Re: [Qemu-devel] [Qemu-stable] [PATCH v2 for 2.7] ui: fix refresh of VNC server surface

[Peter Lieven]

Am 16.08.2016 um 18:30 schrieb Daniel P. Berrange:

In previous commit

   commit c7628bff4138ce906a3620d12e0820c1cf6c140d
   Author: Gerd Hoffmann 
   Date:   Fri Oct 30 12:10:09 2015 +0100

 vnc: only alloc server surface with clients connected

the VNC server was changed so that the 'vd->server' pixman
image was only allocated when a client is connected.

Since then if a client disconnects and then reconnects to
the VNC server all they will see is a black screen until
they do something that triggers a refresh. On a graphical
desktop this is not often noticed since there's many things
going on which cause a refresh. On a plain text console it
is really obvious since nothing refreshes frequently.

The problem is that the VNC server didn't update the guest
dirty bitmap, so still believes its server image is in sync
with the guest contents.

To fix this we must explicitly mark the entire guest desktop
as dirty after re-creating the server surface. Move this
logic into vnc_update_server_surface() so it is guaranteed
to be call in all code paths that re-create the surface
instead of only in vnc_dpy_switch()

Signed-off-by: Daniel P. Berrange 


I noticed that these patches is as well not in master yet and therefore
not included in the 2.7.0-rc4 tagged yesterday.

Peter

Re: [Qemu-devel] [Qemu-stable] [PATCH 0/2] virtio: fix VirtQueue->inuse field

[Peter Lieven]

Am 17.08.2016 um 15:58 schrieb Stefan Hajnoczi:

On Mon, Aug 15, 2016 at 01:54:14PM +0100, Stefan Hajnoczi wrote:

The VirtQueue->inuse field is not always updated correctly.  These patches fix
it.

Originally this series was called "virtio-balloon: fix stats vq migration" but
Ladi Prosek posted a nicer fix called "balloon: Fix failure of updating guest
memory status".  I dropped the virtio-balloon patches.

Changes from previous series:
  * Missing comma in error formatting [Fam]
  * virtio_descard() -> virtio_discard() [Michael]
  * Multi-line comment style [Cornelia]

Stefan Hajnoczi (2):
   virtio: recalculate vq->inuse after migration
   virtio: decrement vq->inuse in virtqueue_discard()

  hw/virtio/virtio.c | 16 
  1 file changed, 16 insertions(+)

I should mention this is for QEMU 2.7.  These fixes are needed if the
CVE-2016-5403 patch has been applied.

Without these patches any device that holds VirtQueueElements across
live migration will terminate with a "Virtqueue size exceeded" error
message.  virtio-balloon and virtio-scsi are affected.  virtio-blk
probably too but I haven't tested it.

Stefan


I noticed that these patches are not in master yet and therefore
not included in the 2.7.0-rc4 tagges yesterday. Is there any issue with them?

Peter

Re: [Qemu-devel] [PATCH v7] docs: add cpu-hotplug.txt

[Dou Liyang]

Hi Alexandre,

At 08/22/2016 04:56 PM, Alexandre DERUMIER wrote:

Hello,

I'm looking to implement cpu hotplug,

and I have a question about cpu flags

currently I have something like

-cpu qemu64,+lahf_lm,+sep,+kvm_pv_unhalt,+kvm_pv_eoi,enforce
-smp 4,sockets=2,cores=2,maxcpus=4


Does I need to define flags like:

-smp 2,sockets=2,cores=2,maxcpus=4
-device 
qemu64-x86_64-cpu,+lahf_lm,+sep,+kvm_pv_unhalt,+kvm_pv_eoi,enforce,id=cpu1,socket-id=1,core-id=1,thread-id=0


I think we don't need to do that.
In my option, just like this:

-device qemu64-x86_64-cpu,id=cpu1,socket-id=1,..

Because QEMU sets the "-cpu" options in MachineState:

  current_machine->cpu_model = cpu_model;

when you add a CPU, QEMU can get the flag from the MachineState.


...

?


Another question,
is -smp mandatory ?  (if I want coldplug all cpus)


it's not mandatory. such as this:

  ./x86_64-softmmu/qemu-system-x86_64 -m 1G /image/fedora.img
  -enable-kvm -monitor stdio

 (qemu) info cpus
  * CPU #0: pc=0x81060586 (halted) thread_id=4032

the default number of CPUs is 1.



-smp sockets=2,cores=2,maxcpus=4



-device qemu64-x86_64-cpu,id=cpu1,socket-id=1,core-id=1,thread-id=0
-device qemu64-x86_64-cpu,id=cpu1,socket-id=1,core-id=2,thread-id=0
-device qemu64-x86_64-cpu,id=cpu3,socket-id=2,core-id=1,thread-id=0
-device qemu64-x86_64-cpu,id=cpu4,socket-id=2,core-id=2,thread-id=0

or does I need minimum 1 non unplugable cpu

-smp 1,sockets=2,cores=2,maxcpus=4
-device qemu64-x86_64-cpu,id=cpu1,socket-id=1,core-id=2,thread-id=0
-device qemu64-x86_64-cpu,id=cpu3,socket-id=2,core-id=1,thread-id=0
-device qemu64-x86_64-cpu,id=cpu4,socket-id=2,core-id=2,thread-id=0



I think that is better, and the socket-id/core-id/thread-id starts at
index 0

I am new to the community. Please don't mind, and take with a grain of
salt.   

Thanks,
Dou

Re: [Qemu-devel] QEMU XHCI support (FreeBSD)

[Thomas Huth]

On 22.08.2016 20:15, Hans Petter Selasky wrote:
> Hi,
> 
> I'm currently testing QEMUs XHCI support with FreeBSD and found some
> bugs in FreeBSDs XHCI aswell as QEMUs XHCI.
> 
> 1) QEMU falsely reports a remainder of 8 bytes on TR_SETUP. This patch
> fixes it. Can it be upstreamed?

 Hi Hans,

please make sure to send patches with a proper "Signed-off-by" line,
otherwise they can't be accepted. See the following URL for details:

http://wiki.qemu.org/Contribute/SubmitAPatch#Patch_emails_must_include_a_Signed-off-by:_line

 Regards,
  Thomas

[Qemu-devel] QEMU XHCI support (FreeBSD)

[Hans Petter Selasky]

Hi,

I'm currently testing QEMUs XHCI support with FreeBSD and found some 
bugs in FreeBSDs XHCI aswell as QEMUs XHCI.


1) QEMU falsely reports a remainder of 8 bytes on TR_SETUP. This patch 
fixes it. Can it be upstreamed?


--- ./work/qemu-2.3.0/hw/usb/hcd-xhci.c.orig	2016-08-22 
16:07:30.877585000 +0200

+++ ./work/qemu-2.3.0/hw/usb/hcd-xhci.c 2016-08-22 16:08:19.240109000 +0200
@@ -1748,6 +1748,11 @@ static void xhci_xfer_report(XHCITransfe
  unsigned int chunk = 0;

  switch (TRB_TYPE(*trb)) {
+case TR_SETUP:
+chunk = trb->status & 0x1;
+if (chunk > 8)
+chunk = 8;
+break;
  case TR_DATA:
  case TR_NORMAL:
  case TR_ISOCH:

Please CC me. I'm not subscribed.

--HPS

[Qemu-devel] [Bug 1615823] [NEW] Windows 10 reports no compatible TPM found yet device manager shows it?

[Kelvin Middleton]

Public bug reported:

Ubuntu 16.04 with stock kvm, libvirt, ovmf
Qemu 2.5 installed from stock ubuntu ppa
Qemu 2.6.1 built from tarball.
Qemu 2.7.0-rc4 built from tarball.

Windows 10 guest reports a TPM device is installed and the driver
functional under Device Manager-->Security Devices.  TPM Administrator
however advises no compatible TPM chip can be found.

Qemu 2.5 is buggy and prevents the guest loading the TPM driver, this
was addressed by
http://git.qemu.org/?p=qemu.git;a=commit;h=2b1c2e8e5f1990f0a201a8cbf9d366fca60f4aa8

Have tested the below cmd out on both qemu-2.6.1 and qemu-2.7.0-rc4,
both suffer the same problem.  My TPM is most certainly compatible as
installing Win10Pro onto the same host as bare metal provides me the
desired and expected functionality aka Bitlocker and TPM Administrator
work.

sudo ./qemu-system-x86_64 \
-enable-kvm \
-machine q35 \
-cpu host \
-m 4096 \
-smp 4,sockets=1,cores=2,threads=2 \
-device i82801b11-bridge,id=pci.1,bus=pcie.0,addr=0x1e \
-device pci-bridge,chassis_nr=2,id=pci.2,bus=pci.1,addr=0x1 \
-device 
qxl-vga,id=video0,ram_size=67108864,vram_size=67108864,vgamem_mb=16,bus=pcie.0,addr=0x2
 \
-drive file=/usr/share/qemu/OVMF.fd,if=pflash,format=raw,unit=0,readonly=on \
-drive file=/mnt/120GB_SSD/wintpm_VARS.fd,if=pflash,format=raw,unit=1 \
-drive 
file=/mnt/120GB_SSD/wintpm.qcow2,format=qcow2,if=none,id=drive-virtio-disk0 \
-device 
virtio-blk-pci,scsi=off,bus=pci.2,addr=0x3,drive=drive-virtio-disk0,id=virtio-disk0,bootindex=2
 \
-drive file="/mnt/share/Filestorage/Images/Microsoft Windows 10 Pro 
x64.iso",format=raw,if=none,media=cdrom,id=drive-sata0-0-0,readonly=on \
-device ide-cd,bus=ide.0,drive=drive-sata0-0-0,id=sata0-0-0 \
-drive 
file=/mnt/share/Filestorage/Images/virtio-win-0.1.117.iso,format=raw,if=none,media=cdrom,id=drive-sata0-0-1,readonly=on
 \
-device ide-cd,bus=ide.1,drive=drive-sata0-0-1,id=sata0-0-1 \
-tpmdev 
passthrough,id=tpm-tpm0,path=/dev/tpm0,cancel-path=/sys/class/tpm/tpm0/device/cancel
 \
-device tpm-tis,tpmdev=tpm-tpm0,id=tpm0

** Affects: qemu
 Importance: Undecided
 Status: New

-- 
You received this bug notification because you are a member of qemu-
devel-ml, which is subscribed to QEMU.
https://bugs.launchpad.net/bugs/1615823

Title:
  Windows 10 reports no compatible TPM found yet device manager shows
  it?

Status in QEMU:
  New

Bug description:
  Ubuntu 16.04 with stock kvm, libvirt, ovmf
  Qemu 2.5 installed from stock ubuntu ppa
  Qemu 2.6.1 built from tarball.
  Qemu 2.7.0-rc4 built from tarball.

  Windows 10 guest reports a TPM device is installed and the driver
  functional under Device Manager-->Security Devices.  TPM Administrator
  however advises no compatible TPM chip can be found.

  Qemu 2.5 is buggy and prevents the guest loading the TPM driver, this
  was addressed by
  
http://git.qemu.org/?p=qemu.git;a=commit;h=2b1c2e8e5f1990f0a201a8cbf9d366fca60f4aa8

  Have tested the below cmd out on both qemu-2.6.1 and qemu-2.7.0-rc4,
  both suffer the same problem.  My TPM is most certainly compatible as
  installing Win10Pro onto the same host as bare metal provides me the
  desired and expected functionality aka Bitlocker and TPM Administrator
  work.

  sudo ./qemu-system-x86_64 \
  -enable-kvm \
  -machine q35 \
  -cpu host \
  -m 4096 \
  -smp 4,sockets=1,cores=2,threads=2 \
  -device i82801b11-bridge,id=pci.1,bus=pcie.0,addr=0x1e \
  -device pci-bridge,chassis_nr=2,id=pci.2,bus=pci.1,addr=0x1 \
  -device 
qxl-vga,id=video0,ram_size=67108864,vram_size=67108864,vgamem_mb=16,bus=pcie.0,addr=0x2
 \
  -drive file=/usr/share/qemu/OVMF.fd,if=pflash,format=raw,unit=0,readonly=on \
  -drive file=/mnt/120GB_SSD/wintpm_VARS.fd,if=pflash,format=raw,unit=1 \
  -drive 
file=/mnt/120GB_SSD/wintpm.qcow2,format=qcow2,if=none,id=drive-virtio-disk0 \
  -device 
virtio-blk-pci,scsi=off,bus=pci.2,addr=0x3,drive=drive-virtio-disk0,id=virtio-disk0,bootindex=2
 \
  -drive file="/mnt/share/Filestorage/Images/Microsoft Windows 10 Pro 
x64.iso",format=raw,if=none,media=cdrom,id=drive-sata0-0-0,readonly=on \
  -device ide-cd,bus=ide.0,drive=drive-sata0-0-0,id=sata0-0-0 \
  -drive 
file=/mnt/share/Filestorage/Images/virtio-win-0.1.117.iso,format=raw,if=none,media=cdrom,id=drive-sata0-0-1,readonly=on
 \
  -device ide-cd,bus=ide.1,drive=drive-sata0-0-1,id=sata0-0-1 \
  -tpmdev 
passthrough,id=tpm-tpm0,path=/dev/tpm0,cancel-path=/sys/class/tpm/tpm0/device/cancel
 \
  -device tpm-tis,tpmdev=tpm-tpm0,id=tpm0

To manage notifications about this bug go to:
https://bugs.launchpad.net/qemu/+bug/1615823/+subscriptions

Re: [Qemu-devel] [PATCH] block/iscsi: Adding iser support in Libiscsi-QEMU

[ronnie sahlberg]

It is never too late.

I can start working on a patch to add "iser://" URL support to
libiscsi right now. It should be a trivial change.
I think I would prefer iser:// instead of iscsi+iser:// but it is not
religiusly. Let me know if you rather want iscsi+iser.


But you would still need some changes to Roy's patch to QEMU, right?
I.e. I think you would need an additional, new block driver :

static BlockDriver bdrv_iser = {
 .format_name = "iser",
.protocol_name   = "iser",
...

No ?



On Mon, Aug 1, 2016 at 6:50 AM, Paolo Bonzini  wrote:
>
>
> On 27/07/2016 12:02, Roy Shterman wrote:
>> iSER is a new transport layer supported in Libiscsi,
>> iSER provides a zero-copy RDMA capable interface that can
>> improve performance.
>>
>> New API is introduced in abstracion of the Libiscsi transport layer.
>> In order to use the new iSER transport, one need to add the ?iser option
>> at the end of Libiscsi URI.
>
> Hi, is it too late to use the URI scheme instead---for example
> iscsi+iser://.../... ?  In any case this should not affect the QEMU bits.
>
> Paolo
>
>> For now iSER memory buffers are pre-allocated and pre-registered,
>> hence in order to work with iSER from QEMU, one need to enable MEMLOCK
>> attribute in the VM to be large enough for all iSER buffers and RDMA
>> resources.
>>
>> A new functionallity is also introduced in this commit, a new API
>> to deploy zero-copy command submission. iSER is differing from TCP in
>> data-path, hence IO vectors must be transferred already when queueing
>> the PDU.
>>
>> Signed-off-by: Roy Shterman 
>> ---
>>  block/iscsi.c |   45 +
>>  1 files changed, 41 insertions(+), 4 deletions(-)
>>
>> diff --git a/block/iscsi.c b/block/iscsi.c
>> index 7e78ade..6b95636 100644
>> --- a/block/iscsi.c
>> +++ b/block/iscsi.c
>> @@ -41,6 +41,7 @@
>>  #include "qapi/qmp/qstring.h"
>>  #include "crypto/secret.h"
>>
>> +#include "qemu/uri.h"
>>  #include 
>>  #include 
>>
>> @@ -484,6 +485,18 @@ iscsi_co_writev_flags(BlockDriverState *bs, int64_t 
>> sector_num, int nb_sectors,
>>  iscsi_co_init_iscsitask(iscsilun, &iTask);
>>  retry:
>>  if (iscsilun->use_16_for_rw) {
>> +#if LIBISCSI_API_VERSION >= (20160603)
>> +iTask.task = iscsi_write16_iov_task(iscsilun->iscsi, iscsilun->lun, 
>> lba,
>> +NULL, num_sectors * 
>> iscsilun->block_size,
>> +iscsilun->block_size, 0, 0, 
>> fua, 0, 0,
>> +iscsi_co_generic_cb, &iTask, 
>> (struct scsi_iovec *)iov->iov, iov->niov);
>> +} else {
>> +iTask.task = iscsi_write10_iov_task(iscsilun->iscsi, iscsilun->lun, 
>> lba,
>> +NULL, num_sectors * 
>> iscsilun->block_size,
>> +iscsilun->block_size, 0, 0, 
>> fua, 0, 0,
>> +iscsi_co_generic_cb, &iTask, 
>> (struct scsi_iovec *)iov->iov, iov->niov);
>> +}
>> +#else
>>  iTask.task = iscsi_write16_task(iscsilun->iscsi, iscsilun->lun, lba,
>>  NULL, num_sectors * 
>> iscsilun->block_size,
>>  iscsilun->block_size, 0, 0, fua, 0, 
>> 0,
>> @@ -494,11 +507,14 @@ retry:
>>  iscsilun->block_size, 0, 0, fua, 0, 
>> 0,
>>  iscsi_co_generic_cb, &iTask);
>>  }
>> +#endif
>>  if (iTask.task == NULL) {
>>  return -ENOMEM;
>>  }
>> +#if LIBISCSI_API_VERSION < (20160603)
>>  scsi_task_set_iov_out(iTask.task, (struct scsi_iovec *) iov->iov,
>>iov->niov);
>> +#endif
>>  while (!iTask.complete) {
>>  iscsi_set_events(iscsilun);
>>  qemu_coroutine_yield();
>> @@ -677,6 +693,19 @@ static int coroutine_fn iscsi_co_readv(BlockDriverState 
>> *bs,
>>  iscsi_co_init_iscsitask(iscsilun, &iTask);
>>  retry:
>>  if (iscsilun->use_16_for_rw) {
>> +#if LIBISCSI_API_VERSION >= (20160603)
>> +iTask.task = iscsi_read16_iov_task(iscsilun->iscsi, iscsilun->lun, 
>> lba,
>> +   num_sectors * 
>> iscsilun->block_size,
>> +   iscsilun->block_size, 0, 0, 0, 
>> 0, 0,
>> +   iscsi_co_generic_cb, &iTask, 
>> (struct scsi_iovec *)iov->iov, iov->niov);
>> +} else {
>> +iTask.task = iscsi_read10_iov_task(iscsilun->iscsi, iscsilun->lun, 
>> lba,
>> +   num_sectors * 
>> iscsilun->block_size,
>> +   iscsilun->block_size,
>> +   0, 0, 0, 0, 0,
>> +   iscsi_co_generic_cb, &iTask, 
>> (struct scsi_iovec *)iov->iov, iov->niov);
>> +}
>> +#else
>>  iTask.task

Re: [Qemu-devel] [PATCH] Fix bsd-user build after d915b7bb

[Ed Maste]

On 22 August 2016 at 12:20, Peter Maydell  wrote:
>
> Awkward that this missed rc4 by an hour or two :-(

Indeed, and I'm sorry that's the case. It wasn't even in the context
of the upcoming release that I tried building and stumbled across this
- I'm just back after some time away.

This is a good reminder of the need for us (FreeBSD) to get a build
bot going though.

Re: [Qemu-devel] [PATCH 0/2] virtio: fix VirtQueue->inuse field

[Denis V. Lunev]

On 08/22/2016 10:00 AM, Denis V. Lunev wrote:

On 08/15/2016 08:54 AM, Stefan Hajnoczi wrote:
The VirtQueue->inuse field is not always updated correctly.  These 
patches fix

it.

Originally this series was called "virtio-balloon: fix stats vq 
migration" but
Ladi Prosek posted a nicer fix called "balloon: Fix failure of 
updating guest

memory status".  I dropped the virtio-balloon patches.

Changes from previous series:
  * Missing comma in error formatting [Fam]
  * virtio_descard() -> virtio_discard() [Michael]
  * Multi-line comment style [Cornelia]

Stefan Hajnoczi (2):
   virtio: recalculate vq->inuse after migration
   virtio: decrement vq->inuse in virtqueue_discard()

  hw/virtio/virtio.c | 16 
  1 file changed, 16 insertions(+)


these patches break 'make check' with the following:

GTESTER check-qtest-x86_64
Warning: path not on HugeTLBFS: /tmp/vhost-test-hRYeTb
Warning: path not on HugeTLBFS: /tmp/vhost-test-hRYeTb
Warning: path not on HugeTLBFS: /tmp/vhost-test-hRYeTb
qemu-system-x86_64: VQ 1 size 0x100 < last_avail_idx 0x0 - used_idx 0x1
qemu-system-x86_64: error while loading state for instance 0x0 of 
device ':00:03.0/virtio-net'

qemu-system-x86_64: load of migration failed: Operation not permitted
Broken pipe
qemu-system-x86_64: Failed to read msg header. Read 0 instead of 12. 
Original request 11.

GTester: last random seed: R02S122f07a3fc35cfd5b0204e3eb45c61e6
qemu-system-x86_64: Failed to read msg header. Read 0 instead of 12. 
Original request 11.

Warning: path not on HugeTLBFS: /tmp/vhost-test-60WtDz
blkdebug: Suspended request 'A'
blkdebug: Resuming request 'A'
main-loop: WARNING: I/O thread spun for 1000 iterations
main-loop: WARNING: I/O thread spun for 1000 iterations
/home/den/src/git/qemu/tests/Makefile:400: recipe for target 
'check-qtest-x86_64' failed

make: *** [check-qtest-x86_64] Error 1
iris ~/src/git/qemu $

Sorry, if I have missed the fix in the list.

Den


VERY sorry, pls disregard. This is my mistake :(

Den

Re: [Qemu-devel] [Qemu-arm] [PATCH] block: m25p80c Fix vmstate structure name

[Paolo Bonzini]

On 20/08/2016 00:20, Alistair Francis wrote:
 >> > Change wrong name of the vmstate structure. Since this breaks
 >> > compatibility update version and fields to 0.
> s/and/set/g
> 

Or more likely: "update the VMState version to 0 and make all fields
independent of the VMState version".

Paolo

[Qemu-devel] [ANNOUNCE] QEMU 2.7.0-rc4 is now available

[Michael Roth]

Hello,

On behalf of the QEMU Team, I'd like to announce the availability of the
fifth release candidate for the QEMU 2.7 release.  This release is meant
for testing purposes and should not be used in a production environment.

http://wiki.qemu.org/download/qemu-2.7.0-rc4.tar.bz2

A note from the maintainer:

  Hopefully this will be the last release candidate with the
  final release early next week. Remaining testing should
  focus on finding showstopper problems and on the few things
  that went in between rc3 and rc4.

You can help improve the quality of the QEMU 2.7 release by testing this
release and reporting bugs on Launchpad:

https://bugs.launchpad.net/qemu/

The release plan, as well a documented known issues for release
candidates, are available at:

http://wiki.qemu.org/Planning/2.7

Please add entries to the ChangeLog for the 2.7 release below:

http://wiki.qemu.org/ChangeLog/2.7

Re: [Qemu-devel] QEMU make: ROM is too large

[Thomas Hanson]

On 22 August 2016 at 08:23, Peter Maydell  wrote:

> PS: just passing --enable-debug to configure should
> be sufficient to do a no-optimization debug-symbols
> build; do you really need to manually specify
> CFLAGS? I wonder whether you're ending up with two
> -Osomething options in your CFLAGS which is then
> confusing the "override with -O2" logic in the
> pc-bios/optionrom/Makefile.
>

Peter,

Looks like you're onto something.

With:
CFLAGS="-g3 -O0" ./configure --target-list=aarch64-softmmu,arm-softmmu
--enable-vhost-net --enable-virtfs

cc -I/home/tom/QEMU/SrcTree/tcg -I/home/tom/QEMU/SrcTree/tcg/i386
-I/home/tom/QEMU/SrcTree/linux-headers
-I/home/tom/QEMU/SrcTree/linux-headers -I. -I/home/tom/QEMU/SrcTree
-I/home/tom/QEMU/SrcTree/include -Iqga -Iqga -I/usr/include/pixman-1
 -Werror -fPIE -DPIE -m64 -D_GNU_SOURCE -D_FILE_OFFSET_BITS=64
-D_LARGEFILE_SOURCE -Wstrict-prototypes -Wredundant-decls -Wall -Wundef
-Wwrite-strings -Wmissing-prototypes -fno-strict-aliasing -fno-common
 -Wendif-labels -Wmissing-include-dirs -Wempty-body -Wnested-externs
-Wformat-security -Wformat-y2k -Winit-self -Wignored-qualifiers
-Wold-style-declaration -Wold-style-definition -Wtype-limits
-fstack-protector-strong -I/home/tom/QEMU/SrcTree/tests -I
qga/qapi-generated -MMD -MP -MT qga/main.o -MF qga/main.d *-O2*
-U_FORTIFY_SOURCE
-D_FORTIFY_SOURCE=2 -pthread -I/usr/include/glib-2.0
-I/usr/lib/x86_64-linux-gnu/glib-2.0/include   *-g -g3 -O0  -c* -o
qga/main.o qga/main.c


With
./configure --enable-debug --target-list=aarch64-softmmu,arm-softmmu
--enable-vhost-net --enable-virtfs

cc -I/home/tom/QEMU/SrcTree/tcg -I/home/tom/QEMU/SrcTree/tcg/i386
-I/home/tom/QEMU/SrcTree/linux-headers
-I/home/tom/QEMU/SrcTree/linux-headers -I. -I/home/tom/QEMU/SrcTree
-I/home/tom/QEMU/SrcTree/include -Iqga -Iqga -I/usr/include/pixman-1
 -Werror -fPIE -DPIE -m64 -D_GNU_SOURCE -D_FILE_OFFSET_BITS=64
-D_LARGEFILE_SOURCE -Wstrict-prototypes -Wredundant-decls -Wall -Wundef
-Wwrite-strings -Wmissing-prototypes -fno-strict-aliasing -fno-common
 -Wendif-labels -Wmissing-include-dirs -Wempty-body -Wnested-externs
-Wformat-security -Wformat-y2k -Winit-self -Wignored-qualifiers
-Wold-style-declaration -Wold-style-definition -Wtype-limits
-fstack-protector-strong -I/home/tom/QEMU/SrcTree/tests -I
qga/qapi-generated -MMD -MP -MT qga/main.o -MF qga/main.d -pthread
-I/usr/include/glib-2.0 -I/usr/lib/x86_64-linux-gnu/glib-2.0/include   *-g
  -c -o* qga/main.o qga/main.c

AND with the 2nd (--enable-debug) command line, the problem goes away.

Thanks!

Re: [Qemu-devel] [PATCH] Fix bsd-user build after d915b7bb

[Peter Maydell]

On 22 August 2016 at 15:57, Ed Maste  wrote:
> Must include "qemu-version.h" for the QEMU_PKGVERSION definition.
>
> Signed-off-by: Ed Maste 
> ---
>  bsd-user/main.c | 1 +
>  1 file changed, 1 insertion(+)
>
> diff --git a/bsd-user/main.c b/bsd-user/main.c
> index b4a0a00..0fb08e4 100644
> --- a/bsd-user/main.c
> +++ b/bsd-user/main.c
> @@ -17,6 +17,7 @@
>   *  along with this program; if not, see .
>   */
>  #include "qemu/osdep.h"
> +#include "qemu-version.h"
>  #include 
>
>  #include "qapi/error.h"

Awkward that this missed rc4 by an hour or two :-(

-- PMM

[Qemu-devel] [PATCH v2 3/9] hw: arm: SMMUv3 emulation model

[Prem Mallappa]

Big patch adds SMMUv3 model to Qemu
  - As per SMMUv3 spec 16.0
  - Works with SMMUv3 driver in Linux 4.7rc1
  - Only LPAE mode translation supported
  - BE mode is not supported yet
  - Stage1, Stage2 and S1+S2
  - Suspend/resume not tested

Signed-off-by: Prem Mallappa 
---
 hw/arm/smmu-common.c |  152 +
 hw/arm/smmu-common.h |  141 +
 hw/arm/smmu-v3.c | 1369 ++
 hw/arm/smmuv3-internal.h |  432 +++
 hw/vfio/common.c |2 +-
 5 files changed, 2095 insertions(+), 1 deletion(-)
 create mode 100644 hw/arm/smmu-common.c
 create mode 100644 hw/arm/smmu-common.h
 create mode 100644 hw/arm/smmu-v3.c
 create mode 100644 hw/arm/smmuv3-internal.h

diff --git a/hw/arm/smmu-common.c b/hw/arm/smmu-common.c
new file mode 100644
index 000..bf2039b
--- /dev/null
+++ b/hw/arm/smmu-common.c
@@ -0,0 +1,152 @@
+/*
+ * Copyright (C) 2014-2016 Broadcom Corporation
+ *
+ * This program is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License version 2 as
+ * published by the Free Software Foundation.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.
+ *
+ * Author: Prem Mallappa 
+ *
+ */
+
+#include "qemu/osdep.h"
+#include "sysemu/sysemu.h"
+#include "exec/address-spaces.h"
+
+#include "smmu-common.h"
+
+inline MemTxResult smmu_read_sysmem(hwaddr addr, void *buf, int len,
+bool secure)
+{
+MemTxAttrs attrs = {.unspecified = 1, .secure = secure};
+
+switch (len) {
+case 4:
+*(uint32_t *)buf = ldl_le_phys(&address_space_memory, addr);
+break;
+case 8:
+*(uint64_t *)buf = ldq_le_phys(&address_space_memory, addr);
+break;
+default:
+return address_space_rw(&address_space_memory, addr,
+attrs, buf, len, false);
+}
+return MEMTX_OK;
+}
+
+inline void
+smmu_write_sysmem(hwaddr addr, void *buf, int len, bool secure)
+{
+MemTxAttrs attrs = {.unspecified = 1, .secure = secure};
+
+switch (len) {
+case 4:
+stl_le_phys(&address_space_memory, addr, *(uint32_t *)buf);
+break;
+case 8:
+stq_le_phys(&address_space_memory, addr, *(uint64_t *)buf);
+break;
+default:
+address_space_rw(&address_space_memory, addr,
+ attrs, buf, len, true);
+}
+}
+
+SMMUTransErr
+smmu_translate_64(SMMUTransCfg *cfg, uint32_t *pagesize,
+  uint32_t *perm, bool is_write)
+{
+int ret, level;
+int stage  = cfg->stage;
+int granule_sz = cfg->granule_sz[stage];
+int va_size= cfg->va_size[stage];
+hwaddr  va, addr, mask;
+hwaddr *outaddr;
+
+
+va = addr = cfg->va;/* or ipa in Stage2 */
+SMMU_DPRINTF(TT_1, "stage:%d\n", stage);
+assert(va_size == 64);  /* We dont support 32-bit yet */
+/* same location, for clearity */
+outaddr = &cfg->pa;
+
+level = 4 - (va_size - cfg->tsz[stage] - 4) / granule_sz;
+
+mask = (1ULL << (granule_sz + 3)) - 1;
+
+addr = extract64(cfg->ttbr[stage], 0, 48);
+addr &= ~((1ULL << (va_size - cfg->tsz[stage] -
+(granule_sz * (4 - level - 1);
+
+for (;;) {
+uint64_t desc;
+#ifdef ARM_SMMU_DEBUG
+uint64_t ored = (va >> (granule_sz * (4 - level))) & mask;
+SMMU_DPRINTF(TT_1,
+ "Level: %d va:%lx addr:%lx ored:%lx\n",
+ level, va, addr, ored);
+#endif
+addr |= (va >> (granule_sz * (4 - level))) & mask;
+addr &= ~7ULL;
+
+if (smmu_read_sysmem(addr, &desc, sizeof(desc), false)) {
+ret = SMMU_TRANS_ERR_WALK_EXT_ABRT;
+SMMU_DPRINTF(CRIT, "Translation table read error lvl:%d\n", level);
+break;
+}
+
+SMMU_DPRINTF(TT_1,
+ "Level: %d gran_sz:%d mask:%lx addr:%lx desc:%lx\n",
+ level, granule_sz, mask, addr, desc);
+
+if (!(desc & 1) ||
+(!(desc & 2) && (level == 3))) {
+ret = SMMU_TRANS_ERR_TRANS;
+break;
+}
+
+/* We call again to resolve address at this 'level' */
+if (cfg->s2_needed) {
+uint32_t perm_s2, pagesize_s2;
+SMMUTransCfg s2cfg = *cfg;
+
+s2cfg.stage++;
+s2cfg.va = desc;
+s2cfg.s2_needed = false;
+
+ret = smmu_translate_64(&s2cfg, &pagesize_s2,
+&perm_s2, is_write);
+   

[Qemu-devel] [PATCH v2 9/9] [optional] arm: smmu-v3: ACPI IORT initial support

[Prem Mallappa]

Added ACPI IORT tables, was needed for internal project purpose, but
posting here for anyone looking for testing ACPI on ARM platforms.
(P.S: Linux side IORT patches are WIP)

Signed-off-by: Prem Mallappa 
---
 hw/arm/virt-acpi-build.c| 43 +++
 include/hw/acpi/acpi-defs.h | 84 +
 2 files changed, 127 insertions(+)

diff --git a/hw/arm/virt-acpi-build.c b/hw/arm/virt-acpi-build.c
index 1fa0581..d5fb69e 100644
--- a/hw/arm/virt-acpi-build.c
+++ b/hw/arm/virt-acpi-build.c
@@ -382,6 +382,45 @@ build_rsdp(GArray *rsdp_table, BIOSLinker *linker, 
unsigned rsdt_tbl_offset)
 return rsdp_table;
 }
 
+/*
+ * TODO: Simple IORT for now, will add ID mappings as we go
+ * basic idea is to instantiate SMMU from ACPI
+ */
+static void
+build_iort(GArray *table_data, BIOSLinker *linker, VirtGuestInfo *guest_info)
+{
+int iort_start = table_data->len;
+AcpiIortTable *iort;
+AcpiIortNode *iort_node;
+AcpiIortSmmu3 *smmu;
+AcpiIortRC *rc;
+const MemMapEntry *memmap = guest_info->memmap;
+
+iort = acpi_data_push(table_data, sizeof(*iort));
+
+iort->length = sizeof(*iort);
+iort->node_offset = table_data->len - iort_start;
+iort->num_nodes++;
+
+smmu = acpi_data_push(table_data, sizeof(*smmu));
+iort_node = &smmu->iort_node;
+iort_node->type = 0x04;  /* SMMUv3 */
+iort_node->length = sizeof(*smmu);
+smmu->base_addr = cpu_to_le64(memmap[VIRT_SMMU].base);
+
+iort->num_nodes++;
+
+rc = acpi_data_push(table_data, sizeof(*rc));
+iort_node = &rc->iort_node;
+iort_node->type = 0x02;  /* RC */
+iort_node->length = sizeof(*rc);
+rc->ats_attr = 1;
+rc->pci_seg_num = 0;
+
+build_header(linker, table_data, (void *)(table_data->data + iort_start),
+ "IORT", table_data->len - iort_start, 0, NULL, NULL);
+}
+
 static void
 build_spcr(GArray *table_data, BIOSLinker *linker, VirtGuestInfo *guest_info)
 {
@@ -667,6 +706,7 @@ void virt_acpi_build(VirtGuestInfo *guest_info, 
AcpiBuildTables *tables)
  * MADT
  * MCFG
  * DSDT
+ * IORT = ACPI 6.0
  */
 
 /* DSDT is pointed to by FADT */
@@ -694,6 +734,9 @@ void virt_acpi_build(VirtGuestInfo *guest_info, 
AcpiBuildTables *tables)
 build_srat(tables_blob, tables->linker, guest_info);
 }
 
+acpi_add_table(table_offsets, tables_blob);
+build_iort(tables_blob, tables->linker, guest_info);
+
 /* RSDT is pointed to by RSDP */
 rsdt = tables_blob->len;
 build_rsdt(tables_blob, tables->linker, table_offsets, NULL, NULL);
diff --git a/include/hw/acpi/acpi-defs.h b/include/hw/acpi/acpi-defs.h
index 850a962..d60f390 100644
--- a/include/hw/acpi/acpi-defs.h
+++ b/include/hw/acpi/acpi-defs.h
@@ -259,6 +259,90 @@ typedef struct AcpiFacsDescriptorRev1 
AcpiFacsDescriptorRev1;
  */
 
 /*
+ * IORT Table
+ */
+struct AcpiIortTable
+{
+ACPI_TABLE_HEADER_DEF /* ACPI common table header */
+uint32_t num_nodes;
+uint32_t node_offset;
+uint32_t reserved;
+} QEMU_PACKED;
+typedef struct AcpiIortTable AcpiIortTable;
+
+struct AcpiIortIdMapping
+{
+uint32_t input_base;
+uint32_t num_ids;
+uint32_t output_base;
+uint32_t output_ref;
+uint32_t flags;
+} QEMU_PACKED;
+typedef struct AcpiIortIdMapping AcpiIortIdMapping;
+
+struct AcpiIortNode
+{
+uint8_t  type;
+uint16_t length;
+uint8_t  revision;
+uint32_t reserved1;
+uint32_t num_id_maps;
+uint32_t id_array_offset;
+} QEMU_PACKED;
+typedef struct AcpiIortNode AcpiIortNode;
+
+struct AcpiIortSmmu2
+{
+AcpiIortNode iort_node;
+uint64_t base_addr;
+uint64_t span;
+uint32_t model;
+uint32_t flags;
+uint32_t gbl_intr_array_off;
+uint32_t ctx_intr_cnt;
+uint32_t ctx_intr_array_off;
+uint32_t pmr_intr_cnt;
+uint32_t pmr_intr_array_off;
+
+// Global interrupt array
+uint32_t gintr;
+uint32_t gintr_flags;
+uint32_t gcfgintr;
+uint32_t gcfgintr_flags;
+
+//AcpiIortIdMapping id_mapping_array[0];
+} QEMU_PACKED;
+typedef struct AcpiIortSmmu2 AcpiIortSmmu2;
+
+struct AcpiIortSmmu3
+{
+AcpiIortNode iort_node;
+uint64_t base_addr;
+uint32_t flags;
+uint32_t reserved2;
+uint64_t vatos_addr;
+uint32_t model;
+uint32_t event_irq;
+uint32_t pri_irq;
+uint32_t gerr_irq;
+uint32_t sync_irq;
+
+//AcpiIortIdMapping id_mapping_array[0];
+} QEMU_PACKED;
+typedef struct AcpiIortSmmu3 AcpiIortSmmu3;
+
+struct AcpiIortRC
+{
+AcpiIortNode iort_node;
+uint64_t mem_access_prop;
+uint32_t ats_attr;
+uint32_t pci_seg_num;
+
+AcpiIortIdMapping id_mapping_array[0];
+} QEMU_PACKED;
+typedef struct AcpiIortRC AcpiIortRC;
+
+/*
  * MADT values and structures
  */
 
-- 
2.9.3

[Qemu-devel] [PATCH v2 2/9] devicetree: Added new APIs to make use of more fdt functions

[Prem Mallappa]

SMMUv3 needs device tree entry like below

 interrupt-names = "gerror", "priq", "eventq", "cmdq-sync";

This patch introduces helper function to add entries like above

Signed-off-by: Prem Mallappa 
---
 device_tree.c| 35 +++
 include/sysemu/device_tree.h | 18 ++
 2 files changed, 53 insertions(+)

diff --git a/device_tree.c b/device_tree.c
index 6e06320..5d5966e 100644
--- a/device_tree.c
+++ b/device_tree.c
@@ -297,6 +297,24 @@ int qemu_fdt_setprop(void *fdt, const char *node_path,
 return r;
 }
 
+int qemu_fdt_appendprop(void *fdt, const char *node_path,
+ const char *property, const void *val, int size)
+{
+int r;
+
+r = fdt_appendprop(fdt, findnode_nofail(fdt, node_path), property,
+   val, size);
+if (r < 0) {
+error_report("%s: Couldn't set %s/%s: %s", __func__, node_path,
+ property, fdt_strerror(r));
+exit(1);
+}
+
+return r;
+}
+
+
+
 int qemu_fdt_setprop_cell(void *fdt, const char *node_path,
   const char *property, uint32_t val)
 {
@@ -319,6 +337,23 @@ int qemu_fdt_setprop_u64(void *fdt, const char *node_path,
 return qemu_fdt_setprop(fdt, node_path, property, &val, sizeof(val));
 }
 
+int qemu_fdt_appendprop_string(void *fdt, const char *node_path,
+const char *property, const char *string)
+{
+int r;
+
+r = fdt_appendprop_string(fdt, findnode_nofail(fdt, node_path),
+  property, string);
+if (r < 0) {
+error_report("%s: Couldn't set %s/%s = %s: %s", __func__,
+ node_path, property, string, fdt_strerror(r));
+exit(1);
+}
+
+return r;
+}
+
+
 int qemu_fdt_setprop_string(void *fdt, const char *node_path,
 const char *property, const char *string)
 {
diff --git a/include/sysemu/device_tree.h b/include/sysemu/device_tree.h
index 705650a..5a0a297 100644
--- a/include/sysemu/device_tree.h
+++ b/include/sysemu/device_tree.h
@@ -45,12 +45,16 @@ char **qemu_fdt_node_path(void *fdt, const char *name, char 
*compat,
 
 int qemu_fdt_setprop(void *fdt, const char *node_path,
  const char *property, const void *val, int size);
+int qemu_fdt_appendprop(void *fdt, const char *node_path,
+ const char *property, const void *val, int size);
 int qemu_fdt_setprop_cell(void *fdt, const char *node_path,
   const char *property, uint32_t val);
 int qemu_fdt_setprop_u64(void *fdt, const char *node_path,
  const char *property, uint64_t val);
 int qemu_fdt_setprop_string(void *fdt, const char *node_path,
 const char *property, const char *string);
+int qemu_fdt_appendprop_string(void *fdt, const char *node_path,
+   const char *property, const char *string);
 int qemu_fdt_setprop_phandle(void *fdt, const char *node_path,
  const char *property,
  const char *target_node_path);
@@ -98,6 +102,20 @@ int qemu_fdt_add_subnode(void *fdt, const char *name);
  sizeof(qdt_tmp));\
 } while (0)
 
+
+#define qemu_fdt_appendprop_cells(fdt, node_path, property, ...)  \
+do {  \
+uint32_t qdt_tmp[] = { __VA_ARGS__ }; \
+int i;\
+  \
+for (i = 0; i < ARRAY_SIZE(qdt_tmp); i++) {   \
+qdt_tmp[i] = cpu_to_be32(qdt_tmp[i]); \
+} \
+qemu_fdt_appendprop(fdt, node_path, property, qdt_tmp,\
+ sizeof(qdt_tmp));\
+} while (0)
+
+
 void qemu_fdt_dumpdtb(void *fdt, int size);
 
 /**
-- 
2.9.3

[Qemu-devel] [PATCH v2 1/9] log: Add new IOMMU type

[Prem Mallappa]

Signed-off-by: Prem Mallappa 
---
 include/qemu/log.h | 1 +
 util/log.c | 2 ++
 2 files changed, 3 insertions(+)

diff --git a/include/qemu/log.h b/include/qemu/log.h
index 234fa81..3dd2131 100644
--- a/include/qemu/log.h
+++ b/include/qemu/log.h
@@ -42,6 +42,7 @@ static inline bool qemu_log_separate(void)
 #define CPU_LOG_TB_NOCHAIN (1 << 13)
 #define CPU_LOG_PAGE   (1 << 14)
 #define LOG_TRACE  (1 << 15)
+#define CPU_LOG_IOMMU  (1 << 16)
 
 /* Returns true if a bit is set in the current loglevel mask
  */
diff --git a/util/log.c b/util/log.c
index 5ad72c1..62c4378 100644
--- a/util/log.c
+++ b/util/log.c
@@ -241,6 +241,8 @@ const QEMULogItem qemu_log_items[] = {
   "show CPU registers before entering a TB (lots of logs)" },
 { CPU_LOG_MMU, "mmu",
   "log MMU-related activities" },
+{ CPU_LOG_IOMMU, "iommu",
+  "log IOMMU-related activities" },
 { CPU_LOG_PCALL, "pcall",
   "x86 only: show protected mode far calls/returns/exceptions" },
 { CPU_LOG_RESET, "cpu_reset",
-- 
2.9.3

[Qemu-devel] [PATCH v2 7/9] [optional] tests: libqos: generic pci probing helpers

[Prem Mallappa]

Current libqos PCI helpers are x86 only, this addes a generic interface.

Signed-off-by: Prem Mallappa 
---
 tests/libqos/pci-generic.c | 197 +
 tests/libqos/pci-generic.h |  58 +
 2 files changed, 255 insertions(+)
 create mode 100644 tests/libqos/pci-generic.c
 create mode 100644 tests/libqos/pci-generic.h

diff --git a/tests/libqos/pci-generic.c b/tests/libqos/pci-generic.c
new file mode 100644
index 000..1820c0e
--- /dev/null
+++ b/tests/libqos/pci-generic.c
@@ -0,0 +1,197 @@
+/*
+ * libqos PCI bindings for non-PC
+ *
+ * Copyright IBM, Corp. 2012-2013
+ *
+ * Authors:
+ *  Anthony Liguori   
+ *  Prem Mallappa 
+ *
+ * This work is licensed under the terms of the GNU GPL, version 2 or later.
+ * See the COPYING file in the top-level directory.
+ */
+
+#include "qemu/osdep.h"
+#include "libqtest.h"
+#include "libqos/pci-generic.h"
+
+#include "hw/pci/pci_regs.h"
+
+#include "qemu-common.h"
+#include "qemu/host-utils.h"
+
+#include 
+
+static uint8_t qpci_generic_io_readb(QPCIBus *bus, void *addr)
+{
+return readb((uintptr_t)addr);
+}
+
+static uint16_t qpci_generic_io_readw(QPCIBus *bus, void *addr)
+{
+return readw((uintptr_t)addr);
+}
+
+static uint32_t qpci_generic_io_readl(QPCIBus *bus, void *addr)
+{
+return readl((uintptr_t)addr);
+}
+
+static void qpci_generic_io_writeb(QPCIBus *bus, void *addr, uint8_t value)
+{
+writeb((uintptr_t)addr, value);
+}
+
+static void qpci_generic_io_writew(QPCIBus *bus, void *addr, uint16_t value)
+{
+writew((uintptr_t)addr, value);
+}
+
+static void qpci_generic_io_writel(QPCIBus *bus, void *addr, uint32_t value)
+{
+writel((uintptr_t)addr, value);
+}
+
+#define devfn2addr(base, devfn, offset) \
+   ((base) | ((devfn) << 12) | (offset))
+
+#define bdf2offset(bus, devfn) \
+((bus) << 20 | (devfn) << 12)
+
+static uint8_t qpci_generic_config_readb(QPCIBus *bus, int devfn, uint8_t 
offset)
+{
+QPCIBusGen *s = container_of(bus, QPCIBusGen, bus);
+return readb(devfn2addr(s->base, devfn, offset));
+}
+
+static uint16_t qpci_generic_config_readw(QPCIBus *bus, int devfn, uint8_t 
offset)
+{ 
+QPCIBusGen *s = container_of(bus, QPCIBusGen, bus);
+return readw(devfn2addr(s->base, devfn, offset));
+}
+
+static uint32_t qpci_generic_config_readl(QPCIBus *bus, int devfn, uint8_t 
offset)
+{
+QPCIBusGen *s = container_of(bus, QPCIBusGen, bus);
+return readl(devfn2addr(s->base, devfn, offset));
+}
+
+static void qpci_generic_config_writeb(QPCIBus *bus, int devfn, uint8_t 
offset, uint8_t value)
+{
+QPCIBusGen *s = container_of(bus, QPCIBusGen, bus);
+writeb(devfn2addr(s->base, devfn, offset), value);
+}
+
+static void qpci_generic_config_writew(QPCIBus *bus, int devfn, uint8_t 
offset, uint16_t value)
+{
+QPCIBusGen *s = container_of(bus, QPCIBusGen, bus);
+writew(devfn2addr(s->base, devfn, offset), value);
+}
+
+static void qpci_generic_config_writel(QPCIBus *bus, int devfn, uint8_t 
offset, uint32_t value)
+{
+QPCIBusGen *s = container_of(bus, QPCIBusGen, bus);
+writel(devfn2addr(s->base, devfn, offset), value);
+}
+
+static void *qpci_generic_iomap(QPCIBus *bus, QPCIDevice *dev, int barno, 
uint64_t *sizeptr)
+{
+QPCIBusGen *s = container_of(bus, QPCIBusGen, bus);
+static const int bar_reg_map[] = {
+PCI_BASE_ADDRESS_0, PCI_BASE_ADDRESS_1, PCI_BASE_ADDRESS_2,
+PCI_BASE_ADDRESS_3, PCI_BASE_ADDRESS_4, PCI_BASE_ADDRESS_5,
+};
+int bar_reg;
+uint32_t addr;
+uint64_t size;
+uint32_t io_type;
+
+g_assert(barno >= 0 && barno <= 5);
+bar_reg = bar_reg_map[barno];
+
+qpci_config_writel(dev, bar_reg, 0x);
+addr = qpci_config_readl(dev, bar_reg);
+
+io_type = addr & PCI_BASE_ADDRESS_SPACE;
+if (io_type == PCI_BASE_ADDRESS_SPACE_IO) {
+addr &= PCI_BASE_ADDRESS_IO_MASK;
+} else {
+addr &= PCI_BASE_ADDRESS_MEM_MASK;
+}
+
+size = (1ULL << ctzl(addr));
+if (size == 0) {
+return NULL;
+}
+if (sizeptr) {
+*sizeptr = size;
+}
+
+if (io_type == PCI_BASE_ADDRESS_SPACE_IO) {
+uint16_t loc;
+
+g_assert(QEMU_ALIGN_UP(s->pci_iohole_alloc, size) + size
+ <= s->pci_iohole_size);
+s->pci_iohole_alloc = QEMU_ALIGN_UP(s->pci_iohole_alloc, size);
+loc = s->pci_iohole_start + s->pci_iohole_alloc;
+s->pci_iohole_alloc += size;
+
+qpci_config_writel(dev, bar_reg, loc | PCI_BASE_ADDRESS_SPACE_IO);
+
+return (void *)(intptr_t)loc;
+} else {
+uint64_t loc;
+
+g_assert(QEMU_ALIGN_UP(s->pci_hole_alloc, size) + size
+ <= s->pci_hole_size);
+s->pci_hole_alloc = QEMU_ALIGN_UP(s->pci_hole_alloc, size);
+loc = s->pci_hole_start + s->pci_hole_alloc;
+s->pci_hole_alloc += size;
+printf("%s: hole_start:%x hole_alloc:%x\n", __func__,
+   s->pci_hole_start, s->pci_hole_alloc);
+qpci_config_

[Qemu-devel] [PATCH v2 5/9] hw: arm: Add SMMUv3 to virt platform, create DTS accordingly

[Prem Mallappa]

Default virt platform now creates SMMU device.
Default config to build SMMU device along is in previous patches.

Signed-off-by: Prem Mallappa 
---
 hw/arm/virt.c | 62 +++
 include/hw/arm/smmu.h | 33 +++
 include/hw/arm/virt.h |  2 ++
 3 files changed, 97 insertions(+)
 create mode 100644 include/hw/arm/smmu.h

diff --git a/hw/arm/virt.c b/hw/arm/virt.c
index c5c125e..f3c7891 100644
--- a/hw/arm/virt.c
+++ b/hw/arm/virt.c
@@ -57,6 +57,7 @@
 #include "hw/smbios/smbios.h"
 #include "qapi/visitor.h"
 #include "standard-headers/linux/input.h"
+#include "hw/arm/smmu.h"
 
 /* Number of external interrupt lines to configure the GIC with */
 #define NUM_IRQS 256
@@ -77,6 +78,7 @@ typedef struct VirtBoardInfo {
 uint32_t gic_phandle;
 uint32_t v2m_phandle;
 bool using_psci;
+uint32_t smmu_phandle;
 } VirtBoardInfo;
 
 typedef struct {
@@ -175,6 +177,7 @@ static const MemMapEntry a15memmap[] = {
 [VIRT_FW_CFG] = { 0x0902, 0x0018 },
 [VIRT_GPIO] =   { 0x0903, 0x1000 },
 [VIRT_SECURE_UART] ={ 0x0904, 0x1000 },
+[VIRT_SMMU] =   { 0x0905, 0x0002 }, /* 128K, needed */
 [VIRT_MMIO] =   { 0x0a00, 0x0200 },
 /* ...repeating for a total of NUM_VIRTIO_TRANSPORTS, each of that size */
 [VIRT_PLATFORM_BUS] =   { 0x0c00, 0x0200 },
@@ -195,9 +198,19 @@ static const int a15irqmap[] = {
 [VIRT_SECURE_UART] = 8,
 [VIRT_MMIO] = 16, /* ...to 16 + NUM_VIRTIO_TRANSPORTS - 1 */
 [VIRT_GIC_V2M] = 48, /* ...to 48 + NUM_GICV2M_SPIS - 1 */
+[VIRT_SMMU] = 74,/* ...to 74 + NUM_SMMU_IRQS - 1 */
 [VIRT_PLATFORM_BUS] = 112, /* ...to 112 + PLATFORM_BUS_NUM_IRQS -1 */
 };
 
+static const struct smmuirq {
+const char *name;
+} smmuirqmap[NUM_SMMU_IRQS] = {
+[SMMU_IRQ_EVTQ] = {"eventq"},
+[SMMU_IRQ_PRIQ] = {"priq"},
+[SMMU_IRQ_CMD_SYNC] = {"cmdq-sync"},
+[SMMU_IRQ_GERROR] = {"gerror"},
+};
+
 static VirtBoardInfo machines[] = {
 {
 .cpu_model = "cortex-a15",
@@ -938,6 +951,50 @@ static void create_pcie_irq_map(const VirtBoardInfo *vbi, 
uint32_t gic_phandle,
0x7   /* PCI irq */);
 }
 
+static void alloc_smmu_phandle(VirtBoardInfo *vbi)
+{
+if (!vbi->smmu_phandle)
+vbi->smmu_phandle = qemu_fdt_alloc_phandle(vbi->fdt);
+}
+
+static void create_smmu(VirtBoardInfo *vbi, qemu_irq *pic)
+{
+int i;
+char *smmu;
+const char compat[] = "arm,smmu-v3";
+int irq =  vbi->irqmap[VIRT_SMMU];
+hwaddr base = vbi->memmap[VIRT_SMMU].base;
+hwaddr size = vbi->memmap[VIRT_SMMU].size;
+int type = GIC_FDT_IRQ_TYPE_SPI;
+
+sysbus_create_varargs("smmuv3", base,
+  pic[irq],
+  pic[irq + 1],
+  pic[irq + 2],
+  pic[irq + 3],
+  NULL);
+
+smmu = g_strdup_printf("/smmuv3@%" PRIx64, base);
+qemu_fdt_add_subnode(vbi->fdt, smmu);
+qemu_fdt_setprop(vbi->fdt, smmu, "compatible", compat, sizeof(compat));
+qemu_fdt_setprop_sized_cells(vbi->fdt, smmu, "reg", 2, base, 2, size);
+
+for (i = 0; i < NUM_SMMU_IRQS; i++) {
+qemu_fdt_appendprop_cells(vbi->fdt, smmu, "interrupts",
+  type, irq + i,
+  GIC_FDT_IRQ_FLAGS_LEVEL_HI);
+qemu_fdt_appendprop_string(vbi->fdt, smmu, "interrupt-names",
+   smmuirqmap[i].name);
+}
+
+qemu_fdt_setprop_cell(vbi->fdt, smmu, "clocks", vbi->clock_phandle);
+qemu_fdt_setprop_cell(vbi->fdt, smmu, "#iommu-cells", 0);
+qemu_fdt_setprop_string(vbi->fdt, smmu, "clock-names", "apb_pclk");
+
+qemu_fdt_setprop_cell(vbi->fdt, smmu, "phandle", vbi->smmu_phandle);
+g_free(smmu);
+}
+
 static void create_pcie(const VirtBoardInfo *vbi, qemu_irq *pic,
 bool use_highmem)
 {
@@ -1048,6 +1105,7 @@ static void create_pcie(const VirtBoardInfo *vbi, 
qemu_irq *pic,
 }
 
 qemu_fdt_setprop_cell(vbi->fdt, nodename, "#interrupt-cells", 1);
+qemu_fdt_setprop_cells(vbi->fdt, nodename, "iommus", vbi->smmu_phandle);
 create_pcie_irq_map(vbi, vbi->gic_phandle, irq, nodename);
 
 g_free(nodename);
@@ -1332,8 +1390,12 @@ static void machvirt_init(MachineState *machine)
 
 create_rtc(vbi, pic);
 
+alloc_smmu_phandle(vbi);
+
 create_pcie(vbi, pic, vms->highmem);
 
+create_smmu(vbi, pic);
+
 create_gpio(vbi, pic);
 
 /* Create mmio transports, so the user can create virtio backends
diff --git a/include/hw/arm/smmu.h b/include/hw/arm/smmu.h
new file mode 100644
index 000..bbb5e5d
--- /dev/null
+++ b/include/hw/arm/smmu.h
@@ -0,0 +1,33 @@
+/*
+ * This program is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License version 2 as
+ * publish

[Qemu-devel] [PATCH v2 8/9] [optional] tests: SMMUv3 unit tests

[Prem Mallappa]

 - initializes SMMU device
 - initializes Test device
 - allocates page tables 1:1 mapping va == pa
 - allocates STE/CD accordingly for S1, S2, S1+S2
 - initiates DMA via PCI test device
 - verifies transfered data

Signed-off-by: Prem Mallappa 
---
 tests/Makefile.include |   4 +
 tests/smmuv3-test.c| 952 +
 2 files changed, 956 insertions(+)
 create mode 100644 tests/smmuv3-test.c

diff --git a/tests/Makefile.include b/tests/Makefile.include
index 7d63d16..08bee81 100644
--- a/tests/Makefile.include
+++ b/tests/Makefile.include
@@ -251,6 +251,8 @@ gcov-files-sparc-y += hw/timer/m48t59.c
 gcov-files-sparc64-y += hw/timer/m48t59.c
 check-qtest-arm-y = tests/tmp105-test$(EXESUF)
 check-qtest-arm-y = tests/ds1338-test$(EXESUF)
+check-qtest-aarch64-y += tests/smmuv3-test$(EXESUF)
+gcov-files-aarch64-y += hw/arm/smmu-v3.c
 gcov-files-arm-y += hw/misc/tmp105.c
 check-qtest-arm-y += tests/virtio-blk-test$(EXESUF)
 gcov-files-arm-y += arm-softmmu/hw/block/virtio-blk.c
@@ -535,6 +537,7 @@ tests/test-crypto-afsplit$(EXESUF): 
tests/test-crypto-afsplit.o $(test-crypto-ob
 tests/test-crypto-block$(EXESUF): tests/test-crypto-block.o 
$(test-crypto-obj-y)
 
 libqos-obj-y = tests/libqos/pci.o tests/libqos/fw_cfg.o tests/libqos/malloc.o
+libqos-obj-y += tests/libqos/pci-generic.o
 libqos-obj-y += tests/libqos/i2c.o tests/libqos/libqos.o
 libqos-pc-obj-y = $(libqos-obj-y) tests/libqos/pci-pc.o
 libqos-pc-obj-y += tests/libqos/malloc-pc.o tests/libqos/libqos-pc.o
@@ -608,6 +611,7 @@ tests/test-filter-mirror$(EXESUF): 
tests/test-filter-mirror.o $(qtest-obj-y)
 tests/test-filter-redirector$(EXESUF): tests/test-filter-redirector.o 
$(qtest-obj-y)
 tests/ivshmem-test$(EXESUF): tests/ivshmem-test.o 
contrib/ivshmem-server/ivshmem-server.o $(libqos-pc-obj-y)
 tests/vhost-user-bridge$(EXESUF): tests/vhost-user-bridge.o
+tests/smmuv3-test$(EXESUF): tests/smmuv3-test.o $(libqos-obj-y) 
tests/libqos/malloc-generic.o
 
 ifeq ($(CONFIG_POSIX),y)
 LIBS += -lutil
diff --git a/tests/smmuv3-test.c b/tests/smmuv3-test.c
new file mode 100644
index 000..40837ef
--- /dev/null
+++ b/tests/smmuv3-test.c
@@ -0,0 +1,952 @@
+/*
+ * Copyright (C) 2014-2016 Broadcom Corporation
+ *
+ * This program is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License version 2 as
+ * published by the Free Software Foundation.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.
+ *
+ * Author: Prem Mallappa 
+ *   
+ */
+
+#include "qemu/osdep.h"
+
+#include 
+#include 
+
+#include "libqtest.h"
+#include "libqos/libqos.h"
+#include "libqos/pci-generic.h"
+#include "libqos/malloc-generic.h"
+
+#include "qemu-common.h"
+#include "hw/pci/pci_ids.h"
+#include "hw/pci/pci_regs.h"
+
+/* PCIe test device */
+#include "hw/misc/pci-testdev-smmu.h"
+
+/* SMMU */
+#include "hw/arm/smmu-common.h"
+#include "hw/arm/smmuv3-internal.h"
+
+
+/*
+ * STE/CD modification helpers
+ */
+#define ___SET(ste, off, start, len, val)   \
+({  \
+uint32_t *ptr = &(ste)->word[(off)];\
+*ptr = deposit32(*ptr, start, len, val);\
+})
+
+#define STE_SET_VALID(ste, val)   ___SET(ste, 0, 0, 1, val)
+#define STE_SET_CONFIG(ste, val)  ___SET(ste, 0, 1, 3, val)
+#define STE_SET_S1FMT(ste, val)   ___SET(ste, 0, 4, 2, val)
+#define STE_SET_S1CDMAX(ste, val) ___SET(ste, 1, 8, 2, val)
+#define STE_SET_EATS(ste, val)___SET(ste, 2, 28, 2, val)
+#define STE_SET_STRW(ste, val)___SET(ste, 2, 30, 2, val)
+#define STE_SET_S2VMID(ste, val)  ___SET(ste, 4, 0, 16, val) /* 4 */
+#define STE_SET_S2T0SZ(ste, val)  ___SET(ste, 5, 0, 6, val) /* 5 */
+#define STE_SET_S2TG(ste, val)___SET(ste, 5, 14, 2, val)
+#define STE_SET_S2PS(ste, val)___SET(ste, 5, 16, 3, val)
+#define STE_SET_S2AA64(ste, val)  ___SET(ste, 5, 19, 1, val)
+#define STE_SET_S2HD(ste, val)___SET(ste, 5, 24, 1, val)
+#define STE_SET_S2HA(ste, val)___SET(ste, 5, 25, 1, val)
+#define STE_SET_S2S(ste, val) ___SET(ste, 5, 26, 1, val)
+#define STE_SET_CTXPTR(ste, val)\
+({  \
+uint64_t __val = val;   \
+__val >>= 6;\
+___SET((ste), 0, 6, 26, __val); \
+__val >>= 32;   \
+___SET((ste), 1, 0, 16, __val); \
+})
+
+#define STE_SET_S2TTB(ste, val

[Qemu-devel] [PATCH v2 0/9] SMMUv3 Emulation support

[Prem Mallappa]

v1 -> v2:
- Adopted review comments from Eric Auger
- Make SMMU_DPRINTF to internally call qemu_log
(since translation requests are too many, we need control
 on the type of log we want)
- SMMUTransCfg modified to suite simplicity
- Change RegInfo to uint64 register array
- Code cleanup
- Test cleanups
- Reshuffled patches

RFC -> v1:
- As per SMMUv3 spec 16.0 (only is_ste_consistant() is noticeable)
- Reworked register access/update logic
- Factored out translation code for
- single point bug fix
- sharing/removal in future
- (optional) Unit tests added, with PCI test device
- S1 with 4k/64k, S1+S2 with 4k/64k
- (S1 or S2) only can be verified by Linux 4.7 driver
- (optional) Priliminary ACPI support

RFC:
- Implements SMMUv3 spec 11.0
- Supported for PCIe devices, 
- Command Queue and Event Queue supported
- LPAE only, S1 is supported and Tested, S2 not tested
- BE mode Translation not supported
- IRQ support (legacy, no MSI)
- Tested with DPDK and e1000 

Patch 1: Add new log type for IOMMU transactions

Patch 2: Adds support in virt.c to create both SMMUv3 device and dts entries

Patch 2: Adds SMMUv3 model to QEMU
Multiple files, big ones, translate functionality is split across to
accomodate SMMUv2 model, and to remove when common translation feature
(if) becomes available.

Patch 3: Adds SMMU build support

Patch 4: Some devicetree function to add support for SMMU's multiple interrupt
 assignment with names

<< optional patches >>
Optional patches are posted for completeness or for those who wants to test.

Patch 5: A simple PCI device which does DMA from 'src' to 'dst' given
 src_addr, dst_addr and size, and is used by unit test, uses
 pci_dma_read and pci_dma_write in a crude way but serves the purpose.

Patch 6: Current libqos PCI helpers are x86 only, this addes a generic interface

Patch 7: Unit tests for SMMU, 
- initializes SMMU device 
- initializes Test device
- allocates page tables 1:1 mapping va == pa
- allocates STE/CD accordingly for S1, S2, S1+S2
- initiates DMA via PCI test device
- verifies transfered data

Patch 8: Added ACPI IORT tables, was needed for internal project purpose, but 
 posting here for anyone looking for testing ACPI on ARM platforms.
 (P.S: Linux side IORT patches are WIP)

Repo:
https://github.com/pmallappa/qemu/tree/upstream/smmuv3/v2

To Test:
$ make tests/smmuv3-test
$ QTEST_QEMU_BINARY=aarch64-softmmu/qemu-system-aarch64 tests/smmuv3-test
<< expect lot of prints >>

Any comments welcome..

Cheers
/Prem

Prem Mallappa (9):
  log: Add new IOMMU type
  devicetree: Added new APIs to make use of more fdt functions
  hw: arm: SMMUv3 emulation model
  hw: arm: Added SMMUv3 files for build
  hw: arm: Add SMMUv3 to virt platform, create DTS accordingly
  [optional] hw: misc: added testdev for smmu
  [optional] tests: libqos: generic pci probing helpers
  [optional] tests: SMMUv3 unit tests
  [optional] arm: smmu-v3: ACPI IORT initial support

 default-configs/aarch64-softmmu.mak |1 +
 device_tree.c   |   35 +
 hw/arm/Makefile.objs|1 +
 hw/arm/smmu-common.c|  152 
 hw/arm/smmu-common.h|  141 
 hw/arm/smmu-v3.c| 1369 +++
 hw/arm/smmuv3-internal.h|  432 +++
 hw/arm/virt-acpi-build.c|   43 ++
 hw/arm/virt.c   |   62 ++
 hw/misc/Makefile.objs   |2 +-
 hw/misc/pci-testdev-smmu.c  |  239 ++
 hw/misc/pci-testdev-smmu.h  |   22 +
 hw/vfio/common.c|2 +-
 include/hw/acpi/acpi-defs.h |   84 +++
 include/hw/arm/smmu.h   |   33 +
 include/hw/arm/virt.h   |2 +
 include/qemu/log.h  |1 +
 include/sysemu/device_tree.h|   18 +
 tests/Makefile.include  |4 +
 tests/libqos/pci-generic.c  |  197 +
 tests/libqos/pci-generic.h  |   58 ++
 tests/smmuv3-test.c |  952 
 util/log.c  |2 +
 23 files changed, 3850 insertions(+), 2 deletions(-)
 create mode 100644 hw/arm/smmu-common.c
 create mode 100644 hw/arm/smmu-common.h
 create mode 100644 hw/arm/smmu-v3.c
 create mode 100644 hw/arm/smmuv3-internal.h
 create mode 100644 hw/misc/pci-testdev-smmu.c
 create mode 100644 hw/misc/pci-testdev-smmu.h
 create mode 100644 include/hw/arm/smmu.h
 create mode 100644 tests/libqos/pci-generic.c
 create mode 100644 tests/libqos/pci-generic.h
 create mode 100

[Qemu-devel] [PATCH v2 6/9] [optional] hw: misc: added testdev for smmu

[Prem Mallappa]

A simple PCI device which does DMA from 'src' to 'dst' given
src_addr, dst_addr and size, and is used by unit test. uses
pci_dma_read and pci_dma_write in a crude way but serves the purpose.

Signed-off-by: Prem Mallappa 
---
 hw/misc/Makefile.objs  |   2 +-
 hw/misc/pci-testdev-smmu.c | 239 +
 hw/misc/pci-testdev-smmu.h |  22 +
 3 files changed, 262 insertions(+), 1 deletion(-)
 create mode 100644 hw/misc/pci-testdev-smmu.c
 create mode 100644 hw/misc/pci-testdev-smmu.h

diff --git a/hw/misc/Makefile.objs b/hw/misc/Makefile.objs
index ffb49c1..fc34c5f 100644
--- a/hw/misc/Makefile.objs
+++ b/hw/misc/Makefile.objs
@@ -29,7 +29,6 @@ obj-$(CONFIG_IMX) += imx_ccm.o
 obj-$(CONFIG_IMX) += imx31_ccm.o
 obj-$(CONFIG_IMX) += imx25_ccm.o
 obj-$(CONFIG_IMX) += imx6_ccm.o
-obj-$(CONFIG_IMX) += imx6_src.o
 obj-$(CONFIG_MILKYMIST) += milkymist-hpdmc.o
 obj-$(CONFIG_MILKYMIST) += milkymist-pfpu.o
 obj-$(CONFIG_MAINSTONE) += mst_fpga.o
@@ -52,3 +51,4 @@ obj-$(CONFIG_PVPANIC) += pvpanic.o
 obj-$(CONFIG_EDU) += edu.o
 obj-$(CONFIG_HYPERV_TESTDEV) += hyperv_testdev.o
 obj-$(CONFIG_AUX) += aux.o
+obj-$(CONFIG_ARM_SMMUV3) += pci-testdev-smmu.o
diff --git a/hw/misc/pci-testdev-smmu.c b/hw/misc/pci-testdev-smmu.c
new file mode 100644
index 000..b605912
--- /dev/null
+++ b/hw/misc/pci-testdev-smmu.c
@@ -0,0 +1,239 @@
+/*
+ * QEMU PCI test device
+ *
+ * Copyright (c) 2012 Red Hat Inc.
+ * Author: Michael S. Tsirkin 
+ *
+ * This program is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License along
+ * with this program; if not, see .
+ */
+#include "qemu/osdep.h"
+#include "hw/hw.h"
+#include "hw/pci/pci.h"
+#include "qemu/event_notifier.h"
+
+#include "pci-testdev-smmu.h"
+
+/*
+ * pci-testdev-smmu:
+ *  Simple PCIe device, to enable read and write from memory.
+ * Architecture:
+ *  Following registers are supported.
+ *  TST_COMMAND = 0x0
+ *  TST_STATUS  = 0x4
+ *  TST_SRC_ADDRESS = 0x8
+ *  TST_SIZE= 0x10
+ *  TST_DST_ADDRESS = 0x18
+ */
+#define PCI_TSTDEV_NREGS 0x10
+
+/*
+ *  TST_COMMAND Register bits
+ *  OP[0]
+ *  READ = 0x0
+ *  WRITE = 0x1
+ */
+
+struct RegInfo {
+uint64_t data;
+char *name;
+};
+typedef struct RegInfo RegInfo;
+
+typedef struct PCITestDevState {
+/*< private >*/
+PCIDevice dev;
+/*< public >*/
+
+MemoryRegion mmio;
+RegInfo regs[PCI_TSTDEV_NREGS];
+} PCITestDevState;
+
+#define TYPE_PCI_TEST_DEV "pci-testdev-smmu"
+
+#define PCI_TEST_DEV(obj) \
+OBJECT_CHECK(PCITestDevState, (obj), TYPE_PCI_TEST_DEV)
+
+static void
+pci_tstdev_reset(PCITestDevState *d)
+{
+memset(d->regs, 0, sizeof(d->regs));
+}
+
+static inline void
+pci_tstdev_write_reg(PCITestDevState *pdev, hwaddr addr, uint64_t val)
+{
+RegInfo *reg = &pdev->regs[addr >> 2];
+reg->data = val;
+}
+
+static inline uint32_t
+pci_tstdev_read32_reg(PCITestDevState *pdev, hwaddr addr)
+{
+RegInfo *reg = &pdev->regs[addr >> 2];
+return (uint32_t) reg->data;
+}
+
+static inline uint64_t
+pci_tstdev_read64_reg(PCITestDevState *pdev, hwaddr addr)
+{
+RegInfo *reg = &pdev->regs[addr >> 2];
+return reg->data;
+}
+
+static void
+pci_tstdev_handle_cmd(PCITestDevState *pdev, hwaddr addr, uint64_t val,
+unsigned _unused_size)
+{
+uint64_t s = pci_tstdev_read64_reg(pdev, TST_REG_SRC_ADDR);
+uint64_t d = pci_tstdev_read64_reg(pdev, TST_REG_DST_ADDR);
+uint32_t size = pci_tstdev_read32_reg(pdev, TST_REG_SIZE);
+uint8_t buf[128];
+
+printf("+> src:%lx, dst:%lx size:%d\n",
+   s, d, size);
+while (size) {
+int nbytes = (size < sizeof(buf)) ? size: sizeof(buf);
+int ret = 0;
+printf("nbytes:%d\n", nbytes);
+if (val & CMD_READ) {
+printf("doing pci_dma_read\n");
+ret = pci_dma_read(&pdev->dev, s, (void*)buf, nbytes);
+}
+if (ret)
+return;
+
+if (val & CMD_WRITE) {
+printf("doing pci_dma_write\n");
+ret = pci_dma_write(&pdev->dev, d, (void*)buf, nbytes);
+}
+size -= nbytes;
+s += nbytes;
+d += nbytes;
+}
+}
+
+static void
+pci_tstdev_mmio_write(void *opaque, hwaddr addr,
+  uint64_t val, unsigned size)
+{
+PCITestDevState *d = opaque;
+uint64_t lo;
+
+printf("=

[Qemu-devel] [PATCH v2 4/9] hw: arm: Added SMMUv3 files for build

[Prem Mallappa]

Signed-off-by: Prem Mallappa 
---
 default-configs/aarch64-softmmu.mak | 1 +
 hw/arm/Makefile.objs| 1 +
 2 files changed, 2 insertions(+)

diff --git a/default-configs/aarch64-softmmu.mak 
b/default-configs/aarch64-softmmu.mak
index 2449483..83a2932 100644
--- a/default-configs/aarch64-softmmu.mak
+++ b/default-configs/aarch64-softmmu.mak
@@ -7,3 +7,4 @@ CONFIG_AUX=y
 CONFIG_DDC=y
 CONFIG_DPCD=y
 CONFIG_XLNX_ZYNQMP=y
+CONFIG_ARM_SMMUV3=y
diff --git a/hw/arm/Makefile.objs b/hw/arm/Makefile.objs
index 12764ef..5207e99 100644
--- a/hw/arm/Makefile.objs
+++ b/hw/arm/Makefile.objs
@@ -18,3 +18,4 @@ obj-$(CONFIG_FSL_IMX25) += fsl-imx25.o imx25_pdk.o
 obj-$(CONFIG_FSL_IMX31) += fsl-imx31.o kzm.o
 obj-$(CONFIG_FSL_IMX6) += fsl-imx6.o sabrelite.o
 obj-$(CONFIG_ASPEED_SOC) += ast2400.o palmetto-bmc.o
+obj-$(CONFIG_ARM_SMMUV3) += smmu-common.o smmu-v3.o
-- 
2.9.3

[Qemu-devel] [PATCH] Fix bsd-user build after d915b7bb

[Ed Maste]

Must include "qemu-version.h" for the QEMU_PKGVERSION definition.

Signed-off-by: Ed Maste 
---
 bsd-user/main.c | 1 +
 1 file changed, 1 insertion(+)

diff --git a/bsd-user/main.c b/bsd-user/main.c
index b4a0a00..0fb08e4 100644
--- a/bsd-user/main.c
+++ b/bsd-user/main.c
@@ -17,6 +17,7 @@
  *  along with this program; if not, see .
  */
 #include "qemu/osdep.h"
+#include "qemu-version.h"
 #include 
 
 #include "qapi/error.h"
-- 
2.8.1

Re: [Qemu-devel] [PATCH V6 1/6] oslib-posix: add helpers for stack alloc and free

[Richard Henderson]

On 08/22/2016 06:04 AM, Peter Lieven wrote:

+static size_t adjust_stack_size(size_t sz)
+{
+#ifdef _SC_THREAD_STACK_MIN
+/* avoid stacks smaller than _SC_THREAD_STACK_MIN */
+sz = MAX(MAX(sysconf(_SC_THREAD_STACK_MIN), 0), sz);
+#endif


You need to place the sysconf result into a local variable.  What you have now 
expands to 4 invocations of the function.


You might also consider passing in the pagesize, since you've already called 
getpagesize in one of the two users of this function.



r~

Re: [Qemu-devel] [PATCH] 9pfs: add check for relative path

[Peter Maydell]

On 22 August 2016 at 16:02, Michael S. Tsirkin  wrote:
> On Mon, Aug 22, 2016 at 10:23:19AM +0100, Peter Maydell wrote:
>> On 19 August 2016 at 18:30, Greg Kurz  wrote:
>> > Maybe the check can even be made in the top layer then. I should spend
>> > more time to see which is best.
>> >
>> > My main concern now is that, unlike I said on IRC, I'm afraid I won't be
>> > able to work on this before next Wednesday... :-\
>> >
>> > Hope it is not too late for 2.7...
>>
>> Opinions welcome on whether we need to hold 2.7 for this bug.
>>
>> thanks
>> -- PMM
>
> Not really sure, but balloon migration seems borken too,
> and I'm trying to fix it up.

I've tagged rc4 this afternoon, so we have a few days to
sort out non-rushed fixes for both this and your bug
if necessary, and decide whether we need an rc5 or can
postpone the fixes to 2.7.1.

In both cases getting patches on-list by midweek or
thereabouts would be good.

thanks
-- PMM

[Qemu-devel] [Bug 1605045] Re: input-linux enter key stuck and/or broken

[nivekuil]

I can confirm this bug on Linux 4.7.1 with QEMU 2.6.0.  A workaround is
to change to a different TTY and then back to the X display, which fixes
the enter key for the rest of the QEMU session.

-- 
You received this bug notification because you are a member of qemu-
devel-ml, which is subscribed to QEMU.
https://bugs.launchpad.net/bugs/1605045

Title:
  input-linux enter key stuck and/or broken

Status in QEMU:
  New

Bug description:
  Using new input-linux evdev passthrough feature of qemu (qemu 2.6.0)
  causes enter key to be stuck down after executing a shell script to
  launch qemu guest, resulting in repeated new lines in terminal. After
  a certain point of guest boot, the enter key is no longer pressed.
  However, at least under Gnome on Wayland, when pressing both
  left+right Ctrl keys to return keyboard back to the host, the enter
  key no longer functions. The enter key continues to function when
  control is under the guest, but never returns to functionality in the
  host until a reboot is performed.

To manage notifications about this bug go to:
https://bugs.launchpad.net/qemu/+bug/1605045/+subscriptions

Re: [Qemu-devel] [PATCH] 9pfs: add check for relative path

[Michael S. Tsirkin]

On Mon, Aug 22, 2016 at 10:23:19AM +0100, Peter Maydell wrote:
> On 19 August 2016 at 18:30, Greg Kurz  wrote:
> > Maybe the check can even be made in the top layer then. I should spend
> > more time to see which is best.
> >
> > My main concern now is that, unlike I said on IRC, I'm afraid I won't be
> > able to work on this before next Wednesday... :-\
> >
> > Hope it is not too late for 2.7...
> 
> Opinions welcome on whether we need to hold 2.7 for this bug.
> 
> thanks
> -- PMM

Not really sure, but balloon migration seems borken too,
and I'm trying to fix it up.

-- 
MST

Re: [Qemu-devel] [RFC PATCH 3/4] tcg/tests: Move mips test to arch specific folder

[Pranith Kumar]

On Mon, Aug 22, 2016 at 5:34 AM, Alex Bennée  wrote:
>
> Pranith Kumar  writes:
>
> You have transposed the tcg/tests in your subject for this particular commit.

I messed up the subject. I will fix this and resend.

-- 
Pranith

Re: [Qemu-devel] QEMU make: ROM is too large

[Peter Maydell]

On 19 August 2016 at 18:58, Thomas Hanson  wrote:
> Just pulled top of tree, make clean and make as follows:
> CFLAGS="-g3 -O0" ./configure  --enable-vhost-net --enable-virtfs
> make -j8
>
> Build fails with
[...]
>   CCqga/channel-posix.o
>   Signing optionrom/linuxboot_dma.bin
>   CCqga/qapi-generated/qga-qapi-types.o
> error: ROM is too large (2072 > 1536)
> make[1]: *** [linuxboot_dma.bin] Error 1
>
> Last commit in repo is:
>   commit 02b1ad881cbb1795029737a9077db60267dc0c6f
>   Merge: 5844365 156af3a
>   Author: Peter Maydell 
>   Date:   Thu Aug 18 14:42:51 2016 +0100
>
> Merge remote-tracking branch 'remotes/stefanha/tags/block-pull-request'
> into staging
>
> Nothing jumped out at me in a quick review of Makefiles, scripts, configs,
> etc.
>
> Any suggestions as to the source of the issue or how to fix it?

The first guess would be that trying to build unoptimized
has made the ROM images too big. (We have to give them a
fixed maximum size or migration breaks.) However commit
9d4cd7b4 is supposed to have fixed that.

You could try building with V=1 to print the full compiler
command lines to check that it has overridden the -O0
for building the ROMs.

PS: just passing --enable-debug to configure should
be sufficient to do a no-optimization debug-symbols
build; do you really need to manually specify
CFLAGS? I wonder whether you're ending up with two
-Osomething options in your CFLAGS which is then
confusing the "override with -O2" logic in the
pc-bios/optionrom/Makefile.

thanks
-- PMM

Re: [Qemu-devel] [PATCH 0/2] virtio: fix VirtQueue->inuse field

[Denis V. Lunev]

On 08/15/2016 08:54 AM, Stefan Hajnoczi wrote:

The VirtQueue->inuse field is not always updated correctly.  These patches fix
it.

Originally this series was called "virtio-balloon: fix stats vq migration" but
Ladi Prosek posted a nicer fix called "balloon: Fix failure of updating guest
memory status".  I dropped the virtio-balloon patches.

Changes from previous series:
  * Missing comma in error formatting [Fam]
  * virtio_descard() -> virtio_discard() [Michael]
  * Multi-line comment style [Cornelia]

Stefan Hajnoczi (2):
   virtio: recalculate vq->inuse after migration
   virtio: decrement vq->inuse in virtqueue_discard()

  hw/virtio/virtio.c | 16 
  1 file changed, 16 insertions(+)


these patches break 'make check' with the following:

GTESTER check-qtest-x86_64
Warning: path not on HugeTLBFS: /tmp/vhost-test-hRYeTb
Warning: path not on HugeTLBFS: /tmp/vhost-test-hRYeTb
Warning: path not on HugeTLBFS: /tmp/vhost-test-hRYeTb
qemu-system-x86_64: VQ 1 size 0x100 < last_avail_idx 0x0 - used_idx 0x1
qemu-system-x86_64: error while loading state for instance 0x0 of device 
':00:03.0/virtio-net'

qemu-system-x86_64: load of migration failed: Operation not permitted
Broken pipe
qemu-system-x86_64: Failed to read msg header. Read 0 instead of 12. 
Original request 11.

GTester: last random seed: R02S122f07a3fc35cfd5b0204e3eb45c61e6
qemu-system-x86_64: Failed to read msg header. Read 0 instead of 12. 
Original request 11.

Warning: path not on HugeTLBFS: /tmp/vhost-test-60WtDz
blkdebug: Suspended request 'A'
blkdebug: Resuming request 'A'
main-loop: WARNING: I/O thread spun for 1000 iterations
main-loop: WARNING: I/O thread spun for 1000 iterations
/home/den/src/git/qemu/tests/Makefile:400: recipe for target 
'check-qtest-x86_64' failed

make: *** [check-qtest-x86_64] Error 1
iris ~/src/git/qemu $

Sorry, if I have missed the fix in the list.

Den

Re: [Qemu-devel] [PATCH] 9pfs: add check for relative path

[Michael S. Tsirkin]

On Fri, Aug 19, 2016 at 06:03:29PM +0100, Peter Maydell wrote:
> On 19 August 2016 at 17:37, Greg Kurz  wrote:
> > Peter Maydell  wrote:
> >> If (1) is true and "only single path component" is a protocol
> >> requirement then probably we should be enforcing this at a
> >> higher layer than in 9p-local.c, ie in hw/9pfs/cofs.c.
> 
> > As we discussed on IRC, the / character isn't invalid per-se. It raises
> > issues with the local backend on a linux host but does not do harm with
> > other backends.
> >
> > The proxy backend also accesses the linux filesystem but since it
> > chroots to the export path, it does not hit the path traversal issue.
> 
> The proxy backend is not actually going to do the right thing with
> a component name containing a '/' though (which would be to really
> treat it as a filename or whatever with a '/', not to mis-interpret
> it as a combined directory-and-filename. For instance opening "foo/bar"
> ought to open a file named "foo/bar", not a file bar in directory foo,
> if we're going to accept it.) It might not be a security hole, but
> it still doesn't actually support '/' in filenames.
> 
> The handle backend also assumes '/' isn't in filenames.
> 
> 'synth' might be able to handle '/' I guess, but I'd want to
> audit the code before I put any weight on that assertion.
> 
> I don't really see the point in allowing a theoretical
> /-in-names-aware backend to interact with an equally theoretical
> /-in-names-aware frontend: nobody in practice is going to
> use this. The downside of support in the middle-layer code for
> this theoretical case is that we make it harder to write correct
> backends and easy to accidentally allow security holes.

FWIW I agree.

> I'd prefer it if we made the check in the middle layer and
> explicitly said "all QEMU 9p servers insist that '/' is not a
> valid character in filenames, and backend code can assume that
> the middle layer has validated this".
> 
> thanks
> -- PMM

Re: [Qemu-devel] [PATCH 3/7] qemu-img: add more conv= conversions to dd

[Reda Sallahi]

On Mon, Aug 22, 2016 at 09:35:26AM -0400, Stefan Hajnoczi wrote:
> On Mon, Aug 22, 2016 at 09:55:13AM +0200, Reda Sallahi wrote:
> > @@ -4325,20 +4388,43 @@ static int img_dd(int argc, char **argv)
> >  
> >  for (out_pos = out.offset * obsz; in_pos < size; block_count++) {
> >  int in_ret, out_ret;
> > +bsz = in.bsz;
> >  
> >  if (in_pos + in.bsz > size) {
> > -in_ret = blk_pread(blk1, in_pos, in.buf, size - in_pos);
> > -} else {
> > -in_ret = blk_pread(blk1, in_pos, in.buf, in.bsz);
> > +bsz = size - in_pos;
> > +}
> > +
> > +if (dd.conv & C_SYNC) {
> > +memset(in.buf, 0, in.bsz);
> >  }
> 
> Why is memset necessary?

When we set conv=noerror,sync sync tells dd to pad each block with NULs so
that if there is an error it preserves the size of the input read.

-- 
Reda

Re: [Qemu-devel] [Qemu-block] [PATCH 5/7] qemu-img: add status option to dd

[Stefan Hajnoczi]

On Mon, Aug 22, 2016 at 09:55:15AM +0200, Reda Sallahi wrote:
>  struct DdInfo {
>  unsigned int flags;
>  int64_t count;
>  unsigned int conv;
> +unsigned status;

For consistency please use "unsigned int" like you used for the flags
and conv fields above.

>  in.buf = g_new(uint8_t, in.bsz);
> +if (dd.status & C_STATUS_DEFAULT) {
> +gettimeofday(&starttv, NULL);

Please use qemu_gettimeofday() for portability.


signature.asc
Description: PGP signature

Re: [Qemu-devel] [PATCH 5/7] qemu-img: add status option to dd

[Reda Sallahi]

I should have checked the previous test suites because : 

Mon, Aug 22, 2016 at 09:55:15AM +0200, Reda Sallahi wrote:
>  
>  if (in.offset > INT64_MAX / ibsz || size < in.offset * ibsz) {
> -/* We give a warning if the skip option is bigger than the input
> - * size and create an empty output disk image (i.e. like dd(1)).
> - */
> -error_report("%s: cannot skip to specified offset", in.filename);
> -in_pos = size;
> +if (!(dd.status & C_STATUS_NONE)) {
> +/* We give a warning if the skip option is bigger than the input
> + * size and create an empty output disk image (i.e. like dd(1)).
> + */
> +error_report("%s: cannot skip to specified offset", in.filename);
> +in_pos = size;
> +}

in_pos = size should have gone outside of this last block. This means in_pos
is set to size only if dd.status != C_STATUS_NONE.

> +$QEMU_IMG compare "$TEST_IMG" "$TEST_IMG.out"

And also this should have been $TEST_IMG.out.dd.

I fixed this just now (and with a test file that also adds in skip and seek)
and will send it in the next version.

-- 
Reda

Re: [Qemu-devel] [PATCH 7/7] qemu-img: add a test suite for the count option

[Stefan Hajnoczi]

On Mon, Aug 22, 2016 at 09:55:17AM +0200, Reda Sallahi wrote:
> The count option for dd lacked a test suite so this adds one with four test
> cases.
> 
> Signed-off-by: Reda Sallahi 
> ---
>  tests/qemu-iotests/168 | 75 
> ++
>  tests/qemu-iotests/168.out | 51 +++
>  tests/qemu-iotests/group   |  1 +
>  3 files changed, 127 insertions(+)
>  create mode 100755 tests/qemu-iotests/168
>  create mode 100644 tests/qemu-iotests/168.out

Reviewed-by: Stefan Hajnoczi 


signature.asc
Description: PGP signature

Re: [Qemu-devel] [PATCH 6/7] qemu-img: clean up dd documentation

[Stefan Hajnoczi]

On Mon, Aug 22, 2016 at 09:55:16AM +0200, Reda Sallahi wrote:
> The dd section on qemu-img --help was a bit hard to read since it was not
> well aligned. This patch fixes the display problem and also makes the
> sentences on the .texi file more consistent with one another (uppercase and
> conjugasion).
> 
> Signed-off-by: Reda Sallahi 
> ---
>  qemu-img.c| 48 +---
>  qemu-img.texi | 48 
>  2 files changed, 49 insertions(+), 47 deletions(-)

Reviewed-by: Stefan Hajnoczi 


signature.asc
Description: PGP signature

Re: [Qemu-devel] [Qemu-block] [PATCH 4/7] qemu-img: delete not used variable and an unecessary check

[Stefan Hajnoczi]

On Mon, Aug 22, 2016 at 09:55:14AM +0200, Reda Sallahi wrote:
> block_count is not used in img_dd() and the C_SKIP check is unecessary so
> this patch removes both of them.
> 
> Signed-off-by: Reda Sallahi 
> ---
>  qemu-img.c | 7 +++
>  1 file changed, 3 insertions(+), 4 deletions(-)

Reviewed-by: Stefan Hajnoczi 


signature.asc
Description: PGP signature

Re: [Qemu-devel] [PATCH 3/7] qemu-img: add more conv= conversions to dd

[Stefan Hajnoczi]

On Mon, Aug 22, 2016 at 09:55:13AM +0200, Reda Sallahi wrote:
>  static int img_dd_conv(const char *arg,
> struct DdIo *in, struct DdIo *out,
> struct DdInfo *dd)
>  {
> -if (!strcmp(arg, "notrunc")) {
> -dd->conv |= C_NOTRUNC;
> -return 0;
> -} else {
> -error_report("invalid conversion: '%s'", arg);
> -return 1;
> +const char *tok;
> +char *str, *tmp;
> +int ret = 0;
> +const struct DdSymbols conv[] = {
> +{ "notrunc", C_NOTRUNC },
> +{ "sync", C_SYNC },
> +{ "noerror", C_NOERROR },
> +{ "fdatasync", C_FDATASYNC },
> +{ "fsync", C_FSYNC },
> +{ "excl", C_EXCL },
> +{ "nocreat", C_NOCREAT },
> +{ "sparse", C_SPARSE },
> +{ NULL, 0 }
> +};
> +
> +tmp = str = g_strdup(arg);
> +
> +while (tmp != NULL && !ret) {
> +tok = qemu_strsep(&tmp, ",");
> +int j;
> +for (j = 0; conv[j].name != NULL; j++) {
> +if (!strcmp(tok, conv[j].name)) {
> +if ((dd->conv | conv[j].value) & C_EXCL &&
> +(dd->conv | conv[j].value) & C_NOCREAT) {
> +error_report("cannot combine excl and nocreat");
> +ret = 1;
> +break;
> +}
> +dd->conv |= conv[j].value;
> +break;
> +}
> +}
> +if (conv[j].name == NULL) {
> +error_report("invalid conversion: '%s'", tok);
> +ret = 1;
> +}
>  }
> +
> +g_free(str);
> +return ret;
>  }

This function is very similar to img_dd_iflag/oflag.  The code
duplication can be avoided if you perform the (dd->conv | conv[j].value)
& C_EXCL && (dd->conv | conv[j].value) & C_NOCREAT later.

> @@ -4325,20 +4388,43 @@ static int img_dd(int argc, char **argv)
>  
>  for (out_pos = out.offset * obsz; in_pos < size; block_count++) {
>  int in_ret, out_ret;
> +bsz = in.bsz;
>  
>  if (in_pos + in.bsz > size) {
> -in_ret = blk_pread(blk1, in_pos, in.buf, size - in_pos);
> -} else {
> -in_ret = blk_pread(blk1, in_pos, in.buf, in.bsz);
> +bsz = size - in_pos;
> +}
> +
> +if (dd.conv & C_SYNC) {
> +memset(in.buf, 0, in.bsz);
>  }

Why is memset necessary?


signature.asc
Description: PGP signature

Re: [Qemu-devel] [PATCH 2/7] qemu-img: add iflag and oflag options to dd

[Stefan Hajnoczi]

On Mon, Aug 22, 2016 at 09:55:12AM +0200, Reda Sallahi wrote:
> +static int img_dd_oflag(const char *arg,
> +struct DdIo *in, struct DdIo *out,
> +struct DdInfo *dd)
> +{
> +const char *tok;
> +char *str, *tmp;
> +int ret = 0;
> +const struct DdSymbols flags[] = {
> +{ "direct", C_DIRECT },
> +{ "dsync", C_DSYNC },
> +{ "sync", C_IOFLAG_SYNC },
> +{ "seek_bytes", C_SEEK_BYTES },
> +{ NULL, 0 }
> +};
> +
> +tmp = str = g_strdup(arg);
> +
> +while (tmp != NULL && !ret) {
> +tok = qemu_strsep(&tmp, ",");
> +int j;
> +for (j = 0; flags[j].name != NULL; j++) {
> +if (!strcmp(tok, flags[j].name)) {
> +out->flags |= flags[j].value;
> +break;
> +}
> +}
> +if (flags[j].name == NULL) {
> +error_report("invalid output flag: '%s'", tok);
> +ret = 1;
> +}
> +}
> +
> +g_free(str);
> +return ret;
> +}

img_dd_iflag()/img_dd_oflag() are duplicated code.  I suggest a single
helper function that parses a DdSymbols array into a DdIo->flags field.
Then you can pass in either the iflag or the oflag DdSymbols arrays.

static int img_dd_oflag(const char *arg,
struct DdIo *in, struct DdIo *out,
struct DdInfo *dd)
{
return img_dd_xflag(arg, (DdSymbols[]){
{ "direct", C_DIRECT },
{ "dsync", C_DSYNC },
...
}, in);
}

static int img_dd_oflag(const char *arg,
struct DdIo *in, struct DdIo *out,
struct DdInfo *dd)
{
return img_dd_xflag(arg, (DdSymbols[]){
{ "direct", C_DIRECT },
{ "dsync", C_DSYNC },
...
}, out);
}


signature.asc
Description: PGP signature

Re: [Qemu-devel] [PATCH 1/7] qemu-img: add seek option to dd

[Stefan Hajnoczi]

On Mon, Aug 22, 2016 at 09:55:11AM +0200, Reda Sallahi wrote:
> This patch adds the seek option which allows qemu-img dd to skip a number of
> blocks on the output before copying the input.
> 
> A test case was added to test the seek option.
> 
> Signed-off-by: Reda Sallahi 
> ---
>  qemu-img-cmds.hx   |  4 +--
>  qemu-img.c | 45 +++-
>  qemu-img.texi  |  4 ++-
>  tests/qemu-iotests/161 | 73 
> ++
>  tests/qemu-iotests/161.out | 51 
>  tests/qemu-iotests/group   |  1 +
>  6 files changed, 167 insertions(+), 11 deletions(-)
>  create mode 100755 tests/qemu-iotests/161
>  create mode 100644 tests/qemu-iotests/161.out

Reviewed-by: Stefan Hajnoczi 


signature.asc
Description: PGP signature

[Qemu-devel] [PATCH V6 5/6] oslib-posix: add a configure switch to debug stack usage

[Peter Lieven]

this adds a knob to track the maximum stack usage of stacks
created by qemu_alloc_stack.

Signed-off-by: Peter Lieven 
Reviewed-by: Paolo Bonzini 
---
 configure  | 19 +++
 util/oslib-posix.c | 37 +
 2 files changed, 56 insertions(+)

diff --git a/configure b/configure
index 4b808f9..7e087c5 100755
--- a/configure
+++ b/configure
@@ -296,6 +296,7 @@ libiscsi=""
 libnfs=""
 coroutine=""
 coroutine_pool=""
+debug_stack_usage="no"
 seccomp=""
 glusterfs=""
 glusterfs_xlator_opt="no"
@@ -1005,6 +1006,8 @@ for opt do
   ;;
   --enable-coroutine-pool) coroutine_pool="yes"
   ;;
+  --enable-debug-stack-usage) debug_stack_usage="yes"
+  ;;
   --disable-docs) docs="no"
   ;;
   --enable-docs) docs="yes"
@@ -4306,6 +4309,17 @@ if test "$coroutine" = "gthread" -a "$coroutine_pool" = 
"yes"; then
   error_exit "'gthread' coroutine backend does not support pool (use 
--disable-coroutine-pool)"
 fi
 
+if test "$debug_stack_usage" = "yes"; then
+  if test "$cpu" = "ia64" -o "$cpu" = "hppa"; then
+error_exit "stack usage debugging is not supported for $cpu"
+  fi
+  if test "$coroutine_pool" = "yes"; then
+echo "WARN: disabling coroutine pool for stack usage debugging"
+coroutine_pool=no
+  fi
+fi
+
+
 ##
 # check if we have open_by_handle_at
 
@@ -4892,6 +4906,7 @@ echo "QGA MSI support   $guest_agent_msi"
 echo "seccomp support   $seccomp"
 echo "coroutine backend $coroutine"
 echo "coroutine pool$coroutine_pool"
+echo "debug stack usage $debug_stack_usage"
 echo "GlusterFS support $glusterfs"
 echo "Archipelago support $archipelago"
 echo "gcov  $gcov_tool"
@@ -5360,6 +5375,10 @@ else
   echo "CONFIG_COROUTINE_POOL=0" >> $config_host_mak
 fi
 
+if test "$debug_stack_usage" = "yes" ; then
+  echo "CONFIG_DEBUG_STACK_USAGE=y" >> $config_host_mak
+fi
+
 if test "$open_by_handle_at" = "yes" ; then
   echo "CONFIG_OPEN_BY_HANDLE=y" >> $config_host_mak
 fi
diff --git a/util/oslib-posix.c b/util/oslib-posix.c
index 76b028e..8869f6c 100644
--- a/util/oslib-posix.c
+++ b/util/oslib-posix.c
@@ -50,6 +50,10 @@
 
 #include "qemu/mmap-alloc.h"
 
+#ifdef CONFIG_DEBUG_STACK_USAGE
+#include "qemu/error-report.h"
+#endif
+
 int qemu_get_thread_id(void)
 {
 #if defined(__linux__)
@@ -514,6 +518,9 @@ static size_t adjust_stack_size(size_t sz)
 void *qemu_alloc_stack(size_t sz)
 {
 void *ptr, *guardpage;
+#ifdef CONFIG_DEBUG_STACK_USAGE
+void *ptr2;
+#endif
 size_t pagesz = getpagesize();
 sz = adjust_stack_size(sz);
 
@@ -537,11 +544,41 @@ void *qemu_alloc_stack(size_t sz)
 abort();
 }
 
+#ifdef CONFIG_DEBUG_STACK_USAGE
+for (ptr2 = ptr + pagesz; ptr2 < ptr + sz; ptr2 += sizeof(uint32_t)) {
+*(uint32_t *)ptr2 = 0xdeadbeaf;
+}
+#endif
+
 return ptr;
 }
 
+#ifdef CONFIG_DEBUG_STACK_USAGE
+static __thread unsigned int max_stack_usage;
+#endif
+
 void qemu_free_stack(void *stack, size_t sz)
 {
+#ifdef CONFIG_DEBUG_STACK_USAGE
+unsigned int usage;
+void *ptr;
+#endif
 sz = adjust_stack_size(sz);
+
+#ifdef CONFIG_DEBUG_STACK_USAGE
+for (ptr = stack + getpagesize(); ptr < stack + sz;
+ ptr += sizeof(uint32_t)) {
+if (*(uint32_t *)ptr != 0xdeadbeaf) {
+break;
+}
+}
+usage = sz - (uintptr_t) (ptr - stack);
+if (usage > max_stack_usage) {
+error_report("thread %d max stack usage increased from %u to %u",
+ qemu_get_thread_id(), max_stack_usage, usage);
+max_stack_usage = usage;
+}
+#endif
+
 munmap(stack, sz);
 }
-- 
1.9.1

[Qemu-devel] [PATCH V6 3/6] coroutine-ucontext: use helper for allocating stack memory

[Peter Lieven]

Signed-off-by: Peter Lieven 
Reviewed-by: Paolo Bonzini 
Reviewed-by: Richard Henderson 
---
 util/coroutine-ucontext.c | 9 -
 1 file changed, 4 insertions(+), 5 deletions(-)

diff --git a/util/coroutine-ucontext.c b/util/coroutine-ucontext.c
index 31254ab..b7dea8c 100644
--- a/util/coroutine-ucontext.c
+++ b/util/coroutine-ucontext.c
@@ -82,7 +82,6 @@ static void coroutine_trampoline(int i0, int i1)
 
 Coroutine *qemu_coroutine_new(void)
 {
-const size_t stack_size = COROUTINE_STACK_SIZE;
 CoroutineUContext *co;
 ucontext_t old_uc, uc;
 sigjmp_buf old_env;
@@ -101,17 +100,17 @@ Coroutine *qemu_coroutine_new(void)
 }
 
 co = g_malloc0(sizeof(*co));
-co->stack = g_malloc(stack_size);
+co->stack = qemu_alloc_stack(COROUTINE_STACK_SIZE);
 co->base.entry_arg = &old_env; /* stash away our jmp_buf */
 
 uc.uc_link = &old_uc;
 uc.uc_stack.ss_sp = co->stack;
-uc.uc_stack.ss_size = stack_size;
+uc.uc_stack.ss_size = COROUTINE_STACK_SIZE;
 uc.uc_stack.ss_flags = 0;
 
 #ifdef CONFIG_VALGRIND_H
 co->valgrind_stack_id =
-VALGRIND_STACK_REGISTER(co->stack, co->stack + stack_size);
+VALGRIND_STACK_REGISTER(co->stack, co->stack + COROUTINE_STACK_SIZE);
 #endif
 
 arg.p = co;
@@ -149,7 +148,7 @@ void qemu_coroutine_delete(Coroutine *co_)
 valgrind_stack_deregister(co);
 #endif
 
-g_free(co->stack);
+qemu_free_stack(co->stack, COROUTINE_STACK_SIZE);
 g_free(co);
 }
 
-- 
1.9.1

[Qemu-devel] [PATCH V6 4/6] coroutine-sigaltstack: use helper for allocating stack memory

[Peter Lieven]

Signed-off-by: Peter Lieven 
Reviewed-by: Paolo Bonzini 
Reviewed-by: Richard Henderson 
---
 util/coroutine-sigaltstack.c | 7 +++
 1 file changed, 3 insertions(+), 4 deletions(-)

diff --git a/util/coroutine-sigaltstack.c b/util/coroutine-sigaltstack.c
index 9c2854c..ccf4861 100644
--- a/util/coroutine-sigaltstack.c
+++ b/util/coroutine-sigaltstack.c
@@ -143,7 +143,6 @@ static void coroutine_trampoline(int signal)
 
 Coroutine *qemu_coroutine_new(void)
 {
-const size_t stack_size = COROUTINE_STACK_SIZE;
 CoroutineUContext *co;
 CoroutineThreadState *coTS;
 struct sigaction sa;
@@ -164,7 +163,7 @@ Coroutine *qemu_coroutine_new(void)
  */
 
 co = g_malloc0(sizeof(*co));
-co->stack = g_malloc(stack_size);
+co->stack = qemu_alloc_stack(COROUTINE_STACK_SIZE);
 co->base.entry_arg = &old_env; /* stash away our jmp_buf */
 
 coTS = coroutine_get_thread_state();
@@ -189,7 +188,7 @@ Coroutine *qemu_coroutine_new(void)
  * Set the new stack.
  */
 ss.ss_sp = co->stack;
-ss.ss_size = stack_size;
+ss.ss_size = COROUTINE_STACK_SIZE;
 ss.ss_flags = 0;
 if (sigaltstack(&ss, &oss) < 0) {
 abort();
@@ -253,7 +252,7 @@ void qemu_coroutine_delete(Coroutine *co_)
 {
 CoroutineUContext *co = DO_UPCAST(CoroutineUContext, base, co_);
 
-g_free(co->stack);
+qemu_free_stack(co->stack, COROUTINE_STACK_SIZE);
 g_free(co);
 }
 
-- 
1.9.1

[Qemu-devel] [PATCH V6 1/6] oslib-posix: add helpers for stack alloc and free

[Peter Lieven]

the allocated stack will be adjusted to the minimum supported stack size
by the OS and rounded up to be a multiple of the system pagesize.
Additionally an architecture dependent guard page is added to the stack
to catch stack overflows. The memory for the guard page is deductated from
stack memory so that the usable stack size is effectively reduced by the size
of one page. This is equivalent to how the glibc stack allocation routines
behave.

Signed-off-by: Peter Lieven 
---
 include/sysemu/os-posix.h | 27 +++
 util/oslib-posix.c| 46 ++
 2 files changed, 73 insertions(+)

diff --git a/include/sysemu/os-posix.h b/include/sysemu/os-posix.h
index 9c7dfdf..87e60fe 100644
--- a/include/sysemu/os-posix.h
+++ b/include/sysemu/os-posix.h
@@ -60,4 +60,31 @@ int qemu_utimens(const char *path, const qemu_timespec 
*times);
 
 bool is_daemonized(void);
 
+/**
+ * qemu_alloc_stack:
+ * @sz: size of required stack in bytes
+ *
+ * Allocate memory that can be used as a stack, for instance for
+ * coroutines. If the memory cannot be allocated, this function
+ * will abort (like g_malloc()). This function also inserts a
+ * guard page to catch a potential stack overflow. The memory
+ * for the guard page is deductated from stack memory so that
+ * the usable stack size is effectively sz bytes minus the size
+ * of one page.
+ *
+ * The allocated stack must be freed with qemu_free_stack().
+ *
+ * Returns: pointer to (the lowest address of) the stack memory.
+ */
+void *qemu_alloc_stack(size_t sz);
+
+/**
+ * qemu_free_stack:
+ * @stack: stack to free
+ * @sz: size of stack in bytes
+ *
+ * Free a stack allocated via qemu_alloc_stack().
+ */
+void qemu_free_stack(void *stack, size_t sz);
+
 #endif
diff --git a/util/oslib-posix.c b/util/oslib-posix.c
index f2d4e9e..76b028e 100644
--- a/util/oslib-posix.c
+++ b/util/oslib-posix.c
@@ -499,3 +499,49 @@ pid_t qemu_fork(Error **errp)
 }
 return pid;
 }
+
+static size_t adjust_stack_size(size_t sz)
+{
+#ifdef _SC_THREAD_STACK_MIN
+/* avoid stacks smaller than _SC_THREAD_STACK_MIN */
+sz = MAX(MAX(sysconf(_SC_THREAD_STACK_MIN), 0), sz);
+#endif
+/* adjust stack size to a multiple of the page size */
+sz = ROUND_UP(sz, getpagesize());
+return sz;
+}
+
+void *qemu_alloc_stack(size_t sz)
+{
+void *ptr, *guardpage;
+size_t pagesz = getpagesize();
+sz = adjust_stack_size(sz);
+
+ptr = mmap(NULL, sz, PROT_READ | PROT_WRITE,
+   MAP_PRIVATE | MAP_ANONYMOUS, -1, 0);
+if (ptr == MAP_FAILED) {
+abort();
+}
+
+#if defined(HOST_IA64)
+/* separate register stack */
+guardpage = ptr + (((sz - pagesz) / 2) & ~pagesz);
+#elif defined(HOST_HPPA)
+/* stack grows up */
+guardpage = ptr + sz - pagesz;
+#else
+/* stack grows down */
+guardpage = ptr;
+#endif
+if (mprotect(guardpage, pagesz, PROT_NONE) != 0) {
+abort();
+}
+
+return ptr;
+}
+
+void qemu_free_stack(void *stack, size_t sz)
+{
+sz = adjust_stack_size(sz);
+munmap(stack, sz);
+}
-- 
1.9.1

[Qemu-devel] [PATCH V6 6/6] coroutine: reduce stack size to 64kB

[Peter Lieven]

evaluation with the recently introduced maximum stack usage monitoring revealed
that the actual used stack size was never above 4kB so allocating 1MB stack
for each coroutine is a lot of wasted memory. So reduce the stack size to
64kB which should still give enough head room. The guard page added
in qemu_alloc_stack will catch a potential stack overflow introduced
by this commit.

Signed-off-by: Peter Lieven 
Reviewed-by: Eric Blake 
---
 include/qemu/coroutine_int.h | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/include/qemu/coroutine_int.h b/include/qemu/coroutine_int.h
index f62f83f..011910f 100644
--- a/include/qemu/coroutine_int.h
+++ b/include/qemu/coroutine_int.h
@@ -28,7 +28,7 @@
 #include "qemu/queue.h"
 #include "qemu/coroutine.h"
 
-#define COROUTINE_STACK_SIZE (1 << 20)
+#define COROUTINE_STACK_SIZE (1 << 16)
 
 typedef enum {
 COROUTINE_YIELD = 1,
-- 
1.9.1

[Qemu-devel] [PATCH V6 2/6] coroutine: add a macro for the coroutine stack size

[Peter Lieven]

Signed-off-by: Peter Lieven 
Reviewed-by: Paolo Bonzini 
Reviewed-by: Richard Henderson 
---
 include/qemu/coroutine_int.h | 2 ++
 util/coroutine-sigaltstack.c | 2 +-
 util/coroutine-ucontext.c| 2 +-
 util/coroutine-win32.c   | 2 +-
 4 files changed, 5 insertions(+), 3 deletions(-)

diff --git a/include/qemu/coroutine_int.h b/include/qemu/coroutine_int.h
index 581a7f5..f62f83f 100644
--- a/include/qemu/coroutine_int.h
+++ b/include/qemu/coroutine_int.h
@@ -28,6 +28,8 @@
 #include "qemu/queue.h"
 #include "qemu/coroutine.h"
 
+#define COROUTINE_STACK_SIZE (1 << 20)
+
 typedef enum {
 COROUTINE_YIELD = 1,
 COROUTINE_TERMINATE = 2,
diff --git a/util/coroutine-sigaltstack.c b/util/coroutine-sigaltstack.c
index a7c3366..9c2854c 100644
--- a/util/coroutine-sigaltstack.c
+++ b/util/coroutine-sigaltstack.c
@@ -143,7 +143,7 @@ static void coroutine_trampoline(int signal)
 
 Coroutine *qemu_coroutine_new(void)
 {
-const size_t stack_size = 1 << 20;
+const size_t stack_size = COROUTINE_STACK_SIZE;
 CoroutineUContext *co;
 CoroutineThreadState *coTS;
 struct sigaction sa;
diff --git a/util/coroutine-ucontext.c b/util/coroutine-ucontext.c
index 2bb7e10..31254ab 100644
--- a/util/coroutine-ucontext.c
+++ b/util/coroutine-ucontext.c
@@ -82,7 +82,7 @@ static void coroutine_trampoline(int i0, int i1)
 
 Coroutine *qemu_coroutine_new(void)
 {
-const size_t stack_size = 1 << 20;
+const size_t stack_size = COROUTINE_STACK_SIZE;
 CoroutineUContext *co;
 ucontext_t old_uc, uc;
 sigjmp_buf old_env;
diff --git a/util/coroutine-win32.c b/util/coroutine-win32.c
index 02e28e8..de6bd4f 100644
--- a/util/coroutine-win32.c
+++ b/util/coroutine-win32.c
@@ -71,7 +71,7 @@ static void CALLBACK coroutine_trampoline(void *co_)
 
 Coroutine *qemu_coroutine_new(void)
 {
-const size_t stack_size = 1 << 20;
+const size_t stack_size = COROUTINE_STACK_SIZE;
 CoroutineWin32 *co;
 
 co = g_malloc0(sizeof(*co));
-- 
1.9.1

[Qemu-devel] [PATCH V6 0/6] coroutine: mmap stack memory and stack size

[Peter Lieven]

I decided to split this from the rest of the Qemu RSS usage series as
it contains the more or less non contentious patches.

I omitted the MAP_GROWSDOWN flag in mmap as we are not 100% sure which
side effects it has.

I kept the guard page which is now nicely makes the stacks visible in
smaps. The old version of the relevent patch lacked the MAP_FIXED flag
in the second call to mmap.

The last patch which reduces the stack size of coroutines to 64kB
may be omitted if its found to risky.

v5->v6:
 - Patch 1: added info that the guard page is deducted from stack memory to
commit msg and headers [Stefan]
 - rebased to master

v4->v5:
 - Patch 1: check if _SC_THREAD_STACK_MIN is defined
 - Patch 1: guard against sysconf(_SC_THREAD_STACK_MIN) returning -1 [Eric]

v3->v4:
 - Patch 1: add a static function to adjust the stack size [Richard]
 - Patch 1: round up the stack size to multiple of the pagesize.

v2->v3:
 - Patch 1,6: adjusted commit message to mention the guard page [Markus]

v1->v2:
 - Patch 1: added an architecture dependend guard page [Richard]
 - Patch 1: avoid stacks smaller than _SC_THREAD_STACK_MIN [Richard]
 - Patch 1: use mmap+mprotect instead of mmap+mmap [Richard]
 - Patch 5: u_int32_t -> uint32_t [Richard]
 - Patch 5: only available if stack grows down

Peter Lieven (6):
  oslib-posix: add helpers for stack alloc and free
  coroutine: add a macro for the coroutine stack size
  coroutine-ucontext: use helper for allocating stack memory
  coroutine-sigaltstack: use helper for allocating stack memory
  oslib-posix: add a configure switch to debug stack usage
  coroutine: reduce stack size to 64kB

 configure| 19 ++
 include/qemu/coroutine_int.h |  2 ++
 include/sysemu/os-posix.h| 27 ++
 util/coroutine-sigaltstack.c |  7 ++--
 util/coroutine-ucontext.c|  9 +++--
 util/coroutine-win32.c   |  2 +-
 util/oslib-posix.c   | 83 
 7 files changed, 139 insertions(+), 10 deletions(-)

-- 
1.9.1

Re: [Qemu-devel] [Qemu-block] [PATCH v4] qemu-img: change opening method for the output in dd

[Stefan Hajnoczi]

On Sat, Aug 20, 2016 at 05:52:49PM +0200, Reda Sallahi wrote:
> +blk2 = blk_new_open(image_opts ? NULL : out.filename,
> +NULL, qoptions, BDRV_O_RDWR, NULL);

As mentioned in my reply to the previous version, please reuse
img_open() to avoid duplicating code.  You can extend img_open() if
necessary to suppress errors.


signature.asc
Description: PGP signature

Re: [Qemu-devel] [PATCH v3] qemu-img: change opening method for the output in dd

[Stefan Hajnoczi]

On Fri, Aug 19, 2016 at 09:06:08PM +0200, Reda Sallahi wrote:
> On Tue, Aug 16, 2016 at 12:09:06PM +0100, Stefan Hajnoczi wrote:
> > On Mon, Aug 15, 2016 at 02:11:49PM +0200, Reda Sallahi wrote:
> > > +blk2 = blk_new_open(image_opts ? NULL : out.filename,
> > > +NULL, qoptions, BDRV_O_RDWR, NULL);
> > 
> > This code duplicates a subset of img_open().  Why can't you use
> > img_open() or at least img_open_opts()/img_open_file()?
> 
> If I used img_open() here (or img_open_opts()/img_open_file() for that
> matter) it would have written on stderr that the file couldn't be opened
> here even though in this case it's not error if we can create the output
> image and open it later on.

Then img_open() should be extended so the caller can suppress the error
message or gets a Error object instead of output to stderr.

Stefan


signature.asc
Description: PGP signature

Re: [Qemu-devel] [PATCH] 9pfs: add check for relative path

[P J P]

  Hello Peter, all

+-- On Mon, 22 Aug 2016, Peter Maydell wrote --+
| Opinions welcome on whether we need to hold 2.7 for this bug.

  I'm going through the VirtFS details to figure out a best fix for this 
issue. Nonetheless, IMO we need not hold 2.7 release for this bug.

Thank you.
--
Prasad J Pandit / Red Hat Product Security Team
47AF CE69 3A90 54AA 9045 1053 DD13 3D32 FE5B 041F

Re: [Qemu-devel] [PULL 0/2] Net patches

[Peter Maydell]

On 22 August 2016 at 09:09, Jason Wang  wrote:
> The following changes since commit 5f9f818ea88a013b2464563be354dd2f0f316407:
>
>   test-logging: don't hard-code paths in /tmp (2016-08-19 12:44:11 +0100)
>
> are available in the git repository at:
>
>   https://github.com/jasowang/qemu.git tags/net-pull-request
>
> for you to fetch changes up to e0af5a0e8b74c674d29be3224b7ec16ba278e99c:
>
>   e1000e: remove internal interrupt flag (2016-08-22 16:06:08 +0800)
>
> 
>
> 

Applied, thanks.

-- PMM

Re: [Qemu-devel] travis builds: failing because of duff data in ccache cache?

[Peter Maydell]

On 22 August 2016 at 10:33, Alex Bennée  wrote:
> FWIW anyone who is a member of the QEMU project on Github should have
> the permissions to tweak the Travis caches for the project.

I thought about trying that, but Travis wanted a whole pile
of Github permissions I wasn't willing to give it just to
log in and do admin actions, so I didn't.

thanks
-- PMM

Re: [Qemu-devel] [RFC PATCH 3/4] tcg/tests: Move mips test to arch specific folder

[Alex Bennée]

Pranith Kumar  writes:

You have transposed the tcg/tests in your subject for this particular commit.

> Signed-off-by: Pranith Kumar 
> ---
>  tests/tcg/{ => mips}/hello-mips.c | 0
>  1 file changed, 0 insertions(+), 0 deletions(-)
>  rename tests/tcg/{ => mips}/hello-mips.c (100%)
>
> diff --git a/tests/tcg/hello-mips.c b/tests/tcg/mips/hello-mips.c
> similarity index 100%
> rename from tests/tcg/hello-mips.c
> rename to tests/tcg/mips/hello-mips.c


--
Alex Bennée

Re: [Qemu-devel] travis builds: failing because of duff data in ccache cache?

[Alex Bennée]

Peter Maydell  writes:

> Hi; since commit 4b887ae travis builds have been persistently
> failing on one particular config with the error:
> exec.o: could not read symbols: File truncated
> trying to link the mipsn32-linux-user binary.
>
> My theory is that the problem here is that:
>  * for one build, the build host ran out of disk space or otherwise
>hiccupped, resulting in a truncated .o file
>  * since travis saves the ccache cache across builds, the truncated .o
>file has persisted and now every build is going to fail the same
>way (until something gets committed that results in exec.c or one
>of its included headers changing)
>
> It looks like there's a way to manually clear the cache, so that
> seems like a good first step to see if it fixes things:
> https://docs.travis-ci.com/user/caching/#Clearing-Caches
>
> Could somebody with admin access to our travis config try this,
> please?

I've reset the cache for the master branch and restarted the build.

FWIW anyone who is a member of the QEMU project on Github should have
the permissions to tweak the Travis caches for the project.

>
> thanks
> -- PMM


--
Alex Bennée

Re: [Qemu-devel] [PATCH RFC v4 0/4] docker: Support building qemu-user powered docker test images

[no-reply]

---
Email generated automatically by Patchew [http://patchew.org/].
Please send your feedback to patchew-de...@freelists.org

Re: [Qemu-devel] [PATCH] 9pfs: add check for relative path

[Peter Maydell]

On 19 August 2016 at 18:30, Greg Kurz  wrote:
> Maybe the check can even be made in the top layer then. I should spend
> more time to see which is best.
>
> My main concern now is that, unlike I said on IRC, I'm afraid I won't be
> able to work on this before next Wednesday... :-\
>
> Hope it is not too late for 2.7...

Opinions welcome on whether we need to hold 2.7 for this bug.

thanks
-- PMM

Re: [Qemu-devel] [RFC PATCH 0/4] Clean up TCG tests

[Alex Bennée]

Peter Maydell  writes:

> On 21 August 2016 at 04:46, Pranith Kumar  wrote:
>> The tests currently fail, so I didn't think it would be appropriate to
>> hook them up.  If the rearrangement is acceptable and once I fix the
>> tests, I will hook up 'make check' to run these tests.
>
> So the question is: how will this work on systems which
> don't have the relevant compiler toolchain for the target?
> This has always been the stumbling block for tests which
> want to run guest code: it's just too much of a pain for
> most developers to have the toolchains available to build
> the guest code.

We could just make running the tests optional on ./configure finding the
relevant cross compilers. The misc/ tests at the very least can be built
with the host compiler and run on a host-to-host linux-user build.

>
> I have a vague idea that we could use something involving
> docker images so that you could define a test case including
> what the toolchain it needed to build was, and then have
> images so that in practice you could just use prebuilt
> binaries for the test blobs. But I haven't really thought
> much about it yet.

Currently the docker support doesn't allow copying artefacts from the
build. But you can certainly run a make target in a (potentially)
cross arch docker container now. For example:

  make docker-test-quick@debian-bootstrap \
EXTRA_CONFIGURE_OPTS="--enable-gprof --enable-gcov --disable-pie" \
J=9 V=1 DEBUG=1

If we fix up make test to build misc + host compiler directory then they
will get run by the binfmt_misc enabled linux-user binary that was
copied when the image was created. You can update the image with the
current image easily enough:

  ./tests/docker/docker.py update qmu:debian-bootstrap ./arm-linux-user/qemu-arm

>
> thanks
> -- PMM


--
Alex Bennée

Re: [Qemu-devel] [PATCH v3 03/10] aspeed-soc: provide a framework to add new SoCs

[Cédric Le Goater]

Hello Peter, 

On 08/12/2016 11:21 AM, Peter Maydell wrote:
> On 12 August 2016 at 09:33, Cédric Le Goater  wrote:
>> On 08/11/2016 12:14 PM, Peter Maydell wrote:
>>> board_id 0 means "I am an EBSA110", which this isn't,
>>> and your silicon rev values are completely out of range.
>>
>> OK. I was not aware of this. I will request new board ids for
>> the ast2400 and ast2500
> 
> Why do you need them? Anything new should be device-tree-only,
> and I would expect pushback from the kernel side if you
> try to allocate new stuff.

Sorry for the late answer, I was out in Brittany (and it was 
sunny).

I got confused by our aspeed kernel tree which still has some 
unmerged oddities. I will use -1 for the board ID.

Thanks,

C.

Re: [Qemu-devel] [PATCH v7] docs: add cpu-hotplug.txt

[Alexandre DERUMIER]

Hello,

I'm looking to implement cpu hotplug,

and I have a question about cpu flags

currently I have something like

-cpu qemu64,+lahf_lm,+sep,+kvm_pv_unhalt,+kvm_pv_eoi,enforce
-smp 4,sockets=2,cores=2,maxcpus=4


Does I need to define flags like:

-smp 2,sockets=2,cores=2,maxcpus=4
-device 
qemu64-x86_64-cpu,+lahf_lm,+sep,+kvm_pv_unhalt,+kvm_pv_eoi,enforce,id=cpu1,socket-id=1,core-id=1,thread-id=0
 
... 

?


Another question,
is -smp mandatory ?  (if I want coldplug all cpus)

-smp sockets=2,cores=2,maxcpus=4
-device qemu64-x86_64-cpu,id=cpu1,socket-id=1,core-id=1,thread-id=0 
-device qemu64-x86_64-cpu,id=cpu1,socket-id=1,core-id=2,thread-id=0 
-device qemu64-x86_64-cpu,id=cpu3,socket-id=2,core-id=1,thread-id=0 
-device qemu64-x86_64-cpu,id=cpu4,socket-id=2,core-id=2,thread-id=0 

or does I need minimum 1 non unplugable cpu

-smp 1,sockets=2,cores=2,maxcpus=4
-device qemu64-x86_64-cpu,id=cpu1,socket-id=1,core-id=2,thread-id=0 
-device qemu64-x86_64-cpu,id=cpu3,socket-id=2,core-id=1,thread-id=0 
-device qemu64-x86_64-cpu,id=cpu4,socket-id=2,core-id=2,thread-id=0 



Regards,

Alexandre



- Mail original -
De: "Dou Liyang" 
À: "qemu-devel" 
Cc: "Dou Liyang" , drjo...@redhat.com, "ehabkost" 
, "Markus Armbruster" , 
bhar...@linux.vnet.ibm.com, "Fam Zheng" , "Igor Mammedov" 
, da...@gibson.dropbear.id.au
Envoyé: Jeudi 18 Août 2016 03:50:50
Objet: [Qemu-devel] [PATCH v7] docs: add cpu-hotplug.txt

This document describes how to use cpu hotplug in QEMU. 

Signed-off-by: Dou Liyang  
Reviewed-by: Andrew Jones  
--- 
Change log v6 -> v7 
>From Bharata's advice 
1. add "qom_path" property explanation for 
"info hotpluggable-cpus" command 
>From drew's advice 
1. Fix some spelling mistake 

Change log v5 -> v6 
>From drew's advice 
1. Fix some spelling and grammar mistakes 

Change log v4 -> v5 
1. add an example for sPAPR 
>From Bharata's advice 
1. Fix the examples 

Change log v3 -> v4 
>From David's advice 
1. add spapr examples 
2. Fix some comment 
>From drew's advice 
1. Fix some syntax 

Change log v2 -> v3: 
>From drew's advice: 
1. modify the examples. 
2. Fix some syntax. 

Change log v1 -> v2: 
>From Fam's advice: 
1. Fix some comment. 

Change log v1: 
>From Igor's advice: 
1. Remove any mentioning of apic-id from the document. 
2. Remove the "device_del qom_path" from the CPU hot-unplug. 
3. Fix some comment. 

docs/cpu-hotplug.txt | 156 +++ 
1 file changed, 156 insertions(+) 
create mode 100644 docs/cpu-hotplug.txt 

diff --git a/docs/cpu-hotplug.txt b/docs/cpu-hotplug.txt 
new file mode 100644 
index 000..3667641 
--- /dev/null 
+++ b/docs/cpu-hotplug.txt 
@@ -0,0 +1,156 @@ 
+QEMU CPU hotplug 
+ 
+ 
+This document explains how to use the CPU hotplug feature in QEMU, 
+which regards the CPU as a device, using -device/device_add and 
+device_del. 
+ 
+QEMU support was merged for 2.7. 
+ 
+Guest support is required for CPU hotplug to work. 
+ 
+CPU hot-plug 
+ 
+ 
+In order to be able to hotplug CPUs, QEMU has to be told the maximum 
+number of CPUs which the guest can have. This is done at startup time 
+by means of the -smp command-line option, which has the following 
+format: 
+ 
+ -smp [cpus=]n[,maxcpus=cpus][,cores=cores][,threads=threads] 
+ [,sockets=sockets] 
+ 
+where, 
+ 
+ - "cpus" sets the number of CPUs to 'n' [default=1]. 
+ - "maxcpus" sets the maximum number of CPUs, including offline VCPUs 
+ for hotplug. 
+ - "sockets" sets the number of discrete sockets in the system. 
+ - "cores" sets the number of CPU cores on one socket. 
+ - "threads" sets the number of threads on one CPU core. 
+ 
+For example, the following command-line: 
+ 
+ qemu [...] -smp 4,maxcpus=8,sockets=2,cores=2,threads=2 
+ 
+creates a guest with 4 VCPUs and supports up to 8 VCPUs. The CPU topology 
+is sockets (2) * cores (2) * threads (2) and should compute a number of 
+slots exactly equal to maxcpus. A computed number of slots greater than 
+maxcpus will result in error. When the guest finishes loading, the guest 
+will see 4 VCPUs. More of this below. 
+ 
+Query available CPU objects 
+--- 
+ 
+To add a VCPU, it must be identified by socket-id, core-id, and/or 
+thread-id parameters. 
+ 
+Before adding the VCPU, we should know the topology parameters, so 
+that we can find the available location (socket,core,thread) for a 
+new VCPU. 
+ 
+Use the HMP command "info hotpluggable-cpus" to obtain them, for example: 
+ 
+ (qemu) info hotpluggable-cpus 
+ 
+lists all CPUs including the present and possible hot-pluggable CPUs. 
+Such as this: 
+ 
+ ... 
+ type: "qemu64-x86_64-cpu" 
+ vcpus_count: "1" 
+ CPUInstance Properties: 
+ socket-id: "1" 
+ core-id: "0" 
+ thread-id: "0" 
+ type: "qemu64-x86_64-cpu" 
+ vcpus_count: "1" 
+ qom_path: "/machine/unattached/device[4]" 
+ CPUInstance Properties: 
+ socket-id: "0" 
+ core-id: "1" 
+ thread-id: "1" 
+ ... 
+ 
+or 
+ 
+ ... 
+ type: "POWER7_v2.3-spapr-cpu

Re: [Qemu-devel] [Qemu-block] [PATCH] atapi: allow 0 transfer bytes for read_cd command

[Kevin Wolf]

Am 21.08.2016 um 23:16 hat Hervé Poussineau geschrieben:
> Le 18/08/2016 à 16:24, Kevin Wolf a écrit :
> >Hm, which of the paths in cmd_read_cd() does this hit? Is it the one
> >that directly calls ide_atapi_cmd_ok() without doing anything?
> 
> This is in ide_atapi_cmd, at line:
> if (cmd->handler && !(cmd->flags & NONDATA)) {
> handler is cmd_read_cd and flags doesn't contain NONDATA and 
> atapi_byte_count_limit is 0 and atapi_dma is false, so command is aborted.
> Adding NONDATA flag prevents this command abort.
> 
> >
> >I think adding NONDATA is okay, but we may need to add explicit
> >atapi_byte_count_limit() == 0 checks to those paths that do transfer
> >some data. At least at first sight I'm not sure that
> >ide_atapi_cmd_read() can handle this.
> >
> 
> ATAPI packet is:
> ATAPI limit=0x0 packet: be 00 00 00 00 00 00 00 00 00 00 00
> Note that byte count limit is 0x0.
> I also checked that s->packet_dma is false.
> 
> cmd_read_cd calculates nb_sectors using buf[6], buf[7] and buf[8] => 
> nb_sectors = 0.
> There is a specific case in cmd_read_cd if nb_sectors == 0, which succeeds 
> the command.
> 
> So, we have four cases:
> a) byte limit == 0 && nb_sectors == 0 -> used by NT4, currently is aborting 
> the command in ide_atapi_cmd
> b) byte limit == 0 && nb_sectors != 0 -> command is aborted in ide_atapi_cmd
> c) byte limit != 0 && nb_sectors == 0 -> command succeeds in cmd_read_cd
> d) byte limit != 0 && nb_sectors != 0 -> usual case, works fine
> 
> Maybe we should add NONDATA flag for cmd_read_cd command, and add on top of 
> cmd_read_cd
> - if nb_sectors == 0, succeed command (for cases a and c)
> - if byte limit == 0 && nb_sectors != 0, abort command (for case b)
> - otherwise, process as usual (for case d)

Yes, for the part about nb_sectors, this sounds about right.

I see annother immediate ide_atapi_cmd_ok() in the switch for
(transfer_request & 0xf8 == 0).  I think this needs to be considered in
the check as well.

Kevin

[Qemu-devel] [PULL 1/2] slirp: fix segv when init failed

[Jason Wang]

From: Marc-André Lureau 

Since commit f6c2e66ae8c8a, slirp uses an exit notifier to call
slirp_smb_cleanup. However, if init() failed, the notifier isn't added,
and removing it will fail:

==18447== Invalid write of size 8
==18447==at 0x7EF2B5: notifier_remove (notify.c:32)
==18447==by 0x48E80C: qemu_remove_exit_notifier (vl.c:2661)
==18447==by 0x6A2187: net_slirp_cleanup (slirp.c:134)
==18447==by 0x69419D: qemu_cleanup_net_client (net.c:338)
==18447==by 0x69445B: qemu_del_net_client (net.c:401)
==18447==by 0x6A2B81: net_slirp_init (slirp.c:366)
==18447==by 0x6A4241: net_init_slirp (slirp.c:865)
==18447==by 0x695C6D: net_client_init1 (net.c:1051)
==18447==by 0x695F6E: net_client_init (net.c:1108)
==18447==by 0x696DBA: net_init_netdev (net.c:1498)
==18447==by 0x7F1F99: qemu_opts_foreach (qemu-option.c:1116)
==18447==by 0x696E60: net_init_clients (net.c:1516)
==18447==  Address 0x0 is not stack'd, malloc'd or (recently) free'd

Signed-off-by: Marc-André Lureau 
Signed-off-by: Jason Wang 
---
 net/slirp.c | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

diff --git a/net/slirp.c b/net/slirp.c
index facc30e..b60893f 100644
--- a/net/slirp.c
+++ b/net/slirp.c
@@ -131,7 +131,9 @@ static void net_slirp_cleanup(NetClientState *nc)
 SlirpState *s = DO_UPCAST(SlirpState, nc, nc);
 
 slirp_cleanup(s->slirp);
-qemu_remove_exit_notifier(&s->exit_notifier);
+if (s->exit_notifier.notify) {
+qemu_remove_exit_notifier(&s->exit_notifier);
+}
 slirp_smb_cleanup(s);
 QTAILQ_REMOVE(&slirp_stacks, s, entry);
 }
-- 
2.7.4

[Qemu-devel] [PULL 2/2] e1000e: remove internal interrupt flag

[Jason Wang]

From: Cao jin 

Commit 66bf7d58 removed internal msi state flag E1000E_USE_MSI, E1000E_USE_MSIX
is not necessary too, remove it now. And interrupt flag field intr_state also
can be removed now.

CC: Dmitry Fleytman 
CC: Jason Wang 
CC: Markus Armbruster 
CC: Marcel Apfelbaum 
CC: Michael S. Tsirkin 
CC: Paolo Bonzini 
Signed-off-by: Cao jin 
Reviewed-by: Markus Armbruster 
Acked-by: Dmitry Fleytman 
Reviewed-by: Paolo Bonzini 
Signed-off-by: Jason Wang 
---
 hw/net/e1000e.c | 8 +---
 1 file changed, 1 insertion(+), 7 deletions(-)

diff --git a/hw/net/e1000e.c b/hw/net/e1000e.c
index d001c96..bad43f4 100644
--- a/hw/net/e1000e.c
+++ b/hw/net/e1000e.c
@@ -69,7 +69,6 @@ typedef struct E1000EState {
 uint16_t subsys_ven_used;
 uint16_t subsys_used;
 
-uint32_t intr_state;
 bool disable_vnet;
 
 E1000ECore core;
@@ -89,8 +88,6 @@ typedef struct E1000EState {
 #define E1000E_MSIX_TABLE   (0x)
 #define E1000E_MSIX_PBA (0x2000)
 
-#define E1000E_USE_MSIXBIT(0)
-
 static uint64_t
 e1000e_mmio_read(void *opaque, hwaddr addr, unsigned size)
 {
@@ -302,8 +299,6 @@ e1000e_init_msix(E1000EState *s)
 } else {
 if (!e1000e_use_msix_vectors(s, E1000E_MSIX_VEC_NUM)) {
 msix_uninit(d, &s->msix, &s->msix);
-} else {
-s->intr_state |= E1000E_USE_MSIX;
 }
 }
 }
@@ -311,7 +306,7 @@ e1000e_init_msix(E1000EState *s)
 static void
 e1000e_cleanup_msix(E1000EState *s)
 {
-if (s->intr_state & E1000E_USE_MSIX) {
+if (msix_enabled(PCI_DEVICE(s))) {
 e1000e_unuse_msix_vectors(s, E1000E_MSIX_VEC_NUM);
 msix_uninit(PCI_DEVICE(s), &s->msix, &s->msix);
 }
@@ -601,7 +596,6 @@ static const VMStateDescription e1000e_vmstate = {
 VMSTATE_MSIX(parent_obj, E1000EState),
 
 VMSTATE_UINT32(ioaddr, E1000EState),
-VMSTATE_UINT32(intr_state, E1000EState),
 VMSTATE_UINT32(core.rxbuf_min_shift, E1000EState),
 VMSTATE_UINT8(core.rx_desc_len, E1000EState),
 VMSTATE_UINT32_ARRAY(core.rxbuf_sizes, E1000EState,
-- 
2.7.4

[Qemu-devel] [PULL 0/2] Net patches

[Jason Wang]

The following changes since commit 5f9f818ea88a013b2464563be354dd2f0f316407:

  test-logging: don't hard-code paths in /tmp (2016-08-19 12:44:11 +0100)

are available in the git repository at:

  https://github.com/jasowang/qemu.git tags/net-pull-request

for you to fetch changes up to e0af5a0e8b74c674d29be3224b7ec16ba278e99c:

  e1000e: remove internal interrupt flag (2016-08-22 16:06:08 +0800)




Cao jin (1):
  e1000e: remove internal interrupt flag

Marc-André Lureau (1):
  slirp: fix segv when init failed

 hw/net/e1000e.c | 8 +---
 net/slirp.c | 4 +++-
 2 files changed, 4 insertions(+), 8 deletions(-)

[Qemu-devel] [PATCH 4/7] qemu-img: delete not used variable and an unecessary check

[Reda Sallahi]

block_count is not used in img_dd() and the C_SKIP check is unecessary so
this patch removes both of them.

Signed-off-by: Reda Sallahi 
---
 qemu-img.c | 7 +++
 1 file changed, 3 insertions(+), 4 deletions(-)

diff --git a/qemu-img.c b/qemu-img.c
index ae3828e..cf78dfe 100644
--- a/qemu-img.c
+++ b/qemu-img.c
@@ -4093,7 +4093,7 @@ static int img_dd(int argc, char **argv)
 const char *out_fmt = "raw";
 const char *fmt = NULL;
 int64_t size = 0, out_size = 0;
-int64_t block_count = 0, out_pos, in_pos, sparse_count = 0;
+int64_t out_pos, in_pos, sparse_count = 0;
 bool writethrough = false;
 int flags = 0;
 int ibsz = 0, obsz = 0, bsz;
@@ -4373,8 +4373,7 @@ static int img_dd(int argc, char **argv)
 }
 }
 
-if (dd.flags & C_SKIP && (in.offset > INT64_MAX / ibsz ||
-  size < in.offset * ibsz)) {
+if (in.offset > INT64_MAX / ibsz || size < in.offset * ibsz) {
 /* We give a warning if the skip option is bigger than the input
  * size and create an empty output disk image (i.e. like dd(1)).
  */
@@ -4386,7 +4385,7 @@ static int img_dd(int argc, char **argv)
 
 in.buf = g_new(uint8_t, in.bsz);
 
-for (out_pos = out.offset * obsz; in_pos < size; block_count++) {
+for (out_pos = out.offset * obsz; in_pos < size;) {
 int in_ret, out_ret;
 bsz = in.bsz;
 
-- 
2.9.3

[Qemu-devel] [PATCH 7/7] qemu-img: add a test suite for the count option

[Reda Sallahi]

The count option for dd lacked a test suite so this adds one with four test
cases.

Signed-off-by: Reda Sallahi 
---
 tests/qemu-iotests/168 | 75 ++
 tests/qemu-iotests/168.out | 51 +++
 tests/qemu-iotests/group   |  1 +
 3 files changed, 127 insertions(+)
 create mode 100755 tests/qemu-iotests/168
 create mode 100644 tests/qemu-iotests/168.out

diff --git a/tests/qemu-iotests/168 b/tests/qemu-iotests/168
new file mode 100755
index 000..3ed655e
--- /dev/null
+++ b/tests/qemu-iotests/168
@@ -0,0 +1,75 @@
+#! /bin/bash
+#
+# qemu-img dd test for count option
+#
+# Copyright (C) 2016 Reda Sallahi
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation; either version 2 of the License, or
+# (at your option) any later version.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program.  If not, see .
+#
+
+owner=fullma...@gmail.com
+
+seq="$(basename $0)"
+echo "QA output created by $seq"
+
+here="$PWD"
+status=1
+
+_cleanup()
+{
+_cleanup_test_img
+rm -f "$TEST_IMG.out" "$TEST_IMG.out.dd"
+}
+trap "_cleanup; exit \$status" 0 1 2 3 15
+
+. ./common.rc
+. ./common.filter
+. ./common.pattern
+
+_supported_fmt raw
+_supported_proto file
+_supported_os Linux
+
+TEST_COUNT_BLOCKS="1 4 19 43K"
+
+for count in $TEST_COUNT_BLOCKS; do
+echo
+echo "== Creating image =="
+
+size=1M
+_make_test_img $size
+_check_test_img
+
+$QEMU_IO -c "write -P 0xa 565k 384k" "$TEST_IMG" | _filter_qemu_io
+
+echo
+echo "== Converting the image with dd with count=$count =="
+
+$QEMU_IMG dd if="$TEST_IMG" of="$TEST_IMG.out" count=$count \
+  -O "$IMGFMT" status=none conv=notrunc
+
+TEST_IMG="$TEST_IMG.out" _check_test_img
+
+dd if="$TEST_IMG" of="$TEST_IMG.out.dd" count=$count status=none
+
+echo
+echo "== Compare the images with qemu-img compare =="
+
+$QEMU_IMG compare "$TEST_IMG.out.dd" "$TEST_IMG.out"
+done
+
+echo
+echo "*** done"
+rm -f "$seq.full"
+status=0
diff --git a/tests/qemu-iotests/168.out b/tests/qemu-iotests/168.out
new file mode 100644
index 000..768a687
--- /dev/null
+++ b/tests/qemu-iotests/168.out
@@ -0,0 +1,51 @@
+QA output created by 168
+
+== Creating image ==
+Formatting 'TEST_DIR/t.IMGFMT', fmt=IMGFMT size=1048576
+No errors were found on the image.
+wrote 393216/393216 bytes at offset 578560
+384 KiB, X ops; XX:XX:XX.X (XXX YYY/sec and XXX ops/sec)
+
+== Converting the image with dd with count=1 ==
+No errors were found on the image.
+
+== Compare the images with qemu-img compare ==
+Images are identical.
+
+== Creating image ==
+Formatting 'TEST_DIR/t.IMGFMT', fmt=IMGFMT size=1048576
+No errors were found on the image.
+wrote 393216/393216 bytes at offset 578560
+384 KiB, X ops; XX:XX:XX.X (XXX YYY/sec and XXX ops/sec)
+
+== Converting the image with dd with count=4 ==
+No errors were found on the image.
+
+== Compare the images with qemu-img compare ==
+Images are identical.
+
+== Creating image ==
+Formatting 'TEST_DIR/t.IMGFMT', fmt=IMGFMT size=1048576
+No errors were found on the image.
+wrote 393216/393216 bytes at offset 578560
+384 KiB, X ops; XX:XX:XX.X (XXX YYY/sec and XXX ops/sec)
+
+== Converting the image with dd with count=19 ==
+No errors were found on the image.
+
+== Compare the images with qemu-img compare ==
+Images are identical.
+
+== Creating image ==
+Formatting 'TEST_DIR/t.IMGFMT', fmt=IMGFMT size=1048576
+No errors were found on the image.
+wrote 393216/393216 bytes at offset 578560
+384 KiB, X ops; XX:XX:XX.X (XXX YYY/sec and XXX ops/sec)
+
+== Converting the image with dd with count=43K ==
+No errors were found on the image.
+
+== Compare the images with qemu-img compare ==
+Images are identical.
+
+*** done
diff --git a/tests/qemu-iotests/group b/tests/qemu-iotests/group
index fbe0ffe..9e47975 100644
--- a/tests/qemu-iotests/group
+++ b/tests/qemu-iotests/group
@@ -167,3 +167,4 @@
 165 rw auto quick
 166 rw auto quick
 167 rw auto quick
+168 rw auto quick
-- 
2.9.3

[Qemu-devel] [PATCH 5/7] qemu-img: add status option to dd

[Reda Sallahi]

This patch adds the status option to the subcommand dd. With this dd will
display by default the number of blocks read/written, the transfer rate, etc.
like dd(1).

The noxfer and none levels will allow the user to surpress the final transfer
statistics and everything except error messages respectively.

A test case was added to test the status option.

Signed-off-by: Reda Sallahi 
---
 qemu-img-cmds.hx   |  4 +--
 qemu-img.c | 90 ++
 qemu-img.texi  |  9 -
 tests/qemu-iotests/159 |  2 +-
 tests/qemu-iotests/160 |  2 +-
 tests/qemu-iotests/161 |  2 +-
 tests/qemu-iotests/163 |  4 +--
 tests/qemu-iotests/164 |  4 +--
 tests/qemu-iotests/165 | 11 +++---
 tests/qemu-iotests/166 |  2 +-
 tests/qemu-iotests/167 | 77 +++
 tests/qemu-iotests/167.out | 17 +
 tests/qemu-iotests/group   |  1 +
 13 files changed, 202 insertions(+), 23 deletions(-)
 create mode 100755 tests/qemu-iotests/167
 create mode 100644 tests/qemu-iotests/167.out

diff --git a/qemu-img-cmds.hx b/qemu-img-cmds.hx
index 933ce3c..6315c64 100644
--- a/qemu-img-cmds.hx
+++ b/qemu-img-cmds.hx
@@ -46,9 +46,9 @@ STEXI
 ETEXI
 
 DEF("dd", img_dd,
-"dd [--image-opts] [-f fmt] [-O output_fmt] [bs=block_size] [count=blocks] 
[skip=blocks] [seek=blocks] [conv=convs] [iflag=flags] [oflag=flags] if=input 
of=output")
+"dd [--image-opts] [-f fmt] [-O output_fmt] [bs=block_size] [count=blocks] 
[skip=blocks] [seek=blocks] [conv=convs] [iflag=flags] [oflag=flags] 
[status=level] if=input of=output")
 STEXI
-@item dd [--image-opts] [-f @var{fmt}] [-O @var{output_fmt}] 
[bs=@var{block_size}] [count=@var{blocks}] [skip=@var{blocks}] 
[seek=@var{blocks}] [conv=@var{convs}] [iflag=@var{flags}] [oflag=@var{flags}] 
if=@var{input} of=@var{output}
+@item dd [--image-opts] [-f @var{fmt}] [-O @var{output_fmt}] 
[bs=@var{block_size}] [count=@var{blocks}] [skip=@var{blocks}] 
[seek=@var{blocks}] [conv=@var{convs}] [iflag=@var{flags}] [oflag=@var{flags}] 
[status=@var{level}] if=@var{input} of=@var{output}
 ETEXI
 
 DEF("info", img_info,
diff --git a/qemu-img.c b/qemu-img.c
index cf78dfe..00b15c5 100644
--- a/qemu-img.c
+++ b/qemu-img.c
@@ -178,7 +178,11 @@ static void QEMU_NORETURN help(void)
"  'seek=N' seek N bs-sized blocks at the start of output\n"
"  'conv=CONVS' do not truncate the output file\n"
"  'iflags=FLAGS' read using the comma-separated flags list\n"
-   "  'oflags=FLAGS' read using the comma-separated flags list\n\n"
+   "  'oflags=FLAGS' read using the comma-separated flags list\n"
+   "  'status=LEVEL' the LEVEL of information to print to stderr\n\n"
+   "List of LEVELS for dd:\n"
+   "  'none'   surpresses everything but error messages\n"
+   "  'noxfer' surpresses the final transfer statistics\n\n"
"List of CONVS for dd:\n"
"  'notrunc'   do not truncate the output file\n"
"  'noerror'   continue in the event of read errors\n"
@@ -3832,11 +3836,13 @@ out:
 #define C_CONV0100
 #define C_IFLAG   0200
 #define C_OFLAG   0400
+#define C_STATUS  01000
 
 struct DdInfo {
 unsigned int flags;
 int64_t count;
 unsigned int conv;
+unsigned status;
 };
 
 struct DdIo {
@@ -4077,6 +4083,31 @@ static int img_dd_oflag(const char *arg,
 return ret;
 }
 
+#define C_STATUS_DEFAULT  00
+#define C_STATUS_NONE 01
+#define C_STATUS_NOXFER   02
+
+static int img_dd_status(const char *arg,
+ struct DdIo *in, struct DdIo *out,
+ struct DdInfo *dd)
+{
+const struct DdSymbols dd_status[] = {
+{ "none", C_STATUS_NONE },
+{ "noxfer", C_STATUS_NOXFER },
+{ NULL, 0 }
+};
+
+for (int j = 0; dd_status[j].name != NULL; j++) {
+if (!strcmp(arg, dd_status[j].name)) {
+dd->status = dd_status[j].value;
+return 0;
+}
+}
+
+error_report("invalid status level: '%s'", arg);
+return 1;
+}
+
 static int img_dd(int argc, char **argv)
 {
 int ret = 0;
@@ -4094,13 +4125,16 @@ static int img_dd(int argc, char **argv)
 const char *fmt = NULL;
 int64_t size = 0, out_size = 0;
 int64_t out_pos, in_pos, sparse_count = 0;
+int64_t in_read = 0, out_wrt = 0; /* Read/write count for status= */
 bool writethrough = false;
 int flags = 0;
 int ibsz = 0, obsz = 0, bsz;
+struct timeval starttv, endtv;
 struct DdInfo dd = {
 .flags = 0,
 .count = 0,
-.conv = 0
+.conv = 0,
+.status = C_STATUS_DEFAULT
 };
 struct DdIo in = {
 .bsz = 512, /* Block size is by default 512 bytes */
@@ -4127,6 +4161,7 @@ static int img_dd(int argc, char **argv)
 { "conv", img_dd_conv, C_CONV },
 { "iflag", img_dd_iflag, C_IFLAG },
 { "oflag", img_dd_oflag, C_OFLAG },
+

[Qemu-devel] [PATCH 1/7] qemu-img: add seek option to dd

[Reda Sallahi]

This patch adds the seek option which allows qemu-img dd to skip a number of
blocks on the output before copying the input.

A test case was added to test the seek option.

Signed-off-by: Reda Sallahi 
---
 qemu-img-cmds.hx   |  4 +--
 qemu-img.c | 45 +++-
 qemu-img.texi  |  4 ++-
 tests/qemu-iotests/161 | 73 ++
 tests/qemu-iotests/161.out | 51 
 tests/qemu-iotests/group   |  1 +
 6 files changed, 167 insertions(+), 11 deletions(-)
 create mode 100755 tests/qemu-iotests/161
 create mode 100644 tests/qemu-iotests/161.out

diff --git a/qemu-img-cmds.hx b/qemu-img-cmds.hx
index 18685ac..e79a577 100644
--- a/qemu-img-cmds.hx
+++ b/qemu-img-cmds.hx
@@ -46,9 +46,9 @@ STEXI
 ETEXI
 
 DEF("dd", img_dd,
-"dd [--image-opts] [-f fmt] [-O output_fmt] [bs=block_size] [count=blocks] 
[skip=blocks] [conv=notrunc] if=input of=output")
+"dd [--image-opts] [-f fmt] [-O output_fmt] [bs=block_size] [count=blocks] 
[skip=blocks] [seek=blocks] [conv=notrunc] if=input of=output")
 STEXI
-@item dd [--image-opts] [-f @var{fmt}] [-O @var{output_fmt}] 
[bs=@var{block_size}] [count=@var{blocks}] [skip=@var{blocks}] [conv=notrunc] 
if=@var{input} of=@var{output}
+@item dd [--image-opts] [-f @var{fmt}] [-O @var{output_fmt}] 
[bs=@var{block_size}] [count=@var{blocks}] [skip=@var{blocks}] 
[seek=@var{blocks}] [conv=notrunc] if=@var{input} of=@var{output}
 ETEXI
 
 DEF("info", img_info,
diff --git a/qemu-img.c b/qemu-img.c
index 57b99d8..a1c0381 100644
--- a/qemu-img.c
+++ b/qemu-img.c
@@ -175,6 +175,7 @@ static void QEMU_NORETURN help(void)
"  'if=FILE' read from FILE\n"
"  'of=FILE' write to FILE\n"
"  'skip=N' skip N bs-sized blocks at the start of input\n"
+   "  'seek=N' seek N bs-sized blocks at the start of output\n"
"  'conv=notrunc' do not truncate the output file\n";
 
 printf("%s\nSupported formats:", help_msg);
@@ -3808,7 +3809,8 @@ out:
 #define C_IF  04
 #define C_OF  010
 #define C_SKIP020
-#define C_CONV040
+#define C_SEEK040
+#define C_CONV0100
 
 struct DdInfo {
 unsigned int flags;
@@ -3897,6 +3899,22 @@ static int img_dd_skip(const char *arg,
 return 0;
 }
 
+static int img_dd_seek(const char *arg,
+   struct DdIo *in, struct DdIo *out,
+   struct DdInfo *dd)
+{
+char *end;
+
+out->offset = qemu_strtosz_suffix(arg, &end, QEMU_STRTOSZ_DEFSUFFIX_B);
+
+if (out->offset < 0 || *end) {
+error_report("invalid number: '%s'", arg);
+return 1;
+}
+
+return 0;
+}
+
 #define C_NOTRUNC 01
 
 static int img_dd_conv(const char *arg,
@@ -3927,7 +3945,7 @@ static int img_dd(int argc, char **argv)
 int c, i;
 const char *out_fmt = "raw";
 const char *fmt = NULL;
-int64_t size = 0, out_size;
+int64_t size = 0, out_size = 0;
 int64_t block_count = 0, out_pos, in_pos;
 struct DdInfo dd = {
 .flags = 0,
@@ -3953,6 +3971,7 @@ static int img_dd(int argc, char **argv)
 { "if", img_dd_if, C_IF },
 { "of", img_dd_of, C_OF },
 { "skip", img_dd_skip, C_SKIP },
+{ "seek", img_dd_seek, C_SEEK },
 { "conv", img_dd_conv, C_CONV },
 { NULL, NULL, 0 }
 };
@@ -4019,6 +4038,14 @@ static int img_dd(int argc, char **argv)
 arg = NULL;
 }
 
+/* Overflow check for seek */
+if (out.offset > INT64_MAX / out.bsz) {
+error_report("seek with the block size specified is too large "
+ "for data type used");
+ret = -1;
+goto out;
+}
+
 if (!(dd.flags & C_IF && dd.flags & C_OF)) {
 error_report("Must specify both input and output files");
 ret = -1;
@@ -4044,9 +4071,9 @@ static int img_dd(int argc, char **argv)
 }
 /* Overflow means the specified offset is beyond input image's size */
 if (in.offset > INT64_MAX / in.bsz || size < in.offset * in.bsz) {
-out_size = 0;
+out_size = out.offset * out.bsz;
 } else {
-out_size = size - in.offset * in.bsz;
+out_size = size - in.offset * in.bsz + out.offset * out.bsz;
 }
 
 if (image_opts) {
@@ -4131,10 +4158,12 @@ static int img_dd(int argc, char **argv)
 goto out;
 }
 
-if (in.offset <= INT64_MAX / in.bsz && size >= in.offset * in.bsz) {
-if (blk2sz < out_size) {
-blk_truncate(blk2, out_size);
+if (in.offset > INT64_MAX / in.bsz || size < in.offset * in.bsz) {
+if (blk2sz < out.offset * out.bsz) {
+blk_truncate(blk2, out.offset * out.bsz);
 }
+} else if (blk2sz < out_size) {
+blk_truncate(blk2, out_size);
 }
 }
 
@@ -4151,7 +4180,7 @@ static int img_dd(int argc, char **argv)
 
 in.buf = g_new(uint8_t, in.bsz);
 
-for (out_pos = 0; in_pos < si

[Qemu-devel] [PATCH 6/7] qemu-img: clean up dd documentation

[Reda Sallahi]

The dd section on qemu-img --help was a bit hard to read since it was not
well aligned. This patch fixes the display problem and also makes the
sentences on the .texi file more consistent with one another (uppercase and
conjugasion).

Signed-off-by: Reda Sallahi 
---
 qemu-img.c| 48 +---
 qemu-img.texi | 48 
 2 files changed, 49 insertions(+), 47 deletions(-)

diff --git a/qemu-img.c b/qemu-img.c
index 00b15c5..2d00918 100644
--- a/qemu-img.c
+++ b/qemu-img.c
@@ -169,37 +169,39 @@ static void QEMU_NORETURN help(void)
"  '-s' run in Strict mode - fail on different image size or sector 
allocation\n"
"\n"
"Parameters to dd subcommand:\n"
-   "  'bs=BYTES' read and write up to BYTES bytes at a time "
+   "  'bs=BYTES' read and write up to BYTES bytes at a time "
"(default: 512)\n"
-   "  'count=N' copy only N input blocks\n"
-   "  'if=FILE' read from FILE\n"
-   "  'of=FILE' write to FILE\n"
-   "  'skip=N' skip N bs-sized blocks at the start of input\n"
-   "  'seek=N' seek N bs-sized blocks at the start of output\n"
-   "  'conv=CONVS' do not truncate the output file\n"
+   "  'count=N'  copy only N input blocks\n"
+   "  'if=FILE'  read from FILE\n"
+   "  'of=FILE'  write to FILE\n"
+   "  'skip=N'   skip N bs-sized blocks at the start of input\n"
+   "  'seek=N'   seek N bs-sized blocks at the start of output\n"
+   "  'conv=CONVS'   do not truncate the output file\n"
"  'iflags=FLAGS' read using the comma-separated flags list\n"
"  'oflags=FLAGS' read using the comma-separated flags list\n"
"  'status=LEVEL' the LEVEL of information to print to stderr\n\n"
"List of LEVELS for dd:\n"
-   "  'none'   surpresses everything but error messages\n"
-   "  'noxfer' surpresses the final transfer statistics\n\n"
+   "  'none' surpress everything but error messages\n"
+   "  'noxfer'   surpress the final transfer statistics\n\n"
"List of CONVS for dd:\n"
-   "  'notrunc'   do not truncate the output file\n"
-   "  'noerror'   continue in the event of read errors\n"
-   "  'excl'  fail if output already exists\n"
-   "  'nocreat'   do not create the output file\n"
-   "  'fsync' physically write output file data before finishing\n"
-   "  'fdatasync' physically write output file data before finishing\n"
-   "  'sync'  pad every input block with NULs\n"
-   "  'sparse'seek rather than write the output for NUL input"
+   "  'notrunc'  do not truncate the output file\n"
+   "  'noerror'  continue in the event of read errors\n"
+   "  'excl' fail if output already exists\n"
+   "  'nocreat'  do not create the output file\n"
+   "  'fsync'physically write output file data before"
+   " finishing\n"
+   "  'fdatasync'physically write output file data before"
+   " finishing\n"
+   "  'sync' pad every input block with NULs\n"
+   "  'sparse'   seek rather than write the output for NUL input"
" blocks\n\n"
"List of FLAGS for dd:\n"
-   "  'direct'  use direct I/O for data\n"
-   "  'dsync'   use synchronized I/O for data\n"
-   "  'sync'use synchronized I/O for data\n"
-   "  'count_bytes' use 'count=N' as a byte count (iflag only)\n"
-   "  'skip_bytes'  use 'skip=N' as a byte count (iflag only)\n"
-   "  'seek_bytes'  use 'seek=N' as a byte count (oflag only)\n";
+   "  'direct'   use direct I/O for data\n"
+   "  'dsync'use synchronized I/O for data\n"
+   "  'sync' use synchronized I/O for data\n"
+   "  'count_bytes'  use 'count=N' as a byte count (iflag only)\n"
+   "  'skip_bytes'   use 'skip=N' as a byte count (iflag only)\n"
+   "  'seek_bytes'   use 'seek=N' as a byte count (oflag only)\n";
 
 printf("%s\nSupported formats:", help_msg);
 bdrv_iterate_format(format_print, NULL);
diff --git a/qemu-img.texi b/qemu-img.texi
index c8905c6..a1a17f3 100644
--- a/qemu-img.texi
+++ b/qemu-img.texi
@@ -144,20 +144,20 @@ Parameters to dd subcommand:
 @table @option
 
 @item bs=@var{block_size}
-defines the block size
+Defines the block size
 @item count=@var{blocks}
-sets the number of input blocks to copy. In case 'iflags=count_bytes' is
+Sets the number of input blocks to copy. In case 'iflags=count_bytes' is
 specified, 'blocks' is interpreted as a byte count instead of a block count.
 @item if=@var{input}
-sets the input file
+Sets the input file
 @item of=@var{output}
-sets the ou

[Qemu-devel] [PATCH 3/7] qemu-img: add more conv= conversions to dd

[Reda Sallahi]

This patch adds excl, nocreat, noerror, sync, fsync, fdatasync and sparse to
the conversion list. They have the same meaning as the ones on GNU dd(1).

Two tests were added to test the conv= option.

Signed-off-by: Reda Sallahi 
---
 qemu-img-cmds.hx   |   4 +-
 qemu-img.c | 122 +++--
 qemu-img.texi  |  26 --
 tests/qemu-iotests/165 | 109 
 tests/qemu-iotests/165.out |  33 
 tests/qemu-iotests/166 |  73 +++
 tests/qemu-iotests/166.out |  19 +++
 tests/qemu-iotests/group   |   2 +
 8 files changed, 367 insertions(+), 21 deletions(-)
 create mode 100755 tests/qemu-iotests/165
 create mode 100644 tests/qemu-iotests/165.out
 create mode 100755 tests/qemu-iotests/166
 create mode 100644 tests/qemu-iotests/166.out

diff --git a/qemu-img-cmds.hx b/qemu-img-cmds.hx
index 25eaf71..933ce3c 100644
--- a/qemu-img-cmds.hx
+++ b/qemu-img-cmds.hx
@@ -46,9 +46,9 @@ STEXI
 ETEXI
 
 DEF("dd", img_dd,
-"dd [--image-opts] [-f fmt] [-O output_fmt] [bs=block_size] [count=blocks] 
[skip=blocks] [seek=blocks] [conv=notrunc] [iflag=flags] [oflag=flags] if=input 
of=output")
+"dd [--image-opts] [-f fmt] [-O output_fmt] [bs=block_size] [count=blocks] 
[skip=blocks] [seek=blocks] [conv=convs] [iflag=flags] [oflag=flags] if=input 
of=output")
 STEXI
-@item dd [--image-opts] [-f @var{fmt}] [-O @var{output_fmt}] 
[bs=@var{block_size}] [count=@var{blocks}] [skip=@var{blocks}] 
[seek=@var{blocks}] [conv=notrunc] [iflag=@var{flags}] [oflag=@var{flags}] 
if=@var{input} of=@var{output}
+@item dd [--image-opts] [-f @var{fmt}] [-O @var{output_fmt}] 
[bs=@var{block_size}] [count=@var{blocks}] [skip=@var{blocks}] 
[seek=@var{blocks}] [conv=@var{convs}] [iflag=@var{flags}] [oflag=@var{flags}] 
if=@var{input} of=@var{output}
 ETEXI
 
 DEF("info", img_info,
diff --git a/qemu-img.c b/qemu-img.c
index 710c5a2..ae3828e 100644
--- a/qemu-img.c
+++ b/qemu-img.c
@@ -176,9 +176,19 @@ static void QEMU_NORETURN help(void)
"  'of=FILE' write to FILE\n"
"  'skip=N' skip N bs-sized blocks at the start of input\n"
"  'seek=N' seek N bs-sized blocks at the start of output\n"
-   "  'conv=notrunc' do not truncate the output file\n"
+   "  'conv=CONVS' do not truncate the output file\n"
"  'iflags=FLAGS' read using the comma-separated flags list\n"
"  'oflags=FLAGS' read using the comma-separated flags list\n\n"
+   "List of CONVS for dd:\n"
+   "  'notrunc'   do not truncate the output file\n"
+   "  'noerror'   continue in the event of read errors\n"
+   "  'excl'  fail if output already exists\n"
+   "  'nocreat'   do not create the output file\n"
+   "  'fsync' physically write output file data before finishing\n"
+   "  'fdatasync' physically write output file data before finishing\n"
+   "  'sync'  pad every input block with NULs\n"
+   "  'sparse'seek rather than write the output for NUL input"
+   " blocks\n\n"
"List of FLAGS for dd:\n"
"  'direct'  use direct I/O for data\n"
"  'dsync'   use synchronized I/O for data\n"
@@ -3932,19 +3942,59 @@ static int img_dd_seek(const char *arg,
 return 0;
 }
 
-#define C_NOTRUNC 01
+#define C_NOTRUNC   01
+#define C_SYNC  02
+#define C_NOERROR   04
+#define C_FDATASYNC 010
+#define C_FSYNC 020
+#define C_EXCL  040
+#define C_NOCREAT   0100
+#define C_SPARSE0200
 
 static int img_dd_conv(const char *arg,
struct DdIo *in, struct DdIo *out,
struct DdInfo *dd)
 {
-if (!strcmp(arg, "notrunc")) {
-dd->conv |= C_NOTRUNC;
-return 0;
-} else {
-error_report("invalid conversion: '%s'", arg);
-return 1;
+const char *tok;
+char *str, *tmp;
+int ret = 0;
+const struct DdSymbols conv[] = {
+{ "notrunc", C_NOTRUNC },
+{ "sync", C_SYNC },
+{ "noerror", C_NOERROR },
+{ "fdatasync", C_FDATASYNC },
+{ "fsync", C_FSYNC },
+{ "excl", C_EXCL },
+{ "nocreat", C_NOCREAT },
+{ "sparse", C_SPARSE },
+{ NULL, 0 }
+};
+
+tmp = str = g_strdup(arg);
+
+while (tmp != NULL && !ret) {
+tok = qemu_strsep(&tmp, ",");
+int j;
+for (j = 0; conv[j].name != NULL; j++) {
+if (!strcmp(tok, conv[j].name)) {
+if ((dd->conv | conv[j].value) & C_EXCL &&
+(dd->conv | conv[j].value) & C_NOCREAT) {
+error_report("cannot combine excl and nocreat");
+ret = 1;
+break;
+}
+dd->conv |= conv[j].value;
+break;
+}
+}
+if (conv[j].name == NULL) {
+error_rep

[Qemu-devel] [PATCH 2/7] qemu-img: add iflag and oflag options to dd

[Reda Sallahi]

This adds the iflag and oflag options which defines the list of flags used
for reading and writing respectively. The list is comma-separated.

The iflag option supports direct, dsync, sync, count_bytes and skip_bytes
and oflag supports direct, dsync, sync and seek_bytes. They are similar to
their counterparts on GNU dd(1).

Two tests were added to test iflag and oflag.

Signed-off-by: Reda Sallahi 
---
 qemu-img-cmds.hx   |   4 +-
 qemu-img.c | 185 -
 qemu-img.texi  |  32 +++-
 tests/qemu-iotests/163 | 103 +
 tests/qemu-iotests/163.out | 135 +
 tests/qemu-iotests/164 | 100 
 tests/qemu-iotests/164.out |  75 ++
 tests/qemu-iotests/group   |   2 +
 8 files changed, 609 insertions(+), 27 deletions(-)
 create mode 100755 tests/qemu-iotests/163
 create mode 100644 tests/qemu-iotests/163.out
 create mode 100755 tests/qemu-iotests/164
 create mode 100644 tests/qemu-iotests/164.out

diff --git a/qemu-img-cmds.hx b/qemu-img-cmds.hx
index e79a577..25eaf71 100644
--- a/qemu-img-cmds.hx
+++ b/qemu-img-cmds.hx
@@ -46,9 +46,9 @@ STEXI
 ETEXI
 
 DEF("dd", img_dd,
-"dd [--image-opts] [-f fmt] [-O output_fmt] [bs=block_size] [count=blocks] 
[skip=blocks] [seek=blocks] [conv=notrunc] if=input of=output")
+"dd [--image-opts] [-f fmt] [-O output_fmt] [bs=block_size] [count=blocks] 
[skip=blocks] [seek=blocks] [conv=notrunc] [iflag=flags] [oflag=flags] if=input 
of=output")
 STEXI
-@item dd [--image-opts] [-f @var{fmt}] [-O @var{output_fmt}] 
[bs=@var{block_size}] [count=@var{blocks}] [skip=@var{blocks}] 
[seek=@var{blocks}] [conv=notrunc] if=@var{input} of=@var{output}
+@item dd [--image-opts] [-f @var{fmt}] [-O @var{output_fmt}] 
[bs=@var{block_size}] [count=@var{blocks}] [skip=@var{blocks}] 
[seek=@var{blocks}] [conv=notrunc] [iflag=@var{flags}] [oflag=@var{flags}] 
if=@var{input} of=@var{output}
 ETEXI
 
 DEF("info", img_info,
diff --git a/qemu-img.c b/qemu-img.c
index a1c0381..710c5a2 100644
--- a/qemu-img.c
+++ b/qemu-img.c
@@ -176,7 +176,16 @@ static void QEMU_NORETURN help(void)
"  'of=FILE' write to FILE\n"
"  'skip=N' skip N bs-sized blocks at the start of input\n"
"  'seek=N' seek N bs-sized blocks at the start of output\n"
-   "  'conv=notrunc' do not truncate the output file\n";
+   "  'conv=notrunc' do not truncate the output file\n"
+   "  'iflags=FLAGS' read using the comma-separated flags list\n"
+   "  'oflags=FLAGS' read using the comma-separated flags list\n\n"
+   "List of FLAGS for dd:\n"
+   "  'direct'  use direct I/O for data\n"
+   "  'dsync'   use synchronized I/O for data\n"
+   "  'sync'use synchronized I/O for data\n"
+   "  'count_bytes' use 'count=N' as a byte count (iflag only)\n"
+   "  'skip_bytes'  use 'skip=N' as a byte count (iflag only)\n"
+   "  'seek_bytes'  use 'seek=N' as a byte count (oflag only)\n";
 
 printf("%s\nSupported formats:", help_msg);
 bdrv_iterate_format(format_print, NULL);
@@ -3811,6 +3820,8 @@ out:
 #define C_SKIP020
 #define C_SEEK040
 #define C_CONV0100
+#define C_IFLAG   0200
+#define C_OFLAG   0400
 
 struct DdInfo {
 unsigned int flags;
@@ -3823,6 +3834,7 @@ struct DdIo {
 char *filename;
 uint8_t *buf;
 int64_t offset;
+unsigned int flags;
 };
 
 struct DdOpts {
@@ -3831,6 +3843,11 @@ struct DdOpts {
 unsigned int flag;
 };
 
+struct DdSymbols {
+const char *name;
+unsigned int value;
+};
+
 static int img_dd_bs(const char *arg,
  struct DdIo *in, struct DdIo *out,
  struct DdInfo *dd)
@@ -3930,6 +3947,86 @@ static int img_dd_conv(const char *arg,
 }
 }
 
+#define C_DIRECT  01
+#define C_IOFLAG_SYNC 02
+#define C_DSYNC   04
+#define C_COUNT_BYTES 010
+#define C_SKIP_BYTES  020
+#define C_SEEK_BYTES  040
+
+static int img_dd_iflag(const char *arg,
+struct DdIo *in, struct DdIo *out,
+struct DdInfo *dd)
+{
+const char *tok;
+char *str, *tmp;
+int ret = 0;
+const struct DdSymbols flags[] = {
+{ "direct", C_DIRECT },
+{ "dsync", C_DSYNC },
+{ "sync", C_IOFLAG_SYNC },
+{ "count_bytes", C_COUNT_BYTES },
+{ "skip_bytes", C_SKIP_BYTES },
+{ NULL, 0}
+};
+
+tmp = str = g_strdup(arg);
+
+while (tmp != NULL && !ret) {
+tok = qemu_strsep(&tmp, ",");
+int j;
+for (j = 0; flags[j].name != NULL; j++) {
+if (!strcmp(tok, flags[j].name)) {
+in->flags |= flags[j].value;
+break;
+}
+}
+if (flags[j].name == NULL) {
+error_report("invalid input flag: '%s'", tok);
+ret = 1;
+}
+}
+
+g_free

[Qemu-devel] [PATCH 0/7] qemu-img dd

[Reda Sallahi]

Hi everyone,

This patchset adds additional options to qemu-img dd.

Depends on:
[PATCH v4] qemu-img: change opening method for the output in dd

Reda Sallahi (7):
  qemu-img: add seek option to dd
  qemu-img: add iflag and oflag options to dd
  qemu-img: add more conv= conversions to dd
  qemu-img: delete not used variable and an unecessary check
  qemu-img: add status option to dd
  qemu-img: clean up dd documentation
  qemu-img: add a test suite for the count option

 qemu-img-cmds.hx   |   4 +-
 qemu-img.c | 431 -
 qemu-img.texi  |  69 +++-
 tests/qemu-iotests/159 |   2 +-
 tests/qemu-iotests/160 |   2 +-
 tests/qemu-iotests/161 |  73 
 tests/qemu-iotests/161.out |  51 ++
 tests/qemu-iotests/163 | 103 +++
 tests/qemu-iotests/163.out | 135 ++
 tests/qemu-iotests/164 | 100 +++
 tests/qemu-iotests/164.out |  75 
 tests/qemu-iotests/165 | 110 
 tests/qemu-iotests/165.out |  33 
 tests/qemu-iotests/166 |  73 
 tests/qemu-iotests/166.out |  19 ++
 tests/qemu-iotests/167 |  77 
 tests/qemu-iotests/167.out |  17 ++
 tests/qemu-iotests/168 |  75 
 tests/qemu-iotests/168.out |  51 ++
 tests/qemu-iotests/group   |   7 +
 20 files changed, 1449 insertions(+), 58 deletions(-)
 create mode 100755 tests/qemu-iotests/161
 create mode 100644 tests/qemu-iotests/161.out
 create mode 100755 tests/qemu-iotests/163
 create mode 100644 tests/qemu-iotests/163.out
 create mode 100755 tests/qemu-iotests/164
 create mode 100644 tests/qemu-iotests/164.out
 create mode 100755 tests/qemu-iotests/165
 create mode 100644 tests/qemu-iotests/165.out
 create mode 100755 tests/qemu-iotests/166
 create mode 100644 tests/qemu-iotests/166.out
 create mode 100755 tests/qemu-iotests/167
 create mode 100644 tests/qemu-iotests/167.out
 create mode 100755 tests/qemu-iotests/168
 create mode 100644 tests/qemu-iotests/168.out

-- 
2.9.3