date:20100630

Kevin Wolf  writes:

> Turns out that using more than one state doesn't really work well. I'm trying
> to reproduce a bug for which I need states, so now is the time to fix it.

I'm not familiar with blkdebug, but these look like obvious bug fixes.

Re: [Qemu-devel] [PATCH 2/3] blkdebug: Free QemuOpts after having read the config

Kevin Wolf  writes:

> Forgetting to free them means that the next instance inherits all rules and
> gets its own rules only additionally.

I also found a use for freeing a complete QemuOptsList, here's my
solution.  The code that needs it isn't ready, yet.  If you'd like to
use it, I can push it to my repo.


diff --git a/qemu-option.c b/qemu-option.c
index 7f70d0f..30327d4 100644
--- a/qemu-option.c
+++ b/qemu-option.c
@@ -719,6 +719,15 @@ QemuOpts *qemu_opts_create(QemuOptsList *list, const char 
*id, int fail_if_exist
 return opts;
 }
 
+void qemu_opts_reset(QemuOptsList *list)
+{
+QemuOpts *opts, *next_opts;
+
+QTAILQ_FOREACH_SAFE(opts, &list->head, next, next_opts) {
+qemu_opts_del(opts);
+}
+}
+
 int qemu_opts_set(QemuOptsList *list, const char *id,
   const char *name, const char *value)
 {
diff --git a/qemu-option.h b/qemu-option.h
index 4823219..9e2406c 100644
--- a/qemu-option.h
+++ b/qemu-option.h
@@ -115,6 +115,7 @@ int qemu_opt_foreach(QemuOpts *opts, qemu_opt_loopfunc 
func, void *opaque,
 
 QemuOpts *qemu_opts_find(QemuOptsList *list, const char *id);
 QemuOpts *qemu_opts_create(QemuOptsList *list, const char *id, int 
fail_if_exists);
+void qemu_opts_reset(QemuOptsList *list);
 int qemu_opts_set(QemuOptsList *list, const char *id,
   const char *name, const char *value);
 const char *qemu_opts_id(QemuOpts *opts);

[Qemu-devel] [Bug 595438] Re: KVM segmentation fault, using SCSI+writeback and linux 2.4 guest

2010-06-30 Thread Jes Sorensen

Could you try and run this in GDB and get the backtrace when it crashes?
Just do:

gdb /usr/bin/kvm
(gdb) set args -M pc-0.12 -enable-kvm -m 256 -smp 1 -name spamsender -uuid 
b9cacd5e-08f7-41fd-78c8-89cec59af881 -chardev 
socket,id=monitor,path=/var/lib/libvirt/qemu/spamsender.monitor,server,nowait 
-monitor chardev:monitor -boot d -drive 
file=/mnt/megadiff/cdiso_400_130.iso,if=ide,media=cdrom,index=2 -drive 
file=/home/mmarkk/spamsender2.img,if=scsi,index=0,format=qcow2,cache=writeback 
-net nic,macaddr=00:00:00:00:00:00,vlan=0,name=nic.0 -net tap,vlan=0,name=tap.0 
-chardev pty,id=serial0 -serial chardev:serial0 -parallel none -usb -vnc 
127.0.0.1:0 -vga cirrus
(gdb) run

(gdb) bt

Make sure to have all the debug packages installed, otherwise the
backtrace isn't really useful.

Unfortunately the core file you posted isn't of use to anyone who
doesn't have Ubuntu installed with the exact packages you have
installed. It just shows some random addresses in gdb.

Thanks,
Jes

-- 
KVM segmentation fault, using SCSI+writeback and linux 2.4 guest
https://bugs.launchpad.net/bugs/595438
You received this bug notification because you are a member of qemu-
devel-ml, which is subscribed to QEMU.

Status in QEMU: New

Bug description:
I Use Ubuntu 32 bit 10.04 with standard KVM.
I have Intel E7600  @ 3.06GHz processor with VMX

In this system I Run:
LC_ALL=C PATH=/usr/local/sbin:/usr/local/bin:/usr/bin:/usr/sbin:/sbin:/bin 
QEMU_AUDIO_DRV=none /usr/bin/kvm -M pc-0.12 -enable-kvm -m 256 -smp 1 -name 
spamsender -uuid b9cacd5e-08f7-41fd-78c8-89cec59af881 -chardev 
socket,id=monitor,path=/var/lib/libvirt/qemu/spamsender.monitor,server,nowait 
-monitor chardev:monitor -boot d -drive 
file=/mnt/megadiff/cdiso_400_130.iso,if=ide,media=cdrom,index=2 -drive 
file=/home/mmarkk/spamsender2.img,if=scsi,index=0,format=qcow2,cache=writeback 
-net nic,macaddr=00:00:00:00:00:00,vlan=0,name=nic.0 -net tap,vlan=0,name=tap.0 
-chardev pty,id=serial0 -serial chardev:serial0 -parallel none -usb -vnc 
127.0.0.1:0 -vga cirrus

.iso image contain custom distro of 2.4-linux kernel based system. During 
install process (when .tar.gz actively unpacked), kvm dead with segmentation 
fault.

And ONLY when I choose scsi virtual disk and writeback simultaneously. 
But, writeback+ide, writethrough+scsi works OK.

I use qcow2. It seems, that qcow does not have such problems.

Virtual machine get down at random time during file copy. It seems, when qcow2 
file size need to be expanded.

[Qemu-devel] Re: [V9fs-developer] [PATCH] virtio-9p: getattr server implementation for 9P2000.L protocol.

2010-06-30 Thread Aneesh Kumar K. V

On Fri, 28 May 2010 16:08:43 +0530, Sripathi Kodi  wrote:
> From: M. Mohan Kumar 
> 
> SYNOPSIS
> 
>   size[4] Tgetattr tag[2] fid[4]
> 
>   size[4] Rgetattr tag[2] lstat[n]
> 
>DESCRIPTION
> 
>   The getattr transaction inquires about the file identified by fid.
>   The reply will contain a machine-independent directory entry,
>   laid out as follows:
> 
>  qid.type[1]
> the type of the file (directory, etc.), represented as a bit
> vector corresponding to the high 8 bits of the file's mode
> word.
> 
>  qid.vers[4]
> version number for given path
> 
>  qid.path[8]
> the file server's unique identification for the file
> 
>  st_mode[4]
> Permission and flags
> 
>  st_nlink[8]
> Number of hard links
> 
>  st_uid[4]
> User id of owner
> 
>  st_gid[4]
> Group ID of owner
> 
>  st_rdev[8]
> Device ID (if special file)
> 
>  st_size[8]
> Size, in bytes
> 
>  st_blksize[8]
> Block size for file system IO
> 
>  st_blocks[8]
> Number of file system blocks allocated
> 
>  st_atime_sec[8]
> Time of last access, seconds
> 
>  st_atime_nsec[8]
> Time of last access, nanoseconds
> 
>  st_mtime_sec[8]
> Time of last modification, seconds
> 
>  st_mtime_nsec[8]
> Time of last modification, nanoseconds
> 
>  st_ctime_sec[8]
> Time of last status change, seconds
> 
>  st_ctime_nsec[8]
> Time of last status change, nanoseconds
> 
> 
> This patch implements the client side of getattr implementation for 9P2000.L.
> It introduces a new structure p9_stat_dotl for getting Linux stat information
> along with QID. The data layout is similar to stat structure in Linux user
> space with the following major differences:
> 
> inode (st_ino) is not part of data. Instead qid is.
> 
> device (st_dev) is not part of data because this doesn't make sense on the
> client.
> 
> All time variables are 64 bit wide on the wire. The kernel seems to use
> 32 bit variables for these variables. However, some of the architectures
> have used 64 bit variables and glibc exposes 64 bit variables to user
> space on some architectures. Hence to be on the safer side we have made
> these 64 bit in the protocol. Refer to the comments in
> include/asm-generic/stat.h
> 
> 

Can we just hold on this patch. There is a discussion to add
i_generation and inode create time to a variant of stat. So may be the
protocol bits need those

-aneesh

Re: [Qemu-devel] [PATCH] QEMU: Update .gitignore

(2010/07/01 6:33), Aurelien Jarno wrote:
> On Mon, Jun 21, 2010 at 06:14:17PM +0900, Hidetoshi Seto wrote:
>> (2010/06/21 17:19), Avi Kivity wrote:
>>> On 06/21/2010 08:24 AM, Hidetoshi Seto wrote:
 I think some people have noticed that:

> $ ./configure
> $ make
> $ git status
> # On branch master
> # Untracked files:
> #   (use "git add ..." to include in what will be committed)
> #
> #   QMP/qmp-commands.txt
> #   libdis-user/
> #   libdis/
> #   pc-bios/optionrom/vapic.bin
> nothing added to commit but untracked files present (use "git add" to 
> track)
> 
 Please consider applying this patch to qemu-kvm.git.
>>>
>>> This is equally applicable to qemu.git, so please sent it to the qemu
>>> mailing list, qemu-de...@nongnu.org.
>>
>> Thanks for your advice, Avi.
>>
>> Now this mail is sent to qemu ML, w/ above quotes as short history.
>> Could someone pick this up?
>>
>> Thanks,
>> H.Seto
>>
>> =
> 
> This patch looks good, but doesn't apply anymore, as the libdis/ and
> libdis-user/ part has already been applied from another patch. Care
> to resend it?

I've just posted.  Please check it.

Thanks.
H.Seto

[Qemu-devel] [PATCH] Makefile: add fsdev/*.{o,d} to clean

There were fsdev/qemu-fsdev.{o,d} not removed at "make clean".

Signed-off-by: Hidetoshi Seto 
---
 Makefile |2 +-
 1 files changed, 1 insertions(+), 1 deletions(-)

diff --git a/Makefile b/Makefile
index 560eac6..ce5f0e6 100644
--- a/Makefile
+++ b/Makefile
@@ -159,7 +159,7 @@ clean:
 # avoid old build problems by removing potentially incorrect old files
rm -f config.mak op-i386.h opc-i386.h gen-op-i386.h op-arm.h opc-arm.h 
gen-op-arm.h
rm -f *.o *.d *.a $(TOOLS) TAGS cscope.* *.pod *~ */*~
-   rm -f slirp/*.o slirp/*.d audio/*.o audio/*.d block/*.o block/*.d 
net/*.o net/*.d
+   rm -f {slirp,audio,block,net,fsdev}/*.{o,d}
rm -f qemu-img-cmds.h
$(MAKE) -C tests clean
for d in $(ALL_SUBDIRS) libhw32 libhw64 libuser libdis libdis-user; do \
-- 
1.7.0

[Qemu-devel] [PATCH] Makefile: add qemu-options.def to distclean

Remove generated qemu-options.def at "make distclean".

Signed-off-by: Hidetoshi Seto 
---
 Makefile |1 +
 1 files changed, 1 insertions(+), 0 deletions(-)

diff --git a/Makefile b/Makefile
index 221fbd8..560eac6 100644
--- a/Makefile
+++ b/Makefile
@@ -168,6 +168,7 @@ clean:
 
 distclean: clean
rm -f config-host.mak config-host.h* config-host.ld $(DOCS) 
qemu-options.texi qemu-img-cmds.texi qemu-monitor.texi
+   rm -f qemu-options.def
rm -f config-all-devices.mak
rm -f roms/seabios/config.mak roms/vgabios/config.mak
rm -f qemu-{doc,tech}.{info,aux,cp,dvi,fn,info,ky,log,pdf,pg,toc,tp,vr}
-- 
1.7.0

[Qemu-devel] [PATCH] Add vapic.bin to .gitignore

# This patch is for qemu-kvm.git

The vapic.bin is a generated binary file.

Signed-off-by: Hidetoshi Seto 
---
 .gitignore |1 +
 1 files changed, 1 insertions(+), 0 deletions(-)

diff --git a/.gitignore b/.gitignore
index ddc248b..26eba20 100644
--- a/.gitignore
+++ b/.gitignore
@@ -53,4 +53,5 @@ pc-bios/optionrom/linuxboot.bin
 pc-bios/optionrom/multiboot.bin
 pc-bios/optionrom/multiboot.raw
 pc-bios/optionrom/extboot.bin
+pc-bios/optionrom/vapic.bin
 .stgit-*
-- 
1.7.0

[Qemu-devel] [PATCH] Add QMP/qmp-commands.txt to .gitignore

QMP/qmp-commands.txt is a generated file.

Signed-off-by: Hidetoshi Seto 
---
 .gitignore |1 +
 1 files changed, 1 insertions(+), 0 deletions(-)

diff --git a/.gitignore b/.gitignore
index ce66ed5..a32b7c4 100644
--- a/.gitignore
+++ b/.gitignore
@@ -28,6 +28,7 @@ qemu-img-cmds.texi
 qemu-img-cmds.h
 qemu-io
 qemu-monitor.texi
+QMP/qmp-commands.txt
 .gdbinit
 *.a
 *.aux
-- 
1.7.0

Re: [Qemu-devel] [PATCH] QEMU: Update .gitignore

On Mon, Jun 21, 2010 at 06:14:17PM +0900, Hidetoshi Seto wrote:
> (2010/06/21 17:19), Avi Kivity wrote:
> > On 06/21/2010 08:24 AM, Hidetoshi Seto wrote:
> >> I think some people have noticed that:
> >>
> >>> $ ./configure
> >>> $ make
> >>> $ git status
> >>> # On branch master
> >>> # Untracked files:
> >>> #   (use "git add ..." to include in what will be committed)
> >>> #
> >>> #   QMP/qmp-commands.txt
> >>> #   libdis-user/
> >>> #   libdis/
> >>> #   pc-bios/optionrom/vapic.bin
> >>> nothing added to commit but untracked files present (use "git add" to 
> >>> track)
> >>> 
> >> Please consider applying this patch to qemu-kvm.git.
> > 
> > This is equally applicable to qemu.git, so please sent it to the qemu
> > mailing list, qemu-de...@nongnu.org.
> 
> Thanks for your advice, Avi.
> 
> Now this mail is sent to qemu ML, w/ above quotes as short history.
> Could someone pick this up?
> 
> Thanks,
> H.Seto
> 
> =

This patch looks good, but doesn't apply anymore, as the libdis/ and
libdis-user/ part has already been applied from another patch. Care
to resend it?

> Subject: [PATCH] QEMU: Update .gitignore
> 
> Add some files/directories to .gitignore
> 
>   - vapic.bin
>   A generated binary file.
>   - libdis/ and libdis-user/
>   These are directories generated by ./configure.
>   - QMP/qmp-commands.txt
>   A generated text.
> 
> Signed-off-by: Hidetoshi Seto 
> ---
>  .gitignore |4 
>  1 files changed, 4 insertions(+), 0 deletions(-)
> 
> diff --git a/.gitignore b/.gitignore
> index 2d7f439..fa4f241 100644
> --- a/.gitignore
> +++ b/.gitignore
> @@ -9,6 +9,8 @@ config-target.*
>  libhw32
>  libhw64
>  libuser
> +libdis
> +libdis-user
>  qemu-doc.html
>  qemu-tech.html
>  qemu-doc.info
> @@ -26,6 +28,7 @@ qemu-img-cmds.texi
>  qemu-img-cmds.h
>  qemu-io
>  qemu-monitor.texi
> +QMP/qmp-commands.txt
>  .gdbinit
>  *.a
>  *.aux
> @@ -50,4 +53,5 @@ pc-bios/optionrom/linuxboot.bin
>  pc-bios/optionrom/multiboot.bin
>  pc-bios/optionrom/multiboot.raw
>  pc-bios/optionrom/extboot.bin
> +pc-bios/optionrom/vapic.bin
>  .stgit-*
> -- 1.7.0 
> 
> 
> 

-- 
Aurelien Jarno  GPG: 1024D/F1BCDB73
aurel...@aurel32.net http://www.aurel32.net

Re: [Qemu-devel] [PATCH] net: Fix VM start with '-net none'

On Tue, Jun 15, 2010 at 01:30:39PM +0530, Amit Shah wrote:
> Commit 50e32ea8f31035877decc10f1075aa0e619e09cb changed the behaviour
> for the return type of net_client_init() when a nic type with no init
> method was specified. 'none' is one such nic type. Instead of returning
> 0, which gets interpreted as an index into the nd_table[] array, we
> switched to returning -1, which signifies an error as well.
> 
> That broke VM start with '-net none'. Testing was only done with the
> monitor command 'pci_add', which doesn't fail.
> 
> The correct fix would still be to return 0+ values from
> net_client_init() only when the return value can be used as an index to
> refer to an entry in nd_table[]. With the current code, callers can
> erroneously poke into nd_table[0] when -net nic is used, which can lead
> to badness.
> 
> However, this commit just returns to the previous behaviour before the
> offending commit.
> 
> Signed-off-by: Amit Shah 
> ---
>  net.c |2 +-
>  1 files changed, 1 insertions(+), 1 deletions(-)

Thanks, applied.

> diff --git a/net.c b/net.c
> index 4cb93ed..b681233 100644
> --- a/net.c
> +++ b/net.c
> @@ -1119,7 +1119,7 @@ int net_client_init(Monitor *mon, QemuOpts *opts, int 
> is_netdev)
>  vlan = qemu_find_vlan(qemu_opt_get_number(opts, "vlan", 0), 
> 1);
>  }
>  
> -ret = -1;
> +ret = 0;
>  if (net_client_types[i].init) {
>  ret = net_client_types[i].init(opts, mon, name, vlan);
>  if (ret < 0) {
> -- 
> 1.7.0.1
> 
> 
> 

-- 
Aurelien Jarno  GPG: 1024D/F1BCDB73
aurel...@aurel32.net http://www.aurel32.net

Re: [Qemu-devel] [PATCH v2] x86: svm: Always clear event_inj on vmexit

On Wed, Jun 02, 2010 at 08:49:14AM +0200, Jan Kiszka wrote:
> Erik van der Kouwe wrote:
> > Hi,
> > 
> >> We currently only clear SVM_EVTINJ_VALID after successful interrupt
> >> delivery. This apparently does not match real hardware which clears the
> >> whole event_inj field on every vmexit, including unsuccessful interrupt
> >> delivery.
> > 
> > Thanks for the patch. It is a bit hard for me to test right now as I
> > messed up my test setup, but I will do so ASAP and let you know.
> > 
> > However, I'm worried that this patch may introduce a new problem (I may
> > be mistaken though). There is still this code to load the exit interrupt
> > info:
> > 
> > stl_phys(env->vm_vmcb + offsetof(struct vmcb,
> >   control.exit_int_info_err),
> >   ldl_phys(env->vm_vmcb + offsetof(struct vmcb,
> >   control.event_inj_err)));
> > 
> > Now that event_inj is no longer loaded, won't this mean that
> > exit_int_info and exit_int_info_err also won't be loaded?
> 
> Sorry, can't follow this ATM. But maybe you mean this: there is indeed a
> problem with removing the clearance of event_inj.invalid as it may be
> later on transferred into exit_int_info. And if we succeed with
> injecting the event, that field must not remaind valid.
> 
> OK, here is v2:
> 
> --->
> 
> From: Jan Kiszka 
> 
> We currently only clear SVM_EVTINJ_VALID after successful interrupt
> delivery. This apparently does not match real hardware which clears the
> whole event_inj field on every vmexit, including unsuccessful interrupt
> delivery.
> 
> Reported-by: Erik van der Kouwe 
> Signed-off-by: Jan Kiszka 
> ---
>  target-i386/op_helper.c |1 +
>  1 files changed, 1 insertions(+), 0 deletions(-)

Thanks, applied.

> diff --git a/target-i386/op_helper.c b/target-i386/op_helper.c
> index dcbdfe7..52e8910 100644
> --- a/target-i386/op_helper.c
> +++ b/target-i386/op_helper.c
> @@ -5388,6 +5388,7 @@ void helper_vmexit(uint32_t exit_code, uint64_t 
> exit_info_1)
>   ldl_phys(env->vm_vmcb + offsetof(struct vmcb, 
> control.event_inj)));
>  stl_phys(env->vm_vmcb + offsetof(struct vmcb, control.exit_int_info_err),
>   ldl_phys(env->vm_vmcb + offsetof(struct vmcb, 
> control.event_inj_err)));
> +stl_phys(env->vm_vmcb + offsetof(struct vmcb, control.event_inj), 0);
>  
>  env->hflags2 &= ~HF2_GIF_MASK;
>  /* FIXME: Resets the current ASID register to zero (host ASID). */
> -- 
> 1.6.0.2
> 



-- 
Aurelien Jarno  GPG: 1024D/F1BCDB73
aurel...@aurel32.net http://www.aurel32.net

Re: [Qemu-devel] [PATCH 0/2 v5] Release usb devices on shutdown and usb_del

On Wed, Jun 16, 2010 at 03:15:03PM +0300, Shahar Havivi wrote:
> v5:
> Fix to Gerd Hoffmann comments on v4.
> 
> Shahar Havivi (2):
>   Return usb device to host on usb_del command
>   Return usb device to host on exit
> 
>  usb-linux.c |   15 +++
>  1 files changed, 15 insertions(+), 0 deletions(-)
> 
> 
> 

Thanks, both applied.

-- 
Aurelien Jarno  GPG: 1024D/F1BCDB73
aurel...@aurel32.net http://www.aurel32.net

Re: [Qemu-devel] [PATCH][RESEND] qdev-properties: Fix (u)intXX parsers

On Fri, Jun 18, 2010 at 06:27:03PM +0200, Kevin Wolf wrote:
> scanf calls must not use PRI constants, they have probably the wrong size and
> corrupt memory. We could replace them by SCN ones, but strtol is simpler than
> scanf here anyway. While at it, also fix the parsers to reject garbage after
> the number ("4096xyz" was accepted before).
> 
> Signed-off-by: Kevin Wolf 
> ---
>  hw/qdev-properties.c |   50 
> +++---
>  1 files changed, 35 insertions(+), 15 deletions(-)

Thanks, applied.

> diff --git a/hw/qdev-properties.c b/hw/qdev-properties.c
> index 5a8739d..5b7fd77 100644
> --- a/hw/qdev-properties.c
> +++ b/hw/qdev-properties.c
> @@ -67,12 +67,14 @@ PropertyInfo qdev_prop_bit = {
>  static int parse_uint8(DeviceState *dev, Property *prop, const char *str)
>  {
>  uint8_t *ptr = qdev_get_prop_ptr(dev, prop);
> -const char *fmt;
> +char *end;
>  
>  /* accept both hex and decimal */
> -fmt = strncasecmp(str, "0x",2) == 0 ? "%" PRIx8 : "%" PRIu8;
> -if (sscanf(str, fmt, ptr) != 1)
> +*ptr = strtoul(str, &end, 0);
> +if ((*end != '\0') || (end == str)) {
>  return -EINVAL;
> +}
> +
>  return 0;
>  }
>  
> @@ -95,12 +97,14 @@ PropertyInfo qdev_prop_uint8 = {
>  static int parse_uint16(DeviceState *dev, Property *prop, const char *str)
>  {
>  uint16_t *ptr = qdev_get_prop_ptr(dev, prop);
> -const char *fmt;
> +char *end;
>  
>  /* accept both hex and decimal */
> -fmt = strncasecmp(str, "0x",2) == 0 ? "%" PRIx16 : "%" PRIu16;
> -if (sscanf(str, fmt, ptr) != 1)
> +*ptr = strtoul(str, &end, 0);
> +if ((*end != '\0') || (end == str)) {
>  return -EINVAL;
> +}
> +
>  return 0;
>  }
>  
> @@ -123,12 +127,14 @@ PropertyInfo qdev_prop_uint16 = {
>  static int parse_uint32(DeviceState *dev, Property *prop, const char *str)
>  {
>  uint32_t *ptr = qdev_get_prop_ptr(dev, prop);
> -const char *fmt;
> +char *end;
>  
>  /* accept both hex and decimal */
> -fmt = strncasecmp(str, "0x",2) == 0 ? "%" PRIx32 : "%" PRIu32;
> -if (sscanf(str, fmt, ptr) != 1)
> +*ptr = strtoul(str, &end, 0);
> +if ((*end != '\0') || (end == str)) {
>  return -EINVAL;
> +}
> +
>  return 0;
>  }
>  
> @@ -149,9 +155,13 @@ PropertyInfo qdev_prop_uint32 = {
>  static int parse_int32(DeviceState *dev, Property *prop, const char *str)
>  {
>  int32_t *ptr = qdev_get_prop_ptr(dev, prop);
> +char *end;
>  
> -if (sscanf(str, "%" PRId32, ptr) != 1)
> +*ptr = strtol(str, &end, 10);
> +if ((*end != '\0') || (end == str)) {
>  return -EINVAL;
> +}
> +
>  return 0;
>  }
>  
> @@ -174,9 +184,13 @@ PropertyInfo qdev_prop_int32 = {
>  static int parse_hex32(DeviceState *dev, Property *prop, const char *str)
>  {
>  uint32_t *ptr = qdev_get_prop_ptr(dev, prop);
> +char *end;
>  
> -if (sscanf(str, "%" PRIx32, ptr) != 1)
> +*ptr = strtoul(str, &end, 16);
> +if ((*end != '\0') || (end == str)) {
>  return -EINVAL;
> +}
> +
>  return 0;
>  }
>  
> @@ -199,12 +213,14 @@ PropertyInfo qdev_prop_hex32 = {
>  static int parse_uint64(DeviceState *dev, Property *prop, const char *str)
>  {
>  uint64_t *ptr = qdev_get_prop_ptr(dev, prop);
> -const char *fmt;
> +char *end;
>  
>  /* accept both hex and decimal */
> -fmt = strncasecmp(str, "0x",2) == 0 ? "%" PRIx64 : "%" PRIu64;
> -if (sscanf(str, fmt, ptr) != 1)
> +*ptr = strtoull(str, &end, 0);
> +if ((*end != '\0') || (end == str)) {
>  return -EINVAL;
> +}
> +
>  return 0;
>  }
>  
> @@ -227,9 +243,13 @@ PropertyInfo qdev_prop_uint64 = {
>  static int parse_hex64(DeviceState *dev, Property *prop, const char *str)
>  {
>  uint64_t *ptr = qdev_get_prop_ptr(dev, prop);
> +char *end;
>  
> -if (sscanf(str, "%" PRIx64, ptr) != 1)
> +*ptr = strtoull(str, &end, 16);
> +if ((*end != '\0') || (end == str)) {
>  return -EINVAL;
> +}
> +
>  return 0;
>  }
>  
> -- 
> 1.6.6.1
> 
> 
> 

-- 
Aurelien Jarno  GPG: 1024D/F1BCDB73
aurel...@aurel32.net http://www.aurel32.net

Re: [Qemu-devel] [PATCH][RESEND] usb-uhci: fix commit 8e65b7c04965c8355e4ce43211582b6b83054e3d for vmstate

On Tue, Jun 01, 2010 at 12:26:20PM +0800, TeLeMan wrote:
> The commit 8e65b7c04965c8355e4ce43211582b6b83054e3d introduced
> expire_time of UHCIState. But expire_time is not in vmstate, the
> second uhci_frame_timer will not be fired immediately after loadvm.
> 
> Signed-off-by: TeLeMan 
> ---
>  hw/usb-uhci.c |3 ++-
>  1 files changed, 2 insertions(+), 1 deletions(-)

Thanks, applied.

> diff --git a/hw/usb-uhci.c b/hw/usb-uhci.c
> index 624d55b..d9d74c9 100644
> --- a/hw/usb-uhci.c
> +++ b/hw/usb-uhci.c
> @@ -375,7 +375,7 @@ static const VMStateDescription vmstate_uhci_port = {
> 
>  static const VMStateDescription vmstate_uhci = {
>  .name = "uhci",
> -.version_id = 1,
> +.version_id = 2,
>  .minimum_version_id = 1,
>  .minimum_version_id_old = 1,
>  .pre_save = uhci_pre_save,
> @@ -392,6 +392,7 @@ static const VMStateDescription vmstate_uhci = {
>  VMSTATE_UINT8(sof_timing, UHCIState),
>  VMSTATE_UINT8(status2, UHCIState),
>  VMSTATE_TIMER(frame_timer, UHCIState),
> +VMSTATE_INT64_V(expire_time, UHCIState, 2),
>  VMSTATE_END_OF_LIST()
>  }
>  };
> -- 
> 1.6.5.1.1367.gcd48
> --
> SUN OF A BEACH
> 
> 

-- 
Aurelien Jarno  GPG: 1024D/F1BCDB73
aurel...@aurel32.net http://www.aurel32.net

Re: [Qemu-devel] [PATCH v2 00/12] refactor OMAP implementation

On Mon, May 31, 2010 at 11:54:12PM +0800, cmchao wrote:
>  The following changes since commit aa6f63fff62faf2fe9ffba5a789675d49293614d
>  Blue Swirl:
>   mc146818rtc: improve debugging
>   Add a separate flag for debugging coalesced interrupts.
> 
>  The patches almostly base on http://meego.gitorious.org/qemu-maemo/qemu work 
> and
>  act as preparatory work to merge their OMAP3 and beagleboard support. All the
>  work are to separate modules, which will be shared or extended in OMAP3 
> implementation
>  and make some local function static
> 
>  change from v1 :
>   1 fix missing static declaration leading to compilation error in 
> patch #12
> 2 rebase to newer upstream
> 
>  [PATCH v2 01/12] hw/omap1.c : separate gpio module
>  [PATCH v2 02/12] hw/omap2.c : separate gpio module
>  [PATCH v2 03/12] hw/omap2.c : separate gptimer module
>  [PATCH v2 04/12] hw/omap2.c : separate synctimer module
>  [PATCH v2 05/12] hw/omap2.c : separate gpmc(general purpose memory 
> controller)
>  [PATCH v2 06/12] hw/omap2.c : separate sdrc (sdram controller)
>  [PATCH v2 07/12] hw/omap1.c : separate interrupt controller module
>  [PATCH v2 08/12] hw/omap2.c : separate spi module
>  [PATCH v2 09/12] hw/omap2.c : separate tap module(Test-Chip-level)
>  [PATCH v2 10/12] hw/omwp2.c : separate l4 interconnect module
>  [PATCH v2 11/12] hw/omap1.c : separate uart module
>  [PATCH v2 12/12] hw/omap : make local function static and remove declaration 
> from header
> 
> 

Thanks, all applied.

-- 
Aurelien Jarno  GPG: 1024D/F1BCDB73
aurel...@aurel32.net http://www.aurel32.net

Re: [Qemu-devel] [PATCH] virtio-serial: Simplify virtio_serial_load()

On Mon, May 31, 2010 at 04:19:43PM +0200, Markus Armbruster wrote:
> For all i, ports_map[i] is used in and only in the i-th iteration.
> Replace the dynamic array by a scalar variable.
> 
> Signed-off-by: Markus Armbruster 
> ---
>  hw/virtio-serial-bus.c |   12 +++-
>  1 files changed, 3 insertions(+), 9 deletions(-)

Thanks, applied.

> diff --git a/hw/virtio-serial-bus.c b/hw/virtio-serial-bus.c
> index 3ce95e8..bcc6d5d 100644
> --- a/hw/virtio-serial-bus.c
> +++ b/hw/virtio-serial-bus.c
> @@ -492,8 +492,7 @@ static int virtio_serial_load(QEMUFile *f, void *opaque, 
> int version_id)
>  {
>  VirtIOSerial *s = opaque;
>  VirtIOSerialPort *port;
> -size_t ports_map_size;
> -uint32_t max_nr_ports, nr_active_ports, *ports_map;
> +uint32_t max_nr_ports, nr_active_ports, ports_map;
>  unsigned int i;
>  
>  if (version_id > 2) {
> @@ -517,22 +516,17 @@ static int virtio_serial_load(QEMUFile *f, void 
> *opaque, int version_id)
>  return -EINVAL;
>  }
>  
> -ports_map_size = sizeof(uint32_t) * (max_nr_ports + 31) / 32;
> -ports_map = qemu_malloc(ports_map_size);
> -
>  for (i = 0; i < (max_nr_ports + 31) / 32; i++) {
> -qemu_get_be32s(f, &ports_map[i]);
> +qemu_get_be32s(f, &ports_map);
>  
> -if (ports_map[i] != s->ports_map[i]) {
> +if (ports_map != s->ports_map[i]) {
>  /*
>   * Ports active on source and destination don't
>   * match. Fail migration.
>   */
> -qemu_free(ports_map);
>  return -EINVAL;
>  }
>  }
> -qemu_free(ports_map);
>  
>  qemu_get_be32s(f, &nr_active_ports);
>  
> -- 
> 1.6.6.1
> 
> 
> 

-- 
Aurelien Jarno  GPG: 1024D/F1BCDB73
aurel...@aurel32.net http://www.aurel32.net

Re: [Qemu-devel] [PATCH] usb-serial: Fail instead of crash when chardev is missing

On Fri, May 28, 2010 at 05:03:22PM +0200, Markus Armbruster wrote:
> 
> Signed-off-by: Markus Armbruster 
> ---
>  hw/usb-serial.c |5 +
>  1 files changed, 5 insertions(+), 0 deletions(-)

Thanks, applied.

> diff --git a/hw/usb-serial.c b/hw/usb-serial.c
> index 5b2483a..c19580f 100644
> --- a/hw/usb-serial.c
> +++ b/hw/usb-serial.c
> @@ -545,6 +545,11 @@ static int usb_serial_initfn(USBDevice *dev)
>  USBSerialState *s = DO_UPCAST(USBSerialState, dev, dev);
>  s->dev.speed = USB_SPEED_FULL;
>  
> +if (!s->cs) {
> +error_report("Property chardev is required");
> +return -1;
> +}
> +
>  qemu_chr_add_handlers(s->cs, usb_serial_can_read, usb_serial_read,
>usb_serial_event, s);
>  usb_serial_handle_reset(dev);
> -- 
> 1.6.6.1
> 
> 
> 

-- 
Aurelien Jarno  GPG: 1024D/F1BCDB73
aurel...@aurel32.net http://www.aurel32.net

Re: [Qemu-devel] [PATCH] A bit optimization for tlb_set_page() (resend)

On Thu, May 06, 2010 at 02:36:59PM +0900, Jun Koi wrote:
> This patch avoids handling write watchpoints on read-only memory access.
> It also breaks the searching loop for watchpoint once the setup for
> handling watchpoint later is done.
> 
> Signed-off-by: Jun Koi 

Thanks, applied.

> diff --git a/exec.c b/exec.c
> index 14d1fd7..6fd859f 100644
> --- a/exec.c
> +++ b/exec.c
> @@ -2236,10 +2236,12 @@ void tlb_set_page(CPUState *env, target_ulong vaddr,
> watchpoint trap routines.  */
>  QTAILQ_FOREACH(wp, &env->watchpoints, entry) {
>  if (vaddr == (wp->vaddr & TARGET_PAGE_MASK)) {
> -iotlb = io_mem_watch + paddr;
> -/* TODO: The memory case can be optimized by not trapping
> -   reads of pages with a write breakpoint.  */
> -address |= TLB_MMIO;
> +/* Avoid trapping reads of pages with a write breakpoint. */
> +if ((prot & PAGE_WRITE) || (wp->flags & BP_MEM_READ)) {
> +iotlb = io_mem_watch + paddr;
> +address |= TLB_MMIO;
> +break;
> +}
>  }
>  }
> 
> 
> 

-- 
Aurelien Jarno  GPG: 1024D/F1BCDB73
aurel...@aurel32.net http://www.aurel32.net

[Qemu-devel] Re: [PATCH 09/12] savevm: Survive hot-unplug of snapshot device

Kevin Wolf  writes:

> Am 25.06.2010 18:53, schrieb Markus Armbruster:
>> savevm.c keeps a pointer to the snapshot block device.  If you manage
>> to get that device deleted, the pointer dangles, and the next snapshot
>> operation will crash & burn.  Unplugging a guest device that uses it
>> does the trick:
>> 
>> $ MALLOC_PERTURB_=234 qemu-system-x86_64 [...]
>> QEMU 0.12.50 monitor - type 'help' for more information
>> (qemu) info snapshots
>> No available block device supports snapshots
>> (qemu) drive_add auto if=none,file=tmp.qcow2
>> OK
>> (qemu) device_add usb-storage,id=foo,drive=none1
>> (qemu) info snapshots
>> Snapshot devices: none1
>> Snapshot list (from none1):
>> IDTAG VM SIZEDATE   VM CLOCK
>> (qemu) device_del foo
>> (qemu) info snapshots
>> Snapshot devices:
>> Segmentation fault (core dumped)
>> 
>> Move management of that pointer to block.c, and zap it when the device
>> it points to goes away.
>> 
>> Signed-off-by: Markus Armbruster 
>> ---
>>  block.c  |   25 +
>>  block.h  |1 +
>>  savevm.c |   31 ---
>>  3 files changed, 30 insertions(+), 27 deletions(-)
>> 
>> diff --git a/block.c b/block.c
>> index 5e0ffa0..34055e0 100644
>> --- a/block.c
>> +++ b/block.c
>> @@ -63,6 +63,9 @@ static QTAILQ_HEAD(, BlockDriverState) bdrv_states =
>>  static QLIST_HEAD(, BlockDriver) bdrv_drivers =
>>  QLIST_HEAD_INITIALIZER(bdrv_drivers);
>>  
>> +/* The device to use for VM snapshots */
>> +static BlockDriverState *bs_snapshots;
>> +
>>  /* If non-zero, use only whitelisted block drivers */
>>  static int use_bdrv_whitelist;
>>  
>> @@ -660,6 +663,9 @@ void bdrv_close_all(void)
>>  void bdrv_delete(BlockDriverState *bs)
>>  {
>>  assert(!bs->peer);
>> +if (bs == bs_snapshots) {
>> +bs_snapshots = NULL;
>> +}
>
> This should probably be in bdrv_close() instead. A BlockDriverState can
> be closed, but not deleted yet; it can't handle snapshots in this state,
> though.

Right.  I was thinking about the dangling pointer only.

My patch works as advertized: it fixes the crash.  But zapping
bs_snapshots in bdrv_close() is even better.  I'll respin.


>>  /* remove from list, if necessary */
>>  if (bs->device_name[0] != '\0') {
>> @@ -1772,6 +1778,25 @@ int bdrv_can_snapshot(BlockDriverState *bs)
>>  return 1;
>>  }
>>  
>> +BlockDriverState *bdrv_snapshots(void)
>> +{
>> +BlockDriverState *bs;
>> +
>> +if (bs_snapshots)
>> +return bs_snapshots;
>
> I know that this function is just moved with no changes, but while we're
> at it and you need to respin anyway, can we add braces here?
>
>> +
>> +bs = NULL;
>> +while ((bs = bdrv_next(bs))) {
>> +if (bdrv_can_snapshot(bs)) {
>> +goto ok;
>> +}
>> +}
>> +return NULL;
>> + ok:
>> +bs_snapshots = bs;
>> +return bs;
>> +}
>
> And instead of a goto we could do the right thing directly in the if block.

Separate patch.  I hate it when people squash code motion and change
together.

[Qemu-devel] [PATCH 3/3] blkdebug: Initialize state as 1

state = 0 in rules means that the rule is valid for any state. Therefore it's
impossible to have a rule that works only in the initial state. This changes
the initial state from 0 to 1 to make this possible.

Signed-off-by: Kevin Wolf 
---
 block/blkdebug.c |3 +++
 1 files changed, 3 insertions(+), 0 deletions(-)

diff --git a/block/blkdebug.c b/block/blkdebug.c
index b084782..99340db 100644
--- a/block/blkdebug.c
+++ b/block/blkdebug.c
@@ -306,6 +306,9 @@ static int blkdebug_open(BlockDriverState *bs, const char 
*filename, int flags)
 }
 filename = c + 1;
 
+/* Set initial state */
+s->vars.state = 1;
+
 /* Open the backing file */
 ret = bdrv_file_open(&bs->file, filename, flags);
 if (ret < 0) {
-- 
1.6.6.1

[Qemu-devel] [PATCH 2/3] blkdebug: Free QemuOpts after having read the config

Forgetting to free them means that the next instance inherits all rules and
gets its own rules only additionally.

Signed-off-by: Kevin Wolf 
---
 block/blkdebug.c |7 +++
 1 files changed, 7 insertions(+), 0 deletions(-)

diff --git a/block/blkdebug.c b/block/blkdebug.c
index 4ec8ca6..b084782 100644
--- a/block/blkdebug.c
+++ b/block/blkdebug.c
@@ -242,6 +242,11 @@ static int add_rule(QemuOpts *opts, void *opaque)
 return 0;
 }
 
+static int free_opts(QemuOpts *opts, void *opaque) {
+qemu_opts_del(opts);
+return 0;
+}
+
 static int read_config(BDRVBlkdebugState *s, const char *filename)
 {
 FILE *f;
@@ -267,6 +272,8 @@ static int read_config(BDRVBlkdebugState *s, const char 
*filename)
 
 ret = 0;
 fail:
+qemu_opts_foreach(&inject_error_opts, free_opts, NULL, 0);
+qemu_opts_foreach(&set_state_opts, free_opts, NULL, 0);
 fclose(f);
 return ret;
 }
-- 
1.6.6.1

[Qemu-devel] [Bug 599958] Re: Timedrift problems with Win7: hpet missing time drift fixups

2010-06-30 Thread Lucas Meneghel Rodrigues

Sent patch http://patchwork.test.kernel.org/patch/2384/ to autotest and
will update the autotest server to reflect that option.

-- 
Timedrift problems with Win7: hpet missing time drift fixups
https://bugs.launchpad.net/bugs/599958
You received this bug notification because you are a member of qemu-
devel-ml, which is subscribed to QEMU.

Status in QEMU: Confirmed

Bug description:
We've been finding timedrift issues witth Win7 under qemu-kvm on our daily 
testing

kvm.qemu-kvm-git.smp2.Win7.64.timedrift.with_load   FAIL1   Time 
drift too large after rest period: 38.63%
kvm.qemu-kvm-git.smp2.Win7.64.timedrift.with_reboot FAIL1   Time 
drift too large at iteration 1: 17.77 seconds
kvm.qemu-kvm-git.smp2.Win7.64.timedrift.with_migration  FAIL1   Time 
drift too large at iteration 2: 3.08 seconds

Steps to reproduce:

timedrift.with_load

1) Log into a guest.
2) Take a time reading from the guest and host.
3) Run load on the guest and host.
4) Take a second time reading.
5) Stop the load and rest for a while.
6) Take a third time reading.
7) If the drift immediately after load is higher than a user-
specified value (in %), fail.
If the drift after the rest period is higher than a user-specified value,
fail.

timedrift.with_migration

1) Log into a guest.
2) Take a time reading from the guest and host.
3) Migrate the guest.
4) Take a second time reading.
5) If the drift (in seconds) is higher than a user specified value, fail.

timedrift.with_reboot

1) Log into a guest.
2) Take a time reading from the guest and host.
3) Reboot the guest.
4) Take a second time reading.
5) If the drift (in seconds) is higher than a user specified value, fail.

This bug is to register those issues and keep an eye on them.

Attached, some logs from the autotest tests executed on the guest

[Qemu-devel] [PATCH 1/3] blkdebug: Fix set_state_opts definition

The list head was initialized to point to the wrong list, so all actions ended
up being handled as inject-error even if they were set-state in fact.

Signed-off-by: Kevin Wolf 
---
 block/blkdebug.c |2 +-
 1 files changed, 1 insertions(+), 1 deletions(-)

diff --git a/block/blkdebug.c b/block/blkdebug.c
index 98fed94..4ec8ca6 100644
--- a/block/blkdebug.c
+++ b/block/blkdebug.c
@@ -111,7 +111,7 @@ static QemuOptsList inject_error_opts = {
 
 static QemuOptsList set_state_opts = {
 .name = "set-state",
-.head = QTAILQ_HEAD_INITIALIZER(inject_error_opts.head),
+.head = QTAILQ_HEAD_INITIALIZER(set_state_opts.head),
 .desc = {
 {
 .name = "event",
-- 
1.6.6.1

[Qemu-devel] [PATCH 0/3] blkdebug: Fix config with multiple states

Turns out that using more than one state doesn't really work well. I'm trying
to reproduce a bug for which I need states, so now is the time to fix it.

Kevin Wolf (3):
  blkdebug: Fix set_state_opts definition
  blkdebug: Free QemuOpts after having read the config
  blkdebug: Initialize state as 1

 block/blkdebug.c |   12 +++-
 1 files changed, 11 insertions(+), 1 deletions(-)

[Qemu-devel] [PATCH][Tracing] Fix build errors for target i386-linux-user

2010-06-30 Thread Prerna Saxena

[PATCH 1/1] Move definitions of monitor command handlers (do_info_trace, 
do_info_all_trace_events) to monitor.c. This removes build errors for 
user targets such as i386-linux-user, which are not linked with monitor.

The export of trace_buf and trace_idx is an unfortunate side effect, 
since these are needed by do_info_trace which dumps buffer 
contents.

Signed-off-by: Prerna Saxena 
---
 monitor.c |   21 +
 simpletrace.c |   39 ++-
 tracetool |   16 
 3 files changed, 39 insertions(+), 37 deletions(-)

diff --git a/monitor.c b/monitor.c
index 433a3ec..9b5d65a 100644
--- a/monitor.c
+++ b/monitor.c
@@ -540,6 +540,27 @@ static void do_change_trace_event_state(Monitor *mon, 
const QDict *qdict)
 bool new_state = qdict_get_bool(qdict, "option");
 change_trace_event_state(tp_name, new_state);
 }
+
+void do_info_trace(Monitor *mon)
+{
+unsigned int i;
+
+for (i = 0; i < trace_idx ; i++) {
+monitor_printf(mon, "Event %lu : %lx %lx %lx %lx %lx\n",
+  trace_buf[i].event, trace_buf[i].x1, trace_buf[i].x2,
+trace_buf[i].x3, trace_buf[i].x4, trace_buf[i].x5);
+}
+}
+
+void do_info_all_trace_events(Monitor *mon)
+{
+unsigned int i;
+
+for (i = 0; i < NR_TRACE_EVENTS; i++) {
+monitor_printf(mon, "%s [Event ID %u] : state %u\n",
+trace_list[i].tp_name, i, trace_list[i].state);
+}
+}
 #endif
 
 static void user_monitor_complete(void *opaque, QObject *ret_data)
diff --git a/simpletrace.c b/simpletrace.c
index 57c41fc..834b4c1 100644
--- a/simpletrace.c
+++ b/simpletrace.c
@@ -1,23 +1,9 @@
 #include 
 #include 
-#include "monitor.h"
 #include "trace.h"
 
-typedef struct {
-unsigned long event;
-unsigned long x1;
-unsigned long x2;
-unsigned long x3;
-unsigned long x4;
-unsigned long x5;
-} TraceRecord;
-
-enum {
-TRACE_BUF_LEN = 64 * 1024 / sizeof(TraceRecord),
-};
-
-static TraceRecord trace_buf[TRACE_BUF_LEN];
-static unsigned int trace_idx;
+TraceRecord trace_buf[TRACE_BUF_LEN];
+unsigned int trace_idx;
 static FILE *trace_fp;
 
 static void trace(TraceEventID event, unsigned long x1,
@@ -69,27 +55,6 @@ void trace5(TraceEventID event, unsigned long x1, unsigned 
long x2, unsigned lon
 trace(event, x1, x2, x3, x4, x5);
 }
 
-void do_info_trace(Monitor *mon)
-{
-unsigned int i;
-
-for (i = 0; i < trace_idx ; i++) {
-monitor_printf(mon, "Event %lu : %lx %lx %lx %lx %lx\n",
-  trace_buf[i].event, trace_buf[i].x1, trace_buf[i].x2,
-trace_buf[i].x3, trace_buf[i].x4, trace_buf[i].x5);
-}
-}
-
-void do_info_all_trace_events(Monitor *mon)
-{
-unsigned int i;
-
-for (i = 0; i < NR_TRACE_EVENTS; i++) {
-monitor_printf(mon, "%s [Event ID %u] : state %u\n",
-trace_list[i].tp_name, i, trace_list[i].state);
-}
-}
-
 static TraceEvent* find_trace_event_by_name(const char *tname)
 {
 unsigned int i;
diff --git a/tracetool b/tracetool
index c77280d..c7a690d 100755
--- a/tracetool
+++ b/tracetool
@@ -125,6 +125,22 @@ typedef struct {
 bool state;
 } TraceEvent;
 
+typedef struct {
+unsigned long event;
+unsigned long x1;
+unsigned long x2;
+unsigned long x3;
+unsigned long x4;
+unsigned long x5;
+} TraceRecord;
+
+enum {
+TRACE_BUF_LEN = 64 * 1024 / sizeof(TraceRecord),
+};
+
+extern TraceRecord trace_buf[TRACE_BUF_LEN];
+extern unsigned int trace_idx;
+
 void trace1(TraceEventID event, unsigned long x1);
 void trace2(TraceEventID event, unsigned long x1, unsigned long x2);
 void trace3(TraceEventID event, unsigned long x1, unsigned long x2, unsigned 
long x3);
-- 
1.6.2.5



-- 
Prerna Saxena

Linux Technology Centre,
IBM Systems and Technology Lab,
Bangalore, India

[Qemu-devel] [PATCH v2 6/7] net: slirp: introduce info_dict

Signed-off-by: Miguel Di Ciurcio Filho 
---
 net/slirp.c |   42 +++---
 1 files changed, 39 insertions(+), 3 deletions(-)

diff --git a/net/slirp.c b/net/slirp.c
index b41c60a..9549711 100644
--- a/net/slirp.c
+++ b/net/slirp.c
@@ -32,6 +32,9 @@
 #include "monitor.h"
 #include "sysemu.h"
 #include "qemu_socket.h"
+#include "qdict.h"
+#include "qbool.h"
+#include "qstring.h"
 #include "slirp/libslirp.h"
 
 static int get_str_sep(char *buf, int buf_size, const char **pp, int sep)
@@ -243,6 +246,26 @@ static int net_slirp_init(VLANState *vlan, const char 
*model,
 snprintf(nc->info_str, sizeof(nc->info_str),
  "net=%s, restricted=%c", inet_ntoa(net), restricted ? 'y' : 'n');
 
+nc->info_dict = qdict_new();
+qdict_put(nc->info_dict, "net", qstring_from_str(inet_ntoa(net)));
+qdict_put(nc->info_dict, "host", qstring_from_str(inet_ntoa(host)));
+qdict_put(nc->info_dict, "dns", qstring_from_str(inet_ntoa(dns)));
+qdict_put(nc->info_dict, "dhcpstart", qstring_from_str(inet_ntoa(dhcp)));
+qdict_put(nc->info_dict, "netmask", qstring_from_str(inet_ntoa(mask)));
+qdict_put(nc->info_dict, "restrict", qbool_from_int(restricted));
+
+if (vhostname) {
+qdict_put(nc->info_dict, "hostname", qstring_from_str(vhostname));
+}
+
+if (tftp_export) {
+qdict_put(nc->info_dict, "tftp", qstring_from_str(tftp_export));
+}
+
+if (bootfile) {
+qdict_put(nc->info_dict, "bootfile", qstring_from_str(bootfile));
+}
+
 s = DO_UPCAST(SlirpState, nc, nc);
 
 s->slirp = slirp_init(restricted, net, mask, host, vhostname,
@@ -252,12 +275,20 @@ static int net_slirp_init(VLANState *vlan, const char 
*model,
 for (config = slirp_configs; config; config = config->next) {
 if (config->flags & SLIRP_CFG_HOSTFWD) {
 if (slirp_hostfwd(s, config->str,
-  config->flags & SLIRP_CFG_LEGACY) < 0)
+  config->flags & SLIRP_CFG_LEGACY) < 0) {
 goto error;
+} else {
+qdict_put(nc->info_dict, "hostfwd",
+qstring_from_str(config->str));
+}
 } else {
 if (slirp_guestfwd(s, config->str,
-   config->flags & SLIRP_CFG_LEGACY) < 0)
+   config->flags & SLIRP_CFG_LEGACY) < 0) {
 goto error;
+} else {
+qdict_put(nc->info_dict, "guestfwd",
+qstring_from_str(config->str));
+}
 }
 }
 #ifndef _WIN32
@@ -265,8 +296,13 @@ static int net_slirp_init(VLANState *vlan, const char 
*model,
 smb_export = legacy_smb_export;
 }
 if (smb_export) {
-if (slirp_smb(s, smb_export, smbsrv) < 0)
+if (slirp_smb(s, smb_export, smbsrv) < 0) {
 goto error;
+} else {
+qdict_put(nc->info_dict, "smb", qstring_from_str(smb_export));
+qdict_put(nc->info_dict, "smbserver",
+qstring_from_str(inet_ntoa(smbsrv)));
+}
 }
 #endif
 
-- 
1.7.1

[Qemu-devel] [PATCH v2 5/7] net: vde: introduce info_dict

Signed-off-by: Miguel Di Ciurcio Filho 
---
 net/vde.c |   14 ++
 1 files changed, 14 insertions(+), 0 deletions(-)

diff --git a/net/vde.c b/net/vde.c
index 0b46fa6..a8a5b03 100644
--- a/net/vde.c
+++ b/net/vde.c
@@ -31,6 +31,9 @@
 #include "qemu-char.h"
 #include "qemu-common.h"
 #include "qemu-option.h"
+#include "qdict.h"
+#include "qstring.h"
+#include "qint.h"
 #include "sysemu.h"
 
 typedef struct VDEState {
@@ -102,6 +105,17 @@ static int net_vde_init(VLANState *vlan, const char *model,
 snprintf(nc->info_str, sizeof(nc->info_str), "sock=%s,fd=%d",
  sock, vde_datafd(vde));
 
+assert(nc->info_dict == NULL);
+nc->info_dict = qdict_new();
+qdict_put(nc->info_dict, "sock", qstring_from_str(sock));
+qdict_put(nc->info_dict, "fd", qint_from_int(vde_datafd(vde)));
+qdict_put(nc->info_dict, "port", qint_from_int(port));
+qdict_put(nc->info_dict, "mode", qint_from_int(mode));
+
+if (group) {
+qdict_put(nc->info_dict, "group", qstring_from_str(group));
+}
+
 s = DO_UPCAST(VDEState, nc, nc);
 
 s->vde = vde;
-- 
1.7.1

[Qemu-devel] [PATCH v2 7/7] monitor/net: introduce 'info netdev' with QMP support

Signed-off-by: Miguel Di Ciurcio Filho 
---
 monitor.c |8 +++
 net.c |   71 +
 net.h |2 +
 3 files changed, 81 insertions(+), 0 deletions(-)

diff --git a/monitor.c b/monitor.c
index 170b269..b44768c 100644
--- a/monitor.c
+++ b/monitor.c
@@ -2314,6 +2314,14 @@ static const mon_cmd_t info_cmds[] = {
 .mhandler.info = do_info_network,
 },
 {
+.name   = "netdev",
+.args_type  = "",
+.params = "",
+.help   = "show information about network backend devices",
+.user_print = do_info_netdev_print,
+.mhandler.info_new = do_info_netdev,
+},
+{
 .name   = "chardev",
 .args_type  = "",
 .params = "",
diff --git a/net.c b/net.c
index 2936fe6..bbb8998 100644
--- a/net.c
+++ b/net.c
@@ -36,6 +36,8 @@
 #include "qemu-common.h"
 #include "qemu_socket.h"
 #include "hw/qdev.h"
+#include "qdict.h"
+#include "qjson.h"
 
 static QTAILQ_HEAD(, VLANState) vlans;
 static QTAILQ_HEAD(, VLANClientState) non_vlan_clients;
@@ -1249,6 +1251,75 @@ void do_info_network(Monitor *mon)
 }
 }
 
+static void netdev_iter(QObject *obj, void *opaque)
+{
+
+Monitor *mon = opaque;
+QDict *net_device = qobject_to_qdict(obj);
+QString *qstring;
+
+monitor_printf(mon, "%s: ", qdict_get_str(net_device, "id"));
+
+monitor_printf(mon, "type=%s,", qdict_get_str(net_device, "type"));
+
+if (qdict_haskey(net_device, "peer")) {
+monitor_printf(mon, "peer=%s,", qdict_get_str(net_device, "peer"));
+}
+
+qstring = qdict_to_qstring(qdict_get_qdict(net_device, "info"), ",");
+monitor_printf(mon, qstring_get_str(qstring));
+QDECREF(qstring);
+
+monitor_printf(mon, "\n");
+
+}
+
+void do_info_netdev_print(Monitor *mon, const QObject *ret_data)
+{
+
+QList *net_devices;
+
+net_devices = qobject_to_qlist(ret_data);
+
+qlist_iter(net_devices, netdev_iter, mon);
+
+}
+
+void do_info_netdev(Monitor *mon, QObject **ret_data)
+{
+VLANClientState *vc;
+QDict *net_device;
+QList *device_list;
+device_list = qlist_new();
+QObject *obj;
+
+QTAILQ_FOREACH(vc, &non_vlan_clients, next) {
+
+if (vc->info->type == NET_CLIENT_TYPE_NONE ||
+vc->info->type == NET_CLIENT_TYPE_NIC ||
+vc->info->type == NET_CLIENT_TYPE_SOCKET ||
+vc->info->type == NET_CLIENT_TYPE_DUMP) {
+continue;
+}
+
+obj = qobject_from_jsonf("{'id': %s, 'type': %s}",
+vc->name, vc->model);
+
+net_device = qobject_to_qdict(obj);
+
+QINCREF(vc->info_dict);
+qdict_put(net_device, "info", vc->info_dict);
+
+if (vc->peer) {
+qdict_put(net_device, "peer", qstring_from_str(vc->peer->name));
+}
+
+qlist_append(device_list, net_device);
+}
+
+*ret_data = QOBJECT(device_list);
+}
+
 int do_set_link(Monitor *mon, const QDict *qdict, QObject **ret_data)
 {
 VLANState *vlan;
diff --git a/net.h b/net.h
index cfe837f..69a3c9f 100644
--- a/net.h
+++ b/net.h
@@ -118,6 +118,8 @@ int qemu_find_nic_model(NICInfo *nd, const char * const 
*models,
 const char *default_model);
 
 void do_info_network(Monitor *mon);
+void do_info_netdev_print(Monitor *mon, const QObject *ret_data);
+void do_info_netdev(Monitor *mon, QObject **ret_data);
 int do_set_link(Monitor *mon, const QDict *qdict, QObject **ret_data);
 
 /* NIC info */
-- 
1.7.1

[Qemu-devel] [PATCH v2 4/7] net: tap/tap-win32: introduce info_dict

Signed-off-by: Miguel Di Ciurcio Filho 
---
 net/tap-win32.c |7 +++
 net/tap.c   |   22 +-
 2 files changed, 28 insertions(+), 1 deletions(-)

diff --git a/net/tap-win32.c b/net/tap-win32.c
index 74348da..5e58702 100644
--- a/net/tap-win32.c
+++ b/net/tap-win32.c
@@ -32,6 +32,8 @@
 #include "net.h"
 #include "sysemu.h"
 #include "qemu-error.h"
+#include "qdict.h"
+#include "qstring.h"
 #include 
 #include 
 #include 
@@ -693,6 +695,11 @@ static int tap_win32_init(VLANState *vlan, const char 
*model,
 snprintf(s->nc.info_str, sizeof(s->nc.info_str),
  "tap: ifname=%s", ifname);
 
+nc->info_dict = qdict_new()
+qdict_put(nc->info_dict, "ifname", qstring_from_str(ifname));
+qdict_put(nc->info_dict, "vhost", qbool_from_int(0));
+qdict_put(nc->info_dict, "vnet_hdr", qbool_from_int(0));
+
 s->handle = handle;
 
 qemu_add_wait_object(s->handle->tap_semaphore, tap_win32_send, s);
diff --git a/net/tap.c b/net/tap.c
index 0147dab..f294091 100644
--- a/net/tap.c
+++ b/net/tap.c
@@ -39,6 +39,8 @@
 #include "qemu-char.h"
 #include "qemu-common.h"
 #include "qemu-error.h"
+#include "qint.h"
+#include "qbool.h"
 
 #include "net/tap-linux.h"
 
@@ -448,6 +450,11 @@ int net_init_tap(QemuOpts *opts, Monitor *mon, const char 
*name, VLANState *vlan
 
 if (qemu_opt_get(opts, "fd")) {
 snprintf(s->nc.info_str, sizeof(s->nc.info_str), "fd=%d", fd);
+
+assert(s->nc.info_dict == NULL);
+s->nc.info_dict = qdict_new();
+qdict_put(s->nc.info_dict, "fd", qint_from_int(fd));
+
 } else {
 const char *ifname, *script, *downscript;
 
@@ -459,12 +466,23 @@ int net_init_tap(QemuOpts *opts, Monitor *mon, const char 
*name, VLANState *vlan
  "ifname=%s,script=%s,downscript=%s",
  ifname, script, downscript);
 
-if (strcmp(downscript, "no") != 0) {
+assert(s->nc.info_dict == NULL);
+s->nc.info_dict = qdict_new();
+qdict_put(s->nc.info_dict, "ifname", qstring_from_str(ifname));
+
+if (strcmp(downscript, "no") != 0 && downscript[0] != '\0') {
 snprintf(s->down_script, sizeof(s->down_script), "%s", downscript);
 snprintf(s->down_script_arg, sizeof(s->down_script_arg), "%s", 
ifname);
+qdict_put(s->nc.info_dict, "downscript", 
qstring_from_str(downscript));
+}
+
+if (strcmp(script, "no") != 0 && script[0] != '\0') {
+qdict_put(s->nc.info_dict, "script", qstring_from_str(script));
 }
 }
 
+qdict_put(s->nc.info_dict, "vnet_hdr", qbool_from_int(s->has_vnet_hdr));
+
 if (qemu_opt_get_bool(opts, "vhost", !!qemu_opt_get(opts, "vhostfd"))) {
 int vhostfd, r;
 if (qemu_opt_get(opts, "vhostfd")) {
@@ -473,6 +491,7 @@ int net_init_tap(QemuOpts *opts, Monitor *mon, const char 
*name, VLANState *vlan
 return -1;
 }
 vhostfd = r;
+qdict_put(s->nc.info_dict, "vhostfd", qint_from_int(vhostfd));
 } else {
 vhostfd = -1;
 }
@@ -486,6 +505,7 @@ int net_init_tap(QemuOpts *opts, Monitor *mon, const char 
*name, VLANState *vlan
 return -1;
 }
 
+qdict_put(s->nc.info_dict, "vhost", qbool_from_int(s->vhost_net ? 1 : 0));
 return 0;
 }
 
-- 
1.7.1

[Qemu-devel] [PATCH v2 3/7] net: Introduce VLANClientState->info_dict

There is no standard format when formatting VLANClientState.info_str,
so it is difficult to extract information and transmit it over QMP.

This patch adds info_dict, a QDict to better handle this information.

Signed-off-by: Miguel Di Ciurcio Filho 
---
 net.c |1 +
 net.h |1 +
 2 files changed, 2 insertions(+), 0 deletions(-)

diff --git a/net.c b/net.c
index 0703698..2936fe6 100644
--- a/net.c
+++ b/net.c
@@ -301,6 +301,7 @@ void qemu_del_vlan_client(VLANClientState *vc)
 
 qemu_free(vc->name);
 qemu_free(vc->model);
+QDECREF(vc->info_dict);
 qemu_free(vc);
 }
 
diff --git a/net.h b/net.h
index 518cf9c..cfe837f 100644
--- a/net.h
+++ b/net.h
@@ -65,6 +65,7 @@ struct VLANClientState {
 char *model;
 char *name;
 char info_str[256];
+QDict *info_dict;
 unsigned receive_disabled : 1;
 };
 
-- 
1.7.1

[Qemu-devel] [PATCH v2 1/7] QMP: Introduce the documentation for query-netdev and info netdev

These commands show the information about active backend network devices.

Signed-off-by: Miguel Di Ciurcio Filho 
---
 qemu-monitor.hx |  100 +++
 1 files changed, 100 insertions(+), 0 deletions(-)

diff --git a/qemu-monitor.hx b/qemu-monitor.hx
index 9f62b94..330d7a6 100644
--- a/qemu-monitor.hx
+++ b/qemu-monitor.hx
@@ -1674,6 +1674,106 @@ show the various VLANs and the associated devices
 ETEXI
 
 STEXI
+...@item info netdev
+show information about the current backend network devices
+ETEXI
+SQMP
+query-netdev
+
+
+Each device is represented by a json-object. The returned value is a json-array
+of all devices.
+
+Each json-object contains the following:
+
+- "id": the device's ID, must be unique (json-string)
+- "type": device type (json-string)
+- Possible values: "tap", "user", "vde"
+- "peer": ID of the frontend guest device, if not available means that this
+  netdev is not connected to a guest device yet (json-string, optional)
+- "info": json-object containing the configuration information about the 
device.
+- When "type" is "tap", the following values might be available:
+- "fd": available if connected to an already opened TAP interface
+  (json-int, optional)
+- "script": path to an script used to configure the interface,
+  available only if an script is used. (json-string, optional, only
+  present if "fd" is not present)
+- "downscript": path to an script used to deconfigure the 
interface,
+  available only if an script is used. (json-string, optional, only
+  present if "fd" is not present)
+- "ifname": name of the attached host interface (json-string, only
+  present if "fd" is not present)
+- "vhost": vhost acceleration status, true if enabled, false
+  otherwise (json-boolean)
+- "vnet_hdr": true if the IFF_VNET_HDR flag must be set and is in
+  use, false otherwise (json-boolean)
+- "vhostfd": fd used to connect the device to an already opened
+  vhost net device (json-int, optional)
+- When "type" is "vde", the following values might be available:
+- "sock": path to the VDE listening socket (json-string)
+- "port": port number connected to virtual switch (json-int)
+- "mode": permission mode, in octal (json-int)
+- "group": group name (json-string, optional)
+- When "type" is "user", the following values might be available:
+- "hostname": client hostname reported by the builtin DHCP server,
+  (json-string, optional)
+- "restrict": true if guest is isolated from the host,
+  false otherwise (json-boolean)
+- "net": network address (json-string)
+- "netmask": netmask (json-string)
+- "host": guest-visible address of the host (json-string)
+- "tftp": root directory of the built-in TFTP server (json-string,
+  optional)
+- "bootfile": BOOTP filename (json-string, optional)
+- "dhcpstart": the first of the 16 IPs the built-in DHCP server can
+  assign (json-string)
+- "dns": guest-visible address of the virtual nameserver
+  (json-string)
+- "smb": root directory of the built-in SMB server (json-string,
+  optional)
+- "smbserver": IP address of the built-in SMB server (json-string,
+  optional)
+- "hostfwd": guest port number to forward incoming TCP or UDP
+  connections (json-int, optional)
+- "guestfwd": IP address and port to forward guest TCP connections
+  (json-int, optional)
+
+Example:
+
+-> { "execute": "query-netdev" }
+<- {
+  "return": [
+ {
+"id": "tap.0",
+"type": "tap",
+"peer": "virtio-net-pci.0",
+"info": {
+   "script": "/etc/qemu-ifup",
+   "downscript": "/etc/qemu-ifdown",
+   "ifname": "tap0",
+   "vnet_hdr": false,
+   "vhost": true
+},
+ },
+ {
+"id": "user.0",
+"type": "user",
+"peer": "e1000.0",
+"info": {
+   "restrict": false,
+   "net": "10.0.2.0",
+   "netmask": "255.255.255.0",
+   "host": 10.0.2.2",
+   "dhcpstart": "10.2.0.15",
+   "dns": "10.0.2.3"
+},
+ },
+  ]
+   }
+
+EQMP
+
+STEXI
 @item info chardev
 show the character devices
 ETEXI
-- 
1.7.1

[Qemu-devel] [PATCH v2 2/7] QObject API: introduce qdict_to_qstring() function

This is a helper function that converts a QDict to a QString, using
the format:

key1=value1 SEP key2=value2 SEP key3=value3

Handy for debugging and formating the Monitor output.

Signed-off-by: Miguel Di Ciurcio Filho 
---
 qdict.c |   60 
 qdict.h |2 ++
 2 files changed, 62 insertions(+), 0 deletions(-)

diff --git a/qdict.c b/qdict.c
index 175bc17..dc95199 100644
--- a/qdict.c
+++ b/qdict.c
@@ -267,6 +267,66 @@ const char *qdict_get_str(const QDict *qdict, const char 
*key)
 return qstring_get_str(qobject_to_qstring(obj));
 }
 
+struct qstring_pack {
+QString *str;
+size_t total_keys;
+size_t current_key;
+const char *separator;
+};
+
+static void qdict_to_qstring_iter(const char *key, QObject *obj, void *opaque)
+{
+struct qstring_pack *pack = opaque;
+qstring_append(pack->str, key);
+qstring_append(pack->str, "=");
+switch (qobject_type(obj)) {
+case QTYPE_QSTRING:
+qstring_append(pack->str, qstring_get_str(qobject_to_qstring(obj)));
+break;
+case QTYPE_QINT:
+qstring_append_int(pack->str, qint_get_int(qobject_to_qint(obj)));
+break;
+case QTYPE_QBOOL:
+qstring_append(pack->str, qbool_get_int(qobject_to_qbool(obj)) ? 
"true" :
+"false" );
+break;
+default:
+qstring_append(pack->str, "NULL");
+}
+
+pack->current_key++;
+
+if (pack->current_key < pack->total_keys) {
+qstring_append(pack->str, pack->separator);
+}
+}
+
+/**
+ * qdict_to_qstring(): Format a string with the keys and values of a QDict.
+ *
+ * Nested lists and dicts are not supported, yet.
+ *
+ * Return a pointer to a QString, with the following format:
+ *key1=value1 SEP key2=value2 SEP key3=value3
+ */
+QString *qdict_to_qstring(const QDict *qdict, const char *separator)
+{
+struct qstring_pack *pack;
+QString *str;
+str = qstring_new();
+
+pack = qemu_malloc(sizeof(*pack));
+pack->str = str;
+pack->current_key = 0;
+pack->total_keys = qdict_size(qdict);
+pack->separator = separator;
+
+qdict_iter(qdict, qdict_to_qstring_iter, pack);
+
+qemu_free(pack);
+
+return str;
+}
 /**
  * qdict_get_try_int(): Try to get integer mapped by 'key'
  *
diff --git a/qdict.h b/qdict.h
index 5e5902c..0c64089 100644
--- a/qdict.h
+++ b/qdict.h
@@ -15,6 +15,7 @@
 
 #include "qobject.h"
 #include "qlist.h"
+#include "qstring.h"
 #include "qemu-queue.h"
 #include 
 
@@ -55,6 +56,7 @@ int qdict_get_bool(const QDict *qdict, const char *key);
 QList *qdict_get_qlist(const QDict *qdict, const char *key);
 QDict *qdict_get_qdict(const QDict *qdict, const char *key);
 const char *qdict_get_str(const QDict *qdict, const char *key);
+QString *qdict_to_qstring(const QDict *qdict, const char *separator);
 int64_t qdict_get_try_int(const QDict *qdict, const char *key,
   int64_t err_value);
 const char *qdict_get_try_str(const QDict *qdict, const char *key);
-- 
1.7.1

[Qemu-devel] [PATCH v2 0/7] QMP: Introduce query-netdev

This series implement the previously discussed QMP command query-netdev.

Regards,

changelog from v1
-
- Fixed wrong usage of qemu_free() with vc->info_dict, now using QDECREF()
- Fixed QString leak in netdev_iter()

changelog from last protocol spec
-
When "type" is "tap", the attribute "sndbuf" have been removed. "sndbuf" is
not available on all platforms and most of the tap_set_sndbuf() implementations
are stubs.

[Qemu-devel] [Bug 599958] Re: Timedrift problems with Win7: hpet missing time drift fixups

2010-06-30 Thread Anthony Liguori

-no-hpet works in every version of qemu/qemu-kvm that has included HPET
support.  RHEL disables HPET support by default unlike qemu and qemu-
kvm.

I've updated the bug priority and title to reflect what the issue is.

We only support edge triggered interrupts with HPET which seems to be
what most OSes use anyway.  We could potentially use the
reset_irq_delivered/get_irq_delivered APIC functions to implement
interrupt catch-up but I think it would be better to try to merge Jan's
generic IRQ delivered API first.

** Summary changed:

- Timedrift problems with Win7 + qemu-kvm
+ Timedrift problems with Win7: hpet missing time drift fixups

** Changed in: qemu
   Importance: Undecided => Wishlist

** Changed in: qemu
   Status: New => Confirmed

-- 
Timedrift problems with Win7: hpet missing time drift fixups
https://bugs.launchpad.net/bugs/599958
You received this bug notification because you are a member of qemu-
devel-ml, which is subscribed to QEMU.

Status in QEMU: Confirmed

Bug description:
We've been finding timedrift issues witth Win7 under qemu-kvm on our daily 
testing

kvm.qemu-kvm-git.smp2.Win7.64.timedrift.with_load   FAIL1   Time 
drift too large after rest period: 38.63%
kvm.qemu-kvm-git.smp2.Win7.64.timedrift.with_reboot FAIL1   Time 
drift too large at iteration 1: 17.77 seconds
kvm.qemu-kvm-git.smp2.Win7.64.timedrift.with_migration  FAIL1   Time 
drift too large at iteration 2: 3.08 seconds

Steps to reproduce:

timedrift.with_load

1) Log into a guest.
2) Take a time reading from the guest and host.
3) Run load on the guest and host.
4) Take a second time reading.
5) Stop the load and rest for a while.
6) Take a third time reading.
7) If the drift immediately after load is higher than a user-
specified value (in %), fail.
If the drift after the rest period is higher than a user-specified value,
fail.

timedrift.with_migration

1) Log into a guest.
2) Take a time reading from the guest and host.
3) Migrate the guest.
4) Take a second time reading.
5) If the drift (in seconds) is higher than a user specified value, fail.

timedrift.with_reboot

1) Log into a guest.
2) Take a time reading from the guest and host.
3) Reboot the guest.
4) Take a second time reading.
5) If the drift (in seconds) is higher than a user specified value, fail.

This bug is to register those issues and keep an eye on them.

Attached, some logs from the autotest tests executed on the guest

[Qemu-devel] [Bug 599958] Re: Timedrift problems with Win7 + qemu-kvm

2010-06-30 Thread Lucas Meneghel Rodrigues

Indeed -no-hpet made the tests pass. It's still uncertain to me whether
this flag is supported across several branches of qemu-kvm, if it's
supported in all branches I'm going to update the upstream kvm autotest
config file.

-- 
Timedrift problems with Win7 + qemu-kvm
https://bugs.launchpad.net/bugs/599958
You received this bug notification because you are a member of qemu-
devel-ml, which is subscribed to QEMU.

Status in QEMU: New

Bug description:
We've been finding timedrift issues witth Win7 under qemu-kvm on our daily 
testing

kvm.qemu-kvm-git.smp2.Win7.64.timedrift.with_load   FAIL1   Time 
drift too large after rest period: 38.63%
kvm.qemu-kvm-git.smp2.Win7.64.timedrift.with_reboot FAIL1   Time 
drift too large at iteration 1: 17.77 seconds
kvm.qemu-kvm-git.smp2.Win7.64.timedrift.with_migration  FAIL1   Time 
drift too large at iteration 2: 3.08 seconds

Steps to reproduce:

timedrift.with_load

1) Log into a guest.
2) Take a time reading from the guest and host.
3) Run load on the guest and host.
4) Take a second time reading.
5) Stop the load and rest for a while.
6) Take a third time reading.
7) If the drift immediately after load is higher than a user-
specified value (in %), fail.
If the drift after the rest period is higher than a user-specified value,
fail.

timedrift.with_migration

1) Log into a guest.
2) Take a time reading from the guest and host.
3) Migrate the guest.
4) Take a second time reading.
5) If the drift (in seconds) is higher than a user specified value, fail.

timedrift.with_reboot

1) Log into a guest.
2) Take a time reading from the guest and host.
3) Reboot the guest.
4) Take a second time reading.
5) If the drift (in seconds) is higher than a user specified value, fail.

This bug is to register those issues and keep an eye on them.

Attached, some logs from the autotest tests executed on the guest

[Qemu-devel] Re: [RFC][PATCH] PCI: fix pci_to_cpu_addr() issue

2010-06-30 Thread chen huacai

Maybe this is what you want, please look at Page 10.
http://people.openrays.org/~comcat/godson/doc/godson2e.north.bridge.manual.pdf
But it is written in Chinese, I'm sorry that I also don't have an
English version.


On Wed, Jun 30, 2010 at 9:38 PM, Isaku Yamahata  wrote:
> Can you elaborate on how pci bus is mapped into local bus?
> Is there specification publicly available? Google didn't tell me.
>
>
> On Wed, Jun 30, 2010 at 06:39:53PM +0800, Huacai Chen wrote:
>> It seems like software may both use CPU address or PCI address to access a 
>> PCI
>> device. For example, Bonito north bridge map PCI memory space at 0x1000 ~
>> 0x1C00. PMON code use 0x ~ 0x0C00, but Linux kernel code use
>> 0x1000 ~ 0x1C00 to access devices. If set pci_mem_base to 0, PMON 
>> can't
>> work, but if set pci_mem_base to 0x1000, Linux can't access PCI. So I 
>> make
>> this patch to make both cases works.
>>
>> However, I don't know whether the modification will break other archs, so
>> request for comments here.
>>
>> Signed-off-by: Huacai Chen 
>> ---
>>  hw/pci.c |    2 +-
>>  1 files changed, 1 insertions(+), 1 deletions(-)
>>
>> diff --git a/hw/pci.c b/hw/pci.c
>> index 7787005..50e3572 100644
>> --- a/hw/pci.c
>> +++ b/hw/pci.c
>> @@ -672,7 +672,7 @@ PCIDevice *pci_register_device(PCIBus *bus, const char 
>> *name,
>>  static target_phys_addr_t pci_to_cpu_addr(PCIBus *bus,
>>                                            target_phys_addr_t addr)
>>  {
>> -    return addr + bus->mem_base;
>> +    return addr | bus->mem_base;
>>  }
>>
>>  static void pci_unregister_io_regions(PCIDevice *pci_dev)
>> --
>> 1.7.0.4
>>
>
> --
> yamahata
>



-- 
Huacai Chen

Re: [Qemu-devel] how to add one pcie device to qemu

2010-06-30 Thread Isaku Yamahata

On Wed, Jun 30, 2010 at 04:10:02PM +0800, Lisa Lei wrote:
> Hi,
>  I'm finding the solution of how to add one pcie device which emulated by
> systemc to  qemu, such as net card. I noticed that you've been working on Q35
> support for qemu, and the status of pcie port emulator is working on April, 
> can
> it be used now? thanks.

The public repo for q35 support is avaiable as follows.
http://lists.nongnu.org/archive/html/qemu-devel/2010-06/msg02066.html

I'm now trying to merge those patches to qemu upstream,
but not finished yet.
thanks,
-- 
yamahata

[Qemu-devel] Re: [RFC][PATCH] PCI: fix pci_to_cpu_addr() issue

2010-06-30 Thread Isaku Yamahata

Can you elaborate on how pci bus is mapped into local bus?
Is there specification publicly available? Google didn't tell me.


On Wed, Jun 30, 2010 at 06:39:53PM +0800, Huacai Chen wrote:
> It seems like software may both use CPU address or PCI address to access a PCI
> device. For example, Bonito north bridge map PCI memory space at 0x1000 ~ 
> 0x1C00. PMON code use 0x ~ 0x0C00, but Linux kernel code use 
> 0x1000 ~ 0x1C00 to access devices. If set pci_mem_base to 0, PMON 
> can't
> work, but if set pci_mem_base to 0x1000, Linux can't access PCI. So I make
> this patch to make both cases works.
> 
> However, I don't know whether the modification will break other archs, so
> request for comments here.
> 
> Signed-off-by: Huacai Chen 
> ---
>  hw/pci.c |2 +-
>  1 files changed, 1 insertions(+), 1 deletions(-)
> 
> diff --git a/hw/pci.c b/hw/pci.c
> index 7787005..50e3572 100644
> --- a/hw/pci.c
> +++ b/hw/pci.c
> @@ -672,7 +672,7 @@ PCIDevice *pci_register_device(PCIBus *bus, const char 
> *name,
>  static target_phys_addr_t pci_to_cpu_addr(PCIBus *bus,
>target_phys_addr_t addr)
>  {
> -return addr + bus->mem_base;
> +return addr | bus->mem_base;
>  }
>  
>  static void pci_unregister_io_regions(PCIDevice *pci_dev)
> -- 
> 1.7.0.4
> 

-- 
yamahata

[Qemu-devel] Re: [PATCH 09/12] savevm: Survive hot-unplug of snapshot device

Am 25.06.2010 18:53, schrieb Markus Armbruster:
> savevm.c keeps a pointer to the snapshot block device.  If you manage
> to get that device deleted, the pointer dangles, and the next snapshot
> operation will crash & burn.  Unplugging a guest device that uses it
> does the trick:
> 
> $ MALLOC_PERTURB_=234 qemu-system-x86_64 [...]
> QEMU 0.12.50 monitor - type 'help' for more information
> (qemu) info snapshots
> No available block device supports snapshots
> (qemu) drive_add auto if=none,file=tmp.qcow2
> OK
> (qemu) device_add usb-storage,id=foo,drive=none1
> (qemu) info snapshots
> Snapshot devices: none1
> Snapshot list (from none1):
> IDTAG VM SIZEDATE   VM CLOCK
> (qemu) device_del foo
> (qemu) info snapshots
> Snapshot devices:
> Segmentation fault (core dumped)
> 
> Move management of that pointer to block.c, and zap it when the device
> it points to goes away.
> 
> Signed-off-by: Markus Armbruster 
> ---
>  block.c  |   25 +
>  block.h  |1 +
>  savevm.c |   31 ---
>  3 files changed, 30 insertions(+), 27 deletions(-)
> 
> diff --git a/block.c b/block.c
> index 5e0ffa0..34055e0 100644
> --- a/block.c
> +++ b/block.c
> @@ -63,6 +63,9 @@ static QTAILQ_HEAD(, BlockDriverState) bdrv_states =
>  static QLIST_HEAD(, BlockDriver) bdrv_drivers =
>  QLIST_HEAD_INITIALIZER(bdrv_drivers);
>  
> +/* The device to use for VM snapshots */
> +static BlockDriverState *bs_snapshots;
> +
>  /* If non-zero, use only whitelisted block drivers */
>  static int use_bdrv_whitelist;
>  
> @@ -660,6 +663,9 @@ void bdrv_close_all(void)
>  void bdrv_delete(BlockDriverState *bs)
>  {
>  assert(!bs->peer);
> +if (bs == bs_snapshots) {
> +bs_snapshots = NULL;
> +}

This should probably be in bdrv_close() instead. A BlockDriverState can
be closed, but not deleted yet; it can't handle snapshots in this state,
though.

>  /* remove from list, if necessary */
>  if (bs->device_name[0] != '\0') {
> @@ -1772,6 +1778,25 @@ int bdrv_can_snapshot(BlockDriverState *bs)
>  return 1;
>  }
>  
> +BlockDriverState *bdrv_snapshots(void)
> +{
> +BlockDriverState *bs;
> +
> +if (bs_snapshots)
> +return bs_snapshots;

I know that this function is just moved with no changes, but while we're
at it and you need to respin anyway, can we add braces here?

> +
> +bs = NULL;
> +while ((bs = bdrv_next(bs))) {
> +if (bdrv_can_snapshot(bs)) {
> +goto ok;
> +}
> +}
> +return NULL;
> + ok:
> +bs_snapshots = bs;
> +return bs;
> +}

And instead of a goto we could do the right thing directly in the if block.

Kevin

[Qemu-devel] [Bug 494500] Re: QEMU 0.12.0 does not support KVM with Kernel < 2.6.29, bug in ./configure and kvm-all.c

2010-06-30 Thread rowa

Does the _lastest_ kvm-kmod's install the right headers for the used
kernel, for example kernel 2.6.28-11?

As I wrote in this bug I had problems with a kernel 2.6.28-11 and the
_latest_ version of kvm-kmod. It works only with the right (not the
latest) version of kvm-kmod.

I'll check it in some days.

Thanks

--
QEMU 0.12.0 does not support KVM with Kernel < 2.6.29, bug in ./configure and
kvm-all.c
https://bugs.launchpad.net/bugs/494500
You received this bug notification because you are a member of qemu-
devel-ml, which is subscribed to QEMU.

Status in QEMU: New

Bug description:
I tryed to compile QEMU 0.12.0-rc1 with KVM support without success.

Here my configuration:

uname -a
Linux bla 2.6.28-11-server #42-Ubuntu SMP Fri Apr 17 02:45:36 UTC 2009 x86_64
GNU/Linux

dpkg -l | grep kvm
ii kvm1:84+dfsg-0ubuntu11

This KVM modul works fine.

I've installed this packets:

sudo apt-get install make wget zlib1g-dev libsdl-gfx1.2-dev
sudo apt-get install gcc libsdl1.2-dev zlib1g-dev libasound2-dev
linux-kernel-headers-`uname-r` pkg-config libgnutls-dev libpci-dev

The compiling of QEMU 0.12.0-rc1 wihout KVM support was OK.

./configure --enable-kvm
#error Missing KVM capability KVM_CAP_DESTROY_MEMORY_REGION_WORKS
NOTE: To enable KVM support, update your kernel to 2.6.29+ or install
recent kvm-kmod from http://sourceforge.net/projects/kvm.
ERROR
ERROR: User requested feature kvm
ERROR: configure was not able to find it
ERROR

I can't change the kernel because Ubuntu 9.10 are too buggy.
So I tryed to install the latest kvm modul.

wget \
http://sourceforge.net/projects/kvm/files/kvm-kmod/2.6.32/kvm-kmod-2.6.32.tar.bz2/download
tar xjvf kvm-kmod-2.6.32.tar.bz2
cd kvm-kmod-2.6.32
./configure && make
sudo make install
sudo rmmod kvm_intel kvm_adm kvm
sudo make install
sudo rmmod kvm_intel kvm
sudo modprobe kvm_intel

dmesg | grep kvm
[81811.678377] loaded kvm module (kvm-kmod-2.6.32)

I tryed to compile QEMU with kvm support but I got the same error.

What is wrong?

See also http://qemu-buch.de/de/index.php/QEMU-KVM-Buch/_Installation

[Qemu-devel] [Bug 494500] Re: QEMU 0.12.0 does not support KVM with Kernel < 2.6.29, bug in ./configure and kvm-all.c

2010-06-30 Thread Iggy

Recent kvm-kmod's install headers, so the text is actually correct now.

I'd say this bug can be closed now.

Status in QEMU: New

Bug description:
I tryed to compile QEMU 0.12.0-rc1 with KVM support without success.

Here my configuration:

uname -a
Linux bla 2.6.28-11-server #42-Ubuntu SMP Fri Apr 17 02:45:36 UTC 2009 x86_64
GNU/Linux

dpkg -l | grep kvm
ii kvm1:84+dfsg-0ubuntu11

This KVM modul works fine.

I've installed this packets:

sudo apt-get install make wget zlib1g-dev libsdl-gfx1.2-dev
sudo apt-get install gcc libsdl1.2-dev zlib1g-dev libasound2-dev
linux-kernel-headers-`uname-r` pkg-config libgnutls-dev libpci-dev

The compiling of QEMU 0.12.0-rc1 wihout KVM support was OK.

I can't change the kernel because Ubuntu 9.10 are too buggy.
So I tryed to install the latest kvm modul.

dmesg | grep kvm
[81811.678377] loaded kvm module (kvm-kmod-2.6.32)

I tryed to compile QEMU with kvm support but I got the same error.

What is wrong?

See also http://qemu-buch.de/de/index.php/QEMU-KVM-Buch/_Installation

[Qemu-devel] Re: Block live migration's use of type hint

Markus Armbruster  writes:

> Liran Schour  writes:
>
>> Markus Armbruster  wrote on 28/06/2010 10:26:47:
>>
>>> From: Markus Armbruster 
>>> To: qemu-devel@nongnu.org
>>> Cc: Liran Schour/Haifa/i...@ibmil
>>> Date: 28/06/2010 10:26
>>> Subject: Block live migration's use of type hint
>>>
>>> Block live migration appears to migrate only block devices with type
>>> hint BDRV_TYPE_HD.  Others are silently skipped:
[...]
>>> The logic comes from commit c163b5ca, but its commit message doesn't
>>> mention it.  Liran, please advise.  What are we trying to accomplish
>>> here?
>>>
>>> Whatever it is, I suspect checking the type hint isn't the appropriate
>>> way to get it.
>>
>> my intention was to migrate only writeable devices. Maybe there are more
>> accurate ways to do that.
>
> Okay, that looks like a job for bdrv_is_read_only().
>
> Thanks for your quick reply!

Subject: [PATCH 02/11] block migration: Fix test for read-only drive
Date: Wed, 30 Jun 2010 13:55:33 +0200
Message-Id: <1277898942-6501-3-git-send-email-arm...@redhat.com>

Re: [Qemu-devel] Re: [PATCH 08/12] block: Catch attempt to attach multiple devices to a blockdev

Am 30.06.2010 13:52, schrieb Markus Armbruster:
> Kevin Wolf  writes:
> 
>> Am 28.06.2010 12:16, schrieb Christoph Hellwig:
>>> On Mon, Jun 28, 2010 at 10:24:49AM +0200, Kevin Wolf wrote:
>>>
 Am 27.06.2010 11:36, schrieb Christoph Hellwig:
> On Sat, Jun 26, 2010 at 04:44:11PM +0200, Markus Armbruster wrote:
> [...]
>> -device usb-storage,drive=foo creates *two* devices: usb-storage itself,
>> which serves as SCSI controller, and scsi-disk for the drive.
>> usb-storage copies its drive property to scsi-disk.
>>
>> I don't like this.  Each -device should create just one device.
>
> Indeed.  I'd also prefer to get rid of this.  Anthony, how hard are the
> rules on backwards compatiblity for things like this?

 How would breaking compatibility help us? For the user a USB MSD is only
 one device, so requiring two -device parameters sounds wrong.
> 
> -device designed to be simple, stupid and straightforward: you get
> exactly what you asked for, no more, no less.  usb-storage breaks this
> design maxim.

I suppose the real question is: What is a device? qemu's internal view
(dozens of devices that communicate with each other) and the user's view
(it's one USB stick/mainboard/...) may differ.

>> Maybe we need something like composed devices? So when the user asks for
>> a USB stick, he actually gets all devices that this stick internally
>> uses? Otherwise it becomes really hard to use -device directly.
> 
> Could be useful.
> 
>> I guess the same applies for mainboards, CPUs and probably some more
>> things, though I don't really know how these are (planned to be) done in
>> qdev.
> 
> I'd like to keep -device stupid.  If we need "smarter" controls, let's
> layer them on top.

Makes sense. I'm not opposed to having something that deals only with
"atomic devices" or whatever you want to call them.

What users will usually want to have is something that treats an USB
stick as one device, though. So maybe the stupid version should become
-qdev or something and the extended version that is meant for users
should get the easy-to-remember name -device.

Kevin

[Qemu-devel] [Bug 494500] Re: QEMU 0.12.0 does not support KVM with Kernel < 2.6.29, bug in ./configure and kvm-all.c

2010-06-30 Thread rowa

@Jes Sorensen

This is a bug in the script configure of qemu. So this is a bug in QEMU.


** Changed in: qemu
   Status: Invalid => New

-- 
QEMU 0.12.0 does not support KVM with Kernel < 2.6.29, bug in ./configure and 
kvm-all.c
https://bugs.launchpad.net/bugs/494500
You received this bug notification because you are a member of qemu-
devel-ml, which is subscribed to QEMU.

Status in QEMU: New

Bug description:
I tryed to compile QEMU 0.12.0-rc1 with KVM support without success.

Here my configuration:

uname -a
Linux bla 2.6.28-11-server #42-Ubuntu SMP Fri Apr 17 02:45:36 UTC 2009 x86_64 
GNU/Linux

dpkg -l | grep kvm
ii  kvm1:84+dfsg-0ubuntu11

This KVM modul works fine.

I've installed this packets:

sudo apt-get install make wget zlib1g-dev libsdl-gfx1.2-dev
sudo apt-get install gcc libsdl1.2-dev zlib1g-dev libasound2-dev 
linux-kernel-headers-`uname-r` pkg-config libgnutls-dev libpci-dev

The compiling of QEMU 0.12.0-rc1 wihout KVM support was OK.

./configure --enable-kvm
#error Missing KVM capability KVM_CAP_DESTROY_MEMORY_REGION_WORKS
  NOTE: To enable KVM support, update your kernel to 2.6.29+ or install   
recent kvm-kmod from http://sourceforge.net/projects/kvm.
ERROR
ERROR: User requested feature kvm
ERROR: configure was not able to find it
ERROR

I can't change the kernel because Ubuntu 9.10 are too buggy.
So I tryed to install the latest kvm modul.

wget \
http://sourceforge.net/projects/kvm/files/kvm-kmod/2.6.32/kvm-kmod-2.6.32.tar.bz2/download
tar xjvf kvm-kmod-2.6.32.tar.bz2
cd kvm-kmod-2.6.32
./configure && make
sudo make install
sudo rmmod kvm_intel kvm_adm kvm
sudo make install
sudo rmmod kvm_intel kvm
sudo modprobe kvm_intel

dmesg | grep kvm
[81811.678377] loaded kvm module (kvm-kmod-2.6.32)

I tryed to compile QEMU with kvm support but I got the same error.

./configure --enable-kvm
#error Missing KVM capability KVM_CAP_DESTROY_MEMORY_REGION_WORKS
  NOTE: To enable KVM support, update your kernel to 2.6.29+ or install   
recent kvm-kmod from http://sourceforge.net/projects/kvm.
ERROR
ERROR: User requested feature kvm
ERROR: configure was not able to find it
ERROR

What is wrong?

See also http://qemu-buch.de/de/index.php/QEMU-KVM-Buch/_Installation

[Qemu-devel] [PATCH 07/11] ide: Improve error messages

Use error_report(), because it points to the error location.

Reword "tried to assign twice" messages to make it clear that we're
complaining about the unit property.

Report invalid unit property instead of failing silently.

Signed-off-by: Markus Armbruster 
---
 hw/ide/qdev.c |9 +
 1 files changed, 5 insertions(+), 4 deletions(-)

diff --git a/hw/ide/qdev.c b/hw/ide/qdev.c
index 2977a16..221f387 100644
--- a/hw/ide/qdev.c
+++ b/hw/ide/qdev.c
@@ -18,7 +18,7 @@
  */
 #include 
 #include "dma.h"
-
+#include "qemu-error.h"
 #include 
 
 /* - */
@@ -40,7 +40,7 @@ static int ide_qdev_init(DeviceState *qdev, DeviceInfo *base)
 IDEBus *bus = DO_UPCAST(IDEBus, qbus, qdev->parent_bus);
 
 if (!dev->conf.bs) {
-fprintf(stderr, "%s: no drive specified\n", qdev->info->name);
+error_report("No drive specified");
 goto err;
 }
 if (dev->unit == -1) {
@@ -49,19 +49,20 @@ static int ide_qdev_init(DeviceState *qdev, DeviceInfo 
*base)
 switch (dev->unit) {
 case 0:
 if (bus->master) {
-fprintf(stderr, "ide: tried to assign master twice\n");
+error_report("IDE unit %d is in use", dev->unit);
 goto err;
 }
 bus->master = dev;
 break;
 case 1:
 if (bus->slave) {
-fprintf(stderr, "ide: tried to assign slave twice\n");
+error_report("IDE unit %d is in use", dev->unit);
 goto err;
 }
 bus->slave = dev;
 break;
 default:
+error_report("Invalid IDE unit %d", dev->unit);
 goto err;
 }
 return info->init(dev);
-- 
1.6.6.1

[Qemu-devel] [PATCH 09/11] ide: Make ide_init_drive() return success

It still always succeeds.  The next commits will add failures.

Signed-off-by: Markus Armbruster 
---
 hw/ide/core.c |   13 +
 hw/ide/internal.h |4 ++--
 hw/ide/qdev.c |4 +++-
 3 files changed, 14 insertions(+), 7 deletions(-)

diff --git a/hw/ide/core.c b/hw/ide/core.c
index c37897b..a0eb1fa 100644
--- a/hw/ide/core.c
+++ b/hw/ide/core.c
@@ -26,6 +26,7 @@
 #include 
 #include 
 #include 
+#include "qemu-error.h"
 #include "qemu-timer.h"
 #include "sysemu.h"
 #include "dma.h"
@@ -2594,8 +2595,8 @@ void ide_bus_reset(IDEBus *bus)
 ide_clear_hob(bus);
 }
 
-void ide_init_drive(IDEState *s, BlockDriverState *bs,
-const char *version, const char *serial)
+int ide_init_drive(IDEState *s, BlockDriverState *bs,
+   const char *version, const char *serial)
 {
 int cylinders, heads, secs;
 uint64_t nb_sectors;
@@ -2630,6 +2631,7 @@ void ide_init_drive(IDEState *s, BlockDriverState *bs,
 }
 ide_reset(s);
 bdrv_set_removable(bs, s->drive_kind == IDE_CD);
+return 0;
 }
 
 static void ide_init1(IDEBus *bus, int unit)
@@ -2669,8 +2671,11 @@ void ide_init2_with_non_qdev_drives(IDEBus *bus, 
DriveInfo *hd0,
 dinfo = i == 0 ? hd0 : hd1;
 ide_init1(bus, i);
 if (dinfo) {
-ide_init_drive(&bus->ifs[i], dinfo->bdrv, NULL,
-   *dinfo->serial ? dinfo->serial : NULL);
+if (ide_init_drive(&bus->ifs[i], dinfo->bdrv, NULL,
+   *dinfo->serial ? dinfo->serial : NULL) < 0) {
+error_report("Can't set up IDE drive %s", dinfo->id);
+exit(1);
+}
 } else {
 ide_reset(&bus->ifs[i]);
 }
diff --git a/hw/ide/internal.h b/hw/ide/internal.h
index 14b0035..921856e 100644
--- a/hw/ide/internal.h
+++ b/hw/ide/internal.h
@@ -556,8 +556,8 @@ uint32_t ide_data_readw(void *opaque, uint32_t addr);
 void ide_data_writel(void *opaque, uint32_t addr, uint32_t val);
 uint32_t ide_data_readl(void *opaque, uint32_t addr);
 
-void ide_init_drive(IDEState *s, BlockDriverState *bs,
-const char *version, const char *serial);
+int ide_init_drive(IDEState *s, BlockDriverState *bs,
+   const char *version, const char *serial);
 void ide_init2(IDEBus *bus, qemu_irq irq);
 void ide_init2_with_non_qdev_drives(IDEBus *bus, DriveInfo *hd0,
 DriveInfo *hd1, qemu_irq irq);
diff --git a/hw/ide/qdev.c b/hw/ide/qdev.c
index 221f387..53468ed 100644
--- a/hw/ide/qdev.c
+++ b/hw/ide/qdev.c
@@ -118,7 +118,9 @@ static int ide_drive_initfn(IDEDevice *dev)
 }
 }
 
-ide_init_drive(s, dev->conf.bs, dev->version, serial);
+if (ide_init_drive(s, dev->conf.bs, dev->version, serial) < 0) {
+return -1;
+}
 
 if (!dev->version) {
 dev->version = qemu_strdup(s->version);
-- 
1.6.6.1

[Qemu-devel] [PATCH 06/11] qdev: Don't hw_error() in qdev_init_nofail()

Some of the failures are internal errors, and hw_error() is okay then.
But the common way to fail is bad user input, e.g. -global
isa-fdc.driveA=foo where drive foo has an unsupported rerror value.

exit(1) instead.

Signed-off-by: Markus Armbruster 
---
 hw/qdev.c |6 --
 1 files changed, 4 insertions(+), 2 deletions(-)

diff --git a/hw/qdev.c b/hw/qdev.c
index 61f999c..00ceada 100644
--- a/hw/qdev.c
+++ b/hw/qdev.c
@@ -326,8 +326,10 @@ void qdev_init_nofail(DeviceState *dev)
 {
 DeviceInfo *info = dev->info;
 
-if (qdev_init(dev) < 0)
-hw_error("Initialization of device %s failed\n", info->name);
+if (qdev_init(dev) < 0) {
+error_report("Initialization of device %s failed\n", info->name);
+exit(1);
+}
 }
 
 /* Unlink device from bus and free the structure.  */
-- 
1.6.6.1

[Qemu-devel] [PATCH 05/11] fdc: Reject unimplemented error actions

drive_init() doesn't permit them for if=floppy, but that's worthless:
we get them via if=none and -global.

This can make device initialization fail.  Since all callers of
fdctrl_init_isa() ignore its value, change it to die instead of
returning failure.  Without this, some callers would ignore the
failure, and others would crash.

Signed-off-by: Markus Armbruster 
---
 hw/fdc.c |   22 --
 1 files changed, 16 insertions(+), 6 deletions(-)

diff --git a/hw/fdc.c b/hw/fdc.c
index 6c74878..2d50bd6 100644
--- a/hw/fdc.c
+++ b/hw/fdc.c
@@ -29,6 +29,7 @@
 
 #include "hw.h"
 #include "fdc.h"
+#include "qemu-error.h"
 #include "qemu-timer.h"
 #include "isa.h"
 #include "sysbus.h"
@@ -1844,7 +1845,7 @@ static void fdctrl_result_timer(void *opaque)
 }
 
 /* Init functions */
-static void fdctrl_connect_drives(FDCtrl *fdctrl)
+static int fdctrl_connect_drives(FDCtrl *fdctrl)
 {
 unsigned int i;
 FDrive *drive;
@@ -1852,12 +1853,24 @@ static void fdctrl_connect_drives(FDCtrl *fdctrl)
 for (i = 0; i < MAX_FD; i++) {
 drive = &fdctrl->drives[i];
 
+if (drive->bs) {
+if (bdrv_get_on_error(drive->bs, 0) != BLOCK_ERR_STOP_ENOSPC) {
+error_report("fdc doesn't support drive option werror");
+return -1;
+}
+if (bdrv_get_on_error(drive->bs, 1) != BLOCK_ERR_REPORT) {
+error_report("fdc doesn't support drive option rerror");
+return -1;
+}
+}
+
 fd_init(drive);
 fd_revalidate(drive);
 if (drive->bs) {
 bdrv_set_removable(drive->bs, 1);
 }
 }
+return 0;
 }
 
 FDCtrl *fdctrl_init_isa(DriveInfo **fds)
@@ -1871,8 +1884,7 @@ FDCtrl *fdctrl_init_isa(DriveInfo **fds)
 if (fds[1]) {
 qdev_prop_set_drive_nofail(&dev->qdev, "driveB", fds[1]->bdrv);
 }
-if (qdev_init(&dev->qdev) < 0)
-return NULL;
+qdev_init_nofail(&dev->qdev);
 return &(DO_UPCAST(FDCtrlISABus, busdev, dev)->state);
 }
 
@@ -1950,9 +1962,7 @@ static int fdctrl_init_common(FDCtrl *fdctrl)
 
 if (fdctrl->dma_chann != -1)
 DMA_register_channel(fdctrl->dma_chann, &fdctrl_transfer_handler, 
fdctrl);
-fdctrl_connect_drives(fdctrl);
-
-return 0;
+return fdctrl_connect_drives(fdctrl);
 }
 
 static int isabus_fdc_init1(ISADevice *dev)
-- 
1.6.6.1

[Qemu-devel] [PATCH 01/11] blockdev: Clean up how readonly persists across virtual media change

Since commit cb4e5f8e, monitor command change makes the new media
readonly iff the type hint is BDRV_TYPE_CDROM, i.e. the drive was
created with media=cdrom.  The intention is to avoid changing a block
device's read-only-ness.  However, BDRV_TYPE_CDROM is only a hint.  It
is currently sufficent for read-only.  But it's not necessary, and it
may not remain sufficient.

Use bdrv_is_read_only() instead.

Signed-off-by: Markus Armbruster 
---
 blockdev.c |2 +-
 1 files changed, 1 insertions(+), 1 deletions(-)

diff --git a/blockdev.c b/blockdev.c
index cecde2b..cca3eec 100644
--- a/blockdev.c
+++ b/blockdev.c
@@ -589,7 +589,7 @@ int do_change_block(Monitor *mon, const char *device,
 if (eject_device(mon, bs, 0) < 0) {
 return -1;
 }
-bdrv_flags = bdrv_get_type_hint(bs) == BDRV_TYPE_CDROM ? 0 : BDRV_O_RDWR;
+bdrv_flags = bdrv_is_read_only(bs) ? 0 : BDRV_O_RDWR;
 if (bdrv_open(bs, filename, bdrv_flags, drv) < 0) {
 qerror_report(QERR_OPEN_FILE_FAILED, filename);
 return -1;
-- 
1.6.6.1

[Qemu-devel] [PATCH 04/11] scsi: Reject unimplemented error actions

drive_init() doesn't permit rerror for if=scsi, but that's worthless:
we get it via if=none and -device.

Moreover, scsi-generic doesn't support werror.  Since drive_init()
doesn't catch that, option werror was silently ignored even with
if=scsi.

Signed-off-by: Markus Armbruster 
---
 hw/scsi-disk.c|5 +
 hw/scsi-generic.c |9 +
 2 files changed, 14 insertions(+), 0 deletions(-)

diff --git a/hw/scsi-disk.c b/hw/scsi-disk.c
index 3e41011..c30709c 100644
--- a/hw/scsi-disk.c
+++ b/hw/scsi-disk.c
@@ -1059,6 +1059,11 @@ static int scsi_disk_initfn(SCSIDevice *dev)
 s->bs = s->qdev.conf.bs;
 is_cd = bdrv_get_type_hint(s->bs) == BDRV_TYPE_CDROM;
 
+if (bdrv_get_on_error(s->bs, 1) != BLOCK_ERR_REPORT) {
+error_report("Device doesn't support drive option rerror");
+return -1;
+}
+
 if (!s->serial) {
 /* try to fall back to value set with legacy -drive serial=... */
 dinfo = drive_get_by_blockdev(s->bs);
diff --git a/hw/scsi-generic.c b/hw/scsi-generic.c
index 3915e78..a8b4176 100644
--- a/hw/scsi-generic.c
+++ b/hw/scsi-generic.c
@@ -474,6 +474,15 @@ static int scsi_generic_initfn(SCSIDevice *dev)
 return -1;
 }
 
+if (bdrv_get_on_error(s->bs, 0) != BLOCK_ERR_STOP_ENOSPC) {
+error_report("Device doesn't support drive option werror");
+return -1;
+}
+if (bdrv_get_on_error(s->bs, 1) != BLOCK_ERR_REPORT) {
+error_report("Device doesn't support drive option rerror");
+return -1;
+}
+
 /* check we are using a driver managing SG_IO (version 3 and after */
 if (bdrv_ioctl(s->bs, SG_GET_VERSION_NUM, &sg_version) < 0 ||
 sg_version < 3) {
-- 
1.6.6.1

[Qemu-devel] [PATCH 08/11] ide: Replace IDEState members is_cdrom, is_cf by drive_kind

The two aren't independent variables.  Make that obvious.

Signed-off-by: Markus Armbruster 
---
 hw/ide/core.c   |   40 
 hw/ide/internal.h   |5 +++--
 hw/ide/macio.c  |2 +-
 hw/ide/microdrive.c |2 +-
 4 files changed, 25 insertions(+), 24 deletions(-)

diff --git a/hw/ide/core.c b/hw/ide/core.c
index ebdceb5..c37897b 100644
--- a/hw/ide/core.c
+++ b/hw/ide/core.c
@@ -292,7 +292,7 @@ static void ide_set_signature(IDEState *s)
 /* put signature */
 s->nsector = 1;
 s->sector = 1;
-if (s->is_cdrom) {
+if (s->drive_kind == IDE_CD) {
 s->lcyl = 0x14;
 s->hcyl = 0xeb;
 } else if (s->bs) {
@@ -1827,15 +1827,15 @@ void ide_ioport_write(void *opaque, uint32_t addr, 
uint32_t val)
 
 switch(val) {
 case WIN_IDENTIFY:
-if (s->bs && !s->is_cdrom) {
-if (!s->is_cf)
+if (s->bs && s->drive_kind != IDE_CD) {
+if (s->drive_kind != IDE_CF)
 ide_identify(s);
 else
 ide_cfata_identify(s);
 s->status = READY_STAT | SEEK_STAT;
 ide_transfer_start(s, s->io_buffer, 512, ide_transfer_stop);
 } else {
-if (s->is_cdrom) {
+if (s->drive_kind == IDE_CD) {
 ide_set_signature(s);
 }
 ide_abort_command(s);
@@ -1849,7 +1849,7 @@ void ide_ioport_write(void *opaque, uint32_t addr, 
uint32_t val)
 ide_set_irq(s->bus);
 break;
 case WIN_SETMULT:
-if (s->is_cf && s->nsector == 0) {
+if (s->drive_kind == IDE_CF && s->nsector == 0) {
 /* Disable Read and Write Multiple */
 s->mult_sectors = 0;
 s->status = READY_STAT | SEEK_STAT;
@@ -2033,7 +2033,7 @@ void ide_ioport_write(void *opaque, uint32_t addr, 
uint32_t val)
 ide_set_irq(s->bus);
 break;
 case WIN_SEEK:
-if(s->is_cdrom)
+if(s->drive_kind == IDE_CD)
 goto abort_cmd;
 /* XXX: Check that seek is within bounds */
 s->status = READY_STAT | SEEK_STAT;
@@ -2041,7 +2041,7 @@ void ide_ioport_write(void *opaque, uint32_t addr, 
uint32_t val)
 break;
 /* ATAPI commands */
 case WIN_PIDENTIFY:
-if (s->is_cdrom) {
+if (s->drive_kind == IDE_CD) {
 ide_atapi_identify(s);
 s->status = READY_STAT | SEEK_STAT;
 ide_transfer_start(s, s->io_buffer, 512, ide_transfer_stop);
@@ -2052,7 +2052,7 @@ void ide_ioport_write(void *opaque, uint32_t addr, 
uint32_t val)
 break;
 case WIN_DIAGNOSE:
 ide_set_signature(s);
-if (s->is_cdrom)
+if (s->drive_kind == IDE_CD)
 s->status = 0; /* ATAPI spec (v6) section 9.10 defines packet
 * devices to return a clear status register
 * with READY_STAT *not* set. */
@@ -2064,14 +2064,14 @@ void ide_ioport_write(void *opaque, uint32_t addr, 
uint32_t val)
 ide_set_irq(s->bus);
 break;
 case WIN_SRST:
-if (!s->is_cdrom)
+if (s->drive_kind != IDE_CD)
 goto abort_cmd;
 ide_set_signature(s);
 s->status = 0x00; /* NOTE: READY is _not_ set */
 s->error = 0x01;
 break;
 case WIN_PACKETCMD:
-if (!s->is_cdrom)
+if (s->drive_kind != IDE_CD)
 goto abort_cmd;
 /* overlapping commands not supported */
 if (s->feature & 0x02)
@@ -2084,7 +2084,7 @@ void ide_ioport_write(void *opaque, uint32_t addr, 
uint32_t val)
 break;
 /* CF-ATA commands */
 case CFA_REQ_EXT_ERROR_CODE:
-if (!s->is_cf)
+if (s->drive_kind != IDE_CF)
 goto abort_cmd;
 s->error = 0x09;/* miscellaneous error */
 s->status = READY_STAT | SEEK_STAT;
@@ -2092,7 +2092,7 @@ void ide_ioport_write(void *opaque, uint32_t addr, 
uint32_t val)
 break;
 case CFA_ERASE_SECTORS:
 case CFA_WEAR_LEVEL:
-if (!s->is_cf)
+if (s->drive_kind != IDE_CF)
 goto abort_cmd;
 if (val == CFA_WEAR_LEVEL)
 s->nsector = 0;
@@ -2103,7 +2103,7 @@ void ide_ioport_write(void *opaque, uint32_t addr, 
uint32_t val)
 ide_set_irq(s->bus);
 break;
 case CFA_TRANSLATE_SECTOR:
-if (!s->is_cf)
+if (s->drive_kind != IDE_CF)
 goto abort_cmd;
 s->error = 0x00;
 s->status = READY_STAT | SEEK_STAT;
@@ -2123,7 +2123,7 @@ void ide_ioport_write(void *opaque, uint32_t addr, 
uint32_t val)
 ide_set_irq(s->bus);

[Qemu-devel] [PATCH 11/11] ide: Reject invalid CHS geometry

drive_init() doesn't permit invalid CHS for if=ide, but that's
worthless: we get it via if=none and -device.

Signed-off-by: Markus Armbruster 
---
 hw/ide/core.c |   12 
 1 files changed, 12 insertions(+), 0 deletions(-)

diff --git a/hw/ide/core.c b/hw/ide/core.c
index 73eae20..11edca5 100644
--- a/hw/ide/core.c
+++ b/hw/ide/core.c
@@ -2604,6 +2604,18 @@ int ide_init_drive(IDEState *s, BlockDriverState *bs,
 s->bs = bs;
 bdrv_get_geometry(bs, &nb_sectors);
 bdrv_guess_geometry(bs, &cylinders, &heads, &secs);
+if (cylinders < 1 || cylinders > 16383) {
+error_report("cyls must be between 1 and 16383");
+return -1;
+}
+if (heads < 1 || heads > 16) {
+error_report("heads must be between 1 and 16");
+return -1;
+}
+if (secs < 1 || secs > 63) {
+error_report("secs must be between 1 and 63");
+return -1;
+}
 s->cylinders = cylinders;
 s->heads = heads;
 s->sectors = secs;
-- 
1.6.6.1

[Qemu-devel] [PATCH 00/11] Still more block related fixes and cleanups

I'm working on cleanly separating block device host and guest parts.
I'd like to route all this work through Kevin's block tree.  This is
still just preliminaries.

This patch series is based on v2 of my previous series.
git://repo.or.cz/qemu/armbru.git
tag block-fixes-2-v1: this series, based on
tag block-fixes-v2: previous series, based on
tag blockdev-base, which is on branch origin/master

There will be at least one more round of cleanup & fixes before
blockdev_add proper.  I intend to start with a minimal QMP-only
version, then add features.

Markus Armbruster (11):
  blockdev: Clean up how readonly persists across virtual media change
  block migration: Fix test for read-only drive
  raw-posix: Don't "try harder" for BDRV_TYPE_CDROM
  scsi: Reject unimplemented error actions
  fdc: Reject unimplemented error actions
  qdev: Don't hw_error() in qdev_init_nofail()
  ide: Improve error messages
  ide: Replace IDEState members is_cdrom, is_cf by drive_kind
  ide: Make ide_init_drive() return success
  ide: Reject readonly drives unless CD-ROM
  ide: Reject invalid CHS geometry

 block-migration.c   |2 +-
 block/raw-posix.c   |   26 ++
 blockdev.c  |2 +-
 hw/fdc.c|   22 +++
 hw/ide/core.c   |   70 +-
 hw/ide/internal.h   |9 +++---
 hw/ide/macio.c  |2 +-
 hw/ide/microdrive.c |2 +-
 hw/ide/qdev.c   |   13 ++---
 hw/qdev.c   |6 +++-
 hw/scsi-disk.c  |5 +++
 hw/scsi-generic.c   |9 ++
 12 files changed, 100 insertions(+), 68 deletions(-)

[Qemu-devel] [PATCH 03/11] raw-posix: Don't "try harder" for BDRV_TYPE_CDROM

raw_pread_aligned() retries up to two times if the block device backs
a virtual CD-ROM.  This makes no sense.  Whether retrying reads can
correct read errors may depend on what we're reading, not on how the
result gets used.

Also clean up gratuitous use of goto.

This reverts what's left of commit 8c05dbf9.

Signed-off-by: Markus Armbruster 
---
 block/raw-posix.c |   26 +++---
 1 files changed, 3 insertions(+), 23 deletions(-)

diff --git a/block/raw-posix.c b/block/raw-posix.c
index 3f0701b..2a847aa 100644
--- a/block/raw-posix.c
+++ b/block/raw-posix.c
@@ -242,15 +242,14 @@ static int raw_pread_aligned(BlockDriverState *bs, 
int64_t offset,
 
 ret = pread(s->fd, buf, count, offset);
 if (ret == count)
-goto label__raw_read__success;
+return ret;
 
 /* Allow reads beyond the end (needed for pwrite) */
 if ((ret == 0) && bs->growable) {
 int64_t size = raw_getlength(bs);
 if (offset >= size) {
 memset(buf, 0, count);
-ret = count;
-goto label__raw_read__success;
+return count;
 }
 }
 
@@ -259,23 +258,6 @@ static int raw_pread_aligned(BlockDriverState *bs, int64_t 
offset,
   s->fd, bs->filename, offset, buf, count,
   bs->total_sectors, ret, errno, strerror(errno));
 
-/* Try harder for CDrom. */
-if (bs->type == BDRV_TYPE_CDROM) {
-ret = pread(s->fd, buf, count, offset);
-if (ret == count)
-goto label__raw_read__success;
-ret = pread(s->fd, buf, count, offset);
-if (ret == count)
-goto label__raw_read__success;
-
-DEBUG_BLOCK_PRINT("raw_pread(%d:%s, %" PRId64 ", %p, %d) [%" PRId64
-  "] retry read failed %d : %d = %s\n",
-  s->fd, bs->filename, offset, buf, count,
-  bs->total_sectors, ret, errno, strerror(errno));
-}
-
-label__raw_read__success:
-
 return  (ret < 0) ? -errno : ret;
 }
 
@@ -298,15 +280,13 @@ static int raw_pwrite_aligned(BlockDriverState *bs, 
int64_t offset,
 
 ret = pwrite(s->fd, buf, count, offset);
 if (ret == count)
-goto label__raw_write__success;
+return ret;
 
 DEBUG_BLOCK_PRINT("raw_pwrite(%d:%s, %" PRId64 ", %p, %d) [%" PRId64
   "] write failed %d : %d = %s\n",
   s->fd, bs->filename, offset, buf, count,
   bs->total_sectors, ret, errno, strerror(errno));
 
-label__raw_write__success:
-
 return  (ret < 0) ? -errno : ret;
 }
 
-- 
1.6.6.1

[Qemu-devel] [PATCH 10/11] ide: Reject readonly drives unless CD-ROM

drive_init() doesn't permit option readonly for if=ide, but that's
worthless: we get it via if=none and -device.

Signed-off-by: Markus Armbruster 
---
 hw/ide/core.c |5 +
 1 files changed, 5 insertions(+), 0 deletions(-)

diff --git a/hw/ide/core.c b/hw/ide/core.c
index a0eb1fa..73eae20 100644
--- a/hw/ide/core.c
+++ b/hw/ide/core.c
@@ -2617,6 +2617,11 @@ int ide_init_drive(IDEState *s, BlockDriverState *bs,
 if (bdrv_get_type_hint(bs) == BDRV_TYPE_CDROM) {
 s->drive_kind = IDE_CD;
 bdrv_set_change_cb(bs, cdrom_change_cb, s);
+} else {
+if (bdrv_is_read_only(bs)) {
+error_report("Can't use a read-only drive");
+return -1;
+}
 }
 if (serial) {
 strncpy(s->drive_serial_str, serial, sizeof(s->drive_serial_str));
-- 
1.6.6.1

[Qemu-devel] [PATCH 02/11] block migration: Fix test for read-only drive

init_blk_migration_it() skips drives with type hint BDRV_TYPE_CDROM.
The intention is to skip read-only drives.  However, BDRV_TYPE_CDROM
is only a hint.  It is currently sufficent for read-only.  But it's
not necessary, and it may not remain sufficient.

Use bdrv_is_read_only() instead.

Signed-off-by: Markus Armbruster 
---
 block-migration.c |2 +-
 1 files changed, 1 insertions(+), 1 deletions(-)

diff --git a/block-migration.c b/block-migration.c
index 7d04d6d..7337349 100644
--- a/block-migration.c
+++ b/block-migration.c
@@ -236,7 +236,7 @@ static void init_blk_migration_it(void *opaque, 
BlockDriverState *bs)
 BlkMigDevState *bmds;
 int64_t sectors;
 
-if (bs->type == BDRV_TYPE_HD) {
+if (!bdrv_is_read_only(bs)) {
 sectors = bdrv_getlength(bs) >> BDRV_SECTOR_BITS;
 if (sectors == 0) {
 return;
-- 
1.6.6.1

Re: [Qemu-devel] Re: [PATCH 08/12] block: Catch attempt to attach multiple devices to a blockdev

Kevin Wolf  writes:

> Am 28.06.2010 12:16, schrieb Christoph Hellwig:
>> On Mon, Jun 28, 2010 at 10:24:49AM +0200, Kevin Wolf wrote:
>>
>>> Am 27.06.2010 11:36, schrieb Christoph Hellwig:
 On Sat, Jun 26, 2010 at 04:44:11PM +0200, Markus Armbruster wrote:
[...]
> -device usb-storage,drive=foo creates *two* devices: usb-storage itself,
> which serves as SCSI controller, and scsi-disk for the drive.
> usb-storage copies its drive property to scsi-disk.
>
> I don't like this.  Each -device should create just one device.
 
 Indeed.  I'd also prefer to get rid of this.  Anthony, how hard are the
 rules on backwards compatiblity for things like this?
>>>
>>> How would breaking compatibility help us? For the user a USB MSD is only
>>> one device, so requiring two -device parameters sounds wrong.

-device designed to be simple, stupid and straightforward: you get
exactly what you asked for, no more, no less.  usb-storage breaks this
design maxim.

>> But it is separate devices.  At least the standards compliant usb
>> storage devices just are a bride of scsi commands over usb and fit into
>> the SAM device model, which makes a difference between initiator, target
>> and LUN.  So having a different device for the specific target vs the
>> initiator port makes a difference. (and yes, we're still totally missing
>> support for multiple luns, which would require another level of
>> devices).  Trying to hide this is not all that useful - not anymore
>> useful than hiding it on a "normal" scsi host controller anyway.
>
> Maybe we need something like composed devices? So when the user asks for
> a USB stick, he actually gets all devices that this stick internally
> uses? Otherwise it becomes really hard to use -device directly.

Could be useful.

> I guess the same applies for mainboards, CPUs and probably some more
> things, though I don't really know how these are (planned to be) done in
> qdev.

I'd like to keep -device stupid.  If we need "smarter" controls, let's
layer them on top.

Re: [Qemu-devel] Tracing: outstanding tasks

2010-06-30 Thread Stefan Hajnoczi

On Wed, Jun 30, 2010 at 11:20 AM, Prerna Saxena
 wrote:
> On 06/26/2010 01:36 PM, Stefan Hajnoczi wrote:
>>
>> Here are the outstanding tasks for QEMU tracing, which Prerna and I have
>> been working on.  Tracing aids debugging, profiling, and observing
>> execution via lightweight logging at key points in the code path.
>>
>> The current prototype is available from the 'tracing' branch at:
>>
>> http://repo.or.cz/w/qemu/stefanha.git/shortlog/refs/heads/tracing
>>
>> This email is both to help Prerna and me focus our efforts, as well as a
>> roadmap for the QEMU community to discuss and comment on.
>>
>> Here are the outstanding tasks for a tracing patchset that can be
>> proposed for merge:
>>
>> 1. Integration with QMP
>>
>> Owner: Prerna
>>
>> Currently the trace commands are available from the monitor but a QMP
>> interface
>> is needed.
>>
>
> Agree. I'd suggest we let this be a TODO till the trace infrastructure makes
> its way upstream.
>
>> 2. More tracepoints need to be added for instrumenting other qemu
>> components
>> such as virtio drivers, etc.
>>
>> Owner: ?
>>
>> QEMU must come with a useful set of trace events that allows people to get
>> up
>> and running quickly.  Focus areas include:
>>
>>  * guest device emulation
>>  * host devices
>>  * lifecycle and runloop
>>  * memory management
>>  * live migration
>>
>> 3. Documentation
>>
>> Owner: Stefan
>>
>> User documentation that explains how to collect traces and add new trace
>> events.  I have committed documentation to the tracing branch here:
>>
>>
>> http://repo.or.cz/w/qemu/stefanha.git/blob_plain/91fde34dc6bfe01af6d5e9265f6a81535d6add15:/docs/tracing.txt
>>
>> 4. Fix i386-linux-user build
>>
>> Owner: Prerna
>>
>>   LINK  i386-linux-user/qemu-i386
>> ../simpletrace.o: In function `do_info_all_trace_events':
>> /home/stefanha/qemu/simpletrace.c:88: undefined reference to
>> `monitor_printf'
>> ../simpletrace.o: In function `do_info_trace':
>> /home/stefanha/qemu/simpletrace.c:77: undefined reference to
>> `monitor_printf'
>>
>
> I'm looking into this.
>
>> 5. Out-of-line trace file write-out
>>
>> Owner: Stefan
>>
>> Trace buffers are written out to file synchronously.  The vcpu thread
>> should
>> not be blocked so an async write-out mechanism is needed.
>>
>> 6. Trace file command
>>
>> Owner: ?
>>
>> Traces are written out to hardcoded /tmp/trace.log.  This must be
>> configurable.
>> Tracing at startup time should still be possible so configuration needs to
>> happen early.
>
> Agree, it is a good-to-have feature.
>
>>
>> 7. Binary trace format finalization
>>
>> Owner: Stefan
>>
>> We should leave room for extension.  I suggest partitioning the Event ID
>> namespace into normal events and special events.  The __trace_begin
>> special
>> event is defined to contain the file format version and/or trace record
>> size in
>> bytes as the first trace record in the file.
>>
>> This way, post-processing tools can check the format of the binary trace
>> file.
>>
>> 8. QMP/monitor command review
>>
>> Owner: Prerna, Stefan
>>
>>
>
> 9. In its present format, the tracing infrastructure causes at least two
> function calls even for trace events that are disabled. Ideally, there
> should be minimal performance overhead for disabled trace events.
> Investigating scope for further optimization.
>
> Owner : Prerna

Have you looked at the immediate value abstraction in LTTng?  I didn't
look very far, but I believe it abstracts how you enable/disable
breakpoints.  A simple immediate value implementation stores the state
in a variable like we do for the simple trace backend
(TraceEvent.state).  A "smarter" implementation is an unconditional
jump over the machine instructions that call into trace().  When the
state of a trace event is toggled, the jump instruction is patched.

That said, I think we should keep the "simple" trace backend simple as
long as possible.  Hopefully platform tracing mechanism like LTTng or
SystemTap will mature and become more widely supported so that we
don't need to re-invent all the hard parts of tracing.

Stefan

[Qemu-devel] [Bug 494500] Re: QEMU 0.12.0 does not support KVM with Kernel < 2.6.29, bug in ./configure and kvm-all.c

2010-06-30 Thread Jes Sorensen

As pointed out repeatedly, this is _not_ a bug in QEMU

Stop reopening the bug!


** Changed in: qemu
   Status: New => Invalid

-- 
QEMU 0.12.0 does not support KVM with Kernel < 2.6.29, bug in ./configure and 
kvm-all.c
https://bugs.launchpad.net/bugs/494500
You received this bug notification because you are a member of qemu-
devel-ml, which is subscribed to QEMU.

Status in QEMU: Invalid

Bug description:
I tryed to compile QEMU 0.12.0-rc1 with KVM support without success.

Here my configuration:

uname -a
Linux bla 2.6.28-11-server #42-Ubuntu SMP Fri Apr 17 02:45:36 UTC 2009 x86_64 
GNU/Linux

dpkg -l | grep kvm
ii  kvm1:84+dfsg-0ubuntu11

This KVM modul works fine.

I've installed this packets:

sudo apt-get install make wget zlib1g-dev libsdl-gfx1.2-dev
sudo apt-get install gcc libsdl1.2-dev zlib1g-dev libasound2-dev 
linux-kernel-headers-`uname-r` pkg-config libgnutls-dev libpci-dev

The compiling of QEMU 0.12.0-rc1 wihout KVM support was OK.

./configure --enable-kvm
#error Missing KVM capability KVM_CAP_DESTROY_MEMORY_REGION_WORKS
  NOTE: To enable KVM support, update your kernel to 2.6.29+ or install   
recent kvm-kmod from http://sourceforge.net/projects/kvm.
ERROR
ERROR: User requested feature kvm
ERROR: configure was not able to find it
ERROR

I can't change the kernel because Ubuntu 9.10 are too buggy.
So I tryed to install the latest kvm modul.

wget \
http://sourceforge.net/projects/kvm/files/kvm-kmod/2.6.32/kvm-kmod-2.6.32.tar.bz2/download
tar xjvf kvm-kmod-2.6.32.tar.bz2
cd kvm-kmod-2.6.32
./configure && make
sudo make install
sudo rmmod kvm_intel kvm_adm kvm
sudo make install
sudo rmmod kvm_intel kvm
sudo modprobe kvm_intel

dmesg | grep kvm
[81811.678377] loaded kvm module (kvm-kmod-2.6.32)

I tryed to compile QEMU with kvm support but I got the same error.

./configure --enable-kvm
#error Missing KVM capability KVM_CAP_DESTROY_MEMORY_REGION_WORKS
  NOTE: To enable KVM support, update your kernel to 2.6.29+ or install   
recent kvm-kmod from http://sourceforge.net/projects/kvm.
ERROR
ERROR: User requested feature kvm
ERROR: configure was not able to find it
ERROR

What is wrong?

See also http://qemu-buch.de/de/index.php/QEMU-KVM-Buch/_Installation

Re: [Qemu-devel] Re: [PATCH 08/12] block: Catch attempt to attach multiple devices to a blockdev

Christoph Hellwig  writes:

>Markus Armbruster  writes:
>
>> Christoph Hellwig  writes:
>>
>>> On Fri, Jun 25, 2010 at 06:53:28PM +0200, Markus Armbruster wrote:
 For instance, -device scsi-disk,drive=foo -device scsi-disk,drive=foo
 happily creates two SCSI disks connected to the same block device.
 It's all downhill from there.
>>>
>>> And from some quick testing a while ago the thing seems to actually
>>> work.  Not that I think that it is a good idea, but do we want to change
>>> behaviour in that respect?
>>
>> Valid question.  I'd answer yes.  It's an easy error to make, and likely
>> to end in massive file system corruption in the guest.
>
> I suspect a modern distro in the guest will detect it as a multi-path setup.

Really?  The guest sees two disks, different serial numbers, possibly on
different buses (one could be SCSI, the other iDE).

[...]

[Qemu-devel] Re: [PATCH 09/12] savevm: Survive hot-unplug of snapshot device

Christoph Hellwig  writes:

> Looks good,
>
> Reviewed-by: Christoph Hellwig 
>
> Of course specifying an explicit medium for snapshot, be that the
> snapshot section of a qcow2 image or just a separate flat file and
> managing that one explicitly would be even better.

Indeed.

[Qemu-devel] [PATCH] virtio-9p: Avoid SEGV when log file couldn't be opened

2010-06-30 Thread Sripathi Kodi

While running in debug mode if 9P server is unable to open the log file
it results in a SEGV deep down in glibc:

Program received signal SIGSEGV, Segmentation fault.
0x008fca8c in fwrite () from /lib/libc.so.6
(gdb) bt
#0  0x008fca8c in fwrite () from /lib/libc.so.6
#1  0x081eb87e in pprint_pdu (pdu=0x89a52e1c)
at /data/sripathi/code/qemu/new/qemu-next-upstream/hw/virtio-9p-debug.c:380
#2  0x0806dad8 in submit_pdu (s=0x897dc008, pdu=0x89a52e1c)
at /data/sripathi/code/qemu/new/qemu-next-upstream/hw/virtio-9p.c:3092
#3  0x0806dc63 in handle_9p_output (vdev=0x897dc008, vq=0x86d8218)
at /data/sripathi/code/qemu/new/qemu-next-upstream/hw/virtio-9p.c:3122
#4  0x081ac728 in virtio_queue_notify (vdev=0x897dc008, n=0)
at /data/sripathi/code/qemu/new/qemu-next-upstream/hw/virtio.c:563
#5  0x08063876 in virtio_ioport_write (opaque=0x86d7b98, addr=16, val=0)
at /data/sripathi/code/qemu/new/qemu-next-upstream/hw/virtio-pci.c:222
#6  0x08063e26 in virtio_pci_config_writew (opaque=0x86d7b98, addr=16, val=0)
at /data/sripathi/code/qemu/new/qemu-next-upstream/hw/virtio-pci.c:357
#7  0x080c881a in ioport_write (index=1, address=49296, data=0) at ioport.c:80
#8  0x080c8d4c in cpu_outw (addr=49296, val=0) at ioport.c:204
#9  0x08073010 in kvm_handle_io (port=49296, data=0xab393000, direction=1, 
size=2, count=1)
at /data/sripathi/code/qemu/new/qemu-next-upstream/kvm-all.c:735
...
...

This is ugly and misleading. The following patch adds a BUG_ON to catch this
error. With this patch we get an abort message like the following, which makes
it easier to analyze:

f12-kvm login: qemu: 
/data/sripathi/code/qemu/new/qemu-next-upstream/hw/virtio-9p-debug.c:353: 
pprint_pdu: Assertion `!(!llogfile)' failed.

Signed-off-by: Sripathi Kodi 
---

 hw/virtio-9p-debug.c |2 ++
 1 files changed, 2 insertions(+), 0 deletions(-)

diff --git a/hw/virtio-9p-debug.c b/hw/virtio-9p-debug.c
index e4ab4bc..c1b0e6f 100644
--- a/hw/virtio-9p-debug.c
+++ b/hw/virtio-9p-debug.c
@@ -327,6 +327,8 @@ void pprint_pdu(V9fsPDU *pdu)
 llogfile = fopen("/tmp/pdu.log", "w");
 }
 
+BUG_ON(!llogfile);
+
 switch (pdu->id) {
 case P9_TVERSION:
 fprintf(llogfile, "TVERSION: (");

[Qemu-devel] [RFC][PATCH] PCI: fix pci_to_cpu_addr() issue

2010-06-30 Thread Huacai Chen

It seems like software may both use CPU address or PCI address to access a PCI
device. For example, Bonito north bridge map PCI memory space at 0x1000 ~ 
0x1C00. PMON code use 0x ~ 0x0C00, but Linux kernel code use 
0x1000 ~ 0x1C00 to access devices. If set pci_mem_base to 0, PMON can't
work, but if set pci_mem_base to 0x1000, Linux can't access PCI. So I make
this patch to make both cases works.

However, I don't know whether the modification will break other archs, so
request for comments here.

Signed-off-by: Huacai Chen 
---
 hw/pci.c |2 +-
 1 files changed, 1 insertions(+), 1 deletions(-)

diff --git a/hw/pci.c b/hw/pci.c
index 7787005..50e3572 100644
--- a/hw/pci.c
+++ b/hw/pci.c
@@ -672,7 +672,7 @@ PCIDevice *pci_register_device(PCIBus *bus, const char 
*name,
 static target_phys_addr_t pci_to_cpu_addr(PCIBus *bus,
   target_phys_addr_t addr)
 {
-return addr + bus->mem_base;
+return addr | bus->mem_base;
 }
 
 static void pci_unregister_io_regions(PCIDevice *pci_dev)
-- 
1.7.0.4

Re: [Qemu-devel] Tracing: outstanding tasks

2010-06-30 Thread Prerna Saxena


On 06/26/2010 01:36 PM, Stefan Hajnoczi wrote:

Here are the outstanding tasks for QEMU tracing, which Prerna and I have
been working on.  Tracing aids debugging, profiling, and observing
execution via lightweight logging at key points in the code path.

The current prototype is available from the 'tracing' branch at:

http://repo.or.cz/w/qemu/stefanha.git/shortlog/refs/heads/tracing

This email is both to help Prerna and me focus our efforts, as well as a
roadmap for the QEMU community to discuss and comment on.

Here are the outstanding tasks for a tracing patchset that can be
proposed for merge:

1. Integration with QMP

Owner: Prerna

Currently the trace commands are available from the monitor but a QMP interface
is needed.



Agree. I'd suggest we let this be a TODO till the trace infrastructure 
makes its way upstream.



2. More tracepoints need to be added for instrumenting other qemu components
such as virtio drivers, etc.

Owner: ?

QEMU must come with a useful set of trace events that allows people to get up
and running quickly.  Focus areas include:

  * guest device emulation
  * host devices
  * lifecycle and runloop
  * memory management
  * live migration

3. Documentation

Owner: Stefan

User documentation that explains how to collect traces and add new trace
events.  I have committed documentation to the tracing branch here:

http://repo.or.cz/w/qemu/stefanha.git/blob_plain/91fde34dc6bfe01af6d5e9265f6a81535d6add15:/docs/tracing.txt

4. Fix i386-linux-user build

Owner: Prerna

   LINK  i386-linux-user/qemu-i386
../simpletrace.o: In function `do_info_all_trace_events':
/home/stefanha/qemu/simpletrace.c:88: undefined reference to `monitor_printf'
../simpletrace.o: In function `do_info_trace':
/home/stefanha/qemu/simpletrace.c:77: undefined reference to `monitor_printf'



I'm looking into this.


5. Out-of-line trace file write-out

Owner: Stefan

Trace buffers are written out to file synchronously.  The vcpu thread should
not be blocked so an async write-out mechanism is needed.

6. Trace file command

Owner: ?

Traces are written out to hardcoded /tmp/trace.log.  This must be configurable.
Tracing at startup time should still be possible so configuration needs to
happen early.


Agree, it is a good-to-have feature.



7. Binary trace format finalization

Owner: Stefan

We should leave room for extension.  I suggest partitioning the Event ID
namespace into normal events and special events.  The __trace_begin special
event is defined to contain the file format version and/or trace record size in
bytes as the first trace record in the file.

This way, post-processing tools can check the format of the binary trace file.

8. QMP/monitor command review

Owner: Prerna, Stefan




9. In its present format, the tracing infrastructure causes at least two 
function calls even for trace events that are disabled. Ideally, there 
should be minimal performance overhead for disabled trace events.

Investigating scope for further optimization.

Owner : Prerna

Thanks,
--
Prerna Saxena

Linux Technology Centre,
IBM Systems and Technology Lab,
Bangalore, India

[Qemu-devel] Re: [PATCH] device-assignment: Rework "name" of assigned pci device

(2010/06/30 15:53), Markus Armbruster wrote:
> Summary: upstream qemu commit b560a9ab broke -pcidevice and pci_add host
> in two ways:
> 
> * Use without options id and name is broken when option host contains
>   ':'.  That's because id defaults to host.  I recommend to fix it
>   incompatibly: don't default id to host.  The alternative is to get
>   upstream qemu to accept ':' in qdev IDs again.
> 
> * Funny characters in option name no longer work.  Same as funny
>   characters in id options all over the place.  Intentional change.  I
>   recommend to do nothing.

Thanks a lot.
I'm not a person in really need, so now I'm going to follow your
recommendation.

> Details inline.
> 
> Hidetoshi Seto  writes:
> 
>> Thanks Markus,
>>
>> (2010/06/29 14:28), Markus Armbruster wrote:
>>> Hidetoshi Seto  writes:
>>>
 "Hao, Xudong"  writes:
>> When assign one PCI device, qemu fail to parse the command line:
>> qemu-system_x86 -smp 2 -m 1024 -hda /path/to/img -pcidevice host=00:19.0
>> Error:
>> qemu-system-x86_64: Parameter 'id' expects an identifier
>> Identifiers consist of letters, digits, '-', '.', '_', starting with a 
>> letter.
>> pcidevice argument parse error; please check the help text for usage
>> Could not add assigned device host=00:19.0
>>
>> https://bugs.launchpad.net/qemu/+bug/597932
>>
>> This issue caused by qemu-kvm commit 
>> b560a9ab9be06afcbb78b3791ab836dad208a239.

 This patch is a response to the above report.

 Thanks,
 H.Seto

 =

 Because use of some characters in "id" is restricted recently, assigned
 device start to fail having implicit "id" that uses address string of
 host device, like "00:19.0" which includes restricted character ':'.

 It seems that this implicit "id" is intended to be run as "name" that
 could be passed with option "-pcidevice ... ,name=..." to specify a
 string to be used in log outputs.  In other words it seems that
 dev->dev.qdev.id of assigned device had been used to have such
 "name", that is user-defined string or address string of "host".
>>>
>>> As far as I can tell, option "name" is just a leftover from pre-qdev
>>> days, kept for compatibility.
>>
>> Yea, I see.
>> I don't know well about the history of such pre-qdev days...
> 
> It's often useful to examine history to figure out what a piece of code
> attempts to accomplish.  git-blame and git-log are your friends :)

I often play with git-log, however I have a little trouble here since
qemu tree is too young.

 The problem is that "name" for specific use is not equal to "id" for
 universal use.  So it is better to remove this tricky mix up here.

 This patch introduces new function assigned_dev_name() that returns
 proper name string for the device.
 Now property "name" is explicitly defined in struct AssignedDevice.

 When if the device have neither "name" nor "id", address string like
 ":00:19.0" will be created and passed instead.  Once created, new
 field r_name holds the string to be reused and to be released later.
> [...]
 @@ -1520,6 +1545,7 @@ static PCIDeviceInfo assign_info = {
  DEFINE_PROP("host", AssignedDevice, host, qdev_prop_hostaddr, 
 PCIHostDevice),
  DEFINE_PROP_UINT32("iommu", AssignedDevice, use_iommu, 1),
  DEFINE_PROP_STRING("configfd", AssignedDevice, configfd_name),
 +DEFINE_PROP_STRING("name", AssignedDevice, u_name),
  DEFINE_PROP_END_OF_LIST(),
  },
  };
 @@ -1545,24 +1571,25 @@ device_init(assign_register_devices)
  QemuOpts *add_assigned_device(const char *arg)
  {
  QemuOpts *opts = NULL;
 -char host[64], id[64], dma[8];
 +char host[64], buf[64], dma[8];
  int r;
  
 +/* "host" must be with -pcidevice */
  r = get_param_value(host, sizeof(host), "host", arg);
  if (!r)
   goto bad;
 -r = get_param_value(id, sizeof(id), "id", arg);
 -if (!r)
 -r = get_param_value(id, sizeof(id), "name", arg);
 -if (!r)
 -r = get_param_value(id, sizeof(id), "host", arg);
  
 -opts = qemu_opts_create(&qemu_device_opts, id, 0);
 +opts = qemu_opts_create(&qemu_device_opts, NULL, 0);
>>>
>>> I think you break option id here.  Its value must become the qdev ID,
>>> visible in info qtree and usable as argument to device_del.  And if
>>> option id is missing, option name must become the qdev ID, for backwards
>>> compatibility.
>>
>> Ah, I missed to check hot-add path - I had wonder why id could be here
>> since I could not find documents that mentions use of id with -pcidevice.
>>
>> So, I should use id here if specified. That's right,
>>
>> But in case if id is missing and name is specified, I think there is no
>> reason that the characters in name should be restricted in same manner
>> with that i

[Qemu-devel] Re: [PATCH 4/4] require #define NEED_GLOBAL_ENV for files that need the global register variable

2010-06-30 Thread Paolo Bonzini

>>> Wouldn't it be better to just put this in dyngen-exec.h ?
>>> AFAICT there's a direct correlation between NEED_GLOBAL_ENV and #include
>>> "exec.h".
>>
>> True, see cover letter in 0/4.  I was told to make each file request
>> explicitly the global variable though.  So I'd have to leave the #ifdef even
>> if I moved it into dyngen-exec.h.
>
> Well, I only said I'd rename global 'env' to 'global_reg_env', not
> something about each file requesting it. But NEED_GLOBAL_ENV wasn't so
> bad idea in my opinion.

It doesn't matter what's the name of the global.  What matters is
whether it's defined at all.  For this reason it's bad to bury it
in dyngen-exec.h which is included only indirectly.  It's better to
leave it in all */exec.h files as Paul explained---and I agree with
him.

I also gave reason why unpoisoning env globally is not a problem at
all.  For target-dependent files, they did not (and do not) poison
anything, so my first patch series didn't change anything WRT current
QEMU sources.  exec.h always includes cpu.h, so there's no way exec.h
can be included by mistake in a target-independent file.  I can make
exec.h error out if NEED_CPU_H is not defined, but I think it's a
worthless complication.  

So, can someone please apply patches 1 to 3 of this series so that
we can move on?

Paolo

[Qemu-devel] [Bug 599617] Re: qemu fail to parse command "-net none"

2010-06-30 Thread Thierry Carrez

** Changed in: qemu-kvm (Ubuntu)
   Importance: Undecided => Medium

** Changed in: qemu-kvm (Ubuntu)
   Status: New => Triaged

-- 
qemu fail to parse command "-net none"
https://bugs.launchpad.net/bugs/599617
You received this bug notification because you are a member of qemu-
devel-ml, which is subscribed to QEMU.

Status in QEMU: Invalid
Status in “qemu-kvm” package in Ubuntu: Triaged

Bug description:
Host OS:ia32e
Guest OS :32e and pae
kvm.git Commit:a63e16c655f9e68d49d6fae4275ffda16b1888b2
qemu-kvm Commit:97011c7fce92f8c0928c9e94e9896f0dca1bdeb9
Host Kernel Version:2.6.35-rc3


Bug detailed description:
--
when use command "qemu-system_x86 -smp 2 -m 1024 -hda /path/to/img -net none"
to boot up a guest, guest cannot boot up. and no error message displayed.

[Qemu-devel] [PATCH] AppleSMC device emulation

2010-06-30 Thread Alexander Graf

Intel Macs have a chip called the "AppleSMC" which they use to control
certain Apple specific parts of the hardware, like the keyboard background
light.

That chip is also used to store a key that Mac OS X uses to decrypt binaries.

This patch adds emulation for that chip, so we're getting one step further
to having Mac OS X run natively on Qemu.

Signed-off-by: Alexander Graf 

---

v1 -> v2:

  - fix license
  - move APPLESMC: into smc_debug
  - make opaque casting implicit
  - use memcmp, fix indent
  - move key map to reset function
  - disable debugging
---
 Makefile.target |2 +-
 hw/applesmc.c   |  241 +++
 2 files changed, 242 insertions(+), 1 deletions(-)
 create mode 100644 hw/applesmc.c

diff --git a/Makefile.target b/Makefile.target
index f64702b..dcf0193 100644
--- a/Makefile.target
+++ b/Makefile.target
@@ -192,7 +192,7 @@ obj-y += e1000.o
 obj-i386-y += vga.o
 obj-i386-y += mc146818rtc.o i8259.o pc.o
 obj-i386-y += cirrus_vga.o apic.o ioapic.o piix_pci.o
-obj-i386-y += vmmouse.o vmport.o hpet.o
+obj-i386-y += vmmouse.o vmport.o hpet.o applesmc.o
 obj-i386-y += device-hotplug.o pci-hotplug.o smbios.o wdt_ib700.o
 obj-i386-y += debugcon.o multiboot.o
 obj-i386-y += pc_piix.o
diff --git a/hw/applesmc.c b/hw/applesmc.c
new file mode 100644
index 000..29b9330
--- /dev/null
+++ b/hw/applesmc.c
@@ -0,0 +1,241 @@
+/*
+ *  Apple SMC controller
+ *
+ *  Copyright (c) 2007 Alexander Graf
+ *
+ *  Authors: Alexander Graf 
+ *   Susanne Graf 
+ *
+ * This library is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public
+ * License as published by the Free Software Foundation; either
+ * version 2 of the License, or (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this library; if not, see .
+ *
+ * *
+ *
+ * In all Intel-based Apple hardware there is an SMC chip to control the
+ * backlight, fans and several other generic device parameters. It also
+ * contains the magic keys used to dongle Mac OS X to the device.
+ *
+ * This driver was mostly created by looking at the Linux AppleSMC driver
+ * implementation and does not support IRQ.
+ *
+ */
+
+#include "hw.h"
+#include "isa.h"
+#include "console.h"
+#include "qemu-timer.h"
+
+/* #define DEBUG_SMC */
+
+#define APPLESMC_DEFAULT_IOBASE0x300
+/* data port used by Apple SMC */
+#define APPLESMC_DATA_PORT 0x0
+/* command/status port used by Apple SMC */
+#define APPLESMC_CMD_PORT  0x4
+#define APPLESMC_NR_PORTS  32
+#define APPLESMC_MAX_DATA_LENGTH   32
+
+#define APPLESMC_READ_CMD  0x10
+#define APPLESMC_WRITE_CMD 0x11
+#define APPLESMC_GET_KEY_BY_INDEX_CMD  0x12
+#define APPLESMC_GET_KEY_TYPE_CMD  0x13
+
+#ifdef DEBUG_SMC
+#define smc_debug(...) fprintf(stderr, "AppleSMC: " __VA_ARGS__)
+#else
+#define smc_debug(...) do { } while(0)
+#endif
+
+static char default_osk[64] = "This is a dummy key. Enter the real key "
+  "using the -osk parameter";
+
+struct AppleSMCData {
+uint8_t len;
+const char *key;
+const char *data;
+QLIST_ENTRY(AppleSMCData) node;
+};
+
+struct AppleSMCStatus {
+ISADevice dev;
+uint32_t iobase;
+uint8_t cmd;
+uint8_t status;
+uint8_t key[4];
+uint8_t read_pos;
+uint8_t data_len;
+uint8_t data_pos;
+uint8_t data[255];
+uint8_t charactic[4];
+char *osk;
+QLIST_HEAD(, AppleSMCData) data_def;
+};
+
+static void applesmc_io_cmd_writeb(void *opaque, uint32_t addr, uint32_t val)
+{
+struct AppleSMCStatus *s = opaque;
+
+smc_debug("CMD Write B: %#x = %#x\n", addr, val);
+switch(val) {
+case APPLESMC_READ_CMD:
+s->status = 0x0c;
+break;
+}
+s->cmd = val;
+s->read_pos = 0;
+s->data_pos = 0;
+}
+
+static void applesmc_fill_data(struct AppleSMCStatus *s)
+{
+struct AppleSMCData *d;
+
+QLIST_FOREACH(d, &s->data_def, node) {
+if (!memcmp(d->key, s->key, 4)) {
+smc_debug("Key matched (%s Len=%d Data=%s)\n", d->key,
+  d->len, d->data);
+memcpy(s->data, d->data, d->len);
+return;
+}
+}
+}
+
+static void applesmc_io_data_writeb(void *opaque, uint32_t addr, uint32_t val)
+{
+struct AppleSMCStatus *s = opaque;
+
+smc_debug("DATA Write B: %#x = %#x\n", addr, val);
+switch(s->cmd) {
+case APPLESMC_READ_CMD:
+if(s->read_pos < 4) {
+s->key[s->read_pos]

[Qemu-devel] Re: Status update

2010-06-30 Thread Stefan Hajnoczi

On Tue, Jun 29, 2010 at 6:25 PM, Eduard - Gabriel Munteanu
 wrote:
> On the other hand, we could just leave it alone for now. Changing
> mappings during DMA is stupid anyway: I don't think the guest can
> recover the results of DMA safely, even though it might be used on
> transfers in progress you simply don't care about anymore. Paul Brook
> suggested we could update the cpu_physical_memory_map() mappings
> somehow, but I think that's kinda difficult to accomplish.

A malicious or broken guest shouldn't be able to crash or corrupt QEMU
process memory.  The IOMMU can only map from bus addresses to guest
physical RAM (?) so the worst the guest can do here is corrupt itself?

Stefan

Re: [Qemu-devel] [PATCH] AppleSMC device emulation

2010-06-30 Thread Alexander Graf


On 29.06.2010, at 20:38, Blue Swirl wrote:

> On Tue, Jun 29, 2010 at 2:35 PM, Alexander Graf  wrote:
>> Intel Macs have a chip called the "AppleSMC" which they use to control
>> certain Apple specific parts of the hardware, like the keyboard background
>> light.
>> 
>> That chip is also used to store a key that Mac OS X uses to decrypt binaries.
>> 
>> This patch adds emulation for that chip, so we're getting one step further
>> to having Mac OS X run natively on Qemu.
>> 
>> Signed-off-by: Alexander Graf 
>> ---
>>  Makefile.target |2 +-
>>  hw/applesmc.c   |  225 
>> +++
>>  2 files changed, 226 insertions(+), 1 deletions(-)
>>  create mode 100644 hw/applesmc.c
>> 
>> 

[...]

>> 
>> +#ifdef DEBUG_SMC
>> +#define smc_debug(...) printf(__VA_ARGS__)
> 
> How about:
> #define smc_debug(fmt, ...) printf("APPLESMC: " fmt, ## __VA_ARGS__)

Well, I went with smc_debug(...) fprintf(stderr, "APPLESMC: " __VA_ARGS__). 
That way you can do fun things like smc_debug("Hello World");

:)

[...]

>> 
>> +
>> +applesmc_add_key(s, "REV ", 6, "\0x01\0x13\0x0f\0x00\0x00\0x03");
>> +applesmc_add_key(s, "OSK0", 32, s->osk);
>> +applesmc_add_key(s, "OSK1", 32, s->osk + 32);
>> +applesmc_add_key(s, "NATJ", 1, "\0");
>> +applesmc_add_key(s, "MSSP", 1, "\0");
>> +applesmc_add_key(s, "MSSD", 1, "\0x3");
> 
> Please add a reset function which sets these, possibly freeing the old
> keys. That is, if it is the correct action in reset.

Hrm. I guess it's the closest thing to "correct".

Alex

Re: [Qemu-devel] VxWorks kernel for qemu emulating PowerPC?

2010-06-30 Thread hadi motamedi

> It is possible to boot a VxWorks image using the x86 system emulation.
> You would have to create a floppy image and pass that in for your
Thank you for your reply. Finally, I found a VxWorks kernel coming
from one PowerQUICC embedded platform. Can you please let me know how
can I make use of it on my qemu?

[Qemu-devel] how to add one pcie device to qemu

2010-06-30 Thread Lisa Lei

Hi,
 I'm finding the solution of how to add one pcie device which emulated
by systemc to  qemu, such as net card. I noticed that you've been working on
Q35 support for qemu, and the status of pcie port emulator is working
on April, can it be used now? thanks.

Re: [Qemu-devel] virtio block device and sysfs