -175,5 +203,5 @@ QEMUMachine r2d_machine = {
     .name = "r2d",
     .desc = "r2d-plus board",
     .init = r2d_init,
-    .ram_require = (SDRAM_SIZE + SM501_VRAM_SIZE) | RAMSIZE_FIXED,
+    .ram_require = (FLASH_SIZE + SDRAM_SIZE + SM501_VRAM_SIZE) | RAMSIZE_FIXED,

Cheers,
/yoshii

Re: [Qemu-devel] [RFC] [PATCH] r2d add pflash support

[Jean-Christophe PLAGNIOL-VILLARD]

On 14:21 Sun 25 Jan     , takasi-y@ops.dti.ne.jp wrote:
> Hi,
> Sorry for slow response (as is usual....)
> 
> > +#define FLASH_BASE 0xa0000000
> I think this should be physical address but P2.
> Like #define FLASH_BASE 0x00000000
> 
> > +	} else {
> > +            env->pc = FLASH_BASE;
> > +	}
> I think "-pflash" should not set PC, but simply provede initial content
>  of FLASH.
no you need it other wise you can not boot from the bootloader
> On the other hand, "-kernel" sets PC because it is a pseudo firmware task.
> 
> > -          env->pc = (SDRAM_BASE + 0x80000) | 0xa0000000;
> > +          env->pc = (SDRAM_BASE + 0x80000) | FLASH_BASE;
> ...
> > -          env->pc = SDRAM_BASE | 0xa0000000; /* Start from P2 area */
> > +          env->pc = SDRAM_BASE | FLASH_BASE; /* Start from P2 area */
> These are not needed.
> These 0xa0000000 mean P2, nothing related with FLASH.
the FLASH is connected to there
> 
> > --- a/target-sh4/helper.c
> > +++ b/target-sh4/helper.c
> > @@ -436,8 +436,8 @@ int get_physical_address(CPUState * env, target_ulong * physical,
> >  	    else
> >  		return MMU_IADDR_ERROR;
> >  	}
> > -	if (address >= 0x80000000 && address < 0xc0000000) {
> > -	    /* Mask upper 3 bits for P1 and P2 areas */
> > +	if (address >= 0x80000000 && address < 0xa0000000) {
> > +	    /* Mask upper 3 bits for P1 area */
> >  	    *physical = address & 0x1fffffff;
> >  	} else {
> >  	    *physical = address;
> You needed this because you have defined FLASH address as P2.
> Chaning it to physical as shown above makes this not be needed.
But the flash is map to P2

Best Regards,
J.

Re: [Qemu-devel] [PATCH 1/1] sh: fix TMU init

[Aurelien Jarno]

On Sun, Jan 18, 2009 at 05:35:56PM +0100, Jean-Christophe PLAGNIOL-VILLARD wrote:
> init the TMU and the ptimer with the correct cpu reset value
> 
> Signed-off-by: Jean-Christophe PLAGNIOL-VILLARD <plagnioj@jcrosoft.com>
> ---
>  hw/sh_timer.c |   28 +++++++++++++++++++---------
>  1 files changed, 19 insertions(+), 9 deletions(-)

Thanks, applied.

> diff --git a/hw/sh_timer.c b/hw/sh_timer.c
> index c5c45f5..da3ace2 100644
> --- a/hw/sh_timer.c
> +++ b/hw/sh_timer.c
> @@ -25,6 +25,11 @@
>  #define TIMER_FEAT_CAPT   (1 << 0)
>  #define TIMER_FEAT_EXTCLK (1 << 1)
>  
> +#define OFFSET_TCOR   0
> +#define OFFSET_TCNT   1
> +#define OFFSET_TCR    2
> +#define OFFSET_TCPR   3
> +
>  typedef struct {
>      ptimer_state *timer;
>      uint32_t tcnt;
> @@ -57,13 +62,13 @@ static uint32_t sh_timer_read(void *opaque, target_phys_addr_t offset)
>      sh_timer_state *s = (sh_timer_state *)opaque;
>  
>      switch (offset >> 2) {
> -    case 0:
> +    case OFFSET_TCOR:
>          return s->tcor;
> -    case 1:
> +    case OFFSET_TCNT:
>          return ptimer_get_count(s->timer);
> -    case 2:
> +    case OFFSET_TCR:
>          return s->tcr | (s->int_level ? TIMER_TCR_UNF : 0);
> -    case 3:
> +    case OFFSET_TCPR:
>          if (s->feat & TIMER_FEAT_CAPT)
>              return s->tcpr;
>      default:
> @@ -80,15 +85,15 @@ static void sh_timer_write(void *opaque, target_phys_addr_t offset,
>      int freq;
>  
>      switch (offset >> 2) {
> -    case 0:
> +    case OFFSET_TCOR:
>          s->tcor = value;
>          ptimer_set_limit(s->timer, s->tcor, 0);
>          break;
> -    case 1:
> +    case OFFSET_TCNT:
>          s->tcnt = value;
>          ptimer_set_count(s->timer, s->tcnt);
>          break;
> -    case 2:
> +    case OFFSET_TCR:
>          if (s->enabled) {
>              /* Pause the timer if it is running.  This may cause some
>                 inaccuracy dure to rounding, but avoids a whole lot of other
> @@ -145,7 +150,7 @@ static void sh_timer_write(void *opaque, target_phys_addr_t offset,
>              ptimer_run(s->timer, 0);
>          }
>          break;
> -    case 3:
> +    case OFFSET_TCPR:
>          if (s->feat & TIMER_FEAT_CAPT) {
>              s->tcpr = value;
>  	    break;
> @@ -196,12 +201,17 @@ static void *sh_timer_init(uint32_t freq, int feat, qemu_irq irq)
>      s->tcor = 0xffffffff;
>      s->tcnt = 0xffffffff;
>      s->tcpr = 0xdeadbeef;
> -    s->tcor = 0;
> +    s->tcr = 0;
>      s->enabled = 0;
>      s->irq = irq;
>  
>      bh = qemu_bh_new(sh_timer_tick, s);
>      s->timer = ptimer_init(bh);
> +
> +    sh_timer_write(s, OFFSET_TCOR >> 2, s->tcor);
> +    sh_timer_write(s, OFFSET_TCNT >> 2, s->tcnt);
> +    sh_timer_write(s, OFFSET_TCPR >> 2, s->tcpr);
> +    sh_timer_write(s, OFFSET_TCR  >> 2, s->tcpr);
>      /* ??? Save/restore.  */
>      return s;
>  }
> -- 
> 1.5.6.5
> 
> 
> 
> 

-- 
Aurelien Jarno	                        GPG: 1024D/F1BCDB73
aurelien@aurel32.net                 http://www.aurel32.net