Re: [Qemu-devel] [PATCH COLO-Frame v11 18/39] COLO: Flush PVM's cached RAM into SVM's memory

[Dr. David Alan Gilbert]

* zhanghailiang (zhang.zhanghaili...@huawei.com) wrote:
> During the time of VM's running, PVM may dirty some pages, we will transfer
> PVM's dirty pages to SVM and store them into SVM's RAM cache at next 
> checkpoint
> time. So, the content of SVM's RAM cache will always be some with PVM's memory
> after checkpoint.
> 
> Instead of flushing all content of PVM's RAM cache into SVM's MEMORY,
> we do this in a more efficient way:
> Only flush any page that dirtied by PVM since last checkpoint.
> In this way, we can ensure SVM's memory same with PVM's.
> 
> Besides, we must ensure flush RAM cache before load device state.
> 
> Signed-off-by: zhanghailiang 
> Signed-off-by: Li Zhijian 
> Signed-off-by: Gonglei 
> ---
> v11:
> - Move the place of 'need_flush' (Dave's suggestion)
> - Remove unused 'DPRINTF("Flush ram_cache\n")'
> v10:
> - trace the number of dirty pages that be received.
> ---
>  include/migration/migration.h |  1 +
>  migration/colo.c  |  2 --
>  migration/ram.c   | 37 +
>  trace-events  |  1 +
>  4 files changed, 39 insertions(+), 2 deletions(-)
> 
> diff --git a/include/migration/migration.h b/include/migration/migration.h
> index e41372d..221176b 100644
> --- a/include/migration/migration.h
> +++ b/include/migration/migration.h
> @@ -336,4 +336,5 @@ PostcopyState postcopy_state_set(PostcopyState new_state);
>  /* ram cache */
>  int colo_init_ram_cache(void);
>  void colo_release_ram_cache(void);
> +void colo_flush_ram_cache(void);
>  #endif
> diff --git a/migration/colo.c b/migration/colo.c
> index 5ac8ff2..4095d97 100644
> --- a/migration/colo.c
> +++ b/migration/colo.c
> @@ -385,8 +385,6 @@ void *colo_process_incoming_thread(void *opaque)
>  }
>  qemu_mutex_unlock_iothread();
>  
> -/* TODO: flush vm state */
> -

Might have been better to put the TODO in a place that needed to be changed!

>  ret = colo_ctl_put(mis->to_src_file, COLO_COMMAND_VMSTATE_LOADED, 0);
>  if (ret < 0) {
>  goto out;
> diff --git a/migration/ram.c b/migration/ram.c
> index da6bbd6..4f37144 100644
> --- a/migration/ram.c
> +++ b/migration/ram.c
> @@ -2448,6 +2448,7 @@ static int ram_load(QEMUFile *f, void *opaque, int 
> version_id)
>   * be atomic
>   */
>  bool postcopy_running = postcopy_state_get() >= 
> POSTCOPY_INCOMING_LISTENING;
> +bool need_flush = false;
>  
>  seq_iter++;
>  
> @@ -2482,6 +2483,7 @@ static int ram_load(QEMUFile *f, void *opaque, int 
> version_id)
>  /* After going into COLO, we should load the Page into 
> colo_cache */
>  if (ram_cache_enable) {
>  host = colo_cache_from_block_offset(block, addr);
> +need_flush = true;
>  } else {
>  host = host_from_ram_block_offset(block, addr);
>  }
> @@ -2575,6 +2577,10 @@ static int ram_load(QEMUFile *f, void *opaque, int 
> version_id)
>  }
>  
>  rcu_read_unlock();
> +
> +if (!ret  && ram_cache_enable && need_flush) {
> +colo_flush_ram_cache();
> +}
>  DPRINTF("Completed load of VM with exit code %d seq iteration "
>  "%" PRIu64 "\n", ret, seq_iter);
>  return ret;
> @@ -2647,6 +2653,37 @@ void colo_release_ram_cache(void)
>  rcu_read_unlock();
>  }
>  
> +/*
> + * Flush content of RAM cache into SVM's memory.
> + * Only flush the pages that be dirtied by PVM or SVM or both.
> + */
> +void colo_flush_ram_cache(void)
> +{
> +RAMBlock *block = NULL;
> +void *dst_host;
> +void *src_host;
> +ram_addr_t  offset = 0;
> +
> +trace_colo_flush_ram_cache(migration_dirty_pages);
> +rcu_read_lock();
> +block = QLIST_FIRST_RCU(_list.blocks);
> +while (block) {
> +ram_addr_t ram_addr_abs;
> +offset = migration_bitmap_find_dirty(block, offset, _addr_abs);
> +migration_bitmap_clear_dirty(ram_addr_abs);
> +if (offset >= block->used_length) {
> +offset = 0;
> +block = QLIST_NEXT_RCU(block, next);
> +} else {
> +dst_host = block->host + offset;
> +src_host = block->colo_cache + offset;
> +memcpy(dst_host, src_host, TARGET_PAGE_SIZE);
> +}
> +}
> +rcu_read_unlock();

If you added a trace point here as well, it would make it very easy
to measure how long the flush was taking.

> +assert(migration_dirty_pages == 0);
> +}
> +
>  static SaveVMHandlers savevm_ram_handlers = {
>  .save_live_setup = ram_save_setup,
>  .save_live_iterate = ram_save_iterate,
> diff --git a/trace-events b/trace-events
> index f8a0959..f158d2a 100644
> --- a/trace-events
> +++ b/trace-events
> @@ -1264,6 +1264,7 @@ migration_throttle(void) ""
>  ram_load_postcopy_loop(uint64_t addr, int flags) "@%" PRIx64 " %x"
>  ram_postcopy_send_discard_bitmap(void) ""
>  

[Qemu-devel] [PATCH v5 4/4] i.MX: Add an i.MX25 specific CCM class/instance.

[Jean-Christophe Dubois]

With this CCM, i.MX25 timer is accurate with "real world time".

Signed-off-by: Jean-Christophe Dubois 
---
Changes since v1:
 * rework loging to match other i.MX drivers

Changes since v2:
 * We moved to an inheritance QOM scheme

Changes since v3:
 * Rework logging based on comments.

Changes since v4:
 * Improve debug logging.

 hw/arm/fsl-imx25.c  |   2 +-
 hw/misc/Makefile.objs   |   1 +
 hw/misc/imx25_ccm.c | 367 
 include/hw/arm/fsl-imx25.h  |   4 +-
 include/hw/misc/imx25_ccm.h |  61 
 5 files changed, 432 insertions(+), 3 deletions(-)
 create mode 100644 hw/misc/imx25_ccm.c
 create mode 100644 include/hw/misc/imx25_ccm.h

diff --git a/hw/arm/fsl-imx25.c b/hw/arm/fsl-imx25.c
index 9f302ed..36818ee 100644
--- a/hw/arm/fsl-imx25.c
+++ b/hw/arm/fsl-imx25.c
@@ -38,7 +38,7 @@ static void fsl_imx25_init(Object *obj)
 object_initialize(>avic, sizeof(s->avic), TYPE_IMX_AVIC);
 qdev_set_parent_bus(DEVICE(>avic), sysbus_get_default());
 
-object_initialize(>ccm, sizeof(s->ccm), TYPE_IMX31_CCM);
+object_initialize(>ccm, sizeof(s->ccm), TYPE_IMX25_CCM);
 qdev_set_parent_bus(DEVICE(>ccm), sysbus_get_default());
 
 for (i = 0; i < FSL_IMX25_NUM_UARTS; i++) {
diff --git a/hw/misc/Makefile.objs b/hw/misc/Makefile.objs
index c77f3e3..8a235df 100644
--- a/hw/misc/Makefile.objs
+++ b/hw/misc/Makefile.objs
@@ -27,6 +27,7 @@ obj-$(CONFIG_ECCMEMCTL) += eccmemctl.o
 obj-$(CONFIG_EXYNOS4) += exynos4210_pmu.o
 obj-$(CONFIG_IMX) += imx_ccm.o
 obj-$(CONFIG_IMX) += imx31_ccm.o
+obj-$(CONFIG_IMX) += imx25_ccm.o
 obj-$(CONFIG_MILKYMIST) += milkymist-hpdmc.o
 obj-$(CONFIG_MILKYMIST) += milkymist-pfpu.o
 obj-$(CONFIG_MAINSTONE) += mst_fpga.o
diff --git a/hw/misc/imx25_ccm.c b/hw/misc/imx25_ccm.c
new file mode 100644
index 000..fcba903
--- /dev/null
+++ b/hw/misc/imx25_ccm.c
@@ -0,0 +1,367 @@
+/*
+ * IMX25 Clock Control Module
+ *
+ * Copyright (C) 2012 NICTA
+ * Updated by Jean-Christophe Dubois 
+ *
+ * This work is licensed under the terms of the GNU GPL, version 2 or later.
+ * See the COPYING file in the top-level directory.
+ *
+ * To get the timer frequencies right, we need to emulate at least part of
+ * the CCM.
+ */
+
+#include "hw/misc/imx25_ccm.h"
+
+#ifndef DEBUG_IMX25_CCM
+#define DEBUG_IMX25_CCM 0
+#endif
+
+#define DPRINTF(fmt, args...) \
+do { \
+if (DEBUG_IMX25_CCM) { \
+fprintf(stderr, "[%s]%s: " fmt , TYPE_IMX25_CCM, \
+ __func__, ##args); \
+} \
+} while (0)
+
+static char const *imx25_ccm_reg_name(uint32_t reg)
+{
+static char unknown[20];
+
+switch (reg) {
+case 0:
+return "mpctl";
+case 1:
+return "upctl";
+case 2:
+return "cctl";
+case 3:
+return "cgcr0";
+case 4:
+return "cgcr1";
+case 5:
+return "cgcr2";
+case 6:
+return "pcdr0";
+case 7:
+return "pcdr1";
+case 8:
+return "pcdr2";
+case 9:
+return "pcdr3";
+case 10:
+return "rcsr";
+case 11:
+return "crdr";
+case 12:
+return "dcvr0";
+case 13:
+return "dcvr1";
+case 14:
+return "dcvr2";
+case 15:
+return "dcvr3";
+case 16:
+return "ltr0";
+case 17:
+return "ltr1";
+case 18:
+return "ltr2";
+case 19:
+return "ltr3";
+case 20:
+return "ltbr0";
+case 21:
+return "ltbr1";
+case 22:
+return "pmcr0";
+case 23:
+return "pmcr1";
+case 24:
+return "pmcr2";
+case 25:
+return "mcr";
+case 26:
+return "lpimr0";
+case 27:
+return "lpimr1";
+default:
+sprintf(unknown, "[%d ?]", reg);
+return unknown;
+}
+}
+#define CKIH_FREQ 2400 /* 24MHz crystal input */
+
+static const VMStateDescription vmstate_imx25_ccm = {
+.name = TYPE_IMX25_CCM,
+.version_id = 1,
+.minimum_version_id = 1,
+.fields = (VMStateField[]) {
+VMSTATE_UINT32(mpctl, IMX25CCMState),
+VMSTATE_UINT32(upctl, IMX25CCMState),
+VMSTATE_UINT32(cctl, IMX25CCMState),
+VMSTATE_UINT32_ARRAY(cgcr, IMX25CCMState, 3),
+VMSTATE_UINT32_ARRAY(pcdr, IMX25CCMState, 4),
+VMSTATE_UINT32(rcsr, IMX25CCMState),
+VMSTATE_UINT32(crdr, IMX25CCMState),
+VMSTATE_UINT32_ARRAY(dcvr, IMX25CCMState, 4),
+VMSTATE_UINT32_ARRAY(ltr, IMX25CCMState, 4),
+VMSTATE_UINT32_ARRAY(ltbr, IMX25CCMState, 2),
+VMSTATE_UINT32_ARRAY(pmcr, IMX25CCMState, 3),
+VMSTATE_UINT32(mcr, IMX25CCMState),
+VMSTATE_UINT32_ARRAY(lpimr, IMX25CCMState, 2),
+VMSTATE_END_OF_LIST()
+},
+};
+
+static uint32_t imx25_ccm_get_mpll_clk(IMXCCMState *dev)
+{
+uint32_t freq;
+IMX25CCMState *s = IMX25_CCM(dev);
+
+if (EXTRACT(s->cctl, MPLL_BYPASS)) {
+   

[Qemu-devel] [PATCH v5 1/4] i.MX: Fix i.MX31 default/reset configuration.

[Jean-Christophe Dubois]

Linux on i.MX31/KZM is expecting the CCM to use the CKIH ref clock instead
of the CKIL plus the FPM multiplier.

We change the CCMR reg reset value to match linux expected config.

This allow the CCM to provide a 39MHz clk (as expected by linux) instead of
the actual 50MHz.

With this change the "sleep 60" command on linux is time accurate with
"real world time".

Signed-off-by: Jean-Christophe Dubois 
---

Changes since v1:
 * Not present 
  
Changes since v2:
 * Not present 

Changes since v3:
 * Not present

Changes since v4:
 * Not present

 hw/misc/imx_ccm.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/hw/misc/imx_ccm.c b/hw/misc/imx_ccm.c
index 4cc2bbc..500dda5 100644
--- a/hw/misc/imx_ccm.c
+++ b/hw/misc/imx_ccm.c
@@ -123,7 +123,7 @@ static void imx_ccm_reset(DeviceState *dev)
 {
 IMXCCMState *s = IMX_CCM(dev);
 
-s->ccmr = 0x074b0b7b;
+s->ccmr = 0x074b0b7d;
 s->pdr0 = 0xff870b48;
 s->pdr1 = 0x49fcfe7f;
 s->mpctl = PLL_PD(1) | PLL_MFD(0) | PLL_MFI(6) | PLL_MFN(0);
-- 
2.5.0

Re: [Qemu-devel] [PATCH] spapr/pci: populate PCI DT in reverse order

[Thomas Huth]

On 30/11/15 11:45, Greg Kurz wrote:
> Since commit 1d2d974244c6 "spapr_pci: enumerate and add PCI device tree", QEMU
> populates the PCI device tree in the opposite order compared to SLOF.
> 
> Before 1d2d974244c6:
> 
> Populating /pci@8002000
>  00  (D) : 1af4 1000virtio [ net ]
>  00 0800 (D) : 1af4 1001virtio [ block ]
>  00 1000 (D) : 1af4 1009virtio [ network ]
> Populating /pci@8002000/unknown-legacy-device@2
> 
> 
> 7e5294b8 :  /pci@8002000
> 7e52b998 :  |-- ethernet@0
> 7e52c0c8 :  |-- scsi@1
> 7e52c7e8 :  +-- unknown-legacy-device@2 ok
> 
> Since 1d2d974244c6:
> 
> Populating /pci@8002000
>  00 1000 (D) : 1af4 1009virtio [ network ]
> Populating /pci@8002000/unknown-legacy-device@2
>  00 0800 (D) : 1af4 1001virtio [ block ]
>  00  (D) : 1af4 1000virtio [ net ]
> 
> 
> 7e5e8118 :  /pci@8002000
> 7e5ea6a0 :  |-- unknown-legacy-device@2
> 7e5eadb8 :  |-- scsi@1
> 7e5eb4d8 :  +-- ethernet@0 ok
> 
> This behaviour change is not actually a bug since no assumptions should be
> made on DT ordering. But it has no real justification either, other than
> being the consequence of the way fdt_add_subnode() inserts new elements
> to the front of the FDT rather than adding them to the tail.
> 
> This patch reverts to the historical SLOF ordering by walking PCI devices in
> reverse order.

I've applied your patch here locally, and indeed, the device tree looks
nicer to me, too, when the nodes are listed in ascending order.

Tested-by: Thomas Huth 

Re: [Qemu-devel] [PATCH v13 12/14] qapi: Enforce (or whitelist) case conventions on qapi members

[Eric Blake]

On 11/27/2015 02:03 AM, Markus Armbruster wrote:
> Eric Blake  writes:
> 
>> We document that members of enums and objects should be
>> 'lower-case', although we were not enforcing it.  We have to
>> whitelist a few pre-existing entities that violate the norms.
>> Add three new tests to expose the new error message, each of
>> which first uses the whitelisted name 'UuidInfo' to prove the
>> whitelist works, then triggers the failure.
> 

>> +'X86CPURegister32',
> 
> Because of all enum members.
> 
> *Not* visible in QMP, thus fixable.  Fix or TODO comment, please.

Not visible directly in QMP, but unfortunately visible in QOM.  See
target-i386/cpu.c, where x86_reg_info_32[] references the all-caps
names, and where x86_cpu_get_feature_words() calls
visit_type_X86CPUFeatureWordInfoList() and thereby exposes
X86CPURegister32 to the caller through 'qom-get'.

I can certainly add comments, though.

>> +++ b/tests/qapi-schema/args-member-case.json
>> @@ -0,0 +1,3 @@
>> +# Member names should be 'lower-case' unless the struct/command is 
>> whitelisted
>> +{ 'command': 'UuidInfo', 'data': { 'Arg': 'int' } }
>> +{ 'command': 'Foo', 'data': { 'Arg': 'int' } }
> 
> We normally put positive tests in qapi-schema-test.json, but I think
> keeping this one here makes more sense.

The idea of a positive test prior to a negative test, in order to prove
that the .err file refers only to the line number of the negative test,
was copied from returns-whitelist.json.  But maybe I can reuse the
'no-way-this-will-get-whitelisted' name from that test :)

-- 
Eric Blake   eblake redhat com+1-919-301-3266
Libvirt virtualization library http://libvirt.org



signature.asc
Description: OpenPGP digital signature

Re: [Qemu-devel] [PATCHv4 00/18] slirp: Adding IPv6 support to Qemu -net user mode

[Thomas Huth]

 Hi Samuel,

On 29/07/15 00:57, Samuel Thibault wrote:
> Samuel Thibault, le Wed 29 Jul 2015 00:13:57 +0200, a écrit :
> 
> This is another respin of IPv6 in Qemu -net user mode.
> 
> These patches add ICMPv6, NDP, and make UDP and TCP compatible with
> IPv6. We have made some refactoring to make current code compatible with
> IPv6.

FWIW, I've wanted to test IPv6 boot support in SLOF (the firmware of the
ppc64 pseries machine) today, so I've tried your patches and after
adapting the TFTP code in slirp to be able to deal with IPv6, too, I was
indeed able to load a file in the guest by using TFTP over IPv6. So
thank you, your patch series was very helpful for me today already!

Are you still planning to rebase the patches again to current master and
repost them, so we could maybe get this in for QEMU 2.6 ? If you put me
on CC:, I can try to review the series if you like (if I got the older
mails right, this was the main problem in the past, that nobody reviewed?).

 Cheers,
  Thomas

Re: [Qemu-devel] [PULL for-2.5 0/4] s390x fixes for 2.5

[Peter Maydell]

On 1 December 2015 at 09:05, Cornelia Huck <cornelia.h...@de.ibm.com> wrote:
> The following changes since commit a2485925f76d01795f041fd63663d8582139fda4:
>
>   Merge remote-tracking branch 'remotes/dgibson/tags/ppc-for-2.5-20151130' 
> into staging (2015-11-30 17:09:35 +)
>
> are available in the git repository at:
>
>   git://github.com/cohuck/qemu tags/s390x-20151201
>
> for you to fetch changes up to f0a399dbae6a2d0e2e15eb7ce0783286bbd9fe04:
>
>   s390x/pci: fix up IOMMU size (2015-12-01 09:57:28 +0100)
>
> 
> Last round of s390x fixes for 2.5:
> - The bios should be built for the first z machine, so that newer
>   instructions don't creep in.
> - Silence annoying message when running make check.
> - Fix a problem with the pci iommu exposed by recent changes.
>
> 
>
> Christian Borntraeger (1):
>   pc-bios/s390-ccw: build for z900
>
> Cornelia Huck (2):
>   pc-bios/s390-ccw: rebuild image
>   s390x: no deprecation warning while testing
>
> Yi Min Zhao (1):
>   s390x/pci: fix up IOMMU size

Applied, thanks.

-- PMM

Re: [Qemu-devel] [PATCH V3 3/3] hw/i386: extend pxb query for all PC machines

[Eduardo Habkost]

On Tue, Dec 01, 2015 at 10:53:07PM +0200, Marcel Apfelbaum wrote:
> On 12/01/2015 08:20 PM, Eduardo Habkost wrote:
> >On Thu, Nov 26, 2015 at 06:00:28PM +0200, Marcel Apfelbaum wrote:
> >>Add bus property to PC machines and use it when looking
> >>for primary PCI root bus (bus 0).
> >>
> >>Signed-off-by: Marcel Apfelbaum 
> >>---
> >>  hw/i386/acpi-build.c | 3 +--
> >>  hw/i386/pc.c | 2 +-
> >>  hw/i386/pc_piix.c| 1 +
> >>  hw/i386/pc_q35.c | 1 +
> >>  include/hw/i386/pc.h | 1 +
> >>  5 files changed, 5 insertions(+), 3 deletions(-)
> >>
> >>diff --git a/hw/i386/acpi-build.c b/hw/i386/acpi-build.c
> >>index 736b252..bca3f06 100644
> >>--- a/hw/i386/acpi-build.c
> >>+++ b/hw/i386/acpi-build.c
> >>@@ -950,8 +950,7 @@ build_ssdt(GArray *table_data, GArray *linker,
> >>  /* Reserve space for header */
> >>  acpi_data_push(ssdt->buf, sizeof(AcpiTableHeader));
> >>
> >>-/* Extra PCI root buses are implemented  only for i440fx */
> >>-bus = find_i440fx();
> >>+bus = PC_MACHINE(machine)->bus;
> >
> >You can use acpi_get_i386_pci_host()->bus here, so we can reduce
> >the amount of PC-specific code inside acpi-build.c.
> >
> >(Making acpi_get_i386_pci_host() more generic and not depend on
> >piix- and q35-specific checks is also on my plans)
> 
> Well, at this point, looking at the names PC_MACHINE and 
> acpi_get_i386_pci_host,
> I don't see much difference :)

I'm a bit confused by how generic acpi-build.c is supposed to be.
It has some code that seems to be an attempt to be more generic
(e.g. the "if (pci_host)" check at build_ssdt()), but lots of
other code that only work with PC machines. Maybe we should stop
pretending and simply use PCMachineState everywhere inside
acpi-build.c?

> I think we can change this later when acpi_get_i386_pci_host will be generic.

No problem to me. :)

-- 
Eduardo

[Qemu-devel] [PATCH v5 0/4] Add an i.MX25 specific CCM driver

[Jean-Christophe Dubois]

i.MX25 SOC has a different CCM device than i.MX31.

Qemu i.MX25 emulation was built with i.MX31 CCM driver. This allows
Linux to work on top of the i.MX25 emultion but this is not correct.

Furthermore, other SOC we could emulate like i.MX6 have yet a different
implementation of the CCM device.

So we split the i.MX31 into a generic base class and a specific i.MX31
class.

We then add an i.MX25 specific CCM Device and have the i.MX25 SOC use it.

Jean-Christophe Dubois (4):
  i.MX: Fix i.MX31 default/reset configuration.
  i.MX: rename i.MX CCM get_clock() function and CLK ID enum names
  i.MX: Split the CCM class into an abstact base class and a concrete
class.
  i.MX: Add an i.MX25 specific CCM class/instance.

 hw/arm/fsl-imx25.c  |   6 +-
 hw/arm/fsl-imx31.c  |   6 +-
 hw/misc/Makefile.objs   |   2 +
 hw/misc/imx25_ccm.c | 367 +
 hw/misc/imx31_ccm.c | 392 
 hw/misc/imx_ccm.c   | 231 +++---
 hw/timer/imx_epit.c |  20 +--
 hw/timer/imx_gpt.c  |  16 +-
 include/hw/arm/fsl-imx25.h  |   4 +-
 include/hw/arm/fsl-imx31.h  |   4 +-
 include/hw/misc/imx25_ccm.h |  61 +++
 include/hw/misc/imx31_ccm.h |  66 
 include/hw/misc/imx_ccm.h   |  75 +++--
 include/hw/timer/imx_epit.h |   5 +-
 include/hw/timer/imx_gpt.h  |   5 +-
 15 files changed, 970 insertions(+), 290 deletions(-)
 create mode 100644 hw/misc/imx25_ccm.c
 create mode 100644 hw/misc/imx31_ccm.c
 create mode 100644 include/hw/misc/imx25_ccm.h
 create mode 100644 include/hw/misc/imx31_ccm.h

-- 
2.5.0

[Qemu-devel] [PATCH v5 2/4] i.MX: rename i.MX CCM get_clock() function and CLK ID enum names

[Jean-Christophe Dubois]

This is to prepare for CCM code refactoring.

This is just a bit of function and enum values renaming.

We also remove some useless intermediate variables.

Signed-off-by: Jean-Christophe Dubois 
Reviewed-by: Peter Crosthwaite 
---
Changes since v1:
 * Not present 
  
Changes since v2:
 * Not present 

Changes since v3:
 * None

Changes since v4:
 * None

 hw/misc/imx_ccm.c |  8 
 hw/timer/imx_epit.c   | 20 +---
 hw/timer/imx_gpt.c| 16 
 include/hw/misc/imx_ccm.h |  8 
 4 files changed, 25 insertions(+), 27 deletions(-)

diff --git a/hw/misc/imx_ccm.c b/hw/misc/imx_ccm.c
index 500dda5..1ac697a 100644
--- a/hw/misc/imx_ccm.c
+++ b/hw/misc/imx_ccm.c
@@ -49,18 +49,18 @@ static const VMStateDescription vmstate_imx_ccm = {
 .post_load = imx_ccm_post_load,
 };
 
-uint32_t imx_clock_frequency(DeviceState *dev, IMXClk clock)
+uint32_t imx_ccm_get_clock_frequency(DeviceState *dev, IMXClk clock)
 {
 IMXCCMState *s = IMX_CCM(dev);
 
 switch (clock) {
 case NOCLK:
 return 0;
-case MCU:
+case CLK_MCU:
 return s->mcu_clk_freq;
-case HSP:
+case CLK_HSP:
 return s->hsp_clk_freq;
-case IPG:
+case CLK_IPG:
 return s->ipg_clk_freq;
 case CLK_32k:
 return CKIL_FREQ;
diff --git a/hw/timer/imx_epit.c b/hw/timer/imx_epit.c
index 967be4a..50bf83c 100644
--- a/hw/timer/imx_epit.c
+++ b/hw/timer/imx_epit.c
@@ -51,9 +51,9 @@ static char const *imx_epit_reg_name(uint32_t reg)
  * These are typical.
  */
 static const IMXClk imx_epit_clocks[] =  {
-0,/* 00 disabled */
-IPG,  /* 01 ipg_clk, ~532MHz */
-IPG,  /* 10 ipg_clk_highfreq */
+NOCLK,/* 00 disabled */
+CLK_IPG,  /* 01 ipg_clk, ~532MHz */
+CLK_IPG,  /* 10 ipg_clk_highfreq */
 CLK_32k,  /* 11 ipg_clk_32k -- ~32kHz */
 };
 
@@ -73,20 +73,18 @@ static void imx_epit_set_freq(IMXEPITState *s)
 {
 uint32_t clksrc;
 uint32_t prescaler;
-uint32_t freq;
 
 clksrc = extract32(s->cr, CR_CLKSRC_SHIFT, 2);
 prescaler = 1 + extract32(s->cr, CR_PRESCALE_SHIFT, 12);
 
-freq = imx_clock_frequency(s->ccm, imx_epit_clocks[clksrc]) / prescaler;
+s->freq = imx_ccm_get_clock_frequency(s->ccm,
+imx_epit_clocks[clksrc]) / prescaler;
 
-s->freq = freq;
+DPRINTF("Setting ptimer frequency to %u\n", s->freq);
 
-DPRINTF("Setting ptimer frequency to %u\n", freq);
-
-if (freq) {
-ptimer_set_freq(s->timer_reload, freq);
-ptimer_set_freq(s->timer_cmp, freq);
+if (s->freq) {
+ptimer_set_freq(s->timer_reload, s->freq);
+ptimer_set_freq(s->timer_cmp, s->freq);
 }
 }
 
diff --git a/hw/timer/imx_gpt.c b/hw/timer/imx_gpt.c
index 7257f42..b1893b8 100644
--- a/hw/timer/imx_gpt.c
+++ b/hw/timer/imx_gpt.c
@@ -81,8 +81,8 @@ static const VMStateDescription vmstate_imx_timer_gpt = {
 
 static const IMXClk imx_gpt_clocks[] = {
 NOCLK,/* 000 No clock source */
-IPG,  /* 001 ipg_clk, 532MHz*/
-IPG,  /* 010 ipg_clk_highfreq */
+CLK_IPG,  /* 001 ipg_clk, 532MHz*/
+CLK_IPG,  /* 010 ipg_clk_highfreq */
 NOCLK,/* 011 not defined */
 CLK_32k,  /* 100 ipg_clk_32k */
 NOCLK,/* 101 not defined */
@@ -93,14 +93,14 @@ static const IMXClk imx_gpt_clocks[] = {
 static void imx_gpt_set_freq(IMXGPTState *s)
 {
 uint32_t clksrc = extract32(s->cr, GPT_CR_CLKSRC_SHIFT, 3);
-uint32_t freq = imx_clock_frequency(s->ccm, imx_gpt_clocks[clksrc])
-/ (1 + s->pr);
-s->freq = freq;
 
-DPRINTF("Setting clksrc %d to frequency %d\n", clksrc, freq);
+s->freq = imx_ccm_get_clock_frequency(s->ccm,
+imx_gpt_clocks[clksrc]) / (1 + s->pr);
 
-if (freq) {
-ptimer_set_freq(s->timer, freq);
+DPRINTF("Setting clksrc %d to frequency %d\n", clksrc, s->freq);
+
+if (s->freq) {
+ptimer_set_freq(s->timer, s->freq);
 }
 }
 
diff --git a/include/hw/misc/imx_ccm.h b/include/hw/misc/imx_ccm.h
index 0f2e469..09f6248 100644
--- a/include/hw/misc/imx_ccm.h
+++ b/include/hw/misc/imx_ccm.h
@@ -80,12 +80,12 @@ typedef struct IMXCCMState {
 
 typedef enum  {
 NOCLK,
-MCU,
-HSP,
-IPG,
+CLK_MCU,
+CLK_HSP,
+CLK_IPG,
 CLK_32k
 } IMXClk;
 
-uint32_t imx_clock_frequency(DeviceState *s, IMXClk clock);
+uint32_t imx_ccm_get_clock_frequency(DeviceState *s, IMXClk clock);
 
 #endif /* IMX_CCM_H */
-- 
2.5.0

Re: [Qemu-devel] [PATCH] virtio-pci: Set the QEMU_PCI_CAP_EXPRESS capability early in its DeviceClass realize method

[Marcel Apfelbaum]

On 12/01/2015 09:30 PM, Shmulik Ladkani wrote:

Hi,

On Tue, 1 Dec 2015 18:36:39 +0200 Marcel Apfelbaum  wrote:

+if (pci_is_express(pci_dev) && pci_bus_is_express(pci_dev->bus) &&
+!pci_bus_is_root(pci_dev->bus)) {
   int pos;


Here you should check only for 'pci_is_express(pci_dev)' .


[snip]


+static void virtio_pci_dc_realize(DeviceState *qdev, Error **errp)
+{
+VirtioPCIClass *vpciklass = VIRTIO_PCI_GET_CLASS(qdev);
+VirtIOPCIProxy *proxy = VIRTIO_PCI(qdev);
+PCIDevice *pci_dev = >pci_dev;
+
+if (!(proxy->flags & VIRTIO_PCI_FLAG_DISABLE_PCIE) &&
+!(proxy->flags & VIRTIO_PCI_FLAG_DISABLE_MODERN)) {
+pci_dev->cap_present |= QEMU_PCI_CAP_EXPRESS;


And here you should also check:
   pci_bus_is_express(pci_dev->bus) && !pci_bus_is_root(pci_dev->bus))

The reason is the device becomes express only if *all* the conditions
are met.


I'm ok with either approaches.

However it seems common practice to set QEMU_PCI_CAP_EXPRESS
unconditionally for PCIE devices.

The few existing PCIE devices do so by assigning their
PCIDeviceClass.is_express to 1 within their 'class_init', regardless the
properties of the bus their on.
(e.g. xhci_class_init, megasas_class_init, vfio_pci_dev_class_init,
  nvme_class_init, and more)

Some devices later call pcie_endpoint_cap_init conditionally.
(e.g. usb_xhci_realize).

Can you please examine this and let me know the preferred approach?


Yes, I saw that..., as always not a walk in the park.

- So we have "is_express = true" <=> QEMU_PCI_CAP_EXPRESS on <=> "config size = 
PCIe"
- Not related to the above (!!), if (some condition) => add PCIe express 
capability
  (megasas is the exception)

Let's take "usb_xhci":
 - If we put it under a PCI bus it will not be an express device, but
   it will have a "big" config space. Also pci_is_express(dev) will still 
return true!
 - This is probably a bug. (or I am missing something)
NVME:
 - simple, always PCIe
Now let's see vfio-pci:
 - is_express = true (with the comment: we might be) => PCIe config
 - vfio_populate_device => checks actual register (I think),
   if not PCIe, rewinds it :
vdev->config_size = reg_info.size;
if (vdev->config_size == PCI_CONFIG_SPACE_SIZE) {
vdev->pdev.cap_present &= ~QEMU_PCI_CAP_EXPRESS;
}
 - better (we still "loose" the space, but at least pci_is_express will return 
false)

Now virtio case:
 - If we split the conditions into 2 parts we would have usb_xhci issues:
   - PCIe config space for a PCI device if *some* conditions are not met.
   - pci_is_express will return true when we don't want that.
If you see a reason to split, please do, I only see problems :)

Our solution to make it "clean" is to not mark the class as "is_express",
but hijack realize method and add our "conditions" before calling it.

A more elegant solution would be to make is_express a method and let the 
subclasses
implement it:
 - vfio will look for the actual device config space
 - NVME will return true
 - usb_xhci will condition this on the bus type
 - virtio will have its own conditions.
But this is not 2.5 material.

I hope I helped,
Thanks for getting involved.
Marcel




+DeviceRealize saved_dc_realize;


I would change the name to parent_realize :)


Sure.

Re: [Qemu-devel] [PATCH V3 3/3] hw/i386: extend pxb query for all PC machines

[Marcel Apfelbaum]

On 12/01/2015 08:20 PM, Eduardo Habkost wrote:

On Thu, Nov 26, 2015 at 06:00:28PM +0200, Marcel Apfelbaum wrote:

Add bus property to PC machines and use it when looking
for primary PCI root bus (bus 0).

Signed-off-by: Marcel Apfelbaum 
---
  hw/i386/acpi-build.c | 3 +--
  hw/i386/pc.c | 2 +-
  hw/i386/pc_piix.c| 1 +
  hw/i386/pc_q35.c | 1 +
  include/hw/i386/pc.h | 1 +
  5 files changed, 5 insertions(+), 3 deletions(-)

diff --git a/hw/i386/acpi-build.c b/hw/i386/acpi-build.c
index 736b252..bca3f06 100644
--- a/hw/i386/acpi-build.c
+++ b/hw/i386/acpi-build.c
@@ -950,8 +950,7 @@ build_ssdt(GArray *table_data, GArray *linker,
  /* Reserve space for header */
  acpi_data_push(ssdt->buf, sizeof(AcpiTableHeader));

-/* Extra PCI root buses are implemented  only for i440fx */
-bus = find_i440fx();
+bus = PC_MACHINE(machine)->bus;


You can use acpi_get_i386_pci_host()->bus here, so we can reduce
the amount of PC-specific code inside acpi-build.c.

(Making acpi_get_i386_pci_host() more generic and not depend on
piix- and q35-specific checks is also on my plans)


Well, at this point, looking at the names PC_MACHINE and acpi_get_i386_pci_host,
I don't see much difference :)
I think we can change this later when acpi_get_i386_pci_host will be generic.

Thanks,
Marcel




  if (bus) {
  QLIST_FOREACH(bus, >child, sibling) {
  uint8_t bus_num = pci_bus_num(bus);

[...]

[Qemu-devel] [PATCH v5 3/4] i.MX: Split the CCM class into an abstact base class and a concrete class.

[Jean-Christophe Dubois]

The IMX_CCM class is now the base abstract class that is used by EPIT and GPT
timer implementation.

IMX31_CCM class is the concrete class implementing CCM for i.MX31 SOC.

For now the i.MX25 continues to use the i.MX31 CCM implementation.

An i.MX25 specific CCM will be introduced in a later patch.

We rework initialization to stop using deprecated sysbus device init

We also "fix" the i.MX32 CCM clock tree as the IPG clock is derived from the 
"hclk" clk instead of "mcu_main".

Signed-off-by: Jean-Christophe Dubois 
Reviewed-by: Peter Crosthwaite 
---
Changes since v1:
 * None
 
Changes since v2:
 * We moved to an inheritance QOM scheme
 
Changes since v3:
 * Rework logging based on comment on i.MX25 CCM patch.
 * Change abstract class function parameter to abstract class type instead
   of DEVICE type.
 * EPIT and GPT timers use abstract class instead of DEVICE class.

Changes sinve v4:
 * improve debug logging.
 * make IPG clk dependent on HCLK clk.

 hw/arm/fsl-imx25.c  |   6 +-
 hw/arm/fsl-imx31.c  |   6 +-
 hw/misc/Makefile.objs   |   1 +
 hw/misc/imx31_ccm.c | 392 
 hw/misc/imx_ccm.c   | 231 +++---
 include/hw/arm/fsl-imx25.h  |   4 +-
 include/hw/arm/fsl-imx31.h  |   4 +-
 include/hw/misc/imx31_ccm.h |  66 
 include/hw/misc/imx_ccm.h   |  69 +++-
 include/hw/timer/imx_epit.h |   5 +-
 include/hw/timer/imx_gpt.h  |   5 +-
 11 files changed, 521 insertions(+), 268 deletions(-)
 create mode 100644 hw/misc/imx31_ccm.c
 create mode 100644 include/hw/misc/imx31_ccm.h

diff --git a/hw/arm/fsl-imx25.c b/hw/arm/fsl-imx25.c
index e1cadac..9f302ed 100644
--- a/hw/arm/fsl-imx25.c
+++ b/hw/arm/fsl-imx25.c
@@ -38,7 +38,7 @@ static void fsl_imx25_init(Object *obj)
 object_initialize(>avic, sizeof(s->avic), TYPE_IMX_AVIC);
 qdev_set_parent_bus(DEVICE(>avic), sysbus_get_default());
 
-object_initialize(>ccm, sizeof(s->ccm), TYPE_IMX_CCM);
+object_initialize(>ccm, sizeof(s->ccm), TYPE_IMX31_CCM);
 qdev_set_parent_bus(DEVICE(>ccm), sysbus_get_default());
 
 for (i = 0; i < FSL_IMX25_NUM_UARTS; i++) {
@@ -150,7 +150,7 @@ static void fsl_imx25_realize(DeviceState *dev, Error 
**errp)
 { FSL_IMX25_GPT4_ADDR, FSL_IMX25_GPT4_IRQ }
 };
 
-s->gpt[i].ccm = DEVICE(>ccm);
+s->gpt[i].ccm = IMX_CCM(>ccm);
 
 object_property_set_bool(OBJECT(>gpt[i]), true, "realized", );
 if (err) {
@@ -173,7 +173,7 @@ static void fsl_imx25_realize(DeviceState *dev, Error 
**errp)
 { FSL_IMX25_EPIT2_ADDR, FSL_IMX25_EPIT2_IRQ }
 };
 
-s->epit[i].ccm = DEVICE(>ccm);
+s->epit[i].ccm = IMX_CCM(>ccm);
 
 object_property_set_bool(OBJECT(>epit[i]), true, "realized", );
 if (err) {
diff --git a/hw/arm/fsl-imx31.c b/hw/arm/fsl-imx31.c
index 53d4473..abdea06 100644
--- a/hw/arm/fsl-imx31.c
+++ b/hw/arm/fsl-imx31.c
@@ -35,7 +35,7 @@ static void fsl_imx31_init(Object *obj)
 object_initialize(>avic, sizeof(s->avic), TYPE_IMX_AVIC);
 qdev_set_parent_bus(DEVICE(>avic), sysbus_get_default());
 
-object_initialize(>ccm, sizeof(s->ccm), TYPE_IMX_CCM);
+object_initialize(>ccm, sizeof(s->ccm), TYPE_IMX31_CCM);
 qdev_set_parent_bus(DEVICE(>ccm), sysbus_get_default());
 
 for (i = 0; i < FSL_IMX31_NUM_UARTS; i++) {
@@ -128,7 +128,7 @@ static void fsl_imx31_realize(DeviceState *dev, Error 
**errp)
 serial_table[i].irq));
 }
 
-s->gpt.ccm = DEVICE(>ccm);
+s->gpt.ccm = IMX_CCM(>ccm);
 
 object_property_set_bool(OBJECT(>gpt), true, "realized", );
 if (err) {
@@ -150,7 +150,7 @@ static void fsl_imx31_realize(DeviceState *dev, Error 
**errp)
 { FSL_IMX31_EPIT2_ADDR, FSL_IMX31_EPIT2_IRQ },
 };
 
-s->epit[i].ccm = DEVICE(>ccm);
+s->epit[i].ccm = IMX_CCM(>ccm);
 
 object_property_set_bool(OBJECT(>epit[i]), true, "realized", );
 if (err) {
diff --git a/hw/misc/Makefile.objs b/hw/misc/Makefile.objs
index aeb6b7d..c77f3e3 100644
--- a/hw/misc/Makefile.objs
+++ b/hw/misc/Makefile.objs
@@ -26,6 +26,7 @@ obj-$(CONFIG_NSERIES) += cbus.o
 obj-$(CONFIG_ECCMEMCTL) += eccmemctl.o
 obj-$(CONFIG_EXYNOS4) += exynos4210_pmu.o
 obj-$(CONFIG_IMX) += imx_ccm.o
+obj-$(CONFIG_IMX) += imx31_ccm.o
 obj-$(CONFIG_MILKYMIST) += milkymist-hpdmc.o
 obj-$(CONFIG_MILKYMIST) += milkymist-pfpu.o
 obj-$(CONFIG_MAINSTONE) += mst_fpga.o
diff --git a/hw/misc/imx31_ccm.c b/hw/misc/imx31_ccm.c
new file mode 100644
index 000..b92d2e0
--- /dev/null
+++ b/hw/misc/imx31_ccm.c
@@ -0,0 +1,392 @@
+/*
+ * IMX31 Clock Control Module
+ *
+ * Copyright (C) 2012 NICTA
+ * Updated by Jean-Christophe Dubois 
+ *
+ * This work is licensed under the terms of the GNU GPL, version 2 or later.
+ * See the COPYING file in the top-level directory.
+ *
+ * To get the timer frequencies 

[Qemu-devel] [PATCH v3 5/6] pc: Remove enforce-aligned-dimm QOM property

[Eduardo Habkost]

The property is read-only and not used for anything.

Cc: Igor Mammedov 
Signed-off-by: Eduardo Habkost 
---
 hw/i386/pc.c | 11 ---
 include/hw/i386/pc.h |  1 -
 2 files changed, 12 deletions(-)

diff --git a/hw/i386/pc.c b/hw/i386/pc.c
index 72c25ec..1b22ad2 100644
--- a/hw/i386/pc.c
+++ b/hw/i386/pc.c
@@ -1864,13 +1864,6 @@ static void pc_machine_set_smm(Object *obj, Visitor *v, 
void *opaque,
 visit_type_OnOffAuto(v, >smm, name, errp);
 }
 
-static bool pc_machine_get_aligned_dimm(Object *obj, Error **errp)
-{
-PCMachineClass *pcmc = PC_MACHINE_GET_CLASS(obj);
-
-return pcmc->enforce_aligned_dimm;
-}
-
 static void pc_machine_initfn(Object *obj)
 {
 PCMachineState *pcms = PC_MACHINE(obj);
@@ -1905,10 +1898,6 @@ static void pc_machine_initfn(Object *obj)
 object_property_set_description(obj, PC_MACHINE_VMPORT,
 "Enable vmport (pc & q35)",
 _abort);
-
-object_property_add_bool(obj, PC_MACHINE_ENFORCE_ALIGNED_DIMM,
- pc_machine_get_aligned_dimm,
- NULL, _abort);
 }
 
 static void pc_machine_reset(void)
diff --git a/include/hw/i386/pc.h b/include/hw/i386/pc.h
index 6b86deb..12f0ab0 100644
--- a/include/hw/i386/pc.h
+++ b/include/hw/i386/pc.h
@@ -45,7 +45,6 @@ struct PCMachineState {
 #define PC_MACHINE_MAX_RAM_BELOW_4G "max-ram-below-4g"
 #define PC_MACHINE_VMPORT   "vmport"
 #define PC_MACHINE_SMM  "smm"
-#define PC_MACHINE_ENFORCE_ALIGNED_DIMM "enforce-aligned-dimm"
 
 /**
  * PCMachineClass:
-- 
2.1.0

[Qemu-devel] [PATCH v3 1/6] pc: Move compat boolean globals to PCMachineClass

[Eduardo Habkost]

This way the compat flags can be initialized in the machine_options()
function. This will help us to eventually eliminate the pc_compat_*()
functions.

Signed-off-by: Eduardo Habkost 
---
 hw/i386/pc.c |  8 +
 hw/i386/pc_piix.c| 84 +---
 hw/i386/pc_q35.c | 54 +++--
 include/hw/i386/pc.h | 14 +
 4 files changed, 86 insertions(+), 74 deletions(-)

diff --git a/hw/i386/pc.c b/hw/i386/pc.c
index 5e20e07..129aa04 100644
--- a/hw/i386/pc.c
+++ b/hw/i386/pc.c
@@ -1952,6 +1952,14 @@ static void pc_machine_class_init(ObjectClass *oc, void 
*data)
 HotplugHandlerClass *hc = HOTPLUG_HANDLER_CLASS(oc);
 
 pcmc->get_hotplug_handler = mc->get_hotplug_handler;
+pcmc->pci_enabled = true;
+pcmc->has_acpi_build = true;
+pcmc->rsdp_in_ram = true;
+pcmc->smbios_defaults = true;
+pcmc->smbios_uuid_encoded = true;
+pcmc->gigabyte_align = true;
+pcmc->has_reserved_memory = true;
+pcmc->kvmclock_enabled = true;
 mc->get_hotplug_handler = pc_get_hotpug_handler;
 mc->cpu_index_to_socket_id = pc_cpu_index_to_socket_id;
 mc->default_boot_order = "cad";
diff --git a/hw/i386/pc_piix.c b/hw/i386/pc_piix.c
index 2e41efe..7a7f748 100644
--- a/hw/i386/pc_piix.c
+++ b/hw/i386/pc_piix.c
@@ -60,26 +60,14 @@ static const int ide_iobase[MAX_IDE_BUS] = { 0x1f0, 0x170 };
 static const int ide_iobase2[MAX_IDE_BUS] = { 0x3f6, 0x376 };
 static const int ide_irq[MAX_IDE_BUS] = { 14, 15 };
 
-static bool pci_enabled = true;
-static bool has_acpi_build = true;
-static bool rsdp_in_ram = true;
 static int legacy_acpi_table_size;
-static bool smbios_defaults = true;
-static bool smbios_legacy_mode;
-static bool smbios_uuid_encoded = true;
-/* Make sure that guest addresses aligned at 1Gbyte boundaries get mapped to
- * host addresses aligned at 1Gbyte boundaries.  This way we can use 1GByte
- * pages in the host.
- */
-static bool gigabyte_align = true;
-static bool has_reserved_memory = true;
-static bool kvmclock_enabled = true;
 
 /* PC hardware initialisation */
 static void pc_init1(MachineState *machine,
  const char *host_type, const char *pci_type)
 {
 PCMachineState *pcms = PC_MACHINE(machine);
+PCMachineClass *pcmc = PC_MACHINE_GET_CLASS(pcms);
 MemoryRegion *system_memory = get_system_memory();
 MemoryRegion *system_io = get_system_io();
 int i;
@@ -108,7 +96,7 @@ static void pc_init1(MachineState *machine,
  * breaking migration.
  */
 if (machine->ram_size >= 0xe000) {
-lowmem = gigabyte_align ? 0xc000 : 0xe000;
+lowmem = pcmc->gigabyte_align ? 0xc000 : 0xe000;
 } else {
 lowmem = 0xe000;
 }
@@ -141,11 +129,11 @@ static void pc_init1(MachineState *machine,
 
 pc_cpus_init(pcms);
 
-if (kvm_enabled() && kvmclock_enabled) {
+if (kvm_enabled() && pcmc->kvmclock_enabled) {
 kvmclock_create();
 }
 
-if (pci_enabled) {
+if (pcmc->pci_enabled) {
 pci_memory = g_new(MemoryRegion, 1);
 memory_region_init(pci_memory, NULL, "pci", UINT64_MAX);
 rom_memory = pci_memory;
@@ -156,18 +144,19 @@ static void pc_init1(MachineState *machine,
 
 guest_info = pc_guest_info_init(pcms);
 
-guest_info->has_acpi_build = has_acpi_build;
+guest_info->has_acpi_build = pcmc->has_acpi_build;
 guest_info->legacy_acpi_table_size = legacy_acpi_table_size;
 
-guest_info->isapc_ram_fw = !pci_enabled;
-guest_info->has_reserved_memory = has_reserved_memory;
-guest_info->rsdp_in_ram = rsdp_in_ram;
+guest_info->isapc_ram_fw = !pcmc->pci_enabled;
+guest_info->has_reserved_memory = pcmc->has_reserved_memory;
+guest_info->rsdp_in_ram = pcmc->rsdp_in_ram;
 
-if (smbios_defaults) {
+if (pcmc->smbios_defaults) {
 MachineClass *mc = MACHINE_GET_CLASS(machine);
 /* These values are guest ABI, do not change */
 smbios_set_defaults("QEMU", "Standard PC (i440FX + PIIX, 1996)",
-mc->name, smbios_legacy_mode, smbios_uuid_encoded,
+mc->name, pcmc->smbios_legacy_mode,
+pcmc->smbios_uuid_encoded,
 SMBIOS_ENTRY_POINT_21);
 }
 
@@ -182,14 +171,14 @@ static void pc_init1(MachineState *machine,
 
 gsi_state = g_malloc0(sizeof(*gsi_state));
 if (kvm_irqchip_in_kernel()) {
-kvm_pc_setup_irq_routing(pci_enabled);
+kvm_pc_setup_irq_routing(pcmc->pci_enabled);
 gsi = qemu_allocate_irqs(kvm_pc_gsi_handler, gsi_state,
  GSI_NUM_PINS);
 } else {
 gsi = qemu_allocate_irqs(gsi_handler, gsi_state, GSI_NUM_PINS);
 }
 
-if (pci_enabled) {
+if (pcmc->pci_enabled) {
 pci_bus = i440fx_init(host_type,
   pci_type,
   _state, _devfn, _bus, gsi,
@@ 

[Qemu-devel] [PATCH v3 6/6] pc: Move option_rom_has_mr/rom_file_has_mr globals to MachineClass

[Eduardo Habkost]

This way, these settings can be simply set on the corresponding
machine_options() function, instead of requiring code in
pc_compat_*() functions.

Signed-off-by: Eduardo Habkost 
---
 hw/core/loader.c| 10 +-
 hw/core/machine.c   |  1 +
 hw/i386/pc_piix.c   |  8 
 hw/i386/pc_q35.c|  4 ++--
 include/hw/boards.h |  2 ++
 5 files changed, 14 insertions(+), 11 deletions(-)

diff --git a/hw/core/loader.c b/hw/core/loader.c
index eb67f05..6b69852 100644
--- a/hw/core/loader.c
+++ b/hw/core/loader.c
@@ -51,12 +51,10 @@
 #include "hw/nvram/fw_cfg.h"
 #include "exec/memory.h"
 #include "exec/address-spaces.h"
+#include "hw/boards.h"
 
 #include 
 
-bool option_rom_has_mr = false;
-bool rom_file_has_mr = true;
-
 static int roms_loaded;
 
 /* return the size or -1 if error */
@@ -754,6 +752,7 @@ int rom_add_file(const char *file, const char *fw_dir,
  hwaddr addr, int32_t bootindex,
  bool option_rom)
 {
+MachineClass *mc = MACHINE_GET_CLASS(qdev_get_machine());
 Rom *rom;
 int rc, fd = -1;
 char devpath[100];
@@ -810,7 +809,7 @@ int rom_add_file(const char *file, const char *fw_dir,
  basename);
 snprintf(devpath, sizeof(devpath), "/rom@%s", fw_file_name);
 
-if ((!option_rom || option_rom_has_mr) && rom_file_has_mr) {
+if ((!option_rom || mc->option_rom_has_mr) && mc->rom_file_has_mr) {
 data = rom_set_mr(rom, OBJECT(fw_cfg), devpath);
 } else {
 data = rom->data;
@@ -838,6 +837,7 @@ MemoryRegion *rom_add_blob(const char *name, const void 
*blob, size_t len,
size_t max_len, hwaddr addr, const char *fw_file_name,
FWCfgReadCallback fw_callback, void *callback_opaque)
 {
+MachineClass *mc = MACHINE_GET_CLASS(qdev_get_machine());
 Rom *rom;
 MemoryRegion *mr = NULL;
 
@@ -855,7 +855,7 @@ MemoryRegion *rom_add_blob(const char *name, const void 
*blob, size_t len,
 
 snprintf(devpath, sizeof(devpath), "/rom@%s", fw_file_name);
 
-if (rom_file_has_mr) {
+if (mc->rom_file_has_mr) {
 data = rom_set_mr(rom, OBJECT(fw_cfg), devpath);
 mr = rom->mr;
 } else {
diff --git a/hw/core/machine.c b/hw/core/machine.c
index acca00d..1702397 100644
--- a/hw/core/machine.c
+++ b/hw/core/machine.c
@@ -314,6 +314,7 @@ static void machine_class_init(ObjectClass *oc, void *data)
 
 /* Default 128 MB as guest ram size */
 mc->default_ram_size = 128 * M_BYTE;
+mc->rom_file_has_mr = true;
 }
 
 static void machine_class_base_init(ObjectClass *oc, void *data)
diff --git a/hw/i386/pc_piix.c b/hw/i386/pc_piix.c
index 869c64b..0e9a9d8 100644
--- a/hw/i386/pc_piix.c
+++ b/hw/i386/pc_piix.c
@@ -319,14 +319,12 @@ static void pc_compat_2_0(MachineState *machine)
 static void pc_compat_1_7(MachineState *machine)
 {
 pc_compat_2_0(machine);
-option_rom_has_mr = true;
 x86_cpu_change_kvm_default("x2apic", NULL);
 }
 
 static void pc_compat_1_6(MachineState *machine)
 {
 pc_compat_1_7(machine);
-rom_file_has_mr = false;
 }
 
 static void pc_compat_1_5(MachineState *machine)
@@ -360,8 +358,6 @@ static void pc_compat_0_13(MachineState *machine)
 
 static void pc_init_isa(MachineState *machine)
 {
-option_rom_has_mr = true;
-rom_file_has_mr = false;
 if (!machine->cpu_model) {
 machine->cpu_model = "486";
 }
@@ -526,6 +522,7 @@ static void pc_i440fx_1_7_machine_options(MachineClass *m)
 pc_i440fx_2_0_machine_options(m);
 m->hw_version = "1.7.0";
 m->default_machine_opts = NULL;
+m->option_rom_has_mr = true;
 SET_MACHINE_COMPAT(m, PC_COMPAT_1_7);
 pcmc->smbios_defaults = false;
 pcmc->gigabyte_align = false;
@@ -541,6 +538,7 @@ static void pc_i440fx_1_6_machine_options(MachineClass *m)
 PCMachineClass *pcmc = PC_MACHINE_CLASS(m);
 pc_i440fx_1_7_machine_options(m);
 m->hw_version = "1.6.0";
+m->rom_file_has_mr = false;
 SET_MACHINE_COMPAT(m, PC_COMPAT_1_6);
 pcmc->has_acpi_build = false;
 }
@@ -1025,6 +1023,8 @@ static void isapc_machine_options(MachineClass *m)
 PCMachineClass *pcmc = PC_MACHINE_CLASS(m);
 m->desc = "ISA-only PC";
 m->max_cpus = 1;
+m->option_rom_has_mr = true;
+m->rom_file_has_mr = false;
 pcmc->pci_enabled = false;
 pcmc->has_acpi_build = false;
 pcmc->smbios_defaults = false;
diff --git a/hw/i386/pc_q35.c b/hw/i386/pc_q35.c
index e16dec1..f004134 100644
--- a/hw/i386/pc_q35.c
+++ b/hw/i386/pc_q35.c
@@ -304,14 +304,12 @@ static void pc_compat_2_0(MachineState *machine)
 static void pc_compat_1_7(MachineState *machine)
 {
 pc_compat_2_0(machine);
-option_rom_has_mr = true;
 x86_cpu_change_kvm_default("x2apic", NULL);
 }
 
 static void pc_compat_1_6(MachineState *machine)
 {
 pc_compat_1_7(machine);
-rom_file_has_mr = false;
 }
 
 static void pc_compat_1_5(MachineState *machine)
@@ -434,6 +432,7 @@ static void 

Re: [Qemu-devel] [PATCH v4 01/11] dump-guest-memory: cleanup: removing dump_{error|cleanup}().

[Fam Zheng]

On Tue, 12/01 21:28, Peter Xu wrote:
> It might be a little bit confusing to do dump_cleanup() in these two
> functions and error prone. A better way is to do dump_cleanup()

I would say "It might be a little bit confusing and error prone to do
dump_cleanup() in ..."

Other than that,

Reviewed-by: Fam Zheng 

> before dump finish, no matter whether dump has succeeded or not.
> 
> Signed-off-by: Peter Xu 

[Qemu-devel] [PULL] tcg: Increase the highwater reservation

[Richard Henderson]

If there are a lot of guest memory ops in the TB, the amount of
code generated by tcg_out_tb_finalize could be well more than 1k.
In the short term, increase the reservation larger than any TB
seen in practice.

Reported-by: Aurelien Jarno 
Reviewed-by: Aurelien Jarno 
Tested-by: Aurelien Jarno 
Signed-off-by: Richard Henderson 
---
 tcg/tcg.c | 6 +-
 1 file changed, 5 insertions(+), 1 deletion(-)

diff --git a/tcg/tcg.c b/tcg/tcg.c
index b20ed19..a163541 100644
--- a/tcg/tcg.c
+++ b/tcg/tcg.c
@@ -388,7 +388,11 @@ void tcg_prologue_init(TCGContext *s)
 /* Compute a high-water mark, at which we voluntarily flush the buffer
and start over.  The size here is arbitrary, significantly larger
than we expect the code generation for any one opcode to require.  */
-s->code_gen_highwater = s->code_gen_buffer + (total_size - 1024);
+/* ??? We currently have no good estimate for, or checks in,
+   tcg_out_tb_finalize.  If there are quite a lot of guest memory ops,
+   the number of out-of-line fragments could be quite high.  In the
+   short-term, increase the highwater buffer.  */
+s->code_gen_highwater = s->code_gen_buffer + (total_size - 64*1024);
 
 tcg_register_jit(s->code_gen_buffer, total_size);
 
-- 
2.5.0

Re: [Qemu-devel] [PATCH for-2.5] tcg: Increase the highwater reservation

[Richard Henderson]

On 12/01/2015 08:40 AM, Aurelien Jarno wrote:

On 2015-12-01 17:34, Aurelien Jarno wrote:

On 2015-12-01 16:28, Peter Maydell wrote:

On 1 December 2015 at 16:19, Richard Henderson  wrote:

If there are a lot of guest memory ops in the TB, the amount of
code generated by tcg_out_tb_finalize could be well more than 1k.
In the short term, increase the reservation larger than any TB
seen in practice.

Reported-by: Aurelien Jarno 
Signed-off-by: Richard Henderson 
---

Reported and discussed with Aurelien on IRC yesterday.  This seems
to be the easiest fix for the upcoming release.  I will fix this
properly (by modifying every backend's finalize routines) for 2.6.


What would be the result of our hitting this bug? I ask because
there's a report on qemu-discuss about a qemu-i386-on-ARM-host
bug: http://lists.nongnu.org/archive/html/qemu-discuss/2015-11/msg00042.html
and the debug log (http://www.mediafire.com/download/ge611be9vbebbw7/qemu.log)
suggests we're segfaulting in translation on the TB shortly
after we (successfully) translate a TB whose final 'out' size
is 1100 and which has 64 guest writes in it. So I'm wondering
if that's actually the same bug this is fixing...


I don't think this is the same bug. The problem happens because the slow
path of the softmmu load/store access is written at the end of the TB.
In user mode, there is no slow path, so nothing is written at the end.


Oh quite right.  Duh.


That said the problem reported is likely fixed by this commit that went
just after it has been reported:


It does seem likely, but I don't see how we can know that the out size is 1100 
in that situation.  The disassembler dump doesn't happen until after we've done 
all of the writes that would have resulted in a highwater overflow segv.


I don't see how this can be the same bug.


r~

Re: [Qemu-devel] [PATCH for-2.5] tcg: Increase the highwater reservation

[Peter Maydell]

On 1 December 2015 at 23:06, Richard Henderson  wrote:
> On 12/01/2015 08:40 AM, Aurelien Jarno wrote:
>> That said the problem reported is likely fixed by this commit that went
>> just after it has been reported:
>
>
> It does seem likely, but I don't see how we can know that the out size is
> 1100 in that situation.  The disassembler dump doesn't happen until after
> we've done all of the writes that would have resulted in a highwater
> overflow segv.

Yeah, if we always cleanly segv immediately on highwater overflow
(as opposed to corrupting something so a later translation crashes)
then this can't be the bug that's reported for qemu-i386. The
actual TB that we never finish translating is quite small:

IN:
0x419552e0:  push   %ebp
0x419552e1:  mov%esp,%ebp
0x419552e3:  sub$0x18,%esp
0x419552e6:  fldl   0x8(%ebp)
0x419552e9:  fstpl  -0x8(%ebp)
0x419552ec:  movl   $0x1400,0x4(%esp)
0x419552f4:  movl   $0x2,(%esp)
0x419552fb:  call   0x41954b96

thanks
-- PMM

Re: [Qemu-devel] [PATCH v4 03/11] dump-guest-memory: using static DumpState, add DumpStatus

[Fam Zheng]

On Tue, 12/01 21:28, Peter Xu wrote:
> Instead of malloc/free each time for DumpState, make it
> static. Added DumpStatus to show status for dump.
> 
> This is to be used for detached dump.
> 
> Signed-off-by: Peter Xu 
> ---
>  dump.c| 20 +---
>  include/sysemu/dump.h |  2 ++
>  qapi-schema.json  | 18 ++
>  3 files changed, 37 insertions(+), 3 deletions(-)
> 
> diff --git a/dump.c b/dump.c
> index d79e0ed..f5f3c59 100644
> --- a/dump.c
> +++ b/dump.c
> @@ -1418,6 +1418,14 @@ static void get_max_mapnr(DumpState *s)
>  s->max_mapnr = paddr_to_pfn(last_block->target_end);
>  }
>  
> +static DumpState dump_state_global = { .status = DUMP_STATUS_NONE };
> +
> +static void dump_state_prepare(DumpState *s)
> +{
> +/* zero the struct, setting status to active */
> +*s = (DumpState) { .status = DUMP_STATUS_ACTIVE };
> +}
> +
>  static void dump_init(DumpState *s, int fd, bool has_format,
>DumpGuestMemoryFormat format, bool paging, bool 
> has_filter,
>int64_t begin, int64_t length, Error **errp)
> @@ -1647,13 +1655,14 @@ void qmp_dump_guest_memory(bool paging, const char 
> *file,
>  return;
>  }
>  
> -s = g_malloc0(sizeof(DumpState));
> +s = _state_global;
> +dump_state_prepare(s);
>  
>  dump_init(s, fd, has_format, format, paging, has_begin,
>begin, length, _err);
>  if (local_err) {
> -g_free(s);
>  error_propagate(errp, local_err);
> +s->status = DUMP_STATUS_FAILED;
>  return;
>  }
>  
> @@ -1663,8 +1672,13 @@ void qmp_dump_guest_memory(bool paging, const char 
> *file,
>  create_vmcore(s, errp);
>  }
>  
> +if (*errp) {
> +s->status = DUMP_STATUS_FAILED;
> +} else {
> +s->status = DUMP_STATUS_COMPLETED;
> +}
> +

To detect error, it's better to use local_err plus error_propagate like a few
lines above. errp _can_ be NULL depending on callers, though in practice qmp
functions should get a non-NULL.

Fam

>  dump_cleanup(s);
> -g_free(s);
>  }
>  
>  DumpGuestMemoryCapability *qmp_query_dump_guest_memory_capability(Error 
> **errp)
> diff --git a/include/sysemu/dump.h b/include/sysemu/dump.h
> index 7e4ec5c..affef38 100644
> --- a/include/sysemu/dump.h
> +++ b/include/sysemu/dump.h
> @@ -45,6 +45,7 @@
>  
>  #include "sysemu/dump-arch.h"
>  #include "sysemu/memory_mapping.h"
> +#include "qapi-types.h"
>  
>  typedef struct QEMU_PACKED MakedumpfileHeader {
>  char signature[16]; /* = "makedumpfile" */
> @@ -183,6 +184,7 @@ typedef struct DumpState {
>  off_t offset_page;  /* offset of page part in vmcore */
>  size_t num_dumpable;/* number of page that can be dumped */
>  uint32_t flag_compress; /* indicate the compression format */
> +DumpStatus status;  /* current dump status */
>  } DumpState;
>  
>  uint16_t cpu_to_dump16(DumpState *s, uint16_t val);
> diff --git a/qapi-schema.json b/qapi-schema.json
> index 97c3ac4..691a130 100644
> --- a/qapi-schema.json
> +++ b/qapi-schema.json
> @@ -2139,6 +2139,24 @@
>  '*format': 'DumpGuestMemoryFormat'} }
>  
>  ##
> +# @DumpStatus
> +#
> +# Describe the status of a long-running background guest memory dump.
> +#
> +# @none: no dump-guest-memory has started yet.
> +#
> +# @active: there is one dump running in background.
> +#
> +# @completed: the last dump has finished successfully.
> +#
> +# @failed: the last dump has failed.
> +#
> +# Since 2.6
> +##
> +{ 'enum': 'DumpStatus',
> +  'data': [ 'none', 'active', 'completed', 'failed' ] }
> +
> +##
>  # @DumpGuestMemoryCapability:
>  #
>  # A list of the available formats for dump-guest-memory
> -- 
> 2.4.3
> 

Re: [Qemu-devel] [PATCHv4 00/18] slirp: Adding IPv6 support to Qemu -net user mode

[Samuel Thibault]

Thomas Huth, on Tue 01 Dec 2015 22:28:10 +0100, wrote:
> Are you still planning to rebase the patches again to current master and
> repost them, so we could maybe get this in for QEMU 2.6 ?

If we can get this reviewed, yes, sure!

> If you put me on CC:, I can try to review the series if you like (if I
> got the older mails right, this was the main problem in the past, that
> nobody reviewed?).

That was the issue, yes.

I can do that in the coming weeks.

Samuel

[Qemu-devel] [PULL for-2.5] TCG highwater fix

[Richard Henderson]

A last-minute fix for -rc2.


r~


The following changes since commit a2485925f76d01795f041fd63663d8582139fda4:

  Merge remote-tracking branch 'remotes/dgibson/tags/ppc-for-2.5-20151130' into 
staging (2015-11-30 17:09:35 +)

are available in the git repository at:

  git://github.com/rth7680/qemu.git tags/pull-tcg-20151201

for you to fetch changes up to b17a6d3390f87620735f7efb03bb1c96682ff449:

  tcg: Increase the highwater reservation (2015-12-01 14:36:32 -0800)


Last minute fix


Richard Henderson (1):
  tcg: Increase the highwater reservation

 tcg/tcg.c | 6 +-
 1 file changed, 5 insertions(+), 1 deletion(-)

[Qemu-devel] [PATCH for-2.6 2/3] iotests: 124: move incremental failure test

[John Snow]

Code motion only, in preparation for adjusting
the setUp procedure for this test.

Signed-off-by: John Snow 
---
 tests/qemu-iotests/124 | 117 +
 1 file changed, 60 insertions(+), 57 deletions(-)

diff --git a/tests/qemu-iotests/124 b/tests/qemu-iotests/124
index 778bfdd..2a0119d 100644
--- a/tests/qemu-iotests/124
+++ b/tests/qemu-iotests/124
@@ -344,63 +344,6 @@ class TestIncrementalBackup(TestIncrementalBackupBase):
 self.check_backups()
 
 
-def test_incremental_failure(self):
-'''Test: Verify backups made after a failure are correct.
-
-Simulate a failure during an incremental backup block job,
-emulate additional writes, then create another incremental backup
-afterwards and verify that the backup created is correct.
-'''
-
-# Create a blkdebug interface to this img as 'drive1',
-# but don't actually create a new image.
-drive1 = self.add_node('drive1', self.drives[0]['fmt'],
-   path=self.drives[0]['file'],
-   backup=self.drives[0]['backup'])
-result = self.vm.qmp('blockdev-add', options={
-'id': drive1['id'],
-'driver': drive1['fmt'],
-'file': {
-'driver': 'blkdebug',
-'image': {
-'driver': 'file',
-'filename': drive1['file']
-},
-'set-state': [{
-'event': 'flush_to_disk',
-'state': 1,
-'new_state': 2
-}],
-'inject-error': [{
-'event': 'read_aio',
-'errno': 5,
-'state': 2,
-'immediately': False,
-'once': True
-}],
-}
-})
-self.assert_qmp(result, 'return', {})
-
-self.create_anchor_backup(self.drives[0])
-self.add_bitmap('bitmap0', drive1)
-# Note: at this point, during a normal execution,
-# Assume that the VM resumes and begins issuing IO requests here.
-
-self.hmp_io_writes(drive1['id'], (('0xab', 0, 512),
-  ('0xfe', '16M', '256k'),
-  ('0x64', '32736k', '64k')))
-
-result = self.create_incremental(validate=False)
-self.assertFalse(result)
-self.hmp_io_writes(drive1['id'], (('0x9a', 0, 512),
-  ('0x55', '8M', '352k'),
-  ('0x78', '15872k', '1M')))
-self.create_incremental()
-self.vm.shutdown()
-self.check_backups()
-
-
 def test_transaction_failure(self):
 '''Test: Verify backups made from a transaction that partially fails.
 
@@ -548,5 +491,65 @@ class TestIncrementalBackup(TestIncrementalBackupBase):
   granularity=64000)
 
 
+class TestIncrementalBackupBlkdebug(TestIncrementalBackupBase):
+'''Incremental backup tests that utilize a BlkDebug filter on drive0.'''
+
+def test_incremental_failure(self):
+'''Test: Verify backups made after a failure are correct.
+
+Simulate a failure during an incremental backup block job,
+emulate additional writes, then create another incremental backup
+afterwards and verify that the backup created is correct.
+'''
+
+# Create a blkdebug interface to this img as 'drive1',
+# but don't actually create a new image.
+drive1 = self.add_node('drive1', self.drives[0]['fmt'],
+   path=self.drives[0]['file'],
+   backup=self.drives[0]['backup'])
+result = self.vm.qmp('blockdev-add', options={
+'id': drive1['id'],
+'driver': drive1['fmt'],
+'file': {
+'driver': 'blkdebug',
+'image': {
+'driver': 'file',
+'filename': drive1['file']
+},
+'set-state': [{
+'event': 'flush_to_disk',
+'state': 1,
+'new_state': 2
+}],
+'inject-error': [{
+'event': 'read_aio',
+'errno': 5,
+'state': 2,
+'immediately': False,
+'once': True
+}],
+}
+})
+self.assert_qmp(result, 'return', {})
+
+self.create_anchor_backup(self.drives[0])
+self.add_bitmap('bitmap0', drive1)
+# Note: at this point, during a normal execution,
+# Assume that the VM resumes and begins issuing IO requests here.
+
+self.hmp_io_writes(drive1['id'], (('0xab', 0, 512),
+  ('0xfe', '16M', 

[Qemu-devel] [PATCH for-2.6 3/3] iotests: 124: don't reopen qcow2

[John Snow]

Don't create two interfaces to the same drive in the recently moved
failure test.

Signed-off-by: John Snow 
---
 tests/qemu-iotests/124 | 26 ++
 1 file changed, 14 insertions(+), 12 deletions(-)

diff --git a/tests/qemu-iotests/124 b/tests/qemu-iotests/124
index 2a0119d..7d33422 100644
--- a/tests/qemu-iotests/124
+++ b/tests/qemu-iotests/124
@@ -494,6 +494,12 @@ class TestIncrementalBackup(TestIncrementalBackupBase):
 class TestIncrementalBackupBlkdebug(TestIncrementalBackupBase):
 '''Incremental backup tests that utilize a BlkDebug filter on drive0.'''
 
+def setUp(self):
+drive0 = self.add_node('drive0')
+self.img_create(drive0['file'], drive0['fmt'])
+self.write_default_pattern(drive0['file'])
+self.vm.launch()
+
 def test_incremental_failure(self):
 '''Test: Verify backups made after a failure are correct.
 
@@ -502,19 +508,15 @@ class 
TestIncrementalBackupBlkdebug(TestIncrementalBackupBase):
 afterwards and verify that the backup created is correct.
 '''
 
-# Create a blkdebug interface to this img as 'drive1',
-# but don't actually create a new image.
-drive1 = self.add_node('drive1', self.drives[0]['fmt'],
-   path=self.drives[0]['file'],
-   backup=self.drives[0]['backup'])
+drive0 = self.drives[0]
 result = self.vm.qmp('blockdev-add', options={
-'id': drive1['id'],
-'driver': drive1['fmt'],
+'id': drive0['id'],
+'driver': drive0['fmt'],
 'file': {
 'driver': 'blkdebug',
 'image': {
 'driver': 'file',
-'filename': drive1['file']
+'filename': drive0['file']
 },
 'set-state': [{
 'event': 'flush_to_disk',
@@ -532,18 +534,18 @@ class 
TestIncrementalBackupBlkdebug(TestIncrementalBackupBase):
 })
 self.assert_qmp(result, 'return', {})
 
-self.create_anchor_backup(self.drives[0])
-self.add_bitmap('bitmap0', drive1)
+self.create_anchor_backup(drive0)
+self.add_bitmap('bitmap0', drive0)
 # Note: at this point, during a normal execution,
 # Assume that the VM resumes and begins issuing IO requests here.
 
-self.hmp_io_writes(drive1['id'], (('0xab', 0, 512),
+self.hmp_io_writes(drive0['id'], (('0xab', 0, 512),
   ('0xfe', '16M', '256k'),
   ('0x64', '32736k', '64k')))
 
 result = self.create_incremental(validate=False)
 self.assertFalse(result)
-self.hmp_io_writes(drive1['id'], (('0x9a', 0, 512),
+self.hmp_io_writes(drive0['id'], (('0x9a', 0, 512),
   ('0x55', '8M', '352k'),
   ('0x78', '15872k', '1M')))
 self.create_incremental()
-- 
2.4.3

[Qemu-devel] [PATCH for-2.6 0/3] iotests: 124: Don't reopen qcow2 file

[John Snow]

Kevin caught me being Naughty, and because I don't want Santa to be
mad at me, I have corrected my ways.

Split iotest 124 into two classes so that the iotest that requires
a blkdebug filter from the get-go can forego the standard setUp
routine and just do it correct the first time.

Does this warrant three patches? Not really, but to make the code
motion nice to look at, I had to split it out that way.

--js



For convenience, this branch is available at:
https://github.com/jnsnow/qemu.git branch block-iotest-124-qcow2-locking
https://github.com/jnsnow/qemu/tree/block-iotest-124-qcow2-locking

This version is tagged block-iotest-124-qcow2-locking-v1:
https://github.com/jnsnow/qemu/releases/tag/block-iotest-124-qcow2-locking-v1

John Snow (3):
  iotests: 124: Split into two test classes
  iotests: 124: move incremental failure test
  iotests: 124: don't reopen qcow2

 tests/qemu-iotests/124 | 148 +++--
 1 file changed, 81 insertions(+), 67 deletions(-)

-- 
2.4.3

[Qemu-devel] [PATCH for-2.6 1/3] iotests: 124: Split into two test classes

[John Snow]

Split it into an abstract test class and an implementation class.

The split is primarily to facilitate more flexible setUp variations
for other kinds of tests without having to rewrite or shuffle around
all of these helpers.

See the following two patches for more of the "why."

Signed-off-by: John Snow 
---
 tests/qemu-iotests/124 | 35 ++-
 1 file changed, 22 insertions(+), 13 deletions(-)

diff --git a/tests/qemu-iotests/124 b/tests/qemu-iotests/124
index c928f01..778bfdd 100644
--- a/tests/qemu-iotests/124
+++ b/tests/qemu-iotests/124
@@ -91,24 +91,31 @@ class Bitmap:
 try_remove(image)
 
 
-class TestIncrementalBackup(iotests.QMPTestCase):
-def setUp(self):
+class TestIncrementalBackupBase(iotests.QMPTestCase):
+def __init__(self, *args):
+super(TestIncrementalBackupBase, self).__init__(*args)
 self.bitmaps = list()
 self.files = list()
 self.drives = list()
 self.vm = iotests.VM()
 self.err_img = os.path.join(iotests.test_dir, 'err.%s' % 
iotests.imgfmt)
 
+
+def setUp(self):
 # Create a base image with a distinctive patterning
 drive0 = self.add_node('drive0')
 self.img_create(drive0['file'], drive0['fmt'])
 self.vm.add_drive(drive0['file'])
-io_write_patterns(drive0['file'], (('0x41', 0, 512),
-   ('0xd5', '1M', '32k'),
-   ('0xdc', '32M', '124k')))
+self.write_default_pattern(drive0['file'])
 self.vm.launch()
 
 
+def write_default_pattern(self, target):
+io_write_patterns(target, (('0x41', 0, 512),
+   ('0xd5', '1M', '32k'),
+   ('0xdc', '32M', '124k')))
+
+
 def add_node(self, node_id, fmt=iotests.imgfmt, path=None, backup=None):
 if path is None:
 path = os.path.join(iotests.test_dir, '%s.%s' % (node_id, fmt))
@@ -259,6 +266,16 @@ class TestIncrementalBackup(iotests.QMPTestCase):
 self.check_backups()
 
 
+def tearDown(self):
+self.vm.shutdown()
+for bitmap in self.bitmaps:
+bitmap.cleanup()
+for filename in self.files:
+try_remove(filename)
+
+
+
+class TestIncrementalBackup(TestIncrementalBackupBase):
 def test_incremental_simple(self):
 '''
 Test: Create and verify three incremental backups.
@@ -531,13 +548,5 @@ class TestIncrementalBackup(iotests.QMPTestCase):
   granularity=64000)
 
 
-def tearDown(self):
-self.vm.shutdown()
-for bitmap in self.bitmaps:
-bitmap.cleanup()
-for filename in self.files:
-try_remove(filename)
-
-
 if __name__ == '__main__':
 iotests.main(supported_fmts=['qcow2'])
-- 
2.4.3

[Qemu-devel] [PATCH v3 2/6] pc: Move legacy_acpi_table_size global to PCMachineClass

[Eduardo Habkost]

This way we can set legacy_acpi_table_size on the machine_options()
functions, instead of requirng code in pc_compat_*() functions.

Signed-off-by: Eduardo Habkost 
---
 hw/i386/pc_piix.c| 40 +++-
 include/hw/i386/pc.h |  1 +
 2 files changed, 20 insertions(+), 21 deletions(-)

diff --git a/hw/i386/pc_piix.c b/hw/i386/pc_piix.c
index 7a7f748..5f23e9c 100644
--- a/hw/i386/pc_piix.c
+++ b/hw/i386/pc_piix.c
@@ -60,8 +60,6 @@ static const int ide_iobase[MAX_IDE_BUS] = { 0x1f0, 0x170 };
 static const int ide_iobase2[MAX_IDE_BUS] = { 0x3f6, 0x376 };
 static const int ide_irq[MAX_IDE_BUS] = { 14, 15 };
 
-static int legacy_acpi_table_size;
-
 /* PC hardware initialisation */
 static void pc_init1(MachineState *machine,
  const char *host_type, const char *pci_type)
@@ -145,7 +143,7 @@ static void pc_init1(MachineState *machine,
 guest_info = pc_guest_info_init(pcms);
 
 guest_info->has_acpi_build = pcmc->has_acpi_build;
-guest_info->legacy_acpi_table_size = legacy_acpi_table_size;
+guest_info->legacy_acpi_table_size = pcmc->legacy_acpi_table_size;
 
 guest_info->isapc_ram_fw = !pcmc->pci_enabled;
 guest_info->has_reserved_memory = pcmc->has_reserved_memory;
@@ -319,23 +317,6 @@ static void pc_compat_2_1(MachineState *machine)
 static void pc_compat_2_0(MachineState *machine)
 {
 pc_compat_2_1(machine);
-/* This value depends on the actual DSDT and SSDT compiled into
- * the source QEMU; unfortunately it depends on the binary and
- * not on the machine type, so we cannot make pc-i440fx-1.7 work on
- * both QEMU 1.7 and QEMU 2.0.
- *
- * Large variations cause migration to fail for more than one
- * consecutive value of the "-smp" maxcpus option.
- *
- * For small variations of the kind caused by different iasl versions,
- * the 4k rounding usually leaves slack.  However, there could be still
- * one or two values that break.  For QEMU 1.7 and QEMU 2.0 the
- * slack is only ~10 bytes before one "-smp maxcpus" value breaks!
- *
- * 6652 is valid for QEMU 2.0, the right value for pc-i440fx-1.7 on
- * QEMU 1.7 it is 6414.  For RHEL/CentOS 7.0 it is 6418.
- */
-legacy_acpi_table_size = 6652;
 pc_set_legacy_acpi_data_size();
 }
 
@@ -343,7 +324,6 @@ static void pc_compat_1_7(MachineState *machine)
 {
 pc_compat_2_0(machine);
 option_rom_has_mr = true;
-legacy_acpi_table_size = 6414;
 x86_cpu_change_kvm_default("x2apic", NULL);
 }
 
@@ -519,6 +499,23 @@ static void pc_i440fx_2_0_machine_options(MachineClass *m)
 SET_MACHINE_COMPAT(m, PC_COMPAT_2_0);
 pcmc->smbios_legacy_mode = true;
 pcmc->has_reserved_memory = false;
+/* This value depends on the actual DSDT and SSDT compiled into
+ * the source QEMU; unfortunately it depends on the binary and
+ * not on the machine type, so we cannot make pc-i440fx-1.7 work on
+ * both QEMU 1.7 and QEMU 2.0.
+ *
+ * Large variations cause migration to fail for more than one
+ * consecutive value of the "-smp" maxcpus option.
+ *
+ * For small variations of the kind caused by different iasl versions,
+ * the 4k rounding usually leaves slack.  However, there could be still
+ * one or two values that break.  For QEMU 1.7 and QEMU 2.0 the
+ * slack is only ~10 bytes before one "-smp maxcpus" value breaks!
+ *
+ * 6652 is valid for QEMU 2.0, the right value for pc-i440fx-1.7 on
+ * QEMU 1.7 it is 6414.  For RHEL/CentOS 7.0 it is 6418.
+ */
+pcmc->legacy_acpi_table_size = 6652;
 }
 
 DEFINE_I440FX_MACHINE(v2_0, "pc-i440fx-2.0", pc_compat_2_0,
@@ -534,6 +531,7 @@ static void pc_i440fx_1_7_machine_options(MachineClass *m)
 SET_MACHINE_COMPAT(m, PC_COMPAT_1_7);
 pcmc->smbios_defaults = false;
 pcmc->gigabyte_align = false;
+pcmc->legacy_acpi_table_size = 6414;
 }
 
 DEFINE_I440FX_MACHINE(v1_7, "pc-i440fx-1.7", pc_compat_1_7,
diff --git a/include/hw/i386/pc.h b/include/hw/i386/pc.h
index 15171e9..7c2cc9f 100644
--- a/include/hw/i386/pc.h
+++ b/include/hw/i386/pc.h
@@ -76,6 +76,7 @@ struct PCMachineClass {
 bool gigabyte_align;
 bool has_reserved_memory;
 bool kvmclock_enabled;
+int legacy_acpi_table_size;
 };
 
 #define TYPE_PC_MACHINE "generic-pc-machine"
-- 
2.1.0

[Qemu-devel] [PATCH v3 0/6] pc: Initialization and compat function cleanup

[Eduardo Habkost]

This moves most compat data that are globals or PCMachineState
fields to PCMachineClass.

It looks like v2 (sent in August) has slipped through the cracks.
Rebased to latest qemu.git, and added 2 additional patches.

Eduardo Habkost (6):
  pc: Move compat boolean globals to PCMachineClass
  pc: Move legacy_acpi_table_size global to PCMachineClass
  pc: Move acpi_data_size global to PCMachineClass
  pc: Move enforce_aligned_dimm to PCMachineClass
  pc: Remove enforce-aligned-dimm QOM property
  pc: Move option_rom_has_mr/rom_file_has_mr globals to MachineClass

 hw/core/loader.c |  10 ++--
 hw/core/machine.c|   1 +
 hw/i386/pc.c |  44 +++-
 hw/i386/pc_piix.c| 138 ---
 hw/i386/pc_q35.c |  64 +++-
 include/hw/boards.h  |   2 +
 include/hw/i386/pc.h |  28 ---
 7 files changed, 142 insertions(+), 145 deletions(-)

-- 
2.1.0

[Qemu-devel] [PATCH v3 3/6] pc: Move acpi_data_size global to PCMachineClass

[Eduardo Habkost]

This way we don't need code in pc_compat_*() functions to set the legacy
acpi_data_size value.

Signed-off-by: Eduardo Habkost 
---
 hw/i386/pc.c | 17 ++---
 hw/i386/pc_piix.c|  2 +-
 hw/i386/pc_q35.c |  2 +-
 include/hw/i386/pc.h |  6 --
 4 files changed, 12 insertions(+), 15 deletions(-)

diff --git a/hw/i386/pc.c b/hw/i386/pc.c
index 129aa04..a79b8af 100644
--- a/hw/i386/pc.c
+++ b/hw/i386/pc.c
@@ -76,15 +76,6 @@
 #define DPRINTF(fmt, ...)
 #endif
 
-/* Leave a chunk of memory at the top of RAM for the BIOS ACPI tables
- * (128K) and other BIOS datastructures (less than 4K reported to be used at
- * the moment, 32K should be enough for a while).  */
-static unsigned acpi_data_size = 0x2 + 0x8000;
-void pc_set_legacy_acpi_data_size(void)
-{
-acpi_data_size = 0x1;
-}
-
 #define BIOS_CFG_IOPORT 0x510
 #define FW_CFG_ACPI_TABLES (FW_CFG_ARCH_LOCAL + 0)
 #define FW_CFG_SMBIOS_ENTRIES (FW_CFG_ARCH_LOCAL + 1)
@@ -840,6 +831,7 @@ static void load_linux(PCMachineState *pcms,
 FILE *f;
 char *vmode;
 MachineState *machine = MACHINE(pcms);
+PCMachineClass *pcmc = PC_MACHINE_GET_CLASS(pcms);
 const char *kernel_filename = machine->kernel_filename;
 const char *initrd_filename = machine->initrd_filename;
 const char *kernel_cmdline = machine->kernel_cmdline;
@@ -907,8 +899,8 @@ static void load_linux(PCMachineState *pcms,
 initrd_max = 0x37ff;
 }
 
-if (initrd_max >= pcms->below_4g_mem_size - acpi_data_size) {
-initrd_max = pcms->below_4g_mem_size - acpi_data_size - 1;
+if (initrd_max >= pcms->below_4g_mem_size - pcmc->acpi_data_size) {
+initrd_max = pcms->below_4g_mem_size - pcmc->acpi_data_size - 1;
 }
 
 fw_cfg_add_i32(fw_cfg, FW_CFG_CMDLINE_ADDR, cmdline_addr);
@@ -1960,6 +1952,9 @@ static void pc_machine_class_init(ObjectClass *oc, void 
*data)
 pcmc->gigabyte_align = true;
 pcmc->has_reserved_memory = true;
 pcmc->kvmclock_enabled = true;
+/* BIOS ACPI tables: 128K. Other BIOS datastructures: less than 4K reported
+ * to be used at the moment, 32K should be enough for a while.  */
+pcmc->acpi_data_size = 0x2 + 0x8000;
 mc->get_hotplug_handler = pc_get_hotpug_handler;
 mc->cpu_index_to_socket_id = pc_cpu_index_to_socket_id;
 mc->default_boot_order = "cad";
diff --git a/hw/i386/pc_piix.c b/hw/i386/pc_piix.c
index 5f23e9c..3562888 100644
--- a/hw/i386/pc_piix.c
+++ b/hw/i386/pc_piix.c
@@ -317,7 +317,6 @@ static void pc_compat_2_1(MachineState *machine)
 static void pc_compat_2_0(MachineState *machine)
 {
 pc_compat_2_1(machine);
-pc_set_legacy_acpi_data_size();
 }
 
 static void pc_compat_1_7(MachineState *machine)
@@ -516,6 +515,7 @@ static void pc_i440fx_2_0_machine_options(MachineClass *m)
  * QEMU 1.7 it is 6414.  For RHEL/CentOS 7.0 it is 6418.
  */
 pcmc->legacy_acpi_table_size = 6652;
+pcmc->acpi_data_size = 0x1;
 }
 
 DEFINE_I440FX_MACHINE(v2_0, "pc-i440fx-2.0", pc_compat_2_0,
diff --git a/hw/i386/pc_q35.c b/hw/i386/pc_q35.c
index f9afaa2..43e77f4 100644
--- a/hw/i386/pc_q35.c
+++ b/hw/i386/pc_q35.c
@@ -302,7 +302,6 @@ static void pc_compat_2_1(MachineState *machine)
 static void pc_compat_2_0(MachineState *machine)
 {
 pc_compat_2_1(machine);
-pc_set_legacy_acpi_data_size();
 }
 
 static void pc_compat_1_7(MachineState *machine)
@@ -424,6 +423,7 @@ static void pc_q35_2_0_machine_options(MachineClass *m)
 SET_MACHINE_COMPAT(m, PC_COMPAT_2_0);
 pcmc->has_reserved_memory = false;
 pcmc->smbios_legacy_mode = true;
+pcmc->acpi_data_size = 0x1;
 }
 
 DEFINE_Q35_MACHINE(v2_0, "pc-q35-2.0", pc_compat_2_0,
diff --git a/include/hw/i386/pc.h b/include/hw/i386/pc.h
index 7c2cc9f..e604ca5 100644
--- a/include/hw/i386/pc.h
+++ b/include/hw/i386/pc.h
@@ -77,6 +77,10 @@ struct PCMachineClass {
 bool has_reserved_memory;
 bool kvmclock_enabled;
 int legacy_acpi_table_size;
+/* Leave a chunk of memory at the top of RAM for the BIOS ACPI tables
+ * and other BIOS datastructures.
+ */
+unsigned acpi_data_size;
 };
 
 #define TYPE_PC_MACHINE "generic-pc-machine"
@@ -188,8 +192,6 @@ void pc_acpi_init(const char *default_dsdt);
 
 PcGuestInfo *pc_guest_info_init(PCMachineState *pcms);
 
-void pc_set_legacy_acpi_data_size(void);
-
 #define PCI_HOST_PROP_PCI_HOLE_START   "pci-hole-start"
 #define PCI_HOST_PROP_PCI_HOLE_END "pci-hole-end"
 #define PCI_HOST_PROP_PCI_HOLE64_START "pci-hole64-start"
-- 
2.1.0

[Qemu-devel] [PATCH v3 4/6] pc: Move enforce_aligned_dimm to PCMachineClass

[Eduardo Habkost]

enforce_aligned_dimm never changes after the machine is
initialized, so it can be simply set in PCMachineClass like all
the other compat fields.

Cc: Igor Mammedov 
Signed-off-by: Eduardo Habkost 
---
 hw/i386/pc.c | 12 +++-
 hw/i386/pc_piix.c|  4 +---
 hw/i386/pc_q35.c |  4 +---
 include/hw/i386/pc.h |  6 +++---
 4 files changed, 12 insertions(+), 14 deletions(-)

diff --git a/hw/i386/pc.c b/hw/i386/pc.c
index a79b8af..72c25ec 100644
--- a/hw/i386/pc.c
+++ b/hw/i386/pc.c
@@ -1294,6 +1294,7 @@ FWCfgState *pc_memory_init(PCMachineState *pcms,
 MemoryRegion *ram_below_4g, *ram_above_4g;
 FWCfgState *fw_cfg;
 MachineState *machine = MACHINE(pcms);
+PCMachineClass *pcmc = PC_MACHINE_GET_CLASS(pcms);
 
 assert(machine->ram_size == pcms->below_4g_mem_size +
 pcms->above_4g_mem_size);
@@ -1355,7 +1356,7 @@ FWCfgState *pc_memory_init(PCMachineState *pcms,
 pcms->hotplug_memory.base =
 ROUND_UP(0x1ULL + pcms->above_4g_mem_size, 1ULL << 30);
 
-if (pcms->enforce_aligned_dimm) {
+if (pcmc->enforce_aligned_dimm) {
 /* size hotplug region assuming 1G page max alignment per slot */
 hotplug_mem_size += (1ULL << 30) * machine->ram_slots;
 }
@@ -1608,12 +1609,13 @@ static void pc_dimm_plug(HotplugHandler *hotplug_dev,
 HotplugHandlerClass *hhc;
 Error *local_err = NULL;
 PCMachineState *pcms = PC_MACHINE(hotplug_dev);
+PCMachineClass *pcmc = PC_MACHINE_GET_CLASS(pcms);
 PCDIMMDevice *dimm = PC_DIMM(dev);
 PCDIMMDeviceClass *ddc = PC_DIMM_GET_CLASS(dimm);
 MemoryRegion *mr = ddc->get_memory_region(dimm);
 uint64_t align = TARGET_PAGE_SIZE;
 
-if (memory_region_get_alignment(mr) && pcms->enforce_aligned_dimm) {
+if (memory_region_get_alignment(mr) && pcmc->enforce_aligned_dimm) {
 align = memory_region_get_alignment(mr);
 }
 
@@ -1864,9 +1866,9 @@ static void pc_machine_set_smm(Object *obj, Visitor *v, 
void *opaque,
 
 static bool pc_machine_get_aligned_dimm(Object *obj, Error **errp)
 {
-PCMachineState *pcms = PC_MACHINE(obj);
+PCMachineClass *pcmc = PC_MACHINE_GET_CLASS(obj);
 
-return pcms->enforce_aligned_dimm;
+return pcmc->enforce_aligned_dimm;
 }
 
 static void pc_machine_initfn(Object *obj)
@@ -1904,7 +1906,6 @@ static void pc_machine_initfn(Object *obj)
 "Enable vmport (pc & q35)",
 _abort);
 
-pcms->enforce_aligned_dimm = true;
 object_property_add_bool(obj, PC_MACHINE_ENFORCE_ALIGNED_DIMM,
  pc_machine_get_aligned_dimm,
  NULL, _abort);
@@ -1952,6 +1953,7 @@ static void pc_machine_class_init(ObjectClass *oc, void 
*data)
 pcmc->gigabyte_align = true;
 pcmc->has_reserved_memory = true;
 pcmc->kvmclock_enabled = true;
+pcmc->enforce_aligned_dimm = true;
 /* BIOS ACPI tables: 128K. Other BIOS datastructures: less than 4K reported
  * to be used at the moment, 32K should be enough for a while.  */
 pcmc->acpi_data_size = 0x2 + 0x8000;
diff --git a/hw/i386/pc_piix.c b/hw/i386/pc_piix.c
index 3562888..869c64b 100644
--- a/hw/i386/pc_piix.c
+++ b/hw/i386/pc_piix.c
@@ -307,11 +307,8 @@ static void pc_compat_2_2(MachineState *machine)
 
 static void pc_compat_2_1(MachineState *machine)
 {
-PCMachineState *pcms = PC_MACHINE(machine);
-
 pc_compat_2_2(machine);
 x86_cpu_change_kvm_default("svm", NULL);
-pcms->enforce_aligned_dimm = false;
 }
 
 static void pc_compat_2_0(MachineState *machine)
@@ -483,6 +480,7 @@ static void pc_i440fx_2_1_machine_options(MachineClass *m)
 m->default_display = NULL;
 SET_MACHINE_COMPAT(m, PC_COMPAT_2_1);
 pcmc->smbios_uuid_encoded = false;
+pcmc->enforce_aligned_dimm = false;
 }
 
 DEFINE_I440FX_MACHINE(v2_1, "pc-i440fx-2.1", pc_compat_2_1,
diff --git a/hw/i386/pc_q35.c b/hw/i386/pc_q35.c
index 43e77f4..e16dec1 100644
--- a/hw/i386/pc_q35.c
+++ b/hw/i386/pc_q35.c
@@ -292,10 +292,7 @@ static void pc_compat_2_2(MachineState *machine)
 
 static void pc_compat_2_1(MachineState *machine)
 {
-PCMachineState *pcms = PC_MACHINE(machine);
-
 pc_compat_2_2(machine);
-pcms->enforce_aligned_dimm = false;
 x86_cpu_change_kvm_default("svm", NULL);
 }
 
@@ -409,6 +406,7 @@ static void pc_q35_2_1_machine_options(MachineClass *m)
 m->default_display = NULL;
 SET_MACHINE_COMPAT(m, PC_COMPAT_2_1);
 pcmc->smbios_uuid_encoded = false;
+pcmc->enforce_aligned_dimm = false;
 }
 
 DEFINE_Q35_MACHINE(v2_1, "pc-q35-2.1", pc_compat_2_1,
diff --git a/include/hw/i386/pc.h b/include/hw/i386/pc.h
index e604ca5..6b86deb 100644
--- a/include/hw/i386/pc.h
+++ b/include/hw/i386/pc.h
@@ -23,8 +23,6 @@
 /**
  * PCMachineState:
  * @acpi_dev: link to ACPI PM device that performs ACPI hotplug handling
- * @enforce_aligned_dimm: check that DIMM's 

Re: [Qemu-devel] [Patch v12 00/10] Block replication for continuous checkpoints

[Wen Congyang]

On 12/01/2015 06:40 PM, Dr. David Alan Gilbert wrote:
> * Wen Congyang (we...@cn.fujitsu.com) wrote:
>> Block replication is a very important feature which is used for
>> continuous checkpoints(for example: COLO).
>>
>> You can get the detailed information about block replication from here:
>> http://wiki.qemu.org/Features/BlockReplication
>>
>> Usage:
>> Please refer to docs/block-replication.txt
>>
>> This patch series is based on the following patch series:
>> 1. http://lists.nongnu.org/archive/html/qemu-devel/2015-11/msg04949.html
>> 2. http://lists.nongnu.org/archive/html/qemu-devel/2015-11/msg06043.html
>>
>> You can get the patch here:
>> https://github.com/coloft/qemu/tree/wency/block-replication-v12
>>
>> You can get the patch with framework here:
>> https://github.com/coloft/qemu/tree/wency/colo_framework_v11.2
> 
> Neither of these links work for me, and I see that  only messages 0..7 in the
> series hit the list.

I forgot to push it to github...
And I also received the messages 0..7, and I don't know what's wrong...

I will push it to github, and resend them.

Thanks
Wen Congyang

> 
> Dave
> 
>>
>> TODO:
>> 1. Continuous block replication. It will be started after basic functions
>>are accepted.
>>
>> Changs Log:
>> V12:
>> 1. Rebase to the newest codes
>> 2. Use backing reference to replcace 'allow-write-backing-file'
>> V11:
>> 1. Reopen the backing file when starting blcok replication if it is not
>>opened in R/W mode
>> 2. Unblock BLOCK_OP_TYPE_BACKUP_SOURCE and BLOCK_OP_TYPE_BACKUP_TARGET
>>when opening backing file
>> 3. Block the top BDS so there is only one block job for the top BDS and
>>its backing chain.
>> V10:
>> 1. Use blockdev-remove-medium and blockdev-insert-medium to replace backing
>>reference.
>> 2. Address the comments from Eric Blake
>> V9:
>> 1. Update the error messages
>> 2. Rebase to the newest qemu
>> 3. Split child add/delete support. These patches are sent in another 
>> patchset.
>> V8:
>> 1. Address Alberto Garcia's comments
>> V7:
>> 1. Implement adding/removing quorum child. Remove the option non-connect.
>> 2. Simplify the backing refrence option according to Stefan Hajnoczi's 
>> suggestion
>> V6:
>> 1. Rebase to the newest qemu.
>> V5:
>> 1. Address the comments from Gong Lei
>> 2. Speed the failover up. The secondary vm can take over very quickly even
>>if there are too many I/O requests.
>> V4:
>> 1. Introduce a new driver replication to avoid touch nbd and qcow2.
>> V3:
>> 1: use error_setg() instead of error_set()
>> 2. Add a new block job API
>> 3. Active disk, hidden disk and nbd target uses the same AioContext
>> 4. Add a testcase to test new hbitmap API
>> V2:
>> 1. Redesign the secondary qemu(use image-fleecing)
>> 2. Use Error objects to return error message
>> 3. Address the comments from Max Reitz and Eric Blake
>>
>> Wen Congyang (10):
>>   unblock backup operations in backing file
>>   Store parent BDS in BdrvChild
>>   Backup: clear all bitmap when doing block checkpoint
>>   Allow creating backup jobs when opening BDS
>>   docs: block replication's description
>>   Add new block driver interfaces to control block replication
>>   quorum: implement block driver interfaces for block replication
>>   Implement new driver for block replication
>>   support replication driver in blockdev-add
>>   Add a new API to start/stop replication, do checkpoint to all BDSes
>>
>>  block.c| 145 
>>  block/Makefile.objs|   3 +-
>>  block/backup.c |  14 ++
>>  block/quorum.c |  78 +++
>>  block/replication.c| 549 
>> +
>>  blockjob.c |  11 +
>>  docs/block-replication.txt | 227 +++
>>  include/block/block.h  |   9 +
>>  include/block/block_int.h  |  15 ++
>>  include/block/blockjob.h   |  12 +
>>  qapi/block-core.json   |  34 ++-
>>  11 files changed, 1093 insertions(+), 4 deletions(-)
>>  create mode 100644 block/replication.c
>>  create mode 100644 docs/block-replication.txt
>>
>> -- 
>> 2.5.0
>>
>>
>>
> --
> Dr. David Alan Gilbert / dgilb...@redhat.com / Manchester, UK
> 
> 
> .
> 

[Qemu-devel] [PATCH 00/16] pc: Eliminate struct PcGuestInfo

[Eduardo Habkost]

This moves all data from PcGuestInfo to either PCMachineState or
PCMachineClass.

This series depends on other two series:
* [PATCH v3 0/6] pc: Initialization and compat function cleanup
* [PATCH V3 0/3]  hw/pcie: Multi-root support for Q35

For reference, there's a git tree containing this series plus all
the dependencies, at:
  git://github.com/ehabkost/qemu-hacks.git work/pcguestinfo-eliminate

Eduardo Habkost (16):
  pc: Move PcGuestInfo declaration to top of file
  pc: Eliminate struct PcGuestInfoState
  pc: Remove guest_info parameter from pc_memory_init()
  acpi: Make acpi_setup() get PCMachineState as argument
  acpi: Remove unused build_facs() PcGuestInfo paramter
  acpi: Save PCMachineState on AcpiBuildState
  acpi: Make acpi_build() get PCMachineState as argument
  acpi: Make build_srat() get PCMachineState as argument
  acpi: Remove ram size fields fron PcGuestInfo
  pc: Move PcGuestInfo.fw_cfg field to PCMachineState
  pc: Simplify signature of xen_load_linux()
  pc: Remove PcGuestInfo.isapc_ram_fw field
  q35: Remove MCHPCIState.guest_info field
  acpi: Use PCMachineClass fields directly
  pc: Move PcGuestInfo.apic_xrupt_override field to PCMachineState
  pc: Move APIC and NUMA data from PcGuestInfo to PCMachineState

 hw/i386/acpi-build.c  | 75 ---
 hw/i386/acpi-build.h  |  2 +-
 hw/i386/pc.c  | 71 ++--
 hw/i386/pc_piix.c | 14 ++---
 hw/i386/pc_q35.c  | 15 ++
 include/hw/i386/pc.h  | 30 +++
 include/hw/pci-host/q35.h |  1 -
 7 files changed, 82 insertions(+), 126 deletions(-)

-- 
2.1.0

[Qemu-devel] [PATCH 05/16] acpi: Remove unused build_facs() PcGuestInfo paramter

[Eduardo Habkost]

Signed-off-by: Eduardo Habkost 
---
 hw/i386/acpi-build.c | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/hw/i386/acpi-build.c b/hw/i386/acpi-build.c
index 74f0922..85a5c53 100644
--- a/hw/i386/acpi-build.c
+++ b/hw/i386/acpi-build.c
@@ -295,7 +295,7 @@ static void acpi_align_size(GArray *blob, unsigned align)
 
 /* FACS */
 static void
-build_facs(GArray *table_data, GArray *linker, PcGuestInfo *guest_info)
+build_facs(GArray *table_data, GArray *linker)
 {
 AcpiFacsDescriptorRev1 *facs = acpi_data_push(table_data, sizeof *facs);
 memcpy(>signature, "FACS", 4);
@@ -1716,7 +1716,7 @@ void acpi_build(PcGuestInfo *guest_info, AcpiBuildTables 
*tables)
  * requirements.
  */
 facs = tables_blob->len;
-build_facs(tables_blob, tables->linker, guest_info);
+build_facs(tables_blob, tables->linker);
 
 /* DSDT is pointed to by FADT */
 dsdt = tables_blob->len;
-- 
2.1.0

[Qemu-devel] [PATCH 01/16] pc: Move PcGuestInfo declaration to top of file

[Eduardo Habkost]

The struct will be used inside PCMachineState.

Signed-off-by: Eduardo Habkost 
---
 include/hw/i386/pc.h | 31 ---
 1 file changed, 16 insertions(+), 15 deletions(-)

diff --git a/include/hw/i386/pc.h b/include/hw/i386/pc.h
index 9811229..a74bded 100644
--- a/include/hw/i386/pc.h
+++ b/include/hw/i386/pc.h
@@ -20,6 +20,22 @@
 
 #define HPET_INTCAP "hpet-intcap"
 
+/* Machine info for ACPI build: */
+struct PcGuestInfo {
+bool isapc_ram_fw;
+hwaddr ram_size, ram_size_below_4g;
+unsigned apic_id_limit;
+bool apic_xrupt_override;
+uint64_t numa_nodes;
+uint64_t *node_mem;
+uint64_t *node_cpu;
+FWCfgState *fw_cfg;
+int legacy_acpi_table_size;
+bool has_acpi_build;
+bool has_reserved_memory;
+bool rsdp_in_ram;
+};
+
 /**
  * PCMachineState:
  * @acpi_dev: link to ACPI PM device that performs ACPI hotplug handling
@@ -109,21 +125,6 @@ typedef struct PcPciInfo {
 #define ACPI_PM_PROP_GPE0_BLK_LEN "gpe0_blk_len"
 #define ACPI_PM_PROP_TCO_ENABLED "enable_tco"
 
-struct PcGuestInfo {
-bool isapc_ram_fw;
-hwaddr ram_size, ram_size_below_4g;
-unsigned apic_id_limit;
-bool apic_xrupt_override;
-uint64_t numa_nodes;
-uint64_t *node_mem;
-uint64_t *node_cpu;
-FWCfgState *fw_cfg;
-int legacy_acpi_table_size;
-bool has_acpi_build;
-bool has_reserved_memory;
-bool rsdp_in_ram;
-};
-
 /* parallel.c */
 
 void parallel_hds_isa_init(ISABus *bus, int n);
-- 
2.1.0

[Qemu-devel] [PATCH 04/16] acpi: Make acpi_setup() get PCMachineState as argument

[Eduardo Habkost]

Lots of PcGuestInfo fields are duplicates of PCMachineClass or
PCMachineState fields. Pass PCMachineState as argument to
acpi_setup(), so we can simply let the ACPI code use those fields
directly.

Signed-off-by: Eduardo Habkost 
---
 hw/i386/acpi-build.c | 3 ++-
 hw/i386/acpi-build.h | 2 +-
 hw/i386/pc.c | 2 +-
 3 files changed, 4 insertions(+), 3 deletions(-)

diff --git a/hw/i386/acpi-build.c b/hw/i386/acpi-build.c
index bca3f06..74f0922 100644
--- a/hw/i386/acpi-build.c
+++ b/hw/i386/acpi-build.c
@@ -1893,8 +1893,9 @@ static const VMStateDescription vmstate_acpi_build = {
 },
 };
 
-void acpi_setup(PcGuestInfo *guest_info)
+void acpi_setup(PCMachineState *pcms)
 {
+PcGuestInfo *guest_info = >acpi_guest_info;
 AcpiBuildTables tables;
 AcpiBuildState *build_state;
 
diff --git a/hw/i386/acpi-build.h b/hw/i386/acpi-build.h
index e57b1aa..132aba2 100644
--- a/hw/i386/acpi-build.h
+++ b/hw/i386/acpi-build.h
@@ -4,6 +4,6 @@
 
 #include "qemu/typedefs.h"
 
-void acpi_setup(PcGuestInfo *);
+void acpi_setup(PCMachineState *pcms);
 
 #endif
diff --git a/hw/i386/pc.c b/hw/i386/pc.c
index a17e5b3e..fc98a20 100644
--- a/hw/i386/pc.c
+++ b/hw/i386/pc.c
@@ -1179,7 +1179,7 @@ void pc_machine_done(Notifier *notifier, void *data)
 }
 }
 
-acpi_setup(>acpi_guest_info);
+acpi_setup(pcms);
 }
 
 PcGuestInfo *pc_guest_info_init(PCMachineState *pcms)
-- 
2.1.0

Re: [Qemu-devel] [PATCH v3 02/12] dump-guest-memory: add "detach" flag for QMP/HMP interfaces.

[Peter Xu]

On Tue, Dec 01, 2015 at 04:09:48PM +0100, Paolo Bonzini wrote:
> 
> 
> On 01/12/2015 03:18, Peter Xu wrote:
> > I think (2) is better in term of lines of codes (and also
> > clear). However I may need to keep the QMP interface (to keep the
> > has_detach parameter in qmp_dump_guest_memory), so I'd like to
> > choose (1).
> 
> It's also okay to also pass has_detach = true to qmp_dump_guest_memory.

Yes. That's more clear. Will put it into v5.

Thanks.
Peter

> 
> Paolo

Re: [Qemu-devel] [PATCH v4 08/11] dump-guest-memory: add qmp event DUMP_COMPLETED

[Fam Zheng]

On Tue, 12/01 21:28, Peter Xu wrote:
> One new QMP event DUMP_COMPLETED is added. When a dump finishes, one
> DUMP_COMPLETED event will occur to notify the user.
> 
> Signed-off-by: Peter Xu 
> ---
>  docs/qmp-events.txt | 16 
>  dump.c  | 11 +--
>  qapi-schema.json|  3 ++-
>  qapi/event.json | 13 +
>  qmp-commands.hx |  5 +++--
>  util/error.c|  6 +-
>  6 files changed, 44 insertions(+), 10 deletions(-)
> 
> diff --git a/docs/qmp-events.txt b/docs/qmp-events.txt
> index d2f1ce4..1f79588 100644
> --- a/docs/qmp-events.txt
> +++ b/docs/qmp-events.txt
> @@ -220,6 +220,22 @@ Data:
>},
>"timestamp": { "seconds": 1265044230, "microseconds": 450486 } }
>  
> +DUMP_COMPLETED
> +--
> +
> +Emitted when the guest has finished one memory dump.
> +
> +Data:
> +
> +- "error": Error message when dump failed. This is only a
> +  human-readable string provided when dump failed. It should not be
> +  parsed in any way (json-string, optional)
> +
> +Example:
> +
> +{ "event": "DUMP_COMPLETED",
> +  "data": {} }
> +
>  GUEST_PANICKED
>  --
>  
> diff --git a/dump.c b/dump.c
> index c86bc2d..5b040b7 100644
> --- a/dump.c
> +++ b/dump.c
> @@ -25,6 +25,7 @@
>  #include "qapi/error.h"
>  #include "qapi/qmp/qerror.h"
>  #include "qmp-commands.h"
> +#include "qapi-event.h"
>  
>  #include 
>  #ifdef CONFIG_LZO
> @@ -1612,6 +1613,9 @@ static void dump_process(DumpState *s, Error **errp)
>  s->status = DUMP_STATUS_COMPLETED;
>  }
>  
> +/* send DUMP_COMPLETED message (unconditionally) */
> +qapi_event_send_dump_completed(!!(*errp), error_get_pretty(*errp),
> +   _abort);
>  dump_cleanup(s);
>  }
>  
> @@ -1619,13 +1623,8 @@ static void *dump_thread(void *data)
>  {
>  Error *err = NULL;
>  DumpState *s = (DumpState *)data;
> -
>  dump_process(s, );
> -
> -if (err) {
> -/* TODO: notify user the error */
> -error_free(err);
> -}
> +error_free(err);
>  return NULL;
>  }
>  
> diff --git a/qapi-schema.json b/qapi-schema.json
> index 691a130..f0d3c4a 100644
> --- a/qapi-schema.json
> +++ b/qapi-schema.json
> @@ -2116,7 +2116,8 @@
>  #   is the fd's name.
>  #
>  # @detach: #optional if true, QMP will return immediately rather than
> -#  waiting for the dump to finish. (since 2.6).
> +#  waiting for the dump to finish. A DUMP_COMPLETED event will
> +#  occur at the end. (since 2.6).
>  #
>  # @begin: #optional if specified, the starting physical address.
>  #
> diff --git a/qapi/event.json b/qapi/event.json
> index f0cef01..9b7f714 100644
> --- a/qapi/event.json
> +++ b/qapi/event.json
> @@ -356,3 +356,16 @@
>  ##
>  { 'event': 'MEM_UNPLUG_ERROR',
>'data': { 'device': 'str', 'msg': 'str' } }
> +
> +##
> +# @DUMP_COMPLETED
> +#
> +# Emitted when background dump has completed
> +#
> +# @error: #optional human-readable error string that provides
> +# hint on why dump failed.

Please explicitly mention that successful dump emits DUMP_COMPLETED without
error, and failed dump emits DUMP_COMPLETED that has an error str.

> +#
> +# Since: 2.6
> +##
> +{ 'event': 'DUMP_COMPLETED' ,
> +  'data': { '*error': 'str' } }
> diff --git a/qmp-commands.hx b/qmp-commands.hx
> index 6b51585..7b6f915 100644
> --- a/qmp-commands.hx
> +++ b/qmp-commands.hx
> @@ -857,8 +857,9 @@ Arguments:
>  - "paging": do paging to get guest's memory mapping (json-bool)
>  - "protocol": destination file(started with "file:") or destination file
>descriptor (started with "fd:") (json-string)
> -- "detach": if specified, command will return immediately, without waiting
> -for the dump to finish (json-bool)
> +- "detach": if specified, command will return immediately rather than waiting
> +for the dump completion. A DUMP_COMPLETED event will occur at
> +the end. (json-bool)
>  - "begin": the starting physical address. It's optional, and should be 
> specified
> with length together (json-int)
>  - "length": the memory size, in bytes. It's optional, and should be specified
> diff --git a/util/error.c b/util/error.c
> index 80c89a2..645b9af 100644
> --- a/util/error.c
> +++ b/util/error.c
> @@ -197,7 +197,11 @@ ErrorClass error_get_class(const Error *err)
>  
>  const char *error_get_pretty(Error *err)
>  {
> -return err->msg;
> +if (err) {
> +return err->msg;
> +} else {
> +return NULL;
> +}

This change belongs to a separate patch, if any. But personally I don't like
it, because it doesn't work very well when error_get_pretty is used in
printf-like function parameters:

Error *err = NULL;
error_report("error: %s", error_get_pretty(err));

will print "error: (null)" which is ugly, in which case the caller need to
check the pointer anyway. And that is the dominant use case for
error_get_pretty in the code base.

[Qemu-devel] [PATCH 06/16] acpi: Save PCMachineState on AcpiBuildState

[Eduardo Habkost]

PCMachineState will be used in some of the steps of ACPI table
building.

Signed-off-by: Eduardo Habkost 
---
 hw/i386/acpi-build.c | 8 
 1 file changed, 4 insertions(+), 4 deletions(-)

diff --git a/hw/i386/acpi-build.c b/hw/i386/acpi-build.c
index 85a5c53..ca11c88 100644
--- a/hw/i386/acpi-build.c
+++ b/hw/i386/acpi-build.c
@@ -1644,7 +1644,7 @@ struct AcpiBuildState {
 MemoryRegion *table_mr;
 /* Is table patched? */
 uint8_t patched;
-PcGuestInfo *guest_info;
+PCMachineState *pcms;
 void *rsdp;
 MemoryRegion *rsdp_mr;
 MemoryRegion *linker_mr;
@@ -1855,7 +1855,7 @@ static void acpi_build_update(void *build_opaque, 
uint32_t offset)
 
 acpi_build_tables_init();
 
-acpi_build(build_state->guest_info, );
+acpi_build(_state->pcms->acpi_guest_info, );
 
 acpi_ram_update(build_state->table_mr, tables.table_data);
 
@@ -1916,12 +1916,12 @@ void acpi_setup(PCMachineState *pcms)
 
 build_state = g_malloc0(sizeof *build_state);
 
-build_state->guest_info = guest_info;
+build_state->pcms = pcms;
 
 acpi_set_pci_info();
 
 acpi_build_tables_init();
-acpi_build(build_state->guest_info, );
+acpi_build(_state->pcms->acpi_guest_info, );
 
 /* Now expose it all to Guest */
 build_state->table_mr = acpi_add_rom_blob(build_state, tables.table_data,
-- 
2.1.0

[Qemu-devel] [PATCH 11/16] pc: Simplify signature of xen_load_linux()

[Eduardo Habkost]

We don't need the FWCfgState return value and the PcGuestInfo
parameter.

Signed-off-by: Eduardo Habkost 
---
 hw/i386/pc.c | 5 +
 hw/i386/pc_piix.c| 2 +-
 include/hw/i386/pc.h | 3 +--
 3 files changed, 3 insertions(+), 7 deletions(-)

diff --git a/hw/i386/pc.c b/hw/i386/pc.c
index a219187..a9ec402 100644
--- a/hw/i386/pc.c
+++ b/hw/i386/pc.c
@@ -1253,8 +1253,7 @@ void pc_acpi_init(const char *default_dsdt)
 }
 }
 
-FWCfgState *xen_load_linux(PCMachineState *pcms,
-   PcGuestInfo *guest_info)
+void xen_load_linux(PCMachineState *pcms)
 {
 int i;
 FWCfgState *fw_cfg;
@@ -1271,7 +1270,6 @@ FWCfgState *xen_load_linux(PCMachineState *pcms,
 rom_add_option(option_rom[i].name, option_rom[i].bootindex);
 }
 pcms->fw_cfg = fw_cfg;
-return fw_cfg;
 }
 
 FWCfgState *pc_memory_init(PCMachineState *pcms,
@@ -1401,7 +1399,6 @@ FWCfgState *pc_memory_init(PCMachineState *pcms,
 rom_add_option(option_rom[i].name, option_rom[i].bootindex);
 }
 pcms->fw_cfg = fw_cfg;
-return fw_cfg;
 }
 
 qemu_irq pc_allocate_cpu_irq(void)
diff --git a/hw/i386/pc_piix.c b/hw/i386/pc_piix.c
index f7bc1c0..f39c086 100644
--- a/hw/i386/pc_piix.c
+++ b/hw/i386/pc_piix.c
@@ -164,7 +164,7 @@ static void pc_init1(MachineState *machine,
rom_memory, _memory);
 } else if (machine->kernel_filename != NULL) {
 /* For xen HVM direct kernel boot, load linux here */
-xen_load_linux(pcms, guest_info);
+xen_load_linux(pcms);
 }
 
 gsi_state = g_malloc0(sizeof(*gsi_state));
diff --git a/include/hw/i386/pc.h b/include/hw/i386/pc.h
index 03750bc..2732a72 100644
--- a/include/hw/i386/pc.h
+++ b/include/hw/i386/pc.h
@@ -205,8 +205,7 @@ PcGuestInfo *pc_guest_info_init(PCMachineState *pcms);
 void pc_pci_as_mapping_init(Object *owner, MemoryRegion *system_memory,
 MemoryRegion *pci_address_space);
 
-FWCfgState *xen_load_linux(PCMachineState *pcms,
-   PcGuestInfo *guest_info);
+void xen_load_linux(PCMachineState *pcms);
 FWCfgState *pc_memory_init(PCMachineState *pcms,
MemoryRegion *system_memory,
MemoryRegion *rom_memory,
-- 
2.1.0

[Qemu-devel] [PATCH 15/16] pc: Move PcGuestInfo.apic_xrupt_override field to PCMachineState

[Eduardo Habkost]

Signed-off-by: Eduardo Habkost 
---
 hw/i386/acpi-build.c | 7 ---
 hw/i386/pc.c | 2 +-
 include/hw/i386/pc.h | 2 +-
 3 files changed, 6 insertions(+), 5 deletions(-)

diff --git a/hw/i386/acpi-build.c b/hw/i386/acpi-build.c
index 7771be7..cdbe5b9 100644
--- a/hw/i386/acpi-build.c
+++ b/hw/i386/acpi-build.c
@@ -366,8 +366,9 @@ build_fadt(GArray *table_data, GArray *linker, AcpiPmInfo 
*pm,
 
 static void
 build_madt(GArray *table_data, GArray *linker, AcpiCpuInfo *cpu,
-   PcGuestInfo *guest_info)
+   PCMachineState *pcms)
 {
+PcGuestInfo *guest_info = >acpi_guest_info;
 int madt_start = table_data->len;
 
 AcpiMultipleApicTable *madt;
@@ -400,7 +401,7 @@ build_madt(GArray *table_data, GArray *linker, AcpiCpuInfo 
*cpu,
 io_apic->address = cpu_to_le32(IO_APIC_DEFAULT_ADDRESS);
 io_apic->interrupt = cpu_to_le32(0);
 
-if (guest_info->apic_xrupt_override) {
+if (pcms->apic_xrupt_override) {
 intsrcovr = acpi_data_push(table_data, sizeof *intsrcovr);
 intsrcovr->type   = ACPI_APIC_XRUPT_OVERRIDE;
 intsrcovr->length = sizeof(*intsrcovr);
@@ -1740,7 +1741,7 @@ void acpi_build(PCMachineState *pcms, AcpiBuildTables 
*tables)
 aml_len += tables_blob->len - ssdt;
 
 acpi_add_table(table_offsets, tables_blob);
-build_madt(tables_blob, tables->linker, , guest_info);
+build_madt(tables_blob, tables->linker, , pcms);
 
 if (misc.has_hpet) {
 acpi_add_table(table_offsets, tables_blob);
diff --git a/hw/i386/pc.c b/hw/i386/pc.c
index cdfdd52..f399d14 100644
--- a/hw/i386/pc.c
+++ b/hw/i386/pc.c
@@ -1188,7 +1188,7 @@ PcGuestInfo *pc_guest_info_init(PCMachineState *pcms)
 int i, j;
 
 guest_info->apic_id_limit = pc_apic_id_limit(max_cpus);
-guest_info->apic_xrupt_override = kvm_allows_irq0_override();
+pcms->apic_xrupt_override = kvm_allows_irq0_override();
 guest_info->numa_nodes = nb_numa_nodes;
 guest_info->node_mem = g_malloc0(guest_info->numa_nodes *
 sizeof *guest_info->node_mem);
diff --git a/include/hw/i386/pc.h b/include/hw/i386/pc.h
index a175131..5ded182 100644
--- a/include/hw/i386/pc.h
+++ b/include/hw/i386/pc.h
@@ -23,7 +23,6 @@
 /* Machine info for ACPI build: */
 struct PcGuestInfo {
 unsigned apic_id_limit;
-bool apic_xrupt_override;
 uint64_t numa_nodes;
 uint64_t *node_mem;
 uint64_t *node_cpu;
@@ -51,6 +50,7 @@ struct PCMachineState {
 PcGuestInfo acpi_guest_info;
 Notifier machine_done;
 FWCfgState *fw_cfg;
+bool apic_xrupt_override;
 };
 
 #define PC_MACHINE_ACPI_DEVICE_PROP "acpi-device"
-- 
2.1.0

[Qemu-devel] [PATCH 12/16] pc: Remove PcGuestInfo.isapc_ram_fw field

[Eduardo Habkost]

The code can use the PCMachineClass.pci_enabled field directly.

Signed-off-by: Eduardo Habkost 
---
 hw/i386/pc.c | 2 +-
 hw/i386/pc_piix.c| 1 -
 hw/i386/pc_q35.c | 1 -
 include/hw/i386/pc.h | 1 -
 4 files changed, 1 insertion(+), 4 deletions(-)

diff --git a/hw/i386/pc.c b/hw/i386/pc.c
index a9ec402..82025e2 100644
--- a/hw/i386/pc.c
+++ b/hw/i386/pc.c
@@ -1364,7 +1364,7 @@ FWCfgState *pc_memory_init(PCMachineState *pcms,
 }
 
 /* Initialize PC system firmware */
-pc_system_firmware_init(rom_memory, guest_info->isapc_ram_fw);
+pc_system_firmware_init(rom_memory, !pcmc->pci_enabled);
 
 option_rom_mr = g_malloc(sizeof(*option_rom_mr));
 memory_region_init_ram(option_rom_mr, NULL, "pc.rom", PC_ROM_SIZE,
diff --git a/hw/i386/pc_piix.c b/hw/i386/pc_piix.c
index f39c086..1828cf8 100644
--- a/hw/i386/pc_piix.c
+++ b/hw/i386/pc_piix.c
@@ -145,7 +145,6 @@ static void pc_init1(MachineState *machine,
 guest_info->has_acpi_build = pcmc->has_acpi_build;
 guest_info->legacy_acpi_table_size = pcmc->legacy_acpi_table_size;
 
-guest_info->isapc_ram_fw = !pcmc->pci_enabled;
 guest_info->has_reserved_memory = pcmc->has_reserved_memory;
 guest_info->rsdp_in_ram = pcmc->rsdp_in_ram;
 
diff --git a/hw/i386/pc_q35.c b/hw/i386/pc_q35.c
index 7563bca..f124e59 100644
--- a/hw/i386/pc_q35.c
+++ b/hw/i386/pc_q35.c
@@ -132,7 +132,6 @@ static void pc_q35_init(MachineState *machine)
 }
 
 guest_info = pc_guest_info_init(pcms);
-guest_info->isapc_ram_fw = false;
 guest_info->has_acpi_build = pcmc->has_acpi_build;
 guest_info->has_reserved_memory = pcmc->has_reserved_memory;
 guest_info->rsdp_in_ram = pcmc->rsdp_in_ram;
diff --git a/include/hw/i386/pc.h b/include/hw/i386/pc.h
index 2732a72..64f2b4b 100644
--- a/include/hw/i386/pc.h
+++ b/include/hw/i386/pc.h
@@ -22,7 +22,6 @@
 
 /* Machine info for ACPI build: */
 struct PcGuestInfo {
-bool isapc_ram_fw;
 unsigned apic_id_limit;
 bool apic_xrupt_override;
 uint64_t numa_nodes;
-- 
2.1.0

Re: [Qemu-devel] [PATCH v3 2/2] target-ppc: Implement rtas_get_sysparm(PROCESSOR_MODULE_INFO)

[David Gibson]

On Tue, Dec 01, 2015 at 11:49:31AM -0800, Sukadev Bhattiprolu wrote:
> David Gibson [da...@gibson.dropbear.id.au] wrote:
> | > @@ -240,6 +241,36 @@ static void rtas_ibm_get_system_parameter(PowerPCCPU 
> *cpu,
> | >  target_ulong ret = RTAS_OUT_SUCCESS;
> | >  
> | >  switch (parameter) {
> | > +case RTAS_SYSPARM_PROCESSOR_MODULE_INFO: {
> | > +struct sPAPRRTASModuleInfo modinfo;
> | > +int i, size = sizeof(modinfo), offset = 0;
> | > +
> | > +memset(, 0, size);
> | > +if (kvmppc_rtas_get_module_info()) {
> | > +ret = RTAS_OUT_HW_ERROR;
> | > +break;
> | > +}
> | > +
> | > +stw_be_phys(_space_memory, buffer+offset, size);
> | 
> | You're still advertising the full structure size to the guest, even
> | though it may be only partially populated.
> | 
> | That will probably work in practice, but I think we should be
> | PAPRishly correct and only output the size that we actually use here.
> 
> Ok. Will have kvmppc_rtas_get_module_info() take/update a size parameter
> and use that here.
> 
> |
> 
> 
> 
> | > +/* Each core in the system is represented by a directory with the prefix
> | > + * 'PowerPC,POWER' in directory /proc/device-tree/cpus/.  Process that
> | > + * directory and count the number of cores in the system.
> | > + *
> | > + * Return 0 if one or more cores are found. Return -1 otherwise.
> | > + */
> | > +static int kvmppc_count_cores_dt(int *num_cores)
> | > +{
> | > +int rc;
> | > +glob_t dtglob;
> | > +const char *cpus_pattern = "/proc/device-tree/cpus/PowerPC,POWER*";
> | 
> | Under KVM PR, this could still be too specific to IBM machines.  I
> | think it's probably safer to just use /proc/device-tree/cpus/*, I
> | don't *think* we get anything under /cpus that isn't a cpu node.
> 
> Well, on my Tuleta system (3.18.22-355.el7_1.pkvm3_1_0.3700.3.ppc64le)
> I see several l2-cache, l3-cache entries as well as some properties
> (like phandle, #size-cells) besides the PowerPC,POWER* entries.
> 
> $ cd /proc/device-tree/cpus
> 
> $ lsprop l3-cache@3020/device_type
> l3-cache@3020/device_type
>"cache"
> 
> $ lsprop l2-cache@28f0/device_type
> l2-cache@28f0/device_type
>"cache"
> 
> $ lsprop PowerPC,POWER8@860/device_type
> PowerPC,POWER8@860/device_type
>"cpu"

Ah.. right, guess I was wrong.

> Should we walk the /proc/device-tree/cpus/ tree and count only dirs with
> device-type "cpu" (rather than relying on the pattern PowerPC,POWER*)?

Yes, I think you'll have to.

> | 
> | In a number of ways I'd actually prefer to move to /cpus/cpu@NNN in
> | general, since that follows the OF generic names recommendation we
> | follow for most other nodes.
> 
> Do you mean rename '/proc/device-tree/cpus/PowerPC,POWER8@NNN' to
> /proc/device-tree/cpus/cpu@NNN?

Yes.  This is a firmware matter, so it's not something that can simply
be changed everywhere, but it's the approach that I'd prefer to
encourage for people making future machines and firmwares.

-- 
David Gibson| I'll have my music baroque, and my code
david AT gibson.dropbear.id.au  | minimalist, thank you.  NOT _the_ _other_
| _way_ _around_!
http://www.ozlabs.org/~dgibson


signature.asc
Description: PGP signature

Re: [Qemu-devel] [PATCH v5 01/10] vl: Don't allow CPU toplogies with partially filled cores

[Bharata B Rao]

On Tue, Dec 01, 2015 at 11:37:03AM +1100, David Gibson wrote:
> On Fri, Nov 20, 2015 at 06:24:30PM +0530, Bharata B Rao wrote:
> > Prevent guests from booting with CPU topologies that have partially
> > filled CPU cores or can result in partially filled CPU cores after
> > CPU hotplug like
> > 
> > -smp 15,sockets=1,cores=4,threads=4,maxcpus=16 or
> > -smp 15,sockets=1,cores=4,threads=4,maxcpus=17.
> > 
> > Signed-off-by: Bharata B Rao 
> 
> Reviewed-by: David Gibson 
> 
> I may have missed a bit of the discussion leading up to this.  What
> was the rationale for still allowing partially filled sockets (and
> otherwise doing things at core rather than socket level?)

This is generic parsing code. I don't remember an explicit discussion
around allowing or dis-allowing paritialy filled sockets. I thought
disallowing partially filled cores from generic smp parsing code would
be an acceptable first step for all archs.

Regards,
Bharata.

Re: [Qemu-devel] [Patch v12 00/10] Block replication for continuous checkpoints

[Wen Congyang]

On 12/01/2015 07:58 PM, Hailiang Zhang wrote:
> On 2015/12/1 18:40, Dr. David Alan Gilbert wrote:
>> * Wen Congyang (we...@cn.fujitsu.com) wrote:
>>> Block replication is a very important feature which is used for
>>> continuous checkpoints(for example: COLO).
>>>
>>> You can get the detailed information about block replication from here:
>>> http://wiki.qemu.org/Features/BlockReplication
>>>
>>> Usage:
>>> Please refer to docs/block-replication.txt
>>>
>>> This patch series is based on the following patch series:
>>> 1. http://lists.nongnu.org/archive/html/qemu-devel/2015-11/msg04949.html
>>> 2. http://lists.nongnu.org/archive/html/qemu-devel/2015-11/msg06043.html
>>>
>>> You can get the patch here:
>>> https://github.com/coloft/qemu/tree/wency/block-replication-v12
>>>
>>> You can get the patch with framework here:
>>> https://github.com/coloft/qemu/tree/wency/colo_framework_v11.2
>>
>> Neither of these links work for me, and I see that  only messages 0..7 in the
>> series hit the list.
>>
> 
> Hi Dave,
> 
> You can refer to https://github.com/coloft/qemu/tree/colo-v2.2-periodic-mode,
> The block replication part in this link is also the newest version.

No, I remove one patch, and the usage is changed.

Thanks
Wen Congyang

> 
> Congyang has deleted this confused branch, we will pay attention to this 
> later in next version.
> 
> Thanks,
> Hailiang
> 
>>
>>>
>>> TODO:
>>> 1. Continuous block replication. It will be started after basic functions
>>> are accepted.
>>>
>>> Changs Log:
>>> V12:
>>> 1. Rebase to the newest codes
>>> 2. Use backing reference to replcace 'allow-write-backing-file'
>>> V11:
>>> 1. Reopen the backing file when starting blcok replication if it is not
>>> opened in R/W mode
>>> 2. Unblock BLOCK_OP_TYPE_BACKUP_SOURCE and BLOCK_OP_TYPE_BACKUP_TARGET
>>> when opening backing file
>>> 3. Block the top BDS so there is only one block job for the top BDS and
>>> its backing chain.
>>> V10:
>>> 1. Use blockdev-remove-medium and blockdev-insert-medium to replace backing
>>> reference.
>>> 2. Address the comments from Eric Blake
>>> V9:
>>> 1. Update the error messages
>>> 2. Rebase to the newest qemu
>>> 3. Split child add/delete support. These patches are sent in another 
>>> patchset.
>>> V8:
>>> 1. Address Alberto Garcia's comments
>>> V7:
>>> 1. Implement adding/removing quorum child. Remove the option non-connect.
>>> 2. Simplify the backing refrence option according to Stefan Hajnoczi's 
>>> suggestion
>>> V6:
>>> 1. Rebase to the newest qemu.
>>> V5:
>>> 1. Address the comments from Gong Lei
>>> 2. Speed the failover up. The secondary vm can take over very quickly even
>>> if there are too many I/O requests.
>>> V4:
>>> 1. Introduce a new driver replication to avoid touch nbd and qcow2.
>>> V3:
>>> 1: use error_setg() instead of error_set()
>>> 2. Add a new block job API
>>> 3. Active disk, hidden disk and nbd target uses the same AioContext
>>> 4. Add a testcase to test new hbitmap API
>>> V2:
>>> 1. Redesign the secondary qemu(use image-fleecing)
>>> 2. Use Error objects to return error message
>>> 3. Address the comments from Max Reitz and Eric Blake
>>>
>>> Wen Congyang (10):
>>>unblock backup operations in backing file
>>>Store parent BDS in BdrvChild
>>>Backup: clear all bitmap when doing block checkpoint
>>>Allow creating backup jobs when opening BDS
>>>docs: block replication's description
>>>Add new block driver interfaces to control block replication
>>>quorum: implement block driver interfaces for block replication
>>>Implement new driver for block replication
>>>support replication driver in blockdev-add
>>>Add a new API to start/stop replication, do checkpoint to all BDSes
>>>
>>>   block.c| 145 
>>>   block/Makefile.objs|   3 +-
>>>   block/backup.c |  14 ++
>>>   block/quorum.c |  78 +++
>>>   block/replication.c| 549 
>>> +
>>>   blockjob.c |  11 +
>>>   docs/block-replication.txt | 227 +++
>>>   include/block/block.h  |   9 +
>>>   include/block/block_int.h  |  15 ++
>>>   include/block/blockjob.h   |  12 +
>>>   qapi/block-core.json   |  34 ++-
>>>   11 files changed, 1093 insertions(+), 4 deletions(-)
>>>   create mode 100644 block/replication.c
>>>   create mode 100644 docs/block-replication.txt
>>>
>>> -- 
>>> 2.5.0
>>>
>>>
>>>
>> -- 
>> Dr. David Alan Gilbert / dgilb...@redhat.com / Manchester, UK
>>
>>
>> .
>>
> 
> 
> 
> 
> .
> 

[Qemu-devel] [PATCH 09/16] acpi: Remove ram size fields fron PcGuestInfo

[Eduardo Habkost]

The ACPI code can use the PCMachineState fields directly.

Signed-off-by: Eduardo Habkost 
---
 hw/i386/acpi-build.c | 10 +-
 hw/i386/pc.c |  2 --
 include/hw/i386/pc.h |  1 -
 3 files changed, 5 insertions(+), 8 deletions(-)

diff --git a/hw/i386/acpi-build.c b/hw/i386/acpi-build.c
index 8841798..9f2129d 100644
--- a/hw/i386/acpi-build.c
+++ b/hw/i386/acpi-build.c
@@ -1505,17 +1505,17 @@ build_srat(GArray *table_data, GArray *linker, 
PCMachineState *pcms)
 next_base = mem_base + mem_len;
 
 /* Cut out the ACPI_PCI hole */
-if (mem_base <= guest_info->ram_size_below_4g &&
-next_base > guest_info->ram_size_below_4g) {
-mem_len -= next_base - guest_info->ram_size_below_4g;
+if (mem_base <= pcms->below_4g_mem_size &&
+next_base > pcms->below_4g_mem_size) {
+mem_len -= next_base - pcms->below_4g_mem_size;
 if (mem_len > 0) {
 numamem = acpi_data_push(table_data, sizeof *numamem);
 acpi_build_srat_memory(numamem, mem_base, mem_len, i - 1,
MEM_AFFINITY_ENABLED);
 }
 mem_base = 1ULL << 32;
-mem_len = next_base - guest_info->ram_size_below_4g;
-next_base += (1ULL << 32) - guest_info->ram_size_below_4g;
+mem_len = next_base - pcms->below_4g_mem_size;
+next_base += (1ULL << 32) - pcms->below_4g_mem_size;
 }
 numamem = acpi_data_push(table_data, sizeof *numamem);
 acpi_build_srat_memory(numamem, mem_base, mem_len, i - 1,
diff --git a/hw/i386/pc.c b/hw/i386/pc.c
index fc98a20..8687adb 100644
--- a/hw/i386/pc.c
+++ b/hw/i386/pc.c
@@ -1187,8 +1187,6 @@ PcGuestInfo *pc_guest_info_init(PCMachineState *pcms)
 PcGuestInfo *guest_info = >acpi_guest_info;
 int i, j;
 
-guest_info->ram_size_below_4g = pcms->below_4g_mem_size;
-guest_info->ram_size = pcms->below_4g_mem_size + pcms->above_4g_mem_size;
 guest_info->apic_id_limit = pc_apic_id_limit(max_cpus);
 guest_info->apic_xrupt_override = kvm_allows_irq0_override();
 guest_info->numa_nodes = nb_numa_nodes;
diff --git a/include/hw/i386/pc.h b/include/hw/i386/pc.h
index 1be2641..6cb9ca8 100644
--- a/include/hw/i386/pc.h
+++ b/include/hw/i386/pc.h
@@ -23,7 +23,6 @@
 /* Machine info for ACPI build: */
 struct PcGuestInfo {
 bool isapc_ram_fw;
-hwaddr ram_size, ram_size_below_4g;
 unsigned apic_id_limit;
 bool apic_xrupt_override;
 uint64_t numa_nodes;
-- 
2.1.0

[Qemu-devel] [PATCH 02/16] pc: Eliminate struct PcGuestInfoState

[Eduardo Habkost]

Instead of allocating a new struct just for PcGuestInfo and the
mchine_done Notifier, place them inside PCMachineState.

Signed-off-by: Eduardo Habkost 
---
 hw/i386/pc.c | 27 ++-
 include/hw/i386/pc.h |  2 ++
 2 files changed, 12 insertions(+), 17 deletions(-)

diff --git a/hw/i386/pc.c b/hw/i386/pc.c
index f32000a..30cdfaf 100644
--- a/hw/i386/pc.c
+++ b/hw/i386/pc.c
@@ -1155,18 +1155,12 @@ typedef struct PcRomPciInfo {
 uint64_t w64_max;
 } PcRomPciInfo;
 
-typedef struct PcGuestInfoState {
-PcGuestInfo info;
-Notifier machine_done;
-} PcGuestInfoState;
-
 static
-void pc_guest_info_machine_done(Notifier *notifier, void *data)
+void pc_machine_done(Notifier *notifier, void *data)
 {
-PcGuestInfoState *guest_info_state = container_of(notifier,
-  PcGuestInfoState,
-  machine_done);
-PCIBus *bus = PC_MACHINE(qdev_get_machine())->bus;
+PCMachineState *pcms = container_of(notifier,
+PCMachineState, machine_done);
+PCIBus *bus = pcms->bus;
 
 if (bus) {
 int extra_hosts = 0;
@@ -1177,21 +1171,20 @@ void pc_guest_info_machine_done(Notifier *notifier, 
void *data)
 extra_hosts++;
 }
 }
-if (extra_hosts && guest_info_state->info.fw_cfg) {
+if (extra_hosts && pcms->acpi_guest_info.fw_cfg) {
 uint64_t *val = g_malloc(sizeof(*val));
 *val = cpu_to_le64(extra_hosts);
-fw_cfg_add_file(guest_info_state->info.fw_cfg,
+fw_cfg_add_file(pcms->acpi_guest_info.fw_cfg,
 "etc/extra-pci-roots", val, sizeof(*val));
 }
 }
 
-acpi_setup(_info_state->info);
+acpi_setup(>acpi_guest_info);
 }
 
 PcGuestInfo *pc_guest_info_init(PCMachineState *pcms)
 {
-PcGuestInfoState *guest_info_state = g_malloc0(sizeof *guest_info_state);
-PcGuestInfo *guest_info = _info_state->info;
+PcGuestInfo *guest_info = >acpi_guest_info;
 int i, j;
 
 guest_info->ram_size_below_4g = pcms->below_4g_mem_size;
@@ -1219,8 +1212,8 @@ PcGuestInfo *pc_guest_info_init(PCMachineState *pcms)
 }
 }
 
-guest_info_state->machine_done.notify = pc_guest_info_machine_done;
-qemu_add_machine_init_done_notifier(_info_state->machine_done);
+pcms->machine_done.notify = pc_machine_done;
+qemu_add_machine_init_done_notifier(>machine_done);
 return guest_info;
 }
 
diff --git a/include/hw/i386/pc.h b/include/hw/i386/pc.h
index a74bded..61aa6ee 100644
--- a/include/hw/i386/pc.h
+++ b/include/hw/i386/pc.h
@@ -55,6 +55,8 @@ struct PCMachineState {
 OnOffAuto smm;
 ram_addr_t below_4g_mem_size, above_4g_mem_size;
 PCIBus *bus;
+PcGuestInfo acpi_guest_info;
+Notifier machine_done;
 };
 
 #define PC_MACHINE_ACPI_DEVICE_PROP "acpi-device"
-- 
2.1.0

[Qemu-devel] [PATCH 03/16] pc: Remove guest_info parameter from pc_memory_init()

[Eduardo Habkost]

We can get the PcGuestInfo struct directly from PCMachineState.

Signed-off-by: Eduardo Habkost 
---
 hw/i386/pc.c | 4 ++--
 hw/i386/pc_piix.c| 2 +-
 hw/i386/pc_q35.c | 2 +-
 include/hw/i386/pc.h | 3 +--
 4 files changed, 5 insertions(+), 6 deletions(-)

diff --git a/hw/i386/pc.c b/hw/i386/pc.c
index 30cdfaf..a17e5b3e 100644
--- a/hw/i386/pc.c
+++ b/hw/i386/pc.c
@@ -1279,9 +1279,9 @@ FWCfgState *xen_load_linux(PCMachineState *pcms,
 FWCfgState *pc_memory_init(PCMachineState *pcms,
MemoryRegion *system_memory,
MemoryRegion *rom_memory,
-   MemoryRegion **ram_memory,
-   PcGuestInfo *guest_info)
+   MemoryRegion **ram_memory)
 {
+PcGuestInfo *guest_info = >acpi_guest_info;
 int linux_boot, i;
 MemoryRegion *ram, *option_rom_mr;
 MemoryRegion *ram_below_4g, *ram_above_4g;
diff --git a/hw/i386/pc_piix.c b/hw/i386/pc_piix.c
index 9718d7b..f7bc1c0 100644
--- a/hw/i386/pc_piix.c
+++ b/hw/i386/pc_piix.c
@@ -161,7 +161,7 @@ static void pc_init1(MachineState *machine,
 /* allocate ram and load rom/bios */
 if (!xen_enabled()) {
 pc_memory_init(pcms, system_memory,
-   rom_memory, _memory, guest_info);
+   rom_memory, _memory);
 } else if (machine->kernel_filename != NULL) {
 /* For xen HVM direct kernel boot, load linux here */
 xen_load_linux(pcms, guest_info);
diff --git a/hw/i386/pc_q35.c b/hw/i386/pc_q35.c
index 9da751b..7563bca 100644
--- a/hw/i386/pc_q35.c
+++ b/hw/i386/pc_q35.c
@@ -153,7 +153,7 @@ static void pc_q35_init(MachineState *machine)
 /* allocate ram and load rom/bios */
 if (!xen_enabled()) {
 pc_memory_init(pcms, get_system_memory(),
-   rom_memory, _memory, guest_info);
+   rom_memory, _memory);
 }
 
 /* irq lines */
diff --git a/include/hw/i386/pc.h b/include/hw/i386/pc.h
index 61aa6ee..1be2641 100644
--- a/include/hw/i386/pc.h
+++ b/include/hw/i386/pc.h
@@ -211,8 +211,7 @@ FWCfgState *xen_load_linux(PCMachineState *pcms,
 FWCfgState *pc_memory_init(PCMachineState *pcms,
MemoryRegion *system_memory,
MemoryRegion *rom_memory,
-   MemoryRegion **ram_memory,
-   PcGuestInfo *guest_info);
+   MemoryRegion **ram_memory);
 qemu_irq pc_allocate_cpu_irq(void);
 DeviceState *pc_vga_init(ISABus *isa_bus, PCIBus *pci_bus);
 void pc_basic_device_init(ISABus *isa_bus, qemu_irq *gsi,
-- 
2.1.0

[Qemu-devel] [PATCH 07/16] acpi: Make acpi_build() get PCMachineState as argument

[Eduardo Habkost]

Some PCMachineState and PCMachineClass fields will be used by
acpi_build().

Signed-off-by: Eduardo Habkost 
---
 hw/i386/acpi-build.c | 7 ---
 1 file changed, 4 insertions(+), 3 deletions(-)

diff --git a/hw/i386/acpi-build.c b/hw/i386/acpi-build.c
index ca11c88..b1548e7 100644
--- a/hw/i386/acpi-build.c
+++ b/hw/i386/acpi-build.c
@@ -1683,8 +1683,9 @@ static bool acpi_has_iommu(void)
 }
 
 static
-void acpi_build(PcGuestInfo *guest_info, AcpiBuildTables *tables)
+void acpi_build(PCMachineState *pcms, AcpiBuildTables *tables)
 {
+PcGuestInfo *guest_info = >acpi_guest_info;
 GArray *table_offsets;
 unsigned facs, ssdt, dsdt, rsdt;
 AcpiCpuInfo cpu;
@@ -1855,7 +1856,7 @@ static void acpi_build_update(void *build_opaque, 
uint32_t offset)
 
 acpi_build_tables_init();
 
-acpi_build(_state->pcms->acpi_guest_info, );
+acpi_build(build_state->pcms, );
 
 acpi_ram_update(build_state->table_mr, tables.table_data);
 
@@ -1921,7 +1922,7 @@ void acpi_setup(PCMachineState *pcms)
 acpi_set_pci_info();
 
 acpi_build_tables_init();
-acpi_build(_state->pcms->acpi_guest_info, );
+acpi_build(build_state->pcms, );
 
 /* Now expose it all to Guest */
 build_state->table_mr = acpi_add_rom_blob(build_state, tables.table_data,
-- 
2.1.0

[Qemu-devel] [PATCH 13/16] q35: Remove MCHPCIState.guest_info field

[Eduardo Habkost]

The field is not used for anything.

Signed-off-by: Eduardo Habkost 
---
 hw/i386/pc_q35.c  | 1 -
 include/hw/pci-host/q35.h | 1 -
 2 files changed, 2 deletions(-)

diff --git a/hw/i386/pc_q35.c b/hw/i386/pc_q35.c
index f124e59..ad7a51e 100644
--- a/hw/i386/pc_q35.c
+++ b/hw/i386/pc_q35.c
@@ -175,7 +175,6 @@ static void pc_q35_init(MachineState *machine)
 q35_host->mch.address_space_io = get_system_io();
 q35_host->mch.below_4g_mem_size = pcms->below_4g_mem_size;
 q35_host->mch.above_4g_mem_size = pcms->above_4g_mem_size;
-q35_host->mch.guest_info = guest_info;
 /* pci */
 qdev_init_nofail(DEVICE(q35_host));
 phb = PCI_HOST_BRIDGE(q35_host);
diff --git a/include/hw/pci-host/q35.h b/include/hw/pci-host/q35.h
index dbe6dc0..c5c073d 100644
--- a/include/hw/pci-host/q35.h
+++ b/include/hw/pci-host/q35.h
@@ -59,7 +59,6 @@ typedef struct MCHPCIState {
 ram_addr_t below_4g_mem_size;
 ram_addr_t above_4g_mem_size;
 uint64_t pci_hole64_size;
-PcGuestInfo *guest_info;
 uint32_t short_root_bus;
 IntelIOMMUState *iommu;
 } MCHPCIState;
-- 
2.1.0

[Qemu-devel] [PATCH 16/16] pc: Move APIC and NUMA data from PcGuestInfo to PCMachineState

[Eduardo Habkost]

With this, we can eliminate struct PcGuestInfo completely.

Signed-off-by: Eduardo Habkost 
---
 hw/i386/acpi-build.c | 25 +++--
 hw/i386/pc.c | 23 ++-
 include/hw/i386/pc.h | 15 +--
 3 files changed, 26 insertions(+), 37 deletions(-)

diff --git a/hw/i386/acpi-build.c b/hw/i386/acpi-build.c
index cdbe5b9..3c7af74 100644
--- a/hw/i386/acpi-build.c
+++ b/hw/i386/acpi-build.c
@@ -368,7 +368,6 @@ static void
 build_madt(GArray *table_data, GArray *linker, AcpiCpuInfo *cpu,
PCMachineState *pcms)
 {
-PcGuestInfo *guest_info = >acpi_guest_info;
 int madt_start = table_data->len;
 
 AcpiMultipleApicTable *madt;
@@ -381,7 +380,7 @@ build_madt(GArray *table_data, GArray *linker, AcpiCpuInfo 
*cpu,
 madt->local_apic_address = cpu_to_le32(APIC_DEFAULT_ADDRESS);
 madt->flags = cpu_to_le32(1);
 
-for (i = 0; i < guest_info->apic_id_limit; i++) {
+for (i = 0; i < pcms->apic_id_limit; i++) {
 AcpiMadtProcessorApic *apic = acpi_data_push(table_data, sizeof *apic);
 apic->type = ACPI_APIC_PROCESSOR;
 apic->length = sizeof(*apic);
@@ -929,11 +928,11 @@ static Aml *build_crs(PCIHostState *host,
 static void
 build_ssdt(GArray *table_data, GArray *linker,
AcpiCpuInfo *cpu, AcpiPmInfo *pm, AcpiMiscInfo *misc,
-   PcPciInfo *pci, PcGuestInfo *guest_info)
+   PcPciInfo *pci, PCMachineState *pcms)
 {
-MachineState *machine = MACHINE(qdev_get_machine());
+MachineState *machine = MACHINE(pcms);
 uint32_t nr_mem = machine->ram_slots;
-unsigned acpi_cpus = guest_info->apic_id_limit;
+unsigned acpi_cpus = pcms->apic_id_limit;
 Aml *ssdt, *sb_scope, *scope, *pkg, *dev, *method, *crs, *field, *ifctx;
 PCIBus *bus = NULL;
 GPtrArray *io_ranges = g_ptr_array_new_with_free_func(crs_range_free);
@@ -1456,7 +1455,6 @@ acpi_build_srat_memory(AcpiSratMemoryAffinity *numamem, 
uint64_t base,
 static void
 build_srat(GArray *table_data, GArray *linker, PCMachineState *pcms)
 {
-PcGuestInfo *guest_info = >acpi_guest_info;
 AcpiSystemResourceAffinityTable *srat;
 AcpiSratProcessorAffinity *core;
 AcpiSratMemoryAffinity *numamem;
@@ -1475,12 +1473,12 @@ build_srat(GArray *table_data, GArray *linker, 
PCMachineState *pcms)
 srat->reserved1 = cpu_to_le32(1);
 core = (void *)(srat + 1);
 
-for (i = 0; i < guest_info->apic_id_limit; ++i) {
+for (i = 0; i < pcms->apic_id_limit; ++i) {
 core = acpi_data_push(table_data, sizeof *core);
 core->type = ACPI_SRAT_PROCESSOR;
 core->length = sizeof(*core);
 core->local_apic_id = i;
-curnode = guest_info->node_cpu[i];
+curnode = pcms->node_cpu[i];
 core->proximity_lo = curnode;
 memset(core->proximity_hi, 0, 3);
 core->local_sapic_eid = 0;
@@ -1497,9 +1495,9 @@ build_srat(GArray *table_data, GArray *linker, 
PCMachineState *pcms)
 numamem = acpi_data_push(table_data, sizeof *numamem);
 acpi_build_srat_memory(numamem, 0, 640*1024, 0, MEM_AFFINITY_ENABLED);
 next_base = 1024 * 1024;
-for (i = 1; i < guest_info->numa_nodes + 1; ++i) {
+for (i = 1; i < pcms->numa_nodes + 1; ++i) {
 mem_base = next_base;
-mem_len = guest_info->node_mem[i - 1];
+mem_len = pcms->node_mem[i - 1];
 if (i == 1) {
 mem_len -= 1024 * 1024;
 }
@@ -1523,7 +1521,7 @@ build_srat(GArray *table_data, GArray *linker, 
PCMachineState *pcms)
MEM_AFFINITY_ENABLED);
 }
 slots = (table_data->len - numa_start) / sizeof *numamem;
-for (; slots < guest_info->numa_nodes + 2; slots++) {
+for (; slots < pcms->numa_nodes + 2; slots++) {
 numamem = acpi_data_push(table_data, sizeof *numamem);
 acpi_build_srat_memory(numamem, 0, 0, 0, MEM_AFFINITY_NOFLAGS);
 }
@@ -1686,7 +1684,6 @@ static bool acpi_has_iommu(void)
 static
 void acpi_build(PCMachineState *pcms, AcpiBuildTables *tables)
 {
-PcGuestInfo *guest_info = >acpi_guest_info;
 PCMachineClass *pcmc = PC_MACHINE_GET_CLASS(pcms);
 GArray *table_offsets;
 unsigned facs, ssdt, dsdt, rsdt;
@@ -1737,7 +1734,7 @@ void acpi_build(PCMachineState *pcms, AcpiBuildTables 
*tables)
 ssdt = tables_blob->len;
 acpi_add_table(table_offsets, tables_blob);
 build_ssdt(tables_blob, tables->linker, , , , ,
-   guest_info);
+   pcms);
 aml_len += tables_blob->len - ssdt;
 
 acpi_add_table(table_offsets, tables_blob);
@@ -1756,7 +1753,7 @@ void acpi_build(PCMachineState *pcms, AcpiBuildTables 
*tables)
 build_tpm2(tables_blob, tables->linker);
 }
 }
-if (guest_info->numa_nodes) {
+if (pcms->numa_nodes) {
 acpi_add_table(table_offsets, tables_blob);
 build_srat(tables_blob, tables->linker, pcms);
 }
diff --git a/hw/i386/pc.c b/hw/i386/pc.c
index f399d14..bcd4351 100644
--- 

[Qemu-devel] [PATCH 10/16] pc: Move PcGuestInfo.fw_cfg field to PCMachineState

[Eduardo Habkost]

Signed-off-by: Eduardo Habkost 
---
 hw/i386/acpi-build.c | 6 +++---
 hw/i386/pc.c | 8 
 include/hw/i386/pc.h | 2 +-
 3 files changed, 8 insertions(+), 8 deletions(-)

diff --git a/hw/i386/acpi-build.c b/hw/i386/acpi-build.c
index 9f2129d..efc4151 100644
--- a/hw/i386/acpi-build.c
+++ b/hw/i386/acpi-build.c
@@ -1900,7 +1900,7 @@ void acpi_setup(PCMachineState *pcms)
 AcpiBuildTables tables;
 AcpiBuildState *build_state;
 
-if (!guest_info->fw_cfg) {
+if (!pcms->fw_cfg) {
 ACPI_BUILD_DPRINTF("No fw cfg. Bailing out.\n");
 return;
 }
@@ -1933,7 +1933,7 @@ void acpi_setup(PCMachineState *pcms)
 build_state->linker_mr =
 acpi_add_rom_blob(build_state, tables.linker, "etc/table-loader", 0);
 
-fw_cfg_add_file(guest_info->fw_cfg, ACPI_BUILD_TPMLOG_FILE,
+fw_cfg_add_file(pcms->fw_cfg, ACPI_BUILD_TPMLOG_FILE,
 tables.tcpalog->data, acpi_data_len(tables.tcpalog));
 
 if (!guest_info->rsdp_in_ram) {
@@ -1945,7 +1945,7 @@ void acpi_setup(PCMachineState *pcms)
 uint32_t rsdp_size = acpi_data_len(tables.rsdp);
 
 build_state->rsdp = g_memdup(tables.rsdp->data, rsdp_size);
-fw_cfg_add_file_callback(guest_info->fw_cfg, ACPI_BUILD_RSDP_FILE,
+fw_cfg_add_file_callback(pcms->fw_cfg, ACPI_BUILD_RSDP_FILE,
  acpi_build_update, build_state,
  build_state->rsdp, rsdp_size);
 build_state->rsdp_mr = NULL;
diff --git a/hw/i386/pc.c b/hw/i386/pc.c
index 8687adb..a219187 100644
--- a/hw/i386/pc.c
+++ b/hw/i386/pc.c
@@ -1171,10 +1171,10 @@ void pc_machine_done(Notifier *notifier, void *data)
 extra_hosts++;
 }
 }
-if (extra_hosts && pcms->acpi_guest_info.fw_cfg) {
+if (extra_hosts && pcms->fw_cfg) {
 uint64_t *val = g_malloc(sizeof(*val));
 *val = cpu_to_le64(extra_hosts);
-fw_cfg_add_file(pcms->acpi_guest_info.fw_cfg,
+fw_cfg_add_file(pcms->fw_cfg,
 "etc/extra-pci-roots", val, sizeof(*val));
 }
 }
@@ -1270,7 +1270,7 @@ FWCfgState *xen_load_linux(PCMachineState *pcms,
!strcmp(option_rom[i].name, "multiboot.bin"));
 rom_add_option(option_rom[i].name, option_rom[i].bootindex);
 }
-guest_info->fw_cfg = fw_cfg;
+pcms->fw_cfg = fw_cfg;
 return fw_cfg;
 }
 
@@ -1400,7 +1400,7 @@ FWCfgState *pc_memory_init(PCMachineState *pcms,
 for (i = 0; i < nb_option_roms; i++) {
 rom_add_option(option_rom[i].name, option_rom[i].bootindex);
 }
-guest_info->fw_cfg = fw_cfg;
+pcms->fw_cfg = fw_cfg;
 return fw_cfg;
 }
 
diff --git a/include/hw/i386/pc.h b/include/hw/i386/pc.h
index 6cb9ca8..03750bc 100644
--- a/include/hw/i386/pc.h
+++ b/include/hw/i386/pc.h
@@ -28,7 +28,6 @@ struct PcGuestInfo {
 uint64_t numa_nodes;
 uint64_t *node_mem;
 uint64_t *node_cpu;
-FWCfgState *fw_cfg;
 int legacy_acpi_table_size;
 bool has_acpi_build;
 bool has_reserved_memory;
@@ -56,6 +55,7 @@ struct PCMachineState {
 PCIBus *bus;
 PcGuestInfo acpi_guest_info;
 Notifier machine_done;
+FWCfgState *fw_cfg;
 };
 
 #define PC_MACHINE_ACPI_DEVICE_PROP "acpi-device"
-- 
2.1.0

Re: [Qemu-devel] [Qemu-ppc] [PATCH 41/77] ppc/pnv: Add LPC controller and hook it up with a UART and RTC

[Alexey Kardashevskiy]

On 12/01/2015 05:43 PM, David Gibson wrote:

On Tue, Nov 17, 2015 at 11:40:04AM +1100, Benjamin Herrenschmidt wrote:

On Tue, 2015-11-17 at 11:32 +1100, Alexey Kardashevskiy wrote:

On 11/11/2015 11:27 AM, Benjamin Herrenschmidt wrote:

This adds a model of the POWER8 LPC controller. It is then used
by the PowerNV code to attach a UART and RTC, which, with the right
version of OPAL firmware, will provide a working console.

This version of the LPC controller model doesn't yet implement
support for the SerIRQ deserializer present in the Naples version
of the chip though some preliminary work is there.



Is this LPC controller one per a chip or per a machine?


Per chip but we usually only wire one up per machine.


In general it is quite nice when "-nodefaults" does not create
neither PHB nor LPC so the user can add them manually with parameters
different than defaults.


In this case though, PHB and LPC bridges are all part of the P8 chip,
and I'm trying to represent that topology as best as possible.

I think "-nodefaults" for Pnv should only be about the devices we
attach to the LPC/PHB not the busses themselves.


Exactly what is and isn't covered by -nodefaults is a bit of a mess -
part of the topic of my talk at KVM Forum.

But on the whole I agree with you, since the LPC is part of the P8
chip, I think it makes sense to include it even with -nodefaults.


POWER8 chips all have 8 threads per core but we do not always assume -smt 
...,threads=8, how are LPC or PHB different? PHB is more interesting - how 
is the user supposed to add more? And there always will be the default one 
which properties are set in a separate way (via -global, not -device). I 
found it sometime really annoying to debug the existing pseries which 
always adds a default PHB (I know, this was to make libvirt happy but this 
is not the case here).


Out of curiosity - if we have 2 chips, will the system work if the second 
chip does not get any LPC or PHB attached?



--
Alexey

Re: [Qemu-devel] [PATCH v4 03/11] dump-guest-memory: using static DumpState, add DumpStatus

[Peter Xu]

On Wed, Dec 02, 2015 at 08:46:49AM +0800, Fam Zheng wrote:
> On Tue, 12/01 21:28, Peter Xu wrote:
> > +if (*errp) {
> > +s->status = DUMP_STATUS_FAILED;
> > +} else {
> > +s->status = DUMP_STATUS_COMPLETED;
> > +}
> > +
> 
> To detect error, it's better to use local_err plus error_propagate like a few
> lines above. errp _can_ be NULL depending on callers, though in practice qmp
> functions should get a non-NULL.

Yes, you are right. I will make sure all the error handlings in the
patch set are using local error variables, and call
error_propagate() afterward.

Thanks.
Peter

> > Fam

Re: [Qemu-devel] [PATCH v4 05/11] dump-guest-memory: introduce dump_process() helper function.

[Fam Zheng]

On Tue, 12/01 21:28, Peter Xu wrote:
> No functional change. Cleanup only.
> 
> Signed-off-by: Peter Xu 
> ---
>  dump.c| 35 ++-
>  include/sysemu/dump.h |  3 +++
>  2 files changed, 25 insertions(+), 13 deletions(-)
> 
> diff --git a/dump.c b/dump.c
> index 3cf75db..e46749d 100644
> --- a/dump.c
> +++ b/dump.c
> @@ -1441,6 +1441,9 @@ static void dump_init(DumpState *s, int fd, bool 
> has_format,
>  Error *err = NULL;
>  int ret;
>  
> +s->has_format = has_format;
> +s->format = format;
> +
>  /* kdump-compressed is conflict with paging and filter */
>  if (has_format && format != DUMP_GUEST_MEMORY_FORMAT_ELF) {
>  assert(!paging && !has_filter);
> @@ -1594,6 +1597,24 @@ cleanup:
>  dump_cleanup(s);
>  }
>  
> +/* this operation might be time consuming. */
> +static void dump_process(DumpState *s, Error **errp)
> +{
> +if (s->has_format && s->format != DUMP_GUEST_MEMORY_FORMAT_ELF) {
> +create_kdump_vmcore(s, errp);
> +} else {
> +create_vmcore(s, errp);
> +}
> +
> +if (*errp) {
> +s->status = DUMP_STATUS_FAILED;
> +} else {
> +s->status = DUMP_STATUS_COMPLETED;
> +}

As in patch 3, this should use local_err + error_propagate.

> +
> +dump_cleanup(s);
> +}
> +
>  void qmp_dump_guest_memory(bool paging, const char *file,
> bool has_detach, bool detach,
> bool has_begin, int64_t begin, bool has_length,
> @@ -1679,19 +1700,7 @@ void qmp_dump_guest_memory(bool paging, const char 
> *file,
>  return;
>  }
>  
> -if (has_format && format != DUMP_GUEST_MEMORY_FORMAT_ELF) {
> -create_kdump_vmcore(s, errp);
> -} else {
> -create_vmcore(s, errp);
> -}
> -
> -if (*errp) {
> -s->status = DUMP_STATUS_FAILED;
> -} else {
> -s->status = DUMP_STATUS_COMPLETED;
> -}
> -
> -dump_cleanup(s);
> +dump_process(s, errp);
>  }
>  
>  DumpGuestMemoryCapability *qmp_query_dump_guest_memory_capability(Error 
> **errp)
> diff --git a/include/sysemu/dump.h b/include/sysemu/dump.h
> index affef38..d6f4a9c 100644
> --- a/include/sysemu/dump.h
> +++ b/include/sysemu/dump.h
> @@ -185,6 +185,9 @@ typedef struct DumpState {
>  size_t num_dumpable;/* number of page that can be dumped */
>  uint32_t flag_compress; /* indicate the compression format */
>  DumpStatus status;  /* current dump status */
> +
> +bool has_format;  /* whether format is provided */
> +DumpGuestMemoryFormat format; /* valid only if has_format == true */
>  } DumpState;
>  
>  uint16_t cpu_to_dump16(DumpState *s, uint16_t val);
> -- 
> 2.4.3
> 

Re: [Qemu-devel] [PATCH v4 06/11] dump-guest-memory: disable dump when in INMIGRATE state

[Fam Zheng]

On Tue, 12/01 21:28, Peter Xu wrote:
> Signed-off-by: Peter Xu 
> ---
>  dump.c | 6 +-
>  1 file changed, 5 insertions(+), 1 deletion(-)
> 
> diff --git a/dump.c b/dump.c
> index e46749d..65d1f7e 100644
> --- a/dump.c
> +++ b/dump.c
> @@ -1626,13 +1626,17 @@ void qmp_dump_guest_memory(bool paging, const char 
> *file,
>  DumpState *s;
>  Error *local_err = NULL;
>  
> +if (runstate_check(RUN_STATE_INMIGRATE)) {
> +error_setg(errp, "Dump not allowed during incoming migration.");
> +return;
> +}
> +
>  /* if there is a dump in background, we should wait until the dump
>   * finished */
>  if (dump_in_progress()) {
>  error_setg(errp, "There is a dump in process, please wait.");
>  return;
>  }
> -

Blank line change, please drop.

Fam

>  /*
>   * kdump-compressed format need the whole memory dumped, so paging or
>   * filter is not supported here.
> -- 
> 2.4.3
> 

Re: [Qemu-devel] [PATCH v4 09/11] DumpState: adding total_size and written_size fields

[Fam Zheng]

On Tue, 12/01 21:28, Peter Xu wrote:
> Here, total_size is the size in bytes to be dumped (raw data, which
> means before compression), while written_size are bytes handled (raw
> size too).
> 
> Signed-off-by: Peter Xu 
> ---
>  dump.c| 32 
>  include/sysemu/dump.h |  9 +
>  2 files changed, 41 insertions(+)
> 
> diff --git a/dump.c b/dump.c
> index 5b040b7..daa1f2c 100644
> --- a/dump.c
> +++ b/dump.c
> @@ -333,6 +333,8 @@ static void write_data(DumpState *s, void *buf, int 
> length, Error **errp)
>  if (ret < 0) {
>  error_setg(errp, "dump: failed to save memory");
>  }
> +
> +s->written_size += length;

If (ret < 0), the incremental is inaccurate, do we want an accurate
written_size in that case? I.e. put this in "else" branch?

>  }
>  
>  /* write the memory to vmcore. 1 page per I/O. */
> @@ -1301,6 +1303,7 @@ static void write_dump_pages(DumpState *s, Error **errp)
>  goto out;
>  }
>  }
> +s->written_size += TARGET_PAGE_SIZE;

The same question applies here.

>  }
>  
>  ret = write_cache(_desc, NULL, 0, true);
> @@ -1433,6 +1436,30 @@ bool dump_in_progress(void)
>  return (state->status == DUMP_STATUS_ACTIVE);
>  }
>  
> +/* calculate total size of memory to be dumped (taking filter into
> + * acoount.) */
> +static size_t dump_calculate_size(DumpState *s)

Is size_t big enough for 64 bit guest on 32 bit host (with 4 bytes size_t)?

> +{
> +GuestPhysBlock *block;
> +int64_t size = 0, total = 0, left = 0, right = 0;
> +
> +QTAILQ_FOREACH(block, >guest_phys_blocks.head, next) {
> +if (s->has_filter) {
> +/* calculate the overlapped region. */
> +left = MAX(s->begin, block->target_start);
> +right = MIN(s->begin + s->length, block->target_end);
> +size = right - left;
> +size = size > 0 ? size : 0;
> +} else {
> +/* count the whole region in */
> +size = (block->target_end - block->target_start);
> +}
> +total += size;
> +}
> +
> +return total;
> +}
> +
>  static void dump_init(DumpState *s, int fd, bool has_format,
>DumpGuestMemoryFormat format, bool paging, bool 
> has_filter,
>int64_t begin, int64_t length, Error **errp)
> @@ -1444,6 +1471,7 @@ static void dump_init(DumpState *s, int fd, bool 
> has_format,
>  
>  s->has_format = has_format;
>  s->format = format;
> +s->written_size = 0;
>  
>  /* kdump-compressed is conflict with paging and filter */
>  if (has_format && format != DUMP_GUEST_MEMORY_FORMAT_ELF) {
> @@ -1475,6 +1503,10 @@ static void dump_init(DumpState *s, int fd, bool 
> has_format,
>  
>  guest_phys_blocks_init(>guest_phys_blocks);
>  guest_phys_blocks_append(>guest_phys_blocks);
> +s->total_size = dump_calculate_size(s);
> +#ifdef DEBUG_DUMP_GUEST_MEMORY
> +fprintf(stderr, "DUMP: total memory to dump: %lu\n", s->total_size);
> +#endif
>  
>  s->start = get_start_block(s);
>  if (s->start == -1) {
> diff --git a/include/sysemu/dump.h b/include/sysemu/dump.h
> index 31930c6..9c5a46b 100644
> --- a/include/sysemu/dump.h
> +++ b/include/sysemu/dump.h
> @@ -189,6 +189,15 @@ typedef struct DumpState {
>  bool has_format;  /* whether format is provided */
>  DumpGuestMemoryFormat format; /* valid only if has_format == true */
>  QemuThread dump_thread;   /* thread for detached dump */
> +
> +size_t total_size;  /* total memory size (in bytes) to
> + * be dumped. When filter is
> + * enabled, this will only count
> + * those to be written. */
> +size_t written_size;/* written memory size (in bytes),
> + * this could be used to calculate
> + * how many work we have

s/many/much/

> + * finished. */
>  } DumpState;
>  
>  uint16_t cpu_to_dump16(DumpState *s, uint16_t val);
> -- 
> 2.4.3
> 

[Qemu-devel] [PATCH 14/16] acpi: Use PCMachineClass fields directly

[Eduardo Habkost]

Remove the fields: legacy_acpi_table_size, has_acpi_build,
has_reserved_memory, and rsdp_in_ram from PcGuestInfo, and let
the ACPI code use the PCMachineClass fields directly.

Signed-off-by: Eduardo Habkost 
---
 hw/i386/acpi-build.c | 11 ++-
 hw/i386/pc.c |  6 +++---
 hw/i386/pc_piix.c|  9 +
 hw/i386/pc_q35.c | 11 +--
 include/hw/i386/pc.h |  4 
 5 files changed, 11 insertions(+), 30 deletions(-)

diff --git a/hw/i386/acpi-build.c b/hw/i386/acpi-build.c
index efc4151..7771be7 100644
--- a/hw/i386/acpi-build.c
+++ b/hw/i386/acpi-build.c
@@ -1686,6 +1686,7 @@ static
 void acpi_build(PCMachineState *pcms, AcpiBuildTables *tables)
 {
 PcGuestInfo *guest_info = >acpi_guest_info;
+PCMachineClass *pcmc = PC_MACHINE_GET_CLASS(pcms);
 GArray *table_offsets;
 unsigned facs, ssdt, dsdt, rsdt;
 AcpiCpuInfo cpu;
@@ -1799,12 +1800,12 @@ void acpi_build(PCMachineState *pcms, AcpiBuildTables 
*tables)
  *
  * All this is for PIIX4, since QEMU 2.0 didn't support Q35 migration.
  */
-if (guest_info->legacy_acpi_table_size) {
+if (pcmc->legacy_acpi_table_size) {
 /* Subtracting aml_len gives the size of fixed tables.  Then add the
  * size of the PIIX4 DSDT/SSDT in QEMU 2.0.
  */
 int legacy_aml_len =
-guest_info->legacy_acpi_table_size +
+pcmc->legacy_acpi_table_size +
 ACPI_BUILD_LEGACY_CPU_AML_SIZE * max_cpus;
 int legacy_table_size =
 ROUND_UP(tables_blob->len - aml_len + legacy_aml_len,
@@ -1896,7 +1897,7 @@ static const VMStateDescription vmstate_acpi_build = {
 
 void acpi_setup(PCMachineState *pcms)
 {
-PcGuestInfo *guest_info = >acpi_guest_info;
+PCMachineClass *pcmc = PC_MACHINE_GET_CLASS(pcms);
 AcpiBuildTables tables;
 AcpiBuildState *build_state;
 
@@ -1905,7 +1906,7 @@ void acpi_setup(PCMachineState *pcms)
 return;
 }
 
-if (!guest_info->has_acpi_build) {
+if (!pcmc->has_acpi_build) {
 ACPI_BUILD_DPRINTF("ACPI build disabled. Bailing out.\n");
 return;
 }
@@ -1936,7 +1937,7 @@ void acpi_setup(PCMachineState *pcms)
 fw_cfg_add_file(pcms->fw_cfg, ACPI_BUILD_TPMLOG_FILE,
 tables.tcpalog->data, acpi_data_len(tables.tcpalog));
 
-if (!guest_info->rsdp_in_ram) {
+if (!pcmc->rsdp_in_ram) {
 /*
  * Keep for compatibility with old machine types.
  * Though RSDP is small, its contents isn't immutable, so
diff --git a/hw/i386/pc.c b/hw/i386/pc.c
index 82025e2..cdfdd52 100644
--- a/hw/i386/pc.c
+++ b/hw/i386/pc.c
@@ -1313,7 +1313,7 @@ FWCfgState *pc_memory_init(PCMachineState *pcms,
 e820_add_entry(0x1ULL, pcms->above_4g_mem_size, E820_RAM);
 }
 
-if (!guest_info->has_reserved_memory &&
+if (!pcmc->has_reserved_memory &&
 (machine->ram_slots ||
  (machine->maxram_size > machine->ram_size))) {
 MachineClass *mc = MACHINE_GET_CLASS(machine);
@@ -1324,7 +1324,7 @@ FWCfgState *pc_memory_init(PCMachineState *pcms,
 }
 
 /* initialize hotplug memory address space */
-if (guest_info->has_reserved_memory &&
+if (pcmc->has_reserved_memory &&
 (machine->ram_size < machine->maxram_size)) {
 ram_addr_t hotplug_mem_size =
 machine->maxram_size - machine->ram_size;
@@ -1379,7 +1379,7 @@ FWCfgState *pc_memory_init(PCMachineState *pcms,
 
 rom_set_fw(fw_cfg);
 
-if (guest_info->has_reserved_memory && pcms->hotplug_memory.base) {
+if (pcmc->has_reserved_memory && pcms->hotplug_memory.base) {
 uint64_t *val = g_malloc(sizeof(*val));
 PCMachineClass *pcmc = PC_MACHINE_GET_CLASS(pcms);
 uint64_t res_mem_end = pcms->hotplug_memory.base;
diff --git a/hw/i386/pc_piix.c b/hw/i386/pc_piix.c
index 1828cf8..f0c2dc8 100644
--- a/hw/i386/pc_piix.c
+++ b/hw/i386/pc_piix.c
@@ -83,7 +83,6 @@ static void pc_init1(MachineState *machine,
 MemoryRegion *ram_memory;
 MemoryRegion *pci_memory;
 MemoryRegion *rom_memory;
-PcGuestInfo *guest_info;
 ram_addr_t lowmem;
 
 /* Check whether RAM fits below 4G (leaving 1/2 GByte for IO memory).
@@ -140,13 +139,7 @@ static void pc_init1(MachineState *machine,
 rom_memory = system_memory;
 }
 
-guest_info = pc_guest_info_init(pcms);
-
-guest_info->has_acpi_build = pcmc->has_acpi_build;
-guest_info->legacy_acpi_table_size = pcmc->legacy_acpi_table_size;
-
-guest_info->has_reserved_memory = pcmc->has_reserved_memory;
-guest_info->rsdp_in_ram = pcmc->rsdp_in_ram;
+pc_guest_info_init(pcms);
 
 if (pcmc->smbios_defaults) {
 MachineClass *mc = MACHINE_GET_CLASS(machine);
diff --git a/hw/i386/pc_q35.c b/hw/i386/pc_q35.c
index ad7a51e..0907746 100644
--- a/hw/i386/pc_q35.c
+++ b/hw/i386/pc_q35.c
@@ -70,7 +70,6 @@ static void pc_q35_init(MachineState *machine)
 int i;
 ICH9LPCState *ich9_lpc;
 PCIDevice *ahci;
-

[Qemu-devel] [PATCH 08/16] acpi: Make build_srat() get PCMachineState as argument

[Eduardo Habkost]

Some PCMachineState and PCMachineClass fields will be used by
build_srat().

Signed-off-by: Eduardo Habkost 
---
 hw/i386/acpi-build.c | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/hw/i386/acpi-build.c b/hw/i386/acpi-build.c
index b1548e7..8841798 100644
--- a/hw/i386/acpi-build.c
+++ b/hw/i386/acpi-build.c
@@ -1453,8 +1453,9 @@ acpi_build_srat_memory(AcpiSratMemoryAffinity *numamem, 
uint64_t base,
 }
 
 static void
-build_srat(GArray *table_data, GArray *linker, PcGuestInfo *guest_info)
+build_srat(GArray *table_data, GArray *linker, PCMachineState *pcms)
 {
+PcGuestInfo *guest_info = >acpi_guest_info;
 AcpiSystemResourceAffinityTable *srat;
 AcpiSratProcessorAffinity *core;
 AcpiSratMemoryAffinity *numamem;
@@ -1463,7 +1464,6 @@ build_srat(GArray *table_data, GArray *linker, 
PcGuestInfo *guest_info)
 uint64_t curnode;
 int srat_start, numa_start, slots;
 uint64_t mem_len, mem_base, next_base;
-PCMachineState *pcms = PC_MACHINE(qdev_get_machine());
 ram_addr_t hotplugabble_address_space_size =
 object_property_get_int(OBJECT(pcms), PC_MACHINE_MEMHP_REGION_SIZE,
 NULL);
@@ -1756,7 +1756,7 @@ void acpi_build(PCMachineState *pcms, AcpiBuildTables 
*tables)
 }
 if (guest_info->numa_nodes) {
 acpi_add_table(table_offsets, tables_blob);
-build_srat(tables_blob, tables->linker, guest_info);
+build_srat(tables_blob, tables->linker, pcms);
 }
 if (acpi_get_mcfg()) {
 acpi_add_table(table_offsets, tables_blob);
-- 
2.1.0

[Qemu-devel] [PATCH] tests/vhost-user-test: Fix potential use-after-free

[David Gibson]

ae31fb5 "vhost-user-test: wrap server in TestServer struct" cleaned up
the handling of the test server in vhost-user-test.  Unfortunately it
introduced a subtle use-after-free if a race goes the wrong way.

When the server structure is freed inside test_server_free() the GThread
started earlier is still running inside g_main_loop_run().  That GMainLoop
still has handlers active which reference the server structure, so if those
trip before the program exits there's a use-after-free.

I've had difficulty reproducing this locally, but for some reason it seems
to trip every time on Travis builds - this has been breaking all my test
builds there, which is why I notced it.

This patch prevents the use after free.  Unfortunately it looks like there
are additional problems still breaking my Travis builds, but one problem
at a time.

Signed-off-by: David Gibson 
---
 tests/vhost-user-test.c | 14 ++
 1 file changed, 10 insertions(+), 4 deletions(-)

NOTE: I'm not sure if fixing the race like this is the right approach.
It might be simpler just to remove the test_server_free() entirely,
letting the structure leak, since the program is about to terminate
anyway.

diff --git a/tests/vhost-user-test.c b/tests/vhost-user-test.c
index e4c36af..c547165 100644
--- a/tests/vhost-user-test.c
+++ b/tests/vhost-user-test.c
@@ -216,9 +216,10 @@ static void read_guest_mem(TestServer *s)
 
 static void *thread_function(void *data)
 {
-GMainLoop *loop;
-loop = g_main_loop_new(NULL, FALSE);
-g_main_loop_run(loop);
+GMainLoop **loopp = data;
+
+*loopp = g_main_loop_new(NULL, FALSE);
+g_main_loop_run(*loopp);
 return NULL;
 }
 
@@ -590,6 +591,8 @@ int main(int argc, char **argv)
 char *qemu_cmd = NULL;
 int ret;
 char template[] = "/tmp/vhost-test-XX";
+GThread *thread;
+GMainLoop *loop;
 
 g_test_init(, , NULL);
 
@@ -613,7 +616,7 @@ int main(int argc, char **argv)
 server = test_server_new("test");
 
 /* run the main loop thread so the chardev may operate */
-g_thread_new(NULL, thread_function, NULL);
+thread = g_thread_new(NULL, thread_function, );
 
 qemu_cmd = GET_QEMU_CMD(server);
 
@@ -629,6 +632,9 @@ int main(int argc, char **argv)
 qtest_quit(s);
 }
 
+g_main_loop_quit(loop);
+g_thread_join(thread);
+
 /* cleanup */
 test_server_free(server);
 
-- 
2.5.0

Re: [Qemu-devel] [PATCH v4 01/11] dump-guest-memory: cleanup: removing dump_{error|cleanup}().

[Peter Xu]

On Wed, Dec 02, 2015 at 08:37:36AM +0800, Fam Zheng wrote:
> On Tue, 12/01 21:28, Peter Xu wrote:
> > It might be a little bit confusing to do dump_cleanup() in these two
> > functions and error prone. A better way is to do dump_cleanup()
> 
> I would say "It might be a little bit confusing and error prone to do
> dump_cleanup() in ..."

Yes. Changing it.

Thanks.
Peter

> 
> Other than that,
> 
> Reviewed-by: Fam Zheng 
> 
> > before dump finish, no matter whether dump has succeeded or not.
> > 
> > Signed-off-by: Peter Xu 

Re: [Qemu-devel] Highlighting changes in QEMU 2.5

[John Snow]

On 12/01/2015 07:16 AM, Amit Shah wrote:
> Ping.
> 
> I haven't received any responses so far, please let me know if you're
> planning on doing this.
> 
> Thanks,
> 

I did amend the changelog on the wiki for my part, but I don't have
anything better than a webcam. I have hunches that hewn together grainy
webcam footage won't make for a very compelling video...

--js

> On (Tue) 24 Nov 2015 [10:28:25], Amit Shah wrote:
>> Hello,
>>
>> The 2.5 release is close - and I'm collecting a list of notable
>> changes and features once more.  The video made for the 2.4 release
>> [1] was popular, and I'm volunteering to make one for 2.5 as well.  In
>> addition, we need more feature pages, and there's a template at [2]
>> that you can use to base feature pages off.
>>
>> I've CC'ed maintainers whose pull reqs got merged for the 2.5 cycle,
>> but this is not restricted to maintainers only - feature owners are
>> welcome to submit their videos and author feature pages as well --
>> please coordinate with the maintainers who sent pull reqs so there's
>> no duplication of content for the video.
>>
>> Please get me the videos before Monday, 7 December, and I can then get
>> the final video ready in time for the 10th December release date.
>>
>> For the feature pages, please link them to the ChangeLog page at [3].
>>
>> Details:
>>
>> This time, we can actually put the video out on release day (even
>> within the release announcement?) since we have a bit of time on
>> hands.  Can you please go through the notable enhancements in your
>> subsystems for the 2.5 release, and send me a short (max. 2 mins)
>> video highlighting the changes in 2.5, and optionally something about
>> where we're headed in the future with those changes?  A brief note on
>> how those changes impact users (directly, or via higher level
>> software, e.g. openstack) will be useful.
>>
>> The video can be shot using a phone camera (preferably the main
>> camera), or a webcam / laptop cam.  For consistency, it's better if
>> the videos are at least 720p (higher the better!), and have as less
>> background noise as possible.  I can remove the background noise using
>> audacity, but that makes the main voice sound robotic, so it's better
>> not to resort to that.
>>
>> Please upload to some file sharing service (preferably no login
>> required), and send me a pointer.
>>
>>
>> Additionally, more search-friendly text-based feature pages help
>> users, testers and future contributors a lot, so please create feature
>> pages for major changes, and include as much information as possible.
>> The template at [2] should be a good start to help thinking about what
>> information to include.
>>
>>
>> [1] http://log.amitshah.net/2015/09/qemu-maintainers-on-the-2-4-release/
>> [2] http://qemu-project.org/NewFeatureTemplate
>> [3] http://qemu-project.org/ChangeLog/2.5
>>
>> Thanks,
>>
>>  Amit
>>
>>
> 
>   Amit
> 

[Qemu-devel] [PATCH] tests/vhost-user-bridge.c: fix fd leakage

[Victor Kaplansky]

This fixes file descriptor leakage in vhost-user-bridge
application. Whenever a new callfd or kickfd is set, the previous
one should be explicitly closed. File descriptors used to map
guest's memory are closed immediately after mmap call.

Signed-off-by: Victor Kaplansky 
---
 tests/vhost-user-bridge.c | 34 +-
 1 file changed, 29 insertions(+), 5 deletions(-)

diff --git a/tests/vhost-user-bridge.c b/tests/vhost-user-bridge.c
index 85c4c8a..9fb09f1 100644
--- a/tests/vhost-user-bridge.c
+++ b/tests/vhost-user-bridge.c
@@ -113,7 +113,6 @@ dispatcher_add(Dispatcher *dispr, int sock, void *ctx, 
CallbackFunc cb)
 return 0;
 }
 
-#if 0
 /* dispatcher_remove() is not currently in use but may be useful
  * in the future. */
 static int
@@ -127,9 +126,9 @@ dispatcher_remove(Dispatcher *dispr, int sock)
 }
 
 FD_CLR(sock, >fdset);
+DPRINT("Sock %d removed from dispatcher watch.\n", sock);
 return 0;
 }
-#endif
 
 /* timeout in us */
 static int
@@ -156,11 +155,16 @@ dispatcher_wait(Dispatcher *dispr, uint32_t timeout)
 /* Now call callback for every ready socket. */
 
 int sock;
-for (sock = 0; sock < dispr->max_sock + 1; sock++)
-if (FD_ISSET(sock, )) {
+for (sock = 0; sock < dispr->max_sock + 1; sock++) {
+/* The callback on a socket can remove other sockets from the
+ * dispatcher, thus we have to check that the socket is
+ * still not removed from dispatcher's list
+ */
+if (FD_ISSET(sock, ) && FD_ISSET(sock, >fdset)) {
 Event *e = >events[sock];
 e->callback(sock, e->ctx);
 }
+}
 
 return 0;
 }
@@ -837,9 +841,10 @@ vubr_set_mem_table_exec(VubrDev *dev, VhostUserMsg *vmsg)
 if (mmap_addr == MAP_FAILED) {
 vubr_die("mmap");
 }
-
 dev_region->mmap_addr = (uint64_t) mmap_addr;
 DPRINT("mmap_addr:   0x%016"PRIx64"\n", dev_region->mmap_addr);
+
+close(vmsg->fds[i]);
 }
 
 return 0;
@@ -950,6 +955,17 @@ vubr_get_vring_base_exec(VubrDev *dev, VhostUserMsg *vmsg)
  * we have to respect * VHOST_USER_SET_VRING_ENABLE request. */
 dev->ready = 0;
 
+if (dev->vq[index].call_fd != -1) {
+close(dev->vq[index].call_fd);
+dispatcher_remove(>dispatcher, dev->vq[index].call_fd);
+dev->vq[index].call_fd = -1;
+}
+if (dev->vq[index].kick_fd != -1) {
+close(dev->vq[index].kick_fd);
+dispatcher_remove(>dispatcher, dev->vq[index].kick_fd);
+dev->vq[index].kick_fd = -1;
+}
+
 /* Reply */
 return 1;
 }
@@ -965,6 +981,10 @@ vubr_set_vring_kick_exec(VubrDev *dev, VhostUserMsg *vmsg)
 assert((u64_arg & VHOST_USER_VRING_NOFD_MASK) == 0);
 assert(vmsg->fd_num == 1);
 
+if (dev->vq[index].kick_fd != -1) {
+close(dev->vq[index].kick_fd);
+dispatcher_remove(>dispatcher, dev->vq[index].kick_fd);
+}
 dev->vq[index].kick_fd = vmsg->fds[0];
 DPRINT("Got kick_fd: %d for vq: %d\n", vmsg->fds[0], index);
 
@@ -999,6 +1019,10 @@ vubr_set_vring_call_exec(VubrDev *dev, VhostUserMsg *vmsg)
 assert((u64_arg & VHOST_USER_VRING_NOFD_MASK) == 0);
 assert(vmsg->fd_num == 1);
 
+if (dev->vq[index].call_fd != -1) {
+close(dev->vq[index].call_fd);
+dispatcher_remove(>dispatcher, dev->vq[index].call_fd);
+}
 dev->vq[index].call_fd = vmsg->fds[0];
 DPRINT("Got call_fd: %d for vq: %d\n", vmsg->fds[0], index);
 
-- 
--Victor

Re: [Qemu-devel] [RFC PATCH V2 0/3] IXGBE/VFIO: Add live migration support for SRIOV NIC

[Alexander Duyck]

On Tue, Dec 1, 2015 at 7:28 AM, Michael S. Tsirkin  wrote:
> On Tue, Dec 01, 2015 at 11:04:31PM +0800, Lan, Tianyu wrote:
>>
>>
>> On 12/1/2015 12:07 AM, Alexander Duyck wrote:
>> >They can only be corrected if the underlying assumptions are correct
>> >and they aren't.  Your solution would have never worked correctly.
>> >The problem is you assume you can keep the device running when you are
>> >migrating and you simply cannot.  At some point you will always have
>> >to stop the device in order to complete the migration, and you cannot
>> >stop it before you have stopped your page tracking mechanism.  So
>> >unless the platform has an IOMMU that is somehow taking part in the
>> >dirty page tracking you will not be able to stop the guest and then
>> >the device, it will have to be the device and then the guest.
>> >
>> >>>Doing suspend and resume() may help to do migration easily but some
>> >>>devices requires low service down time. Especially network and I got
>> >>>that some cloud company promised less than 500ms network service downtime.
>> >Honestly focusing on the downtime is getting the cart ahead of the
>> >horse.  First you need to be able to do this without corrupting system
>> >memory and regardless of the state of the device.  You haven't even
>> >gotten to that state yet.  Last I knew the device had to be up in
>> >order for your migration to even work.
>>
>> I think the issue is that the content of rx package delivered to stack maybe
>> changed during migration because the piece of memory won't be migrated to
>> new machine. This may confuse applications or stack. Current dummy write
>> solution can ensure the content of package won't change after doing dummy
>> write while the content maybe not received data if migration happens before
>> that point. We can recheck the content via checksum or crc in the protocol
>> after dummy write to ensure the content is what VF received. I think stack
>> has already done such checks and the package will be abandoned if failed to
>> pass through the check.
>
>
> Most people nowdays rely on hardware checksums so I don't think this can
> fly.

Correct.  The checksum/crc approach will not work since it is possible
for a checksum to even be mangled in the case of some features such as
LRO or GRO.

>> Another way is to tell all memory driver are using to Qemu and let Qemu to
>> migrate these memory after stopping VCPU and the device. This seems safe but
>> implementation maybe complex.
>
> Not really 100% safe.  See below.
>
> I think hiding these details behind dma_* API does have
> some appeal. In any case, it gives us a good
> terminology as it covers what most drivers do.

That was kind of my thought.  If we were to build our own
dma_mark_clean() type function that will mark the DMA region dirty on
sync or unmap then that is half the battle right there as we would be
able to at least keep the regions consistent after they have left the
driver.

> There are several components to this:
> - dma_map_* needs to prevent page from
>   being migrated while device is running.
>   For example, expose some kind of bitmap from guest
>   to host, set bit there while page is mapped.
>   What happens if we stop the guest and some
>   bits are still set? See dma_alloc_coherent below
>   for some ideas.

Yeah, I could see something like this working.  Maybe we could do
something like what was done for the NX bit and make use of the upper
order bits beyond the limits of the memory range to mark pages as
non-migratable?

I'm curious.  What we have with a DMA mapped region is essentially
shared memory between the guest and the device.  How would we resolve
something like this with IVSHMEM, or are we blocked there as well in
terms of migration?

> - dma_unmap_* needs to mark page as dirty
>   This can be done by writing into a page.
>
> - dma_sync_* needs to mark page as dirty
>   This is trickier as we can not change the data.
>   One solution is using atomics.
>   For example:
> int x = ACCESS_ONCE(*p);
> cmpxchg(p, x, x);
>   Seems to do a write without changing page
>   contents.

Like I said we can probably kill 2 birds with one stone by just
implementing our own dma_mark_clean() for x86 virtualized
environments.

I'd say we could take your solution one step further and just use 0
instead of bothering to read the value.  After all it won't write the
area if the value at the offset is not 0.  The only downside is that
this is a locked operation so we will take a pretty serious
performance penalty when this is active.  As such my preference would
be to hide the code behind some static key that we could then switch
on in the event of a VM being migrated.

> - dma_alloc_coherent memory (e.g. device rings)
>   must be migrated after device stopped modifying it.
>   Just stopping the VCPU is not enough:
>   you must make sure device is not changing it.
>
>   Or maybe the device has some kind of ring flush operation,
>   if there was a 

Re: [Qemu-devel] [PATCH V3 3/3] hw/i386: extend pxb query for all PC machines

[Eduardo Habkost]

On Tue, Dec 01, 2015 at 06:50:15PM +0200, Marcel Apfelbaum wrote:
> On 12/01/2015 05:09 PM, Eduardo Habkost wrote:
> >On Tue, Dec 01, 2015 at 04:55:57PM +0200, Marcel Apfelbaum wrote:
> >>On 12/01/2015 04:48 PM, Eduardo Habkost wrote:
> >>>On Tue, Dec 01, 2015 at 04:07:33PM +0200, Marcel Apfelbaum wrote:
> On 11/30/2015 05:07 PM, Eduardo Habkost wrote:
> >On Sun, Nov 29, 2015 at 10:46:03AM +0200, Marcel Apfelbaum wrote:
> >>On 11/27/2015 07:28 PM, Eduardo Habkost wrote:
> >>>On Thu, Nov 26, 2015 at 06:00:28PM +0200, Marcel Apfelbaum wrote:
> Add bus property to PC machines and use it when looking
> for primary PCI root bus (bus 0).
> 
> Signed-off-by: Marcel Apfelbaum 
> >>>
> >>>I can't pretend I have reviewed the q35 part, but the changes are
> >>>an improvement to the existing code that depended on
> >>>find_i440fx().
> >>>
> >>>Acked-by: Eduardo Habkost 
> >>
> >>Thanks!
> >>
> >>>
> >>>BTW, what's missing to allow us to change acpi_set_pci_info() to
> >>>use PCMachine::bus instead of find_i440fx(), too? How much of the
> >>>PCI hotplug stuff is different in q35?
> >>
> >>It is pretty different.
> >>i440fx has acpi based hotplug while q35 has PCIe native hotplug. Since 
> >>is
> >>"native", no acpi info is necessary.
> >>
> >>Having said that, if we have an PCIe-PCI bridge, the pci devices behind 
> >>it
> >>cannot be hotplugged/unplugged right now.
> >>
> >>Once we decide to add hotplug support for this scenario, maybe we can 
> >>get rid of
> >>find_i440fx().
> >
> >Thanks for the explanation. I wonder if there's a better way to
> >check if ACPI-based hotplug is needed by looking at
> >PCMachineState or PCIBus, so we don't couple the ACPI code to
> >piix.c.
> >
> 
> I suppose we can do something about it, like adding a property to 
> PCMachineState,
> lets say bool acpi_hotplug and set it false for Q35.
> 
> Then we have:
>  pcm = PC_MACHINE(current_machine);
>  if(pcm->acpi_hotplug) {
>  bus  = pcm->bus;
>  ...
>  }
> 
> Sounds acceptable? If yes, I'll send a patch on top since is not directly 
> related.S
> >>>
> >>>There's no existing field or method in PCIBus that can be already
> >>>used for that?
> >>
> >>Hmm, you can derive the info you need from pci_bus_is_express.
> >>If express-> no acpi_hotplug. This is not 100% true, but since
> >>we don't support acpi hotplug on PCIe machines, it should be OK for now.
> >
> >What about just checking if AcpiPmInfo.pcihp_io_base is set?
> >
> 
> Because this contradicts the "do not probe for piix" requirement.
> pcihp_io_base depends on piix query for pm (piix4_pm_find).
> So pcihp_io_base is an i440fx only "artifact".
> 

Yes, but at least the piix4-specific code would be contained
inside acpi_get_pm_info(). (And making acpi_get_pm_info() generic
is also part of my plans.)

However, you have a good point:

> Also, acpi_set_pci_info is called before acpi_build that populates
> acpi_get_pm_info. All of that can be taken care of, of course.

So we need to be careful about ordering, there. But it looks
doable without adding yet another PCMachineState field.

> 
> At the end of the day, as long as the functionality is preserved,
> I personally have no objection in re-factoring.

Working on it. :)

-- 
Eduardo

Re: [Qemu-devel] [PATCH for-2.5] tcg: Increase the highwater reservation

[Richard Henderson]

On 12/01/2015 08:28 AM, Peter Maydell wrote:

On 1 December 2015 at 16:19, Richard Henderson  wrote:

If there are a lot of guest memory ops in the TB, the amount of
code generated by tcg_out_tb_finalize could be well more than 1k.
In the short term, increase the reservation larger than any TB
seen in practice.

Reported-by: Aurelien Jarno 
Signed-off-by: Richard Henderson 
---

Reported and discussed with Aurelien on IRC yesterday.  This seems
to be the easiest fix for the upcoming release.  I will fix this
properly (by modifying every backend's finalize routines) for 2.6.


What would be the result of our hitting this bug?


A segfault, writing to the guard page for the code_gen buffer.


I ask because
there's a report on qemu-discuss about a qemu-i386-on-ARM-host
bug: http://lists.nongnu.org/archive/html/qemu-discuss/2015-11/msg00042.html
and the debug log (http://www.mediafire.com/download/ge611be9vbebbw7/qemu.log)
suggests we're segfaulting in translation on the TB shortly
after we (successfully) translate a TB whose final 'out' size
is 1100 and which has 64 guest writes in it. So I'm wondering
if that's actually the same bug this is fixing...


It's plausible.

The maximum 32-bit memory op for arm requires 9 insns in the slow path.  Times 
64 that's 2304 bytes, which exceeds the current highwater buffer space.


The new 64k buffer allows for 1820 (arm backend) writes before exceeding the 
highwater buffer.  Which is significantly more than TCG_MAX_INSNS (512), though 
not even close to OPC_MAX_SIZE (170240), which would require > 6MB in highwater 
space.



r~

[Qemu-devel] [QEMU 2.1.2] block in bdrv_drain_all()

[Qian Peng]

Hi,


  I am using qemu 2.1.2 and some VMs hang while playing videos.


QEMU parameters and stack information is as follows:
/usr/bin/qemu-system-x86_64 
-name S398_ABC-047 
-S -machine pc-i440fx-2.1,accel=kvm,usb=off 
-m 1024 
-realtime mlock=off 
-smp 1,sockets=1,cores=1,threads=1 
-uuid 2f9fa97a-0061-436c-a40c-e7abc3d0cdb1 
-no-user-config -nodefaults 
-chardev 
socket,id=charmonitor,path=/var/lib/libvirt/qemu/S398_ABC-047.monitor,server,nowait
 
-mon chardev=charmonitor,id=monitor,mode=control 
-rtc base=localtime 
-no-shutdown -global PIIX4_PM.disable_s3=1 
-global PIIX4_PM.disable_s4=0 -boot strict=on 
-device piix3-usb-uhci,id=usb,bus=pci.0,addr=0x1.0x2 
-device virtio-serial-pci,id=virtio-serial0,bus=pci.0,addr=0x5 
-drive 
file=/opt/cvm/win7_64_S398_ABC-047.inst,if=none,id=drive-ide0-0-0,format=qcow2,cache=writeback,discard=unmap
 
-device ide-hd,bus=ide.0,unit=0,drive=drive-ide0-0-0,id=ide0-0-0,bootindex=1 
-drive 
file=/opt/data/hugedisk/win7_64_S398_ABC-047_share.add,if=none,id=drive-ide0-0-1,format=qcow2,cache=writeback
 
-device ide-hd,bus=ide.0,unit=1,drive=drive-ide0-0-1,id=ide0-0-1 -netdev 
tap,fd=21,id=hostnet0,vhost=on,vhostfd=23 
-device 
virtio-net-pci,netdev=hostnet0,id=net0,mac=52:54:00:19:a6:93,bus=pci.0,addr=0x3 
-chardev pty,id=charserial0 
-device isa-serial,chardev=charserial0,id=serial0 -chardev pty,id=charserial1 
-device isa-serial,chardev=charserial1,id=serial1 -chardev 
spicevmc,id=charchannel0,name=vdagent 
-device 
virtserialport,bus=virtio-serial0.0,nr=1,chardev=charchannel0,id=channel0,name=com.redhat.spice.0
 -chardev spiceport,id=charchannel1,name=webcam 
-device 
virtserialport,bus=virtio-serial0.0,nr=2,chardev=charchannel1,id=channel1,name=com.redhat.spice.webcam
 
-device usb-tablet,id=input0 -spice 
port=5902,addr=0.0.0.0,disable-ticketing,seamless-migration=on -vnc 0.0.0.0:3 
-device 
qxl-vga,id=video0,ram_size=67108864,vram_size=67108864,bus=pci.0,addr=0x2 
-device intel-hda,id=sound0,bus=pci.0,addr=0x4 
-device hda-micro,id=sound0-codec0,bus=sound0.0,cad=0 -device 
hda-duplex,id=sound0-codec1,bus=sound0.0,cad=1 
-device virtio-balloon-pci,id=balloon0,bus=pci.0,addr=0x6 
-readconfig /etc/qemu/ich9-ehci-uhci.cfg 
-chardev spicevmc,name=usbredir,id=usbredirchardev1 -device 
usb-redir,chardev=usbredirchardev1,id=usbredirdev1,bus=ehci.0 
-chardev spicevmc,name=usbredir,id=usbredirchardev2 -device 
usb-redir,chardev=usbredirchardev2,id=usbredirdev2,bus=ehci.0 
-chardev spicevmc,name=usbredir,id=usbredirchardev3 -device 
usb-redir,chardev=usbredirchardev3,id=usbredirdev3,bus=ehci.0 
-cpu SandyBridge,host=on,+vmx,model_id=Intel(R) Xeon(R) CPU E5-26xx 
series,hv-relaxed=on,hv-time=on,hv-spinlocks=0x1fff 


Thread 4 (Thread 0x7fa09a527700 (LWP 48069)):
#0  0x7fa09ec7b3e7 in ppoll () from /lib64/libc.so.6
#1  0x7fa0a2f7e27b in qemu_poll_ns (fds=,
nfds=, timeout=)
#2  0x7fa0a2f7edf4 in aio_poll (ctx=0x7fa0a5835620, blocking=true)
#3  0x7fa0a2f782e8 in bdrv_drain_all ()
#4  0x7fa0a2eb602a in bmdma_cmd_writeb (bm=0x7fa0a5ce8cc8, val=0)
#5  0x7fa0a2d17e68 in access_with_adjusted_size (addr=0,
value=0x7fa09a526aa0, size=1, access_size_min=,
access_size_max=,
access=0x7fa0a2d19b10 , mr=0x7fa0a5ce8e30)
#6  0x7fa0a2d1988c in memory_region_dispatch_write (mr=0x7fa0a5ce8e30,
addr=0, val=, size=1)
#7  io_mem_write (mr=0x7fa0a5ce8e30, addr=0, val=, size=1)
#8  0x7fa0a2cdd73a in address_space_rw (as=0x7fa0a3412380,
addr=, buf=, len=1,
is_write=true)
#9  0x7fa0a2d155c4 in kvm_handle_io (cpu=)
#10 kvm_cpu_exec (cpu=)
#11 0x7fa0a2d0470c in qemu_kvm_cpu_thread_fn (arg=0x7fa0a5ca95c0)
#12 0x7fa0a17ec9d1 in start_thread () from /lib64/libpthread.so.0
#13 0x7fa09ec849dd in clone () from /lib64/libc.so.6


Thread 3 (Thread 0x7fa0995ff700 (LWP 48071)):
#0  0x7fa09ec7b1b3 in poll () from /lib64/libc.so.6
#1  0x7fa09fbfb306 in ?? () from /usr/lib64/libspice-server.so.1
#2  0x7fa0a17ec9d1 in start_thread () from /lib64/libpthread.so.0
#3  0x7fa09ec849dd in clone () from /lib64/libc.so.6


Thread 2 (Thread 0x7fa098bff700 (LWP 48072)):
#0  0x7fa0a17f05bc in pthread_cond_wait@@GLIBC_2.3.2 ()
   from /lib64/libpthread.so.0
#1  0x7fa0a2fca499 in qemu_cond_wait (cond=,
mutex=)
#2  0x7fa0a2f6c9d3 in vnc_worker_thread_loop (queue=0x7fa0a5e62170)
#3  0x7fa0a2f6cf80 in vnc_worker_thread (arg=0x7fa0a5e62170)
#4  0x7fa0a17ec9d1 in start_thread () from /lib64/libpthread.so.0
#5  0x7fa09ec849dd in clone () from /lib64/libc.so.6


Thread 1 (Thread 0x7fa0a2c1d9c0 (LWP 48065)):
#0  0x7fa0a17f3264 in __lll_lock_wait () from /lib64/libpthread.so.0
#1  0x7fa0a17ee508 in _L_lock_854 () from /lib64/libpthread.so.0
#2  0x7fa0a17ee3d7 in pthread_mutex_lock () from /lib64/libpthread.so.0
#3  0x7fa0a2fca719 in qemu_mutex_lock (mutex=)
#4  0x7fa0a2f7cedb in os_host_main_loop_wait (
nonblocking=)
#5  main_loop_wait (nonblocking=)
#6  0x7fa0a2df9aeb in main_loop (argc=,

Re: [Qemu-devel] [for-2.6 PATCH 1/3] target-i386: Define structs for layout of xsave area

[Eduardo Habkost]

On Tue, Dec 01, 2015 at 09:09:47AM -0800, Richard Henderson wrote:
> On 11/30/2015 03:18 AM, Paolo Bonzini wrote:
> >Because this is always little endian, I would write it as uint8_t[16][16].
> 
> Maybe.  That isn't altogether handy for TCG, since we'll be wanting to bswap
> these buffers (probably in uint64_t chunks).

X86XSaveArea will be used only when loading/saving state using
xsave, not for executing regular instructions. In X86CPU, the
data is already stored as XMMReg unions (the one with the
XMM_[BWDQ] helpers).

-- 
Eduardo

Re: [Qemu-devel] [RFC PATCH V2 0/3] IXGBE/VFIO: Add live migration support for SRIOV NIC

[Michael S. Tsirkin]

On Tue, Dec 01, 2015 at 09:04:32AM -0800, Alexander Duyck wrote:
> On Tue, Dec 1, 2015 at 7:28 AM, Michael S. Tsirkin  wrote:
> > On Tue, Dec 01, 2015 at 11:04:31PM +0800, Lan, Tianyu wrote:
> >>
> >>
> >> On 12/1/2015 12:07 AM, Alexander Duyck wrote:
> >> >They can only be corrected if the underlying assumptions are correct
> >> >and they aren't.  Your solution would have never worked correctly.
> >> >The problem is you assume you can keep the device running when you are
> >> >migrating and you simply cannot.  At some point you will always have
> >> >to stop the device in order to complete the migration, and you cannot
> >> >stop it before you have stopped your page tracking mechanism.  So
> >> >unless the platform has an IOMMU that is somehow taking part in the
> >> >dirty page tracking you will not be able to stop the guest and then
> >> >the device, it will have to be the device and then the guest.
> >> >
> >> >>>Doing suspend and resume() may help to do migration easily but some
> >> >>>devices requires low service down time. Especially network and I got
> >> >>>that some cloud company promised less than 500ms network service 
> >> >>>downtime.
> >> >Honestly focusing on the downtime is getting the cart ahead of the
> >> >horse.  First you need to be able to do this without corrupting system
> >> >memory and regardless of the state of the device.  You haven't even
> >> >gotten to that state yet.  Last I knew the device had to be up in
> >> >order for your migration to even work.
> >>
> >> I think the issue is that the content of rx package delivered to stack 
> >> maybe
> >> changed during migration because the piece of memory won't be migrated to
> >> new machine. This may confuse applications or stack. Current dummy write
> >> solution can ensure the content of package won't change after doing dummy
> >> write while the content maybe not received data if migration happens before
> >> that point. We can recheck the content via checksum or crc in the protocol
> >> after dummy write to ensure the content is what VF received. I think stack
> >> has already done such checks and the package will be abandoned if failed to
> >> pass through the check.
> >
> >
> > Most people nowdays rely on hardware checksums so I don't think this can
> > fly.
> 
> Correct.  The checksum/crc approach will not work since it is possible
> for a checksum to even be mangled in the case of some features such as
> LRO or GRO.
> 
> >> Another way is to tell all memory driver are using to Qemu and let Qemu to
> >> migrate these memory after stopping VCPU and the device. This seems safe 
> >> but
> >> implementation maybe complex.
> >
> > Not really 100% safe.  See below.
> >
> > I think hiding these details behind dma_* API does have
> > some appeal. In any case, it gives us a good
> > terminology as it covers what most drivers do.
> 
> That was kind of my thought.  If we were to build our own
> dma_mark_clean() type function that will mark the DMA region dirty on
> sync or unmap then that is half the battle right there as we would be
> able to at least keep the regions consistent after they have left the
> driver.
> 
> > There are several components to this:
> > - dma_map_* needs to prevent page from
> >   being migrated while device is running.
> >   For example, expose some kind of bitmap from guest
> >   to host, set bit there while page is mapped.
> >   What happens if we stop the guest and some
> >   bits are still set? See dma_alloc_coherent below
> >   for some ideas.
> 
> Yeah, I could see something like this working.  Maybe we could do
> something like what was done for the NX bit and make use of the upper
> order bits beyond the limits of the memory range to mark pages as
> non-migratable?
> 
> I'm curious.  What we have with a DMA mapped region is essentially
> shared memory between the guest and the device.  How would we resolve
> something like this with IVSHMEM, or are we blocked there as well in
> terms of migration?

I have some ideas. Will post later.

> > - dma_unmap_* needs to mark page as dirty
> >   This can be done by writing into a page.
> >
> > - dma_sync_* needs to mark page as dirty
> >   This is trickier as we can not change the data.
> >   One solution is using atomics.
> >   For example:
> > int x = ACCESS_ONCE(*p);
> > cmpxchg(p, x, x);
> >   Seems to do a write without changing page
> >   contents.
> 
> Like I said we can probably kill 2 birds with one stone by just
> implementing our own dma_mark_clean() for x86 virtualized
> environments.
> 
> I'd say we could take your solution one step further and just use 0
> instead of bothering to read the value.  After all it won't write the
> area if the value at the offset is not 0.

Really almost any atomic that has no side effect will do.
atomic or with 0
atomic and with 

It's just that cmpxchg already happens to have a portable
wrapper.

> The only downside is that
> this is a locked operation so we will take a 

Re: [Qemu-devel] [PATCH V3 3/3] hw/i386: extend pxb query for all PC machines

[Marcel Apfelbaum]

On 12/01/2015 05:09 PM, Eduardo Habkost wrote:

On Tue, Dec 01, 2015 at 04:55:57PM +0200, Marcel Apfelbaum wrote:

On 12/01/2015 04:48 PM, Eduardo Habkost wrote:

On Tue, Dec 01, 2015 at 04:07:33PM +0200, Marcel Apfelbaum wrote:

On 11/30/2015 05:07 PM, Eduardo Habkost wrote:

On Sun, Nov 29, 2015 at 10:46:03AM +0200, Marcel Apfelbaum wrote:

On 11/27/2015 07:28 PM, Eduardo Habkost wrote:

On Thu, Nov 26, 2015 at 06:00:28PM +0200, Marcel Apfelbaum wrote:

Add bus property to PC machines and use it when looking
for primary PCI root bus (bus 0).

Signed-off-by: Marcel Apfelbaum 


I can't pretend I have reviewed the q35 part, but the changes are
an improvement to the existing code that depended on
find_i440fx().

Acked-by: Eduardo Habkost 


Thanks!



BTW, what's missing to allow us to change acpi_set_pci_info() to
use PCMachine::bus instead of find_i440fx(), too? How much of the
PCI hotplug stuff is different in q35?


It is pretty different.
i440fx has acpi based hotplug while q35 has PCIe native hotplug. Since is
"native", no acpi info is necessary.

Having said that, if we have an PCIe-PCI bridge, the pci devices behind it
cannot be hotplugged/unplugged right now.

Once we decide to add hotplug support for this scenario, maybe we can get rid of
find_i440fx().


Thanks for the explanation. I wonder if there's a better way to
check if ACPI-based hotplug is needed by looking at
PCMachineState or PCIBus, so we don't couple the ACPI code to
piix.c.



I suppose we can do something about it, like adding a property to 
PCMachineState,
lets say bool acpi_hotplug and set it false for Q35.

Then we have:
 pcm = PC_MACHINE(current_machine);
 if(pcm->acpi_hotplug) {
 bus  = pcm->bus;
 ...
 }

Sounds acceptable? If yes, I'll send a patch on top since is not directly 
related.S


There's no existing field or method in PCIBus that can be already
used for that?


Hmm, you can derive the info you need from pci_bus_is_express.
If express-> no acpi_hotplug. This is not 100% true, but since
we don't support acpi hotplug on PCIe machines, it should be OK for now.


What about just checking if AcpiPmInfo.pcihp_io_base is set?



Because this contradicts the "do not probe for piix" requirement.
pcihp_io_base depends on piix query for pm (piix4_pm_find).
So pcihp_io_base is an i440fx only "artifact".

Also, acpi_set_pci_info is called before acpi_build that populates
acpi_get_pm_info. All of that can be taken care of, of course.

At the end of the day, as long as the functionality is preserved,
I personally have no objection in re-factoring.

Thanks,
Marcel

[Qemu-devel] [QEMU 2.1.2] block in bdrv_drain_all()

[Qian Peng]

Hi,

  I am using qemu 2.1.2 and some VMs hang while playing videos.

QEMU parameters and stack information is as follows:
/usr/bin/qemu-system-x86_64
-name S398_ABC-047
-S -machine pc-i440fx-2.1,accel=kvm,usb=off
-m 1024
-realtime mlock=off
-smp 1,sockets=1,cores=1,threads=1
-uuid 2f9fa97a-0061-436c-a40c-e7abc3d0cdb1
-no-user-config -nodefaults
-chardev
socket,id=charmonitor,path=/var/lib/libvirt/qemu/S398_ABC-047.monitor,server,nowait
-mon chardev=charmonitor,id=monitor,mode=control
-rtc base=localtime
-no-shutdown -global PIIX4_PM.disable_s3=1
-global PIIX4_PM.disable_s4=0 -boot strict=on
-device piix3-usb-uhci,id=usb,bus=pci.0,addr=0x1.0x2
-device virtio-serial-pci,id=virtio-serial0,bus=pci.0,addr=0x5
-drive
file=/opt/cvm/win7_64_S398_ABC-047.inst,if=none,id=drive-ide0-0-0,format=qcow2,cache=writeback,discard=unmap
-device
ide-hd,bus=ide.0,unit=0,drive=drive-ide0-0-0,id=ide0-0-0,bootindex=1
-drive
file=/opt/data/hugedisk/win7_64_S398_ABC-047_share.add,if=none,id=drive-ide0-0-1,format=qcow2,cache=writeback
-device ide-hd,bus=ide.0,unit=1,drive=drive-ide0-0-1,id=ide0-0-1 -netdev
tap,fd=21,id=hostnet0,vhost=on,vhostfd=23
-device
virtio-net-pci,netdev=hostnet0,id=net0,mac=52:54:00:19:a6:93,bus=pci.0,addr=0x3
-chardev pty,id=charserial0
-device isa-serial,chardev=charserial0,id=serial0 -chardev
pty,id=charserial1
-device isa-serial,chardev=charserial1,id=serial1 -chardev
spicevmc,id=charchannel0,name=vdagent
-device
virtserialport,bus=virtio-serial0.0,nr=1,chardev=charchannel0,id=channel0,name=com.redhat.spice.0
-chardev spiceport,id=charchannel1,name=webcam
-device
virtserialport,bus=virtio-serial0.0,nr=2,chardev=charchannel1,id=channel1,name=com.redhat.spice.webcam
-device usb-tablet,id=input0 -spice
port=5902,addr=0.0.0.0,disable-ticketing,seamless-migration=on -vnc
0.0.0.0:3
-device
qxl-vga,id=video0,ram_size=67108864,vram_size=67108864,bus=pci.0,addr=0x2
-device intel-hda,id=sound0,bus=pci.0,addr=0x4
-device hda-micro,id=sound0-codec0,bus=sound0.0,cad=0 -device
hda-duplex,id=sound0-codec1,bus=sound0.0,cad=1
-device virtio-balloon-pci,id=balloon0,bus=pci.0,addr=0x6
-readconfig /etc/qemu/ich9-ehci-uhci.cfg
-chardev spicevmc,name=usbredir,id=usbredirchardev1 -device
usb-redir,chardev=usbredirchardev1,id=usbredirdev1,bus=ehci.0
-chardev spicevmc,name=usbredir,id=usbredirchardev2 -device
usb-redir,chardev=usbredirchardev2,id=usbredirdev2,bus=ehci.0
-chardev spicevmc,name=usbredir,id=usbredirchardev3 -device
usb-redir,chardev=usbredirchardev3,id=usbredirdev3,bus=ehci.0
-cpu SandyBridge,host=on,+vmx,model_id=Intel(R) Xeon(R) CPU E5-26xx
series,hv-relaxed=on,hv-time=on,hv-spinlocks=0x1fff

Thread 4 (Thread 0x7fa09a527700 (LWP 48069)):
#0  0x7fa09ec7b3e7 in ppoll () from /lib64/libc.so.6
#1  0x7fa0a2f7e27b in qemu_poll_ns (fds=,
nfds=, timeout=)
#2  0x7fa0a2f7edf4 in aio_poll (ctx=0x7fa0a5835620, blocking=true)
#3  0x7fa0a2f782e8 in bdrv_drain_all ()
#4  0x7fa0a2eb602a in bmdma_cmd_writeb (bm=0x7fa0a5ce8cc8, val=0)
#5  0x7fa0a2d17e68 in access_with_adjusted_size (addr=0,
value=0x7fa09a526aa0, size=1, access_size_min=,
access_size_max=,
access=0x7fa0a2d19b10 , mr=0x7fa0a5ce8e30)
#6  0x7fa0a2d1988c in memory_region_dispatch_write (mr=0x7fa0a5ce8e30,
addr=0, val=, size=1)
#7  io_mem_write (mr=0x7fa0a5ce8e30, addr=0, val=,
size=1)
#8  0x7fa0a2cdd73a in address_space_rw (as=0x7fa0a3412380,
addr=, buf=, len=1,
is_write=true)
#9  0x7fa0a2d155c4 in kvm_handle_io (cpu=)
#10 kvm_cpu_exec (cpu=)
#11 0x7fa0a2d0470c in qemu_kvm_cpu_thread_fn (arg=0x7fa0a5ca95c0)
#12 0x7fa0a17ec9d1 in start_thread () from /lib64/libpthread.so.0
#13 0x7fa09ec849dd in clone () from /lib64/libc.so.6

Thread 3 (Thread 0x7fa0995ff700 (LWP 48071)):
#0  0x7fa09ec7b1b3 in poll () from /lib64/libc.so.6
#1  0x7fa09fbfb306 in ?? () from /usr/lib64/libspice-server.so.1
#2  0x7fa0a17ec9d1 in start_thread () from /lib64/libpthread.so.0
#3  0x7fa09ec849dd in clone () from /lib64/libc.so.6

Thread 2 (Thread 0x7fa098bff700 (LWP 48072)):
#0  0x7fa0a17f05bc in pthread_cond_wait@@GLIBC_2.3.2 ()
   from /lib64/libpthread.so.0
#1  0x7fa0a2fca499 in qemu_cond_wait (cond=,
mutex=)
#2  0x7fa0a2f6c9d3 in vnc_worker_thread_loop (queue=0x7fa0a5e62170)
#3  0x7fa0a2f6cf80 in vnc_worker_thread (arg=0x7fa0a5e62170)
#4  0x7fa0a17ec9d1 in start_thread () from /lib64/libpthread.so.0
#5  0x7fa09ec849dd in clone () from /lib64/libc.so.6

Thread 1 (Thread 0x7fa0a2c1d9c0 (LWP 48065)):
#0  0x7fa0a17f3264 in __lll_lock_wait () from /lib64/libpthread.so.0
#1  0x7fa0a17ee508 in _L_lock_854 () from /lib64/libpthread.so.0
#2  0x7fa0a17ee3d7 in pthread_mutex_lock () from /lib64/libpthread.so.0
#3  0x7fa0a2fca719 in qemu_mutex_lock (mutex=)
#4  0x7fa0a2f7cedb in os_host_main_loop_wait (
nonblocking=)
#5  main_loop_wait (nonblocking=)
#6  0x7fa0a2df9aeb in main_loop (argc=,
argv=, envp=)
#7  main (argc=, argv=,
envp=)

Did anyone meet 

[Qemu-devel] [QEMU 2.12] block in bdrv_drain_all()

[Qian Peng]

Hi,

  I am using qemu 2.1.2 and some VMs hang while playing videos.

QEMU parameters and stack information is as follows:
/usr/bin/qemu-system-x86_64
-name S398_ABC-047
-S -machine pc-i440fx-2.1,accel=kvm,usb=off
-m 1024
-realtime mlock=off
-smp 1,sockets=1,cores=1,threads=1
-uuid 2f9fa97a-0061-436c-a40c-e7abc3d0cdb1
-no-user-config -nodefaults
-chardev
socket,id=charmonitor,path=/var/lib/libvirt/qemu/S398_ABC-047.monitor,server,nowait
-mon chardev=charmonitor,id=monitor,mode=control
-rtc base=localtime
-no-shutdown -global PIIX4_PM.disable_s3=1
-global PIIX4_PM.disable_s4=0 -boot strict=on
-device piix3-usb-uhci,id=usb,bus=pci.0,addr=0x1.0x2
-device virtio-serial-pci,id=virtio-serial0,bus=pci.0,addr=0x5
-drive
file=/opt/cvm/win7_64_S398_ABC-047.inst,if=none,id=drive-ide0-0-0,format=qcow2,cache=writeback,discard=unmap
-device
ide-hd,bus=ide.0,unit=0,drive=drive-ide0-0-0,id=ide0-0-0,bootindex=1
-drive
file=/opt/data/hugedisk/win7_64_S398_ABC-047_share.add,if=none,id=drive-ide0-0-1,format=qcow2,cache=writeback
-device ide-hd,bus=ide.0,unit=1,drive=drive-ide0-0-1,id=ide0-0-1 -netdev
tap,fd=21,id=hostnet0,vhost=on,vhostfd=23
-device
virtio-net-pci,netdev=hostnet0,id=net0,mac=52:54:00:19:a6:93,bus=pci.0,addr=0x3
-chardev pty,id=charserial0
-device isa-serial,chardev=charserial0,id=serial0 -chardev
pty,id=charserial1
-device isa-serial,chardev=charserial1,id=serial1 -chardev
spicevmc,id=charchannel0,name=vdagent
-device
virtserialport,bus=virtio-serial0.0,nr=1,chardev=charchannel0,id=channel0,name=com.redhat.spice.0
-chardev spiceport,id=charchannel1,name=webcam
-device
virtserialport,bus=virtio-serial0.0,nr=2,chardev=charchannel1,id=channel1,name=com.redhat.spice.webcam
-device usb-tablet,id=input0 -spice
port=5902,addr=0.0.0.0,disable-ticketing,seamless-migration=on -vnc
0.0.0.0:3
-device
qxl-vga,id=video0,ram_size=67108864,vram_size=67108864,bus=pci.0,addr=0x2
-device intel-hda,id=sound0,bus=pci.0,addr=0x4
-device hda-micro,id=sound0-codec0,bus=sound0.0,cad=0 -device
hda-duplex,id=sound0-codec1,bus=sound0.0,cad=1
-device virtio-balloon-pci,id=balloon0,bus=pci.0,addr=0x6
-readconfig /etc/qemu/ich9-ehci-uhci.cfg
-chardev spicevmc,name=usbredir,id=usbredirchardev1 -device
usb-redir,chardev=usbredirchardev1,id=usbredirdev1,bus=ehci.0
-chardev spicevmc,name=usbredir,id=usbredirchardev2 -device
usb-redir,chardev=usbredirchardev2,id=usbredirdev2,bus=ehci.0
-chardev spicevmc,name=usbredir,id=usbredirchardev3 -device
usb-redir,chardev=usbredirchardev3,id=usbredirdev3,bus=ehci.0
-cpu SandyBridge,host=on,+vmx,model_id=Intel(R) Xeon(R) CPU E5-26xx
series,hv-relaxed=on,hv-time=on,hv-spinlocks=0x1fff

Thread 4 (Thread 0x7fa09a527700 (LWP 48069)):
#0  0x7fa09ec7b3e7 in ppoll () from /lib64/libc.so.6
#1  0x7fa0a2f7e27b in qemu_poll_ns (fds=,
nfds=, timeout=)
at /root/pq/rcc/merge/qemu/qemu-timer.c:314
#2  0x7fa0a2f7edf4 in aio_poll (ctx=0x7fa0a5835620, blocking=true)
at /root/pq/rcc/merge/qemu/aio-posix.c:250
#3  0x7fa0a2f782e8 in bdrv_drain_all ()
at /root/pq/rcc/merge/qemu/block.c:1930
#4  0x7fa0a2eb602a in bmdma_cmd_writeb (bm=0x7fa0a5ce8cc8, val=0)
at /root/pq/rcc/merge/qemu/hw/ide/pci.c:314
#5  0x7fa0a2d17e68 in access_with_adjusted_size (addr=0,
value=0x7fa09a526aa0, size=1, access_size_min=,
access_size_max=,
access=0x7fa0a2d19b10 , mr=0x7fa0a5ce8e30)
at /root/pq/rcc/merge/qemu/memory.c:481
#6  0x7fa0a2d1988c in memory_region_dispatch_write (mr=0x7fa0a5ce8e30,
addr=0, val=, size=1)
at /root/pq/rcc/merge/qemu/memory.c:1143
#7  io_mem_write (mr=0x7fa0a5ce8e30, addr=0, val=,
size=1)
at /root/pq/rcc/merge/qemu/memory.c:1976
#8  0x7fa0a2cdd73a in address_space_rw (as=0x7fa0a3412380,
addr=, buf=, len=1,
is_write=true) at /root/pq/rcc/merge/qemu/exec.c:2087
#9  0x7fa0a2d155c4 in kvm_handle_io (cpu=)
at /root/pq/rcc/merge/qemu/kvm-all.c:1597
#10 kvm_cpu_exec (cpu=)
at /root/pq/rcc/merge/qemu/kvm-all.c:1734
#11 0x7fa0a2d0470c in qemu_kvm_cpu_thread_fn (arg=0x7fa0a5ca95c0)
at /root/pq/rcc/merge/qemu/cpus.c:874
#12 0x7fa0a17ec9d1 in start_thread () from /lib64/libpthread.so.0
#13 0x7fa09ec849dd in clone () from /lib64/libc.so.6

Thread 3 (Thread 0x7fa0995ff700 (LWP 48071)):
#0  0x7fa09ec7b1b3 in poll () from /lib64/libc.so.6
#1  0x7fa09fbfb306 in ?? () from /usr/lib64/libspice-server.so.1
#2  0x7fa0a17ec9d1 in start_thread () from /lib64/libpthread.so.0
#3  0x7fa09ec849dd in clone () from /lib64/libc.so.6

Thread 2 (Thread 0x7fa098bff700 (LWP 48072)):
#0  0x7fa0a17f05bc in pthread_cond_wait@@GLIBC_2.3.2 ()
   from /lib64/libpthread.so.0
#1  0x7fa0a2fca499 in qemu_cond_wait (cond=,
mutex=)
at /root/pq/rcc/merge/qemu/util/qemu-thread-posix.c:135
#2  0x7fa0a2f6c9d3 in vnc_worker_thread_loop (queue=0x7fa0a5e62170)
at /root/pq/rcc/merge/qemu/ui/vnc-jobs.c:222
#3  0x7fa0a2f6cf80 in vnc_worker_thread (arg=0x7fa0a5e62170)
at /root/pq/rcc/merge/qemu/ui/vnc-jobs.c:323
#4  

Re: [Qemu-devel] [RFC PATCH 0/9] vhost-nvme: new qemu nvme backend using nvme target

[Paolo Bonzini]

> What do you think about virtio-nvme+vhost-nvme?

What would be the advantage over virtio-blk?  Multiqueue is not supported
by QEMU but it's already supported by Linux (commit 6a27b656fc).

To me, the advantage of nvme is that it provides more than decent performance on
unmodified Windows guests, and thanks to your vendor extension can be used
on Linux as well with speeds comparable to virtio-blk.  So it's potentially
a very good choice for a cloud provider that wants to support Windows guests
(together with e.g. a fast SAS emulated controller to replace virtio-scsi,
and emulated igb or ixgbe to replace virtio-net).

Which features are supported by NVMe and not virtio-blk?

Paolo

> I also have patch for vritio-nvme:
> https://git.kernel.org/cgit/linux/kernel/git/mlin/linux.git/log/?h=nvme-split/virtio
> 
> Just need to change vhost-nvme to work with it.
> 
> > 
> > Paolo
> > 
> > > Still tuning.
> 
> 
> 

Re: [Qemu-devel] [for-2.6 PATCH 1/3] target-i386: Define structs for layout of xsave area

[Richard Henderson]

On 11/30/2015 03:18 AM, Paolo Bonzini wrote:

Because this is always little endian, I would write it as uint8_t[16][16].


Maybe.  That isn't altogether handy for TCG, since we'll be wanting to bswap 
these buffers (probably in uint64_t chunks).



r~

Re: [Qemu-devel] [for-2.6 PATCH 1/3] target-i386: Define structs for layout of xsave area

[Richard Henderson]

On 12/01/2015 09:15 AM, Eduardo Habkost wrote:

On Tue, Dec 01, 2015 at 09:09:47AM -0800, Richard Henderson wrote:

On 11/30/2015 03:18 AM, Paolo Bonzini wrote:

Because this is always little endian, I would write it as uint8_t[16][16].


Maybe.  That isn't altogether handy for TCG, since we'll be wanting to bswap
these buffers (probably in uint64_t chunks).


X86XSaveArea will be used only when loading/saving state using
xsave, not for executing regular instructions.


... like the regular instruction xsave?

https://patchwork.ozlabs.org/patch/493318/


In X86CPU, the
data is already stored as XMMReg unions (the one with the
XMM_[BWDQ] helpers).


Of course.  But those unions are arranged to be in big-endian format on 
big-endian hosts.  So we need to swap the data back to little-endian format for 
storage into guest memory.



r~

Re: [Qemu-devel] [for-2.6 PATCH 1/3] target-i386: Define structs for layout of xsave area

[Paolo Bonzini]

On 01/12/2015 18:20, Richard Henderson wrote:
>>
>> X86XSaveArea will be used only when loading/saving state using
>> xsave, not for executing regular instructions.
> 
> ... like the regular instruction xsave?
> 
> https://patchwork.ozlabs.org/patch/493318/

Right, but that's a helper anyway.

>> In X86CPU, the
>> data is already stored as XMMReg unions (the one with the
>> XMM_[BWDQ] helpers).
> 
> Of course.  But those unions are arranged to be in big-endian format on
> big-endian hosts.  So we need to swap the data back to little-endian
> format for storage into guest memory.

Yes, you can use byte moves with XMM_B (more obvious), or stq_le_p with
XMM_Q (faster I guess---though the compiler might optimize the former on
little-endian hosts).  Either works with an uint8_t[] destination.

Paolo

Re: [Qemu-devel] [RFC PATCH 0/9] Add colo-proxy based on netfilter

[Dr. David Alan Gilbert]

* Zhang Chen (zhangchen.f...@cn.fujitsu.com) wrote:
> 
> Hi,all
> 
> This patch add an colo-proxy object, COLO-Proxy is a part of COLO,
> based on qemu netfilter and it's a plugin for qemu netfilter. the function
> keep Secondary VM connect normal to Primary VM and compare packets 
> sent by PVM to sent by SVM.if the packet difference,notify COLO do
> checkpoint and send all primary packet has queued.
> 
> You can also get the series from: 
> 
> https://github.com/zhangckid/qemu/tree/colo-proxy-V1
> 
> Usage:
> 
> primary:
> -netdev tap,id=bn0 -device e1000,netdev=bn0
> -object colo-proxy,id=f0,netdev=bn0,queue=all,mode=primary,addr=ip:port
> 
> secondary:
> -netdev tap,id=bn0 -device e1000,netdev=bn0
> -object colo-proxy,id=f0,netdev=bn0,queue=all,mode=secondary,addr=ip:port

If we have more than one NIC on the guest, do you intend to allow
multiple colo-proxy's ?

Having read through the series, it looks like the main missing piece
is the work to synchronise sequence numbers.

I think also you'll need to clean out the connection hash when either
you see both sides have closed the connection or (maybe after some
time of idleness as well? Otherwise we'd just accumulate dead connections
overtime).

I'm guessing the buffer filter also has to be created on the command line?
How does the order of buffers work?

Dave

> 
> NOTE:
> queue must set "all". See enum NetFilterDirection for detail.
> colo-proxy need queue all packets
> colo-proxy V1 just a demo of colo proxy,not pass test with colo upstream
> 
> 
> ## Background
> 
> COLO FT/HA (COarse-grain LOck-stepping Virtual Machines for Non-stop Service)
> project is a high availability solution. Both Primary VM (PVM) and Secondary 
> VM
> (SVM) run in parallel. They receive the same request from client, and generate
> responses in parallel too. If the response packets from PVM and SVM are
> identical, they are released immediately. Otherwise, a VM checkpoint (on 
> demand)is conducted.
> 
> Paper:
> http://www.socc2013.org/home/program/a3-dong.pdf?attredirects=0
> 
> COLO on Xen:
> http://wiki.xen.org/wiki/COLO_-_Coarse_Grain_Lock_Stepping
> 
> COLO on Qemu/KVM:
> http://wiki.qemu.org/Features/COLO
> 
> By the needs of capturing response packets from PVM and SVM and finding out
> whether they are identical, we introduce a new module to qemu networking 
> called colo-proxy.
> 
> 
> v1:
>  initial patch.
> 
> 
> 
> zhangchen (9):
>   Init colo-proxy object based on netfilter
>   jhash: add linux kernel jhashtable in qemu
>   colo-proxy: add colo-proxy framework
>   colo-proxy: add colo-proxy setup work
>   net/colo-proxy: add colo packet handler
>   net/colo-proxy: add packet forward function
>   net/colo-proxy: add packet enqueue and handle function
>   net/colo-proxy: enqueue primary and secondary packet
>   net/colo-proxy: add packet compare and notify checkpoint
> 
>  include/qemu/jhash.h |  52 
>  net/Makefile.objs|   1 +
>  net/colo-proxy.c | 745 
> +++
>  net/colo-proxy.h | 124 +
>  qemu-options.hx  |   4 +
>  vl.c |   3 +-
>  6 files changed, 928 insertions(+), 1 deletion(-)
>  create mode 100644 include/qemu/jhash.h
>  create mode 100644 net/colo-proxy.c
>  create mode 100644 net/colo-proxy.h
> 
> -- 
> 1.9.1
> 
> 
> 
--
Dr. David Alan Gilbert / dgilb...@redhat.com / Manchester, UK

Re: [Qemu-devel] [PATCH COLO-Frame v11 14/39] ram: Split host_from_stream_offset() into two helper functions

[Dr. David Alan Gilbert]

* zhanghailiang (zhang.zhanghaili...@huawei.com) wrote:
> Split host_from_stream_offset() into two parts:
> One is to get ram block, which the block idstr may be get from migration
> stream, the other is to get hva (host) address from block and the offset.
> 
> Signed-off-by: zhanghailiang 

OK, I see why you're doing this from the next patch.

> ---
> v11:
> - New patch
> ---
>  migration/ram.c | 29 +
>  1 file changed, 21 insertions(+), 8 deletions(-)
> 
> diff --git a/migration/ram.c b/migration/ram.c
> index cfe78aa..a161620 100644
> --- a/migration/ram.c
> +++ b/migration/ram.c
> @@ -2136,9 +2136,9 @@ static int load_xbzrle(QEMUFile *f, ram_addr_t addr, 
> void *host)
>   * offset: Offset within the block
>   * flags: Page flags (mostly to see if it's a continuation of previous block)
>   */
> -static inline void *host_from_stream_offset(QEMUFile *f,
> -ram_addr_t offset,
> -int flags)
> +static inline RAMBlock *ram_block_from_stream(QEMUFile *f,
> +  ram_addr_t offset,
> +  int flags)
>  {
>  static RAMBlock *block = NULL;
>  char id[256];
> @@ -2150,22 +2150,31 @@ static inline void *host_from_stream_offset(QEMUFile 
> *f,
>  return NULL;
>  }
>  
> -return block->host + offset;
> +return block;
>  }
> -
>  len = qemu_get_byte(f);
>  qemu_get_buffer(f, (uint8_t *)id, len);
>  id[len] = 0;
>  
>  block = qemu_ram_block_by_name(id);
>  if (block && block->max_length > offset) {
> -return block->host + offset;
> +return block;
>  }
>  
>  error_report("Can't find block %s", id);
>  return NULL;
>  }
>  
> +static inline void *host_from_ram_block_offset(RAMBlock *block,
> +   ram_addr_t offset)
> +{
> +if (!block) {
> +return NULL;
> +}
> +
> +return block->host + offset;
> +}

That's almost the same as ramblock_ptr in include/exec/ram_addr.h, but
it assert's rather than doing NULL on errors.

I'm not sure about this, but can I suggest:

   ram_block_from_stream(QEMUFile *f, int flags)

  doesn't have the offset; just finds the block and handles the CONT.

   bool offset_in_ramblock(RAMBlock *b, ram_addr_t offset);

  actually does the check; put this in exec.c, and declare it in 
include/exec/ram_addr.h

   void *ramblock_ptr_try(RAMBlock *block, ram_addr_t offset)
  which returns NULL if offset_in_ramblock fails, and otherwise returns the 
result
of ramblock_ptr - again put that in include/exec/ram_addr.h

(I'm not sure about this - I almost suggested changing ramblock_ptr to not do
the checks, and just add a call to assert(offset_in_ramblock) before each use, 
but
that sounded too painful).

Hmm - we check here for block->max_length > offset - where as the check in
ram_addr.h is used_length - I wonder if we should be using used_length?

Dave

> +
>  /*
>   * If a page (or a whole RDMA chunk) has been
>   * determined to be zero, then zap it.
> @@ -2310,7 +2319,9 @@ static int ram_load_postcopy(QEMUFile *f)
>  trace_ram_load_postcopy_loop((uint64_t)addr, flags);
>  place_needed = false;
>  if (flags & (RAM_SAVE_FLAG_COMPRESS | RAM_SAVE_FLAG_PAGE)) {
> -host = host_from_stream_offset(f, addr, flags);
> +RAMBlock *block = ram_block_from_stream(f, addr, flags);
> +
> +host = host_from_ram_block_offset(block, addr);
>  if (!host) {
>  error_report("Illegal RAM offset " RAM_ADDR_FMT, addr);
>  ret = -EINVAL;
> @@ -2441,7 +2452,9 @@ static int ram_load(QEMUFile *f, void *opaque, int 
> version_id)
>  
>  if (flags & (RAM_SAVE_FLAG_COMPRESS | RAM_SAVE_FLAG_PAGE |
>   RAM_SAVE_FLAG_COMPRESS_PAGE | RAM_SAVE_FLAG_XBZRLE)) {
> -host = host_from_stream_offset(f, addr, flags);
> +RAMBlock *block = ram_block_from_stream(f, addr, flags);
> +
> +host = host_from_ram_block_offset(block, addr);
>  if (!host) {
>  error_report("Illegal RAM offset " RAM_ADDR_FMT, addr);
>  ret = -EINVAL;
> -- 
> 1.8.3.1
> 
> 
--
Dr. David Alan Gilbert / dgilb...@redhat.com / Manchester, UK

[Qemu-devel] Regression: Xen guest with 5G of RAM on 32bit fail to boot

[Anthony PERARD]

Hi,

Under Xen, a guest with 5G of RAM, with a 32bit binary QEMU (well, with a
32bit dom0) does not boot anymore. QEMU abort() with "Bad ram offset efffd000".

This issue first appear in 4ed023ce2a39ab5812d33cf4d819def168965a7f (Round
up RAMBlock sizes to host page sizes).

The problem is in qemu_ram_alloc_internal() where 'size' and 'maxsize' are
now been truncate to 32bit, due to 'qemu_host_page_size' been an uintptr_t
in the HOST_PAGE_ALIGN macro.

ram_add_t is uint64_t when compiled with --enable-xen.

Regards,

-- 
Anthony PERARD

Re: [Qemu-devel] [PATCH V3 3/3] hw/i386: extend pxb query for all PC machines

[Eduardo Habkost]

On Thu, Nov 26, 2015 at 06:00:28PM +0200, Marcel Apfelbaum wrote:
> Add bus property to PC machines and use it when looking
> for primary PCI root bus (bus 0).
> 
> Signed-off-by: Marcel Apfelbaum 
> ---
>  hw/i386/acpi-build.c | 3 +--
>  hw/i386/pc.c | 2 +-
>  hw/i386/pc_piix.c| 1 +
>  hw/i386/pc_q35.c | 1 +
>  include/hw/i386/pc.h | 1 +
>  5 files changed, 5 insertions(+), 3 deletions(-)
> 
> diff --git a/hw/i386/acpi-build.c b/hw/i386/acpi-build.c
> index 736b252..bca3f06 100644
> --- a/hw/i386/acpi-build.c
> +++ b/hw/i386/acpi-build.c
> @@ -950,8 +950,7 @@ build_ssdt(GArray *table_data, GArray *linker,
>  /* Reserve space for header */
>  acpi_data_push(ssdt->buf, sizeof(AcpiTableHeader));
>  
> -/* Extra PCI root buses are implemented  only for i440fx */
> -bus = find_i440fx();
> +bus = PC_MACHINE(machine)->bus;

You can use acpi_get_i386_pci_host()->bus here, so we can reduce
the amount of PC-specific code inside acpi-build.c.

(Making acpi_get_i386_pci_host() more generic and not depend on
piix- and q35-specific checks is also on my plans)

>  if (bus) {
>  QLIST_FOREACH(bus, >child, sibling) {
>  uint8_t bus_num = pci_bus_num(bus);
[...]

-- 
Eduardo

Re: [Qemu-devel] [PATCH RFC] allow to delete sheepdog snapshot

[Vasiliy Tolstov]

2015-12-02 8:23 GMT+03:00 Hitoshi Mitake :
> Seems that your patch violates the coding style of qemu. You can check the
> style with scripts/checkpatch.pl.
>
>
> Comment outed code isn't good. You should remove it (in addition, it
> wouldn't be required).


Thanks!

-- 
Vasiliy Tolstov,
e-mail: v.tols...@selfip.ru

[Qemu-devel] [PATCH v9 1/5] nvdimm: implement NVDIMM device abstract

[Xiao Guangrong]

Introduce "nvdimm" device which is based on pc-dimm device type

Currently, nothing is specific for nvdimm but hotplug is disabled

Reviewed-by: Stefan Hajnoczi 
Signed-off-by: Xiao Guangrong 
---
 default-configs/i386-softmmu.mak   |  1 +
 default-configs/x86_64-softmmu.mak |  1 +
 hw/acpi/memory_hotplug.c   |  5 +
 hw/mem/Makefile.objs   |  1 +
 hw/mem/nvdimm.c| 46 ++
 include/hw/mem/nvdimm.h| 29 
 6 files changed, 83 insertions(+)
 create mode 100644 hw/mem/nvdimm.c
 create mode 100644 include/hw/mem/nvdimm.h

diff --git a/default-configs/i386-softmmu.mak b/default-configs/i386-softmmu.mak
index 43c96d1..4c79d3b 100644
--- a/default-configs/i386-softmmu.mak
+++ b/default-configs/i386-softmmu.mak
@@ -46,6 +46,7 @@ CONFIG_APIC=y
 CONFIG_IOAPIC=y
 CONFIG_PVPANIC=y
 CONFIG_MEM_HOTPLUG=y
+CONFIG_NVDIMM=y
 CONFIG_XIO3130=y
 CONFIG_IOH3420=y
 CONFIG_I82801B11=y
diff --git a/default-configs/x86_64-softmmu.mak 
b/default-configs/x86_64-softmmu.mak
index dfb8095..e42d2fc 100644
--- a/default-configs/x86_64-softmmu.mak
+++ b/default-configs/x86_64-softmmu.mak
@@ -46,6 +46,7 @@ CONFIG_APIC=y
 CONFIG_IOAPIC=y
 CONFIG_PVPANIC=y
 CONFIG_MEM_HOTPLUG=y
+CONFIG_NVDIMM=y
 CONFIG_XIO3130=y
 CONFIG_IOH3420=y
 CONFIG_I82801B11=y
diff --git a/hw/acpi/memory_hotplug.c b/hw/acpi/memory_hotplug.c
index e4b9a01..298e868 100644
--- a/hw/acpi/memory_hotplug.c
+++ b/hw/acpi/memory_hotplug.c
@@ -231,6 +231,11 @@ void acpi_memory_plug_cb(ACPIREGS *ar, qemu_irq irq, 
MemHotplugState *mem_st,
  DeviceState *dev, Error **errp)
 {
 MemStatus *mdev;
+DeviceClass *dc = DEVICE_GET_CLASS(dev);
+
+if (!dc->hotpluggable) {
+return;
+}
 
 mdev = acpi_memory_slot_status(mem_st, dev, errp);
 if (!mdev) {
diff --git a/hw/mem/Makefile.objs b/hw/mem/Makefile.objs
index b000fb4..f12f8b9 100644
--- a/hw/mem/Makefile.objs
+++ b/hw/mem/Makefile.objs
@@ -1 +1,2 @@
 common-obj-$(CONFIG_MEM_HOTPLUG) += pc-dimm.o
+common-obj-$(CONFIG_NVDIMM) += nvdimm.o
diff --git a/hw/mem/nvdimm.c b/hw/mem/nvdimm.c
new file mode 100644
index 000..4fd397f
--- /dev/null
+++ b/hw/mem/nvdimm.c
@@ -0,0 +1,46 @@
+/*
+ * Non-Volatile Dual In-line Memory Module Virtualization Implementation
+ *
+ * Copyright(C) 2015 Intel Corporation.
+ *
+ * Author:
+ *  Xiao Guangrong 
+ *
+ * Currently, it only supports PMEM Virtualization.
+ *
+ * This library is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public
+ * License as published by the Free Software Foundation; either
+ * version 2 of the License, or (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this library; if not, see 
+ */
+
+#include "hw/mem/nvdimm.h"
+
+static void nvdimm_class_init(ObjectClass *oc, void *data)
+{
+DeviceClass *dc = DEVICE_CLASS(oc);
+
+/* nvdimm hotplug has not been supported yet. */
+dc->hotpluggable = false;
+}
+
+static TypeInfo nvdimm_info = {
+.name  = TYPE_NVDIMM,
+.parent= TYPE_PC_DIMM,
+.class_init= nvdimm_class_init,
+};
+
+static void nvdimm_register_types(void)
+{
+type_register_static(_info);
+}
+
+type_init(nvdimm_register_types)
diff --git a/include/hw/mem/nvdimm.h b/include/hw/mem/nvdimm.h
new file mode 100644
index 000..dbfa8d6
--- /dev/null
+++ b/include/hw/mem/nvdimm.h
@@ -0,0 +1,29 @@
+/*
+ * Non-Volatile Dual In-line Memory Module Virtualization Implementation
+ *
+ * Copyright(C) 2015 Intel Corporation.
+ *
+ * Author:
+ *  Xiao Guangrong 
+ *
+ * NVDIMM specifications and some documents can be found at:
+ * NVDIMM ACPI device and NFIT are introduced in ACPI 6:
+ *  http://www.uefi.org/sites/default/files/resources/ACPI_6.0.pdf
+ * NVDIMM Namespace specification:
+ *  http://pmem.io/documents/NVDIMM_Namespace_Spec.pdf
+ * DSM Interface Example:
+ *  http://pmem.io/documents/NVDIMM_DSM_Interface_Example.pdf
+ * Driver Writer's Guide:
+ *  http://pmem.io/documents/NVDIMM_Driver_Writers_Guide.pdf
+ *
+ * This work is licensed under the terms of the GNU GPL, version 2 or later.
+ * See the COPYING file in the top-level directory.
+ */
+
+#ifndef QEMU_NVDIMM_H
+#define QEMU_NVDIMM_H
+
+#include "hw/mem/pc-dimm.h"
+
+#define TYPE_NVDIMM  "nvdimm"
+#endif
-- 
1.8.3.1

[Qemu-devel] [PATCH v9 0/5] implement vNVDIMM

[Xiao Guangrong]

This patchset can be found at:
  https://github.com/xiaogr/qemu.git nvdimm-v9

It is based on pci branch on Michael's tree and the top commit is:
commit 0c73277af7 (vhost-user-test: fix crash with glib < 2.36).

Changelog in v9:
- the changes address Michael's comments:
  1) move the control parameter to -machine and it is off on default, then
 it can be enabled by, for example, -machine pc,nvdimm
  2) introduce a macro to define "NCAL"
  3) abstract the function, nvdimm_build_device_dsm(), to clean up the
 code
  4) adjust the code style of dsm method
  5) add spec reference in the code comment

other:
  pick up Stefan's Reviewed-by
  
Changelog in v8:
We split the long patch series into the small parts, as you see now, this
is the first part which enables NVDIMM without label data support.

The command line has been changed because some patches simplifying the
things have not been included into this series, you should specify the
file size exactly using the parameters as follows:
   memory-backend-file,id=mem1,share,mem-path=/tmp/nvdimm1,size=10G \
   -device nvdimm,memdev=mem1,id=nv1

Changelog in v7:
- changes from Vladimir Sementsov-Ogievskiy's comments:
  1) let gethugepagesize() realize if fstat is failed instead of get
 normal page size
  2) rename  open_file_path to open_ram_file_path
  3) better log the error message by using error_setg_errno
  4) update commit in the commit log to explain hugepage detection on
 Windows

- changes from Eduardo Habkost's comments:
  1) use 'Error**' to collect error message for qemu_file_get_page_size()
  2) move gethugepagesize() replacement to the same patch to make it
 better for review
  3) introduce qemu_get_file_size to unity the code with raw_getlength()

- changes from Stefan's comments:
  1) check the memory region is large enough to contain DSM output
 buffer

- changes from Eric Blake's comments:
  1) update the shell command in the commit log to generate the patch
 which drops 'pc-dimm' prefix
  
- others:
  pick up Reviewed-by from Stefan, Vladimir Sementsov-Ogievskiy, and
  Eric Blake.

Changelog in v6:
- changes from Stefan's comments:
  1) fix code style of struct naming by CamelCase way
  2) fix offset + length overflow when read/write label data
  3) compile hw/acpi/nvdimm.c for per target so that TARGET_PAGE_SIZE can
 be used to replace getpagesize()

Changelog in v5:
- changes from Michael's comments:
  1) prefix nvdimm_ to everything in NVDIMM source files
  2) make parsing _DSM Arg3 more clear
  3) comment style fix
  5) drop single used definition
  6) fix dirty dsm buffer lost due to memory write happened on host
  7) check dsm buffer if it is big enough to contain input data
  8) use build_append_int_noprefix to store single value to GArray

- changes from Michael's and Igor's comments:
  1) introduce 'nvdimm-support' parameter to control nvdimm
 enablement and it is disabled for 2.4 and its earlier versions
 to make live migration compatible
  2) only reserve 1 RAM page and 4 bytes IO Port for NVDIMM ACPI
 virtualization

- changes from Stefan's comments:
  1) do endian adjustment for the buffer length

- changes from Bharata B Rao's comments:
  1) fix compile on ppc

- others:
  1) the buffer length is directly got from IO read rather than got
 from dsm memory
  2) fix dirty label data lost due to memory write happened on host

Changelog in v4:
- changes from Michael's comments:
  1) show the message, "Memory is not allocated from HugeTlbfs", if file
 based memory is not allocated from hugetlbfs.
  2) introduce function, acpi_get_nvdimm_state(), to get NVDIMMState
 from Machine.
  3) statically define UUID and make its operation more clear
  4) use GArray to build device structures to avoid potential buffer
 overflow
  4) improve comments in the code
  5) improve code style

- changes from Igor's comments:
  1) add NVDIMM ACPI spec document
  2) use serialized method to avoid Mutex
  3) move NVDIMM ACPI's code to hw/acpi/nvdimm.c
  4) introduce a common ASL method used by _DSM for all devices to reduce
 ACPI size
  5) handle UUID in ACPI AML code. BTW, i'd keep handling revision in QEMU
 it's better to upgrade QEMU to support Rev2 in the future

- changes from Stefan's comments:
  1) copy input data from DSM memory to local buffer to avoid potential
 issues as DSM memory is visible to guest. Output data is handled
 in a similar way

- changes from Dan's comments:
  1) drop static namespace as Linux has already supported label-less
 nvdimm devices

- changes from Vladimir's comments:
  1) print better message, "failed to get file size for %s, can't create
 backend on it", if any file operation filed to obtain file size

- others:
  create a git repo on github.com for better review/test

Also, thanks for Eric Blake's review on QAPI's side.

Thank all of you to review this patchset.

Changelog in v3:
There is huge change in this version, thank Igor, 

[Qemu-devel] [PATCH v9 3/5] nvdimm acpi: build ACPI NFIT table

[Xiao Guangrong]

NFIT is defined in ACPI 6.0: 5.2.25 NVDIMM Firmware Interface Table (NFIT)

Currently, we only support PMEM mode. Each device has 3 structures:
- SPA structure, defines the PMEM region info

- MEM DEV structure, it has the @handle which is used to associate specified
  ACPI NVDIMM  device we will introduce in later patch.
  Also we can happily ignored the memory device's interleave, the real
  nvdimm hardware access is hidden behind host

- DCR structure, it defines vendor ID used to associate specified vendor
  nvdimm driver. Since we only implement PMEM mode this time, Command
  window and Data window are not needed

The NVDIMM functionality is controlled by the parameter, 'nvdimm', which
is introduced for the machine, there is a example to enable it:
-machine pc,nvdimm -m 8G,maxmem=100G,slots=100  -object \
memory-backend-file,id=mem1,share,mem-path=/tmp/nvdimm1,size=10G -device \
nvdimm,memdev=mem1,id=nv1

It is disabled on default

Reviewed-by: Stefan Hajnoczi 
Signed-off-by: Xiao Guangrong 
---
 default-configs/i386-softmmu.mak   |   1 +
 default-configs/x86_64-softmmu.mak |   1 +
 hw/acpi/Makefile.objs  |   1 +
 hw/acpi/nvdimm.c   | 382 +
 hw/i386/acpi-build.c   |  12 ++
 hw/i386/pc.c   |  19 ++
 include/hw/i386/pc.h   |   2 +
 include/hw/mem/nvdimm.h|   3 +
 qemu-options.hx|   5 +-
 9 files changed, 425 insertions(+), 1 deletion(-)
 create mode 100644 hw/acpi/nvdimm.c

diff --git a/default-configs/i386-softmmu.mak b/default-configs/i386-softmmu.mak
index 4c79d3b..53fb517 100644
--- a/default-configs/i386-softmmu.mak
+++ b/default-configs/i386-softmmu.mak
@@ -47,6 +47,7 @@ CONFIG_IOAPIC=y
 CONFIG_PVPANIC=y
 CONFIG_MEM_HOTPLUG=y
 CONFIG_NVDIMM=y
+CONFIG_ACPI_NVDIMM=y
 CONFIG_XIO3130=y
 CONFIG_IOH3420=y
 CONFIG_I82801B11=y
diff --git a/default-configs/x86_64-softmmu.mak 
b/default-configs/x86_64-softmmu.mak
index e42d2fc..766c27c 100644
--- a/default-configs/x86_64-softmmu.mak
+++ b/default-configs/x86_64-softmmu.mak
@@ -47,6 +47,7 @@ CONFIG_IOAPIC=y
 CONFIG_PVPANIC=y
 CONFIG_MEM_HOTPLUG=y
 CONFIG_NVDIMM=y
+CONFIG_ACPI_NVDIMM=y
 CONFIG_XIO3130=y
 CONFIG_IOH3420=y
 CONFIG_I82801B11=y
diff --git a/hw/acpi/Makefile.objs b/hw/acpi/Makefile.objs
index 7d3230c..095597f 100644
--- a/hw/acpi/Makefile.objs
+++ b/hw/acpi/Makefile.objs
@@ -2,6 +2,7 @@ common-obj-$(CONFIG_ACPI_X86) += core.o piix4.o pcihp.o
 common-obj-$(CONFIG_ACPI_X86_ICH) += ich9.o tco.o
 common-obj-$(CONFIG_ACPI_CPU_HOTPLUG) += cpu_hotplug.o
 common-obj-$(CONFIG_ACPI_MEMORY_HOTPLUG) += memory_hotplug.o
+common-obj-$(CONFIG_ACPI_NVDIMM) += nvdimm.o
 common-obj-$(CONFIG_ACPI) += acpi_interface.o
 common-obj-$(CONFIG_ACPI) += bios-linker-loader.o
 common-obj-$(CONFIG_ACPI) += aml-build.o
diff --git a/hw/acpi/nvdimm.c b/hw/acpi/nvdimm.c
new file mode 100644
index 000..98c004d
--- /dev/null
+++ b/hw/acpi/nvdimm.c
@@ -0,0 +1,382 @@
+/*
+ * NVDIMM ACPI Implementation
+ *
+ * Copyright(C) 2015 Intel Corporation.
+ *
+ * Author:
+ *  Xiao Guangrong 
+ *
+ * NFIT is defined in ACPI 6.0: 5.2.25 NVDIMM Firmware Interface Table (NFIT)
+ * and the DSM specification can be found at:
+ *   http://pmem.io/documents/NVDIMM_DSM_Interface_Example.pdf
+ *
+ * Currently, it only supports PMEM Virtualization.
+ *
+ * This library is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public
+ * License as published by the Free Software Foundation; either
+ * version 2 of the License, or (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this library; if not, see 
+ */
+
+#include "hw/acpi/acpi.h"
+#include "hw/acpi/aml-build.h"
+#include "hw/mem/nvdimm.h"
+
+static int nvdimm_plugged_device_list(Object *obj, void *opaque)
+{
+GSList **list = opaque;
+
+if (object_dynamic_cast(obj, TYPE_NVDIMM)) {
+DeviceState *dev = DEVICE(obj);
+
+if (dev->realized) { /* only realized NVDIMMs matter */
+*list = g_slist_append(*list, DEVICE(obj));
+}
+}
+
+object_child_foreach(obj, nvdimm_plugged_device_list, opaque);
+return 0;
+}
+
+/*
+ * inquire plugged NVDIMM devices and link them into the list which is
+ * returned to the caller.
+ *
+ * Note: it is the caller's responsibility to free the list to avoid
+ * memory leak.
+ */
+static GSList *nvdimm_get_plugged_device_list(void)
+{
+GSList *list = NULL;
+
+object_child_foreach(qdev_get_machine(), 

[Qemu-devel] [PATCH v9 2/5] acpi: support specified oem table id for build_header

[Xiao Guangrong]

Let build_header() support specified OEM table id so that we can build
multiple SSDT later

If the oem table id is not specified (aka, NULL), we use the default id
instead as the previous behavior

Reviewed-by: Stefan Hajnoczi 
Signed-off-by: Xiao Guangrong 
---
 hw/acpi/aml-build.c | 15 +++
 hw/arm/virt-acpi-build.c| 13 +++--
 hw/i386/acpi-build.c| 20 ++--
 include/hw/acpi/aml-build.h |  3 ++-
 4 files changed, 30 insertions(+), 21 deletions(-)

diff --git a/hw/acpi/aml-build.c b/hw/acpi/aml-build.c
index a00a0ab..92873bb 100644
--- a/hw/acpi/aml-build.c
+++ b/hw/acpi/aml-build.c
@@ -1137,14 +1137,21 @@ Aml *aml_unicode(const char *str)
 
 void
 build_header(GArray *linker, GArray *table_data,
- AcpiTableHeader *h, const char *sig, int len, uint8_t rev)
+ AcpiTableHeader *h, const char *sig, int len, uint8_t rev,
+ const char *oem_table_id)
 {
 memcpy(>signature, sig, 4);
 h->length = cpu_to_le32(len);
 h->revision = rev;
 memcpy(h->oem_id, ACPI_BUILD_APPNAME6, 6);
-memcpy(h->oem_table_id, ACPI_BUILD_APPNAME4, 4);
-memcpy(h->oem_table_id + 4, sig, 4);
+
+if (oem_table_id) {
+strncpy((char *)h->oem_table_id, oem_table_id, 
sizeof(h->oem_table_id));
+} else {
+memcpy(h->oem_table_id, ACPI_BUILD_APPNAME4, 4);
+memcpy(h->oem_table_id + 4, sig, 4);
+}
+
 h->oem_revision = cpu_to_le32(1);
 memcpy(h->asl_compiler_id, ACPI_BUILD_APPNAME4, 4);
 h->asl_compiler_revision = cpu_to_le32(1);
@@ -1211,5 +1218,5 @@ build_rsdt(GArray *table_data, GArray *linker, GArray 
*table_offsets)
sizeof(uint32_t));
 }
 build_header(linker, table_data,
- (void *)rsdt, "RSDT", rsdt_len, 1);
+ (void *)rsdt, "RSDT", rsdt_len, 1, NULL);
 }
diff --git a/hw/arm/virt-acpi-build.c b/hw/arm/virt-acpi-build.c
index 3c2c5d6..da17779 100644
--- a/hw/arm/virt-acpi-build.c
+++ b/hw/arm/virt-acpi-build.c
@@ -381,7 +381,8 @@ build_spcr(GArray *table_data, GArray *linker, 
VirtGuestInfo *guest_info)
 spcr->pci_device_id = 0x;  /* PCI Device ID: not a PCI device */
 spcr->pci_vendor_id = 0x;  /* PCI Vendor ID: not a PCI device */
 
-build_header(linker, table_data, (void *)spcr, "SPCR", sizeof(*spcr), 2);
+build_header(linker, table_data, (void *)spcr, "SPCR", sizeof(*spcr), 2,
+ NULL);
 }
 
 static void
@@ -400,7 +401,7 @@ build_mcfg(GArray *table_data, GArray *linker, 
VirtGuestInfo *guest_info)
 mcfg->allocation[0].end_bus_number = (memmap[VIRT_PCIE_ECAM].size
   / PCIE_MMCFG_SIZE_MIN) - 1;
 
-build_header(linker, table_data, (void *)mcfg, "MCFG", len, 1);
+build_header(linker, table_data, (void *)mcfg, "MCFG", len, 1, NULL);
 }
 
 /* GTDT */
@@ -426,7 +427,7 @@ build_gtdt(GArray *table_data, GArray *linker)
 
 build_header(linker, table_data,
  (void *)(table_data->data + gtdt_start), "GTDT",
- table_data->len - gtdt_start, 2);
+ table_data->len - gtdt_start, 2, NULL);
 }
 
 /* MADT */
@@ -488,7 +489,7 @@ build_madt(GArray *table_data, GArray *linker, 
VirtGuestInfo *guest_info,
 
 build_header(linker, table_data,
  (void *)(table_data->data + madt_start), "APIC",
- table_data->len - madt_start, 3);
+ table_data->len - madt_start, 3, NULL);
 }
 
 /* FADT */
@@ -513,7 +514,7 @@ build_fadt(GArray *table_data, GArray *linker, unsigned 
dsdt)
sizeof fadt->dsdt);
 
 build_header(linker, table_data,
- (void *)fadt, "FACP", sizeof(*fadt), 5);
+ (void *)fadt, "FACP", sizeof(*fadt), 5, NULL);
 }
 
 /* DSDT */
@@ -546,7 +547,7 @@ build_dsdt(GArray *table_data, GArray *linker, 
VirtGuestInfo *guest_info)
 g_array_append_vals(table_data, dsdt->buf->data, dsdt->buf->len);
 build_header(linker, table_data,
 (void *)(table_data->data + table_data->len - dsdt->buf->len),
-"DSDT", dsdt->buf->len, 2);
+"DSDT", dsdt->buf->len, 2, NULL);
 free_aml_allocator();
 }
 
diff --git a/hw/i386/acpi-build.c b/hw/i386/acpi-build.c
index 95e0c65..215b58c 100644
--- a/hw/i386/acpi-build.c
+++ b/hw/i386/acpi-build.c
@@ -361,7 +361,7 @@ build_fadt(GArray *table_data, GArray *linker, AcpiPmInfo 
*pm,
 fadt_setup(fadt, pm);
 
 build_header(linker, table_data,
- (void *)fadt, "FACP", sizeof(*fadt), 1);
+ (void *)fadt, "FACP", sizeof(*fadt), 1, NULL);
 }
 
 static void
@@ -431,7 +431,7 @@ build_madt(GArray *table_data, GArray *linker, AcpiCpuInfo 
*cpu,
 
 build_header(linker, table_data,
  (void *)(table_data->data + madt_start), "APIC",
- table_data->len - madt_start, 1);
+ table_data->len - 

Re: [Qemu-devel] [PATCH v4 06/11] dump-guest-memory: disable dump when in INMIGRATE state

[Peter Xu]

On Wed, Dec 02, 2015 at 08:50:48AM +0800, Fam Zheng wrote:
> On Tue, 12/01 21:28, Peter Xu wrote:
> >  /* if there is a dump in background, we should wait until the dump
> >   * finished */
> >  if (dump_in_progress()) {
> >  error_setg(errp, "There is a dump in process, please wait.");
> >  return;
> >  }
> > -
> 
> Blank line change, please drop.

Ok.

Thanks.
Peter

> 
> Fam

[Qemu-devel] [PATCH v9 4/5] nvdimm acpi: build ACPI nvdimm devices

[Xiao Guangrong]

NVDIMM devices is defined in ACPI 6.0 9.20 NVDIMM Devices

There is a root device under \_SB and specified NVDIMM devices are under the
root device. Each NVDIMM device has _ADR which returns its handle used to
associate MEMDEV structure in NFIT

Currently, we do not support any function on _DSM, that means, NVDIMM
label data has not been supported yet

Reviewed-by: Stefan Hajnoczi 
Signed-off-by: Xiao Guangrong 
---
 hw/acpi/nvdimm.c | 106 +++
 1 file changed, 106 insertions(+)

diff --git a/hw/acpi/nvdimm.c b/hw/acpi/nvdimm.c
index 98c004d..d2fad01 100644
--- a/hw/acpi/nvdimm.c
+++ b/hw/acpi/nvdimm.c
@@ -367,6 +367,111 @@ static void nvdimm_build_nfit(GSList *device_list, GArray 
*table_offsets,
 g_array_free(structures, true);
 }
 
+#define NVDIMM_COMMON_DSM  "NCAL"
+
+static void nvdimm_build_common_dsm(Aml *dev)
+{
+Aml *method, *ifctx, *function;
+uint8_t byte_list[1];
+
+method = aml_method(NVDIMM_COMMON_DSM, 4);
+function = aml_arg(2);
+
+/*
+ * function 0 is called to inquire what functions are supported by
+ * OSPM
+ */
+ifctx = aml_if(aml_equal(function, aml_int(0)));
+byte_list[0] = 0 /* No function Supported */;
+aml_append(ifctx, aml_return(aml_buffer(1, byte_list)));
+aml_append(method, ifctx);
+
+/* No function is supported yet. */
+byte_list[0] = 1 /* Not Supported */;
+aml_append(method, aml_return(aml_buffer(1, byte_list)));
+
+aml_append(dev, method);
+}
+
+static void nvdimm_build_device_dsm(Aml *dev)
+{
+Aml *method;
+
+method = aml_method("_DSM", 4);
+aml_append(method, aml_return(aml_call4(NVDIMM_COMMON_DSM, aml_arg(0),
+  aml_arg(1), aml_arg(2), aml_arg(3;
+aml_append(dev, method);
+}
+
+static void nvdimm_build_nvdimm_devices(GSList *device_list, Aml *root_dev)
+{
+for (; device_list; device_list = device_list->next) {
+DeviceState *dev = device_list->data;
+int slot = object_property_get_int(OBJECT(dev), PC_DIMM_SLOT_PROP,
+   NULL);
+uint32_t handle = nvdimm_slot_to_handle(slot);
+Aml *nvdimm_dev;
+
+nvdimm_dev = aml_device("NV%02X", slot);
+
+/*
+ * ACPI 6.0: 9.20 NVDIMM Devices:
+ *
+ * _ADR object that is used to supply OSPM with unique address
+ * of the NVDIMM device. This is done by returning the NFIT Device
+ * handle that is used to identify the associated entries in ACPI
+ * table NFIT or _FIT.
+ */
+aml_append(nvdimm_dev, aml_name_decl("_ADR", aml_int(handle)));
+
+nvdimm_build_device_dsm(nvdimm_dev);
+aml_append(root_dev, nvdimm_dev);
+}
+}
+
+static void nvdimm_build_ssdt(GSList *device_list, GArray *table_offsets,
+  GArray *table_data, GArray *linker)
+{
+Aml *ssdt, *sb_scope, *dev;
+
+acpi_add_table(table_offsets, table_data);
+
+ssdt = init_aml_allocator();
+acpi_data_push(ssdt->buf, sizeof(AcpiTableHeader));
+
+sb_scope = aml_scope("\\_SB");
+
+dev = aml_device("NVDR");
+
+/*
+ * ACPI 6.0: 9.20 NVDIMM Devices:
+ *
+ * The ACPI Name Space device uses _HID of ACPI0012 to identify the root
+ * NVDIMM interface device. Platform firmware is required to contain one
+ * such device in _SB scope if NVDIMMs support is exposed by platform to
+ * OSPM.
+ * For each NVDIMM present or intended to be supported by platform,
+ * platform firmware also exposes an ACPI Namespace Device under the
+ * root device.
+ */
+aml_append(dev, aml_name_decl("_HID", aml_string("ACPI0012")));
+
+nvdimm_build_common_dsm(dev);
+nvdimm_build_device_dsm(dev);
+
+nvdimm_build_nvdimm_devices(device_list, dev);
+
+aml_append(sb_scope, dev);
+
+aml_append(ssdt, sb_scope);
+/* copy AML table into ACPI tables blob and patch header there */
+g_array_append_vals(table_data, ssdt->buf->data, ssdt->buf->len);
+build_header(linker, table_data,
+(void *)(table_data->data + table_data->len - ssdt->buf->len),
+"SSDT", ssdt->buf->len, 1, "NVDIMM");
+free_aml_allocator();
+}
+
 void nvdimm_build_acpi(GArray *table_offsets, GArray *table_data,
GArray *linker)
 {
@@ -378,5 +483,6 @@ void nvdimm_build_acpi(GArray *table_offsets, GArray 
*table_data,
 return;
 }
 nvdimm_build_nfit(device_list, table_offsets, table_data, linker);
+nvdimm_build_ssdt(device_list, table_offsets, table_data, linker);
 g_slist_free(device_list);
 }
-- 
1.8.3.1

[Qemu-devel] [PATCH v9 5/5] nvdimm: add maintain info

[Xiao Guangrong]

Add NVDIMM maintainer

Reviewed-by: Stefan Hajnoczi 
Signed-off-by: Xiao Guangrong 
---
 MAINTAINERS | 7 +++
 1 file changed, 7 insertions(+)

diff --git a/MAINTAINERS b/MAINTAINERS
index bb1f3e4..7e82340 100644
--- a/MAINTAINERS
+++ b/MAINTAINERS
@@ -940,6 +940,13 @@ M: Jiri Pirko 
 S: Maintained
 F: hw/net/rocker/
 
+NVDIMM
+M: Xiao Guangrong 
+S: Maintained
+F: hw/acpi/nvdimm.c
+F: hw/mem/nvdimm.c
+F: include/hw/mem/nvdimm.h
+
 Subsystems
 --
 Audio
-- 
1.8.3.1

Re: [Qemu-devel] [Patch v12 00/10] Block replication for continuous checkpoints

[Wen Congyang]

On 12/02/2015 09:00 AM, Wen Congyang wrote:
> On 12/01/2015 06:40 PM, Dr. David Alan Gilbert wrote:
>> * Wen Congyang (we...@cn.fujitsu.com) wrote:
>>> Block replication is a very important feature which is used for
>>> continuous checkpoints(for example: COLO).
>>>
>>> You can get the detailed information about block replication from here:
>>> http://wiki.qemu.org/Features/BlockReplication
>>>
>>> Usage:
>>> Please refer to docs/block-replication.txt
>>>
>>> This patch series is based on the following patch series:
>>> 1. http://lists.nongnu.org/archive/html/qemu-devel/2015-11/msg04949.html
>>> 2. http://lists.nongnu.org/archive/html/qemu-devel/2015-11/msg06043.html
>>>
>>> You can get the patch here:
>>> https://github.com/coloft/qemu/tree/wency/block-replication-v12
>>>
>>> You can get the patch with framework here:
>>> https://github.com/coloft/qemu/tree/wency/colo_framework_v11.2
>>
>> Neither of these links work for me, and I see that  only messages 0..7 in the
>> series hit the list.
> 
> I forgot to push it to github...
> And I also received the messages 0..7, and I don't know what's wrong...

The reason is that: git send-email has a bug:
http://permalink.gmane.org/gmane.comp.version-control.git/274569

Thanks
Wen Congyang

> 
> I will push it to github, and resend them.
> 
> Thanks
> Wen Congyang
> 
>>
>> Dave
>>
>>>
>>> TODO:
>>> 1. Continuous block replication. It will be started after basic functions
>>>are accepted.
>>>
>>> Changs Log:
>>> V12:
>>> 1. Rebase to the newest codes
>>> 2. Use backing reference to replcace 'allow-write-backing-file'
>>> V11:
>>> 1. Reopen the backing file when starting blcok replication if it is not
>>>opened in R/W mode
>>> 2. Unblock BLOCK_OP_TYPE_BACKUP_SOURCE and BLOCK_OP_TYPE_BACKUP_TARGET
>>>when opening backing file
>>> 3. Block the top BDS so there is only one block job for the top BDS and
>>>its backing chain.
>>> V10:
>>> 1. Use blockdev-remove-medium and blockdev-insert-medium to replace backing
>>>reference.
>>> 2. Address the comments from Eric Blake
>>> V9:
>>> 1. Update the error messages
>>> 2. Rebase to the newest qemu
>>> 3. Split child add/delete support. These patches are sent in another 
>>> patchset.
>>> V8:
>>> 1. Address Alberto Garcia's comments
>>> V7:
>>> 1. Implement adding/removing quorum child. Remove the option non-connect.
>>> 2. Simplify the backing refrence option according to Stefan Hajnoczi's 
>>> suggestion
>>> V6:
>>> 1. Rebase to the newest qemu.
>>> V5:
>>> 1. Address the comments from Gong Lei
>>> 2. Speed the failover up. The secondary vm can take over very quickly even
>>>if there are too many I/O requests.
>>> V4:
>>> 1. Introduce a new driver replication to avoid touch nbd and qcow2.
>>> V3:
>>> 1: use error_setg() instead of error_set()
>>> 2. Add a new block job API
>>> 3. Active disk, hidden disk and nbd target uses the same AioContext
>>> 4. Add a testcase to test new hbitmap API
>>> V2:
>>> 1. Redesign the secondary qemu(use image-fleecing)
>>> 2. Use Error objects to return error message
>>> 3. Address the comments from Max Reitz and Eric Blake
>>>
>>> Wen Congyang (10):
>>>   unblock backup operations in backing file
>>>   Store parent BDS in BdrvChild
>>>   Backup: clear all bitmap when doing block checkpoint
>>>   Allow creating backup jobs when opening BDS
>>>   docs: block replication's description
>>>   Add new block driver interfaces to control block replication
>>>   quorum: implement block driver interfaces for block replication
>>>   Implement new driver for block replication
>>>   support replication driver in blockdev-add
>>>   Add a new API to start/stop replication, do checkpoint to all BDSes
>>>
>>>  block.c| 145 
>>>  block/Makefile.objs|   3 +-
>>>  block/backup.c |  14 ++
>>>  block/quorum.c |  78 +++
>>>  block/replication.c| 549 
>>> +
>>>  blockjob.c |  11 +
>>>  docs/block-replication.txt | 227 +++
>>>  include/block/block.h  |   9 +
>>>  include/block/block_int.h  |  15 ++
>>>  include/block/blockjob.h   |  12 +
>>>  qapi/block-core.json   |  34 ++-
>>>  11 files changed, 1093 insertions(+), 4 deletions(-)
>>>  create mode 100644 block/replication.c
>>>  create mode 100644 docs/block-replication.txt
>>>
>>> -- 
>>> 2.5.0
>>>
>>>
>>>
>> --
>> Dr. David Alan Gilbert / dgilb...@redhat.com / Manchester, UK
>>
>>
>> .
>>
> 
> 
> 
> 
> .
> 

Re: [Qemu-devel] [PATCH] vhost-user: verify that number of queues is non-zero

[Jason Wang]

On 12/01/2015 09:32 PM, Victor Kaplansky wrote:
> Fix QEMU crash when -netdev type=vhost-user,queues=n is passed
> with zero number of queues.
>
> Signed-off-by: Victor Kaplansky 
> ---
>  net/vhost-user.c | 5 +
>  1 file changed, 5 insertions(+)
>
> diff --git a/net/vhost-user.c b/net/vhost-user.c
> index 5071602..b368a90 100644
> --- a/net/vhost-user.c
> +++ b/net/vhost-user.c
> @@ -316,6 +316,11 @@ int net_init_vhost_user(const NetClientOptions *opts, 
> const char *name,
>  }
>  
>  queues = vhost_user_opts->has_queues ? vhost_user_opts->queues : 1;
> +if (queues < 1) {
> +error_setg(errp,
> +   "vhost-user number of queues must be bigger than zero");
> +return -1;
> +}
>  
>  return net_vhost_user_init(peer, "vhost_user", name, chr, queues);
>  }

Acked-by: Jason Wang 

Re: [Qemu-devel] Highlighting changes in QEMU 2.5

[Stefan Hajnoczi]

On Tue, Dec 01, 2015 at 11:45:15AM -0500, John Snow wrote:
> On 12/01/2015 07:16 AM, Amit Shah wrote:
> > Ping.
> > 
> > I haven't received any responses so far, please let me know if you're
> > planning on doing this.
> > 
> > Thanks,
> > 
> 
> I did amend the changelog on the wiki for my part, but I don't have
> anything better than a webcam. I have hunches that hewn together grainy
> webcam footage won't make for a very compelling video...

Perhaps Amit is willing to record a segment where he covers subsystems
where the maintainer doesn't want to produce video?

Stefan


signature.asc
Description: PGP signature

[Qemu-devel] scripts/gdb: Fix a python exception in mtree.py

[Yang Wei]

The following exception is threw:
Python Exception  name 'long' is not defined:
Error occurred in Python command: name 'long' is not defined

In python3, long is rename to int

Signed-off-by: Yang Wei 
---
 scripts/qemugdb/mtree.py | 17 -
 1 file changed, 12 insertions(+), 5 deletions(-)

diff --git a/scripts/qemugdb/mtree.py b/scripts/qemugdb/mtree.py
index 06011c3..460d4b6 100644
--- a/scripts/qemugdb/mtree.py
+++ b/scripts/qemugdb/mtree.py
@@ -16,12 +16,19 @@
 # 'qemu mtree' -- display the memory hierarchy
 
 import gdb
+import sys
 
 def isnull(ptr):
 return ptr == gdb.Value(0).cast(ptr.type)
 
+# PEP 0237: long renamed to int. That is, there is only one built-integral
+# integral type, named int; but it behaves mostly like the old long type.
+# https://docs.python.org/3.3/whatsnew/3.0.html#integers
+def intptr(p):
+return long(p) if sys.version_info.major == 2 else int(p)
+
 def int128(p):
-return long(p['lo']) + (long(p['hi']) << 64)
+return intptr(p['lo']) + (intptr(p['hi']) << 64)
 
 class MtreeCommand(gdb.Command):
 '''Display the memory tree hierarchy'''
@@ -40,11 +47,11 @@ class MtreeCommand(gdb.Command):
 def process_queue(self):
 while self.queue:
 ptr = self.queue.pop(0)
-if long(ptr) in self.seen:
+if intptr(ptr) in self.seen:
 continue
 self.print_item(ptr)
 def print_item(self, ptr, offset = gdb.Value(0), level = 0):
-self.seen.add(long(ptr))
+self.seen.add(intptr(ptr))
 addr = ptr['addr']
 addr += offset
 size = int128(ptr['size'])
@@ -58,8 +65,8 @@ class MtreeCommand(gdb.Command):
 klass = ' (RAM)'
 gdb.write('%s%016x-%016x %s%s (@ %s)\n'
   % ('  ' * level,
- long(addr),
- long(addr + (size - 1)),
+ intptr(addr),
+ intptr(addr + (size - 1)),
  ptr['name'].string(),
  klass,
  ptr,
-- 
1.9.1

Re: [Qemu-devel] [PATCH v5 04/10] cpu: Reclaim vCPU objects

[Bharata B Rao]

On Mon, Nov 30, 2015 at 06:30:52PM +1100, Alexey Kardashevskiy wrote:
> On 11/20/2015 11:54 PM, Bharata B Rao wrote:
> >From: Gu Zheng 
> >
> >In order to deal well with the kvm vcpus (which can not be removed without 
> >any
> >protection), we do not close KVM vcpu fd, just record and mark it as stopped
> >into a list, so that we can reuse it for the appending cpu hot-add request if
> >possible. It is also the approach that kvm guys suggested:
> >https://www.mail-archive.com/kvm@vger.kernel.org/msg102839.html
> >
> >Signed-off-by: Chen Fan 
> >Signed-off-by: Gu Zheng 
> >Signed-off-by: Zhu Guihua 
> >Signed-off-by: Bharata B Rao 
> >[- Explicit CPU_REMOVE() from qemu_kvm/tcg_destroy_vcpu()
> >   isn't needed as it is done from cpu_exec_exit()]
> >Reviewed-by: David Gibson 
> >---
> >  cpus.c   | 41 +
> >  include/qom/cpu.h| 10 +
> >  include/sysemu/kvm.h |  1 +
> >  kvm-all.c| 57 
> > +++-
> >  kvm-stub.c   |  5 +
> >  5 files changed, 113 insertions(+), 1 deletion(-)
> >
> >diff --git a/cpus.c b/cpus.c
> >index 877bd70..af2b274 100644
> >--- a/cpus.c
> >+++ b/cpus.c
> >@@ -953,6 +953,21 @@ void async_run_on_cpu(CPUState *cpu, void (*func)(void 
> >*data), void *data)
> >  qemu_cpu_kick(cpu);
> >  }
> >
> >+static void qemu_kvm_destroy_vcpu(CPUState *cpu)
> >+{
> >+if (kvm_destroy_vcpu(cpu) < 0) {
> >+error_report("kvm_destroy_vcpu failed.\n");
> >+exit(EXIT_FAILURE);
> >+}
> >+
> >+object_unparent(OBJECT(cpu));
> >+}
> >+
> >+static void qemu_tcg_destroy_vcpu(CPUState *cpu)
> >+{
> >+object_unparent(OBJECT(cpu));
> >+}
> >+
> >  static void flush_queued_work(CPUState *cpu)
> >  {
> >  struct qemu_work_item *wi;
> >@@ -1053,6 +1068,11 @@ static void *qemu_kvm_cpu_thread_fn(void *arg)
> >  }
> >  }
> >  qemu_kvm_wait_io_event(cpu);
> >+if (cpu->exit && !cpu_can_run(cpu)) {
> >+qemu_kvm_destroy_vcpu(cpu);
> >+qemu_mutex_unlock(_global_mutex);
> 
> 
> Nit: qemu_mutex_unlock_iothread() may be? Or it is important for
> iothread_locked to remain "true"? It does not seem to be used much though.

This patch is quite old and qemu_global_mutex got changed to
qemu_mutex_unlock_iothread() some time ago in this part of the code.

Thanks for noticing this, will fix this in next version.

Regards,
Bharata.

[Qemu-devel] [PATCH v14 04/15] qapi: Simplify visiting of alternate types

[Eric Blake]

Previously, working with alternates required two lookup arrays
and some indirection: for type Foo, we created Foo_qtypes[]
which maps each qtype to a value of the generated FooKind enum,
then look up that value in FooKind_lookup[] like we do for other
union types.

This has a couple of subtle bugs.  First, the generator was
creating a call with a parameter '(int *) &(*obj)->type' where
type is an enum type; this is unsafe if the compiler chooses
to store the enum type in a different size than int, where
assigning through the wrong size pointer can corrupt data or
cause a SIGBUS.

Related bug, not not fixed in this patch: qapi-visit.py's
gen_visit_enum() generates a cast of its enum * argument to
int *. Marked FIXME.

Second, since the values of the FooKind enum start at zero, all
entries of the Foo_qtypes[] array that were not explicitly
initialized will map to the same branch of the union as the
first member of the alternate, rather than triggering a desired
failure in visit_get_next_type().  Fortunately, the bug seldom
bites; the very next thing the input visitor does is try to
parse the incoming JSON with the wrong parser, which normally
fails; the output visitor is not used with a C struct in that
state, and the dealloc visitor has nothing to clean up (so
there is no leak).

However, the second bug IS observable in one case: parsing an
integer causes unusual behavior in an alternate that contains
at least a 'number' member but no 'int' member, because the
'number' parser accepts QTYPE_QINT in addition to the expected
QTYPE_QFLOAT (that is, since 'int' is not a member, the type
QTYPE_QINT accidentally maps to FooKind 0; if this enum value
is the 'number' branch the integer parses successfully, but if
the 'number' branch is not first, some other branch tries to
parse the integer and rejects it).  A later patch will worry
about fixing alternates to always parse all inputs that a
non-alternate 'number' would accept, for now this is still
marked FIXME in the updated test-qmp-input-visitor.c, to
merely point out that new undesired behavior of 'ans' matches
the existing undesired behavior of 'asn'.

This patch fixes the default-initialization bug by deleting the
indirection, and modifying get_next_type() to directly assign a
QTypeCode parameter.  This in turn fixes the type-casting bug,
as we are no longer casting a pointer to enum to a questionable
size. There is no longer a need to generate an implicit FooKind
enum associated with the alternate type (since the QMP wire
format never uses the stringized counterparts of the C union
member names).  Since the updated visit_get_next_type() does not
know which qtypes are expected, the generated visitor is
modified to generate an error statement if an unexpected type is
encountered.

Callers now have to know the QTYPE_* mapping when looking at the
discriminator; but so far, only the testsuite was even using the
C struct of an alternate types.  I considered the possibility of
keeping the internal enum FooKind, but initialized differently
than most generated arrays, as in:
  typedef enum FooKind {
  FOO_KIND_A = QTYPE_QDICT,
  FOO_KIND_B = QTYPE_QINT,
  } FooKind;
to create nicer aliases for knowing when to use foo->a or foo->b
when inspecting foo->type; but it turned out to add too much
complexity, especially without a client.

There is a user-visible side effect to this change, but I
consider it to be an improvement. Previously,
the invalid QMP command:
  {"execute":"blockdev-add", "arguments":{"options":
{"driver":"raw", "id":"a", "file":true}}}
failed with:
  {"error": {"class": "GenericError",
"desc": "Invalid parameter type for 'file', expected: QDict"}}
(visit_get_next_type() succeeded, and the error comes from the
visit_type_BlockdevOptions() expecting {}; there is no mention of
the fact that a string would also work).  Now it fails with:
  {"error": {"class": "GenericError",
"desc": "Invalid parameter type for 'file', expected: BlockdevRef"}}
(the error when the next type doesn't match any expected types for
the overall alternate).

Signed-off-by: Eric Blake 

---
v14: typo fix
v13: touch up commit message and add FIXME
v12: rebase to earlier 'max' collision avoidance, some variable renames
v11 (no v10): rebase to new QTypeCode, with fewer special cases; tweak
commit message to match
v9: rebase to earlier changes, rework commit message to mention second
bug fix; move positive test in qapi-schema-test to later patch
v8: no change
v7: rebase onto earlier changes, rework how subtype makes things work
v6: rebase onto tag_member subclass, testsuite, gen_err_check(),
and info improvements
---
 docs/qapi-code-gen.txt |  3 ---
 include/qapi/visitor-impl.h|  3 ++-
 include/qapi/visitor.h |  8 +++-
 qapi/qapi-visit-core.c |  4 ++--
 qapi/qmp-input-visitor.c   |  4 ++--
 scripts/qapi-types.py  | 34 --
 

[Qemu-devel] [PATCH v14 07/15] qapi: Fix alternates that accept 'number' but not 'int'

[Eric Blake]

The QMP input visitor allows integral values to be assigned by
promotion to a QTYPE_QFLOAT.  However, when parsing an alternate,
we did not take this into account, such that an alternate that
accepts 'number' and some other type, but not 'int', would reject
integral values.

With this patch, we now have the following desirable table:

alternate has  case selected for
'int'  'number'QTYPE_QINT  QTYPE_QFLOAT
  nono error   error
  no   yes 'number''number'
 yesno 'int'   error
 yes   yes 'int'   'number'

While it is unlikely that we will ever use 'number' in an
alternate other than in the testsuite, it never hurts to be
more precise in what we allow.

Signed-off-by: Eric Blake 

---
v14: no change
v13: no change
v12: rebase to QType cleanups
v11 (no v10): slight commit message tweak, rebase to earlier changes
v9: rebase to earlier changes
v8: no change
v7: rebase to named .u union
v6: rebase onto earlier testsuite and gen_err_check() improvements
---
 include/qapi/visitor-impl.h|  2 +-
 include/qapi/visitor.h |  3 ++-
 qapi/qapi-visit-core.c |  4 ++--
 qapi/qmp-input-visitor.c   |  5 -
 scripts/qapi-visit.py  | 11 +++
 tests/test-qmp-input-visitor.c | 16 ++--
 6 files changed, 22 insertions(+), 19 deletions(-)

diff --git a/include/qapi/visitor-impl.h b/include/qapi/visitor-impl.h
index 7cd1313..7419684 100644
--- a/include/qapi/visitor-impl.h
+++ b/include/qapi/visitor-impl.h
@@ -33,7 +33,7 @@ struct Visitor
 void (*type_enum)(Visitor *v, int *obj, const char * const strings[],
   const char *kind, const char *name, Error **errp);
 /* May be NULL; only needed for input visitors. */
-void (*get_next_type)(Visitor *v, QType *type,
+void (*get_next_type)(Visitor *v, QType *type, bool promote_int,
   const char *name, Error **errp);

 void (*type_int)(Visitor *v, int64_t *obj, const char *name, Error **errp);
diff --git a/include/qapi/visitor.h b/include/qapi/visitor.h
index 6d25ad2..1414de1 100644
--- a/include/qapi/visitor.h
+++ b/include/qapi/visitor.h
@@ -43,8 +43,9 @@ void visit_optional(Visitor *v, bool *present, const char 
*name,
  * Determine the qtype of the item @name in the current object visit.
  * For input visitors, set *@type to the correct qtype of a qapi
  * alternate type; for other visitors, leave *@type unchanged.
+ * If @promote_int, treat integers as QTYPE_FLOAT.
  */
-void visit_get_next_type(Visitor *v, QType *type,
+void visit_get_next_type(Visitor *v, QType *type, bool promote_int,
  const char *name, Error **errp);
 void visit_type_enum(Visitor *v, int *obj, const char * const strings[],
  const char *kind, const char *name, Error **errp);
diff --git a/qapi/qapi-visit-core.c b/qapi/qapi-visit-core.c
index 850ca03..cee76bc 100644
--- a/qapi/qapi-visit-core.c
+++ b/qapi/qapi-visit-core.c
@@ -81,11 +81,11 @@ void visit_optional(Visitor *v, bool *present, const char 
*name,
 }
 }

-void visit_get_next_type(Visitor *v, QType *type,
+void visit_get_next_type(Visitor *v, QType *type, bool promote_int,
  const char *name, Error **errp)
 {
 if (v->get_next_type) {
-v->get_next_type(v, type, name, errp);
+v->get_next_type(v, type, promote_int, name, errp);
 }
 }

diff --git a/qapi/qmp-input-visitor.c b/qapi/qmp-input-visitor.c
index d398de7..26b7414 100644
--- a/qapi/qmp-input-visitor.c
+++ b/qapi/qmp-input-visitor.c
@@ -208,7 +208,7 @@ static void qmp_input_end_list(Visitor *v, Error **errp)
 qmp_input_pop(qiv, errp);
 }

-static void qmp_input_get_next_type(Visitor *v, QType *type,
+static void qmp_input_get_next_type(Visitor *v, QType *type, bool promote_int,
 const char *name, Error **errp)
 {
 QmpInputVisitor *qiv = to_qiv(v);
@@ -219,6 +219,9 @@ static void qmp_input_get_next_type(Visitor *v, QType *type,
 return;
 }
 *type = qobject_type(qobj);
+if (promote_int && *type == QTYPE_QINT) {
+*type = QTYPE_QFLOAT;
+}
 }

 static void qmp_input_type_int(Visitor *v, int64_t *obj, const char *name,
diff --git a/scripts/qapi-visit.py b/scripts/qapi-visit.py
index 4797d6e..b93690b 100644
--- a/scripts/qapi-visit.py
+++ b/scripts/qapi-visit.py
@@ -184,6 +184,11 @@ void visit_type_%(c_name)s(Visitor *v, %(c_name)s *obj, 
const char *name, Error


 def gen_visit_alternate(name, variants):
+promote_int = 'true'
+for var in variants.variants:
+if var.type.alternate_qtype() == 'QTYPE_QINT':
+promote_int = 'false'
+
 ret = mcgen('''

 void visit_type_%(c_name)s(Visitor *v, %(c_name)s **obj, const char *name, 
Error **errp)
@@ -194,16 +199,14 @@ void visit_type_%(c_name)s(Visitor *v, %(c_name)s **obj, 
const char *name, Error
 if (err) {
 goto out;
 }
-

[Qemu-devel] [PATCH v14 14/15] qapi: Move duplicate collision checks to schema check()

[Eric Blake]

With the recent commit 'qapi: Detect collisions in C member
names', we have two different locations for detecting clashes -
one at parse time, and another at QAPISchema*.check() time.
Remove all of the ad hoc parser checks, and delete associated
code (for example, the global check_member_clash() method is
no longer needed).

Testing this showed that the test union-bad-branch wasn't adding
much: union-clash-branches also exposes the error message when
branches collide, and we've recently fixed things to avoid an
implicit collision with max.  Likewise, the error for
enum-clash-member changes to report our new detection of
upper case in a value name, unless we modify the test to use
all lower case.

The wording of several error messages has changed, but the
change is generally an improvement rather than a regression.

No change to generated code.

Signed-off-by: Eric Blake 

---
v14: no change
v13 (no v12): merge two patches into one, fix enum-case-member
v11 (no v10): no change
v9: simplify on top of earlier check() improvements
v8: decide whether to inline members based on union vs. alternate,
not on flat vs. simple, and fix logic to avoid breaking
union-clash-data in the process; add comments; assumes
pull-qapi-2015-10-12 will go in without modifying commit ids
v7: comment improvements, retitle subject
v6: rebase to earlier testsuite improvements, fold in cleanup
of flat-union-clash-type
---
 scripts/qapi.py   | 51 +--
 tests/Makefile|  1 -
 tests/qapi-schema/alternate-clash.err |  2 +-
 tests/qapi-schema/enum-clash-member.err   |  2 +-
 tests/qapi-schema/enum-clash-member.json  |  2 +-
 tests/qapi-schema/flat-union-clash-member.err |  2 +-
 tests/qapi-schema/struct-base-clash-deep.err  |  2 +-
 tests/qapi-schema/struct-base-clash.err   |  2 +-
 tests/qapi-schema/union-bad-branch.err|  1 -
 tests/qapi-schema/union-bad-branch.exit   |  1 -
 tests/qapi-schema/union-bad-branch.json   |  8 -
 tests/qapi-schema/union-bad-branch.out|  0
 tests/qapi-schema/union-clash-branches.err|  2 +-
 tests/qapi-schema/union-clash-branches.json   |  2 +-
 14 files changed, 9 insertions(+), 69 deletions(-)
 delete mode 100644 tests/qapi-schema/union-bad-branch.err
 delete mode 100644 tests/qapi-schema/union-bad-branch.exit
 delete mode 100644 tests/qapi-schema/union-bad-branch.json
 delete mode 100644 tests/qapi-schema/union-bad-branch.out

diff --git a/scripts/qapi.py b/scripts/qapi.py
index 3fc1ff5..0a616fc 100644
--- a/scripts/qapi.py
+++ b/scripts/qapi.py
@@ -520,21 +520,6 @@ def check_type(expr_info, source, value, allow_array=False,
 'enum'])


-def check_member_clash(expr_info, base_name, data, source=""):
-base = find_struct(base_name)
-assert base
-base_members = base['data']
-for key in data.keys():
-if key.startswith('*'):
-key = key[1:]
-if key in base_members or "*" + key in base_members:
-raise QAPIExprError(expr_info,
-"Member name '%s'%s clashes with base '%s'"
-% (key, source, base_name))
-if base.get('base'):
-check_member_clash(expr_info, base['base'], data, source)
-
-
 def check_command(expr, expr_info):
 name = expr['command']

@@ -564,7 +549,6 @@ def check_union(expr, expr_info):
 base = expr.get('base')
 discriminator = expr.get('discriminator')
 members = expr['data']
-values = {}

 # Two types of unions, determined by discriminator.

@@ -611,15 +595,9 @@ def check_union(expr, expr_info):
 for (key, value) in members.items():
 check_name(expr_info, "Member of union '%s'" % name, key)

-# Each value must name a known type; furthermore, in flat unions,
-# branches must be a struct with no overlapping member names
+# Each value must name a known type
 check_type(expr_info, "Member '%s' of union '%s'" % (key, name),
value, allow_array=not base, allow_metas=allow_metas)
-if base:
-branch_struct = find_struct(value)
-assert branch_struct
-check_member_clash(expr_info, base, branch_struct['data'],
-   " of branch '%s'" % key)

 # If the discriminator names an enum type, then all members
 # of 'data' must also be members of the enum type.
@@ -630,34 +608,16 @@ def check_union(expr, expr_info):
 "enum '%s'" %
 (key, enum_define["enum_name"]))

-# Otherwise, check for conflicts in the generated enum
-else:
-c_key = camel_to_upper(key)
-if c_key in values:
-raise QAPIExprError(expr_info,
-"Union '%s' member '%s' clashes with '%s'"
-   

[Qemu-devel] [PATCH v14 11/15] qapi: Track enum values by QAPISchemaMember, not string

[Eric Blake]

Rather than using just an array of strings, make enum.values be
an array of the new QAPISchemaMember type, and add a helper
member_names() method to get back at the original list of names.
Likewise, creating an enum requires wrapping strings, via a new
QAPISchema._make_enum_members() method.  The benefit of wrapping
enum members in a QAPISchemaMember Python object is that we now
share the existing code for C name clash detection (although the
code is not yet active until a later commit removes the earlier
ad hoc parser checks).

In a related change, the QAPISchemaMember._pretty_owner() method
needs to learn about one more implicit type name: the generated
enum associated with a simple union.

In the interest of keeping the changes of this patch local to one
file, the visitor interface still passes just a list of names
rather than the full list of QAPISchemaMember instances.  We may
want to revisit this in the future, if the consistency with
visit_object_type() is worth it.

Signed-off-by: Eric Blake 

---
v14: Add .member_names() and ._make_enum_members(), cross-reference
comments, improve commit message
v13: new patch
---
 scripts/qapi.py | 37 ++---
 1 file changed, 26 insertions(+), 11 deletions(-)

diff --git a/scripts/qapi.py b/scripts/qapi.py
index 2748464..8fad7c8 100644
--- a/scripts/qapi.py
+++ b/scripts/qapi.py
@@ -901,13 +901,16 @@ class QAPISchemaEnumType(QAPISchemaType):
 def __init__(self, name, info, values, prefix):
 QAPISchemaType.__init__(self, name, info)
 for v in values:
-assert isinstance(v, str)
+assert isinstance(v, QAPISchemaMember)
+v.set_owner(name)
 assert prefix is None or isinstance(prefix, str)
 self.values = values
 self.prefix = prefix

 def check(self, schema):
-assert len(set(self.values)) == len(self.values)
+seen = {}
+for v in self.values:
+v.check_clash(self.info, seen)

 def is_implicit(self):
 # See QAPISchema._make_implicit_enum_type()
@@ -916,8 +919,11 @@ class QAPISchemaEnumType(QAPISchemaType):
 def c_type(self, is_param=False):
 return c_name(self.name)

+def member_names(self):
+return [v.name for v in self.values]
+
 def c_null(self):
-return c_enum_const(self.name, (self.values + ['_MAX'])[0],
+return c_enum_const(self.name, (self.member_names() + ['_MAX'])[0],
 self.prefix)

 def json_type(self):
@@ -925,7 +931,7 @@ class QAPISchemaEnumType(QAPISchemaType):

 def visit(self, visitor):
 visitor.visit_enum_type(self.name, self.info,
-self.values, self.prefix)
+self.member_names(), self.prefix)


 class QAPISchemaArrayType(QAPISchemaType):
@@ -1049,6 +1055,9 @@ class QAPISchemaMember(object):
 else:
 assert owner.endswith('-wrapper')
 return '(branch of %s)' % owner[:-8]
+if owner.endswith('Kind'):
+# See QAPISchema._make_implicit_enum_type()
+return '(branch of %s)' % owner[:-4]
 return '(%s of %s)' % (self.role, owner)

 def describe(self):
@@ -1099,7 +1108,7 @@ class QAPISchemaObjectTypeVariants(object):
 # Union names must match enum values; alternate names are
 # checked separately. Use 'seen' to tell the two apart.
 if seen:
-assert v.name in self.tag_member.type.values
+assert v.name in self.tag_member.type.member_names()
 assert isinstance(v.type, QAPISchemaObjectType)
 v.type.check(schema)

@@ -1257,15 +1266,20 @@ class QAPISchema(object):
 self.the_empty_object_type = QAPISchemaObjectType(':empty', None, None,
   [], None)
 self._def_entity(self.the_empty_object_type)
-self._def_entity(QAPISchemaEnumType('QType', None,
-['none', 'qnull', 'qint',
- 'qstring', 'qdict', 'qlist',
- 'qfloat', 'qbool'],
+qtype_values = self._make_enum_members('none', 'qnull', 'qint',
+   'qstring', 'qdict', 'qlist',
+   'qfloat', 'qbool')
+self._def_entity(QAPISchemaEnumType('QType', None, qtype_values,
 'QTYPE'))

+def _make_enum_members(self, *values):
+return [QAPISchemaMember(v) for v in values]
+
 def _make_implicit_enum_type(self, name, info, values):
+# See also QAPISchemaObjectTypeMember._pretty_owner()
 name = name + 'Kind'   # Use namespace reserved by add_name()
-self._def_entity(QAPISchemaEnumType(name, info, values, None))
+

Re: [Qemu-devel] [PATCH RFC] allow to delete sheepdog snapshot

[Hitoshi Mitake]

On Wed, Dec 2, 2015 at 1:12 AM, Vasiliy Tolstov  wrote:

> Signed-off-by: Vasiliy Tolstov 
> ---
>  block/sheepdog.c | 59
> ++--
>  1 file changed, 57 insertions(+), 2 deletions(-)
>

Seems that your patch violates the coding style of qemu. You can check the
style with scripts/checkpatch.pl.


>
> diff --git a/block/sheepdog.c b/block/sheepdog.c
> index d80e4ed..c3fae50 100644
> --- a/block/sheepdog.c
> +++ b/block/sheepdog.c
> @@ -2484,8 +2484,63 @@ static int sd_snapshot_delete(BlockDriverState *bs,
>const char *name,
>Error **errp)
>  {
> -/* FIXME: Delete specified snapshot id.  */
> -return 0;
> +uint32_t snap_id = 0;
> +uint32_t vdi = 0;
> +char snap_tag[SD_MAX_VDI_TAG_LEN];
> +Error *local_err = NULL;
> +int fd, ret;
> +char buf[SD_MAX_VDI_LEN + SD_MAX_VDI_TAG_LEN];
> +BDRVSheepdogState *s = bs->opaque;
> +unsigned int wlen = SD_MAX_VDI_LEN + SD_MAX_VDI_TAG_LEN, rlen = 0;
> +
> +memset(buf, 0, sizeof(buf));
> +memset(snap_tag, 0, sizeof(snap_tag));
> +pstrcpy(buf, SD_MAX_VDI_LEN, s->name);
> +snap_id = strtoul(snapshot_id, NULL, 10);
> +if (!snap_id) {
> +pstrcpy(snap_tag, sizeof(snap_tag), snapshot_id);
> +pstrcpy(buf + SD_MAX_VDI_LEN, SD_MAX_VDI_TAG_LEN,
> snap_tag);
> +}
> +
> +ret = find_vdi_name(s, s->name, snap_id, snap_tag, , true,
> _err);
> +if (ret) {
> +return ret;
> +}
> +
> +SheepdogVdiReq hdr = {
> +.opcode = SD_OP_DEL_VDI,
> +.data_length = wlen,
> +.flags = SD_FLAG_CMD_WRITE,
> +.snapid = snap_id,
> +};
> +SheepdogVdiRsp *rsp = (SheepdogVdiRsp *)
> +
> +fd = connect_to_sdog(s, _err);
> +if (fd < 0) {
> +error_report_err(local_err);
> +return -1;
> +}
> +
> +ret = do_req(fd, s->aio_context, (SheepdogReq *),
> + buf, , );
> +closesocket(fd);
> +if (ret) {
> +return ret;
> +}
> +
> +switch (rsp->result) {
> +case SD_RES_NO_VDI:
> +error_report("%s was already deleted", s->name);
> +case SD_RES_SUCCESS:
> +break;
> +default:
> +error_report("%s, %s", sd_strerror(rsp->result), s->name);
> +return -1;
> +}
> +
> +//ret = reload_inode(s, snap_id, snap_tag);
>

Comment outed code isn't good. You should remove it (in addition, it
wouldn't be required).

Thanks,
Hitoshi


> +
> +return ret;
>  }
>
>  static int sd_snapshot_list(BlockDriverState *bs, QEMUSnapshotInfo
> **psn_tab)
> --
> 2.5.0
>
>

[Qemu-devel] [Patch v12 resend 05/10] docs: block replication's description

[Wen Congyang]

Signed-off-by: Wen Congyang 
Signed-off-by: zhanghailiang 
Signed-off-by: Gonglei 
---
 docs/block-replication.txt | 227 +
 1 file changed, 227 insertions(+)
 create mode 100644 docs/block-replication.txt

diff --git a/docs/block-replication.txt b/docs/block-replication.txt
new file mode 100644
index 000..c7bad0e
--- /dev/null
+++ b/docs/block-replication.txt
@@ -0,0 +1,227 @@
+Block replication
+
+Copyright Fujitsu, Corp. 2015
+Copyright (c) 2015 Intel Corporation
+Copyright (c) 2015 HUAWEI TECHNOLOGIES CO., LTD.
+
+This work is licensed under the terms of the GNU GPL, version 2 or later.
+See the COPYING file in the top-level directory.
+
+Block replication is used for continuous checkpoints. It is designed
+for COLO (COurse-grain LOck-stepping) where the Secondary VM is running.
+It can also be applied for FT/HA (Fault-tolerance/High Assurance) scenario,
+where the Secondary VM is not running.
+
+This document gives an overview of block replication's design.
+
+== Background ==
+High availability solutions such as micro checkpoint and COLO will do
+consecutive checkpoints. The VM state of Primary VM and Secondary VM is
+identical right after a VM checkpoint, but becomes different as the VM
+executes till the next checkpoint. To support disk contents checkpoint,
+the modified disk contents in the Secondary VM must be buffered, and are
+only dropped at next checkpoint time. To reduce the network transportation
+effort at the time of checkpoint, the disk modification operations of
+Primary disk are asynchronously forwarded to the Secondary node.
+
+== Workflow ==
+The following is the image of block replication workflow:
+
++--+++
+|Primary Write Requests||Secondary Write Requests|
++--+++
+  |   |
+  |  (4)
+  |   V
+  |  /-\
+  |  Copy and Forward| |
+  |-(1)--+   | Disk Buffer |
+  |  |   | |
+  | (3)  \-/
+  | speculative  ^
+  |write through(2)
+  |  |   |
+  V  V   |
+   +--+   ++
+   | Primary Disk |   | Secondary Disk |
+   +--+   ++
+
+1) Primary write requests will be copied and forwarded to Secondary
+   QEMU.
+2) Before Primary write requests are written to Secondary disk, the
+   original sector content will be read from Secondary disk and
+   buffered in the Disk buffer, but it will not overwrite the existing
+   sector content (it could be from either "Secondary Write Requests" or
+   previous COW of "Primary Write Requests") in the Disk buffer.
+3) Primary write requests will be written to Secondary disk.
+4) Secondary write requests will be buffered in the Disk buffer and it
+   will overwrite the existing sector content in the buffer.
+
+== Architecture ==
+We are going to implement block replication from many basic
+blocks that are already in QEMU.
+
+ virtio-blk   ||
+ ^||.--
+ |||| Secondary
+1 Quorum  ||'--
+ /  \ ||
+/\||
+   Primary2 filter
+ disk ^
 virtio-blk
+  |
  ^
+3 NBD  --->  3 NBD 
  |
+client|| server
  2 filter
+  ||^  
  ^
+. |||  
  |
+Primary | ||  Secondary disk <- hidden-disk 5 
<- active-disk 4
+' |||  backing^   backing
+  ||| |
+  ||| |
+  ||'-'
+  ||

[Qemu-devel] [Patch v12 resend 06/10] Add new block driver interfaces to control block replication

[Wen Congyang]

Signed-off-by: Wen Congyang 
Signed-off-by: zhanghailiang 
Signed-off-by: Gonglei 
Cc: Luiz Capitulino 
Cc: Michael Roth 
Reviewed-by: Paolo Bonzini 
---
 block.c   | 43 +++
 include/block/block.h |  5 +
 include/block/block_int.h | 14 ++
 qapi/block-core.json  | 13 +
 4 files changed, 75 insertions(+)

diff --git a/block.c b/block.c
index 0a0468f..213bee8 100644
--- a/block.c
+++ b/block.c
@@ -4390,3 +4390,46 @@ void bdrv_del_child(BlockDriverState *parent_bs, 
BlockDriverState *child_bs,
 
 parent_bs->drv->bdrv_del_child(parent_bs, child_bs, errp);
 }
+
+void bdrv_start_replication(BlockDriverState *bs, ReplicationMode mode,
+Error **errp)
+{
+BlockDriver *drv = bs->drv;
+
+if (drv && drv->bdrv_start_replication) {
+drv->bdrv_start_replication(bs, mode, errp);
+} else if (bs->file) {
+bdrv_start_replication(bs->file->bs, mode, errp);
+} else {
+error_setg(errp, "The BDS %s doesn't support starting block"
+   " replication", bs->filename);
+}
+}
+
+void bdrv_do_checkpoint(BlockDriverState *bs, Error **errp)
+{
+BlockDriver *drv = bs->drv;
+
+if (drv && drv->bdrv_do_checkpoint) {
+drv->bdrv_do_checkpoint(bs, errp);
+} else if (bs->file) {
+bdrv_do_checkpoint(bs->file->bs, errp);
+} else {
+error_setg(errp, "The BDS %s doesn't support block checkpoint",
+   bs->filename);
+}
+}
+
+void bdrv_stop_replication(BlockDriverState *bs, bool failover, Error **errp)
+{
+BlockDriver *drv = bs->drv;
+
+if (drv && drv->bdrv_stop_replication) {
+drv->bdrv_stop_replication(bs, failover, errp);
+} else if (bs->file) {
+bdrv_stop_replication(bs->file->bs, failover, errp);
+} else {
+error_setg(errp, "The BDS %s doesn't support stopping block"
+   " replication", bs->filename);
+}
+}
diff --git a/include/block/block.h b/include/block/block.h
index 1d3b9c6..cd39d50 100644
--- a/include/block/block.h
+++ b/include/block/block.h
@@ -648,4 +648,9 @@ void bdrv_add_child(BlockDriverState *parent, 
BlockDriverState *child,
 void bdrv_del_child(BlockDriverState *parent, BlockDriverState *child,
 Error **errp);
 
+void bdrv_start_replication(BlockDriverState *bs, ReplicationMode mode,
+Error **errp);
+void bdrv_do_checkpoint(BlockDriverState *bs, Error **errp);
+void bdrv_stop_replication(BlockDriverState *bs, bool failover, Error **errp);
+
 #endif
diff --git a/include/block/block_int.h b/include/block/block_int.h
index 1f56046..a6aba8b 100644
--- a/include/block/block_int.h
+++ b/include/block/block_int.h
@@ -307,6 +307,20 @@ struct BlockDriver {
 void (*bdrv_del_child)(BlockDriverState *parent, BlockDriverState *child,
Error **errp);
 
+void (*bdrv_start_replication)(BlockDriverState *bs, ReplicationMode mode,
+   Error **errp);
+/* Drop Disk buffer when doing checkpoint. */
+void (*bdrv_do_checkpoint)(BlockDriverState *bs, Error **errp);
+/*
+ * After failover, we should flush Disk buffer into secondary disk
+ * and stop block replication.
+ *
+ * If the guest is shutdown, we should drop Disk buffer and stop
+ * block representation.
+ */
+void (*bdrv_stop_replication)(BlockDriverState *bs, bool failover,
+  Error **errp);
+
 QLIST_ENTRY(BlockDriver) list;
 };
 
diff --git a/qapi/block-core.json b/qapi/block-core.json
index feb8da2..2c6bd3f 100644
--- a/qapi/block-core.json
+++ b/qapi/block-core.json
@@ -1925,6 +1925,19 @@
 '*read-pattern': 'QuorumReadPattern' } }
 
 ##
+# @ReplicationMode
+#
+# An enumeration of replication modes.
+#
+# @primary: Primary mode, the vm's state will be sent to secondary QEMU.
+#
+# @secondary: Secondary mode, receive the vm's state from primary QEMU.
+#
+# Since: 2.5
+##
+{ 'enum' : 'ReplicationMode', 'data' : [ 'primary', 'secondary' ] }
+
+##
 # @BlockdevOptions
 #
 # Options for creating a block device.
-- 
2.5.0