[Qemu-devel] [PATCH v4] Extend qemu-ga's 'guest-info' command to expose flag 'success-response'

[Mark Wu]

Now we have several qemu-ga commands not returning response on success.
It has been documented in qga/qapi-schema.json already. This patch exposes
the 'success-response' flag by extending 'guest-info' command. With this
change, the clients can handle the command response more flexibly.

Signed-off-by: Mark Wu 
---
Changes:
v4: 
Add signature of qmp_has_success_response per Michael.
v3: 
1. treat cmd->options as a bitmask instead of single option (per Eric) 
2. rebase on the patch " Add interface to traverse the qmp command list
by QmpCommand" to avoid the O(n2) problem (per Eric and Michael)
v2: 
add the notation 'since 1.7' to the option 'success-response'
(per Eric Blake's comments)

 include/qapi/qmp/dispatch.h | 1 +
 qapi/qmp-registry.c | 5 +
 qga/commands.c  | 1 +
 qga/qapi-schema.json| 5 -
 4 files changed, 11 insertions(+), 1 deletion(-)

diff --git a/include/qapi/qmp/dispatch.h b/include/qapi/qmp/dispatch.h
index b6eb49e..cebf6aa 100644
--- a/include/qapi/qmp/dispatch.h
+++ b/include/qapi/qmp/dispatch.h
@@ -48,6 +48,7 @@ QObject *qmp_dispatch(QObject *request);
 void qmp_disable_command(const char *name);
 void qmp_enable_command(const char *name);
 bool qmp_command_is_enabled(const QmpCommand *cmd);
+bool qmp_has_success_response(const QmpCommand *cmd);
 QObject *qmp_build_error_object(Error *errp);
 typedef void (*qmp_cmd_callback_fn)(QmpCommand *cmd, void *opaque);
 void qmp_for_each_command(qmp_cmd_callback_fn fn, void *opaque);
diff --git a/qapi/qmp-registry.c b/qapi/qmp-registry.c
index 3fcf10e..c75c2e8 100644
--- a/qapi/qmp-registry.c
+++ b/qapi/qmp-registry.c
@@ -71,6 +71,11 @@ bool qmp_command_is_enabled(const QmpCommand *cmd)
 return cmd->enabled;
 }
 
+bool qmp_has_success_response(const QmpCommand *cmd)
+{
+   return !(cmd->options & QCO_NO_SUCCESS_RESP);
+}
+
 void qmp_for_each_command(qmp_cmd_callback_fn fn, void *opaque)
 {
 QmpCommand *cmd;
diff --git a/qga/commands.c b/qga/commands.c
index 063b22b..7f089ba 100644
--- a/qga/commands.c
+++ b/qga/commands.c
@@ -54,6 +54,7 @@ static void qmp_command_info(QmpCommand *cmd, void *opaque)
 cmd_info = g_malloc0(sizeof(GuestAgentCommandInfo));
 cmd_info->name = g_strdup(cmd->name);
 cmd_info->enabled = qmp_command_is_enabled(cmd);
+cmd_info->success_response = qmp_has_success_response(cmd);
 
 cmd_info_list = g_malloc0(sizeof(GuestAgentCommandInfoList));
 cmd_info_list->value = cmd_info;
diff --git a/qga/qapi-schema.json b/qga/qapi-schema.json
index 7155b7a..245f968 100644
--- a/qga/qapi-schema.json
+++ b/qga/qapi-schema.json
@@ -141,10 +141,13 @@
 #
 # @enabled: whether command is currently enabled by guest admin
 #
+# @success-response: whether command returns a response on success
+#(since 1.7)
+#
 # Since 1.1.0
 ##
 { 'type': 'GuestAgentCommandInfo',
-  'data': { 'name': 'str', 'enabled': 'bool' } }
+  'data': { 'name': 'str', 'enabled': 'bool', 'success-response': 'bool' } }
 
 ##
 # @GuestAgentInfo
-- 
1.8.3.1

[Qemu-devel] [PATCH v2] Add interface to traverse the qmp command list by QmpCommand

[Mark Wu]

In the original code, qmp_get_command_list is used to construct
a list of all commands' name. To get the information of all qga
commands, it traverses the name list and search the command info
with its name.  So it can cause O(n^2) in the number of commands.

This patch adds an interface to traverse the qmp command list by
QmpCommand to replace qmp_get_command_list. It can decrease the
complexity from O(n^2) to O(n).

Signed-off-by: Mark Wu 
---
Changes:
v2:
1. Keep the signature of qmp_command_is_enabled (per Eric and Michael)
2. Remove the unnecessary pointer castings (per Eric)

 include/qapi/qmp/dispatch.h |  5 ++--
 qapi/qmp-registry.c | 27 +++---
 qga/commands.c  | 38 ++---
 qga/main.c  | 68 +
 4 files changed, 48 insertions(+), 90 deletions(-)

diff --git a/include/qapi/qmp/dispatch.h b/include/qapi/qmp/dispatch.h
index 1ce11f5..b6eb49e 100644
--- a/include/qapi/qmp/dispatch.h
+++ b/include/qapi/qmp/dispatch.h
@@ -47,9 +47,10 @@ QmpCommand *qmp_find_command(const char *name);
 QObject *qmp_dispatch(QObject *request);
 void qmp_disable_command(const char *name);
 void qmp_enable_command(const char *name);
-bool qmp_command_is_enabled(const char *name);
-char **qmp_get_command_list(void);
+bool qmp_command_is_enabled(const QmpCommand *cmd);
 QObject *qmp_build_error_object(Error *errp);
+typedef void (*qmp_cmd_callback_fn)(QmpCommand *cmd, void *opaque);
+void qmp_for_each_command(qmp_cmd_callback_fn fn, void *opaque);
 
 #endif
 
diff --git a/qapi/qmp-registry.c b/qapi/qmp-registry.c
index 28bbbe8..3fcf10e 100644
--- a/qapi/qmp-registry.c
+++ b/qapi/qmp-registry.c
@@ -66,35 +66,16 @@ void qmp_enable_command(const char *name)
 qmp_toggle_command(name, true);
 }
 
-bool qmp_command_is_enabled(const char *name)
+bool qmp_command_is_enabled(const QmpCommand *cmd)
 {
-QmpCommand *cmd;
-
-QTAILQ_FOREACH(cmd, &qmp_commands, node) {
-if (strcmp(cmd->name, name) == 0) {
-return cmd->enabled;
-}
-}
-
-return false;
+return cmd->enabled;
 }
 
-char **qmp_get_command_list(void)
+void qmp_for_each_command(qmp_cmd_callback_fn fn, void *opaque)
 {
 QmpCommand *cmd;
-int count = 1;
-char **list_head, **list;
-
-QTAILQ_FOREACH(cmd, &qmp_commands, node) {
-count++;
-}
-
-list_head = list = g_malloc0(count * sizeof(char *));
 
 QTAILQ_FOREACH(cmd, &qmp_commands, node) {
-*list = g_strdup(cmd->name);
-list++;
+fn(cmd, opaque);
 }
-
-return list_head;
 }
diff --git a/qga/commands.c b/qga/commands.c
index 528b082..063b22b 100644
--- a/qga/commands.c
+++ b/qga/commands.c
@@ -45,35 +45,27 @@ void qmp_guest_ping(Error **err)
 slog("guest-ping called");
 }
 
-struct GuestAgentInfo *qmp_guest_info(Error **err)
+static void qmp_command_info(QmpCommand *cmd, void *opaque)
 {
-GuestAgentInfo *info = g_malloc0(sizeof(GuestAgentInfo));
+GuestAgentInfo *info = opaque;
 GuestAgentCommandInfo *cmd_info;
 GuestAgentCommandInfoList *cmd_info_list;
-char **cmd_list_head, **cmd_list;
-
-info->version = g_strdup(QEMU_VERSION);
-
-cmd_list_head = cmd_list = qmp_get_command_list();
-if (*cmd_list_head == NULL) {
-goto out;
-}
 
-while (*cmd_list) {
-cmd_info = g_malloc0(sizeof(GuestAgentCommandInfo));
-cmd_info->name = g_strdup(*cmd_list);
-cmd_info->enabled = qmp_command_is_enabled(cmd_info->name);
+cmd_info = g_malloc0(sizeof(GuestAgentCommandInfo));
+cmd_info->name = g_strdup(cmd->name);
+cmd_info->enabled = qmp_command_is_enabled(cmd);
 
-cmd_info_list = g_malloc0(sizeof(GuestAgentCommandInfoList));
-cmd_info_list->value = cmd_info;
-cmd_info_list->next = info->supported_commands;
-info->supported_commands = cmd_info_list;
+cmd_info_list = g_malloc0(sizeof(GuestAgentCommandInfoList));
+cmd_info_list->value = cmd_info;
+cmd_info_list->next = info->supported_commands;
+info->supported_commands = cmd_info_list;
+}
 
-g_free(*cmd_list);
-cmd_list++;
-}
+struct GuestAgentInfo *qmp_guest_info(Error **err)
+{
+GuestAgentInfo *info = g_malloc0(sizeof(GuestAgentInfo));
 
-out:
-g_free(cmd_list_head);
+info->version = g_strdup(QEMU_VERSION);
+qmp_for_each_command(qmp_command_info, info);
 return info;
 }
diff --git a/qga/main.c b/qga/main.c
index 6c746c8..ff2ee03 100644
--- a/qga/main.c
+++ b/qga/main.c
@@ -347,48 +347,34 @@ static gint ga_strcmp(gconstpointer str1, gconstpointer 
str2)
 }
 
 /* disable commands that aren't safe for fsfreeze */
-static void ga_disable_non_whitelisted(void)
+static void ga_disable_non_whitelisted(QmpCommand *cmd, void *opaque)
 {
-char **list_head, **list;
 bool whitelisted;
 int i;
 
-list_head = list = qmp_get_command_list();
-while (*list != NULL) {
-whitelisted = false;
-

[Qemu-devel] [patch 0/2] force -mem-path RAM allocation

[Marcelo Tosatti]

See individual patches for details.

[Qemu-devel] [patch 1/2] qemu: mempath: prefault pages manually

[Marcelo Tosatti]

MAP_POPULATE mmap flag does not cause mmap to fail if allocation
of the entire area is not performed. HugeTLBfs performs reservation 
of pages on a global basis: any further restriction to the reserved memory 
such as cpusets placement or numa node policy is performed at 
fault time only.

Manually fault in pages at allocation time. This allows memory restrictions
to be applied before guest initialization.

Signed-off-by: Marcelo Tosatti 

Index: qemu/exec.c
===
--- qemu.orig/exec.c
+++ qemu/exec.c
@@ -918,6 +918,13 @@ static long gethugepagesize(const char *
 return fs.f_bsize;
 }
 
+sigjmp_buf sigjump;
+
+static void sigbus_handler(int signal)
+{
+siglongjmp(sigjump, 1);
+}
+
 static void *file_ram_alloc(RAMBlock *block,
 ram_addr_t memory,
 const char *path)
@@ -927,9 +934,6 @@ static void *file_ram_alloc(RAMBlock *bl
 char *c;
 void *area;
 int fd;
-#ifdef MAP_POPULATE
-int flags;
-#endif
 unsigned long hpagesize;
 
 hpagesize = gethugepagesize(path);
@@ -977,21 +981,57 @@ static void *file_ram_alloc(RAMBlock *bl
 if (ftruncate(fd, memory))
 perror("ftruncate");
 
-#ifdef MAP_POPULATE
-/* NB: MAP_POPULATE won't exhaustively alloc all phys pages in the case
- * MAP_PRIVATE is requested.  For mem_prealloc we mmap as MAP_SHARED
- * to sidestep this quirk.
- */
-flags = mem_prealloc ? MAP_POPULATE | MAP_SHARED : MAP_PRIVATE;
-area = mmap(0, memory, PROT_READ | PROT_WRITE, flags, fd, 0);
-#else
 area = mmap(0, memory, PROT_READ | PROT_WRITE, MAP_PRIVATE, fd, 0);
-#endif
 if (area == MAP_FAILED) {
 perror("file_ram_alloc: can't mmap RAM pages");
 close(fd);
 return (NULL);
 }
+
+if (mem_prealloc) {
+int ret, i;
+struct sigaction act, oldact;
+sigset_t set, oldset;
+
+memset(&act, 0, sizeof(act));
+act.sa_handler = &sigbus_handler;
+act.sa_flags = 0;
+
+ret = sigaction(SIGBUS, &act, &oldact);
+if (ret) {
+perror("file_ram_alloc: fail to install signal handler");
+exit(1);
+}
+
+/* unblock SIGBUS */
+pthread_sigmask(SIG_BLOCK, NULL, &oldset);
+sigemptyset(&set);
+sigaddset(&set, SIGBUS);
+pthread_sigmask(SIG_UNBLOCK, &set, NULL);
+
+if (sigsetjmp(sigjump, 1)) {
+fprintf(stderr, "file_ram_alloc: failed to preallocate pages\n");
+exit(1);
+}
+
+/* MAP_POPULATE silently ignores failures */
+for (i = 0; i < (memory/hpagesize)-1; i++) {
+memset(area + (hpagesize*i), 0, 1);
+}
+
+ret = sigaction(SIGBUS, &oldact, NULL);
+if (ret) {
+perror("file_ram_alloc: fail to reinstall signal handler");
+exit(1);
+}
+
+if (sigismember(&oldset, SIGBUS)) {
+sigemptyset(&set);
+sigaddset(&set, SIGBUS);
+pthread_sigmask(SIG_BLOCK, &set, NULL);
+}
+}
+
 block->fd = fd;
 return area;
 }
Index: qemu/vl.c
===
--- qemu.orig/vl.c
+++ qemu/vl.c
@@ -188,9 +188,7 @@ static int display_remote;
 const char* keyboard_layout = NULL;
 ram_addr_t ram_size;
 const char *mem_path = NULL;
-#ifdef MAP_POPULATE
 int mem_prealloc = 0; /* force preallocation of physical target memory */
-#endif
 int nb_nics;
 NICInfo nd_table[MAX_NICS];
 int autostart;
@@ -3205,11 +3203,9 @@ int main(int argc, char **argv, char **e
 case QEMU_OPTION_mempath:
 mem_path = optarg;
 break;
-#ifdef MAP_POPULATE
 case QEMU_OPTION_mem_prealloc:
 mem_prealloc = 1;
 break;
-#endif
 case QEMU_OPTION_d:
 log_mask = optarg;
 break;
Index: qemu/qemu-options.def
===
--- qemu.orig/qemu-options.def
+++ qemu/qemu-options.def
@@ -66,11 +66,9 @@ stringify(DEFAULT_RAM_SIZE) "]\n", QEMU_
 DEF("mem-path", HAS_ARG, QEMU_OPTION_mempath,
 "-mem-path FILE  provide backing storage for guest RAM\n", QEMU_ARCH_ALL)
 
-#ifdef MAP_POPULATE
 DEF("mem-prealloc", 0, QEMU_OPTION_mem_prealloc,
 "-mem-prealloc   preallocate guest memory (use with -mem-path)\n",
 QEMU_ARCH_ALL)
-#endif
 
 DEF("k", HAS_ARG, QEMU_OPTION_k,
 "-k language use keyboard layout (for example 'fr' for French)\n",
Index: git/qemu/qemu-options.hx
===
--- qemu.orig/qemu-options.hx
+++ qemu/qemu-options.hx
@@ -228,7 +228,6 @@ STEXI
 Allocate guest RAM from a temporarily created file in @var{path}.
 ETEXI
 
-#ifdef MAP_POPULATE
 DEF("mem-prealloc", 0, QEMU_OPTION_mem_prealloc,
 "-mem-prealloc   preallocate guest memory (use with -mem-path)\n",
 QEMU_ARCH_ALL)
@@ -237,

[Qemu-devel] [patch 2/2] qemu: add -mem-path-force option to force RAM allocation via -mem-path

[Marcelo Tosatti]

Default behaviour is to fallback for standard RAM allocation if -mem-path
allocation fails.

Add an option to force -mem-path RAM allocation (failing otherwise).

Signed-off-by: Marcelo Tosatti 

Index: qemu/exec.c
===
--- qemu.orig/exec.c
+++ qemu/exec.c
@@ -985,6 +985,9 @@ static void *file_ram_alloc(RAMBlock *bl
 if (area == MAP_FAILED) {
 perror("file_ram_alloc: can't mmap RAM pages");
 close(fd);
+if (mem_path_force) {
+exit(1);
+}
 return (NULL);
 }
 
Index: qemu/vl.c
===
--- qemu.orig/vl.c
+++ qemu/vl.c
@@ -189,6 +189,7 @@ const char* keyboard_layout = NULL;
 ram_addr_t ram_size;
 const char *mem_path = NULL;
 int mem_prealloc = 0; /* force preallocation of physical target memory */
+int mem_path_force = 0; /* quit in case -mem-path allocation fails */
 int nb_nics;
 NICInfo nd_table[MAX_NICS];
 int autostart;
@@ -3203,6 +3204,9 @@ int main(int argc, char **argv, char **e
 case QEMU_OPTION_mempath:
 mem_path = optarg;
 break;
+case QEMU_OPTION_mempath_force:
+mem_path_force = 1;
+break;
 case QEMU_OPTION_mem_prealloc:
 mem_prealloc = 1;
 break;
Index: qemu/include/exec/cpu-all.h
===
--- qemu.orig/include/exec/cpu-all.h
+++ qemu/include/exec/cpu-all.h
@@ -468,6 +468,7 @@ typedef struct RAMList {
 extern RAMList ram_list;
 
 extern const char *mem_path;
+extern int mem_path_force;
 extern int mem_prealloc;
 
 /* Flags stored in the low bits of the TLB virtual address.  These are
Index: qemu/qemu-options.def
===
--- qemu.orig/qemu-options.def
+++ qemu/qemu-options.def
@@ -66,6 +66,9 @@ stringify(DEFAULT_RAM_SIZE) "]\n", QEMU_
 DEF("mem-path", HAS_ARG, QEMU_OPTION_mempath,
 "-mem-path FILE  provide backing storage for guest RAM\n", QEMU_ARCH_ALL)
 
+DEF("mem-path-force", 0, QEMU_OPTION_mempath_force,
+"-mem-path-forcefail if unable to allocate RAM as specified by 
-mem-path\n", QEMU_ARCH_ALL)
+
 DEF("mem-prealloc", 0, QEMU_OPTION_mem_prealloc,
 "-mem-prealloc   preallocate guest memory (use with -mem-path)\n",
 QEMU_ARCH_ALL)
Index: qemu/qemu-options.hx
===
--- qemu.orig/qemu-options.hx
+++ qemu/qemu-options.hx
@@ -228,6 +228,14 @@ STEXI
 Allocate guest RAM from a temporarily created file in @var{path}.
 ETEXI
 
+DEF("mem-path-force", 0, QEMU_OPTION_mempath_force,
+"-mem-path-forcefail if unable to allocate RAM as specified by 
-mem-path\n", QEMU_ARCH_ALL)
+STEXI
+@item -mem-path-force
+@findex -mem-path-force
+Fail if unable to allocate RAM as specified by -mem-path.
+ETEXI
+
 DEF("mem-prealloc", 0, QEMU_OPTION_mem_prealloc,
 "-mem-prealloc   preallocate guest memory (use with -mem-path)\n",
 QEMU_ARCH_ALL)

Re: [Qemu-devel] Update the id of Vexpress Cortex-A9 from r0p0 to r0p1?

[Peter Maydell]

On 8 October 2013 05:17, Mian Yousaf Kaukab  wrote:
> On Sun, Oct 6, 2013 at 2:10 PM, Peter Maydell  
> wrote:
>> If we're updating, why would we update only to r0p1 and not to the most
>> recent rev/patchlevel?
>
> Does ARM provide physical vexpress platform with newer revisions of
> A9? If yes, then I
> agree we should update to the most recent revision delivered by ARM on
> physical vexpress.
> If I understand correctly, physical vexpress with A9 r0p0 does not
> exist and hence we
> have this problem.

vexpress is not the only Cortex-A9 board we support -- we can't base
our decisions about how to model the CPU purely on what is best
for that board.

-- PMM

Re: [Qemu-devel] [PATCH] Fix pc migration from qemu <= 1.5

[Cole Robinson]

On 10/07/2013 05:43 PM, Bandan Das wrote:
> Hi Cole,
> 
> Cole Robinson  writes:
> 
>> The following commit introduced a migration incompatibility:
>>
>> commit 568f0690fd9aa4d39d84b04c1a5dbb53a915c3fe
>> Author: David Gibson 
>> Date:   Thu Jun 6 18:48:49 2013 +1000
>>
>> pci: Replace pci_find_domain() with more general pci_root_bus_path()
>>
>> The issue is that i440fx savevm idstr went from :00:00.0/I440FX to
>> :00.0/I440FX. Unfortunately we are stuck with the breakage for
>> 1.6 machine types.
>>
>> Add a compat property to maintain the busted idstr for the 1.6 machine
>> types, but revert to the old style format for 1.7+, and <= 1.5.
>>
>> Tested with migration from qemu 1.5, qemu 1.6, and qemu.git.
>>
>> Signed-off-by: Cole Robinson 
>> ---
>>  hw/i386/pc_piix.c |  4 
>>  hw/i386/pc_q35.c  |  4 
>>  hw/pci-host/piix.c|  9 -
>>  hw/pci-host/q35.c | 10 --
>>  include/hw/i386/pc.h  | 28 
>>  include/hw/pci-host/q35.h |  1 +
>>  6 files changed, 53 insertions(+), 3 deletions(-)
>>
>> diff --git a/hw/i386/pc_piix.c b/hw/i386/pc_piix.c
>> index c6042c7..90f1ea4 100644
>> --- a/hw/i386/pc_piix.c
>> +++ b/hw/i386/pc_piix.c
>> @@ -346,6 +346,10 @@ static QEMUMachine pc_i440fx_machine_v1_7 = {
>>  .alias = "pc",
>>  .init = pc_init_pci,
>>  .is_default = 1,
>> +.compat_props = (GlobalProperty[]) {
>> +PC_COMPAT_1_7,
>> +{ /* end of list */ }
>> +},
>>  };  
>>  #define PC_I440FX_1_6_MACHINE_OPTIONS PC_I440FX_MACHINE_OPTIONS
>> diff --git a/hw/i386/pc_q35.c b/hw/i386/pc_q35.c
>> index ca84e1c..569f946 100644
>> --- a/hw/i386/pc_q35.c
>> +++ b/hw/i386/pc_q35.c
>> @@ -270,6 +270,10 @@ static QEMUMachine pc_q35_machine_v1_7 = {
>>  .name = "pc-q35-1.7",
>>  .alias = "q35",
>>  .init = pc_q35_init,
>> +.compat_props = (GlobalProperty[]) {
>> +PC_COMPAT_1_7,
>> +{ /* end of list */ }
>> +},
>>  };
>>  #define PC_Q35_1_6_MACHINE_OPTIONS PC_Q35_MACHINE_OPTIONS
>> diff --git a/hw/pci-host/piix.c b/hw/pci-host/piix.c
>> index c041149..9dafe80 100644
>> --- a/hw/pci-host/piix.c
>> +++ b/hw/pci-host/piix.c
>> @@ -48,6 +48,7 @@ typedef struct I440FXState {
>>  PCIHostState parent_obj;
>>  PcPciInfo pci_info;
>>  uint64_t pci_hole64_size;
>> +uint32_t short_root_bus;
>>  } I440FXState;
>>  
>>  #define PIIX_NUM_PIC_IRQS   16  /* i8259 * 2 */
>> @@ -712,13 +713,19 @@ static const TypeInfo i440fx_info = {
>>  static const char *i440fx_pcihost_root_bus_path(PCIHostState *host_bridge,
>>  PCIBus *rootbus)
>>  {
>> +I440FXState *s = I440FX_PCI_HOST_BRIDGE(host_bridge);
>> +
>>  /* For backwards compat with old device paths */
>> -return "";
>> +if (s->short_root_bus) {
>> +return "";
>> +}
>> +return ":00";
>>  }
>>  
>>  static Property i440fx_props[] = {
>>  DEFINE_PROP_SIZE(PCI_HOST_PROP_PCI_HOLE64_SIZE, I440FXState,
>>   pci_hole64_size, DEFAULT_PCI_HOLE64_SIZE),
>> +DEFINE_PROP_UINT32("short_root_bus", I440FXState, short_root_bus, 0),
>>  DEFINE_PROP_END_OF_LIST(),
>>  };
>>  
>> diff --git a/hw/pci-host/q35.c b/hw/pci-host/q35.c
>> index ad703a4..cb3abfd 100644
>> --- a/hw/pci-host/q35.c
>> +++ b/hw/pci-host/q35.c
>> @@ -61,8 +61,13 @@ static void q35_host_realize(DeviceState *dev, Error 
>> **errp)
>>  static const char *q35_host_root_bus_path(PCIHostState *host_bridge,
>>PCIBus *rootbus)
>>  {
>> -/* For backwards compat with old device paths */
>> -return "";
>> +Q35PCIHost *s = Q35_HOST_DEVICE(host_bridge);
>> +
>> + /* For backwards compat with old device paths */
>> +if (s->mch.short_root_bus) {
>> +return "";
>> +}
>> +return ":00";
>>  }
>>  
>>  static void q35_host_get_pci_hole_start(Object *obj, Visitor *v,
>> @@ -114,6 +119,7 @@ static Property mch_props[] = {
>>  MCH_HOST_BRIDGE_PCIEXBAR_DEFAULT),
>>  DEFINE_PROP_SIZE(PCI_HOST_PROP_PCI_HOLE64_SIZE, Q35PCIHost,
>>   mch.pci_hole64_size, DEFAULT_PCI_HOLE64_SIZE),
>> +DEFINE_PROP_UINT32("short_root_bus", Q35PCIHost, mch.short_root_bus, 0),
>>  DEFINE_PROP_END_OF_LIST(),
>>  };
>>  
>> diff --git a/include/hw/i386/pc.h b/include/hw/i386/pc.h
>> index 9b2ddc4..f9266f0 100644
>> --- a/include/hw/i386/pc.h
>> +++ b/include/hw/i386/pc.h
>> @@ -225,11 +225,31 @@ void pvpanic_init(ISABus *bus);
>>  
>>  int e820_add_entry(uint64_t, uint64_t, uint32_t);
>>  
>> +#define PC_COMPAT_1_7 \
>> +{\
>> +.driver   = "i440FX-pcihost",\
>> +.property = "short_root_bus",\
>> +.value= stringify(0),\
>> +},{\
>> +.driver   = "mch",\
>> +.property = "short_root_bus",\
>> +.value= stringify(0),\
>> +}
>> +
> 
> This is prob

Re: [Qemu-devel] [PATCH] Fix pc migration from qemu <= 1.5

[Paolo Bonzini]

Il 07/10/2013 22:57, Cole Robinson ha scritto:
> The following commit introduced a migration incompatibility:
> 
> commit 568f0690fd9aa4d39d84b04c1a5dbb53a915c3fe
> Author: David Gibson 
> Date:   Thu Jun 6 18:48:49 2013 +1000
> 
> pci: Replace pci_find_domain() with more general pci_root_bus_path()
> 
> The issue is that i440fx savevm idstr went from :00:00.0/I440FX to
> :00.0/I440FX. Unfortunately we are stuck with the breakage for
> 1.6 machine types.
> 
> Add a compat property to maintain the busted idstr for the 1.6 machine
> types, but revert to the old style format for 1.7+, and <= 1.5.
> 
> Tested with migration from qemu 1.5, qemu 1.6, and qemu.git.
> 
> Signed-off-by: Cole Robinson 

Reviewed-by: Paolo Bonzini 

Re: [Qemu-devel] [PATCH] Fix pc migration from qemu <= 1.5

[Bandan Das]

Hi Cole,

Cole Robinson  writes:

> The following commit introduced a migration incompatibility:
>
> commit 568f0690fd9aa4d39d84b04c1a5dbb53a915c3fe
> Author: David Gibson 
> Date:   Thu Jun 6 18:48:49 2013 +1000
>
> pci: Replace pci_find_domain() with more general pci_root_bus_path()
>
> The issue is that i440fx savevm idstr went from :00:00.0/I440FX to
> :00.0/I440FX. Unfortunately we are stuck with the breakage for
> 1.6 machine types.
>
> Add a compat property to maintain the busted idstr for the 1.6 machine
> types, but revert to the old style format for 1.7+, and <= 1.5.
>
> Tested with migration from qemu 1.5, qemu 1.6, and qemu.git.
>
> Signed-off-by: Cole Robinson 
> ---
>  hw/i386/pc_piix.c |  4 
>  hw/i386/pc_q35.c  |  4 
>  hw/pci-host/piix.c|  9 -
>  hw/pci-host/q35.c | 10 --
>  include/hw/i386/pc.h  | 28 
>  include/hw/pci-host/q35.h |  1 +
>  6 files changed, 53 insertions(+), 3 deletions(-)
>
> diff --git a/hw/i386/pc_piix.c b/hw/i386/pc_piix.c
> index c6042c7..90f1ea4 100644
> --- a/hw/i386/pc_piix.c
> +++ b/hw/i386/pc_piix.c
> @@ -346,6 +346,10 @@ static QEMUMachine pc_i440fx_machine_v1_7 = {
>  .alias = "pc",
>  .init = pc_init_pci,
>  .is_default = 1,
> +.compat_props = (GlobalProperty[]) {
> +PC_COMPAT_1_7,
> +{ /* end of list */ }
> +},
>  };  
>  #define PC_I440FX_1_6_MACHINE_OPTIONS PC_I440FX_MACHINE_OPTIONS
> diff --git a/hw/i386/pc_q35.c b/hw/i386/pc_q35.c
> index ca84e1c..569f946 100644
> --- a/hw/i386/pc_q35.c
> +++ b/hw/i386/pc_q35.c
> @@ -270,6 +270,10 @@ static QEMUMachine pc_q35_machine_v1_7 = {
>  .name = "pc-q35-1.7",
>  .alias = "q35",
>  .init = pc_q35_init,
> +.compat_props = (GlobalProperty[]) {
> +PC_COMPAT_1_7,
> +{ /* end of list */ }
> +},
>  };
>  #define PC_Q35_1_6_MACHINE_OPTIONS PC_Q35_MACHINE_OPTIONS
> diff --git a/hw/pci-host/piix.c b/hw/pci-host/piix.c
> index c041149..9dafe80 100644
> --- a/hw/pci-host/piix.c
> +++ b/hw/pci-host/piix.c
> @@ -48,6 +48,7 @@ typedef struct I440FXState {
>  PCIHostState parent_obj;
>  PcPciInfo pci_info;
>  uint64_t pci_hole64_size;
> +uint32_t short_root_bus;
>  } I440FXState;
>  
>  #define PIIX_NUM_PIC_IRQS   16  /* i8259 * 2 */
> @@ -712,13 +713,19 @@ static const TypeInfo i440fx_info = {
>  static const char *i440fx_pcihost_root_bus_path(PCIHostState *host_bridge,
>  PCIBus *rootbus)
>  {
> +I440FXState *s = I440FX_PCI_HOST_BRIDGE(host_bridge);
> +
>  /* For backwards compat with old device paths */
> -return "";
> +if (s->short_root_bus) {
> +return "";
> +}
> +return ":00";
>  }
>  
>  static Property i440fx_props[] = {
>  DEFINE_PROP_SIZE(PCI_HOST_PROP_PCI_HOLE64_SIZE, I440FXState,
>   pci_hole64_size, DEFAULT_PCI_HOLE64_SIZE),
> +DEFINE_PROP_UINT32("short_root_bus", I440FXState, short_root_bus, 0),
>  DEFINE_PROP_END_OF_LIST(),
>  };
>  
> diff --git a/hw/pci-host/q35.c b/hw/pci-host/q35.c
> index ad703a4..cb3abfd 100644
> --- a/hw/pci-host/q35.c
> +++ b/hw/pci-host/q35.c
> @@ -61,8 +61,13 @@ static void q35_host_realize(DeviceState *dev, Error 
> **errp)
>  static const char *q35_host_root_bus_path(PCIHostState *host_bridge,
>PCIBus *rootbus)
>  {
> -/* For backwards compat with old device paths */
> -return "";
> +Q35PCIHost *s = Q35_HOST_DEVICE(host_bridge);
> +
> + /* For backwards compat with old device paths */
> +if (s->mch.short_root_bus) {
> +return "";
> +}
> +return ":00";
>  }
>  
>  static void q35_host_get_pci_hole_start(Object *obj, Visitor *v,
> @@ -114,6 +119,7 @@ static Property mch_props[] = {
>  MCH_HOST_BRIDGE_PCIEXBAR_DEFAULT),
>  DEFINE_PROP_SIZE(PCI_HOST_PROP_PCI_HOLE64_SIZE, Q35PCIHost,
>   mch.pci_hole64_size, DEFAULT_PCI_HOLE64_SIZE),
> +DEFINE_PROP_UINT32("short_root_bus", Q35PCIHost, mch.short_root_bus, 0),
>  DEFINE_PROP_END_OF_LIST(),
>  };
>  
> diff --git a/include/hw/i386/pc.h b/include/hw/i386/pc.h
> index 9b2ddc4..f9266f0 100644
> --- a/include/hw/i386/pc.h
> +++ b/include/hw/i386/pc.h
> @@ -225,11 +225,31 @@ void pvpanic_init(ISABus *bus);
>  
>  int e820_add_entry(uint64_t, uint64_t, uint32_t);
>  
> +#define PC_COMPAT_1_7 \
> +{\
> +.driver   = "i440FX-pcihost",\
> +.property = "short_root_bus",\
> +.value= stringify(0),\
> +},{\
> +.driver   = "mch",\
> +.property = "short_root_bus",\
> +.value= stringify(0),\
> +}
> +

This is probably not needed since the default value of 
short_root_bus is already 0. BTW, 1_7 shouldn't have 
compat props since  it's already the most uptodate 
machine type and by definition, compat p

[Qemu-devel] [PATCH] Fix pc migration from qemu <= 1.5

[Cole Robinson]

The following commit introduced a migration incompatibility:

commit 568f0690fd9aa4d39d84b04c1a5dbb53a915c3fe
Author: David Gibson 
Date:   Thu Jun 6 18:48:49 2013 +1000

pci: Replace pci_find_domain() with more general pci_root_bus_path()

The issue is that i440fx savevm idstr went from :00:00.0/I440FX to
:00.0/I440FX. Unfortunately we are stuck with the breakage for
1.6 machine types.

Add a compat property to maintain the busted idstr for the 1.6 machine
types, but revert to the old style format for 1.7+, and <= 1.5.

Tested with migration from qemu 1.5, qemu 1.6, and qemu.git.

Signed-off-by: Cole Robinson 
---
 hw/i386/pc_piix.c |  4 
 hw/i386/pc_q35.c  |  4 
 hw/pci-host/piix.c|  9 -
 hw/pci-host/q35.c | 10 --
 include/hw/i386/pc.h  | 28 
 include/hw/pci-host/q35.h |  1 +
 6 files changed, 53 insertions(+), 3 deletions(-)

diff --git a/hw/i386/pc_piix.c b/hw/i386/pc_piix.c
index c6042c7..90f1ea4 100644
--- a/hw/i386/pc_piix.c
+++ b/hw/i386/pc_piix.c
@@ -346,6 +346,10 @@ static QEMUMachine pc_i440fx_machine_v1_7 = {
 .alias = "pc",
 .init = pc_init_pci,
 .is_default = 1,
+.compat_props = (GlobalProperty[]) {
+PC_COMPAT_1_7,
+{ /* end of list */ }
+},
 };
 
 #define PC_I440FX_1_6_MACHINE_OPTIONS PC_I440FX_MACHINE_OPTIONS
diff --git a/hw/i386/pc_q35.c b/hw/i386/pc_q35.c
index ca84e1c..569f946 100644
--- a/hw/i386/pc_q35.c
+++ b/hw/i386/pc_q35.c
@@ -270,6 +270,10 @@ static QEMUMachine pc_q35_machine_v1_7 = {
 .name = "pc-q35-1.7",
 .alias = "q35",
 .init = pc_q35_init,
+.compat_props = (GlobalProperty[]) {
+PC_COMPAT_1_7,
+{ /* end of list */ }
+},
 };
 
 #define PC_Q35_1_6_MACHINE_OPTIONS PC_Q35_MACHINE_OPTIONS
diff --git a/hw/pci-host/piix.c b/hw/pci-host/piix.c
index c041149..9dafe80 100644
--- a/hw/pci-host/piix.c
+++ b/hw/pci-host/piix.c
@@ -48,6 +48,7 @@ typedef struct I440FXState {
 PCIHostState parent_obj;
 PcPciInfo pci_info;
 uint64_t pci_hole64_size;
+uint32_t short_root_bus;
 } I440FXState;
 
 #define PIIX_NUM_PIC_IRQS   16  /* i8259 * 2 */
@@ -712,13 +713,19 @@ static const TypeInfo i440fx_info = {
 static const char *i440fx_pcihost_root_bus_path(PCIHostState *host_bridge,
 PCIBus *rootbus)
 {
+I440FXState *s = I440FX_PCI_HOST_BRIDGE(host_bridge);
+
 /* For backwards compat with old device paths */
-return "";
+if (s->short_root_bus) {
+return "";
+}
+return ":00";
 }
 
 static Property i440fx_props[] = {
 DEFINE_PROP_SIZE(PCI_HOST_PROP_PCI_HOLE64_SIZE, I440FXState,
  pci_hole64_size, DEFAULT_PCI_HOLE64_SIZE),
+DEFINE_PROP_UINT32("short_root_bus", I440FXState, short_root_bus, 0),
 DEFINE_PROP_END_OF_LIST(),
 };
 
diff --git a/hw/pci-host/q35.c b/hw/pci-host/q35.c
index ad703a4..cb3abfd 100644
--- a/hw/pci-host/q35.c
+++ b/hw/pci-host/q35.c
@@ -61,8 +61,13 @@ static void q35_host_realize(DeviceState *dev, Error **errp)
 static const char *q35_host_root_bus_path(PCIHostState *host_bridge,
   PCIBus *rootbus)
 {
-/* For backwards compat with old device paths */
-return "";
+Q35PCIHost *s = Q35_HOST_DEVICE(host_bridge);
+
+ /* For backwards compat with old device paths */
+if (s->mch.short_root_bus) {
+return "";
+}
+return ":00";
 }
 
 static void q35_host_get_pci_hole_start(Object *obj, Visitor *v,
@@ -114,6 +119,7 @@ static Property mch_props[] = {
 MCH_HOST_BRIDGE_PCIEXBAR_DEFAULT),
 DEFINE_PROP_SIZE(PCI_HOST_PROP_PCI_HOLE64_SIZE, Q35PCIHost,
  mch.pci_hole64_size, DEFAULT_PCI_HOLE64_SIZE),
+DEFINE_PROP_UINT32("short_root_bus", Q35PCIHost, mch.short_root_bus, 0),
 DEFINE_PROP_END_OF_LIST(),
 };
 
diff --git a/include/hw/i386/pc.h b/include/hw/i386/pc.h
index 9b2ddc4..f9266f0 100644
--- a/include/hw/i386/pc.h
+++ b/include/hw/i386/pc.h
@@ -225,11 +225,31 @@ void pvpanic_init(ISABus *bus);
 
 int e820_add_entry(uint64_t, uint64_t, uint32_t);
 
+#define PC_COMPAT_1_7 \
+{\
+.driver   = "i440FX-pcihost",\
+.property = "short_root_bus",\
+.value= stringify(0),\
+},{\
+.driver   = "mch",\
+.property = "short_root_bus",\
+.value= stringify(0),\
+}
+
 #define PC_COMPAT_1_6 \
+PC_COMPAT_1_7, \
 {\
 .driver   = "e1000",\
 .property = "mitigation",\
 .value= "off",\
+},{\
+.driver   = "i440FX-pcihost",\
+.property = "short_root_bus",\
+.value= stringify(1),\
+},{\
+.driver   = "mch",\
+.property = "short_root_bus",\
+.value= stringify(1),\
 }
 
 #define PC_COMPAT_1_5 \
@@ -266,6 +286,14 @

[Qemu-devel] [Bug 1100843] Re: Live Migration Causes Performance Issues

[Chris J Arges]

** Description changed:

  SRU Justification
  [Impact]
   * Users of QEMU that save their memory states using savevm/loadvm or migrate 
experience worse performance after the migration/loadvm. To workaround these 
issues VMs must be completely rebooted. Optimally we should be able to restore 
a VM's memory state an expect no performance issue.
  
  [Test Case]
  
   * savevm/loadvm:
     - Create a VM and install a test suite such as lmbench.
     - Get numbers right after boot and record them.
     - Open up the qemu monitor and type the following:
   stop
   savevm 0
   loadvm 0
   c
     - Measure performance and record numbers.
     - Compare if numbers are within margin of error.
   * migrate:
     - Create VM, install lmbench, get numbers.
     - Open up qemu monitor and type the following:
   stop
   migrate "exec:dd of=~/save.vm"
   quit
     - Start a new VM using qemu but add the following argument:
   -incoming "exec:dd if=~/save.vm"
     - Run performance test and compare.
  
   If performance measured is similar then we pass the test case.
  
  [Regression Potential]
  
   * The fix is a backport of two upstream patches:
  ad0b5321f1f797274603ebbe20108b0750baee94
  211ea74022f51164a7729030b28eec90b6c99a08
  
- On patch allows QEMU to use THP if its enabled.
+ One patch allows QEMU to use THP if its enabled.
  The other patch changes logic to not memset pages to zero when loading memory 
for the vm (on an incoming migration).
  
-  * I've also run the qa-regression-testing test-qemu.py script and it passes 
all tests.
+  * I've also run the qa-regression-testing test-qemu.py script and it
+ passes all tests.
+ 
+ [Additional Information]
+ 
+ Kernels from 3.2 onwards are affected, and all have the config:
+ CONFIG_TRANSPARENT_HUGEPAGE_MADVISE=y. Therefore enabling THP is
+ applicable.
+ 
  --
  
  I have 2 physical hosts running Ubuntu Precise.  With 1.0+noroms-
  0ubuntu14.7 and qemu-kvm 1.2.0+noroms-0ubuntu7 (source from quantal,
  built for Precise with pbuilder.) I attempted to build qemu-1.3.0 debs
  from source to test, but libvirt seems to have an issue with it that I
  haven't been able to track down yet.
  
   I'm seeing a performance degradation after live migration on Precise,
  but not Lucid.  These hosts are managed by libvirt (tested both
  0.9.8-2ubuntu17 and 1.0.0-0ubuntu4) in conjunction with OpenNebula.  I
  don't seem to have this problem with lucid guests (running a number of
  standard kernels, 3.2.5 mainline and backported linux-
  image-3.2.0-35-generic as well.)
  
  I first noticed this problem with phoronix doing compilation tests, and
  then tried lmbench where even simple calls experience performance
  degradation.
  
  I've attempted to post to the kvm mailing list, but so far the only
  suggestion was it may be related to transparent hugepages not being used
  after migration, but this didn't pan out.  Someone else has a similar
  problem here -
  http://thread.gmane.org/gmane.comp.emulators.kvm.devel/100592
  
  qemu command line example: /usr/bin/kvm -name one-2 -S -M pc-1.2 -cpu
  Westmere -enable-kvm -m 73728 -smp 16,sockets=2,cores=8,threads=1 -uuid
  f89e31a4-4945-c12c-6544-149ba0746c2f -no-user-config -nodefaults
  -chardev
  socket,id=charmonitor,path=/var/lib/libvirt/qemu/one-2.monitor,server,nowait
  -mon chardev=charmonitor,id=monitor,mode=control -rtc
  base=utc,driftfix=slew -no-kvm-pit-reinjection -no-shutdown -device
  piix3-usb-uhci,id=usb,bus=pci.0,addr=0x1.0x2 -drive
  file=/var/lib/one//datastores/0/2/disk.0,if=none,id=drive-virtio-
  disk0,format=raw,cache=none -device virtio-blk-
  pci,scsi=off,bus=pci.0,addr=0x4,drive=drive-virtio-disk0,id=virtio-
  disk0,bootindex=1 -drive
  file=/var/lib/one//datastores/0/2/disk.1,if=none,id=drive-
  ide0-0-0,readonly=on,format=raw -device ide-cd,bus=ide.0,unit=0,drive
  =drive-ide0-0-0,id=ide0-0-0 -netdev
  tap,fd=23,id=hostnet0,vhost=on,vhostfd=25 -device virtio-net-
  pci,netdev=hostnet0,id=net0,mac=02:00:0a:64:02:fe,bus=pci.0,addr=0x3
  -vnc 0.0.0.0:2,password -vga cirrus -incoming tcp:0.0.0.0:49155 -device
  virtio-balloon-pci,id=balloon0,bus=pci.0,addr=0x5
  
  Disk backend is LVM running on SAN via FC connection (using symlink from
  /var/lib/one/datastores/0/2/disk.0 above)
  
  ubuntu-12.04 - first boot
  ==
  Simple syscall: 0.0527 microseconds
  Simple read: 0.1143 microseconds
  Simple write: 0.0953 microseconds
  Simple open/close: 1.0432 microseconds
  
  Using phoronix pts/compuational
  ImageMagick - 31.54s
  Linux Kernel 3.1 - 43.91s
  Mplayer - 30.49s
  PHP - 22.25s
  
  ubuntu-12.04 - post live migration
  ==
  Simple syscall: 0.0621 microseconds
  Simple read: 0.2485 microseconds
  Simple write: 0.2252 microseconds
  Simple open/close: 1.4626 microseconds
  
  Using phoronix pts/compilation
  ImageMagick - 43.29s
  Linux Kernel 3.1 - 76.67s
  Mplayer - 45.41s
  PHP - 29.1s
  
 

Re: [Qemu-devel] Update the id of Vexpress Cortex-A9 from r0p0 to r0p1?

[Mian Yousaf Kaukab]

Hi,

On Sun, Oct 6, 2013 at 2:10 PM, Peter Maydell  wrote:
>> So what will it take to update the id of Cortex-A9 in qemu from r0p0 to r0p1?
>
> If we're updating, why would we update only to r0p1 and not to the most
> recent rev/patchlevel?

Does ARM provide physical vexpress platform with newer revisions of
A9? If yes, then I
agree we should update to the most recent revision delivered by ARM on
physical vexpress.
If I understand correctly, physical vexpress with A9 r0p0 does not
exist and hence we
have this problem.

BR,
Yousaf

Re: [Qemu-devel] [PATCH v2 0/2] KVM: s390: add floating irq controller

[Christian Borntraeger]

On 05/10/13 01:54, Alexander Graf wrote:
> 
> On 06.09.2013, at 15:30, Christian Borntraeger wrote:
> 
>> On 06/09/13 14:19, Jens Freimann wrote:> This series adds a kvm_device that 
>> acts as a irq controller for floating
>>> interrupts.  As a first step it implements functionality to retrieve and 
>>> inject
>>> interrupts for the purpose of migration and for hardening the reset code by
>>> allowing user space to explicitly remove all pending floating interrupts.
>>>
>>> PFAULT patches will also use this device for enabling/disabling pfault, 
>>> therefore
>>> the pfault patch series will be reworked to use this device.
>>>
>>> * Patch 1/2 adds a new data structure to hold interrupt information. The 
>>> current
>>>  one (struct kvm_s390_interrupt) does not allow to inject every kind of 
>>> interrupt,
>>>  e.g. some data for program interrupts and machine check interruptions were
>>>  missing.
>>>
>>> * Patch 2/2 adds a kvm_device which supports getting/setting currently 
>>> pending
>>>  floating interrupts as well as deleting all currently pending interrupts
>>>
>>>
>>> Jens Freimann (2):
>>>  KVM: s390: add and extend interrupt information data structs
>>>  KVM: s390: add floating irq controller
>>>
>>> Documentation/virtual/kvm/devices/s390_flic.txt |  36 +++
>>> arch/s390/include/asm/kvm_host.h|  35 +--
>>> arch/s390/include/uapi/asm/kvm.h|   5 +
>>> arch/s390/kvm/interrupt.c   | 304 
>>> 
>>> arch/s390/kvm/kvm-s390.c|   1 +
>>> include/linux/kvm_host.h|   1 +
>>> include/uapi/linux/kvm.h|  65 +
>>> virt/kvm/kvm_main.c |   5 +
>>> 8 files changed, 368 insertions(+), 84 deletions(-)
>>> create mode 100644 Documentation/virtual/kvm/devices/s390_flic.txt
>>>
>>
>>
>> Gleb, Paolo,
>>
>> since the qemu part relies on a kernel header file, it makes sense to not 
>> only let the kernel
>> part go via the kvm tree, but also the qemu part. I want Alex to Ack the 
>> interface, and if he
>> agrees then I am fine with applying the whole series.
> 
> I think the interface works. My comments are almost exclusively on internal 
> code structure which can follow up on a later patch. The only thing that 
> definitely needs fixing now is the unnamed union.

Will send a fixed version. Jens is working on patches to totally rework the 
internal structure 
for a while now. They will use a per-cpu bitfield for interrupt types as well 
as floating int
bitfield. Each cpu will OR both bitfields and obey the architectures priority. 
These patches
 will take some more time and testing, so it makes sense to start with flic and 
let the other
patches mature a bit.

> 
> 
> Alex
> 
>>
>> If nothing else comes up, feel free to apply the small change request from 
>> Peter yourself or
>> ask Jens for a resend.
>>
>> --snip
>>
>> --- a/include/uapi/linux/kvm.h
>> +++ b/include/uapi/linux/kvm.h
>> @@ -908,7 +908,7 @@ struct kvm_device_attr {
>> #define KVM_DEV_TYPE_FSL_MPIC_20   1
>> #define KVM_DEV_TYPE_FSL_MPIC_42   2
>> #define KVM_DEV_TYPE_XICS  3
>> -#define KVM_DEV_TYPE_FLIC  4
>> +#define KVM_DEV_TYPE_FLIC  5
>>
>> /*
>>  * ioctls for VM fds
>>
>> --snip
>>
> 

Re: [Qemu-devel] [PATCH] linux-user: define ipc_perm and shmid_ds per arch and fix shmctl issue

[Petar Jovanovic]

From: Peter Maydell [peter.mayd...@linaro.org]
Sent: Monday, October 07, 2013 6:08 PM
To: Petar Jovanovic
Cc: QEMU Developers; Riku Voipio; Petar Jovanovic; Aurelien Jarno
Subject: Re: [Qemu-devel] [PATCH] linux-user: define ipc_perm and shmid_ds per 
arch and fix shmctl issue

> It's much harder to review the code changes for the do_shmctl changes
> when they're swamped by the code motion for making the structs per-arch.

Making the structs per-arch is part of the fix, this is why these changes
are joined. But yes, I can split the change in two, though they will not be
self-sufficient.

> Rather than adding another big ifdef ladder to syscall_defs.h, I think
> we should create a new file linux-user/$arch/target_structs.h
> for each target arch as a place to put "depends on the architecture"
> struct definitions.

Sure, I do not mind if everyone is in favour of that. This means adding 17
new files though.

Regards,
Petar

[Qemu-devel] Speed up Guest clock

[Vishal Verma]

I'm trying to modify QEMU to speed up the guest clock to conduct some long
running experiments.

Is this feasible? One thing I have thought of:
Modify icount_time_shift related stuff to make things happen faster. But
I'm unsure if it will have the desired effect.

Re: [Qemu-devel] [PATCH v9 00/27] qemu: generate acpi tables for the guest

[Andreas Färber]

Am 07.10.2013 11:34, schrieb Michael S. Tsirkin:
> Patches 1-3 are QOM patches really.
> Included here for completeness.
[...]
> Igor Mammedov (1):
>   cleanup object.h: include error.h directly
> 
> Michael S. Tsirkin (26):
>   qom: cleanup struct Error references
>   qom: add pointer to int property helpers

Picked these up for qom-next pull:
https://github.com/afaerber/qemu-cpu/commits/qom-next

If they go through your tree,

Reviewed-by: Andreas Färber 

for first two. For third patch I have doubts about the concatenated
documentation, but that could be followed up; functionally it looked
correct.

Thanks,
Andreas

-- 
SUSE LINUX Products GmbH, Maxfeldstr. 5, 90409 Nürnberg, Germany
GF: Jeff Hawn, Jennifer Guild, Felix Imendörffer; HRB 16746 AG Nürnberg

Re: [Qemu-devel] [PATCH qom-next 0/2] qdev-monitor: Reference counting follow-ups

[Paolo Bonzini]

Il 07/10/2013 18:43, Andreas Färber ha scritto:
> Hello,
> 
> I have queued bug fixes by Igor and Stefan for device_add on qom-next and
> am rearranging the following changes of mine on top.
> 
> 1) Further naming cleanups, now rebased on the bugfixes for easier 
> backporting.
> 2) Inlining of qdev_init(), so that we always have unparent+unref pairs.
> 
> If there's no objections, planning to include this in a pull tonight or 
> tomorrow.
> 
> Regards,
> Andreas
> 
> Cc: Igor Mammedov 
> Cc: Stefan Hajnoczi 
> Cc: Paolo Bonzini 
> Cc: Anthony Liguori 
> 
> Andreas Färber (2):
>   qdev-monitor: Avoid qdev as variable name
>   qdev-monitor: Inline qdev_init() for device_add
> 
>  qdev-monitor.c | 37 +
>  1 file changed, 21 insertions(+), 16 deletions(-)
> 

Yes, looks good.

Paolo

[Qemu-devel] [PATCH] kvm: Add a new machine property kvm_type

[Aneesh Kumar K.V]

From: "Aneesh Kumar K.V" 

Targets like ppc64 support different typed of KVM, one which use
hypervisor mode and the other which doesn't. Add a new machine
property kvm_type that helps in selecting the respective ones
We also add a new QEMUMachine callback get_vm_type that helps
in mapping the string representation of kvm type specified.

Signed-off-by: Aneesh Kumar K.V 
---
 hw/ppc/e500plat.c  |  2 ++
 hw/ppc/mac_newworld.c  |  2 ++
 hw/ppc/mac_oldworld.c  |  2 ++
 hw/ppc/ppc440_bamboo.c |  2 ++
 hw/ppc/spapr.c | 19 +++
 hw/ppc/vmtype.h| 18 ++
 include/hw/boards.h|  3 +++
 include/hw/xen/xen.h   |  3 ++-
 include/sysemu/kvm.h   |  4 ++--
 include/sysemu/qtest.h |  5 +++--
 kvm-all.c  | 16 +---
 kvm-stub.c |  4 +++-
 qtest.c|  2 +-
 vl.c   | 17 +++--
 xen-all.c  |  2 +-
 xen-stub.c |  2 +-
 16 files changed, 85 insertions(+), 18 deletions(-)
 create mode 100644 hw/ppc/vmtype.h

diff --git a/hw/ppc/e500plat.c b/hw/ppc/e500plat.c
index 2e964b2..3e53e85 100644
--- a/hw/ppc/e500plat.c
+++ b/hw/ppc/e500plat.c
@@ -17,6 +17,7 @@
 #include "hw/pci/pci.h"
 #include "hw/ppc/openpic.h"
 #include "kvm_ppc.h"
+#include "vmtype.h"
 
 static void e500plat_fixup_devtree(PPCE500Params *params, void *fdt)
 {
@@ -51,6 +52,7 @@ static QEMUMachine e500plat_machine = {
 .desc = "generic paravirt e500 platform",
 .init = e500plat_init,
 .max_cpus = 32,
+.get_vm_type = pr_get_vm_type,
 };
 
 static void e500plat_machine_init(void)
diff --git a/hw/ppc/mac_newworld.c b/hw/ppc/mac_newworld.c
index 5e79575..efe9b25 100644
--- a/hw/ppc/mac_newworld.c
+++ b/hw/ppc/mac_newworld.c
@@ -68,6 +68,7 @@
 #include "sysemu/blockdev.h"
 #include "exec/address-spaces.h"
 #include "hw/sysbus.h"
+#include "vmtype.h"
 
 #define MAX_IDE_BUS 2
 #define CFG_ADDR 0xf510
@@ -478,6 +479,7 @@ static QEMUMachine core99_machine = {
 .init = ppc_core99_init,
 .max_cpus = MAX_CPUS,
 .default_boot_order = "cd",
+.get_vm_type = pr_get_vm_type,
 };
 
 static void core99_machine_init(void)
diff --git a/hw/ppc/mac_oldworld.c b/hw/ppc/mac_oldworld.c
index 2f27754..aefb521 100644
--- a/hw/ppc/mac_oldworld.c
+++ b/hw/ppc/mac_oldworld.c
@@ -42,6 +42,7 @@
 #include "kvm_ppc.h"
 #include "sysemu/blockdev.h"
 #include "exec/address-spaces.h"
+#include "vmtype.h"
 
 #define MAX_IDE_BUS 2
 #define CFG_ADDR 0xf510
@@ -351,6 +352,7 @@ static QEMUMachine heathrow_machine = {
 .is_default = 1,
 #endif
 .default_boot_order = "cd", /* TOFIX "cad" when Mac floppy is implemented 
*/
+.get_vm_type = pr_get_vm_type,
 };
 
 static void heathrow_machine_init(void)
diff --git a/hw/ppc/ppc440_bamboo.c b/hw/ppc/ppc440_bamboo.c
index 655e499..16b755e 100644
--- a/hw/ppc/ppc440_bamboo.c
+++ b/hw/ppc/ppc440_bamboo.c
@@ -28,6 +28,7 @@
 #include "ppc405.h"
 #include "sysemu/sysemu.h"
 #include "hw/sysbus.h"
+#include "vmtype.h"
 
 #define BINARY_DEVICE_TREE_FILE "bamboo.dtb"
 
@@ -296,6 +297,7 @@ static QEMUMachine bamboo_machine = {
 .name = "bamboo",
 .desc = "bamboo",
 .init = bamboo_init,
+.get_vm_type = pr_get_vm_type,
 };
 
 static void bamboo_machine_init(void)
diff --git a/hw/ppc/spapr.c b/hw/ppc/spapr.c
index 004184d..4a23b6a 100644
--- a/hw/ppc/spapr.c
+++ b/hw/ppc/spapr.c
@@ -1337,6 +1337,24 @@ static void ppc_spapr_init(QEMUMachineInitArgs *args)
 assert(spapr->fdt_skel != NULL);
 }
 
+static int spapr_get_vm_type(const char *vm_type)
+{
+if (!vm_type) {
+return 0;
+}
+
+if (!strcmp(vm_type, "HV")) {
+return 1;
+}
+
+if (!strcmp(vm_type, "PR")) {
+return 2;
+}
+
+hw_error("Unknown kvm_type specified '%s'", vm_type);
+exit(1);
+}
+
 static QEMUMachine spapr_machine = {
 .name = "pseries",
 .desc = "pSeries Logical Partition (PAPR compliant)",
@@ -1347,6 +1365,7 @@ static QEMUMachine spapr_machine = {
 .max_cpus = MAX_CPUS,
 .no_parallel = 1,
 .default_boot_order = NULL,
+.get_vm_type = spapr_get_vm_type,
 };
 
 static void spapr_machine_init(void)
diff --git a/hw/ppc/vmtype.h b/hw/ppc/vmtype.h
new file mode 100644
index 000..f99a491
--- /dev/null
+++ b/hw/ppc/vmtype.h
@@ -0,0 +1,18 @@
+#ifndef PPC_VMTYPE_H
+#define PPC_VMTYPE_H
+
+static inline int pr_get_vm_type(const char *vm_type)
+{
+if (!vm_type) {
+return 0;
+}
+
+if (!strcmp(vm_type, "PR")) {
+return 2;
+}
+
+hw_error("Unknown kvm_type specified '%s'", vm_type);
+exit(1);
+}
+
+#endif
diff --git a/include/hw/boards.h b/include/hw/boards.h
index 5a7ae9f..2130488 100644
--- a/include/hw/boards.h
+++ b/include/hw/boards.h
@@ -21,6 +21,8 @@ typedef void QEMUMachineResetFunc(void);
 
 typedef void QEMUMachineHotAddCPUFunc(const int64_t id, Error **errp);
 
+typedef int QEMUMachineGetVmTypeFunc(const char *arg);
+
 typedef struct QEMUMachine {
 const char *name;
 const char *

[Qemu-devel] [PATCH qom-next 1/2] qdev-monitor: Avoid qdev as variable name

[Andreas Färber]

Prepares for bringing error cleanup code into canonical QOM form.

Includes a whitespace removal after curly brace by Stefan.

Signed-off-by: Stefan Hajnoczi 
Signed-off-by: Andreas Färber 
---
 qdev-monitor.c | 32 
 1 file changed, 16 insertions(+), 16 deletions(-)

diff --git a/qdev-monitor.c b/qdev-monitor.c
index 6aa3bb5..f259e07 100644
--- a/qdev-monitor.c
+++ b/qdev-monitor.c
@@ -447,7 +447,7 @@ DeviceState *qdev_device_add(QemuOpts *opts)
 ObjectClass *oc;
 DeviceClass *dc;
 const char *driver, *path, *id;
-DeviceState *qdev;
+DeviceState *dev;
 BusState *bus = NULL;
 
 driver = qemu_opt_get(opts, "driver");
@@ -506,38 +506,38 @@ DeviceState *qdev_device_add(QemuOpts *opts)
 }
 
 /* create device, set properties */
-qdev = DEVICE(object_new(driver));
+dev = DEVICE(object_new(driver));
 
 if (bus) {
-qdev_set_parent_bus(qdev, bus);
+qdev_set_parent_bus(dev, bus);
 }
 
 id = qemu_opts_id(opts);
 if (id) {
-qdev->id = id;
+dev->id = id;
 }
-if (qemu_opt_foreach(opts, set_property, qdev, 1) != 0) {
-object_unparent(OBJECT(qdev));
-object_unref(OBJECT(qdev));
+if (qemu_opt_foreach(opts, set_property, dev, 1) != 0) {
+object_unparent(OBJECT(dev));
+object_unref(OBJECT(dev));
 return NULL;
 }
-if (qdev->id) {
-object_property_add_child(qdev_get_peripheral(), qdev->id,
-  OBJECT(qdev), NULL);
+if (dev->id) {
+object_property_add_child(qdev_get_peripheral(), dev->id,
+  OBJECT(dev), NULL);
 } else {
 static int anon_count;
 gchar *name = g_strdup_printf("device[%d]", anon_count++);
 object_property_add_child(qdev_get_peripheral_anon(), name,
-  OBJECT(qdev), NULL);
+  OBJECT(dev), NULL);
 g_free(name);
-}
-if (qdev_init(qdev) < 0) {
-object_unref(OBJECT(qdev));
+}
+if (qdev_init(dev) < 0) {
+object_unref(OBJECT(dev));
 qerror_report(QERR_DEVICE_INIT_FAILED, driver);
 return NULL;
 }
-qdev->opts = opts;
-return qdev;
+dev->opts = opts;
+return dev;
 }
 
 
-- 
1.8.1.4

[Qemu-devel] [PATCH qom-next 2/2] qdev-monitor: Inline qdev_init() for device_add

[Andreas Färber]

For historic reasons, qdev_init() unparents the device on failure.
Inline this to make the error paths clearer and consistent.

Signed-off-by: Andreas Färber 
---
 qdev-monitor.c | 7 ++-
 1 file changed, 6 insertions(+), 1 deletion(-)

diff --git a/qdev-monitor.c b/qdev-monitor.c
index f259e07..b7daab7 100644
--- a/qdev-monitor.c
+++ b/qdev-monitor.c
@@ -449,6 +449,7 @@ DeviceState *qdev_device_add(QemuOpts *opts)
 const char *driver, *path, *id;
 DeviceState *dev;
 BusState *bus = NULL;
+Error *err = NULL;
 
 driver = qemu_opt_get(opts, "driver");
 if (!driver) {
@@ -531,7 +532,11 @@ DeviceState *qdev_device_add(QemuOpts *opts)
   OBJECT(dev), NULL);
 g_free(name);
 }
-if (qdev_init(dev) < 0) {
+object_property_set_bool(OBJECT(dev), true, "realized", &err);
+if (err != NULL) {
+qerror_report_err(err);
+error_free(err);
+object_unparent(OBJECT(dev));
 object_unref(OBJECT(dev));
 qerror_report(QERR_DEVICE_INIT_FAILED, driver);
 return NULL;
-- 
1.8.1.4

[Qemu-devel] [PATCH qom-next 0/2] qdev-monitor: Reference counting follow-ups

[Andreas Färber]

Hello,

I have queued bug fixes by Igor and Stefan for device_add on qom-next and
am rearranging the following changes of mine on top.

1) Further naming cleanups, now rebased on the bugfixes for easier backporting.
2) Inlining of qdev_init(), so that we always have unparent+unref pairs.

If there's no objections, planning to include this in a pull tonight or 
tomorrow.

Regards,
Andreas

Cc: Igor Mammedov 
Cc: Stefan Hajnoczi 
Cc: Paolo Bonzini 
Cc: Anthony Liguori 

Andreas Färber (2):
  qdev-monitor: Avoid qdev as variable name
  qdev-monitor: Inline qdev_init() for device_add

 qdev-monitor.c | 37 +
 1 file changed, 21 insertions(+), 16 deletions(-)

-- 
1.8.1.4

Re: [Qemu-devel] [PATCH v9 27/27] don't post me: update bios

[Michael S. Tsirkin]

On Tue, Oct 08, 2013 at 01:10:56AM +0900, Peter Maydell wrote:
> On 7 October 2013 18:36, Michael S. Tsirkin  wrote:
> > update bios binaries to 55480e81704fa46429ac5bb4f8f452fadc9c0416
> 
> Subject: line doesn't match your actual behaviour :-)
> 
> -- PMM

Yes, I keep it around to simplify testing.
Posted in error. Sigh.
I won't repost the series just for this though.

Re: [Qemu-devel] [PATCH v4 2/3] qemu-timer: make qemu_timer_mod_ns() and qemu_timer_del() thread-safe

[Mike Day]

Paolo Bonzini  writes:

> Il 30/09/2013 15:34, Alex Bligh ha scritto:
>> 
>> I think the most likely change here is that the walkers might
>> move outside the BQL. Given modification of this list is so rare,
>> the lock would be very very read heavy, so RCU is probably a
>> sensible option.
>
> I agree.  Keeping the write side on the BQL is sane, but RCU-protecting
> the read side actually makes the rules simpler.
>
> Mike, would you like to give it a shot?

Yes, I will. I'll have a patchset for review within a couple of days. 

Mike
-- 

Mike Day | + 1 919 371-8786 | ncm...@ncultra.org
"Endurance is a Virtue"

Re: [Qemu-devel] [PATCH v9 27/27] don't post me: update bios

[Peter Maydell]

On 7 October 2013 18:36, Michael S. Tsirkin  wrote:
> update bios binaries to 55480e81704fa46429ac5bb4f8f452fadc9c0416

Subject: line doesn't match your actual behaviour :-)

-- PMM

Re: [Qemu-devel] [PATCH] linux-user: define ipc_perm and shmid_ds per arch and fix shmctl issue

[Peter Maydell]

On 8 October 2013 00:54, Petar Jovanovic  wrote:
> From: Petar Jovanovic 
>
> Structs ipc_perm and shmid_ds are specific for each architecture and should
> be defined accordingly. This change does that, and it also fix shmctl issue
> by passing correct parameter buf to do_shmctl().

Please can you separate out these two things into separate patches?
It's much harder to review the code changes for the do_shmctl changes
when they're swamped by the code motion for making the structs per-arch.

> Signed-off-by: Petar Jovanovic 
> ---
>  linux-user/syscall.c  |   78 +++--
>  linux-user/syscall_defs.h |  211 
> +
>  2 files changed, 240 insertions(+), 49 deletions(-)

Rather than adding another big ifdef ladder to syscall_defs.h, I think
we should create a new file linux-user/$arch/target_structs.h
for each target arch as a place to put "depends on the architecture"
struct definitions. We could then clean up some of the ifdef ladders
in the existing syscall_defs.h too...

thanks
-- PMM

[Qemu-devel] [PATCH] linux-user: define ipc_perm and shmid_ds per arch and fix shmctl issue

[Petar Jovanovic]

From: Petar Jovanovic 

Structs ipc_perm and shmid_ds are specific for each architecture and should
be defined accordingly. This change does that, and it also fix shmctl issue
by passing correct parameter buf to do_shmctl().

Signed-off-by: Petar Jovanovic 
---
 linux-user/syscall.c  |   78 +++--
 linux-user/syscall_defs.h |  211 +
 2 files changed, 240 insertions(+), 49 deletions(-)

diff --git a/linux-user/syscall.c b/linux-user/syscall.c
index 4a14a43..abaffde 100644
--- a/linux-user/syscall.c
+++ b/linux-user/syscall.c
@@ -2417,21 +2417,6 @@ static struct shm_region {
 abi_ulong  size;
 } shm_regions[N_SHM_REGIONS];
 
-struct target_ipc_perm
-{
-abi_long __key;
-abi_ulong uid;
-abi_ulong gid;
-abi_ulong cuid;
-abi_ulong cgid;
-unsigned short int mode;
-unsigned short int __pad1;
-unsigned short int __seq;
-unsigned short int __pad2;
-abi_ulong __unused1;
-abi_ulong __unused2;
-};
-
 struct target_semid_ds
 {
   struct target_ipc_perm sem_perm;
@@ -2453,12 +2438,21 @@ static inline abi_long target_to_host_ipc_perm(struct 
ipc_perm *host_ip,
 if (!lock_user_struct(VERIFY_READ, target_sd, target_addr, 1))
 return -TARGET_EFAULT;
 target_ip = &(target_sd->sem_perm);
-host_ip->__key = tswapal(target_ip->__key);
-host_ip->uid = tswapal(target_ip->uid);
-host_ip->gid = tswapal(target_ip->gid);
-host_ip->cuid = tswapal(target_ip->cuid);
-host_ip->cgid = tswapal(target_ip->cgid);
+host_ip->__key = tswap32(target_ip->__key);
+host_ip->uid = tswap32(target_ip->uid);
+host_ip->gid = tswap32(target_ip->gid);
+host_ip->cuid = tswap32(target_ip->cuid);
+host_ip->cgid = tswap32(target_ip->cgid);
+#if defined(TARGET_ALPHA) || defined(TARGET_MIPS) || defined(TARGET_PPC)
+host_ip->mode = tswap32(target_ip->mode);
+#else
 host_ip->mode = tswap16(target_ip->mode);
+#endif
+#if defined(TARGET_PPC)
+host_ip->__seq = tswap32(target_ip->__seq);
+#else
+host_ip->__seq = tswap16(target_ip->__seq);
+#endif
 unlock_user_struct(target_sd, target_addr, 0);
 return 0;
 }
@@ -2472,12 +2466,21 @@ static inline abi_long 
host_to_target_ipc_perm(abi_ulong target_addr,
 if (!lock_user_struct(VERIFY_WRITE, target_sd, target_addr, 0))
 return -TARGET_EFAULT;
 target_ip = &(target_sd->sem_perm);
-target_ip->__key = tswapal(host_ip->__key);
-target_ip->uid = tswapal(host_ip->uid);
-target_ip->gid = tswapal(host_ip->gid);
-target_ip->cuid = tswapal(host_ip->cuid);
-target_ip->cgid = tswapal(host_ip->cgid);
+target_ip->__key = tswap32(host_ip->__key);
+target_ip->uid = tswap32(host_ip->uid);
+target_ip->gid = tswap32(host_ip->gid);
+target_ip->cuid = tswap32(host_ip->cuid);
+target_ip->cgid = tswap32(host_ip->cgid);
+#if defined(TARGET_ALPHA) || defined(TARGET_MIPS) || defined(TARGET_PPC)
+target_ip->mode = tswap32(host_ip->mode);
+#else
 target_ip->mode = tswap16(host_ip->mode);
+#endif
+#if defined(TARGET_PPC)
+target_ip->__seq = tswap32(host_ip->__seq);
+#else
+target_ip->__seq = tswap16(host_ip->__seq);
+#endif
 unlock_user_struct(target_sd, target_addr, 1);
 return 0;
 }
@@ -2908,29 +2911,6 @@ end:
 return ret;
 }
 
-struct target_shmid_ds
-{
-struct target_ipc_perm shm_perm;
-abi_ulong shm_segsz;
-abi_ulong shm_atime;
-#if TARGET_ABI_BITS == 32
-abi_ulong __unused1;
-#endif
-abi_ulong shm_dtime;
-#if TARGET_ABI_BITS == 32
-abi_ulong __unused2;
-#endif
-abi_ulong shm_ctime;
-#if TARGET_ABI_BITS == 32
-abi_ulong __unused3;
-#endif
-int shm_cpid;
-int shm_lpid;
-abi_ulong shm_nattch;
-unsigned long int __unused4;
-unsigned long int __unused5;
-};
-
 static inline abi_long target_to_host_shmid_ds(struct shmid_ds *host_sd,
abi_ulong target_addr)
 {
@@ -3216,7 +3196,7 @@ static abi_long do_ipc(unsigned int call, int first,
 
/* IPC_* and SHM_* command values are the same on all linux platforms */
 case IPCOP_shmctl:
-ret = do_shmctl(first, second, third);
+ret = do_shmctl(first, second, ptr);
 break;
 default:
gemu_log("Unsupported ipc call: %d (version %d)\n", call, version);
diff --git a/linux-user/syscall_defs.h b/linux-user/syscall_defs.h
index 5f53a28..079156e 100644
--- a/linux-user/syscall_defs.h
+++ b/linux-user/syscall_defs.h
@@ -2513,3 +2513,214 @@ struct target_ucred {
 };
 
 #endif
+
+#if defined(TARGET_ALPHA)
+
+struct target_ipc_perm {
+abi_int __key;
+abi_uint uid;
+abi_uint gid;
+abi_uint cuid;
+abi_uint cgid;
+abi_uint mode;
+abi_ushort __seq;
+abi_ushort __pad1;
+abi_ulong __unused1;
+abi_ulong __unused2;
+};
+
+struct target_shmid_ds {
+struct target_ipc_perm shm_perm;
+abi_long shm_segsz;
+abi_ulong shm_atime;
+abi_ulong shm_dtime;
+abi_ulong shm_ctime;

[Qemu-devel] sniffing traffic between VMs

[Alexander Binun]

Hello Friends, 
  My name is Alex Binun and I am a researcher in the group of Prof. Shlomi 
Dolev, Ben-Gurion University of the Negev, Israel, 
http://www.cs.bgu.ac.il/~dolev/. The group investigates security in 
virtualization environments and implements a prototype on the top of KVM. 
Searching for relevant stuff we (the group) ran into the page of Stefan , see 
his latest  blog entry 
http://blog.vmsplice.net/search?updated-min=2013-01-01T00:00:00Z&updated-max=2014-01-01T00:00:00Z&max-results=5,
 and got your email.

Our first task is to trace the traffic between individual VMs and between VMs 
and the VMM (the KVM driver). So we are searching for proper places to insert 
"sniffer code". We suspect that some functions in qemu/hw/virtio should be 
targeted. And we will appreciate any hints on this places.

 Taking into account the efforts towards the standardization of virtual 
input/output mentioned by Stefan in his latest blog entry, the places for 
inserting traffic sniffers can be easily found.

Great thanks in advance, 
   Mark, Martin and Alex 

[Qemu-devel] [PATCH 0/2] [RFC] qemu-ga: add support for guest command execution

[srinath reddy]

Hi,

Can someone help me in finding the status of this RFC here
http://lists.gnu.org/archive/html/qemu-devel/2011-12/msg00722.html

I need a similar functionality.

Thanks,
Srinath.

-- 
good day

[Qemu-devel] [PATCH 2/2] virtio: refresh registers at reset time

[Greg Kurz]

We need to support the guest endianness as soon as a virtio device shows
up. Alex suggested this can achieved by calling cpu_synchronize_state().

To have it working on PowerPC, we need to add LPCR in the sync register
functions.

Signed-off-by: Greg Kurz 
---
 hw/virtio/virtio.c |5 +
 target-ppc/kvm.c   |4 
 2 files changed, 9 insertions(+)

diff --git a/hw/virtio/virtio.c b/hw/virtio/virtio.c
index bc728d8..4a294e1 100644
--- a/hw/virtio/virtio.c
+++ b/hw/virtio/virtio.c
@@ -19,6 +19,7 @@
 #include "qemu/atomic.h"
 #include "hw/virtio/virtio-bus.h"
 #include "hw/virtio/virtio-access.h"
+#include "sysemu/kvm.h"
 
 /*
  * The alignment to use between consumer and producer parts of vring.
@@ -566,6 +567,10 @@ void virtio_reset(void *opaque)
 vdev->vq[i].signalled_used_valid = false;
 vdev->vq[i].notification = true;
 }
+
+if (current_cpu) {
+cpu_synchronize_state(current_cpu);
+}
 }
 
 uint32_t virtio_config_readb(VirtIODevice *vdev, uint32_t addr)
diff --git a/target-ppc/kvm.c b/target-ppc/kvm.c
index b77ce5e..69ebe2a 100644
--- a/target-ppc/kvm.c
+++ b/target-ppc/kvm.c
@@ -869,6 +869,8 @@ int kvm_arch_put_registers(CPUState *cs, int level)
 DPRINTF("Warning: Unable to set VPA information to KVM\n");
 }
 }
+
+kvm_put_one_spr(cs, KVM_REG_PPC_LPCR, SPR_LPCR);
 #endif /* TARGET_PPC64 */
 }
 
@@ -1091,6 +1093,8 @@ int kvm_arch_get_registers(CPUState *cs)
 DPRINTF("Warning: Unable to get VPA information from KVM\n");
 }
 }
+
+kvm_get_one_spr(cs, KVM_REG_PPC_LPCR, SPR_LPCR);
 #endif
 }
 

Re: [Qemu-devel] [PATCH RFC 04/11] s390/qemu: cpu model cpu facilitiy support

[Michael Mueller]

On Mon, 7 Oct 2013 12:47:53 +0200
Michael Mueller  wrote:

> On Thu, 03 Oct 2013 07:53:02 -0700
> Richard Henderson  wrote:
> 
> > On 10/02/2013 04:33 AM, Michael Mueller wrote:
> > > +/* set a specific bit in facility set */
> > > +static void set_facility(unsigned int nr, void *facilities)
> > > +{
> > > +unsigned char *ptr;
> > > +
> > > +if (nr >= MAX_S390_FACILITY_BIT) {
> > > +return;
> > > +}
> > > +ptr = (unsigned char *) facilities + (nr >> 3);
> > > +*ptr |= (0x80 >> (nr & 7));
> > > +}
> > 
> > I'd like to see this done in a host endian independent way.
> 
> valid point, I will address that.
> 
> > 
> > See my recent patch set to add facility support to the tcg side
> > of target-s390, with which this patch set is going to conflict.
> 
> I saw it, that's why I've pushed this patch set out for RFC.
> 
> > 
> > Is there a good reason not to compute these facility masks at
> > compile-time?  See
> > 
> >  http://patchwork.ozlabs.org/patch/279534/
> > 
> > where I have pre-computed (possibly incomplete) facilities lists
> > for the major cpu revisions.
> 
> Your facilities lists have been derived from constants introduced in head.S. 
> They represent
> model specific "required" facilities. That does not necessarily mean for all 
> of them that they
> have been introduced with the respective model. Some have been introduced 
> already with model:
> N-1, GA>1
> 
> > 
> > It just seems like your facility_availability array is the wrong
> > way to go about things, taking up more memory and startup time
> > than necessary.
> > 
> 
> The reason why I represent them in the data segment is that they are are not 
> considered as
> constants in the s390 system perspective. I plan to be able to simulate 
> firmware migration that
> introduce new facility bits without the need of restarting the guest OS.
> 
> A second reason for using 2k of memory here is to fully represent the 
> facilities as defined
> in the s390x architecture. The SIE state needs it and I want to represent it 
> identically in user
> space and KVM. Otherwise I would need a specific interface just for the 
> facilities.
> 
> I will consider to alternatively use your way of FAC definition, but still 
> that would include a
> copy.
> 
> In regard to the startup time, I will figure out what the overhead is.

A measurement on a z12EC shows the overhead time to be between 500-800 ns per 
model. Currently
28 models are defined that means the whole calculation time takes well below 30 
us. 

> 
> Thanks a lot!
> Michael
> > 
> > r~
> > 
> 
> 

[Qemu-devel] [PATCH 1/2] linux-headers: POWER8 partial update

[Greg Kurz]

Add definition for KVM_REG_PPC_LPCR, taken from:

https://github.com/agraf/linux-2.6/commit/1a87967d4c

Signed-off-by: Greg Kurz 
---
 linux-headers/asm-powerpc/kvm.h |3 +++
 1 file changed, 3 insertions(+)

diff --git a/linux-headers/asm-powerpc/kvm.h b/linux-headers/asm-powerpc/kvm.h
index 0fb1a6e..bb5b4ce 100644
--- a/linux-headers/asm-powerpc/kvm.h
+++ b/linux-headers/asm-powerpc/kvm.h
@@ -499,6 +499,9 @@ struct kvm_get_htab_header {
 #define KVM_REG_PPC_TLB3PS (KVM_REG_PPC | KVM_REG_SIZE_U32 | 0x9a)
 #define KVM_REG_PPC_EPTCFG (KVM_REG_PPC | KVM_REG_SIZE_U32 | 0x9b)
 
+/* POWER8 registers */
+#define KVM_REG_PPC_LPCR(KVM_REG_PPC | KVM_REG_SIZE_U32 | 0xb5)
+
 /* PPC64 eXternal Interrupt Controller Specification */
 #define KVM_DEV_XICS_GRP_SOURCES   1   /* 64-bit source attributes */
 

[Qemu-devel] [PATCH 0/2] virtio: guest endianness support

[Greg Kurz]

This patchset is a followup to Rusty's "virtio for endian curious guests" serie:

https://lists.nongnu.org/archive/html/qemu-devel/2013-08/msg01502.html

It brings guest endianness knowledge to the virtio drivers when running in
KVM mode, on PowerPC.

The first patch is only here to have KVM_REG_PPC_LPCR defined. It is not
needed unless you wish to build and do not already have KVM_REG_PPC_LPCR in
linux-headers/asm-powerpc/kvm.h. The interesting code is in the second patch.

Cheers.

---

Greg Kurz (2):
  linux-headers: POWER8 partial update
  virtio: refresh registers at reset time


 hw/virtio/virtio.c  |5 +
 linux-headers/asm-powerpc/kvm.h |3 +++
 target-ppc/kvm.c|4 
 3 files changed, 12 insertions(+)

-- 
Greg Kurz

Re: [Qemu-devel] ChrEMU - Virtualization in the Browser

[Paolo Bonzini]

Il 25/09/2013 16:02, Stefan Hajnoczi ha scritto:
 >>> I'm pretty sure coroutines would provide difficult to port too.
>>> >>
>>> >> The gthread backend should work since it doesn't use stack-switching.
>> >
>> > ...except that the gthread backend doesn't work for anything
>> > except some nebulous testing scenarios.
> If someone really needs the gthread backend, they can make it work.
> 
> In a NaCl world, you don't have POSIX signals anyway so the signal
> mask issue with the gthread backend is moot.

If you don't have signals, you also don't have a way to interrupt the
VCPU thread.  After all the work on making memory dispatch more
thread-friendly is completed, it shouldn't be _that_ hard to run the TCG
VCPU threads outside the big QEMU lock.  But until that is done, you
need POSIX signals to interrupt the VCPU thread (Windows uses the debug
API instead, which is even worse and probably doesn't have a NaCl
equivalent either).

Paolo

Re: [Qemu-devel] [PATCH 3/4] Refactoring MonitorDef array

[Fabien Chouteau]

On 10/07/2013 03:29 PM, Peter Maydell wrote:
> On 7 October 2013 22:06, Fabien Chouteau  wrote:
>> On 10/07/2013 01:45 PM, Peter Maydell wrote:
>>> On 7 October 2013 19:11, Fabien Chouteau  wrote:
 On 10/04/2013 07:49 PM, Peter Maydell wrote:
> On 5 October 2013 01:57, Fabien Chouteau  wrote:
>> +extern const MonitorDef i386_monitor_defs[];
>
> Declare this in cpu-qom.h, rather than having an
> extern declaration in a .c file.
> 
>> Sorry I sent the email too quickly. It looks like a circular dependency
>>
>> In file included from /home/chouteau/src/qemu-main/target-arm/cpu.h:294:0,
>>  from 
>> /home/chouteau/src/qemu-main/include/monitor/monitor_def.h:4,
>>  from /home/chouteau/src/qemu-main/target-arm/monitor.c:20:
>> /home/chouteau/src/qemu-main/target-arm/cpu-qom.h:184:25: error: array type 
>> has incomplete element type
>> make[1]: *** [target-arm/monitor.o] Error 1
> 
> I think you should be able to declare it as
>   extern const MonitorDef *i386_monitor_defs;
> 
> then you don't need to include monitor_def.h from cpu-qom.h.
> (untested, but the typedef should be sufficient for this)
> 

/home/chouteau/src/qemu-main/target-arm/monitor.c:22:19: error: conflicting 
types for ‘arm_monitor_defs’
/home/chouteau/src/qemu-main/target-arm/cpu-qom.h:183:26: note: previous 
declaration of ‘arm_monitor_defs’ was here

cpu-qom.h is indirectly included in target-arm/monitor.c

-- 
Fabien Chouteau

[Qemu-devel] [Bug 1100843] Re: Live Migration Causes Performance Issues

[Chris J Arges]

** Description changed:

  SRU Justification
- [Impact] 
-  * Users of QEMU that save their memory states using savevm/loadvm or migrate 
experience worse performance after the migration/loadvm. To workaround these 
issues VMs must be completely rebooted. Optimally we should be able to restore 
a VM's memory state an expect no performance issue.   
+ [Impact]
+  * Users of QEMU that save their memory states using savevm/loadvm or migrate 
experience worse performance after the migration/loadvm. To workaround these 
issues VMs must be completely rebooted. Optimally we should be able to restore 
a VM's memory state an expect no performance issue.
  
  [Test Case]
  
-  * savevm/loadvm:
-- Create a VM and install a test suite such as lmbench.
-- Get numbers right after boot and record them.
-- Open up the qemu monitor and type the following:
-  stop
-  savevm 0
-  loadvm 0
-  c
-- Measure performance and record numbers.
-- Compare if numbers are within margin of error.
-  * migrate:
-- Create VM, install lmbench, get numbers.
-- Open up qemu monitor and type the following:
-  stop
-  migrate "exec:dd of=~/save.vm"
-  quit
-- Start a new VM using qemu but add the following argument:
-  -incoming "exec:dd if=~/save.vm"
-- Run performance test and compare.
-  
-  If performance measured is similar then we pass the test case. 
+  * savevm/loadvm:
+    - Create a VM and install a test suite such as lmbench.
+    - Get numbers right after boot and record them.
+    - Open up the qemu monitor and type the following:
+  stop
+  savevm 0
+  loadvm 0
+  c
+    - Measure performance and record numbers.
+    - Compare if numbers are within margin of error.
+  * migrate:
+    - Create VM, install lmbench, get numbers.
+    - Open up qemu monitor and type the following:
+  stop
+  migrate "exec:dd of=~/save.vm"
+  quit
+    - Start a new VM using qemu but add the following argument:
+  -incoming "exec:dd if=~/save.vm"
+    - Run performance test and compare.
+ 
+  If performance measured is similar then we pass the test case.
  
  [Regression Potential]
  
-  * The fix is a backport of two upstream patches:
+  * The fix is a backport of two upstream patches:
  ad0b5321f1f797274603ebbe20108b0750baee94
  211ea74022f51164a7729030b28eec90b6c99a08
  
  On patch allows QEMU to use THP if its enabled.
  The other patch changes logic to not memset pages to zero when loading memory 
for the vm (on an incoming migration).
  
+  * I've also run the qa-regression-testing test-qemu.py script and it passes 
all tests.
  --
  
  I have 2 physical hosts running Ubuntu Precise.  With 1.0+noroms-
  0ubuntu14.7 and qemu-kvm 1.2.0+noroms-0ubuntu7 (source from quantal,
  built for Precise with pbuilder.) I attempted to build qemu-1.3.0 debs
  from source to test, but libvirt seems to have an issue with it that I
  haven't been able to track down yet.
  
   I'm seeing a performance degradation after live migration on Precise,
  but not Lucid.  These hosts are managed by libvirt (tested both
  0.9.8-2ubuntu17 and 1.0.0-0ubuntu4) in conjunction with OpenNebula.  I
  don't seem to have this problem with lucid guests (running a number of
  standard kernels, 3.2.5 mainline and backported linux-
  image-3.2.0-35-generic as well.)
  
  I first noticed this problem with phoronix doing compilation tests, and
  then tried lmbench where even simple calls experience performance
  degradation.
  
  I've attempted to post to the kvm mailing list, but so far the only
  suggestion was it may be related to transparent hugepages not being used
  after migration, but this didn't pan out.  Someone else has a similar
  problem here -
  http://thread.gmane.org/gmane.comp.emulators.kvm.devel/100592
  
  qemu command line example: /usr/bin/kvm -name one-2 -S -M pc-1.2 -cpu
  Westmere -enable-kvm -m 73728 -smp 16,sockets=2,cores=8,threads=1 -uuid
  f89e31a4-4945-c12c-6544-149ba0746c2f -no-user-config -nodefaults
  -chardev
  socket,id=charmonitor,path=/var/lib/libvirt/qemu/one-2.monitor,server,nowait
  -mon chardev=charmonitor,id=monitor,mode=control -rtc
  base=utc,driftfix=slew -no-kvm-pit-reinjection -no-shutdown -device
  piix3-usb-uhci,id=usb,bus=pci.0,addr=0x1.0x2 -drive
  file=/var/lib/one//datastores/0/2/disk.0,if=none,id=drive-virtio-
  disk0,format=raw,cache=none -device virtio-blk-
  pci,scsi=off,bus=pci.0,addr=0x4,drive=drive-virtio-disk0,id=virtio-
  disk0,bootindex=1 -drive
  file=/var/lib/one//datastores/0/2/disk.1,if=none,id=drive-
  ide0-0-0,readonly=on,format=raw -device ide-cd,bus=ide.0,unit=0,drive
  =drive-ide0-0-0,id=ide0-0-0 -netdev
  tap,fd=23,id=hostnet0,vhost=on,vhostfd=25 -device virtio-net-
  pci,netdev=hostnet0,id=net0,mac=02:00:0a:64:02:fe,bus=pci.0,addr=0x3
  -vnc 0.0.0.0:2,password -vga cirrus -incoming tcp:0.0.0.0:49155 -device
  virtio-balloon-pci,id=balloon0,bus=pci.0,addr=0x5
  
  Disk backend is LVM running on SAN via FC connectio

[Qemu-devel] [Bug 1100843] Re: Live Migration Causes Performance Issues

[Chris J Arges]

** Description changed:

+ SRU Justification
+ [Impact] 
+  * Users of QEMU that save their memory states using savevm/loadvm or migrate 
experience worse performance after the migration/loadvm. To workaround these 
issues VMs must be completely rebooted. Optimally we should be able to restore 
a VM's memory state an expect no performance issue.   
+ 
+ [Test Case]
+ 
+  * savevm/loadvm:
+- Create a VM and install a test suite such as lmbench.
+- Get numbers right after boot and record them.
+- Open up the qemu monitor and type the following:
+  stop
+  savevm 0
+  loadvm 0
+  c
+- Measure performance and record numbers.
+- Compare if numbers are within margin of error.
+  * migrate:
+- Create VM, install lmbench, get numbers.
+- Open up qemu monitor and type the following:
+  stop
+  migrate "exec:dd of=~/save.vm"
+  quit
+- Start a new VM using qemu but add the following argument:
+  -incoming "exec:dd if=~/save.vm"
+- Run performance test and compare.
+  
+  If performance measured is similar then we pass the test case. 
+ 
+ [Regression Potential]
+ 
+  * The fix is a backport of two upstream patches:
+ ad0b5321f1f797274603ebbe20108b0750baee94
+ 211ea74022f51164a7729030b28eec90b6c99a08
+ 
+ On patch allows QEMU to use THP if its enabled.
+ The other patch changes logic to not memset pages to zero when loading memory 
for the vm (on an incoming migration).
+ 
+ --
+ 
  I have 2 physical hosts running Ubuntu Precise.  With 1.0+noroms-
  0ubuntu14.7 and qemu-kvm 1.2.0+noroms-0ubuntu7 (source from quantal,
  built for Precise with pbuilder.) I attempted to build qemu-1.3.0 debs
  from source to test, but libvirt seems to have an issue with it that I
  haven't been able to track down yet.
  
-  I'm seeing a performance degradation after live migration on Precise,
+  I'm seeing a performance degradation after live migration on Precise,
  but not Lucid.  These hosts are managed by libvirt (tested both
  0.9.8-2ubuntu17 and 1.0.0-0ubuntu4) in conjunction with OpenNebula.  I
  don't seem to have this problem with lucid guests (running a number of
  standard kernels, 3.2.5 mainline and backported linux-
  image-3.2.0-35-generic as well.)
  
  I first noticed this problem with phoronix doing compilation tests, and
  then tried lmbench where even simple calls experience performance
  degradation.
  
  I've attempted to post to the kvm mailing list, but so far the only
  suggestion was it may be related to transparent hugepages not being used
  after migration, but this didn't pan out.  Someone else has a similar
  problem here -
  http://thread.gmane.org/gmane.comp.emulators.kvm.devel/100592
  
  qemu command line example: /usr/bin/kvm -name one-2 -S -M pc-1.2 -cpu
  Westmere -enable-kvm -m 73728 -smp 16,sockets=2,cores=8,threads=1 -uuid
  f89e31a4-4945-c12c-6544-149ba0746c2f -no-user-config -nodefaults
  -chardev
  socket,id=charmonitor,path=/var/lib/libvirt/qemu/one-2.monitor,server,nowait
  -mon chardev=charmonitor,id=monitor,mode=control -rtc
  base=utc,driftfix=slew -no-kvm-pit-reinjection -no-shutdown -device
  piix3-usb-uhci,id=usb,bus=pci.0,addr=0x1.0x2 -drive
  file=/var/lib/one//datastores/0/2/disk.0,if=none,id=drive-virtio-
  disk0,format=raw,cache=none -device virtio-blk-
  pci,scsi=off,bus=pci.0,addr=0x4,drive=drive-virtio-disk0,id=virtio-
  disk0,bootindex=1 -drive
  file=/var/lib/one//datastores/0/2/disk.1,if=none,id=drive-
  ide0-0-0,readonly=on,format=raw -device ide-cd,bus=ide.0,unit=0,drive
  =drive-ide0-0-0,id=ide0-0-0 -netdev
  tap,fd=23,id=hostnet0,vhost=on,vhostfd=25 -device virtio-net-
  pci,netdev=hostnet0,id=net0,mac=02:00:0a:64:02:fe,bus=pci.0,addr=0x3
  -vnc 0.0.0.0:2,password -vga cirrus -incoming tcp:0.0.0.0:49155 -device
  virtio-balloon-pci,id=balloon0,bus=pci.0,addr=0x5
  
  Disk backend is LVM running on SAN via FC connection (using symlink from
  /var/lib/one/datastores/0/2/disk.0 above)
  
- 
  ubuntu-12.04 - first boot
  ==
  Simple syscall: 0.0527 microseconds
  Simple read: 0.1143 microseconds
  Simple write: 0.0953 microseconds
  Simple open/close: 1.0432 microseconds
  
  Using phoronix pts/compuational
  ImageMagick - 31.54s
  Linux Kernel 3.1 - 43.91s
  Mplayer - 30.49s
  PHP - 22.25s
- 
  
  ubuntu-12.04 - post live migration
  ==
  Simple syscall: 0.0621 microseconds
  Simple read: 0.2485 microseconds
  Simple write: 0.2252 microseconds
  Simple open/close: 1.4626 microseconds
  
  Using phoronix pts/compilation
  ImageMagick - 43.29s
  Linux Kernel 3.1 - 76.67s
  Mplayer - 45.41s
  PHP - 29.1s
  
- 
- I don't have phoronix results for 10.04 handy, but they were within 1% of 
each other...
+ I don't have phoronix results for 10.04 handy, but they were within 1%
+ of each other...
  
  ubuntu-10.04 - first boot
  ==
  Simple syscall: 0.0524 microseconds
  Simple read: 0.1135 microse

Re: [Qemu-devel] [PATCH -V4 2/4] target-ppc: Fix page table lookup with kvm enabled

[Alexander Graf]

On 07.10.2013, at 15:58, Aneesh Kumar K.V  
wrote:

> Alexander Graf  writes:
> 
>> On 01.10.2013, at 03:27, Aneesh Kumar K.V wrote:
>> 
>>> Alexander Graf  writes:
>>> 
 On 09/05/2013 10:16 AM, Aneesh Kumar K.V wrote:
> From: "Aneesh Kumar K.V"
> 
> 
> 
> 
>>> 
>>> Can you  explain this better ? 
>> 
>> You're basically doing
>> 
>> hwaddr ppc_hash64_pteg_search(...)
>> {
>>if (kvm) {
>>pteg = read_from_kvm();
>>foreach pte in pteg {
>>if (match) return offset;
>>}
>>return -1;
>>} else {
>>foreach pte in pteg {
>>pte = read_pte_from_memory();
>>if (match) return offset;
>>}
>>return -1;
>>}
>> }
>> 
>> This is massive code duplication. The only difference between kvm and
>> tcg are the source for the pteg read. David already abstracted the
>> actual pte0/pte1 reads away in ppc_hash64_load_hpte0 and
>> ppc_hash64_load_hpte1 wrapper functions.
>> 
>> Now imagine we could add a temporary pteg store in env. Then have something 
>> like this in ppc_hash64_load_hpte0:
>> 
>> if (need_kvm_htab_access) {
>>if (env->current_cached_pteg != this_pteg) (
>>read_pteg(env->cached_pteg);
>>return env->cached_pteg[x].pte0;
>>}
>> } else {
>>
>> }
>> 
>> That way the actual resolver doesn't care where the PTEG comes from,
>> as it only ever checks pte0/pte1 and leaves all the magic on where
>> those come from to the load function.
> 
> I tried to do this and didn't like the end result. For one we
> unnecessarly bloat CPUPPCState struct to now carry a pteg information
> and associated array. ie, we need to have now the below in the CPUPPCState.

How about something like

token = ppc_hash64_start_access();
foreach (hpte entry) {
   pte0 = ppc_hash64_load_hpte0(token, ...);
   ...
}
ppc_hash64_stop_access(token);

That way you could put the buffer and pteg_group into the token struct and only 
allocate and use it when KVM with HV is in use.

> 
> int pteg_group;
> unsigned long hpte[(HPTES_PER_GROUP * 2) + 1];
> 
> Also out serach can be much effective with the current code, 

We're anything but performance critical at this point.

> 
>while (index < hpte_buf.header.n_valid) {
> 
> against 
> 
>for (i = 0; i < HPTES_PER_GROUP; i++) {
> 
> I guess the former is better when we can find invalid hpte entries.
> 
> We now also need to update kvm_cpu_synchronize_state to clear
> pte_group so that we would not look at the stale values. If we ever want
> to use reading pteg in any other place we could possibly look at doing
> this. But at this stage, IMHO it unnecessarily make it all complex and
> less efficient.

The point is to make it less complex. I don't like the idea of having 2 hash 
lookups in the same code base that do basically the same. And efficiency only 
ever counts in the TCG case here.


Alex

Re: [Qemu-devel] [PATCH v2 1/4] target-ppc: Fill in OpenFirmware names for some PowerPCCPU families

[Alexey Kardashevskiy]

On 10/01/2013 03:55 AM, Alexander Graf wrote:
> On 09/25/2013 11:01 AM, Alexey Kardashevskiy wrote:
>> On 09/17/2013 12:16 AM, Alexey Kardashevskiy wrote:
>>> On 09/10/2013 02:15 PM, Alexey Kardashevskiy wrote:
 On 08/16/2013 08:35 AM, Andreas Färber wrote:
> Set the expected values for POWER7, POWER7+, POWER8 and POWER5+.
> Note that POWER5+ and POWER7+ are intentionally lacking the '+', so the
> lack of a POWER7P family constitutes no problem.
>
> Signed-off-by: Andreas Färber

 Out of curiosity - is anything going to happen to this series? Is it
 awaiting for someone's review? Just asking as it is quite old and nobody
 seems to care :)
>>> Ping, anyone? Not sure if any of my mails even reaches maillists :-/
>> Ping?
>>
>> It conflicts with "[PATCH] pseries: Fix loading of little endian kernels"
>> posted today. It would be great to have either this series or the new patch
>> upstream...
> 
> Andreas is going to rework it, yes :).


Whn? Not complaining or anything, just asking :)


-- 
Alexey

Re: [Qemu-devel] [PATCH -V4 2/4] target-ppc: Fix page table lookup with kvm enabled

[Aneesh Kumar K.V]

Alexander Graf  writes:

> On 01.10.2013, at 03:27, Aneesh Kumar K.V wrote:
>
>> Alexander Graf  writes:
>> 
>>> On 09/05/2013 10:16 AM, Aneesh Kumar K.V wrote:
 From: "Aneesh Kumar K.V"
 



>> 
>> Can you  explain this better ? 
>
> You're basically doing
>
> hwaddr ppc_hash64_pteg_search(...)
> {
> if (kvm) {
> pteg = read_from_kvm();
> foreach pte in pteg {
> if (match) return offset;
> }
> return -1;
> } else {
> foreach pte in pteg {
> pte = read_pte_from_memory();
> if (match) return offset;
> }
> return -1;
> }
> }
>
> This is massive code duplication. The only difference between kvm and
> tcg are the source for the pteg read. David already abstracted the
> actual pte0/pte1 reads away in ppc_hash64_load_hpte0 and
> ppc_hash64_load_hpte1 wrapper functions.
>
> Now imagine we could add a temporary pteg store in env. Then have something 
> like this in ppc_hash64_load_hpte0:
>
> if (need_kvm_htab_access) {
> if (env->current_cached_pteg != this_pteg) (
> read_pteg(env->cached_pteg);
> return env->cached_pteg[x].pte0;
> }
> } else {
> 
> }
>
> That way the actual resolver doesn't care where the PTEG comes from,
> as it only ever checks pte0/pte1 and leaves all the magic on where
> those come from to the load function.

I tried to do this and didn't like the end result. For one we
unnecessarly bloat CPUPPCState struct to now carry a pteg information
and associated array. ie, we need to have now the below in the CPUPPCState.

int pteg_group;
unsigned long hpte[(HPTES_PER_GROUP * 2) + 1];

Also out serach can be much effective with the current code, 

while (index < hpte_buf.header.n_valid) {

against 

for (i = 0; i < HPTES_PER_GROUP; i++) {

I guess the former is better when we can find invalid hpte entries.

We now also need to update kvm_cpu_synchronize_state to clear
pte_group so that we would not look at the stale values. If we ever want
to use reading pteg in any other place we could possibly look at doing
this. But at this stage, IMHO it unnecessarily make it all complex and
less efficient.

-aneesh

[Qemu-devel] [Bug 1100843] Re: Live Migration Causes Performance Issues

[Chris J Arges]

I found that two patches need to be backported to solve this issue:

ad0b5321f1f797274603ebbe20108b0750baee94
211ea74022f51164a7729030b28eec90b6c99a08

I've added the necessary bits into precise and tried a few tests:
1) Measure performance before and after savevm/loadvm.
2) Measure performance before and after a migrate to the same host.

In both cases the performance measured by something like lmbench was the same 
as the previous run.
A test build is available here:
http://people.canonical.com/~arges/lp1100843/precise_v2/

** Patch added: "fix-lp1100843-precise.debdiff"
   
https://bugs.launchpad.net/ubuntu/+source/qemu-kvm/+bug/1100843/+attachment/3864309/+files/fix-lp1100843-precise.debdiff

-- 
You received this bug notification because you are a member of qemu-
devel-ml, which is subscribed to QEMU.
https://bugs.launchpad.net/bugs/1100843

Title:
  Live Migration Causes Performance Issues

Status in QEMU:
  New
Status in “qemu-kvm” package in Ubuntu:
  Fix Released
Status in “qemu-kvm” source package in Precise:
  In Progress
Status in “qemu-kvm” source package in Quantal:
  Triaged
Status in “qemu-kvm” source package in Raring:
  Triaged
Status in “qemu-kvm” source package in Saucy:
  Fix Released

Bug description:
  I have 2 physical hosts running Ubuntu Precise.  With 1.0+noroms-
  0ubuntu14.7 and qemu-kvm 1.2.0+noroms-0ubuntu7 (source from quantal,
  built for Precise with pbuilder.) I attempted to build qemu-1.3.0 debs
  from source to test, but libvirt seems to have an issue with it that I
  haven't been able to track down yet.

   I'm seeing a performance degradation after live migration on Precise,
  but not Lucid.  These hosts are managed by libvirt (tested both
  0.9.8-2ubuntu17 and 1.0.0-0ubuntu4) in conjunction with OpenNebula.  I
  don't seem to have this problem with lucid guests (running a number of
  standard kernels, 3.2.5 mainline and backported linux-
  image-3.2.0-35-generic as well.)

  I first noticed this problem with phoronix doing compilation tests,
  and then tried lmbench where even simple calls experience performance
  degradation.

  I've attempted to post to the kvm mailing list, but so far the only
  suggestion was it may be related to transparent hugepages not being
  used after migration, but this didn't pan out.  Someone else has a
  similar problem here -
  http://thread.gmane.org/gmane.comp.emulators.kvm.devel/100592

  qemu command line example: /usr/bin/kvm -name one-2 -S -M pc-1.2 -cpu
  Westmere -enable-kvm -m 73728 -smp 16,sockets=2,cores=8,threads=1
  -uuid f89e31a4-4945-c12c-6544-149ba0746c2f -no-user-config -nodefaults
  -chardev
  socket,id=charmonitor,path=/var/lib/libvirt/qemu/one-2.monitor,server,nowait
  -mon chardev=charmonitor,id=monitor,mode=control -rtc
  base=utc,driftfix=slew -no-kvm-pit-reinjection -no-shutdown -device
  piix3-usb-uhci,id=usb,bus=pci.0,addr=0x1.0x2 -drive
  file=/var/lib/one//datastores/0/2/disk.0,if=none,id=drive-virtio-
  disk0,format=raw,cache=none -device virtio-blk-
  pci,scsi=off,bus=pci.0,addr=0x4,drive=drive-virtio-disk0,id=virtio-
  disk0,bootindex=1 -drive
  file=/var/lib/one//datastores/0/2/disk.1,if=none,id=drive-
  ide0-0-0,readonly=on,format=raw -device ide-cd,bus=ide.0,unit=0,drive
  =drive-ide0-0-0,id=ide0-0-0 -netdev
  tap,fd=23,id=hostnet0,vhost=on,vhostfd=25 -device virtio-net-
  pci,netdev=hostnet0,id=net0,mac=02:00:0a:64:02:fe,bus=pci.0,addr=0x3
  -vnc 0.0.0.0:2,password -vga cirrus -incoming tcp:0.0.0.0:49155
  -device virtio-balloon-pci,id=balloon0,bus=pci.0,addr=0x5

  Disk backend is LVM running on SAN via FC connection (using symlink
  from /var/lib/one/datastores/0/2/disk.0 above)

  
  ubuntu-12.04 - first boot
  ==
  Simple syscall: 0.0527 microseconds
  Simple read: 0.1143 microseconds
  Simple write: 0.0953 microseconds
  Simple open/close: 1.0432 microseconds

  Using phoronix pts/compuational
  ImageMagick - 31.54s
  Linux Kernel 3.1 - 43.91s
  Mplayer - 30.49s
  PHP - 22.25s

  
  ubuntu-12.04 - post live migration
  ==
  Simple syscall: 0.0621 microseconds
  Simple read: 0.2485 microseconds
  Simple write: 0.2252 microseconds
  Simple open/close: 1.4626 microseconds

  Using phoronix pts/compilation
  ImageMagick - 43.29s
  Linux Kernel 3.1 - 76.67s
  Mplayer - 45.41s
  PHP - 29.1s

  
  I don't have phoronix results for 10.04 handy, but they were within 1% of 
each other...

  ubuntu-10.04 - first boot
  ==
  Simple syscall: 0.0524 microseconds
  Simple read: 0.1135 microseconds
  Simple write: 0.0972 microseconds
  Simple open/close: 1.1261 microseconds

  
  ubuntu-10.04 - post live migration
  ==
  Simple syscall: 0.0526 microseconds
  Simple read: 0.1075 microseconds
  Simple write: 0.0951 microseconds
  Simple open/close: 1.0413 microseconds

To manage notifications about this bug go to:
https://bugs.launchpad.net/qemu/+bug/110084

Re: [Qemu-devel] [PATCH 3/4] Refactoring MonitorDef array

[Peter Maydell]

On 7 October 2013 22:06, Fabien Chouteau  wrote:
> On 10/07/2013 01:45 PM, Peter Maydell wrote:
>> On 7 October 2013 19:11, Fabien Chouteau  wrote:
>>> On 10/04/2013 07:49 PM, Peter Maydell wrote:
 On 5 October 2013 01:57, Fabien Chouteau  wrote:
> +extern const MonitorDef i386_monitor_defs[];

 Declare this in cpu-qom.h, rather than having an
 extern declaration in a .c file.

> Sorry I sent the email too quickly. It looks like a circular dependency
>
> In file included from /home/chouteau/src/qemu-main/target-arm/cpu.h:294:0,
>  from 
> /home/chouteau/src/qemu-main/include/monitor/monitor_def.h:4,
>  from /home/chouteau/src/qemu-main/target-arm/monitor.c:20:
> /home/chouteau/src/qemu-main/target-arm/cpu-qom.h:184:25: error: array type 
> has incomplete element type
> make[1]: *** [target-arm/monitor.o] Error 1

I think you should be able to declare it as
  extern const MonitorDef *i386_monitor_defs;

then you don't need to include monitor_def.h from cpu-qom.h.
(untested, but the typedef should be sufficient for this)

-- PMM

Re: [Qemu-devel] [PATCH v9 00/27] qemu: generate acpi tables for the guest

[Igor Mammedov]

On Mon, 7 Oct 2013 12:34:46 +0300
"Michael S. Tsirkin"  wrote:

> This code can also be found here:
> git://git.kernel.org/pub/scm/virt/kvm/mst/qemu.git acpi
> 
> While this patch still uses info not available in QOM, I think it's reasonable
> to merge it and then refactor as QOM properties cover more ground.
> 
> In particular, merging this patchset blocks other projects so
> I think its preferable to merge now and not wait
> for all required QOM properties to materialize.
> 
> I added QOM properties in ich/piix where I knew how to
> do this.
> 
> If you already reviewed v8 then the only patch that
> changed significantly is
>   i386: define pc guest info
> it now supplies numa info about all CPUs and not just
> the ones present at init.
> I also made a couple of trivial tweaks to
>   i386: ACPI table generation code from seabios
> 
> If you already reviewed v5 then the only patches that
> changed are:
>   i386: define pc guest info
>   i386: ACPI table generation code from seabios
> 
> Gerd, Laszlo, I kept your Reviewed-by and Tested-by tags
> on these patches to ensure your contribution is recongnized,
> if you don't like this pls let me know.
> Or better yet re-ack this version :)
> 
> Patches 1-3 are QOM patches really.
> Included here for completeness.
> 
> Igor suggested dropping patches 1-2 and including error.h directly.
> I included his patch and dropped mine.
> I hope that's ok.
> 
> If everything's in order, I intend to merge this through my tree.
> 
> Please review, and comment.
> 
> Changes from v8:
> - remove an unused function
> - fix typo in error message, reported by Igor
> - don't assert when adding a 4 byte value
>   (we don't use this now but it's useful for follow-up
>   bridge hotplug patches)
> - fix numa node reporting for hotplugged cpus, reported by Igor
> 
> Changes from v7 reposted:
> - whitespace fixes - issues reported by Igor
> - typo fix in commit log reported by Eric
> 
> Changes from v7:
> - removed all complex table patching and migration code
>   we now only migrate a single byte "patched/non patched"
>   all tables are simply regenerated on access, rewriting
>   old data
>   in particular this fixed a bug that Igor noticed:
>   cpu online status is now updated correctly
> - removed bitmask of found cpus - use QOM to calculate it
> - dropped changes to typedefs.h - use Igor's patch instead
> 
> Changes from v6:
> - fix 64 bit window bug reported by Igor
> - tweak comments in error.h
> 
> Changes from v5:
> - update generated files to fix build on systems without iasl
> - fix mcfg failure reported by Gerd
> Changes from v4:
> - address comments by Paolo:
> rename loader interface
> reuse macro for hpet name
> better struct names
> move internal headers to hw/i386/
> - fix typos resulting in bugs reported by Gerd
> 
> Changes from v3:
> - reworked code to use QOM properties
>   some info isn't yet available in QOM,
>   use old-style APIs and lookups by type
> - address comments by Gerd: tables are now updated
>   on guest access after pci configuration
> 
> Changes from v2 repost:
> - address comment by Anthony - convert to use APIs implemented
>   using QOM
> - address comment by Anthony - avoid tricky pointer path,
>   use GArray from glib instead
> - Address lots of comments by Hu Tao and Laszlo Ersek
> 
> Changes from v2:
> - added missing patches to make it actually build
> Changes from v1 RFC:
> - added code to address cross version compatibility
> - rebased to latest bits
> - updated seabios code to latest bits (added pvpanic device)
> 
> This patchset moves all generation of ACPI tables
> from guest BIOS to the hypervisor.
> 
> Although ACPI tables come from a system BIOS on real hw,
> it makes sense that the ACPI tables are coupled with the
> virtual machine, since they have to abstract the x86 machine to
> the OS's.
> 
> This is widely desired as a way to avoid the churn
> and proliferation of QEMU-specific interfaces
> associated with ACPI tables in bios code.
> 
> There's a bit of code duplication where we
> already declare similar acpi structures in qemu.
> 
> I think it's best to do it in this order: port
> code directly, and apply cleanups and reduce duplication
> that results, on top.
> This way it's much easier to see that we don't introduce
> regressions.
> 
> In particular, I booted a guest on qemu with and without the
> change, and verified that ACPI tables are
> unchanged except for trivial pointer address changes,
> and the SSDT P_BLK change in the last patch.
> 
> Such binary compatibility makes it easier to be
> confident that this change won't break things.
> 
> Igor Mammedov (1):
>   cleanup object.h: include error.h directly
> 
> Michael S. Tsirkin (26):
>   qom: cleanup struct Error references
>   qom: add pointer to int property helpers
>   pci: fix up w64 size calculation helper
>   fw_cfg: interface to trigger callback on read
>   loader: support for unmapped ROM blobs
>   pcie_host: expose UNMAPPED macro
>   pcie_host: expos

Re: [Qemu-devel] [PATCH 3/4] Refactoring MonitorDef array

[Fabien Chouteau]

On 10/07/2013 01:45 PM, Peter Maydell wrote:
> On 7 October 2013 19:11, Fabien Chouteau  wrote:
>> On 10/04/2013 07:49 PM, Peter Maydell wrote:
>>> On 5 October 2013 01:57, Fabien Chouteau  wrote:
> @@ -47,7 +48,9 @@
  #include "hw/xen/xen.h"
  #include "hw/i386/apic_internal.h"
  #endif
 +#include "monitor/monitor_def.h"

 +extern const MonitorDef i386_monitor_defs[];
>>>
>>> Declare this in cpu-qom.h, rather than having an
>>> extern declaration in a .c file.
>>>
>>
>> I didn't manage to do that.
> 
> If you just say "I couldn't make that work" with no details,
> there isn't much I can say beyond "try harder" :-)
> If you say *why* you couldn't get it to work then I'm more
> likely to either (a) suggest an approach that will work or
> (b) accept that it really does have to be that way...
> 

Sorry I sent the email too quickly. It looks like a circular dependency

In file included from /home/chouteau/src/qemu-main/target-arm/cpu.h:294:0,
 from 
/home/chouteau/src/qemu-main/include/monitor/monitor_def.h:4,
 from /home/chouteau/src/qemu-main/target-arm/monitor.c:20:
/home/chouteau/src/qemu-main/target-arm/cpu-qom.h:184:25: error: array type has 
incomplete element type
make[1]: *** [target-arm/monitor.o] Error 1

monitor_def.h -> cpu.h -> cpu-qom.h -.
  ^  |
  |__/


-- 
Fabien Chouteau

[Qemu-devel] [Bug 1234179] Re: QEMU segfaults during Windows 7 unattended install

[Lucas Meneghel Rodrigues]

The problem showed up this morning again,  same top commit:

10/07 01:34:42 INFO |   git:0150| git commit ID is
a684f3cf9b9b9c3cb82be87aafc463de8974610c (tag v1.4.0-4237-ga684f3c)

This time around, debug symbols were enabled on the configure line:

10/07 01:35:31 DEBUG|build_help:0588| Enabling debug symbols with option: 
--disable-strip
10/07 01:35:31 INFO |build_help:0607| Running configure on build dir
10/07 01:35:31 DEBUG|base_utils:0099| Running 
'/usr/local/autotest/tmp/virt/src/qemu/configure --target-list=x86_64-softmmu 
--enable-debug --disable-strip 
--prefix=/usr/local/autotest/tests/virt/qemu/install_root'

But no additional info on bt full:

[Thread debugging using libthread_db enabled]
Using host libthread_db library "/lib64/libthread_db.so.1".
Core was generated by `/usr/local/autotest/tests/virt/qemu/qemu -S -name 
virt-tests-vm1 -M pc -nodefau'.
Program terminated with signal 11, Segmentation fault.
#0  0x7f11f0f2fcf0 in pixman_image_get_data () from /lib64/libpixman-1.so.0
#0  0x7f11f0f2fcf0 in pixman_image_get_data () from /lib64/libpixman-1.so.0
No symbol table info available.
#1  0x7f11f2ac1be0 in ?? ()
No symbol table info available.
#2  0x in ?? ()
No symbol table info available.

I guess I need the debugging symbols for all involved libraries...

-- 
You received this bug notification because you are a member of qemu-
devel-ml, which is subscribed to QEMU.
https://bugs.launchpad.net/bugs/1234179

Title:
  QEMU segfaults during Windows 7 unattended install

Status in QEMU:
  New

Bug description:
  During today's automated qemu.git testing, a segmentation fault while
  installing Windows 7 SP1 happened.

  qemu.git top commit: 
  10/02 01:30:24 INFO |   git:0150| git commit ID is 
a684f3cf9b9b9c3cb82be87aafc463de8974610c (tag v1.4.0-4237-ga684f3c)

  commit a684f3cf9b9b9c3cb82be87aafc463de8974610c
  Merge: 349cd52 1cf9412
  Author: Anthony Liguori 
  Date:   Mon Sep 30 17:15:27 2013 -0500

  Merge remote-tracking branch 'kraxel/seabios-1.7.3.2' into staging
  
  # By Gerd Hoffmann
  # Via Gerd Hoffmann
  * kraxel/seabios-1.7.3.2:
update seabios from 1.7.2.2 to 1.7.3.2
  
  Message-id: 1380533055-24960-1-git-send-email-kra...@redhat.com

  We have the core file saved in our test servers, we can make
  arrangements to transfer it if there's someone interested in
  investigating further. The framework saved the 'bt full' of the core
  file, that was missing some debug info:

  [Thread debugging using libthread_db enabled]
  Using host libthread_db library "/lib64/libthread_db.so.1".
  Core was generated by `/usr/local/autotest/tests/virt/qemu/qemu -S -name 
virt-tests-vm1 -M pc -nodefau'.
  Program terminated with signal 11, Segmentation fault.
  #0  0x7ffc8fb86cf0 in pixman_image_get_data () from 
/lib64/libpixman-1.so.0
  #0  0x7ffc8fb86cf0 in pixman_image_get_data () from 
/lib64/libpixman-1.so.0
  No symbol table info available.
  #1  0x7ffc9165b05c in ?? ()
  No symbol table info available.
  #2  0x7ffc9382b540 in ?? ()
  No symbol table info available.
  #3  0x7ffc8f359a8d in clock_gettime () from /lib64/libc.so.6
  No symbol table info available.
  #4  0x7ffc9382b5a8 in ?? ()
  No symbol table info available.
  #5  0x00019382b4c0 in ?? ()
  No symbol table info available.
  #6  0x in ?? ()
  No symbol table info available.

  Extra info:

  Commits for the submodules:

  10/02 01:30:29 DEBUG|base_utils:0134| [stdout] Submodule path 'dtc': checked 
out 'bc895d6d09695d05ceb8b52486ffe861d6cfbdde'
  10/02 01:30:51 DEBUG|base_utils:0134| [stdout] Submodule path 'pixman': 
checked out '97336fad32acf802003855cd8bd6477fa49a12e3'
  10/02 01:30:58 DEBUG|base_utils:0134| [stdout] Submodule path 'roms/SLOF': 
checked out '8cfdfc43f4c4c8c8dfa4b7cf16f7c19c84eee812'
  10/02 01:31:16 DEBUG|base_utils:0134| [stdout] Submodule path 'roms/ipxe': 
checked out '09c5109b8585178172c7608de8d52e9d9af0b680'
  10/02 01:31:20 DEBUG|base_utils:0134| [stdout] Submodule path 
'roms/openbios': checked out '0f3d51ef22ec9166beb3ed434d253029ed7cfe84'
  10/02 01:31:21 DEBUG|base_utils:0134| [stdout] Submodule path 
'roms/qemu-palcode': checked out 'c87a92639b28ac42bc8f6c67443543b405dc479b'
  10/02 01:31:27 DEBUG|base_utils:0134| [stdout] Submodule path 'roms/seabios': 
checked out 'ece025f5980bae88fa677bc9c0d24d2e580e205d'
  10/02 01:31:28 DEBUG|base_utils:0134| [stdout] Submodule path 'roms/sgabios': 
checked out '23d474943dcd55d0550a3d20b3d30e9040a4f15b'
  10/02 01:31:31 DEBUG|base_utils:0134| [stdout] Submodule path 'roms/vgabios': 
checked out '19ea12c230ded95928ecaef0db47a82231c2e485'

  Configure options:

  10/02 01:31:32 DEBUG|base_utils:0099| Running 
'/usr/local/autotest/tmp/virt/src/qemu/configure --target-list=x86_64-softmmu 
--disable-strip --prefix=/usr/local/autotest/tests/virt/qemu/install_root'
  10/02 01:31:35 DEBUG|env_proces:0829| (address cache) DHCP lease OK: 
00:30:48:c5:d6:e2 

Re: [Qemu-devel] [RFC PATCH v2 0/3] Fix UST backend for LTTng 2.x

[Alex Bennée]

mohamad.ge...@gmail.com writes:

> Version 2 
>
> * Fix tracepoint generation error in first version.
> * Avoid warnings and errors specific to LTTng ust 2.0.
> * If using LTTng ust 2.0, we can't avoid getting warnings because of the
>   --warn-common option given to the linker. This is fixed in more recent
>   versions of LTTng ust.

Looking good. Builds for me now although I need to do some reading to
actually test it out. One omission is docs/tracing.txt gives examples
for the other tracing backend but just refers to "UST utilities should
be used to list, enable/disable, and dump traces.". Perhaps a few simple
examples could be added to the document so people can at least confirm
everything is working as it should be. Otherwise I'm happy.

Reviewed-by: Alex Bennée 

>
> Mohamad
>
> Mohamad Gebai (3):
>   Fix configure script for LTTng 2.x
>   Modified the tracetool framework for LTTng 2.x.
>   Adapt Makefiles to the new LTTng ust interface.
>
>  Makefile |5 ++
>  configure|9 ++--
>  scripts/tracetool/backend/events.py  |   44 
>  scripts/tracetool/backend/ust.py |   82 
> ++
>  scripts/tracetool/format/ust_events_c.py |   30 +++
>  scripts/tracetool/format/ust_events_h.py |   57 +
>  trace/Makefile.objs  |   29 ++-
>  7 files changed, 183 insertions(+), 73 deletions(-)
>  create mode 100644 scripts/tracetool/format/ust_events_c.py
>  create mode 100644 scripts/tracetool/format/ust_events_h.py


-- 
Alex Bennée

Re: [Qemu-devel] [PATCH v5 0/4] timers thread-safe stuff

[Paolo Bonzini]

Stefan, will you pick this up next week or shall I?

I have patches for thread-safe icount almost ready to post, and I am not
sure through whom they are going to go.

Paolo

Il 25/09/2013 08:20, Liu Ping Fan ha scritto:
> v5:
>   fine rename some variable in patch2&4. 
>   fix commit log for patch1&2
> 
> v4:
>   fix commit log for "protect timers_state's clock with seqlock"  (Thanks for 
> Alex)
> 
> v3:
>   1. rename seqlock_read_check as seqlock_read_retry
>   2. Document timerlist were protected by BQL, and discard private lock 
> around "qemu_event_wait(tl->ev)".
> 
> v2:
>   1. fix comment in commit and code
>   2. fix race issue for qemu_clock_enable(foo,disable)
> 
> 
> Liu Ping Fan (2):
>   timer: protect timers_state's clock with seqlock
>   timer: make qemu_clock_enable sync between disable and timer's cb
> 
> Paolo Bonzini (2):
>   seqlock: introduce read-write seqlock
>   qemu-thread: add QemuEvent
> 
>  cpus.c  |  41 +---
>  include/qemu/seqlock.h  |  72 +++
>  include/qemu/thread-posix.h |   8 +++
>  include/qemu/thread-win32.h |   4 ++
>  include/qemu/thread.h   |   7 +++
>  include/qemu/timer.h|   8 +++
>  qemu-timer.c|  21 +++-
>  util/qemu-thread-posix.c| 116 
> 
>  util/qemu-thread-win32.c|  26 ++
>  9 files changed, 294 insertions(+), 9 deletions(-)
>  create mode 100644 include/qemu/seqlock.h
> 

Re: [Qemu-devel] [PATCH v4 2/3] qemu-timer: make qemu_timer_mod_ns() and qemu_timer_del() thread-safe

[Paolo Bonzini]

Il 30/09/2013 15:34, Alex Bligh ha scritto:
> 
> I think the most likely change here is that the walkers might
> move outside the BQL. Given modification of this list is so rare,
> the lock would be very very read heavy, so RCU is probably a
> sensible option.

I agree.  Keeping the write side on the BQL is sane, but RCU-protecting
the read side actually makes the rules simpler.

Mike, would you like to give it a shot?

Paolo

[Qemu-devel] [PULL 8/8] block: use correct filename

[Stefan Hajnoczi]

From: Dunrong Huang 

The content filename point to may be erased by qemu_opts_absorb_qdict()
in raw_open_common() in drv->bdrv_file_open()

So it's better to use bs->filename.

Signed-off-by: Dunrong Huang 
Reviewed-by: Max Reitz 
Signed-off-by: Stefan Hajnoczi 
---
 block.c | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/block.c b/block.c
index e2d9936..d7ca37e 100644
--- a/block.c
+++ b/block.c
@@ -824,8 +824,8 @@ static int bdrv_open_common(BlockDriverState *bs, 
BlockDriverState *file,
 
 #ifndef _WIN32
 if (bs->is_temporary) {
-assert(filename != NULL);
-unlink(filename);
+assert(bs->filename[0] != '\0');
+unlink(bs->filename);
 }
 #endif
 return 0;
-- 
1.8.3.1

Re: [Qemu-devel] [PATCH 3/4] Refactoring MonitorDef array

[Peter Maydell]

On 7 October 2013 19:11, Fabien Chouteau  wrote:
> On 10/04/2013 07:49 PM, Peter Maydell wrote:
>> On 5 October 2013 01:57, Fabien Chouteau  wrote:
>> >> @@ -47,7 +48,9 @@
>>>  #include "hw/xen/xen.h"
>>>  #include "hw/i386/apic_internal.h"
>>>  #endif
>>> +#include "monitor/monitor_def.h"
>>>
>>> +extern const MonitorDef i386_monitor_defs[];
>>
>> Declare this in cpu-qom.h, rather than having an
>> extern declaration in a .c file.
>>
>
> I didn't manage to do that.

If you just say "I couldn't make that work" with no details,
there isn't much I can say beyond "try harder" :-)
If you say *why* you couldn't get it to work then I'm more
likely to either (a) suggest an approach that will work or
(b) accept that it really does have to be that way...

thanks
-- PMM

[Qemu-devel] [PULL 3/8] block: use correct filename for error report

[Stefan Hajnoczi]

From: Dunrong Huang 

The content filename point to will be erased by qemu_opts_absorb_qdict()
in raw_open_common() in drv->bdrv_file_open()

So it's better to use bs->filename.

Signed-off-by: Dunrong Huang 
Reviewed-by: Max Reitz 
Signed-off-by: Stefan Hajnoczi 
---
 block.c | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/block.c b/block.c
index 93e113a..e2d9936 100644
--- a/block.c
+++ b/block.c
@@ -808,8 +808,8 @@ static int bdrv_open_common(BlockDriverState *bs, 
BlockDriverState *file,
 if (ret < 0) {
 if (error_is_set(&local_err)) {
 error_propagate(errp, local_err);
-} else if (filename) {
-error_setg_errno(errp, -ret, "Could not open '%s'", filename);
+} else if (bs->filename[0]) {
+error_setg_errno(errp, -ret, "Could not open '%s'", bs->filename);
 } else {
 error_setg_errno(errp, -ret, "Could not open image");
 }
-- 
1.8.3.1

[Qemu-devel] [PULL 6/8] qcow2: Free allocated L2 cluster on error

[Stefan Hajnoczi]

From: Max Reitz 

If an error occurs in l2_allocate, the allocated (but unused) L2 cluster
should be freed.

Signed-off-by: Max Reitz 
Reviewed-by: Benoit Canet 
Signed-off-by: Stefan Hajnoczi 
---
 block/qcow2-cluster.c | 4 
 1 file changed, 4 insertions(+)

diff --git a/block/qcow2-cluster.c b/block/qcow2-cluster.c
index 2ed45f0..0fd26bb 100644
--- a/block/qcow2-cluster.c
+++ b/block/qcow2-cluster.c
@@ -273,6 +273,10 @@ fail:
 qcow2_cache_put(bs, s->l2_table_cache, (void**) table);
 }
 s->l1_table[l1_index] = old_l2_offset;
+if (l2_offset > 0) {
+qcow2_free_clusters(bs, l2_offset, s->l2_size * sizeof(uint64_t),
+QCOW2_DISCARD_ALWAYS);
+}
 return ret;
 }
 
-- 
1.8.3.1

[Qemu-devel] [PULL 5/8] qcow2: Switch L1 table in a single sequence

[Stefan Hajnoczi]

From: Max Reitz 

Switching the L1 table in memory should be an atomic operation, as far
as possible. Calling qcow2_free_clusters on the old L1 table on disk is
not a good idea when the old L1 table is no longer valid and the address
to the new one hasn't yet been written into the corresponding
BDRVQcowState field. To be more specific, this can lead to segfaults due
to qcow2_check_metadata_overlap trying to access the L1 table during the
free operation.

Signed-off-by: Max Reitz 
Reviewed-by: Eric Blake 
Reviewed-by: Kevin Wolf 
Signed-off-by: Stefan Hajnoczi 
---
 block/qcow2-cluster.c | 7 +--
 1 file changed, 5 insertions(+), 2 deletions(-)

diff --git a/block/qcow2-cluster.c b/block/qcow2-cluster.c
index 39323ac..2ed45f0 100644
--- a/block/qcow2-cluster.c
+++ b/block/qcow2-cluster.c
@@ -35,6 +35,7 @@ int qcow2_grow_l1_table(BlockDriverState *bs, uint64_t 
min_size,
 BDRVQcowState *s = bs->opaque;
 int new_l1_size2, ret, i;
 uint64_t *new_l1_table;
+int64_t old_l1_table_offset, old_l1_size;
 int64_t new_l1_table_offset, new_l1_size;
 uint8_t data[12];
 
@@ -106,11 +107,13 @@ int qcow2_grow_l1_table(BlockDriverState *bs, uint64_t 
min_size,
 goto fail;
 }
 g_free(s->l1_table);
-qcow2_free_clusters(bs, s->l1_table_offset, s->l1_size * sizeof(uint64_t),
-QCOW2_DISCARD_OTHER);
+old_l1_table_offset = s->l1_table_offset;
 s->l1_table_offset = new_l1_table_offset;
 s->l1_table = new_l1_table;
+old_l1_size = s->l1_size;
 s->l1_size = new_l1_size;
+qcow2_free_clusters(bs, old_l1_table_offset, old_l1_size * 
sizeof(uint64_t),
+QCOW2_DISCARD_OTHER);
 return 0;
  fail:
 g_free(new_l1_table);
-- 
1.8.3.1

[Qemu-devel] [PULL 4/8] block: vhdx - add migration blocker

[Stefan Hajnoczi]

From: Jeff Cody 

This blocks migration for VHDX image files, until the
functionality can be supported.

Signed-off-by: Jeff Cody 
Signed-off-by: Stefan Hajnoczi 
---
 block/vhdx.c | 10 ++
 1 file changed, 10 insertions(+)

diff --git a/block/vhdx.c b/block/vhdx.c
index b8aa49c..6cb0412 100644
--- a/block/vhdx.c
+++ b/block/vhdx.c
@@ -20,6 +20,7 @@
 #include "qemu/module.h"
 #include "qemu/crc32c.h"
 #include "block/vhdx.h"
+#include "migration/migration.h"
 
 
 /* Several metadata and region table data entries are identified by
@@ -159,6 +160,7 @@ typedef struct BDRVVHDXState {
 VHDXParentLocatorHeader parent_header;
 VHDXParentLocatorEntry *parent_entries;
 
+Error *migration_blocker;
 } BDRVVHDXState;
 
 uint32_t vhdx_checksum_calc(uint32_t crc, uint8_t *buf, size_t size,
@@ -806,6 +808,12 @@ static int vhdx_open(BlockDriverState *bs, QDict *options, 
int flags,
 
 /* TODO: differencing files, write */
 
+/* Disable migration when VHDX images are used */
+error_set(&s->migration_blocker,
+QERR_BLOCK_FORMAT_FEATURE_NOT_SUPPORTED,
+"vhdx", bs->device_name, "live migration");
+migrate_add_blocker(s->migration_blocker);
+
 return 0;
 fail:
 qemu_vfree(s->headers[0]);
@@ -952,6 +960,8 @@ static void vhdx_close(BlockDriverState *bs)
 qemu_vfree(s->headers[1]);
 qemu_vfree(s->bat);
 qemu_vfree(s->parent_entries);
+migrate_del_blocker(s->migration_blocker);
+error_free(s->migration_blocker);
 }
 
 static BlockDriver bdrv_vhdx = {
-- 
1.8.3.1

[Qemu-devel] [PULL 2/8] qcow2: CHECK_OFLAG_COPIED is obsolete

[Stefan Hajnoczi]

From: Max Reitz 

CHECK_OFLAG_COPIED as a parameter to check_refcounts_l1 and
check_refcounts_l2 is obselete now, since the OFLAG_COPIED consistency
check is actually no longer performed by these functions (but by
check_oflag_copied).

Signed-off-by: Max Reitz 
Reviewed-by: Kevin Wolf 
Signed-off-by: Stefan Hajnoczi 
---
 block/qcow2-refcount.c | 4 +---
 1 file changed, 1 insertion(+), 3 deletions(-)

diff --git a/block/qcow2-refcount.c b/block/qcow2-refcount.c
index 364eeba..2d67885 100644
--- a/block/qcow2-refcount.c
+++ b/block/qcow2-refcount.c
@@ -1034,7 +1034,6 @@ static void inc_refcounts(BlockDriverState *bs,
 
 /* Flags for check_refcounts_l1() and check_refcounts_l2() */
 enum {
-CHECK_OFLAG_COPIED = 0x1,   /* check QCOW_OFLAG_COPIED matches refcount */
 CHECK_FRAG_INFO = 0x2,  /* update BlockFragInfo counters */
 };
 
@@ -1481,8 +1480,7 @@ int qcow2_check_refcounts(BlockDriverState *bs, 
BdrvCheckResult *res,
 
 /* current L1 table */
 ret = check_refcounts_l1(bs, res, refcount_table, nb_clusters,
- s->l1_table_offset, s->l1_size,
- CHECK_OFLAG_COPIED | CHECK_FRAG_INFO);
+ s->l1_table_offset, s->l1_size, CHECK_FRAG_INFO);
 if (ret < 0) {
 goto fail;
 }
-- 
1.8.3.1

[Qemu-devel] [PULL 7/8] qemu-iotests: Correct 026 output

[Stefan Hajnoczi]

From: Max Reitz 

Because l2_allocate now frees the unused L2 cluster on error, the
according test cases in 026 don't result in one leaked cluster anymore.

Signed-off-by: Max Reitz 
Signed-off-by: Stefan Hajnoczi 
---
 tests/qemu-iotests/026.out | 32 
 tests/qemu-iotests/026.out.nocache | 32 
 2 files changed, 16 insertions(+), 48 deletions(-)

diff --git a/tests/qemu-iotests/026.out b/tests/qemu-iotests/026.out
index 0764389..1504579 100644
--- a/tests/qemu-iotests/026.out
+++ b/tests/qemu-iotests/026.out
@@ -5,16 +5,12 @@ Formatting 'TEST_DIR/t.IMGFMT', fmt=IMGFMT size=1073741824
 
 Event: l1_update; errno: 5; imm: off; once: on; write 
 write failed: Input/output error
-
-1 leaked clusters were found on the image.
-This means waste of disk space, but no harm to data.
+No errors were found on the image.
 Formatting 'TEST_DIR/t.IMGFMT', fmt=IMGFMT size=1073741824 
 
 Event: l1_update; errno: 5; imm: off; once: on; write -b
 write failed: Input/output error
-
-1 leaked clusters were found on the image.
-This means waste of disk space, but no harm to data.
+No errors were found on the image.
 Formatting 'TEST_DIR/t.IMGFMT', fmt=IMGFMT size=1073741824 
 
 Event: l1_update; errno: 5; imm: off; once: off; write 
@@ -33,16 +29,12 @@ Formatting 'TEST_DIR/t.IMGFMT', fmt=IMGFMT size=1073741824
 
 Event: l1_update; errno: 28; imm: off; once: on; write 
 write failed: No space left on device
-
-1 leaked clusters were found on the image.
-This means waste of disk space, but no harm to data.
+No errors were found on the image.
 Formatting 'TEST_DIR/t.IMGFMT', fmt=IMGFMT size=1073741824 
 
 Event: l1_update; errno: 28; imm: off; once: on; write -b
 write failed: No space left on device
-
-1 leaked clusters were found on the image.
-This means waste of disk space, but no harm to data.
+No errors were found on the image.
 Formatting 'TEST_DIR/t.IMGFMT', fmt=IMGFMT size=1073741824 
 
 Event: l1_update; errno: 28; imm: off; once: off; write 
@@ -181,16 +173,12 @@ Formatting 'TEST_DIR/t.IMGFMT', fmt=IMGFMT size=1073741824
 
 Event: l2_alloc.write; errno: 5; imm: off; once: on; write 
 write failed: Input/output error
-
-1 leaked clusters were found on the image.
-This means waste of disk space, but no harm to data.
+No errors were found on the image.
 Formatting 'TEST_DIR/t.IMGFMT', fmt=IMGFMT size=1073741824 
 
 Event: l2_alloc.write; errno: 5; imm: off; once: on; write -b
 write failed: Input/output error
-
-1 leaked clusters were found on the image.
-This means waste of disk space, but no harm to data.
+No errors were found on the image.
 Formatting 'TEST_DIR/t.IMGFMT', fmt=IMGFMT size=1073741824 
 
 Event: l2_alloc.write; errno: 5; imm: off; once: off; write 
@@ -207,16 +195,12 @@ Formatting 'TEST_DIR/t.IMGFMT', fmt=IMGFMT size=1073741824
 
 Event: l2_alloc.write; errno: 28; imm: off; once: on; write 
 write failed: No space left on device
-
-1 leaked clusters were found on the image.
-This means waste of disk space, but no harm to data.
+No errors were found on the image.
 Formatting 'TEST_DIR/t.IMGFMT', fmt=IMGFMT size=1073741824 
 
 Event: l2_alloc.write; errno: 28; imm: off; once: on; write -b
 write failed: No space left on device
-
-1 leaked clusters were found on the image.
-This means waste of disk space, but no harm to data.
+No errors were found on the image.
 Formatting 'TEST_DIR/t.IMGFMT', fmt=IMGFMT size=1073741824 
 
 Event: l2_alloc.write; errno: 28; imm: off; once: off; write 
diff --git a/tests/qemu-iotests/026.out.nocache 
b/tests/qemu-iotests/026.out.nocache
index 33bad0d..c9d242e 100644
--- a/tests/qemu-iotests/026.out.nocache
+++ b/tests/qemu-iotests/026.out.nocache
@@ -5,16 +5,12 @@ Formatting 'TEST_DIR/t.IMGFMT', fmt=IMGFMT size=1073741824
 
 Event: l1_update; errno: 5; imm: off; once: on; write 
 write failed: Input/output error
-
-1 leaked clusters were found on the image.
-This means waste of disk space, but no harm to data.
+No errors were found on the image.
 Formatting 'TEST_DIR/t.IMGFMT', fmt=IMGFMT size=1073741824 
 
 Event: l1_update; errno: 5; imm: off; once: on; write -b
 write failed: Input/output error
-
-1 leaked clusters were found on the image.
-This means waste of disk space, but no harm to data.
+No errors were found on the image.
 Formatting 'TEST_DIR/t.IMGFMT', fmt=IMGFMT size=1073741824 
 
 Event: l1_update; errno: 5; imm: off; once: off; write 
@@ -33,16 +29,12 @@ Formatting 'TEST_DIR/t.IMGFMT', fmt=IMGFMT size=1073741824
 
 Event: l1_update; errno: 28; imm: off; once: on; write 
 write failed: No space left on device
-
-1 leaked clusters were found on the image.
-This means waste of disk space, but no harm to data.
+No errors were found on the image.
 Formatting 'TEST_DIR/t.IMGFMT', fmt=IMGFMT size=1073741824 
 
 Event: l1_update; errno: 28; imm: off; once: on; write -b
 write failed: No space left on device
-
-1 leaked clusters were found on the image.
-This means waste of disk space, but no harm to da

[Qemu-devel] [PULL 0/8] Block patches

[Stefan Hajnoczi]

The following changes since commit a684f3cf9b9b9c3cb82be87aafc463de8974610c:

  Merge remote-tracking branch 'kraxel/seabios-1.7.3.2' into staging 
(2013-09-30 17:15:27 -0500)

are available in the git repository at:


  git://github.com/stefanha/qemu.git block

for you to fetch changes up to d4cea8dfb99153803164915c7a1109549ad3da9c:

  block: use correct filename (2013-10-07 13:23:19 +0200)


Dunrong Huang (2):
  block: use correct filename for error report
  block: use correct filename

Jeff Cody (1):
  block: vhdx - add migration blocker

Max Reitz (5):
  qcow2: Correct endianness in overlap check
  qcow2: CHECK_OFLAG_COPIED is obsolete
  qcow2: Switch L1 table in a single sequence
  qcow2: Free allocated L2 cluster on error
  qemu-iotests: Correct 026 output

 block.c|  8 
 block/qcow2-cluster.c  | 11 +--
 block/qcow2-refcount.c |  8 +++-
 block/vhdx.c   | 10 ++
 tests/qemu-iotests/026.out | 32 
 tests/qemu-iotests/026.out.nocache | 32 
 6 files changed, 42 insertions(+), 59 deletions(-)

-- 
1.8.3.1

[Qemu-devel] [PULL 1/8] qcow2: Correct endianness in overlap check

[Stefan Hajnoczi]

From: Max Reitz 

If an inactive L1 table is loaded from disk, its entries are in big
endian and have to be converted to host byte order before using them.

Signed-off-by: Max Reitz 
Reviewed-by: Kevin Wolf 
Signed-off-by: Stefan Hajnoczi 
---
 block/qcow2-refcount.c | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/block/qcow2-refcount.c b/block/qcow2-refcount.c
index d2b7064..364eeba 100644
--- a/block/qcow2-refcount.c
+++ b/block/qcow2-refcount.c
@@ -1733,8 +1733,8 @@ int qcow2_check_metadata_overlap(BlockDriverState *bs, 
int chk, int64_t offset,
 }
 
 for (j = 0; j < l1_sz; j++) {
-if ((l1[j] & L1E_OFFSET_MASK) &&
-overlaps_with(l1[j] & L1E_OFFSET_MASK, s->cluster_size)) {
+uint64_t l2_ofs = be64_to_cpu(l1[j]) & L1E_OFFSET_MASK;
+if (l2_ofs && overlaps_with(l2_ofs, s->cluster_size)) {
 g_free(l1);
 return QCOW2_OL_INACTIVE_L2;
 }
-- 
1.8.3.1

Re: [Qemu-devel] [PATCH RFC 04/11] s390/qemu: cpu model cpu facilitiy support

[Michael Mueller]

On Thu, 03 Oct 2013 07:53:02 -0700
Richard Henderson  wrote:

> On 10/02/2013 04:33 AM, Michael Mueller wrote:
> > +/* set a specific bit in facility set */
> > +static void set_facility(unsigned int nr, void *facilities)
> > +{
> > +unsigned char *ptr;
> > +
> > +if (nr >= MAX_S390_FACILITY_BIT) {
> > +return;
> > +}
> > +ptr = (unsigned char *) facilities + (nr >> 3);
> > +*ptr |= (0x80 >> (nr & 7));
> > +}
> 
> I'd like to see this done in a host endian independent way.

valid point, I will address that.

> 
> See my recent patch set to add facility support to the tcg side
> of target-s390, with which this patch set is going to conflict.

I saw it, that's why I've pushed this patch set out for RFC.

> 
> Is there a good reason not to compute these facility masks at
> compile-time?  See
> 
>  http://patchwork.ozlabs.org/patch/279534/
> 
> where I have pre-computed (possibly incomplete) facilities lists
> for the major cpu revisions.

Your facilities lists have been derived from constants introduced in head.S. 
They represent model
specific "required" facilities. That does not necessarily mean for all of them 
that they have
been introduced with the respective model. Some have been introduced already 
with model: N-1, GA>1

> 
> It just seems like your facility_availability array is the wrong
> way to go about things, taking up more memory and startup time
> than necessary.
> 

The reason why I represent them in the data segment is that they are are not 
considered as
constants in the s390 system perspective. I plan to be able to simulate 
firmware migration that
introduce new facility bits without the need of restarting the guest OS.

A second reason for using 2k of memory here is to fully represent the 
facilities as defined
in the s390x architecture. The SIE state needs it and I want to represent it 
identically in user
space and KVM. Otherwise I would need a specific interface just for the 
facilities.

I will consider to alternatively use your way of FAC definition, but still that 
would include a
copy.

In regard to the startup time, I will figure out what the overhead is.

Thanks a lot!
Michael
> 
> r~
> 

Re: [Qemu-devel] [PATCHv3 00/20] block: logical block provisioning enhancements

[Paolo Bonzini]

Il 07/10/2013 10:42, Stefan Hajnoczi ha scritto:
> Could you make bdrv_co_write_zeroes() always use UNMAP, if possible, and
> avoid adding the new BDRV_REQ_MAY_UNMAP flag?  While reading the first
> few patches in this series I wondered why there is a need to expose
> flags at all...
> 
> Sometimes it is useful to distinguish between zeroing at the image
> format level from discarding at the device level, but I don't think we
> make use of that yet.  I'd prefer to keep the interface simple for now
> and add flags later, if necessary.
> 
> Or maybe I just missed something ;)

The flag is needed to implement the right semantics for the SCSI WRITE
SAME command, which are:

- if the UNMAP bit is off, always write the sectors (that's
bdrv_aio_write_zeroes without BDRV_REQ_MAY_UNMAP if the payload is zero,
otherwise it's emulated with bdrv_aio_writev)

- if the target can "discard and write the specified payload", you can
discard, else you must write the sectors with the correct payload
(that's bdrv_aio_write_zeroes with BDRV_REQ_MAY_UNMAP).

Contrast this with the UNMAP command, which does not make any guarantee
on the content of the sectors after the command is completed (a few
months ago we agreed that, even if you have discard_zeroes=true in the
target, it is fine for UNMAP to do nothing).

Paolo

[Qemu-devel] [PATCH v9 01/27] cleanup object.h: include error.h directly

[Michael S. Tsirkin]

From: Igor Mammedov 

qapi/error.h is simple enough to be included in qom/object.h
direcly and prepares qom/object.h to use Error typedef.

Signed-off-by: Igor Mammedov 
Signed-off-by: Michael S. Tsirkin 
---
 include/qom/object.h | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/include/qom/object.h b/include/qom/object.h
index 1a7b71a..d9a0063 100644
--- a/include/qom/object.h
+++ b/include/qom/object.h
@@ -18,9 +18,9 @@
 #include 
 #include 
 #include "qemu/queue.h"
+#include "qapi/error.h"
 
 struct Visitor;
-struct Error;
 
 struct TypeImpl;
 typedef struct TypeImpl *Type;
-- 
MST

Re: [Qemu-devel] [PATCH 4/4] Add ARM registers definitions for Monitor commands

[Fabien Chouteau]

On 10/04/2013 07:52 PM, Peter Maydell wrote:
>> +#include "monitor/monitor_def.h"
>> +
>> +const MonitorDef arm_monitor_defs[] = {
>> +{ "r0", offsetof(CPUARMState, regs[0])  },
>> +{ "r1", offsetof(CPUARMState, regs[1])  },
> 
> These fields are all 32 bits, not target_long,
> so they need to be marked as MD_I32. (If you build an
> aarch64-softmmu target then it will have target_long be
> 64 bit but still support all the 32 bit CPUs, so it does
> make a difference.)
> 

OK, I'll mark them MD_I32.

-- 
Fabien Chouteau

Re: [Qemu-devel] [PATCH 3/4] Refactoring MonitorDef array

[Fabien Chouteau]

On 10/04/2013 07:49 PM, Peter Maydell wrote:
> On 5 October 2013 01:57, Fabien Chouteau  wrote:
> >> @@ -47,7 +48,9 @@
>>  #include "hw/xen/xen.h"
>>  #include "hw/i386/apic_internal.h"
>>  #endif
>> +#include "monitor/monitor_def.h"
>>
>> +extern const MonitorDef i386_monitor_defs[];
> 
> Declare this in cpu-qom.h, rather than having an
> extern declaration in a .c file.
> 

I didn't manage to do that.

> 
>> --- a/target-sparc/cpu-qom.h
>> +++ b/target-sparc/cpu-qom.h
>> @@ -21,7 +21,6 @@
>>  #define QEMU_SPARC_CPU_QOM_H
>>
>>  #include "qom/cpu.h"
>> -#include "cpu.h"
> 
> ...why have you deleted this #include ?
> 

I thought I added it myself, that's why I removed it.

-- 
Fabien Chouteau

Re: [Qemu-devel] [PATCH v3 0/8] hw/pci: set irq without selecting INTx pin

[Michael S. Tsirkin]

On Mon, Oct 07, 2013 at 10:36:33AM +0300, Marcel Apfelbaum wrote:
> Interrupt pin is selected and saved into PCI_INTERRUPT_PIN
> register during device initialization. Devices should not call
> directly qemu_set_irq and specify the INTx pin.
> 
> Added pci_* wrappers to replace qemu_set_irq, qemu_irq_raise,
> qemu_irq_lower and qemu_irq_pulse, setting the irq
> based on PCI_INTERRUPT_PIN.
> 
> Added interface to allocate and free single irq.
> Added pci_allocate_irq wrapper to be used by devices that
> still need PCIDevice infrastructure to assert irqs.
> 
> Removed irq field from PCIDevice, not needed anymore.
> 
> Special cases of replacements were done in separate patches,
> all others in one patch "hw: set interrupts using pci irq wrappers"

OK so 
Acked-by: Michael S. Tsirkin 

Let's wait for some acks, then I'll merge this.

> Changes from v2:
>  - Addressed Michael S. Tsirkin's comments:
>- Terminate comments by "."
>- Add "fixme" comment to pci_irq_pulse
>  - Addressed Paolo Bonzini's comment:
>- fixed implementation of pci_irq_pulse
>  - Addressed Alex Williamson's comments
>- replaced pci_irq_raise/lower with
>  pci_irq_assert/deassert
>- replaced calls to pci_set_irq with
>  pci_irq_assert/deassert when possible
>  - Addressed Gerd Hoffmann's comment
>- removed irq_pin from UHCIState state
>  because it is not used anymore
>  
>  - Fixed a bug in vmxnet3 (deassert was replaced by an assert)
> 
> Changes from v1:
>  - Addressed Michael S. Tsirkin's comments:
>- pci_set_irq directly calls pci_irq handler
>- removed irq field from PCIDevice
>  - Added qemu interface to allocate single irq
>  - Added pci wrappers to allocate and free pci irq
>  - Added pci irq wrappers for all qemu methods
>setting irq and not only qemu_set_irq 
>  - Replace all qemu irq setters with pci
>wrappers
> 
> Marcel Apfelbaum (9):
>   hw/core: Add interface to allocate and free a single IRQ
>   hw/pci: add pci wrappers for allocating and asserting irqs
>   hw/pci-bridge: set PCI_INTERRUPT_PIN register before shpc init
>   hw/vmxnet3: set interrupts using pci irq wrappers
>   hw/vfio: set interrupts using pci irq wrappers
>   hw: set interrupts using pci irq wrappers
>   hw/pcie: AER and hot-plug events must use device's interrupt
>   hw/pci: removed irq field from PCIDevice
> 
>  hw/audio/ac97.c|  4 ++--
>  hw/audio/es1370.c  |  4 ++--
>  hw/audio/intel-hda.c   |  2 +-
>  hw/block/nvme.c|  2 +-
>  hw/char/serial-pci.c   |  5 +++--
>  hw/char/tpci200.c  |  8 
>  hw/core/irq.c  | 16 
>  hw/display/qxl.c   |  2 +-
>  hw/ide/cmd646.c|  2 +-
>  hw/ide/ich.c   |  3 ++-
>  hw/isa/vt82c686.c  |  2 +-
>  hw/misc/ivshmem.c  |  2 +-
>  hw/misc/vfio.c | 11 ++-
>  hw/net/e1000.c |  2 +-
>  hw/net/eepro100.c  |  4 ++--
>  hw/net/ne2000.c|  3 ++-
>  hw/net/pcnet-pci.c |  3 ++-
>  hw/net/rtl8139.c   |  2 +-
>  hw/net/vmxnet3.c   | 13 +++--
>  hw/pci-bridge/pci_bridge_dev.c |  2 +-
>  hw/pci/pci.c   | 26 +-
>  hw/pci/pcie.c  |  4 ++--
>  hw/pci/pcie_aer.c  |  4 ++--
>  hw/pci/shpc.c  |  2 +-
>  hw/scsi/esp-pci.c  |  3 ++-
>  hw/scsi/lsi53c895a.c   |  2 +-
>  hw/scsi/megasas.c  |  6 +++---
>  hw/scsi/vmw_pvscsi.c   |  2 +-
>  hw/usb/hcd-ehci-pci.c  |  2 +-
>  hw/usb/hcd-ohci.c  |  2 +-
>  hw/usb/hcd-uhci.c  |  6 ++
>  hw/usb/hcd-xhci.c  |  7 ++-
>  hw/virtio/virtio-pci.c |  4 ++--
>  include/hw/irq.h   |  7 +++
>  include/hw/pci/pci.h   | 26 +++---
>  include/hw/pci/pcie.h  | 18 --
>  36 files changed, 132 insertions(+), 81 deletions(-)
> 
> -- 
> 1.8.3.1

Re: [Qemu-devel] [PATCH] migration: drop MADVISE_DONT_NEED for incoming zero pages

[Andreas Färber]

Am 07.10.2013 11:22, schrieb Peter Lieven:
> The madvise for zeroed out pages was introduced when every transferred
> zero page was memset to zero and thus allocated. Since commit
> 211ea740 we check for zeroness of a target page before we memset
> it to zero. Additionally we memmap target memory so it is essentially
> zero initalized (except for e.g. option roms and bios which are loaded

"initialized"

> into target memory altough they shouldn't). 

"although"

> 
> It was reported recently that this madvise causes a performance degradation
> in some situations. As the madvise should only be called rarely and if its 
> called

"it's"

> it is likely on a busy page (it was non-zero and changed to zero during 
> migration)
> drop it completely.
> 
> Signed-off-by: Peter Lieven 
> Reported-By: Zhang Haoyu 

Please case "Reported-by" and place above Sob.

Juan, will you be picking this one up or do we need a respin?

Cheers,
Andreas

> ---
>  arch_init.c |8 
>  1 file changed, 8 deletions(-)
> 
> diff --git a/arch_init.c b/arch_init.c
> index 7545d96..e0acbc5 100644
> --- a/arch_init.c
> +++ b/arch_init.c
> @@ -850,14 +850,6 @@ void ram_handle_compressed(void *host, uint8_t ch, 
> uint64_t size)
>  {
>  if (ch != 0 || !is_zero_range(host, size)) {
>  memset(host, ch, size);
> -#ifndef _WIN32
> -if (ch == 0 && (!kvm_enabled() || kvm_has_sync_mmu())) {
> -size = size & ~(getpagesize() - 1);
> -if (size > 0) {
> -qemu_madvise(host, size, QEMU_MADV_DONTNEED);
> -}
> -}
> -#endif
>  }
>  }
>  
> 


-- 
SUSE LINUX Products GmbH, Maxfeldstr. 5, 90409 Nürnberg, Germany
GF: Jeff Hawn, Jennifer Guild, Felix Imendörffer; HRB 16746 AG Nürnberg

Re: [Qemu-devel] [Bug 1100843] Re: Live Migration Causes Performance Issues

[Paolo Bonzini]

Il 07/10/2013 11:49, Peter Lieven ha scritto:
>> It's in general not easy to do this if you take non-x86 targets into
>> account.
> What about the dirty way to zero out all non zero pages at the beginning of
> ram_load?

I'm not sure I follow?

Paolo

[Qemu-devel] [PATCH v9 26/27] ssdt-proc: update generated file

[Michael S. Tsirkin]

Update generated ssdt proc hex file (used for systems
lacking IASL) after P_BLK length change.

Reviewed-by: Gerd Hoffmann 
Tested-by: Gerd Hoffmann 
Signed-off-by: Michael S. Tsirkin 
---
 hw/i386/ssdt-proc.hex.generated | 10 +-
 1 file changed, 5 insertions(+), 5 deletions(-)

diff --git a/hw/i386/ssdt-proc.hex.generated b/hw/i386/ssdt-proc.hex.generated
index a28172e..bb9920d 100644
--- a/hw/i386/ssdt-proc.hex.generated
+++ b/hw/i386/ssdt-proc.hex.generated
@@ -11,7 +11,7 @@ static unsigned char ssdp_proc_aml[] = {
 0x0,
 0x0,
 0x1,
-0xb3,
+0xb8,
 0x42,
 0x58,
 0x50,
@@ -34,9 +34,9 @@ static unsigned char ssdp_proc_aml[] = {
 0x4e,
 0x54,
 0x4c,
-0x28,
-0x5,
-0x10,
+0x23,
+0x8,
+0x13,
 0x20,
 0x5b,
 0x83,
@@ -51,7 +51,7 @@ static unsigned char ssdp_proc_aml[] = {
 0xb0,
 0x0,
 0x0,
-0x6,
+0x0,
 0x8,
 0x49,
 0x44,
-- 
MST

Re: [Qemu-devel] [Bug 1100843] Re: Live Migration Causes Performance Issues

[Peter Lieven]

On 07.10.2013 11:37, Paolo Bonzini wrote:

Il 07/10/2013 08:38, Peter Lieven ha scritto:

On 06.10.2013 15:57, Zhang Haoyu wrote:

>From my testing this has been fixed in the saucy version (1.5.0) of

qemu. It is fixed by this patch:

f1c72795af573b24a7da5eb52375c9aba8a37972

However later in the history this commit was reverted, and again broke

this. The other commit that fixes this is:

211ea74022f51164a7729030b28eec90b6c99a08


See below post,please.
https://lists.gnu.org/archive/html/qemu-devel/2013-08/msg05062.html

I would still like to fix qemu to not load roms etc. if we set up a
migration target. In this case
we could drop the madvise, skip the checking for zero pages and also
could avoid sending
zero pages at all. It would be the cleanest solution.

It's in general not easy to do this if you take non-x86 targets into
account.

What about the dirty way to zero out all non zero pages at the beginning of
ram_load?

Peter

[Qemu-devel] [Bug 1235306] Re: Wrong memory viewer in 16 bit mode (Debugging BIOS OptionROM)

[Leonid Myravjev]

I apologize for the stupid ticket.
Problem with a bad GDB configuration.


** Changed in: qemu
   Status: New => Invalid

-- 
You received this bug notification because you are a member of qemu-
devel-ml, which is subscribed to QEMU.
https://bugs.launchpad.net/bugs/1235306

Title:
  Wrong memory viewer in 16 bit mode (Debugging BIOS OptionROM)

Status in QEMU:
  Invalid

Bug description:
  Hi.

  I would like tracing on OptionROM program in gdb.
  I make loop on OptionROM kind:

  Label:
   nop
   nop
   nop
   nop
   jmp Label

  I build it for .286 (16 bit mode). I get LST file:
  144 00CA   Label  proc far; CODE XREF: seg000:0003
  145 00CA  90   nop
  146 00CB  90   nop
  147 00CC  90   nop
  148 00CD  90   nop
  149 00CE  90   nop
  150 00CF  EB F9  jmp   Label

  I run it from QEMU, wait looping and attach GDB.
  I saw: (when I type "stepi")

  0x00cb in ?? ()
  0x00cc in ?? ()
  0x00cd in ?? ()
  0x00ce in ?? ()
  0x00cf in ?? ()
  0x00ca in ?? ()
  0x00cb in ?? ()
  0x00cc in ?? ()

  It is a loop "nop" cycle.
  I make disassable this code and saw:

  => 0x00ca:add%dh,%al
 0x00cc:push   %ebx
 0x00cd:incl   (%eax)
 0x00cf:lock push %ebx
 0x00d1:incl   (%eax)
 0x00d3:lock push %ebx
 0x00d5:incl   (%eax)
 0x00d7:lock push %ebx

  (gdb) x /16xw 0xca
  0xca: 0xff53f000  0xff53f000  0xff53f000  0xff53f000
  0xda: 0xff53f000  0xff53f000  0xff53f000  0xff53f000
  0xea: 0xff53f000  0xff53f000  0xff53f000  0xff53f000
  0xfa: 0xff53f000  0xec59f000  0xff53f000  0xff53f000

  From QEMU shell I wrote and saw:
  (QEMU) x /16w 0xca
  00ca: 0xff53f000 0xff53f000 0xff53f000 0xff53f000
  00da: 0xff53f000 0xff53f000 0xff53f000 0xff53f000
  00ea: 0xff53f000 0xff53f000 0xff53f000 0xff53f000
  00fa: 0xff53f000 0xec59f000 0xff53f000 0xff53f000

  I try change source code:
  set *0xca=0x90909090
  set *0xca=0x90909090

  But remained in the cycle turns:
  0x00cf in ?? ()
  0x00ca in ?? ()
  0x00cb in ?? ()
  0x00cc in ?? ()
  0x00cd in ?? ()
  0x00ce in ?? ()
  0x00cf in ?? ()
  0x00ca in ?? ()

  Clearly that QEMU executes code in another memory area.
  How do I find address? How do I can switch the QEMU on valid offset?

To manage notifications about this bug go to:
https://bugs.launchpad.net/qemu/+bug/1235306/+subscriptions

Re: [Qemu-devel] [PATCH] migration: drop MADVISE_DONT_NEED for incoming zero pages

[Paolo Bonzini]

Il 07/10/2013 11:22, Peter Lieven ha scritto:
> The madvise for zeroed out pages was introduced when every transferred
> zero page was memset to zero and thus allocated. Since commit
> 211ea740 we check for zeroness of a target page before we memset
> it to zero. Additionally we memmap target memory so it is essentially
> zero initalized (except for e.g. option roms and bios which are loaded
> into target memory altough they shouldn't). 
> 
> It was reported recently that this madvise causes a performance degradation
> in some situations. As the madvise should only be called rarely and if its 
> called
> it is likely on a busy page (it was non-zero and changed to zero during 
> migration)
> drop it completely.
> 
> Signed-off-by: Peter Lieven 
> Reported-By: Zhang Haoyu 
> ---
>  arch_init.c |8 
>  1 file changed, 8 deletions(-)
> 
> diff --git a/arch_init.c b/arch_init.c
> index 7545d96..e0acbc5 100644
> --- a/arch_init.c
> +++ b/arch_init.c
> @@ -850,14 +850,6 @@ void ram_handle_compressed(void *host, uint8_t ch, 
> uint64_t size)
>  {
>  if (ch != 0 || !is_zero_range(host, size)) {
>  memset(host, ch, size);
> -#ifndef _WIN32
> -if (ch == 0 && (!kvm_enabled() || kvm_has_sync_mmu())) {
> -size = size & ~(getpagesize() - 1);
> -if (size > 0) {
> -qemu_madvise(host, size, QEMU_MADV_DONTNEED);
> -}
> -}
> -#endif
>  }
>  }
>  
> 

Acked-by: Paolo Bonzini 

[Qemu-devel] [PATCH v9 22/27] pvpanic: add API to access io port

[Michael S. Tsirkin]

Add API to find pvpanic device and get its io port.
Will be used to fill in guest info structure.

Reviewed-by: Gerd Hoffmann 
Tested-by: Gerd Hoffmann 
Signed-off-by: Michael S. Tsirkin 
---
 include/hw/i386/pc.h |  1 +
 hw/misc/pvpanic.c| 13 -
 2 files changed, 13 insertions(+), 1 deletion(-)

diff --git a/include/hw/i386/pc.h b/include/hw/i386/pc.h
index 95857be..e3ee0a8 100644
--- a/include/hw/i386/pc.h
+++ b/include/hw/i386/pc.h
@@ -235,6 +235,7 @@ void pc_system_firmware_init(MemoryRegion *rom_memory,
 
 /* pvpanic.c */
 void pvpanic_init(ISABus *bus);
+uint16_t pvpanic_port(void);
 
 /* e820 types */
 #define E820_RAM1
diff --git a/hw/misc/pvpanic.c b/hw/misc/pvpanic.c
index b64e3bb..226e298 100644
--- a/hw/misc/pvpanic.c
+++ b/hw/misc/pvpanic.c
@@ -117,8 +117,19 @@ void pvpanic_init(ISABus *bus)
 isa_create_simple(bus, TYPE_ISA_PVPANIC_DEVICE);
 }
 
+#define PVPANIC_IOPORT_PROP "ioport"
+
+uint16_t pvpanic_port(void)
+{
+Object *o = object_resolve_path_type("", TYPE_ISA_PVPANIC_DEVICE, NULL);
+if (!o) {
+return 0;
+}
+return object_property_get_int(o, PVPANIC_IOPORT_PROP, NULL);
+}
+
 static Property pvpanic_isa_properties[] = {
-DEFINE_PROP_UINT16("ioport", PVPanicState, ioport, 0x505),
+DEFINE_PROP_UINT16(PVPANIC_IOPORT_PROP, PVPanicState, ioport, 0x505),
 DEFINE_PROP_END_OF_LIST(),
 };
 
-- 
MST

[Qemu-devel] [PATCH v9 21/27] ich9: APIs for pc guest info

[Michael S. Tsirkin]

This adds APIs that will be used to fill in
acpi tables, implemented using QOM,
to various ich9 components.
Some information is still missing in QOM,
so we fall back on lookups by type instead.

Reviewed-by: Gerd Hoffmann 
Tested-by: Gerd Hoffmann 
Signed-off-by: Michael S. Tsirkin 
---
 include/hw/acpi/ich9.h|  2 ++
 include/hw/i386/ich9.h|  2 ++
 include/hw/pci-host/q35.h |  2 ++
 hw/acpi/ich9.c| 24 
 hw/isa/lpc_ich9.c | 40 
 hw/pci-host/q35.c | 10 ++
 6 files changed, 80 insertions(+)

diff --git a/include/hw/acpi/ich9.h b/include/hw/acpi/ich9.h
index b1fe71f..82fcf9f 100644
--- a/include/hw/acpi/ich9.h
+++ b/include/hw/acpi/ich9.h
@@ -49,4 +49,6 @@ void ich9_pm_init(PCIDevice *lpc_pci, ICH9LPCPMRegs *pm,
 void ich9_pm_iospace_update(ICH9LPCPMRegs *pm, uint32_t pm_io_base);
 extern const VMStateDescription vmstate_ich9_pm;
 
+void ich9_pm_add_properties(Object *obj, ICH9LPCPMRegs *pm, Error **errp);
+
 #endif /* HW_ACPI_ICH9_H */
diff --git a/include/hw/i386/ich9.h b/include/hw/i386/ich9.h
index c5f637b..4a68b35 100644
--- a/include/hw/i386/ich9.h
+++ b/include/hw/i386/ich9.h
@@ -66,6 +66,8 @@ typedef struct ICH9LPCState {
 qemu_irq *ioapic;
 } ICH9LPCState;
 
+Object *ich9_lpc_find(void);
+
 #define Q35_MASK(bit, ms_bit, ls_bit) \
 ((uint##bit##_t)(((1ULL << ((ms_bit) + 1)) - 1) & ~((1ULL << ls_bit) - 1)))
 
diff --git a/include/hw/pci-host/q35.h b/include/hw/pci-host/q35.h
index 6eb7ab6..f9db770 100644
--- a/include/hw/pci-host/q35.h
+++ b/include/hw/pci-host/q35.h
@@ -156,4 +156,6 @@ typedef struct Q35PCIHost {
 #define MCH_PCIE_DEV   1
 #define MCH_PCIE_FUNC  0
 
+uint64_t mch_mcfg_base(void);
+
 #endif /* HW_Q35_H */
diff --git a/hw/acpi/ich9.c b/hw/acpi/ich9.c
index 3fb443d..7e0429e 100644
--- a/hw/acpi/ich9.c
+++ b/hw/acpi/ich9.c
@@ -24,6 +24,7 @@
  * GNU GPL, version 2 or (at your option) any later version.
  */
 #include "hw/hw.h"
+#include "qapi/visitor.h"
 #include "hw/i386/pc.h"
 #include "hw/pci/pci.h"
 #include "qemu/timer.h"
@@ -228,3 +229,26 @@ void ich9_pm_init(PCIDevice *lpc_pci, ICH9LPCPMRegs *pm,
 pm->powerdown_notifier.notify = pm_powerdown_req;
 qemu_register_powerdown_notifier(&pm->powerdown_notifier);
 }
+
+static void ich9_pm_get_gpe0_blk(Object *obj, Visitor *v,
+ void *opaque, const char *name,
+ Error **errp)
+{
+ICH9LPCPMRegs *pm = opaque;
+uint32_t value = pm->pm_io_base + ICH9_PMIO_GPE0_STS;
+
+visit_type_uint32(v, &value, name, errp);
+}
+
+void ich9_pm_add_properties(Object *obj, ICH9LPCPMRegs *pm, Error **errp)
+{
+static const uint32_t gpe0_len = ICH9_PMIO_GPE0_LEN;
+
+object_property_add_uint32_ptr(obj, ACPI_PM_PROP_PM_IO_BASE,
+   &pm->pm_io_base, errp);
+object_property_add(obj, ACPI_PM_PROP_GPE0_BLK, "uint32",
+ich9_pm_get_gpe0_blk,
+NULL, NULL, pm, NULL);
+object_property_add_uint32_ptr(obj, ACPI_PM_PROP_GPE0_BLK_LEN,
+   &gpe0_len, errp);
+}
diff --git a/hw/isa/lpc_ich9.c b/hw/isa/lpc_ich9.c
index 5633d08..19b2198 100644
--- a/hw/isa/lpc_ich9.c
+++ b/hw/isa/lpc_ich9.c
@@ -29,6 +29,7 @@
  */
 #include "qemu-common.h"
 #include "hw/hw.h"
+#include "qapi/visitor.h"
 #include "qemu/range.h"
 #include "hw/isa/isa.h"
 #include "hw/sysbus.h"
@@ -525,6 +526,43 @@ static const MemoryRegionOps ich9_rst_cnt_ops = {
 .endianness = DEVICE_LITTLE_ENDIAN
 };
 
+Object *ich9_lpc_find(void)
+{
+bool ambig;
+Object *o = object_resolve_path_type("", TYPE_ICH9_LPC_DEVICE, &ambig);
+
+if (ambig) {
+return NULL;
+}
+return o;
+}
+
+static void ich9_lpc_get_sci_int(Object *obj, Visitor *v,
+ void *opaque, const char *name,
+ Error **errp)
+{
+ICH9LPCState *lpc = ICH9_LPC_DEVICE(obj);
+uint32_t value = ich9_lpc_sci_irq(lpc);
+
+visit_type_uint32(v, &value, name, errp);
+}
+
+static void ich9_lpc_add_properties(ICH9LPCState *lpc)
+{
+static const uint8_t acpi_enable_cmd = ICH9_APM_ACPI_ENABLE;
+static const uint8_t acpi_disable_cmd = ICH9_APM_ACPI_DISABLE;
+
+object_property_add(OBJECT(lpc), ACPI_PM_PROP_SCI_INT, "uint32",
+ich9_lpc_get_sci_int,
+NULL, NULL, NULL, NULL);
+object_property_add_uint8_ptr(OBJECT(lpc), ACPI_PM_PROP_ACPI_ENABLE_CMD,
+  &acpi_enable_cmd, NULL);
+object_property_add_uint8_ptr(OBJECT(lpc), ACPI_PM_PROP_ACPI_DISABLE_CMD,
+  &acpi_disable_cmd, NULL);
+
+ich9_pm_add_properties(OBJECT(lpc), &lpc->pm, NULL);
+}
+
 static int ich9_lpc_initfn(PCIDevice *d)
 {
 ICH9LPCState *lpc = ICH9_LPC_DEVICE(d);
@@ -552,6 +590,8 @@ static int ich9_lpc_initfn(PCIDevice *d)
  

[Qemu-devel] [PATCH v9 20/27] piix: APIs for pc guest info

[Michael S. Tsirkin]

This adds APIs that will be used to fill in guest acpi tables.
Some required information is still lacking in QOM, so we
fall back on lookups by type and returning explicit types.

Reviewed-by: Gerd Hoffmann 
Tested-by: Gerd Hoffmann 
Signed-off-by: Michael S. Tsirkin 
---
 include/hw/acpi/piix4.h |  8 
 include/hw/i386/pc.h|  1 +
 hw/acpi/piix4.c | 44 
 hw/pci-host/piix.c  |  8 
 4 files changed, 57 insertions(+), 4 deletions(-)
 create mode 100644 include/hw/acpi/piix4.h

diff --git a/include/hw/acpi/piix4.h b/include/hw/acpi/piix4.h
new file mode 100644
index 000..65e6fd7
--- /dev/null
+++ b/include/hw/acpi/piix4.h
@@ -0,0 +1,8 @@
+#ifndef HW_ACPI_PIIX4_H
+#define HW_ACPI_PIIX4_H
+
+#include "qemu/typedefs.h"
+
+Object *piix4_pm_find(void);
+
+#endif
diff --git a/include/hw/i386/pc.h b/include/hw/i386/pc.h
index 5aefc5b..95857be 100644
--- a/include/hw/i386/pc.h
+++ b/include/hw/i386/pc.h
@@ -192,6 +192,7 @@ PCIBus *i440fx_init(PCII440FXState **pi440fx_state, int 
*piix_devfn,
 MemoryRegion *pci_memory,
 MemoryRegion *ram_memory);
 
+PCIBus *find_i440fx(void);
 /* piix4.c */
 extern PCIDevice *piix4_dev;
 int piix4_init(PCIBus *bus, ISABus **isa_bus, int devfn);
diff --git a/hw/acpi/piix4.c b/hw/acpi/piix4.c
index 4b8c1da..3bcd890 100644
--- a/hw/acpi/piix4.c
+++ b/hw/acpi/piix4.c
@@ -29,6 +29,7 @@
 #include "exec/ioport.h"
 #include "hw/nvram/fw_cfg.h"
 #include "exec/address-spaces.h"
+#include "hw/acpi/piix4.h"
 
 //#define DEBUG
 
@@ -69,6 +70,8 @@ typedef struct PIIX4PMState {
 /*< public >*/
 
 MemoryRegion io;
+uint32_t io_base;
+
 MemoryRegion io_gpe;
 MemoryRegion io_pci;
 MemoryRegion io_cpu;
@@ -152,14 +155,13 @@ static void apm_ctrl_changed(uint32_t val, void *arg)
 static void pm_io_space_update(PIIX4PMState *s)
 {
 PCIDevice *d = PCI_DEVICE(s);
-uint32_t pm_io_base;
 
-pm_io_base = le32_to_cpu(*(uint32_t *)(d->config + 0x40));
-pm_io_base &= 0xffc0;
+s->io_base = le32_to_cpu(*(uint32_t *)(d->config + 0x40));
+s->io_base &= 0xffc0;
 
 memory_region_transaction_begin();
 memory_region_set_enabled(&s->io, d->config[0x80] & 1);
-memory_region_set_address(&s->io, pm_io_base);
+memory_region_set_address(&s->io, s->io_base);
 memory_region_transaction_commit();
 }
 
@@ -407,6 +409,28 @@ static void piix4_pm_machine_ready(Notifier *n, void 
*opaque)
 (memory_region_present(io_as, 0x2f8) ? 0x90 : 0);
 }
 
+static void piix4_pm_add_propeties(PIIX4PMState *s)
+{
+static const uint8_t acpi_enable_cmd = ACPI_ENABLE;
+static const uint8_t acpi_disable_cmd = ACPI_DISABLE;
+static const uint32_t gpe0_blk = GPE_BASE;
+static const uint32_t gpe0_blk_len = GPE_LEN;
+static const uint16_t sci_int = 9;
+
+object_property_add_uint8_ptr(OBJECT(s), ACPI_PM_PROP_ACPI_ENABLE_CMD,
+  &acpi_enable_cmd, NULL);
+object_property_add_uint8_ptr(OBJECT(s), ACPI_PM_PROP_ACPI_DISABLE_CMD,
+  &acpi_disable_cmd, NULL);
+object_property_add_uint32_ptr(OBJECT(s), ACPI_PM_PROP_GPE0_BLK,
+  &gpe0_blk, NULL);
+object_property_add_uint32_ptr(OBJECT(s), ACPI_PM_PROP_GPE0_BLK_LEN,
+  &gpe0_blk_len, NULL);
+object_property_add_uint16_ptr(OBJECT(s), ACPI_PM_PROP_SCI_INT,
+  &sci_int, NULL);
+object_property_add_uint32_ptr(OBJECT(s), ACPI_PM_PROP_PM_IO_BASE,
+  &s->io_base, NULL);
+}
+
 static int piix4_pm_initfn(PCIDevice *dev)
 {
 PIIX4PMState *s = PIIX4_PM(dev);
@@ -456,9 +480,21 @@ static int piix4_pm_initfn(PCIDevice *dev)
 
 piix4_acpi_system_hot_add_init(pci_address_space_io(dev), dev->bus, s);
 
+piix4_pm_add_propeties(s);
 return 0;
 }
 
+Object *piix4_pm_find(void)
+{
+bool ambig;
+Object *o = object_resolve_path_type("", TYPE_PIIX4_PM, &ambig);
+
+if (ambig || !o) {
+return NULL;
+}
+return o;
+}
+
 i2c_bus *piix4_pm_init(PCIBus *bus, int devfn, uint32_t smb_io_base,
qemu_irq sci_irq, qemu_irq smi_irq,
int kvm_enabled, FWCfgState *fw_cfg)
diff --git a/hw/pci-host/piix.c b/hw/pci-host/piix.c
index c041149..bad3953 100644
--- a/hw/pci-host/piix.c
+++ b/hw/pci-host/piix.c
@@ -416,6 +416,14 @@ PCIBus *i440fx_init(PCII440FXState **pi440fx_state,
 return b;
 }
 
+PCIBus *find_i440fx(void)
+{
+PCIHostState *s = OBJECT_CHECK(PCIHostState,
+   object_resolve_path("/machine/i440fx", 
NULL),
+   TYPE_PCI_HOST_BRIDGE);
+return s ? s->bus : NULL;
+}
+
 /* PIIX3 PCI to ISA bridge */
 static void piix3_set_irq_pic(PIIX3State *piix3, int pic_irq)
 {
-- 
MST

[Qemu-devel] [PATCH v9 19/27] acpi/piix: add macros for acpi property names

[Michael S. Tsirkin]

Reviewed-by: Gerd Hoffmann 
Tested-by: Gerd Hoffmann 
Signed-off-by: Michael S. Tsirkin 
---
 include/hw/i386/pc.h | 10 ++
 hw/acpi/piix4.c  |  6 +++---
 2 files changed, 13 insertions(+), 3 deletions(-)

diff --git a/include/hw/i386/pc.h b/include/hw/i386/pc.h
index 085a621..5aefc5b 100644
--- a/include/hw/i386/pc.h
+++ b/include/hw/i386/pc.h
@@ -20,6 +20,16 @@ typedef struct PcPciInfo {
 Range w64;
 } PcPciInfo;
 
+#define ACPI_PM_PROP_S3_DISABLED "disable_s3"
+#define ACPI_PM_PROP_S4_DISABLED "disable_s4"
+#define ACPI_PM_PROP_S4_VAL "s4_val"
+#define ACPI_PM_PROP_SCI_INT "sci_int"
+#define ACPI_PM_PROP_ACPI_ENABLE_CMD "acpi_enable_cmd"
+#define ACPI_PM_PROP_ACPI_DISABLE_CMD "acpi_disable_cmd"
+#define ACPI_PM_PROP_PM_IO_BASE "pm_io_base"
+#define ACPI_PM_PROP_GPE0_BLK "gpe0_blk"
+#define ACPI_PM_PROP_GPE0_BLK_LEN "gpe0_blk_len"
+
 struct PcGuestInfo {
 bool has_pci_info;
 bool isapc_ram_fw;
diff --git a/hw/acpi/piix4.c b/hw/acpi/piix4.c
index b46bd5e..4b8c1da 100644
--- a/hw/acpi/piix4.c
+++ b/hw/acpi/piix4.c
@@ -489,9 +489,9 @@ i2c_bus *piix4_pm_init(PCIBus *bus, int devfn, uint32_t 
smb_io_base,
 
 static Property piix4_pm_properties[] = {
 DEFINE_PROP_UINT32("smb_io_base", PIIX4PMState, smb_io_base, 0),
-DEFINE_PROP_UINT8("disable_s3", PIIX4PMState, disable_s3, 0),
-DEFINE_PROP_UINT8("disable_s4", PIIX4PMState, disable_s4, 0),
-DEFINE_PROP_UINT8("s4_val", PIIX4PMState, s4_val, 2),
+DEFINE_PROP_UINT8(ACPI_PM_PROP_S3_DISABLED, PIIX4PMState, disable_s3, 0),
+DEFINE_PROP_UINT8(ACPI_PM_PROP_S4_DISABLED, PIIX4PMState, disable_s4, 0),
+DEFINE_PROP_UINT8(ACPI_PM_PROP_S4_VAL, PIIX4PMState, s4_val, 2),
 DEFINE_PROP_END_OF_LIST(),
 };
 
-- 
MST

[Qemu-devel] [PATCH v9 18/27] i386: define pc guest info

[Michael S. Tsirkin]

This defines a structure that will be used to fill in acpi tables
where relevant properties are not yet available using QOM.

Reviewed-by: Laszlo Ersek 
Reviewed-by: Gerd Hoffmann 
Tested-by: Gerd Hoffmann 
Signed-off-by: Michael S. Tsirkin 
---
 include/hw/i386/pc.h |  9 +
 hw/i386/pc.c | 21 +
 2 files changed, 30 insertions(+)

diff --git a/include/hw/i386/pc.h b/include/hw/i386/pc.h
index 9b2ddc4..085a621 100644
--- a/include/hw/i386/pc.h
+++ b/include/hw/i386/pc.h
@@ -9,6 +9,9 @@
 #include "hw/i386/ioapic.h"
 
 #include "qemu/range.h"
+#include "qemu/bitmap.h"
+#include "sysemu/sysemu.h"
+#include "hw/pci/pci.h"
 
 /* PC-style peripherals (also used by other machines).  */
 
@@ -20,6 +23,12 @@ typedef struct PcPciInfo {
 struct PcGuestInfo {
 bool has_pci_info;
 bool isapc_ram_fw;
+hwaddr ram_size;
+unsigned apic_id_limit;
+bool apic_xrupt_override;
+uint64_t numa_nodes;
+uint64_t *node_mem;
+uint64_t *node_cpu;
 FWCfgState *fw_cfg;
 };
 
diff --git a/hw/i386/pc.c b/hw/i386/pc.c
index 0c313fe..d17d1d9 100644
--- a/hw/i386/pc.c
+++ b/hw/i386/pc.c
@@ -1047,6 +1047,27 @@ PcGuestInfo *pc_guest_info_init(ram_addr_t 
below_4g_mem_size,
 {
 PcGuestInfoState *guest_info_state = g_malloc0(sizeof *guest_info_state);
 PcGuestInfo *guest_info = &guest_info_state->info;
+int i, j;
+
+guest_info->ram_size = below_4g_mem_size + above_4g_mem_size;
+guest_info->apic_id_limit = pc_apic_id_limit(max_cpus);
+guest_info->apic_xrupt_override = kvm_allows_irq0_override();
+guest_info->numa_nodes = nb_numa_nodes;
+guest_info->node_mem = g_memdup(node_mem, guest_info->numa_nodes *
+sizeof *guest_info->node_mem);
+guest_info->node_cpu = g_malloc0(guest_info->apic_id_limit *
+ sizeof *guest_info->node_cpu);
+
+for (i = 0; i < max_cpus; i++) {
+unsigned int apic_id = x86_cpu_apic_id_from_index(i);
+assert(apic_id < guest_info->apic_id_limit);
+for (j = 0; j < nb_numa_nodes; j++) {
+if (test_bit(i, node_cpumask[j])) {
+guest_info->node_cpu[apic_id] = j;
+break;
+}
+}
+}
 
 guest_info_state->machine_done.notify = pc_guest_info_machine_done;
 qemu_add_machine_init_done_notifier(&guest_info_state->machine_done);
-- 
MST

[Qemu-devel] [PATCH v9 17/27] loader: allow adding ROMs in done callbacks

[Michael S. Tsirkin]

Don't abort if machine done callbacks add ROMs.

Reviewed-by: Gerd Hoffmann 
Tested-by: Gerd Hoffmann 
Signed-off-by: Michael S. Tsirkin 
---
 include/hw/loader.h | 1 +
 hw/core/loader.c| 6 +-
 vl.c| 3 +++
 3 files changed, 9 insertions(+), 1 deletion(-)

diff --git a/include/hw/loader.h b/include/hw/loader.h
index e0c576b..58eca98 100644
--- a/include/hw/loader.h
+++ b/include/hw/loader.h
@@ -46,6 +46,7 @@ void *rom_add_blob(const char *name, const void *blob, size_t 
len,
 int rom_add_elf_program(const char *name, void *data, size_t datasize,
 size_t romsize, hwaddr addr);
 int rom_load_all(void);
+void rom_load_done(void);
 void rom_set_fw(FWCfgState *f);
 int rom_copy(uint8_t *dest, hwaddr addr, size_t size);
 void *rom_ptr(hwaddr addr);
diff --git a/hw/core/loader.c b/hw/core/loader.c
index 060729f..60d2ebd 100644
--- a/hw/core/loader.c
+++ b/hw/core/loader.c
@@ -812,10 +812,14 @@ int rom_load_all(void)
 memory_region_unref(section.mr);
 }
 qemu_register_reset(rom_reset, NULL);
-roms_loaded = 1;
 return 0;
 }
 
+void rom_load_done(void)
+{
+roms_loaded = 1;
+}
+
 void rom_set_fw(FWCfgState *f)
 {
 fw_cfg = f;
diff --git a/vl.c b/vl.c
index fb8006e..46c29c4 100644
--- a/vl.c
+++ b/vl.c
@@ -4339,6 +4339,9 @@ int main(int argc, char **argv, char **envp)
 qemu_register_reset(qbus_reset_all_fn, sysbus_get_default());
 qemu_run_machine_init_done_notifiers();
 
+/* Done notifiers can load ROMs */
+rom_load_done();
+
 qemu_system_reset(VMRESET_SILENT);
 if (loadvm) {
 if (load_vmstate(loadvm) < 0) {
-- 
MST

[Qemu-devel] [PATCH v9 16/27] i386: add bios linker/loader

[Michael S. Tsirkin]

This adds a dynamic bios linker/loader.
This will be used by acpi table generation
code to:
- load each table in the appropriate memory segment
- link tables to each other
- fix up checksums after said linking

Reviewed-by: Gerd Hoffmann 
Tested-by: Gerd Hoffmann 
Signed-off-by: Michael S. Tsirkin 
---
 hw/i386/bios-linker-loader.h |  27 
 hw/i386/bios-linker-loader.c | 158 +++
 hw/i386/Makefile.objs|   1 +
 3 files changed, 186 insertions(+)
 create mode 100644 hw/i386/bios-linker-loader.h
 create mode 100644 hw/i386/bios-linker-loader.c

diff --git a/hw/i386/bios-linker-loader.h b/hw/i386/bios-linker-loader.h
new file mode 100644
index 000..498c0af
--- /dev/null
+++ b/hw/i386/bios-linker-loader.h
@@ -0,0 +1,27 @@
+#ifndef BIOS_LINKER_LOADER_H
+#define BIOS_LINKER_LOADER_H
+
+#include 
+#include 
+#include 
+
+GArray *bios_linker_loader_init(void);
+
+void bios_linker_loader_alloc(GArray *linker,
+  const char *file,
+  uint32_t alloc_align,
+  bool alloc_fseg);
+
+void bios_linker_loader_add_checksum(GArray *linker, const char *file,
+ void *table,
+ void *start, unsigned size,
+ uint8_t *checksum);
+
+void bios_linker_loader_add_pointer(GArray *linker,
+const char *dest_file,
+const char *src_file,
+GArray *table, void *pointer,
+uint8_t pointer_size);
+
+void *bios_linker_loader_cleanup(GArray *linker);
+#endif
diff --git a/hw/i386/bios-linker-loader.c b/hw/i386/bios-linker-loader.c
new file mode 100644
index 000..0833853
--- /dev/null
+++ b/hw/i386/bios-linker-loader.c
@@ -0,0 +1,158 @@
+/* Dynamic linker/loader of ACPI tables
+ *
+ * Copyright (C) 2013 Red Hat Inc
+ *
+ * Author: Michael S. Tsirkin 
+ *
+ * This program is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+
+ * You should have received a copy of the GNU General Public License along
+ * with this program; if not, see .
+ */
+
+#include "bios-linker-loader.h"
+#include "hw/nvram/fw_cfg.h"
+
+#include 
+#include 
+#include "qemu/bswap.h"
+
+#define BIOS_LINKER_LOADER_FILESZ FW_CFG_MAX_FILE_PATH
+
+struct BiosLinkerLoaderEntry {
+uint32_t command;
+union {
+/*
+ * COMMAND_ALLOCATE - allocate a table from @alloc.file
+ * subject to @alloc.align alignment (must be power of 2)
+ * and @alloc.zone (can be HIGH or FSEG) requirements.
+ *
+ * Must appear exactly once for each file, and before
+ * this file is referenced by any other command.
+ */
+struct {
+char file[BIOS_LINKER_LOADER_FILESZ];
+uint32_t align;
+uint8_t zone;
+} alloc;
+
+/*
+ * COMMAND_ADD_POINTER - patch the table (originating from
+ * @dest_file) at @pointer.offset, by adding a pointer to the table
+ * originating from @src_file. 1,2,4 or 8 byte unsigned
+ * addition is used depending on @pointer.size.
+ */
+struct {
+char dest_file[BIOS_LINKER_LOADER_FILESZ];
+char src_file[BIOS_LINKER_LOADER_FILESZ];
+uint32_t offset;
+uint8_t size;
+} pointer;
+
+/*
+ * COMMAND_ADD_CHECKSUM - calculate checksum of the range specified by
+ * @cksum_start and @cksum_length fields,
+ * and then add the value at @cksum.offset.
+ * Checksum simply sums -X for each byte X in the range
+ * using 8-bit math.
+ */
+struct {
+char file[BIOS_LINKER_LOADER_FILESZ];
+uint32_t offset;
+uint32_t start;
+uint32_t length;
+} cksum;
+
+/* padding */
+char pad[124];
+};
+} QEMU_PACKED;
+typedef struct BiosLinkerLoaderEntry BiosLinkerLoaderEntry;
+
+enum {
+BIOS_LINKER_LOADER_COMMAND_ALLOCATE = 0x1,
+BIOS_LINKER_LOADER_COMMAND_ADD_POINTER  = 0x2,
+BIOS_LINKER_LOADER_COMMAND_ADD_CHECKSUM = 0x3,
+};
+
+enum {
+BIOS_LINKER_LOADER_ALLOC_ZONE_HIGH = 0x1,
+BIOS_LINKER_LOADER_ALLOC_ZONE_FSEG = 0x2,
+};
+
+GArray *bios_linker_loader_init(void)
+{
+return g_array_new(false, true /* clear */, sizeof(BiosLinkerLoaderEntry));
+}
+
+/* Free linker wrapper and r

[Qemu-devel] [PATCH v9 14/27] acpi: ssdt pcihp: updat generated file

[Michael S. Tsirkin]

update generated file, not sure what changed

Reviewed-by: Gerd Hoffmann 
Tested-by: Gerd Hoffmann 
Signed-off-by: Michael S. Tsirkin 
---
 hw/i386/ssdt-pcihp.hex.generated | 8 
 1 file changed, 4 insertions(+), 4 deletions(-)

diff --git a/hw/i386/ssdt-pcihp.hex.generated b/hw/i386/ssdt-pcihp.hex.generated
index 0d32a27..b3c2cd5 100644
--- a/hw/i386/ssdt-pcihp.hex.generated
+++ b/hw/i386/ssdt-pcihp.hex.generated
@@ -17,7 +17,7 @@ static unsigned char ssdp_pcihp_aml[] = {
 0x0,
 0x0,
 0x1,
-0x77,
+0x76,
 0x42,
 0x58,
 0x50,
@@ -40,9 +40,9 @@ static unsigned char ssdp_pcihp_aml[] = {
 0x4e,
 0x54,
 0x4c,
-0x28,
-0x5,
-0x10,
+0x23,
+0x8,
+0x13,
 0x20,
 0x10,
 0x33,
-- 
MST

Re: [Qemu-devel] [Bug 1100843] Re: Live Migration Causes Performance Issues

[Paolo Bonzini]

Il 07/10/2013 08:38, Peter Lieven ha scritto:
> On 06.10.2013 15:57, Zhang Haoyu wrote:
>>> >From my testing this has been fixed in the saucy version (1.5.0) of
>> qemu. It is fixed by this patch:
>>> f1c72795af573b24a7da5eb52375c9aba8a37972
>>>
>>> However later in the history this commit was reverted, and again broke
>> this. The other commit that fixes this is:
>>> 211ea74022f51164a7729030b28eec90b6c99a08
>>>
>> See below post,please.
>> https://lists.gnu.org/archive/html/qemu-devel/2013-08/msg05062.html
> 
> I would still like to fix qemu to not load roms etc. if we set up a
> migration target. In this case
> we could drop the madvise, skip the checking for zero pages and also
> could avoid sending
> zero pages at all. It would be the cleanest solution.

It's in general not easy to do this if you take non-x86 targets into
account.

Paolo

[Qemu-devel] [PATCH v9 25/27] ssdt: fix PBLK length

[Michael S. Tsirkin]

We don't really support CPU throttling, so supply 0 PBLK length.

Reviewed-by: Gerd Hoffmann 
Tested-by: Gerd Hoffmann 
Signed-off-by: Michael S. Tsirkin 
---
 hw/i386/ssdt-proc.dsl | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/hw/i386/ssdt-proc.dsl b/hw/i386/ssdt-proc.dsl
index 58333c7..8229bfd 100644
--- a/hw/i386/ssdt-proc.dsl
+++ b/hw/i386/ssdt-proc.dsl
@@ -37,7 +37,7 @@ DefinitionBlock ("ssdt-proc.aml", "SSDT", 0x01, "BXPC", 
"BXSSDT", 0x1)
 ACPI_EXTRACT_PROCESSOR_START ssdt_proc_start
 ACPI_EXTRACT_PROCESSOR_END ssdt_proc_end
 ACPI_EXTRACT_PROCESSOR_STRING ssdt_proc_name
-Processor(CPAA, 0xAA, 0xb010, 0x06) {
+Processor(CPAA, 0xAA, 0x, 0x0) {
 ACPI_EXTRACT_NAME_BYTE_CONST ssdt_proc_id
 Name(ID, 0xAA)
 /*
-- 
MST

[Qemu-devel] [PATCH v9 23/27] hpet: add API to find it

[Michael S. Tsirkin]

Add API to find HPET using QOM.

Reviewed-by: Gerd Hoffmann 
Tested-by: Gerd Hoffmann 
Signed-off-by: Michael S. Tsirkin 
---
 include/hw/timer/hpet.h | 2 ++
 hw/timer/hpet.c | 5 +
 2 files changed, 7 insertions(+)

diff --git a/include/hw/timer/hpet.h b/include/hw/timer/hpet.h
index 757f79f..ab44bd3 100644
--- a/include/hw/timer/hpet.h
+++ b/include/hw/timer/hpet.h
@@ -71,4 +71,6 @@ struct hpet_fw_config
 } QEMU_PACKED;
 
 extern struct hpet_fw_config hpet_cfg;
+
+bool hpet_find(void);
 #endif
diff --git a/hw/timer/hpet.c b/hw/timer/hpet.c
index fcd22ae..2eb75ea 100644
--- a/hw/timer/hpet.c
+++ b/hw/timer/hpet.c
@@ -757,6 +757,11 @@ static void hpet_device_class_init(ObjectClass *klass, 
void *data)
 dc->props = hpet_device_properties;
 }
 
+bool hpet_find(void)
+{
+return object_resolve_path_type("", TYPE_HPET, NULL);
+}
+
 static const TypeInfo hpet_device_info = {
 .name  = TYPE_HPET,
 .parent= TYPE_SYS_BUS_DEVICE,
-- 
MST

[Qemu-devel] [PATCH v9 09/27] q35: use macro for MCFG property name

[Michael S. Tsirkin]

Useful to make it accessible through QOM.

Reviewed-by: Gerd Hoffmann 
Tested-by: Gerd Hoffmann 
Signed-off-by: Michael S. Tsirkin 
---
 include/hw/pci/pcie_host.h | 2 ++
 hw/pci-host/q35.c  | 2 +-
 2 files changed, 3 insertions(+), 1 deletion(-)

diff --git a/include/hw/pci/pcie_host.h b/include/hw/pci/pcie_host.h
index da0f275..33d75bd 100644
--- a/include/hw/pci/pcie_host.h
+++ b/include/hw/pci/pcie_host.h
@@ -28,6 +28,8 @@
 #define PCIE_HOST_BRIDGE(obj) \
 OBJECT_CHECK(PCIExpressHost, (obj), TYPE_PCIE_HOST_BRIDGE)
 
+#define PCIE_HOST_MCFG_BASE "MCFG"
+
 /* pcie_host::base_addr == PCIE_BASE_ADDR_UNMAPPED when it isn't mapped. */
 #define PCIE_BASE_ADDR_UNMAPPED  ((hwaddr)-1ULL)
 
diff --git a/hw/pci-host/q35.c b/hw/pci-host/q35.c
index 23dbeea..e46f286 100644
--- a/hw/pci-host/q35.c
+++ b/hw/pci-host/q35.c
@@ -110,7 +110,7 @@ static void q35_host_get_pci_hole64_end(Object *obj, 
Visitor *v,
 }
 
 static Property mch_props[] = {
-DEFINE_PROP_UINT64("MCFG", Q35PCIHost, parent_obj.base_addr,
+DEFINE_PROP_UINT64(PCIE_HOST_MCFG_BASE, Q35PCIHost, parent_obj.base_addr,
 MCH_HOST_BRIDGE_PCIEXBAR_DEFAULT),
 DEFINE_PROP_SIZE(PCI_HOST_PROP_PCI_HOLE64_SIZE, Q35PCIHost,
  mch.pci_hole64_size, DEFAULT_PCI_HOLE64_SIZE),
-- 
MST

[Qemu-devel] [PATCH v9 15/27] loader: use file path size from fw_cfg.h

[Michael S. Tsirkin]

Avoid a bit of code duplication, make
max file path constant reusable.

Suggested-by: Laszlo Ersek 
Reviewed-by: Gerd Hoffmann 
Tested-by: Gerd Hoffmann 
Signed-off-by: Michael S. Tsirkin 
---
 include/hw/nvram/fw_cfg.h | 4 +++-
 hw/core/loader.c  | 2 +-
 2 files changed, 4 insertions(+), 2 deletions(-)

diff --git a/include/hw/nvram/fw_cfg.h b/include/hw/nvram/fw_cfg.h
index 2ab0fc2..72b1549 100644
--- a/include/hw/nvram/fw_cfg.h
+++ b/include/hw/nvram/fw_cfg.h
@@ -46,12 +46,14 @@
 
 #define FW_CFG_INVALID  0x
 
+#define FW_CFG_MAX_FILE_PATH56
+
 #ifndef NO_QEMU_PROTOS
 typedef struct FWCfgFile {
 uint32_t  size;/* file size */
 uint16_t  select;  /* write this to 0x510 to read it */
 uint16_t  reserved;
-char  name[56];
+char  name[FW_CFG_MAX_FILE_PATH];
 } FWCfgFile;
 
 typedef struct FWCfgFiles {
diff --git a/hw/core/loader.c b/hw/core/loader.c
index 449bd4c..060729f 100644
--- a/hw/core/loader.c
+++ b/hw/core/loader.c
@@ -663,7 +663,7 @@ int rom_add_file(const char *file, const char *fw_dir,
 rom_insert(rom);
 if (rom->fw_file && fw_cfg) {
 const char *basename;
-char fw_file_name[56];
+char fw_file_name[FW_CFG_MAX_FILE_PATH];
 void *data;
 
 basename = strrchr(rom->fw_file, '/');
-- 
MST

[Qemu-devel] [PATCH v9 08/27] pcie_host: expose address format

[Michael S. Tsirkin]

Callers pass in the address so it's helpful for
them to be able to decode it.

Reviewed-by: Gerd Hoffmann 
Tested-by: Gerd Hoffmann 
Signed-off-by: Michael S. Tsirkin 
---
 include/hw/pci/pcie_host.h | 21 +
 hw/pci/pcie_host.c | 21 -
 2 files changed, 21 insertions(+), 21 deletions(-)

diff --git a/include/hw/pci/pcie_host.h b/include/hw/pci/pcie_host.h
index bac3c67..da0f275 100644
--- a/include/hw/pci/pcie_host.h
+++ b/include/hw/pci/pcie_host.h
@@ -54,4 +54,25 @@ void pcie_host_mmcfg_update(PCIExpressHost *e,
 hwaddr addr,
 uint32_t size);
 
+/*
+ * PCI express ECAM (Enhanced Configuration Address Mapping) format.
+ * AKA mmcfg address
+ * bit 20 - 28: bus number
+ * bit 15 - 19: device number
+ * bit 12 - 14: function number
+ * bit  0 - 11: offset in configuration space of a given device
+ */
+#define PCIE_MMCFG_SIZE_MAX (1ULL << 28)
+#define PCIE_MMCFG_SIZE_MIN (1ULL << 20)
+#define PCIE_MMCFG_BUS_BIT  20
+#define PCIE_MMCFG_BUS_MASK 0x1ff
+#define PCIE_MMCFG_DEVFN_BIT12
+#define PCIE_MMCFG_DEVFN_MASK   0xff
+#define PCIE_MMCFG_CONFOFFSET_MASK  0xfff
+#define PCIE_MMCFG_BUS(addr)(((addr) >> PCIE_MMCFG_BUS_BIT) & \
+ PCIE_MMCFG_BUS_MASK)
+#define PCIE_MMCFG_DEVFN(addr)  (((addr) >> PCIE_MMCFG_DEVFN_BIT) & \
+ PCIE_MMCFG_DEVFN_MASK)
+#define PCIE_MMCFG_CONFOFFSET(addr) ((addr) & PCIE_MMCFG_CONFOFFSET_MASK)
+
 #endif /* PCIE_HOST_H */
diff --git a/hw/pci/pcie_host.c b/hw/pci/pcie_host.c
index 410ac08..c6e1b57 100644
--- a/hw/pci/pcie_host.c
+++ b/hw/pci/pcie_host.c
@@ -24,27 +24,6 @@
 #include "hw/pci/pcie_host.h"
 #include "exec/address-spaces.h"
 
-/*
- * PCI express mmcfig address
- * bit 20 - 28: bus number
- * bit 15 - 19: device number
- * bit 12 - 14: function number
- * bit  0 - 11: offset in configuration space of a given device
- */
-#define PCIE_MMCFG_SIZE_MAX (1ULL << 28)
-#define PCIE_MMCFG_SIZE_MIN (1ULL << 20)
-#define PCIE_MMCFG_BUS_BIT  20
-#define PCIE_MMCFG_BUS_MASK 0x1ff
-#define PCIE_MMCFG_DEVFN_BIT12
-#define PCIE_MMCFG_DEVFN_MASK   0xff
-#define PCIE_MMCFG_CONFOFFSET_MASK  0xfff
-#define PCIE_MMCFG_BUS(addr)(((addr) >> PCIE_MMCFG_BUS_BIT) & \
- PCIE_MMCFG_BUS_MASK)
-#define PCIE_MMCFG_DEVFN(addr)  (((addr) >> PCIE_MMCFG_DEVFN_BIT) & \
- PCIE_MMCFG_DEVFN_MASK)
-#define PCIE_MMCFG_CONFOFFSET(addr) ((addr) & PCIE_MMCFG_CONFOFFSET_MASK)
-
-
 /* a helper function to get a PCIDevice for a given mmconfig address */
 static inline PCIDevice *pcie_dev_find_by_mmcfg_addr(PCIBus *s,
  uint32_t mmcfg_addr)
-- 
MST

[Qemu-devel] [PATCH v9 12/27] acpi: add rules to compile ASL source

[Michael S. Tsirkin]

Detect presence of IASL compiler and use it
to process ASL source. If not there, use pre-compiled
files in-tree. Add script to update the in-tree files.

Note: distros are known to silently update iasl
so detect correct iasl flags for the installed version on each run as
opposed to at configure time.

Reviewed-by: Laszlo Ersek 
Reviewed-by: Gerd Hoffmann 
Tested-by: Gerd Hoffmann 
Signed-off-by: Michael S. Tsirkin 
---
 configure  |  9 -
 hw/i386/Makefile.objs  | 22 ++
 scripts/update-acpi.sh |  4 
 3 files changed, 34 insertions(+), 1 deletion(-)
 create mode 100644 scripts/update-acpi.sh

diff --git a/configure b/configure
index 2b83936..15405e1 100755
--- a/configure
+++ b/configure
@@ -119,6 +119,7 @@ path_of() {
 # default parameters
 source_path=`dirname "$0"`
 cpu=""
+iasl="iasl"
 interp_prefix="/usr/gnemul/qemu-%M"
 static="no"
 cross_prefix=""
@@ -257,6 +258,8 @@ for opt do
   ;;
   --cxx=*) CXX="$optarg"
   ;;
+  --iasl=*) iasl="$optarg"
+  ;;
   --source-path=*) source_path="$optarg"
   ;;
   --cpu=*) cpu="$optarg"
@@ -1055,6 +1058,7 @@ echo "Advanced options (experts only):"
 echo "  --source-path=PATH   path of source code [$source_path]"
 echo "  --cross-prefix=PREFIXuse PREFIX for compile tools [$cross_prefix]"
 echo "  --cc=CC  use C compiler CC [$cc]"
+echo "  --iasl=IASL  use ACPI compiler IASL [$iasl]"
 echo "  --host-cc=CC use C compiler CC [$host_cc] for code run at"
 echo "   build time"
 echo "  --cxx=CXXuse C++ compiler CXX [$cxx]"
@@ -4239,6 +4243,9 @@ else
 fi
 echo "PYTHON=$python" >> $config_host_mak
 echo "CC=$cc" >> $config_host_mak
+if $iasl -h > /dev/null 2>&1; then
+  echo "IASL=$iasl" >> $config_host_mak
+fi
 echo "CC_I386=$cc_i386" >> $config_host_mak
 echo "HOST_CC=$host_cc" >> $config_host_mak
 echo "CXX=$cxx" >> $config_host_mak
@@ -4691,7 +4698,7 @@ for rom in seabios vgabios ; do
 echo "BCC=bcc" >> $config_mak
 echo "CPP=$cpp" >> $config_mak
 echo "OBJCOPY=objcopy" >> $config_mak
-echo "IASL=iasl" >> $config_mak
+echo "IASL=$iasl" >> $config_mak
 echo "LD=$ld" >> $config_mak
 done
 
diff --git a/hw/i386/Makefile.objs b/hw/i386/Makefile.objs
index 45e6165..f950707 100644
--- a/hw/i386/Makefile.objs
+++ b/hw/i386/Makefile.objs
@@ -5,3 +5,25 @@ obj-y += pc_sysfw.o
 obj-$(CONFIG_XEN) += xen_domainbuild.o xen_machine_pv.o
 
 obj-y += kvmvapic.o
+
+iasl-option=$(shell if test -z "`$(1) $(2) 2>&1 > /dev/null`" \
+; then echo "$(2)"; else echo "$(3)"; fi ;)
+
+ifdef IASL
+#IASL Present. Generate hex files from .dsl
+hw/i386/%.hex: $(SRC_PATH)/hw/i386/%.dsl 
$(SRC_PATH)/scripts/acpi_extract_preprocess.py 
$(SRC_PATH)/scripts/acpi_extract.py
+   $(call quiet-command, cpp -P $< -o $*.dsl.i.orig, "  CPP 
$(TARGET_DIR)$*.dsl.i.orig")
+   $(call quiet-command, $(PYTHON) 
$(SRC_PATH)/scripts/acpi_extract_preprocess.py $*.dsl.i.orig > $*.dsl.i, "  
ACPI_PREPROCESS $(TARGET_DIR)$*.dsl.i")
+   $(call quiet-command, $(IASL) $(call iasl-option,$(IASL),-Pn,) -vs -l 
-tc -p $* $*.dsl.i $(if $(V), , > /dev/null) 2>&1 ,"  IASL 
$(TARGET_DIR)$*.dsl.i")
+   $(call quiet-command, $(SRC_PATH)/scripts/acpi_extract.py $*.lst > 
$*.off, "  ACPI_EXTRACT $(TARGET_DIR)$*.off")
+   $(call quiet-command, cat $*.off > $@, "  CAT $(TARGET_DIR)$@")
+else
+#IASL Not present. Restore pre-generated hex files.
+hw/i386/%.hex: $(SRC_PATH)/hw/i386/%.hex.generated
+   $(call quiet-command, cp -f $< $@, "  CP $(TARGET_DIR)$@")
+endif
+
+.PHONY: cleanhex
+cleanhex:
+   rm -f hw/i386/*hex
+clean: cleanhex
diff --git a/scripts/update-acpi.sh b/scripts/update-acpi.sh
new file mode 100644
index 000..b5f05ff
--- /dev/null
+++ b/scripts/update-acpi.sh
@@ -0,0 +1,4 @@
+cd x86_64-softmmu
+for file in hw/i386/*.hex; do
+cp -f $file ../$file.generated
+done
-- 
MST

[Qemu-devel] [PATCH v9 05/27] fw_cfg: interface to trigger callback on read

[Michael S. Tsirkin]

Reviewed-by: Gerd Hoffmann 
Tested-by: Gerd Hoffmann 
Signed-off-by: Michael S. Tsirkin 
---
 include/hw/nvram/fw_cfg.h |  4 
 hw/nvram/fw_cfg.c | 33 -
 2 files changed, 32 insertions(+), 5 deletions(-)

diff --git a/include/hw/nvram/fw_cfg.h b/include/hw/nvram/fw_cfg.h
index f60dd67..2ab0fc2 100644
--- a/include/hw/nvram/fw_cfg.h
+++ b/include/hw/nvram/fw_cfg.h
@@ -60,6 +60,7 @@ typedef struct FWCfgFiles {
 } FWCfgFiles;
 
 typedef void (*FWCfgCallback)(void *opaque, uint8_t *data);
+typedef void (*FWCfgReadCallback)(void *opaque, uint32_t offset);
 
 void fw_cfg_add_bytes(FWCfgState *s, uint16_t key, void *data, size_t len);
 void fw_cfg_add_string(FWCfgState *s, uint16_t key, const char *value);
@@ -70,6 +71,9 @@ void fw_cfg_add_callback(FWCfgState *s, uint16_t key, 
FWCfgCallback callback,
  void *callback_opaque, void *data, size_t len);
 void fw_cfg_add_file(FWCfgState *s, const char *filename, void *data,
  size_t len);
+void fw_cfg_add_file_callback(FWCfgState *s, const char *filename,
+  FWCfgReadCallback callback, void 
*callback_opaque,
+  void *data, size_t len);
 FWCfgState *fw_cfg_init(uint32_t ctl_port, uint32_t data_port,
 hwaddr crl_addr, hwaddr data_addr);
 
diff --git a/hw/nvram/fw_cfg.c b/hw/nvram/fw_cfg.c
index d0820e5..f5dc3ea 100644
--- a/hw/nvram/fw_cfg.c
+++ b/hw/nvram/fw_cfg.c
@@ -42,6 +42,7 @@ typedef struct FWCfgEntry {
 uint8_t *data;
 void *callback_opaque;
 FWCfgCallback callback;
+FWCfgReadCallback read_callback;
 } FWCfgEntry;
 
 struct FWCfgState {
@@ -249,8 +250,12 @@ static uint8_t fw_cfg_read(FWCfgState *s)
 
 if (s->cur_entry == FW_CFG_INVALID || !e->data || s->cur_offset >= e->len)
 ret = 0;
-else
+else {
+if (e->read_callback) {
+e->read_callback(e->callback_opaque, s->cur_offset);
+}
 ret = e->data[s->cur_offset++];
+}
 
 trace_fw_cfg_read(s, ret);
 return ret;
@@ -381,7 +386,10 @@ static const VMStateDescription vmstate_fw_cfg = {
 }
 };
 
-void fw_cfg_add_bytes(FWCfgState *s, uint16_t key, void *data, size_t len)
+static void fw_cfg_add_bytes_read_callback(FWCfgState *s, uint16_t key,
+   FWCfgReadCallback callback,
+   void *callback_opaque,
+   void *data, size_t len)
 {
 int arch = !!(key & FW_CFG_ARCH_LOCAL);
 
@@ -391,6 +399,13 @@ void fw_cfg_add_bytes(FWCfgState *s, uint16_t key, void 
*data, size_t len)
 
 s->entries[arch][key].data = data;
 s->entries[arch][key].len = (uint32_t)len;
+s->entries[arch][key].read_callback = callback;
+s->entries[arch][key].callback_opaque = callback_opaque;
+}
+
+void fw_cfg_add_bytes(FWCfgState *s, uint16_t key, void *data, size_t len)
+{
+fw_cfg_add_bytes_read_callback(s, key, NULL, NULL, data, len);
 }
 
 void fw_cfg_add_string(FWCfgState *s, uint16_t key, const char *value)
@@ -444,8 +459,9 @@ void fw_cfg_add_callback(FWCfgState *s, uint16_t key, 
FWCfgCallback callback,
 s->entries[arch][key].callback = callback;
 }
 
-void fw_cfg_add_file(FWCfgState *s,  const char *filename,
- void *data, size_t len)
+void fw_cfg_add_file_callback(FWCfgState *s,  const char *filename,
+  FWCfgReadCallback callback, void 
*callback_opaque,
+  void *data, size_t len)
 {
 int i, index;
 size_t dsize;
@@ -459,7 +475,8 @@ void fw_cfg_add_file(FWCfgState *s,  const char *filename,
 index = be32_to_cpu(s->files->count);
 assert(index < FW_CFG_FILE_SLOTS);
 
-fw_cfg_add_bytes(s, FW_CFG_FILE_FIRST + index, data, len);
+fw_cfg_add_bytes_read_callback(s, FW_CFG_FILE_FIRST + index,
+   callback, callback_opaque, data, len);
 
 pstrcpy(s->files->f[index].name, sizeof(s->files->f[index].name),
 filename);
@@ -477,6 +494,12 @@ void fw_cfg_add_file(FWCfgState *s,  const char *filename,
 s->files->count = cpu_to_be32(index+1);
 }
 
+void fw_cfg_add_file(FWCfgState *s,  const char *filename,
+ void *data, size_t len)
+{
+fw_cfg_add_file_callback(s, filename, NULL, NULL, data, len);
+}
+
 static void fw_cfg_machine_ready(struct Notifier *n, void *data)
 {
 size_t len;
-- 
MST

[Qemu-devel] [PATCH v9 07/27] pcie_host: expose UNMAPPED macro

[Michael S. Tsirkin]

Make it possible to test unmapped status through QMP.

Reviewed-by: Gerd Hoffmann 
Tested-by: Gerd Hoffmann 
Signed-off-by: Michael S. Tsirkin 
---
 include/hw/pci/pcie_host.h | 3 +++
 hw/pci/pcie_host.c | 3 ---
 2 files changed, 3 insertions(+), 3 deletions(-)

diff --git a/include/hw/pci/pcie_host.h b/include/hw/pci/pcie_host.h
index 1228e36..bac3c67 100644
--- a/include/hw/pci/pcie_host.h
+++ b/include/hw/pci/pcie_host.h
@@ -28,6 +28,9 @@
 #define PCIE_HOST_BRIDGE(obj) \
 OBJECT_CHECK(PCIExpressHost, (obj), TYPE_PCIE_HOST_BRIDGE)
 
+/* pcie_host::base_addr == PCIE_BASE_ADDR_UNMAPPED when it isn't mapped. */
+#define PCIE_BASE_ADDR_UNMAPPED  ((hwaddr)-1ULL)
+
 struct PCIExpressHost {
 PCIHostState pci;
 
diff --git a/hw/pci/pcie_host.c b/hw/pci/pcie_host.c
index b70e5ad..410ac08 100644
--- a/hw/pci/pcie_host.c
+++ b/hw/pci/pcie_host.c
@@ -104,9 +104,6 @@ static const MemoryRegionOps pcie_mmcfg_ops = {
 .endianness = DEVICE_NATIVE_ENDIAN,
 };
 
-/* pcie_host::base_addr == PCIE_BASE_ADDR_UNMAPPED when it isn't mapped. */
-#define PCIE_BASE_ADDR_UNMAPPED  ((hwaddr)-1ULL)
-
 int pcie_host_init(PCIExpressHost *e)
 {
 e->base_addr = PCIE_BASE_ADDR_UNMAPPED;
-- 
MST

[Qemu-devel] [PATCH v9 10/27] q35: expose mmcfg size as a property

[Michael S. Tsirkin]

Address is already exposed, expose size for symmetry.

Reviewed-by: Gerd Hoffmann 
Tested-by: Gerd Hoffmann 
Signed-off-by: Michael S. Tsirkin 
---
 include/hw/pci/pcie_host.h |  1 +
 hw/pci-host/q35.c  | 14 ++
 2 files changed, 15 insertions(+)

diff --git a/include/hw/pci/pcie_host.h b/include/hw/pci/pcie_host.h
index 33d75bd..acca45e 100644
--- a/include/hw/pci/pcie_host.h
+++ b/include/hw/pci/pcie_host.h
@@ -29,6 +29,7 @@
 OBJECT_CHECK(PCIExpressHost, (obj), TYPE_PCIE_HOST_BRIDGE)
 
 #define PCIE_HOST_MCFG_BASE "MCFG"
+#define PCIE_HOST_MCFG_SIZE "mcfg_size"
 
 /* pcie_host::base_addr == PCIE_BASE_ADDR_UNMAPPED when it isn't mapped. */
 #define PCIE_BASE_ADDR_UNMAPPED  ((hwaddr)-1ULL)
diff --git a/hw/pci-host/q35.c b/hw/pci-host/q35.c
index e46f286..a051b58 100644
--- a/hw/pci-host/q35.c
+++ b/hw/pci-host/q35.c
@@ -109,6 +109,16 @@ static void q35_host_get_pci_hole64_end(Object *obj, 
Visitor *v,
 visit_type_uint64(v, &w64.end, name, errp);
 }
 
+static void q35_host_get_mmcfg_size(Object *obj, Visitor *v,
+void *opaque, const char *name,
+Error **errp)
+{
+PCIExpressHost *e = PCIE_HOST_BRIDGE(obj);
+uint32_t value = e->size;
+
+visit_type_uint32(v, &value, name, errp);
+}
+
 static Property mch_props[] = {
 DEFINE_PROP_UINT64(PCIE_HOST_MCFG_BASE, Q35PCIHost, parent_obj.base_addr,
 MCH_HOST_BRIDGE_PCIEXBAR_DEFAULT),
@@ -160,6 +170,10 @@ static void q35_host_initfn(Object *obj)
 q35_host_get_pci_hole64_end,
 NULL, NULL, NULL, NULL);
 
+object_property_add(obj, PCIE_HOST_MCFG_SIZE, "int",
+q35_host_get_mmcfg_size,
+NULL, NULL, NULL, NULL);
+
 /* Leave enough space for the biggest MCFG BAR */
 /* TODO: this matches current bios behaviour, but
  * it's not a power of two, which means an MTRR
-- 
MST

[Qemu-devel] [PATCH v9 04/27] pci: fix up w64 size calculation helper

[Michael S. Tsirkin]

BAR base was calculated incorrectly.
Use existing pci_bar_address to get it right.

Tested-by: Igor Mammedov 
Signed-off-by: Michael S. Tsirkin 
---
 hw/pci/pci.c | 20 
 1 file changed, 12 insertions(+), 8 deletions(-)

diff --git a/hw/pci/pci.c b/hw/pci/pci.c
index 00554a0..c3fdff4 100644
--- a/hw/pci/pci.c
+++ b/hw/pci/pci.c
@@ -2264,7 +2264,7 @@ static void pci_dev_get_w64(PCIBus *b, PCIDevice *dev, 
void *opaque)
 Range *range = opaque;
 PCIDeviceClass *pc = PCI_DEVICE_GET_CLASS(dev);
 uint16_t cmd = pci_get_word(dev->config + PCI_COMMAND);
-int r;
+int i;
 
 if (!(cmd & PCI_COMMAND_MEMORY)) {
 return;
@@ -2283,17 +2283,21 @@ static void pci_dev_get_w64(PCIBus *b, PCIDevice *dev, 
void *opaque)
 range_extend(range, &pref_range);
 }
 }
-for (r = 0; r < PCI_NUM_REGIONS; ++r) {
-PCIIORegion *region = &dev->io_regions[r];
+for (i = 0; i < PCI_NUM_REGIONS; ++i) {
+PCIIORegion *r = &dev->io_regions[i];
 Range region_range;
 
-if (!region->size ||
-(region->type & PCI_BASE_ADDRESS_SPACE_IO) ||
-!(region->type & PCI_BASE_ADDRESS_MEM_TYPE_64)) {
+if (!r->size ||
+(r->type & PCI_BASE_ADDRESS_SPACE_IO) ||
+!(r->type & PCI_BASE_ADDRESS_MEM_TYPE_64)) {
+continue;
+}
+region_range.begin = pci_bar_address(dev, i, r->type, r->size);
+region_range.end = region_range.begin + r->size;
+
+if (region_range.begin == PCI_BAR_UNMAPPED) {
 continue;
 }
-region_range.begin = pci_get_quad(dev->config + pci_bar(dev, r));
-region_range.end = region_range.begin + region->size;
 
 region_range.begin = MAX(region_range.begin, 0x1ULL << 32);
 
-- 
MST

[Qemu-devel] [PATCH v9 03/27] qom: add pointer to int property helpers

[Michael S. Tsirkin]

Make it easy to add read-only helpers for simple
integer properties in memory.

Reviewed-by: Paolo Bonzini 
Reviewed-by: Gerd Hoffmann 
Tested-by: Gerd Hoffmann 
Signed-off-by: Michael S. Tsirkin 
---
 include/qom/object.h | 21 ++
 qom/object.c | 60 
 2 files changed, 81 insertions(+)

diff --git a/include/qom/object.h b/include/qom/object.h
index 6c1e7d3..d02172a 100644
--- a/include/qom/object.h
+++ b/include/qom/object.h
@@ -795,6 +795,27 @@ void object_property_add(Object *obj, const char *name, 
const char *type,
 void object_property_del(Object *obj, const char *name, Error **errp);
 
 /**
+ * object_property_add_uint8_ptr:
+ * object_property_add_uint16_ptr:
+ * object_property_add_uint32_ptr:
+ * object_property_add_uint64_ptr:
+ * @obj: the object to add a property to
+ * @name: the name of the property
+ * @v: pointer to value
+ *
+ * Add an integer property in memory.  This function will add a
+ * property of the appropriate type.
+ */
+void object_property_add_uint8_ptr(Object *obj, const char *name,
+   const uint8_t *v, Error **errp);
+void object_property_add_uint16_ptr(Object *obj, const char *name,
+const uint16_t *v, Error **errp);
+void object_property_add_uint32_ptr(Object *obj, const char *name,
+const uint32_t *v, Error **errp);
+void object_property_add_uint64_ptr(Object *obj, const char *name,
+const uint64_t *v, Error **Errp);
+
+/**
  * object_property_find:
  * @obj: the object
  * @name: the name of the property
diff --git a/qom/object.c b/qom/object.c
index e90e382..b617f26 100644
--- a/qom/object.c
+++ b/qom/object.c
@@ -1344,6 +1344,66 @@ static char *qdev_get_type(Object *obj, Error **errp)
 return g_strdup(object_get_typename(obj));
 }
 
+static void property_get_uint8_ptr(Object *obj, Visitor *v,
+   void *opaque, const char *name,
+   Error **errp)
+{
+uint8_t value = *(uint8_t *)opaque;
+visit_type_uint8(v, &value, name, errp);
+}
+
+static void property_get_uint16_ptr(Object *obj, Visitor *v,
+   void *opaque, const char *name,
+   Error **errp)
+{
+uint16_t value = *(uint16_t *)opaque;
+visit_type_uint16(v, &value, name, errp);
+}
+
+static void property_get_uint32_ptr(Object *obj, Visitor *v,
+   void *opaque, const char *name,
+   Error **errp)
+{
+uint32_t value = *(uint32_t *)opaque;
+visit_type_uint32(v, &value, name, errp);
+}
+
+static void property_get_uint64_ptr(Object *obj, Visitor *v,
+   void *opaque, const char *name,
+   Error **errp)
+{
+uint64_t value = *(uint64_t *)opaque;
+visit_type_uint64(v, &value, name, errp);
+}
+
+void object_property_add_uint8_ptr(Object *obj, const char *name,
+   const uint8_t *v, Error **errp)
+{
+object_property_add(obj, name, "uint8", property_get_uint8_ptr,
+NULL, NULL, (void *)v, errp);
+}
+
+void object_property_add_uint16_ptr(Object *obj, const char *name,
+const uint16_t *v, Error **errp)
+{
+object_property_add(obj, name, "uint16", property_get_uint16_ptr,
+NULL, NULL, (void *)v, errp);
+}
+
+void object_property_add_uint32_ptr(Object *obj, const char *name,
+const uint32_t *v, Error **errp)
+{
+object_property_add(obj, name, "uint32", property_get_uint32_ptr,
+NULL, NULL, (void *)v, errp);
+}
+
+void object_property_add_uint64_ptr(Object *obj, const char *name,
+const uint64_t *v, Error **errp)
+{
+object_property_add(obj, name, "uint64", property_get_uint64_ptr,
+NULL, NULL, (void *)v, errp);
+}
+
 static void object_instance_init(Object *obj)
 {
 object_property_add_str(obj, "type", qdev_get_type, NULL, NULL);
-- 
MST

[Qemu-devel] [PATCH v9 06/27] loader: support for unmapped ROM blobs

[Michael S. Tsirkin]

Support ROM blobs not mapped into guest memory:
same as ROM files really but use caller's buffer.

Support invoking callback on access and
return memory pointer making it easier
for caller to update memory if necessary.

Reviewed-by: Gerd Hoffmann 
Tested-by: Gerd Hoffmann 
Reviewed-by: Laszlo Ersek 
Signed-off-by: Michael S. Tsirkin 
---
 hw/lm32/lm32_hwsetup.h |  2 +-
 include/hw/loader.h|  7 ---
 hw/core/loader.c   | 23 ---
 3 files changed, 25 insertions(+), 7 deletions(-)

diff --git a/hw/lm32/lm32_hwsetup.h b/hw/lm32/lm32_hwsetup.h
index 3449bd8..9fd5e69 100644
--- a/hw/lm32/lm32_hwsetup.h
+++ b/hw/lm32/lm32_hwsetup.h
@@ -73,7 +73,7 @@ static inline void hwsetup_free(HWSetup *hw)
 static inline void hwsetup_create_rom(HWSetup *hw,
 hwaddr base)
 {
-rom_add_blob("hwsetup", hw->data, TARGET_PAGE_SIZE, base);
+rom_add_blob("hwsetup", hw->data, TARGET_PAGE_SIZE, base, NULL, NULL, 
NULL);
 }
 
 static inline void hwsetup_add_u8(HWSetup *hw, uint8_t u)
diff --git a/include/hw/loader.h b/include/hw/loader.h
index 6145736..e0c576b 100644
--- a/include/hw/loader.h
+++ b/include/hw/loader.h
@@ -40,8 +40,9 @@ extern bool rom_file_in_ram;
 
 int rom_add_file(const char *file, const char *fw_dir,
  hwaddr addr, int32_t bootindex);
-int rom_add_blob(const char *name, const void *blob, size_t len,
- hwaddr addr);
+void *rom_add_blob(const char *name, const void *blob, size_t len,
+   hwaddr addr, const char *fw_file_name,
+   FWCfgReadCallback fw_callback, void *callback_opaque);
 int rom_add_elf_program(const char *name, void *data, size_t datasize,
 size_t romsize, hwaddr addr);
 int rom_load_all(void);
@@ -53,7 +54,7 @@ void do_info_roms(Monitor *mon, const QDict *qdict);
 #define rom_add_file_fixed(_f, _a, _i)  \
 rom_add_file(_f, NULL, _a, _i)
 #define rom_add_blob_fixed(_f, _b, _l, _a)  \
-rom_add_blob(_f, _b, _l, _a)
+(rom_add_blob(_f, _b, _l, _a, NULL, NULL, NULL) ? 0 : -1)
 
 #define PC_ROM_MIN_VGA 0xc
 #define PC_ROM_MIN_OPTION  0xc8000
diff --git a/hw/core/loader.c b/hw/core/loader.c
index 7b3d3ee..449bd4c 100644
--- a/hw/core/loader.c
+++ b/hw/core/loader.c
@@ -700,10 +700,12 @@ err:
 return -1;
 }
 
-int rom_add_blob(const char *name, const void *blob, size_t len,
- hwaddr addr)
+void *rom_add_blob(const char *name, const void *blob, size_t len,
+   hwaddr addr, const char *fw_file_name,
+   FWCfgReadCallback fw_callback, void *callback_opaque)
 {
 Rom *rom;
+void *data = NULL;
 
 rom   = g_malloc0(sizeof(*rom));
 rom->name = g_strdup(name);
@@ -713,7 +715,22 @@ int rom_add_blob(const char *name, const void *blob, 
size_t len,
 rom->data = g_malloc0(rom->datasize);
 memcpy(rom->data, blob, len);
 rom_insert(rom);
-return 0;
+if (fw_file_name && fw_cfg) {
+char devpath[100];
+
+snprintf(devpath, sizeof(devpath), "/rom@%s", fw_file_name);
+
+if (rom_file_in_ram) {
+data = rom_set_mr(rom, OBJECT(fw_cfg), devpath);
+} else {
+data = rom->data;
+}
+
+fw_cfg_add_file_callback(fw_cfg, fw_file_name,
+ fw_callback, callback_opaque,
+ data, rom->romsize);
+}
+return data;
 }
 
 /* This function is specific for elf program because we don't need to allocate
-- 
MST

[Qemu-devel] [PATCH v9 02/27] qom: cleanup struct Error references

[Michael S. Tsirkin]

now that a typedef for struct Error is available,
use it in qom/object.h to match coding style rules.

Reviewed-by: Paolo Bonzini 
Reviewed-by: Gerd Hoffmann 
Tested-by: Gerd Hoffmann 
Signed-off-by: Michael S. Tsirkin 
---
 include/qom/object.h | 50 +-
 1 file changed, 25 insertions(+), 25 deletions(-)

diff --git a/include/qom/object.h b/include/qom/object.h
index d9a0063..6c1e7d3 100644
--- a/include/qom/object.h
+++ b/include/qom/object.h
@@ -301,7 +301,7 @@ typedef void (ObjectPropertyAccessor)(Object *obj,
   struct Visitor *v,
   void *opaque,
   const char *name,
-  struct Error **errp);
+  Error **errp);
 
 /**
  * ObjectPropertyRelease:
@@ -790,9 +790,9 @@ void object_property_add(Object *obj, const char *name, 
const char *type,
  ObjectPropertyAccessor *get,
  ObjectPropertyAccessor *set,
  ObjectPropertyRelease *release,
- void *opaque, struct Error **errp);
+ void *opaque, Error **errp);
 
-void object_property_del(Object *obj, const char *name, struct Error **errp);
+void object_property_del(Object *obj, const char *name, Error **errp);
 
 /**
  * object_property_find:
@@ -803,7 +803,7 @@ void object_property_del(Object *obj, const char *name, 
struct Error **errp);
  * Look up a property for an object and return its #ObjectProperty if found.
  */
 ObjectProperty *object_property_find(Object *obj, const char *name,
- struct Error **errp);
+ Error **errp);
 
 void object_unparent(Object *obj);
 
@@ -818,7 +818,7 @@ void object_unparent(Object *obj);
  * Reads a property from a object.
  */
 void object_property_get(Object *obj, struct Visitor *v, const char *name,
- struct Error **errp);
+ Error **errp);
 
 /**
  * object_property_set_str:
@@ -829,7 +829,7 @@ void object_property_get(Object *obj, struct Visitor *v, 
const char *name,
  * Writes a string value to a property.
  */
 void object_property_set_str(Object *obj, const char *value,
- const char *name, struct Error **errp);
+ const char *name, Error **errp);
 
 /**
  * object_property_get_str:
@@ -842,7 +842,7 @@ void object_property_set_str(Object *obj, const char *value,
  * The caller should free the string.
  */
 char *object_property_get_str(Object *obj, const char *name,
-  struct Error **errp);
+  Error **errp);
 
 /**
  * object_property_set_link:
@@ -853,7 +853,7 @@ char *object_property_get_str(Object *obj, const char *name,
  * Writes an object's canonical path to a property.
  */
 void object_property_set_link(Object *obj, Object *value,
-  const char *name, struct Error **errp);
+  const char *name, Error **errp);
 
 /**
  * object_property_get_link:
@@ -866,7 +866,7 @@ void object_property_set_link(Object *obj, Object *value,
  * string or not a valid object path).
  */
 Object *object_property_get_link(Object *obj, const char *name,
- struct Error **errp);
+ Error **errp);
 
 /**
  * object_property_set_bool:
@@ -877,7 +877,7 @@ Object *object_property_get_link(Object *obj, const char 
*name,
  * Writes a bool value to a property.
  */
 void object_property_set_bool(Object *obj, bool value,
-  const char *name, struct Error **errp);
+  const char *name, Error **errp);
 
 /**
  * object_property_get_bool:
@@ -889,7 +889,7 @@ void object_property_set_bool(Object *obj, bool value,
  * an error occurs (including when the property value is not a bool).
  */
 bool object_property_get_bool(Object *obj, const char *name,
-  struct Error **errp);
+  Error **errp);
 
 /**
  * object_property_set_int:
@@ -900,7 +900,7 @@ bool object_property_get_bool(Object *obj, const char *name,
  * Writes an integer value to a property.
  */
 void object_property_set_int(Object *obj, int64_t value,
- const char *name, struct Error **errp);
+ const char *name, Error **errp);
 
 /**
  * object_property_get_int:
@@ -912,7 +912,7 @@ void object_property_set_int(Object *obj, int64_t value,
  * an error occurs (including when the property value is not an integer).
  */
 int64_t object_property_get_int(Object *obj, const char *name,
-struct Error **errp);
+Error **errp);
 
 /**
  * object_property_set:
@@ -926,7 +926,7 @@ int64_t object_p

[Qemu-devel] [PATCH v9 00/27] qemu: generate acpi tables for the guest

[Michael S. Tsirkin]

This code can also be found here:
git://git.kernel.org/pub/scm/virt/kvm/mst/qemu.git acpi

While this patch still uses info not available in QOM, I think it's reasonable
to merge it and then refactor as QOM properties cover more ground.

In particular, merging this patchset blocks other projects so
I think its preferable to merge now and not wait
for all required QOM properties to materialize.

I added QOM properties in ich/piix where I knew how to
do this.

If you already reviewed v8 then the only patch that
changed significantly is
  i386: define pc guest info
it now supplies numa info about all CPUs and not just
the ones present at init.
I also made a couple of trivial tweaks to
  i386: ACPI table generation code from seabios

If you already reviewed v5 then the only patches that
changed are:
  i386: define pc guest info
  i386: ACPI table generation code from seabios

Gerd, Laszlo, I kept your Reviewed-by and Tested-by tags
on these patches to ensure your contribution is recongnized,
if you don't like this pls let me know.
Or better yet re-ack this version :)

Patches 1-3 are QOM patches really.
Included here for completeness.

Igor suggested dropping patches 1-2 and including error.h directly.
I included his patch and dropped mine.
I hope that's ok.

If everything's in order, I intend to merge this through my tree.

Please review, and comment.

Changes from v8:
- remove an unused function
- fix typo in error message, reported by Igor
- don't assert when adding a 4 byte value
  (we don't use this now but it's useful for follow-up
  bridge hotplug patches)
- fix numa node reporting for hotplugged cpus, reported by Igor

Changes from v7 reposted:
- whitespace fixes - issues reported by Igor
- typo fix in commit log reported by Eric

Changes from v7:
- removed all complex table patching and migration code
  we now only migrate a single byte "patched/non patched"
  all tables are simply regenerated on access, rewriting
  old data
  in particular this fixed a bug that Igor noticed:
  cpu online status is now updated correctly
- removed bitmask of found cpus - use QOM to calculate it
- dropped changes to typedefs.h - use Igor's patch instead

Changes from v6:
- fix 64 bit window bug reported by Igor
- tweak comments in error.h

Changes from v5:
- update generated files to fix build on systems without iasl
- fix mcfg failure reported by Gerd
Changes from v4:
- address comments by Paolo:
rename loader interface
reuse macro for hpet name
better struct names
move internal headers to hw/i386/
- fix typos resulting in bugs reported by Gerd

Changes from v3:
- reworked code to use QOM properties
  some info isn't yet available in QOM,
  use old-style APIs and lookups by type
- address comments by Gerd: tables are now updated
  on guest access after pci configuration

Changes from v2 repost:
- address comment by Anthony - convert to use APIs implemented
  using QOM
- address comment by Anthony - avoid tricky pointer path,
  use GArray from glib instead
- Address lots of comments by Hu Tao and Laszlo Ersek

Changes from v2:
- added missing patches to make it actually build
Changes from v1 RFC:
- added code to address cross version compatibility
- rebased to latest bits
- updated seabios code to latest bits (added pvpanic device)

This patchset moves all generation of ACPI tables
from guest BIOS to the hypervisor.

Although ACPI tables come from a system BIOS on real hw,
it makes sense that the ACPI tables are coupled with the
virtual machine, since they have to abstract the x86 machine to
the OS's.

This is widely desired as a way to avoid the churn
and proliferation of QEMU-specific interfaces
associated with ACPI tables in bios code.

There's a bit of code duplication where we
already declare similar acpi structures in qemu.

I think it's best to do it in this order: port
code directly, and apply cleanups and reduce duplication
that results, on top.
This way it's much easier to see that we don't introduce
regressions.

In particular, I booted a guest on qemu with and without the
change, and verified that ACPI tables are
unchanged except for trivial pointer address changes,
and the SSDT P_BLK change in the last patch.

Such binary compatibility makes it easier to be
confident that this change won't break things.

Igor Mammedov (1):
  cleanup object.h: include error.h directly

Michael S. Tsirkin (26):
  qom: cleanup struct Error references
  qom: add pointer to int property helpers
  pci: fix up w64 size calculation helper
  fw_cfg: interface to trigger callback on read
  loader: support for unmapped ROM blobs
  pcie_host: expose UNMAPPED macro
  pcie_host: expose address format
  q35: use macro for MCFG property name
  q35: expose mmcfg size as a property
  i386: add ACPI table files from seabios
  acpi: add rules to compile ASL source
  acpi: pre-compiled ASL files
  acpi: ssdt pcihp: updat generated file
  loader: use file path size from fw_cfg.h
  i386: add bios linker/loader
  loader: allow addi

Re: [Qemu-devel] [PATCH] spice: replace use of deprecated API

[Gerd Hoffmann]

On Fr, 2013-10-04 at 13:10 +0200, Marc-André Lureau wrote:
> hose API are deprecated since 0.11, and qemu depends on 0.12 already.

Added to spice patch queue.

thanks,
  Gerd

Re: [Qemu-devel] [PATCHv5] block/get_block_status: avoid redundant callouts on raw devices

[Peter Lieven]

On 07.10.2013 10:25, Paolo Bonzini wrote:

Il 07/10/2013 07:59, Peter Lieven ha scritto:

if a raw device like an iscsi target or host device is used
the current implementation makes a second call out to get
the block status of bs->file.

Signed-off-by: Peter Lieven 
---
v5: add a generic get_lba_status function in the raw driver which
 adds the BDRV_BLOCK_RAW flag. bdrv_co_get_block_status will
 handle the callout to bs->file then.

v4: use a flag to detect the raw driver instead of the strncmp
 hack

  block.c   |4 
  block/raw_bsd.c   |3 ++-
  include/block/block.h |4 
  3 files changed, 10 insertions(+), 1 deletion(-)

diff --git a/block.c b/block.c
index 93e113a..38a589e 100644
--- a/block.c
+++ b/block.c
@@ -3147,6 +3147,10 @@ static int64_t coroutine_fn 
bdrv_co_get_block_status(BlockDriverState *bs,
  return ret;
  }
  
+if (ret & BDRV_BLOCK_RAW) {

+return bdrv_get_block_status(bs->file, sector_num, nb_sectors, pnum);

Strictly speaking, this should probably do something like this:

   assert(ret & BDRV_BLOCK_OFFSET_VALID);
   return bdrv_get_block_status(bs->file, ret >> BDRV_SECTOR_BITS,
nb_sectors, pnum);

Or alternatively the raw driver should return just "BDRV_BLOCK_RAW".

As a third option, the raw driver could also return not just
BDRV_BLOCK_RAW and BDRV_BLOCK_OFFSET_VALID, but also BDRV_BLOCK_DATA (so
that the answer makes some sense even without going down to bs->file).

But I'll let the block maintainers decide what to do.

Okay, I will wait for their feedback.

Peter

[Qemu-devel] [PATCH] migration: drop MADVISE_DONT_NEED for incoming zero pages

[Peter Lieven]

The madvise for zeroed out pages was introduced when every transferred
zero page was memset to zero and thus allocated. Since commit
211ea740 we check for zeroness of a target page before we memset
it to zero. Additionally we memmap target memory so it is essentially
zero initalized (except for e.g. option roms and bios which are loaded
into target memory altough they shouldn't). 

It was reported recently that this madvise causes a performance degradation
in some situations. As the madvise should only be called rarely and if its 
called
it is likely on a busy page (it was non-zero and changed to zero during 
migration)
drop it completely.

Signed-off-by: Peter Lieven 
Reported-By: Zhang Haoyu 
---
 arch_init.c |8 
 1 file changed, 8 deletions(-)

diff --git a/arch_init.c b/arch_init.c
index 7545d96..e0acbc5 100644
--- a/arch_init.c
+++ b/arch_init.c
@@ -850,14 +850,6 @@ void ram_handle_compressed(void *host, uint8_t ch, 
uint64_t size)
 {
 if (ch != 0 || !is_zero_range(host, size)) {
 memset(host, ch, size);
-#ifndef _WIN32
-if (ch == 0 && (!kvm_enabled() || kvm_has_sync_mmu())) {
-size = size & ~(getpagesize() - 1);
-if (size > 0) {
-qemu_madvise(host, size, QEMU_MADV_DONTNEED);
-}
-}
-#endif
 }
 }
 
-- 
1.7.9.5

Re: [Qemu-devel] [PATCH 1/5] tcg-aarch64: Update to helper_ret_*_mmu routines

[Claudio Fontana]

On 10/05/13 09:37, Richard Henderson wrote:
> On 10/04/2013 02:15 PM, Claudio Fontana wrote:
>> At first glance I think we should add X4 to the list of restrictions in 
>> function `target_parse_constraint':
> 
> No, we've consumed all of the inputs at this point.  We only
> need list those registers we're going to clobber before the
> inputs are consumed.
> 
> 
> r~
> 

Indeed. Tested with target arm, x86-64, sparc, all good.

Reviewed-by: Claudio Fontana 
Tested-by: Claudio Fontana 

[Qemu-devel] [PATCH v3 4/4] acpi-build: enable hotplug for PCI bridges

[Michael S. Tsirkin]

This enables support for device hotplug behind
pci bridges. Bridge devices themselves need
to be pre-configured on qemu command line.

Design:
- at machine init time, assign "bsel" property to bridges with
  hotplug support
- dynamically (At ACPI table read) generate ACPI code to handle
  hotplug events for each bridge with "bsel" property

Note: ACPI doesn't support adding or removing bridges by hotplug.
We detect and prevent removal of bridges by hotplug,
unless they were added by hotplug previously
(and so, are not described by ACPI).

Signed-off-by: Michael S. Tsirkin 
---
 hw/i386/acpi-build.c   | 346 +++--
 hw/i386/acpi-dsdt.dsl  |  34 +++--
 hw/i386/ssdt-pcihp.dsl |  11 +-
 3 files changed, 297 insertions(+), 94 deletions(-)

diff --git a/hw/i386/acpi-build.c b/hw/i386/acpi-build.c
index 262d1d6..e8d39d9 100644
--- a/hw/i386/acpi-build.c
+++ b/hw/i386/acpi-build.c
@@ -39,6 +39,7 @@
 
 /* Supported chipsets: */
 #include "hw/acpi/piix4.h"
+#include "hw/acpi/pcihp.h"
 #include "hw/i386/ich9.h"
 #include "hw/pci/pci_bus.h"
 #include "hw/pci-host/q35.h"
@@ -78,6 +79,12 @@ typedef struct AcpiMiscInfo {
 uint16_t pvpanic_port;
 } AcpiMiscInfo;
 
+typedef struct AcpiBuildPciBusHotplugState {
+GArray *device_table;
+GArray *notify_table;
+struct AcpiBuildPciBusHotplugState *parent;
+} AcpiBuildPciBusHotplugState;
+
 static void acpi_get_dsdt(AcpiMiscInfo *info)
 {
 Object *piix = piix4_pm_find();
@@ -171,38 +178,6 @@ static void acpi_get_pm_info(AcpiPmInfo *pm)
NULL);
 }
 
-static void acpi_get_hotplug_info(AcpiMiscInfo *misc)
-{
-int i;
-PCIBus *bus = find_i440fx();
-
-if (!bus) {
-/* Only PIIX supports ACPI hotplug */
-memset(misc->slot_hotplug_enable, 0, sizeof misc->slot_hotplug_enable);
-return;
-}
-
-memset(misc->slot_hotplug_enable, 0xff,
-   DIV_ROUND_UP(PCI_SLOT_MAX, BITS_PER_BYTE));
-
-for (i = 0; i < ARRAY_SIZE(bus->devices); ++i) {
-PCIDeviceClass *pc;
-PCIDevice *pdev = bus->devices[i];
-
-if (!pdev) {
-continue;
-}
-
-pc = PCI_DEVICE_GET_CLASS(pdev);
-
-if (pc->no_hotplug) {
-int slot = PCI_SLOT(i);
-
-clear_bit(slot, misc->slot_hotplug_enable);
-}
-}
-}
-
 static void acpi_get_misc_info(AcpiMiscInfo *info)
 {
 info->has_hpet = hpet_find();
@@ -366,6 +341,12 @@ static void build_package(GArray *package, uint8_t op, 
unsigned min_bytes)
 build_prepend_byte(package, op);
 }
 
+static void build_extop_package(GArray *package, uint8_t op)
+{
+build_package(package, op, 1);
+build_prepend_byte(package, 0x5B); /* ExtOpPrefix */
+}
+
 static void build_append_value(GArray *table, uint32_t value, int size)
 {
 uint8_t prefix;
@@ -392,8 +373,44 @@ static void build_append_value(GArray *table, uint32_t 
value, int size)
 }
 }
 
-static void build_append_notify_target(GArray *method, GArray *target_name,
-   uint32_t value, int size)
+static void build_append_int(GArray *table, uint32_t value)
+{
+if (value == 0x00) {
+build_append_byte(table, 0x00); /* ZeroOp */
+} else if (value == 0x01) {
+build_append_byte(table, 0x01); /* OneOp */
+} else if (value <= 0xFF) {
+build_append_value(table, value, 1);
+} else if (value <= 0xF) {
+build_append_value(table, value, 2);
+} else {
+build_append_value(table, value, 4);
+}
+}
+
+static GArray *build_alloc_method(const char *name, uint8_t arg_count)
+{
+GArray *method = build_alloc_array();
+
+build_append_nameseg(method, name);
+build_append_byte(method, arg_count); /* MethodFlags: ArgCount */
+
+return method;
+}
+
+static void build_append_and_cleanup_method(GArray *device, GArray *method)
+{
+uint8_t op = 0x14; /* MethodOp */
+
+build_package(method, op, 0);
+
+build_append_array(device, method);
+build_free_array(method);
+}
+
+static void build_append_notify_target_ifequal(GArray *method,
+   GArray *target_name,
+   uint32_t value, int size)
 {
 GArray *notify = build_alloc_array();
 uint8_t op = 0xA0; /* IfOp */
@@ -413,6 +430,7 @@ static void build_append_notify_target(GArray *method, 
GArray *target_name,
 build_free_array(notify);
 }
 
+/* End here */
 #define ACPI_PORT_SMI_CMD   0x00b2 /* TODO: this is APM_CNT_IOPORT */
 
 static inline void *acpi_data_push(GArray *table_data, unsigned size)
@@ -621,44 +639,234 @@ static inline char acpi_get_hex(uint32_t val)
 #include "hw/i386/ssdt-pcihp.hex"
 
 static void
-build_append_notify(GArray *device, const char *name,
-const char *format, int skip, int count)
+build_append_notify_method(GArray *device, const char *name,
+   c

[Qemu-devel] [PATCH V14 01/11] NUMA: move numa related code to new file numa.c

[Wanlong Gao]

Signed-off-by: Wanlong Gao 
---
 Makefile.target |   2 +-
 cpus.c  |  14 
 include/sysemu/cpus.h   |   1 -
 include/sysemu/sysemu.h |   3 +
 numa.c  | 182 
 vl.c| 139 +---
 6 files changed, 187 insertions(+), 154 deletions(-)
 create mode 100644 numa.c

diff --git a/Makefile.target b/Makefile.target
index 9a49852..7e1fddf 100644
--- a/Makefile.target
+++ b/Makefile.target
@@ -113,7 +113,7 @@ endif #CONFIG_BSD_USER
 #
 # System emulator target
 ifdef CONFIG_SOFTMMU
-obj-y += arch_init.o cpus.o monitor.o gdbstub.o balloon.o ioport.o
+obj-y += arch_init.o cpus.o monitor.o gdbstub.o balloon.o ioport.o numa.o
 obj-y += qtest.o
 obj-y += hw/
 obj-$(CONFIG_FDT) += device_tree.o
diff --git a/cpus.c b/cpus.c
index e566297..2ca0cd9 100644
--- a/cpus.c
+++ b/cpus.c
@@ -1225,20 +1225,6 @@ static void tcg_exec_all(void)
 exit_request = 0;
 }
 
-void set_numa_modes(void)
-{
-CPUState *cpu;
-int i;
-
-CPU_FOREACH(cpu) {
-for (i = 0; i < nb_numa_nodes; i++) {
-if (test_bit(cpu->cpu_index, node_cpumask[i])) {
-cpu->numa_node = i;
-}
-}
-}
-}
-
 void list_cpus(FILE *f, fprintf_function cpu_fprintf, const char *optarg)
 {
 /* XXX: implement xxx_cpu_list for targets that still miss it */
diff --git a/include/sysemu/cpus.h b/include/sysemu/cpus.h
index 6502488..4f79081 100644
--- a/include/sysemu/cpus.h
+++ b/include/sysemu/cpus.h
@@ -23,7 +23,6 @@ extern int smp_threads;
 #define smp_threads 1
 #endif
 
-void set_numa_modes(void);
 void list_cpus(FILE *f, fprintf_function cpu_fprintf, const char *optarg);
 
 #endif
diff --git a/include/sysemu/sysemu.h b/include/sysemu/sysemu.h
index cd5791e..e58ef3f 100644
--- a/include/sysemu/sysemu.h
+++ b/include/sysemu/sysemu.h
@@ -136,6 +136,9 @@ extern QEMUClockType rtc_clock;
 extern int nb_numa_nodes;
 extern uint64_t node_mem[MAX_NODES];
 extern unsigned long *node_cpumask[MAX_NODES];
+void numa_add(const char *optarg);
+void set_numa_nodes(void);
+void set_numa_modes(void);
 
 #define MAX_OPTION_ROMS 16
 typedef struct QEMUOptionRom {
diff --git a/numa.c b/numa.c
new file mode 100644
index 000..ce7736a
--- /dev/null
+++ b/numa.c
@@ -0,0 +1,182 @@
+/*
+ * QEMU System Emulator
+ *
+ * Copyright (c) 2013 Fujitsu Ltd.
+ * Author: Wanlong Gao 
+ *
+ * Permission is hereby granted, free of charge, to any person obtaining a copy
+ * of this software and associated documentation files (the "Software"), to 
deal
+ * in the Software without restriction, including without limitation the rights
+ * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+ * copies of the Software, and to permit persons to whom the Software is
+ * furnished to do so, subject to the following conditions:
+ *
+ * The above copyright notice and this permission notice shall be included in
+ * all copies or substantial portions of the Software.
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+ * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+ * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL
+ * THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+ * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING 
FROM,
+ * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
+ * THE SOFTWARE.
+ */
+
+#include "sysemu/sysemu.h"
+
+static void numa_node_parse_cpus(int nodenr, const char *cpus)
+{
+char *endptr;
+unsigned long long value, endvalue;
+
+/* Empty CPU range strings will be considered valid, they will simply
+ * not set any bit in the CPU bitmap.
+ */
+if (!*cpus) {
+return;
+}
+
+if (parse_uint(cpus, &value, &endptr, 10) < 0) {
+goto error;
+}
+if (*endptr == '-') {
+if (parse_uint_full(endptr + 1, &endvalue, 10) < 0) {
+goto error;
+}
+} else if (*endptr == '\0') {
+endvalue = value;
+} else {
+goto error;
+}
+
+if (endvalue >= MAX_CPUMASK_BITS) {
+endvalue = MAX_CPUMASK_BITS - 1;
+fprintf(stderr,
+"qemu: NUMA: A max of %d VCPUs are supported\n",
+ MAX_CPUMASK_BITS);
+}
+
+if (endvalue < value) {
+goto error;
+}
+
+bitmap_set(node_cpumask[nodenr], value, endvalue-value+1);
+return;
+
+error:
+fprintf(stderr, "qemu: Invalid NUMA CPU range: %s\n", cpus);
+exit(1);
+}
+
+void numa_add(const char *optarg)
+{
+char option[128];
+char *endptr;
+unsigned long long nodenr;
+
+optarg = get_opt_name(option, 128, optarg, ',');
+if (*optarg == ',') {
+optarg++;
+}
+if (!strcmp(option, "node")) {
+
+if (nb_numa_nodes >= MAX_NODES) {
+fprintf(s

[Qemu-devel] [PATCH v3 2/4] pcihp: generalization of piix4 acpi

[Michael S. Tsirkin]

Add ACPI based PCI hotplug library with bridge hotplug
support.
Design
   - each bus gets assigned "bsel" property.
   - ACPI code writes this number
 to a new BNUM register, then uses existing
 UP/DOWN registers to probe slot status;
 to eject, write number to BNUM register,
 then slot into existing EJ.

The interface is actually backwards-compatible with
existing PIIX4 ACPI (though not migration compatible).

This is split out from PIIX4 codebase so we can
reuse it for Q35 as well.

Signed-off-by: Michael S. Tsirkin 
---
 include/hw/acpi/pcihp.h |  72 +++
 hw/acpi/pcihp.c | 312 
 hw/acpi/Makefile.objs   |   2 +-
 3 files changed, 385 insertions(+), 1 deletion(-)
 create mode 100644 include/hw/acpi/pcihp.h
 create mode 100644 hw/acpi/pcihp.c

diff --git a/include/hw/acpi/pcihp.h b/include/hw/acpi/pcihp.h
new file mode 100644
index 000..6230e60
--- /dev/null
+++ b/include/hw/acpi/pcihp.h
@@ -0,0 +1,72 @@
+/*
+ * QEMU<->ACPI BIOS PCI hotplug interface
+ *
+ * QEMU supports PCI hotplug via ACPI. This module
+ * implements the interface between QEMU and the ACPI BIOS.
+ * Interface specification - see docs/specs/acpi_pci_hotplug.txt
+ *
+ * Copyright (c) 2013, Red Hat Inc, Michael S. Tsirkin (m...@redhat.com)
+ * Copyright (c) 2006 Fabrice Bellard
+ *
+ * This library is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public
+ * License version 2 as published by the Free Software Foundation.
+ *
+ * This library is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this library; if not, see 
+ *
+ * Contributions after 2012-01-13 are licensed under the terms of the
+ * GNU GPL, version 2 or (at your option) any later version.
+ */
+
+#ifndef HW_ACPI_PCIHP_H
+#define HW_ACPI_PCIHP_H
+
+#include 
+#include 
+#include "hw/pci/pci.h" /* for PCIHotplugState */
+
+typedef struct AcpiPciHpPciStatus {
+uint32_t up; /* deprecated, maintained for migration compatibility */
+uint32_t down;
+uint32_t hotplug_enable;
+uint32_t device_present;
+} AcpiPciHpPciStatus;
+
+#define ACPI_PCIHP_PROP_BSEL "acpi-pcihp-bsel"
+#define ACPI_PCIHP_MAX_HOTPLUG_BUS 256
+
+typedef struct AcpiPciHpState {
+AcpiPciHpPciStatus acpi_pcihp_pci_status[ACPI_PCIHP_MAX_HOTPLUG_BUS];
+uint32_t hotplug_select;
+PCIBus *root;
+MemoryRegion io;
+} AcpiPciHpState;
+
+void acpi_pcihp_init(AcpiPciHpState *, PCIBus *root,
+ MemoryRegion *address_space_io);
+
+/* Invoke on device hotplug */
+int acpi_pcihp_device_hotplug(AcpiPciHpState *, PCIDevice *,
+  PCIHotplugState state);
+
+/* Called on reset */
+void acpi_pcihp_reset(AcpiPciHpState *s);
+
+extern const VMStateDescription vmstate_acpi_pcihp_pci_status;
+
+#define VMSTATE_PCI_HOTPLUG(pcihp, state, test_pcihp) \
+VMSTATE_UINT32_TEST(pcihp.hotplug_select, state, \
+test_pcihp), \
+VMSTATE_STRUCT_ARRAY_TEST(pcihp.acpi_pcihp_pci_status, state, \
+  ACPI_PCIHP_MAX_HOTPLUG_BUS, \
+  test_pcihp, 1, \
+  vmstate_acpi_pcihp_pci_status, \
+  AcpiPciHpPciStatus)
+
+#endif
diff --git a/hw/acpi/pcihp.c b/hw/acpi/pcihp.c
new file mode 100644
index 000..13938e6
--- /dev/null
+++ b/hw/acpi/pcihp.c
@@ -0,0 +1,312 @@
+/*
+ * QEMU<->ACPI BIOS PCI hotplug interface
+ *
+ * QEMU supports PCI hotplug via ACPI. This module
+ * implements the interface between QEMU and the ACPI BIOS.
+ * Interface specification - see docs/specs/acpi_pci_hotplug.txt
+ *
+ * Copyright (c) 2013, Red Hat Inc, Michael S. Tsirkin (m...@redhat.com)
+ * Copyright (c) 2006 Fabrice Bellard
+ *
+ * This library is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public
+ * License version 2 as published by the Free Software Foundation.
+ *
+ * This library is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this library; if not, see 
+ *
+ * Contributions after 2012-01-13 are licensed under the terms of the
+ * GNU GPL, version 2 or (at your option) any later version.
+ */
+
+#include "hw/acpi/pcihp.h"
+
+#include "hw/hw.h"
+#include "hw/i386/pc.h"
+#include "hw/pci/pci.h"
+#include "hw/acpi/acpi.h"

[Qemu-devel] [PATCH v3 3/4] piix4: add acpi pci hotplug support

[Michael S. Tsirkin]

Add support for acpi pci hotplug using the
new infrastructure.
PIIX4 legacy interface is maintained as is for
machine types 1.6 and older.

Signed-off-by: Michael S. Tsirkin 
---
 include/hw/i386/pc.h |  5 
 hw/acpi/piix4.c  | 75 +---
 2 files changed, 70 insertions(+), 10 deletions(-)

diff --git a/include/hw/i386/pc.h b/include/hw/i386/pc.h
index 39db8cb..6865972 100644
--- a/include/hw/i386/pc.h
+++ b/include/hw/i386/pc.h
@@ -249,6 +249,11 @@ int e820_add_entry(uint64_t, uint64_t, uint32_t);
 
 #define PC_COMPAT_1_6 \
 {\
+.driver   = "PIIX4_PM",\
+.property = "acpi-pci-hotplug-with-bridge-support",\
+.value= "off",\
+}, \
+{\
 .driver   = "e1000",\
 .property = "mitigation",\
 .value= "off",\
diff --git a/hw/acpi/piix4.c b/hw/acpi/piix4.c
index 3bcd890..d516033 100644
--- a/hw/acpi/piix4.c
+++ b/hw/acpi/piix4.c
@@ -30,6 +30,7 @@
 #include "hw/nvram/fw_cfg.h"
 #include "exec/address-spaces.h"
 #include "hw/acpi/piix4.h"
+#include "hw/acpi/pcihp.h"
 
 //#define DEBUG
 
@@ -73,7 +74,6 @@ typedef struct PIIX4PMState {
 uint32_t io_base;
 
 MemoryRegion io_gpe;
-MemoryRegion io_pci;
 MemoryRegion io_cpu;
 ACPIREGS ar;
 
@@ -88,11 +88,16 @@ typedef struct PIIX4PMState {
 Notifier machine_ready;
 Notifier powerdown_notifier;
 
-/* for pci hotplug */
+/* for legacy pci hotplug (compatible with qemu 1.6 and older) */
+MemoryRegion io_pci;
 struct pci_status pci0_status;
 uint32_t pci0_hotplug_enable;
 uint32_t pci0_slot_device_present;
 
+/* for new pci hotplug (with PCI2PCI bridge support) */
+AcpiPciHpState acpi_pci_hotplug;
+bool use_acpi_pci_hotplug;
+
 uint8_t disable_s3;
 uint8_t disable_s4;
 uint8_t s4_val;
@@ -282,6 +287,18 @@ static int acpi_load_old(QEMUFile *f, void *opaque, int 
version_id)
 return ret;
 }
 
+static bool vmstate_test_use_acpi_pci_hotplug(void *opaque, int version_id)
+{
+PIIX4PMState *s = opaque;
+return s->use_acpi_pci_hotplug;
+}
+
+static bool vmstate_test_no_use_acpi_pci_hotplug(void *opaque, int version_id)
+{
+PIIX4PMState *s = opaque;
+return !s->use_acpi_pci_hotplug;
+}
+
 /* qemu-kvm 1.2 uses version 3 but advertised as 2
  * To support incoming qemu-kvm 1.2 migration, change version_id
  * and minimum_version_id to 2 below (which breaks migration from
@@ -304,8 +321,12 @@ static const VMStateDescription vmstate_acpi = {
 VMSTATE_TIMER(ar.tmr.timer, PIIX4PMState),
 VMSTATE_INT64(ar.tmr.overflow_time, PIIX4PMState),
 VMSTATE_STRUCT(ar.gpe, PIIX4PMState, 2, vmstate_gpe, ACPIGPE),
-VMSTATE_STRUCT(pci0_status, PIIX4PMState, 2, vmstate_pci_status,
-   struct pci_status),
+VMSTATE_STRUCT_TEST(pci0_status, PIIX4PMState,
+vmstate_test_no_use_acpi_pci_hotplug,
+2, vmstate_pci_status,
+struct pci_status),
+VMSTATE_PCI_HOTPLUG(acpi_pci_hotplug, PIIX4PMState,
+vmstate_test_use_acpi_pci_hotplug),
 VMSTATE_END_OF_LIST()
 }
 };
@@ -383,7 +404,11 @@ static void piix4_reset(void *opaque)
 pci_conf[0x5B] = 0x02;
 }
 pm_io_space_update(s);
-piix4_update_hotplug(s);
+if (s->use_acpi_pci_hotplug) {
+acpi_pcihp_reset(&s->acpi_pci_hotplug);
+} else {
+piix4_update_hotplug(s);
+}
 }
 
 static void piix4_pm_powerdown_req(Notifier *n, void *opaque)
@@ -394,6 +419,26 @@ static void piix4_pm_powerdown_req(Notifier *n, void 
*opaque)
 acpi_pm1_evt_power_down(&s->ar);
 }
 
+static int piix4_acpi_pci_hotplug(DeviceState *qdev, PCIDevice *dev,
+  PCIHotplugState state)
+{
+PIIX4PMState *s = PIIX4_PM(qdev);
+int ret = acpi_pcihp_device_hotplug(&s->acpi_pci_hotplug, dev, state);
+if (ret < 0) {
+return ret;
+}
+s->ar.gpe.sts[0] |= PIIX4_PCI_HOTPLUG_STATUS;
+
+pm_update_sci(s);
+return 0;
+}
+
+static void piix4_update_bus_hotplug(PCIBus *bus, void *opaque)
+{
+PIIX4PMState *s = opaque;
+pci_bus_hotplug(bus, piix4_acpi_pci_hotplug, DEVICE(s));
+}
+
 static void piix4_pm_machine_ready(Notifier *n, void *opaque)
 {
 PIIX4PMState *s = container_of(n, PIIX4PMState, machine_ready);
@@ -407,6 +452,10 @@ static void piix4_pm_machine_ready(Notifier *n, void 
*opaque)
 pci_conf[0x63] = 0x60;
 pci_conf[0x67] = (memory_region_present(io_as, 0x3f8) ? 0x08 : 0) |
 (memory_region_present(io_as, 0x2f8) ? 0x90 : 0);
+
+if (s->use_acpi_pci_hotplug) {
+pci_for_each_bus(d->bus, piix4_update_bus_hotplug, s);
+}
 }
 
 static void piix4_pm_add_propeties(PIIX4PMState *s)
@@ -528,6 +577,8 @@ static Property piix4_pm_properties[] = {
 DEFINE_PROP_UINT8(ACPI_PM_PROP_S3_DISABLED, PIIX4PMState, disable_s3, 0),
 DEFINE_PROP_UINT