[Qemu-devel] [PATCH v4 5/5] Add ust generated files to .gitignore

[Mohamad Gebai]

Signed-off-by: Mohamad Gebai 
---
 .gitignore |2 ++
 1 file changed, 2 insertions(+)

diff --git a/.gitignore b/.gitignore
index 8e1b73f..e024a76 100644
--- a/.gitignore
+++ b/.gitignore
@@ -9,6 +9,8 @@ trace/generated-tracers-dtrace.h
 trace/generated-tracers.dtrace
 trace/generated-events.h
 trace/generated-events.c
+trace/generated-ust-provider.h
+trace/generated-ust.c
 libcacard/trace/generated-tracers.c
 *-timestamp
 *-softmmu
-- 
1.7.10.4

[Qemu-devel] [PATCH v4 3/5] Adapt Makefiles to the new LTTng ust interface.

[Mohamad Gebai]

Add generation of new files for LTTng ust.

Signed-off-by: Mohamad Gebai 
---
 Makefile|5 +
 trace/Makefile.objs |   29 +++--
 2 files changed, 32 insertions(+), 2 deletions(-)

diff --git a/Makefile b/Makefile
index 60fb87e..0c797c5 100644
--- a/Makefile
+++ b/Makefile
@@ -50,6 +50,11 @@ GENERATED_HEADERS += trace/generated-tracers-dtrace.h
 endif
 GENERATED_SOURCES += trace/generated-tracers.c
 
+ifeq ($(TRACE_BACKEND),ust)
+GENERATED_HEADERS += trace/generated-ust-provider.h
+GENERATED_SOURCES += trace/generated-ust.c
+endif
+
 # Don't try to regenerate Makefile or configure
 # We don't generate any of them
 Makefile: ;
diff --git a/trace/Makefile.objs b/trace/Makefile.objs
index 3b88e49..00880b3 100644
--- a/trace/Makefile.objs
+++ b/trace/Makefile.objs
@@ -1,9 +1,33 @@
 # -*- mode: makefile -*-
 
 ##
+# Auto-generated event descriptions for LTTng ust code
+
+ifeq ($(TRACE_BACKEND),ust)
+$(obj)/generated-ust-provider.h: $(obj)/generated-ust-provider.h-timestamp
+$(obj)/generated-ust-provider.h-timestamp: $(SRC_PATH)/trace-events
+   $(call quiet-command,$(TRACETOOL) \
+   --format=ust-events-h \
+   --backend=events \
+   < $< > $@,"  GEN   $(patsubst %-timestamp,%,$@)")
+   @cmp -s $@ $(patsubst %-timestamp,%,$@) || cp $@ $(patsubst 
%-timestamp,%,$@)
+
+$(obj)/generated-ust.c: $(obj)/generated-ust.c-timestamp 
$(BUILD_DIR)/config-host.mak
+$(obj)/generated-ust.c-timestamp: $(SRC_PATH)/trace-events
+   $(call quiet-command,$(TRACETOOL) \
+   --format=ust-events-c \
+   --backend=events \
+   < $< > $@,"  GEN   $(patsubst %-timestamp,%,$@)")
+   @cmp -s $@ $(patsubst %-timestamp,%,$@) || cp $@ $(patsubst 
%-timestamp,%,$@)
+
+ust_provider=$(obj)/generated-ust-provider.h
+ust=$(obj)/generated-ust.c
+endif
+
+##
 # Auto-generated event descriptions
 
-$(obj)/generated-events.h: $(obj)/generated-events.h-timestamp
+$(obj)/generated-events.h: $(obj)/generated-events.h-timestamp $(ust_provider)
 $(obj)/generated-events.h-timestamp: $(SRC_PATH)/trace-events
$(call quiet-command,$(TRACETOOL) \
--format=events-h \
@@ -11,7 +35,7 @@ $(obj)/generated-events.h-timestamp: $(SRC_PATH)/trace-events
< $< > $@,"  GEN   $(patsubst %-timestamp,%,$@)")
@cmp -s $@ $(patsubst %-timestamp,%,$@) || cp $@ $(patsubst 
%-timestamp,%,$@)
 
-$(obj)/generated-events.c: $(obj)/generated-events.c-timestamp 
$(BUILD_DIR)/config-host.mak
+$(obj)/generated-events.c: $(obj)/generated-events.c-timestamp 
$(BUILD_DIR)/config-host.mak $(ust)
 $(obj)/generated-events.c-timestamp: $(SRC_PATH)/trace-events
$(call quiet-command,$(TRACETOOL) \
--format=events-c \
@@ -77,5 +101,6 @@ util-obj-$(CONFIG_TRACE_DEFAULT) += default.o
 util-obj-$(CONFIG_TRACE_SIMPLE) += simple.o
 util-obj-$(CONFIG_TRACE_STDERR) += stderr.o
 util-obj-$(CONFIG_TRACE_FTRACE) += ftrace.o
+util-obj-$(CONFIG_TRACE_UST) += generated-ust.o
 util-obj-y += control.o
 util-obj-y += generated-tracers.o
-- 
1.7.10.4

[Qemu-devel] [PATCH v4 4/5] Update documentation for LTTng ust tracing

[Mohamad Gebai]

Signed-off-by: Mohamad Gebai 
---
 docs/tracing.txt |   36 
 1 file changed, 36 insertions(+)

diff --git a/docs/tracing.txt b/docs/tracing.txt
index bfc261b..d7be2fd 100644
--- a/docs/tracing.txt
+++ b/docs/tracing.txt
@@ -214,6 +214,42 @@ The "ust" backend uses the LTTng Userspace Tracer library. 
 There are no
 monitor commands built into QEMU, instead UST utilities should be used to list,
 enable/disable, and dump traces.
 
+Package lttng-tools is required for userspace tracing. You must ensure that the
+current user belongs to the "tracing" group, or manually launch the
+lttng-sessiond daemon for the current user prior to running any instance of
+Qemu.
+
+While running an instrumented Qemu, LTTng should be able to list all available
+events:
+
+lttng list -u
+
+Create tracing session:
+
+lttng create mysession
+
+Enable events:
+
+lttng enable-event qemu:g_malloc -u
+
+Where the events can either be a comma-separated list of events, or "-a" to
+enable all tracepoint events. Start and stop tracing as needed:
+
+lttng start
+lttng stop
+
+View the trace:
+
+lttng view
+
+Destroy tracing session:
+
+lttng destroy
+
+Babeltrace can be used at any later time to view the trace:
+
+babeltrace $HOME/lttng-traces/mysession--
+
 === SystemTap ===
 
 The "dtrace" backend uses DTrace sdt probes but has only been tested with
-- 
1.7.10.4

[Qemu-devel] [PATCH v4 0/5] Fix UST backend for LTTng 2.x

[Mohamad Gebai]

Version 4

* Update documentation

Mohamad Gebai (5):
  Fix configure script for LTTng 2.x
  Modified the tracetool framework for LTTng 2.x.
  Adapt Makefiles to the new LTTng ust interface.
  Update documentation for LTTng ust tracing
  Add ust generated files to .gitignore

 .gitignore   |2 +
 Makefile |5 ++
 configure|9 ++--
 docs/tracing.txt |   36 +
 scripts/tracetool/backend/events.py  |   44 
 scripts/tracetool/backend/ust.py |   82 ++
 scripts/tracetool/format/ust_events_c.py |   30 +++
 scripts/tracetool/format/ust_events_h.py |   57 +
 trace/Makefile.objs  |   29 ++-
 9 files changed, 221 insertions(+), 73 deletions(-)
 create mode 100644 scripts/tracetool/format/ust_events_c.py
 create mode 100644 scripts/tracetool/format/ust_events_h.py

-- 
1.7.10.4

[Qemu-devel] [PATCH v4 2/5] Modified the tracetool framework for LTTng 2.x.

[Mohamad Gebai]

* A new format is required to generate definitions for ust tracepoints.
  Files ust_events_h.py and ust_events_c.py define common macros, while
  new function ust_events_h in events.py does the actual definition of
  each tracepoint.
* ust.py generates the new interface for calling userspace tracepoints
  with LTTng 2.x, replacing trace_name(args) to tracepoint(name, args).
* As explained in ust_events_c.py, -Wredundant-decls gives a warning
  when compiling with gcc 4.7 or older. This is specific to lttng-ust so
  for now use a pragma clause to avoid getting a warning.

Signed-off-by: Mohamad Gebai 
---
 scripts/tracetool/backend/events.py  |   44 
 scripts/tracetool/backend/ust.py |   82 ++
 scripts/tracetool/format/ust_events_c.py |   30 +++
 scripts/tracetool/format/ust_events_h.py |   57 +
 4 files changed, 147 insertions(+), 66 deletions(-)
 create mode 100644 scripts/tracetool/format/ust_events_c.py
 create mode 100644 scripts/tracetool/format/ust_events_h.py

diff --git a/scripts/tracetool/backend/events.py 
b/scripts/tracetool/backend/events.py
index 5afce3e..1691c90 100644
--- a/scripts/tracetool/backend/events.py
+++ b/scripts/tracetool/backend/events.py
@@ -6,6 +6,8 @@ Generic event description.
 
 This is a dummy backend to establish appropriate frontend/backend compatibility
 checks.
+
+Generates tracepoint definitions for LTTng userspace tracing when using ust as 
a backend.
 """
 
 __author__ = "Lluís Vilanova "
@@ -16,8 +18,50 @@ __maintainer__ = "Stefan Hajnoczi"
 __email__  = "stefa...@linux.vnet.ibm.com"
 
 
+from tracetool import out
+
 def events_h(events):
 pass
 
 def events_c(events):
 pass
+
+def ust_events_c(events):
+pass
+
+def ust_events_h(events):
+for e in events:
+if len(e.args) > 0:
+out('TRACEPOINT_EVENT(',
+'   qemu,',
+'   %(name)s,',
+'   TP_ARGS(%(args)s),',
+'   TP_FIELDS(',
+name = e.name,
+args = ", ".join(", ".join(i) for i in e.args),
+)
+
+for t,n in e.args:
+if ('int' in t) or ('long' in t) or ('unsigned' in t) or 
('size_t' in t):
+out('   ctf_integer(' + t + ', ' + n + ', ' + n + ')')
+elif ('double' in t) or ('float' in t):
+out('   ctf_float(' + t + ', ' + n + ', ' + n + ')')
+elif ('char *' in t) or ('char*' in t):
+out('   ctf_string(' + n + ', ' + n + ')')
+elif ('void *' in t) or ('void*' in t):
+out('   ctf_integer_hex(unsigned long, ' + n + ', ' + 
n + ')')
+
+out('   )',
+')',
+'')
+
+else:
+out('TRACEPOINT_EVENT(',
+'   qemu,',
+'   %(name)s,',
+'   TP_ARGS(void),',
+'   TP_FIELDS()',
+')',
+'',
+name = e.name,
+)
diff --git a/scripts/tracetool/backend/ust.py b/scripts/tracetool/backend/ust.py
index ea36995..10c0875 100644
--- a/scripts/tracetool/backend/ust.py
+++ b/scripts/tracetool/backend/ust.py
@@ -18,76 +18,26 @@ from tracetool import out
 
 PUBLIC = True
 
-
 def c(events):
-out('#include ',
-'#undef mutex_lock',
-'#undef mutex_unlock',
-'#undef inline',
-'#undef wmb',
-'#include "trace.h"')
+pass
+
 
+def h(events):
+out('#include ',
+'#include "trace/generated-ust-provider.h"',
+'')
 for e in events:
 argnames = ", ".join(e.args.names())
 if len(e.args) > 0:
-argnames = ', ' + argnames
-
-out('DEFINE_TRACE(ust_%(name)s);',
-'',
-'static void ust_%(name)s_probe(%(args)s)',
-'{',
-'trace_mark(ust, %(name)s, %(fmt)s%(argnames)s);',
-'}',
-name = e.name,
-args = e.args,
-fmt = e.fmt,
-argnames = argnames,
-)
-
-else:
-out('DEFINE_TRACE(ust_%(name)s);',
-'',
-'static void ust_%(name)s_probe(%(args)s)',
-'{',
-'trace_mark(ust, %(name)s, UST_MARKER_NOARGS);',
-'}',
-name = e.name,
-args = e.args,
-)
-
-# register probes
-out('',
-'static void __attribute__((constructor)) trace_init(void)',
-'{')
-
-for e in events:
-out('register_trace_ust_%(name)s(ust_%(name)s_probe);',
+argnames = ", " + argnames
+
+out('static inline void trace_%(name)s(%(args)s)',
+'{',
+'tracepoint(qemu, %(name)s%(tp_args)s);'
+'',
+'}',
+'',

[Qemu-devel] [PATCH v4 1/5] Fix configure script for LTTng 2.x

[Mohamad Gebai]

Signed-off-by: Mohamad Gebai 
---
 configure |9 -
 1 file changed, 4 insertions(+), 5 deletions(-)

diff --git a/configure b/configure
index 23dbaaf..627054c 100755
--- a/configure
+++ b/configure
@@ -3287,15 +3287,14 @@ fi
 # For 'ust' backend, test if ust headers are present
 if test "$trace_backend" = "ust"; then
   cat > $TMPC << EOF
-#include 
-#include 
+#include 
 int main(void) { return 0; }
 EOF
   if compile_prog "" "" ; then
-LIBS="-lust -lurcu-bp $LIBS"
-libs_qga="-lust -lurcu-bp $libs_qga"
+LIBS="-llttng-ust -lurcu-bp -ldl $LIBS"
+libs_qga="-llttng-ust -lurcu-bp -ldl $libs_qga"
   else
-error_exit "Trace backend 'ust' missing libust header files"
+error_exit "Trace backend 'ust' missing lttng-ust header files"
   fi
 fi
 
-- 
1.7.10.4

Re: [Qemu-devel] [RFC PATCH v3 4/5] Update documentation for LTTng ust tracing

[Mohamad Gebai]

On 13-10-17 05:20 AM, Alex Bennée wrote:

mohamad.ge...@polymtl.ca writes:


On 13-10-16 08:05 AM, Alex Bennée wrote:

Running this gives me:


UST events:
-
None


Before or after running qemu. What is the mechanism lttng expects to
find out all these events?

Either the user should belong the group "tracing", or launch the
lttng-sessiond daemon (lttng-sessiond -d).



Hmm I've done both and I get nothing still. I can enable all tracepoints
though. This could just be a Ubuntu weirdness thing though.

That's weird. I did test it on a clean Ubuntu Precise (in a VM) and I
didn't have any problem after either one of these steps. Can you please
make sure that the user belongs to the "tracing" group and that the
lttng-sessiond daemon is running before running any instance of Qemu.
Also, Qemu should be running for LTTng to be able to list the events.

Ahh that was it. I suggest you change the wording from:

"Package lttng-tools is required for userspace tracing. After running Qemu, 
LTTng
should be able to list all available events:"

to

"Package lttng-tools is required for userspace tracing. While running
and instrumented Qemu, LTTng should be able to list all available events:"


Oops! Sorry about that.



Does lttng enable-event -a -u/start/stop/view show any event?

Yes, as I said the rest worked fine. With that minor wording fix I'm happy.

Thanks for getting this back into shape :-)


Happy to do it, I hope it will be useful to others.

Mohamad

Re: [Qemu-devel] [PATCH 2/2] acpi-test: basic acpi unit-test

[Paolo Bonzini]

Il 18/10/2013 07:30, Markus Armbruster ha scritto:
> > +static void test_acpi_tcg(void)
> > +{
> > +test_acpi_one("-machine accel=tcg");
> > +}
> 
> Since qtest_init() adds your parameters at the end, this should result
> in a command line ending with "-machine accel=qtest -machine accel=tcg",
> which should result in qtest.  How does this work?

The last option wins.

Paolo

Re: [Qemu-devel] [PATCH] spapr: add vio-bus devices to categories

[Alexey Kardashevskiy]

On 10/11/2013 02:08 PM, Alexey Kardashevskiy wrote:
> In order to get devices appear in output of
> "./qemu-system-ppc64 -device ?",
> they must be assigned to one of DEVICE_CATEGORY_.
> 
> This puts VIO devices classes to corresponding categories.
> 
> Signed-off-by: Alexey Kardashevskiy 


Ping?



> ---
>  hw/char/spapr_vty.c| 1 +
>  hw/net/spapr_llan.c| 1 +
>  hw/nvram/spapr_nvram.c | 1 +
>  hw/scsi/spapr_vscsi.c  | 1 +
>  4 files changed, 4 insertions(+)
> 
> diff --git a/hw/char/spapr_vty.c b/hw/char/spapr_vty.c
> index 9c2aef8..f8a4981 100644
> --- a/hw/char/spapr_vty.c
> +++ b/hw/char/spapr_vty.c
> @@ -168,6 +168,7 @@ static void spapr_vty_class_init(ObjectClass *klass, void 
> *data)
>  k->dt_name = "vty";
>  k->dt_type = "serial";
>  k->dt_compatible = "hvterm1";
> +set_bit(DEVICE_CATEGORY_INPUT, dc->categories);
>  dc->props = spapr_vty_properties;
>  dc->vmsd = &vmstate_spapr_vty;
>  }
> diff --git a/hw/net/spapr_llan.c b/hw/net/spapr_llan.c
> index 4ff0411..1bd6f50 100644
> --- a/hw/net/spapr_llan.c
> +++ b/hw/net/spapr_llan.c
> @@ -531,6 +531,7 @@ static void spapr_vlan_class_init(ObjectClass *klass, 
> void *data)
>  k->dt_type = "network";
>  k->dt_compatible = "IBM,l-lan";
>  k->signal_mask = 0x1;
> +set_bit(DEVICE_CATEGORY_NETWORK, dc->categories);
>  dc->props = spapr_vlan_properties;
>  k->rtce_window_size = 0x1000;
>  dc->vmsd = &vmstate_spapr_llan;
> diff --git a/hw/nvram/spapr_nvram.c b/hw/nvram/spapr_nvram.c
> index eb4500e..beaad68 100644
> --- a/hw/nvram/spapr_nvram.c
> +++ b/hw/nvram/spapr_nvram.c
> @@ -182,6 +182,7 @@ static void spapr_nvram_class_init(ObjectClass *klass, 
> void *data)
>  k->dt_name = "nvram";
>  k->dt_type = "nvram";
>  k->dt_compatible = "qemu,spapr-nvram";
> +set_bit(DEVICE_CATEGORY_MISC, dc->categories);
>  dc->props = spapr_nvram_properties;
>  }
>  
> diff --git a/hw/scsi/spapr_vscsi.c b/hw/scsi/spapr_vscsi.c
> index 2a26042..c0c46d7 100644
> --- a/hw/scsi/spapr_vscsi.c
> +++ b/hw/scsi/spapr_vscsi.c
> @@ -1223,6 +1223,7 @@ static void spapr_vscsi_class_init(ObjectClass *klass, 
> void *data)
>  k->dt_type = "vscsi";
>  k->dt_compatible = "IBM,v-scsi";
>  k->signal_mask = 0x0001;
> +set_bit(DEVICE_CATEGORY_STORAGE, dc->categories);
>  dc->props = spapr_vscsi_properties;
>  k->rtce_window_size = 0x1000;
>  dc->vmsd = &vmstate_spapr_vscsi;
> 


-- 
Alexey

Re: [Qemu-devel] [RFC PATCH] spapr: add ibmveth to the supported network adapters list

[Alexey Kardashevskiy]

On 10/11/2013 02:09 PM, Alexey Kardashevskiy wrote:
> The problem is that "-net nic,model=?" does not print "ibmveth" in
> the list while it is actually supported.
> 
> Most of the QEMU emulated network devices are PCI but "ibmveth"
> (a.k.a. spapr-vlan) is not. However with "-net nic,model=?", QEMU prints
> only PCI devices in the list, even if it does not say that the list is
> all about PCI devices.
> 
> This adds "?"/"help" handling in spapr.c and adds "ibmveth" in the beginning
> of the list.
> 
> Signed-off-by: Alexey Kardashevskiy 
> ---
> 
> This is an RFC patch.


Ping?


> The other solutions could be:
> 1. add "ibmveth" into pci_nic_models[] in hw/pci/pci.c but this would not
> be correct as "ibmveth" is not PCI and it must appear only on pseries machine.
> 
> 2. implemement short version of qdev_print_category_devices() and call it
> with DEVICE_CATEGORY_NETWORK but that would print more devices than
> pci_nic_init_nofail() can handle (vmxnet3, usb-bt-dongle).
> 
> 3. fix qemu_check_nic_model() to specifically say that this is a list of
> PCI devices and there might be some other devices which "-net nic,model+"
> supports but there are not PCI but that could break compatibility (some
> management software may rely on this exact string).
> 
> 4. Reject the patch and just say that people must stop using "-net". Ok for 
> me :)
> 
> Since "-net" is kind of obsolete interface and does not seem to be extended 
> ever,
> the proposed patch does not look too ugly, does not it?
> ---
>  hw/ppc/spapr.c | 15 +++
>  1 file changed, 15 insertions(+)
> 
> diff --git a/hw/ppc/spapr.c b/hw/ppc/spapr.c
> index c0613e4..45ed3da 100644
> --- a/hw/ppc/spapr.c
> +++ b/hw/ppc/spapr.c
> @@ -1276,6 +1276,21 @@ static void ppc_spapr_init(QEMUMachineInitArgs *args)
>  
>  if (strcmp(nd->model, "ibmveth") == 0) {
>  spapr_vlan_create(spapr->vio_bus, nd);
> +} else if (is_help_option(nd->model)) {
> +static const char * const nic_models[] = {
> +"ibmveth",
> +"ne2k_pci",
> +"i82551",
> +"i82557b",
> +"i82559er",
> +"rtl8139",
> +"e1000",
> +"pcnet",
> +"virtio",
> +NULL
> +};
> +qemu_show_nic_models(nd->model, nic_models);
> +exit(0);
>  } else {
>  pci_nic_init_nofail(&nd_table[i], phb->bus, nd->model, NULL);
>  }
> 


-- 
Alexey

Re: [Qemu-devel] [PATCH 2/2] acpi-test: basic acpi unit-test

[Markus Armbruster]

"Michael S. Tsirkin"  writes:

> We run bios, and boot a minimal boot sector that immediately halts.
> Then poke at memory to find ACPI tables.
>
> This only checks that RSDP is there.
> More will be added later.
>
> Signed-off-by: Michael S. Tsirkin 
> ---
>  tests/acpi-test.c | 129 
> ++
>  tests/Makefile|   2 +
>  2 files changed, 131 insertions(+)
>  create mode 100644 tests/acpi-test.c
>
> diff --git a/tests/acpi-test.c b/tests/acpi-test.c
> new file mode 100644
> index 000..42de248
> --- /dev/null
> +++ b/tests/acpi-test.c
> @@ -0,0 +1,129 @@
> +/*
> + * Boot order test cases.
> + *
> + * Copyright (c) 2013 Red Hat Inc.
> + *
> + * Authors:
> + *  Markus Armbruster ,
> + *
> + * This work is licensed under the terms of the GNU GPL, version 2 or later.
> + * See the COPYING file in the top-level directory.
> + */

Please update the file comment :)

> +
> +#include 
> +#include 
> +#include 
> +#include "libqtest.h"
> +
> +typedef struct {
> +const char *args;
> +uint64_t expected_boot;
> +uint64_t expected_reboot;
> +} boot_order_test;
> +
> +#define LOW(x) ((x) & 0xff)
> +#define HIGH(x) ((x) >> 8)
> +
> +#define SIGNATURE 0xdead
> +#define SIGNATURE_OFFSET 0x10
> +#define BOOT_SECTOR_ADDRESS 0x7c00
> +
> +static uint8_t boot_sector[0x200] = {
> +/* 7c00: mov $0xdead,%ax */
> +[0x00] = 0xb8,
> +[0x01] = LOW(SIGNATURE),
> +[0x02] = HIGH(SIGNATURE),
> +/* 7c03:  mov %ax,0x7c10 */
> +[0x03] = 0xa3,
> +[0x04] = LOW(BOOT_SECTOR_ADDRESS + SIGNATURE_OFFSET),
> +[0x05] = HIGH(BOOT_SECTOR_ADDRESS + SIGNATURE_OFFSET),
> +/* 7c06: hlt */
> +[0x06] = 0xf4,   
> +/* 7c07: jmp 0x7c06=0x7c09-3   */
> +[0x07] = 0xeb,
> +[0x08] = LOW(-3),
> +/* We mov 0xdead here: set value to make debugging easier */
> +[SIGNATURE_OFFSET] = LOW(0xface),
> +[SIGNATURE_OFFSET + 1] = HIGH(0xface),
> +/* End of boot sector marker */
> +[0x1FE] = 0x55,
> +[0x1FF] = 0xAA,
> +};
> +
> +static const char *disk = "tests/acpi-test-disk.raw";
> +
> +static void test_acpi_one(const char *params)
> +{
> +char *args;
> +uint8_t signature_low;
> +uint8_t signature_high;
> +uint16_t signature;
> +int i;
> +uint32_t off;
> +
> +
> +args = g_strdup_printf("-net none -display none %s %s",
> +   params ? params : "", disk);

Never called with null params.

> +qtest_start(args);
> +
> +   /* Wait at most 1 minute */
> +#define TEST_DELAY (1 * G_USEC_PER_SEC / 10)
> +#define TEST_CYCLES (60 * G_USEC_PER_SEC / TEST_DELAY)
> +
> +for (i = 0; i < TEST_CYCLES; ++i) {
> +signature_low = readb(BOOT_SECTOR_ADDRESS + SIGNATURE_OFFSET);
> +signature_high = readb(BOOT_SECTOR_ADDRESS + SIGNATURE_OFFSET + 1);
> +signature = (signature_high << 8) | signature_low;
> +if (signature == SIGNATURE) {
> +break;
> +}
> +g_usleep(TEST_DELAY);
> +}
> +g_assert_cmphex(signature, ==, SIGNATURE);
> +
> +/* OK, now find RSDP */
> +for (off = 0xf; off < 0x10; off += 0x10)
> +{
> +uint8_t sig[] = "RSD PTR ";
> +int i;
> +
> +for (i = 0; i < sizeof sig - 1; ++i) {
> +sig[i] = readb(off + i);
> +}
> +
> +if (!memcmp(sig, "RSD PTR ", sizeof sig)) {
> +break;
> +}
> +}
> +
> +g_assert_cmphex(off, <, 0x10);
> +
> +qtest_quit(global_qtest);
> +g_free(args);
> +}
> +
> +static void test_acpi_tcg(void)
> +{
> +test_acpi_one("-machine accel=tcg");
> +}

Since qtest_init() adds your parameters at the end, this should result
in a command line ending with "-machine accel=qtest -machine accel=tcg",
which should result in qtest.  How does this work?

> +
> +static void test_acpi_kvm(void)
> +{
> +test_acpi_one("-enable-kvm -machine accel=kvm");
> +}

Isn't -enable-kvm redundant?

> +
> +int main(int argc, char *argv[])
> +{
> +const char *arch = qtest_get_arch();
> +FILE *f = fopen(disk, "w");
> +fwrite(boot_sector, 1, sizeof boot_sector, f);
> +fclose(f);
> +
> +g_test_init(&argc, &argv, NULL);
> +
> +if (strcmp(arch, "i386") == 0 || strcmp(arch, "x86_64") == 0) {
> +qtest_add_func("acpi/tcg", test_acpi_tcg);
> +qtest_add_func("acpi/kvm", test_acpi_kvm);
> +}
> +return g_test_run();
> +}
> diff --git a/tests/Makefile b/tests/Makefile
> index c13fefc..a81a005 100644
> --- a/tests/Makefile
> +++ b/tests/Makefile
> @@ -64,6 +64,7 @@ check-qtest-i386-y += tests/ide-test$(EXESUF)
>  check-qtest-i386-y += tests/hd-geo-test$(EXESUF)
>  gcov-files-i386-y += hw/hd-geometry.c
>  check-qtest-i386-y += tests/boot-order-test$(EXESUF)
> +check-qtest-i386-y += tests/acpi-test$(EXESUF)
>  check-qtest-i386-y += tests/rtc-test$(EXESUF)
>  check-qtest-i386-y += tests/i440fx-test$(EXESUF)
>  check-qtest-i386-y += tests/fw_cfg-test$(EXESUF)
> @@ -171,6 +17

[Qemu-devel] [PATCH v2] vmdk: Only read cid from image file when opening

[Fam Zheng]

Previously cid of parent is parsed from image file for every IO request.
We already have L1/L2 cache and don't have assumption that parent image
can be updated behind us, so remove this to get more efficiency.

The parent CID is checked only for once after opening.

Signed-off-by: Fam Zheng 

---
v2: Use cid_checked. (Stefan)

Signed-off-by: Fam Zheng 
---
 block/vmdk.c | 8 +++-
 1 file changed, 3 insertions(+), 5 deletions(-)

diff --git a/block/vmdk.c b/block/vmdk.c
index 5a9f278..b8901e2 100644
--- a/block/vmdk.c
+++ b/block/vmdk.c
@@ -112,6 +112,7 @@ typedef struct BDRVVmdkState {
 CoMutex lock;
 uint64_t desc_offset;
 bool cid_updated;
+bool cid_checked;
 uint32_t parent_cid;
 int num_extents;
 /* Extent array with num_extents entries, ascend ordered by address */
@@ -197,8 +198,6 @@ static int vmdk_probe(const uint8_t *buf, int buf_size, 
const char *filename)
 }
 }
 
-#define CHECK_CID 1
-
 #define SECTOR_SIZE 512
 #define DESC_SIZE (20 * SECTOR_SIZE)/* 20 sectors of 512 bytes each */
 #define BUF_SIZE 4096
@@ -301,19 +300,18 @@ static int vmdk_write_cid(BlockDriverState *bs, uint32_t 
cid)
 
 static int vmdk_is_cid_valid(BlockDriverState *bs)
 {
-#ifdef CHECK_CID
 BDRVVmdkState *s = bs->opaque;
 BlockDriverState *p_bs = bs->backing_hd;
 uint32_t cur_pcid;
 
-if (p_bs) {
+if (!s->cid_checked && p_bs) {
 cur_pcid = vmdk_read_cid(p_bs, 0);
 if (s->parent_cid != cur_pcid) {
 /* CID not valid */
 return 0;
 }
 }
-#endif
+s->cid_checked = true;
 /* CID valid */
 return 1;
 }
-- 
1.8.3.1

Re: [Qemu-devel] virtio-blk-pci: how to tell if it is CD or HDD?

[Nikunj A Dadhania]

Alexey Kardashevskiy  writes:

>
> "channel@0" -> ""? This is a generic scsi bus, cannot change this.
> "disk@3,2" -> "disk@8302"? This is a generic scsi-cd, cannot
> change this either
>
>
>> On top of this, fix the remaining QEMU->OF differences using a callback
>> in QEMUMachine.  This callback would be called by
>> qdev_get_fw_dev_path_helper and, if it returns something non-NULL, the
>> result would be used instead of calling bus_get_fw_dev_path.
>
>
> A single machine callback which will recognize all possible bootable
> devices and replace things like "disk@3,2" -> "disk@8302"? Hm.

That is constructed in SLOF/board-qemu/slof/vio-vscsi.fs:

\ We use SRP luns of the form 8000 | (bus << 8) | (id << 5) | lun
\ in the top 16 bits of the 64-bit LUN

bus is target here. I guess that could be handled in Qemu, and both need
to be in sync.

Regards
Nikunj

[Qemu-devel] [PATCH v8 2/2] hpet: enable to entitle more irq pins for hpet

[Liu Ping Fan]

Owning to some different hardware design, piix and q35 need
different compat. So making them diverge.

On q35, IRQ2/8 can be reserved for hpet timer 0/1. And pin 16~23
can be assigned to hpet as guest chooses. So we introduce intcap
property to do that.

Consider the compat and piix/q35, we finally have the following
value for intcap: For piix, hpet's intcap is hard coded as IRQ2.
For pc-q35-1.7 and earlier, we use IRQ2 for compat reason. Otherwise
IRQ2, IRQ8, and IRQ16~23 are allowed.

Signed-off-by: Liu Ping Fan 
---
 hw/i386/pc.c | 19 ---
 hw/i386/pc_piix.c|  3 ++-
 hw/i386/pc_q35.c | 21 +
 hw/timer/hpet.c  |  9 +++--
 include/hw/i386/pc.h | 24 +++-
 5 files changed, 65 insertions(+), 11 deletions(-)

diff --git a/hw/i386/pc.c b/hw/i386/pc.c
index 0c313fe..bb92465 100644
--- a/hw/i386/pc.c
+++ b/hw/i386/pc.c
@@ -1219,7 +1219,8 @@ static const MemoryRegionOps ioportF0_io_ops = {
 void pc_basic_device_init(ISABus *isa_bus, qemu_irq *gsi,
   ISADevice **rtc_state,
   ISADevice **floppy,
-  bool no_vmport)
+  bool no_vmport,
+  uint32 hpet_irqs)
 {
 int i;
 DriveInfo *fd[MAX_FD];
@@ -1246,9 +1247,21 @@ void pc_basic_device_init(ISABus *isa_bus, qemu_irq *gsi,
  * when the HPET wants to take over. Thus we have to disable the latter.
  */
 if (!no_hpet && (!kvm_irqchip_in_kernel() || kvm_has_pit_state2())) {
-hpet = sysbus_try_create_simple("hpet", HPET_BASE, NULL);
-
+/* In order to set property, here not using sysbus_try_create_simple */
+hpet = qdev_try_create(NULL, "hpet");
 if (hpet) {
+/* For pc-piix-*, hpet's intcap is always IRQ2. For pc-q35-1.7
+ * and earlier, use IRQ2 for compat. Otherwise, use IRQ16~23,
+ * IRQ8 and IRQ2.
+ */
+uint8_t compat = object_property_get_int(OBJECT(hpet),
+HPET_INTCAP, NULL);
+if (!compat) {
+qdev_prop_set_uint32(hpet, HPET_INTCAP, hpet_irqs);
+}
+qdev_init_nofail(hpet);
+sysbus_mmio_map(SYS_BUS_DEVICE(hpet), 0, HPET_BASE);
+
 for (i = 0; i < GSI_NUM_PINS; i++) {
 sysbus_connect_irq(SYS_BUS_DEVICE(hpet), i, gsi[i]);
 }
diff --git a/hw/i386/pc_piix.c b/hw/i386/pc_piix.c
index c6042c7..506f026 100644
--- a/hw/i386/pc_piix.c
+++ b/hw/i386/pc_piix.c
@@ -180,7 +180,8 @@ static void pc_init1(QEMUMachineInitArgs *args,
 pc_vga_init(isa_bus, pci_enabled ? pci_bus : NULL);
 
 /* init basic PC hardware */
-pc_basic_device_init(isa_bus, gsi, &rtc_state, &floppy, xen_enabled());
+pc_basic_device_init(isa_bus, gsi, &rtc_state, &floppy, xen_enabled(),
+0x4);
 
 pc_nic_init(isa_bus, pci_bus);
 
diff --git a/hw/i386/pc_q35.c b/hw/i386/pc_q35.c
index ca84e1c..d12d3f0 100644
--- a/hw/i386/pc_q35.c
+++ b/hw/i386/pc_q35.c
@@ -181,7 +181,7 @@ static void pc_q35_init(QEMUMachineInitArgs *args)
 pc_register_ferr_irq(gsi[13]);
 
 /* init basic PC hardware */
-pc_basic_device_init(isa_bus, gsi, &rtc_state, &floppy, false);
+pc_basic_device_init(isa_bus, gsi, &rtc_state, &floppy, false, 0xff0104);
 
 /* connect pm stuff to lpc */
 ich9_lpc_pm_init(lpc);
@@ -263,6 +263,15 @@ static void pc_q35_init_1_4(QEMUMachineInitArgs *args)
 .desc = "Standard PC (Q35 + ICH9, 2009)", \
 .hot_add_cpu = pc_hot_add_cpu
 
+#define PC_Q35_1_8_MACHINE_OPTIONS PC_Q35_MACHINE_OPTIONS
+
+static QEMUMachine pc_q35_machine_v1_8 = {
+PC_Q35_1_7_MACHINE_OPTIONS,
+.name = "pc-q35-1.8",
+.alias = "q35",
+.init = pc_q35_init,
+};
+
 #define PC_Q35_1_7_MACHINE_OPTIONS PC_Q35_MACHINE_OPTIONS
 
 static QEMUMachine pc_q35_machine_v1_7 = {
@@ -270,6 +279,10 @@ static QEMUMachine pc_q35_machine_v1_7 = {
 .name = "pc-q35-1.7",
 .alias = "q35",
 .init = pc_q35_init,
+.compat_props = (GlobalProperty[]) {
+PC_Q35_COMPAT_1_7,
+{ /* end of list */ }
+},
 };
 
 #define PC_Q35_1_6_MACHINE_OPTIONS PC_Q35_MACHINE_OPTIONS
@@ -279,7 +292,7 @@ static QEMUMachine pc_q35_machine_v1_6 = {
 .name = "pc-q35-1.6",
 .init = pc_q35_init_1_6,
 .compat_props = (GlobalProperty[]) {
-PC_COMPAT_1_6,
+PC_Q35_COMPAT_1_6,
 { /* end of list */ }
 },
 };
@@ -289,7 +302,7 @@ static QEMUMachine pc_q35_machine_v1_5 = {
 .name = "pc-q35-1.5",
 .init = pc_q35_init_1_5,
 .compat_props = (GlobalProperty[]) {
-PC_COMPAT_1_5,
+PC_Q35_COMPAT_1_5,
 { /* end of list */ }
 },
 };
@@ -303,7 +316,7 @@ static QEMUMachine pc_q35_machine_v1_4 = {
 .name = "pc-q35-1.4",
 .init = pc_q35_init_1_4,
 .compat_props = (GlobalProperty[]) {
-PC_COMPAT_1_4,
+PC_Q35_COMPAT_1_4,
 { /* end of list */ }
 },
 };
diff --git a/hw/timer/hpet.

[Qemu-devel] [PATCH v8 1/2] hpet: inverse polarity when pin above ISA_NUM_IRQS

[Liu Ping Fan]

According to hpet spec, hpet irq is high active. But according to
ICH spec, there is inversion before the input of ioapic. So the OS
will expect low active on this IRQ line. (On bare metal, if OS driver
claims high active on this line, spurious irq is generated)

We fold the emulation of this inversion inside the hpet logic.

Signed-off-by: Liu Ping Fan 
---
 hw/timer/hpet.c | 14 --
 1 file changed, 12 insertions(+), 2 deletions(-)

diff --git a/hw/timer/hpet.c b/hw/timer/hpet.c
index fcd22ae..8429eb3 100644
--- a/hw/timer/hpet.c
+++ b/hw/timer/hpet.c
@@ -198,13 +198,23 @@ static void update_irq(struct HPETTimer *timer, int set)
 if (!set || !timer_enabled(timer) || !hpet_enabled(timer->state)) {
 s->isr &= ~mask;
 if (!timer_fsb_route(timer)) {
-qemu_irq_lower(s->irqs[route]);
+/* fold the ICH PIRQ# pin's internal inversion logic into hpet */
+if (route >= ISA_NUM_IRQS) {
+qemu_irq_raise(s->irqs[route]);
+} else {
+qemu_irq_lower(s->irqs[route]);
+}
 }
 } else if (timer_fsb_route(timer)) {
 stl_le_phys(timer->fsb >> 32, timer->fsb & 0x);
 } else if (timer->config & HPET_TN_TYPE_LEVEL) {
 s->isr |= mask;
-qemu_irq_raise(s->irqs[route]);
+/* fold the ICH PIRQ# pin's internal inversion logic into hpet */
+if (route >= ISA_NUM_IRQS) {
+qemu_irq_lower(s->irqs[route]);
+} else {
+qemu_irq_raise(s->irqs[route]);
+}
 } else {
 s->isr &= ~mask;
 qemu_irq_pulse(s->irqs[route]);
-- 
1.8.1.4

[Qemu-devel] [PATCH v8 0/2] bugs fix for hpet

[Liu Ping Fan]

v8: 
  make piix/q35 compat diverge
  simplify the code, use hpet_irqs to pass "intcap" value

v7:
  use macro to define "intcap" in pc.h
  (as to 3/4 and 4/4, I am not sure about whether to merge them or not, so keep 
them separate")

v6:
  move the setting of intcap to board, and keep the init value as zero. (thanks 
for the discussion from Paolo and Michael)
  introduce an extra hpet property "compat" to tell PC version

v5:
  use stand compat property to fix hpet intcap on pc-q35, while on pc-piix, 
hard code intcap as IRQ2

v4:
  use stand compat property to fix hpet intcap

v3:
  change hpet interrupt capablity on board's demand


Liu Ping Fan (2):
  hpet: inverse polarity when pin above ISA_NUM_IRQS
  hpet: enable to entitle more irq pins for hpet

 hw/i386/pc.c | 19 ---
 hw/i386/pc_piix.c|  3 ++-
 hw/i386/pc_q35.c | 21 +
 hw/timer/hpet.c  | 23 +++
 include/hw/i386/pc.h | 24 +++-
 5 files changed, 77 insertions(+), 13 deletions(-)

-- 
1.8.1.4

[Qemu-devel] [PATCH v4 2/2] vmdk: Implment bdrv_get_specific_info

[Fam Zheng]

Implement .bdrv_get_specific_info to return the extent information.

Signed-off-by: Fam Zheng 
---
 block/vmdk.c   | 64 +-
 qapi-schema.json   | 24 -
 tests/qemu-iotests/059 |  2 +-
 tests/qemu-iotests/059.out |  5 ++--
 4 files changed, 89 insertions(+), 6 deletions(-)

diff --git a/block/vmdk.c b/block/vmdk.c
index 5a9f278..d7fe54a 100644
--- a/block/vmdk.c
+++ b/block/vmdk.c
@@ -106,17 +106,20 @@ typedef struct VmdkExtent {
 uint32_t l2_cache_counts[L2_CACHE_SIZE];
 
 int64_t cluster_sectors;
+char *type;
 } VmdkExtent;
 
 typedef struct BDRVVmdkState {
 CoMutex lock;
 uint64_t desc_offset;
 bool cid_updated;
+uint32_t cid;
 uint32_t parent_cid;
 int num_extents;
 /* Extent array with num_extents entries, ascend ordered by address */
 VmdkExtent *extents;
 Error *migration_blocker;
+char *create_type;
 } BDRVVmdkState;
 
 typedef struct VmdkMetaData {
@@ -215,6 +218,7 @@ static void vmdk_free_extents(BlockDriverState *bs)
 g_free(e->l1_table);
 g_free(e->l2_cache);
 g_free(e->l1_backup_table);
+g_free(e->type);
 if (e->file != bs->file) {
 bdrv_unref(e->file);
 }
@@ -536,6 +540,7 @@ static int vmdk_open_vmdk4(BlockDriverState *bs,
 uint32_t l1_size, l1_entry_sectors;
 VMDK4Header header;
 VmdkExtent *extent;
+BDRVVmdkState *s = bs->opaque;
 int64_t l1_backup_offset = 0;
 
 ret = bdrv_pread(file, sizeof(magic), &header, sizeof(header));
@@ -551,6 +556,10 @@ static int vmdk_open_vmdk4(BlockDriverState *bs,
 }
 }
 
+if (!s->create_type) {
+s->create_type = g_strdup("monolithicSparse");
+}
+
 if (le64_to_cpu(header.gd_offset) == VMDK4_GD_AT_END) {
 /*
  * The footer takes precedence over the header, so read it in. The
@@ -711,6 +720,8 @@ static int vmdk_parse_extents(const char *desc, 
BlockDriverState *bs,
 int64_t flat_offset;
 char extent_path[PATH_MAX];
 BlockDriverState *extent_file;
+BDRVVmdkState *s = bs->opaque;
+VmdkExtent *extent;
 
 while (*p) {
 /* parse extent line:
@@ -751,7 +762,6 @@ static int vmdk_parse_extents(const char *desc, 
BlockDriverState *bs,
 /* save to extents array */
 if (!strcmp(type, "FLAT") || !strcmp(type, "VMFS")) {
 /* FLAT extent */
-VmdkExtent *extent;
 
 ret = vmdk_add_extent(bs, extent_file, true, sectors,
 0, 0, 0, 0, 0, &extent, errp);
@@ -766,10 +776,12 @@ static int vmdk_parse_extents(const char *desc, 
BlockDriverState *bs,
 bdrv_unref(extent_file);
 return ret;
 }
+extent = &s->extents[s->num_extents - 1];
 } else {
 error_setg(errp, "Unsupported extent type '%s'", type);
 return -ENOTSUP;
 }
+extent->type = g_strdup(type);
 next_line:
 /* move to next line */
 while (*p) {
@@ -817,6 +829,7 @@ static int vmdk_open_desc_file(BlockDriverState *bs, int 
flags,
 ret = -ENOTSUP;
 goto exit;
 }
+s->create_type = g_strdup(ct);
 s->desc_offset = 0;
 ret = vmdk_parse_extents(buf, bs, bs->file->filename, errp);
 exit:
@@ -855,6 +868,8 @@ static int vmdk_open(BlockDriverState *bs, QDict *options, 
int flags,
 return 0;
 
 fail:
+g_free(s->create_type);
+s->create_type = NULL;
 vmdk_free_extents(bs);
 return ret;
 }
@@ -1766,6 +1781,7 @@ static void vmdk_close(BlockDriverState *bs)
 BDRVVmdkState *s = bs->opaque;
 
 vmdk_free_extents(bs);
+g_free(s->create_type);
 
 migrate_del_blocker(s->migration_blocker);
 error_free(s->migration_blocker);
@@ -1827,6 +1843,51 @@ static int vmdk_has_zero_init(BlockDriverState *bs)
 return 1;
 }
 
+static ImageInfo *vmdk_get_extent_info(VmdkExtent *extent)
+{
+ImageInfo *info = g_new0(ImageInfo, 1);
+
+*info = (ImageInfo){
+.filename = g_strdup(extent->file->filename),
+.format   = g_strdup(extent->type),
+.virtual_size = extent->sectors * BDRV_SECTOR_SIZE,
+.compressed   = extent->compressed,
+.has_compressed   = extent->compressed,
+.cluster_size = extent->cluster_sectors * BDRV_SECTOR_SIZE,
+.has_cluster_size = !extent->flat,
+};
+
+return info;
+}
+
+static ImageInfoSpecific *vmdk_get_specific_info(BlockDriverState *bs)
+{
+int i;
+BDRVVmdkState *s = bs->opaque;
+ImageInfoSpecific *spec_info = g_new0(ImageInfoSpecific, 1);
+ImageInfoList **next;
+
+*spec_info = (ImageInfoSpecific){
+.kind = IMAGE_INFO_SPECIFIC_KIND_VMDK,
+.vmdk = g_new0(ImageInfoSpecificVmdk, 1),
+};
+
+*spec_info->vmdk = (ImageInfoSpecificVmdk) {
+.create_type = g_strdup(s->create_type),
+.cid = s->cid,
+};
+
+next = &spec_info->vmdk->ext

[Qemu-devel] [PATCH v4 1/2] qapi: Add optional field 'compressed' to ImageInfo

[Fam Zheng]

Signed-off-by: Fam Zheng 
---
 qapi-schema.json | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

diff --git a/qapi-schema.json b/qapi-schema.json
index 60f3fd1..add97e2 100644
--- a/qapi-schema.json
+++ b/qapi-schema.json
@@ -256,6 +256,8 @@
 #
 # @encrypted: #optional true if the image is encrypted
 #
+# @compressed: #optional true if the image is compressed (Since 1.7)
+#
 # @backing-filename: #optional name of the backing file
 #
 # @full-backing-filename: #optional full path of the backing file
@@ -276,7 +278,7 @@
 { 'type': 'ImageInfo',
   'data': {'filename': 'str', 'format': 'str', '*dirty-flag': 'bool',
'*actual-size': 'int', 'virtual-size': 'int',
-   '*cluster-size': 'int', '*encrypted': 'bool',
+   '*cluster-size': 'int', '*encrypted': 'bool', '*compressed': 'bool',
'*backing-filename': 'str', '*full-backing-filename': 'str',
'*backing-filename-format': 'str', '*snapshots': ['SnapshotInfo'],
'*backing-image': 'ImageInfo',
-- 
1.8.3.1

[Qemu-devel] [PATCH v4 0/2] vmdk: Implement bdrv_get_specific_info

[Fam Zheng]

The new information looks like:

image: /tmp/foo.vmdk
file format: vmdk
virtual size: 100G (107374182400 bytes)
disk size: 4.0K
Format specific information:
cid: 0
create_type: twoGbMaxExtentFlat
parent cid: 0
extents:
[0]:
virtual size: 2147483648
filename: /tmp/foo-f001.vmdk
format: FLAT
[1]:
virtual size: 2147483648
filename: /tmp/foo-f002.vmdk
format: FLAT
[2]:
virtual size: 2147483648
filename: /tmp/foo-f003.vmdk
format: FLAT
[3]:   ...
v4: Rebase to master.
Free create_type if open fails. (Stefan)
Set create_type for monolithcSparse in no description file case.

v3: Rebase to kevin's block branch.


Fam Zheng (2):
  qapi: Add optional field 'compressed' to ImageInfo
  vmdk: Implment bdrv_get_specific_info

 block/vmdk.c   | 64 +-
 qapi-schema.json   | 28 ++--
 tests/qemu-iotests/059 |  2 +-
 tests/qemu-iotests/059.out |  5 ++--
 4 files changed, 92 insertions(+), 7 deletions(-)

-- 
1.8.3.1

Re: [Qemu-devel] [PATCH v2] net/net: Change the default mac address of nic

[mike]

On 10/17/2013 08:30 PM, Stefan Hajnoczi wrote:

On Tue, Oct 15, 2013 at 09:33:06PM +0800, mike wrote:

On 10/15/2013 08:36 PM, Eric Blake wrote:

On 10/14/2013 11:07 PM, Stefan Weil wrote:

Is it reasonable to get a random mac address in your guest? I don't
think so. It would no longer be possible to connect to a guest using
ssh, restart that guest and connect again with ssh.

Agreed - libvirt ALWAYS passes a MAC to qemu, even if the user did not
specify a MAC to libvirt, precisely because the MAC must be reproducible
rather than random to avoid changing the guest ABI.  I don't think this
patch is needed - it's up to management to use qemu correctly.

Yes, you are right in this condition. But qemu support Mac address unset.
Also we can get the ip address through a lot of different ways, like use
monitor to get the mac and then get the ip. So we can login use ssh.

But as you mentioned, this patch is not needed, I don't agree with you.

First, this patch just fix the Potential issue of this feature. Now libvirt
maybe can't triggered this issue, who can promise in future will not.

The second is,  qemu not only be used by libvirt,  lots of developers like
to use the command line to boot up the guest. And in the future, we
are not sure about other program will use qemu.

The third is, when one feature has a issue in qemu,
no matter when it is been triggered, should we not fix it?

NACK

I'm not going to merge this patch:

If you terminate QEMU and launch it again the NIC gets a different MAC
address.  Some guest operating systems are sensitive to this - under

For these users must use -device ,mac=XX:XX:XX:XX:XX:XX.
I think no body will boot up the guest, which sensitive to this, without 
mac address.


Actually, people use the command line without mac address, mean they mainly
don't care about mac address, so give them random mac address is reasonable
I think.

In my opinion, if we fix this, for qemu side no any issue, we both support
mac address set or unset correctly.

What am I confuse is, *qemu supports mac address unset, why we force
users must set the address when more than one guests*?
This is unreasonable.


many Linux distros the network interfaces names change due to the MAC
address change.  As a result firewall configuration will break and other
services may fail to start because they cannot find the interface.

Agree, so this mac address should set in qemu command line as
libvirt does :)

If you have multiple guests or want control over the MAC address, set it
explicitly using -device ,mac=XX:XX:XX:XX:XX:XX.

Currently, especially for developers, people mainly use qemu
command line directly, and as qemu supports mac address
unset, they may try the simplest command line to boot up
lots of guests, they will confuse about why all this guest use
the same mac address.

Thanks
Mike

Stefan

Re: [Qemu-devel] [Bug 1174654] Re: qemu-system-x86_64 takes 100% CPU after host machine resumed from suspend to ram

[mike]

On 10/18/2013 04:29 AM, tobias wrote:

hi,

tried your option but it does not help. (cpu usage is still high)
below my command line syntax:
qemu-system-x86_64 -global mc146818rtc.lost_tick_policy=slew -machine 
accel=kvm:tcg -name win7 -S -machine pc-i440fx-1.4,accel=kvm,usb=off -m 2048 
-realtime mlock=off -smp 1,sockets=1,cores=1,threads=1 -uuid 
813f5806-64ec-3319-452a-5e1834e753c9 -no-user-config -nodefaults -chardev 
socket,id=charmonitor,path=/var/lib/libvirt/qemu/win7.monitor,server,nowait 
-mon chardev=charmonitor,id=monitor,mode=control -rtc base=localtime 
-no-shutdown -device ich9-usb-ehci1,id=usb,bus=pci.0,addr=0x5.0x7 -device 
ich9-usb-uhci1,masterbus=usb.0,firstport=0,bus=pci.0,multifunction=on,addr=0x5 
-device ich9-usb-uhci2,masterbus=usb.0,firstport=2,bus=pci.0,addr=0x5.0x1 
-device ich9-usb-uhci3,masterbus=usb.0,firstport=4,bus=pci.0,addr=0x5.0x2 
-device virtio-serial-pci,id=virtio-serial0,bus=pci.0,addr=0x8 -drive 
file=/data/vmware/win7.img,if=none,id=drive-virtio-disk0,format=qcow2 -device 
virtio-blk-pci,scsi=off,bus=pci.0,addr=0x6,drive=drive-virtio-disk0,id=virtio-disk0,bootindex=1
 -device usb-tablet,id=input0 -device intel-hda,id=sound0,bus=pci.0,addr=0x4 
-device hda-duplex,id=sound0-codec0,bus=sound0.0,cad=0 -device 
virtio-balloon-pci,id=balloon0,bus=pci.0,addr=0x7 -vga std
Hi, have you enable the kernel CPU idle driver?  especially the guest 
kernel.


Thanks
Mike

[Qemu-devel] [PATCH] block: mask NOR flash buffered write length

[Roy Franz]

For buffered writes, mask the length with the maximum supported
length.  This is required for block writes to work on the ARM vexpress
platform, where the flash interface is 32 bits wide.  For buffered writes
to the 2 16 bit flashes on the interface, the length is repeated in each
16 bit word, and without this mask the two lengths are interpreted 
as a single 32 bit value that is very large.

Signed-off-by: Roy Franz 
---
 hw/block/pflash_cfi01.c |1 +
 1 file changed, 1 insertion(+)

diff --git a/hw/block/pflash_cfi01.c b/hw/block/pflash_cfi01.c
index 018a967..a364cca 100644
--- a/hw/block/pflash_cfi01.c
+++ b/hw/block/pflash_cfi01.c
@@ -378,6 +378,7 @@ static void pflash_write(pflash_t *pfl, hwaddr offset,
 
 break;
 case 0xe8:
+value &= pfl->writeblock_size - 1;
 DPRINTF("%s: block write of %x bytes\n", __func__, value);
 pfl->counter = value;
 pfl->wcycle++;
-- 
1.7.10.4

Re: [Qemu-devel] [PATCH v14 2/8] make.rule: fix $(obj) to a real relative path

[Fam Zheng]

On Thu, 10/17 16:57, Paolo Bonzini wrote:
> Il 16/10/2013 05:26, Fam Zheng ha scritto:
> > Makefile.target includes rule.mak and unnested common-obj-y, then prefix
> > them with '../', this will ignore object specific QEMU_CFLAGS in subdir
> > Makefile.objs:
> > 
> > $(obj)/curl.o: QEMU_CFLAGS += $(CURL_CFLAGS)
> > 
> > Because $(obj) here is './block', instead of '../block'. This doesn't
> > hurt compiling because we basically build all .o from top Makefile,
> > before entering Makefile.target, but it will affact arriving per-object
> > libs support.
> > 
> > The starting point of $(obj) is passed in as argument of unnest-vars, as
> > well as nested variables, so that different Makefiles can pass in a
> > right value.
> > 
> > Signed-off-by: Fam Zheng 
> > ---
> >  Makefile| 14 ++
> >  Makefile.objs   | 17 +
> >  Makefile.target | 20 
> >  configure   |  1 +
> >  rules.mak   | 14 +-
> >  5 files changed, 41 insertions(+), 25 deletions(-)
> > 
> > diff --git a/Makefile b/Makefile
> > index b15003f..94dae51 100644
> > --- a/Makefile
> > +++ b/Makefile
> > @@ -115,6 +115,16 @@ defconfig:
> >  
> >  ifneq ($(wildcard config-host.mak),)
> >  include $(SRC_PATH)/Makefile.objs
> > +endif
> > +
> > +dummy := $(call unnest-vars,, \
> > +stub-obj-y \
> > +util-obj-y \
> > +qga-obj-y \
> > +block-obj-y \
> > +common-obj-y)
> > +
> > +ifneq ($(wildcard config-host.mak),)
> >  include $(SRC_PATH)/tests/Makefile
> >  endif
> >  ifeq ($(CONFIG_SMARTCARD_NSS),y)
> > @@ -123,6 +133,10 @@ endif
> >  
> >  all: $(DOCS) $(TOOLS) $(HELPERS-y) recurse-all
> >  
> > +vl.o: QEMU_CFLAGS+=$(GPROF_CFLAGS)
> > +
> > +vl.o: QEMU_CFLAGS+=$(SDL_CFLAGS)
> > +
> >  config-host.h: config-host.h-timestamp
> >  config-host.h-timestamp: config-host.mak
> >  qemu-options.def: $(SRC_PATH)/qemu-options.hx
> > diff --git a/Makefile.objs b/Makefile.objs
> > index 2b6c1fe..91235a6 100644
> > --- a/Makefile.objs
> > +++ b/Makefile.objs
> > @@ -41,7 +41,7 @@ libcacard-y += libcacard/vcardt.o
> >  # single QEMU executable should support all CPUs and machines.
> >  
> >  ifeq ($(CONFIG_SOFTMMU),y)
> > -common-obj-y = $(block-obj-y) blockdev.o blockdev-nbd.o block/
> > +common-obj-y = blockdev.o blockdev-nbd.o block/
> >  common-obj-y += net/
> >  common-obj-y += readline.o
> >  common-obj-y += qdev-monitor.o device-hotplug.o
> > @@ -110,18 +110,3 @@ version-lobj-$(CONFIG_WIN32) += $(BUILD_DIR)/version.lo
> >  # by libqemuutil.a.  These should be moved to a separate .json schema.
> >  qga-obj-y = qga/ qapi-types.o qapi-visit.o
> >  qga-vss-dll-obj-y = qga/
> > -
> > -vl.o: QEMU_CFLAGS+=$(GPROF_CFLAGS)
> > -
> > -vl.o: QEMU_CFLAGS+=$(SDL_CFLAGS)
> > -
> > -QEMU_CFLAGS+=$(GLIB_CFLAGS)
> > -
> > -nested-vars += \
> > -   stub-obj-y \
> > -   util-obj-y \
> > -   qga-obj-y \
> > -   qga-vss-dll-obj-y \
> > -   block-obj-y \
> > -   common-obj-y
> > -dummy := $(call unnest-vars)
> > diff --git a/Makefile.target b/Makefile.target
> > index 9a49852..fb3a970 100644
> > --- a/Makefile.target
> > +++ b/Makefile.target
> > @@ -143,13 +143,25 @@ endif # CONFIG_SOFTMMU
> >  # Workaround for http://gcc.gnu.org/PR55489, see configure.
> >  %/translate.o: QEMU_CFLAGS += $(TRANSLATE_OPT_CFLAGS)
> >  
> > -nested-vars += obj-y
> > +dummy := $(call unnest-vars,,obj-y)
> >  
> > -# This resolves all nested paths, so it must come last
> > +# we are making another call to unnest-vars with different vars, protect 
> > obj-y,
> > +# it can be overriden in subdir Makefile.objs
> > +obj-y-save := $(obj-y)
> > +
> > +block-obj-y :=
> > +common-obj-y :=
> >  include $(SRC_PATH)/Makefile.objs
> > +dummy := $(call unnest-vars,..,block-obj-y common-obj-y)
> > +
> > +# Now restore obj-y
> > +obj-y := $(obj-y-save)
> > +
> > +all-obj-y = $(obj-y) $(common-obj-y)
> >  
> > -all-obj-y = $(obj-y)
> > -all-obj-y += $(addprefix ../, $(common-obj-y))
> > +ifdef CONFIG_SOFTMMU
> > +all-obj-y += $(block-obj-y)
> > +endif
> 
> Just:
> 
> all-obj-$(CONFIG_SOFTMMU) += $(block-obj-y)
> 

OK. Thanks,

Fam

> >  ifndef CONFIG_HAIKU
> >  LIBS+=-lm
> > diff --git a/configure b/configure
> > index 57ee62a..3381264 100755
> > --- a/configure
> > +++ b/configure
> > @@ -2283,6 +2283,7 @@ fi
> >  if $pkg_config --atleast-version=$glib_req_ver gthread-2.0; then
> >  glib_cflags=`$pkg_config --cflags gthread-2.0`
> >  glib_libs=`$pkg_config --libs gthread-2.0`
> > +CFLAGS="$glib_cflags $CFLAGS"
> >  LIBS="$glib_libs $LIBS"
> >  libs_qga="$glib_libs $libs_qga"
> >  else
> > diff --git a/rules.mak b/rules.mak
> > index abc2e84..01e552e 100644
> > --- a/rules.mak
> > +++ b/rules.mak
> > @@ -110,9 +110,6 @@ clean: clean-timestamp
> >  
> >  # magic to descend into other directories
> >  
> > -obj := .
> > -old-nested-dirs :=
> > -
> >  define push-var
> >  $(eval save-$2-$1 = $(value $1))
> >  $(eval $1 :=)
> > @@ -126,9 +123,11 @@ e

Re: [Qemu-devel] qemu-system-or32 is not working on OS X, ask for help.

[Jia Liu]

Hi Peter,

On Thu, Oct 17, 2013 at 5:15 PM, Peter Maydell  wrote:
> On 17 October 2013 04:17, Jia Liu  wrote:
>> On Fri, Oct 11, 2013 at 10:41 AM, Jia Liu  wrote:
>>> I'm not sure about why qemu-system-or32 is not working on OS X, is it
>>> a AREG0 problem? May you please give me some suggestion, I want to
>>> test it on OS X, not Ubuntu any longer.
>
> The things that meant we had to use gcc for its "put variable
> in a fixed native register" functionality have gone away, so
> OSX+clang should work OK. I test the ARM targets from time to
> time and they work.
>
>> GCC on OS X is OK, it looks like a Clang and GCC different, any
>> suggestion, please?
>
> You'll need to debug the problem, that's all. Watch out that
> OSX gdb is broken in an odd way that means you can't really
> debug qemu under it (it breaks sigwait()).
>
> In general I think OSX is a poor target for trying to develop and
> debug qemu under, not least because of that gdb issue. But it
> should in principle work if you're not trying to run under
> the debugger.

Thanks, I'll try lldb.

>
> -- PMM


Regards,
Jia

[Qemu-devel] Watching Resource consumption of guest from Qemu ?

[Sunil]

Hello List,

I am a graduate student trying to learn about virtualization. I wanted
to understand if there is any way to tell about resource consumption
of guest through Qemu ? e.g. if guest starts doing something cpu
intensive, would qemu be aware of that ? or is there a way to detect
that from qemu ?

--
Sunil

Re: [Qemu-devel] [Nbd] Hibernate and qemu-nbd

[Paul Clements]

Hi Mark,

On Thu, Oct 17, 2013 at 1:07 PM, Mark Trumpold  wrote:


>   165  strace -p 2488 -o /var/tmp/qemu.nbd.strace.v2 &
>   166  strace -p 2492 -o /var/tmp/nbd-client.strace.v2 &
>

You'll need to include the -f option to strace to get the full child trace
(at least for nbd-client). In the output you sent, we don't see the child
nbd-client, which is the one calling the NBD_DO_IT ioctl, which is
important to see.

--
Paul

[Qemu-devel] [PATCH] net: disallow to specify multicast MAC address

[Dmitry Krivenok]

Added explicit check of MAC address specified via macaddr option.
Multicast MAC addresses are no longer allowed.
This fixes bug #495566.

Signed-off-by: Dmitry V. Krivenok 
---
 net/net.c  | 5 +
 net/util.c | 5 +
 net/util.h | 2 ++
 3 files changed, 12 insertions(+)

diff --git a/net/net.c b/net/net.c
index c330c9a..b3a42e5 100644
--- a/net/net.c
+++ b/net/net.c
@@ -689,6 +689,11 @@ static int net_init_nic(const NetClientOptions
*opts, const char *name,
 error_report("invalid syntax for ethernet address");
 return -1;
 }
+if (nic->has_macaddr &&
+net_macaddr_is_multicast(nd->macaddr.a)) {
+error_report("NIC cannot have multicast MAC address (odd 1st byte)");
+return -1;
+}
 qemu_macaddr_default_if_unset(&nd->macaddr);

 if (nic->has_vectors) {
diff --git a/net/util.c b/net/util.c
index 7e95076..b86ac03 100644
--- a/net/util.c
+++ b/net/util.c
@@ -58,3 +58,8 @@ int net_parse_macaddr(uint8_t *macaddr, const char *p)

 return 0;
 }
+
+bool net_macaddr_is_multicast(uint8_t *macaddr)
+{
+return (macaddr[0] % 2) ? true : false;
+}
diff --git a/net/util.h b/net/util.h
index 10c7da9..4581cb7 100644
--- a/net/util.h
+++ b/net/util.h
@@ -26,7 +26,9 @@
 #define QEMU_NET_UTIL_H

 #include 
+#include 

 int net_parse_macaddr(uint8_t *macaddr, const char *p);
+bool net_macaddr_is_multicast(uint8_t *macaddr);

 #endif /* QEMU_NET_UTIL_H */
-- 
1.8.3

Re: [Qemu-devel] [ANNOUNCE] Key Signing Party at KVM Forum 2013

[Scott Wood]

On Wed, 2013-07-24 at 07:50 -0500, Anthony Liguori wrote:
> I will be hosting a key signing party at this year's KVM Forum.
> 
> http://wiki.qemu.org/KeySigningParty2013
> 
> Starting for the 1.7 release (begins in December), I will only accepted
> signed pull requests so please try to attend this event or make
> alternative arrangements to have someone sign your key who will attend
> the event.
> 
> I will also be attending LinuxCon/CloudOpen/Plumbers North America if
> anyone wants to have another key signing party at that event and cannot
> attend KVM Forum.

The wiki still says "Day/Room TBD" and I don't see it on the published
KVM Forum schedule.  Has this been determined yet?

-Scott

[Qemu-devel] [PATCH 2/2] acpi-test: basic acpi unit-test

[Michael S. Tsirkin]

We run bios, and boot a minimal boot sector that immediately halts.
Then poke at memory to find ACPI tables.

This only checks that RSDP is there.
More will be added later.

Signed-off-by: Michael S. Tsirkin 
---
 tests/acpi-test.c | 129 ++
 tests/Makefile|   2 +
 2 files changed, 131 insertions(+)
 create mode 100644 tests/acpi-test.c

diff --git a/tests/acpi-test.c b/tests/acpi-test.c
new file mode 100644
index 000..42de248
--- /dev/null
+++ b/tests/acpi-test.c
@@ -0,0 +1,129 @@
+/*
+ * Boot order test cases.
+ *
+ * Copyright (c) 2013 Red Hat Inc.
+ *
+ * Authors:
+ *  Markus Armbruster ,
+ *
+ * This work is licensed under the terms of the GNU GPL, version 2 or later.
+ * See the COPYING file in the top-level directory.
+ */
+
+#include 
+#include 
+#include 
+#include "libqtest.h"
+
+typedef struct {
+const char *args;
+uint64_t expected_boot;
+uint64_t expected_reboot;
+} boot_order_test;
+
+#define LOW(x) ((x) & 0xff)
+#define HIGH(x) ((x) >> 8)
+
+#define SIGNATURE 0xdead
+#define SIGNATURE_OFFSET 0x10
+#define BOOT_SECTOR_ADDRESS 0x7c00
+
+static uint8_t boot_sector[0x200] = {
+/* 7c00: mov $0xdead,%ax */
+[0x00] = 0xb8,
+[0x01] = LOW(SIGNATURE),
+[0x02] = HIGH(SIGNATURE),
+/* 7c03:  mov %ax,0x7c10 */
+[0x03] = 0xa3,
+[0x04] = LOW(BOOT_SECTOR_ADDRESS + SIGNATURE_OFFSET),
+[0x05] = HIGH(BOOT_SECTOR_ADDRESS + SIGNATURE_OFFSET),
+/* 7c06: hlt */
+[0x06] = 0xf4,   
+/* 7c07: jmp 0x7c06=0x7c09-3   */
+[0x07] = 0xeb,
+[0x08] = LOW(-3),
+/* We mov 0xdead here: set value to make debugging easier */
+[SIGNATURE_OFFSET] = LOW(0xface),
+[SIGNATURE_OFFSET + 1] = HIGH(0xface),
+/* End of boot sector marker */
+[0x1FE] = 0x55,
+[0x1FF] = 0xAA,
+};
+
+static const char *disk = "tests/acpi-test-disk.raw";
+
+static void test_acpi_one(const char *params)
+{
+char *args;
+uint8_t signature_low;
+uint8_t signature_high;
+uint16_t signature;
+int i;
+uint32_t off;
+
+
+args = g_strdup_printf("-net none -display none %s %s",
+   params ? params : "", disk);
+qtest_start(args);
+
+   /* Wait at most 1 minute */
+#define TEST_DELAY (1 * G_USEC_PER_SEC / 10)
+#define TEST_CYCLES (60 * G_USEC_PER_SEC / TEST_DELAY)
+
+for (i = 0; i < TEST_CYCLES; ++i) {
+signature_low = readb(BOOT_SECTOR_ADDRESS + SIGNATURE_OFFSET);
+signature_high = readb(BOOT_SECTOR_ADDRESS + SIGNATURE_OFFSET + 1);
+signature = (signature_high << 8) | signature_low;
+if (signature == SIGNATURE) {
+break;
+}
+g_usleep(TEST_DELAY);
+}
+g_assert_cmphex(signature, ==, SIGNATURE);
+
+/* OK, now find RSDP */
+for (off = 0xf; off < 0x10; off += 0x10)
+{
+uint8_t sig[] = "RSD PTR ";
+int i;
+
+for (i = 0; i < sizeof sig - 1; ++i) {
+sig[i] = readb(off + i);
+}
+
+if (!memcmp(sig, "RSD PTR ", sizeof sig)) {
+break;
+}
+}
+
+g_assert_cmphex(off, <, 0x10);
+
+qtest_quit(global_qtest);
+g_free(args);
+}
+
+static void test_acpi_tcg(void)
+{
+test_acpi_one("-machine accel=tcg");
+}
+
+static void test_acpi_kvm(void)
+{
+test_acpi_one("-enable-kvm -machine accel=kvm");
+}
+
+int main(int argc, char *argv[])
+{
+const char *arch = qtest_get_arch();
+FILE *f = fopen(disk, "w");
+fwrite(boot_sector, 1, sizeof boot_sector, f);
+fclose(f);
+
+g_test_init(&argc, &argv, NULL);
+
+if (strcmp(arch, "i386") == 0 || strcmp(arch, "x86_64") == 0) {
+qtest_add_func("acpi/tcg", test_acpi_tcg);
+qtest_add_func("acpi/kvm", test_acpi_kvm);
+}
+return g_test_run();
+}
diff --git a/tests/Makefile b/tests/Makefile
index c13fefc..a81a005 100644
--- a/tests/Makefile
+++ b/tests/Makefile
@@ -64,6 +64,7 @@ check-qtest-i386-y += tests/ide-test$(EXESUF)
 check-qtest-i386-y += tests/hd-geo-test$(EXESUF)
 gcov-files-i386-y += hw/hd-geometry.c
 check-qtest-i386-y += tests/boot-order-test$(EXESUF)
+check-qtest-i386-y += tests/acpi-test$(EXESUF)
 check-qtest-i386-y += tests/rtc-test$(EXESUF)
 check-qtest-i386-y += tests/i440fx-test$(EXESUF)
 check-qtest-i386-y += tests/fw_cfg-test$(EXESUF)
@@ -171,6 +172,7 @@ tests/fdc-test$(EXESUF): tests/fdc-test.o
 tests/ide-test$(EXESUF): tests/ide-test.o $(libqos-pc-obj-y)
 tests/hd-geo-test$(EXESUF): tests/hd-geo-test.o
 tests/boot-order-test$(EXESUF): tests/boot-order-test.o $(libqos-obj-y)
+tests/acpi-test$(EXESUF): tests/acpi-test.o $(libqos-obj-y)
 tests/tmp105-test$(EXESUF): tests/tmp105-test.o $(libqos-omap-obj-y)
 tests/i440fx-test$(EXESUF): tests/i440fx-test.o $(libqos-pc-obj-y)
 tests/fw_cfg-test$(EXESUF): tests/fw_cfg-test.o $(libqos-pc-obj-y)
-- 
MST

[Qemu-devel] [PATCH 1/2] qtest: don't configure icount if qtest not allowed

[Michael S. Tsirkin]

This makes it possible to run bios under qtest

Signed-off-by: Michael S. Tsirkin 
---
 qtest.c | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

diff --git a/qtest.c b/qtest.c
index 584c707..48e3288 100644
--- a/qtest.c
+++ b/qtest.c
@@ -508,7 +508,9 @@ int qtest_init(void)
 
 g_assert(qtest_chrdev != NULL);
 
-configure_icount("0");
+if (qtest_enabled()) {
+configure_icount("0");
+}
 chr = qemu_chr_new("qtest", qtest_chrdev, NULL);
 
 qemu_chr_add_handlers(chr, qtest_can_read, qtest_read, qtest_event, chr);
-- 
MST

[Qemu-devel] [Bug 1174654] Re: qemu-system-x86_64 takes 100% CPU after host machine resumed from suspend to ram

[tobias]

hi,

tried your option but it does not help. (cpu usage is still high)
below my command line syntax:
qemu-system-x86_64 -global mc146818rtc.lost_tick_policy=slew -machine 
accel=kvm:tcg -name win7 -S -machine pc-i440fx-1.4,accel=kvm,usb=off -m 2048 
-realtime mlock=off -smp 1,sockets=1,cores=1,threads=1 -uuid 
813f5806-64ec-3319-452a-5e1834e753c9 -no-user-config -nodefaults -chardev 
socket,id=charmonitor,path=/var/lib/libvirt/qemu/win7.monitor,server,nowait 
-mon chardev=charmonitor,id=monitor,mode=control -rtc base=localtime 
-no-shutdown -device ich9-usb-ehci1,id=usb,bus=pci.0,addr=0x5.0x7 -device 
ich9-usb-uhci1,masterbus=usb.0,firstport=0,bus=pci.0,multifunction=on,addr=0x5 
-device ich9-usb-uhci2,masterbus=usb.0,firstport=2,bus=pci.0,addr=0x5.0x1 
-device ich9-usb-uhci3,masterbus=usb.0,firstport=4,bus=pci.0,addr=0x5.0x2 
-device virtio-serial-pci,id=virtio-serial0,bus=pci.0,addr=0x8 -drive 
file=/data/vmware/win7.img,if=none,id=drive-virtio-disk0,format=qcow2 -device 
virtio-blk-pci,scsi=off,bus=pci.0,addr=0x6,drive=drive-virtio-disk0,id=virtio-disk0,bootindex=1
 -device usb-tablet,id=input0 -device intel-hda,id=sound0,bus=pci.0,addr=0x4 
-device hda-duplex,id=sound0-codec0,bus=sound0.0,cad=0 -device 
virtio-balloon-pci,id=balloon0,bus=pci.0,addr=0x7 -vga std

-- 
You received this bug notification because you are a member of qemu-
devel-ml, which is subscribed to QEMU.
https://bugs.launchpad.net/bugs/1174654

Title:
  qemu-system-x86_64 takes 100% CPU after host machine resumed from
  suspend to ram

Status in QEMU:
  Confirmed
Status in “qemu” package in Ubuntu:
  Invalid

Bug description:
  I have Windows XP SP3  inside qemu VM. All works fine in 12.10. But
  after upgraiding to 13.04 i have to restart the VM each time i
  resuming my host machine, because qemu process starts to take CPU
  cycles and OS inside VM is very slow and sluggish. However it's still
  controllable and could be shutdown by itself.

  According to the taskmgr any active process takes 99% CPU. It's not
  stuck on some single process.

To manage notifications about this bug go to:
https://bugs.launchpad.net/qemu/+bug/1174654/+subscriptions

[Qemu-devel] KVM Forum 2013 presentations on Google+ (Hangouts on-air)

[Ademar de Souza Reis Jr.]

Hi there.

We're going to broadcast the KVM Forum 2013 presentations and
keynotes using Google+ "Hangouts On-air". We also plan to have
etherpads available for live discussions and notes.

We're doing our best to make sure the audio/video/internet
quality is good. We can't promise anything at this point, but
hopefully those of you who won't be able to attend might find it
useful.

Stay tuned!

Our Google+ page:
http://gplus.to/kvmforum2013

Youtube Channel (linked to the page above):
http://www.youtube.com/channel/UCRCSQmAOh7yzgheq-emy1xA

The program schedule:
http://events.linuxfoundation.org/events/kvm-forum/program/schedule

Cheers!
   - Ademar

-- 
Ademar de Souza Reis Jr.
Red Hat

^[:wq!

Re: [Qemu-devel] [PATCH] virtio: Remove unneeded memcpy

[Peter Maydell]

On 17 October 2013 20:23, Stefan Weil  wrote:
> Report from valgrind:
>
> ==19521== Source and destination overlap in memcpy(0x31d38938, 0x31d38938, 64)
> ==19521==at 0x4A0A343: memcpy@@GLIBC_2.14 (in
> /usr/lib64/valgrind/vgpreload_memcheck-amd64-linux.so)
> ==19521==by 0x42774E: virtio_blk_device_init (virtio-blk.c:686)
> ==19521==by 0x46EE9E: virtio_device_init (virtio.c:1158)
> ==19521==by 0x25405E: device_realize (qdev.c:178)
> ==19521==by 0x2559B5: device_set_realized (qdev.c:699)
> ==19521==by 0x3A819B: property_set_bool (object.c:1315)
> ==19521==by 0x3A6CE0: object_property_set (object.c:803)
>
> Valgrind is right: blk == &s->blks, so it is a memcpy of 64 byte with
> source == destination which can be removed.
>
> Reported-by: Dave Airlie 
> Signed-off-by: Stefan Weil 

Reviewed-by: Peter Maydell 

I did a quick eyeball of the other memcpy()s in hw/*/*virtio*
and I think this is the only one with this problem.

-- PMM

Re: [Qemu-devel] virtio-blk wierd memcpy

[Stefan Weil]

Am 17.10.2013 20:49, schrieb Dave Airlie:
> In my failing attempts to valgrind qemu (how to people live like
> this?), I spotted this in the logs
>
> ==19521== Source and destination overlap in memcpy(0x31d38938, 0x31d38938, 64)
> ==19521==at 0x4A0A343: memcpy@@GLIBC_2.14 (in
> /usr/lib64/valgrind/vgpreload_memcheck-amd64-linux.so)
> ==19521==by 0x42774E: virtio_blk_device_init (virtio-blk.c:686)
> ==19521==by 0x46EE9E: virtio_device_init (virtio.c:1158)
> ==19521==by 0x25405E: device_realize (qdev.c:178)
> ==19521==by 0x2559B5: device_set_realized (qdev.c:699)
> ==19521==by 0x3A819B: property_set_bool (object.c:1315)
> ==19521==by 0x3A6CE0: object_property_set (object.c:803)
>
> The memcpy looks completely superfluous.
>
> Dave.

That's correct - thank you for your report.

I have prepared a patch which removes that memcpy:
http://patchwork.ozlabs.org/patch/284355/

Regards,
Stefan

[Qemu-devel] [PATCH] virtio: Remove unneeded memcpy

[Stefan Weil]

Report from valgrind:

==19521== Source and destination overlap in memcpy(0x31d38938, 0x31d38938, 64)
==19521==at 0x4A0A343: memcpy@@GLIBC_2.14 (in
/usr/lib64/valgrind/vgpreload_memcheck-amd64-linux.so)
==19521==by 0x42774E: virtio_blk_device_init (virtio-blk.c:686)
==19521==by 0x46EE9E: virtio_device_init (virtio.c:1158)
==19521==by 0x25405E: device_realize (qdev.c:178)
==19521==by 0x2559B5: device_set_realized (qdev.c:699)
==19521==by 0x3A819B: property_set_bool (object.c:1315)
==19521==by 0x3A6CE0: object_property_set (object.c:803)

Valgrind is right: blk == &s->blks, so it is a memcpy of 64 byte with
source == destination which can be removed.

Reported-by: Dave Airlie 
Signed-off-by: Stefan Weil 
---
 hw/block/virtio-blk.c |1 -
 1 file changed, 1 deletion(-)

diff --git a/hw/block/virtio-blk.c b/hw/block/virtio-blk.c
index 49a23c3..13f6d82 100644
--- a/hw/block/virtio-blk.c
+++ b/hw/block/virtio-blk.c
@@ -703,7 +703,6 @@ static int virtio_blk_device_init(VirtIODevice *vdev)
 
 s->bs = blk->conf.bs;
 s->conf = &blk->conf;
-memcpy(&(s->blk), blk, sizeof(struct VirtIOBlkConf));
 s->rq = NULL;
 s->sector_mask = (s->conf->logical_block_size / BDRV_SECTOR_SIZE) - 1;
 
-- 
1.7.9.5

Re: [Qemu-devel] [RFC v5 2/5] hw/arm/digic: prepare DIGIC-based boards support

[Peter Maydell]

On 17 October 2013 19:51, Georg Hofstetter  wrote:
> flash (ROM1) on these cameras starts at 0xF800 and is either
> 0x0080, 0x0100 ox 0x0200 large. just like with every
> chip-selected memory, where the CS/EN line is selected by address masks,
> addressing beyond the size memory repeats the content over and over.
>
> ROM0 (0xF000) is rarely used.
>
> The ARM in DIGIC has the high vectors selected by hardware and so the
> reset vector is 0x. There you will find a bootloader.
> Due to the memories repeating over and over starting from 0xF800,
> the CPU will read from 0xF87F, 0xF8FF or 0xF9FF, depending
> on flash size (see above).
>
> This kind of addressing beyond real flash end and wrapping over is
> intentionally used by canon in multiple places - even in the main
> firmware and when reflashing.
> Some blocks are reflashed on a regular basis. They are used for
> properties, which are the configuration area.

Thanks for this explanation of the hardware.

> If you want to make the emulator behave like the real hardware, then you
> have to:
>
>  - reset to 0x

Yep. This implies having a cpu property corresponding to "enable
hivecs from bootup" (matching the h/w config signal), and making
sure cpu reset honours it; that's fairly easy.

>  - place ROM0 at 0xF000
>  - place ROM1 at 0xF800
>  - make the memory subsystem address correctly: (pseudocode)
>  if((virt_addr & 0xF800) == 0xF000)
>  {
>  real_addr = 0xF000 | (virt_addr & (rom0_size - 1));
>  }
>  if((virt_addr & 0xF800) == 0xF800)
>  {
>  real_addr = 0xF800 | (virt_addr & (rom1_size - 1));
>  }

The easy way to do this is just to use memory region aliases
to repeat the ROM through the whole area; you can do that
in the board model without having to mess with the memory
subsystem itself.

>  - make sure the flash emulation supports reflashing (properties)
>  - change qemu memory subsystem to support execution from a flash that
>can be reprogrammed (properties are rewritten during startup)
>(maybe this is already possible, but it wasn't so 6 months ago)

I agree that these are probably missing features in our flash
emulation, but aren't they orthogonal to the question of how
we handle CPU reset and what the starting PC should be?

-- PMM

Re: [Qemu-devel] [PATCH 04/18] bsd-user: move target arch and host OSdependent code out of main.cc

[Stacey Son]

On Oct 16, 2013, at 11:32 AM, Peter Maydell  wrote:

> On 16 October 2013 16:46, Stacey Son  wrote:
>> The arm code came from another source as noted in the cover letter.  It 
>> could use a lot more work.
> 
> Possibly better to leave it out of this initial patch set and submit
> it separately
> later then?

I cleaned up the arm cpu_loop() a bit.  You can view the replacement patch it 
at:

http://people.freebsd.org/~sson/qemu/qemu-1.6.1/0004-bsd-user-move-target-arch-and-host-OS-dependent-code.patch

Of course, it is still missing support for things like handling undefined 
instruction (co-proc) exceptions via "EmulateAll()" but I am hoping someone 
will pick that up.  It is current state, however, it can be used to cross build 
a good amount of FreeBSD/arm ports.  I am hoping one of the BSD/arm guys will 
find it useful and start contributing.  :)

-stacey.

Re: [Qemu-devel] [RFC v5 2/5] hw/arm/digic: prepare DIGIC-based boards support

[Georg Hofstetter]

Hello,

just for the record.

flash (ROM1) on these cameras starts at 0xF800 and is either
0x0080, 0x0100 ox 0x0200 large. just like with every
chip-selected memory, where the CS/EN line is selected by address masks,
addressing beyond the size memory repeats the content over and over.

ROM0 (0xF000) is rarely used.

The ARM in DIGIC has the high vectors selected by hardware and so the
reset vector is 0x. There you will find a bootloader.
Due to the memories repeating over and over starting from 0xF800,
the CPU will read from 0xF87F, 0xF8FF or 0xF9FF, depending
on flash size (see above).

This kind of addressing beyond real flash end and wrapping over is
intentionally used by canon in multiple places - even in the main
firmware and when reflashing.
Some blocks are reflashed on a regular basis. They are used for
properties, which are the configuration area.

If you want to make the emulator behave like the real hardware, then you
have to:

 - reset to 0x
 - place ROM0 at 0xF000
 - place ROM1 at 0xF800
 - make the memory subsystem address correctly: (pseudocode)
 if((virt_addr & 0xF800) == 0xF000)
 {
 real_addr = 0xF000 | (virt_addr & (rom0_size - 1));
 }
 if((virt_addr & 0xF800) == 0xF800)
 {
 real_addr = 0xF800 | (virt_addr & (rom1_size - 1));
 }
 - make sure the flash emulation supports reflashing (properties)
 - change qemu memory subsystem to support execution from a flash that
   can be reprogrammed (properties are rewritten during startup)
   (maybe this is already possible, but it wasn't so 6 months ago)

OR
 - make workarounds so the system gets close to that behavior ;)


BR,
Georg

Am 17.10.2013 20:01, schrieb Peter Maydell:
> On 7 September 2013 08:04, Antony Pavlov  wrote:
> 
> I still think this is wrong. Real hardware can't possibly
> start at this address; we should boot the same way the
> hardware does.
> 
>> +}
>> +
>> +static DigicBoard digic4_board_canon_a1100 = {
>> +.ram_size = 64 * 1024 * 1024,
>> +/* CHDK recommends this address for ROM disassembly */
>> +.start_addr = 0xffc0,
>> +};
> 
> thanks
> -- PMM
> 

[Qemu-devel] virtio-blk wierd memcpy

[Dave Airlie]

In my failing attempts to valgrind qemu (how to people live like
this?), I spotted this in the logs

==19521== Source and destination overlap in memcpy(0x31d38938, 0x31d38938, 64)
==19521==at 0x4A0A343: memcpy@@GLIBC_2.14 (in
/usr/lib64/valgrind/vgpreload_memcheck-amd64-linux.so)
==19521==by 0x42774E: virtio_blk_device_init (virtio-blk.c:686)
==19521==by 0x46EE9E: virtio_device_init (virtio.c:1158)
==19521==by 0x25405E: device_realize (qdev.c:178)
==19521==by 0x2559B5: device_set_realized (qdev.c:699)
==19521==by 0x3A819B: property_set_bool (object.c:1315)
==19521==by 0x3A6CE0: object_property_set (object.c:803)

The memcpy looks completely superfluous.

Dave.

Re: [Qemu-devel] [PATCH] net: disallow to specify multicast MAC address

[Dmitry Krivenok]

> Personally, I find 'expr ? true : false' rather verbose; why not just:
>
> return macaddr[0] % 2;

I agree, your variant is shorter and easier to read.

Re: [Qemu-devel] [Qemu-ppc] [PATCH V2] Fix float64_to_uint64

[Tom Musta]

> On 10/17/2013 11:31 AM, Stefan Weil wrote:

Am 17.10.2013 11:40, schrieb Alexander Graf:
Missing a SoB line.


Alex


There is already a mix of coding styles in fpu/softfloat.c, and your
patch adds large regions of new code.
Therefore I expect that such contributions should respect the QEMU
coding style.

The situation is different if only single lines in some function are
replaced or added.

Stefan



OK  I will rework the patch to use QEMU style.  And will add the sob.

Re: [Qemu-devel] [RFC v5 4/5] hw/arm/digic: add UART support

[Peter Maydell]

On 7 September 2013 08:04, Antony Pavlov  wrote:
> Signed-off-by: Antony Pavlov 
> --- a/hw/arm/digic_boards.c
> +++ b/hw/arm/digic_boards.c
> @@ -26,6 +26,13 @@
>  #include "hw/boards.h"
>  #include "exec/address-spaces.h"
>  #include "hw/arm/digic.h"
> +#include "hw/block/flash.h"
> +#include "hw/loader.h"
> +#include "sysemu/sysemu.h"
> +
> +#define DIGIC4_ROM0_BASE  0xf000
> +#define DIGIC4_ROM1_BASE  0xf800
> +# define DIGIC4_ROM_MAX_SIZE  0x0800

Stray extra spaces here. If you fix those then:
Reviewed-by: Peter Maydell 

-- PMM

Re: [Qemu-devel] [RFC v5 2/5] hw/arm/digic: prepare DIGIC-based boards support

[Peter Maydell]

On 7 September 2013 08:04, Antony Pavlov  wrote:
> +
> +static void digic4_board_init(DigicBoard *board)
> +{
> +Error *err = NULL;
> +
> +DigicBoardState *s = g_new(DigicBoardState, 1);
> +
> +s->digic = DIGIC(object_new(TYPE_DIGIC));
> +object_property_set_bool(OBJECT(s->digic), true, "realized", &err);
> +if (err != NULL) {
> +fprintf(stderr, "Couldn't realize DIGIC SoC: %s\n",
> +error_get_pretty(err));
> +exit(1);
> +}
> +
> +digic4_board_setup_ram(s, board->ram_size);
> +
> +s->digic->cpu.env.regs[15] = board->start_addr;

I still think this is wrong. Real hardware can't possibly
start at this address; we should boot the same way the
hardware does.

> +}
> +
> +static DigicBoard digic4_board_canon_a1100 = {
> +.ram_size = 64 * 1024 * 1024,
> +/* CHDK recommends this address for ROM disassembly */
> +.start_addr = 0xffc0,
> +};

thanks
-- PMM

Re: [Qemu-devel] [RFC v5 5/5] hw/arm/digic: add NOR ROM support

[Peter Maydell]

On 7 September 2013 08:04, Antony Pavlov  wrote:
> Signed-off-by: Antony Pavlov 
> ---
>  hw/arm/digic_boards.c | 64 
> +++
>  1 file changed, 64 insertions(+)
>
> diff --git a/hw/arm/digic_boards.c b/hw/arm/digic_boards.c
> index cced229..a12b673 100644
> --- a/hw/arm/digic_boards.c
> +++ b/hw/arm/digic_boards.c
> @@ -41,6 +41,10 @@ typedef struct DigicBoardState {
>
>  typedef struct DigicBoard {
>  hwaddr ram_size;
> +void (*add_rom0)(DigicBoardState *, hwaddr, const char *);
> +const char *rom0_def_filename;
> +void (*add_rom1)(DigicBoardState *, hwaddr, const char *);
> +const char *rom1_def_filename;

This is a bit odd but all our board models are a bit ad-hoc
so I don't object to it.

>  hwaddr start_addr;
>  } DigicBoard;
>
> @@ -67,11 +71,71 @@ static void digic4_board_init(DigicBoard *board)
>
>  digic4_board_setup_ram(s, board->ram_size);
>
> +if (board->add_rom0) {
> +board->add_rom0(s, DIGIC4_ROM0_BASE, board->rom0_def_filename);
> +}
> +
> +if (board->add_rom1) {
> +board->add_rom1(s, DIGIC4_ROM1_BASE, board->rom1_def_filename);
> +}
> +
>  s->digic->cpu.env.regs[15] = board->start_addr;
>  }
>
> +static void digic_load_rom(DigicBoardState *s, hwaddr addr,
> +   hwaddr max_size, const char *def_filename)
> +{
> +
> +target_long rom_size;
> +const char *filename;
> +
> +if (bios_name) {
> +filename = bios_name;
> +} else {
> +filename = def_filename;
> +}
> +
> +if (filename) {
> +char *fn = qemu_find_file(QEMU_FILE_TYPE_BIOS, filename);
> +
> +if (!fn) {
> +fprintf(stderr, "Couldn't find rom image '%s'.\n", filename);
> +exit(1);
> +}
> +
> +rom_size = load_image_targphys(fn, addr, max_size);
> +if (rom_size < 0 || rom_size > max_size) {
> +fprintf(stderr, "Couldn't load rom image '%s'\n", filename);
> +exit(1);
> +}

This is weird. Why not use drive_get(IF_PFLASH, ...) and pass
that to pflash_cfi02_register(), the same way the other ARM
boards arrange to load the contents of flash?

> +}
> +}
> +
> +/*
> + * Samsung K8P3215UQB
> + * 64M Bit (4Mx16) Page Mode / Multi-Bank NOR Flash Memory
> + */
> +static void digic4_add_k8p3215uqb_rom(DigicBoardState *s, hwaddr addr,
> +  const char *def_filename)
> +{
> +#define FLASH_K8P3215UQB_SIZE (4 * 1024 * 1024)
> +#define FLASH_K8P3215UQB_SECTOR_SIZE (64 * 1024)
> +
> +pflash_cfi02_register(addr, NULL, "pflash", FLASH_K8P3215UQB_SIZE,
> +  NULL, FLASH_K8P3215UQB_SECTOR_SIZE,
> +  FLASH_K8P3215UQB_SIZE / 
> FLASH_K8P3215UQB_SECTOR_SIZE,
> +  DIGIC4_ROM_MAX_SIZE / FLASH_K8P3215UQB_SIZE,
> +  4,
> +  0x00EC, 0x007E, 0x0003, 0x0001,
> +  0x0555, 0x2aa, 0);
> +
> +digic_load_rom(s, addr, FLASH_K8P3215UQB_SIZE, def_filename);
> +}
> +
>  static DigicBoard digic4_board_canon_a1100 = {
>  .ram_size = 64 * 1024 * 1024,
> +.add_rom1 = digic4_add_k8p3215uqb_rom,
> +.rom1_def_filename = "canon-a1100-rom1.bin",
>  /* CHDK recommends this address for ROM disassembly */
>  .start_addr = 0xffc0,
>  };
> --
> 1.8.4.rc3
>

-- PMM

Re: [Qemu-devel] [RFC v5 3/5] hw/arm/digic: add timer support

[Peter Maydell]

On 7 September 2013 08:04, Antony Pavlov  wrote:
> +static const TypeInfo digic_timer_info = {
> +.name = TYPE_DIGIC_TIMER,
> +.parent = TYPE_SYS_BUS_DEVICE,
> +.instance_size = sizeof(DigicTimerState),
> +.instance_init = digic_timer_init,
> +};

This needs a reset function (should reset the timer,
so we behave the same on reset as we do at startup).

It also needs a VMStateDescription, since the
ptimer is migratable state.

thanks
-- PMM

[Qemu-devel] [PATCH v8 3/3] hw/arm: Add 'virt' platform

[Peter Maydell]

Add 'virt' platform support corresponding to arch/arm/mach-virt
in the Linux kernel tree. This has no platform-specific code but
can use any device whose kernel driver is is able to work purely
from a device tree node. We use this to instantiate a minimal
set of devices: a GIC and some virtio-mmio transports.

Signed-off-by: John Rigby 
[PMM:
 Significantly overhauled:
 * renamed user-facing machine to just "virt"
 * removed the A9 support (it can't work since the A9 has no
   generic timers)
 * added virtio-mmio transports instead of random set of 'soc' devices
   (though we retain a pl011 UART)
 * instead of updating io_base as we step through adding devices,
   define a memory map with an array (similar to vexpress)
 * similarly, define irqmap with an array
 * folded in some minor fixes from John's aarch64-support patch
 * rather than explicitly doing endian-swapping on FDT cells,
   use fdt APIs that let us just pass in host-endian values
   and let the fdt layer take care of the swapping
 * miscellaneous minor code cleanups and style fixes
]
Signed-off-by: Peter Maydell 
---
 hw/arm/Makefile.objs |2 +-
 hw/arm/virt.c|  418 ++
 2 files changed, 419 insertions(+), 1 deletion(-)
 create mode 100644 hw/arm/virt.c

diff --git a/hw/arm/Makefile.objs b/hw/arm/Makefile.objs
index 3671b42..78b5614 100644
--- a/hw/arm/Makefile.objs
+++ b/hw/arm/Makefile.objs
@@ -1,7 +1,7 @@
 obj-y += boot.o collie.o exynos4_boards.o gumstix.o highbank.o
 obj-y += integratorcp.o kzm.o mainstone.o musicpal.o nseries.o
 obj-y += omap_sx1.o palm.o realview.o spitz.o stellaris.o
-obj-y += tosa.o versatilepb.o vexpress.o xilinx_zynq.o z2.o
+obj-y += tosa.o versatilepb.o vexpress.o virt.o xilinx_zynq.o z2.o
 
 obj-y += armv7m.o exynos4210.o pxa2xx.o pxa2xx_gpio.o pxa2xx_pic.o
 obj-y += omap1.o omap2.o strongarm.o
diff --git a/hw/arm/virt.c b/hw/arm/virt.c
new file mode 100644
index 000..8bd9dd9
--- /dev/null
+++ b/hw/arm/virt.c
@@ -0,0 +1,418 @@
+/*
+ * ARM mach-virt emulation
+ *
+ * Copyright (c) 2013 Linaro Limited
+ *
+ * This program is free software; you can redistribute it and/or modify it
+ * under the terms and conditions of the GNU General Public License,
+ * version 2 or later, as published by the Free Software Foundation.
+ *
+ * This program is distributed in the hope it will be useful, but WITHOUT
+ * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
+ * FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License for
+ * more details.
+ *
+ * You should have received a copy of the GNU General Public License along with
+ * this program.  If not, see .
+ *
+ * Emulate a virtual board which works by passing Linux all the information
+ * it needs about what devices are present via the device tree.
+ * There are some restrictions about what we can do here:
+ *  + we can only present devices whose Linux drivers will work based
+ *purely on the device tree with no platform data at all
+ *  + we want to present a very stripped-down minimalist platform,
+ *both because this reduces the security attack surface from the guest
+ *and also because it reduces our exposure to being broken when
+ *the kernel updates its device tree bindings and requires further
+ *information in a device binding that we aren't providing.
+ * This is essentially the same approach kvmtool uses.
+ */
+
+#include "hw/sysbus.h"
+#include "hw/arm/arm.h"
+#include "hw/arm/primecell.h"
+#include "hw/devices.h"
+#include "net/net.h"
+#include "sysemu/device_tree.h"
+#include "sysemu/sysemu.h"
+#include "sysemu/kvm.h"
+#include "hw/boards.h"
+#include "exec/address-spaces.h"
+#include "qemu/bitops.h"
+#include "qemu/error-report.h"
+
+#define NUM_VIRTIO_TRANSPORTS 32
+
+/* Number of external interrupt lines to configure the GIC with */
+#define NUM_IRQS 128
+
+#define GIC_FDT_IRQ_TYPE_SPI 0
+#define GIC_FDT_IRQ_TYPE_PPI 1
+
+#define GIC_FDT_IRQ_FLAGS_EDGE_LO_HI 1
+#define GIC_FDT_IRQ_FLAGS_EDGE_HI_LO 2
+#define GIC_FDT_IRQ_FLAGS_LEVEL_HI 4
+#define GIC_FDT_IRQ_FLAGS_LEVEL_LO 8
+
+#define GIC_FDT_IRQ_PPI_CPU_START 8
+#define GIC_FDT_IRQ_PPI_CPU_WIDTH 8
+
+enum {
+VIRT_FLASH,
+VIRT_MEM,
+VIRT_CPUPERIPHS,
+VIRT_GIC_DIST,
+VIRT_GIC_CPU,
+VIRT_UART,
+VIRT_MMIO,
+};
+
+typedef struct MemMapEntry {
+hwaddr base;
+hwaddr size;
+} MemMapEntry;
+
+typedef struct VirtBoardInfo {
+struct arm_boot_info bootinfo;
+const char *cpu_model;
+const char *cpu_compatible;
+const char *qdevname;
+const char *gic_compatible;
+const MemMapEntry *memmap;
+const int *irqmap;
+int smp_cpus;
+void *fdt;
+int fdt_size;
+uint32_t clock_phandle;
+} VirtBoardInfo;
+
+/* Addresses and sizes of our components.
+ * We leave the first 64K free for possible use later for
+ * flash (for running boot code such as UEFI); following
+ * that is I/O, and then everything else is RAM (wh

[Qemu-devel] [PATCH v8 0/3] hw/arm: Add 'virt' platform

[Peter Maydell]

This patch series adds a 'virt' platform which uses the
kernel's mach-virt (fully device-tree driven) support
to create a simple minimalist platform intended for
use for KVM VM guests.

v6->v7 change is just flipping the order we put
the virtio nodes into the device tree, to match
vexpress and ppc precedent.

Since that's a pretty minor change I plan to put this
into a pullreq to go into 1.7 soonish (read: probably
this weekend). Yell now if you disagree.


Sample command line:

 qemu-system-arm -machine type=virt -display none \
  -kernel zImage \
  -append 'root=/dev/vda rw console=ttyAMA0 rootwait'
  -cpu cortex-a15 \
  -device virtio-blk-device,drive=foo \
  -drive if=none,file=arm-wheezy.img,id=foo \
  -m 2048 -serial stdio

Note that there is no earlyprintk via the PL011 because
there's no defined device tree binding for "hey, here
is your earlyprintk UART".


*** NOTE *** to get the PL011 to work you'll need to
tweak the kernel a bit:

diff --git a/arch/arm/mach-virt/virt.c b/arch/arm/mach-virt/virt.c
index b184e57..2b6aceb 100644
--- a/arch/arm/mach-virt/virt.c
+++ b/arch/arm/mach-virt/virt.c
@@ -21,11 +21,13 @@
 #include 
 #include 
 #include 
+#include 
 
 #include 
 
 static void __init virt_init(void)
 {
+   of_clk_init(NULL);
of_platform_populate(NULL, of_default_bus_match_table, NULL, NULL);
 }
 

Otherwise the kernel doesn't ever add the clock to its
list, and then it refuses to probe for the PL011.
(I'm told this isn't really the right fix, though, and
ideally the call should be done in some generic location
rather than in every machine's init function.)

The alternative would be for the kernel to be fixed to
follow its own device tree binding documentation and not
require clocks/clock-names properties on the pl011 node.


Changes from John Rigby's v3->my v4:
 * renamed user-facing machine to just "virt"
 * removed the A9 support (it can't work since the A9 has no
   generic timers)
 * added virtio-mmio transports instead of random set of 'soc' devices
 * instead of updating io_base as we step through adding devices,
   define a memory map with an array (similar to vexpress)
 * folded in some minor fixes from John's aarch64-support patch
 * rather than explicitly doing endian-swapping on FDT cells,
   use fdt APIs that let us just pass in host-endian values
   and let the fdt layer take care of the swapping
 * miscellaneous minor code cleanups and style fixes
Changes v4->v5:
 * removed outdated TODO remarks from commit messages
Changes v5->v6:
 * adjusted the memory map as per Anup's review comments
   (actually made the changes this time!)
Changes v6->v7:
 * added a PL011 UART, at Alex's suggestion (and the accompanying
   fake clock dtb node that this requires)
 * added an irqmap[] in parallel with the memmap[] so that our
   assignment of devices to irq lines is neatly in one place
 * the removal of arm_pic allows us to get rid of an irritating
   array sized to the number of CPUs
 * included the "terminate dtb reservemap" patch since it's a
   dependency to get the kernel to boot
Changes v7->v8:
 * iterate through virtio-mmio nodes the opposite way round so
   that they appear in the device tree lowest-address-first;
   this matches PPC behaviour and the vexpress code

John Rigby (1):
  hw/arm/boot: Allow boards to provide an fdt blob

Peter Maydell (2):
  device_tree.c: Terminate the empty reservemap in create_device_tree()
  hw/arm: Add 'virt' platform

 device_tree.c|4 +
 hw/arm/Makefile.objs |2 +-
 hw/arm/boot.c|   32 ++--
 hw/arm/virt.c|  418 ++
 include/hw/arm/arm.h |7 +
 5 files changed, 450 insertions(+), 13 deletions(-)
 create mode 100644 hw/arm/virt.c

-- 
1.7.9.5

[Qemu-devel] [PATCH v8 2/3] hw/arm/boot: Allow boards to provide an fdt blob

[Peter Maydell]

From: John Rigby 

If no fdt is provided on command line and the new field
get_dtb in struct arm_boot_info is set then call it to
get a device tree blob.

Signed-off-by: John Rigby 
[PMM: minor tweaks and cleanup]
Signed-off-by: Peter Maydell 
---
 hw/arm/boot.c|   32 
 include/hw/arm/arm.h |7 +++
 2 files changed, 27 insertions(+), 12 deletions(-)

diff --git a/hw/arm/boot.c b/hw/arm/boot.c
index 1e313af..967397b 100644
--- a/hw/arm/boot.c
+++ b/hw/arm/boot.c
@@ -228,23 +228,31 @@ static void set_kernel_args_old(const struct 
arm_boot_info *info)
 static int load_dtb(hwaddr addr, const struct arm_boot_info *binfo)
 {
 void *fdt = NULL;
-char *filename;
 int size, rc;
 uint32_t acells, scells;
 
-filename = qemu_find_file(QEMU_FILE_TYPE_BIOS, binfo->dtb_filename);
-if (!filename) {
-fprintf(stderr, "Couldn't open dtb file %s\n", binfo->dtb_filename);
-goto fail;
-}
+if (binfo->dtb_filename) {
+char *filename;
+filename = qemu_find_file(QEMU_FILE_TYPE_BIOS, binfo->dtb_filename);
+if (!filename) {
+fprintf(stderr, "Couldn't open dtb file %s\n", 
binfo->dtb_filename);
+goto fail;
+}
 
-fdt = load_device_tree(filename, &size);
-if (!fdt) {
-fprintf(stderr, "Couldn't open dtb file %s\n", filename);
+fdt = load_device_tree(filename, &size);
+if (!fdt) {
+fprintf(stderr, "Couldn't open dtb file %s\n", filename);
+g_free(filename);
+goto fail;
+}
 g_free(filename);
-goto fail;
+} else if (binfo->get_dtb) {
+fdt = binfo->get_dtb(binfo, &size);
+if (!fdt) {
+fprintf(stderr, "Board was unable to create a dtb blob\n");
+goto fail;
+}
 }
-g_free(filename);
 
 acells = qemu_devtree_getprop_cell(fdt, "/", "#address-cells");
 scells = qemu_devtree_getprop_cell(fdt, "/", "#size-cells");
@@ -436,7 +444,7 @@ void arm_load_kernel(ARMCPU *cpu, struct arm_boot_info 
*info)
 /* for device tree boot, we pass the DTB directly in r2. Otherwise
  * we point to the kernel args.
  */
-if (info->dtb_filename) {
+if (info->dtb_filename || info->get_dtb) {
 /* Place the DTB after the initrd in memory. Note that some
  * kernels will trash anything in the 4K page the initrd
  * ends in, so make sure the DTB isn't caught up in that.
diff --git a/include/hw/arm/arm.h b/include/hw/arm/arm.h
index ecbbba8..cbbf4ca 100644
--- a/include/hw/arm/arm.h
+++ b/include/hw/arm/arm.h
@@ -50,6 +50,13 @@ struct arm_boot_info {
  const struct arm_boot_info *info);
 void (*secondary_cpu_reset_hook)(ARMCPU *cpu,
  const struct arm_boot_info *info);
+/* if a board is able to create a dtb without a dtb file then it
+ * sets get_dtb. This will only be used if no dtb file is provided
+ * by the user. On success, sets *size to the length of the created
+ * dtb, and returns a pointer to it. (The caller must free this memory
+ * with g_free() when it has finished with it.) On failure, returns NULL.
+ */
+void *(*get_dtb)(const struct arm_boot_info *info, int *size);
 /* if a board needs to be able to modify a device tree provided by
  * the user it should implement this hook.
  */
-- 
1.7.9.5

Re: [Qemu-devel] [Nbd] Hibernate and qemu-nbd

[Mark Trumpold]

>-Original Message-
>From: Stefan Hajnoczi [mailto:stefa...@gmail.com]
>Sent: Tuesday, October 15, 2013 08:17 AM
>To: 'Mark Trumpold'
>Cc: 'Wouter Verhelst', nbd-gene...@lists.sourceforge.net, 'Paul Clements',
>qemu-devel@nongnu.org, 'Paolo Bonzini'
>Subject: Re: [Nbd] [Qemu-devel] Hibernate and qemu-nbd
>
>On Thu, Oct 10, 2013 at 11:15 AM, Stefan Hajnoczi  wrote:
>> On Fri, Oct 04, 2013 at 07:30:45AM -0700, Mark Trumpold wrote:
>>>
>>>
>>> On 9/26/13 10:18 PM, "Stefan Hajnoczi"  wrote:
>>>
>>> >
>>> >Try the qemu-nbd --persistent option.  That should prevent it from
>>> >shutting down when nbd-client is disconnected.
>>> >
>>> >Stefan
>>> >
>>>
>>>
>>> Hi Stefan,
>>>
>>> Sorry for the delay..
>>> I tried the following per your suggestion:
>>>
>>>   920  qemu-nbd --persistent -p 2000 /root/qemu/q1.img &
>>>   921  nbd-client -persist localhost 2000 /dev/nbd0
>>>   922  fsck /dev/nbd0
>>>   923  mount /dev/nbd0 /mnt
>>>   924  ls /mnt
>>>   925  umount /dev/nbd0
>>>   ::
>>>
>>>   927  echo reboot >/sys/power/disk
>>>   928  echo disk >/sys/power/state
>>>   929  mount /dev/nbd0 /mnt
>>>
>>> This seems to work; that is both sides (client and server) persist
>>> after the hibernate cycle.
>>>
>>> However, if I don't 'umount' '/dev/nbd0' before the hibernate
>>> cycle, and try to 'ls /mnt' after, the 'ls' hangs indefinitely.
>>>
>>> For my real use case we have the root filesystem mounted,
>>> so unmounting is not an option (at least I don't think so).
>>>
>>> I also tried remounting readonly, and also 'blockdev --flushbufs ..'
>>> before the hibernate cycle -- either or both did not help.
>>>
>>> I had thought about trying a 'chroot' and then a 'umount', but
>>> have not yet tried this.
>>>
>>> This one was so close..
>
>Could you try drop the umount/mount and capture the following straces:
>strace -p $(pgrep nbd-client) -o /var/tmp/nbd-client.strace
>strace -p $(pgrep qemu-nbd) -o /var/tmp/qemu-nbd.strace
>
>In particular, let's find out what happens when you run ls /mnt after
>resuming the machine.  The nbd-client should reconnect to qemu-nbd and
>I/O requests would flow to qemu-nbd again.  But something is stuck;
>the problem might be clear from the strace output.
>
>Stefan
>

Hi Stefan,

Following are:
  1) test scenario commands
  2) strace from nbd-client
  3) strace from qemu-nbd (quite lengthy - 598 lines)
  4) kernel oops output when I 'halt' after the test scenario.

Thank you,
Mark T.


1) ==

  162  qemu-nbd --persistent -p 2000 /root/qemu/q1.img &
  163  nbd-client -persist localhost 2000 /dev/nbd0
  165  strace -p 2488 -o /var/tmp/qemu.nbd.strace.v2 &
  166  strace -p 2492 -o /var/tmp/nbd-client.strace.v2 &

  168  mount /dev/nbd0 /mnt
  169  ls /mnt

  172  echo reboot >/sys/power/disk
  173  echo disk >/sys/power/state

  180  ls /mnt<-- hangs



2) ==

write(2, "Kernel call returned: Interrupte"..., 45) = 45
write(2, " Reconnecting\n", 14) = 14
close(4)= 0
close(3)= 0
socket(PF_NETLINK, SOCK_RAW, 0) = 3
bind(3, {sa_family=AF_NETLINK, pid=0, groups=}, 12) = 0
getsockname(3, {sa_family=AF_NETLINK, pid=2492, groups=}, [12]) = 0
time(NULL)  = 1381947917
sendto(3, "\24\0\0\0\26\0\1\3\r\332^R\0\0\0\0\0\0\0\0", 20, 0, 
{sa_family=AF_NETLINK, pid=0, groups=}, 12) = 20
recvmsg(3, {msg_name(12)={sa_family=AF_NETLINK, pid=0, groups=}, 
msg_iov(1)=[{"0\0\0\0\24\0\2\0\r\332^R\274\t\0\0\2\10\200\376\1\0\0\0\10\0\1\0\177\0\0\1"...,
 4096}], msg_controllen=0, msg_flags=0}, 0) = 108
recvmsg(3, {msg_name(12)={sa_family=AF_NETLINK, pid=0, groups=}, 
msg_iov(1)=[{"@\0\0\0\24\0\2\0\r\332^R\274\t\0\0\n\200\200\376\1\0\0\0\24\0\1\0\0\0\0\0"...,
 4096}], msg_controllen=0, msg_flags=0}, 0) = 192
recvmsg(3, {msg_name(12)={sa_family=AF_NETLINK, pid=0, groups=}, 
msg_iov(1)=[{"\24\0\0\0\3\0\2\0\r\332^R\274\t\0\0\0\0\0\0\1\0\0\0\24\0\1\0\0\0\0\0"...,
 4096}], msg_controllen=0, msg_flags=0}, 0) = 20
close(3)= 0
stat64("/etc/resolv.conf", {st_mode=S_IFREG|0644, st_size=82, ...}) = 0
open("/etc/resolv.conf", O_RDONLY)  = 3
fstat64(3, {st_mode=S_IFREG|0644, st_size=82, ...}) = 0
mmap2(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 
0xb7734000
read(3, "domain dvt.tachyon.net\nsearch dv"..., 4096) = 82
read(3, "", 4096)   = 0
close(3)= 0
munmap(0xb7734000, 4096)= 0
open("/etc/hosts", O_RDONLY|O_CLOEXEC)  = 3
fstat64(3, {st_mode=S_IFREG|0644, st_size=220, ...}) = 0
mmap2(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 
0xb7734000
read(3, "127.0.0.1  localhost\n127.0.1.1  "..., 4096) = 220
read(3, "", 4096)   = 0
close(3)= 0
munmap(0xb7734000, 4096)= 0
socket(PF_INET, SOCK_STREAM, IPPROTO_TCP) = 3
connect(3, {sa_family=AF_INET, sin_p

Re: [Qemu-devel] [PATCH v8 0/3] hw/arm: Add 'virt' platform

[Peter Maydell]

On 17 October 2013 18:05, Christoffer Dall  wrote:
> On Thu, Oct 17, 2013 at 05:48:43PM +0100, Peter Maydell wrote:
>> This patch series adds a 'virt' platform which uses the
>> kernel's mach-virt (fully device-tree driven) support
>> to create a simple minimalist platform intended for
>> use for KVM VM guests.
>>
>> v6->v7 change is just flipping the order we put
>> the virtio nodes into the device tree, to match
>> vexpress and ppc precedent.
>
> that's v7->v8 changes right?

doh, yes.

-- PMM

Re: [Qemu-devel] [PATCH v8 0/3] hw/arm: Add 'virt' platform

[Christoffer Dall]

On Thu, Oct 17, 2013 at 05:48:43PM +0100, Peter Maydell wrote:
> This patch series adds a 'virt' platform which uses the
> kernel's mach-virt (fully device-tree driven) support
> to create a simple minimalist platform intended for
> use for KVM VM guests.
> 
> v6->v7 change is just flipping the order we put
> the virtio nodes into the device tree, to match
> vexpress and ppc precedent.

that's v7->v8 changes right?

-Christoffer

Re: [Qemu-devel] [PATCH] integrator: fix Linux boot failure by emulating dbg

[Alex Bennée]

peter.mayd...@linaro.org writes:

> On 17 October 2013 17:12, Alex Bennée  wrote:
>> From: Alex Bennée 
>>
>> Commit 9b8c69243 broke the ability to boot the kernel as the value

>
> Commit message, comment, overlength lines, lack of Copyright line
> still all unfixed : did you resend the wrong version?


Ooops. I was re-sending the .travis PULL request but forgotten I'd
switched branches in the meantime. Serves me right for firing an email
out just as I was heading out of the door!

-- 
Alex Bennée

[Qemu-devel] [PATCH v8 1/3] device_tree.c: Terminate the empty reservemap in create_device_tree()

[Peter Maydell]

Device trees created with create_device_tree() may not have any
entries in their reservemap, because the FDT API requires that the
reservemap is completed before any FDT nodes are added, and
create_device_tree() itself creates a node.  However we were not
calling fdt_finish_reservemap(), which meant that there was no
terminator in the reservemap list and whatever happened to be at the
start of the FDT data section would end up being interpreted as
reservemap entries.  Avoid this by calling fdt_finish_reservemap()
to add the terminator.

Signed-off-by: Peter Maydell 
Acked-by: Alexander Graf 
---
 device_tree.c |4 
 1 file changed, 4 insertions(+)

diff --git a/device_tree.c b/device_tree.c
index ffec99a..391da8c 100644
--- a/device_tree.c
+++ b/device_tree.c
@@ -41,6 +41,10 @@ void *create_device_tree(int *sizep)
 if (ret < 0) {
 goto fail;
 }
+ret = fdt_finish_reservemap(fdt);
+if (ret < 0) {
+goto fail;
+}
 ret = fdt_begin_node(fdt, "");
 if (ret < 0) {
 goto fail;
-- 
1.7.9.5

Re: [Qemu-devel] [Qemu-ppc] [PATCH V2] Fix float64_to_uint64

[Stefan Weil]

Am 17.10.2013 11:40, schrieb Alexander Graf:
> On 16.10.2013, at 23:10, Tom Musta  wrote:
>
>> The comment preceding the float64_to_uint64 routine suggests that
>> the implementation is broken.  And this is, indeed, the case.
>>
>> This patch properly implements the conversion of a 64-bit floating
>> point number to an unsigned, 64 bit integer.
>>
>> Note that the patch does not pass scripts/checkpatch.pl because it
>> maintains the coding style of fpu/softfloat.c.
>>
>> V2: This contribution can be licensed under either the softfloat-2a or -2b
>> license.
> Missing a SoB line.
>
>
> Alex

There is already a mix of coding styles in fpu/softfloat.c, and your
patch adds large regions of new code.
Therefore I expect that such contributions should respect the QEMU
coding style.

The situation is different if only single lines in some function are
replaced or added.

Stefan

[Qemu-devel] [PULL 15/17] icount: document (future) locking rules for icount

[Paolo Bonzini]

Reviewed-by: Alex Bligh 
Signed-off-by: Paolo Bonzini 
---
 cpus.c | 15 +++
 1 file changed, 11 insertions(+), 4 deletions(-)

diff --git a/cpus.c b/cpus.c
index 34d5e04..6203d98 100644
--- a/cpus.c
+++ b/cpus.c
@@ -98,17 +98,22 @@ static bool all_cpu_threads_idle(void)
 /***/
 /* guest cycle counter */
 
+/* Protected by TimersState seqlock */
+
+/* Compensate for varying guest execution speed.  */
+static int64_t qemu_icount_bias;
+static int64_t vm_clock_warp_start;
 /* Conversion factor from emulated instructions to virtual clock ticks.  */
 static int icount_time_shift;
 /* Arbitrarily pick 1MIPS as the minimum allowable speed.  */
 #define MAX_ICOUNT_SHIFT 10
-/* Compensate for varying guest execution speed.  */
-static int64_t qemu_icount_bias;
+
+/* Only written by TCG thread */
+static int64_t qemu_icount;
+
 static QEMUTimer *icount_rt_timer;
 static QEMUTimer *icount_vm_timer;
 static QEMUTimer *icount_warp_timer;
-static int64_t vm_clock_warp_start;
-static int64_t qemu_icount;
 
 typedef struct TimersState {
 /* Protected by BQL.  */
@@ -235,6 +240,8 @@ static void icount_adjust(void)
 int64_t cur_time;
 int64_t cur_icount;
 int64_t delta;
+
+/* Protected by TimersState mutex.  */
 static int64_t last_delta;
 
 /* If the VM is not running, then do nothing.  */
-- 
1.8.3.1

[Qemu-devel] [PULL 04/17] cirrus: Mark vga io region as coalesced MMIO flushing

[Paolo Bonzini]

From: Jan Kiszka 

This allows to remove the explicit qemu_flush_coalesced_mmio_buffer
calls - the memory core will invoke them now.

Signed-off-by: Jan Kiszka 
Signed-off-by: Paolo Bonzini 
---
 hw/display/cirrus_vga.c | 3 +--
 1 file changed, 1 insertion(+), 2 deletions(-)

diff --git a/hw/display/cirrus_vga.c b/hw/display/cirrus_vga.c
index dbd1f4a..e4c345f 100644
--- a/hw/display/cirrus_vga.c
+++ b/hw/display/cirrus_vga.c
@@ -2447,7 +2447,6 @@ static uint64_t cirrus_vga_ioport_read(void *opaque, 
hwaddr addr,
 VGACommonState *s = &c->vga;
 int val, index;
 
-qemu_flush_coalesced_mmio_buffer();
 addr += 0x3b0;
 
 if (vga_ioport_invalid(s, addr)) {
@@ -2544,7 +2543,6 @@ static void cirrus_vga_ioport_write(void *opaque, hwaddr 
addr, uint64_t val,
 VGACommonState *s = &c->vga;
 int index;
 
-qemu_flush_coalesced_mmio_buffer();
 addr += 0x3b0;
 
 /* check port range access depending on color/monochrome mode */
@@ -2843,6 +2841,7 @@ static void cirrus_init_common(CirrusVGAState *s, Object 
*owner,
 /* Register ioport 0x3b0 - 0x3df */
 memory_region_init_io(&s->cirrus_vga_io, owner, &cirrus_vga_io_ops, s,
   "cirrus-io", 0x30);
+memory_region_set_flush_coalesced(&s->cirrus_vga_io);
 memory_region_add_subregion(system_io, 0x3b0, &s->cirrus_vga_io);
 
 memory_region_init(&s->low_mem_container, owner,
-- 
1.8.3.1

Re: [Qemu-devel] [PATCH] integrator: fix Linux boot failure by emulating dbg

[Peter Maydell]

On 17 October 2013 17:12, Alex Bennée  wrote:
> From: Alex Bennée 
>
> Commit 9b8c69243 broke the ability to boot the kernel as the value
> returned by unassigned_mem_read returned non-zero and left the kernel
> looping forever waiting for it to change (see integrator_led_set in
> the kernel code).
>
> Relying on a varying implementation detail is incorrect anyway so this
> introduces a memory region to emulate the debug/led region on the
> integrator board. It is currently a basic stub as I have no idea what the
> behaviour of this region should be so for now it simply returns 0's as
> the old unassigned_mem_read did.

Commit message, comment, overlength lines, lack of Copyright line
still all unfixed : did you resend the wrong version?

thanks
-- PMM

Re: [Qemu-devel] [PATCH 1/1] e820: pass high memory too.

[Andrea Arcangeli]

On Thu, Oct 17, 2013 at 04:30:27PM +0200, Gerd Hoffmann wrote:
> On Do, 2013-10-17 at 15:00 +0200, Andrea Arcangeli wrote:
> > Hi,
> > 
> > On Thu, Oct 17, 2013 at 01:09:38PM +0200, Gerd Hoffmann wrote:
> > > We have a fw_cfg entry to pass e820 entries from qemu to the firmware.
> > > Today it's used to pass reservations only.  This patch makes qemu pass
> > > entries for RAM too.
> > > 
> > > This allows to pass RAM sizes larger than 1TB to the firmware and it
> > > will also allow to pass non-contignous memory ramges should we decide
> > > to implement that some day, say for our virtual numa nodes.
> > > 
> > > Obviously this needs some extra care to not break existing firware.
> > > 
> > > SeaBIOS loads the entries and happily adds them without looking at the
> > > type.  Which is problematic for memory below 4g as this will overwrite
> > > reservations added for bios memory etc.  For memory above 4g it works
> > > just fine, seabios will merge the entry derived from cmos with the one
> > > loaded from fw_cfg.
> > 
> > The reason for not fixing the cmos and defer the fixage of the >1TB
> > boot, is to develop a better approach, and this mixture of e820 and
> > cmos doesn't look like an improvement. The only thing it avoids is to
> > touch seabios but it provides no benefit whatsoever if compared to
> > fixing the cmos which looks cleaner to me than having to compute a mix
> > of cmos and e820 in seabios (and potentially having other bioses
> > following this mix-incomplete-API).
> 
> e820 allows to pass non-contignous ram ranges to seabios (not that qemu
> supports that today, but when implemented the qemu/seabios interface
> will deal with it just fine).  How you'll do that with the cmos?

You're changing the qemu-bios paravirt protocol, and to boot with >1TB
seabios is now requires to mix information from two APIs (rtc and e820
fw_cfg command).

> IMO e820 is better than CMOS.

Agreed.

> 
> > The premise that "this will also allow to pass non-contiguous memory"
> > is partly false, as you can't use the e820 API below 4g so there's no
> > way to create non contiguous memory with this mix-cmos-e820-API.
> 
> Sure you can.  Why do you think you can't?

How do you specify an hole below 4g unless you modify seabios first?

> That is the goal.  seabios will be fixed to deal with this correctly.
> I don't want break old seabios versions though (especially not before we
> have a seabios release which can handle it), so I'll wait with flipping
> the switch for that.

Why to ship qemu with an intermediate paravirt protocol?

And if you don't want to break old seabios I guess you should use a
new fw_cfg command.

Just to show you how flakey this intermediate paravirt interface is,
assume I boot with -m 1029g. So "high" is 1g in seabios. So
RamSizeOver4G is 1g.

RamSizeOver4G = high;
add_e820(0x1ull, high, E820_RAM);

so far so good for e820 maps, that gets overwritten later. But that's
not the end of it.

Then seabios does:

r64_mem.base = ALIGN(0x1LL + RamSizeOver4G, align_mem);
r64_pref.base = ALIGN(r64_mem.base + sum_mem, align_pref);

So seabios will map pci space at 5g where there is ram, instead of at
1024g.

And in smbios (what is smbios anyway? :)

add_struct(19, p, 0, RamSize >> 20, 0);
if (RamSizeOver4G)
add_struct(19, p, 4096, RamSizeOver4G >> 20, 1);


I doubt you intended the above range to be 4g-5g on a with 1029g of
ram.

Not to tell:

int ram_mb = (RamSize + RamSizeOver4G) >> 20;


ram_mb is actually 5G when it should be 1029g.

In short your change is already breaking current seabios.

But even if it would work, my fundamental problem is the fact this is
a flakey mixture of APIs to create a new intermediate paravirt
interface that some other bios could have the idea to support and if
they do, they risk a breakage again when qemu speaks the final
paravirt protocol that allows real ram holes to be created below 4g.

If we don't want to fix the rtc interface to fix the 1TB, to get a
better paravirt protocol implemented instead, well then the only way
is to first modify seabios to pick the ramover4g info from the highest
address of the e820 table, and to avoid the e820 reservations to be
overwritten by ram ranges below 4g. And then use a different fw_cfg
command value, if you intend to be backwards compatible with old
seabios that wouldn't cope with qemu initially passing (0, ram_size)
as e820 range for the RAM.

When seabios speaks the new paravirt interface, only then modify qemu
to use the new paravirt interface.

[Qemu-devel] [PATCH] integrator: fix Linux boot failure by emulating dbg

[Alex Bennée]

From: Alex Bennée 

Commit 9b8c69243 broke the ability to boot the kernel as the value
returned by unassigned_mem_read returned non-zero and left the kernel
looping forever waiting for it to change (see integrator_led_set in
the kernel code).

Relying on a varying implementation detail is incorrect anyway so this
introduces a memory region to emulate the debug/led region on the
integrator board. It is currently a basic stub as I have no idea what the
behaviour of this region should be so for now it simply returns 0's as
the old unassigned_mem_read did.

Signed-off-by: Alex Bennée 
---
 default-configs/arm-softmmu.mak |  1 +
 hw/arm/integratorcp.c   |  1 +
 hw/misc/Makefile.objs   |  1 +
 hw/misc/arm_intdbg.c| 90 +
 4 files changed, 93 insertions(+)
 create mode 100644 hw/misc/arm_intdbg.c

diff --git a/default-configs/arm-softmmu.mak b/default-configs/arm-softmmu.mak
index ac0815d..a5718d1 100644
--- a/default-configs/arm-softmmu.mak
+++ b/default-configs/arm-softmmu.mak
@@ -80,3 +80,4 @@ CONFIG_VERSATILE_PCI=y
 CONFIG_VERSATILE_I2C=y
 
 CONFIG_SDHCI=y
+CONFIG_INTEGRATOR_DBG=y
diff --git a/hw/arm/integratorcp.c b/hw/arm/integratorcp.c
index 2ef93ed..46dc615 100644
--- a/hw/arm/integratorcp.c
+++ b/hw/arm/integratorcp.c
@@ -508,6 +508,7 @@ static void integratorcp_init(QEMUMachineInitArgs *args)
 icp_control_init(0xcb00);
 sysbus_create_simple("pl050_keyboard", 0x1800, pic[3]);
 sysbus_create_simple("pl050_mouse", 0x1900, pic[4]);
+sysbus_create_simple("integrator_dbg", 0x1a00, 0);
 sysbus_create_varargs("pl181", 0x1c00, pic[23], pic[24], NULL);
 if (nd_table[0].used)
 smc91c111_init(&nd_table[0], 0xc800, pic[27]);
diff --git a/hw/misc/Makefile.objs b/hw/misc/Makefile.objs
index 2578e29..be284f3 100644
--- a/hw/misc/Makefile.objs
+++ b/hw/misc/Makefile.objs
@@ -10,6 +10,7 @@ obj-$(CONFIG_VMPORT) += vmport.o
 
 # ARM devices
 common-obj-$(CONFIG_PL310) += arm_l2x0.o
+common-obj-$(CONFIG_INTEGRATOR_DBG) += arm_intdbg.o
 
 # PKUnity SoC devices
 common-obj-$(CONFIG_PUV3) += puv3_pm.o
diff --git a/hw/misc/arm_intdbg.c b/hw/misc/arm_intdbg.c
new file mode 100644
index 000..b505d09
--- /dev/null
+++ b/hw/misc/arm_intdbg.c
@@ -0,0 +1,90 @@
+/*
+ * LED, Switch and Debug control registers for ARM Integrator Boards
+ *
+ * This currently is a stub for this functionality written with
+ * reference to what the Linux kernel looks at. Previously we relied
+ * on the behaviour of unassigned_mem_read() in the core.
+ *
+ * The real h/w is described at:
+ *  
http://infocenter.arm.com/help/index.jsp?topic=/com.arm.doc.dui0159b/Babbfijf.html
+ *
+ * Written by Alex Bennée
+ *
+ * This work is licensed under the terms of the GNU GPL, version 2 or later.
+ * See the COPYING file in the top-level directory.
+ */
+
+#include "hw/hw.h"
+#include "hw/sysbus.h"
+#include "exec/address-spaces.h"
+
+#define TYPE_ARM_INTDBG "integrator_dbg"
+#define ARM_INTDBG(obj) \
+OBJECT_CHECK(ARMIntDbgState, (obj), TYPE_ARM_INTDBG)
+
+typedef struct {
+SysBusDevice parent_obj;
+MemoryRegion iomem;
+
+uint32_t alpha;
+uint32_t leds;
+uint32_t switches;
+} ARMIntDbgState;
+
+static uint64_t dbg_control_read(void *opaque, hwaddr offset,
+ unsigned size)
+{
+switch (offset >> 2) {
+case 0: /* ALPHA */
+case 1: /* LEDS */
+case 2: /* SWITCHES */
+qemu_log_mask(LOG_UNIMP, "dbg_control_read: returning zero from 
%x:%d\n", (int)offset, size);
+return 0;
+default:
+qemu_log_mask(LOG_GUEST_ERROR, "dbg_control_read: Bad offset %x\n", 
(int)offset);
+return 0;
+}
+}
+
+static void dbg_control_write(void *opaque, hwaddr offset,
+  uint64_t value, unsigned size)
+{
+switch (offset >> 2) {
+case 1: /* ALPHA */
+case 2: /* LEDS */
+case 3: /* SWITCHES */
+/* Nothing interesting implemented yet.  */
+qemu_log_mask(LOG_UNIMP, "dbg_control_write: ignoring write of %lx to 
%x:%d\n", value, (int)offset, size);
+break;
+default:
+qemu_log_mask(LOG_GUEST_ERROR, "dbg_control_write: write of %lx to bad 
offset %x\n", value, (int)offset);
+}
+}
+
+static const MemoryRegionOps dbg_control_ops = {
+.read = dbg_control_read,
+.write = dbg_control_write,
+.endianness = DEVICE_NATIVE_ENDIAN,
+};
+
+static void dbg_control_init(Object *obj)
+{
+SysBusDevice *sd = SYS_BUS_DEVICE(obj);
+ARMIntDbgState *s = ARM_INTDBG(obj);
+memory_region_init_io(&s->iomem, NULL, &dbg_control_ops, NULL, "dbgleds", 
0x100);
+sysbus_init_mmio(sd, &s->iomem);
+}
+
+static const TypeInfo arm_intdbg_info = {
+.name  = TYPE_ARM_INTDBG,
+.parent= TYPE_SYS_BUS_DEVICE,
+.instance_size = sizeof(ARMIntDbgState),
+.instance_init = dbg_control_init,
+};
+
+static void arm_intdbg_register_types(void)
+{
+type_register_static(&

[Qemu-devel] [RESEND PULL v5 0/0] .travis.yml: basic compile and check recipies

[Alex Bennée]

>From alex.ben...@linaro.org # This line is ignored.
Hi Anthony,

Here is a resend of my first pull request as for some reason I sent it
to an amazon.com address which is not in MAINTAINERS. Not sure where I got
that from so excuse the brain-fart.

It adds a simple .travis.yml profile to the code base. I'm hoping to
expand the range of testing once this is merged (the tcg code gen tests
are next on my list). However as it stands this already catches build
failures and regressions.

Since v4:
  - dropped SeaBIOS patch

Cheers,

Alex

  Merge remote-tracking branch 'rth/tcg-ldst-6' into staging (2013-10-14 
09:59:59 -0700)

The following changes since commit 1680d485777ecf436d724631ea8722cc0c66990e:


are available in the git repository at:

  http://github.com/stsquad/qemu.git[1] travis-ci

  .travis.yml: basic compile and check recipes (2013-10-15 10:00:10 +0100)

for you to fetch changes up to 90878d2c083629a4ee99b2d03158838b35e218c3:


 .travis.yml | 69 +
 1 file changed, 69 insertions(+)
 create mode 100644 .travis.yml

Alex Bennée (1):
  .travis.yml: basic compile and check recipes

[Qemu-devel] [PULL 07/17] timer: protect timers_state's clock with seqlock

[Paolo Bonzini]

From: Liu Ping Fan 

QEMU_CLOCK_VIRTUAL may be read outside BQL. This will make its
foundation, i.e. cpu_clock_offset exposed to race condition.
Using private lock to protect it.

After this patch, reading QEMU_CLOCK_VIRTUAL is thread safe
unless use_icount is true, in which case the existing callers
still rely on the BQL.

Lock rule: private lock innermost, ie BQL->"this lock"

Signed-off-by: Liu Ping Fan 
Signed-off-by: Paolo Bonzini 
---
 cpus.c   | 49 ++---
 include/qemu/timer.h |  2 ++
 2 files changed, 44 insertions(+), 7 deletions(-)

diff --git a/cpus.c b/cpus.c
index e566297..f075335 100644
--- a/cpus.c
+++ b/cpus.c
@@ -37,6 +37,7 @@
 #include "sysemu/qtest.h"
 #include "qemu/main-loop.h"
 #include "qemu/bitmap.h"
+#include "qemu/seqlock.h"
 
 #ifndef _WIN32
 #include "qemu/compatfd.h"
@@ -110,8 +111,14 @@ static int64_t vm_clock_warp_start;
 static int64_t qemu_icount;
 
 typedef struct TimersState {
+/* Protected by BQL.  */
 int64_t cpu_ticks_prev;
 int64_t cpu_ticks_offset;
+
+/* cpu_clock_offset can be read out of BQL, so protect it with
+ * this lock.
+ */
+QemuSeqLock vm_clock_seqlock;
 int64_t cpu_clock_offset;
 int32_t cpu_ticks_enabled;
 int64_t dummy;
@@ -137,6 +144,7 @@ int64_t cpu_get_icount(void)
 }
 
 /* return the host CPU cycle counter and handle stop/restart */
+/* Caller must hold the BQL */
 int64_t cpu_get_ticks(void)
 {
 if (use_icount) {
@@ -157,37 +165,63 @@ int64_t cpu_get_ticks(void)
 }
 }
 
-/* return the host CPU monotonic timer and handle stop/restart */
-int64_t cpu_get_clock(void)
+static int64_t cpu_get_clock_locked(void)
 {
 int64_t ti;
+
 if (!timers_state.cpu_ticks_enabled) {
-return timers_state.cpu_clock_offset;
+ti = timers_state.cpu_clock_offset;
 } else {
 ti = get_clock();
-return ti + timers_state.cpu_clock_offset;
+ti += timers_state.cpu_clock_offset;
 }
+
+return ti;
 }
 
-/* enable cpu_get_ticks() */
+/* return the host CPU monotonic timer and handle stop/restart */
+int64_t cpu_get_clock(void)
+{
+int64_t ti;
+unsigned start;
+
+do {
+start = seqlock_read_begin(&timers_state.vm_clock_seqlock);
+ti = cpu_get_clock_locked();
+} while (seqlock_read_retry(&timers_state.vm_clock_seqlock, start));
+
+return ti;
+}
+
+/* enable cpu_get_ticks()
+ * Caller must hold BQL which server as mutex for vm_clock_seqlock.
+ */
 void cpu_enable_ticks(void)
 {
+/* Here, the really thing protected by seqlock is cpu_clock_offset. */
+seqlock_write_lock(&timers_state.vm_clock_seqlock);
 if (!timers_state.cpu_ticks_enabled) {
 timers_state.cpu_ticks_offset -= cpu_get_real_ticks();
 timers_state.cpu_clock_offset -= get_clock();
 timers_state.cpu_ticks_enabled = 1;
 }
+seqlock_write_unlock(&timers_state.vm_clock_seqlock);
 }
 
 /* disable cpu_get_ticks() : the clock is stopped. You must not call
-   cpu_get_ticks() after that.  */
+ * cpu_get_ticks() after that.
+ * Caller must hold BQL which server as mutex for vm_clock_seqlock.
+ */
 void cpu_disable_ticks(void)
 {
+/* Here, the really thing protected by seqlock is cpu_clock_offset. */
+seqlock_write_lock(&timers_state.vm_clock_seqlock);
 if (timers_state.cpu_ticks_enabled) {
 timers_state.cpu_ticks_offset = cpu_get_ticks();
-timers_state.cpu_clock_offset = cpu_get_clock();
+timers_state.cpu_clock_offset = cpu_get_clock_locked();
 timers_state.cpu_ticks_enabled = 0;
 }
+seqlock_write_unlock(&timers_state.vm_clock_seqlock);
 }
 
 /* Correlation between real and virtual time is always going to be
@@ -371,6 +405,7 @@ static const VMStateDescription vmstate_timers = {
 
 void configure_icount(const char *option)
 {
+seqlock_init(&timers_state.vm_clock_seqlock, NULL);
 vmstate_register(NULL, 0, &vmstate_timers, &timers_state);
 if (!option) {
 return;
diff --git a/include/qemu/timer.h b/include/qemu/timer.h
index b58903b..016e29a 100644
--- a/include/qemu/timer.h
+++ b/include/qemu/timer.h
@@ -653,7 +653,9 @@ static inline int64_t qemu_soonest_timeout(int64_t 
timeout1, int64_t timeout2)
 void init_clocks(void);
 
 int64_t cpu_get_ticks(void);
+/* Caller must hold BQL */
 void cpu_enable_ticks(void);
+/* Caller must hold BQL */
 void cpu_disable_ticks(void);
 
 static inline int64_t get_ticks_per_sec(void)
-- 
1.8.3.1

[Qemu-devel] [PULL 13/17] icount: reorganize icount_warp_rt

[Paolo Bonzini]

To prepare for future code changes, move the increment of qemu_icount_bias
outside the "if" statement.

Also, hoist outside the if the check for timers that expired due to the
"warping".  The check is redundant when !runstate_is_running(), but
doing it this way helps because the code that increments qemu_icount_bias
will be a critical section.

Signed-off-by: Paolo Bonzini 
---
 cpus.c | 18 ++
 1 file changed, 10 insertions(+), 8 deletions(-)

diff --git a/cpus.c b/cpus.c
index a2d09f3..bc365b7 100644
--- a/cpus.c
+++ b/cpus.c
@@ -291,10 +291,10 @@ static void icount_warp_rt(void *opaque)
 
 if (runstate_is_running()) {
 int64_t clock = qemu_clock_get_ns(QEMU_CLOCK_REALTIME);
-int64_t warp_delta = clock - vm_clock_warp_start;
-if (use_icount == 1) {
-qemu_icount_bias += warp_delta;
-} else {
+int64_t warp_delta;
+
+warp_delta = clock - vm_clock_warp_start;
+if (use_icount == 2) {
 /*
  * In adaptive mode, do not let QEMU_CLOCK_VIRTUAL run too
  * far ahead of real time.
@@ -302,13 +302,15 @@ static void icount_warp_rt(void *opaque)
 int64_t cur_time = cpu_get_clock();
 int64_t cur_icount = cpu_get_icount();
 int64_t delta = cur_time - cur_icount;
-qemu_icount_bias += MIN(warp_delta, delta);
-}
-if (qemu_clock_expired(QEMU_CLOCK_VIRTUAL)) {
-qemu_clock_notify(QEMU_CLOCK_VIRTUAL);
+warp_delta = MIN(warp_delta, delta);
 }
+qemu_icount_bias += warp_delta;
 }
 vm_clock_warp_start = -1;
+
+if (qemu_clock_expired(QEMU_CLOCK_VIRTUAL)) {
+qemu_clock_notify(QEMU_CLOCK_VIRTUAL);
+}
 }
 
 void qtest_clock_warp(int64_t dest)
-- 
1.8.3.1

[Qemu-devel] [PULL 14/17] icount: prepare the code for future races in calling qemu_clock_warp

[Paolo Bonzini]

Computing the deadline of all vm_clocks is somewhat expensive and calls
out to qemu-timer.c; two reasons not to do it in the seqlock's write-side
critical section.  This however opens the door for races in setting and
reading vm_clock_warp_start.

To plug them, we need to cover the case where a new deadline slips in
between the call to qemu_clock_deadline_ns_all and the actual modification
of the icount_warp_timer.  Restrict changes to vm_clock_warp_start and
the icount_warp_timer's expiration time, to only move them back (which
would simply cause an early wakeup).

If a vm_clock timer is cancelled while CPUs are idle, this might cause the
icount_warp_timer to fire unnecessarily.  This is not a problem, after it
fires the timer becomes inactive and the next call to timer_mod_anticipate
will be precise.

In addition to this, we must deactivate the icount_warp_timer _before_
checking whether CPUs are idle.  This way, if the "last" CPU becomes idle
during the call to timer_del we will still set up the icount_warp_timer.

Signed-off-by: Paolo Bonzini 
---
 cpus.c | 22 ++
 1 file changed, 10 insertions(+), 12 deletions(-)

diff --git a/cpus.c b/cpus.c
index bc365b7..34d5e04 100644
--- a/cpus.c
+++ b/cpus.c
@@ -329,6 +329,7 @@ void qtest_clock_warp(int64_t dest)
 
 void qemu_clock_warp(QEMUClockType type)
 {
+int64_t clock;
 int64_t deadline;
 
 /*
@@ -348,8 +349,8 @@ void qemu_clock_warp(QEMUClockType type)
  * the earliest QEMU_CLOCK_VIRTUAL timer.
  */
 icount_warp_rt(NULL);
-if (!all_cpu_threads_idle() || !qemu_clock_has_timers(QEMU_CLOCK_VIRTUAL)) 
{
-timer_del(icount_warp_timer);
+timer_del(icount_warp_timer);
+if (!all_cpu_threads_idle()) {
 return;
 }
 
@@ -358,17 +359,11 @@ void qemu_clock_warp(QEMUClockType type)
return;
 }
 
-vm_clock_warp_start = qemu_clock_get_ns(QEMU_CLOCK_REALTIME);
 /* We want to use the earliest deadline from ALL vm_clocks */
+clock = qemu_clock_get_ns(QEMU_CLOCK_REALTIME);
 deadline = qemu_clock_deadline_ns_all(QEMU_CLOCK_VIRTUAL);
-
-/* Maintain prior (possibly buggy) behaviour where if no deadline
- * was set (as there is no QEMU_CLOCK_VIRTUAL timer) or it is more than
- * INT32_MAX nanoseconds ahead, we still use INT32_MAX
- * nanoseconds.
- */
-if ((deadline < 0) || (deadline > INT32_MAX)) {
-deadline = INT32_MAX;
+if (deadline < 0) {
+return;
 }
 
 if (deadline > 0) {
@@ -389,7 +384,10 @@ void qemu_clock_warp(QEMUClockType type)
  * you will not be sending network packets continuously instead of
  * every 100ms.
  */
-timer_mod(icount_warp_timer, vm_clock_warp_start + deadline);
+if (vm_clock_warp_start == -1 || vm_clock_warp_start > clock) {
+vm_clock_warp_start = clock;
+}
+timer_mod_anticipate(icount_warp_timer, clock + deadline);
 } else if (deadline == 0) {
 qemu_clock_notify(QEMU_CLOCK_VIRTUAL);
 }
-- 
1.8.3.1

[Qemu-devel] [PULL 16/17] icount: make it thread-safe

[Paolo Bonzini]

This lets threads other than the I/O thread use vm_clock even in -icount mode.

Signed-off-by: Paolo Bonzini 
---
 cpus.c | 37 +++--
 1 file changed, 31 insertions(+), 6 deletions(-)

diff --git a/cpus.c b/cpus.c
index 6203d98..398229e 100644
--- a/cpus.c
+++ b/cpus.c
@@ -132,7 +132,7 @@ typedef struct TimersState {
 static TimersState timers_state;
 
 /* Return the virtual CPU time, based on the instruction counter.  */
-int64_t cpu_get_icount(void)
+static int64_t cpu_get_icount_locked(void)
 {
 int64_t icount;
 CPUState *cpu = current_cpu;
@@ -148,6 +148,19 @@ int64_t cpu_get_icount(void)
 return qemu_icount_bias + (icount << icount_time_shift);
 }
 
+int64_t cpu_get_icount(void)
+{
+int64_t icount;
+unsigned start;
+
+do {
+start = seqlock_read_begin(&timers_state.vm_clock_seqlock);
+icount = cpu_get_icount_locked();
+} while (seqlock_read_retry(&timers_state.vm_clock_seqlock, start));
+
+return icount;
+}
+
 /* return the host CPU cycle counter and handle stop/restart */
 /* Caller must hold the BQL */
 int64_t cpu_get_ticks(void)
@@ -249,8 +262,9 @@ static void icount_adjust(void)
 return;
 }
 
-cur_time = cpu_get_clock();
-cur_icount = cpu_get_icount();
+seqlock_write_lock(&timers_state.vm_clock_seqlock);
+cur_time = cpu_get_clock_locked();
+cur_icount = cpu_get_icount_locked();
 
 delta = cur_icount - cur_time;
 /* FIXME: This is a very crude algorithm, somewhat prone to oscillation.  
*/
@@ -268,6 +282,7 @@ static void icount_adjust(void)
 }
 last_delta = delta;
 qemu_icount_bias = cur_icount - (qemu_icount << icount_time_shift);
+seqlock_write_unlock(&timers_state.vm_clock_seqlock);
 }
 
 static void icount_adjust_rt(void *opaque)
@@ -292,10 +307,14 @@ static int64_t qemu_icount_round(int64_t count)
 
 static void icount_warp_rt(void *opaque)
 {
-if (vm_clock_warp_start == -1) {
+/* The icount_warp_timer is rescheduled soon after vm_clock_warp_start
+ * changes from -1 to another value, so the race here is okay.
+ */
+if (atomic_read(&vm_clock_warp_start) == -1) {
 return;
 }
 
+seqlock_write_lock(&timers_state.vm_clock_seqlock);
 if (runstate_is_running()) {
 int64_t clock = qemu_clock_get_ns(QEMU_CLOCK_REALTIME);
 int64_t warp_delta;
@@ -306,14 +325,15 @@ static void icount_warp_rt(void *opaque)
  * In adaptive mode, do not let QEMU_CLOCK_VIRTUAL run too
  * far ahead of real time.
  */
-int64_t cur_time = cpu_get_clock();
-int64_t cur_icount = cpu_get_icount();
+int64_t cur_time = cpu_get_clock_locked();
+int64_t cur_icount = cpu_get_icount_locked();
 int64_t delta = cur_time - cur_icount;
 warp_delta = MIN(warp_delta, delta);
 }
 qemu_icount_bias += warp_delta;
 }
 vm_clock_warp_start = -1;
+seqlock_write_unlock(&timers_state.vm_clock_seqlock);
 
 if (qemu_clock_expired(QEMU_CLOCK_VIRTUAL)) {
 qemu_clock_notify(QEMU_CLOCK_VIRTUAL);
@@ -327,7 +347,10 @@ void qtest_clock_warp(int64_t dest)
 while (clock < dest) {
 int64_t deadline = qemu_clock_deadline_ns_all(QEMU_CLOCK_VIRTUAL);
 int64_t warp = MIN(dest - clock, deadline);
+seqlock_write_lock(&timers_state.vm_clock_seqlock);
 qemu_icount_bias += warp;
+seqlock_write_unlock(&timers_state.vm_clock_seqlock);
+
 qemu_clock_run_timers(QEMU_CLOCK_VIRTUAL);
 clock = qemu_clock_get_ns(QEMU_CLOCK_VIRTUAL);
 }
@@ -391,9 +414,11 @@ void qemu_clock_warp(QEMUClockType type)
  * you will not be sending network packets continuously instead of
  * every 100ms.
  */
+seqlock_write_lock(&timers_state.vm_clock_seqlock);
 if (vm_clock_warp_start == -1 || vm_clock_warp_start > clock) {
 vm_clock_warp_start = clock;
 }
+seqlock_write_unlock(&timers_state.vm_clock_seqlock);
 timer_mod_anticipate(icount_warp_timer, clock + deadline);
 } else if (deadline == 0) {
 qemu_clock_notify(QEMU_CLOCK_VIRTUAL);
-- 
1.8.3.1

[Qemu-devel] [PULL 09/17] timer: make qemu_clock_enable sync between disable and timer's cb

[Paolo Bonzini]

From: Liu Ping Fan 

After disabling the QemuClock, we should make sure that no QemuTimers
are still in flight. To implement that with light overhead, we resort
to QemuEvent. The caller of disabling will wait on QemuEvent of each
timerlist.

Note, qemu_clock_enable(foo,false) can _not_ be called from timer's cb.
Also, the callers of qemu_clock_enable() should be protected by the BQL.

Signed-off-by: Liu Ping Fan 
Signed-off-by: Paolo Bonzini 
---
 include/qemu/timer.h |  6 ++
 qemu-timer.c | 23 ++-
 2 files changed, 28 insertions(+), 1 deletion(-)

diff --git a/include/qemu/timer.h b/include/qemu/timer.h
index 016e29a..1254ef7 100644
--- a/include/qemu/timer.h
+++ b/include/qemu/timer.h
@@ -189,6 +189,12 @@ void qemu_clock_notify(QEMUClockType type);
  * @enabled: true to enable, false to disable
  *
  * Enable or disable a clock
+ * Disabling the clock will wait for related timerlists to stop
+ * executing qemu_run_timers.  Thus, this functions should not
+ * be used from the callback of a timer that is based on @clock.
+ * Doing so would cause a deadlock.
+ *
+ * Caller should hold BQL.
  */
 void qemu_clock_enable(QEMUClockType type, bool enabled);
 
diff --git a/qemu-timer.c b/qemu-timer.c
index 6b62e88..2b533da 100644
--- a/qemu-timer.c
+++ b/qemu-timer.c
@@ -45,6 +45,7 @@
 /* timers */
 
 typedef struct QEMUClock {
+/* We rely on BQL to protect the timerlists */
 QLIST_HEAD(, QEMUTimerList) timerlists;
 
 NotifierList reset_notifiers;
@@ -71,6 +72,9 @@ struct QEMUTimerList {
 QLIST_ENTRY(QEMUTimerList) list;
 QEMUTimerListNotifyCB *notify_cb;
 void *notify_opaque;
+
+/* lightweight method to mark the end of timerlist's running */
+QemuEvent timers_done_ev;
 };
 
 /**
@@ -99,6 +103,7 @@ QEMUTimerList *timerlist_new(QEMUClockType type,
 QEMUClock *clock = qemu_clock_ptr(type);
 
 timer_list = g_malloc0(sizeof(QEMUTimerList));
+qemu_event_init(&timer_list->timers_done_ev, false);
 timer_list->clock = clock;
 timer_list->notify_cb = cb;
 timer_list->notify_opaque = opaque;
@@ -143,13 +148,25 @@ void qemu_clock_notify(QEMUClockType type)
 }
 }
 
+/* Disabling the clock will wait for related timerlists to stop
+ * executing qemu_run_timers.  Thus, this functions should not
+ * be used from the callback of a timer that is based on @clock.
+ * Doing so would cause a deadlock.
+ *
+ * Caller should hold BQL.
+ */
 void qemu_clock_enable(QEMUClockType type, bool enabled)
 {
 QEMUClock *clock = qemu_clock_ptr(type);
+QEMUTimerList *tl;
 bool old = clock->enabled;
 clock->enabled = enabled;
 if (enabled && !old) {
 qemu_clock_notify(type);
+} else if (!enabled && old) {
+QLIST_FOREACH(tl, &clock->timerlists, list) {
+qemu_event_wait(&tl->timers_done_ev);
+}
 }
 }
 
@@ -403,8 +420,9 @@ bool timerlist_run_timers(QEMUTimerList *timer_list)
 QEMUTimerCB *cb;
 void *opaque;
 
+qemu_event_reset(&timer_list->timers_done_ev);
 if (!timer_list->clock->enabled) {
-return progress;
+goto out;
 }
 
 current_time = qemu_clock_get_ns(timer_list->clock->type);
@@ -428,6 +446,9 @@ bool timerlist_run_timers(QEMUTimerList *timer_list)
 cb(opaque);
 progress = true;
 }
+
+out:
+qemu_event_set(&timer_list->timers_done_ev);
 return progress;
 }
 
-- 
1.8.3.1

[Qemu-devel] [PULL 17/17] exec: remove qemu_safe_ram_ptr

[Paolo Bonzini]

This is not needed since the RAM list is not modified anymore by
qemu_get_ram_ptr.  Replace it with qemu_get_ram_block.

Signed-off-by: Paolo Bonzini 
---
 exec.c | 97 +++---
 1 file changed, 28 insertions(+), 69 deletions(-)

diff --git a/exec.c b/exec.c
index bea2cff..2e31ffc 100644
--- a/exec.c
+++ b/exec.c
@@ -129,7 +129,6 @@ static PhysPageMap next_map;
 
 static void io_mem_init(void);
 static void memory_map_init(void);
-static void *qemu_safe_ram_ptr(ram_addr_t addr);
 
 static MemoryRegion io_mem_watch;
 #endif
@@ -626,22 +625,39 @@ void cpu_abort(CPUArchState *env, const char *fmt, ...)
 }
 
 #if !defined(CONFIG_USER_ONLY)
+static RAMBlock *qemu_get_ram_block(ram_addr_t addr)
+{
+RAMBlock *block;
+
+/* The list is protected by the iothread lock here.  */
+block = ram_list.mru_block;
+if (block && addr - block->offset < block->length) {
+goto found;
+}
+QTAILQ_FOREACH(block, &ram_list.blocks, next) {
+if (addr - block->offset < block->length) {
+goto found;
+}
+}
+
+fprintf(stderr, "Bad ram offset %" PRIx64 "\n", (uint64_t)addr);
+abort();
+
+found:
+ram_list.mru_block = block;
+return block;
+}
+
 static void tlb_reset_dirty_range_all(ram_addr_t start, ram_addr_t end,
   uintptr_t length)
 {
-uintptr_t start1;
+RAMBlock *block;
+ram_addr_t start1;
 
-/* we modify the TLB cache so that the dirty bit will be set again
-   when accessing the range */
-start1 = (uintptr_t)qemu_safe_ram_ptr(start);
-/* Check that we don't span multiple blocks - this breaks the
-   address comparisons below.  */
-if ((uintptr_t)qemu_safe_ram_ptr(end - 1) - start1
-!= (end - 1) - start) {
-abort();
-}
+block = qemu_get_ram_block(start);
+assert(block == qemu_get_ram_block(end - 1));
+start1 = (uintptr_t)block->host + (start - block->offset);
 cpu_tlb_reset_dirty_all(start1, length);
-
 }
 
 /* Note: start and end must be within the same ram block.  */
@@ -1269,29 +1285,6 @@ void qemu_ram_remap(ram_addr_t addr, ram_addr_t length)
 }
 #endif /* !_WIN32 */
 
-static RAMBlock *qemu_get_ram_block(ram_addr_t addr)
-{
-RAMBlock *block;
-
-/* The list is protected by the iothread lock here.  */
-block = ram_list.mru_block;
-if (block && addr - block->offset < block->length) {
-goto found;
-}
-QTAILQ_FOREACH(block, &ram_list.blocks, next) {
-if (addr - block->offset < block->length) {
-goto found;
-}
-}
-
-fprintf(stderr, "Bad ram offset %" PRIx64 "\n", (uint64_t)addr);
-abort();
-
-found:
-ram_list.mru_block = block;
-return block;
-}
-
 /* Return a host pointer to ram allocated with qemu_ram_alloc.
With the exception of the softmmu code in this file, this should
only be used for local memory (e.g. video ram) that the device owns,
@@ -1319,40 +1312,6 @@ void *qemu_get_ram_ptr(ram_addr_t addr)
 return block->host + (addr - block->offset);
 }
 
-/* Return a host pointer to ram allocated with qemu_ram_alloc.  Same as
- * qemu_get_ram_ptr but do not touch ram_list.mru_block.
- *
- * ??? Is this still necessary?
- */
-static void *qemu_safe_ram_ptr(ram_addr_t addr)
-{
-RAMBlock *block;
-
-/* The list is protected by the iothread lock here.  */
-QTAILQ_FOREACH(block, &ram_list.blocks, next) {
-if (addr - block->offset < block->length) {
-if (xen_enabled()) {
-/* We need to check if the requested address is in the RAM
- * because we don't want to map the entire memory in QEMU.
- * In that case just map until the end of the page.
- */
-if (block->offset == 0) {
-return xen_map_cache(addr, 0, 0);
-} else if (block->host == NULL) {
-block->host =
-xen_map_cache(block->offset, block->length, 1);
-}
-}
-return block->host + (addr - block->offset);
-}
-}
-
-fprintf(stderr, "Bad ram offset %" PRIx64 "\n", (uint64_t)addr);
-abort();
-
-return NULL;
-}
-
 /* Return a host pointer to guest's ram. Similar to qemu_get_ram_ptr
  * but takes a size argument */
 static void *qemu_ram_ptr_length(ram_addr_t addr, hwaddr *size)
-- 
1.8.3.1

[Qemu-devel] [PULL 08/17] qemu-thread: add QemuEvent

[Paolo Bonzini]

This emulates Win32 manual-reset events using futexes or conditional
variables.  Typical ways to use them are with multi-producer,
single-consumer data structures, to test for a complex condition whose
elements come from different threads:

for (;;) {
qemu_event_reset(ev);
... test complex condition ...
if (condition is true) {
break;
}
qemu_event_wait(ev);
}

Or more efficiently (but with some duplication):

... evaluate condition ...
while (!condition) {
qemu_event_reset(ev);
... evaluate condition ...
if (!condition) {
qemu_event_wait(ev);
... evaluate condition ...
}
}

QemuEvent provides a very fast userspace path in the common case when
no other thread is waiting, or the event is not changing state.

Signed-off-by: Paolo Bonzini 
---
 include/qemu/thread-posix.h |   8 +++
 include/qemu/thread-win32.h |   4 ++
 include/qemu/thread.h   |   7 +++
 util/qemu-thread-posix.c| 116 
 util/qemu-thread-win32.c|  26 ++
 5 files changed, 161 insertions(+)

diff --git a/include/qemu/thread-posix.h b/include/qemu/thread-posix.h
index 361566a..eb5c7a1 100644
--- a/include/qemu/thread-posix.h
+++ b/include/qemu/thread-posix.h
@@ -21,6 +21,14 @@ struct QemuSemaphore {
 #endif
 };
 
+struct QemuEvent {
+#ifndef __linux__
+pthread_mutex_t lock;
+pthread_cond_t cond;
+#endif
+unsigned value;
+};
+
 struct QemuThread {
 pthread_t thread;
 };
diff --git a/include/qemu/thread-win32.h b/include/qemu/thread-win32.h
index 13adb95..3d58081 100644
--- a/include/qemu/thread-win32.h
+++ b/include/qemu/thread-win32.h
@@ -17,6 +17,10 @@ struct QemuSemaphore {
 HANDLE sema;
 };
 
+struct QemuEvent {
+HANDLE event;
+};
+
 typedef struct QemuThreadData QemuThreadData;
 struct QemuThread {
 QemuThreadData *data;
diff --git a/include/qemu/thread.h b/include/qemu/thread.h
index c02404b..3e32c65 100644
--- a/include/qemu/thread.h
+++ b/include/qemu/thread.h
@@ -7,6 +7,7 @@
 typedef struct QemuMutex QemuMutex;
 typedef struct QemuCond QemuCond;
 typedef struct QemuSemaphore QemuSemaphore;
+typedef struct QemuEvent QemuEvent;
 typedef struct QemuThread QemuThread;
 
 #ifdef _WIN32
@@ -45,6 +46,12 @@ void qemu_sem_wait(QemuSemaphore *sem);
 int qemu_sem_timedwait(QemuSemaphore *sem, int ms);
 void qemu_sem_destroy(QemuSemaphore *sem);
 
+void qemu_event_init(QemuEvent *ev, bool init);
+void qemu_event_set(QemuEvent *ev);
+void qemu_event_reset(QemuEvent *ev);
+void qemu_event_wait(QemuEvent *ev);
+void qemu_event_destroy(QemuEvent *ev);
+
 void qemu_thread_create(QemuThread *thread,
 void *(*start_routine)(void *),
 void *arg, int mode);
diff --git a/util/qemu-thread-posix.c b/util/qemu-thread-posix.c
index 4de133e..37dd298 100644
--- a/util/qemu-thread-posix.c
+++ b/util/qemu-thread-posix.c
@@ -20,7 +20,12 @@
 #include 
 #include 
 #include 
+#ifdef __linux__
+#include 
+#include 
+#endif
 #include "qemu/thread.h"
+#include "qemu/atomic.h"
 
 static void error_exit(int err, const char *msg)
 {
@@ -272,6 +277,117 @@ void qemu_sem_wait(QemuSemaphore *sem)
 #endif
 }
 
+#ifdef __linux__
+#define futex(...)  syscall(__NR_futex, __VA_ARGS__)
+
+static inline void futex_wake(QemuEvent *ev, int n)
+{
+futex(ev, FUTEX_WAKE, n, NULL, NULL, 0);
+}
+
+static inline void futex_wait(QemuEvent *ev, unsigned val)
+{
+futex(ev, FUTEX_WAIT, (int) val, NULL, NULL, 0);
+}
+#else
+static inline void futex_wake(QemuEvent *ev, int n)
+{
+if (n == 1) {
+pthread_cond_signal(&ev->cond);
+} else {
+pthread_cond_broadcast(&ev->cond);
+}
+}
+
+static inline void futex_wait(QemuEvent *ev, unsigned val)
+{
+pthread_mutex_lock(&ev->lock);
+if (ev->value == val) {
+pthread_cond_wait(&ev->cond, &ev->lock);
+}
+pthread_mutex_unlock(&ev->lock);
+}
+#endif
+
+/* Valid transitions:
+ * - free->set, when setting the event
+ * - busy->set, when setting the event, followed by futex_wake
+ * - set->free, when resetting the event
+ * - free->busy, when waiting
+ *
+ * set->busy does not happen (it can be observed from the outside but
+ * it really is set->free->busy).
+ *
+ * busy->free provably cannot happen; to enforce it, the set->free transition
+ * is done with an OR, which becomes a no-op if the event has concurrently
+ * transitioned to free or busy.
+ */
+
+#define EV_SET 0
+#define EV_FREE1
+#define EV_BUSY   -1
+
+void qemu_event_init(QemuEvent *ev, bool init)
+{
+#ifndef __linux__
+pthread_mutex_init(&ev->lock, NULL);
+pthread_cond_init(&ev->cond, NULL);
+#endif
+
+ev->value = (init ? EV_SET : EV_FREE);
+}
+
+void qemu_event_destroy(QemuEvent *ev)
+{
+#ifndef __linux__
+pthread_mutex_destroy(&ev->lock);
+pthread_cond_destroy(&ev->cond);
+#endif
+}
+
+void qemu_event_set(QemuEvent *ev)
+{
+if (a

[Qemu-devel] [PULL 11/17] timer: add timer_mod_anticipate and timer_mod_anticipate_ns

[Paolo Bonzini]

These let a user anticipate the deadline of a timer, atomically with
other sites that call the function.  This helps avoiding complicated
lock hierarchies.

Reviewed-by: Alex Bligh 
Signed-off-by: Paolo Bonzini 
---
 include/qemu/timer.h | 26 ++
 qemu-timer.c | 29 +
 2 files changed, 55 insertions(+)

diff --git a/include/qemu/timer.h b/include/qemu/timer.h
index 1254ef7..5afcffc 100644
--- a/include/qemu/timer.h
+++ b/include/qemu/timer.h
@@ -545,6 +545,19 @@ void timer_del(QEMUTimer *ts);
 void timer_mod_ns(QEMUTimer *ts, int64_t expire_time);
 
 /**
+ * timer_mod_anticipate_ns:
+ * @ts: the timer
+ * @expire_time: the expiry time in nanoseconds
+ *
+ * Modify a timer to expire at @expire_time or the current time,
+ * whichever comes earlier.
+ *
+ * This function is thread-safe but the timer and its timer list must not be
+ * freed while this function is running.
+ */
+void timer_mod_anticipate_ns(QEMUTimer *ts, int64_t expire_time);
+
+/**
  * timer_mod:
  * @ts: the timer
  * @expire_time: the expire time in the units associated with the timer
@@ -558,6 +571,19 @@ void timer_mod_ns(QEMUTimer *ts, int64_t expire_time);
 void timer_mod(QEMUTimer *ts, int64_t expire_timer);
 
 /**
+ * timer_mod_anticipate:
+ * @ts: the timer
+ * @expire_time: the expiry time in nanoseconds
+ *
+ * Modify a timer to expire at @expire_time or the current time, whichever
+ * comes earlier, taking into account the scale associated with the timer.
+ *
+ * This function is thread-safe but the timer and its timer list must not be
+ * freed while this function is running.
+ */
+void timer_mod_anticipate(QEMUTimer *ts, int64_t expire_time);
+
+/**
  * timer_pending:
  * @ts: the timer
  *
diff --git a/qemu-timer.c b/qemu-timer.c
index 0305ad5..e15ce47 100644
--- a/qemu-timer.c
+++ b/qemu-timer.c
@@ -410,11 +410,40 @@ void timer_mod_ns(QEMUTimer *ts, int64_t expire_time)
 }
 }
 
+/* modify the current timer so that it will be fired when current_time
+   >= expire_time or the current deadline, whichever comes earlier.
+   The corresponding callback will be called. */
+void timer_mod_anticipate_ns(QEMUTimer *ts, int64_t expire_time)
+{
+QEMUTimerList *timer_list = ts->timer_list;
+bool rearm;
+
+qemu_mutex_lock(&timer_list->active_timers_lock);
+if (ts->expire_time == -1 || ts->expire_time > expire_time) {
+if (ts->expire_time != -1) {
+timer_del_locked(timer_list, ts);
+}
+rearm = timer_mod_ns_locked(timer_list, ts, expire_time);
+} else {
+rearm = false;
+}
+qemu_mutex_unlock(&timer_list->active_timers_lock);
+
+if (rearm) {
+timerlist_rearm(timer_list);
+}
+}
+
 void timer_mod(QEMUTimer *ts, int64_t expire_time)
 {
 timer_mod_ns(ts, expire_time * ts->scale);
 }
 
+void timer_mod_anticipate(QEMUTimer *ts, int64_t expire_time)
+{
+timer_mod_anticipate_ns(ts, expire_time * ts->scale);
+}
+
 bool timer_pending(QEMUTimer *ts)
 {
 return ts->expire_time >= 0;
-- 
1.8.3.1

[Qemu-devel] [PULL 12/17] icount: use cpu_get_icount() directly

[Paolo Bonzini]

This will help later when we will have to place these calls in
a critical section, and thus call a version of cpu_get_icount()
that does not take the lock.

Reviewed-by: Alex Bligh 
Signed-off-by: Paolo Bonzini 
---
 cpus.c | 7 +--
 1 file changed, 5 insertions(+), 2 deletions(-)

diff --git a/cpus.c b/cpus.c
index f075335..a2d09f3 100644
--- a/cpus.c
+++ b/cpus.c
@@ -236,12 +236,15 @@ static void icount_adjust(void)
 int64_t cur_icount;
 int64_t delta;
 static int64_t last_delta;
+
 /* If the VM is not running, then do nothing.  */
 if (!runstate_is_running()) {
 return;
 }
+
 cur_time = cpu_get_clock();
-cur_icount = qemu_clock_get_ns(QEMU_CLOCK_VIRTUAL);
+cur_icount = cpu_get_icount();
+
 delta = cur_icount - cur_time;
 /* FIXME: This is a very crude algorithm, somewhat prone to oscillation.  
*/
 if (delta > 0
@@ -297,7 +300,7 @@ static void icount_warp_rt(void *opaque)
  * far ahead of real time.
  */
 int64_t cur_time = cpu_get_clock();
-int64_t cur_icount = qemu_clock_get_ns(QEMU_CLOCK_VIRTUAL);
+int64_t cur_icount = cpu_get_icount();
 int64_t delta = cur_time - cur_icount;
 qemu_icount_bias += MIN(warp_delta, delta);
 }
-- 
1.8.3.1

[Qemu-devel] [PULL 10/17] timer: extract timer_mod_ns_locked and timerlist_rearm

[Paolo Bonzini]

These will be reused in timer_mod_anticipate functions.

Reviewed-by: Alex Bligh 
Signed-off-by: Paolo Bonzini 
---
 qemu-timer.c | 51 ---
 1 file changed, 32 insertions(+), 19 deletions(-)

diff --git a/qemu-timer.c b/qemu-timer.c
index 2b533da..0305ad5 100644
--- a/qemu-timer.c
+++ b/qemu-timer.c
@@ -355,6 +355,34 @@ static void timer_del_locked(QEMUTimerList *timer_list, 
QEMUTimer *ts)
 }
 }
 
+static bool timer_mod_ns_locked(QEMUTimerList *timer_list,
+QEMUTimer *ts, int64_t expire_time)
+{
+QEMUTimer **pt, *t;
+
+/* add the timer in the sorted list */
+pt = &timer_list->active_timers;
+for (;;) {
+t = *pt;
+if (!timer_expired_ns(t, expire_time)) {
+break;
+}
+pt = &t->next;
+}
+ts->expire_time = MAX(expire_time, 0);
+ts->next = *pt;
+*pt = ts;
+
+return pt == &timer_list->active_timers;
+}
+
+static void timerlist_rearm(QEMUTimerList *timer_list)
+{
+/* Interrupt execution to force deadline recalculation.  */
+qemu_clock_warp(timer_list->clock->type);
+timerlist_notify(timer_list);
+}
+
 /* stop a timer, but do not dealloc it */
 void timer_del(QEMUTimer *ts)
 {
@@ -370,30 +398,15 @@ void timer_del(QEMUTimer *ts)
 void timer_mod_ns(QEMUTimer *ts, int64_t expire_time)
 {
 QEMUTimerList *timer_list = ts->timer_list;
-QEMUTimer **pt, *t;
+bool rearm;
 
 qemu_mutex_lock(&timer_list->active_timers_lock);
 timer_del_locked(timer_list, ts);
-
-/* add the timer in the sorted list */
-pt = &timer_list->active_timers;
-for(;;) {
-t = *pt;
-if (!timer_expired_ns(t, expire_time)) {
-break;
-}
-pt = &t->next;
-}
-ts->expire_time = MAX(expire_time, 0);
-ts->next = *pt;
-*pt = ts;
+rearm = timer_mod_ns_locked(timer_list, ts, expire_time);
 qemu_mutex_unlock(&timer_list->active_timers_lock);
 
-/* Rearm if necessary  */
-if (pt == &timer_list->active_timers) {
-/* Interrupt execution to force deadline recalculation.  */
-qemu_clock_warp(timer_list->clock->type);
-timerlist_notify(timer_list);
+if (rearm) {
+timerlist_rearm(timer_list);
 }
 }
 
-- 
1.8.3.1

[Qemu-devel] [PULL 03/17] portio: Allow to mark portio lists as coalesced MMIO flushing

[Paolo Bonzini]

From: Jan Kiszka 

This will enable us to remove all remaining explicit calls of
qemu_flush_coalesced_mmio_buffer in IO handlers.

Signed-off-by: Jan Kiszka 
Signed-off-by: Paolo Bonzini 
---
 include/exec/ioport.h | 2 ++
 ioport.c  | 9 +
 2 files changed, 11 insertions(+)

diff --git a/include/exec/ioport.h b/include/exec/ioport.h
index b3848be..3bd6722 100644
--- a/include/exec/ioport.h
+++ b/include/exec/ioport.h
@@ -64,11 +64,13 @@ typedef struct PortioList {
 struct MemoryRegion **regions;
 void *opaque;
 const char *name;
+bool flush_coalesced_mmio;
 } PortioList;
 
 void portio_list_init(PortioList *piolist, Object *owner,
   const struct MemoryRegionPortio *callbacks,
   void *opaque, const char *name);
+void portio_list_set_flush_coalesced(PortioList *piolist);
 void portio_list_destroy(PortioList *piolist);
 void portio_list_add(PortioList *piolist,
  struct MemoryRegion *address_space,
diff --git a/ioport.c b/ioport.c
index 707cce8..3d91e79 100644
--- a/ioport.c
+++ b/ioport.c
@@ -139,6 +139,12 @@ void portio_list_init(PortioList *piolist,
 piolist->opaque = opaque;
 piolist->owner = owner;
 piolist->name = name;
+piolist->flush_coalesced_mmio = false;
+}
+
+void portio_list_set_flush_coalesced(PortioList *piolist)
+{
+piolist->flush_coalesced_mmio = true;
 }
 
 void portio_list_destroy(PortioList *piolist)
@@ -231,6 +237,9 @@ static void portio_list_add_1(PortioList *piolist,
  */
 memory_region_init_io(&mrpio->mr, piolist->owner, &portio_ops, mrpio,
   piolist->name, off_high - off_low);
+if (piolist->flush_coalesced_mmio) {
+memory_region_set_flush_coalesced(&mrpio->mr);
+}
 memory_region_add_subregion(piolist->address_space,
 start + off_low, &mrpio->mr);
 piolist->regions[piolist->nr] = &mrpio->mr;
-- 
1.8.3.1

[Qemu-devel] [PULL 06/17] seqlock: introduce read-write seqlock

[Paolo Bonzini]

Seqlock implementation for QEMU. Usage idiom

reader:
do {
start = seqlock_read_begin(&sl);
...
} while (seqlock_read_retry(&sl, start));

writer:
seqlock_write_lock(&sl);
...
seqlock_write_unlock(&sl);

initialization:
seqlock_init(QemuSeqLock *sl, QemuMutex *mutex)

mutex could be NULL if the caller will provide its own protection
for concurrent write sides (typically using the BQL).

Signed-off-by: Paolo Bonzini 
---
 include/qemu/seqlock.h | 72 ++
 1 file changed, 72 insertions(+)
 create mode 100644 include/qemu/seqlock.h

diff --git a/include/qemu/seqlock.h b/include/qemu/seqlock.h
new file mode 100644
index 000..3ff118a
--- /dev/null
+++ b/include/qemu/seqlock.h
@@ -0,0 +1,72 @@
+/*
+ * Seqlock implementation for QEMU
+ *
+ * Copyright Red Hat, Inc. 2013
+ *
+ * Author:
+ *  Paolo Bonzini 
+ *
+ * This work is licensed under the terms of the GNU GPL, version 2 or later.
+ * See the COPYING file in the top-level directory.
+ *
+ */
+#ifndef QEMU_SEQLOCK_H
+#define QEMU_SEQLOCK_H 1
+
+#include 
+#include 
+
+typedef struct QemuSeqLock QemuSeqLock;
+
+struct QemuSeqLock {
+QemuMutex *mutex;
+unsigned sequence;
+};
+
+static inline void seqlock_init(QemuSeqLock *sl, QemuMutex *mutex)
+{
+sl->mutex = mutex;
+sl->sequence = 0;
+}
+
+/* Lock out other writers and update the count.  */
+static inline void seqlock_write_lock(QemuSeqLock *sl)
+{
+if (sl->mutex) {
+qemu_mutex_lock(sl->mutex);
+}
+++sl->sequence;
+
+/* Write sequence before updating other fields.  */
+smp_wmb();
+}
+
+static inline void seqlock_write_unlock(QemuSeqLock *sl)
+{
+/* Write other fields before finalizing sequence.  */
+smp_wmb();
+
+++sl->sequence;
+if (sl->mutex) {
+qemu_mutex_unlock(sl->mutex);
+}
+}
+
+static inline unsigned seqlock_read_begin(QemuSeqLock *sl)
+{
+/* Always fail if a write is in progress.  */
+unsigned ret = sl->sequence & ~1;
+
+/* Read sequence before reading other fields.  */
+smp_rmb();
+return ret;
+}
+
+static int seqlock_read_retry(const QemuSeqLock *sl, unsigned start)
+{
+/* Read other fields before reading final sequence.  */
+smp_rmb();
+return unlikely(sl->sequence != start);
+}
+
+#endif
-- 
1.8.3.1

[Qemu-devel] [PULL 02/17] compatfd: switch to QemuThread

[Paolo Bonzini]

From: Jan Kiszka 

qemu_thread_create already does signal blocking and detaching for us.

Signed-off-by: Jan Kiszka 
Signed-off-by: Paolo Bonzini 
---
 util/compatfd.c | 16 +++-
 1 file changed, 3 insertions(+), 13 deletions(-)

diff --git a/util/compatfd.c b/util/compatfd.c
index 9cf3f28..430a41c 100644
--- a/util/compatfd.c
+++ b/util/compatfd.c
@@ -15,9 +15,9 @@
 
 #include "qemu-common.h"
 #include "qemu/compatfd.h"
+#include "qemu/thread.h"
 
 #include 
-#include 
 
 struct sigfd_compat_info
 {
@@ -28,10 +28,6 @@ struct sigfd_compat_info
 static void *sigwait_compat(void *opaque)
 {
 struct sigfd_compat_info *info = opaque;
-sigset_t all;
-
-sigfillset(&all);
-pthread_sigmask(SIG_BLOCK, &all, NULL);
 
 while (1) {
 int sig;
@@ -71,9 +67,8 @@ static void *sigwait_compat(void *opaque)
 
 static int qemu_signalfd_compat(const sigset_t *mask)
 {
-pthread_attr_t attr;
-pthread_t tid;
 struct sigfd_compat_info *info;
+QemuThread thread;
 int fds[2];
 
 info = malloc(sizeof(*info));
@@ -93,12 +88,7 @@ static int qemu_signalfd_compat(const sigset_t *mask)
 memcpy(&info->mask, mask, sizeof(*mask));
 info->fd = fds[1];
 
-pthread_attr_init(&attr);
-pthread_attr_setdetachstate(&attr, PTHREAD_CREATE_DETACHED);
-
-pthread_create(&tid, &attr, sigwait_compat, info);
-
-pthread_attr_destroy(&attr);
+qemu_thread_create(&thread, sigwait_compat, info, QEMU_THREAD_DETACHED);
 
 return fds[0];
 }
-- 
1.8.3.1

[Qemu-devel] [PULL 00/17] Memory/threading changes for 1.7

[Paolo Bonzini]

Anthony,

The following changes since commit 1680d485777ecf436d724631ea8722cc0c66990e:

  Merge remote-tracking branch 'rth/tcg-ldst-6' into staging (2013-10-14 
09:59:59 -0700)

are available in the git repository at:


  git://github.com/bonzini/qemu.git iommu-for-anthony

for you to fetch changes up to d870fa8d51a5c8608a0f0202ce3a078b27cc391c:

  exec: remove qemu_safe_ram_ptr (2013-10-17 17:24:16 +0200)

Cleanups from Jan, a bugfix from Alexey, and vm_clock thread-safety
from Ping Fan and myself.


Alexey Kardashevskiy (1):
  memory: fix 128 arithmetic in info mtree

Jan Kiszka (4):
  compatfd: switch to QemuThread
  portio: Allow to mark portio lists as coalesced MMIO flushing
  cirrus: Mark vga io region as coalesced MMIO flushing
  vga: Mark relevant portio lists regions as coalesced MMIO flushing

Liu Ping Fan (2):
  timer: protect timers_state's clock with seqlock
  timer: make qemu_clock_enable sync between disable and timer's cb

Paolo Bonzini (10):
  seqlock: introduce read-write seqlock
  qemu-thread: add QemuEvent
  timer: extract timer_mod_ns_locked and timerlist_rearm
  timer: add timer_mod_anticipate and timer_mod_anticipate_ns
  icount: use cpu_get_icount() directly
  icount: reorganize icount_warp_rt
  icount: prepare the code for future races in calling qemu_clock_warp
  icount: document (future) locking rules for icount
  icount: make it thread-safe
  exec: remove qemu_safe_ram_ptr

 cpus.c  | 144 
 exec.c  |  97 +
 hw/display/cirrus_vga.c |   3 +-
 hw/display/qxl.c|   1 +
 hw/display/vga.c|   5 +-
 include/exec/ioport.h   |   2 +
 include/qemu/seqlock.h  |  72 ++
 include/qemu/thread-posix.h |   8 +++
 include/qemu/thread-win32.h |   4 ++
 include/qemu/thread.h   |   7 +++
 include/qemu/timer.h|  34 +++
 ioport.c|   9 +++
 memory.c|   4 +-
 qemu-timer.c|  97 +++--
 util/compatfd.c |  16 +
 util/qemu-thread-posix.c| 116 +++
 util/qemu-thread-win32.c|  26 
 17 files changed, 502 insertions(+), 143 deletions(-)
 create mode 100644 include/qemu/seqlock.h
-- 
1.8.3.1

[Qemu-devel] [PULL 05/17] vga: Mark relevant portio lists regions as coalesced MMIO flushing

[Paolo Bonzini]

From: Jan Kiszka 

This allows to remove the explicit qemu_flush_coalesced_mmio_buffer
calls.

Signed-off-by: Jan Kiszka 
Signed-off-by: Paolo Bonzini 
---
 hw/display/qxl.c | 1 +
 hw/display/vga.c | 5 +
 2 files changed, 2 insertions(+), 4 deletions(-)

diff --git a/hw/display/qxl.c b/hw/display/qxl.c
index ee2db0d..3051006 100644
--- a/hw/display/qxl.c
+++ b/hw/display/qxl.c
@@ -2074,6 +2074,7 @@ static int qxl_init_primary(PCIDevice *dev)
  pci_address_space(dev), pci_address_space_io(dev), false);
 portio_list_init(qxl_vga_port_list, OBJECT(dev), qxl_vga_portio_list,
  vga, "vga");
+portio_list_set_flush_coalesced(qxl_vga_port_list);
 portio_list_add(qxl_vga_port_list, pci_address_space_io(dev), 0x3b0);
 
 vga->con = graphic_console_init(DEVICE(dev), &qxl_ops, qxl);
diff --git a/hw/display/vga.c b/hw/display/vga.c
index 7b91d9c..b5e2284 100644
--- a/hw/display/vga.c
+++ b/hw/display/vga.c
@@ -359,8 +359,6 @@ uint32_t vga_ioport_read(void *opaque, uint32_t addr)
 VGACommonState *s = opaque;
 int val, index;
 
-qemu_flush_coalesced_mmio_buffer();
-
 if (vga_ioport_invalid(s, addr)) {
 val = 0xff;
 } else {
@@ -453,8 +451,6 @@ void vga_ioport_write(void *opaque, uint32_t addr, uint32_t 
val)
 VGACommonState *s = opaque;
 int index;
 
-qemu_flush_coalesced_mmio_buffer();
-
 /* check port range access depending on color/monochrome mode */
 if (vga_ioport_invalid(s, addr)) {
 return;
@@ -2373,6 +2369,7 @@ void vga_init(VGACommonState *s, Object *obj, 
MemoryRegion *address_space,
 memory_region_set_coalescing(vga_io_memory);
 if (init_vga_ports) {
 portio_list_init(vga_port_list, obj, vga_ports, s, "vga");
+portio_list_set_flush_coalesced(vga_port_list);
 portio_list_add(vga_port_list, address_space_io, 0x3b0);
 }
 if (vbe_ports) {
-- 
1.8.3.1

[Qemu-devel] [PULL 01/17] memory: fix 128 arithmetic in info mtree

[Paolo Bonzini]

From: Alexey Kardashevskiy 

mtree_print_mr() calls int128_get64() in 3 places but only 2 places
handle 2^64 correctly.

This fixes the third call of int128_get64().

Cc: qemu-sta...@nongnu.org
Signed-off-by: Alexey Kardashevskiy 
Signed-off-by: Paolo Bonzini 
---
 memory.c | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

diff --git a/memory.c b/memory.c
index 5a10fd0..7f1f266 100644
--- a/memory.c
+++ b/memory.c
@@ -1809,7 +1809,9 @@ static void mtree_print_mr(fprintf_function mon_printf, 
void *f,
mr->alias->name,
mr->alias_offset,
mr->alias_offset
-   + (hwaddr)int128_get64(mr->size) - 1);
+   + (int128_nz(mr->size) ?
+  (hwaddr)int128_get64(int128_sub(mr->size,
+  int128_one())) : 0));
 } else {
 mon_printf(f,
TARGET_FMT_plx "-" TARGET_FMT_plx " (prio %d, %c%c): %s\n",
-- 
1.8.3.1

[Qemu-devel] [PATCH v3 6/6] linux-user: Use qemu_getauxval for AT_EXECFD

[Richard Henderson]

Signed-off-by: Richard Henderson 
---
 linux-user/main.c | 32 ++--
 1 file changed, 6 insertions(+), 26 deletions(-)

diff --git a/linux-user/main.c b/linux-user/main.c
index 50db755..54f71fe 100644
--- a/linux-user/main.c
+++ b/linux-user/main.c
@@ -3663,26 +3663,6 @@ static int parse_args(int argc, char **argv)
 return optind;
 }
 
-static int get_execfd(char **envp)
-{
-typedef struct {
-long a_type;
-long a_val;
-} auxv_t;
-auxv_t *auxv;
-
-while (*envp++ != NULL) {
-;
-}
-
-for (auxv = (auxv_t *)envp; auxv->a_type != AT_NULL; auxv++) {
-if (auxv->a_type == AT_EXECFD) {
-return auxv->a_val;
-}
-}
-return -1;
-}
-
 int main(int argc, char **argv, char **envp)
 {
 struct target_pt_regs regs1, *regs = ®s1;
@@ -3876,13 +3856,13 @@ int main(int argc, char **argv, char **envp)
 env->opaque = ts;
 task_settid(ts);
 
-execfd = get_execfd(envp);
-if (execfd < 0) {
+execfd = qemu_getauxval(AT_EXECFD);
+if (execfd == 0) {
 execfd = open(filename, O_RDONLY);
-}
-if (execfd < 0) {
-printf("Error while loading %s: %s\n", filename, strerror(-execfd));
-_exit(1);
+if (execfd < 0) {
+printf("Error while loading %s: %s\n", filename, strerror(errno));
+_exit(1);
+}
 }
 
 ret = loader_exec(execfd, filename, target_argv, target_environ, regs,
-- 
1.8.3.1

[Qemu-devel] [PATCH v3 0/6] Improve getauxval support

[Richard Henderson]

Changes from v2:
  * Rebase for trivial conflicts
  * Fix codingstyle errors
  * Drop the static fallback code
  * Use getauxval for AT_EXECFD


r~
  

Richard Henderson (6):
  osdep: Create qemu_getauxval and qemu_init_auxval
  tcg-ppc64: Use qemu_getauxval
  tcg-arm: Use qemu_getauxval
  tcg-s390: Use qemu_getauxval in query_facilities
  util: Use qemu_getauxval in linux qemu_cache_utils_init
  linux-user: Use qemu_getauxval for AT_EXECFD

 include/elf.h  | 73 +++
 include/qemu/cache-utils.h |  4 +-
 include/qemu/osdep.h   | 25 
 linux-user/main.c  | 35 -
 tcg/arm/tcg-target.c   | 14 +++
 tcg/ppc64/tcg-target.c | 11 +-
 tcg/s390/tcg-target.c  | 95 ++
 util/Makefile.objs |  1 +
 util/cache-utils.c | 51 ++---
 util/getauxval.c   | 74 
 vl.c   |  3 +-
 11 files changed, 224 insertions(+), 162 deletions(-)
 create mode 100644 util/getauxval.c

-- 
1.8.3.1

[Qemu-devel] [PULL 3/5] Makefile.target: CONFIG_NO_* variables removed

[Paolo Bonzini]

From: Ákos Kovács 

CONFIG_NO_* variables replaced with the lnot logical function

Signed-off-by: Ákos Kovács 
[PMM: fixed a few CONFIG_NO_* uses that were missed]
Signed-off-by: Peter Maydell 
Signed-off-by: Paolo Bonzini 
---
 Makefile.target   | 8 ++--
 hw/pci/Makefile.objs  | 2 +-
 target-arm/Makefile.objs  | 2 +-
 target-i386/Makefile.objs | 2 +-
 target-ppc/Makefile.objs  | 2 +-
 5 files changed, 6 insertions(+), 10 deletions(-)

diff --git a/Makefile.target b/Makefile.target
index 9a49852..bbc668b 100644
--- a/Makefile.target
+++ b/Makefile.target
@@ -70,10 +70,6 @@ all: $(PROGS) stap
 # Dummy command so that make thinks it has done something
@true
 
-CONFIG_NO_PCI = $(if $(subst n,,$(CONFIG_PCI)),n,y)
-CONFIG_NO_KVM = $(if $(subst n,,$(CONFIG_KVM)),n,y)
-CONFIG_NO_XEN = $(if $(subst n,,$(CONFIG_XEN)),n,y)
-
 #
 # cpu emulator library
 obj-y = exec.o translate-all.o cpu-exec.o
@@ -84,7 +80,7 @@ obj-y += fpu/softfloat.o
 obj-y += target-$(TARGET_BASE_ARCH)/
 obj-y += disas.o
 obj-$(CONFIG_GDBSTUB_XML) += gdbstub-xml.o
-obj-$(CONFIG_NO_KVM) += kvm-stub.o
+obj-$(call lnot,$(CONFIG_KVM)) += kvm-stub.o
 
 #
 # Linux user emulator target
@@ -125,7 +121,7 @@ LIBS+=$(libs_softmmu)
 
 # xen support
 obj-$(CONFIG_XEN) += xen-all.o xen-mapcache.o
-obj-$(CONFIG_NO_XEN) += xen-stub.o
+obj-$(call lnot,$(CONFIG_XEN)) += xen-stub.o
 
 # Hardware support
 ifeq ($(TARGET_NAME), sparc64)
diff --git a/hw/pci/Makefile.objs b/hw/pci/Makefile.objs
index 720f438..80f8aa6 100644
--- a/hw/pci/Makefile.objs
+++ b/hw/pci/Makefile.objs
@@ -5,7 +5,7 @@ common-obj-$(CONFIG_PCI) += slotid_cap.o
 common-obj-$(CONFIG_PCI) += pci_host.o pcie_host.o
 common-obj-$(CONFIG_PCI) += pcie.o pcie_aer.o pcie_port.o
 
-common-obj-$(CONFIG_NO_PCI) += pci-stub.o
+common-obj-$(call lnot,$(CONFIG_PCI)) += pci-stub.o
 common-obj-$(CONFIG_ALL) += pci-stub.o
 
 common-obj-$(CONFIG_PCI_HOTPLUG_OLD) += pci-hotplug-old.o
diff --git a/target-arm/Makefile.objs b/target-arm/Makefile.objs
index 6453f5c..356fbfc 100644
--- a/target-arm/Makefile.objs
+++ b/target-arm/Makefile.objs
@@ -1,7 +1,7 @@
 obj-y += arm-semi.o
 obj-$(CONFIG_SOFTMMU) += machine.o
 obj-$(CONFIG_KVM) += kvm.o
-obj-$(CONFIG_NO_KVM) += kvm-stub.o
+obj-$(call lnot,$(CONFIG_KVM)) += kvm-stub.o
 obj-y += translate.o op_helper.o helper.o cpu.o
 obj-y += neon_helper.o iwmmxt_helper.o
 obj-y += gdbstub.o
diff --git a/target-i386/Makefile.objs b/target-i386/Makefile.objs
index da1fc40..027b94e 100644
--- a/target-i386/Makefile.objs
+++ b/target-i386/Makefile.objs
@@ -4,6 +4,6 @@ obj-y += smm_helper.o misc_helper.o mem_helper.o seg_helper.o
 obj-y += gdbstub.o
 obj-$(CONFIG_SOFTMMU) += machine.o arch_memory_mapping.o arch_dump.o
 obj-$(CONFIG_KVM) += kvm.o
-obj-$(CONFIG_NO_KVM) += kvm-stub.o
+obj-$(call lnot,$(CONFIG_KVM)) += kvm-stub.o
 obj-$(CONFIG_LINUX_USER) += ioport-user.o
 obj-$(CONFIG_BSD_USER) += ioport-user.o
diff --git a/target-ppc/Makefile.objs b/target-ppc/Makefile.objs
index f72e399..94d6d0c 100644
--- a/target-ppc/Makefile.objs
+++ b/target-ppc/Makefile.objs
@@ -5,7 +5,7 @@ obj-y += machine.o mmu_helper.o mmu-hash32.o
 obj-$(TARGET_PPC64) += mmu-hash64.o
 endif
 obj-$(CONFIG_KVM) += kvm.o kvm_ppc.o
-obj-$(CONFIG_NO_KVM) += kvm-stub.o
+obj-$(call lnot,$(CONFIG_KVM)) += kvm-stub.o
 obj-y += excp_helper.o
 obj-y += fpu_helper.o
 obj-y += int_helper.o
-- 
1.8.3.1

[Qemu-devel] [PULL 2/5] rules.mak: New string testing functions

[Paolo Bonzini]

From: Peter Maydell 

Add new string testing functions which return a y/n result:
 eq : are two strings equal (ignoring leading/trailing space)?
 ne : are two strings unequal?
 isempty : is a string empty?
 notempty : is a string non-empty?

Based on an idea by Ákos Kovács .

Signed-off-by: Peter Maydell 
Signed-off-by: Paolo Bonzini 
---
 rules.mak | 11 +++
 1 file changed, 11 insertions(+)

diff --git a/rules.mak b/rules.mak
index 65a1b96..49edb9b 100644
--- a/rules.mak
+++ b/rules.mak
@@ -106,6 +106,17 @@ leqv = $(if $(filter $(call lnot,$1),$(call lnot,$2)),y,n)
 # Logical if: like make's $(if) but with an leqv-like test
 lif = $(if $(subst n,,$1),$2,$3)
 
+# String testing functions: inputs to these can be any string;
+# the output is always either "y" or "n". Leading and trailing whitespace
+# is ignored when comparing strings.
+# String equality
+eq = $(if $(subst $2,,$1)$(subst $1,,$2),n,y)
+# String inequality
+ne = $(if $(subst $2,,$1)$(subst $1,,$2),y,n)
+# Emptiness/non-emptiness tests:
+isempty = $(if $1,n,y)
+notempty = $(if $1,y,n)
+
 # Generate files with tracetool
 TRACETOOL=$(PYTHON) $(SRC_PATH)/scripts/tracetool.py
 
-- 
1.8.3.1

[Qemu-devel] [PULL 5/5] ui/Makefile.objs: delete unnecessary cocoa.o dependency

[Paolo Bonzini]

From: Peter Maydell 

Delete an unnecessary dependency for cocoa.o; we already have
a general rule that tells Make that we can build a .o file
from a .m source using an ObjC compiler, so this specific
rule is unnecessary. Further, it is using the dubious construct
"$(SRC_PATH)/$(obj)" to get at the source directory, which will
break when $(obj) is redefined as part of the preparation for
per-object library support.

Signed-off-by: Peter Maydell 
Signed-off-by: Fam Zheng 
Signed-off-by: Paolo Bonzini 
---
 ui/Makefile.objs | 2 --
 1 file changed, 2 deletions(-)

diff --git a/ui/Makefile.objs b/ui/Makefile.objs
index 6ddc0de..f33be47 100644
--- a/ui/Makefile.objs
+++ b/ui/Makefile.objs
@@ -17,6 +17,4 @@ common-obj-$(CONFIG_GTK) += gtk.o x_keymap.o
 
 $(obj)/sdl.o $(obj)/sdl_zoom.o: QEMU_CFLAGS += $(SDL_CFLAGS) 
 
-$(obj)/cocoa.o: $(SRC_PATH)/$(obj)/cocoa.m
-
 $(obj)/gtk.o: QEMU_CFLAGS += $(GTK_CFLAGS) $(VTE_CFLAGS)
-- 
1.8.3.1

[Qemu-devel] [PULL 1/5] rules.mak: New logical functions for handling y/n values

[Paolo Bonzini]

From: Peter Maydell 

Add new logical functions for handling y/n values like those we
use in CONFIG_FOO variables:
 lnot : logical NOT
 land : logical AND
 lor : logical OR
 lxor : logical XOR
 leqv : logical equality, inverse of lxor
 lif : like Make's $(if) but with an eq-like test

Based on an idea by Ákos Kovács .

Signed-off-by: Peter Maydell 
Signed-off-by: Paolo Bonzini 
---
 rules.mak | 17 +
 1 file changed, 17 insertions(+)

diff --git a/rules.mak b/rules.mak
index abc2e84..65a1b96 100644
--- a/rules.mak
+++ b/rules.mak
@@ -89,6 +89,23 @@ find-in-path = $(if $(find-string /, $1), \
 $(wildcard $1), \
 $(wildcard $(patsubst %, %/$1, $(subst :, ,$(PATH)
 
+# Logical functions (for operating on y/n values like CONFIG_FOO vars)
+# Inputs to these must be either "y" (true) or "n" or "" (both false)
+# Output is always either "y" or "n".
+# Usage: $(call land,$(CONFIG_FOO),$(CONFIG_BAR))
+# Logical NOT
+lnot = $(if $(subst n,,$1),n,y)
+# Logical AND
+land = $(if $(findstring yy,$1$2),y,n)
+# Logical OR
+lor = $(if $(findstring y,$1$2),y,n)
+# Logical XOR (note that this is the inverse of leqv)
+lxor = $(if $(filter $(call lnot,$1),$(call lnot,$2)),n,y)
+# Logical equivalence (note that leqv "","n" is true)
+leqv = $(if $(filter $(call lnot,$1),$(call lnot,$2)),y,n)
+# Logical if: like make's $(if) but with an leqv-like test
+lif = $(if $(subst n,,$1),$2,$3)
+
 # Generate files with tracetool
 TRACETOOL=$(PYTHON) $(SRC_PATH)/scripts/tracetool.py
 
-- 
1.8.3.1

[Qemu-devel] [PULL 4/5] default-configs/: CONFIG_GDBSTUB_XML removed

[Paolo Bonzini]

From: Ákos Kovács 

Makefile.target: Build gdbstub-xml.o only when
TARGET_XML_FILES is not empty.

Signed-off-by: Ákos Kovács 
Reviewed-by: Peter Maydell 
Signed-off-by: Paolo Bonzini 
---
 Makefile.target   | 2 +-
 default-configs/arm-linux-user.mak| 2 --
 default-configs/arm-softmmu.mak   | 1 -
 default-configs/armeb-linux-user.mak  | 2 --
 default-configs/m68k-linux-user.mak   | 2 --
 default-configs/m68k-softmmu.mak  | 1 -
 default-configs/ppc-linux-user.mak| 2 --
 default-configs/ppc-softmmu.mak   | 1 -
 default-configs/ppc64-linux-user.mak  | 2 --
 default-configs/ppc64-softmmu.mak | 1 -
 default-configs/ppc64abi32-linux-user.mak | 2 --
 default-configs/ppcemb-softmmu.mak| 1 -
 12 files changed, 1 insertion(+), 18 deletions(-)

diff --git a/Makefile.target b/Makefile.target
index bbc668b..af6ac7e 100644
--- a/Makefile.target
+++ b/Makefile.target
@@ -79,7 +79,7 @@ obj-$(CONFIG_TCG_INTERPRETER) += disas/tci.o
 obj-y += fpu/softfloat.o
 obj-y += target-$(TARGET_BASE_ARCH)/
 obj-y += disas.o
-obj-$(CONFIG_GDBSTUB_XML) += gdbstub-xml.o
+obj-$(call notempty,$(TARGET_XML_FILES)) += gdbstub-xml.o
 obj-$(call lnot,$(CONFIG_KVM)) += kvm-stub.o
 
 #
diff --git a/default-configs/arm-linux-user.mak 
b/default-configs/arm-linux-user.mak
index 46d4aa2..413361a 100644
--- a/default-configs/arm-linux-user.mak
+++ b/default-configs/arm-linux-user.mak
@@ -1,3 +1 @@
 # Default configuration for arm-linux-user
-
-CONFIG_GDBSTUB_XML=y
diff --git a/default-configs/arm-softmmu.mak b/default-configs/arm-softmmu.mak
index ac0815d..d13bc2b 100644
--- a/default-configs/arm-softmmu.mak
+++ b/default-configs/arm-softmmu.mak
@@ -2,7 +2,6 @@
 
 include pci.mak
 include usb.mak
-CONFIG_GDBSTUB_XML=y
 CONFIG_VGA=y
 CONFIG_ISA_MMIO=y
 CONFIG_NAND=y
diff --git a/default-configs/armeb-linux-user.mak 
b/default-configs/armeb-linux-user.mak
index 41d0cc4..bf2ffe7 100644
--- a/default-configs/armeb-linux-user.mak
+++ b/default-configs/armeb-linux-user.mak
@@ -1,3 +1 @@
 # Default configuration for armeb-linux-user
-
-CONFIG_GDBSTUB_XML=y
diff --git a/default-configs/m68k-linux-user.mak 
b/default-configs/m68k-linux-user.mak
index f3487aa..06cd5ed 100644
--- a/default-configs/m68k-linux-user.mak
+++ b/default-configs/m68k-linux-user.mak
@@ -1,3 +1 @@
 # Default configuration for m68k-linux-user
-
-CONFIG_GDBSTUB_XML=y
diff --git a/default-configs/m68k-softmmu.mak b/default-configs/m68k-softmmu.mak
index 51fe5bb..d9552df 100644
--- a/default-configs/m68k-softmmu.mak
+++ b/default-configs/m68k-softmmu.mak
@@ -3,5 +3,4 @@
 include pci.mak
 include usb.mak
 CONFIG_COLDFIRE=y
-CONFIG_GDBSTUB_XML=y
 CONFIG_PTIMER=y
diff --git a/default-configs/ppc-linux-user.mak 
b/default-configs/ppc-linux-user.mak
index 681a945..6273df2 100644
--- a/default-configs/ppc-linux-user.mak
+++ b/default-configs/ppc-linux-user.mak
@@ -1,3 +1 @@
 # Default configuration for ppc-linux-user
-
-CONFIG_GDBSTUB_XML=y
diff --git a/default-configs/ppc-softmmu.mak b/default-configs/ppc-softmmu.mak
index eac0b28..f5cd0bd 100644
--- a/default-configs/ppc-softmmu.mak
+++ b/default-configs/ppc-softmmu.mak
@@ -3,7 +3,6 @@
 include pci.mak
 include sound.mak
 include usb.mak
-CONFIG_GDBSTUB_XML=y
 CONFIG_ISA_MMIO=y
 CONFIG_ESCC=y
 CONFIG_M48T59=y
diff --git a/default-configs/ppc64-linux-user.mak 
b/default-configs/ppc64-linux-user.mak
index 089c08f..422d3fb 100644
--- a/default-configs/ppc64-linux-user.mak
+++ b/default-configs/ppc64-linux-user.mak
@@ -1,3 +1 @@
 # Default configuration for ppc64-linux-user
-
-CONFIG_GDBSTUB_XML=y
diff --git a/default-configs/ppc64-softmmu.mak 
b/default-configs/ppc64-softmmu.mak
index 7831c2b..975112a 100644
--- a/default-configs/ppc64-softmmu.mak
+++ b/default-configs/ppc64-softmmu.mak
@@ -3,7 +3,6 @@
 include pci.mak
 include sound.mak
 include usb.mak
-CONFIG_GDBSTUB_XML=y
 CONFIG_ISA_MMIO=y
 CONFIG_ESCC=y
 CONFIG_M48T59=y
diff --git a/default-configs/ppc64abi32-linux-user.mak 
b/default-configs/ppc64abi32-linux-user.mak
index f038ffd..1c657ec 100644
--- a/default-configs/ppc64abi32-linux-user.mak
+++ b/default-configs/ppc64abi32-linux-user.mak
@@ -1,3 +1 @@
 # Default configuration for ppc64abi32-linux-user
-
-CONFIG_GDBSTUB_XML=y
diff --git a/default-configs/ppcemb-softmmu.mak 
b/default-configs/ppcemb-softmmu.mak
index 86080a7..4411203 100644
--- a/default-configs/ppcemb-softmmu.mak
+++ b/default-configs/ppcemb-softmmu.mak
@@ -3,7 +3,6 @@
 include pci.mak
 include sound.mak
 include usb.mak
-CONFIG_GDBSTUB_XML=y
 CONFIG_ISA_MMIO=y
 CONFIG_ESCC=y
 CONFIG_M48T59=y
-- 
1.8.3.1

[Qemu-devel] [PULL 0/5] Configury/build system patches for 1.7

[Paolo Bonzini]

Anthony,

The following changes since commit 39c153b80f890dc5f02465dc59992e195abd5f40:

  Merge remote-tracking branch 'afaerber/tags/qom-cpu-for-anthony' into staging 
(2013-10-10 13:16:25 -0700)

are available in the git repository at:


  git://github.com/bonzini/qemu.git configure

for you to fetch changes up to 2324841c0275f31505168e7a6ceb71bcede92d33:

  ui/Makefile.objs: delete unnecessary cocoa.o dependency (2013-10-16 18:21:01 
+0200)

These five patches are from Peter and/or from my summer of code
student, Akos Kovacs.  Peter picked up some small cleanups that
Akos did and improved them.


Peter Maydell (3):
  rules.mak: New logical functions for handling y/n values
  rules.mak: New string testing functions
  ui/Makefile.objs: delete unnecessary cocoa.o dependency

Ákos Kovács (2):
  Makefile.target: CONFIG_NO_* variables removed
  default-configs/: CONFIG_GDBSTUB_XML removed

 Makefile.target   | 10 +++---
 default-configs/arm-linux-user.mak|  2 --
 default-configs/arm-softmmu.mak   |  1 -
 default-configs/armeb-linux-user.mak  |  2 --
 default-configs/m68k-linux-user.mak   |  2 --
 default-configs/m68k-softmmu.mak  |  1 -
 default-configs/ppc-linux-user.mak|  2 --
 default-configs/ppc-softmmu.mak   |  1 -
 default-configs/ppc64-linux-user.mak  |  2 --
 default-configs/ppc64-softmmu.mak |  1 -
 default-configs/ppc64abi32-linux-user.mak |  2 --
 default-configs/ppcemb-softmmu.mak|  1 -
 hw/pci/Makefile.objs  |  2 +-
 rules.mak | 28 
 target-arm/Makefile.objs  |  2 +-
 target-i386/Makefile.objs |  2 +-
 target-ppc/Makefile.objs  |  2 +-
 ui/Makefile.objs  |  2 --
 18 files changed, 35 insertions(+), 30 deletions(-)
-- 
1.8.3.1

Re: [Qemu-devel] [PATCH v3 1/6] osdep: Create qemu_getauxval and qemu_init_auxval

[Peter Maydell]

On 17 October 2013 16:29, Richard Henderson  wrote:
> Abstract away dependence on a system implementation of getauxval.
>
> Signed-off-by: Richard Henderson 

Reviewed-by: Peter Maydell 

-- PMM

Re: [Qemu-devel] [PATCH v3 6/6] linux-user: Use qemu_getauxval for AT_EXECFD

[Peter Maydell]

On 17 October 2013 16:29, Richard Henderson  wrote:
> Signed-off-by: Richard Henderson 

Reviewed-by: Peter Maydell 

-- PMM

Re: [Qemu-devel] PPC: Timer issues with git master

[Alex Bligh]

Mark,

On 17 Oct 2013, at 16:16, Mark Cave-Ayland wrote:

> I've tried it with FreeBSD and it doesn't make any difference; the fix 
> doesn't matter for the HelenOS regression as that timer is only setup for -M 
> mac99.
> 
> To summarise what I've found today with HelenOS: I see failures with both 1.6 
> and git master, but git master appears to be a lot worse in terms of 
> triggering the problem.
> 
> Also with git master, I see time periods where the timer speeds up for a 
> couple of seconds at a time (as apparent by the HelenOS circling orbs) and 
> then slows back down again. And the keyboard (whilst sluggish under 1.6) is 
> very unresponsive under git master.
> 
> I'm starting to wonder like Alex B if these changes have made an already 
> existing bug more apparent.

Perhaps you might put some debugging in timerlist_run_timers()
in qemu-timer.c before 'cb(opaque)', dumping the address
of the timer (ts) and the expire time (ts->expire_time). If
you see this firing off constantly (note the frequency you
see the message and the increment in expire_time), you will
know some timer is expiring too frequently.

If that's the issue, it will be a matter of tracking it down,
which can probably be achieved with gdb and putting a breakpoint
in timer_mod_ns. Statistically you are likely to hit the "right"
one, and backtrace should give you a clue as to what it is.
Continue a few times and see if it's the right timer, and you
should find the culprit.

If it's an rtc problem on the other hand, you will have a
a different issue.

-- 
Alex Bligh

[Qemu-devel] [PATCH v3 3/6] tcg-arm: Use qemu_getauxval

[Richard Henderson]

Allow host detection on linux systems without glibc 2.16 or later.

Signed-off-by: Richard Henderson 
---
 include/elf.h| 25 +
 tcg/arm/tcg-target.c | 14 +-
 2 files changed, 30 insertions(+), 9 deletions(-)

diff --git a/include/elf.h b/include/elf.h
index 7fdd3df..654e33b 100644
--- a/include/elf.h
+++ b/include/elf.h
@@ -411,6 +411,31 @@ typedef struct {
 #define R_SPARC_5  44
 #define R_SPARC_6  45
 
+/* Bits present in AT_HWCAP for ARM.  */
+
+#define HWCAP_ARM_SWP   (1 << 0)
+#define HWCAP_ARM_HALF  (1 << 1)
+#define HWCAP_ARM_THUMB (1 << 2)
+#define HWCAP_ARM_26BIT (1 << 3)
+#define HWCAP_ARM_FAST_MULT (1 << 4)
+#define HWCAP_ARM_FPA   (1 << 5)
+#define HWCAP_ARM_VFP   (1 << 6)
+#define HWCAP_ARM_EDSP  (1 << 7)
+#define HWCAP_ARM_JAVA  (1 << 8)
+#define HWCAP_ARM_IWMMXT(1 << 9)
+#define HWCAP_ARM_CRUNCH(1 << 10)
+#define HWCAP_ARM_THUMBEE   (1 << 11)
+#define HWCAP_ARM_NEON  (1 << 12)
+#define HWCAP_ARM_VFPv3 (1 << 13)
+#define HWCAP_ARM_VFPv3D16  (1 << 14)   /* also set for VFPv4-D16 */
+#define HWCAP_ARM_TLS   (1 << 15)
+#define HWCAP_ARM_VFPv4 (1 << 16)
+#define HWCAP_ARM_IDIVA (1 << 17)
+#define HWCAP_ARM_IDIVT (1 << 18)
+#define HWCAP_IDIV  (HWCAP_IDIVA | HWCAP_IDIVT)
+#define HWCAP_VFPD32(1 << 19)   /* set if VFP has 32 regs */
+#define HWCAP_LPAE  (1 << 20)
+
 /* Bits present in AT_HWCAP for PowerPC.  */
 
 #define PPC_FEATURE_32  0x8000
diff --git a/tcg/arm/tcg-target.c b/tcg/arm/tcg-target.c
index e93a4a2..82658a1 100644
--- a/tcg/arm/tcg-target.c
+++ b/tcg/arm/tcg-target.c
@@ -22,6 +22,7 @@
  * THE SOFTWARE.
  */
 
+#include "elf.h"
 #include "tcg-be-ldst.h"
 
 /* The __ARM_ARCH define is provided by gcc 4.8.  Construct it otherwise.  */
@@ -58,9 +59,6 @@ static int arm_arch = __ARM_ARCH;
 #ifndef use_idiv_instructions
 bool use_idiv_instructions;
 #endif
-#ifdef CONFIG_GETAUXVAL
-# include 
-#endif
 
 #ifndef NDEBUG
 static const char * const tcg_target_reg_names[TCG_TARGET_NB_REGS] = {
@@ -2036,22 +2034,20 @@ static const TCGTargetOpDef arm_op_defs[] = {
 
 static void tcg_target_init(TCGContext *s)
 {
-#if defined(CONFIG_GETAUXVAL)
 /* Only probe for the platform and capabilities if we havn't already
determined maximum values at compile time.  */
-# if !defined(use_idiv_instructions)
+#ifndef use_idiv_instructions
 {
-unsigned long hwcap = getauxval(AT_HWCAP);
+unsigned long hwcap = qemu_getauxval(AT_HWCAP);
 use_idiv_instructions = (hwcap & HWCAP_ARM_IDIVA) != 0;
 }
-# endif
+#endif
 if (__ARM_ARCH < 7) {
-const char *pl = (const char *)getauxval(AT_PLATFORM);
+const char *pl = (const char *)qemu_getauxval(AT_PLATFORM);
 if (pl != NULL && pl[0] == 'v' && pl[1] >= '4' && pl[1] <= '9') {
 arm_arch = pl[1] - '0';
 }
 }
-#endif /* GETAUXVAL */
 
 tcg_regset_set32(tcg_target_available_regs[TCG_TYPE_I32], 0, 0x);
 tcg_regset_set32(tcg_target_call_clobber_regs, 0,
-- 
1.8.3.1

[Qemu-devel] [PATCH v3 5/6] util: Use qemu_getauxval in linux qemu_cache_utils_init

[Richard Henderson]

With this we no longer pass down envp, and thus all systems can have
the same void prototype.  So also eliminate a useless thunk.

Reviewed-by: Peter Maydell 
Signed-off-by: Richard Henderson 
---
 include/qemu/cache-utils.h |  4 ++--
 linux-user/main.c  |  2 +-
 util/cache-utils.c | 51 ++
 vl.c   |  2 +-
 4 files changed, 24 insertions(+), 35 deletions(-)

diff --git a/include/qemu/cache-utils.h b/include/qemu/cache-utils.h
index 2c57f78..211245b 100644
--- a/include/qemu/cache-utils.h
+++ b/include/qemu/cache-utils.h
@@ -12,7 +12,7 @@ struct qemu_cache_conf {
 
 extern struct qemu_cache_conf qemu_cache_conf;
 
-void qemu_cache_utils_init(char **envp);
+void qemu_cache_utils_init(void);
 
 /* mildly adjusted code from tcg-dyngen.c */
 static inline void flush_icache_range(uintptr_t start, uintptr_t stop)
@@ -38,7 +38,7 @@ static inline void flush_icache_range(uintptr_t start, 
uintptr_t stop)
 }
 
 #else
-#define qemu_cache_utils_init(envp) do { (void) (envp); } while (0)
+#define qemu_cache_utils_init() do { } while (0)
 #endif
 
 #endif /* QEMU_CACHE_UTILS_H */
diff --git a/linux-user/main.c b/linux-user/main.c
index 0e45336..50db755 100644
--- a/linux-user/main.c
+++ b/linux-user/main.c
@@ -3702,7 +3702,7 @@ int main(int argc, char **argv, char **envp)
 module_call_init(MODULE_INIT_QOM);
 
 qemu_init_auxval(envp);
-qemu_cache_utils_init(envp);
+qemu_cache_utils_init();
 
 if ((envlist = envlist_create()) == NULL) {
 (void) fprintf(stderr, "Unable to allocate envlist\n");
diff --git a/util/cache-utils.c b/util/cache-utils.c
index b94013a..0470030 100644
--- a/util/cache-utils.c
+++ b/util/cache-utils.c
@@ -1,3 +1,4 @@
+#include "qemu-common.h"
 #include "qemu/cache-utils.h"
 
 #if defined(_ARCH_PPC)
@@ -9,31 +10,33 @@ struct qemu_cache_conf qemu_cache_conf = {
 #if defined _AIX
 #include 
 
-static void ppc_init_cacheline_sizes(void)
+void qemu_cache_utils_init(void)
 {
 qemu_cache_conf.icache_bsize = _system_configuration.icache_line;
 qemu_cache_conf.dcache_bsize = _system_configuration.dcache_line;
 }
 
 #elif defined __linux__
+#include "qemu/osdep.h"
+#include "elf.h"
 
-#define QEMU_AT_NULL0
-#define QEMU_AT_DCACHEBSIZE 19
-#define QEMU_AT_ICACHEBSIZE 20
-
-static void ppc_init_cacheline_sizes(char **envp)
+void qemu_cache_utils_init(void)
 {
-unsigned long *auxv;
-
-while (*envp++);
+unsigned long dsize = qemu_getauxval(AT_DCACHEBSIZE);
+unsigned long isize = qemu_getauxval(AT_ICACHEBSIZE);
 
-for (auxv = (unsigned long *) envp; *auxv != QEMU_AT_NULL; auxv += 2) {
-switch (*auxv) {
-case QEMU_AT_DCACHEBSIZE: qemu_cache_conf.dcache_bsize = auxv[1]; 
break;
-case QEMU_AT_ICACHEBSIZE: qemu_cache_conf.icache_bsize = auxv[1]; 
break;
-default: break;
+if (dsize == 0 || isize == 0) {
+if (dsize == 0) {
+fprintf(stderr, "getauxval AT_DCACHEBSIZE failed\n");
+}
+if (isize == 0) {
+fprintf(stderr, "getauxval AT_ICACHEBSIZE failed\n");
 }
+exit(1);
+
 }
+qemu_cache_conf.dcache_bsize = dsize;
+qemu_cache_conf.icache_bsize = isize;
 }
 
 #elif defined __APPLE__
@@ -41,7 +44,7 @@ static void ppc_init_cacheline_sizes(char **envp)
 #include 
 #include 
 
-static void ppc_init_cacheline_sizes(void)
+void qemu_cache_utils_init(void)
 {
 size_t len;
 unsigned cacheline;
@@ -55,9 +58,8 @@ static void ppc_init_cacheline_sizes(void)
 qemu_cache_conf.icache_bsize = cacheline;
 }
 }
-#endif
 
-#if defined(__FreeBSD__) || defined(__FreeBSD_kernel__)
+#elif defined(__FreeBSD__) || defined(__FreeBSD_kernel__)
 #include 
 #include 
 #include 
@@ -65,7 +67,7 @@ static void ppc_init_cacheline_sizes(void)
 #include 
 #include 
 
-static void ppc_init_cacheline_sizes(void)
+void qemu_cache_utils_init(void)
 {
 size_t len = 4;
 unsigned cacheline;
@@ -81,17 +83,4 @@ static void ppc_init_cacheline_sizes(void)
 }
 #endif
 
-#ifdef __linux__
-void qemu_cache_utils_init(char **envp)
-{
-ppc_init_cacheline_sizes(envp);
-}
-#else
-void qemu_cache_utils_init(char **envp)
-{
-(void) envp;
-ppc_init_cacheline_sizes();
-}
-#endif
-
 #endif /* _ARCH_PPC */
diff --git a/vl.c b/vl.c
index 1b0b2d3..4b46c70 100644
--- a/vl.c
+++ b/vl.c
@@ -2894,7 +2894,7 @@ int main(int argc, char **argv, char **envp)
 rtc_clock = QEMU_CLOCK_HOST;
 
 qemu_init_auxval(envp);
-qemu_cache_utils_init(envp);
+qemu_cache_utils_init();
 
 QLIST_INIT (&vm_change_state_head);
 os_setup_early_signal_handling();
-- 
1.8.3.1

[Qemu-devel] [PATCH v3 4/6] tcg-s390: Use qemu_getauxval in query_facilities

[Richard Henderson]

No need to set up a SIGILL signal handler for detection anymore.

Remove a ton of sanity checks that must be true, given that we're
requiring a 64-bit build (the note about 31-bit KVM is satisfied
by configuring with TCI).

Signed-off-by: Richard Henderson 
---
 include/elf.h | 14 
 tcg/s390/tcg-target.c | 95 +++
 2 files changed, 26 insertions(+), 83 deletions(-)

diff --git a/include/elf.h b/include/elf.h
index 654e33b..a6790c4 100644
--- a/include/elf.h
+++ b/include/elf.h
@@ -479,6 +479,20 @@ typedef struct {
 #define HWCAP_SPARC_V9 16
 #define HWCAP_SPARC_ULTRA3 32
 
+/* Bits present in AT_HWCAP for s390.  */
+
+#define HWCAP_S390_ESAN31
+#define HWCAP_S390_ZARCH2
+#define HWCAP_S390_STFLE4
+#define HWCAP_S390_MSA  8
+#define HWCAP_S390_LDISP16
+#define HWCAP_S390_EIMM 32
+#define HWCAP_S390_DFP  64
+#define HWCAP_S390_HPAGE128
+#define HWCAP_S390_ETF3EH   256
+#define HWCAP_S390_HIGH_GPRS512
+#define HWCAP_S390_TE   1024
+
 /*
  * 68k ELF relocation types
  */
diff --git a/tcg/s390/tcg-target.c b/tcg/s390/tcg-target.c
index 0a4f3be..248726e 100644
--- a/tcg/s390/tcg-target.c
+++ b/tcg/s390/tcg-target.c
@@ -31,6 +31,8 @@
 #error "unsupported code generation mode"
 #endif
 
+#include "elf.h"
+
 /* ??? The translation blocks produced by TCG are generally small enough to
be entirely reachable with a 16-bit displacement.  Leaving the option for
a 32-bit displacement here Just In Case.  */
@@ -2233,91 +2235,18 @@ static void sigill_handler(int sig)
 
 static void query_facilities(void)
 {
-struct sigaction sa_old, sa_new;
-register int r0 __asm__("0");
-register void *r1 __asm__("1");
-int fail;
-
-memset(&sa_new, 0, sizeof(sa_new));
-sa_new.sa_handler = sigill_handler;
-sigaction(SIGILL, &sa_new, &sa_old);
-
-/* First, try STORE FACILITY LIST EXTENDED.  If this is present, then
-   we need not do any more probing.  Unfortunately, this itself is an
-   extension and the original STORE FACILITY LIST instruction is
-   kernel-only, storing its results at absolute address 200.  */
-/* stfle 0(%r1) */
-r1 = &facilities;
-asm volatile(".word 0xb2b0,0x1000"
- : "=r"(r0) : "0"(0), "r"(r1) : "memory", "cc");
-
-if (got_sigill) {
-/* STORE FACILITY EXTENDED is not available.  Probe for one of each
-   kind of instruction that we're interested in.  */
-/* ??? Possibly some of these are in practice never present unless
-   the store-facility-extended facility is also present.  But since
-   that isn't documented it's just better to probe for each.  */
-
-/* Test for z/Architecture.  Required even in 31-bit mode.  */
-got_sigill = 0;
-/* agr %r0,%r0 */
-asm volatile(".word 0xb908,0x" : "=r"(r0) : : "cc");
-if (!got_sigill) {
-facilities |= FACILITY_ZARCH_ACTIVE;
-}
-
-/* Test for long displacement.  */
-got_sigill = 0;
-/* ly %r0,0(%r1) */
-r1 = &facilities;
-asm volatile(".word 0xe300,0x1000,0x0058"
- : "=r"(r0) : "r"(r1) : "cc");
-if (!got_sigill) {
-facilities |= FACILITY_LONG_DISP;
-}
-
-/* Test for extended immediates.  */
-got_sigill = 0;
-/* afi %r0,0 */
-asm volatile(".word 0xc209,0x,0x" : : : "cc");
-if (!got_sigill) {
-facilities |= FACILITY_EXT_IMM;
-}
-
-/* Test for general-instructions-extension.  */
-got_sigill = 0;
-/* msfi %r0,1 */
-asm volatile(".word 0xc201,0x,0x0001");
-if (!got_sigill) {
-facilities |= FACILITY_GEN_INST_EXT;
-}
-}
-
-sigaction(SIGILL, &sa_old, NULL);
+unsigned long hwcap = qemu_getauxval(AT_HWCAP);
 
-/* The translator currently uses these extensions unconditionally.
-   Pruning this back to the base ESA/390 architecture doesn't seem
-   worthwhile, since even the KVM target requires z/Arch.  */
-fail = 0;
-if ((facilities & FACILITY_ZARCH_ACTIVE) == 0) {
-fprintf(stderr, "TCG: z/Arch facility is required.\n");
-fprintf(stderr, "TCG: Boot with a 64-bit enabled kernel.\n");
-fail = 1;
-}
-if ((facilities & FACILITY_LONG_DISP) == 0) {
-fprintf(stderr, "TCG: long-displacement facility is required.\n");
-fail = 1;
-}
+/* Is STORE FACILITY LIST EXTENDED available?  Honestly, I believe this
+   is present on all 64-bit systems, but let's check for it anyway.  */
+if (hwcap & HWCAP_S390_STFLE) {
+register int r0 __asm__("0");
+register void *r1 __asm__("1");
 
-/* So far there's just enough support for 31-bit mode to let the
-   compile succeed.  This is good enough to run QEMU with KVM.  */
-if (sizeof(void *) !=

[Qemu-devel] [PATCH v3 1/6] osdep: Create qemu_getauxval and qemu_init_auxval

[Richard Henderson]

Abstract away dependence on a system implementation of getauxval.

Signed-off-by: Richard Henderson 
---
 include/qemu/osdep.h | 25 ++
 linux-user/main.c|  1 +
 util/Makefile.objs   |  1 +
 util/getauxval.c | 74 
 vl.c |  1 +
 5 files changed, 102 insertions(+)
 create mode 100644 util/getauxval.c

diff --git a/include/qemu/osdep.h b/include/qemu/osdep.h
index 26136f1..b3e2b6d 100644
--- a/include/qemu/osdep.h
+++ b/include/qemu/osdep.h
@@ -215,4 +215,29 @@ bool fips_get_state(void);
  */
 char *qemu_get_local_state_pathname(const char *relative_pathname);
 
+/**
+ * qemu_getauxval:
+ * @type: the auxiliary vector key to lookup
+ *
+ * Search the auxiliary vector for @type, returning the value
+ * or 0 if @type is not present.
+ */
+#if defined(CONFIG_GETAUXVAL) || defined(__linux__)
+unsigned long qemu_getauxval(unsigned long type);
+#else
+static inline unsigned long qemu_getauxval(unsigned long type) { return 0; }
+#endif
+
+/**
+ * qemu_init_auxval:
+ * @envp: the third argument to main
+ *
+ * If supported and required, locate the auxiliary vector at program startup.
+ */
+#if defined(CONFIG_GETAUXVAL) || !defined(__linux__)
+static inline void qemu_init_auxval(char **envp) { }
+#else
+void qemu_init_auxval(char **envp);
+#endif
+
 #endif
diff --git a/linux-user/main.c b/linux-user/main.c
index 6b4ab09..0e45336 100644
--- a/linux-user/main.c
+++ b/linux-user/main.c
@@ -3701,6 +3701,7 @@ int main(int argc, char **argv, char **envp)
 
 module_call_init(MODULE_INIT_QOM);
 
+qemu_init_auxval(envp);
 qemu_cache_utils_init(envp);
 
 if ((envlist = envlist_create()) == NULL) {
diff --git a/util/Makefile.objs b/util/Makefile.objs
index 2bb13a2..af3e5cb 100644
--- a/util/Makefile.objs
+++ b/util/Makefile.objs
@@ -12,3 +12,4 @@ util-obj-y += qemu-option.o qemu-progress.o
 util-obj-y += hexdump.o
 util-obj-y += crc32c.o
 util-obj-y += throttle.o
+util-obj-y += getauxval.o
diff --git a/util/getauxval.c b/util/getauxval.c
new file mode 100644
index 000..476c883
--- /dev/null
+++ b/util/getauxval.c
@@ -0,0 +1,74 @@
+/*
+ * QEMU access to the auxiliary vector
+ *
+ * Copyright (C) 2013 Red Hat, Inc
+ *
+ * Permission is hereby granted, free of charge, to any person obtaining a copy
+ * of this software and associated documentation files (the "Software"), to 
deal
+ * in the Software without restriction, including without limitation the rights
+ * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+ * copies of the Software, and to permit persons to whom the Software is
+ * furnished to do so, subject to the following conditions:
+ *
+ * The above copyright notice and this permission notice shall be included in
+ * all copies or substantial portions of the Software.
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+ * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+ * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL
+ * THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+ * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING 
FROM,
+ * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
+ * THE SOFTWARE.
+ */
+
+#include "qemu-common.h"
+#include "qemu/osdep.h"
+
+#ifdef CONFIG_GETAUXVAL
+/* Don't inline this in qemu/osdep.h, because pulling in  for
+   the system declaration of getauxval pulls in the system , which
+   conflicts with qemu's version.  */
+
+#include 
+
+unsigned long qemu_getauxval(unsigned long key)
+{
+return getauxval(key);
+}
+#elif defined(__linux__)
+#include "elf.h"
+
+/* Our elf.h doesn't contain Elf32_auxv_t and Elf64_auxv_t, which is ok because
+   that just makes it easier to define it properly for the host here.  */
+typedef struct {
+unsigned long a_type;
+unsigned long a_val;
+} ElfW_auxv_t;
+
+static const ElfW_auxv_t *auxv;
+
+void qemu_init_auxval(char **envp)
+{
+/* The auxiliary vector is located just beyond the initial environment.  */
+while (*envp++ != NULL) {
+continue;
+}
+auxv = (const ElfW_auxv_t *)envp;
+}
+
+unsigned long qemu_getauxval(unsigned long type)
+{
+/* If we were able to find the auxiliary vector, use it.  */
+if (auxv) {
+const ElfW_auxv_t *a;
+for (a = auxv; a->a_type != 0; a++) {
+if (a->a_type == type) {
+return a->a_val;
+}
+}
+}
+
+return 0;
+}
+#endif
diff --git a/vl.c b/vl.c
index 7e1f408..1b0b2d3 100644
--- a/vl.c
+++ b/vl.c
@@ -2893,6 +2893,7 @@ int main(int argc, char **argv, char **envp)
 init_clocks();
 rtc_clock = QEMU_CLOCK_HOST;
 
+qemu_init_auxval(envp);
 qemu_cache_utils_init(envp);
 
 QLIST_INIT (&vm_change_state_head);
-- 
1.8.3.1

[Qemu-devel] [PATCH v3 2/6] tcg-ppc64: Use qemu_getauxval

[Richard Henderson]

Allow host detection on linux systems without glibc 2.16 or later.

Reviewed-by: Peter Maydell 
Signed-off-by: Richard Henderson 
---
 include/elf.h  | 34 ++
 tcg/ppc64/tcg-target.c | 11 ++-
 2 files changed, 36 insertions(+), 9 deletions(-)

diff --git a/include/elf.h b/include/elf.h
index 58bfbf8..7fdd3df 100644
--- a/include/elf.h
+++ b/include/elf.h
@@ -411,6 +411,40 @@ typedef struct {
 #define R_SPARC_5  44
 #define R_SPARC_6  45
 
+/* Bits present in AT_HWCAP for PowerPC.  */
+
+#define PPC_FEATURE_32  0x8000
+#define PPC_FEATURE_64  0x4000
+#define PPC_FEATURE_601_INSTR   0x2000
+#define PPC_FEATURE_HAS_ALTIVEC 0x1000
+#define PPC_FEATURE_HAS_FPU 0x0800
+#define PPC_FEATURE_HAS_MMU 0x0400
+#define PPC_FEATURE_HAS_4xxMAC  0x0200
+#define PPC_FEATURE_UNIFIED_CACHE   0x0100
+#define PPC_FEATURE_HAS_SPE 0x0080
+#define PPC_FEATURE_HAS_EFP_SINGLE  0x0040
+#define PPC_FEATURE_HAS_EFP_DOUBLE  0x0020
+#define PPC_FEATURE_NO_TB   0x0010
+#define PPC_FEATURE_POWER4  0x0008
+#define PPC_FEATURE_POWER5  0x0004
+#define PPC_FEATURE_POWER5_PLUS 0x0002
+#define PPC_FEATURE_CELL0x0001
+#define PPC_FEATURE_BOOKE   0x8000
+#define PPC_FEATURE_SMT 0x4000
+#define PPC_FEATURE_ICACHE_SNOOP0x2000
+#define PPC_FEATURE_ARCH_2_05   0x1000
+#define PPC_FEATURE_PA6T0x0800
+#define PPC_FEATURE_HAS_DFP 0x0400
+#define PPC_FEATURE_POWER6_EXT  0x0200
+#define PPC_FEATURE_ARCH_2_06   0x0100
+#define PPC_FEATURE_HAS_VSX 0x0080
+
+#define PPC_FEATURE_PSERIES_PERFMON_COMPAT \
+0x0040
+
+#define PPC_FEATURE_TRUE_LE 0x0002
+#define PPC_FEATURE_PPC_LE  0x0001
+
 /* Bits present in AT_HWCAP, primarily for Sparc32.  */
 
 #define HWCAP_SPARC_FLUSH   1/* CPU supports flush instruction. */
diff --git a/tcg/ppc64/tcg-target.c b/tcg/ppc64/tcg-target.c
index 6109d86..06e440f 100644
--- a/tcg/ppc64/tcg-target.c
+++ b/tcg/ppc64/tcg-target.c
@@ -45,15 +45,10 @@ static uint8_t *tb_ret_addr;
 #define GUEST_BASE 0
 #endif
 
-#ifdef CONFIG_GETAUXVAL
-#include 
+#include "elf.h"
 static bool have_isa_2_06;
 #define HAVE_ISA_2_06  have_isa_2_06
 #define HAVE_ISEL  have_isa_2_06
-#else
-#define HAVE_ISA_2_06  0
-#define HAVE_ISEL  0
-#endif
 
 #ifdef CONFIG_USE_GUEST_BASE
 #define TCG_GUEST_BASE_REG 30
@@ -2132,12 +2127,10 @@ static const TCGTargetOpDef ppc_op_defs[] = {
 
 static void tcg_target_init(TCGContext *s)
 {
-#ifdef CONFIG_GETAUXVAL
-unsigned long hwcap = getauxval(AT_HWCAP);
+unsigned long hwcap = qemu_getauxval(AT_HWCAP);
 if (hwcap & PPC_FEATURE_ARCH_2_06) {
 have_isa_2_06 = true;
 }
-#endif
 
 tcg_regset_set32(tcg_target_available_regs[TCG_TYPE_I32], 0, 0x);
 tcg_regset_set32(tcg_target_available_regs[TCG_TYPE_I64], 0, 0x);
-- 
1.8.3.1

Re: [Qemu-devel] [PATCH] net: disallow to specify multicast MAC address

[Eric Blake]

On 10/17/2013 09:06 AM, Dmitry Krivenok wrote:
> Added explicit check of MAC address specified via macaddr option.
> Multicast MAC addresses are no longer allowed.
> This fixes bug #495566.
> 
> Signed-off-by: Dmitry V. Krivenok 
> ---

>  }
> +
> +bool net_macaddr_is_multicast(uint8_t *macaddr)
> +{
> +return (macaddr[0] % 2) ? true : false;

Personally, I find 'expr ? true : false' rather verbose; why not just:

return macaddr[0] % 2;

But as you're not the first person to do this (a quick grep found two
other offenders in the code base), it's not a strong reason for a respin.

-- 
Eric Blake   eblake redhat com+1-919-301-3266
Libvirt virtualization library http://libvirt.org



signature.asc
Description: OpenPGP digital signature

Re: [Qemu-devel] PPC: Timer issues with git master

[Mark Cave-Ayland]

On 17/10/13 15:53, Paolo Bonzini wrote:


Hi Paolo,

I've just attempted a bisection testing HelenOS, but I'm struggling to
get a consistent result. Even with the same binary across multiple runs
then sometimes I see the issue with frequent timer pauses, and sometimes
I don't which makes tracking this down very difficult.

What I do see post-timer-rework is that when it does occur, the screen
redraws become really really slow; rectangular blocks (maybe 2 per sec
or so?) are redrawn very slowly working their way down the screen. I
have a feeling from memory that HelenOS does tend to hit the timer
interrupts quite hard on PPC so could it be that the new code somehow
blocks screen updates under high timer interrupt load?

As for the FreeBSD issue, this seems to be something different from the
HelenOS issue and I see it even with QEMU 1.6. A quick browse around the
git logs points me towards this as a possible suspect:
http://git.qemu.org/?p=qemu.git;a=commit;h=a0f9fdfd98cc0571f9921a7eadd7316532e3e289.


Can you try reverting this on top of git master (and test both guests)?


I've tried it with FreeBSD and it doesn't make any difference; the fix 
doesn't matter for the HelenOS regression as that timer is only setup 
for -M mac99.


To summarise what I've found today with HelenOS: I see failures with 
both 1.6 and git master, but git master appears to be a lot worse in 
terms of triggering the problem.


Also with git master, I see time periods where the timer speeds up for a 
couple of seconds at a time (as apparent by the HelenOS circling orbs) 
and then slows back down again. And the keyboard (whilst sluggish under 
1.6) is very unresponsive under git master.


I'm starting to wonder like Alex B if these changes have made an already 
existing bug more apparent.



ATB,

Mark.

[Qemu-devel] [PATCH] net: disallow to specify multicast MAC address

[Dmitry Krivenok]

Added explicit check of MAC address specified via macaddr option.
Multicast MAC addresses are no longer allowed.
This fixes bug #495566.

Signed-off-by: Dmitry V. Krivenok 
---
 net/net.c  | 5 +
 net/util.c | 5 +
 net/util.h | 2 ++
 3 files changed, 12 insertions(+)

diff --git a/net/net.c b/net/net.c
index c330c9a..b3a42e5 100644
--- a/net/net.c
+++ b/net/net.c
@@ -689,6 +689,11 @@ static int net_init_nic(const NetClientOptions
*opts, const char *name,
 error_report("invalid syntax for ethernet address");
 return -1;
 }
+if (nic->has_macaddr &&
+net_macaddr_is_multicast(nd->macaddr.a)) {
+error_report("NIC cannot have multicast MAC address (odd 1st byte)");
+return -1;
+}
 qemu_macaddr_default_if_unset(&nd->macaddr);

 if (nic->has_vectors) {
diff --git a/net/util.c b/net/util.c
index 7e95076..b86ac03 100644
--- a/net/util.c
+++ b/net/util.c
@@ -58,3 +58,8 @@ int net_parse_macaddr(uint8_t *macaddr, const char *p)

 return 0;
 }
+
+bool net_macaddr_is_multicast(uint8_t *macaddr)
+{
+return (macaddr[0] % 2) ? true : false;
+}
diff --git a/net/util.h b/net/util.h
index 10c7da9..4581cb7 100644
--- a/net/util.h
+++ b/net/util.h
@@ -26,7 +26,9 @@
 #define QEMU_NET_UTIL_H

 #include 
+#include 

 int net_parse_macaddr(uint8_t *macaddr, const char *p);
+bool net_macaddr_is_multicast(uint8_t *macaddr);

 #endif /* QEMU_NET_UTIL_H */
-- 
1.8.3

Re: [Qemu-devel] [PATCH v7 0/3] hw/arm: Add 'virt' platform

[Peter Maydell]

On 17 October 2013 15:49, Tom Sutcliffe  wrote:
> On 17 Oct 2013, at 15:30, Peter Maydell  wrote:
>> On 15 October 2013 16:14, Tom Sutcliffe  wrote:
>>> On 15 Oct 2013, at 16:00, Peter Maydell  wrote:
 Oh yes, I'd forgotten you mentioned that. Did anybody ever
 track down *why* the kernel is reading the device tree
 backwards?
>>>
>>> Not me :)

So I have figured this one out. libfdt seems to always
add new subnodes at the start of the parent node's list
of subnodes. This means that if you do "add A; add B; add C"
then the resulting device tree blob lists the nodes in
the order C B A. The kernel (and dtc in decompilation mode)
read the node list forwards, so they iterate through in
reverse order to how the nodes were added by the creator.

Peter, Andreas, David: do any of you know why libfdt does
this?

Anyway, as a result the bits of QEMU that generate device
trees for PPC boards specifically make sure they add
the nodes in reverse order in the places where order
of subnodes in the tree is important. So I think we should
follow suit for ARM boards, which means leaving vexpress
as it is and making mach-virt do them in reverse order too.

>> So apparently the kernel makes no guarantees at all about what
>> order it might process the virtio-mmio transports in. This
>> means that users mustn't rely on /dev/vda and /dev/vdb
>> corresponding to particular virtio-blk devices on QEMU's
>> command line -- you need to use UUIDs or something similar
>> instead.
>>
>> I think this sucks, but that's the kernel for you.
>
> Oh joy. One more thing to add to the How Long Before This
> Blows Up In My Face list. So long as it's consistent across
> multiple boots of a given kernel binary, I can probably live
> with it for the moment.

...and I will redirect anybody who complains about
the fact that vda and vdb are the "wrong way round"
to the kernel, because as it happens the kernel probes
the two virtio-mmio transports in the "right" order
(ie in the order they appear in the device tree blob),
it just ends up assigning vda and vdb in the opposite
order.

thanks
-- PMM

Re: [Qemu-devel] [PATCH v14 2/8] make.rule: fix $(obj) to a real relative path

[Paolo Bonzini]

Il 16/10/2013 05:26, Fam Zheng ha scritto:
> Makefile.target includes rule.mak and unnested common-obj-y, then prefix
> them with '../', this will ignore object specific QEMU_CFLAGS in subdir
> Makefile.objs:
> 
> $(obj)/curl.o: QEMU_CFLAGS += $(CURL_CFLAGS)
> 
> Because $(obj) here is './block', instead of '../block'. This doesn't
> hurt compiling because we basically build all .o from top Makefile,
> before entering Makefile.target, but it will affact arriving per-object
> libs support.
> 
> The starting point of $(obj) is passed in as argument of unnest-vars, as
> well as nested variables, so that different Makefiles can pass in a
> right value.
> 
> Signed-off-by: Fam Zheng 
> ---
>  Makefile| 14 ++
>  Makefile.objs   | 17 +
>  Makefile.target | 20 
>  configure   |  1 +
>  rules.mak   | 14 +-
>  5 files changed, 41 insertions(+), 25 deletions(-)
> 
> diff --git a/Makefile b/Makefile
> index b15003f..94dae51 100644
> --- a/Makefile
> +++ b/Makefile
> @@ -115,6 +115,16 @@ defconfig:
>  
>  ifneq ($(wildcard config-host.mak),)
>  include $(SRC_PATH)/Makefile.objs
> +endif
> +
> +dummy := $(call unnest-vars,, \
> +stub-obj-y \
> +util-obj-y \
> +qga-obj-y \
> +block-obj-y \
> +common-obj-y)
> +
> +ifneq ($(wildcard config-host.mak),)
>  include $(SRC_PATH)/tests/Makefile
>  endif
>  ifeq ($(CONFIG_SMARTCARD_NSS),y)
> @@ -123,6 +133,10 @@ endif
>  
>  all: $(DOCS) $(TOOLS) $(HELPERS-y) recurse-all
>  
> +vl.o: QEMU_CFLAGS+=$(GPROF_CFLAGS)
> +
> +vl.o: QEMU_CFLAGS+=$(SDL_CFLAGS)
> +
>  config-host.h: config-host.h-timestamp
>  config-host.h-timestamp: config-host.mak
>  qemu-options.def: $(SRC_PATH)/qemu-options.hx
> diff --git a/Makefile.objs b/Makefile.objs
> index 2b6c1fe..91235a6 100644
> --- a/Makefile.objs
> +++ b/Makefile.objs
> @@ -41,7 +41,7 @@ libcacard-y += libcacard/vcardt.o
>  # single QEMU executable should support all CPUs and machines.
>  
>  ifeq ($(CONFIG_SOFTMMU),y)
> -common-obj-y = $(block-obj-y) blockdev.o blockdev-nbd.o block/
> +common-obj-y = blockdev.o blockdev-nbd.o block/
>  common-obj-y += net/
>  common-obj-y += readline.o
>  common-obj-y += qdev-monitor.o device-hotplug.o
> @@ -110,18 +110,3 @@ version-lobj-$(CONFIG_WIN32) += $(BUILD_DIR)/version.lo
>  # by libqemuutil.a.  These should be moved to a separate .json schema.
>  qga-obj-y = qga/ qapi-types.o qapi-visit.o
>  qga-vss-dll-obj-y = qga/
> -
> -vl.o: QEMU_CFLAGS+=$(GPROF_CFLAGS)
> -
> -vl.o: QEMU_CFLAGS+=$(SDL_CFLAGS)
> -
> -QEMU_CFLAGS+=$(GLIB_CFLAGS)
> -
> -nested-vars += \
> - stub-obj-y \
> - util-obj-y \
> - qga-obj-y \
> - qga-vss-dll-obj-y \
> - block-obj-y \
> - common-obj-y
> -dummy := $(call unnest-vars)
> diff --git a/Makefile.target b/Makefile.target
> index 9a49852..fb3a970 100644
> --- a/Makefile.target
> +++ b/Makefile.target
> @@ -143,13 +143,25 @@ endif # CONFIG_SOFTMMU
>  # Workaround for http://gcc.gnu.org/PR55489, see configure.
>  %/translate.o: QEMU_CFLAGS += $(TRANSLATE_OPT_CFLAGS)
>  
> -nested-vars += obj-y
> +dummy := $(call unnest-vars,,obj-y)
>  
> -# This resolves all nested paths, so it must come last
> +# we are making another call to unnest-vars with different vars, protect 
> obj-y,
> +# it can be overriden in subdir Makefile.objs
> +obj-y-save := $(obj-y)
> +
> +block-obj-y :=
> +common-obj-y :=
>  include $(SRC_PATH)/Makefile.objs
> +dummy := $(call unnest-vars,..,block-obj-y common-obj-y)
> +
> +# Now restore obj-y
> +obj-y := $(obj-y-save)
> +
> +all-obj-y = $(obj-y) $(common-obj-y)
>  
> -all-obj-y = $(obj-y)
> -all-obj-y += $(addprefix ../, $(common-obj-y))
> +ifdef CONFIG_SOFTMMU
> +all-obj-y += $(block-obj-y)
> +endif

Just:

all-obj-$(CONFIG_SOFTMMU) += $(block-obj-y)

>  ifndef CONFIG_HAIKU
>  LIBS+=-lm
> diff --git a/configure b/configure
> index 57ee62a..3381264 100755
> --- a/configure
> +++ b/configure
> @@ -2283,6 +2283,7 @@ fi
>  if $pkg_config --atleast-version=$glib_req_ver gthread-2.0; then
>  glib_cflags=`$pkg_config --cflags gthread-2.0`
>  glib_libs=`$pkg_config --libs gthread-2.0`
> +CFLAGS="$glib_cflags $CFLAGS"
>  LIBS="$glib_libs $LIBS"
>  libs_qga="$glib_libs $libs_qga"
>  else
> diff --git a/rules.mak b/rules.mak
> index abc2e84..01e552e 100644
> --- a/rules.mak
> +++ b/rules.mak
> @@ -110,9 +110,6 @@ clean: clean-timestamp
>  
>  # magic to descend into other directories
>  
> -obj := .
> -old-nested-dirs :=
> -
>  define push-var
>  $(eval save-$2-$1 = $(value $1))
>  $(eval $1 :=)
> @@ -126,9 +123,11 @@ endef
>  
>  define unnest-dir
>  $(foreach var,$(nested-vars),$(call push-var,$(var),$1/))
> -$(eval obj := $(obj)/$1)
> +$(eval obj-parent-$1 := $(obj))
> +$(eval obj := $(if $(obj),$(obj)/$1,$1))
>  $(eval include $(SRC_PATH)/$1/Makefile.objs)
> -$(eval obj := $(patsubst %/$1,%,$(obj)))
> +$(eval obj := $(obj-parent-$1))
> +$(eval obj-parent-$1 := )
>  $(

Re: [Qemu-devel] PPC: Timer issues with git master

[Paolo Bonzini]

Il 17/10/2013 16:40, Mark Cave-Ayland ha scritto:
> 
> Hi Paolo,
> 
> I've just attempted a bisection testing HelenOS, but I'm struggling to
> get a consistent result. Even with the same binary across multiple runs
> then sometimes I see the issue with frequent timer pauses, and sometimes
> I don't which makes tracking this down very difficult.
> 
> What I do see post-timer-rework is that when it does occur, the screen
> redraws become really really slow; rectangular blocks (maybe 2 per sec
> or so?) are redrawn very slowly working their way down the screen. I
> have a feeling from memory that HelenOS does tend to hit the timer
> interrupts quite hard on PPC so could it be that the new code somehow
> blocks screen updates under high timer interrupt load?
> 
> As for the FreeBSD issue, this seems to be something different from the
> HelenOS issue and I see it even with QEMU 1.6. A quick browse around the
> git logs points me towards this as a possible suspect:
> http://git.qemu.org/?p=qemu.git;a=commit;h=a0f9fdfd98cc0571f9921a7eadd7316532e3e289.

Can you try reverting this on top of git master (and test both guests)?

Paolo

Re: [Qemu-devel] [PATCH v7 0/3] hw/arm: Add 'virt' platform

[Tom Sutcliffe]

On 17 Oct 2013, at 15:30, Peter Maydell  wrote:

> On 15 October 2013 16:14, Tom Sutcliffe  wrote:
>> 
>> On 15 Oct 2013, at 16:00, Peter Maydell  wrote:
>> 
>>> On 15 October 2013 15:58, Tom Sutcliffe  wrote:
 Thumbs up from me testing on Arndale. My only issue is that virt and 
 vexpress-a15 add virtio-mmio devices in the opposite order to each other, 
 for the same set of -device command line arguments. It would avoid future 
 headaches if we could have these behave the same. My preference would be 
 for the virt behaviour, as the -device order matches the order in which 
 the guest Linux kernel adds them to /dev (for virtio-blk-devices at least).
>>> 
>>> Oh yes, I'd forgotten you mentioned that. Did anybody ever
>>> track down *why* the kernel is reading the device tree
>>> backwards?
>> 
>> Not me :)
> 
> So apparently the kernel makes no guarantees at all about what
> order it might process the virtio-mmio transports in. This
> means that users mustn't rely on /dev/vda and /dev/vdb
> corresponding to particular virtio-blk devices on QEMU's
> command line -- you need to use UUIDs or something similar
> instead.
> 
> I think this sucks, but that's the kernel for you.

Oh joy. One more thing to add to the How Long Before This Blows Up In My Face 
list. So long as it's consistent across multiple boots of a given kernel 
binary, I can probably live with it for the moment.

> I'll probably change QEMU anyway, just because if there's
> no guarantee we might as well make qemu code do a simple
> forwards loop rather than a backwards one.

Sounds like the best option.


Tom

[Qemu-devel] [PATCH uq/master] KVM: x86: fix typo in KVM_GET_XCRS

[Paolo Bonzini]

Only the first item of the array was ever looked at.  No
practical effect, but still worth fixing.

Signed-off-by: Paolo Bonzini 
---
 target-i386/kvm.c | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/target-i386/kvm.c b/target-i386/kvm.c
index 749aa09..27071e3 100644
--- a/target-i386/kvm.c
+++ b/target-i386/kvm.c
@@ -1314,8 +1314,8 @@ static int kvm_get_xcrs(X86CPU *cpu)
 
 for (i = 0; i < xcrs.nr_xcrs; i++) {
 /* Only support xcr0 now */
-if (xcrs.xcrs[0].xcr == 0) {
-env->xcr0 = xcrs.xcrs[0].value;
+if (xcrs.xcrs[i].xcr == 0) {
+env->xcr0 = xcrs.xcrs[i].value;
 break;
 }
 }
-- 
1.8.3.1