Re: [Qemu-devel] [PATCH] spice: drop incorrect vm_change_state_handler() opaque

[Gerd Hoffmann]

On 01/02/13 16:56, Stefan Hajnoczi wrote:
 On Wed, Dec 19, 2012 at 02:07:16PM +0100, Stefan Hajnoczi wrote:
 The spice_server pointer is a global variable and
 vm_change_state_handler() therefore does not use its opaque parameter.

 The vm change state handler is added with a pointer to the spice_server
 pointer.  This is useless and we probably would not want 2 levels of
 pointers.

 Gerd, would you like to take this through the spice queue or should I
 put it in trivial-patches?

Taking through trivial is fine with me, especially as the spice patch
queue is empty atm ;)

thanks,
  Gerd

Re: [Qemu-devel] [PULL 0/1] update seabios

[Gerd Hoffmann]

On 01/02/13 18:09, Luigi Rizzo wrote:
 are you going to distribute a 1.3.x snapshot with the updated bios that
 lets FreeBSD boot ?

Patch is Cc'ed to qemu-stable because of the freebsd boot breakage, so
yes, this should get picked up for the 1.3.1 release.

cheers,
  Gerd

Re: [Qemu-devel] pthread_create failed: Resource temporarily unavailable

[Stefan Hajnoczi]

On Wed, Jan 2, 2013 at 8:17 PM, Christoffer Dall cd...@cs.columbia.edu wrote:
 I am seeing some brutal crashes with QEMU running virtio using KVM/ARM.

 The culprit seems to be when the process runs out of virtual address
 space on 32-bit systems due to some subsystem (virtio?) creating a
 large number of pthreads under heavy workloads.

It would be interesting to see the resource utilization at the point
of failure - virtual memory, number of threads, etc.

 Unfortunately my QEMU expertise is too limited to pin-point the exact
 fix, nor do I have resources right now to go into it, but I wanted to
 raise this issue and spread general awareness.

 Is this a known issue or something that needs to be tracked/documented at 
 least?

If you launch QEMU under gdb it will break when qemu_thread_create()
fails to create a new thread.

This may be coming from thread-pool.c:do_spawn_thread().  It shouldn't
be a fatal error since eventually an existing worker thread will
process the queued work.

Please post the backtrace so it's clear where QEMU hits the failure.

Stefan

Re: [Qemu-devel] [PATCH] hw/mcf5206: Reduce size of lookup table

[Stefan Hajnoczi]

On Sat, Dec 22, 2012 at 01:59:22PM +0100, Stefan Weil wrote:
 This typically reduces the size from 512 bytes to 128 bytes.
 
 Signed-off-by: Stefan Weil s...@weilnetz.de
 ---
  hw/mcf5206.c |2 +-
  1 file changed, 1 insertion(+), 1 deletion(-)

Thanks, applied to the trivial patches tree:
https://github.com/stefanha/qemu/commits/trivial-patches

Stefan

Re: [Qemu-devel] [Qemu-trivial] [PATCH] linux-user/syscall.c: remove forward declarations

[Stefan Hajnoczi]

On Wed, Dec 26, 2012 at 12:49:49AM +0100, John Spencer wrote:
 instead use the correct headers that define these functions.
 
 Requested-by: Stefan Weil s...@weilnetz.de
 Signed-off-by: John Spencer maillist-q...@barfooze.de
 ---
  linux-user/syscall.c |8 +++-
  1 files changed, 3 insertions(+), 5 deletions(-)

Thanks, applied to the trivial patches tree:
https://github.com/stefanha/qemu/commits/trivial-patches

Stefan

Re: [Qemu-devel] [PATCH] pseries: Remove unneeded include statement (fixes MinGW builds)

[Stefan Hajnoczi]

On Thu, Dec 20, 2012 at 07:50:41AM +0100, Stefan Weil wrote:
 sys/mman.h is not needed (tested on Linux) and unavailable for MinGW,
 so remove it.
 
 Signed-off-by: Stefan Weil s...@weilnetz.de
 ---
  hw/spapr_nvram.c |2 +-
  1 file changed, 1 insertion(+), 1 deletion(-)

I audited the code and cannot see anything that would require
sys/mman.h.

Thanks, applied to the trivial patches tree:
https://github.com/stefanha/qemu/commits/trivial-patches

Stefan

[Qemu-devel] dataplane build error

[Gerd Hoffmann]

  CChw/dataplane/vring.o
cc1: warnings being treated as errors
/home/kraxel/projects/qemu/hw/dataplane/vring.c: In function ‘vring_setup’:
/home/kraxel/projects/qemu/hw/dataplane/vring.c:46: error: implicit
declaration of function ‘trace_vring_setup’
/home/kraxel/projects/qemu/hw/dataplane/vring.c:46: error: nested extern
declaration of ‘trace_vring_setup’
gmake: *** [hw/dataplane/vring.o] Error 1

[Qemu-devel] [PATCH] linux-user/syscall.c: fix select on x86_64

[Nickolai Zeldovich]

Use the correct argument passing convention for select on x86_64.
Previously, select worked for i386 but was broken for x86_64 (always
returning EINVAL).  With this change, select works on both i386 and
x86_64.  (Other targets untested but should be unaffected.)

Signed-off-by: Nickolai Zeldovich nicko...@csail.mit.edu
---
 linux-user/syscall.c |8 +---
 1 file changed, 5 insertions(+), 3 deletions(-)

diff --git a/linux-user/syscall.c b/linux-user/syscall.c
index e99adab..5a81d9f 100644
--- a/linux-user/syscall.c
+++ b/linux-user/syscall.c
@@ -6213,7 +6213,8 @@ abi_long do_syscall(void *cpu_env, int num, abi_long arg1,
 ret = get_errno(settimeofday(tv, NULL));
 }
 break;
-#if defined(TARGET_NR_select)  !defined(TARGET_S390X)  
!defined(TARGET_S390)
+#if defined(TARGET_NR_select)  !defined(TARGET_S390X) \
+ !defined(TARGET_S390)  !defined(TARGET_X86_64)
 case TARGET_NR_select:
 {
 struct target_sel_arg_struct *sel;
@@ -7153,8 +7154,9 @@ abi_long do_syscall(void *cpu_env, int num, abi_long arg1,
 }
 break;
 #endif /* TARGET_NR_getdents64 */
-#if defined(TARGET_NR__newselect) || defined(TARGET_S390X)
-#ifdef TARGET_S390X
+#if defined(TARGET_NR__newselect) || defined(TARGET_S390X) \
+|| defined(TARGET_X86_64)
+#if defined(TARGET_S390X) || defined(TARGET_X86_64)
 case TARGET_NR_select:
 #else
 case TARGET_NR__newselect:
-- 
1.7.10.4

Re: [Qemu-devel] dataplane build error

[Stefan Weil]

Am 03.01.2013 10:30, schrieb Gerd Hoffmann:

   CChw/dataplane/vring.o
cc1: warnings being treated as errors
/home/kraxel/projects/qemu/hw/dataplane/vring.c: In function ‘vring_setup’:
/home/kraxel/projects/qemu/hw/dataplane/vring.c:46: error: implicit
declaration of function ‘trace_vring_setup’
/home/kraxel/projects/qemu/hw/dataplane/vring.c:46: error: nested extern
declaration of ‘trace_vring_setup’
gmake: *** [hw/dataplane/vring.o] Error 1



Hi Gerd,

I got this one, too. Removing a generated file trace.h fixes it.

Cheers,

Stefan W.

Re: [Qemu-devel] dataplane build error

[Stefan Hajnoczi]

On Thu, Jan 03, 2013 at 10:32:43AM +0100, Stefan Weil wrote:
 Am 03.01.2013 10:30, schrieb Gerd Hoffmann:
CChw/dataplane/vring.o
 cc1: warnings being treated as errors
 /home/kraxel/projects/qemu/hw/dataplane/vring.c: In function ‘vring_setup’:
 /home/kraxel/projects/qemu/hw/dataplane/vring.c:46: error: implicit
 declaration of function ‘trace_vring_setup’
 /home/kraxel/projects/qemu/hw/dataplane/vring.c:46: error: nested extern
 declaration of ‘trace_vring_setup’
 gmake: *** [hw/dataplane/vring.o] Error 1
 
 
 Hi Gerd,
 
 I got this one, too. Removing a generated file trace.h fixes it.

Anthony hit this yesterday with an out-of-tree build, too.

trace.h used to be generated, since
eac236ea7bfc1902126be70459e320591078df5c (build: Use separate makefile
for trace/) it is a static file.  The build system is getting
confused.

Stefan

Re: [Qemu-devel] [RFC PATCH V8 02/15] virtio-bus : Introduce virtio-bus

[KONRAD Frédéric]

On 02/01/2013 15:12, Anthony Liguori wrote:

fred.kon...@greensocs.com writes:


From: KONRAD Frederic fred.kon...@greensocs.com

Introduce virtio-bus. Refactored transport device will create a bus which
extends virtio-bus.

Signed-off-by: KONRAD Frederic fred.kon...@greensocs.com
---
  hw/Makefile.objs |   1 +
  hw/virtio-bus.c  | 169 +++
  hw/virtio-bus.h  |  98 
  3 files changed, 268 insertions(+)
  create mode 100644 hw/virtio-bus.c
  create mode 100644 hw/virtio-bus.h

diff --git a/hw/Makefile.objs b/hw/Makefile.objs
index d581d8d..6fa4de4 100644
--- a/hw/Makefile.objs
+++ b/hw/Makefile.objs
@@ -3,6 +3,7 @@ common-obj-y += loader.o
  common-obj-$(CONFIG_VIRTIO) += virtio-console.o
  common-obj-$(CONFIG_VIRTIO) += virtio-rng.o
  common-obj-$(CONFIG_VIRTIO_PCI) += virtio-pci.o
+common-obj-$(CONFIG_VIRTIO) += virtio-bus.o
  common-obj-y += fw_cfg.o
  common-obj-$(CONFIG_PCI) += pci.o pci_bridge.o pci_bridge_dev.o
  common-obj-$(CONFIG_PCI) += msix.o msi.o
diff --git a/hw/virtio-bus.c b/hw/virtio-bus.c
new file mode 100644
index 000..7a3d06e
--- /dev/null
+++ b/hw/virtio-bus.c
@@ -0,0 +1,169 @@
+/*
+ * VirtioBus
+ *
+ *  Copyright (C) 2012 : GreenSocs Ltd
+ *  http://www.greensocs.com/ , email: i...@greensocs.com
+ *
+ *  Developed by :
+ *  Frederic Konrad   fred.kon...@greensocs.com
+ *
+ * This program is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation, either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License along
+ * with this program; if not, see http://www.gnu.org/licenses/.
+ *
+ */
+
+#include hw.h
+#include qemu-error.h
+#include qdev.h
+#include virtio-bus.h
+#include virtio.h
+
+/* #define DEBUG_VIRTIO_BUS */
+
+#ifdef DEBUG_VIRTIO_BUS
+#define DPRINTF(fmt, ...) \
+do { printf(virtio_bus:  fmt , ## __VA_ARGS__); } while (0)
+#else
+#define DPRINTF(fmt, ...) do { } while (0)
+#endif
+
+/* Plug the VirtIODevice */
+int virtio_bus_plug_device(VirtIODevice *vdev)
+{
+DeviceState *qdev = DEVICE(vdev);
+BusState *qbus = BUS(qdev_get_parent_bus(qdev));
+VirtioBusState *bus = VIRTIO_BUS(qbus);
+VirtioBusClass *klass = VIRTIO_BUS_GET_CLASS(bus);
+DPRINTF(%s : plug device.\n, qbus-name);
+
+bus-vdev = vdev;
+
+if (klass-device_plugged != NULL) {
+klass-device_plugged(qbus-parent);
+}
+
+/*
+ * The lines below will disappear when we drop VirtIOBindings, at the end
+ * of the serie.

s/serie/series/g


+ */
+bus-bindings.notify = klass-notify;
+bus-bindings.save_config = klass-save_config;
+bus-bindings.save_queue = klass-save_queue;
+bus-bindings.load_config = klass-load_config;
+bus-bindings.load_queue = klass-load_queue;
+bus-bindings.load_done = klass-load_done;
+bus-bindings.get_features = klass-get_features;
+bus-bindings.query_guest_notifiers = klass-query_guest_notifiers;
+bus-bindings.set_guest_notifiers = klass-set_guest_notifiers;
+bus-bindings.set_host_notifier = klass-set_host_notifier;
+bus-bindings.vmstate_change = klass-vmstate_change;
+virtio_bind_device(bus-vdev, (bus-bindings), qbus-parent);
+/*
+ */

No need for empty comment or the parens around bus-bindings.


+
+return 0;
+}
+
+/* Reset the virtio_bus */
+void virtio_bus_reset(VirtioBusState *bus)
+{
+DPRINTF(%s : reset device.\n, qbus-name);
+if (bus-vdev != NULL) {
+virtio_reset(bus-vdev);
+}
+}
+
+/* Destroy the VirtIODevice */
+void virtio_bus_destroy_device(VirtioBusState *bus)
+{
+DeviceState *qdev;
+BusState *qbus = BUS(bus);
+VirtioBusClass *klass = VIRTIO_BUS_GET_CLASS(bus);
+DPRINTF(%s : remove device.\n, qbus-name);
+
+if (bus-vdev != NULL) {
+if (klass-device_unplug != NULL) {
+klass-device_unplug(qbus-parent);
+}
+qdev = DEVICE(bus-vdev);
+qdev_free(qdev);
+bus-vdev = NULL;
+}
+}
+
+/* Get the device id of the plugged device. */
+uint16_t get_virtio_device_id(VirtioBusState *bus)
+{
+assert(bus-vdev != NULL);
+return bus-vdev-device_id;
+}
+
+/* Get the nvectors field of the plugged device. */
+int get_virtio_device_nvectors(VirtioBusState *bus)
+{
+assert(bus-vdev != NULL);
+return bus-vdev-nvectors;
+}
+
+/* Set the nvectors field of the plugged device. */
+void set_virtio_device_nvectors(VirtioBusState *bus, int nvectors)
+{
+assert(bus-vdev != NULL);
+bus-vdev-nvectors = nvectors;
+}
+
+/* Get the config_len field of the plugged device. */

[Qemu-devel] [PATCH] linux-user/syscall.c: fix copy_to_user_fdset for fds over 30

[Nickolai Zeldovich]

On a 64-bit system (e.g., x86_64), copy_to_user_fdset populates the
bitmask returned to the user-space program by left-shifting the value
(FD_ISSET(k, fds) != 0), which is of type int, by k bits (0 through 63).

According to the C standard, left-shifting an int by 31 bits is undefined
behavior because it shifts a 1 into the sign bit, and shifting an int
by 32 bits or more is UB because it's equal to or greater than the
type's width.

The resulting behavior depends on the specific compiler, but with gcc
4.7.2 on an x86_64 host (as well as guest), select calls that were
supposed to set fd 31 on return would actually set fds 31 through 63,
and select calls that were supposed to set an fd above 31 (e.g., 48)
would set that fd mod 32 (e.g., 16).

This patch fixes the problem by casting the value (FD_ISSET(..) != 0)
to a suitably long and unsigned type before doing the left-shift, and
fixes select for fds above 32 on x86_64.

Signed-off-by: Nickolai Zeldovich nicko...@csail.mit.edu
---
 linux-user/syscall.c |2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/linux-user/syscall.c b/linux-user/syscall.c
index 5a81d9f..17c3dd6 100644
--- a/linux-user/syscall.c
+++ b/linux-user/syscall.c
@@ -912,7 +912,7 @@ static inline abi_long copy_to_user_fdset(abi_ulong 
target_fds_addr,
 for (i = 0; i  nw; i++) {
 v = 0;
 for (j = 0; j  TARGET_ABI_BITS; j++) {
-v |= ((FD_ISSET(k, fds) != 0)  j);
+v |= (((abi_ulong) (FD_ISSET(k, fds) != 0))  j);
 k++;
 }
 __put_user(v, target_fds[i]);
-- 
1.7.10.4

Re: [Qemu-devel] [PATCH] pseries: Remove unneeded include statement (fixes MinGW builds)

[David Gibson]

On Thu, Jan 03, 2013 at 09:59:46AM +0100, Stefan Hajnoczi wrote:
 On Thu, Dec 20, 2012 at 07:50:41AM +0100, Stefan Weil wrote:
  sys/mman.h is not needed (tested on Linux) and unavailable for MinGW,
  so remove it.
  
  Signed-off-by: Stefan Weil s...@weilnetz.de
  ---
   hw/spapr_nvram.c |2 +-
   1 file changed, 1 insertion(+), 1 deletion(-)
 
 I audited the code and cannot see anything that would require
 sys/mman.h.

Oh, yes, that would have been from an early draft that directly
mmap()ed a backing file rather than using the block layer.  It
shouldn't be needed any more.

-- 
David Gibson| I'll have my music baroque, and my code
david AT gibson.dropbear.id.au  | minimalist, thank you.  NOT _the_ _other_
| _way_ _around_!
http://www.ozlabs.org/~dgibson


signature.asc
Description: Digital signature

[Qemu-devel] [PATCH] dataplane: use linux-headers/ for virtio includes

[Stefan Hajnoczi]

The hw/dataplane/vring.c code includes linux/virtio_ring.h.  Ensure that
we use linux-headers/ instead of the system-wide headers, which may be
out-of-date on older distros.

This resolves the following build error on Debian 6:

  CChw/dataplane/vring.o
cc1: warnings being treated as errors
hw/dataplane/vring.c: In function 'vring_enable_notification':
hw/dataplane/vring.c:71: error: implicit declaration of function 
'vring_avail_event'
hw/dataplane/vring.c:71: error: nested extern declaration of 'vring_avail_event'
hw/dataplane/vring.c:71: error: lvalue required as left operand of assignment

Note that we now build dataplane/ for each target instead of only once.
There is no way around this since linux-headers/ is only available for
per-target objects - and it's how virtio, vfio, kvm, and friends are
built.

Signed-off-by: Stefan Hajnoczi stefa...@redhat.com
---
 hw/Makefile.objs   | 3 ++-
 hw/dataplane/Makefile.objs | 4 +---
 2 files changed, 3 insertions(+), 4 deletions(-)

diff --git a/hw/Makefile.objs b/hw/Makefile.objs
index 5ac4913..b8bbed3 100644
--- a/hw/Makefile.objs
+++ b/hw/Makefile.objs
@@ -1,4 +1,4 @@
-common-obj-y = usb/ ide/ pci/ dataplane/
+common-obj-y = usb/ ide/ pci/
 common-obj-y += loader.o
 common-obj-$(CONFIG_VIRTIO) += virtio-console.o
 common-obj-$(CONFIG_VIRTIO) += virtio-rng.o
@@ -191,6 +191,7 @@ common-obj-$(CONFIG_XEN_BACKEND) += xen_console.o xenfb.o 
xen_disk.o xen_nic.o
 # Per-target files
 # virtio has to be here due to weird dependency between PCI and virtio-net.
 # need to fix this properly
+obj-$(CONFIG_VIRTIO) += dataplane/
 obj-$(CONFIG_VIRTIO) += virtio.o virtio-blk.o virtio-balloon.o virtio-net.o
 obj-$(CONFIG_VIRTIO) += virtio-serial-bus.o virtio-scsi.o
 obj-$(CONFIG_SOFTMMU) += vhost_net.o
diff --git a/hw/dataplane/Makefile.objs b/hw/dataplane/Makefile.objs
index 682aa9e..3e47d05 100644
--- a/hw/dataplane/Makefile.objs
+++ b/hw/dataplane/Makefile.objs
@@ -1,3 +1 @@
-ifeq ($(CONFIG_VIRTIO), y)
-common-obj-$(CONFIG_VIRTIO_BLK_DATA_PLANE) += hostmem.o vring.o event-poll.o 
ioq.o virtio-blk.o
-endif
+obj-$(CONFIG_VIRTIO_BLK_DATA_PLANE) += hostmem.o vring.o event-poll.o ioq.o 
virtio-blk.o
-- 
1.8.0.2

Re: [Qemu-devel] [PATCH] spice: drop incorrect vm_change_state_handler() opaque

[Stefan Hajnoczi]

On Thu, Jan 3, 2013 at 9:20 AM, Gerd Hoffmann kra...@redhat.com wrote:
 On 01/02/13 16:56, Stefan Hajnoczi wrote:
 On Wed, Dec 19, 2012 at 02:07:16PM +0100, Stefan Hajnoczi wrote:
 The spice_server pointer is a global variable and
 vm_change_state_handler() therefore does not use its opaque parameter.

 The vm change state handler is added with a pointer to the spice_server
 pointer.  This is useless and we probably would not want 2 levels of
 pointers.

 Gerd, would you like to take this through the spice queue or should I
 put it in trivial-patches?

 Taking through trivial is fine with me, especially as the spice patch
 queue is empty atm ;)

Okay, I'll take it.  Thanks!

Stefan

Re: [Qemu-devel] buildbot failure in qemu on disable_kvm_x86_64_out_of_tree

[Stefan Hajnoczi]

On Thu, Jan 3, 2013 at 1:23 AM, Anthony Liguori anth...@codemonkey.ws wrote:

 These are all virtio-blk-dataplane Stefan...  The problem seems to be
 !CONFIG_KVM related.

Thanks for pointing this out.  The code is using Linux virtio headers
without -I linux-headers/.

I sent a fix.

Stefan

Re: [Qemu-devel] pthread_create failed: Resource temporarily unavailable

[Andreas Färber]

Hi,

Am 02.01.2013 20:17, schrieb Christoffer Dall:
 I am seeing some brutal crashes with QEMU running virtio using KVM/ARM.
 
 The culprit seems to be when the process runs out of virtual address
 space on 32-bit systems due to some subsystem (virtio?) creating a
 large number of pthreads under heavy workloads.
 
 Unfortunately my QEMU expertise is too limited to pin-point the exact
 fix, nor do I have resources right now to go into it, but I wanted to
 raise this issue and spread general awareness.
 
 Is this a known issue or something that needs to be tracked/documented at 
 least?

It is a known issue that I reported long ago, but there have been higher
priorities. ;)
Note that this failure is not specifically about creating threads but
about thread creation being one of several operations requiring some
free virtual mem, it might as well be a malloc another run. If you trace
memory usage of the process you will likely see dramatic changes over
time... why exactly is still to be investigated.

Andreas

-- 
SUSE LINUX Products GmbH, Maxfeldstr. 5, 90409 Nürnberg, Germany
GF: Jeff Hawn, Jennifer Guild, Felix Imendörffer; HRB 16746 AG Nürnberg

Re: [Qemu-devel] [PATCH 1/8] virtio: don't waste irqfds on control vqs

[Stefan Hajnoczi]

On Wed, Dec 26, 2012 at 12:52:19PM +0200, Michael S. Tsirkin wrote:
 Pass nvqs to set_guest_notifiers. This makes it possible to
 save on irqfds by not allocating one for the control vq
 for virtio-net.
 
 Signed-off-by: Michael S. Tsirkin m...@redhat.com
 ---
  hw/vhost.c  | 10 +++---
  hw/virtio-pci.c | 19 ++-
  hw/virtio-pci.h |  1 +
  hw/virtio.h |  2 +-
  4 files changed, 23 insertions(+), 9 deletions(-)

Good idea!

This patch assumes only the first n virtqueues need irqfd.  Depending on
the device's virtqueue ordering this may not work (e.g. control vq first
followed by data vqs).  But this is a theoretical point, let's wait
until we hit it and need something fancier.

Stefan

Re: [Qemu-devel] [PATCH 1/2] e1000: no need auto-negotiation if link was down

[Stefan Hajnoczi]

On Fri, Dec 28, 2012 at 05:29:10PM +0800, Amos Kong wrote:
 Commit b9d03e352cb6b31a66545763f6a1e20c9abf0c2c added link
 auto-negotiation emulation, it would always set link up by
 callback function. Problem exists if original link status
 was down, link status should not be changed in auto-negotiation.
 
 Signed-off-by: Jason Wang jasow...@redhat.com
 Signed-off-by: Amos Kong ak...@redhat.com
 ---
  hw/e1000.c |5 +
  1 file changed, 5 insertions(+)
 
 diff --git a/hw/e1000.c b/hw/e1000.c
 index 92fb00a..eebcd1d 100644
 --- a/hw/e1000.c
 +++ b/hw/e1000.c
 @@ -164,6 +164,11 @@ static void
  set_phy_ctrl(E1000State *s, int index, uint16_t val)
  {
  if ((val  MII_CR_AUTO_NEG_EN)  (val  MII_CR_RESTART_AUTO_NEG)) {
 +/* no need auto-negotiation if link was down */
 +if (s-nic-nc.link_down) {
 +s-phy_reg[PHY_STATUS] |= MII_SR_AUTONEG_COMPLETE;
 +return;
 +}
  s-nic-nc.link_down = true;
  e1000_link_down(s);
  s-phy_reg[PHY_STATUS] = ~MII_SR_AUTONEG_COMPLETE;

Do we need set_ics(s, 0, E1000_ICR_LSC) when autonegotiation completes?
The code doesn't but I wonder if we should.

Stefan

Re: [Qemu-devel] [PATCH 0/2] fix of preserving link status

[Stefan Hajnoczi]

On Fri, Dec 28, 2012 at 05:29:09PM +0800, Amos Kong wrote:
 Set link down and reboot guest, e1000 link status will be re-set
 to up by auto-negotiation, it's a regression bug. rtl8139 link
 status would be reset to up always.
 
 Problems are fixed by those two patches.
 
 RHBZ: https://bugzilla.redhat.com/show_bug.cgi?id=890288
 
 Amos Kong (2):
   e1000: no need auto-negotiation if link was down
   rtl8139: preserve link state across device reset
 
  hw/e1000.c   |5 +
  hw/rtl8139.c |3 ++-
  2 files changed, 7 insertions(+), 1 deletion(-)
 
 -- 
 Amos Kong
 

Thanks, applied to the net tree:
https://github.com/stefanha/qemu/commits/net

Stefan

Re: [Qemu-devel] [PATCH qom-cpu 4/4] target-ppc: Error out for -cpu host on unknown PVR

[Alexander Graf]

On 18.12.2012, at 08:53, Andreas Färber wrote:

 Previously we silently exited, with subclasses we got an opcode warning.
 Instead explicitly tell the user what's wrong.
 
 An indication for this is -cpu ? showing host with an all-zero PVR.
 
 Signed-off-by: Andreas Färber afaer...@suse.de
 ---
 target-ppc/kvm.c |7 +++
 1 Datei geändert, 7 Zeilen hinzugefügt(+)
 
 diff --git a/target-ppc/kvm.c b/target-ppc/kvm.c
 index f115892..8998d0f 100644
 --- a/target-ppc/kvm.c
 +++ b/target-ppc/kvm.c
 @@ -1186,7 +1186,14 @@ static void alter_insns(uint64_t *word, uint64_t 
 flags, bool on)
 
 static void kvmppc_host_cpu_initfn(Object *obj)
 {
 +PowerPCCPUClass *pcc = POWERPC_CPU_GET_CLASS(obj);
 +
 assert(kvm_enabled());
 +
 +if (pcc-info-pvr != mfpvr()) {
 +fprintf(stderr, Host PVR unsupported.\n);

This should probably rather say Host CPU unsupported for -cpu host or so :). 
Not everyone who invokes qemu-system-ppc knows what a PVR is.


Alex

Re: [Qemu-devel] [RFC V4 00/30] QCOW2 deduplication

[Stefan Hajnoczi]

On Wed, Jan 02, 2013 at 12:26:37PM -0600, Troy Benjegerdes wrote:
 The probability may be 'low' but it is not zero. Just because it's
 hard to calculate the hash doesn't mean you can't do it. If your
 input data is not random the probability of a hash collision is
 going to get scewed.

The cost of catching hash collisions is an extra read for every write.
It's possible to reduce this with a 2nd hash function and/or caching.

I'm not sure it's worth it given the extremely low probability of a hash
collision.

Venti is an example of an existing system where hash collisions were
ignored because the probability is so low.  See 3.1. Choice of Hash
Function section:

http://plan9.bell-labs.com/sys/doc/venti/venti.html

Stefan

Re: [Qemu-devel] [PATCH 1/3] s390: Move IPL code into a separate device

[Alexander Graf]

On 18.12.2012, at 18:50, Jens Freimann wrote:

 From: Christian Borntraeger borntrae...@de.ibm.com
 
 Lets move the code to setup IPL for external kernel
 or via the zipl rom into a separate file. This allows to
 
 - define a reboot handler, setting up the PSW appropriately
 - enhance the boot code to IPL disks that contain a bootmap that
  was created with zipl under LPAR or z/VM (future patch)
 - reuse that code for several machines (e.g. virtio-ccw and virtio-s390)
 - allow different machines to provide different defaults
 
 Signed-off-by: Christian Borntraeger borntrae...@de.ibm.com
 Signed-off-by: Jens Freimann jf...@linux.vnet.ibm.com
 
 ---
 v2 - v3:
 * changed include sysemu.h - sysemu.h
 * make S390IPLState non-anonymous struct
 * add QOM cast macro S390_IPL(dev)
 * remove trailing whitespace
 
 v1 - v2:
 * get rid of ipl.h
 * move defines to ipl.c and make s390_ipl_cpu static
 ---
 ---
 hw/s390-virtio.c   |  98 +++-
 hw/s390x/Makefile.objs |   1 +
 hw/s390x/ipl.c | 174 +
 3 files changed, 185 insertions(+), 88 deletions(-)
 create mode 100644 hw/s390x/ipl.c
 
 diff --git a/hw/s390-virtio.c b/hw/s390-virtio.c
 index ca1bb09..a350430 100644
 --- a/hw/s390-virtio.c
 +++ b/hw/s390-virtio.c
 @@ -25,7 +25,6 @@
 #include boards.h
 #include monitor.h
 #include loader.h
 -#include elf.h
 #include hw/virtio.h
 #include hw/sysbus.h
 #include kvm.h
 @@ -48,17 +47,6 @@
 #define KVM_S390_VIRTIO_RESET   1
 #define KVM_S390_VIRTIO_SET_STATUS  2
 
 -#define KERN_IMAGE_START0x01UL
 -#define KERN_PARM_AREA  0x010480UL
 -#define INITRD_START0x80UL
 -#define INITRD_PARM_START   0x010408UL
 -#define INITRD_PARM_SIZE0x010410UL
 -#define PARMFILE_START  0x001000UL
 -
 -#define ZIPL_START   0x009000UL
 -#define ZIPL_LOAD_ADDR   0x009000UL
 -#define ZIPL_FILENAMEs390-zipl.rom
 -
 #define MAX_BLK_DEVS10
 
 static VirtIOS390Bus *s390_bus;
 @@ -156,15 +144,10 @@ static void s390_init(QEMUMachineInitArgs *args)
 {
 ram_addr_t my_ram_size = args-ram_size;
 const char *cpu_model = args-cpu_model;
 -const char *kernel_filename = args-kernel_filename;
 -const char *kernel_cmdline = args-kernel_cmdline;
 -const char *initrd_filename = args-initrd_filename;
 CPUS390XState *env = NULL;
 +DeviceState *dev;
 MemoryRegion *sysmem = get_system_memory();
 MemoryRegion *ram = g_new(MemoryRegion, 1);
 -ram_addr_t kernel_size = 0;
 -ram_addr_t initrd_offset;
 -ram_addr_t initrd_size = 0;
 int shift = 0;
 uint8_t *storage_keys;
 void *virtio_region;
 @@ -185,6 +168,15 @@ static void s390_init(QEMUMachineInitArgs *args)
 /* get a BUS */
 s390_bus = s390_virtio_bus_init(my_ram_size);
 s390_sclp_init();
 +dev  = qdev_create(NULL, s390-ipl);
 +if (args-kernel_filename) {
 +qdev_prop_set_string(dev, kernel, args-kernel_filename);
 +}
 +if (args-initrd_filename) {
 +qdev_prop_set_string(dev, initrd, args-initrd_filename);
 +}
 +qdev_prop_set_string(dev, cmdline, args-kernel_cmdline);
 +qdev_init_nofail(dev);
 
 /* allocate RAM */
 memory_region_init_ram(ram, s390.ram, my_ram_size);
 @@ -225,76 +217,6 @@ static void s390_init(QEMUMachineInitArgs *args)
 tmp_env-storage_keys = storage_keys;
 }
 
 -/* One CPU has to run */
 -s390_add_running_cpu(env);
 -
 -if (kernel_filename) {
 -
 -kernel_size = load_elf(kernel_filename, NULL, NULL, NULL, NULL,
 -   NULL, 1, ELF_MACHINE, 0);
 -if (kernel_size == -1UL) {
 -kernel_size = load_image_targphys(kernel_filename, 0, ram_size);
 -}
 -if (kernel_size == -1UL) {
 -fprintf(stderr, qemu: could not load kernel '%s'\n,
 -kernel_filename);
 -exit(1);
 -}
 -/*
 - * we can not rely on the ELF entry point, since up to 3.2 this
 - * value was 0x800 (the SALIPL loader) and it wont work. For
 - * all (Linux) cases 0x1 (KERN_IMAGE_START) should be fine.
 - */
 -env-psw.addr = KERN_IMAGE_START;
 -env-psw.mask = 0x00018000ULL;
 -} else {
 -ram_addr_t bios_size = 0;
 -char *bios_filename;
 -
 -/* Load zipl bootloader */
 -if (bios_name == NULL) {
 -bios_name = ZIPL_FILENAME;
 -}
 -
 -bios_filename = qemu_find_file(QEMU_FILE_TYPE_BIOS, bios_name);
 -bios_size = load_image_targphys(bios_filename, ZIPL_LOAD_ADDR, 4096);
 -g_free(bios_filename);
 -
 -if ((long)bios_size  0) {
 -hw_error(could not load bootloader '%s'\n, bios_name);
 -}
 -
 -if (bios_size  4096) {
 -hw_error(stage1 bootloader 

Re: [Qemu-devel] [PATCH 2/3] s390: Add CPU reset handler

[Alexander Graf]

On 18.12.2012, at 18:50, Jens Freimann wrote:

 Add a CPU reset handler to have all CPUs in a PoP compliant
 state.
 
 Signed-off-by: Jens Freimann jf...@linux.vnet.ibm.com
 
 ---
 v2 - v3:
 * remove FIXME
 * separate parent reset from local reset by adding a while line
 * use defines for register reset values
 
 v1 - v2:
 * move setting of control registers and psa to s390_cpu_reset
  and call it from the new s390_machine_cpu_reset_cb()
  This makes it more similar to how it is done on x86
 * in s390_cpu_reset() set env-halted state of cpu after
  the memset. This is needed to keep our s390_cpu_running
  counter in sync when s390_cpu_reset is called via the
  qemu_devices_reset path
 * set env-halted state in s390_cpu_initfn to 1 to avoid
  decrementing the cpu counter during first reset
 ---
 target-s390x/cpu.c | 35 +--
 target-s390x/kvm.c |  9 -
 2 files changed, 41 insertions(+), 3 deletions(-)
 
 diff --git a/target-s390x/cpu.c b/target-s390x/cpu.c
 index 619b202..58e412a 100644
 --- a/target-s390x/cpu.c
 +++ b/target-s390x/cpu.c
 @@ -4,6 +4,7 @@
  * Copyright (c) 2009 Ulrich Hecht
  * Copyright (c) 2011 Alexander Graf
  * Copyright (c) 2012 SUSE LINUX Products GmbH
 + * Copyright (c) 2012 IBM Corp.
  *
  * This library is free software; you can redistribute it and/or
  * modify it under the terms of the GNU Lesser General Public
 @@ -18,12 +19,19 @@
  * You should have received a copy of the GNU Lesser General Public
  * License along with this library; if not, see
  * http://www.gnu.org/licenses/lgpl-2.1.html
 + * Contributions after 2012-12-11 are licensed under the terms of the
 + * GNU GPL, version 2 or (at your option) any later version.
 + *
  */
 
 #include cpu.h
 +#include hw/hw.h
 #include qemu-common.h
 #include qemu-timer.h
 
 +#define IPL_PSW_MASK0x00018000ULL
 +#define CR0_RESET   0xE0UL
 +#define CR14_RESET  0xC200UL;
 
 /* CPUClass::reset() */
 static void s390_cpu_reset(CPUState *s)
 @@ -37,12 +45,30 @@ static void s390_cpu_reset(CPUState *s)
 log_cpu_state(env, 0);
 }
 
 +s390_del_running_cpu(env);
 +
 scc-parent_reset(s);
 
 memset(env, 0, offsetof(CPUS390XState, breakpoints));
 -/* FIXME: reset vector? */
 +
 +/* architectured initial values for CR 0 and 14 */
 +env-cregs[0] = CR0_RESET;
 +env-cregs[14] = CR14_RESET;
 +/* set to z/Architecture mode */
 +env-psw.mask = IPL_PSW_MASK;

Why would we set psw.mask, but not psw.addr? In fact, why are we setting psw at 
all here? Shouldn't we just leave it at 0 from the memset and simply override 
it in the ipl device?

Alex

Re: [Qemu-devel] [PATCH 2/3] s390: Add CPU reset handler

[Alexander Graf]

On 18.12.2012, at 18:50, Jens Freimann wrote:

 Add a CPU reset handler to have all CPUs in a PoP compliant
 state.
 
 Signed-off-by: Jens Freimann jf...@linux.vnet.ibm.com
 
 ---
 v2 - v3:
 * remove FIXME
 * separate parent reset from local reset by adding a while line
 * use defines for register reset values
 
 v1 - v2:
 * move setting of control registers and psa to s390_cpu_reset
  and call it from the new s390_machine_cpu_reset_cb()
  This makes it more similar to how it is done on x86
 * in s390_cpu_reset() set env-halted state of cpu after
  the memset. This is needed to keep our s390_cpu_running
  counter in sync when s390_cpu_reset is called via the
  qemu_devices_reset path
 * set env-halted state in s390_cpu_initfn to 1 to avoid
  decrementing the cpu counter during first reset
 ---
 target-s390x/cpu.c | 35 +--
 target-s390x/kvm.c |  9 -
 2 files changed, 41 insertions(+), 3 deletions(-)
 
 diff --git a/target-s390x/cpu.c b/target-s390x/cpu.c
 index 619b202..58e412a 100644
 --- a/target-s390x/cpu.c
 +++ b/target-s390x/cpu.c
 @@ -4,6 +4,7 @@
  * Copyright (c) 2009 Ulrich Hecht
  * Copyright (c) 2011 Alexander Graf
  * Copyright (c) 2012 SUSE LINUX Products GmbH
 + * Copyright (c) 2012 IBM Corp.
  *
  * This library is free software; you can redistribute it and/or
  * modify it under the terms of the GNU Lesser General Public
 @@ -18,12 +19,19 @@
  * You should have received a copy of the GNU Lesser General Public
  * License along with this library; if not, see
  * http://www.gnu.org/licenses/lgpl-2.1.html
 + * Contributions after 2012-12-11 are licensed under the terms of the
 + * GNU GPL, version 2 or (at your option) any later version.
 + *
  */
 
 #include cpu.h
 +#include hw/hw.h

Also, have you verified that this doesn't break s390x-linux-user?

 #include qemu-common.h
 #include qemu-timer.h
 
 +#define IPL_PSW_MASK0x00018000ULL
 +#define CR0_RESET   0xE0UL
 +#define CR14_RESET  0xC200UL;
 
 /* CPUClass::reset() */
 static void s390_cpu_reset(CPUState *s)
 @@ -37,12 +45,30 @@ static void s390_cpu_reset(CPUState *s)
 log_cpu_state(env, 0);
 }
 
 +s390_del_running_cpu(env);
 +
 scc-parent_reset(s);
 
 memset(env, 0, offsetof(CPUS390XState, breakpoints));
 -/* FIXME: reset vector? */
 +
 +/* architectured initial values for CR 0 and 14 */
 +env-cregs[0] = CR0_RESET;
 +env-cregs[14] = CR14_RESET;
 +/* set to z/Architecture mode */
 +env-psw.mask = IPL_PSW_MASK;

In fact this one is correct for CONFIG_USER_ONLY.

 +env-psa = 0;
 +/* set halted to 1 to make sure we can add the cpu in
 + * s390_ipl_cpu code, where env-halted is set back to 0
 + * after incrementing the cpu counter */
 +env-halted = 1;

While this again probably breaks s390x-linux-user, no?


Alex

 tlb_flush(env, 1);
 -s390_add_running_cpu(env);
 +}
 +
 +static void s390_cpu_machine_reset_cb(void *opaque)
 +{
 +S390CPU *cpu = opaque;
 +
 +cpu_reset(CPU(cpu));
 }
 
 static void s390_cpu_initfn(Object *obj)
 @@ -66,7 +92,12 @@ static void s390_cpu_initfn(Object *obj)
 env-cpu_num = cpu_num++;
 env-ext_index = -1;
 
 +/* set env-halted state to 1 to avoid decrementing the running
 + * cpu counter in s390_cpu_reset to a negative number at 
 + * initial ipl */
 +env-halted = 1;
 cpu_reset(CPU(cpu));
 +qemu_register_reset(s390_cpu_machine_reset_cb, cpu);
 }
 
 static void s390_cpu_class_init(ObjectClass *oc, void *data)
 diff --git a/target-s390x/kvm.c b/target-s390x/kvm.c
 index 94de764..fda9f1f 100644
 --- a/target-s390x/kvm.c
 +++ b/target-s390x/kvm.c
 @@ -85,7 +85,14 @@ int kvm_arch_init_vcpu(CPUS390XState *env)
 
 void kvm_arch_reset_vcpu(CPUS390XState *env)
 {
 -/* FIXME: add code to reset vcpu. */
 +   /* The initial reset call is needed here to reset in-kernel
 +* vcpu data that we can't access directly from QEMU
 +* (i.e. with older kernels which don't support sync_regs/ONE_REG).
 +* Before this ioctl cpu_synchronize_state() is called in common kvm
 +* code (kvm-all) */
 +if (kvm_vcpu_ioctl(env, KVM_S390_INITIAL_RESET, NULL)) {
 +perror(Can't reset vcpu\n);
 +}
 }
 
 int kvm_arch_put_registers(CPUS390XState *env, int level)
 -- 
 1.7.12.4
 

Re: [Qemu-devel] [PATCH 3/3] S390: Enable -cpu help and QMP query-cpu-definitions

[Alexander Graf]

On 18.12.2012, at 18:50, Jens Freimann wrote:

 From: Viktor Mihajlovski mihaj...@linux.vnet.ibm.com
 
 This enables qemu -cpu help to return a list of supported CPU models
 on s390 and also to query for cpu definitions in the monitor.
 Initially only cpu model = host is returned. This needs to be reworked
 into a full-fledged CPU model handling later on.
 This change is needed to allow libvirt exploiters (like OpenStack)
 to specify a CPU model.
 
 Signed-off-by: Viktor Mihajlovski mihaj...@linux.vnet.ibm.com
 Signed-off-by: Jens Freimann jf...@linux.vnet.ibm.com
 Reviewed-by: Christian Borntraeger borntrae...@de.ibm.com

Thanks, applied to s390-next.


Alex

Re: [Qemu-devel] Using QEMU guest agent to run programs from guest path

[Erlon Cruz]

On Wed, Jan 2, 2013 at 9:04 PM, mdroth mdr...@linux.vnet.ibm.com wrote:

 On Mon, Dec 31, 2012 at 06:14:59PM -0200, Erlon Cruz wrote:
  Hi,
 
 
  I needed to run an external program in a guest machine. Once this must be
  triggered by the host, I first thought in qemu-ga.
  Is that possible? In QEMU help page and in the code I couldn't find such
  capability.
  So Im thinking In to implement a new GA QMP command that can run generic
  programs in the guest. It would be receive/return something like this:
 
  {execute:execvp,
  arguments:{command:/bin/ls,cmdargs:-la,timeout:20}}
  {return: {status: 0, stdout: aGVsbG8gd29ybGQhCg==, stderr:
 }}
 
  Any thoughts/ideas about this?

 I sent an RFC for this a while back:

 http://lists.gnu.org/archive/html/qemu-devel/2011-12/msg00722.html

 At the time the interface seemed a bit tedious, but AFAIK it's the only
 kind of approach that'll work for longer-running commands with lots of
 output, so I might just clean it up and re-spin the series.


Why you say tedious? The interface seems to have a very wide usage for
several scenarios and fits perfectly for what we are trying to do. Why it
didn't go upstream? I think it would be nice to roll that up again.

Erlon


  Kind Regards,
  Erlon

[Qemu-devel] [PATCH] linux-user: fix mips 32-on-64 prealloc case

[Alexander Graf]

MIPS only supports 31 bits of virtual address space for user space, so let's
make sure we stay within that limit with our preallocated memory block.

This fixes the MIPS user space targets when executed without command line
option.

Signed-off-by: Alexander Graf ag...@suse.de
---
 linux-user/main.c | 5 +
 1 file changed, 5 insertions(+)

diff --git a/linux-user/main.c b/linux-user/main.c
index c4d10ac..a2bc09d 100644
--- a/linux-user/main.c
+++ b/linux-user/main.c
@@ -57,7 +57,12 @@ int have_guest_base;
  * This way we will never overlap with our own libraries or binaries or stack
  * or anything else that QEMU maps.
  */
+# ifdef TARGET_MIPS
+/* MIPS only supports 31 bits of virtual address space for user space */
+unsigned long reserved_va = 0x7700;
+# else
 unsigned long reserved_va = 0xf700;
+# endif
 #else
 unsigned long reserved_va;
 #endif
-- 
1.7.12.4

[Qemu-devel] [PATCH] pty: unbreak libvirt

[Gerd Hoffmann]

Commit 586502189edf9fd0f89a83de96717a2ea826fdb0 breaks libvirt pty
support because it tried to figure the pts name from stderr output.

Fix this by moving the label to the end of the line, this way the
libvirt parser does still recognise the message.  libvirt looks
for char device redirected to ${ptsname}whitespace.

Signed-off-by: Gerd Hoffmann kra...@redhat.com
---
 qemu-char.c |9 +
 1 files changed, 5 insertions(+), 4 deletions(-)

diff --git a/qemu-char.c b/qemu-char.c
index 331ad5c..f41788c 100644
--- a/qemu-char.c
+++ b/qemu-char.c
@@ -1012,10 +1012,11 @@ static CharDriverState *qemu_chr_open_pty(QemuOpts 
*opts)
 qemu_opt_set(opts, path, q_ptsname(master_fd));
 
 label = qemu_opts_id(opts);
-fprintf(stderr, char device%s%s redirected to %s\n,
-label ?   : ,
-label ?: ,
-q_ptsname(master_fd));
+fprintf(stderr, char device redirected to %s%s%s%s\n,
+q_ptsname(master_fd),
+label ?  (label  : ,
+label ? label  : ,
+label ? ): );
 
 s = g_malloc0(sizeof(PtyCharDriver));
 chr-opaque = s;
-- 
1.7.1

Re: [Qemu-devel] [PATCH] pty: unbreak libvirt

[Daniel P. Berrange]

On Thu, Jan 03, 2013 at 02:23:03PM +0100, Gerd Hoffmann wrote:
 Commit 586502189edf9fd0f89a83de96717a2ea826fdb0 breaks libvirt pty
 support because it tried to figure the pts name from stderr output.
 
 Fix this by moving the label to the end of the line, this way the
 libvirt parser does still recognise the message.  libvirt looks
 for char device redirected to ${ptsname}whitespace.

FWIW, libvirt was not supposed to be parsing this data still.
We rely on query-chardev to get the PTYs, but we were accidentally
still invoking the stdio parsing code even though we didn't use
the result :-(

This flaw is fixed in latest libvirt GIT.

 
 Signed-off-by: Gerd Hoffmann kra...@redhat.com
 ---
  qemu-char.c |9 +
  1 files changed, 5 insertions(+), 4 deletions(-)
 
 diff --git a/qemu-char.c b/qemu-char.c
 index 331ad5c..f41788c 100644
 --- a/qemu-char.c
 +++ b/qemu-char.c
 @@ -1012,10 +1012,11 @@ static CharDriverState *qemu_chr_open_pty(QemuOpts 
 *opts)
  qemu_opt_set(opts, path, q_ptsname(master_fd));
  
  label = qemu_opts_id(opts);
 -fprintf(stderr, char device%s%s redirected to %s\n,
 -label ?   : ,
 -label ?: ,
 -q_ptsname(master_fd));
 +fprintf(stderr, char device redirected to %s%s%s%s\n,
 +q_ptsname(master_fd),
 +label ?  (label  : ,
 +label ? label  : ,
 +label ? ): );
  
  s = g_malloc0(sizeof(PtyCharDriver));
  chr-opaque = s;


Daniel
-- 
|: http://berrange.com  -o-http://www.flickr.com/photos/dberrange/ :|
|: http://libvirt.org  -o- http://virt-manager.org :|
|: http://autobuild.org   -o- http://search.cpan.org/~danberr/ :|
|: http://entangle-photo.org   -o-   http://live.gnome.org/gtk-vnc :|

Re: [Qemu-devel] [PATCH] sheepdog: implement direct write semantics

[Liu Yuan]

On 12/25/2012 04:45 PM, Liu Yuan wrote:
 Well, I found setting cache=directsync will contain 'BDRV_O_CACHE_WB'.
 Is this a bug for current master? If no, my current scheme will be the
 only way to bypass cache of sheepdog.

Ping. Can anyone confirm it is a bug that 'cache=directsync' will pass
BDRV_O_CACHE_WB' in the flags?

Thanks,
Yuan

Re: [Qemu-devel] [PATCH] dataplane: use linux-headers/ for virtio includes

[Anthony Liguori]

Thanks, applied.

Regards,

Anthony Liguori

Re: [Qemu-devel] [PATCH 7/7] KVM regsync: Fix do_kvm_cpu_synchronize_state data integrity issue

[Alexander Graf]

On 21.12.2012, at 14:56, Jason J. Herne wrote:

 From: Jason J. Herne jjhe...@us.ibm.com
 
 Modify syncing algorithm in do_kvm_cpu_synchronize_state to avoid
 overwriting previously synced register data by calling
 do_kvm_cpu_synchronize_state twice.
 
 The problem occurs if the following sequence of events occurs:
 1. kvm_arch_get_registers(env, KVM_REGSYNC_RUNTIME_STATE)
 2. Use the runtime state
 3. kvm_arch_get_registers(env, KVM_REGSYNC_FULL_STATE) (ignored)
 4. Use the full state.
 
 In step 4 the call to kvm_arch_get_registers() does nothing (to avoid 
 squashing
 local changes to the runtime registers), but the caller assumes the full
 register state is now available.
 
 This is fixed by encoding which registers are synced in env-kvm_vcpu_dirty 
 and
 calling kvm_arch_put_registers() to sync local changes back to KVM before
 calling kvm_arch_get_registers() if we are expanding the set of synced
 registers.
 
 Signed-off-by: Jason J. Herne jjhe...@us.ibm.com
 Reviewed-by: Christian Borntraeger borntrae...@de.ibm.com
 ---
 include/exec/cpu-defs.h |6 ++
 kvm-all.c   |   14 ++
 2 files changed, 16 insertions(+), 4 deletions(-)
 
 diff --git a/include/exec/cpu-defs.h b/include/exec/cpu-defs.h
 index aea0ece..af3b6aa 100644
 --- a/include/exec/cpu-defs.h
 +++ b/include/exec/cpu-defs.h
 @@ -208,6 +208,12 @@ typedef struct CPUWatchpoint {
 struct KVMState *kvm_state; \
 struct kvm_run *kvm_run;\
 int kvm_fd; \
 +\
 +/* Register level indicating which vcpu registers have been synced  \
 +   from KVM, are potentially dirty due to local modifications, and  \
 +   will need to be written back to KVM.  Valid values are 0, which  \
 +   indicates no registers are dirty, or any of the KVM_REGSYNC_*\
 +   constants defined in kvm.h */\
 int kvm_vcpu_dirty;
 
 #endif
 diff --git a/kvm-all.c b/kvm-all.c
 index aee5bdd..858a636 100644
 --- a/kvm-all.c
 +++ b/kvm-all.c
 @@ -230,7 +230,7 @@ int kvm_init_vcpu(CPUArchState *env)
 
 env-kvm_fd = ret;
 env-kvm_state = s;
 -env-kvm_vcpu_dirty = 1;
 +env-kvm_vcpu_dirty = KVM_REGSYNC_FULL_STATE;
 
 mmap_size = kvm_ioctl(s, KVM_GET_VCPU_MMAP_SIZE, 0);
 if (mmap_size  0) {
 @@ -1489,10 +1489,16 @@ void kvm_flush_coalesced_mmio_buffer(void)
 static void do_kvm_cpu_synchronize_state(void *_args)
 {
 struct kvm_cpu_syncstate_args *args = _args;
 +CPUArchState *env = args-env;
 +int register_level = args-register_level;
 

This probably becomes more readable if we explicitly revert back to unsynced 
state first:

/* Write back local modifications at our current level */
if (register_level  env-kvm_vcpu_dirty) {
kvm_arch_put_registers(...);
env-kvm_vcpu_dirty = 0;
}

and then do the sync we are requested to do:

if (!env-kvm_vcpu_dirty) {
...
}


Alex

 if (!args-env-kvm_vcpu_dirty) {
 -kvm_arch_get_registers(args-env, args-register_level);
 -args-env-kvm_vcpu_dirty = 1;
 +kvm_arch_get_registers(env, register_level);
 +env-kvm_vcpu_dirty = register_level;
 +} else if (register_level  env-kvm_vcpu_dirty) {
 +kvm_arch_put_registers(env, env-kvm_vcpu_dirty);
 +kvm_arch_get_registers(env, register_level);
 +env-kvm_vcpu_dirty = register_level;
 }
 }
 
 @@ -1535,7 +1541,7 @@ int kvm_cpu_exec(CPUArchState *env)
 
 do {
 if (env-kvm_vcpu_dirty) {
 -kvm_arch_put_registers(env, KVM_REGSYNC_RUNTIME_STATE);
 +kvm_arch_put_registers(env, env-kvm_vcpu_dirty);
 env-kvm_vcpu_dirty = 0;
 }
 
 -- 
 1.7.9.5
 

Re: [Qemu-devel] [PATCH 0/7] KVM regsync

[Alexander Graf]

On 21.12.2012, at 14:55, Jason J. Herne wrote:

 Note: This is rework for the patch set previously submitted:
 s390/migration: Provide a cpu save for initial life migration work
 http://lists.nongnu.org/archive/html/qemu-devel/2012-11/msg02203.html
 
 Rework the method used to synchronize CPU registers between Qemu 
 KVM.  This patch set extends kvm_arch_get_registers() to take a
 register level parameter just like kvm_arch_put_registers does.  All
 existing code paths are updated to specify this new parameter.
 Floating point register synchronization is added to
 kvm_arch_[get,put]_registers().

Very nice patch set :). I'd like to wait for an ack from Jan on this though and 
considering that it touches generic KVM code, I'd like to see it go in via the 
kvm queue.

Also, you probably want to swap patches 6 and 7, otherwise you potentially 
break bisection.


Alex

Re: [Qemu-devel] [PATCH 3/3] Enable kvm emulated watchdog

[Alexander Graf]

On 27.12.2012, at 12:38, Bhushan Bharat-R65777 wrote:

 
 
 -Original Message-
 From: Alexander Graf [mailto:ag...@suse.de]
 Sent: Monday, December 17, 2012 8:09 PM
 To: Bhushan Bharat-R65777
 Cc: qemu-devel@nongnu.org; qemu-...@nongnu.org; Bhushan Bharat-R65777
 Subject: Re: [PATCH 3/3] Enable kvm emulated watchdog
 
 
 On 17.12.2012, at 07:08, Bharat Bhushan wrote:
 
 Enable the KVM emulated watchdog if KVM supports (use the capability
 enablement in watchdog handler). Also watchdog exit
 (KVM_EXIT_WATCHDOG) handling is added.
 Watchdog state machine is cleared whenever VM state changes to running.
 This is to handle the cases like return from debug halt etc.
 
 Signed-off-by: Bharat Bhushan bharat.bhus...@freescale.com
 ---
 hw/ppc.h |2 +
 hw/ppc_booke.c   |   71 
 ++
 target-ppc/kvm.c |   13 +-
 3 files changed, 85 insertions(+), 1 deletions(-)
 
 diff --git a/hw/ppc.h b/hw/ppc.h
 index 2f3ea27..3672fe8 100644
 --- a/hw/ppc.h
 +++ b/hw/ppc.h
 @@ -44,6 +44,8 @@ struct ppc_tb_t {
 
 uint64_t cpu_ppc_get_tb(ppc_tb_t *tb_env, uint64_t vmclk, int64_t
 tb_offset); clk_setup_cb cpu_ppc_tb_init (CPUPPCState *env, uint32_t
 freq);
 +extern int cap_ppc_watchdog;
 +extern int cap_booke_sregs;
 
 No. Never export cap_ variables. They are kvm internal.
 
 /* Embedded PowerPC DCR management */
 typedef uint32_t (*dcr_read_cb)(void *opaque, int dcrn); typedef void
 (*dcr_write_cb)(void *opaque, int dcrn, uint32_t val); diff --git
 a/hw/ppc_booke.c b/hw/ppc_booke.c index 837a5b6..f18df74 100644
 --- a/hw/ppc_booke.c
 +++ b/hw/ppc_booke.c
 @@ -21,6 +21,8 @@
 * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER
 DEALINGS IN
 * THE SOFTWARE.
 */
 +#include sysemu.h
 +#include kvm.h
 #include hw.h
 #include ppc.h
 #include qemu-timer.h
 @@ -203,6 +205,11 @@ static void booke_wdt_cb(void *opaque)
 booke_timer-wdt_timer); }
 
 +static void ppc_booke_watchdog_clear_tsr(CPUPPCState *env,
 +target_ulong tsr) {
 +env-spr[SPR_BOOKE_TSR] = tsr  ~(TSR_ENW | TSR_WIS |
 +TSR_WRS_MASK); }
 +
 void store_booke_tsr(CPUPPCState *env, target_ulong val) {
env-spr[SPR_BOOKE_TSR] = ~val;
 @@ -241,6 +248,64 @@ static void ppc_booke_timer_reset_handle(void *opaque)
booke_update_irq(env);
 }
 
 +static void cpu_state_change_handler(void *opaque, int running,
 +RunState state) {
 +CPUPPCState *env = opaque;
 +
 +struct kvm_sregs sregs;
 +
 +if (!running) {
 +return;
 +}
 +
 +/*
 + * Clear watchdog interrupt condition by clearing TSR.
 + * Similar logic needed to be implemented for watchdog
 + * emulation in qemu.
 + */
 +
 +if (!kvm_enabled()) {
 +/* FIXME: add handling for qemu emulated case */
 +return;
 +}
 +
 +if (cap_booke_sregs  cap_ppc_watchdog) {
 +kvm_vcpu_ioctl(env, KVM_GET_SREGS, sregs);
 +
 +/* Clear TSR.ENW, TSR.WIS and TSR.WRS */
 +ppc_booke_watchdog_clear_tsr(env, sregs.u.e.tsr);
 
 This should happen outside of the if (kvm_enabled()) block.
 
 +sregs.u.e.tsr = env-spr[SPR_BOOKE_TSR];
 +sregs.u.e.update_special = KVM_SREGS_E_UPDATE_TSR;
 +
 +kvm_vcpu_ioctl(env, KVM_SET_SREGS, sregs);
 
 Please create a kvmppc_... wrapper for all this in target-ppc/kvm.c. Or maybe
 even better yet add a helper variable that tells the kvm register sync 
 function
 to sync TSR as well and just use the normal cpu_synchronize_state() way of
 pushing register into the CPU.
 
 Not sure what type of helper variable you are talking about.
 What came in my mine is we define a helper variable as per bitmap of SREGS 
 update feature KVM_SREGS_E_UPDATE_* (update_special) in env. Whenever any 
 code changes the env[spr] it will set the update_special. Env-update_special 
 will be checked in put_registers().

Yes, just that the bitmap shouldn't use KVM_SREGS bits but its own bit ids :). 
That way we can also support ONE_REG variables.


Alex

Re: [Qemu-devel] [RFC PATCH V8 01/15] qdev : add a maximum device allowed field for the bus.

[KONRAD Frédéric]

On 02/01/2013 15:08, Anthony Liguori wrote:

fred.kon...@greensocs.com writes:


From: KONRAD Frederic fred.kon...@greensocs.com

Add a max_dev field to BusState to specify the maximum amount of devices allowed
on the bus ( have no effect if max_dev=0 )

Signed-off-by: KONRAD Frederic fred.kon...@greensocs.com
---
  hw/qdev-core.h|  2 ++
  hw/qdev-monitor.c | 11 +++
  2 files changed, 13 insertions(+)

diff --git a/hw/qdev-core.h b/hw/qdev-core.h
index d672cca..af909b9 100644
--- a/hw/qdev-core.h
+++ b/hw/qdev-core.h
@@ -104,6 +104,8 @@ struct BusState {
  const char *name;
  int allow_hotplug;
  int max_index;
+/* maximum devices allowed on the bus, 0 : no limit. */
+int max_dev;
  QTAILQ_HEAD(ChildrenHead, BusChild) children;
  QLIST_ENTRY(BusState) sibling;
  };
diff --git a/hw/qdev-monitor.c b/hw/qdev-monitor.c
index a1b4d6a..7a9d275 100644
--- a/hw/qdev-monitor.c
+++ b/hw/qdev-monitor.c
@@ -292,6 +292,17 @@ static BusState *qbus_find_recursive(BusState *bus, const 
char *name,
  if (bus_typename  !object_dynamic_cast(OBJECT(bus), bus_typename)) {
  match = 0;
  }
+if ((bus-max_dev != 0)  (bus-max_dev = bus-max_index)) {
+if (name != NULL) {
+/* bus was explicitly specified : return an error. */
+qerror_report(ERROR_CLASS_GENERIC_ERROR, Bus '%s' is full,
+  bus-name);
+return NULL;
+} else {
+/* bus was not specified : try to find another one. */
+match = 0;
+}
+}
  if (match) {
  return bus;
  }

Nice change, but I wonder if this should be a class property instead of
an object property?  Would different objects of the same class ever set
this differently?

I don't know. What do you think is the best ?

Fred



Regards,

Anthony Liguori


--
1.7.11.7

Re: [Qemu-devel] [RFC 0/8] Remove old_portio usage

[Gerd Hoffmann]

  Hi,

 As for finding a solution to the bochs debug ports, can you resubmit
 this series with the commit'able patches first, marked PATCH, and append
 a proposal merging Gerd's, Lucas' and your QOM'ified debug device?

I'll try to get a updated patch series with the debug/test devices out
of the door tomorrow, so we can finally zap the hardcoded bochs debug ports.

Beside that I agree that it is a good idea to split the series into two,
with ready-to-go and rfc patches, so we can merge the ready ones while
discussing the other ones.

cheers,
  Gerd

Re: [Qemu-devel] [RFC 3/8] uhci: do not use old_portio-style callbacks

[Gerd Hoffmann]

On 12/23/12 16:32, Hervé Poussineau wrote:
 -static const MemoryRegionPortio uhci_portio[] = {
 -{ 0, 32, 2, .write = uhci_ioport_writew, },
 -{ 0, 32, 2, .read = uhci_ioport_readw, },
 -{ 0, 32, 4, .write = uhci_ioport_writel, },
 -{ 0, 32, 4, .read = uhci_ioport_readl, },
 -{ 0, 32, 1, .write = uhci_ioport_writeb, },
 -{ 0, 32, 1, .read = uhci_ioport_readb, },
 -PORTIO_END_OF_LIST()
 -};
 +static uint64_t uhci_ioport_read(void *opaque, hwaddr addr, unsigned int 
 size)
 +{
 +switch (size) {
 +case 1:
 +return uhci_ioport_readb(opaque, (uint32_t)addr);
 +case 2:
 +return uhci_ioport_readw(opaque, (uint32_t)addr);
 +case 4:
 +return uhci_ioport_readl(opaque, (uint32_t)addr);
 +default:
 +return ~0UL;
 +}
 +}

Aaaargh.  Please don't.  Offloading the size handling to the memory api
is better.  See attached patch.

cheers,
  Gerd
From 3f5810004dad2ef67cf067d96cf0b983166a454f Mon Sep 17 00:00:00 2001
From: Gerd Hoffmann kra...@redhat.com
Date: Thu, 3 Jan 2013 12:29:41 +0100
Subject: [PATCH] uhci: stop using portio lists

Signed-off-by: Gerd Hoffmann kra...@redhat.com
---
 hw/usb/hcd-uhci.c |  106 +++--
 trace-events  |2 -
 2 files changed, 30 insertions(+), 78 deletions(-)

diff --git a/hw/usb/hcd-uhci.c b/hw/usb/hcd-uhci.c
index 0cd68cf..60645aa 100644
--- a/hw/usb/hcd-uhci.c
+++ b/hw/usb/hcd-uhci.c
@@ -461,40 +461,11 @@ static const VMStateDescription vmstate_uhci = {
 }
 };
 
-static void uhci_ioport_writeb(void *opaque, uint32_t addr, uint32_t val)
+static void uhci_port_write(void *opaque, hwaddr addr,
+uint64_t val, unsigned size)
 {
 UHCIState *s = opaque;
 
-addr = 0x1f;
-switch(addr) {
-case 0x0c:
-s-sof_timing = val;
-break;
-}
-}
-
-static uint32_t uhci_ioport_readb(void *opaque, uint32_t addr)
-{
-UHCIState *s = opaque;
-uint32_t val;
-
-addr = 0x1f;
-switch(addr) {
-case 0x0c:
-val = s-sof_timing;
-break;
-default:
-val = 0xff;
-break;
-}
-return val;
-}
-
-static void uhci_ioport_writew(void *opaque, uint32_t addr, uint32_t val)
-{
-UHCIState *s = opaque;
-
-addr = 0x1f;
 trace_usb_uhci_mmio_writew(addr, val);
 
 switch(addr) {
@@ -543,6 +514,17 @@ static void uhci_ioport_writew(void *opaque, uint32_t 
addr, uint32_t val)
 if (s-status  UHCI_STS_HCHALTED)
 s-frnum = val  0x7ff;
 break;
+case 0x08:
+s-fl_base_addr = 0x;
+s-fl_base_addr |= val  ~0xfff;
+break;
+case 0x0a:
+s-fl_base_addr = 0x;
+s-fl_base_addr |= (val  16);
+break;
+case 0x0c:
+s-sof_timing = val  0xff;
+break;
 case 0x10 ... 0x1f:
 {
 UHCIPort *port;
@@ -574,12 +556,11 @@ static void uhci_ioport_writew(void *opaque, uint32_t 
addr, uint32_t val)
 }
 }
 
-static uint32_t uhci_ioport_readw(void *opaque, uint32_t addr)
+static uint64_t uhci_port_read(void *opaque, hwaddr addr, unsigned size)
 {
 UHCIState *s = opaque;
 uint32_t val;
 
-addr = 0x1f;
 switch(addr) {
 case 0x00:
 val = s-cmd;
@@ -593,6 +574,15 @@ static uint32_t uhci_ioport_readw(void *opaque, uint32_t 
addr)
 case 0x06:
 val = s-frnum;
 break;
+case 0x08:
+val = s-fl_base_addr  0x;
+break;
+case 0x0a:
+val = (s-fl_base_addr  16)  0x;
+break;
+case 0x0c:
+val = s-sof_timing;
+break;
 case 0x10 ... 0x1f:
 {
 UHCIPort *port;
@@ -615,38 +605,6 @@ static uint32_t uhci_ioport_readw(void *opaque, uint32_t 
addr)
 return val;
 }
 
-static void uhci_ioport_writel(void *opaque, uint32_t addr, uint32_t val)
-{
-UHCIState *s = opaque;
-
-addr = 0x1f;
-trace_usb_uhci_mmio_writel(addr, val);
-
-switch(addr) {
-case 0x08:
-s-fl_base_addr = val  ~0xfff;
-break;
-}
-}
-
-static uint32_t uhci_ioport_readl(void *opaque, uint32_t addr)
-{
-UHCIState *s = opaque;
-uint32_t val;
-
-addr = 0x1f;
-switch(addr) {
-case 0x08:
-val = s-fl_base_addr;
-break;
-default:
-val = 0x;
-break;
-}
-trace_usb_uhci_mmio_readl(addr, val);
-return val;
-}
-
 /* signal resume if controller suspended */
 static void uhci_resume (void *opaque)
 {
@@ -1236,18 +1194,14 @@ static void uhci_frame_timer(void *opaque)
 qemu_mod_timer(s-frame_timer, t_now + frame_t);
 }
 
-static const MemoryRegionPortio uhci_portio[] = {
-{ 0, 32, 2, .write = uhci_ioport_writew, },
-{ 0, 32, 2, .read = uhci_ioport_readw, },
-{ 0, 32, 4, .write = uhci_ioport_writel, },
-{ 0, 32, 4, .read = uhci_ioport_readl, },
-{ 0, 32, 1, .write = uhci_ioport_writeb, },
-{ 0, 32, 1, .read = uhci_ioport_readb, },
-PORTIO_END_OF_LIST()

Re: [Qemu-devel] [PATCH 2/3 v2] Reset qemu timers when guest reset

[Alexander Graf]

On 28.12.2012, at 06:16, Bharat Bhushan wrote:

 This patch install the timer reset handler. This will be called when
 the guest is reset.
 
 Signed-off-by: Bharat Bhushan bharat.bhus...@freescale.com

Thanks, adjusted to the current QOM'ified code and applied this patch.


Alex

Re: [Qemu-devel] [Xen-devel] [PATCH RFC 1/3] xen_disk: handle disk files on ramfs/tmpfs

[Ian Campbell]

On Mon, 2012-12-31 at 12:16 +, Roger Pau Monne wrote:
 Files that reside on ramfs or tmpfs cannot be opened with O_DIRECT,
 if first call to bdrv_open fails with errno = EINVAL, try a second
 call without BDRV_O_NOCACHE.

Doesn't that risk spuriously turning of NOCACHE on other sorts of
devices as well which (potentially) opens up a data loss issue?

 Signed-off-by: Roger Pau Monné roger@citrix.com
 Cc: xen-de...@lists.xen.org
 Cc: Stefano Stabellini stefano.stabell...@eu.citrix.com
 Cc: Anthony PERARD anthony.per...@citrix.com
 ---
  hw/xen_disk.c |   16 +---
  1 files changed, 13 insertions(+), 3 deletions(-)
 
 diff --git a/hw/xen_disk.c b/hw/xen_disk.c
 index e6bb2f2..a159ee5 100644
 --- a/hw/xen_disk.c
 +++ b/hw/xen_disk.c
 @@ -562,7 +562,7 @@ static void blk_alloc(struct XenDevice *xendev)
  static int blk_init(struct XenDevice *xendev)
  {
  struct XenBlkDev *blkdev = container_of(xendev, struct XenBlkDev, 
 xendev);
 -int index, qflags, info = 0;
 +int index, qflags, info = 0, rc;
  
  /* read xenstore entries */
  if (blkdev-params == NULL) {
 @@ -625,8 +625,18 @@ static int blk_init(struct XenDevice *xendev)
  xen_be_printf(blkdev-xendev, 2, create new bdrv (xenbus 
 setup)\n);
  blkdev-bs = bdrv_new(blkdev-dev);
  if (blkdev-bs) {
 -if (bdrv_open(blkdev-bs, blkdev-filename, qflags,
 -bdrv_find_whitelisted_format(blkdev-fileproto)) != 
 0) {
 +rc = bdrv_open(blkdev-bs, blkdev-filename, qflags,
 +bdrv_find_whitelisted_format(blkdev-fileproto));
 +if (rc != 0  errno == EINVAL) {
 +/* Files on ramfs or tmpfs cannot be opened with O_DIRECT,
 + * remove the BDRV_O_NOCACHE flag, and try to open
 + * the file again.
 + */
 +qflags = ~BDRV_O_NOCACHE;
 +rc = bdrv_open(blkdev-bs, blkdev-filename, qflags,
 +bdrv_find_whitelisted_format(blkdev-fileproto));
 +}
 +if (rc != 0) {
  bdrv_delete(blkdev-bs);
  blkdev-bs = NULL;
  }

Re: [Qemu-devel] [PATCH] s390x: Remove inline function ebcdic_put and related data from cpu.h

[Alexander Graf]

On 01.01.2013, at 19:24, Stefan Weil wrote:

 The function is only used in misc_helper.c, so move it to that file.
 
 This reduces the size of debug executables (compiled without optimization)
 because they get unused code and data for each compilation which includes
 cpu.h.
 
 Executables with optimization don't change their size.
 
 ebcdic2ascii is currently unused and could be removed (not done here).
 
 The array ascii2ebcdic must be accessed with an unsigned index, therefore
 (int)ascii[i] was replaced by (uint8_t)ascii[i]. The old code would have
 failed for a signed char less than 0. The current code only converts
 QEMU and spaces to EBCDIC, so there is no problem today.
 
 Signed-off-by: Stefan Weil s...@weilnetz.de

Thanks, applied to s390-next.

Alex

Re: [Qemu-devel] [Qemu-ppc] [PATCH v3] Modifications to fix PowerPC on 64bit host, bug 1052857

[Alexander Graf]

On 02.01.2013, at 21:53, Samuel Seay wrote:

 Removed h2g() macro around the ka-_sa_handler due to the _sa_handler being a 
 guest memory address
 Changed the __put_user to put_user as it was attempting to put a value at the 
 stack address but the new address is a guest memory address, __put_user is 
 for host memory addresses.
 Patch v2 - v3, removed unneeded casting in the put_user call left over from 
 __put_user
 
 Signed-off-by: Samuel Seay lightnin...@gmail.com

Looks reasonable to me, but I'd like an ack from Peter.

Alex

 ---
 linux-user/signal.c |4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)
 
 diff --git a/linux-user/signal.c b/linux-user/signal.c
 index 95e2ffa..c43b8ac 100644
 --- a/linux-user/signal.c
 +++ b/linux-user/signal.c
 @@ -4584,7 +4584,7 @@ static void setup_frame(int sig, struct 
 target_sigaction *ka,
 
 signal = current_exec_domain_sig(sig);
 
 -err |= __put_user(h2g(ka-_sa_handler), sc-handler);
 +err |= __put_user(ka-_sa_handler, sc-handler);
 err |= __put_user(set-sig[0], sc-oldmask);
 #if defined(TARGET_PPC64)
 err |= __put_user(set-sig[0]  32, sc-_unused[3]);
 @@ -4606,7 +4606,7 @@ static void setup_frame(int sig, struct 
 target_sigaction *ka,
 
 /* Create a stack frame for the caller of the handler.  */
 newsp = frame_addr - SIGNAL_FRAMESIZE;
 -err |= __put_user(env-gpr[1], (target_ulong *)(uintptr_t) newsp);
 +err |= put_user(env-gpr[1], newsp, target_ulong);
 
 if (err)
 goto sigsegv;
 -- 
 1.7.9.5
 
 

[Qemu-devel] [RFC V9 01/12] qdev : add a maximum device allowed field for the bus.

[fred . konrad]

From: KONRAD Frederic fred.kon...@greensocs.com

Add a max_dev field to BusState to specify the maximum amount of devices allowed
on the bus ( have no effect if max_dev=0 )

Signed-off-by: KONRAD Frederic fred.kon...@greensocs.com
---
 hw/qdev-core.h|  2 ++
 hw/qdev-monitor.c | 11 +++
 2 files changed, 13 insertions(+)

diff --git a/hw/qdev-core.h b/hw/qdev-core.h
index fdf14ec..73e25d8 100644
--- a/hw/qdev-core.h
+++ b/hw/qdev-core.h
@@ -104,6 +104,8 @@ struct BusState {
 const char *name;
 int allow_hotplug;
 int max_index;
+/* maximum devices allowed on the bus, 0 : no limit. */
+int max_dev;
 QTAILQ_HEAD(ChildrenHead, BusChild) children;
 QLIST_ENTRY(BusState) sibling;
 };
diff --git a/hw/qdev-monitor.c b/hw/qdev-monitor.c
index b739867..817562e 100644
--- a/hw/qdev-monitor.c
+++ b/hw/qdev-monitor.c
@@ -293,6 +293,17 @@ static BusState *qbus_find_recursive(BusState *bus, const 
char *name,
 if (bus_typename  !object_dynamic_cast(OBJECT(bus), bus_typename)) {
 match = 0;
 }
+if ((bus-max_dev != 0)  (bus-max_dev = bus-max_index)) {
+if (name != NULL) {
+/* bus was explicitly specified : return an error. */
+qerror_report(ERROR_CLASS_GENERIC_ERROR, Bus '%s' is full,
+  bus-name);
+return NULL;
+} else {
+/* bus was not specified : try to find another one. */
+match = 0;
+}
+}
 if (match) {
 return bus;
 }
-- 
1.7.11.7

[Qemu-devel] [RFC V9 02/12] virtio-bus : introduce virtio-bus

[fred . konrad]

From: KONRAD Frederic fred.kon...@greensocs.com

Introduce virtio-bus. Refactored transport device will create a bus which
extends virtio-bus.

Signed-off-by: KONRAD Frederic fred.kon...@greensocs.com
---
 hw/Makefile.objs |   1 +
 hw/virtio-bus.c  | 178 +++
 hw/virtio-bus.h  |  98 ++
 3 files changed, 277 insertions(+)
 create mode 100644 hw/virtio-bus.c
 create mode 100644 hw/virtio-bus.h

diff --git a/hw/Makefile.objs b/hw/Makefile.objs
index d75f2f0..c34af0e 100644
--- a/hw/Makefile.objs
+++ b/hw/Makefile.objs
@@ -3,6 +3,7 @@ common-obj-y += loader.o
 common-obj-$(CONFIG_VIRTIO) += virtio-console.o
 common-obj-$(CONFIG_VIRTIO) += virtio-rng.o
 common-obj-$(CONFIG_VIRTIO_PCI) += virtio-pci.o
+common-obj-$(CONFIG_VIRTIO) += virtio-bus.o
 common-obj-y += fw_cfg.o
 common-obj-$(CONFIG_PCI) += pci_bridge_dev.o
 common-obj-$(CONFIG_PCI) += ioh3420.o xio3130_upstream.o xio3130_downstream.o
diff --git a/hw/virtio-bus.c b/hw/virtio-bus.c
new file mode 100644
index 000..c5e67b0
--- /dev/null
+++ b/hw/virtio-bus.c
@@ -0,0 +1,178 @@
+/*
+ * VirtioBus
+ *
+ *  Copyright (C) 2012 : GreenSocs Ltd
+ *  http://www.greensocs.com/ , email: i...@greensocs.com
+ *
+ *  Developed by :
+ *  Frederic Konrad   fred.kon...@greensocs.com
+ *
+ * This program is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation, either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License along
+ * with this program; if not, see http://www.gnu.org/licenses/.
+ *
+ */
+
+#include hw.h
+#include qemu/error-report.h
+#include qdev.h
+#include virtio-bus.h
+#include virtio.h
+
+/* #define DEBUG_VIRTIO_BUS */
+
+#ifdef DEBUG_VIRTIO_BUS
+#define DPRINTF(fmt, ...) \
+do { printf(virtio_bus:  fmt , ## __VA_ARGS__); } while (0)
+#else
+#define DPRINTF(fmt, ...) do { } while (0)
+#endif
+
+/* Plug the VirtIODevice */
+int virtio_bus_plug_device(VirtIODevice *vdev)
+{
+DeviceState *qdev = DEVICE(vdev);
+BusState *qbus = BUS(qdev_get_parent_bus(qdev));
+VirtioBusState *bus = VIRTIO_BUS(qbus);
+VirtioBusClass *klass = VIRTIO_BUS_GET_CLASS(bus);
+DPRINTF(%s : plug device.\n, qbus-name);
+
+bus-vdev = vdev;
+
+/*
+ * The lines below will disappear when we drop VirtIOBindings, at the end
+ * of the series.
+ */
+bus-bindings.notify = klass-notify;
+bus-bindings.save_config = klass-save_config;
+bus-bindings.save_queue = klass-save_queue;
+bus-bindings.load_config = klass-load_config;
+bus-bindings.load_queue = klass-load_queue;
+bus-bindings.load_done = klass-load_done;
+bus-bindings.get_features = klass-get_features;
+bus-bindings.query_guest_notifiers = klass-query_guest_notifiers;
+bus-bindings.set_guest_notifiers = klass-set_guest_notifiers;
+bus-bindings.set_host_notifier = klass-set_host_notifier;
+bus-bindings.vmstate_change = klass-vmstate_change;
+virtio_bind_device(bus-vdev, bus-bindings, qbus-parent);
+
+if (klass-device_plugged != NULL) {
+klass-device_plugged(qbus-parent);
+}
+
+return 0;
+}
+
+/* Reset the virtio_bus */
+void virtio_bus_reset(VirtioBusState *bus)
+{
+DPRINTF(%s : reset device.\n, qbus-name);
+if (bus-vdev != NULL) {
+virtio_reset(bus-vdev);
+}
+}
+
+/* Destroy the VirtIODevice */
+void virtio_bus_destroy_device(VirtioBusState *bus)
+{
+DeviceState *qdev;
+BusState *qbus = BUS(bus);
+VirtioBusClass *klass = VIRTIO_BUS_GET_CLASS(bus);
+DPRINTF(%s : remove device.\n, qbus-name);
+
+if (bus-vdev != NULL) {
+if (klass-device_unplug != NULL) {
+klass-device_unplug(qbus-parent);
+}
+qdev = DEVICE(bus-vdev);
+qdev_free(qdev);
+bus-vdev = NULL;
+}
+}
+
+/* Get the device id of the plugged device. */
+uint16_t virtio_device_get_id(VirtioBusState *bus)
+{
+assert(bus-vdev != NULL);
+return bus-vdev-device_id;
+}
+
+/* Get the nvectors field of the plugged device. */
+int virtio_device_get_nvectors(VirtioBusState *bus)
+{
+assert(bus-vdev != NULL);
+return bus-vdev-nvectors;
+}
+
+/* Set the nvectors field of the plugged device. */
+void virtio_device_set_nvectors(VirtioBusState *bus, int nvectors)
+{
+assert(bus-vdev != NULL);
+bus-vdev-nvectors = nvectors;
+}
+
+/* Get the config_len field of the plugged device. */
+size_t virtio_device_get_config_len(VirtioBusState *bus)
+{
+assert(bus-vdev != NULL);
+return bus-vdev-config_len;
+}
+
+/* Get the features of the plugged device. 

[Qemu-devel] [RFC V9 00/12] Virtio refactoring.

[fred . konrad]

From: KONRAD Frederic fred.kon...@greensocs.com

You can clone that from here :
git.greensocs.com/home/greensocs/git/qemu_virtio.git virtio_refactoring_rfc_v9

This new version fix the name issues with the function name (in virtio-bus)
and the initialisation of virtio-blk-x. If you're all ok with that, I will send
the full series.

For the bindings, I can't move opaque from void* to VirtIODevice* as this is
pointing the transport device.

For the max_dev property what do you finally think is the best: an object or
class property ?

Thanks,

Fred

Changes v8 - v9:
* Modified virtio-bus.c function name. (virtio_device_ prefix.)
* Removed qdev_create(..) in virtio-blk-x, object_new
  + object_property_add_child used instead.

Changes v7 - v8:
* Moved virtio-blk-pci PCI IDs to Add the virtio-blk device..
* virtio : Added virtio_device_init which init children and plug the device.
* virtio : Added virtio_common_cleanup in the same way as
  virtio_common_init.
* virtio-blk : Moved virtio_plug_device to virtio-device init.
* virtio-blk : Inline the virtio_blk_exit function in
  virtio_blk_device_exit and use virtio_common_cleanup.
* virtio-s390-bus : Added virtio-s390-bus.
* virtio-s390-device : Added a virtio-s390-bus.
* virtio-blk-s390 : Switched to the new API.
* virtio : removed function pointer.
* virtio : removed VirtinBindings.
* virtio : cleaned up init and exit function.

Changes v6 - v7:
* virtio-bus : Added virtio-bus-reset.
* virtio-pci : Fixed virtio-pci-exit.
* virtio-pci : Added virtio-pci-rst.
* virtio-pci : Added VirtioPCIClass filled with an init function.
* virtio-blk : Added virtio_blk_set_conf.
* virtio-blk : QOM casts.
* virtio-blk-pci : Switched to the new API.

Changes v5 - v6:
* Renamed virtio_common_init_ to virtio_init, modify virtio_common_init to
  allocate and call virtio_init. Drop the unused structure size parameters.
* Renamed init/exit callback in VirtioBusClass.
* Renamed virtio_blk_init virtio_blk_common_init.
* Modified virtio_blk_init to call virtio_blk_common_init.

Changes v4 - v5:
* use ERROR_CLASS_GENERIC_ERROR in place of creating a new error type for
  the maximum device limitation. ( Peter )
* Removed bus_in_use function. We assume that the virtio-bus is not in use,
  when plugin in. ( Peter )
* Added virtio_bus_destroy_device().
* Implemented the exit function of virtio-pci.
* Implemented the init callback for virtio-pci ( must be modified, it still
  access vdev directly. ).
* Implemented the exit callback for virtio-pci.
* Started virtio-device refactoring.
* Started virtio-blk refactoring. 

Changes v3 - v4:
* Added virtio-bus.o in Makefile.objs ( accidentally dropped from v3 ).
* *const* TypeInfo in virtio-bus.
* Introduced virtio-pci-bus.
* Reintroduced virtio-pci.
* Introduced virtio-device.
* Started virtio-blk refactoring.
* Added an error type in qerror.h for the bus full error.

Changes v2 - v3:
* Added VirtioBusClass.
* Renamed VirtioBus - VirtioBusState.
* Renamed qbus - parent_obj.
* Plug the device only in a non-full bus.

Changes v1 - v2:
* All the little fix you suggest ( License, Debug printf, naming convention,
  ...)
* Added get_virtio_device_id(), and remove the pci_id* from the VirtioBus
  structure.
* Added virtio_bus_reset().
* Added cast macros VIRTIO_BUS.
* Added virtio_bus_plug_device.
* Replaced the old-style bus-qbus by BUS() macro.

KONRAD Frederic (12):
  qdev : add a maximum device allowed field for the bus.
  virtio-bus : introduce virtio-bus
  virtio-pci-bus : introduce virtio-pci-bus.
  virtio-pci : refactor virtio-pci device.
  virtio-device : refactor virtio-device.
  virtio-s390-bus : add virtio-s390-bus.
  virtio-s390-device : create a virtio-s390-bus during init.
  virtio-blk : add the virtio-blk device.
  virtio-blk-pci : switch to new API.
  virtio-blk-s390 : switch to the new API.
  virtio-blk : cleanup : use QOM cast.
  virtio-blk : cleanup : remove qdev field.

 hw/Makefile.objs |   1 +
 hw/qdev-core.h   |   2 +
 hw/qdev-monitor.c|  11 ++
 hw/s390-virtio-bus.c |  47 -
 hw/s390-virtio-bus.h |  14 +++
 hw/virtio-blk.c  | 134 +++-
 hw/virtio-blk.h  |  19 
 hw/virtio-bus.c  | 178 
 hw/virtio-bus.h  |  98 ++
 hw/virtio-pci.c  | 286 +++
 hw/virtio-pci.h  |  52 +-
 hw/virtio.c  |  70 ++---
 hw/virtio.h  |  31 ++
 13 files changed, 809 insertions(+), 134 deletions(-)
 create mode 100644 hw/virtio-bus.c
 create mode 100644 hw/virtio-bus.h

-- 
1.7.11.7

[Qemu-devel] [RFC V9 10/12] virtio-blk-s390 : switch to the new API.

[fred . konrad]

From: KONRAD Frederic fred.kon...@greensocs.com

Here the virtio-blk-s390 is modified for the new API. The device
virtio-blk-s390 extends virtio-s390-device as before. It creates and
connects a virtio-blk during the init. The properties are not modified.

Signed-off-by: KONRAD Frederic fred.kon...@greensocs.com
---
 hw/s390-virtio-bus.c | 17 -
 1 file changed, 12 insertions(+), 5 deletions(-)

diff --git a/hw/s390-virtio-bus.c b/hw/s390-virtio-bus.c
index 4e8471b..a2ccdc0 100644
--- a/hw/s390-virtio-bus.c
+++ b/hw/s390-virtio-bus.c
@@ -165,14 +165,20 @@ static int s390_virtio_net_init(VirtIOS390Device *dev)
 
 static int s390_virtio_blk_init(VirtIOS390Device *dev)
 {
-VirtIODevice *vdev;
-
-vdev = virtio_blk_init((DeviceState *)dev, dev-blk);
-if (!vdev) {
+DeviceState *vdev = DEVICE(dev-vdev);
+virtio_blk_set_conf(vdev, (dev-blk));
+qdev_set_parent_bus(vdev, BUS(dev-bus));
+if (qdev_init(vdev)  0) {
 return -1;
 }
+return s390_virtio_device_init(dev, VIRTIO_DEVICE(vdev));
+}
 
-return s390_virtio_device_init(dev, vdev);
+static void s390_virtio_blk_instance_init(Object *obj)
+{
+VirtIOS390Device *dev = VIRTIO_S390_DEVICE(obj);
+dev-vdev = VIRTIO_DEVICE(object_new(virtio-blk));
+object_property_add_child(obj, virtio-backend, OBJECT(dev-vdev), NULL);
 }
 
 static int s390_virtio_serial_init(VirtIOS390Device *dev)
@@ -436,6 +442,7 @@ static TypeInfo s390_virtio_blk = {
 .name  = virtio-blk-s390,
 .parent= TYPE_VIRTIO_S390_DEVICE,
 .instance_size = sizeof(VirtIOS390Device),
+.instance_init = s390_virtio_blk_instance_init,
 .class_init= s390_virtio_blk_class_init,
 };
 
-- 
1.7.11.7

[Qemu-devel] [RFC V9 09/12] virtio-blk-pci : switch to new API.

[fred . konrad]

From: KONRAD Frederic fred.kon...@greensocs.com

Here the virtio-blk-pci is modified for the new API. The device
virtio-blk-pci extends virtio-pci. It creates and connects a virtio-blk
during the init. The properties are not changed.

Signed-off-by: KONRAD Frederic fred.kon...@greensocs.com
---
 hw/virtio-pci.c | 113 +++-
 hw/virtio-pci.h |  15 +++-
 2 files changed, 61 insertions(+), 67 deletions(-)

diff --git a/hw/virtio-pci.c b/hw/virtio-pci.c
index b5a60f8..5607ac6 100644
--- a/hw/virtio-pci.c
+++ b/hw/virtio-pci.c
@@ -733,26 +733,6 @@ void virtio_init_pci(VirtIOPCIProxy *proxy, VirtIODevice 
*vdev)
 proxy-host_features = vdev-get_features(vdev, proxy-host_features);
 }
 
-static int virtio_blk_init_pci(PCIDevice *pci_dev)
-{
-VirtIOPCIProxy *proxy = DO_UPCAST(VirtIOPCIProxy, pci_dev, pci_dev);
-VirtIODevice *vdev;
-
-if (proxy-class_code != PCI_CLASS_STORAGE_SCSI 
-proxy-class_code != PCI_CLASS_STORAGE_OTHER)
-proxy-class_code = PCI_CLASS_STORAGE_SCSI;
-
-vdev = virtio_blk_init(pci_dev-qdev, proxy-blk);
-if (!vdev) {
-return -1;
-}
-vdev-nvectors = proxy-nvectors;
-virtio_init_pci(proxy, vdev);
-/* make the actual value visible */
-proxy-nvectors = vdev-nvectors;
-return 0;
-}
-
 static void virtio_exit_pci(PCIDevice *pci_dev)
 {
 VirtIOPCIProxy *proxy = DO_UPCAST(VirtIOPCIProxy, pci_dev, pci_dev);
@@ -761,15 +741,6 @@ static void virtio_exit_pci(PCIDevice *pci_dev)
 msix_uninit_exclusive_bar(pci_dev);
 }
 
-static void virtio_blk_exit_pci(PCIDevice *pci_dev)
-{
-VirtIOPCIProxy *proxy = DO_UPCAST(VirtIOPCIProxy, pci_dev, pci_dev);
-
-virtio_pci_stop_ioeventfd(proxy);
-virtio_blk_exit(proxy-vdev);
-virtio_exit_pci(pci_dev);
-}
-
 static int virtio_serial_init_pci(PCIDevice *pci_dev)
 {
 VirtIOPCIProxy *proxy = DO_UPCAST(VirtIOPCIProxy, pci_dev, pci_dev);
@@ -887,42 +858,6 @@ static void virtio_rng_exit_pci(PCIDevice *pci_dev)
 virtio_exit_pci(pci_dev);
 }
 
-static Property virtio_blk_properties[] = {
-DEFINE_PROP_HEX32(class, VirtIOPCIProxy, class_code, 0),
-DEFINE_BLOCK_PROPERTIES(VirtIOPCIProxy, blk.conf),
-DEFINE_BLOCK_CHS_PROPERTIES(VirtIOPCIProxy, blk.conf),
-DEFINE_PROP_STRING(serial, VirtIOPCIProxy, blk.serial),
-#ifdef __linux__
-DEFINE_PROP_BIT(scsi, VirtIOPCIProxy, blk.scsi, 0, true),
-#endif
-DEFINE_PROP_BIT(ioeventfd, VirtIOPCIProxy, flags, 
VIRTIO_PCI_FLAG_USE_IOEVENTFD_BIT, true),
-DEFINE_PROP_UINT32(vectors, VirtIOPCIProxy, nvectors, 2),
-DEFINE_VIRTIO_BLK_FEATURES(VirtIOPCIProxy, host_features),
-DEFINE_PROP_END_OF_LIST(),
-};
-
-static void virtio_blk_class_init(ObjectClass *klass, void *data)
-{
-DeviceClass *dc = DEVICE_CLASS(klass);
-PCIDeviceClass *k = PCI_DEVICE_CLASS(klass);
-
-k-init = virtio_blk_init_pci;
-k-exit = virtio_blk_exit_pci;
-k-vendor_id = PCI_VENDOR_ID_REDHAT_QUMRANET;
-k-device_id = PCI_DEVICE_ID_VIRTIO_BLOCK;
-k-revision = VIRTIO_PCI_ABI_VERSION;
-k-class_id = PCI_CLASS_STORAGE_SCSI;
-dc-reset = virtio_pci_reset;
-dc-props = virtio_blk_properties;
-}
-
-static TypeInfo virtio_blk_info = {
-.name  = virtio-blk-pci,
-.parent= TYPE_PCI_DEVICE,
-.instance_size = sizeof(VirtIOPCIProxy),
-.class_init= virtio_blk_class_init,
-};
-
 static Property virtio_net_properties[] = {
 DEFINE_PROP_BIT(ioeventfd, VirtIOPCIProxy, flags, 
VIRTIO_PCI_FLAG_USE_IOEVENTFD_BIT, false),
 DEFINE_PROP_UINT32(vectors, VirtIOPCIProxy, nvectors, 3),
@@ -1250,6 +1185,52 @@ static const TypeInfo virtio_pci_info = {
 .class_size= sizeof(VirtioPCIClass),
 };
 
+/* virtio-blk-pci */
+
+static Property virtio_blk_pci_properties[] = {
+DEFINE_PROP_HEX32(class, VirtIOBlkPCI, parent_obj.class_code, 0),
+DEFINE_PROP_BIT(ioeventfd, VirtIOBlkPCI, parent_obj.flags,
+VIRTIO_PCI_FLAG_USE_IOEVENTFD_BIT, true),
+DEFINE_PROP_UINT32(vectors, VirtIOBlkPCI, parent_obj.nvectors, 2),
+DEFINE_VIRTIO_BLK_FEATURES(VirtIOBlkPCI, parent_obj.host_features),
+DEFINE_VIRTIO_BLK_PROPERTIES(VirtIOBlkPCI, blk),
+DEFINE_PROP_END_OF_LIST(),
+};
+
+static int virtio_blk_pci_init(VirtIOPCIProxy *vpci_dev)
+{
+VirtIOBlkPCI *dev = VIRTIO_BLK_PCI(vpci_dev);
+virtio_blk_set_conf(dev-vdev, (dev-blk));
+qdev_set_parent_bus(dev-vdev, BUS(vpci_dev-bus));
+if (qdev_init(dev-vdev)  0) {
+return -1;
+}
+return 0;
+}
+
+static void virtio_blk_pci_class_init(ObjectClass *klass, void *data)
+{
+DeviceClass *dc = DEVICE_CLASS(klass);
+VirtioPCIClass *k = VIRTIO_PCI_CLASS(klass);
+dc-props = virtio_blk_pci_properties;
+k-init = virtio_blk_pci_init;
+}
+
+static void virtio_blk_pci_instance_init(Object *obj)
+{
+VirtIOBlkPCI *dev = VIRTIO_BLK_PCI(obj);
+dev-vdev = DEVICE(object_new(virtio-blk));
+object_property_add_child(obj, virtio-backend, OBJECT(dev-vdev), 

[Qemu-devel] [RFC V9 11/12] virtio-blk : cleanup : use QOM cast.

[fred . konrad]

From: KONRAD Frederic fred.kon...@greensocs.com

As the virtio-blk-pci and virtio-blk-s390 are switched to the new API,
we can use QOM casts and remove the separate init/exit for the old API.
This shouldn't been applyied before virtio-blk-pci and virtio-blk-s390
refactoring as their VirtIODevice were not a QOM object.

Signed-off-by: KONRAD Frederic fred.kon...@greensocs.com
---
 hw/virtio-blk.c | 117 ++--
 1 file changed, 37 insertions(+), 80 deletions(-)

diff --git a/hw/virtio-blk.c b/hw/virtio-blk.c
index b728289..67e58da 100644
--- a/hw/virtio-blk.c
+++ b/hw/virtio-blk.c
@@ -25,7 +25,7 @@
 
 typedef struct VirtIOBlock
 {
-VirtIODevice vdev;
+VirtIODevice parent_obj;
 BlockDriverState *bs;
 VirtQueue *vq;
 void *rq;
@@ -36,14 +36,6 @@ typedef struct VirtIOBlock
 DeviceState *qdev;
 } VirtIOBlock;
 
-/*
- * Moving to QOM later in this series.
- */
-static VirtIOBlock *to_virtio_blk(VirtIODevice *vdev)
-{
-return (VirtIOBlock *)vdev;
-}
-
 typedef struct VirtIOBlockReq
 {
 VirtIOBlock *dev;
@@ -59,12 +51,13 @@ typedef struct VirtIOBlockReq
 static void virtio_blk_req_complete(VirtIOBlockReq *req, int status)
 {
 VirtIOBlock *s = req-dev;
+VirtIODevice *vdev = VIRTIO_DEVICE(s);
 
 trace_virtio_blk_req_complete(req, status);
 
 stb_p(req-in-status, status);
 virtqueue_push(s-vq, req-elem, req-qiov.size + sizeof(*req-in));
-virtio_notify(s-vdev, s-vq);
+virtio_notify(vdev, s-vq);
 }
 
 static int virtio_blk_handle_rw_error(VirtIOBlockReq *req, int error,
@@ -405,7 +398,7 @@ static void virtio_blk_handle_request(VirtIOBlockReq *req,
 
 static void virtio_blk_handle_output(VirtIODevice *vdev, VirtQueue *vq)
 {
-VirtIOBlock *s = to_virtio_blk(vdev);
+VirtIOBlock *s = VIRTIO_BLK(vdev);
 VirtIOBlockReq *req;
 MultiReqBuffer mrb = {
 .num_writes = 0,
@@ -426,7 +419,7 @@ static void virtio_blk_handle_output(VirtIODevice *vdev, 
VirtQueue *vq)
 
 static void virtio_blk_dma_restart_bh(void *opaque)
 {
-VirtIOBlock *s = opaque;
+VirtIOBlock *s = VIRTIO_BLK(opaque);
 VirtIOBlockReq *req = s-rq;
 MultiReqBuffer mrb = {
 .num_writes = 0,
@@ -448,7 +441,7 @@ static void virtio_blk_dma_restart_bh(void *opaque)
 static void virtio_blk_dma_restart_cb(void *opaque, int running,
   RunState state)
 {
-VirtIOBlock *s = opaque;
+VirtIOBlock *s = VIRTIO_BLK(opaque);
 
 if (!running)
 return;
@@ -472,7 +465,7 @@ static void virtio_blk_reset(VirtIODevice *vdev)
  */
 static void virtio_blk_update_config(VirtIODevice *vdev, uint8_t *config)
 {
-VirtIOBlock *s = to_virtio_blk(vdev);
+VirtIOBlock *s = VIRTIO_BLK(vdev);
 struct virtio_blk_config blkcfg;
 uint64_t capacity;
 int blk_size = s-conf-logical_block_size;
@@ -511,7 +504,7 @@ static void virtio_blk_update_config(VirtIODevice *vdev, 
uint8_t *config)
 
 static void virtio_blk_set_config(VirtIODevice *vdev, const uint8_t *config)
 {
-VirtIOBlock *s = to_virtio_blk(vdev);
+VirtIOBlock *s = VIRTIO_BLK(vdev);
 struct virtio_blk_config blkcfg;
 
 memcpy(blkcfg, config, sizeof(blkcfg));
@@ -520,7 +513,7 @@ static void virtio_blk_set_config(VirtIODevice *vdev, const 
uint8_t *config)
 
 static uint32_t virtio_blk_get_features(VirtIODevice *vdev, uint32_t features)
 {
-VirtIOBlock *s = to_virtio_blk(vdev);
+VirtIOBlock *s = VIRTIO_BLK(vdev);
 
 features |= (1  VIRTIO_BLK_F_SEG_MAX);
 features |= (1  VIRTIO_BLK_F_GEOMETRY);
@@ -539,7 +532,7 @@ static uint32_t virtio_blk_get_features(VirtIODevice *vdev, 
uint32_t features)
 
 static void virtio_blk_set_status(VirtIODevice *vdev, uint8_t status)
 {
-VirtIOBlock *s = to_virtio_blk(vdev);
+VirtIOBlock *s = VIRTIO_BLK(vdev);
 uint32_t features;
 
 if (!(status  VIRTIO_CONFIG_S_DRIVER_OK)) {
@@ -552,10 +545,11 @@ static void virtio_blk_set_status(VirtIODevice *vdev, 
uint8_t status)
 
 static void virtio_blk_save(QEMUFile *f, void *opaque)
 {
-VirtIOBlock *s = opaque;
+VirtIOBlock *s = VIRTIO_BLK(opaque);
+VirtIODevice *vdev = VIRTIO_DEVICE(s);
 VirtIOBlockReq *req = s-rq;
 
-virtio_save(s-vdev, f);
+virtio_save(vdev, f);
 
 while (req) {
 qemu_put_sbyte(f, 1);
@@ -567,13 +561,14 @@ static void virtio_blk_save(QEMUFile *f, void *opaque)
 
 static int virtio_blk_load(QEMUFile *f, void *opaque, int version_id)
 {
-VirtIOBlock *s = opaque;
+VirtIOBlock *s = VIRTIO_BLK(opaque);
+VirtIODevice *vdev = VIRTIO_DEVICE(s);
 int ret;
 
 if (version_id != 2)
 return -EINVAL;
 
-ret = virtio_load(s-vdev, f);
+ret = virtio_load(vdev, f);
 if (ret) {
 return ret;
 }
@@ -595,9 +590,9 @@ static int virtio_blk_load(QEMUFile *f, void *opaque, int 
version_id)
 
 static void virtio_blk_resize(void *opaque)
 {
-VirtIOBlock *s = opaque;
+VirtIODevice *vdev = VIRTIO_DEVICE(opaque);
 
-  

[Qemu-devel] [RFC V9 04/12] virtio-pci : refactor virtio-pci device.

[fred . konrad]

From: KONRAD Frederic fred.kon...@greensocs.com

Create the virtio-pci device. This transport device will create a
virtio-pci-bus, so one VirtIODevice can be connected.

Signed-off-by: KONRAD Frederic fred.kon...@greensocs.com
---
 hw/virtio-pci.c | 133 
 hw/virtio-pci.h |  18 
 2 files changed, 151 insertions(+)

diff --git a/hw/virtio-pci.c b/hw/virtio-pci.c
index 3f14be2..e63ec59 100644
--- a/hw/virtio-pci.c
+++ b/hw/virtio-pci.c
@@ -1117,6 +1117,136 @@ static TypeInfo virtio_scsi_info = {
 .class_init= virtio_scsi_class_init,
 };
 
+/*
+ * virtio-pci : This is the PCIDevice which have a virtio-pci-bus.
+ */
+
+/* This is called by virtio-bus just after the device is plugged. */
+static void virtio_pci_device_plugged(void *opaque)
+{
+VirtIOPCIProxy *proxy = VIRTIO_PCI(opaque);
+VirtioBusState *bus = proxy-bus;
+uint8_t *config;
+uint32_t size;
+
+/* Put the PCI IDs */
+switch (virtio_device_get_id(proxy-bus)) {
+
+
+default:
+error_report(unknown device id\n);
+break;
+
+}
+
+/*
+ * vdev shouldn't be accessed directly by virtio-pci.
+ * We will remove that at the end of the series to keep virtio-x-pci
+ * working.
+ */
+proxy-vdev = proxy-bus-vdev;
+
+config = proxy-pci_dev.config;
+if (proxy-class_code) {
+pci_config_set_class(config, proxy-class_code);
+}
+pci_set_word(config + PCI_SUBSYSTEM_VENDOR_ID,
+ pci_get_word(config + PCI_VENDOR_ID));
+pci_set_word(config + PCI_SUBSYSTEM_ID, virtio_device_get_id(proxy-bus));
+config[PCI_INTERRUPT_PIN] = 1;
+
+if (virtio_device_get_nvectors(bus) 
+msix_init_exclusive_bar(proxy-pci_dev,
+virtio_device_get_nvectors(bus), 1)) {
+virtio_device_set_nvectors(bus, 0);
+}
+
+proxy-pci_dev.config_write = virtio_write_config;
+
+size = VIRTIO_PCI_REGION_SIZE(proxy-pci_dev)
+ + virtio_device_get_config_len(bus);
+if (size  (size-1)) {
+size = 1  qemu_fls(size);
+}
+
+memory_region_init_io(proxy-bar, virtio_pci_config_ops, proxy,
+  virtio-pci, size);
+pci_register_bar(proxy-pci_dev, 0, PCI_BASE_ADDRESS_SPACE_IO,
+ proxy-bar);
+
+if (!kvm_has_many_ioeventfds()) {
+proxy-flags = ~VIRTIO_PCI_FLAG_USE_IOEVENTFD;
+}
+
+proxy-host_features |= 0x1  VIRTIO_F_NOTIFY_ON_EMPTY;
+proxy-host_features |= 0x1  VIRTIO_F_BAD_FEATURE;
+proxy-host_features = virtio_device_get_features(bus,
+  proxy-host_features);
+}
+
+/* This is called by virtio-bus just before the device is unplugged. */
+static void virtio_pci_device_unplug(void *opaque)
+{
+VirtIOPCIProxy *dev = VIRTIO_PCI(opaque);
+virtio_pci_stop_ioeventfd(dev);
+}
+
+static int virtio_pci_init(PCIDevice *pci_dev)
+{
+VirtIOPCIProxy *dev = VIRTIO_PCI(pci_dev);
+VirtioPCIClass *k = VIRTIO_PCI_GET_CLASS(pci_dev);
+dev-bus = virtio_pci_bus_new(dev);
+if (k-init != NULL) {
+return k-init(dev);
+}
+return 0;
+}
+
+static void virtio_pci_exit(PCIDevice *pci_dev)
+{
+VirtIOPCIProxy *proxy = VIRTIO_PCI(pci_dev);
+VirtioBusState *bus = VIRTIO_BUS(proxy-bus);
+BusState *qbus = BUS(proxy-bus);
+virtio_bus_destroy_device(bus);
+qbus_free(qbus);
+virtio_exit_pci(pci_dev);
+}
+
+/*
+ * This will be renamed virtio_pci_reset at the end of the series.
+ * virtio_pci_reset is still in use at this moment.
+ */
+static void virtio_pci_rst(DeviceState *qdev)
+{
+VirtIOPCIProxy *proxy = VIRTIO_PCI(qdev);
+VirtioBusState *bus = VIRTIO_BUS(proxy-bus);
+virtio_pci_stop_ioeventfd(proxy);
+virtio_bus_reset(bus);
+msix_unuse_all_vectors(proxy-pci_dev);
+proxy-flags = ~VIRTIO_PCI_FLAG_BUS_MASTER_BUG;
+}
+
+static void virtio_pci_class_init(ObjectClass *klass, void *data)
+{
+DeviceClass *dc = DEVICE_CLASS(klass);
+PCIDeviceClass *k = PCI_DEVICE_CLASS(klass);
+
+k-init = virtio_pci_init;
+k-exit = virtio_pci_exit;
+k-vendor_id = PCI_VENDOR_ID_REDHAT_QUMRANET;
+k-revision = VIRTIO_PCI_ABI_VERSION;
+k-class_id = PCI_CLASS_OTHERS;
+dc-reset = virtio_pci_rst;
+}
+
+static const TypeInfo virtio_pci_info = {
+.name  = TYPE_VIRTIO_PCI,
+.parent= TYPE_PCI_DEVICE,
+.instance_size = sizeof(VirtIOPCIProxy),
+.class_init= virtio_pci_class_init,
+.class_size= sizeof(VirtioPCIClass),
+};
+
 /* virtio-pci-bus */
 
 VirtioBusState *virtio_pci_bus_new(VirtIOPCIProxy *dev)
@@ -1143,6 +1273,8 @@ static void virtio_pci_bus_class_init(ObjectClass *klass, 
void *data)
 k-set_host_notifier = virtio_pci_set_host_notifier;
 k-set_guest_notifiers = virtio_pci_set_guest_notifiers;
 k-vmstate_change = virtio_pci_vmstate_change;
+k-device_plugged = virtio_pci_device_plugged;
+k-device_unplug = 

[Qemu-devel] [RFC V9 08/12] virtio-blk : add the virtio-blk device.

[fred . konrad]

From: KONRAD Frederic fred.kon...@greensocs.com

Create virtio-blk which extends virtio-device, so it can be connected on
virtio-bus.

Signed-off-by: KONRAD Frederic fred.kon...@greensocs.com
---
 hw/virtio-blk.c | 101 +++-
 hw/virtio-blk.h |  19 +++
 hw/virtio-pci.c |   7 ++--
 3 files changed, 116 insertions(+), 11 deletions(-)

diff --git a/hw/virtio-blk.c b/hw/virtio-blk.c
index 90cfa24..b728289 100644
--- a/hw/virtio-blk.c
+++ b/hw/virtio-blk.c
@@ -21,6 +21,7 @@
 #ifdef __linux__
 # include scsi/sg.h
 #endif
+#include virtio-bus.h
 
 typedef struct VirtIOBlock
 {
@@ -30,11 +31,14 @@ typedef struct VirtIOBlock
 void *rq;
 QEMUBH *bh;
 BlockConf *conf;
-VirtIOBlkConf *blk;
+VirtIOBlkConf blk;
 unsigned short sector_mask;
 DeviceState *qdev;
 } VirtIOBlock;
 
+/*
+ * Moving to QOM later in this series.
+ */
 static VirtIOBlock *to_virtio_blk(VirtIODevice *vdev)
 {
 return (VirtIOBlock *)vdev;
@@ -164,7 +168,7 @@ static void virtio_blk_handle_scsi(VirtIOBlockReq *req)
  */
 req-scsi = (void *)req-elem.in_sg[req-elem.in_num - 2].iov_base;
 
-if (!req-dev-blk-scsi) {
+if (!req-dev-blk.scsi) {
 status = VIRTIO_BLK_S_UNSUPP;
 goto fail;
 }
@@ -384,7 +388,7 @@ static void virtio_blk_handle_request(VirtIOBlockReq *req,
  * terminated by '\0' only when shorter than buffer.
  */
 strncpy(req-elem.in_sg[0].iov_base,
-s-blk-serial ? s-blk-serial : ,
+s-blk.serial ? s-blk.serial : ,
 MIN(req-elem.in_sg[0].iov_len, VIRTIO_BLK_ID_BYTES));
 virtio_blk_req_complete(req, VIRTIO_BLK_S_OK);
 g_free(req);
@@ -600,9 +604,16 @@ static const BlockDevOps virtio_block_ops = {
 .resize_cb = virtio_blk_resize,
 };
 
-VirtIODevice *virtio_blk_init(DeviceState *dev, VirtIOBlkConf *blk)
+void virtio_blk_set_conf(DeviceState *dev, VirtIOBlkConf *blk)
+{
+VirtIOBlock *s = VIRTIO_BLK(dev);
+memcpy((s-blk), blk, sizeof(struct VirtIOBlkConf));
+}
+
+static VirtIODevice *virtio_blk_common_init(DeviceState *dev,
+  VirtIOBlkConf *blk, VirtIOBlock **ps)
 {
-VirtIOBlock *s;
+VirtIOBlock *s = *ps;
 static int virtio_blk_id;
 
 if (!blk-conf.bs) {
@@ -619,9 +630,20 @@ VirtIODevice *virtio_blk_init(DeviceState *dev, 
VirtIOBlkConf *blk)
 return NULL;
 }
 
-s = (VirtIOBlock *)virtio_common_init(virtio-blk, VIRTIO_ID_BLOCK,
-  sizeof(struct virtio_blk_config),
-  sizeof(VirtIOBlock));
+/*
+ * We have two cases here : the old virtio-blk-pci device, and the
+ * refactored virtio-blk.
+ */
+if (s == NULL) {
+/* virtio-blk-pci */
+s = (VirtIOBlock *)virtio_common_init(virtio-blk, VIRTIO_ID_BLOCK,
+  sizeof(struct virtio_blk_config),
+  sizeof(VirtIOBlock));
+} else {
+/* virtio-blk */
+virtio_init(VIRTIO_DEVICE(s), virtio-blk, VIRTIO_ID_BLOCK,
+sizeof(struct virtio_blk_config));
+}
 
 s-vdev.get_config = virtio_blk_update_config;
 s-vdev.set_config = virtio_blk_set_config;
@@ -630,7 +652,7 @@ VirtIODevice *virtio_blk_init(DeviceState *dev, 
VirtIOBlkConf *blk)
 s-vdev.reset = virtio_blk_reset;
 s-bs = blk-conf.bs;
 s-conf = blk-conf;
-s-blk = blk;
+virtio_blk_set_conf(dev, blk);
 s-rq = NULL;
 s-sector_mask = (s-conf-logical_block_size / BDRV_SECTOR_SIZE) - 1;
 
@@ -649,6 +671,12 @@ VirtIODevice *virtio_blk_init(DeviceState *dev, 
VirtIOBlkConf *blk)
 return s-vdev;
 }
 
+VirtIODevice *virtio_blk_init(DeviceState *dev, VirtIOBlkConf *blk)
+{
+VirtIOBlock *s = NULL;
+return virtio_blk_common_init(dev, blk, s);
+}
+
 void virtio_blk_exit(VirtIODevice *vdev)
 {
 VirtIOBlock *s = to_virtio_blk(vdev);
@@ -656,3 +684,58 @@ void virtio_blk_exit(VirtIODevice *vdev)
 blockdev_mark_auto_del(s-bs);
 virtio_cleanup(vdev);
 }
+
+
+static int virtio_blk_device_init(VirtIODevice *vdev)
+{
+DeviceState *qdev = DEVICE(vdev);
+VirtIOBlock *s = VIRTIO_BLK(vdev);
+VirtIOBlkConf *blk = (s-blk);
+if (virtio_blk_common_init(qdev, blk, s) == NULL) {
+return -1;
+}
+return 0;
+}
+
+static int virtio_blk_device_exit(DeviceState *dev)
+{
+VirtIODevice *vdev = VIRTIO_DEVICE(dev);
+VirtIOBlock *s = VIRTIO_BLK(dev);
+unregister_savevm(s-qdev, virtio-blk, s);
+blockdev_mark_auto_del(s-bs);
+virtio_common_cleanup(vdev);
+return 0;
+}
+
+static Property virtio_blk_properties[] = {
+DEFINE_VIRTIO_BLK_PROPERTIES(VirtIOBlock, blk),
+DEFINE_PROP_END_OF_LIST(),
+};
+
+static void virtio_blk_class_init(ObjectClass *klass, void *data)
+{
+DeviceClass *dc = DEVICE_CLASS(klass);
+VirtioDeviceClass *vdc = 

[Qemu-devel] [RFC V9 05/12] virtio-device : refactor virtio-device.

[fred . konrad]

From: KONRAD Frederic fred.kon...@greensocs.com

Create the virtio-device which is abstract. All the virtio-device can extend
this class.

Signed-off-by: KONRAD Frederic fred.kon...@greensocs.com
---
 hw/virtio.c | 70 ++---
 hw/virtio.h | 31 +++
 2 files changed, 89 insertions(+), 12 deletions(-)

diff --git a/hw/virtio.c b/hw/virtio.c
index 0455a9e..e2760b1 100644
--- a/hw/virtio.c
+++ b/hw/virtio.c
@@ -17,6 +17,7 @@
 #include qemu/error-report.h
 #include virtio.h
 #include qemu/atomic.h
+#include virtio-bus.h
 
 /* The alignment to use between consumer and producer parts of vring.
  * x86 pagesize again. */
@@ -875,11 +876,16 @@ int virtio_load(VirtIODevice *vdev, QEMUFile *f)
 return 0;
 }
 
-void virtio_cleanup(VirtIODevice *vdev)
+void virtio_common_cleanup(VirtIODevice *vdev)
 {
 qemu_del_vm_change_state_handler(vdev-vmstate);
 g_free(vdev-config);
 g_free(vdev-vq);
+}
+
+void virtio_cleanup(VirtIODevice *vdev)
+{
+virtio_common_cleanup(vdev);
 g_free(vdev);
 }
 
@@ -902,14 +908,10 @@ static void virtio_vmstate_change(void *opaque, int 
running, RunState state)
 }
 }
 
-VirtIODevice *virtio_common_init(const char *name, uint16_t device_id,
- size_t config_size, size_t struct_size)
+void virtio_init(VirtIODevice *vdev, const char *name,
+ uint16_t device_id, size_t config_size)
 {
-VirtIODevice *vdev;
 int i;
-
-vdev = g_malloc0(struct_size);
-
 vdev-device_id = device_id;
 vdev-status = 0;
 vdev-isr = 0;
@@ -917,20 +919,28 @@ VirtIODevice *virtio_common_init(const char *name, 
uint16_t device_id,
 vdev-config_vector = VIRTIO_NO_VECTOR;
 vdev-vq = g_malloc0(sizeof(VirtQueue) * VIRTIO_PCI_QUEUE_MAX);
 vdev-vm_running = runstate_is_running();
-for(i = 0; i  VIRTIO_PCI_QUEUE_MAX; i++) {
+for (i = 0; i  VIRTIO_PCI_QUEUE_MAX; i++) {
 vdev-vq[i].vector = VIRTIO_NO_VECTOR;
 vdev-vq[i].vdev = vdev;
 }
 
 vdev-name = name;
 vdev-config_len = config_size;
-if (vdev-config_len)
+if (vdev-config_len) {
 vdev-config = g_malloc0(config_size);
-else
+} else {
 vdev-config = NULL;
+}
+vdev-vmstate = qemu_add_vm_change_state_handler(virtio_vmstate_change,
+ vdev);
+}
 
-vdev-vmstate = qemu_add_vm_change_state_handler(virtio_vmstate_change, 
vdev);
-
+VirtIODevice *virtio_common_init(const char *name, uint16_t device_id,
+ size_t config_size, size_t struct_size)
+{
+VirtIODevice *vdev;
+vdev = g_malloc0(struct_size);
+virtio_init(vdev, name, device_id, config_size);
 return vdev;
 }
 
@@ -1056,3 +1066,39 @@ EventNotifier *virtio_queue_get_host_notifier(VirtQueue 
*vq)
 {
 return vq-host_notifier;
 }
+
+static int virtio_device_init(DeviceState *qdev)
+{
+VirtIODevice *vdev = VIRTIO_DEVICE(qdev);
+VirtioDeviceClass *k = VIRTIO_DEVICE_GET_CLASS(qdev);
+assert(k-init != NULL);
+if (k-init(vdev)  0) {
+return -1;
+}
+virtio_bus_plug_device(vdev);
+return 0;
+}
+
+static void virtio_device_class_init(ObjectClass *klass, void *data)
+{
+/* Set the default value here. */
+DeviceClass *dc = DEVICE_CLASS(klass);
+dc-init = virtio_device_init;
+dc-bus_type = TYPE_VIRTIO_BUS;
+}
+
+static const TypeInfo virtio_device_info = {
+.name = TYPE_VIRTIO_DEVICE,
+.parent = TYPE_DEVICE,
+.instance_size = sizeof(VirtIODevice),
+.class_init = virtio_device_class_init,
+.abstract = true,
+.class_size = sizeof(VirtioDeviceClass),
+};
+
+static void virtio_register_types(void)
+{
+type_register_static(virtio_device_info);
+}
+
+type_init(virtio_register_types)
diff --git a/hw/virtio.h b/hw/virtio.h
index 5416004..2b9d10c 100644
--- a/hw/virtio.h
+++ b/hw/virtio.h
@@ -108,8 +108,17 @@ typedef struct {
 
 #define VIRTIO_NO_VECTOR 0x
 
+#define TYPE_VIRTIO_DEVICE virtio-device
+#define VIRTIO_DEVICE_GET_CLASS(obj) \
+OBJECT_GET_CLASS(VirtioDeviceClass, obj, TYPE_VIRTIO_DEVICE)
+#define VIRTIO_DEVICE_CLASS(klass) \
+OBJECT_CLASS_CHECK(VirtioDeviceClass, klass, TYPE_VIRTIO_DEVICE)
+#define VIRTIO_DEVICE(obj) \
+OBJECT_CHECK(VirtIODevice, (obj), TYPE_VIRTIO_DEVICE)
+
 struct VirtIODevice
 {
+DeviceState parent_obj;
 const char *name;
 uint8_t status;
 uint8_t isr;
@@ -119,6 +128,10 @@ struct VirtIODevice
 void *config;
 uint16_t config_vector;
 int nvectors;
+/*
+ * Will be removed ( at the end of the series ) as we have it in
+ * VirtioDeviceClass.
+ */
 uint32_t (*get_features)(VirtIODevice *vdev, uint32_t requested_features);
 uint32_t (*bad_features)(VirtIODevice *vdev);
 void (*set_features)(VirtIODevice *vdev, uint32_t val);
@@ -126,6 +139,7 @@ struct VirtIODevice
 void (*set_config)(VirtIODevice *vdev, 

[Qemu-devel] [RFC V9 12/12] virtio-blk : cleanup : remove qdev field.

[fred . konrad]

From: KONRAD Frederic fred.kon...@greensocs.com

The qdev field is no longer needed, just drop it.

Signed-off-by: KONRAD Frederic fred.kon...@greensocs.com
---
 hw/virtio-blk.c | 4 +---
 1 file changed, 1 insertion(+), 3 deletions(-)

diff --git a/hw/virtio-blk.c b/hw/virtio-blk.c
index 67e58da..0363419 100644
--- a/hw/virtio-blk.c
+++ b/hw/virtio-blk.c
@@ -33,7 +33,6 @@ typedef struct VirtIOBlock
 BlockConf *conf;
 VirtIOBlkConf blk;
 unsigned short sector_mask;
-DeviceState *qdev;
 } VirtIOBlock;
 
 typedef struct VirtIOBlockReq
@@ -643,7 +642,6 @@ static int virtio_blk_device_init(VirtIODevice *vdev)
 s-vq = virtio_add_queue(vdev, 128, virtio_blk_handle_output);
 
 qemu_add_vm_change_state_handler(virtio_blk_dma_restart_cb, s);
-s-qdev = qdev;
 register_savevm(qdev, virtio-blk, virtio_blk_id++, 2,
 virtio_blk_save, virtio_blk_load, s);
 bdrv_set_dev_ops(s-bs, virtio_block_ops, s);
@@ -658,7 +656,7 @@ static int virtio_blk_device_exit(DeviceState *dev)
 {
 VirtIODevice *vdev = VIRTIO_DEVICE(dev);
 VirtIOBlock *s = VIRTIO_BLK(dev);
-unregister_savevm(s-qdev, virtio-blk, s);
+unregister_savevm(dev, virtio-blk, s);
 blockdev_mark_auto_del(s-bs);
 virtio_common_cleanup(vdev);
 return 0;
-- 
1.7.11.7

[Qemu-devel] [RFC V9 06/12] virtio-s390-bus : add virtio-s390-bus.

[fred . konrad]

From: KONRAD Frederic fred.kon...@greensocs.com

This add the virtio-s390-bus which extends virtio-bus. So one VirtIODevice can
be connected on this bus.

Signed-off-by: KONRAD Frederic fred.kon...@greensocs.com
---
 hw/s390-virtio-bus.c | 28 
 hw/s390-virtio-bus.h | 13 +
 2 files changed, 41 insertions(+)

diff --git a/hw/s390-virtio-bus.c b/hw/s390-virtio-bus.c
index b78d626..67ecb3a 100644
--- a/hw/s390-virtio-bus.c
+++ b/hw/s390-virtio-bus.c
@@ -32,6 +32,7 @@
 #include sysemu/kvm.h
 
 #include hw/s390-virtio-bus.h
+#include hw/virtio-bus.h
 
 /* #define DEBUG_S390 */
 
@@ -555,8 +556,35 @@ static TypeInfo s390_virtio_bridge_info = {
 .class_init= s390_virtio_bridge_class_init,
 };
 
+/* virtio-s390-bus */
+
+VirtioBusState *virtio_s390_bus_new(VirtIOS390Device *dev)
+{
+DeviceState *qdev = DEVICE(dev);
+BusState *qbus = qbus_create(TYPE_VIRTIO_S390_BUS, qdev, NULL);
+VirtioBusState *bus = VIRTIO_BUS(qbus);
+qbus-allow_hotplug = 0;
+qbus-max_dev = 1;
+return bus;
+}
+
+static void virtio_s390_bus_class_init(ObjectClass *klass, void *data)
+{
+VirtioBusClass *k = VIRTIO_BUS_CLASS(klass);
+k-notify = virtio_s390_notify;
+k-get_features = virtio_s390_get_features;
+}
+
+static const TypeInfo virtio_s390_bus_info = {
+.name  = TYPE_VIRTIO_S390_BUS,
+.parent= TYPE_VIRTIO_BUS,
+.instance_size = sizeof(VirtioBusState),
+.class_init= virtio_s390_bus_class_init,
+};
+
 static void s390_virtio_register_types(void)
 {
+type_register_static(virtio_s390_bus_info);
 type_register_static(s390_virtio_bus_info);
 type_register_static(virtio_s390_device_info);
 type_register_static(s390_virtio_serial);
diff --git a/hw/s390-virtio-bus.h b/hw/s390-virtio-bus.h
index 23fedd5..d5a6f9b 100644
--- a/hw/s390-virtio-bus.h
+++ b/hw/s390-virtio-bus.h
@@ -24,6 +24,7 @@
 #include virtio-rng.h
 #include virtio-serial.h
 #include virtio-scsi.h
+#include virtio-bus.h
 
 #define VIRTIO_DEV_OFFS_TYPE   0   /* 8 bits */
 #define VIRTIO_DEV_OFFS_NUM_VQ 1   /* 8 bits */
@@ -59,8 +60,20 @@
 #define S390_VIRTIO_BUS(obj) \
  OBJECT_CHECK(VirtIOS390Bus, (obj), TYPE_S390_VIRTIO_BUS)
 
+/* virtio-s390-bus */
+
+#define TYPE_VIRTIO_S390_BUS virtio-s390-bus
+#define VIRTIO_S390_BUS_GET_CLASS(obj) \
+OBJECT_GET_CLASS(VirtioBusClass, obj, TYPE_VIRTIO_S390_BUS)
+#define VIRTIO_PCI_BUS_CLASS(klass) \
+OBJECT_CLASS_CHECK(VirtioBusClass, klass, TYPE_VIRTIO_S390_BUS)
+#define VIRTIO_PCI_BUS(obj) \
+OBJECT_CHECK(VirtioBusState, (obj), TYPE_VIRTIO_S390_BUS)
+
 typedef struct VirtIOS390Device VirtIOS390Device;
 
+VirtioBusState *virtio_s390_bus_new(VirtIOS390Device *dev);
+
 typedef struct VirtIOS390DeviceClass {
 DeviceClass qdev;
 int (*init)(VirtIOS390Device *dev);
-- 
1.7.11.7

[Qemu-devel] [RFC V9 03/12] virtio-pci-bus : introduce virtio-pci-bus.

[fred . konrad]

From: KONRAD Frederic fred.kon...@greensocs.com

Introduce virtio-pci-bus, which extends virtio-bus. It is used with virtio-pci
transport device.

Signed-off-by: KONRAD Frederic fred.kon...@greensocs.com
---
 hw/virtio-pci.c | 37 +
 hw/virtio-pci.h | 19 +--
 2 files changed, 54 insertions(+), 2 deletions(-)

diff --git a/hw/virtio-pci.c b/hw/virtio-pci.c
index d2d2454..3f14be2 100644
--- a/hw/virtio-pci.c
+++ b/hw/virtio-pci.c
@@ -31,6 +31,7 @@
 #include sysemu/blockdev.h
 #include virtio-pci.h
 #include qemu/range.h
+#include virtio-bus.h
 
 /* from Linux's linux/virtio_pci.h */
 
@@ -1116,6 +1117,41 @@ static TypeInfo virtio_scsi_info = {
 .class_init= virtio_scsi_class_init,
 };
 
+/* virtio-pci-bus */
+
+VirtioBusState *virtio_pci_bus_new(VirtIOPCIProxy *dev)
+{
+DeviceState *qdev = DEVICE(dev);
+BusState *qbus = qbus_create(TYPE_VIRTIO_PCI_BUS, qdev, NULL);
+VirtioBusState *bus = VIRTIO_BUS(qbus);
+qbus-allow_hotplug = 0;
+/* Only one virtio-device allowed for virtio-pci. */
+qbus-max_dev = 1;
+return bus;
+}
+
+static void virtio_pci_bus_class_init(ObjectClass *klass, void *data)
+{
+VirtioBusClass *k = VIRTIO_BUS_CLASS(klass);
+k-notify = virtio_pci_notify;
+k-save_config = virtio_pci_save_config;
+k-load_config = virtio_pci_load_config;
+k-save_queue = virtio_pci_save_queue;
+k-load_queue = virtio_pci_load_queue;
+k-get_features = virtio_pci_get_features;
+k-query_guest_notifiers = virtio_pci_query_guest_notifiers;
+k-set_host_notifier = virtio_pci_set_host_notifier;
+k-set_guest_notifiers = virtio_pci_set_guest_notifiers;
+k-vmstate_change = virtio_pci_vmstate_change;
+}
+
+static const TypeInfo virtio_pci_bus_info = {
+.name  = TYPE_VIRTIO_PCI_BUS,
+.parent= TYPE_VIRTIO_BUS,
+.instance_size = sizeof(VirtioBusState),
+.class_init= virtio_pci_bus_class_init,
+};
+
 static void virtio_pci_register_types(void)
 {
 type_register_static(virtio_blk_info);
@@ -1124,6 +1160,7 @@ static void virtio_pci_register_types(void)
 type_register_static(virtio_balloon_info);
 type_register_static(virtio_scsi_info);
 type_register_static(virtio_rng_info);
+type_register_static(virtio_pci_bus_info);
 }
 
 type_init(virtio_pci_register_types)
diff --git a/hw/virtio-pci.h b/hw/virtio-pci.h
index b58d9a2..0e3288e 100644
--- a/hw/virtio-pci.h
+++ b/hw/virtio-pci.h
@@ -20,6 +20,21 @@
 #include virtio-rng.h
 #include virtio-serial.h
 #include virtio-scsi.h
+#include virtio-bus.h
+
+/* VirtIOPCIProxy will be renammed VirtioPCIState at the end. */
+typedef struct VirtIOPCIProxy VirtIOPCIProxy;
+
+/* virtio-pci-bus */
+#define TYPE_VIRTIO_PCI_BUS virtio-pci-bus
+#define VIRTIO_PCI_BUS_GET_CLASS(obj) \
+OBJECT_GET_CLASS(VirtioBusClass, obj, TYPE_VIRTIO_PCI_BUS)
+#define VIRTIO_PCI_BUS_CLASS(klass) \
+OBJECT_CLASS_CHECK(VirtioBusClass, klass, TYPE_VIRTIO_PCI_BUS)
+#define VIRTIO_PCI_BUS(obj) \
+OBJECT_CHECK(VirtioBusState, (obj), TYPE_VIRTIO_PCI_BUS)
+
+VirtioBusState *virtio_pci_bus_new(VirtIOPCIProxy *dev);
 
 /* Performance improves when virtqueue kick processing is decoupled from the
  * vcpu thread using ioeventfd for some devices. */
@@ -31,7 +46,7 @@ typedef struct {
 unsigned int users;
 } VirtIOIRQFD;
 
-typedef struct {
+struct VirtIOPCIProxy {
 PCIDevice pci_dev;
 VirtIODevice *vdev;
 MemoryRegion bar;
@@ -51,7 +66,7 @@ typedef struct {
 bool ioeventfd_disabled;
 bool ioeventfd_started;
 VirtIOIRQFD *vector_irqfd;
-} VirtIOPCIProxy;
+};
 
 void virtio_init_pci(VirtIOPCIProxy *proxy, VirtIODevice *vdev);
 void virtio_pci_reset(DeviceState *d);
-- 
1.7.11.7

[Qemu-devel] [RFC V9 07/12] virtio-s390-device : create a virtio-s390-bus during init.

[fred . konrad]

From: KONRAD Frederic fred.kon...@greensocs.com

A virtio-s390-bus is created during the init. So one VirtIODevice can be
connected on the virtio-s390-device through this bus.

Signed-off-by: KONRAD Frederic fred.kon...@greensocs.com
---
 hw/s390-virtio-bus.c | 2 ++
 hw/s390-virtio-bus.h | 1 +
 2 files changed, 3 insertions(+)

diff --git a/hw/s390-virtio-bus.c b/hw/s390-virtio-bus.c
index 67ecb3a..4e8471b 100644
--- a/hw/s390-virtio-bus.c
+++ b/hw/s390-virtio-bus.c
@@ -489,6 +489,8 @@ static int s390_virtio_busdev_init(DeviceState *dev)
 VirtIOS390Device *_dev = (VirtIOS390Device *)dev;
 VirtIOS390DeviceClass *_info = VIRTIO_S390_DEVICE_GET_CLASS(dev);
 
+_dev-bus = virtio_s390_bus_new(_dev);
+
 return _info-init(_dev);
 }
 
diff --git a/hw/s390-virtio-bus.h b/hw/s390-virtio-bus.h
index d5a6f9b..c585888 100644
--- a/hw/s390-virtio-bus.h
+++ b/hw/s390-virtio-bus.h
@@ -92,6 +92,7 @@ struct VirtIOS390Device {
 virtio_net_conf net;
 VirtIOSCSIConf scsi;
 VirtIORNGConf rng;
+VirtioBusState *bus;
 };
 
 typedef struct VirtIOS390Bus {
-- 
1.7.11.7

[Qemu-devel] [Bug 1033727] Re: USB passthrough doesn't work anymore with qemu-kvm 1.1.1

[daniel pecka]

same here with:
Bus 002 Device 006: ID 16d5:6603 AnyDATA Corporation

^^ it is modem and my qemu-kvm version is:
QEMU emulator version 1.2.0 (kvm-1.2.0-178.2)

i can also confirm freezing in previous version ..

regards, d

-- 
You received this bug notification because you are a member of qemu-
devel-ml, which is subscribed to QEMU.
https://bugs.launchpad.net/bugs/1033727

Title:
  USB passthrough doesn't work anymore with qemu-kvm 1.1.1

Status in QEMU:
  New
Status in “qemu-kvm” package in Ubuntu:
  Confirmed
Status in “qemu-kvm” package in Debian:
  Confirmed

Bug description:
  Hi,

  I have a Bus 006 Device 002: ID 0d46:3003 Kobil Systems GmbH mIDentity Light 
/ KAAN SIM III (kind of smart card) in an USB port which I make available to a 
Windows XP guest.
  This worked fine with every older qemu-kvm version I've used so far.

  But since 1.1.0 it doesn't work anymore.
  The device shows up in the guest, but the software can't access it anymore 
(and the guest is pretty unresponsive).

  On the host I get every 2 seconds this message:
  [ 7719.239528] usb 6-1: reset full-speed USB device number 2 using uhci_hcd

  Command line options are:
  /usr/bin/kvm
  ...
  -device usb-host,vendorid=0x0d46,productid=0x3003,bus=usb.0,port=3
  ...

  When I switch back to qemu-kvm 1.0.1 everything works fine again.
  Any idea what the problem could be?

  Thanks
  Klaus

To manage notifications about this bug go to:
https://bugs.launchpad.net/qemu/+bug/1033727/+subscriptions

Re: [Qemu-devel] [RFC V4 00/30] QCOW2 deduplication

[Benoît Canet]

Hello,

I started to write the deduplication metrics code in order to be able
to design asynchronous deduplication.

I am looking for a way to create a metric allowing deduplication to be paused
or resumed on a given threshold.

Does anyone have a sugestion regarding the metric that could be used for this ?

Best regards

Benoît

 Le Wednesday 02 Jan 2013 à 17:16:03 (+0100), Benoît Canet a écrit :
 This patchset is a cleanup of the previous QCOW2 deduplication rfc.
 
 One can compile and install https://github.com/wernerd/Skein3Fish and use the
 --enable-skein-dedup configure option in order to use the faster skein HASH.
 
 Images must be created with -o dedup=[skein|sha256] in order to activate the
 deduplication in the image.
 
 Deduplication is now fast enough to be usable.
 
 v4: Fix and complete qcow2 spec [Stefan]
 Hash the hash_algo field in the header extension [Stefan]
 Fix qcow2 spec [Eric]
 Remove pointer to hash and simplify hash memory management [Stefan]
 Rename and move qcow2_read_cluster_data to qcow2.c [Stefan]
 Document lock dropping behaviour of the previous function [Stefan]
 cleanup qcow2_dedup_read_missing_cluster_data [Stefan]
 rename *_offset to *_sect [Stefan]
 add a ./configure check for ssl [Stefan]
 Replace openssl by gnutls [Stefan]
 Implement Skein hashes
 Rewrite pretty every qcow2-dedup.c commits after Add
qcow2_dedup_read_missing_and_concatenate to simplify the code
 Use 64KB deduplication hash block to reduce allocation flushes
 Use 64KB l2 tables to reduce allocation flushes [breaks compatibility]
 Use lazy refcounts to avoid qcow2_cache_set_dependency loops resultings
in frequent caches flushes
 Do not create and load dedup RAM structures when bdrs-read_only is true
 
 v3: make it work barely
 replace kernel red black trees by gtree.
 
 *** BLURB HERE ***
 
 Benoît Canet (30):
   qcow2: Add deduplication to the qcow2 specification.
   qcow2: Add deduplication structures and fields.
   qcow2: Add qcow2_dedup_read_missing_and_concatenate
   qcow2: Make update_refcount public.
   qcow2: Create a way to link to l2 tables when deduplicating.
   qcow2: Add qcow2_dedup and related functions
   qcow2: Add qcow2_dedup_store_new_hashes.
   qcow2: Implement qcow2_compute_cluster_hash.
   qcow2: Extract qcow2_dedup_grow_table
   qcow2: Add qcow2_dedup_grow_table and use it.
   qcow2: create function to load deduplication hashes at startup.
   qcow2: Load and save deduplication table header extension.
   qcow2: Extract qcow2_do_table_init.
   qcow2-cache: Allow to choose table size at creation.
   qcow2: Add qcow2_dedup_init and qcow2_dedup_close.
   qcow2: Extract qcow2_add_feature and qcow2_remove_feature.
   block: Add qemu-img dedup create option.
   qcow2: Behave correctly when refcount reach 0 or 2^16.
   qcow2: Integrate deduplication in qcow2_co_writev loop.
   qcow2: Serialize write requests when deduplication is activated.
   qcow2: Add verification of dedup table.
   qcow2: Adapt checking of QCOW_OFLAG_COPIED for dedup.
   qcow2: Add check_dedup_l2 in order to check l2 of dedup table.
   qcow2: Do not overwrite existing entries with QCOW_OFLAG_COPIED.
   qcow2: Integrate SKEIN hash algorithm in deduplication.
   qcow2: Add lazy refcounts to deduplication to prevent
 qcow2_cache_set_dependency loops
   qcow2: Use large L2 table for deduplication.
   qcow: Set dedup cluster block size to 64KB.
   qcow2: init and cleanup deduplication.
   qemu-iotests: Filter dedup=on/off so existing tests don't break.
 
  block/Makefile.objs  |1 +
  block/qcow2-cache.c  |   12 +-
  block/qcow2-cluster.c|  116 +++--
  block/qcow2-dedup.c  | 1157 
 ++
  block/qcow2-refcount.c   |  157 --
  block/qcow2.c|  357 +++--
  block/qcow2.h|  120 -
  configure|   55 ++
  docs/specs/qcow2.txt |  100 +++-
  include/block/block_int.h|1 +
  tests/qemu-iotests/common.rc |3 +-
  11 files changed, 1955 insertions(+), 124 deletions(-)
  create mode 100644 block/qcow2-dedup.c
 
 -- 
 1.7.10.4
 

Re: [Qemu-devel] [PATCH] linux-user: fix mips 32-on-64 prealloc case

[Peter Maydell]

On 3 January 2013 13:17, Alexander Graf ag...@suse.de wrote:
 MIPS only supports 31 bits of virtual address space for user space, so let's
 make sure we stay within that limit with our preallocated memory block.

 This fixes the MIPS user space targets when executed without command line
 option.

This looks weird -- why should the guest care that we've reserved a
4GB block which it only uses half of? Or is the problem that host
mmap() ends up handing out addresses from anywhere in the 4GB
reserved area?

-- PMM

Re: [Qemu-devel] [PATCH] linux-user: fix mips 32-on-64 prealloc case

[Alexander Graf]

On 03.01.2013, at 18:19, Peter Maydell wrote:

 On 3 January 2013 13:17, Alexander Graf ag...@suse.de wrote:
 MIPS only supports 31 bits of virtual address space for user space, so let's
 make sure we stay within that limit with our preallocated memory block.
 
 This fixes the MIPS user space targets when executed without command line
 option.
 
 This looks weird -- why should the guest care that we've reserved a
 4GB block which it only uses half of? Or is the problem that host
 mmap() ends up handing out addresses from anywhere in the 4GB
 reserved area?

Even worse, it starts from the top IIRC.

MIPS uses the upper virtual address bit for kernel/user space indication. I'm 
not sure where exactly this logic falls apart in our case, but user space 
virtual addresses above 2GB are simple illegal in that world, so I wouldn't 
expect QEMU or a guest process to cope with them.


Alex

Re: [Qemu-devel] [Qemu-ppc] [PATCH v3] Modifications to fix PowerPC on 64bit host, bug 1052857

[Peter Maydell]

On 3 January 2013 14:45, Alexander Graf ag...@suse.de wrote:

 On 02.01.2013, at 21:53, Samuel Seay wrote:

 Removed h2g() macro around the ka-_sa_handler due to the _sa_handler being 
 a guest memory address
 Changed the __put_user to put_user as it was attempting to put a value at 
 the stack address but the new address is a guest memory address, __put_user 
 is for host memory addresses.
 Patch v2 - v3, removed unneeded casting in the put_user call left over from 
 __put_user

 Signed-off-by: Samuel Seay lightnin...@gmail.com

 Looks reasonable to me, but I'd like an ack from Peter.

Untested, and I haven't looked up the PPC ABI to check that the
function is overall doing the right thing, but with those caveats:
Reviewed-by: Peter Maydell peter.mayd...@linaro.org

-- PMM

Re: [Qemu-devel] [PATCH 01/15] openpic: fix debug prints

[Alexander Graf]

On 22.12.2012, at 03:15, Scott Wood wrote:

 Fix various format errors when debug prints are enabled.  Also
 cause error checking to happen even when debug prints are not
 enabled, and consistently use 0x for hex output.
 
 Signed-off-by: Scott Wood scottw...@freescale.com
 ---
 hw/openpic.c |   40 
 1 file changed, 24 insertions(+), 16 deletions(-)
 
 diff --git a/hw/openpic.c b/hw/openpic.c
 index 93e8208..72a5bc9 100644
 --- a/hw/openpic.c
 +++ b/hw/openpic.c
 @@ -45,7 +45,11 @@
 #ifdef DEBUG_OPENPIC

static const int debug_openpic = 1;
#else
static const int debug_openpic = 0;

 #define DPRINTF(fmt, ...) do { printf(fmt , ## __VA_ARGS__); } while (0)
 #else
 -#define DPRINTF(fmt, ...) do { } while (0)
 +#define DPRINTF(fmt, ...) do { \
 +if (0) { \

if (debug_openpic)

 +printf(fmt , ## __VA_ARGS__); \
 +} \
 +} while (0)
 #endif

That way we don't need to duplicate the print define. Let me fix that up for 
you while applying the patch.


Alex

Re: [Qemu-devel] [PATCH 0/8] CPU DeviceState v10

[Andreas Färber]

Am 05.12.2012 17:49, schrieb Eduardo Habkost:
 Eduardo Habkost (8):
[...]
   libqemustub: Add qemu_[un]register_reset() stubs
   libqemustub: vmstate register/unregister stubs
   libqemustub: sysbus_get_default() stub
[...]
   include qdev code into *-user, too
   qom: Make CPU a child of DeviceState

Thanks, remainder of series applied to qom-cpu queue (with
rebasing/modifications previously mentioned):
https://github.com/afaerber/qemu-cpu/commits/qom-cpu

Andreas

-- 
SUSE LINUX Products GmbH, Maxfeldstr. 5, 90409 Nürnberg, Germany
GF: Jeff Hawn, Jennifer Guild, Felix Imendörffer; HRB 16746 AG Nürnberg

Re: [Qemu-devel] [Qemu-ppc] [PATCH v3] Modifications to fix PowerPC on 64bit host, bug 1052857

[Alexander Graf]

On 03.01.2013, at 18:28, Peter Maydell wrote:

 On 3 January 2013 14:45, Alexander Graf ag...@suse.de wrote:
 
 On 02.01.2013, at 21:53, Samuel Seay wrote:
 
 Removed h2g() macro around the ka-_sa_handler due to the _sa_handler being 
 a guest memory address
 Changed the __put_user to put_user as it was attempting to put a value at 
 the stack address but the new address is a guest memory address, __put_user 
 is for host memory addresses.
 Patch v2 - v3, removed unneeded casting in the put_user call left over 
 from __put_user
 
 Signed-off-by: Samuel Seay lightnin...@gmail.com
 
 Looks reasonable to me, but I'd like an ack from Peter.
 
 Untested, and I haven't looked up the PPC ABI to check that the
 function is overall doing the right thing, but with those caveats:
 Reviewed-by: Peter Maydell peter.mayd...@linaro.org

Considering the state it was in before, I'd say applying the patch is an 
improvement regardless on how broken any code around it might be :).

Applied to ppc-next.


Alex

Re: [Qemu-devel] [Qemu-ppc] [PATCH v3] Modifications to fix PowerPC on 64bit host, bug 1052857

[Peter Maydell]

On 3 January 2013 17:37, Alexander Graf ag...@suse.de wrote:
 On 03.01.2013, at 18:28, Peter Maydell wrote:
 Untested, and I haven't looked up the PPC ABI to check that the
 function is overall doing the right thing, but with those caveats:
 Reviewed-by: Peter Maydell peter.mayd...@linaro.org

 Considering the state it was in before, I'd say applying the patch
 is an improvement regardless on how broken any code around it
 might be :).

Forgot, this patch doesn't address the other issue I mentioned,
where

env-gpr[4] = (target_ulong) h2g(sc);

is passing the guest a pointer to potentially about to be freed
memory and should be doing something like
   env-gpr[4] = frame_addr + offsetof(struct target_sigframe, sctx);
instead.

-- PMM

Re: [Qemu-devel] [PATCH 03/15] openpic: fix sense and priority bits

[Alexander Graf]

On 22.12.2012, at 03:15, Scott Wood wrote:

 Previously, the sense and priority bits were masked off when writing
 to IVPR, and all interrupts were treated as edge-triggered (despite
 the existence of code for handling level-triggered interrupts).
 
 Polarity is implemented only as storage.  We don't simulate the
 bad effects that you'd get on real hardware if you set this incorrectly,
 but at least the guest sees the right thing when it reads back the register.
 
 Sense now controls level/edge on FSL external interrupts (and all
 interrupts on non-FSL MPIC).  FSL internal interrupts do not have a sense
 bit (reads as zero), but are level.  FSL timers and IPIs do not have
 sense or polarity bits (read as zero), and are edge-triggered.  To
 accommodate FSL internal interrupts, QEMU's internal notion of whether an
 interrupt is level-triggered is separated from the IVPR bit.
 
 Signed-off-by: Scott Wood scottw...@freescale.com
 ---
 hw/openpic.c |   61 --
 1 file changed, 55 insertions(+), 6 deletions(-)
 
 diff --git a/hw/openpic.c b/hw/openpic.c
 index 02f793b..34449a7 100644
 --- a/hw/openpic.c
 +++ b/hw/openpic.c
 @@ -189,6 +189,9 @@ typedef struct IRQ_src_t {
 uint32_t ide;   /* IRQ destination register */
 int last_cpu;
 int pending;/* TRUE if IRQ is pending */
 +bool level; /* level-triggered */
 +bool fslint;/* FSL internal interrupt -- level only */
 +bool fslspecial; /* FSL timer/IPI interrupt, edge, no polarity */

This really looks more like an irqtype enum, no?

enum irqtype {
IRQ_TYPE_NORMAL = 0,
IRQ_TYPE_FSLINT,
IRQ_TYPE_FSLSPECIAL,
}


Alex

 } IRQ_src_t;
 
 #define IPVP_MASK_SHIFT   31
 @@ -427,7 +430,7 @@ static void openpic_set_irq(void *opaque, int n_IRQ, int 
 level)
 src = opp-src[n_IRQ];
 DPRINTF(openpic: set irq %d = %d ipvp=0x%08x\n,
 n_IRQ, level, src-ipvp);
 -if (src-ipvp  IPVP_SENSE_MASK) {
 +if (src-level) {
 /* level-sensitive irq */
 src-pending = level;
 if (!level) {
 @@ -459,6 +462,14 @@ static void openpic_reset(DeviceState *d)
 for (i = 0; i  opp-max_irq; i++) {
 opp-src[i].ipvp = opp-ipvp_reset;
 opp-src[i].ide  = opp-ide_reset;
 +
 +if (opp-src[i].fslint) {
 +opp-src[i].ipvp |= IPVP_POLARITY_MASK;
 +}
 +
 +if (!opp-src[i].fslint  !opp-src[i].fslspecial) {
 +opp-src[i].level = !!(opp-ipvp_reset  IPVP_SENSE_MASK);
 +}
 }
 /* Initialise IRQ destinations */
 for (i = 0; i  MAX_CPU; i++) {
 @@ -499,10 +510,30 @@ static inline void write_IRQreg_ide(OpenPICState *opp, 
 int n_IRQ, uint32_t val)
 
 static inline void write_IRQreg_ipvp(OpenPICState *opp, int n_IRQ, uint32_t 
 val)
 {
 -/* NOTE: not fully accurate for special IRQs, but simple and sufficient 
 */
 +uint32_t mask;
 +
 +/* NOTE when implementing newer FSL MPIC models: starting with v4.0,
 + * the polarity bit is read-only on internal interrupts.
 + */
 +mask = IPVP_MASK_MASK | IPVP_PRIORITY_MASK | IPVP_SENSE_MASK |
 +   IPVP_POLARITY_MASK | opp-vector_mask;
 +
 /* ACTIVITY bit is read-only */
 -opp-src[n_IRQ].ipvp = (opp-src[n_IRQ].ipvp  IPVP_ACTIVITY_MASK) |
 -(val  (IPVP_MASK_MASK | IPVP_PRIORITY_MASK | opp-vector_mask));
 +opp-src[n_IRQ].ipvp =
 +(opp-src[n_IRQ].ipvp  IPVP_ACTIVITY_MASK) | (val  mask);
 +
 +/* For FSL internal interrupts, The sense bit is reserved and zero,
 + * and the interrupt is always level-triggered.  Timers and IPIs
 + * have no sense or polarity bits, and are edge-triggered.
 + */
 +if (opp-src[n_IRQ].fslint) {
 +opp-src[n_IRQ].ipvp = ~IPVP_SENSE_MASK;
 +} else if (opp-src[n_IRQ].fslspecial) {
 +opp-src[n_IRQ].ipvp = ~(IPVP_POLARITY_MASK | IPVP_SENSE_MASK);
 +} else {
 +opp-src[n_IRQ].level = !!(opp-src[n_IRQ].ipvp  IPVP_SENSE_MASK);
 +}
 +
 openpic_update_irq(opp, n_IRQ);
 DPRINTF(Set IPVP %d to 0x%08x - 0x%08x\n, n_IRQ, val,
 opp-src[n_IRQ].ipvp);
 @@ -934,7 +965,7 @@ static uint32_t openpic_cpu_read_internal(void *opaque, 
 hwaddr addr,
 }
 IRQ_resetbit(dst-raised, n_IRQ);
 dst-raised.next = -1;
 -if (!(src-ipvp  IPVP_SENSE_MASK)) {
 +if (!src-level) {
 /* edge-sensitive IRQ */
 src-ipvp = ~IPVP_ACTIVITY_MASK;
 src-pending = 0;
 @@ -942,7 +973,7 @@ static uint32_t openpic_cpu_read_internal(void *opaque, 
 hwaddr addr,
 
 if ((n_IRQ = opp-irq_ipi0)   (n_IRQ  (opp-irq_ipi0 + 
 MAX_IPI))) {
 src-ide = ~(1  idx);
 -if (src-ide  !(src-ipvp  IPVP_SENSE_MASK)) {
 +if (src-ide  !src-level) {
 /* trigger on CPUs that didn't know about it yet */
 openpic_set_irq(opp, n_IRQ, 1);
 

Re: [Qemu-devel] [PATCH 02/15] openpic: lower interrupt when reading the MSI register

[Alexander Graf]

On 22.12.2012, at 03:15, Scott Wood wrote:

 This will stop things from breaking once it's properly treated as a
 level-triggered interrupt.  Note that it's the MPIC's MSI cascade
 interrupts that are level-triggered; the individual MSIs are
 edge-triggered.
 
 Signed-off-by: Scott Wood scottw...@freescale.com

Thanks, applied to ppc-next.


Alex

 ---
 hw/openpic.c |1 +
 1 file changed, 1 insertion(+)
 
 diff --git a/hw/openpic.c b/hw/openpic.c
 index 72a5bc9..02f793b 100644
 --- a/hw/openpic.c
 +++ b/hw/openpic.c
 @@ -801,6 +801,7 @@ static uint64_t openpic_msi_read(void *opaque, hwaddr 
 addr, unsigned size)
 r = opp-msi[srs].msir;
 /* Clear on read */
 opp-msi[srs].msir = 0;
 +openpic_set_irq(opp, opp-irq_msi + srs, 0);
 break;
 case 0x120: /* MSISR */
 for (i = 0; i  MAX_MSI; i++) {
 -- 
 1.7.9.5
 
 

Re: [Qemu-devel] [PATCH 04/15] ppc/booke: fix crit/mcheck/debug exceptions

[Alexander Graf]

On 22.12.2012, at 03:15, Scott Wood wrote:

 Book E does not play games with certain bits of xSRR1 being MSR save
 bits and others being error status.  xSRR1 is the old MSR, period.
 This was causing things like MSR[CE] to be lost, even in the saved
 version, as soon as you take an exception.
 
 rfci/rfdi/rfmci are fixed to pass the actual xSRR1 register contents,
 rather than the register number.
 
 Put FIXME comments on the hack that is asrr0/1.  The whole point of
 separate exception levels is so that you can, for example, take a machine
 check or debug interrupt without corrupting critical-level operations.
 The right xSRR0/1 set needs to be chosen based on CPU type flags.
 
 Signed-off-by: Scott Wood scottw...@freescale.com

Thanks, applied to ppc-next.


Alex

Re: [Qemu-devel] [PATCH 03/11] qemu-img: remove parameter filename in collect_image_info()

[Eric Blake]

On 12/29/2012 01:45 AM, Wenchao Xia wrote:
   Switch the filename getting from parameter to block function,
 now collect_image_info depends only on *bs.
 
 Signed-off-by: Wenchao Xia xiaw...@linux.vnet.ibm.com
 ---
  qemu-img.c |8 +---
  1 files changed, 5 insertions(+), 3 deletions(-)
 
 diff --git a/qemu-img.c b/qemu-img.c
 index 5a4df3a..d70435f 100644
 --- a/qemu-img.c
 +++ b/qemu-img.c
 @@ -1180,15 +1180,17 @@ static void dump_json_image_info(ImageInfo *info)
  QDECREF(str);
  }
  
 +/* Assume bs is already openned. */

s/openned/opened/

Once that is fixed,
Reviewed-by: Eric Blake ebl...@redhat.com

-- 
Eric Blake   eblake redhat com+1-919-301-3266
Libvirt virtualization library http://libvirt.org



signature.asc
Description: OpenPGP digital signature

Re: [Qemu-devel] [PATCH 05/15] openpic: make register names correspond better with hw docs

[Alexander Graf]

On 22.12.2012, at 03:15, Scott Wood wrote:

 The base openpic specification doesn't provide abbreviated register
 names, so it's somewhat understandable that the QEMU code made up
 its own, except that most of the names that QEMU used didn't correspond
 to the terminology used by any implementation I could find.
 
 In some cases, like PCTP, the phrase processor current task priority
 could be found in the openpic spec when describing the concept, but
 the register itself was labelled current task priority register
 and every implementation seems to use either CTPR or the full phrase.
 
 In other cases, individual implementations disagree on what to call
 the register.  The implementations I have documentation for are
 Freescale, Raven (MCP750), and IBM.  The Raven docs tend to not use
 abbreviations at all.  The IBM MPIC isn't implemented in QEMU.  Thus,
 where there's disagreement I chose to use the Freescale abbreviations.
 
 Signed-off-by: Scott Wood scottw...@freescale.com

Thanks, applied and fixed up to apply to the current state of ppc-next. Please 
rebase 3/15 against ppc-next when you redo it.


Alex

 ---
 BTW, I'm still not sure where the first P in QEMU's IPVP came from.
 ---
 hw/openpic.c |  362 +-
 1 file changed, 181 insertions(+), 181 deletions(-)
 
 diff --git a/hw/openpic.c b/hw/openpic.c
 index 34449a7..7647368 100644
 --- a/hw/openpic.c
 +++ b/hw/openpic.c
 @@ -61,7 +61,7 @@
 #define VID 0x03 /* MPIC version ID */
 
 /* OpenPIC capability flags */
 -#define OPENPIC_FLAG_IDE_CRIT (1  0)
 +#define OPENPIC_FLAG_IDR_CRIT (1  0)
 
 /* OpenPIC address map */
 #define OPENPIC_GLB_REG_START0x0
 @@ -118,19 +118,19 @@
 #define FSL_BRR1_IPMJ (0x00  8) /* 8 bit IP major number */
 #define FSL_BRR1_IPMN 0x00 /* 8 bit IP minor number */
 
 -#define FREP_NIRQ_SHIFT   16
 -#define FREP_NCPU_SHIFT8
 -#define FREP_VID_SHIFT 0
 +#define FRR_NIRQ_SHIFT16
 +#define FRR_NCPU_SHIFT 8
 +#define FRR_VID_SHIFT  0
 
 #define VID_REVISION_1_2   2
 #define VID_REVISION_1_3   3
 
 -#define VENI_GENERIC  0x /* Generic Vendor ID */
 +#define VIR_GENERIC  0x /* Generic Vendor ID */
 
 -#define GLBC_RESET0x8000
 +#define GCR_RESET0x8000
 
 -#define TIBC_CI   0x8000 /* count inhibit */
 -#define TICC_TOG  0x8000 /* toggles when decrement to zero */
 +#define TBCR_CI   0x8000 /* count inhibit */
 +#define TCCR_TOG  0x8000 /* toggles when decrement to zero */
 
 #define IDR_EP_SHIFT  31
 #define IDR_EP_MASK   (1  IDR_EP_SHIFT)
 @@ -185,8 +185,8 @@ typedef struct IRQ_queue_t {
 } IRQ_queue_t;
 
 typedef struct IRQ_src_t {
 -uint32_t ipvp;  /* IRQ vector/priority register */
 -uint32_t ide;   /* IRQ destination register */
 +uint32_t ivpr;  /* IRQ vector/priority register */
 +uint32_t idr;   /* IRQ destination register */
 int last_cpu;
 int pending;/* TRUE if IRQ is pending */
 bool level; /* level-triggered */
 @@ -194,27 +194,27 @@ typedef struct IRQ_src_t {
 bool fslspecial; /* FSL timer/IPI interrupt, edge, no polarity */
 } IRQ_src_t;
 
 -#define IPVP_MASK_SHIFT   31
 -#define IPVP_MASK_MASK(1  IPVP_MASK_SHIFT)
 -#define IPVP_ACTIVITY_SHIFT   30
 -#define IPVP_ACTIVITY_MASK(1  IPVP_ACTIVITY_SHIFT)
 -#define IPVP_MODE_SHIFT   29
 -#define IPVP_MODE_MASK(1  IPVP_MODE_SHIFT)
 -#define IPVP_POLARITY_SHIFT   23
 -#define IPVP_POLARITY_MASK(1  IPVP_POLARITY_SHIFT)
 -#define IPVP_SENSE_SHIFT  22
 -#define IPVP_SENSE_MASK   (1  IPVP_SENSE_SHIFT)
 -
 -#define IPVP_PRIORITY_MASK (0xF  16)
 -#define IPVP_PRIORITY(_ipvpr_) ((int)(((_ipvpr_)  IPVP_PRIORITY_MASK)  
 16))
 -#define IPVP_VECTOR(opp, _ipvpr_) ((_ipvpr_)  (opp)-vector_mask)
 +#define IVPR_MASK_SHIFT   31
 +#define IVPR_MASK_MASK(1  IVPR_MASK_SHIFT)
 +#define IVPR_ACTIVITY_SHIFT   30
 +#define IVPR_ACTIVITY_MASK(1  IVPR_ACTIVITY_SHIFT)
 +#define IVPR_MODE_SHIFT   29
 +#define IVPR_MODE_MASK(1  IVPR_MODE_SHIFT)
 +#define IVPR_POLARITY_SHIFT   23
 +#define IVPR_POLARITY_MASK(1  IVPR_POLARITY_SHIFT)
 +#define IVPR_SENSE_SHIFT  22
 +#define IVPR_SENSE_MASK   (1  IVPR_SENSE_SHIFT)
 +
 +#define IVPR_PRIORITY_MASK (0xF  16)
 +#define IVPR_PRIORITY(_ivprr_) ((int)(((_ivprr_)  IVPR_PRIORITY_MASK)  
 16))
 +#define IVPR_VECTOR(opp, _ivprr_) ((_ivprr_)  (opp)-vector_mask)
 
 /* IDE[EP/CI] are only for FSL MPIC prior to v4.0 */
 -#define IDE_EP  0x8000  /* external pin */
 -#define IDE_CI  0x4000  /* critical interrupt */
 +#define IDR_EP  0x8000  /* external pin */
 +#define IDR_CI  0x4000  /* critical interrupt */
 
 typedef struct IRQ_dst_t {
 -uint32_t pctp; /* CPU current task priority */
 +uint32_t ctpr; /* CPU current task priority */
 IRQ_queue_t raised;
 IRQ_queue_t servicing;
 qemu_irq *irqs;
 

Re: [Qemu-devel] [RFC V4 01/30] qcow2: Add deduplication to the qcow2 specification.

[Eric Blake]

On 01/02/2013 09:16 AM, Benoît Canet wrote:
 Signed-off-by: Benoit Canet ben...@irqsave.net
 ---
  docs/specs/qcow2.txt |  100 
 +-
  1 file changed, 99 insertions(+), 1 deletion(-)
 
 diff --git a/docs/specs/qcow2.txt b/docs/specs/qcow2.txt
 index 36a559d..c9c0d47 100644
 --- a/docs/specs/qcow2.txt
 +++ b/docs/specs/qcow2.txt
 @@ -80,7 +80,12 @@ in the description of a field.
  tables to repair refcounts before accessing 
 the
  image.
  
 -Bits 1-63:  Reserved (set to 0)
 +Bit 1:  Deduplication bit.  If this bit is set then
 +deduplication is used on this image.

This part seems fine; and I agree with making this an incompatible
feature (as an older qemu that does not understand dedup would not keep
the dedup table up-to-date).

 +L2 tables size 64KB is different from
 +cluster size 4KB.

Umm, doesn't the cluster_bits (bytes 20-23 of the header) determine the
size of a cluster, rather than assuming a cluster is always 4KB?  And
later on, the spec says that L2 tables are exactly one cluster in
size., so I'm not sure what this comment is doing here.  Or are you
stating that deduplication _also_ has an L2 table, which is fixed in
size (unlike the normal L2 table for actual data)?

 +== Deduplication ==
 +
 +The deduplication extension contains the informations concerning the

s/informations concerning the/information concerning/

 +deduplication.
 +
 +Byte   0 - 7:   Offset of the RAM deduplication table
 +
 +  8 - 11:   Size of the RAM deduplication table = number of L1 64-bit
 +pointers
 +
 +  12:   Hash algo enum field
 +0: SHA-256
 +1: SHA3
 +2: SKEIN-256
 +
 +  13:   Dedup stategies bitmap

s/stategies/strategies/

 +0: RAM based hash lookup
 +1: Disk based hash lookup
 +
 +Disk based lookup structure will be described in a future QCOW2 
 specification.

Does that mean that strategy must be 0 for now?

 +
 +== Deduplication table (RAM method) ==
 +
 +The deduplication table maps a physical offset to a data hash and
 +logical offset. It is used to store permanently the informations required to

s/store permanently the informations/permanently store the information/

 +do the deduplication. It is loaded at startup into a RAM based representation
 +used to do the lookups.
 +
 +The deduplication table contains 64-bit offsets to the level 2 deduplication
 +table blocks.
 +Each entry of these blocks contains a 32-byte SHA256 hash followed by the
 +64-bit logical offset of the first encountered cluster having this hash.
 +
 +== Deduplication table schematic (RAM method) ==
 +
 +0   l1_dedup_index  Size
 +  |
 +||
 +| |  |
 +| |L1 Deduplication table|
 +| |  |
 +||
 +  |
 +  |
 +  |
 +0 |   l2_dedup_block_entries
 +  |
 +|-|
 +| |
 +|L2 deduplication block   |
 +| |
 +| l2_dedup_index  |
 +|-|
 + |
 + 0   |  40
 + |
 + |---|
 + |   |
 + |Deduplication table entry  |
 + |   |
 + |---|
 +
 +
 +== Deduplication table entry description (RAM method) ==
 +
 +Each L2 deduplication table entry has the following structure:
 +
 +Byte  0 - 31:   hash of data cluster
 +
 + 32 - 39:   Logical offset of first encountered block having
 +this hash
 +
 +== Deduplication table arithmetics (RAM method) ==
 +
 +Entries in the deduplication table are ordered by physical cluster index.
 +
 +The number of entries in an l2 deduplication table block is :
 +l2_dedup_block_entries = dedup_block_size / (32 + 8)

I'd write this as CEIL(dedup_block_size / (32 + 8)) to make it clear
that it rounds up...

 +
 +The index in the level 1 deduplication table is :
 +l1_dedup_index = physical_cluster_index / l2_block_cluster_entries
 +
 +The index in the level 2 deduplication table is:
 +l2_dedup_index = physical_cluster_index % l2_block_cluster_entries
 +
 +cluster_size = 4096
 

Re: [Qemu-devel] [Xen-devel] [PATCH RFC 1/3] xen_disk: handle disk files on ramfs/tmpfs

[Konrad Rzeszutek Wilk]

On Mon, Dec 31, 2012 at 01:16:12PM +0100, Roger Pau Monne wrote:
 Files that reside on ramfs or tmpfs cannot be opened with O_DIRECT,

That is not entirely true. There are patches floating around (LKML)
to make tmpfs/ramfs be able to do this.

 if first call to bdrv_open fails with errno = EINVAL, try a second
 call without BDRV_O_NOCACHE.
 
 Signed-off-by: Roger Pau Monné roger@citrix.com
 Cc: xen-de...@lists.xen.org
 Cc: Stefano Stabellini stefano.stabell...@eu.citrix.com
 Cc: Anthony PERARD anthony.per...@citrix.com
 ---
  hw/xen_disk.c |   16 +---
  1 files changed, 13 insertions(+), 3 deletions(-)
 
 diff --git a/hw/xen_disk.c b/hw/xen_disk.c
 index e6bb2f2..a159ee5 100644
 --- a/hw/xen_disk.c
 +++ b/hw/xen_disk.c
 @@ -562,7 +562,7 @@ static void blk_alloc(struct XenDevice *xendev)
  static int blk_init(struct XenDevice *xendev)
  {
  struct XenBlkDev *blkdev = container_of(xendev, struct XenBlkDev, 
 xendev);
 -int index, qflags, info = 0;
 +int index, qflags, info = 0, rc;
  
  /* read xenstore entries */
  if (blkdev-params == NULL) {
 @@ -625,8 +625,18 @@ static int blk_init(struct XenDevice *xendev)
  xen_be_printf(blkdev-xendev, 2, create new bdrv (xenbus 
 setup)\n);
  blkdev-bs = bdrv_new(blkdev-dev);
  if (blkdev-bs) {
 -if (bdrv_open(blkdev-bs, blkdev-filename, qflags,
 -bdrv_find_whitelisted_format(blkdev-fileproto)) != 
 0) {
 +rc = bdrv_open(blkdev-bs, blkdev-filename, qflags,
 +bdrv_find_whitelisted_format(blkdev-fileproto));
 +if (rc != 0  errno == EINVAL) {
 +/* Files on ramfs or tmpfs cannot be opened with O_DIRECT,
 + * remove the BDRV_O_NOCACHE flag, and try to open
 + * the file again.
 + */
 +qflags = ~BDRV_O_NOCACHE;
 +rc = bdrv_open(blkdev-bs, blkdev-filename, qflags,
 +bdrv_find_whitelisted_format(blkdev-fileproto));
 +}
 +if (rc != 0) {
  bdrv_delete(blkdev-bs);
  blkdev-bs = NULL;
  }
 -- 
 1.7.7.5 (Apple Git-26)
 
 
 ___
 Xen-devel mailing list
 xen-de...@lists.xen.org
 http://lists.xen.org/xen-devel
 

Re: [Qemu-devel] [PATCH 06/15] openpic: rework critical interrupt support

[Alexander Graf]

On 22.12.2012, at 03:15, Scott Wood wrote:

 Critical interrupts on FSL MPIC are not supposed to pay
 attention to priority, IACK, EOI, etc.  On the currently modeled
 version it's not supposed to pay attention to the mask bit either.
 
 Also reorganize to make it easier to implement newer FSL MPIC models,
 which encode interrupt level information differently and support
 mcheck as well as crit, and to reduce problems for later patches
 in this set.
 
 Still missing is the ability to lower the CINT signal to the core,
 as IACK/EOI is not used.  This will come with general IRQ-source-driven
 lowering in the next patch.
 
 New state is added which is not serialized, but instead is recomputed
 in openpic_load() by calling the appropriate write_IRQreg function.
 This should have the side effect of causing the IRQ outputs to be
 raised appropriately on load, which was missing.
 
 The serialization format is altered by swapping ivpr and idr (we'd like
 IDR to be restored before we run the IVPR logic), and moving interrupts
 to the end (so that other state has been restored by the time we run the
 IDR/IVPR logic.  Serialization for this driver is not yet in a state
 where backwards compatibility is reasonable (assuming it works at all),
 and the current serialization format was not built for extensibility.
 
 Signed-off-by: Scott Wood scottw...@freescale.com

Thanks, applied to ppc-next (with adjustments).

Alex

Re: [Qemu-devel] [PATCH 07/15] openpic: make ctpr signed

[Alexander Graf]

On 22.12.2012, at 03:15, Scott Wood wrote:

 Other priorities are signed, so avoid comparisons between
 signed and unsigned.
 
 Signed-off-by: Scott Wood scottw...@freescale.com

Thanks, applied to ppc-next.


Alex

Re: [Qemu-devel] [PATCH 08/15] openpic/fsl: critical interrupts ignore mask before v4.1

[Alexander Graf]

On 22.12.2012, at 03:15, Scott Wood wrote:

 Signed-off-by: Scott Wood scottw...@freescale.com
 ---
 hw/openpic.c |5 -
 1 file changed, 4 insertions(+), 1 deletion(-)
 
 diff --git a/hw/openpic.c b/hw/openpic.c
 index 9d22e9c..268f312 100644
 --- a/hw/openpic.c
 +++ b/hw/openpic.c
 @@ -194,6 +194,7 @@ typedef struct IRQ_src_t {
 bool level; /* level-triggered */
 bool fslint;/* FSL internal interrupt -- level only */
 bool fslspecial; /* FSL timer/IPI interrupt, edge, no polarity */
 +bool nomask;/* critical interrupts ignore mask on some FSL MPICs */

This should be :1 - we have quite a big number of sources :).

Fixed up locally and applied to ppc-next.


Alex

 } IRQ_src_t;
 
 #define IVPR_MASK_SHIFT   31
 @@ -390,7 +391,7 @@ static void openpic_update_irq(OpenPICState *opp, int 
 n_IRQ)
 DPRINTF(%s: IRQ %d is not pending\n, __func__, n_IRQ);
 return;
 }
 -if (src-ivpr  IVPR_MASK_MASK) {
 +if ((src-ivpr  IVPR_MASK_MASK)  !src-nomask) {
 /* Interrupt source is disabled */
 DPRINTF(%s: IRQ %d is disabled\n, __func__, n_IRQ);
 return;
 @@ -536,6 +537,7 @@ static inline void write_IRQreg_idr(OpenPICState *opp, 
 int n_IRQ, uint32_t val)
 }
 
 src-output = OPENPIC_OUTPUT_CINT;
 +src-nomask = true;
 src-destmask = 0;
 
 for (i = 0; i  opp-nb_cpus; i++) {
 @@ -547,6 +549,7 @@ static inline void write_IRQreg_idr(OpenPICState *opp, 
 int n_IRQ, uint32_t val)
 }
 } else {
 src-output = OPENPIC_OUTPUT_INT;
 +src-nomask = false;
 src-destmask = src-idr  normal_mask;
 }
 } else {
 -- 
 1.7.9.5
 
 

Re: [Qemu-devel] [PATCH] linux-user: fix mips 32-on-64 prealloc case

[Eric Johnson]

On 01/03/2013 09:24 AM, Alexander Graf wrote:

On 03.01.2013, at 18:19, Peter Maydell wrote:


On 3 January 2013 13:17, Alexander Grafag...@suse.de  wrote:

MIPS only supports 31 bits of virtual address space for user space, so let's
make sure we stay within that limit with our preallocated memory block.

This fixes the MIPS user space targets when executed without command line
option.

This looks weird -- why should the guest care that we've reserved a
4GB block which it only uses half of? Or is the problem that host
mmap() ends up handing out addresses from anywhere in the 4GB
reserved area?

Even worse, it starts from the top IIRC.

MIPS uses the upper virtual address bit for kernel/user space indication. I'm 
not sure where exactly this logic falls apart in our case, but user space 
virtual addresses above 2GB are simple illegal in that world, so I wouldn't 
expect QEMU or a guest process to cope with them.


Alex




While making this change please keep in mind that newer MIPS32 
processors allow more than 31 bits of user address space (up to 3.5 GiB) 
if they have Enhanced Virtual Address support.  For example see the 
Software User's Manual for the interAptiv processors:


At the bottom of the page
http://www.mips.com/products/processor-cores/aptiv/interaptiv/
is the link
interAptiv^(TM) Multiprocessing System Software User's Manual 
http://www.mips.com/secure-download/index.dot?product_name=/auth/MD00904-2B-interAptiv-SUM-01.04.pdf


Go to section
1.2.7.5 Enhanced Virtual Address

Eric

Re: [Qemu-devel] [PATCH 09/15] openpic: always call IRQ_check from IRQ_get_next

[Alexander Graf]

On 22.12.2012, at 03:15, Scott Wood wrote:

 Previously the code relied on the queue's next field getting
 set to -1 sometime between an update to the bitmap, and the next
 call to IRQ_get_next.  Sometimes this happened after the update.
 Sometimes it happened before the check.  Sometimes it didn't happen
 at all.
 
 Signed-off-by: Scott Wood scottw...@freescale.com

Have you verified that we don't run the check too often then? It's quite 
costly, no?

Applied nevertheless to ppc-next.


Alex

Re: [Qemu-devel] [PATCH 11/15] openpic: use standard bitmap operations

[Alexander Graf]

On 22.12.2012, at 03:15, Scott Wood wrote:

 Besides the private implementation being redundant, namespace collisions
 prevented the use of other things in bitops.h.
 
 Serialization does get a bit more awkward, unfortunately, since the
 standard bitmap operations are unsigned long rather than uint32_t,
 though in exchange we will get faster queue lookups on 64-bit hosts once
 we search a word at a time.
 
 Signed-off-by: Scott Wood scottw...@freescale.com

Thanks, applied to ppc-next. I wouldn't worry about save/restore for now 
though. We need to move that to savevm anyways and there should be a generic 
bitmap save/restore helper available.


Alex

Re: [Qemu-devel] [PATCH 7/7] KVM regsync: Fix do_kvm_cpu_synchronize_state data integrity issue

[Jason J. Herne]

On 01/03/2013 08:56 AM, Alexander Graf wrote:

static void do_kvm_cpu_synchronize_state(void *_args)
{
 struct kvm_cpu_syncstate_args *args = _args;
+CPUArchState *env = args-env;
+int register_level = args-register_level;


This probably becomes more readable if we explicitly revert back to unsynced 
state first:

/* Write back local modifications at our current level */
if (register_level  env-kvm_vcpu_dirty) {
 kvm_arch_put_registers(...);
 env-kvm_vcpu_dirty = 0;
}

and then do the sync we are requested to do:

if (!env-kvm_vcpu_dirty) {
 ...
}


I agree, but only if we add a second conditional to the if 1st statement 
 as such:


if (args-env-kvm_vcpu_dirty  register_level  env-kvm_vcpu_dirty)

This is to cover the case where the caller is asking for register level 
1 and we're already dirty at level 2. In this case, nothing should 
happen and we'll need the args-env-kvm_vcpu_dirty to ensure that is 
the case.


static void do_kvm_cpu_synchronize_state(void *_args)
{
struct kvm_cpu_syncstate_args *args = _args;
CPUArchState *env = args-env;
int register_level = args-register_level;

/* Write back local modifications at our current level */
if (args-env-kvm_vcpu_dirty  register_level  
env-kvm_vcpu_dirty) {

kvm_arch_put_registers(env, env-kvm_vcpu_dirty);
env-kvm_vcpu_dirty = 0;
}

if (!args-env-kvm_vcpu_dirty) {
kvm_arch_get_registers(env, register_level);
env-kvm_vcpu_dirty = register_level;
}
}

Do you agree?  Thanks for your time. :)

--
-- Jason J. Herne (jjhe...@linux.vnet.ibm.com)

Re: [Qemu-devel] [PATCH] linux-user: fix mips 32-on-64 prealloc case

[Richard Henderson]

On 01/03/2013 10:39 AM, Eric Johnson wrote:
 While making this change please keep in mind that newer MIPS32
 processors allow more than 31 bits of user address space (up to 3.5
 GiB) if they have Enhanced Virtual Address support.

Interesting.

Well, would you be able to help figure out exactly what's going on in:

  http://lists.gnu.org/archive/html/qemu-devel/2012-12/msg03233.html

and the thread leading up to it?

Now, I don't *know* that this is an emulation failure -- the linux-user-test
binary certainly isn't aware of enhanced virtual addresses.  So it's
possible that (older?) binaries can't cope with more than 2GB.

Alternately, it really is a translation problem somewhere...


r~

Re: [Qemu-devel] [PATCH 12/15] openpic: IRQ_check: search the queue a word at a time

[Alexander Graf]

On 22.12.2012, at 03:15, Scott Wood wrote:

 Search the queue more efficiently by first looking for a non-zero word,
 and then using the common bit-searching function to find the bit within
 the word.  It would be even nicer if bitops_ffsl() could be hooked up
 to the compiler intrinsic so that bit-searching instructions could be
 used, but that's another matter.
 
 Signed-off-by: Scott Wood scottw...@freescale.com

What we really want is a bitmap wide ffs() bipops helper function that returns 
the first set bit in a bitmap and can optimize the hell out of that operation 
inside of itself. I don't think this belongs to the OpenPIC code.


Alex

 ---
 hw/openpic.c |   28 +---
 1 file changed, 21 insertions(+), 7 deletions(-)
 
 diff --git a/hw/openpic.c b/hw/openpic.c
 index f2ac286..5accff5 100644
 --- a/hw/openpic.c
 +++ b/hw/openpic.c
 @@ -270,21 +270,35 @@ static inline int IRQ_testbit(IRQ_queue_t *q, int n_IRQ)
 
 static void IRQ_check(OpenPICState *opp, IRQ_queue_t *q)
 {
 -int next, i;
 +int next, word, irq, base;
 int priority;
 
 next = -1;
 priority = -1;
 -for (i = 0; i  opp-max_irq; i++) {
 -if (IRQ_testbit(q, i)) {
 +
 +for (word = 0, base = 0; word  ARRAY_SIZE(q-queue);
 + word++, base += BITS_PER_LONG) {
 +unsigned long map = q-queue[word];
 +
 +if (!map) {
 +continue;
 +}
 +
 +while (map) {
 +int offset = bitops_ffsl(map);
 +irq = base + offset;
 +map = ~(1UL  offset);
 +
 DPRINTF(IRQ_check: irq %d set ivpr_pr=%d pr=%d\n,
 -i, IVPR_PRIORITY(opp-src[i].ivpr), priority);
 -if (IVPR_PRIORITY(opp-src[i].ivpr)  priority) {
 -next = i;
 -priority = IVPR_PRIORITY(opp-src[i].ivpr);
 +irq, IVPR_PRIORITY(opp-src[irq].ivpr), priority);
 +
 +if (IVPR_PRIORITY(opp-src[irq].ivpr)  priority) {
 +next = irq;
 +priority = IVPR_PRIORITY(opp-src[irq].ivpr);
 }
 }
 }
 +
 q-next = next;
 q-priority = priority;
 }
 -- 
 1.7.9.5
 
 

Re: [Qemu-devel] pthread_create failed: Resource temporarily unavailable

[Christoffer Dall]

On Thu, Jan 3, 2013 at 6:50 AM, Andreas Färber afaer...@suse.de wrote:

 The culprit seems to be when the process runs out of virtual address
 space on 32-bit systems due to some subsystem (virtio?) creating a
 large number of pthreads under heavy workloads.

 Unfortunately my QEMU expertise is too limited to pin-point the exact
 fix, nor do I have resources right now to go into it, but I wanted to
 raise this issue and spread general awareness.

 Is this a known issue or something that needs to be tracked/documented at 
 least?

 It is a known issue that I reported long ago, but there have been higher
 priorities. ;)
 Note that this failure is not specifically about creating threads but
 about thread creation being one of severa

hmmm, tried to look at the output of configure, and it does give me this:

coroutine backend ucontext


running qemu-system-arm in GDB outputs this when doing disk IO (like
untar'ing a kernel tree):

[New Thread 0x5045b470 (LWP 6184)]
[New Thread 0x4f148470 (LWP 6185)]
[New Thread 0x4e6ff470 (LWP 6186)]
[New Thread 0x49af5470 (LWP 6187)]
[New Thread 0x492f5470 (LWP 6188)]
[New Thread 0x48af5470 (LWP 6189)]
[New Thread 0x482f5470 (LWP 6190)]
[New Thread 0x47af5470 (LWP 6191)]
[New Thread 0x472f5470 (LWP 6192)]
[New Thread 0x46af5470 (LWP 6193)]
[New Thread 0x462f5470 (LWP 6194)]
[New Thread 0x45af5470 (LWP 6195)]
[New Thread 0x452f5470 (LWP 6196)]
[New Thread 0x44af5470 (LWP 6197)]
[New Thread 0x442f5470 (LWP 6198)]
[New Thread 0x43af5470 (LWP 6199)]
[New Thread 0x432f5470 (LWP 6200)]
[New Thread 0x42af5470 (LWP 6201)]
[New Thread 0x422f5470 (LWP 6202)]
[New Thread 0x41af5470 (LWP 6203)]
[New Thread 0x412f5470 (LWP 6204)]
[New Thread 0x40af5470 (LWP 6205)]
[New Thread 0x402f5470 (LWP 6206)]
[New Thread 0x3faf5470 (LWP 6207)]
[New Thread 0x3f2f5470 (LWP 6208)]
[New Thread 0x3eaf5470 (LWP 6209)]
[New Thread 0x3e2f5470 (LWP 6210)]
[New Thread 0x3daf5470 (LWP 6211)]
[New Thread 0x3d2f5470 (LWP 6212)]
[New Thread 0x3caf5470 (LWP 6213)]
[New Thread 0x3c2f5470 (LWP 6214)]
[New Thread 0x3baf5470 (LWP 6215)]
[New Thread 0x3b2f5470 (LWP 6216)]
[New Thread 0x3aaf5470 (LWP 6217)]
[New Thread 0x3a2f5470 (LWP 6218)]
[New Thread 0x39af5470 (LWP 6219)]
[New Thread 0x392f5470 (LWP 6220)]
[New Thread 0x38af5470 (LWP 6221)]
[New Thread 0x380ff470 (LWP 6222)]
[New Thread 0x378ff470 (LWP 6223)]
[New Thread 0x366f7470 (LWP 6224)]
[New Thread 0x339d2470 (LWP 6225)]
[New Thread 0x331d2470 (LWP 6226)]
[New Thread 0x36eff470 (LWP 6227)]
[New Thread 0x35ef7470 (LWP 6228)]
[New Thread 0x356f7470 (LWP 6229)]
[New Thread 0x329d2470 (LWP 6230)]
[New Thread 0x321d2470 (LWP 6231)]
[New Thread 0x4bff9470 (LWP 6232)]
[New Thread 0x349f2470 (LWP 6234)]
[New Thread 0x305be470 (LWP 6235)]
[New Thread 0x2fdbe470 (LWP 6236)]
[New Thread 0x2f5be470 (LWP 6237)]
[New Thread 0x4afe9470 (LWP 6238)]
[New Thread 0x2edbe470 (LWP 6239)]
[New Thread 0x2e5be470 (LWP 6240)]
[New Thread 0x2ddbe470 (LWP 6241)]
[New Thread 0x2d5be470 (LWP 6243)]
[New Thread 0x2cdbe470 (LWP 6244)]
[Thread 0x442f5470 (LWP 6198) exited]
[Thread 0x4f948470 (LWP 6173) exited]
[Thread 0x3e2f5470 (LWP 6210) exited]
[Thread 0x35ef7470 (LWP 6228) exited]
[Thread 0x452f5470 (LWP 6196) exited]
[Thread 0x51d5c470 (LWP 6171) exited]
[Thread 0x462f5470 (LWP 6194) exited]
[Thread 0x2fdbe470 (LWP 6236) exited]
[Thread 0x2edbe470 (LWP 6239) exited]
[Thread 0x356f7470 (LWP 6229) exited]
[Thread 0x482f5470 (LWP 6190) exited]
[Thread 0x45af5470 (LWP 6195) exited]
[Thread 0x4bff9470 (LWP 6232) exited]
[Thread 0x36eff470 (LWP 6227) exited]
[Thread 0x2ddbe470 (LWP 6241) exited]
[Thread 0x4afe9470 (LWP 6238) exited]
[Thread 0x305be470 (LWP 6235) exited]
[Thread 0x5045b470 (LWP 6184) exited]
[Thread 0x339d2470 (LWP 6225) exited]
[Thread 0x3baf5470 (LWP 6215) exited]
[Thread 0x47af5470 (LWP 6191) exited]
[Thread 0x3faf5470 (LWP 6207) exited]
[Thread 0x3d2f5470 (LWP 6212) exited]
[Thread 0x349f2470 (LWP 6234) exited]
[Thread 0x46af5470 (LWP 6193) exited]
[Thread 0x76c27470 (LWP 6168) exited]
[Thread 0x412f5470 (LWP 6204) exited]
[Thread 0x49af5470 (LWP 6187) exited]
[Thread 0x432f5470 (LWP 6200) exited]
[Thread 0x4f148470 (LWP 6185) exited]
[Thread 0x472f5470 (LWP 6192) exited]
[Thread 0x422f5470 (LWP 6202) exited]
[Thread 0x5145b470 (LWP 6172) exited]
[Thread 0x3b2f5470 (LWP 6216) exited]
[Thread 0x43af5470 (LWP 6199) exited]
[Thread 0x2e5be470 (LWP 6240) exited]
[Thread 0x366f7470 (LWP 6224) exited]
[Thread 0x378ff470 (LWP 6223) exited]
[Thread 0x392f5470 (LWP 6220) exited]
[Thread 0x331d2470 (LWP 6226) exited]
[Thread 0x402f5470 (LWP 6206) exited]
[Thread 0x3f2f5470 (LWP 6208) exited]
[Thread 0x50c5b470 (LWP 6178) exited]
[Thread 0x3caf5470 (LWP 6213) exited]
[Thread 0x2f5be470 (LWP 6237) exited]
[Thread 0x3eaf5470 (LWP 6209) exited]
[Thread 0x3aaf5470 (LWP 6217) exited]
[Thread 0x48af5470 (LWP 6189) exited]
[Thread 0x2cdbe470 (LWP 6244) exited]
[Thread 0x3daf5470 (LWP 6211) exited]
[Thread 0x380ff470 (LWP 6222) exited]
[Thread 0x3c2f5470 (LWP 6214) exited]
[Thread 

Re: [Qemu-devel] [PATCH 13/15] openpic: add some bounds checking for IRQ numbers

[Alexander Graf]

On 22.12.2012, at 03:15, Scott Wood wrote:

 The two checks with abort() guard against potential QEMU-internal
 problems, but the EOI check stops the guest from causing updates to queue
 position -1 and other havoc if it writes EOI with no interrupt in
 service.
 
 Signed-off-by: Scott Wood scottw...@freescale.com

Did you ever actually experience this? MAX_IRQ should match the memory region 
size, so we shouldn't be able to receive any interrupt above it.

I might be inclined to accept an assert() there for internal sanity checking 
though. The last hunk looks fine.


Alex

 ---
 hw/openpic.c |   15 +++
 1 file changed, 15 insertions(+)
 
 diff --git a/hw/openpic.c b/hw/openpic.c
 index 5accff5..a3fcefd 100644
 --- a/hw/openpic.c
 +++ b/hw/openpic.c
 @@ -289,6 +289,10 @@ static void IRQ_check(OpenPICState *opp, IRQ_queue_t *q)
 irq = base + offset;
 map = ~(1UL  offset);
 
 +if (irq = MAX_IRQ) {
 +abort();
 +}
 +
 DPRINTF(IRQ_check: irq %d set ivpr_pr=%d pr=%d\n,
 irq, IVPR_PRIORITY(opp-src[irq].ivpr), priority);
 
 @@ -428,6 +432,11 @@ static void openpic_set_irq(void *opaque, int n_IRQ, int 
 level)
 OpenPICState *opp = opaque;
 IRQ_src_t *src;
 
 +if (n_IRQ = MAX_IRQ) {
 +fprintf(stderr, %s: IRQ %d out of range\n, __func__, n_IRQ);
 +abort();
 +}
 +
 src = opp-src[n_IRQ];
 DPRINTF(openpic: set irq %d = %d ivpr=0x%08x\n,
 n_IRQ, level, src-ivpr);
 @@ -923,6 +932,12 @@ static void openpic_cpu_write_internal(void *opaque, 
 hwaddr addr,
 case 0xB0: /* EOI */
 DPRINTF(EOI\n);
 s_IRQ = IRQ_get_next(opp, dst-servicing);
 +
 +if (s_IRQ  0) {
 +DPRINTF(%s: EOI with no interrupt in service\n, __func__);
 +break;
 +}
 +
 IRQ_resetbit(dst-servicing, s_IRQ);
 /* Set up next servicing IRQ */
 s_IRQ = IRQ_get_next(opp, dst-servicing);
 -- 
 1.7.9.5
 
 

Re: [Qemu-devel] [PATCH] pty: unbreak libvirt

[Anthony Liguori]

Daniel P. Berrange berra...@redhat.com writes:

 On Thu, Jan 03, 2013 at 02:23:03PM +0100, Gerd Hoffmann wrote:
 Commit 586502189edf9fd0f89a83de96717a2ea826fdb0 breaks libvirt pty
 support because it tried to figure the pts name from stderr output.
 
 Fix this by moving the label to the end of the line, this way the
 libvirt parser does still recognise the message.  libvirt looks
 for char device redirected to ${ptsname}whitespace.

 FWIW, libvirt was not supposed to be parsing this data still.
 We rely on query-chardev to get the PTYs, but we were accidentally
 still invoking the stdio parsing code even though we didn't use
 the result :-(

Thanks for the explanation.  I thought about libvirt before applying
this but had figured it was using query-chardev.

I still think this is a reasonable change to make though even if the
latest libvirt doesn't need it so I'll apply it.

Regards,

Anthony Liguori


 This flaw is fixed in latest libvirt GIT.

 
 Signed-off-by: Gerd Hoffmann kra...@redhat.com
 ---
  qemu-char.c |9 +
  1 files changed, 5 insertions(+), 4 deletions(-)
 
 diff --git a/qemu-char.c b/qemu-char.c
 index 331ad5c..f41788c 100644
 --- a/qemu-char.c
 +++ b/qemu-char.c
 @@ -1012,10 +1012,11 @@ static CharDriverState *qemu_chr_open_pty(QemuOpts 
 *opts)
  qemu_opt_set(opts, path, q_ptsname(master_fd));
  
  label = qemu_opts_id(opts);
 -fprintf(stderr, char device%s%s redirected to %s\n,
 -label ?   : ,
 -label ?: ,
 -q_ptsname(master_fd));
 +fprintf(stderr, char device redirected to %s%s%s%s\n,
 +q_ptsname(master_fd),
 +label ?  (label  : ,
 +label ? label  : ,
 +label ? ): );
  
  s = g_malloc0(sizeof(PtyCharDriver));
  chr-opaque = s;


 Daniel
 -- 
 |: http://berrange.com  -o-http://www.flickr.com/photos/dberrange/ :|
 |: http://libvirt.org  -o- http://virt-manager.org :|
 |: http://autobuild.org   -o- http://search.cpan.org/~danberr/ :|
 |: http://entangle-photo.org   -o-   http://live.gnome.org/gtk-vnc :|

Re: [Qemu-devel] [PATCH 14/15] openpic: move IACK to its own function

[Alexander Graf]

On 22.12.2012, at 03:15, Scott Wood wrote:

 Besides making the code cleaner, we will need a separate way to access
 IACK in order to implement EPR (external proxy) interrupt delivery.
 
 Signed-off-by: Scott Wood scottw...@freescale.com

This patch depends on 3/15, so I'll leave it alone for now. It looks sane 
though.


Alex

Re: [Qemu-devel] dataplane build error

[Anthony Liguori]

Stefan Hajnoczi stefa...@redhat.com writes:

 On Thu, Jan 03, 2013 at 10:32:43AM +0100, Stefan Weil wrote:
 Am 03.01.2013 10:30, schrieb Gerd Hoffmann:
CChw/dataplane/vring.o
 cc1: warnings being treated as errors
 /home/kraxel/projects/qemu/hw/dataplane/vring.c: In function ‘vring_setup’:
 /home/kraxel/projects/qemu/hw/dataplane/vring.c:46: error: implicit
 declaration of function ‘trace_vring_setup’
 /home/kraxel/projects/qemu/hw/dataplane/vring.c:46: error: nested extern
 declaration of ‘trace_vring_setup’
 gmake: *** [hw/dataplane/vring.o] Error 1
 
 
 Hi Gerd,
 
 I got this one, too. Removing a generated file trace.h fixes it.

 Anthony hit this yesterday with an out-of-tree build, too.

http://article.gmane.org/gmane.comp.emulators.qemu/186471

I usually try to make an announcement when there are issues like this.

Regards,

Anthony Liguori


 trace.h used to be generated, since
 eac236ea7bfc1902126be70459e320591078df5c (build: Use separate makefile
 for trace/) it is a static file.  The build system is getting
 confused.

 Stefan

Re: [Qemu-devel] [PATCH 15/15] openpic: fix CTPR and de-assertion of interrupts

[Alexander Graf]

On 22.12.2012, at 03:15, Scott Wood wrote:

 Properly implement level-triggered interrupts by withdrawing an
 interrupt from the raised queue if the interrupt source de-asserts.
 Also withdraw from the raised queue if the interrupt becomes masked.
 
 When CTPR is written, check whether we need to raise or lower the
 interrupt output.
 
 Signed-off-by: Scott Wood scottw...@freescale.com

Please also rebase this one.


Alex

Re: [Qemu-devel] [PATCH] pty: unbreak libvirt

[Anthony Liguori]

Thanks, applied.

Regards,

Anthony Liguori

Re: [Qemu-devel] [PATCH 7/7] KVM regsync: Fix do_kvm_cpu_synchronize_state data integrity issue

[Alexander Graf]

On 03.01.2013, at 19:48, Jason J. Herne wrote:

 On 01/03/2013 08:56 AM, Alexander Graf wrote:
 static void do_kvm_cpu_synchronize_state(void *_args)
 {
  struct kvm_cpu_syncstate_args *args = _args;
 +CPUArchState *env = args-env;
 +int register_level = args-register_level;
 
 This probably becomes more readable if we explicitly revert back to unsynced 
 state first:
 
 /* Write back local modifications at our current level */
 if (register_level  env-kvm_vcpu_dirty) {
 kvm_arch_put_registers(...);
 env-kvm_vcpu_dirty = 0;
 }
 
 and then do the sync we are requested to do:
 
 if (!env-kvm_vcpu_dirty) {
 ...
 }
 
 I agree, but only if we add a second conditional to the if 1st statement  as 
 such:
 
 if (args-env-kvm_vcpu_dirty  register_level  env-kvm_vcpu_dirty)
 
 This is to cover the case where the caller is asking for register level 1 
 and we're already dirty at level 2. In this case, nothing should happen and 
 we'll need the args-env-kvm_vcpu_dirty to ensure that is the case.

As before, I'd prefer to make this explicit:

 
 static void do_kvm_cpu_synchronize_state(void *_args)
 {
struct kvm_cpu_syncstate_args *args = _args;
CPUArchState *env = args-env;
int register_level = args-register_level;

if (register_level  env-kvm_vcpu_dirty) {
/* We are more dirty than we need to - all is well */
return;
}

 
/* Write back local modifications at our current level */
if (args-env-kvm_vcpu_dirty  register_level  env-kvm_vcpu_dirty) {
kvm_arch_put_registers(env, env-kvm_vcpu_dirty);
env-kvm_vcpu_dirty = 0;
}
 
if (!args-env-kvm_vcpu_dirty) {
kvm_arch_get_registers(env, register_level);
env-kvm_vcpu_dirty = register_level;
}
 }
 
 Do you agree?  Thanks for your time. :)

Please also check out the discussions I've had with Bharat about his watchdog 
patches. There we need a mechanism to synchronize registers only when we 
actually need to, in order to avoid potential race conditions with a kernel 
timer.

That particular case doesn't work well with levels. We can have multiple 
different potential race producers in the kernel that we need to avoid 
individually, so we can't always synchronize all of them when only one of them 
needs to be synchronized.

The big question is what we should be doing about this. We basically have 3 
options:

  * implement levels, treat racy registers as manually synchronized, as 
Bharat's latest patch set does
  * implement levels, add a bitmap for additional special synchronization bits
  * replace levels by bitmap

I'm quite frankly not sure which one of the 3 would be the best way forward.


Alex

Re: [Qemu-devel] [PATCH] linux-user: fix mips 32-on-64 prealloc case

[Eric Johnson]

On 01/03/2013 10:50 AM, Richard Henderson wrote:

On 01/03/2013 10:39 AM, Eric Johnson wrote:

While making this change please keep in mind that newer MIPS32
processors allow more than 31 bits of user address space (up to 3.5
GiB) if they have Enhanced Virtual Address support.

Interesting.

Well, would you be able to help figure out exactly what's going on in:

   http://lists.gnu.org/archive/html/qemu-devel/2012-12/msg03233.html

and the thread leading up to it?

Now, I don't *know* that this is an emulation failure -- the linux-user-test
binary certainly isn't aware of enhanced virtual addresses.  So it's
possible that (older?) binaries can't cope with more than 2GB.

Alternately, it really is a translation problem somewhere...


r~


That is correct.  The current test and MIPS32 processors supported by 
QEMU do not support more than 2 GiB of user space.  I didn't mean to 
imply otherwise.


Looking at the MIPS32 processor linux-user on a 64-bit host issue is 
already on my long list of tasks.  Sorry I have not been able to look at 
it yet.


On second thought ignore my EVA comment for now.  We'll worry about that 
when implementing EVA.


Eric

Re: [Qemu-devel] Using QEMU guest agent to run programs from guest path]

[mdroth]

On Thu, Jan 03, 2013 at 11:06:02AM -0200, Erlon Cruz wrote:
 On Wed, Jan 2, 2013 at 9:04 PM, mdroth mdr...@linux.vnet.ibm.com wrote:
 
  On Mon, Dec 31, 2012 at 06:14:59PM -0200, Erlon Cruz wrote:
   Hi,
  
  
   I needed to run an external program in a guest machine. Once this must be
   triggered by the host, I first thought in qemu-ga.
   Is that possible? In QEMU help page and in the code I couldn't find such
   capability.
   So Im thinking In to implement a new GA QMP command that can run generic
   programs in the guest. It would be receive/return something like this:
  
   {execute:execvp,
   arguments:{command:/bin/ls,cmdargs:-la,timeout:20}}
   {return: {status: 0, stdout: aGVsbG8gd29ybGQhCg==, stderr:
  }}
  
   Any thoughts/ideas about this?
 
  I sent an RFC for this a while back:
 
  http://lists.gnu.org/archive/html/qemu-devel/2011-12/msg00722.html
 
  At the time the interface seemed a bit tedious, but AFAIK it's the only
  kind of approach that'll work for longer-running commands with lots of
  output, so I might just clean it up and re-spin the series.
 
 
 Why you say tedious? The interface seems to have a very wide usage for

The parameter passing for guest commands was kludgy (list of json
objects rather than a list of parameter strings), but I think we can handle
that now with the gen: no option to the code parser indicating we'll
handle it manually.

I'm not sure about the guest-file-open-pipe stuff either. It seems
clumsy, but I can't think of a better approach.

I'll look at it and shoot to get in by 1.4, but feature freeze is only a
couple weeks away so it may have to wait till 1.5.

 several scenarios and fits perfectly for what we are trying to do. Why it
 didn't go upstream? I think it would be nice to roll that up again.
 
 Erlon
 
 
   Kind Regards,
   Erlon
 

Re: [Qemu-devel] [PATCH] pty: unbreak libvirt

[Peter Maydell]

On 3 January 2013 19:00, Anthony Liguori aligu...@us.ibm.com wrote:
 Thanks, applied.

So we now say char device redirected to /dev/pts/5 (compat_monitor0)
rather than char device compat_monitor0 redirected to /dev/pts/5 ?
I think that's a reduction in clarity and it's sad that we have to do it.

I also think that everywhere we have something with a specific
format which we're retaining for the benefit of libvirt we should
have big warning comments saying Do not change this because
libvirt versions older than X.Y depend upon the exact text.
Otherwise we'll just trip over the same bugs again later.

-- PMM

Re: [Qemu-devel] [PATCH 01/15] openpic: fix debug prints

[Scott Wood]

On 01/03/2013 11:31:49 AM, Alexander Graf wrote:


On 22.12.2012, at 03:15, Scott Wood wrote:

 Fix various format errors when debug prints are enabled.  Also
 cause error checking to happen even when debug prints are not
 enabled, and consistently use 0x for hex output.

 Signed-off-by: Scott Wood scottw...@freescale.com
 ---
 hw/openpic.c |   40 
 1 file changed, 24 insertions(+), 16 deletions(-)

 diff --git a/hw/openpic.c b/hw/openpic.c
 index 93e8208..72a5bc9 100644
 --- a/hw/openpic.c
 +++ b/hw/openpic.c
 @@ -45,7 +45,11 @@
 #ifdef DEBUG_OPENPIC

static const int debug_openpic = 1;
#else
static const int debug_openpic = 0;

 #define DPRINTF(fmt, ...) do { printf(fmt , ## __VA_ARGS__); }  
while (0)

 #else
 -#define DPRINTF(fmt, ...) do { } while (0)
 +#define DPRINTF(fmt, ...) do { \
 +if (0) { \

if (debug_openpic)

 +printf(fmt , ## __VA_ARGS__); \
 +} \
 +} while (0)
 #endif

That way we don't need to duplicate the print define. Let me fix that  
up for you while applying the patch.


OK, thanks.

-Scott

Re: [Qemu-devel] [PATCH] pty: unbreak libvirt

[Anthony Liguori]

Peter Maydell peter.mayd...@linaro.org writes:

 On 3 January 2013 19:00, Anthony Liguori aligu...@us.ibm.com wrote:
 Thanks, applied.

 So we now say char device redirected to /dev/pts/5 (compat_monitor0)
 rather than char device compat_monitor0 redirected to /dev/pts/5 ?
 I think that's a reduction in clarity and it's sad that we have to do it.

 I also think that everywhere we have something with a specific
 format which we're retaining for the benefit of libvirt we should
 have big warning comments saying Do not change this because
 libvirt versions older than X.Y depend upon the exact text.
 Otherwise we'll just trip over the same bugs again later.

I don't intend that we keep this forever.   But it's hardly compelling
to do it one way vs. the other so compatibility wins.

Regards,

Anthony Liguori


 -- PMM

Re: [Qemu-devel] [RFC V4 00/30] QCOW2 deduplication

[Troy Benjegerdes]

On Thu, Jan 03, 2013 at 01:39:48PM +0100, Stefan Hajnoczi wrote:
 On Wed, Jan 02, 2013 at 12:26:37PM -0600, Troy Benjegerdes wrote:
  The probability may be 'low' but it is not zero. Just because it's
  hard to calculate the hash doesn't mean you can't do it. If your
  input data is not random the probability of a hash collision is
  going to get scewed.
 
 The cost of catching hash collisions is an extra read for every write.
 It's possible to reduce this with a 2nd hash function and/or caching.
 
 I'm not sure it's worth it given the extremely low probability of a hash
 collision.
 
 Venti is an example of an existing system where hash collisions were
 ignored because the probability is so low.  See 3.1. Choice of Hash
 Function section:
 
 http://plan9.bell-labs.com/sys/doc/venti/venti.html


If you believe that it's 'extremely low', then please provide either:

* experimental evidence to prove your claim
* an insurance underwriter who will pay-out if data is lost due to
a hash collision.

What I have heard so far is a lot of theoretical posturing and no
experimental evidence.

Please google for when TCP checksums and CRC disagree for experimental
evidence of problems assuming that probability is low. This is the
abstract:

Traces of Internet packets from the past two years show that between 1 packet 
in 1,100 and 1 packet in 32,000 fails the TCP checksum, even on links where 
link-level CRCs should catch all but 1 in 4 billion errors. For certain 
situations, the rate of checksum failures can be even higher: in one hour-long 
test we observed a checksum failure of 1 packet in 400. We investigate why so 
many errors are observed, when link-level CRCs should catch nearly all of 
them.We have collected nearly 500,000 packets which failed the TCP or UDP or IP 
checksum. This dataset shows the Internet has a wide variety of error sources 
which can not be detected by link-level checks. We describe analysis tools that 
have identified nearly 100 different error patterns. Categorizing packet 
errors, we can infer likely causes which explain roughly half the observed 
errors. The causes span the entire spectrum of a network stack, from memory 
errors to bugs in TCP.After an analysis we conclude that the checksum will fail 
to detect errors for roughly 1 in 16 million to 10 billion packets. From our 
analysis of the cause of errors, we propose simple changes to several protocols 
which will decrease the rate of undetected error. Even so, the highly 
non-random distribution of errors strongly suggests some applications should 
employ application-level checksums or equivalents.

Re: [Qemu-devel] [Qemu-ppc] [PATCH 13/15] openpic: add some bounds checking for IRQ numbers

[Scott Wood]

On 01/03/2013 12:55:26 PM, Alexander Graf wrote:


On 22.12.2012, at 03:15, Scott Wood wrote:

 The two checks with abort() guard against potential QEMU-internal
 problems, but the EOI check stops the guest from causing updates to  
queue

 position -1 and other havoc if it writes EOI with no interrupt in
 service.

 Signed-off-by: Scott Wood scottw...@freescale.com

Did you ever actually experience this?


Which one?  EOI with no interrupt in service can be triggered by bad  
guest behavior, and I did see it happen when the guest was confused by  
another bug in QEMU's openpic (which is fixed elsewhere), resulting in  
an IRQ number of -1 being thrown around.  The other checks were to try  
to be more robust against bad IRQ numbers in general.


MAX_IRQ should match the memory region size, so we shouldn't be able  
to receive any interrupt above it.


Right, that's why I didn't add checking to the MMIO code.  In IRQ_check  
it could happen due to bad bitmap contents (e.g. after a checkpoint  
restore), and in openpic_set_irq() it could happen if some device  
raises an IRQ that is out of bounds.


I might be inclined to accept an assert() there for internal sanity  
checking though. The last hunk looks fine.


Assert instead of abort is fine (there seem to be plenty of uses of  
both in QEMU), though for the openpic_set_irq() case it would be nice  
to be able to print the bad IRQ number before dying.


-Scott

Re: [Qemu-devel] [PATCH 12/15] openpic: IRQ_check: search the queue a word at a time

[Scott Wood]

On 01/03/2013 12:53:13 PM, Alexander Graf wrote:


On 22.12.2012, at 03:15, Scott Wood wrote:

 Search the queue more efficiently by first looking for a non-zero  
word,
 and then using the common bit-searching function to find the bit  
within
 the word.  It would be even nicer if bitops_ffsl() could be hooked  
up
 to the compiler intrinsic so that bit-searching instructions could  
be

 used, but that's another matter.

 Signed-off-by: Scott Wood scottw...@freescale.com

What we really want is a bitmap wide ffs() bipops helper function  
that returns the first set bit in a bitmap and can optimize the hell  
out of that operation inside of itself. I don't think this belongs to  
the OpenPIC code.


Well, we do have find_next_bit() in bitops.c, but it looks  
comparitively complicated in order to be generic and simply return a  
value rather than perform an action on each bit set.  I suspect that  
the code in this patch would be faster, and avoids the need for me to  
follow all the twists and turns of find_next_bit() to figure out  
whether the undocumented interface is actually exactly what I guess it  
to be (e.g. what does it return when no bit is found?).


-Scott

Re: [Qemu-devel] [PATCH 09/15] openpic: always call IRQ_check from IRQ_get_next

[Scott Wood]

On 01/03/2013 12:42:09 PM, Alexander Graf wrote:


On 22.12.2012, at 03:15, Scott Wood wrote:

 Previously the code relied on the queue's next field getting
 set to -1 sometime between an update to the bitmap, and the next
 call to IRQ_get_next.  Sometimes this happened after the update.
 Sometimes it happened before the check.  Sometimes it didn't happen
 at all.

 Signed-off-by: Scott Wood scottw...@freescale.com

Have you verified that we don't run the check too often then? It's  
quite costly, no?


Correctness takes precedence over speed, as does  
readability/maintainability if the difference is minor.  In any case,  
the check gets faster later in the patchset.


-Scott

Re: [Qemu-devel] [PATCH 03/15] openpic: fix sense and priority bits

[Scott Wood]

On 01/03/2013 11:51:56 AM, Alexander Graf wrote:


On 22.12.2012, at 03:15, Scott Wood wrote:

 Previously, the sense and priority bits were masked off when writing
 to IVPR, and all interrupts were treated as edge-triggered (despite
 the existence of code for handling level-triggered interrupts).

 Polarity is implemented only as storage.  We don't simulate the
 bad effects that you'd get on real hardware if you set this  
incorrectly,
 but at least the guest sees the right thing when it reads back the  
register.


 Sense now controls level/edge on FSL external interrupts (and all
 interrupts on non-FSL MPIC).  FSL internal interrupts do not have a  
sense

 bit (reads as zero), but are level.  FSL timers and IPIs do not have
 sense or polarity bits (read as zero), and are edge-triggered.  To
 accommodate FSL internal interrupts, QEMU's internal notion of  
whether an

 interrupt is level-triggered is separated from the IVPR bit.

 Signed-off-by: Scott Wood scottw...@freescale.com
 ---
 hw/openpic.c |   61  
--

 1 file changed, 55 insertions(+), 6 deletions(-)

 diff --git a/hw/openpic.c b/hw/openpic.c
 index 02f793b..34449a7 100644
 --- a/hw/openpic.c
 +++ b/hw/openpic.c
 @@ -189,6 +189,9 @@ typedef struct IRQ_src_t {
 uint32_t ide;   /* IRQ destination register */
 int last_cpu;
 int pending;/* TRUE if IRQ is pending */
 +bool level; /* level-triggered */
 +bool fslint;/* FSL internal interrupt -- level only */
 +bool fslspecial; /* FSL timer/IPI interrupt, edge, no polarity  
*/


This really looks more like an irqtype enum, no?

enum irqtype {
IRQ_TYPE_NORMAL = 0,
IRQ_TYPE_FSLINT,
IRQ_TYPE_FSLSPECIAL,
}


OK.  At one point they could both be set, before I looked more closely  
at how the special interrupts are defined in hardware.


-Scott

Re: [Qemu-devel] [Qemu-ppc] [PATCH 2/3 v2] Reset qemu timers when guest reset

[Scott Wood]

On 12/27/2012 11:16:51 PM, Bharat Bhushan wrote:

This patch install the timer reset handler. This will be called when
the guest is reset.

Signed-off-by: Bharat Bhushan bharat.bhus...@freescale.com
---
 v2: same as v1

 hw/ppc_booke.c |   12 
 1 files changed, 12 insertions(+), 0 deletions(-)

diff --git a/hw/ppc_booke.c b/hw/ppc_booke.c
index d51e7fa..837a5b6 100644
--- a/hw/ppc_booke.c
+++ b/hw/ppc_booke.c
@@ -231,6 +231,16 @@ void store_booke_tcr(CPUPPCState *env,  
target_ulong val)


 }

+static void ppc_booke_timer_reset_handle(void *opaque)
+{
+CPUPPCState *env = opaque;
+
+env-spr[SPR_BOOKE_TSR] = 0;
+env-spr[SPR_BOOKE_TCR] = 0;
+
+booke_update_irq(env);
+}


When does KVM_SET_SREGS get called?

-Scott

Re: [Qemu-devel] [PATCH 12/15] openpic: IRQ_check: search the queue a word at a time

[Alexander Graf]

Am 03.01.2013 um 21:07 schrieb Scott Wood scottw...@freescale.com:

 On 01/03/2013 12:53:13 PM, Alexander Graf wrote:
 On 22.12.2012, at 03:15, Scott Wood wrote:
  Search the queue more efficiently by first looking for a non-zero word,
  and then using the common bit-searching function to find the bit within
  the word.  It would be even nicer if bitops_ffsl() could be hooked up
  to the compiler intrinsic so that bit-searching instructions could be
  used, but that's another matter.
 
  Signed-off-by: Scott Wood scottw...@freescale.com
 What we really want is a bitmap wide ffs() bipops helper function that 
 returns the first set bit in a bitmap and can optimize the hell out of that 
 operation inside of itself. I don't think this belongs to the OpenPIC code.
 
 Well, we do have find_next_bit() in bitops.c, but it looks comparitively 
 complicated in order to be generic and simply return a value rather than 
 perform an action on each bit set.  I suspect that the code in this patch 
 would be faster, and avoids the need for me to follow all the twists and 
 turns of find_next_bit() to figure out whether the undocumented interface is 
 actually exactly what I guess it to be (e.g. what does it return when no bit 
 is found?).

I would just call it bit_ffs and follow the same semantics.


Alex

 
 -Scott