r3517 - in trunk/src/host/qemu-neo1973: . fpu hw linux-user target-arm target-i386 target-mips target-ppc target-sparc

andrew at sita.openmoko.org andrew at sita.openmoko.org
Mon Nov 26 23:42:52 CET 2007


Author: andrew
Date: 2007-11-26 23:42:26 +0100 (Mon, 26 Nov 2007)
New Revision: 3517

Added:
   trunk/src/host/qemu-neo1973/.gitignore
   trunk/src/host/qemu-neo1973/hw/mainstone.c
   trunk/src/host/qemu-neo1973/hw/ssi-sd.c
   trunk/src/host/qemu-neo1973/hw/stellaris_enet.c
   trunk/src/host/qemu-neo1973/target-ppc/op_mem_access.h
Modified:
   trunk/src/host/qemu-neo1973/Makefile
   trunk/src/host/qemu-neo1973/Makefile.target
   trunk/src/host/qemu-neo1973/cpu-all.h
   trunk/src/host/qemu-neo1973/cpu-exec.c
   trunk/src/host/qemu-neo1973/exec.c
   trunk/src/host/qemu-neo1973/fpu/softfloat.c
   trunk/src/host/qemu-neo1973/fpu/softfloat.h
   trunk/src/host/qemu-neo1973/hw/arm-misc.h
   trunk/src/host/qemu-neo1973/hw/arm_gic.c
   trunk/src/host/qemu-neo1973/hw/armv7m_nvic.c
   trunk/src/host/qemu-neo1973/hw/boards.h
   trunk/src/host/qemu-neo1973/hw/gumstix.c
   trunk/src/host/qemu-neo1973/hw/iommu.c
   trunk/src/host/qemu-neo1973/hw/mcf_uart.c
   trunk/src/host/qemu-neo1973/hw/mips_malta.c
   trunk/src/host/qemu-neo1973/hw/omap.c
   trunk/src/host/qemu-neo1973/hw/omap.h
   trunk/src/host/qemu-neo1973/hw/omap_mmc.c
   trunk/src/host/qemu-neo1973/hw/pl011.c
   trunk/src/host/qemu-neo1973/hw/pl061.c
   trunk/src/host/qemu-neo1973/hw/pl181.c
   trunk/src/host/qemu-neo1973/hw/ppc.c
   trunk/src/host/qemu-neo1973/hw/ppc405_uc.c
   trunk/src/host/qemu-neo1973/hw/ppc4xx_devs.c
   trunk/src/host/qemu-neo1973/hw/ppc_chrp.c
   trunk/src/host/qemu-neo1973/hw/ppc_oldworld.c
   trunk/src/host/qemu-neo1973/hw/ppc_prep.c
   trunk/src/host/qemu-neo1973/hw/primecell.h
   trunk/src/host/qemu-neo1973/hw/pxa2xx_mmci.c
   trunk/src/host/qemu-neo1973/hw/s3c24xx_mmci.c
   trunk/src/host/qemu-neo1973/hw/sd.c
   trunk/src/host/qemu-neo1973/hw/sd.h
   trunk/src/host/qemu-neo1973/hw/serial.c
   trunk/src/host/qemu-neo1973/hw/slavio_serial.c
   trunk/src/host/qemu-neo1973/hw/ssd0323.c
   trunk/src/host/qemu-neo1973/hw/stellaris.c
   trunk/src/host/qemu-neo1973/hw/tsc210x.c
   trunk/src/host/qemu-neo1973/linux-user/main.c
   trunk/src/host/qemu-neo1973/linux-user/syscall_defs.h
   trunk/src/host/qemu-neo1973/qemu-char.h
   trunk/src/host/qemu-neo1973/qemu-doc.texi
   trunk/src/host/qemu-neo1973/qemu-tech.texi
   trunk/src/host/qemu-neo1973/target-arm/helper.c
   trunk/src/host/qemu-neo1973/target-i386/helper2.c
   trunk/src/host/qemu-neo1973/target-mips/helper.c
   trunk/src/host/qemu-neo1973/target-mips/translate.c
   trunk/src/host/qemu-neo1973/target-mips/translate_init.c
   trunk/src/host/qemu-neo1973/target-ppc/cpu.h
   trunk/src/host/qemu-neo1973/target-ppc/exec.h
   trunk/src/host/qemu-neo1973/target-ppc/helper.c
   trunk/src/host/qemu-neo1973/target-ppc/op_helper.c
   trunk/src/host/qemu-neo1973/target-ppc/op_helper.h
   trunk/src/host/qemu-neo1973/target-ppc/op_helper_mem.h
   trunk/src/host/qemu-neo1973/target-ppc/op_mem.h
   trunk/src/host/qemu-neo1973/target-ppc/translate.c
   trunk/src/host/qemu-neo1973/target-ppc/translate_init.c
   trunk/src/host/qemu-neo1973/target-sparc/cpu.h
   trunk/src/host/qemu-neo1973/target-sparc/exec.h
   trunk/src/host/qemu-neo1973/target-sparc/fop_template.h
   trunk/src/host/qemu-neo1973/target-sparc/op.c
   trunk/src/host/qemu-neo1973/target-sparc/op_helper.c
   trunk/src/host/qemu-neo1973/target-sparc/op_mem.h
   trunk/src/host/qemu-neo1973/target-sparc/translate.c
   trunk/src/host/qemu-neo1973/vl.c
Log:
Sync from cvs.savannah.nongnu.org.


Added: trunk/src/host/qemu-neo1973/.gitignore
===================================================================
--- trunk/src/host/qemu-neo1973/.gitignore	2007-11-26 19:46:49 UTC (rev 3516)
+++ trunk/src/host/qemu-neo1973/.gitignore	2007-11-26 22:42:26 UTC (rev 3517)
@@ -0,0 +1,48 @@
+CVS
+*.orig
+*.rej
+arm-softmmu
+arm-linux-user
+armeb-linux-user
+alpha-softmmu
+alpha-linux-user
+i386-softmmu
+i386-linux-user
+i386-softmmu
+i386-linux-user
+x86_64-softmmu
+x86_64-linux-user
+m68k-softmmu
+m68k-linux-user
+ppc-softmmu
+ppc-linux-user
+ppc64-softmmu
+ppc64-linux-user
+ppcemb-softmmu
+ppc64abi32-linux-user
+ppcemb-linux-user
+sparc-softmmu
+sparc-linux-user
+sparc32plus-linux-user
+sparc64-linux-user
+mips-softmmu
+mipsel-softmmu
+mips64-softmmu
+mips64el-softmmu
+mips-linux-user
+mipsel-linux-user
+sh4-linux-user
+sh4-softmmu
+cris-linux-user
+cris-softmmu
+qemu-img
+qemu-img.1
+qemu.1
+qemu-img.pod
+qemu.pod
+qemu-tech.html
+qemu-doc.html
+dyngen
+config-host.h
+config-host.mak
+*.d

Modified: trunk/src/host/qemu-neo1973/Makefile
===================================================================
--- trunk/src/host/qemu-neo1973/Makefile	2007-11-26 19:46:49 UTC (rev 3516)
+++ trunk/src/host/qemu-neo1973/Makefile	2007-11-26 22:42:26 UTC (rev 3517)
@@ -59,6 +59,7 @@
 OBJS+=scsi-disk.o cdrom.o
 OBJS+=usb.o usb-hub.o usb-linux.o usb-linux-gadget.o
 OBJS+=usb-hid.o usb-msd.o usb-wacom.o usb-net.o usb-bt.o
+OBJS+=sd.o ssi-sd.o
 
 ifdef CONFIG_WIN32
 OBJS+=tap-win32.o

Modified: trunk/src/host/qemu-neo1973/Makefile.target
===================================================================
--- trunk/src/host/qemu-neo1973/Makefile.target	2007-11-26 19:46:49 UTC (rev 3516)
+++ trunk/src/host/qemu-neo1973/Makefile.target	2007-11-26 22:42:26 UTC (rev 3517)
@@ -496,15 +496,15 @@
 ifeq ($(TARGET_BASE_ARCH), arm)
 VL_OBJS+= integratorcp.o versatilepb.o ps2.o smc91c111.o arm_pic.o arm_timer.o
 VL_OBJS+= arm_boot.o pl011.o pl031.o pl050.o pl080.o pl110.o pl181.o pl190.o
-VL_OBJS+= versatile_pci.o sd.o ptimer.o
+VL_OBJS+= versatile_pci.o ptimer.o
 VL_OBJS+= realview_gic.o realview.o arm_sysctl.o mpcore.o
-VL_OBJS+= armv7m.o armv7m_nvic.o stellaris.o pl022.o
+VL_OBJS+= armv7m.o armv7m_nvic.o stellaris.o pl022.o stellaris_enet.o
 VL_OBJS+= pl061.o
 VL_OBJS+= arm-semi.o
 VL_OBJS+= pxa2xx.o pxa2xx_pic.o pxa2xx_gpio.o pxa2xx_timer.o pxa2xx_dma.o
 VL_OBJS+= pxa2xx_lcd.o pxa2xx_mmci.o pxa2xx_pcmcia.o
 VL_OBJS+= pflash_cfi01.o gumstix.o
-VL_OBJS+= spitz.o ide.o serial.o nand.o ecc.o
+VL_OBJS+= spitz.o ide.o serial.o nand.o ecc.o mainstone.o
 VL_OBJS+= s3c2410.o s3c24xx_gpio.o s3c24xx_lcd.o s3c24xx_mmci.o s3c24xx_rtc.o
 VL_OBJS+= s3c24xx_udc.o
 VL_OBJS+= neo1973.o jbt6k74.o gps.o $(GSM_OBJS) modem.o

Modified: trunk/src/host/qemu-neo1973/cpu-all.h
===================================================================
--- trunk/src/host/qemu-neo1973/cpu-all.h	2007-11-26 19:46:49 UTC (rev 3516)
+++ trunk/src/host/qemu-neo1973/cpu-all.h	2007-11-26 22:42:26 UTC (rev 3517)
@@ -135,6 +135,36 @@
     uint64_t ll;
 } CPU_DoubleU;
 
+#ifdef TARGET_SPARC
+typedef union {
+    float128 q;
+#if defined(WORDS_BIGENDIAN) \
+    || (defined(__arm__) && !defined(__VFP_FP__) && !defined(CONFIG_SOFTFLOAT))
+    struct {
+        uint32_t upmost;
+        uint32_t upper;
+        uint32_t lower;
+        uint32_t lowest;
+    } l;
+    struct {
+        uint64_t upper;
+        uint64_t lower;
+    } ll;
+#else
+    struct {
+        uint32_t lowest;
+        uint32_t lower;
+        uint32_t upper;
+        uint32_t upmost;
+    } l;
+    struct {
+        uint64_t lower;
+        uint64_t upper;
+    } ll;
+#endif
+} CPU_QuadU;
+#endif
+
 /* CPU memory access without any memory or io remapping */
 
 /*
@@ -706,7 +736,6 @@
     __attribute__ ((__noreturn__));
 extern CPUState *first_cpu;
 extern CPUState *cpu_single_env;
-extern int env_pending_request;
 extern int code_copy_enabled;
 
 #define CPU_INTERRUPT_EXIT   0x01 /* wants exit from main loop */

Modified: trunk/src/host/qemu-neo1973/cpu-exec.c
===================================================================
--- trunk/src/host/qemu-neo1973/cpu-exec.c	2007-11-26 19:46:49 UTC (rev 3516)
+++ trunk/src/host/qemu-neo1973/cpu-exec.c	2007-11-26 22:42:26 UTC (rev 3517)
@@ -232,6 +232,11 @@
     return tb;
 }
 
+#if defined(__sparc__) && !defined(HOST_SOLARIS)
+#define BREAK_CHAIN tmp_T0 = 0
+#else
+#define BREAK_CHAIN T0 = 0
+#endif
 
 /* main execution loop */
 
@@ -258,11 +263,6 @@
 
     cpu_single_env = env1;
 
-    if (env_pending_request) {
-        cpu_interrupt(env1, env_pending_request);
-        env_pending_request = 0;
-    }
-
     /* first we save global registers */
 #define SAVE_HOST_REGS 1
 #include "hostregs_helper.h"
@@ -410,11 +410,7 @@
                         svm_check_intercept(SVM_EXIT_SMI);
                         env->interrupt_request &= ~CPU_INTERRUPT_SMI;
                         do_smm_enter();
-#if defined(__sparc__) && !defined(HOST_SOLARIS)
-                        tmp_T0 = 0;
-#else
-                        T0 = 0;
-#endif
+                        BREAK_CHAIN;
                     } else if ((interrupt_request & CPU_INTERRUPT_HARD) &&
                         (env->eflags & IF_MASK || env->hflags & HF_HIF_MASK) &&
                         !(env->hflags & HF_INHIBIT_IRQ_MASK)) {
@@ -428,11 +424,7 @@
                         do_interrupt(intno, 0, 0, 0, 1);
                         /* ensure that no TB jump will be modified as
                            the program flow was changed */
-#if defined(__sparc__) && !defined(HOST_SOLARIS)
-                        tmp_T0 = 0;
-#else
-                        T0 = 0;
-#endif
+                        BREAK_CHAIN;
 #if !defined(CONFIG_USER_ONLY)
                     } else if ((interrupt_request & CPU_INTERRUPT_VIRQ) &&
                         (env->eflags & IF_MASK) && !(env->hflags & HF_INHIBIT_IRQ_MASK)) {
@@ -446,12 +438,8 @@
 	                 do_interrupt(intno, 0, 0, -1, 1);
                          stl_phys(env->vm_vmcb + offsetof(struct vmcb, control.int_ctl),
                                   ldl_phys(env->vm_vmcb + offsetof(struct vmcb, control.int_ctl)) & ~V_IRQ_MASK);
-#if defined(__sparc__) && !defined(HOST_SOLARIS)
-                         tmp_T0 = 0;
-#else
-                         T0 = 0;
+                        BREAK_CHAIN;
 #endif
-#endif
                     }
 #elif defined(TARGET_PPC)
 #if 0
@@ -463,11 +451,7 @@
                         ppc_hw_interrupt(env);
                         if (env->pending_interrupts == 0)
                             env->interrupt_request &= ~CPU_INTERRUPT_HARD;
-#if defined(__sparc__) && !defined(HOST_SOLARIS)
-                        tmp_T0 = 0;
-#else
-                        T0 = 0;
-#endif
+                        BREAK_CHAIN;
                     }
 #elif defined(TARGET_MIPS)
                     if ((interrupt_request & CPU_INTERRUPT_HARD) &&
@@ -480,11 +464,7 @@
                         env->exception_index = EXCP_EXT_INTERRUPT;
                         env->error_code = 0;
                         do_interrupt(env);
-#if defined(__sparc__) && !defined(HOST_SOLARIS)
-                        tmp_T0 = 0;
-#else
-                        T0 = 0;
-#endif
+                        BREAK_CHAIN;
                     }
 #elif defined(TARGET_SPARC)
                     if ((interrupt_request & CPU_INTERRUPT_HARD) &&
@@ -501,11 +481,7 @@
 #if !defined(TARGET_SPARC64) && !defined(CONFIG_USER_ONLY)
                             cpu_check_irqs(env);
 #endif
-#if defined(__sparc__) && !defined(HOST_SOLARIS)
-                            tmp_T0 = 0;
-#else
-                            T0 = 0;
-#endif
+                        BREAK_CHAIN;
 			}
 		    } else if (interrupt_request & CPU_INTERRUPT_TIMER) {
 			//do_interrupt(0, 0, 0, 0, 0);
@@ -516,6 +492,7 @@
                         && !(env->uncached_cpsr & CPSR_F)) {
                         env->exception_index = EXCP_FIQ;
                         do_interrupt(env);
+                        BREAK_CHAIN;
                     }
                     /* ARMv7-M interrupt return works by loading a magic value
                        into the PC.  On real hardware the load causes the
@@ -531,17 +508,20 @@
                             || !(env->uncached_cpsr & CPSR_I))) {
                         env->exception_index = EXCP_IRQ;
                         do_interrupt(env);
+                        BREAK_CHAIN;
                     }
 #elif defined(TARGET_SH4)
 		    /* XXXXX */
 #elif defined(TARGET_ALPHA)
                     if (interrupt_request & CPU_INTERRUPT_HARD) {
                         do_interrupt(env);
+                        BREAK_CHAIN;
                     }
 #elif defined(TARGET_CRIS)
                     if (interrupt_request & CPU_INTERRUPT_HARD) {
                         do_interrupt(env);
 			env->interrupt_request &= ~CPU_INTERRUPT_HARD;
+                        BREAK_CHAIN;
                     }
 #elif defined(TARGET_M68K)
                     if (interrupt_request & CPU_INTERRUPT_HARD
@@ -554,6 +534,7 @@
                            first signalled.  */
                         env->exception_index = env->pending_vector;
                         do_interrupt(1);
+                        BREAK_CHAIN;
                     }
 #endif
                    /* Don't use the cached interupt_request value,
@@ -562,11 +543,7 @@
                         env->interrupt_request &= ~CPU_INTERRUPT_EXITTB;
                         /* ensure that no TB jump will be modified as
                            the program flow was changed */
-#if defined(__sparc__) && !defined(HOST_SOLARIS)
-                        tmp_T0 = 0;
-#else
-                        T0 = 0;
-#endif
+                        BREAK_CHAIN;
                     }
                     if (interrupt_request & CPU_INTERRUPT_EXIT) {
                         env->interrupt_request &= ~CPU_INTERRUPT_EXIT;

Modified: trunk/src/host/qemu-neo1973/exec.c
===================================================================
--- trunk/src/host/qemu-neo1973/exec.c	2007-11-26 19:46:49 UTC (rev 3516)
+++ trunk/src/host/qemu-neo1973/exec.c	2007-11-26 22:42:26 UTC (rev 3517)
@@ -96,7 +96,6 @@
 /* current CPU in the current thread. It is only valid inside
    cpu_exec() */
 CPUState *cpu_single_env;
-int env_pending_request;
 
 typedef struct PageDesc {
     /* list of TBs intersecting this ram page */
@@ -1195,12 +1194,6 @@
     TranslationBlock *tb;
     static int interrupt_lock;
 
-    /* cause an interrupt in the first cpu that tries to start running */
-    if (!env) {
-        env_pending_request |= mask;
-        return;
-    }
-
     env->interrupt_request |= mask;
     /* if the cpu is currently executing code, we must unlink it and
        all the potentially executing TB */
@@ -1288,8 +1281,10 @@
 void cpu_abort(CPUState *env, const char *fmt, ...)
 {
     va_list ap;
+    va_list ap2;
 
     va_start(ap, fmt);
+    va_copy(ap2, ap);
     fprintf(stderr, "qemu: fatal: ");
     vfprintf(stderr, fmt, ap);
     fprintf(stderr, "\n");
@@ -1305,7 +1300,7 @@
 #endif
     if (logfile) {
         fprintf(logfile, "qemu: fatal: ");
-        vfprintf(logfile, fmt, ap);
+        vfprintf(logfile, fmt, ap2);
         fprintf(logfile, "\n");
 #ifdef TARGET_I386
         cpu_dump_state(env, logfile, fprintf, X86_DUMP_FPU | X86_DUMP_CCOP);
@@ -1315,6 +1310,7 @@
         fflush(logfile);
         fclose(logfile);
     }
+    va_end(ap2);
     va_end(ap);
     abort();
 }

Modified: trunk/src/host/qemu-neo1973/fpu/softfloat.c
===================================================================
--- trunk/src/host/qemu-neo1973/fpu/softfloat.c	2007-11-26 19:46:49 UTC (rev 3516)
+++ trunk/src/host/qemu-neo1973/fpu/softfloat.c	2007-11-26 22:42:26 UTC (rev 3517)
@@ -3012,7 +3012,7 @@
         return 0;
     }
     av = float64_val(a);
-    bv = float64_val(a);
+    bv = float64_val(b);
     return ( av == bv ) || ( (bits64) ( ( av | bv )<<1 ) == 0 );
 
 }
@@ -3038,7 +3038,7 @@
     aSign = extractFloat64Sign( a );
     bSign = extractFloat64Sign( b );
     av = float64_val(a);
-    bv = float64_val(a);
+    bv = float64_val(b);
     if ( aSign != bSign ) return aSign || ( (bits64) ( ( av | bv )<<1 ) == 0 );
     return ( av == bv ) || ( aSign ^ ( av < bv ) );
 
@@ -3064,7 +3064,7 @@
     aSign = extractFloat64Sign( a );
     bSign = extractFloat64Sign( b );
     av = float64_val(a);
-    bv = float64_val(a);
+    bv = float64_val(b);
     if ( aSign != bSign ) return aSign && ( (bits64) ( ( av | bv )<<1 ) != 0 );
     return ( av != bv ) && ( aSign ^ ( av < bv ) );
 
@@ -3088,7 +3088,7 @@
         return 0;
     }
     av = float64_val(a);
-    bv = float64_val(a);
+    bv = float64_val(b);
     return ( av == bv ) || ( (bits64) ( ( av | bv )<<1 ) == 0 );
 
 }
@@ -3116,7 +3116,7 @@
     aSign = extractFloat64Sign( a );
     bSign = extractFloat64Sign( b );
     av = float64_val(a);
-    bv = float64_val(a);
+    bv = float64_val(b);
     if ( aSign != bSign ) return aSign || ( (bits64) ( ( av | bv )<<1 ) == 0 );
     return ( av == bv ) || ( aSign ^ ( av < bv ) );
 
@@ -3145,7 +3145,7 @@
     aSign = extractFloat64Sign( a );
     bSign = extractFloat64Sign( b );
     av = float64_val(a);
-    bv = float64_val(a);
+    bv = float64_val(b);
     if ( aSign != bSign ) return aSign && ( (bits64) ( ( av | bv )<<1 ) != 0 );
     return ( av != bv ) && ( aSign ^ ( av < bv ) );
 
@@ -5391,7 +5391,7 @@
     aSign = extractFloat ## s ## Sign( a );                                  \
     bSign = extractFloat ## s ## Sign( b );                                  \
     av = float ## s ## _val(a);                                              \
-    bv = float ## s ## _val(a);                                              \
+    bv = float ## s ## _val(b);                                              \
     if ( aSign != bSign ) {                                                  \
         if ( (bits ## s) ( ( av | bv )<<1 ) == 0 ) {                         \
             /* zero case */                                                  \
@@ -5421,6 +5421,50 @@
 COMPARE(32, 0xff)
 COMPARE(64, 0x7ff)
 
+INLINE int float128_compare_internal( float128 a, float128 b,
+                                      int is_quiet STATUS_PARAM )
+{
+    flag aSign, bSign;
+
+    if (( ( extractFloat128Exp( a ) == 0x7fff ) &&
+          ( extractFloat128Frac0( a ) | extractFloat128Frac1( a ) ) ) ||
+        ( ( extractFloat128Exp( b ) == 0x7fff ) &&
+          ( extractFloat128Frac0( b ) | extractFloat128Frac1( b ) ) )) {
+        if (!is_quiet ||
+            float128_is_signaling_nan( a ) ||
+            float128_is_signaling_nan( b ) ) {
+            float_raise( float_flag_invalid STATUS_VAR);
+        }
+        return float_relation_unordered;
+    }
+    aSign = extractFloat128Sign( a );
+    bSign = extractFloat128Sign( b );
+    if ( aSign != bSign ) {
+        if ( ( ( ( a.high | b.high )<<1 ) | a.low | b.low ) == 0 ) {
+            /* zero case */
+            return float_relation_equal;
+        } else {
+            return 1 - (2 * aSign);
+        }
+    } else {
+        if (a.low == b.low && a.high == b.high) {
+            return float_relation_equal;
+        } else {
+            return 1 - 2 * (aSign ^ ( lt128( a.high, a.low, b.high, b.low ) ));
+        }
+    }
+}
+
+int float128_compare( float128 a, float128 b STATUS_PARAM )
+{
+    return float128_compare_internal(a, b, 0 STATUS_VAR);
+}
+
+int float128_compare_quiet( float128 a, float128 b STATUS_PARAM )
+{
+    return float128_compare_internal(a, b, 1 STATUS_VAR);
+}
+
 /* Multiply A by 2 raised to the power N.  */
 float32 float32_scalbn( float32 a, int n STATUS_PARAM )
 {

Modified: trunk/src/host/qemu-neo1973/fpu/softfloat.h
===================================================================
--- trunk/src/host/qemu-neo1973/fpu/softfloat.h	2007-11-26 19:46:49 UTC (rev 3516)
+++ trunk/src/host/qemu-neo1973/fpu/softfloat.h	2007-11-26 22:42:26 UTC (rev 3517)
@@ -415,6 +415,8 @@
 int float128_eq_signaling( float128, float128 STATUS_PARAM );
 int float128_le_quiet( float128, float128 STATUS_PARAM );
 int float128_lt_quiet( float128, float128 STATUS_PARAM );
+int float128_compare( float128, float128 STATUS_PARAM );
+int float128_compare_quiet( float128, float128 STATUS_PARAM );
 int float128_is_nan( float128 );
 int float128_is_signaling_nan( float128 );
 float128 float128_scalbn( float128, int STATUS_PARAM );

Modified: trunk/src/host/qemu-neo1973/hw/arm-misc.h
===================================================================
--- trunk/src/host/qemu-neo1973/hw/arm-misc.h	2007-11-26 19:46:49 UTC (rev 3516)
+++ trunk/src/host/qemu-neo1973/hw/arm-misc.h	2007-11-26 22:42:26 UTC (rev 3517)
@@ -27,6 +27,10 @@
                      int board_id, target_phys_addr_t loader_start);
 
 /* armv7m_nvic.c */
+int system_clock_scale;
 qemu_irq *armv7m_nvic_init(CPUState *env);
 
+/* stellaris_enent.c */
+void stellaris_enet_init(NICInfo *nd, uint32_t base, qemu_irq irq);
+
 #endif /* !ARM_MISC_H */

Modified: trunk/src/host/qemu-neo1973/hw/arm_gic.c
===================================================================
--- trunk/src/host/qemu-neo1973/hw/arm_gic.c	2007-11-26 19:46:49 UTC (rev 3516)
+++ trunk/src/host/qemu-neo1973/hw/arm_gic.c	2007-11-26 22:42:26 UTC (rev 3517)
@@ -638,7 +638,7 @@
         s->cpu_enabled[i] = 0;
 #endif
     }
-    for (i = 0; i < 15; i++) {
+    for (i = 0; i < 16; i++) {
         GIC_SET_ENABLED(i);
         GIC_SET_TRIGGER(i);
     }

Modified: trunk/src/host/qemu-neo1973/hw/armv7m_nvic.c
===================================================================
--- trunk/src/host/qemu-neo1973/hw/armv7m_nvic.c	2007-11-26 19:46:49 UTC (rev 3516)
+++ trunk/src/host/qemu-neo1973/hw/armv7m_nvic.c	2007-11-26 22:42:26 UTC (rev 3517)
@@ -14,7 +14,9 @@
 #include "qemu-timer.h"
 #include "arm-misc.h"
 
-#define GIC_NIRQ 64
+/* 32 internal lines (16 used for system exceptions) plus 64 external
+   interrupt lines.  */
+#define GIC_NIRQ 96
 #define NCPU 1
 #define NVIC 1
 
@@ -48,14 +50,15 @@
 #define SYSTICK_CLKSOURCE (1 << 2)
 #define SYSTICK_COUNTFLAG (1 << 16)
 
-/* Conversion factor from qemu timer to SysTick frequencies.
-   QEMU uses a base of 1GHz, so these give 20MHz and 1MHz for core and
-   reference frequencies.  */
+/* Multiplication factor to convert from system clock ticks to qemu timer
+   ticks.  */
+int system_clock_scale;
 
+/* Conversion factor from qemu timer to SysTick frequencies.  */
 static inline int64_t systick_scale(nvic_state *s)
 {
     if (s->systick.control & SYSTICK_CLKSOURCE)
-        return 50;
+        return system_clock_scale;
     else
         return 1000;
 }

Modified: trunk/src/host/qemu-neo1973/hw/boards.h
===================================================================
--- trunk/src/host/qemu-neo1973/hw/boards.h	2007-11-26 19:46:49 UTC (rev 3516)
+++ trunk/src/host/qemu-neo1973/hw/boards.h	2007-11-26 22:42:26 UTC (rev 3517)
@@ -81,6 +81,7 @@
 
 /* gumstix.c */
 extern QEMUMachine connex_machine;
+extern QEMUMachine verdex_machine;
 
 /* stellaris.c */
 extern QEMUMachine lm3s811evb_machine;
@@ -95,4 +96,7 @@
 /* dummy_m68k.c */
 extern QEMUMachine dummy_m68k_machine;
 
+/* mainstone.c */
+extern QEMUMachine mainstone2_machine;
+
 #endif

Modified: trunk/src/host/qemu-neo1973/hw/gumstix.c
===================================================================
--- trunk/src/host/qemu-neo1973/hw/gumstix.c	2007-11-26 19:46:49 UTC (rev 3516)
+++ trunk/src/host/qemu-neo1973/hw/gumstix.c	2007-11-26 22:42:26 UTC (rev 3517)
@@ -7,6 +7,29 @@
  *
  * This code is licensed under the GNU GPL v2.
  */
+ 
+/* 
+ * Example usage:
+ * 
+ * connex:
+ * =======
+ * create image:
+ * # dd of=flash bs=1k count=16k if=/dev/zero
+ * # dd of=flash bs=1k conv=notrunc if=u-boot.bin
+ * # dd of=flash bs=1k conv=notrunc seek=256 if=rootfs.arm_nofpu.jffs2
+ * start it:
+ * # qemu-system-arm -M connex -pflash flash -monitor null -nographic
+ *
+ * verdex:
+ * =======
+ * create image:
+ * # dd of=flash bs=1k count=32k if=/dev/zero
+ * # dd of=flash bs=1k conv=notrunc if=u-boot.bin
+ * # dd of=flash bs=1k conv=notrunc seek=256 if=rootfs.arm_nofpu.jffs2
+ * # dd of=flash bs=1k conv=notrunc seek=31744 if=uImage
+ * start it:
+ * # qemu-system-arm -M verdex -pflash flash -monitor null -nographic -m 289
+ */
 
 #include "hw.h"
 #include "pxa.h"
@@ -16,26 +39,25 @@
 #include "devices.h"
 #include "boards.h"
 
-/* Board init. */
-enum gumstix_model_e { connex };
+static const int sector_len = 128 * 1024;
 
-static void gumstix_common_init(int ram_size, int vga_ram_size,
-                DisplayState *ds, const char *kernel_filename,
-                const char *kernel_cmdline, const char *initrd_filename,
-                const char *cpu_model, enum gumstix_model_e model)
+static void connex_init(int ram_size, int vga_ram_size,
+                const char *boot_device, DisplayState *ds,
+                const char *kernel_filename, const char *kernel_cmdline,
+                const char *initrd_filename, const char *cpu_model)
 {
     struct pxa2xx_state_s *cpu;
 
-    uint32_t gumstix_rom = 0x02000000;
-    uint32_t gumstix_ram = 0x08000000;
+    uint32_t connex_rom = 0x01000000;
+    uint32_t connex_ram = 0x04000000;
 
-    if (ram_size < (gumstix_ram + gumstix_rom + PXA2XX_INTERNAL_SIZE)) {
+    if (ram_size < (connex_ram + connex_rom + PXA2XX_INTERNAL_SIZE)) {
         fprintf(stderr, "This platform requires %i bytes of memory\n",
-                gumstix_ram + gumstix_rom + PXA2XX_INTERNAL_SIZE);
+                connex_ram + connex_rom + PXA2XX_INTERNAL_SIZE);
         exit(1);
     }
 
-    cpu = pxa255_init(gumstix_ram, ds);
+    cpu = pxa255_init(connex_ram, ds);
 
     if (pflash_table[0] == NULL) {
         fprintf(stderr, "A flash image must be given with the "
@@ -43,9 +65,10 @@
         exit(1);
     }
 
-    if (!pflash_register(0x00000000, gumstix_ram + PXA2XX_INTERNAL_SIZE,
-            pflash_table[0], 128 * 1024, 128, 2, 0, 0, 0, 0)) {
-        fprintf(stderr, "qemu: Error register flash memory.\n");
+    if (!pflash_register(0x00000000, qemu_ram_alloc(connex_rom),
+            pflash_table[0], sector_len, connex_rom / sector_len,
+            2, 0, 0, 0, 0)) {
+        fprintf(stderr, "qemu: Error registering flash memory.\n");
         exit(1);
     }
 
@@ -56,13 +79,42 @@
                     pxa2xx_gpio_in_get(cpu->gpio)[36]);
 }
 
-static void connex_init(int ram_size, int vga_ram_size,
+static void verdex_init(int ram_size, int vga_ram_size,
                 const char *boot_device, DisplayState *ds,
                 const char *kernel_filename, const char *kernel_cmdline,
                 const char *initrd_filename, const char *cpu_model)
 {
-    gumstix_common_init(ram_size, vga_ram_size, ds, kernel_filename,
-                kernel_cmdline, initrd_filename, cpu_model, connex);
+    struct pxa2xx_state_s *cpu;
+
+    uint32_t verdex_rom = 0x02000000;
+    uint32_t verdex_ram = 0x10000000;
+
+    if (ram_size < (verdex_ram + verdex_rom + PXA2XX_INTERNAL_SIZE)) {
+        fprintf(stderr, "This platform requires %i bytes of memory\n",
+                verdex_ram + verdex_rom + PXA2XX_INTERNAL_SIZE);
+        exit(1);
+    }
+
+    cpu = pxa270_init(verdex_ram, ds, cpu_model ?: "pxa270-c0");
+
+    if (pflash_table[0] == NULL) {
+        fprintf(stderr, "A flash image must be given with the "
+                "'pflash' parameter\n");
+        exit(1);
+    }
+
+    if (!pflash_register(0x00000000, qemu_ram_alloc(verdex_rom),
+            pflash_table[0], sector_len, verdex_rom / sector_len,
+            2, 0, 0, 0, 0)) {
+        fprintf(stderr, "qemu: Error registering flash memory.\n");
+        exit(1);
+    }
+
+    cpu->env->regs[15] = 0x00000000;
+
+    /* Interrupt line of NIC is connected to GPIO line 99 */
+    smc91c111_init(&nd_table[0], 0x04000300,
+                    pxa2xx_gpio_in_get(cpu->gpio)[99]);
 }
 
 QEMUMachine connex_machine = {
@@ -70,3 +122,9 @@
     "Gumstix Connex (PXA255)",
     connex_init,
 };
+
+QEMUMachine verdex_machine = {
+    "verdex",
+    "Gumstix Verdex (PXA270)",
+    verdex_init,
+};

Modified: trunk/src/host/qemu-neo1973/hw/iommu.c
===================================================================
--- trunk/src/host/qemu-neo1973/hw/iommu.c	2007-11-26 19:46:49 UTC (rev 3516)
+++ trunk/src/host/qemu-neo1973/hw/iommu.c	2007-11-26 22:42:26 UTC (rev 3517)
@@ -311,6 +311,7 @@
     s->iostart = 0;
     s->regs[IOMMU_CTRL] = s->version;
     s->regs[IOMMU_ARBEN] = IOMMU_MID;
+    s->regs[IOMMU_AFSR] = 0x00800000;
 }
 
 void *iommu_init(target_phys_addr_t addr, uint32_t version)

Added: trunk/src/host/qemu-neo1973/hw/mainstone.c
===================================================================
--- trunk/src/host/qemu-neo1973/hw/mainstone.c	2007-11-26 19:46:49 UTC (rev 3516)
+++ trunk/src/host/qemu-neo1973/hw/mainstone.c	2007-11-26 22:42:26 UTC (rev 3517)
@@ -0,0 +1,306 @@
+/*
+ * PXA270-based Intel Mainstone platforms.
+ *
+ * Copyright (c) 2007 by Armin Kuster <akuster at kama-aina.net> or
+ *                                    <akuster at mvista.com>
+ *
+ * Code based on spitz platform by Andrzej Zaborowski <balrog at zabor.org>
+ *
+ * This code is licensed under the GNU GPL v2.
+ */
+#include "hw.h"
+#include "pxa.h"
+#include "arm-misc.h"
+#include "net.h"
+#include "devices.h"
+#include "boards.h"
+
+#define MST_ETH_PHYS	0x10000300
+#define MST_FPGA_PHYS	0x08000000
+
+/* Mainstone FPGA for extern irqs */
+#define FPGA_GPIO_PIN	0
+#define MST_NUM_IRQS	16
+#define MST_BASE	MST_FPGA_PHYS
+#define MST_LEDDAT1	0x10
+#define MST_LEDDAT2	0x14
+#define MST_LEDCTRL	0x40
+#define MST_GPSWR	0x60
+#define MST_MSCWR1	0x80
+#define MST_MSCWR2	0x84
+#define MST_MSCWR3	0x88
+#define MST_MSCRD	0x90
+#define MST_INTMSKENA	0xc0
+#define MST_INTSETCLR	0xd0
+#define MST_PCMCIA0	0xe0
+#define MST_PCMCIA1	0xe4
+
+/* IRQ definitions */
+#define ETHERNET_IRQ	3
+
+typedef struct mst_irq_state {
+    target_phys_addr_t target_base;
+    qemu_irq *parent;
+    qemu_irq *pins;
+
+    uint32_t prev_level;
+    uint32_t leddat1;
+    uint32_t leddat2;
+    uint32_t ledctrl;
+    uint32_t gpswr;
+    uint32_t mscwr1;
+    uint32_t mscwr2;
+    uint32_t mscwr3;
+    uint32_t mscrd;
+    uint32_t intmskena;
+    uint32_t intsetclr;
+    uint32_t pcmcia0;
+    uint32_t pcmcia1;
+} mst_irq_state;
+
+static void 
+mst_fpga_update_gpio(mst_irq_state *s)
+{
+    uint32_t level, diff;
+    int bit;
+    level = s->prev_level ^ s->intsetclr;
+
+    for (diff = s->prev_level ^ level; diff; diff ^= 1 << bit) {
+        bit = ffs(diff) - 1;
+        qemu_set_irq(s->pins[bit], (level >> bit) & 1 );
+    }
+    s->prev_level = level;
+}
+
+static void 
+mst_fpga_set_irq(void *opaque, int irq, int level)
+{
+    mst_irq_state *s = (mst_irq_state *)opaque;
+
+    if (level)
+        s->prev_level |= 1u << irq;
+    else
+        s->prev_level &= ~(1u << irq);
+
+    if(s->intmskena & (1u << irq)) {
+        s->intsetclr = 1u << irq;
+        qemu_set_irq(s->parent[0], level);
+    }
+}
+
+static uint32_t 
+mst_fpga_readb(void *opaque, target_phys_addr_t addr)
+{
+    mst_irq_state *s = (mst_irq_state *) opaque;
+    addr -= s->target_base;
+
+    switch (addr) {
+    case MST_LEDDAT1:
+        return s->leddat1;
+    case MST_LEDDAT2:
+        return s->leddat2;
+    case MST_LEDCTRL:
+        return s->ledctrl;
+    case MST_GPSWR:
+        return s->gpswr;
+    case MST_MSCWR1:
+        return s->mscwr1;
+    case MST_MSCWR2:
+        return s->mscwr2;
+    case MST_MSCWR3:
+        return s->mscwr3;
+    case MST_MSCRD:
+        return s->mscrd;
+    case MST_INTMSKENA:
+        return s->intmskena;
+    case MST_INTSETCLR:
+        return s->intsetclr;
+    case MST_PCMCIA0:
+        return s->pcmcia0;
+    case MST_PCMCIA1:
+        return s->pcmcia1;
+    default:
+        printf("Mainstone - mst_fpga_readb: Bad register offset " 
+                REG_FMT " \n", addr);
+    }
+    return 0;
+}
+
+static void 
+mst_fpga_writeb(void *opaque, target_phys_addr_t addr, uint32_t value)
+{
+    mst_irq_state *s = (mst_irq_state *) opaque;
+    addr -= s->target_base;
+    value &= 0xffffffff;
+
+    switch (addr) {
+    case MST_LEDDAT1:
+        s->leddat1 = value;
+        break;
+    case MST_LEDDAT2:
+        s->leddat2 = value;
+        break;
+    case MST_LEDCTRL:
+        s->ledctrl = value;
+        break;
+    case MST_GPSWR:
+        s->gpswr = value;
+        break;
+    case MST_MSCWR1:
+        s->mscwr1 = value;
+        break;
+    case MST_MSCWR2:
+        s->mscwr2 = value;
+        break;
+    case MST_MSCWR3:
+        s->mscwr3 = value;
+        break;
+    case MST_MSCRD:
+        s->mscrd =  value;
+        break;
+    case MST_INTMSKENA:	/* Mask interupt */
+        s->intmskena = (value & 0xFEEFF);
+        mst_fpga_update_gpio(s);
+        break;
+    case MST_INTSETCLR:	/* clear or set interrupt */
+        s->intsetclr = (value & 0xFEEFF);
+        break;
+    case MST_PCMCIA0:
+        s->pcmcia0 = value;
+        break;
+    case MST_PCMCIA1:
+        s->pcmcia1 = value;
+        break;
+    default:
+        printf("Mainstone - mst_fpga_writeb: Bad register offset "
+                REG_FMT " \n", addr);
+    }
+}
+
+CPUReadMemoryFunc *mst_fpga_readfn[] = {
+    mst_fpga_readb,
+    mst_fpga_readb,
+    mst_fpga_readb,
+};
+CPUWriteMemoryFunc *mst_fpga_writefn[] = {
+    mst_fpga_writeb,
+    mst_fpga_writeb,
+    mst_fpga_writeb,
+};
+
+static void 
+mst_fpga_save(QEMUFile *f, void *opaque)
+{
+    struct mst_irq_state *s = (mst_irq_state *) opaque;
+
+    qemu_put_be32s(f, &s->prev_level);
+    qemu_put_be32s(f, &s->leddat1);
+    qemu_put_be32s(f, &s->leddat2);
+    qemu_put_be32s(f, &s->ledctrl);
+    qemu_put_be32s(f, &s->gpswr);
+    qemu_put_be32s(f, &s->mscwr1);
+    qemu_put_be32s(f, &s->mscwr2);
+    qemu_put_be32s(f, &s->mscwr3);
+    qemu_put_be32s(f, &s->mscrd);
+    qemu_put_be32s(f, &s->intmskena);
+    qemu_put_be32s(f, &s->intsetclr);
+    qemu_put_be32s(f, &s->pcmcia0);
+    qemu_put_be32s(f, &s->pcmcia1);
+}
+
+static int 
+mst_fpga_load(QEMUFile *f, void *opaque, int version_id)
+{
+    mst_irq_state *s = (mst_irq_state *) opaque;
+
+    qemu_get_be32s(f, &s->prev_level);
+    qemu_get_be32s(f, &s->leddat1);
+    qemu_get_be32s(f, &s->leddat2);
+    qemu_get_be32s(f, &s->ledctrl);
+    qemu_get_be32s(f, &s->gpswr);
+    qemu_get_be32s(f, &s->mscwr1);
+    qemu_get_be32s(f, &s->mscwr2);
+    qemu_get_be32s(f, &s->mscwr3);
+    qemu_get_be32s(f, &s->mscrd);
+    qemu_get_be32s(f, &s->intmskena);
+    qemu_get_be32s(f, &s->intsetclr);
+    qemu_get_be32s(f, &s->pcmcia0);
+    qemu_get_be32s(f, &s->pcmcia1);
+    return 0;
+}
+
+static qemu_irq 
+*mst_irq_init(struct pxa2xx_state_s *cpu, uint32_t base, int irq)
+{
+    mst_irq_state *s;
+    int iomemtype;
+    qemu_irq *qi;
+
+    s = (mst_irq_state *) qemu_mallocz(sizeof(mst_irq_state));
+
+    if (!s)
+        return NULL;
+    s->target_base = base;
+    s->parent = &cpu->pic[irq];
+
+    /* alloc the external 16 irqs */
+    qi = qemu_allocate_irqs(mst_fpga_set_irq, s, MST_NUM_IRQS);
+    s->pins = qi;
+
+    iomemtype = cpu_register_io_memory(0, mst_fpga_readfn,
+                    mst_fpga_writefn, s);
+    cpu_register_physical_memory(MST_BASE, 0x00100000, iomemtype);
+    register_savevm("mainstone_fpga", 0, 0, mst_fpga_save, mst_fpga_load, s);
+    return qi;
+}
+
+enum mainstone_model_e { mainstone };
+
+static void mainstone_common_init(int ram_size, int vga_ram_size,
+                DisplayState *ds, const char *kernel_filename,
+                const char *kernel_cmdline, const char *initrd_filename,
+                const char *cpu_model, enum mainstone_model_e model, int arm_id)
+{
+    uint32_t mainstone_ram = 0x04000000;
+    uint32_t mainstone_rom = 0x00800000;
+    struct pxa2xx_state_s *cpu;
+    qemu_irq *mst_irq;
+
+    if (!cpu_model)
+        cpu_model = "pxa270-c5";
+
+    /* Setup CPU & memory */
+    if (ram_size < mainstone_ram + mainstone_rom + PXA2XX_INTERNAL_SIZE) {
+        fprintf(stderr, "This platform requires %i bytes of memory\n",
+                        mainstone_ram + mainstone_rom + PXA2XX_INTERNAL_SIZE);
+        exit(1);
+    }
+
+    cpu = pxa270_init(mainstone_ram, ds, cpu_model);
+    cpu_register_physical_memory(0, mainstone_rom,
+                    qemu_ram_alloc(mainstone_rom) | IO_MEM_ROM);
+
+    /* Setup initial (reset) machine state */
+    cpu->env->regs[15] = PXA2XX_SDRAM_BASE;
+
+    mst_irq = mst_irq_init(cpu, MST_BASE, PXA2XX_PIC_GPIO_0);
+    smc91c111_init(&nd_table[0], MST_ETH_PHYS, mst_irq[ETHERNET_IRQ]);
+
+    arm_load_kernel(cpu->env, mainstone_ram, kernel_filename, kernel_cmdline,
+                    initrd_filename, arm_id, PXA2XX_SDRAM_BASE);
+}
+
+static void mainstone_init(int ram_size, int vga_ram_size,
+                const char *boot_device, DisplayState *ds,
+                const char *kernel_filename, const char *kernel_cmdline,
+                const char *initrd_filename, const char *cpu_model)
+{
+    mainstone_common_init(ram_size, vga_ram_size, ds, kernel_filename,
+                kernel_cmdline, initrd_filename, cpu_model, mainstone, 0x196);
+}
+
+QEMUMachine mainstone2_machine = {
+    "mainstone",
+    "Mainstone II (PXA27x)",
+    mainstone_init,
+};

Modified: trunk/src/host/qemu-neo1973/hw/mcf_uart.c
===================================================================
--- trunk/src/host/qemu-neo1973/hw/mcf_uart.c	2007-11-26 19:46:49 UTC (rev 3516)
+++ trunk/src/host/qemu-neo1973/hw/mcf_uart.c	2007-11-26 22:42:26 UTC (rev 3517)
@@ -88,6 +88,7 @@
             if (s->fifo_len == 0)
                 s->sr &= ~MCF_UART_RxRDY;
             mcf_uart_update(s);
+            qemu_chr_accept_input(s->chr);
             return val;
         }
     case 0x10:

Modified: trunk/src/host/qemu-neo1973/hw/mips_malta.c
===================================================================
--- trunk/src/host/qemu-neo1973/hw/mips_malta.c	2007-11-26 19:46:49 UTC (rev 3516)
+++ trunk/src/host/qemu-neo1973/hw/mips_malta.c	2007-11-26 22:42:26 UTC (rev 3517)
@@ -24,6 +24,7 @@
 
 #include "hw.h"
 #include "pc.h"
+#include "fdc.h"
 #include "net.h"
 #include "boards.h"
 #include "smbus.h"
@@ -767,7 +768,7 @@
     PCIBus *pci_bus;
     CPUState *env;
     RTCState *rtc_state;
-    /* fdctrl_t *floppy_controller; */
+    fdctrl_t *floppy_controller;
     MaltaFPGAState *malta_fpga;
     int ret;
     qemu_irq *i8259;
@@ -882,9 +883,7 @@
         serial_init(0x2f8, i8259[3], serial_hds[1]);
     if (parallel_hds[0])
         parallel_init(0x378, i8259[7], parallel_hds[0]);
-    /* XXX: The floppy controller does not work correctly, something is
-       probably wrong.
-    floppy_controller = fdctrl_init(i8259[6], 2, 0, 0x3f0, fd_table); */
+    floppy_controller = fdctrl_init(i8259[6], 2, 0, 0x3f0, fd_table);
 
     /* Sound card */
 #ifdef HAS_AUDIO

Modified: trunk/src/host/qemu-neo1973/hw/omap.c
===================================================================
--- trunk/src/host/qemu-neo1973/hw/omap.c	2007-11-26 19:46:49 UTC (rev 3516)
+++ trunk/src/host/qemu-neo1973/hw/omap.c	2007-11-26 22:42:26 UTC (rev 3517)
@@ -4626,12 +4626,189 @@
     slave->tx_start = qemu_allocate_irqs(omap_mcbsp_i2s_start, s, 1)[0];
 }
 
+/* LED Pulse Generators */
+struct omap_lpg_s {
+    target_phys_addr_t base;
+    QEMUTimer *tm;
+
+    uint8_t control;
+    uint8_t power;
+    int64_t on;
+    int64_t period;
+    int clk;
+    int cycle;
+};
+
+static void omap_lpg_tick(void *opaque)
+{
+    struct omap_lpg_s *s = opaque;
+
+    if (s->cycle)
+        qemu_mod_timer(s->tm, qemu_get_clock(rt_clock) + s->period - s->on);
+    else
+        qemu_mod_timer(s->tm, qemu_get_clock(rt_clock) + s->on);
+
+    s->cycle = !s->cycle;
+    printf("%s: LED is %s\n", __FUNCTION__, s->cycle ? "on" : "off");
+}
+
+static void omap_lpg_update(struct omap_lpg_s *s)
+{
+    int64_t on, period = 1, ticks = 1000;
+    static const int per[8] = { 1, 2, 4, 8, 12, 16, 20, 24 };
+
+    if (~s->control & (1 << 6))					/* LPGRES */
+        on = 0;
+    else if (s->control & (1 << 7))				/* PERM_ON */
+        on = period;
+    else {
+        period = muldiv64(ticks, per[s->control & 7],		/* PERCTRL */
+                        256 / 32);
+        on = (s->clk && s->power) ? muldiv64(ticks,
+                        per[(s->control >> 3) & 7], 256) : 0;	/* ONCTRL */
+    }
+
+    qemu_del_timer(s->tm);
+    if (on == period && s->on < s->period)
+        printf("%s: LED is on\n", __FUNCTION__);
+    else if (on == 0 && s->on)
+        printf("%s: LED is off\n", __FUNCTION__);
+    else if (on && (on != s->on || period != s->period)) {
+        s->cycle = 0;
+        s->on = on;
+        s->period = period;
+        omap_lpg_tick(s);
+        return;
+    }
+
+    s->on = on;
+    s->period = period;
+}
+
+static void omap_lpg_reset(struct omap_lpg_s *s)
+{
+    s->control = 0x00;
+    s->power = 0x00;
+    s->clk = 1;
+    omap_lpg_update(s);
+}
+
+static uint32_t omap_lpg_read(void *opaque, target_phys_addr_t addr)
+{
+    struct omap_lpg_s *s = (struct omap_lpg_s *) opaque;
+    int offset = addr & OMAP_MPUI_REG_MASK;
+
+    switch (offset) {
+    case 0x00:	/* LCR */
+        return s->control;
+
+    case 0x04:	/* PMR */
+        return s->power;
+    }
+
+    OMAP_BAD_REG(addr);
+    return 0;
+}
+
+static void omap_lpg_write(void *opaque, target_phys_addr_t addr,
+                uint32_t value)
+{
+    struct omap_lpg_s *s = (struct omap_lpg_s *) opaque;
+    int offset = addr & OMAP_MPUI_REG_MASK;
+
+    switch (offset) {
+    case 0x00:	/* LCR */
+        if (~value & (1 << 6))					/* LPGRES */
+            omap_lpg_reset(s);
+        s->control = value & 0xff;
+        omap_lpg_update(s);
+        return;
+
+    case 0x04:	/* PMR */
+        s->power = value & 0x01;
+        omap_lpg_update(s);
+        return;
+
+    default:
+        OMAP_BAD_REG(addr);
+        return;
+    }
+}
+
+static CPUReadMemoryFunc *omap_lpg_readfn[] = {
+    omap_lpg_read,
+    omap_badwidth_read8,
+    omap_badwidth_read8,
+};
+
+static CPUWriteMemoryFunc *omap_lpg_writefn[] = {
+    omap_lpg_write,
+    omap_badwidth_write8,
+    omap_badwidth_write8,
+};
+
+static void omap_lpg_clk_update(void *opaque, int line, int on)
+{
+    struct omap_lpg_s *s = (struct omap_lpg_s *) opaque;
+
+    s->clk = on;
+    omap_lpg_update(s);
+}
+
+struct omap_lpg_s *omap_lpg_init(target_phys_addr_t base, omap_clk clk)
+{
+    int iomemtype;
+    struct omap_lpg_s *s = (struct omap_lpg_s *)
+            qemu_mallocz(sizeof(struct omap_lpg_s));
+
+    s->base = base;
+    s->tm = qemu_new_timer(rt_clock, omap_lpg_tick, s);
+
+    omap_lpg_reset(s);
+
+    iomemtype = cpu_register_io_memory(0, omap_lpg_readfn,
+                    omap_lpg_writefn, s);
+    cpu_register_physical_memory(s->base, 0x800, iomemtype);
+
+    omap_clk_adduser(clk, qemu_allocate_irqs(omap_lpg_clk_update, s, 1)[0]);
+
+    return s;
+}
+
+/* MPUI Peripheral Bridge configuration */
+static uint32_t omap_mpui_io_read(void *opaque, target_phys_addr_t addr)
+{
+    if (addr == OMAP_MPUI_BASE)	/* CMR */
+        return 0xfe4d;
+
+    OMAP_BAD_REG(addr);
+    return 0;
+}
+
+static CPUReadMemoryFunc *omap_mpui_io_readfn[] = {
+    omap_badwidth_read16,
+    omap_mpui_io_read,
+    omap_badwidth_read16,
+};
+
+static CPUWriteMemoryFunc *omap_mpui_io_writefn[] = {
+    omap_badwidth_write16,
+    omap_badwidth_write16,
+    omap_badwidth_write16,
+};
+
+static void omap_setup_mpui_io(struct omap_mpu_state_s *mpu)
+{
+    int iomemtype = cpu_register_io_memory(0, omap_mpui_io_readfn,
+                    omap_mpui_io_writefn, mpu);
+    cpu_register_physical_memory(OMAP_MPUI_BASE, 0x7fff, iomemtype);
+}
+
 /* General chip reset */
 static void omap_mpu_reset(void *opaque)
 {
     struct omap_mpu_state_s *mpu = (struct omap_mpu_state_s *) opaque;
 
-    omap_clkm_reset(mpu);
     omap_inth_reset(mpu->ih[0]);
     omap_inth_reset(mpu->ih[1]);
     omap_dma_reset(mpu->dma);
@@ -4663,6 +4840,9 @@
     omap_mcbsp_reset(mpu->mcbsp1);
     omap_mcbsp_reset(mpu->mcbsp2);
     omap_mcbsp_reset(mpu->mcbsp3);
+    omap_lpg_reset(mpu->led[0]);
+    omap_lpg_reset(mpu->led[1]);
+    omap_clkm_reset(mpu);
     cpu_reset(mpu->env);
 }
 
@@ -4846,6 +5026,9 @@
     s->mcbsp3 = omap_mcbsp_init(0xfffb7000, &s->irq[1][OMAP_INT_McBSP3TX],
                     &s->drq[OMAP_DMA_MCBSP3_TX], omap_findclk(s, "dspxor_ck"));
 
+    s->led[0] = omap_lpg_init(0xfffbd000, omap_findclk(s, "clk32-kHz"));
+    s->led[1] = omap_lpg_init(0xfffbd800, omap_findclk(s, "clk32-kHz"));
+
     /* Register mappings not currenlty implemented:
      * MCSI2 Comm	fffb2000 - fffb27ff (not mapped on OMAP310)
      * MCSI1 Bluetooth	fffb2800 - fffb2fff (not mapped on OMAP310)
@@ -4855,8 +5038,6 @@
      * FAC		fffba800 - fffbafff
      * HDQ/1-Wire	fffbc000 - fffbc7ff
      * TIPB switches	fffbc800 - fffbcfff
-     * LED1		fffbd000 - fffbd7ff
-     * LED2		fffbd800 - fffbdfff
      * Mailbox		fffcf000 - fffcf7ff
      * Local bus IF	fffec100 - fffec1ff
      * Local bus MMU	fffec200 - fffec2ff
@@ -4864,6 +5045,7 @@
      */
 
     omap_setup_dsp_mapping(omap15xx_dsp_mm);
+    omap_setup_mpui_io(s);
 
     qemu_register_reset(omap_mpu_reset, s);
 

Modified: trunk/src/host/qemu-neo1973/hw/omap.h
===================================================================
--- trunk/src/host/qemu-neo1973/hw/omap.h	2007-11-26 19:46:49 UTC (rev 3516)
+++ trunk/src/host/qemu-neo1973/hw/omap.h	2007-11-26 22:42:26 UTC (rev 3517)
@@ -508,6 +508,9 @@
                 qemu_irq *irq, qemu_irq *dma, omap_clk clk);
 void omap_mcbsp_i2s_attach(struct omap_mcbsp_s *s, struct i2s_codec_s *slave);
 
+struct omap_lpg_s;
+struct omap_lpg_s *omap_lpg_init(target_phys_addr_t base, omap_clk clk);
+
 /* omap_lcdc.c */
 struct omap_lcd_panel_s;
 void omap_lcdc_reset(struct omap_lcd_panel_s *s);
@@ -598,6 +601,8 @@
 
     struct omap_mcbsp_s *mcbsp2;
 
+    struct omap_lpg_s *led[2];
+
     /* MPU private TIPB peripherals */
     struct omap_intr_handler_s *ih[2];
 

Modified: trunk/src/host/qemu-neo1973/hw/omap_mmc.c
===================================================================
--- trunk/src/host/qemu-neo1973/hw/omap_mmc.c	2007-11-26 19:46:49 UTC (rev 3516)
+++ trunk/src/host/qemu-neo1973/hw/omap_mmc.c	2007-11-26 22:42:26 UTC (rev 3517)
@@ -525,7 +525,7 @@
     cpu_register_physical_memory(s->base, 0x800, iomemtype);
 
     /* Instantiate the storage */
-    s->card = sd_init(bd);
+    s->card = sd_init(bd, 0);
 
     return s;
 }

Modified: trunk/src/host/qemu-neo1973/hw/pl011.c
===================================================================
--- trunk/src/host/qemu-neo1973/hw/pl011.c	2007-11-26 19:46:49 UTC (rev 3516)
+++ trunk/src/host/qemu-neo1973/hw/pl011.c	2007-11-26 22:42:26 UTC (rev 3517)
@@ -78,6 +78,7 @@
         if (s->read_count == s->read_trigger - 1)
             s->int_level &= ~ PL011_INT_RX;
         pl011_update(s);
+        qemu_chr_accept_input(s->chr);
         return c;
     case 1: /* UARTCR */
         return 0;

Modified: trunk/src/host/qemu-neo1973/hw/pl061.c
===================================================================
--- trunk/src/host/qemu-neo1973/hw/pl061.c	2007-11-26 19:46:49 UTC (rev 3516)
+++ trunk/src/host/qemu-neo1973/hw/pl061.c	2007-11-26 22:42:26 UTC (rev 3517)
@@ -48,6 +48,7 @@
     uint8_t slr;
     uint8_t den;
     uint8_t cr;
+    uint8_t float_high;
     qemu_irq irq;
     qemu_irq out[8];
 } pl061_state;
@@ -56,18 +57,22 @@
 {
     uint8_t changed;
     uint8_t mask;
+    uint8_t out;
     int i;
 
-    changed = s->old_data ^ s->data;
+    /* Outputs float high.  */
+    /* FIXME: This is board dependent.  */
+    out = (s->data & s->dir) | ~s->dir;
+    changed = s->old_data ^ out;
     if (!changed)
         return;
 
-    s->old_data = s->data;
+    s->old_data = out;
     for (i = 0; i < 8; i++) {
         mask = 1 << i;
-        if ((changed & mask & s->dir) && s->out) {
-            DPRINTF("Set output %d = %d\n", i, (s->data & mask) != 0);
-            qemu_set_irq(s->out[i], (s->data & mask) != 0);
+        if ((changed & mask) && s->out) {
+            DPRINTF("Set output %d = %d\n", i, (out & mask) != 0);
+            qemu_set_irq(s->out[i], (out & mask) != 0);
         }
     }
 

Modified: trunk/src/host/qemu-neo1973/hw/pl181.c
===================================================================
--- trunk/src/host/qemu-neo1973/hw/pl181.c	2007-11-26 19:46:49 UTC (rev 3516)
+++ trunk/src/host/qemu-neo1973/hw/pl181.c	2007-11-26 22:42:26 UTC (rev 3517)
@@ -458,7 +458,7 @@
                                        pl181_writefn, s);
     cpu_register_physical_memory(base, 0x00001000, iomemtype);
     s->base = base;
-    s->card = sd_init(bd);
+    s->card = sd_init(bd, 0);
     s->irq[0] = irq0;
     s->irq[1] = irq1;
     qemu_register_reset(pl181_reset, s);

Modified: trunk/src/host/qemu-neo1973/hw/ppc.c
===================================================================
--- trunk/src/host/qemu-neo1973/hw/ppc.c	2007-11-26 19:46:49 UTC (rev 3516)
+++ trunk/src/host/qemu-neo1973/hw/ppc.c	2007-11-26 22:42:26 UTC (rev 3517)
@@ -48,8 +48,8 @@
     }
 #if defined(PPC_DEBUG_IRQ)
     if (loglevel & CPU_LOG_INT) {
-        fprintf(logfile, "%s: %p n_IRQ %d level %d => pending %08x req %08x\n",
-                __func__, env, n_IRQ, level,
+        fprintf(logfile, "%s: %p n_IRQ %d level %d => pending %08" PRIx32
+                "req %08x\n", __func__, env, n_IRQ, level,
                 env->pending_interrupts, env->interrupt_request);
     }
 #endif
@@ -457,7 +457,7 @@
     tb = cpu_ppc_get_tb(tb_env, qemu_get_clock(vm_clock), tb_env->tb_offset);
 #if defined(PPC_DEBUG_TB)
     if (loglevel != 0) {
-        fprintf(logfile, "%s: tb=0x%016lx\n", __func__, tb);
+        fprintf(logfile, "%s: tb %016" PRIx64 "\n", __func__, tb);
     }
 #endif
 
@@ -472,7 +472,7 @@
     tb = cpu_ppc_get_tb(tb_env, qemu_get_clock(vm_clock), tb_env->tb_offset);
 #if defined(PPC_DEBUG_TB)
     if (loglevel != 0) {
-        fprintf(logfile, "%s: tb=0x%016lx\n", __func__, tb);
+        fprintf(logfile, "%s: tb %016" PRIx64 "\n", __func__, tb);
     }
 #endif
 
@@ -491,8 +491,8 @@
     *tb_offsetp = value - muldiv64(vmclk, tb_env->tb_freq, ticks_per_sec);
 #ifdef PPC_DEBUG_TB
     if (loglevel != 0) {
-        fprintf(logfile, "%s: tb=0x%016lx offset=%08lx\n", __func__, value,
-                *tb_offsetp);
+        fprintf(logfile, "%s: tb %016" PRIx64 " offset %08" PRIx64 "\n",
+                __func__, value, *tb_offsetp);
     }
 #endif
 }
@@ -532,7 +532,7 @@
     tb = cpu_ppc_get_tb(tb_env, qemu_get_clock(vm_clock), tb_env->atb_offset);
 #if defined(PPC_DEBUG_TB)
     if (loglevel != 0) {
-        fprintf(logfile, "%s: tb=0x%016lx\n", __func__, tb);
+        fprintf(logfile, "%s: tb %016" PRIx64 "\n", __func__, tb);
     }
 #endif
 
@@ -547,7 +547,7 @@
     tb = cpu_ppc_get_tb(tb_env, qemu_get_clock(vm_clock), tb_env->atb_offset);
 #if defined(PPC_DEBUG_TB)
     if (loglevel != 0) {
-        fprintf(logfile, "%s: tb=0x%016lx\n", __func__, tb);
+        fprintf(logfile, "%s: tb %016" PRIx64 "\n", __func__, tb);
     }
 #endif
 
@@ -602,7 +602,7 @@
 {
     ppc_tb_t *tb_env = env->tb_env;
     uint64_t tb, atb, vmclk;
-    
+
     /* If the time base is not frozen, do nothing */
     if (tb_env->tb_freq == 0) {
         vmclk = qemu_get_clock(vm_clock);
@@ -633,7 +633,7 @@
         decr = -muldiv64(-diff, tb_env->decr_freq, ticks_per_sec);
 #if defined(PPC_DEBUG_TB)
     if (loglevel != 0) {
-        fprintf(logfile, "%s: 0x%08x\n", __func__, decr);
+        fprintf(logfile, "%s: %08" PRIx32 "\n", __func__, decr);
     }
 #endif
 
@@ -700,7 +700,8 @@
 
 #ifdef PPC_DEBUG_TB
     if (loglevel != 0) {
-        fprintf(logfile, "%s: 0x%08x => 0x%08x\n", __func__, decr, value);
+        fprintf(logfile, "%s: %08" PRIx32 " => %08" PRIx32 "\n", __func__,
+                decr, value);
     }
 #endif
     now = qemu_get_clock(vm_clock);
@@ -910,7 +911,7 @@
     } else {
 #ifdef PPC_DEBUG_TB
         if (loglevel != 0) {
-            fprintf(logfile, "%s: start PIT 0x" REGX "\n",
+            fprintf(logfile, "%s: start PIT %016" PRIx64 "\n",
                     __func__, ppcemb_timer->pit_reload);
         }
 #endif
@@ -1032,7 +1033,7 @@
     ppcemb_timer = tb_env->opaque;
 #ifdef PPC_DEBUG_TB
     if (loglevel != 0) {
-        fprintf(logfile, "%s %p %p\n", __func__, tb_env, ppcemb_timer);
+        fprintf(logfile, "%s val" ADDRX "\n", __func__, val);
     }
 #endif
     ppcemb_timer->pit_reload = val;
@@ -1048,7 +1049,7 @@
 {
 #ifdef PPC_DEBUG_TB
     if (loglevel != 0) {
-        fprintf(logfile, "%s: val=" ADDRX "\n", __func__, val);
+        fprintf(logfile, "%s: val " ADDRX "\n", __func__, val);
     }
 #endif
     env->spr[SPR_40x_TSR] &= ~(val & 0xFC000000);
@@ -1063,7 +1064,7 @@
     tb_env = env->tb_env;
 #ifdef PPC_DEBUG_TB
     if (loglevel != 0) {
-        fprintf(logfile, "%s: val=" ADDRX "\n", __func__, val);
+        fprintf(logfile, "%s: val " ADDRX "\n", __func__, val);
     }
 #endif
     env->spr[SPR_40x_TCR] = val & 0xFFC00000;
@@ -1078,7 +1079,8 @@
 
 #ifdef PPC_DEBUG_TB
     if (loglevel != 0) {
-        fprintf(logfile, "%s set new frequency to %u\n", __func__, freq);
+        fprintf(logfile, "%s set new frequency to %" PRIu32 "\n", __func__,
+                freq);
     }
 #endif
     tb_env->tb_freq = freq;
@@ -1102,8 +1104,7 @@
     tb_env->opaque = ppcemb_timer;
 #ifdef PPC_DEBUG_TB
     if (loglevel != 0) {
-        fprintf(logfile, "%s %p %p %p\n", __func__, tb_env, ppcemb_timer,
-                &ppc_emb_set_tb_clk);
+        fprintf(logfile, "%s freq %" PRIu32 "\n", __func__, freq);
     }
 #endif
     if (ppcemb_timer != NULL) {
@@ -1239,7 +1240,7 @@
         fflush(stdout);
         break;
     case 2:
-        printf("Set loglevel to %04x\n", val);
+        printf("Set loglevel to %04" PRIx32 "\n", val);
         cpu_set_log(val | 0x100);
         break;
     }

Modified: trunk/src/host/qemu-neo1973/hw/ppc405_uc.c
===================================================================
--- trunk/src/host/qemu-neo1973/hw/ppc405_uc.c	2007-11-26 19:46:49 UTC (rev 3516)
+++ trunk/src/host/qemu-neo1973/hw/ppc405_uc.c	2007-11-26 22:42:26 UTC (rev 3517)
@@ -40,7 +40,7 @@
 #define DEBUG_GPT
 #define DEBUG_MAL
 #define DEBUG_CLOCKS
-//#define DEBUG_UNASSIGNED
+//#define DEBUG_CLOCKS_LL
 
 ram_addr_t ppc405_set_bootinfo (CPUState *env, ppc4xx_bd_info_t *bd,
                                 uint32_t flags)
@@ -298,7 +298,7 @@
     ppc4xx_opba_t *opba;
 
 #ifdef DEBUG_OPBA
-    printf("%s: addr " PADDRX " val %08x\n", __func__, addr, value);
+    printf("%s: addr " PADDRX " val %08" PRIx32 "\n", __func__, addr, value);
 #endif
     opba = opaque;
     switch (addr - opba->base) {
@@ -330,7 +330,7 @@
                          target_phys_addr_t addr, uint32_t value)
 {
 #ifdef DEBUG_OPBA
-    printf("%s: addr " PADDRX " val %08x\n", __func__, addr, value);
+    printf("%s: addr " PADDRX " val %08" PRIx32 "\n", __func__, addr, value);
 #endif
     opba_writeb(opaque, addr, value >> 8);
     opba_writeb(opaque, addr + 1, value);
@@ -353,7 +353,7 @@
                          target_phys_addr_t addr, uint32_t value)
 {
 #ifdef DEBUG_OPBA
-    printf("%s: addr " PADDRX " val %08x\n", __func__, addr, value);
+    printf("%s: addr " PADDRX " val %08" PRIx32 "\n", __func__, addr, value);
 #endif
     opba_writeb(opaque, addr, value >> 24);
     opba_writeb(opaque, addr + 1, value >> 16);
@@ -389,7 +389,7 @@
     if (opba != NULL) {
         opba->base = offset;
 #ifdef DEBUG_OPBA
-        printf("%s: offset=" PADDRX "\n", __func__, offset);
+        printf("%s: offset " PADDRX "\n", __func__, offset);
 #endif
         ppc4xx_mmio_register(env, mmio, offset, 0x002,
                              opba_read, opba_write, opba);
@@ -429,6 +429,10 @@
     SDRAM0_CFGDATA = 0x011,
 };
 
+/* XXX: TOFIX: some patches have made this code become inconsistent:
+ *      there are type inconsistencies, mixing target_phys_addr_t, target_ulong
+ *      and uint32_t
+ */
 static uint32_t sdram_bcr (target_phys_addr_t ram_base,
                            target_phys_addr_t ram_size)
 {
@@ -457,8 +461,7 @@
         bcr = 0x000C0000;
         break;
     default:
-        printf("%s: invalid RAM size " TARGET_FMT_plx "\n",
-               __func__, ram_size);
+        printf("%s: invalid RAM size " PADDRX "\n", __func__, ram_size);
         return 0x00000000;
     }
     bcr |= ram_base & 0xFF800000;
@@ -491,7 +494,7 @@
     if (*bcrp & 0x00000001) {
         /* Unmap RAM */
 #ifdef DEBUG_SDRAM
-        printf("%s: unmap RAM area " TARGET_FMT_plx " " TARGET_FMT_lx "\n",
+        printf("%s: unmap RAM area " PADDRX " " ADDRX "\n",
                __func__, sdram_base(*bcrp), sdram_size(*bcrp));
 #endif
         cpu_register_physical_memory(sdram_base(*bcrp), sdram_size(*bcrp),
@@ -500,7 +503,7 @@
     *bcrp = bcr & 0xFFDEE001;
     if (enabled && (bcr & 0x00000001)) {
 #ifdef DEBUG_SDRAM
-        printf("%s: Map RAM area " TARGET_FMT_plx " " TARGET_FMT_lx "\n",
+        printf("%s: Map RAM area " PADDRX " " ADDRX "\n",
                __func__, sdram_base(bcr), sdram_size(bcr));
 #endif
         cpu_register_physical_memory(sdram_base(bcr), sdram_size(bcr),
@@ -529,7 +532,7 @@
 
     for (i = 0; i < sdram->nbanks; i++) {
 #ifdef DEBUG_SDRAM
-        printf("%s: Unmap RAM area " TARGET_FMT_plx " " TARGET_FMT_lx "\n",
+        printf("%s: Unmap RAM area " PADDRX " " ADDRX "\n",
                __func__, sdram_base(sdram->bcr[i]), sdram_size(sdram->bcr[i]));
 #endif
         cpu_register_physical_memory(sdram_base(sdram->bcr[i]),
@@ -1110,7 +1113,7 @@
 
     gpio = opaque;
 #ifdef DEBUG_GPIO
-    printf("%s: addr " PADDRX " val %08x\n", __func__, addr, value);
+    printf("%s: addr " PADDRX " val %08" PRIx32 "\n", __func__, addr, value);
 #endif
 }
 
@@ -1133,7 +1136,7 @@
 
     gpio = opaque;
 #ifdef DEBUG_GPIO
-    printf("%s: addr " PADDRX " val %08x\n", __func__, addr, value);
+    printf("%s: addr " PADDRX " val %08" PRIx32 "\n", __func__, addr, value);
 #endif
 }
 
@@ -1156,7 +1159,7 @@
 
     gpio = opaque;
 #ifdef DEBUG_GPIO
-    printf("%s: addr " PADDRX " val %08x\n", __func__, addr, value);
+    printf("%s: addr " PADDRX " val %08" PRIx32 "\n", __func__, addr, value);
 #endif
 }
 
@@ -1190,7 +1193,7 @@
         ppc405_gpio_reset(gpio);
         qemu_register_reset(&ppc405_gpio_reset, gpio);
 #ifdef DEBUG_GPIO
-        printf("%s: offset=" PADDRX "\n", __func__, offset);
+        printf("%s: offset " PADDRX "\n", __func__, offset);
 #endif
         ppc4xx_mmio_register(env, mmio, offset, 0x038,
                              ppc405_gpio_read, ppc405_gpio_write, gpio);
@@ -1218,7 +1221,7 @@
     void *serial;
 
 #ifdef DEBUG_SERIAL
-    printf("%s: offset=" PADDRX "\n", __func__, offset);
+    printf("%s: offset " PADDRX "\n", __func__, offset);
 #endif
     serial = serial_mm_init(offset, 0, irq, chr, 0);
     ppc4xx_mmio_register(env, mmio, offset, 0x008,
@@ -1248,7 +1251,9 @@
                                  uint32_t dsarc, uint32_t dsacntl)
 {
 #ifdef DEBUG_OCM
-    printf("OCM update ISA %08x %08x (%08x %08x) DSA %08x %08x (%08x %08x)\n",
+    printf("OCM update ISA %08" PRIx32 " %08" PRIx32 " (%08" PRIx32
+           " %08" PRIx32 ") DSA %08" PRIx32 " %08" PRIx32
+           " (%08" PRIx32 " %08" PRIx32 ")\n",
            isarc, isacntl, dsarc, dsacntl,
            ocm->isarc, ocm->isacntl, ocm->dsarc, ocm->dsacntl);
 #endif
@@ -1256,14 +1261,14 @@
         (ocm->isacntl & 0x80000000) != (isacntl & 0x80000000)) {
         if (ocm->isacntl & 0x80000000) {
             /* Unmap previously assigned memory region */
-            printf("OCM unmap ISA %08x\n", ocm->isarc);
+            printf("OCM unmap ISA %08" PRIx32 "\n", ocm->isarc);
             cpu_register_physical_memory(ocm->isarc, 0x04000000,
                                          IO_MEM_UNASSIGNED);
         }
         if (isacntl & 0x80000000) {
             /* Map new instruction memory region */
 #ifdef DEBUG_OCM
-            printf("OCM map ISA %08x\n", isarc);
+            printf("OCM map ISA %08" PRIx32 "\n", isarc);
 #endif
             cpu_register_physical_memory(isarc, 0x04000000,
                                          ocm->offset | IO_MEM_RAM);
@@ -1276,7 +1281,7 @@
             if (!(isacntl & 0x80000000) || ocm->dsarc != isarc) {
                 /* Unmap previously assigned memory region */
 #ifdef DEBUG_OCM
-                printf("OCM unmap DSA %08x\n", ocm->dsarc);
+                printf("OCM unmap DSA %08" PRIx32 "\n", ocm->dsarc);
 #endif
                 cpu_register_physical_memory(ocm->dsarc, 0x04000000,
                                              IO_MEM_UNASSIGNED);
@@ -1287,7 +1292,7 @@
             if (!(isacntl & 0x80000000) || dsarc != isarc) {
                 /* Map new data memory region */
 #ifdef DEBUG_OCM
-                printf("OCM map DSA %08x\n", dsarc);
+                printf("OCM map DSA %08" PRIx32 "\n", dsarc);
 #endif
                 cpu_register_physical_memory(dsarc, 0x04000000,
                                              ocm->offset | IO_MEM_RAM);
@@ -1475,7 +1480,7 @@
         break;
     }
 #ifdef DEBUG_I2C
-    printf("%s: addr " PADDRX " %02x\n", __func__, addr, ret);
+    printf("%s: addr " PADDRX " %02" PRIx32 "\n", __func__, addr, ret);
 #endif
 
     return ret;
@@ -1487,7 +1492,7 @@
     ppc4xx_i2c_t *i2c;
 
 #ifdef DEBUG_I2C
-    printf("%s: addr " PADDRX " val %08x\n", __func__, addr, value);
+    printf("%s: addr " PADDRX " val %08" PRIx32 "\n", __func__, addr, value);
 #endif
     i2c = opaque;
     switch (addr - i2c->base) {
@@ -1557,7 +1562,7 @@
                                target_phys_addr_t addr, uint32_t value)
 {
 #ifdef DEBUG_I2C
-    printf("%s: addr " PADDRX " val %08x\n", __func__, addr, value);
+    printf("%s: addr " PADDRX " val %08" PRIx32 "\n", __func__, addr, value);
 #endif
     ppc4xx_i2c_writeb(opaque, addr, value >> 8);
     ppc4xx_i2c_writeb(opaque, addr + 1, value);
@@ -1582,7 +1587,7 @@
                                target_phys_addr_t addr, uint32_t value)
 {
 #ifdef DEBUG_I2C
-    printf("%s: addr " PADDRX " val %08x\n", __func__, addr, value);
+    printf("%s: addr " PADDRX " val %08" PRIx32 "\n", __func__, addr, value);
 #endif
     ppc4xx_i2c_writeb(opaque, addr, value >> 24);
     ppc4xx_i2c_writeb(opaque, addr + 1, value >> 16);
@@ -1629,7 +1634,7 @@
         i2c->irq = irq;
         ppc4xx_i2c_reset(i2c);
 #ifdef DEBUG_I2C
-        printf("%s: offset=" PADDRX "\n", __func__, offset);
+        printf("%s: offset " PADDRX "\n", __func__, offset);
 #endif
         ppc4xx_mmio_register(env, mmio, offset, 0x011,
                              i2c_read, i2c_write, i2c);
@@ -1668,7 +1673,7 @@
                                target_phys_addr_t addr, uint32_t value)
 {
 #ifdef DEBUG_I2C
-    printf("%s: addr " PADDRX " val %08x\n", __func__, addr, value);
+    printf("%s: addr " PADDRX " val %08" PRIx32 "\n", __func__, addr, value);
 #endif
     /* XXX: generate a bus fault */
 }
@@ -1686,7 +1691,7 @@
                                target_phys_addr_t addr, uint32_t value)
 {
 #ifdef DEBUG_I2C
-    printf("%s: addr " PADDRX " val %08x\n", __func__, addr, value);
+    printf("%s: addr " PADDRX " val %08" PRIx32 "\n", __func__, addr, value);
 #endif
     /* XXX: generate a bus fault */
 }
@@ -1805,7 +1810,7 @@
     int idx;
 
 #ifdef DEBUG_I2C
-    printf("%s: addr " PADDRX " val %08x\n", __func__, addr, value);
+    printf("%s: addr " PADDRX " val %08" PRIx32 "\n", __func__, addr, value);
 #endif
     gpt = opaque;
     switch (addr - gpt->base) {
@@ -1913,7 +1918,7 @@
         gpt->timer = qemu_new_timer(vm_clock, &ppc4xx_gpt_cb, gpt);
         ppc4xx_gpt_reset(gpt);
 #ifdef DEBUG_GPT
-        printf("%s: offset=" PADDRX "\n", __func__, offset);
+        printf("%s: offset " PADDRX "\n", __func__, offset);
 #endif
         ppc4xx_mmio_register(env, mmio, offset, 0x0D4,
                              gpt_read, gpt_write, gpt);
@@ -2656,9 +2661,13 @@
     VCO_out = 0;
     if ((cpc->pllmr[1] & 0x80000000) && !(cpc->pllmr[1] & 0x40000000)) {
         M = (((cpc->pllmr[1] >> 20) - 1) & 0xF) + 1; /* FBMUL */
-        //        printf("FBMUL %01x %d\n", (cpc->pllmr[1] >> 20) & 0xF, M);
+#ifdef DEBUG_CLOCKS_LL
+        printf("FBMUL %01" PRIx32 " %d\n", (cpc->pllmr[1] >> 20) & 0xF, M);
+#endif
         D = 8 - ((cpc->pllmr[1] >> 16) & 0x7); /* FWDA */
-        //        printf("FWDA %01x %d\n", (cpc->pllmr[1] >> 16) & 0x7, D);
+#ifdef DEBUG_CLOCKS_LL
+        printf("FWDA %01" PRIx32 " %d\n", (cpc->pllmr[1] >> 16) & 0x7, D);
+#endif
         VCO_out = cpc->sysclk * M * D;
         if (VCO_out < 500000000UL || VCO_out > 1000000000UL) {
             /* Error - unlock the PLL */
@@ -2683,53 +2692,53 @@
     }
     /* Now, compute all other clocks */
     D = ((cpc->pllmr[0] >> 20) & 0x3) + 1; /* CCDV */
-#ifdef DEBUG_CLOCKS
-    //    printf("CCDV %01x %d\n", (cpc->pllmr[0] >> 20) & 0x3, D);
+#ifdef DEBUG_CLOCKS_LL
+    printf("CCDV %01" PRIx32 " %d\n", (cpc->pllmr[0] >> 20) & 0x3, D);
 #endif
     CPU_clk = PLL_out / D;
     D = ((cpc->pllmr[0] >> 16) & 0x3) + 1; /* CBDV */
-#ifdef DEBUG_CLOCKS
-    //    printf("CBDV %01x %d\n", (cpc->pllmr[0] >> 16) & 0x3, D);
+#ifdef DEBUG_CLOCKS_LL
+    printf("CBDV %01" PRIx32 " %d\n", (cpc->pllmr[0] >> 16) & 0x3, D);
 #endif
     PLB_clk = CPU_clk / D;
     D = ((cpc->pllmr[0] >> 12) & 0x3) + 1; /* OPDV */
-#ifdef DEBUG_CLOCKS
-    //    printf("OPDV %01x %d\n", (cpc->pllmr[0] >> 12) & 0x3, D);
+#ifdef DEBUG_CLOCKS_LL
+    printf("OPDV %01" PRIx32 " %d\n", (cpc->pllmr[0] >> 12) & 0x3, D);
 #endif
     OPB_clk = PLB_clk / D;
     D = ((cpc->pllmr[0] >> 8) & 0x3) + 2; /* EPDV */
-#ifdef DEBUG_CLOCKS
-    //    printf("EPDV %01x %d\n", (cpc->pllmr[0] >> 8) & 0x3, D);
+#ifdef DEBUG_CLOCKS_LL
+    printf("EPDV %01" PRIx32 " %d\n", (cpc->pllmr[0] >> 8) & 0x3, D);
 #endif
     EBC_clk = PLB_clk / D;
     D = ((cpc->pllmr[0] >> 4) & 0x3) + 1; /* MPDV */
-#ifdef DEBUG_CLOCKS
-    //    printf("MPDV %01x %d\n", (cpc->pllmr[0] >> 4) & 0x3, D);
+#ifdef DEBUG_CLOCKS_LL
+    printf("MPDV %01" PRIx32 " %d\n", (cpc->pllmr[0] >> 4) & 0x3, D);
 #endif
     MAL_clk = PLB_clk / D;
     D = (cpc->pllmr[0] & 0x3) + 1; /* PPDV */
-#ifdef DEBUG_CLOCKS
-    //    printf("PPDV %01x %d\n", cpc->pllmr[0] & 0x3, D);
+#ifdef DEBUG_CLOCKS_LL
+    printf("PPDV %01" PRIx32 " %d\n", cpc->pllmr[0] & 0x3, D);
 #endif
     PCI_clk = PLB_clk / D;
     D = ((cpc->ucr - 1) & 0x7F) + 1; /* U0DIV */
-#ifdef DEBUG_CLOCKS
-    //    printf("U0DIV %01x %d\n", cpc->ucr & 0x7F, D);
+#ifdef DEBUG_CLOCKS_LL
+    printf("U0DIV %01" PRIx32 " %d\n", cpc->ucr & 0x7F, D);
 #endif
     UART0_clk = PLL_out / D;
     D = (((cpc->ucr >> 8) - 1) & 0x7F) + 1; /* U1DIV */
-#ifdef DEBUG_CLOCKS
-    //    printf("U1DIV %01x %d\n", (cpc->ucr >> 8) & 0x7F, D);
+#ifdef DEBUG_CLOCKS_LL
+    printf("U1DIV %01" PRIx32 " %d\n", (cpc->ucr >> 8) & 0x7F, D);
 #endif
     UART1_clk = PLL_out / D;
 #ifdef DEBUG_CLOCKS
-    printf("Setup PPC405EP clocks - sysclk %d VCO %" PRIu64
+    printf("Setup PPC405EP clocks - sysclk %" PRIu32 " VCO %" PRIu64
            " PLL out %" PRIu64 " Hz\n", cpc->sysclk, VCO_out, PLL_out);
-    printf("CPU %d PLB %d OPB %d EBC %d MAL %d PCI %d UART0 %d UART1 %d\n",
+    printf("CPU %" PRIu32 " PLB %" PRIu32 " OPB %" PRIu32 " EBC %" PRIu32
+           " MAL %" PRIu32 " PCI %" PRIu32 " UART0 %" PRIu32
+           " UART1 %" PRIu32 "\n",
            CPU_clk, PLB_clk, OPB_clk, EBC_clk, MAL_clk, PCI_clk,
            UART0_clk, UART1_clk);
-    printf("CB %p opaque %p\n", cpc->clk_setup[PPC405EP_CPU_CLK].cb,
-           cpc->clk_setup[PPC405EP_CPU_CLK].opaque);
 #endif
     /* Setup CPU clocks */
     clk_setup(&cpc->clk_setup[PPC405EP_CPU_CLK], CPU_clk);

Modified: trunk/src/host/qemu-neo1973/hw/ppc4xx_devs.c
===================================================================
--- trunk/src/host/qemu-neo1973/hw/ppc4xx_devs.c	2007-11-26 19:46:49 UTC (rev 3516)
+++ trunk/src/host/qemu-neo1973/hw/ppc4xx_devs.c	2007-11-26 22:42:26 UTC (rev 3517)
@@ -30,6 +30,7 @@
 extern FILE *logfile;
 
 //#define DEBUG_MMIO
+//#define DEBUG_UNASSIGNED
 #define DEBUG_UIC
 
 /*****************************************************************************/
@@ -136,8 +137,8 @@
 
     idx = MMIO_IDX(addr - mmio->base);
 #if defined(DEBUG_MMIO)
-    printf("%s: mmio %p len %d addr " PADDRX " idx %d value %08x\n", __func__,
-           mmio, len, addr, idx, value);
+    printf("%s: mmio %p len %d addr " PADDRX " idx %d value %08" PRIx32 "\n",
+           __func__, mmio, len, addr, idx, value);
 #endif
     mem_write = mmio->mem_write[idx];
     (*mem_write[len])(mmio->opaque[idx], addr - mmio->base, value);
@@ -156,7 +157,7 @@
                          target_phys_addr_t addr, uint32_t value)
 {
 #if defined(DEBUG_MMIO)
-    printf("%s: addr " PADDRX " val %08x\n", __func__, addr, value);
+    printf("%s: addr " PADDRX " val %08" PRIx32 "\n", __func__, addr, value);
 #endif
     mmio_writelen(opaque, addr, value, 0);
 }
@@ -174,7 +175,7 @@
                          target_phys_addr_t addr, uint32_t value)
 {
 #if defined(DEBUG_MMIO)
-    printf("%s: addr " PADDRX " val %08x\n", __func__, addr, value);
+    printf("%s: addr " PADDRX " val %08" PRIx32 "\n", __func__, addr, value);
 #endif
     mmio_writelen(opaque, addr, value, 1);
 }
@@ -192,7 +193,7 @@
                          target_phys_addr_t addr, uint32_t value)
 {
 #if defined(DEBUG_MMIO)
-    printf("%s: addr " PADDRX " val %08x\n", __func__, addr, value);
+    printf("%s: addr " PADDRX " val %08" PRIx32 "\n", __func__, addr, value);
 #endif
     mmio_writelen(opaque, addr, value, 2);
 }
@@ -214,7 +215,7 @@
                           CPUReadMemoryFunc **mem_read,
                           CPUWriteMemoryFunc **mem_write, void *opaque)
 {
-    uint32_t end;
+    target_phys_addr_t end;
     int idx, eidx;
 
     if ((offset + len) > TARGET_PAGE_SIZE)
@@ -223,8 +224,8 @@
     end = offset + len - 1;
     eidx = MMIO_IDX(end);
 #if defined(DEBUG_MMIO)
-    printf("%s: offset %08x len %08x %08x %d %d\n", __func__, offset, len,
-           end, idx, eidx);
+    printf("%s: offset " PADDRX " len %08" PRIx32 " " PADDRX " %d %d\n",
+           __func__, offset, len, end, idx, eidx);
 #endif
     for (; idx <= eidx; idx++) {
         mmio->mem_read[idx] = mem_read;
@@ -245,8 +246,8 @@
         mmio->base = base;
         mmio_memory = cpu_register_io_memory(0, mmio_read, mmio_write, mmio);
 #if defined(DEBUG_MMIO)
-        printf("%s: %p base %08x len %08x %d\n", __func__,
-               mmio, base, TARGET_PAGE_SIZE, mmio_memory);
+        printf("%s: base " PADDRX " len %08x %d\n", __func__,
+               base, TARGET_PAGE_SIZE, mmio_memory);
 #endif
         cpu_register_physical_memory(base, TARGET_PAGE_SIZE, mmio_memory);
         ppc4xx_mmio_register(env, mmio, 0, TARGET_PAGE_SIZE,
@@ -297,9 +298,10 @@
     cr = uic->uicsr & uic->uicer & uic->uiccr;
 #ifdef DEBUG_UIC
     if (loglevel & CPU_LOG_INT) {
-        fprintf(logfile, "%s: uicsr %08x uicer %08x uiccr %08x\n"
-                "   %08x ir %08x cr %08x\n", __func__,
-                uic->uicsr, uic->uicer, uic->uiccr,
+        fprintf(logfile, "%s: uicsr %08" PRIx32 " uicer %08" PRIx32
+                " uiccr %08" PRIx32 "\n"
+                "   %08" PRIx32 " ir %08" PRIx32 " cr %08" PRIx32 "\n",
+                __func__, uic->uicsr, uic->uicer, uic->uiccr,
                 uic->uicsr & uic->uicer, ir, cr);
     }
 #endif
@@ -342,8 +344,8 @@
         }
 #ifdef DEBUG_UIC
         if (loglevel & CPU_LOG_INT) {
-            fprintf(logfile, "Raise UIC critical interrupt - vector %08x\n",
-                    uic->uicvr);
+            fprintf(logfile, "Raise UIC critical interrupt - "
+                    "vector %08" PRIx32 "\n", uic->uicvr);
         }
 #endif
     } else {
@@ -366,8 +368,9 @@
     mask = 1 << irq_num;
 #ifdef DEBUG_UIC
     if (loglevel & CPU_LOG_INT) {
-        fprintf(logfile, "%s: irq %d level %d uicsr %08x mask %08x => %08x "
-                "%08x\n", __func__, irq_num, level,
+        fprintf(logfile, "%s: irq %d level %d uicsr %08" PRIx32
+                " mask %08" PRIx32 " => %08" PRIx32 " %08" PRIx32 "\n",
+                __func__, irq_num, level,
                 uic->uicsr, mask, uic->uicsr & mask, level << irq_num);
     }
 #endif
@@ -392,8 +395,8 @@
     }
 #ifdef DEBUG_UIC
     if (loglevel & CPU_LOG_INT) {
-        fprintf(logfile, "%s: irq %d level %d sr %08x => %08x\n", __func__,
-                irq_num, level, uic->uicsr, sr);
+        fprintf(logfile, "%s: irq %d level %d sr %" PRIx32 " => "
+                "%08" PRIx32 "\n", __func__, irq_num, level, uic->uicsr, sr);
     }
 #endif
     if (sr != uic->uicsr)

Modified: trunk/src/host/qemu-neo1973/hw/ppc_chrp.c
===================================================================
--- trunk/src/host/qemu-neo1973/hw/ppc_chrp.c	2007-11-26 19:46:49 UTC (rev 3516)
+++ trunk/src/host/qemu-neo1973/hw/ppc_chrp.c	2007-11-26 22:42:26 UTC (rev 3517)
@@ -255,7 +255,7 @@
     pci_vga_init(pci_bus, ds, phys_ram_base + ram_size,
                  ram_size, vga_ram_size,
                  vga_bios_offset, vga_bios_size);
-    
+
     /* XXX: suppress that */
     dummy_irq = i8259_init(NULL);
 
@@ -274,7 +274,7 @@
 #endif
     /* cuda also initialize ADB */
     cuda_init(&cuda_mem_index, pic[0x19]);
-    
+
     adb_kbd_init(&adb_bus);
     adb_mouse_init(&adb_bus);
 
@@ -314,7 +314,7 @@
 
     /* Special port to get debug messages from Open-Firmware */
     register_ioport_write(0x0F00, 4, 1, &PPC_debug_write, NULL);
- }
+}
 
 QEMUMachine core99_machine = {
     "mac99",

Modified: trunk/src/host/qemu-neo1973/hw/ppc_oldworld.c
===================================================================
--- trunk/src/host/qemu-neo1973/hw/ppc_oldworld.c	2007-11-26 19:46:49 UTC (rev 3516)
+++ trunk/src/host/qemu-neo1973/hw/ppc_oldworld.c	2007-11-26 22:42:26 UTC (rev 3517)
@@ -41,7 +41,7 @@
     static int vga_vbl_enabled;
     int linesize;
 
-    //    printf("osi_call R5=%d\n", env->gpr[5]);
+    //    printf("osi_call R5=" REGX "\n", ppc_dump_gpr(env, 5));
 
     /* same handler as PearPC, coming from the original MOL video
        driver. */
@@ -93,7 +93,8 @@
         /* R6 = x, R7 = y, R8 = visible, R9 = data */
         break;
     default:
-        fprintf(stderr, "unsupported OSI call R5=" REGX "\n", env->gpr[5]);
+        fprintf(stderr, "unsupported OSI call R5=" REGX "\n",
+                ppc_dump_gpr(env, 5));
         break;
     }
 
@@ -245,7 +246,7 @@
     }
 
     isa_mem_base = 0x80000000;
-    
+
     /* Register 2 MB of ISA IO space */
     isa_mmio_init(0xfe000000, 0x00200000);
 
@@ -277,13 +278,13 @@
     pci_vga_init(pci_bus, ds, phys_ram_base + ram_size,
                  ram_size, vga_ram_size,
                  vga_bios_offset, vga_bios_size);
-    
+
     /* XXX: suppress that */
     dummy_irq = i8259_init(NULL);
 
     /* XXX: use Mac Serial port */
     serial_init(0x3f8, dummy_irq[4], serial_hds[0]);
-    
+
     for(i = 0; i < nb_nics; i++) {
         if (!nd_table[i].model)
             nd_table[i].model = "ne2k_pci";
@@ -301,7 +302,7 @@
 
     adb_kbd_init(&adb_bus);
     adb_mouse_init(&adb_bus);
-    
+
     nvr = macio_nvram_init(&nvram_mem_index, 0x2000);
     pmac_format_nvram_partition(nvr, 0x2000);
 

Modified: trunk/src/host/qemu-neo1973/hw/ppc_prep.c
===================================================================
--- trunk/src/host/qemu-neo1973/hw/ppc_prep.c	2007-11-26 19:46:49 UTC (rev 3516)
+++ trunk/src/host/qemu-neo1973/hw/ppc_prep.c	2007-11-26 22:42:26 UTC (rev 3517)
@@ -113,7 +113,7 @@
 static void _PPC_intack_write (void *opaque,
                                target_phys_addr_t addr, uint32_t value)
 {
-    //    printf("%s: 0x%08x => 0x%08x\n", __func__, addr, value);
+//    printf("%s: 0x" PADDRX " => 0x%08" PRIx32 "\n", __func__, addr, value);
 }
 
 static always_inline uint32_t _PPC_intack_read (target_phys_addr_t addr)
@@ -122,7 +122,7 @@
 
     if (addr == 0xBFFFFFF0)
         retval = pic_intack_read(isa_pic);
-    //   printf("%s: 0x%08x <= %d\n", __func__, addr, retval);
+//   printf("%s: 0x" PADDRX " <= %08" PRIx32 "\n", __func__, addr, retval);
 
     return retval;
 }
@@ -192,7 +192,7 @@
 static void PPC_XCSR_writeb (void *opaque,
                              target_phys_addr_t addr, uint32_t value)
 {
-    printf("%s: 0x%08lx => 0x%08x\n", __func__, (long)addr, value);
+    printf("%s: 0x" PADDRX " => 0x%08" PRIx32 "\n", __func__, addr, value);
 }
 
 static void PPC_XCSR_writew (void *opaque,
@@ -201,7 +201,7 @@
 #ifdef TARGET_WORDS_BIGENDIAN
     value = bswap16(value);
 #endif
-    printf("%s: 0x%08lx => 0x%08x\n", __func__, (long)addr, value);
+    printf("%s: 0x" PADDRX " => 0x%08" PRIx32 "\n", __func__, addr, value);
 }
 
 static void PPC_XCSR_writel (void *opaque,
@@ -210,14 +210,14 @@
 #ifdef TARGET_WORDS_BIGENDIAN
     value = bswap32(value);
 #endif
-    printf("%s: 0x%08lx => 0x%08x\n", __func__, (long)addr, value);
+    printf("%s: 0x" PADDRX " => 0x%08" PRIx32 "\n", __func__, addr, value);
 }
 
 static uint32_t PPC_XCSR_readb (void *opaque, target_phys_addr_t addr)
 {
     uint32_t retval = 0;
 
-    printf("%s: 0x%08lx <= %d\n", __func__, (long)addr, retval);
+    printf("%s: 0x" PADDRX " <= %08" PRIx32 "\n", __func__, addr, retval);
 
     return retval;
 }
@@ -226,7 +226,7 @@
 {
     uint32_t retval = 0;
 
-    printf("%s: 0x%08lx <= %d\n", __func__, (long)addr, retval);
+    printf("%s: 0x" PADDRX " <= %08" PRIx32 "\n", __func__, addr, retval);
 #ifdef TARGET_WORDS_BIGENDIAN
     retval = bswap16(retval);
 #endif
@@ -238,7 +238,7 @@
 {
     uint32_t retval = 0;
 
-    printf("%s: 0x%08lx <= %d\n", __func__, (long)addr, retval);
+    printf("%s: 0x" PADDRX " <= %08" PRIx32 "\n", __func__, addr, retval);
 #ifdef TARGET_WORDS_BIGENDIAN
     retval = bswap32(retval);
 #endif
@@ -280,7 +280,8 @@
 {
     sysctrl_t *sysctrl = opaque;
 
-    PPC_IO_DPRINTF("0x%08lx => 0x%08x\n", (long)addr - PPC_IO_BASE, val);
+    PPC_IO_DPRINTF("0x%08" PRIx32 " => 0x%02" PRIx32 "\n", addr - PPC_IO_BASE,
+                   val);
     sysctrl->fake_io[addr - 0x0398] = val;
 }
 
@@ -288,7 +289,7 @@
 {
     sysctrl_t *sysctrl = opaque;
 
-    PPC_IO_DPRINTF("0x%08lx <= 0x%08x\n", (long)addr - PPC_IO_BASE,
+    PPC_IO_DPRINTF("0x%08" PRIx32 " <= 0x%02" PRIx32 "\n", addr - PPC_IO_BASE,
                    sysctrl->fake_io[addr - 0x0398]);
     return sysctrl->fake_io[addr - 0x0398];
 }
@@ -297,7 +298,8 @@
 {
     sysctrl_t *sysctrl = opaque;
 
-    PPC_IO_DPRINTF("0x%08lx => 0x%08x\n", (long)addr - PPC_IO_BASE, val);
+    PPC_IO_DPRINTF("0x%08" PRIx32 " => 0x%02" PRIx32 "\n",
+                   addr - PPC_IO_BASE, val);
     switch (addr) {
     case 0x0092:
         /* Special port 92 */
@@ -353,8 +355,8 @@
         sysctrl->contiguous_map = val & 0x01;
         break;
     default:
-        printf("ERROR: unaffected IO port write: %04lx => %02x\n",
-               (long)addr, val);
+        printf("ERROR: unaffected IO port write: %04" PRIx32
+               " => %02" PRIx32"\n", addr, val);
         break;
     }
 }
@@ -416,10 +418,11 @@
         retval = sysctrl->contiguous_map;
         break;
     default:
-        printf("ERROR: unaffected IO port: %04lx read\n", (long)addr);
+        printf("ERROR: unaffected IO port: %04" PRIx32 " read\n", addr);
         break;
     }
-    PPC_IO_DPRINTF("0x%08lx <= 0x%08x\n", (long)addr - PPC_IO_BASE, retval);
+    PPC_IO_DPRINTF("0x%08" PRIx32 " <= 0x%02" PRIx32 "\n",
+                   addr - PPC_IO_BASE, retval);
 
     return retval;
 }
@@ -468,7 +471,7 @@
 #ifdef TARGET_WORDS_BIGENDIAN
     value = bswap16(value);
 #endif
-    PPC_IO_DPRINTF("0x%08lx => 0x%08x\n", (long)addr, value);
+    PPC_IO_DPRINTF("0x" PADDRX " => 0x%08" PRIx32 "\n", addr, value);
     cpu_outw(NULL, addr, value);
 }
 
@@ -482,7 +485,7 @@
 #ifdef TARGET_WORDS_BIGENDIAN
     ret = bswap16(ret);
 #endif
-    PPC_IO_DPRINTF("0x%08lx <= 0x%08x\n", (long)addr, ret);
+    PPC_IO_DPRINTF("0x" PADDRX " <= 0x%08" PRIx32 "\n", addr, ret);
 
     return ret;
 }
@@ -496,7 +499,7 @@
 #ifdef TARGET_WORDS_BIGENDIAN
     value = bswap32(value);
 #endif
-    PPC_IO_DPRINTF("0x%08lx => 0x%08x\n", (long)addr, value);
+    PPC_IO_DPRINTF("0x" PADDRX " => 0x%08" PRIx32 "\n", addr, value);
     cpu_outl(NULL, addr, value);
 }
 
@@ -510,7 +513,7 @@
 #ifdef TARGET_WORDS_BIGENDIAN
     ret = bswap32(ret);
 #endif
-    PPC_IO_DPRINTF("0x%08lx <= 0x%08x\n", (long)addr, ret);
+    PPC_IO_DPRINTF("0x" PADDRX " <= 0x%08" PRIx32 "\n", addr, ret);
 
     return ret;
 }

Modified: trunk/src/host/qemu-neo1973/hw/primecell.h
===================================================================
--- trunk/src/host/qemu-neo1973/hw/primecell.h	2007-11-26 19:46:49 UTC (rev 3516)
+++ trunk/src/host/qemu-neo1973/hw/primecell.h	2007-11-26 22:42:26 UTC (rev 3517)
@@ -21,13 +21,15 @@
                 enum pl011_type type);
 
 /* pl022.c */
-void pl022_init(uint32_t base, qemu_irq irq, int (*xfer_cb)(void *, int),
+typedef int (*ssi_xfer_cb)(void *, int);
+void pl022_init(uint32_t base, qemu_irq irq, ssi_xfer_cb xfer_cb,
                 void *opaque);
 
 /* pl050.c */
 void pl050_init(uint32_t base, qemu_irq irq, int is_mouse);
 
 /* pl061.c */
+void pl061_float_high(void *opaque, uint8_t mask);
 qemu_irq *pl061_init(uint32_t base, qemu_irq irq, qemu_irq **out);
 
 /* pl080.c */

Modified: trunk/src/host/qemu-neo1973/hw/pxa2xx_mmci.c
===================================================================
--- trunk/src/host/qemu-neo1973/hw/pxa2xx_mmci.c	2007-11-26 19:46:49 UTC (rev 3516)
+++ trunk/src/host/qemu-neo1973/hw/pxa2xx_mmci.c	2007-11-26 22:42:26 UTC (rev 3517)
@@ -538,7 +538,7 @@
     cpu_register_physical_memory(base, 0x00100000, iomemtype);
 
     /* Instantiate the actual storage */
-    s->card = sd_init(bd);
+    s->card = sd_init(bd, 0);
 
     register_savevm("pxa2xx_mmci", 0, 0,
                     pxa2xx_mmci_save, pxa2xx_mmci_load, s);

Modified: trunk/src/host/qemu-neo1973/hw/s3c24xx_mmci.c
===================================================================
--- trunk/src/host/qemu-neo1973/hw/s3c24xx_mmci.c	2007-11-26 19:46:49 UTC (rev 3516)
+++ trunk/src/host/qemu-neo1973/hw/s3c24xx_mmci.c	2007-11-26 22:42:26 UTC (rev 3517)
@@ -433,7 +433,7 @@
     register_savevm("s3c24xx_mmci", 0, 0, s3c_mmci_save, s3c_mmci_load, s);
 
     /* Instantiate the actual storage */
-    s->card = sd_init(bd);
+    s->card = sd_init(bd, 0);
 
     return s;
 }

Modified: trunk/src/host/qemu-neo1973/hw/sd.c
===================================================================
--- trunk/src/host/qemu-neo1973/hw/sd.c	2007-11-26 19:46:49 UTC (rev 3516)
+++ trunk/src/host/qemu-neo1973/hw/sd.c	2007-11-26 22:42:26 UTC (rev 3517)
@@ -87,6 +87,7 @@
     int pwd_len;
     int function_group[6];
 
+    int spi;
     int current_cmd;
     int blk_written;
     uint32_t data_start;
@@ -395,11 +396,16 @@
     }
 }
 
-SDState *sd_init(BlockDriverState *bs)
+/* We do not model the chip select pin, so allow the board to select
+   whether card should be in SSI or MMC/SD mode.  It is also up to the
+   board to ensure that ssi transfers only occur when the chip select
+   is asserted.  */
+SDState *sd_init(BlockDriverState *bs, int is_spi)
 {
     SDState *sd;
 
     sd = (SDState *) qemu_mallocz(sizeof(SDState));
+    sd->spi = is_spi;
     sd_reset(sd, bs);
     bdrv_set_change_cb(sd->bdrv, sd_cardchange, sd);
     return sd;
@@ -567,16 +573,25 @@
     case 0:	/* CMD0:   GO_IDLE_STATE */
         switch (sd->state) {
         case sd_inactive_state:
-            return sd_r0;
+            return sd->spi ? sd_r1 : sd_r0;
 
         default:
             sd->state = sd_idle_state;
             sd_reset(sd, sd->bdrv);
-            return sd_r0;
+            return sd->spi ? sd_r1 : sd_r0;
         }
         break;
 
+    case 1:	/* CMD1:   SEND_OP_CMD */
+        if (!sd->spi)
+            goto bad_cmd;
+
+        sd->state = sd_transfer_state;
+        return sd_r1;
+
     case 2:	/* CMD2:   ALL_SEND_CID */
+        if (sd->spi)
+            goto bad_cmd;
         switch (sd->state) {
         case sd_ready_state:
             sd->state = sd_identification_state;
@@ -588,6 +603,8 @@
         break;
 
     case 3:	/* CMD3:   SEND_RELATIVE_ADDR */
+        if (sd->spi)
+            goto bad_cmd;
         switch (sd->state) {
         case sd_identification_state:
         case sd_standby_state:
@@ -601,6 +618,8 @@
         break;
 
     case 4:	/* CMD4:   SEND_DSR */
+        if (sd->spi)
+            goto bad_cmd;
         switch (sd->state) {
         case sd_standby_state:
             break;
@@ -611,6 +630,8 @@
         break;
 
     case 6:	/* CMD6:   SWITCH_FUNCTION */
+        if (sd->spi)
+            goto bad_cmd;
         switch (sd->mode) {
         case sd_data_transfer_mode:
             sd_function_switch(sd, req.arg);
@@ -625,6 +646,8 @@
         break;
 
     case 7:	/* CMD7:   SELECT/DESELECT_CARD */
+        if (sd->spi)
+            goto bad_cmd;
         switch (sd->state) {
         case sd_standby_state:
             if (sd->rca != rca)
@@ -668,6 +691,15 @@
 
             return sd_r2_s;
 
+        case sd_transfer_state:
+            if (!sd->spi)
+                break;
+            sd->state = sd_sendingdata_state;
+            memcpy(sd->data, sd->csd, 16);
+            sd->data_start = req.arg;
+            sd->data_offset = 0;
+            return sd_r1;
+
         default:
             break;
         }
@@ -681,12 +713,23 @@
 
             return sd_r2_i;
 
+        case sd_transfer_state:
+            if (!sd->spi)
+                break;
+            sd->state = sd_sendingdata_state;
+            memcpy(sd->data, sd->cid, 16);
+            sd->data_start = req.arg;
+            sd->data_offset = 0;
+            return sd_r1;
+
         default:
             break;
         }
         break;
 
     case 11:	/* CMD11:  READ_DAT_UNTIL_STOP */
+        if (sd->spi)
+            goto bad_cmd;
         switch (sd->state) {
         case sd_transfer_state:
             sd->state = sd_sendingdata_state;
@@ -733,6 +776,8 @@
         break;
 
     case 15:	/* CMD15:  GO_INACTIVE_STATE */
+        if (sd->spi)
+            goto bad_cmd;
         switch (sd->mode) {
         case sd_data_transfer_mode:
             if (sd->rca != rca)
@@ -796,8 +841,13 @@
 
     /* Block write commands (Class 4) */
     case 24:	/* CMD24:  WRITE_SINGLE_BLOCK */
+        if (sd->spi)
+            goto unimplemented_cmd;
         switch (sd->state) {
         case sd_transfer_state:
+            /* Writing in SPI mode not implemented.  */
+            if (sd->spi)
+                break;
             sd->state = sd_receivingdata_state;
             sd->data_start = req.arg;
             sd->data_offset = 0;
@@ -817,8 +867,13 @@
         break;
 
     case 25:	/* CMD25:  WRITE_MULTIPLE_BLOCK */
+        if (sd->spi)
+            goto unimplemented_cmd;
         switch (sd->state) {
         case sd_transfer_state:
+            /* Writing in SPI mode not implemented.  */
+            if (sd->spi)
+                break;
             sd->state = sd_receivingdata_state;
             sd->data_start = req.arg;
             sd->data_offset = 0;
@@ -838,6 +893,8 @@
         break;
 
     case 26:	/* CMD26:  PROGRAM_CID */
+        if (sd->spi)
+            goto bad_cmd;
         switch (sd->state) {
         case sd_transfer_state:
             sd->state = sd_receivingdata_state;
@@ -851,6 +908,8 @@
         break;
 
     case 27:	/* CMD27:  PROGRAM_CSD */
+        if (sd->spi)
+            goto unimplemented_cmd;
         switch (sd->state) {
         case sd_transfer_state:
             sd->state = sd_receivingdata_state;
@@ -962,6 +1021,8 @@
 
     /* Lock card commands (Class 7) */
     case 42:	/* CMD42:  LOCK_UNLOCK */
+        if (sd->spi)
+            goto unimplemented_cmd;
         switch (sd->state) {
         case sd_transfer_state:
             sd->state = sd_receivingdata_state;
@@ -1000,10 +1061,17 @@
         break;
 
     default:
+    bad_cmd:
         sd->card_status |= ILLEGAL_COMMAND;
 
         printf("SD: Unknown CMD%i\n", req.cmd);
         return sd_r0;
+
+    unimplemented_cmd:
+        /* Commands that are recognised but not yet implemented in SPI mode.  */
+        sd->card_status |= ILLEGAL_COMMAND;
+        printf ("SD: CMD%i not implemented in SPI mode\n", req.cmd);
+        return sd_r0;
     }
 
     sd->card_status |= ILLEGAL_COMMAND;
@@ -1069,6 +1137,11 @@
         break;
 
     case 41:	/* ACMD41: SD_APP_OP_COND */
+        if (sd->spi) {
+            /* SEND_OP_CMD */
+            sd->state = sd_transfer_state;
+            return sd_r1;
+        }
         switch (sd->state) {
         case sd_idle_state:
             /* We accept any voltage.  10000 V is nothing.  */
@@ -1414,6 +1487,14 @@
             sd->state = sd_transfer_state;
         break;
 
+    case 9:	/* CMD9:   SEND_CSD */
+    case 10:	/* CMD10:  SEND_CID */
+        ret = sd->data[sd->data_offset ++];
+
+        if (sd->data_offset >= 16)
+            sd->state = sd_transfer_state;
+        break;
+
     case 11:	/* CMD11:  READ_DAT_UNTIL_STOP */
         if (sd->data_offset == 0)
             BLK_READ_BLOCK(sd->data_start, sd->blk_len);

Modified: trunk/src/host/qemu-neo1973/hw/sd.h
===================================================================
--- trunk/src/host/qemu-neo1973/hw/sd.h	2007-11-26 19:46:49 UTC (rev 3516)
+++ trunk/src/host/qemu-neo1973/hw/sd.h	2007-11-26 22:42:26 UTC (rev 3517)
@@ -67,7 +67,7 @@
 
 typedef struct SDState SDState;
 
-SDState *sd_init(BlockDriverState *bs);
+SDState *sd_init(BlockDriverState *bs, int is_spi);
 int sd_do_command(SDState *sd, struct sd_request_s *req,
                   uint8_t *response);
 void sd_write_data(SDState *sd, uint8_t value);
@@ -75,4 +75,8 @@
 void sd_set_cb(SDState *sd, qemu_irq readonly, qemu_irq insert);
 int sd_data_ready(SDState *sd);
 
+/* ssi-sd.c */
+int ssi_sd_xfer(void *opaque, int val);
+void *ssi_sd_init(BlockDriverState *bs);
+
 #endif	/* __hw_sd_h */

Modified: trunk/src/host/qemu-neo1973/hw/serial.c
===================================================================
--- trunk/src/host/qemu-neo1973/hw/serial.c	2007-11-26 19:46:49 UTC (rev 3516)
+++ trunk/src/host/qemu-neo1973/hw/serial.c	2007-11-26 22:42:26 UTC (rev 3517)
@@ -223,6 +223,7 @@
             ret = s->rbr;
             s->lsr &= ~(UART_LSR_DR | UART_LSR_BI);
             serial_update_irq(s);
+            qemu_chr_accept_input(s->chr);
         }
         break;
     case 1:

Modified: trunk/src/host/qemu-neo1973/hw/slavio_serial.c
===================================================================
--- trunk/src/host/qemu-neo1973/hw/slavio_serial.c	2007-11-26 19:46:49 UTC (rev 3516)
+++ trunk/src/host/qemu-neo1973/hw/slavio_serial.c	2007-11-26 22:42:26 UTC (rev 3517)
@@ -475,6 +475,8 @@
         else
             ret = s->rx;
         SER_DPRINTF("Read channel %c, ch %d\n", CHN_C(s), ret);
+        if (s->chr)
+            qemu_chr_accept_input(s->chr);
         return ret;
     default:
         break;

Modified: trunk/src/host/qemu-neo1973/hw/ssd0323.c
===================================================================
--- trunk/src/host/qemu-neo1973/hw/ssd0323.c	2007-11-26 19:46:49 UTC (rev 3516)
+++ trunk/src/host/qemu-neo1973/hw/ssd0323.c	2007-11-26 22:42:26 UTC (rev 3517)
@@ -157,6 +157,9 @@
         case 0xe3: /* NOP.  */
             DATA(0);
             break;
+        case 0xff: /* Nasty hack because we don't handle chip selects
+                      properly.  */
+            break;
         default:
             BADF("Unknown command: 0x%x\n", data);
         }

Added: trunk/src/host/qemu-neo1973/hw/ssi-sd.c
===================================================================
--- trunk/src/host/qemu-neo1973/hw/ssi-sd.c	2007-11-26 19:46:49 UTC (rev 3516)
+++ trunk/src/host/qemu-neo1973/hw/ssi-sd.c	2007-11-26 22:42:26 UTC (rev 3517)
@@ -0,0 +1,202 @@
+/*
+ * SSI to SD card adapter.
+ *
+ * Copyright (c) 2007 CodeSourcery.
+ * Written by Paul Brook
+ *
+ * This code is licenced under the GPL.
+ */
+
+#include "hw.h"
+#include "sd.h"
+
+//#define DEBUG_SSI_SD 1
+
+#ifdef DEBUG_SSI_SD
+#define DPRINTF(fmt, args...) \
+do { printf("ssi_sd: " fmt , ##args); } while (0)
+#define BADF(fmt, args...) \
+do { fprintf(stderr, "ssi_sd: error: " fmt , ##args); exit(1);} while (0)
+#else
+#define DPRINTF(fmt, args...) do {} while(0)
+#define BADF(fmt, args...) \
+do { fprintf(stderr, "ssi_sd: error: " fmt , ##args);} while (0)
+#endif
+
+typedef enum {
+    SSI_SD_CMD,
+    SSI_SD_CMDARG,
+    SSI_SD_RESPONSE,
+    SSI_SD_DATA_START,
+    SSI_SD_DATA_READ,
+} ssi_sd_mode;
+
+typedef struct {
+    ssi_sd_mode mode;
+    int cmd;
+    uint8_t cmdarg[4];
+    uint8_t response[5];
+    int arglen;
+    int response_pos;
+    int stopping;
+    SDState *sd;
+} ssi_sd_state;
+
+/* State word bits.  */
+#define SSI_SDR_LOCKED          0x0001
+#define SSI_SDR_WP_ERASE        0x0002
+#define SSI_SDR_ERROR           0x0004
+#define SSI_SDR_CC_ERROR        0x0008
+#define SSI_SDR_ECC_FAILED      0x0010
+#define SSI_SDR_WP_VIOLATION    0x0020
+#define SSI_SDR_ERASE_PARAM     0x0040
+#define SSI_SDR_OUT_OF_RANGE    0x0080
+#define SSI_SDR_IDLE            0x0100
+#define SSI_SDR_ERASE_RESET     0x0200
+#define SSI_SDR_ILLEGAL_COMMAND 0x0400
+#define SSI_SDR_COM_CRC_ERROR   0x0800
+#define SSI_SDR_ERASE_SEQ_ERROR 0x1000
+#define SSI_SDR_ADDRESS_ERROR   0x2000
+#define SSI_SDR_PARAMETER_ERROR 0x4000
+
+int ssi_sd_xfer(void *opaque, int val)
+{
+    ssi_sd_state *s = (ssi_sd_state *)opaque;
+
+    /* Special case: allow CMD12 (STOP TRANSMISSION) while reading data.  */
+    if (s->mode == SSI_SD_DATA_READ && val == 0x4d) {
+        s->mode = SSI_SD_CMD;
+        /* There must be at least one byte delay before the card responds.  */
+        s->stopping = 1;
+    }
+
+    switch (s->mode) {
+    case SSI_SD_CMD:
+        if (val == 0xff) {
+            DPRINTF("NULL command\n");
+            return 0xff;
+        }
+        s->cmd = val & 0x3f;
+        s->mode = SSI_SD_CMDARG;
+        s->arglen = 0;
+        return 0xff;
+    case SSI_SD_CMDARG:
+        if (s->arglen == 4) {
+            struct sd_request_s request;
+            uint8_t longresp[16];
+            /* FIXME: Check CRC.  */
+            request.cmd = s->cmd;
+            request.arg = (s->cmdarg[0] << 24) | (s->cmdarg[1] << 16)
+                           | (s->cmdarg[2] << 8) | s->cmdarg[3];
+            DPRINTF("CMD%d arg 0x%08x\n", s->cmd, request.arg);
+            s->arglen = sd_do_command(s->sd, &request, longresp);
+            if (s->arglen <= 0) {
+                s->arglen = 1;
+                s->response[0] = 4;
+                DPRINTF("SD command failed\n");
+            } else if (s->cmd == 58) {
+                /* CMD58 returns R3 response (OCR)  */
+                DPRINTF("Returned OCR\n");
+                s->arglen = 5;
+                s->response[0] = 1;
+                memcpy(&s->response[1], longresp, 4);
+            } else if (s->arglen != 4) {
+                BADF("Unexpected response to cmd %d\n", s->cmd);
+                /* Illegal command is about as near as we can get.  */
+                s->arglen = 1;
+                s->response[0] = 4;
+            } else {
+                /* All other commands return status.  */
+                uint32_t cardstatus;
+                uint16_t status;
+                /* CMD13 returns a 2-byte statuse work. Other commands
+                   only return the first byte.  */
+                s->arglen = (s->cmd == 13) ? 2 : 1;
+                cardstatus = (longresp[0] << 24) | (longresp[1] << 16)
+                             | (longresp[2] << 8) | longresp[3];
+                status = 0;
+                if (((cardstatus >> 9) & 0xf) < 4)
+                    status |= SSI_SDR_IDLE;
+                if (cardstatus & ERASE_RESET)
+                    status |= SSI_SDR_ERASE_RESET;
+                if (cardstatus & ILLEGAL_COMMAND)
+                    status |= SSI_SDR_ILLEGAL_COMMAND;
+                if (cardstatus & COM_CRC_ERROR)
+                    status |= SSI_SDR_COM_CRC_ERROR;
+                if (cardstatus & ERASE_SEQ_ERROR)
+                    status |= SSI_SDR_ERASE_SEQ_ERROR;
+                if (cardstatus & ADDRESS_ERROR)
+                    status |= SSI_SDR_ADDRESS_ERROR;
+                if (cardstatus & CARD_IS_LOCKED)
+                    status |= SSI_SDR_LOCKED;
+                if (cardstatus & (LOCK_UNLOCK_FAILED | WP_ERASE_SKIP))
+                    status |= SSI_SDR_WP_ERASE;
+                if (cardstatus & SD_ERROR)
+                    status |= SSI_SDR_ERROR;
+                if (cardstatus & CC_ERROR)
+                    status |= SSI_SDR_CC_ERROR;
+                if (cardstatus & CARD_ECC_FAILED)
+                    status |= SSI_SDR_ECC_FAILED;
+                if (cardstatus & WP_VIOLATION)
+                    status |= SSI_SDR_WP_VIOLATION;
+                if (cardstatus & ERASE_PARAM)
+                    status |= SSI_SDR_ERASE_PARAM;
+                if (cardstatus & (OUT_OF_RANGE | CID_CSD_OVERWRITE))
+                    status |= SSI_SDR_OUT_OF_RANGE;
+                /* ??? Don't know what Parameter Error really means, so
+                   assume it's set if the second byte is nonzero.  */
+                if (status & 0xff)
+                    status |= SSI_SDR_PARAMETER_ERROR;
+                s->response[0] = status >> 8;
+                s->response[1] = status;
+                DPRINTF("Card status 0x%02x\n", status);
+            }
+            s->mode = SSI_SD_RESPONSE;
+            s->response_pos = 0;
+        } else {
+            s->cmdarg[s->arglen++] = val;
+        }
+        return 0xff;
+    case SSI_SD_RESPONSE:
+        if (s->stopping) {
+            s->stopping = 0;
+            return 0xff;
+        }
+        if (s->response_pos < s->arglen) {
+            DPRINTF("Response 0x%02x\n", s->response[s->response_pos]);
+            return s->response[s->response_pos++];
+        }
+        if (sd_data_ready(s->sd)) {
+            DPRINTF("Data read\n");
+            s->mode = SSI_SD_DATA_START;
+        } else {
+            DPRINTF("End of command\n");
+            s->mode = SSI_SD_CMD;
+        }
+        return 0xff;
+    case SSI_SD_DATA_START:
+        DPRINTF("Start read block\n");
+        s->mode = SSI_SD_DATA_READ;
+        return 0xfe;
+    case SSI_SD_DATA_READ:
+        val = sd_read_data(s->sd);
+        if (!sd_data_ready(s->sd)) {
+            DPRINTF("Data read end\n");
+            s->mode = SSI_SD_CMD;
+        }
+        return val;
+    }
+    /* Should never happen.  */
+    return 0xff;
+}
+
+void *ssi_sd_init(BlockDriverState *bs)
+{
+    ssi_sd_state *s;
+
+    s = (ssi_sd_state *)qemu_mallocz(sizeof(ssi_sd_state));
+    s->mode = SSI_SD_CMD;
+    s->sd = sd_init(bs, 1);
+    return s;
+}
+

Modified: trunk/src/host/qemu-neo1973/hw/stellaris.c
===================================================================
--- trunk/src/host/qemu-neo1973/hw/stellaris.c	2007-11-26 19:46:49 UTC (rev 3516)
+++ trunk/src/host/qemu-neo1973/hw/stellaris.c	2007-11-26 22:42:26 UTC (rev 3517)
@@ -13,6 +13,8 @@
 #include "devices.h"
 #include "qemu-timer.h"
 #include "i2c.h"
+#include "net.h"
+#include "sd.h"
 #include "sysemu.h"
 #include "boards.h"
 
@@ -42,10 +44,6 @@
 
 /* General purpose timer module.  */
 
-/* Multiplication factor to convert from GPTM timer ticks to qemu timer
-   ticks.  */
-static int stellaris_clock_scale;
-
 typedef struct gptm_state {
     uint32_t config;
     uint32_t mode[2];
@@ -90,7 +88,7 @@
         /* 32-bit CountDown.  */
         uint32_t count;
         count = s->load[0] | (s->load[1] << 16);
-        tick += (int64_t)count * stellaris_clock_scale;
+        tick += (int64_t)count * system_clock_scale;
     } else if (s->config == 1) {
         /* 32-bit RTC.  1Hz tick.  */
         tick += ticks_per_sec;
@@ -323,6 +321,8 @@
     uint32_t dcgc[3];
     uint32_t clkvclr;
     uint32_t ldoarst;
+    uint32_t user0;
+    uint32_t user1;
     qemu_irq irq;
     stellaris_board_info *board;
 } ssys_state;
@@ -442,6 +442,10 @@
         return s->clkvclr;
     case 0x160: /* LDOARST */
         return s->ldoarst;
+    case 0x1e0: /* USER0 */
+        return s->user0;
+    case 0x1e4: /* USER1 */
+        return s->user1;
     default:
         cpu_abort(cpu_single_env, "ssys_read: Bad offset 0x%x\n", (int)offset);
         return 0;
@@ -480,7 +484,7 @@
             s->int_status |= (1 << 6);
         }
         s->rcc = value;
-        stellaris_clock_scale = 5 * (((s->rcc >> 23) & 0xf) + 1);
+        system_clock_scale = 5 * (((s->rcc >> 23) & 0xf) + 1);
         break;
     case 0x100: /* RCGC0 */
         s->rcgc[0] = value;
@@ -545,7 +549,8 @@
 }
 
 static void stellaris_sys_init(uint32_t base, qemu_irq irq,
-                               stellaris_board_info * board)
+                               stellaris_board_info * board,
+                               uint8_t *macaddr)
 {
     int iomemtype;
     ssys_state *s;
@@ -554,6 +559,9 @@
     s->base = base;
     s->irq = irq;
     s->board = board;
+    /* Most devices come preprogrammed with a MAC address in the user data. */
+    s->user0 = macaddr[0] | (macaddr[1] << 8) | (macaddr[2] << 16);
+    s->user1 = macaddr[3] | (macaddr[4] << 8) | (macaddr[5] << 16);
 
     iomemtype = cpu_register_io_memory(0, ssys_readfn,
                                        ssys_writefn, s);
@@ -993,6 +1001,51 @@
     return qi[0];
 }
 
+/* Some boards have both an OLED controller and SD card connected to
+   the same SSI port, with the SD card chip select connected to a
+   GPIO pin.  Technically the OLED chip select is connected to the SSI
+   Fss pin.  We do not bother emulating that as both devices should
+   never be selected simultaneously, and our OLED controller ignores stray
+   0xff commands that occur when deselecting the SD card.  */
+
+typedef struct {
+    ssi_xfer_cb xfer_cb[2];
+    void *opaque[2];
+    qemu_irq irq;
+    int current_dev;
+} stellaris_ssi_bus_state;
+
+static void stellaris_ssi_bus_select(void *opaque, int irq, int level)
+{
+    stellaris_ssi_bus_state *s = (stellaris_ssi_bus_state *)opaque;
+
+    s->current_dev = level;
+}
+
+static int stellaris_ssi_bus_xfer(void *opaque, int val)
+{
+    stellaris_ssi_bus_state *s = (stellaris_ssi_bus_state *)opaque;
+
+    return s->xfer_cb[s->current_dev](s->opaque[s->current_dev], val);
+}
+
+static void *stellaris_ssi_bus_init(qemu_irq *irqp,
+                                    ssi_xfer_cb cb0, void *opaque0,
+                                    ssi_xfer_cb cb1, void *opaque1)
+{
+    qemu_irq *qi;
+    stellaris_ssi_bus_state *s;
+
+    s = (stellaris_ssi_bus_state *)qemu_mallocz(sizeof(stellaris_ssi_bus_state));
+    s->xfer_cb[0] = cb0;
+    s->opaque[0] = opaque0;
+    s->xfer_cb[1] = cb1;
+    s->opaque[1] = opaque1;
+    qi = qemu_allocate_irqs(stellaris_ssi_bus_select, s, 1);
+    *irqp = *qi;
+    return s;
+}
+
 /* Board init.  */
 static stellaris_board_info stellaris_boards[] = {
   { "LM3S811EVB",
@@ -1052,7 +1105,7 @@
         }
     }
 
-    stellaris_sys_init(0x400fe000, pic[28], board);
+    stellaris_sys_init(0x400fe000, pic[28], board, nd_table[0].macaddr);
 
     for (i = 0; i < 7; i++) {
         if (board->dc4 & (1 << i)) {
@@ -1078,13 +1131,27 @@
     if (board->dc2 & (1 << 4)) {
         if (board->peripherals & BP_OLED_SSI) {
             void * oled;
-            /* FIXME: Implement chip select for OLED/MMC.  */
+            void * sd;
+            void *ssi_bus;
+
             oled = ssd0323_init(ds, &gpio_out[GPIO_C][7]);
-            pl022_init(0x40008000, pic[7], ssd0323_xfer_ssi, oled);
+            sd = ssi_sd_init(sd_bdrv);
+
+            ssi_bus = stellaris_ssi_bus_init(&gpio_out[GPIO_D][0],
+                                             ssi_sd_xfer, sd,
+                                             ssd0323_xfer_ssi, oled);
+
+            pl022_init(0x40008000, pic[7], stellaris_ssi_bus_xfer, ssi_bus);
+            /* Make sure the select pin is high.  */
+            qemu_irq_raise(gpio_out[GPIO_D][0]);
         } else {
             pl022_init(0x40008000, pic[7], NULL, NULL);
         }
     }
+    if (board->dc4 & (1 << 28)) {
+        /* FIXME: Obey network model.  */
+        stellaris_enet_init(&nd_table[0], 0x40048000, pic[42]);
+    }
     if (board->peripherals & BP_GAMEPAD) {
         qemu_irq gpad_irq[5];
         static const int gpad_keycode[5] = { 0xc8, 0xd0, 0xcb, 0xcd, 0x1d };

Added: trunk/src/host/qemu-neo1973/hw/stellaris_enet.c
===================================================================
--- trunk/src/host/qemu-neo1973/hw/stellaris_enet.c	2007-11-26 19:46:49 UTC (rev 3516)
+++ trunk/src/host/qemu-neo1973/hw/stellaris_enet.c	2007-11-26 22:42:26 UTC (rev 3517)
@@ -0,0 +1,347 @@
+/*
+ * Luminary Micro Stellaris Ethernet Controller
+ *
+ * Copyright (c) 2007 CodeSourcery.
+ * Written by Paul Brook
+ *
+ * This code is licenced under the GPL.
+ */
+#include "hw.h"
+#include "arm-misc.h"
+#include "net.h"
+#include <zlib.h>
+
+//#define DEBUG_STELLARIS_ENET 1
+
+#ifdef DEBUG_STELLARIS_ENET
+#define DPRINTF(fmt, args...) \
+do { printf("stellaris_enet: " fmt , ##args); } while (0)
+#define BADF(fmt, args...) \
+do { fprintf(stderr, "stellaris_enet: error: " fmt , ##args); exit(1);} while (0)
+#else
+#define DPRINTF(fmt, args...) do {} while(0)
+#define BADF(fmt, args...) \
+do { fprintf(stderr, "stellaris_enet: error: " fmt , ##args);} while (0)
+#endif
+
+#define SE_INT_RX       0x01
+#define SE_INT_TXER     0x02
+#define SE_INT_TXEMP    0x04
+#define SE_INT_FOV      0x08
+#define SE_INT_RXER     0x10
+#define SE_INT_MD       0x20
+#define SE_INT_PHY      0x40
+
+#define SE_RCTL_RXEN    0x01
+#define SE_RCTL_AMUL    0x02
+#define SE_RCTL_PRMS    0x04
+#define SE_RCTL_BADCRC  0x08
+#define SE_RCTL_RSTFIFO 0x10
+
+#define SE_TCTL_TXEN    0x01
+#define SE_TCTL_PADEN   0x02
+#define SE_TCTL_CRC     0x04
+#define SE_TCTL_DUPLEX  0x08
+
+typedef struct {
+    uint32_t base;
+    uint32_t ris;
+    uint32_t im;
+    uint32_t rctl;
+    uint32_t tctl;
+    uint32_t thr;
+    uint32_t mctl;
+    uint32_t mdv;
+    uint32_t mtxd;
+    uint32_t mrxd;
+    uint32_t np;
+    int tx_frame_len;
+    int tx_fifo_len;
+    uint8_t tx_fifo[2048];
+    /* Real hardware has a 2k fifo, which works out to be at most 31 packets.
+       We implement a full 31 packet fifo.  */
+    struct {
+        uint8_t data[2048];
+        int len;
+    } rx[31];
+    uint8_t *rx_fifo;
+    int rx_fifo_len;
+    int next_packet;
+    VLANClientState *vc;
+    qemu_irq irq;
+    uint8_t macaddr[6];
+} stellaris_enet_state;
+
+static void stellaris_enet_update(stellaris_enet_state *s)
+{
+    qemu_set_irq(s->irq, (s->ris & s->im) != 0);
+}
+
+/* TODO: Implement MAC address filtering.  */
+static void stellaris_enet_receive(void *opaque, const uint8_t *buf, int size)
+{
+    stellaris_enet_state *s = (stellaris_enet_state *)opaque;
+    int n;
+    uint8_t *p;
+    uint32_t crc;
+
+    if ((s->rctl & SE_RCTL_RXEN) == 0)
+        return;
+    if (s->np >= 31) {
+        DPRINTF("Packet dropped\n");
+        return;
+    }
+
+    DPRINTF("Received packet len=%d\n", size);
+    n = s->next_packet + s->np;
+    if (n >= 31)
+        n -= 31;
+    s->np++;
+
+    s->rx[n].len = size + 6;
+    p = s->rx[n].data;
+    *(p++) = (size + 6);
+    *(p++) = (size + 6) >> 8;
+    memcpy (p, buf, size);
+    p += size;
+    crc = crc32(~0, buf, size);
+    *(p++) = crc;
+    *(p++) = crc >> 8;
+    *(p++) = crc >> 16;
+    *(p++) = crc >> 24;
+    /* Clear the remaining bytes in the last word.  */
+    if ((size & 3) != 2) {
+        memset(p, 0, (6 - size) & 3);
+    }
+
+    s->ris |= SE_INT_RX;
+    stellaris_enet_update(s);
+}
+
+static int stellaris_enet_can_receive(void *opaque)
+{
+    stellaris_enet_state *s = (stellaris_enet_state *)opaque;
+
+    if ((s->rctl & SE_RCTL_RXEN) == 0)
+        return 1;
+
+    return (s->np < 31);
+}
+
+static uint32_t stellaris_enet_read(void *opaque, target_phys_addr_t offset)
+{
+    stellaris_enet_state *s = (stellaris_enet_state *)opaque;
+    uint32_t val;
+
+    offset -= s->base;
+    switch (offset) {
+    case 0x00: /* RIS */
+        DPRINTF("IRQ status %02x\n", s->ris);
+        return s->ris;
+    case 0x04: /* IM */
+        return s->im;
+    case 0x08: /* RCTL */
+        return s->rctl;
+    case 0x0c: /* TCTL */
+        return s->tctl;
+    case 0x10: /* DATA */
+        if (s->rx_fifo_len == 0) {
+            if (s->np == 0) {
+                BADF("RX underflow\n");
+                return 0;
+            }
+            s->rx_fifo_len = s->rx[s->next_packet].len;
+            s->rx_fifo = s->rx[s->next_packet].data;
+            DPRINTF("RX FIFO start packet len=%d\n", s->rx_fifo_len);
+        }
+        val = s->rx_fifo[0] | (s->rx_fifo[1] << 8) | (s->rx_fifo[2] << 16)
+              | (s->rx_fifo[3] << 24);
+        s->rx_fifo += 4;
+        s->rx_fifo_len -= 4;
+        if (s->rx_fifo_len <= 0) {
+            s->rx_fifo_len = 0;
+            s->next_packet++;
+            if (s->next_packet >= 31)
+                s->next_packet = 0;
+            s->np--;
+            DPRINTF("RX done np=%d\n", s->np);
+        }
+        return val;
+    case 0x14: /* IA0 */
+        return s->macaddr[0] | (s->macaddr[1] << 8)
+               | (s->macaddr[2] << 16) | (s->macaddr[3] << 24);
+    case 0x18: /* IA1 */
+        return s->macaddr[4] | (s->macaddr[5] << 8);
+    case 0x1c: /* THR */
+        return s->thr;
+    case 0x20: /* MCTL */
+        return s->mctl;
+    case 0x24: /* MDV */
+        return s->mdv;
+    case 0x28: /* MADD */
+        return 0;
+    case 0x2c: /* MTXD */
+        return s->mtxd;
+    case 0x30: /* MRXD */
+        return s->mrxd;
+    case 0x34: /* NP */
+        return s->np;
+    case 0x38: /* TR */
+        return 0;
+    case 0x3c: /* Undocuented: Timestamp? */
+        return 0;
+    default:
+        cpu_abort (cpu_single_env, "stellaris_enet_read: Bad offset %x\n",
+                   (int)offset);
+        return 0;
+    }
+}
+
+static void stellaris_enet_write(void *opaque, target_phys_addr_t offset,
+                        uint32_t value)
+{
+    stellaris_enet_state *s = (stellaris_enet_state *)opaque;
+
+    offset -= s->base;
+    switch (offset) {
+    case 0x00: /* IACK */
+        s->ris &= ~value;
+        DPRINTF("IRQ ack %02x/%02x\n", value, s->ris);
+        stellaris_enet_update(s);
+        /* Clearing TXER also resets the TX fifo.  */
+        if (value & SE_INT_TXER)
+            s->tx_frame_len = -1;
+        break;
+    case 0x04: /* IM */
+        DPRINTF("IRQ mask %02x/%02x\n", value, s->ris);
+        s->im = value;
+        stellaris_enet_update(s);
+        break;
+    case 0x08: /* RCTL */
+        s->rctl = value;
+        if (value & SE_RCTL_RSTFIFO) {
+            s->rx_fifo_len = 0;
+            s->np = 0;
+            stellaris_enet_update(s);
+        }
+        break;
+    case 0x0c: /* TCTL */
+        s->tctl = value;
+        break;
+    case 0x10: /* DATA */
+        if (s->tx_frame_len == -1) {
+            s->tx_frame_len = value & 0xffff;
+            if (s->tx_frame_len > 2032) {
+                DPRINTF("TX frame too long (%d)\n", s->tx_frame_len);
+                s->tx_frame_len = 0;
+                s->ris |= SE_INT_TXER;
+                stellaris_enet_update(s);
+            } else {
+                DPRINTF("Start TX frame len=%d\n", s->tx_frame_len);
+                /* The value written does not include the ethernet header.  */
+                s->tx_frame_len += 14;
+                if ((s->tctl & SE_TCTL_CRC) == 0)
+                    s->tx_frame_len += 4;
+                s->tx_fifo_len = 0;
+                s->tx_fifo[s->tx_fifo_len++] = value >> 16;
+                s->tx_fifo[s->tx_fifo_len++] = value >> 24;
+            }
+        } else {
+            s->tx_fifo[s->tx_fifo_len++] = value;
+            s->tx_fifo[s->tx_fifo_len++] = value >> 8;
+            s->tx_fifo[s->tx_fifo_len++] = value >> 16;
+            s->tx_fifo[s->tx_fifo_len++] = value >> 24;
+            if (s->tx_fifo_len >= s->tx_frame_len) {
+                /* We don't implement explicit CRC, so just chop it off.  */
+                if ((s->tctl & SE_TCTL_CRC) == 0)
+                    s->tx_frame_len -= 4;
+                if ((s->tctl & SE_TCTL_PADEN) && s->tx_frame_len < 60) {
+                    memset(&s->tx_fifo[s->tx_frame_len], 0, 60 - s->tx_frame_len);
+                    s->tx_fifo_len = 60;
+                }
+                qemu_send_packet(s->vc, s->tx_fifo, s->tx_frame_len);
+                s->tx_frame_len = -1;
+                s->ris |= SE_INT_TXEMP;
+                stellaris_enet_update(s);
+                DPRINTF("Done TX\n");
+            }
+        }
+        break;
+    case 0x14: /* IA0 */
+        s->macaddr[0] = value;
+        s->macaddr[1] = value >> 8;
+        s->macaddr[2] = value >> 16;
+        s->macaddr[3] = value >> 24;
+        break;
+    case 0x18: /* IA1 */
+        s->macaddr[4] = value;
+        s->macaddr[5] = value >> 8;
+        break;
+    case 0x1c: /* THR */
+        s->thr = value;
+        break;
+    case 0x20: /* MCTL */
+        s->mctl = value;
+        break;
+    case 0x24: /* MDV */
+        s->mdv = value;
+        break;
+    case 0x28: /* MADD */
+        /* ignored.  */
+        break;
+    case 0x2c: /* MTXD */
+        s->mtxd = value & 0xff;
+        break;
+    case 0x30: /* MRXD */
+    case 0x34: /* NP */
+    case 0x38: /* TR */
+        /* Ignored.  */
+    case 0x3c: /* Undocuented: Timestamp? */
+        /* Ignored.  */
+        break;
+    default:
+        cpu_abort (cpu_single_env, "stellaris_enet_write: Bad offset %x\n",
+                   (int)offset);
+    }
+}
+
+static CPUReadMemoryFunc *stellaris_enet_readfn[] = {
+   stellaris_enet_read,
+   stellaris_enet_read,
+   stellaris_enet_read
+};
+
+static CPUWriteMemoryFunc *stellaris_enet_writefn[] = {
+   stellaris_enet_write,
+   stellaris_enet_write,
+   stellaris_enet_write
+};
+static void stellaris_enet_reset(stellaris_enet_state *s)
+{
+    s->mdv = 0x80;
+    s->rctl = SE_RCTL_BADCRC;
+    s->im = SE_INT_PHY | SE_INT_MD | SE_INT_RXER | SE_INT_FOV | SE_INT_TXEMP
+            | SE_INT_TXER | SE_INT_RX;
+    s->thr = 0x3f;
+    s->tx_frame_len = -1;
+}
+
+void stellaris_enet_init(NICInfo *nd, uint32_t base, qemu_irq irq)
+{
+    stellaris_enet_state *s;
+    int iomemtype;
+
+    s = (stellaris_enet_state *)qemu_mallocz(sizeof(stellaris_enet_state));
+    iomemtype = cpu_register_io_memory(0, stellaris_enet_readfn,
+                                       stellaris_enet_writefn, s);
+    cpu_register_physical_memory(base, 0x00001000, iomemtype);
+    s->base = base;
+    s->irq = irq;
+    memcpy(s->macaddr, nd->macaddr, 6);
+
+    if (nd->vlan)
+        s->vc = qemu_new_vlan_client(nd->vlan, stellaris_enet_receive,
+                                     stellaris_enet_can_receive, s);
+
+    stellaris_enet_reset(s);
+}

Modified: trunk/src/host/qemu-neo1973/hw/tsc210x.c
===================================================================
--- trunk/src/host/qemu-neo1973/hw/tsc210x.c	2007-11-26 19:46:49 UTC (rev 3516)
+++ trunk/src/host/qemu-neo1973/hw/tsc210x.c	2007-11-26 22:42:26 UTC (rev 3517)
@@ -130,9 +130,10 @@
 #define Y_TRANSFORM(value)		\
     ((150 + ((int) (value) * (3037 - 150) / 32768)) << 4)
 #define Z1_TRANSFORM(s)			\
-    ((400 - (s)->x + ((s)->pressure << 9)) << 4)
+    ((400 - ((s)->x >> 7) + ((s)->pressure << 10)) << 4)
 #define Z2_TRANSFORM(s)			\
-    ((4000 + (s)->y - ((s)->pressure << 10)) << 4)
+    ((4000 + ((s)->y >> 7) - ((s)->pressure << 10)) << 4)
+
 #define BAT1_VAL			0x8660
 #define BAT2_VAL			0x0000
 #define AUX1_VAL			0x35c0
@@ -367,7 +368,8 @@
 
     case 0x05:	/* BAT1 */
         s->dav &= 0xffbf;
-        return TSC_CUT_RESOLUTION(BAT1_VAL, s->precision);
+        return TSC_CUT_RESOLUTION(BAT1_VAL, s->precision) +
+                (s->noise & 6);
 
     case 0x06:	/* BAT2 */
         s->dav &= 0xffdf;
@@ -383,11 +385,13 @@
 
     case 0x09:	/* TEMP1 */
         s->dav &= 0xfffb;
-        return TSC_CUT_RESOLUTION(TEMP1_VAL, s->precision);
+        return TSC_CUT_RESOLUTION(TEMP1_VAL, s->precision) -
+                (s->noise & 5);
 
     case 0x0a:	/* TEMP2 */
         s->dav &= 0xfffd;
-        return TSC_CUT_RESOLUTION(TEMP2_VAL, s->precision);
+        return TSC_CUT_RESOLUTION(TEMP2_VAL, s->precision) ^
+                (s->noise & 3);
 
     case 0x0b:	/* DAC */
         s->dav &= 0xfffe;

Modified: trunk/src/host/qemu-neo1973/linux-user/main.c
===================================================================
--- trunk/src/host/qemu-neo1973/linux-user/main.c	2007-11-26 19:46:49 UTC (rev 3516)
+++ trunk/src/host/qemu-neo1973/linux-user/main.c	2007-11-26 22:42:26 UTC (rev 3517)
@@ -1613,7 +1613,7 @@
                              env->gregs[6],
                              env->gregs[7],
                              env->gregs[0],
-                             0);
+                             env->gregs[1]);
             env->gregs[0] = ret;
             env->pc += 2;
             break;

Modified: trunk/src/host/qemu-neo1973/linux-user/syscall_defs.h
===================================================================
--- trunk/src/host/qemu-neo1973/linux-user/syscall_defs.h	2007-11-26 19:46:49 UTC (rev 3516)
+++ trunk/src/host/qemu-neo1973/linux-user/syscall_defs.h	2007-11-26 22:42:26 UTC (rev 3517)
@@ -1088,8 +1088,13 @@
 struct target_stat {
 	unsigned short st_dev;
 	abi_ulong st_ino;
+#if defined(TARGET_PPC64) && !defined(TARGET_ABI32)
+	unsigned short st_nlink;
 	unsigned int st_mode;
+#else
+	unsigned int st_mode;
 	unsigned short st_nlink;
+#endif
 	unsigned int st_uid;
 	unsigned int st_gid;
 	unsigned short st_rdev;
@@ -1104,6 +1109,9 @@
 	abi_ulong  __unused3;
 	abi_ulong  __unused4;
 	abi_ulong  __unused5;
+#if defined(TARGET_PPC64) && !defined(TARGET_ABI32)
+	abi_ulong  __unused6;
+#endif
 };
 
 struct target_stat64 {
@@ -1555,6 +1563,34 @@
 	uint32_t	f_namelen;
 	uint32_t	f_spare[6];
 };
+#elif defined(TARGET_PPC64) && !defined(TARGET_ABI32)
+struct target_statfs {
+	abi_long f_type;
+	abi_long f_bsize;
+	abi_long f_blocks;
+	abi_long f_bfree;
+	abi_long f_bavail;
+	abi_long f_files;
+	abi_long f_ffree;
+	target_fsid_t f_fsid;
+	abi_long f_namelen;
+	abi_long f_frsize;
+	abi_long f_spare[5];
+};
+
+struct target_statfs64 {
+	abi_long f_type;
+	abi_long f_bsize;
+	abi_long f_blocks;
+	abi_long f_bfree;
+	abi_long f_bavail;
+	abi_long f_files;
+	abi_long f_ffree;
+	target_fsid_t f_fsid;
+	abi_long f_namelen;
+	abi_long f_frsize;
+	abi_long f_spare[5];
+};
 #else
 struct target_statfs {
 	uint32_t f_type;

Modified: trunk/src/host/qemu-neo1973/qemu-char.h
===================================================================
--- trunk/src/host/qemu-neo1973/qemu-char.h	2007-11-26 19:46:49 UTC (rev 3516)
+++ trunk/src/host/qemu-neo1973/qemu-char.h	2007-11-26 22:42:26 UTC (rev 3517)
@@ -42,6 +42,7 @@
     void *handler_opaque;
     void (*chr_send_event)(struct CharDriverState *chr, int event);
     void (*chr_close)(struct CharDriverState *chr);
+    void (*chr_accept_input)(struct CharDriverState *chr);
     void *opaque;
     int focus;
     QEMUBH *bh;
@@ -61,6 +62,7 @@
 void qemu_chr_reset(CharDriverState *s);
 int qemu_chr_can_read(CharDriverState *s);
 void qemu_chr_read(CharDriverState *s, uint8_t *buf, int len);
+void qemu_chr_accept_input(CharDriverState *s);
 
 /* async I/O support */
 

Modified: trunk/src/host/qemu-neo1973/qemu-doc.texi
===================================================================
--- trunk/src/host/qemu-neo1973/qemu-doc.texi	2007-11-26 19:46:49 UTC (rev 3516)
+++ trunk/src/host/qemu-neo1973/qemu-doc.texi	2007-11-26 22:42:26 UTC (rev 3517)
@@ -199,7 +199,7 @@
 
 @example
 @c man begin SYNOPSIS
-usage: qemu [options] [disk_image]
+usage: qemu [options] [@var{disk_image}]
 @c man end
 @end example
 
@@ -208,22 +208,22 @@
 
 General options:
 @table @option
- at item -M machine
-Select the emulated machine (@code{-M ?} for list)
+ at item -M @var{machine}
+Select the emulated @var{machine} (@code{-M ?} for list)
 
- at item -fda file
- at item -fdb file
+ at item -fda @var{file}
+ at item -fdb @var{file}
 Use @var{file} as floppy disk 0/1 image (@pxref{disk_images}). You can
 use the host floppy by using @file{/dev/fd0} as filename (@pxref{host_drives}).
 
- at item -hda file
- at item -hdb file
- at item -hdc file
- at item -hdd file
+ at item -hda @var{file}
+ at item -hdb @var{file}
+ at item -hdc @var{file}
+ at item -hdd @var{file}
 Use @var{file} as hard disk 0, 1, 2 or 3 image (@pxref{disk_images}).
 
- at item -cdrom file
-Use @var{file} as CD-ROM image (you cannot use @option{-hdc} and and
+ at item -cdrom @var{file}
+Use @var{file} as CD-ROM image (you cannot use @option{-hdc} and
 @option{-cdrom} at the same time). You can use the host CD-ROM by
 using @file{/dev/cdrom} as filename (@pxref{host_drives}).
 
@@ -240,10 +240,10 @@
 Disable boot signature checking for floppy disks in Bochs BIOS. It may
 be needed to boot from old floppy disks.
 
- at item -m megs
-Set virtual RAM size to @var{megs} megabytes. Default is 128 MB.
+ at item -m @var{megs}
+Set virtual RAM size to @var{megs} megabytes. Default is 128 MiB.
 
- at item -smp n
+ at item -smp @var{n}
 Simulate an SMP system with @var{n} CPUs. On the PC target, up to 255
 CPUs are supported. On Sparc32 target, Linux limits the number of usable CPUs
 to 4.
@@ -253,7 +253,7 @@
 Will show the audio subsystem help: list of drivers, tunable
 parameters.
 
- at item -soundhw card1,card2,... or -soundhw all
+ at item -soundhw @var{card1}[, at var{card2},...] or -soundhw all
 
 Enable audio and selected sound hardware. Use ? to print all
 available sound hardware.
@@ -270,12 +270,12 @@
 time). This option is needed to have correct date in MS-DOS or
 Windows.
 
- at item -startdate date
+ at item -startdate @var{date}
 Set the initial date of the real time clock. Valid format for
 @var{date} are: @code{now} or @code{2006-06-17T16:01:21} or
 @code{2006-06-17}. The default value is @code{now}.
 
- at item -pidfile file
+ at item -pidfile @var{file}
 Store the QEMU process PID in @var{file}. It is useful if you launch QEMU
 from a script.
 
@@ -290,13 +290,14 @@
 Windows 2000 is installed, you no longer need this option (this option
 slows down the IDE transfers).
 
- at item -option-rom file
-Load the contents of file as an option ROM.  This option is useful to load
-things like EtherBoot.
+ at item -option-rom @var{file}
+Load the contents of @var{file} as an option ROM.
+This option is useful to load things like EtherBoot.
 
- at item -name string
-Sets the name of the guest.  This name will be display in the SDL window
-caption.  The name will also be used for the VNC server.
+ at item -name @var{name}
+Sets the @var{name} of the guest.
+This name will be display in the SDL window caption.
+The @var{name} will also be used for the VNC server.
 
 @end table
 
@@ -320,7 +321,7 @@
 @item -full-screen
 Start in full screen.
 
- at item -vnc display[,option[,option[,...]]]
+ at item -vnc @var{display}[, at var{option}[, at var{option}[,...]]]
 
 Normally, QEMU uses SDL to display the VGA output.  With this option,
 you can have QEMU listen on VNC display @var{display} and redirect the VGA
@@ -332,18 +333,18 @@
 
 @table @code
 
- at item @var{interface:d}
+ at item @var{interface}:@var{d}
 
 TCP connections will only be allowed from @var{interface} on display @var{d}.
 By convention the TCP port is 5900+ at var{d}. Optionally, @var{interface} can
 be omitted in which case the server will bind to all interfaces.
 
- at item @var{unix:path}
+ at item @var{unix}:@var{path}
 
 Connections will be allowed over UNIX domain sockets where @var{path} is the
 location of a unix socket to listen for connections on.
 
- at item @var{none}
+ at item none
 
 VNC is initialized by not started. The monitor @code{change} command can be used
 to later start the VNC server.
@@ -355,31 +356,31 @@
 
 @table @code
 
- at item @var{password}
+ at item password
 
 Require that password based authentication is used for client connections.
 The password must be set separately using the @code{change} command in the
 @ref{pcsys_monitor}
 
- at item @var{tls}
+ at item tls
 
 Require that client use TLS when communicating with the VNC server. This
 uses anonymous TLS credentials so is susceptible to a man-in-the-middle
 attack. It is recommended that this option be combined with either the
 @var{x509} or @var{x509verify} options.
 
- at item @var{x509=/path/to/certificate/dir}
+ at item x509=@var{/path/to/certificate/dir}
 
-Valid if @var{tls} is specified. Require that x509 credentials are used
+Valid if @option{tls} is specified. Require that x509 credentials are used
 for negotiating the TLS session. The server will send its x509 certificate
 to the client. It is recommended that a password be set on the VNC server
 to provide authentication of the client when this is used. The path following
 this option specifies where the x509 certificates are to be loaded from.
 See the @ref{vnc_security} section for details on generating certificates.
 
- at item @var{x509verify=/path/to/certificate/dir}
+ at item x509verify=@var{/path/to/certificate/dir}
 
-Valid if @var{tls} is specified. Require that x509 credentials are used
+Valid if @option{tls} is specified. Require that x509 credentials are used
 for negotiating the TLS session. The server will send its x509 certificate
 to the client, and request that the client send its own x509 certificate.
 The server will validate the client's certificate against the CA certificate,
@@ -392,7 +393,7 @@
 
 @end table
 
- at item -k language
+ at item -k @var{language}
 
 Use keyboard layout @var{language} (for example @code{fr} for
 French). This option is only needed where it is not easy to get raw PC
@@ -417,7 +418,7 @@
 @item -usb
 Enable the USB driver (will be the default soon)
 
- at item -usbdevice devname
+ at item -usbdevice @var{devname}
 Add the USB device @var{devname}. @xref{usb_devices}.
 @end table
 
@@ -425,7 +426,7 @@
 
 @table @option
 
- at item -net nic[,vlan=n][,macaddr=addr][,model=type]
+ at item -net nic[,vlan=@var{n}][,macaddr=@var{addr}][,model=@var{type}]
 Create a new Network Interface Card and connect it to VLAN @var{n} (@var{n}
 = 0 is the default). The NIC is an ne2k_pci by default on the PC
 target. Optionally, the MAC address can be changed. If no
@@ -438,17 +439,17 @@
 Not all devices are supported on all targets.  Use -net nic,model=?
 for a list of available devices for your target.
 
- at item -net user[,vlan=n][,hostname=name]
+ at item -net user[,vlan=@var{n}][,hostname=@var{name}]
 Use the user mode network stack which requires no administrator
 privilege to run.  @option{hostname=name} can be used to specify the client
 hostname reported by the builtin DHCP server.
 
- at item -net tap[,vlan=n][,fd=h][,ifname=name][,script=file]
+ at item -net tap[,vlan=@var{n}][,fd=@var{h}][,ifname=@var{name}][,script=@var{file}]
 Connect the host TAP network interface @var{name} to VLAN @var{n} and
 use the network script @var{file} to configure it. The default
 network script is @file{/etc/qemu-ifup}. Use @option{script=no} to
 disable script execution. If @var{name} is not
-provided, the OS automatically provides one.  @option{fd=h} can be
+provided, the OS automatically provides one. @option{fd}=@var{h} can be
 used to specify the handle of an already opened host TAP interface. Example:
 
 @example
@@ -462,13 +463,13 @@
 @end example
 
 
- at item -net socket[,vlan=n][,fd=h][,listen=[host]:port][,connect=host:port]
+ at item -net socket[,vlan=@var{n}][,fd=@var{h}][,listen=[@var{host}]:@var{port}][,connect=@var{host}:@var{port}]
 
 Connect the VLAN @var{n} to a remote VLAN in another QEMU virtual
 machine using a TCP socket connection. If @option{listen} is
 specified, QEMU waits for incoming connections on @var{port}
 (@var{host} is optional). @option{connect} is used to connect to
-another QEMU instance using the @option{listen} option. @option{fd=h}
+another QEMU instance using the @option{listen} option. @option{fd}=@var{h}
 specifies an already opened TCP socket.
 
 Example:
@@ -482,7 +483,7 @@
                -net socket,connect=127.0.0.1:1234
 @end example
 
- at item -net socket[,vlan=n][,fd=h][,mcast=maddr:port]
+ at item -net socket[,vlan=@var{n}][,fd=@var{h}][,mcast=@var{maddr}:@var{port}]
 
 Create a VLAN @var{n} shared with another QEMU virtual
 machines using a UDP multicast socket, effectively making a bus for
@@ -527,14 +528,14 @@
 override the default configuration (@option{-net nic -net user}) which
 is activated if no @option{-net} options are provided.
 
- at item -tftp dir
+ at item -tftp @var{dir}
 When using the user mode network stack, activate a built-in TFTP
 server. The files in @var{dir} will be exposed as the root of a TFTP server.
 The TFTP client on the guest must be configured in binary mode (use the command
 @code{bin} of the Unix TFTP client). The host IP address on the guest is as
 usual 10.0.2.2.
 
- at item -bootp file
+ at item -bootp @var{file}
 When using the user mode network stack, broadcast @var{file} as the BOOTP
 filename.  In conjunction with @option{-tftp}, this can be used to network boot
 a guest from a local directory.
@@ -544,9 +545,9 @@
 qemu -hda linux.img -boot n -tftp /path/to/tftp/files -bootp /pxelinux.0
 @end example
 
- at item -smb dir
+ at item -smb @var{dir}
 When using the user mode network stack, activate a built-in SMB
-server so that Windows OSes can access to the host files in @file{dir}
+server so that Windows OSes can access to the host files in @file{@var{dir}}
 transparently.
 
 In the guest Windows OS, the line:
@@ -556,13 +557,13 @@
 must be added in the file @file{C:\WINDOWS\LMHOSTS} (for windows 9x/Me)
 or @file{C:\WINNT\SYSTEM32\DRIVERS\ETC\LMHOSTS} (Windows NT/2000).
 
-Then @file{dir} can be accessed in @file{\\smbserver\qemu}.
+Then @file{@var{dir}} can be accessed in @file{\\smbserver\qemu}.
 
 Note that a SAMBA server must be installed on the host OS in
 @file{/usr/sbin/smbd}. QEMU was tested successfully with smbd version
 2.2.7a from the Red Hat 9 and version 3.0.10-1.fc3 from Fedora Core 3.
 
- at item -redir [tcp|udp]:host-port:[guest-host]:guest-port
+ at item -redir [tcp|udp]:@var{host-port}:[@var{guest-host}]:@var{guest-port}
 
 When using the user mode network stack, redirect incoming TCP or UDP
 connections to the host port @var{host-port} to the guest
@@ -600,13 +601,13 @@
 
 @table @option
 
- at item -kernel bzImage
+ at item -kernel @var{bzImage}
 Use @var{bzImage} as kernel image.
 
- at item -append cmdline
+ at item -append @var{cmdline}
 Use @var{cmdline} as kernel command line
 
- at item -initrd file
+ at item -initrd @var{file}
 Use @var{file} as initial ram disk.
 
 @end table
@@ -614,7 +615,7 @@
 Debug/Expert options:
 @table @option
 
- at item -serial dev
+ at item -serial @var{dev}
 Redirect the virtual serial port to host character device
 @var{dev}. The default device is @code{vc} in graphical mode and
 @code{stdio} in non graphical mode.
@@ -644,19 +645,22 @@
 @item /dev/XXX
 [Linux only] Use host tty, e.g. @file{/dev/ttyS0}. The host serial port
 parameters are set according to the emulated ones.
- at item /dev/parportN
+ at item /dev/parport at var{N}
 [Linux only, parallel port only] Use host parallel port
 @var{N}. Currently SPP and EPP parallel port features can be used.
- at item file:filename
-Write output to filename. No character can be read.
+ at item file:@var{filename}
+Write output to @var{filename}. No character can be read.
 @item stdio
 [Unix only] standard input/output
- at item pipe:filename
+ at item pipe:@var{filename}
 name pipe @var{filename}
- at item COMn
+ at item COM at var{n}
 [Windows only] Use host serial port @var{n}
- at item udp:[remote_host]:remote_port[@@[src_ip]:src_port]
-This implements UDP Net Console.  When @var{remote_host} or @var{src_ip} are not specified they default to @code{0.0.0.0}.  When not using a specified @var{src_port} a random port is automatically chosen.
+ at item udp:[@var{remote_host}]:@var{remote_port}[@@[@var{src_ip}]:@var{src_port}]
+This implements UDP Net Console.
+When @var{remote_host} or @var{src_ip} are not specified
+they default to @code{0.0.0.0}.
+When not using a specified @var{src_port} a random port is automatically chosen.
 
 If you just want a simple readonly console you can use @code{netcat} or
 @code{nc}, by starting qemu with: @code{-serial udp::4555} and nc as:
@@ -682,7 +686,7 @@
 @end table
 
 
- at item tcp:[host]:port[,server][,nowait][,nodelay]
+ at item tcp:[@var{host}]:@var{port}[, at var{server}][,nowait][,nodelay]
 The TCP Net Console has two modes of operation.  It can send the serial
 I/O to a location or wait for a connection from a location.  By default
 the TCP Net Console is sent to @var{host} at the @var{port}.  If you use
@@ -701,7 +705,7 @@
 -serial tcp:192.168.0.100:4444,server,nowait
 @end table
 
- at item telnet:host:port[,server][,nowait][,nodelay]
+ at item telnet:@var{host}:@var{port}[,server][,nowait][,nodelay]
 The telnet protocol is used instead of raw tcp sockets.  The options
 work the same as if you had specified @code{-serial tcp}.  The
 difference is that the port acts like a telnet server or client using
@@ -710,12 +714,12 @@
 sequence.  Typically in unix telnet you do it with Control-] and then
 type "send break" followed by pressing the enter key.
 
- at item unix:path[,server][,nowait]
+ at item unix:@var{path}[,server][,nowait]
 A unix domain socket is used instead of a tcp socket.  The option works the
 same as if you had specified @code{-serial tcp} except the unix domain socket
 @var{path} is used for connections.
 
- at item mon:dev_string
+ at item mon:@var{dev_string}
 This is a special option to allow the monitor to be multiplexed onto
 another serial port.  The monitor is accessed with key sequence of
 @key{Control-a} and then pressing @key{c}. See monitor access
@@ -729,7 +733,7 @@
 
 @end table
 
- at item -parallel dev
+ at item -parallel @var{dev}
 Redirect the virtual parallel port to host device @var{dev} (same
 devices as the serial port). On Linux hosts, @file{/dev/parportN} can
 be used to use hardware devices connected on the corresponding host
@@ -740,7 +744,7 @@
 
 Use @code{-parallel none} to disable all parallel ports.
 
- at item -monitor dev
+ at item -monitor @var{dev}
 Redirect the monitor to host device @var{dev} (same devices as the
 serial port).
 The default device is @code{vc} in graphical mode and @code{stdio} in
@@ -761,14 +765,14 @@
 
 @item -s
 Wait gdb connection to port 1234 (@pxref{gdb_usage}).
- at item -p port
+ at item -p @var{port}
 Change gdb connection port.  @var{port} can be either a decimal number
 to specify a TCP port, or a host device (same devices as the serial port).
 @item -S
 Do not start CPU at startup (you must type 'c' in the monitor).
 @item -d
 Output log in /tmp/qemu.log
- at item -hdachs c,h,s,[,t]
+ at item -hdachs @var{c}, at var{h}, at var{s},[, at var{t}]
 Force hard disk 0 physical geometry (1 <= @var{c} <= 16383, 1 <=
 @var{h} <= 16, 1 <= @var{s} <= 63) and optionally force the BIOS
 translation mode (@var{t}=none, lba or auto). Usually QEMU can guess
@@ -879,7 +883,7 @@
 
 @item
 Remove or insert removable media images
-(such as CD-ROM or floppies)
+(such as CD-ROM or floppies).
 
 @item
 Freeze/unfreeze the Virtual Machine (VM) and save or restore its state
@@ -895,14 +899,14 @@
 
 @table @option
 
- at item help or ? [cmd]
+ at item help or ? [@var{cmd}]
 Show the help for all commands or just for command @var{cmd}.
 
 @item commit
-Commit changes to the disk images (if -snapshot is used)
+Commit changes to the disk images (if -snapshot is used).
 
- at item info subcommand
-show various information about the system state
+ at item info @var{subcommand}
+Show various information about the system state.
 
 @table @option
 @item info network
@@ -930,12 +934,12 @@
 @item q or quit
 Quit the emulator.
 
- at item eject [-f] device
+ at item eject [-f] @var{device}
 Eject a removable medium (use -f to force it).
 
- at item change device setting
+ at item change @var{device} @var{setting}
 
-Change the configuration of a device
+Change the configuration of a device.
 
 @table @option
 @item change @var{diskdevice} @var{filename}
@@ -945,7 +949,7 @@
 (qemu) change cdrom /path/to/some.iso
 @end example
 
- at item change vnc @var{display,options}
+ at item change vnc @var{display}, at var{options}
 Change the configuration of the VNC server. The valid syntax for @var{display}
 and @var{options} are described at @ref{sec_invocation}. eg
 
@@ -966,24 +970,24 @@
 
 @end table
 
- at item screendump filename
+ at item screendump @var{filename}
 Save screen into PPM image @var{filename}.
 
- at item mouse_move dx dy [dz]
+ at item mouse_move @var{dx} @var{dy} [@var{dz}]
 Move the active mouse to the specified coordinates @var{dx} @var{dy}
 with optional scroll axis @var{dz}.
 
- at item mouse_button val
+ at item mouse_button @var{val}
 Change the active mouse button state @var{val} (1=L, 2=M, 4=R).
 
- at item mouse_set index
+ at item mouse_set @var{index}
 Set which mouse device receives events at given @var{index}, index
 can be obtained with
 @example
 info mice
 @end example
 
- at item wavcapture filename [frequency [bits [channels]]]
+ at item wavcapture @var{filename} [@var{frequency} [@var{bits} [@var{channels}]]]
 Capture audio into @var{filename}. Using sample rate @var{frequency}
 bits per sample @var{bits} and number of channels @var{channels}.
 
@@ -994,26 +998,26 @@
 @item Number of channels = 2 - Stereo
 @end itemize
 
- at item stopcapture index
+ at item stopcapture @var{index}
 Stop capture with a given @var{index}, index can be obtained with
 @example
 info capture
 @end example
 
- at item log item1[,...]
+ at item log @var{item1}[,...]
 Activate logging of the specified items to @file{/tmp/qemu.log}.
 
- at item savevm [tag|id]
+ at item savevm [@var{tag}|@var{id}]
 Create a snapshot of the whole virtual machine. If @var{tag} is
 provided, it is used as human readable identifier. If there is already
 a snapshot with the same tag or ID, it is replaced. More info at
 @ref{vm_snapshots}.
 
- at item loadvm tag|id
+ at item loadvm @var{tag}|@var{id}
 Set the whole virtual machine to the snapshot identified by the tag
 @var{tag} or the unique snapshot ID @var{id}.
 
- at item delvm tag|id
+ at item delvm @var{tag}|@var{id}
 Delete the snapshot identified by @var{tag} or @var{id}.
 
 @item stop
@@ -1022,13 +1026,13 @@
 @item c or cont
 Resume emulation.
 
- at item gdbserver [port]
-Start gdbserver session (default port=1234)
+ at item gdbserver [@var{port}]
+Start gdbserver session (default @var{port}=1234)
 
- at item x/fmt addr
+ at item x/fmt @var{addr}
 Virtual memory dump starting at @var{addr}.
 
- at item xp /fmt addr
+ at item xp /@var{fmt} @var{addr}
 Physical memory dump starting at @var{addr}.
 
 @var{fmt} is a format which tells the command how to format the
@@ -1084,12 +1088,12 @@
 @end smallexample
 @end itemize
 
- at item p or print/fmt expr
+ at item p or print/@var{fmt} @var{expr}
 
 Print expression value. Only the @var{format} part of @var{fmt} is
 used.
 
- at item sendkey keys
+ at item sendkey @var{keys}
 
 Send @var{keys} to the emulator. Use @code{-} to press several keys
 simultaneously. Example:
@@ -1104,12 +1108,12 @@
 
 Reset the system.
 
- at item usb_add devname
+ at item usb_add @var{devname}
 
 Add the USB device @var{devname}.  For details of available devices see
 @ref{usb_devices}
 
- at item usb_del devname
+ at item usb_del @var{devname}
 
 Remove the USB device @var{devname} from the QEMU virtual USB
 hub. @var{devname} has the syntax @code{bus.addr}. Use the monitor
@@ -1263,7 +1267,7 @@
 is better to use the @code{change} or @code{eject} monitor commands to
 change or eject media.
 @item Hard disks
-Hard disks can be used with the syntax: @file{\\.\PhysicalDriveN}
+Hard disks can be used with the syntax: @file{\\.\PhysicalDrive at var{N}}
 where @var{N} is the drive number (0 is the first hard disk).
 
 WARNING: unless you know what you do, it is better to only make
@@ -1458,12 +1462,12 @@
 Pointer device that uses absolute coordinates (like a touchscreen).
 This means qemu is able to report the mouse position without having
 to grab the mouse.  Also overrides the PS/2 mouse emulation when activated.
- at item @code{disk:file}
+ at item @code{disk:@var{file}}
 Mass storage device based on @var{file} (@pxref{disk_images})
- at item @code{host:bus.addr}
+ at item @code{host:@var{bus.addr}}
 Pass through the host device identified by @var{bus.addr}
 (Linux only)
- at item @code{host:vendor_id:product_id}
+ at item @code{host:@var{vendor_id:product_id}}
 Pass through the host device identified by @var{vendor_id:product_id}
 (Linux only)
 @item @code{wacom-tablet}
@@ -2009,7 +2013,7 @@
  -prom-env 'boot-device=sd(0,2,0):d' -prom-env 'boot-args=linux single'
 @end example
 
- at item -M [SS-5|SS-10]
+ at item -M [SS-5|SS-10|SS-600MP]
 
 Set the emulated machine type. Default is SS-5.
 

Modified: trunk/src/host/qemu-neo1973/qemu-tech.texi
===================================================================
--- trunk/src/host/qemu-neo1973/qemu-tech.texi	2007-11-26 19:46:49 UTC (rev 3516)
+++ trunk/src/host/qemu-neo1973/qemu-tech.texi	2007-11-26 22:42:26 UTC (rev 3517)
@@ -212,8 +212,7 @@
 
 @item IPC syscalls are missing.
 
- at item 128-bit floating point operations are not supported, though none of the
-real CPUs implement them either.  Floating point exception support is untested.
+ at item Floating point exception support is buggy.
 
 @item Atomic instructions are not correctly implemented.
 

Modified: trunk/src/host/qemu-neo1973/target-arm/helper.c
===================================================================
--- trunk/src/host/qemu-neo1973/target-arm/helper.c	2007-11-26 19:46:49 UTC (rev 3516)
+++ trunk/src/host/qemu-neo1973/target-arm/helper.c	2007-11-26 22:42:26 UTC (rev 3517)
@@ -608,6 +608,15 @@
         armv7m_nvic_set_pending(env->v7m.nvic, ARMV7M_EXCP_MEM);
         return;
     case EXCP_BKPT:
+        if (semihosting_enabled) {
+            int nr;
+            nr = lduw_code(env->regs[15]) & 0xff;
+            if (nr == 0xab) {
+                env->regs[15] += 2;
+                env->regs[0] = do_arm_semihosting(env);
+                return;
+            }
+        }
         armv7m_nvic_set_pending(env->v7m.nvic, ARMV7M_EXCP_DEBUG);
         return;
     case EXCP_IRQ:
@@ -693,7 +702,7 @@
         break;
     case EXCP_BKPT:
         /* See if this is a semihosting syscall.  */
-        if (env->thumb) {
+        if (env->thumb && semihosting_enabled) {
             mask = lduw_code(env->regs[15]) & 0xff;
             if (mask == 0xab
                   && (env->uncached_cpsr & CPSR_M) != ARM_CPU_MODE_USR) {

Modified: trunk/src/host/qemu-neo1973/target-i386/helper2.c
===================================================================
--- trunk/src/host/qemu-neo1973/target-i386/helper2.c	2007-11-26 19:46:49 UTC (rev 3516)
+++ trunk/src/host/qemu-neo1973/target-i386/helper2.c	2007-11-26 22:42:26 UTC (rev 3517)
@@ -83,7 +83,7 @@
             return;
         }
     for ( i = 0 ; i < 32 ; i++ ) 
-        if (ext3_features[i] && !strcmp (flagname, ext3_feature_name[i])) {
+        if (ext3_feature_name[i] && !strcmp (flagname, ext3_feature_name[i])) {
             *ext3_features |= 1 << i;
             return;
         }

Modified: trunk/src/host/qemu-neo1973/target-mips/helper.c
===================================================================
--- trunk/src/host/qemu-neo1973/target-mips/helper.c	2007-11-26 19:46:49 UTC (rev 3516)
+++ trunk/src/host/qemu-neo1973/target-mips/helper.c	2007-11-26 22:42:26 UTC (rev 3517)
@@ -133,7 +133,7 @@
 #if defined(TARGET_MIPS64)
     } else if (address < 0x4000000000000000ULL) {
         /* xuseg */
-	if (UX && address < (0x3FFFFFFFFFFFFFFFULL & env->SEGMask)) {
+	if (UX && address <= (0x3FFFFFFFFFFFFFFFULL & env->SEGMask)) {
             ret = env->tlb->map_address(env, physical, prot, address, rw, access_type);
 	} else {
 	    ret = TLBRET_BADADDR;
@@ -141,7 +141,7 @@
     } else if (address < 0x8000000000000000ULL) {
         /* xsseg */
 	if ((supervisor_mode || kernel_mode) &&
-	    SX && address < (0x7FFFFFFFFFFFFFFFULL & env->SEGMask)) {
+	    SX && address <= (0x7FFFFFFFFFFFFFFFULL & env->SEGMask)) {
             ret = env->tlb->map_address(env, physical, prot, address, rw, access_type);
 	} else {
 	    ret = TLBRET_BADADDR;
@@ -150,7 +150,7 @@
         /* xkphys */
         /* XXX: Assumes PABITS = 36 (correct for MIPS64R1) */
         if (kernel_mode && KX &&
-            (address & 0x07FFFFFFFFFFFFFFULL) < 0x0000000FFFFFFFFFULL) {
+            (address & 0x07FFFFFFFFFFFFFFULL) <= 0x0000000FFFFFFFFFULL) {
             *physical = address & 0x0000000FFFFFFFFFULL;
             *prot = PAGE_READ | PAGE_WRITE;
 	} else {
@@ -159,7 +159,7 @@
     } else if (address < 0xFFFFFFFF80000000ULL) {
         /* xkseg */
 	if (kernel_mode && KX &&
-	    address < (0xFFFFFFFF7FFFFFFFULL & env->SEGMask)) {
+	    address <= (0xFFFFFFFF7FFFFFFFULL & env->SEGMask)) {
             ret = env->tlb->map_address(env, physical, prot, address, rw, access_type);
 	} else {
 	    ret = TLBRET_BADADDR;

Modified: trunk/src/host/qemu-neo1973/target-mips/translate.c
===================================================================
--- trunk/src/host/qemu-neo1973/target-mips/translate.c	2007-11-26 19:46:49 UTC (rev 3516)
+++ trunk/src/host/qemu-neo1973/target-mips/translate.c	2007-11-26 22:42:26 UTC (rev 3517)
@@ -543,6 +543,8 @@
     uint32_t hflags, saved_hflags;
     int bstate;
     target_ulong btarget;
+    void *last_T0_store;
+    int last_T0_gpr;
 } DisasContext;
 
 enum {
@@ -572,15 +574,36 @@
                ctx->opcode & 0x3F, ((ctx->opcode >> 16) & 0x1F));             \
 } while (0)
 
-#define GEN_LOAD_REG_TN(Tn, Rn)                                               \
+#define GEN_LOAD_REG_T0(Rn)                                                   \
 do {                                                                          \
     if (Rn == 0) {                                                            \
-        glue(gen_op_reset_, Tn)();                                            \
+        gen_op_reset_T0();                                                    \
     } else {                                                                  \
-        glue(gen_op_load_gpr_, Tn)(Rn);                                       \
+        if (ctx->glue(last_T0, _store) != gen_opc_ptr                         \
+            || ctx->glue(last_T0, _gpr) != Rn) {                              \
+                gen_op_load_gpr_T0(Rn);                                       \
+        }                                                                     \
     }                                                                         \
 } while (0)
 
+#define GEN_LOAD_REG_T1(Rn)                                                   \
+do {                                                                          \
+    if (Rn == 0) {                                                            \
+        gen_op_reset_T1();                                                    \
+    } else {                                                                  \
+        gen_op_load_gpr_T1(Rn);                                               \
+    }                                                                         \
+} while (0)
+
+#define GEN_LOAD_REG_T2(Rn)                                                   \
+do {                                                                          \
+    if (Rn == 0) {                                                            \
+        gen_op_reset_T2();                                                    \
+    } else {                                                                  \
+        gen_op_load_gpr_T2(Rn);                                               \
+    }                                                                         \
+} while (0)
+
 #define GEN_LOAD_SRSREG_TN(Tn, Rn)                                            \
 do {                                                                          \
     if (Rn == 0) {                                                            \
@@ -612,13 +635,21 @@
 } while (0)
 #endif
 
-#define GEN_STORE_TN_REG(Rn, Tn)                                              \
+#define GEN_STORE_T0_REG(Rn)                                                  \
 do {                                                                          \
     if (Rn != 0) {                                                            \
-        glue(glue(gen_op_store_, Tn),_gpr)(Rn);                               \
+        glue(gen_op_store_T0,_gpr)(Rn);                                       \
+        ctx->glue(last_T0,_store) = gen_opc_ptr;                              \
+        ctx->glue(last_T0,_gpr) = Rn;                                         \
     }                                                                         \
 } while (0)
 
+#define GEN_STORE_T1_REG(Rn)                                                  \
+do {                                                                          \
+    if (Rn != 0)                                                              \
+        glue(gen_op_store_T1,_gpr)(Rn);                                       \
+} while (0)
+
 #define GEN_STORE_TN_SRSREG(Rn, Tn)                                           \
 do {                                                                          \
     if (Rn != 0) {                                                            \
@@ -855,126 +886,126 @@
 #if defined(TARGET_MIPS64)
     case OPC_LWU:
         op_ldst(lwu);
-        GEN_STORE_TN_REG(rt, T0);
+        GEN_STORE_T0_REG(rt);
         opn = "lwu";
         break;
     case OPC_LD:
         op_ldst(ld);
-        GEN_STORE_TN_REG(rt, T0);
+        GEN_STORE_T0_REG(rt);
         opn = "ld";
         break;
     case OPC_LLD:
         op_ldst(lld);
-        GEN_STORE_TN_REG(rt, T0);
+        GEN_STORE_T0_REG(rt);
         opn = "lld";
         break;
     case OPC_SD:
-        GEN_LOAD_REG_TN(T1, rt);
+        GEN_LOAD_REG_T1(rt);
         op_ldst(sd);
         opn = "sd";
         break;
     case OPC_SCD:
         save_cpu_state(ctx, 1);
-        GEN_LOAD_REG_TN(T1, rt);
+        GEN_LOAD_REG_T1(rt);
         op_ldst(scd);
-        GEN_STORE_TN_REG(rt, T0);
+        GEN_STORE_T0_REG(rt);
         opn = "scd";
         break;
     case OPC_LDL:
-        GEN_LOAD_REG_TN(T1, rt);
+        GEN_LOAD_REG_T1(rt);
         op_ldst(ldl);
-        GEN_STORE_TN_REG(rt, T1);
+        GEN_STORE_T1_REG(rt);
         opn = "ldl";
         break;
     case OPC_SDL:
-        GEN_LOAD_REG_TN(T1, rt);
+        GEN_LOAD_REG_T1(rt);
         op_ldst(sdl);
         opn = "sdl";
         break;
     case OPC_LDR:
-        GEN_LOAD_REG_TN(T1, rt);
+        GEN_LOAD_REG_T1(rt);
         op_ldst(ldr);
-        GEN_STORE_TN_REG(rt, T1);
+        GEN_STORE_T1_REG(rt);
         opn = "ldr";
         break;
     case OPC_SDR:
-        GEN_LOAD_REG_TN(T1, rt);
+        GEN_LOAD_REG_T1(rt);
         op_ldst(sdr);
         opn = "sdr";
         break;
 #endif
     case OPC_LW:
         op_ldst(lw);
-        GEN_STORE_TN_REG(rt, T0);
+        GEN_STORE_T0_REG(rt);
         opn = "lw";
         break;
     case OPC_SW:
-        GEN_LOAD_REG_TN(T1, rt);
+        GEN_LOAD_REG_T1(rt);
         op_ldst(sw);
         opn = "sw";
         break;
     case OPC_LH:
         op_ldst(lh);
-        GEN_STORE_TN_REG(rt, T0);
+        GEN_STORE_T0_REG(rt);
         opn = "lh";
         break;
     case OPC_SH:
-        GEN_LOAD_REG_TN(T1, rt);
+        GEN_LOAD_REG_T1(rt);
         op_ldst(sh);
         opn = "sh";
         break;
     case OPC_LHU:
         op_ldst(lhu);
-        GEN_STORE_TN_REG(rt, T0);
+        GEN_STORE_T0_REG(rt);
         opn = "lhu";
         break;
     case OPC_LB:
         op_ldst(lb);
-        GEN_STORE_TN_REG(rt, T0);
+        GEN_STORE_T0_REG(rt);
         opn = "lb";
         break;
     case OPC_SB:
-        GEN_LOAD_REG_TN(T1, rt);
+        GEN_LOAD_REG_T1(rt);
         op_ldst(sb);
         opn = "sb";
         break;
     case OPC_LBU:
         op_ldst(lbu);
-        GEN_STORE_TN_REG(rt, T0);
+        GEN_STORE_T0_REG(rt);
         opn = "lbu";
         break;
     case OPC_LWL:
-	GEN_LOAD_REG_TN(T1, rt);
+	GEN_LOAD_REG_T1(rt);
         op_ldst(lwl);
-        GEN_STORE_TN_REG(rt, T1);
+        GEN_STORE_T1_REG(rt);
         opn = "lwl";
         break;
     case OPC_SWL:
-        GEN_LOAD_REG_TN(T1, rt);
+        GEN_LOAD_REG_T1(rt);
         op_ldst(swl);
         opn = "swr";
         break;
     case OPC_LWR:
-	GEN_LOAD_REG_TN(T1, rt);
+	GEN_LOAD_REG_T1(rt);
         op_ldst(lwr);
-        GEN_STORE_TN_REG(rt, T1);
+        GEN_STORE_T1_REG(rt);
         opn = "lwr";
         break;
     case OPC_SWR:
-        GEN_LOAD_REG_TN(T1, rt);
+        GEN_LOAD_REG_T1(rt);
         op_ldst(swr);
         opn = "swr";
         break;
     case OPC_LL:
         op_ldst(ll);
-        GEN_STORE_TN_REG(rt, T0);
+        GEN_STORE_T0_REG(rt);
         opn = "ll";
         break;
     case OPC_SC:
         save_cpu_state(ctx, 1);
-        GEN_LOAD_REG_TN(T1, rt);
+        GEN_LOAD_REG_T1(rt);
         op_ldst(sc);
-        GEN_STORE_TN_REG(rt, T0);
+        GEN_STORE_T0_REG(rt);
         opn = "sc";
         break;
     default:
@@ -1059,7 +1090,7 @@
     case OPC_ANDI:
     case OPC_ORI:
     case OPC_XORI:
-        GEN_LOAD_REG_TN(T0, rs);
+        GEN_LOAD_REG_T0(rs);
         GEN_LOAD_IMM_TN(T1, uimm);
         break;
     case OPC_LUI:
@@ -1077,7 +1108,7 @@
     case OPC_DSRL32:
 #endif
         uimm &= 0x1f;
-        GEN_LOAD_REG_TN(T0, rs);
+        GEN_LOAD_REG_T0(rs);
         GEN_LOAD_IMM_TN(T1, uimm);
         break;
     }
@@ -1222,7 +1253,7 @@
         generate_exception(ctx, EXCP_RI);
         return;
     }
-    GEN_STORE_TN_REG(rt, T0);
+    GEN_STORE_T0_REG(rt);
     MIPS_DEBUG("%s %s, %s, " TARGET_FMT_lx, opn, regnames[rt], regnames[rs], uimm);
 }
 
@@ -1239,8 +1270,14 @@
         MIPS_DEBUG("NOP");
         return;
     }
-    GEN_LOAD_REG_TN(T0, rs);
-    GEN_LOAD_REG_TN(T1, rt);
+    GEN_LOAD_REG_T0(rs);
+    /* Specialcase the conventional move operation. */
+    if (rt == 0 && (opc == OPC_ADDU || opc == OPC_DADDU
+                    || opc == OPC_SUBU || opc == OPC_DSUBU)) {
+        GEN_STORE_T0_REG(rd);
+        return;
+    }
+    GEN_LOAD_REG_T1(rt);
     switch (opc) {
     case OPC_ADD:
         save_cpu_state(ctx, 1);
@@ -1383,7 +1420,7 @@
         generate_exception(ctx, EXCP_RI);
         return;
     }
-    GEN_STORE_TN_REG(rd, T0);
+    GEN_STORE_T0_REG(rd);
  print:
     MIPS_DEBUG("%s %s, %s, %s", opn, regnames[rd], regnames[rs], regnames[rt]);
 }
@@ -1401,21 +1438,21 @@
     switch (opc) {
     case OPC_MFHI:
         gen_op_load_HI(0);
-        GEN_STORE_TN_REG(reg, T0);
+        GEN_STORE_T0_REG(reg);
         opn = "mfhi";
         break;
     case OPC_MFLO:
         gen_op_load_LO(0);
-        GEN_STORE_TN_REG(reg, T0);
+        GEN_STORE_T0_REG(reg);
         opn = "mflo";
         break;
     case OPC_MTHI:
-        GEN_LOAD_REG_TN(T0, reg);
+        GEN_LOAD_REG_T0(reg);
         gen_op_store_HI(0);
         opn = "mthi";
         break;
     case OPC_MTLO:
-        GEN_LOAD_REG_TN(T0, reg);
+        GEN_LOAD_REG_T0(reg);
         gen_op_store_LO(0);
         opn = "mtlo";
         break;
@@ -1432,8 +1469,8 @@
 {
     const char *opn = "mul/div";
 
-    GEN_LOAD_REG_TN(T0, rs);
-    GEN_LOAD_REG_TN(T1, rt);
+    GEN_LOAD_REG_T0(rs);
+    GEN_LOAD_REG_T1(rt);
     switch (opc) {
     case OPC_DIV:
         gen_op_div();
@@ -1502,7 +1539,7 @@
         MIPS_DEBUG("NOP");
         return;
     }
-    GEN_LOAD_REG_TN(T0, rs);
+    GEN_LOAD_REG_T0(rs);
     switch (opc) {
     case OPC_CLO:
         gen_op_clo();
@@ -1548,8 +1585,8 @@
     case OPC_TNE:
         /* Compare two registers */
         if (rs != rt) {
-            GEN_LOAD_REG_TN(T0, rs);
-            GEN_LOAD_REG_TN(T1, rt);
+            GEN_LOAD_REG_T0(rs);
+            GEN_LOAD_REG_T1(rt);
             cond = 1;
         }
         break;
@@ -1561,7 +1598,7 @@
     case OPC_TNEI:
         /* Compare register to immediate */
         if (rs != 0 || imm != 0) {
-            GEN_LOAD_REG_TN(T0, rs);
+            GEN_LOAD_REG_T0(rs);
             GEN_LOAD_IMM_TN(T1, (int32_t)imm);
             cond = 1;
         }
@@ -1674,8 +1711,8 @@
     case OPC_BNEL:
         /* Compare two registers */
         if (rs != rt) {
-            GEN_LOAD_REG_TN(T0, rs);
-            GEN_LOAD_REG_TN(T1, rt);
+            GEN_LOAD_REG_T0(rs);
+            GEN_LOAD_REG_T1(rt);
             bcond = 1;
         }
         btarget = ctx->pc + 4 + offset;
@@ -1714,7 +1751,7 @@
             generate_exception(ctx, EXCP_RI);
             return;
         }
-        GEN_LOAD_REG_TN(T2, rs);
+        GEN_LOAD_REG_T2(rs);
         break;
     default:
         MIPS_INVAL("branch/jump");
@@ -1890,7 +1927,7 @@
 static void gen_bitops (DisasContext *ctx, uint32_t opc, int rt,
                        int rs, int lsb, int msb)
 {
-    GEN_LOAD_REG_TN(T1, rs);
+    GEN_LOAD_REG_T1(rs);
     switch (opc) {
     case OPC_EXT:
         if (lsb + msb > 31)
@@ -1917,26 +1954,26 @@
     case OPC_INS:
         if (lsb > msb)
             goto fail;
-        GEN_LOAD_REG_TN(T0, rt);
+        GEN_LOAD_REG_T0(rt);
         gen_op_ins(lsb, msb - lsb + 1);
         break;
 #if defined(TARGET_MIPS64)
     case OPC_DINSM:
         if (lsb > msb)
             goto fail;
-        GEN_LOAD_REG_TN(T0, rt);
+        GEN_LOAD_REG_T0(rt);
         gen_op_dins(lsb, msb - lsb + 1 + 32);
         break;
     case OPC_DINSU:
         if (lsb > msb)
             goto fail;
-        GEN_LOAD_REG_TN(T0, rt);
+        GEN_LOAD_REG_T0(rt);
         gen_op_dins(lsb + 32, msb - lsb + 1);
         break;
     case OPC_DINS:
         if (lsb > msb)
             goto fail;
-        GEN_LOAD_REG_TN(T0, rt);
+        GEN_LOAD_REG_T0(rt);
         gen_op_dins(lsb, msb - lsb + 1);
         break;
 #endif
@@ -1946,7 +1983,7 @@
         generate_exception(ctx, EXCP_RI);
         return;
     }
-    GEN_STORE_TN_REG(rt, T0);
+    GEN_STORE_T0_REG(rt);
 }
 
 /* CP0 (MMU and control) */
@@ -4605,7 +4642,7 @@
         opn = "mfc0";
         break;
     case OPC_MTC0:
-        GEN_LOAD_REG_TN(T0, rt);
+        GEN_LOAD_REG_T0(rt);
         save_cpu_state(ctx, 1);
         gen_mtc0(env, ctx, rd, ctx->opcode & 0x7);
         opn = "mtc0";
@@ -4623,7 +4660,7 @@
         break;
     case OPC_DMTC0:
         check_insn(env, ctx, ISA_MIPS3);
-        GEN_LOAD_REG_TN(T0, rt);
+        GEN_LOAD_REG_T0(rt);
         save_cpu_state(ctx, 1);
         gen_dmtc0(env, ctx, rd, ctx->opcode & 0x7);
         opn = "dmtc0";
@@ -4642,7 +4679,7 @@
         break;
     case OPC_MTTR:
         check_insn(env, ctx, ASE_MT);
-        GEN_LOAD_REG_TN(T0, rt);
+        GEN_LOAD_REG_T0(rt);
         gen_mttr(env, ctx, rd, (ctx->opcode >> 5) & 1,
                  ctx->opcode & 0x7, (ctx->opcode >> 4) & 1);
         opn = "mttr";
@@ -4783,33 +4820,33 @@
     case OPC_MFC1:
         GEN_LOAD_FREG_FTN(WT0, fs);
         gen_op_mfc1();
-        GEN_STORE_TN_REG(rt, T0);
+        GEN_STORE_T0_REG(rt);
         opn = "mfc1";
         break;
     case OPC_MTC1:
-        GEN_LOAD_REG_TN(T0, rt);
+        GEN_LOAD_REG_T0(rt);
         gen_op_mtc1();
         GEN_STORE_FTN_FREG(fs, WT0);
         opn = "mtc1";
         break;
     case OPC_CFC1:
         gen_op_cfc1(fs);
-        GEN_STORE_TN_REG(rt, T0);
+        GEN_STORE_T0_REG(rt);
         opn = "cfc1";
         break;
     case OPC_CTC1:
-        GEN_LOAD_REG_TN(T0, rt);
+        GEN_LOAD_REG_T0(rt);
         gen_op_ctc1(fs);
         opn = "ctc1";
         break;
     case OPC_DMFC1:
         GEN_LOAD_FREG_FTN(DT0, fs);
         gen_op_dmfc1();
-        GEN_STORE_TN_REG(rt, T0);
+        GEN_STORE_T0_REG(rt);
         opn = "dmfc1";
         break;
     case OPC_DMTC1:
-        GEN_LOAD_REG_TN(T0, rt);
+        GEN_LOAD_REG_T0(rt);
         gen_op_dmtc1();
         GEN_STORE_FTN_FREG(fs, DT0);
         opn = "dmtc1";
@@ -4817,11 +4854,11 @@
     case OPC_MFHC1:
         GEN_LOAD_FREG_FTN(WTH0, fs);
         gen_op_mfhc1();
-        GEN_STORE_TN_REG(rt, T0);
+        GEN_STORE_T0_REG(rt);
         opn = "mfhc1";
         break;
     case OPC_MTHC1:
-        GEN_LOAD_REG_TN(T0, rt);
+        GEN_LOAD_REG_T0(rt);
         gen_op_mthc1();
         GEN_STORE_FTN_FREG(fs, WTH0);
         opn = "mthc1";
@@ -4838,8 +4875,8 @@
 {
     uint32_t ccbit;
 
-    GEN_LOAD_REG_TN(T0, rd);
-    GEN_LOAD_REG_TN(T1, rs);
+    GEN_LOAD_REG_T0(rd);
+    GEN_LOAD_REG_T1(rs);
     if (cc) {
         ccbit = 1 << (24 + cc);
     } else
@@ -4848,7 +4885,7 @@
         gen_op_movf(ccbit);
     else
         gen_op_movt(ccbit);
-    GEN_STORE_TN_REG(rd, T0);
+    GEN_STORE_T0_REG(rd);
 }
 
 #define GEN_MOVCF(fmt)                                                \
@@ -5023,7 +5060,7 @@
         opn = "floor.w.s";
         break;
     case FOP(17, 16):
-        GEN_LOAD_REG_TN(T0, ft);
+        GEN_LOAD_REG_T0(ft);
         GEN_LOAD_FREG_FTN(WT0, fs);
         GEN_LOAD_FREG_FTN(WT2, fd);
         gen_movcf_s(ctx, (ft >> 2) & 0x7, ft & 0x1);
@@ -5031,7 +5068,7 @@
         opn = "movcf.s";
         break;
     case FOP(18, 16):
-        GEN_LOAD_REG_TN(T0, ft);
+        GEN_LOAD_REG_T0(ft);
         GEN_LOAD_FREG_FTN(WT0, fs);
         GEN_LOAD_FREG_FTN(WT2, fd);
         gen_op_float_movz_s();
@@ -5039,7 +5076,7 @@
         opn = "movz.s";
         break;
     case FOP(19, 16):
-        GEN_LOAD_REG_TN(T0, ft);
+        GEN_LOAD_REG_T0(ft);
         GEN_LOAD_FREG_FTN(WT0, fs);
         GEN_LOAD_FREG_FTN(WT2, fd);
         gen_op_float_movn_s();
@@ -5264,7 +5301,7 @@
         opn = "floor.w.d";
         break;
     case FOP(17, 17):
-        GEN_LOAD_REG_TN(T0, ft);
+        GEN_LOAD_REG_T0(ft);
         GEN_LOAD_FREG_FTN(DT0, fs);
         GEN_LOAD_FREG_FTN(DT2, fd);
         gen_movcf_d(ctx, (ft >> 2) & 0x7, ft & 0x1);
@@ -5272,7 +5309,7 @@
         opn = "movcf.d";
         break;
     case FOP(18, 17):
-        GEN_LOAD_REG_TN(T0, ft);
+        GEN_LOAD_REG_T0(ft);
         GEN_LOAD_FREG_FTN(DT0, fs);
         GEN_LOAD_FREG_FTN(DT2, fd);
         gen_op_float_movz_d();
@@ -5280,7 +5317,7 @@
         opn = "movz.d";
         break;
     case FOP(19, 17):
-        GEN_LOAD_REG_TN(T0, ft);
+        GEN_LOAD_REG_T0(ft);
         GEN_LOAD_FREG_FTN(DT0, fs);
         GEN_LOAD_FREG_FTN(DT2, fd);
         gen_op_float_movn_d();
@@ -5478,7 +5515,7 @@
         break;
     case FOP(17, 22):
         check_cp1_64bitmode(ctx);
-        GEN_LOAD_REG_TN(T0, ft);
+        GEN_LOAD_REG_T0(ft);
         GEN_LOAD_FREG_FTN(WT0, fs);
         GEN_LOAD_FREG_FTN(WTH0, fs);
         GEN_LOAD_FREG_FTN(WT2, fd);
@@ -5490,7 +5527,7 @@
         break;
     case FOP(18, 22):
         check_cp1_64bitmode(ctx);
-        GEN_LOAD_REG_TN(T0, ft);
+        GEN_LOAD_REG_T0(ft);
         GEN_LOAD_FREG_FTN(WT0, fs);
         GEN_LOAD_FREG_FTN(WTH0, fs);
         GEN_LOAD_FREG_FTN(WT2, fd);
@@ -5502,7 +5539,7 @@
         break;
     case FOP(19, 22):
         check_cp1_64bitmode(ctx);
-        GEN_LOAD_REG_TN(T0, ft);
+        GEN_LOAD_REG_T0(ft);
         GEN_LOAD_FREG_FTN(WT0, fs);
         GEN_LOAD_FREG_FTN(WTH0, fs);
         GEN_LOAD_FREG_FTN(WT2, fd);
@@ -5689,12 +5726,12 @@
         if (index == 0)
             gen_op_reset_T0();
         else
-            GEN_LOAD_REG_TN(T0, index);
+            GEN_LOAD_REG_T0(index);
     } else if (index == 0) {
-        GEN_LOAD_REG_TN(T0, base);
+        GEN_LOAD_REG_T0(base);
     } else {
-        GEN_LOAD_REG_TN(T0, base);
-        GEN_LOAD_REG_TN(T1, index);
+        GEN_LOAD_REG_T0(base);
+        GEN_LOAD_REG_T1(index);
         gen_op_addr_add();
     }
     /* Don't do NOP if destination is zero: we must perform the actual
@@ -5751,7 +5788,7 @@
     check_cp1_64bitmode(ctx);
     switch (opc) {
     case OPC_ALNV_PS:
-        GEN_LOAD_REG_TN(T0, fr);
+        GEN_LOAD_REG_T0(fr);
         GEN_LOAD_FREG_FTN(DT0, fs);
         GEN_LOAD_FREG_FTN(DT1, ft);
         gen_op_float_alnv_ps();
@@ -6075,15 +6112,15 @@
              op2 = MASK_BSHFL(ctx->opcode);
              switch (op2) {
              case OPC_WSBH:
-                 GEN_LOAD_REG_TN(T1, rt);
+                 GEN_LOAD_REG_T1(rt);
                  gen_op_wsbh();
                  break;
              case OPC_SEB:
-                 GEN_LOAD_REG_TN(T1, rt);
+                 GEN_LOAD_REG_T1(rt);
                  gen_op_seb();
                  break;
              case OPC_SEH:
-                 GEN_LOAD_REG_TN(T1, rt);
+                 GEN_LOAD_REG_T1(rt);
                  gen_op_seh();
                  break;
              default:            /* Invalid */
@@ -6091,7 +6128,7 @@
                  generate_exception(ctx, EXCP_RI);
                  break;
             }
-            GEN_STORE_TN_REG(rd, T0);
+            GEN_STORE_T0_REG(rd);
             break;
         case OPC_RDHWR:
             check_insn(env, ctx, ISA_MIPS32R2);
@@ -6122,19 +6159,19 @@
                 generate_exception(ctx, EXCP_RI);
                 break;
             }
-            GEN_STORE_TN_REG(rt, T0);
+            GEN_STORE_T0_REG(rt);
             break;
         case OPC_FORK:
             check_insn(env, ctx, ASE_MT);
-            GEN_LOAD_REG_TN(T0, rt);
-            GEN_LOAD_REG_TN(T1, rs);
+            GEN_LOAD_REG_T0(rt);
+            GEN_LOAD_REG_T1(rs);
             gen_op_fork();
             break;
         case OPC_YIELD:
             check_insn(env, ctx, ASE_MT);
-            GEN_LOAD_REG_TN(T0, rs);
+            GEN_LOAD_REG_T0(rs);
             gen_op_yield();
-            GEN_STORE_TN_REG(rd, T0);
+            GEN_STORE_T0_REG(rd);
             break;
 #if defined(TARGET_MIPS64)
         case OPC_DEXTM ... OPC_DEXT:
@@ -6149,11 +6186,11 @@
             op2 = MASK_DBSHFL(ctx->opcode);
             switch (op2) {
             case OPC_DSBH:
-                GEN_LOAD_REG_TN(T1, rt);
+                GEN_LOAD_REG_T1(rt);
                 gen_op_dsbh();
                 break;
             case OPC_DSHD:
-                GEN_LOAD_REG_TN(T1, rt);
+                GEN_LOAD_REG_T1(rt);
                 gen_op_dshd();
                 break;
             default:            /* Invalid */
@@ -6161,7 +6198,7 @@
                 generate_exception(ctx, EXCP_RI);
                 break;
             }
-            GEN_STORE_TN_REG(rd, T0);
+            GEN_STORE_T0_REG(rd);
             break;
 #endif
         default:            /* Invalid */
@@ -6246,16 +6283,16 @@
                 generate_exception(ctx, EXCP_RI);
                 break;
             }
-            GEN_STORE_TN_REG(rt, T0);
+            GEN_STORE_T0_REG(rt);
             break;
         case OPC_RDPGPR:
             check_insn(env, ctx, ISA_MIPS32R2);
             GEN_LOAD_SRSREG_TN(T0, rt);
-            GEN_STORE_TN_REG(rd, T0);
+            GEN_STORE_T0_REG(rd);
             break;
         case OPC_WRPGPR:
             check_insn(env, ctx, ISA_MIPS32R2);
-            GEN_LOAD_REG_TN(T0, rt);
+            GEN_LOAD_REG_T0(rt);
             GEN_STORE_TN_SRSREG(rd, T0);
             break;
         default:
@@ -6583,6 +6620,7 @@
 	}
     }
 done_generating:
+    ctx.last_T0_store = NULL;
     *gen_opc_ptr = INDEX_op_end;
     if (search_pc) {
         j = gen_opc_ptr - gen_opc_buf;

Modified: trunk/src/host/qemu-neo1973/target-mips/translate_init.c
===================================================================
--- trunk/src/host/qemu-neo1973/target-mips/translate_init.c	2007-11-26 19:46:49 UTC (rev 3516)
+++ trunk/src/host/qemu-neo1973/target-mips/translate_init.c	2007-11-26 22:42:26 UTC (rev 3517)
@@ -101,6 +101,23 @@
         .insn_flags = CPU_MIPS32 | ASE_MIPS16,
     },
     {
+        .name = "4Km",
+        .CP0_PRid = 0x00018300,
+        /* Config1 implemented, fixed mapping MMU,
+           no virtual icache, uncached coherency. */
+        .CP0_Config0 = (1 << CP0C0_M) |
+                    (0x3 << CP0C0_MT) | (0x2 << CP0C0_K0),
+        .CP0_Config1 = MIPS_CONFIG1 |
+		    (0 << CP0C1_IS) | (3 << CP0C1_IL) | (1 << CP0C1_IA) |
+		    (0 << CP0C1_DS) | (3 << CP0C1_DL) | (1 << CP0C1_DA),
+        .CP0_Config2 = MIPS_CONFIG2,
+        .CP0_Config3 = MIPS_CONFIG3,
+        .SYNCI_Step = 32,
+        .CCRes = 2,
+        .CP0_Status_rw_bitmask = 0x1258FF17,
+        .insn_flags = CPU_MIPS32 | ASE_MIPS16,
+    },
+    {
         .name = "4KEcR1",
         .CP0_PRid = 0x00018400,
         .CP0_Config0 = MIPS_CONFIG0,
@@ -115,6 +132,23 @@
         .insn_flags = CPU_MIPS32 | ASE_MIPS16,
     },
     {
+        .name = "4KEmR1",
+        .CP0_PRid = 0x00018500,
+        /* Config1 implemented, fixed mapping MMU,
+           no virtual icache, uncached coherency. */
+        .CP0_Config0 = (1 << CP0C0_M) |
+                    (0x3 << CP0C0_MT) | (0x2 << CP0C0_K0),
+        .CP0_Config1 = MIPS_CONFIG1 |
+		    (0 << CP0C1_IS) | (3 << CP0C1_IL) | (1 << CP0C1_IA) |
+		    (0 << CP0C1_DS) | (3 << CP0C1_DL) | (1 << CP0C1_DA),
+        .CP0_Config2 = MIPS_CONFIG2,
+        .CP0_Config3 = MIPS_CONFIG3,
+        .SYNCI_Step = 32,
+        .CCRes = 2,
+        .CP0_Status_rw_bitmask = 0x1258FF17,
+        .insn_flags = CPU_MIPS32 | ASE_MIPS16,
+    },
+    {
         .name = "4KEc",
         .CP0_PRid = 0x00019000,
         .CP0_Config0 = MIPS_CONFIG0 | (0x1 << CP0C0_AR),

Modified: trunk/src/host/qemu-neo1973/target-ppc/cpu.h
===================================================================
--- trunk/src/host/qemu-neo1973/target-ppc/cpu.h	2007-11-26 19:46:49 UTC (rev 3516)
+++ trunk/src/host/qemu-neo1973/target-ppc/cpu.h	2007-11-26 22:42:26 UTC (rev 3517)
@@ -30,7 +30,6 @@
 typedef uint64_t ppc_gpr_t;
 #define TARGET_GPR_BITS  64
 #define TARGET_LONG_BITS 64
-#define REGX "%016" PRIx64
 #define TARGET_PAGE_BITS 12
 
 #else /* defined (TARGET_PPC64) */
@@ -43,11 +42,9 @@
  */
 typedef uint64_t ppc_gpr_t;
 #define TARGET_GPR_BITS  64
-#define REGX "%08" PRIx64
 #else /* (HOST_LONG_BITS >= 64) */
 typedef uint32_t ppc_gpr_t;
 #define TARGET_GPR_BITS  32
-#define REGX "%08" PRIx32
 #endif /* (HOST_LONG_BITS >= 64) */
 
 #define TARGET_LONG_BITS 32
@@ -74,6 +71,7 @@
 
 #include "cpu-defs.h"
 
+#define REGX "%016" PRIx64
 #define ADDRX TARGET_FMT_lx
 #define PADDRX TARGET_FMT_plx
 
@@ -357,6 +355,7 @@
 /*****************************************************************************/
 /* Machine state register bits definition                                    */
 #define MSR_SF   63 /* Sixty-four-bit mode                            hflags */
+#define MSR_TAG  62 /* Tag-active mode (POWERx ?)                            */
 #define MSR_ISF  61 /* Sixty-four-bit interrupt mode on 630                  */
 #define MSR_SHV  60 /* hypervisor state                               hflags */
 #define MSR_CM   31 /* Computation mode for BookE                     hflags */
@@ -791,6 +790,24 @@
 #endif
 #endif
 
+static always_inline uint64_t ppc_dump_gpr (CPUPPCState *env, int gprn)
+{
+    uint64_t gprv;
+
+    gprv = env->gpr[gprn];
+#if !defined(TARGET_PPC64)
+    if (env->flags & POWERPC_FLAG_SPE) {
+        /* If the CPU implements the SPE extension, we have to get the
+         * high bits of the GPR from the gprh storage area
+         */
+        gprv &= 0xFFFFFFFFULL;
+        gprv |= (uint64_t)env->gprh[gprn] << 32;
+    }
+#endif
+
+    return gprv;
+}
+
 /* Device control registers */
 int ppc_dcr_read (ppc_dcr_t *dcr_env, int dcrn, target_ulong *valp);
 int ppc_dcr_write (ppc_dcr_t *dcr_env, int dcrn, target_ulong val);
@@ -1115,16 +1132,29 @@
 #define SPR_440_CCR1          (0x378)
 #define SPR_DCRIPR            (0x37B)
 #define SPR_PPR               (0x380)
+#define SPR_750_GQR0          (0x390)
 #define SPR_440_DNV0          (0x390)
+#define SPR_750_GQR1          (0x391)
 #define SPR_440_DNV1          (0x391)
+#define SPR_750_GQR2          (0x392)
 #define SPR_440_DNV2          (0x392)
+#define SPR_750_GQR3          (0x393)
 #define SPR_440_DNV3          (0x393)
+#define SPR_750_GQR4          (0x394)
 #define SPR_440_DTV0          (0x394)
+#define SPR_750_GQR5          (0x395)
 #define SPR_440_DTV1          (0x395)
+#define SPR_750_GQR6          (0x396)
 #define SPR_440_DTV2          (0x396)
+#define SPR_750_GQR7          (0x397)
 #define SPR_440_DTV3          (0x397)
+#define SPR_750_THRM4         (0x398)
+#define SPR_750CL_HID2        (0x398)
 #define SPR_440_DVLIM         (0x398)
+#define SPR_750_WPAR          (0x399)
 #define SPR_440_IVLIM         (0x399)
+#define SPR_750_DMAU          (0x39A)
+#define SPR_750_DMAL          (0x39B)
 #define SPR_440_RSTCFG        (0x39B)
 #define SPR_BOOKE_DCDBTRL     (0x39C)
 #define SPR_BOOKE_DCDBTRH     (0x39D)
@@ -1231,9 +1261,11 @@
 #define SPR_Exxx_L1CSR0       (0x3F2)
 #define SPR_ICTRL             (0x3F3)
 #define SPR_HID2              (0x3F3)
+#define SPR_750CL_HID4        (0x3F3)
 #define SPR_Exxx_L1CSR1       (0x3F3)
 #define SPR_440_DBDR          (0x3F3)
 #define SPR_LDSTDB            (0x3F4)
+#define SPR_750_TDCL          (0x3F4)
 #define SPR_40x_IAC1          (0x3F4)
 #define SPR_MMUCSR0           (0x3F4)
 #define SPR_DABR              (0x3F5)
@@ -1250,12 +1282,13 @@
 #define SPR_MMUCFG            (0x3F7)
 #define SPR_LDSTCR            (0x3F8)
 #define SPR_L2PMCR            (0x3F8)
-#define SPR_750_HID2          (0x3F8)
+#define SPR_750FX_HID2        (0x3F8)
 #define SPR_620_BUSCSR        (0x3F8)
 #define SPR_Exxx_L1FINV0      (0x3F8)
 #define SPR_L2CR              (0x3F9)
 #define SPR_620_L2CR          (0x3F9)
 #define SPR_L3CR              (0x3FA)
+#define SPR_750_TDCH          (0x3FA)
 #define SPR_IABR2             (0x3FA)
 #define SPR_40x_DCCR          (0x3FA)
 #define SPR_620_L2SR          (0x3FA)

Modified: trunk/src/host/qemu-neo1973/target-ppc/exec.h
===================================================================
--- trunk/src/host/qemu-neo1973/target-ppc/exec.h	2007-11-26 19:46:49 UTC (rev 3516)
+++ trunk/src/host/qemu-neo1973/target-ppc/exec.h	2007-11-26 22:42:26 UTC (rev 3517)
@@ -37,10 +37,12 @@
 #define T0 (env->t0)
 #define T1 (env->t1)
 #define T2 (env->t2)
+#define TDX "%016" PRIx64
 #else
 register unsigned long T0 asm(AREG1);
 register unsigned long T1 asm(AREG2);
 register unsigned long T2 asm(AREG3);
+#define TDX "%016lx"
 #endif
 /* We may, sometime, need 64 bits registers on 32 bits targets */
 #if (HOST_LONG_BITS == 32)

Modified: trunk/src/host/qemu-neo1973/target-ppc/helper.c
===================================================================
--- trunk/src/host/qemu-neo1973/target-ppc/helper.c	2007-11-26 19:46:49 UTC (rev 3516)
+++ trunk/src/host/qemu-neo1973/target-ppc/helper.c	2007-11-26 22:42:26 UTC (rev 3517)
@@ -31,6 +31,7 @@
 
 //#define DEBUG_MMU
 //#define DEBUG_BATS
+//#define DEBUG_SLB
 //#define DEBUG_SOFTWARE_TLB
 //#define DUMP_PAGE_TABLES
 //#define DEBUG_EXCEPTIONS
@@ -436,7 +437,7 @@
     done:
 #if defined (DEBUG_SOFTWARE_TLB)
         if (loglevel != 0) {
-            fprintf(logfile, "found TLB at addr 0x%08lx prot=0x%01x ret=%d\n",
+            fprintf(logfile, "found TLB at addr " PADDRX " prot=%01x ret=%d\n",
                     ctx->raddr & TARGET_PAGE_MASK, ctx->prot, ret);
         }
 #endif
@@ -484,8 +485,8 @@
     bl = (*BATl & 0x0000003F) << 17;
 #if defined (DEBUG_BATS)
     if (loglevel != 0) {
-        fprintf(logfile, "b %02x ==> bl %08x msk %08x\n",
-                *BATl & 0x0000003F, bl, ~bl);
+        fprintf(logfile, "b %02x ==> bl " ADDRX " msk " ADDRX "\n",
+                (uint8_t)(*BATl & 0x0000003F), bl, ~bl);
     }
 #endif
     prot = 0;
@@ -513,7 +514,7 @@
 
 #if defined (DEBUG_BATS)
     if (loglevel != 0) {
-        fprintf(logfile, "%s: %cBAT v 0x" ADDRX "\n", __func__,
+        fprintf(logfile, "%s: %cBAT v " ADDRX "\n", __func__,
                 type == ACCESS_CODE ? 'I' : 'D', virtual);
     }
 #endif
@@ -527,12 +528,6 @@
         BATut = env->DBAT[0];
         break;
     }
-#if defined (DEBUG_BATS)
-    if (loglevel != 0) {
-        fprintf(logfile, "%s...: %cBAT v 0x" ADDRX "\n", __func__,
-                type == ACCESS_CODE ? 'I' : 'D', virtual);
-    }
-#endif
     base = virtual & 0xFFFC0000;
     for (i = 0; i < env->nb_BATs; i++) {
         BATu = &BATut[i];
@@ -546,10 +541,9 @@
         }
 #if defined (DEBUG_BATS)
         if (loglevel != 0) {
-            fprintf(logfile, "%s: %cBAT%d v 0x" ADDRX " BATu 0x" ADDRX
-                    " BATl 0x" ADDRX "\n",
-                    __func__, type == ACCESS_CODE ? 'I' : 'D', i, virtual,
-                    *BATu, *BATl);
+            fprintf(logfile, "%s: %cBAT%d v " ADDRX " BATu " ADDRX
+                    " BATl " ADDRX "\n", __func__,
+                    type == ACCESS_CODE ? 'I' : 'D', i, virtual, *BATu, *BATl);
         }
 #endif
         if ((virtual & 0xF0000000) == BEPIu &&
@@ -565,8 +559,7 @@
                 ret = check_prot(ctx->prot, rw, type);
 #if defined (DEBUG_BATS)
                 if (ret == 0 && loglevel != 0) {
-                    fprintf(logfile, "BAT %d match: r 0x" PADDRX
-                            " prot=%c%c\n",
+                    fprintf(logfile, "BAT %d match: r " PADDRX " prot=%c%c\n",
                             i, ctx->raddr, ctx->prot & PAGE_READ ? 'R' : '-',
                             ctx->prot & PAGE_WRITE ? 'W' : '-');
                 }
@@ -578,16 +571,15 @@
     if (ret < 0) {
 #if defined (DEBUG_BATS)
         if (loglevel != 0) {
-            fprintf(logfile, "no BAT match for 0x" ADDRX ":\n", virtual);
+            fprintf(logfile, "no BAT match for " ADDRX ":\n", virtual);
             for (i = 0; i < 4; i++) {
                 BATu = &BATut[i];
                 BATl = &BATlt[i];
                 BEPIu = *BATu & 0xF0000000;
                 BEPIl = *BATu & 0x0FFE0000;
                 bl = (*BATu & 0x00001FFC) << 15;
-                fprintf(logfile, "%s: %cBAT%d v 0x" ADDRX " BATu 0x" ADDRX
-                        " BATl 0x" ADDRX " \n\t"
-                        "0x" ADDRX " 0x" ADDRX " 0x" ADDRX "\n",
+                fprintf(logfile, "%s: %cBAT%d v " ADDRX " BATu " ADDRX
+                        " BATl " ADDRX " \n\t" ADDRX " " ADDRX " " ADDRX "\n",
                         __func__, type == ACCESS_CODE ? 'I' : 'D', i, virtual,
                         *BATu, *BATl, BEPIu, BEPIl, bl);
             }
@@ -617,8 +609,8 @@
             r = pte64_check(ctx, pte0, pte1, h, rw, type);
 #if defined (DEBUG_MMU)
             if (loglevel != 0) {
-                fprintf(logfile, "Load pte from 0x" ADDRX " => 0x" ADDRX
-                        " 0x" ADDRX " %d %d %d 0x" ADDRX "\n",
+                fprintf(logfile, "Load pte from " ADDRX " => " ADDRX " " ADDRX
+                        " %d %d %d " ADDRX "\n",
                         base + (i * 16), pte0, pte1,
                         (int)(pte0 & 1), h, (int)((pte0 >> 1) & 1),
                         ctx->ptem);
@@ -632,8 +624,8 @@
             r = pte32_check(ctx, pte0, pte1, h, rw, type);
 #if defined (DEBUG_MMU)
             if (loglevel != 0) {
-                fprintf(logfile, "Load pte from 0x" ADDRX " => 0x" ADDRX
-                        " 0x" ADDRX " %d %d %d 0x" ADDRX "\n",
+                fprintf(logfile, "Load pte from " ADDRX " => " ADDRX " " ADDRX
+                        " %d %d %d " ADDRX "\n",
                         base + (i * 8), pte0, pte1,
                         (int)(pte0 >> 31), h, (int)((pte0 >> 6) & 1),
                         ctx->ptem);
@@ -668,8 +660,7 @@
     done:
 #if defined (DEBUG_MMU)
         if (loglevel != 0) {
-            fprintf(logfile, "found PTE at addr 0x" PADDRX " prot=0x%01x "
-                    "ret=%d\n",
+            fprintf(logfile, "found PTE at addr " PADDRX " prot=%01x ret=%d\n",
                     ctx->raddr, ctx->prot, ret);
         }
 #endif
@@ -884,8 +875,9 @@
     tmp64 |= (uint32_t)slb_nr << 28;
 #if defined(DEBUG_SLB)
     if (loglevel != 0) {
-        fprintf(logfile, "%s: %d " ADDRX " => " PADDRX " %016" PRIx64 " %08"
-                PRIx32 "\n", __func__, slb_nr, rs, sr_base, tmp64, tmp);
+        fprintf(logfile, "%s: %d " ADDRX " => " PADDRX " %016" PRIx64
+                " %08" PRIx32 "\n", __func__,
+                slb_nr, rs, sr_base, tmp64, tmp);
     }
 #endif
     /* Write SLB entry to memory */
@@ -949,9 +941,8 @@
         sdr_mask = 0xFFC0;
 #if defined (DEBUG_MMU)
         if (loglevel != 0) {
-            fprintf(logfile, "Check segment v=0x" ADDRX " %d 0x" ADDRX
-                    " nip=0x" ADDRX " lr=0x" ADDRX
-                    " ir=%d dr=%d pr=%d %d t=%d\n",
+            fprintf(logfile, "Check segment v=" ADDRX " %d " ADDRX
+                    " nip=" ADDRX " lr=" ADDRX " ir=%d dr=%d pr=%d %d t=%d\n",
                     eaddr, (int)(eaddr >> 28), sr, env->nip,
                     env->lr, (int)msr_ir, (int)msr_dr, pr != 0 ? 1 : 0,
                     rw, type);
@@ -986,9 +977,9 @@
             mask = (htab_mask << sdr_sh) | sdr_mask;
 #if defined (DEBUG_MMU)
             if (loglevel != 0) {
-                fprintf(logfile, "sdr " PADDRX " sh %d hash " PADDRX " mask "
-                        PADDRX " " ADDRX "\n", sdr, sdr_sh, hash, mask,
-                        page_mask);
+                fprintf(logfile, "sdr " PADDRX " sh %d hash " PADDRX
+                        " mask " PADDRX " " ADDRX "\n",
+                        sdr, sdr_sh, hash, mask, page_mask);
             }
 #endif
             ctx->pg_addr[0] = get_pgaddr(sdr, sdr_sh, hash, mask);
@@ -996,8 +987,9 @@
             hash = (~hash) & vsid_mask;
 #if defined (DEBUG_MMU)
             if (loglevel != 0) {
-                fprintf(logfile, "sdr " PADDRX " sh %d hash " PADDRX " mask "
-                        PADDRX "\n", sdr, sdr_sh, hash, mask);
+                fprintf(logfile, "sdr " PADDRX " sh %d hash " PADDRX
+                        " mask " PADDRX "\n",
+                        sdr, sdr_sh, hash, mask);
             }
 #endif
             ctx->pg_addr[1] = get_pgaddr(sdr, sdr_sh, hash, mask);
@@ -1019,10 +1011,10 @@
             } else {
 #if defined (DEBUG_MMU)
                 if (loglevel != 0) {
-                    fprintf(logfile, "0 sdr1=0x" PADDRX " vsid=0x%06x "
-                            "api=0x%04x hash=0x%07x pg_addr=0x" PADDRX "\n",
-                            sdr, (uint32_t)vsid, (uint32_t)pgidx,
-                            (uint32_t)hash, ctx->pg_addr[0]);
+                    fprintf(logfile, "0 sdr1=" PADDRX " vsid=" ADDRX " "
+                            "api=" ADDRX " hash=" PADDRX
+                            " pg_addr=" PADDRX "\n",
+                            sdr, vsid, pgidx, hash, ctx->pg_addr[0]);
                 }
 #endif
                 /* Primary table lookup */
@@ -1031,11 +1023,10 @@
                     /* Secondary table lookup */
 #if defined (DEBUG_MMU)
                     if (eaddr != 0xEFFFFFFF && loglevel != 0) {
-                        fprintf(logfile,
-                                "1 sdr1=0x" PADDRX " vsid=0x%06x api=0x%04x "
-                                "hash=0x%05x pg_addr=0x" PADDRX "\n",
-                                sdr, (uint32_t)vsid, (uint32_t)pgidx,
-                                (uint32_t)hash, ctx->pg_addr[1]);
+                        fprintf(logfile, "1 sdr1=" PADDRX " vsid=" ADDRX " "
+                                "api=" ADDRX " hash=" PADDRX
+                                " pg_addr=" PADDRX "\n",
+                                sdr, vsid, pgidx, hash, ctx->pg_addr[1]);
                     }
 #endif
                     ret2 = find_pte(env, ctx, 1, rw, type);
@@ -1047,8 +1038,7 @@
             if (loglevel != 0) {
                 target_phys_addr_t curaddr;
                 uint32_t a0, a1, a2, a3;
-                fprintf(logfile,
-                        "Page table: " PADDRX " len " PADDRX "\n",
+                fprintf(logfile, "Page table: " PADDRX " len " PADDRX "\n",
                         sdr, mask + 0x80);
                 for (curaddr = sdr; curaddr < (sdr + mask + 0x80);
                      curaddr += 16) {
@@ -1057,8 +1047,7 @@
                     a2 = ldl_phys(curaddr + 8);
                     a3 = ldl_phys(curaddr + 12);
                     if (a0 != 0 || a1 != 0 || a2 != 0 || a3 != 0) {
-                        fprintf(logfile,
-                                PADDRX ": %08x %08x %08x %08x\n",
+                        fprintf(logfile, PADDRX ": %08x %08x %08x %08x\n",
                                 curaddr, a0, a1, a2, a3);
                     }
                 }
@@ -1135,9 +1124,9 @@
     mask = ~(tlb->size - 1);
 #if defined (DEBUG_SOFTWARE_TLB)
     if (loglevel != 0) {
-        fprintf(logfile, "%s: TLB %d address " ADDRX " PID %d <=> "
-                ADDRX " " ADDRX " %d\n",
-                __func__, i, address, pid, tlb->EPN, mask, (int)tlb->PID);
+        fprintf(logfile, "%s: TLB %d address " ADDRX " PID %u <=> " ADDRX
+                " " ADDRX " %u\n",
+                __func__, i, address, pid, tlb->EPN, mask, (uint32_t)tlb->PID);
     }
 #endif
     /* Check PID */
@@ -1269,7 +1258,7 @@
             ctx->raddr = raddr;
 #if defined (DEBUG_SOFTWARE_TLB)
             if (loglevel != 0) {
-                fprintf(logfile, "%s: access granted " ADDRX " => " REGX
+                fprintf(logfile, "%s: access granted " ADDRX " => " PADDRX
                         " %d %d\n", __func__, address, ctx->raddr, ctx->prot,
                         ret);
             }
@@ -1279,7 +1268,7 @@
     }
 #if defined (DEBUG_SOFTWARE_TLB)
     if (loglevel != 0) {
-        fprintf(logfile, "%s: access refused " ADDRX " => " REGX
+        fprintf(logfile, "%s: access refused " ADDRX " => " PADDRX
                 " %d %d\n", __func__, address, raddr, ctx->prot,
                 ret);
     }
@@ -1785,7 +1774,7 @@
 {
 #if defined (DEBUG_BATS)
     if (loglevel != 0) {
-        fprintf(logfile, "Set %cBAT%d%c to 0x" ADDRX " (0x" ADDRX ")\n",
+        fprintf(logfile, "Set %cBAT%d%c to " ADDRX " (" ADDRX ")\n",
                 ID, nr, ul == 0 ? 'u' : 'l', value, env->nip);
     }
 #endif
@@ -2089,7 +2078,7 @@
 {
 #if defined (DEBUG_MMU)
     if (loglevel != 0) {
-        fprintf(logfile, "%s: 0x" ADDRX "\n", __func__, value);
+        fprintf(logfile, "%s: " ADDRX "\n", __func__, value);
     }
 #endif
     if (env->sdr1 != value) {
@@ -2112,7 +2101,7 @@
 {
 #if defined (DEBUG_MMU)
     if (loglevel != 0) {
-        fprintf(logfile, "%s: reg=%d 0x" ADDRX " " ADDRX "\n",
+        fprintf(logfile, "%s: reg=%d " ADDRX " " ADDRX "\n",
                 __func__, srnum, value, env->sr[srnum]);
     }
 #endif
@@ -2167,10 +2156,10 @@
 #else /* defined (CONFIG_USER_ONLY) */
 static always_inline void dump_syscall (CPUState *env)
 {
-    fprintf(logfile, "syscall r0=0x" REGX " r3=0x" REGX " r4=0x" REGX
-            " r5=0x" REGX " r6=0x" REGX " nip=0x" ADDRX "\n",
-            env->gpr[0], env->gpr[3], env->gpr[4],
-            env->gpr[5], env->gpr[6], env->nip);
+    fprintf(logfile, "syscall r0=" REGX " r3=" REGX " r4=" REGX
+            " r5=" REGX " r6=" REGX " nip=" ADDRX "\n",
+            ppc_dump_gpr(env, 0), ppc_dump_gpr(env, 3), ppc_dump_gpr(env, 4),
+            ppc_dump_gpr(env, 5), ppc_dump_gpr(env, 6), env->nip);
 }
 
 /* Note that this function should be greatly optimized
@@ -2194,7 +2183,7 @@
     }
 
     if (loglevel & CPU_LOG_INT) {
-        fprintf(logfile, "Raise exception at 0x" ADDRX " => 0x%08x (%02x)\n",
+        fprintf(logfile, "Raise exception at " ADDRX " => %08x (%02x)\n",
                 env->nip, excp, env->error_code);
     }
     msr = env->msr;
@@ -2265,8 +2254,8 @@
     case POWERPC_EXCP_DSI:       /* Data storage exception                   */
 #if defined (DEBUG_EXCEPTIONS)
         if (loglevel != 0) {
-            fprintf(logfile, "DSI exception: DSISR=0x" ADDRX" DAR=0x" ADDRX
-                    "\n", env->spr[SPR_DSISR], env->spr[SPR_DAR]);
+            fprintf(logfile, "DSI exception: DSISR=" ADDRX" DAR=" ADDRX "\n",
+                    env->spr[SPR_DSISR], env->spr[SPR_DAR]);
         }
 #endif
         new_msr &= ~((target_ulong)1 << MSR_RI);
@@ -2276,8 +2265,8 @@
     case POWERPC_EXCP_ISI:       /* Instruction storage exception            */
 #if defined (DEBUG_EXCEPTIONS)
         if (loglevel != 0) {
-            fprintf(logfile, "ISI exception: msr=0x" ADDRX ", nip=0x" ADDRX
-                    "\n", msr, env->nip);
+            fprintf(logfile, "ISI exception: msr=" ADDRX ", nip=" ADDRX "\n",
+                    msr, env->nip);
         }
 #endif
         new_msr &= ~((target_ulong)1 << MSR_RI);
@@ -2322,7 +2311,7 @@
         case POWERPC_EXCP_INVAL:
 #if defined (DEBUG_EXCEPTIONS)
             if (loglevel != 0) {
-                fprintf(logfile, "Invalid instruction at 0x" ADDRX "\n",
+                fprintf(logfile, "Invalid instruction at " ADDRX "\n",
                         env->nip);
             }
 #endif

Modified: trunk/src/host/qemu-neo1973/target-ppc/op_helper.c
===================================================================
--- trunk/src/host/qemu-neo1973/target-ppc/op_helper.c	2007-11-26 19:46:49 UTC (rev 3516)
+++ trunk/src/host/qemu-neo1973/target-ppc/op_helper.c	2007-11-26 22:42:26 UTC (rev 3517)
@@ -2783,9 +2783,9 @@
     way = (env->spr[SPR_SRR1] >> 17) & 1;
 #if defined (DEBUG_SOFTWARE_TLB)
     if (loglevel != 0) {
-        fprintf(logfile, "%s: EPN %08lx %08lx PTE0 %08lx PTE1 %08lx way %d\n",
-                __func__, (unsigned long)T0, (unsigned long)EPN,
-                (unsigned long)CMP, (unsigned long)RPN, way);
+        fprintf(logfile, "%s: EPN " TDX " " ADDRX " PTE0 " ADDRX
+                " PTE1 " ADDRX " way %d\n",
+                __func__, T0, EPN, CMP, RPN, way);
     }
 #endif
     /* Store this TLB */
@@ -2804,9 +2804,9 @@
     way = env->spr[SPR_TLBMISS] & 0x3;
 #if defined (DEBUG_SOFTWARE_TLB)
     if (loglevel != 0) {
-        fprintf(logfile, "%s: EPN %08lx %08lx PTE0 %08lx PTE1 %08lx way %d\n",
-                __func__, (unsigned long)T0, (unsigned long)EPN,
-                (unsigned long)CMP, (unsigned long)RPN, way);
+        fprintf(logfile, "%s: EPN " TDX " " ADDRX " PTE0 " ADDRX
+                " PTE1 " ADDRX " way %d\n",
+                __func__, T0, EPN, CMP, RPN, way);
     }
 #endif
     /* Store this TLB */
@@ -2920,7 +2920,7 @@
 
 #if defined (DEBUG_SOFTWARE_TLB)
     if (loglevel != 0) {
-        fprintf(logfile, "%s T0 " REGX " T1 " REGX "\n", __func__, T0, T1);
+        fprintf(logfile, "%s T0 " TDX " T1 " TDX "\n", __func__, T0, T1);
     }
 #endif
     T0 &= 0x3F;
@@ -2989,7 +2989,7 @@
 
 #if defined (DEBUG_SOFTWARE_TLB)
     if (loglevel != 0) {
-        fprintf(logfile, "%s T0 " REGX " T1 " REGX "\n", __func__, T0, T1);
+        fprintf(logfile, "%s T0 " TDX " T1 " TDX "\n", __func__, T0, T1);
     }
 #endif
     T0 &= 0x3F;
@@ -3022,7 +3022,7 @@
 
 #if defined (DEBUG_SOFTWARE_TLB)
     if (loglevel != 0) {
-        fprintf(logfile, "%s word %d T0 " REGX " T1 " REGX "\n",
+        fprintf(logfile, "%s word %d T0 " TDX " T1 " TDX "\n",
                 __func__, word, T0, T1);
     }
 #endif

Modified: trunk/src/host/qemu-neo1973/target-ppc/op_helper.h
===================================================================
--- trunk/src/host/qemu-neo1973/target-ppc/op_helper.h	2007-11-26 19:46:49 UTC (rev 3516)
+++ trunk/src/host/qemu-neo1973/target-ppc/op_helper.h	2007-11-26 22:42:26 UTC (rev 3517)
@@ -22,9 +22,7 @@
 
 /* Memory load/store helpers */
 void glue(do_lsw, MEMSUFFIX) (int dst);
-void glue(do_lsw_le, MEMSUFFIX) (int dst);
 void glue(do_stsw, MEMSUFFIX) (int src);
-void glue(do_stsw_le, MEMSUFFIX) (int src);
 void glue(do_lmw, MEMSUFFIX) (int dst);
 void glue(do_lmw_le, MEMSUFFIX) (int dst);
 void glue(do_stmw, MEMSUFFIX) (int src);
@@ -39,9 +37,7 @@
 
 #if defined(TARGET_PPC64)
 void glue(do_lsw_64, MEMSUFFIX) (int dst);
-void glue(do_lsw_le_64, MEMSUFFIX) (int dst);
 void glue(do_stsw_64, MEMSUFFIX) (int src);
-void glue(do_stsw_le_64, MEMSUFFIX) (int src);
 void glue(do_lmw_64, MEMSUFFIX) (int dst);
 void glue(do_lmw_le_64, MEMSUFFIX) (int dst);
 void glue(do_stmw_64, MEMSUFFIX) (int src);

Modified: trunk/src/host/qemu-neo1973/target-ppc/op_helper_mem.h
===================================================================
--- trunk/src/host/qemu-neo1973/target-ppc/op_helper_mem.h	2007-11-26 19:46:49 UTC (rev 3516)
+++ trunk/src/host/qemu-neo1973/target-ppc/op_helper_mem.h	2007-11-26 22:42:26 UTC (rev 3517)
@@ -18,27 +18,13 @@
  * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA  02111-1307  USA
  */
 
-/* Multiple word / string load and store */
-static always_inline target_ulong glue(ld32r, MEMSUFFIX) (target_ulong EA)
-{
-    uint32_t tmp = glue(ldl, MEMSUFFIX)(EA);
-    return ((tmp & 0xFF000000UL) >> 24) | ((tmp & 0x00FF0000UL) >> 8) |
-        ((tmp & 0x0000FF00UL) << 8) | ((tmp & 0x000000FFUL) << 24);
-}
+#include "op_mem_access.h"
 
-static always_inline void glue(st32r, MEMSUFFIX) (target_ulong EA,
-                                                  target_ulong data)
-{
-    uint32_t tmp =
-        ((data & 0xFF000000UL) >> 24) | ((data & 0x00FF0000UL) >> 8) |
-        ((data & 0x0000FF00UL) << 8) | ((data & 0x000000FFUL) << 24);
-    glue(stl, MEMSUFFIX)(EA, tmp);
-}
-
+/* Multiple word / string load and store */
 void glue(do_lmw, MEMSUFFIX) (int dst)
 {
     for (; dst < 32; dst++, T0 += 4) {
-        env->gpr[dst] = glue(ldl, MEMSUFFIX)((uint32_t)T0);
+        env->gpr[dst] = glue(ldu32, MEMSUFFIX)((uint32_t)T0);
     }
 }
 
@@ -46,7 +32,7 @@
 void glue(do_lmw_64, MEMSUFFIX) (int dst)
 {
     for (; dst < 32; dst++, T0 += 4) {
-        env->gpr[dst] = glue(ldl, MEMSUFFIX)((uint64_t)T0);
+        env->gpr[dst] = glue(ldu32, MEMSUFFIX)((uint64_t)T0);
     }
 }
 #endif
@@ -54,7 +40,7 @@
 void glue(do_stmw, MEMSUFFIX) (int src)
 {
     for (; src < 32; src++, T0 += 4) {
-        glue(stl, MEMSUFFIX)((uint32_t)T0, env->gpr[src]);
+        glue(st32, MEMSUFFIX)((uint32_t)T0, env->gpr[src]);
     }
 }
 
@@ -62,7 +48,7 @@
 void glue(do_stmw_64, MEMSUFFIX) (int src)
 {
     for (; src < 32; src++, T0 += 4) {
-        glue(stl, MEMSUFFIX)((uint64_t)T0, env->gpr[src]);
+        glue(st32, MEMSUFFIX)((uint64_t)T0, env->gpr[src]);
     }
 }
 #endif
@@ -70,7 +56,7 @@
 void glue(do_lmw_le, MEMSUFFIX) (int dst)
 {
     for (; dst < 32; dst++, T0 += 4) {
-        env->gpr[dst] = glue(ld32r, MEMSUFFIX)((uint32_t)T0);
+        env->gpr[dst] = glue(ldu32r, MEMSUFFIX)((uint32_t)T0);
     }
 }
 
@@ -78,7 +64,7 @@
 void glue(do_lmw_le_64, MEMSUFFIX) (int dst)
 {
     for (; dst < 32; dst++, T0 += 4) {
-        env->gpr[dst] = glue(ld32r, MEMSUFFIX)((uint64_t)T0);
+        env->gpr[dst] = glue(ldu32r, MEMSUFFIX)((uint64_t)T0);
     }
 }
 #endif
@@ -105,14 +91,14 @@
     int sh;
 
     for (; T1 > 3; T1 -= 4, T0 += 4) {
-        env->gpr[dst++] = glue(ldl, MEMSUFFIX)((uint32_t)T0);
+        env->gpr[dst++] = glue(ldu32, MEMSUFFIX)((uint32_t)T0);
         if (unlikely(dst == 32))
             dst = 0;
     }
     if (unlikely(T1 != 0)) {
         tmp = 0;
         for (sh = 24; T1 > 0; T1--, T0++, sh -= 8) {
-            tmp |= glue(ldub, MEMSUFFIX)((uint32_t)T0) << sh;
+            tmp |= glue(ldu8, MEMSUFFIX)((uint32_t)T0) << sh;
         }
         env->gpr[dst] = tmp;
     }
@@ -125,14 +111,14 @@
     int sh;
 
     for (; T1 > 3; T1 -= 4, T0 += 4) {
-        env->gpr[dst++] = glue(ldl, MEMSUFFIX)((uint64_t)T0);
+        env->gpr[dst++] = glue(ldu32, MEMSUFFIX)((uint64_t)T0);
         if (unlikely(dst == 32))
             dst = 0;
     }
     if (unlikely(T1 != 0)) {
         tmp = 0;
         for (sh = 24; T1 > 0; T1--, T0++, sh -= 8) {
-            tmp |= glue(ldub, MEMSUFFIX)((uint64_t)T0) << sh;
+            tmp |= glue(ldu8, MEMSUFFIX)((uint64_t)T0) << sh;
         }
         env->gpr[dst] = tmp;
     }
@@ -144,13 +130,13 @@
     int sh;
 
     for (; T1 > 3; T1 -= 4, T0 += 4) {
-        glue(stl, MEMSUFFIX)((uint32_t)T0, env->gpr[src++]);
+        glue(st32, MEMSUFFIX)((uint32_t)T0, env->gpr[src++]);
         if (unlikely(src == 32))
             src = 0;
     }
     if (unlikely(T1 != 0)) {
         for (sh = 24; T1 > 0; T1--, T0++, sh -= 8)
-            glue(stb, MEMSUFFIX)((uint32_t)T0, (env->gpr[src] >> sh) & 0xFF);
+            glue(st8, MEMSUFFIX)((uint32_t)T0, (env->gpr[src] >> sh) & 0xFF);
     }
 }
 
@@ -160,89 +146,17 @@
     int sh;
 
     for (; T1 > 3; T1 -= 4, T0 += 4) {
-        glue(stl, MEMSUFFIX)((uint64_t)T0, env->gpr[src++]);
+        glue(st32, MEMSUFFIX)((uint64_t)T0, env->gpr[src++]);
         if (unlikely(src == 32))
             src = 0;
     }
     if (unlikely(T1 != 0)) {
         for (sh = 24; T1 > 0; T1--, T0++, sh -= 8)
-            glue(stb, MEMSUFFIX)((uint64_t)T0, (env->gpr[src] >> sh) & 0xFF);
+            glue(st8, MEMSUFFIX)((uint64_t)T0, (env->gpr[src] >> sh) & 0xFF);
     }
 }
 #endif
 
-void glue(do_lsw_le, MEMSUFFIX) (int dst)
-{
-    uint32_t tmp;
-    int sh;
-
-    for (; T1 > 3; T1 -= 4, T0 += 4) {
-        env->gpr[dst++] = glue(ld32r, MEMSUFFIX)((uint32_t)T0);
-        if (unlikely(dst == 32))
-            dst = 0;
-    }
-    if (unlikely(T1 != 0)) {
-        tmp = 0;
-        for (sh = 0; T1 > 0; T1--, T0++, sh += 8) {
-            tmp |= glue(ldub, MEMSUFFIX)((uint32_t)T0) << sh;
-        }
-        env->gpr[dst] = tmp;
-    }
-}
-
-#if defined(TARGET_PPC64)
-void glue(do_lsw_le_64, MEMSUFFIX) (int dst)
-{
-    uint32_t tmp;
-    int sh;
-
-    for (; T1 > 3; T1 -= 4, T0 += 4) {
-        env->gpr[dst++] = glue(ld32r, MEMSUFFIX)((uint64_t)T0);
-        if (unlikely(dst == 32))
-            dst = 0;
-    }
-    if (unlikely(T1 != 0)) {
-        tmp = 0;
-        for (sh = 0; T1 > 0; T1--, T0++, sh += 8) {
-            tmp |= glue(ldub, MEMSUFFIX)((uint64_t)T0) << sh;
-        }
-        env->gpr[dst] = tmp;
-    }
-}
-#endif
-
-void glue(do_stsw_le, MEMSUFFIX) (int src)
-{
-    int sh;
-
-    for (; T1 > 3; T1 -= 4, T0 += 4) {
-        glue(st32r, MEMSUFFIX)((uint32_t)T0, env->gpr[src++]);
-        if (unlikely(src == 32))
-            src = 0;
-    }
-    if (unlikely(T1 != 0)) {
-        for (sh = 0; T1 > 0; T1--, T0++, sh += 8)
-            glue(stb, MEMSUFFIX)((uint32_t)T0, (env->gpr[src] >> sh) & 0xFF);
-    }
-}
-
-#if defined(TARGET_PPC64)
-void glue(do_stsw_le_64, MEMSUFFIX) (int src)
-{
-    int sh;
-
-    for (; T1 > 3; T1 -= 4, T0 += 4) {
-        glue(st32r, MEMSUFFIX)((uint64_t)T0, env->gpr[src++]);
-        if (unlikely(src == 32))
-            src = 0;
-    }
-    if (unlikely(T1 != 0)) {
-        for (sh = 0; T1 > 0; T1--, T0++, sh += 8)
-            glue(stb, MEMSUFFIX)((uint64_t)T0, (env->gpr[src] >> sh) & 0xFF);
-    }
-}
-#endif
-
 /* Instruction cache invalidation helper */
 void glue(do_icbi, MEMSUFFIX) (void)
 {
@@ -281,6 +195,7 @@
     /* XXX: should be 970 specific (?) */
     if (((env->spr[SPR_970_HID5] >> 7) & 0x3) == 1)
         dcache_line_size = 32;
+    T0 &= ~(uint32_t)(dcache_line_size - 1);
     glue(stl, MEMSUFFIX)((uint32_t)(T0 + 0x00), 0);
     glue(stl, MEMSUFFIX)((uint32_t)(T0 + 0x04), 0);
     glue(stl, MEMSUFFIX)((uint32_t)(T0 + 0x08), 0);
@@ -327,6 +242,7 @@
     /* XXX: should be 970 specific (?) */
     if (((env->spr[SPR_970_HID5] >> 6) & 0x3) == 0x2)
         dcache_line_size = 32;
+    T0 &= ~(uint64_t)(dcache_line_size - 1);
     glue(stl, MEMSUFFIX)((uint64_t)(T0 + 0x00), 0);
     glue(stl, MEMSUFFIX)((uint64_t)(T0 + 0x04), 0);
     glue(stl, MEMSUFFIX)((uint64_t)(T0 + 0x08), 0);
@@ -375,7 +291,7 @@
     d = 24;
     reg = dest;
     for (i = 0; i < T1; i++) {
-        c = glue(ldub, MEMSUFFIX)((uint32_t)T0++);
+        c = glue(ldu8, MEMSUFFIX)((uint32_t)T0++);
         /* ra (if not 0) and rb are never modified */
         if (likely(reg != rb && (ra == 0 || reg != ra))) {
             env->gpr[reg] = (env->gpr[reg] & ~(0xFF << d)) | (c << d);
@@ -408,14 +324,7 @@
     } u;
 
     u.d = glue(ldfq, MEMSUFFIX)(EA);
-    u.u = ((u.u & 0xFF00000000000000ULL) >> 56) |
-        ((u.u & 0x00FF000000000000ULL) >> 40) |
-        ((u.u & 0x0000FF0000000000ULL) >> 24) |
-        ((u.u & 0x000000FF00000000ULL) >> 8) |
-        ((u.u & 0x00000000FF000000ULL) << 8) |
-        ((u.u & 0x0000000000FF0000ULL) << 24) |
-        ((u.u & 0x000000000000FF00ULL) << 40) |
-        ((u.u & 0x00000000000000FFULL) << 56);
+    u.u = bswap64(u.u);
 
     return u.d;
 }
@@ -440,14 +349,7 @@
     } u;
 
     u.d = d;
-    u.u = ((u.u & 0xFF00000000000000ULL) >> 56) |
-        ((u.u & 0x00FF000000000000ULL) >> 40) |
-        ((u.u & 0x0000FF0000000000ULL) >> 24) |
-        ((u.u & 0x000000FF00000000ULL) >> 8) |
-        ((u.u & 0x00000000FF000000ULL) << 8) |
-        ((u.u & 0x0000000000FF0000ULL) << 24) |
-        ((u.u & 0x000000000000FF00ULL) << 40) |
-        ((u.u & 0x00000000000000FFULL) << 56);
+    u.u = bswap64(u.u);
     glue(stfq, MEMSUFFIX)(EA, u.d);
 }
 

Modified: trunk/src/host/qemu-neo1973/target-ppc/op_mem.h
===================================================================
--- trunk/src/host/qemu-neo1973/target-ppc/op_mem.h	2007-11-26 19:46:49 UTC (rev 3516)
+++ trunk/src/host/qemu-neo1973/target-ppc/op_mem.h	2007-11-26 22:42:26 UTC (rev 3517)
@@ -18,81 +18,8 @@
  * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA  02111-1307  USA
  */
 
-static always_inline uint16_t glue(ld16r, MEMSUFFIX) (target_ulong EA)
-{
-    uint16_t tmp = glue(lduw, MEMSUFFIX)(EA);
-    return ((tmp & 0xFF00) >> 8) | ((tmp & 0x00FF) << 8);
-}
+#include "op_mem_access.h"
 
-static always_inline int32_t glue(ld16rs, MEMSUFFIX) (target_ulong EA)
-{
-    int16_t tmp = glue(lduw, MEMSUFFIX)(EA);
-    return (int16_t)((tmp & 0xFF00) >> 8) | ((tmp & 0x00FF) << 8);
-}
-
-static always_inline uint32_t glue(ld32r, MEMSUFFIX) (target_ulong EA)
-{
-    uint32_t tmp = glue(ldl, MEMSUFFIX)(EA);
-    return ((tmp & 0xFF000000) >> 24) | ((tmp & 0x00FF0000) >> 8) |
-        ((tmp & 0x0000FF00) << 8) | ((tmp & 0x000000FF) << 24);
-}
-
-static always_inline uint64_t glue(ld64r, MEMSUFFIX) (target_ulong EA)
-{
-    uint64_t tmp = glue(ldq, MEMSUFFIX)(EA);
-    return ((tmp & 0xFF00000000000000ULL) >> 56) |
-        ((tmp & 0x00FF000000000000ULL) >> 40) |
-        ((tmp & 0x0000FF0000000000ULL) >> 24) |
-        ((tmp & 0x000000FF00000000ULL) >> 8) |
-        ((tmp & 0x00000000FF000000ULL) << 8) |
-        ((tmp & 0x0000000000FF0000ULL) << 24) |
-        ((tmp & 0x000000000000FF00ULL) << 40) |
-        ((tmp & 0x00000000000000FFULL) << 54);
-}
-
-#if defined(TARGET_PPC64)
-static always_inline int64_t glue(ldsl, MEMSUFFIX) (target_ulong EA)
-{
-    return (int32_t)glue(ldl, MEMSUFFIX)(EA);
-}
-
-static always_inline int64_t glue(ld32rs, MEMSUFFIX) (target_ulong EA)
-{
-    uint32_t tmp = glue(ldl, MEMSUFFIX)(EA);
-    return (int32_t)((tmp & 0xFF000000) >> 24) | ((tmp & 0x00FF0000) >> 8) |
-        ((tmp & 0x0000FF00) << 8) | ((tmp & 0x000000FF) << 24);
-}
-#endif
-
-static always_inline void glue(st16r, MEMSUFFIX) (target_ulong EA,
-                                                  uint16_t data)
-{
-    uint16_t tmp = ((data & 0xFF00) >> 8) | ((data & 0x00FF) << 8);
-    glue(stw, MEMSUFFIX)(EA, tmp);
-}
-
-static always_inline void glue(st32r, MEMSUFFIX) (target_ulong EA,
-                                                  uint32_t data)
-{
-    uint32_t tmp = ((data & 0xFF000000) >> 24) | ((data & 0x00FF0000) >> 8) |
-        ((data & 0x0000FF00) << 8) | ((data & 0x000000FF) << 24);
-    glue(stl, MEMSUFFIX)(EA, tmp);
-}
-
-static always_inline void glue(st64r, MEMSUFFIX) (target_ulong EA,
-                                                  uint64_t data)
-{
-    uint64_t tmp = ((data & 0xFF00000000000000ULL) >> 56) |
-        ((data & 0x00FF000000000000ULL) >> 40) |
-        ((data & 0x0000FF0000000000ULL) >> 24) |
-        ((data & 0x000000FF00000000ULL) >> 8) |
-        ((data & 0x00000000FF000000ULL) << 8) |
-        ((data & 0x0000000000FF0000ULL) << 24) |
-        ((data & 0x000000000000FF00ULL) << 40) |
-        ((data & 0x00000000000000FFULL) << 56);
-    glue(stq, MEMSUFFIX)(EA, tmp);
-}
-
 /***                             Integer load                              ***/
 #define PPC_LD_OP(name, op)                                                   \
 void OPPROTO glue(glue(op_l, name), MEMSUFFIX) (void)                         \
@@ -126,76 +53,76 @@
 }
 #endif
 
-PPC_LD_OP(bz, ldub);
-PPC_LD_OP(ha, ldsw);
-PPC_LD_OP(hz, lduw);
-PPC_LD_OP(wz, ldl);
+PPC_LD_OP(bz, ldu8);
+PPC_LD_OP(ha, lds16);
+PPC_LD_OP(hz, ldu16);
+PPC_LD_OP(wz, ldu32);
 #if defined(TARGET_PPC64)
-PPC_LD_OP(d, ldq);
-PPC_LD_OP(wa, ldsl);
-PPC_LD_OP_64(d, ldq);
-PPC_LD_OP_64(wa, ldsl);
-PPC_LD_OP_64(bz, ldub);
-PPC_LD_OP_64(ha, ldsw);
-PPC_LD_OP_64(hz, lduw);
-PPC_LD_OP_64(wz, ldl);
+PPC_LD_OP(wa, lds32);
+PPC_LD_OP(d, ldu64);
+PPC_LD_OP_64(bz, ldu8);
+PPC_LD_OP_64(ha, lds16);
+PPC_LD_OP_64(hz, ldu16);
+PPC_LD_OP_64(wz, ldu32);
+PPC_LD_OP_64(wa, lds32);
+PPC_LD_OP_64(d, ldu64);
 #endif
 
-PPC_LD_OP(ha_le, ld16rs);
-PPC_LD_OP(hz_le, ld16r);
-PPC_LD_OP(wz_le, ld32r);
+PPC_LD_OP(ha_le, lds16r);
+PPC_LD_OP(hz_le, ldu16r);
+PPC_LD_OP(wz_le, ldu32r);
 #if defined(TARGET_PPC64)
-PPC_LD_OP(d_le, ld64r);
-PPC_LD_OP(wa_le, ld32rs);
-PPC_LD_OP_64(d_le, ld64r);
-PPC_LD_OP_64(wa_le, ld32rs);
-PPC_LD_OP_64(ha_le, ld16rs);
-PPC_LD_OP_64(hz_le, ld16r);
-PPC_LD_OP_64(wz_le, ld32r);
+PPC_LD_OP(wa_le, lds32r);
+PPC_LD_OP(d_le, ldu64r);
+PPC_LD_OP_64(ha_le, lds16r);
+PPC_LD_OP_64(hz_le, ldu16r);
+PPC_LD_OP_64(wz_le, ldu32r);
+PPC_LD_OP_64(wa_le, lds32r);
+PPC_LD_OP_64(d_le, ldu64r);
 #endif
 
 /***                              Integer store                            ***/
-PPC_ST_OP(b, stb);
-PPC_ST_OP(h, stw);
-PPC_ST_OP(w, stl);
+PPC_ST_OP(b, st8);
+PPC_ST_OP(h, st16);
+PPC_ST_OP(w, st32);
 #if defined(TARGET_PPC64)
-PPC_ST_OP(d, stq);
-PPC_ST_OP_64(d, stq);
-PPC_ST_OP_64(b, stb);
-PPC_ST_OP_64(h, stw);
-PPC_ST_OP_64(w, stl);
+PPC_ST_OP(d, st64);
+PPC_ST_OP_64(b, st8);
+PPC_ST_OP_64(h, st16);
+PPC_ST_OP_64(w, st32);
+PPC_ST_OP_64(d, st64);
 #endif
 
 PPC_ST_OP(h_le, st16r);
 PPC_ST_OP(w_le, st32r);
 #if defined(TARGET_PPC64)
 PPC_ST_OP(d_le, st64r);
-PPC_ST_OP_64(d_le, st64r);
 PPC_ST_OP_64(h_le, st16r);
 PPC_ST_OP_64(w_le, st32r);
+PPC_ST_OP_64(d_le, st64r);
 #endif
 
 /***                Integer load and store with byte reverse               ***/
-PPC_LD_OP(hbr, ld16r);
-PPC_LD_OP(wbr, ld32r);
+PPC_LD_OP(hbr, ldu16r);
+PPC_LD_OP(wbr, ldu32r);
 PPC_ST_OP(hbr, st16r);
 PPC_ST_OP(wbr, st32r);
 #if defined(TARGET_PPC64)
-PPC_LD_OP_64(hbr, ld16r);
-PPC_LD_OP_64(wbr, ld32r);
+PPC_LD_OP_64(hbr, ldu16r);
+PPC_LD_OP_64(wbr, ldu32r);
 PPC_ST_OP_64(hbr, st16r);
 PPC_ST_OP_64(wbr, st32r);
 #endif
 
-PPC_LD_OP(hbr_le, lduw);
-PPC_LD_OP(wbr_le, ldl);
-PPC_ST_OP(hbr_le, stw);
-PPC_ST_OP(wbr_le, stl);
+PPC_LD_OP(hbr_le, ldu16);
+PPC_LD_OP(wbr_le, ldu32);
+PPC_ST_OP(hbr_le, st16);
+PPC_ST_OP(wbr_le, st32);
 #if defined(TARGET_PPC64)
-PPC_LD_OP_64(hbr_le, lduw);
-PPC_LD_OP_64(wbr_le, ldl);
-PPC_ST_OP_64(hbr_le, stw);
-PPC_ST_OP_64(wbr_le, stl);
+PPC_LD_OP_64(hbr_le, ldu16);
+PPC_LD_OP_64(wbr_le, ldu32);
+PPC_ST_OP_64(hbr_le, st16);
+PPC_ST_OP_64(wbr_le, st32);
 #endif
 
 /***                    Integer load and store multiple                    ***/
@@ -270,20 +197,6 @@
 }
 #endif
 
-void OPPROTO glue(op_lswi_le, MEMSUFFIX) (void)
-{
-    glue(do_lsw_le, MEMSUFFIX)(PARAM1);
-    RETURN();
-}
-
-#if defined(TARGET_PPC64)
-void OPPROTO glue(op_lswi_le_64, MEMSUFFIX) (void)
-{
-    glue(do_lsw_le_64, MEMSUFFIX)(PARAM1);
-    RETURN();
-}
-#endif
-
 /* PPC32 specification says we must generate an exception if
  * rA is in the range of registers to be loaded.
  * In an other hand, IBM says this is valid, but rA won't be loaded.
@@ -323,40 +236,6 @@
 }
 #endif
 
-void OPPROTO glue(op_lswx_le, MEMSUFFIX) (void)
-{
-    /* Note: T1 comes from xer_bc then no cast is needed */
-    if (likely(T1 != 0)) {
-        if (unlikely((PARAM1 < PARAM2 && (PARAM1 + T1) > PARAM2) ||
-                     (PARAM1 < PARAM3 && (PARAM1 + T1) > PARAM3))) {
-            do_raise_exception_err(POWERPC_EXCP_PROGRAM,
-                                   POWERPC_EXCP_INVAL |
-                                   POWERPC_EXCP_INVAL_LSWX);
-        } else {
-            glue(do_lsw_le, MEMSUFFIX)(PARAM1);
-        }
-    }
-    RETURN();
-}
-
-#if defined(TARGET_PPC64)
-void OPPROTO glue(op_lswx_le_64, MEMSUFFIX) (void)
-{
-    /* Note: T1 comes from xer_bc then no cast is needed */
-    if (likely(T1 != 0)) {
-        if (unlikely((PARAM1 < PARAM2 && (PARAM1 + T1) > PARAM2) ||
-                     (PARAM1 < PARAM3 && (PARAM1 + T1) > PARAM3))) {
-            do_raise_exception_err(POWERPC_EXCP_PROGRAM,
-                                   POWERPC_EXCP_INVAL |
-                                   POWERPC_EXCP_INVAL_LSWX);
-        } else {
-            glue(do_lsw_le_64, MEMSUFFIX)(PARAM1);
-        }
-    }
-    RETURN();
-}
-#endif
-
 void OPPROTO glue(op_stsw, MEMSUFFIX) (void)
 {
     glue(do_stsw, MEMSUFFIX)(PARAM1);
@@ -371,20 +250,6 @@
 }
 #endif
 
-void OPPROTO glue(op_stsw_le, MEMSUFFIX) (void)
-{
-    glue(do_stsw_le, MEMSUFFIX)(PARAM1);
-    RETURN();
-}
-
-#if defined(TARGET_PPC64)
-void OPPROTO glue(op_stsw_le_64, MEMSUFFIX) (void)
-{
-    glue(do_stsw_le_64, MEMSUFFIX)(PARAM1);
-    RETURN();
-}
-#endif
-
 /***                         Floating-point store                          ***/
 #define PPC_STF_OP(name, op)                                                  \
 void OPPROTO glue(glue(op_st, name), MEMSUFFIX) (void)                        \
@@ -423,7 +288,7 @@
 
     /* Store the low order 32 bits without any conversion */
     u.d = d;
-    glue(stl, MEMSUFFIX)(EA, u.u[WORD0]);
+    glue(st32, MEMSUFFIX)(EA, u.u[WORD0]);
 }
 #undef WORD0
 #undef WORD1
@@ -445,14 +310,7 @@
     } u;
 
     u.d = d;
-    u.u = ((u.u & 0xFF00000000000000ULL) >> 56) |
-        ((u.u & 0x00FF000000000000ULL) >> 40) |
-        ((u.u & 0x0000FF0000000000ULL) >> 24) |
-        ((u.u & 0x000000FF00000000ULL) >> 8) |
-        ((u.u & 0x00000000FF000000ULL) << 8) |
-        ((u.u & 0x0000000000FF0000ULL) << 24) |
-        ((u.u & 0x000000000000FF00ULL) << 40) |
-        ((u.u & 0x00000000000000FFULL) << 56);
+    u.u = bswap64(u.u);
     glue(stfq, MEMSUFFIX)(EA, u.d);
 }
 
@@ -464,10 +322,7 @@
     } u;
 
     u.f = float64_to_float32(d, &env->fp_status);
-    u.u = ((u.u & 0xFF000000UL) >> 24) |
-        ((u.u & 0x00FF0000ULL) >> 8) |
-        ((u.u & 0x0000FF00UL) << 8) |
-        ((u.u & 0x000000FFULL) << 24);
+    u.u = bswap32(u.u);
     glue(stfl, MEMSUFFIX)(EA, u.f);
 }
 
@@ -480,11 +335,8 @@
 
     /* Store the low order 32 bits without any conversion */
     u.d = d;
-    u.u = ((u.u & 0xFF000000UL) >> 24) |
-        ((u.u & 0x00FF0000ULL) >> 8) |
-        ((u.u & 0x0000FF00UL) << 8) |
-        ((u.u & 0x000000FFULL) << 24);
-    glue(stl, MEMSUFFIX)(EA, u.u);
+    u.u = bswap32(u.u);
+    glue(st32, MEMSUFFIX)(EA, u.u);
 }
 
 PPC_STF_OP(fd_le, stfqr);
@@ -533,14 +385,7 @@
     } u;
 
     u.d = glue(ldfq, MEMSUFFIX)(EA);
-    u.u = ((u.u & 0xFF00000000000000ULL) >> 56) |
-        ((u.u & 0x00FF000000000000ULL) >> 40) |
-        ((u.u & 0x0000FF0000000000ULL) >> 24) |
-        ((u.u & 0x000000FF00000000ULL) >> 8) |
-        ((u.u & 0x00000000FF000000ULL) << 8) |
-        ((u.u & 0x0000000000FF0000ULL) << 24) |
-        ((u.u & 0x000000000000FF00ULL) << 40) |
-        ((u.u & 0x00000000000000FFULL) << 56);
+    u.u = bswap64(u.u);
 
     return u.d;
 }
@@ -553,10 +398,7 @@
     } u;
 
     u.f = glue(ldfl, MEMSUFFIX)(EA);
-    u.u = ((u.u & 0xFF000000UL) >> 24) |
-        ((u.u & 0x00FF0000ULL) >> 8) |
-        ((u.u & 0x0000FF00UL) << 8) |
-        ((u.u & 0x000000FFULL) << 24);
+    u.u = bswap32(u.u);
 
     return float32_to_float64(u.f, &env->fp_status);
 }
@@ -574,7 +416,7 @@
     if (unlikely(T0 & 0x03)) {
         do_raise_exception(POWERPC_EXCP_ALIGN);
     } else {
-        T1 = glue(ldl, MEMSUFFIX)((uint32_t)T0);
+        T1 = glue(ldu32, MEMSUFFIX)((uint32_t)T0);
         env->reserve = (uint32_t)T0;
     }
     RETURN();
@@ -586,7 +428,7 @@
     if (unlikely(T0 & 0x03)) {
         do_raise_exception(POWERPC_EXCP_ALIGN);
     } else {
-        T1 = glue(ldl, MEMSUFFIX)((uint64_t)T0);
+        T1 = glue(ldu32, MEMSUFFIX)((uint64_t)T0);
         env->reserve = (uint64_t)T0;
     }
     RETURN();
@@ -597,7 +439,7 @@
     if (unlikely(T0 & 0x03)) {
         do_raise_exception(POWERPC_EXCP_ALIGN);
     } else {
-        T1 = glue(ldq, MEMSUFFIX)((uint32_t)T0);
+        T1 = glue(ldu64, MEMSUFFIX)((uint32_t)T0);
         env->reserve = (uint32_t)T0;
     }
     RETURN();
@@ -608,7 +450,7 @@
     if (unlikely(T0 & 0x03)) {
         do_raise_exception(POWERPC_EXCP_ALIGN);
     } else {
-        T1 = glue(ldq, MEMSUFFIX)((uint64_t)T0);
+        T1 = glue(ldu64, MEMSUFFIX)((uint64_t)T0);
         env->reserve = (uint64_t)T0;
     }
     RETURN();
@@ -620,7 +462,7 @@
     if (unlikely(T0 & 0x03)) {
         do_raise_exception(POWERPC_EXCP_ALIGN);
     } else {
-        T1 = glue(ld32r, MEMSUFFIX)((uint32_t)T0);
+        T1 = glue(ldu32r, MEMSUFFIX)((uint32_t)T0);
         env->reserve = (uint32_t)T0;
     }
     RETURN();
@@ -632,7 +474,7 @@
     if (unlikely(T0 & 0x03)) {
         do_raise_exception(POWERPC_EXCP_ALIGN);
     } else {
-        T1 = glue(ld32r, MEMSUFFIX)((uint64_t)T0);
+        T1 = glue(ldu32r, MEMSUFFIX)((uint64_t)T0);
         env->reserve = (uint64_t)T0;
     }
     RETURN();
@@ -643,7 +485,7 @@
     if (unlikely(T0 & 0x03)) {
         do_raise_exception(POWERPC_EXCP_ALIGN);
     } else {
-        T1 = glue(ld64r, MEMSUFFIX)((uint32_t)T0);
+        T1 = glue(ldu64r, MEMSUFFIX)((uint32_t)T0);
         env->reserve = (uint32_t)T0;
     }
     RETURN();
@@ -654,7 +496,7 @@
     if (unlikely(T0 & 0x03)) {
         do_raise_exception(POWERPC_EXCP_ALIGN);
     } else {
-        T1 = glue(ld64r, MEMSUFFIX)((uint64_t)T0);
+        T1 = glue(ldu64r, MEMSUFFIX)((uint64_t)T0);
         env->reserve = (uint64_t)T0;
     }
     RETURN();
@@ -670,7 +512,7 @@
         if (unlikely(env->reserve != (uint32_t)T0)) {
             env->crf[0] = xer_so;
         } else {
-            glue(stl, MEMSUFFIX)((uint32_t)T0, T1);
+            glue(st32, MEMSUFFIX)((uint32_t)T0, T1);
             env->crf[0] = xer_so | 0x02;
         }
     }
@@ -687,7 +529,7 @@
         if (unlikely(env->reserve != (uint64_t)T0)) {
             env->crf[0] = xer_so;
         } else {
-            glue(stl, MEMSUFFIX)((uint64_t)T0, T1);
+            glue(st32, MEMSUFFIX)((uint64_t)T0, T1);
             env->crf[0] = xer_so | 0x02;
         }
     }
@@ -703,7 +545,7 @@
         if (unlikely(env->reserve != (uint32_t)T0)) {
             env->crf[0] = xer_so;
         } else {
-            glue(stq, MEMSUFFIX)((uint32_t)T0, T1);
+            glue(st64, MEMSUFFIX)((uint32_t)T0, T1);
             env->crf[0] = xer_so | 0x02;
         }
     }
@@ -719,7 +561,7 @@
         if (unlikely(env->reserve != (uint64_t)T0)) {
             env->crf[0] = xer_so;
         } else {
-            glue(stq, MEMSUFFIX)((uint64_t)T0, T1);
+            glue(st64, MEMSUFFIX)((uint64_t)T0, T1);
             env->crf[0] = xer_so | 0x02;
         }
     }
@@ -796,72 +638,75 @@
 
 void OPPROTO glue(op_dcbz_l32, MEMSUFFIX) (void)
 {
-    glue(stl, MEMSUFFIX)((uint32_t)(T0 + 0x00), 0);
-    glue(stl, MEMSUFFIX)((uint32_t)(T0 + 0x04), 0);
-    glue(stl, MEMSUFFIX)((uint32_t)(T0 + 0x08), 0);
-    glue(stl, MEMSUFFIX)((uint32_t)(T0 + 0x0C), 0);
-    glue(stl, MEMSUFFIX)((uint32_t)(T0 + 0x10), 0);
-    glue(stl, MEMSUFFIX)((uint32_t)(T0 + 0x14), 0);
-    glue(stl, MEMSUFFIX)((uint32_t)(T0 + 0x18), 0);
-    glue(stl, MEMSUFFIX)((uint32_t)(T0 + 0x1C), 0);
+    T0 &= ~((uint32_t)31);
+    glue(st32, MEMSUFFIX)((uint32_t)(T0 + 0x00), 0);
+    glue(st32, MEMSUFFIX)((uint32_t)(T0 + 0x04), 0);
+    glue(st32, MEMSUFFIX)((uint32_t)(T0 + 0x08), 0);
+    glue(st32, MEMSUFFIX)((uint32_t)(T0 + 0x0C), 0);
+    glue(st32, MEMSUFFIX)((uint32_t)(T0 + 0x10), 0);
+    glue(st32, MEMSUFFIX)((uint32_t)(T0 + 0x14), 0);
+    glue(st32, MEMSUFFIX)((uint32_t)(T0 + 0x18), 0);
+    glue(st32, MEMSUFFIX)((uint32_t)(T0 + 0x1C), 0);
     RETURN();
 }
 
 void OPPROTO glue(op_dcbz_l64, MEMSUFFIX) (void)
 {
-    glue(stl, MEMSUFFIX)((uint32_t)(T0 + 0x00), 0);
-    glue(stl, MEMSUFFIX)((uint32_t)(T0 + 0x04), 0);
-    glue(stl, MEMSUFFIX)((uint32_t)(T0 + 0x08), 0);
-    glue(stl, MEMSUFFIX)((uint32_t)(T0 + 0x0C), 0);
-    glue(stl, MEMSUFFIX)((uint32_t)(T0 + 0x10), 0);
-    glue(stl, MEMSUFFIX)((uint32_t)(T0 + 0x14), 0);
-    glue(stl, MEMSUFFIX)((uint32_t)(T0 + 0x18), 0);
-    glue(stl, MEMSUFFIX)((uint32_t)(T0 + 0x1C), 0);
-    glue(stl, MEMSUFFIX)((uint32_t)(T0 + 0x20UL), 0);
-    glue(stl, MEMSUFFIX)((uint32_t)(T0 + 0x24UL), 0);
-    glue(stl, MEMSUFFIX)((uint32_t)(T0 + 0x28UL), 0);
-    glue(stl, MEMSUFFIX)((uint32_t)(T0 + 0x2CUL), 0);
-    glue(stl, MEMSUFFIX)((uint32_t)(T0 + 0x30UL), 0);
-    glue(stl, MEMSUFFIX)((uint32_t)(T0 + 0x34UL), 0);
-    glue(stl, MEMSUFFIX)((uint32_t)(T0 + 0x38UL), 0);
-    glue(stl, MEMSUFFIX)((uint32_t)(T0 + 0x3CUL), 0);
+    T0 &= ~((uint32_t)63);
+    glue(st32, MEMSUFFIX)((uint32_t)(T0 + 0x00), 0);
+    glue(st32, MEMSUFFIX)((uint32_t)(T0 + 0x04), 0);
+    glue(st32, MEMSUFFIX)((uint32_t)(T0 + 0x08), 0);
+    glue(st32, MEMSUFFIX)((uint32_t)(T0 + 0x0C), 0);
+    glue(st32, MEMSUFFIX)((uint32_t)(T0 + 0x10), 0);
+    glue(st32, MEMSUFFIX)((uint32_t)(T0 + 0x14), 0);
+    glue(st32, MEMSUFFIX)((uint32_t)(T0 + 0x18), 0);
+    glue(st32, MEMSUFFIX)((uint32_t)(T0 + 0x1C), 0);
+    glue(st32, MEMSUFFIX)((uint32_t)(T0 + 0x20UL), 0);
+    glue(st32, MEMSUFFIX)((uint32_t)(T0 + 0x24UL), 0);
+    glue(st32, MEMSUFFIX)((uint32_t)(T0 + 0x28UL), 0);
+    glue(st32, MEMSUFFIX)((uint32_t)(T0 + 0x2CUL), 0);
+    glue(st32, MEMSUFFIX)((uint32_t)(T0 + 0x30UL), 0);
+    glue(st32, MEMSUFFIX)((uint32_t)(T0 + 0x34UL), 0);
+    glue(st32, MEMSUFFIX)((uint32_t)(T0 + 0x38UL), 0);
+    glue(st32, MEMSUFFIX)((uint32_t)(T0 + 0x3CUL), 0);
     RETURN();
 }
 
 void OPPROTO glue(op_dcbz_l128, MEMSUFFIX) (void)
 {
-    glue(stl, MEMSUFFIX)((uint32_t)(T0 + 0x00), 0);
-    glue(stl, MEMSUFFIX)((uint32_t)(T0 + 0x04), 0);
-    glue(stl, MEMSUFFIX)((uint32_t)(T0 + 0x08), 0);
-    glue(stl, MEMSUFFIX)((uint32_t)(T0 + 0x0C), 0);
-    glue(stl, MEMSUFFIX)((uint32_t)(T0 + 0x10), 0);
-    glue(stl, MEMSUFFIX)((uint32_t)(T0 + 0x14), 0);
-    glue(stl, MEMSUFFIX)((uint32_t)(T0 + 0x18), 0);
-    glue(stl, MEMSUFFIX)((uint32_t)(T0 + 0x1C), 0);
-    glue(stl, MEMSUFFIX)((uint32_t)(T0 + 0x20UL), 0);
-    glue(stl, MEMSUFFIX)((uint32_t)(T0 + 0x24UL), 0);
-    glue(stl, MEMSUFFIX)((uint32_t)(T0 + 0x28UL), 0);
-    glue(stl, MEMSUFFIX)((uint32_t)(T0 + 0x2CUL), 0);
-    glue(stl, MEMSUFFIX)((uint32_t)(T0 + 0x30UL), 0);
-    glue(stl, MEMSUFFIX)((uint32_t)(T0 + 0x34UL), 0);
-    glue(stl, MEMSUFFIX)((uint32_t)(T0 + 0x38UL), 0);
-    glue(stl, MEMSUFFIX)((uint32_t)(T0 + 0x3CUL), 0);
-    glue(stl, MEMSUFFIX)((uint32_t)(T0 + 0x40UL), 0);
-    glue(stl, MEMSUFFIX)((uint32_t)(T0 + 0x44UL), 0);
-    glue(stl, MEMSUFFIX)((uint32_t)(T0 + 0x48UL), 0);
-    glue(stl, MEMSUFFIX)((uint32_t)(T0 + 0x4CUL), 0);
-    glue(stl, MEMSUFFIX)((uint32_t)(T0 + 0x50UL), 0);
-    glue(stl, MEMSUFFIX)((uint32_t)(T0 + 0x54UL), 0);
-    glue(stl, MEMSUFFIX)((uint32_t)(T0 + 0x58UL), 0);
-    glue(stl, MEMSUFFIX)((uint32_t)(T0 + 0x5CUL), 0);
-    glue(stl, MEMSUFFIX)((uint32_t)(T0 + 0x60UL), 0);
-    glue(stl, MEMSUFFIX)((uint32_t)(T0 + 0x64UL), 0);
-    glue(stl, MEMSUFFIX)((uint32_t)(T0 + 0x68UL), 0);
-    glue(stl, MEMSUFFIX)((uint32_t)(T0 + 0x6CUL), 0);
-    glue(stl, MEMSUFFIX)((uint32_t)(T0 + 0x70UL), 0);
-    glue(stl, MEMSUFFIX)((uint32_t)(T0 + 0x74UL), 0);
-    glue(stl, MEMSUFFIX)((uint32_t)(T0 + 0x78UL), 0);
-    glue(stl, MEMSUFFIX)((uint32_t)(T0 + 0x7CUL), 0);
+    T0 &= ~((uint32_t)127);
+    glue(st32, MEMSUFFIX)((uint32_t)(T0 + 0x00), 0);
+    glue(st32, MEMSUFFIX)((uint32_t)(T0 + 0x04), 0);
+    glue(st32, MEMSUFFIX)((uint32_t)(T0 + 0x08), 0);
+    glue(st32, MEMSUFFIX)((uint32_t)(T0 + 0x0C), 0);
+    glue(st32, MEMSUFFIX)((uint32_t)(T0 + 0x10), 0);
+    glue(st32, MEMSUFFIX)((uint32_t)(T0 + 0x14), 0);
+    glue(st32, MEMSUFFIX)((uint32_t)(T0 + 0x18), 0);
+    glue(st32, MEMSUFFIX)((uint32_t)(T0 + 0x1C), 0);
+    glue(st32, MEMSUFFIX)((uint32_t)(T0 + 0x20UL), 0);
+    glue(st32, MEMSUFFIX)((uint32_t)(T0 + 0x24UL), 0);
+    glue(st32, MEMSUFFIX)((uint32_t)(T0 + 0x28UL), 0);
+    glue(st32, MEMSUFFIX)((uint32_t)(T0 + 0x2CUL), 0);
+    glue(st32, MEMSUFFIX)((uint32_t)(T0 + 0x30UL), 0);
+    glue(st32, MEMSUFFIX)((uint32_t)(T0 + 0x34UL), 0);
+    glue(st32, MEMSUFFIX)((uint32_t)(T0 + 0x38UL), 0);
+    glue(st32, MEMSUFFIX)((uint32_t)(T0 + 0x3CUL), 0);
+    glue(st32, MEMSUFFIX)((uint32_t)(T0 + 0x40UL), 0);
+    glue(st32, MEMSUFFIX)((uint32_t)(T0 + 0x44UL), 0);
+    glue(st32, MEMSUFFIX)((uint32_t)(T0 + 0x48UL), 0);
+    glue(st32, MEMSUFFIX)((uint32_t)(T0 + 0x4CUL), 0);
+    glue(st32, MEMSUFFIX)((uint32_t)(T0 + 0x50UL), 0);
+    glue(st32, MEMSUFFIX)((uint32_t)(T0 + 0x54UL), 0);
+    glue(st32, MEMSUFFIX)((uint32_t)(T0 + 0x58UL), 0);
+    glue(st32, MEMSUFFIX)((uint32_t)(T0 + 0x5CUL), 0);
+    glue(st32, MEMSUFFIX)((uint32_t)(T0 + 0x60UL), 0);
+    glue(st32, MEMSUFFIX)((uint32_t)(T0 + 0x64UL), 0);
+    glue(st32, MEMSUFFIX)((uint32_t)(T0 + 0x68UL), 0);
+    glue(st32, MEMSUFFIX)((uint32_t)(T0 + 0x6CUL), 0);
+    glue(st32, MEMSUFFIX)((uint32_t)(T0 + 0x70UL), 0);
+    glue(st32, MEMSUFFIX)((uint32_t)(T0 + 0x74UL), 0);
+    glue(st32, MEMSUFFIX)((uint32_t)(T0 + 0x78UL), 0);
+    glue(st32, MEMSUFFIX)((uint32_t)(T0 + 0x7CUL), 0);
     RETURN();
 }
 
@@ -874,72 +719,75 @@
 #if defined(TARGET_PPC64)
 void OPPROTO glue(op_dcbz_l32_64, MEMSUFFIX) (void)
 {
-    glue(stl, MEMSUFFIX)((uint64_t)(T0 + 0x00), 0);
-    glue(stl, MEMSUFFIX)((uint64_t)(T0 + 0x04), 0);
-    glue(stl, MEMSUFFIX)((uint64_t)(T0 + 0x08), 0);
-    glue(stl, MEMSUFFIX)((uint64_t)(T0 + 0x0C), 0);
-    glue(stl, MEMSUFFIX)((uint64_t)(T0 + 0x10), 0);
-    glue(stl, MEMSUFFIX)((uint64_t)(T0 + 0x14), 0);
-    glue(stl, MEMSUFFIX)((uint64_t)(T0 + 0x18), 0);
-    glue(stl, MEMSUFFIX)((uint64_t)(T0 + 0x1C), 0);
+    T0 &= ~((uint64_t)31);
+    glue(st32, MEMSUFFIX)((uint64_t)(T0 + 0x00), 0);
+    glue(st32, MEMSUFFIX)((uint64_t)(T0 + 0x04), 0);
+    glue(st32, MEMSUFFIX)((uint64_t)(T0 + 0x08), 0);
+    glue(st32, MEMSUFFIX)((uint64_t)(T0 + 0x0C), 0);
+    glue(st32, MEMSUFFIX)((uint64_t)(T0 + 0x10), 0);
+    glue(st32, MEMSUFFIX)((uint64_t)(T0 + 0x14), 0);
+    glue(st32, MEMSUFFIX)((uint64_t)(T0 + 0x18), 0);
+    glue(st32, MEMSUFFIX)((uint64_t)(T0 + 0x1C), 0);
     RETURN();
 }
 
 void OPPROTO glue(op_dcbz_l64_64, MEMSUFFIX) (void)
 {
-    glue(stl, MEMSUFFIX)((uint64_t)(T0 + 0x00), 0);
-    glue(stl, MEMSUFFIX)((uint64_t)(T0 + 0x04), 0);
-    glue(stl, MEMSUFFIX)((uint64_t)(T0 + 0x08), 0);
-    glue(stl, MEMSUFFIX)((uint64_t)(T0 + 0x0C), 0);
-    glue(stl, MEMSUFFIX)((uint64_t)(T0 + 0x10), 0);
-    glue(stl, MEMSUFFIX)((uint64_t)(T0 + 0x14), 0);
-    glue(stl, MEMSUFFIX)((uint64_t)(T0 + 0x18), 0);
-    glue(stl, MEMSUFFIX)((uint64_t)(T0 + 0x1C), 0);
-    glue(stl, MEMSUFFIX)((uint64_t)(T0 + 0x20UL), 0);
-    glue(stl, MEMSUFFIX)((uint64_t)(T0 + 0x24UL), 0);
-    glue(stl, MEMSUFFIX)((uint64_t)(T0 + 0x28UL), 0);
-    glue(stl, MEMSUFFIX)((uint64_t)(T0 + 0x2CUL), 0);
-    glue(stl, MEMSUFFIX)((uint64_t)(T0 + 0x30UL), 0);
-    glue(stl, MEMSUFFIX)((uint64_t)(T0 + 0x34UL), 0);
-    glue(stl, MEMSUFFIX)((uint64_t)(T0 + 0x38UL), 0);
-    glue(stl, MEMSUFFIX)((uint64_t)(T0 + 0x3CUL), 0);
+    T0 &= ~((uint64_t)63);
+    glue(st32, MEMSUFFIX)((uint64_t)(T0 + 0x00), 0);
+    glue(st32, MEMSUFFIX)((uint64_t)(T0 + 0x04), 0);
+    glue(st32, MEMSUFFIX)((uint64_t)(T0 + 0x08), 0);
+    glue(st32, MEMSUFFIX)((uint64_t)(T0 + 0x0C), 0);
+    glue(st32, MEMSUFFIX)((uint64_t)(T0 + 0x10), 0);
+    glue(st32, MEMSUFFIX)((uint64_t)(T0 + 0x14), 0);
+    glue(st32, MEMSUFFIX)((uint64_t)(T0 + 0x18), 0);
+    glue(st32, MEMSUFFIX)((uint64_t)(T0 + 0x1C), 0);
+    glue(st32, MEMSUFFIX)((uint64_t)(T0 + 0x20UL), 0);
+    glue(st32, MEMSUFFIX)((uint64_t)(T0 + 0x24UL), 0);
+    glue(st32, MEMSUFFIX)((uint64_t)(T0 + 0x28UL), 0);
+    glue(st32, MEMSUFFIX)((uint64_t)(T0 + 0x2CUL), 0);
+    glue(st32, MEMSUFFIX)((uint64_t)(T0 + 0x30UL), 0);
+    glue(st32, MEMSUFFIX)((uint64_t)(T0 + 0x34UL), 0);
+    glue(st32, MEMSUFFIX)((uint64_t)(T0 + 0x38UL), 0);
+    glue(st32, MEMSUFFIX)((uint64_t)(T0 + 0x3CUL), 0);
     RETURN();
 }
 
 void OPPROTO glue(op_dcbz_l128_64, MEMSUFFIX) (void)
 {
-    glue(stl, MEMSUFFIX)((uint64_t)(T0 + 0x00), 0);
-    glue(stl, MEMSUFFIX)((uint64_t)(T0 + 0x04), 0);
-    glue(stl, MEMSUFFIX)((uint64_t)(T0 + 0x08), 0);
-    glue(stl, MEMSUFFIX)((uint64_t)(T0 + 0x0C), 0);
-    glue(stl, MEMSUFFIX)((uint64_t)(T0 + 0x10), 0);
-    glue(stl, MEMSUFFIX)((uint64_t)(T0 + 0x14), 0);
-    glue(stl, MEMSUFFIX)((uint64_t)(T0 + 0x18), 0);
-    glue(stl, MEMSUFFIX)((uint64_t)(T0 + 0x1C), 0);
-    glue(stl, MEMSUFFIX)((uint64_t)(T0 + 0x20UL), 0);
-    glue(stl, MEMSUFFIX)((uint64_t)(T0 + 0x24UL), 0);
-    glue(stl, MEMSUFFIX)((uint64_t)(T0 + 0x28UL), 0);
-    glue(stl, MEMSUFFIX)((uint64_t)(T0 + 0x2CUL), 0);
-    glue(stl, MEMSUFFIX)((uint64_t)(T0 + 0x30UL), 0);
-    glue(stl, MEMSUFFIX)((uint64_t)(T0 + 0x34UL), 0);
-    glue(stl, MEMSUFFIX)((uint64_t)(T0 + 0x38UL), 0);
-    glue(stl, MEMSUFFIX)((uint64_t)(T0 + 0x3CUL), 0);
-    glue(stl, MEMSUFFIX)((uint64_t)(T0 + 0x40UL), 0);
-    glue(stl, MEMSUFFIX)((uint64_t)(T0 + 0x44UL), 0);
-    glue(stl, MEMSUFFIX)((uint64_t)(T0 + 0x48UL), 0);
-    glue(stl, MEMSUFFIX)((uint64_t)(T0 + 0x4CUL), 0);
-    glue(stl, MEMSUFFIX)((uint64_t)(T0 + 0x50UL), 0);
-    glue(stl, MEMSUFFIX)((uint64_t)(T0 + 0x54UL), 0);
-    glue(stl, MEMSUFFIX)((uint64_t)(T0 + 0x58UL), 0);
-    glue(stl, MEMSUFFIX)((uint64_t)(T0 + 0x5CUL), 0);
-    glue(stl, MEMSUFFIX)((uint64_t)(T0 + 0x60UL), 0);
-    glue(stl, MEMSUFFIX)((uint64_t)(T0 + 0x64UL), 0);
-    glue(stl, MEMSUFFIX)((uint64_t)(T0 + 0x68UL), 0);
-    glue(stl, MEMSUFFIX)((uint64_t)(T0 + 0x6CUL), 0);
-    glue(stl, MEMSUFFIX)((uint64_t)(T0 + 0x70UL), 0);
-    glue(stl, MEMSUFFIX)((uint64_t)(T0 + 0x74UL), 0);
-    glue(stl, MEMSUFFIX)((uint64_t)(T0 + 0x78UL), 0);
-    glue(stl, MEMSUFFIX)((uint64_t)(T0 + 0x7CUL), 0);
+    T0 &= ~((uint64_t)127);
+    glue(st32, MEMSUFFIX)((uint64_t)(T0 + 0x00), 0);
+    glue(st32, MEMSUFFIX)((uint64_t)(T0 + 0x04), 0);
+    glue(st32, MEMSUFFIX)((uint64_t)(T0 + 0x08), 0);
+    glue(st32, MEMSUFFIX)((uint64_t)(T0 + 0x0C), 0);
+    glue(st32, MEMSUFFIX)((uint64_t)(T0 + 0x10), 0);
+    glue(st32, MEMSUFFIX)((uint64_t)(T0 + 0x14), 0);
+    glue(st32, MEMSUFFIX)((uint64_t)(T0 + 0x18), 0);
+    glue(st32, MEMSUFFIX)((uint64_t)(T0 + 0x1C), 0);
+    glue(st32, MEMSUFFIX)((uint64_t)(T0 + 0x20UL), 0);
+    glue(st32, MEMSUFFIX)((uint64_t)(T0 + 0x24UL), 0);
+    glue(st32, MEMSUFFIX)((uint64_t)(T0 + 0x28UL), 0);
+    glue(st32, MEMSUFFIX)((uint64_t)(T0 + 0x2CUL), 0);
+    glue(st32, MEMSUFFIX)((uint64_t)(T0 + 0x30UL), 0);
+    glue(st32, MEMSUFFIX)((uint64_t)(T0 + 0x34UL), 0);
+    glue(st32, MEMSUFFIX)((uint64_t)(T0 + 0x38UL), 0);
+    glue(st32, MEMSUFFIX)((uint64_t)(T0 + 0x3CUL), 0);
+    glue(st32, MEMSUFFIX)((uint64_t)(T0 + 0x40UL), 0);
+    glue(st32, MEMSUFFIX)((uint64_t)(T0 + 0x44UL), 0);
+    glue(st32, MEMSUFFIX)((uint64_t)(T0 + 0x48UL), 0);
+    glue(st32, MEMSUFFIX)((uint64_t)(T0 + 0x4CUL), 0);
+    glue(st32, MEMSUFFIX)((uint64_t)(T0 + 0x50UL), 0);
+    glue(st32, MEMSUFFIX)((uint64_t)(T0 + 0x54UL), 0);
+    glue(st32, MEMSUFFIX)((uint64_t)(T0 + 0x58UL), 0);
+    glue(st32, MEMSUFFIX)((uint64_t)(T0 + 0x5CUL), 0);
+    glue(st32, MEMSUFFIX)((uint64_t)(T0 + 0x60UL), 0);
+    glue(st32, MEMSUFFIX)((uint64_t)(T0 + 0x64UL), 0);
+    glue(st32, MEMSUFFIX)((uint64_t)(T0 + 0x68UL), 0);
+    glue(st32, MEMSUFFIX)((uint64_t)(T0 + 0x6CUL), 0);
+    glue(st32, MEMSUFFIX)((uint64_t)(T0 + 0x70UL), 0);
+    glue(st32, MEMSUFFIX)((uint64_t)(T0 + 0x74UL), 0);
+    glue(st32, MEMSUFFIX)((uint64_t)(T0 + 0x78UL), 0);
+    glue(st32, MEMSUFFIX)((uint64_t)(T0 + 0x7CUL), 0);
     RETURN();
 }
 
@@ -968,42 +816,42 @@
 /* External access */
 void OPPROTO glue(op_eciwx, MEMSUFFIX) (void)
 {
-    T1 = glue(ldl, MEMSUFFIX)((uint32_t)T0);
+    T1 = glue(ldu32, MEMSUFFIX)((uint32_t)T0);
     RETURN();
 }
 
 #if defined(TARGET_PPC64)
 void OPPROTO glue(op_eciwx_64, MEMSUFFIX) (void)
 {
-    T1 = glue(ldl, MEMSUFFIX)((uint64_t)T0);
+    T1 = glue(ldu32, MEMSUFFIX)((uint64_t)T0);
     RETURN();
 }
 #endif
 
 void OPPROTO glue(op_ecowx, MEMSUFFIX) (void)
 {
-    glue(stl, MEMSUFFIX)((uint32_t)T0, T1);
+    glue(st32, MEMSUFFIX)((uint32_t)T0, T1);
     RETURN();
 }
 
 #if defined(TARGET_PPC64)
 void OPPROTO glue(op_ecowx_64, MEMSUFFIX) (void)
 {
-    glue(stl, MEMSUFFIX)((uint64_t)T0, T1);
+    glue(st32, MEMSUFFIX)((uint64_t)T0, T1);
     RETURN();
 }
 #endif
 
 void OPPROTO glue(op_eciwx_le, MEMSUFFIX) (void)
 {
-    T1 = glue(ld32r, MEMSUFFIX)((uint32_t)T0);
+    T1 = glue(ldu32r, MEMSUFFIX)((uint32_t)T0);
     RETURN();
 }
 
 #if defined(TARGET_PPC64)
 void OPPROTO glue(op_eciwx_le_64, MEMSUFFIX) (void)
 {
-    T1 = glue(ld32r, MEMSUFFIX)((uint64_t)T0);
+    T1 = glue(ldu32r, MEMSUFFIX)((uint64_t)T0);
     RETURN();
 }
 #endif
@@ -1069,51 +917,51 @@
 #endif
 void OPPROTO glue(op_vr_lvx, MEMSUFFIX) (void)
 {
-    AVR0.u64[VR_DWORD0] = glue(ldq, MEMSUFFIX)((uint32_t)T0);
-    AVR0.u64[VR_DWORD1] = glue(ldq, MEMSUFFIX)((uint32_t)T0 + 8);
+    AVR0.u64[VR_DWORD0] = glue(ldu64, MEMSUFFIX)((uint32_t)T0);
+    AVR0.u64[VR_DWORD1] = glue(ldu64, MEMSUFFIX)((uint32_t)T0 + 8);
 }
 
 void OPPROTO glue(op_vr_lvx_le, MEMSUFFIX) (void)
 {
-    AVR0.u64[VR_DWORD1] = glue(ldq, MEMSUFFIX)((uint32_t)T0);
-    AVR0.u64[VR_DWORD0] = glue(ldq, MEMSUFFIX)((uint32_t)T0 + 8);
+    AVR0.u64[VR_DWORD1] = glue(ldu64r, MEMSUFFIX)((uint32_t)T0);
+    AVR0.u64[VR_DWORD0] = glue(ldu64r, MEMSUFFIX)((uint32_t)T0 + 8);
 }
 
 void OPPROTO glue(op_vr_stvx, MEMSUFFIX) (void)
 {
-    glue(stq, MEMSUFFIX)((uint32_t)T0, AVR0.u64[VR_DWORD0]);
-    glue(stq, MEMSUFFIX)((uint32_t)T0 + 8, AVR0.u64[VR_DWORD1]);
+    glue(st64, MEMSUFFIX)((uint32_t)T0, AVR0.u64[VR_DWORD0]);
+    glue(st64, MEMSUFFIX)((uint32_t)T0 + 8, AVR0.u64[VR_DWORD1]);
 }
 
 void OPPROTO glue(op_vr_stvx_le, MEMSUFFIX) (void)
 {
-    glue(stq, MEMSUFFIX)((uint32_t)T0, AVR0.u64[VR_DWORD1]);
-    glue(stq, MEMSUFFIX)((uint32_t)T0 + 8, AVR0.u64[VR_DWORD0]);
+    glue(st64r, MEMSUFFIX)((uint32_t)T0, AVR0.u64[VR_DWORD1]);
+    glue(st64r, MEMSUFFIX)((uint32_t)T0 + 8, AVR0.u64[VR_DWORD0]);
 }
 
 #if defined(TARGET_PPC64)
 void OPPROTO glue(op_vr_lvx_64, MEMSUFFIX) (void)
 {
-    AVR0.u64[VR_DWORD0] = glue(ldq, MEMSUFFIX)((uint64_t)T0);
-    AVR0.u64[VR_DWORD1] = glue(ldq, MEMSUFFIX)((uint64_t)T0 + 8);
+    AVR0.u64[VR_DWORD0] = glue(ldu64, MEMSUFFIX)((uint64_t)T0);
+    AVR0.u64[VR_DWORD1] = glue(ldu64, MEMSUFFIX)((uint64_t)T0 + 8);
 }
 
 void OPPROTO glue(op_vr_lvx_le_64, MEMSUFFIX) (void)
 {
-    AVR0.u64[VR_DWORD1] = glue(ldq, MEMSUFFIX)((uint64_t)T0);
-    AVR0.u64[VR_DWORD0] = glue(ldq, MEMSUFFIX)((uint64_t)T0 + 8);
+    AVR0.u64[VR_DWORD1] = glue(ldu64r, MEMSUFFIX)((uint64_t)T0);
+    AVR0.u64[VR_DWORD0] = glue(ldu64r, MEMSUFFIX)((uint64_t)T0 + 8);
 }
 
 void OPPROTO glue(op_vr_stvx_64, MEMSUFFIX) (void)
 {
-    glue(stq, MEMSUFFIX)((uint64_t)T0, AVR0.u64[VR_DWORD0]);
-    glue(stq, MEMSUFFIX)((uint64_t)T0 + 8, AVR0.u64[VR_DWORD1]);
+    glue(st64, MEMSUFFIX)((uint64_t)T0, AVR0.u64[VR_DWORD0]);
+    glue(st64, MEMSUFFIX)((uint64_t)T0 + 8, AVR0.u64[VR_DWORD1]);
 }
 
 void OPPROTO glue(op_vr_stvx_le_64, MEMSUFFIX) (void)
 {
-    glue(stq, MEMSUFFIX)((uint64_t)T0, AVR0.u64[VR_DWORD1]);
-    glue(stq, MEMSUFFIX)((uint64_t)T0 + 8, AVR0.u64[VR_DWORD0]);
+    glue(st64r, MEMSUFFIX)((uint64_t)T0, AVR0.u64[VR_DWORD1]);
+    glue(st64r, MEMSUFFIX)((uint64_t)T0 + 8, AVR0.u64[VR_DWORD0]);
 }
 #endif
 #undef VR_DWORD0
@@ -1165,31 +1013,31 @@
 #endif
 
 #if !defined(TARGET_PPC64)
-PPC_SPE_LD_OP(dd, ldq);
-PPC_SPE_ST_OP(dd, stq);
-PPC_SPE_LD_OP(dd_le, ld64r);
+PPC_SPE_LD_OP(dd, ldu64);
+PPC_SPE_ST_OP(dd, st64);
+PPC_SPE_LD_OP(dd_le, ldu64r);
 PPC_SPE_ST_OP(dd_le, st64r);
 #endif
 static always_inline uint64_t glue(spe_ldw, MEMSUFFIX) (target_ulong EA)
 {
     uint64_t ret;
-    ret = (uint64_t)glue(ldl, MEMSUFFIX)(EA) << 32;
-    ret |= (uint64_t)glue(ldl, MEMSUFFIX)(EA + 4);
+    ret = (uint64_t)glue(ldu32, MEMSUFFIX)(EA) << 32;
+    ret |= (uint64_t)glue(ldu32, MEMSUFFIX)(EA + 4);
     return ret;
 }
 PPC_SPE_LD_OP(dw, spe_ldw);
 static always_inline void glue(spe_stdw, MEMSUFFIX) (target_ulong EA,
                                                      uint64_t data)
 {
-    glue(stl, MEMSUFFIX)(EA, data >> 32);
-    glue(stl, MEMSUFFIX)(EA + 4, data);
+    glue(st32, MEMSUFFIX)(EA, data >> 32);
+    glue(st32, MEMSUFFIX)(EA + 4, data);
 }
 PPC_SPE_ST_OP(dw, spe_stdw);
 static always_inline uint64_t glue(spe_ldw_le, MEMSUFFIX) (target_ulong EA)
 {
     uint64_t ret;
-    ret = (uint64_t)glue(ld32r, MEMSUFFIX)(EA) << 32;
-    ret |= (uint64_t)glue(ld32r, MEMSUFFIX)(EA + 4);
+    ret = (uint64_t)glue(ldu32r, MEMSUFFIX)(EA) << 32;
+    ret |= (uint64_t)glue(ldu32r, MEMSUFFIX)(EA + 4);
     return ret;
 }
 PPC_SPE_LD_OP(dw_le, spe_ldw_le);
@@ -1203,29 +1051,29 @@
 static always_inline uint64_t glue(spe_ldh, MEMSUFFIX) (target_ulong EA)
 {
     uint64_t ret;
-    ret = (uint64_t)glue(lduw, MEMSUFFIX)(EA) << 48;
-    ret |= (uint64_t)glue(lduw, MEMSUFFIX)(EA + 2) << 32;
-    ret |= (uint64_t)glue(lduw, MEMSUFFIX)(EA + 4) << 16;
-    ret |= (uint64_t)glue(lduw, MEMSUFFIX)(EA + 6);
+    ret = (uint64_t)glue(ldu16, MEMSUFFIX)(EA) << 48;
+    ret |= (uint64_t)glue(ldu16, MEMSUFFIX)(EA + 2) << 32;
+    ret |= (uint64_t)glue(ldu16, MEMSUFFIX)(EA + 4) << 16;
+    ret |= (uint64_t)glue(ldu16, MEMSUFFIX)(EA + 6);
     return ret;
 }
 PPC_SPE_LD_OP(dh, spe_ldh);
 static always_inline void glue(spe_stdh, MEMSUFFIX) (target_ulong EA,
                                                      uint64_t data)
 {
-    glue(stw, MEMSUFFIX)(EA, data >> 48);
-    glue(stw, MEMSUFFIX)(EA + 2, data >> 32);
-    glue(stw, MEMSUFFIX)(EA + 4, data >> 16);
-    glue(stw, MEMSUFFIX)(EA + 6, data);
+    glue(st16, MEMSUFFIX)(EA, data >> 48);
+    glue(st16, MEMSUFFIX)(EA + 2, data >> 32);
+    glue(st16, MEMSUFFIX)(EA + 4, data >> 16);
+    glue(st16, MEMSUFFIX)(EA + 6, data);
 }
 PPC_SPE_ST_OP(dh, spe_stdh);
 static always_inline uint64_t glue(spe_ldh_le, MEMSUFFIX) (target_ulong EA)
 {
     uint64_t ret;
-    ret = (uint64_t)glue(ld16r, MEMSUFFIX)(EA) << 48;
-    ret |= (uint64_t)glue(ld16r, MEMSUFFIX)(EA + 2) << 32;
-    ret |= (uint64_t)glue(ld16r, MEMSUFFIX)(EA + 4) << 16;
-    ret |= (uint64_t)glue(ld16r, MEMSUFFIX)(EA + 6);
+    ret = (uint64_t)glue(ldu16r, MEMSUFFIX)(EA) << 48;
+    ret |= (uint64_t)glue(ldu16r, MEMSUFFIX)(EA + 2) << 32;
+    ret |= (uint64_t)glue(ldu16r, MEMSUFFIX)(EA + 4) << 16;
+    ret |= (uint64_t)glue(ldu16r, MEMSUFFIX)(EA + 6);
     return ret;
 }
 PPC_SPE_LD_OP(dh_le, spe_ldh_le);
@@ -1241,23 +1089,23 @@
 static always_inline uint64_t glue(spe_lwhe, MEMSUFFIX) (target_ulong EA)
 {
     uint64_t ret;
-    ret = (uint64_t)glue(lduw, MEMSUFFIX)(EA) << 48;
-    ret |= (uint64_t)glue(lduw, MEMSUFFIX)(EA + 2) << 16;
+    ret = (uint64_t)glue(ldu16, MEMSUFFIX)(EA) << 48;
+    ret |= (uint64_t)glue(ldu16, MEMSUFFIX)(EA + 2) << 16;
     return ret;
 }
 PPC_SPE_LD_OP(whe, spe_lwhe);
 static always_inline void glue(spe_stwhe, MEMSUFFIX) (target_ulong EA,
                                                       uint64_t data)
 {
-    glue(stw, MEMSUFFIX)(EA, data >> 48);
-    glue(stw, MEMSUFFIX)(EA + 2, data >> 16);
+    glue(st16, MEMSUFFIX)(EA, data >> 48);
+    glue(st16, MEMSUFFIX)(EA + 2, data >> 16);
 }
 PPC_SPE_ST_OP(whe, spe_stwhe);
 static always_inline uint64_t glue(spe_lwhe_le, MEMSUFFIX) (target_ulong EA)
 {
     uint64_t ret;
-    ret = (uint64_t)glue(ld16r, MEMSUFFIX)(EA) << 48;
-    ret |= (uint64_t)glue(ld16r, MEMSUFFIX)(EA + 2) << 16;
+    ret = (uint64_t)glue(ldu16r, MEMSUFFIX)(EA) << 48;
+    ret |= (uint64_t)glue(ldu16r, MEMSUFFIX)(EA + 2) << 16;
     return ret;
 }
 PPC_SPE_LD_OP(whe_le, spe_lwhe_le);
@@ -1271,39 +1119,39 @@
 static always_inline uint64_t glue(spe_lwhou, MEMSUFFIX) (target_ulong EA)
 {
     uint64_t ret;
-    ret = (uint64_t)glue(lduw, MEMSUFFIX)(EA) << 32;
-    ret |= (uint64_t)glue(lduw, MEMSUFFIX)(EA + 2);
+    ret = (uint64_t)glue(ldu16, MEMSUFFIX)(EA) << 32;
+    ret |= (uint64_t)glue(ldu16, MEMSUFFIX)(EA + 2);
     return ret;
 }
 PPC_SPE_LD_OP(whou, spe_lwhou);
 static always_inline uint64_t glue(spe_lwhos, MEMSUFFIX) (target_ulong EA)
 {
     uint64_t ret;
-    ret = ((uint64_t)((int32_t)glue(ldsw, MEMSUFFIX)(EA))) << 32;
-    ret |= (uint64_t)((int32_t)glue(ldsw, MEMSUFFIX)(EA + 2));
+    ret = ((uint64_t)((int32_t)glue(lds16, MEMSUFFIX)(EA))) << 32;
+    ret |= (uint64_t)((int32_t)glue(lds16, MEMSUFFIX)(EA + 2));
     return ret;
 }
 PPC_SPE_LD_OP(whos, spe_lwhos);
 static always_inline void glue(spe_stwho, MEMSUFFIX) (target_ulong EA,
                                                       uint64_t data)
 {
-    glue(stw, MEMSUFFIX)(EA, data >> 32);
-    glue(stw, MEMSUFFIX)(EA + 2, data);
+    glue(st16, MEMSUFFIX)(EA, data >> 32);
+    glue(st16, MEMSUFFIX)(EA + 2, data);
 }
 PPC_SPE_ST_OP(who, spe_stwho);
 static always_inline uint64_t glue(spe_lwhou_le, MEMSUFFIX) (target_ulong EA)
 {
     uint64_t ret;
-    ret = (uint64_t)glue(ld16r, MEMSUFFIX)(EA) << 32;
-    ret |= (uint64_t)glue(ld16r, MEMSUFFIX)(EA + 2);
+    ret = (uint64_t)glue(ldu16r, MEMSUFFIX)(EA) << 32;
+    ret |= (uint64_t)glue(ldu16r, MEMSUFFIX)(EA + 2);
     return ret;
 }
 PPC_SPE_LD_OP(whou_le, spe_lwhou_le);
 static always_inline uint64_t glue(spe_lwhos_le, MEMSUFFIX) (target_ulong EA)
 {
     uint64_t ret;
-    ret = ((uint64_t)((int32_t)glue(ld16rs, MEMSUFFIX)(EA))) << 32;
-    ret |= (uint64_t)((int32_t)glue(ld16rs, MEMSUFFIX)(EA + 2));
+    ret = ((uint64_t)((int32_t)glue(lds16r, MEMSUFFIX)(EA))) << 32;
+    ret |= (uint64_t)((int32_t)glue(lds16r, MEMSUFFIX)(EA + 2));
     return ret;
 }
 PPC_SPE_LD_OP(whos_le, spe_lwhos_le);
@@ -1318,7 +1166,7 @@
 static always_inline void glue(spe_stwwo, MEMSUFFIX) (target_ulong EA,
                                                       uint64_t data)
 {
-    glue(stl, MEMSUFFIX)(EA, data);
+    glue(st32, MEMSUFFIX)(EA, data);
 }
 PPC_SPE_ST_OP(wwo, spe_stwwo);
 static always_inline void glue(spe_stwwo_le, MEMSUFFIX) (target_ulong EA,
@@ -1331,21 +1179,21 @@
 static always_inline uint64_t glue(spe_lh, MEMSUFFIX) (target_ulong EA)
 {
     uint16_t tmp;
-    tmp = glue(lduw, MEMSUFFIX)(EA);
+    tmp = glue(ldu16, MEMSUFFIX)(EA);
     return ((uint64_t)tmp << 48) | ((uint64_t)tmp << 16);
 }
 PPC_SPE_LD_OP(h, spe_lh);
 static always_inline uint64_t glue(spe_lh_le, MEMSUFFIX) (target_ulong EA)
 {
     uint16_t tmp;
-    tmp = glue(ld16r, MEMSUFFIX)(EA);
+    tmp = glue(ldu16r, MEMSUFFIX)(EA);
     return ((uint64_t)tmp << 48) | ((uint64_t)tmp << 16);
 }
 PPC_SPE_LD_OP(h_le, spe_lh_le);
 static always_inline uint64_t glue(spe_lwwsplat, MEMSUFFIX) (target_ulong EA)
 {
     uint32_t tmp;
-    tmp = glue(ldl, MEMSUFFIX)(EA);
+    tmp = glue(ldu32, MEMSUFFIX)(EA);
     return ((uint64_t)tmp << 32) | (uint64_t)tmp;
 }
 PPC_SPE_LD_OP(wwsplat, spe_lwwsplat);
@@ -1353,7 +1201,7 @@
 uint64_t glue(spe_lwwsplat_le, MEMSUFFIX) (target_ulong EA)
 {
     uint32_t tmp;
-    tmp = glue(ld32r, MEMSUFFIX)(EA);
+    tmp = glue(ldu32r, MEMSUFFIX)(EA);
     return ((uint64_t)tmp << 32) | (uint64_t)tmp;
 }
 PPC_SPE_LD_OP(wwsplat_le, spe_lwwsplat_le);
@@ -1361,9 +1209,9 @@
 {
     uint64_t ret;
     uint16_t tmp;
-    tmp = glue(lduw, MEMSUFFIX)(EA);
+    tmp = glue(ldu16, MEMSUFFIX)(EA);
     ret = ((uint64_t)tmp << 48) | ((uint64_t)tmp << 32);
-    tmp = glue(lduw, MEMSUFFIX)(EA + 2);
+    tmp = glue(ldu16, MEMSUFFIX)(EA + 2);
     ret |= ((uint64_t)tmp << 16) | (uint64_t)tmp;
     return ret;
 }
@@ -1373,9 +1221,9 @@
 {
     uint64_t ret;
     uint16_t tmp;
-    tmp = glue(ld16r, MEMSUFFIX)(EA);
+    tmp = glue(ldu16r, MEMSUFFIX)(EA);
     ret = ((uint64_t)tmp << 48) | ((uint64_t)tmp << 32);
-    tmp = glue(ld16r, MEMSUFFIX)(EA + 2);
+    tmp = glue(ldu16r, MEMSUFFIX)(EA + 2);
     ret |= ((uint64_t)tmp << 16) | (uint64_t)tmp;
     return ret;
 }

Added: trunk/src/host/qemu-neo1973/target-ppc/op_mem_access.h
===================================================================
--- trunk/src/host/qemu-neo1973/target-ppc/op_mem_access.h	2007-11-26 19:46:49 UTC (rev 3516)
+++ trunk/src/host/qemu-neo1973/target-ppc/op_mem_access.h	2007-11-26 22:42:26 UTC (rev 3517)
@@ -0,0 +1,148 @@
+/*
+ *  PowerPC emulation memory access helpers for qemu.
+ *
+ *  Copyright (c) 2003-2007 Jocelyn Mayer
+ *
+ * This library is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public
+ * License as published by the Free Software Foundation; either
+ * version 2 of the License, or (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this library; if not, write to the Free Software
+ * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA  02111-1307  USA
+ */
+
+/* 8 bits accesses */
+static always_inline target_ulong glue(ldu8, MEMSUFFIX) (target_ulong EA)
+{
+    return (uint8_t)glue(ldub, MEMSUFFIX)(EA);
+}
+
+static always_inline target_long glue(lds8, MEMSUFFIX) (target_ulong EA)
+{
+    return (int8_t)glue(ldsb, MEMSUFFIX)(EA);
+}
+
+static always_inline void glue(st8, MEMSUFFIX) (target_ulong EA, uint8_t val)
+{
+    glue(stb, MEMSUFFIX)(EA, val);
+}
+
+/* 16 bits accesses */
+static always_inline target_ulong glue(ldu16, MEMSUFFIX) (target_ulong EA)
+{
+    return (uint16_t)glue(lduw, MEMSUFFIX)(EA);
+}
+
+static always_inline target_long glue(lds16, MEMSUFFIX) (target_ulong EA)
+{
+    return (int16_t)glue(ldsw, MEMSUFFIX)(EA);
+}
+
+static always_inline void glue(st16, MEMSUFFIX) (target_ulong EA, uint16_t val)
+{
+    glue(stw, MEMSUFFIX)(EA, val);
+}
+
+static always_inline target_ulong glue(ldu16r, MEMSUFFIX) (target_ulong EA)
+{
+    return (uint16_t)bswap16(glue(lduw, MEMSUFFIX)(EA));
+}
+
+static always_inline target_long glue(lds16r, MEMSUFFIX) (target_ulong EA)
+{
+    return (int16_t)bswap16(glue(lduw, MEMSUFFIX)(EA));
+}
+
+static always_inline void glue(st16r, MEMSUFFIX) (target_ulong EA, uint16_t val)
+{
+    glue(stw, MEMSUFFIX)(EA, bswap16(val));
+}
+
+/* 32 bits accesses */
+static always_inline uint32_t glue(__ldul, MEMSUFFIX) (target_ulong EA)
+{
+    return (uint32_t)glue(ldl, MEMSUFFIX)(EA);
+}
+
+static always_inline int32_t glue(__ldsl, MEMSUFFIX) (target_ulong EA)
+{
+    return (int32_t)glue(ldl, MEMSUFFIX)(EA);
+}
+
+static always_inline target_ulong glue(ldu32, MEMSUFFIX) (target_ulong EA)
+{
+    return glue(__ldul, MEMSUFFIX)(EA);
+}
+
+static always_inline target_long glue(lds32, MEMSUFFIX) (target_ulong EA)
+{
+    return glue(__ldsl, MEMSUFFIX)(EA);
+}
+
+static always_inline void glue(st32, MEMSUFFIX) (target_ulong EA, uint32_t val)
+{
+    glue(stl, MEMSUFFIX)(EA, val);
+}
+
+static always_inline target_ulong glue(ldu32r, MEMSUFFIX) (target_ulong EA)
+{
+    return bswap32(glue(__ldul, MEMSUFFIX)(EA));
+}
+
+static always_inline target_long glue(lds32r, MEMSUFFIX) (target_ulong EA)
+{
+    return (int32_t)bswap32(glue(__ldul, MEMSUFFIX)(EA));
+}
+
+static always_inline void glue(st32r, MEMSUFFIX) (target_ulong EA, uint32_t val)
+{
+    glue(stl, MEMSUFFIX)(EA, bswap32(val));
+}
+
+/* 64 bits accesses */
+static always_inline uint64_t glue(__lduq, MEMSUFFIX) (target_ulong EA)
+{
+    return (uint64_t)glue(ldq, MEMSUFFIX)(EA);
+}
+
+static always_inline int64_t glue(__ldsq, MEMSUFFIX) (target_ulong EA)
+{
+    return (int64_t)glue(ldq, MEMSUFFIX)(EA);
+}
+
+static always_inline uint64_t glue(ldu64, MEMSUFFIX) (target_ulong EA)
+{
+    return glue(__lduq, MEMSUFFIX)(EA);
+}
+
+static always_inline int64_t glue(lds64, MEMSUFFIX) (target_ulong EA)
+{
+    return glue(__ldsq, MEMSUFFIX)(EA);
+}
+
+static always_inline void glue(st64, MEMSUFFIX) (target_ulong EA, uint64_t val)
+{
+    glue(stq, MEMSUFFIX)(EA, val);
+}
+
+static always_inline uint64_t glue(ldu64r, MEMSUFFIX) (target_ulong EA)
+{
+    return bswap64(glue(__lduq, MEMSUFFIX)(EA));
+}
+
+static always_inline int64_t glue(lds64r, MEMSUFFIX) (target_ulong EA)
+{
+    return (int64_t)bswap64(glue(__lduq, MEMSUFFIX)(EA));
+}
+
+static always_inline void glue(st64r, MEMSUFFIX) (target_ulong EA, uint64_t val)
+{
+    glue(stq, MEMSUFFIX)(EA, bswap64(val));
+}

Modified: trunk/src/host/qemu-neo1973/target-ppc/translate.c
===================================================================
--- trunk/src/host/qemu-neo1973/target-ppc/translate.c	2007-11-26 19:46:49 UTC (rev 3516)
+++ trunk/src/host/qemu-neo1973/target-ppc/translate.c	2007-11-26 22:42:26 UTC (rev 3517)
@@ -2455,12 +2455,37 @@
 /***                    Integer load and store strings                     ***/
 #define op_ldsts(name, start) (*gen_op_##name[ctx->mem_idx])(start)
 #define op_ldstsx(name, rd, ra, rb) (*gen_op_##name[ctx->mem_idx])(rd, ra, rb)
+/* string load & stores are by definition endian-safe */
+#define gen_op_lswi_le_raw       gen_op_lswi_raw
+#define gen_op_lswi_le_user      gen_op_lswi_user
+#define gen_op_lswi_le_kernel    gen_op_lswi_kernel
+#define gen_op_lswi_le_hypv      gen_op_lswi_hypv
+#define gen_op_lswi_le_64_raw    gen_op_lswi_raw
+#define gen_op_lswi_le_64_user   gen_op_lswi_user
+#define gen_op_lswi_le_64_kernel gen_op_lswi_kernel
+#define gen_op_lswi_le_64_hypv   gen_op_lswi_hypv
 static GenOpFunc1 *gen_op_lswi[NB_MEM_FUNCS] = {
     GEN_MEM_FUNCS(lswi),
 };
+#define gen_op_lswx_le_raw       gen_op_lswx_raw
+#define gen_op_lswx_le_user      gen_op_lswx_user
+#define gen_op_lswx_le_kernel    gen_op_lswx_kernel
+#define gen_op_lswx_le_hypv      gen_op_lswx_hypv
+#define gen_op_lswx_le_64_raw    gen_op_lswx_raw
+#define gen_op_lswx_le_64_user   gen_op_lswx_user
+#define gen_op_lswx_le_64_kernel gen_op_lswx_kernel
+#define gen_op_lswx_le_64_hypv   gen_op_lswx_hypv
 static GenOpFunc3 *gen_op_lswx[NB_MEM_FUNCS] = {
     GEN_MEM_FUNCS(lswx),
 };
+#define gen_op_stsw_le_raw       gen_op_stsw_raw
+#define gen_op_stsw_le_user      gen_op_stsw_user
+#define gen_op_stsw_le_kernel    gen_op_stsw_kernel
+#define gen_op_stsw_le_hypv      gen_op_stsw_hypv
+#define gen_op_stsw_le_64_raw    gen_op_stsw_raw
+#define gen_op_stsw_le_64_user   gen_op_stsw_user
+#define gen_op_stsw_le_64_kernel gen_op_stsw_kernel
+#define gen_op_stsw_le_64_hypv   gen_op_stsw_hypv
 static GenOpFunc1 *gen_op_stsw[NB_MEM_FUNCS] = {
     GEN_MEM_FUNCS(stsw),
 };
@@ -3240,7 +3265,7 @@
              */
             if (sprn != SPR_PVR) {
                 if (loglevel != 0) {
-                    fprintf(logfile, "Trying to read privileged spr %d %03x at"
+                    fprintf(logfile, "Trying to read privileged spr %d %03x at "
                             ADDRX "\n", sprn, sprn, ctx->nip);
                 }
                 printf("Trying to read privileged spr %d %03x at " ADDRX "\n",
@@ -3716,8 +3741,6 @@
     GEN_EXCP_PRIVOPC(ctx);
 #else
     if (unlikely(!ctx->supervisor)) {
-        if (loglevel != 0)
-            fprintf(logfile, "%s: ! supervisor\n", __func__);
         GEN_EXCP_PRIVOPC(ctx);
         return;
     }
@@ -3770,8 +3793,6 @@
     GEN_EXCP_PRIVOPC(ctx);
 #else
     if (unlikely(!ctx->supervisor)) {
-        if (loglevel != 0)
-            fprintf(logfile, "%s: ! supervisor\n", __func__);
         GEN_EXCP_PRIVOPC(ctx);
         return;
     }
@@ -6035,23 +6056,15 @@
                      int (*cpu_fprintf)(FILE *f, const char *fmt, ...),
                      int flags)
 {
-#if defined(TARGET_PPC64) || 1
-#define FILL ""
 #define RGPL  4
 #define RFPL  4
-#else
-#define FILL "        "
-#define RGPL  8
-#define RFPL  4
-#endif
 
     int i;
 
     cpu_fprintf(f, "NIP " ADDRX "   LR " ADDRX " CTR " ADDRX " XER %08x\n",
                 env->nip, env->lr, env->ctr, hreg_load_xer(env));
-    cpu_fprintf(f, "MSR " REGX FILL " HID0 " REGX FILL "  HF " REGX FILL
-                " idx %d\n",
-                env->msr, env->hflags, env->spr[SPR_HID0], env->mmu_idx);
+    cpu_fprintf(f, "MSR " ADDRX " HID0 " ADDRX "  HF " ADDRX " idx %d\n",
+                env->msr, env->spr[SPR_HID0], env->hflags, env->mmu_idx);
 #if !defined(NO_TIMER_DUMP)
     cpu_fprintf(f, "TB %08x %08x "
 #if !defined(CONFIG_USER_ONLY)
@@ -6067,7 +6080,7 @@
     for (i = 0; i < 32; i++) {
         if ((i & (RGPL - 1)) == 0)
             cpu_fprintf(f, "GPR%02d", i);
-        cpu_fprintf(f, " " REGX, (target_ulong)env->gpr[i]);
+        cpu_fprintf(f, " " REGX, ppc_dump_gpr(env, i));
         if ((i & (RGPL - 1)) == (RGPL - 1))
             cpu_fprintf(f, "\n");
     }
@@ -6085,7 +6098,7 @@
             a = 'E';
         cpu_fprintf(f, " %c%c", a, env->crf[i] & 0x01 ? 'O' : ' ');
     }
-    cpu_fprintf(f, " ]             " FILL "RES " REGX "\n", env->reserve);
+    cpu_fprintf(f, " ]             RES " ADDRX "\n", env->reserve);
     for (i = 0; i < 32; i++) {
         if ((i & (RFPL - 1)) == 0)
             cpu_fprintf(f, "FPR%02d", i);
@@ -6094,13 +6107,12 @@
             cpu_fprintf(f, "\n");
     }
 #if !defined(CONFIG_USER_ONLY)
-    cpu_fprintf(f, "SRR0 " REGX " SRR1 " REGX " SDR1 " REGX "\n",
+    cpu_fprintf(f, "SRR0 " ADDRX " SRR1 " ADDRX " SDR1 " ADDRX "\n",
                 env->spr[SPR_SRR0], env->spr[SPR_SRR1], env->sdr1);
 #endif
 
 #undef RGPL
 #undef RFPL
-#undef FILL
 }
 
 void cpu_dump_statistics (CPUState *env, FILE*f,
@@ -6264,12 +6276,12 @@
         if (unlikely(handler->handler == &gen_invalid)) {
             if (loglevel != 0) {
                 fprintf(logfile, "invalid/unsupported opcode: "
-                        "%02x - %02x - %02x (%08x) 0x" ADDRX " %d\n",
+                        "%02x - %02x - %02x (%08x) " ADDRX " %d\n",
                         opc1(ctx.opcode), opc2(ctx.opcode),
                         opc3(ctx.opcode), ctx.opcode, ctx.nip - 4, (int)msr_ir);
             } else {
                 printf("invalid/unsupported opcode: "
-                       "%02x - %02x - %02x (%08x) 0x" ADDRX " %d\n",
+                       "%02x - %02x - %02x (%08x) " ADDRX " %d\n",
                        opc1(ctx.opcode), opc2(ctx.opcode),
                        opc3(ctx.opcode), ctx.opcode, ctx.nip - 4, (int)msr_ir);
             }
@@ -6277,13 +6289,13 @@
             if (unlikely((ctx.opcode & handler->inval) != 0)) {
                 if (loglevel != 0) {
                     fprintf(logfile, "invalid bits: %08x for opcode: "
-                            "%02x - %02x - %02x (%08x) 0x" ADDRX "\n",
+                            "%02x - %02x - %02x (%08x) " ADDRX "\n",
                             ctx.opcode & handler->inval, opc1(ctx.opcode),
                             opc2(ctx.opcode), opc3(ctx.opcode),
                             ctx.opcode, ctx.nip - 4);
                 } else {
                     printf("invalid bits: %08x for opcode: "
-                           "%02x - %02x - %02x (%08x) 0x" ADDRX "\n",
+                           "%02x - %02x - %02x (%08x) " ADDRX "\n",
                            ctx.opcode & handler->inval, opc1(ctx.opcode),
                            opc2(ctx.opcode), opc3(ctx.opcode),
                            ctx.opcode, ctx.nip - 4);

Modified: trunk/src/host/qemu-neo1973/target-ppc/translate_init.c
===================================================================
--- trunk/src/host/qemu-neo1973/target-ppc/translate_init.c	2007-11-26 19:46:49 UTC (rev 3516)
+++ trunk/src/host/qemu-neo1973/target-ppc/translate_init.c	2007-11-26 22:42:26 UTC (rev 3517)
@@ -764,12 +764,6 @@
                  SPR_NOACCESS, SPR_NOACCESS,
                  &spr_read_generic, &spr_write_generic,
                  0x00000000);
-    /* External access control */
-    /* XXX : not implemented */
-    spr_register(env, SPR_EAR, "EAR",
-                 SPR_NOACCESS, SPR_NOACCESS,
-                 &spr_read_generic, &spr_write_generic,
-                 0x00000000);
 }
 
 /* SPR common to all 7xx PowerPC implementations */
@@ -792,11 +786,6 @@
                  SPR_NOACCESS, SPR_NOACCESS,
                  &spr_read_generic, &spr_write_generic,
                  0x00000000);
-    /* XXX : not implemented */
-    spr_register(env, SPR_L2CR, "L2CR",
-                 SPR_NOACCESS, SPR_NOACCESS,
-                 &spr_read_generic, &spr_write_generic,
-                 0x00000000);
     /* Performance monitors */
     /* XXX : not implemented */
     spr_register(env, SPR_MMCR0, "MMCR0",
@@ -1185,6 +1174,11 @@
                  &spr_read_generic, &spr_write_generic,
                  &spr_read_generic, &spr_write_generic,
                  0x00000000);
+    /* XXX : not implemented */
+    spr_register(env, SPR_L2CR, "L2CR",
+                 SPR_NOACCESS, SPR_NOACCESS,
+                 &spr_read_generic, &spr_write_generic,
+                 0x00000000);
 }
 
 static void gen_l3_ctrl (CPUPPCState *env)
@@ -2871,6 +2865,7 @@
     env->excp_vectors[POWERPC_EXCP_TRACE]    = 0x00000D00;
     env->excp_vectors[POWERPC_EXCP_PERFM]    = 0x00000F00;
     env->excp_vectors[POWERPC_EXCP_IABR]     = 0x00001300;
+    env->excp_vectors[POWERPC_EXCP_SMI]      = 0x00001400;
     env->excp_vectors[POWERPC_EXCP_THERM]    = 0x00001700;
     env->excp_prefix = 0x00000000UL;
     /* Hardware reset vector */
@@ -2878,7 +2873,7 @@
 #endif
 }
 
-static void init_excp_750FX (CPUPPCState *env)
+static void init_excp_750cl (CPUPPCState *env)
 {
 #if !defined(CONFIG_USER_ONLY)
     env->excp_vectors[POWERPC_EXCP_RESET]    = 0x00000100;
@@ -2895,6 +2890,28 @@
     env->excp_vectors[POWERPC_EXCP_PERFM]    = 0x00000F00;
     env->excp_vectors[POWERPC_EXCP_IABR]     = 0x00001300;
     env->excp_vectors[POWERPC_EXCP_SMI]      = 0x00001400;
+    env->excp_prefix = 0x00000000UL;
+    /* Hardware reset vector */
+    env->hreset_vector = 0xFFFFFFFCUL;
+#endif
+}
+
+static void init_excp_750cx (CPUPPCState *env)
+{
+#if !defined(CONFIG_USER_ONLY)
+    env->excp_vectors[POWERPC_EXCP_RESET]    = 0x00000100;
+    env->excp_vectors[POWERPC_EXCP_MCHECK]   = 0x00000200;
+    env->excp_vectors[POWERPC_EXCP_DSI]      = 0x00000300;
+    env->excp_vectors[POWERPC_EXCP_ISI]      = 0x00000400;
+    env->excp_vectors[POWERPC_EXCP_EXTERNAL] = 0x00000500;
+    env->excp_vectors[POWERPC_EXCP_ALIGN]    = 0x00000600;
+    env->excp_vectors[POWERPC_EXCP_PROGRAM]  = 0x00000700;
+    env->excp_vectors[POWERPC_EXCP_FPU]      = 0x00000800;
+    env->excp_vectors[POWERPC_EXCP_DECR]     = 0x00000900;
+    env->excp_vectors[POWERPC_EXCP_SYSCALL]  = 0x00000C00;
+    env->excp_vectors[POWERPC_EXCP_TRACE]    = 0x00000D00;
+    env->excp_vectors[POWERPC_EXCP_PERFM]    = 0x00000F00;
+    env->excp_vectors[POWERPC_EXCP_IABR]     = 0x00001300;
     env->excp_vectors[POWERPC_EXCP_THERM]    = 0x00001700;
     env->excp_prefix = 0x00000000UL;
     /* Hardware reset vector */
@@ -2917,12 +2934,13 @@
     env->excp_vectors[POWERPC_EXCP_DECR]     = 0x00000900;
     env->excp_vectors[POWERPC_EXCP_SYSCALL]  = 0x00000C00;
     env->excp_vectors[POWERPC_EXCP_TRACE]    = 0x00000D00;
+    env->excp_vectors[POWERPC_EXCP_PERFM]    = 0x00000F00;
     env->excp_vectors[POWERPC_EXCP_IFTLB]    = 0x00001000;
     env->excp_vectors[POWERPC_EXCP_DLTLB]    = 0x00001100;
     env->excp_vectors[POWERPC_EXCP_DSTLB]    = 0x00001200;
-    env->excp_vectors[POWERPC_EXCP_PERFM]    = 0x00000F00;
     env->excp_vectors[POWERPC_EXCP_IABR]     = 0x00001300;
     env->excp_vectors[POWERPC_EXCP_SMI]      = 0x00001400;
+    env->excp_vectors[POWERPC_EXCP_THERM]    = 0x00001700;
     env->excp_prefix = 0x00000000UL;
     /* Hardware reset vector */
     env->hreset_vector = 0xFFFFFFFCUL;
@@ -3196,10 +3214,6 @@
     env->icache_line_size = 32;
     /* Allocate hardware IRQ controller */
     ppc40x_irq_init(env);
-#if !defined(CONFIG_USER_ONLY)
-    /* Hardware reset vector */
-    env->hreset_vector = 0xFFFFFFFCUL;
-#endif
 }
 
 /* PowerPC 403 GCX                                                           */
@@ -3834,6 +3848,12 @@
     gen_spr_G2(env);
     /* Time base */
     gen_tbl(env);
+    /* External access control */
+    /* XXX : not implemented */
+    spr_register(env, SPR_EAR, "EAR",
+                 SPR_NOACCESS, SPR_NOACCESS,
+                 &spr_read_generic, &spr_write_generic,
+                 0x00000000);
     /* Hardware implementation register */
     /* XXX : not implemented */
     spr_register(env, SPR_HID0, "HID0",
@@ -3885,6 +3905,12 @@
     gen_spr_G2(env);
     /* Time base */
     gen_tbl(env);
+    /* External access control */
+    /* XXX : not implemented */
+    spr_register(env, SPR_EAR, "EAR",
+                 SPR_NOACCESS, SPR_NOACCESS,
+                 &spr_read_generic, &spr_write_generic,
+                 0x00000000);
     /* Hardware implementation register */
     /* XXX : not implemented */
     spr_register(env, SPR_HID0, "HID0",
@@ -4529,25 +4555,24 @@
     ppc6xx_irq_init(env);
 }
 
-/* PowerPC 740/750 (aka G3)                                                  */
-#define POWERPC_INSNS_7x0    (PPC_INSNS_BASE | PPC_STRING | PPC_MFTB |        \
+/* PowerPC 740                                                               */
+#define POWERPC_INSNS_740    (PPC_INSNS_BASE | PPC_STRING | PPC_MFTB |        \
                               PPC_FLOAT | PPC_FLOAT_FSEL | PPC_FLOAT_FRES |   \
-                              PPC_FLOAT_FSQRT | PPC_FLOAT_FRSQRTE |           \
-                              PPC_FLOAT_STFIWX |                              \
+                              PPC_FLOAT_FRSQRTE | PPC_FLOAT_STFIWX |          \
                               PPC_CACHE | PPC_CACHE_ICBI | PPC_CACHE_DCBZ |   \
                               PPC_MEM_SYNC | PPC_MEM_EIEIO |                  \
                               PPC_MEM_TLBIE | PPC_MEM_TLBSYNC |               \
                               PPC_SEGMENT | PPC_EXTERN)
-#define POWERPC_MSRM_7x0     (0x000000000005FF77ULL)
-#define POWERPC_MMU_7x0      (POWERPC_MMU_32B)
-//#define POWERPC_EXCP_7x0     (POWERPC_EXCP_7x0)
-#define POWERPC_INPUT_7x0    (PPC_FLAGS_INPUT_6xx)
-#define POWERPC_BFDM_7x0     (bfd_mach_ppc_750)
-#define POWERPC_FLAG_7x0     (POWERPC_FLAG_SE | POWERPC_FLAG_BE |             \
+#define POWERPC_MSRM_740     (0x000000000005FF77ULL)
+#define POWERPC_MMU_740      (POWERPC_MMU_32B)
+#define POWERPC_EXCP_740     (POWERPC_EXCP_7x0)
+#define POWERPC_INPUT_740    (PPC_FLAGS_INPUT_6xx)
+#define POWERPC_BFDM_740     (bfd_mach_ppc_750)
+#define POWERPC_FLAG_740     (POWERPC_FLAG_SE | POWERPC_FLAG_BE |             \
                               POWERPC_FLAG_PMM | POWERPC_FLAG_BUS_CLK)
-#define check_pow_7x0        check_pow_hid0
+#define check_pow_740        check_pow_hid0
 
-static void init_proc_7x0 (CPUPPCState *env)
+static void init_proc_740 (CPUPPCState *env)
 {
     gen_spr_ne_601(env);
     gen_spr_7xx(env);
@@ -4575,11 +4600,296 @@
     ppc6xx_irq_init(env);
 }
 
-/* PowerPC 750FX/GX                                                          */
+/* PowerPC 750                                                               */
+#define POWERPC_INSNS_750    (PPC_INSNS_BASE | PPC_STRING | PPC_MFTB |        \
+                              PPC_FLOAT | PPC_FLOAT_FSEL | PPC_FLOAT_FRES |   \
+                              PPC_FLOAT_FRSQRTE | PPC_FLOAT_STFIWX |          \
+                              PPC_CACHE | PPC_CACHE_ICBI | PPC_CACHE_DCBZ |   \
+                              PPC_MEM_SYNC | PPC_MEM_EIEIO |                  \
+                              PPC_MEM_TLBIE | PPC_MEM_TLBSYNC |               \
+                              PPC_SEGMENT | PPC_EXTERN)
+#define POWERPC_MSRM_750     (0x000000000005FF77ULL)
+#define POWERPC_MMU_750      (POWERPC_MMU_32B)
+#define POWERPC_EXCP_750     (POWERPC_EXCP_7x0)
+#define POWERPC_INPUT_750    (PPC_FLAGS_INPUT_6xx)
+#define POWERPC_BFDM_750     (bfd_mach_ppc_750)
+#define POWERPC_FLAG_750     (POWERPC_FLAG_SE | POWERPC_FLAG_BE |             \
+                              POWERPC_FLAG_PMM | POWERPC_FLAG_BUS_CLK)
+#define check_pow_750        check_pow_hid0
+
+static void init_proc_750 (CPUPPCState *env)
+{
+    gen_spr_ne_601(env);
+    gen_spr_7xx(env);
+    /* XXX : not implemented */
+    spr_register(env, SPR_L2CR, "L2CR",
+                 SPR_NOACCESS, SPR_NOACCESS,
+                 &spr_read_generic, &spr_write_generic,
+                 0x00000000);
+    /* Time base */
+    gen_tbl(env);
+    /* Thermal management */
+    gen_spr_thrm(env);
+    /* Hardware implementation registers */
+    /* XXX : not implemented */
+    spr_register(env, SPR_HID0, "HID0",
+                 SPR_NOACCESS, SPR_NOACCESS,
+                 &spr_read_generic, &spr_write_generic,
+                 0x00000000);
+    /* XXX : not implemented */
+    spr_register(env, SPR_HID1, "HID1",
+                 SPR_NOACCESS, SPR_NOACCESS,
+                 &spr_read_generic, &spr_write_generic,
+                 0x00000000);
+    /* Memory management */
+    gen_low_BATs(env);
+    /* XXX: high BATs are also present but are known to be bugged on
+     *      die version 1.x
+     */
+    init_excp_7x0(env);
+    env->dcache_line_size = 32;
+    env->icache_line_size = 32;
+    /* Allocate hardware IRQ controller */
+    ppc6xx_irq_init(env);
+}
+
+/* PowerPC 750 CL                                                            */
+/* XXX: not implemented:
+ * cache lock instructions:
+ * dcbz_l
+ * floating point paired instructions
+ * psq_lux
+ * psq_lx
+ * psq_stux
+ * psq_stx
+ * ps_abs
+ * ps_add
+ * ps_cmpo0
+ * ps_cmpo1
+ * ps_cmpu0
+ * ps_cmpu1
+ * ps_div
+ * ps_madd
+ * ps_madds0
+ * ps_madds1
+ * ps_merge00
+ * ps_merge01
+ * ps_merge10
+ * ps_merge11
+ * ps_mr
+ * ps_msub
+ * ps_mul
+ * ps_muls0
+ * ps_muls1
+ * ps_nabs
+ * ps_neg
+ * ps_nmadd
+ * ps_nmsub
+ * ps_res
+ * ps_rsqrte
+ * ps_sel
+ * ps_sub
+ * ps_sum0
+ * ps_sum1
+ */
+#define POWERPC_INSNS_750cl  (PPC_INSNS_BASE | PPC_STRING | PPC_MFTB |        \
+                              PPC_FLOAT | PPC_FLOAT_FSEL | PPC_FLOAT_FRES |   \
+                              PPC_FLOAT_FRSQRTE | PPC_FLOAT_STFIWX |          \
+                              PPC_CACHE | PPC_CACHE_ICBI | PPC_CACHE_DCBZ |   \
+                              PPC_MEM_SYNC | PPC_MEM_EIEIO |                  \
+                              PPC_MEM_TLBIE | PPC_MEM_TLBSYNC |               \
+                              PPC_SEGMENT | PPC_EXTERN)
+#define POWERPC_MSRM_750cl   (0x000000000005FF77ULL)
+#define POWERPC_MMU_750cl    (POWERPC_MMU_32B)
+#define POWERPC_EXCP_750cl   (POWERPC_EXCP_7x0)
+#define POWERPC_INPUT_750cl  (PPC_FLAGS_INPUT_6xx)
+#define POWERPC_BFDM_750cl   (bfd_mach_ppc_750)
+#define POWERPC_FLAG_750cl   (POWERPC_FLAG_SE | POWERPC_FLAG_BE |             \
+                              POWERPC_FLAG_PMM | POWERPC_FLAG_BUS_CLK)
+#define check_pow_750cl      check_pow_hid0
+
+static void init_proc_750cl (CPUPPCState *env)
+{
+    gen_spr_ne_601(env);
+    gen_spr_7xx(env);
+    /* XXX : not implemented */
+    spr_register(env, SPR_L2CR, "L2CR",
+                 SPR_NOACCESS, SPR_NOACCESS,
+                 &spr_read_generic, &spr_write_generic,
+                 0x00000000);
+    /* Time base */
+    gen_tbl(env);
+    /* Thermal management */
+    /* Those registers are fake on 750CL */
+    spr_register(env, SPR_THRM1, "THRM1",
+                 SPR_NOACCESS, SPR_NOACCESS,
+                 &spr_read_generic, &spr_write_generic,
+                 0x00000000);
+    spr_register(env, SPR_THRM2, "THRM2",
+                 SPR_NOACCESS, SPR_NOACCESS,
+                 &spr_read_generic, &spr_write_generic,
+                 0x00000000);
+    spr_register(env, SPR_THRM3, "THRM3",
+                 SPR_NOACCESS, SPR_NOACCESS,
+                 &spr_read_generic, &spr_write_generic,
+                 0x00000000);
+    /* XXX: not implemented */
+    spr_register(env, SPR_750_TDCL, "TDCL",
+                 SPR_NOACCESS, SPR_NOACCESS,
+                 &spr_read_generic, &spr_write_generic,
+                 0x00000000);
+    spr_register(env, SPR_750_TDCH, "TDCH",
+                 SPR_NOACCESS, SPR_NOACCESS,
+                 &spr_read_generic, &spr_write_generic,
+                 0x00000000);
+    /* DMA */
+    /* XXX : not implemented */
+    spr_register(env, SPR_750_WPAR, "WPAR",
+                 SPR_NOACCESS, SPR_NOACCESS,
+                 &spr_read_generic, &spr_write_generic,
+                 0x00000000);
+    spr_register(env, SPR_750_DMAL, "DMAL",
+                 SPR_NOACCESS, SPR_NOACCESS,
+                 &spr_read_generic, &spr_write_generic,
+                 0x00000000);
+    spr_register(env, SPR_750_DMAU, "DMAU",
+                 SPR_NOACCESS, SPR_NOACCESS,
+                 &spr_read_generic, &spr_write_generic,
+                 0x00000000);
+    /* Hardware implementation registers */
+    /* XXX : not implemented */
+    spr_register(env, SPR_HID0, "HID0",
+                 SPR_NOACCESS, SPR_NOACCESS,
+                 &spr_read_generic, &spr_write_generic,
+                 0x00000000);
+    /* XXX : not implemented */
+    spr_register(env, SPR_HID1, "HID1",
+                 SPR_NOACCESS, SPR_NOACCESS,
+                 &spr_read_generic, &spr_write_generic,
+                 0x00000000);
+    /* XXX : not implemented */
+    spr_register(env, SPR_750CL_HID2, "HID2",
+                 SPR_NOACCESS, SPR_NOACCESS,
+                 &spr_read_generic, &spr_write_generic,
+                 0x00000000);
+    /* XXX : not implemented */
+    spr_register(env, SPR_750CL_HID4, "HID4",
+                 SPR_NOACCESS, SPR_NOACCESS,
+                 &spr_read_generic, &spr_write_generic,
+                 0x00000000);
+    /* Quantization registers */
+    /* XXX : not implemented */
+    spr_register(env, SPR_750_GQR0, "GQR0",
+                 SPR_NOACCESS, SPR_NOACCESS,
+                 &spr_read_generic, &spr_write_generic,
+                 0x00000000);
+    /* XXX : not implemented */
+    spr_register(env, SPR_750_GQR1, "GQR1",
+                 SPR_NOACCESS, SPR_NOACCESS,
+                 &spr_read_generic, &spr_write_generic,
+                 0x00000000);
+    /* XXX : not implemented */
+    spr_register(env, SPR_750_GQR2, "GQR2",
+                 SPR_NOACCESS, SPR_NOACCESS,
+                 &spr_read_generic, &spr_write_generic,
+                 0x00000000);
+    /* XXX : not implemented */
+    spr_register(env, SPR_750_GQR3, "GQR3",
+                 SPR_NOACCESS, SPR_NOACCESS,
+                 &spr_read_generic, &spr_write_generic,
+                 0x00000000);
+    /* XXX : not implemented */
+    spr_register(env, SPR_750_GQR4, "GQR4",
+                 SPR_NOACCESS, SPR_NOACCESS,
+                 &spr_read_generic, &spr_write_generic,
+                 0x00000000);
+    /* XXX : not implemented */
+    spr_register(env, SPR_750_GQR5, "GQR5",
+                 SPR_NOACCESS, SPR_NOACCESS,
+                 &spr_read_generic, &spr_write_generic,
+                 0x00000000);
+    /* XXX : not implemented */
+    spr_register(env, SPR_750_GQR6, "GQR6",
+                 SPR_NOACCESS, SPR_NOACCESS,
+                 &spr_read_generic, &spr_write_generic,
+                 0x00000000);
+    /* XXX : not implemented */
+    spr_register(env, SPR_750_GQR7, "GQR7",
+                 SPR_NOACCESS, SPR_NOACCESS,
+                 &spr_read_generic, &spr_write_generic,
+                 0x00000000);
+    /* Memory management */
+    gen_low_BATs(env);
+    /* PowerPC 750cl has 8 DBATs and 8 IBATs */
+    gen_high_BATs(env);
+    init_excp_750cl(env);
+    env->dcache_line_size = 32;
+    env->icache_line_size = 32;
+    /* Allocate hardware IRQ controller */
+    ppc6xx_irq_init(env);
+}
+
+#define POWERPC_INSNS_750cx  (PPC_INSNS_BASE | PPC_STRING | PPC_MFTB |        \
+                              PPC_FLOAT | PPC_FLOAT_FSEL | PPC_FLOAT_FRES |   \
+                              PPC_FLOAT_FRSQRTE | PPC_FLOAT_STFIWX |          \
+                              PPC_CACHE | PPC_CACHE_ICBI | PPC_CACHE_DCBZ |   \
+                              PPC_MEM_SYNC | PPC_MEM_EIEIO |                  \
+                              PPC_MEM_TLBIE | PPC_MEM_TLBSYNC |               \
+                              PPC_SEGMENT | PPC_EXTERN)
+#define POWERPC_MSRM_750cx   (0x000000000005FF77ULL)
+#define POWERPC_MMU_750cx    (POWERPC_MMU_32B)
+#define POWERPC_EXCP_750cx   (POWERPC_EXCP_7x0)
+#define POWERPC_INPUT_750cx  (PPC_FLAGS_INPUT_6xx)
+#define POWERPC_BFDM_750cx   (bfd_mach_ppc_750)
+#define POWERPC_FLAG_750cx   (POWERPC_FLAG_SE | POWERPC_FLAG_BE |             \
+                              POWERPC_FLAG_PMM | POWERPC_FLAG_BUS_CLK)
+#define check_pow_750cx      check_pow_hid0
+
+static void init_proc_750cx (CPUPPCState *env)
+{
+    gen_spr_ne_601(env);
+    gen_spr_7xx(env);
+    /* XXX : not implemented */
+    spr_register(env, SPR_L2CR, "L2CR",
+                 SPR_NOACCESS, SPR_NOACCESS,
+                 &spr_read_generic, &spr_write_generic,
+                 0x00000000);
+    /* Time base */
+    gen_tbl(env);
+    /* Thermal management */
+    gen_spr_thrm(env);
+    /* This register is not implemented but is present for compatibility */
+    spr_register(env, SPR_SDA, "SDA",
+                 SPR_NOACCESS, SPR_NOACCESS,
+                 &spr_read_generic, &spr_write_generic,
+                 0x00000000);
+    /* Hardware implementation registers */
+    /* XXX : not implemented */
+    spr_register(env, SPR_HID0, "HID0",
+                 SPR_NOACCESS, SPR_NOACCESS,
+                 &spr_read_generic, &spr_write_generic,
+                 0x00000000);
+    /* XXX : not implemented */
+    spr_register(env, SPR_HID1, "HID1",
+                 SPR_NOACCESS, SPR_NOACCESS,
+                 &spr_read_generic, &spr_write_generic,
+                 0x00000000);
+    /* Memory management */
+    gen_low_BATs(env);
+    /* XXX: high BATs are also present but are known to be bugged on
+     *      die version 1.x
+     */
+    init_excp_750cx(env);
+    env->dcache_line_size = 32;
+    env->icache_line_size = 32;
+    /* Allocate hardware IRQ controller */
+    ppc6xx_irq_init(env);
+}
+
+/* PowerPC 750FX                                                             */
 #define POWERPC_INSNS_750fx  (PPC_INSNS_BASE | PPC_STRING | PPC_MFTB |        \
                               PPC_FLOAT | PPC_FLOAT_FSEL | PPC_FLOAT_FRES |   \
-                              PPC_FLOAT_FSQRT | PPC_FLOAT_FRSQRTE |           \
-                              PPC_FLOAT_STFIWX |                              \
+                              PPC_FLOAT_FRSQRTE | PPC_FLOAT_STFIWX |          \
                               PPC_CACHE | PPC_CACHE_ICBI | PPC_CACHE_DCBZ |   \
                               PPC_MEM_SYNC | PPC_MEM_EIEIO |                  \
                               PPC_MEM_TLBIE | PPC_MEM_TLBSYNC |               \
@@ -4597,10 +4907,20 @@
 {
     gen_spr_ne_601(env);
     gen_spr_7xx(env);
+    /* XXX : not implemented */
+    spr_register(env, SPR_L2CR, "L2CR",
+                 SPR_NOACCESS, SPR_NOACCESS,
+                 &spr_read_generic, &spr_write_generic,
+                 0x00000000);
     /* Time base */
     gen_tbl(env);
     /* Thermal management */
     gen_spr_thrm(env);
+    /* XXX : not implemented */
+    spr_register(env, SPR_750_THRM4, "THRM4",
+                 SPR_NOACCESS, SPR_NOACCESS,
+                 &spr_read_generic, &spr_write_generic,
+                 0x00000000);
     /* Hardware implementation registers */
     /* XXX : not implemented */
     spr_register(env, SPR_HID0, "HID0",
@@ -4613,7 +4933,7 @@
                  &spr_read_generic, &spr_write_generic,
                  0x00000000);
     /* XXX : not implemented */
-    spr_register(env, SPR_750_HID2, "HID2",
+    spr_register(env, SPR_750FX_HID2, "HID2",
                  SPR_NOACCESS, SPR_NOACCESS,
                  &spr_read_generic, &spr_write_generic,
                  0x00000000);
@@ -4621,40 +4941,155 @@
     gen_low_BATs(env);
     /* PowerPC 750fx & 750gx has 8 DBATs and 8 IBATs */
     gen_high_BATs(env);
-    init_excp_750FX(env);
+    init_excp_7x0(env);
     env->dcache_line_size = 32;
     env->icache_line_size = 32;
     /* Allocate hardware IRQ controller */
     ppc6xx_irq_init(env);
 }
 
-/* PowerPC 745/755                                                           */
-#define POWERPC_INSNS_7x5    (PPC_INSNS_BASE | PPC_STRING | PPC_MFTB |        \
+/* PowerPC 750GX                                                             */
+#define POWERPC_INSNS_750gx  (PPC_INSNS_BASE | PPC_STRING | PPC_MFTB |        \
                               PPC_FLOAT | PPC_FLOAT_FSEL | PPC_FLOAT_FRES |   \
-                              PPC_FLOAT_FSQRT | PPC_FLOAT_FRSQRTE |           \
-                              PPC_FLOAT_STFIWX |                              \
+                              PPC_FLOAT_FRSQRTE | PPC_FLOAT_STFIWX |          \
                               PPC_CACHE | PPC_CACHE_ICBI | PPC_CACHE_DCBZ |   \
                               PPC_MEM_SYNC | PPC_MEM_EIEIO |                  \
+                              PPC_MEM_TLBIE | PPC_MEM_TLBSYNC |               \
+                              PPC_SEGMENT  | PPC_EXTERN)
+#define POWERPC_MSRM_750gx   (0x000000000005FF77ULL)
+#define POWERPC_MMU_750gx    (POWERPC_MMU_32B)
+#define POWERPC_EXCP_750gx   (POWERPC_EXCP_7x0)
+#define POWERPC_INPUT_750gx  (PPC_FLAGS_INPUT_6xx)
+#define POWERPC_BFDM_750gx   (bfd_mach_ppc_750)
+#define POWERPC_FLAG_750gx   (POWERPC_FLAG_SE | POWERPC_FLAG_BE |             \
+                              POWERPC_FLAG_PMM | POWERPC_FLAG_BUS_CLK)
+#define check_pow_750gx      check_pow_hid0
+
+static void init_proc_750gx (CPUPPCState *env)
+{
+    gen_spr_ne_601(env);
+    gen_spr_7xx(env);
+    /* XXX : not implemented (XXX: different from 750fx) */
+    spr_register(env, SPR_L2CR, "L2CR",
+                 SPR_NOACCESS, SPR_NOACCESS,
+                 &spr_read_generic, &spr_write_generic,
+                 0x00000000);
+    /* Time base */
+    gen_tbl(env);
+    /* Thermal management */
+    gen_spr_thrm(env);
+    /* XXX : not implemented */
+    spr_register(env, SPR_750_THRM4, "THRM4",
+                 SPR_NOACCESS, SPR_NOACCESS,
+                 &spr_read_generic, &spr_write_generic,
+                 0x00000000);
+    /* Hardware implementation registers */
+    /* XXX : not implemented (XXX: different from 750fx) */
+    spr_register(env, SPR_HID0, "HID0",
+                 SPR_NOACCESS, SPR_NOACCESS,
+                 &spr_read_generic, &spr_write_generic,
+                 0x00000000);
+    /* XXX : not implemented */
+    spr_register(env, SPR_HID1, "HID1",
+                 SPR_NOACCESS, SPR_NOACCESS,
+                 &spr_read_generic, &spr_write_generic,
+                 0x00000000);
+    /* XXX : not implemented (XXX: different from 750fx) */
+    spr_register(env, SPR_750FX_HID2, "HID2",
+                 SPR_NOACCESS, SPR_NOACCESS,
+                 &spr_read_generic, &spr_write_generic,
+                 0x00000000);
+    /* Memory management */
+    gen_low_BATs(env);
+    /* PowerPC 750fx & 750gx has 8 DBATs and 8 IBATs */
+    gen_high_BATs(env);
+    init_excp_7x0(env);
+    env->dcache_line_size = 32;
+    env->icache_line_size = 32;
+    /* Allocate hardware IRQ controller */
+    ppc6xx_irq_init(env);
+}
+
+/* PowerPC 745                                                               */
+#define POWERPC_INSNS_745    (PPC_INSNS_BASE | PPC_STRING | PPC_MFTB |        \
+                              PPC_FLOAT | PPC_FLOAT_FSEL | PPC_FLOAT_FRES |   \
+                              PPC_FLOAT_FRSQRTE | PPC_FLOAT_STFIWX |          \
+                              PPC_CACHE | PPC_CACHE_ICBI | PPC_CACHE_DCBZ |   \
+                              PPC_MEM_SYNC | PPC_MEM_EIEIO |                  \
                               PPC_MEM_TLBIE | PPC_MEM_TLBSYNC | PPC_6xx_TLB | \
                               PPC_SEGMENT | PPC_EXTERN)
-#define POWERPC_MSRM_7x5     (0x000000000005FF77ULL)
-#define POWERPC_MMU_7x5      (POWERPC_MMU_SOFT_6xx)
-//#define POWERPC_EXCP_7x5     (POWERPC_EXCP_7x5)
-#define POWERPC_INPUT_7x5    (PPC_FLAGS_INPUT_6xx)
-#define POWERPC_BFDM_7x5     (bfd_mach_ppc_750)
-#define POWERPC_FLAG_7x5     (POWERPC_FLAG_SE | POWERPC_FLAG_BE |             \
+#define POWERPC_MSRM_745     (0x000000000005FF77ULL)
+#define POWERPC_MMU_745      (POWERPC_MMU_SOFT_6xx)
+#define POWERPC_EXCP_745     (POWERPC_EXCP_7x5)
+#define POWERPC_INPUT_745    (PPC_FLAGS_INPUT_6xx)
+#define POWERPC_BFDM_745     (bfd_mach_ppc_750)
+#define POWERPC_FLAG_745     (POWERPC_FLAG_SE | POWERPC_FLAG_BE |             \
                               POWERPC_FLAG_PMM | POWERPC_FLAG_BUS_CLK)
-#define check_pow_7x5        check_pow_hid0
+#define check_pow_745        check_pow_hid0
 
-static void init_proc_7x5 (CPUPPCState *env)
+static void init_proc_745 (CPUPPCState *env)
 {
     gen_spr_ne_601(env);
+    gen_spr_7xx(env);
     gen_spr_G2_755(env);
     /* Time base */
     gen_tbl(env);
+    /* Thermal management */
+    gen_spr_thrm(env);
+    /* Hardware implementation registers */
+    /* XXX : not implemented */
+    spr_register(env, SPR_HID0, "HID0",
+                 SPR_NOACCESS, SPR_NOACCESS,
+                 &spr_read_generic, &spr_write_generic,
+                 0x00000000);
+    /* XXX : not implemented */
+    spr_register(env, SPR_HID1, "HID1",
+                 SPR_NOACCESS, SPR_NOACCESS,
+                 &spr_read_generic, &spr_write_generic,
+                 0x00000000);
+    /* XXX : not implemented */
+    spr_register(env, SPR_HID2, "HID2",
+                 SPR_NOACCESS, SPR_NOACCESS,
+                 &spr_read_generic, &spr_write_generic,
+                 0x00000000);
+    /* Memory management */
+    gen_low_BATs(env);
+    gen_high_BATs(env);
+    gen_6xx_7xx_soft_tlb(env, 64, 2);
+    init_excp_7x5(env);
+    env->dcache_line_size = 32;
+    env->icache_line_size = 32;
+    /* Allocate hardware IRQ controller */
+    ppc6xx_irq_init(env);
+}
+
+/* PowerPC 755                                                               */
+#define POWERPC_INSNS_755    (PPC_INSNS_BASE | PPC_STRING | PPC_MFTB |        \
+                              PPC_FLOAT | PPC_FLOAT_FSEL | PPC_FLOAT_FRES |   \
+                              PPC_FLOAT_FRSQRTE | PPC_FLOAT_STFIWX |          \
+                              PPC_CACHE | PPC_CACHE_ICBI | PPC_CACHE_DCBZ |   \
+                              PPC_MEM_SYNC | PPC_MEM_EIEIO |                  \
+                              PPC_MEM_TLBIE | PPC_MEM_TLBSYNC | PPC_6xx_TLB | \
+                              PPC_SEGMENT | PPC_EXTERN)
+#define POWERPC_MSRM_755     (0x000000000005FF77ULL)
+#define POWERPC_MMU_755      (POWERPC_MMU_SOFT_6xx)
+#define POWERPC_EXCP_755     (POWERPC_EXCP_7x5)
+#define POWERPC_INPUT_755    (PPC_FLAGS_INPUT_6xx)
+#define POWERPC_BFDM_755     (bfd_mach_ppc_750)
+#define POWERPC_FLAG_755     (POWERPC_FLAG_SE | POWERPC_FLAG_BE |             \
+                              POWERPC_FLAG_PMM | POWERPC_FLAG_BUS_CLK)
+#define check_pow_755        check_pow_hid0
+
+static void init_proc_755 (CPUPPCState *env)
+{
+    gen_spr_ne_601(env);
+    gen_spr_7xx(env);
+    gen_spr_G2_755(env);
+    /* Time base */
+    gen_tbl(env);
     /* L2 cache control */
     /* XXX : not implemented */
-    spr_register(env, SPR_ICTC, "ICTC",
+    spr_register(env, SPR_L2CR, "L2CR",
                  SPR_NOACCESS, SPR_NOACCESS,
                  &spr_read_generic, &spr_write_generic,
                  0x00000000);
@@ -4663,6 +5098,8 @@
                  SPR_NOACCESS, SPR_NOACCESS,
                  &spr_read_generic, &spr_write_generic,
                  0x00000000);
+    /* Thermal management */
+    gen_spr_thrm(env);
     /* Hardware implementation registers */
     /* XXX : not implemented */
     spr_register(env, SPR_HID0, "HID0",
@@ -4688,10 +5125,6 @@
     env->icache_line_size = 32;
     /* Allocate hardware IRQ controller */
     ppc6xx_irq_init(env);
-#if !defined(CONFIG_USER_ONLY)
-    /* Hardware reset vector */
-    env->hreset_vector = 0xFFFFFFFCUL;
-#endif
 }
 
 /* PowerPC 7400 (aka G4)                                                     */
@@ -5232,7 +5665,7 @@
                  &spr_read_generic, &spr_write_generic,
                  0x00000000);
     /* XXX : not implemented */
-    spr_register(env, SPR_750_HID2, "HID2",
+    spr_register(env, SPR_750FX_HID2, "HID2",
                  SPR_NOACCESS, SPR_NOACCESS,
                  &spr_read_generic, &spr_write_generic,
                  0x00000000);
@@ -5241,6 +5674,11 @@
                  SPR_NOACCESS, SPR_NOACCESS,
                  &spr_read_generic, &spr_write_generic,
                  POWERPC970_HID5_INIT);
+    /* XXX : not implemented */
+    spr_register(env, SPR_L2CR, "L2CR",
+                 SPR_NOACCESS, SPR_NOACCESS,
+                 &spr_read_generic, &spr_write_generic,
+                 0x00000000);
     /* Memory management */
     /* XXX: not correct */
     gen_low_BATs(env);
@@ -5313,7 +5751,7 @@
                  &spr_read_generic, &spr_write_generic,
                  0x00000000);
     /* XXX : not implemented */
-    spr_register(env, SPR_750_HID2, "HID2",
+    spr_register(env, SPR_750FX_HID2, "HID2",
                  SPR_NOACCESS, SPR_NOACCESS,
                  &spr_read_generic, &spr_write_generic,
                  0x00000000);
@@ -5322,6 +5760,11 @@
                  SPR_NOACCESS, SPR_NOACCESS,
                  &spr_read_generic, &spr_write_generic,
                  POWERPC970_HID5_INIT);
+    /* XXX : not implemented */
+    spr_register(env, SPR_L2CR, "L2CR",
+                 SPR_NOACCESS, SPR_NOACCESS,
+                 &spr_read_generic, &spr_write_generic,
+                 0x00000000);
     /* Memory management */
     /* XXX: not correct */
     gen_low_BATs(env);
@@ -5394,7 +5837,7 @@
                  &spr_read_generic, &spr_write_generic,
                  0x00000000);
     /* XXX : not implemented */
-    spr_register(env, SPR_750_HID2, "HID2",
+    spr_register(env, SPR_750FX_HID2, "HID2",
                  SPR_NOACCESS, SPR_NOACCESS,
                  &spr_read_generic, &spr_write_generic,
                  0x00000000);
@@ -5403,6 +5846,11 @@
                  SPR_NOACCESS, SPR_NOACCESS,
                  &spr_read_generic, &spr_write_generic,
                  POWERPC970_HID5_INIT);
+    /* XXX : not implemented */
+    spr_register(env, SPR_L2CR, "L2CR",
+                 SPR_NOACCESS, SPR_NOACCESS,
+                 &spr_read_generic, &spr_write_generic,
+                 0x00000000);
     /* Memory management */
     /* XXX: not correct */
     gen_low_BATs(env);
@@ -5475,7 +5923,7 @@
                  &spr_read_generic, &spr_write_generic,
                  0x00000000);
     /* XXX : not implemented */
-    spr_register(env, SPR_750_HID2, "HID2",
+    spr_register(env, SPR_750FX_HID2, "HID2",
                  SPR_NOACCESS, SPR_NOACCESS,
                  &spr_read_generic, &spr_write_generic,
                  0x00000000);
@@ -5484,6 +5932,11 @@
                  SPR_NOACCESS, SPR_NOACCESS,
                  &spr_read_generic, &spr_write_generic,
                  POWERPC970_HID5_INIT);
+    /* XXX : not implemented */
+    spr_register(env, SPR_L2CR, "L2CR",
+                 SPR_NOACCESS, SPR_NOACCESS,
+                 &spr_read_generic, &spr_write_generic,
+                 0x00000000);
     /* Memory management */
     /* XXX: not correct */
     gen_low_BATs(env);
@@ -6092,6 +6545,7 @@
 #define CPU_POWERPC_601              CPU_POWERPC_601_v2
     CPU_POWERPC_601_v0             = 0x00010001,
     CPU_POWERPC_601_v1             = 0x00010001,
+#define CPU_POWERPC_601v             CPU_POWERPC_601_v2
     CPU_POWERPC_601_v2             = 0x00010002,
     CPU_POWERPC_602                = 0x00050100,
     CPU_POWERPC_603                = 0x00030100,
@@ -6129,16 +6583,22 @@
     /* PowerPC 740/750 cores (aka G3) */
     /* XXX: missing 0x00084202 */
 #define CPU_POWERPC_7x0              CPU_POWERPC_7x0_v31
+    CPU_POWERPC_7x0_v10            = 0x00080100,
     CPU_POWERPC_7x0_v20            = 0x00080200,
     CPU_POWERPC_7x0_v21            = 0x00080201,
     CPU_POWERPC_7x0_v22            = 0x00080202,
     CPU_POWERPC_7x0_v30            = 0x00080300,
     CPU_POWERPC_7x0_v31            = 0x00080301,
     CPU_POWERPC_740E               = 0x00080100,
+    CPU_POWERPC_750E               = 0x00080200,
     CPU_POWERPC_7x0P               = 0x10080000,
     /* XXX: missing 0x00087010 (CL ?) */
-    CPU_POWERPC_750CL              = 0x00087200,
+#define CPU_POWERPC_750CL            CPU_POWERPC_750CL_v20
+    CPU_POWERPC_750CL_v10          = 0x00087200,
+    CPU_POWERPC_750CL_v20          = 0x00087210, /* aka rev E */
 #define CPU_POWERPC_750CX            CPU_POWERPC_750CX_v22
+    CPU_POWERPC_750CX_v10          = 0x00082100,
+    CPU_POWERPC_750CX_v20          = 0x00082200,
     CPU_POWERPC_750CX_v21          = 0x00082201,
     CPU_POWERPC_750CX_v22          = 0x00082202,
 #define CPU_POWERPC_750CXE           CPU_POWERPC_750CXE_v31b
@@ -6147,11 +6607,11 @@
     CPU_POWERPC_750CXE_v23         = 0x00082213,
     CPU_POWERPC_750CXE_v24         = 0x00082214,
     CPU_POWERPC_750CXE_v24b        = 0x00083214,
-    CPU_POWERPC_750CXE_v31         = 0x00083211,
+    CPU_POWERPC_750CXE_v30         = 0x00082310,
+    CPU_POWERPC_750CXE_v31         = 0x00082311,
     CPU_POWERPC_750CXE_v31b        = 0x00083311,
     CPU_POWERPC_750CXR             = 0x00083410,
-    CPU_POWERPC_750E               = 0x00080200,
-    CPU_POWERPC_750FL              = 0x700A0203,
+    CPU_POWERPC_750FL              = 0x70000203,
 #define CPU_POWERPC_750FX            CPU_POWERPC_750FX_v23
     CPU_POWERPC_750FX_v10          = 0x70000100,
     CPU_POWERPC_750FX_v20          = 0x70000200,
@@ -6164,6 +6624,8 @@
     CPU_POWERPC_750GX_v11          = 0x70020101,
     CPU_POWERPC_750GX_v12          = 0x70020102,
 #define CPU_POWERPC_750L             CPU_POWERPC_750L_v32 /* Aka LoneStar */
+    CPU_POWERPC_750L_v20           = 0x00088200,
+    CPU_POWERPC_750L_v21           = 0x00088201,
     CPU_POWERPC_750L_v22           = 0x00088202,
     CPU_POWERPC_750L_v30           = 0x00088300,
     CPU_POWERPC_750L_v32           = 0x00088302,
@@ -7577,13 +8039,13 @@
     /* 32 bits "classic" PowerPC                                             */
     /* PowerPC 6xx family                                                    */
     /* PowerPC 601                                                           */
-    POWERPC_DEF("601",           CPU_POWERPC_601,                    601),
+    POWERPC_DEF("601",           CPU_POWERPC_601,                    601v),
     /* PowerPC 601v0                                                         */
     POWERPC_DEF("601_v0",        CPU_POWERPC_601_v0,                 601),
     /* PowerPC 601v1                                                         */
     POWERPC_DEF("601_v1",        CPU_POWERPC_601_v1,                 601),
     /* PowerPC 601v                                                          */
-    POWERPC_DEF("601v",          CPU_POWERPC_601,                    601v),
+    POWERPC_DEF("601v",          CPU_POWERPC_601v,                   601v),
     /* PowerPC 601v2                                                         */
     POWERPC_DEF("601_v2",        CPU_POWERPC_601_v2,                 601v),
     /* PowerPC 602                                                           */
@@ -7652,71 +8114,85 @@
 #endif
     /* PowerPC 7xx family                                                    */
     /* Generic PowerPC 740 (G3)                                              */
-    POWERPC_DEF("740",           CPU_POWERPC_7x0,                    7x0),
+    POWERPC_DEF("740",           CPU_POWERPC_7x0,                    740),
     /* Code name for PowerPC 740                                             */
-    POWERPC_DEF("Arthur",        CPU_POWERPC_7x0,                    7x0),
+    POWERPC_DEF("Arthur",        CPU_POWERPC_7x0,                    740),
     /* Generic PowerPC 750 (G3)                                              */
-    POWERPC_DEF("750",           CPU_POWERPC_7x0,                    7x0),
+    POWERPC_DEF("750",           CPU_POWERPC_7x0,                    750),
     /* Code name for PowerPC 750                                             */
-    POWERPC_DEF("Typhoon",       CPU_POWERPC_7x0,                    7x0),
+    POWERPC_DEF("Typhoon",       CPU_POWERPC_7x0,                    750),
     /* PowerPC 740/750 is also known as G3                                   */
-    POWERPC_DEF("G3",            CPU_POWERPC_7x0,                    7x0),
+    POWERPC_DEF("G3",            CPU_POWERPC_7x0,                    750),
+    /* PowerPC 740 v1.0 (G3)                                                 */
+    POWERPC_DEF("740_v1.0",      CPU_POWERPC_7x0_v10,                740),
+    /* PowerPC 750 v1.0 (G3)                                                 */
+    POWERPC_DEF("750_v1.0",      CPU_POWERPC_7x0_v10,                750),
     /* PowerPC 740 v2.0 (G3)                                                 */
-    POWERPC_DEF("740_v2.0",      CPU_POWERPC_7x0_v20,                7x0),
+    POWERPC_DEF("740_v2.0",      CPU_POWERPC_7x0_v20,                740),
     /* PowerPC 750 v2.0 (G3)                                                 */
-    POWERPC_DEF("750_v2.0",      CPU_POWERPC_7x0_v20,                7x0),
+    POWERPC_DEF("750_v2.0",      CPU_POWERPC_7x0_v20,                750),
     /* PowerPC 740 v2.1 (G3)                                                 */
-    POWERPC_DEF("740_v2.1",      CPU_POWERPC_7x0_v21,                7x0),
+    POWERPC_DEF("740_v2.1",      CPU_POWERPC_7x0_v21,                740),
     /* PowerPC 750 v2.1 (G3)                                                 */
-    POWERPC_DEF("750_v2.1",      CPU_POWERPC_7x0_v21,                7x0),
+    POWERPC_DEF("750_v2.1",      CPU_POWERPC_7x0_v21,                750),
     /* PowerPC 740 v2.2 (G3)                                                 */
-    POWERPC_DEF("740_v2.2",      CPU_POWERPC_7x0_v22,                7x0),
+    POWERPC_DEF("740_v2.2",      CPU_POWERPC_7x0_v22,                740),
     /* PowerPC 750 v2.2 (G3)                                                 */
-    POWERPC_DEF("750_v2.2",      CPU_POWERPC_7x0_v22,                7x0),
+    POWERPC_DEF("750_v2.2",      CPU_POWERPC_7x0_v22,                750),
     /* PowerPC 740 v3.0 (G3)                                                 */
-    POWERPC_DEF("740_v3.0",      CPU_POWERPC_7x0_v30,                7x0),
+    POWERPC_DEF("740_v3.0",      CPU_POWERPC_7x0_v30,                740),
     /* PowerPC 750 v3.0 (G3)                                                 */
-    POWERPC_DEF("750_v3.0",      CPU_POWERPC_7x0_v30,                7x0),
+    POWERPC_DEF("750_v3.0",      CPU_POWERPC_7x0_v30,                750),
     /* PowerPC 740 v3.1 (G3)                                                 */
-    POWERPC_DEF("740_v3.1",      CPU_POWERPC_7x0_v31,                7x0),
+    POWERPC_DEF("740_v3.1",      CPU_POWERPC_7x0_v31,                740),
     /* PowerPC 750 v3.1 (G3)                                                 */
-    POWERPC_DEF("750_v3.1",      CPU_POWERPC_7x0_v31,                7x0),
+    POWERPC_DEF("750_v3.1",      CPU_POWERPC_7x0_v31,                750),
     /* PowerPC 740E (G3)                                                     */
-    POWERPC_DEF("740e",          CPU_POWERPC_740E,                   7x0),
+    POWERPC_DEF("740e",          CPU_POWERPC_740E,                   740),
+    /* PowerPC 750E (G3)                                                     */
+    POWERPC_DEF("750e",          CPU_POWERPC_750E,                   750),
     /* PowerPC 740P (G3)                                                     */
-    POWERPC_DEF("740p",          CPU_POWERPC_7x0P,                   7x0),
+    POWERPC_DEF("740p",          CPU_POWERPC_7x0P,                   740),
     /* PowerPC 750P (G3)                                                     */
-    POWERPC_DEF("750p",          CPU_POWERPC_7x0P,                   7x0),
+    POWERPC_DEF("750p",          CPU_POWERPC_7x0P,                   750),
     /* Code name for PowerPC 740P/750P (G3)                                  */
-    POWERPC_DEF("Conan/Doyle",   CPU_POWERPC_7x0P,                   7x0),
+    POWERPC_DEF("Conan/Doyle",   CPU_POWERPC_7x0P,                   750),
     /* PowerPC 750CL (G3 embedded)                                           */
-    POWERPC_DEF("750cl",         CPU_POWERPC_750CL,                  7x0),
+    POWERPC_DEF("750cl",         CPU_POWERPC_750CL,                  750cl),
+    /* PowerPC 750CL v1.0                                                    */
+    POWERPC_DEF("750cl_v1.0",    CPU_POWERPC_750CL_v10,              750cl),
+    /* PowerPC 750CL v2.0                                                    */
+    POWERPC_DEF("750cl_v2.0",    CPU_POWERPC_750CL_v20,              750cl),
     /* PowerPC 750CX (G3 embedded)                                           */
-    POWERPC_DEF("750cx",         CPU_POWERPC_750CX,                  7x0),
+    POWERPC_DEF("750cx",         CPU_POWERPC_750CX,                  750cx),
+    /* PowerPC 750CX v1.0 (G3 embedded)                                      */
+    POWERPC_DEF("750cx_v1.0",    CPU_POWERPC_750CX_v10,              750cx),
     /* PowerPC 750CX v2.1 (G3 embedded)                                      */
-    POWERPC_DEF("750cx_v2.1",    CPU_POWERPC_750CX_v21,              7x0),
+    POWERPC_DEF("750cx_v2.0",    CPU_POWERPC_750CX_v20,              750cx),
+    /* PowerPC 750CX v2.1 (G3 embedded)                                      */
+    POWERPC_DEF("750cx_v2.1",    CPU_POWERPC_750CX_v21,              750cx),
     /* PowerPC 750CX v2.2 (G3 embedded)                                      */
-    POWERPC_DEF("750cx_v2.2",    CPU_POWERPC_750CX_v22,              7x0),
+    POWERPC_DEF("750cx_v2.2",    CPU_POWERPC_750CX_v22,              750cx),
     /* PowerPC 750CXe (G3 embedded)                                          */
-    POWERPC_DEF("750cxe",        CPU_POWERPC_750CXE,                 7x0),
+    POWERPC_DEF("750cxe",        CPU_POWERPC_750CXE,                 750cx),
     /* PowerPC 750CXe v2.1 (G3 embedded)                                     */
-    POWERPC_DEF("750cxe_v2.1",   CPU_POWERPC_750CXE_v21,             7x0),
+    POWERPC_DEF("750cxe_v2.1",   CPU_POWERPC_750CXE_v21,             750cx),
     /* PowerPC 750CXe v2.2 (G3 embedded)                                     */
-    POWERPC_DEF("750cxe_v2.2",   CPU_POWERPC_750CXE_v22,             7x0),
+    POWERPC_DEF("750cxe_v2.2",   CPU_POWERPC_750CXE_v22,             750cx),
     /* PowerPC 750CXe v2.3 (G3 embedded)                                     */
-    POWERPC_DEF("750cxe_v2.3",   CPU_POWERPC_750CXE_v23,             7x0),
+    POWERPC_DEF("750cxe_v2.3",   CPU_POWERPC_750CXE_v23,             750cx),
     /* PowerPC 750CXe v2.4 (G3 embedded)                                     */
-    POWERPC_DEF("750cxe_v2.4",   CPU_POWERPC_750CXE_v24,             7x0),
+    POWERPC_DEF("750cxe_v2.4",   CPU_POWERPC_750CXE_v24,             750cx),
     /* PowerPC 750CXe v2.4b (G3 embedded)                                    */
-    POWERPC_DEF("750cxe_v2.4b",  CPU_POWERPC_750CXE_v24b,            7x0),
+    POWERPC_DEF("750cxe_v2.4b",  CPU_POWERPC_750CXE_v24b,            750cx),
+    /* PowerPC 750CXe v3.0 (G3 embedded)                                     */
+    POWERPC_DEF("750cxe_v3.0",   CPU_POWERPC_750CXE_v30,             750cx),
     /* PowerPC 750CXe v3.1 (G3 embedded)                                     */
-    POWERPC_DEF("750cxe_v3.1",   CPU_POWERPC_750CXE_v31,             7x0),
+    POWERPC_DEF("750cxe_v3.1",   CPU_POWERPC_750CXE_v31,             750cx),
     /* PowerPC 750CXe v3.1b (G3 embedded)                                    */
-    POWERPC_DEF("750cxe_v3.1b",  CPU_POWERPC_750CXE_v31b,            7x0),
+    POWERPC_DEF("750cxe_v3.1b",  CPU_POWERPC_750CXE_v31b,            750cx),
     /* PowerPC 750CXr (G3 embedded)                                          */
-    POWERPC_DEF("750cxr",        CPU_POWERPC_750CXR,                 7x0),
-    /* PowerPC 750E (G3)                                                     */
-    POWERPC_DEF("750e",          CPU_POWERPC_750E,                   7x0),
+    POWERPC_DEF("750cxr",        CPU_POWERPC_750CXR,                 750cx),
     /* PowerPC 750FL (G3 embedded)                                           */
     POWERPC_DEF("750fl",         CPU_POWERPC_750FL,                  750fx),
     /* PowerPC 750FX (G3 embedded)                                           */
@@ -7732,80 +8208,84 @@
     /* PowerPC 750FX v2.3 (G3 embedded)                                      */
     POWERPC_DEF("750fx_v2.3",    CPU_POWERPC_750FX_v23,              750fx),
     /* PowerPC 750GL (G3 embedded)                                           */
-    POWERPC_DEF("750gl",         CPU_POWERPC_750GL,                  750fx),
+    POWERPC_DEF("750gl",         CPU_POWERPC_750GL,                  750gx),
     /* PowerPC 750GX (G3 embedded)                                           */
-    POWERPC_DEF("750gx",         CPU_POWERPC_750GX,                  750fx),
+    POWERPC_DEF("750gx",         CPU_POWERPC_750GX,                  750gx),
     /* PowerPC 750GX v1.0 (G3 embedded)                                      */
-    POWERPC_DEF("750gx_v1.0",    CPU_POWERPC_750GX_v10,              750fx),
+    POWERPC_DEF("750gx_v1.0",    CPU_POWERPC_750GX_v10,              750gx),
     /* PowerPC 750GX v1.1 (G3 embedded)                                      */
-    POWERPC_DEF("750gx_v1.1",    CPU_POWERPC_750GX_v11,              750fx),
+    POWERPC_DEF("750gx_v1.1",    CPU_POWERPC_750GX_v11,              750gx),
     /* PowerPC 750GX v1.2 (G3 embedded)                                      */
-    POWERPC_DEF("750gx_v1.2",    CPU_POWERPC_750GX_v12,              750fx),
+    POWERPC_DEF("750gx_v1.2",    CPU_POWERPC_750GX_v12,              750gx),
     /* PowerPC 750L (G3 embedded)                                            */
-    POWERPC_DEF("750l",          CPU_POWERPC_750L,                   7x0),
+    POWERPC_DEF("750l",          CPU_POWERPC_750L,                   750),
     /* Code name for PowerPC 750L (G3 embedded)                              */
-    POWERPC_DEF("LoneStar",      CPU_POWERPC_750L,                   7x0),
+    POWERPC_DEF("LoneStar",      CPU_POWERPC_750L,                   750),
+    /* PowerPC 750L v2.0 (G3 embedded)                                       */
+    POWERPC_DEF("750l_v2.0",     CPU_POWERPC_750L_v20,               750),
+    /* PowerPC 750L v2.1 (G3 embedded)                                       */
+    POWERPC_DEF("750l_v2.1",     CPU_POWERPC_750L_v21,               750),
     /* PowerPC 750L v2.2 (G3 embedded)                                       */
-    POWERPC_DEF("750l_v2.2",     CPU_POWERPC_750L_v22,               7x0),
+    POWERPC_DEF("750l_v2.2",     CPU_POWERPC_750L_v22,               750),
     /* PowerPC 750L v3.0 (G3 embedded)                                       */
-    POWERPC_DEF("750l_v3.0",     CPU_POWERPC_750L_v30,               7x0),
+    POWERPC_DEF("750l_v3.0",     CPU_POWERPC_750L_v30,               750),
     /* PowerPC 750L v3.2 (G3 embedded)                                       */
-    POWERPC_DEF("750l_v3.2",     CPU_POWERPC_750L_v32,               7x0),
+    POWERPC_DEF("750l_v3.2",     CPU_POWERPC_750L_v32,               750),
     /* Generic PowerPC 745                                                   */
-    POWERPC_DEF("745",           CPU_POWERPC_7x5,                    7x5),
+    POWERPC_DEF("745",           CPU_POWERPC_7x5,                    745),
     /* Generic PowerPC 755                                                   */
-    POWERPC_DEF("755",           CPU_POWERPC_7x5,                    7x5),
+    POWERPC_DEF("755",           CPU_POWERPC_7x5,                    755),
     /* Code name for PowerPC 745/755                                         */
-    POWERPC_DEF("Goldfinger",    CPU_POWERPC_7x5,                    7x5),
+    POWERPC_DEF("Goldfinger",    CPU_POWERPC_7x5,                    755),
     /* PowerPC 745 v1.0                                                      */
-    POWERPC_DEF("745_v1.0",      CPU_POWERPC_7x5_v10,                7x5),
+    POWERPC_DEF("745_v1.0",      CPU_POWERPC_7x5_v10,                745),
     /* PowerPC 755 v1.0                                                      */
-    POWERPC_DEF("755_v1.0",      CPU_POWERPC_7x5_v10,                7x5),
+    POWERPC_DEF("755_v1.0",      CPU_POWERPC_7x5_v10,                755),
     /* PowerPC 745 v1.1                                                      */
-    POWERPC_DEF("745_v1.1",      CPU_POWERPC_7x5_v11,                7x5),
+    POWERPC_DEF("745_v1.1",      CPU_POWERPC_7x5_v11,                745),
     /* PowerPC 755 v1.1                                                      */
-    POWERPC_DEF("755_v1.1",      CPU_POWERPC_7x5_v11,                7x5),
+    POWERPC_DEF("755_v1.1",      CPU_POWERPC_7x5_v11,                755),
     /* PowerPC 745 v2.0                                                      */
-    POWERPC_DEF("745_v2.0",      CPU_POWERPC_7x5_v20,                7x5),
+    POWERPC_DEF("745_v2.0",      CPU_POWERPC_7x5_v20,                745),
     /* PowerPC 755 v2.0                                                      */
-    POWERPC_DEF("755_v2.0",      CPU_POWERPC_7x5_v20,                7x5),
+    POWERPC_DEF("755_v2.0",      CPU_POWERPC_7x5_v20,                755),
     /* PowerPC 745 v2.1                                                      */
-    POWERPC_DEF("745_v2.1",      CPU_POWERPC_7x5_v21,                7x5),
+    POWERPC_DEF("745_v2.1",      CPU_POWERPC_7x5_v21,                745),
     /* PowerPC 755 v2.1                                                      */
-    POWERPC_DEF("755_v2.1",      CPU_POWERPC_7x5_v21,                7x5),
+    POWERPC_DEF("755_v2.1",      CPU_POWERPC_7x5_v21,                755),
     /* PowerPC 745 v2.2                                                      */
-    POWERPC_DEF("745_v2.2",      CPU_POWERPC_7x5_v22,                7x5),
+    POWERPC_DEF("745_v2.2",      CPU_POWERPC_7x5_v22,                745),
     /* PowerPC 755 v2.2                                                      */
-    POWERPC_DEF("755_v2.2",      CPU_POWERPC_7x5_v22,                7x5),
+    POWERPC_DEF("755_v2.2",      CPU_POWERPC_7x5_v22,                755),
     /* PowerPC 745 v2.3                                                      */
-    POWERPC_DEF("745_v2.3",      CPU_POWERPC_7x5_v23,                7x5),
+    POWERPC_DEF("745_v2.3",      CPU_POWERPC_7x5_v23,                745),
     /* PowerPC 755 v2.3                                                      */
-    POWERPC_DEF("755_v2.3",      CPU_POWERPC_7x5_v23,                7x5),
+    POWERPC_DEF("755_v2.3",      CPU_POWERPC_7x5_v23,                755),
     /* PowerPC 745 v2.4                                                      */
-    POWERPC_DEF("745_v2.4",      CPU_POWERPC_7x5_v24,                7x5),
+    POWERPC_DEF("745_v2.4",      CPU_POWERPC_7x5_v24,                745),
     /* PowerPC 755 v2.4                                                      */
-    POWERPC_DEF("755_v2.4",      CPU_POWERPC_7x5_v24,                7x5),
+    POWERPC_DEF("755_v2.4",      CPU_POWERPC_7x5_v24,                755),
     /* PowerPC 745 v2.5                                                      */
-    POWERPC_DEF("745_v2.5",      CPU_POWERPC_7x5_v25,                7x5),
+    POWERPC_DEF("745_v2.5",      CPU_POWERPC_7x5_v25,                745),
     /* PowerPC 755 v2.5                                                      */
-    POWERPC_DEF("755_v2.5",      CPU_POWERPC_7x5_v25,                7x5),
+    POWERPC_DEF("755_v2.5",      CPU_POWERPC_7x5_v25,                755),
     /* PowerPC 745 v2.6                                                      */
-    POWERPC_DEF("745_v2.6",      CPU_POWERPC_7x5_v26,                7x5),
+    POWERPC_DEF("745_v2.6",      CPU_POWERPC_7x5_v26,                745),
     /* PowerPC 755 v2.6                                                      */
-    POWERPC_DEF("755_v2.6",      CPU_POWERPC_7x5_v26,                7x5),
+    POWERPC_DEF("755_v2.6",      CPU_POWERPC_7x5_v26,                755),
     /* PowerPC 745 v2.7                                                      */
-    POWERPC_DEF("745_v2.7",      CPU_POWERPC_7x5_v27,                7x5),
+    POWERPC_DEF("745_v2.7",      CPU_POWERPC_7x5_v27,                745),
     /* PowerPC 755 v2.7                                                      */
-    POWERPC_DEF("755_v2.7",      CPU_POWERPC_7x5_v27,                7x5),
+    POWERPC_DEF("755_v2.7",      CPU_POWERPC_7x5_v27,                755),
     /* PowerPC 745 v2.8                                                      */
-    POWERPC_DEF("745_v2.8",      CPU_POWERPC_7x5_v28,                7x5),
+    POWERPC_DEF("745_v2.8",      CPU_POWERPC_7x5_v28,                745),
     /* PowerPC 755 v2.8                                                      */
-    POWERPC_DEF("755_v2.8",      CPU_POWERPC_7x5_v28,                7x5),
+    POWERPC_DEF("755_v2.8",      CPU_POWERPC_7x5_v28,                755),
 #if defined (TODO)
     /* PowerPC 745P (G3)                                                     */
-    POWERPC_DEF("745p",          CPU_POWERPC_7x5P,                   7x5),
+    POWERPC_DEF("745p",          CPU_POWERPC_7x5P,                   745),
     /* PowerPC 755P (G3)                                                     */
-    POWERPC_DEF("755p",          CPU_POWERPC_7x5P,                   7x5),
+    POWERPC_DEF("755p",          CPU_POWERPC_7x5P,                   755),
 #endif
     /* PowerPC 74xx family                                                   */
     /* PowerPC 7400 (G4)                                                     */

Modified: trunk/src/host/qemu-neo1973/target-sparc/cpu.h
===================================================================
--- trunk/src/host/qemu-neo1973/target-sparc/cpu.h	2007-11-26 19:46:49 UTC (rev 3516)
+++ trunk/src/host/qemu-neo1973/target-sparc/cpu.h	2007-11-26 22:42:26 UTC (rev 3517)
@@ -215,13 +215,16 @@
     uint64_t dtlb_tag[64];
     uint64_t dtlb_tte[64];
 #else
-    uint32_t mmuregs[16];
+    uint32_t mmuregs[32];
     uint64_t mxccdata[4];
     uint64_t mxccregs[8];
 #endif
     /* temporary float registers */
     float32 ft0, ft1;
     float64 dt0, dt1;
+#if defined(CONFIG_USER_ONLY)
+    float128 qt0, qt1;
+#endif
     float_status fp_status;
 #if defined(TARGET_SPARC64)
 #define MAXTL 4

Modified: trunk/src/host/qemu-neo1973/target-sparc/exec.h
===================================================================
--- trunk/src/host/qemu-neo1973/target-sparc/exec.h	2007-11-26 19:46:49 UTC (rev 3516)
+++ trunk/src/host/qemu-neo1973/target-sparc/exec.h	2007-11-26 22:42:26 UTC (rev 3517)
@@ -41,6 +41,10 @@
 #define FT1 (env->ft1)
 #define DT0 (env->dt0)
 #define DT1 (env->dt1)
+#if defined(CONFIG_USER_ONLY)
+#define QT0 (env->qt0)
+#define QT1 (env->qt1)
+#endif
 
 #include "cpu.h"
 #include "exec-all.h"
@@ -65,6 +69,13 @@
 void do_fcmpd(void);
 void do_fcmpes(void);
 void do_fcmped(void);
+#if defined(CONFIG_USER_ONLY)
+void do_fitoq(void);
+void do_fabsq(void);
+void do_fsqrtq(void);
+void do_fcmpq(void);
+void do_fcmpeq(void);
+#endif
 #ifdef TARGET_SPARC64
 void do_fabsd(void);
 void do_fcmps_fcc1(void);
@@ -79,6 +90,14 @@
 void do_fcmped_fcc2(void);
 void do_fcmpes_fcc3(void);
 void do_fcmped_fcc3(void);
+#if defined(CONFIG_USER_ONLY)
+void do_fcmpq_fcc1(void);
+void do_fcmpq_fcc2(void);
+void do_fcmpq_fcc3(void);
+void do_fcmpeq_fcc1(void);
+void do_fcmpeq_fcc2(void);
+void do_fcmpeq_fcc3(void);
+#endif
 void do_popc();
 void do_wrpstate();
 void do_done();

Modified: trunk/src/host/qemu-neo1973/target-sparc/fop_template.h
===================================================================
--- trunk/src/host/qemu-neo1973/target-sparc/fop_template.h	2007-11-26 19:46:49 UTC (rev 3516)
+++ trunk/src/host/qemu-neo1973/target-sparc/fop_template.h	2007-11-26 22:42:26 UTC (rev 3517)
@@ -77,5 +77,52 @@
     *p = u.l.upper;
 }
 
+#if defined(CONFIG_USER_ONLY)
+/* quad floating point registers moves */
+void OPPROTO glue(op_load_fpr_QT0_fpr, REGNAME)(void)
+{
+    CPU_QuadU u;
+    uint32_t *p = (uint32_t *)&REG;
+    u.l.lowest = *(p + 3);
+    u.l.lower = *(p + 2);
+    u.l.upper = *(p + 1);
+    u.l.upmost = *p;
+    QT0 = u.q;
+}
+
+void OPPROTO glue(op_store_QT0_fpr_fpr, REGNAME)(void)
+{
+    CPU_QuadU u;
+    uint32_t *p = (uint32_t *)&REG;
+    u.q = QT0;
+    *(p + 3) = u.l.lowest;
+    *(p + 2) = u.l.lower;
+    *(p + 1) = u.l.upper;
+    *p = u.l.upmost;
+}
+
+void OPPROTO glue(op_load_fpr_QT1_fpr, REGNAME)(void)
+{
+    CPU_QuadU u;
+    uint32_t *p = (uint32_t *)&REG;
+    u.l.lowest = *(p + 3);
+    u.l.lower = *(p + 2);
+    u.l.upper = *(p + 1);
+    u.l.upmost = *p;
+    QT1 = u.q;
+}
+
+void OPPROTO glue(op_store_QT1_fpr_fpr, REGNAME)(void)
+{
+    CPU_QuadU u;
+    uint32_t *p = (uint32_t *)&REG;
+    u.q = QT1;
+    *(p + 3) = u.l.lowest;
+    *(p + 2) = u.l.lower;
+    *(p + 1) = u.l.upper;
+    *p = u.l.upmost;
+}
+#endif
+
 #undef REG
 #undef REGNAME

Modified: trunk/src/host/qemu-neo1973/target-sparc/op.c
===================================================================
--- trunk/src/host/qemu-neo1973/target-sparc/op.c	2007-11-26 19:46:49 UTC (rev 3516)
+++ trunk/src/host/qemu-neo1973/target-sparc/op.c	2007-11-26 22:42:26 UTC (rev 3517)
@@ -1581,6 +1581,7 @@
 
 #define F_OP(name, p) void OPPROTO op_f##name##p(void)
 
+#if defined(CONFIG_USER_ONLY)
 #define F_BINOP(name)                                           \
     F_OP(name, s)                                               \
     {                                                           \
@@ -1593,7 +1594,28 @@
         set_float_exception_flags(0, &env->fp_status);          \
         DT0 = float64_ ## name (DT0, DT1, &env->fp_status);     \
         check_ieee_exceptions();                                \
+    }                                                           \
+    F_OP(name, q)                                               \
+    {                                                           \
+        set_float_exception_flags(0, &env->fp_status);          \
+        QT0 = float128_ ## name (QT0, QT1, &env->fp_status);    \
+        check_ieee_exceptions();                                \
     }
+#else
+#define F_BINOP(name)                                           \
+    F_OP(name, s)                                               \
+    {                                                           \
+        set_float_exception_flags(0, &env->fp_status);          \
+        FT0 = float32_ ## name (FT0, FT1, &env->fp_status);     \
+        check_ieee_exceptions();                                \
+    }                                                           \
+    F_OP(name, d)                                               \
+    {                                                           \
+        set_float_exception_flags(0, &env->fp_status);          \
+        DT0 = float64_ ## name (DT0, DT1, &env->fp_status);     \
+        check_ieee_exceptions();                                \
+    }
+#endif
 
 F_BINOP(add);
 F_BINOP(sub);
@@ -1610,6 +1632,18 @@
     check_ieee_exceptions();
 }
 
+#if defined(CONFIG_USER_ONLY)
+void OPPROTO op_fdmulq(void)
+{
+    set_float_exception_flags(0, &env->fp_status);
+    QT0 = float128_mul(float64_to_float128(DT0, &env->fp_status),
+                       float64_to_float128(DT1, &env->fp_status),
+                       &env->fp_status);
+    check_ieee_exceptions();
+}
+#endif
+
+#if defined(CONFIG_USER_ONLY)
 #define F_HELPER(name)    \
     F_OP(name, s)         \
     {                     \
@@ -1618,7 +1652,22 @@
     F_OP(name, d)         \
     {                     \
         do_f##name##d();  \
+    }                     \
+    F_OP(name, q)         \
+    {                     \
+        do_f##name##q();  \
     }
+#else
+#define F_HELPER(name)    \
+    F_OP(name, s)         \
+    {                     \
+        do_f##name##s();  \
+    }                     \
+    F_OP(name, d)         \
+    {                     \
+        do_f##name##d();  \
+    }
+#endif
 
 F_HELPER(sqrt);
 
@@ -1646,6 +1695,18 @@
     do_fabsd();
 }
 
+#if defined(CONFIG_USER_ONLY)
+F_OP(neg, q)
+{
+    QT0 = float128_chs(QT1);
+}
+
+F_OP(abs, q)
+{
+    do_fabsd();
+}
+#endif
+
 void OPPROTO op_fcmps_fcc1(void)
 {
     do_fcmps_fcc1();
@@ -1706,8 +1767,40 @@
     do_fcmped_fcc3();
 }
 
+#if defined(CONFIG_USER_ONLY)
+void OPPROTO op_fcmpq_fcc1(void)
+{
+    do_fcmpq_fcc1();
+}
+
+void OPPROTO op_fcmpq_fcc2(void)
+{
+    do_fcmpq_fcc2();
+}
+
+void OPPROTO op_fcmpq_fcc3(void)
+{
+    do_fcmpq_fcc3();
+}
+
+void OPPROTO op_fcmpeq_fcc1(void)
+{
+    do_fcmpeq_fcc1();
+}
+
+void OPPROTO op_fcmpeq_fcc2(void)
+{
+    do_fcmpeq_fcc2();
+}
+
+void OPPROTO op_fcmpeq_fcc3(void)
+{
+    do_fcmpeq_fcc3();
+}
 #endif
 
+#endif
+
 /* Integer to float conversion.  */
 #ifdef USE_INT_TO_FLOAT_HELPERS
 F_HELPER(ito);
@@ -1729,6 +1822,15 @@
     check_ieee_exceptions();
 }
 
+#if defined(CONFIG_USER_ONLY)
+F_OP(ito, q)
+{
+    set_float_exception_flags(0, &env->fp_status);
+    QT0 = int32_to_float128(*((int32_t *)&FT1), &env->fp_status);
+    check_ieee_exceptions();
+}
+#endif
+
 #ifdef TARGET_SPARC64
 F_OP(xto, s)
 {
@@ -1743,8 +1845,16 @@
     DT0 = int64_to_float64(*((int64_t *)&DT1), &env->fp_status);
     check_ieee_exceptions();
 }
+#if defined(CONFIG_USER_ONLY)
+F_OP(xto, q)
+{
+    set_float_exception_flags(0, &env->fp_status);
+    QT0 = int64_to_float128(*((int64_t *)&DT1), &env->fp_status);
+    check_ieee_exceptions();
+}
 #endif
 #endif
+#endif
 #undef F_HELPER
 
 /* floating point conversion */
@@ -1762,6 +1872,36 @@
     check_ieee_exceptions();
 }
 
+#if defined(CONFIG_USER_ONLY)
+void OPPROTO op_fqtos(void)
+{
+    set_float_exception_flags(0, &env->fp_status);
+    FT0 = float128_to_float32(QT1, &env->fp_status);
+    check_ieee_exceptions();
+}
+
+void OPPROTO op_fstoq(void)
+{
+    set_float_exception_flags(0, &env->fp_status);
+    QT0 = float32_to_float128(FT1, &env->fp_status);
+    check_ieee_exceptions();
+}
+
+void OPPROTO op_fqtod(void)
+{
+    set_float_exception_flags(0, &env->fp_status);
+    DT0 = float128_to_float64(QT1, &env->fp_status);
+    check_ieee_exceptions();
+}
+
+void OPPROTO op_fdtoq(void)
+{
+    set_float_exception_flags(0, &env->fp_status);
+    QT0 = float64_to_float128(DT1, &env->fp_status);
+    check_ieee_exceptions();
+}
+#endif
+
 /* Float to integer conversion.  */
 void OPPROTO op_fstoi(void)
 {
@@ -1777,6 +1917,15 @@
     check_ieee_exceptions();
 }
 
+#if defined(CONFIG_USER_ONLY)
+void OPPROTO op_fqtoi(void)
+{
+    set_float_exception_flags(0, &env->fp_status);
+    *((int32_t *)&FT0) = float128_to_int32_round_to_zero(QT1, &env->fp_status);
+    check_ieee_exceptions();
+}
+#endif
+
 #ifdef TARGET_SPARC64
 void OPPROTO op_fstox(void)
 {
@@ -1792,6 +1941,15 @@
     check_ieee_exceptions();
 }
 
+#if defined(CONFIG_USER_ONLY)
+void OPPROTO op_fqtox(void)
+{
+    set_float_exception_flags(0, &env->fp_status);
+    *((int64_t *)&DT0) = float128_to_int64_round_to_zero(QT1, &env->fp_status);
+    check_ieee_exceptions();
+}
+#endif
+
 void OPPROTO op_fmovs_cc(void)
 {
     if (T2)
@@ -1804,6 +1962,14 @@
         DT0 = DT1;
 }
 
+#if defined(CONFIG_USER_ONLY)
+void OPPROTO op_fmovq_cc(void)
+{
+    if (T2)
+        QT0 = QT1;
+}
+#endif
+
 void OPPROTO op_mov_cc(void)
 {
     if (T2)

Modified: trunk/src/host/qemu-neo1973/target-sparc/op_helper.c
===================================================================
--- trunk/src/host/qemu-neo1973/target-sparc/op_helper.c	2007-11-26 19:46:49 UTC (rev 3516)
+++ trunk/src/host/qemu-neo1973/target-sparc/op_helper.c	2007-11-26 22:42:26 UTC (rev 3517)
@@ -97,7 +97,14 @@
 {
     DT0 = float64_abs(DT1);
 }
+
+#if defined(CONFIG_USER_ONLY)
+void do_fabsq(void)
+{
+    QT0 = float128_abs(QT1);
+}
 #endif
+#endif
 
 void do_fsqrts(void)
 {
@@ -113,6 +120,15 @@
     check_ieee_exceptions();
 }
 
+#if defined(CONFIG_USER_ONLY)
+void do_fsqrtq(void)
+{
+    set_float_exception_flags(0, &env->fp_status);
+    QT0 = float128_sqrt(QT1, &env->fp_status);
+    check_ieee_exceptions();
+}
+#endif
+
 #define GEN_FCMP(name, size, reg1, reg2, FS, TRAP)                      \
     void glue(do_, name) (void)                                         \
     {                                                                   \
@@ -148,6 +164,11 @@
 GEN_FCMP(fcmpes, float32, FT0, FT1, 0, 1);
 GEN_FCMP(fcmped, float64, DT0, DT1, 0, 1);
 
+#ifdef CONFIG_USER_ONLY
+GEN_FCMP(fcmpq, float128, QT0, QT1, 0, 0);
+GEN_FCMP(fcmpeq, float128, QT0, QT1, 0, 1);
+#endif
+
 #ifdef TARGET_SPARC64
 GEN_FCMP(fcmps_fcc1, float32, FT0, FT1, 22, 0);
 GEN_FCMP(fcmpd_fcc1, float64, DT0, DT1, 22, 0);
@@ -166,7 +187,15 @@
 
 GEN_FCMP(fcmpes_fcc3, float32, FT0, FT1, 26, 1);
 GEN_FCMP(fcmped_fcc3, float64, DT0, DT1, 26, 1);
+#ifdef CONFIG_USER_ONLY
+GEN_FCMP(fcmpq_fcc1, float128, QT0, QT1, 22, 0);
+GEN_FCMP(fcmpq_fcc2, float128, QT0, QT1, 24, 0);
+GEN_FCMP(fcmpq_fcc3, float128, QT0, QT1, 26, 0);
+GEN_FCMP(fcmpeq_fcc1, float128, QT0, QT1, 22, 1);
+GEN_FCMP(fcmpeq_fcc2, float128, QT0, QT1, 24, 1);
+GEN_FCMP(fcmpeq_fcc3, float128, QT0, QT1, 26, 1);
 #endif
+#endif
 
 #ifndef TARGET_SPARC64
 #ifndef CONFIG_USER_ONLY
@@ -196,8 +225,8 @@
         switch (T0) {
         case 0x01c00a00: /* MXCC control register */
             if (size == 8) {
-                ret = env->mxccregs[3];
-                T0 = env->mxccregs[3] >> 32;
+                ret = env->mxccregs[3] >> 32;
+                T0 = env->mxccregs[3];
             } else
                 DPRINTF_MXCC("%08x: unimplemented access size: %d\n", T0, size);
             break;
@@ -217,8 +246,8 @@
             break;
         case 0x01c00f00: /* MBus port address register */
             if (size == 8) {
-                ret = env->mxccregs[7];
-                T0 = env->mxccregs[7] >> 32;
+                ret = env->mxccregs[7] >> 32;
+                T0 = env->mxccregs[7];
             } else
                 DPRINTF_MXCC("%08x: unimplemented access size: %d\n", T0, size);
             break;
@@ -248,11 +277,15 @@
         break;
     case 4: /* read MMU regs */
         {
-            int reg = (T0 >> 8) & 0xf;
+            int reg = (T0 >> 8) & 0x1f;
 
             ret = env->mmuregs[reg];
             if (reg == 3) /* Fault status cleared on read */
-                env->mmuregs[reg] = 0;
+                env->mmuregs[3] = 0;
+            else if (reg == 0x13) /* Fault status read */
+                ret = env->mmuregs[3];
+            else if (reg == 0x14) /* Fault address read */
+                ret = env->mmuregs[4];
             DPRINTF_MMU("mmu_read: reg[%d] = 0x%08x\n", reg, ret);
         }
         break;
@@ -493,17 +526,18 @@
         }
     case 4: /* write MMU regs */
         {
-            int reg = (T0 >> 8) & 0xf;
+            int reg = (T0 >> 8) & 0x1f;
             uint32_t oldreg;
 
             oldreg = env->mmuregs[reg];
             switch(reg) {
             case 0:
-                env->mmuregs[reg] &= ~(MMU_E | MMU_NF | env->mmu_bm);
-                env->mmuregs[reg] |= T1 & (MMU_E | MMU_NF | env->mmu_bm);
+                env->mmuregs[reg] = (env->mmuregs[reg] & 0xff000000) |
+                                    (T1 & 0x00ffffff);
                 // Mappings generated during no-fault mode or MMU
                 // disabled mode are invalid in normal mode
-                if (oldreg != env->mmuregs[reg])
+                if ((oldreg & (MMU_E | MMU_NF | env->mmu_bm)) !=
+                    (env->mmuregs[reg] & (MMU_E | MMU_NF | env->mmu_bm)))
                     tlb_flush(env, 1);
                 break;
             case 2:
@@ -517,6 +551,12 @@
             case 3:
             case 4:
                 break;
+            case 0x13:
+                env->mmuregs[3] = T1;
+                break;
+            case 0x14:
+                env->mmuregs[4] = T1;
+                break;
             default:
                 env->mmuregs[reg] = T1;
                 break;
@@ -1363,6 +1403,11 @@
     case 8:
         *((int64_t *)&DT0) = T1;
         break;
+#if defined(CONFIG_USER_ONLY)
+    case 16:
+        // XXX
+        break;
+#endif
     }
     T1 = tmp_T1;
 }
@@ -1406,6 +1451,11 @@
     case 8:
         T1 = *((int64_t *)&DT0);
         break;
+#if defined(CONFIG_USER_ONLY)
+    case 16:
+        // XXX
+        break;
+#endif
     }
     helper_st_asi(asi, size);
     T1 = tmp_T1;

Modified: trunk/src/host/qemu-neo1973/target-sparc/op_mem.h
===================================================================
--- trunk/src/host/qemu-neo1973/target-sparc/op_mem.h	2007-11-26 19:46:49 UTC (rev 3516)
+++ trunk/src/host/qemu-neo1973/target-sparc/op_mem.h	2007-11-26 22:42:26 UTC (rev 3517)
@@ -85,6 +85,28 @@
     DT0 = glue(ldfq, MEMSUFFIX)(ADDR(T0));
 }
 
+#if defined(CONFIG_USER_ONLY)
+void OPPROTO glue(op_ldqf, MEMSUFFIX) (void)
+{
+    // XXX add 128 bit load
+    CPU_QuadU u;
+
+    u.ll.upper = glue(ldq, MEMSUFFIX)(ADDR(T0));
+    u.ll.lower = glue(ldq, MEMSUFFIX)(ADDR(T0 + 8));
+    QT0 = u.q;
+}
+
+void OPPROTO glue(op_stqf, MEMSUFFIX) (void)
+{
+    // XXX add 128 bit store
+    CPU_QuadU u;
+
+    u.q = QT0;
+    glue(stq, MEMSUFFIX)(ADDR(T0), u.ll.upper);
+    glue(stq, MEMSUFFIX)(ADDR(T0 + 8), u.ll.lower);
+}
+#endif
+
 #ifdef TARGET_SPARC64
 void OPPROTO glue(op_lduw, MEMSUFFIX)(void)
 {

Modified: trunk/src/host/qemu-neo1973/target-sparc/translate.c
===================================================================
--- trunk/src/host/qemu-neo1973/target-sparc/translate.c	2007-11-26 19:46:49 UTC (rev 3516)
+++ trunk/src/host/qemu-neo1973/target-sparc/translate.c	2007-11-26 22:42:26 UTC (rev 3517)
@@ -25,7 +25,6 @@
    Rest of V9 instructions, VIS instructions
    NPC/PC static optimisations (use JUMP_TB when possible)
    Optimize synthetic instructions
-   128-bit float
 */
 
 #include <stdarg.h>
@@ -93,8 +92,10 @@
 
 #ifdef TARGET_SPARC64
 #define DFPREG(r) (((r & 1) << 5) | (r & 0x1e))
+#define QFPREG(r) (((r & 1) << 5) | (r & 0x1c))
 #else
 #define DFPREG(r) (r & 0x1e)
+#define QFPREG(r) (r & 0x1c)
 #endif
 
 #ifdef USE_DIRECT_JUMP
@@ -351,6 +352,13 @@
 GEN32(gen_op_store_DT0_fpr, gen_op_store_DT0_fpr_fprf);
 GEN32(gen_op_store_DT1_fpr, gen_op_store_DT1_fpr_fprf);
 
+#if defined(CONFIG_USER_ONLY)
+GEN32(gen_op_load_fpr_QT0, gen_op_load_fpr_QT0_fprf);
+GEN32(gen_op_load_fpr_QT1, gen_op_load_fpr_QT1_fprf);
+GEN32(gen_op_store_QT0_fpr, gen_op_store_QT0_fpr_fprf);
+GEN32(gen_op_store_QT1_fpr, gen_op_store_QT1_fpr_fprf);
+#endif
+
 /* moves */
 #ifdef CONFIG_USER_ONLY
 #define supervisor(dc) 0
@@ -432,11 +440,10 @@
     }
 }
 
-static inline void gen_ldf_asi(int insn, int size)
+static inline void gen_ldf_asi(int insn, int size, int rd)
 {
-    int asi, offset, rd;
+    int asi, offset;
 
-    rd = DFPREG(GET_FIELD(insn, 2, 6));
     if (IS_IMM) {
         offset = GET_FIELD(insn, 25, 31);
         gen_op_ldf_asi_reg(offset, size, rd);
@@ -446,11 +453,10 @@
     }
 }
 
-static inline void gen_stf_asi(int insn, int size)
+static inline void gen_stf_asi(int insn, int size, int rd)
 {
-    int asi, offset, rd;
+    int asi, offset;
 
-    rd = DFPREG(GET_FIELD(insn, 2, 6));
     if (IS_IMM) {
         offset = GET_FIELD(insn, 25, 31);
         gen_op_stf_asi_reg(offset, size, rd);
@@ -1060,6 +1066,15 @@
     gen_op_fcmpd_fcc3,
 };
 
+#if defined(CONFIG_USER_ONLY)
+static GenOpFunc * const gen_fcmpq[4] = {
+    gen_op_fcmpq,
+    gen_op_fcmpq_fcc1,
+    gen_op_fcmpq_fcc2,
+    gen_op_fcmpq_fcc3,
+};
+#endif
+
 static GenOpFunc * const gen_fcmpes[4] = {
     gen_op_fcmpes,
     gen_op_fcmpes_fcc1,
@@ -1074,7 +1089,15 @@
     gen_op_fcmped_fcc3,
 };
 
+#if defined(CONFIG_USER_ONLY)
+static GenOpFunc * const gen_fcmpeq[4] = {
+    gen_op_fcmpeq,
+    gen_op_fcmpeq_fcc1,
+    gen_op_fcmpeq_fcc2,
+    gen_op_fcmpeq_fcc3,
+};
 #endif
+#endif
 
 static int gen_trap_ifnofpu(DisasContext * dc)
 {
@@ -1484,7 +1507,14 @@
                         gen_op_store_DT0_fpr(DFPREG(rd));
                         break;
                     case 0x2b: /* fsqrtq */
+#if defined(CONFIG_USER_ONLY)
+                        gen_op_load_fpr_QT1(QFPREG(rs2));
+                        gen_op_fsqrtq();
+                        gen_op_store_QT0_fpr(QFPREG(rd));
+                        break;
+#else
                         goto nfpu_insn;
+#endif
                     case 0x41:
                         gen_op_load_fpr_FT0(rs1);
                         gen_op_load_fpr_FT1(rs2);
@@ -1498,7 +1528,15 @@
                         gen_op_store_DT0_fpr(DFPREG(rd));
                         break;
                     case 0x43: /* faddq */
+#if defined(CONFIG_USER_ONLY)
+                        gen_op_load_fpr_QT0(QFPREG(rs1));
+                        gen_op_load_fpr_QT1(QFPREG(rs2));
+                        gen_op_faddq();
+                        gen_op_store_QT0_fpr(QFPREG(rd));
+                        break;
+#else
                         goto nfpu_insn;
+#endif
                     case 0x45:
                         gen_op_load_fpr_FT0(rs1);
                         gen_op_load_fpr_FT1(rs2);
@@ -1512,7 +1550,15 @@
                         gen_op_store_DT0_fpr(DFPREG(rd));
                         break;
                     case 0x47: /* fsubq */
+#if defined(CONFIG_USER_ONLY)
+                        gen_op_load_fpr_QT0(QFPREG(rs1));
+                        gen_op_load_fpr_QT1(QFPREG(rs2));
+                        gen_op_fsubq();
+                        gen_op_store_QT0_fpr(QFPREG(rd));
+                        break;
+#else
                         goto nfpu_insn;
+#endif
                     case 0x49:
                         gen_op_load_fpr_FT0(rs1);
                         gen_op_load_fpr_FT1(rs2);
@@ -1523,10 +1569,18 @@
                         gen_op_load_fpr_DT0(DFPREG(rs1));
                         gen_op_load_fpr_DT1(DFPREG(rs2));
                         gen_op_fmuld();
-                        gen_op_store_DT0_fpr(rd);
+                        gen_op_store_DT0_fpr(DFPREG(rd));
                         break;
                     case 0x4b: /* fmulq */
+#if defined(CONFIG_USER_ONLY)
+                        gen_op_load_fpr_QT0(QFPREG(rs1));
+                        gen_op_load_fpr_QT1(QFPREG(rs2));
+                        gen_op_fmulq();
+                        gen_op_store_QT0_fpr(QFPREG(rd));
+                        break;
+#else
                         goto nfpu_insn;
+#endif
                     case 0x4d:
                         gen_op_load_fpr_FT0(rs1);
                         gen_op_load_fpr_FT1(rs2);
@@ -1540,7 +1594,15 @@
                         gen_op_store_DT0_fpr(DFPREG(rd));
                         break;
                     case 0x4f: /* fdivq */
+#if defined(CONFIG_USER_ONLY)
+                        gen_op_load_fpr_QT0(QFPREG(rs1));
+                        gen_op_load_fpr_QT1(QFPREG(rs2));
+                        gen_op_fdivq();
+                        gen_op_store_QT0_fpr(QFPREG(rd));
+                        break;
+#else
                         goto nfpu_insn;
+#endif
                     case 0x69:
                         gen_op_load_fpr_FT0(rs1);
                         gen_op_load_fpr_FT1(rs2);
@@ -1548,7 +1610,15 @@
                         gen_op_store_DT0_fpr(DFPREG(rd));
                         break;
                     case 0x6e: /* fdmulq */
+#if defined(CONFIG_USER_ONLY)
+                        gen_op_load_fpr_DT0(DFPREG(rs1));
+                        gen_op_load_fpr_DT1(DFPREG(rs2));
+                        gen_op_fdmulq();
+                        gen_op_store_QT0_fpr(QFPREG(rd));
+                        break;
+#else
                         goto nfpu_insn;
+#endif
                     case 0xc4:
                         gen_op_load_fpr_FT1(rs2);
                         gen_op_fitos();
@@ -1560,7 +1630,14 @@
                         gen_op_store_FT0_fpr(rd);
                         break;
                     case 0xc7: /* fqtos */
+#if defined(CONFIG_USER_ONLY)
+                        gen_op_load_fpr_QT1(QFPREG(rs2));
+                        gen_op_fqtos();
+                        gen_op_store_FT0_fpr(rd);
+                        break;
+#else
                         goto nfpu_insn;
+#endif
                     case 0xc8:
                         gen_op_load_fpr_FT1(rs2);
                         gen_op_fitod();
@@ -1572,40 +1649,101 @@
                         gen_op_store_DT0_fpr(DFPREG(rd));
                         break;
                     case 0xcb: /* fqtod */
+#if defined(CONFIG_USER_ONLY)
+                        gen_op_load_fpr_QT1(QFPREG(rs2));
+                        gen_op_fqtod();
+                        gen_op_store_DT0_fpr(DFPREG(rd));
+                        break;
+#else
                         goto nfpu_insn;
+#endif
                     case 0xcc: /* fitoq */
+#if defined(CONFIG_USER_ONLY)
+                        gen_op_load_fpr_FT1(rs2);
+                        gen_op_fitoq();
+                        gen_op_store_QT0_fpr(QFPREG(rd));
+                        break;
+#else
                         goto nfpu_insn;
+#endif
                     case 0xcd: /* fstoq */
+#if defined(CONFIG_USER_ONLY)
+                        gen_op_load_fpr_FT1(rs2);
+                        gen_op_fstoq();
+                        gen_op_store_QT0_fpr(QFPREG(rd));
+                        break;
+#else
                         goto nfpu_insn;
+#endif
                     case 0xce: /* fdtoq */
+#if defined(CONFIG_USER_ONLY)
+                        gen_op_load_fpr_DT1(DFPREG(rs2));
+                        gen_op_fdtoq();
+                        gen_op_store_QT0_fpr(QFPREG(rd));
+                        break;
+#else
                         goto nfpu_insn;
+#endif
                     case 0xd1:
                         gen_op_load_fpr_FT1(rs2);
                         gen_op_fstoi();
                         gen_op_store_FT0_fpr(rd);
                         break;
                     case 0xd2:
-                        gen_op_load_fpr_DT1(rs2);
+                        gen_op_load_fpr_DT1(DFPREG(rs2));
                         gen_op_fdtoi();
                         gen_op_store_FT0_fpr(rd);
                         break;
                     case 0xd3: /* fqtoi */
+#if defined(CONFIG_USER_ONLY)
+                        gen_op_load_fpr_QT1(QFPREG(rs2));
+                        gen_op_fqtoi();
+                        gen_op_store_FT0_fpr(rd);
+                        break;
+#else
                         goto nfpu_insn;
+#endif
 #ifdef TARGET_SPARC64
                     case 0x2: /* V9 fmovd */
                         gen_op_load_fpr_DT0(DFPREG(rs2));
                         gen_op_store_DT0_fpr(DFPREG(rd));
                         break;
+                    case 0x3: /* V9 fmovq */
+#if defined(CONFIG_USER_ONLY)
+                        gen_op_load_fpr_QT0(QFPREG(rs2));
+                        gen_op_store_QT0_fpr(QFPREG(rd));
+                        break;
+#else
+                        goto nfpu_insn;
+#endif
                     case 0x6: /* V9 fnegd */
                         gen_op_load_fpr_DT1(DFPREG(rs2));
                         gen_op_fnegd();
                         gen_op_store_DT0_fpr(DFPREG(rd));
                         break;
+                    case 0x7: /* V9 fnegq */
+#if defined(CONFIG_USER_ONLY)
+                        gen_op_load_fpr_QT1(QFPREG(rs2));
+                        gen_op_fnegq();
+                        gen_op_store_QT0_fpr(QFPREG(rd));
+                        break;
+#else
+                        goto nfpu_insn;
+#endif
                     case 0xa: /* V9 fabsd */
                         gen_op_load_fpr_DT1(DFPREG(rs2));
                         gen_op_fabsd();
                         gen_op_store_DT0_fpr(DFPREG(rd));
                         break;
+                    case 0xb: /* V9 fabsq */
+#if defined(CONFIG_USER_ONLY)
+                        gen_op_load_fpr_QT1(QFPREG(rs2));
+                        gen_op_fabsq();
+                        gen_op_store_QT0_fpr(QFPREG(rd));
+                        break;
+#else
+                        goto nfpu_insn;
+#endif
                     case 0x81: /* V9 fstox */
                         gen_op_load_fpr_FT1(rs2);
                         gen_op_fstox();
@@ -1616,6 +1754,15 @@
                         gen_op_fdtox();
                         gen_op_store_DT0_fpr(DFPREG(rd));
                         break;
+                    case 0x83: /* V9 fqtox */
+#if defined(CONFIG_USER_ONLY)
+                        gen_op_load_fpr_QT1(QFPREG(rs2));
+                        gen_op_fqtox();
+                        gen_op_store_DT0_fpr(DFPREG(rd));
+                        break;
+#else
+                        goto nfpu_insn;
+#endif
                     case 0x84: /* V9 fxtos */
                         gen_op_load_fpr_DT1(DFPREG(rs2));
                         gen_op_fxtos();
@@ -1626,13 +1773,16 @@
                         gen_op_fxtod();
                         gen_op_store_DT0_fpr(DFPREG(rd));
                         break;
-                    case 0x3: /* V9 fmovq */
-                    case 0x7: /* V9 fnegq */
-                    case 0xb: /* V9 fabsq */
-                    case 0x83: /* V9 fqtox */
                     case 0x8c: /* V9 fxtoq */
+#if defined(CONFIG_USER_ONLY)
+                        gen_op_load_fpr_DT1(DFPREG(rs2));
+                        gen_op_fxtoq();
+                        gen_op_store_QT0_fpr(QFPREG(rd));
+                        break;
+#else
                         goto nfpu_insn;
 #endif
+#endif
                     default:
                         goto illegal_insn;
                 }
@@ -1660,17 +1810,30 @@
                     break;
                 } else if ((xop & 0x11f) == 0x006) { // V9 fmovdr
                     cond = GET_FIELD_SP(insn, 14, 17);
-                    gen_op_load_fpr_DT0(rd);
-                    gen_op_load_fpr_DT1(rs2);
+                    gen_op_load_fpr_DT0(DFPREG(rd));
+                    gen_op_load_fpr_DT1(DFPREG(rs2));
                     flush_T2(dc);
                     rs1 = GET_FIELD(insn, 13, 17);
                     gen_movl_reg_T0(rs1);
                     gen_cond_reg(cond);
                     gen_op_fmovs_cc();
-                    gen_op_store_DT0_fpr(rd);
+                    gen_op_store_DT0_fpr(DFPREG(rd));
                     break;
                 } else if ((xop & 0x11f) == 0x007) { // V9 fmovqr
+#if defined(CONFIG_USER_ONLY)
+                    cond = GET_FIELD_SP(insn, 14, 17);
+                    gen_op_load_fpr_QT0(QFPREG(rd));
+                    gen_op_load_fpr_QT1(QFPREG(rs2));
+                    flush_T2(dc);
+                    rs1 = GET_FIELD(insn, 13, 17);
+                    gen_movl_reg_T0(rs1);
+                    gen_cond_reg(cond);
+                    gen_op_fmovq_cc();
+                    gen_op_store_QT0_fpr(QFPREG(rd));
+                    break;
+#else
                     goto nfpu_insn;
+#endif
                 }
 #endif
                 switch (xop) {
@@ -1686,15 +1849,26 @@
                         break;
                     case 0x002: /* V9 fmovdcc %fcc0 */
                         cond = GET_FIELD_SP(insn, 14, 17);
-                        gen_op_load_fpr_DT0(rd);
-                        gen_op_load_fpr_DT1(rs2);
+                        gen_op_load_fpr_DT0(DFPREG(rd));
+                        gen_op_load_fpr_DT1(DFPREG(rs2));
                         flush_T2(dc);
                         gen_fcond[0][cond]();
                         gen_op_fmovd_cc();
-                        gen_op_store_DT0_fpr(rd);
+                        gen_op_store_DT0_fpr(DFPREG(rd));
                         break;
                     case 0x003: /* V9 fmovqcc %fcc0 */
+#if defined(CONFIG_USER_ONLY)
+                        cond = GET_FIELD_SP(insn, 14, 17);
+                        gen_op_load_fpr_QT0(QFPREG(rd));
+                        gen_op_load_fpr_QT1(QFPREG(rs2));
+                        flush_T2(dc);
+                        gen_fcond[0][cond]();
+                        gen_op_fmovq_cc();
+                        gen_op_store_QT0_fpr(QFPREG(rd));
+                        break;
+#else
                         goto nfpu_insn;
+#endif
                     case 0x041: /* V9 fmovscc %fcc1 */
                         cond = GET_FIELD_SP(insn, 14, 17);
                         gen_op_load_fpr_FT0(rd);
@@ -1706,15 +1880,26 @@
                         break;
                     case 0x042: /* V9 fmovdcc %fcc1 */
                         cond = GET_FIELD_SP(insn, 14, 17);
-                        gen_op_load_fpr_DT0(rd);
-                        gen_op_load_fpr_DT1(rs2);
+                        gen_op_load_fpr_DT0(DFPREG(rd));
+                        gen_op_load_fpr_DT1(DFPREG(rs2));
                         flush_T2(dc);
                         gen_fcond[1][cond]();
                         gen_op_fmovd_cc();
-                        gen_op_store_DT0_fpr(rd);
+                        gen_op_store_DT0_fpr(DFPREG(rd));
                         break;
                     case 0x043: /* V9 fmovqcc %fcc1 */
+#if defined(CONFIG_USER_ONLY)
+                        cond = GET_FIELD_SP(insn, 14, 17);
+                        gen_op_load_fpr_QT0(QFPREG(rd));
+                        gen_op_load_fpr_QT1(QFPREG(rs2));
+                        flush_T2(dc);
+                        gen_fcond[1][cond]();
+                        gen_op_fmovq_cc();
+                        gen_op_store_QT0_fpr(QFPREG(rd));
+                        break;
+#else
                         goto nfpu_insn;
+#endif
                     case 0x081: /* V9 fmovscc %fcc2 */
                         cond = GET_FIELD_SP(insn, 14, 17);
                         gen_op_load_fpr_FT0(rd);
@@ -1726,15 +1911,26 @@
                         break;
                     case 0x082: /* V9 fmovdcc %fcc2 */
                         cond = GET_FIELD_SP(insn, 14, 17);
-                        gen_op_load_fpr_DT0(rd);
-                        gen_op_load_fpr_DT1(rs2);
+                        gen_op_load_fpr_DT0(DFPREG(rd));
+                        gen_op_load_fpr_DT1(DFPREG(rs2));
                         flush_T2(dc);
                         gen_fcond[2][cond]();
                         gen_op_fmovd_cc();
-                        gen_op_store_DT0_fpr(rd);
+                        gen_op_store_DT0_fpr(DFPREG(rd));
                         break;
                     case 0x083: /* V9 fmovqcc %fcc2 */
+#if defined(CONFIG_USER_ONLY)
+                        cond = GET_FIELD_SP(insn, 14, 17);
+                        gen_op_load_fpr_QT0(rd);
+                        gen_op_load_fpr_QT1(rs2);
+                        flush_T2(dc);
+                        gen_fcond[2][cond]();
+                        gen_op_fmovq_cc();
+                        gen_op_store_QT0_fpr(rd);
+                        break;
+#else
                         goto nfpu_insn;
+#endif
                     case 0x0c1: /* V9 fmovscc %fcc3 */
                         cond = GET_FIELD_SP(insn, 14, 17);
                         gen_op_load_fpr_FT0(rd);
@@ -1746,15 +1942,26 @@
                         break;
                     case 0x0c2: /* V9 fmovdcc %fcc3 */
                         cond = GET_FIELD_SP(insn, 14, 17);
-                        gen_op_load_fpr_DT0(rd);
-                        gen_op_load_fpr_DT1(rs2);
+                        gen_op_load_fpr_DT0(DFPREG(rd));
+                        gen_op_load_fpr_DT1(DFPREG(rs2));
                         flush_T2(dc);
                         gen_fcond[3][cond]();
                         gen_op_fmovd_cc();
-                        gen_op_store_DT0_fpr(rd);
+                        gen_op_store_DT0_fpr(DFPREG(rd));
                         break;
                     case 0x0c3: /* V9 fmovqcc %fcc3 */
+#if defined(CONFIG_USER_ONLY)
+                        cond = GET_FIELD_SP(insn, 14, 17);
+                        gen_op_load_fpr_QT0(QFPREG(rd));
+                        gen_op_load_fpr_QT1(QFPREG(rs2));
+                        flush_T2(dc);
+                        gen_fcond[3][cond]();
+                        gen_op_fmovq_cc();
+                        gen_op_store_QT0_fpr(QFPREG(rd));
+                        break;
+#else
                         goto nfpu_insn;
+#endif
                     case 0x101: /* V9 fmovscc %icc */
                         cond = GET_FIELD_SP(insn, 14, 17);
                         gen_op_load_fpr_FT0(rd);
@@ -1766,15 +1973,26 @@
                         break;
                     case 0x102: /* V9 fmovdcc %icc */
                         cond = GET_FIELD_SP(insn, 14, 17);
-                        gen_op_load_fpr_DT0(rd);
-                        gen_op_load_fpr_DT1(rs2);
+                        gen_op_load_fpr_DT0(DFPREG(rd));
+                        gen_op_load_fpr_DT1(DFPREG(rs2));
                         flush_T2(dc);
                         gen_cond[0][cond]();
                         gen_op_fmovd_cc();
-                        gen_op_store_DT0_fpr(rd);
+                        gen_op_store_DT0_fpr(DFPREG(rd));
                         break;
                     case 0x103: /* V9 fmovqcc %icc */
+#if defined(CONFIG_USER_ONLY)
+                        cond = GET_FIELD_SP(insn, 14, 17);
+                        gen_op_load_fpr_QT0(rd);
+                        gen_op_load_fpr_QT1(rs2);
+                        flush_T2(dc);
+                        gen_cond[0][cond]();
+                        gen_op_fmovq_cc();
+                        gen_op_store_QT0_fpr(rd);
+                        break;
+#else
                         goto nfpu_insn;
+#endif
                     case 0x181: /* V9 fmovscc %xcc */
                         cond = GET_FIELD_SP(insn, 14, 17);
                         gen_op_load_fpr_FT0(rd);
@@ -1786,17 +2004,28 @@
                         break;
                     case 0x182: /* V9 fmovdcc %xcc */
                         cond = GET_FIELD_SP(insn, 14, 17);
-                        gen_op_load_fpr_DT0(rd);
-                        gen_op_load_fpr_DT1(rs2);
+                        gen_op_load_fpr_DT0(DFPREG(rd));
+                        gen_op_load_fpr_DT1(DFPREG(rs2));
                         flush_T2(dc);
                         gen_cond[1][cond]();
                         gen_op_fmovd_cc();
-                        gen_op_store_DT0_fpr(rd);
+                        gen_op_store_DT0_fpr(DFPREG(rd));
                         break;
                     case 0x183: /* V9 fmovqcc %xcc */
+#if defined(CONFIG_USER_ONLY)
+                        cond = GET_FIELD_SP(insn, 14, 17);
+                        gen_op_load_fpr_QT0(rd);
+                        gen_op_load_fpr_QT1(rs2);
+                        flush_T2(dc);
+                        gen_cond[1][cond]();
+                        gen_op_fmovq_cc();
+                        gen_op_store_QT0_fpr(rd);
+                        break;
+#else
                         goto nfpu_insn;
 #endif
-                    case 0x51: /* V9 %fcc */
+#endif
+                    case 0x51: /* fcmps, V9 %fcc */
                         gen_op_load_fpr_FT0(rs1);
                         gen_op_load_fpr_FT1(rs2);
 #ifdef TARGET_SPARC64
@@ -1805,7 +2034,7 @@
                         gen_op_fcmps();
 #endif
                         break;
-                    case 0x52: /* V9 %fcc */
+                    case 0x52: /* fcmpd, V9 %fcc */
                         gen_op_load_fpr_DT0(DFPREG(rs1));
                         gen_op_load_fpr_DT1(DFPREG(rs2));
 #ifdef TARGET_SPARC64
@@ -1814,8 +2043,19 @@
                         gen_op_fcmpd();
 #endif
                         break;
-                    case 0x53: /* fcmpq */
+                    case 0x53: /* fcmpq, V9 %fcc */
+#if defined(CONFIG_USER_ONLY)
+                        gen_op_load_fpr_QT0(QFPREG(rs1));
+                        gen_op_load_fpr_QT1(QFPREG(rs2));
+#ifdef TARGET_SPARC64
+                        gen_fcmpq[rd & 3]();
+#else
+                        gen_op_fcmpq();
+#endif
+                        break;
+#else /* !defined(CONFIG_USER_ONLY) */
                         goto nfpu_insn;
+#endif
                     case 0x55: /* fcmpes, V9 %fcc */
                         gen_op_load_fpr_FT0(rs1);
                         gen_op_load_fpr_FT1(rs2);
@@ -1834,8 +2074,19 @@
                         gen_op_fcmped();
 #endif
                         break;
-                    case 0x57: /* fcmpeq */
+                    case 0x57: /* fcmpeq, V9 %fcc */
+#if defined(CONFIG_USER_ONLY)
+                        gen_op_load_fpr_QT0(QFPREG(rs1));
+                        gen_op_load_fpr_QT1(QFPREG(rs2));
+#ifdef TARGET_SPARC64
+                        gen_fcmpeq[rd & 3]();
+#else
+                        gen_op_fcmpeq();
+#endif
+                        break;
+#else/* !defined(CONFIG_USER_ONLY) */
                         goto nfpu_insn;
+#endif
                     default:
                         goto illegal_insn;
                 }
@@ -2415,94 +2666,94 @@
                     // XXX
                     goto illegal_insn;
                 case 0x020: /* VIS I fcmple16 */
-                    gen_op_load_fpr_DT0(rs1);
-                    gen_op_load_fpr_DT1(rs2);
+                    gen_op_load_fpr_DT0(DFPREG(rs1));
+                    gen_op_load_fpr_DT1(DFPREG(rs2));
                     gen_op_fcmple16();
-                    gen_op_store_DT0_fpr(rd);
+                    gen_op_store_DT0_fpr(DFPREG(rd));
                     break;
                 case 0x022: /* VIS I fcmpne16 */
-                    gen_op_load_fpr_DT0(rs1);
-                    gen_op_load_fpr_DT1(rs2);
+                    gen_op_load_fpr_DT0(DFPREG(rs1));
+                    gen_op_load_fpr_DT1(DFPREG(rs2));
                     gen_op_fcmpne16();
-                    gen_op_store_DT0_fpr(rd);
+                    gen_op_store_DT0_fpr(DFPREG(rd));
                     break;
                 case 0x024: /* VIS I fcmple32 */
-                    gen_op_load_fpr_DT0(rs1);
-                    gen_op_load_fpr_DT1(rs2);
+                    gen_op_load_fpr_DT0(DFPREG(rs1));
+                    gen_op_load_fpr_DT1(DFPREG(rs2));
                     gen_op_fcmple32();
-                    gen_op_store_DT0_fpr(rd);
+                    gen_op_store_DT0_fpr(DFPREG(rd));
                     break;
                 case 0x026: /* VIS I fcmpne32 */
-                    gen_op_load_fpr_DT0(rs1);
-                    gen_op_load_fpr_DT1(rs2);
+                    gen_op_load_fpr_DT0(DFPREG(rs1));
+                    gen_op_load_fpr_DT1(DFPREG(rs2));
                     gen_op_fcmpne32();
-                    gen_op_store_DT0_fpr(rd);
+                    gen_op_store_DT0_fpr(DFPREG(rd));
                     break;
                 case 0x028: /* VIS I fcmpgt16 */
-                    gen_op_load_fpr_DT0(rs1);
-                    gen_op_load_fpr_DT1(rs2);
+                    gen_op_load_fpr_DT0(DFPREG(rs1));
+                    gen_op_load_fpr_DT1(DFPREG(rs2));
                     gen_op_fcmpgt16();
-                    gen_op_store_DT0_fpr(rd);
+                    gen_op_store_DT0_fpr(DFPREG(rd));
                     break;
                 case 0x02a: /* VIS I fcmpeq16 */
-                    gen_op_load_fpr_DT0(rs1);
-                    gen_op_load_fpr_DT1(rs2);
+                    gen_op_load_fpr_DT0(DFPREG(rs1));
+                    gen_op_load_fpr_DT1(DFPREG(rs2));
                     gen_op_fcmpeq16();
-                    gen_op_store_DT0_fpr(rd);
+                    gen_op_store_DT0_fpr(DFPREG(rd));
                     break;
                 case 0x02c: /* VIS I fcmpgt32 */
-                    gen_op_load_fpr_DT0(rs1);
-                    gen_op_load_fpr_DT1(rs2);
+                    gen_op_load_fpr_DT0(DFPREG(rs1));
+                    gen_op_load_fpr_DT1(DFPREG(rs2));
                     gen_op_fcmpgt32();
-                    gen_op_store_DT0_fpr(rd);
+                    gen_op_store_DT0_fpr(DFPREG(rd));
                     break;
                 case 0x02e: /* VIS I fcmpeq32 */
-                    gen_op_load_fpr_DT0(rs1);
-                    gen_op_load_fpr_DT1(rs2);
+                    gen_op_load_fpr_DT0(DFPREG(rs1));
+                    gen_op_load_fpr_DT1(DFPREG(rs2));
                     gen_op_fcmpeq32();
-                    gen_op_store_DT0_fpr(rd);
+                    gen_op_store_DT0_fpr(DFPREG(rd));
                     break;
                 case 0x031: /* VIS I fmul8x16 */
-                    gen_op_load_fpr_DT0(rs1);
-                    gen_op_load_fpr_DT1(rs2);
+                    gen_op_load_fpr_DT0(DFPREG(rs1));
+                    gen_op_load_fpr_DT1(DFPREG(rs2));
                     gen_op_fmul8x16();
-                    gen_op_store_DT0_fpr(rd);
+                    gen_op_store_DT0_fpr(DFPREG(rd));
                     break;
                 case 0x033: /* VIS I fmul8x16au */
-                    gen_op_load_fpr_DT0(rs1);
-                    gen_op_load_fpr_DT1(rs2);
+                    gen_op_load_fpr_DT0(DFPREG(rs1));
+                    gen_op_load_fpr_DT1(DFPREG(rs2));
                     gen_op_fmul8x16au();
-                    gen_op_store_DT0_fpr(rd);
+                    gen_op_store_DT0_fpr(DFPREG(rd));
                     break;
                 case 0x035: /* VIS I fmul8x16al */
-                    gen_op_load_fpr_DT0(rs1);
-                    gen_op_load_fpr_DT1(rs2);
+                    gen_op_load_fpr_DT0(DFPREG(rs1));
+                    gen_op_load_fpr_DT1(DFPREG(rs2));
                     gen_op_fmul8x16al();
-                    gen_op_store_DT0_fpr(rd);
+                    gen_op_store_DT0_fpr(DFPREG(rd));
                     break;
                 case 0x036: /* VIS I fmul8sux16 */
-                    gen_op_load_fpr_DT0(rs1);
-                    gen_op_load_fpr_DT1(rs2);
+                    gen_op_load_fpr_DT0(DFPREG(rs1));
+                    gen_op_load_fpr_DT1(DFPREG(rs2));
                     gen_op_fmul8sux16();
-                    gen_op_store_DT0_fpr(rd);
+                    gen_op_store_DT0_fpr(DFPREG(rd));
                     break;
                 case 0x037: /* VIS I fmul8ulx16 */
-                    gen_op_load_fpr_DT0(rs1);
-                    gen_op_load_fpr_DT1(rs2);
+                    gen_op_load_fpr_DT0(DFPREG(rs1));
+                    gen_op_load_fpr_DT1(DFPREG(rs2));
                     gen_op_fmul8ulx16();
-                    gen_op_store_DT0_fpr(rd);
+                    gen_op_store_DT0_fpr(DFPREG(rd));
                     break;
                 case 0x038: /* VIS I fmuld8sux16 */
-                    gen_op_load_fpr_DT0(rs1);
-                    gen_op_load_fpr_DT1(rs2);
+                    gen_op_load_fpr_DT0(DFPREG(rs1));
+                    gen_op_load_fpr_DT1(DFPREG(rs2));
                     gen_op_fmuld8sux16();
-                    gen_op_store_DT0_fpr(rd);
+                    gen_op_store_DT0_fpr(DFPREG(rd));
                     break;
                 case 0x039: /* VIS I fmuld8ulx16 */
-                    gen_op_load_fpr_DT0(rs1);
-                    gen_op_load_fpr_DT1(rs2);
+                    gen_op_load_fpr_DT0(DFPREG(rs1));
+                    gen_op_load_fpr_DT1(DFPREG(rs2));
                     gen_op_fmuld8ulx16();
-                    gen_op_store_DT0_fpr(rd);
+                    gen_op_store_DT0_fpr(DFPREG(rd));
                     break;
                 case 0x03a: /* VIS I fpack32 */
                 case 0x03b: /* VIS I fpack16 */
@@ -2511,31 +2762,31 @@
                     // XXX
                     goto illegal_insn;
                 case 0x048: /* VIS I faligndata */
-                    gen_op_load_fpr_DT0(rs1);
-                    gen_op_load_fpr_DT1(rs2);
+                    gen_op_load_fpr_DT0(DFPREG(rs1));
+                    gen_op_load_fpr_DT1(DFPREG(rs2));
                     gen_op_faligndata();
-                    gen_op_store_DT0_fpr(rd);
+                    gen_op_store_DT0_fpr(DFPREG(rd));
                     break;
                 case 0x04b: /* VIS I fpmerge */
-                    gen_op_load_fpr_DT0(rs1);
-                    gen_op_load_fpr_DT1(rs2);
+                    gen_op_load_fpr_DT0(DFPREG(rs1));
+                    gen_op_load_fpr_DT1(DFPREG(rs2));
                     gen_op_fpmerge();
-                    gen_op_store_DT0_fpr(rd);
+                    gen_op_store_DT0_fpr(DFPREG(rd));
                     break;
                 case 0x04c: /* VIS II bshuffle */
                     // XXX
                     goto illegal_insn;
                 case 0x04d: /* VIS I fexpand */
-                    gen_op_load_fpr_DT0(rs1);
-                    gen_op_load_fpr_DT1(rs2);
+                    gen_op_load_fpr_DT0(DFPREG(rs1));
+                    gen_op_load_fpr_DT1(DFPREG(rs2));
                     gen_op_fexpand();
-                    gen_op_store_DT0_fpr(rd);
+                    gen_op_store_DT0_fpr(DFPREG(rd));
                     break;
                 case 0x050: /* VIS I fpadd16 */
-                    gen_op_load_fpr_DT0(rs1);
-                    gen_op_load_fpr_DT1(rs2);
+                    gen_op_load_fpr_DT0(DFPREG(rs1));
+                    gen_op_load_fpr_DT1(DFPREG(rs2));
                     gen_op_fpadd16();
-                    gen_op_store_DT0_fpr(rd);
+                    gen_op_store_DT0_fpr(DFPREG(rd));
                     break;
                 case 0x051: /* VIS I fpadd16s */
                     gen_op_load_fpr_FT0(rs1);
@@ -2544,10 +2795,10 @@
                     gen_op_store_FT0_fpr(rd);
                     break;
                 case 0x052: /* VIS I fpadd32 */
-                    gen_op_load_fpr_DT0(rs1);
-                    gen_op_load_fpr_DT1(rs2);
+                    gen_op_load_fpr_DT0(DFPREG(rs1));
+                    gen_op_load_fpr_DT1(DFPREG(rs2));
                     gen_op_fpadd32();
-                    gen_op_store_DT0_fpr(rd);
+                    gen_op_store_DT0_fpr(DFPREG(rd));
                     break;
                 case 0x053: /* VIS I fpadd32s */
                     gen_op_load_fpr_FT0(rs1);
@@ -2556,10 +2807,10 @@
                     gen_op_store_FT0_fpr(rd);
                     break;
                 case 0x054: /* VIS I fpsub16 */
-                    gen_op_load_fpr_DT0(rs1);
-                    gen_op_load_fpr_DT1(rs2);
+                    gen_op_load_fpr_DT0(DFPREG(rs1));
+                    gen_op_load_fpr_DT1(DFPREG(rs2));
                     gen_op_fpsub16();
-                    gen_op_store_DT0_fpr(rd);
+                    gen_op_store_DT0_fpr(DFPREG(rd));
                     break;
                 case 0x055: /* VIS I fpsub16s */
                     gen_op_load_fpr_FT0(rs1);
@@ -2568,10 +2819,10 @@
                     gen_op_store_FT0_fpr(rd);
                     break;
                 case 0x056: /* VIS I fpsub32 */
-                    gen_op_load_fpr_DT0(rs1);
-                    gen_op_load_fpr_DT1(rs2);
+                    gen_op_load_fpr_DT0(DFPREG(rs1));
+                    gen_op_load_fpr_DT1(DFPREG(rs2));
                     gen_op_fpadd32();
-                    gen_op_store_DT0_fpr(rd);
+                    gen_op_store_DT0_fpr(DFPREG(rd));
                     break;
                 case 0x057: /* VIS I fpsub32s */
                     gen_op_load_fpr_FT0(rs1);
@@ -2581,17 +2832,17 @@
                     break;
                 case 0x060: /* VIS I fzero */
                     gen_op_movl_DT0_0();
-                    gen_op_store_DT0_fpr(rd);
+                    gen_op_store_DT0_fpr(DFPREG(rd));
                     break;
                 case 0x061: /* VIS I fzeros */
                     gen_op_movl_FT0_0();
                     gen_op_store_FT0_fpr(rd);
                     break;
                 case 0x062: /* VIS I fnor */
-                    gen_op_load_fpr_DT0(rs1);
-                    gen_op_load_fpr_DT1(rs2);
+                    gen_op_load_fpr_DT0(DFPREG(rs1));
+                    gen_op_load_fpr_DT1(DFPREG(rs2));
                     gen_op_fnor();
-                    gen_op_store_DT0_fpr(rd);
+                    gen_op_store_DT0_fpr(DFPREG(rd));
                     break;
                 case 0x063: /* VIS I fnors */
                     gen_op_load_fpr_FT0(rs1);
@@ -2600,10 +2851,10 @@
                     gen_op_store_FT0_fpr(rd);
                     break;
                 case 0x064: /* VIS I fandnot2 */
-                    gen_op_load_fpr_DT1(rs1);
-                    gen_op_load_fpr_DT0(rs2);
+                    gen_op_load_fpr_DT1(DFPREG(rs1));
+                    gen_op_load_fpr_DT0(DFPREG(rs2));
                     gen_op_fandnot();
-                    gen_op_store_DT0_fpr(rd);
+                    gen_op_store_DT0_fpr(DFPREG(rd));
                     break;
                 case 0x065: /* VIS I fandnot2s */
                     gen_op_load_fpr_FT1(rs1);
@@ -2612,9 +2863,9 @@
                     gen_op_store_FT0_fpr(rd);
                     break;
                 case 0x066: /* VIS I fnot2 */
-                    gen_op_load_fpr_DT1(rs2);
+                    gen_op_load_fpr_DT1(DFPREG(rs2));
                     gen_op_fnot();
-                    gen_op_store_DT0_fpr(rd);
+                    gen_op_store_DT0_fpr(DFPREG(rd));
                     break;
                 case 0x067: /* VIS I fnot2s */
                     gen_op_load_fpr_FT1(rs2);
@@ -2622,10 +2873,10 @@
                     gen_op_store_FT0_fpr(rd);
                     break;
                 case 0x068: /* VIS I fandnot1 */
-                    gen_op_load_fpr_DT0(rs1);
-                    gen_op_load_fpr_DT1(rs2);
+                    gen_op_load_fpr_DT0(DFPREG(rs1));
+                    gen_op_load_fpr_DT1(DFPREG(rs2));
                     gen_op_fandnot();
-                    gen_op_store_DT0_fpr(rd);
+                    gen_op_store_DT0_fpr(DFPREG(rd));
                     break;
                 case 0x069: /* VIS I fandnot1s */
                     gen_op_load_fpr_FT0(rs1);
@@ -2634,9 +2885,9 @@
                     gen_op_store_FT0_fpr(rd);
                     break;
                 case 0x06a: /* VIS I fnot1 */
-                    gen_op_load_fpr_DT1(rs1);
+                    gen_op_load_fpr_DT1(DFPREG(rs1));
                     gen_op_fnot();
-                    gen_op_store_DT0_fpr(rd);
+                    gen_op_store_DT0_fpr(DFPREG(rd));
                     break;
                 case 0x06b: /* VIS I fnot1s */
                     gen_op_load_fpr_FT1(rs1);
@@ -2644,10 +2895,10 @@
                     gen_op_store_FT0_fpr(rd);
                     break;
                 case 0x06c: /* VIS I fxor */
-                    gen_op_load_fpr_DT0(rs1);
-                    gen_op_load_fpr_DT1(rs2);
+                    gen_op_load_fpr_DT0(DFPREG(rs1));
+                    gen_op_load_fpr_DT1(DFPREG(rs2));
                     gen_op_fxor();
-                    gen_op_store_DT0_fpr(rd);
+                    gen_op_store_DT0_fpr(DFPREG(rd));
                     break;
                 case 0x06d: /* VIS I fxors */
                     gen_op_load_fpr_FT0(rs1);
@@ -2656,10 +2907,10 @@
                     gen_op_store_FT0_fpr(rd);
                     break;
                 case 0x06e: /* VIS I fnand */
-                    gen_op_load_fpr_DT0(rs1);
-                    gen_op_load_fpr_DT1(rs2);
+                    gen_op_load_fpr_DT0(DFPREG(rs1));
+                    gen_op_load_fpr_DT1(DFPREG(rs2));
                     gen_op_fnand();
-                    gen_op_store_DT0_fpr(rd);
+                    gen_op_store_DT0_fpr(DFPREG(rd));
                     break;
                 case 0x06f: /* VIS I fnands */
                     gen_op_load_fpr_FT0(rs1);
@@ -2668,10 +2919,10 @@
                     gen_op_store_FT0_fpr(rd);
                     break;
                 case 0x070: /* VIS I fand */
-                    gen_op_load_fpr_DT0(rs1);
-                    gen_op_load_fpr_DT1(rs2);
+                    gen_op_load_fpr_DT0(DFPREG(rs1));
+                    gen_op_load_fpr_DT1(DFPREG(rs2));
                     gen_op_fand();
-                    gen_op_store_DT0_fpr(rd);
+                    gen_op_store_DT0_fpr(DFPREG(rd));
                     break;
                 case 0x071: /* VIS I fands */
                     gen_op_load_fpr_FT0(rs1);
@@ -2680,10 +2931,10 @@
                     gen_op_store_FT0_fpr(rd);
                     break;
                 case 0x072: /* VIS I fxnor */
-                    gen_op_load_fpr_DT0(rs1);
-                    gen_op_load_fpr_DT1(rs2);
+                    gen_op_load_fpr_DT0(DFPREG(rs1));
+                    gen_op_load_fpr_DT1(DFPREG(rs2));
                     gen_op_fxnor();
-                    gen_op_store_DT0_fpr(rd);
+                    gen_op_store_DT0_fpr(DFPREG(rd));
                     break;
                 case 0x073: /* VIS I fxnors */
                     gen_op_load_fpr_FT0(rs1);
@@ -2692,18 +2943,18 @@
                     gen_op_store_FT0_fpr(rd);
                     break;
                 case 0x074: /* VIS I fsrc1 */
-                    gen_op_load_fpr_DT0(rs1);
-                    gen_op_store_DT0_fpr(rd);
+                    gen_op_load_fpr_DT0(DFPREG(rs1));
+                    gen_op_store_DT0_fpr(DFPREG(rd));
                     break;
                 case 0x075: /* VIS I fsrc1s */
                     gen_op_load_fpr_FT0(rs1);
                     gen_op_store_FT0_fpr(rd);
                     break;
                 case 0x076: /* VIS I fornot2 */
-                    gen_op_load_fpr_DT1(rs1);
-                    gen_op_load_fpr_DT0(rs2);
+                    gen_op_load_fpr_DT1(DFPREG(rs1));
+                    gen_op_load_fpr_DT0(DFPREG(rs2));
                     gen_op_fornot();
-                    gen_op_store_DT0_fpr(rd);
+                    gen_op_store_DT0_fpr(DFPREG(rd));
                     break;
                 case 0x077: /* VIS I fornot2s */
                     gen_op_load_fpr_FT1(rs1);
@@ -2712,18 +2963,18 @@
                     gen_op_store_FT0_fpr(rd);
                     break;
                 case 0x078: /* VIS I fsrc2 */
-                    gen_op_load_fpr_DT0(rs2);
-                    gen_op_store_DT0_fpr(rd);
+                    gen_op_load_fpr_DT0(DFPREG(rs2));
+                    gen_op_store_DT0_fpr(DFPREG(rd));
                     break;
                 case 0x079: /* VIS I fsrc2s */
                     gen_op_load_fpr_FT0(rs2);
                     gen_op_store_FT0_fpr(rd);
                     break;
                 case 0x07a: /* VIS I fornot1 */
-                    gen_op_load_fpr_DT0(rs1);
-                    gen_op_load_fpr_DT1(rs2);
+                    gen_op_load_fpr_DT0(DFPREG(rs1));
+                    gen_op_load_fpr_DT1(DFPREG(rs2));
                     gen_op_fornot();
-                    gen_op_store_DT0_fpr(rd);
+                    gen_op_store_DT0_fpr(DFPREG(rd));
                     break;
                 case 0x07b: /* VIS I fornot1s */
                     gen_op_load_fpr_FT0(rs1);
@@ -2732,10 +2983,10 @@
                     gen_op_store_FT0_fpr(rd);
                     break;
                 case 0x07c: /* VIS I for */
-                    gen_op_load_fpr_DT0(rs1);
-                    gen_op_load_fpr_DT1(rs2);
+                    gen_op_load_fpr_DT0(DFPREG(rs1));
+                    gen_op_load_fpr_DT1(DFPREG(rs2));
                     gen_op_for();
-                    gen_op_store_DT0_fpr(rd);
+                    gen_op_store_DT0_fpr(DFPREG(rd));
                     break;
                 case 0x07d: /* VIS I fors */
                     gen_op_load_fpr_FT0(rs1);
@@ -2745,7 +2996,7 @@
                     break;
                 case 0x07e: /* VIS I fone */
                     gen_op_movl_DT0_1();
-                    gen_op_store_DT0_fpr(rd);
+                    gen_op_store_DT0_fpr(DFPREG(rd));
                     break;
                 case 0x07f: /* VIS I fones */
                     gen_op_movl_FT0_1();
@@ -3086,17 +3337,23 @@
                     goto skip_move;
                 case 0x30: /* V9 ldfa */
                     gen_op_check_align_T0_3();
-                    gen_ldf_asi(insn, 4);
+                    gen_ldf_asi(insn, 4, rd);
                     goto skip_move;
                 case 0x33: /* V9 lddfa */
                     gen_op_check_align_T0_3();
-                    gen_ldf_asi(insn, 8);
+                    gen_ldf_asi(insn, 8, DFPREG(rd));
                     goto skip_move;
                 case 0x3d: /* V9 prefetcha, no effect */
                     goto skip_move;
                 case 0x32: /* V9 ldqfa */
+#if defined(CONFIG_USER_ONLY)
+                    gen_op_check_align_T0_3();
+                    gen_ldf_asi(insn, 16, QFPREG(rd));
+                    goto skip_move;
+#else
                     goto nfpu_insn;
 #endif
+#endif
                 default:
                     goto illegal_insn;
                 }
@@ -3119,7 +3376,14 @@
                     gen_op_ldfsr();
                     break;
                 case 0x22:      /* load quad fpreg */
+#if defined(CONFIG_USER_ONLY)
+                    gen_op_check_align_T0_7();
+                    gen_op_ldst(ldqf);
+                    gen_op_store_QT0_fpr(QFPREG(rd));
+                    break;
+#else
                     goto nfpu_insn;
+#endif
                 case 0x23:      /* load double fpreg */
                     gen_op_check_align_T0_7();
                     gen_op_ldst(lddf);
@@ -3225,14 +3489,29 @@
                     gen_op_stfsr();
                     gen_op_ldst(stf);
                     break;
-#if !defined(CONFIG_USER_ONLY)
-                case 0x26: /* stdfq */
+                case 0x26:
+#ifdef TARGET_SPARC64
+#if defined(CONFIG_USER_ONLY)
+                    /* V9 stqf, store quad fpreg */
+                    gen_op_check_align_T0_7();
+                    gen_op_load_fpr_QT0(QFPREG(rd));
+                    gen_op_ldst(stqf);
+                    break;
+#else
+                    goto nfpu_insn;
+#endif
+#else /* !TARGET_SPARC64 */
+                    /* stdfq, store floating point queue */
+#if defined(CONFIG_USER_ONLY)
+                    goto illegal_insn;
+#else
                     if (!supervisor(dc))
                         goto priv_insn;
                     if (gen_trap_ifnofpu(dc))
                         goto jmp_insn;
                     goto nfq_insn;
 #endif
+#endif
                 case 0x27:
                     gen_op_check_align_T0_7();
                     gen_op_load_fpr_DT0(DFPREG(rd));
@@ -3247,12 +3526,21 @@
                 case 0x34: /* V9 stfa */
                     gen_op_check_align_T0_3();
                     gen_op_load_fpr_FT0(rd);
-                    gen_stf_asi(insn, 4);
+                    gen_stf_asi(insn, 4, rd);
                     break;
+                case 0x36: /* V9 stqfa */
+#if defined(CONFIG_USER_ONLY)
+                    gen_op_check_align_T0_7();
+                    gen_op_load_fpr_QT0(QFPREG(rd));
+                    gen_stf_asi(insn, 16, QFPREG(rd));
+                    break;
+#else
+                    goto nfpu_insn;
+#endif
                 case 0x37: /* V9 stdfa */
                     gen_op_check_align_T0_3();
                     gen_op_load_fpr_DT0(DFPREG(rd));
-                    gen_stf_asi(insn, 8);
+                    gen_stf_asi(insn, 8, DFPREG(rd));
                     break;
                 case 0x3c: /* V9 casa */
                     gen_op_check_align_T0_3();
@@ -3268,8 +3556,6 @@
                     gen_casx_asi(insn);
                     gen_movl_T1_reg(rd);
                     break;
-                case 0x36: /* V9 stqfa */
-                    goto nfpu_insn;
 #else
                 case 0x34: /* stc */
                 case 0x35: /* stcsr */
@@ -3311,19 +3597,19 @@
     gen_op_exception(TT_PRIV_INSN);
     dc->is_br = 1;
     return;
-#endif
  nfpu_insn:
     save_state(dc);
     gen_op_fpexception_im(FSR_FTT_UNIMPFPOP);
     dc->is_br = 1;
     return;
-#if !defined(CONFIG_USER_ONLY)
+#ifndef TARGET_SPARC64
  nfq_insn:
     save_state(dc);
     gen_op_fpexception_im(FSR_FTT_SEQ_ERROR);
     dc->is_br = 1;
     return;
 #endif
+#endif
 #ifndef TARGET_SPARC64
  ncp_insn:
     save_state(dc);

Modified: trunk/src/host/qemu-neo1973/vl.c
===================================================================
--- trunk/src/host/qemu-neo1973/vl.c	2007-11-26 19:46:49 UTC (rev 3516)
+++ trunk/src/host/qemu-neo1973/vl.c	2007-11-26 22:42:26 UTC (rev 3517)
@@ -160,7 +160,6 @@
 
 const char *bios_dir = CONFIG_QEMU_SHAREDIR;
 const char *bios_name = NULL;
-char phys_ram_file[1024];
 void *ioport_opaque[MAX_IOPORTS];
 IOPortReadFunc *ioport_read_table[3][MAX_IOPORTS];
 IOPortWriteFunc *ioport_write_table[3][MAX_IOPORTS];
@@ -236,6 +235,10 @@
 struct bt_piconet_s *local_piconet;
 struct modem_ops_s modem_ops;
 
+static CPUState *cur_cpu;
+static CPUState *next_cpu;
+static int event_pending;
+
 #define TFR(expr) do { if ((expr) != -1) break; } while (errno == EINTR)
 
 /***********************************************************/
@@ -1183,15 +1186,16 @@
         struct qemu_alarm_win32 *data = ((struct qemu_alarm_timer*)dwUser)->priv;
         SetEvent(data->host_alarm);
 #endif
-        CPUState *env = cpu_single_env;
+        CPUState *env = next_cpu;
 
         /* stop the currently executing cpu because a timer occured */
         cpu_interrupt(env, CPU_INTERRUPT_EXIT);
 #ifdef USE_KQEMU
-        if (env && env->kqemu_enabled) {
+        if (env->kqemu_enabled) {
             kqemu_cpu_interrupt(env);
         }
 #endif
+        event_pending = 1;
     }
 }
 
@@ -1596,6 +1600,11 @@
     s->chr_read(s->handler_opaque, buf, len);
 }
 
+void qemu_chr_accept_input(CharDriverState *s)
+{
+    if (s->chr_accept_input)
+        s->chr_accept_input(s);
+}
 
 void qemu_chr_printf(CharDriverState *s, const char *fmt, ...)
 {
@@ -1647,12 +1656,17 @@
 static int term_timestamps;
 static int64_t term_timestamps_start;
 #define MAX_MUX 4
+#define MUX_BUFFER_SIZE 32	/* Must be a power of 2.  */
+#define MUX_BUFFER_MASK (MUX_BUFFER_SIZE - 1)
 typedef struct {
     IOCanRWHandler *chr_can_read[MAX_MUX];
     IOReadHandler *chr_read[MAX_MUX];
     IOEventHandler *chr_event[MAX_MUX];
     void *ext_opaque[MAX_MUX];
     CharDriverState *drv;
+    unsigned char buffer[MUX_BUFFER_SIZE];
+    int prod;
+    int cons;
     int mux_cnt;
     int term_got_escape;
     int max_size;
@@ -1781,12 +1795,28 @@
     return 0;
 }
 
+static void mux_chr_accept_input(CharDriverState *chr)
+{
+    int m = chr->focus;
+    MuxDriver *d = chr->opaque;
+
+    while (d->prod != d->cons &&
+           d->chr_can_read[m] &&
+           d->chr_can_read[m](d->ext_opaque[m])) {
+        d->chr_read[m](d->ext_opaque[m],
+                       &d->buffer[d->cons++ & MUX_BUFFER_MASK], 1);
+    }
+}
+
 static int mux_chr_can_read(void *opaque)
 {
     CharDriverState *chr = opaque;
     MuxDriver *d = chr->opaque;
+
+    if ((d->prod - d->cons) < MUX_BUFFER_SIZE)
+        return 1;
     if (d->chr_can_read[chr->focus])
-       return d->chr_can_read[chr->focus](d->ext_opaque[chr->focus]);
+        return d->chr_can_read[chr->focus](d->ext_opaque[chr->focus]);
     return 0;
 }
 
@@ -1794,10 +1824,20 @@
 {
     CharDriverState *chr = opaque;
     MuxDriver *d = chr->opaque;
+    int m = chr->focus;
     int i;
+
+    mux_chr_accept_input (opaque);
+
     for(i = 0; i < size; i++)
-        if (mux_proc_byte(chr, d, buf[i]))
-            d->chr_read[chr->focus](d->ext_opaque[chr->focus], &buf[i], 1);
+        if (mux_proc_byte(chr, d, buf[i])) {
+            if (d->prod == d->cons &&
+                d->chr_can_read[m] &&
+                d->chr_can_read[m](d->ext_opaque[m]))
+                d->chr_read[m](d->ext_opaque[m], &buf[i], 1);
+            else
+                d->buffer[d->prod++ & MUX_BUFFER_MASK] = buf[i];
+        }
 }
 
 static void mux_chr_event(void *opaque, int event)
@@ -1852,6 +1892,7 @@
     chr->focus = -1;
     chr->chr_write = mux_chr_write;
     chr->chr_update_read_handler = mux_chr_update_read_handler;
+    chr->chr_accept_input = mux_chr_accept_input;
     return chr;
 }
 
@@ -7167,8 +7208,6 @@
 
 }
 
-static CPUState *cur_cpu;
-
 static int main_loop(void)
 {
     int ret, timeout;
@@ -7178,15 +7217,13 @@
     CPUState *env;
 
     cur_cpu = first_cpu;
+    next_cpu = cur_cpu->next_cpu ?: first_cpu;
     for(;;) {
         if (vm_running) {
 
-            env = cur_cpu;
             for(;;) {
                 /* get next cpu */
-                env = env->next_cpu;
-                if (!env)
-                    env = first_cpu;
+                env = next_cpu;
 #ifdef CONFIG_PROFILER
                 ti = profile_getclock();
 #endif
@@ -7194,6 +7231,12 @@
 #ifdef CONFIG_PROFILER
                 qemu_time += profile_getclock() - ti;
 #endif
+                next_cpu = env->next_cpu ?: first_cpu;
+                if (event_pending) {
+                    ret = EXCP_INTERRUPT;
+                    event_pending = 0;
+                    break;
+                }
                 if (ret == EXCP_HLT) {
                     /* Give the next CPU a chance to run.  */
                     cur_cpu = env;
@@ -7671,6 +7714,8 @@
     qemu_register_machine(&lm3s811evb_machine);
     qemu_register_machine(&lm3s6965evb_machine);
     qemu_register_machine(&connex_machine);
+    qemu_register_machine(&verdex_machine);
+    qemu_register_machine(&mainstone2_machine);
 #elif defined(TARGET_SH4)
     qemu_register_machine(&shix_machine);
     qemu_register_machine(&r2d_machine);





More information about the commitlog mailing list