Re: [Qemu-devel] [PATCH v2 4/5] vhost: move virtio 1.0 check to cross-endian helper

[Laurent Vivier]

On 11/01/2016 17:13, Greg Kurz wrote:
> Indeed vhost doesn't need to ask for vring endian fixing if the device is
> virtio 1.0, since it is already handled by the in-kernel vhost driver. This
> patch simply consolidates the logic into the existing helper.
> 
> Signed-off-by: Greg Kurz 
> Reviewed-by: Cornelia Huck 
> ---
>  hw/virtio/vhost.c |9 +
>  1 file changed, 5 insertions(+), 4 deletions(-)
> 
> diff --git a/hw/virtio/vhost.c b/hw/virtio/vhost.c
> index 2e1e792d599e..aef750df22ad 100644
> --- a/hw/virtio/vhost.c
> +++ b/hw/virtio/vhost.c
> @@ -750,6 +750,9 @@ static void vhost_log_stop(MemoryListener *listener,
>  
>  static inline bool vhost_needs_vring_endian(VirtIODevice *vdev)
>  {
> +if (virtio_vdev_has_feature(vdev, VIRTIO_F_VERSION_1)) {
> +return false;
> +}
>  #ifdef TARGET_IS_BIENDIAN
>  #ifdef HOST_WORDS_BIGENDIAN
>  return !virtio_is_big_endian(vdev);

I'm wondering if in term of performance you can remove the call of
virtio_vdev_has_feature() as it is done in virtio_is_big_endian().

> @@ -811,8 +814,7 @@ static int vhost_virtqueue_start(struct vhost_dev *dev,
>  return -errno;
>  }
>  
> -if (!virtio_vdev_has_feature(vdev, VIRTIO_F_VERSION_1) &&
> -vhost_needs_vring_endian(vdev)) {
> +if (vhost_needs_vring_endian(vdev)) {
>  r = vhost_virtqueue_set_vring_endian_legacy(dev,
>  
> virtio_is_big_endian(vdev),
>  vhost_vq_index);
> @@ -908,8 +910,7 @@ static void vhost_virtqueue_stop(struct vhost_dev *dev,
>  /* In the cross-endian case, we need to reset the vring endianness to
>   * native as legacy devices expect so by default.
>   */
> -if (!virtio_vdev_has_feature(vdev, VIRTIO_F_VERSION_1) &&
> -vhost_needs_vring_endian(vdev)) {
> +if (vhost_needs_vring_endian(vdev)) {
>  r = vhost_virtqueue_set_vring_endian_legacy(dev,
>  
> !virtio_is_big_endian(vdev),
>  vhost_vq_index);
> 
> 

Re: [Qemu-devel] [RFC 0/2] tcg-icount: Add and use tcg_set_insn_param to update tcg insn params

[Peter Maydell]

On 11 January 2016 at 20:16, Lluís Vilanova  wrote:
> Great! I implemented a similar thing long time ago. In my case the machinery 
> is
> completely hidden under the concept of "value promises" in TCG (i.e., the user
> does not need to know about TCG internals like tcg_op_buf_count):
>
>// create promise
>TCGv_promise_i32 imm_p;
>TCGv_i32 imm = tcg_const_promise_i32(_p); // akin to tcg_const_i32()
>...
>// operate with promised immediate 'imm'
>...
>// resolve promised value
>tcg_set_promise_i32(imm_p, resolved_value);

I think this is definitely a nicer API if we're going to
have more than a very few uses -- gen_icount kind of gets
away with looking under the hood of the tcg data structures
because it's a sort of internal thing itself, but wider
use would definitely benefit from a more formal API.

thanks
-- PMM

Re: [Qemu-devel] [PATCH v2 5/5] virtio: optimize virtio_access_is_big_endian() for little-endian targets

[Laurent Vivier]

On 11/01/2016 17:18, Greg Kurz wrote:
> When adding cross-endian support, we introduced the TARGET_IS_BIENDIAN macro
> and the virtio_access_is_big_endian() helper to have a branchless fast path
> in the virtio memory accessors for targets that don't switch endian.
> 
> This was considered as a strong requirement at the time.
> 
> Now we have added a runtime check for virtio 1.0, which ruins the benefit
> of the virtio_access_is_big_endian() helper for always little-endian targets.
> 
> With this patch, always little-endian targets stop checking for virtio 1.0,
> since the result is little-endian in all cases.
> 
> Signed-off-by: Greg Kurz 
> ---
> v2:
> - simplified the logic as suggested by Laurent Vivier
> ---
>  include/hw/virtio/virtio-access.h |6 +++---
>  1 file changed, 3 insertions(+), 3 deletions(-)
> 
> diff --git a/include/hw/virtio/virtio-access.h 
> b/include/hw/virtio/virtio-access.h
> index f1f12afe9089..8dc84f520316 100644
> --- a/include/hw/virtio/virtio-access.h
> +++ b/include/hw/virtio/virtio-access.h
> @@ -19,13 +19,13 @@
>  
>  static inline bool virtio_access_is_big_endian(VirtIODevice *vdev)
>  {
> +#if defined(TARGET_IS_BIENDIAN)
> +return virtio_is_big_endian(vdev);
> +#elif defined(TARGET_WORDS_BIGENDIAN)
>  if (virtio_vdev_has_feature(vdev, VIRTIO_F_VERSION_1)) {
>  /* Devices conforming to VIRTIO 1.0 or later are always LE. */
>  return false;
>  }
> -#if defined(TARGET_IS_BIENDIAN)
> -return virtio_is_big_endian(vdev);
> -#elif defined(TARGET_WORDS_BIGENDIAN)
>  return true;
>  #else
>  return false;
> 
> 
Reviewed-by: Laurent Vivier 

Re: [Qemu-devel] [PATCH v2 3/5] virtio: move cross-endian helper to vhost

[Laurent Vivier]

On 11/01/2016 17:13, Greg Kurz wrote:
> If target is bi-endian (ppc64, arm), the virtio_legacy_is_cross_endian()
> indeed returns the runtime state of the virtio device. However, it returns
> false unconditionally in the general case. This sounds a bit strange
> given the name of the function.
> 
> This helper is only useful for vhost actually, where indeed non bi-endian
> targets don't have to deal with cross-endian issues.
> 
> This patch moves the helper to vhost.c and gives it a more appropriate name.
> 
> Signed-off-by: Greg Kurz 
> Reviewed-by: Cornelia Huck 
> ---
>  hw/virtio/vhost.c |   17 +++--
>  include/hw/virtio/virtio-access.h |   13 -
>  2 files changed, 15 insertions(+), 15 deletions(-)
> 
> diff --git a/hw/virtio/vhost.c b/hw/virtio/vhost.c
> index de29968a7945..2e1e792d599e 100644
> --- a/hw/virtio/vhost.c
> +++ b/hw/virtio/vhost.c
> @@ -748,6 +748,19 @@ static void vhost_log_stop(MemoryListener *listener,
>  /* FIXME: implement */
>  }
>  
> +static inline bool vhost_needs_vring_endian(VirtIODevice *vdev)
> +{
> +#ifdef TARGET_IS_BIENDIAN
> +#ifdef HOST_WORDS_BIGENDIAN
> +return !virtio_is_big_endian(vdev);
> +#else
> +return virtio_is_big_endian(vdev);
> +#endif
> +#else
> +return false;
> +#endif
> +}
> +
>  static int vhost_virtqueue_set_vring_endian_legacy(struct vhost_dev *dev,
> bool is_big_endian,
> int vhost_vq_index)
> @@ -799,7 +812,7 @@ static int vhost_virtqueue_start(struct vhost_dev *dev,
>  }
>  
>  if (!virtio_vdev_has_feature(vdev, VIRTIO_F_VERSION_1) &&
> -virtio_legacy_is_cross_endian(vdev)) {
> +vhost_needs_vring_endian(vdev)) {
>  r = vhost_virtqueue_set_vring_endian_legacy(dev,
>  
> virtio_is_big_endian(vdev),
>  vhost_vq_index);
> @@ -896,7 +909,7 @@ static void vhost_virtqueue_stop(struct vhost_dev *dev,
>   * native as legacy devices expect so by default.
>   */
>  if (!virtio_vdev_has_feature(vdev, VIRTIO_F_VERSION_1) &&
> -virtio_legacy_is_cross_endian(vdev)) {
> +vhost_needs_vring_endian(vdev)) {
>  r = vhost_virtqueue_set_vring_endian_legacy(dev,
>  
> !virtio_is_big_endian(vdev),
>  vhost_vq_index);
> diff --git a/include/hw/virtio/virtio-access.h 
> b/include/hw/virtio/virtio-access.h
> index a01fff2e51d7..f1f12afe9089 100644
> --- a/include/hw/virtio/virtio-access.h
> +++ b/include/hw/virtio/virtio-access.h
> @@ -32,19 +32,6 @@ static inline bool 
> virtio_access_is_big_endian(VirtIODevice *vdev)
>  #endif
>  }
>  
> -static inline bool virtio_legacy_is_cross_endian(VirtIODevice *vdev)
> -{
> -#ifdef TARGET_IS_BIENDIAN
> -#ifdef HOST_WORDS_BIGENDIAN
> -return !virtio_is_big_endian(vdev);
> -#else
> -return virtio_is_big_endian(vdev);
> -#endif
> -#else
> -return false;
> -#endif
> -}
> -
>  static inline uint16_t virtio_lduw_phys(VirtIODevice *vdev, hwaddr pa)
>  {
>  if (virtio_access_is_big_endian(vdev)) {
> 
> 
Reviewed-by: Laurent Vivier 

Re: [Qemu-devel] [PATCH v7] spec: add qcow2 bitmaps extension specification

[John Snow]

On 01/11/2016 08:05 AM, Vladimir Sementsov-Ogievskiy wrote:
> The new feature for qcow2: storing bitmaps.
> 
> This patch adds new header extension to qcow2 - Bitmaps Extension. It
> provides an ability to store virtual disk related bitmaps in a qcow2
> image. For now there is only one type of such bitmaps: Dirty Tracking
> Bitmap, which just tracks virtual disk changes from some moment.
> 
> Note: Only bitmaps, relative to the virtual disk, stored in qcow2 file,
> should be stored in this qcow2 file. The size of each bitmap
> (considering its granularity) is equal to virtual disk size.
> 
> Signed-off-by: Vladimir Sementsov-Ogievskiy 
> ---
> 
> v7:
> 
> - Rewordings, grammar.
>   Max, Eric, John, thank you very much.
> 
> - add last paragraph: remaining bits in bitmap data clusters must be
>   zero.
> 
> - s/Bitmap Directory/bitmap directory/ and other names like this at
>   the request of Max.
> 
> v6:
> 
> - reword bitmap_directory_size description
> - bitmap type: make 0 reserved
> - extra_data_size: resize to 4bytes
>   Also, I've marked this field as "must be zero". We can always change
>   it, if we decide allowing managing app to specify any extra data, by
>   defining some magic value as a top of user extra data.. So, for now
>   non zeor extra_data_size should be considered as an error.
> - swap name and extra_data to give good alignment to extra_data.
> 
> 
> v5:
> 
> - 'Dirty bitmaps' renamed to 'Bitmaps', as we may have several types of
>   bitmaps.
> - rewordings
> - move upper bounds to "Notes about Qemu limits"
> - s/should/must somewhere. (but not everywhere)
> - move name_size field closer to name itself in bitmap header
> - add extra data area to bitmap header
> - move bitmap data description to separate section
> 
>  docs/specs/qcow2.txt | 172 
> ++-
>  1 file changed, 171 insertions(+), 1 deletion(-)
> 
> diff --git a/docs/specs/qcow2.txt b/docs/specs/qcow2.txt
> index 121dfc8..997239d 100644
> --- a/docs/specs/qcow2.txt
> +++ b/docs/specs/qcow2.txt
> @@ -103,7 +103,18 @@ in the description of a field.
>  write to an image with unknown auto-clear features if it
>  clears the respective bits from this field first.
>  
> -Bits 0-63:  Reserved (set to 0)
> +Bit 0:  Bitmaps extension bit
> +This bit indicates consistency for the 
> bitmaps
> +extension data.
> +
> +It is an error if this bit is set without the
> +bitmaps extension present.
> +
> +If the bitmaps extension is present but this
> +bit is unset, the bitmaps extension data is
> +inconsistent.
> +
> +Bits 1-63:  Reserved (set to 0)
>  
>   96 -  99:  refcount_order
>  Describes the width of a reference count block entry 
> (width
> @@ -123,6 +134,7 @@ be stored. Each extension has a structure like the 
> following:
>  0x - End of the header extension area
>  0xE2792ACA - Backing file format name
>  0x6803f857 - Feature name table
> +0x23852875 - Bitmaps extension
>  other  - Unknown header extension, can be safely
>   ignored
>  
> @@ -166,6 +178,34 @@ the header extension data. Each entry look like this:
>  terminated if it has full length)
>  
>  
> +== Bitmaps extension ==
> +
> +The bitmaps extension is an optional header extension. It provides the 
> ability
> +to store bitmaps related to a virtual disk. For now, there is only one bitmap
> +type: the dirty tracking bitmap, which tracks virtual disk changes from some
> +point in time.
> +
> +The data of the extension should be considered consistent only if the
> +corresponding auto-clear feature bit is set, see autoclear_features above.
> +
> +The fields of the bitmaps extension are:
> +
> +  0 -  3:  nb_bitmaps
> +   The number of bitmaps contained in the image. Must be
> +   greater than or equal to 1.
> +
> +   Note: Qemu currently only supports up to 65535 bitmaps per
> +   image.
> +
> +  4 -  7:  bitmap_directory_size
> +   Size of the bitmap directory in bytes. It is the 
> cumulative
> +   size of all (nb_bitmaps) bitmap headers.
> +
> +  8 - 15:  bitmap_directory_offset
> +   Offset into the image file at which the bitmap directory
> +   starts. Must be aligned to a cluster boundary.
> +
> +
>  == Host cluster management ==
>  
>  qcow2 manages the allocation of host clusters by maintaining a reference 
> 

Re: [Qemu-devel] [PATCH 2/4] macio: add dma_active to VMStateDescription

[Mark Cave-Ayland]

On 08/01/16 20:55, John Snow wrote:

> On 01/06/2016 04:17 PM, Mark Cave-Ayland wrote:
>> On 06/01/16 20:57, John Snow wrote:
>>
>>> On 01/06/2016 03:37 PM, Mark Cave-Ayland wrote:
 Make sure that we include the value of dma_active in the migration stream.

 Signed-off-by: Mark Cave-Ayland 
 ---
  hw/ide/macio.c |3 ++-
  1 file changed, 2 insertions(+), 1 deletion(-)

 diff --git a/hw/ide/macio.c b/hw/ide/macio.c
 index 560c071..695d4d2 100644
 --- a/hw/ide/macio.c
 +++ b/hw/ide/macio.c
 @@ -518,11 +518,12 @@ static const MemoryRegionOps pmac_ide_ops = {
  
  static const VMStateDescription vmstate_pmac = {
  .name = "ide",
 -.version_id = 3,
 +.version_id = 4,
  .minimum_version_id = 0,
  .fields = (VMStateField[]) {
  VMSTATE_IDE_BUS(bus, MACIOIDEState),
  VMSTATE_IDE_DRIVES(bus.ifs, MACIOIDEState),
 +VMSTATE_BOOL(dma_active, MACIOIDEState),
  VMSTATE_END_OF_LIST()
  }
  };

>>>
>>> Did you wind up ever observing this value to be non-zero when it was
>>> written to the migration stream?
>>>
>>> I really did think that we should be able to assume this was always
>>> false due to how migration will drain all outstanding AIO, but maybe I
>>> am mistaken.
>>
>> I think this can happen because Darwin/MacOS sets the DBDMA processor
>> running first *before* the IDE request is issued, compared to pretty
>> much every other OS which issues the IDE request *first* which then in
>> turn invokes the DMA engine (which is the general assumption in the QEMU
>> IDE/DMA APIs).
>>
>> So there could be a window where the DBDMA is programmed and active but
>> migration takes place before the corresponding IDE request has been
>> issued (which is exactly the situation that this flag handles).
>>
>>
>> ATB,
>>
>> Mark.
>>
> 
> sadly that seems to be the case. ide_dbdma_start looks like it can yield
> through DBDMA_kick, so there's time for things to go awry.
> 
> Acked-by: John Snow 
> 
> I had an off-list discussion with David Gilbert on how the migration
> fields work here -- this will introduce a hard incompatibility between
> pre-2.5 and post-2.5, which might be fine since Mac has never really
> quite worked correctly anyway.
> 
> If you want to worry about compatibility, David advised me that a
> conditional subsection might be appropriate:
> 
> since dma_active is /usually/ false, we can use this as a flag for
> deciding to migrate it or not: i.e. if it's false, we skip the field and
> the receiver assumes it's false in post_load, or if we migrate to an
> older version, it never has to worry about it.
> 
> If it's true, you get a migration error that says the subsection wasn't
> found, but you get to try to migrate again -- it's kind of a cheesy way
> to say that you can't migrate to older versions while the DMA is active.
> Future versions can accept the true boolean, though.

I'm not too worried about this since before my patchset last year then
none of the Mac machines could be migrated since version ~0.10, and even
then, only when there was no outstanding disk activity (e.g. just within
OpenBIOS).

As there are also issues with the CPU interrupt status under TCG (see my
related patchset) then the chance of getting a successful migration
before now is amazingly small. Alex, what do you think?


ATB,

Mark.

[Qemu-devel] [PATCH 4/5] block/backup: Add subclassed notifier

[John Snow]

Instead of relying on peeking at bs->job, we want to explicitly get
a reference to the job that was involved in this notifier callback.

Extend the Notifier to include a job pointer, and include a reference
to the job registering the callback. This cuts out a few more cases
where we have to rely on bs->job.

Signed-off-by: John Snow 
---
 block/backup.c | 30 ++
 1 file changed, 22 insertions(+), 8 deletions(-)

diff --git a/block/backup.c b/block/backup.c
index 325e247..58c76be 100644
--- a/block/backup.c
+++ b/block/backup.c
@@ -89,11 +89,11 @@ static void cow_request_end(CowRequest *req)
 }
 
 static int coroutine_fn backup_do_cow(BlockDriverState *bs,
+  BackupBlockJob *job,
   int64_t sector_num, int nb_sectors,
   bool *error_is_read,
   bool is_write_notifier)
 {
-BackupBlockJob *job = (BackupBlockJob *)bs->job;
 CowRequest cow_request;
 struct iovec iov;
 QEMUIOVector bounce_qiov;
@@ -187,10 +187,17 @@ out:
 return ret;
 }
 
+/* Extend the generic Notifier interface */
+typedef struct BackupNotifier {
+NotifierWithReturn common;
+BackupBlockJob *job;
+} BackupNotifier;
+
 static int coroutine_fn backup_before_write_notify(
 NotifierWithReturn *notifier,
 void *opaque)
 {
+BackupNotifier *bnotifier = (BackupNotifier *)notifier;
 BdrvTrackedRequest *req = opaque;
 int64_t sector_num = req->offset >> BDRV_SECTOR_BITS;
 int nb_sectors = req->bytes >> BDRV_SECTOR_BITS;
@@ -198,7 +205,8 @@ static int coroutine_fn backup_before_write_notify(
 assert((req->offset & (BDRV_SECTOR_SIZE - 1)) == 0);
 assert((req->bytes & (BDRV_SECTOR_SIZE - 1)) == 0);
 
-return backup_do_cow(req->bs, sector_num, nb_sectors, NULL, true);
+return backup_do_cow(req->bs, bnotifier->job, sector_num,
+ nb_sectors, NULL, true);
 }
 
 static void backup_set_speed(BlockJob *job, int64_t speed, Error **errp)
@@ -346,7 +354,8 @@ static int coroutine_fn 
backup_run_incremental(BackupBlockJob *job)
 if (yield_and_check(job)) {
 return ret;
 }
-ret = backup_do_cow(bs, cluster * BACKUP_SECTORS_PER_CLUSTER,
+ret = backup_do_cow(bs, job,
+cluster * BACKUP_SECTORS_PER_CLUSTER,
 BACKUP_SECTORS_PER_CLUSTER, _is_read,
 false);
 if ((ret < 0) &&
@@ -382,8 +391,11 @@ static void coroutine_fn backup_run(void *opaque)
 BlockDriverState *bs = job->common.bs;
 BlockDriverState *target = job->target;
 BlockdevOnError on_target_error = job->on_target_error;
-NotifierWithReturn before_write = {
-.notify = backup_before_write_notify,
+BackupNotifier before_write = {
+.common = {
+.notify = backup_before_write_notify,
+},
+.job = job,
 };
 int64_t start, end;
 int ret = 0;
@@ -402,7 +414,8 @@ static void coroutine_fn backup_run(void *opaque)
 blk_iostatus_enable(target->blk);
 }
 
-bdrv_add_before_write_notifier(bs, _write);
+block_job_ref(>common);
+bdrv_add_before_write_notifier(bs, (NotifierWithReturn *)_write);
 
 if (job->sync_mode == MIRROR_SYNC_MODE_NONE) {
 while (!block_job_is_cancelled(>common)) {
@@ -454,7 +467,7 @@ static void coroutine_fn backup_run(void *opaque)
 }
 }
 /* FULL sync mode we copy the whole drive. */
-ret = backup_do_cow(bs, start * BACKUP_SECTORS_PER_CLUSTER,
+ret = backup_do_cow(bs, job, start * BACKUP_SECTORS_PER_CLUSTER,
 BACKUP_SECTORS_PER_CLUSTER, _is_read, false);
 if (ret < 0) {
 /* Depending on error action, fail now or retry cluster */
@@ -470,7 +483,8 @@ static void coroutine_fn backup_run(void *opaque)
 }
 }
 
-notifier_with_return_remove(_write);
+notifier_with_return_remove((NotifierWithReturn *)_write);
+block_job_unref(>common);
 
 /* wait until pending backup_do_cow() calls have completed */
 qemu_co_rwlock_wrlock(>flush_rwlock);
-- 
2.4.3

[Qemu-devel] [PATCH 0/5] block: reduce reliance on bs->job pointer

[John Snow]

This is a small collection of patches to reduce our use of the bs->job
pointer where possible. There are still more usages in the code, but
this cuts down on a few.

The goal is to eventually eliminate all of them and allow multiple block
jobs to run concurrently, but design on what that will look like is
on-going.

In the meantime, eliminate a few obviously needless references to
bs->job by allowing more systems to carry pointers to jobs directly
instead of trying to fish the pointer out of the BDS all the time.



For convenience, this branch is available at:
https://github.com/jnsnow/qemu.git branch block-multijob2
https://github.com/jnsnow/qemu/tree/block-multijob2

This version is tagged block-multijob2-v1:
https://github.com/jnsnow/qemu/releases/tag/block-multijob2-v1

John Snow (5):
  block: Allow mirror_start to return job references
  block: Allow stream_start to return job references
  block: allow backup_start to return job references
  block/backup: Add subclassed notifier
  blockjob: add Job parameter to BlockCompletionFunc

 block/backup.c|  68 +--
 block/commit.c|   2 +-
 block/mirror.c|  74 
 block/stream.c|  10 ++-
 blockdev.c| 210 +-
 blockjob.c|  13 ++-
 include/block/block.h |   2 +
 include/block/block_int.h |  27 +++---
 include/block/blockjob.h  |   6 +-
 qemu-img.c|  16 ++--
 tests/test-blockjob-txn.c |   4 +-
 11 files changed, 250 insertions(+), 182 deletions(-)

-- 
2.4.3

[Qemu-devel] [PATCH 2/5] block: Allow stream_start to return job references

[John Snow]

stream_start now picks up a reference for its return value, a copy of
the job started. callers are responsible for putting it down when they
are done with it.

This removes a minor reference to bs->job in qmp_block_stream, for
a simple tracing function.

Signed-off-by: John Snow 
---
 block/stream.c| 8 +---
 blockdev.c| 8 +---
 include/block/block_int.h | 9 +
 3 files changed, 15 insertions(+), 10 deletions(-)

diff --git a/block/stream.c b/block/stream.c
index 25af7ef..1dfeac0 100644
--- a/block/stream.c
+++ b/block/stream.c
@@ -213,7 +213,7 @@ static const BlockJobDriver stream_job_driver = {
 .set_speed = stream_set_speed,
 };
 
-void stream_start(BlockDriverState *bs, BlockDriverState *base,
+BlockJob *stream_start(BlockDriverState *bs, BlockDriverState *base,
   const char *backing_file_str, int64_t speed,
   BlockdevOnError on_error,
   BlockCompletionFunc *cb,
@@ -225,19 +225,21 @@ void stream_start(BlockDriverState *bs, BlockDriverState 
*base,
  on_error == BLOCKDEV_ON_ERROR_ENOSPC) &&
 (!bs->blk || !blk_iostatus_is_enabled(bs->blk))) {
 error_setg(errp, QERR_INVALID_PARAMETER, "on-error");
-return;
+return NULL;
 }
 
 s = block_job_create(_job_driver, bs, speed, cb, opaque, errp);
 if (!s) {
-return;
+return NULL;
 }
 
 s->base = base;
 s->backing_file_str = g_strdup(backing_file_str);
 
 s->on_error = on_error;
+block_job_ref(>common);
 s->common.co = qemu_coroutine_create(stream_run);
 trace_stream_start(bs, base, s, s->common.co, opaque);
 qemu_coroutine_enter(s->common.co, s);
+return >common;
 }
diff --git a/blockdev.c b/blockdev.c
index d31bb03..f66cac8 100644
--- a/blockdev.c
+++ b/blockdev.c
@@ -2884,6 +2884,7 @@ void qmp_block_stream(const char *device,
 BlockBackend *blk;
 BlockDriverState *bs;
 BlockDriverState *base_bs = NULL;
+BlockJob *job;
 AioContext *aio_context;
 Error *local_err = NULL;
 const char *base_name = NULL;
@@ -2933,14 +2934,15 @@ void qmp_block_stream(const char *device,
 /* backing_file string overrides base bs filename */
 base_name = has_backing_file ? backing_file : base_name;
 
-stream_start(bs, base_bs, base_name, has_speed ? speed : 0,
- on_error, block_job_cb, bs, _err);
+job = stream_start(bs, base_bs, base_name, has_speed ? speed : 0,
+   on_error, block_job_cb, bs, _err);
 if (local_err) {
 error_propagate(errp, local_err);
 goto out;
 }
 
-trace_qmp_block_stream(bs, bs->job);
+trace_qmp_block_stream(bs, job);
+block_job_unref(job);
 
 out:
 aio_context_release(aio_context);
diff --git a/include/block/block_int.h b/include/block/block_int.h
index a68c7dc..ea3b06b 100644
--- a/include/block/block_int.h
+++ b/include/block/block_int.h
@@ -597,10 +597,11 @@ int is_windows_drive(const char *filename);
  * streaming job, the backing file of @bs will be changed to
  * @base_id in the written image and to @base in the live BlockDriverState.
  */
-void stream_start(BlockDriverState *bs, BlockDriverState *base,
-  const char *base_id, int64_t speed, BlockdevOnError on_error,
-  BlockCompletionFunc *cb,
-  void *opaque, Error **errp);
+BlockJob *stream_start(BlockDriverState *bs, BlockDriverState *base,
+   const char *base_id, int64_t speed,
+   BlockdevOnError on_error,
+   BlockCompletionFunc *cb,
+   void *opaque, Error **errp);
 
 /**
  * commit_start:
-- 
2.4.3

Re: [Qemu-devel] [PATCH 2/2] ppc: Allow 64kiB pages for POWER8 in TCG

[David Gibson]

On Fri, Jan 08, 2016 at 02:56:02PM +1100, Alexey Kardashevskiy wrote:
> On 12/21/2015 01:41 PM, David Gibson wrote:
> >Now that the spapr code has been extended to support 64kiB pages, we can
> >allow guests to use 64kiB pages on an emulated POWER8 by adding it to the
> >"segment_page_sizes" structure which is advertised via the device tree.
> >
> >For now we just add support for 64kiB pages in 64kiB page segments.  Real
> >POWER8 also supports 64kiB pages in 4kiB page segments, but that will
> >require more work to implement.
> >
> >Real POWER7s (and maybe some other CPU models) also support 64kiB pages,
> >however, I don't want to add support there without double checking if they
> >use the same HPTE and SLB encodings (in principle these are implementation
> >dependent).
> >
> >Signed-off-by: David Gibson 
> >---
> >  target-ppc/translate_init.c | 17 +
> >  1 file changed, 17 insertions(+)
> >
> >diff --git a/target-ppc/translate_init.c b/target-ppc/translate_init.c
> >index e88dc7f..ae5a269 100644
> >--- a/target-ppc/translate_init.c
> >+++ b/target-ppc/translate_init.c
> >@@ -8200,6 +8200,22 @@ POWERPC_FAMILY(POWER8)(ObjectClass *oc, void *data)
> >  {
> >  DeviceClass *dc = DEVICE_CLASS(oc);
> >  PowerPCCPUClass *pcc = POWERPC_CPU_CLASS(oc);
> >+static const struct ppc_segment_page_sizes POWER8_sps = {
> >+.sps = {
> >+{ .page_shift = 12, /* 4K */
> >+  .slb_enc = 0,
> >+  .enc = { { .page_shift = 12, .pte_enc = 0 } }
> >+},
> >+{ .page_shift = 16, /* 64K */
> >+  .slb_enc = 0x110,
> >+  .enc = { { .page_shift = 16, .pte_enc = 0x1 } }
> >+},
> >+{ .page_shift = 24, /* 16M */
> >+  .slb_enc = 0x100,
> >+  .enc = { { .page_shift = 24, .pte_enc = 0 } }
> >+},
> >+}
> >+};
> 
> 
> In order to educate myself - where did 0x110/0x100 come from?

These are the L and LP bit encodings used by actual POWER8 hardware -
IIRC I took the information from the kernel's mmu_psize_defs table.

> Is not 0x110
> SLB_VSID_64K (which does not use SLB_VSID_L by accident?)?

Yes, it is

> And is 0x100
> SLB_VSID_L?

Yes.

> I just wanted to double check if POWER7 uses the same encoding and it is not
> that simple to trace what came from where...
> 
> 
> 
> >
> >  dc->fw_name = "PowerPC,POWER8";
> >  dc->desc = "POWER8";
> >@@ -8258,6 +8274,7 @@ POWERPC_FAMILY(POWER8)(ObjectClass *oc, void *data)
> >  pcc->l1_dcache_size = 0x8000;
> >  pcc->l1_icache_size = 0x8000;
> >  pcc->interrupts_big_endian = ppc_cpu_interrupts_big_endian_lpcr;
> >+pcc->sps = _sps;
> >  }
> >  #endif /* defined (TARGET_PPC64) */
> >
> >
> 
> 

-- 
David Gibson| I'll have my music baroque, and my code
david AT gibson.dropbear.id.au  | minimalist, thank you.  NOT _the_ _other_
| _way_ _around_!
http://www.ozlabs.org/~dgibson


signature.asc
Description: PGP signature

Re: [Qemu-devel] [v15 12/15] vfio: add bus in reset flag

[Chen Fan]

On 01/07/2016 12:44 AM, Alex Williamson wrote:

On Wed, 2016-01-06 at 10:13 +0800, Chen Fan wrote:

On 01/06/2016 03:58 AM, Alex Williamson wrote:

On Tue, 2016-01-05 at 09:20 +0800, Cao jin wrote:

From: Chen Fan 

mark the host bus be in reset. avoid multiple devices trigger the
host bus reset many times.

Signed-off-by: Chen Fan 
---
   hw/vfio/pci.c | 6 ++
   include/hw/vfio/vfio-common.h | 1 +
   2 files changed, 7 insertions(+)

diff --git a/hw/vfio/pci.c b/hw/vfio/pci.c
index ee88db3..aa0d945 100644
--- a/hw/vfio/pci.c
+++ b/hw/vfio/pci.c
@@ -2249,6 +2249,11 @@ static int
vfio_pci_hot_reset(VFIOPCIDevice
*vdev, bool single)
   
   trace_vfio_pci_hot_reset(vdev->vbasedev.name, single ?

"one" :
"multi");
   
+if (vdev->vbasedev.bus_in_reset) {

+vdev->vbasedev.bus_in_reset = false;
+return 0;
+}
+
   vfio_pci_pre_reset(vdev);
   vdev->vbasedev.needs_reset = false;
   
@@ -2312,6 +2317,7 @@ static int vfio_pci_hot_reset(VFIOPCIDevice

*vdev, bool single)
   }
   vfio_pci_pre_reset(tmp);
   tmp->vbasedev.needs_reset = false;
+tmp->vbasedev.bus_in_reset = true;
   multi = true;
   break;
   }
diff --git a/include/hw/vfio/vfio-common.h
b/include/hw/vfio/vfio-
common.h
index f037f3c..44b19d7 100644
--- a/include/hw/vfio/vfio-common.h
+++ b/include/hw/vfio/vfio-common.h
@@ -95,6 +95,7 @@ typedef struct VFIODevice {
   bool reset_works;
   bool needs_reset;
   bool no_mmap;
+bool bus_in_reset;
   VFIODeviceOps *ops;
   unsigned int num_irqs;
   unsigned int num_regions;

I imagine this should be a VFIOPCIDevice field, it has no use in
the
common code.  The name is also a bit confusing; when I suggested a
bus_in_reset flag, I was referring to a property on the bus itself
that
the existing device_reset could query to switch modes rather than
add a
separate callback as you've done in this series.  This works, but
it's
perhaps more intrusive than I was thinking.  It will need to get
approval by qdev folks.

maybe I don't get your point. I just think add a bus_in_reset flag in
bus
has no much sense. for instance, if assigning device A and B from
different host bus into a same virtual bus. assume all check passed.
then if device A aer occurs. we should reset virtual bus to recover
the device A, we also need to reset the device B and do device B host
bus reset. but here the bus_in_reset just denote the device B not
need
to do host bus reset, it's incorrect. right?

Let's take an example of the state of this flag on the device to see
why the name doesn't make sense to me.  We have a dual port card with
devices A and B, both on the same host bus.  We start a hot reset on A
and we have the following states:

A.bus_in_reset = false
B.bus_in_reset = false

Well, that's not accurate.  As we complete the hot reset we tag device
B as already being reset:

A.bus_in_reset = false
B.bus_in_reset = true

That's not accurate either, they're both in the same bus hierarchy,
they should not be different.  Later hot reset is called on B and we're
back to:

A.bus_in_reset = false
B.bus_in_reset = false

So I agree with your algorithm, but the variable is not tracking the
state of the bus being in reset, it's tracking whether to skip the next
reset call.

The separate hot (bus) reset in DeviceClass seems unnecessary too, this
is where I think we could work entirely within the PCI code w/o new
qbus/qdev interfaces.  Imagine pci_bridge_write_config()
calls qbus_walk_children() directly instead of calling
qbus_reset_all().  The pre_busfn() could set a flag on the PCIBus to
indicate the bus is in reset.  qdev_reset_one() could be used as the
post_devfn() and the post_busfn() would call qdev_reset_one() followed
by a clear of the flag.  The modification to vfio is then simply that
if we're resetting an AER device and the bus is in reset, we know we
can do a hot reset.  It simply allows us to test which reset type is
occurring within the existing reset callback rather than adding a new
one.

Going back to my idea of a sequence ID, if we had:

bool PCIBus.bus_in_reset
uint PCIBus.bus_reset_seqid

The pre_busfn would do:

PCIBus.bus_in_reset = true
PCIBus.bus_reset_seqid++

Then we could add:

uint VFIOPCIDevice.last_bus_reset_seqid

vfio_pci_reset() would test (PCIBus.bus_in_reset && VFIOPCIDevice.AER)
to know whether to do a hot reset.  vfio_pci_hot_reset() would skip
devices for which (VFIOPCIDevice.last_bus_reset_seqid ==
PCIBus.bus_reset_seqid) and for each device reset would set
VFIOPCIDevice.last_bus_reset_seqid = PCIBus.bus_reset_seqid.

That feels like a much more deterministic solution if MST is willing to
support it in the PCI specific BusState.  Thanks,


Thanks for your suggestion. I will send out a new version soon.

Chen



Alex


.

Re: [Qemu-devel] [PATCH v4 1/1] xlnx-zynqmp: Add support for high DDR memory regions

[Alistair Francis]

On Mon, Jan 11, 2016 at 8:04 AM, Peter Maydell  wrote:
> On 5 January 2016 at 22:05, Alistair Francis
>  wrote:
>> The Xilinx ZynqMP SoC and EP108 board supports three memory regions:
>>  - A 2GB region starting at 0
>>  - A 32GB region starting at 32GB
>>  - A 256GB region starting at 768GB
>>
>> This patch adds support for the first two memory regions, which is
>> automatically created based on the size specified by the QEMU memory
>> command line argument.
>>
>> On hardware the physical memory region is one continuous region, it is then
>> mapped into the three different regions by the DDRC. As we don't model the
>> DDRC this is done at startup by QEMU. The board creates the memory region and
>> then passes that memory region to the SoC. The SoC then maps the memory
>> regions.
>>
>> Signed-off-by: Alistair Francis 
>> Reviewed-by: Peter Crosthwaite 
>> ---
>> V4:
>>  - Small fixes
>>  - Localisation of ram_size
>> V3:
>>  - Assert on the RAM sizes
>>  - Remove ram_size property
>>  - General fixes
>> V2:
>>  - Create one continuous memory region and pass it to the SoC
>
>> @@ -35,20 +32,12 @@ static void xlnx_ep108_init(MachineState *machine)
>>  XlnxEP108 *s = g_new0(XlnxEP108, 1);
>>  Error *err = NULL;
>>
>> -object_initialize(>soc, sizeof(s->soc), TYPE_XLNX_ZYNQMP);
>> -object_property_add_child(OBJECT(machine), "soc", OBJECT(>soc),
>> -  _abort);
>> -
>> -object_property_set_bool(OBJECT(>soc), true, "realized", );
>> -if (err) {
>> -error_report("%s", error_get_pretty(err));
>> -exit(1);
>> -}
>> -
>> -if (machine->ram_size > EP108_MAX_RAM_SIZE) {
>> +/* Create the memory region to pass to the SoC */
>> +if (machine->ram_size > XLNX_ZYNQMP_MAX_RAM_SIZE) {
>
> Unfortunately this doesn't build on 32-bit hosts:
>
> /home/petmay01/qemu/hw/arm/xlnx-ep108.c: In function 'xlnx_ep108_init':
> /home/petmay01/qemu/hw/arm/xlnx-ep108.c:36:16: error: comparison is
> always false due to limited range of data type [-Werror=type-limits]
>  if (machine->ram_size > XLNX_ZYNQMP_MAX_RAM_SIZE) {
> ^
> /home/petmay01/qemu/hw/arm/xlnx-ep108.c:40:9: error: large integer
> implicitly truncated to unsigned type [-Werror=overflow]
>  machine->ram_size = XLNX_ZYNQMP_MAX_RAM_SIZE;
>  ^
> cc1: all warnings being treated as errors
>
> so I'm going to drop it from the target-arm pullreq. Please could
> you fix the compile issue and resend?

I think I have fixed them. Unfortunately I don't have access to a
32-bit machine to test.

>
> There are a couple of problems you're running into:
>
> (1) machine->ram_size is a ram_addr_t so might be 32 bit; you
> can do what virt.c does to avoid the warning and use a local
> uin64_t variable for the comparison

Ok, I now create a uint64_t variable to store the value.

>
> (2) complaint about reassigning back to ram_size. this is spurious
> but you can avoid it by making this board behave the same way as
> virt.c, vexpress.c etc do if presented with an unsupported
> ram_size -- you should fail, rather than truncating and continuing.

If I'm using a 64-bit variable to store the value won't this no longer
be a problem?

>
> (3) %llx is not the correct format string for a ram_addr_t:
> use RAM_ADDR_FMT. (This isn't making the compiler complain,
> but I noticed it looking at the code.)

Again, isn't this fixed by changing to a variable?

Thanks,

Alistair

>
> thanks
> -- PMM
>

[Qemu-devel] [PATCH v2] sdhci: add quirk property for card insert interrupt status on Raspberry Pi

[Andrew Baumann]

This quirk is a workaround for the following hardware behaviour, on
which UEFI (specifically, the bootloader for Windows on Pi2) depends:

1. at boot with an SD card present, the interrupt status/enable
   registers are initially zero
2. upon enabling it in the interrupt enable register, the card insert
   bit in the interrupt status register is immediately set
3. after a subsequent controller reset, the card insert interrupt does
   not fire, even if enabled in the interrupt enable register

The implementation uses a pending_insert bool, which can be set via a
property (enabling the quirk) and is cleared and remains clear once
the interrupt has been delivered.

Signed-off-by: Andrew Baumann 
---

This depends on
https://lists.gnu.org/archive/html/qemu-devel/2015-12/msg04895.html
(revert of the broken noeject_quirk).

Notes:
v2: changed implementation to use pending_insert bool rather than
masking norintsts at read time, since the older version diverges from
actual hardware behaviour when an interrupt is masked without being
acked

Peter, am I doing the right thing with the vmstate here?

 hw/sd/sdhci.c | 12 +++-
 include/hw/sd/sdhci.h |  1 +
 2 files changed, 12 insertions(+), 1 deletion(-)

diff --git a/hw/sd/sdhci.c b/hw/sd/sdhci.c
index dd83e89..a5364fd 100644
--- a/hw/sd/sdhci.c
+++ b/hw/sd/sdhci.c
@@ -196,6 +196,7 @@ static void sdhci_reset(SDHCIState *s)
 sd_set_cb(s->card, s->ro_cb, s->eject_cb);
 s->data_count = 0;
 s->stopped_state = sdhc_not_stopped;
+s->pending_insert = false;
 }
 
 static void sdhci_data_transfer(void *opaque);
@@ -1087,6 +1088,12 @@ sdhci_write(void *opaque, hwaddr offset, uint64_t val, 
unsigned size)
 } else {
 s->norintsts &= ~SDHC_NIS_ERR;
 }
+/* Quirk for Raspberry Pi: pending card insert interrupt
+ * appears when first enabled after power on */
+if ((s->norintstsen & SDHC_NISEN_INSERT) && s->pending_insert) {
+s->norintsts |= SDHC_NIS_INSERT;
+s->pending_insert = false;
+}
 sdhci_update_irq(s);
 break;
 case SDHC_NORINTSIGEN:
@@ -1180,7 +1187,7 @@ static void sdhci_uninitfn(SDHCIState *s)
 
 const VMStateDescription sdhci_vmstate = {
 .name = "sdhci",
-.version_id = 1,
+.version_id = 2,
 .minimum_version_id = 1,
 .fields = (VMStateField[]) {
 VMSTATE_UINT32(sdmasysad, SDHCIState),
@@ -1211,6 +1218,7 @@ const VMStateDescription sdhci_vmstate = {
 VMSTATE_VBUFFER_UINT32(fifo_buffer, SDHCIState, 1, NULL, 0, buf_maxsz),
 VMSTATE_TIMER_PTR(insert_timer, SDHCIState),
 VMSTATE_TIMER_PTR(transfer_timer, SDHCIState),
+VMSTATE_BOOL(pending_insert, SDHCIState),
 VMSTATE_END_OF_LIST()
 }
 };
@@ -1227,6 +1235,8 @@ static Property sdhci_pci_properties[] = {
 DEFINE_PROP_UINT32("capareg", SDHCIState, capareg,
 SDHC_CAPAB_REG_DEFAULT),
 DEFINE_PROP_UINT32("maxcurr", SDHCIState, maxcurr, 0),
+DEFINE_PROP_BOOL("pending-insert-quirk", SDHCIState, pending_insert,
+ false),
 DEFINE_PROP_END_OF_LIST(),
 };
 
diff --git a/include/hw/sd/sdhci.h b/include/hw/sd/sdhci.h
index e78d938..c70be14 100644
--- a/include/hw/sd/sdhci.h
+++ b/include/hw/sd/sdhci.h
@@ -77,6 +77,7 @@ typedef struct SDHCIState {
 uint32_t buf_maxsz;
 uint16_t data_count;   /* current element in FIFO buffer */
 uint8_t  stopped_state;/* Current SDHC state */
+bool pending_insert;/* Quirk for Raspberry Pi card insert interrupt */
 /* Buffer Data Port Register - virtual access point to R and W buffers */
 /* Software Reset Register - always reads as 0 */
 /* Force Event Auto CMD12 Error Interrupt Reg - write only */
-- 
2.5.3

Re: [Qemu-devel] [PATCH v2 2/5] Revert "vhost-net: tell tap backend about the vnet endianness"

[Laurent Vivier]

On 11/01/2016 17:12, Greg Kurz wrote:
> This reverts commit 5be7d9f1b1452613b95c6ba70b8d7ad3d0797991.
> 
> Cross-endian is now handled by the core virtio-net code.
> 
> Signed-off-by: Greg Kurz 
> ---
> v2:
> - moved changes not belonging to the revert to patch 1
> - updated changelog accordingly
> ---
>  hw/net/vhost_net.c |   33 +
>  1 file changed, 1 insertion(+), 32 deletions(-)
> 
> diff --git a/hw/net/vhost_net.c b/hw/net/vhost_net.c
> index 318c3e6ad213..0c7362b7a772 100644
> --- a/hw/net/vhost_net.c
> +++ b/hw/net/vhost_net.c
> @@ -38,7 +38,6 @@
>  #include "standard-headers/linux/virtio_ring.h"
>  #include "hw/virtio/vhost.h"
>  #include "hw/virtio/virtio-bus.h"
> -#include "hw/virtio/virtio-access.h"
>  
>  struct vhost_net {
>  struct vhost_dev dev;
> @@ -199,27 +198,6 @@ static void vhost_net_set_vq_index(struct vhost_net 
> *net, int vq_index)
>  net->dev.vq_index = vq_index;
>  }
>  
> -static int vhost_net_set_vnet_endian(VirtIODevice *dev, NetClientState *peer,
> - bool set)
> -{
> -int r = 0;
> -
> -if (virtio_vdev_has_feature(dev, VIRTIO_F_VERSION_1) ||
> -(virtio_legacy_is_cross_endian(dev) && !virtio_is_big_endian(dev))) {
> -r = qemu_set_vnet_le(peer, set);
> -if (r) {
> -error_report("backend does not support LE vnet headers");
> -}
> -} else if (virtio_legacy_is_cross_endian(dev)) {
> -r = qemu_set_vnet_be(peer, set);
> -if (r) {
> -error_report("backend does not support BE vnet headers");
> -}
> -}
> -
> -return r;
> -}
> -
>  static int vhost_net_start_one(struct vhost_net *net,
> VirtIODevice *dev)
>  {
> @@ -308,11 +286,6 @@ int vhost_net_start(VirtIODevice *dev, NetClientState 
> *ncs,
>  goto err;
>  }
>  
> -r = vhost_net_set_vnet_endian(dev, ncs[0].peer, true);
> -if (r < 0) {
> -goto err;
> -}
> -
>  for (i = 0; i < total_queues; i++) {
>  vhost_net_set_vq_index(get_vhost_net(ncs[i].peer), i * 2);
>  }
> @@ -320,7 +293,7 @@ int vhost_net_start(VirtIODevice *dev, NetClientState 
> *ncs,
>  r = k->set_guest_notifiers(qbus->parent, total_queues * 2, true);
>  if (r < 0) {
>  error_report("Error binding guest notifier: %d", -r);
> -goto err_endian;
> +goto err;
>  }
>  
>  for (i = 0; i < total_queues; i++) {
> @@ -342,8 +315,6 @@ err_start:
>  fprintf(stderr, "vhost guest notifier cleanup failed: %d\n", e);
>  fflush(stderr);
>  }
> -err_endian:
> -vhost_net_set_vnet_endian(dev, ncs[0].peer, false);
>  err:
>  return r;
>  }
> @@ -366,8 +337,6 @@ void vhost_net_stop(VirtIODevice *dev, NetClientState 
> *ncs,
>  fflush(stderr);
>  }
>  assert(r >= 0);
> -
> -assert(vhost_net_set_vnet_endian(dev, ncs[0].peer, false) >= 0);
>  }
>  
>  void vhost_net_cleanup(struct vhost_net *net)
> 
> 
Reviewed-by: Laurent Vivier 

Re: [Qemu-devel] [PATCH v2 1/5] virtio-net: use the backend cross-endian capabilities

[Laurent Vivier]

On 11/01/2016 17:12, Greg Kurz wrote:
> When running a fully emulated device in cross-endian conditions, including
> a virtio 1.0 device offered to a big endian guest, we need to fix the vnet
> headers. This is currently handled by the virtio_net_hdr_swap() function
> in the core virtio-net code but it should actually be handled by the net
> backend.
> 
> With this patch, virtio-net now tries to configure the backend to do the
> endian fixing when the device starts (i.e. drivers sets the CONFIG_OK bit).
> If the backend cannot support the requested endiannes, we have to fallback
> onto virtio_net_hdr_swap(): this is recorded in the needs_vnet_hdr_swap flag,
> to be used in the TX and RX paths.
> 
> Note that we reset the backend to the default behaviour (guest native
> endianness) when the device stops (i.e. device status had CONFIG_OK bit and
> driver unsets it). This is needed, with the linux tap backend at least,
> otherwise the guest may loose network connectivity if rebooted into a
> different endianness.
> 
> The current vhost-net code also tries to configure net backends. This will
> be no more needed and will be reverted in a subsequent patch.
> 
> Signed-off-by: Greg Kurz 
> ---
> v2:
> - dropped useless check in the 'else if' branch in virtio_net_vnet_status()
> - merged virtio_net_vhost_status() change from patch 2
> - use semicolon in "backend does no support..." error message
> - merged patch 3 (drop the virtio_needs_swap() helper)
> - provided some more details in changelog and comments
> ---
>  hw/net/virtio-net.c   |   49 
> +++--
>  include/hw/virtio/virtio-access.h |9 ---
>  include/hw/virtio/virtio-net.h|1 +
>  3 files changed, 48 insertions(+), 11 deletions(-)
> 
> diff --git a/hw/net/virtio-net.c b/hw/net/virtio-net.c
> index a877614e3e7a..497fb7119a08 100644
> --- a/hw/net/virtio-net.c
> +++ b/hw/net/virtio-net.c
> @@ -128,6 +128,13 @@ static void virtio_net_vhost_status(VirtIONet *n, 
> uint8_t status)
>  if (!n->vhost_started) {
>  int r, i;
>  
> +if (n->needs_vnet_hdr_swap) {
> +error_report("backend does not support %s vnet headers; "
> + "falling back on userspace virtio",
> + virtio_is_big_endian(vdev) ? "BE" : "LE");
> +return;
> +}
> +
>  /* Any packets outstanding? Purge them to avoid touching rings
>   * when vhost is running.
>   */
> @@ -152,6 +159,40 @@ static void virtio_net_vhost_status(VirtIONet *n, 
> uint8_t status)
>  }
>  }
>  
> +static void virtio_net_vnet_status(VirtIONet *n, uint8_t status)
> +{
> +VirtIODevice *vdev = VIRTIO_DEVICE(n);
> +NetClientState *peer = qemu_get_queue(n->nic)->peer;
> +
> +if (virtio_net_started(n, status)) {
> +int r;
> +
> +/* Before using the device, we tell the network backend about the
> + * endianness to use when parsing vnet headers. If the backend can't
> + * do it, we fallback onto fixing the headers in the core virtio-net
> + * code.
> + */
> +if (virtio_is_big_endian(vdev)) {
> +r = qemu_set_vnet_be(peer, true);
> +} else {
> +r = qemu_set_vnet_le(peer, true);
> +}
> +
> +n->needs_vnet_hdr_swap = !!r;
> +} else if (virtio_net_started(n, vdev->status)) {
> +/* After using the device, we need to reset the network backend to
> + * the default (guest native endianness), otherwise the guest may
> + * loose network connectivity if it is rebooted into a different
> + * endianness.
> + */
> +if (virtio_is_big_endian(vdev)) {
> +qemu_set_vnet_be(peer, false);
> +} else {
> +qemu_set_vnet_le(peer, false);
> +}
> +}
> +}
> +
>  static void virtio_net_set_status(struct VirtIODevice *vdev, uint8_t status)
>  {
>  VirtIONet *n = VIRTIO_NET(vdev);
> @@ -159,6 +200,7 @@ static void virtio_net_set_status(struct VirtIODevice 
> *vdev, uint8_t status)
>  int i;
>  uint8_t queue_status;
>  
> +virtio_net_vnet_status(n, status);
>  virtio_net_vhost_status(n, status);
>  
>  for (i = 0; i < n->max_queues; i++) {
> @@ -957,7 +999,10 @@ static void receive_header(VirtIONet *n, const struct 
> iovec *iov, int iov_cnt,
>  void *wbuf = (void *)buf;
>  work_around_broken_dhclient(wbuf, wbuf + n->host_hdr_len,
>  size - n->host_hdr_len);
> -virtio_net_hdr_swap(VIRTIO_DEVICE(n), wbuf);
> +
> +if (n->needs_vnet_hdr_swap) {
> +virtio_net_hdr_swap(VIRTIO_DEVICE(n), wbuf);
> +}
>  iov_from_buf(iov, iov_cnt, 0, buf, sizeof(struct virtio_net_hdr));
>  } else {
>  struct virtio_net_hdr hdr = {
> @@ -1167,7 +1212,7 @@ static int32_t virtio_net_flush_tx(VirtIONetQueue *q)
>  

[Qemu-devel] [PATCH 1/5] block: Allow mirror_start to return job references

[John Snow]

Pick up an extra reference in mirror_start_job to allow callers
of mirror_start and commit_active_start to get a reference to
the job they have created. Phase out callers from fishing the job
out of bs->job -- use the return value instead.

Callers of mirror_start_job and commit_active_start are now
responsible for putting down their reference to the job.

No callers of mirror_start yet seem to need the reference, so
that's left as a void return for now.

Ultimately, this patch fixes qemu-img's reliance on bs->job.

Signed-off-by: John Snow 
---
 block/mirror.c| 72 ++-
 blockdev.c|  8 --
 include/block/block_int.h | 10 +++
 qemu-img.c| 12 +---
 4 files changed, 59 insertions(+), 43 deletions(-)

diff --git a/block/mirror.c b/block/mirror.c
index f201f2b..92706ab 100644
--- a/block/mirror.c
+++ b/block/mirror.c
@@ -706,17 +706,18 @@ static const BlockJobDriver commit_active_job_driver = {
 .complete  = mirror_complete,
 };
 
-static void mirror_start_job(BlockDriverState *bs, BlockDriverState *target,
- const char *replaces,
- int64_t speed, uint32_t granularity,
- int64_t buf_size,
- BlockdevOnError on_source_error,
- BlockdevOnError on_target_error,
- bool unmap,
- BlockCompletionFunc *cb,
- void *opaque, Error **errp,
- const BlockJobDriver *driver,
- bool is_none_mode, BlockDriverState *base)
+static BlockJob *mirror_start_job(BlockDriverState *bs,
+  BlockDriverState *target,
+  const char *replaces,
+  int64_t speed, uint32_t granularity,
+  int64_t buf_size,
+  BlockdevOnError on_source_error,
+  BlockdevOnError on_target_error,
+  bool unmap,
+  BlockCompletionFunc *cb,
+  void *opaque, Error **errp,
+  const BlockJobDriver *driver,
+  bool is_none_mode, BlockDriverState *base)
 {
 MirrorBlockJob *s;
 BlockDriverState *replaced_bs;
@@ -731,12 +732,12 @@ static void mirror_start_job(BlockDriverState *bs, 
BlockDriverState *target,
  on_source_error == BLOCKDEV_ON_ERROR_ENOSPC) &&
 (!bs->blk || !blk_iostatus_is_enabled(bs->blk))) {
 error_setg(errp, QERR_INVALID_PARAMETER, "on-source-error");
-return;
+return NULL;
 }
 
 if (buf_size < 0) {
 error_setg(errp, "Invalid parameter 'buf-size'");
-return;
+return NULL;
 }
 
 if (buf_size == 0) {
@@ -748,19 +749,19 @@ static void mirror_start_job(BlockDriverState *bs, 
BlockDriverState *target,
 if (replaces) {
 replaced_bs = bdrv_lookup_bs(replaces, replaces, errp);
 if (replaced_bs == NULL) {
-return;
+return NULL;
 }
 } else {
 replaced_bs = bs;
 }
 if (replaced_bs->blk && target->blk) {
 error_setg(errp, "Can't create node with two BlockBackends");
-return;
+return NULL;
 }
 
 s = block_job_create(driver, bs, speed, cb, opaque, errp);
 if (!s) {
-return;
+return NULL;
 }
 
 s->replaces = g_strdup(replaces);
@@ -777,7 +778,7 @@ static void mirror_start_job(BlockDriverState *bs, 
BlockDriverState *target,
 if (!s->dirty_bitmap) {
 g_free(s->replaces);
 block_job_unref(>common);
-return;
+return NULL;
 }
 
 bdrv_op_block_all(s->target, s->common.blocker);
@@ -787,9 +788,11 @@ static void mirror_start_job(BlockDriverState *bs, 
BlockDriverState *target,
 blk_set_on_error(s->target->blk, on_target_error, on_target_error);
 blk_iostatus_enable(s->target->blk);
 }
+block_job_ref(>common);
 s->common.co = qemu_coroutine_create(mirror_run);
 trace_mirror_start(bs, s, s->common.co, opaque);
 qemu_coroutine_enter(s->common.co, s);
+return >common;
 }
 
 void mirror_start(BlockDriverState *bs, BlockDriverState *target,
@@ -803,6 +806,7 @@ void mirror_start(BlockDriverState *bs, BlockDriverState 
*target,
 {
 bool is_none_mode;
 BlockDriverState *base;
+BlockJob *job;
 
 if (mode == MIRROR_SYNC_MODE_INCREMENTAL) {
 error_setg(errp, "Sync mode 'incremental' not supported");
@@ -810,27 +814,31 @@ void mirror_start(BlockDriverState *bs, BlockDriverState 
*target,
 }
 is_none_mode = mode == MIRROR_SYNC_MODE_NONE;
 base = mode == MIRROR_SYNC_MODE_TOP ? backing_bs(bs) : NULL;
-

[Qemu-devel] [PATCH 5/5] blockjob: add Job parameter to BlockCompletionFunc

[John Snow]

It will no longer be sufficient to rely on the opaque parameter
containing a BDS, and there's no way to reliably include a
self-reference to the job we're creating, so always pass the Job
object forward to any callbacks.

Signed-off-by: John Snow 
---
 block/backup.c|  2 +-
 block/commit.c|  2 +-
 block/mirror.c|  6 +++---
 block/stream.c|  2 +-
 blockdev.c| 14 +++---
 blockjob.c| 13 +++--
 include/block/block.h |  2 ++
 include/block/block_int.h | 10 +-
 include/block/blockjob.h  |  6 --
 qemu-img.c|  4 ++--
 tests/test-blockjob-txn.c |  4 ++--
 11 files changed, 39 insertions(+), 26 deletions(-)

diff --git a/block/backup.c b/block/backup.c
index 58c76be..cadb880 100644
--- a/block/backup.c
+++ b/block/backup.c
@@ -506,7 +506,7 @@ BlockJob *backup_start(BlockDriverState *bs, 
BlockDriverState *target,
BdrvDirtyBitmap *sync_bitmap,
BlockdevOnError on_source_error,
BlockdevOnError on_target_error,
-   BlockCompletionFunc *cb, void *opaque,
+   BlockJobCompletionFunc *cb, void *opaque,
BlockJobTxn *txn, Error **errp)
 {
 int64_t len;
diff --git a/block/commit.c b/block/commit.c
index a5d02aa..ef4fd5a 100644
--- a/block/commit.c
+++ b/block/commit.c
@@ -202,7 +202,7 @@ static const BlockJobDriver commit_job_driver = {
 
 void commit_start(BlockDriverState *bs, BlockDriverState *base,
   BlockDriverState *top, int64_t speed,
-  BlockdevOnError on_error, BlockCompletionFunc *cb,
+  BlockdevOnError on_error, BlockJobCompletionFunc *cb,
   void *opaque, const char *backing_file_str, Error **errp)
 {
 CommitBlockJob *s;
diff --git a/block/mirror.c b/block/mirror.c
index 92706ab..18134e4 100644
--- a/block/mirror.c
+++ b/block/mirror.c
@@ -714,7 +714,7 @@ static BlockJob *mirror_start_job(BlockDriverState *bs,
   BlockdevOnError on_source_error,
   BlockdevOnError on_target_error,
   bool unmap,
-  BlockCompletionFunc *cb,
+  BlockJobCompletionFunc *cb,
   void *opaque, Error **errp,
   const BlockJobDriver *driver,
   bool is_none_mode, BlockDriverState *base)
@@ -801,7 +801,7 @@ void mirror_start(BlockDriverState *bs, BlockDriverState 
*target,
   MirrorSyncMode mode, BlockdevOnError on_source_error,
   BlockdevOnError on_target_error,
   bool unmap,
-  BlockCompletionFunc *cb,
+  BlockJobCompletionFunc *cb,
   void *opaque, Error **errp)
 {
 bool is_none_mode;
@@ -826,7 +826,7 @@ void mirror_start(BlockDriverState *bs, BlockDriverState 
*target,
 BlockJob *commit_active_start(BlockDriverState *bs, BlockDriverState *base,
   int64_t speed,
   BlockdevOnError on_error,
-  BlockCompletionFunc *cb,
+  BlockJobCompletionFunc *cb,
   void *opaque, Error **errp)
 {
 int64_t length, base_length;
diff --git a/block/stream.c b/block/stream.c
index 1dfeac0..1bd8220 100644
--- a/block/stream.c
+++ b/block/stream.c
@@ -216,7 +216,7 @@ static const BlockJobDriver stream_job_driver = {
 BlockJob *stream_start(BlockDriverState *bs, BlockDriverState *base,
   const char *backing_file_str, int64_t speed,
   BlockdevOnError on_error,
-  BlockCompletionFunc *cb,
+  BlockJobCompletionFunc *cb,
   void *opaque, Error **errp)
 {
 StreamBlockJob *s;
diff --git a/blockdev.c b/blockdev.c
index 9b37ace..6713ecb 100644
--- a/blockdev.c
+++ b/blockdev.c
@@ -2855,28 +2855,28 @@ out:
 aio_context_release(aio_context);
 }
 
-static void block_job_cb(void *opaque, int ret)
+static void block_job_cb(BlockJob *job, int ret)
 {
 /* Note that this function may be executed from another AioContext besides
  * the QEMU main loop.  If you need to access anything that assumes the
  * QEMU global mutex, use a BH or introduce a mutex.
  */
 
-BlockDriverState *bs = opaque;
+BlockDriverState *bs = job->bs;
 const char *msg = NULL;
 
-trace_block_job_cb(bs, bs->job, ret);
+trace_block_job_cb(bs, job, ret);
 
-assert(bs->job);
+assert(job);
 
 if (ret < 0) {
 msg = strerror(-ret);
 }
 
-if (block_job_is_cancelled(bs->job)) {
-block_job_event_cancelled(bs->job);
+if (block_job_is_cancelled(job)) {
+block_job_event_cancelled(job);
 } else {
-   

[Qemu-devel] [PATCH 3/5] block: allow backup_start to return job references

[John Snow]

backup_start picks up a reference to return the job it created to a
caller. callers are updated to put down the reference when they are
finished.

This is particularly interesting for transactions where backup jobs
pick up an implicit reference to the job. Previously, we check to
see if the job still exists by seeing if (bs->job == state->job),
but now we can be assured that our job object is still valid.

The job of course may have been canceled already, though.

Signed-off-by: John Snow 
---
 block/backup.c|  38 +-
 blockdev.c| 180 +-
 include/block/block_int.h |   2 +-
 3 files changed, 120 insertions(+), 100 deletions(-)

diff --git a/block/backup.c b/block/backup.c
index 705bb77..325e247 100644
--- a/block/backup.c
+++ b/block/backup.c
@@ -487,13 +487,13 @@ static void coroutine_fn backup_run(void *opaque)
 block_job_defer_to_main_loop(>common, backup_complete, data);
 }
 
-void backup_start(BlockDriverState *bs, BlockDriverState *target,
-  int64_t speed, MirrorSyncMode sync_mode,
-  BdrvDirtyBitmap *sync_bitmap,
-  BlockdevOnError on_source_error,
-  BlockdevOnError on_target_error,
-  BlockCompletionFunc *cb, void *opaque,
-  BlockJobTxn *txn, Error **errp)
+BlockJob *backup_start(BlockDriverState *bs, BlockDriverState *target,
+   int64_t speed, MirrorSyncMode sync_mode,
+   BdrvDirtyBitmap *sync_bitmap,
+   BlockdevOnError on_source_error,
+   BlockdevOnError on_target_error,
+   BlockCompletionFunc *cb, void *opaque,
+   BlockJobTxn *txn, Error **errp)
 {
 int64_t len;
 
@@ -503,53 +503,53 @@ void backup_start(BlockDriverState *bs, BlockDriverState 
*target,
 
 if (bs == target) {
 error_setg(errp, "Source and target cannot be the same");
-return;
+return NULL;
 }
 
 if ((on_source_error == BLOCKDEV_ON_ERROR_STOP ||
  on_source_error == BLOCKDEV_ON_ERROR_ENOSPC) &&
 (!bs->blk || !blk_iostatus_is_enabled(bs->blk))) {
 error_setg(errp, QERR_INVALID_PARAMETER, "on-source-error");
-return;
+return NULL;
 }
 
 if (!bdrv_is_inserted(bs)) {
 error_setg(errp, "Device is not inserted: %s",
bdrv_get_device_name(bs));
-return;
+return NULL;
 }
 
 if (!bdrv_is_inserted(target)) {
 error_setg(errp, "Device is not inserted: %s",
bdrv_get_device_name(target));
-return;
+return NULL;
 }
 
 if (bdrv_op_is_blocked(bs, BLOCK_OP_TYPE_BACKUP_SOURCE, errp)) {
-return;
+return NULL;
 }
 
 if (bdrv_op_is_blocked(target, BLOCK_OP_TYPE_BACKUP_TARGET, errp)) {
-return;
+return NULL;
 }
 
 if (sync_mode == MIRROR_SYNC_MODE_INCREMENTAL) {
 if (!sync_bitmap) {
 error_setg(errp, "must provide a valid bitmap name for "
  "\"incremental\" sync mode");
-return;
+return NULL;
 }
 
 /* Create a new bitmap, and freeze/disable this one. */
 if (bdrv_dirty_bitmap_create_successor(bs, sync_bitmap, errp) < 0) {
-return;
+return NULL;
 }
 } else if (sync_bitmap) {
 error_setg(errp,
"a sync_bitmap was provided to backup_run, "
"but received an incompatible sync_mode (%s)",
MirrorSyncMode_lookup[sync_mode]);
-return;
+return NULL;
 }
 
 len = bdrv_getlength(bs);
@@ -574,13 +574,17 @@ void backup_start(BlockDriverState *bs, BlockDriverState 
*target,
 job->sync_bitmap = sync_mode == MIRROR_SYNC_MODE_INCREMENTAL ?
sync_bitmap : NULL;
 job->common.len = len;
+
+block_job_ref(>common);
 job->common.co = qemu_coroutine_create(backup_run);
 block_job_txn_add_job(txn, >common);
 qemu_coroutine_enter(job->common.co, job);
-return;
+return >common;
 
  error:
 if (sync_bitmap) {
 bdrv_reclaim_dirty_bitmap(bs, sync_bitmap, NULL);
 }
+
+return NULL;
 }
diff --git a/blockdev.c b/blockdev.c
index f66cac8..9b37ace 100644
--- a/blockdev.c
+++ b/blockdev.c
@@ -1806,17 +1806,17 @@ typedef struct DriveBackupState {
 BlockJob *job;
 } DriveBackupState;
 
-static void do_drive_backup(const char *device, const char *target,
-bool has_format, const char *format,
-enum MirrorSyncMode sync,
-bool has_mode, enum NewImageMode mode,
-bool has_speed, int64_t speed,
-bool has_bitmap, const char *bitmap,
-bool has_on_source_error,
-  

Re: [Qemu-devel] [PATCH] osdep.h: Include glib-compat.h in osdep.h rather than qemu-common.h

[Michael Tokarev]

04.12.2015 20:34, Peter Maydell wrote:
> Our use of glib is now pervasive across QEMU. Move the include of 
> glib-compat.h
> from qemu-common.h to osdep.h so that it is more widely accessible and doesn't
> get forgotten by accident. (Failure to include it will result in build failure
> on old versions of glib which is likely to be unnoticed by most developers.)

Applied to -trivial, thanks!

/mjt

Re: [Qemu-devel] [PATCH] scripts/checkpatch.pl: Don't allow special cases of unspaced operators

[Michael Tokarev]

18.12.2015 15:59, Peter Maydell wrote:
> The checkpatch.pl script has a special case to permit the following
> operators to have no spaces around them:
>  <<  >>  &  ^  |  +  -  *  /  %
> 
> QEMU style prefers all operators to consistently have spacing around
> them, so remove this special case handling. This avoids reviewers
> having to manually note it during code review.

Applied to -trivial, thank you!

/mjt

Re: [Qemu-devel] [PATCH] hmp: avoid redundant null termination of buffer

[Wolfgang Bumiller]

On Sun, Jan 10, 2016 at 10:56:55AM +0300, Michael Tokarev wrote:
> So, what's the status of this issue now?
> (it is CVE-2015-8619 btw, maybe worth to mention this in the commit message)

Seems we concluded it's best to keep keyname_len around and simply check
it against the sizeof(keyname_buf).

Here's a full new version as I haven't seen one yet. (With an adapted
commit message and the CVE id added.)

I did not include the proposed change to the pstrcpy() size parameter
as it seemed more like a coding-style change and because the code also
uses
  pstrcpy(keyname_buf, sizeof(keyname_buf), "less")
instead of a memcpy() (after all, the buffer size is known and the
contents are constant in that line).

Patch:

===
>From 8da4a3bf8fb076314f986a0d58cb94f5458e3659 Mon Sep 17 00:00:00 2001
From: Wolfgang Bumiller 
Date: Mon, 11 Jan 2016 08:21:25 +0100
Subject: [PATCH] hmp: fix sendkey out of bounds write (CVE-2015-8619)

When processing 'sendkey' command, hmp_sendkey routine null
terminates the 'keyname_buf' array. This results in an OOB
write issue, if 'keyname_len' was to fall outside of
'keyname_buf' array.

Now checking the length against the buffer size before using
it.

Reported-by: Ling Liu 
Signed-off-by: Wolfgang Bumiller 
---
 hmp.c | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

diff --git a/hmp.c b/hmp.c
index c2b2c16..0c7a04c 100644
--- a/hmp.c
+++ b/hmp.c
@@ -1749,6 +1749,8 @@ void hmp_sendkey(Monitor *mon, const QDict *qdict)
 while (1) {
 separator = strchr(keys, '-');
 keyname_len = separator ? separator - keys : strlen(keys);
+if (keyname_len >= sizeof(keyname_buf))
+goto err_out;
 pstrcpy(keyname_buf, sizeof(keyname_buf), keys);
 
 /* Be compatible with old interface, convert user inputted "<" */
@@ -1800,7 +1802,7 @@ out:
 return;
 
 err_out:
-monitor_printf(mon, "invalid parameter: %s\n", keyname_buf);
+monitor_printf(mon, "invalid parameter: %s\n", keys);
 goto out;
 }
 
-- 
2.1.4

Re: [Qemu-devel] [PATCH] hmp: avoid redundant null termination of buffer

[P J P]

+-- On Mon, 11 Jan 2016, Wolfgang Bumiller wrote --+
| Seems we concluded it's best to keep keyname_len around and simply check it 
| against the sizeof(keyname_buf).
| 
| Here's a full new version as I haven't seen one yet. (With an adapted commit 
| message and the CVE id added.)

  Sorry, i thought you were sending it.

| ===
| >From 8da4a3bf8fb076314f986a0d58cb94f5458e3659 Mon Sep 17 00:00:00 2001
| From: Wolfgang Bumiller 
| Date: Mon, 11 Jan 2016 08:21:25 +0100
| Subject: [PATCH] hmp: fix sendkey out of bounds write (CVE-2015-8619)
| 
| When processing 'sendkey' command, hmp_sendkey routine null
| terminates the 'keyname_buf' array. This results in an OOB
| write issue, if 'keyname_len' was to fall outside of
| 'keyname_buf' array.
| 
| Now checking the length against the buffer size before using
| it.
| 
| Reported-by: Ling Liu 
| Signed-off-by: Wolfgang Bumiller 
| ---
|  hmp.c | 4 +++-
|  1 file changed, 3 insertions(+), 1 deletion(-)
| 
| diff --git a/hmp.c b/hmp.c
| index c2b2c16..0c7a04c 100644
| --- a/hmp.c
| +++ b/hmp.c
| @@ -1749,6 +1749,8 @@ void hmp_sendkey(Monitor *mon, const QDict *qdict)
|  while (1) {
|  separator = strchr(keys, '-');
|  keyname_len = separator ? separator - keys : strlen(keys);
| +if (keyname_len >= sizeof(keyname_buf))
| +goto err_out;
|  pstrcpy(keyname_buf, sizeof(keyname_buf), keys);
|  
|  /* Be compatible with old interface, convert user inputted "<" */
| @@ -1800,7 +1802,7 @@ out:
|  return;
|  
|  err_out:
| -monitor_printf(mon, "invalid parameter: %s\n", keyname_buf);
| +monitor_printf(mon, "invalid parameter: %s\n", keys);
|  goto out;
|  }

  It looks good.

Thank you.
--
Prasad J Pandit / Red Hat Product Security Team
47AF CE69 3A90 54AA 9045 1053 DD13 3D32 FE5B 041F

Re: [Qemu-devel] QEMU/KVM performance gets worser - high load - high interrupts - high context switches

[Paolo Bonzini]

On 09/01/2016 17:46, Gerhard Wiesinger wrote:
> 
> # Positive consequences via munin monitoring:
> # Reduced fork rate: 40 => 13
> # process states: running 15 => <1
> # CÜU temperature: (core dependant) 65-70°C => 56-64°C
> # CPU usage: system: 47% => 15%, user: 76% => 50%
> # Context Switches: 20k => 7.5k
> # Interrupts: 16k => 9k
> # Load average: 2.8 => 1
> 
> => back at the level before one year!!!
> 
> Any idea why the serial device/PCI controller and the USB mouse tablet
> consume so much CPU on latest kernel and/or qemu?

For USB, it's possible that you're not using the USB autosuspend
feature?  (As explained in Gerd's blog post, for Microsoft OSes you may
need to fiddle with the registry).

For virtio-serial, I have no idea.

Paolo

Re: [Qemu-devel] [PATCH] PCI: add param check for api

[Michael Tokarev]

21.11.2015 10:45, Cao jin wrote:
> add param check for pci_add_capability2, as it is a public API.
> 
> Signed-off-by: Cao jin 
> ---
>  hw/pci/pci.c | 3 +++
>  1 file changed, 3 insertions(+)
> 
> diff --git a/hw/pci/pci.c b/hw/pci/pci.c
> index 168b9cc..6938f64 100644
> --- a/hw/pci/pci.c
> +++ b/hw/pci/pci.c
> @@ -2144,6 +2144,9 @@ int pci_add_capability2(PCIDevice *pdev, uint8_t cap_id,
>  uint8_t *config;
>  int i, overlapping_cap;
>  
> +assert(size > 0);
> +assert(offset >= PCI_CONFIG_HEADER_SIZE || !offset);
> +

I'd like to see some ACKs/Reviews for this one, in particular why
size should be != 0.  Also either move offset assert to the below
"else" clause or rewrite it to be offset == 0 instead if !offset :)

Thanks,

/mjt

>  if (!offset) {
>  offset = pci_find_space(pdev, size);
>  if (!offset) {
> 

Re: [Qemu-devel] [PATCH] block: acquire in bdrv_query_image_info

[Paolo Bonzini]

On 25/12/2015 02:51, Fam Zheng wrote:
> On Wed, 12/23 11:48, Paolo Bonzini wrote:
>> NFS calls aio_poll inside bdrv_get_allocated_size.  This requires
>> acquiring the AioContext.
>>
>> Signed-off-by: Paolo Bonzini 
>> ---
>>  block/qapi.c | 9 +++--
>>  1 file changed, 7 insertions(+), 2 deletions(-)
>>
>> diff --git a/block/qapi.c b/block/qapi.c
>> index fecac25..ea400e0 100644
>> --- a/block/qapi.c
>> +++ b/block/qapi.c
>> @@ -210,11 +210,13 @@ void bdrv_query_image_info(BlockDriverState *bs,
>>  Error *err = NULL;
>>  ImageInfo *info;
>>  
>> +aio_context_acquire(bdrv_get_aio_context(bs));
>> +
>>  size = bdrv_getlength(bs);
>>  if (size < 0) {
>>  error_setg_errno(errp, -size, "Can't get size of device '%s'",
>>   bdrv_get_device_name(bs));
>> -return;
>> +goto out;
>>  }
>>  
>>  info = g_new0(ImageInfo, 1);
>> @@ -281,10 +283,13 @@ void bdrv_query_image_info(BlockDriverState *bs,
>>  default:
>>  error_propagate(errp, err);
>>  qapi_free_ImageInfo(info);
>> -return;
>> +goto out;
>>  }
>>  
>>  *p_info = info;
>> +
>> +out:
>> +aio_context_release(bdrv_get_aio_context(bs));
>>  }
>>  
>>  /* @p_info will be set only on success. */
>> -- 
>> 2.5.0
>>
>>
> 
> Reviewed-by: Fam Zheng 
> 
> 

Ping?

Paolo

[Qemu-devel] [PULL 00/19] Trivial patches for 2016-01-11

[Michael Tokarev]

This is the first trivial-patches pull request for 2016 year, and
the first one for qemu 2.6 series.  With some old stuff in there,
collecting missing patches since Nov-2015.

There's nothing exciting in there, except of a possible fun patch
enabling sigaltstack syscall.

Please consider applying/pulling.

Thanks,

/mjt

The following changes since commit 6bb9ead762bf749af11ea225fc2a74db1b93c105:

  Merge remote-tracking branch 'remotes/kraxel/tags/pull-ui-20160108-1' into 
staging (2016-01-08 12:50:19 +)

are available in the git repository at:

  git://git.corpit.ru/qemu.git tags/pull-trivial-patches-2016-01-11

for you to fetch changes up to fe02fc5209d497d011b2b4b09395e2503d9dedc6:

  hw/s390x: Remove superfluous return statements (2016-01-11 11:39:28 +0300)


trivial patches for 2016-01-11


Cao jin (5):
  xen/Makefile.objs: simplify
  hw/misc/edu: Convert to realize()
  gt64120: convert to realize()
  SH PCI Host: convert to realize()
  PCI Bonito: QOMify and cleanup

Eric Blake (1):
  crypto: Fix typo in example

Johan Ouwerkerk (1):
  Add missing syscall nrs. according to more recent Linux kernels

Marc-André Lureau (1):
  configure: fix trace backend check

Michael Tokarev (2):
  unicore32: convert get_sp_from_cpustate from macro to inline
  linux-user: enable sigaltstack for all architectures

Paolo Bonzini (1):
  net: convert qemu_log to error_report, fix message

Peter Maydell (2):
  scripts/checkpatch.pl: Don't allow special cases of unspaced operators
  osdep.h: Include glib-compat.h in osdep.h rather than qemu-common.h

Thomas Huth (5):
  MAINTAINERS: Add the correct device_tree.h file
  hw/ide: Remove superfluous return statements
  hw/acpi: Remove superfluous return statement
  hw/core/qdev: Remove superfluous return statement
  hw/s390x: Remove superfluous return statements

Zhu Lingshan (1):
  iscsi: fix readcapacity error message

 MAINTAINERS  |  3 ++-
 block/iscsi.c|  2 +-
 configure|  2 +-
 hw/acpi/memory_hotplug.c |  1 -
 hw/core/qdev.c   |  1 -
 hw/ide/atapi.c   |  1 -
 hw/ide/macio.c   |  2 --
 hw/mips/gt64xxx_pci.c|  6 ++
 hw/misc/edu.c|  6 ++
 hw/pci-host/bonito.c | 23 ---
 hw/s390x/css.c   |  1 -
 hw/s390x/s390-pci-bus.c  |  4 
 hw/sh4/sh_pci.c  |  5 ++---
 hw/xen/Makefile.objs |  3 +--
 include/crypto/tlssession.h  |  2 +-
 include/qemu-common.h|  1 -
 include/qemu/osdep.h |  2 ++
 linux-user/aarch64/syscall_nr.h  | 13 +
 linux-user/arm/syscall_nr.h  | 12 
 linux-user/mips/syscall_nr.h | 12 
 linux-user/syscall.c |  6 --
 linux-user/unicore32/target_signal.h |  6 +-
 net/dump.c   |  2 +-
 scripts/checkpatch.pl| 13 -
 24 files changed, 69 insertions(+), 60 deletions(-)

[Qemu-devel] [PULL 05/19] MAINTAINERS: Add the correct device_tree.h file

[Michael Tokarev]

From: Thomas Huth 

device_tree.h is not in the main directory, but under
include/sysemu/ nowadays.

Signed-off-by: Thomas Huth 
Signed-off-by: Michael Tokarev 
---
 MAINTAINERS | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/MAINTAINERS b/MAINTAINERS
index 5a62ecd..de5439d 100644
--- a/MAINTAINERS
+++ b/MAINTAINERS
@@ -1036,7 +1036,8 @@ Device Tree
 M: Peter Crosthwaite 
 M: Alexander Graf 
 S: Maintained
-F: device_tree.[ch]
+F: device_tree.c
+F: include/sysemu/device_tree.h
 
 Error reporting
 M: Markus Armbruster 
-- 
2.1.4

[Qemu-devel] [PULL 01/19] unicore32: convert get_sp_from_cpustate from macro to inline

[Michael Tokarev]

All other architectures define get_sp_from_cpustate as an inline function,
only unicore32 uses a #define.  With this, some usages are impossible, for
example, enabling sigaltstack in linux-user/syscall.c results in

linux-user/syscall.c: In function ‘do_syscall’:
linux-user/syscall.c:8299:39: error: dereferencing ‘void *’ pointer [-Werror]
  get_sp_from_cpustate(arg1, arg2, get_sp_from_cpustate((CPUArchState 
*)cpu_env));
   ^
linux-user/syscall.c:8299:39: error: request for member ‘regs’ in something not 
a structure or union

Signed-off-by: Michael Tokarev 
Reviewed-by: Peter Maydell 
---
 linux-user/unicore32/target_signal.h | 6 +-
 1 file changed, 5 insertions(+), 1 deletion(-)

diff --git a/linux-user/unicore32/target_signal.h 
b/linux-user/unicore32/target_signal.h
index 8b255c4..7c44238 100644
--- a/linux-user/unicore32/target_signal.h
+++ b/linux-user/unicore32/target_signal.h
@@ -21,6 +21,10 @@ typedef struct target_sigaltstack {
 #define TARGET_SS_ONSTACK   1
 #define TARGET_SS_DISABLE   2
 
-#define get_sp_from_cpustate(cpustate)  (cpustate->regs[29])
+static inline abi_ulong get_sp_from_cpustate(CPUUniCore32State *state)
+{
+return state->regs[29];
+}
+
 
 #endif /* TARGET_SIGNAL_H */
-- 
2.1.4

[Qemu-devel] [PULL 07/19] xen/Makefile.objs: simplify

[Michael Tokarev]

From: Cao jin 

merge last two lines, keep alphabetic order.

Signed-off-by: Cao jin 
Reviewed-by: Stefan Weil 
Reviewed-by: Stefano Stabellini 
Signed-off-by: Michael Tokarev 
---
 hw/xen/Makefile.objs | 3 +--
 1 file changed, 1 insertion(+), 2 deletions(-)

diff --git a/hw/xen/Makefile.objs b/hw/xen/Makefile.objs
index a9ad7e7..d367094 100644
--- a/hw/xen/Makefile.objs
+++ b/hw/xen/Makefile.objs
@@ -2,5 +2,4 @@
 common-obj-$(CONFIG_XEN_BACKEND) += xen_backend.o xen_devconfig.o
 
 obj-$(CONFIG_XEN_PCI_PASSTHROUGH) += xen-host-pci-device.o
-obj-$(CONFIG_XEN_PCI_PASSTHROUGH) += xen_pt.o xen_pt_config_init.o xen_pt_msi.o
-obj-$(CONFIG_XEN_PCI_PASSTHROUGH) += xen_pt.o xen_pt_config_init.o 
xen_pt_msi.o xen_pt_graphics.o
+obj-$(CONFIG_XEN_PCI_PASSTHROUGH) += xen_pt.o xen_pt_config_init.o 
xen_pt_graphics.o xen_pt_msi.o
-- 
2.1.4

[Qemu-devel] [PATCH v2 1/3] linux-user/mmap.c: Set prot page flags for the correct region in mmap_frag()

[chengang]

From: Chen Gang 

mmap() size in mmap_frag() is qemu_host_page_size, but the outside calls
page_set_flags() may be not with qemu_host_page_size. So after mmap(),
call page_set_flags() in time.

After this fix,  for the next call for the same region, prot1 will be
PAGE_VALID (not 0), so can avoid to enter "if (prot1 == 0)" case, again.

Signed-off-by: Chen Gang 
---
 linux-user/mmap.c | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/linux-user/mmap.c b/linux-user/mmap.c
index 445e8c6..7807ed0 100644
--- a/linux-user/mmap.c
+++ b/linux-user/mmap.c
@@ -162,6 +162,8 @@ static int mmap_frag(abi_ulong real_start,
flags | MAP_ANONYMOUS, -1, 0);
 if (p == MAP_FAILED)
 return -1;
+page_set_flags(real_start, real_start + qemu_host_page_size,
+   PAGE_VALID);
 prot1 = prot;
 }
 prot1 &= PAGE_BITS;
-- 
1.9.1

[Qemu-devel] [PATCH v2 3/3] linux-user/mmap.c: Use TARGET_PAGE_SIZE as the increasing step

[chengang]

From: Chen Gang 

Just like another areas have done.
---
 linux-user/mmap.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/linux-user/mmap.c b/linux-user/mmap.c
index 51c381d..86c270b 100644
--- a/linux-user/mmap.c
+++ b/linux-user/mmap.c
@@ -151,7 +151,7 @@ static int mmap_frag(abi_ulong real_start,
 
 /* get the protection of the target pages outside the mapping */
 prot1 = 0;
-for(addr = real_start; addr < real_end; addr++) {
+for (addr = real_start; addr < real_end; addr += TARGET_PAGE_SIZE) {
 if (addr < start || addr >= end)
 prot1 |= page_get_flags(addr);
 }
-- 
1.9.1

[Qemu-devel] [PULL 11/19] gt64120: convert to realize()

[Michael Tokarev]

From: Cao jin 

Signed-off-by: Cao jin 
Signed-off-by: Michael Tokarev 
---
 hw/mips/gt64xxx_pci.c | 6 ++
 1 file changed, 2 insertions(+), 4 deletions(-)

diff --git a/hw/mips/gt64xxx_pci.c b/hw/mips/gt64xxx_pci.c
index f76a9fd..c1f3c9c 100644
--- a/hw/mips/gt64xxx_pci.c
+++ b/hw/mips/gt64xxx_pci.c
@@ -1193,7 +1193,7 @@ static int gt64120_init(SysBusDevice *dev)
 return 0;
 }
 
-static int gt64120_pci_init(PCIDevice *d)
+static void gt64120_pci_realize(PCIDevice *d, Error **errp)
 {
 /* FIXME: Malta specific hw assumptions ahead */
 pci_set_word(d->config + PCI_COMMAND, 0);
@@ -1207,8 +1207,6 @@ static int gt64120_pci_init(PCIDevice *d)
 pci_set_long(d->config + PCI_BASE_ADDRESS_4, 0x1400);
 pci_set_long(d->config + PCI_BASE_ADDRESS_5, 0x1401);
 pci_set_byte(d->config + 0x3d, 0x01);
-
-return 0;
 }
 
 static void gt64120_pci_class_init(ObjectClass *klass, void *data)
@@ -1216,7 +1214,7 @@ static void gt64120_pci_class_init(ObjectClass *klass, 
void *data)
 PCIDeviceClass *k = PCI_DEVICE_CLASS(klass);
 DeviceClass *dc = DEVICE_CLASS(klass);
 
-k->init = gt64120_pci_init;
+k->realize = gt64120_pci_realize;
 k->vendor_id = PCI_VENDOR_ID_MARVELL;
 k->device_id = PCI_DEVICE_ID_MARVELL_GT6412X;
 k->revision = 0x10;
-- 
2.1.4

[Qemu-devel] [PULL 03/19] net: convert qemu_log to error_report, fix message

[Michael Tokarev]

From: Paolo Bonzini 

Ensure that the error is printed with the proper timestamp.

Signed-off-by: Paolo Bonzini 
Signed-off-by: Michael Tokarev 
---
 net/dump.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/net/dump.c b/net/dump.c
index ce16a4b..1c05f78 100644
--- a/net/dump.c
+++ b/net/dump.c
@@ -84,7 +84,7 @@ static ssize_t dump_receive_iov(DumpState *s, const struct 
iovec *iov, int cnt)
 cnt = iov_copy([1], cnt, iov, cnt, 0, caplen);
 
 if (writev(s->fd, dumpiov, cnt + 1) != sizeof(hdr) + caplen) {
-qemu_log("-net dump write error - stop dump\n");
+error_report("network dump write error - stopping dump");
 close(s->fd);
 s->fd = -1;
 }
-- 
2.1.4

Re: [Qemu-devel] [Xen-devel] [PATCH v4] igd-passthrough-i440FX: convert to realize()

[Gerd Hoffmann]

  Hi,

> I can boot up Linux VM with IGD pass-through with latest qemu (without
> any additional patch), guest run 3D "nexuiz" and get 180fps. 

That is a pretty recent linux guest I assume?
Tried older kernels too, possibly even the old userspace xorg driver?
Do windows guest work as well?

cheers,
  Gerd

[Qemu-devel] [PULL 15/19] osdep.h: Include glib-compat.h in osdep.h rather than qemu-common.h

[Michael Tokarev]

From: Peter Maydell 

Our use of glib is now pervasive across QEMU. Move the include of glib-compat.h
from qemu-common.h to osdep.h so that it is more widely accessible and doesn't
get forgotten by accident. (Failure to include it will result in build failure
on old versions of glib which is likely to be unnoticed by most developers.)

Signed-off-by: Peter Maydell 
Signed-off-by: Michael Tokarev 
---
 include/qemu-common.h | 1 -
 include/qemu/osdep.h  | 2 ++
 2 files changed, 2 insertions(+), 1 deletion(-)

diff --git a/include/qemu-common.h b/include/qemu-common.h
index 405364f..22b010c 100644
--- a/include/qemu-common.h
+++ b/include/qemu-common.h
@@ -22,7 +22,6 @@
 
 #define TFR(expr) do { if ((expr) != -1) break; } while (errno == EINTR)
 
-#include "glib-compat.h"
 #include "qemu/option.h"
 #include "qemu/host-utils.h"
 
diff --git a/include/qemu/osdep.h b/include/qemu/osdep.h
index 84e84ac..59a7f8d 100644
--- a/include/qemu/osdep.h
+++ b/include/qemu/osdep.h
@@ -69,6 +69,8 @@
 #include "sysemu/os-posix.h"
 #endif
 
+#include "glib-compat.h"
+
 #include "qapi/error.h"
 
 #if defined(CONFIG_SOLARIS) && CONFIG_SOLARIS_VERSION < 10
-- 
2.1.4

[Qemu-devel] [PULL 09/19] hw/misc/edu: Convert to realize()

[Michael Tokarev]

From: Cao jin 

for educational PCI device

Signed-off-by: Cao jin 
Reviewed-by: Markus Armbruster 
Signed-off-by: Michael Tokarev 
---
 hw/misc/edu.c | 6 ++
 1 file changed, 2 insertions(+), 4 deletions(-)

diff --git a/hw/misc/edu.c b/hw/misc/edu.c
index fe50b42..43d5b18 100644
--- a/hw/misc/edu.c
+++ b/hw/misc/edu.c
@@ -327,7 +327,7 @@ static void *edu_fact_thread(void *opaque)
 return NULL;
 }
 
-static int pci_edu_init(PCIDevice *pdev)
+static void pci_edu_realize(PCIDevice *pdev, Error **errp)
 {
 EduState *edu = DO_UPCAST(EduState, pdev, pdev);
 uint8_t *pci_conf = pdev->config;
@@ -344,8 +344,6 @@ static int pci_edu_init(PCIDevice *pdev)
 memory_region_init_io(>mmio, OBJECT(edu), _mmio_ops, edu,
 "edu-mmio", 1 << 20);
 pci_register_bar(pdev, 0, PCI_BASE_ADDRESS_SPACE_MEMORY, >mmio);
-
-return 0;
 }
 
 static void pci_edu_uninit(PCIDevice *pdev)
@@ -385,7 +383,7 @@ static void edu_class_init(ObjectClass *class, void *data)
 {
 PCIDeviceClass *k = PCI_DEVICE_CLASS(class);
 
-k->init = pci_edu_init;
+k->realize = pci_edu_realize;
 k->exit = pci_edu_uninit;
 k->vendor_id = PCI_VENDOR_ID_QEMU;
 k->device_id = 0x11e8;
-- 
2.1.4

[Qemu-devel] [PULL 14/19] scripts/checkpatch.pl: Don't allow special cases of unspaced operators

[Michael Tokarev]

From: Peter Maydell 

The checkpatch.pl script has a special case to permit the following
operators to have no spaces around them:
 <<  >>  &  ^  |  +  -  *  /  %

QEMU style prefers all operators to consistently have spacing around
them, so remove this special case handling. This avoids reviewers
having to manually note it during code review.

Signed-off-by: Peter Maydell 
Reviewed-by: Stefan Weil 
Reviewed-by: Eric Blake 
Signed-off-by: Michael Tokarev 
---
 scripts/checkpatch.pl | 13 -
 1 file changed, 13 deletions(-)

diff --git a/scripts/checkpatch.pl b/scripts/checkpatch.pl
index b0f6e11..efca817 100755
--- a/scripts/checkpatch.pl
+++ b/scripts/checkpatch.pl
@@ -1890,19 +1890,6 @@ sub process {
ERROR("space prohibited after 
that '$op' $at\n" . $hereptr);
}
 
-
-   # << and >> may either have or not have spaces 
both sides
-   } elsif ($op eq '<<' or $op eq '>>' or
-$op eq '&' or $op eq '^' or $op eq '|' 
or
-$op eq '+' or $op eq '-' or
-$op eq '*' or $op eq '/' or
-$op eq '%')
-   {
-   if ($ctx =~ /Wx[^WCE]|[^WCE]xW/) {
-   ERROR("need consistent spacing 
around '$op' $at\n" .
-   $hereptr);
-   }
-
# A colon needs no spaces before when it is
# terminating a case value or a label.
} elsif ($opv eq ':C' || $opv eq ':L') {
-- 
2.1.4

[Qemu-devel] [PULL 19/19] hw/s390x: Remove superfluous return statements

[Michael Tokarev]

From: Thomas Huth 

The "return;" statements at the end of functions do not make
much sense, so let's remove them.

Cc: Cornelia Huck 
Cc: Christian Borntraeger 
Cc: Alexander Graf 
Cc: Richard Henderson 
Signed-off-by: Thomas Huth 
Signed-off-by: Michael Tokarev 
---
 hw/s390x/css.c  | 1 -
 hw/s390x/s390-pci-bus.c | 4 
 2 files changed, 5 deletions(-)

diff --git a/hw/s390x/css.c b/hw/s390x/css.c
index 19851ce..343c352 100644
--- a/hw/s390x/css.c
+++ b/hw/s390x/css.c
@@ -1430,7 +1430,6 @@ void subch_device_save(SubchDev *s, QEMUFile *f)
 }
 qemu_put_byte(f, s->ccw_fmt_1);
 qemu_put_byte(f, s->ccw_no_data_cnt);
-return;
 }
 
 int subch_device_load(SubchDev *s, QEMUFile *f)
diff --git a/hw/s390x/s390-pci-bus.c b/hw/s390x/s390-pci-bus.c
index 98c726c..8de35ff 100644
--- a/hw/s390x/s390-pci-bus.c
+++ b/hw/s390x/s390-pci-bus.c
@@ -123,7 +123,6 @@ void s390_pci_sclp_configure(int configure, SCCB *sccb)
 }
 
 psccb->header.response_code = cpu_to_be16(rc);
-return;
 }
 
 static uint32_t s390_pci_get_pfid(PCIDevice *pdev)
@@ -439,8 +438,6 @@ static void s390_msi_ctrl_write(void *opaque, hwaddr addr, 
uint64_t data,
 io_int_word = (pbdev->isc << 27) | IO_INT_WORD_AI;
 s390_io_interrupt(0, 0, 0, io_int_word);
 }
-
-return;
 }
 
 static uint64_t s390_msi_ctrl_read(void *opaque, hwaddr addr, unsigned size)
@@ -561,7 +558,6 @@ static void s390_pcihost_hot_plug(HotplugHandler 
*hotplug_dev,
 s390_pci_generate_plug_event(HP_EVENT_TO_CONFIGURED,
  pbdev->fh, pbdev->fid);
 }
-return;
 }
 
 static void s390_pcihost_hot_unplug(HotplugHandler *hotplug_dev,
-- 
2.1.4

[Qemu-devel] [PULL 18/19] hw/core/qdev: Remove superfluous return statement

[Michael Tokarev]

From: Thomas Huth 

The "return;" statement at the end of device_set_realized()
does not make much sense, so let's remove it.

Signed-off-by: Thomas Huth 
Signed-off-by: Michael Tokarev 
---
 hw/core/qdev.c | 1 -
 1 file changed, 1 deletion(-)

diff --git a/hw/core/qdev.c b/hw/core/qdev.c
index b3ad467..4e3173d 100644
--- a/hw/core/qdev.c
+++ b/hw/core/qdev.c
@@ -1134,7 +1134,6 @@ post_realize_fail:
 
 fail:
 error_propagate(errp, local_err);
-return;
 }
 
 static bool device_get_hotpluggable(Object *obj, Error **errp)
-- 
2.1.4

Re: [Qemu-devel] [PATCH v2] linux-user: syscall: Add SO_LINGER for setsockopt

[Laurent Vivier]

Le 11/01/2016 07:47, cheng...@emindsoft.com.cn a écrit :
> From: Chen Gang 
> 
> Just implement it according to the other features implementations.
> 
> Signed-off-by: Chen Gang 
> ---
>  linux-user/syscall.c  | 18 +-
>  linux-user/syscall_defs.h |  5 +
>  2 files changed, 22 insertions(+), 1 deletion(-)
> 
> diff --git a/linux-user/syscall.c b/linux-user/syscall.c
> index 4c68800..fcdca2a 100644
> --- a/linux-user/syscall.c
> +++ b/linux-user/syscall.c
> @@ -1410,6 +1410,9 @@ static abi_long do_setsockopt(int sockfd, int level, 
> int optname,
>  int val;
>  struct ip_mreqn *ip_mreq;
>  struct ip_mreq_source *ip_mreq_source;
> +struct linger lg;
> +struct target_linger *tlg;
> +
>  
>  switch(level) {
>  case SOL_TCP:
> @@ -1661,7 +1664,20 @@ set_timeout:
>  case TARGET_SO_RCVLOWAT:
>   optname = SO_RCVLOWAT;
>   break;
> -break;
> +case TARGET_SO_LINGER:
> +optname = SO_LINGER;
> +if (optlen != sizeof(struct target_linger)) {
> +return -TARGET_EINVAL;
> +}
> +if (!lock_user_struct(VERIFY_READ, tlg, optval_addr, 1)) {
> +return -TARGET_EFAULT;
> +}
> +__get_user(lg.l_onoff, >l_onoff);
> +__get_user(lg.l_linger, >l_linger);
> +ret = get_errno(setsockopt(sockfd, SOL_SOCKET, optname,
> +, sizeof(lg)));
> +unlock_user_struct(tlg, optval_addr, 0);
> +return ret;

I think it should be moved before the "/* Options with 'int' argument
*/" comment.

Except that, it is good.

>  default:
>  goto unimplemented;
>  }
> diff --git a/linux-user/syscall_defs.h b/linux-user/syscall_defs.h
> index f996acf..6591e74 100644
> --- a/linux-user/syscall_defs.h
> +++ b/linux-user/syscall_defs.h
> @@ -166,6 +166,11 @@ struct target_ip_mreq_source {
>  uint32_t imr_sourceaddr;
>  };
>  
> +struct target_linger {
> +abi_int l_onoff;/* Linger active*/
> +abi_int l_linger;   /* How long to linger for   */
> +};
> +
>  struct target_timeval {
>  abi_long tv_sec;
>  abi_long tv_usec;
> 

[Qemu-devel] [PATCH v2 2/3] linux-user/mmap.c: Remove useless variable p for mmap_frag

[chengang]

From: Chen Gang 

It is useless.

Signed-off-by: Chen Gang 
---
 linux-user/mmap.c | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/linux-user/mmap.c b/linux-user/mmap.c
index 7807ed0..51c381d 100644
--- a/linux-user/mmap.c
+++ b/linux-user/mmap.c
@@ -158,10 +158,10 @@ static int mmap_frag(abi_ulong real_start,
 
 if (prot1 == 0) {
 /* no page was there, so we allocate one */
-void *p = mmap(host_start, qemu_host_page_size, prot,
-   flags | MAP_ANONYMOUS, -1, 0);
-if (p == MAP_FAILED)
+if (mmap(host_start, qemu_host_page_size, prot, flags | MAP_ANONYMOUS,
+ -1, 0) == MAP_FAILED) {
 return -1;
+}
 page_set_flags(real_start, real_start + qemu_host_page_size,
PAGE_VALID);
 prot1 = prot;
-- 
1.9.1

Re: [Qemu-devel] [PATCH] PCI: add param check for api

[Paolo Bonzini]

On 11/01/2016 09:32, Michael Tokarev wrote:
>> >  
>> > +assert(size > 0);
>> > +assert(offset >= PCI_CONFIG_HEADER_SIZE || !offset);
>> > +
> I'd like to see some ACKs/Reviews for this one, in particular why
> size should be != 0.

In fact it should be >= 2, because two bytes are always written below:

config = pdev->config + offset;
config[PCI_CAP_LIST_ID] = cap_id;
config[PCI_CAP_LIST_NEXT] = pdev->config[PCI_CAPABILITY_LIST];

> Also either move offset assert to the below
> "else" clause or rewrite it to be offset == 0 instead if !offset :)

Good idea to move it below, or even to add

assert(offset >= PCI_CONFIG_HEADER_SIZE);

after the "if", before the "config" assignment.

Paolo

Re: [Qemu-devel] [PATCH v2] pc: allow raising low memory via max-ram-below-4g option

[Gerd Hoffmann]

On Fr, 2016-01-08 at 19:32 +0100, Laszlo Ersek wrote:
> On 01/08/16 18:45, Igor Mammedov wrote:
> > On Fri,  8 Jan 2016 13:58:03 +0100
> > Gerd Hoffmann  wrote:
> > 
> >> This patch extends the functionality of the max-ram-below-4g option
> >> to also allow increasing lowmem.  Use case: Give as much memory as
> >> possible to legacy non-PAE guests.
> >>
> >> While being at it also rework the lowmem calculation logic and add a
> >> longish comment describing how it works and what the compatibility
> >> constrains are.
> > CCing Laszlo as it might affect OVMF
> 
> Thanks a lot for the CC, Igor!
> 
> So I have to investigate this separately for i440fx and Q35.
> 
> (1) For i440fx, OVMF determines the base of the 32-bit PCI hole like this:
> 
>   PciBase = (TopOfLowRam < BASE_2GB) ? BASE_2GB : TopOfLowRam;
> 
> where TopOfLowRam is calculated from the CMOS registers 0x34 and 0x35.
> 
> *If* QEMU is still sticking with the idea of git commit ddaaefb4dd, that
> is, the 32-bit PCI hole still starts immediately after the end of low
> RAM, then this change should be fine for i440fx.

Good.

> Gerd, can you confirm that this new logic for the lowmem/highmem split
> doesn't affect the above?
> 
> In other words, as long as there is no "void" left between the top of
> low RAM and the base of the PCI hole, it doesn't matter where exactly
> the split is.

Yes, the logic is the same as before.  Anything above ram is pci i/o.

> (2) For Q35, the OVMF code is different:

The patch doesn't change q35 behavior.

cheers,
  Gerd

[Qemu-devel] [PULL 08/19] configure: fix trace backend check

[Michael Tokarev]

From: Marc-André Lureau 

Found thanks to shellcheck!

Signed-off-by: Marc-André Lureau 
Reviewed-by: Eric Blake 
Signed-off-by: Michael Tokarev 
---
 configure | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/configure b/configure
index 83b40fc..44ac9ab 100755
--- a/configure
+++ b/configure
@@ -4817,7 +4817,7 @@ echo "libcap-ng support $cap_ng"
 echo "vhost-net support $vhost_net"
 echo "vhost-scsi support $vhost_scsi"
 echo "Trace backends$trace_backends"
-if test "$trace_backend" = "simple"; then
+if have_backend "simple"; then
 echo "Trace output file $trace_file-"
 fi
 if test "$spice" = "yes"; then
-- 
2.1.4

[Qemu-devel] [PULL 06/19] crypto: Fix typo in example

[Michael Tokarev]

From: Eric Blake 

The example code wouldn't even compile, since it did not use
a consistent spelling for the Error ** parameter.

Signed-off-by: Eric Blake 
Reviewed-by: Daniel P. Berrange 
Signed-off-by: Michael Tokarev 
---
 include/crypto/tlssession.h | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/include/crypto/tlssession.h b/include/crypto/tlssession.h
index b38fe69..d356a8d 100644
--- a/include/crypto/tlssession.h
+++ b/include/crypto/tlssession.h
@@ -56,7 +56,7 @@
  *
  * static int mysock_run_tls(int sockfd,
  *   QCryptoTLSCreds *creds,
- *   Error *erp)
+ *   Error *errp)
  * {
  *QCryptoTLSSession *sess;
  *
-- 
2.1.4

[Qemu-devel] [PATCH v2] linux-user/syscall.c: Add SO_RCVTIMEO and SO_SNDTIMEO for getsockopt

[chengang]

From: Chen Gang 

Implement them according to the other features implementations.

Signed-off-by: Chen Gang 
---
 linux-user/syscall.c | 27 +--
 1 file changed, 25 insertions(+), 2 deletions(-)

diff --git a/linux-user/syscall.c b/linux-user/syscall.c
index 44485f2..4c68800 100644
--- a/linux-user/syscall.c
+++ b/linux-user/syscall.c
@@ -1687,6 +1687,7 @@ static abi_long do_getsockopt(int sockfd, int level, int 
optname,
 abi_long ret;
 int len, val;
 socklen_t lv;
+struct timeval tv;
 
 switch(level) {
 case TARGET_SOL_SOCKET:
@@ -1694,10 +1695,32 @@ static abi_long do_getsockopt(int sockfd, int level, 
int optname,
 switch (optname) {
 /* These don't just return a single integer */
 case TARGET_SO_LINGER:
-case TARGET_SO_RCVTIMEO:
-case TARGET_SO_SNDTIMEO:
 case TARGET_SO_PEERNAME:
 goto unimplemented;
+case TARGET_SO_RCVTIMEO:
+optname = SO_RCVTIMEO;
+goto time_case;
+case TARGET_SO_SNDTIMEO:
+optname = SO_SNDTIMEO;
+time_case:
+if (get_user_u32(len, optlen)) {
+return -TARGET_EFAULT;
+}
+if (len < sizeof(struct target_timeval)) {
+return -TARGET_EINVAL;
+}
+lv = sizeof(tv);
+ret = get_errno(getsockopt(sockfd, level, optname, , ));
+if (ret < 0) {
+return ret;
+}
+if (copy_to_user_timeval(optval_addr, )) {
+return -TARGET_EFAULT;
+}
+if (put_user_u32(sizeof(struct target_timeval), optlen)) {
+return -TARGET_EFAULT;
+}
+break;
 case TARGET_SO_PEERCRED: {
 struct ucred cr;
 socklen_t crlen;
-- 
1.9.1

[Qemu-devel] [PATCH v3 3/3] 9pfs: introduce V9fsVirtioState

[Wei Liu]

V9fsState now only contains generic fields. Introduce V9fsVirtioState
for virtio transport.  Change virtio-pci and virtio-ccw to use
V9fsVirtioState.

Signed-off-by: Wei Liu 
---
v3: only include code to introduce V9fsVirtioState
---
 hw/9pfs/9p.c   |  6 ++--
 hw/9pfs/9p.h   |  6 +---
 hw/9pfs/virtio-9p-device.c | 78 +-
 hw/9pfs/virtio-9p.h| 12 ++-
 hw/s390x/virtio-ccw.h  |  2 +-
 hw/virtio/virtio-pci.h |  2 +-
 6 files changed, 67 insertions(+), 39 deletions(-)

diff --git a/hw/9pfs/9p.c b/hw/9pfs/9p.c
index 84cb1d9..77f95f2 100644
--- a/hw/9pfs/9p.c
+++ b/hw/9pfs/9p.c
@@ -3274,6 +3274,7 @@ void pdu_submit(V9fsPDU *pdu)
 /* Returns 0 on success, 1 on failure. */
 int v9fs_device_realize_common(V9fsState *s, Error **errp)
 {
+V9fsVirtioState *v = container_of(s, V9fsVirtioState, state);
 int i, len;
 struct stat stat;
 FsDriverEntry *fse;
@@ -3284,8 +3285,9 @@ int v9fs_device_realize_common(V9fsState *s, Error **errp)
 QLIST_INIT(>free_list);
 QLIST_INIT(>active_list);
 for (i = 0; i < (MAX_REQ - 1); i++) {
-QLIST_INSERT_HEAD(>free_list, >pdus[i], next);
-s->pdus[i].s = s;
+QLIST_INSERT_HEAD(>free_list, >pdus[i], next);
+v->pdus[i].s = s;
+v->pdus[i].idx = i;
 }
 
 v9fs_path_init();
diff --git a/hw/9pfs/9p.h b/hw/9pfs/9p.h
index 3fe4da4..edcd51b 100644
--- a/hw/9pfs/9p.h
+++ b/hw/9pfs/9p.h
@@ -131,9 +131,9 @@ struct V9fsPDU
 uint8_t id;
 uint8_t cancelled;
 CoQueue complete;
-VirtQueueElement elem;
 struct V9fsState *s;
 QLIST_ENTRY(V9fsPDU) next;
+uint32_t idx;
 };
 
 
@@ -205,16 +205,12 @@ struct V9fsFidState
 
 typedef struct V9fsState
 {
-VirtIODevice parent_obj;
-VirtQueue *vq;
-V9fsPDU pdus[MAX_REQ];
 QLIST_HEAD(, V9fsPDU) free_list;
 QLIST_HEAD(, V9fsPDU) active_list;
 V9fsFidState *fid_list;
 FileOperations *ops;
 FsContext ctx;
 char *tag;
-size_t config_size;
 enum p9_proto_version proto_version;
 int32_t msize;
 /*
diff --git a/hw/9pfs/virtio-9p-device.c b/hw/9pfs/virtio-9p-device.c
index 4aa8a6b..5643fd5 100644
--- a/hw/9pfs/virtio-9p-device.c
+++ b/hw/9pfs/virtio-9p-device.c
@@ -24,33 +24,41 @@
 void virtio_9p_push_and_notify(V9fsPDU *pdu)
 {
 V9fsState *s = pdu->s;
+V9fsVirtioState *v = container_of(s, V9fsVirtioState, state);
+VirtQueueElement *elem = >elems[pdu->idx];
 
 /* push onto queue and notify */
-virtqueue_push(s->vq, >elem, pdu->size);
+virtqueue_push(v->vq, elem, pdu->size);
 
 /* FIXME: we should batch these completions */
-virtio_notify(VIRTIO_DEVICE(s), s->vq);
+virtio_notify(VIRTIO_DEVICE(v), v->vq);
 }
 
 static void handle_9p_output(VirtIODevice *vdev, VirtQueue *vq)
 {
-V9fsState *s = (V9fsState *)vdev;
+V9fsVirtioState *v = (V9fsVirtioState *)vdev;
+V9fsState *s = >state;
 V9fsPDU *pdu;
 ssize_t len;
 
-while ((pdu = pdu_alloc(s)) &&
-(len = virtqueue_pop(vq, >elem)) != 0) {
+while ((pdu = pdu_alloc(s))) {
 struct {
 uint32_t size_le;
 uint8_t id;
 uint16_t tag_le;
 } QEMU_PACKED out;
-int len;
+VirtQueueElement *elem = >elems[pdu->idx];
 
-BUG_ON(pdu->elem.out_num == 0 || pdu->elem.in_num == 0);
+len = virtqueue_pop(vq, elem);
+if (!len) {
+pdu_free(pdu);
+break;
+}
+
+BUG_ON(elem->out_num == 0 || elem->in_num == 0);
 QEMU_BUILD_BUG_ON(sizeof out != 7);
 
-len = iov_to_buf(pdu->elem.out_sg, pdu->elem.out_num, 0,
+len = iov_to_buf(elem->out_sg, elem->out_num, 0,
  , sizeof out);
 BUG_ON(len != sizeof out);
 
@@ -62,7 +70,6 @@ static void handle_9p_output(VirtIODevice *vdev, VirtQueue 
*vq)
 qemu_co_queue_init(>complete);
 pdu_submit(pdu);
 }
-pdu_free(pdu);
 }
 
 static uint64_t virtio_9p_get_features(VirtIODevice *vdev, uint64_t features,
@@ -76,14 +83,15 @@ static void virtio_9p_get_config(VirtIODevice *vdev, 
uint8_t *config)
 {
 int len;
 struct virtio_9p_config *cfg;
-V9fsState *s = VIRTIO_9P(vdev);
+V9fsVirtioState *v = VIRTIO_9P(vdev);
+V9fsState *s = >state;
 
 len = strlen(s->tag);
 cfg = g_malloc0(sizeof(struct virtio_9p_config) + len);
 virtio_stw_p(vdev, >tag_len, len);
 /* We don't copy the terminating null to config space */
 memcpy(cfg->tag, s->tag, len);
-memcpy(config, cfg, s->config_size);
+memcpy(config, cfg, v->config_size);
 g_free(cfg);
 }
 
@@ -100,16 +108,17 @@ static int virtio_9p_load(QEMUFile *f, void *opaque, int 
version_id)
 static void virtio_9p_device_realize(DeviceState *dev, Error **errp)
 {
 VirtIODevice *vdev = VIRTIO_DEVICE(dev);
-V9fsState *s = VIRTIO_9P(dev);
+V9fsVirtioState *v = VIRTIO_9P(dev);
+V9fsState *s = >state;
 
   

[Qemu-devel] [PATCH v3 1/3] fsdev: 9p-marshal: introduce V9fsBlob

[Wei Liu]

Introduce a concept of blob. It will be used to pack / unpack xattr
value.

With this change there is no need to expose v9fs_pack to device code
anymore.

Signed-off-by: Wei Liu 
---
v3: use 'd' to encode / decode blob size
---
 fsdev/9p-iov-marshal.c | 26 ++
 fsdev/9p-marshal.c |  7 +++
 fsdev/9p-marshal.h | 14 ++
 3 files changed, 47 insertions(+)

diff --git a/fsdev/9p-iov-marshal.c b/fsdev/9p-iov-marshal.c
index 08d783c..1f9edf3 100644
--- a/fsdev/9p-iov-marshal.c
+++ b/fsdev/9p-iov-marshal.c
@@ -140,6 +140,21 @@ ssize_t v9fs_iov_vunmarshal(struct iovec *out_sg, int 
out_num, size_t offset,
 }
 break;
 }
+case 'B': {
+V9fsBlob *blob = va_arg(ap, V9fsBlob *);
+copied = v9fs_iov_unmarshal(out_sg, out_num, offset, bswap,
+"d", >size);
+if (copied > 0) {
+offset += copied;
+blob->data = g_malloc(blob->size);
+copied = v9fs_unpack(blob->data, out_sg, out_num, offset,
+ blob->size);
+if (copied < 0) {
+v9fs_blob_free(blob);
+}
+}
+break;
+}
 case 'Q': {
 V9fsQID *qidp = va_arg(ap, V9fsQID *);
 copied = v9fs_iov_unmarshal(out_sg, out_num, offset, bswap,
@@ -253,6 +268,17 @@ ssize_t v9fs_iov_vmarshal(struct iovec *in_sg, int in_num, 
size_t offset,
 }
 break;
 }
+case 'B': {
+V9fsBlob *blob = va_arg(ap, V9fsBlob *);
+copied = v9fs_iov_marshal(in_sg, in_num, offset, bswap,
+  "d", blob->size);
+if (copied > 0) {
+offset += copied;
+copied = v9fs_pack(in_sg, in_num, offset, blob->data,
+   blob->size);
+}
+break;
+}
 case 'Q': {
 V9fsQID *qidp = va_arg(ap, V9fsQID *);
 copied = v9fs_iov_marshal(in_sg, in_num, offset, bswap, "bdq",
diff --git a/fsdev/9p-marshal.c b/fsdev/9p-marshal.c
index 991e35d..a914244 100644
--- a/fsdev/9p-marshal.c
+++ b/fsdev/9p-marshal.c
@@ -54,3 +54,10 @@ void v9fs_string_copy(V9fsString *lhs, V9fsString *rhs)
 v9fs_string_free(lhs);
 v9fs_string_sprintf(lhs, "%s", rhs->data);
 }
+
+void v9fs_blob_free(V9fsBlob *blob)
+{
+g_free(blob->data);
+blob->data = NULL;
+blob->size = 0;
+}
diff --git a/fsdev/9p-marshal.h b/fsdev/9p-marshal.h
index e91b24e..54148f4 100644
--- a/fsdev/9p-marshal.h
+++ b/fsdev/9p-marshal.h
@@ -7,6 +7,12 @@ typedef struct V9fsString
 char *data;
 } V9fsString;
 
+typedef struct V9fsBlob
+{
+uint32_t size;
+void *data;
+} V9fsBlob;
+
 typedef struct V9fsQID
 {
 int8_t type;
@@ -81,4 +87,12 @@ extern void v9fs_string_null(V9fsString *str);
 extern void v9fs_string_sprintf(V9fsString *str, const char *fmt, ...);
 extern void v9fs_string_copy(V9fsString *lhs, V9fsString *rhs);
 
+static inline void v9fs_blob_init(V9fsBlob *blob)
+{
+blob->data = NULL;
+blob->size = 0;
+}
+
+extern void v9fs_blob_free(V9fsBlob *blob);
+
 #endif
-- 
2.1.4

[Qemu-devel] [PATCH v3 0/3] 9pfs: disentangling virtio and generic code

[Wei Liu]

Hi all

This is version 3 of this series. It is based on

  https://github.com/kvaneesh/qemu/commits/upstream-v9fs

so it only contains patches that are not in that branch.

These three patches were tested with Turex POSIX test suite 20080816 and
20090130-rc. It passed all tests in 20080816 and got expected xacl test
failures in 20090130-rc.

I will spare copying and pasting the same content here again.  Previous cover
letters can be found at:

v2: https://lists.gnu.org/archive/html/qemu-devel/2016-01/msg00822.html
v1: https://lists.gnu.org/archive/html/qemu-devel/2016-01/msg00374.html

Wei.
---
Cc: "Aneesh Kumar K.V" 
Cc: Greg Kurz 
Cc: "Michael S. Tsirkin" 
Cc: Stefano Stabellini 
---

Wei Liu (3):
  fsdev: 9p-marshal: introduce V9fsBlob
  9pfs: use V9fsBlob to transmit xattr
  9pfs: introduce V9fsVirtioState

 fsdev/9p-iov-marshal.c | 30 --
 fsdev/9p-iov-marshal.h |  3 --
 fsdev/9p-marshal.c |  7 +
 fsdev/9p-marshal.h | 14 +
 hw/9pfs/9p.c   | 27 ++--
 hw/9pfs/9p.h   |  6 +---
 hw/9pfs/virtio-9p-device.c | 78 +-
 hw/9pfs/virtio-9p.h| 12 ++-
 hw/s390x/virtio-ccw.h  |  2 +-
 hw/virtio/virtio-pci.h |  2 +-
 10 files changed, 129 insertions(+), 52 deletions(-)

-- 
2.1.4

Re: [Qemu-devel] [PATCH] Keep pty slave file descriptor open until the master is closed

[Ashley Jonathan]

Apologies; I overlooked that detail:

Signed-off-by: Ashley Jonathan 

Regards,
--
Jon Ashley

-Original Message-
From: Paolo Bonzini [mailto:paolo.bonz...@gmail.com] On Behalf Of Paolo Bonzini
Sent: 11 January 2016 09:16
To: Ashley Jonathan; qemu-devel@nongnu.org
Cc: qemu-triv...@nongnu.org
Subject: Re: [PATCH] Keep pty slave file descriptor open until the master is 
closed



On 11/12/2015 12:29, Ashley Jonathan wrote:
> I have experienced a minor difficulty using QEMU with the "-serial 
> pty" option:
> 
> If a process opens the slave pts device, writes data to it, then 
> immediately closes it, the data doesn't reliably get delivered to the 
> emulated serial port. This seems to be because a read of the master 
> pty device returns EIO on Linux if no process has the pts device open, 
> even when data is waiting "in the pipe".
> 
> A fix seems to be for QEMU to keep the pts file descriptor open until 
> the pty is closed, as per the below patch.

You need to include a "Signed-off-by: Ashley Jonathan 
"
line in the commit message, meaning that you have read and understood the 
"Developer Certificate of Origin":

http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/tree/Documentation/SubmittingPatches?id=f6f94e2ab1b33f0082ac22d71f66385a60d8157f#n297

Just reply to this message with the above line.

Paolo

Re: [Qemu-devel] [Qemu-block] [PATCH] send readcapacity10 when readcapacity16 failed

[Paolo Bonzini]

On 11/01/2016 09:49, Peter Lieven wrote:
> > +if (task != NULL && task->status == SCSI_STATUS_CHECK_CONDITION
> > +&& task->sense.key == SCSI_SENSE_UNIT_ATTENTION) {
> > +break;
> > +}
>
> Paolo, Ronnie, do you know what Readcapacity(10) returns if the target
> blocks count is greater than what can be described in 32bit?

Yes, it returns 0x.

> Anyway, is there a new version of this patch? I would also like to have a look
> before it is commited.

See https://github.com/bonzini/qemu/commit/1efcbda37.

Paolo

Re: [Qemu-devel] [Xen-devel] [PATCH v4] igd-passthrough-i440FX: convert to realize()

[Michael S. Tsirkin]

On Mon, Jan 11, 2016 at 10:46:20AM +, Stefano Stabellini wrote:
> On Mon, 11 Jan 2016, Hao, Xudong wrote:
> > Stefano, 
> > 
> > Patch http://marc.info/?l=qemu-devel=145137863501079 don't works for qemu 
> > at all, some conflict when git apply. 
> > Patch http://marc.info/?l=qemu-devel=145137863501079 is based on patch 
> > http://marc.info/?l=qemu-devel=145172165010604, right?
> > 
> > I can boot up Linux VM with IGD pass-through with latest qemu (without any 
> > additional patch), guest run 3D "nexuiz" and get 180fps. 
> 
> Very interesting, thanks for testing.

Could windows VM be tested too please?

It might be that the host pci read hacks are only needed
for the benefit of the windows guests.

> 
> > Will try the two patch together later.
> 
> That would be useful
> 
> 
> > > -Original Message-
> > > From: Stefano Stabellini [mailto:stefano.stabell...@eu.citrix.com]
> > > Sent: Friday, January 8, 2016 7:57 PM
> > > To: Hao, Xudong 
> > > Cc: Stefano Stabellini ; Lars Kurth
> > > ; Lars Kurth ; Cao jin
> > > ; xen-de...@lists.xensource.com; Stefano 
> > > Stabellini
> > > ; qemu-devel@nongnu.org; Michael S. Tsirkin
> > > 
> > > Subject: RE: [Xen-devel] [PATCH v4] igd-passthrough-i440FX: convert to 
> > > realize()
> > > 
> > > Since you are at it, could you please let me know how well igd passthrough
> > > works without this bugfix:
> > > 
> > > http://marc.info/?l=qemu-devel=145172165010604
> > > 
> > > which is about to land in QEMU.  I guess it doesn't work at all?
> > > 
> > > I am asking because I would like to know the level of support we need to 
> > > provide
> > > to igd passthrough with the latest QEMU release (2.5).
> > > 
> > > 
> > > On Thu, 7 Jan 2016, Hao, Xudong wrote:
> > > > Sure. I'll test it soon.
> > > >
> > > > Thanks,
> > > > -Xudong
> > > >
> > > > > -Original Message-
> > > > > From: Stefano Stabellini [mailto:stefano.stabell...@eu.citrix.com]
> > > > > Sent: Wednesday, January 6, 2016 8:18 PM
> > > > > To: Lars Kurth 
> > > > > Cc: Stefano Stabellini ; Hao,
> > > > > Xudong ; Lars Kurth ;
> > > > > Cao jin ; xen-de...@lists.xensource.com;
> > > > > Stefano Stabellini ;
> > > > > qemu-devel@nongnu.org; Michael S. Tsirkin 
> > > > > Subject: Re: [Xen-devel] [PATCH v4] igd-passthrough-i440FX: convert
> > > > > to realize()
> > > > >
> > > > > Hello Xudong,
> > > > >
> > > > > please test this patch:
> > > > >
> > > > > http://marc.info/?l=qemu-devel=145137863501079
> > > > >
> > > > > with an intel graphic card assigned to a Xen guest. If everything
> > > > > still works as expected, please reply with your Tested-by.
> > > > >
> > > > > Thanks,
> > > > >
> > > > > Stefano
> > > > >
> > > > > On Wed, 6 Jan 2016, Lars Kurth wrote:
> > > > > > Hi folks,
> > > > > > let me introduce you to Xudong from Intel, who is willing to help 
> > > > > > out.
> > > > > > Best Regards
> > > > > > Lars
> > > > > >
> > > > > > > On 4 Jan 2016, at 15:41, Stefano Stabellini
> > > > > > > 
> > > > > wrote:
> > > > > > >
> > > > > > > On Mon, 4 Jan 2016, Lars Kurth wrote:
> > > > > > >> On 04/01/2016 14:47, "Stefano Stabellini"
> > > > > > >>  wrote:
> > > > > > >>
> > > > > > >>> Unfortunately I don't have a setup to test this either. Maybe
> > > > > > >>> Lars can find out who should be involved on the Intel side on 
> > > > > > >>> this.
> > > > > > >>
> > > > > > >> I can certainly help to this and get back to you. What exactly
> > > > > > >> are we asking Intel to do?
> > > > > > >> It is not clear to me from this email thread
> > > > > > >
> > > > > > > Tiejun Chen, the author of the Intel graphic card passthrough
> > > > > > > patches for QEMU, seems to have left the company. It would be
> > > > > > > nice if somebody else tested this patch with an intel graphic
> > > > > > > card assigned to a guest VM.
> > > > > > >
> > > > > > > ___
> > > > > > > Xen-devel mailing list
> > > > > > > xen-de...@lists.xen.org
> > > > > > > http://lists.xen.org/xen-devel
> > > > > >
> > > >
> > 

Re: [Qemu-devel] [PATCH] Keep pty slave file descriptor open until the master is closed

[Michael Tokarev]

11.12.2015 14:29, Ashley Jonathan wrote:
> I have experienced a minor difficulty using QEMU with the "-serial pty" 
> option:
> 
> If a process opens the slave pts device, writes data to it, then immediately 
> closes it, the data doesn't reliably get delivered to the emulated serial 
> port. This seems to be because a read of the master pty device returns EIO on 
> Linux if no process has the pts device open, even when data is waiting "in 
> the pipe".
> 
> A fix seems to be for QEMU to keep the pts file descriptor open until the pty 
> is closed, as per the below patch.

The patch looks fine, so

Reviewed-by: Michael Tokarev 

but I'd love to have an ACK from the maintainer about this one,
or for it to pick it up.

Thanks,

/mjt

> ---
>  qemu-char.c | 4 +++-
>  1 file changed, 3 insertions(+), 1 deletion(-)
> 
> diff --git a/qemu-char.c b/qemu-char.c
> index 2969c44..ed03ba0 100644
> --- a/qemu-char.c
> +++ b/qemu-char.c
> @@ -1198,6 +1198,7 @@ typedef struct {
>  int connected;
>  guint timer_tag;
>  guint open_tag;
> +int slave_fd;
>  } PtyCharDriver;
>  
>  static void pty_chr_update_read_handler_locked(CharDriverState *chr);
> @@ -1373,6 +1374,7 @@ static void pty_chr_close(struct CharDriverState *chr)
>  
>  qemu_mutex_lock(>chr_write_lock);
>  pty_chr_state(chr, 0);
> +close(s->slave_fd);
>  fd = g_io_channel_unix_get_fd(s->fd);
>  g_io_channel_unref(s->fd);
>  close(fd);
> @@ -1401,7 +1403,6 @@ static CharDriverState *qemu_chr_open_pty(const char 
> *id,
>  return NULL;
>  }
>  
> -close(slave_fd);
>  qemu_set_nonblock(master_fd);
>  
>  chr = qemu_chr_alloc();
> @@ -1422,6 +1423,7 @@ static CharDriverState *qemu_chr_open_pty(const char 
> *id,
>  chr->explicit_be_open = true;
>  
>  s->fd = io_channel_from_fd(master_fd);
> +s->slave_fd = slave_fd;
>  s->timer_tag = 0;
>  
>  return chr;
> 

Re: [Qemu-devel] [PATCH] block: add missing call to bdrv_drain_recurse

[Paolo Bonzini]

On 25/12/2015 02:55, Fam Zheng wrote:
> On Wed, 12/23 11:48, Paolo Bonzini wrote:
>> This is also needed in bdrv_drain_all, not just in bdrv_drain.
>>
>> Signed-off-by: Paolo Bonzini 
>> ---
>>  block/io.c | 1 +
>>  1 file changed, 1 insertion(+)
>>
>> diff --git a/block/io.c b/block/io.c
>> index 841f5b5..bfe2544 100644
>> --- a/block/io.c
>> +++ b/block/io.c
>> @@ -293,6 +293,7 @@ void bdrv_drain_all(void)
>>  if (bs->job) {
>>  block_job_pause(bs->job);
>>  }
>> +bdrv_drain_recurse(bs);
>>  aio_context_release(aio_context);
>>  
>>  if (!g_slist_find(aio_ctxs, aio_context)) {
>> -- 
>> 2.5.0
>>
>>
> 
> Reviewed-by: Fam Zheng 
> 
> 

Ping?

Paolo

[Qemu-devel] Recall: [Xen-devel] [PATCH v4] igd-passthrough-i440FX: convert to realize()

[Hao, Xudong]

Hao, Xudong would like to recall the message, "[Xen-devel] [PATCH v4] 
igd-passthrough-i440FX: convert to realize()".

[Qemu-devel] [PULL 13/19] PCI Bonito: QOMify and cleanup

[Michael Tokarev]

From: Cao jin 

Also clear the code

Signed-off-by: Cao jin 
Signed-off-by: Michael Tokarev 
---
 hw/pci-host/bonito.c | 23 ---
 1 file changed, 12 insertions(+), 11 deletions(-)

diff --git a/hw/pci-host/bonito.c b/hw/pci-host/bonito.c
index 4139a2c..b477679 100644
--- a/hw/pci-host/bonito.c
+++ b/hw/pci-host/bonito.c
@@ -180,8 +180,6 @@
 #define PCI_ADDR(busno,devno,funno,regno)  \
 busno)<<16)&0xff) + (((devno)<<11)&0xf800) + (((funno)<<8)&0x700) 
+ (regno))
 
-#define TYPE_BONITO_PCI_HOST_BRIDGE "Bonito-pcihost"
-
 typedef struct BonitoState BonitoState;
 
 typedef struct PCIBonitoState
@@ -215,17 +213,20 @@ typedef struct PCIBonitoState
 
 } PCIBonitoState;
 
-#define BONITO_PCI_HOST_BRIDGE(obj) \
-OBJECT_CHECK(BonitoState, (obj), TYPE_BONITO_PCI_HOST_BRIDGE)
-
 struct BonitoState {
 PCIHostState parent_obj;
-
 qemu_irq *pic;
-
 PCIBonitoState *pci_dev;
 };
 
+#define TYPE_BONITO_PCI_HOST_BRIDGE "Bonito-pcihost"
+#define BONITO_PCI_HOST_BRIDGE(obj) \
+OBJECT_CHECK(BonitoState, (obj), TYPE_BONITO_PCI_HOST_BRIDGE)
+
+#define TYPE_PCI_BONITO "Bonito"
+#define PCI_BONITO(obj) \
+OBJECT_CHECK(PCIBonitoState, (obj), TYPE_PCI_BONITO)
+
 static void bonito_writel(void *opaque, hwaddr addr,
   uint64_t val, unsigned size)
 {
@@ -723,7 +724,7 @@ static int bonito_pcihost_initfn(SysBusDevice *dev)
 
 static void bonito_realize(PCIDevice *dev, Error **errp)
 {
-PCIBonitoState *s = DO_UPCAST(PCIBonitoState, dev, dev);
+PCIBonitoState *s = PCI_BONITO(dev);
 SysBusDevice *sysbus = SYS_BUS_DEVICE(s->pcihost);
 PCIHostState *phb = PCI_HOST_BRIDGE(s->pcihost);
 
@@ -799,8 +800,8 @@ PCIBus *bonito_init(qemu_irq *pic)
 qdev_init_nofail(dev);
 
 /* set the pcihost pointer before bonito_initfn is called */
-d = pci_create(phb->bus, PCI_DEVFN(0, 0), "Bonito");
-s = DO_UPCAST(PCIBonitoState, dev, d);
+d = pci_create(phb->bus, PCI_DEVFN(0, 0), TYPE_PCI_BONITO);
+s = PCI_BONITO(d);
 s->pcihost = pcihost;
 pcihost->pci_dev = s;
 qdev_init_nofail(DEVICE(d));
@@ -828,7 +829,7 @@ static void bonito_class_init(ObjectClass *klass, void 
*data)
 }
 
 static const TypeInfo bonito_info = {
-.name  = "Bonito",
+.name  = TYPE_PCI_BONITO,
 .parent= TYPE_PCI_DEVICE,
 .instance_size = sizeof(PCIBonitoState),
 .class_init= bonito_class_init,
-- 
2.1.4

Re: [Qemu-devel] [Qemu-block] [PATCH] send readcapacity10 when readcapacity16 failed

[Peter Lieven]

Am 07.01.2016 um 11:07 schrieb Paolo Bonzini:
>
> On 06/01/2016 18:57, John Snow wrote:
>> Ronnie: Thanks for the explanation!
>>
>> Zhu: In light of this, can the patch be reworked slightly to explicitly
>> check *why* READCAPACITY16 failed and only attempt the READCAPACITY10 as
>> a fallback if it receives INVALID_OPCODE?
>>
>> If it fails for any other reason it's probably best to report the error
>> and let QEMU decide what to do about it.
> Any other failure probably would happen for READ CAPACITY(10) as well, so
> it's okay to ignore it for READ CAPACITY(16).
>
> Zhu's patch matches what Linux does by default, it seems okay.  The only
> change needed is to retry READ CAPACITY(16) if there is a UNIT ATTENTION
> sense:
>
> +if (task != NULL && task->status == SCSI_STATUS_CHECK_CONDITION
> +&& task->sense.key == SCSI_SENSE_UNIT_ATTENTION) {
> +break;
> +}
>
> Paolo

Paolo, Ronnie, do you know what Readcapacity(10) returns if the target
blocks count is greater than what can be described in 32bit?

Anyway, is there a new version of this patch? I would also like to have a look
before it is commited.

Thanks,
Peter

[Qemu-devel] [PULL 12/19] SH PCI Host: convert to realize()

[Michael Tokarev]

From: Cao jin 

Signed-off-by: Cao jin 
Signed-off-by: Michael Tokarev 
---
 hw/sh4/sh_pci.c | 5 ++---
 1 file changed, 2 insertions(+), 3 deletions(-)

diff --git a/hw/sh4/sh_pci.c b/hw/sh4/sh_pci.c
index a2f6d9e..4509053 100644
--- a/hw/sh4/sh_pci.c
+++ b/hw/sh4/sh_pci.c
@@ -151,12 +151,11 @@ static int sh_pci_device_init(SysBusDevice *dev)
 return 0;
 }
 
-static int sh_pci_host_init(PCIDevice *d)
+static void sh_pci_host_realize(PCIDevice *d, Error **errp)
 {
 pci_set_word(d->config + PCI_COMMAND, PCI_COMMAND_WAIT);
 pci_set_word(d->config + PCI_STATUS, PCI_STATUS_CAP_LIST |
  PCI_STATUS_FAST_BACK | PCI_STATUS_DEVSEL_MEDIUM);
-return 0;
 }
 
 static void sh_pci_host_class_init(ObjectClass *klass, void *data)
@@ -164,7 +163,7 @@ static void sh_pci_host_class_init(ObjectClass *klass, void 
*data)
 PCIDeviceClass *k = PCI_DEVICE_CLASS(klass);
 DeviceClass *dc = DEVICE_CLASS(klass);
 
-k->init = sh_pci_host_init;
+k->realize = sh_pci_host_realize;
 k->vendor_id = PCI_VENDOR_ID_HITACHI;
 k->device_id = PCI_DEVICE_ID_HITACHI_SH7751R;
 /*
-- 
2.1.4

[Qemu-devel] [PULL 10/19] Add missing syscall nrs. according to more recent Linux kernels

[Michael Tokarev]

From: Johan Ouwerkerk 

This change covers arm, aarch64, mips. Others to follow?

The change was prompted by QEMU warning about a syscall 384 (get_random())
with Debian armhf binaries (ARMv7).

Signed-off-by: Johan Ouwerkerk 
Reviewed-by: Peter Maydell 
Signed-off-by: Michael Tokarev 
---
 linux-user/aarch64/syscall_nr.h | 13 +
 linux-user/arm/syscall_nr.h | 12 
 linux-user/mips/syscall_nr.h| 12 
 3 files changed, 37 insertions(+)

diff --git a/linux-user/aarch64/syscall_nr.h b/linux-user/aarch64/syscall_nr.h
index 743255d..74f4275 100644
--- a/linux-user/aarch64/syscall_nr.h
+++ b/linux-user/aarch64/syscall_nr.h
@@ -262,6 +262,19 @@
 #define TARGET_NR_process_vm_writev 271
 #define TARGET_NR_kcmp 272
 #define TARGET_NR_finit_module 273
+
+#define TARGET_NR_sched_setattr 274
+#define TARGET_NR_sched_getattr 275
+#define TARGET_NR_renameat2 276
+#define TARGET_NR_seccomp 277
+#define TARGET_NR_getrandom 278
+#define TARGET_NR_memfd_create 279
+#define TARGET_NR_bpf 280
+#define TARGET_NR_execveat 281
+#define TARGET_NR_userfaultfd 282
+#define TARGET_NR_membarrier 283
+#define TARGET_NR_mlock2 284
+
 #define TARGET_NR_open 1024
 #define TARGET_NR_link 1025
 #define TARGET_NR_unlink 1026
diff --git a/linux-user/arm/syscall_nr.h b/linux-user/arm/syscall_nr.h
index 53552be..cc9089c 100644
--- a/linux-user/arm/syscall_nr.h
+++ b/linux-user/arm/syscall_nr.h
@@ -384,3 +384,15 @@
 #define TARGET_NR_process_vm_writev(377)
 #define TARGET_NR_kcmp (378)
 #define TARGET_NR_finit_module (379)
+
+#define TARGET_NR_sched_setattr(380)
+#define TARGET_NR_sched_getattr(381)
+#define TARGET_NR_renameat2(382)
+#define TARGET_NR_seccomp  (383)
+#define TARGET_NR_getrandom(384)
+#define TARGET_NR_memfd_create (385)
+#define TARGET_NR_bpf  (386)
+#define TARGET_NR_execveat (387)
+#define TARGET_NR_userfaultfd  (388)
+#define TARGET_NR_membarrier   (389)
+#define TARGET_NR_mlock2   (390)
diff --git a/linux-user/mips/syscall_nr.h b/linux-user/mips/syscall_nr.h
index 2d1a13e..6819f86 100644
--- a/linux-user/mips/syscall_nr.h
+++ b/linux-user/mips/syscall_nr.h
@@ -351,3 +351,15 @@
 #define TARGET_NR_process_vm_writev (TARGET_NR_Linux + 346)
 #define TARGET_NR_kcmp  (TARGET_NR_Linux + 347)
 #define TARGET_NR_finit_module  (TARGET_NR_Linux + 348)
+
+#define TARGET_NR_sched_setattr (TARGET_NR_Linux + 349)
+#define TARGET_NR_sched_getattr (TARGET_NR_Linux + 350)
+#define TARGET_NR_renameat2 (TARGET_NR_Linux + 351)
+#define TARGET_NR_seccomp   (TARGET_NR_Linux + 352)
+#define TARGET_NR_getrandom (TARGET_NR_Linux + 353)
+#define TARGET_NR_memfd_create  (TARGET_NR_Linux + 354)
+#define TARGET_NR_bpf   (TARGET_NR_Linux + 355)
+#define TARGET_NR_execveat  (TARGET_NR_Linux + 356)
+#define TARGET_NR_userfaultfd   (TARGET_NR_Linux + 357)
+#define TARGET_NR_membarrier(TARGET_NR_Linux + 358)
+#define TARGET_NR_mlock2(TARGET_NR_Linux + 359)
-- 
2.1.4

[Qemu-devel] [PULL 02/19] linux-user: enable sigaltstack for all architectures

[Michael Tokarev]

There is no reason to limit sigaltstack syscall to just a few
architectures and pretend it is not implemented for others.

If some architecture is not ready for this, that architecture
should be fixed instead.

This fixes LP#1516408.

Signed-off-by: Michael Tokarev 
Reviewed-by: Peter Maydell 
---
 linux-user/syscall.c | 6 --
 1 file changed, 6 deletions(-)

diff --git a/linux-user/syscall.c b/linux-user/syscall.c
index 6c64ba6..3ceb3e2 100644
--- a/linux-user/syscall.c
+++ b/linux-user/syscall.c
@@ -8292,14 +8292,8 @@ abi_long do_syscall(void *cpu_env, int num, abi_long 
arg1,
 break;
 }
 case TARGET_NR_sigaltstack:
-#if defined(TARGET_I386) || defined(TARGET_ARM) || defined(TARGET_MIPS) || \
-defined(TARGET_SPARC) || defined(TARGET_PPC) || defined(TARGET_ALPHA) || \
-defined(TARGET_M68K) || defined(TARGET_S390X) || defined(TARGET_OPENRISC)
 ret = do_sigaltstack(arg1, arg2, get_sp_from_cpustate((CPUArchState 
*)cpu_env));
 break;
-#else
-goto unimplemented;
-#endif
 
 #ifdef CONFIG_SENDFILE
 case TARGET_NR_sendfile:
-- 
2.1.4

[Qemu-devel] [PATCH v3 2/3] 9pfs: use V9fsBlob to transmit xattr

[Wei Liu]

And make v9fs_pack static function. Now we only need to export
v9fs_{,un}marshal to device.

Signed-off-by: Wei Liu 
---
v3: fix bug discovered by Aneesh
---
 fsdev/9p-iov-marshal.c |  4 ++--
 fsdev/9p-iov-marshal.h |  3 ---
 hw/9pfs/9p.c   | 21 +
 3 files changed, 15 insertions(+), 13 deletions(-)

diff --git a/fsdev/9p-iov-marshal.c b/fsdev/9p-iov-marshal.c
index 1f9edf3..5c911c8 100644
--- a/fsdev/9p-iov-marshal.c
+++ b/fsdev/9p-iov-marshal.c
@@ -70,8 +70,8 @@ static ssize_t v9fs_unpack(void *dst, struct iovec *out_sg, 
int out_num,
 return v9fs_packunpack(dst, out_sg, out_num, offset, size, 0);
 }
 
-ssize_t v9fs_pack(struct iovec *in_sg, int in_num, size_t offset,
-  const void *src, size_t size)
+static ssize_t v9fs_pack(struct iovec *in_sg, int in_num, size_t offset,
+ const void *src, size_t size)
 {
 return v9fs_packunpack((void *)src, in_sg, in_num, offset, size, 1);
 }
diff --git a/fsdev/9p-iov-marshal.h b/fsdev/9p-iov-marshal.h
index 6bccbfb..410a1ea 100644
--- a/fsdev/9p-iov-marshal.h
+++ b/fsdev/9p-iov-marshal.h
@@ -3,9 +3,6 @@
 
 #include "9p-marshal.h"
 
-
-ssize_t v9fs_pack(struct iovec *in_sg, int in_num, size_t offset,
-  const void *src, size_t size);
 ssize_t v9fs_iov_unmarshal(struct iovec *out_sg, int out_num, size_t offset,
int bswap, const char *fmt, ...);
 ssize_t v9fs_iov_marshal(struct iovec *in_sg, int in_num, size_t offset,
diff --git a/hw/9pfs/9p.c b/hw/9pfs/9p.c
index a904403..84cb1d9 100644
--- a/hw/9pfs/9p.c
+++ b/hw/9pfs/9p.c
@@ -1585,6 +1585,7 @@ static int v9fs_xattr_read(V9fsState *s, V9fsPDU *pdu, 
V9fsFidState *fidp,
 size_t offset = 7;
 int read_count;
 int64_t xattr_len;
+V9fsBlob blob;
 
 xattr_len = fidp->fs.xattr.len;
 read_count = xattr_len - off;
@@ -1596,14 +1597,18 @@ static int v9fs_xattr_read(V9fsState *s, V9fsPDU *pdu, 
V9fsFidState *fidp,
  */
 read_count = 0;
 }
-err = pdu_marshal(pdu, offset, "d", read_count);
-if (err < 0) {
-return err;
-}
-offset += err;
-err = v9fs_pack(pdu->elem.in_sg, pdu->elem.in_num, offset,
-((char *)fidp->fs.xattr.value) + off,
-read_count);
+
+v9fs_blob_init();
+
+blob.data = g_malloc(read_count);
+memcpy(blob.data, ((char *)fidp->fs.xattr.value) + off,
+   read_count);
+blob.size = read_count;
+
+err = pdu_marshal(pdu, offset, "B", );
+
+v9fs_blob_free();
+
 if (err < 0) {
 return err;
 }
-- 
2.1.4

Re: [Qemu-devel] [PATCH v2 3/7] device_tree: introduce qemu_fdt_node_path

[Eric Auger]

Hi David,
On 01/11/2016 03:38 AM, David Gibson wrote:
> On Wed, Jan 06, 2016 at 03:13:21PM +, Eric Auger wrote:
>> This new helper routine returns the node path of a device
>> referred to by its node name and compat string.
> 
> What if there are multiple nodes matching the name and compat?
The function would return the first one. I can improve the doc comment.
Do you think it is a problem stopping at the first one? Is it a real
life test case I have to handle here?

Thanks

Eric
> 
>>
>> Signed-off-by: Eric Auger 
>>
>> ---
>>
>> v1 -> v2:
>> - move doc comment in header file
>> - do not use a fixed size buffer
>> - break on errors in while loop
>> - use strcmp instead of strncmp
>>
>> RFC -> v1:
>> - improve error handling according to Alex' comments
>> ---
>>  device_tree.c| 37 +
>>  include/sysemu/device_tree.h | 14 ++
>>  2 files changed, 51 insertions(+)
>>
>> diff --git a/device_tree.c b/device_tree.c
>> index b262c2d..8441e01 100644
>> --- a/device_tree.c
>> +++ b/device_tree.c
>> @@ -231,6 +231,43 @@ static int findnode_nofail(void *fdt, const char 
>> *node_path)
>>  return offset;
>>  }
>>  
>> +int qemu_fdt_node_path(void *fdt, const char *name, char *compat,
>> +   char **node_path)
>> +{
>> +int offset, len, ret;
>> +const char *iter_name;
>> +unsigned int path_len = 16;
>> +char *path;
>> +
>> +*node_path = NULL;
>> +offset = fdt_node_offset_by_compatible(fdt, -1, compat);
>> +
>> +while (offset >= 0) {
>> +iter_name = fdt_get_name(fdt, offset, );
>> +if (!iter_name) {
>> +offset = len;
>> +break;
>> +}
>> +if (!strcmp(iter_name, name)) {
>> +goto found;
>> +}
>> +offset = fdt_node_offset_by_compatible(fdt, offset, compat);
>> +}
>> +return offset;
>> +
>> +found:
>> +path = g_malloc(path_len);
>> +while ((ret = fdt_get_path(fdt, offset, path, path_len))
>> +== -FDT_ERR_NOSPACE) {
>> +path_len += 16;
>> +path = g_realloc(path, path_len);
>> +}
>> +if (!ret) {
>> +*node_path = path;
>> +}
>> +return ret;
>> +}
>> +
>>  int qemu_fdt_setprop(void *fdt, const char *node_path,
>>   const char *property, const void *val, int size)
>>  {
>> diff --git a/include/sysemu/device_tree.h b/include/sysemu/device_tree.h
>> index fdf25a4..269cb1c 100644
>> --- a/include/sysemu/device_tree.h
>> +++ b/include/sysemu/device_tree.h
>> @@ -20,6 +20,20 @@ void *load_device_tree(const char *filename_path, int 
>> *sizep);
>>  void *load_device_tree_from_sysfs(void);
>>  #endif
>>  
>> +/**
>> + * qemu_fdt_node_path: return the node path of a device, given its
>> + * node name and its compat string
>> + * @fdt: pointer to the dt blob
>> + * @name: device node name
>> + * @compat: compatibility string of the device
>> + * @node_path: returned node path
>> + *
>> + * upon success, the path is output at node_path address
>> + * returns 0 on success, < 0 on failure
>> + */
>> +int qemu_fdt_node_path(void *fdt, const char *name, char *compat,
>> +   char **node_path);
>> +
>>  int qemu_fdt_setprop(void *fdt, const char *node_path,
>>   const char *property, const void *val, int size);
>>  int qemu_fdt_setprop_cell(void *fdt, const char *node_path,
> 

Re: [Qemu-devel] [PATCH V5] block/nfs: add support for setting debug level

[Peter Lieven]

Am 13.11.2015 um 10:45 schrieb Stefan Hajnoczi:
> On Mon, Nov 09, 2015 at 08:09:33AM +0100, Peter Lieven wrote:
>> recent libnfs versions support logging debug messages. Add
>> support for it in qemu through an URL parameter.
>>
>> Example:
>>  qemu -cdrom nfs://127.0.0.1/iso/my.iso?debug=2
>>
>> Signed-off-by: Peter Lieven 
>> ---
>> v4->v5: add a comment in the code why we limit the debug level [Stefan]
>> v3->v4: revert to the initial version, but limit max debug level
>> v2->v3: use a per-drive option instead of a global one. [Stefan]
>> v1->v2: reworked patch to accept the debug level as a cmdline
>> parameter instead of an URI parameter [Stefan]
>>
>>  block/nfs.c | 12 
>>  1 file changed, 12 insertions(+)
> Hi Peter,
> Please use my official maintainer email address 
> when CCing me.  I didn't spot the mail to GMail until after the QEMU 2.5
> hard freeze deadline.
>
> Only bug fixes are being merged for QEMU 2.5 now.  I'm sorry that this
> patch didn't make it.  My block-next branch will be opening on Monday
> and I'll merge this patch there for QEMU 2.6.

Hi Stefan,

can you pick up this one for 2.6 now?

Thanks,
Peter

[Qemu-devel] [PULL 17/19] hw/acpi: Remove superfluous return statement

[Michael Tokarev]

From: Thomas Huth 

The "return;" statement at the end of acpi_memory_plug_cb()
does not make much sense, so let's remove it.

Cc: "Michael S. Tsirkin" 
Cc: Igor Mammedov 
Signed-off-by: Thomas Huth 
Signed-off-by: Michael Tokarev 
---
 hw/acpi/memory_hotplug.c | 1 -
 1 file changed, 1 deletion(-)

diff --git a/hw/acpi/memory_hotplug.c b/hw/acpi/memory_hotplug.c
index 298e868..65cbc80 100644
--- a/hw/acpi/memory_hotplug.c
+++ b/hw/acpi/memory_hotplug.c
@@ -250,7 +250,6 @@ void acpi_memory_plug_cb(ACPIREGS *ar, qemu_irq irq, 
MemHotplugState *mem_st,
 /* do ACPI magic */
 acpi_send_gpe_event(ar, irq, ACPI_MEMORY_HOTPLUG_STATUS);
 }
-return;
 }
 
 void acpi_memory_unplug_request_cb(ACPIREGS *ar, qemu_irq irq,
-- 
2.1.4

Re: [Qemu-devel] [PATCH v2] linux-user/syscall.c: Add SO_RCVTIMEO and SO_SNDTIMEO for getsockopt

[Laurent Vivier]

Le 11/01/2016 09:54, cheng...@emindsoft.com.cn a écrit :
> From: Chen Gang 
> 
> Implement them according to the other features implementations.
> 
> Signed-off-by: Chen Gang 
> ---
>  linux-user/syscall.c | 27 +--
>  1 file changed, 25 insertions(+), 2 deletions(-)
> 
> diff --git a/linux-user/syscall.c b/linux-user/syscall.c
> index 44485f2..4c68800 100644
> --- a/linux-user/syscall.c
> +++ b/linux-user/syscall.c
> @@ -1687,6 +1687,7 @@ static abi_long do_getsockopt(int sockfd, int level, 
> int optname,
>  abi_long ret;
>  int len, val;
>  socklen_t lv;
> +struct timeval tv;
>  
>  switch(level) {
>  case TARGET_SOL_SOCKET:
> @@ -1694,10 +1695,32 @@ static abi_long do_getsockopt(int sockfd, int level, 
> int optname,
>  switch (optname) {
>  /* These don't just return a single integer */
>  case TARGET_SO_LINGER:
> -case TARGET_SO_RCVTIMEO:
> -case TARGET_SO_SNDTIMEO:
>  case TARGET_SO_PEERNAME:
>  goto unimplemented;
> +case TARGET_SO_RCVTIMEO:
> +optname = SO_RCVTIMEO;
> +goto time_case;
> +case TARGET_SO_SNDTIMEO:
> +optname = SO_SNDTIMEO;
> +time_case:
> +if (get_user_u32(len, optlen)) {
> +return -TARGET_EFAULT;
> +}
> +if (len < sizeof(struct target_timeval)) {
> +return -TARGET_EINVAL;
> +}

Check len >= 0.

> +lv = sizeof(tv);
> +ret = get_errno(getsockopt(sockfd, level, optname, , ));
> +if (ret < 0) {
> +return ret;
> +}
> +if (copy_to_user_timeval(optval_addr, )) {
> +return -TARGET_EFAULT;
> +}
> +if (put_user_u32(sizeof(struct target_timeval), optlen)) {

Put in optlen the result of getsockopt(), i.e. "lv", or check lv ==
sizeof(struct target_timeval).

> +return -TARGET_EFAULT;
> +}
> +break;
>  case TARGET_SO_PEERCRED: {
>  struct ucred cr;
>  socklen_t crlen;
> 

[Qemu-devel] [PULL 16/19] hw/ide: Remove superfluous return statements

[Michael Tokarev]

From: Thomas Huth 

The "return;" statements at the end of functions do not make
much sense, so let's remove them.

Cc: qemu-bl...@nongnu.org
Signed-off-by: Thomas Huth 
Reviewed-by: John Snow 
Signed-off-by: Michael Tokarev 
---
 hw/ide/atapi.c | 1 -
 hw/ide/macio.c | 2 --
 2 files changed, 3 deletions(-)

diff --git a/hw/ide/atapi.c b/hw/ide/atapi.c
index 65f8dd4..272ab90 100644
--- a/hw/ide/atapi.c
+++ b/hw/ide/atapi.c
@@ -824,7 +824,6 @@ static void cmd_inquiry(IDEState *s, uint8_t *buf)
  out:
 buf[size_idx] = idx - preamble_len;
 ide_atapi_cmd_reply(s, idx, max_len);
-return;
 }
 
 static void cmd_get_configuration(IDEState *s, uint8_t *buf)
diff --git a/hw/ide/macio.c b/hw/ide/macio.c
index 3ee962f..9771261 100644
--- a/hw/ide/macio.c
+++ b/hw/ide/macio.c
@@ -292,8 +292,6 @@ done:
 block_acct_done(blk_get_stats(s->blk), >acct);
 }
 io->dma_end(opaque);
-
-return;
 }
 
 static void pmac_ide_transfer_cb(void *opaque, int ret)
-- 
2.1.4

[Qemu-devel] [PULL 04/19] iscsi: fix readcapacity error message

[Michael Tokarev]

From: Zhu Lingshan 

fix:The error message for readcapacity 16 incorrectly mentioned
a readcapacity 10 failure, fixed the error message.

Signed-off-by: Zhu Lingshan 
Reviewed-by: John Snow 
Signed-off-by: Michael Tokarev 
---
 block/iscsi.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/block/iscsi.c b/block/iscsi.c
index bd1f1bf..eb28ddc 100644
--- a/block/iscsi.c
+++ b/block/iscsi.c
@@ -1270,7 +1270,7 @@ static void iscsi_readcapacity_sync(IscsiLun *iscsilun, 
Error **errp)
  && retries-- > 0);
 
 if (task == NULL || task->status != SCSI_STATUS_GOOD) {
-error_setg(errp, "iSCSI: failed to send readcapacity10 command.");
+error_setg(errp, "iSCSI: failed to send readcapacity10/16 command");
 } else if (!iscsilun->block_size ||
iscsilun->block_size % BDRV_SECTOR_SIZE) {
 error_setg(errp, "iSCSI: the target returned an invalid "
-- 
2.1.4

Re: [Qemu-devel] [PATCH] Keep pty slave file descriptor open until the master is closed

[Paolo Bonzini]

On 11/12/2015 12:29, Ashley Jonathan wrote:
> I have experienced a minor difficulty using QEMU with the "-serial
> pty" option:
> 
> If a process opens the slave pts device, writes data to it, then
> immediately closes it, the data doesn't reliably get delivered to the
> emulated serial port. This seems to be because a read of the master
> pty device returns EIO on Linux if no process has the pts device
> open, even when data is waiting "in the pipe".
> 
> A fix seems to be for QEMU to keep the pts file descriptor open until
> the pty is closed, as per the below patch.

You need to include a "Signed-off-by: Ashley Jonathan 
"
line in the commit message, meaning that you have read and understood the
"Developer Certificate of Origin":

http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/tree/Documentation/SubmittingPatches?id=f6f94e2ab1b33f0082ac22d71f66385a60d8157f#n297

Just reply to this message with the above line.

Paolo

Re: [Qemu-devel] [RFC v6 11/14] softmmu: Simplify helper_*_st_name, wrap MMIO code

[alvise rigo]

On Mon, Jan 11, 2016 at 10:54 AM, Alex Bennée  wrote:
>
> Alvise Rigo  writes:
>
>> Attempting to simplify the helper_*_st_name, wrap the MMIO code into an
>> inline function.
>>
>> Suggested-by: Jani Kokkonen 
>> Suggested-by: Claudio Fontana 
>> Signed-off-by: Alvise Rigo 
>> ---
>>  softmmu_template.h | 64 
>> +-
>>  1 file changed, 44 insertions(+), 20 deletions(-)
>>
>> diff --git a/softmmu_template.h b/softmmu_template.h
>> index 92f92b1..2ebf527 100644
>> --- a/softmmu_template.h
>> +++ b/softmmu_template.h
>> @@ -396,6 +396,26 @@ static inline void glue(helper_le_st_name, 
>> _do_unl_access)(CPUArchState *env,
>>  }
>>  }
>>
>> +static inline void glue(helper_le_st_name, _do_mmio_access)(CPUArchState 
>> *env,
>> +DATA_TYPE val,
>> +target_ulong 
>> addr,
>> +TCGMemOpIdx oi,
>> +unsigned 
>> mmu_idx,
>> +int index,
>> +uintptr_t 
>> retaddr)
>> +{
>> +CPUIOTLBEntry *iotlbentry = >iotlb[mmu_idx][index];
>> +
>> +if ((addr & (DATA_SIZE - 1)) != 0) {
>> +glue(helper_le_st_name, _do_unl_access)(env, val, addr, mmu_idx,
>> +oi, retaddr);
>> +}
>> +/* ??? Note that the io helpers always read data in the target
>> +   byte ordering.  We should push the LE/BE request down into io.  */
>> +val = TGT_LE(val);
>> +glue(io_write, SUFFIX)(env, iotlbentry, val, addr, retaddr);
>> +}
>> +
>
> Some comment as previous patches. I think we can have a single function
> that is shared between both helpers.

Of course. If the objdump you got from this version and the version
with single helper is basically the same, then there's no reason to
make two distinct variants.

Thank you,
alvise

>
>>  void helper_le_st_name(CPUArchState *env, target_ulong addr, DATA_TYPE val,
>> TCGMemOpIdx oi, uintptr_t retaddr)
>>  {
>> @@ -458,16 +478,8 @@ void helper_le_st_name(CPUArchState *env, target_ulong 
>> addr, DATA_TYPE val,
>>
>>  return;
>>  } else {
>> -if ((addr & (DATA_SIZE - 1)) != 0) {
>> -glue(helper_le_st_name, _do_unl_access)(env, val, addr, 
>> mmu_idx,
>> -oi, retaddr);
>> -}
>> -iotlbentry = >iotlb[mmu_idx][index];
>> -
>> -/* ??? Note that the io helpers always read data in the target
>> -   byte ordering.  We should push the LE/BE request down into 
>> io.  */
>> -val = TGT_LE(val);
>> -glue(io_write, SUFFIX)(env, iotlbentry, val, addr, retaddr);
>> +glue(helper_le_st_name, _do_mmio_access)(env, val, addr, oi,
>> + mmu_idx, index, 
>> retaddr);
>>  return;
>>  }
>>  }
>> @@ -523,6 +535,26 @@ static inline void glue(helper_be_st_name, 
>> _do_unl_access)(CPUArchState *env,
>>  }
>>  }
>>
>> +static inline void glue(helper_be_st_name, _do_mmio_access)(CPUArchState 
>> *env,
>> +DATA_TYPE val,
>> +target_ulong 
>> addr,
>> +TCGMemOpIdx oi,
>> +unsigned 
>> mmu_idx,
>> +int index,
>> +uintptr_t 
>> retaddr)
>> +{
>> +CPUIOTLBEntry *iotlbentry = >iotlb[mmu_idx][index];
>> +
>> +if ((addr & (DATA_SIZE - 1)) != 0) {
>> +glue(helper_be_st_name, _do_unl_access)(env, val, addr, mmu_idx,
>> +oi, retaddr);
>> +}
>> +/* ??? Note that the io helpers always read data in the target
>> +   byte ordering.  We should push the LE/BE request down into io.  */
>> +val = TGT_BE(val);
>> +glue(io_write, SUFFIX)(env, iotlbentry, val, addr, retaddr);
>> +}
>> +
>>  void helper_be_st_name(CPUArchState *env, target_ulong addr, DATA_TYPE val,
>> TCGMemOpIdx oi, uintptr_t retaddr)
>>  {
>> @@ -585,16 +617,8 @@ void helper_be_st_name(CPUArchState *env, target_ulong 
>> addr, DATA_TYPE val,
>>
>>  return;
>>  } else {
>> -if ((addr & (DATA_SIZE - 1)) != 0) {
>> -glue(helper_be_st_name, _do_unl_access)(env, val, addr, 
>> 

Re: [Qemu-devel] [PATCH] PCI Bonito: QOMify

[Michael Tokarev]

05.01.2016 13:57, Cao jin wrote:
> Also clear the code

Applied to -trivial.

Thanks,

/mjt

Re: [Qemu-devel] [PATCH 1/2] qemu-nbd: Fix unintended texi verbatim formatting

[Michael Tokarev]

11.01.2016 11:07, Michael Tokarev wrote:
> 30.12.2015 22:54, Sitsofe Wheeler wrote:
>> Indented lines in the texi meant the perlpod produced interpreted the
>> paragraph as being verbatim (thus formatting codes were not
>> interpreted). Fix this by un-indenting problem lines.
> 
> Applied to -trivial, thank you!

Sorry, un-applied.  Because another patchset has already been
posted and because Paolo picked it already.

Thanks,

/mjt

Re: [Qemu-devel] [PATCH 1/2] qemu-nbd: Fix unintended texi verbatim formatting

[Michael Tokarev]

30.12.2015 22:54, Sitsofe Wheeler wrote:
> Indented lines in the texi meant the perlpod produced interpreted the
> paragraph as being verbatim (thus formatting codes were not
> interpreted). Fix this by un-indenting problem lines.

Applied to -trivial, thank you!

/mjt

Re: [Qemu-devel] [Xen-devel] [PATCH v4] igd-passthrough-i440FX: convert to realize()

[Hao, Xudong]

Stefano, 

Patch http://marc.info/?l=qemu-devel=145137863501079 don't works for qemu at 
all, some conflict when git apply. 
Patch http://marc.info/?l=qemu-devel=145137863501079 is based on patch 
http://marc.info/?l=qemu-devel=145172165010604, right?

I can boot up Linux VM with IGD pass-through with latest qemu (without any 
additional patch), guest run 3D "nexuiz" and get 180fps. 

Will try the two patch together later.

Thanks,
-Xudong


> -Original Message-
> From: Stefano Stabellini [mailto:stefano.stabell...@eu.citrix.com]
> Sent: Friday, January 8, 2016 7:57 PM
> To: Hao, Xudong 
> Cc: Stefano Stabellini ; Lars Kurth
> ; Lars Kurth ; Cao jin
> ; xen-de...@lists.xensource.com; Stefano Stabellini
> ; qemu-devel@nongnu.org; Michael S. Tsirkin
> 
> Subject: RE: [Xen-devel] [PATCH v4] igd-passthrough-i440FX: convert to 
> realize()
> 
> Since you are at it, could you please let me know how well igd passthrough
> works without this bugfix:
> 
> http://marc.info/?l=qemu-devel=145172165010604
> 
> which is about to land in QEMU.  I guess it doesn't work at all?
> 
> I am asking because I would like to know the level of support we need to 
> provide
> to igd passthrough with the latest QEMU release (2.5).
> 
> 
> On Thu, 7 Jan 2016, Hao, Xudong wrote:
> > Sure. I'll test it soon.
> >
> > Thanks,
> > -Xudong
> >
> > > -Original Message-
> > > From: Stefano Stabellini [mailto:stefano.stabell...@eu.citrix.com]
> > > Sent: Wednesday, January 6, 2016 8:18 PM
> > > To: Lars Kurth 
> > > Cc: Stefano Stabellini ; Hao,
> > > Xudong ; Lars Kurth ;
> > > Cao jin ; xen-de...@lists.xensource.com;
> > > Stefano Stabellini ;
> > > qemu-devel@nongnu.org; Michael S. Tsirkin 
> > > Subject: Re: [Xen-devel] [PATCH v4] igd-passthrough-i440FX: convert
> > > to realize()
> > >
> > > Hello Xudong,
> > >
> > > please test this patch:
> > >
> > > http://marc.info/?l=qemu-devel=145137863501079
> > >
> > > with an intel graphic card assigned to a Xen guest. If everything
> > > still works as expected, please reply with your Tested-by.
> > >
> > > Thanks,
> > >
> > > Stefano
> > >
> > > On Wed, 6 Jan 2016, Lars Kurth wrote:
> > > > Hi folks,
> > > > let me introduce you to Xudong from Intel, who is willing to help out.
> > > > Best Regards
> > > > Lars
> > > >
> > > > > On 4 Jan 2016, at 15:41, Stefano Stabellini
> > > > > 
> > > wrote:
> > > > >
> > > > > On Mon, 4 Jan 2016, Lars Kurth wrote:
> > > > >> On 04/01/2016 14:47, "Stefano Stabellini"
> > > > >>  wrote:
> > > > >>
> > > > >>> Unfortunately I don't have a setup to test this either. Maybe
> > > > >>> Lars can find out who should be involved on the Intel side on this.
> > > > >>
> > > > >> I can certainly help to this and get back to you. What exactly
> > > > >> are we asking Intel to do?
> > > > >> It is not clear to me from this email thread
> > > > >
> > > > > Tiejun Chen, the author of the Intel graphic card passthrough
> > > > > patches for QEMU, seems to have left the company. It would be
> > > > > nice if somebody else tested this patch with an intel graphic
> > > > > card assigned to a guest VM.
> > > > >
> > > > > ___
> > > > > Xen-devel mailing list
> > > > > xen-de...@lists.xen.org
> > > > > http://lists.xen.org/xen-devel
> > > >
> >

Re: [Qemu-devel] [RFC v6 11/14] softmmu: Simplify helper_*_st_name, wrap MMIO code

[Alex Bennée]

Alvise Rigo  writes:

> Attempting to simplify the helper_*_st_name, wrap the MMIO code into an
> inline function.
>
> Suggested-by: Jani Kokkonen 
> Suggested-by: Claudio Fontana 
> Signed-off-by: Alvise Rigo 
> ---
>  softmmu_template.h | 64 
> +-
>  1 file changed, 44 insertions(+), 20 deletions(-)
>
> diff --git a/softmmu_template.h b/softmmu_template.h
> index 92f92b1..2ebf527 100644
> --- a/softmmu_template.h
> +++ b/softmmu_template.h
> @@ -396,6 +396,26 @@ static inline void glue(helper_le_st_name, 
> _do_unl_access)(CPUArchState *env,
>  }
>  }
>
> +static inline void glue(helper_le_st_name, _do_mmio_access)(CPUArchState 
> *env,
> +DATA_TYPE val,
> +target_ulong 
> addr,
> +TCGMemOpIdx oi,
> +unsigned mmu_idx,
> +int index,
> +uintptr_t 
> retaddr)
> +{
> +CPUIOTLBEntry *iotlbentry = >iotlb[mmu_idx][index];
> +
> +if ((addr & (DATA_SIZE - 1)) != 0) {
> +glue(helper_le_st_name, _do_unl_access)(env, val, addr, mmu_idx,
> +oi, retaddr);
> +}
> +/* ??? Note that the io helpers always read data in the target
> +   byte ordering.  We should push the LE/BE request down into io.  */
> +val = TGT_LE(val);
> +glue(io_write, SUFFIX)(env, iotlbentry, val, addr, retaddr);
> +}
> +

Some comment as previous patches. I think we can have a single function
that is shared between both helpers.

>  void helper_le_st_name(CPUArchState *env, target_ulong addr, DATA_TYPE val,
> TCGMemOpIdx oi, uintptr_t retaddr)
>  {
> @@ -458,16 +478,8 @@ void helper_le_st_name(CPUArchState *env, target_ulong 
> addr, DATA_TYPE val,
>
>  return;
>  } else {
> -if ((addr & (DATA_SIZE - 1)) != 0) {
> -glue(helper_le_st_name, _do_unl_access)(env, val, addr, 
> mmu_idx,
> -oi, retaddr);
> -}
> -iotlbentry = >iotlb[mmu_idx][index];
> -
> -/* ??? Note that the io helpers always read data in the target
> -   byte ordering.  We should push the LE/BE request down into 
> io.  */
> -val = TGT_LE(val);
> -glue(io_write, SUFFIX)(env, iotlbentry, val, addr, retaddr);
> +glue(helper_le_st_name, _do_mmio_access)(env, val, addr, oi,
> + mmu_idx, index, 
> retaddr);
>  return;
>  }
>  }
> @@ -523,6 +535,26 @@ static inline void glue(helper_be_st_name, 
> _do_unl_access)(CPUArchState *env,
>  }
>  }
>
> +static inline void glue(helper_be_st_name, _do_mmio_access)(CPUArchState 
> *env,
> +DATA_TYPE val,
> +target_ulong 
> addr,
> +TCGMemOpIdx oi,
> +unsigned mmu_idx,
> +int index,
> +uintptr_t 
> retaddr)
> +{
> +CPUIOTLBEntry *iotlbentry = >iotlb[mmu_idx][index];
> +
> +if ((addr & (DATA_SIZE - 1)) != 0) {
> +glue(helper_be_st_name, _do_unl_access)(env, val, addr, mmu_idx,
> +oi, retaddr);
> +}
> +/* ??? Note that the io helpers always read data in the target
> +   byte ordering.  We should push the LE/BE request down into io.  */
> +val = TGT_BE(val);
> +glue(io_write, SUFFIX)(env, iotlbentry, val, addr, retaddr);
> +}
> +
>  void helper_be_st_name(CPUArchState *env, target_ulong addr, DATA_TYPE val,
> TCGMemOpIdx oi, uintptr_t retaddr)
>  {
> @@ -585,16 +617,8 @@ void helper_be_st_name(CPUArchState *env, target_ulong 
> addr, DATA_TYPE val,
>
>  return;
>  } else {
> -if ((addr & (DATA_SIZE - 1)) != 0) {
> -glue(helper_be_st_name, _do_unl_access)(env, val, addr, 
> mmu_idx,
> -oi, retaddr);
> -}
> -iotlbentry = >iotlb[mmu_idx][index];
> -
> -/* ??? Note that the io helpers always read data in the target
> -   byte ordering.  We should push the LE/BE request down into 
> io.  */
> -val = TGT_BE(val);
> -glue(io_write, 

Re: [Qemu-devel] [PATCH v2 5/7] hw/arm/sysbus-fdt: helpers for clock node generation

[Eric Auger]

Hi David,
On 01/11/2016 03:41 AM, David Gibson wrote:
> On Wed, Jan 06, 2016 at 03:13:23PM +, Eric Auger wrote:
>> Some passthrough'ed devices depend on clock nodes. Those need to be
>> generated in the guest device tree. This patch introduces some helpers
>> to build a clock node from information retrieved in the host device tree.
>>
>> - inherit_properties copies properties from a host device tree node to
>>   a guest device tree node
> 
> I dislike the name, since the first thing I think when I see "inherit"
> is that it's about a node inheriting a property from an ancestor node,
> not the guest inheriting properties from the host.  Maybe
> "passthrough_properties()"?
No Problem, I will rename the function

Best Regards

Eric

> 
>> - fdt_build_clock_node builds a guest clock node and checks the host
>>   fellow clock is a fixed one.
>>
>> fdt_build_clock_node will become static as soon as it gets used. A
>> dummy pre-declaration is needed for compilation of this patch.
>>
>> Signed-off-by: Eric Auger 
>>
>> ---
>>
>> v1 -> v2:
>> - inherit properties now outputs an error message in case
>>   qemu_fdt_getprop fails for an existing optional property
>> - no hardcoded fixed buffer length
>> - fdt_build_clock_node becomes void and auto-asserts on error
>> - use boolean values when defining the clock properties
>>
>> RFC -> v1:
>> - use the new proto of qemu_fdt_getprop
>> - remove newline in error_report
>> - fix some style issues
>> ---
>>  hw/arm/sysbus-fdt.c | 120 
>> 
>>  1 file changed, 120 insertions(+)
>>
>> diff --git a/hw/arm/sysbus-fdt.c b/hw/arm/sysbus-fdt.c
>> index 9d28797..a1cf57b 100644
>> --- a/hw/arm/sysbus-fdt.c
>> +++ b/hw/arm/sysbus-fdt.c
>> @@ -21,6 +21,7 @@
>>   *
>>   */
>>  
>> +#include 
>>  #include "hw/arm/sysbus-fdt.h"
>>  #include "qemu/error-report.h"
>>  #include "sysemu/device_tree.h"
>> @@ -56,6 +57,125 @@ typedef struct NodeCreationPair {
>>  int (*add_fdt_node_fn)(SysBusDevice *sbdev, void *opaque);
>>  } NodeCreationPair;
>>  
>> +/* helpers */
>> +
>> +typedef struct HostProperty {
>> +const char *name;
>> +bool optional;
>> +} HostProperty;
>> +
>> +/**
>> + * inherit_properties
>> + *
>> + * copies properties listed in an array from host device tree to
>> + * guest device tree. If a non optional property is not found, the
>> + * function self-asserts. An optional property is ignored if not found
>> + * in the host device tree.
>> + * @props: array of HostProperty to copy
>> + * @nb_props: number of properties in the array
>> + * @host_dt: host device tree blob
>> + * @guest_dt: guest device tree blob
>> + * @node_path: host dt node path where the property is supposed to be
>> +  found
>> + * @nodename: guest node name the properties should be added to
>> + */
>> +static void inherit_properties(HostProperty *props, int nb_props,
>> +   void *host_fdt, void *guest_fdt,
>> +   char *node_path, char *nodename)
>> +{
>> +int i, prop_len;
>> +const void *r;
>> +Error *err = NULL;
>> +
>> +for (i = 0; i < nb_props; i++) {
>> +r = qemu_fdt_getprop(host_fdt, node_path,
>> + props[i].name,
>> + _len,
>> + props[i].optional ?  : _fatal);
>> +if (r) {
>> +qemu_fdt_setprop(guest_fdt, nodename,
>> + props[i].name, r, prop_len);
>> +} else {
>> +if (prop_len != -FDT_ERR_NOTFOUND) {
>> +/* optional property not returned although property exists 
>> */
>> +error_report_err(err);
>> +} else {
>> +error_free(err);
>> +}
>> +}
>> +}
>> +}
>> +
>> +/* clock properties whose values are copied/pasted from host */
>> +static HostProperty clock_inherited_properties[] = {
>> +{"compatible", false},
>> +{"#clock-cells", false},
>> +{"clock-frequency", true},
>> +{"clock-output-names", true},
>> +};
>> +
>> +/**
>> + * fdt_build_clock_node
>> + *
>> + * Build a guest clock node, used as a dependency from a passthrough'ed
>> + * device. Most information are retrieved from the host clock node.
>> + * Also check the host clock is a fixed one.
>> + *
>> + * @host_fdt: host device tree blob from which info are retrieved
>> + * @guest_fdt: guest device tree blob where the clock node is added
>> + * @host_phandle: phandle of the clock in host device tree
>> + * @guest_phandle: phandle to assign to the guest node
>> + */
>> +void fdt_build_clock_node(void *host_fdt, void *guest_fdt,
>> + uint32_t host_phandle,
>> + uint32_t guest_phandle);
>> +void fdt_build_clock_node(void *host_fdt, void *guest_fdt,
>> + uint32_t host_phandle,
>> + uint32_t guest_phandle)
>> +{
>> +char 

Re: [Qemu-devel] [PATCH 0/4] Remove superfluous return statements

[Michael Tokarev]

10.11.2015 23:16, Thomas Huth wrote:
> Some functions in QEMU have a "return;" statement at the
> very end of a function with "void" return type, i.e. the
> return statement is superfluous. This patch series removes
> some of them.
> 
> Thomas Huth (4):
>   hw/ide: Remove superfluous return statements
>   hw/acpi: Remove superfluous return statement
>   hw/s390x: Remove superfluous return statements
>   hw/core/qdev: Remove superfluous return statement

(Finally!) applied to -trivial, after removing changes
to hw/s390x/event-facility.c from hw/s390x patch as
discussed before.

Thank you, and please excuse me it took so long :)

/mjt

Re: [Qemu-devel] [PATCH] Keep pty slave file descriptor open until the master is closed

[Paolo Bonzini]

On 11/01/2016 09:33, Michael Tokarev wrote:
> 11.12.2015 14:29, Ashley Jonathan wrote:
>> I have experienced a minor difficulty using QEMU with the "-serial pty" 
>> option:
>>
>> If a process opens the slave pts device, writes data to it, then immediately 
>> closes it, the data doesn't reliably get delivered to the emulated serial 
>> port. This seems to be because a read of the master pty device returns EIO 
>> on Linux if no process has the pts device open, even when data is waiting 
>> "in the pipe".
>>
>> A fix seems to be for QEMU to keep the pts file descriptor open until the 
>> pty is closed, as per the below patch.
> 
> The patch looks fine, so
> 
> Reviewed-by: Michael Tokarev 
> 
> but I'd love to have an ACK from the maintainer about this one,
> or for it to pick it up.

Ok, I'll pick it up after I've read up a bit more on PTYs.

Paolo

[Qemu-devel] [PATCH] qemu-ga: Fixed minor version switch issue

[Leonid Bloch]

With automatically generated GUID, on minor version changes, an error
occurred, stating that there is a problem with the installer.
Now, a notification is shown, warning the user that another version of
this product is already installed, and that configuration or removal of
the existing version is possible through Add/Remove Programs on the
Control Panel (expected behavior).

Signed-off-by: Leonid Bloch 
---
 qga/installer/qemu-ga.wxs | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/qga/installer/qemu-ga.wxs b/qga/installer/qemu-ga.wxs
index 9473875..7f92891 100644
--- a/qga/installer/qemu-ga.wxs
+++ b/qga/installer/qemu-ga.wxs
@@ -41,7 +41,7 @@
 
   

Re: [Qemu-devel] [PATCH v3 0/3] 9pfs: disentangling virtio and generic code

[Wei Liu]

I forgot to mention -- this series can be pulled from:

  git://xenbits.xen.org/people/liuw/qemu.git wip.9pfs-refactor-v3

Wei.

Re: [Qemu-devel] [PATCH 1/1] qmp: process system-reset event in paused state

[Denis V. Lunev]

On 12/16/2015 05:47 PM, Denis V. Lunev wrote:

On 12/16/2015 03:02 PM, Paolo Bonzini wrote:


On 16/12/2015 10:50, Peter Krempa wrote:

We check that the state is "paused" and continue the vCPUs only in
that case. The panic devices will move the VM to 'crashed' state.
The code that is issuing 'system_reset' does not modify the state
in any way.

Ok, thanks.


I'd say NACK here. This will break the possibility to reset a
system while the vCPUs are paused. The problem should be fixed in
libvirt.

It is indeed a QEMU bug, and it was introduced in commit df39076 ("vl:
allow "cont" from panicked state", 2013-11-04).

Until that commit, a system_reset in panicked state would change the
status to paused.  The commit changed that as a side effect of
removing VM_STATE_GUEST_PANICKED from runstate_needs_reset; see the
call to runstate_needs_reset in main_loop_should_exit.

IMO, after a reset, main_loop_should_exit should actually transition
to VM_STATE_PRELAUNCH (*not* RUN_STATE_PAUSED) for *all* states except
RUN_STATE_INMIGRATE, RUN_STATE_SAVE_VM (which I think cannot happen
there) and (of course) RUN_STATE_RUNNING.  Some changes will be required
to the transition table as well.

This will fix similar bugs for other runstates as well, though most of
them probably cannot be triggered from libvirt.

Thanks,

Paolo

ok. Thank you for this input. I'll analyse this and come with
corrected patch :)

Den


What would be correct procedure to handle this state?

Setting VM_STATE_PRELAUNCH in main_loop_should_exit does not
move QEMU into VM_STATE_RUNNING and thus subsequent 'resume'
command is necessary.

In this case the processing of 'reset' command should be different
in libvirt, i.e. libvirt should send two commands ('reset' and 'resume')
in this state.

Does I understand right?  In the other case we could stick to shortcut
proposed by me in the original patch.

Den

Re: [Qemu-devel] [Qemu-block] [PATCH V5] block/nfs: add support for setting debug level

[Jeff Cody]

On Mon, Jan 11, 2016 at 09:51:39AM +0100, Peter Lieven wrote:
> Am 13.11.2015 um 10:45 schrieb Stefan Hajnoczi:
> > On Mon, Nov 09, 2015 at 08:09:33AM +0100, Peter Lieven wrote:
> >> recent libnfs versions support logging debug messages. Add
> >> support for it in qemu through an URL parameter.
> >>
> >> Example:
> >>  qemu -cdrom nfs://127.0.0.1/iso/my.iso?debug=2
> >>
> >> Signed-off-by: Peter Lieven 
> >> ---
> >> v4->v5: add a comment in the code why we limit the debug level [Stefan]
> >> v3->v4: revert to the initial version, but limit max debug level
> >> v2->v3: use a per-drive option instead of a global one. [Stefan]
> >> v1->v2: reworked patch to accept the debug level as a cmdline
> >> parameter instead of an URI parameter [Stefan]
> >>
> >>  block/nfs.c | 12 
> >>  1 file changed, 12 insertions(+)
> > Hi Peter,
> > Please use my official maintainer email address 
> > when CCing me.  I didn't spot the mail to GMail until after the QEMU 2.5
> > hard freeze deadline.
> >
> > Only bug fixes are being merged for QEMU 2.5 now.  I'm sorry that this
> > patch didn't make it.  My block-next branch will be opening on Monday
> > and I'll merge this patch there for QEMU 2.6.
> 
> Hi Stefan,
> 
> can you pick up this one for 2.6 now?
> 
> Thanks,
> Peter
> 
>

Hi Peter,

I've applied it to my branch, for 2.6:

git://github.com/codyprime/qemu-kvm-jtc.git block


Thanks,
Jeff

Re: [Qemu-devel] [Xen-devel] [PATCH v4] igd-passthrough-i440FX: convert to realize()

[Stefano Stabellini]

On Mon, 11 Jan 2016, Hao, Xudong wrote:
> Stefano, 
> 
> Patch http://marc.info/?l=qemu-devel=145137863501079 don't works for qemu 
> at all, some conflict when git apply. 
> Patch http://marc.info/?l=qemu-devel=145137863501079 is based on patch 
> http://marc.info/?l=qemu-devel=145172165010604, right?
> 
> I can boot up Linux VM with IGD pass-through with latest qemu (without any 
> additional patch), guest run 3D "nexuiz" and get 180fps. 

Very interesting, thanks for testing.


> Will try the two patch together later.

That would be useful


> > -Original Message-
> > From: Stefano Stabellini [mailto:stefano.stabell...@eu.citrix.com]
> > Sent: Friday, January 8, 2016 7:57 PM
> > To: Hao, Xudong 
> > Cc: Stefano Stabellini ; Lars Kurth
> > ; Lars Kurth ; Cao jin
> > ; xen-de...@lists.xensource.com; Stefano 
> > Stabellini
> > ; qemu-devel@nongnu.org; Michael S. Tsirkin
> > 
> > Subject: RE: [Xen-devel] [PATCH v4] igd-passthrough-i440FX: convert to 
> > realize()
> > 
> > Since you are at it, could you please let me know how well igd passthrough
> > works without this bugfix:
> > 
> > http://marc.info/?l=qemu-devel=145172165010604
> > 
> > which is about to land in QEMU.  I guess it doesn't work at all?
> > 
> > I am asking because I would like to know the level of support we need to 
> > provide
> > to igd passthrough with the latest QEMU release (2.5).
> > 
> > 
> > On Thu, 7 Jan 2016, Hao, Xudong wrote:
> > > Sure. I'll test it soon.
> > >
> > > Thanks,
> > > -Xudong
> > >
> > > > -Original Message-
> > > > From: Stefano Stabellini [mailto:stefano.stabell...@eu.citrix.com]
> > > > Sent: Wednesday, January 6, 2016 8:18 PM
> > > > To: Lars Kurth 
> > > > Cc: Stefano Stabellini ; Hao,
> > > > Xudong ; Lars Kurth ;
> > > > Cao jin ; xen-de...@lists.xensource.com;
> > > > Stefano Stabellini ;
> > > > qemu-devel@nongnu.org; Michael S. Tsirkin 
> > > > Subject: Re: [Xen-devel] [PATCH v4] igd-passthrough-i440FX: convert
> > > > to realize()
> > > >
> > > > Hello Xudong,
> > > >
> > > > please test this patch:
> > > >
> > > > http://marc.info/?l=qemu-devel=145137863501079
> > > >
> > > > with an intel graphic card assigned to a Xen guest. If everything
> > > > still works as expected, please reply with your Tested-by.
> > > >
> > > > Thanks,
> > > >
> > > > Stefano
> > > >
> > > > On Wed, 6 Jan 2016, Lars Kurth wrote:
> > > > > Hi folks,
> > > > > let me introduce you to Xudong from Intel, who is willing to help out.
> > > > > Best Regards
> > > > > Lars
> > > > >
> > > > > > On 4 Jan 2016, at 15:41, Stefano Stabellini
> > > > > > 
> > > > wrote:
> > > > > >
> > > > > > On Mon, 4 Jan 2016, Lars Kurth wrote:
> > > > > >> On 04/01/2016 14:47, "Stefano Stabellini"
> > > > > >>  wrote:
> > > > > >>
> > > > > >>> Unfortunately I don't have a setup to test this either. Maybe
> > > > > >>> Lars can find out who should be involved on the Intel side on 
> > > > > >>> this.
> > > > > >>
> > > > > >> I can certainly help to this and get back to you. What exactly
> > > > > >> are we asking Intel to do?
> > > > > >> It is not clear to me from this email thread
> > > > > >
> > > > > > Tiejun Chen, the author of the Intel graphic card passthrough
> > > > > > patches for QEMU, seems to have left the company. It would be
> > > > > > nice if somebody else tested this patch with an intel graphic
> > > > > > card assigned to a guest VM.
> > > > > >
> > > > > > ___
> > > > > > Xen-devel mailing list
> > > > > > xen-de...@lists.xen.org
> > > > > > http://lists.xen.org/xen-devel
> > > > >
> > >
> 

[Qemu-devel] [PATCH] net/vmxnet3: trace support for register access

[Miao Yan]

Turning debug printfs to trace points for register access

Signed-off-by: Miao Yan 
---
 hw/net/vmxnet3.c | 68 +---
 trace-events |  6 +
 2 files changed, 16 insertions(+), 58 deletions(-)

diff --git a/hw/net/vmxnet3.c b/hw/net/vmxnet3.c
index 67abad3..e089037 100644
--- a/hw/net/vmxnet3.c
+++ b/hw/net/vmxnet3.c
@@ -32,6 +32,8 @@
 #include "vmxnet_tx_pkt.h"
 #include "vmxnet_rx_pkt.h"
 
+#include "trace.h"
+
 #define PCI_DEVICE_ID_VMWARE_VMXNET3_REVISION 0x1
 #define VMXNET3_MSIX_BAR_SIZE 0x2000
 #define MIN_BUF_SIZE 60
@@ -1157,6 +1159,8 @@ vmxnet3_io_bar0_write(void *opaque, hwaddr addr,
 {
 VMXNET3State *s = opaque;
 
+trace_vmxnet3_bar0_write(opaque, addr, val);
+
 if (VMW_IS_MULTIREG_ADDR(addr, VMXNET3_REG_TXPROD,
 VMXNET3_DEVICE_MAX_TX_QUEUES, VMXNET3_REG_ALIGN)) {
 int tx_queue_idx =
@@ -1171,9 +1175,6 @@ vmxnet3_io_bar0_write(void *opaque, hwaddr addr,
 VMXNET3_MAX_INTRS, VMXNET3_REG_ALIGN)) {
 int l = VMW_MULTIREG_IDX_BY_ADDR(addr, VMXNET3_REG_IMR,
  VMXNET3_REG_ALIGN);
-
-VMW_CBPRN("Interrupt mask for line %d written: 0x%" PRIx64, l, val);
-
 vmxnet3_on_interrupt_mask_changed(s, l, val);
 return;
 }
@@ -1184,9 +1185,6 @@ vmxnet3_io_bar0_write(void *opaque, hwaddr addr,
 VMXNET3_DEVICE_MAX_RX_QUEUES, VMXNET3_REG_ALIGN)) {
 return;
 }
-
-VMW_WRPRN("BAR0 unknown write [%" PRIx64 "] = %" PRIx64 ", size %d",
-  (uint64_t) addr, val, size);
 }
 
 static uint64_t
@@ -1201,7 +1199,8 @@ vmxnet3_io_bar0_read(void *opaque, hwaddr addr, unsigned 
size)
 return s->interrupt_states[l].is_masked;
 }
 
-VMW_CBPRN("BAR0 unknown read [%" PRIx64 "], size %d", addr, size);
+trace_vmxnet3_bar0_read(opaque, addr, 0);
+
 return 0;
 }
 
@@ -1315,7 +1314,6 @@ static void vmxnet3_setup_rx_filtering(VMXNET3State *s)
 static uint32_t vmxnet3_get_interrupt_config(VMXNET3State *s)
 {
 uint32_t interrupt_mode = VMXNET3_IT_AUTO | (VMXNET3_IMM_AUTO << 2);
-VMW_CFPRN("Interrupt config is 0x%X", interrupt_mode);
 return interrupt_mode;
 }
 
@@ -1614,85 +1612,66 @@ static void vmxnet3_handle_command(VMXNET3State *s, 
uint64_t cmd)
 
 switch (cmd) {
 case VMXNET3_CMD_GET_PERM_MAC_HI:
-VMW_CBPRN("Set: Get upper part of permanent MAC");
 break;
 
 case VMXNET3_CMD_GET_PERM_MAC_LO:
-VMW_CBPRN("Set: Get lower part of permanent MAC");
 break;
 
 case VMXNET3_CMD_GET_STATS:
-VMW_CBPRN("Set: Get device statistics");
 vmxnet3_fill_stats(s);
 break;
 
 case VMXNET3_CMD_ACTIVATE_DEV:
-VMW_CBPRN("Set: Activating vmxnet3 device");
 vmxnet3_activate_device(s);
 break;
 
 case VMXNET3_CMD_UPDATE_RX_MODE:
-VMW_CBPRN("Set: Update rx mode");
 vmxnet3_update_rx_mode(s);
 break;
 
 case VMXNET3_CMD_UPDATE_VLAN_FILTERS:
-VMW_CBPRN("Set: Update VLAN filters");
 vmxnet3_update_vlan_filters(s);
 break;
 
 case VMXNET3_CMD_UPDATE_MAC_FILTERS:
-VMW_CBPRN("Set: Update MAC filters");
 vmxnet3_update_mcast_filters(s);
 break;
 
 case VMXNET3_CMD_UPDATE_FEATURE:
-VMW_CBPRN("Set: Update features");
 vmxnet3_update_features(s);
 break;
 
 case VMXNET3_CMD_UPDATE_PMCFG:
-VMW_CBPRN("Set: Update power management config");
 vmxnet3_update_pm_state(s);
 break;
 
 case VMXNET3_CMD_GET_LINK:
-VMW_CBPRN("Set: Get link");
 break;
 
 case VMXNET3_CMD_RESET_DEV:
-VMW_CBPRN("Set: Reset device");
 vmxnet3_reset(s);
 break;
 
 case VMXNET3_CMD_QUIESCE_DEV:
-VMW_CBPRN("Set: VMXNET3_CMD_QUIESCE_DEV - deactivate the device");
 vmxnet3_deactivate_device(s);
 break;
 
 case VMXNET3_CMD_GET_CONF_INTR:
-VMW_CBPRN("Set: VMXNET3_CMD_GET_CONF_INTR - interrupt configuration");
 break;
 
 case VMXNET3_CMD_GET_ADAPTIVE_RING_INFO:
-VMW_CBPRN("Set: VMXNET3_CMD_GET_ADAPTIVE_RING_INFO - "
-  "adaptive ring info flags");
 break;
 
 case VMXNET3_CMD_GET_DID_LO:
-VMW_CBPRN("Set: Get lower part of device ID");
 break;
 
 case VMXNET3_CMD_GET_DID_HI:
-VMW_CBPRN("Set: Get upper part of device ID");
 break;
 
 case VMXNET3_CMD_GET_DEV_EXTRA_INFO:
-VMW_CBPRN("Set: Get device extra info");
 break;
 
 default:
-VMW_CBPRN("Received unknown command: %" PRIx64, cmd);
 break;
 }
 }
@@ -1704,7 +1683,6 @@ static uint64_t vmxnet3_get_command_status(VMXNET3State 
*s)
 switch (s->last_command) {
 case VMXNET3_CMD_ACTIVATE_DEV:
 ret = (s->device_active) ? 0 : 1;
-VMW_CFPRN("Device active: %" PRIx64, ret);
 break;
 
 

Re: [Qemu-devel] [PATCH v10 5/7] hw/ptimer: Legalize running with delta = load = 0

[Peter Crosthwaite]

On Sat, Jan 09, 2016 at 08:39:53PM +0300, Dmitry Osipenko wrote:
> Currently ptimer would print error message and clear enable flag for an
> arming timer that has delta = load = 0. That actually could be a valid case
> for some hardware, like instant IRQ trigger for oneshot timer or continuous
> in periodic mode. Support those cases by printing error message only when
> period = 0.
> 

Isn't the continuous-periodic the same as period = 0, so if we were to really
support this, there should be no error message. This would simplify as we
can remove the conditionals of 0 period completely and rely only on the
too-fast clamps you add in previous patches.

Regards,
Peter

> In addition, don't load one-shot timer when delta = 0 and actually stop the
> timer by timer_del().
> 
> Signed-off-by: Dmitry Osipenko 
> ---
>  hw/core/ptimer.c | 21 ++---
>  1 file changed, 14 insertions(+), 7 deletions(-)
> 
> diff --git a/hw/core/ptimer.c b/hw/core/ptimer.c
> index 6960738..42e44f9 100644
> --- a/hw/core/ptimer.c
> +++ b/hw/core/ptimer.c
> @@ -36,13 +36,20 @@ static void ptimer_reload(ptimer_state *s)
>  {
>  uint32_t period_frac = s->period_frac;
>  uint64_t period = s->period;
> +int periodic = (s->enabled == 1);
>  
> -if (s->delta == 0) {
> +if (s->delta == 0 && period != 0) {
>  ptimer_trigger(s);
> -s->delta = s->limit;
> +if (periodic) {
> +s->delta = s->limit;
> +}
>  }
> -if (s->delta == 0 || s->period == 0) {
> -fprintf(stderr, "Timer with period zero, disabling\n");
> +if (s->delta == 0 || period == 0) {
> +if (period == 0) {
> +fprintf(stderr, "Timer with period zero, disabling\n");
> +s->delta = 0;
> +}
> +timer_del(s->timer);
>  s->enabled = 0;
>  return;
>  }
> @@ -56,7 +63,7 @@ static void ptimer_reload(ptimer_state *s)
>   * on the current generation of host machines.
>   */
>  
> -if ((s->enabled == 1) && !use_icount && (s->delta * period < 1)) {
> +if (periodic && !use_icount && (s->delta * period < 1)) {
>  period = 1 / s->delta;
>  period_frac = 0;
>  }
> @@ -86,14 +93,14 @@ uint64_t ptimer_get_count(ptimer_state *s)
>  int enabled = s->enabled;
>  uint64_t counter;
>  
> -if (enabled) {
> +if (enabled && s->delta != 0) {
>  int64_t now = qemu_clock_get_ns(QEMU_CLOCK_VIRTUAL);
>  int64_t next = s->next_event;
>  int expired = (now - next >= 0);
>  int oneshot = (enabled == 2);
>  
>  /* Figure out the current counter value.  */
> -if (s->period == 0 || (expired && (use_icount || oneshot))) {
> +if (expired && (use_icount || oneshot)) {
>  /* Prevent timer underflowing if it should already have
> triggered.  */
>  counter = 0;
> -- 
> 2.6.4
> 

Re: [Qemu-devel] [PATCH v10 6/7] hw/ptimer: Introduce ptimer_get_limit

[Peter Crosthwaite]

On Sat, Jan 09, 2016 at 08:39:54PM +0300, Dmitry Osipenko wrote:
> Currently ptimer users are used to store copy of the limit value, because
> ptimer doesn't provide facility to retrieve the limit. Let's provide it.
> 
> Signed-off-by: Dmitry Osipenko 

Fair call. One less piece of duped state for the VMSDs.

Reviewed-by: Peter Crosthwaite 

Regards,
Peter

> ---
>  hw/core/ptimer.c| 5 +
>  include/hw/ptimer.h | 1 +
>  2 files changed, 6 insertions(+)
> 
> diff --git a/hw/core/ptimer.c b/hw/core/ptimer.c
> index 42e44f9..0201d1b 100644
> --- a/hw/core/ptimer.c
> +++ b/hw/core/ptimer.c
> @@ -235,6 +235,11 @@ void ptimer_set_limit(ptimer_state *s, uint64_t limit, 
> int reload)
>  }
>  }
>  
> +uint64_t ptimer_get_limit(ptimer_state *s)
> +{
> +return s->limit;
> +}
> +
>  const VMStateDescription vmstate_ptimer = {
>  .name = "ptimer",
>  .version_id = 1,
> diff --git a/include/hw/ptimer.h b/include/hw/ptimer.h
> index 8ebacbb..e397db5 100644
> --- a/include/hw/ptimer.h
> +++ b/include/hw/ptimer.h
> @@ -19,6 +19,7 @@ typedef void (*ptimer_cb)(void *opaque);
>  ptimer_state *ptimer_init(QEMUBH *bh);
>  void ptimer_set_period(ptimer_state *s, int64_t period);
>  void ptimer_set_freq(ptimer_state *s, uint32_t freq);
> +uint64_t ptimer_get_limit(ptimer_state *s);
>  void ptimer_set_limit(ptimer_state *s, uint64_t limit, int reload);
>  uint64_t ptimer_get_count(ptimer_state *s);
>  void ptimer_set_count(ptimer_state *s, uint64_t count);
> -- 
> 2.6.4
> 

Re: [Qemu-devel] [PATCH] block: Fix .bdrv_open flags

[Denis V. Lunev]

On 01/11/2016 09:32 PM, Kevin Wolf wrote:

bdrv_common_open() modified bs->open_flags after inferring the set of
options to pass to the driver's .bdrv_open callback. This means that the
cache options were correctly set in bs->open_flags (and therefore
correctly displayed in 'info block'), but the image would actually be
opened with the default cache mode instead.

This patch removes the flags parameter to bdrv_common_open() (except for
BDRV_O_NO_BACKING it's the same as bs->open_flags anyway, and having two
names for the same thing is confusing), and moves the assignment of
open_flags down to immediately before calling into the block drivers. In
all other places, bs->open_flags is now used consistently.

Signed-off-by: Kevin Wolf 
---
  block.c | 13 +++--
  1 file changed, 7 insertions(+), 6 deletions(-)

diff --git a/block.c b/block.c
index 01655de..ef37d51 100644
--- a/block.c
+++ b/block.c
@@ -905,7 +905,7 @@ static QemuOptsList bdrv_runtime_opts = {
   * Removes all processed options from *options.
   */
  static int bdrv_open_common(BlockDriverState *bs, BdrvChild *file,
-QDict *options, int flags, Error **errp)
+QDict *options, Error **errp)
  {
  int ret, open_flags;
  const char *filename;
@@ -943,7 +943,8 @@ static int bdrv_open_common(BlockDriverState *bs, BdrvChild 
*file,
  goto fail_opts;
  }
  
-trace_bdrv_open_common(bs, filename ?: "", flags, drv->format_name);

+trace_bdrv_open_common(bs, filename ?: "", bs->open_flags,
+   drv->format_name);
  
  node_name = qemu_opt_get(opts, "node-name");

  bdrv_assign_node_name(bs, node_name, _err);
@@ -955,8 +956,7 @@ static int bdrv_open_common(BlockDriverState *bs, BdrvChild 
*file,
  
  bs->request_alignment = 512;

  bs->zero_beyond_eof = true;
-open_flags = bdrv_open_flags(bs, flags);
-bs->read_only = !(open_flags & BDRV_O_RDWR);
+bs->read_only = !(bs->open_flags & BDRV_O_RDWR);
  
  if (use_bdrv_whitelist && !bdrv_is_whitelisted(drv, bs->read_only)) {

  error_setg(errp,
@@ -969,7 +969,7 @@ static int bdrv_open_common(BlockDriverState *bs, BdrvChild 
*file,
  }
  
  assert(bs->copy_on_read == 0); /* bdrv_new() and bdrv_close() make it so */

-if (flags & BDRV_O_COPY_ON_READ) {
+if (bs->open_flags & BDRV_O_COPY_ON_READ) {
  if (!bs->read_only) {
  bdrv_enable_copy_on_read(bs);
  } else {
@@ -994,6 +994,7 @@ static int bdrv_open_common(BlockDriverState *bs, BdrvChild 
*file,
  bdrv_set_enable_write_cache(bs, bs->open_flags & BDRV_O_CACHE_WB);
  
  /* Open the image, either directly or using a protocol */

+open_flags = bdrv_open_flags(bs, bs->open_flags);
  if (drv->bdrv_file_open) {
  assert(file == NULL);
  assert(!drv->bdrv_needs_filename || filename != NULL);
@@ -1660,7 +1661,7 @@ static int bdrv_open_inherit(BlockDriverState **pbs, 
const char *filename,
  assert(!(flags & BDRV_O_PROTOCOL) || !file);
  
  /* Open the image */

-ret = bdrv_open_common(bs, file, options, flags, _err);
+ret = bdrv_open_common(bs, file, options, _err);
  if (ret < 0) {
  goto fail;
  }

Reviewed-by: Denis V. Lunev 

[Qemu-devel] [PATCH 15/25] 9pfs: factor out virtio_pdu_{, un}marshal

[Aneesh Kumar K.V]

From: Wei Liu 

Signed-off-by: Wei Liu 
Signed-off-by: Aneesh Kumar K.V 
---
 hw/9pfs/virtio-9p-device.c | 14 ++
 hw/9pfs/virtio-9p.c|  6 ++
 hw/9pfs/virtio-9p.h|  5 +
 3 files changed, 21 insertions(+), 4 deletions(-)

diff --git a/hw/9pfs/virtio-9p-device.c b/hw/9pfs/virtio-9p-device.c
index f3091cc813e7..d77247f3cdad 100644
--- a/hw/9pfs/virtio-9p-device.c
+++ b/hw/9pfs/virtio-9p-device.c
@@ -156,6 +156,20 @@ static void virtio_9p_device_unrealize(DeviceState *dev, 
Error **errp)
 g_free(s->tag);
 }
 
+ssize_t virtio_pdu_vmarshal(V9fsPDU *pdu, size_t offset,
+const char *fmt, va_list ap)
+{
+return v9fs_iov_vmarshal(pdu->elem.in_sg, pdu->elem.in_num,
+ offset, 1, fmt, ap);
+}
+
+ssize_t virtio_pdu_vunmarshal(V9fsPDU *pdu, size_t offset,
+  const char *fmt, va_list ap)
+{
+return v9fs_iov_vunmarshal(pdu->elem.out_sg, pdu->elem.out_num,
+   offset, 1, fmt, ap);
+}
+
 /* virtio-9p device */
 
 static Property virtio_9p_properties[] = {
diff --git a/hw/9pfs/virtio-9p.c b/hw/9pfs/virtio-9p.c
index a740f85625a3..6d32b81faa25 100644
--- a/hw/9pfs/virtio-9p.c
+++ b/hw/9pfs/virtio-9p.c
@@ -45,8 +45,7 @@ ssize_t pdu_marshal(V9fsPDU *pdu, size_t offset, const char 
*fmt, ...)
 va_list ap;
 
 va_start(ap, fmt);
-ret = v9fs_iov_vmarshal(pdu->elem.in_sg, pdu->elem.in_num,
-offset, 1, fmt, ap);
+ret = virtio_pdu_vmarshal(pdu, offset, fmt, ap);
 va_end(ap);
 
 return ret;
@@ -58,8 +57,7 @@ ssize_t pdu_unmarshal(V9fsPDU *pdu, size_t offset, const char 
*fmt, ...)
 va_list ap;
 
 va_start(ap, fmt);
-ret = v9fs_iov_vunmarshal(pdu->elem.out_sg, pdu->elem.out_num,
-  offset, 1, fmt, ap);
+ret = virtio_pdu_vunmarshal(pdu, offset, fmt, ap);
 va_end(ap);
 
 return ret;
diff --git a/hw/9pfs/virtio-9p.h b/hw/9pfs/virtio-9p.h
index d6f3ac08a76a..e298949fde40 100644
--- a/hw/9pfs/virtio-9p.h
+++ b/hw/9pfs/virtio-9p.h
@@ -323,6 +323,11 @@ extern int v9fs_name_to_path(V9fsState *s, V9fsPath 
*dirpath,
 ssize_t pdu_marshal(V9fsPDU *pdu, size_t offset, const char *fmt, ...);
 ssize_t pdu_unmarshal(V9fsPDU *pdu, size_t offset, const char *fmt, ...);
 
+ssize_t virtio_pdu_vmarshal(V9fsPDU *pdu, size_t offset,
+const char *fmt, va_list ap);
+ssize_t virtio_pdu_vunmarshal(V9fsPDU *pdu, size_t offset,
+  const char *fmt, va_list ap);
+
 #define TYPE_VIRTIO_9P "virtio-9p-device"
 #define VIRTIO_9P(obj) \
 OBJECT_CHECK(V9fsState, (obj), TYPE_VIRTIO_9P)
-- 
2.5.0

[Qemu-devel] [PATCH 01/25] 9pfs: rename virtio-9p-coth.{c, h} to coth.{c, h}

[Aneesh Kumar K.V]

From: Wei Liu 

Those two files are not virtio specific. Rename them to use generic
names.

Fix includes in various C files. Change define guards and comments in
header files.

Signed-off-by: Wei Liu 
Signed-off-by: Aneesh Kumar K.V 
---
 hw/9pfs/Makefile.objs| 2 +-
 hw/9pfs/codir.c  | 2 +-
 hw/9pfs/cofile.c | 2 +-
 hw/9pfs/cofs.c   | 2 +-
 hw/9pfs/{virtio-9p-coth.c => coth.c} | 4 ++--
 hw/9pfs/{virtio-9p-coth.h => coth.h} | 6 +++---
 hw/9pfs/coxattr.c| 2 +-
 hw/9pfs/virtio-9p-device.c   | 2 +-
 hw/9pfs/virtio-9p.c  | 2 +-
 9 files changed, 12 insertions(+), 12 deletions(-)
 rename hw/9pfs/{virtio-9p-coth.c => coth.c} (95%)
 rename hw/9pfs/{virtio-9p-coth.h => coth.h} (98%)

diff --git a/hw/9pfs/Makefile.objs b/hw/9pfs/Makefile.objs
index 1e9b595cb4df..76dadbe1f2c7 100644
--- a/hw/9pfs/Makefile.objs
+++ b/hw/9pfs/Makefile.objs
@@ -1,7 +1,7 @@
 common-obj-y  = virtio-9p.o
 common-obj-y += virtio-9p-local.o virtio-9p-xattr.o
 common-obj-y += virtio-9p-xattr-user.o virtio-9p-posix-acl.o
-common-obj-y += virtio-9p-coth.o cofs.o codir.o cofile.o
+common-obj-y += coth.o cofs.o codir.o cofile.o
 common-obj-y += coxattr.o virtio-9p-synth.o
 common-obj-$(CONFIG_OPEN_BY_HANDLE) +=  virtio-9p-handle.o
 common-obj-y += virtio-9p-proxy.o
diff --git a/hw/9pfs/codir.c b/hw/9pfs/codir.c
index ec9cc7fb274a..5a4f74d3e069 100644
--- a/hw/9pfs/codir.c
+++ b/hw/9pfs/codir.c
@@ -15,7 +15,7 @@
 #include "fsdev/qemu-fsdev.h"
 #include "qemu/thread.h"
 #include "qemu/coroutine.h"
-#include "virtio-9p-coth.h"
+#include "coth.h"
 
 int v9fs_co_readdir_r(V9fsPDU *pdu, V9fsFidState *fidp, struct dirent *dent,
   struct dirent **result)
diff --git a/hw/9pfs/cofile.c b/hw/9pfs/cofile.c
index 7cb55ee93a4f..893df2c42247 100644
--- a/hw/9pfs/cofile.c
+++ b/hw/9pfs/cofile.c
@@ -15,7 +15,7 @@
 #include "fsdev/qemu-fsdev.h"
 #include "qemu/thread.h"
 #include "qemu/coroutine.h"
-#include "virtio-9p-coth.h"
+#include "coth.h"
 
 int v9fs_co_st_gen(V9fsPDU *pdu, V9fsPath *path, mode_t st_mode,
V9fsStatDotl *v9stat)
diff --git a/hw/9pfs/cofs.c b/hw/9pfs/cofs.c
index e1953a9aa180..7b4202bd7728 100644
--- a/hw/9pfs/cofs.c
+++ b/hw/9pfs/cofs.c
@@ -15,7 +15,7 @@
 #include "fsdev/qemu-fsdev.h"
 #include "qemu/thread.h"
 #include "qemu/coroutine.h"
-#include "virtio-9p-coth.h"
+#include "coth.h"
 
 static ssize_t __readlink(V9fsState *s, V9fsPath *path, V9fsString *buf)
 {
diff --git a/hw/9pfs/virtio-9p-coth.c b/hw/9pfs/coth.c
similarity index 95%
rename from hw/9pfs/virtio-9p-coth.c
rename to hw/9pfs/coth.c
index ab9425c60fd2..56772d66be89 100644
--- a/hw/9pfs/virtio-9p-coth.c
+++ b/hw/9pfs/coth.c
@@ -1,5 +1,5 @@
 /*
- * Virtio 9p backend
+ * 9p backend
  *
  * Copyright IBM, Corp. 2010
  *
@@ -16,7 +16,7 @@
 #include "block/thread-pool.h"
 #include "qemu/coroutine.h"
 #include "qemu/main-loop.h"
-#include "virtio-9p-coth.h"
+#include "coth.h"
 
 /* Called from QEMU I/O thread.  */
 static void coroutine_enter_cb(void *opaque, int ret)
diff --git a/hw/9pfs/virtio-9p-coth.h b/hw/9pfs/coth.h
similarity index 98%
rename from hw/9pfs/virtio-9p-coth.h
rename to hw/9pfs/coth.h
index 4ac1aaf90292..209fc6a9afbc 100644
--- a/hw/9pfs/virtio-9p-coth.h
+++ b/hw/9pfs/coth.h
@@ -1,5 +1,5 @@
 /*
- * Virtio 9p backend
+ * 9p backend
  *
  * Copyright IBM, Corp. 2010
  *
@@ -12,8 +12,8 @@
  *
  */
 
-#ifndef _QEMU_VIRTIO_9P_COTH_H
-#define _QEMU_VIRTIO_9P_COTH_H
+#ifndef _QEMU_9P_COTH_H
+#define _QEMU_9P_COTH_H
 
 #include "qemu/thread.h"
 #include "qemu/coroutine.h"
diff --git a/hw/9pfs/coxattr.c b/hw/9pfs/coxattr.c
index 55c0d231cb65..0590cbf5c7c8 100644
--- a/hw/9pfs/coxattr.c
+++ b/hw/9pfs/coxattr.c
@@ -15,7 +15,7 @@
 #include "fsdev/qemu-fsdev.h"
 #include "qemu/thread.h"
 #include "qemu/coroutine.h"
-#include "virtio-9p-coth.h"
+#include "coth.h"
 
 int v9fs_co_llistxattr(V9fsPDU *pdu, V9fsPath *path, void *value, size_t size)
 {
diff --git a/hw/9pfs/virtio-9p-device.c b/hw/9pfs/virtio-9p-device.c
index b42d3b30a027..667b54aeb829 100644
--- a/hw/9pfs/virtio-9p-device.c
+++ b/hw/9pfs/virtio-9p-device.c
@@ -18,7 +18,7 @@
 #include "virtio-9p.h"
 #include "fsdev/qemu-fsdev.h"
 #include "virtio-9p-xattr.h"
-#include "virtio-9p-coth.h"
+#include "coth.h"
 #include "hw/virtio/virtio-access.h"
 
 static uint64_t virtio_9p_get_features(VirtIODevice *vdev, uint64_t features,
diff --git a/hw/9pfs/virtio-9p.c b/hw/9pfs/virtio-9p.c
index f972731f5a8d..0f178dec32f3 100644
--- a/hw/9pfs/virtio-9p.c
+++ b/hw/9pfs/virtio-9p.c
@@ -19,7 +19,7 @@
 #include "virtio-9p.h"
 #include "fsdev/qemu-fsdev.h"
 #include "virtio-9p-xattr.h"
-#include "virtio-9p-coth.h"
+#include "coth.h"
 #include "trace.h"
 #include "migration/migration.h"
 
-- 
2.5.0

[Qemu-devel] [PATCH 12/25] 9pfs: PDU processing functions don't need to take V9fsState as argument

[Aneesh Kumar K.V]

From: Wei Liu 

V9fsState can be referenced by pdu->s. Initialise that in device
realization function.

Signed-off-by: Wei Liu 
Signed-off-by: Aneesh Kumar K.V 
---
 hw/9pfs/virtio-9p-device.c |  1 +
 hw/9pfs/virtio-9p.c| 98 +-
 2 files changed, 46 insertions(+), 53 deletions(-)

diff --git a/hw/9pfs/virtio-9p-device.c b/hw/9pfs/virtio-9p-device.c
index 885b94068355..f3091cc813e7 100644
--- a/hw/9pfs/virtio-9p-device.c
+++ b/hw/9pfs/virtio-9p-device.c
@@ -69,6 +69,7 @@ static void virtio_9p_device_realize(DeviceState *dev, Error 
**errp)
 QLIST_INIT(>active_list);
 for (i = 0; i < (MAX_REQ - 1); i++) {
 QLIST_INSERT_HEAD(>free_list, >pdus[i], next);
+s->pdus[i].s = s;
 }
 
 s->vq = virtio_add_queue(vdev, MAX_REQ, handle_9p_output);
diff --git a/hw/9pfs/virtio-9p.c b/hw/9pfs/virtio-9p.c
index 30ff82865ea4..0a016dc11a7c 100644
--- a/hw/9pfs/virtio-9p.c
+++ b/hw/9pfs/virtio-9p.c
@@ -575,9 +575,10 @@ static V9fsPDU *alloc_pdu(V9fsState *s)
 return pdu;
 }
 
-static void free_pdu(V9fsState *s, V9fsPDU *pdu)
+static void free_pdu(V9fsPDU *pdu)
 {
 if (pdu) {
+V9fsState *s = pdu->s;
 /*
  * Cancelled pdu are added back to the freelist
  * by flush request .
@@ -594,9 +595,10 @@ static void free_pdu(V9fsState *s, V9fsPDU *pdu)
  * because we always expect to have enough space to encode
  * error details
  */
-static void complete_pdu(V9fsState *s, V9fsPDU *pdu, ssize_t len)
+static void complete_pdu(V9fsPDU *pdu, ssize_t len)
 {
 int8_t id = pdu->id + 1; /* Response */
+V9fsState *s = pdu->s;
 
 if (len < 0) {
 int err = -len;
@@ -636,7 +638,7 @@ static void complete_pdu(V9fsState *s, V9fsPDU *pdu, 
ssize_t len)
 /* Now wakeup anybody waiting in flush for this request */
 qemu_co_queue_next(>complete);
 
-free_pdu(s, pdu);
+free_pdu(pdu);
 }
 
 static mode_t v9mode_to_mode(uint32_t mode, V9fsString *extension)
@@ -931,7 +933,7 @@ static void v9fs_version(void *opaque)
 offset += err;
 trace_v9fs_version_return(pdu->tag, pdu->id, s->msize, version.data);
 out:
-complete_pdu(s, pdu, offset);
+complete_pdu(pdu, offset);
 v9fs_string_free();
 }
 
@@ -995,7 +997,7 @@ static void v9fs_attach(void *opaque)
 out:
 put_fid(pdu, fidp);
 out_nofid:
-complete_pdu(s, pdu, err);
+complete_pdu(pdu, err);
 v9fs_string_free();
 v9fs_string_free();
 }
@@ -1009,7 +1011,6 @@ static void v9fs_stat(void *opaque)
 struct stat stbuf;
 V9fsFidState *fidp;
 V9fsPDU *pdu = opaque;
-V9fsState *s = pdu->s;
 
 err = pdu_unmarshal(pdu, offset, "d", );
 if (err < 0) {
@@ -1042,7 +1043,7 @@ static void v9fs_stat(void *opaque)
 out:
 put_fid(pdu, fidp);
 out_nofid:
-complete_pdu(s, pdu, err);
+complete_pdu(pdu, err);
 }
 
 static void v9fs_getattr(void *opaque)
@@ -1105,7 +1106,7 @@ static void v9fs_getattr(void *opaque)
 out:
 put_fid(pdu, fidp);
 out_nofid:
-complete_pdu(s, pdu, retval);
+complete_pdu(pdu, retval);
 }
 
 /* Attribute flags */
@@ -1129,7 +1130,6 @@ static void v9fs_setattr(void *opaque)
 size_t offset = 7;
 V9fsIattr v9iattr;
 V9fsPDU *pdu = opaque;
-V9fsState *s = pdu->s;
 
 err = pdu_unmarshal(pdu, offset, "dI", , );
 if (err < 0) {
@@ -1203,7 +1203,7 @@ static void v9fs_setattr(void *opaque)
 out:
 put_fid(pdu, fidp);
 out_nofid:
-complete_pdu(s, pdu, err);
+complete_pdu(pdu, err);
 }
 
 static int v9fs_walk_marshal(V9fsPDU *pdu, uint16_t nwnames, V9fsQID *qids)
@@ -1245,7 +1245,7 @@ static void v9fs_walk(void *opaque)
 
 err = pdu_unmarshal(pdu, offset, "ddw", , , );
 if (err < 0) {
-complete_pdu(s, pdu, err);
+complete_pdu(pdu, err);
 return ;
 }
 offset += err;
@@ -1313,7 +1313,7 @@ out:
 v9fs_path_free();
 v9fs_path_free();
 out_nofid:
-complete_pdu(s, pdu, err);
+complete_pdu(pdu, err);
 if (nwnames && nwnames <= P9_MAXWELEM) {
 for (name_idx = 0; name_idx < nwnames; name_idx++) {
 v9fs_string_free([name_idx]);
@@ -1430,7 +1430,7 @@ static void v9fs_open(void *opaque)
 out:
 put_fid(pdu, fidp);
 out_nofid:
-complete_pdu(s, pdu, err);
+complete_pdu(pdu, err);
 }
 
 static void v9fs_lcreate(void *opaque)
@@ -1487,7 +1487,7 @@ static void v9fs_lcreate(void *opaque)
 out:
 put_fid(pdu, fidp);
 out_nofid:
-complete_pdu(pdu->s, pdu, err);
+complete_pdu(pdu, err);
 v9fs_string_free();
 }
 
@@ -1499,7 +1499,6 @@ static void v9fs_fsync(void *opaque)
 size_t offset = 7;
 V9fsFidState *fidp;
 V9fsPDU *pdu = opaque;
-V9fsState *s = pdu->s;
 
 err = pdu_unmarshal(pdu, offset, "dd", , );
 if (err < 0) {
@@ -1518,7 +1517,7 @@ static void v9fs_fsync(void *opaque)
 }
 put_fid(pdu, fidp);
 out_nofid:
-complete_pdu(s, pdu, err);
+

[Qemu-devel] [PATCH 08/25] 9pfs: merge hw/virtio/virtio-9p.h into hw/9pfs/virtio-9p.h

[Aneesh Kumar K.V]

From: Wei Liu 

The deleted file only contained V9fsConf which wasn't virtio specific.
Merge that to the general header of 9pfs.

Fixed header inclusions as I went along.

Signed-off-by: Wei Liu 
Signed-off-by: Aneesh Kumar K.V 
---
 hw/9pfs/virtio-9p-device.c|  1 -
 hw/9pfs/virtio-9p.h   |  8 +++-
 hw/virtio/virtio-pci.h|  1 -
 include/hw/virtio/virtio-9p.h | 24 
 4 files changed, 7 insertions(+), 27 deletions(-)
 delete mode 100644 include/hw/virtio/virtio-9p.h

diff --git a/hw/9pfs/virtio-9p-device.c b/hw/9pfs/virtio-9p-device.c
index 92ac19b24b83..885b94068355 100644
--- a/hw/9pfs/virtio-9p-device.c
+++ b/hw/9pfs/virtio-9p-device.c
@@ -12,7 +12,6 @@
  */
 
 #include "hw/virtio/virtio.h"
-#include "hw/virtio/virtio-9p.h"
 #include "hw/i386/pc.h"
 #include "qemu/sockets.h"
 #include "virtio-9p.h"
diff --git a/hw/9pfs/virtio-9p.h b/hw/9pfs/virtio-9p.h
index d7a4dc1e9ad7..ac4cb006b30e 100644
--- a/hw/9pfs/virtio-9p.h
+++ b/hw/9pfs/virtio-9p.h
@@ -9,7 +9,6 @@
 #include 
 #include "standard-headers/linux/virtio_9p.h"
 #include "hw/virtio/virtio.h"
-#include "hw/virtio/virtio-9p.h"
 #include "fsdev/file-op-9p.h"
 #include "fsdev/virtio-9p-marshal.h"
 #include "qemu/thread.h"
@@ -156,6 +155,13 @@ enum {
 P9_FID_XATTR,
 };
 
+typedef struct V9fsConf
+{
+/* tag name for the device */
+char *tag;
+char *fsdev_id;
+} V9fsConf;
+
 typedef struct V9fsXattr
 {
 int64_t copied_len;
diff --git a/hw/virtio/virtio-pci.h b/hw/virtio/virtio-pci.h
index a104ff20729b..7cf597461b94 100644
--- a/hw/virtio/virtio-pci.h
+++ b/hw/virtio/virtio-pci.h
@@ -23,7 +23,6 @@
 #include "hw/virtio/virtio-scsi.h"
 #include "hw/virtio/virtio-balloon.h"
 #include "hw/virtio/virtio-bus.h"
-#include "hw/virtio/virtio-9p.h"
 #include "hw/virtio/virtio-input.h"
 #include "hw/virtio/virtio-gpu.h"
 #ifdef CONFIG_VIRTFS
diff --git a/include/hw/virtio/virtio-9p.h b/include/hw/virtio/virtio-9p.h
deleted file mode 100644
index 65789db1317f..
--- a/include/hw/virtio/virtio-9p.h
+++ /dev/null
@@ -1,24 +0,0 @@
-/*
- * Virtio 9p
- *
- * Copyright IBM, Corp. 2010
- *
- * Authors:
- *  Aneesh Kumar K.V 
- *
- * This work is licensed under the terms of the GNU GPL, version 2.  See
- * the COPYING file in the top-level directory.
- *
- */
-
-#ifndef QEMU_VIRTIO_9P_DEVICE_H
-#define QEMU_VIRTIO_9P_DEVICE_H
-
-typedef struct V9fsConf
-{
-/* tag name for the device */
-char *tag;
-char *fsdev_id;
-} V9fsConf;
-
-#endif
-- 
2.5.0

[Qemu-devel] [PATCH 22/25] 9pfs: rename virtio_9p_set_fd_limit to use v9fs_ prefix

[Aneesh Kumar K.V]

From: Wei Liu 

It's not virtio specific.

Signed-off-by: Wei Liu 
---
 hw/9pfs/virtio-9p.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/hw/9pfs/virtio-9p.c b/hw/9pfs/virtio-9p.c
index 7fb05240987e..379fdcb2fe86 100644
--- a/hw/9pfs/virtio-9p.c
+++ b/hw/9pfs/virtio-9p.c
@@ -3266,7 +3266,7 @@ void pdu_submit(V9fsPDU *pdu)
 qemu_coroutine_enter(co, pdu);
 }
 
-static void __attribute__((__constructor__)) virtio_9p_set_fd_limit(void)
+static void __attribute__((__constructor__)) v9fs_set_fd_limit(void)
 {
 struct rlimit rlim;
 if (getrlimit(RLIMIT_NOFILE, ) < 0) {
-- 
2.5.0

Re: [Qemu-devel] [PATCH] net/vmxnet3: trace support for register access

[Dmitry Fleytman]

> On 12 Jan 2016, at 04:38 AM, Miao Yan  wrote:
> 
> Turning debug printfs to trace points for register access

Hello Miao!

While I’m into adding trace points I don’t really like the decrease of logs 
usability introduced by this patch.
Current code produces clear human readable log that allows to trace execution 
without looking into tables of commands and BAR layout.

I’d say that every printout you removed should be replaced with a trace point.

Thanks,
Dmitry

> 
> Signed-off-by: Miao Yan 
> ---
> hw/net/vmxnet3.c | 68 +---
> trace-events |  6 +
> 2 files changed, 16 insertions(+), 58 deletions(-)
> 
> diff --git a/hw/net/vmxnet3.c b/hw/net/vmxnet3.c
> index 67abad3..e089037 100644
> --- a/hw/net/vmxnet3.c
> +++ b/hw/net/vmxnet3.c
> @@ -32,6 +32,8 @@
> #include "vmxnet_tx_pkt.h"
> #include "vmxnet_rx_pkt.h"
> 
> +#include "trace.h"
> +
> #define PCI_DEVICE_ID_VMWARE_VMXNET3_REVISION 0x1
> #define VMXNET3_MSIX_BAR_SIZE 0x2000
> #define MIN_BUF_SIZE 60
> @@ -1157,6 +1159,8 @@ vmxnet3_io_bar0_write(void *opaque, hwaddr addr,
> {
> VMXNET3State *s = opaque;
> 
> +trace_vmxnet3_bar0_write(opaque, addr, val);
> +
> if (VMW_IS_MULTIREG_ADDR(addr, VMXNET3_REG_TXPROD,
> VMXNET3_DEVICE_MAX_TX_QUEUES, VMXNET3_REG_ALIGN)) {
> int tx_queue_idx =
> @@ -1171,9 +1175,6 @@ vmxnet3_io_bar0_write(void *opaque, hwaddr addr,
> VMXNET3_MAX_INTRS, VMXNET3_REG_ALIGN)) {
> int l = VMW_MULTIREG_IDX_BY_ADDR(addr, VMXNET3_REG_IMR,
>  VMXNET3_REG_ALIGN);
> -
> -VMW_CBPRN("Interrupt mask for line %d written: 0x%" PRIx64, l, val);
> -
> vmxnet3_on_interrupt_mask_changed(s, l, val);
> return;
> }
> @@ -1184,9 +1185,6 @@ vmxnet3_io_bar0_write(void *opaque, hwaddr addr,
> VMXNET3_DEVICE_MAX_RX_QUEUES, VMXNET3_REG_ALIGN)) {
> return;
> }
> -
> -VMW_WRPRN("BAR0 unknown write [%" PRIx64 "] = %" PRIx64 ", size %d",
> -  (uint64_t) addr, val, size);
> }
> 
> static uint64_t
> @@ -1201,7 +1199,8 @@ vmxnet3_io_bar0_read(void *opaque, hwaddr addr, 
> unsigned size)
> return s->interrupt_states[l].is_masked;
> }
> 
> -VMW_CBPRN("BAR0 unknown read [%" PRIx64 "], size %d", addr, size);
> +trace_vmxnet3_bar0_read(opaque, addr, 0);
> +
> return 0;
> }
> 
> @@ -1315,7 +1314,6 @@ static void vmxnet3_setup_rx_filtering(VMXNET3State *s)
> static uint32_t vmxnet3_get_interrupt_config(VMXNET3State *s)
> {
> uint32_t interrupt_mode = VMXNET3_IT_AUTO | (VMXNET3_IMM_AUTO << 2);
> -VMW_CFPRN("Interrupt config is 0x%X", interrupt_mode);
> return interrupt_mode;
> }
> 
> @@ -1614,85 +1612,66 @@ static void vmxnet3_handle_command(VMXNET3State *s, 
> uint64_t cmd)
> 
> switch (cmd) {
> case VMXNET3_CMD_GET_PERM_MAC_HI:
> -VMW_CBPRN("Set: Get upper part of permanent MAC");
> break;
> 
> case VMXNET3_CMD_GET_PERM_MAC_LO:
> -VMW_CBPRN("Set: Get lower part of permanent MAC");
> break;
> 
> case VMXNET3_CMD_GET_STATS:
> -VMW_CBPRN("Set: Get device statistics");
> vmxnet3_fill_stats(s);
> break;
> 
> case VMXNET3_CMD_ACTIVATE_DEV:
> -VMW_CBPRN("Set: Activating vmxnet3 device");
> vmxnet3_activate_device(s);
> break;
> 
> case VMXNET3_CMD_UPDATE_RX_MODE:
> -VMW_CBPRN("Set: Update rx mode");
> vmxnet3_update_rx_mode(s);
> break;
> 
> case VMXNET3_CMD_UPDATE_VLAN_FILTERS:
> -VMW_CBPRN("Set: Update VLAN filters");
> vmxnet3_update_vlan_filters(s);
> break;
> 
> case VMXNET3_CMD_UPDATE_MAC_FILTERS:
> -VMW_CBPRN("Set: Update MAC filters");
> vmxnet3_update_mcast_filters(s);
> break;
> 
> case VMXNET3_CMD_UPDATE_FEATURE:
> -VMW_CBPRN("Set: Update features");
> vmxnet3_update_features(s);
> break;
> 
> case VMXNET3_CMD_UPDATE_PMCFG:
> -VMW_CBPRN("Set: Update power management config");
> vmxnet3_update_pm_state(s);
> break;
> 
> case VMXNET3_CMD_GET_LINK:
> -VMW_CBPRN("Set: Get link");
> break;
> 
> case VMXNET3_CMD_RESET_DEV:
> -VMW_CBPRN("Set: Reset device");
> vmxnet3_reset(s);
> break;
> 
> case VMXNET3_CMD_QUIESCE_DEV:
> -VMW_CBPRN("Set: VMXNET3_CMD_QUIESCE_DEV - deactivate the device");
> vmxnet3_deactivate_device(s);
> break;
> 
> case VMXNET3_CMD_GET_CONF_INTR:
> -VMW_CBPRN("Set: VMXNET3_CMD_GET_CONF_INTR - interrupt 
> configuration");
> break;
> 
> case VMXNET3_CMD_GET_ADAPTIVE_RING_INFO:
> -VMW_CBPRN("Set: VMXNET3_CMD_GET_ADAPTIVE_RING_INFO - "
> -  "adaptive ring info flags");
> break;
> 
> case VMXNET3_CMD_GET_DID_LO:
> -VMW_CBPRN("Set: Get lower part 

Re: [Qemu-devel] [PATCH] PCI: add param check for api

[Cao jin]

Thanks for your time. I almost forget this one...

On 01/11/2016 05:20 PM, Paolo Bonzini wrote:



On 11/01/2016 09:32, Michael Tokarev wrote:


+assert(size > 0);
+assert(offset >= PCI_CONFIG_HEADER_SIZE || !offset);
+

I'd like to see some ACKs/Reviews for this one, in particular why
size should be != 0.


In fact it should be >= 2, because two bytes are always written below:

 config = pdev->config + offset;
 config[PCI_CAP_LIST_ID] = cap_id;
 config[PCI_CAP_LIST_NEXT] = pdev->config[PCI_CAPABILITY_LIST];


Also either move offset assert to the below
"else" clause or rewrite it to be offset == 0 instead if !offset :)


Good idea to move it below, or even to add

 assert(offset >= PCI_CONFIG_HEADER_SIZE);

after the "if", before the "config" assignment.

Paolo




Seems I missed that offset == 0 will lead to find a suitable space in 
pci_find_space, and ensure offset >= PCI_CONFIG_HEADER_SIZE. sorry for 
the carelessness mistake.


According to the spec(PCI local spec, chapter 6.3), capability structure 
should be at DWORD boundary and DWORD aligned, so in both 
condition(if...else...), it should follow the spec


if offset == 0, with following line[*], seems it is ok with align issue.

[*] memset(pdev->used + offset, 0xFF, QEMU_ALIGN_UP(size, 4));

The else-branch should ensure these too.

Another little question, shouldn`t we check size at first by:

   assert((size % 4) && (size > 0))  ?

I think if caller ensure the effective param maybe it is easier to read, 
so how about following:


diff --git a/hw/pci/pci.c b/hw/pci/pci.c
index 168b9cc..47cb509 100644
--- a/hw/pci/pci.c
+++ b/hw/pci/pci.c
@@ -2144,6 +2144,8 @@ int pci_add_capability2(PCIDevice *pdev, uint8_t 
cap_id,

 uint8_t *config;
 int i, overlapping_cap;

+assert(!(size % 4) && (size > 0));
+
 if (!offset) {
 offset = pci_find_space(pdev, size);
 if (!offset) {
@@ -2155,6 +2157,7 @@ int pci_add_capability2(PCIDevice *pdev, uint8_t 
cap_id,

  * depends on this check to verify that the device is not broken.
  * Should never trigger for emulated devices, but it's helpful
  * for debugging these. */
+assert(!(offset % 4));
 for (i = offset; i < offset + size; i++) {
 overlapping_cap = pci_find_capability_at_offset(pdev, i);
 if (overlapping_cap) {
@@ -2174,7 +2177,7 @@ int pci_add_capability2(PCIDevice *pdev, uint8_t 
cap_id,

 config[PCI_CAP_LIST_NEXT] = pdev->config[PCI_CAPABILITY_LIST];
 pdev->config[PCI_CAPABILITY_LIST] = offset;
 pdev->config[PCI_STATUS] |= PCI_STATUS_CAP_LIST;
-memset(pdev->used + offset, 0xFF, QEMU_ALIGN_UP(size, 4));
+memset(pdev->used + offset, 0xFF, size);
 /* Make capability read-only by default */
 memset(pdev->wmask + offset, 0, size);
 /* Check capability by default */

--
Yours Sincerely,

Cao jin

Re: [Qemu-devel] [PATCH v1] kvm/x86: Hyper-V tsc page setup

[Andrey Smetanin]

ping
On 12/24/2015 12:33 PM, Andrey Smetanin wrote:

Lately tsc page was implemented but filled with empty
values. This patch setup tsc page scale and offset based
on vcpu tsc, tsc_khz and  HV_X64_MSR_TIME_REF_COUNT value.

The valid tsc page drops HV_X64_MSR_TIME_REF_COUNT msr
reads count to zero which potentially improves performance.

The patch applies on top of
'kvm: Make vcpu->requests as 64 bit bitmap'
previously sent.

Signed-off-by: Andrey Smetanin 
CC: Paolo Bonzini 
CC: Gleb Natapov 
CC: Roman Kagan 
CC: Denis V. Lunev 
CC: qemu-devel@nongnu.org

---
  arch/x86/kvm/hyperv.c| 117 +--
  arch/x86/kvm/hyperv.h|   2 +
  arch/x86/kvm/x86.c   |  12 +
  include/linux/kvm_host.h |   1 +
  4 files changed, 117 insertions(+), 15 deletions(-)

diff --git a/arch/x86/kvm/hyperv.c b/arch/x86/kvm/hyperv.c
index d50675a..504fdc7 100644
--- a/arch/x86/kvm/hyperv.c
+++ b/arch/x86/kvm/hyperv.c
@@ -753,6 +753,105 @@ static int kvm_hv_msr_set_crash_data(struct kvm_vcpu 
*vcpu,
return 0;
  }
  
+static u64 calc_tsc_page_scale(u32 tsc_khz)

+{
+   /*
+* reftime (in 100ns) = tsc * tsc_scale / 2^64 + tsc_offset
+* so reftime_delta = (tsc_delta * tsc_scale) / 2^64
+* so tsc_scale = (2^64 * reftime_delta)/tsc_delta
+* so tsc_scale = (2^64 * 10 * 10^6) / tsc_hz = (2^64 * 1) / tsc_khz
+* so tsc_scale = (2^63 * 2 * 1) / tsc_khz
+*/
+   return mul_u64_u32_div(1ULL << 63, 2 * 1, tsc_khz);
+}
+
+static int write_tsc_page(struct kvm *kvm, u64 gfn,
+ PHV_REFERENCE_TSC_PAGE tsc_ref)
+{
+   if (kvm_write_guest(kvm, gfn_to_gpa(gfn),
+   tsc_ref, sizeof(*tsc_ref)))
+   return 1;
+   mark_page_dirty(kvm, gfn);
+   return 0;
+}
+
+static int read_tsc_page(struct kvm *kvm, u64 gfn,
+PHV_REFERENCE_TSC_PAGE tsc_ref)
+{
+   if (kvm_read_guest(kvm, gfn_to_gpa(gfn),
+  tsc_ref, sizeof(*tsc_ref)))
+   return 1;
+   return 0;
+}
+
+static u64 calc_tsc_page_time(struct kvm_vcpu *vcpu,
+ PHV_REFERENCE_TSC_PAGE tsc_ref)
+{
+
+   u64 tsc = kvm_read_l1_tsc(vcpu, rdtsc());
+
+   return mul_u64_u64_shr(tsc, tsc_ref->tsc_scale, 64)
+   + tsc_ref->tsc_offset;
+}
+
+static int setup_blank_tsc_page(struct kvm_vcpu *vcpu, u64 gfn)
+{
+   HV_REFERENCE_TSC_PAGE tsc_ref;
+
+   memset(_ref, 0, sizeof(tsc_ref));
+   return write_tsc_page(vcpu->kvm, gfn, _ref);
+}
+
+int kvm_hv_setup_tsc_page(struct kvm_vcpu *vcpu)
+{
+   struct kvm *kvm = vcpu->kvm;
+   struct kvm_hv *hv = >arch.hyperv;
+   HV_REFERENCE_TSC_PAGE tsc_ref;
+   u32 tsc_khz;
+   int r;
+   u64 gfn, ref_time, tsc_scale, tsc_offset, tsc;
+
+   if (WARN_ON_ONCE(!(hv->hv_tsc_page & HV_X64_MSR_TSC_REFERENCE_ENABLE)))
+   return -EINVAL;
+
+   gfn = hv->hv_tsc_page >> HV_X64_MSR_TSC_REFERENCE_ADDRESS_SHIFT;
+   vcpu_debug(vcpu, "tsc page gfn 0x%llx\n", gfn);
+
+   tsc_khz = vcpu->arch.virtual_tsc_khz;
+   if (!tsc_khz) {
+   vcpu_unimpl(vcpu, "no tsc khz\n");
+   return setup_blank_tsc_page(vcpu, gfn);
+   }
+
+   r = read_tsc_page(kvm, gfn, _ref);
+   if (r) {
+   vcpu_err(vcpu, "can't access tsc page gfn 0x%llx\n", gfn);
+   return r;
+   }
+
+   tsc_scale = calc_tsc_page_scale(tsc_khz);
+   ref_time = get_time_ref_counter(kvm);
+   tsc = kvm_read_l1_tsc(vcpu, rdtsc());
+
+   /* tsc_offset = reftime - tsc * tsc_scale / 2^64 */
+   tsc_offset = ref_time - mul_u64_u64_shr(tsc, tsc_scale, 64);
+   vcpu_debug(vcpu, "tsc khz %u tsc %llu scale %llu offset %llu\n",
+  tsc_khz, tsc, tsc_scale, tsc_offset);
+
+   tsc_ref.tsc_sequence++;
+   if (tsc_ref.tsc_sequence == 0)
+   tsc_ref.tsc_sequence = 1;
+
+   tsc_ref.tsc_scale = tsc_scale;
+   tsc_ref.tsc_offset = tsc_offset;
+
+   vcpu_debug(vcpu, "tsc page calibration time %llu vs. reftime %llu\n",
+  calc_tsc_page_time(vcpu, _ref),
+  get_time_ref_counter(kvm));
+
+   return write_tsc_page(kvm, gfn, _ref);
+}
+
  static int kvm_hv_set_msr_pw(struct kvm_vcpu *vcpu, u32 msr, u64 data,
 bool host)
  {
@@ -790,23 +889,11 @@ static int kvm_hv_set_msr_pw(struct kvm_vcpu *vcpu, u32 
msr, u64 data,
mark_page_dirty(kvm, gfn);
break;
}
-   case HV_X64_MSR_REFERENCE_TSC: {
-   u64 gfn;
-   HV_REFERENCE_TSC_PAGE tsc_ref;
-
-   memset(_ref, 0, sizeof(tsc_ref));
+   case HV_X64_MSR_REFERENCE_TSC:
hv->hv_tsc_page = data;
-   if (!(data & HV_X64_MSR_TSC_REFERENCE_ENABLE))
- 

Re: [Qemu-devel] [PATCH] net/vmxnet3: trace support for register access

[Dmitry Fleytman]

> On 12 Jan 2016, at 09:23 AM, Miao Yan  wrote:
> 
> Hi Dmitry,
> 
> 2016-01-12 14:43 GMT+08:00 Dmitry Fleytman :
>> 
>>> On 12 Jan 2016, at 04:38 AM, Miao Yan  wrote:
>>> 
>>> Turning debug printfs to trace points for register access
>> 
>> Hello Miao!
>> 
>> While I’m into adding trace points I don’t really like the decrease of logs 
>> usability introduced by this patch.
> 
> How about I add trace point and keep those debug logs ?

I’d prefer the complete solution i.e. to replace all printouts with traces. 
Otherwise it doesn’t make much sense.

> 
>> Current code produces clear human readable log that allows to trace 
>> execution without looking into tables of commands and BAR layout.
>> 
>> I’d say that every printout you removed should be replaced with a trace 
>> point.
> 
> The printfs that I removed are only for register accesses, which are already
> covered by trace. I didn't touch others in the code flow.

I understand this. My point is that generic trace is less readable than a 
number of specific ones, so do not drop specific printouts, convert those to 
trace points.

> 
> Thanks,
> Miao
> 
> 
>> 
>> Thanks,
>> Dmitry
>> 
>>> 
>>> Signed-off-by: Miao Yan 
>>> ---
>>> hw/net/vmxnet3.c | 68 
>>> +---
>>> trace-events |  6 +
>>> 2 files changed, 16 insertions(+), 58 deletions(-)
>>> 
>>> diff --git a/hw/net/vmxnet3.c b/hw/net/vmxnet3.c
>>> index 67abad3..e089037 100644
>>> --- a/hw/net/vmxnet3.c
>>> +++ b/hw/net/vmxnet3.c
>>> @@ -32,6 +32,8 @@
>>> #include "vmxnet_tx_pkt.h"
>>> #include "vmxnet_rx_pkt.h"
>>> 
>>> +#include "trace.h"
>>> +
>>> #define PCI_DEVICE_ID_VMWARE_VMXNET3_REVISION 0x1
>>> #define VMXNET3_MSIX_BAR_SIZE 0x2000
>>> #define MIN_BUF_SIZE 60
>>> @@ -1157,6 +1159,8 @@ vmxnet3_io_bar0_write(void *opaque, hwaddr addr,
>>> {
>>>VMXNET3State *s = opaque;
>>> 
>>> +trace_vmxnet3_bar0_write(opaque, addr, val);
>>> +
>>>if (VMW_IS_MULTIREG_ADDR(addr, VMXNET3_REG_TXPROD,
>>>VMXNET3_DEVICE_MAX_TX_QUEUES, VMXNET3_REG_ALIGN)) {
>>>int tx_queue_idx =
>>> @@ -1171,9 +1175,6 @@ vmxnet3_io_bar0_write(void *opaque, hwaddr addr,
>>>VMXNET3_MAX_INTRS, VMXNET3_REG_ALIGN)) {
>>>int l = VMW_MULTIREG_IDX_BY_ADDR(addr, VMXNET3_REG_IMR,
>>> VMXNET3_REG_ALIGN);
>>> -
>>> -VMW_CBPRN("Interrupt mask for line %d written: 0x%" PRIx64, l, 
>>> val);
>>> -
>>>vmxnet3_on_interrupt_mask_changed(s, l, val);
>>>return;
>>>}
>>> @@ -1184,9 +1185,6 @@ vmxnet3_io_bar0_write(void *opaque, hwaddr addr,
>>>VMXNET3_DEVICE_MAX_RX_QUEUES, VMXNET3_REG_ALIGN)) {
>>>return;
>>>}
>>> -
>>> -VMW_WRPRN("BAR0 unknown write [%" PRIx64 "] = %" PRIx64 ", size %d",
>>> -  (uint64_t) addr, val, size);
>>> }
>>> 
>>> static uint64_t
>>> @@ -1201,7 +1199,8 @@ vmxnet3_io_bar0_read(void *opaque, hwaddr addr, 
>>> unsigned size)
>>>return s->interrupt_states[l].is_masked;
>>>}
>>> 
>>> -VMW_CBPRN("BAR0 unknown read [%" PRIx64 "], size %d", addr, size);
>>> +trace_vmxnet3_bar0_read(opaque, addr, 0);
>>> +
>>>return 0;
>>> }
>>> 
>>> @@ -1315,7 +1314,6 @@ static void vmxnet3_setup_rx_filtering(VMXNET3State 
>>> *s)
>>> static uint32_t vmxnet3_get_interrupt_config(VMXNET3State *s)
>>> {
>>>uint32_t interrupt_mode = VMXNET3_IT_AUTO | (VMXNET3_IMM_AUTO << 2);
>>> -VMW_CFPRN("Interrupt config is 0x%X", interrupt_mode);
>>>return interrupt_mode;
>>> }
>>> 
>>> @@ -1614,85 +1612,66 @@ static void vmxnet3_handle_command(VMXNET3State *s, 
>>> uint64_t cmd)
>>> 
>>>switch (cmd) {
>>>case VMXNET3_CMD_GET_PERM_MAC_HI:
>>> -VMW_CBPRN("Set: Get upper part of permanent MAC");
>>>break;
>>> 
>>>case VMXNET3_CMD_GET_PERM_MAC_LO:
>>> -VMW_CBPRN("Set: Get lower part of permanent MAC");
>>>break;
>>> 
>>>case VMXNET3_CMD_GET_STATS:
>>> -VMW_CBPRN("Set: Get device statistics");
>>>vmxnet3_fill_stats(s);
>>>break;
>>> 
>>>case VMXNET3_CMD_ACTIVATE_DEV:
>>> -VMW_CBPRN("Set: Activating vmxnet3 device");
>>>vmxnet3_activate_device(s);
>>>break;
>>> 
>>>case VMXNET3_CMD_UPDATE_RX_MODE:
>>> -VMW_CBPRN("Set: Update rx mode");
>>>vmxnet3_update_rx_mode(s);
>>>break;
>>> 
>>>case VMXNET3_CMD_UPDATE_VLAN_FILTERS:
>>> -VMW_CBPRN("Set: Update VLAN filters");
>>>vmxnet3_update_vlan_filters(s);
>>>break;
>>> 
>>>case VMXNET3_CMD_UPDATE_MAC_FILTERS:
>>> -VMW_CBPRN("Set: Update MAC filters");
>>>vmxnet3_update_mcast_filters(s);
>>>break;
>>> 
>>>case VMXNET3_CMD_UPDATE_FEATURE:
>>> -VMW_CBPRN("Set: Update features");
>>>vmxnet3_update_features(s);
>>>break;
>>> 
>>>case 

Re: [Qemu-devel] [PATCH 2/8] ipmi: add get and set SENSOR_TYPE commands

[Cédric Le Goater]

On 01/08/2016 09:23 PM, Corey Minyard wrote:
> Acked-by: Corey Minyard 
> 
> I agree with Greg's comments, too.

Me also. I will rework the code to use ARRAY_SIZE or something similar.

Thanks,

C.  

> -corey
> 
> On 01/05/2016 11:29 AM, Cédric Le Goater wrote:
>> Signed-off-by: Cédric Le Goater 
>> ---
>>   hw/ipmi/ipmi_bmc_sim.c | 51 
>> --
>>   1 file changed, 49 insertions(+), 2 deletions(-)
>>
>> diff --git a/hw/ipmi/ipmi_bmc_sim.c b/hw/ipmi/ipmi_bmc_sim.c
>> index 559e1398d669..061db8437479 100644
>> --- a/hw/ipmi/ipmi_bmc_sim.c
>> +++ b/hw/ipmi/ipmi_bmc_sim.c
>> @@ -37,13 +37,15 @@
>>   #define IPMI_CMD_CHASSIS_CONTROL  0x02
>> #define IPMI_NETFN_SENSOR_EVENT   0x04
>> -#define IPMI_NETFN_SENSOR_EVENT_MAXCMD0x2e
>> +#define IPMI_NETFN_SENSOR_EVENT_MAXCMD0x30
>> #define IPMI_CMD_SET_SENSOR_EVT_ENABLE0x28
>>   #define IPMI_CMD_GET_SENSOR_EVT_ENABLE0x29
>>   #define IPMI_CMD_REARM_SENSOR_EVTS0x2a
>>   #define IPMI_CMD_GET_SENSOR_EVT_STATUS0x2b
>>   #define IPMI_CMD_GET_SENSOR_READING   0x2d
>> +#define IPMI_CMD_SET_SENSOR_TYPE  0x2e
>> +#define IPMI_CMD_GET_SENSOR_TYPE  0x2f
>> /* #define IPMI_NETFN_APP 0x06 In ipmi.h */
>>   #define IPMI_NETFN_APP_MAXCMD 0x36
>> @@ -1576,6 +1578,49 @@ static void get_sensor_reading(IPMIBmcSim *ibs,
>>   return;
>>   }
>>   +static void set_sensor_type(IPMIBmcSim *ibs,
>> +   uint8_t *cmd, unsigned int cmd_len,
>> +   uint8_t *rsp, unsigned int *rsp_len,
>> +   unsigned int max_rsp_len)
>> +{
>> +IPMISensor *sens;
>> +
>> +
>> +IPMI_CHECK_CMD_LEN(5);
>> +if ((cmd[2] > MAX_SENSORS) ||
>> +!IPMI_SENSOR_GET_PRESENT(ibs->sensors + cmd[2])) {
>> +rsp[2] = IPMI_CC_REQ_ENTRY_NOT_PRESENT;
>> +goto out;
>> +}
>> +sens = ibs->sensors + cmd[2];
>> +sens->sensor_type = cmd[3];
>> +sens->evt_reading_type_code = cmd[4] & 0x7f;
>> +
>> + out:
>> +return;
>> +}
>> +
>> +static void get_sensor_type(IPMIBmcSim *ibs,
>> +   uint8_t *cmd, unsigned int cmd_len,
>> +   uint8_t *rsp, unsigned int *rsp_len,
>> +   unsigned int max_rsp_len)
>> +{
>> +IPMISensor *sens;
>> +
>> +
>> +IPMI_CHECK_CMD_LEN(3);
>> +if ((cmd[2] > MAX_SENSORS) ||
>> +!IPMI_SENSOR_GET_PRESENT(ibs->sensors + cmd[2])) {
>> +rsp[2] = IPMI_CC_REQ_ENTRY_NOT_PRESENT;
>> +goto out;
>> +}
>> +sens = ibs->sensors + cmd[2];
>> +IPMI_ADD_RSP_DATA(sens->sensor_type);
>> +IPMI_ADD_RSP_DATA(sens->evt_reading_type_code);
>> + out:
>> +return;
>> +}
>> +
>>   static const IPMICmdHandler chassis_cmds[IPMI_NETFN_CHASSIS_MAXCMD] = {
>>   [IPMI_CMD_GET_CHASSIS_CAPABILITIES] = chassis_capabilities,
>>   [IPMI_CMD_GET_CHASSIS_STATUS] = chassis_status,
>> @@ -1592,7 +1637,9 @@ sensor_event_cmds[IPMI_NETFN_SENSOR_EVENT_MAXCMD] = {
>>   [IPMI_CMD_GET_SENSOR_EVT_ENABLE] = get_sensor_evt_enable,
>>   [IPMI_CMD_REARM_SENSOR_EVTS] = rearm_sensor_evts,
>>   [IPMI_CMD_GET_SENSOR_EVT_STATUS] = get_sensor_evt_status,
>> -[IPMI_CMD_GET_SENSOR_READING] = get_sensor_reading
>> +[IPMI_CMD_GET_SENSOR_READING] = get_sensor_reading,
>> +[IPMI_CMD_SET_SENSOR_TYPE] = set_sensor_type,
>> +[IPMI_CMD_GET_SENSOR_TYPE] = get_sensor_type,
>>   };
>>   static const IPMINetfn sensor_event_netfn = {
>>   .cmd_nums = IPMI_NETFN_SENSOR_EVENT_MAXCMD,
> 

Re: [Qemu-devel] [PATCH 4/8] ipmi: add FRU support

[Cédric Le Goater]

Hello,

On 01/08/2016 08:41 PM, Corey Minyard wrote:
> On 01/05/2016 11:29 AM, Cédric Le Goater wrote:
>> This patch provides a simplistic FRU support for the IPMI BMC
>> simulator.  The FRU area contains 32 entries * 256 bytes which should
>> be enough to start some simulation.
>>
>> Signed-off-by: Cédric Le Goater 
>> ---
>>   hw/ipmi/ipmi_bmc_sim.c | 119 
>> +
>>   1 file changed, 119 insertions(+)
>>
>> diff --git a/hw/ipmi/ipmi_bmc_sim.c b/hw/ipmi/ipmi_bmc_sim.c
>> index 5db94491b130..60586a67104e 100644
>> --- a/hw/ipmi/ipmi_bmc_sim.c
>> +++ b/hw/ipmi/ipmi_bmc_sim.c
>> @@ -81,6 +81,9 @@
>>   #define IPMI_CMD_ENTER_SDR_REP_UPD_MODE   0x2A
>>   #define IPMI_CMD_EXIT_SDR_REP_UPD_MODE0x2B
>>   #define IPMI_CMD_RUN_INIT_AGENT   0x2C
>> +#define IPMI_CMD_GET_FRU_AREA_INFO0x10
>> +#define IPMI_CMD_READ_FRU_DATA0x11
>> +#define IPMI_CMD_WRITE_FRU_DATA   0x12
>>   #define IPMI_CMD_GET_SEL_INFO 0x40
>>   #define IPMI_CMD_GET_SEL_ALLOC_INFO   0x41
>>   #define IPMI_CMD_RESERVE_SEL  0x42
>> @@ -123,6 +126,14 @@ typedef struct IPMISdr {
>>   uint8_t overflow;
>>   } IPMISdr;
>>   +/* theoretically, the offset being 16bits, it should be 65536 */
>> +#define MAX_FRU_SIZE 256
>> +#define MAX_FRU_ID 32
>> +
>> +typedef struct IPMIFru {
>> +uint8_t data[MAX_FRU_SIZE][MAX_FRU_ID];
>> +} IPMIFru;
> 
> Instead of a static table like this, I think it would be better to make this 
> configurable somehow.  I say this because I've never seen a system with 32 
> FRU 
> devices on a BMC, but I've seen plenty with FRU data larger than 256 bytes.  
> By default, 1 FRU device with 2048 bytes is pretty reasonable, I think.
> 
> I'm not exactly sure the best way to make it configurable. 

I guess we can use an object property to configure the numbers of FRU devices 
and start with a minimum of 1.

> I assume that you 
> need your platform code to be able to provide that information, and it could 
> be passed in as BMC configuration parameters.  The ability to load the FRU 
> data at startup is probably also necessary.

I will see what API we can provide after doing the above.

Thanks,

C. 

> -corey
> 
>> +
>>   typedef struct IPMISensor {
>>   uint8_t status;
>>   uint8_t reading;
>> @@ -206,6 +217,7 @@ struct IPMIBmcSim {
>> IPMISel sel;
>>   IPMISdr sdr;
>> +IPMIFru fru;
>>   IPMISensor sensors[MAX_SENSORS];
>> /* Odd netfns are for responses, so we only need the even ones. */
>> @@ -1305,6 +1317,110 @@ static void get_sel_info(IPMIBmcSim *ibs,
>>   return;
>>   }
>>   +static void get_fru_area_info(IPMIBmcSim *ibs,
>> + uint8_t *cmd, unsigned int cmd_len,
>> + uint8_t *rsp, unsigned int *rsp_len,
>> + unsigned int max_rsp_len)
>> +{
>> +uint8_t fruid;
>> +uint16_t fru_entry_size;
>> +
>> +IPMI_CHECK_CMD_LEN(3);
>> +
>> +fruid = cmd[2];
>> +
>> +if (fruid > MAX_FRU_ID) {
>> +rsp[2] = IPMI_CC_INVALID_DATA_FIELD;
>> +goto out;
>> +}
>> +
>> +fru_entry_size = MAX_FRU_SIZE;
>> +
>> +IPMI_ADD_RSP_DATA(fru_entry_size & 0xff);
>> +IPMI_ADD_RSP_DATA(fru_entry_size >> 8 & 0xff);
>> +IPMI_ADD_RSP_DATA(0x0);
>> +out:
>> +return;
>> +}
>> +
>> +#define min(x, y) ((x) < (y) ? (x) : (y))
>> +#define max(x, y) ((x) > (y) ? (x) : (y))
>> +
>> +static void read_fru_data(IPMIBmcSim *ibs,
>> + uint8_t *cmd, unsigned int cmd_len,
>> + uint8_t *rsp, unsigned int *rsp_len,
>> + unsigned int max_rsp_len)
>> +{
>> +uint8_t fruid;
>> +uint16_t offset;
>> +int i;
>> +uint8_t *fru_entry;
>> +unsigned int count;
>> +
>> +IPMI_CHECK_CMD_LEN(5);
>> +
>> +fruid = cmd[2];
>> +offset = (cmd[3] | cmd[4] << 8);
>> +
>> +if (fruid > MAX_FRU_ID) {
>> +rsp[2] = IPMI_CC_INVALID_DATA_FIELD;
>> +goto out;
>> +}
>> +
>> +if (offset >= MAX_FRU_SIZE - 1) {
>> +rsp[2] = IPMI_CC_INVALID_DATA_FIELD;
>> +goto out;
>> +}
>> +
>> +fru_entry = ibs->fru.data[fruid];
>> +
>> +count = min(cmd[5], MAX_FRU_SIZE - offset);
>> +
>> +IPMI_ADD_RSP_DATA(count & 0xff);
>> +for (i = 0; i < count; i++) {
>> +IPMI_ADD_RSP_DATA(fru_entry[offset + i]);
>> +}
>> +
>> + out:
>> +return;
>> +}
>> +
>> +static void write_fru_data(IPMIBmcSim *ibs,
>> + uint8_t *cmd, unsigned int cmd_len,
>> + uint8_t *rsp, unsigned int *rsp_len,
>> + unsigned int max_rsp_len)
>> +{
>> +uint8_t fruid;
>> +uint16_t offset;
>> +uint8_t *fru_entry;
>> +unsigned int count;
>> +
>> +IPMI_CHECK_CMD_LEN(5);
>> +
>> +fruid = cmd[2];
>> +offset = (cmd[3] | cmd[4] << 8);
>> +
>> +if (fruid > MAX_FRU_ID) {
>> +rsp[2] = 

Re: [Qemu-devel] [RFC PATCH v2 00/10] Add colo-proxy based on netfilter

[Zhang Chen]

On 01/11/2016 08:59 PM, Dr. David Alan Gilbert wrote:

* Zhang Chen (zhangchen.f...@cn.fujitsu.com) wrote:


On 01/08/2016 07:19 PM, Dr. David Alan Gilbert wrote:

* Zhang Chen (zhangchen.f...@cn.fujitsu.com) wrote:

From: zhangchen 

Hi,all

This patch add an colo-proxy object, COLO-Proxy is a part of COLO,
based on qemu netfilter and it's a plugin for qemu netfilter. the function
keep Secondary VM connect normal to Primary VM and compare packets
sent by PVM to sent by SVM.if the packet difference,notify COLO do
checkpoint and send all primary packet has queued.

You can also get the series from:

https://github.com/zhangckid/qemu/tree/colo-v2.2-periodic-mode-with-colo-proxyV2

Are you sure that tag is correct? The series of commits doesn't seem to match
up with the set of commits posted.

Dave

Yes, it is. we have some code fix in other colo unrelated file.
in email, I just send colo related part.

That doesn't seem to be what's happening in that git tree.
For example, your patch '[RFC PATCH v2 01/10] Init colo-proxy object based on 
netfilter'
adds the colo-proxy object to qemu-options.hx, but in that git tree
it comes from Li Zhijian's 'add proxy prototype' patch.
If you're going to include a git link with a series then please
make sure it contains exactly the patches posted.
It's OK to add some more patches somewhere, e.g. on a different tag or
branch, but make sure the one that you post for the series matches
the series posted.

Dave



Make sense.
I have fix it.

https://github.com/zhangckid/qemu/tree/colo-v2.2-periodic-mode-with-colo-proxyV2

Thanks
zhangchen


zhangchen
Thanks for review


Usage:

primary:
-netdev tap,id=bn0 -device e1000,netdev=bn0
-object colo-proxy,id=f0,netdev=bn0,queue=all,mode=primary,addr=host:port

secondary:
-netdev tap,id=bn0 -device e1000,netdev=bn0
-object colo-proxy,id=f0,netdev=bn0,queue=all,mode=secondary,addr=host:port

NOTE:
queue must set "all". See enum NetFilterDirection for detail.
colo-proxy need queue all packets
colo-proxy V2 just can compare ip packet


## Background

COLO FT/HA (COarse-grain LOck-stepping Virtual Machines for Non-stop Service)
project is a high availability solution. Both Primary VM (PVM) and Secondary VM
(SVM) run in parallel. They receive the same request from client, and generate
responses in parallel too. If the response packets from PVM and SVM are
identical, they are released immediately. Otherwise, a VM checkpoint (on
demand)is conducted.

Paper:
http://www.socc2013.org/home/program/a3-dong.pdf?attredirects=0

COLO on Xen:
http://wiki.xen.org/wiki/COLO_-_Coarse_Grain_Lock_Stepping

COLO on Qemu/KVM:
http://wiki.qemu.org/Features/COLO

By the needs of capturing response packets from PVM and SVM and finding out
whether they are identical, we introduce a new module to qemu networking
called colo-proxy.

V2:
   rebase colo-proxy with qemu-colo-v2.2-periodic-mode
   fix dave's comments
   fix wency's comments
   fix zhanghailiang's comments

v1:
   initial patch.



zhangchen (10):
   Init colo-proxy object based on netfilter
   Jhash: add linux kernel jhashtable in qemu
   Colo-proxy: add colo-proxy framework
   Colo-proxy: add data structure and jhash func
   net/colo-proxy: Add colo interface to use proxy
   net/colo-proxy: add socket used by forward func
   net/colo-proxy: Add packet enqueue & handle func
   net/colo-proxy: Handle packet and connection
   net/colo-proxy: Compare pri pkt to sec pkt
   net/colo-proxy: Colo-proxy do checkpoint and clear

  include/qemu/jhash.h |  61 
  net/Makefile.objs|   1 +
  net/colo-proxy.c | 939 +++
  net/colo-proxy.h |  24 ++
  qemu-options.hx  |   6 +
  trace-events |   8 +
  vl.c |   3 +-
  7 files changed, 1041 insertions(+), 1 deletion(-)
  create mode 100644 include/qemu/jhash.h
  create mode 100644 net/colo-proxy.c
  create mode 100644 net/colo-proxy.h

--
1.9.1




--
Dr. David Alan Gilbert / dgilb...@redhat.com / Manchester, UK


.


--
Thanks
zhangchen




--
Dr. David Alan Gilbert / dgilb...@redhat.com / Manchester, UK



.



--
Thanks
zhangchen

Re: [Qemu-devel] [PATCH 5/8] ipmi: add ACPI power and GUID commands

[Cédric Le Goater]

On 01/08/2016 08:46 PM, Corey Minyard wrote:
> On 01/05/2016 11:29 AM, Cédric Le Goater wrote:
>> Signed-off-by: Cédric Le Goater 
>> ---
>>   hw/ipmi/ipmi_bmc_sim.c | 55 
>> ++
>>   1 file changed, 55 insertions(+)
>>
>> diff --git a/hw/ipmi/ipmi_bmc_sim.c b/hw/ipmi/ipmi_bmc_sim.c
>> index 60586a67104e..c3a06d0ac7e4 100644
>> --- a/hw/ipmi/ipmi_bmc_sim.c
>> +++ b/hw/ipmi/ipmi_bmc_sim.c
>> @@ -25,6 +25,7 @@
>>   #include 
>>   #include 
>>   #include 
>> +#include "sysemu/sysemu.h"
>>   #include "qemu/timer.h"
>>   #include "hw/ipmi/ipmi.h"
>>   #include "qemu/error-report.h"
>> @@ -54,6 +55,9 @@
>>   #define IPMI_CMD_GET_DEVICE_ID0x01
>>   #define IPMI_CMD_COLD_RESET   0x02
>>   #define IPMI_CMD_WARM_RESET   0x03
>> +#define IPMI_CMD_SET_POWER_STATE  0x06sensors/temperature/outnorth  
>>9.06
sensors/temperature/outsouth 8.38

>> +#define IPMI_CMD_GET_POWER_STATE  0x07
> 
> These are ACPI power state commands per the spec, can we add ACPI to the name?

sure. Will do.

Thanks,

C. 


> 
> -corey
>> +#define IPMI_CMD_GET_DEVICE_GUID  0x08
>>   #define IPMI_CMD_RESET_WATCHDOG_TIMER 0x22
>>   #define IPMI_CMD_SET_WATCHDOG_TIMER   0x24
>>   #define IPMI_CMD_GET_WATCHDOG_TIMER   0x25
>> @@ -215,6 +219,9 @@ struct IPMIBmcSim {
>> uint8_t restart_cause;
>>   +uint8_t power_state[2];
>> +uint8_t uuid[16];
>> +
>>   IPMISel sel;
>>   IPMISdr sdr;
>>   IPMIFru fru;
>> @@ -842,6 +849,42 @@ static void warm_reset(IPMIBmcSim *ibs,
>>   k->reset(s, false);
>>   }
>>   }
>> +static void set_power_state(IPMIBmcSim *ibs,
>> +  uint8_t *cmd, unsigned int cmd_len,
>> +  uint8_t *rsp, unsigned int *rsp_len,
>> +  unsigned int max_rsp_len)
>> +{
>> +IPMI_CHECK_CMD_LEN(4);
>> +ibs->power_state[0] = cmd[2];
>> +ibs->power_state[1] = cmd[3];
>> + out:
>> +return;
>> +}
>> +
>> +static void get_power_state(IPMIBmcSim *ibs,
>> +  uint8_t *cmd, unsigned int cmd_len,
>> +  uint8_t *rsp, unsigned int *rsp_len,
>> +  unsigned int max_rsp_len)
>> +{
>> +IPMI_ADD_RSP_DATA(ibs->power_state[0]);
>> +IPMI_ADD_RSP_DATA(ibs->power_state[1]);
>> + out:
>> +return;
>> +}
>> +
>> +static void get_device_guid(IPMIBmcSim *ibs,
>> +  uint8_t *cmd, unsigned int cmd_len,
>> +  uint8_t *rsp, unsigned int *rsp_len,
>> +  unsigned int max_rsp_len)
>> +{
>> +unsigned int i;
>> +
>> +for (i = 0; i < 16; i++) {
>> +IPMI_ADD_RSP_DATA(ibs->uuid[i]);
>> +}
>> + out:
>> +return;
>> +}
>> static void set_bmc_global_enables(IPMIBmcSim *ibs,
>>  uint8_t *cmd, unsigned int cmd_len,
>> @@ -1781,6 +1824,9 @@ static const IPMICmdHandler 
>> app_cmds[IPMI_NETFN_APP_MAXCMD] = {
>>   [IPMI_CMD_GET_DEVICE_ID] = get_device_id,
>>   [IPMI_CMD_COLD_RESET] = cold_reset,
>>   [IPMI_CMD_WARM_RESET] = warm_reset,
>> +[IPMI_CMD_SET_POWER_STATE] = set_power_state,
>> +[IPMI_CMD_GET_POWER_STATE] = get_power_state,
>> +[IPMI_CMD_GET_DEVICE_GUID] = get_device_guid,
>>   [IPMI_CMD_SET_BMC_GLOBAL_ENABLES] = set_bmc_global_enables,
>>   [IPMI_CMD_GET_BMC_GLOBAL_ENABLES] = get_bmc_global_enables,
>>   [IPMI_CMD_CLR_MSG_FLAGS] = clr_msg_flags,
>> @@ -1907,6 +1953,15 @@ static void ipmi_sim_init(Object *obj)
>>   i += len;
>>   }
>>   +ibs->power_state[0] = 0;
>> +ibs->power_state[1] = 0;
>> +
>> +if (qemu_uuid_set) {
>> +memcpy(>uuid, qemu_uuid, 16);
>> +} else {
>> +memset(>uuid, 0, 16);
>> +}
>> +
>>   ipmi_init_sensors_from_sdrs(ibs);
>>   register_cmds(ibs);
>>   
> 

[Qemu-devel] [PATCH 13/25] 9pfs: PDU processing functions should start pdu_ prefix

[Aneesh Kumar K.V]

From: Wei Liu 

This matches naming convention of pdu_marshal and pdu_unmarshal.

Signed-off-by: Wei Liu 
Signed-off-by: Aneesh Kumar K.V 
---
 hw/9pfs/virtio-9p.c | 88 ++---
 1 file changed, 44 insertions(+), 44 deletions(-)

diff --git a/hw/9pfs/virtio-9p.c b/hw/9pfs/virtio-9p.c
index 0a016dc11a7c..d8ce12ed8858 100644
--- a/hw/9pfs/virtio-9p.c
+++ b/hw/9pfs/virtio-9p.c
@@ -563,7 +563,7 @@ static int fid_to_qid(V9fsPDU *pdu, V9fsFidState *fidp, 
V9fsQID *qidp)
 return 0;
 }
 
-static V9fsPDU *alloc_pdu(V9fsState *s)
+static V9fsPDU *pdu_alloc(V9fsState *s)
 {
 V9fsPDU *pdu = NULL;
 
@@ -575,7 +575,7 @@ static V9fsPDU *alloc_pdu(V9fsState *s)
 return pdu;
 }
 
-static void free_pdu(V9fsPDU *pdu)
+static void pdu_free(V9fsPDU *pdu)
 {
 if (pdu) {
 V9fsState *s = pdu->s;
@@ -595,7 +595,7 @@ static void free_pdu(V9fsPDU *pdu)
  * because we always expect to have enough space to encode
  * error details
  */
-static void complete_pdu(V9fsPDU *pdu, ssize_t len)
+static void pdu_complete(V9fsPDU *pdu, ssize_t len)
 {
 int8_t id = pdu->id + 1; /* Response */
 V9fsState *s = pdu->s;
@@ -638,7 +638,7 @@ static void complete_pdu(V9fsPDU *pdu, ssize_t len)
 /* Now wakeup anybody waiting in flush for this request */
 qemu_co_queue_next(>complete);
 
-free_pdu(pdu);
+pdu_free(pdu);
 }
 
 static mode_t v9mode_to_mode(uint32_t mode, V9fsString *extension)
@@ -933,7 +933,7 @@ static void v9fs_version(void *opaque)
 offset += err;
 trace_v9fs_version_return(pdu->tag, pdu->id, s->msize, version.data);
 out:
-complete_pdu(pdu, offset);
+pdu_complete(pdu, offset);
 v9fs_string_free();
 }
 
@@ -997,7 +997,7 @@ static void v9fs_attach(void *opaque)
 out:
 put_fid(pdu, fidp);
 out_nofid:
-complete_pdu(pdu, err);
+pdu_complete(pdu, err);
 v9fs_string_free();
 v9fs_string_free();
 }
@@ -1043,7 +1043,7 @@ static void v9fs_stat(void *opaque)
 out:
 put_fid(pdu, fidp);
 out_nofid:
-complete_pdu(pdu, err);
+pdu_complete(pdu, err);
 }
 
 static void v9fs_getattr(void *opaque)
@@ -1106,7 +1106,7 @@ static void v9fs_getattr(void *opaque)
 out:
 put_fid(pdu, fidp);
 out_nofid:
-complete_pdu(pdu, retval);
+pdu_complete(pdu, retval);
 }
 
 /* Attribute flags */
@@ -1203,7 +1203,7 @@ static void v9fs_setattr(void *opaque)
 out:
 put_fid(pdu, fidp);
 out_nofid:
-complete_pdu(pdu, err);
+pdu_complete(pdu, err);
 }
 
 static int v9fs_walk_marshal(V9fsPDU *pdu, uint16_t nwnames, V9fsQID *qids)
@@ -1245,7 +1245,7 @@ static void v9fs_walk(void *opaque)
 
 err = pdu_unmarshal(pdu, offset, "ddw", , , );
 if (err < 0) {
-complete_pdu(pdu, err);
+pdu_complete(pdu, err);
 return ;
 }
 offset += err;
@@ -1313,7 +1313,7 @@ out:
 v9fs_path_free();
 v9fs_path_free();
 out_nofid:
-complete_pdu(pdu, err);
+pdu_complete(pdu, err);
 if (nwnames && nwnames <= P9_MAXWELEM) {
 for (name_idx = 0; name_idx < nwnames; name_idx++) {
 v9fs_string_free([name_idx]);
@@ -1430,7 +1430,7 @@ static void v9fs_open(void *opaque)
 out:
 put_fid(pdu, fidp);
 out_nofid:
-complete_pdu(pdu, err);
+pdu_complete(pdu, err);
 }
 
 static void v9fs_lcreate(void *opaque)
@@ -1487,7 +1487,7 @@ static void v9fs_lcreate(void *opaque)
 out:
 put_fid(pdu, fidp);
 out_nofid:
-complete_pdu(pdu, err);
+pdu_complete(pdu, err);
 v9fs_string_free();
 }
 
@@ -1517,7 +1517,7 @@ static void v9fs_fsync(void *opaque)
 }
 put_fid(pdu, fidp);
 out_nofid:
-complete_pdu(pdu, err);
+pdu_complete(pdu, err);
 }
 
 static void v9fs_clunk(void *opaque)
@@ -1550,7 +1550,7 @@ static void v9fs_clunk(void *opaque)
 err = offset;
 }
 out_nofid:
-complete_pdu(pdu, err);
+pdu_complete(pdu, err);
 }
 
 static int v9fs_xattr_read(V9fsState *s, V9fsPDU *pdu, V9fsFidState *fidp,
@@ -1760,7 +1760,7 @@ static void v9fs_read(void *opaque)
 out:
 put_fid(pdu, fidp);
 out_nofid:
-complete_pdu(pdu, err);
+pdu_complete(pdu, err);
 }
 
 static size_t v9fs_readdir_data_size(V9fsString *name)
@@ -1883,7 +1883,7 @@ static void v9fs_readdir(void *opaque)
 out:
 put_fid(pdu, fidp);
 out_nofid:
-complete_pdu(pdu, retval);
+pdu_complete(pdu, retval);
 }
 
 static int v9fs_xattr_write(V9fsState *s, V9fsPDU *pdu, V9fsFidState *fidp,
@@ -1950,7 +1950,7 @@ static void v9fs_write(void *opaque)
 
 err = pdu_unmarshal(pdu, offset, "dqd", , , );
 if (err < 0) {
-complete_pdu(pdu, err);
+pdu_complete(pdu, err);
 return;
 }
 offset += err;
@@ -2013,7 +2013,7 @@ out:
 put_fid(pdu, fidp);
 out_nofid:
 qemu_iovec_destroy(_full);
-complete_pdu(pdu, err);
+pdu_complete(pdu, err);
 }
 
 static void v9fs_create(void *opaque)
@@ -2180,7 +2180,7 @@ static void v9fs_create(void *opaque)
 out: