Archipelago » qemu

/*

 * QEMU System Emulator

 *

 * Copyright (c) 2003-2008 Fabrice Bellard

 *

 * Permission is hereby granted, free of charge, to any person obtaining a copy

 * of this software and associated documentation files (the "Software"), to deal

 * in the Software without restriction, including without limitation the rights

 * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell

 * copies of the Software, and to permit persons to whom the Software is

 * furnished to do so, subject to the following conditions:

 *

 * The above copyright notice and this permission notice shall be included in

 * all copies or substantial portions of the Software.

 *

 * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR

 * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,

 * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL

 * THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER

 * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,

 * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN

 * THE SOFTWARE.

 */

#include <unistd.h>

#include <fcntl.h>

#include <signal.h>

#include <time.h>

#include <errno.h>

#include <sys/time.h>

#include <zlib.h>

/* Needed early for CONFIG_BSD etc. */

#include "config-host.h"

#ifndef _WIN32

#include <libgen.h>

#include <pwd.h>

#include <sys/times.h>

#include <sys/wait.h>

#include <termios.h>

#include <sys/mman.h>

#include <sys/ioctl.h>

#include <sys/resource.h>

#include <sys/socket.h>

#include <netinet/in.h>

#include <net/if.h>

#include <arpa/inet.h>

#include <dirent.h>

#include <netdb.h>

#include <sys/select.h>

#ifdef CONFIG_BSD

#include <sys/stat.h>

#if defined(__FreeBSD__) || defined(__FreeBSD_kernel__) || defined(__DragonFly__)

#include <libutil.h>

#else

#include <util.h>

#endif

#else

#ifdef __linux__

#include <pty.h>

#include <malloc.h>

#include <linux/rtc.h>

#include <sys/prctl.h>

/* For the benefit of older linux systems which don't supply it,

   we use a local copy of hpet.h. */

/* #include <linux/hpet.h> */

#include "hpet.h"

#include <linux/ppdev.h>

#include <linux/parport.h>

#endif

#ifdef __sun__

#include <sys/stat.h>

#include <sys/ethernet.h>

#include <sys/sockio.h>

#include <netinet/arp.h>

#include <netinet/in.h>

#include <netinet/in_systm.h>

#include <netinet/ip.h>

#include <netinet/ip_icmp.h> // must come after ip.h

#include <netinet/udp.h>

#include <netinet/tcp.h>

#include <net/if.h>

#include <syslog.h>

#include <stropts.h>

/* See MySQL bug #7156 (http://bugs.mysql.com/bug.php?id=7156) for

   discussion about Solaris header problems */

extern int madvise(caddr_t, size_t, int);

#endif

#endif

#endif

#if defined(__OpenBSD__)

#include <util.h>

#endif

#if defined(CONFIG_VDE)

#include <libvdeplug.h>

#endif

#ifdef _WIN32

#include <windows.h>

#include <mmsystem.h>

#endif

#ifdef CONFIG_SDL

#if defined(__APPLE__) || defined(main)

#include <SDL.h>

int qemu_main(int argc, char **argv, char **envp);

int main(int argc, char **argv)

{

    return qemu_main(argc, argv, NULL);

}

#undef main

#define main qemu_main

#endif

#endif /* CONFIG_SDL */

#ifdef CONFIG_COCOA

#undef main

#define main qemu_main

#endif /* CONFIG_COCOA */

#include "hw/hw.h"

#include "hw/boards.h"

#include "hw/usb.h"

#include "hw/pcmcia.h"

#include "hw/pc.h"

#include "hw/audiodev.h"

#include "hw/isa.h"

#include "hw/baum.h"

#include "hw/bt.h"

#include "hw/watchdog.h"

#include "hw/smbios.h"

#include "hw/xen.h"

#include "hw/qdev.h"

#include "hw/loader.h"

#include "bt-host.h"

#include "net.h"

#include "net/slirp.h"

#include "monitor.h"

#include "console.h"

#include "sysemu.h"

#include "gdbstub.h"

#include "qemu-timer.h"

#include "qemu-char.h"

#include "cache-utils.h"

#include "block.h"

#include "block_int.h"

#include "block-migration.h"

#include "dma.h"

#include "audio/audio.h"

#include "migration.h"

#include "kvm.h"

#include "balloon.h"

#include "qemu-option.h"

#include "qemu-config.h"

#include "qemu-objects.h"

#include "disas.h"

#include "exec-all.h"

#include "qemu_socket.h"

#include "slirp/libslirp.h"

#include "qemu-queue.h"

//#define DEBUG_NET

//#define DEBUG_SLIRP

#define DEFAULT_RAM_SIZE 128

#define MAX_VIRTIO_CONSOLES 1

static const char *data_dir;

const char *bios_name = NULL;

/* Note: drives_table[MAX_DRIVES] is a dummy block driver if none available

   to store the VM snapshots */

struct drivelist drives = QTAILQ_HEAD_INITIALIZER(drives);

struct driveoptlist driveopts = QTAILQ_HEAD_INITIALIZER(driveopts);

enum vga_retrace_method vga_retrace_method = VGA_RETRACE_DUMB;

DisplayType display_type = DT_DEFAULT;

const char* keyboard_layout = NULL;

ram_addr_t ram_size;

const char *mem_path = NULL;

#ifdef MAP_POPULATE

int mem_prealloc = 0; /* force preallocation of physical target memory */

#endif

int nb_nics;

NICInfo nd_table[MAX_NICS];

int vm_running;

int autostart;

static int rtc_utc = 1;

static int rtc_date_offset = -1; /* -1 means no change */

QEMUClock *rtc_clock;

int vga_interface_type = VGA_NONE;

#ifdef TARGET_SPARC

int graphic_width = 1024;

int graphic_height = 768;

int graphic_depth = 8;

#else

int graphic_width = 800;

int graphic_height = 600;

int graphic_depth = 15;

#endif

static int full_screen = 0;

#ifdef CONFIG_SDL

static int no_frame = 0;

#endif

int no_quit = 0;

CharDriverState *serial_hds[MAX_SERIAL_PORTS];

CharDriverState *parallel_hds[MAX_PARALLEL_PORTS];

CharDriverState *virtcon_hds[MAX_VIRTIO_CONSOLES];

#ifdef TARGET_I386

int win2k_install_hack = 0;

int rtc_td_hack = 0;

#endif

int usb_enabled = 0;

int singlestep = 0;

int smp_cpus = 1;

int max_cpus = 0;

int smp_cores = 1;

int smp_threads = 1;

const char *vnc_display;

int acpi_enabled = 1;

int no_hpet = 0;

int fd_bootchk = 1;

int no_reboot = 0;

int no_shutdown = 0;

int cursor_hide = 1;

int graphic_rotate = 0;

uint8_t irq0override = 1;

#ifndef _WIN32

int daemonize = 0;

#endif

const char *watchdog;

const char *option_rom[MAX_OPTION_ROMS];

int nb_option_roms;

int semihosting_enabled = 0;

#ifdef TARGET_ARM

int old_param = 0;

#endif

const char *qemu_name;

int alt_grab = 0;

int ctrl_grab = 0;

#if defined(TARGET_SPARC) || defined(TARGET_PPC)

unsigned int nb_prom_envs = 0;

const char *prom_envs[MAX_PROM_ENVS];

#endif

int boot_menu;

int nb_numa_nodes;

uint64_t node_mem[MAX_NODES];

uint64_t node_cpumask[MAX_NODES];

static CPUState *cur_cpu;

static CPUState *next_cpu;

static int timer_alarm_pending = 1;

/* Conversion factor from emulated instructions to virtual clock ticks.  */

static int icount_time_shift;

/* Arbitrarily pick 1MIPS as the minimum allowable speed.  */

#define MAX_ICOUNT_SHIFT 10

/* Compensate for varying guest execution speed.  */

static int64_t qemu_icount_bias;

static QEMUTimer *icount_rt_timer;

static QEMUTimer *icount_vm_timer;

static QEMUTimer *nographic_timer;

uint8_t qemu_uuid[16];

static QEMUBootSetHandler *boot_set_handler;

static void *boot_set_opaque;

#ifdef SIGRTMIN

#define SIG_IPI (SIGRTMIN+4)

#else

#define SIG_IPI SIGUSR1

#endif

static int default_serial = 1;

static int default_parallel = 1;

static int default_virtcon = 1;

static int default_monitor = 1;

static int default_vga = 1;

static int default_floppy = 1;

static int default_cdrom = 1;

static int default_sdcard = 1;

static struct {

    const char *driver;

    int *flag;

} default_list[] = {

    { .driver = "isa-serial",           .flag = &default_serial    },

    { .driver = "isa-parallel",         .flag = &default_parallel  },

    { .driver = "isa-fdc",              .flag = &default_floppy    },

    { .driver = "ide-drive",            .flag = &default_cdrom     },

    { .driver = "virtio-serial-pci",    .flag = &default_virtcon   },

    { .driver = "virtio-serial-s390",   .flag = &default_virtcon   },

    { .driver = "virtio-serial",        .flag = &default_virtcon   },

    { .driver = "VGA",                  .flag = &default_vga       },

    { .driver = "cirrus-vga",           .flag = &default_vga       },

    { .driver = "vmware-svga",          .flag = &default_vga       },

};

static int default_driver_check(QemuOpts *opts, void *opaque)

{

    const char *driver = qemu_opt_get(opts, "driver");

    int i;

    if (!driver)

        return 0;

    for (i = 0; i < ARRAY_SIZE(default_list); i++) {

        if (strcmp(default_list[i].driver, driver) != 0)

            continue;

        *(default_list[i].flag) = 0;

    }

    return 0;

}

/***********************************************************/

/* x86 ISA bus support */

target_phys_addr_t isa_mem_base = 0;

PicState2 *isa_pic;

/***********************************************************/

void hw_error(const char *fmt, ...)

{

    va_list ap;

    CPUState *env;

    va_start(ap, fmt);

    fprintf(stderr, "qemu: hardware error: ");

    vfprintf(stderr, fmt, ap);

    fprintf(stderr, "\n");

    for(env = first_cpu; env != NULL; env = env->next_cpu) {

        fprintf(stderr, "CPU #%d:\n", env->cpu_index);

#ifdef TARGET_I386

        cpu_dump_state(env, stderr, fprintf, X86_DUMP_FPU);

#else

        cpu_dump_state(env, stderr, fprintf, 0);

#endif

    }

    va_end(ap);

    abort();

}

static void set_proc_name(const char *s)

{

#if defined(__linux__) && defined(PR_SET_NAME)

    char name[16];

    if (!s)

        return;

    name[sizeof(name) - 1] = 0;

    strncpy(name, s, sizeof(name));

    /* Could rewrite argv[0] too, but that's a bit more complicated.

       This simple way is enough for `top'. */

    prctl(PR_SET_NAME, name);

#endif            

}

/***************/

/* ballooning */

static QEMUBalloonEvent *qemu_balloon_event;

void *qemu_balloon_event_opaque;

void qemu_add_balloon_handler(QEMUBalloonEvent *func, void *opaque)

{

    qemu_balloon_event = func;

    qemu_balloon_event_opaque = opaque;

}

int qemu_balloon(ram_addr_t target, MonitorCompletion cb, void *opaque)

{

    if (qemu_balloon_event) {

        qemu_balloon_event(qemu_balloon_event_opaque, target, cb, opaque);

        return 1;

    } else {

        return 0;

    }

}

int qemu_balloon_status(MonitorCompletion cb, void *opaque)

{

    if (qemu_balloon_event) {

        qemu_balloon_event(qemu_balloon_event_opaque, 0, cb, opaque);

        return 1;

    } else {

        return 0;

    }

}

/***********************************************************/

/* real time host monotonic timer */

/* compute with 96 bit intermediate result: (a*b)/c */

uint64_t muldiv64(uint64_t a, uint32_t b, uint32_t c)

{

    union {

        uint64_t ll;

        struct {

#ifdef HOST_WORDS_BIGENDIAN

            uint32_t high, low;

#else

            uint32_t low, high;

#endif

        } l;

    } u, res;

    uint64_t rl, rh;

    u.ll = a;

    rl = (uint64_t)u.l.low * (uint64_t)b;

    rh = (uint64_t)u.l.high * (uint64_t)b;

    rh += (rl >> 32);

    res.l.high = rh / c;

    res.l.low = (((rh % c) << 32) + (rl & 0xffffffff)) / c;

    return res.ll;

}

static int64_t get_clock_realtime(void)

{

    struct timeval tv;

    gettimeofday(&tv, NULL);

    return tv.tv_sec * 1000000000LL + (tv.tv_usec * 1000);

}

#ifdef WIN32

static int64_t clock_freq;

static void init_get_clock(void)

{

    LARGE_INTEGER freq;

    int ret;

    ret = QueryPerformanceFrequency(&freq);

    if (ret == 0) {

        fprintf(stderr, "Could not calibrate ticks\n");

        exit(1);

    }

    clock_freq = freq.QuadPart;

}

static int64_t get_clock(void)

{

    LARGE_INTEGER ti;

    QueryPerformanceCounter(&ti);

    return muldiv64(ti.QuadPart, get_ticks_per_sec(), clock_freq);

}

#else

static int use_rt_clock;

static void init_get_clock(void)

{

    use_rt_clock = 0;

#if defined(__linux__) || (defined(__FreeBSD__) && __FreeBSD_version >= 500000) \

    || defined(__DragonFly__) || defined(__FreeBSD_kernel__)

    {

        struct timespec ts;

        if (clock_gettime(CLOCK_MONOTONIC, &ts) == 0) {

            use_rt_clock = 1;

        }

    }

#endif

}

static int64_t get_clock(void)

{

#if defined(__linux__) || (defined(__FreeBSD__) && __FreeBSD_version >= 500000) \

        || defined(__DragonFly__) || defined(__FreeBSD_kernel__)

    if (use_rt_clock) {

        struct timespec ts;

        clock_gettime(CLOCK_MONOTONIC, &ts);

        return ts.tv_sec * 1000000000LL + ts.tv_nsec;

    } else

#endif

    {

        /* XXX: using gettimeofday leads to problems if the date

           changes, so it should be avoided. */

        return get_clock_realtime();

    }

}

#endif

/* Return the virtual CPU time, based on the instruction counter.  */

static int64_t cpu_get_icount(void)

{

    int64_t icount;

    CPUState *env = cpu_single_env;;

    icount = qemu_icount;

    if (env) {

        if (!can_do_io(env))

            fprintf(stderr, "Bad clock read\n");

        icount -= (env->icount_decr.u16.low + env->icount_extra);

    }

    return qemu_icount_bias + (icount << icount_time_shift);

}

/***********************************************************/

/* guest cycle counter */

typedef struct TimersState {

    int64_t cpu_ticks_prev;

    int64_t cpu_ticks_offset;

    int64_t cpu_clock_offset;

    int32_t cpu_ticks_enabled;

    int64_t dummy;

} TimersState;

TimersState timers_state;

/* return the host CPU cycle counter and handle stop/restart */

int64_t cpu_get_ticks(void)

{

    if (use_icount) {

        return cpu_get_icount();

    }

    if (!timers_state.cpu_ticks_enabled) {

        return timers_state.cpu_ticks_offset;

    } else {

        int64_t ticks;

        ticks = cpu_get_real_ticks();

        if (timers_state.cpu_ticks_prev > ticks) {

            /* Note: non increasing ticks may happen if the host uses

               software suspend */

            timers_state.cpu_ticks_offset += timers_state.cpu_ticks_prev - ticks;

        }

        timers_state.cpu_ticks_prev = ticks;

        return ticks + timers_state.cpu_ticks_offset;

    }

}

/* return the host CPU monotonic timer and handle stop/restart */

static int64_t cpu_get_clock(void)

{

    int64_t ti;

    if (!timers_state.cpu_ticks_enabled) {

        return timers_state.cpu_clock_offset;

    } else {

        ti = get_clock();

        return ti + timers_state.cpu_clock_offset;

    }

}

/* enable cpu_get_ticks() */

void cpu_enable_ticks(void)

{

    if (!timers_state.cpu_ticks_enabled) {

        timers_state.cpu_ticks_offset -= cpu_get_real_ticks();

        timers_state.cpu_clock_offset -= get_clock();

        timers_state.cpu_ticks_enabled = 1;

    }

}

/* disable cpu_get_ticks() : the clock is stopped. You must not call

   cpu_get_ticks() after that.  */

void cpu_disable_ticks(void)

{

    if (timers_state.cpu_ticks_enabled) {

        timers_state.cpu_ticks_offset = cpu_get_ticks();

        timers_state.cpu_clock_offset = cpu_get_clock();

        timers_state.cpu_ticks_enabled = 0;

    }

}

/***********************************************************/

/* timers */

#define QEMU_CLOCK_REALTIME 0

#define QEMU_CLOCK_VIRTUAL  1

#define QEMU_CLOCK_HOST     2

struct QEMUClock {

    int type;

    /* XXX: add frequency */

};

struct QEMUTimer {

    QEMUClock *clock;

    int64_t expire_time;

    QEMUTimerCB *cb;

    void *opaque;

    struct QEMUTimer *next;

};

struct qemu_alarm_timer {

    char const *name;

    unsigned int flags;

    int (*start)(struct qemu_alarm_timer *t);

    void (*stop)(struct qemu_alarm_timer *t);

    void (*rearm)(struct qemu_alarm_timer *t);

    void *priv;

};

#define ALARM_FLAG_DYNTICKS  0x1

#define ALARM_FLAG_EXPIRED   0x2

static inline int alarm_has_dynticks(struct qemu_alarm_timer *t)

{

    return t && (t->flags & ALARM_FLAG_DYNTICKS);

}

static void qemu_rearm_alarm_timer(struct qemu_alarm_timer *t)

{

    if (!alarm_has_dynticks(t))

        return;

    t->rearm(t);

}

/* TODO: MIN_TIMER_REARM_US should be optimized */

#define MIN_TIMER_REARM_US 250

static struct qemu_alarm_timer *alarm_timer;

#ifdef _WIN32

struct qemu_alarm_win32 {

    MMRESULT timerId;

    unsigned int period;

} alarm_win32_data = {0, -1};

static int win32_start_timer(struct qemu_alarm_timer *t);

static void win32_stop_timer(struct qemu_alarm_timer *t);

static void win32_rearm_timer(struct qemu_alarm_timer *t);

#else

static int unix_start_timer(struct qemu_alarm_timer *t);

static void unix_stop_timer(struct qemu_alarm_timer *t);

#ifdef __linux__

static int dynticks_start_timer(struct qemu_alarm_timer *t);

static void dynticks_stop_timer(struct qemu_alarm_timer *t);

static void dynticks_rearm_timer(struct qemu_alarm_timer *t);

static int hpet_start_timer(struct qemu_alarm_timer *t);

static void hpet_stop_timer(struct qemu_alarm_timer *t);

static int rtc_start_timer(struct qemu_alarm_timer *t);

static void rtc_stop_timer(struct qemu_alarm_timer *t);

#endif /* __linux__ */

#endif /* _WIN32 */

/* Correlation between real and virtual time is always going to be

   fairly approximate, so ignore small variation.

   When the guest is idle real and virtual time will be aligned in

   the IO wait loop.  */

#define ICOUNT_WOBBLE (get_ticks_per_sec() / 10)

static void icount_adjust(void)

{

    int64_t cur_time;

    int64_t cur_icount;

    int64_t delta;

    static int64_t last_delta;

    /* If the VM is not running, then do nothing.  */

    if (!vm_running)

        return;

    cur_time = cpu_get_clock();

    cur_icount = qemu_get_clock(vm_clock);

    delta = cur_icount - cur_time;

    /* FIXME: This is a very crude algorithm, somewhat prone to oscillation.  */

    if (delta > 0

        && last_delta + ICOUNT_WOBBLE < delta * 2

        && icount_time_shift > 0) {

        /* The guest is getting too far ahead.  Slow time down.  */

        icount_time_shift--;

    }

    if (delta < 0

        && last_delta - ICOUNT_WOBBLE > delta * 2

        && icount_time_shift < MAX_ICOUNT_SHIFT) {

        /* The guest is getting too far behind.  Speed time up.  */

        icount_time_shift++;

    }

    last_delta = delta;

    qemu_icount_bias = cur_icount - (qemu_icount << icount_time_shift);

}

static void icount_adjust_rt(void * opaque)

{

    qemu_mod_timer(icount_rt_timer,

                   qemu_get_clock(rt_clock) + 1000);

    icount_adjust();

}

static void icount_adjust_vm(void * opaque)

{

    qemu_mod_timer(icount_vm_timer,

                   qemu_get_clock(vm_clock) + get_ticks_per_sec() / 10);

    icount_adjust();

}

static void init_icount_adjust(void)

{

    /* Have both realtime and virtual time triggers for speed adjustment.

       The realtime trigger catches emulated time passing too slowly,

       the virtual time trigger catches emulated time passing too fast.

       Realtime triggers occur even when idle, so use them less frequently

       than VM triggers.  */

    icount_rt_timer = qemu_new_timer(rt_clock, icount_adjust_rt, NULL);

    qemu_mod_timer(icount_rt_timer,

                   qemu_get_clock(rt_clock) + 1000);

    icount_vm_timer = qemu_new_timer(vm_clock, icount_adjust_vm, NULL);

    qemu_mod_timer(icount_vm_timer,

                   qemu_get_clock(vm_clock) + get_ticks_per_sec() / 10);

}

static struct qemu_alarm_timer alarm_timers[] = {

#ifndef _WIN32

#ifdef __linux__

    {"dynticks", ALARM_FLAG_DYNTICKS, dynticks_start_timer,

     dynticks_stop_timer, dynticks_rearm_timer, NULL},

    /* HPET - if available - is preferred */

    {"hpet", 0, hpet_start_timer, hpet_stop_timer, NULL, NULL},

    /* ...otherwise try RTC */

    {"rtc", 0, rtc_start_timer, rtc_stop_timer, NULL, NULL},

#endif

    {"unix", 0, unix_start_timer, unix_stop_timer, NULL, NULL},

#else

    {"dynticks", ALARM_FLAG_DYNTICKS, win32_start_timer,

     win32_stop_timer, win32_rearm_timer, &alarm_win32_data},

    {"win32", 0, win32_start_timer,

     win32_stop_timer, NULL, &alarm_win32_data},

#endif

    {NULL, }

};

static void show_available_alarms(void)

{

    int i;

    printf("Available alarm timers, in order of precedence:\n");

    for (i = 0; alarm_timers[i].name; i++)

        printf("%s\n", alarm_timers[i].name);

}

static void configure_alarms(char const *opt)

{

    int i;

    int cur = 0;

    int count = ARRAY_SIZE(alarm_timers) - 1;

    char *arg;

    char *name;

    struct qemu_alarm_timer tmp;

    if (!strcmp(opt, "?")) {

        show_available_alarms();

        exit(0);

    }

    arg = qemu_strdup(opt);

    /* Reorder the array */

    name = strtok(arg, ",");

    while (name) {

        for (i = 0; i < count && alarm_timers[i].name; i++) {

            if (!strcmp(alarm_timers[i].name, name))

                break;

        }

        if (i == count) {

            fprintf(stderr, "Unknown clock %s\n", name);

            goto next;

        }

        if (i < cur)

            /* Ignore */

            goto next;

        /* Swap */

        tmp = alarm_timers[i];

        alarm_timers[i] = alarm_timers[cur];

        alarm_timers[cur] = tmp;

        cur++;

next:

        name = strtok(NULL, ",");

    }

    qemu_free(arg);

    if (cur) {

        /* Disable remaining timers */

        for (i = cur; i < count; i++)

            alarm_timers[i].name = NULL;

    } else {

        show_available_alarms();

        exit(1);

    }

}

#define QEMU_NUM_CLOCKS 3

QEMUClock *rt_clock;

QEMUClock *vm_clock;

QEMUClock *host_clock;

static QEMUTimer *active_timers[QEMU_NUM_CLOCKS];

static QEMUClock *qemu_new_clock(int type)

{

    QEMUClock *clock;

    clock = qemu_mallocz(sizeof(QEMUClock));

    clock->type = type;

    return clock;

}

QEMUTimer *qemu_new_timer(QEMUClock *clock, QEMUTimerCB *cb, void *opaque)

{

    QEMUTimer *ts;

    ts = qemu_mallocz(sizeof(QEMUTimer));

    ts->clock = clock;

    ts->cb = cb;

    ts->opaque = opaque;

    return ts;

}

void qemu_free_timer(QEMUTimer *ts)

{

    qemu_free(ts);

}

/* stop a timer, but do not dealloc it */

void qemu_del_timer(QEMUTimer *ts)

{

    QEMUTimer **pt, *t;

    /* NOTE: this code must be signal safe because

       qemu_timer_expired() can be called from a signal. */

    pt = &active_timers[ts->clock->type];

    for(;;) {

        t = *pt;

        if (!t)

            break;

        if (t == ts) {

            *pt = t->next;

            break;

        }

        pt = &t->next;

    }

}

/* modify the current timer so that it will be fired when current_time

   >= expire_time. The corresponding callback will be called. */

void qemu_mod_timer(QEMUTimer *ts, int64_t expire_time)

{

    QEMUTimer **pt, *t;

    qemu_del_timer(ts);

    /* add the timer in the sorted list */

    /* NOTE: this code must be signal safe because

       qemu_timer_expired() can be called from a signal. */

    pt = &active_timers[ts->clock->type];

    for(;;) {

        t = *pt;

        if (!t)

            break;

        if (t->expire_time > expire_time)

            break;

        pt = &t->next;

    }

    ts->expire_time = expire_time;

    ts->next = *pt;

    *pt = ts;

    /* Rearm if necessary  */

    if (pt == &active_timers[ts->clock->type]) {

        if ((alarm_timer->flags & ALARM_FLAG_EXPIRED) == 0) {

            qemu_rearm_alarm_timer(alarm_timer);

        }

        /* Interrupt execution to force deadline recalculation.  */

        if (use_icount)

            qemu_notify_event();

    }

}

int qemu_timer_pending(QEMUTimer *ts)

{

    QEMUTimer *t;

    for(t = active_timers[ts->clock->type]; t != NULL; t = t->next) {

        if (t == ts)

            return 1;

    }

    return 0;

}

int qemu_timer_expired(QEMUTimer *timer_head, int64_t current_time)

{

    if (!timer_head)

        return 0;

    return (timer_head->expire_time <= current_time);

}

static void qemu_run_timers(QEMUTimer **ptimer_head, int64_t current_time)

{

    QEMUTimer *ts;

    for(;;) {

        ts = *ptimer_head;

        if (!ts || ts->expire_time > current_time)

            break;

        /* remove timer from the list before calling the callback */

        *ptimer_head = ts->next;

        ts->next = NULL;

        /* run the callback (the timer list can be modified) */

        ts->cb(ts->opaque);

    }

}

int64_t qemu_get_clock(QEMUClock *clock)

{

    switch(clock->type) {

    case QEMU_CLOCK_REALTIME:

        return get_clock() / 1000000;

    default:

    case QEMU_CLOCK_VIRTUAL:

        if (use_icount) {

            return cpu_get_icount();

        } else {

            return cpu_get_clock();

        }

    case QEMU_CLOCK_HOST:

        return get_clock_realtime();

    }

}

int64_t qemu_get_clock_ns(QEMUClock *clock)

{

    switch(clock->type) {

    case QEMU_CLOCK_REALTIME:

        return get_clock();

    default:

    case QEMU_CLOCK_VIRTUAL:

        if (use_icount) {

            return cpu_get_icount();

        } else {

            return cpu_get_clock();

        }

    case QEMU_CLOCK_HOST:

        return get_clock_realtime();

    }

}

static void init_clocks(void)

{

    init_get_clock();

    rt_clock = qemu_new_clock(QEMU_CLOCK_REALTIME);

    vm_clock = qemu_new_clock(QEMU_CLOCK_VIRTUAL);

    host_clock = qemu_new_clock(QEMU_CLOCK_HOST);

    rtc_clock = host_clock;

}

/* save a timer */

void qemu_put_timer(QEMUFile *f, QEMUTimer *ts)

{

    uint64_t expire_time;

    if (qemu_timer_pending(ts)) {

        expire_time = ts->expire_time;

    } else {

        expire_time = -1;

    }

    qemu_put_be64(f, expire_time);

}

void qemu_get_timer(QEMUFile *f, QEMUTimer *ts)

{

    uint64_t expire_time;

    expire_time = qemu_get_be64(f);

    if (expire_time != -1) {

        qemu_mod_timer(ts, expire_time);

    } else {

        qemu_del_timer(ts);

    }

}

static const VMStateDescription vmstate_timers = {

    .name = "timer",

    .version_id = 2,

    .minimum_version_id = 1,

    .minimum_version_id_old = 1,

    .fields      = (VMStateField []) {

        VMSTATE_INT64(cpu_ticks_offset, TimersState),

        VMSTATE_INT64(dummy, TimersState),

        VMSTATE_INT64_V(cpu_clock_offset, TimersState, 2),

        VMSTATE_END_OF_LIST()

    }

};

static void qemu_event_increment(void);

#ifdef _WIN32

static void CALLBACK host_alarm_handler(UINT uTimerID, UINT uMsg,

                                        DWORD_PTR dwUser, DWORD_PTR dw1,

                                        DWORD_PTR dw2)

#else

static void host_alarm_handler(int host_signum)

#endif

{

#if 0

#define DISP_FREQ 1000

    {

        static int64_t delta_min = INT64_MAX;

        static int64_t delta_max, delta_cum, last_clock, delta, ti;

        static int count;

        ti = qemu_get_clock(vm_clock);

        if (last_clock != 0) {

            delta = ti - last_clock;

            if (delta < delta_min)

                delta_min = delta;

            if (delta > delta_max)

                delta_max = delta;

            delta_cum += delta;

            if (++count == DISP_FREQ) {

                printf("timer: min=%" PRId64 " us max=%" PRId64 " us avg=%" PRId64 " us avg_freq=%0.3f Hz\n",

                       muldiv64(delta_min, 1000000, get_ticks_per_sec()),

                       muldiv64(delta_max, 1000000, get_ticks_per_sec()),

                       muldiv64(delta_cum, 1000000 / DISP_FREQ, get_ticks_per_sec()),

                       (double)get_ticks_per_sec() / ((double)delta_cum / DISP_FREQ));

                count = 0;

                delta_min = INT64_MAX;

                delta_max = 0;

                delta_cum = 0;

            }

        }

        last_clock = ti;

    }

#endif

    if (alarm_has_dynticks(alarm_timer) ||

        (!use_icount &&

            qemu_timer_expired(active_timers[QEMU_CLOCK_VIRTUAL],

                               qemu_get_clock(vm_clock))) ||

        qemu_timer_expired(active_timers[QEMU_CLOCK_REALTIME],

                           qemu_get_clock(rt_clock)) ||

        qemu_timer_expired(active_timers[QEMU_CLOCK_HOST],

                           qemu_get_clock(host_clock))) {

        qemu_event_increment();

        if (alarm_timer) alarm_timer->flags |= ALARM_FLAG_EXPIRED;

#ifndef CONFIG_IOTHREAD

        if (next_cpu) {

            /* stop the currently executing cpu because a timer occured */

            cpu_exit(next_cpu);

        }

#endif

        timer_alarm_pending = 1;

        qemu_notify_event();

    }

}

static int64_t qemu_next_deadline(void)

{

    /* To avoid problems with overflow limit this to 2^32.  */

    int64_t delta = INT32_MAX;

    if (active_timers[QEMU_CLOCK_VIRTUAL]) {

        delta = active_timers[QEMU_CLOCK_VIRTUAL]->expire_time -

                     qemu_get_clock(vm_clock);

    }

    if (active_timers[QEMU_CLOCK_HOST]) {

        int64_t hdelta = active_timers[QEMU_CLOCK_HOST]->expire_time -

                 qemu_get_clock(host_clock);

        if (hdelta < delta)

            delta = hdelta;

    }

    if (delta < 0)

        delta = 0;

    return delta;

}

#if defined(__linux__)

static uint64_t qemu_next_deadline_dyntick(void)

{

    int64_t delta;

    int64_t rtdelta;

    if (use_icount)

        delta = INT32_MAX;

    else

        delta = (qemu_next_deadline() + 999) / 1000;

    if (active_timers[QEMU_CLOCK_REALTIME]) {

        rtdelta = (active_timers[QEMU_CLOCK_REALTIME]->expire_time -

                 qemu_get_clock(rt_clock))*1000;

        if (rtdelta < delta)

            delta = rtdelta;

    }

    if (delta < MIN_TIMER_REARM_US)

        delta = MIN_TIMER_REARM_US;

    return delta;

}

#endif

#ifndef _WIN32

/* Sets a specific flag */

static int fcntl_setfl(int fd, int flag)

{

    int flags;

    flags = fcntl(fd, F_GETFL);

    if (flags == -1)

        return -errno;

    if (fcntl(fd, F_SETFL, flags | flag) == -1)

        return -errno;

    return 0;

}

#if defined(__linux__)

#define RTC_FREQ 1024

static void enable_sigio_timer(int fd)

{

    struct sigaction act;

    /* timer signal */

    sigfillset(&act.sa_mask);

    act.sa_flags = 0;

    act.sa_handler = host_alarm_handler;

    sigaction(SIGIO, &act, NULL);

    fcntl_setfl(fd, O_ASYNC);

    fcntl(fd, F_SETOWN, getpid());

}

static int hpet_start_timer(struct qemu_alarm_timer *t)

{

    struct hpet_info info;

    int r, fd;

    fd = qemu_open("/dev/hpet", O_RDONLY);

    if (fd < 0)

        return -1;

    /* Set frequency */

    r = ioctl(fd, HPET_IRQFREQ, RTC_FREQ);

    if (r < 0) {

        fprintf(stderr, "Could not configure '/dev/hpet' to have a 1024Hz timer. This is not a fatal\n"

                "error, but for better emulation accuracy type:\n"

                "'echo 1024 > /proc/sys/dev/hpet/max-user-freq' as root.\n");

        goto fail;

    }

    /* Check capabilities */

    r = ioctl(fd, HPET_INFO, &info);

    if (r < 0)

        goto fail;

    /* Enable periodic mode */

    r = ioctl(fd, HPET_EPI, 0);

    if (info.hi_flags && (r < 0))

        goto fail;

    /* Enable interrupt */

    r = ioctl(fd, HPET_IE_ON, 0);

    if (r < 0)

        goto fail;

    enable_sigio_timer(fd);

    t->priv = (void *)(long)fd;

    return 0;

fail:

    close(fd);

    return -1;

}

static void hpet_stop_timer(struct qemu_alarm_timer *t)

{

    int fd = (long)t->priv;

    close(fd);

}

static int rtc_start_timer(struct qemu_alarm_timer *t)

{

    int rtc_fd;

    unsigned long current_rtc_freq = 0;

    TFR(rtc_fd = qemu_open("/dev/rtc", O_RDONLY));

    if (rtc_fd < 0)

        return -1;

    ioctl(rtc_fd, RTC_IRQP_READ, &current_rtc_freq);

    if (current_rtc_freq != RTC_FREQ &&

        ioctl(rtc_fd, RTC_IRQP_SET, RTC_FREQ) < 0) {

        fprintf(stderr, "Could not configure '/dev/rtc' to have a 1024 Hz timer. This is not a fatal\n"

                "error, but for better emulation accuracy either use a 2.6 host Linux kernel or\n"

                "type 'echo 1024 > /proc/sys/dev/rtc/max-user-freq' as root.\n");

        goto fail;

    }

    if (ioctl(rtc_fd, RTC_PIE_ON, 0) < 0) {

    fail:

        close(rtc_fd);

        return -1;

    }

    enable_sigio_timer(rtc_fd);

    t->priv = (void *)(long)rtc_fd;

    return 0;

}

static void rtc_stop_timer(struct qemu_alarm_timer *t)

{

    int rtc_fd = (long)t->priv;

    close(rtc_fd);

}

static int dynticks_start_timer(struct qemu_alarm_timer *t)

{

    struct sigevent ev;

    timer_t host_timer;

    struct sigaction act;

    sigfillset(&act.sa_mask);

    act.sa_flags = 0;

    act.sa_handler = host_alarm_handler;

    sigaction(SIGALRM, &act, NULL);

    /* 

     * Initialize ev struct to 0 to avoid valgrind complaining

     * about uninitialized data in timer_create call

     */

    memset(&ev, 0, sizeof(ev));

    ev.sigev_value.sival_int = 0;

    ev.sigev_notify = SIGEV_SIGNAL;

    ev.sigev_signo = SIGALRM;

    if (timer_create(CLOCK_REALTIME, &ev, &host_timer)) {

        perror("timer_create");

        /* disable dynticks */

        fprintf(stderr, "Dynamic Ticks disabled\n");

        return -1;

    }

    t->priv = (void *)(long)host_timer;

    return 0;

}

static void dynticks_stop_timer(struct qemu_alarm_timer *t)

{

    timer_t host_timer = (timer_t)(long)t->priv;

    timer_delete(host_timer);

}

static void dynticks_rearm_timer(struct qemu_alarm_timer *t)

{

    timer_t host_timer = (timer_t)(long)t->priv;

    struct itimerspec timeout;

    int64_t nearest_delta_us = INT64_MAX;

    int64_t current_us;

    if (!active_timers[QEMU_CLOCK_REALTIME] &&

        !active_timers[QEMU_CLOCK_VIRTUAL] &&

        !active_timers[QEMU_CLOCK_HOST])

        return;

    nearest_delta_us = qemu_next_deadline_dyntick();

    /* check whether a timer is already running */

    if (timer_gettime(host_timer, &timeout)) {

        perror("gettime");

        fprintf(stderr, "Internal timer error: aborting\n");

        exit(1);

    }

    current_us = timeout.it_value.tv_sec * 1000000 + timeout.it_value.tv_nsec/1000;

    if (current_us && current_us <= nearest_delta_us)

        return;

    timeout.it_interval.tv_sec = 0;

    timeout.it_interval.tv_nsec = 0; /* 0 for one-shot timer */

    timeout.it_value.tv_sec =  nearest_delta_us / 1000000;

    timeout.it_value.tv_nsec = (nearest_delta_us % 1000000) * 1000;

    if (timer_settime(host_timer, 0 /* RELATIVE */, &timeout, NULL)) {

        perror("settime");

        fprintf(stderr, "Internal timer error: aborting\n");

        exit(1);

    }

}

#endif /* defined(__linux__) */

static int unix_start_timer(struct qemu_alarm_timer *t)

{

    struct sigaction act;

    struct itimerval itv;

    int err;

    /* timer signal */

    sigfillset(&act.sa_mask);

    act.sa_flags = 0;