From mboxrd@z Thu Jan  1 00:00:00 1970
Received: from mailman by lists.gnu.org with tmda-scanned (Exim 4.43)
	id 1JonOK-0003sw-AB
	for qemu-devel@nongnu.org; Wed, 23 Apr 2008 18:24:40 -0400
Received: from exim by lists.gnu.org with spam-scanned (Exim 4.43)
	id 1JonOH-0003rA-Ry
	for qemu-devel@nongnu.org; Wed, 23 Apr 2008 18:24:39 -0400
Received: from [199.232.76.173] (port=55285 helo=monty-python.gnu.org)
	by lists.gnu.org with esmtp (Exim 4.43) id 1JonOH-0003r7-MO
	for qemu-devel@nongnu.org; Wed, 23 Apr 2008 18:24:37 -0400
Received: from e1.ny.us.ibm.com ([32.97.182.141])
	by monty-python.gnu.org with esmtps
	(TLS-1.0:DHE_RSA_AES_256_CBC_SHA1:32) (Exim 4.60)
	(envelope-from <hollisb@us.ibm.com>) id 1JonOH-0007lH-9U
	for qemu-devel@nongnu.org; Wed, 23 Apr 2008 18:24:37 -0400
Received: from d01relay02.pok.ibm.com (d01relay02.pok.ibm.com [9.56.227.234])
	by e1.ny.us.ibm.com (8.13.8/8.13.8) with ESMTP id m3NMOX6p007139
	for <qemu-devel@nongnu.org>; Wed, 23 Apr 2008 18:24:33 -0400
Received: from d01av04.pok.ibm.com (d01av04.pok.ibm.com [9.56.224.64])
	by d01relay02.pok.ibm.com (8.13.8/8.13.8/NCO v8.7) with ESMTP id
	m3NMOXvb250524
	for <qemu-devel@nongnu.org>; Wed, 23 Apr 2008 18:24:33 -0400
Received: from d01av04.pok.ibm.com (loopback [127.0.0.1])
	by d01av04.pok.ibm.com (8.12.11.20060308/8.13.3) with ESMTP id
	m3NMOMFU006010
	for <qemu-devel@nongnu.org>; Wed, 23 Apr 2008 18:24:23 -0400
Content-Type: text/plain; charset="us-ascii"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
Message-Id: <cacf1c628f43f0390890.1208989434@localhost.localdomain>
In-Reply-To: <patchbomb.1208989431@localhost.localdomain>
Date: Wed, 23 Apr 2008 17:23:54 -0500
From: Hollis Blanchard <hollisb@us.ibm.com>
Subject: [Qemu-devel] [PATCH 3 of 4] [qemu ppc uic] Remember the state of
	level-triggered interrupts
Reply-To: qemu-devel@nongnu.org
List-Id: qemu-devel.nongnu.org
List-Unsubscribe: <http://lists.nongnu.org/mailman/listinfo/qemu-devel>,
	<mailto:qemu-devel-request@nongnu.org?subject=unsubscribe>
List-Archive: <http://lists.gnu.org/pipermail/qemu-devel>
List-Post: <mailto:qemu-devel@nongnu.org>
List-Help: <mailto:qemu-devel-request@nongnu.org?subject=help>
List-Subscribe: <http://lists.nongnu.org/mailman/listinfo/qemu-devel>,
	<mailto:qemu-devel-request@nongnu.org?subject=subscribe>
To: qemu-devel@nongnu.org
Cc: l_indien@magic.fr, aurelien@aurel32.net

This fixes the following race condition:
1. target handles an interrupt and begins to EOI
2. device raises an interrupt, setting UIC SR
3. target finishes EOI by clearing SR bit

On hardware, a device with a level-triggered interrupt would instantly
re-assert SR after step 3, so we need to do the same.

Signed-off-by: Hollis Blanchard <hollisb@us.ibm.com>

diff --git a/qemu/hw/ppc4xx_devs.c b/qemu/hw/ppc4xx_devs.c
--- a/qemu/hw/ppc4xx_devs.c
+++ b/qemu/hw/ppc4xx_devs.c
@@ -278,6 +278,7 @@
 struct ppcuic_t {
     uint32_t dcr_base;
     int use_vectors;
+    uint32_t level;  /* Remembers the state of level-triggered interrupts. */
     uint32_t uicsr;  /* Status register */
     uint32_t uicer;  /* Enable register */
     uint32_t uiccr;  /* Critical register */
@@ -385,10 +386,13 @@
             uic->uicsr |= mask;
     } else {
         /* Level sensitive interrupt */
-        if (level == 1)
+        if (level == 1) {
             uic->uicsr |= mask;
-        else
+            uic->level |= mask;
+        } else {
             uic->uicsr &= ~mask;
+            uic->level &= ~mask;
+        }
     }
 #ifdef DEBUG_UIC
     if (loglevel & CPU_LOG_INT) {
@@ -460,6 +464,7 @@
     switch (dcrn) {
     case DCR_UICSR:
         uic->uicsr &= ~val;
+        uic->uicsr |= uic->level;
         ppcuic_trigger_irq(uic);
         break;
     case DCR_UICSRS: