[Qemu-devel] Question about life cycle of QEMU's stable branches

[Hitoshi Mitake]

Hi QEMU list,

I have a question about life cycle of QEMU's stable branches. Is there
an explicit support period for the stable branches?

We are maintaining stable branches of sheepdog, distributed block
storage system for QEMU. The stable branches  of sheepdog corresponds
to the stable branches of QEMU. e.g. stable-0.6 of sheepdog
coressponds to stable-1.5 of QEMU. We will try to keep the branches
updated until corresponding branchs of QEMU become outdated.

So I'd like to know the maintenance policy of QEMU's stable branch.

Thanks,
Hitoshi

Re: [Qemu-devel] [PATCH] pc: drop external DSDT loading

[Gerd Hoffmann]

On 08/08/13 18:38, Anthony Liguori wrote:
> This breaks migration and is unneeded with modern SeaBIOS.

No.  Dropping for piix is fine.  It will break q35 though.

Given that q35 can't be migrated anyway due to ahci being tagged as
unmigratable keeping it for q35 (until the new acpi table loading is
sorted) shouldn't hurt though.

cheers,
  Gerd

Re: [Qemu-devel] [PATCH 1/7] virtio: allow byte swapping for vring and config access

[Rusty Russell]

Anthony Liguori  writes:
> I suspect this is a premature optimization.  With a weak function called
> directly in the accessors below, I suspect you would see no measurable
> performance overhead compared to this approach.
>
> It's all very predictable so the CPU should do a decent job optimizing
> the if () away.

Perhaps.  I was leery of introducing performance regressions, but the
actual I/O tends to dominate anyway.

So I tested this, by adding the patch (below) and benchmarking
qemu-system-i386 on my laptop before and after.

Setup: Intel(R) Core(TM) i5 CPU   M 560  @ 2.67GHz
(Performance cpu governer enabled)
Guest: virtio user net, virtio block on raw file, 1 CPU, 512MB RAM.
(Qemu run under eatmydata to eliminate syncs)

First test: ping -f -c 1 -q 10.0.2.0 (100 times)
(Ping chosen since packets stay in qemu's user net code)

BEFORE:
MIN: 824ms
MAX: 914ms
AVG: 876.95ms
STDDEV: 16ms

AFTER:
MIN: 872ms
MAX: 933ms
AVG: 904.35ms
STDDEV: 15ms

Second test: dd if=/dev/vda iflag=direct count=1 of=/dev/null (100 times)

BEFORE:
MIN: 0.927994sec
MAX: 1.051640sec
AVG: 0.99733sec
STDDEV: 0.028sec

AFTER:
MIN: 0.941706sec
MAX: 1.034810sec
AVG: 0.988692sec
STDDEV: 0.021sec

So, we can notice performance on ping, but anything which does actual IO
is a wash.

Cheers,
Rusty.

diff --git a/hw/virtio/virtio.c b/hw/virtio/virtio.c
index 2887f17..df8733b 100644
--- a/hw/virtio/virtio.c
+++ b/hw/virtio/virtio.c
@@ -85,20 +85,6 @@ struct VirtQueue
 EventNotifier host_notifier;
 };
 
-#ifdef TARGET_VIRTIO_SWAPENDIAN
-bool virtio_byteswap;
-
-/* Ask target code if we should swap endian for all vring and config access. */
-static void mark_endian(void)
-{
-virtio_byteswap = virtio_swap_endian();
-}
-#else
-static void mark_endian(void)
-{
-}
-#endif
-
 /* virt queue functions */
 static void virtqueue_init(VirtQueue *vq)
 {
@@ -540,9 +526,6 @@ void virtio_set_status(VirtIODevice *vdev, uint8_t val)
 VirtioDeviceClass *k = VIRTIO_DEVICE_GET_CLASS(vdev);
 trace_virtio_set_status(vdev, val);
 
-/* If guest virtio endian is uncertain, set it now. */
-mark_endian();
-
 if (k->set_status) {
 k->set_status(vdev, val);
 }
diff --git a/include/hw/virtio/virtio-access.h 
b/include/hw/virtio/virtio-access.h
index b1d531e..ea4166a 100644
--- a/include/hw/virtio/virtio-access.h
+++ b/include/hw/virtio/virtio-access.h
@@ -13,18 +13,9 @@
 #ifndef _QEMU_VIRTIO_ACCESS_H
 #define _QEMU_VIRTIO_ACCESS_H
 
-#ifdef TARGET_VIRTIO_SWAPENDIAN
-/* Architectures which need biendian define this function. */
-extern bool virtio_swap_endian(void);
-
-extern bool virtio_byteswap;
-#else
-#define virtio_byteswap false
-#endif
-
 static inline uint16_t virtio_lduw_phys(hwaddr pa)
 {
-if (virtio_byteswap) {
+if (cpu_get_byteswap()) {
 return bswap16(lduw_phys(pa));
 }
 return lduw_phys(pa);
@@ -33,7 +24,7 @@ static inline uint16_t virtio_lduw_phys(hwaddr pa)
 
 static inline uint32_t virtio_ldl_phys(hwaddr pa)
 {
-if (virtio_byteswap) {
+if (cpu_get_byteswap()) {
 return bswap32(ldl_phys(pa));
 }
 return ldl_phys(pa);
@@ -41,7 +32,7 @@ static inline uint32_t virtio_ldl_phys(hwaddr pa)
 
 static inline uint64_t virtio_ldq_phys(hwaddr pa)
 {
-if (virtio_byteswap) {
+if (cpu_get_byteswap()) {
 return bswap64(ldq_phys(pa));
 }
 return ldq_phys(pa);
@@ -49,7 +40,7 @@ static inline uint64_t virtio_ldq_phys(hwaddr pa)
 
 static inline void virtio_stw_phys(hwaddr pa, uint16_t value)
 {
-if (virtio_byteswap) {
+if (cpu_get_byteswap()) {
 stw_phys(pa, bswap16(value));
 } else {
 stw_phys(pa, value);
@@ -58,7 +49,7 @@ static inline void virtio_stw_phys(hwaddr pa, uint16_t value)
 
 static inline void virtio_stl_phys(hwaddr pa, uint32_t value)
 {
-if (virtio_byteswap) {
+if (cpu_get_byteswap()) {
 stl_phys(pa, bswap32(value));
 } else {
 stl_phys(pa, value);
@@ -67,7 +58,7 @@ static inline void virtio_stl_phys(hwaddr pa, uint32_t value)
 
 static inline void virtio_stw_p(void *ptr, uint16_t v)
 {
-if (virtio_byteswap) {
+if (cpu_get_byteswap()) {
stw_p(ptr, bswap16(v));
 } else {
stw_p(ptr, v);
@@ -76,7 +67,7 @@ static inline void virtio_stw_p(void *ptr, uint16_t v)
 
 static inline void virtio_stl_p(void *ptr, uint32_t v)
 {
-if (virtio_byteswap) {
+if (cpu_get_byteswap()) {
stl_p(ptr, bswap32(v));
 } else {
stl_p(ptr, v);
@@ -85,7 +76,7 @@ static inline void virtio_stl_p(void *ptr, uint32_t v)
 
 static inline void virtio_stq_p(void *ptr, uint64_t v)
 {
-if (virtio_byteswap) {
+if (cpu_get_byteswap()) {
stq_p(ptr, bswap64(v));
 } else {
stq_p(ptr, v);
@@ -94,7 +85,7 @@ static inline void virtio_stq_p(void *ptr, uint64_t v)
 
 static inline int virtio_lduw_p(const void *ptr)
 {
-

Re: [Qemu-devel] [SeaBIOS] [PATCH] acpi: hide 64-bit PCI hole for Windows XP

[Gerd Hoffmann]

   Hi,

>> pmbase is a compile-time constant (aka #define) in both seabios and
>> coreboot, and making this runtime-configurable is non-trivial.  See
>> src/smm.c in seabios for one reason why.

> Converting src/smm.c to use a runtime value isn't hard - just change
> the assembler from: "mov $" __stringify(PORT_ACPI_PM_BASE) " + 0x04,
> %dx\n" to: "mov 4(my_acpi_base), %dx\n" and make sure to define the
> global variable my_acpi_base as VARFSEG.

Ah, good, I give that a try.  Need to check how that works out for
coreboot though.

That leaves the mmconf xbar location.  We can continue to have everybody
agree this should be mapped @ 0xb000 and be done with it.  Making
this configurable via fw_cfg is no problem for seabios.  coreboot can't
deal with it though, it sets up the xbar _very_ early because it does
the complete pci setup via mmconf.

>> In seabios we have fixed 32bit / 64bit width today, from acpi.c:
>>
>> // store pci io windows
>> *(u32*)&ssdt_ptr[acpi_pci32_start[0]] = cpu_to_le32(pcimem_start);
>> *(u32*)&ssdt_ptr[acpi_pci32_end[0]] = cpu_to_le32(pcimem_end - 1);
>> if (pcimem64_start) {
>> ssdt_ptr[acpi_pci64_valid[0]] = 1;
>> *(u64*)&ssdt_ptr[acpi_pci64_start[0]] = cpu_to_le64(pcimem64_start);
>> *(u64*)&ssdt_ptr[acpi_pci64_end[0]] = cpu_to_le64(pcimem64_end - 1);
>> *(u64*)&ssdt_ptr[acpi_pci64_length[0]] = cpu_to_le64(
>> pcimem64_end - pcimem64_start);
>> } else {
>> ssdt_ptr[acpi_pci64_valid[0]] = 0;
>> }
>>
>> Storing fixup instructions for these fields in the linker script
>> shouldn't be hard I think.
> 
> I don't think SeaBIOS should continue to do the above once the tables
> are moved to QEMU.  QEMU has all the info SeaBIOS has, so it can
> generate the tables correctly on its own.

The loader script provided by qemu has fixup instructions, which is
needed to fixup pointers to other acpi tables.  The idea is to use that
mechanism to also allow th firmware to fixup addresses like pmbase in
the qemu-generated tables.

cheers,
  Gerd

[Qemu-devel] [Bug 1208540] Re: RDMSR of register 0x345 (IA32_PERF_CAPABILITIES) fails in guest

[Jari Ruusu]

Looks like the problem is in host linux kernel kvm code, not in qemu.
Until kvm code is fixed, this works as temporary workaround:

echo 1 >/sys/module/kvm/parameters/ignore_msrs

** Changed in: qemu
   Status: New => Fix Released

-- 
You received this bug notification because you are a member of qemu-
devel-ml, which is subscribed to QEMU.
https://bugs.launchpad.net/bugs/1208540

Title:
  RDMSR of register 0x345 (IA32_PERF_CAPABILITIES) fails in guest

Status in QEMU:
  Fix Released

Bug description:
  I have a problem with qemu when I attempt to configure qemu in a way that
  AES-NI op-codes are enabled in quest. To do that, I have to configure qemu
  to emulate a recent CPU. But that causes a problem, because with recent
  CPUs, guest linux kernel code assumes that RDMSR of register 0x345 works.
  Qemu does not handle that correctly. Qemu does not crash. Guests running
  newer linux kernels always crash on boot with 'general protection fault' on
  RDMSR op-code that attempts to read IA32_PERF_CAPABILITIES. That "crashing"
  linux code works OK on bare metal.

  - Host processor is Intel i7-3610QM (Ivy Bridge, AES-NI op-codes)

http://ark.intel.com/products/64899/Intel-Core-i7-3610QM-Processor-6M-Cache-up-to-3_30-GHz
  - Host linux kernel version: 3.10.5, x86-64,
CONFIG_KVM=y CONFIG_KVM_INTEL=y kernel config options enabled.
  - Qemu versions 1.5.2 and 1.6.0-rc1, 'kvm' accel method. Westmere,
SandyBridge, Haswell and 'host' emulated cpu all fail.
  - Guest linux kernel version: 3.10.5, x86-64
  - Guest linux kernel config required to trigger: CONFIG_GENERIC_CPU=y
  - Problem does not occour if qemu is configured to use slow 'tcg' accel
method.
  - Problem does not occour if qemu is configured to emulate older processor
model. Nehalem works, but does not provide AES-NI op-codes.
  - Problem does not occour if guest linux kernel is so old that it does not
attempt to read IA32_PERF_CAPABILITIES MSR register.
  - Problem does not occour if using qemu-kvm-1.0 version, and 'host' emulated
cpu type, where guest sees i7-3610QM cpu and AES-NI op-codes.

  
  Command line that I used to compile qemu, using host gcc version 4.6.3:

  ./configure --prefix=/opt/qemu --interp-prefix=/opt/qemu/gnemul \
   --target-list="i386-softmmu x86_64-softmmu ppc-softmmu" --disable-debug-info 
\
   --audio-drv-list=oss --disable-xen --enable-kvm --disable-guest-agent \
   --disable-seccomp --disable-glusterfs
  make -j 8
  make install

  
  Command line that I used to start qemu:

  /opt/qemu/bin/qemu-system-x86_64 -L /j/qemu/roms -boot menu=on -nographic \
   -enable-kvm -alt-grab -machine pc-1.0 -cpu SandyBridge -m 2048 \
   -drive 
if=ide,index=0,serial=QQQIDE0,media=disk,format=raw,cache=writeback,file=ide0.raw,cyls=13770,heads=16,secs=56,trans=none
 \
   -drive 
if=ide,index=1,serial=QQQIDE1,media=disk,format=raw,cache=writeback,file=ide1.raw,cyls=13770,heads=16,secs=56,trans=none
 \
   -drive if=ide,index=2,serial=QQQIDE2,media=cdrom,format=raw \
   -drive 
if=ide,index=3,serial=QQQIDE3,media=disk,format=raw,cache=writeback,file=ide3.raw,cyls=2295,heads=16,secs=56,trans=none
 \
   -net nic,vlan=0,model=e1000,macaddr=52:54:00:12:34:06 \
   -net 
tap,vlan=0,script=/j/qemu/scripts/qemu-ifup-br0.sh,downscript=/j/qemu/scripts/qemu-ifdown-br0.sh

  
  Bare metal host /proc/cpuinfo data, last one of 8 processors:

  processor   : 7
  vendor_id   : GenuineIntel
  cpu family  : 6
  model   : 58
  model name  : Intel(R) Core(TM) i7-3610QM CPU @ 2.30GHz
  stepping: 9
  microcode   : 0x10
  cpu MHz : 1200.000
  cache size  : 6144 KB
  physical id : 0
  siblings: 8
  core id : 3
  cpu cores   : 4
  apicid  : 7
  initial apicid  : 7
  fpu : yes
  fpu_exception   : yes
  cpuid level : 13
  wp  : yes
  flags   : fpu vme de pse tsc msr pae mce cx8 apic sep mtrr pge mca 
cmov pat pse36 clflush dts acpi mmx fxsr sse sse2 ss ht tm pbe syscall nx 
rdtscp lm constant_tsc arch_perfmon pebs bts rep_good nopl xtopology 
nonstop_tsc aperfmperf eagerfpu pni pclmulqdq dtes64 monitor ds_cpl vmx est tm2 
ssse3 cx16 xtpr pdcm pcid sse4_1 sse4_2 x2apic popcnt tsc_deadline_timer aes 
xsave avx f16c rdrand lahf_lm ida arat epb xsaveopt pln pts dtherm tpr_shadow 
vnmi flexpriority ept vpid fsgsbase smep erms
  bogomips: 4589.75
  clflush size: 64
  cache_alignment : 64
  address sizes   : 36 bits physical, 48 bits virtual
  power management:

  
  Working qemu-kvm-1.0 (cpu type 'host') guest /proc/cpuinfo data, only one 
processor:

  processor   : 0
  vendor_id   : GenuineIntel
  cpu family  : 6
  model   : 58
  model name  : Intel(R) Core(TM) i7-3610QM CPU @ 2.30GHz
  stepping: 9
  microcode   : 0x1
  cpu MHz : 2294.887
  cache size  : 4096 KB
  fpu : yes
  fpu_exception   : yes
  cpuid level : 13
  wp  : yes
  flags   

Re: [Qemu-devel] [PATCH 1/7] virtio: allow byte swapping for vring and config access

[Anton Blanchard]

Hi,

> > The distinction is important in QEMU.  ppc64 is still
> > TARGET_WORDS_BIGENDIAN.  We still want most stl_phys to treat
> > integers as big endian.  There's just this extra concept that CPU
> > loads/stores are sometimes byte swapped.  That affects virtio but
> > not a lot else.
> 
> You've redefined endian here; please don't do that.  Endian is the
> order in memory which a CPU does loads and stores.  From any
> reasonable definition, PPC is bi-endian.
> 
> It's actually a weird thing for the qemu core to know at all: almost
> everything which cares is in target-specific code.  The exceptions are
> gdb stubs and virtio, both of which are "native endian" (and that
> weird code in exec.c: what is notdirty_mem_write?).
> 
> Your argument that we shouldn't fix stl_* might be justifiable (ie.
> just hack virtio and gdb as one-offs), but it's neither clear nor
> "least surprise".

Here is the hack I have to get gdbstub going with a little endian
PowerPC kernel. Basically:

LE guest -> BE QEMU -> BE gdb (pointing at the LE vmlinux)

In this setup, gdb expects registers to be sent in little endian mode.

It's a pretty big mistake for the gdb remote protocol to be using
native endian to transfer registers especially when there is no other
protocol negotation to work out what endian that is.

Anton
--

Index: b/gdbstub.c
===
--- a/gdbstub.c
+++ b/gdbstub.c
@@ -317,6 +317,8 @@ static GDBState *gdbserver_state;
 
 bool gdb_has_xml;
 
+bool gdbstub_cross_endian;
+
 #ifdef CONFIG_USER_ONLY
 /* XXX: This is not thread safe.  Do we care?  */
 static int gdbserver_fd = -1;
Index: b/include/exec/gdbstub.h
===
--- a/include/exec/gdbstub.h
+++ b/include/exec/gdbstub.h
@@ -42,8 +42,13 @@ static inline int cpu_index(CPUState *cp
 /* The GDB remote protocol transfers values in target byte order.
This means
  * we can use the raw memory access routines to access the value
buffer.
  * Conveniently, these also handle the case where the buffer is
mis-aligned.
+ *
+ * We do need to byte swap if the CPU isn't running in the QEMU
compiled
+ * target endian mode.
  */
 
+extern bool gdbstub_cross_endian;
+
 static inline int gdb_get_reg8(uint8_t *mem_buf, uint8_t val)
 {
 stb_p(mem_buf, val);
@@ -52,28 +57,49 @@ static inline int gdb_get_reg8(uint8_t *
 
 static inline int gdb_get_reg16(uint8_t *mem_buf, uint16_t val)
 {
-stw_p(mem_buf, val);
+if (gdbstub_cross_endian)
+stw_p(mem_buf, bswap16(val));
+else
+stw_p(mem_buf, val);
 return 2;
 }
 
 static inline int gdb_get_reg32(uint8_t *mem_buf, uint32_t val)
 {
-stl_p(mem_buf, val);
+if (gdbstub_cross_endian)
+stq_p(mem_buf, bswap32(val));
+else
+stl_p(mem_buf, val);
 return 4;
 }
 
 static inline int gdb_get_reg64(uint8_t *mem_buf, uint64_t val)
 {
-stq_p(mem_buf, val);
+if (gdbstub_cross_endian)
+stq_p(mem_buf, bswap64(val));
+else
+stq_p(mem_buf, val);
 return 8;
 }
 
 #if TARGET_LONG_BITS == 64
 #define gdb_get_regl(buf, val) gdb_get_reg64(buf, val)
-#define ldtul_p(addr) ldq_p(addr)
+static inline uint64_t ldtul_p(const void *ptr)
+{
+   uint64_t tmp = ldq_p(ptr);
+   if (gdbstub_cross_endian)
+   tmp = bswap64(tmp);
+   return tmp;
+}
 #else
 #define gdb_get_regl(buf, val) gdb_get_reg32(buf, val)
-#define ldtul_p(addr) ldl_p(addr)
+static inline uint32_t ldtul_p(const void *ptr)
+{
+   uint32_t tmp = ldl_p(ptr);
+   if (gdbstub_cross_endian)
+   tmp = bswap32(tmp);
+   return tmp;
+}
 #endif
 
 #endif

Re: [Qemu-devel] [SeaBIOS] [PATCH] acpi: hide 64-bit PCI hole for Windows XP

[Kevin O'Connor]

On Thu, Aug 08, 2013 at 04:56:55PM +0200, Gerd Hoffmann wrote:
> On 08/08/13 16:13, Michael S. Tsirkin wrote:
> > On Thu, Aug 08, 2013 at 12:21:32PM +0200, Gerd Hoffmann wrote:
> >> On 08/08/13 11:52, Michael S. Tsirkin wrote:
> >>> On Thu, Aug 08, 2013 at 10:57:44AM +0200, Gerd Hoffmann wrote:
>  On 08/08/13 10:37, Michael S. Tsirkin wrote:
> > On Thu, Aug 08, 2013 at 09:57:39AM +0200, Gerd Hoffmann wrote:
> >> Also coreboot and seabios use different values for pmbase.  coreboot on
> >> q35 maps the pmbase below 0x1000.  Which surely makes sense.  When we
> >> don't place chipset stuff at 0xb000 we can assign the 0xb000->0xbfff
> >> window to a pci bridge instead.
> > 
> > Re-reading this - if this has value, can't we generalize it
> > and make all firmware behave the same, getting values from QEMU?
> 
> pmbase is a compile-time constant (aka #define) in both seabios and
> coreboot, and making this runtime-configurable is non-trivial.  See
> src/smm.c in seabios for one reason why.

I don't think SeaBIOS should modify tables provided by QEMU.  That
leads to confusion on the source of the data and mixed
responsibilities which results in greater complexity in both QEMU and
SeaBIOS.

SeaBIOS doesn't have any info that QEMU doesn't have.  So, I think
it's safe for QEMU to be the sole authority for the table content.

Converting src/smm.c to use a runtime value isn't hard - just change
the assembler from: "mov $" __stringify(PORT_ACPI_PM_BASE) " + 0x04,
%dx\n" to: "mov 4(my_acpi_base), %dx\n" and make sure to define the
global variable my_acpi_base as VARFSEG.

> >> Yes, the address ranges used for pci devices (aka 32bit + 64bit pci
> >> window) need to be there.  Well, placing in SSDT, then referencing from
> >> DSDT works too, and this is what seabios does today to dynamically
> >> adjust stuff.  Fixing up the SSDT using the linker is probably easier as
> >> we generate it anyway.
> >>
> > Yes but as I said, this makes things messy, since AML encoding for
> > numbers isn't fixed width.
> 
> In seabios we have fixed 32bit / 64bit width today, from acpi.c:
> 
> // store pci io windows
> *(u32*)&ssdt_ptr[acpi_pci32_start[0]] = cpu_to_le32(pcimem_start);
> *(u32*)&ssdt_ptr[acpi_pci32_end[0]] = cpu_to_le32(pcimem_end - 1);
> if (pcimem64_start) {
> ssdt_ptr[acpi_pci64_valid[0]] = 1;
> *(u64*)&ssdt_ptr[acpi_pci64_start[0]] = cpu_to_le64(pcimem64_start);
> *(u64*)&ssdt_ptr[acpi_pci64_end[0]] = cpu_to_le64(pcimem64_end - 1);
> *(u64*)&ssdt_ptr[acpi_pci64_length[0]] = cpu_to_le64(
> pcimem64_end - pcimem64_start);
> } else {
> ssdt_ptr[acpi_pci64_valid[0]] = 0;
> }
> 
> Storing fixup instructions for these fields in the linker script
> shouldn't be hard I think.

I don't think SeaBIOS should continue to do the above once the tables
are moved to QEMU.  QEMU has all the info SeaBIOS has, so it can
generate the tables correctly on its own.

In all practical situations, the PCI window should be at least an
order of magnatude greater than the sum of the PCI bars in the system.
If the bars are actually bigger than the window, then things are going
to fail - the best the firmware can do is try to fail gracefully.  I
don't think it's worth the complexity to design mixed ownership and
advanced interfaces just so we can fail slightly better.

If this is a real worry, QEMU can sum all the PCI bars and warn the
user if they don't fit.

-Kevin

Re: [Qemu-devel] 1.7.3.1 release planned

[Kevin O'Connor]

On Thu, Aug 08, 2013 at 03:43:48PM +0200, Gerd Hoffmann wrote:
> I've just created a 1.7.3-stable branch.  It has a single commit right
> now, which is 2a9aeabdfb34374ecac25e7a8d21c9e368618cd4 from master
> cherry-picked (Fix USB EHCI detection that was broken in hlist
> conversion of PCIDevices).
> 
> My plan is to tag 1.7.3.1 next monday, so the update can be included in
> qemu 1.6-rc3 planned for next monday.
> 
> Are there more patches which should go into the 1.7.3.1 bugfix release?
> 
> Commit ed88f6515c18d9520efa4a41ccb70038dfbe43f9 (acpi: sync FADT flags
> from PIIX4 to Q35vga) looks like a candidate to me.  Michael?
> 
> Also commit 1a113e1144113348e04cbe39fa81a448049e82a0 (Fix bug in CBFS
> file walking with compressed files).  Kevin?

Yes - that should go in the next stable release.

-Kevin

Re: [Qemu-devel] [PATCH 1/7] virtio: allow byte swapping for vring and config access

[Rusty Russell]

Anthony Liguori  writes:
> "Daniel P. Berrange"  writes:
>
>> On Thu, Aug 08, 2013 at 10:40:28AM -0500, Anthony Liguori wrote:
>>> Andreas Färber  writes:
>>> >> We have a mechanism to do weak functions via stubs/.  I think it would
>>> >> be better to do cpu_get_byteswap() as a stub function and then overload
>>> >> it in the ppc64 code.
>>> >
>>> > If this as your name indicates is a per-CPU function then it should go
>>> > into CPUClass. Interesting question is, what is virtio supposed to do if
>>> > we have two ppc CPUs, one is Big Endian, the other is Little Endian.
>>> 
>>> PPC64 is big endian.  AFAIK, there is no such thing as a little endian
>>> PPC64 processor.
>>
>> Unless I'm misunderstanding, this thread seems to suggest otherwise:
>>
>>   "[Qemu-devel] [PATCH 0/5] 64bit PowerPC little endian support"
>>
>>   https://lists.nongnu.org/archive/html/qemu-devel/2013-08/msg00813.html
>
> Yeah, it's confusing.  It feels like little endian to most software but
> the distinction in hardware (and therefore QEMU) is important.
>
> It's the same processor.  It still starts executing big endian
> instructions.  A magic register value is tweaked and loads/stores are
> swapped.  CPU data structures are still read as big endian though.  It's
> really just load/stores that are affected.
>
> The distinction is important in QEMU.  ppc64 is still
> TARGET_WORDS_BIGENDIAN.  We still want most stl_phys to treat integers
> as big endian.  There's just this extra concept that CPU loads/stores
> are sometimes byte swapped.  That affects virtio but not a lot else.

You've redefined endian here; please don't do that.  Endian is the order
in memory which a CPU does loads and stores.  From any reasonable
definition, PPC is bi-endian.

It's actually a weird thing for the qemu core to know at all: almost
everything which cares is in target-specific code.  The exceptions are
gdb stubs and virtio, both of which are "native endian" (and that weird
code in exec.c: what is notdirty_mem_write?).

Your argument that we shouldn't fix stl_* might be justifiable (ie. just
hack virtio and gdb as one-offs), but it's neither clear nor "least
surprise".

Chers,
Rusty.

Re: [Qemu-devel] [PATCH 1/7] virtio: allow byte swapping for vring and config access

[Rusty Russell]

Andreas Färber  writes:
> Am 08.08.2013 15:31, schrieb Anthony Liguori:
>> Rusty Russell  writes:
>> 
>>> Virtio is currently defined to work as "guest endian", but this is a
>>> problem if the guest can change endian.  As most targets can't change
>>> endian, we make it a per-target option to avoid pessimising.
>>>
>>> This is based on a simpler patch by Anthony Liguouri, which only handled
>>> the vring accesses.  We also need some drivers to access these helpers,
>>> eg. for data which contains headers.
>>>
>>> Signed-off-by: Rusty Russell 
>>> ---
>>>  hw/virtio/virtio.c|  46 +
>>>  include/hw/virtio/virtio-access.h | 138 
>>> ++
>>>  2 files changed, 170 insertions(+), 14 deletions(-)
>>>  create mode 100644 include/hw/virtio/virtio-access.h
>>>
>>> diff --git a/hw/virtio/virtio.c b/hw/virtio/virtio.c
>>> index 8176c14..2887f17 100644
>>> --- a/hw/virtio/virtio.c
>>> +++ b/hw/virtio/virtio.c
>>> @@ -18,6 +18,7 @@
>>>  #include "hw/virtio/virtio.h"
>>>  #include "qemu/atomic.h"
>>>  #include "hw/virtio/virtio-bus.h"
>>> +#include "hw/virtio/virtio-access.h"
>>>  
>>>  /* The alignment to use between consumer and producer parts of vring.
>>>   * x86 pagesize again. */
>>> @@ -84,6 +85,20 @@ struct VirtQueue
>>>  EventNotifier host_notifier;
>>>  };
>>>  
>>> +#ifdef TARGET_VIRTIO_SWAPENDIAN
>>> +bool virtio_byteswap;
>>> +
>>> +/* Ask target code if we should swap endian for all vring and config 
>>> access. */
>>> +static void mark_endian(void)
>>> +{
>>> +virtio_byteswap = virtio_swap_endian();
>>> +}
>>> +#else
>>> +static void mark_endian(void)
>>> +{
>>> +}
>>> +#endif
>>> +
>> 
>> It would be very good to avoid a target specific define here.  We would
>> like to move to only building a single copy of the virtio code.
>
> +1
>
>> We have a mechanism to do weak functions via stubs/.  I think it would
>> be better to do cpu_get_byteswap() as a stub function and then overload
>> it in the ppc64 code.
>
> If this as your name indicates is a per-CPU function then it should go
> into CPUClass. Interesting question is, what is virtio supposed to do if
> we have two ppc CPUs, one is Big Endian, the other is Little Endian.
> We'd need to check current_cpu then, which for Xen is always NULL.

This is why the check is performed on a random CPU when they first
acknowledge the device.  It's a hacky assumption, but that's why there's
a proposal to nail virtio to LE for the 1.0 OASIS standard.

You can't actually change endian of a virtio device in flight: it
doesn't make sense since there's readable state there already.

Cheers,
Rusty.

[Qemu-devel] [RFC] [PATCHv8 13/30] aio / timers: Add aio_timer_new wrapper

[Alex Bligh]

Add aio_timer_new wrapper function.

Signed-off-by: Alex Bligh 
---
 include/block/aio.h |   19 +++
 1 file changed, 19 insertions(+)

diff --git a/include/block/aio.h b/include/block/aio.h
index a13f6e8..bd6f17c 100644
--- a/include/block/aio.h
+++ b/include/block/aio.h
@@ -255,4 +255,23 @@ void qemu_aio_set_fd_handler(int fd,
  void *opaque);
 #endif
 
+/**
+ * aio_timer_new:
+ * @ctx: the aio context
+ * @type: the clock type
+ * @scale: the scale
+ * @cb: the callback to call on timer expiry
+ * @opaque: the opaque pointer to pass to the callback
+ *
+ * Generate a new timer attached to the context @ctx.
+ *
+ * Returns: a pointer to the new timer
+ */
+static inline QEMUTimer *aio_timer_new(AioContext *ctx, QEMUClockType type,
+   int scale,
+   QEMUTimerCB *cb, void *opaque)
+{
+return timer_new(ctx->tlg[type], scale, cb, opaque);
+}
+
 #endif
-- 
1.7.9.5

[Qemu-devel] [RFC] [PATCHv8 18/30] aio / timers: Use all timerlists in icount warp calculations

[Alex Bligh]

Notify all timerlists derived from vm_clock in icount warp
calculations.

When calculating timer delay based on vm_clock deadline, use
all timerlists.

For compatibility, maintain an apparent bug where when using
icount, if no vm_clock timer was set, qemu_clock_deadline
would return INT32_MAX and always set an icount clock expiry
about 2 seconds ahead.

NB: thread safety - when different timerlists sit on different
threads, this will need some locking.

Signed-off-by: Alex Bligh 
---
 cpus.c   |   46 +-
 include/qemu/timer.h |   13 +
 qemu-timer.c |   16 
 qtest.c  |2 +-
 4 files changed, 67 insertions(+), 10 deletions(-)

diff --git a/cpus.c b/cpus.c
index 0f65e76..673d506 100644
--- a/cpus.c
+++ b/cpus.c
@@ -262,7 +262,7 @@ static void icount_warp_rt(void *opaque)
 qemu_icount_bias += MIN(warp_delta, delta);
 }
 if (qemu_clock_expired(vm_clock)) {
-qemu_notify_event();
+qemu_clock_notify(vm_clock);
 }
 }
 vm_clock_warp_start = -1;
@@ -273,13 +273,13 @@ void qtest_clock_warp(int64_t dest)
 int64_t clock = qemu_get_clock_ns(vm_clock);
 assert(qtest_enabled());
 while (clock < dest) {
-int64_t deadline = qemu_clock_deadline(vm_clock);
+int64_t deadline = qemu_clock_deadline_ns_all(vm_clock);
 int64_t warp = MIN(dest - clock, deadline);
 qemu_icount_bias += warp;
 qemu_run_timers(vm_clock);
 clock = qemu_get_clock_ns(vm_clock);
 }
-qemu_notify_event();
+qemu_clock_notify(vm_clock);
 }
 
 void qemu_clock_warp(QEMUClock *clock)
@@ -314,7 +314,18 @@ void qemu_clock_warp(QEMUClock *clock)
 }
 
 vm_clock_warp_start = qemu_get_clock_ns(rt_clock);
-deadline = qemu_clock_deadline(vm_clock);
+/* We want to use the earliest deadline from ALL vm_clocks */
+deadline = qemu_clock_deadline_ns_all(vm_clock);
+
+/* Maintain prior (possibly buggy) behaviour where if no deadline
+ * was set (as there is no vm_clock timer) or it is more than
+ * INT32_MAX nanoseconds ahead, we still use INT32_MAX
+ * nanoseconds.
+ */
+if ((deadline < 0) || (deadline > INT32_MAX)) {
+deadline = INT32_MAX;
+}
+
 if (deadline > 0) {
 /*
  * Ensure the vm_clock proceeds even when the virtual CPU goes to
@@ -333,8 +344,8 @@ void qemu_clock_warp(QEMUClock *clock)
  * packets continuously instead of every 100ms.
  */
 qemu_mod_timer(icount_warp_timer, vm_clock_warp_start + deadline);
-} else {
-qemu_notify_event();
+} else if (deadline == 0) {
+qemu_clock_notify(vm_clock);
 }
 }
 
@@ -866,8 +877,13 @@ static void *qemu_tcg_cpu_thread_fn(void *arg)
 
 while (1) {
 tcg_exec_all();
-if (use_icount && qemu_clock_deadline(vm_clock) <= 0) {
-qemu_notify_event();
+
+if (use_icount) {
+int64_t deadline = qemu_clock_deadline_ns_all(vm_clock);
+
+if (deadline == 0) {
+qemu_clock_notify(vm_clock);
+}
 }
 qemu_tcg_wait_io_event();
 }
@@ -1145,11 +1161,23 @@ static int tcg_cpu_exec(CPUArchState *env)
 #endif
 if (use_icount) {
 int64_t count;
+int64_t deadline;
 int decr;
 qemu_icount -= (env->icount_decr.u16.low + env->icount_extra);
 env->icount_decr.u16.low = 0;
 env->icount_extra = 0;
-count = qemu_icount_round(qemu_clock_deadline(vm_clock));
+deadline = qemu_clock_deadline_ns_all(vm_clock);
+
+/* Maintain prior (possibly buggy) behaviour where if no deadline
+ * was set (as there is no vm_clock timer) or it is more than
+ * INT32_MAX nanoseconds ahead, we still use INT32_MAX
+ * nanoseconds.
+ */
+if ((deadline < 0) || (deadline > INT32_MAX)) {
+deadline = INT32_MAX;
+}
+
+count = qemu_icount_round(deadline);
 qemu_icount += count;
 decr = (count > 0x) ? 0x : count;
 count -= decr;
diff --git a/include/qemu/timer.h b/include/qemu/timer.h
index da9ead3..7a44741 100644
--- a/include/qemu/timer.h
+++ b/include/qemu/timer.h
@@ -89,6 +89,7 @@ int64_t qemu_clock_deadline(QEMUClock *clock);
  * @clock: the clock to operate on
  *
  * Calculate the timeout of the earliest expiring timer
+ * on the default timer list associated with the clock
  * in nanoseconds, or -1 if no timer is set to expire.
  *
  * Returns: time until expiry in nanoseconds or -1
@@ -112,6 +113,18 @@ int64_t qemu_clock_deadline_ns(QEMUClock *clock);
 bool qemu_clock_use_for_deadline(QEMUClock *clock);
 
 /**
+ * qemu_clock_use_for_deadline:
+ * @clock: the clock to operate on
+ *
+ * Calculate the deadline across all timer lists associated
+ * with a clock (as opposed to just the default one)
+ * in nanoseconds, or -1 if no timer is set to ex

[Qemu-devel] [RFC] [PATCHv8 15/30] aio / timers: Convert mainloop to use timeout

[Alex Bligh]

Convert mainloop to use timeout from default timerlist group
(i.e. the current 3 static timers)

Signed-off-by: Alex Bligh 
---
 main-loop.c |   45 ++---
 1 file changed, 34 insertions(+), 11 deletions(-)

diff --git a/main-loop.c b/main-loop.c
index a44fff6..00e54bd 100644
--- a/main-loop.c
+++ b/main-loop.c
@@ -155,10 +155,11 @@ static int max_priority;
 static int glib_pollfds_idx;
 static int glib_n_poll_fds;
 
-static void glib_pollfds_fill(uint32_t *cur_timeout)
+static void glib_pollfds_fill(int64_t *cur_timeout)
 {
 GMainContext *context = g_main_context_default();
 int timeout = 0;
+int64_t timeout_ns;
 int n;
 
 g_main_context_prepare(context, &max_priority);
@@ -174,9 +175,13 @@ static void glib_pollfds_fill(uint32_t *cur_timeout)
  glib_n_poll_fds);
 } while (n != glib_n_poll_fds);
 
-if (timeout >= 0 && timeout < *cur_timeout) {
-*cur_timeout = timeout;
+if (timeout < 0) {
+timeout_ns = -1;
+} else {
+timeout_ns = (int64_t)timeout * (int64_t)SCALE_MS;
 }
+
+*cur_timeout = qemu_soonest_timeout(timeout_ns, *cur_timeout);
 }
 
 static void glib_pollfds_poll(void)
@@ -191,7 +196,7 @@ static void glib_pollfds_poll(void)
 
 #define MAX_MAIN_LOOP_SPIN (1000)
 
-static int os_host_main_loop_wait(uint32_t timeout)
+static int os_host_main_loop_wait(int64_t timeout)
 {
 int ret;
 static int spin_counter;
@@ -214,7 +219,7 @@ static int os_host_main_loop_wait(uint32_t timeout)
 notified = true;
 }
 
-timeout = 1;
+timeout = SCALE_MS;
 }
 
 if (timeout > 0) {
@@ -224,7 +229,7 @@ static int os_host_main_loop_wait(uint32_t timeout)
 spin_counter++;
 }
 
-ret = g_poll((GPollFD *)gpollfds->data, gpollfds->len, timeout);
+ret = qemu_poll_ns((GPollFD *)gpollfds->data, gpollfds->len, timeout);
 
 if (timeout > 0) {
 qemu_mutex_lock_iothread();
@@ -373,7 +378,7 @@ static void pollfds_poll(GArray *pollfds, int nfds, fd_set 
*rfds,
 }
 }
 
-static int os_host_main_loop_wait(uint32_t timeout)
+static int os_host_main_loop_wait(int64_t timeout)
 {
 GMainContext *context = g_main_context_default();
 GPollFD poll_fds[1024 * 2]; /* this is probably overkill */
@@ -382,6 +387,7 @@ static int os_host_main_loop_wait(uint32_t timeout)
 PollingEntry *pe;
 WaitObjects *w = &wait_objects;
 gint poll_timeout;
+int64_t poll_timeout_ns;
 static struct timeval tv0;
 fd_set rfds, wfds, xfds;
 int nfds;
@@ -419,12 +425,17 @@ static int os_host_main_loop_wait(uint32_t timeout)
 poll_fds[n_poll_fds + i].events = G_IO_IN;
 }
 
-if (poll_timeout < 0 || timeout < poll_timeout) {
-poll_timeout = timeout;
+if (poll_timeout < 0) {
+poll_timeout_ns = -1;
+} else {
+poll_timeout_ns = (int64_t)poll_timeout * (int64_t)SCALE_MS;
 }
 
+poll_timeout_ns = qemu_soonest_timeout(poll_timeout_ns, timeout);
+
 qemu_mutex_unlock_iothread();
-g_poll_ret = g_poll(poll_fds, n_poll_fds + w->num, poll_timeout);
+g_poll_ret = qemu_poll_ns(poll_fds, n_poll_fds + w->num, poll_timeout_ns);
+
 qemu_mutex_lock_iothread();
 if (g_poll_ret > 0) {
 for (i = 0; i < w->num; i++) {
@@ -449,6 +460,7 @@ int main_loop_wait(int nonblocking)
 {
 int ret;
 uint32_t timeout = UINT32_MAX;
+int64_t timeout_ns;
 
 if (nonblocking) {
 timeout = 0;
@@ -462,7 +474,18 @@ int main_loop_wait(int nonblocking)
 slirp_pollfds_fill(gpollfds);
 #endif
 qemu_iohandler_fill(gpollfds);
-ret = os_host_main_loop_wait(timeout);
+
+if (timeout == UINT32_MAX) {
+timeout_ns = -1;
+} else {
+timeout_ns = (uint64_t)timeout * (int64_t)(SCALE_MS);
+}
+
+timeout_ns = qemu_soonest_timeout(timeout_ns,
+  timerlistgroup_deadline_ns(
+  main_loop_tlg));
+
+ret = os_host_main_loop_wait(timeout_ns);
 qemu_iohandler_poll(gpollfds, ret);
 #ifdef CONFIG_SLIRP
 slirp_pollfds_poll(gpollfds, (ret < 0));
-- 
1.7.9.5

Re: [Qemu-devel] [PATCH v10 00/10] qemu-ga: fsfreeze on Windows using VSS

[Michael Roth]

Quoting Tomoki Sekiyama (2013-08-07 10:39:25)
> Hi,
> 
> I rebased the patch series to add fsfreeze for Windows qemu-ga.
> 
> changes from v9:
>   - Fix conflict with commit e8ef31a3518c "qemu-ga: build it even if !system"
> 
> changes from v8:
>  - Add hEventTimeout to improve timeout error message (patch 07, see below)
>  - Build qga-vss.tlb if configure'd --with-win-sdk (patch 05, 07)
>  - Use "qga-vss-dll-obj-$(CONFIG_QGA_VSS)" in Makefile.objs (patch 07)
>  - Fix typo in QGAVSSRequesterFunc (patch 07, 08)

Everything looks good, went ahead and applied to qga branch and will send a
PULL shortly after 1.7 development window opens up:

  https://github.com/mdroth/qemu/commits/qga

Thanks for the series!

> 
> v9: http://lists.nongnu.org/archive/html/qemu-devel/2013-07/msg06071.html
> 
> * Description
>   In Windows, VSS (Volume Shadow Copy Service) provides a facility to
>   quiesce filesystems and applications before disk snapshots are taken.
>   This patch series implements "fsfreeze" command of qemu-ga using VSS.
> 
> 
> * How to build & run qemu-ga with VSS support
> 
>  - Download Microsoft VSS SDK from:
>http://www.microsoft.com/en-us/download/details.aspx?id=23490
> 
>  - Setup the SDK
>scripts/extract-vsssdk-headers setup.exe (on POSIX-systems)
> 
>  - Specify installed SDK directory to configure option as:
>./configure --cross-prefix=i686-w64-mingw32- \
>--with-vss-sdk="path/to/VSS SDK" \
>--without-systems --without-tools
> 
>  - make qemu-ga.exe qga/vss-win32/qga-vss.{dll,tlb}
> 
>  - Install qemu-ga.exe, qga/vss-win32/qga-vss.{dll,tlb}, and
>the other required mingw libraries into the same directory in guests
> 
>  - Run `qemu-ga.exe -s install' and `net start qemu-ga' in the guests
> 
> Any feedback are appreciated.
> 
> ---
> Tomoki Sekiyama (10):
>   configure: Support configuring C++ compiler
>   Add c++ keywords to QAPI helper script
>   checkpatch.pl: Check .cpp files
>   Add a script to extract VSS SDK headers on POSIX system
>   qemu-ga: Add configure options to specify path to Windows/VSS SDK
>   error: Add error_set_win32 and error_setg_win32
>   qemu-ga: Add Windows VSS provider and requester as DLL
>   qemu-ga: Call Windows VSS requester in fsfreeze command handler
>   qemu-ga: Install Windows VSS provider on `qemu-ga -s install'
>   QMP/qemu-ga-client: Make timeout longer for guest-fsfreeze-freeze 
> command
> 
> 
>  .gitignore |1 
>  Makefile   |3 
>  Makefile.objs  |2 
>  QMP/qemu-ga-client |4 
>  configure  |   96 +++
>  hmp.c  |2 
>  hw/pci/pci.c   |2 
>  include/qapi/error.h   |   13 +
>  qga/Makefile.objs  |3 
>  qga/commands-win32.c   |   82 ++
>  qga/main.c |   10 +
>  qga/vss-win32.c|  166 +
>  qga/vss-win32.h|   27 ++
>  qga/vss-win32/Makefile.objs|   23 ++
>  qga/vss-win32/install.cpp  |  458 +++
>  qga/vss-win32/provider.cpp |  523 
> 
>  qga/vss-win32/qga-vss.def  |   13 +
>  qga/vss-win32/qga-vss.idl  |   20 ++
>  qga/vss-win32/qga-vss.tlb  |  Bin
>  qga/vss-win32/requester.cpp|  507 +++
>  qga/vss-win32/requester.h  |   42 +++
>  qga/vss-win32/vss-common.h |  129 ++
>  rules.mak  |9 +
>  scripts/checkpatch.pl  |   34 ++-
>  scripts/extract-vsssdk-headers |   35 +++
>  scripts/qapi.py|   12 +
>  util/error.c   |   35 +++
>  27 files changed, 2229 insertions(+), 22 deletions(-)
>  create mode 100644 qga/vss-win32.c
>  create mode 100644 qga/vss-win32.h
>  create mode 100644 qga/vss-win32/Makefile.objs
>  create mode 100644 qga/vss-win32/install.cpp
>  create mode 100644 qga/vss-win32/provider.cpp
>  create mode 100644 qga/vss-win32/qga-vss.def
>  create mode 100644 qga/vss-win32/qga-vss.idl
>  create mode 100644 qga/vss-win32/qga-vss.tlb
>  create mode 100644 qga/vss-win32/requester.cpp
>  create mode 100644 qga/vss-win32/requester.h
>  create mode 100644 qga/vss-win32/vss-common.h
>  create mode 100755 scripts/extract-vsssdk-headers

[Qemu-devel] [RFC] [PATCHv8 03/30] aio / timers: Consistent treatment of disabled clocks for deadlines

[Alex Bligh]

Make treatment of disabled clocks consistent in deadline calculation

Signed-off-by: Alex Bligh 
---
 qemu-timer.c |2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/qemu-timer.c b/qemu-timer.c
index 8f378a9..47b5e4b 100644
--- a/qemu-timer.c
+++ b/qemu-timer.c
@@ -264,7 +264,7 @@ int64_t qemu_clock_deadline(QEMUClock *clock)
 /* To avoid problems with overflow limit this to 2^32.  */
 int64_t delta = INT32_MAX;
 
-if (clock->active_timers) {
+if (clock->enabled && clock->active_timers) {
 delta = clock->active_timers->expire_time - qemu_get_clock_ns(clock);
 }
 if (delta < 0) {
-- 
1.7.9.5

[Qemu-devel] [RFC] [PATCHv8 04/30] aio / timers: add ppoll support with qemu_poll_ns

[Alex Bligh]

Add qemu_poll_ns which works like g_poll but takes a nanosecond
timeout.

Signed-off-by: Alex Bligh 
---
 configure|   19 +++
 include/qemu/timer.h |   12 
 qemu-timer.c |   24 
 3 files changed, 55 insertions(+)

diff --git a/configure b/configure
index 18fa608..5659412 100755
--- a/configure
+++ b/configure
@@ -2818,6 +2818,22 @@ if compile_prog "" "" ; then
   dup3=yes
 fi
 
+# check for ppoll support
+ppoll=no
+cat > $TMPC << EOF
+#include 
+
+int main(void)
+{
+struct pollfd pfd = { .fd = 0, .events = 0, .revents = 0 };
+ppoll(&pfd, 1, 0, 0);
+return 0;
+}
+EOF
+if compile_prog "" "" ; then
+  ppoll=yes
+fi
+
 # check for epoll support
 epoll=no
 cat > $TMPC << EOF
@@ -3814,6 +3830,9 @@ fi
 if test "$dup3" = "yes" ; then
   echo "CONFIG_DUP3=y" >> $config_host_mak
 fi
+if test "$ppoll" = "yes" ; then
+  echo "CONFIG_PPOLL=y" >> $config_host_mak
+fi
 if test "$epoll" = "yes" ; then
   echo "CONFIG_EPOLL=y" >> $config_host_mak
 fi
diff --git a/include/qemu/timer.h b/include/qemu/timer.h
index 0794352..cbb044a 100644
--- a/include/qemu/timer.h
+++ b/include/qemu/timer.h
@@ -63,6 +63,18 @@ int64_t qemu_clock_deadline_ns(QEMUClock *clock);
  */
 int qemu_timeout_ns_to_ms(int64_t ns);
 
+/**
+ * qemu_poll_ns:
+ * @fds: Array of file descriptors
+ * @nfds: number of file descriptors
+ * @timeout: timeout in nanoseconds
+ *
+ * Perform a poll like g_poll but with a timeout in nanoseconds.
+ * See g_poll documentation for further details.
+ *
+ * Returns: number of fds ready
+ */
+int qemu_poll_ns(GPollFD *fds, uint nfds, int64_t timeout);
 void qemu_clock_enable(QEMUClock *clock, bool enabled);
 void qemu_clock_warp(QEMUClock *clock);
 
diff --git a/qemu-timer.c b/qemu-timer.c
index 47b5e4b..5e81935 100644
--- a/qemu-timer.c
+++ b/qemu-timer.c
@@ -37,6 +37,10 @@
 #include 
 #endif
 
+#ifdef CONFIG_PPOLL
+#include 
+#endif
+
 /***/
 /* timers */
 
@@ -323,6 +327,26 @@ int qemu_timeout_ns_to_ms(int64_t ns)
 }
 
 
+/* qemu implementation of g_poll which uses a nanosecond timeout but is
+ * otherwise identical to g_poll
+ */
+int qemu_poll_ns(GPollFD *fds, uint nfds, int64_t timeout)
+{
+#ifdef CONFIG_PPOLL
+if (timeout < 0) {
+return ppoll((struct pollfd *)fds, nfds, NULL, NULL);
+} else {
+struct timespec ts;
+ts.tv_sec = timeout / 10LL;
+ts.tv_nsec = timeout % 10LL;
+return ppoll((struct pollfd *)fds, nfds, &ts, NULL);
+}
+#else
+return g_poll(fds, nfds, qemu_timeout_ns_to_ms(timeout));
+#endif
+}
+
+
 QEMUTimer *qemu_new_timer(QEMUClock *clock, int scale,
   QEMUTimerCB *cb, void *opaque)
 {
-- 
1.7.9.5

Re: [Qemu-devel] [RFC] [PATCHv8 00/30] aio / timers: Add AioContext timers and use ppoll

[Alex Bligh]

--On 8 August 2013 22:41:57 +0100 Alex Bligh  wrote:


This patch series adds support for timers attached to an AioContext clock
which get called within aio_poll.


For ease of review, the finished result (and for that matter all the
intermediate steps) are available at:
https://github.com/abligh/qemu/tree/timer-api

If you are pulling this tree, note there is an intermediate commit

* b1eb241 2013-07-19 | Disable expensive tests [Alex Bligh]

which should not be included in the final pull, which merely disables
tests that take many minutes to run on my puny laptop.

This commit does NOT exist in the patch series posted here.

[stefanha: the above commit no longer breaks the build]

--
Alex Bligh

[Qemu-devel] [RFC] [PATCHv8 02/30] aio / timers: add qemu-timer.c utility functions

[Alex Bligh]

Add utility functions to qemu-timer.c for nanosecond timing.

Add qemu_clock_deadline_ns to calculate deadlines to
nanosecond accuracy.

Add utility function qemu_soonest_timeout to calculate soonest deadline.

Add qemu_timeout_ns_to_ms to convert a timeout in nanoseconds back to
milliseconds for when ppoll is not used.

Signed-off-by: Alex Bligh 
---
 include/qemu/timer.h |   42 ++
 qemu-timer.c |   50 ++
 2 files changed, 92 insertions(+)

diff --git a/include/qemu/timer.h b/include/qemu/timer.h
index 45c745b..0794352 100644
--- a/include/qemu/timer.h
+++ b/include/qemu/timer.h
@@ -40,6 +40,29 @@ int64_t qemu_get_clock_ns(QEMUClock *clock);
 int64_t qemu_clock_has_timers(QEMUClock *clock);
 int64_t qemu_clock_expired(QEMUClock *clock);
 int64_t qemu_clock_deadline(QEMUClock *clock);
+
+/**
+ * qemu_clock_deadline_ns:
+ * @clock: the clock to operate on
+ *
+ * Calculate the timeout of the earliest expiring timer
+ * in nanoseconds, or -1 if no timer is set to expire.
+ *
+ * Returns: time until expiry in nanoseconds or -1
+ */
+int64_t qemu_clock_deadline_ns(QEMUClock *clock);
+
+/**
+ * qemu_timeout_ns_to_ms:
+ * @ns: nanosecond timeout value
+ *
+ * Convert a nanosecond timeout value (or -1) to
+ * a millisecond value (or -1), always rounding up.
+ *
+ * Returns: millisecond timeout value
+ */
+int qemu_timeout_ns_to_ms(int64_t ns);
+
 void qemu_clock_enable(QEMUClock *clock, bool enabled);
 void qemu_clock_warp(QEMUClock *clock);
 
@@ -67,6 +90,25 @@ int64_t cpu_get_ticks(void);
 void cpu_enable_ticks(void);
 void cpu_disable_ticks(void);
 
+/**
+ * qemu_soonest_timeout:
+ * @timeout1: first timeout in nanoseconds (or -1 for infinite)
+ * @timeout2: second timeout in nanoseconds (or -1 for infinite)
+ *
+ * Calculates the soonest of two timeout values. -1 means infinite, which
+ * is later than any other value.
+ *
+ * Returns: soonest timeout value in nanoseconds (or -1 for infinite)
+ */
+static inline int64_t qemu_soonest_timeout(int64_t timeout1, int64_t timeout2)
+{
+/* we can abuse the fact that -1 (which means infinite) is a maximal
+ * value when cast to unsigned. As this is disgusting, it's kept in
+ * one inline function.
+ */
+return ((uint64_t) timeout1 < (uint64_t) timeout2) ? timeout1 : timeout2;
+}
+
 static inline QEMUTimer *qemu_new_timer_ns(QEMUClock *clock, QEMUTimerCB *cb,
void *opaque)
 {
diff --git a/qemu-timer.c b/qemu-timer.c
index 2d97a13..8f378a9 100644
--- a/qemu-timer.c
+++ b/qemu-timer.c
@@ -273,6 +273,56 @@ int64_t qemu_clock_deadline(QEMUClock *clock)
 return delta;
 }
 
+/*
+ * As above, but return -1 for no deadline, and do not cap to 2^32
+ * as we know the result is always positive.
+ */
+
+int64_t qemu_clock_deadline_ns(QEMUClock *clock)
+{
+int64_t delta;
+
+if (!clock->enabled || !clock->active_timers) {
+return -1;
+}
+
+delta = clock->active_timers->expire_time - qemu_get_clock_ns(clock);
+
+if (delta <= 0) {
+return 0;
+}
+
+return delta;
+}
+
+/* Transition function to convert a nanosecond timeout to ms
+ * This is used where a system does not support ppoll
+ */
+int qemu_timeout_ns_to_ms(int64_t ns)
+{
+int64_t ms;
+if (ns < 0) {
+return -1;
+}
+
+if (!ns) {
+return 0;
+}
+
+/* Always round up, because it's better to wait too long than to wait too
+ * little and effectively busy-wait
+ */
+ms = (ns + SCALE_MS - 1) / SCALE_MS;
+
+/* To avoid overflow problems, limit this to 2^31, i.e. approx 25 days */
+if (ms > (int64_t) INT32_MAX) {
+ms = INT32_MAX;
+}
+
+return (int) ms;
+}
+
+
 QEMUTimer *qemu_new_timer(QEMUClock *clock, int scale,
   QEMUTimerCB *cb, void *opaque)
 {
-- 
1.7.9.5

Re: [Qemu-devel] [RFC] [PATCHv8 23/30] aio / timers: Rearrange timer.h & make legacy functions call non-legacy

[Alex Bligh]

--On 8 August 2013 22:42:20 +0100 Alex Bligh  wrote:


diff --git a/pc-bios/slof.bin b/pc-bios/slof.bin
index
092e58a46e1d511410793f94a0ca415657dc72b7..3b925b32663d47516a770a8766f6ec1
7915e75a1 100644 GIT binary patch
delta 59
zcmbPn*nGxe^M)427N!>F7M2#)7Pc1l7LF~P^$MINnYpP&@#(20?Hvl7K+FZi+(68;
Ky+eUl;2;2XxD+t}

delta 59
zcmbPn*nGxe^M)427N!>F7M2#)7Pc1l7LF~P^$MKnsU`6xnYpP&?Hvl7K+FZi+(68;
Ky+eUl;2;2XauhKD



No idea how this happened.

--
Alex Bligh

[Qemu-devel] [RFC] [PATCHv8 11/30] aio / timers: Add a notify callback to QEMUTimerList

[Alex Bligh]

Add a notify pointer to QEMUTimerList so it knows what to notify
on a timer change.

Signed-off-by: Alex Bligh 
---
 async.c  |7 ++-
 include/qemu/timer.h |   35 ---
 qemu-timer.c |   24 ++--
 3 files changed, 60 insertions(+), 6 deletions(-)

diff --git a/async.c b/async.c
index 99fb5a8..2051921 100644
--- a/async.c
+++ b/async.c
@@ -234,6 +234,11 @@ void aio_notify(AioContext *ctx)
 event_notifier_set(&ctx->notifier);
 }
 
+static void aio_timerlist_notify(void *opaque)
+{
+aio_notify(opaque);
+}
+
 AioContext *aio_context_new(void)
 {
 AioContext *ctx;
@@ -245,7 +250,7 @@ AioContext *aio_context_new(void)
 aio_set_event_notifier(ctx, &ctx->notifier, 
(EventNotifierHandler *)
event_notifier_test_and_clear, NULL);
-timerlistgroup_init(ctx->tlg);
+timerlistgroup_init(ctx->tlg, aio_timerlist_notify, ctx);
 
 return ctx;
 }
diff --git a/include/qemu/timer.h b/include/qemu/timer.h
index 3b46f60..07e6d9e 100644
--- a/include/qemu/timer.h
+++ b/include/qemu/timer.h
@@ -54,6 +54,7 @@ typedef struct QEMUClock QEMUClock;
 typedef struct QEMUTimerList QEMUTimerList;
 typedef QEMUTimerList *QEMUTimerListGroup[QEMU_CLOCK_MAX];
 typedef void QEMUTimerCB(void *opaque);
+typedef void QEMUTimerListNotifyCB(void *opaque);
 
 extern QEMUTimerListGroup main_loop_tlg;
 extern QEMUClock *qemu_clocks[QEMU_CLOCK_MAX];
@@ -213,13 +214,41 @@ QEMUClock *timerlist_get_clock(QEMUTimerList *timer_list);
 bool timerlist_run_timers(QEMUTimerList *timer_list);
 
 /**
+ * timerlist_set_notify_cb:
+ * @timer_list: the timer list to use
+ * @cb: the callback to call on notification
+ * @opaque: the opaque pointer to pass to the callback
+ *
+ * Set the notify callback for a timer list. The notifier
+ * callback is called when the clock is reenabled or a timer
+ * on the list is modified.
+ */
+void timerlist_set_notify_cb(QEMUTimerList *timer_list,
+ QEMUTimerListNotifyCB *cb, void *opaque);
+
+/**
+ * timerlist_notify:
+ * @timer_list: the timer list to use
+ *
+ * call the notifier callback associated with the timer list.
+ */
+void timerlist_notify(QEMUTimerList *timer_list);
+
+/**
  * timerlistgroup_init:
  * @tlg: the timer list group
+ * @cb: the callback to call when a notify is required
+ * @opaque: the opaque pointer to be passed to the callback.
  *
  * Initialise a timer list group. This must already be
- * allocated in memory and zeroed.
- */
-void timerlistgroup_init(QEMUTimerListGroup tlg);
+ * allocated in memory and zeroed. The notifier callback is
+ * called whenever a clock in the timer list group is
+ * reenabled or whenever a timer associated with any timer
+ * list is modified. If @cb is specified as null, qemu_notify()
+ * is used instead.
+ */
+void timerlistgroup_init(QEMUTimerListGroup tlg,
+ QEMUTimerListNotifyCB *cb, void *opaque);
 
 /**
  * timerlistgroup_deinit:
diff --git a/qemu-timer.c b/qemu-timer.c
index e151d24..14cb433 100644
--- a/qemu-timer.c
+++ b/qemu-timer.c
@@ -73,6 +73,8 @@ struct QEMUTimerList {
 QEMUClock *clock;
 QEMUTimer *active_timers;
 QLIST_ENTRY(QEMUTimerList) list;
+QEMUTimerListNotifyCB *notify_cb;
+void *notify_opaque;
 };
 
 struct QEMUTimer {
@@ -394,6 +396,22 @@ QEMUTimerList 
*qemu_clock_get_main_loop_timerlist(QEMUClock *clock)
 return clock->main_loop_timerlist;
 }
 
+void timerlist_set_notify_cb(QEMUTimerList *timer_list,
+ QEMUTimerListNotifyCB *cb, void *opaque)
+{
+timer_list->notify_cb = cb;
+timer_list->notify_opaque = opaque;
+}
+
+void timerlist_notify(QEMUTimerList *timer_list)
+{
+if (timer_list->notify_cb) {
+timer_list->notify_cb(timer_list->notify_opaque);
+} else {
+qemu_notify_event();
+}
+}
+
 /* Transition function to convert a nanosecond timeout to ms
  * This is used where a system does not support ppoll
  */
@@ -518,7 +536,7 @@ void qemu_mod_timer_ns(QEMUTimer *ts, int64_t expire_time)
 /* Interrupt execution to force deadline recalculation.  */
 qemu_clock_warp(ts->timer_list->clock);
 if (use_icount) {
-qemu_notify_event();
+timerlist_notify(ts->timer_list);
 }
 }
 }
@@ -576,11 +594,13 @@ bool qemu_run_timers(QEMUClock *clock)
 return timerlist_run_timers(clock->main_loop_timerlist);
 }
 
-void timerlistgroup_init(QEMUTimerListGroup tlg)
+void timerlistgroup_init(QEMUTimerListGroup tlg,
+ QEMUTimerListNotifyCB *cb, void *opaque)
 {
 QEMUClockType type;
 for (type = 0; type < QEMU_CLOCK_MAX; type++) {
 tlg[type] = timerlist_new(type);
+timerlist_set_notify_cb(tlg[type], cb, opaque);
 }
 }
 
-- 
1.7.9.5

[Qemu-devel] [RFC] [PATCHv8 28/30] aio / timers: Add scripts/switch-timer-api

[Alex Bligh]

Add scripts/switch-timer-api to programatically rewrite source
files to use the new timer system.

Signed-off-by: Alex Bligh 
---
 scripts/switch-timer-api |  178 ++
 1 file changed, 178 insertions(+)

diff --git a/scripts/switch-timer-api b/scripts/switch-timer-api
new file mode 100755
index 000..5a06069
--- /dev/null
+++ b/scripts/switch-timer-api
@@ -0,0 +1,178 @@
+#!/usr/bin/perl
+
+use strict;
+use warnings;
+use Getopt::Long;
+use FindBin;
+
+my @legacy = qw(qemu_clock_ptr qemu_get_clock_ns qemu_get_clock_ms 
qemu_register_clock_reset_notifier qemu_unregister_clock_reset_notifier 
qemu_new_timer qemu_free_timer qemu_del_timer qemu_mod_timer_ns qemu_mod_timer 
qemu_run_timers qemu_new_timer_ns qemu_new_timer_us qemu_new_timer_ms);
+my $legacyre = '\b('.join('|', @legacy).')\b';
+my $option_git;
+my $option_dryrun;
+my $option_quiet;
+my $option_rtc;
+my $suffix=".tmp.$$";
+my @files;
+my $getfiles = 'git grep -l -E \'\b((host|rt|vm|rtc)_clock\b|qemu_\w*timer)\' 
| egrep \'\.[ch]$\' | egrep -v \'qemu-timer\.c$|include/qemu/timer\.h$\'';
+
+sub Syntax
+{
+print STDERR < \$option_dryrun,
+ "git|g" => \$option_git,
+"quiet|q" => \$option_quiet,
+"rtc|r" => \$option_rtc,
+ "help|h" => sub { Syntax(); exit(0); }
+))
+{
+Syntax();
+die "Bad options";
+}
+
+if ($#ARGV >=0)
+{
+   @files = @ARGV;
+}
+else
+{
+   @files = split(/\s+/, `$getfiles`);
+}
+
+foreach my $file (@files)
+{
+   die "Cannot find $file" unless (-f $file && -r $file);
+}
+}
+
+sub DoWarn
+{
+my $text = shift @_;
+my $line = shift @_;
+return if ($option_quiet);
+chomp ($line);
+print STDERR "$text\n";
+print STDERR "$line\n\n";
+}
+
+sub Process
+{
+my $ifn = shift @_;
+my $ofn = $ifn.$suffix;
+
+my $intext;
+my $outtext;
+my $linenum = 0;
+
+open my $input, "<", $ifn || die "Cannot open $ifn for read: $!";
+
+while (<$input>)
+{
+   my $line = $_;
+   $intext .= $line;
+   $linenum++;
+
+   # fix the specific uses
+   unless ($option_rtc)
+   {
+   $line =~ 
s/\bqemu_new_timer(_[num]s)\s*\((vm_|rt_|host_)clock\b/qemu_timer_new$1(XXX_$2clock/g;
+   $line =~ 
s/\bqemu_new_timer\s*\((vm_|rt_|host_)clock\b/qemu_timer_new(XXX_$1clock/g;
+   $line =~ 
s/\bqemu_get_clock(_[num]s)\s*\((vm_|rt_|host_)clock\b/qemu_clock_get$1(XXX_$2clock/g;
+   }
+
+   # rtc is different
+   $line =~ 
s/\bqemu_new_timer(_[num]s)\s*\(rtc_clock\b/qemu_timer_new$1(rtc_clock/g;
+   $line =~ s/\bqemu_new_timer\s*\(rtc_clock\b/qemu_timer_new(rtc_clock/g;
+   $line =~ 
s/\bqemu_get_clock(_[num]s)\s*\(rtc_clock\b/qemu_clock_get$1(rtc_clock/g;
+   $line =~ 
s/\bqemu_register_clock_reset_notifier\s*\(rtc_clock\b/qemu_register_clock_reset_notifier(qemu_clock_ptr(rtc_clock)/g;
+
+   unless ($option_rtc)
+   {
+   # fix up comments
+   $line =~ s/\b(vm_|rt_|host_)clock\b/XXX_$1clock/g if ($line =~ 
m,^[/ ]+\*,);
+
+   # spurious fprintf error reporting
+   $line =~ s/: qemu_new_timer_ns failed/: qemu_timer_new_ns failed/g;
+
+   # these have just changed name
+   $line =~ s/\bqemu_mod_timer\b/qemu_timer_mod/g;
+   $line =~ s/\bqemu_mod_timer_(ns|us|ms)\b/qemu_timer_mod_$1/g;
+   $line =~ s/\bqemu_free_timer\b/qemu_timer_free/g;
+   $line =~ s/\bqemu_del_timer\b/qemu_timer_del/g;
+   }
+
+   # fix up rtc_clock
+   $line =~ s/QEMUClock \*rtc_clock;/QEMUClockType rtc_clock;/g;
+   $line =~ s/\brtc_clock = (vm_|rt_|host_)clock\b/rtc_clock = 
XXX_$1clock/g;
+
+   unless ($option_rtc)
+   {
+   # replace any more general uses
+   $line =~ s/\b(vm_|rt_|host_)clock\b/qemu_clock_ptr(XXX_$1clock)/g;
+   }
+
+   # fix up the place holders
+   $line =~ s/\bXXX_vm_clock\b/QEMU_CLOCK_VIRTUAL/g;
+   $line =~ s/\bXXX_rt_clock\b/QEMU_CLOCK_REALTIME/g;
+   $line =~ s/\bXXX_host_clock\b/QEMU_CLOCK_HOST/g;
+
+   unless ($option_rtc)
+   {
+   DoWarn("$ifn:$linenum WARNING: timer $1 not fixed up", $line) if 
($line =~ /\b((vm_|rt_|host_)clock)\b/);
+   DoWarn("$ifn:$linenum WARNING: function $1 not fixed up", $line) if 
($line =~ /\b(qemu_new_timer\w+)\b/);
+   DoWarn("$ifn:$linenum WARNING: legacy function $1 remains", $line) 
if ($line =~ /$legacyre/o);
+   }
+
+   $outtext .= $line;
+}
+
+close $input;
+
+if ($intext ne $outtext)
+{
+   print STDERR "Patching $ifn\n" unless ($option_quiet);
+   unless ($option_dryrun)
+   {
+   open my $output, ">", $ofn || die "Cannot open $ofn for write: $!";
+   print $output $outtext;
+   close $output;
+   rename ($ofn, $ifn) || die "Cannot rename temp file to $ifn: $!";
+   return 1;
+   }
+}
+retu

[Qemu-devel] [RFC] [PATCHv8 25/30] aio / timers: Convert rtc_clock to be a QEMUClockType

[Alex Bligh]

Convert rtc_clock to be a QEMUClockType

Move rtc_clock users to use the new API

Signed-off-by: Alex Bligh 
---
 hw/arm/omap1.c|4 ++--
 hw/arm/pxa2xx.c   |   35 +++
 hw/arm/strongarm.c|   10 +-
 hw/timer/m48t59.c |4 ++--
 hw/timer/mc146818rtc.c|   28 +++-
 hw/timer/pl031.c  |   13 +++--
 hw/timer/twl92230.c   |8 
 include/sysemu/sysemu.h   |2 +-
 target-alpha/sys_helper.c |2 +-
 vl.c  |   10 +-
 10 files changed, 61 insertions(+), 55 deletions(-)

diff --git a/hw/arm/omap1.c b/hw/arm/omap1.c
index 19be5fc..c8e4f2f 100644
--- a/hw/arm/omap1.c
+++ b/hw/arm/omap1.c
@@ -2894,7 +2894,7 @@ static void omap_rtc_reset(struct omap_rtc_s *s)
 s->pm_am = 0;
 s->auto_comp = 0;
 s->round = 0;
-s->tick = qemu_get_clock_ms(rtc_clock);
+s->tick = qemu_clock_get_ms(rtc_clock);
 memset(&s->alarm_tm, 0, sizeof(s->alarm_tm));
 s->alarm_tm.tm_mday = 0x01;
 s->status = 1 << 7;
@@ -2915,7 +2915,7 @@ static struct omap_rtc_s *omap_rtc_init(MemoryRegion 
*system_memory,
 
 s->irq = timerirq;
 s->alarm = alarmirq;
-s->clk = qemu_new_timer_ms(rtc_clock, omap_rtc_tick, s);
+s->clk = qemu_timer_new_ms(rtc_clock, omap_rtc_tick, s);
 
 omap_rtc_reset(s);
 
diff --git a/hw/arm/pxa2xx.c b/hw/arm/pxa2xx.c
index 17ddd3f..e1b2cea 100644
--- a/hw/arm/pxa2xx.c
+++ b/hw/arm/pxa2xx.c
@@ -842,7 +842,7 @@ static inline void pxa2xx_rtc_int_update(PXA2xxRTCState *s)
 
 static void pxa2xx_rtc_hzupdate(PXA2xxRTCState *s)
 {
-int64_t rt = qemu_get_clock_ms(rtc_clock);
+int64_t rt = qemu_clock_get_ms(rtc_clock);
 s->last_rcnr += ((rt - s->last_hz) << 15) /
 (1000 * ((s->rttr & 0x) + 1));
 s->last_rdcr += ((rt - s->last_hz) << 15) /
@@ -852,7 +852,7 @@ static void pxa2xx_rtc_hzupdate(PXA2xxRTCState *s)
 
 static void pxa2xx_rtc_swupdate(PXA2xxRTCState *s)
 {
-int64_t rt = qemu_get_clock_ms(rtc_clock);
+int64_t rt = qemu_clock_get_ms(rtc_clock);
 if (s->rtsr & (1 << 12))
 s->last_swcr += (rt - s->last_sw) / 10;
 s->last_sw = rt;
@@ -860,7 +860,7 @@ static void pxa2xx_rtc_swupdate(PXA2xxRTCState *s)
 
 static void pxa2xx_rtc_piupdate(PXA2xxRTCState *s)
 {
-int64_t rt = qemu_get_clock_ms(rtc_clock);
+int64_t rt = qemu_clock_get_ms(rtc_clock);
 if (s->rtsr & (1 << 15))
 s->last_swcr += rt - s->last_pi;
 s->last_pi = rt;
@@ -986,16 +986,19 @@ static uint64_t pxa2xx_rtc_read(void *opaque, hwaddr addr,
 case PIAR:
 return s->piar;
 case RCNR:
-return s->last_rcnr + ((qemu_get_clock_ms(rtc_clock) - s->last_hz) << 
15) /
-(1000 * ((s->rttr & 0x) + 1));
+return s->last_rcnr +
+((qemu_clock_get_ms(rtc_clock) - s->last_hz) << 15) /
+(1000 * ((s->rttr & 0x) + 1));
 case RDCR:
-return s->last_rdcr + ((qemu_get_clock_ms(rtc_clock) - s->last_hz) << 
15) /
-(1000 * ((s->rttr & 0x) + 1));
+return s->last_rdcr +
+((qemu_clock_get_ms(rtc_clock) - s->last_hz) << 15) /
+(1000 * ((s->rttr & 0x) + 1));
 case RYCR:
 return s->last_rycr;
 case SWCR:
 if (s->rtsr & (1 << 12))
-return s->last_swcr + (qemu_get_clock_ms(rtc_clock) - s->last_sw) 
/ 10;
+return s->last_swcr +
+(qemu_clock_get_ms(rtc_clock) - s->last_sw) / 10;
 else
 return s->last_swcr;
 default:
@@ -1135,14 +1138,14 @@ static int pxa2xx_rtc_init(SysBusDevice *dev)
 s->last_swcr = (tm.tm_hour << 19) |
 (tm.tm_min << 13) | (tm.tm_sec << 7);
 s->last_rtcpicr = 0;
-s->last_hz = s->last_sw = s->last_pi = qemu_get_clock_ms(rtc_clock);
-
-s->rtc_hz= qemu_new_timer_ms(rtc_clock, pxa2xx_rtc_hz_tick,s);
-s->rtc_rdal1 = qemu_new_timer_ms(rtc_clock, pxa2xx_rtc_rdal1_tick, s);
-s->rtc_rdal2 = qemu_new_timer_ms(rtc_clock, pxa2xx_rtc_rdal2_tick, s);
-s->rtc_swal1 = qemu_new_timer_ms(rtc_clock, pxa2xx_rtc_swal1_tick, s);
-s->rtc_swal2 = qemu_new_timer_ms(rtc_clock, pxa2xx_rtc_swal2_tick, s);
-s->rtc_pi= qemu_new_timer_ms(rtc_clock, pxa2xx_rtc_pi_tick,s);
+s->last_hz = s->last_sw = s->last_pi = qemu_clock_get_ms(rtc_clock);
+
+s->rtc_hz= qemu_timer_new_ms(rtc_clock, pxa2xx_rtc_hz_tick,s);
+s->rtc_rdal1 = qemu_timer_new_ms(rtc_clock, pxa2xx_rtc_rdal1_tick, s);
+s->rtc_rdal2 = qemu_timer_new_ms(rtc_clock, pxa2xx_rtc_rdal2_tick, s);
+s->rtc_swal1 = qemu_timer_new_ms(rtc_clock, pxa2xx_rtc_swal1_tick, s);
+s->rtc_swal2 = qemu_timer_new_ms(rtc_clock, pxa2xx_rtc_swal2_tick, s);
+s->rtc_pi= qemu_timer_new_ms(rtc_clock, pxa2xx_rtc_pi_tick,s);
 
 sysbus_init_irq(dev, &s->rtc_irq);
 
diff --git a/hw/arm/strongarm.c b/hw/arm/strongarm.c
index 82a9492..bd3fa8e 100644
--- a/hw/arm/strongarm.c
+++ b/h

[Qemu-devel] [RFC] [PATCHv8 26/30] aio / timers: convert block_job_sleep_ns and co_sleep_ns to new API

[Alex Bligh]

Convert block_job_sleep_ns and co_sleep_ns to use the new timer
API.

Signed-off-by: Alex Bligh 
---
 block/backup.c|4 ++--
 block/commit.c|2 +-
 block/mirror.c|4 ++--
 block/stream.c|2 +-
 blockjob.c|4 ++--
 include/block/blockjob.h  |2 +-
 include/block/coroutine.h |2 +-
 qemu-coroutine-sleep.c|   10 +-
 8 files changed, 15 insertions(+), 15 deletions(-)

diff --git a/block/backup.c b/block/backup.c
index 6ae8a05..e12b3b1 100644
--- a/block/backup.c
+++ b/block/backup.c
@@ -272,9 +272,9 @@ static void coroutine_fn backup_run(void *opaque)
 uint64_t delay_ns = ratelimit_calculate_delay(
 &job->limit, job->sectors_read);
 job->sectors_read = 0;
-block_job_sleep_ns(&job->common, rt_clock, delay_ns);
+block_job_sleep_ns(&job->common, QEMU_CLOCK_REALTIME, 
delay_ns);
 } else {
-block_job_sleep_ns(&job->common, rt_clock, 0);
+block_job_sleep_ns(&job->common, QEMU_CLOCK_REALTIME, 0);
 }
 
 if (block_job_is_cancelled(&job->common)) {
diff --git a/block/commit.c b/block/commit.c
index 2227fc2..51a1ab3 100644
--- a/block/commit.c
+++ b/block/commit.c
@@ -103,7 +103,7 @@ wait:
 /* Note that even when no rate limit is applied we need to yield
  * with no pending I/O here so that bdrv_drain_all() returns.
  */
-block_job_sleep_ns(&s->common, rt_clock, delay_ns);
+block_job_sleep_ns(&s->common, QEMU_CLOCK_REALTIME, delay_ns);
 if (block_job_is_cancelled(&s->common)) {
 break;
 }
diff --git a/block/mirror.c b/block/mirror.c
index bed4a7e..ead567e 100644
--- a/block/mirror.c
+++ b/block/mirror.c
@@ -439,13 +439,13 @@ static void coroutine_fn mirror_run(void *opaque)
 delay_ns = 0;
 }
 
-block_job_sleep_ns(&s->common, rt_clock, delay_ns);
+block_job_sleep_ns(&s->common, QEMU_CLOCK_REALTIME, delay_ns);
 if (block_job_is_cancelled(&s->common)) {
 break;
 }
 } else if (!should_complete) {
 delay_ns = (s->in_flight == 0 && cnt == 0 ? SLICE_TIME : 0);
-block_job_sleep_ns(&s->common, rt_clock, delay_ns);
+block_job_sleep_ns(&s->common, QEMU_CLOCK_REALTIME, delay_ns);
 } else if (cnt == 0) {
 /* The two disks are in sync.  Exit and report successful
  * completion.
diff --git a/block/stream.c b/block/stream.c
index 7fe9e48..0ef1b9d 100644
--- a/block/stream.c
+++ b/block/stream.c
@@ -110,7 +110,7 @@ wait:
 /* Note that even when no rate limit is applied we need to yield
  * with no pending I/O here so that bdrv_drain_all() returns.
  */
-block_job_sleep_ns(&s->common, rt_clock, delay_ns);
+block_job_sleep_ns(&s->common, QEMU_CLOCK_REALTIME, delay_ns);
 if (block_job_is_cancelled(&s->common)) {
 break;
 }
diff --git a/blockjob.c b/blockjob.c
index ca80df1..7edc945 100644
--- a/blockjob.c
+++ b/blockjob.c
@@ -187,7 +187,7 @@ int block_job_cancel_sync(BlockJob *job)
 return (data.cancelled && data.ret == 0) ? -ECANCELED : data.ret;
 }
 
-void block_job_sleep_ns(BlockJob *job, QEMUClock *clock, int64_t ns)
+void block_job_sleep_ns(BlockJob *job, QEMUClockType type, int64_t ns)
 {
 assert(job->busy);
 
@@ -200,7 +200,7 @@ void block_job_sleep_ns(BlockJob *job, QEMUClock *clock, 
int64_t ns)
 if (block_job_is_paused(job)) {
 qemu_coroutine_yield();
 } else {
-co_sleep_ns(clock, ns);
+co_sleep_ns(type, ns);
 }
 job->busy = true;
 }
diff --git a/include/block/blockjob.h b/include/block/blockjob.h
index c290d07..d530409 100644
--- a/include/block/blockjob.h
+++ b/include/block/blockjob.h
@@ -141,7 +141,7 @@ void *block_job_create(const BlockJobType *job_type, 
BlockDriverState *bs,
  * Put the job to sleep (assuming that it wasn't canceled) for @ns
  * nanoseconds.  Canceling the job will interrupt the wait immediately.
  */
-void block_job_sleep_ns(BlockJob *job, QEMUClock *clock, int64_t ns);
+void block_job_sleep_ns(BlockJob *job, QEMUClockType type, int64_t ns);
 
 /**
  * block_job_completed:
diff --git a/include/block/coroutine.h b/include/block/coroutine.h
index 9197bfb..a4d4055 100644
--- a/include/block/coroutine.h
+++ b/include/block/coroutine.h
@@ -214,7 +214,7 @@ void qemu_co_rwlock_unlock(CoRwlock *lock);
  * Note this function uses timers and hence only works when a main loop is in
  * use.  See main-loop.h and do not use from qemu-tool programs.
  */
-void coroutine_fn co_sleep_ns(QEMUClock *clock, int64_t ns);
+void coroutine_fn co_sleep_ns(QEMUClockType type, int64_t ns);
 
 /**
  * Yield until a file descriptor becomes readable
diff --git a/qemu-coroutine-sleep.c b/qemu-coroutine-sleep.c
index 169ce5c..d1919b3 100644
-

[Qemu-devel] [RFC] [PATCHv8 21/30] aio / timers: Remove legacy qemu_clock_deadline & qemu_timerlist_deadline

[Alex Bligh]

Remove qemu_clock_deadline and qemu_timerlist_deadline now we are using
the ns functions throughout.

Signed-off-by: Alex Bligh 
---
 include/qemu/timer.h |   16 
 qemu-timer.c |   20 
 2 files changed, 36 deletions(-)

diff --git a/include/qemu/timer.h b/include/qemu/timer.h
index f873d87..fedd7f1 100644
--- a/include/qemu/timer.h
+++ b/include/qemu/timer.h
@@ -126,7 +126,6 @@ bool qemu_clock_has_timers(QEMUClock *clock);
  * an expired timer
  */
 bool qemu_clock_expired(QEMUClock *clock);
-int64_t qemu_clock_deadline(QEMUClock *clock);
 
 /**
  * qemu_clock_deadline_ns:
@@ -229,21 +228,6 @@ bool timerlist_has_timers(QEMUTimerList *timer_list);
 bool timerlist_expired(QEMUTimerList *timer_list);
 
 /**
- * timerlist_deadline:
- * @timer_list: the timer list to operate on
- *
- * Determine the deadline for a timer_list. This is
- * a legacy function which returns INT32_MAX if the
- * timer list has no timers or if the earliest timer
- * expires later than INT32_MAX nanoseconds away.
- *
- * Returns: the number of nanoseconds until the earliest
- * timer expires or INT32_MAX in the situations listed
- * above
- */
-int64_t timerlist_deadline(QEMUTimerList *timer_list);
-
-/**
  * timerlist_deadline_ns:
  * @timer_list: the timer list to operate on
  *
diff --git a/qemu-timer.c b/qemu-timer.c
index 9dafc6c..81d5d8c 100644
--- a/qemu-timer.c
+++ b/qemu-timer.c
@@ -179,26 +179,6 @@ bool qemu_clock_expired(QEMUClock *clock)
 return timerlist_expired(clock->main_loop_timerlist);
 }
 
-int64_t timerlist_deadline(QEMUTimerList *timer_list)
-{
-/* To avoid problems with overflow limit this to 2^32.  */
-int64_t delta = INT32_MAX;
-
-if (timer_list->clock->enabled && timer_list->active_timers) {
-delta = timer_list->active_timers->expire_time -
-qemu_get_clock_ns(timer_list->clock);
-}
-if (delta < 0) {
-delta = 0;
-}
-return delta;
-}
-
-int64_t qemu_clock_deadline(QEMUClock *clock)
-{
-return timerlist_deadline(clock->main_loop_timerlist);
-}
-
 /*
  * As above, but return -1 for no deadline, and do not cap to 2^32
  * as we know the result is always positive.
-- 
1.7.9.5

[Qemu-devel] [RFC] [PATCHv8 24/30] aio / timers: Remove main_loop_timerlist

[Alex Bligh]

Now we have timerlistgroups implemented and main_loop_tlg, we
no longer need the concept of a default timer list associated
with each clock. Remove it and simplify initialisation of
clocks and timer lists.

Signed-off-by: Alex Bligh 
---
 include/qemu/timer.h |6 +-
 qemu-timer.c |   58 ++
 2 files changed, 26 insertions(+), 38 deletions(-)

diff --git a/include/qemu/timer.h b/include/qemu/timer.h
index e8787c1..56d4f4f 100644
--- a/include/qemu/timer.h
+++ b/include/qemu/timer.h
@@ -51,7 +51,6 @@ typedef void QEMUTimerCB(void *opaque);
 typedef void QEMUTimerListNotifyCB(void *opaque);
 
 extern QEMUTimerListGroup main_loop_tlg;
-extern QEMUClock *qemu_clocks[QEMU_CLOCK_MAX];
 
 /*
  * QEMUClock & QEMUClockType
@@ -65,10 +64,7 @@ extern QEMUClock *qemu_clocks[QEMU_CLOCK_MAX];
  *
  * Returns: a pointer to the QEMUClock object
  */
-static inline QEMUClock *qemu_clock_ptr(QEMUClockType type)
-{
-return qemu_clocks[type];
-}
+QEMUClock *qemu_clock_ptr(QEMUClockType type);
 
 /**
  * qemu_clock_get_ns;
diff --git a/qemu-timer.c b/qemu-timer.c
index bcd6d62..9d6 100644
--- a/qemu-timer.c
+++ b/qemu-timer.c
@@ -45,7 +45,6 @@
 /* timers */
 
 struct QEMUClock {
-QEMUTimerList *main_loop_timerlist;
 QLIST_HEAD(, QEMUTimerList) timerlists;
 
 NotifierList reset_notifiers;
@@ -56,7 +55,7 @@ struct QEMUClock {
 };
 
 QEMUTimerListGroup main_loop_tlg;
-QEMUClock *qemu_clocks[QEMU_CLOCK_MAX];
+QEMUClock qemu_clocks[QEMU_CLOCK_MAX];
 
 /* A QEMUTimerList is a list of timers attached to a clock. More
  * than one QEMUTimerList can be attached to each clock, for instance
@@ -82,22 +81,28 @@ struct QEMUTimer {
 int scale;
 };
 
+/**
+ * qemu_clock_ptr:
+ * @type: type of clock
+ *
+ * Translate a clock type into a pointer to QEMUClock object.
+ *
+ * Returns: a pointer to the QEMUClock object
+ */
+QEMUClock *qemu_clock_ptr(QEMUClockType type)
+{
+return &qemu_clocks[type];
+}
+
 static bool timer_expired_ns(QEMUTimer *timer_head, int64_t current_time)
 {
 return timer_head && (timer_head->expire_time <= current_time);
 }
 
-static QEMUTimerList *timerlist_new_from_clock(QEMUClock *clock)
+QEMUTimerList *timerlist_new(QEMUClockType type)
 {
 QEMUTimerList *timer_list;
-
-/* Assert if we do not have a clock. If you see this
- * assertion in means that the clocks have not been
- * initialised before a timerlist is needed. This
- * normally happens if an AioContext is used before
- * init_clocks() is called within main().
- */
-assert(clock);
+QEMUClock *clock = qemu_clock_ptr(type);
 
 timer_list = g_malloc0(sizeof(QEMUTimerList));
 timer_list->clock = clock;
@@ -105,34 +110,24 @@ static QEMUTimerList *timerlist_new_from_clock(QEMUClock 
*clock)
 return timer_list;
 }
 
-QEMUTimerList *timerlist_new(QEMUClockType type)
-{
-return timerlist_new_from_clock(qemu_clock_ptr(type));
-}
-
 void timerlist_free(QEMUTimerList *timer_list)
 {
 assert(!timerlist_has_timers(timer_list));
 if (timer_list->clock) {
 QLIST_REMOVE(timer_list, list);
-if (timer_list->clock->main_loop_timerlist == timer_list) {
-timer_list->clock->main_loop_timerlist = NULL;
-}
 }
 g_free(timer_list);
 }
 
-static QEMUClock *qemu_clock_new(QEMUClockType type)
+static void qemu_clock_init(QEMUClockType type)
 {
-QEMUClock *clock;
+QEMUClock *clock = qemu_clock_ptr(type);
 
-clock = g_malloc0(sizeof(QEMUClock));
 clock->type = type;
 clock->enabled = true;
 clock->last = INT64_MIN;
 notifier_list_init(&clock->reset_notifiers);
-clock->main_loop_timerlist = timerlist_new_from_clock(clock);
-return clock;
+main_loop_tlg[type] = timerlist_new(type);
 }
 
 bool qemu_clock_use_for_deadline(QEMUClockType type)
@@ -167,7 +162,7 @@ bool timerlist_has_timers(QEMUTimerList *timer_list)
 bool qemu_clock_has_timers(QEMUClockType type)
 {
 return timerlist_has_timers(
-qemu_clock_ptr(type)->main_loop_timerlist);
+main_loop_tlg[type]);
 }
 
 bool timerlist_expired(QEMUTimerList *timer_list)
@@ -180,7 +175,7 @@ bool timerlist_expired(QEMUTimerList *timer_list)
 bool qemu_clock_expired(QEMUClockType type)
 {
 return timerlist_expired(
-qemu_clock_ptr(type)->main_loop_timerlist);
+main_loop_tlg[type]);
 }
 
 /*
@@ -230,7 +225,7 @@ QEMUClockType timerlist_get_clock(QEMUTimerList *timer_list)
 
 QEMUTimerList *qemu_clock_get_main_loop_timerlist(QEMUClockType type)
 {
-return qemu_clock_ptr(type)->main_loop_timerlist;
+return main_loop_tlg[type];
 }
 
 void timerlist_set_notify_cb(QEMUTimerList *timer_list,
@@ -313,7 +308,7 @@ QEMUTimer *timer_new(QEMUTimerList *timer_list, int scale,
 QEMUTimer *qemu_new_timer(QEMUClock *clock, int scale,
   QEMUTimerCB *cb, void *opaque)
 {
-return timer_new(clock->main_loop_timerlist,
+return timer_new(main_loop_tlg[clock->type],

[Qemu-devel] [RFC] [PATCHv8 19/30] aio / timers: Add documentation and new format calls

[Alex Bligh]

Add documentation for existing qemu timer calls. Add new format
calls of the format qemu_timer_XXX rather than qemu_XXX_timer
for consistency.

Signed-off-by: Alex Bligh 
---
 configure|   18 +
 include/qemu/timer.h |  215 +-
 2 files changed, 231 insertions(+), 2 deletions(-)

diff --git a/configure b/configure
index 5659412..0a55c20 100755
--- a/configure
+++ b/configure
@@ -2834,6 +2834,21 @@ if compile_prog "" "" ; then
   ppoll=yes
 fi
 
+# check for prctl(PR_SET_TIMERSLACK , ... ) support
+prctl_pr_set_timerslack=no
+cat > $TMPC << EOF
+#include 
+
+int main(void)
+{
+prctl(PR_SET_TIMERSLACK, 1, 0, 0, 0);
+return 0;
+}
+EOF
+if compile_prog "" "" ; then
+  prctl_pr_set_timerslack=yes
+fi
+
 # check for epoll support
 epoll=no
 cat > $TMPC << EOF
@@ -3833,6 +3848,9 @@ fi
 if test "$ppoll" = "yes" ; then
   echo "CONFIG_PPOLL=y" >> $config_host_mak
 fi
+if test "$prctl_pr_set_timerslack" = "yes" ; then
+  echo "CONFIG_PRCTL_PR_SET_TIMERSLACK=y" >> $config_host_mak
+fi
 if test "$epoll" = "yes" ; then
   echo "CONFIG_EPOLL=y" >> $config_host_mak
 fi
diff --git a/include/qemu/timer.h b/include/qemu/timer.h
index 7a44741..9003688 100644
--- a/include/qemu/timer.h
+++ b/include/qemu/timer.h
@@ -79,8 +79,52 @@ static inline QEMUClock *qemu_clock_ptr(QEMUClockType type)
 #define vm_clock (qemu_clock_ptr(QEMU_CLOCK_VIRTUAL))
 #define host_clock (qemu_clock_ptr(QEMU_CLOCK_HOST))
 
+/**
+ * qemu_get_clock_ns:
+ * @clock: the clock to operate on
+ *
+ * Get the nanosecond value of a clock
+ *
+ * Returns: the clock value in nanoseconds
+ */
 int64_t qemu_get_clock_ns(QEMUClock *clock);
+
+/**
+ * qemu_clock_get_ns;
+ * @type: the clock type
+ *
+ * Get the nanosecond value of a clock with
+ * type @type
+ *
+ * Returns: the clock value in nanoseconds
+ */
+static inline int64_t qemu_clock_get_ns(QEMUClockType type)
+{
+return qemu_get_clock_ns(qemu_clock_ptr(type));
+}
+
+/**
+ * qemu_clock_has_timers:
+ * @clock: the clock to operate on
+ *
+ * Determines whether a clock's default timer list
+ * has timers attached
+ *
+ * Returns: true if the clock's default timer list
+ * has timers attached
+ */
 bool qemu_clock_has_timers(QEMUClock *clock);
+
+/**
+ * qemu_clock_expired:
+ * @clock: the clock to operate on
+ *
+ * Determines whether a clock's default timer list
+ * has an expired clock.
+ *
+ * Returns: true if the clock's default timer list has
+ * an expired timer
+ */
 bool qemu_clock_expired(QEMUClock *clock);
 int64_t qemu_clock_deadline(QEMUClock *clock);
 
@@ -293,7 +337,7 @@ void timerlistgroup_deinit(QEMUTimerListGroup tlg);
 bool timerlistgroup_run_timers(QEMUTimerListGroup tlg);
 
 /**
- * timerlistgroup_deadline_ns
+ * timerlistgroup_deadline_ns:
  * @tlg: the timer list group
  *
  * Determine the deadline of the soonest timer to
@@ -329,13 +373,57 @@ int qemu_timeout_ns_to_ms(int64_t ns);
  * Returns: number of fds ready
  */
 int qemu_poll_ns(GPollFD *fds, uint nfds, int64_t timeout);
+
+/**
+ * qemu_clock_enable:
+ * @clock: the clock to operate on
+ * @enabled: true to enable, false to disable
+ *
+ * Enable or disable a clock
+ */
 void qemu_clock_enable(QEMUClock *clock, bool enabled);
+
+/**
+ * qemu_clock_warp:
+ * @clock: the clock to operate on
+ *
+ * Warp a clock to a new value
+ */
 void qemu_clock_warp(QEMUClock *clock);
 
+/**
+ * qemu_register_clock_reset_notifier:
+ * @clock: the clock to operate on
+ * @notifier: the notifier function
+ *
+ * Register a notifier function to call when the clock
+ * concerned is reset.
+ */
 void qemu_register_clock_reset_notifier(QEMUClock *clock, Notifier *notifier);
+
+/**
+ * qemu_unregister_clock_reset_notifier:
+ * @clock: the clock to operate on
+ * @notifier: the notifier function
+ *
+ * Unregister a notifier function to call when the clock
+ * concerned is reset.
+ */
 void qemu_unregister_clock_reset_notifier(QEMUClock *clock,
   Notifier *notifier);
 
+/**
+ * qemu_new_timer:
+ * @clock: the clock to operate on
+ * @scale: the scale of the clock
+ * @cb: the callback function to call when the timer expires
+ * @opaque: an opaque pointer to pass to the callback
+ *
+ * Produce a new timer attached to clock @clock. This is a legacy
+ * function. Use qemu_timer_new instead.
+ *
+ * Returns: a pointer to the new timer allocated.
+ */
 QEMUTimer *qemu_new_timer(QEMUClock *clock, int scale,
   QEMUTimerCB *cb, void *opaque);
 
@@ -371,12 +459,129 @@ static inline QEMUTimer *qemu_timer_new(QEMUClockType 
type, int scale,
 return timer_new(main_loop_tlg[type], scale, cb, opaque);
 }
 
+/**
+ * qemu_free_timer:
+ * @ts: the timer to operate on
+ *
+ * free the timer @ts. @ts must not be active.
+ *
+ * This is a legacy function. Use qemu_timer_free instead.
+ */
 void qemu_free_timer(QEMUTimer *ts);
+
+/**
+ * qemu_timer_free:
+ * @ts: the timer to operate on
+ *
+ * free the timer @ts. @ts must not b

[Qemu-devel] [RFC] [PATCHv8 20/30] aio / timers: Remove alarm timers

[Alex Bligh]

Remove alarm timers from qemu-timers.c now we use g_poll / ppoll
instead.

Signed-off-by: Alex Bligh 
---
 include/qemu/timer.h |3 -
 main-loop.c  |4 -
 qemu-timer.c |  500 +-
 vl.c |4 +-
 4 files changed, 4 insertions(+), 507 deletions(-)

diff --git a/include/qemu/timer.h b/include/qemu/timer.h
index 9003688..f873d87 100644
--- a/include/qemu/timer.h
+++ b/include/qemu/timer.h
@@ -694,9 +694,6 @@ bool qemu_run_timers(QEMUClock *clock);
  */
 bool qemu_run_all_timers(void);
 
-void configure_alarms(char const *opt);
-int init_timer_alarm(void);
-
 /**
  * initclocks:
  *
diff --git a/main-loop.c b/main-loop.c
index 00e54bd..d9ad6c7 100644
--- a/main-loop.c
+++ b/main-loop.c
@@ -131,10 +131,6 @@ int qemu_init_main_loop(void)
 GSource *src;
 
 init_clocks();
-if (init_timer_alarm() < 0) {
-fprintf(stderr, "could not initialize alarm timer\n");
-exit(1);
-}
 
 ret = qemu_signal_init();
 if (ret) {
diff --git a/qemu-timer.c b/qemu-timer.c
index 9a92c50..9dafc6c 100644
--- a/qemu-timer.c
+++ b/qemu-timer.c
@@ -33,10 +33,6 @@
 #include 
 #endif
 
-#ifdef _WIN32
-#include 
-#endif
-
 #ifdef CONFIG_PPOLL
 #include 
 #endif
@@ -86,174 +82,11 @@ struct QEMUTimer {
 int scale;
 };
 
-struct qemu_alarm_timer {
-char const *name;
-int (*start)(struct qemu_alarm_timer *t);
-void (*stop)(struct qemu_alarm_timer *t);
-void (*rearm)(struct qemu_alarm_timer *t, int64_t nearest_delta_ns);
-#if defined(__linux__)
-timer_t timer;
-int fd;
-#elif defined(_WIN32)
-HANDLE timer;
-#endif
-bool expired;
-bool pending;
-};
-
-static struct qemu_alarm_timer *alarm_timer;
-
 static bool qemu_timer_expired_ns(QEMUTimer *timer_head, int64_t current_time)
 {
 return timer_head && (timer_head->expire_time <= current_time);
 }
 
-static int64_t qemu_next_alarm_deadline(void)
-{
-int64_t delta = INT64_MAX;
-int64_t rtdelta;
-int64_t hdelta;
-
-if (!use_icount && vm_clock->enabled &&
-vm_clock->main_loop_timerlist->active_timers) {
-delta = vm_clock->main_loop_timerlist->active_timers->expire_time -
-qemu_get_clock_ns(vm_clock);
-}
-if (host_clock->enabled &&
-host_clock->main_loop_timerlist->active_timers) {
-hdelta = host_clock->main_loop_timerlist->active_timers->expire_time -
-qemu_get_clock_ns(host_clock);
-if (hdelta < delta) {
-delta = hdelta;
-}
-}
-if (rt_clock->enabled &&
-rt_clock->main_loop_timerlist->active_timers) {
-rtdelta = (rt_clock->main_loop_timerlist->active_timers->expire_time -
-   qemu_get_clock_ns(rt_clock));
-if (rtdelta < delta) {
-delta = rtdelta;
-}
-}
-
-return delta;
-}
-
-static void qemu_rearm_alarm_timer(struct qemu_alarm_timer *t)
-{
-int64_t nearest_delta_ns = qemu_next_alarm_deadline();
-if (nearest_delta_ns < INT64_MAX) {
-t->rearm(t, nearest_delta_ns);
-}
-}
-
-/* TODO: MIN_TIMER_REARM_NS should be optimized */
-#define MIN_TIMER_REARM_NS 25
-
-#ifdef _WIN32
-
-static int mm_start_timer(struct qemu_alarm_timer *t);
-static void mm_stop_timer(struct qemu_alarm_timer *t);
-static void mm_rearm_timer(struct qemu_alarm_timer *t, int64_t delta);
-
-static int win32_start_timer(struct qemu_alarm_timer *t);
-static void win32_stop_timer(struct qemu_alarm_timer *t);
-static void win32_rearm_timer(struct qemu_alarm_timer *t, int64_t delta);
-
-#else
-
-static int unix_start_timer(struct qemu_alarm_timer *t);
-static void unix_stop_timer(struct qemu_alarm_timer *t);
-static void unix_rearm_timer(struct qemu_alarm_timer *t, int64_t delta);
-
-#ifdef __linux__
-
-static int dynticks_start_timer(struct qemu_alarm_timer *t);
-static void dynticks_stop_timer(struct qemu_alarm_timer *t);
-static void dynticks_rearm_timer(struct qemu_alarm_timer *t, int64_t delta);
-
-#endif /* __linux__ */
-
-#endif /* _WIN32 */
-
-static struct qemu_alarm_timer alarm_timers[] = {
-#ifndef _WIN32
-#ifdef __linux__
-{"dynticks", dynticks_start_timer,
- dynticks_stop_timer, dynticks_rearm_timer},
-#endif
-{"unix", unix_start_timer, unix_stop_timer, unix_rearm_timer},
-#else
-{"mmtimer", mm_start_timer, mm_stop_timer, mm_rearm_timer},
-{"dynticks", win32_start_timer, win32_stop_timer, win32_rearm_timer},
-#endif
-{NULL, }
-};
-
-static void show_available_alarms(void)
-{
-int i;
-
-printf("Available alarm timers, in order of precedence:\n");
-for (i = 0; alarm_timers[i].name; i++)
-printf("%s\n", alarm_timers[i].name);
-}
-
-void configure_alarms(char const *opt)
-{
-int i;
-int cur = 0;
-int count = ARRAY_SIZE(alarm_timers) - 1;
-char *arg;
-char *name;
-struct qemu_alarm_timer tmp;
-
-if (is_help_option(opt)) {
-show_available_alarms();
-exit(0);
-}
-
-arg = g_strd

[Qemu-devel] [RFC] [PATCHv8 17/30] aio / timers: Introduce new API qemu_timer_new and friends

[Alex Bligh]

Introduce new API for creating timers - qemu_timer_new and
_ns, _ms, _us derivatives.

Signed-off-by: Alex Bligh 
---
 include/qemu/timer.h |   69 ++
 1 file changed, 69 insertions(+)

diff --git a/include/qemu/timer.h b/include/qemu/timer.h
index 68f76df..da9ead3 100644
--- a/include/qemu/timer.h
+++ b/include/qemu/timer.h
@@ -340,6 +340,24 @@ QEMUTimer *qemu_new_timer(QEMUClock *clock, int scale,
 QEMUTimer *timer_new(QEMUTimerList *timer_list, int scale,
  QEMUTimerCB *cb, void *opaque);
 
+/**
+ * qemu_timer_new:
+ * @type: the clock type to use
+ * @scale: the scale value for the tiemr
+ * @cb: the callback to be called when the timer expires
+ * @opaque: the opaque pointer to be passed to the callback
+ *
+ * Creeate a new timer and associate it with the default
+ * timer list for the clock type @type.
+ *
+ * Returns: a pointer to the timer
+ */
+static inline QEMUTimer *qemu_timer_new(QEMUClockType type, int scale,
+QEMUTimerCB *cb, void *opaque)
+{
+return timer_new(main_loop_tlg[type], scale, cb, opaque);
+}
+
 void qemu_free_timer(QEMUTimer *ts);
 void qemu_del_timer(QEMUTimer *ts);
 void qemu_mod_timer_ns(QEMUTimer *ts, int64_t expire_time);
@@ -503,6 +521,23 @@ static inline QEMUTimer *qemu_new_timer_ns(QEMUClock 
*clock, QEMUTimerCB *cb,
 }
 
 /**
+ * qemu_timer_new_ns:
+ * @clock: the clock to associate with the timer
+ * @callback: the callback to call when the timer expires
+ * @opaque: the opaque pointer to pass to the callback
+ *
+ * Create a new timer with nanosecond scale on the default timer list
+ * associated with the clock.
+ *
+ * Returns: a pointer to the newly created timer
+ */
+static inline QEMUTimer *qemu_timer_new_ns(QEMUClockType type, QEMUTimerCB *cb,
+   void *opaque)
+{
+return qemu_timer_new(type, SCALE_NS, cb, opaque);
+}
+
+/**
  * timer_new_ns:
  * @timer_list: the timer list to associate with the timer
  * @callback: the callback to call when the timer expires
@@ -539,6 +574,23 @@ static inline QEMUTimer *qemu_new_timer_us(QEMUClock 
*clock,
 }
 
 /**
+ * qemu_timer_new_us:
+ * @clock: the clock to associate with the timer
+ * @callback: the callback to call when the timer expires
+ * @opaque: the opaque pointer to pass to the callback
+ *
+ * Create a new timer with microsecond scale on the default timer list
+ * associated with the clock.
+ *
+ * Returns: a pointer to the newly created timer
+ */
+static inline QEMUTimer *qemu_timer_new_us(QEMUClockType type, QEMUTimerCB *cb,
+   void *opaque)
+{
+return qemu_timer_new(type, SCALE_US, cb, opaque);
+}
+
+/**
  * timer_new_us:
  * @timer_list: the timer list to associate with the timer
  * @callback: the callback to call when the timer expires
@@ -575,6 +627,23 @@ static inline QEMUTimer *qemu_new_timer_ms(QEMUClock 
*clock,
 }
 
 /**
+ * qemu_timer_new_ms:
+ * @clock: the clock to associate with the timer
+ * @callback: the callback to call when the timer expires
+ * @opaque: the opaque pointer to pass to the callback
+ *
+ * Create a new timer with millisecond scale on the default timer list
+ * associated with the clock.
+ *
+ * Returns: a pointer to the newly created timer
+ */
+static inline QEMUTimer *qemu_timer_new_ms(QEMUClockType type, QEMUTimerCB *cb,
+   void *opaque)
+{
+return qemu_timer_new(type, SCALE_MS, cb, opaque);
+}
+
+/**
  * timer_new_ms:
  * @timer_list: the timer list to associate with the timer
  * @callback: the callback to call when the timer expires
-- 
1.7.9.5

[Qemu-devel] [RFC] [PATCHv8 16/30] aio / timers: On timer modification, qemu_notify or aio_notify

[Alex Bligh]

On qemu_mod_timer_ns, ensure qemu_notify or aio_notify is called to
end the appropriate poll(), irrespective of use_icount value.

On qemu_clock_enable, ensure qemu_notify or aio_notify is called for
all QEMUTimerLists attached to the QEMUClock.

Signed-off-by: Alex Bligh 
---
 include/qemu/timer.h |9 +
 qemu-timer.c |   13 ++---
 2 files changed, 19 insertions(+), 3 deletions(-)

diff --git a/include/qemu/timer.h b/include/qemu/timer.h
index 07e6d9e..68f76df 100644
--- a/include/qemu/timer.h
+++ b/include/qemu/timer.h
@@ -122,6 +122,15 @@ bool qemu_clock_use_for_deadline(QEMUClock *clock);
 QEMUTimerList *qemu_clock_get_main_loop_timerlist(QEMUClock *clock);
 
 /**
+ * qemu_clock_nofify:
+ * @clock: the clock to operate on
+ *
+ * Call the notifier callback connected with the default timer
+ * list linked to the clock, or qemu_notify() if none.
+ */
+void qemu_clock_notify(QEMUClock *clock);
+
+/**
  * timerlist_new:
  * @type: the clock type to associate with the timerlist
  *
diff --git a/qemu-timer.c b/qemu-timer.c
index 14cb433..4b162e1 100644
--- a/qemu-timer.c
+++ b/qemu-timer.c
@@ -307,11 +307,20 @@ bool qemu_clock_use_for_deadline(QEMUClock *clock)
 return !(use_icount && (clock->type == QEMU_CLOCK_VIRTUAL));
 }
 
+void qemu_clock_notify(QEMUClock *clock)
+{
+QEMUTimerList *timer_list;
+QLIST_FOREACH(timer_list, &clock->timerlists, list) {
+timerlist_notify(timer_list);
+}
+}
+
 void qemu_clock_enable(QEMUClock *clock, bool enabled)
 {
 bool old = clock->enabled;
 clock->enabled = enabled;
 if (enabled && !old) {
+qemu_clock_notify(clock);
 qemu_rearm_alarm_timer(alarm_timer);
 }
 }
@@ -535,9 +544,7 @@ void qemu_mod_timer_ns(QEMUTimer *ts, int64_t expire_time)
 }
 /* Interrupt execution to force deadline recalculation.  */
 qemu_clock_warp(ts->timer_list->clock);
-if (use_icount) {
-timerlist_notify(ts->timer_list);
-}
+timerlist_notify(ts->timer_list);
 }
 }
 
-- 
1.7.9.5

[Qemu-devel] [RFC] [PATCHv8 30/30] aio / timers: Remove legacy interface

[Alex Bligh]

Remove the legacy interface from include/qemu/timers.h.

Ensure struct QEMUClock is not exposed at all.

Signed-off-by: Alex Bligh 
---
 include/qemu/timer.h |  216 +-
 qemu-timer.c |   35 +---
 2 files changed, 5 insertions(+), 246 deletions(-)

diff --git a/include/qemu/timer.h b/include/qemu/timer.h
index 56d4f4f..452cc01 100644
--- a/include/qemu/timer.h
+++ b/include/qemu/timer.h
@@ -44,7 +44,6 @@ typedef enum {
 QEMU_CLOCK_MAX
 } QEMUClockType;
 
-typedef struct QEMUClock QEMUClock;
 typedef struct QEMUTimerList QEMUTimerList;
 typedef QEMUTimerList *QEMUTimerListGroup[QEMU_CLOCK_MAX];
 typedef void QEMUTimerCB(void *opaque);
@@ -53,20 +52,10 @@ typedef void QEMUTimerListNotifyCB(void *opaque);
 extern QEMUTimerListGroup main_loop_tlg;
 
 /*
- * QEMUClock & QEMUClockType
+ * QEMUClockType
  */
 
-/**
- * qemu_clock_ptr:
- * @type: type of clock
- *
- * Translate a clock type into a pointer to QEMUClock object.
- *
- * Returns: a pointer to the QEMUClock object
- */
-QEMUClock *qemu_clock_ptr(QEMUClockType type);
-
-/**
+/*
  * qemu_clock_get_ns;
  * @type: the clock type
  *
@@ -776,207 +765,6 @@ static inline int64_t get_ticks_per_sec(void)
 return 10LL;
 }
 
-/**
- * LEGACY API SECTION
- *
- * All these calls will be deleted in due course
- */
-
-/* These three clocks are maintained here with separate variable
- * names for compatibility only.
- */
-#define rt_clock (qemu_clock_ptr(QEMU_CLOCK_REALTIME))
-#define vm_clock (qemu_clock_ptr(QEMU_CLOCK_VIRTUAL))
-#define host_clock (qemu_clock_ptr(QEMU_CLOCK_HOST))
-
-/** LEGACY
- * qemu_get_clock_ns:
- * @clock: the clock to operate on
- *
- * Get the nanosecond value of a clock
- *
- * Returns: the clock value in nanoseconds
- */
-int64_t qemu_get_clock_ns(QEMUClock *clock);
-
-/** LEGACY
- * qemu_get_clock_ms:
- * @clock: the clock to operate on
- *
- * Get the millisecond value of a clock
- *
- * Returns: the clock value in milliseconds
- */
-static inline int64_t qemu_get_clock_ms(QEMUClock *clock)
-{
-return qemu_get_clock_ns(clock) / SCALE_MS;
-}
-
-/** LEGACY
- * qemu_register_clock_reset_notifier:
- * @clock: the clock to operate on
- * @notifier: the notifier function
- *
- * Register a notifier function to call when the clock
- * concerned is reset.
- */
-void qemu_register_clock_reset_notifier(QEMUClock *clock,
-Notifier *notifier);
-
-/** LEGACY
- * qemu_unregister_clock_reset_notifier:
- * @clock: the clock to operate on
- * @notifier: the notifier function
- *
- * Unregister a notifier function to call when the clock
- * concerned is reset.
- */
-void qemu_unregister_clock_reset_notifier(QEMUClock *clock,
-  Notifier *notifier);
-
-/** LEGACY
- * qemu_new_timer:
- * @clock: the clock to operate on
- * @scale: the scale of the clock
- * @cb: the callback function to call when the timer expires
- * @opaque: an opaque pointer to pass to the callback
- *
- * Produce a new timer attached to clock @clock. This is a legacy
- * function. Use qemu_timer_new instead.
- *
- * Returns: a pointer to the new timer allocated.
- */
-QEMUTimer *qemu_new_timer(QEMUClock *clock, int scale,
-  QEMUTimerCB *cb, void *opaque);
-
-/** LEGACY
- * qemu_free_timer:
- * @ts: the timer to operate on
- *
- * free the timer @ts. @ts must not be active.
- *
- * This is a legacy function. Use qemu_timer_free instead.
- */
-static inline void qemu_free_timer(QEMUTimer *ts)
-{
-timer_free(ts);
-}
-
-/** LEGACY
- * qemu_del_timer:
- * @ts: the timer to operate on
- *
- * Delete a timer. This makes it inactive. It does not free
- * memory.
- *
- * This is a legacy function. Use qemu_timer_del instead.
- */
-static inline void qemu_del_timer(QEMUTimer *ts)
-{
-timer_del(ts);
-}
-
-/** LEGACY
- * qemu_mod_timer_ns:
- * @ts: the timer to operate on
- * @expire_time: the expiry time in nanoseconds
- *
- * Modify a timer such that the expiry time is @expire_time
- * as measured in nanoseconds
- *
- * This is a legacy function. Use qemu_timer_mod_ns.
- */
-static inline void qemu_mod_timer_ns(QEMUTimer *ts, int64_t expire_time)
-{
-timer_mod_ns(ts, expire_time);
-}
-
-/** LEGACY
- * qemu_mod_timer:
- * @ts: the timer to operate on
- * @expire_time: the expiry time
- *
- * Modify a timer such that the expiry time is @expire_time
- * as measured in the timer's scale
- *
- * This is a legacy function. Use qemu_timer_mod.
- */
-static inline void qemu_mod_timer(QEMUTimer *ts, int64_t expire_time)
-{
-timer_mod(ts, expire_time);
-}
-
-/** LEGACY
- * qemu_run_timers:
- * @clock: clock on which to operate
- *
- * Run all the timers associated with the default timer list
- * of a clock.
- *
- * Returns: true if any timer ran.
- */
-bool qemu_run_timers(QEMUClock *clock);
-
-/** LEGACY
- * qemu_new_timer_ns:
- * @clock: the clock to associate wi

[Qemu-devel] [RFC] [PATCHv8 09/30] aio / timers: Add QEMUTimerListGroup and helper functions

[Alex Bligh]

Add QEMUTimerListGroup and helper functions, to represent
a QEMUTimerList associated with each clock. Add a default
QEMUTimerListGroup representing the default timer lists
which are not associated with any other object (e.g.
an AioContext as added by future patches).

Signed-off-by: Alex Bligh 
---
 include/qemu/timer.h |   45 +
 qemu-timer.c |   41 +
 2 files changed, 86 insertions(+)

diff --git a/include/qemu/timer.h b/include/qemu/timer.h
index 1baa0e2..3b46f60 100644
--- a/include/qemu/timer.h
+++ b/include/qemu/timer.h
@@ -52,8 +52,10 @@ typedef enum {
 
 typedef struct QEMUClock QEMUClock;
 typedef struct QEMUTimerList QEMUTimerList;
+typedef QEMUTimerList *QEMUTimerListGroup[QEMU_CLOCK_MAX];
 typedef void QEMUTimerCB(void *opaque);
 
+extern QEMUTimerListGroup main_loop_tlg;
 extern QEMUClock *qemu_clocks[QEMU_CLOCK_MAX];
 
 /**
@@ -211,6 +213,49 @@ QEMUClock *timerlist_get_clock(QEMUTimerList *timer_list);
 bool timerlist_run_timers(QEMUTimerList *timer_list);
 
 /**
+ * timerlistgroup_init:
+ * @tlg: the timer list group
+ *
+ * Initialise a timer list group. This must already be
+ * allocated in memory and zeroed.
+ */
+void timerlistgroup_init(QEMUTimerListGroup tlg);
+
+/**
+ * timerlistgroup_deinit:
+ * @tlg: the timer list group
+ *
+ * Deinitialise a timer list group. This must already be
+ * initialised. Note the memory is not freed.
+ */
+void timerlistgroup_deinit(QEMUTimerListGroup tlg);
+
+/**
+ * timerlistgroup_run_timers:
+ * @tlg: the timer list group
+ *
+ * Run the timers associated with a timer list group.
+ * This will run timers on multiple clocks.
+ *
+ * Returns: true if any timer callback ran
+ */
+bool timerlistgroup_run_timers(QEMUTimerListGroup tlg);
+
+/**
+ * timerlistgroup_deadline_ns
+ * @tlg: the timer list group
+ *
+ * Determine the deadline of the soonest timer to
+ * expire associated with any timer list linked to
+ * the timer list group. Only clocks suitable for
+ * deadline calculation are included.
+ *
+ * Returns: the deadline in nanoseconds or -1 if no
+ * timers are to expire.
+ */
+int64_t timerlistgroup_deadline_ns(QEMUTimerListGroup tlg);
+
+/**
  * qemu_timeout_ns_to_ms:
  * @ns: nanosecond timeout value
  *
diff --git a/qemu-timer.c b/qemu-timer.c
index 1a0a4b1..e151d24 100644
--- a/qemu-timer.c
+++ b/qemu-timer.c
@@ -59,6 +59,7 @@ struct QEMUClock {
 bool enabled;
 };
 
+QEMUTimerListGroup main_loop_tlg;
 QEMUClock *qemu_clocks[QEMU_CLOCK_MAX];
 
 /* A QEMUTimerList is a list of timers attached to a clock. More
@@ -575,6 +576,45 @@ bool qemu_run_timers(QEMUClock *clock)
 return timerlist_run_timers(clock->main_loop_timerlist);
 }
 
+void timerlistgroup_init(QEMUTimerListGroup tlg)
+{
+QEMUClockType type;
+for (type = 0; type < QEMU_CLOCK_MAX; type++) {
+tlg[type] = timerlist_new(type);
+}
+}
+
+void timerlistgroup_deinit(QEMUTimerListGroup tlg)
+{
+QEMUClockType type;
+for (type = 0; type < QEMU_CLOCK_MAX; type++) {
+timerlist_free(tlg[type]);
+}
+}
+
+bool timerlistgroup_run_timers(QEMUTimerListGroup tlg)
+{
+QEMUClockType type;
+bool progress = false;
+for (type = 0; type < QEMU_CLOCK_MAX; type++) {
+progress |= timerlist_run_timers(tlg[type]);
+}
+return progress;
+}
+
+int64_t timerlistgroup_deadline_ns(QEMUTimerListGroup tlg)
+{
+int64_t deadline = -1;
+QEMUClockType type;
+for (type = 0; type < QEMU_CLOCK_MAX; type++) {
+if (qemu_clock_use_for_deadline(tlg[type]->clock)) {
+deadline = qemu_soonest_timeout(deadline,
+timerlist_deadline_ns(tlg[type]));
+}
+}
+return deadline;
+}
+
 int64_t qemu_get_clock_ns(QEMUClock *clock)
 {
 int64_t now, last;
@@ -616,6 +656,7 @@ void init_clocks(void)
 for (type = 0; type < QEMU_CLOCK_MAX; type++) {
 if (!qemu_clocks[type]) {
 qemu_clocks[type] = qemu_clock_new(type);
+main_loop_tlg[type] = qemu_clocks[type]->main_loop_timerlist;
 }
 }
 
-- 
1.7.9.5

[Qemu-devel] [RFC] [PATCHv8 07/30] aio / timers: Split QEMUClock into QEMUClock and QEMUTimerList

[Alex Bligh]

Split QEMUClock into QEMUClock and QEMUTimerList so that we can
have more than one QEMUTimerList associated with the same clock.

Introduce a main_loop_timerlist concept and make existing
qemu_clock_* calls that actually should operate on a QEMUTimerList
call the relevant QEMUTimerList implementations, using the clock's
default timerlist. This vastly reduces the invasiveness of this
change and means the API stays constant for existing users.

Introduce a list of QEMUTimerLists associated with each clock
so that reenabling the clock can cause all the notifiers
to be called. Note the code to do the notifications is added
in a later patch.

Switch QEMUClockType to an enum. Remove global variables vm_clock,
host_clock and rt_clock and add compatibility defines. Do not
fix qemu_next_alarm_deadline as it's going to be deleted.

Add qemu_clock_use_for_deadline to indicate whether a particular
clock should be used for deadline calculations. When use_icount
is true, vm_clock should not be used for deadline calculations
as it does not contain a nanosecond count. Instead, icount
timeouts come from the execution thread doing aio_notify or
qemu_notify as appropriate. This function is used in the next
patch.

Signed-off-by: Alex Bligh 
---
 include/qemu/timer.h |  406 +++---
 qemu-timer.c |  200 +++--
 2 files changed, 536 insertions(+), 70 deletions(-)

diff --git a/include/qemu/timer.h b/include/qemu/timer.h
index c270144..6c2bf6c 100644
--- a/include/qemu/timer.h
+++ b/include/qemu/timer.h
@@ -11,34 +11,75 @@
 #define SCALE_US 1000
 #define SCALE_NS 1
 
-#define QEMU_CLOCK_REALTIME 0
-#define QEMU_CLOCK_VIRTUAL  1
-#define QEMU_CLOCK_HOST 2
+/**
+ * QEMUClockType:
+ *
+ * The following clock types are available:
+ *
+ * @QEMU_CLOCK_REALTIME: Real time clock
+ *
+ * The real time clock should be used only for stuff which does not
+ * change the virtual machine state, as it is run even if the virtual
+ * machine is stopped. The real time clock has a frequency of 1000
+ * Hz.
+ *
+ * Formerly rt_clock
+ *
+ * @QEMU_CLOCK_VIRTUAL: virtual clock
+ *
+ * The virtual clock is only run during the emulation. It is stopped
+ * when the virtual machine is stopped. Virtual timers use a high
+ * precision clock, usually cpu cycles (use ticks_per_sec).
+ *
+ * Formerly vm_clock
+ *
+ * @QEMU_CLOCK_HOST: host clock
+ *
+ * The host clock should be use for device models that emulate accurate
+ * real time sources. It will continue to run when the virtual machine
+ * is suspended, and it will reflect system time changes the host may
+ * undergo (e.g. due to NTP). The host clock has the same precision as
+ * the virtual clock.
+ *
+ * Formerly host_clock
+ */
+
+typedef enum {
+QEMU_CLOCK_REALTIME = 0,
+QEMU_CLOCK_VIRTUAL = 1,
+QEMU_CLOCK_HOST = 2,
+QEMU_CLOCK_MAX
+} QEMUClockType;
 
 typedef struct QEMUClock QEMUClock;
+typedef struct QEMUTimerList QEMUTimerList;
 typedef void QEMUTimerCB(void *opaque);
 
-/* The real time clock should be used only for stuff which does not
-   change the virtual machine state, as it is run even if the virtual
-   machine is stopped. The real time clock has a frequency of 1000
-   Hz. */
-extern QEMUClock *rt_clock;
+extern QEMUClock *qemu_clocks[QEMU_CLOCK_MAX];
 
-/* The virtual clock is only run during the emulation. It is stopped
-   when the virtual machine is stopped. Virtual timers use a high
-   precision clock, usually cpu cycles (use ticks_per_sec). */
-extern QEMUClock *vm_clock;
+/**
+ * qemu_clock_ptr:
+ * @type: type of clock
+ *
+ * Translate a clock type into a pointer to QEMUClock object.
+ *
+ * Returns: a pointer to the QEMUClock object
+ */
+static inline QEMUClock *qemu_clock_ptr(QEMUClockType type)
+{
+return qemu_clocks[type];
+}
 
-/* The host clock should be use for device models that emulate accurate
-   real time sources. It will continue to run when the virtual machine
-   is suspended, and it will reflect system time changes the host may
-   undergo (e.g. due to NTP). The host clock has the same precision as
-   the virtual clock. */
-extern QEMUClock *host_clock;
+/* These three clocks are maintained here with separate variable
+ * names for compatibility only.
+ */
+#define rt_clock (qemu_clock_ptr(QEMU_CLOCK_REALTIME))
+#define vm_clock (qemu_clock_ptr(QEMU_CLOCK_VIRTUAL))
+#define host_clock (qemu_clock_ptr(QEMU_CLOCK_HOST))
 
 int64_t qemu_get_clock_ns(QEMUClock *clock);
-int64_t qemu_clock_has_timers(QEMUClock *clock);
-int64_t qemu_clock_expired(QEMUClock *clock);
+bool qemu_clock_has_timers(QEMUClock *clock);
+bool qemu_clock_expired(QEMUClock *clock);
 int64_t qemu_clock_deadline(QEMUClock *clock);
 
 /**
@@ -53,6 +94,124 @@ int64_t qemu_clock_deadline(QEMUClock *clock);
 int64_t qemu_clock_deadline_ns(QEMUClock *clock);
 
 /**
+ * qemu_clock_use_for_deadline:
+ * @clock: the clock to operate on
+ *
+ * Determine whether a clock should be used for deadline
+ * calculati

[Qemu-devel] [RFC] [PATCHv8 27/30] aio / timers: Add test harness for AioContext timers

[Alex Bligh]

Add a test harness for AioContext timers. The g_source equivalent is
unsatisfactory as it suffers from false wakeups.

Signed-off-by: Alex Bligh 
---
 tests/test-aio.c |  136 ++
 1 file changed, 136 insertions(+)

diff --git a/tests/test-aio.c b/tests/test-aio.c
index eedf7f8..fb1bd7a 100644
--- a/tests/test-aio.c
+++ b/tests/test-aio.c
@@ -32,6 +32,15 @@ typedef struct {
 int max;
 } BHTestData;
 
+typedef struct {
+QEMUTimer *timer;
+QEMUClockType clock_type;
+int n;
+int max;
+int64_t ns;
+AioContext *ctx;
+} TimerTestData;
+
 static void bh_test_cb(void *opaque)
 {
 BHTestData *data = opaque;
@@ -40,6 +49,24 @@ static void bh_test_cb(void *opaque)
 }
 }
 
+static void timer_test_cb(void *opaque)
+{
+TimerTestData *data = opaque;
+if (++data->n < data->max) {
+timer_mod(data->timer,
+  qemu_clock_get_ns(data->clock_type) + data->ns);
+}
+}
+
+static void dummy_io_handler_read(void *opaque)
+{
+}
+
+static int dummy_io_handler_flush(void *opaque)
+{
+return 1;
+}
+
 static void bh_delete_cb(void *opaque)
 {
 BHTestData *data = opaque;
@@ -341,6 +368,65 @@ static void test_wait_event_notifier_noflush(void)
 event_notifier_cleanup(&data.e);
 }
 
+static void test_timer_schedule(void)
+{
+TimerTestData data = { .n = 0, .ctx = ctx, .ns = SCALE_MS * 750LL,
+   .max = 2,
+   .clock_type = QEMU_CLOCK_VIRTUAL };
+int pipefd[2];
+
+/* aio_poll will not block to wait for timers to complete unless it has
+ * an fd to wait on. Fixing this breaks other tests. So create a dummy one.
+ */
+g_assert(!pipe2(pipefd, O_NONBLOCK));
+aio_set_fd_handler(ctx, pipefd[0],
+   dummy_io_handler_read, NULL, dummy_io_handler_flush,
+   NULL);
+aio_poll(ctx, false);
+
+data.timer = aio_timer_new(ctx, data.clock_type,
+   SCALE_NS, timer_test_cb, &data);
+timer_mod(data.timer,
+  qemu_clock_get_ns(data.clock_type) +
+  data.ns);
+
+g_assert_cmpint(data.n, ==, 0);
+
+/* timer_mod may well cause an event notifer to have gone off,
+ * so clear that
+ */
+do {} while (aio_poll(ctx, false));
+
+g_assert(!aio_poll(ctx, false));
+g_assert_cmpint(data.n, ==, 0);
+
+sleep(1);
+g_assert_cmpint(data.n, ==, 0);
+
+g_assert(aio_poll(ctx, false));
+g_assert_cmpint(data.n, ==, 1);
+
+/* timer_mod called by our callback */
+do {} while (aio_poll(ctx, false));
+
+g_assert(!aio_poll(ctx, false));
+g_assert_cmpint(data.n, ==, 1);
+
+g_assert(aio_poll(ctx, true));
+g_assert_cmpint(data.n, ==, 2);
+
+/* As max is now 2, an event notifier should not have gone off */
+
+g_assert(!aio_poll(ctx, false));
+g_assert_cmpint(data.n, ==, 2);
+
+aio_set_fd_handler(ctx, pipefd[0], NULL, NULL, NULL, NULL);
+close(pipefd[0]);
+close(pipefd[1]);
+
+timer_del(data.timer);
+}
+
 /* Now the same tests, using the context as a GSource.  They are
  * very similar to the ones above, with g_main_context_iteration
  * replacing aio_poll.  However:
@@ -623,6 +709,54 @@ static void test_source_wait_event_notifier_noflush(void)
 event_notifier_cleanup(&data.e);
 }
 
+static void test_source_timer_schedule(void)
+{
+TimerTestData data = { .n = 0, .ctx = ctx, .ns = SCALE_MS * 750LL,
+   .max = 2,
+   .clock_type = QEMU_CLOCK_VIRTUAL };
+int pipefd[2];
+int64_t expiry;
+
+/* aio_poll will not block to wait for timers to complete unless it has
+ * an fd to wait on. Fixing this breaks other tests. So create a dummy one.
+ */
+g_assert(!pipe2(pipefd, O_NONBLOCK));
+aio_set_fd_handler(ctx, pipefd[0],
+   dummy_io_handler_read, NULL, dummy_io_handler_flush,
+   NULL);
+do {} while (g_main_context_iteration(NULL, false));
+
+data.timer = aio_timer_new(ctx, data.clock_type,
+   SCALE_NS, timer_test_cb, &data);
+expiry = qemu_clock_get_ns(data.clock_type) +
+data.ns;
+timer_mod(data.timer, expiry);
+
+g_assert_cmpint(data.n, ==, 0);
+
+sleep(1);
+g_assert_cmpint(data.n, ==, 0);
+
+g_assert(g_main_context_iteration(NULL, false));
+g_assert_cmpint(data.n, ==, 1);
+
+/* The comment above was not kidding when it said this wakes up itself */
+do {
+g_assert(g_main_context_iteration(NULL, true));
+} while (qemu_clock_get_ns(data.clock_type) <= expiry);
+sleep(1);
+g_main_context_iteration(NULL, false);
+
+g_assert_cmpint(data.n, ==, 2);
+
+aio_set_fd_handler(ctx, pipefd[0], NULL, NULL, NULL, NULL);
+close(pipefd[0]);
+close(pipefd[1]);
+
+timer_del(data.timer);
+}
+
+
 /* End of tests.  */
 
 int main(int argc, char **argv)
@@ -651,6 +785,7 @@ int main(i

[Qemu-devel] [RFC] [PATCHv8 08/30] aio / timers: Untangle include files

[Alex Bligh]

include/qemu/timer.h has no need to include main-loop.h and
doing so causes an issue for the next patch. Unfortunately
various files assume including timers.h will pull in main-loop.h.
Untangle this mess.

Signed-off-by: Alex Bligh 
---
 dma-helpers.c |1 +
 hw/dma/xilinx_axidma.c|1 +
 hw/timer/arm_timer.c  |1 +
 hw/timer/exynos4210_mct.c |1 +
 hw/timer/exynos4210_pwm.c |1 +
 hw/timer/grlib_gptimer.c  |2 ++
 hw/timer/imx_epit.c   |1 +
 hw/timer/imx_gpt.c|1 +
 hw/timer/lm32_timer.c |1 +
 hw/timer/puv3_ost.c   |1 +
 hw/timer/sh_timer.c   |1 +
 hw/timer/slavio_timer.c   |1 +
 hw/timer/xilinx_timer.c   |1 +
 hw/tpm/tpm_tis.c  |1 +
 hw/usb/hcd-uhci.c |1 +
 include/block/block_int.h |1 +
 include/block/coroutine.h |2 ++
 include/qemu/timer.h  |1 -
 migration-exec.c  |1 +
 migration-fd.c|1 +
 migration-tcp.c   |1 +
 migration-unix.c  |1 +
 migration.c   |1 +
 nbd.c |1 +
 net/net.c |1 +
 net/socket.c  |1 +
 qemu-coroutine-io.c   |1 +
 qemu-io-cmds.c|1 +
 qemu-nbd.c|1 +
 slirp/misc.c  |1 +
 thread-pool.c |1 +
 ui/vnc-auth-sasl.h|1 +
 ui/vnc-auth-vencrypt.c|2 +-
 ui/vnc-ws.c   |1 +
 34 files changed, 35 insertions(+), 2 deletions(-)

diff --git a/dma-helpers.c b/dma-helpers.c
index 499550f..c9620a5 100644
--- a/dma-helpers.c
+++ b/dma-helpers.c
@@ -11,6 +11,7 @@
 #include "trace.h"
 #include "qemu/range.h"
 #include "qemu/thread.h"
+#include "qemu/main-loop.h"
 
 /* #define DEBUG_IOMMU */
 
diff --git a/hw/dma/xilinx_axidma.c b/hw/dma/xilinx_axidma.c
index a48e3ba..59e8e35 100644
--- a/hw/dma/xilinx_axidma.c
+++ b/hw/dma/xilinx_axidma.c
@@ -27,6 +27,7 @@
 #include "hw/ptimer.h"
 #include "qemu/log.h"
 #include "qapi/qmp/qerror.h"
+#include "qemu/main-loop.h"
 
 #include "hw/stream.h"
 
diff --git a/hw/timer/arm_timer.c b/hw/timer/arm_timer.c
index acfea59..a47afde 100644
--- a/hw/timer/arm_timer.c
+++ b/hw/timer/arm_timer.c
@@ -12,6 +12,7 @@
 #include "qemu-common.h"
 #include "hw/qdev.h"
 #include "hw/ptimer.h"
+#include "qemu/main-loop.h"
 
 /* Common timer implementation.  */
 
diff --git a/hw/timer/exynos4210_mct.c b/hw/timer/exynos4210_mct.c
index a8009a4..13b1889 100644
--- a/hw/timer/exynos4210_mct.c
+++ b/hw/timer/exynos4210_mct.c
@@ -54,6 +54,7 @@
 
 #include "hw/sysbus.h"
 #include "qemu/timer.h"
+#include "qemu/main-loop.h"
 #include "qemu-common.h"
 #include "hw/ptimer.h"
 
diff --git a/hw/timer/exynos4210_pwm.c b/hw/timer/exynos4210_pwm.c
index a52f0f6..1aa8f4d 100644
--- a/hw/timer/exynos4210_pwm.c
+++ b/hw/timer/exynos4210_pwm.c
@@ -23,6 +23,7 @@
 #include "hw/sysbus.h"
 #include "qemu/timer.h"
 #include "qemu-common.h"
+#include "qemu/main-loop.h"
 #include "hw/ptimer.h"
 
 #include "hw/arm/exynos4210.h"
diff --git a/hw/timer/grlib_gptimer.c b/hw/timer/grlib_gptimer.c
index 7c1055a..74c16d6 100644
--- a/hw/timer/grlib_gptimer.c
+++ b/hw/timer/grlib_gptimer.c
@@ -25,6 +25,8 @@
 #include "hw/sysbus.h"
 #include "qemu/timer.h"
 #include "hw/ptimer.h"
+#include "qemu/timer.h"
+#include "qemu/main-loop.h"
 
 #include "trace.h"
 
diff --git a/hw/timer/imx_epit.c b/hw/timer/imx_epit.c
index 117dc7b..efe2ff9 100644
--- a/hw/timer/imx_epit.c
+++ b/hw/timer/imx_epit.c
@@ -18,6 +18,7 @@
 #include "hw/ptimer.h"
 #include "hw/sysbus.h"
 #include "hw/arm/imx.h"
+#include "qemu/main-loop.h"
 
 #define TYPE_IMX_EPIT "imx.epit"
 
diff --git a/hw/timer/imx_gpt.c b/hw/timer/imx_gpt.c
index 87db0e1..f2d1975 100644
--- a/hw/timer/imx_gpt.c
+++ b/hw/timer/imx_gpt.c
@@ -18,6 +18,7 @@
 #include "hw/ptimer.h"
 #include "hw/sysbus.h"
 #include "hw/arm/imx.h"
+#include "qemu/main-loop.h"
 
 #define TYPE_IMX_GPT "imx.gpt"
 
diff --git a/hw/timer/lm32_timer.c b/hw/timer/lm32_timer.c
index 986e6a1..8ed138c 100644
--- a/hw/timer/lm32_timer.c
+++ b/hw/timer/lm32_timer.c
@@ -27,6 +27,7 @@
 #include "qemu/timer.h"
 #include "hw/ptimer.h"
 #include "qemu/error-report.h"
+#include "qemu/main-loop.h"
 
 #define DEFAULT_FREQUENCY (50*100)
 
diff --git a/hw/timer/puv3_ost.c b/hw/timer/puv3_ost.c
index 4bd2b76..fa9eefd 100644
--- a/hw/timer/puv3_ost.c
+++ b/hw/timer/puv3_ost.c
@@ -10,6 +10,7 @@
  */
 #include "hw/sysbus.h"
 #include "hw/ptimer.h"
+#include "qemu/main-loop.h"
 
 #undef DEBUG_PUV3
 #include "hw/unicore32/puv3.h"
diff --git a/hw/timer/sh_timer.c b/hw/timer/sh_timer.c
index 251a10d..07f0670 100644
--- a/hw/timer/sh_timer.c
+++ b/hw/timer/sh_timer.c
@@ -11,6 +11,7 @@
 #include "hw/hw.h"
 #include "hw/sh4/sh.h"
 #include "qemu/timer.h"
+#include "qemu/main-loop.h"
 #include "exec/address-spaces.h"
 #include "hw/ptimer.h"
 
diff --git a/hw/timer/slavio_timer.c b/hw/timer/slavio_timer.c
index 33e8f6c..f75b914 100644
--- a/hw/timer/slavio_timer.c
+++ b/hw/time

[Qemu-devel] [RFC] [PATCHv8 10/30] aio / timers: Add QEMUTimerListGroup to AioContext

[Alex Bligh]

Add a QEMUTimerListGroup each AioContext (meaning a QEMUTimerList
associated with each clock is added) and delete it when the
AioContext is freed.

Signed-off-by: Alex Bligh 
---
 async.c  |2 ++
 include/block/aio.h  |4 
 tests/test-aio.c |3 +++
 tests/test-thread-pool.c |3 +++
 4 files changed, 12 insertions(+)

diff --git a/async.c b/async.c
index 5ce3633..99fb5a8 100644
--- a/async.c
+++ b/async.c
@@ -205,6 +205,7 @@ aio_ctx_finalize(GSource *source)
 event_notifier_cleanup(&ctx->notifier);
 qemu_mutex_destroy(&ctx->bh_lock);
 g_array_free(ctx->pollfds, TRUE);
+timerlistgroup_deinit(ctx->tlg);
 }
 
 static GSourceFuncs aio_source_funcs = {
@@ -244,6 +245,7 @@ AioContext *aio_context_new(void)
 aio_set_event_notifier(ctx, &ctx->notifier, 
(EventNotifierHandler *)
event_notifier_test_and_clear, NULL);
+timerlistgroup_init(ctx->tlg);
 
 return ctx;
 }
diff --git a/include/block/aio.h b/include/block/aio.h
index cc1..a13f6e8 100644
--- a/include/block/aio.h
+++ b/include/block/aio.h
@@ -18,6 +18,7 @@
 #include "qemu/queue.h"
 #include "qemu/event_notifier.h"
 #include "qemu/thread.h"
+#include "qemu/timer.h"
 
 typedef struct BlockDriverAIOCB BlockDriverAIOCB;
 typedef void BlockDriverCompletionFunc(void *opaque, int ret);
@@ -72,6 +73,9 @@ typedef struct AioContext {
 
 /* Thread pool for performing work and receiving completion callbacks */
 struct ThreadPool *thread_pool;
+
+/* TimerLists for calling timers - one per clock type */
+QEMUTimerListGroup tlg;
 } AioContext;
 
 /* Returns 1 if there are still outstanding AIO requests; 0 otherwise */
diff --git a/tests/test-aio.c b/tests/test-aio.c
index c173870..2d7ec4c 100644
--- a/tests/test-aio.c
+++ b/tests/test-aio.c
@@ -12,6 +12,7 @@
 
 #include 
 #include "block/aio.h"
+#include "qemu/timer.h"
 
 AioContext *ctx;
 
@@ -628,6 +629,8 @@ int main(int argc, char **argv)
 {
 GSource *src;
 
+init_clocks();
+
 ctx = aio_context_new();
 src = aio_get_g_source(ctx);
 g_source_attach(src, NULL);
diff --git a/tests/test-thread-pool.c b/tests/test-thread-pool.c
index b62338f..27d6190 100644
--- a/tests/test-thread-pool.c
+++ b/tests/test-thread-pool.c
@@ -3,6 +3,7 @@
 #include "block/aio.h"
 #include "block/thread-pool.h"
 #include "block/block.h"
+#include "qemu/timer.h"
 
 static AioContext *ctx;
 static ThreadPool *pool;
@@ -205,6 +206,8 @@ int main(int argc, char **argv)
 {
 int ret;
 
+init_clocks();
+
 ctx = aio_context_new();
 pool = aio_get_thread_pool(ctx);
 
-- 
1.7.9.5

[Qemu-devel] [RFC] [PATCHv8 14/30] aio / timers: Convert aio_poll to use AioContext timers' deadline

[Alex Bligh]

Convert aio_poll to use deadline based on AioContext's timers.

aio_poll has been changed to return accurately whether progress
has occurred. Prior to this commit, aio_poll always returned
true if g_poll was entered, whether or not any progress was
made. This required a change to tests/test-aio.c where an
assert was backwards.

Signed-off-by: Alex Bligh 
---
 aio-posix.c  |   20 +---
 aio-win32.c  |   22 +++---
 tests/test-aio.c |4 ++--
 3 files changed, 34 insertions(+), 12 deletions(-)

diff --git a/aio-posix.c b/aio-posix.c
index b68eccd..2ec419d 100644
--- a/aio-posix.c
+++ b/aio-posix.c
@@ -166,6 +166,10 @@ static bool aio_dispatch(AioContext *ctx)
 g_free(tmp);
 }
 }
+
+/* Run our timers */
+progress |= timerlistgroup_run_timers(ctx->tlg);
+
 return progress;
 }
 
@@ -232,9 +236,9 @@ bool aio_poll(AioContext *ctx, bool blocking)
 }
 
 /* wait until next event */
-ret = g_poll((GPollFD *)ctx->pollfds->data,
- ctx->pollfds->len,
- blocking ? -1 : 0);
+ret = qemu_poll_ns((GPollFD *)ctx->pollfds->data,
+ ctx->pollfds->len,
+ blocking ? timerlistgroup_deadline_ns(ctx->tlg) : 0);
 
 /* if we have any readable fds, dispatch event */
 if (ret > 0) {
@@ -245,11 +249,13 @@ bool aio_poll(AioContext *ctx, bool blocking)
 node->pfd.revents = pfd->revents;
 }
 }
-if (aio_dispatch(ctx)) {
-progress = true;
-}
+}
+
+/* Run dispatch even if there were no readable fds to run timers */
+if (aio_dispatch(ctx)) {
+progress = true;
 }
 
 assert(progress || busy);
-return true;
+return progress;
 }
diff --git a/aio-win32.c b/aio-win32.c
index 38723bf..90b232b 100644
--- a/aio-win32.c
+++ b/aio-win32.c
@@ -98,6 +98,7 @@ bool aio_poll(AioContext *ctx, bool blocking)
 HANDLE events[MAXIMUM_WAIT_OBJECTS + 1];
 bool busy, progress;
 int count;
+int timeout;
 
 progress = false;
 
@@ -111,6 +112,9 @@ bool aio_poll(AioContext *ctx, bool blocking)
 progress = true;
 }
 
+/* Run timers */
+progress |= timerlistgroup_run_timers(ctx->tlg);
+
 /*
  * Then dispatch any pending callbacks from the GSource.
  *
@@ -174,8 +178,11 @@ bool aio_poll(AioContext *ctx, bool blocking)
 
 /* wait until next event */
 while (count > 0) {
-int timeout = blocking ? INFINITE : 0;
-int ret = WaitForMultipleObjects(count, events, FALSE, timeout);
+int ret;
+
+timeout = blocking ?
+qemu_timeout_ns_to_ms(timerlistgroup_deadline_ns(ctx->tlg)) : 0;
+ret = WaitForMultipleObjects(count, events, FALSE, timeout);
 
 /* if we have any signaled events, dispatch event */
 if ((DWORD) (ret - WAIT_OBJECT_0) >= count) {
@@ -214,6 +221,15 @@ bool aio_poll(AioContext *ctx, bool blocking)
 events[ret - WAIT_OBJECT_0] = events[--count];
 }
 
+if (blocking) {
+/* Run the timers a second time. We do this because otherwise aio_wait
+ * will not note progress - and will stop a drain early - if we have
+ * a timer that was not ready to run entering g_poll but is ready
+ * after g_poll. This will only do anything if a timer has expired.
+ */
+progress |= timerlistgroup_run_timers(ctx->timer_list);
+}
+
 assert(progress || busy);
-return true;
+return progress;
 }
diff --git a/tests/test-aio.c b/tests/test-aio.c
index 2d7ec4c..eedf7f8 100644
--- a/tests/test-aio.c
+++ b/tests/test-aio.c
@@ -316,13 +316,13 @@ static void test_wait_event_notifier_noflush(void)
 event_notifier_set(&data.e);
 g_assert(aio_poll(ctx, false));
 g_assert_cmpint(data.n, ==, 1);
-g_assert(aio_poll(ctx, false));
+g_assert(!aio_poll(ctx, false));
 g_assert_cmpint(data.n, ==, 1);
 
 event_notifier_set(&data.e);
 g_assert(aio_poll(ctx, false));
 g_assert_cmpint(data.n, ==, 2);
-g_assert(aio_poll(ctx, false));
+g_assert(!aio_poll(ctx, false));
 g_assert_cmpint(data.n, ==, 2);
 
 event_notifier_set(&dummy.e);
-- 
1.7.9.5

[Qemu-devel] [RFC] [PATCHv8 00/30] aio / timers: Add AioContext timers and use ppoll

[Alex Bligh]

This patch series adds support for timers attached to an AioContext clock
which get called within aio_poll.

In doing so it removes alarm timers and moves to use ppoll where possible.

This patch set 'sort of' passes make check (see below for caveat)
including a new test harness for the aio timers, but has not been
tested much beyond that. In particular, the win32 changes have not
even been compile tested. Equally, alterations to use_icount
are untested.

Caveat: I have had to alter tests/test-aio.c so the following error
no longer occurs.

ERROR:tests/test-aio.c:346:test_wait_event_notifier_noflush: assertion failed: 
(aio_poll(ctx, false))

As gar as I can tell, this check was incorrect, in that it checking
aio_poll makes progress when in fact it should not make progress. I
fixed an issue where aio_poll was (as far as I can tell) wrongly
returning true on a timeout, and that generated this error.

Note also the comment on patch 18 in relation to a possible bug
in cpus.c.

The penultimate patch is patch which is created in an automated manner
using scripts/switch-timer-api, added in this patch set. It violates some
coding standards (e.g. line length >= 80 characters), but this is preferable
in terms of giving a provably correct conversion.

This patch set has been compile tested & make check tested on a
'christmas-tree' configuration, meaning a configuration with every
--enable- value tested that can be easily configured on Ubuntu Precise,
after application of each patch.

Changes since v7:
* Rebase to master 6fdf98f281f85ae6e2883bed2f691bcfe33b1f9f
* Add qemu_clock_get_ms and qemu_clock_get_ms
* Rename qemu_get_clock to qemu_clock_ptr
* Reorder qemu-timer.h to utilise the legacy API
* Hide qemu_clock_new & qemu_clock_free
* Rename default_timerlist to main_loop_timerlist
* Remove main_loop_timerlist once main_loop_tlg is in
* Add script to convert to new API
* Make rtc_clock use new API
* Convert tests/test-aio to use new API
* Run script on entire source code
* Remove legacy API functions

Changes since v6:
* Fix build failure in vnc-auth-sasl.c
* Split first patch into 3
* Add assert on timerlist_free
* Fix ==/= error on qemu_clock_use_for_deadline
* Remove unnecessary cast in aio_timerlist_notify
* Fix bad deadline comparison in aio_ctx_check
* Add assert to timerlist_new_from_clock to check init_clocks
* Use timer_list not tl
* Change default_timerlistgroup to main_loop_timerlistgroup
* Add comment on commit for qemu_clock_use_for_deadline
* Fixed various include file issues
* Convert *_has_timers and *_has_expired to return bool
* Make loop variable consistent when looping through clock types
* Add documentation to existing qemu_timer calls
* Remove qemu_clock_deadline and move to qemu_clock_deadline_ns

Changes since v5:
* Rebase onto master (b9ac5d9)
* Fix spacing in typedef QEMUTimerList
* Rename 'QEMUClocks' extern to 'qemu_clocks'

Changes since v4:
* Rename qemu_timerlist_ functions to timer_list (per Paolo Bonzini)
* Rename qemu_timer_.*timerlist.* to timer_ (per Paolo Bonzini)
* Use enum for QEMUClockType
* Put clocks into an array; remove global variables
* Introduce QEMUTimerListGroup - a timeliest of each type
* Add a QEMUTimerListGroup to AioContext
* Use a callback on timer modification, rather than binding in
  AioContext into the timeliest
* Make cpus.c iterate over all timerlists when it does a notify
* Make cpus.c icount timeout use soonest timeout
  across all timerlists

Changes since v3:
* Split up QEMUClock and QEMUClock list
* Improve commenting
* Fix comment in vl.c
* Change test/test-aio.c to reflect correct behaviour in aio_poll.

Changes since v2:
* Reordered to remove alarm timers last
* Added prctl(PR_SET_TIMERSLACK, 1, ...)
* Renamed qemu_g_poll_ns to qemu_poll_ns
* Moved declaration of above & drop glib types
* Do not use a global list of qemu clocks
* Add AioContext * to QEMUClock
* Split up conversion to use ppoll and timers
* Indentation fix
* Fix aio_win32.c aio_poll to return progress
* aio_notify / qemu_notify when timers are modified
* change comment in deprecation of clock options

Alex Bligh (30):
  aio / timers: Rename qemu_new_clock and expose clock types
  aio / timers: add qemu-timer.c utility functions
  aio / timers: Consistent treatment of disabled clocks for deadlines
  aio / timers: add ppoll support with qemu_poll_ns
  aio / timers: Add prctl(PR_SET_TIMERSLACK, 1, ...) to reduce timer
slack
  aio / timers: Make qemu_run_timers and qemu_run_all_timers return
progress
  aio / timers: Split QEMUClock into QEMUClock and QEMUTimerList
  aio / timers: Untangle include files
  aio / timers: Add QEMUTimerListGroup and helper functions
  aio / timers: Add QEMUTimerListGroup to AioContext
  aio / timers: Add a notify callback to QEMUTimerList
  aio / timers: aio_ctx_prepare sets timeout from AioContext timers
  aio / timers: Add aio_timer_new wrapper
  aio / timers: Convert aio_poll to use AioContext timers' deadline
  aio / timers: Convert mainloop to 

[Qemu-devel] [RFC] [PATCHv8 22/30] aio / timers: Add qemu_clock_get_ms and qemu_clock_get_ms

[Alex Bligh]

Add utility functions qemu_clock_get_ms and qemu_clock_get_us

Signed-off-by: Alex Bligh 
---
 include/qemu/timer.h |   28 
 1 file changed, 28 insertions(+)

diff --git a/include/qemu/timer.h b/include/qemu/timer.h
index fedd7f1..0106f63 100644
--- a/include/qemu/timer.h
+++ b/include/qemu/timer.h
@@ -104,6 +104,34 @@ static inline int64_t qemu_clock_get_ns(QEMUClockType type)
 }
 
 /**
+ * qemu_clock_get_ms;
+ * @type: the clock type
+ *
+ * Get the millisecond value of a clock with
+ * type @type
+ *
+ * Returns: the clock value in milliseconds
+ */
+static inline int64_t qemu_clock_get_ms(QEMUClockType type)
+{
+return qemu_clock_get_ns(type) / SCALE_MS;
+}
+
+/**
+ * qemu_clock_get_us;
+ * @type: the clock type
+ *
+ * Get the microsecond value of a clock with
+ * type @type
+ *
+ * Returns: the clock value in microseconds
+ */
+static inline int64_t qemu_clock_get_us(QEMUClockType type)
+{
+return qemu_clock_get_ns(type) / SCALE_US;
+}
+
+/**
  * qemu_clock_has_timers:
  * @clock: the clock to operate on
  *
-- 
1.7.9.5

[Qemu-devel] [RFC] [PATCHv8 06/30] aio / timers: Make qemu_run_timers and qemu_run_all_timers return progress

[Alex Bligh]

Make qemu_run_timers and qemu_run_all_timers return progress
so that aio_poll etc. can determine whether a timer has been
run.

Signed-off-by: Alex Bligh 
---
 include/qemu/timer.h |   21 +++--
 qemu-timer.c |   18 --
 2 files changed, 31 insertions(+), 8 deletions(-)

diff --git a/include/qemu/timer.h b/include/qemu/timer.h
index cbb044a..c270144 100644
--- a/include/qemu/timer.h
+++ b/include/qemu/timer.h
@@ -92,8 +92,25 @@ bool qemu_timer_pending(QEMUTimer *ts);
 bool qemu_timer_expired(QEMUTimer *timer_head, int64_t current_time);
 uint64_t qemu_timer_expire_time_ns(QEMUTimer *ts);
 
-void qemu_run_timers(QEMUClock *clock);
-void qemu_run_all_timers(void);
+/**
+ * qemu_run_timers:
+ * @clock: clock on which to operate
+ *
+ * Run all the timers associated with a clock.
+ *
+ * Returns: true if any timer ran.
+ */
+bool qemu_run_timers(QEMUClock *clock);
+
+/**
+ * qemu_run_all_timers:
+ *
+ * Run all the timers associated with every clock.
+ *
+ * Returns: true if any timer ran.
+ */
+bool qemu_run_all_timers(void);
+
 void configure_alarms(char const *opt);
 void init_clocks(void);
 int init_timer_alarm(void);
diff --git a/qemu-timer.c b/qemu-timer.c
index 9eb6db8..c0aa58a 100644
--- a/qemu-timer.c
+++ b/qemu-timer.c
@@ -446,13 +446,14 @@ bool qemu_timer_expired(QEMUTimer *timer_head, int64_t 
current_time)
 return qemu_timer_expired_ns(timer_head, current_time * timer_head->scale);
 }
 
-void qemu_run_timers(QEMUClock *clock)
+bool qemu_run_timers(QEMUClock *clock)
 {
 QEMUTimer *ts;
 int64_t current_time;
+bool progress = false;

 if (!clock->enabled)
-return;
+return progress;
 
 current_time = qemu_get_clock_ns(clock);
 for(;;) {
@@ -466,7 +467,9 @@ void qemu_run_timers(QEMUClock *clock)
 
 /* run the callback (the timer list can be modified) */
 ts->cb(ts->opaque);
+progress = true;
 }
+return progress;
 }
 
 int64_t qemu_get_clock_ns(QEMUClock *clock)
@@ -521,20 +524,23 @@ uint64_t qemu_timer_expire_time_ns(QEMUTimer *ts)
 return qemu_timer_pending(ts) ? ts->expire_time : -1;
 }
 
-void qemu_run_all_timers(void)
+bool qemu_run_all_timers(void)
 {
+bool progress = false;
 alarm_timer->pending = false;
 
 /* vm time timers */
-qemu_run_timers(vm_clock);
-qemu_run_timers(rt_clock);
-qemu_run_timers(host_clock);
+progress |= qemu_run_timers(vm_clock);
+progress |= qemu_run_timers(rt_clock);
+progress |= qemu_run_timers(host_clock);
 
 /* rearm timer, if not periodic */
 if (alarm_timer->expired) {
 alarm_timer->expired = false;
 qemu_rearm_alarm_timer(alarm_timer);
 }
+
+return progress;
 }
 
 #ifdef _WIN32
-- 
1.7.9.5

[Qemu-devel] [RFC] [PATCHv8 01/30] aio / timers: Rename qemu_new_clock and expose clock types

[Alex Bligh]

Rename qemu_new_clock to qemu_clock_new.

Expose clock types.

Signed-off-by: Alex Bligh 
---
 include/qemu/timer.h |4 
 qemu-timer.c |   12 
 2 files changed, 8 insertions(+), 8 deletions(-)

diff --git a/include/qemu/timer.h b/include/qemu/timer.h
index 9dd206c..45c745b 100644
--- a/include/qemu/timer.h
+++ b/include/qemu/timer.h
@@ -11,6 +11,10 @@
 #define SCALE_US 1000
 #define SCALE_NS 1
 
+#define QEMU_CLOCK_REALTIME 0
+#define QEMU_CLOCK_VIRTUAL  1
+#define QEMU_CLOCK_HOST 2
+
 typedef struct QEMUClock QEMUClock;
 typedef void QEMUTimerCB(void *opaque);
 
diff --git a/qemu-timer.c b/qemu-timer.c
index b2d95e2..2d97a13 100644
--- a/qemu-timer.c
+++ b/qemu-timer.c
@@ -40,10 +40,6 @@
 /***/
 /* timers */
 
-#define QEMU_CLOCK_REALTIME 0
-#define QEMU_CLOCK_VIRTUAL  1
-#define QEMU_CLOCK_HOST 2
-
 struct QEMUClock {
 QEMUTimer *active_timers;
 
@@ -231,7 +227,7 @@ QEMUClock *rt_clock;
 QEMUClock *vm_clock;
 QEMUClock *host_clock;
 
-static QEMUClock *qemu_new_clock(int type)
+static QEMUClock *qemu_clock_new(int type)
 {
 QEMUClock *clock;
 
@@ -433,9 +429,9 @@ void qemu_unregister_clock_reset_notifier(QEMUClock *clock, 
Notifier *notifier)
 void init_clocks(void)
 {
 if (!rt_clock) {
-rt_clock = qemu_new_clock(QEMU_CLOCK_REALTIME);
-vm_clock = qemu_new_clock(QEMU_CLOCK_VIRTUAL);
-host_clock = qemu_new_clock(QEMU_CLOCK_HOST);
+rt_clock = qemu_clock_new(QEMU_CLOCK_REALTIME);
+vm_clock = qemu_clock_new(QEMU_CLOCK_VIRTUAL);
+host_clock = qemu_clock_new(QEMU_CLOCK_HOST);
 }
 }
 
-- 
1.7.9.5

[Qemu-devel] [RFC] [PATCHv8 12/30] aio / timers: aio_ctx_prepare sets timeout from AioContext timers

[Alex Bligh]

Calculate the timeout in aio_ctx_prepare taking into account
the timers attached to the AioContext.

Alter aio_ctx_check similarly.

Signed-off-by: Alex Bligh 
---
 async.c |   13 +++--
 1 file changed, 11 insertions(+), 2 deletions(-)

diff --git a/async.c b/async.c
index 2051921..dd27459 100644
--- a/async.c
+++ b/async.c
@@ -150,13 +150,14 @@ aio_ctx_prepare(GSource *source, gint*timeout)
 {
 AioContext *ctx = (AioContext *) source;
 QEMUBH *bh;
+int deadline;
 
 for (bh = ctx->first_bh; bh; bh = bh->next) {
 if (!bh->deleted && bh->scheduled) {
 if (bh->idle) {
 /* idle bottom halves will be polled at least
  * every 10ms */
-*timeout = 10;
+*timeout = qemu_soonest_timeout(*timeout, 10);
 } else {
 /* non-idle bottom halves will be executed
  * immediately */
@@ -166,6 +167,14 @@ aio_ctx_prepare(GSource *source, gint*timeout)
 }
 }
 
+deadline = qemu_timeout_ns_to_ms(timerlistgroup_deadline_ns(ctx->tlg));
+if (deadline == 0) {
+*timeout = 0;
+return true;
+} else {
+*timeout = qemu_soonest_timeout(*timeout, deadline);
+}
+
 return false;
 }
 
@@ -180,7 +189,7 @@ aio_ctx_check(GSource *source)
 return true;
}
 }
-return aio_pending(ctx);
+return aio_pending(ctx) || (timerlistgroup_deadline_ns(ctx->tlg) == 0);
 }
 
 static gboolean
-- 
1.7.9.5

[Qemu-devel] [RFC] [PATCHv8 05/30] aio / timers: Add prctl(PR_SET_TIMERSLACK, 1, ...) to reduce timer slack

[Alex Bligh]

Where supported, called prctl(PR_SET_TIMERSLACK, 1, ...) to
set one nanosecond timer slack to increase precision of timer
calls.

Signed-off-by: Alex Bligh 
---
 qemu-timer.c |7 +++
 1 file changed, 7 insertions(+)

diff --git a/qemu-timer.c b/qemu-timer.c
index 5e81935..9eb6db8 100644
--- a/qemu-timer.c
+++ b/qemu-timer.c
@@ -41,6 +41,10 @@
 #include 
 #endif
 
+#ifdef CONFIG_PRCTL_PR_SET_TIMERSLACK
+#include 
+#endif
+
 /***/
 /* timers */
 
@@ -507,6 +511,9 @@ void init_clocks(void)
 vm_clock = qemu_clock_new(QEMU_CLOCK_VIRTUAL);
 host_clock = qemu_clock_new(QEMU_CLOCK_HOST);
 }
+#ifdef CONFIG_PRCTL_PR_SET_TIMERSLACK
+prctl(PR_SET_TIMERSLACK, 1, 0, 0, 0);
+#endif
 }
 
 uint64_t qemu_timer_expire_time_ns(QEMUTimer *ts)
-- 
1.7.9.5

Re: [Qemu-devel] [PATCH v2] Fix query-migrate documentation in qmp-commands.hx

[Michael R. Hines]

On 08/08/2013 02:41 PM, Eric Blake wrote:

On 08/08/2013 11:05 AM, Orit Wasserman wrote:

"ram" is present also when migration completes.
expected-downtime, total-time and downtime are no longer part of "ram" data.

Signed-off-by: Orit Wasserman 
---
  qmp-commands.hx | 20 ++--
  1 file changed, 10 insertions(+), 10 deletions(-)

Reviewed-by: Eric Blake 

Although this points out that Michael's patch that added 'setup-time' in
commit ed4fbd1 is missing the corresponding documentation here (my bad
for not catching that while reviewing his patch).



Ooops. Will get a patch for that into my tree and submit it in my next 
series.


- Michael

Re: [Qemu-devel] -cpu host (was Re: KVM call minutes for 2013-08-06)

[Peter Maydell]

On 8 August 2013 21:57, Christoffer Dall  wrote:
> I'm fine with having a discovery mechanism for the GIC and not for the
> CPU, if there's an implicit discovery mechanism for the CPU.  But are
> we sure there will not be cases where we want to know the list of
> available CPUs that the kernel can actually emulate on this host as
> opposed to "just use the best one".

I guess "telling the user in advance whether enabling kvm is
going to work" (either via -help output or via monitor to
tell libvirt about it) might want that, and for that matter
maybe kvmtool might want to present a list of available CPUs.

(I probably wouldn't implement the 'say if it's going to
work in -help' bit immediately though because QEMU's internal
structure makes it a little awkward. But if we might want
it it's probably better for the kernel API to be there
from the start.)

-- PMM

[Qemu-devel] [Bug 1210212] [NEW] qemu core dumps with -serial mon:vc

[David Mazieres]

Public bug reported:

qemu 1.5.2-1 dumps core when asked to put the monitor on a virtual
console.  For example, suppose you want to monitor the second serial
port, you might try something like:

qemu-system-x86_64 -serial null -serial mon:vc

But that creates a core dump.  In fact, even re-creating what should be
the default dumps core:

$ qemu-system-x86_64 -serial mon:vc:80Cx25C
Segmentation fault (core dumped)

I'm not including a backtrace because the bug is so easy to reproduce,
but I can provide more info if necessary.

** Affects: qemu
 Importance: Undecided
 Status: New

-- 
You received this bug notification because you are a member of qemu-
devel-ml, which is subscribed to QEMU.
https://bugs.launchpad.net/bugs/1210212

Title:
  qemu core dumps with -serial mon:vc

Status in QEMU:
  New

Bug description:
  qemu 1.5.2-1 dumps core when asked to put the monitor on a virtual
  console.  For example, suppose you want to monitor the second serial
  port, you might try something like:

  qemu-system-x86_64 -serial null -serial mon:vc

  But that creates a core dump.  In fact, even re-creating what should
  be the default dumps core:

  $ qemu-system-x86_64 -serial mon:vc:80Cx25C
  Segmentation fault (core dumped)

  I'm not including a backtrace because the bug is so easy to reproduce,
  but I can provide more info if necessary.

To manage notifications about this bug go to:
https://bugs.launchpad.net/qemu/+bug/1210212/+subscriptions

Re: [Qemu-devel] [PATCH] tcg/mips: fix invalid op definition errors

[Aurelien Jarno]

On Thu, Aug 08, 2013 at 03:40:23PM +0100, James Hogan wrote:
> tcg/mips/tcg-target.h defines various operations conditionally depending
> upon the isa revision, however these operations are included in
> mips_op_defs[] unconditionally resulting in the following runtime errors
> if CONFIG_DEBUG_TCG is defined:
> 
> Invalid op definition for movcond_i32
> Invalid op definition for rotl_i32
> Invalid op definition for rotr_i32
> Invalid op definition for deposit_i32
> Invalid op definition for bswap16_i32
> Invalid op definition for bswap32_i32
> tcg/tcg.c:1196: tcg fatal error
> 
> Fix with ifdefs like the i386 backend does for movcond_i32.
> 
> Signed-off-by: James Hogan 
> Cc: Aurelien Jarno 
> Cc: Richard Henderson 
> ---
>  tcg/mips/tcg-target.c | 10 ++
>  1 file changed, 10 insertions(+)
> 
> diff --git a/tcg/mips/tcg-target.c b/tcg/mips/tcg-target.c
> index 373c364..793532e 100644
> --- a/tcg/mips/tcg-target.c
> +++ b/tcg/mips/tcg-target.c
> @@ -1617,19 +1617,29 @@ static const TCGTargetOpDef mips_op_defs[] = {
>  { INDEX_op_shl_i32, { "r", "rZ", "ri" } },
>  { INDEX_op_shr_i32, { "r", "rZ", "ri" } },
>  { INDEX_op_sar_i32, { "r", "rZ", "ri" } },
> +#if TCG_TARGET_HAS_rot_i32
>  { INDEX_op_rotr_i32, { "r", "rZ", "ri" } },
>  { INDEX_op_rotl_i32, { "r", "rZ", "ri" } },
> +#endif
>  
> +#if TCG_TARGET_HAS_bswap16_i32
>  { INDEX_op_bswap16_i32, { "r", "r" } },
> +#endif
> +#if TCG_TARGET_HAS_bswap32_i32
>  { INDEX_op_bswap32_i32, { "r", "r" } },
> +#endif
>  
>  { INDEX_op_ext8s_i32, { "r", "rZ" } },
>  { INDEX_op_ext16s_i32, { "r", "rZ" } },
>  
> +#if TCG_TARGET_HAS_deposit_i32
>  { INDEX_op_deposit_i32, { "r", "0", "rZ" } },
> +#endif
>  
>  { INDEX_op_brcond_i32, { "rZ", "rZ" } },
> +#if TCG_TARGET_HAS_movcond_i32
>  { INDEX_op_movcond_i32, { "r", "rZ", "rZ", "rZ", "0" } },
> +#endif
>  { INDEX_op_setcond_i32, { "r", "rZ", "rZ" } },
>  { INDEX_op_setcond2_i32, { "r", "rZ", "rZ", "rZ", "rZ" } },
>  

Thanks, applied.

-- 
Aurelien Jarno  GPG: 1024D/F1BCDB73
aurel...@aurel32.net http://www.aurel32.net

Re: [Qemu-devel] [PATCH v2 for-1.6] mips: revert commit b332d24a8e1290954029814d09156b06ede358e2

[Aurelien Jarno]

On Tue, Aug 06, 2013 at 01:35:12PM +0200, Andreas Färber wrote:
> Am 06.08.2013 13:08, schrieb Aurelien Jarno:
> > Now that this code path is not triggered anymore during the tests,
> > revert commit b332d24a8e1290954029814d09156b06ede358e2. Booting a MIPS
> > target without kernel nor bios doesn't really make sense. At the same
> > time replace fprintf(stderr, ...) by error_report().
> > 
> > Signed-off-by: Aurelien Jarno 
> > ---
> >  hw/mips/mips_fulong2e.c |4 +++-
> >  hw/mips/mips_jazz.c |5 +++--
> >  hw/mips/mips_malta.c|7 ---
> >  hw/mips/mips_mipssim.c  |7 ---
> >  4 files changed, 14 insertions(+), 9 deletions(-)
> > 
> > v1 -> v2: replace fprintf(stderr, ...) by error_report()
> 
> If you drop the two remaining \n then feel free to commit with my
> Reviewed-by.
> 

Thanks for the review, I have just applied it with the mentioned
changes.


-- 
Aurelien Jarno  GPG: 1024D/F1BCDB73
aurel...@aurel32.net http://www.aurel32.net

Re: [Qemu-devel] [PATCH v1 1/5] util: introduce gsource event abstraction

[Michael Roth]

Quoting Michael Roth (2013-08-08 16:03:30)
> Quoting Liu Ping Fan (2013-08-08 01:26:07)
> > Introduce struct EventsGSource. It will ease the usage of GSource
> > associated with a group of files, which are dynamically allocated
> > and release, ex, slirp.
> > 
> > Signed-off-by: Liu Ping Fan 
> > ---
> >  util/Makefile.objs   |  1 +
> >  util/event_gsource.c | 94 
> > 
> >  util/event_gsource.h | 37 +
> >  3 files changed, 132 insertions(+)
> >  create mode 100644 util/event_gsource.c
> >  create mode 100644 util/event_gsource.h
> > 
> > diff --git a/util/Makefile.objs b/util/Makefile.objs
> > index dc72ab0..eec55bd 100644
> > --- a/util/Makefile.objs
> > +++ b/util/Makefile.objs
> > @@ -11,3 +11,4 @@ util-obj-y += iov.o aes.o qemu-config.o qemu-sockets.o 
> > uri.o notify.o
> >  util-obj-y += qemu-option.o qemu-progress.o
> >  util-obj-y += hexdump.o
> >  util-obj-y += crc32c.o
> > +util-obj-y += event_gsource.o
> > diff --git a/util/event_gsource.c b/util/event_gsource.c
> > new file mode 100644
> > index 000..4b9fa89
> > --- /dev/null
> > +++ b/util/event_gsource.c
> > @@ -0,0 +1,94 @@
> > +/*
> > + *  Copyright (C) 2013 IBM
> > + *
> > + *  This program is free software; you can redistribute it and/or modify
> > + *  it under the terms of the GNU General Public License as published by
> > + *  the Free Software Foundation; under version 2 of the License.
> > + *
> > + *  This program is distributed in the hope that it will be useful,
> > + *  but WITHOUT ANY WARRANTY; without even the implied warranty of
> > + *  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
> > + *  GNU General Public License for more details.
> > + *
> > + *  You should have received a copy of the GNU General Public License
> > + *  along with this program; if not, see .
> > + */
> > +
> > +#include "event_gsource.h"
> > +#include "qemu/bitops.h"
> > +
> > +GPollFD *events_source_add_pollfd(EventsGSource *src, int fd)
> > +{
> > +GPollFD *retfd;
> > +
> > +retfd = g_slice_alloc(sizeof(GPollFD));
> > +retfd->events = 0;
> > +retfd->fd = fd;
> > +src->pollfds_list = g_list_append(src->pollfds_list, retfd);
> 
> I think moving to a GSource to simplify our mainloop implementation is
> worthwhile even if we still rely on the global mutex and don't initially
> support running those GSources outside the main iothread. But since being
> able to eventually offload NetClient backends to seperate events loops to
> support things like virtio-net dataplane is (I assume) still one of the
> eventual goals, we should consider how to deal with concurrent
> access to EventsGSource members.
> 
> For instance, In the case of slirp your dispatch callback may modify
> src->pollfds_lists via
> slirp_handler->tcp_input->socreate->events_source_add_pollfd(), while
> another thread attempts to call socreate() via something like
> net_slirp_hostfwd_add from the monitor (that's being driven by a separate
> main loop).
> 
> So events_source_add_pollfd() and the various prepare/check/dispatch
> functions should take a lock on pollfds_lists.
> 
> Dispatch is tricky though, since dispatch() invoke callbacks that may in
> turn try to call events_source_add_pollfd(), as is the case above, in which
> case you can deadlock.
> 
> I've been looking at the situation with regard to moving
> qemu_set_fd_handler* to a GSource.
> 
> GLib has to deal with the same issue with regard to calls to
> g_source_attach() while it's iterating through it's list of GSources. It
> uses the GMainContext lock protect that list, and actually doesn't disallow
> use of functions like g_source_attach() within a dispatch function. In
> g_main_context_dispatch(), to work around the potential deadlock issue, it
> actually builds up a separate list of dispatch cb functions and callback data,
> then drops the GMainContext lock before iterating through that list and
> calling the dispatch cb functions for all the GSources that fired.
> This new list it builds up is safe from concurrent modification since
> only the main loop thread can access it.
> 
> AFAIK there's 3 ways to deal with this type of concurrency:
> 
> a) Move to a 1-to-1 mapping between GPollFDs and EventGSources: we can then
>let GLib handle managing our list of GPollFDs for us. We may still need a
>mutex for other members of EventsGSource, but that lock can be taken from
>within our prepare/check/dispatch functions and held for the duration of
>the calls without any strange deadlock issues.

I take that back, would still need to drop EventsGSource mutex, in
EventsGSource->dispatch prior calling the dispatch cb, but this is trivial
unless the dispatch cb or associated user_data can be modified, which isn't
the case with this interface.

Re: [Qemu-devel] [PATCH v1 1/5] util: introduce gsource event abstraction

[Michael Roth]

Quoting Liu Ping Fan (2013-08-08 01:26:07)
> Introduce struct EventsGSource. It will ease the usage of GSource
> associated with a group of files, which are dynamically allocated
> and release, ex, slirp.
> 
> Signed-off-by: Liu Ping Fan 
> ---
>  util/Makefile.objs   |  1 +
>  util/event_gsource.c | 94 
> 
>  util/event_gsource.h | 37 +
>  3 files changed, 132 insertions(+)
>  create mode 100644 util/event_gsource.c
>  create mode 100644 util/event_gsource.h
> 
> diff --git a/util/Makefile.objs b/util/Makefile.objs
> index dc72ab0..eec55bd 100644
> --- a/util/Makefile.objs
> +++ b/util/Makefile.objs
> @@ -11,3 +11,4 @@ util-obj-y += iov.o aes.o qemu-config.o qemu-sockets.o 
> uri.o notify.o
>  util-obj-y += qemu-option.o qemu-progress.o
>  util-obj-y += hexdump.o
>  util-obj-y += crc32c.o
> +util-obj-y += event_gsource.o
> diff --git a/util/event_gsource.c b/util/event_gsource.c
> new file mode 100644
> index 000..4b9fa89
> --- /dev/null
> +++ b/util/event_gsource.c
> @@ -0,0 +1,94 @@
> +/*
> + *  Copyright (C) 2013 IBM
> + *
> + *  This program is free software; you can redistribute it and/or modify
> + *  it under the terms of the GNU General Public License as published by
> + *  the Free Software Foundation; under version 2 of the License.
> + *
> + *  This program is distributed in the hope that it will be useful,
> + *  but WITHOUT ANY WARRANTY; without even the implied warranty of
> + *  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
> + *  GNU General Public License for more details.
> + *
> + *  You should have received a copy of the GNU General Public License
> + *  along with this program; if not, see .
> + */
> +
> +#include "event_gsource.h"
> +#include "qemu/bitops.h"
> +
> +GPollFD *events_source_add_pollfd(EventsGSource *src, int fd)
> +{
> +GPollFD *retfd;
> +
> +retfd = g_slice_alloc(sizeof(GPollFD));
> +retfd->events = 0;
> +retfd->fd = fd;
> +src->pollfds_list = g_list_append(src->pollfds_list, retfd);

I think moving to a GSource to simplify our mainloop implementation is
worthwhile even if we still rely on the global mutex and don't initially
support running those GSources outside the main iothread. But since being
able to eventually offload NetClient backends to seperate events loops to
support things like virtio-net dataplane is (I assume) still one of the
eventual goals, we should consider how to deal with concurrent
access to EventsGSource members.

For instance, In the case of slirp your dispatch callback may modify
src->pollfds_lists via
slirp_handler->tcp_input->socreate->events_source_add_pollfd(), while
another thread attempts to call socreate() via something like
net_slirp_hostfwd_add from the monitor (that's being driven by a separate
main loop).

So events_source_add_pollfd() and the various prepare/check/dispatch
functions should take a lock on pollfds_lists.

Dispatch is tricky though, since dispatch() invoke callbacks that may in
turn try to call events_source_add_pollfd(), as is the case above, in which
case you can deadlock.

I've been looking at the situation with regard to moving
qemu_set_fd_handler* to a GSource.

GLib has to deal with the same issue with regard to calls to
g_source_attach() while it's iterating through it's list of GSources. It
uses the GMainContext lock protect that list, and actually doesn't disallow
use of functions like g_source_attach() within a dispatch function. In
g_main_context_dispatch(), to work around the potential deadlock issue, it
actually builds up a separate list of dispatch cb functions and callback data,
then drops the GMainContext lock before iterating through that list and
calling the dispatch cb functions for all the GSources that fired.
This new list it builds up is safe from concurrent modification since
only the main loop thread can access it.

AFAIK there's 3 ways to deal with this type of concurrency:

a) Move to a 1-to-1 mapping between GPollFDs and EventGSources: we can then
   let GLib handle managing our list of GPollFDs for us. We may still need a
   mutex for other members of EventsGSource, but that lock can be taken from
   within our prepare/check/dispatch functions and held for the duration of
   the calls without any strange deadlock issues.

   The major downside here is potentially performance. Currently we do an
   O(n) lookup for stuff like qemu_set_fd_handler, where n is the number of
   IOHandlers. If we move to 1-to-1 fd-to-GSource mapping, it's O(m), where
   m is all GSources attached to the GMainContext. I'm not sure what the
   performance penalty would be, but it will get worse as the number of
   GSources increases. Not sure if this penalty is applicable for slirp,
   as it doesn't seem like we need to do any sort of per-socket/fd lookup,
   since we have a direct pointer to the GPollFD (if you take the approach
   I mentioned above where you pass a GPollFD* t

Re: [Qemu-devel] -cpu host (was Re: KVM call minutes for 2013-08-06)

[Christoffer Dall]

On Thu, Aug 08, 2013 at 09:48:23PM +0100, Peter Maydell wrote:
> On 8 August 2013 20:29, Christoffer Dall  wrote:
> > On Thu, Aug 08, 2013 at 08:05:11PM +0100, Peter Maydell wrote:
> >> On 8 August 2013 19:39, Christoffer Dall  
> >> wrote:
> >> > FWIW, from the kernel point of view I'd much prefer to return "this is
> >> > the type of VCPU that I prefer to emulate" to user space on this current
> >> > host than having QEMU come up with its own suggestion for CPU and asking
> >> > the kernel for it.  The reason is that it gives us slightly more freedom
> >> > in how we choose to support a given host SoC in that we can say that we
> >> > at least support core A on core B, so if user space can deal with a
> >> > virtual core A, we should be good.
> >>
> >> Hmm, I'm not sure how useful a "query support" kind of API would
> >> be to QEMU. QEMU is basically going to have two use cases:
> >> (1) "I want an A15" [ie -cpu cortex-a15]
> >> (2) "give me whatever you have and I'll cope" [ie -cpu host]
> >>
> >> so my thought was that we could just have the kernel support
> >> init.target = KVM_ARM_TARGET_HOST;
> >> memset(init.features, 0, sizeof(init.features));
> >> ret = kvm_vcpu_ioctl(cs, KVM_ARM_VCPU_INIT, &init);
> >>
> >> (in the same way we currently ask for KVM_ARM_TARGET_CORTEX_A15).
> >>
> >> I guess we could have a "return preferred target value"
> >> VM ioctl, but it seems a bit pointless given that the
> >> only thing userspace is going to do with the return
> >> value is immediately feed it back to the kernel...
> >>
> > My thinking was that the result of cpu = KVM_ARM_TARGET_HOST would be
> > the same as x = kvm_get_target_host(), cpu = x, but at the same time
> > letting QEMU know what it's dealing with.  Perhaps QEMU doesn't need
> > this for emulation, but isn't it useful for
> > save/restore/migration/debugging scenarios?
> 
> For migration we don't care because we just send everything
> over the wire and let the receiving kernel decide (where
> it will presumably reject if the MIDR value doesn't match).
> 
> There are some cases where we want to know what kind of CPU
> we actually got, though the only one I could think of was if
> we're constructing a device tree for mach-virt, what do we put
> in the cpu node's "compatible" property? (what does the kernel
> do with that anyway?) I had planned to key that off the MIDR
> value, though. (As an aside, if there was a way to get the
> actual 'compatible' string from the host kernel rather than
> having to maintain a table of KVM_ARM_TARGET_* and/or MIDR
> to compatible-string values that would be neat.)
> 

ok, fair enough, as long as you can get what you need from the MIDR then
you're good I guess.

> > So, if you just use the KVM_ARM_TARGET_HOST value, do you expect the
> > kernel to just set the base address of the GIC interface, or?
> 
> So in this view of the world, we keep the GIC separate from
> the CPU itself (which allows things like "give me an A57
> vcpu but actually it's got a GICv2 because that's all the
> host hardware/kernel can do"). The GIC base address is then
> a property of the board model we're running rather than of
> the CPU (and for mach-virt we just set it to something
> convenient). This would be done via the new-style irqchip
> creation/config API rather than what we have in tree today.
> Presumably we could have a similar thing for the irqchip
> of "tell me what kind of irqchip you can instantiate and/or
> give me what you've got". I guess here we do need a way to
> find out what the kernel can do since (a) the kernel might
> be able to accelerate both GICv2 and v3 with no inherent
> preference and (b) there's no handy GIC-version-register
> like the MIDR we can use to track what we got. That might
> argue for a similar approach for the CPU proper, by analogy.

I'm fine with having a discovery mechanism for the GIC and not for the
CPU, if there's an implicit discovery mechanism for the CPU.  But are
we sure there will not be cases where we want to know the list of
available CPUs that the kernel can actually emulate on this host as
opposed to "just use the best one".  Maybe that's only relevant for the
"give me an A15 case" and then you can just do trial-and-error, perhaps.

-Christoffer

Re: [Qemu-devel] -cpu host (was Re: KVM call minutes for 2013-08-06)

[Peter Maydell]

On 8 August 2013 20:29, Christoffer Dall  wrote:
> On Thu, Aug 08, 2013 at 08:05:11PM +0100, Peter Maydell wrote:
>> On 8 August 2013 19:39, Christoffer Dall  wrote:
>> > FWIW, from the kernel point of view I'd much prefer to return "this is
>> > the type of VCPU that I prefer to emulate" to user space on this current
>> > host than having QEMU come up with its own suggestion for CPU and asking
>> > the kernel for it.  The reason is that it gives us slightly more freedom
>> > in how we choose to support a given host SoC in that we can say that we
>> > at least support core A on core B, so if user space can deal with a
>> > virtual core A, we should be good.
>>
>> Hmm, I'm not sure how useful a "query support" kind of API would
>> be to QEMU. QEMU is basically going to have two use cases:
>> (1) "I want an A15" [ie -cpu cortex-a15]
>> (2) "give me whatever you have and I'll cope" [ie -cpu host]
>>
>> so my thought was that we could just have the kernel support
>> init.target = KVM_ARM_TARGET_HOST;
>> memset(init.features, 0, sizeof(init.features));
>> ret = kvm_vcpu_ioctl(cs, KVM_ARM_VCPU_INIT, &init);
>>
>> (in the same way we currently ask for KVM_ARM_TARGET_CORTEX_A15).
>>
>> I guess we could have a "return preferred target value"
>> VM ioctl, but it seems a bit pointless given that the
>> only thing userspace is going to do with the return
>> value is immediately feed it back to the kernel...
>>
> My thinking was that the result of cpu = KVM_ARM_TARGET_HOST would be
> the same as x = kvm_get_target_host(), cpu = x, but at the same time
> letting QEMU know what it's dealing with.  Perhaps QEMU doesn't need
> this for emulation, but isn't it useful for
> save/restore/migration/debugging scenarios?

For migration we don't care because we just send everything
over the wire and let the receiving kernel decide (where
it will presumably reject if the MIDR value doesn't match).

There are some cases where we want to know what kind of CPU
we actually got, though the only one I could think of was if
we're constructing a device tree for mach-virt, what do we put
in the cpu node's "compatible" property? (what does the kernel
do with that anyway?) I had planned to key that off the MIDR
value, though. (As an aside, if there was a way to get the
actual 'compatible' string from the host kernel rather than
having to maintain a table of KVM_ARM_TARGET_* and/or MIDR
to compatible-string values that would be neat.)

> So, if you just use the KVM_ARM_TARGET_HOST value, do you expect the
> kernel to just set the base address of the GIC interface, or?

So in this view of the world, we keep the GIC separate from
the CPU itself (which allows things like "give me an A57
vcpu but actually it's got a GICv2 because that's all the
host hardware/kernel can do"). The GIC base address is then
a property of the board model we're running rather than of
the CPU (and for mach-virt we just set it to something
convenient). This would be done via the new-style irqchip
creation/config API rather than what we have in tree today.
Presumably we could have a similar thing for the irqchip
of "tell me what kind of irqchip you can instantiate and/or
give me what you've got". I guess here we do need a way to
find out what the kernel can do since (a) the kernel might
be able to accelerate both GICv2 and v3 with no inherent
preference and (b) there's no handy GIC-version-register
like the MIDR we can use to track what we got. That might
argue for a similar approach for the CPU proper, by analogy.

-- PMM

Re: [Qemu-devel] -cpu host (was Re: KVM call minutes for 2013-08-06)

[Christoffer Dall]

On Thu, Aug 08, 2013 at 08:05:11PM +0100, Peter Maydell wrote:
> On 8 August 2013 19:39, Christoffer Dall  wrote:
> > FWIW, from the kernel point of view I'd much prefer to return "this is
> > the type of VCPU that I prefer to emulate" to user space on this current
> > host than having QEMU come up with its own suggestion for CPU and asking
> > the kernel for it.  The reason is that it gives us slightly more freedom
> > in how we choose to support a given host SoC in that we can say that we
> > at least support core A on core B, so if user space can deal with a
> > virtual core A, we should be good.
> 
> Hmm, I'm not sure how useful a "query support" kind of API would
> be to QEMU. QEMU is basically going to have two use cases:
> (1) "I want an A15" [ie -cpu cortex-a15]
> (2) "give me whatever you have and I'll cope" [ie -cpu host]
> 
> so my thought was that we could just have the kernel support
> init.target = KVM_ARM_TARGET_HOST;
> memset(init.features, 0, sizeof(init.features));
> ret = kvm_vcpu_ioctl(cs, KVM_ARM_VCPU_INIT, &init);
> 
> (in the same way we currently ask for KVM_ARM_TARGET_CORTEX_A15).
> 
> I guess we could have a "return preferred target value"
> VM ioctl, but it seems a bit pointless given that the
> only thing userspace is going to do with the return
> value is immediately feed it back to the kernel...
> 
My thinking was that the result of cpu = KVM_ARM_TARGET_HOST would be
the same as x = kvm_get_target_host(), cpu = x, but at the same time
letting QEMU know what it's dealing with.  Perhaps QEMU doesn't need
this for emulation, but isn't it useful for
save/restore/migration/debugging scenarios?

So, if you just use the KVM_ARM_TARGET_HOST value, do you expect the
kernel to just set the base address of the GIC interface, or?

-Christoffer

Re: [Qemu-devel] -cpu host (was Re: KVM call minutes for 2013-08-06)

[Peter Maydell]

On 8 August 2013 19:39, Christoffer Dall  wrote:
> FWIW, from the kernel point of view I'd much prefer to return "this is
> the type of VCPU that I prefer to emulate" to user space on this current
> host than having QEMU come up with its own suggestion for CPU and asking
> the kernel for it.  The reason is that it gives us slightly more freedom
> in how we choose to support a given host SoC in that we can say that we
> at least support core A on core B, so if user space can deal with a
> virtual core A, we should be good.

Hmm, I'm not sure how useful a "query support" kind of API would
be to QEMU. QEMU is basically going to have two use cases:
(1) "I want an A15" [ie -cpu cortex-a15]
(2) "give me whatever you have and I'll cope" [ie -cpu host]

so my thought was that we could just have the kernel support
init.target = KVM_ARM_TARGET_HOST;
memset(init.features, 0, sizeof(init.features));
ret = kvm_vcpu_ioctl(cs, KVM_ARM_VCPU_INIT, &init);

(in the same way we currently ask for KVM_ARM_TARGET_CORTEX_A15).

I guess we could have a "return preferred target value"
VM ioctl, but it seems a bit pointless given that the
only thing userspace is going to do with the return
value is immediately feed it back to the kernel...

-- PMM

Re: [Qemu-devel] [PATCH v2] Fix query-migrate documentation in qmp-commands.hx

[Eric Blake]

On 08/08/2013 11:05 AM, Orit Wasserman wrote:
> "ram" is present also when migration completes.
> expected-downtime, total-time and downtime are no longer part of "ram" data.
> 
> Signed-off-by: Orit Wasserman 
> ---
>  qmp-commands.hx | 20 ++--
>  1 file changed, 10 insertions(+), 10 deletions(-)

Reviewed-by: Eric Blake 

Although this points out that Michael's patch that added 'setup-time' in
commit ed4fbd1 is missing the corresponding documentation here (my bad
for not catching that while reviewing his patch).

-- 
Eric Blake   eblake redhat com+1-919-301-3266
Libvirt virtualization library http://libvirt.org



signature.asc
Description: OpenPGP digital signature

Re: [Qemu-devel] -cpu host (was Re: KVM call minutes for 2013-08-06)

[Christoffer Dall]

On Thu, Aug 08, 2013 at 07:20:41PM +0100, Peter Maydell wrote:
> On 8 August 2013 16:55, Andreas Färber  wrote:
> > Am 08.08.2013 14:51, schrieb Peter Maydell:
> >> So, coming at this from an ARM perspective:
> >> Should any target arch that supports KVM also support "-cpu host"?
> >> If so, what should it do?
> >
> > I think that depends on the target and whether/what is useful.
> 
> The most immediate problem we have is we don't want to have
> to give QEMU a lot of info about v8 CPUs which it doesn't
> really need to have just in order to start a VM; I think
> -cpu host would fix that particular problem.
> 
> >> Is there a description somewhere of
> >> what the x86 and PPC semantics of -cpu host are?
> >
> > I'm afraid our usual documentation will be reading the source code. ;)
> >
> > x86 was first to implement -cpu host and passed through pretty much all
> > host features even if they would not work without additional support
> > code. I've seen a bunch of bugs where that leads to GMP and others
> > breaking badly. Lately in the case of PMU we've started to limit that.
> > Alex proposed -cpu best, which was never merged to date. It was similar
> > to how ppc's -cpu host works:
> >
> > ppc matches the Processor Version Register (PVR) in kvm.c against its
> > known models from cpu-models.c (strictly today, mask being discussed).
> > The PVR can be read from userspace via mfpvr alias to mfspr (Move From
> > Special Purpose Register; possibly emulated for userspace by kernel?).
> > CPU features are all QEMU-driven AFAIU, through the "CPU families" in
> > translate_init.c. Beware, everything is highly macro'fied in ppc code.
> 
> In theory we could do a similar thing for ARM (pull the CPU
> implementer/part numbers out of cpuinfo and match them against
> QEMU's list of known CPUs). However that means you can't run
> KVM on a CPU which QEMU doesn't know about, which was one
> of the reasons for the approach I suggested below.
> 
> >> For ARM you can't get at feature info of the host from userspace
> >> (unless you want to get into parsing /proc/cpuinfo), so my current
> >> idea is to have KVM_ARM_VCPU_INIT support a target-cpu-type
> >> which means "whatever host CPU is". Then when we've created the
> >> vcpu we can populate QEMU's idea of what the CPU features are
> >> by using the existing ioctls for reading the cp15 registers of
> >> the vcpu.
> >
> > Sounds sane to me iff those cp15 registers all work with KVM and don't
> > need any additional KVM/QEMU/device code.
> 
> Yes; KVM won't tell us about CP15 registers unless they
> are exposed to the guest VM (that is, we're querying the
> VCPU, not the host CPU). More generally, the cp15 "tuple
> list" code I landed a couple of months back makes the kernel
> the authoritative source for which cp15 registers exist and
> what their values are -- in -enable-kvm mode QEMU no longer
> cares about them (its own list of which registers exist for
> which CPU is used only for TCG).
> 
FWIW, from the kernel point of view I'd much prefer to return "this is
the type of VCPU that I prefer to emulate" to user space on this current
host than having QEMU come up with its own suggestion for CPU and asking
the kernel for it.  The reason is that it gives us slightly more freedom
in how we choose to support a given host SoC in that we can say that we
at least support core A on core B, so if user space can deal with a
virtual core A, we should be good.

-Christoffer

Re: [Qemu-devel] -cpu host (was Re: KVM call minutes for 2013-08-06)

[Peter Maydell]

On 8 August 2013 16:55, Andreas Färber  wrote:
> Am 08.08.2013 14:51, schrieb Peter Maydell:
>> So, coming at this from an ARM perspective:
>> Should any target arch that supports KVM also support "-cpu host"?
>> If so, what should it do?
>
> I think that depends on the target and whether/what is useful.

The most immediate problem we have is we don't want to have
to give QEMU a lot of info about v8 CPUs which it doesn't
really need to have just in order to start a VM; I think
-cpu host would fix that particular problem.

>> Is there a description somewhere of
>> what the x86 and PPC semantics of -cpu host are?
>
> I'm afraid our usual documentation will be reading the source code. ;)
>
> x86 was first to implement -cpu host and passed through pretty much all
> host features even if they would not work without additional support
> code. I've seen a bunch of bugs where that leads to GMP and others
> breaking badly. Lately in the case of PMU we've started to limit that.
> Alex proposed -cpu best, which was never merged to date. It was similar
> to how ppc's -cpu host works:
>
> ppc matches the Processor Version Register (PVR) in kvm.c against its
> known models from cpu-models.c (strictly today, mask being discussed).
> The PVR can be read from userspace via mfpvr alias to mfspr (Move From
> Special Purpose Register; possibly emulated for userspace by kernel?).
> CPU features are all QEMU-driven AFAIU, through the "CPU families" in
> translate_init.c. Beware, everything is highly macro'fied in ppc code.

In theory we could do a similar thing for ARM (pull the CPU
implementer/part numbers out of cpuinfo and match them against
QEMU's list of known CPUs). However that means you can't run
KVM on a CPU which QEMU doesn't know about, which was one
of the reasons for the approach I suggested below.

>> For ARM you can't get at feature info of the host from userspace
>> (unless you want to get into parsing /proc/cpuinfo), so my current
>> idea is to have KVM_ARM_VCPU_INIT support a target-cpu-type
>> which means "whatever host CPU is". Then when we've created the
>> vcpu we can populate QEMU's idea of what the CPU features are
>> by using the existing ioctls for reading the cp15 registers of
>> the vcpu.
>
> Sounds sane to me iff those cp15 registers all work with KVM and don't
> need any additional KVM/QEMU/device code.

Yes; KVM won't tell us about CP15 registers unless they
are exposed to the guest VM (that is, we're querying the
VCPU, not the host CPU). More generally, the cp15 "tuple
list" code I landed a couple of months back makes the kernel
the authoritative source for which cp15 registers exist and
what their values are -- in -enable-kvm mode QEMU no longer
cares about them (its own list of which registers exist for
which CPU is used only for TCG).

>> The other unresolved thing is what "-cpu host" ought to mean
>> for the CPU's on-chip peripherals (of which the major one is
>> the interrupt controller) -- if the host is an A57 should
>> this imply that you always get the A57's GICv3, or is it OK
>> to provide an A57 with a GICv2? At the moment QEMU models the
>> per-cpu peripherals in a somewhat more semi-detached fashion
>> than is the case in silicon, treating them as more a part
>> of the board model than of the cpu itself.
>
> Feel free to submit patches changing that. Prerequisite should
> then be to have those devices be pure TYPE_DEVICE rather than
> TYPE_SYS_BUS_DEVICE, or otherwise you'll run into the same
> hot-plug trap as we did with the x86 APIC (we had to invent a
> hotpluggable ICC bus as interim solution).

Mmm. I'm not sure what cpu hotplug should be in the ARM world
since obviously you can't hotplug a SoC (one possibility is
that we don't actually hotplug CPUs, we just create N of them
but leave most of them "powered off" via a power-control API
like PSCI).

>> Having '-cpu host'
>> not affect them might be the pragmatic choice, since it fits
>> with what QEMU currently does and with kernel-side situations
>> where the host CPU may only be able to show the guest VM a
>> GICv2 view of the world (or only a GICv3, as the case may be).
>> For this to work it does require that guests figure out what
>> their per-cpu peripherals are by looking at the device tree
>> rather than saying "oh, this is an A57, I know all A57s
>> have this", of course...
>
> Without directly answering the question and continuing from above, my
> personal view has been that we need to get away from the current CPU
> model to a) how hardware is structured and b) how we want to have things
> behave in virtualized environments.
>
> Take x86 as an example: CPUState corresponds to a hyperthread today, but
> we want hotplug to work like it does on a physical machine: hot-adding
> on socket-level only. Beyond just building the topology with Container
> objects, that means having a Xeon-X5-4242 object that has-a CPU core
> has-a CPU thread and any devices the particular layers bring along.
>
> For SoCs I have been proposing - 

[Qemu-devel] [PATCH v2 for 1.6] w32: Add missing version.o to all executables (fix regression)

[Stefan Weil]

QEMU executables for w32, w64 had included meta information built from
version.rc. These rules were changed several times some months ago.

The latest version added version.o to the tools, but not to the system
emulations.

This patch adds the meta information to all system emulations again.

Signed-off-by: Stefan Weil 
---

v2:

This is a minimal fix for QEMU 1.6 based on Paolo's suggestion.
It can be improved later.

Regards,
Stefan

 Makefile  |7 ++-
 Makefile.objs |5 +
 2 files changed, 7 insertions(+), 5 deletions(-)

diff --git a/Makefile b/Makefile
index 29f1043..4d257f1 100644
--- a/Makefile
+++ b/Makefile
@@ -167,11 +167,8 @@ recurse-all: $(SUBDIR_RULES) $(ROMSUBDIR_RULES)
 
 bt-host.o: QEMU_CFLAGS += $(BLUEZ_CFLAGS)
 
-version.o: $(SRC_PATH)/version.rc config-host.h | version.lo
-version.lo: $(SRC_PATH)/version.rc config-host.h
-
-version-obj-$(CONFIG_WIN32) += version.o
-version-lobj-$(CONFIG_WIN32) += version.lo
+$(BUILD_DIR)/version.o: $(SRC_PATH)/version.rc $(BUILD_DIR)/config-host.h | 
$(BUILD_DIR)/version.lo
+$(BUILD_DIR)/version.lo: $(SRC_PATH)/version.rc $(BUILD_DIR)/config-host.h
 
 Makefile: $(version-obj-y) $(version-lobj-y)
 
diff --git a/Makefile.objs b/Makefile.objs
index 9928542..f46a4cd 100644
--- a/Makefile.objs
+++ b/Makefile.objs
@@ -99,6 +99,11 @@ common-obj-y += qom/
 common-obj-y += disas/
 
 ##
+# Resource file for Windows executables
+version-obj-$(CONFIG_WIN32) += $(BUILD_DIR)/version.o
+version-lobj-$(CONFIG_WIN32) += $(BUILD_DIR)/version.lo
+
+##
 # guest agent
 
 # FIXME: a few definitions from qapi-types.o/qapi-visit.o are needed
-- 
1.7.10.4

[Qemu-devel] [PATCH v2] Fix query-migrate documentation in qmp-commands.hx

[Orit Wasserman]

"ram" is present also when migration completes.
expected-downtime, total-time and downtime are no longer part of "ram" data.

Signed-off-by: Orit Wasserman 
---
 qmp-commands.hx | 20 ++--
 1 file changed, 10 insertions(+), 10 deletions(-)

diff --git a/qmp-commands.hx b/qmp-commands.hx
index 2e59b0d..a22a841 100644
--- a/qmp-commands.hx
+++ b/qmp-commands.hx
@@ -2626,8 +2626,8 @@ The main json-object contains the following:
 - "expected-downtime": only present while migration is active
 total amount in ms for downtime that was calculated on
 the last bitmap round (json-int)
-- "ram": only present if "status" is "active", it is a json-object with the
-  following RAM information:
+- "ram": only present if "status" is "active" or "complete", it is a
+ json-object with the following RAM information:
  - "transferred": amount transferred in bytes (json-int)
  - "remaining": amount remaining to transfer in bytes (json-int)
  - "total": total amount of memory in bytes (json-int)
@@ -2669,12 +2669,12 @@ Examples:
 -> { "execute": "query-migrate" }
 <- { "return": {
 "status": "completed",
+"total-time":12345,
+"downtime":12345,
 "ram":{
   "transferred":123,
   "remaining":123,
   "total":246,
-  "total-time":12345,
-  "downtime":12345,
   "duplicate":123,
   "normal":123,
   "normal-bytes":123456
@@ -2693,12 +2693,12 @@ Examples:
 <- {
   "return":{
  "status":"active",
+ "total-time":12345,
+ "expected-downtime":12345,
  "ram":{
 "transferred":123,
 "remaining":123,
 "total":246,
-"total-time":12345,
-"expected-downtime":12345,
 "duplicate":123,
 "normal":123,
 "normal-bytes":123456
@@ -2712,12 +2712,12 @@ Examples:
 <- {
   "return":{
  "status":"active",
+ "total-time":12345,
+ "expected-downtime":12345,
  "ram":{
 "total":1057024,
 "remaining":1053304,
 "transferred":3720,
-"total-time":12345,
-"expected-downtime":12345,
 "duplicate":123,
 "normal":123,
 "normal-bytes":123456
@@ -2736,13 +2736,13 @@ Examples:
 <- {
   "return":{
  "status":"active",
+ "total-time":12345,
+ "expected-downtime":12345,
  "capabilities" : [ { "capability": "xbzrle", "state" : true } ],
  "ram":{
 "total":1057024,
 "remaining":1053304,
 "transferred":3720,
-"total-time":12345,
-"expected-downtime":12345,
 "duplicate":10,
 "normal":,
 "normal-bytes":3412992
-- 
1.8.1.4

Re: [Qemu-devel] [ceph-users] qemu-1.4.0 and onwards, linux kernel 3.2.x, ceph-RBD, heavy I/O leads to kernel_hung_tasks_timout_secs message and unresponsive qemu-process, [Bug 1207686]

[Josh Durgin]

On 08/08/2013 05:40 AM, Oliver Francke wrote:

Hi Josh,

I have a session logged with:

 debug_ms=1:debug_rbd=20:debug_objectcacher=30

as you requested from Mike, even if I think, we do have another story
here, anyway.

Host-kernel is: 3.10.0-rc7, qemu-client 1.6.0-rc2, client-kernel is
3.2.0-51-amd...

Do you want me to open a ticket for that stuff? I have about 5MB
compressed logfile waiting for you ;)


Yes, that'd be great. If you could include the time when you saw the 
guest hang that'd be ideal. I'm not sure if this is one or two bugs,

but it seems likely it's a bug in rbd and not qemu.

Thanks!
Josh


Thnx in advance,

Oliver.

On 08/05/2013 09:48 AM, Stefan Hajnoczi wrote:

On Sun, Aug 04, 2013 at 03:36:52PM +0200, Oliver Francke wrote:

Am 02.08.2013 um 23:47 schrieb Mike Dawson :

We can "un-wedge" the guest by opening a NoVNC session or running a
'virsh screenshot' command. After that, the guest resumes and runs
as expected. At that point we can examine the guest. Each time we'll
see:

If virsh screenshot works then this confirms that QEMU itself is still
responding.  Its main loop cannot be blocked since it was able to
process the screendump command.

This supports Josh's theory that a callback is not being invoked.  The
virtio-blk I/O request would be left in a pending state.

Now here is where the behavior varies between configurations:

On a Windows guest with 1 vCPU, you may see the symptom that the guest no
longer responds to ping.

On a Linux guest with multiple vCPUs, you may see the hung task message
from the guest kernel because other vCPUs are still making progress.
Just the vCPU that issued the I/O request and whose task is in
UNINTERRUPTIBLE state would really be stuck.

Basically, the symptoms depend not just on how QEMU is behaving but also
on the guest kernel and how many vCPUs you have configured.

I think this can explain how both problems you are observing, Oliver and
Mike, are a result of the same bug.  At least I hope they are :).

Stefan

[Qemu-devel] [PATCH 01/14] target-arm: Make IRQ and FIQ gpio lines on the CPU object

[Peter Maydell]

Now that ARMCPU is a subclass of DeviceState, we can make the
CPU's inbound IRQ and FIQ lines be simply gpio lines, which
means we can remove the odd arm_pic shim.

We retain the arm_pic_init_cpu() function as a backwards
compatibility shim layer so we can convert the board models
to get the IRQ and FIQ lines directly from the ARMCPU
object one at a time.

Signed-off-by: Peter Maydell 
---
 hw/arm/pic_cpu.c |   63 +-
 target-arm/cpu.c |   60 +++
 target-arm/cpu.h |3 +++
 3 files changed, 73 insertions(+), 53 deletions(-)

diff --git a/hw/arm/pic_cpu.c b/hw/arm/pic_cpu.c
index 875280a..9c36273 100644
--- a/hw/arm/pic_cpu.c
+++ b/hw/arm/pic_cpu.c
@@ -9,60 +9,17 @@
 
 #include "hw/hw.h"
 #include "hw/arm/arm.h"
-#include "sysemu/kvm.h"
-
-/* Input 0 is IRQ and input 1 is FIQ.  */
-static void arm_pic_cpu_handler(void *opaque, int irq, int level)
-{
-ARMCPU *cpu = opaque;
-CPUState *cs = CPU(cpu);
-
-switch (irq) {
-case ARM_PIC_CPU_IRQ:
-if (level) {
-cpu_interrupt(cs, CPU_INTERRUPT_HARD);
-} else {
-cpu_reset_interrupt(cs, CPU_INTERRUPT_HARD);
-}
-break;
-case ARM_PIC_CPU_FIQ:
-if (level) {
-cpu_interrupt(cs, CPU_INTERRUPT_FIQ);
-} else {
-cpu_reset_interrupt(cs, CPU_INTERRUPT_FIQ);
-}
-break;
-default:
-hw_error("arm_pic_cpu_handler: Bad interrupt line %d\n", irq);
-}
-}
-
-static void kvm_arm_pic_cpu_handler(void *opaque, int irq, int level)
-{
-#ifdef CONFIG_KVM
-ARMCPU *cpu = opaque;
-CPUState *cs = CPU(cpu);
-int kvm_irq = KVM_ARM_IRQ_TYPE_CPU << KVM_ARM_IRQ_TYPE_SHIFT;
-
-switch (irq) {
-case ARM_PIC_CPU_IRQ:
-kvm_irq |= KVM_ARM_IRQ_CPU_IRQ;
-break;
-case ARM_PIC_CPU_FIQ:
-kvm_irq |= KVM_ARM_IRQ_CPU_FIQ;
-break;
-default:
-hw_error("kvm_arm_pic_cpu_handler: Bad interrupt line %d\n", irq);
-}
-kvm_irq |= cs->cpu_index << KVM_ARM_IRQ_VCPU_SHIFT;
-kvm_set_irq(kvm_state, kvm_irq, level ? 1 : 0);
-#endif
-}
 
+/* Backwards compatibility shim; this can disappear when all
+ * board models have been updated to get IRQ and FIQ lines directly
+ * from the ARMCPU object rather than by calling this function.
+ */
 qemu_irq *arm_pic_init_cpu(ARMCPU *cpu)
 {
-if (kvm_enabled()) {
-return qemu_allocate_irqs(kvm_arm_pic_cpu_handler, cpu, 2);
-}
-return qemu_allocate_irqs(arm_pic_cpu_handler, cpu, 2);
+DeviceState *dev = DEVICE(cpu);
+qemu_irq *irqs = g_new(qemu_irq, 2);
+
+irqs[0] = qdev_get_gpio_in(dev, ARM_CPU_IRQ);
+irqs[1] = qdev_get_gpio_in(dev, ARM_CPU_FIQ);
+return irqs;
 }
diff --git a/target-arm/cpu.c b/target-arm/cpu.c
index 5a7566b..6f56aa8 100644
--- a/target-arm/cpu.c
+++ b/target-arm/cpu.c
@@ -23,7 +23,9 @@
 #if !defined(CONFIG_USER_ONLY)
 #include "hw/loader.h"
 #endif
+#include "hw/arm/arm.h"
 #include "sysemu/sysemu.h"
+#include "sysemu/kvm.h"
 
 static void arm_cpu_set_pc(CPUState *cs, vaddr value)
 {
@@ -129,6 +131,55 @@ static void arm_cpu_reset(CPUState *s)
 tb_flush(env);
 }
 
+#ifndef CONFIG_USER_ONLY
+static void arm_cpu_set_irq(void *opaque, int irq, int level)
+{
+ARMCPU *cpu = opaque;
+CPUState *cs = CPU(cpu);
+
+switch (irq) {
+case ARM_CPU_IRQ:
+if (level) {
+cpu_interrupt(cs, CPU_INTERRUPT_HARD);
+} else {
+cpu_reset_interrupt(cs, CPU_INTERRUPT_HARD);
+}
+break;
+case ARM_CPU_FIQ:
+if (level) {
+cpu_interrupt(cs, CPU_INTERRUPT_FIQ);
+} else {
+cpu_reset_interrupt(cs, CPU_INTERRUPT_FIQ);
+}
+break;
+default:
+hw_error("arm_cpu_set_irq: Bad interrupt line %d\n", irq);
+}
+}
+
+static void arm_cpu_kvm_set_irq(void *opaque, int irq, int level)
+{
+#ifdef CONFIG_KVM
+ARMCPU *cpu = opaque;
+CPUState *cs = CPU(cpu);
+int kvm_irq = KVM_ARM_IRQ_TYPE_CPU << KVM_ARM_IRQ_TYPE_SHIFT;
+
+switch (irq) {
+case ARM_CPU_IRQ:
+kvm_irq |= KVM_ARM_IRQ_CPU_IRQ;
+break;
+case ARM_CPU_FIQ:
+kvm_irq |= KVM_ARM_IRQ_CPU_FIQ;
+break;
+default:
+hw_error("arm_cpu_kvm_set_irq: Bad interrupt line %d\n", irq);
+}
+kvm_irq |= cs->cpu_index << KVM_ARM_IRQ_VCPU_SHIFT;
+kvm_set_irq(kvm_state, kvm_irq, level ? 1 : 0);
+#endif
+}
+#endif
+
 static inline void set_feature(CPUARMState *env, int feature)
 {
 env->features |= 1ULL << feature;
@@ -145,6 +196,15 @@ static void arm_cpu_initfn(Object *obj)
 cpu->cp_regs = g_hash_table_new_full(g_int_hash, g_int_equal,
  g_free, g_free);
 
+#ifndef CONFIG_USER_ONLY
+/* Our inbound IRQ and FIQ lines */
+if (kvm_enabled()) {
+qdev_init_gpio_in(DEVICE(cpu), arm_cpu_kvm_set_irq, 2);
+} else {
+qdev_init_gpio_in(DEVICE(cpu

Re: [Qemu-devel] [PATCH 2/2] Revert "memory: Return -1 again on reads from unsigned regions"

[Andreas Färber]

Am 08.08.2013 18:48, schrieb Peter Maydell:
> On 8 August 2013 17:46, Andreas Färber  wrote:
>> Since no one has spoken up with a concrete use case that breaks when
>> having the PIO region opaque, I agree this seems the best solution we
>> have for 1.6. But given the musicpal issue you have raised, I would ask
>> Paolo or Jan to squash these two patches together to avoid a git-bisect
>> regression.
> 
> Not sure what you have in mind here -- musicpal is an ARM
> board, and no ARM system should ever touch the system_io
> region at all, so for musicpal patch 1/2 has no effect
> and we care only about 2/2.

Sorry, mixed up your other reply with this non-threaded series - thought
you were saying 1/2 introduced the regression, but the regression is
already in qemu.git I understand just like for prep.

Andreas

-- 
SUSE LINUX Products GmbH, Maxfeldstr. 5, 90409 Nürnberg, Germany
GF: Jeff Hawn, Jennifer Guild, Felix Imendörffer; HRB 16746 AG Nürnberg

Re: [Qemu-devel] [PATCH] Fix query-migrate documentation in qmp-commands.hx

[Luiz Capitulino]

On Thu, 08 Aug 2013 19:47:50 +0300
Orit Wasserman  wrote:

> On 08/08/2013 05:50 PM, Luiz Capitulino wrote:
> > On Thu,  8 Aug 2013 11:46:14 +0300
> > Orit Wasserman  wrote:
> > 
> >> "ram" is present also when migration completes.
> >> total-time and downtime are no longer part of "ram" data.
> > 
> > expected-downtime has to be moved too, looks good otherwise.
> 
> I will fix it in a separate patch.

Why not quickly respin the patch with the instances of the
same problem fixed?

Re: [Qemu-devel] [PATCH 2/2] Revert "memory: Return -1 again on reads from unsigned regions"

[Peter Maydell]

On 8 August 2013 17:46, Andreas Färber  wrote:
> Since no one has spoken up with a concrete use case that breaks when
> having the PIO region opaque, I agree this seems the best solution we
> have for 1.6. But given the musicpal issue you have raised, I would ask
> Paolo or Jan to squash these two patches together to avoid a git-bisect
> regression.

Not sure what you have in mind here -- musicpal is an ARM
board, and no ARM system should ever touch the system_io
region at all, so for musicpal patch 1/2 has no effect
and we care only about 2/2.

-- PMM

Re: [Qemu-devel] [PATCH] Fix query-migrate documentation in qmp-commands.hx

[Orit Wasserman]

On 08/08/2013 05:50 PM, Luiz Capitulino wrote:
> On Thu,  8 Aug 2013 11:46:14 +0300
> Orit Wasserman  wrote:
> 
>> "ram" is present also when migration completes.
>> total-time and downtime are no longer part of "ram" data.
> 
> expected-downtime has to be moved too, looks good otherwise.

I will fix it in a separate patch.

Orit
> 
>>
>> Signed-off-by: Orit Wasserman 
>> ---
>>  qmp-commands.hx | 14 +++---
>>  1 file changed, 7 insertions(+), 7 deletions(-)
>>
>> diff --git a/qmp-commands.hx b/qmp-commands.hx
>> index 2e59b0d..1d43f4c 100644
>> --- a/qmp-commands.hx
>> +++ b/qmp-commands.hx
>> @@ -2626,8 +2626,8 @@ The main json-object contains the following:
>>  - "expected-downtime": only present while migration is active
>>  total amount in ms for downtime that was calculated on
>>  the last bitmap round (json-int)
>> -- "ram": only present if "status" is "active", it is a json-object with the
>> -  following RAM information:
>> +- "ram": only present if "status" is "active" or "complete", it is a
>> + json-object with the following RAM information:
>>   - "transferred": amount transferred in bytes (json-int)
>>   - "remaining": amount remaining to transfer in bytes (json-int)
>>   - "total": total amount of memory in bytes (json-int)
>> @@ -2669,12 +2669,12 @@ Examples:
>>  -> { "execute": "query-migrate" }
>>  <- { "return": {
>>  "status": "completed",
>> +"total-time":12345,
>> +"downtime":12345,
>>  "ram":{
>>"transferred":123,
>>"remaining":123,
>>"total":246,
>> -  "total-time":12345,
>> -  "downtime":12345,
>>"duplicate":123,
>>"normal":123,
>>"normal-bytes":123456
>> @@ -2693,11 +2693,11 @@ Examples:
>>  <- {
>>"return":{
>>   "status":"active",
>> + "total-time":12345,
>>   "ram":{
>>  "transferred":123,
>>  "remaining":123,
>>  "total":246,
>> -"total-time":12345,
>>  "expected-downtime":12345,
>>  "duplicate":123,
>>  "normal":123,
>> @@ -2712,11 +2712,11 @@ Examples:
>>  <- {
>>"return":{
>>   "status":"active",
>> + "total-time":12345,
>>   "ram":{
>>  "total":1057024,
>>  "remaining":1053304,
>>  "transferred":3720,
>> -"total-time":12345,
>>  "expected-downtime":12345,
>>  "duplicate":123,
>>  "normal":123,
>> @@ -2736,12 +2736,12 @@ Examples:
>>  <- {
>>"return":{
>>   "status":"active",
>> + "total-time":12345,
>>   "capabilities" : [ { "capability": "xbzrle", "state" : true } ],
>>   "ram":{
>>  "total":1057024,
>>  "remaining":1053304,
>>  "transferred":3720,
>> -"total-time":12345,
>>  "expected-downtime":12345,
>>  "duplicate":10,
>>  "normal":,
> 

[Qemu-devel] [PULL for-1.6] TCG mips --enable-debug fix

[Richard Henderson]

Please pull for -rc2, thanks.


r~


The following changes since commit 6fdf98f281f85ae6e2883bed2f691bcfe33b1f9f:

  fw_cfg: the I/O port variant expects little-endian (2013-08-07 12:48:15 -0500)

are available in the git repository at:

  git://github.com/rth7680/qemu.git for-1.6

for you to fetch changes up to 31e846e8f3885f82df7cc96f0a14a6665b42388e:

  tcg/mips: fix invalid op definition errors (2013-08-08 06:11:19 -1000)


James Hogan (1):
  tcg/mips: fix invalid op definition errors

 tcg/mips/tcg-target.c | 10 ++
 1 file changed, 10 insertions(+)

[Qemu-devel] [PULL for-1.6] tcg/mips: fix invalid op definition errors

[Richard Henderson]

From: James Hogan 

tcg/mips/tcg-target.h defines various operations conditionally depending
upon the isa revision, however these operations are included in
mips_op_defs[] unconditionally resulting in the following runtime errors
if CONFIG_DEBUG_TCG is defined:

Invalid op definition for movcond_i32
Invalid op definition for rotl_i32
Invalid op definition for rotr_i32
Invalid op definition for deposit_i32
Invalid op definition for bswap16_i32
Invalid op definition for bswap32_i32
tcg/tcg.c:1196: tcg fatal error

Fix with ifdefs like the i386 backend does for movcond_i32.

Signed-off-by: James Hogan 
Cc: Aurelien Jarno 
Cc: Richard Henderson 
Signed-off-by: Richard Henderson 
---
 tcg/mips/tcg-target.c | 10 ++
 1 file changed, 10 insertions(+)

diff --git a/tcg/mips/tcg-target.c b/tcg/mips/tcg-target.c
index 373c364..793532e 100644
--- a/tcg/mips/tcg-target.c
+++ b/tcg/mips/tcg-target.c
@@ -1617,19 +1617,29 @@ static const TCGTargetOpDef mips_op_defs[] = {
 { INDEX_op_shl_i32, { "r", "rZ", "ri" } },
 { INDEX_op_shr_i32, { "r", "rZ", "ri" } },
 { INDEX_op_sar_i32, { "r", "rZ", "ri" } },
+#if TCG_TARGET_HAS_rot_i32
 { INDEX_op_rotr_i32, { "r", "rZ", "ri" } },
 { INDEX_op_rotl_i32, { "r", "rZ", "ri" } },
+#endif
 
+#if TCG_TARGET_HAS_bswap16_i32
 { INDEX_op_bswap16_i32, { "r", "r" } },
+#endif
+#if TCG_TARGET_HAS_bswap32_i32
 { INDEX_op_bswap32_i32, { "r", "r" } },
+#endif
 
 { INDEX_op_ext8s_i32, { "r", "rZ" } },
 { INDEX_op_ext16s_i32, { "r", "rZ" } },
 
+#if TCG_TARGET_HAS_deposit_i32
 { INDEX_op_deposit_i32, { "r", "0", "rZ" } },
+#endif
 
 { INDEX_op_brcond_i32, { "rZ", "rZ" } },
+#if TCG_TARGET_HAS_movcond_i32
 { INDEX_op_movcond_i32, { "r", "rZ", "rZ", "rZ", "0" } },
+#endif
 { INDEX_op_setcond_i32, { "r", "rZ", "rZ" } },
 { INDEX_op_setcond2_i32, { "r", "rZ", "rZ", "rZ", "rZ" } },
 
-- 
1.8.3.1

Re: [Qemu-devel] [PATCH 2/2] Revert "memory: Return -1 again on reads from unsigned regions"

[Andreas Färber]

Am 08.08.2013 17:23, schrieb Peter Maydell:
> On 3 August 2013 09:31, Jan Kiszka  wrote:
>> From: Jan Kiszka 
>>
>> This reverts commit 9b8c69243585a32d14b9bb9fcd52c37b0b5a1b71.
>>
>> The commit was wrong: We only return -1 on invalid accesses, not on
>> valid but unbacked ones. This broke various corner cases.
>>
>> Signed-off-by: Jan Kiszka 
> 
> This revert fixes the regression in the 'musicpal' board.
> 
> Presumably these two patches should go into 1.6 since it is
> a regression fix... cc'ing Anthony.

Since no one has spoken up with a concrete use case that breaks when
having the PIO region opaque, I agree this seems the best solution we
have for 1.6. But given the musicpal issue you have raised, I would ask
Paolo or Jan to squash these two patches together to avoid a git-bisect
regression.

Thanks,
Andreas

> 
> Reviewed-by: Peter Maydell 
> 
> -- PMM
> 


-- 
SUSE LINUX Products GmbH, Maxfeldstr. 5, 90409 Nürnberg, Germany
GF: Jeff Hawn, Jennifer Guild, Felix Imendörffer; HRB 16746 AG Nürnberg

[Qemu-devel] [PATCH] pc: drop external DSDT loading

[Anthony Liguori]

This breaks migration and is unneeded with modern SeaBIOS.

Signed-off-by: Anthony Liguori 
---
 hw/i386/pc_piix.c | 1 -
 hw/i386/pc_q35.c  | 1 -
 2 files changed, 2 deletions(-)

diff --git a/hw/i386/pc_piix.c b/hw/i386/pc_piix.c
index ab25458..daaff8a 100644
--- a/hw/i386/pc_piix.c
+++ b/hw/i386/pc_piix.c
@@ -103,7 +103,6 @@ static void pc_init1(MemoryRegion *system_memory,
   OBJECT(icc_bridge), NULL);
 
 pc_cpus_init(cpu_model, icc_bridge);
-pc_acpi_init("acpi-dsdt.aml");
 
 if (kvm_enabled() && kvmclock_enabled) {
 kvmclock_create();
diff --git a/hw/i386/pc_q35.c b/hw/i386/pc_q35.c
index 2f35d12..8c6c7bc 100644
--- a/hw/i386/pc_q35.c
+++ b/hw/i386/pc_q35.c
@@ -86,7 +86,6 @@ static void pc_q35_init(QEMUMachineInitArgs *args)
   OBJECT(icc_bridge), NULL);
 
 pc_cpus_init(cpu_model, icc_bridge);
-pc_acpi_init("q35-acpi-dsdt.aml");
 
 kvmclock_create();
 
-- 
1.8.0

Re: [Qemu-devel] [PATCH 1/7] virtio: allow byte swapping for vring and config access

[Peter Maydell]

On 8 August 2013 17:25, Anthony Liguori  wrote:
> Peter Maydell  writes:
>> On 8 August 2013 17:07, Anthony Liguori  wrote:
>>> CPU data structures are still read as big endian though.
>>
>> Do you have an example of what you mean by "CPU data structure"?
>
> MMU tlb hash table.  If you grep ldl target-ppc/* you'll see that there
> are only a few cases where bswap occurs.

Oh, right, that sort of in-memory data structure. If I
understand correctly, the equivalent of that for ARM would
be the MMU translation tables; on ARM there's a system
control register bit for which endianness those are.

>> Any stl_phys() should [in an ideal design] be tied to a
>> "bus master" which has its own idea of which endianness
>> it is. That is, an stl_phys() for a DMA controller model
>> ought to use the endianness programmed for the DMA controller,
>> not whatever the CPU happens to be using.
>
> We have the DMA API that attempts to do this but maybe we need to
> generalize it a bit more...
>
> I think it's pretty true that we need a context and that the context
> for, say instruction fetch, is distinct from the context for load/store
> instructions.

A context might also give us a place to put other interesting
information which in hardware gets passed around as transaction
attributes on the bus, such as "is this a userspace or privileged
instruction".

-- PMM

[Qemu-devel] [PATCH 05/14] hw/arm/integratorcp: Don't use arm_pic_init_cpu()

[Peter Maydell]

Drop the now-deprecated arm_pic_init_cpu() in favour of directly
getting the IRQ line from the ARMCPU object.

Signed-off-by: Peter Maydell 
---
 hw/arm/integratorcp.c |7 +++
 1 file changed, 3 insertions(+), 4 deletions(-)

diff --git a/hw/arm/integratorcp.c b/hw/arm/integratorcp.c
index d518188..59c3726 100644
--- a/hw/arm/integratorcp.c
+++ b/hw/arm/integratorcp.c
@@ -465,7 +465,6 @@ static void integratorcp_init(QEMUMachineInitArgs *args)
 MemoryRegion *ram = g_new(MemoryRegion, 1);
 MemoryRegion *ram_alias = g_new(MemoryRegion, 1);
 qemu_irq pic[32];
-qemu_irq *cpu_pic;
 DeviceState *dev;
 int i;
 
@@ -493,10 +492,10 @@ static void integratorcp_init(QEMUMachineInitArgs *args)
 qdev_init_nofail(dev);
 sysbus_mmio_map((SysBusDevice *)dev, 0, 0x1000);
 
-cpu_pic = arm_pic_init_cpu(cpu);
 dev = sysbus_create_varargs(TYPE_INTEGRATOR_PIC, 0x1400,
-cpu_pic[ARM_PIC_CPU_IRQ],
-cpu_pic[ARM_PIC_CPU_FIQ], NULL);
+qdev_get_gpio_in(DEVICE(cpu), ARM_CPU_IRQ),
+qdev_get_gpio_in(DEVICE(cpu), ARM_CPU_FIQ),
+NULL);
 for (i = 0; i < 32; i++) {
 pic[i] = qdev_get_gpio_in(dev, i);
 }
-- 
1.7.9.5

Re: [Qemu-devel] [PATCH v1 1/5] util: introduce gsource event abstraction

[Michael Roth]

Quoting Liu Ping Fan (2013-08-08 01:26:07)
> Introduce struct EventsGSource. It will ease the usage of GSource
> associated with a group of files, which are dynamically allocated
> and release, ex, slirp.
> 
> Signed-off-by: Liu Ping Fan 
> ---
>  util/Makefile.objs   |  1 +
>  util/event_gsource.c | 94 
> 
>  util/event_gsource.h | 37 +
>  3 files changed, 132 insertions(+)
>  create mode 100644 util/event_gsource.c
>  create mode 100644 util/event_gsource.h
> 
> diff --git a/util/Makefile.objs b/util/Makefile.objs
> index dc72ab0..eec55bd 100644
> --- a/util/Makefile.objs
> +++ b/util/Makefile.objs
> @@ -11,3 +11,4 @@ util-obj-y += iov.o aes.o qemu-config.o qemu-sockets.o 
> uri.o notify.o
>  util-obj-y += qemu-option.o qemu-progress.o
>  util-obj-y += hexdump.o
>  util-obj-y += crc32c.o
> +util-obj-y += event_gsource.o
> diff --git a/util/event_gsource.c b/util/event_gsource.c
> new file mode 100644
> index 000..4b9fa89
> --- /dev/null
> +++ b/util/event_gsource.c
> @@ -0,0 +1,94 @@
> +/*
> + *  Copyright (C) 2013 IBM
> + *
> + *  This program is free software; you can redistribute it and/or modify
> + *  it under the terms of the GNU General Public License as published by
> + *  the Free Software Foundation; under version 2 of the License.
> + *
> + *  This program is distributed in the hope that it will be useful,
> + *  but WITHOUT ANY WARRANTY; without even the implied warranty of
> + *  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
> + *  GNU General Public License for more details.
> + *
> + *  You should have received a copy of the GNU General Public License
> + *  along with this program; if not, see .
> + */
> +
> +#include "event_gsource.h"
> +#include "qemu/bitops.h"
> +
> +GPollFD *events_source_add_pollfd(EventsGSource *src, int fd)

Small nit, but if the class is EventsGSource, the methods should
use the events_gsource_* prefix. Or we can just call it EventsSource.

> +{
> +GPollFD *retfd;
> +
> +retfd = g_slice_alloc(sizeof(GPollFD));
> +retfd->events = 0;
> +retfd->fd = fd;
> +src->pollfds_list = g_list_append(src->pollfds_list, retfd);
> +if (fd >= 0) {
> +g_source_add_poll(&src->source, retfd);
> +}
> +
> +return retfd;
> +}
> +
> +void events_source_remove_pollfd(EventsGSource *src, GPollFD *pollfd)
> +{
> +g_source_remove_poll(&src->source, pollfd);
> +src->pollfds_list = g_list_remove(src->pollfds_list, pollfd);
> +g_slice_free(GPollFD, pollfd);
> +}
> +
> +static gboolean events_source_check(GSource *src)
> +{
> +EventsGSource *nsrc = (EventsGSource *)src;
> +GList *cur;
> +GPollFD *gfd;
> +
> +cur = nsrc->pollfds_list;
> +while (cur) {
> +gfd = cur->data;
> +if (gfd->fd >= 0 && (gfd->revents & gfd->events)) {
> +return true;
> +}
> +cur = g_list_next(cur);
> +}
> +
> +return false;
> +}
> +
> +static gboolean events_source_dispatch(GSource *src, GSourceFunc cb,
> +gpointer data)
> +{
> +gboolean ret = false;
> +
> +if (cb) {
> +ret = cb(data);
> +}
> +return ret;
> +}
> +
> +EventsGSource *events_source_new(GPrepare prepare, GSourceFunc dispatch_cb,
> +void *opaque)
> +{
> +EventsGSource *src;
> +GSourceFuncs *gfuncs = g_new0(GSourceFuncs, 1);
> +gfuncs->prepare = prepare;

I'm not sure how useful this EventsGSource abstraction is if it requires users
to implement a custom prepare() function that accesses EventsGSource fields
directly.

Either we should just make this SlirpGSource until another user comes
along where we can look at pulling out common bits, or we should pass in a
prepare() function that operates on the opaque data instead of the
underlying EventsGSource.

If you take the latter approach, you might consider having
events_source_add_pollfd take a GPollFD* arg instead of an fd, then storing
a pointer to the same GPollFD* in your opaque/Slirp object so you can do things
like set the event masks for all the GPollFDs in the prepare cb prior to
completing the GSource's prepare function (which could then do something generic
like return true if any GPollFDs have a non-zero event mask)

> +gfuncs->check = events_source_check,
> +gfuncs->dispatch = events_source_dispatch,
> +
> +src = (EventsGSource *)g_source_new(gfuncs, sizeof(EventsGSource));
> +src->gfuncs = gfuncs;
> +src->pollfds_list = NULL;
> +src->opaque = opaque;
> +g_source_set_callback(&src->source, dispatch_cb, src, NULL);
> +
> +return src;
> +}
> +
> +void events_source_release(EventsGSource *src)
> +{
> +assert(!src->pollfds_list);
> +g_free(src->gfuncs);
> +g_source_destroy(&src->source);
> +}
> diff --git a/util/event_gsource.h b/util/event_gsource.h
> new file mode 100644
> index 000..8755952
> --- /dev/null
> +++ b/util/event_gsource.h
> @@ -0,0 +1,37 @@
> +/*
> + *  Copyri

Re: [Qemu-devel] [PATCH v2 for-1.6] pc: disable pci-info for 1.6

[Andreas Färber]

Am 08.08.2013 17:55, schrieb Michael S. Tsirkin:
> The BIOS that we ship in 1.6 does not use pci info
> from host (yet). Several issues turned up
> (e.g. around winXP boot crashes). So it's safest to disable that
> interface for 1.6 machine types for now, leave it on for 1.7
> so we have enough time to figure out the right way
> to fix issues if any.
> 
> Cc: Richard Henderson 
> Signed-off-by: Michael S. Tsirkin 

Looks correct now,

Reviewed-by: Andreas Färber 

Andreas

-- 
SUSE LINUX Products GmbH, Maxfeldstr. 5, 90409 Nürnberg, Germany
GF: Jeff Hawn, Jennifer Guild, Felix Imendörffer; HRB 16746 AG Nürnberg

Re: [Qemu-devel] [PATCH 1/7] virtio: allow byte swapping for vring and config access

[Anthony Liguori]

Peter Maydell  writes:

> On 8 August 2013 17:07, Anthony Liguori  wrote:
>> It's the same processor.  It still starts executing big endian
>> instructions.  A magic register value is tweaked and loads/stores are
>> swapped.
>
> I dunno about PPC, but for ARM generally the boot-up state is
> controlled by config signals which a SoC or board can hardwire,
> so you can have a SoC which is configured to start in big-endian
> mode.
>
>> CPU data structures are still read as big endian though.
>
> Do you have an example of what you mean by "CPU data structure"?

MMU tlb hash table.  If you grep ldl target-ppc/* you'll see that there
are only a few cases where bswap occurs.

>> The distinction is important in QEMU.  ppc64 is still
>> TARGET_WORDS_BIGENDIAN.
>
> Ideally TARGET_WORDS_BIGENDIAN would go away -- it is forcing
> at compile time a setting which is actually a runtime one,
> and a lot of the weirdness here flows from that.
>
>> We still want most stl_phys to treat integers
>> as big endian.
>
> Any stl_phys() should [in an ideal design] be tied to a
> "bus master" which has its own idea of which endianness
> it is. That is, an stl_phys() for a DMA controller model
> ought to use the endianness programmed for the DMA controller,
> not whatever the CPU happens to be using.

We have the DMA API that attempts to do this but maybe we need to
generalize it a bit more...

I think it's pretty true that we need a context and that the context
for, say instruction fetch, is distinct from the context for load/store
instructions.

Regards,

Anthony Liguori

>
> -- PMM

[Qemu-devel] [PATCH 07/14] hw/arm/musicpal: Don't use arm_pic_init_cpu()

[Peter Maydell]

Drop the now-deprecated arm_pic_init_cpu() in favour of directly
getting the IRQ line from the ARMCPU object.

Signed-off-by: Peter Maydell 
---
 hw/arm/musicpal.c |4 +---
 1 file changed, 1 insertion(+), 3 deletions(-)

diff --git a/hw/arm/musicpal.c b/hw/arm/musicpal.c
index d715143..4404b8d 100644
--- a/hw/arm/musicpal.c
+++ b/hw/arm/musicpal.c
@@ -1586,7 +1586,6 @@ static void musicpal_init(QEMUMachineInitArgs *args)
 const char *kernel_cmdline = args->kernel_cmdline;
 const char *initrd_filename = args->initrd_filename;
 ARMCPU *cpu;
-qemu_irq *cpu_pic;
 qemu_irq pic[32];
 DeviceState *dev;
 DeviceState *i2c_dev;
@@ -1610,7 +1609,6 @@ static void musicpal_init(QEMUMachineInitArgs *args)
 fprintf(stderr, "Unable to find CPU definition\n");
 exit(1);
 }
-cpu_pic = arm_pic_init_cpu(cpu);
 
 /* For now we use a fixed - the original - RAM size */
 memory_region_init_ram(ram, NULL, "musicpal.ram", MP_RAM_DEFAULT_SIZE);
@@ -1622,7 +1620,7 @@ static void musicpal_init(QEMUMachineInitArgs *args)
 memory_region_add_subregion(address_space_mem, MP_SRAM_BASE, sram);
 
 dev = sysbus_create_simple(TYPE_MV88W8618_PIC, MP_PIC_BASE,
-   cpu_pic[ARM_PIC_CPU_IRQ]);
+   qdev_get_gpio_in(DEVICE(cpu), ARM_CPU_IRQ));
 for (i = 0; i < 32; i++) {
 pic[i] = qdev_get_gpio_in(dev, i);
 }
-- 
1.7.9.5

Re: [Qemu-devel] [PATCH 1/7] virtio: allow byte swapping for vring and config access

[Andreas Färber]

Am 08.08.2013 17:40, schrieb Anthony Liguori:
> Andreas Färber  writes:
>> Am 08.08.2013 15:31, schrieb Anthony Liguori:
>>> We have a mechanism to do weak functions via stubs/.  I think it would
>>> be better to do cpu_get_byteswap() as a stub function and then overload
>>> it in the ppc64 code.
>>
>> If this as your name indicates is a per-CPU function then it should go
>> into CPUClass. Interesting question is, what is virtio supposed to do if
>> we have two ppc CPUs, one is Big Endian, the other is Little Endian.
> 
> PPC64 is big endian.  AFAIK, there is no such thing as a little endian
> PPC64 processor.
> 
> This is just a processor mode where loads/stores are byte lane swapped.
> Hence the name 'cpu_get_byteswap'.  It's just asking whether the
> load/stores are being swapped or not.

Exactly, just read it as "is in ... Endian mode". On the CPUs I am more
familiar with (e.g., 970), this used to be controlled via an MSR bit,
which as CPUPPCState::msr exists per CPUState. I did not check on real
hardware, but from the QEMU code this would allow for the mixed-endian
scenario described above.

> At least for PPC64, it's not possible to enable/disable byte lane
> swapping for individual CPUs.  It's done through a system-wide hcall.

What is offending me is only the following: If we name it
cpu_get_byteswap() as proposed by you, then its first argument should be
a CPUState *cpu. Its value would be read from the derived type's state,
such as the MSR bit in the code path that you wanted duplicated. The
function implementing that register-reading would be a hook in CPUClass,
with a default implementation in qom/cpu.c rather than a fallback in
stubs/. To access CPUClass, CPUState cannot be NULL, as brought up by
Stefano for cpu_do_unassigned_access(); not following that pattern
prevents mixing CPU architectures, which my large refactorings have
partially been about. Cf. my guest-memory-dump refactoring.

If it is just some random global value, then please don't call it
cpu_*(). Since sPAPR is not a target of its own, I don't see how/where
you want to implement that hcall query as per-target function either,
that might rather call for a QEMUMachine hook?

I don't care or argue about byte lanes here, I am just trying to keep
API design consistent and not regressing on the way to heterogeneous
emulation.

Regards,
Andreas

> FWIW, I think most bi-endian architectures are this way too so I think
> this is equally applicable to ARM.  Peter, is that right?
> 
> Regards,
> 
> Anthony Liguori
> 
>> We'd need to check current_cpu then, which for Xen is always NULL.
>>
>> Andreas

-- 
SUSE LINUX Products GmbH, Maxfeldstr. 5, 90409 Nürnberg, Germany
GF: Jeff Hawn, Jennifer Guild, Felix Imendörffer; HRB 16746 AG Nürnberg

[Qemu-devel] [PATCH 10/14] hw/arm/strongarm: Don't use arm_pic_init_cpu()

[Peter Maydell]

Drop the now-deprecated arm_pic_init_cpu() in favour of directly
getting the IRQ line from the ARMCPU object.

Signed-off-by: Peter Maydell 
---
 hw/arm/strongarm.c |6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/hw/arm/strongarm.c b/hw/arm/strongarm.c
index 82a9492..7b8ef8c 100644
--- a/hw/arm/strongarm.c
+++ b/hw/arm/strongarm.c
@@ -1588,7 +1588,6 @@ StrongARMState *sa1110_init(MemoryRegion *sysmem,
 unsigned int sdram_size, const char *rev)
 {
 StrongARMState *s;
-qemu_irq *pic;
 int i;
 
 s = g_malloc0(sizeof(StrongARMState));
@@ -1613,9 +1612,10 @@ StrongARMState *sa1110_init(MemoryRegion *sysmem,
 vmstate_register_ram_global(&s->sdram);
 memory_region_add_subregion(sysmem, SA_SDCS0, &s->sdram);
 
-pic = arm_pic_init_cpu(s->cpu);
 s->pic = sysbus_create_varargs("strongarm_pic", 0x9005,
-pic[ARM_PIC_CPU_IRQ], pic[ARM_PIC_CPU_FIQ], NULL);
+qdev_get_gpio_in(DEVICE(s->cpu), ARM_CPU_IRQ),
+qdev_get_gpio_in(DEVICE(s->cpu), ARM_CPU_FIQ),
+NULL);
 
 sysbus_create_varargs("pxa25x-timer", 0x9000,
 qdev_get_gpio_in(s->pic, SA_PIC_OSTC0),
-- 
1.7.9.5

Re: [Qemu-devel] [PATCH 1/7] virtio: allow byte swapping for vring and config access

[Peter Maydell]

On 8 August 2013 17:07, Anthony Liguori  wrote:
> It's the same processor.  It still starts executing big endian
> instructions.  A magic register value is tweaked and loads/stores are
> swapped.

I dunno about PPC, but for ARM generally the boot-up state is
controlled by config signals which a SoC or board can hardwire,
so you can have a SoC which is configured to start in big-endian
mode.

> CPU data structures are still read as big endian though.

Do you have an example of what you mean by "CPU data structure"?

> The distinction is important in QEMU.  ppc64 is still
> TARGET_WORDS_BIGENDIAN.

Ideally TARGET_WORDS_BIGENDIAN would go away -- it is forcing
at compile time a setting which is actually a runtime one,
and a lot of the weirdness here flows from that.

> We still want most stl_phys to treat integers
> as big endian.

Any stl_phys() should [in an ideal design] be tied to a
"bus master" which has its own idea of which endianness
it is. That is, an stl_phys() for a DMA controller model
ought to use the endianness programmed for the DMA controller,
not whatever the CPU happens to be using.

-- PMM

Re: [Qemu-devel] [PATCH 1/7] virtio: allow byte swapping for vring and config access

[Anthony Liguori]

"Daniel P. Berrange"  writes:

> On Thu, Aug 08, 2013 at 10:40:28AM -0500, Anthony Liguori wrote:
>> Andreas Färber  writes:
>> >> We have a mechanism to do weak functions via stubs/.  I think it would
>> >> be better to do cpu_get_byteswap() as a stub function and then overload
>> >> it in the ppc64 code.
>> >
>> > If this as your name indicates is a per-CPU function then it should go
>> > into CPUClass. Interesting question is, what is virtio supposed to do if
>> > we have two ppc CPUs, one is Big Endian, the other is Little Endian.
>> 
>> PPC64 is big endian.  AFAIK, there is no such thing as a little endian
>> PPC64 processor.
>
> Unless I'm misunderstanding, this thread seems to suggest otherwise:
>
>   "[Qemu-devel] [PATCH 0/5] 64bit PowerPC little endian support"
>
>   https://lists.nongnu.org/archive/html/qemu-devel/2013-08/msg00813.html

Yeah, it's confusing.  It feels like little endian to most software but
the distinction in hardware (and therefore QEMU) is important.

It's the same processor.  It still starts executing big endian
instructions.  A magic register value is tweaked and loads/stores are
swapped.  CPU data structures are still read as big endian though.  It's
really just load/stores that are affected.

The distinction is important in QEMU.  ppc64 is still
TARGET_WORDS_BIGENDIAN.  We still want most stl_phys to treat integers
as big endian.  There's just this extra concept that CPU loads/stores
are sometimes byte swapped.  That affects virtio but not a lot else.

Regards,

Anthony Liguori

>
>
> Daniel
> -- 
> |: http://berrange.com  -o-http://www.flickr.com/photos/dberrange/ :|
> |: http://libvirt.org  -o- http://virt-manager.org :|
> |: http://autobuild.org   -o- http://search.cpan.org/~danberr/ :|
> |: http://entangle-photo.org   -o-   http://live.gnome.org/gtk-vnc :|

Re: [Qemu-devel] [PATCH 1/7] virtio: allow byte swapping for vring and config access

[Anthony Liguori]

Peter Maydell  writes:

> On 8 August 2013 16:40, Anthony Liguori  wrote:
>> PPC64 is big endian.  AFAIK, there is no such thing as a little endian
>> PPC64 processor.
>
> What's your definition of "little endian processor" here if
> it isn't "one which is doing byte swaps of data"? I would
> describe a PPC64 with the relevant mode bit set as "little
> endian".

Let's focus this to QEMU.  PPC64 is still TARGET_WORDS_BIGENDIAN.  It
would be totally wrong to make this change to either a function call or
to TARGET_WORDS_LITTLEENDIAN.

>> This is just a processor mode where loads/stores are byte lane swapped.
>> Hence the name 'cpu_get_byteswap'.  It's just asking whether the
>> load/stores are being swapped or not.
>>
>> At least for PPC64, it's not possible to enable/disable byte lane
>> swapping for individual CPUs.  It's done through a system-wide hcall.
>>
>> FWIW, I think most bi-endian architectures are this way too so I think
>> this is equally applicable to ARM.  Peter, is that right?
>
> ARM's bi-endian story is complicated and depends on the CPU.
> Older CPUs didn't do byte-lane swapping of data; instead
> when the CPU was configured in "big endian" mode they would
> do address munging (XOR the address with 3 when doing a byte
> access; XOR with 1 for halfword access). New CPUs do byte-lane
> swapping (but only for data, not for instruction fetch).
> CPUs in the transition period can do either.
>
> In all cases, this is a per-cpu-core thing: you can have
> one core configured to be bigendian and the other little
> endian. You could in theory have the OS support both big
> and little endian userspace processes. We ideally would
> want to support "QEMU is a little endian process but the
> VM's vcpu is currently bigendian".

Eek.  Yeah, I guess we need to tie this to a CPUState then.

>
> Fuller writeup here:
> http://translatedcode.wordpress.com/2012/04/02/this-end-up/

Excellent, thanks!

Regards,

Anthony Liguori

>
> -- PMM

[Qemu-devel] [PATCH 08/14] hw/arm/omap*: Don't use arm_pic_init_cpu()

[Peter Maydell]

Drop the now-deprecated arm_pic_init_cpu() in favour of directly
getting the IRQ line from the ARMCPU object.

Signed-off-by: Peter Maydell 
---
 hw/arm/omap1.c |8 
 hw/arm/omap2.c |8 
 2 files changed, 8 insertions(+), 8 deletions(-)

diff --git a/hw/arm/omap1.c b/hw/arm/omap1.c
index 19be5fc..b6a0b27 100644
--- a/hw/arm/omap1.c
+++ b/hw/arm/omap1.c
@@ -3827,7 +3827,6 @@ struct omap_mpu_state_s *omap310_mpu_init(MemoryRegion 
*system_memory,
 int i;
 struct omap_mpu_state_s *s = (struct omap_mpu_state_s *)
 g_malloc0(sizeof(struct omap_mpu_state_s));
-qemu_irq *cpu_irq;
 qemu_irq dma_irqs[6];
 DriveInfo *dinfo;
 SysBusDevice *busdev;
@@ -3860,14 +3859,15 @@ struct omap_mpu_state_s *omap310_mpu_init(MemoryRegion 
*system_memory,
 
 omap_clkm_init(system_memory, 0xfffece00, 0xe1008000, s);
 
-cpu_irq = arm_pic_init_cpu(s->cpu);
 s->ih[0] = qdev_create(NULL, "omap-intc");
 qdev_prop_set_uint32(s->ih[0], "size", 0x100);
 qdev_prop_set_ptr(s->ih[0], "clk", omap_findclk(s, "arminth_ck"));
 qdev_init_nofail(s->ih[0]);
 busdev = SYS_BUS_DEVICE(s->ih[0]);
-sysbus_connect_irq(busdev, 0, cpu_irq[ARM_PIC_CPU_IRQ]);
-sysbus_connect_irq(busdev, 1, cpu_irq[ARM_PIC_CPU_FIQ]);
+sysbus_connect_irq(busdev, 0,
+   qdev_get_gpio_in(DEVICE(s->cpu), ARM_CPU_IRQ));
+sysbus_connect_irq(busdev, 1,
+   qdev_get_gpio_in(DEVICE(s->cpu), ARM_CPU_FIQ));
 sysbus_mmio_map(busdev, 0, 0xfffecb00);
 s->ih[1] = qdev_create(NULL, "omap-intc");
 qdev_prop_set_uint32(s->ih[1], "size", 0x800);
diff --git a/hw/arm/omap2.c b/hw/arm/omap2.c
index ec9610b..36efde0 100644
--- a/hw/arm/omap2.c
+++ b/hw/arm/omap2.c
@@ -2244,7 +2244,6 @@ struct omap_mpu_state_s *omap2420_mpu_init(MemoryRegion 
*sysmem,
 {
 struct omap_mpu_state_s *s = (struct omap_mpu_state_s *)
 g_malloc0(sizeof(struct omap_mpu_state_s));
-qemu_irq *cpu_irq;
 qemu_irq dma_irqs[4];
 DriveInfo *dinfo;
 int i;
@@ -2277,15 +2276,16 @@ struct omap_mpu_state_s *omap2420_mpu_init(MemoryRegion 
*sysmem,
 s->l4 = omap_l4_init(sysmem, OMAP2_L4_BASE, 54);
 
 /* Actually mapped at any 2K boundary in the ARM11 private-peripheral if */
-cpu_irq = arm_pic_init_cpu(s->cpu);
 s->ih[0] = qdev_create(NULL, "omap2-intc");
 qdev_prop_set_uint8(s->ih[0], "revision", 0x21);
 qdev_prop_set_ptr(s->ih[0], "fclk", omap_findclk(s, "mpu_intc_fclk"));
 qdev_prop_set_ptr(s->ih[0], "iclk", omap_findclk(s, "mpu_intc_iclk"));
 qdev_init_nofail(s->ih[0]);
 busdev = SYS_BUS_DEVICE(s->ih[0]);
-sysbus_connect_irq(busdev, 0, cpu_irq[ARM_PIC_CPU_IRQ]);
-sysbus_connect_irq(busdev, 1, cpu_irq[ARM_PIC_CPU_FIQ]);
+sysbus_connect_irq(busdev, 0,
+   qdev_get_gpio_in(DEVICE(s->cpu), ARM_CPU_IRQ));
+sysbus_connect_irq(busdev, 1,
+   qdev_get_gpio_in(DEVICE(s->cpu), ARM_CPU_FIQ));
 sysbus_mmio_map(busdev, 0, 0x480fe000);
 s->prcm = omap_prcm_init(omap_l4tao(s->l4, 3),
  qdev_get_gpio_in(s->ih[0],
-- 
1.7.9.5

[Qemu-devel] [PATCH 09/14] hw/arm/realview: Don't use arm_pic_init_cpu()

[Peter Maydell]

Drop the now-deprecated arm_pic_init_cpu() in favour of directly
getting the IRQ line from the ARMCPU object.

Signed-off-by: Peter Maydell 
---
 hw/arm/realview.c |4 +---
 1 file changed, 1 insertion(+), 3 deletions(-)

diff --git a/hw/arm/realview.c b/hw/arm/realview.c
index 3060f48..82ec02d 100644
--- a/hw/arm/realview.c
+++ b/hw/arm/realview.c
@@ -56,7 +56,6 @@ static void realview_init(QEMUMachineInitArgs *args,
 MemoryRegion *ram_hack = g_new(MemoryRegion, 1);
 DeviceState *dev, *sysctl, *gpio2, *pl041;
 SysBusDevice *busdev;
-qemu_irq *irqp;
 qemu_irq pic[64];
 qemu_irq mmc_irq[2];
 PCIBus *pci_bus = NULL;
@@ -92,8 +91,7 @@ static void realview_init(QEMUMachineInitArgs *args,
 fprintf(stderr, "Unable to find CPU definition\n");
 exit(1);
 }
-irqp = arm_pic_init_cpu(cpu);
-cpu_irq[n] = irqp[ARM_PIC_CPU_IRQ];
+cpu_irq[n] = qdev_get_gpio_in(DEVICE(cpu), ARM_CPU_IRQ);
 }
 env = &cpu->env;
 if (arm_feature(env, ARM_FEATURE_V7)) {
-- 
1.7.9.5

Re: [Qemu-devel] [PATCH] tcg/mips: fix invalid op definition errors

[Richard Henderson]

On 08/08/2013 04:40 AM, James Hogan wrote:
> tcg/mips/tcg-target.h defines various operations conditionally depending
> upon the isa revision, however these operations are included in
> mips_op_defs[] unconditionally resulting in the following runtime errors
> if CONFIG_DEBUG_TCG is defined:
> 
> Invalid op definition for movcond_i32
> Invalid op definition for rotl_i32
> Invalid op definition for rotr_i32
> Invalid op definition for deposit_i32
> Invalid op definition for bswap16_i32
> Invalid op definition for bswap32_i32
> tcg/tcg.c:1196: tcg fatal error
> 
> Fix with ifdefs like the i386 backend does for movcond_i32.
> 
> Signed-off-by: James Hogan 
> Cc: Aurelien Jarno 
> Cc: Richard Henderson 

Reviewed-by: Richard Henderson 

Perfect for 1.6.

For 1.7 it would be really nice if you could figure out some way to make
these runtime tests, instead of ifdefs.  I'd have said getauxval(3), but
the mips kernel doesn't seem to define any identifying bits.  Perhaps
that's the first thing that ought to get fixed...


r~

[Qemu-devel] [PATCH 04/14] hw/arm/highbank: Don't use arm_pic_init_cpu()

[Peter Maydell]

Drop the now-deprecated arm_pic_init_cpu() in favour of directly
getting the IRQ line from the ARMCPU object.

Signed-off-by: Peter Maydell 
---
 hw/arm/highbank.c |4 +---
 1 file changed, 1 insertion(+), 3 deletions(-)

diff --git a/hw/arm/highbank.c b/hw/arm/highbank.c
index 35d5511..f733a6c 100644
--- a/hw/arm/highbank.c
+++ b/hw/arm/highbank.c
@@ -209,7 +209,6 @@ static void calxeda_init(QEMUMachineInitArgs *args, enum 
cxmachines machine)
 const char *initrd_filename = args->initrd_filename;
 DeviceState *dev = NULL;
 SysBusDevice *busdev;
-qemu_irq *irqp;
 qemu_irq pic[128];
 int n;
 qemu_irq cpu_irq[4];
@@ -239,8 +238,7 @@ static void calxeda_init(QEMUMachineInitArgs *args, enum 
cxmachines machine)
 
 /* This will become a QOM property eventually */
 cpu->reset_cbar = GIC_BASE_ADDR;
-irqp = arm_pic_init_cpu(cpu);
-cpu_irq[n] = irqp[ARM_PIC_CPU_IRQ];
+cpu_irq[n] = qdev_get_gpio_in(DEVICE(cpu), ARM_CPU_IRQ);
 }
 
 sysmem = get_system_memory();
-- 
1.7.9.5

[Qemu-devel] [PATCH 03/14] hw/arm/exynos4210: Don't use arm_pic_init_cpu()

[Peter Maydell]

Drop the now-deprecated arm_pic_init_cpu() in favour of directly
getting the IRQ line from the ARMCPU object.

Signed-off-by: Peter Maydell 
---
 hw/arm/exynos4210.c |   16 +++-
 1 file changed, 3 insertions(+), 13 deletions(-)

diff --git a/hw/arm/exynos4210.c b/hw/arm/exynos4210.c
index 216b9b7..4ebb938 100644
--- a/hw/arm/exynos4210.c
+++ b/hw/arm/exynos4210.c
@@ -137,10 +137,8 @@ void exynos4210_write_secondary(ARMCPU *cpu,
 Exynos4210State *exynos4210_init(MemoryRegion *system_mem,
 unsigned long ram_size)
 {
-qemu_irq cpu_irq[EXYNOS4210_NCPUS];
 int i, n;
 Exynos4210State *s = g_new(Exynos4210State, 1);
-qemu_irq *irqp;
 qemu_irq gate_irq[EXYNOS4210_NCPUS][EXYNOS4210_IRQ_GATE_NINPUTS];
 unsigned long mem_size;
 DeviceState *dev;
@@ -152,15 +150,6 @@ Exynos4210State *exynos4210_init(MemoryRegion *system_mem,
 fprintf(stderr, "Unable to find CPU %d definition\n", n);
 exit(1);
 }
-
-/* Create PIC controller for each processor instance */
-irqp = arm_pic_init_cpu(s->cpu[n]);
-
-/*
- * Get GICs gpio_in cpu_irq to connect a combiner to them later.
- * Use only IRQ for a while.
- */
-cpu_irq[n] = irqp[ARM_PIC_CPU_IRQ];
 }
 
 /*** IRQs ***/
@@ -178,8 +167,9 @@ Exynos4210State *exynos4210_init(MemoryRegion *system_mem,
 }
 busdev = SYS_BUS_DEVICE(dev);
 
-/* Connect IRQ Gate output to cpu_irq */
-sysbus_connect_irq(busdev, 0, cpu_irq[i]);
+/* Connect IRQ Gate output to CPU's IRQ line */
+sysbus_connect_irq(busdev, 0,
+   qdev_get_gpio_in(DEVICE(s->cpu[i]), ARM_CPU_IRQ));
 }
 
 /* Private memory region and Internal GIC */
-- 
1.7.9.5

[Qemu-devel] [PATCH 02/14] hw/arm/armv7m: Don't use arm_pic_init_cpu()

[Peter Maydell]

Drop the now-deprecated arm_pic_init_cpu() in favour of directly
getting the IRQ line from the ARMCPU object.

Signed-off-by: Peter Maydell 
---
 hw/arm/armv7m.c |5 ++---
 1 file changed, 2 insertions(+), 3 deletions(-)

diff --git a/hw/arm/armv7m.c b/hw/arm/armv7m.c
index 82d36fb..89a9015 100644
--- a/hw/arm/armv7m.c
+++ b/hw/arm/armv7m.c
@@ -173,7 +173,6 @@ qemu_irq *armv7m_init(MemoryRegion *address_space_mem,
 DeviceState *nvic;
 /* FIXME: make this local state.  */
 static qemu_irq pic[64];
-qemu_irq *cpu_pic;
 int image_size;
 uint64_t entry;
 uint64_t lowaddr;
@@ -221,8 +220,8 @@ qemu_irq *armv7m_init(MemoryRegion *address_space_mem,
 nvic = qdev_create(NULL, "armv7m_nvic");
 env->nvic = nvic;
 qdev_init_nofail(nvic);
-cpu_pic = arm_pic_init_cpu(cpu);
-sysbus_connect_irq(SYS_BUS_DEVICE(nvic), 0, cpu_pic[ARM_PIC_CPU_IRQ]);
+sysbus_connect_irq(SYS_BUS_DEVICE(nvic), 0,
+   qdev_get_gpio_in(DEVICE(cpu), ARM_CPU_IRQ));
 for (i = 0; i < 64; i++) {
 pic[i] = qdev_get_gpio_in(nvic, i);
 }
-- 
1.7.9.5

[Qemu-devel] [PATCH 12/14] hw/arm/vexpress: Don't use arm_pic_init_cpu()

[Peter Maydell]

Drop the now-deprecated arm_pic_init_cpu() in favour of directly
getting the IRQ line from the ARMCPU object.

Signed-off-by: Peter Maydell 
---
 hw/arm/vexpress.c |8 ++--
 1 file changed, 2 insertions(+), 6 deletions(-)

diff --git a/hw/arm/vexpress.c b/hw/arm/vexpress.c
index 9586e38..fbd71a7 100644
--- a/hw/arm/vexpress.c
+++ b/hw/arm/vexpress.c
@@ -183,7 +183,6 @@ static void a9_daughterboard_init(const VEDBoardInfo 
*daughterboard,
 MemoryRegion *lowram = g_new(MemoryRegion, 1);
 DeviceState *dev;
 SysBusDevice *busdev;
-qemu_irq *irqp;
 int n;
 qemu_irq cpu_irq[4];
 ram_addr_t low_ram_size;
@@ -198,8 +197,7 @@ static void a9_daughterboard_init(const VEDBoardInfo 
*daughterboard,
 fprintf(stderr, "Unable to find CPU definition\n");
 exit(1);
 }
-irqp = arm_pic_init_cpu(cpu);
-cpu_irq[n] = irqp[ARM_PIC_CPU_IRQ];
+cpu_irq[n] = qdev_get_gpio_in(DEVICE(cpu), ARM_CPU_IRQ);
 }
 
 if (ram_size > 0x4000) {
@@ -312,15 +310,13 @@ static void a15_daughterboard_init(const VEDBoardInfo 
*daughterboard,
 
 for (n = 0; n < smp_cpus; n++) {
 ARMCPU *cpu;
-qemu_irq *irqp;
 
 cpu = cpu_arm_init(cpu_model);
 if (!cpu) {
 fprintf(stderr, "Unable to find CPU definition\n");
 exit(1);
 }
-irqp = arm_pic_init_cpu(cpu);
-cpu_irq[n] = irqp[ARM_PIC_CPU_IRQ];
+cpu_irq[n] = qdev_get_gpio_in(DEVICE(cpu), ARM_CPU_IRQ);
 }
 
 {
-- 
1.7.9.5

[Qemu-devel] [PATCH 13/14] hw/arm/xilinx_zynq: Don't use arm_pic_init_cpu()

[Peter Maydell]

Drop the now-deprecated arm_pic_init_cpu() in favour of directly
getting the IRQ line from the ARMCPU object.

Signed-off-by: Peter Maydell 
---
 hw/arm/xilinx_zynq.c |7 ++-
 1 file changed, 2 insertions(+), 5 deletions(-)

diff --git a/hw/arm/xilinx_zynq.c b/hw/arm/xilinx_zynq.c
index 3444823..0f18c85 100644
--- a/hw/arm/xilinx_zynq.c
+++ b/hw/arm/xilinx_zynq.c
@@ -108,11 +108,9 @@ static void zynq_init(QEMUMachineInitArgs *args)
 MemoryRegion *ocm_ram = g_new(MemoryRegion, 1);
 DeviceState *dev;
 SysBusDevice *busdev;
-qemu_irq *irqp;
 qemu_irq pic[64];
 NICInfo *nd;
 int n;
-qemu_irq cpu_irq;
 
 if (!cpu_model) {
 cpu_model = "cortex-a9";
@@ -123,8 +121,6 @@ static void zynq_init(QEMUMachineInitArgs *args)
 fprintf(stderr, "Unable to find CPU definition\n");
 exit(1);
 }
-irqp = arm_pic_init_cpu(cpu);
-cpu_irq = irqp[ARM_PIC_CPU_IRQ];
 
 /* max 2GB ram */
 if (ram_size > 0x8000) {
@@ -159,7 +155,8 @@ static void zynq_init(QEMUMachineInitArgs *args)
 qdev_init_nofail(dev);
 busdev = SYS_BUS_DEVICE(dev);
 sysbus_mmio_map(busdev, 0, 0xF8F0);
-sysbus_connect_irq(busdev, 0, cpu_irq);
+sysbus_connect_irq(busdev, 0,
+   qdev_get_gpio_in(DEVICE(cpu), ARM_CPU_IRQ));
 
 for (n = 0; n < 64; n++) {
 pic[n] = qdev_get_gpio_in(dev, n);
-- 
1.7.9.5

[Qemu-devel] [PATCH 14/14] hw/arm/pic_cpu: Remove the now-unneeded arm_pic_init_cpu()

[Peter Maydell]

Now all the boards have been converted arm_pic_init_cpu()
is unused and can just be deleted.

Signed-off-by: Peter Maydell 
---
 hw/arm/Makefile.objs |2 +-
 hw/arm/pic_cpu.c |   25 -
 include/hw/arm/arm.h |5 -
 3 files changed, 1 insertion(+), 31 deletions(-)
 delete mode 100644 hw/arm/pic_cpu.c

diff --git a/hw/arm/Makefile.objs b/hw/arm/Makefile.objs
index 9e3a06f..3671b42 100644
--- a/hw/arm/Makefile.objs
+++ b/hw/arm/Makefile.objs
@@ -1,6 +1,6 @@
 obj-y += boot.o collie.o exynos4_boards.o gumstix.o highbank.o
 obj-y += integratorcp.o kzm.o mainstone.o musicpal.o nseries.o
-obj-y += omap_sx1.o palm.o pic_cpu.o realview.o spitz.o stellaris.o
+obj-y += omap_sx1.o palm.o realview.o spitz.o stellaris.o
 obj-y += tosa.o versatilepb.o vexpress.o xilinx_zynq.o z2.o
 
 obj-y += armv7m.o exynos4210.o pxa2xx.o pxa2xx_gpio.o pxa2xx_pic.o
diff --git a/hw/arm/pic_cpu.c b/hw/arm/pic_cpu.c
deleted file mode 100644
index 9c36273..000
--- a/hw/arm/pic_cpu.c
+++ /dev/null
@@ -1,25 +0,0 @@
-/*
- * Generic ARM Programmable Interrupt Controller support.
- *
- * Copyright (c) 2006 CodeSourcery.
- * Written by Paul Brook
- *
- * This code is licensed under the LGPL
- */
-
-#include "hw/hw.h"
-#include "hw/arm/arm.h"
-
-/* Backwards compatibility shim; this can disappear when all
- * board models have been updated to get IRQ and FIQ lines directly
- * from the ARMCPU object rather than by calling this function.
- */
-qemu_irq *arm_pic_init_cpu(ARMCPU *cpu)
-{
-DeviceState *dev = DEVICE(cpu);
-qemu_irq *irqs = g_new(qemu_irq, 2);
-
-irqs[0] = qdev_get_gpio_in(dev, ARM_CPU_IRQ);
-irqs[1] = qdev_get_gpio_in(dev, ARM_CPU_FIQ);
-return irqs;
-}
diff --git a/include/hw/arm/arm.h b/include/hw/arm/arm.h
index bae87c6..ecbbba8 100644
--- a/include/hw/arm/arm.h
+++ b/include/hw/arm/arm.h
@@ -14,11 +14,6 @@
 #include "exec/memory.h"
 #include "hw/irq.h"
 
-/* The CPU is also modelled as an interrupt controller.  */
-#define ARM_PIC_CPU_IRQ 0
-#define ARM_PIC_CPU_FIQ 1
-qemu_irq *arm_pic_init_cpu(ARMCPU *cpu);
-
 /* armv7m.c */
 qemu_irq *armv7m_init(MemoryRegion *address_space_mem,
   int flash_size, int sram_size,
-- 
1.7.9.5

[Qemu-devel] [PATCH 00/14] ARM: make IRQ/FIQ gpio lines on CPU object

[Peter Maydell]

This patch series makes IRQ and FIQ be inbound gpio lines on the
ARMCPU object (which we can do now that it is a subclass of
DeviceState). This allows us to drop the odd 'arm_pic' shim,
which doesn't correspond to real hardware and existed purely
to be a thing which exposed qemu_irqs.

Peter Maydell (14):
  target-arm: Make IRQ and FIQ gpio lines on the CPU object
  hw/arm/armv7m: Don't use arm_pic_init_cpu()
  hw/arm/exynos4210: Don't use arm_pic_init_cpu()
  hw/arm/highbank: Don't use arm_pic_init_cpu()
  hw/arm/integratorcp: Don't use arm_pic_init_cpu()
  hw/arm/kzm: Don't use arm_pic_init_cpu()
  hw/arm/musicpal: Don't use arm_pic_init_cpu()
  hw/arm/omap*: Don't use arm_pic_init_cpu()
  hw/arm/realview: Don't use arm_pic_init_cpu()
  hw/arm/strongarm: Don't use arm_pic_init_cpu()
  hw/arm/versatilepb: Don't use arm_pic_init_cpu()
  hw/arm/vexpress: Don't use arm_pic_init_cpu()
  hw/arm/xilinx_zynq: Don't use arm_pic_init_cpu()
  hw/arm/pic_cpu: Remove the now-unneeded arm_pic_init_cpu()

 hw/arm/Makefile.objs  |2 +-
 hw/arm/armv7m.c   |5 ++--
 hw/arm/exynos4210.c   |   16 +++-
 hw/arm/highbank.c |4 +--
 hw/arm/integratorcp.c |7 +++--
 hw/arm/kzm.c  |8 +++---
 hw/arm/musicpal.c |4 +--
 hw/arm/omap1.c|8 +++---
 hw/arm/omap2.c|8 +++---
 hw/arm/pic_cpu.c  |   68 -
 hw/arm/realview.c |4 +--
 hw/arm/strongarm.c|6 ++---
 hw/arm/versatilepb.c  |7 +++--
 hw/arm/vexpress.c |8 ++
 hw/arm/xilinx_zynq.c  |7 ++---
 include/hw/arm/arm.h  |5 
 target-arm/cpu.c  |   60 +++
 target-arm/cpu.h  |3 +++
 18 files changed, 96 insertions(+), 134 deletions(-)
 delete mode 100644 hw/arm/pic_cpu.c

-- 
1.7.9.5

[Qemu-devel] [PATCH 06/14] hw/arm/kzm: Don't use arm_pic_init_cpu()

[Peter Maydell]

Drop the now-deprecated arm_pic_init_cpu() in favour of directly
getting the IRQ line from the ARMCPU object.

Signed-off-by: Peter Maydell 
---
 hw/arm/kzm.c |8 +++-
 1 file changed, 3 insertions(+), 5 deletions(-)

diff --git a/hw/arm/kzm.c b/hw/arm/kzm.c
index bd6c05c..a248bf0 100644
--- a/hw/arm/kzm.c
+++ b/hw/arm/kzm.c
@@ -82,7 +82,6 @@ static void kzm_init(QEMUMachineInitArgs *args)
 MemoryRegion *ram = g_new(MemoryRegion, 1);
 MemoryRegion *sram = g_new(MemoryRegion, 1);
 MemoryRegion *ram_alias = g_new(MemoryRegion, 1);
-qemu_irq *cpu_pic;
 DeviceState *dev;
 DeviceState *ccm;
 
@@ -108,11 +107,10 @@ static void kzm_init(QEMUMachineInitArgs *args)
 memory_region_init_ram(sram, NULL, "kzm.sram", 0x4000);
 memory_region_add_subregion(address_space_mem, 0x1FFFC000, sram);
 
-cpu_pic = arm_pic_init_cpu(cpu);
 dev = sysbus_create_varargs("imx_avic", 0x6800,
-cpu_pic[ARM_PIC_CPU_IRQ],
-cpu_pic[ARM_PIC_CPU_FIQ], NULL);
-
+qdev_get_gpio_in(DEVICE(cpu), ARM_CPU_IRQ),
+qdev_get_gpio_in(DEVICE(cpu), ARM_CPU_FIQ),
+NULL);
 
 imx_serial_create(0, 0x43f9, qdev_get_gpio_in(dev, 45));
 imx_serial_create(1, 0x43f94000, qdev_get_gpio_in(dev, 32));
-- 
1.7.9.5

[Qemu-devel] [PATCH 11/14] hw/arm/versatilepb: Don't use arm_pic_init_cpu()

[Peter Maydell]

Drop the now-deprecated arm_pic_init_cpu() in favour of directly
getting the IRQ line from the ARMCPU object.

Signed-off-by: Peter Maydell 
---
 hw/arm/versatilepb.c |7 +++
 1 file changed, 3 insertions(+), 4 deletions(-)

diff --git a/hw/arm/versatilepb.c b/hw/arm/versatilepb.c
index b48d84c..4a6fcee 100644
--- a/hw/arm/versatilepb.c
+++ b/hw/arm/versatilepb.c
@@ -178,7 +178,6 @@ static void versatile_init(QEMUMachineInitArgs *args, int 
board_id)
 ARMCPU *cpu;
 MemoryRegion *sysmem = get_system_memory();
 MemoryRegion *ram = g_new(MemoryRegion, 1);
-qemu_irq *cpu_pic;
 qemu_irq pic[32];
 qemu_irq sic[32];
 DeviceState *dev, *sysctl;
@@ -211,10 +210,10 @@ static void versatile_init(QEMUMachineInitArgs *args, int 
board_id)
 qdev_init_nofail(sysctl);
 sysbus_mmio_map(SYS_BUS_DEVICE(sysctl), 0, 0x1000);
 
-cpu_pic = arm_pic_init_cpu(cpu);
 dev = sysbus_create_varargs("pl190", 0x1014,
-cpu_pic[ARM_PIC_CPU_IRQ],
-cpu_pic[ARM_PIC_CPU_FIQ], NULL);
+qdev_get_gpio_in(DEVICE(cpu), ARM_CPU_IRQ),
+qdev_get_gpio_in(DEVICE(cpu), ARM_CPU_FIQ),
+NULL);
 for (n = 0; n < 32; n++) {
 pic[n] = qdev_get_gpio_in(dev, n);
 }
-- 
1.7.9.5

Re: [Qemu-devel] [PATCH v2 for-1.6] pc: disable pci-info for 1.6

[Richard Henderson]

On 08/08/2013 05:55 AM, Michael S. Tsirkin wrote:
> The BIOS that we ship in 1.6 does not use pci info
> from host (yet). Several issues turned up
> (e.g. around winXP boot crashes). So it's safest to disable that
> interface for 1.6 machine types for now, leave it on for 1.7
> so we have enough time to figure out the right way
> to fix issues if any.
> 
> Cc: Richard Henderson 
> Signed-off-by: Michael S. Tsirkin 

Reviewed-by: Richard Henderson 


r~

Re: [Qemu-devel] [PATCH V4 3/5] block: Enable the new throttling code in the block layer.

[Benoît Canet]

> Also, it would be better to have a workaround for this.  Perhaps we
> could simply make the default value of max nonzero?  In the old
> throttling code the slice time is 0.1s, so perhaps we could see what
> happens with max=0.1*avg.

This gives correct results with cfg with some little auto compensated 
oscillations.

I will definitelly drop the bogus comment.

Best regards

Benoît

Re: [Qemu-devel] -cpu host (was Re: KVM call minutes for 2013-08-06)

[Andreas Färber]

Hi Peter,

Am 08.08.2013 14:51, schrieb Peter Maydell:
> [I missed this KVM call but the stuff about -cpu host ties into
> an issue we've been grappling with for ARM KVM, so it seems
> a reasonable jumping-off-point.]
> 
> On 6 August 2013 16:15, Juan Quintela  wrote:
>> 2013-08-06
>> --
>>
>> What libvirt needs/miss Today?
>> - how to handle machine types? creating them inside qemu?
>> - qemu --cpu help
>>   only shows cpus,  not what features qemu will use
>> - qemu -cpu host
>>   what does this exactly means?  kvm removes same flags.
>> - Important to know if migration would work.
>> - Machine types sometimes disable some feature, so cpu alone is not
>>   enough.
> 
>> - kernel removes some features because it knows it can't be virtualised
>> - qemu adds some others because it knows it don't need host support
>> - and then lots of features in the middle
> 
> So, coming at this from an ARM perspective:
> Should any target arch that supports KVM also support "-cpu host"?
> If so, what should it do?

I think that depends on the target and whether/what is useful.

> Is there a description somewhere of
> what the x86 and PPC semantics of -cpu host are?

I'm afraid our usual documentation will be reading the source code. ;)

x86 was first to implement -cpu host and passed through pretty much all
host features even if they would not work without additional support
code. I've seen a bunch of bugs where that leads to GMP and others
breaking badly. Lately in the case of PMU we've started to limit that.
Alex proposed -cpu best, which was never merged to date. It was similar
to how ppc's -cpu host works:

ppc matches the Processor Version Register (PVR) in kvm.c against its
known models from cpu-models.c (strictly today, mask being discussed).
The PVR can be read from userspace via mfpvr alias to mfspr (Move From
Special Purpose Register; possibly emulated for userspace by kernel?).
CPU features are all QEMU-driven AFAIU, through the "CPU families" in
translate_init.c. Beware, everything is highly macro'fied in ppc code.

> For ARM you can't get at feature info of the host from userspace
> (unless you want to get into parsing /proc/cpuinfo), so my current
> idea is to have KVM_ARM_VCPU_INIT support a target-cpu-type
> which means "whatever host CPU is". Then when we've created the
> vcpu we can populate QEMU's idea of what the CPU features are
> by using the existing ioctls for reading the cp15 registers of
> the vcpu.

Sounds sane to me iff those cp15 registers all work with KVM and don't
need any additional KVM/QEMU/device code.

> The other unresolved thing is what "-cpu host" ought to mean
> for the CPU's on-chip peripherals (of which the major one is
> the interrupt controller) -- if the host is an A57 should
> this imply that you always get the A57's GICv3, or is it OK
> to provide an A57 with a GICv2? At the moment QEMU models the
> per-cpu peripherals in a somewhat more semi-detached fashion
> than is the case in silicon, treating them as more a part
> of the board model than of the cpu itself.

Feel free to submit patches changing that. Prerequisite should then be
to have those devices be pure TYPE_DEVICE rather than
TYPE_SYS_BUS_DEVICE, or otherwise you'll run into the same hot-plug trap
as we did with the x86 APIC (we had to invent a hotpluggable ICC bus as
interim solution).

> Having '-cpu host'
> not affect them might be the pragmatic choice, since it fits
> with what QEMU currently does and with kernel-side situations
> where the host CPU may only be able to show the guest VM a
> GICv2 view of the world (or only a GICv3, as the case may be).
> For this to work it does require that guests figure out what
> their per-cpu peripherals are by looking at the device tree
> rather than saying "oh, this is an A57, I know all A57s
> have this", of course...

Without directly answering the question and continuing from above, my
personal view has been that we need to get away from the current CPU
model to a) how hardware is structured and b) how we want to have things
behave in virtualized environments.

Take x86 as an example: CPUState corresponds to a hyperthread today, but
we want hotplug to work like it does on a physical machine: hot-adding
on socket-level only. Beyond just building the topology with Container
objects, that means having a Xeon-X5-4242 object that has-a CPU core
has-a CPU thread and any devices the particular layers bring along.

For SoCs I have been proposing - for sh7750 and lately tegra2 - to model
"the black chip on the board" as a TYPE_DEVICE for encapsulation across
boards. Meaning the GIC would no longer be instantiated on the board but
as part of an object, and -smp and -cpu would as a consequence loose in
influence.

We could interpret -cpu host as instantiate the host's SoC object. But
the mainstream SoC for KVM virtualization is exynos5, and no one sat
down to model exynos5 in QEMU so far, so that would be moot. Versatile
Express is rather unlikely to match the host enviro

Re: [Qemu-devel] [PATCH] block: Bugfix 'format' and 'snapshot' used in drive option

[Kevin Wolf]

Am 08.08.2013 um 16:45 hat Mike Qiu geschrieben:
> When use -drive file='xxx',format=qcow2,snapshot=on the error
> message "Can't use snapshot=on with driver-specific options"
> can be show, and fail to start the qemu.
> 
> This should not be happened, and there is no file.driver option
> in qemu command line.
> 
> It is because the commit 74fe54f2a1b5c4f4498a8fe521e1dfc936656cd4,
> it puts 'driver' option if the command line use 'format' option.
> 
> This patch is to solve this bug.
> 
> Signed-off-by: Mike Qiu 

Thanks, applied to the block branch.

This is quite obviously not the proper long-term solution, but I've had
a look at the code and considering that we'll only have one more release
candidate for 1.6, it seems to be too risky to do anything more involved
than this.

I'm going to revert this patch again for 1.7 and replace it by proper
snapshot=on support with driver-specific options.

Kevin

[Qemu-devel] [PATCH v2 for-1.6] pc: disable pci-info for 1.6

[Michael S. Tsirkin]

The BIOS that we ship in 1.6 does not use pci info
from host (yet). Several issues turned up
(e.g. around winXP boot crashes). So it's safest to disable that
interface for 1.6 machine types for now, leave it on for 1.7
so we have enough time to figure out the right way
to fix issues if any.

Cc: Richard Henderson 
Signed-off-by: Michael S. Tsirkin 
---

Changes from v1:
fix reversed logic noted by Richard Henderson

 hw/i386/pc_piix.c | 9 +++--
 hw/i386/pc_q35.c  | 9 +++--
 2 files changed, 14 insertions(+), 4 deletions(-)

diff --git a/hw/i386/pc_piix.c b/hw/i386/pc_piix.c
index ab25458..95c45b8 100644
--- a/hw/i386/pc_piix.c
+++ b/hw/i386/pc_piix.c
@@ -249,12 +249,17 @@ static void pc_init_pci(QEMUMachineInitArgs *args)
  initrd_filename, cpu_model, 1, 1);
 }
 
-static void pc_init_pci_1_5(QEMUMachineInitArgs *args)
+static void pc_init_pci_1_6(QEMUMachineInitArgs *args)
 {
 has_pci_info = false;
 pc_init_pci(args);
 }
 
+static void pc_init_pci_1_5(QEMUMachineInitArgs *args)
+{
+pc_init_pci_1_6(args);
+}
+
 static void pc_init_pci_1_4(QEMUMachineInitArgs *args)
 {
 has_pvpanic = false;
@@ -340,7 +345,7 @@ static QEMUMachine pc_i440fx_machine_v1_6 = {
 .name = "pc-i440fx-1.6",
 .alias = "pc",
 .desc = "Standard PC (i440FX + PIIX, 1996)",
-.init = pc_init_pci,
+.init = pc_init_pci_1_6,
 .hot_add_cpu = pc_hot_add_cpu,
 .max_cpus = 255,
 .is_default = 1,
diff --git a/hw/i386/pc_q35.c b/hw/i386/pc_q35.c
index 2f35d12..6bfc2ca 100644
--- a/hw/i386/pc_q35.c
+++ b/hw/i386/pc_q35.c
@@ -217,12 +217,17 @@ static void pc_q35_init(QEMUMachineInitArgs *args)
 }
 }
 
-static void pc_q35_init_1_5(QEMUMachineInitArgs *args)
+static void pc_q35_init_1_6(QEMUMachineInitArgs *args)
 {
 has_pci_info = false;
 pc_q35_init(args);
 }
 
+static void pc_q35_init_1_5(QEMUMachineInitArgs *args)
+{
+pc_q35_init_1_6(args);
+}
+
 static void pc_q35_init_1_4(QEMUMachineInitArgs *args)
 {
 has_pvpanic = false;
@@ -234,7 +239,7 @@ static QEMUMachine pc_q35_machine_v1_6 = {
 .name = "pc-q35-1.6",
 .alias = "q35",
 .desc = "Standard PC (Q35 + ICH9, 2009)",
-.init = pc_q35_init,
+.init = pc_q35_init_1_6,
 .hot_add_cpu = pc_hot_add_cpu,
 .max_cpus = 255,
 DEFAULT_MACHINE_OPTIONS,
-- 
MST

Re: [Qemu-devel] [PATCH 1/7] virtio: allow byte swapping for vring and config access

[Peter Maydell]

On 8 August 2013 16:40, Anthony Liguori  wrote:
> PPC64 is big endian.  AFAIK, there is no such thing as a little endian
> PPC64 processor.

What's your definition of "little endian processor" here if
it isn't "one which is doing byte swaps of data"? I would
describe a PPC64 with the relevant mode bit set as "little
endian".

> This is just a processor mode where loads/stores are byte lane swapped.
> Hence the name 'cpu_get_byteswap'.  It's just asking whether the
> load/stores are being swapped or not.
>
> At least for PPC64, it's not possible to enable/disable byte lane
> swapping for individual CPUs.  It's done through a system-wide hcall.
>
> FWIW, I think most bi-endian architectures are this way too so I think
> this is equally applicable to ARM.  Peter, is that right?

ARM's bi-endian story is complicated and depends on the CPU.
Older CPUs didn't do byte-lane swapping of data; instead
when the CPU was configured in "big endian" mode they would
do address munging (XOR the address with 3 when doing a byte
access; XOR with 1 for halfword access). New CPUs do byte-lane
swapping (but only for data, not for instruction fetch).
CPUs in the transition period can do either.

In all cases, this is a per-cpu-core thing: you can have
one core configured to be bigendian and the other little
endian. You could in theory have the OS support both big
and little endian userspace processes. We ideally would
want to support "QEMU is a little endian process but the
VM's vcpu is currently bigendian".

Fuller writeup here:
http://translatedcode.wordpress.com/2012/04/02/this-end-up/

-- PMM

Re: [Qemu-devel] [PATCH 1/7] virtio: allow byte swapping for vring and config access

[Daniel P. Berrange]

On Thu, Aug 08, 2013 at 10:40:28AM -0500, Anthony Liguori wrote:
> Andreas Färber  writes:
> >> We have a mechanism to do weak functions via stubs/.  I think it would
> >> be better to do cpu_get_byteswap() as a stub function and then overload
> >> it in the ppc64 code.
> >
> > If this as your name indicates is a per-CPU function then it should go
> > into CPUClass. Interesting question is, what is virtio supposed to do if
> > we have two ppc CPUs, one is Big Endian, the other is Little Endian.
> 
> PPC64 is big endian.  AFAIK, there is no such thing as a little endian
> PPC64 processor.

Unless I'm misunderstanding, this thread seems to suggest otherwise:

  "[Qemu-devel] [PATCH 0/5] 64bit PowerPC little endian support"

  https://lists.nongnu.org/archive/html/qemu-devel/2013-08/msg00813.html


Daniel
-- 
|: http://berrange.com  -o-http://www.flickr.com/photos/dberrange/ :|
|: http://libvirt.org  -o- http://virt-manager.org :|
|: http://autobuild.org   -o- http://search.cpan.org/~danberr/ :|
|: http://entangle-photo.org   -o-   http://live.gnome.org/gtk-vnc :|

Re: [Qemu-devel] [PATCH 1/2] memory: Provide separate handling of unassigned io ports accesses

[Jan Kiszka]

On 2013-08-08 17:33, Peter Maydell wrote:
> On 3 August 2013 09:31, Jan Kiszka  wrote:
>> --- a/ioport.c
>> +++ b/ioport.c
>> @@ -44,6 +44,22 @@ typedef struct MemoryRegionPortioList {
>>  MemoryRegionPortio ports[];
>>  } MemoryRegionPortioList;
>>
>> +static uint64_t unassigned_io_read(void *opaque, hwaddr addr, unsigned size)
>> +{
>> +return -1UL;
> 
> This should probably be "-1ULL", otherwise we'll return
> different values on 32 bit and 64 bit hosts. (Actually
> managing a 64 bit read of the i/o space is pretty
> unlikely, though possibly alpha memory-mapped via the
> PCI space might let you do it.)

No problem with changing this - but wouldn't 64-bit i/o accesses be a
bug? It's not allowed according to PCI, no device can handle it
(officially), so no arch should forward such requests from mmio, rather
break them up first.

> 
> PS: something about the way these patches were submitted
> has confused Anthony's patches tool -- it reports them
> as two separate patches rather than a single series.
> (No cover letter, maybe?)

Something on my side broke the reference from the second to the first email.

Jan

-- 
Siemens AG, Corporate Technology, CT RTC ITP SES-DE
Corporate Competence Center Embedded Linux

Re: [Qemu-devel] [PATCH V4 3/5] block: Enable the new throttling code in the block layer.o

[Benoît Canet]

> This is not really accurate; the cfq scheduler reorders reads and writes
> to have longer bursts, and these sometimes exceed the rate you set.  I
> understood this is mostly for separate rd/wr settings, or did you
> reproduce it with "total" rates too?

I'll drop the comment.

It's only with read/write settings and not with total.

> 
> Also, it would be better to have a workaround for this.  Perhaps we
> could simply make the default value of max nonzero?  In the old
> throttling code the slice time is 0.1s, so perhaps we could see what
> happens with max=0.1*avg.

I already set max to 0.1*avg if needed in the code.