[Qemu-devel] [RFC 3/9] Virtio: Add transport bindings.

[Evgeny Voevodin]

Signed-off-by: Evgeny Voevodin 
---
 Makefile.objs |1 +
 hw/virtio-transport.c |   46 ++
 hw/virtio-transport.h |   39 +++
 3 files changed, 86 insertions(+), 0 deletions(-)
 create mode 100644 hw/virtio-transport.c
 create mode 100644 hw/virtio-transport.h

diff --git a/Makefile.objs b/Makefile.objs
index 6d6f24d..5a648bc 100644
--- a/Makefile.objs
+++ b/Makefile.objs
@@ -212,6 +212,7 @@ hw-obj-y += vl.o loader.o
 hw-obj-$(CONFIG_VIRTIO) += virtio-console.o
 hw-obj-y += usb/libhw.o
 hw-obj-$(CONFIG_VIRTIO_PCI) += virtio-pci.o
+hw-obj-$(CONFIG_VIRTIO) += virtio-transport.o
 hw-obj-y += fw_cfg.o
 hw-obj-$(CONFIG_PCI) += pci.o pci_bridge.o pci_bridge_dev.o
 hw-obj-$(CONFIG_PCI) += msix.o msi.o
diff --git a/hw/virtio-transport.c b/hw/virtio-transport.c
new file mode 100644
index 000..4225a30
--- /dev/null
+++ b/hw/virtio-transport.c
@@ -0,0 +1,46 @@
+/*
+ * Virtio transport bindings
+ *
+ * Copyright (c) 2011 - 2012 Samsung Electronics Co., Ltd.
+ *
+ * Author:
+ *  Evgeny Voevodin 
+ *
+ * This program is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License; either version 2
+ * of the License, or (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License along
+ * with this program; if not, see .
+ */
+
+#include "virtio-transport.h"
+
+#define VIRTIO_TRANSPORT_BUS "virtio-transport"
+
+struct BusInfo virtio_transport_bus_info = {
+.name = VIRTIO_TRANSPORT_BUS,
+.size = sizeof(VirtIOTransportBusState),
+};
+
+int virtio_init_transport(DeviceState *dev, VirtIODevice *vdev)
+{
+DeviceState *transport_dev = qdev_get_parent_bus(dev)->parent;
+BusState *bus;
+VirtIOTransportBusState *virtio_transport_bus;
+
+/* transport device has single child bus */
+bus = QLIST_FIRST(&transport_dev->child_bus);
+virtio_transport_bus = DO_UPCAST(VirtIOTransportBusState, bus, bus);
+
+if (virtio_transport_bus->init_fn) {
+return virtio_transport_bus->init_fn(dev, vdev);
+}
+
+return 0;
+}
diff --git a/hw/virtio-transport.h b/hw/virtio-transport.h
new file mode 100644
index 000..ff39bf7
--- /dev/null
+++ b/hw/virtio-transport.h
@@ -0,0 +1,39 @@
+/*
+ * Virtio transport header
+ *
+ * Copyright (c) 2011 - 2012 Samsung Electronics Co., Ltd.
+ *
+ * Author:
+ *  Evgeny Voevodin 
+ *
+ * This program is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License; either version 2
+ * of the License, or (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License along
+ * with this program; if not, see .
+ */
+
+#ifndef VIRTIO_TRANSPORT_H_
+#define VIRTIO_TRANSPORT_H_
+
+#include "sysbus.h"
+#include "virtio.h"
+
+extern struct BusInfo virtio_transport_bus_info;
+
+typedef int (*virtio_init_transport_fn)(DeviceState *dev, VirtIODevice *vdev);
+
+typedef struct VirtIOTransportBusState {
+BusState bus;
+virtio_init_transport_fn init_fn;
+} VirtIOTransportBusState;
+
+int virtio_init_transport(DeviceState *dev, VirtIODevice *vdev);
+
+#endif /* VIRTIO_TRANSPORT_H_ */
-- 
1.7.5.4

[Qemu-devel] [RFC 5/9] hw/virtio-serial-bus.c: Add virtio-serial device.

[Evgeny Voevodin]

Signed-off-by: Evgeny Voevodin 
---
 hw/virtio-serial-bus.c |   42 ++
 hw/virtio-serial.h |9 +
 2 files changed, 51 insertions(+), 0 deletions(-)

diff --git a/hw/virtio-serial-bus.c b/hw/virtio-serial-bus.c
index e22940e..52a5382 100644
--- a/hw/virtio-serial-bus.c
+++ b/hw/virtio-serial-bus.c
@@ -24,6 +24,7 @@
 #include "sysbus.h"
 #include "trace.h"
 #include "virtio-serial.h"
+#include "virtio-transport.h"
 
 /* The virtio-serial bus on top of which the ports will ride as devices */
 struct VirtIOSerialBus {
@@ -955,3 +956,44 @@ static void virtio_serial_register_types(void)
 }
 
 type_init(virtio_serial_register_types)
+
+/ VirtIOSer Device **/
+
+static int virtio_serialdev_init(DeviceState *dev)
+{
+VirtIODevice *vdev;
+VirtIOSerState *proxy = VIRTIO_SERIAL_FROM_QDEV(dev);
+vdev = virtio_serial_init(dev, &proxy->serial);
+if (!vdev) {
+return -1;
+}
+return virtio_init_transport(dev, vdev);
+}
+
+static Property virtio_serial_properties[] = {
+DEFINE_PROP_UINT32("max_ports", VirtIOSerState,
+   serial.max_virtserial_ports, 31),
+DEFINE_PROP_END_OF_LIST(),
+};
+
+static void virtio_serial_class_init(ObjectClass *klass, void *data)
+{
+DeviceClass *dc = DEVICE_CLASS(klass);
+dc->init = virtio_serialdev_init;
+dc->props = virtio_serial_properties;
+dc->bus_info = &virtio_transport_bus_info;
+}
+
+static TypeInfo virtio_serial_info = {
+.name = "virtio-serial",
+.parent = TYPE_DEVICE,
+.instance_size = sizeof(VirtIOSerState),
+.class_init = virtio_serial_class_init,
+};
+
+static void virtio_ser_register_types(void)
+{
+type_register_static(&virtio_serial_info);
+}
+
+type_init(virtio_ser_register_types)
diff --git a/hw/virtio-serial.h b/hw/virtio-serial.h
index 16e3982..2290aac 100644
--- a/hw/virtio-serial.h
+++ b/hw/virtio-serial.h
@@ -15,6 +15,7 @@
 #ifndef _QEMU_VIRTIO_SERIAL_H
 #define _QEMU_VIRTIO_SERIAL_H
 
+#include "sysbus.h"
 #include "qdev.h"
 #include "virtio.h"
 
@@ -173,6 +174,14 @@ struct VirtIOSerialPort {
 bool throttled;
 };
 
+typedef struct {
+DeviceState qdev;
+/* virtio-serial */
+virtio_serial_conf serial;
+} VirtIOSerState;
+
+#define VIRTIO_SERIAL_FROM_QDEV(dev) DO_UPCAST(VirtIOSerState, qdev, dev)
+
 /* Interface to the virtio-serial bus */
 
 /*
-- 
1.7.5.4

[Qemu-devel] [RFC 0/9] Virtio-mmio refactoring.

[Evgeny Voevodin]

This patchset is derived from patchset provided by Peter Maydell 
:
http://lists.gnu.org/archive/html/qemu-devel/2011-11/msg01870.html
Also this patchset includes some fixes for bugs spotted by Ying-Shiuan Pan 
.
Still isue pointed by Peter presents here I think:
 * extra vring alignment field not saved/restored (because virtio
   layer isn't using VMState and doesn't allow the virtio base layer
   to specify a version for its data so back-compat would be tricky)
I've tested blk and net parts. Work good to me.

In this patchset refactoring of virtio-mmio layer is made.
Instead of creating virtio-blk-mmio, virtio-net-mmio, etc on the system bus
we create virtio-blk, virtio-net, etc devices on the virtio-transport bus.
To create virtio-transport bus virtio-mmio-transport device provided. 
Transport device plugs into virtio-mmio bus.
To create virtio-mmio bus virtio-mmio-bridge device provided. 
Bridge device is borrowed from s390 platform and plugs into system bus.
So, we have:

system bus> |MMIO Bridge|virtio-mmio bus>> |MMIO 
Transport|virtio-transport-bus(name:virtio-mmio.0)> |Virtio Backend 
(blk, net, etc)|
 |
 |---> |MMIO 
Transport|virtio-transport-bus(name:virtio-mmio.1)> |Virtio Backend 
(blk, net, etc)|

The interface to platforms consists of:
 - create a virtio bus (at this time virtio-mmio only)
 - create a transport device (at this time virtio-mmio only)

Then from command line user can plug back-end (virtio-blk, net, etc) into 
desired bus (at this time virtio-mmio.x only).

The next step of refactoring will touch virtio-pci layer.
There PCI Transport device will be created which provides the same transport 
bus as MMIO transport device.
I guess that it will look like:

pci bus> |PCI Bridge|virtio-pci bus>> |PCI 
Transport|virtio-transport-bus(name:virtio-pci.0)> |Virtio Backend 
(blk, net, etc)|
|
|---> |PCI 
Transport|virtio-transport-bus(name:virtio-pci.1)> |Virtio Backend 
(blk, net, etc)|

Also, there should be some back compatibility to keep pci backends able to be 
plugged into "virtio" bus as it done now 
(if I'm not wrong) and to not break present command lines.

Evgeny Voevodin (6):
  Virtio: Add transport bindings.
  hw/virtio-serial-bus.c: Add virtio-serial device.
  hw/virtio-balloon.c: Add virtio-balloon device.
  hw/virtio-net.c: Add virtio-net device.
  hw/virtio-blk.c: Add virtio-blk device.
  hw/exynos4210.c: Create two virtio-mmio transport instances.

Peter Maydell (3):
  virtio: Add support for guest setting of queue size
  virtio: Support transports which can specify the vring alignment
  Add MMIO based virtio transport

 Makefile.objs  |2 +
 hw/exynos4210.c|   12 ++
 hw/virtio-balloon.c|   34 
 hw/virtio-balloon.h|7 +
 hw/virtio-blk.c|   42 +
 hw/virtio-blk.h|   11 +
 hw/virtio-mmio.c   |  480 
 hw/virtio-mmio.h   |   31 +++
 hw/virtio-net.c|   46 +
 hw/virtio-net.h|   11 +
 hw/virtio-serial-bus.c |   42 +
 hw/virtio-serial.h |9 +
 hw/virtio-transport.c  |   46 +
 hw/virtio-transport.h  |   39 
 hw/virtio.c|   20 ++-
 hw/virtio.h|2 +
 16 files changed, 832 insertions(+), 2 deletions(-)
 create mode 100644 hw/virtio-mmio.c
 create mode 100644 hw/virtio-mmio.h
 create mode 100644 hw/virtio-transport.c
 create mode 100644 hw/virtio-transport.h

-- 
1.7.5.4

[Qemu-devel] [RFC 2/9] virtio: Support transports which can specify the vring alignment

[Evgeny Voevodin]

From: Peter Maydell 

Support virtio transports which can specify the vring alignment
(ie where the guest communicates this to the host) by providing
a new virtio_queue_set_align() function. (The default alignment
remains as before.)

FIXME save/load support for this new field!

Signed-off-by: Peter Maydell 
Signed-off-by: Evgeny Voevodin 
---
 hw/virtio.c |   14 --
 hw/virtio.h |1 +
 2 files changed, 13 insertions(+), 2 deletions(-)

diff --git a/hw/virtio.c b/hw/virtio.c
index 71c4a10..3e2e264 100644
--- a/hw/virtio.c
+++ b/hw/virtio.c
@@ -19,7 +19,9 @@
 #include "qemu-barrier.h"
 
 /* The alignment to use between consumer and producer parts of vring.
- * x86 pagesize again. */
+ * x86 pagesize again. This is the default, used by transports like PCI
+ * which don't provide a means for the guest to tell the host the alignment.
+ */
 #define VIRTIO_PCI_VRING_ALIGN 4096
 
 typedef struct VRingDesc
@@ -53,6 +55,7 @@ typedef struct VRingUsed
 typedef struct VRing
 {
 unsigned int num;
+unsigned int align;
 target_phys_addr_t desc;
 target_phys_addr_t avail;
 target_phys_addr_t used;
@@ -90,7 +93,7 @@ static void virtqueue_init(VirtQueue *vq)
 vq->vring.avail = pa + vq->vring.num * sizeof(VRingDesc);
 vq->vring.used = vring_align(vq->vring.avail +
  offsetof(VRingAvail, ring[vq->vring.num]),
- VIRTIO_PCI_VRING_ALIGN);
+ vq->vring.align);
 }
 
 static inline uint64_t vring_desc_addr(target_phys_addr_t desc_pa, int i)
@@ -637,6 +640,12 @@ int virtio_queue_get_id(VirtQueue *vq)
 return vq - &vdev->vq[0];
 }
 
+void virtio_queue_set_align(VirtIODevice *vdev, int n, int align)
+{
+vdev->vq[n].vring.align = align;
+virtqueue_init(&vdev->vq[n]);
+}
+
 void virtio_queue_notify_vq(VirtQueue *vq)
 {
 if (vq->vring.desc) {
@@ -677,6 +686,7 @@ VirtQueue *virtio_add_queue(VirtIODevice *vdev, int 
queue_size,
 abort();
 
 vdev->vq[i].vring.num = queue_size;
+vdev->vq[i].vring.align = VIRTIO_PCI_VRING_ALIGN;
 vdev->vq[i].handle_output = handle_output;
 
 return &vdev->vq[i];
diff --git a/hw/virtio.h b/hw/virtio.h
index 72b56e3..c1f8666 100644
--- a/hw/virtio.h
+++ b/hw/virtio.h
@@ -180,6 +180,7 @@ void virtio_queue_set_addr(VirtIODevice *vdev, int n, 
target_phys_addr_t addr);
 target_phys_addr_t virtio_queue_get_addr(VirtIODevice *vdev, int n);
 void virtio_queue_set_num(VirtIODevice *vdev, int n, int num);
 int virtio_queue_get_num(VirtIODevice *vdev, int n);
+void virtio_queue_set_align(VirtIODevice *vdev, int n, int align);
 void virtio_queue_notify(VirtIODevice *vdev, int n);
 uint16_t virtio_queue_vector(VirtIODevice *vdev, int n);
 void virtio_queue_set_vector(VirtIODevice *vdev, int n, uint16_t vector);
-- 
1.7.5.4

Re: [Qemu-devel] [PATCH 11/12] Migrate 64bit entries to 64bit pci regions

[Alexey Korolev]

On 25/04/12 13:48, Kevin O'Connor wrote:
> On Tue, Apr 24, 2012 at 06:25:39PM +1200, Alexey Korolev wrote:
>> Migrate 64bit entries to 64bit pci regions if they do
>> not fit in 32bit range.
> [...]
>> +static void pci_region_migrate_64bit_entries(struct pci_region *from,
>> + struct pci_region *to)
>> +{
>> +struct pci_region_entry **pprev = &from->list;
>> +struct pci_region_entry **last = &to->list;
>> +while(*pprev) {
>> +if ((*pprev)->is64) {
>> +struct pci_region_entry *entry;
>> +entry = *pprev;
>> +/* Delete the entry and move next */
>> +*pprev = (*pprev)->next;
>> +/* Add entry at tail to keep a sorted order */
>> +entry->next = NULL;
>> +if (*last) {
>> +   (*last)->next = entry;
>> +last  = &(*last)->next;
>> +}
>> +else
>> +   (*last) = entry;
>> +}
>> +else
>> +pprev = &(*pprev)->next;
>> +}
>> +}
> It should be possible to simplify this - something like (untested):
>
> static void pci_region_migrate_64bit_entries(struct pci_region *from,
>  struct pci_region *to)
> {
> struct pci_region_entry **pprev = &from->list, **last = &to->list;
> for (; *pprev; pprev = &(*pprev)->next) {
> struct pci_region_entry *entry = *pprev;
> if (!entry->is64)
> continue;
> // Move from source list to dest list.
> *pprev = entry->next;
> entry->next = NULL;
> *last = entry;
> last = &entry->next;
> }
> }
Sorry it's not working.
I agree it's possible to simplify code a bit.


static void pci_region_migrate_64bit_entries(struct pci_region *from,
 struct pci_region *to)
{
struct pci_region_entry **pprev = &from->list;
struct pci_region_entry **last = &to->list;
while(*pprev) {
if ((*pprev)->is64) {
struct pci_region_entry *entry;
entry = *pprev;
/* Delete the entry and move next */
*pprev = (*pprev)->next;
/* Add entry at tail to keep the order */
entry->next = NULL;
*last = entry;
last = &entry->next;
}
else
pprev = &(*pprev)->next;
}
}

That should work.
> [...]
>>  static void pci_bios_map_devices(struct pci_bus *busses)
>>  {
>> +if (pci_bios_init_root_regions(busses)) {
>> +struct pci_region r64_mem, r64_pref;
>> +r64_mem.list = NULL;
>> +r64_pref.list = NULL;
>> +pci_region_migrate_64bit_entries(&busses[0].r[PCI_REGION_TYPE_MEM],
>> + &r64_mem);
>> +
>> pci_region_migrate_64bit_entries(&busses[0].r[PCI_REGION_TYPE_PREFMEM],
>> + &r64_pref);
>> +
>> +if (pci_bios_init_root_regions(busses))
>> +panic("PCI: out of address space\n");
>> +
>> +r64_mem.base = BUILD_PCIMEM64_START;
>> +r64_pref.base = ALIGN(r64_mem.base + pci_region_sum(&r64_mem),
>> +  pci_region_align(&r64_pref));
> There should be a check to see if the regions fit.  Maybe pass
> start/end into pci_bios_init_root_regions() and call it again for the
>> 4g region?
Agree, I just ignored the check as 64bit range size is 2^39.
I will think how to make it better.
>> +pci_region_map_entries(busses, &r64_mem);
>> +pci_region_map_entries(busses, &r64_pref);
>> +}
>>  // Map regions on each device.
> This doesn't look right to me.  This will map the devices on bus 0 to
> the proper >4g address, but devices on any subsequent bus will use
> busses[0].r[].base which will be reset to the <4gig address.  Perhaps
> pull base out of pci_region and make pci_region_map_entries()
> recursive?
No recursion is need here!
We map all entries which are 64bit on root bus.
If entry is a bridge region - a corresponding bus address will be updated.
Region won't be reseted to <4gig address as address is derived from parent 
region only.

Thanks,
Alexey

[Qemu-devel] [RFC 6/9] hw/virtio-balloon.c: Add virtio-balloon device.

[Evgeny Voevodin]

Signed-off-by: Evgeny Voevodin 
---
 hw/virtio-balloon.c |   34 ++
 hw/virtio-balloon.h |7 +++
 2 files changed, 41 insertions(+), 0 deletions(-)

diff --git a/hw/virtio-balloon.c b/hw/virtio-balloon.c
index ce9d2c9..5640e58 100644
--- a/hw/virtio-balloon.c
+++ b/hw/virtio-balloon.c
@@ -20,6 +20,7 @@
 #include "cpu.h"
 #include "balloon.h"
 #include "virtio-balloon.h"
+#include "virtio-transport.h"
 #include "kvm.h"
 #include "exec-memory.h"
 
@@ -263,3 +264,36 @@ void virtio_balloon_exit(VirtIODevice *vdev)
 unregister_savevm(s->qdev, "virtio-balloon", s);
 virtio_cleanup(vdev);
 }
+
+/ VirtIOBaloon Device **/
+
+static int virtio_balloondev_init(DeviceState *dev)
+{
+VirtIODevice *vdev;
+vdev = virtio_balloon_init(dev);
+if (!vdev) {
+return -1;
+}
+return virtio_init_transport(dev, vdev);
+}
+
+static void virtio_balloon_class_init(ObjectClass *klass, void *data)
+{
+DeviceClass *dc = DEVICE_CLASS(klass);
+dc->init = virtio_balloondev_init;
+dc->bus_info = &virtio_transport_bus_info;
+}
+
+static TypeInfo virtio_balloon_info = {
+.name = "virtio-balloon",
+.parent = TYPE_DEVICE,
+.instance_size = sizeof(VirtIOBaloonState),
+.class_init = virtio_balloon_class_init,
+};
+
+static void virtio_baloon_register_types(void)
+{
+type_register_static(&virtio_balloon_info);
+}
+
+type_init(virtio_baloon_register_types)
diff --git a/hw/virtio-balloon.h b/hw/virtio-balloon.h
index 73300dd..e134226 100644
--- a/hw/virtio-balloon.h
+++ b/hw/virtio-balloon.h
@@ -15,6 +15,7 @@
 #ifndef _QEMU_VIRTIO_BALLOON_H
 #define _QEMU_VIRTIO_BALLOON_H
 
+#include "sysbus.h"
 #include "virtio.h"
 #include "pci.h"
 
@@ -52,4 +53,10 @@ typedef struct VirtIOBalloonStat {
 uint64_t val;
 } QEMU_PACKED VirtIOBalloonStat;
 
+typedef struct {
+DeviceState qdev;
+} VirtIOBaloonState;
+
+#define VIRTIO_BALLOON_FROM_QDEV(dev) DO_UPCAST(VirtIOBaloonState, qdev, dev)
+
 #endif
-- 
1.7.5.4

[Qemu-devel] [RFC 7/9] hw/virtio-net.c: Add virtio-net device.

[Evgeny Voevodin]

Signed-off-by: Evgeny Voevodin 
---
 hw/virtio-net.c |   46 ++
 hw/virtio-net.h |   11 +++
 2 files changed, 57 insertions(+), 0 deletions(-)

diff --git a/hw/virtio-net.c b/hw/virtio-net.c
index bc5e3a8..febf384 100644
--- a/hw/virtio-net.c
+++ b/hw/virtio-net.c
@@ -13,6 +13,7 @@
 
 #include "iov.h"
 #include "virtio.h"
+#include "virtio-transport.h"
 #include "net.h"
 #include "net/checksum.h"
 #include "net/tap.h"
@@ -1076,3 +1077,48 @@ void virtio_net_exit(VirtIODevice *vdev)
 qemu_del_vlan_client(&n->nic->nc);
 virtio_cleanup(&n->vdev);
 }
+
+/ VirtIONet Device **/
+
+static int virtio_netdev_init(DeviceState *dev)
+{
+VirtIODevice *vdev;
+VirtIONetState *proxy = VIRTIO_NET_FROM_QDEV(dev);
+vdev = virtio_net_init(dev, &proxy->nic, &proxy->net);
+if (!vdev) {
+return -1;
+}
+return virtio_init_transport(dev, vdev);
+}
+
+static Property virtio_net_properties[] = {
+DEFINE_NIC_PROPERTIES(VirtIONetState, nic),
+DEFINE_PROP_UINT32("x-txtimer", VirtIONetState,
+   net.txtimer, TX_TIMER_INTERVAL),
+DEFINE_PROP_INT32("x-txburst", VirtIONetState,
+  net.txburst, TX_BURST),
+DEFINE_PROP_STRING("tx", VirtIONetState, net.tx),
+DEFINE_PROP_END_OF_LIST(),
+};
+
+static void virtio_net_class_init(ObjectClass *klass, void *data)
+{
+DeviceClass *dc = DEVICE_CLASS(klass);
+dc->init = virtio_netdev_init;
+dc->props = virtio_net_properties;
+dc->bus_info = &virtio_transport_bus_info;
+}
+
+static TypeInfo virtio_net_info = {
+.name = "virtio-net",
+.parent = TYPE_DEVICE,
+.instance_size = sizeof(VirtIONetState),
+.class_init = virtio_net_class_init,
+};
+
+static void virtio_net_register_types(void)
+{
+type_register_static(&virtio_net_info);
+}
+
+type_init(virtio_net_register_types)
diff --git a/hw/virtio-net.h b/hw/virtio-net.h
index 36aa463..74a55c8 100644
--- a/hw/virtio-net.h
+++ b/hw/virtio-net.h
@@ -14,6 +14,7 @@
 #ifndef _QEMU_VIRTIO_NET_H
 #define _QEMU_VIRTIO_NET_H
 
+#include "sysbus.h"
 #include "virtio.h"
 #include "net.h"
 #include "pci.h"
@@ -187,4 +188,14 @@ struct virtio_net_ctrl_mac {
 DEFINE_PROP_BIT("ctrl_rx", _state, _field, VIRTIO_NET_F_CTRL_RX, 
true), \
 DEFINE_PROP_BIT("ctrl_vlan", _state, _field, VIRTIO_NET_F_CTRL_VLAN, 
true), \
 DEFINE_PROP_BIT("ctrl_rx_extra", _state, _field, 
VIRTIO_NET_F_CTRL_RX_EXTRA, true)
+
+typedef struct {
+DeviceState qdev;
+/* virtio-net */
+NICConf nic;
+virtio_net_conf net;
+} VirtIONetState;
+
+#define VIRTIO_NET_FROM_QDEV(dev) DO_UPCAST(VirtIONetState, qdev, dev)
+
 #endif
-- 
1.7.5.4

[Qemu-devel] [RFC 9/9] hw/exynos4210.c: Create two virtio-mmio transport instances.

[Evgeny Voevodin]

NB: This is for test purposes only.

Signed-off-by: Evgeny Voevodin 
---
 hw/exynos4210.c |   12 
 1 files changed, 12 insertions(+), 0 deletions(-)

diff --git a/hw/exynos4210.c b/hw/exynos4210.c
index afc4bdc..e065a86 100644
--- a/hw/exynos4210.c
+++ b/hw/exynos4210.c
@@ -26,6 +26,7 @@
 #include "sysbus.h"
 #include "arm-misc.h"
 #include "loader.h"
+#include "virtio-mmio.h"
 #include "exynos4210.h"
 
 #define EXYNOS4210_CHIPID_ADDR 0x1000
@@ -62,6 +63,11 @@
 /* Display controllers (FIMD) */
 #define EXYNOS4210_FIMD0_BASE_ADDR  0x11C0
 
+/* VirtIO BLK */
+#define EXYNOS4210_VIRTIO_BLK_BASE_ADDR 0x10AD
+/* VirtIO NET */
+#define EXYNOS4210_VIRTIO_NET_BASE_ADDR 0x10AC
+
 static uint8_t chipid_and_omr[] = { 0x11, 0x02, 0x21, 0x43,
 0x09, 0x00, 0x00, 0x00 };
 
@@ -105,6 +111,7 @@ Exynos4210State *exynos4210_init(MemoryRegion *system_mem,
 unsigned long mem_size;
 DeviceState *dev;
 SysBusDevice *busdev;
+BusState *virtio_bus;
 
 for (n = 0; n < EXYNOS4210_NCPUS; n++) {
 s->env[n] = cpu_init("cortex-a9");
@@ -296,5 +303,10 @@ Exynos4210State *exynos4210_init(MemoryRegion *system_mem,
 s->irq_table[exynos4210_get_irq(11, 2)],
 NULL);
 
+virtio_bus = virtio_mmio_bus_init();
+virtio_mmio_create_transport(virtio_bus, EXYNOS4210_VIRTIO_BLK_BASE_ADDR,
+s->irq_table[exynos4210_get_irq(37, 3)]);
+virtio_mmio_create_transport(virtio_bus, EXYNOS4210_VIRTIO_NET_BASE_ADDR,
+s->irq_table[exynos4210_get_irq(37, 2)]);
 return s;
 }
-- 
1.7.5.4

[Qemu-devel] [RFC 4/9] Add MMIO based virtio transport

[Evgeny Voevodin]

From: Peter Maydell 

Add support for the generic MMIO based virtio transport.

This patch is a modyfied patch of
Peter Maydell . Changes are to have
virtio-mmio bridge device which provides virtio-mmio bus. To this bus
virtio-mmio-transport device is connected and in turn provides
virtio-transport bus. Then virtio backends could be connected to this
bus.

Also this patch includes some fixes for bugs spotted by
Ying-Shiuan Pan .

Signed-off-by: Evgeny Voevodin 
---
 Makefile.objs|1 +
 hw/virtio-mmio.c |  480 ++
 hw/virtio-mmio.h |   31 
 3 files changed, 512 insertions(+), 0 deletions(-)
 create mode 100644 hw/virtio-mmio.c
 create mode 100644 hw/virtio-mmio.h

diff --git a/Makefile.objs b/Makefile.objs
index 5a648bc..fe95bdd 100644
--- a/Makefile.objs
+++ b/Makefile.objs
@@ -213,6 +213,7 @@ hw-obj-$(CONFIG_VIRTIO) += virtio-console.o
 hw-obj-y += usb/libhw.o
 hw-obj-$(CONFIG_VIRTIO_PCI) += virtio-pci.o
 hw-obj-$(CONFIG_VIRTIO) += virtio-transport.o
+hw-obj-$(CONFIG_VIRTIO) += virtio-mmio.o
 hw-obj-y += fw_cfg.o
 hw-obj-$(CONFIG_PCI) += pci.o pci_bridge.o pci_bridge_dev.o
 hw-obj-$(CONFIG_PCI) += msix.o msi.o
diff --git a/hw/virtio-mmio.c b/hw/virtio-mmio.c
new file mode 100644
index 000..932b3f3
--- /dev/null
+++ b/hw/virtio-mmio.c
@@ -0,0 +1,480 @@
+/*
+ * Virtio MMIO bindings
+ *
+ * Copyright (c) 2011 Linaro Limited
+ *
+ * Authors:
+ *  Peter Maydell 
+ *  Evgeny Voevodin 
+ *
+ * This program is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License; either version 2
+ * of the License, or (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License along
+ * with this program; if not, see .
+ */
+
+/* TODO:
+ *  * save/load support
+ *  * test net, serial, balloon
+ */
+
+#include "sysbus.h"
+#include "virtio.h"
+#include "virtio-transport.h"
+#include "virtio-blk.h"
+#include "virtio-net.h"
+#include "virtio-serial.h"
+#include "host-utils.h"
+#include "virtio-mmio.h"
+
+/* #define DEBUG_VIRTIO_MMIO */
+
+#ifdef DEBUG_VIRTIO_MMIO
+
+#define DPRINTF(fmt, ...) \
+do { printf("virtio_mmio: " fmt , ## __VA_ARGS__); } while (0)
+#else
+#define DPRINTF(fmt, ...) do {} while (0)
+#endif
+
+/* Memory mapped register offsets */
+#define VIRTIO_MMIO_MAGIC 0x0
+#define VIRTIO_MMIO_VERSION 0x4
+#define VIRTIO_MMIO_DEVICEID 0x8
+#define VIRTIO_MMIO_VENDORID 0xc
+#define VIRTIO_MMIO_HOSTFEATURES 0x10
+#define VIRTIO_MMIO_HOSTFEATURESSEL 0x14
+#define VIRTIO_MMIO_GUESTFEATURES 0x20
+#define VIRTIO_MMIO_GUESTFEATURESSEL 0x24
+#define VIRTIO_MMIO_GUESTPAGESIZE 0x28
+#define VIRTIO_MMIO_QUEUESEL 0x30
+#define VIRTIO_MMIO_QUEUENUMMAX 0x34
+#define VIRTIO_MMIO_QUEUENUM 0x38
+#define VIRTIO_MMIO_QUEUEALIGN 0x3c
+#define VIRTIO_MMIO_QUEUEPFN 0x40
+#define VIRTIO_MMIO_QUEUENOTIFY 0x50
+#define VIRTIO_MMIO_INTERRUPTSTATUS 0x60
+#define VIRTIO_MMIO_INTERRUPTACK 0x64
+#define VIRTIO_MMIO_STATUS 0x70
+/* Device specific config space starts here */
+#define VIRTIO_MMIO_CONFIG 0x100
+
+#define VIRT_MAGIC 0x74726976 /* 'virt' */
+#define VIRT_VERSION 1
+#define VIRT_VENDOR 0x554D4551 /* 'QEMU' */
+
+#define VIRTIO_MMIO_BRIDGE "virtio-mmio-bridge"
+#define VIRTIO_MMIO_TRANSPORT "virtio-mmio-transport"
+#define VIRTIO_MMIO "virtio-mmio"
+#define VIRTIO_MMIO_BUS "virtio-mmio-bus"
+
+struct BusInfo virtio_mmio_bus_info = {
+.name = VIRTIO_MMIO_BUS,
+.size = sizeof(BusState),
+};
+
+enum VIRTIO_MMIO_MAPPINGS {
+VIRTIO_MMIO_IOMAP,
+VIRTIO_MMIO_IOMEM,
+};
+
+typedef struct {
+SysBusDevice busdev;
+VirtIODevice *vdev;
+MemoryRegion iomap; /* hold base address */
+MemoryRegion iomem; /* hold io funcs */
+MemoryRegion alias;
+qemu_irq irq;
+uint32_t int_enable;
+uint32_t host_features;
+uint32_t host_features_sel;
+uint32_t guest_features_sel;
+uint32_t guest_page_shift;
+} VirtIOMMIOTransportState;
+
+BusState *virtio_mmio_bus_init(void)
+{
+DeviceState *dev;
+
+/* Create bridge device */
+dev = qdev_create(NULL, VIRTIO_MMIO_BRIDGE);
+qdev_init_nofail(dev);
+
+return qbus_create(&virtio_mmio_bus_info, dev, virtio_mmio_bus_info.name);
+}
+
+void virtio_mmio_create_transport(BusState *bus, target_phys_addr_t addr,
+qemu_irq irq)
+{
+DeviceState *dev;
+SysBusDevice *busdev;
+
+dev = qdev_create(bus, VIRTIO_MMIO_TRANSPORT);
+qdev_init_nofail(dev);
+busdev = sysbus_from_qdev(dev);
+sysbus_connect_irq(busdev, 0, irq);
+sysbus_mmio_map(busdev, VIRTIO_MMIO_IOMAP, addr);
+}
+
+static uint64_t virtio_mmio_read(void

[Qemu-devel] [RFC 8/9] hw/virtio-blk.c: Add virtio-blk device.

[Evgeny Voevodin]

Signed-off-by: Evgeny Voevodin 
---
 hw/virtio-blk.c |   42 ++
 hw/virtio-blk.h |   11 +++
 2 files changed, 53 insertions(+), 0 deletions(-)

diff --git a/hw/virtio-blk.c b/hw/virtio-blk.c
index 49990f8..b6c5ff5 100644
--- a/hw/virtio-blk.c
+++ b/hw/virtio-blk.c
@@ -15,6 +15,7 @@
 #include "qemu-error.h"
 #include "trace.h"
 #include "blockdev.h"
+#include "virtio-transport.h"
 #include "virtio-blk.h"
 #include "scsi-defs.h"
 #ifdef __linux__
@@ -628,3 +629,44 @@ void virtio_blk_exit(VirtIODevice *vdev)
 unregister_savevm(s->qdev, "virtio-blk", s);
 virtio_cleanup(vdev);
 }
+
+/ VirtIOBlk Device **/
+
+static int virtio_blkdev_init(DeviceState *dev)
+{
+VirtIODevice *vdev;
+VirtIOBlockState *proxy = VIRTIO_BLK_FROM_QDEV(dev);
+vdev = virtio_blk_init(dev, &proxy->block, &proxy->block_serial);
+if (!vdev) {
+return -1;
+}
+return virtio_init_transport(dev, vdev);
+}
+
+static Property virtio_blkdev_properties[] = {
+DEFINE_BLOCK_PROPERTIES(VirtIOBlockState, block),
+DEFINE_PROP_STRING("serial", VirtIOBlockState, block_serial),
+DEFINE_PROP_END_OF_LIST(),
+};
+
+static void virtio_blkdev_class_init(ObjectClass *klass, void *data)
+{
+DeviceClass *dc = DEVICE_CLASS(klass);
+dc->init = virtio_blkdev_init;
+dc->props = virtio_blkdev_properties;
+dc->bus_info = &virtio_transport_bus_info;
+}
+
+static TypeInfo virtio_blkdev_info = {
+.name = "virtio-blk",
+.parent = TYPE_DEVICE,
+.instance_size = sizeof(VirtIOBlockState),
+.class_init = virtio_blkdev_class_init,
+};
+
+static void virtio_blk_register_types(void)
+{
+type_register_static(&virtio_blkdev_info);
+}
+
+type_init(virtio_blk_register_types)
diff --git a/hw/virtio-blk.h b/hw/virtio-blk.h
index 244dce4..34ae7ce 100644
--- a/hw/virtio-blk.h
+++ b/hw/virtio-blk.h
@@ -14,6 +14,7 @@
 #ifndef _QEMU_VIRTIO_BLK_H
 #define _QEMU_VIRTIO_BLK_H
 
+#include "sysbus.h"
 #include "virtio.h"
 #include "block.h"
 
@@ -105,4 +106,14 @@ struct virtio_scsi_inhdr
 #define DEFINE_VIRTIO_BLK_FEATURES(_state, _field) \
 DEFINE_VIRTIO_COMMON_FEATURES(_state, _field)
 #endif
+
+typedef struct {
+DeviceState qdev;
+/* virtio-blk */
+BlockConf block;
+char *block_serial;
+} VirtIOBlockState;
+
+#define VIRTIO_BLK_FROM_QDEV(dev) DO_UPCAST(VirtIOBlockState, qdev, dev)
+
 #endif
-- 
1.7.5.4

[Qemu-devel] [RFC 1/9] virtio: Add support for guest setting of queue size

[Evgeny Voevodin]

From: Peter Maydell 

The MMIO virtio transport spec allows the guest to tell the host how
large the queue size is. Add virtio_queue_set_num() function which
implements this in the QEMU common virtio support code.

Signed-off-by: Peter Maydell 
Signed-off-by: Evgeny Voevodin 
---
 hw/virtio.c |6 ++
 hw/virtio.h |1 +
 2 files changed, 7 insertions(+), 0 deletions(-)

diff --git a/hw/virtio.c b/hw/virtio.c
index 314abf8..71c4a10 100644
--- a/hw/virtio.c
+++ b/hw/virtio.c
@@ -619,6 +619,12 @@ target_phys_addr_t virtio_queue_get_addr(VirtIODevice 
*vdev, int n)
 return vdev->vq[n].pa;
 }
 
+void virtio_queue_set_num(VirtIODevice *vdev, int n, int num)
+{
+vdev->vq[n].vring.num = num;
+virtqueue_init(&vdev->vq[n]);
+}
+
 int virtio_queue_get_num(VirtIODevice *vdev, int n)
 {
 return vdev->vq[n].vring.num;
diff --git a/hw/virtio.h b/hw/virtio.h
index 0aef7d1..72b56e3 100644
--- a/hw/virtio.h
+++ b/hw/virtio.h
@@ -178,6 +178,7 @@ void virtio_config_writew(VirtIODevice *vdev, uint32_t 
addr, uint32_t data);
 void virtio_config_writel(VirtIODevice *vdev, uint32_t addr, uint32_t data);
 void virtio_queue_set_addr(VirtIODevice *vdev, int n, target_phys_addr_t addr);
 target_phys_addr_t virtio_queue_get_addr(VirtIODevice *vdev, int n);
+void virtio_queue_set_num(VirtIODevice *vdev, int n, int num);
 int virtio_queue_get_num(VirtIODevice *vdev, int n);
 void virtio_queue_notify(VirtIODevice *vdev, int n);
 uint16_t virtio_queue_vector(VirtIODevice *vdev, int n);
-- 
1.7.5.4

Re: [Qemu-devel] [SeaBIOS] [PATCH 05/12] pciinit: Track region alignment explicitly.

[Alexey Korolev]

On 24/04/12 18:56, Gerd Hoffmann wrote:
> On 04/24/12 08:17, Alexey Korolev wrote:
>> Don't round up bridge regions to the next highest size - instead track
>> alignment explicitly.  This should improve the memory layout for
>> bridge regions.
> This one got mangled too:
>
> Applying: pciinit: Track region alignment explicitly.
> fatal: corrupt patch at line 40
> Patch failed at 0005 pciinit: Track region alignment explicitly.
>
> Do you have a git tree I can pull from for testing?
Hi,
Thank you.
I don't have an public available git tree.
Not sure if I can create any from workplace.

So I just reposted the patch.
 
> thanks,
>   Gerd
>
>> Also, unused bridge regions will no longer be allocated any space.
>>
>> Signed-off-by: Kevin O'Connor 
>> ---
>>  src/pciinit.c |   41 ++---
>>  1 files changed, 18 insertions(+), 23 deletions(-)
>>
>> diff --git a/src/pciinit.c b/src/pciinit.c
>> index 1b31177..2bd4426 100644
>> --- a/src/pciinit.c
>> +++ b/src/pciinit.c
>> @@ -33,6 +33,7 @@ struct pci_region_entry {
>>  struct pci_device *dev;
>>  int bar;
>>  u32 size;
>> +u32 align;
>>  int is64;
>>  enum pci_region_type type;
>>  struct pci_region_entry *next;
>> @@ -41,7 +42,7 @@ struct pci_region_entry {
>>  struct pci_bus {
>>  struct {
>>  /* pci region stats */
>> -u32 sum, max;
>> +u32 sum, align;
>>  /* pci region assignments */
>>  u32 base;
>>  struct pci_region_entry *list;
>> @@ -307,12 +308,6 @@ pci_bios_init_bus(void)
>>   * Bus sizing
>>   /
>>  
>> -static u32 pci_size_roundup(u32 size)
>> -{
>> -int index = __fls(size-1)+1;
>> -return 0x1 << index;
>> -}
>> -
>>  static void
>>  pci_bios_get_bar(struct pci_device *pci, int bar, u32 *val, u32 *size)
>>  {
>> @@ -338,7 +333,7 @@ pci_bios_get_bar(struct pci_device *pci, int bar,
>> u32 *val, u32 *size)
>>  
>>  static struct pci_region_entry *
>>  pci_region_create_entry(struct pci_bus *bus, struct pci_device *dev,
>> -int bar, u32 size, int type, int is64)
>> +int bar, u32 size, u32 align, int type, int
>> is64)
>>  {
>>  struct pci_region_entry *entry = malloc_tmp(sizeof(*entry));
>>  if (!entry) {
>> @@ -349,21 +344,22 @@ pci_region_create_entry(struct pci_bus *bus,
>> struct pci_device *dev,
>>  entry->dev = dev;
>>  entry->bar = bar;
>>  entry->size = size;
>> +entry->align = align;
>>  entry->is64 = is64;
>>  entry->type = type;
>>  // Insert into list in sorted order.
>>  struct pci_region_entry **pprev;
>>  for (pprev = &bus->r[type].list; *pprev; pprev = &(*pprev)->next) {
>>  struct pci_region_entry *pos = *pprev;
>> -if (pos->size < size)
>> +if (pos->align < align || (pos->align == align && pos->size <
>> size))
>>  break;
>>  }
>>  entry->next = *pprev;
>>  *pprev = entry;
>>  
>>  bus->r[type].sum += size;
>> -if (bus->r[type].max < size)
>> -bus->r[type].max = size;
>> +if (bus->r[type].align < align)
>> +bus->r[type].align = align;
>>  return entry;
>>  }
>>  
>> @@ -393,7 +389,7 @@ static int pci_bios_check_devices(struct pci_bus
>> *busses)
>>  (val & PCI_BASE_ADDRESS_MEM_TYPE_MASK)
>>  == PCI_BASE_ADDRESS_MEM_TYPE_64);
>>  struct pci_region_entry *entry = pci_region_create_entry(
>> -bus, pci, i, size, type, is64);
>> +bus, pci, i, size, size, type, is64);
>>  if (!entry)
>>  return -1;
>>  
>> @@ -411,15 +407,14 @@ static int pci_bios_check_devices(struct pci_bus
>> *busses)
>>  struct pci_bus *parent =
>> &busses[pci_bdf_to_bus(s->bus_dev->bdf)];
>>  int type;
>>  for (type = 0; type < PCI_REGION_TYPE_COUNT; type++) {
>> -u32 limit = (type == PCI_REGION_TYPE_IO) ?
>> +u32 align = (type == PCI_REGION_TYPE_IO) ?
>>  PCI_BRIDGE_IO_MIN : PCI_BRIDGE_MEM_MIN;
>> -u32 size = s->r[type].sum;
>> -if (size < limit)
>> -size = limit;
>> -size = pci_size_roundup(size);
>> +if (s->r[type].align > align)
>> +align = s->r[type].align;
>> +u32 size = ALIGN(s->r[type].sum, align);
>>  // entry->bar is -1 if the entry represents a bridge region
>>  struct pci_region_entry *entry = pci_region_create_entry(
>> -parent, s->bus_dev, -1, size, type, 0);
>> +parent, s->bus_dev, -1, size, align, type, 0);
>>  if (!entry)
>>  return -1;
>>  dprintf(1, "PCI: secondary bus %d size %x type %s\n",
>> @@ -430,7 +425,7 @@ static int pci_bios_check_devices(struct pci_bus
>> *busses)
>>  return 0;
>>  }
>>  
>> -#define ROOT_BASE(top, sum, max)

Re: [Qemu-devel] [PATCH v9 2/4] sockets: change inet_connect() to support nonblock socket

[Amos Kong]

On 25/04/12 13:00, Orit Wasserman wrote:

On 04/25/2012 06:32 AM, Amos Kong wrote:

Add a bool argument to inet_connect() to assign if set socket
to block/nonblock, and delete original argument 'socktype'
that is unused.
Add a new argument to inet_connect()/inet_connect_opts(),
to pass back connect error by error class.

Retry to connect when -EINTR is got. Connect's successful
for nonblock socket when following errors are got, user
should wait for connecting by select():
   -EINPROGRESS
   -EWOULDBLOCK (win32)
   -WSAEALREADY (win32)

Change nbd, vnc to use new interface.

Changes from v7:
- posix: let EWOULDBLOCK fall through to CONNECT_FAILED path
- fix typo

Changes from v8:
- reuse rc variable
- fix a NULL pointer dereference

Signed-off-by: Amos Kong
---
  nbd.c  |2 +-
  qemu-char.c|2 +-
  qemu-sockets.c |   46 --
  qemu_socket.h  |6 --
  ui/vnc.c   |2 +-
  5 files changed, 47 insertions(+), 11 deletions(-)

diff --git a/nbd.c b/nbd.c
index 406e555..bb71f00 100644
--- a/nbd.c
+++ b/nbd.c
@@ -146,7 +146,7 @@ int tcp_socket_outgoing(const char *address, uint16_t port)

  int tcp_socket_outgoing_spec(const char *address_and_port)
  {
-return inet_connect(address_and_port, SOCK_STREAM);
+return inet_connect(address_and_port, true, NULL);
  }

  int tcp_socket_incoming(const char *address, uint16_t port)
diff --git a/qemu-char.c b/qemu-char.c
index 74c60e1..aeee2e8 100644
--- a/qemu-char.c
+++ b/qemu-char.c
@@ -2444,7 +2444,7 @@ static CharDriverState *qemu_chr_open_socket(QemuOpts 
*opts)
  if (is_listen) {
  fd = inet_listen_opts(opts, 0);
  } else {
-fd = inet_connect_opts(opts);
+fd = inet_connect_opts(opts, NULL);
  }
  }
  if (fd<  0) {
diff --git a/qemu-sockets.c b/qemu-sockets.c
index 6bcb8e3..243af67 100644
--- a/qemu-sockets.c
+++ b/qemu-sockets.c
@@ -51,6 +51,9 @@ static QemuOptsList dummy_opts = {
  },{
  .name = "ipv6",
  .type = QEMU_OPT_BOOL,
+},{
+.name = "block",
+.type = QEMU_OPT_BOOL,
  },
  { /* end if list */ }
  },
@@ -194,7 +197,7 @@ listen:
  return slisten;
  }

-int inet_connect_opts(QemuOpts *opts)
+int inet_connect_opts(QemuOpts *opts, Error **errp)
  {
  struct addrinfo ai,*res,*e;
  const char *addr;
@@ -202,6 +205,7 @@ int inet_connect_opts(QemuOpts *opts)
  char uaddr[INET6_ADDRSTRLEN+1];
  char uport[33];
  int sock,rc;
+bool block;

  memset(&ai,0, sizeof(ai));
  ai.ai_flags = AI_CANONNAME | AI_ADDRCONFIG;
@@ -210,8 +214,10 @@ int inet_connect_opts(QemuOpts *opts)

  addr = qemu_opt_get(opts, "host");
  port = qemu_opt_get(opts, "port");
+block = qemu_opt_get_bool(opts, "block", 0);
  if (addr == NULL || port == NULL) {
  fprintf(stderr, "inet_connect: host and/or port not specified\n");
+error_set(errp, QERR_SOCKET_CREATE_FAILED);
  return -1;
  }

@@ -224,6 +230,7 @@ int inet_connect_opts(QemuOpts *opts)
  if (0 != (rc = getaddrinfo(addr, port,&ai,&res))) {
  fprintf(stderr,"getaddrinfo(%s,%s): %s\n", addr, port,
  gai_strerror(rc));
+error_set(errp, QERR_SOCKET_CREATE_FAILED);
return -1;
  }

@@ -241,19 +248,40 @@ int inet_connect_opts(QemuOpts *opts)
  continue;
  }
  setsockopt(sock,SOL_SOCKET,SO_REUSEADDR,(void*)&on,sizeof(on));
-
+if (!block) {
+socket_set_nonblock(sock);
+}
  /* connect to peer */
-if (connect(sock,e->ai_addr,e->ai_addrlen)<  0) {
+do {
+rc = 0;
+if (connect(sock, e->ai_addr, e->ai_addrlen)<  0) {
+rc = -socket_error();
+}
+} while (rc == -EINTR);
+
+  #ifdef _WIN32
+if (!block&&  (rc == -EINPROGRESS || rc == -EWOULDBLOCK
+   || rc == -WSAEALREADY)) {
+  #else
+if (!block&&  (rc == -EINPROGRESS)) {
+  #endif
+error_set(errp, QERR_SOCKET_CONNECT_IN_PROGRESS);
+}
+if (rc<  0&&  (!errp || !error_is_type(*errp,
+QERR_SOCKET_CONNECT_IN_PROGRESS))) {

This is means we don't handle non-blocking correctly if errp is NULL.
I think this can work:
else if (rc<  0) {


yes, it works. Have sent v10.

Thanks


Orit

+
  if (NULL == e->ai_next)
  fprintf(stderr, "%s: connect(%s,%s,%s,%s): %s\n", 
__FUNCTION__,
  inet_strfamily(e->ai_family),
  e->ai_canonname, uaddr, uport, strerror(errno));
  closesocket(sock);
+sock = -1;
  continue;
  }
  freeaddrinfo(res);
  return sock;
  }
+error_set(errp, QERR_SOCKET_CONNECT_FAILED);
  freeaddrinfo(res);



...

--
Amos.

[Qemu-devel] [PATCH v10 2/4] sockets: change inet_connect() to support nonblock socket

[Amos Kong]

Add a bool argument to inet_connect() to assign if set socket
to block/nonblock, and delete original argument 'socktype'
that is unused.
Add a new argument to inet_connect()/inet_connect_opts(),
to pass back connect error by error class.

Retry to connect when -EINTR is got. Connect's successful
for nonblock socket when following errors are got, user
should wait for connecting by select():
  -EINPROGRESS
  -EWOULDBLOCK (win32)
  -WSAEALREADY (win32)

Change nbd, vnc to use new interface.

---
Changes from v7:
- posix: let EWOULDBLOCK fall through to CONNECT_FAILED path
- fix typo

Changes from v8:
- reuse rc variable
- fix a NULL pointer dereference

Changes from v9:
- handle non-blocking correctly if errp is NULL

Signed-off-by: Amos Kong 
---
 nbd.c  |2 +-
 qemu-char.c|2 +-
 qemu-sockets.c |   43 +--
 qemu_socket.h  |6 --
 ui/vnc.c   |2 +-
 5 files changed, 44 insertions(+), 11 deletions(-)

diff --git a/nbd.c b/nbd.c
index 406e555..bb71f00 100644
--- a/nbd.c
+++ b/nbd.c
@@ -146,7 +146,7 @@ int tcp_socket_outgoing(const char *address, uint16_t port)
 
 int tcp_socket_outgoing_spec(const char *address_and_port)
 {
-return inet_connect(address_and_port, SOCK_STREAM);
+return inet_connect(address_and_port, true, NULL);
 }
 
 int tcp_socket_incoming(const char *address, uint16_t port)
diff --git a/qemu-char.c b/qemu-char.c
index 74c60e1..aeee2e8 100644
--- a/qemu-char.c
+++ b/qemu-char.c
@@ -2444,7 +2444,7 @@ static CharDriverState *qemu_chr_open_socket(QemuOpts 
*opts)
 if (is_listen) {
 fd = inet_listen_opts(opts, 0);
 } else {
-fd = inet_connect_opts(opts);
+fd = inet_connect_opts(opts, NULL);
 }
 }
 if (fd < 0) {
diff --git a/qemu-sockets.c b/qemu-sockets.c
index 6bcb8e3..ce3f06c 100644
--- a/qemu-sockets.c
+++ b/qemu-sockets.c
@@ -51,6 +51,9 @@ static QemuOptsList dummy_opts = {
 },{
 .name = "ipv6",
 .type = QEMU_OPT_BOOL,
+},{
+.name = "block",
+.type = QEMU_OPT_BOOL,
 },
 { /* end if list */ }
 },
@@ -194,7 +197,7 @@ listen:
 return slisten;
 }
 
-int inet_connect_opts(QemuOpts *opts)
+int inet_connect_opts(QemuOpts *opts, Error **errp)
 {
 struct addrinfo ai,*res,*e;
 const char *addr;
@@ -202,6 +205,7 @@ int inet_connect_opts(QemuOpts *opts)
 char uaddr[INET6_ADDRSTRLEN+1];
 char uport[33];
 int sock,rc;
+bool block;
 
 memset(&ai,0, sizeof(ai));
 ai.ai_flags = AI_CANONNAME | AI_ADDRCONFIG;
@@ -210,8 +214,10 @@ int inet_connect_opts(QemuOpts *opts)
 
 addr = qemu_opt_get(opts, "host");
 port = qemu_opt_get(opts, "port");
+block = qemu_opt_get_bool(opts, "block", 0);
 if (addr == NULL || port == NULL) {
 fprintf(stderr, "inet_connect: host and/or port not specified\n");
+error_set(errp, QERR_SOCKET_CREATE_FAILED);
 return -1;
 }
 
@@ -224,6 +230,7 @@ int inet_connect_opts(QemuOpts *opts)
 if (0 != (rc = getaddrinfo(addr, port, &ai, &res))) {
 fprintf(stderr,"getaddrinfo(%s,%s): %s\n", addr, port,
 gai_strerror(rc));
+error_set(errp, QERR_SOCKET_CREATE_FAILED);
return -1;
 }
 
@@ -241,19 +248,37 @@ int inet_connect_opts(QemuOpts *opts)
 continue;
 }
 setsockopt(sock,SOL_SOCKET,SO_REUSEADDR,(void*)&on,sizeof(on));
-
+if (!block) {
+socket_set_nonblock(sock);
+}
 /* connect to peer */
-if (connect(sock,e->ai_addr,e->ai_addrlen) < 0) {
+do {
+rc = 0;
+if (connect(sock, e->ai_addr, e->ai_addrlen) < 0) {
+rc = -socket_error();
+}
+} while (rc == -EINTR);
+
+  #ifdef _WIN32
+if (!block && (rc == -EINPROGRESS || rc == -EWOULDBLOCK
+   || rc == -WSAEALREADY)) {
+  #else
+if (!block && (rc == -EINPROGRESS)) {
+  #endif
+error_set(errp, QERR_SOCKET_CONNECT_IN_PROGRESS);
+} else if (rc < 0) {
 if (NULL == e->ai_next)
 fprintf(stderr, "%s: connect(%s,%s,%s,%s): %s\n", __FUNCTION__,
 inet_strfamily(e->ai_family),
 e->ai_canonname, uaddr, uport, strerror(errno));
 closesocket(sock);
+sock = -1;
 continue;
 }
 freeaddrinfo(res);
 return sock;
 }
+error_set(errp, QERR_SOCKET_CONNECT_FAILED);
 freeaddrinfo(res);
 return -1;
 }
@@ -449,14 +474,20 @@ int inet_listen(const char *str, char *ostr, int olen,
 return sock;
 }
 
-int inet_connect(const char *str, int socktype)
+int inet_connect(const char *str, bool block, Error **errp)
 {
 QemuOpts *opts;
 int sock = -1;
 
 opts = qemu_opts_create(&dummy_opts, NULL, 0);
-if (inet_parse(opts, str) == 0)
-sock = inet_connect_opts(opts);
+if (inet

Re: [Qemu-devel] [PATCH 00/16] QEMU vhost-scsi support

[ronnie sahlberg]

On Tue, Apr 24, 2012 at 7:13 PM, Stefan Hajnoczi  wrote:
> On Tue, Apr 24, 2012 at 8:05 AM, Paolo Bonzini  wrote:
>> Il 24/04/2012 06:21, ronnie sahlberg ha scritto:
>>> Hi Stefan,
>>>
>>> A little bit off-topic but
>>>
>>> When you design the proper place and API to plug virt-scsi into an
>>> external SCSI parser outside of qemu like the target in the kernel ...
>>>
>>> It would be very nice if one could also plug virt-scsi into libiscsi
>>> and pass the CDBs straight to the remote iSCSI target too.
>>> Keep some thoughts on virt-scsi + libiscsi integration.
>>
>> Yes, that makes a lot of sense.  It's a bit harder than scsi-generic but
>> we do want to get there.
>
> Yep.  I think previously there was discussion about a libiscsi
> SCSIDevice so that guest SCSI commands can be sent to libiscsi LUNs
> without going through the QEMU block layer.  (Another way to pass
> arbitrary SCSI commands to libiscsi is by hooking up .bdrv_aio_ioctl()
> with SG_IO scsi-generic compatible code in block/iscsi.c.)

bdrv_aio_ioctl() and SG_IO would mean #ifdef __linux__

So maybe it would be better to instead create a new hw/scsi-scsi.c
that calls straight into block/iscsi.c ?
That would be a lot more work than emulating SG_IO but would work on
all platforms.


Comments? How important is !linux support ?

regards
ronnie sahlberg

Re: [Qemu-devel] [PATCH v9 2/4] sockets: change inet_connect() to support nonblock socket

[Orit Wasserman]

On 04/25/2012 06:32 AM, Amos Kong wrote:
> Add a bool argument to inet_connect() to assign if set socket
> to block/nonblock, and delete original argument 'socktype'
> that is unused.
> Add a new argument to inet_connect()/inet_connect_opts(),
> to pass back connect error by error class.
> 
> Retry to connect when -EINTR is got. Connect's successful
> for nonblock socket when following errors are got, user
> should wait for connecting by select():
>   -EINPROGRESS
>   -EWOULDBLOCK (win32)
>   -WSAEALREADY (win32)
> 
> Change nbd, vnc to use new interface.
> 
> Changes from v7:
> - posix: let EWOULDBLOCK fall through to CONNECT_FAILED path
> - fix typo
> 
> Changes from v8:
> - reuse rc variable
> - fix a NULL pointer dereference
> 
> Signed-off-by: Amos Kong 
> ---
>  nbd.c  |2 +-
>  qemu-char.c|2 +-
>  qemu-sockets.c |   46 --
>  qemu_socket.h  |6 --
>  ui/vnc.c   |2 +-
>  5 files changed, 47 insertions(+), 11 deletions(-)
> 
> diff --git a/nbd.c b/nbd.c
> index 406e555..bb71f00 100644
> --- a/nbd.c
> +++ b/nbd.c
> @@ -146,7 +146,7 @@ int tcp_socket_outgoing(const char *address, uint16_t 
> port)
>  
>  int tcp_socket_outgoing_spec(const char *address_and_port)
>  {
> -return inet_connect(address_and_port, SOCK_STREAM);
> +return inet_connect(address_and_port, true, NULL);
>  }
>  
>  int tcp_socket_incoming(const char *address, uint16_t port)
> diff --git a/qemu-char.c b/qemu-char.c
> index 74c60e1..aeee2e8 100644
> --- a/qemu-char.c
> +++ b/qemu-char.c
> @@ -2444,7 +2444,7 @@ static CharDriverState *qemu_chr_open_socket(QemuOpts 
> *opts)
>  if (is_listen) {
>  fd = inet_listen_opts(opts, 0);
>  } else {
> -fd = inet_connect_opts(opts);
> +fd = inet_connect_opts(opts, NULL);
>  }
>  }
>  if (fd < 0) {
> diff --git a/qemu-sockets.c b/qemu-sockets.c
> index 6bcb8e3..243af67 100644
> --- a/qemu-sockets.c
> +++ b/qemu-sockets.c
> @@ -51,6 +51,9 @@ static QemuOptsList dummy_opts = {
>  },{
>  .name = "ipv6",
>  .type = QEMU_OPT_BOOL,
> +},{
> +.name = "block",
> +.type = QEMU_OPT_BOOL,
>  },
>  { /* end if list */ }
>  },
> @@ -194,7 +197,7 @@ listen:
>  return slisten;
>  }
>  
> -int inet_connect_opts(QemuOpts *opts)
> +int inet_connect_opts(QemuOpts *opts, Error **errp)
>  {
>  struct addrinfo ai,*res,*e;
>  const char *addr;
> @@ -202,6 +205,7 @@ int inet_connect_opts(QemuOpts *opts)
>  char uaddr[INET6_ADDRSTRLEN+1];
>  char uport[33];
>  int sock,rc;
> +bool block;
>  
>  memset(&ai,0, sizeof(ai));
>  ai.ai_flags = AI_CANONNAME | AI_ADDRCONFIG;
> @@ -210,8 +214,10 @@ int inet_connect_opts(QemuOpts *opts)
>  
>  addr = qemu_opt_get(opts, "host");
>  port = qemu_opt_get(opts, "port");
> +block = qemu_opt_get_bool(opts, "block", 0);
>  if (addr == NULL || port == NULL) {
>  fprintf(stderr, "inet_connect: host and/or port not specified\n");
> +error_set(errp, QERR_SOCKET_CREATE_FAILED);
>  return -1;
>  }
>  
> @@ -224,6 +230,7 @@ int inet_connect_opts(QemuOpts *opts)
>  if (0 != (rc = getaddrinfo(addr, port, &ai, &res))) {
>  fprintf(stderr,"getaddrinfo(%s,%s): %s\n", addr, port,
>  gai_strerror(rc));
> +error_set(errp, QERR_SOCKET_CREATE_FAILED);
>   return -1;
>  }
>  
> @@ -241,19 +248,40 @@ int inet_connect_opts(QemuOpts *opts)
>  continue;
>  }
>  setsockopt(sock,SOL_SOCKET,SO_REUSEADDR,(void*)&on,sizeof(on));
> -
> +if (!block) {
> +socket_set_nonblock(sock);
> +}
>  /* connect to peer */
> -if (connect(sock,e->ai_addr,e->ai_addrlen) < 0) {
> +do {
> +rc = 0;
> +if (connect(sock, e->ai_addr, e->ai_addrlen) < 0) {
> +rc = -socket_error();
> +}
> +} while (rc == -EINTR);
> +
> +  #ifdef _WIN32
> +if (!block && (rc == -EINPROGRESS || rc == -EWOULDBLOCK
> +   || rc == -WSAEALREADY)) {
> +  #else
> +if (!block && (rc == -EINPROGRESS)) {
> +  #endif
> +error_set(errp, QERR_SOCKET_CONNECT_IN_PROGRESS);
> +}
> +if (rc < 0 && (!errp || !error_is_type(*errp,
> +QERR_SOCKET_CONNECT_IN_PROGRESS))) {
This is means we don't handle non-blocking correctly if errp is NULL.
I think this can work: 
else if (rc < 0) {

Orit
> +
>  if (NULL == e->ai_next)
>  fprintf(stderr, "%s: connect(%s,%s,%s,%s): %s\n", 
> __FUNCTION__,
>  inet_strfamily(e->ai_family),
>  e->ai_canonname, uaddr, uport, strerror(errno));
>  closesocket(sock);
> +sock = -1;
>  continue;
>  }
>  freeaddrinfo(res);
>  return sock;
>  }
> +erro

[Qemu-devel] [Bug 988128] [NEW] smbd crashes when called with "smb ports = 0"

[Nikolaus Rath]

Public bug reported:

The smb.conf generated by qemu-kvm contains a "smb ports = 0" directive. This
causes at least version 3.6.4 of Samba to crash with

[0] vostro:/tmp/qemu-smb.6836-0# smbd -i -s smb.conf
Unable to setup corepath for smbd: Operation not permitted
smbd version 3.6.4 started.
Copyright Andrew Tridgell and the Samba Team 1992-2011
open_sockets_smbd: No sockets available to bind to.
===
Abnormal server exit: open_sockets_smbd() failed
===
BACKTRACE: 6 stack frames:
 #0 smbd(log_stack_trace+0x1a) [0x7fe50c14f8ba]
 #1 smbd(+0x6a0743) [0x7fe50c3bd743]
 #2 smbd(+0x6a0a41) [0x7fe50c3bda41]
 #3 smbd(main+0xa52) [0x7fe50be26d42]
 #4 /lib/x86_64-linux-gnu/libc.so.6(__libc_start_main+0xfd) [0x7fe508ac0ead]
 #5 smbd(+0x10a6b9) [0x7fe50be276b9]

Changing "smb ports" to a non-privilileged port works around the issue.

I'd like to help fix this, but I am not sure what qemu-kvm's intention is here.
Zero is not a valid port, and the smb.conf manpage does not describe any
special meaning of zero here. I found that previous versions of samba apparently
did not bind to any port if zero was specified - but in that case, how is
qemu communicating with samba?

** Affects: qemu
 Importance: Undecided
 Status: New

-- 
You received this bug notification because you are a member of qemu-
devel-ml, which is subscribed to QEMU.
https://bugs.launchpad.net/bugs/988128

Title:
  smbd crashes when called with "smb ports = 0"

Status in QEMU:
  New

Bug description:
  The smb.conf generated by qemu-kvm contains a "smb ports = 0" directive. This
  causes at least version 3.6.4 of Samba to crash with

  [0] vostro:/tmp/qemu-smb.6836-0# smbd -i -s smb.conf
  Unable to setup corepath for smbd: Operation not permitted
  smbd version 3.6.4 started.
  Copyright Andrew Tridgell and the Samba Team 1992-2011
  open_sockets_smbd: No sockets available to bind to.
  ===
  Abnormal server exit: open_sockets_smbd() failed
  ===
  BACKTRACE: 6 stack frames:
   #0 smbd(log_stack_trace+0x1a) [0x7fe50c14f8ba]
   #1 smbd(+0x6a0743) [0x7fe50c3bd743]
   #2 smbd(+0x6a0a41) [0x7fe50c3bda41]
   #3 smbd(main+0xa52) [0x7fe50be26d42]
   #4 /lib/x86_64-linux-gnu/libc.so.6(__libc_start_main+0xfd) [0x7fe508ac0ead]
   #5 smbd(+0x10a6b9) [0x7fe50be276b9]

  Changing "smb ports" to a non-privilileged port works around the
  issue.

  I'd like to help fix this, but I am not sure what qemu-kvm's intention is 
here.
  Zero is not a valid port, and the smb.conf manpage does not describe any
  special meaning of zero here. I found that previous versions of samba 
apparently
  did not bind to any port if zero was specified - but in that case, how is
  qemu communicating with samba?

To manage notifications about this bug go to:
https://bugs.launchpad.net/qemu/+bug/988128/+subscriptions

[Qemu-devel] [Bug 988125] Re: Generated smb.conf needs to declare state directory

[Nikolaus Rath]

** Patch added: "Previous patch was broken"
   
https://bugs.launchpad.net/qemu/+bug/988125/+attachment/3102896/+files/smb-patch.diff

** Patch removed: "smb-patch.diff"
   
https://bugs.launchpad.net/qemu/+bug/988125/+attachment/3102872/+files/smb-patch.diff

-- 
You received this bug notification because you are a member of qemu-
devel-ml, which is subscribed to QEMU.
https://bugs.launchpad.net/bugs/988125

Title:
  Generated smb.conf needs to declare state directory

Status in QEMU:
  New

Bug description:
  The smb.conf generated by the userspace networking does not include a state 
directory
  directive. Samba therefore falls back to the default value. Since the user 
generally
  does not have write access to this path, smbd immediately crashes.

  I have attached a patch that adds the missing option.

To manage notifications about this bug go to:
https://bugs.launchpad.net/qemu/+bug/988125/+subscriptions

[Qemu-devel] [Bug 988125] [NEW] Generated smb.conf needs to declare state directory

[Nikolaus Rath]

Public bug reported:

The smb.conf generated by the userspace networking does not include a state 
directory
directive. Samba therefore falls back to the default value. Since the user 
generally
does not have write access to this path, smbd immediately crashes.

I have attached a patch that adds the missing option.

** Affects: qemu
 Importance: Undecided
 Status: New


** Tags: patch

-- 
You received this bug notification because you are a member of qemu-
devel-ml, which is subscribed to QEMU.
https://bugs.launchpad.net/bugs/988125

Title:
  Generated smb.conf needs to declare state directory

Status in QEMU:
  New

Bug description:
  The smb.conf generated by the userspace networking does not include a state 
directory
  directive. Samba therefore falls back to the default value. Since the user 
generally
  does not have write access to this path, smbd immediately crashes.

  I have attached a patch that adds the missing option.

To manage notifications about this bug go to:
https://bugs.launchpad.net/qemu/+bug/988125/+subscriptions

[Qemu-devel] [Bug 988125] Re: Generated smb.conf needs to declare state directory

[Nikolaus Rath]

** Patch added: "smb-patch.diff"
   
https://bugs.launchpad.net/bugs/988125/+attachment/3102872/+files/smb-patch.diff

-- 
You received this bug notification because you are a member of qemu-
devel-ml, which is subscribed to QEMU.
https://bugs.launchpad.net/bugs/988125

Title:
  Generated smb.conf needs to declare state directory

Status in QEMU:
  New

Bug description:
  The smb.conf generated by the userspace networking does not include a state 
directory
  directive. Samba therefore falls back to the default value. Since the user 
generally
  does not have write access to this path, smbd immediately crashes.

  I have attached a patch that adds the missing option.

To manage notifications about this bug go to:
https://bugs.launchpad.net/qemu/+bug/988125/+subscriptions

[Qemu-devel] [PATCH v9 2/4] sockets: change inet_connect() to support nonblock socket

[Amos Kong]

Add a bool argument to inet_connect() to assign if set socket
to block/nonblock, and delete original argument 'socktype'
that is unused.
Add a new argument to inet_connect()/inet_connect_opts(),
to pass back connect error by error class.

Retry to connect when -EINTR is got. Connect's successful
for nonblock socket when following errors are got, user
should wait for connecting by select():
  -EINPROGRESS
  -EWOULDBLOCK (win32)
  -WSAEALREADY (win32)

Change nbd, vnc to use new interface.

Changes from v7:
- posix: let EWOULDBLOCK fall through to CONNECT_FAILED path
- fix typo

Changes from v8:
- reuse rc variable
- fix a NULL pointer dereference

Signed-off-by: Amos Kong 
---
 nbd.c  |2 +-
 qemu-char.c|2 +-
 qemu-sockets.c |   46 --
 qemu_socket.h  |6 --
 ui/vnc.c   |2 +-
 5 files changed, 47 insertions(+), 11 deletions(-)

diff --git a/nbd.c b/nbd.c
index 406e555..bb71f00 100644
--- a/nbd.c
+++ b/nbd.c
@@ -146,7 +146,7 @@ int tcp_socket_outgoing(const char *address, uint16_t port)
 
 int tcp_socket_outgoing_spec(const char *address_and_port)
 {
-return inet_connect(address_and_port, SOCK_STREAM);
+return inet_connect(address_and_port, true, NULL);
 }
 
 int tcp_socket_incoming(const char *address, uint16_t port)
diff --git a/qemu-char.c b/qemu-char.c
index 74c60e1..aeee2e8 100644
--- a/qemu-char.c
+++ b/qemu-char.c
@@ -2444,7 +2444,7 @@ static CharDriverState *qemu_chr_open_socket(QemuOpts 
*opts)
 if (is_listen) {
 fd = inet_listen_opts(opts, 0);
 } else {
-fd = inet_connect_opts(opts);
+fd = inet_connect_opts(opts, NULL);
 }
 }
 if (fd < 0) {
diff --git a/qemu-sockets.c b/qemu-sockets.c
index 6bcb8e3..243af67 100644
--- a/qemu-sockets.c
+++ b/qemu-sockets.c
@@ -51,6 +51,9 @@ static QemuOptsList dummy_opts = {
 },{
 .name = "ipv6",
 .type = QEMU_OPT_BOOL,
+},{
+.name = "block",
+.type = QEMU_OPT_BOOL,
 },
 { /* end if list */ }
 },
@@ -194,7 +197,7 @@ listen:
 return slisten;
 }
 
-int inet_connect_opts(QemuOpts *opts)
+int inet_connect_opts(QemuOpts *opts, Error **errp)
 {
 struct addrinfo ai,*res,*e;
 const char *addr;
@@ -202,6 +205,7 @@ int inet_connect_opts(QemuOpts *opts)
 char uaddr[INET6_ADDRSTRLEN+1];
 char uport[33];
 int sock,rc;
+bool block;
 
 memset(&ai,0, sizeof(ai));
 ai.ai_flags = AI_CANONNAME | AI_ADDRCONFIG;
@@ -210,8 +214,10 @@ int inet_connect_opts(QemuOpts *opts)
 
 addr = qemu_opt_get(opts, "host");
 port = qemu_opt_get(opts, "port");
+block = qemu_opt_get_bool(opts, "block", 0);
 if (addr == NULL || port == NULL) {
 fprintf(stderr, "inet_connect: host and/or port not specified\n");
+error_set(errp, QERR_SOCKET_CREATE_FAILED);
 return -1;
 }
 
@@ -224,6 +230,7 @@ int inet_connect_opts(QemuOpts *opts)
 if (0 != (rc = getaddrinfo(addr, port, &ai, &res))) {
 fprintf(stderr,"getaddrinfo(%s,%s): %s\n", addr, port,
 gai_strerror(rc));
+error_set(errp, QERR_SOCKET_CREATE_FAILED);
return -1;
 }
 
@@ -241,19 +248,40 @@ int inet_connect_opts(QemuOpts *opts)
 continue;
 }
 setsockopt(sock,SOL_SOCKET,SO_REUSEADDR,(void*)&on,sizeof(on));
-
+if (!block) {
+socket_set_nonblock(sock);
+}
 /* connect to peer */
-if (connect(sock,e->ai_addr,e->ai_addrlen) < 0) {
+do {
+rc = 0;
+if (connect(sock, e->ai_addr, e->ai_addrlen) < 0) {
+rc = -socket_error();
+}
+} while (rc == -EINTR);
+
+  #ifdef _WIN32
+if (!block && (rc == -EINPROGRESS || rc == -EWOULDBLOCK
+   || rc == -WSAEALREADY)) {
+  #else
+if (!block && (rc == -EINPROGRESS)) {
+  #endif
+error_set(errp, QERR_SOCKET_CONNECT_IN_PROGRESS);
+}
+if (rc < 0 && (!errp || !error_is_type(*errp,
+QERR_SOCKET_CONNECT_IN_PROGRESS))) {
+
 if (NULL == e->ai_next)
 fprintf(stderr, "%s: connect(%s,%s,%s,%s): %s\n", __FUNCTION__,
 inet_strfamily(e->ai_family),
 e->ai_canonname, uaddr, uport, strerror(errno));
 closesocket(sock);
+sock = -1;
 continue;
 }
 freeaddrinfo(res);
 return sock;
 }
+error_set(errp, QERR_SOCKET_CONNECT_FAILED);
 freeaddrinfo(res);
 return -1;
 }
@@ -449,14 +477,20 @@ int inet_listen(const char *str, char *ostr, int olen,
 return sock;
 }
 
-int inet_connect(const char *str, int socktype)
+int inet_connect(const char *str, bool block, Error **errp)
 {
 QemuOpts *opts;
 int sock = -1;
 
 opts = qemu_opts_create(&dummy_opts, NULL, 0);
-if (inet_parse(opts, str) == 0)
-sock = inet_connect_opts

Re: [Qemu-devel] [PATCH v4] ARM: Exynos4210 IRQ: Introduce new IRQ gate functionality.

[Evgeny Voevodin]

On 24.04.2012 20:17, Peter Maydell wrote:

On 24 April 2012 05:19, Evgeny Voevodin  wrote:

New IRQ gate consists of n_in input qdev gpio lines and one
output sysbus IRQ line. The output IRQ level is formed as OR
between all gpio inputs.

Signed-off-by: Evgeny Voevodin

Reviewed-by: Peter Maydell

Not convinced it's worth putting into master at this point though,
given we're in softfreeze and only a week before hardfreeze, so
I've put it in arm-devs.next but don't plan to submit a pullreq
for it before hardfreeze.

-- PMM



Ok, don't mind.

--
Kind regards,
Evgeny Voevodin,
Leading Software Engineer,
ASWG, Moscow R&D center, Samsung Electronics
e-mail: e.voevo...@samsung.com

Re: [Qemu-devel] [PATCH 11/12] Migrate 64bit entries to 64bit pci regions

[Kevin O'Connor]

On Tue, Apr 24, 2012 at 06:25:39PM +1200, Alexey Korolev wrote:
> Migrate 64bit entries to 64bit pci regions if they do
> not fit in 32bit range.
[...]
> +static void pci_region_migrate_64bit_entries(struct pci_region *from,
> + struct pci_region *to)
> +{
> +struct pci_region_entry **pprev = &from->list;
> +struct pci_region_entry **last = &to->list;
> +while(*pprev) {
> +if ((*pprev)->is64) {
> +struct pci_region_entry *entry;
> +entry = *pprev;
> +/* Delete the entry and move next */
> +*pprev = (*pprev)->next;
> +/* Add entry at tail to keep a sorted order */
> +entry->next = NULL;
> +if (*last) {
> +   (*last)->next = entry;
> +last  = &(*last)->next;
> +}
> +else
> +   (*last) = entry;
> +}
> +else
> +pprev = &(*pprev)->next;
> +}
> +}

It should be possible to simplify this - something like (untested):

static void pci_region_migrate_64bit_entries(struct pci_region *from,
 struct pci_region *to)
{
struct pci_region_entry **pprev = &from->list, **last = &to->list;
for (; *pprev; pprev = &(*pprev)->next) {
struct pci_region_entry *entry = *pprev;
if (!entry->is64)
continue;
// Move from source list to dest list.
*pprev = entry->next;
entry->next = NULL;
*last = entry;
last = &entry->next;
}
}

[...]
>  static void pci_bios_map_devices(struct pci_bus *busses)
>  {
> +if (pci_bios_init_root_regions(busses)) {
> +struct pci_region r64_mem, r64_pref;
> +r64_mem.list = NULL;
> +r64_pref.list = NULL;
> +pci_region_migrate_64bit_entries(&busses[0].r[PCI_REGION_TYPE_MEM],
> + &r64_mem);
> +
> pci_region_migrate_64bit_entries(&busses[0].r[PCI_REGION_TYPE_PREFMEM],
> + &r64_pref);
> +
> +if (pci_bios_init_root_regions(busses))
> +panic("PCI: out of address space\n");
> +
> +r64_mem.base = BUILD_PCIMEM64_START;
> +r64_pref.base = ALIGN(r64_mem.base + pci_region_sum(&r64_mem),
> +  pci_region_align(&r64_pref));

There should be a check to see if the regions fit.  Maybe pass
start/end into pci_bios_init_root_regions() and call it again for the
>4g region?

> +pci_region_map_entries(busses, &r64_mem);
> +pci_region_map_entries(busses, &r64_pref);
> +}
>  // Map regions on each device.

This doesn't look right to me.  This will map the devices on bus 0 to
the proper >4g address, but devices on any subsequent bus will use
busses[0].r[].base which will be reset to the <4gig address.  Perhaps
pull base out of pci_region and make pci_region_map_entries()
recursive?

-Kevin

Re: [Qemu-devel] [PATCH 10/12] Calculate pci region stats on demand

[Kevin O'Connor]

On Tue, Apr 24, 2012 at 06:24:27PM +1200, Alexey Korolev wrote:
> Do not store pci region stats - instead calulate the
> sum and alignment on demand.
[...]
> @@ -446,9 +459,9 @@ static int pci_bios_check_devices(struct pci_bus *busses)
>  for (type = 0; type < PCI_REGION_TYPE_COUNT; type++) {
>  u64 align = (type == PCI_REGION_TYPE_IO) ?
>  PCI_BRIDGE_IO_MIN : PCI_BRIDGE_MEM_MIN;
> -if (s->r[type].align > align)
> -align = s->r[type].align;
> -u64 size = ALIGN(s->r[type].sum, align);
> +if (pci_region_align(&s->r[type]) > align)
> + align = pci_region_align(&s->r[type]);
> +u64 size = ALIGN(pci_region_sum(&s->r[type]), align);
[...]
> +r_end->base = ALIGN_DOWN((BUILD_PCIMEM_END - pci_region_sum(r_end)),
> +pci_region_align(r_end));
> +r_start->base = ALIGN_DOWN((r_end->base - pci_region_sum(r_start)),
> +pci_region_align(r_start));

I'd avoid making function calls in the parameter of a macro (it can be
executed multiple times and it's non-obvious).

-Kevin

[Qemu-devel] How can I see the data for IDE DMA?

[Sungchan Kim]

Dear all,



I'm trying to integrate our custom SSD simulator by modifying the ide part
of qemu.

To do this, beside a boot disk, I'm using an additional disk image in raw
format that is mounted to /dev/sdb.

I'm working with the ubuntu 11.04 image that is mounted as /dev/sda.



I need to monitor (and get) the actual IDE DMA data that is read
from/written when using the raw disk image, /dev/sdb.

Even though I looked at some source files in the hw/ide directory, it is
still not sure which function or data structure I should use to do this.

Could anyone help me figure out this difficulty?

Thank you.



Regards,

Sungchan Kim

[Qemu-devel] [PATCH qemu 1/6] move code to read default config files to a separate function (v2)

[Eduardo Habkost]

Function added to arch_init.c because it depends on arch-specific
settings.

Changes v1 -> v2:
 - Move qemu_read_default_config_file() prototype to qemu-config.h

Signed-off-by: Eduardo Habkost 
---
 arch_init.c   |   18 ++
 qemu-config.h |4 
 vl.c  |   10 ++
 3 files changed, 24 insertions(+), 8 deletions(-)

diff --git a/arch_init.c b/arch_init.c
index 9a35aee..4008115 100644
--- a/arch_init.c
+++ b/arch_init.c
@@ -112,6 +112,24 @@ const uint32_t arch_type = QEMU_ARCH;
 #define ALL_EQ(v1, v2) ((v1) == (v2))
 #endif
 
+
+int qemu_read_default_config_files(void)
+{
+int ret;
+
+ret = qemu_read_config_file(CONFIG_QEMU_CONFDIR "/qemu.conf");
+if (ret < 0 && ret != -ENOENT) {
+return ret;
+}
+
+ret = qemu_read_config_file(arch_config_name);
+if (ret < 0 && ret != -ENOENT) {
+return ret;
+}
+
+return 0;
+}
+
 static int is_dup_page(uint8_t *page)
 {
 VECTYPE *p = (VECTYPE *)page;
diff --git a/qemu-config.h b/qemu-config.h
index 20d707f..ff934a1 100644
--- a/qemu-config.h
+++ b/qemu-config.h
@@ -16,4 +16,8 @@ int qemu_config_parse(FILE *fp, QemuOptsList **lists, const 
char *fname);
 
 int qemu_read_config_file(const char *filename);
 
+/* Read default Qemu config files
+ */
+int qemu_read_default_config_files(void);
+
 #endif /* QEMU_CONFIG_H */
diff --git a/vl.c b/vl.c
index ae91a8a..1e5e593 100644
--- a/vl.c
+++ b/vl.c
@@ -2354,14 +2354,8 @@ int main(int argc, char **argv, char **envp)
 
 if (defconfig) {
 int ret;
-
-ret = qemu_read_config_file(CONFIG_QEMU_CONFDIR "/qemu.conf");
-if (ret < 0 && ret != -ENOENT) {
-exit(1);
-}
-
-ret = qemu_read_config_file(arch_config_name);
-if (ret < 0 && ret != -ENOENT) {
+ret = qemu_read_default_config_files();
+if (ret < 0) {
 exit(1);
 }
 }
-- 
1.7.3.2

Re: [Qemu-devel] [PATCH v2] configure: Fix creation of symbolic links for MinGW toolchain

[Stefan Weil]

Am 19.03.2012 13:20, schrieb Stefan Weil:

The MinGW toolchain on w32/w64 hosts does not create symbolic links,
but implements 'ln -s' similar to 'cp -r'.

In incremental out of tree builds, this resulted in files which
were not updated when their counterparts in the QEMU source tree
changed. Especially for Makefile* this happened very often.

With this patch, the 'symlinked' files are now always updated for
out of tree builds. Similar code was already used for the symbolic
link of libcacard/Makefile.

The symlink macro always removes the target before it is created
again, therefore the rm command for libcacard/Makefile was redundant
and is removed now.

Macro symlink is also used with directories. To remove them on w32
hosts, a recursive rm is needed.

v2:
Quote arguments in shell function symlink, and also quote any argument
which is passed to symlink and which contains macros. This should reduce
the chance of accidents caused by rm -rf.

Signed-off-by: Stefan Weil
---
  configure |   21 ++---
  1 files changed, 10 insertions(+), 11 deletions(-)

diff --git a/configure b/configure
index afe7395..53a8174 100755
--- a/configure
+++ b/configure
@@ -41,8 +41,8 @@ compile_prog() {

  # symbolically link $1 to $2.  Portable version of "ln -sf".
  symlink() {
-  rm -f $2
-  ln -s $1 $2
+  rm -rf "$2"
+  ln -s "$1" "$2"
  }

  # check whether a command is available to this shell (may be either an
@@ -3373,7 +3373,7 @@ fi

  for d in libdis libdis-user; do
  mkdir -p $d
-symlink $source_path/Makefile.dis $d/Makefile
+symlink "$source_path/Makefile.dis" "$d/Makefile"
  echo>  $d/config.mak
  done

@@ -3382,13 +3382,13 @@ if test "$linux" = "yes" ; then
mkdir -p linux-headers
case "$cpu" in
i386|x86_64)
-symlink $source_path/linux-headers/asm-x86 linux-headers/asm
+symlink "$source_path/linux-headers/asm-x86" linux-headers/asm
  ;;
ppcemb|ppc|ppc64)
-symlink $source_path/linux-headers/asm-powerpc linux-headers/asm
+symlink "$source_path/linux-headers/asm-powerpc" linux-headers/asm
  ;;
s390x)
-symlink $source_path/linux-headers/asm-s390 linux-headers/asm
+symlink "$source_path/linux-headers/asm-s390" linux-headers/asm
  ;;
esac
  fi
@@ -3453,7 +3453,7 @@ mkdir -p $target_dir/kvm
  if test "$target" = "arm-linux-user" -o "$target" = "armeb-linux-user" -o "$target" = 
"arm-bsd-user" -o "$target" = "armeb-bsd-user" ; then
mkdir -p $target_dir/nwfpe
  fi
-symlink $source_path/Makefile.target $target_dir/Makefile
+symlink "$source_path/Makefile.target" "$target_dir/Makefile"


  echo "# Automatically generated by configure - do not modify">  
$config_target_mak
@@ -3883,7 +3883,7 @@ do
  done
  mkdir -p $DIRS
  for f in $FILES ; do
-if [ -e "$source_path/$f" ]&&  ! [ -e "$f" ]; then
+if [ -e "$source_path/$f" ]&&  [ "$source_path" != `pwd` ]; then
  symlink "$source_path/$f" "$f"
  fi
  done
@@ -3906,7 +3906,7 @@ for hwlib in 32 64; do
mkdir -p $d
mkdir -p $d/ide
mkdir -p $d/usb
-  symlink $source_path/Makefile.hw $d/Makefile
+  symlink "$source_path/Makefile.hw" "$d/Makefile"
mkdir -p $d/9pfs
echo "QEMU_CFLAGS+=-DTARGET_PHYS_ADDR_BITS=$hwlib">  $d/config.mak
  done
@@ -3914,7 +3914,6 @@ done
  if [ "$source_path" != `pwd` ]; then
  # out of tree build
  mkdir -p libcacard
-rm -f libcacard/Makefile
  symlink "$source_path/libcacard/Makefile" libcacard/Makefile
  fi

@@ -3922,7 +3921,7 @@ d=libuser
  mkdir -p $d
  mkdir -p $d/trace
  mkdir -p $d/qom
-symlink $source_path/Makefile.user $d/Makefile
+symlink "$source_path/Makefile.user" "$d/Makefile"

  if test "$docs" = "yes" ; then
mkdir -p QMP
   


Should I send a pull request for this patch, or can it be applied
through qemu-devel?

Regards,
Stefan W.

[Qemu-devel] [PATCH qemu 6/6] move CPU definitions to /usr/share/qemu/cpus-x86_64.conf (v2)

[Eduardo Habkost]

Changes v1 -> v2:
 - userconfig variable is now bool, not int

Signed-off-by: Eduardo Habkost 
---
 Makefile |   12 +++-
 arch_init.c  |1 +
 sysconfigs/target/cpus-x86_64.conf   |  128 ++
 sysconfigs/target/target-x86_64.conf |  128 --
 4 files changed, 138 insertions(+), 131 deletions(-)
 create mode 100644 sysconfigs/target/cpus-x86_64.conf

diff --git a/Makefile b/Makefile
index 4f43793..6c20f27 100644
--- a/Makefile
+++ b/Makefile
@@ -280,11 +280,18 @@ ifdef CONFIG_VIRTFS
$(INSTALL_DIR) "$(DESTDIR)$(mandir)/man1"
$(INSTALL_DATA) fsdev/virtfs-proxy-helper.1 "$(DESTDIR)$(mandir)/man1"
 endif
-install-sysconfig:
+
+install-datadir:
+   $(INSTALL_DIR) "$(DESTDIR)$(qemu_datadir)"
+
+install-confdir:
$(INSTALL_DIR) "$(DESTDIR)$(qemu_confdir)"
+
+install-sysconfig: install-datadir install-confdir
$(INSTALL_DATA) $(SRC_PATH)/sysconfigs/target/target-x86_64.conf 
"$(DESTDIR)$(qemu_confdir)"
+   $(INSTALL_DATA) $(SRC_PATH)/sysconfigs/target/cpus-x86_64.conf 
"$(DESTDIR)$(qemu_datadir)"
 
-install: all $(if $(BUILD_DOCS),install-doc) install-sysconfig
+install: all $(if $(BUILD_DOCS),install-doc) install-sysconfig install-datadir
$(INSTALL_DIR) "$(DESTDIR)$(bindir)"
 ifneq ($(TOOLS),)
$(INSTALL_PROG) $(STRIP_OPT) $(TOOLS) "$(DESTDIR)$(bindir)"
@@ -294,7 +301,6 @@ ifneq ($(HELPERS-y),)
$(INSTALL_PROG) $(STRIP_OPT) $(HELPERS-y) "$(DESTDIR)$(libexecdir)"
 endif
 ifneq ($(BLOBS),)
-   $(INSTALL_DIR) "$(DESTDIR)$(qemu_datadir)"
set -e; for x in $(BLOBS); do \
$(INSTALL_DATA) $(SRC_PATH)/pc-bios/$$x 
"$(DESTDIR)$(qemu_datadir)"; \
done
diff --git a/arch_init.c b/arch_init.c
index 996baba..988adca 100644
--- a/arch_init.c
+++ b/arch_init.c
@@ -117,6 +117,7 @@ static struct defconfig_file {
 /* Indicates it is an user config file (disabled by -no-user-config) */
 bool userconfig;
 } default_config_files[] = {
+{ CONFIG_QEMU_DATADIR "/cpus-" TARGET_ARCH ".conf",  false },
 { CONFIG_QEMU_CONFDIR "/qemu.conf",   true },
 { CONFIG_QEMU_CONFDIR "/target-" TARGET_ARCH ".conf", true },
 { NULL }, /* end of list */
diff --git a/sysconfigs/target/cpus-x86_64.conf 
b/sysconfigs/target/cpus-x86_64.conf
new file mode 100644
index 000..cee0ea9
--- /dev/null
+++ b/sysconfigs/target/cpus-x86_64.conf
@@ -0,0 +1,128 @@
+# x86 CPU MODELS
+
+[cpudef]
+   name = "Conroe"
+   level = "2"
+   vendor = "GenuineIntel"
+   family = "6"
+   model = "2"
+   stepping = "3"
+   feature_edx = "sse2 sse fxsr mmx clflush pse36 pat cmov mca pge mtrr sep 
apic cx8 mce pae msr tsc pse de fpu"
+   feature_ecx = "ssse3 sse3"
+   extfeature_edx = "i64 xd syscall"
+   extfeature_ecx = "lahf_lm"
+   xlevel = "0x800A"
+   model_id = "Intel Celeron_4x0 (Conroe/Merom Class Core 2)"
+
+[cpudef]
+   name = "Penryn"
+   level = "2"
+   vendor = "GenuineIntel"
+   family = "6"
+   model = "2"
+   stepping = "3"
+   feature_edx = "sse2 sse fxsr mmx clflush pse36 pat cmov mca pge mtrr sep 
apic cx8 mce pae msr tsc pse de fpu"
+   feature_ecx = "sse4.1 cx16 ssse3 sse3"
+   extfeature_edx = "i64 xd syscall"
+   extfeature_ecx = "lahf_lm"
+   xlevel = "0x800A"
+   model_id = "Intel Core 2 Duo P9xxx (Penryn Class Core 2)"
+
+[cpudef]
+   name = "Nehalem"
+   level = "2"
+   vendor = "GenuineIntel"
+   family = "6"
+   model = "2"
+   stepping = "3"
+   feature_edx = "sse2 sse fxsr mmx clflush pse36 pat cmov mca pge mtrr sep 
apic cx8 mce pae msr tsc pse de fpu"
+   feature_ecx = "popcnt sse4.2 sse4.1 cx16 ssse3 sse3"
+   extfeature_edx = "i64 syscall xd"
+   extfeature_ecx = "lahf_lm"
+   xlevel = "0x800A"
+   model_id = "Intel Core i7 9xx (Nehalem Class Core i7)"
+
+[cpudef]
+   name = "Westmere"
+   level = "11"
+   vendor = "GenuineIntel"
+   family = "6"
+   model = "44"
+   stepping = "1"
+   feature_edx = "sse2 sse fxsr mmx clflush pse36 pat cmov mca pge mtrr sep 
apic cx8 mce pae msr tsc pse de fpu"
+   feature_ecx = "aes popcnt sse4.2 sse4.1 cx16 ssse3 sse3"
+   extfeature_edx = "i64 syscall xd"
+   extfeature_ecx = "lahf_lm"
+   xlevel = "0x800A"
+   model_id = "Westmere E56xx/L56xx/X56xx (Nehalem-C)"
+
+[cpudef]
+   name = "SandyBridge"
+   level = "0xd"
+   vendor = "GenuineIntel"
+   family = "6"
+   model = "42"
+   stepping = "1"
+   feature_edx = " sse2 sse fxsr mmx clflush pse36 pat cmov mca pge mtrr sep 
apic cx8 mce pae msr tsc pse de fpu"
+   feature_ecx = "avx xsave aes tsc-deadline popcnt x2apic sse4.2 sse4.1 cx16 
ssse3 pclmulqdq sse3"
+   extfeature_edx = "i64 rdtscp nx syscall "
+   extfeature_ecx = "lahf_lm"
+   xlevel = "0x800A"
+   model_id = "Intel Xeon E312xx (Sandy Bridge)"
+
+[cpudef]
+   name = "Opteron_G1"
+   level = "5"
+   vendor = "AuthenticAMD"
+   family = "15"
+   model = "6"
+   stepping = "1"
+   feature_edx = "sse2 sse fxsr mmx clflush pse36 pat cmov m

[Qemu-devel] [PATCH qemu 5/6] implement -no-user-config command-line option (v2)

[Eduardo Habkost]

Changes v1 -> v2:
 - Change 'userconfig' field/variables to bool instead of int
 - Coding style change

Signed-off-by: Eduardo Habkost 
---
 arch_init.c |   11 ---
 qemu-config.h   |2 +-
 qemu-options.hx |   16 +---
 vl.c|6 +-
 4 files changed, 27 insertions(+), 8 deletions(-)

diff --git a/arch_init.c b/arch_init.c
index 62332e9..996baba 100644
--- a/arch_init.c
+++ b/arch_init.c
@@ -114,19 +114,24 @@ const uint32_t arch_type = QEMU_ARCH;
 
 static struct defconfig_file {
 const char *filename;
+/* Indicates it is an user config file (disabled by -no-user-config) */
+bool userconfig;
 } default_config_files[] = {
-{ CONFIG_QEMU_CONFDIR "/qemu.conf" },
-{ CONFIG_QEMU_CONFDIR "/target-" TARGET_ARCH ".conf" },
+{ CONFIG_QEMU_CONFDIR "/qemu.conf",   true },
+{ CONFIG_QEMU_CONFDIR "/target-" TARGET_ARCH ".conf", true },
 { NULL }, /* end of list */
 };
 
 
-int qemu_read_default_config_files(void)
+int qemu_read_default_config_files(bool userconfig)
 {
 int ret;
 struct defconfig_file *f;
 
 for (f = default_config_files; f->filename; f++) {
+if (!userconfig && f->userconfig) {
+continue;
+}
 ret = qemu_read_config_file(f->filename);
 if (ret < 0 && ret != -ENOENT) {
 return ret;
diff --git a/qemu-config.h b/qemu-config.h
index ff934a1..6d7365d 100644
--- a/qemu-config.h
+++ b/qemu-config.h
@@ -18,6 +18,6 @@ int qemu_read_config_file(const char *filename);
 
 /* Read default Qemu config files
  */
-int qemu_read_default_config_files(void);
+int qemu_read_default_config_files(bool userconfig);
 
 #endif /* QEMU_CONFIG_H */
diff --git a/qemu-options.hx b/qemu-options.hx
index a169792..7d0b054 100644
--- a/qemu-options.hx
+++ b/qemu-options.hx
@@ -2685,9 +2685,19 @@ DEF("nodefconfig", 0, QEMU_OPTION_nodefconfig,
 STEXI
 @item -nodefconfig
 @findex -nodefconfig
-Normally QEMU loads a configuration file from @var{sysconfdir}/qemu.conf and
-@var{sysconfdir}/target-@var{ARCH}.conf on startup.  The @code{-nodefconfig}
-option will prevent QEMU from loading these configuration files at startup.
+Normally QEMU loads configuration files from @var{sysconfdir} and 
@var{datadir} at startup.
+The @code{-nodefconfig} option will prevent QEMU from loading any of those 
config files.
+ETEXI
+DEF("no-user-config", 0, QEMU_OPTION_nouserconfig,
+"-no-user-config\n"
+"do not load user-provided config files at startup\n",
+QEMU_ARCH_ALL)
+STEXI
+@item -no-user-config
+@findex -no-user-config
+The @code{-no-user-config} option makes QEMU not load any of the user-provided
+config files on @var{sysconfdir}, but won't make it skip the QEMU-provided 
config
+files from @var{datadir}.
 ETEXI
 DEF("trace", HAS_ARG, QEMU_OPTION_trace,
 "-trace [events=][,file=]\n"
diff --git a/vl.c b/vl.c
index a4f4676..967b7e8 100644
--- a/vl.c
+++ b/vl.c
@@ -2280,6 +2280,7 @@ int main(int argc, char **argv, char **envp)
 int show_vnc_port = 0;
 #endif
 int defconfig = true;
+bool userconfig = true;
 const char *log_mask = NULL;
 const char *log_file = NULL;
 GMemVTable mem_trace = {
@@ -2348,13 +2349,16 @@ int main(int argc, char **argv, char **envp)
 case QEMU_OPTION_nodefconfig:
 defconfig = false;
 break;
+case QEMU_OPTION_nouserconfig:
+userconfig = false;
+break;
 }
 }
 }
 
 if (defconfig) {
 int ret;
-ret = qemu_read_default_config_files();
+ret = qemu_read_default_config_files(userconfig);
 if (ret < 0) {
 exit(1);
 }
-- 
1.7.3.2

[Qemu-devel] [PATCH qemu 3/6] move list of default config files to an array

[Eduardo Habkost]

More files will be added to the list, with additional attributes, later.

Signed-off-by: Eduardo Habkost 
---
 arch_init.c |   25 -
 1 files changed, 16 insertions(+), 9 deletions(-)

diff --git a/arch_init.c b/arch_init.c
index 152cbbb..62332e9 100644
--- a/arch_init.c
+++ b/arch_init.c
@@ -112,20 +112,27 @@ const uint32_t arch_type = QEMU_ARCH;
 #endif
 
 
+static struct defconfig_file {
+const char *filename;
+} default_config_files[] = {
+{ CONFIG_QEMU_CONFDIR "/qemu.conf" },
+{ CONFIG_QEMU_CONFDIR "/target-" TARGET_ARCH ".conf" },
+{ NULL }, /* end of list */
+};
+
+
 int qemu_read_default_config_files(void)
 {
 int ret;
-
-ret = qemu_read_config_file(CONFIG_QEMU_CONFDIR "/qemu.conf");
-if (ret < 0 && ret != -ENOENT) {
-return ret;
-}
+struct defconfig_file *f;
 
-ret = qemu_read_config_file(CONFIG_QEMU_CONFDIR "/target-" TARGET_ARCH 
".conf");
-if (ret < 0 && ret != -ENOENT) {
-return ret;
+for (f = default_config_files; f->filename; f++) {
+ret = qemu_read_config_file(f->filename);
+if (ret < 0 && ret != -ENOENT) {
+return ret;
+}
 }
-
+
 return 0;
 }
 
-- 
1.7.3.2

[Qemu-devel] [PATCH qemu 2/6] eliminate arch_config_name variable

[Eduardo Habkost]

Not needed anymore, as the code that uses the variable is already inside
arch_init.c.

Signed-off-by: Eduardo Habkost 
---
 arch_init.c |3 +--
 arch_init.h |2 --
 2 files changed, 1 insertions(+), 4 deletions(-)

diff --git a/arch_init.c b/arch_init.c
index 4008115..152cbbb 100644
--- a/arch_init.c
+++ b/arch_init.c
@@ -54,7 +54,6 @@ int graphic_height = 600;
 int graphic_depth = 15;
 #endif
 
-const char arch_config_name[] = CONFIG_QEMU_CONFDIR "/target-" TARGET_ARCH 
".conf";
 
 #if defined(TARGET_ALPHA)
 #define QEMU_ARCH QEMU_ARCH_ALPHA
@@ -122,7 +121,7 @@ int qemu_read_default_config_files(void)
 return ret;
 }
 
-ret = qemu_read_config_file(arch_config_name);
+ret = qemu_read_config_file(CONFIG_QEMU_CONFDIR "/target-" TARGET_ARCH 
".conf");
 if (ret < 0 && ret != -ENOENT) {
 return ret;
 }
diff --git a/arch_init.h b/arch_init.h
index 828256c..c7cb94a 100644
--- a/arch_init.h
+++ b/arch_init.h
@@ -1,8 +1,6 @@
 #ifndef QEMU_ARCH_INIT_H
 #define QEMU_ARCH_INIT_H
 
-extern const char arch_config_name[];
-
 enum {
 QEMU_ARCH_ALL = -1,
 QEMU_ARCH_ALPHA = 1,
-- 
1.7.3.2

[Qemu-devel] [PATCH qemu v2 0/6] -no-user-config option, move CPU models to /usr/share

[Eduardo Habkost]

Changes v1 -> v2:
 - Move qemu_read_default_config_files() prototype to qemu-config.h
 - Make defconfig and userconfig variable bool
 - Coding style change

Patches 1 to 4 just move some code around, patch 5 just adds the new option
without adding any new config file. Patch 6 finally creates a /usr/share/qemu
/cpus-x86_64.conf file, with the CPU models we currently have on Qemu.

Reference to previous discussion:
 - http://marc.info/?l=qemu-devel&m=133278877315665


Eduardo Habkost (6):
  move code to read default config files to a separate function (v2)
  eliminate arch_config_name variable
  move list of default config files to an array
  vl.c: change 'defconfig' variable to bool
  implement -no-user-config command-line option (v2)
  move CPU definitions to /usr/share/qemu/cpus-x86_64.conf (v2)

 Makefile |   12 +++-
 arch_init.c  |   32 -
 arch_init.h  |2 -
 qemu-config.h|4 +
 qemu-options.hx  |   16 -
 sysconfigs/target/cpus-x86_64.conf   |  128 ++
 sysconfigs/target/target-x86_64.conf |  128 --
 vl.c |   18 ++---
 8 files changed, 193 insertions(+), 147 deletions(-)
 create mode 100644 sysconfigs/target/cpus-x86_64.conf

-- 
1.7.3.2

[Qemu-devel] [PATCH qemu 4/6] vl.c: change 'defconfig' variable to bool

[Eduardo Habkost]

Signed-off-by: Eduardo Habkost 
---
 vl.c |4 ++--
 1 files changed, 2 insertions(+), 2 deletions(-)

diff --git a/vl.c b/vl.c
index 1e5e593..a4f4676 100644
--- a/vl.c
+++ b/vl.c
@@ -2279,7 +2279,7 @@ int main(int argc, char **argv, char **envp)
 #ifdef CONFIG_VNC
 int show_vnc_port = 0;
 #endif
-int defconfig = 1;
+int defconfig = true;
 const char *log_mask = NULL;
 const char *log_file = NULL;
 GMemVTable mem_trace = {
@@ -2346,7 +2346,7 @@ int main(int argc, char **argv, char **envp)
 popt = lookup_opt(argc, argv, &optarg, &optind);
 switch (popt->index) {
 case QEMU_OPTION_nodefconfig:
-defconfig=0;
+defconfig = false;
 break;
 }
 }
-- 
1.7.3.2

Re: [Qemu-devel] [PATCH] fdc: simplify media change handling

[Pavel Hrdina]

On 04/24/2012 09:15 PM, Hervé Poussineau wrote:

This also (partly) fixes IBM OS/2 Warp 4.0 floppy installation, where
not all floppies have the same format (2x80x18 for the first ones,
2x80x23 for the next ones).

Signed-off-by: Hervé Poussineau
Hi, it isn't fix the media missing issue. I booted guest with media 
inserted, then eject media using qemu monitor and try to mount it. With 
this patch guest ended with kernel panic.


Pavel

Re: [Qemu-devel] [PATCH v2 0/6] block: add optional 'speed' parameter to block-stream

[Luiz Capitulino]

On Tue, 24 Apr 2012 14:53:54 +0100
Stefan Hajnoczi  wrote:

> Eric Blake raised concerns about the inability to start block jobs with a 
> speed
> limit.  Current the user needs to follow up the block-stream command with
> block-job-set-speed.  There is a window of time while the new block job is
> running but block-job-set-speed has not been processed yet.
> 
> This series adds an optional 'speed' parameter to block-stream so streaming 
> can
> be started with a speed limit that takes effect immediately.
> 
> For consistency it also renames the block-job-set-speed parameter from 'value'
> to 'speed'.  This is externally visible, but this API has not been in a QEMU
> release yet so we can still do this.
> 
> I considered several other approaches, including adding a
> default_block_job_speed field to BlockDriverState but ultimately the cleanest
> solution is to pass in a speed parameter on job creation.  This way we do not
> change semantics of existing commands, we only add an optional parameter.  We
> also do not need to add state to BlockDriverState, which is already huge and
> messy.
> 
> The last patch fixes a small bug I found in qemu-iotests 030.

Looks good to me. Is this expected to go through my tree?

Re: [Qemu-devel] [PATCH 3/4] block: add 'speed' optional parameter to block-stream

[Luiz Capitulino]

On Mon, 23 Apr 2012 16:39:48 +0100
Stefan Hajnoczi  wrote:

> Allow streaming operations to be started with an initial speed limit.
> This eliminates the window of time between starting streaming and
> issuing block-job-set-speed.  Users should use the new optional 'speed'
> parameter instead so that speed limits are in effect immediately when
> the job starts.
> 
> Signed-off-by: Stefan Hajnoczi 
> ---
>  block.c  |   18 --
>  block/stream.c   |5 +++--
>  block_int.h  |9 ++---
>  blockdev.c   |6 --
>  hmp-commands.hx  |4 ++--
>  hmp.c|4 +++-
>  qapi-schema.json |6 +-
>  qmp-commands.hx  |2 +-
>  8 files changed, 40 insertions(+), 14 deletions(-)
> 
> diff --git a/block.c b/block.c
> index 7056d8c..e3c1483 100644
> --- a/block.c
> +++ b/block.c
> @@ -4072,8 +4072,8 @@ out:
>  }
>  
>  void *block_job_create(const BlockJobType *job_type, BlockDriverState *bs,
> -   BlockDriverCompletionFunc *cb, void *opaque,
> -   Error **errp)
> +   int64_t speed, BlockDriverCompletionFunc *cb,
> +   void *opaque, Error **errp)
>  {
>  BlockJob *job;
>  
> @@ -4089,6 +4089,20 @@ void *block_job_create(const BlockJobType *job_type, 
> BlockDriverState *bs,
>  job->cb= cb;
>  job->opaque= opaque;
>  bs->job = job;
> +
> +/* Only set speed when necessary to avoid NotSupported error */
> +if (speed != 0) {

Missed this small detail. Ideally, you should test against has_speed, but
I think that there are only two possibilities for a false negativehere:
1. the client/user expects speed=0 to "work" 2. 'speed' is (probably
incorrectly) initialized to some value != 0.

> +Error *local_err = NULL;
> +
> +block_job_set_speed(job, speed, &local_err);
> +if (error_is_set(&local_err)) {
> +bs->job = NULL;
> +g_free(job);
> +bdrv_set_in_use(bs, 0);
> +error_propagate(errp, local_err);
> +return NULL;
> +}
> +}
>  return job;
>  }
>  
> diff --git a/block/stream.c b/block/stream.c
> index f0486a3..dc15fb6 100644
> --- a/block/stream.c
> +++ b/block/stream.c
> @@ -281,13 +281,14 @@ static BlockJobType stream_job_type = {
>  };
>  
>  void stream_start(BlockDriverState *bs, BlockDriverState *base,
> -  const char *base_id, BlockDriverCompletionFunc *cb,
> +  const char *base_id, int64_t speed,
> +  BlockDriverCompletionFunc *cb,
>void *opaque, Error **errp)
>  {
>  StreamBlockJob *s;
>  Coroutine *co;
>  
> -s = block_job_create(&stream_job_type, bs, cb, opaque, errp);
> +s = block_job_create(&stream_job_type, bs, speed, cb, opaque, errp);
>  if (!s) {
>  return; /* bs must already be in use */
>  }
> diff --git a/block_int.h b/block_int.h
> index 6015c27..bffca35 100644
> --- a/block_int.h
> +++ b/block_int.h
> @@ -343,6 +343,7 @@ int is_windows_drive(const char *filename);
>   * block_job_create:
>   * @job_type: The class object for the newly-created job.
>   * @bs: The block
> + * @speed: The maximum speed, in bytes per second, or 0 for unlimited.
>   * @cb: Completion function for the job.
>   * @opaque: Opaque pointer value passed to @cb.
>   * @errp: A location to return DeviceInUse.
> @@ -357,8 +358,8 @@ int is_windows_drive(const char *filename);
>   * called from a wrapper that is specific to the job type.
>   */
>  void *block_job_create(const BlockJobType *job_type, BlockDriverState *bs,
> -   BlockDriverCompletionFunc *cb, void *opaque,
> -   Error **errp);
> +   int64_t speed, BlockDriverCompletionFunc *cb,
> +   void *opaque, Error **errp);
>  
>  /**
>   * block_job_complete:
> @@ -417,6 +418,7 @@ void block_job_cancel_sync(BlockJob *job);
>   * flatten the whole backing file chain onto @bs.
>   * @base_id: The file name that will be written to @bs as the new
>   * backing file if the job completes.  Ignored if @base is %NULL.
> + * @speed: The maximum speed, in bytes per second, or 0 for unlimited.
>   * @cb: Completion function for the job.
>   * @opaque: Opaque pointer value passed to @cb.
>   * @errp: A location to return DeviceInUse.
> @@ -428,7 +430,8 @@ void block_job_cancel_sync(BlockJob *job);
>   * @base_id in the written image and to @base in the live BlockDriverState.
>   */
>  void stream_start(BlockDriverState *bs, BlockDriverState *base,
> -  const char *base_id, BlockDriverCompletionFunc *cb,
> +  const char *base_id, int64_t speed,
> +  BlockDriverCompletionFunc *cb,
>void *opaque, Error **errp);
>  
>  #endif /* BLOCK_INT_H */
> diff --git a/blockdev.c b/blockdev.c
> index c484259..f18af16 100644
> --- a/blockdev.c
> +++ b/blockdev.c
> @@ -1091,7 +1091,8 @@ stat

Re: [Qemu-devel] [PATCH] Fix IDE FDC emulation for no media

[Hervé Poussineau]

Hi,

Pavel Hrdina a écrit :

On 04/24/2012 09:48 AM, Andreas Färber wrote:

Am 23.04.2012 18:06, schrieb Pavel Hrdina:

Hi,
this is the patch to fix incorrect handling of IDE floppy drive 
controller emulation
when no media is present. If the guest is booted without a media then 
the drive
was not being emulated at all but this patch enables the emulation 
with no media present.


There was a bug in FDC emulation without media. Driver was not able 
to recognize that

there is no media in drive.


>>> [...]

I just sent a patch to simplify media change handling [1].
Can you try to see if it fixes your problem?

Regards

Hervé

[1] http://article.gmane.org/gmane.comp.emulators.qemu/148187

[Qemu-devel] [PATCH] fdc: simplify media change handling

[Hervé Poussineau]

This also (partly) fixes IBM OS/2 Warp 4.0 floppy installation, where
not all floppies have the same format (2x80x18 for the first ones,
2x80x23 for the next ones).

Signed-off-by: Hervé Poussineau 
---
 hw/fdc.c |   29 +++--
 1 file changed, 11 insertions(+), 18 deletions(-)

diff --git a/hw/fdc.c b/hw/fdc.c
index a0236b7..bc0c3f6 100644
--- a/hw/fdc.c
+++ b/hw/fdc.c
@@ -702,6 +702,15 @@ static void fdctrl_raise_irq(FDCtrl *fdctrl, uint8_t 
status0)
 qemu_set_irq(fdctrl->irq, 1);
 fdctrl->sra |= FD_SRA_INTPEND;
 }
+if (status0 & FD_SR0_SEEK) {
+FDrive *cur_drv;
+/* A seek clears the disk change line (if a disk is inserted) */
+cur_drv = get_cur_drv(fdctrl);
+if (cur_drv->max_track) {
+cur_drv->media_changed = 0;
+}
+}
+
 fdctrl->reset_sensei = 0;
 fdctrl->status0 = status0;
 FLOPPY_DPRINTF("Set interrupt status to 0x%02x\n", fdctrl->status0);
@@ -933,23 +942,7 @@ static void fdctrl_write_ccr(FDCtrl *fdctrl, uint32_t 
value)
 
 static int fdctrl_media_changed(FDrive *drv)
 {
-int ret;
-
-if (!drv->bs)
-return 0;
-if (drv->media_changed) {
-drv->media_changed = 0;
-ret = 1;
-} else {
-ret = bdrv_media_changed(drv->bs);
-if (ret < 0) {
-ret = 0;/* we don't know, assume no */
-}
-}
-if (ret) {
-fd_revalidate(drv);
-}
-return ret;
+return drv->media_changed;
 }
 
 /* Digital input register : 0x07 (read-only) */
@@ -1853,6 +1846,7 @@ static void fdctrl_change_cb(void *opaque, bool load)
 FDrive *drive = opaque;
 
 drive->media_changed = 1;
+fd_revalidate(drive);
 }
 
 static const BlockDevOps fdctrl_block_ops = {
@@ -1883,7 +1877,6 @@ static int fdctrl_connect_drives(FDCtrl *fdctrl)
 fd_init(drive);
 fd_revalidate(drive);
 if (drive->bs) {
-drive->media_changed = 1;
 bdrv_set_dev_ops(drive->bs, &fdctrl_block_ops, drive);
 }
 }
-- 
1.7.9.5

Re: [Qemu-devel] [PATCH v2 4/6] block: add 'speed' optional parameter to block-stream

[Luiz Capitulino]

On Tue, 24 Apr 2012 14:53:58 +0100
Stefan Hajnoczi  wrote:

> Allow streaming operations to be started with an initial speed limit.
> This eliminates the window of time between starting streaming and
> issuing block-job-set-speed.  Users should use the new optional 'speed'
> parameter instead so that speed limits are in effect immediately when
> the job starts.
> 
> Signed-off-by: Stefan Hajnoczi 
> ---
>  block.c  |   18 --
>  block/stream.c   |5 +++--
>  block_int.h  |9 ++---
>  blockdev.c   |6 --
>  hmp-commands.hx  |4 ++--
>  hmp.c|4 +++-
>  qapi-schema.json |6 +-
>  qmp-commands.hx  |2 +-
>  8 files changed, 40 insertions(+), 14 deletions(-)
> 
> diff --git a/block.c b/block.c
> index 1ab6e52..43c794c 100644
> --- a/block.c
> +++ b/block.c
> @@ -4083,8 +4083,8 @@ out:
>  }
>  
>  void *block_job_create(const BlockJobType *job_type, BlockDriverState *bs,
> -   BlockDriverCompletionFunc *cb, void *opaque,
> -   Error **errp)
> +   int64_t speed, BlockDriverCompletionFunc *cb,
> +   void *opaque, Error **errp)
>  {
>  BlockJob *job;
>  
> @@ -4100,6 +4100,20 @@ void *block_job_create(const BlockJobType *job_type, 
> BlockDriverState *bs,
>  job->cb= cb;
>  job->opaque= opaque;
>  bs->job = job;
> +
> +/* Only set speed when necessary to avoid NotSupported error */
> +if (speed != 0) {
> +Error *local_err = NULL;
> +
> +block_job_set_speed(job, speed, &local_err);
> +if (error_is_set(&local_err)) {
> +bs->job = NULL;
> +g_free(job);
> +bdrv_set_in_use(bs, 0);
> +error_propagate(errp, local_err);
> +return NULL;
> +}
> +}
>  return job;
>  }
>  
> diff --git a/block/stream.c b/block/stream.c
> index b66242a..6724af2 100644
> --- a/block/stream.c
> +++ b/block/stream.c
> @@ -281,13 +281,14 @@ static BlockJobType stream_job_type = {
>  };
>  
>  void stream_start(BlockDriverState *bs, BlockDriverState *base,
> -  const char *base_id, BlockDriverCompletionFunc *cb,
> +  const char *base_id, int64_t speed,
> +  BlockDriverCompletionFunc *cb,
>void *opaque, Error **errp)
>  {
>  StreamBlockJob *s;
>  Coroutine *co;
>  
> -s = block_job_create(&stream_job_type, bs, cb, opaque, errp);
> +s = block_job_create(&stream_job_type, bs, speed, cb, opaque, errp);
>  if (!s) {
>  return;
>  }
> diff --git a/block_int.h b/block_int.h
> index 9d8bebf..3824e54 100644
> --- a/block_int.h
> +++ b/block_int.h
> @@ -344,6 +344,7 @@ int is_windows_drive(const char *filename);
>   * block_job_create:
>   * @job_type: The class object for the newly-created job.
>   * @bs: The block
> + * @speed: The maximum speed, in bytes per second, or 0 for unlimited.
>   * @cb: Completion function for the job.
>   * @opaque: Opaque pointer value passed to @cb.
>   * @errp: A location to return DeviceInUse.
> @@ -358,8 +359,8 @@ int is_windows_drive(const char *filename);
>   * called from a wrapper that is specific to the job type.
>   */
>  void *block_job_create(const BlockJobType *job_type, BlockDriverState *bs,
> -   BlockDriverCompletionFunc *cb, void *opaque,
> -   Error **errp);
> +   int64_t speed, BlockDriverCompletionFunc *cb,
> +   void *opaque, Error **errp);
>  
>  /**
>   * block_job_complete:
> @@ -418,6 +419,7 @@ void block_job_cancel_sync(BlockJob *job);
>   * flatten the whole backing file chain onto @bs.
>   * @base_id: The file name that will be written to @bs as the new
>   * backing file if the job completes.  Ignored if @base is %NULL.
> + * @speed: The maximum speed, in bytes per second, or 0 for unlimited.
>   * @cb: Completion function for the job.
>   * @opaque: Opaque pointer value passed to @cb.
>   * @errp: A location to return DeviceInUse.
> @@ -429,7 +431,8 @@ void block_job_cancel_sync(BlockJob *job);
>   * @base_id in the written image and to @base in the live BlockDriverState.
>   */
>  void stream_start(BlockDriverState *bs, BlockDriverState *base,
> -  const char *base_id, BlockDriverCompletionFunc *cb,
> +  const char *base_id, int64_t speed,
> +  BlockDriverCompletionFunc *cb,
>void *opaque, Error **errp);
>  
>  #endif /* BLOCK_INT_H */
> diff --git a/blockdev.c b/blockdev.c
> index 80b62c3..d25ffea 100644
> --- a/blockdev.c
> +++ b/blockdev.c
> @@ -1091,7 +1091,8 @@ static void block_stream_cb(void *opaque, int ret)
>  }
>  
>  void qmp_block_stream(const char *device, bool has_base,
> -  const char *base, Error **errp)
> +  const char *base, bool has_speed,
> +  int64_t speed, Error **errp)
>  {
>  

[Qemu-devel] [PATCH V3 4/4] hw: add Atmel maxtouch touchscreen implementation

[Igor Mitsyanko]

And use it for exynos4210 NURI board emulation

Signed-off-by: Igor Mitsyanko 
---
 Makefile.objs   |1 +
 default-configs/arm-softmmu.mak |1 +
 hw/exynos4_boards.c |   11 +-
 hw/maxtouch.c   | 1114 +++
 4 files changed, 1124 insertions(+), 3 deletions(-)
 create mode 100644 hw/maxtouch.c

diff --git a/Makefile.objs b/Makefile.objs
index 6d6f24d..d2a53b4 100644
--- a/Makefile.objs
+++ b/Makefile.objs
@@ -250,6 +250,7 @@ hw-obj-$(CONFIG_SMARTCARD) += usb/dev-smartcard-reader.o 
ccid-card-passthru.o
 hw-obj-$(CONFIG_SMARTCARD_NSS) += ccid-card-emulated.o
 hw-obj-$(CONFIG_USB_REDIR) += usb/redirect.o
 hw-obj-$(CONFIG_I8259) += i8259_common.o i8259.o
+hw-obj-$(CONFIG_MAXTOUCH) += maxtouch.o
 
 # PPC devices
 hw-obj-$(CONFIG_PREP_PCI) += prep_pci.o
diff --git a/default-configs/arm-softmmu.mak b/default-configs/arm-softmmu.mak
index e542b4f..7666748 100644
--- a/default-configs/arm-softmmu.mak
+++ b/default-configs/arm-softmmu.mak
@@ -27,3 +27,4 @@ CONFIG_SMC91C111=y
 CONFIG_DS1338=y
 CONFIG_PFLASH_CFI01=y
 CONFIG_PFLASH_CFI02=y
+CONFIG_MAXTOUCH=y
diff --git a/hw/exynos4_boards.c b/hw/exynos4_boards.c
index c02921b..4368aa1 100644
--- a/hw/exynos4_boards.c
+++ b/hw/exynos4_boards.c
@@ -28,6 +28,7 @@
 #include "exec-memory.h"
 #include "exynos4210.h"
 #include "boards.h"
+#include "i2c.h"
 
 #undef DEBUG
 
@@ -44,6 +45,7 @@
 #endif
 
 #define SMDK_LAN9118_BASE_ADDR  0x0500
+#define MAXTOUCH_TS_I2C_ADDR0x4a
 
 typedef enum Exynos4BoardType {
 EXYNOS4_BOARD_NURI,
@@ -135,9 +137,12 @@ static void nuri_init(ram_addr_t ram_size,
 const char *kernel_filename, const char *kernel_cmdline,
 const char *initrd_filename, const char *cpu_model)
 {
-exynos4_boards_init_common(kernel_filename, kernel_cmdline,
-initrd_filename, EXYNOS4_BOARD_NURI);
-
+Exynos4210State *s = exynos4_boards_init_common(kernel_filename,
+kernel_cmdline, initrd_filename, EXYNOS4_BOARD_NURI);
+DeviceState *dev =
+i2c_create_slave(s->i2c_if[3], "maxtouch.var0", MAXTOUCH_TS_I2C_ADDR);
+qdev_connect_gpio_out(dev, 0, qdev_get_gpio_in(s->gpio2x,
+EXYNOS4210_GPIO2X_LINE(GPX0, 4)));
 arm_load_kernel(first_cpu, &exynos4_board_binfo);
 }
 
diff --git a/hw/maxtouch.c b/hw/maxtouch.c
new file mode 100644
index 000..899c7f6
--- /dev/null
+++ b/hw/maxtouch.c
@@ -0,0 +1,1114 @@
+/*
+ *  Atmel maXTouch touchscreen emulation
+ *
+ *  Copyright (c) 2012 Samsung Electronics Co., Ltd.
+ *Igor Mitsyanko  
+ *
+ *  This program is free software; you can redistribute it and/or modify it
+ *  under the terms of the GNU General Public License as published by the
+ *  Free Software Foundation; either version 2 of the License, or
+ *  (at your option) any later version.
+ *
+ *  This program is distributed in the hope that it will be useful, but WITHOUT
+ *  ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
+ *  FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
+ *  for more details.
+ *
+ *  You should have received a copy of the GNU General Public License along
+ *  with this program; if not, see .
+ *
+ */
+
+#include "i2c.h"
+#include "console.h"
+
+#ifndef MXT_DEBUG
+#define MXT_DEBUG 0
+#endif
+
+/* Fifo length must be a power of 2 */
+#define MXT_MESSAGE_FIFO_LEN  16
+#define MXT_MESSAGE_FIFO_MASK (MXT_MESSAGE_FIFO_LEN - 1)
+/* Maxtouch supports up to 10 concurrent touches, but we emulate 3 since common
+ * PC mouse has only 3 buttons. Exact meaning of each touch (each mouse button
+ * press) is defined by target userspace application only */
+#define MXT_NUM_OF_TOUCHES3
+#define MXT_CRC_POLY  0x80001B
+#define MXT_CRC_SIZE  3
+/* Maximum value of x and y coordinate in QEMU mouse event callback */
+#define MXT_QEMU_MAX_COORD0x7FFF
+
+/* Each maXTouch device consists of a certain number of subdevices (objects)
+ * with code names like T5, T6, T9, e.t.c. Each object implements only a 
portion
+ * of maXTouch functionality. For example, touch detection is performed
+ * by T9 object, but information about touch state changes is generated (and 
can
+ * be read) only in T5 object.
+ * Various variants of maXTouch can have different set of objects placed at
+ * different addresses within maXtouch address space. Composition of objects
+ * is described by mandatory Object Table which starts at address 0x7.
+ * Length of object table (i.e. number of objects) of this exact variant of
+ * maXTouch can be read from address 0x6 */
+#define MXT_OBJTBL_ENTRY_LEN  6
+/* Offsets within one object table entry */
+/* Object type code */
+#define MXT_OBJTBL_TYPE   0x0
+/* Start address of object registers within maxTouch address space */
+#define MXT_OBJTBL_START_LSB  0x

Re: [Qemu-devel] [PATCH v2 3/6] block: change block-job-set-speed argument from 'value' to 'speed'

[Luiz Capitulino]

On Tue, 24 Apr 2012 09:03:06 -0600
Eric Blake  wrote:

> > +++ b/hmp-commands.hx
> > @@ -85,8 +85,8 @@ ETEXI
> >  
> >  {
> >  .name   = "block_job_set_speed",
> > -.args_type  = "device:B,value:o",
> > -.params = "device value",
> > +.args_type  = "device:B,speed:o",
> > +.params = "device speed",
> 
> For that matter, can the :o type _ever_ usefully allow negative values,
> or is it always an unsigned calculation?

It does allow for negative values. As an example, migrate_set_speed rounds
the value to zero if it's negative.

[Qemu-devel] [PATCH V3 1/4] exynos4210: add Exynos4210 i2c implementation

[Igor Mitsyanko]

Create 9 exynos4210 i2c interfaces.

Signed-off-by: Igor Mitsyanko 
Reviewed-by: Andreas Färber 
---
 Makefile.target |1 +
 hw/exynos4210.c |   27 
 hw/exynos4210.h |3 +
 hw/exynos4210_i2c.c |  334 +++
 4 files changed, 365 insertions(+), 0 deletions(-)
 create mode 100644 hw/exynos4210_i2c.c

diff --git a/Makefile.target b/Makefile.target
index 7eda443..c7c4cbd 100644
--- a/Makefile.target
+++ b/Makefile.target
@@ -375,6 +375,7 @@ obj-arm-y += realview_gic.o realview.o arm_sysctl.o 
arm11mpcore.o a9mpcore.o
 obj-arm-y += exynos4210_gic.o exynos4210_combiner.o exynos4210.o
 obj-arm-y += exynos4_boards.o exynos4210_uart.o exynos4210_pwm.o
 obj-arm-y += exynos4210_pmu.o exynos4210_mct.o exynos4210_fimd.o
+obj-arm-y += exynos4210_i2c.o
 obj-arm-y += arm_l2x0.o
 obj-arm-y += arm_mptimer.o a15mpcore.o
 obj-arm-y += armv7m.o armv7m_nvic.o stellaris.o pl022.o stellaris_enet.o
diff --git a/hw/exynos4210.c b/hw/exynos4210.c
index afc4bdc..6a4280c 100644
--- a/hw/exynos4210.c
+++ b/hw/exynos4210.c
@@ -36,6 +36,13 @@
 /* MCT */
 #define EXYNOS4210_MCT_BASE_ADDR   0x1005
 
+/* I2C */
+#define EXYNOS4210_I2C_SHIFT   0x0001
+#define EXYNOS4210_I2C_BASE_ADDR   0x1386
+/* Interrupt Group of External Interrupt Combiner for I2C */
+#define EXYNOS4210_I2C_INTG27
+#define EXYNOS4210_HDMI_INTG   16
+
 /* UART's definitions */
 #define EXYNOS4210_UART0_BASE_ADDR 0x1380
 #define EXYNOS4210_UART1_BASE_ADDR 0x1381
@@ -272,6 +279,26 @@ Exynos4210State *exynos4210_init(MemoryRegion *system_mem,
 s->irq_table[exynos4210_get_irq(35, 3)]);
 sysbus_mmio_map(busdev, 0, EXYNOS4210_MCT_BASE_ADDR);
 
+/*** I2C ***/
+for (n = 0; n < EXYNOS4210_I2C_NUMBER; n++) {
+uint32_t addr = EXYNOS4210_I2C_BASE_ADDR + EXYNOS4210_I2C_SHIFT * n;
+qemu_irq i2c_irq;
+
+if (n < 8) {
+i2c_irq = s->irq_table[exynos4210_get_irq(EXYNOS4210_I2C_INTG, n)];
+} else {
+i2c_irq = s->irq_table[exynos4210_get_irq(EXYNOS4210_HDMI_INTG, 
1)];
+}
+
+dev = qdev_create(NULL, "exynos4210.i2c");
+qdev_init_nofail(dev);
+busdev = sysbus_from_qdev(dev);
+sysbus_connect_irq(busdev, 0, i2c_irq);
+sysbus_mmio_map(busdev, 0, addr);
+s->i2c_if[n] = (i2c_bus *)qdev_get_child_bus(dev, "i2c");
+}
+
+
 /*** UARTs ***/
 exynos4210_uart_create(EXYNOS4210_UART0_BASE_ADDR,
EXYNOS4210_UART0_FIFO_SIZE, 0, NULL,
diff --git a/hw/exynos4210.h b/hw/exynos4210.h
index f7c7027..e69b048 100644
--- a/hw/exynos4210.h
+++ b/hw/exynos4210.h
@@ -74,6 +74,8 @@
 #define EXYNOS4210_EXT_GIC_NIRQ (160-32)
 #define EXYNOS4210_INT_GIC_NIRQ 64
 
+#define EXYNOS4210_I2C_NUMBER   9
+
 typedef struct Exynos4210Irq {
 qemu_irq int_combiner_irq[EXYNOS4210_MAX_INT_COMBINER_IN_IRQ];
 qemu_irq ext_combiner_irq[EXYNOS4210_MAX_EXT_COMBINER_IN_IRQ];
@@ -95,6 +97,7 @@ typedef struct Exynos4210State {
 MemoryRegion dram1_mem;
 MemoryRegion boot_secondary;
 MemoryRegion bootreg_mem;
+i2c_bus *i2c_if[EXYNOS4210_I2C_NUMBER];
 } Exynos4210State;
 
 void exynos4210_write_secondary(CPUARMState *env,
diff --git a/hw/exynos4210_i2c.c b/hw/exynos4210_i2c.c
new file mode 100644
index 000..fa10bfb
--- /dev/null
+++ b/hw/exynos4210_i2c.c
@@ -0,0 +1,334 @@
+/*
+ *  Exynos4210 I2C Bus Serial Interface Emulation
+ *
+ *  Copyright (C) 2012 Samsung Electronics Co Ltd.
+ *Maksim Kozlov, 
+ *Igor Mitsyanko, 
+ *
+ *  This program is free software; you can redistribute it and/or modify it
+ *  under the terms of the GNU General Public License as published by the
+ *  Free Software Foundation; either version 2 of the License, or
+ *  (at your option) any later version.
+ *
+ *  This program is distributed in the hope that it will be useful, but WITHOUT
+ *  ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
+ *  FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
+ *  for more details.
+ *
+ *  You should have received a copy of the GNU General Public License along
+ *  with this program; if not, see .
+ *
+ */
+
+#include "qemu-timer.h"
+#include "sysbus.h"
+#include "i2c.h"
+
+#ifndef EXYNOS4_I2C_DEBUG
+#define EXYNOS4_I2C_DEBUG 0
+#endif
+
+#define TYPE_EXYNOS4_I2C  "exynos4210.i2c"
+#define EXYNOS4_I2C(obj)  \
+OBJECT_CHECK(Exynos4210I2CState, (obj), TYPE_EXYNOS4_I2C)
+
+/* Exynos4210 I2C memory map */
+#define EXYNOS4_I2C_MEM_SIZE  0x14
+#define I2CCON_ADDR   0x00  /* control register */
+#define I2CSTAT_ADDR  0x04  /* control/status register */
+#define I2CADD_ADDR   0x08  /* address register */
+#define I2CDS_ADDR0x0c  /* data shift register */
+#define I2CLC_ADDR

Re: [Qemu-devel] [PATCH v2 1/6] block: use Error mechanism instead of -errno for block_job_create()

[Luiz Capitulino]

On Tue, 24 Apr 2012 14:53:55 +0100
Stefan Hajnoczi  wrote:

> The block job API uses -errno return values internally and we convert
> these to Error in the QMP functions.  This is ugly because the Error
> should be created at the point where we still have all the relevant
> information.  More importantly, it is hard to add new error cases to
> this case since we quickly run out of -errno values without losing
> information.
> 
> Go ahead an use Error directly and don't convert later.
> 
> Signed-off-by: Stefan Hajnoczi 
> ---
>  block.c|4 +++-
>  block/stream.c |   11 +--
>  block_int.h|   11 +++
>  blockdev.c |   16 +---
>  4 files changed, 20 insertions(+), 22 deletions(-)
> 
> diff --git a/block.c b/block.c
> index fe74ddd..2b72a0f 100644
> --- a/block.c
> +++ b/block.c
> @@ -4083,11 +4083,13 @@ out:
>  }
>  
>  void *block_job_create(const BlockJobType *job_type, BlockDriverState *bs,
> -   BlockDriverCompletionFunc *cb, void *opaque)
> +   BlockDriverCompletionFunc *cb, void *opaque,
> +   Error **errp)
>  {
>  BlockJob *job;
>  
>  if (bs->job || bdrv_in_use(bs)) {
> +error_set(errp, QERR_DEVICE_IN_USE, bdrv_get_device_name(bs));
>  return NULL;
>  }
>  bdrv_set_in_use(bs, 1);
> diff --git a/block/stream.c b/block/stream.c
> index 0efe1ad..7002dc8 100644
> --- a/block/stream.c
> +++ b/block/stream.c
> @@ -280,16 +280,16 @@ static BlockJobType stream_job_type = {
>  .set_speed = stream_set_speed,
>  };
>  
> -int stream_start(BlockDriverState *bs, BlockDriverState *base,
> - const char *base_id, BlockDriverCompletionFunc *cb,
> - void *opaque)
> +void stream_start(BlockDriverState *bs, BlockDriverState *base,
> +  const char *base_id, BlockDriverCompletionFunc *cb,
> +  void *opaque, Error **errp)
>  {
>  StreamBlockJob *s;
>  Coroutine *co;
>  
> -s = block_job_create(&stream_job_type, bs, cb, opaque);
> +s = block_job_create(&stream_job_type, bs, cb, opaque, errp);
>  if (!s) {
> -return -EBUSY; /* bs must already be in use */
> +return;
>  }
>  
>  s->base = base;
> @@ -300,5 +300,4 @@ int stream_start(BlockDriverState *bs, BlockDriverState 
> *base,
>  co = qemu_coroutine_create(stream_run);
>  trace_stream_start(bs, base, s, co, opaque);
>  qemu_coroutine_enter(co, s);
> -return 0;
>  }
> diff --git a/block_int.h b/block_int.h
> index 0acb49f..8cf6ce9 100644
> --- a/block_int.h
> +++ b/block_int.h
> @@ -346,6 +346,7 @@ int is_windows_drive(const char *filename);
>   * @bs: The block
>   * @cb: Completion function for the job.
>   * @opaque: Opaque pointer value passed to @cb.
> + * @errp: A location to return DeviceInUse.

Quite minor, but this is not a good description. I'd say just "Error object".

>   *
>   * Create a new long-running block device job and return it.  The job
>   * will call @cb asynchronously when the job completes.  Note that
> @@ -357,7 +358,8 @@ int is_windows_drive(const char *filename);
>   * called from a wrapper that is specific to the job type.
>   */
>  void *block_job_create(const BlockJobType *job_type, BlockDriverState *bs,
> -   BlockDriverCompletionFunc *cb, void *opaque);
> +   BlockDriverCompletionFunc *cb, void *opaque,
> +   Error **errp);
>  
>  /**
>   * block_job_complete:
> @@ -417,6 +419,7 @@ void block_job_cancel_sync(BlockJob *job);
>   * backing file if the job completes.  Ignored if @base is %NULL.
>   * @cb: Completion function for the job.
>   * @opaque: Opaque pointer value passed to @cb.
> + * @errp: A location to return DeviceInUse.
>   *
>   * Start a streaming operation on @bs.  Clusters that are unallocated
>   * in @bs, but allocated in any image between @base and @bs (both
> @@ -424,8 +427,8 @@ void block_job_cancel_sync(BlockJob *job);
>   * streaming job, the backing file of @bs will be changed to
>   * @base_id in the written image and to @base in the live BlockDriverState.
>   */
> -int stream_start(BlockDriverState *bs, BlockDriverState *base,
> - const char *base_id, BlockDriverCompletionFunc *cb,
> - void *opaque);
> +void stream_start(BlockDriverState *bs, BlockDriverState *base,
> +  const char *base_id, BlockDriverCompletionFunc *cb,
> +  void *opaque, Error **errp);
>  
>  #endif /* BLOCK_INT_H */
> diff --git a/blockdev.c b/blockdev.c
> index 0c2440e..a411477 100644
> --- a/blockdev.c
> +++ b/blockdev.c
> @@ -1095,7 +1095,7 @@ void qmp_block_stream(const char *device, bool has_base,
>  {
>  BlockDriverState *bs;
>  BlockDriverState *base_bs = NULL;
> -int ret;
> +Error *local_err = NULL;
>  
>  bs = bdrv_find(device);
>  if (!bs) {
> @@ -,16 +,10 @@ void qmp_block_stream(const char *device, bool 
> has_base,

[Qemu-devel] [PATCH V3 2/4] vmstate.h: introduce VMSTATE_STRUCT_ARRAY_POINTER_TEST_V

[Igor Mitsyanko]

It could be used to save/load array of structs with statically known length
pointed by device state member.

Signed-off-by: Igor Mitsyanko 
---
 vmstate.h |   14 ++
 1 files changed, 14 insertions(+), 0 deletions(-)

diff --git a/vmstate.h b/vmstate.h
index 82d97ae..69e8ac1 100644
--- a/vmstate.h
+++ b/vmstate.h
@@ -323,6 +323,20 @@ extern const VMStateInfo vmstate_info_unused_buffer;
 .offset = vmstate_offset_pointer(_state, _field, _type), \
 }
 
+#define VMSTATE_STRUCT_ARRAY_POINTER_TEST_V(_field, _state, _num, _version, 
_test, _vmsd, _type) { \
+.name   = (stringify(_field)),   \
+.version_id = (_version),\
+.field_exists = (_test), \
+.size   = sizeof(_type), \
+.num= (_num),\
+.vmsd   = &(_vmsd),  \
+.flags  = VMS_POINTER | VMS_STRUCT | VMS_ARRAY,  \
+.offset = vmstate_offset_pointer(_state, _field, _type), \
+}
+
+#define VMSTATE_STRUCT_ARRAY_POINTER(_field, _state, _num, _vmsd, _type)  \
+VMSTATE_STRUCT_ARRAY_POINTER_TEST_V(_field, _state, _num, 0, NULL, _vmsd, 
_type)
+
 #define VMSTATE_STRUCT_VARRAY_INT32(_field, _state, _field_num, _version, 
_vmsd, _type) { \
 .name   = (stringify(_field)),   \
 .num_offset = vmstate_offset_value(_state, _field_num, int32_t), \
-- 
1.7.4.1

[Qemu-devel] [PATCH V3 0/4] Exynos: i2c, gpio and touchscreen support for NURI board

[Igor Mitsyanko]

This patchset adds Exynos4210 i2c and GPIO implementation along with Atmel MXT 
touchscreen
which is used for NURI board emulation.

v2->v3
- static TypeInfos are made const.
- added spaces after "do {".
- "All rights reserved" sentence is droped from license.
- names are fixed according to conventions.

 PATCH1:
- introduced scl_free member of exynos4210 i2c state. As it turned out, 
real hardware
  generates level-triggered interrupt while scl line is kept low, scl_free 
member models
  this behaviour. This fixes a bug when i2c generates receiving of extra 
data byte.
- exynos4210 i2c slave device droped.
- added missing i2caddr in vmstate.
- timers are droped.
- debug array containing i2c registers names replaced with a function.
 NEW PATCH2:
introduce VMSTATE_STRUCT_ARRAY_POINTER_TEST_V macro in vmstate.h, it'll be 
used later in PATCH3
 PATCH3(prev PATCH2):
- each GPIO part now has its own init, realize, read/write and reset 
functions.
- if portgroup control register value changes, out_cb is called only if pin 
is configured as output.
- num_of_ports and num_of_portints members are droped.
 PATCH4(prev PATCH3):
- use "s" instead of cpu.
- enums are writen in one column now.
- use ARRAY_SIZE for array sizes.
- mxt bjects registers are now saved in vmstate.
- fix bug when touchscreen sent an extra zero byte.
- coordinate offsets are droped, scale coef is of a "double" type now. This 
increases coordinate
  conversion precision a lot.
- coordinate threshold added.

v1->v2
- QOM-related patches are droped (they have already been accepted);
- Added indendations for second and subsequent lines of multiple-line macro 
definitions;
- Weird big spaces after .field members of VMStateDescriptions are replaced 
with single space;
- maxtouch.c is not ARM target specific from now on.

Igor Mitsyanko (4):
  exynos4210: add Exynos4210 i2c implementation
  vmstate.h: introduce VMSTATE_STRUCT_ARRAY_POINTER_TEST_V
  exynos4210: add exynos4210 GPIO implementation
  hw: add Atmel maxtouch touchscreen implementation

 Makefile.objs   |1 +
 Makefile.target |1 +
 default-configs/arm-softmmu.mak |1 +
 hw/exynos4210.c |   74 ++
 hw/exynos4210.h |   67 ++
 hw/exynos4210_gpio.c| 1407 +++
 hw/exynos4210_i2c.c |  334 ++
 hw/exynos4_boards.c |   13 +-
 hw/maxtouch.c   | 1114 +++
 vmstate.h   |   14 +
 10 files changed, 3022 insertions(+), 4 deletions(-)
 create mode 100644 hw/exynos4210_gpio.c
 create mode 100644 hw/exynos4210_i2c.c
 create mode 100644 hw/maxtouch.c

-- 
1.7.4.1

Re: [Qemu-devel] [PATCH v8 4/4] use inet_listen()/inet_connect() to support ipv6 migration

[Michael Roth]

On Fri, Apr 20, 2012 at 12:43:57PM +0800, Amos Kong wrote:
> Use help functions in qemu-socket.c for tcp migration,
> which already support ipv6 addresses.
> 
> Currently errp will be set to UNDEFINED_ERROR when migration fails,
> qemu would output "migration failed: ...", and current user can
> see a message("An undefined error has occurred") in monitor.
> 
> This patch changed tcp_start_outgoing_migration()/inet_connect()
> /inet_connect_opts(), socket error would be passed back,
> then current user can see a meaningful err message in monitor.
> 
> Qemu will exit if listening fails, so output socket error
> to qemu stderr.
> 
> For IPv6 brackets must be mandatory if you require a port.
> Referencing to RFC5952, the recommended format is:
>   [2312::8274]:5200
> 
> test status: Successed
> listen side: qemu-kvm  -incoming tcp:[2312::8274]:5200
> client side: qemu-kvm ...
>  (qemu) migrate -d tcp:[2312::8274]:5200
> 
> ---
> Changes from v7:
> - add unknown error process
> 
> Signed-off-by: Amos Kong 

Reviewed-by: Michael Roth 

> ---
>  migration-tcp.c |   77 
> +++
>  migration.c |   14 ++
>  migration.h |7 +++--
>  vl.c|6 
>  4 files changed, 38 insertions(+), 66 deletions(-)
> 
> diff --git a/migration-tcp.c b/migration-tcp.c
> index 35a5781..440804d 100644
> --- a/migration-tcp.c
> +++ b/migration-tcp.c
> @@ -79,45 +79,32 @@ static void tcp_wait_for_connect(void *opaque)
>  }
>  }
> 
> -int tcp_start_outgoing_migration(MigrationState *s, const char *host_port)
> +int tcp_start_outgoing_migration(MigrationState *s, const char *host_port,
> + Error **errp)
>  {
> -struct sockaddr_in addr;
> -int ret;
> -
> -ret = parse_host_port(&addr, host_port);
> -if (ret < 0) {
> -return ret;
> -}
> -
>  s->get_error = socket_errno;
>  s->write = socket_write;
>  s->close = tcp_close;
> 
> -s->fd = qemu_socket(PF_INET, SOCK_STREAM, 0);
> -if (s->fd == -1) {
> -DPRINTF("Unable to open socket");
> -return -socket_error();
> -}
> -
> -socket_set_nonblock(s->fd);
> -
> -do {
> -ret = connect(s->fd, (struct sockaddr *)&addr, sizeof(addr));
> -if (ret == -1) {
> -ret = -socket_error();
> -}
> -if (ret == -EINPROGRESS || ret == -EWOULDBLOCK) {
> -qemu_set_fd_handler2(s->fd, NULL, NULL, tcp_wait_for_connect, s);
> -return 0;
> -}
> -} while (ret == -EINTR);
> +s->fd = inet_connect(host_port, false, errp);
> 
> -if (ret < 0) {
> +if (!error_is_set(errp)) {
> +migrate_fd_connect(s);
> +} else if (error_is_type(*errp, QERR_SOCKET_CONNECT_IN_PROGRESS)) {
> +DPRINTF("connect in progress\n");
> +qemu_set_fd_handler2(s->fd, NULL, NULL, tcp_wait_for_connect, s);
> +} else if (error_is_type(*errp, QERR_SOCKET_CREATE_FAILED)) {
> +DPRINTF("connect failed\n");
> +return -1;
> +} else if (error_is_type(*errp, QERR_SOCKET_CONNECT_FAILED)) {
>  DPRINTF("connect failed\n");
>  migrate_fd_error(s);
> -return ret;
> +return -1;
> +} else {
> +DPRINTF("unknown error\n");
> +return -1;
>  }
> -migrate_fd_connect(s);
> +
>  return 0;
>  }
> 
> @@ -155,40 +142,18 @@ out2:
>  close(s);
>  }
> 
> -int tcp_start_incoming_migration(const char *host_port)
> +int tcp_start_incoming_migration(const char *host_port, Error **errp)
>  {
> -struct sockaddr_in addr;
> -int val;
>  int s;
> 
> -DPRINTF("Attempting to start an incoming migration\n");
> -
> -if (parse_host_port(&addr, host_port) < 0) {
> -fprintf(stderr, "invalid host/port combination: %s\n", host_port);
> -return -EINVAL;
> -}
> -
> -s = qemu_socket(PF_INET, SOCK_STREAM, 0);
> -if (s == -1) {
> -return -socket_error();
> -}
> -
> -val = 1;
> -setsockopt(s, SOL_SOCKET, SO_REUSEADDR, (const char *)&val, sizeof(val));
> +s = inet_listen(host_port, NULL, 256, SOCK_STREAM, 0, errp);
> 
> -if (bind(s, (struct sockaddr *)&addr, sizeof(addr)) == -1) {
> -goto err;
> -}
> -if (listen(s, 1) == -1) {
> -goto err;
> +if (s < 0) {
> +return -1;
>  }
> 
>  qemu_set_fd_handler2(s, NULL, tcp_accept_incoming_migration, NULL,
>   (void *)(intptr_t)s);
> 
>  return 0;
> -
> -err:
> -close(s);
> -return -socket_error();
>  }
> diff --git a/migration.c b/migration.c
> index 94f7839..6289bc7 100644
> --- a/migration.c
> +++ b/migration.c
> @@ -60,13 +60,13 @@ static MigrationState *migrate_get_current(void)
>  return ¤t_migration;
>  }
> 
> -int qemu_start_incoming_migration(const char *uri)
> +int qemu_start_incoming_migration(const char *uri, Error **errp)
>  {
>  const char *p;
>  int ret;
> 
>  if (strstart(uri, "tc

[Qemu-devel] [RFC PATCH V2 2/2] exynos4210: introduce Exynos4210 SD host controller model

[Igor Mitsyanko]

Exynos4210 SD/MMC host controller is based on SD association standart host
controller ver. 2.00

Signed-off-by: Igor Mitsyanko 
---
 Makefile.target   |1 +
 hw/exynos4210.c   |   20 +++
 hw/exynos4210_sdhci.c |  438 +
 3 files changed, 459 insertions(+), 0 deletions(-)
 create mode 100644 hw/exynos4210_sdhci.c

diff --git a/Makefile.target b/Makefile.target
index 7eda443..9bb2c6b 100644
--- a/Makefile.target
+++ b/Makefile.target
@@ -375,6 +375,7 @@ obj-arm-y += realview_gic.o realview.o arm_sysctl.o 
arm11mpcore.o a9mpcore.o
 obj-arm-y += exynos4210_gic.o exynos4210_combiner.o exynos4210.o
 obj-arm-y += exynos4_boards.o exynos4210_uart.o exynos4210_pwm.o
 obj-arm-y += exynos4210_pmu.o exynos4210_mct.o exynos4210_fimd.o
+obj-arm-y += exynos4210_sdhci.o
 obj-arm-y += arm_l2x0.o
 obj-arm-y += arm_mptimer.o a15mpcore.o
 obj-arm-y += armv7m.o armv7m_nvic.o stellaris.o pl022.o stellaris_enet.o
diff --git a/hw/exynos4210.c b/hw/exynos4210.c
index afc4bdc..4f9d91b 100644
--- a/hw/exynos4210.c
+++ b/hw/exynos4210.c
@@ -56,6 +56,12 @@
 #define EXYNOS4210_EXT_COMBINER_BASE_ADDR   0x1044
 #define EXYNOS4210_INT_COMBINER_BASE_ADDR   0x10448000
 
+/* SD/MMC host controllers SFR base addresses */
+#define EXYNOS4210_SDHC0_BASE_ADDR  0x1251
+#define EXYNOS4210_SDHC1_BASE_ADDR  0x1252
+#define EXYNOS4210_SDHC2_BASE_ADDR  0x1253
+#define EXYNOS4210_SDHC3_BASE_ADDR  0x1254
+
 /* PMU SFR base address */
 #define EXYNOS4210_PMU_BASE_ADDR0x1002
 
@@ -289,6 +295,20 @@ Exynos4210State *exynos4210_init(MemoryRegion *system_mem,
EXYNOS4210_UART3_FIFO_SIZE, 3, NULL,
   s->irq_table[exynos4210_get_irq(EXYNOS4210_UART_INT_GRP, 
3)]);
 
+/*** SD/MMC host controllers ***/
+
+sysbus_create_simple("exynos4210.sdhci", EXYNOS4210_SDHC0_BASE_ADDR,
+s->irq_table[exynos4210_get_irq(29, 0)]);
+
+sysbus_create_simple("exynos4210.sdhci", EXYNOS4210_SDHC1_BASE_ADDR,
+s->irq_table[exynos4210_get_irq(29, 1)]);
+
+sysbus_create_simple("exynos4210.sdhci", EXYNOS4210_SDHC2_BASE_ADDR,
+s->irq_table[exynos4210_get_irq(29, 2)]);
+
+sysbus_create_simple("exynos4210.sdhci", EXYNOS4210_SDHC3_BASE_ADDR,
+s->irq_table[exynos4210_get_irq(29, 3)]);
+
 /*** Display controller (FIMD) ***/
 sysbus_create_varargs("exynos4210.fimd", EXYNOS4210_FIMD0_BASE_ADDR,
 s->irq_table[exynos4210_get_irq(11, 0)],
diff --git a/hw/exynos4210_sdhci.c b/hw/exynos4210_sdhci.c
new file mode 100644
index 000..3d145c5
--- /dev/null
+++ b/hw/exynos4210_sdhci.c
@@ -0,0 +1,438 @@
+/*
+ * Samsung Exynos4210 SD/MMC host controller model
+ *
+ * Copyright (c) 2012 Samsung Electronics Co., Ltd.
+ * Mitsyanko Igor 
+ *
+ * This program is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License as published by the
+ * Free Software Foundation; either version 2 of the License, or (at your
+ * option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.
+ * See the GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License along
+ * with this program; if not, see .
+ */
+
+#include "sdhci.h"
+
+#define EXYNOS4_SDHC_CAPABILITIES0x05E80080
+#define EXYNOS4_SDHC_MAX_BUFSZ   512
+
+#define EXYNOS4_SDHC_DEBUG   0
+
+#if EXYNOS4_SDHC_DEBUG == 0
+#define DPRINT_L1(fmt, args...)   do { } while (0)
+#define DPRINT_L2(fmt, args...)   do { } while (0)
+#define ERRPRINT(fmt, args...)do { } while (0)
+#elif EXYNOS4_SDHC_DEBUG == 1
+#define DPRINT_L1(fmt, args...)   \
+do {fprintf(stderr, "QEMU SDHC: "fmt, ## args); } while (0)
+#define DPRINT_L2(fmt, args...)   do { } while (0)
+#define ERRPRINT(fmt, args...)\
+do {fprintf(stderr, "QEMU SDHC ERROR: "fmt, ## args); } while (0)
+#else
+#define DPRINT_L1(fmt, args...)   \
+do {fprintf(stderr, "QEMU SDHC: "fmt, ## args); } while (0)
+#define DPRINT_L2(fmt, args...)   \
+do {fprintf(stderr, "QEMU SDHC: "fmt, ## args); } while (0)
+#define ERRPRINT(fmt, args...)\
+do {fprintf(stderr, "QEMU SDHC ERROR: "fmt, ## args); } while (0)
+#endif
+
+
+#define TYPE_EXYNOS4_SDHC"exynos4210.sdhci"
+#define EXYNOS4_SDHCI(obj)   \
+ OBJECT_CHECK(Exynos4SDHCIState, (obj), TYPE_EXYNOS4_SDHC)
+
+/* ADMA Error Status Register */
+#define EXYNOS4_SDHC_FINAL_BLOCK (1 << 10)
+#define EXYNOS4_SDHC_CONTINUE_REQ(1 << 9)
+#define EXYNOS4_SDHC_IRQ_STAT(1 << 8)
+/* Control register 2 */
+#define EXYNOS4_SDHC_CONTROL20x80
+#define EXYNOS4_SDHC_HWINIT

[Qemu-devel] [RFC PATCH V2 0/2] Standard SD host controller model

[Igor Mitsyanko]

First patch introduces standard SD host controller model. This is accumulated
version of my previous patch I sent a while ago and a recent SDHCI patch by
Peter A. G. Crosthwaite.
Second patch introduces Exynos4210-specific SDHCI built on top of standard SDHCI
model.

v1->v2
 PATCH1:
- add support for ADMA1 (I havn't tested it though).
- fixed s->prnsts <-> s->pwrcon typo (thanks to Peter, strange that it even 
worked
  before).
 PATCH2:
- change header prefix from "target-arm" to "exynos4210".

Igor Mitsyanko (2):
  hw: introduce standard SD host controller
  exynos4210: introduce Exynos4210 SD host controller model

 Makefile.objs   |1 +
 Makefile.target |1 +
 default-configs/arm-softmmu.mak |1 +
 hw/exynos4210.c |   20 +
 hw/exynos4210_sdhci.c   |  438 +
 hw/sdhci.c  | 1305 +++
 hw/sdhci.h  |  310 ++
 7 files changed, 2076 insertions(+), 0 deletions(-)
 create mode 100644 hw/exynos4210_sdhci.c
 create mode 100644 hw/sdhci.c
 create mode 100644 hw/sdhci.h

-- 
1.7.4.1

Re: [Qemu-devel] [PATCH v8 2/4] sockets: change inet_connect() to support nonblock socket

[Michael Roth]

On Fri, Apr 20, 2012 at 12:40:24PM +0800, Amos Kong wrote:
> Add a bool argument to inet_connect() to assign if set socket
> to block/nonblock, and delete original argument 'socktype'
> that is unused.
> Add a new argument to inet_connect()/inet_connect_opts(),
> to pass back connect error by error class.
> 
> Retry to connect when -EINTR is got. Connect's successful
> for nonblock socket when following errors are got, user
> should wait for connecting by select():
>   -EINPROGRESS
>   -EWOULDBLOCK (win32)
>   -WSAEALREADY (win32)
> 
> Change nbd, vnc to use new interface.
> 
> Changes from v7:
> - posix: let EWOULDBLOCK fall through to CONNECT_FAILED path
> - fix typo
> 
> Signed-off-by: Amos Kong 
> ---
>  nbd.c  |2 +-
>  qemu-char.c|2 +-
>  qemu-sockets.c |   46 +++---
>  qemu_socket.h  |6 --
>  ui/vnc.c   |2 +-
>  5 files changed, 46 insertions(+), 12 deletions(-)
> 
> diff --git a/nbd.c b/nbd.c
> index 406e555..bb71f00 100644
> --- a/nbd.c
> +++ b/nbd.c
> @@ -146,7 +146,7 @@ int tcp_socket_outgoing(const char *address, uint16_t 
> port)
> 
>  int tcp_socket_outgoing_spec(const char *address_and_port)
>  {
> -return inet_connect(address_and_port, SOCK_STREAM);
> +return inet_connect(address_and_port, true, NULL);
>  }
> 
>  int tcp_socket_incoming(const char *address, uint16_t port)
> diff --git a/qemu-char.c b/qemu-char.c
> index 74c60e1..aeee2e8 100644
> --- a/qemu-char.c
> +++ b/qemu-char.c
> @@ -2444,7 +2444,7 @@ static CharDriverState *qemu_chr_open_socket(QemuOpts 
> *opts)
>  if (is_listen) {
>  fd = inet_listen_opts(opts, 0);
>  } else {
> -fd = inet_connect_opts(opts);
> +fd = inet_connect_opts(opts, NULL);
>  }
>  }
>  if (fd < 0) {
> diff --git a/qemu-sockets.c b/qemu-sockets.c
> index 6bcb8e3..66799fc 100644
> --- a/qemu-sockets.c
> +++ b/qemu-sockets.c
> @@ -51,6 +51,9 @@ static QemuOptsList dummy_opts = {
>  },{
>  .name = "ipv6",
>  .type = QEMU_OPT_BOOL,
> +},{
> +.name = "block",
> +.type = QEMU_OPT_BOOL,
>  },
>  { /* end if list */ }
>  },
> @@ -194,14 +197,15 @@ listen:
>  return slisten;
>  }
> 
> -int inet_connect_opts(QemuOpts *opts)
> +int inet_connect_opts(QemuOpts *opts, Error **errp)
>  {
>  struct addrinfo ai,*res,*e;
>  const char *addr;
>  const char *port;
>  char uaddr[INET6_ADDRSTRLEN+1];
>  char uport[33];
> -int sock,rc;
> +int sock, rc, err;

I'd just keep using rc since it's already here, and less easy to confuse
with errp.

> +bool block;
> 
>  memset(&ai,0, sizeof(ai));
>  ai.ai_flags = AI_CANONNAME | AI_ADDRCONFIG;
> @@ -210,8 +214,10 @@ int inet_connect_opts(QemuOpts *opts)
> 
>  addr = qemu_opt_get(opts, "host");
>  port = qemu_opt_get(opts, "port");
> +block = qemu_opt_get_bool(opts, "block", 0);
>  if (addr == NULL || port == NULL) {
>  fprintf(stderr, "inet_connect: host and/or port not specified\n");
> +error_set(errp, QERR_SOCKET_CREATE_FAILED);
>  return -1;
>  }
> 
> @@ -224,6 +230,7 @@ int inet_connect_opts(QemuOpts *opts)
>  if (0 != (rc = getaddrinfo(addr, port, &ai, &res))) {
>  fprintf(stderr,"getaddrinfo(%s,%s): %s\n", addr, port,
>  gai_strerror(rc));
> +error_set(errp, QERR_SOCKET_CREATE_FAILED);
>   return -1;
>  }
> 
> @@ -241,19 +248,38 @@ int inet_connect_opts(QemuOpts *opts)
>  continue;
>  }
>  setsockopt(sock,SOL_SOCKET,SO_REUSEADDR,(void*)&on,sizeof(on));
> -
> +if (!block) {
> +socket_set_nonblock(sock);
> +}
>  /* connect to peer */
> -if (connect(sock,e->ai_addr,e->ai_addrlen) < 0) {
> +do {
> +err = 0;
> +if (connect(sock, e->ai_addr, e->ai_addrlen) < 0) {
> +err = -socket_error();
> +}
> +} while (err == -EINTR);
> +
> +  #ifdef _WIN32
> +if (!block && (err == -EINPROGRESS || err == -EWOULDBLOCK
> +   || err == -WSAEALREADY)) {
> +  #else
> +if (!block && (err == -EINPROGRESS)) {
> +  #endif
> +error_set(errp, QERR_SOCKET_CONNECT_IN_PROGRESS);
> +}
> +if (err < 0 && !error_is_type(*errp, 
> QERR_SOCKET_CONNECT_IN_PROGRESS)) {

You can get a NULL pointer dereference here ^ if they call this function
with errp == NULL

>  if (NULL == e->ai_next)
>  fprintf(stderr, "%s: connect(%s,%s,%s,%s): %s\n", 
> __FUNCTION__,
>  inet_strfamily(e->ai_family),
>  e->ai_canonname, uaddr, uport, strerror(errno));
>  closesocket(sock);
> +sock = -1;
>  continue;
>  }
>  freeaddrinfo(res);
>  return sock;
>  }
> +error_set(errp, QERR_SOCKET_CONNECT_FA

Re: [Qemu-devel] [PATCH] qtest: Fix tv_usec != long

[Anthony Liguori]

On 04/19/2012 07:09 AM, Richard Henderson wrote:

Sparc Debian 5.0.8 does not define __suseconds_t as long,
but FMT_timeval expects %ld.

Signed-off-by: Richard Henderson
Cc: Anthony Liguori
Cc: Paolo Bonzini


Applied.  Thanks.

Regards,

Anthony Liguori


---
  qtest.c |8 
  1 files changed, 4 insertions(+), 4 deletions(-)

diff --git a/qtest.c b/qtest.c
index 18afcd9..fbfab4e 100644
--- a/qtest.c
+++ b/qtest.c
@@ -153,7 +153,7 @@ static void qtest_send_prefix(CharDriverState *chr)

  qtest_get_time(&tv);
  fprintf(qtest_log_fp, "[S +" FMT_timeval "] ",
-tv.tv_sec, tv.tv_usec);
+tv.tv_sec, (long) tv.tv_usec);
  }

  static void GCC_FMT_ATTR(2, 3) qtest_send(CharDriverState *chr,
@@ -201,7 +201,7 @@ static void qtest_process_command(CharDriverState *chr, 
gchar **words)

  qtest_get_time(&tv);
  fprintf(qtest_log_fp, "[R +" FMT_timeval "]",
-tv.tv_sec, tv.tv_usec);
+tv.tv_sec, (long) tv.tv_usec);
  for (i = 0; words[i]; i++) {
  fprintf(qtest_log_fp, " %s", words[i]);
  }
@@ -399,7 +399,7 @@ static void qtest_event(void *opaque, int event)
  qtest_opened = true;
  if (qtest_log_fp) {
  fprintf(qtest_log_fp, "[I " FMT_timeval "] OPENED\n",
-start_time.tv_sec, start_time.tv_usec);
+start_time.tv_sec, (long) start_time.tv_usec);
  }
  break;
  case CHR_EVENT_CLOSED:
@@ -408,7 +408,7 @@ static void qtest_event(void *opaque, int event)
  qemu_timeval tv;
  qtest_get_time(&tv);
  fprintf(qtest_log_fp, "[I +" FMT_timeval "] CLOSED\n",
-tv.tv_sec, tv.tv_usec);
+tv.tv_sec, (long) tv.tv_usec);
  }
  break;
  default:

Re: [Qemu-devel] [PATCH] configure: Virtfs doesn't require libcap.

[Anthony Liguori]

On 04/22/2012 05:16 AM, Kusanagi Kouichi wrote:

Only proxy helper does.

Signed-off-by: Kusanagi Kouichi


Applied.  Thanks.

Regards,

Anthony Liguori


---
  configure |6 --
  1 file changed, 4 insertions(+), 2 deletions(-)

diff --git a/configure b/configure
index 2d62d12..c8e6fe4 100755
--- a/configure
+++ b/configure
@@ -2860,9 +2860,11 @@ tools=
  if test "$softmmu" = yes ; then
tools="qemu-img\$(EXESUF) qemu-io\$(EXESUF) $tools"
if test "$virtfs" != no ; then
-  if test "$cap" = yes&&  test "$linux" = yes&&  test "$attr" = yes ; then
+  if test "$linux" = yes&&  test "$attr" = yes ; then
  virtfs=yes
- tools="$tools fsdev/virtfs-proxy-helper\$(EXESUF)"
+ if test "$cap" = yes ; then
+ tools="$tools fsdev/virtfs-proxy-helper\$(EXESUF)"
+ fi
else
  if test "$virtfs" = yes; then
  feature_not_found "virtfs"

Re: [Qemu-devel] [PATCH] qemu-char: Fix crash when switching consoles

[Anthony Liguori]

On 04/19/2012 03:27 PM, Stefan Weil wrote:

qemu-system-arm (and other system emulations) crashes with SDL when
the user switches consoles (Alt-Ctrl-F4).

We already check for NULL pointers in qemu_chr_fe_ioctl,
qemu_chr_be_can_write and other functions, so do this also
for s->chr_read in qemu_chr_be_write. This fixes the crash.

Signed-off-by: Stefan Weil


Applied.  Thanks.

Regards,

Anthony Liguori


---
  qemu-char.c |4 +++-
  1 files changed, 3 insertions(+), 1 deletions(-)

diff --git a/qemu-char.c b/qemu-char.c
index 287e195..43adcb2 100644
--- a/qemu-char.c
+++ b/qemu-char.c
@@ -160,7 +160,9 @@ int qemu_chr_be_can_write(CharDriverState *s)

  void qemu_chr_be_write(CharDriverState *s, uint8_t *buf, int len)
  {
-s->chr_read(s->handler_opaque, buf, len);
+if (s->chr_read) {
+s->chr_read(s->handler_opaque, buf, len);
+}
  }

  int qemu_chr_fe_get_msgfd(CharDriverState *s)

Re: [Qemu-devel] [PATCH] Limit ptimer rate to something achievable

[Anthony Liguori]

On 04/20/2012 12:32 AM, Peter Chubb wrote:


If a guest sets very short timeouts, and asks for a timer to be reloaded on
timeout, QEMU can go to 100%CPU utilisation and become unresponsive,
as it is spending all its time generating timeout interrupts.  On real
hardware this doesn't matter, as the interrupts are just coalesced,
and the effect is to have the interrupt asserted all the time.

This patch is a band-aid, that prevents timeouts less than 10
microseconds from being set.  10 microseconds is a limit that was
determined empirically on a variety of machines as the shortest that
allowed QEMU to pick up a control-a c sequence to get at the monitor.

Reported-by: Anna Lyons
Signed-off-by: Peter Chubb


Applied.  Thanks.

Regards,

Anthony Liguori



---
  hw/ptimer.c |   13 +
  1 file changed, 13 insertions(+)

Index: qemu-working/hw/ptimer.c
===
--- qemu-working.orig/hw/ptimer.c   2012-04-20 15:09:09.317922659 +1000
+++ qemu-working/hw/ptimer.c2012-04-20 15:30:42.108486207 +1000
@@ -180,6 +180,19 @@ void ptimer_set_freq(ptimer_state *s, ui
 count = limit.  */
  void ptimer_set_limit(ptimer_state *s, uint64_t limit, int reload)
  {
+/*
+ * Artificially limit timeout rate to something
+ * achievable under QEMU.  Otherwise, QEMU spends all
+ * its time generating timer interrupts, and there
+ * is no forward progress.
+ * About ten microseconds is the fastest that really works
+ * on the current generation of host machines.
+ */
+
+if (limit * s->period<  1&&  s->period) {
+limit = 1 / s->period;
+}
+
  s->limit = limit;
  if (reload)
  s->delta = limit;
--
Dr Peter Chubb  peter.chubb AT nicta.com.au
http://www.ssrg.nicta.com.au  Software Systems Research Group/NICTA

Re: [Qemu-devel] [PATCH] qom: Refine container_get() to allow using a custom root

[Anthony Liguori]

On 04/05/2012 06:21 AM, Andreas Färber wrote:

Specify the root to search from as argument. This avoids hardcoding
"/machine" in some places and makes it more flexible.

Signed-off-by: Andreas Färber
Cc: Paolo Bonzini
Cc: Anthony Liguori


Applied.  Thanks.

Regards,

Anthony Liguori


---
  hw/qdev-monitor.c |4 ++--
  hw/qdev.c |7 ---
  include/qemu/object.h |3 ++-
  qom/container.c   |4 ++--
  4 files changed, 10 insertions(+), 8 deletions(-)

diff --git a/hw/qdev-monitor.c b/hw/qdev-monitor.c
index 4783366..67f296b 100644
--- a/hw/qdev-monitor.c
+++ b/hw/qdev-monitor.c
@@ -180,7 +180,7 @@ static Object *qdev_get_peripheral(void)
  static Object *dev;

  if (dev == NULL) {
-dev = container_get("/machine/peripheral");
+dev = container_get(qdev_get_machine(), "/peripheral");
  }

  return dev;
@@ -191,7 +191,7 @@ static Object *qdev_get_peripheral_anon(void)
  static Object *dev;

  if (dev == NULL) {
-dev = container_get("/machine/peripheral-anon");
+dev = container_get(qdev_get_machine(), "/peripheral-anon");
  }

  return dev;
diff --git a/hw/qdev.c b/hw/qdev.c
index 0d3c0fc..efa4c5d 100644
--- a/hw/qdev.c
+++ b/hw/qdev.c
@@ -157,8 +157,9 @@ int qdev_init(DeviceState *dev)
  static int unattached_count = 0;
  gchar *name = g_strdup_printf("device[%d]", unattached_count++);

-object_property_add_child(container_get("/machine/unattached"), name,
-  OBJECT(dev), NULL);
+object_property_add_child(container_get(qdev_get_machine(),
+"/unattached"),
+  name, OBJECT(dev), NULL);
  g_free(name);
  }

@@ -673,7 +674,7 @@ Object *qdev_get_machine(void)
  static Object *dev;

  if (dev == NULL) {
-dev = container_get("/machine");
+dev = container_get(object_get_root(), "/machine");
  }

  return dev;
diff --git a/include/qemu/object.h b/include/qemu/object.h
index a675937..ca1649c 100644
--- a/include/qemu/object.h
+++ b/include/qemu/object.h
@@ -905,6 +905,7 @@ void object_property_add_str(Object *obj, const char *name,

  /**
   * container_get:
+ * @root: root of the #path, e.g., object_get_root()
   * @path: path to the container
   *
   * Return a container object whose path is @path.  Create more containers
@@ -912,7 +913,7 @@ void object_property_add_str(Object *obj, const char *name,
   *
   * Returns: the container object.
   */
-Object *container_get(const char *path);
+Object *container_get(Object *root, const char *path);


  #endif
diff --git a/qom/container.c b/qom/container.c
index 67e9e8a..c9940ab 100644
--- a/qom/container.c
+++ b/qom/container.c
@@ -25,7 +25,7 @@ static void container_register_types(void)
  type_register_static(&container_info);
  }

-Object *container_get(const char *path)
+Object *container_get(Object *root, const char *path)
  {
  Object *obj, *child;
  gchar **parts;
@@ -33,7 +33,7 @@ Object *container_get(const char *path)

  parts = g_strsplit(path, "/", 0);
  assert(parts != NULL&&  parts[0] != NULL&&  !parts[0][0]);
-obj = object_get_root();
+obj = root;

  for (i = 1; parts[i] != NULL; i++, obj = child) {
  child = object_resolve_path_component(obj, parts[i]);

Re: [Qemu-devel] [PATCH] Remove extra pthread switch

[Anthony Liguori]

On 04/20/2012 09:36 AM, Peter Portante wrote:

From the Department of the Redundancy Department:

   remove the extra pthread switch which might be there
   from the package config check for gthreads.

Signed-off-by: Peter Portante


Applied.  Thanks.

Regards,

Anthony Liguori


---
  configure |   11 ++-
  1 files changed, 10 insertions(+), 1 deletions(-)

diff --git a/configure b/configure
index 8b4e3c1..0038dfc 100755
--- a/configure
+++ b/configure
@@ -2039,7 +2039,16 @@ else
for pthread_lib in $PTHREADLIBS_LIST; do
  if compile_prog "" "$pthread_lib" ; then
pthread=yes
-  LIBS="$pthread_lib $LIBS"
+  found=no
+  for lib_entry in $LIBS; do
+if test "$lib_entry" = "$pthread_lib"; then
+  found=yes
+  break
+fi
+  done
+  if test "$found" = "no"; then
+LIBS="$pthread_lib $LIBS"
+  fi
break
  fi
done

Re: [Qemu-devel] [PATCH v5 00/14] configure: --with-confsuffix option

[Anthony Liguori]

On 04/18/2012 02:55 PM, Eduardo Habkost wrote:

This is just a rebase of v4, because I noticed that v4 doesn't apply cleanly
against current git master anymore (and I will soon submit a series that will
depend on this one).

Changes v4 ->  v5:
  - Rebase against latest qemu.git

Changes v3 ->  v4:
  - Rebase against latest qemu.git
  - Changed patch 14/14 subject to match the code (--with-confsuffix instead of 
--confsuffix)

Changes v2 ->  v3:
  - Changes --datadir meaning to match Autoconf convention
(meaning that it should point to /usr/share, not /usr/share/qemu).
NOTE: this breaks compatibility.
I don't know of anybody who uses that option today. Neither Fedora, Debian,
Arch Linux, Gentoo, or FreeBSD use it[1].
  - Add --with-confsuffix option, to allow the /etc/qemu and /usr/share/qemu
directories to have a different names.


Applied.  Thanks.

Regards,

Anthony Liguori



[1] http://article.gmane.org/gmane.comp.emulators.qemu/142924


Series description:

Most of the patches are variable renames and cleanups. The actual changes are
only on the last 2 patches.

First, internal configure variables are renamed, without changing
config-host.mak:

   configure: rename $datadir to $qemu_datadir
   configure: rename $docdir to $qemu_docdir
   configure: rename $confdir to $qemu_confdir

Then create_config gets ready for config-host.mak variable renames
(Qemu-specific directories will now have a "qemu_" prefix):

   create_config: separate section for qemu_*dir variables (v2)

Then, variables are renamed on config-host.mak and Makefiles:

   config-host.mak: rename datadir to qemu_datadir
   config-host.mak: rename confdir to qemu_confdir
   Makefile: use $(qemu_confdir) instead of $(sysconfdir)/qemu
   config-host.mak: rename docdir to qemu_docdir
   config-host.mak: remove CONFIG_QEMU_SHAREDIR
   config-host.mak: reorder variables a bit

Then old code on create_config is removed:

   create_config: remove *dir block
   create_config: simplify prefix=* block, remove CONFIG_QEMU_PREFIX

Finally, the user-visible changes:

   configure: change meaning of --datadir to Autoconf convention
   configure: add --with-confsuffix option



Eduardo Habkost (14):
   configure: rename $datadir to $qemu_datadir
   configure: rename $docdir to $qemu_docdir
   configure: rename $confdir to $qemu_confdir
   create_config: separate section for qemu_*dir variables (v2)
   config-host.mak: rename datadir to qemu_datadir
   config-host.mak: rename confdir to qemu_confdir
   Makefile: use $(qemu_confdir) instead of $(sysconfdir)/qemu
   config-host.mak: rename docdir to qemu_docdir
   config-host.mak: remove CONFIG_QEMU_SHAREDIR
   config-host.mak: reorder variables a bit
   create_config: remove *dir block
   create_config: simplify prefix=* block, remove CONFIG_QEMU_PREFIX
   configure: change meaning of --datadir to Autoconf convention
   configure: add --with-confsuffix option

  Makefile  |   16 
  Makefile.target   |4 ++--
  configure |   29 -
  scripts/create_config |8 ++--
  4 files changed, 32 insertions(+), 25 deletions(-)

[Qemu-devel] qemu-ga: conclusions on shutdown & suspend behavior

[Luiz Capitulino]

Hi there,

With the risk of becoming repetitive, I'm going to summarize the problems and
solutions we've discussed in the last few days for the problems found in 
qemu-ga's
shutdown and suspend commands.

Gleb and Igor, you may be interested in items 2 and 4.

Basically, we have four issues:

 1. The guest-shutdown and guest-suspend-* commands are unable to detect errors
while performing their operation. That is, qemu-ga will report success to
clients even if an error happens while shutting down or suspending.

This happens because the operation is executed in a child process and
qemu-ga doesn't wait() for children processes to avoid blocking.

Possible solutions:

A. Don't fix this and preserve qemu-ga's non-blocking behavior
B. Change qemu-ga to wait() for its children and report errors. Has
   the implication of being a blocking call

 2. The guest-shutdown and guest-suspend-* commands may not emit a success
response. Actually, the guest-suspend-* commands may emit a response
after the guest resumes.

This happens because the guest may shutdown/suspend before qemu-ga is
able to emit a success response.

Solution: Change qemu-ga to never emit a success response. Clients should
do the following to check for success:

   o guest-suspend-disk: if the guest suspends through ACPI, an exit
 status of 3 (chose a random number). Otherwise an exit status of 0
   o guest-suspend-ram or hybrid: wait for the SUSPEND event and/or
 pull for a RunState change to suspended (the RunState change doesn't
 exist upstream yet, will submit a patch)
   o guest-shutdown: an exit status of 0

 3. There's a possible race in suspend code while trying to detect suspend
support in the guest.

This happens because the suspend code got complex while trying to
preserve qemu-ga's non-blocking behavior described in item 1.

Possible solutions:

  A. Just fix the race (which makes the code more complex)
  B. Do solution 1.B. (which also simplifies the code considerably)

  4. Libvirt is facing a problem when hot plugging a device and then user-space
 suspends to disk: if libvirt is not told to make the new device persistent,
 then it will be unable to correctly resume the VM later, since its
 command-line won't have the newly added device.

 This happens because libvirt doesn't know the VM suspended to disk.

 Solution: Implement solution for item 2 above (ie. exit with a
   different exit status, eg. 3). There isn't much to be done
   if the guest doesn't suspend through ACPI.

 PS: This problem is out of qemu-ga's realm, but it's interesting to
 find a "unified" solution.

[Qemu-devel] [PATCH] cocoa: Fix build

[Bernhard Walle]

This patch is from MacPorts [1]. I don't know the origin, but as it's
quite trivial I hope it's okay to post it without that information.

At least it fixes building QEMU on Mac OS 10.7. The compiler error
without that patch:

-- 8< ---
/Users/bwalle/devel/qemu/fpu/softfloat.h:60: error: conflicting types for 
'uint16'
/System/Library/Frameworks/Security.framework/Headers/cssmconfig.h:73: error:
 previous declaration of 'uint16' was here
-- >8 ---

Signed-off-by: Bernhard Walle 

[1] 
https://trac.macports.org/browser/trunk/dports/emulators/qemu/files/patch-cocoa-uint16-redefined.diff
---
 fpu/softfloat.h |2 ++
 ui/cocoa.m  |7 ---
 2 files changed, 6 insertions(+), 3 deletions(-)

diff --git a/fpu/softfloat.h b/fpu/softfloat.h
index 2ce4110..7cabe0f 100644
--- a/fpu/softfloat.h
+++ b/fpu/softfloat.h
@@ -57,7 +57,9 @@ typedef uint8_t flag;
 typedef uint8_t uint8;
 typedef int8_t int8;
 #ifndef _AIX
+#if !(defined(__APPLE__) && defined(_UINT16))
 typedef int uint16;
+#endif
 typedef int int16;
 #endif
 typedef unsigned int uint32;
diff --git a/ui/cocoa.m b/ui/cocoa.m
index e7d6e89..7feeeff 100644
--- a/ui/cocoa.m
+++ b/ui/cocoa.m
@@ -22,13 +22,14 @@
  * THE SOFTWARE.
  */
 
-#import 
-#include 
-
 #include "qemu-common.h"
 #include "console.h"
 #include "sysemu.h"
 
+#define _UINT16
+#import 
+#include 
+
 #ifndef MAC_OS_X_VERSION_10_4
 #define MAC_OS_X_VERSION_10_4 1040
 #endif
-- 
1.7.10

[Qemu-devel] [Bug 818673] Re: virtio: trying to map MMIO memory

[Vitalis]

Hello with bad news! I have:

virtio_ioport_write: unexpected address 0x13 value 0x1

on config:

LC_ALL=C PATH=/usr/local/sbin:/usr/local/bin:/usr/bin:/usr/sbin:/sbin:/bin 
QEMU_AUDIO_DRV=none /usr/bin/kvm -S -M pc-0.12 -cpu qemu32 -enable-kvm -m 3072 
-smp 1 -name nata_xp -uuid da607499-1d8f-e7ef-d1d2-38
1c1839e4ba -chardev 
socket,id=monitor,path=/var/lib/libvirt/qemu/nata_xp.monitor,server,nowait 
-monitor chardev:monitor -localtime -boot c -drive 
file=/root/nata_xp.qcow2,if=virtio,index=0,boot=on,format=raw
,cache=none -drive 
file=/home/admino/virtio-win-0.1-22.iso,if=ide,media=cdrom,index=2,format=raw 
-net nic,macaddr=00:16:36:06:02:69,vlan=0,model=virtio,name=virtio.0 -net 
tap,fd=43,vlan=0,name=tap.0 -serial
none -parallel none -usb -usbdevice tablet -vnc 127.0.0.1:3 -k en-us -vga cirrus
pci_add_option_rom: failed to find romfile "pxe-virtio.bin"

with kernel 2.6.32-40-generic #87-Ubuntu SMP Tue Mar 6 00:56:56 UTC 2012 x86_64 
GNU/Linux
qemu drivers are virtio-win-0.1-22.iso

Anybody help me?


** Attachment added: "minidump"
   
https://bugs.launchpad.net/qemu/+bug/818673/+attachment/3102252/+files/Mini042412-01.dmp

-- 
You received this bug notification because you are a member of qemu-
devel-ml, which is subscribed to QEMU.
https://bugs.launchpad.net/bugs/818673

Title:
  virtio: trying to map MMIO memory

Status in QEMU:
  New

Bug description:
  Qemu host is Core i7, running Linux.  Guest is Windows XP sp3.
  Often, qemu will crash shortly after starting (1-5 minutes) with a statement 
"qemu-system-x86_64: virtio: trying to map MMIO memory"
  This has occured with qemu-kvm 0.14, qemu-kvm 0.14.1, qemu-0.15.0-rc0 and 
qemu 0.15.0-rc1.
  Qemu is started as such:
  qemu-system-x86_64 -cpu host -enable-kvm -pidfile /home/rick/qemu/hds/wxp.pid 
-drive file=/home/rick/qemu/hds/wxp.raw,if=virtio -m 768 -name WinXP -net 
nic,model=virtio -net user -localtime -usb -vga qxl -device virtio-serial 
-chardev spicevmc,name=vdagent,id=vdagent -device 
virtserialport,chardev=vdagent,name=com.redhat.spice.0 -spice 
port=1234,disable-ticketing -daemonize -monitor 
telnet:localhost:12341,server,nowait
  The WXP guest has virtio 1.1.16 drivers for net and scsi, and the most 
current spice binaries from spice-space.org.

To manage notifications about this bug go to:
https://bugs.launchpad.net/qemu/+bug/818673/+subscriptions

[Qemu-devel] [PATCH] target-arm: Make SETEND respect bswap_code (BE8) setting

[Peter Maydell]

Make the SETEND instruction respect the setting of bswap_code,
so that in BE8 mode we UNDEF for attempts to switch into
little-endian mode and nop for attempts to stay in big-endian
mode. (This is the inverse of the existing handling of SETEND
in the more common little-endian setup, which we use since
we don't implement the architecturally-mandated dynamic
endianness switching.)

Signed-off-by: Peter Maydell 
---
This tidies up a minor corner case following the introduction of
BE8 support recently.

 target-arm/translate.c |8 
 1 files changed, 4 insertions(+), 4 deletions(-)

diff --git a/target-arm/translate.c b/target-arm/translate.c
index 7a3c7d6..437d9db 100644
--- a/target-arm/translate.c
+++ b/target-arm/translate.c
@@ -6767,8 +6767,8 @@ static void disas_arm_insn(CPUARMState * env, 
DisasContext *s)
 if ((insn & 0x0dff) == 0x0101) {
 ARCH(6);
 /* setend */
-if (insn & (1 << 9)) {
-/* BE8 mode not implemented.  */
+if (((insn >> 9) & 1) != s->bswap_code) {
+/* Dynamic endianness switching not implemented. */
 goto illegal_op;
 }
 return;
@@ -9710,8 +9710,8 @@ static void disas_thumb_insn(CPUARMState *env, 
DisasContext *s)
 case 2:
 /* setend */
 ARCH(6);
-if (insn & (1 << 3)) {
-/* BE8 mode not implemented.  */
+if (((insn >> 3) & 1) != s->bswap_code) {
+/* Dynamic endianness switching not implemented. */
 goto illegal_op;
 }
 break;
-- 
1.7.1

Re: [Qemu-devel] [PULL 0/9] Tracing patches

[Andreas Färber]

Am 18.04.2012 16:07, schrieb Stefan Hajnoczi:
> The last tracing pull for 1.1 before we merge only fixes.
> 
> The following changes since commit 6e7a7f3d9bc2031b4c93c05400b18775ba1b1f55:
> 
>   Allow controlling volume with PulseAudio backend (2012-04-17 16:57:58 +0400)
> 
> are available in the git repository at:
> 
>   git://github.com/stefanha/qemu.git tracing
> 
> for you to fetch changes up to 256a721d46a112d8807a488ec0176985c09bbbf1:
> 
>   tracetool: handle DTrace keywords 'in', 'next', 'self' (2012-04-18 14:03:00 
> +0100)
> 
> 
> Lluís Vilanova (8):
>   tracetool: Rewrite infrastructure as python modules
>   tracetool: Add module for the 'c' format
>   tracetool: Add module for the 'h' format
>   tracetool: Add support for the 'stderr' backend
>   tracetool: Add support for the 'simple' backend
>   tracetool: Add support for the 'ust' backend
>   tracetool: Add support for the 'dtrace' backend
>   tracetool: Add MAINTAINERS info
> 
> Stefan Hajnoczi (1):
>   tracetool: handle DTrace keywords 'in', 'next', 'self'

While the thought of not having to deal with oldish Sun shells was
certainly compelling, tracetool.py seems to require Python 2.6 and
breaks with Python 2.5.1 on Mac OS X v10.5 (the last version to support
ppc). Any chance you can fix this?

What I'm seeing when the command line options are correct is this:

Error: invalid trace backend
Please choose a supported trace backend.

And when not, I see the following amidst the usage information:

[...]
  --enable-trace-backend=B Set trace backend
  File "/Users/andreas/QEMU/qemu/scripts/tracetool.py", line 73
except getopt.GetoptError as err:
   ^
SyntaxError: invalid syntax
   Available backends:
[...]

I.e. `python scripts/tracetool.py --list-backends` breaks.

Andreas

-- 
SUSE LINUX Products GmbH, Maxfeldstr. 5, 90409 Nürnberg, Germany
GF: Jeff Hawn, Jennifer Guild, Felix Imendörffer; HRB 16746 AG Nürnberg

Re: [Qemu-devel] Spice vdagent on SLED 11

[Andrew Cathrow]

- Original Message -
> From: "Raj Rajasekaran" 
> To: "Andrew Cathrow" 
> Cc: qemu-devel@nongnu.org
> Sent: Tuesday, April 24, 2012 1:49:33 PM
> Subject: Re: [Qemu-devel] Spice vdagent on SLED 11
> 
> 
> SLED Version 11.

>From what I learned on #kvm you need a later version of SLED (or update the 
>kernel) to pickup virtio-console.
For sure it's in SP2 maybe in SP1 but you'd need to check with SUSE about that.

> 
> 
> On Tue, Apr 24, 2012 at 12:46 PM, Andrew Cathrow <
> acath...@redhat.com > wrote:
> 
> 
> 
> 
> 
> - Original Message -
> > From: "Raj Rajasekaran" < r...@connecttel.com >
> > To: "Andrew Cathrow" < acath...@redhat.com >
> > Cc: qemu-devel@nongnu.org
> 
> > Sent: Tuesday, April 24, 2012 1:38:59 PM
> > Subject: Re: [Qemu-devel] Spice vdagent on SLED 11
> > 
> > 
> 
> > lspci listed 'Communication Controller Virtio console' as one of
> > the
> > devices exposed. But I did not see any /dev/vport*.
> 
> I wonder if virtio-console driver is in this version of SLED
> What version (& service pack) are you running?
> 
> 
> 
> 
> > 
> > 
> > On Tue, Apr 24, 2012 at 12:17 PM, Andrew Cathrow <
> > acath...@redhat.com > wrote:
> > 
> > 
> > 
> > 
> > 
> > - Original Message -
> > > From: "Raj Rajasekaran" < r...@connecttel.com >
> > > To: "Andrew Cathrow" < acath...@redhat.com >
> > > Cc: qemu-devel@nongnu.org
> > 
> > > Sent: Tuesday, April 24, 2012 12:09:32 PM
> > > Subject: Re: [Qemu-devel] Spice vdagent on SLED 11
> > > 
> > > 
> > 
> > > Here it is
> > > 
> > > 
> > > 
> > > qemu -vga qxl -device qxl -global qxl-vga.vram_size=33554432
> > > -device
> > > virtio-serial -chardev spicevmc,id=vdagent,debug=0,name=vdagent
> > > -device virtserialport,chardev=vdagent,name=com.redhat.spice.0
> > > -spice port=$SPICE_PORT,image-compression=off,disable-ticketing
> > > -enable-kvm -m 1024 -net
> > > nic,model=e1000,vlan=0,macaddr=52:54:84:fe:00:02 -net
> > > user,vlan=1,hostfwd=tcp::-:22 -net nic,model=e1000,vlan=1
> > > -monitor stdio
> > 
> > So the right config is being passed to KVM.
> > You can run lspci in the virtual machine to make sure the right PCI
> > devices are being exposed.
> > Then presuming the guest as virtio-serial support (and I don't know
> > if SLED11 has that compiled in) then you'll see /dev/vport* (and
> > potentially symlinks in /dev/virtio-ports/ depending on how udev is
> > setup in SLED)
> > 
> > 
> > 
> > 
> > 
> > 
> > > 
> > > 
> > > 
> > > 
> > > 
> > > On Tue, Apr 24, 2012 at 11:03 AM, Andrew Cathrow <
> > > acath...@redhat.com > wrote:
> > > 
> > > 
> > > do you have the configuration ? is there a libvirt xml, or a
> > > command
> > > line in a script?
> > > 
> > > 
> > > - Original Message -
> > > > From: "Raj Rajasekaran" < r...@connecttel.com >
> > > > To: "Andrew Cathrow" < acath...@redhat.com >
> > > > Cc: qemu-devel@nongnu.org
> > > 
> > > 
> > > > Sent: Tuesday, April 24, 2012 11:59:07 AM
> > > > Subject: Re: [Qemu-devel] Spice vdagent on SLED 11
> > > > 
> > > > 
> > > > Yes.
> > > > 
> > > > 
> > > > On Tue, Apr 24, 2012 at 10:48 AM, Andrew Cathrow <
> > > > acath...@redhat.com > wrote:
> > > > 
> > > > 
> > > > 
> > > > 
> > > > 
> > > > - Original Message -
> > > > > From: "Raj Rajasekaran" < r...@connecttel.com >
> > > > 
> > > > > To: "Andrew Cathrow" < acath...@redhat.com >
> > > > > Cc: qemu-devel@nongnu.org
> > > > > Sent: Tuesday, April 24, 2012 11:43:12 AM
> > > > > Subject: Re: [Qemu-devel] Spice vdagent on SLED 11
> > > > > 
> > > > > 
> > > > > Where do I check whether VM is configured to expose this
> > > > > virtio
> > > > > serial device? If not how to configure it.
> > > > > 
> > > > 
> > > > Did you start/configure the VM?
> > > > 
> > > > 
> > > > 
> > > > 
> > > > > 
> > > > > On Mon, Apr 23, 2012 at 7:45 PM, Andrew Cathrow <
> > > > > acath...@redhat.com
> > > > > > wrote:
> > > > > 
> > > > > 
> > > > > 
> > > > > 
> > > > > 
> > > > > 
> > > > > - Original Message -
> > > > > > From: "Raj Rajasekaran" < r...@connecttel.com >
> > > > > > To: qemu-devel@nongnu.org
> > > > > > Sent: Monday, April 23, 2012 11:35:56 AM
> > > > > > Subject: [Qemu-devel] Spice vdagent on SLED 11
> > > > > > 
> > > > > > I am not able to get Spice vdagent running on SLED 11
> > > > > > virtual
> > > > > > machine. Log file has the error message 'Missing virtio
> > > > > > device
> > > > > > '/dev/virtio-ports/com.redhat.spice.0'. I am using Qemu
> > > > > > v0.15.1
> > > > > > and
> > > > > > Spice v0.10.0.
> > > > > > 
> > > > > > 
> > > > > > Has anyone got this work under SLED11?
> > > > > 
> > > > > Is your VM configured to expost a virtio-serial device named
> > > > > com.redhat.spice.0 ?
> > > > > 
> > > > > -chardev spicevmc,id=charchannel0,name=vdagent
> > > > > -device
> > > > > virtserialport,bus=virtio-serial0.0,nr=1,chardev=charchannel0,id=channel0,name=com.redhat.spice.0
> > > > > 
> > > > > 
> > > > > or
> > > > > 
> > > > > 
> > > > > 
> > > > > 
> > > > > 
> > > > >  > > > > port='1'/>
> > > > > 
>

Re: [Qemu-devel] Spice vdagent on SLED 11

[Raj Rajasekaran]

SLED Version 11.

On Tue, Apr 24, 2012 at 12:46 PM, Andrew Cathrow wrote:

>
>
> - Original Message -
> > From: "Raj Rajasekaran" 
> > To: "Andrew Cathrow" 
> > Cc: qemu-devel@nongnu.org
> > Sent: Tuesday, April 24, 2012 1:38:59 PM
> > Subject: Re: [Qemu-devel] Spice vdagent on SLED 11
> >
> >
> > lspci listed 'Communication Controller Virtio console' as one of the
> > devices exposed. But I did not see any /dev/vport*.
>
> I wonder if virtio-console driver is in this version of SLED
> What version (& service pack) are you running?
>
>
> >
> >
> > On Tue, Apr 24, 2012 at 12:17 PM, Andrew Cathrow <
> > acath...@redhat.com > wrote:
> >
> >
> >
> >
> >
> > - Original Message -
> > > From: "Raj Rajasekaran" < r...@connecttel.com >
> > > To: "Andrew Cathrow" < acath...@redhat.com >
> > > Cc: qemu-devel@nongnu.org
> >
> > > Sent: Tuesday, April 24, 2012 12:09:32 PM
> > > Subject: Re: [Qemu-devel] Spice vdagent on SLED 11
> > >
> > >
> >
> > > Here it is
> > >
> > >
> > >
> > > qemu -vga qxl -device qxl -global qxl-vga.vram_size=33554432
> > > -device
> > > virtio-serial -chardev spicevmc,id=vdagent,debug=0,name=vdagent
> > > -device virtserialport,chardev=vdagent,name=com.redhat.spice.0
> > > -spice port=$SPICE_PORT,image-compression=off,disable-ticketing
> > > -enable-kvm -m 1024 -net
> > > nic,model=e1000,vlan=0,macaddr=52:54:84:fe:00:02 -net
> > > user,vlan=1,hostfwd=tcp::-:22 -net nic,model=e1000,vlan=1
> > > -monitor stdio
> >
> > So the right config is being passed to KVM.
> > You can run lspci in the virtual machine to make sure the right PCI
> > devices are being exposed.
> > Then presuming the guest as virtio-serial support (and I don't know
> > if SLED11 has that compiled in) then you'll see /dev/vport* (and
> > potentially symlinks in /dev/virtio-ports/ depending on how udev is
> > setup in SLED)
> >
> >
> >
> >
> >
> >
> > >
> > >
> > >
> > >
> > >
> > > On Tue, Apr 24, 2012 at 11:03 AM, Andrew Cathrow <
> > > acath...@redhat.com > wrote:
> > >
> > >
> > > do you have the configuration ? is there a libvirt xml, or a
> > > command
> > > line in a script?
> > >
> > >
> > > - Original Message -
> > > > From: "Raj Rajasekaran" < r...@connecttel.com >
> > > > To: "Andrew Cathrow" < acath...@redhat.com >
> > > > Cc: qemu-devel@nongnu.org
> > >
> > >
> > > > Sent: Tuesday, April 24, 2012 11:59:07 AM
> > > > Subject: Re: [Qemu-devel] Spice vdagent on SLED 11
> > > >
> > > >
> > > > Yes.
> > > >
> > > >
> > > > On Tue, Apr 24, 2012 at 10:48 AM, Andrew Cathrow <
> > > > acath...@redhat.com > wrote:
> > > >
> > > >
> > > >
> > > >
> > > >
> > > > - Original Message -
> > > > > From: "Raj Rajasekaran" < r...@connecttel.com >
> > > >
> > > > > To: "Andrew Cathrow" < acath...@redhat.com >
> > > > > Cc: qemu-devel@nongnu.org
> > > > > Sent: Tuesday, April 24, 2012 11:43:12 AM
> > > > > Subject: Re: [Qemu-devel] Spice vdagent on SLED 11
> > > > >
> > > > >
> > > > > Where do I check whether VM is configured to expose this virtio
> > > > > serial device? If not how to configure it.
> > > > >
> > > >
> > > > Did you start/configure the VM?
> > > >
> > > >
> > > >
> > > >
> > > > >
> > > > > On Mon, Apr 23, 2012 at 7:45 PM, Andrew Cathrow <
> > > > > acath...@redhat.com
> > > > > > wrote:
> > > > >
> > > > >
> > > > >
> > > > >
> > > > >
> > > > >
> > > > > - Original Message -
> > > > > > From: "Raj Rajasekaran" < r...@connecttel.com >
> > > > > > To: qemu-devel@nongnu.org
> > > > > > Sent: Monday, April 23, 2012 11:35:56 AM
> > > > > > Subject: [Qemu-devel] Spice vdagent on SLED 11
> > > > > >
> > > > > > I am not able to get Spice vdagent running on SLED 11 virtual
> > > > > > machine. Log file has the error message 'Missing virtio
> > > > > > device
> > > > > > '/dev/virtio-ports/com.redhat.spice.0'. I am using Qemu
> > > > > > v0.15.1
> > > > > > and
> > > > > > Spice v0.10.0.
> > > > > >
> > > > > >
> > > > > > Has anyone got this work under SLED11?
> > > > >
> > > > > Is your VM configured to expost a virtio-serial device named
> > > > > com.redhat.spice.0 ?
> > > > >
> > > > > -chardev spicevmc,id=charchannel0,name=vdagent
> > > > > -device
> > > > >
> virtserialport,bus=virtio-serial0.0,nr=1,chardev=charchannel0,id=channel0,name=com.redhat.spice.0
> > > > >
> > > > >
> > > > > or
> > > > >
> > > > >
> > > > > 
> > > > > 
> > > > > 
> > > > > 
> > > > > 
> > > > >
> > > > >
> > > > >
> > > > > >
> > > > > >
> > > > > > -Raj
> > > > >
> > > > >
> > > >
> > > >
> > >
> > >
> >
> >
>

Re: [Qemu-devel] Spice vdagent on SLED 11

[Andrew Cathrow]

- Original Message -
> From: "Raj Rajasekaran" 
> To: "Andrew Cathrow" 
> Cc: qemu-devel@nongnu.org
> Sent: Tuesday, April 24, 2012 1:38:59 PM
> Subject: Re: [Qemu-devel] Spice vdagent on SLED 11
> 
> 
> lspci listed 'Communication Controller Virtio console' as one of the
> devices exposed. But I did not see any /dev/vport*.

I wonder if virtio-console driver is in this version of SLED
What version (& service pack) are you running?


> 
> 
> On Tue, Apr 24, 2012 at 12:17 PM, Andrew Cathrow <
> acath...@redhat.com > wrote:
> 
> 
> 
> 
> 
> - Original Message -
> > From: "Raj Rajasekaran" < r...@connecttel.com >
> > To: "Andrew Cathrow" < acath...@redhat.com >
> > Cc: qemu-devel@nongnu.org
> 
> > Sent: Tuesday, April 24, 2012 12:09:32 PM
> > Subject: Re: [Qemu-devel] Spice vdagent on SLED 11
> > 
> > 
> 
> > Here it is
> > 
> > 
> > 
> > qemu -vga qxl -device qxl -global qxl-vga.vram_size=33554432
> > -device
> > virtio-serial -chardev spicevmc,id=vdagent,debug=0,name=vdagent
> > -device virtserialport,chardev=vdagent,name=com.redhat.spice.0
> > -spice port=$SPICE_PORT,image-compression=off,disable-ticketing
> > -enable-kvm -m 1024 -net
> > nic,model=e1000,vlan=0,macaddr=52:54:84:fe:00:02 -net
> > user,vlan=1,hostfwd=tcp::-:22 -net nic,model=e1000,vlan=1
> > -monitor stdio
> 
> So the right config is being passed to KVM.
> You can run lspci in the virtual machine to make sure the right PCI
> devices are being exposed.
> Then presuming the guest as virtio-serial support (and I don't know
> if SLED11 has that compiled in) then you'll see /dev/vport* (and
> potentially symlinks in /dev/virtio-ports/ depending on how udev is
> setup in SLED)
> 
> 
> 
> 
> 
> 
> > 
> > 
> > 
> > 
> > 
> > On Tue, Apr 24, 2012 at 11:03 AM, Andrew Cathrow <
> > acath...@redhat.com > wrote:
> > 
> > 
> > do you have the configuration ? is there a libvirt xml, or a
> > command
> > line in a script?
> > 
> > 
> > - Original Message -
> > > From: "Raj Rajasekaran" < r...@connecttel.com >
> > > To: "Andrew Cathrow" < acath...@redhat.com >
> > > Cc: qemu-devel@nongnu.org
> > 
> > 
> > > Sent: Tuesday, April 24, 2012 11:59:07 AM
> > > Subject: Re: [Qemu-devel] Spice vdagent on SLED 11
> > > 
> > > 
> > > Yes.
> > > 
> > > 
> > > On Tue, Apr 24, 2012 at 10:48 AM, Andrew Cathrow <
> > > acath...@redhat.com > wrote:
> > > 
> > > 
> > > 
> > > 
> > > 
> > > - Original Message -
> > > > From: "Raj Rajasekaran" < r...@connecttel.com >
> > > 
> > > > To: "Andrew Cathrow" < acath...@redhat.com >
> > > > Cc: qemu-devel@nongnu.org
> > > > Sent: Tuesday, April 24, 2012 11:43:12 AM
> > > > Subject: Re: [Qemu-devel] Spice vdagent on SLED 11
> > > > 
> > > > 
> > > > Where do I check whether VM is configured to expose this virtio
> > > > serial device? If not how to configure it.
> > > > 
> > > 
> > > Did you start/configure the VM?
> > > 
> > > 
> > > 
> > > 
> > > > 
> > > > On Mon, Apr 23, 2012 at 7:45 PM, Andrew Cathrow <
> > > > acath...@redhat.com
> > > > > wrote:
> > > > 
> > > > 
> > > > 
> > > > 
> > > > 
> > > > 
> > > > - Original Message -
> > > > > From: "Raj Rajasekaran" < r...@connecttel.com >
> > > > > To: qemu-devel@nongnu.org
> > > > > Sent: Monday, April 23, 2012 11:35:56 AM
> > > > > Subject: [Qemu-devel] Spice vdagent on SLED 11
> > > > > 
> > > > > I am not able to get Spice vdagent running on SLED 11 virtual
> > > > > machine. Log file has the error message 'Missing virtio
> > > > > device
> > > > > '/dev/virtio-ports/com.redhat.spice.0'. I am using Qemu
> > > > > v0.15.1
> > > > > and
> > > > > Spice v0.10.0.
> > > > > 
> > > > > 
> > > > > Has anyone got this work under SLED11?
> > > > 
> > > > Is your VM configured to expost a virtio-serial device named
> > > > com.redhat.spice.0 ?
> > > > 
> > > > -chardev spicevmc,id=charchannel0,name=vdagent
> > > > -device
> > > > virtserialport,bus=virtio-serial0.0,nr=1,chardev=charchannel0,id=channel0,name=com.redhat.spice.0
> > > > 
> > > > 
> > > > or
> > > > 
> > > > 
> > > > 
> > > > 
> > > > 
> > > > 
> > > > 
> > > > 
> > > > 
> > > > 
> > > > > 
> > > > > 
> > > > > -Raj
> > > > 
> > > > 
> > > 
> > > 
> > 
> > 
> 
> 

Re: [Qemu-devel] [PATCH v2 09/15] target-i386: Add property getter for CPU model

[Michael Roth]

On Tue, Apr 24, 2012 at 06:50:28PM +0200, Andreas Färber wrote:
> Am 24.04.2012 18:36, schrieb Michael Roth:
> > On Tue, Apr 24, 2012 at 11:33:35AM +0200, Andreas Färber wrote:
> >> Signed-off-by: Andreas Färber 
> >> ---
> >>  target-i386/cpu.c |   14 +-
> >>  1 files changed, 13 insertions(+), 1 deletions(-)
> >>
> >> diff --git a/target-i386/cpu.c b/target-i386/cpu.c
> >> index 9479717..643289f 100644
> >> --- a/target-i386/cpu.c
> >> +++ b/target-i386/cpu.c
> >> @@ -640,6 +640,18 @@ static void x86_cpuid_version_set_family(Object *obj, 
> >> Visitor *v, void *opaque,
> >>  }
> >>  }
> >>  
> >> +static void x86_cpuid_version_get_model(Object *obj, Visitor *v, void 
> >> *opaque,
> >> +const char *name, Error **errp)
> >> +{
> >> +X86CPU *cpu = X86_CPU(obj);
> >> +CPUX86State *env = &cpu->env;
> >> +int64_t value;
> >> +
> >> +value = (env->cpuid_version >> 4) & 0xf;
> >> +value |= ((env->cpuid_version >> 16) & 0xf) << 4;
> >> +visit_type_int(v, &value, name, errp);
> >> +}
> >> +
> > 
> > Reviewed-by: Michael Roth 
> > 
> > Just a note though,
> > 
> > The setter code does:
> > 
> > env->cpuid_version &= ~0xf00f0;
> > env->cpuid_version |= ((model & 0xf) << 4) | ((model >> 4) << 16);
> > 
> > So as a result I think there's a potential for the getter to not report bits
> > that were incorrectly set and exposed to the guest, since we mask off
> > bits outside the valid range in your code. But that would be a bug in the
> > setter code/cpudef of course and could be addressed outside this series.
> 
> Sorry, I don't follow... Are you missing the if (value > 0xff) return;
> path in the setter (05/15)? Or do you have example numbers that break?

Sorry, you're right, I missed the range check you added in 05/15. Looks
good.

> 
> I did it in two lines due to the 80-char limit. And env->cpuid_version
> contains more than just the model so we must mask in the getter.
> 
> Are you saying the 16-bit limit is wrong and there should be a third
> nibble somewhere?
> 
> Andreas
> 
> -- 
> SUSE LINUX Products GmbH, Maxfeldstr. 5, 90409 Nürnberg, Germany
> GF: Jeff Hawn, Jennifer Guild, Felix Imendörffer; HRB 16746 AG Nürnberg
> 

Re: [Qemu-devel] Spice vdagent on SLED 11

[Raj Rajasekaran]

lspci listed 'Communication Controller Virtio console' as one of the
devices exposed. But I did not see any /dev/vport*.

On Tue, Apr 24, 2012 at 12:17 PM, Andrew Cathrow wrote:

>
>
> - Original Message -
> > From: "Raj Rajasekaran" 
> > To: "Andrew Cathrow" 
> > Cc: qemu-devel@nongnu.org
> > Sent: Tuesday, April 24, 2012 12:09:32 PM
> > Subject: Re: [Qemu-devel] Spice vdagent on SLED 11
> >
> >
> > Here it is
> >
> >
> >
> > qemu -vga qxl -device qxl -global qxl-vga.vram_size=33554432 -device
> > virtio-serial -chardev spicevmc,id=vdagent,debug=0,name=vdagent
> > -device virtserialport,chardev=vdagent,name=com.redhat.spice.0
> > -spice port=$SPICE_PORT,image-compression=off,disable-ticketing
> > -enable-kvm -m 1024 -net
> > nic,model=e1000,vlan=0,macaddr=52:54:84:fe:00:02 -net
> > user,vlan=1,hostfwd=tcp::-:22 -net nic,model=e1000,vlan=1
> > -monitor stdio
>
> So the right config is being passed to KVM.
> You can run lspci in the virtual machine to make sure the right PCI
> devices are being exposed.
> Then presuming the guest as virtio-serial support (and I don't know if
> SLED11 has that compiled in) then you'll see /dev/vport* (and potentially
> symlinks in /dev/virtio-ports/ depending on how udev is setup in SLED)
>
>
>
>
> >
> >
> >
> >
> >
> > On Tue, Apr 24, 2012 at 11:03 AM, Andrew Cathrow <
> > acath...@redhat.com > wrote:
> >
> >
> > do you have the configuration ? is there a libvirt xml, or a command
> > line in a script?
> >
> >
> > - Original Message -
> > > From: "Raj Rajasekaran" < r...@connecttel.com >
> > > To: "Andrew Cathrow" < acath...@redhat.com >
> > > Cc: qemu-devel@nongnu.org
> >
> >
> > > Sent: Tuesday, April 24, 2012 11:59:07 AM
> > > Subject: Re: [Qemu-devel] Spice vdagent on SLED 11
> > >
> > >
> > > Yes.
> > >
> > >
> > > On Tue, Apr 24, 2012 at 10:48 AM, Andrew Cathrow <
> > > acath...@redhat.com > wrote:
> > >
> > >
> > >
> > >
> > >
> > > - Original Message -
> > > > From: "Raj Rajasekaran" < r...@connecttel.com >
> > >
> > > > To: "Andrew Cathrow" < acath...@redhat.com >
> > > > Cc: qemu-devel@nongnu.org
> > > > Sent: Tuesday, April 24, 2012 11:43:12 AM
> > > > Subject: Re: [Qemu-devel] Spice vdagent on SLED 11
> > > >
> > > >
> > > > Where do I check whether VM is configured to expose this virtio
> > > > serial device? If not how to configure it.
> > > >
> > >
> > > Did you start/configure the VM?
> > >
> > >
> > >
> > >
> > > >
> > > > On Mon, Apr 23, 2012 at 7:45 PM, Andrew Cathrow <
> > > > acath...@redhat.com
> > > > > wrote:
> > > >
> > > >
> > > >
> > > >
> > > >
> > > >
> > > > - Original Message -
> > > > > From: "Raj Rajasekaran" < r...@connecttel.com >
> > > > > To: qemu-devel@nongnu.org
> > > > > Sent: Monday, April 23, 2012 11:35:56 AM
> > > > > Subject: [Qemu-devel] Spice vdagent on SLED 11
> > > > >
> > > > > I am not able to get Spice vdagent running on SLED 11 virtual
> > > > > machine. Log file has the error message 'Missing virtio device
> > > > > '/dev/virtio-ports/com.redhat.spice.0'. I am using Qemu v0.15.1
> > > > > and
> > > > > Spice v0.10.0.
> > > > >
> > > > >
> > > > > Has anyone got this work under SLED11?
> > > >
> > > > Is your VM configured to expost a virtio-serial device named
> > > > com.redhat.spice.0 ?
> > > >
> > > > -chardev spicevmc,id=charchannel0,name=vdagent
> > > > -device
> > > >
> virtserialport,bus=virtio-serial0.0,nr=1,chardev=charchannel0,id=channel0,name=com.redhat.spice.0
> > > >
> > > >
> > > > or
> > > >
> > > >
> > > > 
> > > > 
> > > > 
> > > > 
> > > > 
> > > >
> > > >
> > > >
> > > > >
> > > > >
> > > > > -Raj
> > > >
> > > >
> > >
> > >
> >
> >
>

Re: [Qemu-devel] Handling of setend instruction for ARM

[Peter Maydell]

On 24 April 2012 18:04, Rajat Goyal  wrote:
> The TCG translation for the ARM setend instruction for user level binaries
> is empty. A binary which just prints "hello world" but inverts the
> endianness to big endian at the beginning of main gives a segmentation fault
> on native ARM but prints out hello world on qemu-arm.

Which version of QEMU are you using? We fixed a bug in the handling
of the Thumb encoding of SETEND recently where it would accidentally
behave as a CPS instruction... (commit d9e028c).

> So does QEMU continue under the little endian setting even after
> encountering a setend be instruction? And if so, isn't it incorrect?

QEMU doesn't support dynamic endian switching. Our behaviour (assuming
you have the bugfix I mention above) is that SETEND BE will always
cause an UNDEF exception. (This is strictly speaking incorrect since
in ARMv7 bigendian support isn't optional, but it seems the most
useful thing to do given that QEMU doesn't have the functionality.)
SETEND LE will do nothing, which is correct for everything except
big-endian BE8 linux-user mode (a corner case I've only just thought
of; for consistency, in BE8 linux-user we should make SETEND BE be
a no-op and SETEND LE cause an UNDEF.)

-- PMM

Re: [Qemu-devel] [PATCH 2/2] Expose tsc deadline timer cpuid to guest

[Eduardo Habkost]

(CCing Andre Przywara, in case he can help to clarify what's the
expected meaning of "-cpu host")

On Tue, Apr 24, 2012 at 06:06:55PM +0200, Jan Kiszka wrote:
> On 2012-04-23 22:02, Eduardo Habkost wrote:
> > On Mon, Apr 23, 2012 at 06:31:25PM +0200, Jan Kiszka wrote:
> >> However, that was how I interpreted this GET_SUPPORTED_CPUID. In fact,
> >> it is used as "kernel or hardware does not _prevent_" already. And in
> >> that sense, it's ok to enable even features that are not in
> >> kernel/hardware hands. We should point out this fact in the documentation.
> > 
> > I see GET_SUPPORTED_CPUID as just a "what userspace can enable because
> > the kernel and the hardware support it (= don't prevent it), as long as
> > userspace has the required support" (meaning A+B). It's a bit like
> > KVM_CHECK_EXTENSION, but with the nice feature that that the
> > capabilities map directly to CPUID bits.
> > 
> > So, it's not clear to me: now you are OK with adding TSC_DEADLINE to
> > GET_SUPPORTED_CPUID?
> > 
> > But we still have the issue of "-cpu host" not knowing what can be
> > safely enabled (without userspace feature-specific setup code), or not.
> > Do you have any suggestion for that? Avi, do you have any suggestion?
> 
> First of all, I bet this was already broken with the introduction of
> x2apic. So TSC deadline won't make it worse. I guess we need to address
> this in userspace, first by masking those features out, later by
> actually emulating them.

I am not sure I understand what you are proposing. Let me explain the
use case I am thinking about:

- Feature FOO is of type (A) (e.g. just a new instruction set that
  doesn't require additional userspace support)
- User has a Qemu vesion that doesn't know anything about feature FOO
- User gets a new CPU that supports feature FOO
- User gets a new kernel that supports feature FOO (i.e. has FOO in
  GET_SUPPORTED_CPUID)
- User does _not_ upgrade Qemu.
- User expects to get feature FOO enabled if using "-cpu host", without
  upgrading Qemu.

The problem here is: to support the above use-case, userspace need a
probing mechanism that can differentiate _new_ (previously unknown)
features that are in group (A) (safe to blindly enable) from features
that are in group (B) (that can't be enabled without an userspace
upgrade).

In short, it becomes a problem if we consider the following case:

- Feature BAR is of type (B) (it can't be enabled without extra
  userspace support)
- User has a Qemu version that doesn't know anything about feature BAR
- User gets a new CPU that supports feature BAR
- User gets a new kernel that supports feature BAR (i.e. has BAR in
  GET_SUPPORTED_CPUID)
- User does _not_ upgrade Qemu.
- User simply shouldn't get feature BAR enabled, even if using "-cpu
  host", otherwise Qemu would break.

If userspace always limited itself to features it knows about, it would
be really easy to implement the feature without any new probing
mechanism from the kernel. But that's not how I think users expect "-cpu
host" to work. Maybe I am wrong, I don't know. I am CCing Andre, who
introduced the "-cpu host" feature, in case he can explain what's the
expected semantics on the cases above.

> 
> > 
> > And I still don't know the answer to:
> > 
> >>> - How to precisely define the groups (A) and (B)?
> >>>   - "requires additional code only if migration is required" qualifies
> >>> as (B) or (A)?
> > 
> > 
> > Re: documentation, isn't the following paragraph (already present on
> > api.txt) sufficient?
> > 
> > "The entries returned are the host cpuid as returned by the cpuid
> > instruction, with unknown or unsupported features masked out.  Some
> > features (for example, x2apic), may not be present in the host cpu, but
> > are exposed by kvm if it can emulate them efficiently."
> 
> That suggests such features are always emulated - which is not true.
> They are either emulated, or nothing _prevents_ their emulation by user
> space.

Well... it's a bit more complicated than that: the current semantics are
a bit more than "doesn't prevent", as in theory every single feature can
be emulated by userspace, without any help from the kernel. So, if
"doesn't prevent" were the only criteria, the kernel would set every
single feature bit on GET_SUPPORTED_CPUID, making it not very useful.

At least in the case of x2apic, the kernel is using GET_SUPPORTED_CPUID
to expose a _capability_ too: when x2apic is present on
GET_SUPPORTED_CPUID, userspace knows that in addition to "not
preventing" the feature from being enabled, the kernel is now able to
emulate x2apic (if proper setup is made by userspace). A kernel that
can't emulate x2apic (even if userspace was allowed to emulate it
completely in userspace) would never have x2apic enabled on
GET_SUPPORTED_CPUID.

Like I said previously, in the end GET_SUPPORTED_CPUID is just a
capability querying mechanism like KVM_CHECK_EXTENSION (where each
extension have a specific kernel-capability meaning), but with the nice
feature 

Re: [Qemu-devel] Spice vdagent on SLED 11

[Andrew Cathrow]

- Original Message -
> From: "Raj Rajasekaran" 
> To: "Andrew Cathrow" 
> Cc: qemu-devel@nongnu.org
> Sent: Tuesday, April 24, 2012 12:09:32 PM
> Subject: Re: [Qemu-devel] Spice vdagent on SLED 11
> 
> 
> Here it is
> 
> 
> 
> qemu -vga qxl -device qxl -global qxl-vga.vram_size=33554432 -device
> virtio-serial -chardev spicevmc,id=vdagent,debug=0,name=vdagent
> -device virtserialport,chardev=vdagent,name=com.redhat.spice.0
> -spice port=$SPICE_PORT,image-compression=off,disable-ticketing
> -enable-kvm -m 1024 -net
> nic,model=e1000,vlan=0,macaddr=52:54:84:fe:00:02 -net
> user,vlan=1,hostfwd=tcp::-:22 -net nic,model=e1000,vlan=1
> -monitor stdio

So the right config is being passed to KVM.
You can run lspci in the virtual machine to make sure the right PCI devices are 
being exposed.
Then presuming the guest as virtio-serial support (and I don't know if SLED11 
has that compiled in) then you'll see /dev/vport* (and potentially symlinks in 
/dev/virtio-ports/ depending on how udev is setup in SLED)




> 
> 
> 
> 
> 
> On Tue, Apr 24, 2012 at 11:03 AM, Andrew Cathrow <
> acath...@redhat.com > wrote:
> 
> 
> do you have the configuration ? is there a libvirt xml, or a command
> line in a script?
> 
> 
> - Original Message -
> > From: "Raj Rajasekaran" < r...@connecttel.com >
> > To: "Andrew Cathrow" < acath...@redhat.com >
> > Cc: qemu-devel@nongnu.org
> 
> 
> > Sent: Tuesday, April 24, 2012 11:59:07 AM
> > Subject: Re: [Qemu-devel] Spice vdagent on SLED 11
> > 
> > 
> > Yes.
> > 
> > 
> > On Tue, Apr 24, 2012 at 10:48 AM, Andrew Cathrow <
> > acath...@redhat.com > wrote:
> > 
> > 
> > 
> > 
> > 
> > - Original Message -
> > > From: "Raj Rajasekaran" < r...@connecttel.com >
> > 
> > > To: "Andrew Cathrow" < acath...@redhat.com >
> > > Cc: qemu-devel@nongnu.org
> > > Sent: Tuesday, April 24, 2012 11:43:12 AM
> > > Subject: Re: [Qemu-devel] Spice vdagent on SLED 11
> > > 
> > > 
> > > Where do I check whether VM is configured to expose this virtio
> > > serial device? If not how to configure it.
> > > 
> > 
> > Did you start/configure the VM?
> > 
> > 
> > 
> > 
> > > 
> > > On Mon, Apr 23, 2012 at 7:45 PM, Andrew Cathrow <
> > > acath...@redhat.com
> > > > wrote:
> > > 
> > > 
> > > 
> > > 
> > > 
> > > 
> > > - Original Message -
> > > > From: "Raj Rajasekaran" < r...@connecttel.com >
> > > > To: qemu-devel@nongnu.org
> > > > Sent: Monday, April 23, 2012 11:35:56 AM
> > > > Subject: [Qemu-devel] Spice vdagent on SLED 11
> > > > 
> > > > I am not able to get Spice vdagent running on SLED 11 virtual
> > > > machine. Log file has the error message 'Missing virtio device
> > > > '/dev/virtio-ports/com.redhat.spice.0'. I am using Qemu v0.15.1
> > > > and
> > > > Spice v0.10.0.
> > > > 
> > > > 
> > > > Has anyone got this work under SLED11?
> > > 
> > > Is your VM configured to expost a virtio-serial device named
> > > com.redhat.spice.0 ?
> > > 
> > > -chardev spicevmc,id=charchannel0,name=vdagent
> > > -device
> > > virtserialport,bus=virtio-serial0.0,nr=1,chardev=charchannel0,id=channel0,name=com.redhat.spice.0
> > > 
> > > 
> > > or
> > > 
> > > 
> > > 
> > > 
> > > 
> > > 
> > > 
> > > 
> > > 
> > > 
> > > > 
> > > > 
> > > > -Raj
> > > 
> > > 
> > 
> > 
> 
> 

Re: [Qemu-devel] [PATCH v3 3/4] xilinx_spi: initial version

[Peter Maydell]

On 20 April 2012 03:12, Peter A. G. Crosthwaite
 wrote:
> device model for xilinx XPS SPI controller (v2.0)
>
> Signed-off-by: Peter A. G. Crosthwaite 
> ---
> changed from v2:
> converted spi api to ssi api
> changed from v1:
> converted spi api to modified txrx style
>
>  Makefile.target |    1 +
>  hw/xilinx_spi.c |  453 
> +++
>  2 files changed, 454 insertions(+), 0 deletions(-)
>  create mode 100644 hw/xilinx_spi.c
>
> diff --git a/Makefile.target b/Makefile.target
> index 3f7c38e..e163c64 100644
> --- a/Makefile.target
> +++ b/Makefile.target
> @@ -327,6 +327,7 @@ obj-microblaze-y = petalogix_s3adsp1800_mmu.o
>  obj-microblaze-y += petalogix_ml605_mmu.o
>  obj-microblaze-y += microblaze_boot.o
>  obj-microblaze-y += m25p80.o
> +obj-microblaze-y += xilinx_spi.o
>
>  obj-microblaze-y += microblaze_pic_cpu.o
>  obj-microblaze-y += xilinx_intc.o
> diff --git a/hw/xilinx_spi.c b/hw/xilinx_spi.c
> new file mode 100644
> index 000..82a6b32
> --- /dev/null
> +++ b/hw/xilinx_spi.c
> @@ -0,0 +1,453 @@
> +/*
> + * QEMU model of the Xilinx SPI Controller
> + *
> + * Copyright (C) 2010 Edgar E. Iglesias.
> + * Copyright (C) 2012 Peter A. G. Crosthwaite 
> 
> + * Copyright (C) 2012 PetaLogix
> + *
> + * Permission is hereby granted, free of charge, to any person obtaining a 
> copy
> + * of this software and associated documentation files (the "Software"), to 
> deal
> + * in the Software without restriction, including without limitation the 
> rights
> + * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
> + * copies of the Software, and to permit persons to whom the Software is
> + * furnished to do so, subject to the following conditions:
> + *
> + * The above copyright notice and this permission notice shall be included in
> + * all copies or substantial portions of the Software.
> + *
> + * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
> + * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
> + * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL
> + * THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
> + * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING 
> FROM,
> + * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
> + * THE SOFTWARE.
> + */
> +
> +#include "sysbus.h"
> +#include "sysemu.h"
> +#include "ptimer.h"
> +#include "qemu-log.h"
> +
> +#include "ssi.h"
> +
> +#ifdef XILINX_SPI_ERR_DEBUG
> +#define DB_PRINT(...) do { \
> +    fprintf(stderr,  ": %s: ", __func__); \
> +    fprintf(stderr, ## __VA_ARGS__); \
> +    } while (0);
> +#else
> +    #define DB_PRINT(...)
> +#endif
> +
> +#define R_DGIER     (0x1c / 4)
> +#define R_DGIER_IE  (1 << 31)
> +
> +#define R_IPISR     (0x20 / 4)
> +#define IRQ_DRR_NOT_EMPTY    (1 << (31 - 23))
> +#define IRQ_DRR_OVERRUN      (1 << (31 - 26))
> +#define IRQ_DRR_FULL         (1 << (31 - 27))
> +#define IRQ_TX_FF_HALF_EMPTY (1 << 6)
> +#define IRQ_DTR_UNDERRUN     (1 << 3)
> +#define IRQ_DTR_EMPTY        (1 << (31 - 29))
> +
> +#define R_IPIER     (0x28 / 4)
> +#define R_SRR       (0x40 / 4)
> +#define R_SPICR     (0x60 / 4)
> +#define R_SPICR_TXFF_RST     (1 << 5)
> +#define R_SPICR_RXFF_RST     (1 << 6)
> +#define R_SPICR_MTI          (1 << 8)
> +
> +#define R_SPISR     (0x64 / 4)
> +#define SR_TX_FULL    (1 << 3)
> +#define SR_TX_EMPTY   (1 << 2)
> +#define SR_RX_FULL    (1 << 1)
> +#define SR_RX_EMPTY   (1 << 0)
> +
> +
> +#define R_SPIDTR    (0x68 / 4)
> +#define R_SPIDRR    (0x6C / 4)
> +#define R_SPISSR    (0x70 / 4)
> +#define R_TX_FF_OCY (0x74 / 4)
> +#define R_RX_FF_OCY (0x78 / 4)
> +#define R_MAX       (0x7C / 4)
> +
> +struct XilinxSPI {
> +    SysBusDevice busdev;
> +    MemoryRegion mmio;
> +    qemu_irq irq;
> +    int irqline;
> +
> +    QEMUBH *bh;
> +    ptimer_state *ptimer;
> +
> +    SSIBus *spi;
> +
> +    uint32_t c_fifo_exist;
> +
> +    uint8_t rx_fifo[256];
> +    unsigned int rx_fifo_pos;
> +    unsigned int rx_fifo_len;
> +
> +    uint8_t tx_fifo[256];
> +    unsigned int tx_fifo_pos;
> +    unsigned int tx_fifo_len;
> +
> +    /* Slave select.  */
> +    uint8_t num_cs;
> +    int cmd_ongoing;
> +
> +    uint32_t regs[R_MAX];
> +};

Needs save/load support.

> +
> +static void txfifo_reset(struct XilinxSPI *s)
> +{
> +    s->tx_fifo_pos = 0;
> +    s->tx_fifo_len = 0;
> +
> +    s->regs[R_SPISR] &= ~SR_TX_FULL;
> +    s->regs[R_SPISR] |= SR_TX_EMPTY;
> +    s->regs[R_SPISR] &= ~SR_TX_FULL;

Duplicate of the first line, some typo here??

> +    s->regs[R_IPISR] |= IRQ_DTR_EMPTY;

> +}
> +
> +static void rxfifo_reset(struct XilinxSPI *s)
> +{
> +    s->rx_fifo_pos = 0;
> +    s->rx_fifo_len = 0;
> +
> +    s->regs[R_SPISR] |= SR_RX_EMPTY;
> +    s->regs[R_SPISR] &= ~SR_RX_FULL;
> +    s->regs[R_IPISR] &= ~IRQ_DRR_NOT_EMPTY;
> +    s->regs[R_IPISR] &= ~IRQ_DRR_OVERRUN;
> +}
> +
> +static void xlx_spi_reset(struct Xili

Re: [Qemu-devel] [PATCH v3 2/4] m25p80: initial verion

[Peter Maydell]

On 20 April 2012 03:12, Peter A. G. Crosthwaite
 wrote:
> Subject: [PATCH v3 2/4] m25p80: initial verion

> Added device model for m25p80 SPI flash

This commit message could be improved; I'd suggest a summary line of
"m25p80: Initial implementation of SPI flash device"


>
> Signed-off-by: Peter A. G. Crosthwaite 
> ---
> changed from v2:
> updated for SSI slave interface
> used async io (suggested - Stefan Hajnoczi)
> changed from v1:
> converted spi api to modified txrx style
> factored out lots of common code and inlined overly short single call 
> functions.
> undated for txrx style spi interface
>
>  Makefile.target |    1 +
>  hw/m25p80.c     |  378 
> +++
>  2 files changed, 379 insertions(+), 0 deletions(-)
>  create mode 100644 hw/m25p80.c
>
> diff --git a/Makefile.target b/Makefile.target
> index 84951a0..3f7c38e 100644
> --- a/Makefile.target
> +++ b/Makefile.target
> @@ -326,6 +326,7 @@ obj-mips-$(CONFIG_FULONG) += bonito.o vt82c686.o 
> mips_fulong2e.o
>  obj-microblaze-y = petalogix_s3adsp1800_mmu.o
>  obj-microblaze-y += petalogix_ml605_mmu.o
>  obj-microblaze-y += microblaze_boot.o
> +obj-microblaze-y += m25p80.o
>
>  obj-microblaze-y += microblaze_pic_cpu.o
>  obj-microblaze-y += xilinx_intc.o
> diff --git a/hw/m25p80.c b/hw/m25p80.c
> new file mode 100644
> index 000..e6c1f3b
> --- /dev/null
> +++ b/hw/m25p80.c
> @@ -0,0 +1,378 @@
> +/*
> + * ST M25P80 emulator.

"ST M25P80 SPI Flash device." -- don't force readers to go and google
for the part number to find out what it is :-)

> + *
> + * Copyright (C) 2011 Edgar E. Iglesias 
> + * Copyright (C) 2012 Peter A. G. Crosthwaite 
> 
> + * Copyright (C) 2012 PetaLogix
> + *
> + * This program is free software; you can redistribute it and/or
> + * modify it under the terms of the GNU General Public License as
> + * published by the Free Software Foundation; either version 2 or
> + * (at your option) version 3 of the License.

Do we really want "GPL 2 or 3", rather than "2 or later" ?

> + *
> + * This program is distributed in the hope that it will be useful,
> + * but WITHOUT ANY WARRANTY; without even the implied warranty of
> + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
> + * GNU General Public License for more details.
> + *
> + * You should have received a copy of the GNU General Public License along
> + * with this program; if not, see .
> + */
> +
> +#include "hw.h"
> +#include "blockdev.h"
> +#include "ssi.h"
> +#include "devices.h"
> +
> +#ifdef M25P80_ERR_DEBUG
> +#define DB_PRINT(...) do { \
> +    fprintf(stderr,  ": %s: ", __func__); \
> +    fprintf(stderr, ## __VA_ARGS__); \
> +    } while (0);
> +#else
> +    #define DB_PRINT(...)
> +#endif
> +
> +enum FlashCMD {
> +    NOP = 0,
> +    PP = 0x2,
> +    READ = 0x3,
> +    WRDI = 0x4,
> +    RDSR = 0x5,
> +    WREN = 0x6,
> +    FAST_READ = 0xb,
> +    SECTOR_ERASE = 0x20,
> +    BLOCK_ERASE32 = 0x52,
> +    JEDEC_READ = 0x9f,
> +    CHIP_ERASE = 0xc7,
> +};
> +
> +enum CMDState {
> +    STATE_IDLE,
> +    STATE_PAGE_PROGRAM,
> +    STATE_READ,
> +    STATE_COLLECTING_DATA,
> +    STATE_READING_DATA,
> +};
> +
> +struct flash {
> +    SSISlave ssidev;
> +    uint32_t r;
> +
> +    BlockDriverState *bdrv;
> +    enum CMDState state;
> +
> +    uint8_t *storage;
> +    uint64_t size;
> +    int pagesize;
> +    int sectorsize;
> +    int blocksize;
> +
> +    uint8_t data[16];
> +    int len;
> +    int pos;
> +    int wrap_read;
> +    int needed_bytes;
> +    enum FlashCMD cmd_in_progress;
> +
> +    int64_t dirty_page;
> +
> +    uint64_t waddr;
> +    int write_enable;
> +};

Missing save/load support (which will cause you to want to turn a lot
of those 'int's into either 'bool' or known-width types).

> +
> +static void bdrv_sync_complete(void *opaque, int ret)
> +{
> +
> +}

Is there really nothing to do here? If so, perhaps a comment explaining
why...

> +
> +static void flash_sync_page(struct flash *s, int page)
> +{
> +    if (s->bdrv) {
> +        int bdrv_sector, nb_sectors;
> +        QEMUIOVector iov;
> +
> +        bdrv_sector = (page * s->pagesize) / 512;
> +        nb_sectors = (s->pagesize + 511) / 512;

There's a DIV_ROUND_UP macro, if you like:
  nb_sectors = DIV_ROUND_UP(s->pagesize, BDRV_SECTOR_SIZE);
(though it isn't really used much in qemu currently.)

> +        qemu_iovec_init(&iov, 1);
> +        qemu_iovec_add(&iov, s->storage + bdrv_sector * 512,
> +                                                    nb_sectors * 512);

Lots of hardcoded 512 here and elsewhere, you probably mean
BDRV_SECTOR_SIZE.

> +        bdrv_aio_writev(s->bdrv, bdrv_sector, &iov, nb_sectors,
> +                                                bdrv_sync_complete, NULL);
> +    }
> +}
> +
> +static inline void flash_sync_area(struct flash *s, int64_t off, int64_t len)
> +{
> +    int64_t start, end;
> +
> +    if (!s->bdrv) {
> +        return;
> +    }
> +
> +    start = off / 

[Qemu-devel] Handling of setend instruction for ARM

[Rajat Goyal]

The TCG translation for the ARM setend instruction for user level binaries
is empty. A binary which just prints "hello world" but inverts the
endianness to big endian at the beginning of main gives a segmentation
fault on native ARM but prints out hello world on qemu-arm.

So does QEMU continue under the little endian setting even after
encountering a setend be instruction? And if so, isn't it incorrect?

Rajat.

[Qemu-devel] [PATCH 13/14] usb-uhci: update irq line on reset

[Gerd Hoffmann]

uhci_reset() clears irq mask and irq status registers, but doesn't
update the irq line.  Which may result in suspious IRQs after uhci
reset.  Fix it.

Signed-off-by: Gerd Hoffmann 
---
 hw/usb/hcd-uhci.c |1 +
 1 files changed, 1 insertions(+), 0 deletions(-)

diff --git a/hw/usb/hcd-uhci.c b/hw/usb/hcd-uhci.c
index 266d550..9e211a0 100644
--- a/hw/usb/hcd-uhci.c
+++ b/hw/usb/hcd-uhci.c
@@ -369,6 +369,7 @@ static void uhci_reset(void *opaque)
 }
 
 uhci_async_cancel_all(s);
+uhci_update_irq(s);
 }
 
 static void uhci_pre_save(void *opaque)
-- 
1.7.1

Re: [Qemu-devel] [PATCH 1/3] qemu-iotests: Many parallel allocating I/O requests

[Kevin Wolf]

Am 24.04.2012 17:19, schrieb Eric Blake:
> On 04/24/2012 09:16 AM, Kevin Wolf wrote:
>> Am 24.04.2012 16:38, schrieb Kevin Wolf:
>>> This test case manages to let qcow2 abort because its cache is used up
>>> and it can't find free cache entries for new requests any more.
>>>
>>> Signed-off-by: Kevin Wolf 
>>> ---
>>>  tests/qemu-iotests/035 |   72 
>>>  tests/qemu-iotests/035.out |  392 
>>> 
>>>  tests/qemu-iotests/group   |1 +
>>>  3 files changed, 465 insertions(+), 0 deletions(-)
>>>  create mode 100755 tests/qemu-iotests/035
>>>  create mode 100644 tests/qemu-iotests/035.out
>>>
>>> diff --git a/tests/qemu-iotests/035 b/tests/qemu-iotests/035
>>> new file mode 100755
>>> index 000..297734e
>>> --- /dev/null
>>> +++ b/tests/qemu-iotests/035
>>> @@ -0,0 +1,72 @@
>>> +#!/bin/bash
>>> +#
>>> +# Let a few AIO requests run in parallel and have them access different L2
>>> +# tables so that the cache has a chance to get used up.
>>> +#
>>> +# Copyright (C) 2009 Red Hat, Inc.
> 
> The test is really 3 years old?

Heh, almost. ;-)

Thanks, fixed it up locally.

Kevin

[Qemu-devel] [PATCHv3 3/3] virtio: order index/descriptor reads

[Michael S. Tsirkin]

virtio has the equivalent of:

if (vq->last_avail_index != vring_avail_idx(vq)) {
read descriptor head at vq->last_avail_index;
}

In theory, processor can reorder descriptor head
read to happen speculatively before the index read.
this would trigger the following race:

host descriptor head read <- reads invalid head from ring
guest writes valid descriptor head
guest writes avail index
host avail index read <- observes valid index

as a result host will use an invalid head value.
This was not observed in the field by me but after
the experience with the previous two races
I think it is prudent to address this theoretical race condition.

Signed-off-by: Michael S. Tsirkin 
---
 hw/virtio.c|5 +
 qemu-barrier.h |   12 +++-
 2 files changed, 16 insertions(+), 1 deletions(-)

diff --git a/hw/virtio.c b/hw/virtio.c
index def0bf1..c081e1b 100644
--- a/hw/virtio.c
+++ b/hw/virtio.c
@@ -287,6 +287,11 @@ static int virtqueue_num_heads(VirtQueue *vq, unsigned int 
idx)
  idx, vring_avail_idx(vq));
 exit(1);
 }
+/* On success, callers read a descriptor at vq->last_avail_idx.
+ * Make sure descriptor read does not bypass avail index read. */
+if (num_heads) {
+smp_rmb();
+}
 
 return num_heads;
 }
diff --git a/qemu-barrier.h b/qemu-barrier.h
index f0b842e..c89d312 100644
--- a/qemu-barrier.h
+++ b/qemu-barrier.h
@@ -24,10 +24,13 @@
 #define smp_mb() asm volatile("lock; addl $0,0(%%esp) " ::: "memory")
 #endif
 
+#define smp_rmb() smp_mb()
+
 #elif defined(__x86_64__)
 
 #define smp_wmb()   barrier()
 #define smp_mb() asm volatile("mfence" ::: "memory")
+#define smp_rmb() asm volatile("lfence" ::: "memory")
 
 #elif defined(_ARCH_PPC)
 
@@ -39,16 +42,23 @@
 #define smp_wmb()   asm volatile("eieio" ::: "memory")
 #define smp_mb()   asm volatile("sync" ::: "memory")
 
+#if defined(__powerpc64__)
+#define smp_rmb()   asm volatile("lwsync" ::: "memory")
+#else
+#define smp_rmb()   asm volatile("sync" ::: "memory")
+#endif
+
 #else
 
 /*
  * For (host) platforms we don't have explicit barrier definitions
  * for, we use the gcc __sync_synchronize() primitive to generate a
  * full barrier.  This should be safe on all platforms, though it may
- * be overkill for wmb().
+ * be overkill for wmb() and rmb().
  */
 #define smp_wmb()   __sync_synchronize()
 #define smp_mb()   __sync_synchronize()
+#define smp_rmb()   __sync_synchronize()
 
 #endif
 
-- 
MST

Re: [Qemu-devel] [PATCH v2 09/15] target-i386: Add property getter for CPU model

[Andreas Färber]

Am 24.04.2012 18:36, schrieb Michael Roth:
> On Tue, Apr 24, 2012 at 11:33:35AM +0200, Andreas Färber wrote:
>> Signed-off-by: Andreas Färber 
>> ---
>>  target-i386/cpu.c |   14 +-
>>  1 files changed, 13 insertions(+), 1 deletions(-)
>>
>> diff --git a/target-i386/cpu.c b/target-i386/cpu.c
>> index 9479717..643289f 100644
>> --- a/target-i386/cpu.c
>> +++ b/target-i386/cpu.c
>> @@ -640,6 +640,18 @@ static void x86_cpuid_version_set_family(Object *obj, 
>> Visitor *v, void *opaque,
>>  }
>>  }
>>  
>> +static void x86_cpuid_version_get_model(Object *obj, Visitor *v, void 
>> *opaque,
>> +const char *name, Error **errp)
>> +{
>> +X86CPU *cpu = X86_CPU(obj);
>> +CPUX86State *env = &cpu->env;
>> +int64_t value;
>> +
>> +value = (env->cpuid_version >> 4) & 0xf;
>> +value |= ((env->cpuid_version >> 16) & 0xf) << 4;
>> +visit_type_int(v, &value, name, errp);
>> +}
>> +
> 
> Reviewed-by: Michael Roth 
> 
> Just a note though,
> 
> The setter code does:
> 
> env->cpuid_version &= ~0xf00f0;
> env->cpuid_version |= ((model & 0xf) << 4) | ((model >> 4) << 16);
> 
> So as a result I think there's a potential for the getter to not report bits
> that were incorrectly set and exposed to the guest, since we mask off
> bits outside the valid range in your code. But that would be a bug in the
> setter code/cpudef of course and could be addressed outside this series.

Sorry, I don't follow... Are you missing the if (value > 0xff) return;
path in the setter (05/15)? Or do you have example numbers that break?

I did it in two lines due to the 80-char limit. And env->cpuid_version
contains more than just the model so we must mask in the getter.

Are you saying the 16-bit limit is wrong and there should be a third
nibble somewhere?

Andreas

-- 
SUSE LINUX Products GmbH, Maxfeldstr. 5, 90409 Nürnberg, Germany
GF: Jeff Hawn, Jennifer Guild, Felix Imendörffer; HRB 16746 AG Nürnberg

[Qemu-devel] [PATCH] target-ppc: Some support for dumping TLB_EMB TLBs

[François Revol]

Add mmubooke_dump_mmu().

TODO: Add printing of individual flags.

Signed-off-by: François Revol 
---
 target-ppc/helper.c |   49 +
 1 file changed, 49 insertions(+)

diff --git a/target-ppc/helper.c b/target-ppc/helper.c
index c610ce3..c998efc 100644
--- a/target-ppc/helper.c
+++ b/target-ppc/helper.c
@@ -1466,6 +1466,52 @@ static const char *book3e_tsize_to_str[32] = {
 "1T", "2T"
 };
 
+static void mmubooke_dump_mmu(FILE *f, fprintf_function cpu_fprintf,
+ CPUPPCState *env)
+{
+ppcemb_tlb_t *entry;
+int i;
+
+if (kvm_enabled() && !env->kvm_sw_tlb) {
+cpu_fprintf(f, "Cannot access KVM TLB\n");
+return;
+}
+
+cpu_fprintf(f, "\nTLB:\n");
+cpu_fprintf(f, "Effective  Physical   Size PID   Prot 
Attr\n");
+
+entry = &env->tlb.tlbe[0];
+for (i = 0; i < env->nb_tlb; i++, entry++) {
+target_phys_addr_t ea, pa;
+target_ulong mask;
+uint64_t size = (uint64_t)entry->size;
+char size_buff[20];
+
+/* Check valid flag */
+if (!(entry->prot & PAGE_VALID)) {
+continue;
+}
+
+mask = ~(entry->size - 1);
+ea = entry->EPN & mask;
+pa = entry->RPN & mask;
+#if (TARGET_PHYS_ADDR_BITS >= 36)
+/* Extend the physical address to 36 bits */
+pa |= (target_phys_addr_t)(entry->RPN & 0xF) << 32;
+#endif
+size /= 1024;
+if (size >= 1024)
+snprintf(size_buff, sizeof(size_buff), "%3" PRId64 "M", size / 
1024);
+else
+snprintf(size_buff, sizeof(size_buff), "%3" PRId64 "k", size);
+cpu_fprintf(f, "0x%016" PRIx64 " 0x%016" PRIx64 " %s %-5u %08x %08x\n",
+(uint64_t)ea, (uint64_t)pa,
+size_buff, (uint32_t)entry->PID,
+entry->prot, entry->attr);
+}
+
+}
+
 static void mmubooke206_dump_one_tlb(FILE *f, fprintf_function cpu_fprintf,
  CPUPPCState *env, int tlbn, int offset,
  int tlbsize)
@@ -1561,6 +1607,9 @@ static void mmubooks_dump_mmu(FILE *f, fprintf_function 
cpu_fprintf,
 void dump_mmu(FILE *f, fprintf_function cpu_fprintf, CPUPPCState *env)
 {
 switch (env->mmu_model) {
+case POWERPC_MMU_BOOKE:
+mmubooke_dump_mmu(f, cpu_fprintf, env);
+break;
 case POWERPC_MMU_BOOKE206:
 mmubooke206_dump_mmu(f, cpu_fprintf, env);
 break;
-- 
1.7.10

[Qemu-devel] [PATCH 12/14] usb: add serial number generator

[Gerd Hoffmann]

This patch adds a function which creates unique serial numbers for usb
devices and puts it into use.  Windows guests tend to become unhappy if
they find two identical usb devices in the system.  Effects range from
non-functional devices (with yellow exclamation mark in device manager)
to BSODs.  Handing out unique serial numbers to devices fixes this.

With this patch applied almost all emulated devices get a generated,
unique serial number.  There are two exceptions:

 * usb-storage devices will prefer a user-specified serial number
   and will only get a generated number in case the serial property
   is unset.
 * usb-hid devices keep the fixed serial number "42" as it is used
   to signal "remote wakeup actually works".
   See commit 7b074a22dab4bdda9864b933f1bc811a3db42845

Signed-off-by: Gerd Hoffmann 
---
 hw/usb/desc.c |   32 
 hw/usb/desc.h |1 +
 hw/usb/dev-audio.c|1 +
 hw/usb/dev-bluetooth.c|1 +
 hw/usb/dev-hub.c  |1 +
 hw/usb/dev-network.c  |1 +
 hw/usb/dev-serial.c   |1 +
 hw/usb/dev-smartcard-reader.c |1 +
 hw/usb/dev-storage.c  |2 ++
 hw/usb/dev-wacom.c|1 +
 10 files changed, 42 insertions(+), 0 deletions(-)

diff --git a/hw/usb/desc.c b/hw/usb/desc.c
index 3c77368..e8a3c6a 100644
--- a/hw/usb/desc.c
+++ b/hw/usb/desc.c
@@ -1,3 +1,5 @@
+#include 
+
 #include "hw/usb.h"
 #include "hw/usb/desc.h"
 #include "trace.h"
@@ -412,6 +414,36 @@ void usb_desc_set_string(USBDevice *dev, uint8_t index, 
const char *str)
 s->str = g_strdup(str);
 }
 
+/*
+ * This function creates a serial number for a usb device.
+ * The serial number should:
+ *   (a) Be unique within the virtual machine.
+ *   (b) Be constant, so you don't get a new one each
+ *   time the guest is started.
+ * So we are using the physical location to generate a serial number
+ * from it.  It has three pieces:  First a fixed, device-specific
+ * prefix.  Second the device path of the host controller (which is
+ * the pci address in most cases).  Third the physical port path.
+ * Results in serial numbers like this: "314159-:00:1d.7-3".
+ */
+void usb_desc_create_serial(USBDevice *dev)
+{
+DeviceState *hcd = dev->qdev.parent_bus->parent;
+const USBDesc *desc = usb_device_get_usb_desc(dev);
+int index = desc->id.iSerialNumber;
+char serial[64];
+int dst;
+
+assert(index != 0 && desc->str[index] != NULL);
+dst = snprintf(serial, sizeof(serial), "%s", desc->str[index]);
+if (hcd && hcd->parent_bus && hcd->parent_bus->info->get_dev_path) {
+char *path = hcd->parent_bus->info->get_dev_path(hcd);
+dst += snprintf(serial+dst, sizeof(serial)-dst, "-%s", path);
+}
+dst += snprintf(serial+dst, sizeof(serial)-dst, "-%s", dev->port->path);
+usb_desc_set_string(dev, index, serial);
+}
+
 const char *usb_desc_get_string(USBDevice *dev, uint8_t index)
 {
 USBDescString *s;
diff --git a/hw/usb/desc.h b/hw/usb/desc.h
index d164e8f..7cf5442 100644
--- a/hw/usb/desc.h
+++ b/hw/usb/desc.h
@@ -171,6 +171,7 @@ int usb_desc_other(const USBDescOther *desc, uint8_t *dest, 
size_t len);
 void usb_desc_init(USBDevice *dev);
 void usb_desc_attach(USBDevice *dev);
 void usb_desc_set_string(USBDevice *dev, uint8_t index, const char *str);
+void usb_desc_create_serial(USBDevice *dev);
 const char *usb_desc_get_string(USBDevice *dev, uint8_t index);
 int usb_desc_string(USBDevice *dev, int index, uint8_t *dest, size_t len);
 int usb_desc_get_descriptor(USBDevice *dev, int value, uint8_t *dest, size_t 
len);
diff --git a/hw/usb/dev-audio.c b/hw/usb/dev-audio.c
index 426b95c..79b75fb 100644
--- a/hw/usb/dev-audio.c
+++ b/hw/usb/dev-audio.c
@@ -648,6 +648,7 @@ static int usb_audio_initfn(USBDevice *dev)
 {
 USBAudioState *s = DO_UPCAST(USBAudioState, dev, dev);
 
+usb_desc_create_serial(dev);
 usb_desc_init(dev);
 s->dev.opaque = s;
 AUD_register_card("usb-audio", &s->card);
diff --git a/hw/usb/dev-bluetooth.c b/hw/usb/dev-bluetooth.c
index 195370c..6b74eff 100644
--- a/hw/usb/dev-bluetooth.c
+++ b/hw/usb/dev-bluetooth.c
@@ -494,6 +494,7 @@ static void usb_bt_handle_destroy(USBDevice *dev)
 
 static int usb_bt_initfn(USBDevice *dev)
 {
+usb_desc_create_serial(dev);
 usb_desc_init(dev);
 return 0;
 }
diff --git a/hw/usb/dev-hub.c b/hw/usb/dev-hub.c
index 9c91665..b5962da 100644
--- a/hw/usb/dev-hub.c
+++ b/hw/usb/dev-hub.c
@@ -520,6 +520,7 @@ static int usb_hub_initfn(USBDevice *dev)
 USBHubPort *port;
 int i;
 
+usb_desc_create_serial(dev);
 usb_desc_init(dev);
 s->intr = usb_ep_get(dev, USB_TOKEN_IN, 1);
 for (i = 0; i < NUM_PORTS; i++) {
diff --git a/hw/usb/dev-network.c b/hw/usb/dev-network.c
index cff55f2..b238a09 100644
--- a/hw/usb/dev-network.c
+++ b/hw/usb/dev-network.c
@@ -1324,6 +1324,7 @@ static int usb_net_initfn(USBDevice *dev)
 {
 USBNetState *s = DO_UPCAST(USBN

[Qemu-devel] [PATCH 05/14] usb-host: don't dereference invalid iovecs

[Gerd Hoffmann]

usb-host assumes the first iovec element is always valid.
In case of a zero-length packet this isn't true though.

Signed-off-by: Gerd Hoffmann 
---
 hw/usb/host-linux.c |6 +++---
 1 files changed, 3 insertions(+), 3 deletions(-)

diff --git a/hw/usb/host-linux.c b/hw/usb/host-linux.c
index 061a1b7..c3684c8 100644
--- a/hw/usb/host-linux.c
+++ b/hw/usb/host-linux.c
@@ -884,16 +884,16 @@ static int usb_host_handle_data(USBDevice *dev, USBPacket 
*p)
 }
 
 v = 0;
-prem = p->iov.iov[v].iov_len;
-pbuf = p->iov.iov[v].iov_base;
+prem = 0;
+pbuf = NULL;
 rem = p->iov.size;
 while (rem) {
 if (prem == 0) {
-v++;
 assert(v < p->iov.niov);
 prem = p->iov.iov[v].iov_len;
 pbuf = p->iov.iov[v].iov_base;
 assert(prem <= rem);
+v++;
 }
 aurb = async_alloc(s);
 aurb->packet = p;
-- 
1.7.1

Re: [Qemu-devel] [PATCH v3 1/4] SSI: Built in multiple device support

[Peter Maydell]

On 20 April 2012 03:12, Peter A. G. Crosthwaite
 wrote:
> Added support for multiple devices attached to a single SSI bus (Previously
> SSI masters with multiple slaves were emulated as multiple point to point SSI
> busses)

>  static struct BusInfo ssi_bus_info = {
>     .name = "SSI",
>     .size = sizeof(SSIBus),
> +    .props = (Property[]) {
> +        DEFINE_PROP_INT32("ss", struct SSISlave, ss, 0),

"ss" is a terrible name for a property. Can we have something
a little less abbreviated, please?

>  SSIBus *ssi_create_bus(DeviceState *parent, const char *name)
>  {
> -    BusState *bus;
> -    bus = qbus_create(&ssi_bus_info, parent, name);
> -    return FROM_QBUS(SSIBus, bus);
> +    SSIBus *bus;
> +
> +    bus = FROM_QBUS(SSIBus, qbus_create(&ssi_bus_info, parent, name));
> +    vmstate_register(NULL, -1, &vmstate_ssi_bus, bus);
> +    return  bus;

Stray double space.

> +void ssi_select_slave(SSIBus *bus, int32_t ss)
> +{
> +    SSISlave *slave;
> +    SSISlaveClass *ssc;
> +
> +    if (bus->ss == ss) {
> +        return;
> +    }
> +
> +    slave = get_current_slave(bus);
> +    if (slave) {
> +        ssc = SSI_SLAVE_GET_CLASS(slave);
> +        if (ssc->set_cs) {
> +            ssc->set_cs(slave, 0);
> +        }
> +    }
> +    bus->ss = ss;

Something wrong here. If bus->ss is a property you can't modify
it randomly at runtime. (It won't get put back to the right
value at reset, for instance.)

-- PMM

Re: [Qemu-devel] [PATCH v2 09/15] target-i386: Add property getter for CPU model

[Michael Roth]

On Tue, Apr 24, 2012 at 11:33:35AM +0200, Andreas Färber wrote:
> Signed-off-by: Andreas Färber 
> ---
>  target-i386/cpu.c |   14 +-
>  1 files changed, 13 insertions(+), 1 deletions(-)
> 
> diff --git a/target-i386/cpu.c b/target-i386/cpu.c
> index 9479717..643289f 100644
> --- a/target-i386/cpu.c
> +++ b/target-i386/cpu.c
> @@ -640,6 +640,18 @@ static void x86_cpuid_version_set_family(Object *obj, 
> Visitor *v, void *opaque,
>  }
>  }
>  
> +static void x86_cpuid_version_get_model(Object *obj, Visitor *v, void 
> *opaque,
> +const char *name, Error **errp)
> +{
> +X86CPU *cpu = X86_CPU(obj);
> +CPUX86State *env = &cpu->env;
> +int64_t value;
> +
> +value = (env->cpuid_version >> 4) & 0xf;
> +value |= ((env->cpuid_version >> 16) & 0xf) << 4;
> +visit_type_int(v, &value, name, errp);
> +}
> +

Reviewed-by: Michael Roth 

Just a note though,

The setter code does:

env->cpuid_version &= ~0xf00f0;
env->cpuid_version |= ((model & 0xf) << 4) | ((model >> 4) << 16);

So as a result I think there's a potential for the getter to not report bits
that were incorrectly set and exposed to the guest, since we mask off
bits outside the valid range in your code. But that would be a bug in the
setter code/cpudef of course and could be addressed outside this series.

>  static void x86_cpuid_version_set_model(Object *obj, Visitor *v, void 
> *opaque,
>  const char *name, Error **errp)
>  {
> @@ -1557,7 +1569,7 @@ static void x86_cpu_initfn(Object *obj)
>  x86_cpuid_version_get_family,
>  x86_cpuid_version_set_family, NULL, NULL, NULL);
>  object_property_add(obj, "model", "int",
> -NULL,
> +x86_cpuid_version_get_model,
>  x86_cpuid_version_set_model, NULL, NULL, NULL);
>  object_property_add(obj, "stepping", "int",
>  NULL,
> -- 
> 1.7.7
> 
> 

Re: [Qemu-devel] [PATCH] Add mmubooke_dump_mmu

[François Revol]

On 24/04/2012 18:22, François Revol wrote:
> The following patch adds some support for dumping the TLBs of type
> TLB_EMB, at least enough to see the mappings.
> I wasn't sure how to deal with the flags anyway, it seems to me the
> struct lacks some stuff needed for system emulation, so it will probably
> need some revamping for the new target I'm adding.
> 
> François.
> 

Ditch that, I'll use git to send it, icedove finally discovered how to
line-wrap at the worst moment.

François.

[Qemu-devel] [PATCH 08/14] usb-xhci: fix bit test

[Gerd Hoffmann]

From: Lai Jiangshan 

use & instead of the wrong &&

Signed-off-by: Lai Jiangshan 
Signed-off-by: Gerd Hoffmann 
---
 hw/usb/hcd-xhci.c |2 +-
 1 files changed, 1 insertions(+), 1 deletions(-)

diff --git a/hw/usb/hcd-xhci.c b/hw/usb/hcd-xhci.c
index fd13bba..5cf1a64 100644
--- a/hw/usb/hcd-xhci.c
+++ b/hw/usb/hcd-xhci.c
@@ -501,7 +501,7 @@ static void xhci_irq_update(XHCIState *xhci)
 int level = 0;
 
 if (xhci->iman & IMAN_IP && xhci->iman & IMAN_IE &&
-xhci->usbcmd && USBCMD_INTE) {
+xhci->usbcmd & USBCMD_INTE) {
 level = 1;
 }
 
-- 
1.7.1

[Qemu-devel] [PATCH 10/14] usb-redir: Reset device address and speed on disconnect

[Gerd Hoffmann]

From: Hans de Goede 

Without this disconnected devices look like the last redirected device
in the monitor in "info usb".

Signed-off-by: Hans de Goede 
Signed-off-by: Gerd Hoffmann 
---
 hw/usb/redirect.c |2 ++
 1 files changed, 2 insertions(+), 0 deletions(-)

diff --git a/hw/usb/redirect.c b/hw/usb/redirect.c
index 3e6e7e9..b2576e8 100644
--- a/hw/usb/redirect.c
+++ b/hw/usb/redirect.c
@@ -1136,6 +1136,8 @@ static void usbredir_device_disconnect(void *priv)
 }
 usb_ep_init(&dev->dev);
 dev->interface_info.interface_count = NO_INTERFACE_INFO;
+dev->dev.addr = 0;
+dev->dev.speed = 0;
 }
 
 static void usbredir_interface_info(void *priv,
-- 
1.7.1

Re: [Qemu-devel] [PATCHv4 3/3] virtio: order index/descriptor reads

[Paolo Bonzini]

Il 24/04/2012 18:21, Michael S. Tsirkin ha scritto:
>  
> +#define smp_rmb() smp_mb()
> +
>  #elif defined(__x86_64__)
>  

This #define seems spurious, but I may be reading the patch wrong.

Paolo

[Qemu-devel] [PATCH 11/14] usb-redir: Not finding an async urb id is not an error

[Gerd Hoffmann]

From: Hans de Goede 

We clear our pending async urb list on device disconnect and we may still
receive "packet complete" packets from our peer after this, which will then
refer to packet ids no longer in our list.

Signed-off-by: Hans de Goede 
Signed-off-by: Gerd Hoffmann 
---
 hw/usb/redirect.c |2 +-
 1 files changed, 1 insertions(+), 1 deletions(-)

diff --git a/hw/usb/redirect.c b/hw/usb/redirect.c
index b2576e8..51c27b4 100644
--- a/hw/usb/redirect.c
+++ b/hw/usb/redirect.c
@@ -277,7 +277,7 @@ static AsyncURB *async_find(USBRedirDevice *dev, uint32_t 
packet_id)
 return aurb;
 }
 }
-ERROR("could not find async urb for packet_id %u\n", packet_id);
+DPRINTF("could not find async urb for packet_id %u\n", packet_id);
 return NULL;
 }
 
-- 
1.7.1

[Qemu-devel] [PATCH] Add mmubooke_dump_mmu

[François Revol]

The following patch adds some support for dumping the TLBs of type
TLB_EMB, at least enough to see the mappings.
I wasn't sure how to deal with the flags anyway, it seems to me the
struct lacks some stuff needed for system emulation, so it will probably
need some revamping for the new target I'm adding.

François.

Signed-off-by: François Revol 

diff --git a/target-ppc/helper.c b/target-ppc/helper.c
index c610ce3..c998efc 100644
--- a/target-ppc/helper.c
+++ b/target-ppc/helper.c
@@ -1466,6 +1466,52 @@ static const char *book3e_tsize_to_str[32] = {
 "1T", "2T"
 };

+static void mmubooke_dump_mmu(FILE *f, fprintf_function cpu_fprintf,
+ CPUPPCState *env)
+{
+ppcemb_tlb_t *entry;
+int i;
+
+if (kvm_enabled() && !env->kvm_sw_tlb) {
+cpu_fprintf(f, "Cannot access KVM TLB\n");
+return;
+}
+
+cpu_fprintf(f, "\nTLB:\n");
+cpu_fprintf(f, "Effective  Physical   Size PID
Prot Attr\n");
+
+entry = &env->tlb.tlbe[0];
+for (i = 0; i < env->nb_tlb; i++, entry++) {
+target_phys_addr_t ea, pa;
+target_ulong mask;
+uint64_t size = (uint64_t)entry->size;
+char size_buff[20];
+
+/* Check valid flag */
+if (!(entry->prot & PAGE_VALID)) {
+continue;
+}
+
+mask = ~(entry->size - 1);
+ea = entry->EPN & mask;
+pa = entry->RPN & mask;
+#if (TARGET_PHYS_ADDR_BITS >= 36)
+/* Extend the physical address to 36 bits */
+pa |= (target_phys_addr_t)(entry->RPN & 0xF) << 32;
+#endif
+size /= 1024;
+if (size >= 1024)
+snprintf(size_buff, sizeof(size_buff), "%3" PRId64 "M",
size / 1024);
+else
+snprintf(size_buff, sizeof(size_buff), "%3" PRId64 "k", size);
+cpu_fprintf(f, "0x%016" PRIx64 " 0x%016" PRIx64 " %s %-5u %08x
%08x\n",
+(uint64_t)ea, (uint64_t)pa,
+size_buff, (uint32_t)entry->PID,
+entry->prot, entry->attr);
+}
+
+}
+
 static void mmubooke206_dump_one_tlb(FILE *f, fprintf_function cpu_fprintf,
  CPUPPCState *env, int tlbn, int
offset,
  int tlbsize)
@@ -1561,6 +1607,9 @@ static void mmubooks_dump_mmu(FILE *f,
fprintf_function cpu_fprintf,
 void dump_mmu(FILE *f, fprintf_function cpu_fprintf, CPUPPCState *env)
 {
 switch (env->mmu_model) {
+case POWERPC_MMU_BOOKE:
+mmubooke_dump_mmu(f, cpu_fprintf, env);
+break;
 case POWERPC_MMU_BOOKE206:
 mmubooke206_dump_mmu(f, cpu_fprintf, env);
 break;

[Qemu-devel] [PATCHv4 3/3] virtio: order index/descriptor reads

[Michael S. Tsirkin]

virtio has the equivalent of:

if (vq->last_avail_index != vring_avail_idx(vq)) {
read descriptor head at vq->last_avail_index;
}

In theory, processor can reorder descriptor head
read to happen speculatively before the index read.
this would trigger the following race:

host descriptor head read <- reads invalid head from ring
guest writes valid descriptor head
guest writes avail index
host avail index read <- observes valid index

as a result host will use an invalid head value.
This was not observed in the field by me but after
the experience with the previous two races
I think it is prudent to address this theoretical race condition.

Signed-off-by: Michael S. Tsirkin 
---
 hw/virtio.c|5 +
 qemu-barrier.h |   16 ++--
 2 files changed, 19 insertions(+), 2 deletions(-)

diff --git a/hw/virtio.c b/hw/virtio.c
index def0bf1..c081e1b 100644
--- a/hw/virtio.c
+++ b/hw/virtio.c
@@ -287,6 +287,11 @@ static int virtqueue_num_heads(VirtQueue *vq, unsigned int 
idx)
  idx, vring_avail_idx(vq));
 exit(1);
 }
+/* On success, callers read a descriptor at vq->last_avail_idx.
+ * Make sure descriptor read does not bypass avail index read. */
+if (num_heads) {
+smp_rmb();
+}
 
 return num_heads;
 }
diff --git a/qemu-barrier.h b/qemu-barrier.h
index f0b842e..d136d30 100644
--- a/qemu-barrier.h
+++ b/qemu-barrier.h
@@ -7,12 +7,13 @@
 #if defined(__i386__)
 
 /*
- * Because of the strongly ordered x86 storage model, wmb() is a nop
+ * Because of the strongly ordered x86 storage model, wmb() and rmb() are nops
  * on x86(well, a compiler barrier only).  Well, at least as long as
  * qemu doesn't do accesses to write-combining memory or non-temporal
  * load/stores from C code.
  */
 #define smp_wmb()   barrier()
+#define smp_rmb()   barrier()
 /*
  * We use GCC builtin if it's available, as that can use
  * mfence on 32 bit as well, e.g. if built with -march=pentium-m.
@@ -24,9 +25,12 @@
 #define smp_mb() asm volatile("lock; addl $0,0(%%esp) " ::: "memory")
 #endif
 
+#define smp_rmb() smp_mb()
+
 #elif defined(__x86_64__)
 
 #define smp_wmb()   barrier()
+#define smp_rmb() barrier()
 #define smp_mb() asm volatile("mfence" ::: "memory")
 
 #elif defined(_ARCH_PPC)
@@ -37,6 +41,13 @@
  * each other
  */
 #define smp_wmb()   asm volatile("eieio" ::: "memory")
+
+#if defined(__powerpc64__)
+#define smp_rmb()   asm volatile("lwsync" ::: "memory")
+#else
+#define smp_rmb()   asm volatile("sync" ::: "memory")
+#endif
+
 #define smp_mb()   asm volatile("sync" ::: "memory")
 
 #else
@@ -45,10 +56,11 @@
  * For (host) platforms we don't have explicit barrier definitions
  * for, we use the gcc __sync_synchronize() primitive to generate a
  * full barrier.  This should be safe on all platforms, though it may
- * be overkill for wmb().
+ * be overkill for wmb() and rmb().
  */
 #define smp_wmb()   __sync_synchronize()
 #define smp_mb()   __sync_synchronize()
+#define smp_rmb()   __sync_synchronize()
 
 #endif
 
-- 
MST

[Qemu-devel] [PATCHv4 2/3] virtio: add missing mb() on enable notification

[Michael S. Tsirkin]

This fixes an issue dual to the one fixed by
patch 'virtio: add missing mb() on notification'
and applies on top.

In this case, to enable vq kick to exit to host,
qemu writes out used flag then reads the
avail index. if these are reordered we get a race:

host avail index read: ring is empty
guest avail index write
guest flag read: exit disabled
host used flag write: enable exit

which results in a lost exit: host will never be notified about the
avail index update.  Again, happens in the field but only seems to
trigger on some specific hardware.

Insert an smp_mb barrier operation to ensure the correct ordering.

Signed-off-by: Michael S. Tsirkin 
---
 hw/virtio.c |4 
 1 files changed, 4 insertions(+), 0 deletions(-)

diff --git a/hw/virtio.c b/hw/virtio.c
index 8defd80..def0bf1 100644
--- a/hw/virtio.c
+++ b/hw/virtio.c
@@ -209,6 +209,10 @@ void virtio_queue_set_notification(VirtQueue *vq, int 
enable)
 } else {
 vring_used_flags_set_bit(vq, VRING_USED_F_NO_NOTIFY);
 }
+if (enable) {
+/* Expose avail event/used flags before caller checks the avail idx. */
+smp_mb();
+}
 }
 
 int virtio_queue_ready(VirtQueue *vq)
-- 
MST

[Qemu-devel] [PATCHv4 1/3] virtio: add missing mb() on notification

[Michael S. Tsirkin]

During normal operation, virtio first writes a used index
and then checks whether it should interrupt the guest
by reading guest avail index/flag values.

Guest does the reverse: writes the index/flag,
then checks the used ring.

The ordering is important: if host avail flag read bypasses the used
index write, we could in effect get this timing:

host avail flag read
guest enable interrupts: avail flag write
guest check used ring: ring is empty
host used index write

which results in a lost interrupt: guest will never be notified
about the used ring update.

This actually can happen when using kvm with an io thread,
such that the guest vcpu and qemu run on different host cpus,
and this has actually been observed in the field
(but only seems to trigger on very specific processor types)
with userspace virtio: vhost has the necessary smp_mb()
in place to prevent the regordering, so the same workload stalls
forever waiting for an interrupt with vhost=off but works
fine with vhost=on.

Insert an smp_mb barrier operation in userspace virtio to
ensure the correct ordering.
Applying this patch fixed the race condition we have observed.
Tested on x86_64. I checked the code generated by the new macro
for i386 and ppc but didn't run virtio.

Note: mb could in theory be implemented by __sync_synchronize, but this
would make us hit old GCC bugs. Besides old GCC
not implementing __sync_synchronize at all, there were bugs
http://gcc.gnu.org/bugzilla/show_bug.cgi?id=36793
in this functionality as recently as in 4.3.

As we need asm for rmb,wmb anyway, it's just as well to
use it for mb.

Signed-off-by: Michael S. Tsirkin 
---
 hw/virtio.c|2 ++
 qemu-barrier.h |   23 ---
 2 files changed, 22 insertions(+), 3 deletions(-)

diff --git a/hw/virtio.c b/hw/virtio.c
index f805790..8defd80 100644
--- a/hw/virtio.c
+++ b/hw/virtio.c
@@ -693,6 +693,8 @@ static bool vring_notify(VirtIODevice *vdev, VirtQueue *vq)
 {
 uint16_t old, new;
 bool v;
+/* We need to expose used array entries before checking used event. */
+smp_mb();
 /* Always notify when queue is empty (when feature acknowledge) */
 if (((vdev->guest_features & (1 << VIRTIO_F_NOTIFY_ON_EMPTY)) &&
  !vq->inuse && vring_avail_idx(vq) == vq->last_avail_idx)) {
diff --git a/qemu-barrier.h b/qemu-barrier.h
index c11bb2b..f0b842e 100644
--- a/qemu-barrier.h
+++ b/qemu-barrier.h
@@ -4,7 +4,7 @@
 /* Compiler barrier */
 #define barrier()   asm volatile("" ::: "memory")
 
-#if defined(__i386__) || defined(__x86_64__)
+#if defined(__i386__)
 
 /*
  * Because of the strongly ordered x86 storage model, wmb() is a nop
@@ -13,15 +13,31 @@
  * load/stores from C code.
  */
 #define smp_wmb()   barrier()
+/*
+ * We use GCC builtin if it's available, as that can use
+ * mfence on 32 bit as well, e.g. if built with -march=pentium-m.
+ * However, on i386, there seem to be known bugs as recently as 4.3.
+ * */
+#if defined(__GNUC__) && __GNUC__ >= 4 && __GNUC_MINOR__ >= 4
+#define smp_mb() __sync_synchronize()
+#else
+#define smp_mb() asm volatile("lock; addl $0,0(%%esp) " ::: "memory")
+#endif
+
+#elif defined(__x86_64__)
+
+#define smp_wmb()   barrier()
+#define smp_mb() asm volatile("mfence" ::: "memory")
 
 #elif defined(_ARCH_PPC)
 
 /*
- * We use an eieio() for a wmb() on powerpc.  This assumes we don't
+ * We use an eieio() for wmb() on powerpc.  This assumes we don't
  * need to order cacheable and non-cacheable stores with respect to
  * each other
  */
 #define smp_wmb()   asm volatile("eieio" ::: "memory")
+#define smp_mb()   asm volatile("sync" ::: "memory")
 
 #else
 
@@ -29,9 +45,10 @@
  * For (host) platforms we don't have explicit barrier definitions
  * for, we use the gcc __sync_synchronize() primitive to generate a
  * full barrier.  This should be safe on all platforms, though it may
- * be overkill.
+ * be overkill for wmb().
  */
 #define smp_wmb()   __sync_synchronize()
+#define smp_mb()   __sync_synchronize()
 
 #endif
 
-- 
MST

[Qemu-devel] [PATCHv4 0/3] virtio: fix memory access races

[Michael S. Tsirkin]

This is a follow-up to my previous patch: it turns
out that a single mb() isn't sufficient as network
loss could still be triggered under stress.

Changes from v3:
Make smp_rmb() with a compiler barrier on x86: reported by paolo.

Changes from v2:
Fix up GCC detection: reported by malc.
Fix barriers on PPC: reported by paolo.
Fix typo breaking bisect: reported by paolo.

Changes from v1:
Patch 1 is repost of v1.

The following two patches fix more races found
by code inspection and comparison with vhost
in kernel. After applying these
patches, no more network loss was observed.

Michael S. Tsirkin (3):
  virtio: add missing mb() on notification
  virtio: add missing mb() on enable notification
  virtio: order index/descriptor reads

 hw/virtio.c|   11 +++
 qemu-barrier.h |   37 +
 2 files changed, 44 insertions(+), 4 deletions(-)

-- 
MST

[Qemu-devel] [PATCH 14/14] usb-host: add timeout handler

[Gerd Hoffmann]

Add a timeout handler.  In case bulk transfers take too long to finish
the request will be canceled.  The timeout is tunable via property, by
default it is 5 seconds.

Signed-off-by: Gerd Hoffmann 
---
 hw/usb/host-linux.c |   27 +++
 trace-events|1 +
 2 files changed, 28 insertions(+), 0 deletions(-)

diff --git a/hw/usb/host-linux.c b/hw/usb/host-linux.c
index 048f8ff..616e51c 100644
--- a/hw/usb/host-linux.c
+++ b/hw/usb/host-linux.c
@@ -110,6 +110,8 @@ typedef struct USBHostDevice {
 int   closing;
 uint32_t  iso_urb_count;
 uint32_t  options;
+uint32_t  timeout_secs;
+uint32_t  timeout_count;
 Notifier  exit;
 
 struct endp_data ep_in[USB_MAX_ENDPOINTS];
@@ -276,6 +278,7 @@ struct AsyncURB
 struct usbdevfs_iso_packet_desc isocpd[ISO_FRAME_DESC_PER_URB];
 USBHostDevice *hdev;
 QLIST_ENTRY(AsyncURB) next;
+QEMUTimer *timeout;
 
 /* For regular async urbs */
 USBPacket *packet;
@@ -285,16 +288,34 @@ struct AsyncURB
 int iso_frame_idx; /* -1 means in flight */
 };
 
+static void async_timeout(void *opaque)
+{
+AsyncURB *aurb = opaque;
+USBHostDevice *s = aurb->hdev;
+
+s->timeout_count++;
+if (s->timeout_count < 10 ||
+s->timeout_count % 10 == 0) {
+fprintf(stderr, "husb: urb timeout (%d secs, #%d)\n",
+s->timeout_secs, s->timeout_count);
+}
+trace_usb_host_urb_timeout(s->bus_num, s->addr, aurb);
+ioctl(s->fd, USBDEVFS_DISCARDURB, aurb);
+}
+
 static AsyncURB *async_alloc(USBHostDevice *s)
 {
 AsyncURB *aurb = g_malloc0(sizeof(AsyncURB));
 aurb->hdev = s;
 QLIST_INSERT_HEAD(&s->aurbs, aurb, next);
+aurb->timeout = qemu_new_timer_ns(vm_clock, async_timeout, aurb);
 return aurb;
 }
 
 static void async_free(AsyncURB *aurb)
 {
+qemu_del_timer(aurb->timeout);
+qemu_free_timer(aurb->timeout);
 QLIST_REMOVE(aurb, next);
 g_free(aurb);
 }
@@ -938,6 +959,11 @@ static int usb_host_handle_data(USBDevice *dev, USBPacket 
*p)
 return USB_RET_STALL;
 }
 }
+if (urb->type == USBDEVFS_URB_TYPE_BULK) {
+qemu_mod_timer(aurb->timeout, qemu_get_clock_ns(vm_clock)
+   + s->timeout_secs * get_ticks_per_sec());
+}
+
 } while (rem > 0);
 
 return USB_RET_ASYNC;
@@ -1444,6 +1470,7 @@ static Property usb_host_dev_properties[] = {
 DEFINE_PROP_HEX32("vendorid",  USBHostDevice, match.vendor_id,  0),
 DEFINE_PROP_HEX32("productid", USBHostDevice, match.product_id, 0),
 DEFINE_PROP_UINT32("isobufs",  USBHostDevice, iso_urb_count,4),
+DEFINE_PROP_UINT32("timeout",  USBHostDevice, timeout_secs, 5),
 DEFINE_PROP_INT32("bootindex", USBHostDevice, bootindex,-1),
 DEFINE_PROP_BIT("pipeline",USBHostDevice, options,
 USB_HOST_OPT_PIPELINE, true),
diff --git a/trace-events b/trace-events
index 87cb96c..710eb28 100644
--- a/trace-events
+++ b/trace-events
@@ -329,6 +329,7 @@ usb_host_req_canceled(int bus, int addr, void *p) "dev 
%d:%d, packet %p"
 usb_host_urb_submit(int bus, int addr, void *aurb, int length, int more) "dev 
%d:%d, aurb %p, length %d, more %d"
 usb_host_urb_complete(int bus, int addr, void *aurb, int status, int length, 
int more) "dev %d:%d, aurb %p, status %d, length %d, more %d"
 usb_host_urb_canceled(int bus, int addr, void *aurb) "dev %d:%d, aurb %p"
+usb_host_urb_timeout(int bus, int addr, void *aurb) "dev %d:%d, aurb %p"
 usb_host_ep_set_halt(int bus, int addr, int ep) "dev %d:%d, ep %d"
 usb_host_ep_clear_halt(int bus, int addr, int ep) "dev %d:%d, ep %d"
 usb_host_ep_start_iso(int bus, int addr, int ep) "dev %d:%d, ep %d"
-- 
1.7.1

Re: [Qemu-devel] [PATCH v4] ARM: Exynos4210 IRQ: Introduce new IRQ gate functionality.

[Peter Maydell]

On 24 April 2012 05:19, Evgeny Voevodin  wrote:
> New IRQ gate consists of n_in input qdev gpio lines and one
> output sysbus IRQ line. The output IRQ level is formed as OR
> between all gpio inputs.
>
> Signed-off-by: Evgeny Voevodin 

Reviewed-by: Peter Maydell 

Not convinced it's worth putting into master at this point though,
given we're in softfreeze and only a week before hardfreeze, so
I've put it in arm-devs.next but don't plan to submit a pullreq
for it before hardfreeze.

-- PMM

Re: [Qemu-devel] [PATCHv2 3/3] virtio: order index/descriptor reads

[Paolo Bonzini]

Il 24/04/2012 18:08, Michael S. Tsirkin ha scritto:
> On Tue, Apr 24, 2012 at 05:40:07PM +0200, Paolo Bonzini wrote:
>> I would be grateful if, instead of fixing the qemu-barrier.h parts of
>> the patches, you picked up the (sole) patch in the atomics branch of
>> git://github.com/bonzini/qemu.git.  The constructs there are more
>> complete than what we have in qemu-barrier.h,
>
> Sorry this is just a bugfix in virtio, don't see a reason to make
> it depend on a wholesale rework of atomics.

 The reason is that your fixes didn't work on PPC, and were suboptimal on
 x86
>>>
>>> I'll fix PPC but I'll stick to the barriers the way Linux implements
>>> them. They pairing rules for these are well documented so we
>>> just need to stick to the rules.
>>
>> Sure, and smp_rmb() *is* a no-op on Linux:
>>
>> #ifdef CONFIG_SMP
>> #define smp_mb()mb()
>> #ifdef CONFIG_X86_PPRO_FENCE
>> # define smp_rmb()  rmb()<-- this is an lfence on x86_64
>> #else
>> # define smp_rmb()  barrier()<-- this is not
>> #endif
>> #ifdef CONFIG_X86_OOSTORE
>> # define smp_wmb()  wmb()
>> #else
>> # define smp_wmb()  barrier()
>> #endif
>> #endif
> 
> Hmm, you are right. I'll make it a compiler barrier and add a comment
> similar to wmb on x86 explaining that we don't use non-temporals.
> Thanks for clarifying this.

No problem. :)

If you search the qemu-devel archives you can find me saying very wrong
things on memory barriers.  When I realized that I did my homework, and
the homework was the atomics patch.

BTW, one of the authors of the C11 atomics stuff is Paul McKenney, so
there is some cross-pollination between C and Linux atomics.

Paolo

[Qemu-devel] [PATCH 02/14] usb-ehci: add missing usb_packet_init() call

[Gerd Hoffmann]

Signed-off-by: Gerd Hoffmann 
---
 hw/usb/core.c |1 +
 hw/usb/hcd-ehci.c |1 +
 2 files changed, 2 insertions(+), 0 deletions(-)

diff --git a/hw/usb/core.c b/hw/usb/core.c
index 9a14a53..0e02da7 100644
--- a/hw/usb/core.c
+++ b/hw/usb/core.c
@@ -501,6 +501,7 @@ void usb_packet_set_state(USBPacket *p, USBPacketState 
state)
 void usb_packet_setup(USBPacket *p, int pid, USBEndpoint *ep)
 {
 assert(!usb_packet_is_inflight(p));
+assert(p->iov.iov != NULL);
 p->pid = pid;
 p->ep = ep;
 p->result = 0;
diff --git a/hw/usb/hcd-ehci.c b/hw/usb/hcd-ehci.c
index 10a5b15..c6f21ac 100644
--- a/hw/usb/hcd-ehci.c
+++ b/hw/usb/hcd-ehci.c
@@ -664,6 +664,7 @@ static EHCIQueue *ehci_alloc_queue(EHCIState *ehci, int 
async)
 
 q = g_malloc0(sizeof(*q));
 q->ehci = ehci;
+usb_packet_init(&q->packet);
 QTAILQ_INSERT_HEAD(head, q, next);
 trace_usb_ehci_queue_action(q, "alloc");
 return q;
-- 
1.7.1

[Qemu-devel] [PATCH 06/14] usb-host: fix zero-length packets

[Gerd Hoffmann]

usb-host optimizes away zero-length packets by not entering the
processing loop at all.  Which isn't correct, we should submit a
zero-length urb to the host devicein that case.  This patch makes
sure we run the processing loop at least once.

Signed-off-by: Gerd Hoffmann 
---
 hw/usb/host-linux.c |6 +++---
 1 files changed, 3 insertions(+), 3 deletions(-)

diff --git a/hw/usb/host-linux.c b/hw/usb/host-linux.c
index c3684c8..048f8ff 100644
--- a/hw/usb/host-linux.c
+++ b/hw/usb/host-linux.c
@@ -887,8 +887,8 @@ static int usb_host_handle_data(USBDevice *dev, USBPacket 
*p)
 prem = 0;
 pbuf = NULL;
 rem = p->iov.size;
-while (rem) {
-if (prem == 0) {
+do {
+if (prem == 0 && rem > 0) {
 assert(v < p->iov.niov);
 prem = p->iov.iov[v].iov_len;
 pbuf = p->iov.iov[v].iov_base;
@@ -938,7 +938,7 @@ static int usb_host_handle_data(USBDevice *dev, USBPacket 
*p)
 return USB_RET_STALL;
 }
 }
-}
+} while (rem > 0);
 
 return USB_RET_ASYNC;
 }
-- 
1.7.1

[Qemu-devel] [PATCH 03/14] usb-ehci: Ensure frindex writes leave a valid frindex value

[Gerd Hoffmann]

From: Hans de Goede 

frindex is a 14 bits counter, so bits 31-14 should always be 0, and
after the commit titled "usb-ehci: frindex always is a 14 bits counter"
we rely on frindex always being a multiple of 8. I've not seen this in
practice, but theoretically a guest can write a value >= 0x4000 or a value
which is not a multiple of 8 value to frindex, this patch ensures that
things will still work when that happens.

Signed-off-by: Hans de Goede 
Signed-off-by: Gerd Hoffmann 
---
 hw/usb/hcd-ehci.c |4 
 1 files changed, 4 insertions(+), 0 deletions(-)

diff --git a/hw/usb/hcd-ehci.c b/hw/usb/hcd-ehci.c
index c6f21ac..4ff4d40 100644
--- a/hw/usb/hcd-ehci.c
+++ b/hw/usb/hcd-ehci.c
@@ -1101,6 +1101,10 @@ static void ehci_mem_writel(void *ptr, 
target_phys_addr_t addr, uint32_t val)
 val &= USBINTR_MASK;
 break;
 
+case FRINDEX:
+val &= 0x3ff8; /* frindex is 14bits and always a multiple of 8 */
+break;
+
 case CONFIGFLAG:
 val &= 0x1;
 if (val) {
-- 
1.7.1

Re: [Qemu-devel] Spice vdagent on SLED 11

[Raj Rajasekaran]

Here it is

qemu -vga qxl -device qxl -global qxl-vga.vram_size=33554432 -device
virtio-serial -chardev spicevmc,id=vdagent,debug=0,name=vdagent -device
virtserialport,chardev=vdagent,name=com.redhat.spice.0 -spice
port=$SPICE_PORT,image-compression=off,disable-ticketing -enable-kvm -m
1024 -net nic,model=e1000,vlan=0,macaddr=52:54:84:fe:00:02 -net
user,vlan=1,hostfwd=tcp::-:22 -net nic,model=e1000,vlan=1 -monitor
stdio



On Tue, Apr 24, 2012 at 11:03 AM, Andrew Cathrow wrote:

> do you have the configuration ? is there a libvirt xml, or a command line
> in a script?
>
> - Original Message -
> > From: "Raj Rajasekaran" 
> > To: "Andrew Cathrow" 
> > Cc: qemu-devel@nongnu.org
> > Sent: Tuesday, April 24, 2012 11:59:07 AM
> > Subject: Re: [Qemu-devel] Spice vdagent on SLED 11
> >
> >
> > Yes.
> >
> >
> > On Tue, Apr 24, 2012 at 10:48 AM, Andrew Cathrow <
> > acath...@redhat.com > wrote:
> >
> >
> >
> >
> >
> > - Original Message -
> > > From: "Raj Rajasekaran" < r...@connecttel.com >
> >
> > > To: "Andrew Cathrow" < acath...@redhat.com >
> > > Cc: qemu-devel@nongnu.org
> > > Sent: Tuesday, April 24, 2012 11:43:12 AM
> > > Subject: Re: [Qemu-devel] Spice vdagent on SLED 11
> > >
> > >
> > > Where do I check whether VM is configured to expose this virtio
> > > serial device? If not how to configure it.
> > >
> >
> > Did you start/configure the VM?
> >
> >
> >
> >
> > >
> > > On Mon, Apr 23, 2012 at 7:45 PM, Andrew Cathrow <
> > > acath...@redhat.com
> > > > wrote:
> > >
> > >
> > >
> > >
> > >
> > >
> > > - Original Message -
> > > > From: "Raj Rajasekaran" < r...@connecttel.com >
> > > > To: qemu-devel@nongnu.org
> > > > Sent: Monday, April 23, 2012 11:35:56 AM
> > > > Subject: [Qemu-devel] Spice vdagent on SLED 11
> > > >
> > > > I am not able to get Spice vdagent running on SLED 11 virtual
> > > > machine. Log file has the error message 'Missing virtio device
> > > > '/dev/virtio-ports/com.redhat.spice.0'. I am using Qemu v0.15.1
> > > > and
> > > > Spice v0.10.0.
> > > >
> > > >
> > > > Has anyone got this work under SLED11?
> > >
> > > Is your VM configured to expost a virtio-serial device named
> > > com.redhat.spice.0 ?
> > >
> > > -chardev spicevmc,id=charchannel0,name=vdagent
> > > -device
> > >
> virtserialport,bus=virtio-serial0.0,nr=1,chardev=charchannel0,id=channel0,name=com.redhat.spice.0
> > >
> > >
> > > or
> > >
> > >
> > > 
> > > 
> > > 
> > > 
> > > 
> > >
> > >
> > >
> > > >
> > > >
> > > > -Raj
> > >
> > >
> >
> >
>

Re: [Qemu-devel] [PATCHv2 3/3] virtio: order index/descriptor reads

[Michael S. Tsirkin]

On Tue, Apr 24, 2012 at 05:40:07PM +0200, Paolo Bonzini wrote:
>  I would be grateful if, instead of fixing the qemu-barrier.h parts of
>  the patches, you picked up the (sole) patch in the atomics branch of
>  git://github.com/bonzini/qemu.git.  The constructs there are more
>  complete than what we have in qemu-barrier.h,
> >>>
> >>> Sorry this is just a bugfix in virtio, don't see a reason to make
> >>> it depend on a wholesale rework of atomics.
> >>
> >> The reason is that your fixes didn't work on PPC, and were suboptimal on
> >> x86
> > 
> > I'll fix PPC but I'll stick to the barriers the way Linux implements
> > them. They pairing rules for these are well documented so we
> > just need to stick to the rules.
> 
> Sure, and smp_rmb() *is* a no-op on Linux:
> 
> #ifdef CONFIG_SMP
> #define smp_mb()mb()
> #ifdef CONFIG_X86_PPRO_FENCE
> # define smp_rmb()  rmb()<-- this is an lfence on x86_64
> #else
> # define smp_rmb()  barrier()<-- this is not
> #endif
> #ifdef CONFIG_X86_OOSTORE
> # define smp_wmb()  wmb()
> #else
> # define smp_wmb()  barrier()
> #endif
> #endif

Hmm, you are right. I'll make it a compiler barrier and add a comment
similar to wmb on x86 explaining that we don't use non-temporals.
Thanks for clarifying this.

-- 
MST

Re: [Qemu-devel] [PATCH 0/2] QOM'ify ARM CPU init

[Peter Maydell]

On 20 April 2012 18:39, Andreas Färber  wrote:
> This mini-series redoes your drop-reset-model-init patch 14/14 v2.
> I've investigated doing it this way for sh4 and plan to adjust all targets.

Both patches
Reviewed-by: Peter Maydell 

and I've put them into target-arm.next; I'll do a pullreq
at the end of the week.

-- PMM