Re: [Qemu-devel] [PATCH v2] qdev: Keep global allocation counter per bus

[Markus Armbruster]

Andreas Färber afaer...@suse.de writes:

 Am 08.01.2014 04:07, schrieb Peter Crosthwaite:
 On Wed, Jan 8, 2014 at 2:59 AM, Paolo Bonzini pbonz...@redhat.com wrote:
 Il 07/01/2014 16:12, Markus Armbruster ha scritto:
 aarch64 akita   info qtree crashes
 aarch64 borzoi  info qtree crashes
 aarch64 spitz   info qtree crashes
 aarch64 terrier info qtree crashes
 aarch64 tosainfo qtree crashes
 arm akita   info qtree crashes
 arm borzoi  info qtree crashes
 arm spitz   info qtree crashes
 arm terrier info qtree crashes
 arm tosainfo qtree crashes
 crisaxis-dev88  info qtree crashes

 The crash is because of commit 7426aa7 (nand: Don't inherit from Sysbus,
 2013-06-18).   Should probably be reverted.

 
 Prefer not, under no reasonable definition is NAND a sysbus device.
 Whats the real problem here? What is TYPE_SYS_BUS_DEVICE doing WRT to
 qtree that TYPE_DEVICE is not?

 Not fully aware of the context yet, but my response to complaints about
 info qtree, whether here or from Igor, will be to simply drop it.

 Anthony has clearly stated on a KVM call that we should not design code
 to please info qtree but to use the new QOM paradigms. If people don't
 listen, we must take qdev stuff away for people to realize it - 2.0 is
 certainly a good point in time. And I had already informally posted a
 qom-tree Python script to the list that I can turn into a formal patch.

 My plan was to first extend the qom-test to assure that all machines'
 properties can be qom-get'ed crash-free, but we can of course skip such
 safety precautions if that helps avoid weird workarounds.

 As a reminder, the CPU is not a SysBus device either (ICC on x86, device
 elsewhere) and I certainly don't want to make it one, especially now
 that we're about to refactor AddressSpaces.

No matter how much you want to retire a monitor command, until you've
retired it, a crash bug is a crash bug.  Crash bugs need fixing a.s.a.p.
In this case, we have a safe and quick fix: revert the (recent!) patch
that broke it.

I object to retiring info qtree before a replacement is available.  In
my personal opinion, a bunch of python scripts is not a replacement.
They may be okay for developers, but hardly for users.  We need a HMP
command to inspect the machine.  Device IDs, in particular, but also
other properties.

info qtree has always been incomplete, because it can only show
qdevified devices.  Restricting it further to the subtree rooted at the
main system bus that is connected via qbus edges could be okay.  If it
helps, which isn't obvious to me, but I'm happy to leave that to you.

[...]

Re: [Qemu-devel] [PATCH v2] qdev: Keep global allocation counter per bus

[Markus Armbruster]

Peter Crosthwaite peter.crosthwa...@xilinx.com writes:

 On Wed, Jan 8, 2014 at 2:59 AM, Paolo Bonzini pbonz...@redhat.com wrote:
 Il 07/01/2014 16:12, Markus Armbruster ha scritto:
 aarch64 akita   info qtree crashes
 aarch64 borzoi  info qtree crashes
 aarch64 spitz   info qtree crashes
 aarch64 terrier info qtree crashes
 aarch64 tosainfo qtree crashes
 arm akita   info qtree crashes
 arm borzoi  info qtree crashes
 arm spitz   info qtree crashes
 arm terrier info qtree crashes
 arm tosainfo qtree crashes
 crisaxis-dev88  info qtree crashes

 The crash is because of commit 7426aa7 (nand: Don't inherit from Sysbus,
 2013-06-18).   Should probably be reverted.


 Prefer not, under no reasonable definition is NAND a sysbus device.
 Whats the real problem here? What is TYPE_SYS_BUS_DEVICE doing WRT to
 qtree that TYPE_DEVICE is not?

Maybe, but our definition of sysbus has never been reasonable :)

Qdev, as designed by Paul Brook, assumed the parent of a qdev is always
a qbus and vice versa.  With the exception of the root, which has no
parent, and is a sysbus, commonly the only one.

A PCI qdev plugs into a PCI qbus, an USB qdev plugs into an USB qbus,
and so forth.  Any qdev that doesn't really plug into a bus was made a
sysbus device by fiat.  Sysbus is a catchall, no more.  In
particular, it's not a bus in the hardware sense.

This everything plugs into exactly one bus assumption is of course a
gross oversimplification, and we've been working on overcoming it for
quite some time.  It has become possible to define qdevs that aren't
connected to a qbus.  A TYPE_DEVICE isn't.

That's progress.  But progress isn't justification for not fixing crash
bugs in monitor commands.

Either you fix info qtree to cope with your change to the device
graph, or the change needs to be reverted until somebody fixes it or it
goes away.

Re: [Qemu-devel] [PATCH 2/2] hw/arm/allwinner-a10: initialize EMAC

[Peter Crosthwaite]

On Wed, Jan 8, 2014 at 5:27 PM, Li Guang lig.f...@cn.fujitsu.com wrote:
 Beniamino Galvani wrote:

 On Mon, Jan 06, 2014 at 08:49:18AM +0800, Li Guang wrote:


 Hi,
 please use prefix AwA10 for names instead of Aw,
 also PATCH 1/2.


 Hi,

 I agree with you that there is an inconsistency in the naming of EMAC
 and other A10 devices (timer, interrupt controller).

 But the EMAC core is used not only on the A10; since it can be found
 on other SoC of the Allwinner family, shouldn't the name be generic so
 that it can be reused more easily in the future by other SoC
 implementations?




 logic is:
 we emulated devices in A10, then when emulate other chips
 with same devices can freely use them.


That shouldn't dictate the naming scheme of the sharable IP however. In
this case, the name should reflect what it can be used for, not what it is
used for.

Regards,
Peter

 Thanks!

Re: [Qemu-devel] [PATCH] discard rbd error output when not relevant in qemu-iotests

[Loic Dachary]

On 08/01/2014 05:33, Stefan Hajnoczi wrote:
 On Mon, Jan 06, 2014 at 04:50:41PM +0100, Loic Dachary wrote:


 On 06/01/2014 03:23, Stefan Hajnoczi wrote:
 On Mon, Dec 30, 2013 at 01:33:34AM +0100, Loic Dachary wrote:
 diff --git a/tests/qemu-iotests/common.rc b/tests/qemu-iotests/common.rc
 index 28ba0d9..af66bbd 100644
 --- a/tests/qemu-iotests/common.rc
 +++ b/tests/qemu-iotests/common.rc
 @@ -189,7 +189,11 @@ _cleanup_test_img()
  ;;
  
  rbd)
 -rbd rm $TEST_DIR/t.$IMGFMT  /dev/null

 stderr will be displayed.  Why isn't this enough?


 Because the progress of the removal operation will be displayed on stderr. 
 rbd outputs on stderr even when there is no error.
 
 Is that a bug in the rbd tool which should be fixed?  Either by printing
 progress to stdout or by adding a --quiet option?

In my opinion, yes. But Josh may disagree ;-)

-- 
Loïc Dachary, Artisan Logiciel Libre



signature.asc
Description: OpenPGP digital signature

Re: [Qemu-devel] [PATCH v2] qdev: Keep global allocation counter per bus

[Peter Crosthwaite]

On Wed, Jan 8, 2014 at 6:13 PM, Markus Armbruster arm...@redhat.com wrote:

 Peter Crosthwaite peter.crosthwa...@xilinx.com writes:

  On Wed, Jan 8, 2014 at 2:59 AM, Paolo Bonzini pbonz...@redhat.com wrote:
  Il 07/01/2014 16:12, Markus Armbruster ha scritto:
  aarch64 akita   info qtree crashes
  aarch64 borzoi  info qtree crashes
  aarch64 spitz   info qtree crashes
  aarch64 terrier info qtree crashes
  aarch64 tosainfo qtree crashes
  arm akita   info qtree crashes
  arm borzoi  info qtree crashes
  arm spitz   info qtree crashes
  arm terrier info qtree crashes
  arm tosainfo qtree crashes
  crisaxis-dev88  info qtree crashes
 
  The crash is because of commit 7426aa7 (nand: Don't inherit from Sysbus,
  2013-06-18).   Should probably be reverted.
 
 
  Prefer not, under no reasonable definition is NAND a sysbus device.
  Whats the real problem here? What is TYPE_SYS_BUS_DEVICE doing WRT to
  qtree that TYPE_DEVICE is not?

 Maybe, but our definition of sysbus has never been reasonable :)


FWIW my def is a device with at least one memory mapped io region,
optionally with interrupts.

 Qdev, as designed by Paul Brook, assumed the parent of a qdev is always
 a qbus and vice versa.  With the exception of the root, which has no
 parent, and is a sysbus, commonly the only one.

 A PCI qdev plugs into a PCI qbus, an USB qdev plugs into an USB qbus,
 and so forth.  Any qdev that doesn't really plug into a bus was made a
 sysbus device by fiat.  Sysbus is a catchall, no more.  In
 particular, it's not a bus in the hardware sense.


Can we catch-all, and in qdev itself parent any orphans to the root
sysbus? If so is this init or realize stage?


 This everything plugs into exactly one bus assumption is of course a
 gross oversimplification, and we've been working on overcoming it for
 quite some time.  It has become possible to define qdevs that aren't
 connected to a qbus.  A TYPE_DEVICE isn't.

 That's progress.  But progress isn't justification for not fixing crash
 bugs in monitor commands.

 Either you fix info qtree to cope with your change to the device
 graph, or the change needs to be reverted until somebody fixes it or it
 goes away.


Yes, I'm looking for a real answer here. Just getting my head around
the problem at this minute. Thanks for the write up.

Perhaps, long term the solution is to BUSify the NAND BUS itself:

{
.name = TYPE_ONFI_BUS
.parent = TYPE_BUS
}

{
.name = TYPE_ONFI
.parent = TYPE_DEVICE
}

Regards,
Peter

[Qemu-devel] [PATCH 2/6] qemu-bridge-helper: replace send_fd with qemu_send_with_fd

[Lei Li]

Signed-off-by: Lei Li li...@linux.vnet.ibm.com
---
 Makefile |2 +-
 qemu-bridge-helper.c |   31 +++
 2 files changed, 4 insertions(+), 29 deletions(-)

diff --git a/Makefile b/Makefile
index bdff4e4..6850f35 100644
--- a/Makefile
+++ b/Makefile
@@ -195,7 +195,7 @@ qemu-img$(EXESUF): qemu-img.o $(block-obj-y) libqemuutil.a 
libqemustub.a
 qemu-nbd$(EXESUF): qemu-nbd.o $(block-obj-y) libqemuutil.a libqemustub.a
 qemu-io$(EXESUF): qemu-io.o $(block-obj-y) libqemuutil.a libqemustub.a
 
-qemu-bridge-helper$(EXESUF): qemu-bridge-helper.o
+qemu-bridge-helper$(EXESUF): qemu-bridge-helper.o libqemuutil.a
 
 fsdev/virtfs-proxy-helper$(EXESUF): fsdev/virtfs-proxy-helper.o 
fsdev/virtio-9p-marshal.o libqemuutil.a libqemustub.a
 fsdev/virtfs-proxy-helper$(EXESUF): LIBS += -lcap
diff --git a/qemu-bridge-helper.c b/qemu-bridge-helper.c
index 6a0974e..8303b6b 100644
--- a/qemu-bridge-helper.c
+++ b/qemu-bridge-helper.c
@@ -40,6 +40,7 @@
 #endif
 
 #include qemu/queue.h
+#include qemu/fd-exchange.h
 
 #include net/tap-linux.h
 
@@ -174,33 +175,6 @@ static void prep_ifreq(struct ifreq *ifr, const char 
*ifname)
 snprintf(ifr-ifr_name, IFNAMSIZ, %s, ifname);
 }
 
-static int send_fd(int c, int fd)
-{
-char msgbuf[CMSG_SPACE(sizeof(fd))];
-struct msghdr msg = {
-.msg_control = msgbuf,
-.msg_controllen = sizeof(msgbuf),
-};
-struct cmsghdr *cmsg;
-struct iovec iov;
-char req[1] = { 0x00 };
-
-cmsg = CMSG_FIRSTHDR(msg);
-cmsg-cmsg_level = SOL_SOCKET;
-cmsg-cmsg_type = SCM_RIGHTS;
-cmsg-cmsg_len = CMSG_LEN(sizeof(fd));
-msg.msg_controllen = cmsg-cmsg_len;
-
-iov.iov_base = req;
-iov.iov_len = sizeof(req);
-
-msg.msg_iov = iov;
-msg.msg_iovlen = 1;
-memcpy(CMSG_DATA(cmsg), fd, sizeof(fd));
-
-return sendmsg(c, msg, 0);
-}
-
 #ifdef CONFIG_LIBCAP
 static int drop_privileges(void)
 {
@@ -239,6 +213,7 @@ int main(int argc, char **argv)
 ACLList acl_list;
 int access_allowed, access_denied;
 int ret = EXIT_SUCCESS;
+char req[1] = { 0x00 };
 
 #ifdef CONFIG_LIBCAP
 /* if we're run from an suid binary, immediately drop privileges preserving
@@ -424,7 +399,7 @@ int main(int argc, char **argv)
 }
 
 /* write fd to the domain socket */
-if (send_fd(unixfd, fd) == -1) {
+if (qemu_send_with_fd(unixfd, fd, req, sizeof(req)) == -1) {
 fprintf(stderr, failed to write fd to unix socket: %s\n,
 strerror(errno));
 ret = EXIT_FAILURE;
-- 
1.7.7.6

[Qemu-devel] [PATCH resend 0/6 RFC] Provide common methods for exchange FD

[Lei Li]

This patch series tries to refactor the functions used for 
exchange of FD in current code, provide common methods
for it.

The series is based on the localhost migration with side channel
for ram series as it was already a good shape. But if you want
to merge this first, I'll get rid of the migration part. 

I just tested page flipping migration, and tap/bridge-helper a
bit, but have some environment problem on proxy fs driver. So 
it'd be appreciated if someone could help on verifying whether
it has impact on it. :)

Please let me know if there is anything needs to be improved.

Thanks.


Lei Li (6):
  fd-exchange: provide common methods for exchange of fd
  qemu-bridge-helper: replace send_fd with qemu_send_with_fd
  net/tap: replace recv_fd with qemu_recv_with_fd
  virtfs-proxy-helper: replace send_fd with qemu_send_with_fd
  virtio-9p-proxy: replace v9fs_receivefd with qemu_recv_with_fd
  migration-local: replace send_pipefd with qemu_send_with_fd

 Makefile|2 +-
 fsdev/virtfs-proxy-helper.c |   51 ---
 hw/9pfs/virtio-9p-proxy.c   |   60 +-
 hw/9pfs/virtio-9p-proxy.h   |5 --
 include/qemu/fd-exchange.h  |   25 +++
 migration-local.c   |   52 +--
 net/tap.c   |   40 +
 qemu-bridge-helper.c|   31 +
 util/Makefile.objs  |1 +
 util/qemu-fd-exchange.c |   97 +++
 10 files changed, 144 insertions(+), 220 deletions(-)
 create mode 100644 include/qemu/fd-exchange.h
 create mode 100644 util/qemu-fd-exchange.c

[Qemu-devel] [PATCH 4/6] virtfs-proxy-helper: replace send_fd with qemu_send_with_fd

[Lei Li]

Signed-off-by: Lei Li li...@linux.vnet.ibm.com
---
 fsdev/virtfs-proxy-helper.c |   51 ++
 hw/9pfs/virtio-9p-proxy.h   |5 
 2 files changed, 8 insertions(+), 48 deletions(-)

diff --git a/fsdev/virtfs-proxy-helper.c b/fsdev/virtfs-proxy-helper.c
index 713a7b2..44c6e61 100644
--- a/fsdev/virtfs-proxy-helper.c
+++ b/fsdev/virtfs-proxy-helper.c
@@ -23,6 +23,7 @@
 #include qemu-common.h
 #include qemu/sockets.h
 #include qemu/xattr.h
+#include qemu/fd-exchange.h
 #include virtio-9p-marshal.h
 #include hw/9pfs/virtio-9p-proxy.h
 #include fsdev/virtio-9p-marshal.h
@@ -203,48 +204,6 @@ static int read_request(int sockfd, struct iovec *iovec, 
ProxyHeader *header)
 return 0;
 }
 
-static int send_fd(int sockfd, int fd)
-{
-struct msghdr msg;
-struct iovec iov;
-int retval, data;
-struct cmsghdr *cmsg;
-union MsgControl msg_control;
-
-iov.iov_base = data;
-iov.iov_len = sizeof(data);
-
-memset(msg, 0, sizeof(msg));
-msg.msg_iov = iov;
-msg.msg_iovlen = 1;
-/* No ancillary data on error */
-if (fd  0) {
-/* fd is really negative errno if the request failed  */
-data = fd;
-} else {
-data = V9FS_FD_VALID;
-msg.msg_control = msg_control;
-msg.msg_controllen = sizeof(msg_control);
-
-cmsg = msg_control.cmsg;
-cmsg-cmsg_len = CMSG_LEN(sizeof(fd));
-cmsg-cmsg_level = SOL_SOCKET;
-cmsg-cmsg_type = SCM_RIGHTS;
-memcpy(CMSG_DATA(cmsg), fd, sizeof(fd));
-}
-
-do {
-retval = sendmsg(sockfd, msg, 0);
-} while (retval  0  errno == EINTR);
-if (fd = 0) {
-close(fd);
-}
-if (retval  0) {
-return retval;
-}
-return 0;
-}
-
 static int send_status(int sockfd, struct iovec *iovec, int status)
 {
 ProxyHeader header;
@@ -784,11 +743,17 @@ static void usage(char *prog)
 static int process_reply(int sock, int type,
  struct iovec *out_iovec, int retval)
 {
+int data = V9FS_FD_VALID;
+
 switch (type) {
 case T_OPEN:
 case T_CREATE:
-if (send_fd(sock, retval)  0) {
+if (qemu_send_with_fd(sock, retval, data, sizeof(data))  0) {
 return -1;
+} else {
+if (retval = 0) {
+close(retval);
+}
 }
 break;
 case T_MKNOD:
diff --git a/hw/9pfs/virtio-9p-proxy.h b/hw/9pfs/virtio-9p-proxy.h
index 005c1ad..e359ac5 100644
--- a/hw/9pfs/virtio-9p-proxy.h
+++ b/hw/9pfs/virtio-9p-proxy.h
@@ -24,11 +24,6 @@
 #define proxy_marshal(out_sg, offset, fmt, args...) \
 v9fs_marshal(out_sg, 1, offset, 0, fmt, ##args)
 
-union MsgControl {
-struct cmsghdr cmsg;
-char control[CMSG_SPACE(sizeof(int))];
-};
-
 typedef struct {
 uint32_t type;
 uint32_t size;
-- 
1.7.7.6

[Qemu-devel] [PATCHv4 0/6] ui/vnc: update optimizations

[Peter Lieven]

this series includes several optimizations for the ui/vnc guest to server and 
server to client
update cycles. comments/reviews appreciated.

v3-v4: - patch 1,4,6 unchanged
- patch 2: fix 2 missing changes from 16 - VNC_DIRTY_PIXELS_PER_BIT 
[Wenchao]
- patch 3: fixed missing roundup of width in vnc_dpy_switch [Wenchao]
- patch 3: fixed x offset calculation in vnc_refresh_server_surface
- patch 5: fixed missing roundup of width in vnc_dpy_update, cleaned up 
function
v2-v3: - fixed checkpatch warnings [Stefan]
- fixed an old coding style violation [Stefan]
v1-v2: - new patches 2,4,5
- patch3: added performance test [Anthony]
- patch3: further optimized the vnc_update_client by searching for the 
next zero bit
  with find_next_zero_bit.
- patch3: further optimized vnc_dpy_switch by using bitmap_set to mask 
bits dirty.

Peter Lieven (6):
  ui/vnc: introduce VNC_DIRTY_PIXELS_PER_BIT macro
  ui/vnc: derive cmp_bytes from VNC_DIRTY_PIXELS_PER_BIT
  ui/vnc: optimize dirty bitmap tracking
  ui/vnc: optimize clearing in find_and_clear_dirty_height()
  ui/vnc: optimize setting in vnc_dpy_update()
  ui/vnc: disable adaptive update calculations if not needed

 ui/vnc.c |  206 +++---
 ui/vnc.h |   10 ++-
 2 files changed, 127 insertions(+), 89 deletions(-)

-- 
1.7.9.5

[Qemu-devel] [PATCH 5/6] virtio-9p-proxy: replace v9fs_receivefd with qemu_recv_with_fd

[Lei Li]

Signed-off-by: Lei Li li...@linux.vnet.ibm.com
---
 hw/9pfs/virtio-9p-proxy.c |   60 ++--
 1 files changed, 3 insertions(+), 57 deletions(-)

diff --git a/hw/9pfs/virtio-9p-proxy.c b/hw/9pfs/virtio-9p-proxy.c
index 5f44bb7..f34b845 100644
--- a/hw/9pfs/virtio-9p-proxy.c
+++ b/hw/9pfs/virtio-9p-proxy.c
@@ -14,6 +14,7 @@
 #include hw/virtio/virtio.h
 #include virtio-9p.h
 #include qemu/error-report.h
+#include qemu/fd-exchange.h
 #include fsdev/qemu-fsdev.h
 #include virtio-9p-proxy.h
 
@@ -24,62 +25,6 @@ typedef struct V9fsProxy {
 struct iovec out_iovec;
 } V9fsProxy;
 
-/*
- * Return received file descriptor on success in *status.
- * errno is also returned on *status (which will be  0)
- * return  0 on transport error.
- */
-static int v9fs_receivefd(int sockfd, int *status)
-{
-struct iovec iov;
-struct msghdr msg;
-struct cmsghdr *cmsg;
-int retval, data, fd;
-union MsgControl msg_control;
-
-iov.iov_base = data;
-iov.iov_len = sizeof(data);
-
-memset(msg, 0, sizeof(msg));
-msg.msg_iov = iov;
-msg.msg_iovlen = 1;
-msg.msg_control = msg_control;
-msg.msg_controllen = sizeof(msg_control);
-
-do {
-retval = recvmsg(sockfd, msg, 0);
-} while (retval  0  errno == EINTR);
-if (retval = 0) {
-return retval;
-}
-/*
- * data is set to V9FS_FD_VALID, if ancillary data is sent.  If this
- * request doesn't need ancillary data (fd) or an error occurred,
- * data is set to negative errno value.
- */
-if (data != V9FS_FD_VALID) {
-*status = data;
-return 0;
-}
-/*
- * File descriptor (fd) is sent in the ancillary data. Check if we
- * indeed received it. One of the reasons to fail to receive it is if
- * we exceeded the maximum number of file descriptors!
- */
-for (cmsg = CMSG_FIRSTHDR(msg); cmsg; cmsg = CMSG_NXTHDR(msg, cmsg)) {
-if (cmsg-cmsg_len != CMSG_LEN(sizeof(int)) ||
-cmsg-cmsg_level != SOL_SOCKET ||
-cmsg-cmsg_type != SCM_RIGHTS) {
-continue;
-}
-fd = *((int *)CMSG_DATA(cmsg));
-*status = fd;
-return 0;
-}
-*status = -ENFILE;  /* Ancillary data sent but not received */
-return 0;
-}
-
 static ssize_t socket_read(int sockfd, void *buff, size_t size)
 {
 ssize_t retval, total = 0;
@@ -307,6 +252,7 @@ static int v9fs_request(V9fsProxy *proxy, int type,
 V9fsString *name, *value;
 V9fsString *path, *oldpath;
 struct iovec *iovec = NULL, *reply = NULL;
+int data = V9FS_FD_VALID;
 
 qemu_mutex_lock(proxy-mutex);
 
@@ -548,7 +494,7 @@ static int v9fs_request(V9fsProxy *proxy, int type,
  * A file descriptor is returned as response for
  * T_OPEN,T_CREATE on success
  */
-if (v9fs_receivefd(proxy-sockfd, retval)  0) {
+if (qemu_recv_with_fd(proxy-sockfd, retval, data, sizeof(data))  
0) {
 goto close_error;
 }
 break;
-- 
1.7.7.6

[Qemu-devel] [PATCHv4 2/6] ui/vnc: derive cmp_bytes from VNC_DIRTY_PIXELS_PER_BIT

[Peter Lieven]

this allows for setting VNC_DIRTY_PIXELS_PER_BIT to different
values than 16 if desired.

Reviewed-by: Wenchao Xia xiaw...@linux.vnet.ibm.com
Signed-off-by: Peter Lieven p...@kamp.de
---
 ui/vnc.c |2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/ui/vnc.c b/ui/vnc.c
index 0925bf2..f42398d 100644
--- a/ui/vnc.c
+++ b/ui/vnc.c
@@ -2699,7 +2699,7 @@ static int vnc_refresh_server_surface(VncDisplay *vd)
  * Check and copy modified bits from guest to server surface.
  * Update server dirty map.
  */
-cmp_bytes = 64;
+cmp_bytes = VNC_DIRTY_PIXELS_PER_BIT * VNC_SERVER_FB_BYTES;
 if (cmp_bytes  vnc_server_fb_stride(vd)) {
 cmp_bytes = vnc_server_fb_stride(vd);
 }
-- 
1.7.9.5

[Qemu-devel] [PATCH 6/6] migration-local: replace send_pipefd with qemu_send_with_fd

[Lei Li]

Signed-off-by: Lei Li li...@linux.vnet.ibm.com
---
 migration-local.c |   52 +++-
 1 files changed, 3 insertions(+), 49 deletions(-)

diff --git a/migration-local.c b/migration-local.c
index ce4c070..c01ba06 100644
--- a/migration-local.c
+++ b/migration-local.c
@@ -26,6 +26,7 @@
 #include sysemu/sysemu.h
 #include block/block.h
 #include qemu/sockets.h
+#include qemu/fd-exchange.h
 #include migration/block.h
 #include qemu/thread.h
 #include qmp-commands.h
@@ -169,8 +170,6 @@ static int qemu_local_close(void *opaque)
 return 0;
 }
 
-static int send_pipefd(int sockfd, int pipefd);
-
 static size_t qemu_local_save_ram(QEMUFile *f, void *opaque,
   MemoryRegion *mr, ram_addr_t offset,
   size_t size, int *bytes_sent)
@@ -179,13 +178,14 @@ static size_t qemu_local_save_ram(QEMUFile *f, void 
*opaque,
 ram_addr_t current_addr = mr-ram_addr + offset;
 void *ram_addr;
 ssize_t ret;
+char req[1] = { 0x01 };
 
 if (s-unix_page_flipping) {
 qemu_put_be64(s-file, current_addr | RAM_SAVE_FLAG_HOOK);
 qemu_fflush(s-file);
 
 if (!s-pipefd_passed) {
-ret = send_pipefd(s-sockfd, s-pipefd[0]);
+ret = qemu_send_with_fd(s-sockfd, s-pipefd[0], req, 
sizeof(req));
 if (ret  0) {
 fprintf(stderr, failed to pass PIPE\n);
 return ret;
@@ -342,49 +342,3 @@ fail:
 g_free(s);
 return NULL;
 }
-
-
-/*
- * Pass a pipe file descriptor to another process.
- *
- * Return negative value If pipefd  0. Return 0 on
- * success.
- *
- */
-static int send_pipefd(int sockfd, int pipefd)
-{
-struct msghdr msg;
-struct iovec iov[1];
-ssize_t ret;
-char req[1] = { 0x01 };
-
-union {
-  struct cmsghdr cm;
-  char control[CMSG_SPACE(sizeof(int))];
-} control_un;
-struct cmsghdr *cmptr;
-
-msg.msg_control = control_un.control;
-msg.msg_controllen = sizeof(control_un.control);
-
-cmptr = CMSG_FIRSTHDR(msg);
-cmptr-cmsg_len = CMSG_LEN(sizeof(int));
-cmptr-cmsg_level = SOL_SOCKET;
-cmptr-cmsg_type = SCM_RIGHTS;
-*((int *) CMSG_DATA(cmptr)) = pipefd;
-
-msg.msg_name = NULL;
-msg.msg_namelen = 0;
-
-iov[0].iov_base = req;
-iov[0].iov_len = sizeof(req);
-msg.msg_iov = iov;
-msg.msg_iovlen = 1;
-
-ret = sendmsg(sockfd, msg, 0);
-if (ret = 0) {
-DPRINTF(sendmsg error: %s\n, strerror(errno));
-}
-
-return ret;
-}
-- 
1.7.7.6

[Qemu-devel] [PATCH 1/6] qemu-fd-exchange: provide common methods for exchange fd

[Lei Li]

Signed-off-by: Lei Li li...@linux.vnet.ibm.com
---
 include/qemu/fd-exchange.h |   25 +++
 util/Makefile.objs |1 +
 util/qemu-fd-exchange.c|   97 
 3 files changed, 123 insertions(+), 0 deletions(-)
 create mode 100644 include/qemu/fd-exchange.h
 create mode 100644 util/qemu-fd-exchange.c

diff --git a/include/qemu/fd-exchange.h b/include/qemu/fd-exchange.h
new file mode 100644
index 000..6929026
--- /dev/null
+++ b/include/qemu/fd-exchange.h
@@ -0,0 +1,25 @@
+/*
+ * Internel common methods for exchange of FD
+ *
+ * This work is licensed under the terms of the GNU GPL, version 2.  See
+ * the COPYING file in the top-level directory.
+ *
+ */
+
+#ifndef FD_EXCHANGE_H
+#define FD_EXCHANGE_H
+
+#include sys/socket.h
+
+union MsgControl {
+struct cmsghdr cmsg;
+char control[CMSG_SPACE(sizeof(int))];
+};
+
+ssize_t qemu_send_with_fd(int sockfd, int passed_fd,
+  const void *buf, size_t len);
+
+ssize_t qemu_recv_with_fd(int sockfd, int *passed_fd,
+  void *buf, size_t len);
+
+#endif
diff --git a/util/Makefile.objs b/util/Makefile.objs
index af3e5cb..2fb42bf 100644
--- a/util/Makefile.objs
+++ b/util/Makefile.objs
@@ -13,3 +13,4 @@ util-obj-y += hexdump.o
 util-obj-y += crc32c.o
 util-obj-y += throttle.o
 util-obj-y += getauxval.o
+util-obj-y += qemu-fd-exchange.o
diff --git a/util/qemu-fd-exchange.c b/util/qemu-fd-exchange.c
new file mode 100644
index 000..70a3206
--- /dev/null
+++ b/util/qemu-fd-exchange.c
@@ -0,0 +1,97 @@
+/*
+ * Internel common methods for exchange of FD
+ *
+ * This work is licensed under the terms of the GNU GPL, version 2.  See
+ * the COPYING file in the top-level directory.
+ *
+ */
+
+#include qemu/fd-exchange.h
+#include qemu-common.h
+
+
+ssize_t qemu_send_with_fd(int sockfd, int passed_fd,
+  const void *buf, size_t len)
+{
+struct msghdr msg;
+struct iovec iov;
+struct cmsghdr *cmsg;
+union MsgControl msg_control;
+int retval;
+
+iov.iov_base = (int *)buf;
+iov.iov_len = len;
+
+memset(msg, 0, sizeof(msg));
+msg.msg_iov = iov;
+msg.msg_iovlen = len;
+msg.msg_control = msg_control;
+msg.msg_controllen = sizeof(msg_control);
+
+if (passed_fd  0) {
+*(int *)buf = passed_fd;
+} else {
+msg.msg_control = msg_control;
+msg.msg_controllen = sizeof(msg_control);
+
+cmsg = msg_control.cmsg;
+cmsg-cmsg_len = CMSG_LEN(sizeof(passed_fd));
+cmsg-cmsg_level = SOL_SOCKET;
+cmsg-cmsg_type = SCM_RIGHTS;
+memcpy(CMSG_DATA(cmsg), passed_fd, sizeof(passed_fd));
+
+}
+
+do {
+retval = sendmsg(sockfd, msg, 0);
+} while (retval  0  errno == EINTR);
+
+return retval;
+}
+
+ssize_t qemu_recv_with_fd(int sockfd, int *passed_fd,
+  void *buf, size_t len)
+{
+struct iovec iov;
+struct msghdr msg;
+struct cmsghdr *cmsg;
+union MsgControl msg_control;
+int retval;
+int data = *(int *)buf;
+
+iov.iov_base = buf;
+iov.iov_len = len;
+
+memset(msg, 0, sizeof(msg));
+msg.msg_iov = iov;
+msg.msg_iovlen = 1;
+msg.msg_control = msg_control;
+msg.msg_controllen = sizeof(msg_control);
+
+do {
+retval = recvmsg(sockfd, msg, 0);
+} while (retval  0  errno == EINTR);
+
+if (retval = 0) {
+return retval;
+}
+
+if (data != *(int *)buf) {
+*passed_fd = data;
+return 0;
+}
+
+for (cmsg = CMSG_FIRSTHDR(msg); cmsg; cmsg = CMSG_NXTHDR(msg, cmsg)) {
+if (cmsg-cmsg_len != CMSG_LEN(sizeof(int)) ||
+cmsg-cmsg_level != SOL_SOCKET ||
+cmsg-cmsg_type != SCM_RIGHTS) {
+continue;
+}
+
+memcpy(passed_fd, CMSG_DATA(cmsg), sizeof(*passed_fd));
+return 0;
+}
+
+*passed_fd = -ENFILE;
+return retval;
+}
-- 
1.7.7.6

[Qemu-devel] [PATCHv4 6/6] ui/vnc: disable adaptive update calculations if not needed

[Peter Lieven]

Signed-off-by: Peter Lieven p...@kamp.de
---
 ui/vnc.c |9 +
 1 file changed, 9 insertions(+)

diff --git a/ui/vnc.c b/ui/vnc.c
index da552fe..a742d32 100644
--- a/ui/vnc.c
+++ b/ui/vnc.c
@@ -3170,7 +3170,9 @@ void vnc_display_open(DisplayState *ds, const char 
*display, Error **errp)
 acl = 1;
 #endif
 } else if (strncmp(options, lossy, 5) == 0) {
+#ifdef CONFIG_VNC_JPEG
 vs-lossy = true;
+#endif
 } else if (strncmp(options, non-adaptive, 12) == 0) {
 vs-non_adaptive = true;
 } else if (strncmp(options, share=, 6) == 0) {
@@ -3187,6 +3189,13 @@ void vnc_display_open(DisplayState *ds, const char 
*display, Error **errp)
 }
 }
 
+/* adaptive updates are only used with tight encoding and
+ * if lossy updates are enabled so we can disable all the
+ * calculations otherwise */
+if (!vs-lossy) {
+vs-non_adaptive = true;
+}
+
 #ifdef CONFIG_VNC_TLS
 if (acl  x509  vs-tls.x509verify) {
 if (!(vs-tls.acl = qemu_acl_init(vnc.x509dname))) {
-- 
1.7.9.5

Re: [Qemu-devel] [PATCH v2] qdev: Keep global allocation counter per bus

[Peter Maydell]

On 8 January 2014 04:24, Andreas Färber afaer...@suse.de wrote:
 P.S. PMM, reading aarch64 above in the context of machines, I don't see
 a single check-qtest-aarch64-y line in tests/Makefile! Please enable
 qom-test if qemu-system-aarch64 is already available. Thought you just
 said it would be linux-user only for 2.0 though?

qemu-system-aarch64 will exist in 2.0 primarily for KVM's
benefit (you can run a -cpu host -mach virt VM with it). It
also supports all the 32 bit CPUs and boards as a drop-in
equivalent to qemu-system-arm.

I'll look at adding the tests.

thanks
-- PMM

[Qemu-devel] [PATCH v11 03/11] block: Replace in_use with operation blocker

[Fam Zheng]

This drops BlockDriverState.in_use with op_blockers:

  - Call bdrv_op_block_all in place of bdrv_set_in_use(bs, 1).
  - Call bdrv_op_unblock_all in place of bdrv_set_in_use(bs, 0).
  - Check bdrv_op_is_blocked() in place of bdrv_in_use(bs).
The specific types are used, e.g. in place of starting block backup,
bdrv_op_is_blocked(bs, BLOCK_OP_TYPE_BACKUP, ...).
  - Check bdrv_op_blocker_is_empty() in place of assert(!bs-in_use).

Note: there is only bdrv_op_block_all and bdrv_op_unblock_all callers at
this moment. So although the checks are specific to op types, this
changes can still be seen as identical logic with previously with
in_use. The difference is error message are improved because of blocker
error info.

Signed-off-by: Fam Zheng f...@redhat.com
---
 block-migration.c   |  7 +--
 block.c | 24 +++-
 blockdev.c  | 15 ++-
 blockjob.c  | 14 +-
 hw/block/dataplane/virtio-blk.c | 19 ---
 include/block/block.h   |  2 --
 include/block/block_int.h   |  1 -
 include/block/blockjob.h|  3 +++
 8 files changed, 42 insertions(+), 43 deletions(-)

diff --git a/block-migration.c b/block-migration.c
index 897fdba..bf9a25f 100644
--- a/block-migration.c
+++ b/block-migration.c
@@ -59,6 +59,7 @@ typedef struct BlkMigDevState {
 unsigned long *aio_bitmap;
 int64_t completed_sectors;
 BdrvDirtyBitmap *dirty_bitmap;
+Error *blocker;
 } BlkMigDevState;
 
 typedef struct BlkMigBlock {
@@ -346,7 +347,8 @@ static void init_blk_migration_it(void *opaque, 
BlockDriverState *bs)
 bmds-completed_sectors = 0;
 bmds-shared_base = block_mig_state.shared_base;
 alloc_aio_bitmap(bmds);
-bdrv_set_in_use(bs, 1);
+error_setg(bmds-blocker, block device is in use by migration);
+bdrv_op_block_all(bs, bmds-blocker);
 bdrv_ref(bs);
 
 block_mig_state.total_sector_sum += sectors;
@@ -584,7 +586,8 @@ static void blk_mig_cleanup(void)
 blk_mig_lock();
 while ((bmds = QSIMPLEQ_FIRST(block_mig_state.bmds_list)) != NULL) {
 QSIMPLEQ_REMOVE_HEAD(block_mig_state.bmds_list, entry);
-bdrv_set_in_use(bmds-bs, 0);
+bdrv_op_unblock_all(bmds-bs, bmds-blocker);
+error_free(bmds-blocker);
 bdrv_unref(bmds-bs);
 g_free(bmds-aio_bitmap);
 g_free(bmds);
diff --git a/block.c b/block.c
index 91cda9c..b122154 100644
--- a/block.c
+++ b/block.c
@@ -1621,7 +1621,6 @@ static void bdrv_move_feature_fields(BlockDriverState 
*bs_dest,
 bs_dest-refcnt = bs_src-refcnt;
 
 /* job */
-bs_dest-in_use = bs_src-in_use;
 bs_dest-job= bs_src-job;
 
 /* keep the same entry in bdrv_states */
@@ -1653,7 +1652,7 @@ void bdrv_swap(BlockDriverState *bs_new, BlockDriverState 
*bs_old)
 assert(QLIST_EMPTY(bs_new-dirty_bitmaps));
 assert(bs_new-job == NULL);
 assert(bs_new-dev == NULL);
-assert(bs_new-in_use == 0);
+assert(bdrv_op_blocker_is_empty(bs_new));
 assert(bs_new-io_limits_enabled == false);
 assert(!throttle_have_timer(bs_new-throttle_state));
 
@@ -1672,7 +1671,7 @@ void bdrv_swap(BlockDriverState *bs_new, BlockDriverState 
*bs_old)
 /* Check a few fields that should remain attached to the device */
 assert(bs_new-dev == NULL);
 assert(bs_new-job == NULL);
-assert(bs_new-in_use == 0);
+assert(bdrv_op_blocker_is_empty(bs_new));
 assert(bs_new-io_limits_enabled == false);
 assert(!throttle_have_timer(bs_new-throttle_state));
 
@@ -1709,7 +1708,7 @@ static void bdrv_delete(BlockDriverState *bs)
 {
 assert(!bs-dev);
 assert(!bs-job);
-assert(!bs-in_use);
+assert(bdrv_op_blocker_is_empty(bs));
 assert(!bs-refcnt);
 assert(QLIST_EMPTY(bs-dirty_bitmaps));
 
@@ -1891,7 +1890,8 @@ int bdrv_commit(BlockDriverState *bs)
 return -ENOTSUP;
 }
 
-if (bdrv_in_use(bs) || bdrv_in_use(bs-backing_hd)) {
+if (bdrv_op_is_blocked(bs, BLOCK_OP_TYPE_COMMIT, NULL) ||
+bdrv_op_is_blocked(bs-backing_hd, BLOCK_OP_TYPE_COMMIT, NULL)) {
 return -EBUSY;
 }
 
@@ -2924,8 +2924,9 @@ int bdrv_truncate(BlockDriverState *bs, int64_t offset)
 return -ENOTSUP;
 if (bs-read_only)
 return -EACCES;
-if (bdrv_in_use(bs))
+if (bdrv_op_is_blocked(bs, BLOCK_OP_TYPE_RESIZE, NULL)) {
 return -EBUSY;
+}
 ret = drv-bdrv_truncate(bs, offset);
 if (ret == 0) {
 ret = refresh_total_sectors(bs, offset  BDRV_SECTOR_BITS);
@@ -4705,17 +4706,6 @@ bool bdrv_op_blocker_is_empty(BlockDriverState *bs)
 return true;
 }
 
-void bdrv_set_in_use(BlockDriverState *bs, int in_use)
-{
-assert(bs-in_use != in_use);
-bs-in_use = in_use;
-}
-
-int bdrv_in_use(BlockDriverState *bs)
-{
-return bs-in_use;
-}
-
 void bdrv_iostatus_enable(BlockDriverState *bs)
 {
 bs-iostatus_enabled = 

[Qemu-devel] [PATCH v11 11/11] block: Allow backup on referenced named BlockDriverState

[Fam Zheng]

Drive backup is a read only operation on source bs. We want to allow
this specific case to enable image-fleecing. Note that when
image-fleecing job starts, the job still add its blocker to source bs,
and any other operation on it will be blocked by that.

Signed-off-by: Fam Zheng f...@redhat.com
---
 block.c | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/block.c b/block.c
index 1ceb852..c2e91a6 100644
--- a/block.c
+++ b/block.c
@@ -988,6 +988,8 @@ void bdrv_set_backing_hd(BlockDriverState *bs, 
BlockDriverState *backing_hd)
 /* Otherwise we won't be able to commit due to check in bdrv_commit */
 bdrv_op_unblock(bs-backing_hd, BLOCK_OP_TYPE_COMMIT,
 bs-backing_blocker);
+bdrv_op_unblock(bs-backing_hd, BLOCK_OP_TYPE_BACKUP_SOURCE,
+bs-backing_blocker);
 pstrcpy(bs-backing_file, sizeof(bs-backing_file),
 bs-backing_hd-file-filename);
 pstrcpy(bs-backing_format, sizeof(bs-backing_format),
-- 
1.8.5.1

[Qemu-devel] [PATCH v11 07/11] block: Parse backing option to reference existing BDS

[Fam Zheng]

Now it's safe to allow reference for backing_hd in the interface.

Signed-off-by: Fam Zheng f...@redhat.com
---
 block.c | 26 --
 1 file changed, 24 insertions(+), 2 deletions(-)

diff --git a/block.c b/block.c
index 2ccc006..ca4e362 100644
--- a/block.c
+++ b/block.c
@@ -1199,12 +1199,34 @@ int bdrv_open(BlockDriverState *bs, const char 
*filename, QDict *options,
 /* If there is a backing file, use it */
 if ((flags  BDRV_O_NO_BACKING) == 0) {
 QDict *backing_options;
+const char *backing_name;
+BlockDriverState *backing_hd;
 
+backing_name = qdict_get_try_str(options, backing);
 qdict_extract_subqdict(options, backing_options, backing.);
-ret = bdrv_open_backing_file(bs, backing_options, local_err);
-if (ret  0) {
+
+if (backing_name  qdict_size(backing_options)) {
+error_setg(local_err,
+   Option \backing\ and \backing.*\ cannot be 
+   used together);
+ret = -EINVAL;
 goto close_and_fail;
 }
+if (backing_name) {
+backing_hd = bdrv_find(backing_name);
+if (!backing_hd) {
+error_set(local_err, QERR_DEVICE_NOT_FOUND, backing_name);
+ret = -ENOENT;
+goto close_and_fail;
+}
+qdict_del(options, backing);
+bdrv_set_backing_hd(bs, backing_hd);
+} else {
+ret = bdrv_open_backing_file(bs, backing_options, local_err);
+if (ret  0) {
+goto close_and_fail;
+}
+}
 }
 
 /* Check if any unknown options were used */
-- 
1.8.5.1

[Qemu-devel] [PATCH v11 00/11] Drop in_use from BlockDriverState and enable point-in-time snapshot exporting over NBD

[Fam Zheng]

This series adds for point-in-time snapshot NBD exporting based on
blockdev-backup (variant of drive-backup with existing device as target).

We get a thin point-in-time snapshot by COW mechanism of drive-backup, and
export it through built in NBD server. The steps are as below:

 1. (SHELL) qemu-img create -f qcow2 BACKUP.qcow2 source size here

(Alternatively we can use -o backing_file=RUNNING-VM.img to omit explicitly
providing the size by ourselves, but it's risky because RUNNING-VM.qcow2 is
used r/w by guest. Whether or not setting backing file in the image file
doesn't matter, as we are going to override the backing hd in the next
step)

 2. (QMP) blockdev-add backing=source-drive file.driver=file 
file.filename=BACKUP.qcow2 id=target0 if=none driver=qcow2

(where source-drive is the running BlockDriverState name for
RUNNING-VM.img. This patch implements backing= option to override
backing_hd for added drive)

 3. (QMP) blockdev-backup device=source-drive sync=none target=target0

(this is the QMP command introduced by this series, which use a named
device as target of drive-backup)

 4. (QMP) nbd-server-add device=target0

When image fleecing done:

 1. (QMP) block-job-cancel device=source-drive

 2. (HMP) drive_del target0

 3. (SHELL) rm BACKUP.qcow2

v8 - v11: Rebased to qemu.git. Address Stefan's comments:
(sorry for sending 3 revisions in a day)

[01/11] block: Add BlockOpType enum
Change enum definition as internal.

[05/11] block: Add bdrv_set_backing_hd()
Set bs-backing_file and bs-backing_format.

[06/11] block: Add backing_blocker in BlockDriverState
Reuse bdrv_set_backing_hd().

[07/11] block: Parse backing option to reference existing BDS
Update commit message about bdrv_swap assertion removal.
Fix use-after-free.
Check for backing= and backing.file= conflict.

[08/11] block: Support dropping active in bdrv_drop_intermediate
Fix function comment.

[09/11] stream: Use bdrv_drop_intermediate and drop close_unused_images

Fam Zheng (11):
  block: Add BlockOpType enum
  block: Introduce op_blockers to BlockDriverState
  block: Replace in_use with operation blocker
  block: Move op_blocker check from block_job_create to its caller
  block: Add bdrv_set_backing_hd()
  block: Add backing_blocker in BlockDriverState
  block: Parse backing option to reference existing BDS
  block: Support dropping active in bdrv_drop_intermediate
  stream: Use bdrv_drop_intermediate and drop close_unused_images
  qmp: Add command 'blockdev-backup'
  block: Allow backup on referenced named BlockDriverState

 block-migration.c   |   7 +-
 block.c | 304 +++-
 block/backup.c  |  21 +++
 block/commit.c  |   1 +
 block/stream.c  |  28 +---
 blockdev.c  |  70 +++--
 blockjob.c  |  14 +-
 hw/block/dataplane/virtio-blk.c |  19 ++-
 include/block/block.h   |  29 +++-
 include/block/block_int.h   |   9 +-
 include/block/blockjob.h|   3 +
 qapi-schema.json|  49 +++
 qmp-commands.hx |  44 ++
 13 files changed, 444 insertions(+), 154 deletions(-)

-- 
1.8.5.1

[Qemu-devel] [PATCH v11 09/11] stream: Use bdrv_drop_intermediate and drop close_unused_images

[Fam Zheng]

This reuses the new bdrv_drop_intermediate.

Signed-off-by: Fam Zheng f...@redhat.com
---
 block/stream.c | 28 +---
 1 file changed, 1 insertion(+), 27 deletions(-)

diff --git a/block/stream.c b/block/stream.c
index 46bec7d..9cdcf0e 100644
--- a/block/stream.c
+++ b/block/stream.c
@@ -51,32 +51,6 @@ static int coroutine_fn stream_populate(BlockDriverState *bs,
 return bdrv_co_copy_on_readv(bs, sector_num, nb_sectors, qiov);
 }
 
-static void close_unused_images(BlockDriverState *top, BlockDriverState *base,
-const char *base_id)
-{
-BlockDriverState *intermediate;
-intermediate = top-backing_hd;
-
-/* Must assign before bdrv_delete() to prevent traversing dangling pointer
- * while we delete backing image instances.
- */
-top-backing_hd = base;
-
-while (intermediate) {
-BlockDriverState *unused;
-
-/* reached base */
-if (intermediate == base) {
-break;
-}
-
-unused = intermediate;
-intermediate = intermediate-backing_hd;
-unused-backing_hd = NULL;
-bdrv_unref(unused);
-}
-}
-
 static void coroutine_fn stream_run(void *opaque)
 {
 StreamBlockJob *s = opaque;
@@ -190,7 +164,7 @@ wait:
 }
 }
 ret = bdrv_change_backing_file(bs, base_id, base_fmt);
-close_unused_images(bs, base, base_id);
+bdrv_drop_intermediate(bs, bs-backing_hd, base);
 }
 
 qemu_vfree(buf);
-- 
1.8.5.1

Re: [Qemu-devel] [PATCH v2] qdev: Keep global allocation counter per bus

[Paolo Bonzini]

Il 08/01/2014 04:07, Peter Crosthwaite ha scritto:
  The crash is because of commit 7426aa7 (nand: Don't inherit from Sysbus,
  2013-06-18).   Should probably be reverted.
 
 Prefer not, under no reasonable definition is NAND a sysbus device.
 Whats the real problem here? What is TYPE_SYS_BUS_DEVICE doing WRT to
 qtree that TYPE_DEVICE is not?

The device's dev-parent_bus is main_system_bus.

Paolo

[Qemu-devel] [PATCHv4 4/6] ui/vnc: optimize clearing in find_and_clear_dirty_height()

[Peter Lieven]

The following artifical test (just the bitmap operation part) running
vnc_update_client 65536 times on a 2560x2048 surface illustrates the
performance difference:

All bits clean - vnc_update_client_new: 0.07 secs
 vnc_update_client_new2: 0.07 secs
 vnc_update_client_old: 10.98 secs

All bits dirty - vnc_update_client_new: 11.26 secs
   - vnc_update_client_new2: 0.29 secs
 vnc_update_client_old: 20.19 secs

Few bits dirty - vnc_update_client_new: 0.07 secs
   - vnc_update_client_new2: 0.07 secs
 vnc_update_client_old: 10.98 secs

vnc_update_client_new2 shows the performance of vnc_update_client
with this patch added.

Comparing with the test run of the last patch the performance
is at least unchanged while it is significantly improved
for the all bits dirty case.

Signed-off-by: Peter Lieven p...@kamp.de
---
 ui/vnc.c |5 +
 1 file changed, 1 insertion(+), 4 deletions(-)

diff --git a/ui/vnc.c b/ui/vnc.c
index 3412cdf..4117230 100644
--- a/ui/vnc.c
+++ b/ui/vnc.c
@@ -879,13 +879,10 @@ static int find_and_clear_dirty_height(struct VncState 
*vs,
 int h;
 
 for (h = 1; h  (height - y); h++) {
-int tmp_x;
 if (!test_bit(last_x, vs-dirty[y + h])) {
 break;
 }
-for (tmp_x = last_x; tmp_x  x; tmp_x++) {
-clear_bit(tmp_x, vs-dirty[y + h]);
-}
+bitmap_clear(vs-dirty[y + h], last_x, x - last_x);
 }
 
 return h;
-- 
1.7.9.5

[Qemu-devel] [PATCHv4 5/6] ui/vnc: optimize setting in vnc_dpy_update()

[Peter Lieven]

Signed-off-by: Peter Lieven p...@kamp.de
---
 ui/vnc.c |   16 +---
 1 file changed, 5 insertions(+), 11 deletions(-)

diff --git a/ui/vnc.c b/ui/vnc.c
index 4117230..da552fe 100644
--- a/ui/vnc.c
+++ b/ui/vnc.c
@@ -430,30 +430,24 @@ static int vnc_refresh_server_surface(VncDisplay *vd);
 static void vnc_dpy_update(DisplayChangeListener *dcl,
int x, int y, int w, int h)
 {
-int i;
 VncDisplay *vd = container_of(dcl, VncDisplay, dcl);
 struct VncSurface *s = vd-guest;
 int width = surface_width(vd-ds);
 int height = surface_height(vd-ds);
 
-h += y;
-
-/* round x down to ensure the loop only spans one 16-pixel block per,
-   iteration.  otherwise, if (x % 16) != 0, the last iteration may span
-   two 16-pixel blocks but we only mark the first as dirty
-*/
+/* this is needed this to ensure we updated all affected
+ * blocks if x % VNC_DIRTY_PIXELS_PER_BIT != 0 */
 w += (x % VNC_DIRTY_PIXELS_PER_BIT);
 x -= (x % VNC_DIRTY_PIXELS_PER_BIT);
 
 x = MIN(x, width);
 y = MIN(y, height);
 w = MIN(x + w, width) - x;
-h = MIN(h, height);
+h = MIN(y + h, height);
 
 for (; y  h; y++) {
-for (i = 0; i  w; i += VNC_DIRTY_PIXELS_PER_BIT) {
-set_bit((x + i) / VNC_DIRTY_PIXELS_PER_BIT, s-dirty[y]);
-}
+bitmap_set(s-dirty[y], x / VNC_DIRTY_PIXELS_PER_BIT,
+   DIV_ROUND_UP(w, VNC_DIRTY_PIXELS_PER_BIT));
 }
 }
 
-- 
1.7.9.5

[Qemu-devel] [PATCH v11 02/11] block: Introduce op_blockers to BlockDriverState

[Fam Zheng]

BlockDriverState.op_blockers is an array of lists with BLOCK_OP_TYPE_MAX
elements. Each list is a list of blockers of an operation type
(BlockOpType), that marks this BDS as currently blocked for a certain
type of operation with reason errors stored in the list. The rule of
usage is:

 * BDS user who wants to take an operation should check if there's any
   blocker of the type with bdrv_op_is_blocked().

 * BDS user who wants to block certain types of operation, should call
   bdrv_op_block (or bdrv_op_block_all to block all types of operations,
   which is similar to the existing bdrv_set_in_use()).

 * A blocker is only referenced by op_blockers, so the lifecycle is
   managed by caller, and shouldn't be lost until unblock, so typically
   a caller does these:

   - Allocate a blocker with error_setg or similar, call bdrv_op_block()
 to block some operations.
   - Hold the blocker, do his job.
   - Unblock operations that it blocked, with the same reason pointer
 passed to bdrv_op_unblock().
   - Release the blocker with error_free().

Signed-off-by: Fam Zheng f...@redhat.com
---
 block.c   | 71 +++
 include/block/block.h |  7 +
 include/block/block_int.h |  5 
 3 files changed, 83 insertions(+)

diff --git a/block.c b/block.c
index 64e7d22..91cda9c 100644
--- a/block.c
+++ b/block.c
@@ -1627,6 +1627,8 @@ static void bdrv_move_feature_fields(BlockDriverState 
*bs_dest,
 /* keep the same entry in bdrv_states */
 pstrcpy(bs_dest-device_name, sizeof(bs_dest-device_name),
 bs_src-device_name);
+memcpy(bs_dest-op_blockers, bs_src-op_blockers,
+   sizeof(bs_dest-op_blockers));
 bs_dest-list = bs_src-list;
 }
 
@@ -4634,6 +4636,75 @@ void bdrv_unref(BlockDriverState *bs)
 }
 }
 
+struct BdrvOpBlocker {
+Error *reason;
+QLIST_ENTRY(BdrvOpBlocker) list;
+};
+
+bool bdrv_op_is_blocked(BlockDriverState *bs, BlockOpType op, Error **errp)
+{
+BdrvOpBlocker *blocker;
+assert((int) op = 0  op  BLOCK_OP_TYPE_MAX);
+if (!QLIST_EMPTY(bs-op_blockers[op])) {
+blocker = QLIST_FIRST(bs-op_blockers[op]);
+if (errp) {
+*errp = error_copy(blocker-reason);
+}
+return true;
+}
+return false;
+}
+
+void bdrv_op_block(BlockDriverState *bs, BlockOpType op, Error *reason)
+{
+BdrvOpBlocker *blocker;
+assert((int) op = 0  op  BLOCK_OP_TYPE_MAX);
+
+blocker = g_malloc0(sizeof(BdrvOpBlocker));
+blocker-reason = reason;
+QLIST_INSERT_HEAD(bs-op_blockers[op], blocker, list);
+}
+
+void bdrv_op_unblock(BlockDriverState *bs, BlockOpType op, Error *reason)
+{
+BdrvOpBlocker *blocker, *next;
+assert((int) op = 0  op  BLOCK_OP_TYPE_MAX);
+QLIST_FOREACH_SAFE(blocker, bs-op_blockers[op], list, next) {
+if (blocker-reason == reason) {
+QLIST_REMOVE(blocker, list);
+g_free(blocker);
+}
+}
+}
+
+void bdrv_op_block_all(BlockDriverState *bs, Error *reason)
+{
+int i;
+for (i = 0; i  BLOCK_OP_TYPE_MAX; i++) {
+bdrv_op_block(bs, i, reason);
+}
+}
+
+void bdrv_op_unblock_all(BlockDriverState *bs, Error *reason)
+{
+int i;
+for (i = 0; i  BLOCK_OP_TYPE_MAX; i++) {
+bdrv_op_unblock(bs, i, reason);
+}
+}
+
+bool bdrv_op_blocker_is_empty(BlockDriverState *bs)
+{
+int i;
+
+for (i = 0; i  BLOCK_OP_TYPE_MAX; i++) {
+if (!QLIST_EMPTY(bs-op_blockers[i])) {
+return false;
+}
+}
+return true;
+}
+
 void bdrv_set_in_use(BlockDriverState *bs, int in_use)
 {
 assert(bs-in_use != in_use);
diff --git a/include/block/block.h b/include/block/block.h
index 2bc39fe..e6073e7 100644
--- a/include/block/block.h
+++ b/include/block/block.h
@@ -461,6 +461,13 @@ void bdrv_unref(BlockDriverState *bs);
 void bdrv_set_in_use(BlockDriverState *bs, int in_use);
 int bdrv_in_use(BlockDriverState *bs);
 
+bool bdrv_op_is_blocked(BlockDriverState *bs, BlockOpType op, Error **errp);
+void bdrv_op_block(BlockDriverState *bs, BlockOpType op, Error *reason);
+void bdrv_op_unblock(BlockDriverState *bs, BlockOpType op, Error *reason);
+void bdrv_op_block_all(BlockDriverState *bs, Error *reason);
+void bdrv_op_unblock_all(BlockDriverState *bs, Error *reason);
+bool bdrv_op_blocker_is_empty(BlockDriverState *bs);
+
 #ifdef CONFIG_LINUX_AIO
 int raw_get_aio_fd(BlockDriverState *bs);
 #else
diff --git a/include/block/block_int.h b/include/block/block_int.h
index 8b132d7..458acd6 100644
--- a/include/block/block_int.h
+++ b/include/block/block_int.h
@@ -252,6 +252,8 @@ typedef struct BlockLimits {
 int opt_transfer_length;
 } BlockLimits;
 
+typedef struct BdrvOpBlocker BdrvOpBlocker;
+
 /*
  * Note: the function bdrv_append() copies and swaps contents of
  * BlockDriverStates, so if you add new fields to this struct, please
@@ -333,6 +335,9 @@ struct BlockDriverState {
 
 QLIST_HEAD(, BdrvTrackedRequest) tracked_requests;
 
+/* 

Re: [Qemu-devel] [PATCH RFC 1/2] rng-egd: improve egd backend performance

[Amos Kong]

On Wed, Dec 18, 2013 at 11:05:14AM +0100, Giuseppe Scrivano wrote:
 Markus Armbruster arm...@redhat.com writes:
 
  Amos Kong ak...@redhat.com writes:
 
  Bugzilla: https://bugs.launchpad.net/qemu/+bug/1253563
 
  We have a requests queue to cache the random data, but the second
  will come in when the first request is returned, so we always
  only have one items in the queue. It effects the performance.
 
  This patch changes the IOthread to fill a fixed buffer with
  random data from egd socket, request_entropy() will return
  data to virtio queue if buffer has available data.
 
  (test with a fast source, disguised egd socket)
   # cat /dev/urandom | nc -l localhost 8003
   # qemu .. -chardev socket,host=localhost,port=8003,id=chr0 \
  -object rng-egd,chardev=chr0,id=rng0,buf_size=1024 \
  -device virtio-rng-pci,rng=rng0
 
bytes kb/s
--
131072 -  835
 65536 -  652
 32768 -  356
 16384 -  182
  8192 -   99
  4096 -   52
  2048 -   30
  1024 -   15
   512 -8
   256 -4
   128 -3
64 -2
 
  I'm not familiar with the rng-egd code, but perhaps my question has
  value anyway: could agressive reading ahead on a source of randomness
  cause trouble by depleting the source?
 
  Consider a server restarting a few dozen guests after reboot, where each
  guest's QEMU then tries to slurp in a couple of KiB of randomness.  How
  does this behave?

Hi Giuseppe,
 
 I hit this performance problem while I was working on RNG devices
 support in virt-manager and I also noticed that the bottleneck is in the
 egd backend that slowly response to requests.

o Current situation:
  rng-random backend reads data from non-blocking character devices
  New entropy request will be sent from guest when last request is processed,
  so the request queue can only cache one request.
  Almost all the request size is 64 bytes.
  Egd socket responses the request slowly.

o Solution 1: pre-reading, perf is improved, but cost much memory 
  In my V1 patch, I tried to add a configurable buffer to pre-read data
  from egd socket. The performance was improved but it used a big memory
  as the buffer.

o Solution 2: pre-sending request to egd socket, improve is trivial
  I did another test, we just pre-send entropy request to egd socket, not
  really read the data to a buffer.

o Solution 3: eyeless poll, not good
  Always returns an integer in rng_egd_chr_can_read(), the perf can be 
  improved to 120 kB/s, it reduce the delay caused by poll mechanism.

o Solution 4:
  Try to use the new message type to improve the response speed of egd socket

o Solution 5:
  non-block read?

 I thought as well about
 adding a buffer but to handle it trough a new message type in the EGD
 protocol.  The new message type informs the EGD daemon of the buffer
 size and that the buffer data has a lower priority that the daemon

lower priority or higher priority? we need the daemon respons our request 
quickly.

 should fill when there are no other queued requests.  Could such
 approach solve the scenario you've described?

I will try. Do you know the name of new message type? can you show me
an example?

QEMU code:
  uint8_t header[2];
  header[0] = 0x02;  /* 0x01: returns len + data, 0x02: only returns data*/
  header[1] = len;
  qemu_chr_fe_write(s-chr, header, sizeof(header));
 
 Cheers,
 Giuseppe

-- 
Amos.

[Qemu-devel] [PATCH v11 06/11] block: Add backing_blocker in BlockDriverState

[Fam Zheng]

This makes use of op_blocker and blocks all the operations except for
commit target, on each BlockDriverState-backing_hd.

The asserts for op_blocker in bdrv_swap are removed because with this
change, the target of block commit has at least the backing blocker of
its child, so the assertion is not true. Callers should do their check.

Signed-off-by: Fam Zheng f...@redhat.com
---
 block.c   | 18 ++
 include/block/block_int.h |  3 +++
 2 files changed, 17 insertions(+), 4 deletions(-)

diff --git a/block.c b/block.c
index ff25749..2ccc006 100644
--- a/block.c
+++ b/block.c
@@ -961,13 +961,22 @@ fail:
 void bdrv_set_backing_hd(BlockDriverState *bs, BlockDriverState *backing_hd)
 {
 if (bs-backing_hd) {
+assert(error_is_set(bs-backing_blocker));
+bdrv_op_unblock_all(bs-backing_hd, bs-backing_blocker);
 bdrv_unref(bs-backing_hd);
+} else if (backing_hd) {
+error_setg(bs-backing_blocker,
+   device is used as backing hd of '%s',
+   bs-device_name);
 }
 
 bs-backing_hd = backing_hd;
 if (!backing_hd) {
 bs-backing_file[0] = '\0';
 bs-backing_format[0] = '\0';
+if (error_is_set(bs-backing_blocker)) {
+error_free(bs-backing_blocker);
+}
 return;
 }
 pstrcpy(bs-backing_file, sizeof(bs-backing_file), backing_hd-filename);
@@ -975,6 +984,10 @@ void bdrv_set_backing_hd(BlockDriverState *bs, 
BlockDriverState *backing_hd)
 backing_hd-drv ? backing_hd-drv-format_name : );
 bdrv_ref(bs-backing_hd);
 
+bdrv_op_block_all(bs-backing_hd, bs-backing_blocker);
+/* Otherwise we won't be able to commit due to check in bdrv_commit */
+bdrv_op_unblock(bs-backing_hd, BLOCK_OP_TYPE_COMMIT,
+bs-backing_blocker);
 pstrcpy(bs-backing_file, sizeof(bs-backing_file),
 bs-backing_hd-file-filename);
 pstrcpy(bs-backing_format, sizeof(bs-backing_format),
@@ -1481,8 +1494,7 @@ void bdrv_close(BlockDriverState *bs)
 
 if (bs-drv) {
 if (bs-backing_hd) {
-bdrv_unref(bs-backing_hd);
-bs-backing_hd = NULL;
+bdrv_set_backing_hd(bs, NULL);
 }
 bs-drv-bdrv_close(bs);
 g_free(bs-opaque);
@@ -1674,7 +1686,6 @@ void bdrv_swap(BlockDriverState *bs_new, BlockDriverState 
*bs_old)
 assert(QLIST_EMPTY(bs_new-dirty_bitmaps));
 assert(bs_new-job == NULL);
 assert(bs_new-dev == NULL);
-assert(bdrv_op_blocker_is_empty(bs_new));
 assert(bs_new-io_limits_enabled == false);
 assert(!throttle_have_timer(bs_new-throttle_state));
 
@@ -1693,7 +1704,6 @@ void bdrv_swap(BlockDriverState *bs_new, BlockDriverState 
*bs_old)
 /* Check a few fields that should remain attached to the device */
 assert(bs_new-dev == NULL);
 assert(bs_new-job == NULL);
-assert(bdrv_op_blocker_is_empty(bs_new));
 assert(bs_new-io_limits_enabled == false);
 assert(!throttle_have_timer(bs_new-throttle_state));
 
diff --git a/include/block/block_int.h b/include/block/block_int.h
index 2f6556d..1ac17d5 100644
--- a/include/block/block_int.h
+++ b/include/block/block_int.h
@@ -341,6 +341,9 @@ struct BlockDriverState {
 BlockJob *job;
 
 QDict *options;
+
+/* The error object in use for blocking operations on backing_hd */
+Error *backing_blocker;
 };
 
 int get_tmp_filename(char *filename, int size);
-- 
1.8.5.1

[Qemu-devel] [PATCH v11 08/11] block: Support dropping active in bdrv_drop_intermediate

[Fam Zheng]

Dropping intermediate could be useful both for commit and stream, and
BDS refcnt plus bdrv_swap could do most of the job nicely. It also needs
to work with op blockers.

Signed-off-by: Fam Zheng f...@redhat.com
---
 block.c| 145 ++---
 block/commit.c |   1 +
 2 files changed, 66 insertions(+), 80 deletions(-)

diff --git a/block.c b/block.c
index ca4e362..1ceb852 100644
--- a/block.c
+++ b/block.c
@@ -2188,114 +2188,99 @@ BlockDriverState *bdrv_find_overlay(BlockDriverState 
*active,
 return overlay;
 }
 
-typedef struct BlkIntermediateStates {
-BlockDriverState *bs;
-QSIMPLEQ_ENTRY(BlkIntermediateStates) entry;
-} BlkIntermediateStates;
-
-
 /*
- * Drops images above 'base' up to and including 'top', and sets the image
- * above 'top' to have base as its backing file.
+ * Drops images above 'base' up to and including 'top', and sets new 'base'
+ * as backing_hd of top_overlay (the image orignally has 'top' as backing
+ * file). top_overlay may be NULL if 'top' is active, no such update needed.
+ * Requires that the top_overlay to 'top' is opened r/w.
  *
- * Requires that the overlay to 'top' is opened r/w, so that the backing file
- * information in 'bs' can be properly updated.
+ * 1) This will convert the following chain:
  *
- * E.g., this will convert the following chain:
- * bottom - base - intermediate - top - active
+ * ... - base - ... - top - overlay -... - active
  *
  * to
  *
- * bottom - base - active
+ * ... - base - overlay - active
  *
- * It is allowed for bottom==base, in which case it converts:
+ * 2) It is allowed for bottom==base, in which case it converts:
  *
- * base - intermediate - top - active
+ * base - ... - top - overlay - ... - active
  *
  * to
  *
- * base - active
+ * base - overlay - active
+ *
+ * 2) It also allows active==top, in which case it converts:
+ *
+ * ... - base - ... - top (active)
+ *
+ * to
+ *
+ * ... - base == active == top
+ *
+ * i.e. only base and lower remains: *top == *base when return.
+ *
+ * 3) If base==NULL, it will drop all the BDS below overlay and set its
+ * backing_hd to NULL. I.e.:
+ *
+ * base(NULL) - ... - overlay - ... - active
+ *
+ * to
  *
- * Error conditions:
- *  if active == top, that is considered an error
+ * overlay - ... - active
  *
  */
 int bdrv_drop_intermediate(BlockDriverState *active, BlockDriverState *top,
BlockDriverState *base)
 {
-BlockDriverState *intermediate;
-BlockDriverState *base_bs = NULL;
-BlockDriverState *new_top_bs = NULL;
-BlkIntermediateStates *intermediate_state, *next;
-int ret = -EIO;
-
-QSIMPLEQ_HEAD(states_to_delete, BlkIntermediateStates) states_to_delete;
-QSIMPLEQ_INIT(states_to_delete);
-
-if (!top-drv || !base-drv) {
-goto exit;
-}
-
-new_top_bs = bdrv_find_overlay(active, top);
+BlockDriverState *drop_start, *overlay;
+int ret = -EINVAL;
 
-if (new_top_bs == NULL) {
-/* we could not find the image above 'top', this is an error */
+if (!top-drv || (base  !base-drv)) {
 goto exit;
 }
-
-/* special case of new_top_bs-backing_hd already pointing to base - 
nothing
- * to do, no intermediate images */
-if (new_top_bs-backing_hd == base) {
+if (top == base) {
 ret = 0;
-goto exit;
-}
-
-intermediate = top;
-
-/* now we will go down through the list, and add each BDS we find
- * into our deletion queue, until we hit the 'base'
- */
-while (intermediate) {
-intermediate_state = g_malloc0(sizeof(BlkIntermediateStates));
-intermediate_state-bs = intermediate;
-QSIMPLEQ_INSERT_TAIL(states_to_delete, intermediate_state, entry);
-
-if (intermediate-backing_hd == base) {
-base_bs = intermediate-backing_hd;
-break;
+} else if (top == active) {
+assert(base);
+drop_start = active-backing_hd;
+bdrv_swap(active, base);
+base-backing_hd = NULL;
+bdrv_unref(drop_start);
+ret = 0;
+} else {
+/* If there's an overlay, its backing_hd points to top's BDS now,
+ * the top image is dropped but this BDS structure is kept and swapped
+ * with base, this way we keep the pointers valid after dropping top */
+overlay = bdrv_find_overlay(active, top);
+if (!overlay) {
+goto exit;
+}
+if (base) {
+ret = bdrv_change_backing_file(overlay, base-filename,
+   base-drv-format_name);
+} else {
+ret = bdrv_change_backing_file(overlay, NULL, NULL);
+}
+if (ret) {
+goto exit;
+}
+if (base) {
+drop_start = top-backing_hd;
+bdrv_swap(top, base);
+/* Break the loop formed by bdrv_swap */
+bdrv_set_backing_hd(base, NULL);
+

[Qemu-devel] [PATCH v11 04/11] block: Move op_blocker check from block_job_create to its caller

[Fam Zheng]

It makes no sense to check for any blocker on bs, we are here only
because of the mechanical conversion from in_use to op_blockers. Remove
it now, and let the callers check specific operation types. Backup and
mirror already have it, add checker to stream and commit.

Signed-off-by: Fam Zheng f...@redhat.com
---
 blockdev.c | 8 
 blockjob.c | 2 +-
 2 files changed, 9 insertions(+), 1 deletion(-)

diff --git a/blockdev.c b/blockdev.c
index 9d36775..7f305d8 100644
--- a/blockdev.c
+++ b/blockdev.c
@@ -1754,6 +1754,10 @@ void qmp_block_stream(const char *device, bool has_base,
 return;
 }
 
+if (bdrv_op_is_blocked(bs, BLOCK_OP_TYPE_STREAM, errp)) {
+return;
+}
+
 if (base) {
 base_bs = bdrv_find_backing_image(bs, base);
 if (base_bs == NULL) {
@@ -1794,6 +1798,10 @@ void qmp_block_commit(const char *device,
 return;
 }
 
+if (bdrv_op_is_blocked(bs, BLOCK_OP_TYPE_COMMIT, errp)) {
+return;
+}
+
 /* default top_bs is the active layer */
 top_bs = bs;
 
diff --git a/blockjob.c b/blockjob.c
index f1ff036..21e21c0 100644
--- a/blockjob.c
+++ b/blockjob.c
@@ -41,7 +41,7 @@ void *block_job_create(const BlockJobDriver *driver, 
BlockDriverState *bs,
 {
 BlockJob *job;
 
-if (bs-job || !bdrv_op_blocker_is_empty(bs)) {
+if (bs-job) {
 error_set(errp, QERR_DEVICE_IN_USE, bdrv_get_device_name(bs));
 return NULL;
 }
-- 
1.8.5.1

[Qemu-devel] [PATCHv4 1/6] ui/vnc: introduce VNC_DIRTY_PIXELS_PER_BIT macro

[Peter Lieven]

Signed-off-by: Peter Lieven p...@kamp.de
---
 ui/vnc.c |   65 +++---
 ui/vnc.h |6 +-
 2 files changed, 46 insertions(+), 25 deletions(-)

diff --git a/ui/vnc.c b/ui/vnc.c
index 5601cc3..0925bf2 100644
--- a/ui/vnc.c
+++ b/ui/vnc.c
@@ -442,17 +442,19 @@ static void vnc_dpy_update(DisplayChangeListener *dcl,
iteration.  otherwise, if (x % 16) != 0, the last iteration may span
two 16-pixel blocks but we only mark the first as dirty
 */
-w += (x % 16);
-x -= (x % 16);
+w += (x % VNC_DIRTY_PIXELS_PER_BIT);
+x -= (x % VNC_DIRTY_PIXELS_PER_BIT);
 
 x = MIN(x, width);
 y = MIN(y, height);
 w = MIN(x + w, width) - x;
 h = MIN(h, height);
 
-for (; y  h; y++)
-for (i = 0; i  w; i += 16)
-set_bit((x + i) / 16, s-dirty[y]);
+for (; y  h; y++) {
+for (i = 0; i  w; i += VNC_DIRTY_PIXELS_PER_BIT) {
+set_bit((x + i) / VNC_DIRTY_PIXELS_PER_BIT, s-dirty[y]);
+}
+}
 }
 
 void vnc_framebuffer_update(VncState *vs, int x, int y, int w, int h,
@@ -769,11 +771,12 @@ static void vnc_dpy_copy(DisplayChangeListener *dcl,
 y = dst_y + h - 1;
 inc = -1;
 }
-w_lim = w - (16 - (dst_x % 16));
-if (w_lim  0)
+w_lim = w - (VNC_DIRTY_PIXELS_PER_BIT - (dst_x % 
VNC_DIRTY_PIXELS_PER_BIT));
+if (w_lim  0) {
 w_lim = w;
-else
-w_lim = w - (w_lim % 16);
+} else {
+w_lim = w - (w_lim % VNC_DIRTY_PIXELS_PER_BIT);
+}
 for (i = 0; i  h; i++) {
 for (x = 0; x = w_lim;
 x += s, src_row += cmp_bytes, dst_row += cmp_bytes) {
@@ -781,10 +784,11 @@ static void vnc_dpy_copy(DisplayChangeListener *dcl,
 if ((s = w - w_lim) == 0)
 break;
 } else if (!x) {
-s = (16 - (dst_x % 16));
+s = (VNC_DIRTY_PIXELS_PER_BIT -
+(dst_x % VNC_DIRTY_PIXELS_PER_BIT));
 s = MIN(s, w_lim);
 } else {
-s = 16;
+s = VNC_DIRTY_PIXELS_PER_BIT;
 }
 cmp_bytes = s * VNC_SERVER_FB_BYTES;
 if (memcmp(src_row, dst_row, cmp_bytes) == 0)
@@ -792,7 +796,8 @@ static void vnc_dpy_copy(DisplayChangeListener *dcl,
 memmove(dst_row, src_row, cmp_bytes);
 QTAILQ_FOREACH(vs, vd-clients, next) {
 if (!vnc_has_feature(vs, VNC_FEATURE_COPYRECT)) {
-set_bit(((x + dst_x) / 16), vs-dirty[y]);
+set_bit(((x + dst_x) / VNC_DIRTY_PIXELS_PER_BIT),
+vs-dirty[y]);
 }
 }
 }
@@ -911,7 +916,7 @@ static int vnc_update_client(VncState *vs, int has_dirty)
 for (y = 0; y  height; y++) {
 int x;
 int last_x = -1;
-for (x = 0; x  width / 16; x++) {
+for (x = 0; x  width / VNC_DIRTY_PIXELS_PER_BIT; x++) {
 if (test_and_clear_bit(x, vs-dirty[y])) {
 if (last_x == -1) {
 last_x = x;
@@ -921,16 +926,22 @@ static int vnc_update_client(VncState *vs, int has_dirty)
 int h = find_and_clear_dirty_height(vs, y, last_x, x,
 height);
 
-n += vnc_job_add_rect(job, last_x * 16, y,
-  (x - last_x) * 16, h);
+n += vnc_job_add_rect(job,
+  last_x * 
VNC_DIRTY_PIXELS_PER_BIT,
+  y,
+  (x - last_x) *
+  VNC_DIRTY_PIXELS_PER_BIT,
+  h);
 }
 last_x = -1;
 }
 }
 if (last_x != -1) {
 int h = find_and_clear_dirty_height(vs, y, last_x, x, height);
-n += vnc_job_add_rect(job, last_x * 16, y,
-  (x - last_x) * 16, h);
+n += vnc_job_add_rect(job, last_x * VNC_DIRTY_PIXELS_PER_BIT,
+  y,
+  (x - last_x) * VNC_DIRTY_PIXELS_PER_BIT,
+  h);
 }
 }
 
@@ -1861,7 +1872,7 @@ static void framebuffer_update_request(VncState *vs, int 
incremental,
int w, int h)
 {
 int i;
-const size_t width = surface_width(vs-vd-ds) / 16;
+const size_t width = surface_width(vs-vd-ds) / VNC_DIRTY_PIXELS_PER_BIT;
 const size_t height = surface_height(vs-vd-ds);
 
 if (y_position  height) {
@@ -2563,7 +2574,9 @@ static int vnc_refresh_lossy_rect(VncDisplay *vd, int x, 
int y)
 
 vs-lossy_rect[sty][stx] = 0;
 

[Qemu-devel] [PATCH v11 10/11] qmp: Add command 'blockdev-backup'

[Fam Zheng]

Similar to drive-backup, but this command uses a device id as target
instead of creating/opening an image file.

Also add blocker on target bs, since the target is also a named device
now.

Signed-off-by: Fam Zheng f...@redhat.com
---
 block/backup.c   | 21 +
 blockdev.c   | 47 +++
 qapi-schema.json | 49 +
 qmp-commands.hx  | 44 
 4 files changed, 161 insertions(+)

diff --git a/block/backup.c b/block/backup.c
index 0198514..c8fe1a9 100644
--- a/block/backup.c
+++ b/block/backup.c
@@ -339,6 +339,7 @@ static void coroutine_fn backup_run(void *opaque)
 hbitmap_free(job-bitmap);
 
 bdrv_iostatus_disable(target);
+bdrv_op_unblock_all(target, job-common.blocker);
 bdrv_unref(target);
 
 block_job_completed(job-common, ret);
@@ -364,6 +365,24 @@ void backup_start(BlockDriverState *bs, BlockDriverState 
*target,
 return;
 }
 
+if (!bdrv_is_inserted(bs)) {
+error_set(errp, QERR_DEVICE_HAS_NO_MEDIUM, bs-device_name);
+return;
+}
+
+if (!bdrv_is_inserted(target)) {
+error_set(errp, QERR_DEVICE_HAS_NO_MEDIUM, target-device_name);
+return;
+}
+
+if (bdrv_op_is_blocked(bs, BLOCK_OP_TYPE_BACKUP_SOURCE, errp)) {
+return;
+}
+
+if (bdrv_op_is_blocked(target, BLOCK_OP_TYPE_BACKUP_TARGET, errp)) {
+return;
+}
+
 len = bdrv_getlength(bs);
 if (len  0) {
 error_setg_errno(errp, -len, unable to get length for '%s',
@@ -377,6 +396,8 @@ void backup_start(BlockDriverState *bs, BlockDriverState 
*target,
 return;
 }
 
+bdrv_op_block_all(target, job-common.blocker);
+
 job-on_source_error = on_source_error;
 job-on_target_error = on_target_error;
 job-target = target;
diff --git a/blockdev.c b/blockdev.c
index 7f305d8..5627e5d 100644
--- a/blockdev.c
+++ b/blockdev.c
@@ -1872,6 +1872,8 @@ void qmp_drive_backup(const char *device, const char 
*target,
 return;
 }
 
+/* Although backup_run has this check too, we need to use bs-drv below, so
+ * do an early check redundantly. */
 if (!bdrv_is_inserted(bs)) {
 error_set(errp, QERR_DEVICE_HAS_NO_MEDIUM, device);
 return;
@@ -1888,6 +1890,7 @@ void qmp_drive_backup(const char *device, const char 
*target,
 }
 }
 
+/* Early check to avoid creating target */
 if (bdrv_op_is_blocked(bs, BLOCK_OP_TYPE_BACKUP_SOURCE, errp)) {
 return;
 }
@@ -1946,6 +1949,50 @@ void qmp_drive_backup(const char *device, const char 
*target,
 }
 }
 
+void qmp_blockdev_backup(const char *device, const char *target,
+ enum MirrorSyncMode sync,
+ bool has_speed, int64_t speed,
+ bool has_on_source_error,
+ BlockdevOnError on_source_error,
+ bool has_on_target_error,
+ BlockdevOnError on_target_error,
+ Error **errp)
+{
+BlockDriverState *bs;
+BlockDriverState *target_bs;
+Error *local_err = NULL;
+
+if (!has_speed) {
+speed = 0;
+}
+if (!has_on_source_error) {
+on_source_error = BLOCKDEV_ON_ERROR_REPORT;
+}
+if (!has_on_target_error) {
+on_target_error = BLOCKDEV_ON_ERROR_REPORT;
+}
+
+bs = bdrv_find(device);
+if (!bs) {
+error_set(errp, QERR_DEVICE_NOT_FOUND, device);
+return;
+}
+
+target_bs = bdrv_find(target);
+if (!target_bs) {
+error_set(errp, QERR_DEVICE_NOT_FOUND, target);
+return;
+}
+
+bdrv_ref(target_bs);
+backup_start(bs, target_bs, speed, sync, on_source_error, on_target_error,
+ block_job_cb, bs, local_err);
+if (local_err != NULL) {
+bdrv_unref(target_bs);
+error_propagate(errp, local_err);
+}
+}
+
 #define DEFAULT_MIRROR_BUF_SIZE   (10  20)
 
 void qmp_drive_mirror(const char *device, const char *target,
diff --git a/qapi-schema.json b/qapi-schema.json
index c3c939c..2b5b9af 100644
--- a/qapi-schema.json
+++ b/qapi-schema.json
@@ -1819,6 +1819,40 @@
 '*on-target-error': 'BlockdevOnError' } }
 
 ##
+# @BlockdevBackup
+#
+# @device: the name of the device which should be copied.
+#
+# @target: the name of the backup target device.
+#
+# @sync: what parts of the disk image should be copied to the destination
+#(all the disk, only the sectors allocated in the topmost image, or
+#only new I/O).
+#
+# @speed: #optional the maximum speed, in bytes per second.
+#
+# @on-source-error: #optional the action to take on an error on the source,
+#   default 'report'.  'stop' and 'enospc' can only be used
+#   if the block device supports io-status (see BlockInfo).
+#
+# @on-target-error: #optional the action to take on an error on the target,

[Qemu-devel] [PATCHv4 3/6] ui/vnc: optimize dirty bitmap tracking

[Peter Lieven]

vnc_update_client currently scans the dirty bitmap of each client
bitwise which is a very costly operation if only few bits are dirty.
vnc_refresh_server_surface does almost the same.
this patch optimizes both by utilizing the heavily optimized
function find_next_bit to find the offset of the next dirty
bit in the dirty bitmaps.

The following artifical test (just the bitmap operation part) running
vnc_update_client 65536 times on a 2560x2048 surface illustrates the
performance difference:

All bits clean - vnc_update_client_new: 0.07 secs
 vnc_update_client_old: 10.98 secs

All bits dirty - vnc_update_client_new: 11.26 secs
 vnc_update_client_old: 20.19 secs

Few bits dirty - vnc_update_client_new: 0.08 secs
 vnc_update_client_old: 10.98 secs

The case for all bits dirty is still rather slow, this
is due to the implementation of find_and_clear_dirty_height.
This will be addresses in a separate patch.

Signed-off-by: Peter Lieven p...@kamp.de
---
 ui/vnc.c |  155 ++
 ui/vnc.h |4 ++
 2 files changed, 88 insertions(+), 71 deletions(-)

diff --git a/ui/vnc.c b/ui/vnc.c
index f42398d..3412cdf 100644
--- a/ui/vnc.c
+++ b/ui/vnc.c
@@ -572,6 +572,15 @@ void *vnc_server_fb_ptr(VncDisplay *vd, int x, int y)
 ptr += x * VNC_SERVER_FB_BYTES;
 return ptr;
 }
+/* this sets only the visible pixels of a dirty bitmap */
+#define VNC_SET_VISIBLE_PIXELS_DIRTY(bitmap, w, h) {\
+int y;\
+memset(bitmap, 0x00, sizeof(bitmap));\
+for (y = 0; y  h; y++) {\
+bitmap_set(bitmap[y], 0,\
+   DIV_ROUND_UP(w, VNC_DIRTY_PIXELS_PER_BIT));\
+} \
+}
 
 static void vnc_dpy_switch(DisplayChangeListener *dcl,
DisplaySurface *surface)
@@ -597,7 +606,9 @@ static void vnc_dpy_switch(DisplayChangeListener *dcl,
 qemu_pixman_image_unref(vd-guest.fb);
 vd-guest.fb = pixman_image_ref(surface-image);
 vd-guest.format = surface-format;
-memset(vd-guest.dirty, 0xFF, sizeof(vd-guest.dirty));
+VNC_SET_VISIBLE_PIXELS_DIRTY(vd-guest.dirty,
+ surface_width(vd-ds),
+ surface_height(vd-ds));
 
 QTAILQ_FOREACH(vs, vd-clients, next) {
 vnc_colordepth(vs);
@@ -605,7 +616,9 @@ static void vnc_dpy_switch(DisplayChangeListener *dcl,
 if (vs-vd-cursor) {
 vnc_cursor_define(vs);
 }
-memset(vs-dirty, 0xFF, sizeof(vs-dirty));
+VNC_SET_VISIBLE_PIXELS_DIRTY(vs-dirty,
+ surface_width(vd-ds),
+ surface_height(vd-ds));
 }
 }
 
@@ -891,10 +904,9 @@ static int vnc_update_client(VncState *vs, int has_dirty)
 VncDisplay *vd = vs-vd;
 VncJob *job;
 int y;
-int width, height;
+int height;
 int n = 0;
 
-
 if (vs-output.offset  !vs-audio_cap  !vs-force_update)
 /* kernel send buffers are full - drop frames to throttle */
 return 0;
@@ -910,39 +922,27 @@ static int vnc_update_client(VncState *vs, int has_dirty)
  */
 job = vnc_job_new(vs);
 
-width = MIN(pixman_image_get_width(vd-server), vs-client_width);
 height = MIN(pixman_image_get_height(vd-server), vs-client_height);
 
-for (y = 0; y  height; y++) {
-int x;
-int last_x = -1;
-for (x = 0; x  width / VNC_DIRTY_PIXELS_PER_BIT; x++) {
-if (test_and_clear_bit(x, vs-dirty[y])) {
-if (last_x == -1) {
-last_x = x;
-}
-} else {
-if (last_x != -1) {
-int h = find_and_clear_dirty_height(vs, y, last_x, x,
-height);
-
-n += vnc_job_add_rect(job,
-  last_x * 
VNC_DIRTY_PIXELS_PER_BIT,
-  y,
-  (x - last_x) *
-  VNC_DIRTY_PIXELS_PER_BIT,
-  h);
-}
-last_x = -1;
-}
-}
-if (last_x != -1) {
-int h = find_and_clear_dirty_height(vs, y, last_x, x, height);
-n += vnc_job_add_rect(job, last_x * VNC_DIRTY_PIXELS_PER_BIT,
-  y,
-  (x - last_x) * VNC_DIRTY_PIXELS_PER_BIT,
-  h);
+y = 0;
+for (;;) {
+int x, h;
+unsigned long x2;
+unsigned long offset = find_next_bit((unsigned long *) vs-dirty,
+ height * VNC_DIRTY_BPL(vs),
+ 

[Qemu-devel] [PATCH v11 01/11] block: Add BlockOpType enum

[Fam Zheng]

This adds the enum of all the operations that can be taken on a block
device.

Signed-off-by: Fam Zheng f...@redhat.com
---
 include/block/block.h | 19 +++
 1 file changed, 19 insertions(+)

diff --git a/include/block/block.h b/include/block/block.h
index 36efaea..2bc39fe 100644
--- a/include/block/block.h
+++ b/include/block/block.h
@@ -151,6 +151,25 @@ typedef struct BDRVReopenState {
 void *opaque;
 } BDRVReopenState;
 
+/*
+ * Block operation types
+ */
+typedef enum BlockOpType {
+BLOCK_OP_TYPE_BACKUP_SOURCE,
+BLOCK_OP_TYPE_BACKUP_TARGET,
+BLOCK_OP_TYPE_CHANGE,
+BLOCK_OP_TYPE_COMMIT,
+BLOCK_OP_TYPE_DATAPLANE,
+BLOCK_OP_TYPE_DRIVE_DEL,
+BLOCK_OP_TYPE_EJECT,
+BLOCK_OP_TYPE_EXTERNAL_SNAPSHOT,
+BLOCK_OP_TYPE_INTERNAL_SNAPSHOT,
+BLOCK_OP_TYPE_INTERNAL_SNAPSHOT_DELETE,
+BLOCK_OP_TYPE_MIRROR,
+BLOCK_OP_TYPE_RESIZE,
+BLOCK_OP_TYPE_STREAM,
+BLOCK_OP_TYPE_MAX,
+} BlockOpType;
 
 void bdrv_iostatus_enable(BlockDriverState *bs);
 void bdrv_iostatus_reset(BlockDriverState *bs);
-- 
1.8.5.1

[Qemu-devel] [PATCH 3/6] net/tap: replace recv_fd with qemu_recv_with_fd

[Lei Li]

Signed-off-by: Lei Li li...@linux.vnet.ibm.com
---
 net/tap.c |   40 +++-
 1 files changed, 3 insertions(+), 37 deletions(-)

diff --git a/net/tap.c b/net/tap.c
index 39c1cda..97ee2e8 100644
--- a/net/tap.c
+++ b/net/tap.c
@@ -39,6 +39,7 @@
 #include sysemu/sysemu.h
 #include qemu-common.h
 #include qemu/error-report.h
+#include qemu/fd-exchange.h
 
 #include net/tap.h
 
@@ -385,40 +386,6 @@ static int launch_script(const char *setup_script, const 
char *ifname, int fd)
 return -1;
 }
 
-static int recv_fd(int c)
-{
-int fd;
-uint8_t msgbuf[CMSG_SPACE(sizeof(fd))];
-struct msghdr msg = {
-.msg_control = msgbuf,
-.msg_controllen = sizeof(msgbuf),
-};
-struct cmsghdr *cmsg;
-struct iovec iov;
-uint8_t req[1];
-ssize_t len;
-
-cmsg = CMSG_FIRSTHDR(msg);
-cmsg-cmsg_level = SOL_SOCKET;
-cmsg-cmsg_type = SCM_RIGHTS;
-cmsg-cmsg_len = CMSG_LEN(sizeof(fd));
-msg.msg_controllen = cmsg-cmsg_len;
-
-iov.iov_base = req;
-iov.iov_len = sizeof(req);
-
-msg.msg_iov = iov;
-msg.msg_iovlen = 1;
-
-len = recvmsg(c, msg, 0);
-if (len  0) {
-memcpy(fd, CMSG_DATA(cmsg), sizeof(fd));
-return fd;
-}
-
-return len;
-}
-
 static int net_bridge_run_helper(const char *helper, const char *bridge)
 {
 sigset_t oldmask, mask;
@@ -489,12 +456,11 @@ static int net_bridge_run_helper(const char *helper, 
const char *bridge)
 
 } else if (pid  0) {
 int fd;
+char req[1] = { 0x00 };
 
 close(sv[1]);
 
-do {
-fd = recv_fd(sv[0]);
-} while (fd == -1  errno == EINTR);
+qemu_recv_with_fd(sv[0], fd, req, sizeof(req));
 
 close(sv[0]);
 
-- 
1.7.7.6

Re: [Qemu-devel] [PATCH 0/4] disas: add libvixl to support A64 disassembly

[Peter Maydell]

On 8 January 2014 06:55, Stefan Weil s...@weilnetz.de wrote:
 Am 08.01.2014 00:00, schrieb Peter Maydell:
 Some experimentation suggests it would also be possible to
 just do

 extern C {
 #include disas/bfd.h
 }

 in the C++ file. If that doesn't have any hidden gotchas I don't
 know about it looks like the nicest solution.


 Adding the extern C to include/disas/bfd.h would be even better. It
 might be possible to use the glib macros G_BEGIN_DECLS and G_END_DECLSor
 __BEGIN_DECLS and __END_DECLS from the C library for this purpose.

Depends on your point of view. I'd rather keep the C++ in the C++
files, and have QEMU's general header files be C. After all,
every prototype in that header should have C linkage: it's
the definition of print_insn_aarch64() that's the odd one out, not
its declaration.

-- PMM

[Qemu-devel] [PATCH v11 05/11] block: Add bdrv_set_backing_hd()

[Fam Zheng]

This is the common but non-trivial steps to assign or change the
backing_hd of BDS.

Signed-off-by: Fam Zheng f...@redhat.com
---
 block.c   | 34 --
 include/block/block.h |  1 +
 2 files changed, 29 insertions(+), 6 deletions(-)

diff --git a/block.c b/block.c
index b122154..ff25749 100644
--- a/block.c
+++ b/block.c
@@ -958,6 +958,29 @@ fail:
 return ret;
 }
 
+void bdrv_set_backing_hd(BlockDriverState *bs, BlockDriverState *backing_hd)
+{
+if (bs-backing_hd) {
+bdrv_unref(bs-backing_hd);
+}
+
+bs-backing_hd = backing_hd;
+if (!backing_hd) {
+bs-backing_file[0] = '\0';
+bs-backing_format[0] = '\0';
+return;
+}
+pstrcpy(bs-backing_file, sizeof(bs-backing_file), backing_hd-filename);
+pstrcpy(bs-backing_format, sizeof(bs-backing_file),
+backing_hd-drv ? backing_hd-drv-format_name : );
+bdrv_ref(bs-backing_hd);
+
+pstrcpy(bs-backing_file, sizeof(bs-backing_file),
+bs-backing_hd-file-filename);
+pstrcpy(bs-backing_format, sizeof(bs-backing_format),
+bs-backing_hd-drv-format_name);
+}
+
 /*
  * Opens the backing file for a BlockDriverState if not yet open
  *
@@ -971,6 +994,7 @@ int bdrv_open_backing_file(BlockDriverState *bs, QDict 
*options, Error **errp)
 char backing_filename[PATH_MAX];
 int back_flags, ret;
 BlockDriver *back_drv = NULL;
+BlockDriverState *backing_hd;
 Error *local_err = NULL;
 
 if (bs-backing_hd != NULL) {
@@ -994,7 +1018,7 @@ int bdrv_open_backing_file(BlockDriverState *bs, QDict 
*options, Error **errp)
sizeof(backing_filename));
 }
 
-bs-backing_hd = bdrv_new();
+backing_hd = bdrv_new();
 
 if (bs-backing_format[0] != '\0') {
 back_drv = bdrv_find_format(bs-backing_format);
@@ -1004,20 +1028,18 @@ int bdrv_open_backing_file(BlockDriverState *bs, QDict 
*options, Error **errp)
 back_flags = bs-open_flags  ~(BDRV_O_RDWR | BDRV_O_SNAPSHOT |
 BDRV_O_COPY_ON_READ);
 
-ret = bdrv_open(bs-backing_hd,
+ret = bdrv_open(backing_hd,
 *backing_filename ? backing_filename : NULL, options,
 back_flags, back_drv, local_err);
 if (ret  0) {
-bdrv_unref(bs-backing_hd);
-bs-backing_hd = NULL;
+bdrv_unref(backing_hd);
 bs-open_flags |= BDRV_O_NO_BACKING;
 error_setg(errp, Could not open backing file: %s,
error_get_pretty(local_err));
 error_free(local_err);
 return ret;
 }
-pstrcpy(bs-backing_file, sizeof(bs-backing_file),
-bs-backing_hd-file-filename);
+bdrv_set_backing_hd(bs, backing_hd);
 return 0;
 }
 
diff --git a/include/block/block.h b/include/block/block.h
index 5339f92..4ec0069 100644
--- a/include/block/block.h
+++ b/include/block/block.h
@@ -204,6 +204,7 @@ int bdrv_parse_cache_flags(const char *mode, int *flags);
 int bdrv_parse_discard_flags(const char *mode, int *flags);
 int bdrv_file_open(BlockDriverState **pbs, const char *filename,
QDict *options, int flags, Error **errp);
+void bdrv_set_backing_hd(BlockDriverState *bs, BlockDriverState *backing_hd);
 int bdrv_open_backing_file(BlockDriverState *bs, QDict *options, Error **errp);
 int bdrv_open(BlockDriverState *bs, const char *filename, QDict *options,
   int flags, BlockDriver *drv, Error **errp);
-- 
1.8.5.1

Re: [Qemu-devel] [PATCH v2] qdev: Keep global allocation counter per bus

[Andreas Färber]

Am 08.01.2014 09:13, schrieb Markus Armbruster:
 Peter Crosthwaite peter.crosthwa...@xilinx.com writes:
 
 On Wed, Jan 8, 2014 at 2:59 AM, Paolo Bonzini pbonz...@redhat.com wrote:
 Il 07/01/2014 16:12, Markus Armbruster ha scritto:
 aarch64 akita   info qtree crashes
 aarch64 borzoi  info qtree crashes
 aarch64 spitz   info qtree crashes
 aarch64 terrier info qtree crashes
 aarch64 tosainfo qtree crashes
 arm akita   info qtree crashes
 arm borzoi  info qtree crashes
 arm spitz   info qtree crashes
 arm terrier info qtree crashes
 arm tosainfo qtree crashes
 crisaxis-dev88  info qtree crashes

 The crash is because of commit 7426aa7 (nand: Don't inherit from Sysbus,
 2013-06-18).   Should probably be reverted.


 Prefer not, under no reasonable definition is NAND a sysbus device.
 Whats the real problem here? What is TYPE_SYS_BUS_DEVICE doing WRT to
 qtree that TYPE_DEVICE is not?
 
 Maybe, but our definition of sysbus has never been reasonable :)
 
 Qdev, as designed by Paul Brook, assumed the parent of a qdev is always
 a qbus and vice versa.  With the exception of the root, which has no
 parent, and is a sysbus, commonly the only one.
 
 A PCI qdev plugs into a PCI qbus, an USB qdev plugs into an USB qbus,
 and so forth.  Any qdev that doesn't really plug into a bus was made a
 sysbus device by fiat.  Sysbus is a catchall, no more.  In
 particular, it's not a bus in the hardware sense.
 
 This everything plugs into exactly one bus assumption is of course a
 gross oversimplification, and we've been working on overcoming it for
 quite some time.  It has become possible to define qdevs that aren't
 connected to a qbus.  A TYPE_DEVICE isn't.
 
 That's progress.  But progress isn't justification for not fixing crash
 bugs in monitor commands.
 
 Either you fix info qtree to cope with your change to the device
 graph, or the change needs to be reverted until somebody fixes it or it
 goes away.

Sharing a backtrace would be a start, rather than just throwing around
the word crash to justify reverting patches. :)

Andreas

-- 
SUSE LINUX Products GmbH, Maxfeldstr. 5, 90409 Nürnberg, Germany
GF: Jeff Hawn, Jennifer Guild, Felix Imendörffer; HRB 16746 AG Nürnberg

Re: [Qemu-devel] [PATCH v2] qdev: Keep global allocation counter per bus

[Paolo Bonzini]

Il 08/01/2014 14:40, Andreas Färber ha scritto:
  Either you fix info qtree to cope with your change to the device
  graph, or the change needs to be reverted until somebody fixes it or it
  goes away.
 Sharing a backtrace would be a start, rather than just throwing around
 the word crash to justify reverting patches. :)

I mentioned the root cause in the previous message: a Device cannot be
added to main_system_bus, but that's what the patch does.  The fix isn't
trivial, because most of the affected board are not even qdevified.

Paolo

Re: [Qemu-devel] [PATCH v2] qdev: Keep global allocation counter per bus

[Andreas Färber]

Am 08.01.2014 12:02, schrieb Paolo Bonzini:
 Il 08/01/2014 04:07, Peter Crosthwaite ha scritto:
 The crash is because of commit 7426aa7 (nand: Don't inherit from Sysbus,
 2013-06-18).   Should probably be reverted.

 Prefer not, under no reasonable definition is NAND a sysbus device.
 Whats the real problem here? What is TYPE_SYS_BUS_DEVICE doing WRT to
 qtree that TYPE_DEVICE is not?
 
 The device's dev-parent_bus is main_system_bus.

Meaning in turn that qdev_create() was used rather then object_new().
Simple fix. :)

Possibly already in my pending qom-next pull?

Andreas

-- 
SUSE LINUX Products GmbH, Maxfeldstr. 5, 90409 Nürnberg, Germany
GF: Jeff Hawn, Jennifer Guild, Felix Imendörffer; HRB 16746 AG Nürnberg

Re: [Qemu-devel] [PATCH v2] qdev: Keep global allocation counter per bus

[Paolo Bonzini]

Leaving only those that will be affected by the patch:

Il 07/01/2014 18:34, Markus Armbruster ha scritto:
 target  machine bus id  times
 aarch64 n800i2c-bus.0   2
 aarch64 n810i2c-bus.0   2
 arm n800i2c-bus.0   2
 arm n810i2c-bus.0   2

Devices are created explicitly on one of the two buses, using
s-mpu-i2c[0], so no change to the guest.

 aarch64 vexpress-a15virtio-mmio-bus.0   4
 aarch64 vexpress-a9 virtio-mmio-bus.0   4
 aarch64 virtvirtio-mmio-bus.0   32
 arm vexpress-a15virtio-mmio-bus.0   4
 arm vexpress-a9 virtio-mmio-bus.0   4
 arm virtvirtio-mmio-bus.0   32

With Alex's patch we get the ability to plug the device in a particular
slot.  If anyone was using virtio-mmio-bus.0 explicitly, they get the
first slot instead of the 4th or 32nd.  Bugfix.

 aarch64 xilinx-zynq-a9  usb-bus.0   2
 arm xilinx-zynq-a9  usb-bus.0   2
 mips64elfulong2eusb-bus.0   2

With Alex's patch we get the ability to plug the device in a particular
controller.  If anyone was using usb-bus.0 explicitly, they get the
other controller.  Guest visible change and not really a bugfix but it
doesn't break working configurations (the position of USB devices should
not be part of a device tree or firmware blob).  It may break migration.

 i386isapc   ide.0   2
 x86_64  isapc   ide.0   2

(Ugly) fix in Alex's patch.  The macio approach (using QOM children) is
better.  No need for a perfect fix now.

 mipsmipside.0   2
 mips64  mipside.0   2
 mips64elmipside.0   2
 mipsel  mipside.0   2

Not affected, the bus is not stored anywhere.

 ppc g3beige ide.0   2
 ppc mac99   ide.0   2
 ppc prepide.0   2
 ppc64   g3beige ide.0   2
 ppc64   mac99   ide.0   2
 ppc64   prepide.0   2

Trusting Alex's tests here.

Paolo

Re: [Qemu-devel] [PATCH v2] qdev: Keep global allocation counter per bus

[Paolo Bonzini]

Il 08/01/2014 14:53, Andreas Färber ha scritto:
 Am 08.01.2014 12:02, schrieb Paolo Bonzini:
 Il 08/01/2014 04:07, Peter Crosthwaite ha scritto:
 The crash is because of commit 7426aa7 (nand: Don't inherit from Sysbus,
 2013-06-18).   Should probably be reverted.

 Prefer not, under no reasonable definition is NAND a sysbus device.
 Whats the real problem here? What is TYPE_SYS_BUS_DEVICE doing WRT to
 qtree that TYPE_DEVICE is not?

 The device's dev-parent_bus is main_system_bus.
 
 Meaning in turn that qdev_create() was used rather then object_new().
 Simple fix. :)

Happy as usual to be shown wrong! :)

 Possibly already in my pending qom-next pull?

No, unfortunately not.

Paolo

[Qemu-devel] [RFC PATCH 0/0] binfmt script patches

[alex . bennee]

Hi,

While working on my aarch64 work I found setting up binfmt was more of
a pain than it could have been. Specifically:

* hard-coded for /usr/local installs
* no help
* no error checking

Tellingly the script doesn't seem to be used by the distros who have
rolled their own binfmt_misc stuff around qemu. I also found it hard
to figure out why things were not working so I wrote a noddy checker
script for interrogating the state of binfmt.

I'm currently using the -d mode of this script and am running qemu
directly from my source tree (with $HOME bind mounted into my chroot)
and it seems to be working well.

Any comments? Worth pushing some love to the scripts upstream?


Cheers,

--
Alex Bennée
QEMU/KVM Hacker for Linaro

[Qemu-devel] [PATCH 1/2] scripts/qemu-binfmt-conf.sh: re-factor and clean-up

[alex . bennee]

From: Alex Bennée alex.ben...@linaro.org

I was looking to set-up for development but found the script made some
hard-coded assumptions. It doesn't seem the script is used by the
distros but if it had a little more love maybe it would be ;-)

* Add usage() instructions
* Move all registering to a single function
* Check for existence of executable qemu before registering
* Add -d (devel) mode for subscribing in-src tree binaries
* error handling when setting binfmt fails
* add support for aarch64
---
 scripts/qemu-binfmt-conf.sh | 124 +---
 1 file changed, 105 insertions(+), 19 deletions(-)
 mode change 100644 = 100755 scripts/qemu-binfmt-conf.sh

diff --git a/scripts/qemu-binfmt-conf.sh b/scripts/qemu-binfmt-conf.sh
old mode 100644
new mode 100755
index 0da2618..8cfb387
--- a/scripts/qemu-binfmt-conf.sh
+++ b/scripts/qemu-binfmt-conf.sh
@@ -1,5 +1,89 @@
 #!/bin/sh
-# enable automatic i386/ARM/M68K/MIPS/SPARC/PPC/s390 program execution by the 
kernel
+# Enable automatic i386/ARM/aarch64/M68K/MIPS/SPARC/PPC/s390
+# program execution by the kernel using the binfmt_misc feature
+#
+
+# Base path for finding QEMU binary
+BINFMT_DEVEL_MODE=
+BINFMT_VERBOSE=
+BINFMT_BASE_PATH=/usr/local/bin
+
+# Print out some simple usage instructions
+usage() {
+echo Usage: `basename $0` options (-hdp)
+echo 
+This script is used to configure binfmt_misc on a system
+to automatically call QEMU when a binary that it can
+deal with is detected by the kernel.
+
+Parameters:
+-p PATH - base path to find QEMU binaries
+  (default: $BINFMT_BASE_PATH)
+-d  - developer mode, search source tree for
+  the QEMU binaries.
+-v  - more verbose output
+
+exit 1
+}
+
+# Register an individual binfmt
+#
+# Before registering the format we check for the
+# existence of the binary and if VERBOSE is set we
+# specify what exactly has been registered.
+
+register_binfmt () {
+name=$1
+qbin=$2
+binfmt_string=$3
+warning=$4
+
+if [ -n ${BINFMT_DEVEL_MODE} ]; then
+qemu_check_path=${BINFMT_BASE_PATH}/${qbin}-linux-user/qemu-${qbin}
+else
+qemu_check_path=${BINFMT_BASE_PATH}/qemu-${qbin}
+fi
+
+if [ -x $qemu_check_path ]; then
+bfmt=:$name:M::$binfmt_string:$qemu_check_path:
+echo $bfmt  /proc/sys/fs/binfmt_misc/register
+res=$?
+if [ $res != 0 ]; then
+echo Error ($res): $bfmt  /proc/sys/fs/binfmt_misc/register
+else
+if [ -n ${BINFMT_VERBOSE} ] ; then
+echo registered $qemu_check_path for $name binaries
+fi
+if [ -n $warning ]; then
+echo $warning
+fi
+fi
+fi
+}
+
+while getopts vhdp: opt
+do
+case $opt in
+h)
+usage
+;;
+p)
+BINFMT_BASE_PATH=$OPTARG
+;;
+d)
+BINFMT_DEVEL_MODE=1
+script_dir=`dirname $0`
+BINFMT_BASE_PATH=`realpath $script_dir/..`
+;;
+v)
+BINFMT_VERBOSE=1
+;;
+*)
+echo Unknown option.
+usage
+;;
+  esac
+done
 
 # load the binfmt_misc module
 if [ ! -d /proc/sys/fs/binfmt_misc ]; then
@@ -31,39 +115,41 @@ esac
 
 # register the interpreter for each cpu except for the native one
 if [ $cpu != i386 ] ; then
-echo 
':i386:M::\x7fELF\x01\x01\x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02\x00\x03\x00:\xff\xff\xff\xff\xff\xfe\xfe\xff\xff\xff\xff\xff\xff\xff\xff\xff\xfe\xff\xff\xff:/usr/local/bin/qemu-i386:'
  /proc/sys/fs/binfmt_misc/register
-echo 
':i486:M::\x7fELF\x01\x01\x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02\x00\x06\x00:\xff\xff\xff\xff\xff\xfe\xfe\xff\xff\xff\xff\xff\xff\xff\xff\xff\xfe\xff\xff\xff:/usr/local/bin/qemu-i386:'
  /proc/sys/fs/binfmt_misc/register
+register_binfmt i386 i386 
\x7fELF\x01\x01\x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02\x00\x03\x00:\xff\xff\xff\xff\xff\xfe\xfe\xff\xff\xff\xff\xff\xff\xff\xff\xff\xfe\xff\xff\xff
+register_binfmt i486 i386 
\x7fELF\x01\x01\x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02\x00\x06\x00:\xff\xff\xff\xff\xff\xfe\xfe\xff\xff\xff\xff\xff\xff\xff\xff\xff\xfe\xff\xff\xff
 fi
 if [ $cpu != alpha ] ; then
-echo 
':alpha:M::\x7fELF\x02\x01\x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02\x00\x26\x90:\xff\xff\xff\xff\xff\xfe\xfe\xff\xff\xff\xff\xff\xff\xff\xff\xff\xfe\xff\xff\xff:/usr/local/bin/qemu-alpha:'
  /proc/sys/fs/binfmt_misc/register
+register_binfmt alpha alpha 
\x7fELF\x02\x01\x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02\x00\x26\x90:\xff\xff\xff\xff\xff\xfe\xfe\xff\xff\xff\xff\xff\xff\xff\xff\xff\xfe\xff\xff\xff
 fi
 if [ $cpu != arm ] ; then
-echo   
':arm:M::\x7fELF\x01\x01\x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02\x00\x28\x00:\xff\xff\xff\xff\xff\xff\xff\x00\xff\xff\xff\xff\xff\xff\xff\xff\xfe\xff\xff\xff:/usr/local/bin/qemu-arm:'
  

[Qemu-devel] [PATCH 2/2] scripts/qemu-binfmt-check.py: a binfmt checker

[alex . bennee]

From: Alex Bennée alex.ben...@linaro.org

This script allows you to check if a given binary will match against any
of the currently registered binfmts on the system.

---

v2 (ajb):
   - cleaned up whitespace and checkpatch fixes
---
 scripts/qemu-binfmt-check.py | 109 +++
 1 file changed, 109 insertions(+)
 create mode 100755 scripts/qemu-binfmt-check.py

diff --git a/scripts/qemu-binfmt-check.py b/scripts/qemu-binfmt-check.py
new file mode 100755
index 000..c4309a5
--- /dev/null
+++ b/scripts/qemu-binfmt-check.py
@@ -0,0 +1,109 @@
+#!/usr/bin/python
+#
+# binfmt check script
+#
+# Copyright 2014 Linaro
+#
+# Authors:
+#  Alex Bennee alex.ben...@linaro.org
+#
+# This work is licensed under the terms of the GNU GPL, version 2.  See
+# the COPYING file in the top-level directory.
+
+import os
+import re
+import binascii
+
+re_int = re.compile(rinterpreter (.+)$)
+re_off = re.compile(roffset (\d+)$)
+re_magic = re.compile(rmagic ([\dabcdef]+))
+re_mask = re.compile(rmask ([\dabcdef]+))
+
+# argparse is only available in Python = 2.7
+from optparse import OptionParser
+parser = OptionParser()
+
+# list of binfmts
+binfmts = []
+
+
+def read_binfmt_spec(f):
+bfmt = {}
+with open(f) as fd:
+content = fd.readlines()
+for l in content:
+m = re_int.match(l)
+if m:
+bfmt[interpreter] = m.group(1)
+m = re_off.match(l)
+if m:
+bfmt[offset] = int(m.group(1))
+m = re_magic.match(l)
+if m:
+bfmt[magic] = binascii.unhexlify(m.group(1))
+m = re_mask.match(l)
+if m:
+bfmt[mask] = binascii.unhexlify(m.group(1))
+print loaded: %s % bfmt
+binfmts.append(bfmt)
+
+
+def load_binfmt_masks():
+binfmt_dir = /proc/sys/fs/binfmt_misc
+files = os.listdir(binfmt_dir)
+for f in files:
+if not f.startswith(status):
+fp = %s/%s % (binfmt_dir, f)
+if os.access(fp, os.R_OK):
+read_binfmt_spec(fp)
+
+
+def check_file_against_binfmt(fmt, f):
+
+Check if a file will match a given binfmt mask
+
+print checking %s % (f)
+nbytes = len(fmt[magic])
+
+fd = open(f, rb)
+fd.seek(fmt[offset])
+header = fd.read(nbytes)
+magic = fmt[magic]
+try:
+mask = fmt[mask]
+except:
+# TODO, make full mask
+return
+
+values = zip(mask, magic, header)
+failed = False
+pos = 0
+for m, g, h in values:
+mask = ord(m)
+bits_to_check = ord(h)  mask
+magic = ord(g)
+if not bits_to_check == magic:
+print failed at %d (%x, %x, %x) % (pos, mask, magic, 
bits_to_check)
+failed = True
+break
+pos += 1
+return not failed
+
+
+def check_file_against_all_binfmts(f):
+
+Check a file against the binfmt masks
+
+path = os.path.abspath(f)
+print file is %s % (path)
+for b in binfmts:
+if check_file_against_binfmt(b, path):
+print %s will use %s % (path, b[interpreter])
+break
+
+
+if __name__ == __main__:
+(opts, args) = parser.parse_args()
+load_binfmt_masks()
+for f in args:
+check_file_against_all_binfmts(f)
-- 
1.8.5.2

Re: [Qemu-devel] [PATCH] vmdk: Fix big flat extent IO

[Kevin Wolf]

Am 08.01.2014 um 02:42 hat Fam Zheng geschrieben:
 Local variable n as int64_t avoids overflow with large sector number
 calculation. See test case change for failure case.
 
 Signed-off-by: Fam Zheng f...@redhat.com

Thanks, applied to the block branch.

Kevin

Re: [Qemu-devel] [PATCH v2] qdev: Keep global allocation counter per bus

[Markus Armbruster]

Paolo Bonzini pbonz...@redhat.com writes:

 Leaving only those that will be affected by the patch:

You omitted akita, borzoi, connex, mainstone, nuri, smdkc210, spitz,
terrier, tosa, verdex, z2, s390-virtio.  Why won't they be affected?

You also omitted the machines that I can't get to start, but I'm not
overly worried by them, because they're all either Xen, where I don't
expect differences to plain x86, or ppcemb, where Alex gets to clean up
any mess he might make.

 Il 07/01/2014 18:34, Markus Armbruster ha scritto:
 target  machine bus id  times
 aarch64 n800i2c-bus.0   2
 aarch64 n810i2c-bus.0   2
 arm n800i2c-bus.0   2
 arm n810i2c-bus.0   2

 Devices are created explicitly on one of the two buses, using
 s-mpu-i2c[0], so no change to the guest.

 aarch64 vexpress-a15virtio-mmio-bus.0   4
 aarch64 vexpress-a9 virtio-mmio-bus.0   4
 aarch64 virtvirtio-mmio-bus.0   32
 arm vexpress-a15virtio-mmio-bus.0   4
 arm vexpress-a9 virtio-mmio-bus.0   4
 arm virtvirtio-mmio-bus.0   32

 With Alex's patch we get the ability to plug the device in a particular
 slot.  If anyone was using virtio-mmio-bus.0 explicitly, they get the
 first slot instead of the 4th or 32nd.  Bugfix.

Doesn't this break migration?  If yes, do we care?

 aarch64 xilinx-zynq-a9  usb-bus.0   2
 arm xilinx-zynq-a9  usb-bus.0   2
 mips64elfulong2eusb-bus.0   2

 With Alex's patch we get the ability to plug the device in a particular
 controller.  If anyone was using usb-bus.0 explicitly, they get the
 other controller.  Guest visible change and not really a bugfix but it
 doesn't break working configurations (the position of USB devices should
 not be part of a device tree or firmware blob).  It may break migration.

 i386isapc   ide.0   2
 x86_64  isapc   ide.0   2

 (Ugly) fix in Alex's patch.  The macio approach (using QOM children) is
 better.  No need for a perfect fix now.

I'm fine with Alex's ugly fix.

 mipsmipside.0   2
 mips64  mipside.0   2
 mips64elmipside.0   2
 mipsel  mipside.0   2

 Not affected, the bus is not stored anywhere.

Isn't command line use and migration affected, just like everywhere
else?

 ppc g3beige ide.0   2
 ppc mac99   ide.0   2
 ppc prepide.0   2
 ppc64   g3beige ide.0   2
 ppc64   mac99   ide.0   2
 ppc64   prepide.0   2

 Trusting Alex's tests here.

Our analysis should be recorded in the commit message.  With that done,
I could R-by the patch.

Re: [Qemu-devel] [PATCH 0/4] disas: add libvixl to support A64 disassembly

[Alex Bennée]

peter.mayd...@linaro.org writes:

 On 7 January 2014 16:51, Peter Maydell peter.mayd...@linaro.org wrote:
snip

 Another option we could consider here is only pulling in the set of source
 files we compile plus the headers they require, not the whole library. That's
snip

 for about 6600 lines total. That's a significant reduction in the amount of
 code we're carrying around; the tradeoff is that if/when we have to update
 to a new libvixl it's not quite such a simple drop-in replacement as it might
 otherwise be, since you'd need to do the trimming down of files again.
 On balance I think only taking the files we use is probably the best thing.

It also raises the question of our policy of embedding 3rd party code.
Are there any other examples other than softfloat? AFAIK thinks like the
roms use git sub-modules rather than importing things.

There is another philosophical question of why have two decoders when we
already have one (which doesn't generate assembler atm) but I suspect
have a working dis-assembler is better than none.


Cheers,

--
Alex Bennée
QEMU/KVM Hacker for Linaro

Re: [Qemu-devel] [PATCH 0/4] disas: add libvixl to support A64 disassembly

[Alex Bennée]

s...@weilnetz.de writes:

 Am 07.01.2014 17:51, schrieb Peter Maydell:
 Hi. This is a rebased and mildly cleaned up version of Claudio's
 RFC patchset from last year to add libvixl to QEMU and use it
 for A64 disassembly.

 NOTE NOTE NOTE
  * we now link with g++, not gcc (even if the target doesn't
happen to need the A64 disassembler, since it's a bit hard
to tell whether there's a C++-source .o file in the link)
  * I've tested Linux (including static link of linux-user) and
MacOS hosts, but not Windows
  * if you have a visceral dislike of the idea of C++ in the
QEMU binary now would be a good time to say OMG WTF BBQ

 For w32, C++ (currently only aarch64 executables) means loading
 additional DLL files:

text   databssdechexfilename
   91453   1636   1012  94101  16f95   
 /usr/lib/gcc/i686-w64-mingw32/4.6/libgcc_s_sjlj-1.dll
  796376  29784   3744 829904  ca9d0   
 /usr/lib/gcc/i686-w64-mingw32/4.6/libstdc++-6.dll

 They slightly increase the load time and the memory footprint (reducing
 the meory which is available for QEMU system emulation), but I think
 this can be neglected. The Windows installers will get larger of course,
 too.

 For Linux, QEMU will have new dependencies (libstdc++, maybe more) for
 the aarch64 executables. CC'ing Aurelien therefore.

Is there an argument for making this an optional component. It would be
useful to know how many users care about having access to the target
assembly. Certainly I'm only looking at it while developing TCG code. 


Cheers,

--
Alex Bennée
QEMU/KVM Hacker for Linaro

Re: [Qemu-devel] [PATCH v2] linux-user: Support the accept4 socketcall

[Riku Voipio]

Hi,

On Mon, Jan 06, 2014 at 05:15:50PM +0100, André Hentschel wrote:
 From: André Hentschel n...@dawncrow.de
 Cc: Riku Voipio riku.voi...@iki.fi
 Signed-off-by: André Hentschel n...@dawncrow.de
 ---
 See 
 https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/tree/include/uapi/linux/net.h
  for the value.

Thanks, applied to the linux-user branch. I'm still checking if there
are other linux-user patches that need submitting upstream before
sending a pull request.

Riku

 
  linux-user/syscall.c  | 16 
  linux-user/syscall_defs.h |  1 +
  2 files changed, 17 insertions(+)
 
 diff --git a/linux-user/syscall.c b/linux-user/syscall.c
 index efd1453..1a848a6 100644
 --- a/linux-user/syscall.c
 +++ b/linux-user/syscall.c
 @@ -2245,6 +2245,22 @@ static abi_long do_socketcall(int num, abi_ulong vptr)
  ret = do_accept4(sockfd, target_addr, target_addrlen, 0);
  }
  break;
 +case SOCKOP_accept4:
 +{
 +abi_ulong sockfd;
 +abi_ulong target_addr, target_addrlen;
 +int flags;
 +
 +if (get_user_ual(sockfd, vptr)
 +|| get_user_ual(target_addr, vptr + n)
 +|| get_user_ual(target_addrlen, vptr + 2 * n)
 +|| get_user_ual(flags, vptr + 3 * n)) {
 +return -TARGET_EFAULT;
 +}
 +
 +ret = do_accept4(sockfd, target_addr, target_addrlen, flags);
 +}
 +break;
  case SOCKOP_getsockname:
  {
  abi_ulong sockfd;
 diff --git a/linux-user/syscall_defs.h b/linux-user/syscall_defs.h
 index cf08db5..ae30476 100644
 --- a/linux-user/syscall_defs.h
 +++ b/linux-user/syscall_defs.h
 @@ -27,6 +27,7 @@
  #define SOCKOP_getsockopt   15
  #define SOCKOP_sendmsg  16
  #define SOCKOP_recvmsg  17
 +#define SOCKOP_accept4  18
  
  #define IPCOP_semop  1
  #define IPCOP_semget 2
 -- 
 1.8.1.2
 

Re: [Qemu-devel] [PATCH 1/2] scripts/qemu-binfmt-conf.sh: re-factor and clean-up

[Andreas Färber]

Hi,

Am 08.01.2014 15:25, schrieb alex.ben...@linaro.org:
 From: Alex Bennée alex.ben...@linaro.org
 
 I was looking to set-up for development but found the script made some
 hard-coded assumptions. It doesn't seem the script is used by the
 distros but if it had a little more love maybe it would be ;-)
 
 * Add usage() instructions
 * Move all registering to a single function
 * Check for existence of executable qemu before registering
 * Add -d (devel) mode for subscribing in-src tree binaries
 * error handling when setting binfmt fails
 * add support for aarch64
 ---
  scripts/qemu-binfmt-conf.sh | 124 
 +---
  1 file changed, 105 insertions(+), 19 deletions(-)
  mode change 100644 = 100755 scripts/qemu-binfmt-conf.sh

Apart from both patches missing a Sob, did you take a look at the
refactoring we discussed with Laurent Vivier (?) a while back?

Essentially, there's multiple ways to register this, and based on our
feedback he refactored it so that the magic strings can be retrieved
individually. Don't remember where that got stuck...

Regards
Andreas

-- 
SUSE LINUX Products GmbH, Maxfeldstr. 5, 90409 Nürnberg, Germany
GF: Jeff Hawn, Jennifer Guild, Felix Imendörffer; HRB 16746 AG Nürnberg

Re: [Qemu-devel] [PATCH 1/2] scripts/qemu-binfmt-conf.sh: re-factor and clean-up

[Alex Bennée]

afaer...@suse.de writes:

 Hi,

 Am 08.01.2014 15:25, schrieb alex.ben...@linaro.org:
 From: Alex Bennée alex.ben...@linaro.org
 
 I was looking to set-up for development but found the script made some
 hard-coded assumptions. It doesn't seem the script is used by the
 distros but if it had a little more love maybe it would be ;-)
snip

 Apart from both patches missing a Sob, did you take a look at the

I didn't think SoB was needed for RFC patches?

 refactoring we discussed with Laurent Vivier (?) a while back?

 Essentially, there's multiple ways to register this, and based on our
 feedback he refactored it so that the magic strings can be retrieved
 individually. Don't remember where that got stuck...

I wasn't aware of this. I'll go and have a look through the archives. Thanks.


 Regards
 Andreas

-- 
Alex Bennée

Re: [Qemu-devel] [PATCH] Docs: Introduce multiport serial support in qemupciserial.inf

[Yan Vugenfirer]

On Jan 7, 2014, at 4:45 PM, Paolo Bonzini pbonz...@redhat.com wrote:

 Il 05/01/2014 16:04, Miki Mishael ha scritto:
 Support for pci-serial-2x and pci-serial-4x added to inf file.
 Standard Windows driver mf.sys used to split single function
 device into per-port nodes.
 
 Signed-off-by: Miki Mishael mmish...@redhat.com
 Signed-off-by: Dmitry Fleytman dfley...@redhat.com
 ---
 docs/qemupciserial.inf | 227 
 ++---
 1 file changed, 140 insertions(+), 87 deletions(-)
 
 diff --git a/docs/qemupciserial.inf b/docs/qemupciserial.inf
 index 3474310..c6988b9 100644
 --- a/docs/qemupciserial.inf
 +++ b/docs/qemupciserial.inf
 @@ -11,99 +11,152 @@
 ; (Com+Lpt) from the list.  Click Have a disk.  Select this file.
 ; Procedure may vary a bit depending on the windows version.
 
 -; FIXME: This file covers the single port version only.
 +; This file covers all options: pci-serial, pci-serial-2x, pci-serial-4x
 +; for both 32 and 64 bit platforms.
 
 [Version]
 -Signature=$CHICAGO$
 -Class=Ports
 -ClassGuid={4D36E978-E325-11CE-BFC1-08002BE10318}
 +Signature=$Windows NT$
 +Class=MultiFunction
 +ClassGUID={4d36e971-e325-11ce-bfc1-08002be10318}
 Provider=%QEMU%
 -DriverVer=09/24/2012,1.3.0
 -
 -[SourceDisksNames]
 -3426=windows cd
 -
 -[SourceDisksFiles]
 -serial.sys  = 3426
 -serenum.sys = 3426
 -
 -[DestinationDirs]
 -DefaultDestDir  = 11;LDID_SYS
 -ComPort.NT.Copy = 12;DIRID_DRIVERS
 -SerialEnumerator.NT.Copy=12 ;DIRID_DRIVERS
 -
 -; Drivers
 -;--
 +DriverVer=12/29/2013,1.3.0
 +[ControlFlags]
 +ExcludeFromSelect=*
 [Manufacturer]
 -%QEMU%=QEMU,NTx86
 +%QEMU%=QEMU,NTx86,NTAMD64
 
 [QEMU.NTx86]
 -%QEMU-PCI_SERIAL.DeviceDesc% = ComPort, PCI\VEN_1b36DEV_0002CC_0700
 +%QEMU-PCI_SERIAL_1_PORT%=ComPort_inst1, 
 PCI\VEN_1B36DEV_0002SUBSYS_11001AF4REV_01
 +%QEMU-PCI_SERIAL_2_PORT%=ComPort_inst2, 
 PCI\VEN_1B36DEV_0003SUBSYS_11001AF4REV_01
 +%QEMU-PCI_SERIAL_4_PORT%=ComPort_inst4, 
 PCI\VEN_1B36DEV_0004SUBSYS_11001AF4REV_01
 
 I think checking the subsystem is not necessary (and I think downstreams
 could legitimately change it).  Can you check CC and REV but not SUBSYS?

PNP ID can be reduced to vendor and device ID only, for example: 
PCI\VEN_1B36DEV_0002 . But in this case we cannot check revision.

Yan.

 
 Otherwise I cannot pretend I know what's going on, but it makes sense. :)
 
 Paolo

Re: [Qemu-devel] [PATCH v2] qdev: Keep global allocation counter per bus

[Paolo Bonzini]

Il 08/01/2014 15:35, Markus Armbruster ha scritto:
 Paolo Bonzini pbonz...@redhat.com writes:
 
 Leaving only those that will be affected by the patch:
 
 You omitted akita, borzoi, connex, mainstone, nuri, smdkc210, spitz,
 terrier, tosa, verdex, z2, s390-virtio.  Why won't they be affected?

Because the dup bus names are hardcoded in the board:

i2cbus = i2c_init_bus(dev, dummy);

or in the device:

s-spi = g_new(SSIBus *, s-num_busses);
for (i = 0; i  s-num_busses; ++i) {
char bus_name[16];
snprintf(bus_name, 16, spi%d, i);
s-spi[i] = ssi_create_bus(dev, bus_name);
}

Only dups of the xyzzy.NN form have their bus names created by qdev
core.  For other buses this patch changes nothing (neither for better,
nor for worse).

 You also omitted the machines that I can't get to start, but I'm not
 overly worried by them, because they're all either Xen, where I don't
 expect differences to plain x86, or ppcemb, where Alex gets to clean up
 any mess he might make.

Right.  In particular xenfv is just a PIIX PC, plus the (non qdev) Xen
PV bus.  And xenpv is just the Xen PV bus.

 Il 07/01/2014 18:34, Markus Armbruster ha scritto:
 target  machine bus id  times
 aarch64 n800i2c-bus.0   2
 aarch64 n810i2c-bus.0   2
 arm n800i2c-bus.0   2
 arm n810i2c-bus.0   2

 Devices are created explicitly on one of the two buses, using
 s-mpu-i2c[0], so no change to the guest.

 aarch64 vexpress-a15virtio-mmio-bus.0   4
 aarch64 vexpress-a9 virtio-mmio-bus.0   4
 aarch64 virtvirtio-mmio-bus.0   32
 arm vexpress-a15virtio-mmio-bus.0   4
 arm vexpress-a9 virtio-mmio-bus.0   4
 arm virtvirtio-mmio-bus.0   32

 With Alex's patch we get the ability to plug the device in a particular
 slot.  If anyone was using virtio-mmio-bus.0 explicitly, they get the
 first slot instead of the 4th or 32nd.  Bugfix.
 
 Doesn't this break migration?  If yes, do we care?

I don't know for sure, but probably not.  sysbus doesn't implement
get_dev_path, so it relies on the old instance_id mechanism to
distinguish devices.  instance_id is unreliable in general (e.g. with
hotplug), but for command-lines and no hot-plug/hot-unplug it should
work.  You do have to be careful and specify bus=virtio-mmio-bus.31 on
the destination if you used bus=virtio-mmio-bus.0 on the source.

BTW if you didn't use bus=virtio-mmio-bus.0, nothing changes because the
logic in qbus_find_recursive is unaffected.

 mipsmipside.0   2
 mips64  mipside.0   2
 mips64elmipside.0   2
 mipsel  mipside.0   2

 Not affected, the bus is not stored anywhere.
 
 Isn't command line use and migration affected, just like everywhere
 else?

Right, command-line use of ide.0.  Bugfix as in Alex's PPC case, because
makes everything else consistent with PCI IDE which is the only place
where bus=ide.N worked.

Migration is not affected unless you used ide.0 on the command line.  In
other words, migration from old -drive if=ide,bus=N to new -drive
if=none ... -device ...,bus=ide.N should work.

 ppc g3beige ide.0   2
 ppc mac99   ide.0   2
 ppc prepide.0   2
 ppc64   g3beige ide.0   2
 ppc64   mac99   ide.0   2
 ppc64   prepide.0   2

 Trusting Alex's tests here.
 
 Our analysis should be recorded in the commit message.  With that done,
 I could R-by the patch.

Alex, can you spin v3 with a new commit message?

Paolo

Re: [Qemu-devel] [PATCH 0/4] disas: add libvixl to support A64 disassembly

[Peter Maydell]

On 8 January 2014 14:51, Alex Bennée alex.ben...@linaro.org wrote:
 Is there an argument for making this an optional component. It would be
 useful to know how many users care about having access to the target
 assembly. Certainly I'm only looking at it while developing TCG code.

If you really don't want the dep you can configure with '--cxx=', and then
we'll fall back to no C++ compiler, don't build C++-only bits.

One of my aims here is that I don't particularly want the A64
translator to be a second class citizen in terms of what features
it supports. Debug logs are generally useful (which is why they're
present) and being able to have end users grab a debug log is
nice for tracking down issues sometimes.

thanks
-- PMM

Re: [Qemu-devel] [PATCH] Docs: Introduce multiport serial support in qemupciserial.inf

[Paolo Bonzini]

Il 08/01/2014 16:07, Yan Vugenfirer ha scritto:

 +%QEMU-PCI_SERIAL_1_PORT%=ComPort_inst1,
 PCI\VEN_1B36DEV_0002SUBSYS_11001AF4REV_01
 +%QEMU-PCI_SERIAL_2_PORT%=ComPort_inst2,
 PCI\VEN_1B36DEV_0003SUBSYS_11001AF4REV_01
 +%QEMU-PCI_SERIAL_4_PORT%=ComPort_inst4,
 PCI\VEN_1B36DEV_0004SUBSYS_11001AF4REV_01

 I think checking the subsystem is not necessary (and I think downstreams
 could legitimately change it).  Can you check CC and REV but not SUBSYS?
 
 PNP ID can be reduced to vendor and device ID only, for example:
 PCI\VEN_1B36DEV_0002 . But in this case we cannot check revision.

Gerd, Michael, what do you think is better?  Not check revision, or
enforcing subsystem?

Paolo

[Qemu-devel] [PATCH 1/5] object_add: consolidate error handling

[Igor Mammedov]

Signed-off-by: Igor Mammedov imamm...@redhat.com
---
 qmp.c |   10 ++
 1 files changed, 6 insertions(+), 4 deletions(-)

diff --git a/qmp.c b/qmp.c
index 0f46171..a67e0c4 100644
--- a/qmp.c
+++ b/qmp.c
@@ -549,15 +549,17 @@ void object_add(const char *type, const char *id, const 
QDict *qdict,
 for (e = qdict_first(qdict); e; e = qdict_next(qdict, e)) {
 object_property_set(obj, v, e-key, local_err);
 if (local_err) {
-error_propagate(errp, local_err);
-object_unref(obj);
-return;
+goto out;
 }
 }
 }
 
 object_property_add_child(container_get(object_get_root(), /objects),
-  id, obj, errp);
+  id, obj, local_err);
+out:
+if (local_err) {
+error_propagate(errp, local_err);
+}
 object_unref(obj);
 }
 
-- 
1.7.1

[Qemu-devel] [PATCH 3/5] virtio_rng: use object_realize interface instead of calling backend API

[Igor Mammedov]

Signed-off-by: Igor Mammedov imamm...@redhat.com
---
 backends/rng.c |   17 +++--
 hw/virtio/virtio-rng.c |   15 +--
 include/sysemu/rng.h   |   11 ---
 3 files changed, 24 insertions(+), 19 deletions(-)

diff --git a/backends/rng.c b/backends/rng.c
index 85cb83f..a7a7b7f 100644
--- a/backends/rng.c
+++ b/backends/rng.c
@@ -12,6 +12,7 @@
 
 #include sysemu/rng.h
 #include qapi/qmp/qerror.h
+#include qom/object_interfaces.h
 
 void rng_backend_request_entropy(RngBackend *s, size_t size,
  EntropyReceiveFunc *receive_entropy,
@@ -40,9 +41,9 @@ static bool rng_backend_prop_get_opened(Object *obj, Error 
**errp)
 return s-opened;
 }
 
-void rng_backend_open(RngBackend *s, Error **errp)
+static void rng_backend_realize(ObjectRealizeInterface *objif, Error **errp)
 {
-object_property_set_bool(OBJECT(s), true, opened, errp);
+object_property_set_bool(OBJECT(objif), true, opened, errp);
 }
 
 static void rng_backend_prop_set_opened(Object *obj, bool value, Error **errp)
@@ -76,13 +77,25 @@ static void rng_backend_init(Object *obj)
  NULL);
 }
 
+static void rng_backend_class_init(ObjectClass *oc, void *data)
+{
+ObjectRealizeInterfaceClass *oric = OBJECT_REALIZE_INTERFACE_CLASS(oc);
+
+oric-realize = rng_backend_realize;
+}
+
 static const TypeInfo rng_backend_info = {
 .name = TYPE_RNG_BACKEND,
 .parent = TYPE_OBJECT,
 .instance_size = sizeof(RngBackend),
 .instance_init = rng_backend_init,
 .class_size = sizeof(RngBackendClass),
+.class_init = rng_backend_class_init,
 .abstract = true,
+.interfaces = (InterfaceInfo[]) {
+{ TYPE_OBJECT_REALIZE_INTERFACE },
+{ }
+}
 };
 
 static void register_types(void)
diff --git a/hw/virtio/virtio-rng.c b/hw/virtio/virtio-rng.c
index 755fdee..e06875a 100644
--- a/hw/virtio/virtio-rng.c
+++ b/hw/virtio/virtio-rng.c
@@ -15,6 +15,7 @@
 #include hw/virtio/virtio.h
 #include hw/virtio/virtio-rng.h
 #include sysemu/rng.h
+#include qom/object_interfaces.h
 
 static bool is_guest_ready(VirtIORNG *vrng)
 {
@@ -148,6 +149,14 @@ static void virtio_rng_device_realize(DeviceState *dev, 
Error **errp)
 if (vrng-conf.rng == NULL) {
 vrng-conf.default_backend = RNG_RANDOM(object_new(TYPE_RNG_RANDOM));
 
+call_object_realize_interface(OBJECT(vrng-conf.default_backend),
+  local_err);
+if (local_err) {
+error_propagate(errp, local_err);
+object_unref(OBJECT(vrng-conf.default_backend));
+return;
+}
+
 object_property_add_child(OBJECT(dev),
   default-backend,
   OBJECT(vrng-conf.default_backend),
@@ -166,12 +175,6 @@ static void virtio_rng_device_realize(DeviceState *dev, 
Error **errp)
 return;
 }
 
-rng_backend_open(vrng-rng, local_err);
-if (local_err) {
-error_propagate(errp, local_err);
-return;
-}
-
 vrng-vq = virtio_add_queue(vdev, 8, handle_input);
 
 assert(vrng-conf.max_bytes = INT64_MAX);
diff --git a/include/sysemu/rng.h b/include/sysemu/rng.h
index 7637fac..0a27c9b 100644
--- a/include/sysemu/rng.h
+++ b/include/sysemu/rng.h
@@ -79,15 +79,4 @@ void rng_backend_request_entropy(RngBackend *s, size_t size,
  * to stop tracking any request.
  */
 void rng_backend_cancel_requests(RngBackend *s);
-
-/**
- * rng_backend_open:
- * @s: the backend to open
- * @errp: a pointer to return the #Error object if an error occurs.
- *
- * This function will open the backend if it is not already open.  Calling this
- * function on an already opened backend will not result in an error.
- */
-void rng_backend_open(RngBackend *s, Error **errp);
-
 #endif
-- 
1.7.1

[Qemu-devel] [PATCH 5/5] -object/object-add: use custom default object location if provided

[Igor Mammedov]

Add a optional OBJECT_PATH_INTERFACE, that will allow to set custom
container path if object's type implements this interface.

Signed-off-by: Igor Mammedov imamm...@redhat.com
---
it will be used for memdev backend to so that
 -object membackendX,id=memdevY
could create object with path /backends/memdev/memdevY,
grouping similar objects in one place and not clattering /objects
container.

it also could be used for iothread backend, which could use -object
instead of custom -iothread option.
---
 include/qom/object_interfaces.h |   43 +++
 qmp.c   |   14 ++--
 qom/object_interfaces.c |   24 +
 vl.c|5 +++-
 4 files changed, 82 insertions(+), 4 deletions(-)

diff --git a/include/qom/object_interfaces.h b/include/qom/object_interfaces.h
index 8a42d46..9c4b4b3 100644
--- a/include/qom/object_interfaces.h
+++ b/include/qom/object_interfaces.h
@@ -50,4 +50,47 @@ typedef struct ObjectRealizeInterfaceClass {
  * implements OBJECT_REALIZE_INTERFACE, otherwise the call does nothing.
  */
 void call_object_realize_interface(Object *obj, Error **errp);
+
+
+#define TYPE_OBJECT_PATH_INTERFACE object-path-interface
+
+#define OBJECT_PATH_INTERFACE_CLASS(klass) \
+ OBJECT_CLASS_CHECK(ObjectPathInterfaceClass, (klass), \
+TYPE_OBJECT_PATH_INTERFACE)
+#define OBJECT_PATH_INTERFACE_GET_CLASS(obj) \
+ OBJECT_GET_CLASS(ObjectPathInterfaceClass, (obj), \
+  TYPE_OBJECT_PATH_INTERFACE)
+#define OBJECT_PATH_INTERFACE(obj) \
+ INTERFACE_CHECK(ObjectPathInterface, (obj), \
+ TYPE_OBJECT_PATH_INTERFACE)
+
+typedef struct ObjectPathInterface {
+/* private */
+Object Parent;
+} ObjectPathInterface;
+
+/**
+ * ObjectPathInterfaceClass:
+ * @parent_class: the base class
+ * @default_parent: returns default parent path
+ *
+ * Interface is designed to work with -object/object-add/object_add
+ * commands and provides an optional ability for object to
+ * provide its default location in QOM tree.
+ */
+typedef struct ObjectPathInterfaceClass {
+/* private */
+InterfaceClass parent_class;
+
+const char *(*default_parent)(ObjectPathInterface *obj);
+} ObjectPathInterfaceClass;
+
+/**
+ * object_default_parent_path:
+ * @obj: the object default_parent() method is called
+ *
+ * Wrapper to call default_parent() method if type implements
+ * OBJECT_PATH_INTERFACE, returns default parent path.
+ */
+const char *object_default_parent_path(Object *obj);
 #endif
diff --git a/qmp.c b/qmp.c
index 3ed78cd..53ee026 100644
--- a/qmp.c
+++ b/qmp.c
@@ -539,6 +539,7 @@ void object_add(const char *type, const char *id, const 
QDict *qdict,
 Object *obj;
 const QDictEntry *e;
 Error *local_err = NULL;
+const char *default_path;
 
 if (!object_class_by_name(type)) {
 error_setg(errp, invalid class name);
@@ -560,7 +561,9 @@ void object_add(const char *type, const char *id, const 
QDict *qdict,
 goto out;
 }
 
-object_property_add_child(container_get(object_get_root(), /objects),
+default_path = object_default_parent_path(obj);
+default_path = default_path ? default_path : /objects;
+object_property_add_child(container_get(object_get_root(), default_path),
   id, obj, local_err);
 out:
 if (local_err) {
@@ -603,13 +606,18 @@ out:
 void qmp_object_del(const char *id, Error **errp)
 {
 Object *container;
+bool ambiguous;
 Object *obj;
 
-container = container_get(object_get_root(), /objects);
-obj = object_resolve_path_component(container, id);
+obj = object_resolve_path(id, ambiguous);
 if (!obj) {
 error_setg(errp, object id not found);
 return;
 }
+if (ambiguous) {
+error_setg(errp, object id is ambiguous, use absolute
+  QOM path to specify the object);
+return;
+}
 object_unparent(obj);
 }
diff --git a/qom/object_interfaces.c b/qom/object_interfaces.c
index d2aa722..66eb052 100644
--- a/qom/object_interfaces.c
+++ b/qom/object_interfaces.c
@@ -18,6 +18,23 @@ void call_object_realize_interface(Object *obj, Error **errp)
 }
 }
 
+const char *object_default_parent_path(Object *obj)
+{
+ObjectPathInterface *opi;
+ObjectPathInterfaceClass *opic;
+
+opi = (ObjectPathInterface *)
+object_dynamic_cast(obj, TYPE_OBJECT_PATH_INTERFACE);
+if (!opi) {
+return NULL;
+}
+
+opic = OBJECT_PATH_INTERFACE_GET_CLASS(opi);
+if (opic-default_parent) {
+return opic-default_parent(opi);
+}
+return NULL;
+}
 
 static void register_types(void)
 {
@@ -27,7 +44,14 @@ static void register_types(void)
 .class_size = sizeof(ObjectRealizeInterfaceClass),
 };
 
+static const TypeInfo path_interface_info = {
+.name  = TYPE_OBJECT_PATH_INTERFACE,
+.parent= TYPE_INTERFACE,
+  

[Qemu-devel] [PATCH 2/5] add optional 2nd stage initialization to -object/object-add/object_add commands

[Igor Mammedov]

Provides an ability to do an optional second stage initialization
of an object created with -object/object-add/object_add commands.

Patch adds interface that provides realize() callback, which is
called after the object properties were set upon completion of
-object/object-add/object_add command, if the type implements
OBJECT_REALIZE_INTERFACE.

It allows to:
 * generalize second stage backend initialization instead of adding
   custom APIs to perform it
 * early error detection of backend initialization at -object/
   object-add/object_add time rather than through a proxy DEVICE
   object that tries to use backend.

Signed-off-by: Igor Mammedov imamm...@redhat.com
---
Next patch will convert virtio_rng to a new interface as an example.
The same interface will be useful for memory backend.
---
 include/qom/object_interfaces.h |   53 +++
 qmp.c   |6 
 qom/Makefile.objs   |1 +
 qom/object_interfaces.c |   33 
 vl.c|   14 ++
 5 files changed, 107 insertions(+), 0 deletions(-)
 create mode 100644 include/qom/object_interfaces.h
 create mode 100644 qom/object_interfaces.c

diff --git a/include/qom/object_interfaces.h b/include/qom/object_interfaces.h
new file mode 100644
index 000..8a42d46
--- /dev/null
+++ b/include/qom/object_interfaces.h
@@ -0,0 +1,53 @@
+#ifndef OBJECT_INTERFACES_H
+#define OBJECT_INTERFACES_H
+
+#include qom/object.h
+
+#define TYPE_OBJECT_REALIZE_INTERFACE object-realize-interface
+
+#define OBJECT_REALIZE_INTERFACE_CLASS(klass) \
+ OBJECT_CLASS_CHECK(ObjectRealizeInterfaceClass, (klass), \
+TYPE_OBJECT_REALIZE_INTERFACE)
+#define OBJECT_REALIZE_INTERFACE_GET_CLASS(obj) \
+ OBJECT_GET_CLASS(ObjectRealizeInterfaceClass, (obj), \
+  TYPE_OBJECT_REALIZE_INTERFACE)
+#define OBJECT_REALIZE_INTERFACE(obj) \
+ INTERFACE_CHECK(ObjectRealizeInterface, (obj), \
+ TYPE_OBJECT_REALIZE_INTERFACE)
+
+
+typedef struct ObjectRealizeInterface {
+/* private */
+Object Parent;
+} ObjectRealizeInterface;
+
+/**
+ * ObjectRealizeInterfaceClass:
+ * @parent_class: the base class
+ * @realize: callback to be called after @obj's properties are set.
+ *
+ * Interface is designed to work with -object/object-add/object_add
+ * commands and provides an optional ability to do the second stage
+ * initialization of the object after its properties were set.
+ *
+ * For objects created without using -object/object-add/object_add,
+ * @call_object_realize_interface should be called manually if object's
+ * type implements OBJECT_REALIZE_INTERFACE.
+ */
+typedef struct ObjectRealizeInterfaceClass {
+/* private */
+InterfaceClass parent_class;
+
+void (*realize)(ObjectRealizeInterface *obj, Error **errp);
+} ObjectRealizeInterfaceClass;
+
+/**
+ * call_object_realize_interface:
+ * @obj: the object whose realize() method is called
+ * @errp: if an error occurs, a pointer to an area to store the error
+ *
+ * Wrapper to call realize() method if one of obj's types
+ * implements OBJECT_REALIZE_INTERFACE, otherwise the call does nothing.
+ */
+void call_object_realize_interface(Object *obj, Error **errp);
+#endif
diff --git a/qmp.c b/qmp.c
index a67e0c4..3ed78cd 100644
--- a/qmp.c
+++ b/qmp.c
@@ -27,6 +27,7 @@
 #include qapi/qmp/qobject.h
 #include qapi/qmp-input-visitor.h
 #include hw/boards.h
+#include qom/object_interfaces.h
 
 NameInfo *qmp_query_name(Error **errp)
 {
@@ -554,6 +555,11 @@ void object_add(const char *type, const char *id, const 
QDict *qdict,
 }
 }
 
+call_object_realize_interface(obj, local_err);
+if (local_err) {
+goto out;
+}
+
 object_property_add_child(container_get(object_get_root(), /objects),
   id, obj, local_err);
 out:
diff --git a/qom/Makefile.objs b/qom/Makefile.objs
index 6a93ac7..985003b 100644
--- a/qom/Makefile.objs
+++ b/qom/Makefile.objs
@@ -1,2 +1,3 @@
 common-obj-y = object.o container.o qom-qobject.o
 common-obj-y += cpu.o
+common-obj-y += object_interfaces.o
diff --git a/qom/object_interfaces.c b/qom/object_interfaces.c
new file mode 100644
index 000..d2aa722
--- /dev/null
+++ b/qom/object_interfaces.c
@@ -0,0 +1,33 @@
+#include qom/object_interfaces.h
+#include qemu/module.h
+
+void call_object_realize_interface(Object *obj, Error **errp)
+{
+ObjectRealizeInterface *ori;
+ObjectRealizeInterfaceClass *oric;
+
+ori = (ObjectRealizeInterface *)
+object_dynamic_cast(obj, TYPE_OBJECT_REALIZE_INTERFACE);
+if (!ori) {
+return;
+}
+
+oric = OBJECT_REALIZE_INTERFACE_GET_CLASS(ori);
+if (oric-realize) {
+oric-realize(ori, errp);
+}
+}
+
+
+static void register_types(void)
+{
+static const TypeInfo realize_interface_info = {
+.name  = TYPE_OBJECT_REALIZE_INTERFACE,
+.parent= 

[Qemu-devel] [PATCH 4/5] vl.c: -object: handle duplicate 'id' properly

[Igor Mammedov]

object_property_add_child() may fail if 'id' matches already
existing object. Which means incorrect command line,
so instead of silently ignoring error, report it and
go to error path (i.e. terminate QEMU).

Signed-off-by: Igor Mammedov imamm...@redhat.com
---
 vl.c |2 +-
 1 files changed, 1 insertions(+), 1 deletions(-)

diff --git a/vl.c b/vl.c
index 1620393..84cb7a8 100644
--- a/vl.c
+++ b/vl.c
@@ -2821,7 +2821,7 @@ static int object_create(QemuOpts *opts, void *opaque)
 }
 
 object_property_add_child(container_get(object_get_root(), /objects),
-  id, obj, NULL);
+  id, obj, local_err);
 
 out:
 object_unref(obj);
-- 
1.7.1

Re: [Qemu-devel] [PATCH 0/4] disas: add libvixl to support A64 disassembly

[Alexander Graf]

On 01/08/2014 04:31 PM, Peter Maydell wrote:

On 8 January 2014 14:51, Alex Bennée alex.ben...@linaro.org wrote:

Is there an argument for making this an optional component. It would be
useful to know how many users care about having access to the target
assembly. Certainly I'm only looking at it while developing TCG code.

If you really don't want the dep you can configure with '--cxx=', and then
we'll fall back to no C++ compiler, don't build C++-only bits.

One of my aims here is that I don't particularly want the A64
translator to be a second class citizen in terms of what features
it supports. Debug logs are generally useful (which is why they're
present) and being able to have end users grab a debug log is
nice for tracking down issues sometimes.


It's also very useful to just be able to do x /i $pc on the qemu 
monitor. So yes, a working disassembler is defintiely a must have.



Alex

[Qemu-devel] [RFC 0/5] -object/object-add support custom location and 2nd stage initialization

[Igor Mammedov]

Adds optional interfaces that objects could implement if
they need to:
  1. perform an additional initialization after object properties are set
  2. be placed not in '/objects' container

Series depends on 2 PULL requests in flight from Andreas  Luiz
with fixes for QOM interfaces and object-add monitor/QMP command.
Git tree for testing:
  https://github.com/imammedo/qemu/commits/extend-object-add

Igor Mammedov (5):
  object_add: consolidate error handling
  add optional 2nd stage initialization to
-object/object-add/object_add commands
  virtio_rng: use object_realize interface instead of calling backend
API
  vl.c: -object: handle duplicate 'id' properly
  -object/object-add: use custom default object location if provided

 backends/rng.c  |   17 ++-
 hw/virtio/virtio-rng.c  |   15 ---
 include/qom/object_interfaces.h |   96 +++
 include/sysemu/rng.h|   11 -
 qmp.c   |   30 +---
 qom/Makefile.objs   |1 +
 qom/object_interfaces.c |   57 +++
 vl.c|   21 -
 8 files changed, 220 insertions(+), 28 deletions(-)
 create mode 100644 include/qom/object_interfaces.h
 create mode 100644 qom/object_interfaces.c

Re: [Qemu-devel] [PATCH RFC 1/2] rng-egd: improve egd backend performance

[Amit Shah]

On (Wed) 08 Jan 2014 [17:14:41], Amos Kong wrote:
 On Wed, Dec 18, 2013 at 11:05:14AM +0100, Giuseppe Scrivano wrote:
  Markus Armbruster arm...@redhat.com writes:
  
   Amos Kong ak...@redhat.com writes:
  
   Bugzilla: https://bugs.launchpad.net/qemu/+bug/1253563
  
   We have a requests queue to cache the random data, but the second
   will come in when the first request is returned, so we always
   only have one items in the queue. It effects the performance.
  
   This patch changes the IOthread to fill a fixed buffer with
   random data from egd socket, request_entropy() will return
   data to virtio queue if buffer has available data.
  
   (test with a fast source, disguised egd socket)
# cat /dev/urandom | nc -l localhost 8003
# qemu .. -chardev socket,host=localhost,port=8003,id=chr0 \
   -object rng-egd,chardev=chr0,id=rng0,buf_size=1024 \
   -device virtio-rng-pci,rng=rng0
  
 bytes kb/s
 --
 131072 -  835
  65536 -  652
  32768 -  356
  16384 -  182
   8192 -   99
   4096 -   52
   2048 -   30
   1024 -   15
512 -8
256 -4
128 -3
 64 -2
  
   I'm not familiar with the rng-egd code, but perhaps my question has
   value anyway: could agressive reading ahead on a source of randomness
   cause trouble by depleting the source?
  
   Consider a server restarting a few dozen guests after reboot, where each
   guest's QEMU then tries to slurp in a couple of KiB of randomness.  How
   does this behave?
 
 Hi Giuseppe,
  
  I hit this performance problem while I was working on RNG devices
  support in virt-manager and I also noticed that the bottleneck is in the
  egd backend that slowly response to requests.
 
 o Current situation:
   rng-random backend reads data from non-blocking character devices
   New entropy request will be sent from guest when last request is processed,
   so the request queue can only cache one request.
   Almost all the request size is 64 bytes.
   Egd socket responses the request slowly.
 
 o Solution 1: pre-reading, perf is improved, but cost much memory 
   In my V1 patch, I tried to add a configurable buffer to pre-read data
   from egd socket. The performance was improved but it used a big memory
   as the buffer.

I really dislike buffering random numbers or entropy from the host,
let's rule these options out.

 o Solution 2: pre-sending request to egd socket, improve is trivial
   I did another test, we just pre-send entropy request to egd socket, not
   really read the data to a buffer.
 
 o Solution 3: eyeless poll, not good
   Always returns an integer in rng_egd_chr_can_read(), the perf can be 
   improved to 120 kB/s, it reduce the delay caused by poll mechanism.
 
 o Solution 4:
   Try to use the new message type to improve the response speed of egd socket
 
 o Solution 5:
   non-block read?

I'd just say let the problem be.  I don't really get the point of
egd.  The egd backend was something Anthony wanted, but I can't
remember if there has been enough justification for it.  Certainly the
protocol isn't documented, and not using the backend doesn't give us
drawbacks.

Moreover, reasonable guests won't request for a whole lot of random
numbers in a short interval, so the theoretical performance problem
we're seeing is just going to remain theoretical for well-behaved
guests.

We have enough documentation by now about this issue, I say let's just
drop this patch and worry about this only if there's a proven need to
better things here.

Amit

Re: [Qemu-devel] [RFC 0/5] -object/object-add support custom location and 2nd stage initialization

[Paolo Bonzini]

Il 08/01/2014 17:09, Igor Mammedov ha scritto:
 Adds optional interfaces that objects could implement if
 they need to:
   1. perform an additional initialization after object properties are set
   2. be placed not in '/objects' container
 
 Series depends on 2 PULL requests in flight from Andreas  Luiz
 with fixes for QOM interfaces and object-add monitor/QMP command.
 Git tree for testing:
   https://github.com/imammedo/qemu/commits/extend-object-add
 
 Igor Mammedov (5):
   object_add: consolidate error handling
   add optional 2nd stage initialization to
 -object/object-add/object_add commands
   virtio_rng: use object_realize interface instead of calling backend
 API
   vl.c: -object: handle duplicate 'id' properly
   -object/object-add: use custom default object location if provided
 
  backends/rng.c  |   17 ++-
  hw/virtio/virtio-rng.c  |   15 ---
  include/qom/object_interfaces.h |   96 
 +++
  include/sysemu/rng.h|   11 -
  qmp.c   |   30 +---
  qom/Makefile.objs   |1 +
  qom/object_interfaces.c |   57 +++
  vl.c|   21 -
  8 files changed, 220 insertions(+), 28 deletions(-)
  create mode 100644 include/qom/object_interfaces.h
  create mode 100644 qom/object_interfaces.c
 

Thanks Igor!  I like very much patches 1-4 (though I'm thinking that we
need some style conventions for interfaces).  I think patch 5 adds more
complexity than we need, but I'm open to discussion.

Paolo

Re: [Qemu-devel] [PATCH] Docs: Introduce multiport serial support in qemupciserial.inf

[Michael S. Tsirkin]

On Wed, Jan 08, 2014 at 05:11:48PM +0100, Paolo Bonzini wrote:
 Il 08/01/2014 16:07, Yan Vugenfirer ha scritto:
 
  +%QEMU-PCI_SERIAL_1_PORT%=ComPort_inst1,
  PCI\VEN_1B36DEV_0002SUBSYS_11001AF4REV_01
  +%QEMU-PCI_SERIAL_2_PORT%=ComPort_inst2,
  PCI\VEN_1B36DEV_0003SUBSYS_11001AF4REV_01
  +%QEMU-PCI_SERIAL_4_PORT%=ComPort_inst4,
  PCI\VEN_1B36DEV_0004SUBSYS_11001AF4REV_01
 
  I think checking the subsystem is not necessary (and I think downstreams
  could legitimately change it).  Can you check CC and REV but not SUBSYS?
  
  PNP ID can be reduced to vendor and device ID only, for example:
  PCI\VEN_1B36DEV_0002 . But in this case we cannot check revision.
 
 Gerd, Michael, what do you think is better?  Not check revision, or
 enforcing subsystem?
 
 Paolo

AFAIK the 0.9.X spec explicitly says you should look at subsystem.


-- 
MST

Re: [Qemu-devel] [RFC 0/5] -object/object-add support custom location and 2nd stage initialization

[Andreas Färber]

Am 08.01.2014 17:24, schrieb Paolo Bonzini:
 Il 08/01/2014 17:09, Igor Mammedov ha scritto:
 Adds optional interfaces that objects could implement if
 they need to:
   1. perform an additional initialization after object properties are set
   2. be placed not in '/objects' container

 Series depends on 2 PULL requests in flight from Andreas  Luiz
 with fixes for QOM interfaces and object-add monitor/QMP command.
 Git tree for testing:
   https://github.com/imammedo/qemu/commits/extend-object-add

 Igor Mammedov (5):
   object_add: consolidate error handling
   add optional 2nd stage initialization to
 -object/object-add/object_add commands
   virtio_rng: use object_realize interface instead of calling backend
 API
   vl.c: -object: handle duplicate 'id' properly
   -object/object-add: use custom default object location if provided

  backends/rng.c  |   17 ++-
  hw/virtio/virtio-rng.c  |   15 ---
  include/qom/object_interfaces.h |   96 
 +++
  include/sysemu/rng.h|   11 -
  qmp.c   |   30 +---
  qom/Makefile.objs   |1 +
  qom/object_interfaces.c |   57 +++
  vl.c|   21 -
  8 files changed, 220 insertions(+), 28 deletions(-)
  create mode 100644 include/qom/object_interfaces.h
  create mode 100644 qom/object_interfaces.c

 
 Thanks Igor!  I like very much patches 1-4 (though I'm thinking that we
 need some style conventions for interfaces).  I think patch 5 adds more
 complexity than we need, but I'm open to discussion.

Hm, I have doubts about the use of realize here. So far that is only
implemented for devices, patches for bus still pending my review, and
for those we don't want that  to be handled by -object or object-add but
recursive realization as part of machine initialization, allowing
interaction via qom-set before. It that's different for backends, can we
maybe pick a name different from realize?

Andreas

-- 
SUSE LINUX Products GmbH, Maxfeldstr. 5, 90409 Nürnberg, Germany
GF: Jeff Hawn, Jennifer Guild, Felix Imendörffer; HRB 16746 AG Nürnberg

Re: [Qemu-devel] [RFC 0/5] -object/object-add support custom location and 2nd stage initialization

[Igor Mammedov]

On Wed, 08 Jan 2014 17:24:31 +0100
Paolo Bonzini pbonz...@redhat.com wrote:

 Il 08/01/2014 17:09, Igor Mammedov ha scritto:
  Adds optional interfaces that objects could implement if
  they need to:
1. perform an additional initialization after object properties are set
2. be placed not in '/objects' container
  
  Series depends on 2 PULL requests in flight from Andreas  Luiz
  with fixes for QOM interfaces and object-add monitor/QMP command.
  Git tree for testing:
https://github.com/imammedo/qemu/commits/extend-object-add
  
  Igor Mammedov (5):
object_add: consolidate error handling
add optional 2nd stage initialization to
  -object/object-add/object_add commands
virtio_rng: use object_realize interface instead of calling backend
  API
vl.c: -object: handle duplicate 'id' properly
-object/object-add: use custom default object location if provided
  
   backends/rng.c  |   17 ++-
   hw/virtio/virtio-rng.c  |   15 ---
   include/qom/object_interfaces.h |   96 
  +++
   include/sysemu/rng.h|   11 -
   qmp.c   |   30 +---
   qom/Makefile.objs   |1 +
   qom/object_interfaces.c |   57 +++
   vl.c|   21 -
   8 files changed, 220 insertions(+), 28 deletions(-)
   create mode 100644 include/qom/object_interfaces.h
   create mode 100644 qom/object_interfaces.c
  
 
 Thanks Igor!  I like very much patches 1-4 (though I'm thinking that we
 need some style conventions for interfaces).  I think patch 5 adds more
 complexity than we need, but I'm open to discussion.
I'm sorry that it took so long.
The reason for separate interfaces is that realize interface is more generic
and might be used outside of '-object'. While I don't see 'path' interface
ever used outside of -object.

Anyway any suggestions are welcome.

 
 Paolo

Re: [Qemu-devel] [PATCH v2] qdev: Keep global allocation counter per bus

[Markus Armbruster]

Paolo Bonzini pbonz...@redhat.com writes:

 Il 08/01/2014 15:35, Markus Armbruster ha scritto:
 Paolo Bonzini pbonz...@redhat.com writes:
 
 Leaving only those that will be affected by the patch:
 
 You omitted akita, borzoi, connex, mainstone, nuri, smdkc210, spitz,
 terrier, tosa, verdex, z2, s390-virtio.  Why won't they be affected?

 Because the dup bus names are hardcoded in the board:

 i2cbus = i2c_init_bus(dev, dummy);

 or in the device:

 s-spi = g_new(SSIBus *, s-num_busses);
 for (i = 0; i  s-num_busses; ++i) {
 char bus_name[16];
 snprintf(bus_name, 16, spi%d, i);
 s-spi[i] = ssi_create_bus(dev, bus_name);
 }

 Only dups of the xyzzy.NN form have their bus names created by qdev
 core.  For other buses this patch changes nothing (neither for better,
 nor for worse).

Ah, right.

These duplicates are just as wrong.  But demanding everything gets fixed
usually gets us nothing fixed, so I'm not going to do that.

 You also omitted the machines that I can't get to start, but I'm not
 overly worried by them, because they're all either Xen, where I don't
 expect differences to plain x86, or ppcemb, where Alex gets to clean up
 any mess he might make.

 Right.  In particular xenfv is just a PIIX PC, plus the (non qdev) Xen
 PV bus.  And xenpv is just the Xen PV bus.

 Il 07/01/2014 18:34, Markus Armbruster ha scritto:
 target  machine bus id  times
 aarch64 n800i2c-bus.0   2
 aarch64 n810i2c-bus.0   2
 arm n800i2c-bus.0   2
 arm n810i2c-bus.0   2

 Devices are created explicitly on one of the two buses, using
 s-mpu-i2c[0], so no change to the guest.

 aarch64 vexpress-a15virtio-mmio-bus.0   4
 aarch64 vexpress-a9 virtio-mmio-bus.0   4
 aarch64 virtvirtio-mmio-bus.0   32
 arm vexpress-a15virtio-mmio-bus.0   4
 arm vexpress-a9 virtio-mmio-bus.0   4
 arm virtvirtio-mmio-bus.0   32

 With Alex's patch we get the ability to plug the device in a particular
 slot.  If anyone was using virtio-mmio-bus.0 explicitly, they get the
 first slot instead of the 4th or 32nd.  Bugfix.
 
 Doesn't this break migration?  If yes, do we care?

 I don't know for sure, but probably not.  sysbus doesn't implement
 get_dev_path, so it relies on the old instance_id mechanism to
 distinguish devices.  instance_id is unreliable in general (e.g. with
 hotplug), but for command-lines and no hot-plug/hot-unplug it should
 work.  You do have to be careful and specify bus=virtio-mmio-bus.31 on
 the destination if you used bus=virtio-mmio-bus.0 on the source.

That's enough breakage to require documenting the issue in the commit
message, and possibly release notes.  Can be done as part of a single
list of affected machines and buses, with a general note on how the
interpretation of bus=FOO.0 changes, how that can affect migration, and
a hint on possible work-arounds.

 BTW if you didn't use bus=virtio-mmio-bus.0, nothing changes because the
 logic in qbus_find_recursive is unaffected.

 mipsmipside.0   2
 mips64  mipside.0   2
 mips64elmipside.0   2
 mipsel  mipside.0   2

 Not affected, the bus is not stored anywhere.
 
 Isn't command line use and migration affected, just like everywhere
 else?

 Right, command-line use of ide.0.  Bugfix as in Alex's PPC case, because
 makes everything else consistent with PCI IDE which is the only place
 where bus=ide.N worked.

 Migration is not affected unless you used ide.0 on the command line.  In
 other words, migration from old -drive if=ide,bus=N to new -drive
 if=none ... -device ...,bus=ide.N should work.

 ppc g3beige ide.0   2
 ppc mac99   ide.0   2
 ppc prepide.0   2
 ppc64   g3beige ide.0   2
 ppc64   mac99   ide.0   2
 ppc64   prepide.0   2

 Trusting Alex's tests here.
 
 Our analysis should be recorded in the commit message.  With that done,
 I could R-by the patch.

 Alex, can you spin v3 with a new commit message?

Yes, please.

Re: [Qemu-devel] [PATCH 7/9] pc: ACPI: expose PRST IO range via _CRS

[Michael S. Tsirkin]

On Sat, Dec 28, 2013 at 11:30:50PM +0100, Igor Mammedov wrote:
 .. so OSPM could notice resource conflict if there is any.
 
 Signed-off-by: Igor Mammedov imamm...@redhat.com
 ---
  hw/i386/acpi-dsdt-cpu-hotplug.dsl | 11 ++-
  1 file changed, 10 insertions(+), 1 deletion(-)
 
 diff --git a/hw/i386/acpi-dsdt-cpu-hotplug.dsl 
 b/hw/i386/acpi-dsdt-cpu-hotplug.dsl
 index 1dfbb4f..869aa00 100644
 --- a/hw/i386/acpi-dsdt-cpu-hotplug.dsl
 +++ b/hw/i386/acpi-dsdt-cpu-hotplug.dsl
 @@ -52,7 +52,8 @@ Scope(\_SB) {
  Sleep(200)
  }
  
 -OperationRegion(PRST, SystemIO, CPU_STATUS_BASE, 32)
 +#define CPU_STATUS_LEN 32
 +OperationRegion(PRST, SystemIO, CPU_STATUS_BASE, CPU_STATUS_LEN)
  Field(PRST, ByteAcc, NoLock, Preserve) {
  PRS, 256
  }
 @@ -89,4 +90,12 @@ Scope(\_SB) {
  Increment(Local0)
  }
  }
 +
 +Device(PRES) {

How about 

#define CPU_HOTPLUG_RESOURCE_DEVICE PRES
or something?

 +Name(_HID, ACPI0004)

Does this need to be marked as hidden with _STA?

 +
 +Name(_CRS, ResourceTemplate() {
 +IO(Decode16, CPU_STATUS_BASE, CPU_STATUS_BASE, 0, CPU_STATUS_LEN)
 +})
 +}
  }
 -- 
 1.8.4.2

Re: [Qemu-devel] [PATCH 5/9] pc: PIIX DSDT: exclude CPU/PCI hotplug GPE0 IO range from PCI bus resources

[Michael S. Tsirkin]

On Sat, Dec 28, 2013 at 11:30:48PM +0100, Igor Mammedov wrote:
 .. so that they might not be used by PCI devices.
 
 Note:
 Resort to concatenating templates with preprocessor help,
 because 1.0b spec isn't supporting ConcatenateResTemplate,
 as result Windows XP fails to execute PCI0._CRS method if
 ConcatenateResTemplate() is used.
 
 Signed-off-by: Igor Mammedov imamm...@redhat.com

Interesting. Could be worth getting rid of ConcatenateResTemplate in other 
places
too so XP works on more systems ...

 ---
 Follow up patch will expose them as motherboard resources
 ---
  hw/i386/acpi-dsdt-pci-crs.dsl |  8 +---
  hw/i386/acpi-dsdt.dsl | 29 +
  hw/i386/q35-acpi-dsdt.dsl |  8 
  3 files changed, 38 insertions(+), 7 deletions(-)
 
 diff --git a/hw/i386/acpi-dsdt-pci-crs.dsl b/hw/i386/acpi-dsdt-pci-crs.dsl
 index b375a19..8b631d1 100644
 --- a/hw/i386/acpi-dsdt-pci-crs.dsl
 +++ b/hw/i386/acpi-dsdt-pci-crs.dsl
 @@ -37,13 +37,7 @@ Scope(\_SB.PCI0) {
  0x, // Address Translation Offset
  0x0CF8, // Address Length
  ,, , TypeStatic)
 -WordIO(ResourceProducer, MinFixed, MaxFixed, PosDecode, EntireRange,
 -0x, // Address Space Granularity
 -0x0D00, // Address Range Minimum
 -0x, // Address Range Maximum
 -0x, // Address Translation Offset
 -0xF300, // Address Length
 -,, , TypeStatic)
 +BOARD_SPECIFIC_PCI_RESOURSES
  DWordMemory(ResourceProducer, PosDecode, MinFixed, MaxFixed, 
 Cacheable, ReadWrite,
  0x, // Address Space Granularity
  0x000A, // Address Range Minimum
 diff --git a/hw/i386/acpi-dsdt.dsl b/hw/i386/acpi-dsdt.dsl
 index 3dc4789..55b4794 100644
 --- a/hw/i386/acpi-dsdt.dsl
 +++ b/hw/i386/acpi-dsdt.dsl
 @@ -35,6 +35,35 @@ DefinitionBlock (
  /
   * PCI Bus definition
   /
 +#define BOARD_SPECIFIC_PCI_RESOURSES \
 + WordIO(ResourceProducer, MinFixed, MaxFixed, PosDecode, EntireRange, \
 + 0x, \
 + 0x0D00, \
 + 0xADFF, \
 + 0x, \
 + 0xA100, \
 + ,, , TypeStatic) \
 + WordIO(ResourceProducer, MinFixed, MaxFixed, PosDecode, EntireRange, \
 + 0x, \
 + 0xAE14, \
 + 0xAEFF, \
 + 0x, \
 + 0x00EC, \
 + ,, , TypeStatic) \
 + WordIO(ResourceProducer, MinFixed, MaxFixed, PosDecode, EntireRange, \
 + 0x, \
 + 0xAF20, \
 + 0xAFDF, \
 + 0x, \
 + 0x00C0, \
 + ,, , TypeStatic) \
 + WordIO(ResourceProducer, MinFixed, MaxFixed, PosDecode, EntireRange, \
 + 0x, \
 + 0xAFE4, \
 + 0x, \
 + 0x, \
 + 0x501C, \
 + ,, , TypeStatic)
  
  Scope(\_SB) {
  Device(PCI0) {

Could you add some comments here to document where
does each number comes from please?
E.g. /* PIIX4_PROC_BASE + 0x100 */ or something.

Ideally we'd generate this based on defines used
by host, but that does not have to block merging
this patch.

 diff --git a/hw/i386/q35-acpi-dsdt.dsl b/hw/i386/q35-acpi-dsdt.dsl
 index 9a43947..f3e5921 100644
 --- a/hw/i386/q35-acpi-dsdt.dsl
 +++ b/hw/i386/q35-acpi-dsdt.dsl
 @@ -48,6 +48,14 @@ DefinitionBlock (
  /
   * PCI Bus definition
   /
 +#define BOARD_SPECIFIC_PCI_RESOURSES \
 + WordIO(ResourceProducer, MinFixed, MaxFixed, PosDecode, EntireRange, \
 + 0x, \
 + 0x0D00, \
 + 0x, \
 + 0x, \
 + 0xF300, \
 + ,, , TypeStatic)
  
  Scope(\_SB) {
  Device(PCI0) {
 -- 
 1.8.4.2

Re: [Qemu-devel] [PATCH 8/9] pc: ACPI: unify source of CPU hotplug IO base/len

[Michael S. Tsirkin]

On Sat, Dec 28, 2013 at 11:30:51PM +0100, Igor Mammedov wrote:
 use C headers defines as source of IO base/len for respective
 values in ASL code.
 
 Signed-off-by: Igor Mammedov imamm...@redhat.com

That's cool.

It's a bit confusing that you add macro in one patch, then
drop it in another.
Could you reorder patches?
Add define and use it in host first, then use it directly.

It's not critical, nice to have.

 ---
  hw/acpi/ich9.c| 4 +---
  hw/acpi/piix4.c   | 5 ++---
  hw/i386/Makefile.objs | 9 +++--
  hw/i386/acpi-dsdt-cpu-hotplug.dsl | 7 ---
  hw/i386/acpi-dsdt.dsl | 3 ++-
  hw/i386/q35-acpi-dsdt.dsl | 3 ++-
  include/hw/acpi/cpu_hotplug.h | 6 +-
  include/hw/acpi/ich9.h| 5 +
  include/hw/acpi/piix4.h   | 5 +
  9 files changed, 33 insertions(+), 14 deletions(-)
 
 diff --git a/hw/acpi/ich9.c b/hw/acpi/ich9.c
 index 03dee35..0afac42 100644
 --- a/hw/acpi/ich9.c
 +++ b/hw/acpi/ich9.c
 @@ -44,8 +44,6 @@ do { printf(%s fmt, __func__, ## __VA_ARGS__); } while (0)
  #define ICH9_DEBUG(fmt, ...)do { } while (0)
  #endif
  
 -#define ICH9_PROC_BASE 0x0CD8
 -
  static void ich9_pm_update_sci_fn(ACPIREGS *regs)
  {
  ICH9LPCPMRegs *pm = container_of(regs, ICH9LPCPMRegs, acpi_regs);
 @@ -223,7 +221,7 @@ void ich9_pm_init(PCIDevice *lpc_pci, ICH9LPCPMRegs *pm,
  qemu_register_powerdown_notifier(pm-powerdown_notifier);
  
  AcpiCpuHotplug_init(pci_address_space_io(lpc_pci), OBJECT(lpc_pci),
 -pm-gpe_cpu, ICH9_PROC_BASE);
 +pm-gpe_cpu, ICH9_CPU_HOTPLUG_IO_BASE);
  pm-cpu_added_notifier.notify = ich9_cpu_added_req;
  qemu_register_cpu_added_notifier(pm-cpu_added_notifier);
  }
 diff --git a/hw/acpi/piix4.c b/hw/acpi/piix4.c
 index 9b7fe6b..4161d06 100644
 --- a/hw/acpi/piix4.c
 +++ b/hw/acpi/piix4.c
 @@ -51,8 +51,6 @@
  #define PCI_EJ_BASE 0xae08
  #define PCI_RMV_BASE 0xae0c
  
 -#define PIIX4_PROC_BASE 0xaf00
 -
  #define PIIX4_PCI_HOTPLUG_STATUS 2
  
  struct pci_status {
 @@ -702,7 +700,8 @@ static void piix4_acpi_system_hot_add_init(MemoryRegion 
 *parent,
  pci_bus_hotplug(bus, piix4_device_hotplug, DEVICE(s));
  }
  
 -AcpiCpuHotplug_init(parent, OBJECT(s), s-gpe_cpu, PIIX4_PROC_BASE);
 +AcpiCpuHotplug_init(parent, OBJECT(s), s-gpe_cpu,
 +PIIX4_CPU_HOTPLUG_IO_BASE);
  s-cpu_added_notifier.notify = piix4_cpu_added_req;
  qemu_register_cpu_added_notifier(s-cpu_added_notifier);
  }
 diff --git a/hw/i386/Makefile.objs b/hw/i386/Makefile.objs
 index edf5256..e9c49d5 100644
 --- a/hw/i386/Makefile.objs
 +++ b/hw/i386/Makefile.objs
 @@ -19,10 +19,15 @@ ifdef IASL
  DSL_DEPS = $(SRC_PATH)/hw/i386/%.dsl \
   $(SRC_PATH)/scripts/acpi_extract_preprocess.py \
   $(SRC_PATH)/scripts/acpi_extract.py \
 - $(SRC_PATH)/hw/i386/acpi-dsdt-*.dsl
 + $(SRC_PATH)/hw/i386/acpi-dsdt-*.dsl \
 + $(SRC_PATH)/include/hw/acpi/ich9.h \
 + $(SRC_PATH)/include/hw/acpi/piix4.h \
 + $(SRC_PATH)/include/hw/acpi/cpu_hotplug.h
 +
 +ASL_FLAGS = $(QEMU_CFLAGS) -DACPI_ASL
  
  hw/i386/%.hex: $(DSL_DEPS)
 - $(call quiet-command, cpp -P $ -o $*.dsl.i.orig,   CPP 
 $(TARGET_DIR)$*.dsl.i.orig)
 + $(call quiet-command, cpp $(ASL_FLAGS) -P $ -o $*.dsl.i.orig,   CPP 
 $(TARGET_DIR)$*.dsl.i.orig)
   $(call quiet-command, $(PYTHON) 
 $(SRC_PATH)/scripts/acpi_extract_preprocess.py $*.dsl.i.orig  $*.dsl.i,   
 ACPI_PREPROCESS $(TARGET_DIR)$*.dsl.i)
   $(call quiet-command, $(IASL) $(call iasl-option,$(IASL),-Pn,) -vs -l 
 -tc -p $* $*.dsl.i $(if $(V), ,  /dev/null) 21 ,  IASL 
 $(TARGET_DIR)$*.dsl.i)
   $(call quiet-command, $(PYTHON) $(SRC_PATH)/scripts/acpi_extract.py 
 $*.lst  $*.off,   ACPI_EXTRACT $(TARGET_DIR)$*.off)
 diff --git a/hw/i386/acpi-dsdt-cpu-hotplug.dsl 
 b/hw/i386/acpi-dsdt-cpu-hotplug.dsl
 index 869aa00..942b119 100644
 --- a/hw/i386/acpi-dsdt-cpu-hotplug.dsl
 +++ b/hw/i386/acpi-dsdt-cpu-hotplug.dsl
 @@ -17,6 +17,8 @@
   * CPU hotplug
   /
  
 +#include hw/acpi/cpu_hotplug.h
 +
  Scope(\_SB) {
  /* Objects filled in by run-time generated SSDT */
  External(NTFY, MethodObj)
 @@ -52,8 +54,7 @@ Scope(\_SB) {
  Sleep(200)
  }
  
 -#define CPU_STATUS_LEN 32
 -OperationRegion(PRST, SystemIO, CPU_STATUS_BASE, CPU_STATUS_LEN)
 +OperationRegion(PRST, SystemIO, CPU_STATUS_BASE, ACPI_GPE_PROC_LEN)
  Field(PRST, ByteAcc, NoLock, Preserve) {
  PRS, 256
  }
 @@ -95,7 +96,7 @@ Scope(\_SB) {
  Name(_HID, ACPI0004)
  
  Name(_CRS, ResourceTemplate() {
 -IO(Decode16, CPU_STATUS_BASE, CPU_STATUS_BASE, 0, CPU_STATUS_LEN)
 +IO(Decode16, CPU_STATUS_BASE, CPU_STATUS_BASE, 0, 
 ACPI_GPE_PROC_LEN)
  })
  }
  }
 diff --git a/hw/i386/acpi-dsdt.dsl b/hw/i386/acpi-dsdt.dsl
 index f00b6ca..d98b019 100644
 --- a/hw/i386/acpi-dsdt.dsl
 

Re: [Qemu-devel] [PATCH] qdev: Assign a default device ID when none is provided.

[Hani Benhabiles]

On Wed, Jan 08, 2014 at 08:36:06AM +0100, Markus Armbruster wrote:
 Hani Benhabiles kroo...@gmail.com writes:
 
  This would allow a user to be able to refer to the device when using 
  commands
  like device_del.
 
  Signed-off-by: Hani Benhabiles kroo...@gmail.com
 
 No.
 
 Device IDs belong to the user.  Any IDs the system picks automatically
 can collide with the user's IDs.
 
 Management applications assume that they can pick any ID they want.
 Your patch can introduce ID collisions, and thus make existing
 configurations fail.
 

How can it lead to ID collisions ?

For this reason, the loop in assign_device_name() specifically check that the ID
doesn't exist already and uses the next value if it does.

How would something like:
(qemu) device_add virtio-net-pci
== ID: virtio-net-pci.0

Be more problematic than:
(qemu) device_add virtio-net-pci,id=virtio-net-pci.0

 If I remember correctly, a few legacy convenience options pick IDs for
 historical reasons.  If you use them, you need to be aware of the IDs
 they pick.  Management applications shouldn't use them.
 
 We've discussed this a couple of times already, by the way.

Re: [Qemu-devel] [RFC 0/5] -object/object-add support custom location and 2nd stage initialization

[Paolo Bonzini]

Il 08/01/2014 17:51, Igor Mammedov ha scritto:
  
  Thanks Igor!  I like very much patches 1-4 (though I'm thinking that we
  need some style conventions for interfaces).  I think patch 5 adds more
  complexity than we need, but I'm open to discussion.
 I'm sorry that it took so long.
 The reason for separate interfaces is that realize interface is more generic
 and might be used outside of '-object'. While I don't see 'path' interface
 ever used outside of -object.

Yeah, I think the two interfaces are a good idea.  The question is
whether we want the second interface at all.  I think it's fine to
delegate namespace conventions to management.

Regarding the overloading of the realize name, I was against it in
previous discussion and I still am (I was in favor of something like
UserCreatable and naming the method complete or construct), but I
didn't want to sound too negative. :)

Paolo

Re: [Qemu-devel] [PATCH] qdev: Assign a default device ID when none is provided.

[Paolo Bonzini]

Il 08/01/2014 18:17, Hani Benhabiles ha scritto:
 For this reason, the loop in assign_device_name() specifically check that the 
 ID
 doesn't exist already and uses the next value if it does.
 
 How would something like:
 (qemu) device_add virtio-net-pci
 == ID: virtio-net-pci.0
 
 Be more problematic than:
 (qemu) device_add virtio-net-pci,id=virtio-net-pci.0

(qemu) device_add virtio-net-pci
(qemu) device_add virtio-net-pci,id=virtio-net-pci.0

works without your patches, fails with them (IIUC).

Paolo

Re: [Qemu-devel] QEMU detachable overlays and Union Mounts

[Richard W.M. Jones]

On Wed, Jan 08, 2014 at 11:26:28AM +0530, kausik pal wrote:
 If this message should go elsewhere, my apologies.
 
 It would be great if QEMU have the capability of detachable overlay or
 union mount.
 So administrators can keep each software as separate individual qcow2/qed
 disks and can put those disks on different layers so that the end user
 would see combination of the softwares available to them.
 
 The desired scenario is like the following:-

[easier to see the diagrams here:
https://lists.gnu.org/archive/html/qemu-devel/2014-01/msg00819.html]

qemu already supports snapshots.  However they don't work like docker,
ie. you cannot arbitrarily compose snapshots (I don't think this works
properly in docker either, but that's another matter).

Basically because snapshots are block-based, not file based, it is
never going to be possible to compose them in the way you want.
Filesystems at the block layer simply don't work this way.

Have you considered using 9p? [http://wiki.qemu.org/Documentation/9psetup]

Rich.

-- 
Richard Jones, Virtualization Group, Red Hat http://people.redhat.com/~rjones
Read my programming blog: http://rwmj.wordpress.com
Fedora now supports 80 OCaml packages (the OPEN alternative to F#)

Re: [Qemu-devel] [PATCH 3/9] pc: rebuild ACPI hex files if included *.dsl are touched

[Michael S. Tsirkin]

On Sat, Dec 28, 2013 at 11:30:46PM +0100, Igor Mammedov wrote:
 Signed-off-by: Igor Mammedov imamm...@redhat.com
 ---
  hw/i386/Makefile.objs | 7 ++-
  1 file changed, 6 insertions(+), 1 deletion(-)
 
 diff --git a/hw/i386/Makefile.objs b/hw/i386/Makefile.objs
 index 09ac433..edf5256 100644
 --- a/hw/i386/Makefile.objs
 +++ b/hw/i386/Makefile.objs
 @@ -16,7 +16,12 @@ iasl-option=$(shell if test -z `$(1) $(2) 21  
 /dev/null` \
  
  ifdef IASL
  #IASL Present. Generate hex files from .dsl
 -hw/i386/%.hex: $(SRC_PATH)/hw/i386/%.dsl 
 $(SRC_PATH)/scripts/acpi_extract_preprocess.py 
 $(SRC_PATH)/scripts/acpi_extract.py
 +DSL_DEPS = $(SRC_PATH)/hw/i386/%.dsl \
 + $(SRC_PATH)/scripts/acpi_extract_preprocess.py \
 + $(SRC_PATH)/scripts/acpi_extract.py \
 + $(SRC_PATH)/hw/i386/acpi-dsdt-*.dsl
 +
 +hw/i386/%.hex: $(DSL_DEPS)
   $(call quiet-command, cpp -P $ -o $*.dsl.i.orig,   CPP 
 $(TARGET_DIR)$*.dsl.i.orig)
   $(call quiet-command, $(PYTHON) 
 $(SRC_PATH)/scripts/acpi_extract_preprocess.py $*.dsl.i.orig  $*.dsl.i,   
 ACPI_PREPROCESS $(TARGET_DIR)$*.dsl.i)
   $(call quiet-command, $(IASL) $(call iasl-option,$(IASL),-Pn,) -vs -l 
 -tc -p $* $*.dsl.i $(if $(V), ,  /dev/null) 21 ,  IASL 
 $(TARGET_DIR)$*.dsl.i)

It's generally nasty to have rules that generate files already in
the source tree. In partuclar people expect make clean to get
back the original tree.
How about only doing this when some variable is defined?

 -- 
 1.8.4.2

Re: [Qemu-devel] [PATCH 0/9 v2] pc: CPU hotplug support for Q35

[Michael S. Tsirkin]

On Sat, Dec 28, 2013 at 11:30:43PM +0100, Igor Mammedov wrote:
 Changes since v1:
   * renamed hotplug.c/.h to  cpu_hotplug.c/.h
   * make all prefixes acpi_cpu_hotplug and AcpiCpuHotplug
   * updated docs/specs/acpi_cpu_hotplug.txt with Q35's IO port range
   * exclude CPU/PCI/GPE IO ranges from resources advertised
 in PCI bus _CRS
   * advertise CPU hotplug IO range using ACPI Device(ACPI0004)._CRS
 object.
   * change Q35 IO port ase from 0xa18 to 0xcd8, to avoid increasing
 fragmentation of PCI bus IO space
   * replaced runtime IO port setting with compile time one, since
 port mapping is hadcoded and there is not real need to set it
 dynamically.
   * Use the same headers for C and ASL code so that port/length
 values won't be duplicated.
   * Fix deps for ACPI tables, so that thay would be rebuild when
 included files are touched. (Added only includes, I've touched,
 it's not complete but a good start anyway)
 
 Tested with RHEL6, WS2012R2, WS2003

Sent some minor comments, otherwise looks good, thanks!

 Series is based on mst/pci tree, git tree for testing:
 https://github.com/imammedo/qemu/commits/q35_cpu_hp_static_v2
 
 Igor Mammedov (9):
   acpi: factor out common cpu hotplug code for PIIX4/Q35
   acpi: ich9: add CPU hotplug handling to Q35 machine
   pc: rebuild ACPI hex files if included *.dsl are touched
   pc: set PRST base in DSDT depending on chipset
   pc: PIIX DSDT: exclude CPU/PCI hotplug  GPE0 IO range from PCI bus
 resources
   pc: Q35 DSDT: exclude CPU hotplug IO range from PCI bus resources
   pc: ACPI: expose PRST IO range via _CRS
   pc: ACPI: unify source of CPU hotplug IO base/len
   pc: ACPI: update acpi-dsdt.hex.generated q35-acpi-dsdt.hex.generated
 
  docs/specs/acpi_cpu_hotplug.txt |   4 +-
  hw/acpi/Makefile.objs   |   2 +-
  hw/acpi/cpu_hotplug.c   |  64 +++
  hw/acpi/ich9.c  |  14 ++
  hw/acpi/piix4.c |  80 +
  hw/i386/Makefile.objs   |  14 +-
  hw/i386/acpi-dsdt-cpu-hotplug.dsl   |  12 +-
  hw/i386/acpi-dsdt-pci-crs.dsl   |  15 +-
  hw/i386/acpi-dsdt.dsl   |  38 +
  hw/i386/acpi-dsdt.hex.generated | 328 
 +++-
  hw/i386/q35-acpi-dsdt.dsl   |  17 ++
  hw/i386/q35-acpi-dsdt.hex.generated | 133 ---
  include/hw/acpi/cpu_hotplug.h   |  34 
  include/hw/acpi/ich9.h  |   9 +
  include/hw/acpi/piix4.h |   5 +
  15 files changed, 578 insertions(+), 191 deletions(-)
  create mode 100644 hw/acpi/cpu_hotplug.c
  create mode 100644 include/hw/acpi/cpu_hotplug.h
 
 -- 
 1.8.4.2

Re: [Qemu-devel] [RFC 0/5] -object/object-add support custom location and 2nd stage initialization

[Igor Mammedov]

On Wed, 08 Jan 2014 17:45:25 +0100
Andreas Färber afaer...@suse.de wrote:

 Am 08.01.2014 17:24, schrieb Paolo Bonzini:
  Il 08/01/2014 17:09, Igor Mammedov ha scritto:
  Adds optional interfaces that objects could implement if
  they need to:
1. perform an additional initialization after object properties are set
2. be placed not in '/objects' container
 
  Series depends on 2 PULL requests in flight from Andreas  Luiz
  with fixes for QOM interfaces and object-add monitor/QMP command.
  Git tree for testing:
https://github.com/imammedo/qemu/commits/extend-object-add
 
  Igor Mammedov (5):
object_add: consolidate error handling
add optional 2nd stage initialization to
  -object/object-add/object_add commands
virtio_rng: use object_realize interface instead of calling backend
  API
vl.c: -object: handle duplicate 'id' properly
-object/object-add: use custom default object location if provided
 
   backends/rng.c  |   17 ++-
   hw/virtio/virtio-rng.c  |   15 ---
   include/qom/object_interfaces.h |   96 
  +++
   include/sysemu/rng.h|   11 -
   qmp.c   |   30 +---
   qom/Makefile.objs   |1 +
   qom/object_interfaces.c |   57 +++
   vl.c|   21 -
   8 files changed, 220 insertions(+), 28 deletions(-)
   create mode 100644 include/qom/object_interfaces.h
   create mode 100644 qom/object_interfaces.c
 
  
  Thanks Igor!  I like very much patches 1-4 (though I'm thinking that we
  need some style conventions for interfaces).  I think patch 5 adds more
  complexity than we need, but I'm open to discussion.
 
 Hm, I have doubts about the use of realize here. So far that is only
 implemented for devices, patches for bus still pending my review, and
 for those we don't want that  to be handled by -object or object-add but
 recursive realization as part of machine initialization, allowing
 interaction via qom-set before. It that's different for backends, can we
 maybe pick a name different from realize?
Any suggestions?

 
 Andreas
 

Re: [Qemu-devel] [PATCH] qemu-ga: isa-serial support on Windows

[Michael Roth]

Quoting Miki Mishael (2014-01-05 11:18:51)
 Add support for isa-serial method for qemu-ga on Windows,
 Added -p command line parameter for serial port name
 specification, e.g. -p COM15.
 
 Signed-off-by: Miki Mishael mmish...@redhat.com
 Signed-off-by: Dmitry Fleytman dfley...@redhat.com
 ---
  qga/channel-win32.c | 27 +--
  qga/main.c  | 14 +++---
  2 files changed, 36 insertions(+), 5 deletions(-)
 
 diff --git a/qga/channel-win32.c b/qga/channel-win32.c
 index 8a303f3..fd42460 100644
 --- a/qga/channel-win32.c
 +++ b/qga/channel-win32.c
 @@ -284,15 +284,32 @@ GIOStatus ga_channel_write_all(GAChannel *c, const char 
 *buf, size_t size)
  return status;
  }
 
 +static void ga_serial_path_correction( gchar* newpath, const gchar *path, 
 size_t maxdestlen)
 +{
 +gchar *prefix = .\\;
 +g_strlcpy(newpath, prefix, maxdestlen);
 +g_strlcat(newpath, path, maxdestlen);
 +}

I think this can be simplified a bit, perhaps:

#define QGA_SERIAL_PATH_PREFIX .\\

static void ga_serial_path_correction(gchar* newpath, const gchar *path)
{
sprintf(newpath, QGA_SERIAL_PATH_PREFIX%d, path);
}

At that point it probably makes more sense to just drop the func and move
this into ga_channel_open, since it's a bit clearer to understand what the
correction entails looking at sprintf's format parameter.

 +
  static gboolean ga_channel_open(GAChannel *c, GAChannelMethod method,
  const gchar *path)
  {
 -if (method != GA_CHANNEL_VIRTIO_SERIAL) {
 +COMMTIMEOUTS comTimeOut = {0};
 +gchar newpath[MAXPATHLEN] = {0};
 +comTimeOut.ReadIntervalTimeout = 1;
 +
 +if (method != GA_CHANNEL_VIRTIO_SERIAL  method != 
 GA_CHANNEL_ISA_SERIAL) {
  g_critical(unsupported communication method);
  return false;
  }
 
 -c-handle = CreateFile(path, GENERIC_READ | GENERIC_WRITE, 0, NULL,
 +if (method == GA_CHANNEL_ISA_SERIAL){
 +ga_serial_path_correction(newpath, path, sizeof(newpath));
 +}else {
 +g_strlcpy(newpath, path, sizeof(newpath));
 +}
 +
 +c-handle = CreateFile(newpath, GENERIC_READ | GENERIC_WRITE, 0, NULL,
 OPEN_EXISTING,
 FILE_FLAG_NO_BUFFERING | FILE_FLAG_OVERLAPPED, 
 NULL);
  if (c-handle == INVALID_HANDLE_VALUE) {
 @@ -300,6 +317,12 @@ static gboolean ga_channel_open(GAChannel *c, 
 GAChannelMethod method,
  return false;
  }
 
 +if (method == GA_CHANNEL_ISA_SERIAL  
 !SetCommTimeouts(c-handle,comTimeOut)) {
 +g_critical(error SetCommTimeouts: %d,GetLastError());

Perhaps something a little more human readable, like error setting timeout for
comm port

 +CloseHandle(c-handle);
 +return false;
 +}
 +
  return true;
  }
 
 diff --git a/qga/main.c b/qga/main.c
 index c58b26a..ad21061 100644
 --- a/qga/main.c
 +++ b/qga/main.c
 @@ -47,9 +47,11 @@
  #ifndef _WIN32
  #define QGA_VIRTIO_PATH_DEFAULT /dev/virtio-ports/org.qemu.guest_agent.0
  #define QGA_STATE_RELATIVE_DIR  run
 +#define QGA_SERIAL_PATH_DEFAULT 

We know this will fail on linux, so we should either attempt to define some
kind of default like /dev/ttyS0, or only attempt the default path on w32
and fail explicitly for linux.

I'm not sure setting a default makes sense for w32 either, serial is already
a non-default configuration, so requiring explicit paths seems reasonable
there, and less likely to confuse users by guessing the wrong port. Though
I guess serial might be a bit more common on w32 than linux, so I don't
really have a strong opinion either way.

  #else
  #define QGA_VIRTIO_PATH_DEFAULT .\\Global\\org.qemu.guest_agent.0
  #define QGA_STATE_RELATIVE_DIR  qemu-ga
 +#define QGA_SERIAL_PATH_DEFAULT COM1
  #endif
  #ifdef CONFIG_FSFREEZE
  #define QGA_FSFREEZE_HOOK_DEFAULT CONFIG_QEMU_CONFDIR /fsfreeze-hook
 @@ -659,12 +661,18 @@ static gboolean channel_init(GAState *s, const gchar 
 *method, const gchar *path)
  }
 
  if (path == NULL) {
 -if (strcmp(method, virtio-serial) != 0) {
 +if (strcmp(method, virtio-serial) == 0 ) {
 +/* try the default path for the virtio-serial port */
 +path = QGA_VIRTIO_PATH_DEFAULT;
 +}
 +else if (strcmp(method, isa-serial) == 0){
 +/* try the default path for the serial port - COM1 */
 +path = QGA_SERIAL_PATH_DEFAULT;
 +}
 +else {

In QEMU we generally do:

if (...) {
...
} else if (...) {
...
} else {
...
}

  g_critical(must specify a path for this channel);
  return false;
  }
 -/* try the default path for the virtio-serial port */
 -path = QGA_VIRTIO_PATH_DEFAULT;
  }
 
  if (strcmp(method, virtio-serial) == 0) {
 -- 
 1.8.3.1

Re: [Qemu-devel] QEMU detachable overlays and Union Mounts

[kausik pal]

Hi rich,

Thanks for the answer.

I was wondering how unidesk has solved the problem using disk layering.
They have the solution for VMware, so if similar feature can be built on
qemu for KVM hypervisor then we will have a great solution for application
management from VDI perspective.

Please let me know your thought about this.

Thanks
Kausik
On Jan 8, 2014 11:11 PM, Richard W.M. Jones rjo...@redhat.com wrote:

 On Wed, Jan 08, 2014 at 11:26:28AM +0530, kausik pal wrote:
  If this message should go elsewhere, my apologies.
 
  It would be great if QEMU have the capability of detachable overlay or
  union mount.
  So administrators can keep each software as separate individual qcow2/qed
  disks and can put those disks on different layers so that the end user
  would see combination of the softwares available to them.
 
  The desired scenario is like the following:-

 [easier to see the diagrams here:
 https://lists.gnu.org/archive/html/qemu-devel/2014-01/msg00819.html]

 qemu already supports snapshots.  However they don't work like docker,
 ie. you cannot arbitrarily compose snapshots (I don't think this works
 properly in docker either, but that's another matter).

 Basically because snapshots are block-based, not file based, it is
 never going to be possible to compose them in the way you want.
 Filesystems at the block layer simply don't work this way.

 Have you considered using 9p? [http://wiki.qemu.org/Documentation/9psetup]

 Rich.

 --
 Richard Jones, Virtualization Group, Red Hat
 http://people.redhat.com/~rjones
 Read my programming blog: http://rwmj.wordpress.com
 Fedora now supports 80 OCaml packages (the OPEN alternative to F#)

Re: [Qemu-devel] [PATCH 07/13] mxs/imx23: Implements the pin mux, GPIOs

[M P]

All noted, and thanks for all the bits you reviewed so far, I'll do the
changes and resubmit.

M



On 6 January 2014 15:52, Peter Maydell peter.mayd...@linaro.org wrote:

 On 11 December 2013 13:56, Michel Pollet buser...@gmail.com wrote:
  Implements the pinctrl and GPIO block for the imx23
  It handles GPIO output, and GPIO input from qemu translated
  into pin values and interrupts, if appropriate.
 
  Signed-off-by: Michel Pollet buser...@gmail.com
  ---
   hw/arm/Makefile.objs   |   2 +-
   hw/arm/imx23_pinctrl.c | 293
 +
   2 files changed, 294 insertions(+), 1 deletion(-)
   create mode 100644 hw/arm/imx23_pinctrl.c
 
  diff --git a/hw/arm/Makefile.objs b/hw/arm/Makefile.objs
  index 9adcb96..ea53988 100644
  --- a/hw/arm/Makefile.objs
  +++ b/hw/arm/Makefile.objs
  @@ -5,4 +5,4 @@ obj-y += tosa.o versatilepb.o vexpress.o virt.o
 xilinx_zynq.o z2.o
 
   obj-y += armv7m.o exynos4210.o pxa2xx.o pxa2xx_gpio.o pxa2xx_pic.o
   obj-y += omap1.o omap2.o strongarm.o
  -obj-$(CONFIG_MXS) += imx23_digctl.o
  +obj-$(CONFIG_MXS) += imx23_digctl.o imx23_pinctrl.o
  diff --git a/hw/arm/imx23_pinctrl.c b/hw/arm/imx23_pinctrl.c
  new file mode 100644
  index 000..ecfb755
  --- /dev/null
  +++ b/hw/arm/imx23_pinctrl.c
  @@ -0,0 +1,293 @@
  +/*
  + * imx23_pinctrl.c
  + *
  + * Copyright: Michel Pollet buser...@gmail.com
  + *
  + * QEMU Licence
  + */
  +
  +/*
  + * Implements the pinctrl and GPIO block for the imx23
  + * It handles GPIO output, and GPIO input from qemu translated
  + * into pin values and interrupts, if appropriate.
  + */
  +#include hw/sysbus.h
  +#include hw/arm/mxs.h
  +
  +#define D(w)
  +
  +enum {
  +PINCTRL_BANK_COUNT = 3,
  +
  +PINCTRL_CTRL = 0,
  +PINCTRL_BANK_MUXSEL = 0x10,
  +PINCTRL_BANK_BASE = 0x40,
  +
  +/* these are not  4 register numbers, these are  8 register
 numbers */
  +PINCTRL_BANK_PULL = 0x4,
  +PINCTRL_BANK_OUT = 0x5,
  +PINCTRL_BANK_DIN = 0x6,
  +PINCTRL_BANK_DOE = 0x7,
  +PINCTRL_BANK_PIN2IRQ = 0x8,
  +PINCTRL_BANK_IRQEN = 0x9,
  +PINCTRL_BANK_IRQLEVEL = 0xa,
  +PINCTRL_BANK_IRQPOL = 0xb,
  +PINCTRL_BANK_IRQSTAT = 0xc,
  +
  +PINCTRL_BANK_INTERNAL_STATE = 0xd,
  +PINCTRL_MAX = 0xe0,
  +};
  +
  +#define PINCTRL_BANK_REG(_bank, _reg) ((_reg  8) | (_bank  4))
  +
  +enum {
  +MUX_GPIO = 0x3,
  +};
  +
  +
  +typedef struct imx23_pinctrl_state {
  +SysBusDevice busdev;
  +MemoryRegion iomem;
  +
  +uint32_t r[PINCTRL_MAX];
  +qemu_irq irq_in[3];
  +qemu_irq irq_out[PINCTRL_BANK_COUNT * 32];
  +
  +uint32_t state[PINCTRL_BANK_COUNT];
  +} imx23_pinctrl_state;
  +
  +static uint64_t imx23_pinctrl_read(
  +void *opaque, hwaddr offset, unsigned size)
  +{
  +imx23_pinctrl_state *s = (imx23_pinctrl_state *) opaque;
  +uint32_t res = 0;
  +
  +switch (offset  4) {
  +case 0 ... PINCTRL_MAX:
  +res = s-r[offset  4];
  +break;
  +default:
  +qemu_log_mask(LOG_GUEST_ERROR,
  +%s: bad offset 0x%x\n, __func__, (int) offset);
  +break;
  +}
  +
  +return res;
  +}
  +
  +static uint8_t imx23_pinctrl_getmux(
  +imx23_pinctrl_state *s, int pin)
  +{
  +int base = pin / 16, offset = pin % 16;
  +return (s-r[PINCTRL_BANK_MUXSEL + base]  (offset * 2))  0x3;
  +}
  +
  +/*
  + * usage imx23_pinctrl_getbit(s, PINCTRL_BANK_IRQEN, 48)...
  + */
  +static uint8_t imx23_pinctrl_getbit(
  +imx23_pinctrl_state *s, uint16_t reg, int pin)
  +{
  +int bank = pin / 32, offset = pin % 32;
  +uint32_t * latch = s-r[PINCTRL_BANK_REG(bank, reg)  4];
  +//printf(%s bank %d offset %d reg %d : %04x=%08x\n, __func__,
 bank, offset, reg,
  +//PINCTRL_BANK_REG(bank, reg),
  +//*latch);
  +return (*latch  offset)  0x1;
  +}
  +
  +static void imx23_pinctrl_setbit(
  +imx23_pinctrl_state *s, uint16_t reg, int pin, int value)
  +{
  +int bank = pin / 32, offset = pin % 32;
  +uint32_t * latch = s-r[PINCTRL_BANK_REG(bank, reg)  4];
  +*latch = (*latch  ~(1  offset)) | (!!value  offset);

 deposit32() will make this clearer to read.

  +}
  +
  +static void imx23_pinctrl_write_bank(
  +imx23_pinctrl_state *s, int bank,
  +int reg, uint32_t value,
  +uint32_t mask)
  +{
  +int set, pin;
  +switch (reg) {
  +/*
  + * Linux has a way of using the DOEPULL register to toggle the
 pin
  + */

 Why is this comment here? We should ideally not care what
 guest OS we run, we should just implement the h/w correctly.

  +case PINCTRL_BANK_PULL:
  +case PINCTRL_BANK_DOE:
  +/*
  + * Writing to the Data OUT register just triggers the
  + * output qemu IRQ for any further peripherals
  + */
  +case PINCTRL_BANK_OUT: {
  +while ((set = ffs(mask))  0) {
  +

Re: [Qemu-devel] [V4 PATCH 02/22] target-ppc: Add Flag for ISA2.06 Divide Extended Instructions

[Richard Henderson]

On 01/07/2014 08:05 AM, Tom Musta wrote:
 This patch adds a flag for the Divide Extended instructions that
 were introduced in Power ISA V2.06B.  The flag is added to the
 Power7 and Power8 models.
 
 Signed-off-by: Tom Musta tommu...@gmail.com
 ---
 V4: Split into new and separate patch.  Added flag to Power7+
 model.
 
  target-ppc/cpu.h|5 -
  target-ppc/translate_init.c |6 +++---
  2 files changed, 7 insertions(+), 4 deletions(-)

Reviewed-by: Richard Henderson r...@twiddle.net


r~

Re: [Qemu-devel] [V4 PATCH 05/22] target-ppc: Add ISA 2.06 divweu[o] Instructions

[Richard Henderson]

On 01/07/2014 08:05 AM, Tom Musta wrote:
 This patch addes the Unsigned Divide Word Extended instructions
 which were introduced in Power ISA 2.06B.
 
 Signed-off-by: Tom Musta tommu...@gmail.com
 ---
 V2: Eliminating extraneous code in the overflow case per comments
 from Richard Henderson.  Fixed corner case bug in divweu (check
 for (RA) = (RB)).
 
 V4: Using newly added PPC2_DIVE_ISA206 flag.  Converted to helper
 per Richard Henderson's review.
 
  target-ppc/helper.h |1 +
  target-ppc/int_helper.c |   31 +++
  target-ppc/translate.c  |5 +
  3 files changed, 37 insertions(+), 0 deletions(-)

Reviewed-by: Richard Henderson r...@twiddle.net


r~

Re: [Qemu-devel] [V4 PATCH 06/22] target-ppc: Add ISA 2.06 divwe[o] Instructions

[Richard Henderson]

On 01/07/2014 08:05 AM, Tom Musta wrote:
 This patch addes the signed Divide Word Extended instructions
 which were introduced in Power ISA 2.06B.
 
 Signed-off-by: Tom Musta tommu...@gmail.com
 ---
 V2: Eliminating extraneous code in the overflow case per comments
 from Richard Henderson.  Fixed corner case bug in divweu (check
 for (RA) = (RB)).
 
 V4: Using newly added PPC2_DIVE_ISA206 flag.  Converted to helper
 per Richard Henderson's review.
 
  target-ppc/helper.h |1 +
  target-ppc/int_helper.c |   32 
  target-ppc/translate.c  |4 
  3 files changed, 37 insertions(+), 0 deletions(-)

Reviewed-by: Richard Henderson r...@twiddle.net


r~

Re: [Qemu-devel] [PATCH v7 00/24] blkdebug/blkverify: Allow QMP configuration

[Kevin Wolf]

Am 20.12.2013 um 19:28 hat Max Reitz geschrieben:
 Currently, the configuration of blkdebug and blkverify is done through
 the filename alone. There is now way of manually choosing blkdebug or
 blkverify as a driver and using a normal image filename.
 
 In the case of blkdebug, the filename starts with the protocol prefix,
 follows up with the name of a configuration file and ends with the name
 of the image file.
 
 In the case of blkverify, the filename starts with the protocol prefix,
 follows up with the raw reference image filename and ends with the name
 of the image file.
 
 This patch allows the configuration of both drivers completely through
 QMP and accordingly command-line options. The driver has to be selected
 through the driver option (or similar), the image filename may be given
 either as the filename itself or through a x.filename option, where x
 depends on the driver. Further options may be required depending on the
 driver.
 
 In case of blkverify, the test image may be specified either through the
 filename or as a BlockdevRef reference through the test option. The
 raw image is referenced as raw.
 
 In case of blkdebug, one may either set the config option to the
 filename of a configuration file, or the content of the configuration
 file may be given directly (as options). The image filename is either
 specified as the filename or referenced through the image option.

Thanks, applied to the block branch.

I guess the next step is to untangle bdrv_file_open() and bdrv_open(),
because that part has become really confusing now... But I think this
series is a nice step forward.

Kevin

Re: [Qemu-devel] [V4 PATCH 07/22] target-ppc: Add Flag for ISA2.06 Atomic Instructions

[Richard Henderson]

On 01/07/2014 08:05 AM, Tom Musta wrote:
 This patch adds a flag for the atomic instructions introduced
 in Power ISA V2.06B.
 
 Signed-off-by: Tom Musta tommu...@gmail.com
 ---
 V4: Split into new and separate patch.  Added to Power7+ model.
 
  target-ppc/cpu.h|5 -
  target-ppc/translate_init.c |9 ++---
  2 files changed, 10 insertions(+), 4 deletions(-)

Reviewed-by: Richard Henderson r...@twiddle.net


r~

Re: [Qemu-devel] [V4 PATCH 10/22] target-ppc: Add Flag for ISA V2.06 Floating Point Conversion

[Richard Henderson]

On 01/07/2014 08:05 AM, Tom Musta wrote:
 This patch adds a flag for the floating point conversion instructions
 introduced in Power ISA 2.06B.
 
 Signed-off-by: Tom Musta tommu...@gmail.com
 ---
 V4: Split single flag into multiple flags per discussion with
 Alex Graf and Scott Wood.  Added to Power7+ config.
 
  target-ppc/cpu.h|5 -
  target-ppc/translate_init.c |6 +++---
  2 files changed, 7 insertions(+), 4 deletions(-)

Reviewed-by: Richard Henderson r...@twiddle.net


r~

Re: [Qemu-devel] [V4 PATCH 18/22] target-ppc: Add Flag for Power ISA V2.06 Floating Point Test Instructions

[Richard Henderson]

On 01/07/2014 08:06 AM, Tom Musta wrote:
 This patch adds a flag for Floating Point Test instructions that were
 introduced in Power ISA V2.06B.
 
 Signed-off-by: Tom Musta tommu...@gmail.com
 ---
 V4: Split single flag into multiple flags per discussion with
 Alex Graf and Scott Wood.  Added flag to Power7+ model.
 
  target-ppc/cpu.h|4 +++-
  target-ppc/translate_init.c |9 ++---
  2 files changed, 9 insertions(+), 4 deletions(-)

Reviewed-by: Richard Henderson r...@twiddle.net


r~

Re: [Qemu-devel] [V4 PATCH 12/22] target-ppc: Add ISA 2.06 fcfid[u][s] Instructions

[Richard Henderson]

On 01/07/2014 08:06 AM, Tom Musta wrote:
 This patch adds the fcfids, fcfidu and fcfidus instructions which
 were introduced in Power ISA 2.06B.  A common macro is provided to
 eliminate repetitious code, and the existing fcfid instruction is
 refactored to use this macro.
 
 Signed-off-by: Tom Musta tommu...@gmail.com
 ---
 V4: Using the newly added PPC2_FP_CVT_ISA206 flag.  Performed
 direct conversion to single precision per Richard Henderson's
 review.
 
  target-ppc/fpu_helper.c |   24 +---
  target-ppc/helper.h |3 +++
  target-ppc/translate.c  |9 +
  3 files changed, 29 insertions(+), 7 deletions(-)

Reviewed-by: Richard Henderson r...@twiddle.net


r~

Re: [Qemu-devel] [PULL 16/76] target-arm: Widen thread-local register state fields to 64 bits

[Peter Maydell]

On 7 January 2014 20:03, Peter Maydell peter.mayd...@linaro.org wrote:
 +#ifdef HOST_WORDS_BIGENDIAN
 +#define offsetoflow32(S, M) (offsetof(S, M + sizeof(uint32_t))

Mismatched brackets, won't build on bigendian hosts.
(I happened to randomly run cppcheck, or I'd not have spotted
that.)

Reroll #2 coming up later, though I'll just send the cover letter...

thanks
-- PMM

Re: [Qemu-devel] [V4 PATCH 17/22] target-ppc: Fix and enable fri[mnpz]

[Richard Henderson]

On 01/07/2014 08:06 AM, Tom Musta wrote:
 The fri* series of instructions was introduced prior to ISA 2.06 and
 is supported on Power7 and Power8 hardware.  However, the instruction
 is still considered illegal in the P7 and P8 QEMU emulation models.
 This patch enables these instructions for the P7 and P8 machines.
 
 Also, the existing helper is modified to correctly handle some of
 the boundary cases (NaNs and the inexact flag).
 
 Signed-off-by: Tom Musta tommu...@gmail.com
 ---
 V4: frin changed to use ties away rounding mode per Richard Henderson's
 review.  Modified NaN handling.  Proper handling of stickiness of
 the inexact flag.  Added to P7+ model.
 
  target-ppc/fpu_helper.c |   18 +++---
  target-ppc/translate_init.c |3 +++
  2 files changed, 14 insertions(+), 7 deletions(-)

Reviewed-by: Richard Henderson r...@twiddle.net


r~

Re: [Qemu-devel] [V4 PATCH 19/22] target-ppc: Add ISA 2.06 ftdiv Instruction

[Richard Henderson]

On 01/07/2014 08:06 AM, Tom Musta wrote:
 This patch adds the Floating Point Test for Divide instruction which
 was introduced in Power ISA 2.06B.
 
 Signed-off-by: Tom Musta tommu...@gmail.com
 ---
 V4: Using the newly added PPC2_FP_TST_ISA206 flag.  Modified helper
 signature per Richard Henderson's review.

Reviewed-by: Richard Henderson r...@twiddle.net


r~

Re: [Qemu-devel] [V4 PATCH 20/22] target-ppc: Add ISA 2.06 ftsqrt

[Richard Henderson]

On 01/07/2014 08:06 AM, Tom Musta wrote:
 This patch adds the Floating Point Test for Square Root instruction
 which was introduced in Power ISA 2.06.
 
 Signed-off-by: Tom Musta tommu...@gmail.com
 ---
 V4: Using the newly added PPC2_FP_TST_ISA206 flag.  Modified helper
 signature per Richard Henderson's review.
 
  target-ppc/fpu_helper.c |   31 +++
  target-ppc/helper.h |1 +
  target-ppc/translate.c  |   10 ++
  3 files changed, 42 insertions(+), 0 deletions(-)

Reviewed-by: Richard Henderson r...@twiddle.net


r~

Re: [Qemu-devel] [PATCH 06/13] mxs/imx23: Add digctl driver

[M P]

On 6 January 2014 15:46, Peter Maydell peter.mayd...@linaro.org wrote:

 On 11 December 2013 13:56, Michel Pollet buser...@gmail.com wrote:

 This implements just enough of the digctl IO block to allow
  linux to believe it's running on (currently only) an imx23.
 
  Signed-off-by: Michel Pollet buser...@gmail.com
  ---
   hw/arm/Makefile.objs  |   1 +
   hw/arm/imx23_digctl.c | 110
 ++
   2 files changed, 111 insertions(+)
   create mode 100644 hw/arm/imx23_digctl.c
 
  diff --git a/hw/arm/Makefile.objs b/hw/arm/Makefile.objs
  index 78b5614..9adcb96 100644
  --- a/hw/arm/Makefile.objs
  +++ b/hw/arm/Makefile.objs
  @@ -5,3 +5,4 @@ obj-y += tosa.o versatilepb.o vexpress.o virt.o
 xilinx_zynq.o z2.o
 
   obj-y += armv7m.o exynos4210.o pxa2xx.o pxa2xx_gpio.o pxa2xx_pic.o
   obj-y += omap1.o omap2.o strongarm.o
  +obj-$(CONFIG_MXS) += imx23_digctl.o
  diff --git a/hw/arm/imx23_digctl.c b/hw/arm/imx23_digctl.c
  new file mode 100644
  index 000..b7cd1ff
  --- /dev/null
  +++ b/hw/arm/imx23_digctl.c
  @@ -0,0 +1,110 @@
  +/*
  + * imx23_digctl.c
  + *
  + * Copyright: Michel Pollet buser...@gmail.com
  + *
  + * QEMU Licence
  + */
  +
  +/*
  + * This module implements a very basic IO block for the digctl of the
 imx23
  + * Basically there is no real logic, just constant registers return,
 the most
  + * used one bing the chip id that is used by the various linux drivers
  + * to differentiate between imx23 and 28.
  + *
  + * The module consists mostly of read/write registers that the
 bootloader and
  + * kernel are quite happy to 'set' to whatever value they believe they
 set...
  + */
  +
  +#include hw/sysbus.h
  +#include hw/arm/mxs.h
  +
  +enum {
  +HW_DIGCTL_RAMCTL = 0x3,
  +HW_DIGCTL_CHIPID = 0x31,
  +};
  +
  +typedef struct imx23_digctl_state {
  +SysBusDevice busdev;
  +MemoryRegion iomem;
  +
  +uint32_t   reg[0x2000 / 4];
  +} imx23_digctl_state;

 I'm not generally a fan of big reg[] array like this.
 In real hardware are these typically constant read/only
 registers, or do they actually do something? Does the
 hardware really have a full set of 2048 registers here,
 or are there gaps?


This block contains most of the 'general purpose' registers, ram timing and
all that jazz; there are a lot of write to it at init time, but it's
otherwise mostly ignored. Also, there's very little to do about it
functionally for qemu's purpose.



 I'd rather have us implement just the minimal set
 required for things to boot, with LOG_UNIMP (and
 read-zero/write-ignored) for the rest. That makes
 it easier to add actual implementations later
 (and your migration state is not 0x2000 bytes of random
 undifferentiated stuff).


I will re-add the trace for both write and read and see if I can narrow the
range down; it will be linux specific, tho, that's why I thought a
'catchall' block was more appropriate.


 thanks
 -- PMM


Thanks,
M

Re: [Qemu-devel] [PATCH 06/13] mxs/imx23: Add digctl driver

[Peter Maydell]

On 8 January 2014 18:39, M P buser...@gmail.com wrote:
 I will re-add the trace for both write and read and see if I can narrow the
 range down; it will be linux specific, tho, that's why I thought a
 'catchall' block was more appropriate.

Well, we should be implementing what the hardware does,
generally. Misimplementing things as read as written
isn't really any better than misimplementing them as
RAZ/WI, it's just differently wrong.

thanks
-- PMM

[Qemu-devel] [PULL 00/76] target-arm queue (v3)

[Peter Maydell]

Once again, with the erroneous '(' that would have broken bigendian
host compile deleted. I'm not going to resend all 76 patchmails...

Apologies
-- PMM

The following changes since commit f976b09ea2493fd41c98aaf6512908db0bae:

  PPC: Fix compilation with TCG debug (2013-12-22 19:15:55 +0100)

are available in the git repository at:

  git://git.linaro.org/people/pmaydell/qemu-arm.git 
tags/pull-target-arm-20140108

for you to fetch changes up to 8900aad218f8f2348bcd688eacf06d6c1f66bc69:

  target-arm: A64: Add support for FCVT between half, single and double 
(2014-01-08 19:07:23 +)


target-arm queue:
 * further A64 decoder patches, including enabling the aarch64-linux-user
   target; this includes full floating point support. Neon is not yet
   supported.
 * cadence UART model fixes.
 * some minor bug fixes and cleanups.
 * all the softfloat fixes required by the new A64 instructions;
   several of these will also be used by PPC.


Alex Bennée (6):
  target-arm: A64: add support for ld/st unsigned imm
  target-arm: A64: add support for ld/st with reg offset
  target-arm: A64: add support for ld/st with index
  target-arm: A64: add support for add, addi, sub, subi
  target-arm: A64: add support for move wide instructions
  .travis.yml: Add aarch64-* targets

Alexander Graf (9):
  target-arm: A64: add support for 3 src data proc insns
  target-arm: A64: implement SVC, BRK
  target-arm: aarch64: add support for ld lit
  target-arm: A64: Add support for dumping AArch64 VFP register state
  target-arm: A64: Add Floating-point data-processing (2 source) insns
  target-arm: A64: Add Floating-point data-processing (3 source) insns
  target-arm: A64: Add fmov (scalar, immediate) instruction
  target-arm: Give the FPSCR rounding modes names
  target-arm: A64: Add floating-point-fixed-point instructions

Christoffer Dall (2):
  arm_gic: Rename GIC_X_TRIGGER to GIC_X_EDGE_TRIGGER
  hw: arm_gic: Introduce gic_set_priority function

Claudio Fontana (6):
  target-arm: A64: add support for add/sub with carry
  target-arm: A64: add support for conditional compare insns
  linux-user: AArch64: define TARGET_CLONE_BACKWARDS
  target-arm: A64: Add support for floating point compare
  target-arm: A64: Add support for floating point conditional compare
  target-arm: A64: Add support for floating point cond select

Michael Matz (1):
  target-arm: A64: support for ld/st/cl exclusive

Michael S. Tsirkin (1):
  target-arm: fix build with gcc 4.8.2

Peter Crosthwaite (13):
  char/cadence_uart: Mark struct fields as public/private
  char/cadence_uart: Add missing uart_update_state
  char/cadence_uart: Fix reset.
  char/cadence_uart: s/r_fifo/rx_fifo
  char/cadence_uart: Simplify status generation
  char/cadence_uart: Define Missing SR/ISR fields
  char/cadence_uart: Remove TX timer  add TX FIFO state
  char/cadence_uart: Fix can_receive logic
  char/cadence_uart: Use the TX fifo for transmission
  char/cadence_uart: Delete redundant rx rst logic
  char/cadence_uart: Implement Tx flow control
  target-arm: remove raw_read|write duplication
  arm/xilinx_zynq: Always instantiate the GEMs

Peter Maydell (26):
  target-arm: A64: add support for ld/st pair
  target-arm: A64: Add decoder skeleton for FP instructions
  target-arm: A64: implement FMOV
  target-arm: Pull add one cpreg to hashtable into its own function
  target-arm: Update generic cpreg code for AArch64
  target-arm: Remove ARMCPU/CPUARMState from cpregs APIs used by decoder
  target-arm: A64: Implement MRS/MSR/SYS/SYSL
  target-arm: A64: Implement minimal set of EL0-visible sysregs
  target-arm: Widen thread-local register state fields to 64 bits
  target-arm: Widen exclusive-access support struct fields to 64 bits
  default-configs: Add config for aarch64-linux-user
  target-arm: A64: Fix vector register access on bigendian hosts
  target-arm: Use VFP_BINOP macro for min, max, minnum, maxnum
  softfloat: Fix exception flag handling for float32_to_float16()
  softfloat: Add 16 bit integer to float conversions
  softfloat: Make the int-to-float functions take exact-width types
  softfloat: Only raise Invalid when conversions to int are out of range
  softfloat: Fix factor 2 error for scalbn on denormal inputs
  softfloat: Provide complete set of accessors for fp state
  softfloat: Factor out RoundAndPackFloat16 and NormalizeFloat16Subnormal
  softfloat: Add float16 = float64 conversion functions
  softfloat: Refactor code handling various rounding modes
  softfloat: Add support for ties-away rounding
  target-arm: Ignore most exceptions from scalbn when doing fixpoint 
conversion
  target-arm

[Qemu-devel] [PATCH] block: fix backing file segfault

[Peter Feiner]

When a backing file is opened such that (1) a protocol is directly
used as the block driver and (2) the block driver has bdrv_file_open,
bdrv_open_backing_file segfaults. The problem arises because
bdrv_open_common returns without setting bd-backing_hd-file.

To effect (1), you seem to have to use the -F flag in qemu-img. There
are several block drivers that satisfy (2), such as file and nbd.
Here are some concrete examples:

#!/bin/bash

echo Test file format
./qemu-img create -f file base.file 1m
./qemu-img create -f qcow2 -F file -o backing_file=base.file\
file-overlay.qcow2
./qemu-img convert -O raw file-overlay.qcow2 file-convert.raw

echo Test nbd format
SOCK=$PWD/nbd.sock
./qemu-img create -f raw base.raw 1m
./qemu-nbd -t -k $SOCK base.raw 
trap kill $! EXIT
while ! test -e $SOCK; do sleep 1; done
./qemu-img create -f qcow2 -F nbd -o backing_file=nbd:unix:$SOCK\
nbd-overlay.qcow2
./qemu-img convert -O raw nbd-overlay.qcow2 nbd-convert.raw

Without this patch, the two qemu-img convert commands segfault.

This is a regression that was introduced in v1.7 by
dbecebddfa4932d1c83915bcb9b5ba5984eb91be.

Signed-off-by: Peter Feiner pe...@gridcentric.ca
---
 block.c |5 +++--
 1 file changed, 3 insertions(+), 2 deletions(-)

diff --git a/block.c b/block.c
index 64e7d22..a4a172d 100644
--- a/block.c
+++ b/block.c
@@ -1016,8 +1016,9 @@ int bdrv_open_backing_file(BlockDriverState *bs, QDict 
*options, Error **errp)
 error_free(local_err);
 return ret;
 }
-pstrcpy(bs-backing_file, sizeof(bs-backing_file),
-bs-backing_hd-file-filename);
+if (bs-backing_hd-file)
+pstrcpy(bs-backing_file, sizeof(bs-backing_file),
+bs-backing_hd-file-filename);
 return 0;
 }
 
-- 
1.7.9.5

[Qemu-devel] QEMU-KVM Guest TLB flush IPI emulation questions

[Hu Yaohui]

Hi All,
I have a question regarding Guest TLB flush IPI. Suppose we get two
vcpus 0 and 1.
When vcpu#0 wants to invalidate the tlb entry on vcpu#1. An IPI will
be generated by lapic on vcpu#0 by writing to ICR which will cause a
vmexit.
apic_send_ipi-kvm_irq_delivery_to_apic-kvm_apic_set_irq-__apic_accept_irq
In __apic_accept_irq, it will call kvm_make_request, kvm_vcpu_kick.
If vcpu#1 in guest mode, how can it receives this IPI immediately, or
the stale tlb entry could be accessed. Thanks for your time!

Best Wishes,
Yaohui Hu

[Qemu-devel] [PATCH] Add option to disable FDC from ISA bus and ACPI on i386

[Gabriel L. Somlo]

Add i386 command line option -no-fdc, which allows guests to omit the
configuration of a floppy controller. Applies on top of my previous patch
titled Add DSDT node for AppleSMC

Signed-off-by: Gabriel Somlo so...@cmu.edu
---
On Sun, Dec 22, 2013 at 11:21:00PM +0100, Laszlo Ersek wrote:
I guess the by the book solution would be to really stop the FDC from
being emulated when the AppleSMC is present

On Wed, Dec 25, 2013 at 09:20:55PM +0200, Michael S. Tsirkin wrote:
On Wed, Dec 25, 2013 at 08:11:56PM +0100, Alexander Graf wrote:
Speaking of which, does the q35 even have an fdc?
I don't think it does but this device seems to be supported with piix as well

This patch should be the first step to resolve all these issues.
If/when we make it possible to turn off the FDC, we can then choose
to leave it out altogether on Q35, and/or to throw an error if both
it and the AppleSMC are turned on, or have the presence of the
AppleSMC automatically force the FDC to be turned off, etc.

Please let me know what you all think.

Thanks,
  Gabriel

 include/hw/i386/pc.h  |  3 +++
 qemu-options.hx   |  8 
 vl.c  |  4 
 hw/i386/pc.c  | 10 +++---
 hw/i386/acpi-dsdt.dsl |  2 +-
 hw/i386/q35-acpi-dsdt.dsl |  4 ++--
 hw/i386/acpi-dsdt-isa.dsl | 11 +++
 hw/i386/acpi-build.c  |  8 
 8 files changed, 36 insertions(+), 14 deletions(-)

diff --git a/include/hw/i386/pc.h b/include/hw/i386/pc.h
index 24eb3de..5226a79 100644
--- a/include/hw/i386/pc.h
+++ b/include/hw/i386/pc.h
@@ -173,6 +173,9 @@ void piix4_smbus_register_device(SMBusDevice *dev, uint8_t 
addr);
 /* hpet.c */
 extern int no_hpet;
 
+/* fdc.c */
+extern int no_fdc;
+
 /* piix_pci.c */
 struct PCII440FXState;
 typedef struct PCII440FXState PCII440FXState;
diff --git a/qemu-options.hx b/qemu-options.hx
index bcfe9ea..396a028 100644
--- a/qemu-options.hx
+++ b/qemu-options.hx
@@ -1297,6 +1297,14 @@ STEXI
 Disable HPET support.
 ETEXI
 
+DEF(no-fdc, 0, QEMU_OPTION_no_fdc,
+-no-fdc disable FDC\n, QEMU_ARCH_I386)
+STEXI
+@item -no-fdc
+@findex -no-fdc
+Disable FDC support.
+ETEXI
+
 DEF(acpitable, HAS_ARG, QEMU_OPTION_acpitable,
 -acpitable 
[sig=str][,rev=n][,oem_id=str][,oem_table_id=str][,oem_rev=n][,asl_compiler_id=str][,asl_compiler_rev=n][,{data|file}=file1[:file2]...]\n
 ACPI table description\n, QEMU_ARCH_I386)
diff --git a/vl.c b/vl.c
index 7511e70..4a461a2 100644
--- a/vl.c
+++ b/vl.c
@@ -214,6 +214,7 @@ const char *vnc_display;
 #endif
 int acpi_enabled = 1;
 int no_hpet = 0;
+int no_fdc = 0;
 int fd_bootchk = 1;
 static int no_reboot;
 int no_shutdown = 0;
@@ -3576,6 +3577,9 @@ int main(int argc, char **argv, char **envp)
 case QEMU_OPTION_no_hpet:
 no_hpet = 1;
 break;
+case QEMU_OPTION_no_fdc:
+no_fdc = 1;
+break;
 case QEMU_OPTION_balloon:
 if (balloon_parse(optarg)  0) {
 fprintf(stderr, Unknown -balloon argument %s\n, optarg);
diff --git a/hw/i386/pc.c b/hw/i386/pc.c
index 3cd8f38..ba3bd3d 100644
--- a/hw/i386/pc.c
+++ b/hw/i386/pc.c
@@ -1353,10 +1353,14 @@ void pc_basic_device_init(ISABus *isa_bus, qemu_irq 
*gsi,
 cpu_exit_irq = qemu_allocate_irqs(cpu_request_exit, NULL, 1);
 DMA_init(0, cpu_exit_irq);
 
-for(i = 0; i  MAX_FD; i++) {
-fd[i] = drive_get(IF_FLOPPY, 0, i);
+if (!no_fdc) {
+for(i = 0; i  MAX_FD; i++) {
+fd[i] = drive_get(IF_FLOPPY, 0, i);
+}
+*floppy = fdctrl_init_isa(isa_bus, fd);
+} else {
+*floppy = NULL;
 }
-*floppy = fdctrl_init_isa(isa_bus, fd);
 }
 
 void pc_nic_init(ISABus *isa_bus, PCIBus *pci_bus)
diff --git a/hw/i386/acpi-dsdt.dsl b/hw/i386/acpi-dsdt.dsl
index b87c6e0..b608abf 100644
--- a/hw/i386/acpi-dsdt.dsl
+++ b/hw/i386/acpi-dsdt.dsl
@@ -110,11 +110,11 @@ DefinitionBlock (
 , 3,
 CBEN, 1, // COM2
 }
-Name(FDEN, 1)
 }
 }
 
 #define DSDT_APPLESMC_STA piix_dsdt_applesmc_sta
+#define DSDT_FDC_STA piix_dsdt_fdc_sta
 #include acpi-dsdt-isa.dsl
 
 
diff --git a/hw/i386/q35-acpi-dsdt.dsl b/hw/i386/q35-acpi-dsdt.dsl
index 12ff544..55756d8 100644
--- a/hw/i386/q35-acpi-dsdt.dsl
+++ b/hw/i386/q35-acpi-dsdt.dsl
@@ -165,13 +165,13 @@ DefinitionBlock (
 Field(LPCE, AnyAcc, NoLock, Preserve) {
 CAEN,   1,
 CBEN,   1,
-LPEN,   1,
-FDEN,   1
+LPEN,   1
 }
 }
 }
 
 #define DSDT_APPLESMC_STA q35_dsdt_applesmc_sta
+#define DSDT_FDC_STA q35_dsdt_fdc_sta
 #include acpi-dsdt-isa.dsl
 
 
diff --git a/hw/i386/acpi-dsdt-isa.dsl b/hw/i386/acpi-dsdt-isa.dsl
index 46942c1..747c3df 100644
--- a/hw/i386/acpi-dsdt-isa.dsl
+++ b/hw/i386/acpi-dsdt-isa.dsl
@@ -60,14 +60,9 @@ Scope(\_SB.PCI0.ISA) {
 
 Device(FDC0) {
 Name(_HID, 

[Qemu-devel] [PATCH v2] discard rbd error output when not relevant in qemu-iotests

[Loic Dachary]

Suppress rbd progress messages with --no-progress so they are not
confused with an error output when comparing test results ( progress is
displayed on stderr ).

Signed-off-by: Loic Dachary l...@dachary.org
---
 tests/qemu-iotests/common.rc | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/tests/qemu-iotests/common.rc b/tests/qemu-iotests/common.rc
index 28ba0d9..7442bad 100644
--- a/tests/qemu-iotests/common.rc
+++ b/tests/qemu-iotests/common.rc
@@ -189,7 +189,7 @@ _cleanup_test_img()
 ;;
 
 rbd)
-rbd rm $TEST_DIR/t.$IMGFMT  /dev/null
+rbd --no-progress rm $TEST_DIR/t.$IMGFMT  /dev/null
 ;;
 
 sheepdog)
-- 
1.8.3.2

Re: [Qemu-devel] [PATCH] Add option to disable FDC from ISA bus and ACPI on i386

[Michael S. Tsirkin]

On Wed, Jan 08, 2014 at 03:02:17PM -0500, Gabriel L. Somlo wrote:
 Add i386 command line option -no-fdc, which allows guests to omit the
 configuration of a floppy controller. Applies on top of my previous patch
 titled Add DSDT node for AppleSMC
 
 Signed-off-by: Gabriel Somlo so...@cmu.edu
 ---
 On Sun, Dec 22, 2013 at 11:21:00PM +0100, Laszlo Ersek wrote:
 I guess the by the book solution would be to really stop the FDC from
 being emulated when the AppleSMC is present
 
 On Wed, Dec 25, 2013 at 09:20:55PM +0200, Michael S. Tsirkin wrote:
 On Wed, Dec 25, 2013 at 08:11:56PM +0100, Alexander Graf wrote:
 Speaking of which, does the q35 even have an fdc?
 I don't think it does but this device seems to be supported with piix as well
 
 This patch should be the first step to resolve all these issues.
 If/when we make it possible to turn off the FDC, we can then choose
 to leave it out altogether on Q35, and/or to throw an error if both
 it and the AppleSMC are turned on, or have the presence of the
 AppleSMC automatically force the FDC to be turned off, etc.
 
 Please let me know what you all think.
 
 Thanks,
   Gabriel
 
  include/hw/i386/pc.h  |  3 +++
  qemu-options.hx   |  8 
  vl.c  |  4 
  hw/i386/pc.c  | 10 +++---
  hw/i386/acpi-dsdt.dsl |  2 +-
  hw/i386/q35-acpi-dsdt.dsl |  4 ++--
  hw/i386/acpi-dsdt-isa.dsl | 11 +++
  hw/i386/acpi-build.c  |  8 
  8 files changed, 36 insertions(+), 14 deletions(-)
 
 diff --git a/include/hw/i386/pc.h b/include/hw/i386/pc.h
 index 24eb3de..5226a79 100644
 --- a/include/hw/i386/pc.h
 +++ b/include/hw/i386/pc.h
 @@ -173,6 +173,9 @@ void piix4_smbus_register_device(SMBusDevice *dev, 
 uint8_t addr);
  /* hpet.c */
  extern int no_hpet;
  
 +/* fdc.c */
 +extern int no_fdc;
 +
  /* piix_pci.c */
  struct PCII440FXState;
  typedef struct PCII440FXState PCII440FXState;
 diff --git a/qemu-options.hx b/qemu-options.hx
 index bcfe9ea..396a028 100644
 --- a/qemu-options.hx
 +++ b/qemu-options.hx
 @@ -1297,6 +1297,14 @@ STEXI
  Disable HPET support.
  ETEXI
  
 +DEF(no-fdc, 0, QEMU_OPTION_no_fdc,
 +-no-fdc disable FDC\n, QEMU_ARCH_I386)
 +STEXI
 +@item -no-fdc
 +@findex -no-fdc
 +Disable FDC support.
 +ETEXI
 +
  DEF(acpitable, HAS_ARG, QEMU_OPTION_acpitable,
  -acpitable 
 [sig=str][,rev=n][,oem_id=str][,oem_table_id=str][,oem_rev=n][,asl_compiler_id=str][,asl_compiler_rev=n][,{data|file}=file1[:file2]...]\n
  ACPI table description\n, QEMU_ARCH_I386)
 diff --git a/vl.c b/vl.c
 index 7511e70..4a461a2 100644
 --- a/vl.c
 +++ b/vl.c
 @@ -214,6 +214,7 @@ const char *vnc_display;
  #endif
  int acpi_enabled = 1;
  int no_hpet = 0;
 +int no_fdc = 0;
  int fd_bootchk = 1;
  static int no_reboot;
  int no_shutdown = 0;
 @@ -3576,6 +3577,9 @@ int main(int argc, char **argv, char **envp)
  case QEMU_OPTION_no_hpet:
  no_hpet = 1;
  break;
 +case QEMU_OPTION_no_fdc:
 +no_fdc = 1;
 +break;
  case QEMU_OPTION_balloon:
  if (balloon_parse(optarg)  0) {
  fprintf(stderr, Unknown -balloon argument %s\n, 
 optarg);
 diff --git a/hw/i386/pc.c b/hw/i386/pc.c
 index 3cd8f38..ba3bd3d 100644
 --- a/hw/i386/pc.c
 +++ b/hw/i386/pc.c
 @@ -1353,10 +1353,14 @@ void pc_basic_device_init(ISABus *isa_bus, qemu_irq 
 *gsi,
  cpu_exit_irq = qemu_allocate_irqs(cpu_request_exit, NULL, 1);
  DMA_init(0, cpu_exit_irq);
  
 -for(i = 0; i  MAX_FD; i++) {
 -fd[i] = drive_get(IF_FLOPPY, 0, i);
 +if (!no_fdc) {
 +for(i = 0; i  MAX_FD; i++) {
 +fd[i] = drive_get(IF_FLOPPY, 0, i);
 +}
 +*floppy = fdctrl_init_isa(isa_bus, fd);
 +} else {
 +*floppy = NULL;
  }
 -*floppy = fdctrl_init_isa(isa_bus, fd);
  }
  
  void pc_nic_init(ISABus *isa_bus, PCIBus *pci_bus)
 diff --git a/hw/i386/acpi-dsdt.dsl b/hw/i386/acpi-dsdt.dsl
 index b87c6e0..b608abf 100644
 --- a/hw/i386/acpi-dsdt.dsl
 +++ b/hw/i386/acpi-dsdt.dsl
 @@ -110,11 +110,11 @@ DefinitionBlock (
  , 3,
  CBEN, 1, // COM2
  }
 -Name(FDEN, 1)
  }
  }
  
  #define DSDT_APPLESMC_STA piix_dsdt_applesmc_sta
 +#define DSDT_FDC_STA piix_dsdt_fdc_sta
  #include acpi-dsdt-isa.dsl
  
  
 diff --git a/hw/i386/q35-acpi-dsdt.dsl b/hw/i386/q35-acpi-dsdt.dsl
 index 12ff544..55756d8 100644
 --- a/hw/i386/q35-acpi-dsdt.dsl
 +++ b/hw/i386/q35-acpi-dsdt.dsl
 @@ -165,13 +165,13 @@ DefinitionBlock (
  Field(LPCE, AnyAcc, NoLock, Preserve) {
  CAEN,   1,
  CBEN,   1,
 -LPEN,   1,
 -FDEN,   1
 +LPEN,   1
  }
  }
  }
  
  #define DSDT_APPLESMC_STA q35_dsdt_applesmc_sta
 +#define DSDT_FDC_STA q35_dsdt_fdc_sta
  #include acpi-dsdt-isa.dsl
  
  
 diff --git