[Qemu-devel] [PATCH] Choose emulated MIPS CPU at runtime

[Qemu-devel] [PATCH] Choose emulated MIPS CPU at runtime

[Hervé Poussineau]

[-- Attachment #1: Type: text/plain, Size: 301 bytes --]

Hi,

This patch uses the new "-cpu" command line option, to choose the CPU at
runtime (R4Kc/R4Kp and FPU/no FPU)
The model can be extended to emulate more accurately some CPUs.

This removes the MIPS_USES_FPU compilation time option, and replaces by a
runtime one.

Please comment.

Hervé

[-- Attachment #2: mips-cpu.diff --]
[-- Type: application/octet-stream, Size: 11111 bytes --]

? target-mips/translate_init.c
Index: Makefile.target
===================================================================
RCS file: /cvsroot/qemu/qemu/Makefile.target,v
retrieving revision 1.147
diff -u -r1.147 Makefile.target
--- Makefile.target	28 Feb 2007 21:36:41 -0000	1.147
+++ Makefile.target	6 Mar 2007 13:29:21 -0000
@@ -550,6 +550,7 @@
 ifeq ($(TARGET_ARCH), mips)
 op.o: op.c op_template.c fop_template.c op_mem.c
 op_helper.o: op_helper_mem.c
+translate.o: translate.c translate_init.c
 endif
 
 loader.o: loader.c elf_ops.h
Index: vl.c
===================================================================
RCS file: /cvsroot/qemu/qemu/vl.c,v
retrieving revision 1.261
diff -u -r1.261 vl.c
--- vl.c	5 Mar 2007 19:44:01 -0000	1.261
+++ vl.c	6 Mar 2007 13:29:24 -0000
@@ -7005,6 +7005,8 @@
                 if (optarg[0] == '?') {
 #if defined(TARGET_PPC)
                     ppc_cpu_list(stdout, &fprintf);
+#elif defined(TARGET_MIPS)
+                    mips_cpu_list(stdout, &fprintf);
 #endif
                     exit(1);
                 } else {
Index: vl.h
===================================================================
RCS file: /cvsroot/qemu/qemu/vl.h,v
retrieving revision 1.191
diff -u -r1.191 vl.h
--- vl.h	5 Mar 2007 19:44:02 -0000	1.191
+++ vl.h	6 Mar 2007 13:29:25 -0000
@@ -713,6 +713,10 @@
 void ppc_cpu_list (FILE *f, int (*cpu_fprintf)(FILE *f, const char *fmt, ...));
 #endif
 
+#if defined(TARGET_MIPS)
+void mips_cpu_list (FILE *f, int (*cpu_fprintf)(FILE *f, const char *fmt, ...));
+#endif
+
 /* ISA bus */
 
 extern target_phys_addr_t isa_mem_base;
Index: hw/mips_malta.c
===================================================================
RCS file: /cvsroot/qemu/qemu/hw/mips_malta.c,v
retrieving revision 1.15
diff -u -r1.15 mips_malta.c
--- hw/mips_malta.c	5 Mar 2007 19:44:02 -0000	1.15
+++ hw/mips_malta.c	6 Mar 2007 13:29:26 -0000
@@ -626,8 +626,15 @@
     /* fdctrl_t *floppy_controller; */
     MaltaFPGAState *malta_fpga;
     int ret;
+    mips_def_t *def;
 
+    /* init CPUs */
+    if (cpu_model == NULL)
+        cpu_model = "R4Kc";
+    if (mips_find_by_name(cpu_model, &def) != 0)
+        def = NULL;
     env = cpu_init();
+    cpu_mips_register(env, def);
     register_savevm("cpu", 0, 3, cpu_save, cpu_load, env);
     qemu_register_reset(main_cpu_reset, env);
 
Index: hw/mips_r4k.c
===================================================================
RCS file: /cvsroot/qemu/qemu/hw/mips_r4k.c,v
retrieving revision 1.37
diff -u -r1.37 mips_r4k.c
--- hw/mips_r4k.c	5 Mar 2007 19:44:02 -0000	1.37
+++ hw/mips_r4k.c	6 Mar 2007 13:29:26 -0000
@@ -138,17 +138,24 @@
     CPUState *env;
     static RTCState *rtc_state;
     int i;
+    mips_def_t *def;
 
+    /* init CPUs */
+    if (cpu_model == NULL)
+        cpu_model = "R4Kc";
+    if (mips_find_by_name(cpu_model, &def) != 0)
+        def = NULL;
     env = cpu_init();
+    cpu_mips_register(env, def);
     register_savevm("cpu", 0, 3, cpu_save, cpu_load, env);
     qemu_register_reset(main_cpu_reset, env);
 
     /* allocate RAM */
     cpu_register_physical_memory(0, ram_size, IO_MEM_RAM);
 
     if (!mips_qemu_iomemtype) {
         mips_qemu_iomemtype = cpu_register_io_memory(0, mips_qemu_read,
-						     mips_qemu_write, NULL);
+                                                     mips_qemu_write, NULL);
     }
     cpu_register_physical_memory(0x1fbf0000, 0x10000, mips_qemu_iomemtype);
 
Index: target-mips/cpu.h
===================================================================
RCS file: /cvsroot/qemu/qemu/target-mips/cpu.h,v
retrieving revision 1.23
diff -u -r1.23 cpu.h
--- target-mips/cpu.h	2 Mar 2007 20:48:00 -0000	1.23
+++ target-mips/cpu.h	6 Mar 2007 13:29:26 -0000
@@ -282,6 +282,11 @@
     struct QEMUTimer *timer; /* Internal timer */
 };
 
+typedef struct mips_def_t mips_def_t;
+int mips_find_by_name (const unsigned char *name, mips_def_t **def);
+void mips_cpu_list (FILE *f, int (*cpu_fprintf)(FILE *f, const char *fmt, ...));
+int cpu_mips_register (CPUMIPSState *env, mips_def_t *def);
+
 #include "cpu-all.h"
 
 /* Memory access type :
Index: target-mips/mips-defs.h
===================================================================
RCS file: /cvsroot/qemu/qemu/target-mips/mips-defs.h,v
retrieving revision 1.7
diff -u -r1.7 mips-defs.h
--- target-mips/mips-defs.h	28 Feb 2007 22:37:42 -0000	1.7
+++ target-mips/mips-defs.h	6 Mar 2007 13:29:27 -0000
@@ -6,26 +6,15 @@
 /* If we want to use host float regs... */
 //#define USE_HOST_FLOAT_REGS
 
-#define MIPS_R4Kc 0x00018000
-#define MIPS_R4Kp 0x00018300
-
-/* Emulate MIPS R4Kc for now */
-#define MIPS_CPU MIPS_R4Kc
-
-#if (MIPS_CPU == MIPS_R4Kc)
 /* 32 bits target */
 #undef MIPS_HAS_MIPS64
 //#define MIPS_HAS_MIPS64 1
 /* real pages are variable size... */
 #define TARGET_PAGE_BITS 12
-/* Uses MIPS R4Kx enhancements to MIPS32 architecture */
-#define MIPS_USES_R4K_EXT
 /* Uses MIPS R4Kc TLB model */
 #define MIPS_USES_R4K_TLB
 #define MIPS_TLB_NB 16
 #define MIPS_TLB_MAX 128
-/* basic FPU register support */
-#define MIPS_USES_FPU 1
 /* Define a implementation number of 1.
  * Define a major version 1, minor version 0.
  */
@@ -63,21 +52,6 @@
 ((0 << CP0C3_M) | (0 << CP0C3_DSPP) | (0 << CP0C3_LPA) |          \
  (0 << CP0C3_VEIC) | (0 << CP0C3_VInt) | (0 << CP0C3_SP) |        \
  (0 << CP0C3_MT) | (0 << CP0C3_SM) | (0 << CP0C3_TL))
-#elif (MIPS_CPU == MIPS_R4Kp)
-/* 32 bits target */
-#undef MIPS_HAS_MIPS64
-/* real pages are variable size... */
-#define TARGET_PAGE_BITS 12
-/* Uses MIPS R4Kx enhancements to MIPS32 architecture */
-#define MIPS_USES_R4K_EXT
-/* Uses MIPS R4Km FPM MMU model */
-#define MIPS_USES_R4K_FPM
-#else
-#error "MIPS CPU not defined"
-/* Reminder for other flags */
-//#undef MIPS_HAS_MIPS64
-//#define MIPS_USES_FPU
-#endif
 
 #ifdef MIPS_HAS_MIPS64
 #define TARGET_LONG_BITS 64
Index: target-mips/translate.c
===================================================================
RCS file: /cvsroot/qemu/qemu/target-mips/translate.c,v
retrieving revision 1.36
diff -u -r1.36 translate.c
--- target-mips/translate.c	2 Mar 2007 20:48:00 -0000	1.36
+++ target-mips/translate.c	6 Mar 2007 13:29:29 -0000
@@ -5283,12 +5283,6 @@
     env->CP0_Wired = 0;
     /* SMP not implemented */
     env->CP0_EBase = 0x80000000;
-    env->CP0_Config0 = MIPS_CONFIG0;
-    env->CP0_Config1 = MIPS_CONFIG1;
-#ifdef MIPS_USES_FPU
-    /* basic FPU register support */
-    env->CP0_Config1 |= (1 << CP0C1_FP);
-#endif
     env->CP0_Config2 = MIPS_CONFIG2;
     env->CP0_Config3 = MIPS_CONFIG3;
     env->CP0_Status = (1 << CP0St_BEV) | (1 << CP0St_ERL);
@@ -5296,7 +5290,6 @@
     env->hflags = MIPS_HFLAG_ERL;
     /* Count register increments in debug mode, EJTAG version 1 */
     env->CP0_Debug = (1 << CP0DB_CNT) | (0x1 << CP0DB_VER);
-    env->CP0_PRid = MIPS_CPU;
 #endif
     env->exception_index = EXCP_NONE;
 #if defined(CONFIG_USER_ONLY)
@@ -5308,3 +5301,5 @@
     env->SYNCI_Step = 16;
     env->CCRes = 2;
 }
+
+#include "translate_init.c"
Index: target-mips/translate_init.c
===================================================================
RCS file: /cvsroot/qemu/qemu/target-mips/translate_init.c,v
--- /dev/null ?
+++ target-mips/translate_init.c    Tue Mar 06 14:29:24 2007
@@ -0,0 +1,121 @@
+/*
+ *  MIPS emulation for qemu: CPU initialisation routines.
+ *
+ *  Copyright (c) 2004-2005 Jocelyn Mayer
+ *  Copyright (c) 2007 Herve Poussineau
+ *
+ * This library is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public
+ * License as published by the Free Software Foundation; either
+ * version 2 of the License, or (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this library; if not, write to the Free Software
+ * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA  02111-1307  USA
+ */
+
+struct mips_def_t {
+    const unsigned char *name;
+    int32_t CP0_PRid;
+    int32_t CP0_Config0;
+    int32_t CP0_Config1;
+};
+
+/*****************************************************************************/
+/* MIPS CPU definitions */
+static mips_def_t mips_defs[] =
+{
+#ifndef MIPS_HAS_MIPS64
+    {
+        .name = "R4Kc",
+        .CP0_PRid = 0x00018000,
+        .CP0_Config0 = MIPS_CONFIG0,
+        .CP0_Config1 = MIPS_CONFIG1 | (1 << CP0C1_FP),
+    },
+    {
+        .name = "R4Kp",
+        .CP0_PRid = 0x00018300,
+        .CP0_Config0 = MIPS_CONFIG0,
+        .CP0_Config1 = MIPS_CONFIG1 | (1 << CP0C1_FP),
+    },
+    {
+        .name = "R4Kc-nofpu",
+        .CP0_PRid = 0x00018000,
+        .CP0_Config0 = MIPS_CONFIG0,
+        .CP0_Config1 = MIPS_CONFIG1,
+    },
+    {
+        .name = "R4Kp-nofpu",
+        .CP0_PRid = 0x00018300,
+        .CP0_Config0 = MIPS_CONFIG0,
+        .CP0_Config1 = MIPS_CONFIG1,
+    },
+#else
+    {
+        .name = "R4Kc",
+        .CP0_PRid = 0x00018000,
+        .CP0_Config0 = MIPS_CONFIG0 | (0x2 << CP0C0_AT),
+        .CP0_Config1 = MIPS_CONFIG1 | (1 << CP0C1_FP),
+    },
+    {
+        .name = "R4Kp",
+        .CP0_PRid = 0x00018300,
+        .CP0_Config0 = MIPS_CONFIG0 | (0x2 << CP0C0_AT),
+        .CP0_Config1 = MIPS_CONFIG1 | (1 << CP0C1_FP),
+    },
+    {
+        .name = "R4Kc-nofpu",
+        .CP0_PRid = 0x00018000,
+        .CP0_Config0 = MIPS_CONFIG0 | (0x2 << CP0C0_AT),
+        .CP0_Config1 = MIPS_CONFIG1,
+    },
+    {
+        .name = "R4Kp-nofpu",
+        .CP0_PRid = 0x00018300,
+        .CP0_Config0 = MIPS_CONFIG0 | (0x2 << CP0C0_AT),
+        .CP0_Config1 = MIPS_CONFIG1,
+    },
+#endif
+};
+
+int mips_find_by_name (const unsigned char *name, mips_def_t **def)
+{
+    int i, ret;
+
+    ret = -1;
+    *def = NULL;
+    for (i = 0; i < sizeof(mips_defs) / sizeof(mips_defs[0]); i++) {
+        if (strcasecmp(name, mips_defs[i].name) == 0) {
+            *def = &mips_defs[i];
+            ret = 0;
+            break;
+        }
+    }
+
+    return ret;
+}
+
+void mips_cpu_list (FILE *f, int (*cpu_fprintf)(FILE *f, const char *fmt, ...))
+{
+    int i;
+
+    for (i = 0; i < sizeof(mips_defs) / sizeof(mips_defs[0]); i++) {
+        (*cpu_fprintf)(f, "MIPS '%s'\n",
+                       mips_defs[i].name);
+    }
+}
+
+int cpu_mips_register (CPUMIPSState *env, mips_def_t *def)
+{
+    if (!def)
+        cpu_abort(env, "Unable to find MIPS CPU definition\n");
+    env->CP0_PRid = def->CP0_PRid;
+    env->CP0_Config0 = def->CP0_Config0;
+    env->CP0_Config1 = def->CP0_Config1;
+    return 0;
+}
+

Re: [Qemu-devel] [PATCH] Choose emulated MIPS CPU at runtime

[Daniel Jacobowitz]

On Tue, Mar 06, 2007 at 04:47:14PM +0100, Hervé Poussineau wrote:
> Hi,
> 
> This patch uses the new "-cpu" command line option, to choose the CPU at
> runtime (R4Kc/R4Kp and FPU/no FPU)
> The model can be extended to emulate more accurately some CPUs.
> 
> This removes the MIPS_USES_FPU compilation time option, and replaces by a
> runtime one.
> 
> Please comment.

Do you have any idea what performance effect this does (or doesn't)
have?

-- 
Daniel Jacobowitz
CodeSourcery

Re: [Qemu-devel] [PATCH] Choose emulated MIPS CPU at runtime

[Thiemo Seufer]

Hervé Poussineau wrote:
> Hi,
> 
> This patch uses the new "-cpu" command line option, to choose the CPU at
> runtime (R4Kc/R4Kp and FPU/no FPU)
> The model can be extended to emulate more accurately some CPUs.
> 
> This removes the MIPS_USES_FPU compilation time option, and replaces by a
> runtime one.
> 
> Please comment.

Looks very nice, except that the CPU models are out of touch with reality. :-)
 - There is no CPU called "R4Kc" etc.
 - What Qemu emulates is currently close to a 4KEc with an R3000-style
   FPU attached. (A 4KEc is a 4Kc with MIPS32R2 instructions.)
 - MIPS Technologies "4Kc" and "4Kp" have both no FPU support at all,
   they are also 32bit only. (IIRC the difference those two is that
   the 4Kp has only a fixed mapping MMU, the 4Kc has the real thing.)
 - For a Jazz/Magnum-like CPU we should add a "R4000" or probably
   a "R4400". This CPU is 64bit and has always a FPU.
 - For the Malta I plan to go for a 34Kf, but that lacks a few bits for
   now.

So, to make some sense out of it:
 - Qemu "4kc" machine, 32bit, no FPU: 4Kc or 4KEc
 - Qemu "4kc" machine, 32bit, with FPU: 24Kf
 - Qemu "4kc" machine, 64bit, with FPU: R4000, this should become a
                                               separate machine.
 - MIPS Malta, 32bit, no FPU: 4KEc
 - MIPS Malta, 32bit, with FPU: 24Kf

Does this sound reasonable?


Thiemo

Re: [Qemu-devel] [PATCH] Choose emulated MIPS CPU at runtime

[Stefan Weil]

Thiemo Seufer schrieb:
> Looks very nice, except that the CPU models are out of touch with
> reality. :-)
> - There is no CPU called "R4Kc" etc.
> - What Qemu emulates is currently close to a 4KEc with an R3000-style
> FPU attached. (A 4KEc is a 4Kc with MIPS32R2 instructions.)
There exists also an older 4KEc version which only supports
MIPS32R1. AR7 (a SoC from TI) is based on this older version.
I noticed this because some code using DI worked well with QEMU,
but my AR7 based DSL router crashed...
For AR7, it would be nice to switch between MIPS32R1 / MIPS32R2
instruction sets. I think this could be done similar to the FPU
switch, but I don't have a list of the differences, and there are
no MIPS32R2 markers in the QEMU code :-(
> - MIPS Technologies "4Kc" and "4Kp" have both no FPU support at all,
> they are also 32bit only. (IIRC the difference those two is that
> the 4Kp has only a fixed mapping MMU, the 4Kc has the real thing.)
> - For a Jazz/Magnum-like CPU we should add a "R4000" or probably
> a "R4400". This CPU is 64bit and has always a FPU.
> - For the Malta I plan to go for a 34Kf, but that lacks a few bits for
> now.
>
> So, to make some sense out of it:
> - Qemu "4kc" machine, 32bit, no FPU: 4Kc or 4KEc
> - Qemu "4kc" machine, 32bit, with FPU: 24Kf
> - Qemu "4kc" machine, 64bit, with FPU: R4000, this should become a
> separate machine.
> - MIPS Malta, 32bit, no FPU: 4KEc
> - MIPS Malta, 32bit, with FPU: 24Kf
This looks good. I'd add one more for QEMU with AR7 support:
    - AR7 machines, 32bit, no FPU, 4KEc with MIPS32R1 only
>
> Does this sound reasonable?
I ask the same question.

Stefan

Re: [Qemu-devel] [PATCH] Choose emulated MIPS CPU at runtime

[Thiemo Seufer]

Stefan Weil wrote:
> Thiemo Seufer schrieb:
> > Looks very nice, except that the CPU models are out of touch with
> > reality. :-)
> > - There is no CPU called "R4Kc" etc.
> > - What Qemu emulates is currently close to a 4KEc with an R3000-style
> > FPU attached. (A 4KEc is a 4Kc with MIPS32R2 instructions.)
> There exists also an older 4KEc version which only supports
> MIPS32R1. AR7 (a SoC from TI) is based on this older version.

This can't be correct. 4KEc is defined as a MIPS32R2 core by MIPS
Technologies. A MIPS32R1 4KEc would be redundant since that's what
the 4Kc is.

> I noticed this because some code using DI worked well with QEMU,
> but my AR7 based DSL router crashed...

Did it die with an RI exception? If not then it sounds more like
a missing ehb barrier. Qemu doesn't emulate pipeline hazards...

> AR7, it would be nice to switch between MIPS32R1 / MIPS32R2
> instruction sets.

It would be nice to see a AR7 router emulation as a separate
machine type in Qemu. *hint* *hint* :-)

> I think this could be done similar to the FPU
> switch, but I don't have a list of the differences, and there are
> no MIPS32R2 markers in the QEMU code :-(

The specificiation for MIPS{32,64}R{1,2} used to be hidden behind a
"free registration" nag screen at http://www.mips.com/ . Unfortunately
it isn't ATM, it apparently fell through the cracks of the website
relaunch.


Thiemo

Re: [Qemu-devel] [PATCH] Choose emulated MIPS CPU at runtime

[Thiemo Seufer]

Thiemo Seufer wrote:
[snip]
> > I think this could be done similar to the FPU
> > switch, but I don't have a list of the differences, and there are
> > no MIPS32R2 markers in the QEMU code :-(
> 
> The specificiation for MIPS{32,64}R{1,2} used to be hidden behind a
> "free registration" nag screen at http://www.mips.com/ . Unfortunately
> it isn't ATM, it apparently fell through the cracks of the website
> relaunch.

It was only well hidden:
http://www.mips.com/products/resource_library/product_materials/


Thiemo

Re: [Qemu-devel] [PATCH] Choose emulated MIPS CPU at runtime

[Stefan Weil]

Thiemo Seufer schrieb:
> Stefan Weil wrote:
>> There exists also an older 4KEc version which only supports
>>
>> MIPS32R1. AR7 (a SoC from TI) is based on this older version.
> This can't be correct. 4KEc is defined as a MIPS32R2 core by MIPS
> Technologies. A MIPS32R1 4KEc would be redundant since that's what
> the 4Kc is.
Until last week, I had the same opinion. Documentation says
that AR7 is based on 4KEc, 4KEc is MIPS32R2, so I compiled Linux
using MIPS32R2 settings. It crashed.

Then I detected this extract from the Linux source code (2.6.20):

./include/asm-mips/cpu.h:#define PRID_IMP_4KEC          0x8400
./include/asm-mips/cpu.h:#define PRID_IMP_4KECR2        0x9000

So Linux knows two variants of 4KEc!
And AR7 has CP0_PRid == 0x00018448 - the first variant without "R2"!

Perhaps some readers of the list have more information?
>> I noticed this because some code using DI worked well with QEMU,
>> but my AR7 based DSL router crashed...
> Did it die with an RI exception? If not then it sounds more like
> a missing ehb barrier. Qemu doesn't emulate pipeline hazards...
The Linux code was ehb, then di. It crashed at the di statement.
The kernel did not show the reason for the crash, and I have
neither kgdb nor a hardware debugger for my router...
>> AR7, it would be nice to switch between MIPS32R1 / MIPS32R2
>> instruction sets.
>
> It would be nice to see a AR7 router emulation as a separate
> machine type in Qemu. *hint* *hint* :-)
I agree. The URL of the AR7 emulation code was published earlier on
this list. It has grown to more than 100 KB, so I don't
want to send it as a mail appendix to the list.
May I send you a patch for integration? Are there any special
requirements for this kind of patch to get acceptance?

Stefan

Re: [Qemu-devel] [PATCH] Choose emulated MIPS CPU at runtime

[Thiemo Seufer]

Stefan Weil wrote:
[snip]
> Perhaps some readers of the list have more information?
> >> I noticed this because some code using DI worked well with QEMU,
> >> but my AR7 based DSL router crashed...
> > Did it die with an RI exception? If not then it sounds more like
> > a missing ehb barrier. Qemu doesn't emulate pipeline hazards...
> The Linux code was ehb, then di. It crashed at the di statement.
> The kernel did not show the reason for the crash, and I have
> neither kgdb nor a hardware debugger for my router...

Do you have some linux console at the time of the crash? The Oops
dump should print out the cause register, this in turn should show
RI as the type of the last exception.

> >> AR7, it would be nice to switch between MIPS32R1 / MIPS32R2
> >> instruction sets.
> >
> > It would be nice to see a AR7 router emulation as a separate
> > machine type in Qemu. *hint* *hint* :-)
> I agree. The URL of the AR7 emulation code was published earlier on
> this list. It has grown to more than 100 KB, so I don't
> want to send it as a mail appendix to the list.
> May I send you a patch for integration? Are there any special
> requirements for this kind of patch to get acceptance?

Split it in smaller self-contained patches, and start with introducing
the new machine type before doing the drivers (so each piece can be at
least compile-tested separately).


Thiemo