Re: [Qemu-devel] [Help] Windows2012 as Guest 64+cores on KVM Halts

[Vadim Rozenfeld]

On 21/02/17 00:18, Gonglei (Arei) wrote:


On 20/02/2017 12:54, Gonglei (Arei) wrote:

On 20/02/2017 10:19, Gonglei (Arei) wrote:

Hi Paolo,



On 16/02/2017 02:31, Gonglei (Arei) wrote:

And the below patch works for me, I can support max 255 vcpus for

WS2012

with hyper-v enlightenments.

diff --git a/target/i386/kvm.c b/target/i386/kvm.c
index 27fd050..efe3cbc 100644
--- a/target/i386/kvm.c
+++ b/target/i386/kvm.c
@@ -772,7 +772,7 @@ int kvm_arch_init_vcpu(CPUState *cs)

  c = &cpuid_data.entries[cpuid_i++];
  c->function = HYPERV_CPUID_IMPLEMENT_LIMITS;
-c->eax = 0x40;
+c->eax = -1;
  c->ebx = 0x40;

  kvm_base = KVM_CPUID_SIGNATURE_NEXT;

This needs to depend on the machine type, but apart from that I think

I don't know why. Because the negative effects for this change don't exist
on current QEMU IIUC, and we don't have compatible problems for live

migration.

CPUID should never change with the same machine type and command line.


OK, then how do we add compat code for the CPUID change? It's not a visible

property.

You can add a new property, something like hv-cpuid-limits-eax.


Sounds good. Let me try.  :)

Thanks,
-Gonglei

Hi Gonglei,
Any update on this issue?

We've found that SVVP on WS2016  is passing successfully with the above 
change

and more than 64 vCPUs defined.

Vadim.

[Qemu-devel] [PATCH V6 1/3] net/colo-compare.c: Optimize unpredictable tcp options comparison

[Zhang Chen]

When network is busy, some tcp options(like sack) will unpredictable
occur in primary side or secondary side. it will make packet size
not same, but the two packet's payload is identical. colo just
care about packet payload, so we skip the option field.

Signed-off-by: Zhang Chen 
---
 net/colo-compare.c | 39 +++
 1 file changed, 27 insertions(+), 12 deletions(-)

diff --git a/net/colo-compare.c b/net/colo-compare.c
index ca67c68..d088262 100644
--- a/net/colo-compare.c
+++ b/net/colo-compare.c
@@ -186,7 +186,10 @@ static int packet_enqueue(CompareState *s, int mode)
  * return:0  means packet same
  *> 0 || < 0 means packet different
  */
-static int colo_packet_compare_common(Packet *ppkt, Packet *spkt, int offset)
+static int colo_packet_compare_common(Packet *ppkt,
+  Packet *spkt,
+  int poffset,
+  int soffset)
 {
 if (trace_event_get_state(TRACE_COLO_COMPARE_MISCOMPARE)) {
 char pri_ip_src[20], pri_ip_dst[20], sec_ip_src[20], sec_ip_dst[20];
@@ -201,12 +204,13 @@ static int colo_packet_compare_common(Packet *ppkt, 
Packet *spkt, int offset)
sec_ip_src, sec_ip_dst);
 }
 
-offset = ppkt->vnet_hdr_len + offset;
+poffset = ppkt->vnet_hdr_len + poffset;
+soffset = ppkt->vnet_hdr_len + soffset;
 
-if (ppkt->size == spkt->size) {
-return memcmp(ppkt->data + offset,
-  spkt->data + offset,
-  spkt->size - offset);
+if (ppkt->size - poffset == spkt->size - soffset) {
+return memcmp(ppkt->data + poffset,
+  spkt->data + soffset,
+  spkt->size - soffset);
 } else {
 trace_colo_compare_main("Net packet size are not the same");
 return -1;
@@ -263,13 +267,22 @@ static int colo_packet_compare_tcp(Packet *spkt, Packet 
*ppkt)
  * so we just need skip this field.
  */
 if (ptcp->th_off > 5) {
-ptrdiff_t tcp_offset;
+ptrdiff_t ptcp_offset, stcp_offset;
 
-tcp_offset = ppkt->transport_header - (uint8_t *)ppkt->data
- + (ptcp->th_off * 4) - ppkt->vnet_hdr_len;
-res = colo_packet_compare_common(ppkt, spkt, tcp_offset);
+ptcp_offset = ppkt->transport_header - (uint8_t *)ppkt->data
+  + (ptcp->th_off * 4) - ppkt->vnet_hdr_len;
+stcp_offset = spkt->transport_header - (uint8_t *)spkt->data
+  + (stcp->th_off * 4) - spkt->vnet_hdr_len;
+
+/*
+ * When network is busy, some tcp options(like sack) will unpredictable
+ * occur in primary side or secondary side. it will make packet size
+ * not same, but the two packet's payload is identical. colo just
+ * care about packet payload, so we skip the option field.
+ */
+res = colo_packet_compare_common(ppkt, spkt, ptcp_offset, stcp_offset);
 } else if (ptcp->th_sum == stcp->th_sum) {
-res = colo_packet_compare_common(ppkt, spkt, ETH_HLEN);
+res = colo_packet_compare_common(ppkt, spkt, ETH_HLEN, ETH_HLEN);
 } else {
 res = -1;
 }
@@ -329,6 +342,7 @@ static int colo_packet_compare_udp(Packet *spkt, Packet 
*ppkt)
  * the ip payload here.
  */
 ret = colo_packet_compare_common(ppkt, spkt,
+ network_header_length + ETH_HLEN,
  network_header_length + ETH_HLEN);
 
 if (ret) {
@@ -366,6 +380,7 @@ static int colo_packet_compare_icmp(Packet *spkt, Packet 
*ppkt)
  * the ip payload here.
  */
 if (colo_packet_compare_common(ppkt, spkt,
+   network_header_length + ETH_HLEN,
network_header_length + ETH_HLEN)) {
 trace_colo_compare_icmp_miscompare("primary pkt size",
ppkt->size);
@@ -403,7 +418,7 @@ static int colo_packet_compare_other(Packet *spkt, Packet 
*ppkt)
sec_ip_src, sec_ip_dst);
 }
 
-return colo_packet_compare_common(ppkt, spkt, 0);
+return colo_packet_compare_common(ppkt, spkt, 0, 0);
 }
 
 static int colo_old_packet_check_one(Packet *pkt, int64_t *check_time)
-- 
2.7.4

[Qemu-devel] [PATCH V6 2/3] net/colo-compare.c: Adjust net queue pop order for performance

[Zhang Chen]

The packet_enqueue() use g_queue_push_tail() to
enqueue net packet, so it is more efficent way use
g_queue_pop_head() to get packet for compare.
That will improve the success rate of comparison.
In my test the performance of ftp put 1000M file
will increase 10%

Signed-off-by: Zhang Chen 
---
 net/colo-compare.c | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/net/colo-compare.c b/net/colo-compare.c
index d088262..c31adc6 100644
--- a/net/colo-compare.c
+++ b/net/colo-compare.c
@@ -483,7 +483,7 @@ static void colo_compare_connection(void *opaque, void 
*user_data)
 
 while (!g_queue_is_empty(&conn->primary_list) &&
!g_queue_is_empty(&conn->secondary_list)) {
-pkt = g_queue_pop_tail(&conn->primary_list);
+pkt = g_queue_pop_head(&conn->primary_list);
 switch (conn->ip_proto) {
 case IPPROTO_TCP:
 result = g_queue_find_custom(&conn->secondary_list,
@@ -521,7 +521,7 @@ static void colo_compare_connection(void *opaque, void 
*user_data)
  * until next comparison.
  */
 trace_colo_compare_main("packet different");
-g_queue_push_tail(&conn->primary_list, pkt);
+g_queue_push_head(&conn->primary_list, pkt);
 /* TODO: colo_notify_checkpoint();*/
 break;
 }
-- 
2.7.4

[Qemu-devel] [PATCH V6 3/3] net/colo-compare.c: Fix comments and scheme

[Zhang Chen]

Signed-off-by: Zhang Chen 
---
 net/colo-compare.c | 59 --
 1 file changed, 31 insertions(+), 28 deletions(-)

diff --git a/net/colo-compare.c b/net/colo-compare.c
index c31adc6..d5fcfea 100644
--- a/net/colo-compare.c
+++ b/net/colo-compare.c
@@ -41,27 +41,27 @@
 #define REGULAR_PACKET_CHECK_MS 3000
 
 /*
-  + CompareState ++
-  |   |
-  +---+   +---+ +---+
-  |conn list  +--->conn   +->conn   |
-  +---+   +---+ +---+
-  |   | |   | |  |
-  +---+ +---v+  +---v++---v+ +---v+
-|primary |  |secondary|primary | |secondary
-|packet  |  |packet  +|packet  | |packet  +
-++  ++++ ++
-|   | |  |
-+---v+  +---v++---v+ +---v+
-|primary |  |secondary|primary | |secondary
-|packet  |  |packet  +|packet  | |packet  +
-++  ++++ ++
-|   | |  |
-+---v+  +---v++---v+ +---v+
-|primary |  |secondary|primary | |secondary
-|packet  |  |packet  +|packet  | |packet  +
-++  ++++ ++
-*/
+ *  + CompareState ++
+ *  |   |
+ *  +---+   +---+ +---+
+ *  |   conn list   + - >  conn + --- >  conn + -- > ..
+ *  +---+   +---+ +---+
+ *  |   | |   | |  |
+ *  +---+ +---v+  +---v++---v+ +---v+
+ *|primary |  |secondary|primary | |secondary
+ *|packet  |  |packet  +|packet  | |packet  +
+ *++  ++++ ++
+ *|   | |  |
+ *+---v+  +---v++---v+ +---v+
+ *|primary |  |secondary|primary | |secondary
+ *|packet  |  |packet  +|packet  | |packet  +
+ *++  ++++ ++
+ *|   | |  |
+ *+---v+  +---v++---v+ +---v+
+ *|primary |  |secondary|primary | |secondary
+ *|packet  |  |packet  +|packet  | |packet  +
+ *++  ++++ ++
+ */
 typedef struct CompareState {
 Object parent;
 
@@ -75,14 +75,14 @@ typedef struct CompareState {
 SocketReadState sec_rs;
 bool vnet_hdr;
 
-/* connection list: the connections belonged to this NIC could be found
- * in this list.
- * element type: Connection
+/*
+ * Record the connection that through the NIC
+ * Element type: Connection
  */
 GQueue conn_list;
-/* hashtable to save connection */
+/* Record the connection without repetition */
 GHashTable *connection_track_table;
-/* compare thread, a thread for each NIC */
+/* This thread just do packet compare job */
 QemuThread thread;
 
 GMainContext *worker_context;
@@ -444,8 +444,11 @@ static int colo_old_packet_check_one_conn(Connection *conn,
  (GCompareFunc)colo_old_packet_check_one);
 
 if (result) {
-/* do checkpoint will flush old packet */
-/* TODO: colo_notify_checkpoint();*/
+/* Do checkpoint will flush old packet */
+/*
+ * TODO: Notify colo frame to do checkpoint.
+ * colo_compare_inconsistent_notify();
+ */
 return 0;
 }
 
-- 
2.7.4

[Qemu-devel] [PATCH V6 0/3] Optimize COLO-compare performance

[Zhang Chen]

In this serise, we do a lot of job to optimize COLO net performance.
Mainly focus on TCP protocol.

V6:
 - Cover rare situation in patch1.

V5:
 - Fix bug in colo_packet_compare_common().
 - Fix patch3 ascii graph style.

V4:
 - Remove the old patch1.

V3:
 - Rebase on upstream.
 - Remove origin p2.
 - Move the "checkpoint_time_ms" to CompareState,
   in order to aviod multi colo-compare instance conflict.
 - Add "TODO comments" for reset s->checkpoint_time_ms.
 - Add a new patch fix comments and scheme.

V2:
 - Rename p2's subject.


Zhang Chen (3):
  net/colo-compare.c: Optimize unpredictable tcp options comparison
  net/colo-compare.c: Adjust net queue pop order for performance
  net/colo-compare.c: Fix comments and scheme

 net/colo-compare.c | 102 +++--
 1 file changed, 60 insertions(+), 42 deletions(-)

-- 
2.7.4

Re: [Qemu-devel] [PATCH V5 1/3] net/colo-compare.c: Optimize unpredictable tcp options comparison

[Zhang Chen]

On 09/05/2017 10:11 AM, Dou Liyang wrote:

Hi Chen,

At 09/04/2017 02:14 PM, Zhang Chen wrote:

When network is busy, some tcp options(like sack) will unpredictable
occur in primary side or secondary side. it will make packet size
not same, but the two packet's payload is identical. colo just
care about packet payload, so we skip the option field.

Signed-off-by: Zhang Chen 
---
 net/colo-compare.c | 40 
 1 file changed, 28 insertions(+), 12 deletions(-)

diff --git a/net/colo-compare.c b/net/colo-compare.c
index ca67c68..18a9ebf 100644
--- a/net/colo-compare.c
+++ b/net/colo-compare.c
@@ -186,7 +186,10 @@ static int packet_enqueue(CompareState *s, int 
mode)

  * return:0  means packet same
  *> 0 || < 0 means packet different
  */
-static int colo_packet_compare_common(Packet *ppkt, Packet *spkt, 
int offset)

+static int colo_packet_compare_common(Packet *ppkt,
+  Packet *spkt,
+  int poffset,
+  int soffset)
 {
 if (trace_event_get_state(TRACE_COLO_COMPARE_MISCOMPARE)) {
 char pri_ip_src[20], pri_ip_dst[20], sec_ip_src[20], 
sec_ip_dst[20];
@@ -201,12 +204,14 @@ static int colo_packet_compare_common(Packet 
*ppkt, Packet *spkt, int offset)

sec_ip_src, sec_ip_dst);
 }

-offset = ppkt->vnet_hdr_len + offset;
+poffset = ppkt->vnet_hdr_len + poffset;
+soffset = ppkt->vnet_hdr_len + soffset;

-if (ppkt->size == spkt->size) {
-return memcmp(ppkt->data + offset,
-  spkt->data + offset,
-  spkt->size - offset);
+if (ppkt->size == spkt->size ||
+ppkt->size - poffset == spkt->size - soffset) {


This logic has a problem:

ppkt->data
   |---|-rangeP-|
   |\   |
   poffset ppkt->size
 \equal range \
spkt->data\\
   |---|--rangeS|
   ||
soffsetspkt->size

See the above picture, (ppkt->size == spkt->size) is true,
if  [soffset, spkt->size] == [poffset, poffset+(spkt->size- soffset) is
also ture, the code will return 0, but actually, they are not equal.

Please use following code instead,

if (ppkt->size - poffset == spkt->size - soffset)

I am a new boy in COLO, let's see what we actually want to compare,
If I am wrong, please correct me. :-)

ppkt->data
   |---|-rangeP-|
   ||
   poffset ppkt->size

spkt->data
   ||--rangeS-|
| |
 soffset spkt->size

The data in rangeP and rangeS is what we want to compare.
So, we just need care about the rangeX's size and head pointer,
not the whole size.


Yes, I have already considered this rare situation, but for packet 
comparing efficiency
I ignored it. As you know, every packet will be compared in COLO FT, 
most of packet
have the same offset, in this time use pkt->size is ok. the other packet 
with different
offset always have a different pkt->size. But we need cover all 
situation firstly,

I will update the V6 later.

Thanks
Zhang Chen




Thanks,
dou.
.



--
Thanks
Zhang Chen

[Qemu-devel] [Bug 1714750] Re: 2.10.0 cannot be installed on case-insensitive file system

[Stefan Weil]

See https://lists.denx.de/pipermail/u-boot/2017-September/304728.html.

-- 
You received this bug notification because you are a member of qemu-
devel-ml, which is subscribed to QEMU.
https://bugs.launchpad.net/bugs/1714750

Title:
  2.10.0 cannot be installed on case-insensitive file system

Status in QEMU:
  New

Bug description:
  The https://download.qemu.org/qemu-2.10.0.tar.bz2 tarball cannot be
  unpacked on a case-insensitive file system because it has a file
  qemu-2.10.0/roms/u-boot/scripts/Kconfig and a directory
  qemu-2.10.0/roms/u-boot/scripts/kconfig. This prevents installation on
  most macOS systems since by default the file system is case
  insensitive. The 2.10.0 upgrade is blocked in Homebrew due to this
  issue. See https://github.com/Homebrew/homebrew-core/pull/17467. This
  is a regression from 2.9.0, which didn't have this problem.

To manage notifications about this bug go to:
https://bugs.launchpad.net/qemu/+bug/1714750/+subscriptions

Re: [Qemu-devel] [PATCH 2/6] cpu: make cpu_generic_init() abort QEMU on error

[Thomas Huth]

On 04.09.2017 16:00, Igor Mammedov wrote:
> Almost every user of cpu_generic_init() checks for
> returned NULL and then reports failure in a custom way
> and aborts process.
> Some users assume that call can't fail and don't check
> for failure, though they should have checked for it.
> 
> In either cases cpu_generic_init() failure is fatal,
> so instead of checking for failure and reporting
> it various ways, make cpu_generic_init() report
> errors in consistent way and terminate QEMU on failure.
> 
> Signed-off-by: Igor Mammedov 
> ---
> Even though it's tree wide change, it's trivial so all
> affected call sites are included within one patch.
[...]
> diff --git a/qom/cpu.c b/qom/cpu.c
> index d715890..307d638 100644
> --- a/qom/cpu.c
> +++ b/qom/cpu.c
> @@ -61,7 +61,7 @@ CPUState *cpu_create(const char *typename)
>  if (err != NULL) {
>  error_report_err(err);
>  object_unref(OBJECT(cpu));
> -return NULL;
> +exit(EXIT_FAILURE);
>  }
>  return cpu;
>  }
> @@ -78,8 +78,9 @@ const char *cpu_parse_features(const char *typename, const 
> char *cpu_model)
>  
>  oc = cpu_class_by_name(typename, model_pieces[0]);
>  if (oc == NULL) {
> +error_report("unable to find CPU model '%s'", model_pieces[0]);
>  g_strfreev(model_pieces);
> -return NULL;
> +exit(EXIT_FAILURE);
>  }
>  
>  cpu_type = object_class_get_name(oc);
> @@ -88,7 +89,7 @@ const char *cpu_parse_features(const char *typename, const 
> char *cpu_model)
>  g_strfreev(model_pieces);
>  if (err != NULL) {
>  error_report_err(err);
> -return NULL;
> +exit(EXIT_FAILURE);
>  }
>  return cpu_type;
>  }
> @@ -100,10 +101,8 @@ CPUState *cpu_generic_init(const char *typename, const 
> char *cpu_model)
>   */
>  const char *cpu_type = cpu_parse_features(typename, cpu_model);
>  
> -if (cpu_type) {
> -return cpu_create(cpu_type);
> -}
> -return NULL;
> +assert(cpu_type);
> +return cpu_create(cpu_type);
>  }

Not sure, but wouldn't it be better to do the error reporting and exit
in cpu_generic_init() instead? In case we ever might want to re-use the
create and parse_feature functions for device_add later (?), and then
the functions must not exit directly anymore...

 Thomas

Re: [Qemu-devel] [PATCH 3/6] cpu: rename cpu_parse_features() to cpu_parse_cpu_model()

[Thomas Huth]

On 04.09.2017 21:06, Igor Mammedov wrote:
> On Mon, 4 Sep 2017 12:03:09 -0300
> Philippe Mathieu-Daudé  wrote:
> 
>> Hi Igor,
>>
>> On 09/04/2017 11:00 AM, Igor Mammedov wrote:
>>> function not just parses features but also converts CPU model
>>> name to CPU type, rename it to reflect what it actualy does.
>>
>> Why not squash this with your 1st patch "split cpu_generic_init()"?
> there I went with current/exiting way to call that part of code,
> and here I'm renaming it to show what it does exactly.
> 
> But I don't have any preference here, so I can squash this patch
> into 1/6 on respin, if you prefer.

+1 for squashing

 Thomas

[Qemu-devel] query-block io-status display

[Jack Schwartz]

Hi Luiz, Markus and everyone.

I am working on a qemu enhancement to display io-status in each 
query-block command, not just those for devices which have werror and/or 
rerror set to stop on error.


I'd like to verify the reasons behind the query-block command not 
reporting io-status if errors were reported to the guest or ignored.  A 
clue may come from the original code review email[1] for when this code 
was implemented:


  "In case of multiple errors being triggered in sequence only the first
   one is stored. The I/O status is always reset to BDRV_IOS_OK when the
   'cont' command is issued."

From this I infer:
- io-status is shown when qemu is stopped onerror so errors can be seen 
in cases where a guest does not handle them.

- io-status is not shown when errors are already being handled by a guest
- io-status is not shown when errors are ignored

Is this correct?  Are there other subtleties/reasons as well?

Thanks,
Jack

[1] http://lists.nongnu.org/archive/html/qemu-devel/2011-09/msg02940.html

Re: [Qemu-devel] [PULL 3/5] net: fix -netdev socket, fd= for UDP sockets

[Mao Zhongyi]

On 08/09/2017 09:50 AM, Michael S. Tsirkin wrote:

From: Jens Freimann 

This patch fixes -netdev socket,fd= for UDP sockets
Currently -netdev socket,fd=<...> results in

  qemu: error: specified mcastaddr "127.0.0.1" (0x7f01) does not
contain a multicast address
  qemu-system-x86_64: -netdev
socket,id=n1,fd=3: Device 'socket' could not be initialized

To fix these we need to allow specifying multicast and fd arguments
for the same netdev. With this the user can specify "-netdev
fd=3,mcast="

Cc: Jason Wang 
Fixes: 3d830459b1eccdb61b75e2712fd364012ce5a115
Signed-off-by: Jens Freimann 
Reviewed-by: Michael S. Tsirkin 
Reviewed-by: Michael S. Tsirkin 
Signed-off-by: Michael S. Tsirkin 
---
 net/socket.c | 37 ++---
 1 file changed, 18 insertions(+), 19 deletions(-)

diff --git a/net/socket.c b/net/socket.c
index f85ef7d..18af2ab 100644
--- a/net/socket.c
+++ b/net/socket.c
@@ -320,11 +320,11 @@ static NetClientInfo net_dgram_socket_info = {
 static NetSocketState *net_socket_fd_init_dgram(NetClientState *peer,
 const char *model,
 const char *name,
-int fd, int is_connected)
+int fd, int is_connected,
+const char *mcast)
 {
 struct sockaddr_in saddr;
 int newfd;
-socklen_t saddr_len = sizeof(saddr);
 NetClientState *nc;
 NetSocketState *s;

@@ -333,8 +333,13 @@ static NetSocketState 
*net_socket_fd_init_dgram(NetClientState *peer,
  * by ONLY ONE process: we must "clone" this dgram socket --jjo
  */

-if (is_connected) {
-if (getsockname(fd, (struct sockaddr *) &saddr, &saddr_len) == 0) {
+if (is_connected && mcast != NULL) {
+if (parse_host_port(&saddr, mcast) < 0) {
+fprintf(stderr,
+"qemu: error: init_dgram: fd=%d failed 
parse_host_port()\n",
+fd);
+goto err;
+}
 /* must be bound */
 if (saddr.sin_addr.s_addr == 0) {
 fprintf(stderr, "qemu: error: init_dgram: fd=%d unbound, "
@@ -351,12 +356,6 @@ static NetSocketState 
*net_socket_fd_init_dgram(NetClientState *peer,
 dup2(newfd, fd);
 close(newfd);

-} else {
-fprintf(stderr,
-"qemu: error: init_dgram: fd=%d failed getsockname(): 
%s\n",
-fd, strerror(errno));
-goto err;
-}
 }

 nc = qemu_new_net_client(&net_dgram_socket_info, peer, model, name);
@@ -432,7 +431,7 @@ static NetSocketState 
*net_socket_fd_init_stream(NetClientState *peer,

 static NetSocketState *net_socket_fd_init(NetClientState *peer,
   const char *model, const char *name,
-  int fd, int is_connected)
+  int fd, int is_connected, const char 
*mc)
 {
 int so_type = -1, optlen=sizeof(so_type);

@@ -445,7 +444,7 @@ static NetSocketState *net_socket_fd_init(NetClientState 
*peer,
 }
 switch(so_type) {
 case SOCK_DGRAM:
-return net_socket_fd_init_dgram(peer, model, name, fd, is_connected);
+return net_socket_fd_init_dgram(peer, model, name, fd, is_connected, 
mc);
 case SOCK_STREAM:
 return net_socket_fd_init_stream(peer, model, name, fd, is_connected);
 default:
@@ -567,7 +566,7 @@ static int net_socket_connect_init(NetClientState *peer,
 break;
 }
 }
-s = net_socket_fd_init(peer, model, name, fd, connected);
+s = net_socket_fd_init(peer, model, name, fd, connected, NULL);
 if (!s)
 return -1;
 snprintf(s->nc.info_str, sizeof(s->nc.info_str),
@@ -602,7 +601,7 @@ static int net_socket_mcast_init(NetClientState *peer,
 if (fd < 0)
 return -1;

-s = net_socket_fd_init(peer, model, name, fd, 0);
+s = net_socket_fd_init(peer, model, name, fd, 0, NULL);
 if (!s)
 return -1;

@@ -652,7 +651,7 @@ static int net_socket_udp_init(NetClientState *peer,
 }
 qemu_set_nonblock(fd);

-s = net_socket_fd_init(peer, model, name, fd, 0);
+s = net_socket_fd_init(peer, model, name, fd, 0, NULL);
 if (!s) {
 return -1;
 }
@@ -675,9 +674,9 @@ int net_init_socket(const Netdev *netdev, const char *name,
 assert(netdev->type == NET_CLIENT_DRIVER_SOCKET);
 sock = &netdev->u.socket;

-if (sock->has_fd + sock->has_listen + sock->has_connect + sock->has_mcast +
-sock->has_udp != 1) {
-error_report("exactly one of fd=, listen=, connect=, mcast= or udp="
+if (sock->has_listen + sock->has_connect + sock->has_mcast +
+sock->has_udp > 1) {
+error_report("exactly one of listen=, connect=, mcast= or udp="
  " is

[Qemu-devel] [PATCH v3 06/14] hvf: handle fields from CPUState and CPUX86State

[Sergio Andres Gomez Del Real]

This commit is a small refactoring of hvf's emulation code: it moves the
HVFX86EmulatorState field to CPUX86State, and in general changes, for
the emulation functions, the parameter with signature 'CPUState *' for
'CPUX86State *' so we don't have to get the 'env' (which is what we
really need) through the 'cpu' everytime.
This commit also adds some fields specific to hvf in CPUState and
CPUX86State. It also adds some handy #defines.

Signed-off-by: Sergio Andres Gomez Del Real 
---
 include/qom/cpu.h  |   2 +
 target/i386/cpu.h  |  38 ++-
 target/i386/hvf-all.c  |  73 ++--
 target/i386/hvf-utils/x86.c|   4 +-
 target/i386/hvf-utils/x86.h|  34 +-
 target/i386/hvf-utils/x86_decode.c | 363 ++--
 target/i386/hvf-utils/x86_decode.h |  23 +-
 target/i386/hvf-utils/x86_emu.c| 681 +++--
 target/i386/hvf-utils/x86_emu.h|  29 +-
 target/i386/hvf-utils/x86_flags.c  | 194 +--
 target/i386/hvf-utils/x86_flags.h  | 106 +++---
 target/i386/hvf-utils/x86hvf.c |  16 +-
 12 files changed, 801 insertions(+), 762 deletions(-)

diff --git a/include/qom/cpu.h b/include/qom/cpu.h
index 25eefea7ab..a79f37e20a 100644
--- a/include/qom/cpu.h
+++ b/include/qom/cpu.h
@@ -407,6 +407,8 @@ struct CPUState {
  * unnecessary flushes.
  */
 uint16_t pending_tlb_flush;
+
+int hvf_fd;
 };
 
 QTAILQ_HEAD(CPUTailQ, CPUState);
diff --git a/target/i386/cpu.h b/target/i386/cpu.h
index 051867399b..a904072009 100644
--- a/target/i386/cpu.h
+++ b/target/i386/cpu.h
@@ -23,6 +23,9 @@
 #include "qemu-common.h"
 #include "cpu-qom.h"
 #include "standard-headers/asm-x86/hyperv.h"
+#if defined(CONFIG_HVF)
+#include "target/i386/hvf-utils/x86.h"
+#endif
 
 #ifdef TARGET_X86_64
 #define TARGET_LONG_BITS 64
@@ -82,16 +85,20 @@
 #define R_GS 5
 
 /* segment descriptor fields */
-#define DESC_G_MASK (1 << 23)
+#define DESC_G_SHIFT23
+#define DESC_G_MASK (1 << DESC_G_SHIFT)
 #define DESC_B_SHIFT22
 #define DESC_B_MASK (1 << DESC_B_SHIFT)
 #define DESC_L_SHIFT21 /* x86_64 only : 64 bit code segment */
 #define DESC_L_MASK (1 << DESC_L_SHIFT)
-#define DESC_AVL_MASK   (1 << 20)
-#define DESC_P_MASK (1 << 15)
+#define DESC_AVL_SHIFT  20
+#define DESC_AVL_MASK   (1 << DESC_AVL_SHIFT)
+#define DESC_P_SHIFT15
+#define DESC_P_MASK (1 << DESC_P_SHIFT)
 #define DESC_DPL_SHIFT  13
 #define DESC_DPL_MASK   (3 << DESC_DPL_SHIFT)
-#define DESC_S_MASK (1 << 12)
+#define DESC_S_SHIFT12
+#define DESC_S_MASK (1 << DESC_S_SHIFT)
 #define DESC_TYPE_SHIFT 8
 #define DESC_TYPE_MASK  (15 << DESC_TYPE_SHIFT)
 #define DESC_A_MASK (1 << 8)
@@ -631,6 +638,7 @@ typedef uint32_t FeatureWordArray[FEATURE_WORDS];
 #define CPUID_7_0_EBX_AVX512BW (1U << 30) /* AVX-512 Byte and Word 
Instructions */
 #define CPUID_7_0_EBX_AVX512VL (1U << 31) /* AVX-512 Vector Length Extensions 
*/
 
+#define CPUID_7_0_ECX_AVX512BMI (1U << 1)
 #define CPUID_7_0_ECX_VBMI (1U << 1)  /* AVX-512 Vector Byte Manipulation 
Instrs */
 #define CPUID_7_0_ECX_UMIP (1U << 2)
 #define CPUID_7_0_ECX_PKU  (1U << 3)
@@ -806,6 +814,20 @@ typedef struct SegmentCache {
 float64  _d_##n[(bits)/64]; \
 }
 
+typedef union {
+uint8_t _b[16];
+uint16_t _w[8];
+uint32_t _l[4];
+uint64_t _q[2];
+} XMMReg;
+
+typedef union {
+uint8_t _b[32];
+uint16_t _w[16];
+uint32_t _l[8];
+uint64_t _q[4];
+} YMMReg;
+
 typedef MMREG_UNION(ZMMReg, 512) ZMMReg;
 typedef MMREG_UNION(MMXReg, 64)  MMXReg;
 
@@ -1041,7 +1063,11 @@ typedef struct CPUX86State {
 ZMMReg xmm_t0;
 MMXReg mmx_t0;
 
+XMMReg ymmh_regs[CPU_NB_REGS];
+
 uint64_t opmask_regs[NB_OPMASK_REGS];
+YMMReg zmmh_regs[CPU_NB_REGS];
+ZMMReg hi16_zmm_regs[CPU_NB_REGS];
 
 /* sysenter registers */
 uint32_t sysenter_cs;
@@ -1164,11 +1190,15 @@ typedef struct CPUX86State {
 int32_t interrupt_injected;
 uint8_t soft_interrupt;
 uint8_t has_error_code;
+uint32_t ins_len;
 uint32_t sipi_vector;
 bool tsc_valid;
 int64_t tsc_khz;
 int64_t user_tsc_khz; /* for sanity check only */
 void *kvm_xsave_buf;
+#if defined(CONFIG_HVF)
+HVFX86EmulatorState *hvf_emul;
+#endif
 
 uint64_t mcg_cap;
 uint64_t mcg_ctl;
diff --git a/target/i386/hvf-all.c b/target/i386/hvf-all.c
index ade5e9ab46..be68c71ea0 100644
--- a/target/i386/hvf-all.c
+++ b/target/i386/hvf-all.c
@@ -253,16 +253,16 @@ void hvf_handle_io(CPUArchState *env, uint16_t port, void 
*buffer,
 static void do_hvf_cpu_synchronize_state(CPUState *cpu, run_on_cpu_data arg)
 {
 CPUState *cpu_state = cpu;
-if (cpu_state->hvf_vcpu_dirty == 0) {
+if (cpu_state->vcpu_dirty == 0) {
 hvf_get_registers(cpu_state);
 }
 
-cpu_state->hvf_vcpu_dirty = 1;
+cpu_state->vcpu_dirty = 1;
 }
 
 void hvf_cpu_synchronize_state(CPUState *cpu_state)
 {
-if (cpu_state->hvf_vcpu_dirty == 0) {
+if (cpu_state->vcpu

Re: [Qemu-devel] [PATCH v3 08/14] hvf: add compilation rules to Makefile.objs

[Sergio Andrés Gómez del Real]

Note that until this patch (8/14) there is no compiling. I tried to put
this patch earlier in the patchset but found difficulties because some
things need to be done before the hvf code compiles well.
Also, the commit message needs to be updated (remove the -enable-hvf part).

On Mon, Sep 4, 2017 at 10:54 PM, Sergio Andres Gomez Del Real <
sergio.g.delr...@gmail.com> wrote:

> This commit adds to target/i386/Makefile.objs the necessary rules so
> that the new files for hvf are compiled by the build system.
> It also adds handling of the -enable-hvf argument in the main function
> in vl.c.
>
> Signed-off-by: Sergio Andres Gomez Del Real 
> ---
>  target/i386/Makefile.objs | 1 +
>  1 file changed, 1 insertion(+)
>
> diff --git a/target/i386/Makefile.objs b/target/i386/Makefile.objs
> index 6a26e9d9f0..0bef89c099 100644
> --- a/target/i386/Makefile.objs
> +++ b/target/i386/Makefile.objs
> @@ -12,4 +12,5 @@ obj-$(CONFIG_HAX) += hax-all.o hax-mem.o hax-windows.o
>  endif
>  ifdef CONFIG_DARWIN
>  obj-$(CONFIG_HAX) += hax-all.o hax-mem.o hax-darwin.o
> +obj-$(CONFIG_HVF) += hvf-utils/ hvf-all.o
>  endif
> --
> 2.14.1
>
>

[Qemu-devel] [PATCH v3 14/14] hvf: inject General Protection Fault when vmexit through vmcall

[Sergio Andres Gomez Del Real]

This commit injects a GP fault when the guest vmexit's by executing a
vmcall instruction.

Signed-off-by: Sergio Andres Gomez Del Real 
---
 target/i386/hvf-all.c | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

diff --git a/target/i386/hvf-all.c b/target/i386/hvf-all.c
index 8fc6a0b5d1..cdf4d6f8e7 100644
--- a/target/i386/hvf-all.c
+++ b/target/i386/hvf-all.c
@@ -903,7 +903,9 @@ int hvf_vcpu_exec(CPUState *cpu)
 macvm_set_rip(cpu, rip + ins_len);
 break;
 case VMX_REASON_VMCALL:
-/* TODO: inject #GP fault */
+env->exception_injected = EXCP0D_GPF;
+env->has_error_code = true;
+env->error_code = 0;
 break;
 default:
 error_report("%llx: unhandled exit %llx\n", rip, exit_reason);
-- 
2.14.1

[Qemu-devel] [PATCH v3 05/14] hvf: add code to cpus.c and do refactoring in preparation for compiling

[Sergio Andres Gomez Del Real]

The files originally added from Google's repository in previous patches
won't compile cleanly unless some glue code is added to cpus.c and some
other reorganization is done. This patch adds that code and does some
general refactoring in preparation for compiling in subsequent patches.

Signed-off-by: Sergio Andres Gomez Del Real 
---
 cpus.c| 44 +++
 include/sysemu/hvf.h  | 22 ++
 target/i386/hvf-all.c | 89 +++
 target/i386/hvf-utils/x86.c   |  2 +-
 target/i386/hvf-utils/x86_cpuid.h |  2 +-
 target/i386/hvf-utils/x86_descr.h |  6 +++
 target/i386/hvf-utils/x86_emu.c   |  5 +--
 target/i386/hvf-utils/x86_emu.h   | 15 +++
 target/i386/hvf-utils/x86_flags.h |  2 +
 target/i386/hvf-utils/x86hvf.c|  3 --
 target/i386/hvf-utils/x86hvf.h|  2 +
 11 files changed, 120 insertions(+), 72 deletions(-)

diff --git a/cpus.c b/cpus.c
index a2cd9dfa5d..263d36aa64 100644
--- a/cpus.c
+++ b/cpus.c
@@ -37,6 +37,7 @@
 #include "sysemu/hw_accel.h"
 #include "sysemu/kvm.h"
 #include "sysemu/hax.h"
+#include "sysemu/hvf.h"
 #include "qmp-commands.h"
 #include "exec/exec-all.h"
 
@@ -900,6 +901,9 @@ void cpu_synchronize_all_states(void)
 
 CPU_FOREACH(cpu) {
 cpu_synchronize_state(cpu);
+if (hvf_enabled()) {
+hvf_cpu_synchronize_state(cpu);
+}
 }
 }
 
@@ -909,6 +913,9 @@ void cpu_synchronize_all_post_reset(void)
 
 CPU_FOREACH(cpu) {
 cpu_synchronize_post_reset(cpu);
+if (hvf_enabled()) {
+hvf_cpu_synchronize_post_reset(cpu);
+}
 }
 }
 
@@ -918,6 +925,9 @@ void cpu_synchronize_all_post_init(void)
 
 CPU_FOREACH(cpu) {
 cpu_synchronize_post_init(cpu);
+if (hvf_enabled()) {
+hvf_cpu_synchronize_post_init(cpu);
+}
 }
 }
 
@@ -1098,6 +1108,14 @@ static void qemu_kvm_wait_io_event(CPUState *cpu)
 qemu_wait_io_event_common(cpu);
 }
 
+static void qemu_hvf_wait_io_event(CPUState *cpu)
+{
+while (cpu_thread_is_idle(cpu)) {
+qemu_cond_wait(cpu->halt_cond, &qemu_global_mutex);
+}
+qemu_wait_io_event_common(cpu);
+}
+
 static void *qemu_kvm_cpu_thread_fn(void *arg)
 {
 CPUState *cpu = arg;
@@ -1564,6 +1582,9 @@ static void qemu_cpu_kick_thread(CPUState *cpu)
 fprintf(stderr, "qemu:%s: %s", __func__, strerror(err));
 exit(1);
 }
+if (hvf_enabled()) {
+cpu_exit(cpu);
+}
 #else /* _WIN32 */
 if (!qemu_cpu_is_self(cpu)) {
 if (!QueueUserAPC(dummy_apc_func, cpu->hThread, 0)) {
@@ -1780,6 +1801,27 @@ static void qemu_kvm_start_vcpu(CPUState *cpu)
 }
 }
 
+static void qemu_hvf_start_vcpu(CPUState *cpu)
+{
+char thread_name[VCPU_THREAD_NAME_SIZE];
+
+/* HVF currently does not support TCG, and only runs in
+ * unrestricted-guest mode. */
+assert(hvf_enabled());
+
+cpu->thread = g_malloc0(sizeof(QemuThread));
+cpu->halt_cond = g_malloc0(sizeof(QemuCond));
+qemu_cond_init(cpu->halt_cond);
+
+snprintf(thread_name, VCPU_THREAD_NAME_SIZE, "CPU %d/HVF",
+ cpu->cpu_index);
+qemu_thread_create(cpu->thread, thread_name, qemu_hvf_cpu_thread_fn,
+   cpu, QEMU_THREAD_JOINABLE);
+while (!cpu->created) {
+qemu_cond_wait(&qemu_cpu_cond, &qemu_global_mutex);
+}
+}
+
 static void qemu_dummy_start_vcpu(CPUState *cpu)
 {
 char thread_name[VCPU_THREAD_NAME_SIZE];
@@ -1816,6 +1858,8 @@ void qemu_init_vcpu(CPUState *cpu)
 qemu_kvm_start_vcpu(cpu);
 } else if (hax_enabled()) {
 qemu_hax_start_vcpu(cpu);
+} else if (hvf_enabled()) {
+qemu_hvf_start_vcpu(cpu);
 } else if (tcg_enabled()) {
 qemu_tcg_init_vcpu(cpu);
 } else {
diff --git a/include/sysemu/hvf.h b/include/sysemu/hvf.h
index d068a95e93..944b014596 100644
--- a/include/sysemu/hvf.h
+++ b/include/sysemu/hvf.h
@@ -15,15 +15,24 @@
 #include "config-host.h"
 #include "qemu/osdep.h"
 #include "qemu-common.h"
-#include "hw/hw.h"
-#include "target/i386/cpu.h"
 #include "qemu/bitops.h"
 #include "exec/memory.h"
 #include "sysemu/accel.h"
+
+extern int hvf_disabled;
+#ifdef CONFIG_HVF
 #include 
 #include 
 #include 
-
+#include "target/i386/cpu.h"
+#include "hw/hw.h"
+uint32_t hvf_get_supported_cpuid(uint32_t func, uint32_t idx,
+ int reg);
+#define hvf_enabled() !hvf_disabled
+#else
+#define hvf_enabled() 0
+#define hvf_get_supported_cpuid(func, idx, reg) 0
+#endif
 
 typedef struct hvf_slot {
 uint64_t start;
@@ -41,7 +50,6 @@ struct hvf_vcpu_caps {
 uint64_t vmx_cap_preemption_timer;
 };
 
-int __hvf_set_memory(hvf_slot *);
 typedef struct HVFState {
 AccelState parent;
 hvf_slot slots[32];
@@ -56,8 +64,6 @@ void hvf_handle_io(CPUArchState *, uint16_t, void *,
   int, int, int);
 hvf_slot *hvf_find_overlap_slot(uint64_t, uint64_t);
 
-/* Returns 1 if HVF is available and enabled, 0 otherw

[Qemu-devel] [PATCH v3 11/14] hvf: refactor cpuid code

[Sergio Andres Gomez Del Real]

This patch generalizes some code in cpu.c, sharing code and data between
hvf and kvm. It also beings calling the new hvf_get_supported_cpuid
where appropriate.

Signed-off-by: Sergio Andres Gomez Del Real 
---
 target/i386/cpu-qom.h |  4 +--
 target/i386/cpu.c | 76 +--
 2 files changed, 58 insertions(+), 22 deletions(-)

diff --git a/target/i386/cpu-qom.h b/target/i386/cpu-qom.h
index c2205e6077..22f95eb3a4 100644
--- a/target/i386/cpu-qom.h
+++ b/target/i386/cpu-qom.h
@@ -47,7 +47,7 @@ typedef struct X86CPUDefinition X86CPUDefinition;
 /**
  * X86CPUClass:
  * @cpu_def: CPU model definition
- * @kvm_required: Whether CPU model requires KVM to be enabled.
+ * @host_cpuid_required: Whether CPU model requires cpuid from host.
  * @ordering: Ordering on the "-cpu help" CPU model list.
  * @migration_safe: See CpuDefinitionInfo::migration_safe
  * @static_model: See CpuDefinitionInfo::static
@@ -66,7 +66,7 @@ typedef struct X86CPUClass {
  */
 X86CPUDefinition *cpu_def;
 
-bool kvm_required;
+bool host_cpuid_required;
 int ordering;
 bool migration_safe;
 bool static_model;
diff --git a/target/i386/cpu.c b/target/i386/cpu.c
index ddc45abd70..c6ffd0c928 100644
--- a/target/i386/cpu.c
+++ b/target/i386/cpu.c
@@ -22,6 +22,7 @@
 #include "cpu.h"
 #include "exec/exec-all.h"
 #include "sysemu/kvm.h"
+#include "sysemu/hvf.h"
 #include "sysemu/cpus.h"
 #include "kvm_i386.h"
 
@@ -613,6 +614,11 @@ static uint32_t xsave_area_size(uint64_t mask)
 return ret;
 }
 
+static inline bool accel_uses_host_cpuid(void)
+{
+return kvm_enabled() || hvf_enabled();
+}
+
 static inline uint64_t x86_cpu_xsave_components(X86CPU *cpu)
 {
 return ((uint64_t)cpu->env.features[FEAT_XSAVE_COMP_HI]) << 32 |
@@ -1643,10 +1649,15 @@ static void max_x86_cpu_initfn(Object *obj)
  */
 cpu->max_features = true;
 
-if (kvm_enabled()) {
+if (accel_uses_host_cpuid()) {
 char vendor[CPUID_VENDOR_SZ + 1] = { 0 };
 char model_id[CPUID_MODEL_ID_SZ + 1] = { 0 };
 int family, model, stepping;
+X86CPUDefinition host_cpudef = { };
+uint32_t eax = 0, ebx = 0, ecx = 0, edx = 0;
+
+host_cpuid(0x0, 0, &eax, &ebx, &ecx, &edx);
+x86_cpu_vendor_words2str(host_cpudef.vendor, ebx, edx, ecx);
 
 host_vendor_fms(vendor, &family, &model, &stepping);
 
@@ -1660,12 +1671,21 @@ static void max_x86_cpu_initfn(Object *obj)
 object_property_set_str(OBJECT(cpu), model_id, "model-id",
 &error_abort);
 
-env->cpuid_min_level =
-kvm_arch_get_supported_cpuid(s, 0x0, 0, R_EAX);
-env->cpuid_min_xlevel =
-kvm_arch_get_supported_cpuid(s, 0x8000, 0, R_EAX);
-env->cpuid_min_xlevel2 =
-kvm_arch_get_supported_cpuid(s, 0xC000, 0, R_EAX);
+if (kvm_enabled()) {
+env->cpuid_min_level =
+kvm_arch_get_supported_cpuid(s, 0x0, 0, R_EAX);
+env->cpuid_min_xlevel =
+kvm_arch_get_supported_cpuid(s, 0x8000, 0, R_EAX);
+env->cpuid_min_xlevel2 =
+kvm_arch_get_supported_cpuid(s, 0xC000, 0, R_EAX);
+} else {
+env->cpuid_min_level =
+hvf_get_supported_cpuid(0x0, 0, R_EAX);
+env->cpuid_min_xlevel =
+hvf_get_supported_cpuid(0x8000, 0, R_EAX);
+env->cpuid_min_xlevel2 =
+hvf_get_supported_cpuid(0xC000, 0, R_EAX);
+}
 
 if (lmce_supported()) {
 object_property_set_bool(OBJECT(cpu), true, "lmce", &error_abort);
@@ -1691,18 +1711,21 @@ static const TypeInfo max_x86_cpu_type_info = {
 .class_init = max_x86_cpu_class_init,
 };
 
-#ifdef CONFIG_KVM
-
+#if defined(CONFIG_KVM) || defined(CONFIG_HVF)
 static void host_x86_cpu_class_init(ObjectClass *oc, void *data)
 {
 X86CPUClass *xcc = X86_CPU_CLASS(oc);
 
-xcc->kvm_required = true;
+xcc->host_cpuid_required = true;
 xcc->ordering = 8;
 
-xcc->model_description =
-"KVM processor with all supported host features "
-"(only available in KVM mode)";
+if (kvm_enabled()) {
+xcc->model_description =
+"KVM processor with all supported host features ";
+} else if (hvf_enabled()) {
+xcc->model_description =
+"HVF processor with all supported host features ";
+}
 }
 
 static const TypeInfo host_x86_cpu_type_info = {
@@ -1724,7 +1747,7 @@ static void report_unavailable_features(FeatureWord w, 
uint32_t mask)
 assert(reg);
 fprintf(stderr, "warning: %s doesn't support requested feature: "
 "CPUID.%02XH:%s%s%s [bit %d]\n",
-kvm_enabled() ? "host" : "TCG",
+accel_uses_host_cpuid() ? "host" : "TCG",
 f->cpuid_eax, reg,
 f->feat_names[i] ? "." : "",
 f->feat_names[i] ? f->feat_n

Re: [Qemu-devel] [PATCH v3 00/14] add support for Hypervisor.framework in QEMU

[Sergio Andrés Gómez del Real]

This patchset didn't address every issue, so it won't be the definite
version.
Hopefully however the licensing issue will get fixed with this version.

On Mon, Sep 4, 2017 at 10:54 PM, Sergio Andres Gomez Del Real <
sergio.g.delr...@gmail.com> wrote:

> 
> Changes in v3:
>  (1) Fixed licensing issues in patch 3.
>  (2) Revert to late adding of compilation rules in Makefile.objs (patch
> 8/14);
>  files aren't ready to compile earlier.
>  (3) Make a single patch just for fixing style (patch 4/14).
>  (4) Fix data type for hvf_fd field.
>  (5) Add comment that return value of -1 in apic function added in 7/14
> means
>  "no interrupt".
> 
>
> 
> Changes in v2:
>  (1) Removed legacy option "-enable-hvf" in favor of "-M accel=hvf"
>  (2) Added missing copyright headers; replace fprintfs for error_report;
>  improved commit description.
>  (3) Moved patch that adds compilation rules in Makefile.objs right after
>  the patch that adds the new files from Google's repo.
>  (4) Removed conditional macros from cpus.c and cpu.c
>  (5) Moved patch that fixes coding style to patch # 3
>  (6) Fix commit message in apic patch
>  (7) Squash some commits to avoid code churn
> 
>
> The following patchset adds to QEMU the supporting for macOS's native
> hypervisor, Hypervisor.framework (hvf). The code base is taken from
> Google's Android emulator at
> https://android.googlesource.com/platform/external/qemu/+/emu-master-dev.
>
> Apart from general code refactoring, some additional features were
> implemented:
> retrieve the set of features supported by host cpu and hvf (cpuid);
> dirty page tracking for VGA memory area; reimplementation of the event
> injection mechanism to allow injection of exceptions during vmexits, which
> is
> exemplified by the injection of a GP fault when the guest vmexits due to
> execution of the vmcall instruction; changing the emulator's use of
> CPUState
> structure in favor of CPUX86State, so as to in the future remove data
> structures
> that are uselessly specific to hvf and unified some of the state between
> kvm/tcg
> and hvf.
> Some features initially planned to implement that didn't make it include:
> page fault handling in the emulator and implementing the dummy_signal to
> handle
> the SIG_IPI signal without race conditions. Hopefully these can be
> implemented
> in the near future.
>
> Sergio Andres Gomez Del Real (14):
>   hvf: add support for Hypervisor.framework in the configure script
>   hvf: add code base from Google's QEMU repository
>   hvf: fix licensing issues; isolate task handling code (GPL v2-only)
>   hvf: run hvf code through checkpatch.pl and fix style issues
>   hvf: add code to cpus.c and do refactoring in preparation for
> compiling
>   hvf: handle fields from CPUState and CPUX86State
>   apic: add function to apic that will be used by hvf
>   hvf: add compilation rules to Makefile.objs
>   hvf: use new helper functions for put/get xsave
>   hvf: implement hvf_get_supported_cpuid
>   hvf: refactor cpuid code
>   hvf: implement vga dirty page tracking
>   hvf: refactor event injection code for hvf
>   hvf: inject General Protection Fault when vmexit through vmcall
>
>  configure   |   38 +
>  cpus.c  |   86 ++
>  hw/intc/apic.c  |   12 +
>  include/hw/i386/apic.h  |1 +
>  include/qom/cpu.h   |2 +
>  include/sysemu/hvf.h|  107 ++
>  qemu-options.hx |   10 +-
>  target/i386/Makefile.objs   |1 +
>  target/i386/cpu-qom.h   |4 +-
>  target/i386/cpu.c   |   79 +-
>  target/i386/cpu.h   |   38 +-
>  target/i386/hvf-all.c   |  963 +++
>  target/i386/hvf-i386.h  |   48 +
>  target/i386/hvf-utils/Makefile.objs |1 +
>  target/i386/hvf-utils/README.md |7 +
>  target/i386/hvf-utils/vmcs.h|  371 ++
>  target/i386/hvf-utils/vmx.h |  222 
>  target/i386/hvf-utils/x86.c |  184 +++
>  target/i386/hvf-utils/x86.h |  476 
>  target/i386/hvf-utils/x86_cpuid.c   |  417 +++
>  target/i386/hvf-utils/x86_cpuid.h   |   52 +
>  target/i386/hvf-utils/x86_decode.c  | 2186 ++
> +
>  target/i386/hvf-utils/x86_decode.h  |  325 ++
>  target/i386/hvf-utils/x86_descr.c   |  124 ++
>  target/i386/hvf-utils/x86_descr.h   |   55 +
>  target/i386/hvf-utils/x86_emu.c | 1536 
>  target/i386/hvf-utils/x86_emu.h |   49 +
>  target/i386/hvf-utils/x86_flags.c   |  333 ++
>  target/i386/hvf-utils/x86_flags.h   |  243 
>  target/i386/hvf-utils/x86_gen.h |   53 +
>  target/i386/hvf-utils/x86_mmu.c |  273 +
>  target/i386/hvf-utils/x86_mmu.h |   45 +
>  target/i386/hvf-utils/x86_task.c|  201 
>  target/i386/hvf-utils/x86_task.h|   18 

[Qemu-devel] [PATCH v3 13/14] hvf: refactor event injection code for hvf

[Sergio Andres Gomez Del Real]

This commit refactors the event-injection code for hvf through using the
appropriate fields already provided by CPUX86State. At vmexit, it fills
these fields so that hvf_inject_interrupts can just retrieve them without
calling into hvf.

Signed-off-by: Sergio Andres Gomez Del Real 
---
 target/i386/cpu.c  |  3 ++
 target/i386/hvf-all.c  | 57 
 target/i386/hvf-utils/vmcs.h   |  3 ++
 target/i386/hvf-utils/vmx.h|  8 ++
 target/i386/hvf-utils/x86hvf.c | 65 --
 target/i386/kvm.c  |  2 --
 6 files changed, 97 insertions(+), 41 deletions(-)

diff --git a/target/i386/cpu.c b/target/i386/cpu.c
index c6ffd0c928..3b6a42aaa4 100644
--- a/target/i386/cpu.c
+++ b/target/i386/cpu.c
@@ -3247,6 +3247,9 @@ static void x86_cpu_reset(CPUState *s)
 memset(env->mtrr_var, 0, sizeof(env->mtrr_var));
 memset(env->mtrr_fixed, 0, sizeof(env->mtrr_fixed));
 
+env->interrupt_injected = -1;
+env->exception_injected = -1;
+env->nmi_injected = false;
 #if !defined(CONFIG_USER_ONLY)
 /* We hard-wire the BSP to the first CPU. */
 apic_designate_bsp(cpu->apic_state, s->cpu_index == 0);
diff --git a/target/i386/hvf-all.c b/target/i386/hvf-all.c
index 5644fa8ae0..8fc6a0b5d1 100644
--- a/target/i386/hvf-all.c
+++ b/target/i386/hvf-all.c
@@ -589,6 +589,55 @@ void hvf_disable(int shouldDisable)
 hvf_disabled = shouldDisable;
 }
 
+static void hvf_store_events(CPUState *cpu, uint32_t ins_len, uint64_t 
idtvec_info)
+{
+X86CPU *x86_cpu = X86_CPU(cpu);
+CPUX86State *env = &x86_cpu->env;
+
+env->exception_injected = -1;
+env->interrupt_injected = -1;
+env->nmi_injected = false;
+if (idtvec_info & VMCS_IDT_VEC_VALID) {
+switch (idtvec_info & VMCS_IDT_VEC_TYPE) {
+case VMCS_IDT_VEC_HWINTR:
+case VMCS_IDT_VEC_SWINTR:
+env->interrupt_injected = idtvec_info & VMCS_IDT_VEC_VECNUM;
+break;
+case VMCS_IDT_VEC_NMI:
+env->nmi_injected = true;
+break;
+case VMCS_IDT_VEC_HWEXCEPTION:
+case VMCS_IDT_VEC_SWEXCEPTION:
+env->exception_injected = idtvec_info & VMCS_IDT_VEC_VECNUM;
+break;
+case VMCS_IDT_VEC_PRIV_SWEXCEPTION:
+default:
+abort();
+}
+if ((idtvec_info & VMCS_IDT_VEC_TYPE) == VMCS_IDT_VEC_SWEXCEPTION ||
+(idtvec_info & VMCS_IDT_VEC_TYPE) == VMCS_IDT_VEC_SWINTR) {
+env->ins_len = ins_len;
+}
+if (idtvec_info & VMCS_INTR_DEL_ERRCODE) {
+env->has_error_code = true;
+env->error_code = rvmcs(cpu->hvf_fd, VMCS_IDT_VECTORING_ERROR);
+}
+}
+if ((rvmcs(cpu->hvf_fd, VMCS_GUEST_INTERRUPTIBILITY) &
+VMCS_INTERRUPTIBILITY_NMI_BLOCKING)) {
+env->hflags2 |= HF2_NMI_MASK;
+} else {
+env->hflags2 &= ~HF2_NMI_MASK;
+}
+if (rvmcs(cpu->hvf_fd, VMCS_GUEST_INTERRUPTIBILITY) &
+ (VMCS_INTERRUPTIBILITY_STI_BLOCKING |
+ VMCS_INTERRUPTIBILITY_MOVSS_BLOCKING)) {
+env->hflags |= HF_INHIBIT_IRQ_MASK;
+} else {
+env->hflags &= ~HF_INHIBIT_IRQ_MASK;
+}
+}
+
 int hvf_vcpu_exec(CPUState *cpu)
 {
 X86CPU *x86_cpu = X86_CPU(cpu);
@@ -608,11 +657,6 @@ int hvf_vcpu_exec(CPUState *cpu)
 cpu->vcpu_dirty = false;
 }
 
-env->hvf_emul->interruptable =
-!(rvmcs(cpu->hvf_fd, VMCS_GUEST_INTERRUPTIBILITY) &
- (VMCS_INTERRUPTIBILITY_STI_BLOCKING |
- VMCS_INTERRUPTIBILITY_MOVSS_BLOCKING));
-
 hvf_inject_interrupts(cpu);
 vmx_update_tpr(cpu);
 
@@ -631,7 +675,10 @@ int hvf_vcpu_exec(CPUState *cpu)
 uint64_t exit_qual = rvmcs(cpu->hvf_fd, VMCS_EXIT_QUALIFICATION);
 uint32_t ins_len = (uint32_t)rvmcs(cpu->hvf_fd,
VMCS_EXIT_INSTRUCTION_LENGTH);
+
 uint64_t idtvec_info = rvmcs(cpu->hvf_fd, VMCS_IDT_VECTORING_INFO);
+
+hvf_store_events(cpu, ins_len, idtvec_info);
 rip = rreg(cpu->hvf_fd, HV_X86_RIP);
 RFLAGS(env) = rreg(cpu->hvf_fd, HV_X86_RFLAGS);
 env->eflags = RFLAGS(env);
diff --git a/target/i386/hvf-utils/vmcs.h b/target/i386/hvf-utils/vmcs.h
index c410dcfaaa..0fae73dce5 100644
--- a/target/i386/hvf-utils/vmcs.h
+++ b/target/i386/hvf-utils/vmcs.h
@@ -299,6 +299,7 @@
 /*
  * VMCS IDT-Vectoring information fields
  */
+#define VMCS_IDT_VEC_VECNUM 0xFF
 #define VMCS_IDT_VEC_VALID (1U << 31)
 #define VMCS_IDT_VEC_TYPE 0x700
 #define VMCS_IDT_VEC_ERRCODE_VALID (1U << 11)
@@ -306,6 +307,8 @@
 #define VMCS_IDT_VEC_NMI (2 << 8)
 #define VMCS_IDT_VEC_HWEXCEPTION (3 << 8)
 #define VMCS_IDT_VEC_SWINTR (4 << 8)
+#define VMCS_IDT_VEC_PRIV_SWEXCEPTION (5 << 8)
+#define VMCS_IDT_VEC_SWEXCEPTION (6 << 8)
 
 /*
  * VMCS Guest interruptibility field
diff --git a/target/i386/hvf-utils/vmx.h b/target/i386/hvf-utils/vmx.h
index 44a5c6d554..102075d0d4 100644

[Qemu-devel] [PATCH v3 12/14] hvf: implement vga dirty page tracking

[Sergio Andres Gomez Del Real]

This commit implements setting the tracking of dirty pages, using hvf's
interface to protect guest memory. It uses the MemoryListener callback
mechanism through .log_start/stop/sync

Signed-off-by: Sergio Andres Gomez Del Real 
---
 include/sysemu/hvf.h  |  5 
 target/i386/hvf-all.c | 74 ++-
 2 files changed, 72 insertions(+), 7 deletions(-)

diff --git a/include/sysemu/hvf.h b/include/sysemu/hvf.h
index 944b014596..43b02be63c 100644
--- a/include/sysemu/hvf.h
+++ b/include/sysemu/hvf.h
@@ -34,11 +34,16 @@ uint32_t hvf_get_supported_cpuid(uint32_t func, uint32_t 
idx,
 #define hvf_get_supported_cpuid(func, idx, reg) 0
 #endif
 
+/* hvf_slot flags */
+#define HVF_SLOT_LOG (1 << 0)
+
 typedef struct hvf_slot {
 uint64_t start;
 uint64_t size;
 uint8_t *mem;
 int slot_id;
+uint32_t flags;
+MemoryRegion *region;
 } hvf_slot;
 
 struct hvf_vcpu_caps {
diff --git a/target/i386/hvf-all.c b/target/i386/hvf-all.c
index be68c71ea0..5644fa8ae0 100644
--- a/target/i386/hvf-all.c
+++ b/target/i386/hvf-all.c
@@ -195,6 +195,7 @@ void hvf_set_phys_mem(MemoryRegionSection *section, bool 
add)
 mem->size = int128_get64(section->size);
 mem->mem = memory_region_get_ram_ptr(area) + section->offset_within_region;
 mem->start = section->offset_within_address_space;
+mem->region = area;
 
 if (do_hvf_set_memory(mem)) {
 error_report("Error registering new memory slot\n");
@@ -291,8 +292,7 @@ void hvf_cpu_synchronize_post_init(CPUState *cpu_state)
 run_on_cpu(cpu_state, _hvf_cpu_synchronize_post_init, RUN_ON_CPU_NULL);
 }
 
-/* TODO: ept fault handlig */
-static bool ept_emulation_fault(uint64_t ept_qual)
+static bool ept_emulation_fault(hvf_slot *slot, addr_t gpa, uint64_t ept_qual)
 {
 int read, write;
 
@@ -308,6 +308,14 @@ static bool ept_emulation_fault(uint64_t ept_qual)
 return false;
 }
 
+if (write && slot) {
+if (slot->flags & HVF_SLOT_LOG) {
+memory_region_set_dirty(slot->region, gpa - slot->start, 1);
+hv_vm_protect((hv_gpaddr_t)slot->start, (size_t)slot->size,
+  HV_MEMORY_READ | HV_MEMORY_WRITE);
+}
+}
+
 /*
  * The EPT violation must have been caused by accessing a
  * guest-physical address that is a translation of a guest-linear
@@ -318,7 +326,59 @@ static bool ept_emulation_fault(uint64_t ept_qual)
 return false;
 }
 
-return true;
+return !slot;
+}
+
+static void hvf_set_dirty_tracking(MemoryRegionSection *section, bool on)
+{
+struct mac_slot *macslot;
+hvf_slot *slot;
+
+slot = hvf_find_overlap_slot(
+section->offset_within_address_space,
+section->offset_within_address_space + 
int128_get64(section->size));
+
+/* protect region against writes; begin tracking it */
+if (on) {
+slot->flags |= HVF_SLOT_LOG;
+hv_vm_protect((hv_gpaddr_t)slot->start, (size_t)slot->size,
+  HV_MEMORY_READ);
+/* stop tracking region*/
+} else {
+slot->flags &= ~HVF_SLOT_LOG;
+hv_vm_protect((hv_gpaddr_t)slot->start, (size_t)slot->size,
+  HV_MEMORY_READ | HV_MEMORY_WRITE);
+}
+}
+
+static void hvf_log_start(MemoryListener *listener,
+  MemoryRegionSection *section, int old, int new)
+{
+if (old != 0) {
+return;
+}
+
+hvf_set_dirty_tracking(section, 1);
+}
+
+static void hvf_log_stop(MemoryListener *listener,
+ MemoryRegionSection *section, int old, int new)
+{
+if (new != 0) {
+return;
+}
+
+hvf_set_dirty_tracking(section, 0);
+}
+
+static void hvf_log_sync(MemoryListener *listener,
+ MemoryRegionSection *section)
+{
+/*
+ * sync of dirty pages is handled elsewhere; just make sure we keep
+ * tracking the region.
+ */
+hvf_set_dirty_tracking(section, 1);
 }
 
 static void hvf_region_add(MemoryListener *listener,
@@ -337,6 +397,9 @@ static MemoryListener hvf_memory_listener = {
 .priority = 10,
 .region_add = hvf_region_add,
 .region_del = hvf_region_del,
+.log_start = hvf_log_start,
+.log_stop = hvf_log_stop,
+.log_sync = hvf_log_sync,
 };
 
 void vmx_reset_vcpu(CPUState *cpu) {
@@ -609,7 +672,7 @@ int hvf_vcpu_exec(CPUState *cpu)
 
 slot = hvf_find_overlap_slot(gpa, gpa);
 /* mmio */
-if (ept_emulation_fault(exit_qual) && !slot) {
+if (ept_emulation_fault(slot, gpa, exit_qual)) {
 struct x86_decode decode;
 
 load_regs(cpu);
@@ -620,9 +683,6 @@ int hvf_vcpu_exec(CPUState *cpu)
 store_regs(cpu);
 break;
 }
-#ifdef DIRTY_VGA_TRACKING
-/* TODO: handle dirty page tracking */
-#endif
 break;
 }
 case EXIT_REASON_INOUT:
-- 
2.14.1

[Qemu-devel] [PATCH v3 09/14] hvf: use new helper functions for put/get xsave

[Sergio Andres Gomez Del Real]

This commit makes use of the helper functions for handling xsave in
xsave_helper.c, which are shared with kvm.

Signed-off-by: Sergio Andres Gomez Del Real 
---
 target/i386/hvf-utils/x86hvf.c | 63 ++
 1 file changed, 8 insertions(+), 55 deletions(-)

diff --git a/target/i386/hvf-utils/x86hvf.c b/target/i386/hvf-utils/x86hvf.c
index 1e687f4f89..dd0710d056 100644
--- a/target/i386/hvf-utils/x86hvf.c
+++ b/target/i386/hvf-utils/x86hvf.c
@@ -76,36 +76,13 @@ void hvf_get_segment(SegmentCache *qseg, struct vmx_segment 
*vmx_seg)
 void hvf_put_xsave(CPUState *cpu_state)
 {
 
-int x;
 struct hvf_xsave_buf *xsave;
-
+
 xsave = X86_CPU(cpu_state)->env.kvm_xsave_buf;
-memset(xsave, 0, sizeof(*xsave)); 
-
-memcpy(&xsave->data[4], &X86_CPU(cpu_state)->env.fpdp, 
sizeof(X86_CPU(cpu_state)->env.fpdp));
-memcpy(&xsave->data[2], &X86_CPU(cpu_state)->env.fpip, 
sizeof(X86_CPU(cpu_state)->env.fpip));
-memcpy(&xsave->data[8], &X86_CPU(cpu_state)->env.fpregs, 
sizeof(X86_CPU(cpu_state)->env.fpregs));
-memcpy(&xsave->data[144], &X86_CPU(cpu_state)->env.ymmh_regs, 
sizeof(X86_CPU(cpu_state)->env.ymmh_regs));
-memcpy(&xsave->data[288], &X86_CPU(cpu_state)->env.zmmh_regs, 
sizeof(X86_CPU(cpu_state)->env.zmmh_regs));
-memcpy(&xsave->data[272], &X86_CPU(cpu_state)->env.opmask_regs, 
sizeof(X86_CPU(cpu_state)->env.opmask_regs));
-memcpy(&xsave->data[240], &X86_CPU(cpu_state)->env.bnd_regs, 
sizeof(X86_CPU(cpu_state)->env.bnd_regs));
-memcpy(&xsave->data[256], &X86_CPU(cpu_state)->env.bndcs_regs, 
sizeof(X86_CPU(cpu_state)->env.bndcs_regs));
-memcpy(&xsave->data[416], &X86_CPU(cpu_state)->env.hi16_zmm_regs, 
sizeof(X86_CPU(cpu_state)->env.hi16_zmm_regs));
-
-xsave->data[0] = (uint16_t)X86_CPU(cpu_state)->env.fpuc;
-xsave->data[0] |= (X86_CPU(cpu_state)->env.fpus << 16);
-xsave->data[0] |= (X86_CPU(cpu_state)->env.fpstt & 7) << 11;
-
-for (x = 0; x < 8; ++x)
-xsave->data[1] |= ((!X86_CPU(cpu_state)->env.fptags[x]) << x);
-xsave->data[1] |= (uint32_t)(X86_CPU(cpu_state)->env.fpop << 16);
-
-memcpy(&xsave->data[40], &X86_CPU(cpu_state)->env.xmm_regs, 
sizeof(X86_CPU(cpu_state)->env.xmm_regs));
-
-xsave->data[6] = X86_CPU(cpu_state)->env.mxcsr;
-*(uint64_t *)&xsave->data[128] = X86_CPU(cpu_state)->env.xstate_bv;
-
-if (hv_vcpu_write_fpstate(cpu_state->hvf_fd, xsave->data, 4096)){
+
+x86_cpu_xsave_all_areas(X86_CPU(cpu_state), xsave);
+
+if (hv_vcpu_write_fpstate(cpu_state->hvf_fd, xsave->data, 4096)) {
 abort();
 }
 }
@@ -187,39 +164,15 @@ void hvf_put_msrs(CPUState *cpu_state)
 
 void hvf_get_xsave(CPUState *cpu_state)
 {
-int x;
 struct hvf_xsave_buf *xsave;
-
+
 xsave = X86_CPU(cpu_state)->env.kvm_xsave_buf;
-
+
 if (hv_vcpu_read_fpstate(cpu_state->hvf_fd, xsave->data, 4096)) {
 abort();
 }
 
-memcpy(&X86_CPU(cpu_state)->env.fpdp, &xsave->data[4], 
sizeof(X86_CPU(cpu_state)->env.fpdp));
-memcpy(&X86_CPU(cpu_state)->env.fpip, &xsave->data[2], 
sizeof(X86_CPU(cpu_state)->env.fpip));
-memcpy(&X86_CPU(cpu_state)->env.fpregs, &xsave->data[8], 
sizeof(X86_CPU(cpu_state)->env.fpregs));
-memcpy(&X86_CPU(cpu_state)->env.ymmh_regs, &xsave->data[144], 
sizeof(X86_CPU(cpu_state)->env.ymmh_regs));
-memcpy(&X86_CPU(cpu_state)->env.zmmh_regs, &xsave->data[288], 
sizeof(X86_CPU(cpu_state)->env.zmmh_regs));
-memcpy(&X86_CPU(cpu_state)->env.opmask_regs, &xsave->data[272], 
sizeof(X86_CPU(cpu_state)->env.opmask_regs));
-memcpy(&X86_CPU(cpu_state)->env.bnd_regs, &xsave->data[240], 
sizeof(X86_CPU(cpu_state)->env.bnd_regs));
-memcpy(&X86_CPU(cpu_state)->env.bndcs_regs, &xsave->data[256], 
sizeof(X86_CPU(cpu_state)->env.bndcs_regs));
-memcpy(&X86_CPU(cpu_state)->env.hi16_zmm_regs, &xsave->data[416], 
sizeof(X86_CPU(cpu_state)->env.hi16_zmm_regs));
-
-
-X86_CPU(cpu_state)->env.fpuc = (uint16_t)xsave->data[0];
-X86_CPU(cpu_state)->env.fpus = (uint16_t)(xsave->data[0] >> 16);
-X86_CPU(cpu_state)->env.fpstt = (X86_CPU(cpu_state)->env.fpus >> 11) & 7;
-X86_CPU(cpu_state)->env.fpop = (uint16_t)(xsave->data[1] >> 16);
-
-for (x = 0; x < 8; ++x)
-   X86_CPU(cpu_state)->env.fptags[x] =
-uint16_t)xsave->data[1] >> x) & 1) == 0);
-
-memcpy(&X86_CPU(cpu_state)->env.xmm_regs, &xsave->data[40], 
sizeof(X86_CPU(cpu_state)->env.xmm_regs));
-
-X86_CPU(cpu_state)->env.mxcsr = xsave->data[6];
-X86_CPU(cpu_state)->env.xstate_bv = *(uint64_t *)&xsave->data[128];
+x86_cpu_xrstor_all_areas(X86_CPU(cpu_state), xsave);
 }
 
 void hvf_get_segments(CPUState *cpu_state)
-- 
2.14.1

[Qemu-devel] [PATCH v3 03/14] hvf: fix licensing issues; isolate task handling code (GPL v2-only)

[Sergio Andres Gomez Del Real]

This patch replaces the license header for those files that were either
GPL v2-or-v3, or GPL v2-only; the replacing license is GPL v2-or-later.
The code for task switching/handling, which is derived from KVM and
hence is GPL v2-only, is isolated in the new files (with this license)
x86_task.c/.h

Signed-off-by: Sergio Andres Gomez Del Real 
---
 target/i386/hvf-all.c   | 173 +++
 target/i386/hvf-utils/Makefile.objs |   2 +-
 target/i386/hvf-utils/vmx.h |  14 +--
 target/i386/hvf-utils/x86.c |  14 +--
 target/i386/hvf-utils/x86.h |  14 +--
 target/i386/hvf-utils/x86_cpuid.c   |   6 +-
 target/i386/hvf-utils/x86_cpuid.h   |  14 +--
 target/i386/hvf-utils/x86_decode.c  |  14 +--
 target/i386/hvf-utils/x86_decode.h  |  14 +--
 target/i386/hvf-utils/x86_descr.c   |  14 +--
 target/i386/hvf-utils/x86_descr.h   |  14 +--
 target/i386/hvf-utils/x86_emu.c |  14 +--
 target/i386/hvf-utils/x86_emu.h |  14 +--
 target/i386/hvf-utils/x86_gen.h |  14 +--
 target/i386/hvf-utils/x86_mmu.c |  14 +--
 target/i386/hvf-utils/x86_mmu.h |  14 +--
 target/i386/hvf-utils/x86_task.c| 201 
 target/i386/hvf-utils/x86_task.h|  18 
 target/i386/hvf-utils/x86hvf.c  |  14 +--
 target/i386/hvf-utils/x86hvf.h  |  14 +--
 20 files changed, 340 insertions(+), 270 deletions(-)
 create mode 100644 target/i386/hvf-utils/x86_task.c
 create mode 100644 target/i386/hvf-utils/x86_task.h

diff --git a/target/i386/hvf-all.c b/target/i386/hvf-all.c
index d5e18faa68..270ec56b8d 100644
--- a/target/i386/hvf-all.c
+++ b/target/i386/hvf-all.c
@@ -5,15 +5,19 @@
 // Copyright 2017 The Android Open Source Project
 // 
 // QEMU Hypervisor.framework support
-// 
-// This software is licensed under the terms of the GNU General Public
-// License version 2, as published by the Free Software Foundation, and
-// may be copied, distributed, and modified under those terms.
-// 
+//
+// This program is free software; you can redistribute it and/or
+// modify it under the terms of the GNU Lesser General Public
+// License as published by the Free Software Foundation; either
+// version 2 of the License, or (at your option) any later version.
+//
 // This program is distributed in the hope that it will be useful,
 // but WITHOUT ANY WARRANTY; without even the implied warranty of
-// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
-// GNU General Public License for more details.
+// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+// Lesser General Public License for more details.
+//
+// You should have received a copy of the GNU Lesser General Public
+// License along with this program; if not, see .
 #include "qemu/osdep.h"
 #include "qemu-common.h"
 #include "qemu/error-report.h"
@@ -28,6 +32,7 @@
 #include "hvf-utils/x86_decode.h"
 #include "hvf-utils/x86_emu.h"
 #include "hvf-utils/x86_cpuid.h"
+#include "hvf-utils/x86_task.h"
 #include "hvf-utils/x86hvf.h"
 
 #include 
@@ -224,160 +229,6 @@ void update_apic_tpr(CPUState *cpu)
 
 #define VECTORING_INFO_VECTOR_MASK 0xff
 
-// TODO: taskswitch handling
-static void save_state_to_tss32(CPUState *cpu, struct x86_tss_segment32 *tss)
-{
-/* CR3 and ldt selector are not saved intentionally */
-tss->eip = EIP(cpu);
-tss->eflags = EFLAGS(cpu);
-tss->eax = EAX(cpu);
-tss->ecx = ECX(cpu);
-tss->edx = EDX(cpu);
-tss->ebx = EBX(cpu);
-tss->esp = ESP(cpu);
-tss->ebp = EBP(cpu);
-tss->esi = ESI(cpu);
-tss->edi = EDI(cpu);
-
-tss->es = vmx_read_segment_selector(cpu, REG_SEG_ES).sel;
-tss->cs = vmx_read_segment_selector(cpu, REG_SEG_CS).sel;
-tss->ss = vmx_read_segment_selector(cpu, REG_SEG_SS).sel;
-tss->ds = vmx_read_segment_selector(cpu, REG_SEG_DS).sel;
-tss->fs = vmx_read_segment_selector(cpu, REG_SEG_FS).sel;
-tss->gs = vmx_read_segment_selector(cpu, REG_SEG_GS).sel;
-}
-
-static void load_state_from_tss32(CPUState *cpu, struct x86_tss_segment32 *tss)
-{
-wvmcs(cpu->hvf_fd, VMCS_GUEST_CR3, tss->cr3);
-
-RIP(cpu) = tss->eip;
-EFLAGS(cpu) = tss->eflags | 2;
-
-/* General purpose registers */
-RAX(cpu) = tss->eax;
-RCX(cpu) = tss->ecx;
-RDX(cpu) = tss->edx;
-RBX(cpu) = tss->ebx;
-RSP(cpu) = tss->esp;
-RBP(cpu) = tss->ebp;
-RSI(cpu) = tss->esi;
-RDI(cpu) = tss->edi;
-
-vmx_write_segment_selector(cpu, (x68_segment_selector){{tss->ldt}}, 
REG_SEG_LDTR);
-vmx_write_segment_selector(cpu, (x68_segment_selector){{tss->es}}, 
REG_SEG_ES);
-vmx_write_segment_selector(cpu, (x68_segment_selector){{tss->cs}}, 
REG_SEG_CS);
-vmx_write_segment_selector(cpu, (x68_segment_selector){{tss->ss}}, 
REG_SEG_SS);
-vmx_write_segment_selector(cpu, (x68_segment_selector){{tss->ds}}, 
REG_SEG_DS);
-vmx_write_segment_selector(cpu, (x68_segment_selector){{tss->fs}}, 
REG_SEG_FS);
-vmx_write_segment_selector(cpu

[Qemu-devel] [PATCH v3 07/14] apic: add function to apic that will be used by hvf

[Sergio Andres Gomez Del Real]

This commit adds the function apic_get_highest_priority_irr to
apic.c and exports it through the interface in apic.h for use by hvf.

Signed-off-by: Sergio Andres Gomez Del Real 
---
 hw/intc/apic.c | 12 
 include/hw/i386/apic.h |  1 +
 2 files changed, 13 insertions(+)

diff --git a/hw/intc/apic.c b/hw/intc/apic.c
index fe15fb6024..6fda52b86c 100644
--- a/hw/intc/apic.c
+++ b/hw/intc/apic.c
@@ -305,6 +305,18 @@ static void apic_set_tpr(APICCommonState *s, uint8_t val)
 }
 }
 
+int apic_get_highest_priority_irr(DeviceState *dev)
+{
+APICCommonState *s;
+
+if (!dev) {
+/* no interrupts */
+return -1;
+}
+s = APIC_COMMON(dev);
+return get_highest_priority_int(s->irr);
+}
+
 static uint8_t apic_get_tpr(APICCommonState *s)
 {
 apic_sync_vapic(s, SYNC_FROM_VAPIC);
diff --git a/include/hw/i386/apic.h b/include/hw/i386/apic.h
index ea48ea9389..a9f6c0aa33 100644
--- a/include/hw/i386/apic.h
+++ b/include/hw/i386/apic.h
@@ -20,6 +20,7 @@ void apic_init_reset(DeviceState *s);
 void apic_sipi(DeviceState *s);
 void apic_poll_irq(DeviceState *d);
 void apic_designate_bsp(DeviceState *d, bool bsp);
+int apic_get_highest_priority_irr(DeviceState *dev);
 
 /* pc.c */
 DeviceState *cpu_get_current_apic(void);
-- 
2.14.1

[Qemu-devel] [PATCH v3 08/14] hvf: add compilation rules to Makefile.objs

[Sergio Andres Gomez Del Real]

This commit adds to target/i386/Makefile.objs the necessary rules so
that the new files for hvf are compiled by the build system.
It also adds handling of the -enable-hvf argument in the main function
in vl.c.

Signed-off-by: Sergio Andres Gomez Del Real 
---
 target/i386/Makefile.objs | 1 +
 1 file changed, 1 insertion(+)

diff --git a/target/i386/Makefile.objs b/target/i386/Makefile.objs
index 6a26e9d9f0..0bef89c099 100644
--- a/target/i386/Makefile.objs
+++ b/target/i386/Makefile.objs
@@ -12,4 +12,5 @@ obj-$(CONFIG_HAX) += hax-all.o hax-mem.o hax-windows.o
 endif
 ifdef CONFIG_DARWIN
 obj-$(CONFIG_HAX) += hax-all.o hax-mem.o hax-darwin.o
+obj-$(CONFIG_HVF) += hvf-utils/ hvf-all.o
 endif
-- 
2.14.1

[Qemu-devel] [PATCH v3 01/14] hvf: add support for Hypervisor.framework in the configure script

[Sergio Andres Gomez Del Real]

This patch adds to the configure script the code to support the
--enable-hvf argument. If the OS is Darwin, it checks for presence of
HVF in the system. The patch also adds strings related to HVF in the
file qemu-options.hx.
QEMU will only support the modern syntax style '-M accel=hvf' no enable
hvf; the legacy '-enable-hvf' will not be supported.

Signed-off-by: Sergio Andres Gomez Del Real 
---
 configure   | 38 ++
 qemu-options.hx | 10 +-
 2 files changed, 43 insertions(+), 5 deletions(-)

diff --git a/configure b/configure
index dd73cce62f..5d9152b80a 100755
--- a/configure
+++ b/configure
@@ -211,6 +211,17 @@ supported_xen_target() {
 return 1
 }
 
+supported_hvf_target() {
+test "$hvf" = "yes" || return 1
+glob "$1" "*-softmmu" || return 1
+case "${1%-softmmu}" in
+x86_64)
+return 0
+;;
+esac
+return 1
+}
+
 supported_target() {
 case "$1" in
 *-softmmu)
@@ -236,6 +247,7 @@ supported_target() {
 supported_kvm_target "$1" && return 0
 supported_xen_target "$1" && return 0
 supported_hax_target "$1" && return 0
+supported_hvf_target "$1" && return 0
 print_error "TCG disabled, but hardware accelerator not available for 
'$target'"
 return 1
 }
@@ -309,6 +321,7 @@ vhost_vsock="no"
 vhost_user=""
 kvm="no"
 hax="no"
+hvf="no"
 rdma=""
 gprof="no"
 debug_tcg="no"
@@ -727,6 +740,7 @@ Darwin)
   bsd="yes"
   darwin="yes"
   hax="yes"
+  hvf="yes"
   LDFLAGS_SHARED="-bundle -undefined dynamic_lookup"
   if [ "$cpu" = "x86_64" ] ; then
 QEMU_CFLAGS="-arch x86_64 $QEMU_CFLAGS"
@@ -1027,6 +1041,10 @@ for opt do
   ;;
   --enable-hax) hax="yes"
   ;;
+  --disable-hvf) hvf="no"
+  ;;
+  --enable-hvf) hvf="yes"
+  ;;
   --disable-tcg-interpreter) tcg_interpreter="no"
   ;;
   --enable-tcg-interpreter) tcg_interpreter="yes"
@@ -1499,6 +1517,7 @@ disabled with --disable-FEATURE, default is enabled if 
available:
   bluez   bluez stack connectivity
   kvm KVM acceleration support
   hax HAX acceleration support
+  hvf Hypervisor.framework acceleration support
   rdmaRDMA-based migration support
   vde support for vde network
   netmap  support for netmap network
@@ -4900,6 +4919,21 @@ then
 fi
 
 
+#
+# Check to see if we have the Hypervisor framework
+if [ "$darwin" == "yes" ] ; then
+  cat > $TMPC << EOF
+#include 
+int main() { return 0;}
+EOF
+  if ! compile_object ""; then
+hvf='no'
+  else
+hvf='yes'
+LDFLAGS="-framework Hypervisor $LDFLAGS"
+  fi
+fi
+
 #
 # Sparc implicitly links with --relax, which is
 # incompatible with -r, so --no-relax should be
@@ -5356,6 +5390,7 @@ if test "$tcg" = "yes" ; then
 echo "TCG debug enabled $debug_tcg"
 echo "TCG interpreter   $tcg_interpreter"
 fi
+echo "HVF support   $hvf"
 echo "RDMA support  $rdma"
 echo "fdt support   $fdt"
 echo "preadv support$preadv"
@@ -6388,6 +6423,9 @@ fi
 if supported_hax_target $target; then
 echo "CONFIG_HAX=y" >> $config_target_mak
 fi
+if supported_hvf_target $target; then
+echo "CONFIG_HVF=y" >> $config_target_mak
+fi
 if test "$target_bigendian" = "yes" ; then
   echo "TARGET_WORDS_BIGENDIAN=y" >> $config_target_mak
 fi
diff --git a/qemu-options.hx b/qemu-options.hx
index 9f6e2adfff..bcb44420ee 100644
--- a/qemu-options.hx
+++ b/qemu-options.hx
@@ -31,7 +31,7 @@ DEF("machine", HAS_ARG, QEMU_OPTION_machine, \
 "-machine [type=]name[,prop[=value][,...]]\n"
 "selects emulated machine ('-machine help' for list)\n"
 "property accel=accel1[:accel2[:...]] selects 
accelerator\n"
-"supported accelerators are kvm, xen, hax or tcg (default: 
tcg)\n"
+"supported accelerators are kvm, xen, hax, hvf or tcg 
(default: tcg)\n"
 "kernel_irqchip=on|off|split controls accelerated irqchip 
support (default=off)\n"
 "vmport=on|off|auto controls emulation of vmport (default: 
auto)\n"
 "kvm_shadow_mem=size of KVM shadow MMU in bytes\n"
@@ -66,7 +66,7 @@ Supported machine properties are:
 @table @option
 @item accel=@var{accels1}[:@var{accels2}[:...]]
 This is used to enable an accelerator. Depending on the target architecture,
-kvm, xen, hax or tcg can be available. By default, tcg is used. If there is
+kvm, xen, hax, hvf or tcg can be available. By default, tcg is used. If there 
is
 more than one accelerator specified, the next one is used if the previous one
 fails to initialize.
 @item kernel_irqchip=on|off
@@ -120,13 +120,13 @@ ETEXI
 
 DEF("accel", HAS_ARG, QEMU_OPTION_accel,
 "-accel [accel=]accelerator[,thread=single|multi]\n"
-"select accelerator (kvm, xen, hax or tcg; use 'help' for 
a list)\n"
-"thread=single|multi 

[Qemu-devel] [PATCH v3 10/14] hvf: implement hvf_get_supported_cpuid

[Sergio Andres Gomez Del Real]

This commit implements hvf_get_supported_cpuid, which returns the set of
features supported by both the host processor and the hypervisor.

Signed-off-by: Sergio Andres Gomez Del Real 
---
 target/i386/hvf-utils/x86_cpuid.c | 138 ++
 1 file changed, 138 insertions(+)

diff --git a/target/i386/hvf-utils/x86_cpuid.c 
b/target/i386/hvf-utils/x86_cpuid.c
index fe968cb638..0646588ae3 100644
--- a/target/i386/hvf-utils/x86_cpuid.c
+++ b/target/i386/hvf-utils/x86_cpuid.c
@@ -24,6 +24,7 @@
 #include "x86_cpuid.h"
 #include "x86.h"
 #include "vmx.h"
+#include "sysemu/hvf.h"
 
 #define PPRO_FEATURES (CPUID_FP87 | CPUID_DE | CPUID_PSE | CPUID_TSC | \
 CPUID_MSR | CPUID_MCE | CPUID_CX8 | CPUID_PGE | CPUID_CMOV | \
@@ -94,6 +95,27 @@ struct x86_cpuid builtin_cpus[] = {
 
 static struct x86_cpuid *_cpuid;
 
+static uint64_t xgetbv(uint32_t xcr)
+{
+uint32_t eax, edx;
+
+__asm__ volatile ("xgetbv"
+  : "=a" (eax), "=d" (edx)
+  : "c" (xcr));
+
+return (((uint64_t)edx) << 32) | eax;
+}
+
+static bool vmx_mpx_supported()
+{
+uint64_t cap_exit, cap_entry;
+
+hv_vmx_read_capability(HV_VMX_CAP_ENTRY, &cap_entry);
+hv_vmx_read_capability(HV_VMX_CAP_EXIT, &cap_exit);
+
+return ((cap_exit & (1 << 23)) && (cap_entry & (1 << 16)));
+}
+
 void init_cpuid(struct CPUState *cpu)
 {
 _cpuid = &builtin_cpus[2]; /* core2duo */
@@ -277,3 +299,119 @@ void get_cpuid_func(struct CPUState *cpu, int func, int 
cnt, uint32_t *eax,
 break;
 }
 }
+
+uint32_t hvf_get_supported_cpuid(uint32_t func, uint32_t idx,
+ int reg)
+{
+uint64_t cap;
+uint32_t eax, ebx, ecx, edx;
+
+host_cpuid(func, idx, &eax, &ebx, &ecx, &edx);
+
+switch (func) {
+case 0:
+eax = eax < (uint32_t)0xd ? eax : (uint32_t)0xd;
+break;
+case 1:
+edx &= CPUID_FP87 | CPUID_VME | CPUID_DE | CPUID_PSE | CPUID_TSC |
+ CPUID_MSR | CPUID_PAE | CPUID_MCE | CPUID_CX8 | CPUID_APIC |
+ CPUID_SEP | CPUID_MTRR | CPUID_PGE | CPUID_MCA | CPUID_CMOV |
+ CPUID_PAT | CPUID_PSE36 | CPUID_CLFLUSH | CPUID_MMX |
+ CPUID_FXSR | CPUID_SSE | CPUID_SSE2 | CPUID_SS;
+ecx &= CPUID_EXT_SSE3 | CPUID_EXT_PCLMULQDQ | CPUID_EXT_SSSE3 |
+ CPUID_EXT_FMA | CPUID_EXT_CX16 | CPUID_EXT_PCID |
+ CPUID_EXT_SSE41 | CPUID_EXT_SSE42 | CPUID_EXT_MOVBE |
+ CPUID_EXT_POPCNT | CPUID_EXT_AES | CPUID_EXT_XSAVE |
+ CPUID_EXT_AVX | CPUID_EXT_F16C | CPUID_EXT_RDRAND;
+break;
+case 6:
+eax = 4;
+ebx = 0;
+ecx = 0;
+edx = 0;
+break;
+case 7:
+if (idx == 0) {
+ebx &= CPUID_7_0_EBX_FSGSBASE | CPUID_7_0_EBX_BMI1 |
+CPUID_7_0_EBX_HLE | CPUID_7_0_EBX_AVX2 |
+CPUID_7_0_EBX_SMEP | CPUID_7_0_EBX_BMI2 |
+CPUID_7_0_EBX_ERMS | CPUID_7_0_EBX_RTM |
+CPUID_7_0_EBX_RDSEED | CPUID_7_0_EBX_ADX |
+CPUID_7_0_EBX_SMAP | CPUID_7_0_EBX_AVX512IFMA |
+CPUID_7_0_EBX_AVX512F | CPUID_7_0_EBX_AVX512PF |
+CPUID_7_0_EBX_AVX512ER | CPUID_7_0_EBX_AVX512CD |
+CPUID_7_0_EBX_CLFLUSHOPT | CPUID_7_0_EBX_CLWB |
+CPUID_7_0_EBX_AVX512DQ | CPUID_7_0_EBX_SHA_NI |
+CPUID_7_0_EBX_AVX512BW | CPUID_7_0_EBX_AVX512VL |
+CPUID_7_0_EBX_INVPCID | CPUID_7_0_EBX_MPX;
+
+if (!vmx_mpx_supported()) {
+ebx &= ~CPUID_7_0_EBX_MPX;
+}
+hv_vmx_read_capability(HV_VMX_CAP_PROCBASED2, &cap);
+if (!(cap & CPU_BASED2_INVPCID)) {
+ebx &= ~CPUID_7_0_EBX_INVPCID;
+}
+
+ecx &= CPUID_7_0_ECX_AVX512BMI | CPUID_7_0_ECX_AVX512_VPOPCNTDQ;
+edx &= CPUID_7_0_EDX_AVX512_4VNNIW | CPUID_7_0_EDX_AVX512_4FMAPS;
+} else {
+ebx = 0;
+ecx = 0;
+edx = 0;
+}
+eax = 0;
+break;
+case 0xD:
+if (idx == 0) {
+uint64_t host_xcr0 = xgetbv(0);
+uint64_t supp_xcr0 = host_xcr0 & (XSTATE_FP_MASK | XSTATE_SSE_MASK 
|
+  XSTATE_YMM_MASK | XSTATE_BNDREGS_MASK |
+  XSTATE_BNDCSR_MASK | XSTATE_OPMASK_MASK |
+  XSTATE_ZMM_Hi256_MASK | 
XSTATE_Hi16_ZMM_MASK);
+eax &= supp_xcr0;
+if (!vmx_mpx_supported()) {
+eax &= ~(XSTATE_BNDREGS_MASK | XSTATE_BNDCSR_MASK);
+}
+} else if (idx == 1) {
+hv_vmx_read_capability(HV_VMX_CAP_PROCBASED2, &cap);
+eax &= CPUID_XSAVE_XSAVEOPT | CPUID_XSAVE_XGETBV1;
+if (!(cap & CPU_BASED2_XSAVES_XRSTORS)) {
+eax &= ~CPUID_XSAVE_XSAVES;
+}
+}
+break;
+case 0x8001:
+  

[Qemu-devel] [PATCH v3 00/14] add support for Hypervisor.framework in QEMU

[Sergio Andres Gomez Del Real]

Changes in v3:
 (1) Fixed licensing issues in patch 3.
 (2) Revert to late adding of compilation rules in Makefile.objs (patch 8/14);
 files aren't ready to compile earlier.
 (3) Make a single patch just for fixing style (patch 4/14).
 (4) Fix data type for hvf_fd field.
 (5) Add comment that return value of -1 in apic function added in 7/14 means
 "no interrupt".



Changes in v2:
 (1) Removed legacy option "-enable-hvf" in favor of "-M accel=hvf"
 (2) Added missing copyright headers; replace fprintfs for error_report;
 improved commit description.
 (3) Moved patch that adds compilation rules in Makefile.objs right after
 the patch that adds the new files from Google's repo.
 (4) Removed conditional macros from cpus.c and cpu.c
 (5) Moved patch that fixes coding style to patch # 3
 (6) Fix commit message in apic patch
 (7) Squash some commits to avoid code churn


The following patchset adds to QEMU the supporting for macOS's native
hypervisor, Hypervisor.framework (hvf). The code base is taken from
Google's Android emulator at
https://android.googlesource.com/platform/external/qemu/+/emu-master-dev.

Apart from general code refactoring, some additional features were implemented:
retrieve the set of features supported by host cpu and hvf (cpuid);
dirty page tracking for VGA memory area; reimplementation of the event
injection mechanism to allow injection of exceptions during vmexits, which is
exemplified by the injection of a GP fault when the guest vmexits due to
execution of the vmcall instruction; changing the emulator's use of CPUState
structure in favor of CPUX86State, so as to in the future remove data structures
that are uselessly specific to hvf and unified some of the state between kvm/tcg
and hvf.
Some features initially planned to implement that didn't make it include:
page fault handling in the emulator and implementing the dummy_signal to handle
the SIG_IPI signal without race conditions. Hopefully these can be implemented
in the near future.

Sergio Andres Gomez Del Real (14):
  hvf: add support for Hypervisor.framework in the configure script
  hvf: add code base from Google's QEMU repository
  hvf: fix licensing issues; isolate task handling code (GPL v2-only)
  hvf: run hvf code through checkpatch.pl and fix style issues
  hvf: add code to cpus.c and do refactoring in preparation for
compiling
  hvf: handle fields from CPUState and CPUX86State
  apic: add function to apic that will be used by hvf
  hvf: add compilation rules to Makefile.objs
  hvf: use new helper functions for put/get xsave
  hvf: implement hvf_get_supported_cpuid
  hvf: refactor cpuid code
  hvf: implement vga dirty page tracking
  hvf: refactor event injection code for hvf
  hvf: inject General Protection Fault when vmexit through vmcall

 configure   |   38 +
 cpus.c  |   86 ++
 hw/intc/apic.c  |   12 +
 include/hw/i386/apic.h  |1 +
 include/qom/cpu.h   |2 +
 include/sysemu/hvf.h|  107 ++
 qemu-options.hx |   10 +-
 target/i386/Makefile.objs   |1 +
 target/i386/cpu-qom.h   |4 +-
 target/i386/cpu.c   |   79 +-
 target/i386/cpu.h   |   38 +-
 target/i386/hvf-all.c   |  963 +++
 target/i386/hvf-i386.h  |   48 +
 target/i386/hvf-utils/Makefile.objs |1 +
 target/i386/hvf-utils/README.md |7 +
 target/i386/hvf-utils/vmcs.h|  371 ++
 target/i386/hvf-utils/vmx.h |  222 
 target/i386/hvf-utils/x86.c |  184 +++
 target/i386/hvf-utils/x86.h |  476 
 target/i386/hvf-utils/x86_cpuid.c   |  417 +++
 target/i386/hvf-utils/x86_cpuid.h   |   52 +
 target/i386/hvf-utils/x86_decode.c  | 2186 +++
 target/i386/hvf-utils/x86_decode.h  |  325 ++
 target/i386/hvf-utils/x86_descr.c   |  124 ++
 target/i386/hvf-utils/x86_descr.h   |   55 +
 target/i386/hvf-utils/x86_emu.c | 1536 
 target/i386/hvf-utils/x86_emu.h |   49 +
 target/i386/hvf-utils/x86_flags.c   |  333 ++
 target/i386/hvf-utils/x86_flags.h   |  243 
 target/i386/hvf-utils/x86_gen.h |   53 +
 target/i386/hvf-utils/x86_mmu.c |  273 +
 target/i386/hvf-utils/x86_mmu.h |   45 +
 target/i386/hvf-utils/x86_task.c|  201 
 target/i386/hvf-utils/x86_task.h|   18 +
 target/i386/hvf-utils/x86hvf.c  |  463 
 target/i386/hvf-utils/x86hvf.h  |   39 +
 target/i386/kvm.c   |2 -
 37 files changed, 9031 insertions(+), 33 deletions(-)
 create mode 100644 include/sysemu/hvf.h
 create mode 100644 target/i386/hvf-all.c
 create mode 100644 target/i386/hvf-i386.h
 create mode 100644 target/i386/hvf-utils/Makefile.objs
 create mode 100644 target/i386/hvf-utils/README.md
 create mode 100644 

Re: [Qemu-devel] [PATCH] block: Cleanup BMDS in bdrv_close_all

[Fam Zheng]

On Fri, 09/01 13:41, Juan Quintela wrote:
> Fam Zheng  wrote:
> > This fixes the assertion due to op blockers added by BMDS:
> >
> > block.c:3248: bdrv_delete: Assertion `bdrv_op_blocker_is_empty(bs)' failed.
> >
> > Reproducer: simply start block migration and quit QEMU before it ends.
> >
> > Cc: qemu-sta...@nongnu.org
> > Signed-off-by: Fam Zheng 
> 
> Reviewed-by: Juan Quintela 
> 
> This stub stuff is crazy.
> 
> Fam, you were right (a.k.a. I was wrong).
> 
> Sorry, Juan.

Stefan, will you merge this?

Fam

Re: [Qemu-devel] [PATCH v5 0/6] arm: Make use of DEFINE_PROP_LINK

[Fam Zheng]

Hi,

Ping for 2.11.

Peter, what do you think?

On Mon, 07/17 10:38, Fam Zheng wrote:
> This is the arm part that was left out from:
> 
> https://lists.gnu.org/archive/html/qemu-devel/2017-07/msg04006.html
> 
> Make use of the new DEFINE_PROP_LINK, in favor of open coded the
> object_property_add_link. The advantage of it is the property now get 
> reflected
> in the info qtree output, for a bit more introspectability.
> 
> Fam Zheng (6):
>   armv7m: Convert bitband.source-mamory to DEFINE_PROP_LINK
>   armv7m: Convert armv7m.memory to DEFINE_PROP_LINK
>   gicv3: Convert to DEFINE_PROP_LINK
>   xlnx_zynqmp: Convert to DEFINE_PROP_LINK
>   xilinx_axienet: Convert to DEFINE_PROP_LINK
>   xilinx_axidma: Convert to DEFINE_PROP_LINK
> 
>  hw/arm/armv7m.c | 16 
>  hw/arm/xlnx-zynqmp.c|  7 ++-
>  hw/dma/xilinx_axidma.c  | 16 
>  hw/intc/arm_gicv3_its_kvm.c | 19 +++
>  hw/net/xilinx_axienet.c | 16 
>  5 files changed, 21 insertions(+), 53 deletions(-)
> 
> -- 
> 2.9.4
> 
> 

Re: [Qemu-devel] [PATCH] tests/docker: Clean up paths

[Fam Zheng]

On Thu, 08/17 11:57, Fam Zheng wrote:
> The 'run' script already creats src, build and install directories under
> $TEST_DIR, use it in common.rc.
> 
> Also the tests always run from $QEMU_SRC/tests/docker, so use a relative
> $CMD string.
> 
> Signed-off-by: Fam Zheng 

Queued.

Fam

Re: [Qemu-devel] reduce write bandwidth of qcow2 driver while allocating new cluster

[Liu Qing]

On Mon, Sep 04, 2017 at 04:17:42PM +0300, Anton Nefedov wrote:
> 
> 
> On 31/8/2017 9:55 AM, Liu Qing wrote:
> >On Wed, Aug 30, 2017 at 01:15:33PM +0300, Anton Nefedov wrote:
> >>
> >>On 29/08/2017 05:56, Liu Qing wrote:
> >>>On Mon, Aug 28, 2017 at 10:46:34AM -0500, Eric Blake wrote:
> [adding qemu-block]
> 
> On 08/28/2017 12:56 AM, Liu Qing wrote:
> >Dear list,
> >Recently I used fio to test qcow2 driver in the guest os, and found 
> > out
> >that when a new cluster is allocated the 4K IO will occupy 64K(default 
> >cluster
> >size) bandwith.
> >From the code qcow2 driver will fill the unused part of new allocated
> >cluster with 0 in perform_cow. These 0s are set in qcow2_co_readv when 
> >the read
> >destination is not allocated and it has no backing file. Could I 
> >forbidden any
> >further write in copy_sectors if the copy source is not allocated and it 
> >has
> >no backing file? So only the requested data is written to the cluster. 
> >Function
> >copy_sectors is only used by perform_cow in the master branch.
> 
> There have already been discussions on optimizing COW writes in a manner
> similar to what you are describing; for example,
> 
> https://lists.gnu.org/archive/html/qemu-devel/2017-08/msg00109.html
> >>>Thanks Eric, this is what I am looking for.
> >>>The only concern I have is in patch '[Qemu-devel] [PATCH v4 12/15] qcow2: 
> >>>skip
> >>>writing zero buffers to empty' it says:
> >>>
> >>>It can be detected that
> >>>  1. COW alignment of a write request is zeroes
> >>>  2. Respective areas on the underlying BDS already read as zeroes
> >>> after being preallocated previously
> >>>  If both of these true, COW may be skipped
> >>>
> >>>Will writing zero be skipped if the disk is not preallocated? @Anton
> >>>
> >>
> >>Hi,
> >>
> >>In short, no, it will not (with my patches), but there might be some way
> >>if that's what you really need.
> >>
> >>
> >>First of all, this might be undesirable as you lose the cluster-size
> >>data locality: now the whole cluster is written at once and is expected
> >>to reside in the contiguous area on the physical drive.
> >>
> >>Secondly, I think there is no guarantee that the underlying bs->file
> >>image reads back as zeroes if the cluster is unallocated on qcow2 level.
> >Why we need this guarantee? If the cluster is unallocated, it means no
> >one used these clusters previously. So why should these unallocated
> >clusters be read back as zeroes?
> 
> Hi, sorry I missed your mail;
> 
> I'm actually not sure if this is fixed in some spec or smth, that we
> must read 0 from the never-written-to areas.
> 
> I can guess why it looks quite desirable - suppose we had a guest offset
> X which mapped to the image offset Y, then the cluster got discarded and
> the new guest offset Z mapped to the image offset Y - then the guest can
> read old data from the other offset. But of course the sensitive data at
> X should be explicitly overwritten by guest means, rather than just
> discarded.
> 
> /Anton
I found the following article is disscussing similar thing.
https://lwn.net/Articles/492959/
The author added a new a flag in fallocate, and uninitialized file block
will not be filled with zero when only a small part of the block is
written.

As you mentioned there should be some security issues. There is trade off
on this.

Thanks for the reply. Qing.

> 
> >>
> >>For example, the unallocated cluster could have been used earlier but
> >>then discarded. Discard passthrough is configurable so discard may not
> >>be passed down to the underlying image. And I guess that in general,
> >>even if it is passed, there is no strong requirement on reading back as
> >>zeroes - look at qcow2 discard handling - discard head and tail which do
> >>not cover full clusters are ignored.
> >>
> >>_perhaps_, one may expect that there will be zeroes if the cluster is
> >>allocated at the end of file
> >>(see 'clusters_are_trailing' detection here
> >>https://lists.gnu.org/archive/html/qemu-devel/2017-08/msg00122.html)
> >>
> >>but I haven't thought about all corner cases here.
> >>
> >>
> >>/Anton
> >>
> >>>BTW: why the code in the patch is a little different than the latest
> >>>master branch? For example I don't have the is_zero function but only
> >>>get is_zero_sectors. Is there something wrong with my settings?
> >>>
> >>>My repo:
> >>># git remote -v
> >>>origin  git://git.qemu-project.org/qemu.git (fetch)
> >>>origin  git://git.qemu-project.org/qemu.git (push)
> >>>
> >>>Thanks.
> 
> --
> Eric Blake, Principal Software Engineer
> Red Hat, Inc.   +1-919-301-3266
> Virtualization:  qemu.org | libvirt.org
> 
> >>>
> >>>

Re: [Qemu-devel] [PATCH v8 13/13] qemu.py: don't launch again before shutdown()

[Fam Zheng]

On Fri, 09/01 13:28, Amador Pahim wrote:
> If a VM is launched, files are created and a cleanup is required before
> a new launch. This cleanup is executed by shutdown(), so shutdown() must
> be called even if the VM is manually terminated (i.e. using kill).
> 
> This patch creates a control to make sure launch() will not be executed
> again if shutdown() is not called after the previous launch().
> 
> Signed-off-by: Amador Pahim 
> ---
>  scripts/qemu.py | 7 +++
>  1 file changed, 7 insertions(+)
> 
> diff --git a/scripts/qemu.py b/scripts/qemu.py
> index 363f649a7e..05fca4d268 100644
> --- a/scripts/qemu.py
> +++ b/scripts/qemu.py
> @@ -52,6 +52,7 @@ class QEMUMachine(object):
>  self._debug = debug
>  self._qemu_full_args = None
>  self._created_files = []
> +self._pending_shutdown = False

The name is very poor, it can be confused as "user requested a shutdown but the
action is pending for some reason". Maybe "self._launched"?

Fam

>  
>  # This can be used to add an unused monitor instance.
>  def add_monitor_telnet(self, ip, port):
> @@ -168,10 +169,14 @@ class QEMUMachine(object):
>  if self.is_running():
>  raise QEMUMachineError('VM already running')
>  
> +if self._pending_shutdown:
> +raise QEMUMachineError('Shutdown pending after previous launch')
> +
>  self._iolog = None
>  self._qemu_full_args = None
>  try:
>  self._launch()
> +self._pending_shutdown = True
>  except:
>  self.shutdown()
>  
> @@ -217,6 +222,8 @@ class QEMUMachine(object):
>  command = ''
>  LOG.warn(msg, exitcode, command)
>  
> +self._pending_shutdown = False
> +
>  underscore_to_dash = string.maketrans('_', '-')
>  def qmp(self, cmd, conv_keys=True, **args):
>  '''Invoke a QMP command and return the result dict'''
> -- 
> 2.13.5
> 
> 

Re: [Qemu-devel] [PATCH v8 11/13] qemu.py: cleanup redundant calls in launch()

[Fam Zheng]

On Fri, 09/01 13:28, Amador Pahim wrote:
> Now that shutdown() is guaranteed to always execute self._load_io_log()
> and self._post_shutdown(), their calls in 'except' became redundant and
> we can safely replace it by a call to shutdown().
> 
> Due to this change, shutdown() can be now called even before the
> creation of the _qemu_log_path. So, to avoid errors with _load_io_log(),
> this patch makes sure we will only read the _qemu_log_path if it was
> previously created by us.
> 
> Signed-off-by: Amador Pahim 
> ---
>  scripts/qemu.py | 11 ---
>  1 file changed, 4 insertions(+), 7 deletions(-)
> 
> diff --git a/scripts/qemu.py b/scripts/qemu.py
> index 87a2212b77..03e4cc34b7 100644
> --- a/scripts/qemu.py
> +++ b/scripts/qemu.py
> @@ -115,8 +115,9 @@ class QEMUMachine(object):
>  return self._popen.pid
>  
>  def _load_io_log(self):
> -with open(self._qemu_log_path, "r") as fh:
> -self._iolog = fh.read()
> +if self._qemu_log_path in self._created_files:
> +with open(self._qemu_log_path, "r") as fh:
> +self._iolog = fh.read()
>  
>  def _base_args(self):
>  if isinstance(self._monitor_address, tuple):
> @@ -169,11 +170,7 @@ class QEMUMachine(object):
>  try:
>  self._launch()
>  except:
> -if self.is_running():
> -self._popen.kill()
> -self._popen.wait()
> -self._load_io_log()
> -self._post_shutdown()
> +self.shutdown()
>  
>  LOG.debug('Error launching VM')
>  if self._qemu_full_args:
> -- 
> 2.13.5
> 
> 

Reviewed-by: Fam Zheng 

Re: [Qemu-devel] [PATCH v8 12/13] qemu.py: launch vm only if it's not running

[Fam Zheng]

On Fri, 09/01 13:28, Amador Pahim wrote:
> A new call to launch() with a running VM will fall in exception and
> consequently call shutdown().
> 
> This patch makes launch() to raise an exception when it's called with VM
> already running.
> 
> Signed-off-by: Amador Pahim 
> ---
>  scripts/qemu.py | 3 +++
>  1 file changed, 3 insertions(+)
> 
> diff --git a/scripts/qemu.py b/scripts/qemu.py
> index 03e4cc34b7..363f649a7e 100644
> --- a/scripts/qemu.py
> +++ b/scripts/qemu.py
> @@ -165,6 +165,9 @@ class QEMUMachine(object):
>  Try to launch the VM and make sure we cleanup and expose the
>  command line/output in case of exception.
>  '''
> +if self.is_running():
> +raise QEMUMachineError('VM already running')
> +
>  self._iolog = None
>  self._qemu_full_args = None
>  try:
> -- 
> 2.13.5
> 
> 

Reviewed-by: Fam Zheng 

Re: [Qemu-devel] [PATCH v8 06/13] qemu.py: make sure we only remove files we create

[Fam Zheng]

On Fri, 09/01 13:28, Amador Pahim wrote:
> To launch a VM, we need to create basically two files: the monitor
> socket (if it's a UNIX socket) and the qemu log file.
> 
> For the qemu log file, we currently just open the path, which will
> create the file if it does not exist or overwrite the file if it does
> exist.
> 
> For the monitor socket, if it already exists, we are currently removing
> it, even if it's not created by us.
> 
> This patch moves to pre_launch() the responsibility to make sure we only
> create files that are not pre-existent and to populate a list of
> controlled files. This list will then be used as the reference of
> files to remove during the cleanup (post_shutdown()).
> 
> Signed-off-by: Amador Pahim 
> ---
>  scripts/qemu.py | 30 +++---
>  1 file changed, 23 insertions(+), 7 deletions(-)
> 
> diff --git a/scripts/qemu.py b/scripts/qemu.py
> index 3ebe5ee0a4..c26e1412f9 100644
> --- a/scripts/qemu.py
> +++ b/scripts/qemu.py
> @@ -41,6 +41,7 @@ class QEMUMachine(object):
>  monitor_address = os.path.join(test_dir, name + "-monitor.sock")
>  self._monitor_address = monitor_address
>  self._qemu_log_path = os.path.join(test_dir, name + ".log")
> +self._qemu_log_fd = None
>  self._popen = None
>  self._binary = binary
>  self._args = list(args) # Force copy args in case we modify them
> @@ -50,6 +51,7 @@ class QEMUMachine(object):
>  self._socket_scm_helper = socket_scm_helper
>  self._debug = debug
>  self._qemu_full_args = None
> +self._created_files = []
>  
>  # This can be used to add an unused monitor instance.
>  def add_monitor_telnet(self, ip, port):
> @@ -128,30 +130,44 @@ class QEMUMachine(object):
>  '-display', 'none', '-vga', 'none']
>  
>  def _pre_launch(self):
> -self._qmp = qmp.qmp.QEMUMonitorProtocol(self._monitor_address, 
> server=True,
> -debug=self._debug)
> +try:
> +self._qmp = qmp.qmp.QEMUMonitorProtocol(self._monitor_address,
> +server=True,
> +debug=self._debug)
> +except:
> +raise

What's the point of "except: raise"? It seems useless.

> +else:
> +if not isinstance(self._monitor_address, tuple):
> +self._created_files.append(self._monitor_address)
> +
> +try:
> +flags = os.O_CREAT | os.O_EXCL | os.O_WRONLY
> +os.open(self._qemu_log_path, flags)

Why change to os.open() instead of open()?

> +except:
> +raise
> +else:
> +self._created_files.append(self._qemu_log_path)
> +self._qemu_log_fd = open(self._qemu_log_path, 'wb')
>  
>  def _post_launch(self):
>  self._qmp.accept()
>  
>  def _post_shutdown(self):
> -if not isinstance(self._monitor_address, tuple):
> -self._remove_if_exists(self._monitor_address)
> -self._remove_if_exists(self._qemu_log_path)
> +while self._created_files:
> +self._remove_if_exists(self._created_files.pop())
>  
>  def launch(self):
>  '''Launch the VM and establish a QMP connection'''
>  self._iolog = None
>  self._qemu_full_args = None
>  devnull = open(os.path.devnull, 'rb')
> -qemulog = open(self._qemu_log_path, 'wb')
>  try:
>  self._pre_launch()
>  self._qemu_full_args = (self._wrapper + [self._binary] +
>  self._base_args() + self._args)
>  self._popen = subprocess.Popen(self._qemu_full_args,
> stdin=devnull,
> -   stdout=qemulog,
> +   stdout=self._qemu_log_fd,
> stderr=subprocess.STDOUT,
> shell=False)
>  self._post_launch()
> -- 
> 2.13.5
> 

Fam

Re: [Qemu-devel] [PATCH v8 10/13] qemu.py: use poll() instead of 'returncode'

[Fam Zheng]

On Fri, 09/01 13:28, Amador Pahim wrote:
> The 'returncode' Popen attribute is not guaranteed to be updated. It
> actually depends on a call to either poll(), wait() or communicate().
> 
> On the other hand, poll() will: "Check if child process has terminated.
> Set and return returncode attribute."
> 
> Let's use the poll() to check whether the process is running and to get
> the updated process exit code, when the process is finished.
> 
> Signed-off-by: Amador Pahim 

Reviewed-by: Fam Zheng 

Re: [Qemu-devel] [PATCH v8 08/13] qemu.py: refactor launch()

[Fam Zheng]

On Fri, 09/01 13:28, Amador Pahim wrote:
> This is just an refactor to separate the exception handler from the
> actual launch procedure, improving the readability and making future
> maintenances in this piece of code easier.
> 
> Signed-off-by: Amador Pahim 

Reviewed-by: Fam Zheng 

Re: [Qemu-devel] [PATCH v8 09/13] qemu.py: always cleanup on shutdown()

[Fam Zheng]

On Fri, 09/01 13:28, Amador Pahim wrote:
> Currently we only cleanup on shutdown() if the VM is running.
> 
> To make sure we will always cleanup, this patch makes the cleanup to
> always happen in shutdown, regardless the VM running state.
> 
> Signed-off-by: Amador Pahim 

Reviewed-by: Fam Zheng 

Re: [Qemu-devel] [PATCH v8 07/13] qemu.py: close _qemu_log_path on cleanup

[Fam Zheng]

On Fri, 09/01 13:28, Amador Pahim wrote:
> We are opening the _qemu_log_path during the launch() but we are
> forgetting to close it.
> 
> This patch makes sure we will close the self._qemu_log_path during the
> cleanup (post_shutdown()).
> 
> Signed-off-by: Amador Pahim 
> ---
>  scripts/qemu.py | 3 +++
>  1 file changed, 3 insertions(+)
> 
> diff --git a/scripts/qemu.py b/scripts/qemu.py
> index c26e1412f9..1b77fec48b 100644
> --- a/scripts/qemu.py
> +++ b/scripts/qemu.py
> @@ -153,6 +153,9 @@ class QEMUMachine(object):
>  self._qmp.accept()
>  
>  def _post_shutdown(self):
> +if self._qemu_log_fd is not None:
> +self._qemu_log_fd.close()
> +
>  while self._created_files:
>  self._remove_if_exists(self._created_files.pop())
>  
> -- 
> 2.13.5
> 

Reviewed-by: Fam Zheng 

Re: [Qemu-devel] [PATCH v8 05/13] qemu.py: include debug information on launch error

[Fam Zheng]

On Fri, 09/01 13:28, Amador Pahim wrote:
> When launching a VM, if an exception happens and the VM is not
> initiated, it might be useful to see the qemu command line and
> the qemu command output.
> 
> This patch creates that message. Notice that self._iolog needs to be
> cleaned up in the beginning of the launch() to make sure we will not
> expose the qemu log from a previous launch if the current one fails.
> 
> Signed-off-by: Amador Pahim 
> ---
>  scripts/qemu.py | 7 +++
>  1 file changed, 7 insertions(+)
> 
> diff --git a/scripts/qemu.py b/scripts/qemu.py
> index 670c048569..3ebe5ee0a4 100644
> --- a/scripts/qemu.py
> +++ b/scripts/qemu.py
> @@ -141,6 +141,7 @@ class QEMUMachine(object):
>  
>  def launch(self):
>  '''Launch the VM and establish a QMP connection'''
> +self._iolog = None
>  self._qemu_full_args = None
>  devnull = open(os.path.devnull, 'rb')
>  qemulog = open(self._qemu_log_path, 'wb')
> @@ -160,6 +161,12 @@ class QEMUMachine(object):
>  self._popen.wait()
>  self._load_io_log()
>  self._post_shutdown()
> +
> +LOG.debug('Error launching VM')
> +if self._qemu_full_args:
> +LOG.debug('Command: %r', ' '.join(self._qemu_full_args))
> +if self._iolog:
> +LOG.debug('Output: %r', self._iolog)
>  raise
>  
>  def shutdown(self):
> -- 
> 2.13.5
> 

It would be nice if these messages are added to the exception obj, but it's
already an improvement over what we have now, so:

Reviewed-by: Fam Zheng 

Re: [Qemu-devel] [PATCH v8 03/13] qemu.py: use os.path.null instead of /dev/null

[Fam Zheng]

On Fri, 09/01 13:28, Amador Pahim wrote:
> For increased portability, let's use os.path.devnull.
> 
> Signed-off-by: Amador Pahim 

Reviewed-by: Fam Zheng 

Re: [Qemu-devel] [PATCH v8 04/13] qemu.py: improve message on negative exit code

[Fam Zheng]

On Fri, 09/01 13:28, Amador Pahim wrote:
> The current message shows 'self._args', which contains only part of the
> options used in the Qemu command line.
> 
> This patch makes the qemu full args list an instance variable and then
> uses it in the negative exit code message.
> 
> Message was moved outside the 'if is_running' block to make sure it will
> be logged if the VM finishes before the call to shutdown().
> 
> Signed-off-by: Amador Pahim 
> ---
>  scripts/qemu.py | 26 +++---
>  1 file changed, 19 insertions(+), 7 deletions(-)
> 
> diff --git a/scripts/qemu.py b/scripts/qemu.py
> index a6e06291ea..670c048569 100644
> --- a/scripts/qemu.py
> +++ b/scripts/qemu.py
> @@ -49,6 +49,7 @@ class QEMUMachine(object):
>  self._iolog = None
>  self._socket_scm_helper = socket_scm_helper
>  self._debug = debug
> +self._qemu_full_args = None
>  
>  # This can be used to add an unused monitor instance.
>  def add_monitor_telnet(self, ip, port):
> @@ -140,13 +141,18 @@ class QEMUMachine(object):
>  
>  def launch(self):
>  '''Launch the VM and establish a QMP connection'''
> +self._qemu_full_args = None
>  devnull = open(os.path.devnull, 'rb')
>  qemulog = open(self._qemu_log_path, 'wb')
>  try:
>  self._pre_launch()
> -args = self._wrapper + [self._binary] + self._base_args() + 
> self._args
> -self._popen = subprocess.Popen(args, stdin=devnull, 
> stdout=qemulog,
> -   stderr=subprocess.STDOUT, 
> shell=False)
> +self._qemu_full_args = (self._wrapper + [self._binary] +
> +self._base_args() + self._args)

The parentheses seem superfluous. With those removed:

Reviewed-by: Fam Zheng 

> +self._popen = subprocess.Popen(self._qemu_full_args,
> +   stdin=devnull,
> +   stdout=qemulog,
> +   stderr=subprocess.STDOUT,
> +   shell=False)
>  self._post_launch()
>  except:
>  if self.is_running():
> @@ -164,14 +170,20 @@ class QEMUMachine(object):
>  self._qmp.close()
>  except:
>  self._popen.kill()
> +self._popen.wait()
>  
> -exitcode = self._popen.wait()
> -if exitcode < 0:
> -LOG.warn('qemu received signal %i: %s', -exitcode,
> -  ' '.join(self._args))
>  self._load_io_log()
>  self._post_shutdown()
>  
> +exitcode = self.exitcode()
> +if exitcode is not None and exitcode < 0:
> +msg = 'qemu received signal %i: %s'
> +if self._qemu_full_args:
> +command = ' '.join(self._qemu_full_args)
> +else:
> +command = ''
> +LOG.warn(msg, exitcode, command)
> +
>  underscore_to_dash = string.maketrans('_', '-')
>  def qmp(self, cmd, conv_keys=True, **args):
>  '''Invoke a QMP command and return the result dict'''
> -- 
> 2.13.5
> 
> 

Re: [Qemu-devel] [PATCH v8 01/13] qemu.py: fix is_running() return before first launch()

[Fam Zheng]

On Fri, 09/01 13:28, Amador Pahim wrote:
> is_running() returns None when called before the first time we
> call launch():
> 
> >>> import qemu
> >>> vm = qemu.QEMUMachine('qemu-system-x86_64')
> >>> vm.is_running()
> >>>
> 
> It should return False instead. This patch fixes that.
> 
> For consistence, this patch removes the parenthesis from the
> second clause as it's not really needed.
> 
> Signed-off-by: Amador Pahim 

Reviewed-by: Fam Zheng 

Re: [Qemu-devel] [PATCH v8 02/13] qemu.py: avoid writing to stdout/stderr

[Fam Zheng]

On Fri, 09/01 13:28, Amador Pahim wrote:
> This module should not write directly to stdout/stderr. Instead, it
> should either raise exceptions or just log the messages and let the
> callers handle them and decide what to do. For example, scripts could
> choose to send the log messages stderr or/and write them to a file if
> verbose or debugging mode is enabled.
> 
> This patch replaces the writes to stderr by an exception in the
> send_fd_scm() when _socket_scm_helper is not set or not present. In the
> same method, the subprocess Popen will now redirect the stdout/stderr to
> logging.debug instead of writing to system stderr. As consequence, since
> the Popen.communicate() is now used (in order to get the stdout), the
> further call to wait() became redundant and was replaced by
> Popen.returncode.
> 
> The shutdown() message on negative exit code will now be logged
> to logging.warn instead of written to system stderr.
> 
> Signed-off-by: Amador Pahim 

Reviewed-by: Fam Zheng 

[Qemu-devel] [PATCH v4 6/6] docker: Drop 'set -e' from run script

[Fam Zheng]

Signed-off-by: Fam Zheng 
---
 tests/docker/run | 8 +++-
 1 file changed, 3 insertions(+), 5 deletions(-)

diff --git a/tests/docker/run b/tests/docker/run
index 9eb9165f76..aad91f6ef5 100755
--- a/tests/docker/run
+++ b/tests/docker/run
@@ -1,4 +1,4 @@
-#!/bin/bash -e
+#!/bin/bash
 #
 # Docker test runner
 #
@@ -11,8 +11,6 @@
 # or (at your option) any later version. See the COPYING file in
 # the top-level directory.
 
-set -e
-
 if test -n "$V"; then
 set -x
 fi
@@ -20,7 +18,7 @@ fi
 BASE="$(dirname $(readlink -e $0))"
 
 # Prepare the environment
-. /etc/profile || true
+. /etc/profile
 export PATH=/usr/lib/ccache:$PATH
 
 if test -n "$J"; then
@@ -32,7 +30,7 @@ export TEST_DIR=/tmp/qemu-test
 mkdir -p $TEST_DIR/{src,build,install}
 
 # Extract the source tarballs
-tar -C $TEST_DIR/src -xf $BASE/qemu.tar
+tar -C $TEST_DIR/src -xf $BASE/qemu.tar || prep_fail "Failed to untar source"
 
 if test -n "$SHOW_ENV"; then
 if test -f /packages.txt; then
-- 
2.13.5

[Qemu-devel] [PATCH v4 5/6] docker: Add test-block

[Fam Zheng]

Signed-off-by: Fam Zheng 
---
 tests/docker/test-block | 22 ++
 1 file changed, 22 insertions(+)
 create mode 100755 tests/docker/test-block

diff --git a/tests/docker/test-block b/tests/docker/test-block
new file mode 100755
index 00..64d8bbadf7
--- /dev/null
+++ b/tests/docker/test-block
@@ -0,0 +1,22 @@
+#!/bin/bash
+#
+# Run block test cases
+#
+# Copyright 2017 Red Hat Inc.
+#
+# Authors:
+#  Fam Zheng 
+#
+# This work is licensed under the terms of the GNU GPL, version 2
+# or (at your option) any later version. See the COPYING file in
+# the top-level directory.
+
+. ./common.rc
+
+cd "$BUILD_DIR"
+
+build_qemu --target-list=x86_64-softmmu
+cd tests/qemu-iotests
+for t in raw qcow2 nbd luks; do
+./check -g quick -$t || test_fail "Test failed: iotests $t"
+done
-- 
2.13.5

[Qemu-devel] [PATCH v4 3/6] docker: Use unconfined security profile

[Fam Zheng]

Some by default blocked syscalls are required to run tests for example
userfaultfd.

Reviewed-by: Kashyap Chamarthy 
Signed-off-by: Fam Zheng 
---
 tests/docker/Makefile.include | 1 +
 1 file changed, 1 insertion(+)

diff --git a/tests/docker/Makefile.include b/tests/docker/Makefile.include
index 7a027d5bd6..168198e026 100644
--- a/tests/docker/Makefile.include
+++ b/tests/docker/Makefile.include
@@ -134,6 +134,7 @@ docker-run: docker-qemu-src
$(call quiet-command,   \
$(SRC_PATH)/tests/docker/docker.py run  \
$(if $(NOUSER),,-u $(shell id -u)) -t   \
+   --security-opt seccomp=unconfined   \
$(if $V,,--rm)  \
$(if $(DEBUG),-i,)  \
$(if $(NETWORK),$(if $(subst 
$(NETWORK),,1),--net=$(NETWORK)),--net=none) \
-- 
2.13.5

[Qemu-devel] [PATCH v4 4/6] docker: Add nettle-devel to fedora image

[Fam Zheng]

The LUKS cases in qemu-iotests requires this.

Reviewed-by: Kashyap Chamarthy 
Signed-off-by: Fam Zheng 
---
 tests/docker/dockerfiles/fedora.docker | 1 +
 1 file changed, 1 insertion(+)

diff --git a/tests/docker/dockerfiles/fedora.docker 
b/tests/docker/dockerfiles/fedora.docker
index 4eaa8ed2a5..27e8201c54 100644
--- a/tests/docker/dockerfiles/fedora.docker
+++ b/tests/docker/dockerfiles/fedora.docker
@@ -3,6 +3,7 @@ ENV PACKAGES \
 ccache git tar PyYAML sparse flex bison python2 bzip2 hostname \
 glib2-devel pixman-devel zlib-devel SDL-devel libfdt-devel \
 gcc gcc-c++ clang make perl which bc findutils libaio-devel \
+nettle-devel \
 mingw32-pixman mingw32-glib2 mingw32-gmp mingw32-SDL mingw32-pkg-config \
 mingw32-gtk2 mingw32-gtk3 mingw32-gnutls mingw32-nettle mingw32-libtasn1 \
 mingw32-libjpeg-turbo mingw32-libpng mingw32-curl mingw32-libssh2 \
-- 
2.13.5

[Qemu-devel] [PATCH v4 2/6] docker: Add test_fail and prep_fail

[Fam Zheng]

They both print a message and exit, but with different status code so
distinguish real test errors from env preparation failures.

Signed-off-by: Fam Zheng 
---
 tests/docker/common.rc | 12 
 1 file changed, 12 insertions(+)

diff --git a/tests/docker/common.rc b/tests/docker/common.rc
index c22d825b16..63ce9a7af5 100755
--- a/tests/docker/common.rc
+++ b/tests/docker/common.rc
@@ -35,3 +35,15 @@ build_qemu()
 echo $config_opts
 $QEMU_SRC/configure $config_opts && make $MAKEFLAGS
 }
+
+test_fail()
+{
+echo "$@"
+exit 1
+}
+
+prep_fail()
+{
+echo "$@"
+exit 2
+}
-- 
2.13.5

[Qemu-devel] [PATCH v4 1/6] docker: Fix return code of build_qemu()

[Fam Zheng]

Without "set -e", the "&&" makes sure that the return code reflects the
result status, and that make only runs if configure succeeds.

Signed-off-by: Fam Zheng 
---
 tests/docker/common.rc | 3 +--
 1 file changed, 1 insertion(+), 2 deletions(-)

diff --git a/tests/docker/common.rc b/tests/docker/common.rc
index 6865689bb5..c22d825b16 100755
--- a/tests/docker/common.rc
+++ b/tests/docker/common.rc
@@ -33,6 +33,5 @@ build_qemu()
  $@"
 echo "Configure options:"
 echo $config_opts
-$QEMU_SRC/configure $config_opts
-make $MAKEFLAGS
+$QEMU_SRC/configure $config_opts && make $MAKEFLAGS
 }
-- 
2.13.5

[Qemu-devel] [PATCH v4 0/6] docker: Add test-block

[Fam Zheng]

Based-on: 20170905021201.25684-1-f...@redhat.com
([PATCH v6 00/12] tests: Add VM based build tests (for non-x86_64 and/or
non-Linux))

A few tweaks to the docker images and running commands allow us to run
qemu-iotests in the fedora container. This will be added to the patchew test
cases later.

v4: Don't use 'set -e'. [Eric]
Add Kashyap's rev-by to unchanged patches.

v3: Add nbd, luks and limit to quick group.

v2: Add nettle-devel because a few iotest cases blindly assumes the support is
there.

Fam Zheng (6):
  docker: Fix return code of build_qemu()
  docker: Add test_fail and prep_fail
  docker: Use unconfined security profile
  docker: Add nettle-devel to fedora image
  docker: Add test-block
  docker: Drop 'set -e' from run script

 tests/docker/Makefile.include  |  1 +
 tests/docker/common.rc | 15 +--
 tests/docker/dockerfiles/fedora.docker |  1 +
 tests/docker/run   |  8 +++-
 tests/docker/test-block| 22 ++
 5 files changed, 40 insertions(+), 7 deletions(-)
 create mode 100755 tests/docker/test-block

-- 
2.13.5

Re: [Qemu-devel] [PATCH] e1000: Rename the SEC symbol to SEQEC

[Jason Wang]

On 2017年09月05日 07:51, Kamil Rytarowski wrote:

Please put it on a pull-request queue. I don't maintain one myself.

On 04.09.2017 09:29, Dmitry Fleytman wrote:

Reviewed-by: Dmitry Fleytman 


On 4 Sep 2017, at 10:23 AM, Fam Zheng  wrote:

On Sun, 09/03 18:37, Kamil Rytarowski wrote:

SunOS defines SEC in  as 1 (commonly used time symbols).

This fixes build on SmartOS (Joyent).

Patch cherry-picked from pkgsrc by jperkin (Joyent).

Signed-off-by: Kamil Rytarowski 

Cc Jason Wang (net maintainer).

Fam


Applied, will be in next pull request.

Thanks

Re: [Qemu-devel] [PATCH v9 0/4] Improve error reporting

[Jason Wang]

On 2017年09月04日 22:35, Mao Zhongyi wrote:

v9:
* -rebase on upstream
   -fix the commit message of patch04

v8:
* PATCH 02 & 04
   -resetting the error message for the user to read.   [Markus Armbruster]
   -fix the indentation and commit message.  [Markus Armbruster]
   
v7:

* PATCH 01
   -fix the error message.[Daniel P. Berrange]
   -adjust the indentation problem.[Eric Blake]
* PATCH 03
   -print a generic message when gethostbyname() failed in parse_host_port(),
drop the misleading ": unkonwn host" part.[Markus Armbruster]

v6:
* PATCH 02
   -rename the subject
   -drop the "qemu: error: " prefix.
   -correct inappropriate error information settings.
* PATCH 03,04
   -correct inappropriate error information settings.[Markus Armbruster]

v5:
* PATCH 01 make the commit message more exact about the actual function.
[Markus Armbruster]
* PATCH 02, 03, 04 still retains the original function, but specific
content and order of each patch has been adjusted substantially,
so that ensure each patch is a completed fix.[Markus Armbruster]

v4:
* PATCH 01 is redoing previous patch 1, replace the fprintf() with 
error_report()
 in the 'default' case of net_socket_fd_init() [Markus 
Armbruster]

v3:
* PATCH 01 is suggested by Markus and Daniel that removes the dubious 'default' 
case
in the net_socket_fd_init(). Jason agreed.
* PATCH 02 is redoing previous patch 4.
* PATCH 04 is redoing previous patch 2, improves sort of error messages.

v2:
* PATCH 02 reworking of patch 2 following Markus's suggestion that convert 
error_report()
in the function called by net_socket_*_init() to Error. Also add 
many error
handling information.
* PATCH 03 net_socket_mcast_create(), net_socket_fd_init_dgram() and 
net_socket_fd_init()
use the function such as fprintf, perror to report an error 
message. Convert it
to Error.
* PATCH 04 parse_host_port() may fail without reporting an error. Now, fix it 
to set an
error when it fails.

Cc: jasow...@redhat.com
Cc: arm...@redhat.com
Cc: berra...@redhat.com
Cc: kra...@redhat.com
Cc: pbonz...@redhat.com
Cc: ebl...@redhat.com

Mao Zhongyi (4):
   net/socket: Don't treat odd socket type as SOCK_STREAM
   net/socket: Convert several helper functions to Error
   net/net: Convert parse_host_port() to Error
   net/socket: Improve -net socket error reporting

  include/qemu/sockets.h |   3 +-
  net/net.c  |  22 +--
  net/socket.c   | 156 -
  3 files changed, 108 insertions(+), 73 deletions(-)



Applied.

Thanks

Re: [Qemu-devel] [PATCH v3 3/3] docker: Add test-block

[Fam Zheng]

On Fri, 09/01 13:35, Eric Blake wrote:
> On 09/01/2017 10:22 AM, Fam Zheng wrote:
> > Signed-off-by: Fam Zheng 
> > ---
> >  tests/docker/test-block | 22 ++
> >  1 file changed, 22 insertions(+)
> >  create mode 100755 tests/docker/test-block
> > 
> > diff --git a/tests/docker/test-block b/tests/docker/test-block
> > new file mode 100755
> > index 00..efc77b4b91
> > --- /dev/null
> > +++ b/tests/docker/test-block
> > @@ -0,0 +1,22 @@
> > +#!/bin/bash -e
> 
> 'set -e' is awful; it exists for backwards-compatibility with shell
> scripts that pre-date functions, but is NOT intuitive and generally does
> NOT do what you want when shell functions are added to the mix.  You're
> better off doing manual error checking than relying on 'set -e' to check
> for errors on your behalf.
> 
> > +#
> > +# Run block test cases
> > +#
> > +# Copyright (c) 2017 Red Hat Inc.
> > +#
> > +# Authors:
> > +#  Fam Zheng 
> > +#
> > +# This work is licensed under the terms of the GNU GPL, version 2
> > +# or (at your option) any later version. See the COPYING file in
> > +# the top-level directory.
> > +
> > +. common.rc
> 
> Are we sure that '.' is early enough on $PATH that this will pick up the
> right common.rc? Safer is '. ./common.rc'.
> 
> > +
> > +cd "$BUILD_DIR"
> > +
> > +build_qemu --target-list=x86_64-softmmu
> > +cd tests/qemu-iotests
> > +for t in raw qcow2 nbd luks; do
> > +./check -g quick -$t
> > +done
> 
> That said, this script (and common.rc) is small enough to verify that
> you probably aren't going to trip over those non-intuitive 'set -e'
> behaviors, so the real reason to avoid it is if we want to be able to
> copy-and-paste into other scripts that aren't using 'set -e' (on the
> premise that avoiding implicit global state, like 'set -e', and being
> explicit instead, is a good thing).

OK, I will revise this patch and drop set -e.

Fam

[Qemu-devel] [PATCH v6 12/12] docker: Use archive-source.py

[Fam Zheng]

Signed-off-by: Fam Zheng 
---
 tests/docker/Makefile.include | 15 ++-
 tests/docker/run  |  8 +---
 2 files changed, 3 insertions(+), 20 deletions(-)

diff --git a/tests/docker/Makefile.include b/tests/docker/Makefile.include
index aaab1a4208..7a027d5bd6 100644
--- a/tests/docker/Makefile.include
+++ b/tests/docker/Makefile.include
@@ -17,24 +17,13 @@ DOCKER_TOOLS := travis
 TESTS ?= %
 IMAGES ?= %
 
-# Make archive from git repo $1 to tar.gz $2
-make-archive-maybe = $(if $(wildcard $1/*), \
-   $(call quiet-command, \
-   (cd $1; if git diff-index --quiet HEAD -- &>/dev/null; then \
-   git archive -1 HEAD --format=tar.gz; \
-   else \
-   git archive -1 $$(git stash create) --format=tar.gz; \
-   fi) > $2, \
-   "ARCHIVE","$(notdir $2)"))
-
 CUR_TIME := $(shell date +%Y-%m-%d-%H.%M.%S.)
 DOCKER_SRC_COPY := docker-src.$(CUR_TIME)
 
 $(DOCKER_SRC_COPY):
@mkdir $@
-   $(call make-archive-maybe, $(SRC_PATH), $@/qemu.tgz)
-   $(call make-archive-maybe, $(SRC_PATH)/dtc, $@/dtc.tgz)
-   $(call make-archive-maybe, $(SRC_PATH)/pixman, $@/pixman.tgz)
+   $(call quiet-command, $(SRC_PATH)/scripts/archive-source.sh 
$@/qemu.tar, \
+   "GEN", "$@/qemu.tar")
$(call quiet-command, cp $(SRC_PATH)/tests/docker/run $@/run, \
"COPY","RUNNER")
 
diff --git a/tests/docker/run b/tests/docker/run
index c1e4513bce..9eb9165f76 100755
--- a/tests/docker/run
+++ b/tests/docker/run
@@ -32,13 +32,7 @@ export TEST_DIR=/tmp/qemu-test
 mkdir -p $TEST_DIR/{src,build,install}
 
 # Extract the source tarballs
-tar -C $TEST_DIR/src -xzf $BASE/qemu.tgz
-for p in dtc pixman; do
-if test -f $BASE/$p.tgz; then
-tar -C $TEST_DIR/src/$p -xzf $BASE/$p.tgz
-export FEATURES="$FEATURES $p"
-fi
-done
+tar -C $TEST_DIR/src -xf $BASE/qemu.tar
 
 if test -n "$SHOW_ENV"; then
 if test -f /packages.txt; then
-- 
2.13.5

[Qemu-devel] [PATCH v6 10/12] MAINTAINERS: Add tests/vm entry

[Fam Zheng]

Signed-off-by: Fam Zheng 
Reviewed-by: Stefan Hajnoczi 
---
 MAINTAINERS | 1 +
 1 file changed, 1 insertion(+)

diff --git a/MAINTAINERS b/MAINTAINERS
index 5ec945c9af..f6b0fd156e 100644
--- a/MAINTAINERS
+++ b/MAINTAINERS
@@ -1897,6 +1897,7 @@ S: Maintained
 F: .travis.yml
 F: .shippable.yml
 F: tests/docker/
+F: tests/vm/
 W: https://travis-ci.org/qemu/qemu
 W: https://app.shippable.com/github/qemu/qemu
 W: http://patchew.org/QEMU/
-- 
2.13.5

[Qemu-devel] [PATCH v6 11/12] tests: Add README for vm tests

[Fam Zheng]

Signed-off-by: Fam Zheng 
---
 tests/vm/README | 63 +
 1 file changed, 63 insertions(+)
 create mode 100644 tests/vm/README

diff --git a/tests/vm/README b/tests/vm/README
new file mode 100644
index 00..7d2fe4ac8d
--- /dev/null
+++ b/tests/vm/README
@@ -0,0 +1,63 @@
+=== VM test suite to run build in guests ===
+
+== Intro ==
+
+This test suite contains scripts that bootstrap various guest images that have
+necessary packages to build QEMU. The basic usage is documented in Makefile
+help which is displayed with "make vm-test".
+
+== Quick start ==
+
+Run "make vm-test" to list available make targets.
+
+== Manual invocation ==
+
+Each guest script is an executable script with the same command line options.
+For example to work with the netbsd guest, use $QEMU_SRC/tests/vm/netbsd:
+
+$ cd $QEMU_SRC/tests/vm
+
+# To bootstrap the image
+$ ./netbsd --build-image --image /var/tmp/netbsd.img
+<...>
+
+# To run an arbitrary command in guest (the output will not be echoed 
unless
+# --debug is added)
+$ ./netbsd --debug --image /var/tmp/netbsd.img uname -a
+
+# To build QEMU in guest
+$ ./netbsd --debug --image /var/tmp/netbsd.img --build-qemu $QEMU_SRC
+
+# To get to an interactive shell
+$ ./netbsd --interactive --image /var/tmp/netbsd.img sh
+
+== Adding new guests ==
+
+Please look at existing guest scripts for how to add new guests.
+
+Most importantly, create a subclass of BaseVM and implement build_image()
+method and define BUILD_SCRIPT, then finally call basevm.main() from the
+script's main().
+
+  - Usually in build_image(), a template image is downloaded from a predefined
+URL. BaseVM._download_with_cache() takes care of the cache and the
+checksum, so consider using it.
+
+  - Once the image is downloaded, users, SSH server and QEMU build deps should
+be set up:
+
+* Root password set to BaseVM.ROOT_PASS
+* User BaseVM.GUEST_USER is created, and password set to BaseVM.GUEST_PASS
+* SSH service is enabled and started on boot, BaseVM.SSH_PUB_KEY is added
+  to authorized_keys of both root and the normal user
+* DHCP client service is enabled and started on boot, so that it can
+  automatically configure the virtio-net-pci NIC and communicate with QEMU
+  user net (10.0.2.2)
+* Necessary packages are installed to untar the source tarball and build
+  QEMU
+
+  - Write a proper BUILD_SCRIPT template, which should be a shell script that
+untars a raw virtio-blk block device, which is the tarball data blob of the
+QEMU source tree, then configure/build it. Running "make check" is also
+recommended.
+
-- 
2.13.5

[Qemu-devel] [PATCH v6 05/12] tests: Add ubuntu.i386 image

[Fam Zheng]

This adds a 32bit guest.

The official LTS cloud image is downloaded and initialized with
cloud-init.

Signed-off-by: Fam Zheng 
---
 tests/vm/ubuntu.i386 | 88 
 1 file changed, 88 insertions(+)
 create mode 100755 tests/vm/ubuntu.i386

diff --git a/tests/vm/ubuntu.i386 b/tests/vm/ubuntu.i386
new file mode 100755
index 00..1a55856d9c
--- /dev/null
+++ b/tests/vm/ubuntu.i386
@@ -0,0 +1,88 @@
+#!/usr/bin/env python
+#
+# Ubuntu i386 image
+#
+# Copyright (C) 2017 Red Hat Inc.
+#
+# Authors:
+#  Fam Zheng 
+#
+# This work is licensed under the terms of the GNU GPL, version 2.  See
+# the COPYING file in the top-level directory.
+#
+
+import os
+import sys
+import subprocess
+import basevm
+import time
+
+class UbuntuX86VM(basevm.BaseVM):
+name = "ubuntu.i386"
+BUILD_SCRIPT = """
+set -e;
+cd $(mktemp -d);
+sudo chmod a+r /dev/vdb;
+tar -xf /dev/vdb;
+./configure {configure_opts};
+make -j{jobs};
+make check;
+"""
+
+def _gen_cloud_init_iso(self):
+cidir = self._tmpdir
+mdata = open(os.path.join(cidir, "meta-data"), "w")
+mdata.writelines(["instance-id: ubuntu-vm-0\n",
+ "local-hostname: ubuntu-guest\n"])
+mdata.close()
+udata = open(os.path.join(cidir, "user-data"), "w")
+udata.writelines(["#cloud-config\n",
+  "chpasswd:\n",
+  "  list: |\n",
+  "root:%s\n" % self.ROOT_PASS,
+  "%s:%s\n" % (self.GUEST_USER, self.GUEST_PASS),
+  "  expire: False\n",
+  "users:\n",
+  "  - name: %s\n" % self.GUEST_USER,
+  "sudo: ALL=(ALL) NOPASSWD:ALL\n",
+  "ssh-authorized-keys:\n",
+  "- %s\n" % basevm.SSH_PUB_KEY,
+  "  - name: root\n",
+  "ssh-authorized-keys:\n",
+  "- %s\n" % basevm.SSH_PUB_KEY])
+udata.close()
+subprocess.check_call(["genisoimage", "-output", "cloud-init.iso",
+   "-volid", "cidata", "-joliet", "-rock",
+   "user-data", "meta-data"],
+   cwd=cidir,
+   stdin=self._devnull, stdout=self._stdout,
+   stderr=self._stdout)
+return os.path.join(cidir, "cloud-init.iso")
+
+def build_image(self, img):
+cimg = 
self._download_with_cache("https://cloud-images.ubuntu.com/releases/16.04/release/ubuntu-16.04-server-cloudimg-i386-disk1.img";)
+img_tmp = img + ".tmp"
+subprocess.check_call(["cp", "-f", cimg, img_tmp])
+subprocess.check_call(["qemu-img", "resize", img_tmp, "50G"])
+self.boot(img_tmp, extra_args = ["-cdrom", self._gen_cloud_init_iso()])
+self.wait_ssh()
+self.ssh_root_check("touch /etc/cloud/cloud-init.disabled")
+self.ssh_root_check("apt-get update")
+self.ssh_root_check("apt-get install -y cloud-initramfs-growroot")
+# Don't check the status in case the guest hang up too quickly
+self.ssh_root("sync && reboot")
+time.sleep(5)
+self.wait_ssh()
+# The previous update sometimes doesn't survive a reboot, so do it 
again
+self.ssh_root_check("apt-get update")
+self.ssh_root_check("apt-get build-dep -y qemu")
+self.ssh_root_check("apt-get install -y libfdt-dev")
+self.ssh_root("poweroff")
+self.wait()
+if os.path.exists(img):
+os.remove(img)
+os.rename(img_tmp, img)
+return 0
+
+if __name__ == "__main__":
+sys.exit(basevm.main(UbuntuX86VM))
-- 
2.13.5

[Qemu-devel] [PATCH v6 07/12] tests: Add NetBSD image

[Fam Zheng]

The image is prepared following instructions as in:

https://wiki.qemu.org/Hosts/BSD

Signed-off-by: Fam Zheng 
Reviewed-by: Kamil Rytarowski 
---
 tests/vm/netbsd | 42 ++
 1 file changed, 42 insertions(+)
 create mode 100755 tests/vm/netbsd

diff --git a/tests/vm/netbsd b/tests/vm/netbsd
new file mode 100755
index 00..559e89c8a6
--- /dev/null
+++ b/tests/vm/netbsd
@@ -0,0 +1,42 @@
+#!/usr/bin/env python
+#
+# NetBSD VM image
+#
+# Copyright (C) 2017 Red Hat Inc.
+#
+# Authors:
+#  Fam Zheng 
+#
+# This work is licensed under the terms of the GNU GPL, version 2.  See
+# the COPYING file in the top-level directory.
+#
+
+import os
+import sys
+import subprocess
+import basevm
+
+class NetBSDVM(basevm.BaseVM):
+name = "netbsd"
+BUILD_SCRIPT = """
+set -e;
+cd $(mktemp -d /var/tmp/qemu-test.XX);
+tar -xf /dev/rld1a;
+./configure --python=python2.7 {configure_opts};
+gmake -j{jobs};
+gmake check;
+"""
+
+def build_image(self, img):
+cimg = 
self._download_with_cache("http://download.patchew.org/netbsd-7.1-amd64.img.xz";,
+ 
sha256sum='b633d565b0eac3d02015cd0c81440bd8a7a8df8512615ac1ee05d318be015732')
+img_tmp_xz = img + ".tmp.xz"
+img_tmp = img + ".tmp"
+subprocess.check_call(["cp", "-f", cimg, img_tmp_xz])
+subprocess.check_call(["xz", "-df", img_tmp_xz])
+if os.path.exists(img):
+os.remove(img)
+os.rename(img_tmp, img)
+
+if __name__ == "__main__":
+sys.exit(basevm.main(NetBSDVM))
-- 
2.13.5

[Qemu-devel] [PATCH v6 09/12] Makefile: Add rules to run vm tests

[Fam Zheng]

Signed-off-by: Fam Zheng 
---
 Makefile  |  2 ++
 configure |  2 +-
 tests/vm/Makefile.include | 42 ++
 3 files changed, 45 insertions(+), 1 deletion(-)
 create mode 100644 tests/vm/Makefile.include

diff --git a/Makefile b/Makefile
index 337a1f6f9b..946eb2ce35 100644
--- a/Makefile
+++ b/Makefile
@@ -822,6 +822,7 @@ endif
 -include $(wildcard *.d tests/*.d)
 
 include $(SRC_PATH)/tests/docker/Makefile.include
+include $(SRC_PATH)/tests/vm/Makefile.include
 
 .PHONY: help
 help:
@@ -845,6 +846,7 @@ help:
@echo  'Test targets:'
@echo  '  check   - Run all tests (check-help for details)'
@echo  '  docker  - Help about targets running tests inside 
Docker containers'
+   @echo  '  vm-test - Help about targets running tests inside VM'
@echo  ''
@echo  'Documentation targets:'
@echo  '  html info pdf txt'
diff --git a/configure b/configure
index fb7e34a901..09471fbf54 100755
--- a/configure
+++ b/configure
@@ -6563,7 +6563,7 @@ if test "$ccache_cpp2" = "yes"; then
 fi
 
 # build tree in object directory in case the source is not in the current 
directory
-DIRS="tests tests/tcg tests/tcg/cris tests/tcg/lm32 tests/libqos 
tests/qapi-schema tests/tcg/xtensa tests/qemu-iotests"
+DIRS="tests tests/tcg tests/tcg/cris tests/tcg/lm32 tests/libqos 
tests/qapi-schema tests/tcg/xtensa tests/qemu-iotests tests/vm"
 DIRS="$DIRS docs docs/interop fsdev"
 DIRS="$DIRS pc-bios/optionrom pc-bios/spapr-rtas pc-bios/s390-ccw"
 DIRS="$DIRS roms/seabios roms/vgabios"
diff --git a/tests/vm/Makefile.include b/tests/vm/Makefile.include
new file mode 100644
index 00..5daa2a3b73
--- /dev/null
+++ b/tests/vm/Makefile.include
@@ -0,0 +1,42 @@
+# Makefile for VM tests
+
+.PHONY: vm-build-all
+
+IMAGES := ubuntu.i386 freebsd netbsd openbsd
+IMAGE_FILES := $(patsubst %, tests/vm/%.img, $(IMAGES))
+
+.PRECIOUS: $(IMAGE_FILES)
+
+vm-test:
+   @echo "vm-test: Test QEMU in preconfigured virtual machines"
+   @echo
+   @echo "  vm-build-ubuntu.i386- Build QEMU in ubuntu i386 VM"
+   @echo "  vm-build-freebsd- Build QEMU in FreeBSD VM"
+   @echo "  vm-build-netbsd - Build QEMU in NetBSD VM"
+   @echo "  vm-build-openbsd- Build QEMU in OpenBSD VM"
+
+vm-build-all: $(addprefix vm-build-, $(IMAGES))
+
+tests/vm/%.img: $(SRC_PATH)/tests/vm/% \
+   $(SRC_PATH)/tests/vm/basevm.py \
+   $(SRC_PATH)/tests/vm/Makefile.include
+   $(call quiet-command, \
+   $< \
+   $(if $(V)$(DEBUG), --debug) \
+   --image "$@" \
+   --force \
+   --build-image $@, \
+   "  VM-IMAGE $*")
+
+
+# Build in VM $(IMAGE)
+vm-build-%: tests/vm/%.img
+   $(call quiet-command, \
+   $(SRC_PATH)/tests/vm/$* \
+   $(if $(V)$(DEBUG), --debug) \
+   $(if $(DEBUG), --interactive) \
+   $(if $(J),--jobs $(J)) \
+   --image "$<" \
+   --build-qemu $(SRC_PATH), \
+   "  VM-BUILD $*")
+
-- 
2.13.5

[Qemu-devel] [PATCH v6 08/12] tests: Add OpenBSD image

[Fam Zheng]

The image is prepared following instructions as in:

https://wiki.qemu.org/Hosts/BSD

Signed-off-by: Fam Zheng 
---
 tests/vm/openbsd | 43 +++
 1 file changed, 43 insertions(+)
 create mode 100755 tests/vm/openbsd

diff --git a/tests/vm/openbsd b/tests/vm/openbsd
new file mode 100755
index 00..57b10105f7
--- /dev/null
+++ b/tests/vm/openbsd
@@ -0,0 +1,43 @@
+#!/usr/bin/env python
+#
+# OpenBSD VM image
+#
+# Copyright (C) 2017 Red Hat Inc.
+#
+# Authors:
+#  Fam Zheng 
+#
+# This work is licensed under the terms of the GNU GPL, version 2.  See
+# the COPYING file in the top-level directory.
+#
+
+import os
+import sys
+import subprocess
+import basevm
+
+class OpenBSDVM(basevm.BaseVM):
+name = "openbsd"
+BUILD_SCRIPT = """
+set -e;
+cd $(mktemp -d /var/tmp/qemu-test.XX);
+tar -xf /dev/rsd1c;
+./configure --cc=x86_64-unknown-openbsd6.1-gcc-4.9.4 
--python=python2.7 {configure_opts};
+gmake -j{jobs};
+# XXX: "gmake check" seems to always hang or fail
+#gmake check;
+"""
+
+def build_image(self, img):
+cimg = 
self._download_with_cache("http://download.patchew.org/openbsd-6.1-amd64.img.xz";,
+
sha256sum='8c6cedc483e602cfee5e04f0406c64eb99138495e8ca580bc0293bcf0640c1bf')
+img_tmp_xz = img + ".tmp.xz"
+img_tmp = img + ".tmp"
+subprocess.check_call(["cp", "-f", cimg, img_tmp_xz])
+subprocess.check_call(["xz", "-df", img_tmp_xz])
+if os.path.exists(img):
+os.remove(img)
+os.rename(img_tmp, img)
+
+if __name__ == "__main__":
+sys.exit(basevm.main(OpenBSDVM))
-- 
2.13.5

[Qemu-devel] [PATCH v6 02/12] qemu.py: Add "wait()" method

[Fam Zheng]

Signed-off-by: Fam Zheng 
Reviewed-by: Stefan Hajnoczi 
---
 scripts/qemu.py | 7 +++
 1 file changed, 7 insertions(+)

diff --git a/scripts/qemu.py b/scripts/qemu.py
index 880e3e8219..153f2d1564 100644
--- a/scripts/qemu.py
+++ b/scripts/qemu.py
@@ -143,6 +143,13 @@ class QEMUMachine(object):
 self._post_shutdown()
 raise
 
+def wait(self):
+'''Wait for the VM to power off'''
+self._popen.wait()
+self._qmp.close()
+self._load_io_log()
+self._post_shutdown()
+
 def shutdown(self):
 '''Terminate the VM and clean up'''
 if self.is_running():
-- 
2.13.5

[Qemu-devel] [PATCH v6 04/12] tests: Add vm test lib

[Fam Zheng]

This is the common code to implement a "VM test" to

  1) Download and initialize a pre-defined VM that has necessary
  dependencies to build QEMU and SSH access.

  2) Archive $SRC_PATH to a .tar file.

  3) Boot the VM, and pass the source tar file to the guest.

  4) SSH into the VM, untar the source tarball, build from the source.

Signed-off-by: Fam Zheng 
---
 tests/vm/basevm.py | 276 +
 1 file changed, 276 insertions(+)
 create mode 100755 tests/vm/basevm.py

diff --git a/tests/vm/basevm.py b/tests/vm/basevm.py
new file mode 100755
index 00..9db91d61fa
--- /dev/null
+++ b/tests/vm/basevm.py
@@ -0,0 +1,276 @@
+#!/usr/bin/env python
+#
+# VM testing base class
+#
+# Copyright (C) 2017 Red Hat Inc.
+#
+# Authors:
+#  Fam Zheng 
+#
+# This work is licensed under the terms of the GNU GPL, version 2.  See
+# the COPYING file in the top-level directory.
+#
+
+import os
+import sys
+import logging
+import time
+import datetime
+sys.path.append(os.path.join(os.path.dirname(__file__), "..", "..", "scripts"))
+from qemu import QEMUMachine
+import subprocess
+import hashlib
+import optparse
+import atexit
+import tempfile
+import shutil
+import multiprocessing
+import traceback
+
+SSH_KEY = """\
+-BEGIN RSA PRIVATE KEY-
+MIIEowIBAAKCAQEAopAuOlmLV6LVHdFBj8/eeOwI9CqguIJPp7eAQSZvOiB4Ag/R
+coEhl/RBbrV5Yc/SmSD4PTpJO/iM10RwliNjDb4a3I8q3sykRJu9c9PI/YsH8WN9
++NH2NjKPtJIcKTu287IM5JYxyB6nDoOzILbTyJ1TDR/xH6qYEfBAyiblggdjcvhA
+RTf93QIn39F/xLypXvT1K2O9BJEsnJ8lEUvB2UXhKo/JTfSeZF8wPBeowaP9EONk
+7b+nuJOWHGg68Ji6wVi62tjwl2Szch6lxIhZBpnV7QNRKMfYHP6eIyF4pusazzZq
+Telsq6xI2ghecWLzb/MF5A+rklsGx2FNuJSAJwIDAQABAoIBAHHi4o/8VZNivz0x
+cWXn8erzKV6tUoWQvW85Lj/2RiwJvSlsnYZDkx5af1CpEE2HA/pFT8PNRqsd+MWC
+7AEy710cVsM4BYerBFYQaYxwzblaoojo88LSjVPw3h5Z0iLM8+IMVd36nwuc9dpE
+R8TecMZ1+U4Tl6BgqkK+9xToZRdPKdjS8L5MoFhGN+xY0vRbbJbGaV9Q0IHxLBkB
+rEBV7T1mUynneCHRUQlJQEwJmKpT8MH3IjsUXlG5YvnuuvcQJSNTaW2iDLxuOKp8
+cxW8+qL88zpb1D5dppoIu6rlrugN0azSq70ruFJQPc/A8GQrDKoGgRQiagxNY3u+
+vHZzXlECgYEA0dKO3gfkSxsDBb94sQwskMScqLhcKhztEa8kPxTx6Yqh+x8/scx3
+XhJyOt669P8U1v8a/2Al+s81oZzzfQSzO1Q7gEwSrgBcRMSIoRBUw9uYcy02ngb/
+j/ng3DGivfJztjjiSJwb46FHkJ2JR8mF2UisC6UMXk3NgFY/3vWQx78CgYEAxlcG
+T3hfSWSmTgKRczMJuHQOX9ULfTBIqwP5VqkkkiavzigGRirzb5lgnmuTSPTpF0LB
+XVPjR2M4q+7gzP0Dca3pocrvLEoxjwIKnCbYKnyyvnUoE9qHv4Kr+vDbgWpa2LXG
+JbLmE7tgTCIp20jOPPT4xuDvlbzQZBJ5qCQSoZkCgYEAgrotSSihlCnAOFSTXbu4
+CHp3IKe8xIBBNENq0eK61kcJpOxTQvOha3sSsJsU4JAM6+cFaxb8kseHIqonCj1j
+bhOM/uJmwQJ4el/4wGDsbxriYOBKpyq1D38gGhDS1IW6kk3erl6VAb36WJ/OaGum
+eTpN9vNeQWM4Jj2WjdNx4QECgYAwTdd6mU1TmZCrJRL5ZG+0nYc2rbMrnQvFoqUi
+BvWiJovggHzur90zy73tNzPaq9Ls2FQxf5G1vCN8NCRJqEEjeYCR59OSDMu/EXc2
+CnvQ9SevHOdS1oEDEjcCWZCMFzPi3XpRih1gptzQDe31uuiHjf3cqcGPzTlPdfRt
+D8P92QKBgC4UaBvIRwREVJsdZzpIzm224Bpe8LOmA7DeTnjlT0b3lkGiBJ36/Q0p
+VhYh/6cjX4/iuIs7gJbGon7B+YPB8scmOi3fj0+nkJAONue1mMfBNkba6qQTc6Y2
+5mEKw2/O7/JpND7ucU3OK9plcw/qnrWDgHxl0Iz95+OzUIIagxne
+-END RSA PRIVATE KEY-
+"""
+SSH_PUB_KEY = """\
+ssh-rsa 
B3NzaC1yc2EDAQABAAABAQCikC46WYtXotUd0UGPz9547Aj0KqC4gk+nt4BBJm86IHgCD9FygSGX9EFutXlhz9KZIPg9Okk7+IzXRHCWI2MNvhrcjyrezKREm71z08j9iwfxY3340fY2Mo+0khwpO7bzsgzkljHIHqcOg7MgttPInVMNH/EfqpgR8EDKJuWCB2Ny+EBFN/3dAiff0X/EvKle9PUrY70EkSycnyURS8HZReEqj8lN9J5kXzA8F6jBo/0Q42Ttv6e4k5YcaDrwmLrBWLra2PCXZLNyHqXEiFkGmdXtA1Eox9gc/p4jIXim6xrPNmpN6WyrrEjaCF5xYvNv8wXkD6uSWwbHYU24lIAn
 qemu-vm-key
+"""
+
+class BaseVM(object):
+GUEST_USER = "qemu"
+GUEST_PASS = "qemupass"
+ROOT_PASS = "qemupass"
+
+# The script to run in the guest that builds QEMU
+BUILD_SCRIPT = ""
+# The guest name, to be overridden by subclasses
+name = "#base"
+def __init__(self, debug=False, vcpus=None):
+self._guest = None
+self._tmpdir = tempfile.mkdtemp(prefix="vm-test-", suffix=".tmp", 
dir=".")
+atexit.register(shutil.rmtree, self._tmpdir)
+
+self._ssh_key_file = os.path.join(self._tmpdir, "id_rsa")
+open(self._ssh_key_file, "w").write(SSH_KEY)
+subprocess.check_call(["chmod", "600", self._ssh_key_file])
+
+self._ssh_pub_key_file = os.path.join(self._tmpdir, "id_rsa.pub")
+open(self._ssh_pub_key_file, "w").write(SSH_PUB_KEY)
+
+self.debug = debug
+self._stderr = sys.stderr
+self._devnull = open("/dev/null", "w")
+if self.debug:
+self._stdout = sys.stdout
+else:
+self._stdout = self._devnull
+self._args = [ \
+"-nodefaults", "-m", "2G",
+"-cpu", "host",
+"-netdev", "user,id=vnet,hostfwd=:0.0.0.0:0-:22",
+"-device", "virtio-net-pci,netdev=vnet",
+"-vnc", ":0,to=20",
+"-serial", "file:%s" % os.path.join(self._tmpdir, "serial.out")]
+if vcpus:
+self._args += ["-smp", str(vcpus)]
+if os.access("/dev/kvm", os.R_OK | os.W_OK):
+self._args += ["-enable-kvm"]
+else:
+logging.info("KVM not available, not using -

[Qemu-devel] [PATCH v6 06/12] tests: Add FreeBSD image

[Fam Zheng]

The image is prepared following instructions as in:

https://wiki.qemu.org/Hosts/BSD

Signed-off-by: Fam Zheng 
---
 tests/vm/freebsd | 42 ++
 1 file changed, 42 insertions(+)
 create mode 100755 tests/vm/freebsd

diff --git a/tests/vm/freebsd b/tests/vm/freebsd
new file mode 100755
index 00..6840da0bf0
--- /dev/null
+++ b/tests/vm/freebsd
@@ -0,0 +1,42 @@
+#!/usr/bin/env python
+#
+# FreeBSD VM image
+#
+# Copyright (C) 2017 Red Hat Inc.
+#
+# Authors:
+#  Fam Zheng 
+#
+# This work is licensed under the terms of the GNU GPL, version 2.  See
+# the COPYING file in the top-level directory.
+#
+
+import os
+import sys
+import subprocess
+import basevm
+
+class FreeBSDVM(basevm.BaseVM):
+name = "freebsd"
+BUILD_SCRIPT = """
+set -e;
+cd $(mktemp -d /var/tmp/qemu-test.XX);
+tar -xf /dev/vtbd1;
+./configure {configure_opts};
+gmake -j{jobs};
+gmake check;
+"""
+
+def build_image(self, img):
+cimg = 
self._download_with_cache("http://download.patchew.org/freebsd-11.1-amd64.img.xz";,
+
sha256sum='adcb771549b37bc63826c501f05121a206ed3d9f55f49145908f7e1432d65891')
+img_tmp_xz = img + ".tmp.xz"
+img_tmp = img + ".tmp"
+subprocess.check_call(["cp", "-f", cimg, img_tmp_xz])
+subprocess.check_call(["xz", "-df", img_tmp_xz])
+if os.path.exists(img):
+os.remove(img)
+os.rename(img_tmp, img)
+
+if __name__ == "__main__":
+sys.exit(basevm.main(FreeBSDVM))
-- 
2.13.5

[Qemu-devel] [PATCH v6 03/12] scripts: Add archive-source.sh

[Fam Zheng]

Signed-off-by: Fam Zheng 
---
 scripts/archive-source.sh | 31 +++
 1 file changed, 31 insertions(+)
 create mode 100755 scripts/archive-source.sh

diff --git a/scripts/archive-source.sh b/scripts/archive-source.sh
new file mode 100755
index 00..3cae7f34d3
--- /dev/null
+++ b/scripts/archive-source.sh
@@ -0,0 +1,31 @@
+#!/bin/sh
+#
+# Author: Fam Zheng 
+#
+# Create archive of source tree, including submodules
+#
+# This work is licensed under the terms of the GNU GPL, version 2.
+# See the COPYING file in the top-level directory.
+
+set -e
+
+if test $# -lt 1; then
+echo "Usage: $0 "
+exit 1
+fi
+
+submodules=$(git submodule foreach --recursive --quiet 'echo $name')
+
+if test -n "$submodules"; then
+{
+git ls-files
+for sm in $submodules; do
+(cd $sm; git ls-files) | sed "s:^:$sm/:"
+done
+} | grep -x -v $(for sm in $submodules; do echo "-e $sm"; done) > $1.list
+else
+git ls-files > $1.list
+fi
+
+tar -cf $1 -T $1.list
+rm $1.list
-- 
2.13.5

[Qemu-devel] [PATCH v6 00/12] tests: Add VM based build tests (for non-x86_64 and/or non-Linux)

[Fam Zheng]

v6: Add license to new file. [Philippe]
Change tests/.gitignore. [Philippe]

v5: Generate source tar file with a script.
Fix tmpdir, use pwd.
Reduce default -j to half cores.

v4: Drop unused imports and parameters. [Cleber]
Use --exclude-vcs (still no --exclude-vcs-ignores because it's too new). 
[Philippe]
Use gtar if available. [Philippe, Kamil]
/dev/ld1a -> /dev/rld1a for netbsd. [Kamil]
Only use '-enable-kvm' if /dev/kvm is there. [Kamil]
Grammar fixes of README. [Stefan]
Rename image on the server to include version and arch. [Kamil]
Just ignore *.tmp. [Philippe]

v3: Drop RFC.
Add Stefan's and Kamil's reviewed-bys.
Use optparse. [Stefan]
Drop the VGA patch. [Paolo, Stefan]
Improve exit/exit code/doc. [Stefan]
Drop unused line from basevm.py. [Stefan]
Drop "--target-list" form Makefile.
More intelligent '-j'.
Add README. [Stefan]

v2: - Add docstring. [Stefan]
- Call self._load_io_lod. [Stefan]
- Use "info usernet" and dynamic ssh_port forwarding. [Stefan]
- Add image checksum.
- Use os.rename() and os.makedirs(). [Stefan]
- Fix NetBSD URL. [Kamil]

Build tests in one 32 bit Linux guest and three BSD images are defined in this
series. This is a more managable way than the manually maintained virtual
machines in patchew. Also, one big advantage of ephemeral VMs over long running
guests is the reduced RAM usage of host, which makes it possible to have one
host test all these BSD variants and probably more.

The BSD guest templates are manually prepared following

https://wiki.qemu.org/Hosts/BSD

as it is not easy to automate. (The ideal approach is like the ubuntu.i386
script, which configures the guest on top of an official released image, fully
automatically.)

Need for help: "gmake check" in the added OpenBSD image fails with -ENOMEM
errors, even if I change "-m 2G" to "-m 8G" when starting VM. Ideas? And there
is a warning from ./configure about OpenBSD going to be unsupported in coming
releases, is it still the case?

Fam

Fam Zheng (12):
  gitignore: Ignore vm test images
  qemu.py: Add "wait()" method
  scripts: Add archive-source.sh
  tests: Add vm test lib
  tests: Add ubuntu.i386 image
  tests: Add FreeBSD image
  tests: Add NetBSD image
  tests: Add OpenBSD image
  Makefile: Add rules to run vm tests
  MAINTAINERS: Add tests/vm entry
  tests: Add README for vm tests
  docker: Use archive-source.py

 .gitignore|   1 +
 MAINTAINERS   |   1 +
 Makefile  |   2 +
 configure |   2 +-
 scripts/archive-source.sh |  31 +
 scripts/qemu.py   |   7 ++
 tests/.gitignore  |   1 +
 tests/docker/Makefile.include |  15 +--
 tests/docker/run  |   8 +-
 tests/vm/Makefile.include |  42 +++
 tests/vm/README   |  63 ++
 tests/vm/basevm.py| 276 ++
 tests/vm/freebsd  |  42 +++
 tests/vm/netbsd   |  42 +++
 tests/vm/openbsd  |  43 +++
 tests/vm/ubuntu.i386  |  88 ++
 16 files changed, 643 insertions(+), 21 deletions(-)
 create mode 100755 scripts/archive-source.sh
 create mode 100644 tests/vm/Makefile.include
 create mode 100644 tests/vm/README
 create mode 100755 tests/vm/basevm.py
 create mode 100755 tests/vm/freebsd
 create mode 100755 tests/vm/netbsd
 create mode 100755 tests/vm/openbsd
 create mode 100755 tests/vm/ubuntu.i386

-- 
2.13.5

[Qemu-devel] [PATCH v6 01/12] gitignore: Ignore vm test images

[Fam Zheng]

Signed-off-by: Fam Zheng 
---
 .gitignore   | 1 +
 tests/.gitignore | 1 +
 2 files changed, 2 insertions(+)

diff --git a/.gitignore b/.gitignore
index cf65316863..40acfcb9e2 100644
--- a/.gitignore
+++ b/.gitignore
@@ -52,6 +52,7 @@
 /vscclient
 /vhost-user-scsi
 /fsdev/virtfs-proxy-helper
+*.tmp
 *.[1-9]
 *.a
 *.aux
diff --git a/tests/.gitignore b/tests/.gitignore
index fed0189a5a..cf6d99c91e 100644
--- a/tests/.gitignore
+++ b/tests/.gitignore
@@ -95,3 +95,4 @@ test-filter-mirror
 test-filter-redirector
 *-test
 qapi-schema/*.test.*
+vm/*.img
-- 
2.13.5

Re: [Qemu-devel] [PATCH V5 1/3] net/colo-compare.c: Optimize unpredictable tcp options comparison

[Dou Liyang]

Hi Chen,

At 09/04/2017 02:14 PM, Zhang Chen wrote:

When network is busy, some tcp options(like sack) will unpredictable
occur in primary side or secondary side. it will make packet size
not same, but the two packet's payload is identical. colo just
care about packet payload, so we skip the option field.

Signed-off-by: Zhang Chen 
---
 net/colo-compare.c | 40 
 1 file changed, 28 insertions(+), 12 deletions(-)

diff --git a/net/colo-compare.c b/net/colo-compare.c
index ca67c68..18a9ebf 100644
--- a/net/colo-compare.c
+++ b/net/colo-compare.c
@@ -186,7 +186,10 @@ static int packet_enqueue(CompareState *s, int mode)
  * return:0  means packet same
  *> 0 || < 0 means packet different
  */
-static int colo_packet_compare_common(Packet *ppkt, Packet *spkt, int offset)
+static int colo_packet_compare_common(Packet *ppkt,
+  Packet *spkt,
+  int poffset,
+  int soffset)
 {
 if (trace_event_get_state(TRACE_COLO_COMPARE_MISCOMPARE)) {
 char pri_ip_src[20], pri_ip_dst[20], sec_ip_src[20], sec_ip_dst[20];
@@ -201,12 +204,14 @@ static int colo_packet_compare_common(Packet *ppkt, 
Packet *spkt, int offset)
sec_ip_src, sec_ip_dst);
 }

-offset = ppkt->vnet_hdr_len + offset;
+poffset = ppkt->vnet_hdr_len + poffset;
+soffset = ppkt->vnet_hdr_len + soffset;

-if (ppkt->size == spkt->size) {
-return memcmp(ppkt->data + offset,
-  spkt->data + offset,
-  spkt->size - offset);
+if (ppkt->size == spkt->size ||
+ppkt->size - poffset == spkt->size - soffset) {


This logic has a problem:

ppkt->data
   |---|-rangeP-|
   |\   |
   poffset ppkt->size
 \equal range \
spkt->data\\
   |---|--rangeS|
   ||
soffsetspkt->size

See the above picture, (ppkt->size == spkt->size) is true,
if  [soffset, spkt->size] == [poffset, poffset+(spkt->size- soffset) is
also ture, the code will return 0, but actually, they are not equal.

Please use following code instead,

if (ppkt->size - poffset == spkt->size - soffset)

I am a new boy in COLO, let's see what we actually want to compare,
If I am wrong, please correct me. :-)

ppkt->data
   |---|-rangeP-|
   ||
   poffset ppkt->size

spkt->data
   ||--rangeS-|
| |
 soffset spkt->size

The data in rangeP and rangeS is what we want to compare.
So, we just need care about the rangeX's size and head pointer,
not the whole size.


Thanks,
dou.

Re: [Qemu-devel] [PATCH v5 03/12] scripts: Add archive-source.sh

[Fam Zheng]

On Fri, 09/01 17:31, Philippe Mathieu-Daudé wrote:
> On 08/31/2017 03:42 AM, Fam Zheng wrote:
> > Signed-off-by: Fam Zheng 
> > ---
> >   scripts/archive-source.sh | 29 +
> >   1 file changed, 29 insertions(+)
> >   create mode 100755 scripts/archive-source.sh
> > 
> > diff --git a/scripts/archive-source.sh b/scripts/archive-source.sh
> > new file mode 100755
> > index 00..84e84961d4
> > --- /dev/null
> > +++ b/scripts/archive-source.sh
> > @@ -0,0 +1,29 @@
> > +#!/bin/sh
> > +#
> > +# Author: Fam Zheng 
> > +#
> > +# Create archive of source tree, including submodules
> > +#
> 
> It seems you missed the license here.

I can add one.

Fam

> 
> > +
> > +set -e
> > +
> > +if test $# -lt 1; then
> > +echo "Usage: $0 "
> > +exit 1
> > +fi
> > +
> > +submodules=$(git submodule foreach --recursive --quiet 'echo $name')
> > +
> > +if test -n "$submodules"; then
> > +{
> > +git ls-files
> > +for sm in $submodules; do
> > +(cd $sm; git ls-files) | sed "s:^:$sm/:"
> > +done
> > +} | grep -x -v $(for sm in $submodules; do echo "-e $sm"; done) > 
> > $1.list
> > +else
> > +git ls-files > $1.list
> > +fi
> > +
> > +tar -cf $1 -T $1.list
> > +rm $1.list
> > 

Re: [Qemu-devel] [PATCH v5 01/12] gitignore: Ignore vm test images

[Fam Zheng]

On Fri, 09/01 17:32, Philippe Mathieu-Daudé wrote:
> On 08/31/2017 03:42 AM, Fam Zheng wrote:
> > Reviewed-by: Stefan Hajnoczi 
> > Reviewed-by: Philippe Mathieu-Daudé 
> > Signed-off-by: Fam Zheng 
> > ---
> >   .gitignore | 2 ++
> >   1 file changed, 2 insertions(+)
> > 
> > diff --git a/.gitignore b/.gitignore
> > index cf65316863..643e23e515 100644
> > --- a/.gitignore
> > +++ b/.gitignore
> > @@ -52,6 +52,8 @@
> >   /vscclient
> >   /vhost-user-scsi
> >   /fsdev/virtfs-proxy-helper
> > +/tests/vm/*.img
> 
> There is a tests/.gitignore, isn't it cleaner to add vm/*.img there?

Yes, probably.

Fam

> 
> > +*.tmp
> >   *.[1-9]
> >   *.a
> >   *.aux
> > 
> 

Re: [Qemu-devel] [PATCH v5 05/12] tests: Add ubuntu.i386 image

[Fam Zheng]

On Fri, 09/01 16:50, Philippe Mathieu-Daudé wrote:
> Hi Fam,
> 
> On 08/31/2017 03:42 AM, Fam Zheng wrote:
> > This adds a 32bit guest.
> > 
> > The official LTS cloud image is downloaded and initialized with
> > cloud-init.
> > 
> > Signed-off-by: Fam Zheng 
> > ---
> >   tests/vm/ubuntu.i386 | 88 
> > 
> >   1 file changed, 88 insertions(+)
> >   create mode 100755 tests/vm/ubuntu.i386
> > 
> > diff --git a/tests/vm/ubuntu.i386 b/tests/vm/ubuntu.i386
> > new file mode 100755
> > index 00..1a55856d9c
> > --- /dev/null
> > +++ b/tests/vm/ubuntu.i386
> > @@ -0,0 +1,88 @@
> > +#!/usr/bin/env python
> > +#
> > +# Ubuntu i386 image
> > +#
> > +# Copyright (C) 2017 Red Hat Inc.
> > +#
> > +# Authors:
> > +#  Fam Zheng 
> > +#
> > +# This work is licensed under the terms of the GNU GPL, version 2.  See
> > +# the COPYING file in the top-level directory.
> > +#
> > +
> > +import os
> > +import sys
> > +import subprocess
> > +import basevm
> > +import time
> > +
> > +class UbuntuX86VM(basevm.BaseVM):
> > +name = "ubuntu.i386"
> > +BUILD_SCRIPT = """
> > +set -e;
> > +cd $(mktemp -d);
> > +sudo chmod a+r /dev/vdb;
> > +tar -xf /dev/vdb;
> > +./configure {configure_opts};
> > +make -j{jobs};
> > +make check;
> > +"""
> > +
> > +def _gen_cloud_init_iso(self):
> > +cidir = self._tmpdir
> > +mdata = open(os.path.join(cidir, "meta-data"), "w")
> > +mdata.writelines(["instance-id: ubuntu-vm-0\n",
> > + "local-hostname: ubuntu-guest\n"])
> > +mdata.close()
> > +udata = open(os.path.join(cidir, "user-data"), "w")
> > +udata.writelines(["#cloud-config\n",
> > +  "chpasswd:\n",
> > +  "  list: |\n",
> > +  "root:%s\n" % self.ROOT_PASS,
> > +  "%s:%s\n" % (self.GUEST_USER, 
> > self.GUEST_PASS),
> > +  "  expire: False\n",
> > +  "users:\n",
> > +  "  - name: %s\n" % self.GUEST_USER,
> > +  "sudo: ALL=(ALL) NOPASSWD:ALL\n",
> > +  "ssh-authorized-keys:\n",
> > +  "- %s\n" % basevm.SSH_PUB_KEY,
> > +  "  - name: root\n",
> > +  "ssh-authorized-keys:\n",
> > +  "- %s\n" % basevm.SSH_PUB_KEY])
> > +udata.close()
> > +subprocess.check_call(["genisoimage", "-output", "cloud-init.iso",
> > +   "-volid", "cidata", "-joliet", "-rock",
> > +   "user-data", "meta-data"],
> > +   cwd=cidir,
> > +   stdin=self._devnull, stdout=self._stdout,
> > +   stderr=self._stdout)
> > +return os.path.join(cidir, "cloud-init.iso")
> > +
> > +def build_image(self, img):
> > +cimg = 
> > self._download_with_cache("https://cloud-images.ubuntu.com/releases/16.04/release/ubuntu-16.04-server-cloudimg-i386-disk1.img";)
> > +img_tmp = img + ".tmp"
> > +subprocess.check_call(["cp", "-f", cimg, img_tmp])
> > +subprocess.check_call(["qemu-img", "resize", img_tmp, "50G"])
> > +self.boot(img_tmp, extra_args = ["-cdrom", 
> > self._gen_cloud_init_iso()])
> 
> I'd rather test a 32bit cpu, not 64bit cpu in 32bit mode.
> 
> I first tested with "-cpu pentium2" which worked, I then find it easier this
> way:
> 
> if /dev/kvm: "kvm32"
> else: "qemu32"
> 
> What do you think?

No, I don't think so, I'm not testing the cpu emulation here. Let's focus on the
test subject which is what happens in the guest, not how it is emulated, as long
as it works.

Fam

Re: [Qemu-devel] [PATCH 1/1] net: Add SunGEM device emulation as found on Apple UniNorth

[David Gibson]

On Mon, Sep 04, 2017 at 07:39:38PM +0100, Mark Cave-Ayland wrote:
> From: Benjamin Herrenschmidt 
> 
> This adds a simplistic emulation of the Sun GEM ethernet controller
> found in Apple ASICs.
> 
> Currently we only support the Apple UniNorth 1.x variant, but the
> other Apple or Sun variants should mostly be a matter of adding
> PCI IDs options.
> 
> We have a very primitive emulation of a single Broadcom 5201 PHY
> which is supported by the MacOS driver.
> 
> This model brings out-of-the-box networking to MacOS 9, and all
> versions of OS X I tried with the mac99 platform.
> 
> Further improvements from Mark:
> - Remove sungem.h file, moving constants into sungem.c as required
> - Switch to using tracepoints for debugging
> - Split register blocks into separate memory regions
> - Use arrays in SunGEMState to hold register values
> - Add state-saving support
> 
> Signed-off-by: Benjamin Herrenschmidt 
> Signed-off-by: Mark Cave-Ayland 

Applied to ppc-for-2.11.

> ---
>  default-configs/ppc-softmmu.mak |1 +
>  hw/net/Makefile.objs|1 +
>  hw/net/sungem.c | 1447 
> +++
>  hw/net/trace-events |   44 ++
>  hw/pci/pci.c|2 +
>  include/hw/pci/pci_ids.h|1 +
>  6 files changed, 1496 insertions(+)
>  create mode 100644 hw/net/sungem.c
> 
> diff --git a/default-configs/ppc-softmmu.mak b/default-configs/ppc-softmmu.mak
> index 1f1cd85..c12ba9e 100644
> --- a/default-configs/ppc-softmmu.mak
> +++ b/default-configs/ppc-softmmu.mak
> @@ -17,6 +17,7 @@ CONFIG_PREP_PCI=y
>  CONFIG_I82378=y
>  CONFIG_PC87312=y
>  CONFIG_MACIO=y
> +CONFIG_SUNGEM=y
>  CONFIG_PCSPK=y
>  CONFIG_CS4231A=y
>  CONFIG_CUDA=y
> diff --git a/hw/net/Makefile.objs b/hw/net/Makefile.objs
> index 5ddaffe..7e87d01 100644
> --- a/hw/net/Makefile.objs
> +++ b/hw/net/Makefile.objs
> @@ -27,6 +27,7 @@ common-obj-$(CONFIG_CADENCE) += cadence_gem.o
>  common-obj-$(CONFIG_STELLARIS_ENET) += stellaris_enet.o
>  common-obj-$(CONFIG_LANCE) += lance.o
>  common-obj-$(CONFIG_FTGMAC100) += ftgmac100.o
> +common-obj-$(CONFIG_SUNGEM) += sungem.o
>  
>  obj-$(CONFIG_ETRAXFS) += etraxfs_eth.o
>  obj-$(CONFIG_COLDFIRE) += mcf_fec.o
> diff --git a/hw/net/sungem.c b/hw/net/sungem.c
> new file mode 100644
> index 000..8c2ca4a
> --- /dev/null
> +++ b/hw/net/sungem.c
> @@ -0,0 +1,1447 @@
> +/*
> + * QEMU model of SUN GEM ethernet controller
> + *
> + * As found in Apple ASICs among others
> + *
> + * Copyright 2016 Ben Herrenschmidt
> + * Copyright 2017 Mark Cave-Ayland
> + */
> +
> +#include "qemu/osdep.h"
> +#include "hw/pci/pci.h"
> +#include "qemu/log.h"
> +#include "net/net.h"
> +#include "net/checksum.h"
> +#include "hw/net/mii.h"
> +#include "sysemu/sysemu.h"
> +#include "trace.h"
> +/* For crc32 */
> +#include 
> +
> +#define TYPE_SUNGEM "sungem"
> +
> +#define SUNGEM(obj) OBJECT_CHECK(SunGEMState, (obj), TYPE_SUNGEM)
> +
> +#define MAX_PACKET_SIZE 9016
> +
> +#define SUNGEM_MMIO_SIZE0x20
> +
> +/* Global registers */
> +#define SUNGEM_MMIO_GREG_SIZE   0x2000
> +
> +#define GREG_SEBSTATE 0xUL/* SEB State Register */
> +
> +#define GREG_STAT 0x000CUL/* Status Register */
> +#define GREG_STAT_TXINTME 0x0001/* TX INTME frame transferred */
> +#define GREG_STAT_TXALL   0x0002/* All TX frames transferred */
> +#define GREG_STAT_TXDONE  0x0004/* One TX frame transferred */
> +#define GREG_STAT_RXDONE  0x0010/* One RX frame arrived */
> +#define GREG_STAT_RXNOBUF 0x0020/* No free RX buffers available 
> */
> +#define GREG_STAT_RXTAGERR0x0040/* RX tag framing is corrupt */
> +#define GREG_STAT_TXMAC   0x4000/* TX MAC signalled interrupt */
> +#define GREG_STAT_RXMAC   0x8000/* RX MAC signalled interrupt */
> +#define GREG_STAT_MAC 0x0001/* MAC Control signalled irq */
> +#define GREG_STAT_TXNR0xfff8/* == TXDMA_TXDONE reg val */
> +#define GREG_STAT_TXNR_SHIFT  19
> +
> +/* These interrupts are edge latches in the status register,
> + * reading it (or writing the corresponding bit in IACK) will
> + * clear them
> + */
> +#define GREG_STAT_LATCH   (GREG_STAT_TXALL  | GREG_STAT_TXINTME | \
> +   GREG_STAT_RXDONE | GREG_STAT_RXDONE |  \
> +   GREG_STAT_RXNOBUF | GREG_STAT_RXTAGERR)
> +
> +#define GREG_IMASK0x0010UL/* Interrupt Mask Register */
> +#define GREG_IACK 0x0014UL/* Interrupt ACK Register */
> +#define GREG_STAT20x001CUL/* Alias of GREG_STAT */
> +#define GREG_PCIESTAT 0x1000UL/* PCI Error Status Register */
> +#define GREG_PCIEMASK 0x1004UL/* PCI Error Mask Register */
> +
> +#define GREG_SWRST0x1010UL/* Software Reset Register */
> +#define GREG_SWRST_TXRST  0x0001/* TX Software Reset */
> +#define GREG_SWRST_RXRST  0x0002/* RX Software Re

Re: [Qemu-devel] [PATCH] x86/acpi: build SRAT when memory hotplug is enabled

[Dou Liyang]

Hi Eduardo,

At 09/04/2017 09:08 PM, Eduardo Habkost wrote:
[...]

In my opinion, this may also add the hotpluggable memory, and see the
following commemts.

/*
 * Entry is required for Windows to enable memory hotplug in OS
 * and for Linux to enable SWIOTLB when booted with less than
   
 * 4G of RAM. Windows works better if the entry sets proximity
 * to the highest NUMA node in the machine.
 * Memory devices may override proximity set by this entry,
 * providing _PXM method if necessary.
 */
if (hotplugabble_address_space_size) {
numamem = acpi_data_push(table_data, sizeof *numamem);
build_srat_memory(numamem, pcms->hotplug_memory.base,
  hotplugabble_address_space_size, pcms->numa_nodes
- 1,
  MEM_AFFINITY_HOTPLUGGABLE | MEM_AFFINITY_ENABLED);
}


You are correct, I didn't see that part of the code.  If that's
the entry that's missing, the patch makes sense.  Thanks!

However, the resulting tables still don't look correct: it will
generate an entry assigned to NUMA node (uint32_t)-1 if no NUMA
nodes are configured elsewhere, some APIC entries, but no entries
for the rest of the memory.


Yes, indeed.



Igor's suggestion to enable NUMA implicitly sounds safer to me.



I agree with Igor too.

Is anybody doing this? If not, may I make a patch to enable adding NUMA
node implicitly first. let's see what it looks like.

Thanks,
dou.

Re: [Qemu-devel] [PATCHv5 01/03] qemu-iothread: IOThread supports theGMainContext event loop

[wang.yong155]

>> IOThread uses AioContext event loop and does not run a GMainContext.

>> Therefore,chardev cannot work in IOThread,such as the chardev is

>> used for colo-compare packets reception.

>> 

>> This patch makes the IOThread run the GMainContext event loop,

>> chardev and IOThread can work together.

>> 

>> Signed-off-by: Wang Yong 

>> Signed-off-by: Wang Guang 

>> ---

>>  include/sysemu/iothread.h |  4 

>>  iothread.c| 45 +

>>  2 files changed, 49 insertions(+)

>

>Reviewed-by: Stefan Hajnoczi 

Thanks.




Hi all,

A few days without news, ping...







WangYong






原始邮件



发件人： 
收件人：王勇10170530
抄送人：
 王广10165992 
 
日 期 ：2017年08月31日 19:55
主 题 ：Re: [PATCHv5 01/03] qemu-iothread: IOThread supports theGMainContext event 
loop





On Tue, Aug 29, 2017 at 03:22:37PM +0800, Wang yong wrote:
> From: Wang Yong 
> 
> IOThread uses AioContext event loop and does not run a GMainContext.
> Therefore,chardev cannot work in IOThread,such as the chardev is
> used for colo-compare packets reception.
> 
> This patch makes the IOThread run the GMainContext event loop,
> chardev and IOThread can work together.
> 
> Signed-off-by: Wang Yong 
> Signed-off-by: Wang Guang 
> ---
>  include/sysemu/iothread.h |  4 
>  iothread.c| 45 +
>  2 files changed, 49 insertions(+)

Reviewed-by: Stefan Hajnoczi 

Re: [Qemu-devel] [PATCH v5 1/3] hw/acpi-build: Fix SRAT memory building in case of node 0 without RAM

[Dou Liyang]

Hi Igor,

At 09/04/2017 07:11 PM, Igor Mammedov wrote:
[...]

+if (mem_base <= HOLE_640K_START &&
+next_base > HOLE_640K_START) {
+mem_len -= next_base - HOLE_640K_START;
+if (mem_len > 0) {
+numamem = acpi_data_push(table_data, sizeof *numamem);
+build_srat_memory(numamem, mem_base, mem_len, i - 1,
+  MEM_AFFINITY_ENABLED);
+}
+
+/* Check for the rare case: 640K < RAM < 1M */
+if (next_base <= HOLE_640K_END) {
+next_base = HOLE_640K_END;

Is this assignment really necessary?



It is necessary, because we set mem_base to next_base before setting
next_base;

But, I can refine it:

MEM_AFFINITY_ENABLED);
  }

+mem_base = HOLE_640K_END;
  /* Check for the rare case: 640K < RAM < 1M */
  if (next_base <= HOLE_640K_END) {
-next_base = HOLE_640K_END;
  continue;
  }
-mem_base = HOLE_640K_END;
  mem_len = next_base - HOLE_640K_END;
  }

Is it?

I was wrong, so just leave it as it is now.



OK, I see.

Thanks,
dou.

Re: [Qemu-devel] [PATCH] memory: Rename queue to mrqueue (memory region queue)

[Kamil Rytarowski]

+CC jperkin

On 05.09.2017 01:57, Kamil Rytarowski wrote:
> On 04.09.2017 02:39, Philippe Mathieu-Daudé wrote:
>> Hi Kamil,
>>
>> On 09/03/2017 01:33 PM, Kamil Rytarowski wrote:
>>> SunOS declares struct queue in .
>>
>> I didn't check what is this define for, but I'd rather add in
>> include/sysemu/os-posix.h:
>>
>> #ifdef queue
>> #undef queue
>> #endif
>>
>> If no QEMU code rely on this netinet queue.
>>
> 
> It's not a define, but a struct.
> 
> I have made a mistake. The struct queue is located in ,
> which is included from .
> 
> sys/stream.h:typedef struct queue {
> 
>>>
>>> This fixes build on SmartOS (Joyent).
>>>
>>> Patch cherry-picked from pkgsrc by jperkin (Joyent).
>>>
>>> Signed-off-by: Kamil Rytarowski 
>>> ---
>>>   memory.c | 22 +++---
>>>   1 file changed, 11 insertions(+), 11 deletions(-)
>>>
>>> diff --git a/memory.c b/memory.c
>>> index c0adc35410..b9920a6540 100644
>>> --- a/memory.c
>>> +++ b/memory.c
>>> @@ -2701,10 +2701,10 @@ typedef struct MemoryRegionList MemoryRegionList;
>>> struct MemoryRegionList {
>>>   const MemoryRegion *mr;
>>> -QTAILQ_ENTRY(MemoryRegionList) queue;
>>> +QTAILQ_ENTRY(MemoryRegionList) mrqueue;
>>>   };
>>>   -typedef QTAILQ_HEAD(queue, MemoryRegionList) MemoryRegionListHead;
>>> +typedef QTAILQ_HEAD(mrqueue, MemoryRegionList) MemoryRegionListHead;
>>> #define MR_SIZE(size) (int128_nz(size) ? (hwaddr)int128_get64( \
>>>  int128_sub((size), int128_one())) : 0)
>>> @@ -2746,7 +2746,7 @@ static void mtree_print_mr(fprintf_function
>>> mon_printf, void *f,
>>>   bool found = false;
>>> /* check if the alias is already in the queue */
>>> -QTAILQ_FOREACH(ml, alias_print_queue, queue) {
>>> +QTAILQ_FOREACH(ml, alias_print_queue, mrqueue) {
>>>   if (ml->mr == mr->alias) {
>>>   found = true;
>>>   }
>>> @@ -2755,7 +2755,7 @@ static void mtree_print_mr(fprintf_function
>>> mon_printf, void *f,
>>>   if (!found) {
>>>   ml = g_new(MemoryRegionList, 1);
>>>   ml->mr = mr->alias;
>>> -QTAILQ_INSERT_TAIL(alias_print_queue, ml, queue);
>>> +QTAILQ_INSERT_TAIL(alias_print_queue, ml, mrqueue);
>>>   }
>>>   mon_printf(f, TARGET_FMT_plx "-" TARGET_FMT_plx
>>>  " (prio %d, %s): alias %s @%s " TARGET_FMT_plx
>>> @@ -2783,26 +2783,26 @@ static void mtree_print_mr(fprintf_function
>>> mon_printf, void *f,
>>>   QTAILQ_FOREACH(submr, &mr->subregions, subregions_link) {
>>>   new_ml = g_new(MemoryRegionList, 1);
>>>   new_ml->mr = submr;
>>> -QTAILQ_FOREACH(ml, &submr_print_queue, queue) {
>>> +QTAILQ_FOREACH(ml, &submr_print_queue, mrqueue) {
>>>   if (new_ml->mr->addr < ml->mr->addr ||
>>>   (new_ml->mr->addr == ml->mr->addr &&
>>>new_ml->mr->priority > ml->mr->priority)) {
>>> -QTAILQ_INSERT_BEFORE(ml, new_ml, queue);
>>> +QTAILQ_INSERT_BEFORE(ml, new_ml, mrqueue);
>>>   new_ml = NULL;
>>>   break;
>>>   }
>>>   }
>>>   if (new_ml) {
>>> -QTAILQ_INSERT_TAIL(&submr_print_queue, new_ml, queue);
>>> +QTAILQ_INSERT_TAIL(&submr_print_queue, new_ml, mrqueue);
>>>   }
>>>   }
>>>   -QTAILQ_FOREACH(ml, &submr_print_queue, queue) {
>>> +QTAILQ_FOREACH(ml, &submr_print_queue, mrqueue) {
>>>   mtree_print_mr(mon_printf, f, ml->mr, level + 1, cur_start,
>>>  alias_print_queue);
>>>   }
>>>   -QTAILQ_FOREACH_SAFE(ml, &submr_print_queue, queue, next_ml) {
>>> +QTAILQ_FOREACH_SAFE(ml, &submr_print_queue, mrqueue, next_ml) {
>>>   g_free(ml);
>>>   }
>>>   }
>>> @@ -2872,13 +2872,13 @@ void mtree_info(fprintf_function mon_printf,
>>> void *f, bool flatview)
>>>   }
>>> /* print aliased regions */
>>> -QTAILQ_FOREACH(ml, &ml_head, queue) {
>>> +QTAILQ_FOREACH(ml, &ml_head, mrqueue) {
>>>   mon_printf(f, "memory-region: %s\n",
>>> memory_region_name(ml->mr));
>>>   mtree_print_mr(mon_printf, f, ml->mr, 1, 0, &ml_head);
>>>   mon_printf(f, "\n");
>>>   }
>>>   -QTAILQ_FOREACH_SAFE(ml, &ml_head, queue, ml2) {
>>> +QTAILQ_FOREACH_SAFE(ml, &ml_head, mrqueue, ml2) {
>>>   g_free(ml);
>>>   }
>>>   }
>>>
> 
> 




signature.asc
Description: OpenPGP digital signature

Re: [Qemu-devel] [PATCH] memory: Rename queue to mrqueue (memory region queue)

[Kamil Rytarowski]

On 04.09.2017 02:39, Philippe Mathieu-Daudé wrote:
> Hi Kamil,
> 
> On 09/03/2017 01:33 PM, Kamil Rytarowski wrote:
>> SunOS declares struct queue in .
> 
> I didn't check what is this define for, but I'd rather add in
> include/sysemu/os-posix.h:
> 
> #ifdef queue
> #undef queue
> #endif
> 
> If no QEMU code rely on this netinet queue.
> 

It's not a define, but a struct.

I have made a mistake. The struct queue is located in ,
which is included from .

sys/stream.h:typedef struct queue {

>>
>> This fixes build on SmartOS (Joyent).
>>
>> Patch cherry-picked from pkgsrc by jperkin (Joyent).
>>
>> Signed-off-by: Kamil Rytarowski 
>> ---
>>   memory.c | 22 +++---
>>   1 file changed, 11 insertions(+), 11 deletions(-)
>>
>> diff --git a/memory.c b/memory.c
>> index c0adc35410..b9920a6540 100644
>> --- a/memory.c
>> +++ b/memory.c
>> @@ -2701,10 +2701,10 @@ typedef struct MemoryRegionList MemoryRegionList;
>> struct MemoryRegionList {
>>   const MemoryRegion *mr;
>> -QTAILQ_ENTRY(MemoryRegionList) queue;
>> +QTAILQ_ENTRY(MemoryRegionList) mrqueue;
>>   };
>>   -typedef QTAILQ_HEAD(queue, MemoryRegionList) MemoryRegionListHead;
>> +typedef QTAILQ_HEAD(mrqueue, MemoryRegionList) MemoryRegionListHead;
>> #define MR_SIZE(size) (int128_nz(size) ? (hwaddr)int128_get64( \
>>  int128_sub((size), int128_one())) : 0)
>> @@ -2746,7 +2746,7 @@ static void mtree_print_mr(fprintf_function
>> mon_printf, void *f,
>>   bool found = false;
>> /* check if the alias is already in the queue */
>> -QTAILQ_FOREACH(ml, alias_print_queue, queue) {
>> +QTAILQ_FOREACH(ml, alias_print_queue, mrqueue) {
>>   if (ml->mr == mr->alias) {
>>   found = true;
>>   }
>> @@ -2755,7 +2755,7 @@ static void mtree_print_mr(fprintf_function
>> mon_printf, void *f,
>>   if (!found) {
>>   ml = g_new(MemoryRegionList, 1);
>>   ml->mr = mr->alias;
>> -QTAILQ_INSERT_TAIL(alias_print_queue, ml, queue);
>> +QTAILQ_INSERT_TAIL(alias_print_queue, ml, mrqueue);
>>   }
>>   mon_printf(f, TARGET_FMT_plx "-" TARGET_FMT_plx
>>  " (prio %d, %s): alias %s @%s " TARGET_FMT_plx
>> @@ -2783,26 +2783,26 @@ static void mtree_print_mr(fprintf_function
>> mon_printf, void *f,
>>   QTAILQ_FOREACH(submr, &mr->subregions, subregions_link) {
>>   new_ml = g_new(MemoryRegionList, 1);
>>   new_ml->mr = submr;
>> -QTAILQ_FOREACH(ml, &submr_print_queue, queue) {
>> +QTAILQ_FOREACH(ml, &submr_print_queue, mrqueue) {
>>   if (new_ml->mr->addr < ml->mr->addr ||
>>   (new_ml->mr->addr == ml->mr->addr &&
>>new_ml->mr->priority > ml->mr->priority)) {
>> -QTAILQ_INSERT_BEFORE(ml, new_ml, queue);
>> +QTAILQ_INSERT_BEFORE(ml, new_ml, mrqueue);
>>   new_ml = NULL;
>>   break;
>>   }
>>   }
>>   if (new_ml) {
>> -QTAILQ_INSERT_TAIL(&submr_print_queue, new_ml, queue);
>> +QTAILQ_INSERT_TAIL(&submr_print_queue, new_ml, mrqueue);
>>   }
>>   }
>>   -QTAILQ_FOREACH(ml, &submr_print_queue, queue) {
>> +QTAILQ_FOREACH(ml, &submr_print_queue, mrqueue) {
>>   mtree_print_mr(mon_printf, f, ml->mr, level + 1, cur_start,
>>  alias_print_queue);
>>   }
>>   -QTAILQ_FOREACH_SAFE(ml, &submr_print_queue, queue, next_ml) {
>> +QTAILQ_FOREACH_SAFE(ml, &submr_print_queue, mrqueue, next_ml) {
>>   g_free(ml);
>>   }
>>   }
>> @@ -2872,13 +2872,13 @@ void mtree_info(fprintf_function mon_printf,
>> void *f, bool flatview)
>>   }
>> /* print aliased regions */
>> -QTAILQ_FOREACH(ml, &ml_head, queue) {
>> +QTAILQ_FOREACH(ml, &ml_head, mrqueue) {
>>   mon_printf(f, "memory-region: %s\n",
>> memory_region_name(ml->mr));
>>   mtree_print_mr(mon_printf, f, ml->mr, 1, 0, &ml_head);
>>   mon_printf(f, "\n");
>>   }
>>   -QTAILQ_FOREACH_SAFE(ml, &ml_head, queue, ml2) {
>> +QTAILQ_FOREACH_SAFE(ml, &ml_head, mrqueue, ml2) {
>>   g_free(ml);
>>   }
>>   }
>>




signature.asc
Description: OpenPGP digital signature

Re: [Qemu-devel] [PATCH] e1000: Rename the SEC symbol to SEQEC

[Kamil Rytarowski]

Please put it on a pull-request queue. I don't maintain one myself.

On 04.09.2017 09:29, Dmitry Fleytman wrote:
> Reviewed-by: Dmitry Fleytman 
> 
>> On 4 Sep 2017, at 10:23 AM, Fam Zheng  wrote:
>>
>> On Sun, 09/03 18:37, Kamil Rytarowski wrote:
>>> SunOS defines SEC in  as 1 (commonly used time symbols).
>>>
>>> This fixes build on SmartOS (Joyent).
>>>
>>> Patch cherry-picked from pkgsrc by jperkin (Joyent).
>>>
>>> Signed-off-by: Kamil Rytarowski 
>>
>> Cc Jason Wang (net maintainer).
>>
>> Fam
> 



signature.asc
Description: OpenPGP digital signature

Re: [Qemu-devel] [PATCH] tests: Do not include lutil on SunOS

[Kamil Rytarowski]

On 04.09.2017 11:32, Peter Maydell wrote:
> On 3 September 2017 at 17:49, Kamil Rytarowski  wrote:
>> This fixes build on SmartOS (Joyent).
>>
>> Patch cherry-picked from pkgsrc by jperkin (Joyent).
>>
>> Signed-off-by: Kamil Rytarowski 
>> ---
>>  tests/Makefile.include | 2 ++
>>  1 file changed, 2 insertions(+)
>>
>> diff --git a/tests/Makefile.include b/tests/Makefile.include
>> index f08b7418f0..0e5e6cb9b8 100644
>> --- a/tests/Makefile.include
>> +++ b/tests/Makefile.include
>> @@ -810,8 +810,10 @@ tests/migration/initrd-stress.img: 
>> tests/migration/stress$(EXESUF)
>> rmdir $(INITRD_WORK_DIR)
>>
>>  ifeq ($(CONFIG_POSIX),y)
>> +ifneq ($(CONFIG_SOLARIS),y)
>>  LIBS += -lutil
>>  endif
>> +endif
> 
> I don't object to this patch in principle, but I don't think
> this is the best way to fix the underlying problem.
> 
> My assumption is that the issue is that Solaris doesn't
> have a -lutil (it's helpful to quote the linker or
> compiler error message for this kind of patch to clarify
> what the failure is that we're trying to fix).
> 

There is no libutil on SmartOS.

I cannot provide any information about the proprietary Solaris here and
in next questions.

> It looks like we use libutil here for openpty, which
> is used in the test-char test. But the condition we're
> using in tests/Makefile.include isn't the same as the
> one we used to decide whether to add -lutil to the
> emulator binary link line, which is in configure:
> 
> if test "$darwin" != "yes" -a "$mingw32" != "yes" -a "$solaris" != yes -a \
> "$aix" != "yes" -a "$haiku" != "yes" ; then
> libs_softmmu="-lutil $libs_softmmu"
> fi
> 
> So I think I'd prefer it if we have:
>  * a configure test for "is openpty() in libutil"
>  * use that to determine whether to add -lutil to
>libs_softmmu and to the libs for tests, rather than
>doing OS-specific tests
> 

This looks cleaner. I will go for it.

> Q: does Solaris still not have an openpty() implementation?
> Currently we have a local implementation in util/qemu-openpty.c,
> but if that workaround is only needed in old Solaris we don't
> support any more we could perhaps drop it.
> 

SmartOS does not have openpty(). I don't see it either in the mainstream
Illumos-gate repository.

According to pkgsrc, openpty() is in libutil (-lutil) on all BSDs and
Darwin.

> thanks
> -- PMM
> 




signature.asc
Description: OpenPGP digital signature

Re: [Qemu-devel] [Qemu-ppc] [PATCH 1/1] ppc: spapr: Move VCPU ID calculation into sPAPR

[Sam Bobroff]

On Mon, Sep 04, 2017 at 12:18:57PM +0200, Greg Kurz wrote:
> On Thu, 31 Aug 2017 16:38:46 +1000
> Sam Bobroff  wrote:
> 
> > Move the calculation of a CPU's VCPU ID out of the generic PPC code
> > (ppc_cpu_realizefn()) and into sPAPR specific code
> > (spapr_cpu_core_realize()) where it belongs.
> > 
> > Unfortunately, due to the way things are ordered, we still need to
> > default the VCPU ID in ppc_cpu_realizfn() but at least doing that
> > doesn't require any interaction with sPAPR.
> > 
> > Signed-off-by: Sam Bobroff 
> > ---
> > This is follow up work arising from my work to clean up the way CPU VCPU 
> > IDs are
> > handled on PowerPC. It had looked like it would be difficult to move the 
> > actual
> > VCPU ID calculation out of generic code but it turned out to be OK.
> > 
> > It's based on dgibson/ppc-for-2.11.
> > 
> > Cheers,
> > Sam.
> > 
> >  hw/ppc/spapr_cpu_core.c | 11 +++
> >  target/ppc/translate_init.c | 18 +++---
> >  2 files changed, 14 insertions(+), 15 deletions(-)
> > 
> > diff --git a/hw/ppc/spapr_cpu_core.c b/hw/ppc/spapr_cpu_core.c
> > index 5e319d9bbb..84dcc6e264 100644
> > --- a/hw/ppc/spapr_cpu_core.c
> > +++ b/hw/ppc/spapr_cpu_core.c
> > @@ -211,6 +211,7 @@ error:
> >  
> >  static void spapr_cpu_core_realize(DeviceState *dev, Error **errp)
> >  {
> > +sPAPRMachineState *spapr = SPAPR_MACHINE(qdev_get_machine());
> >  sPAPRCPUCore *sc = SPAPR_CPU_CORE(OBJECT(dev));
> >  sPAPRCPUCoreClass *scc = SPAPR_CPU_CORE_GET_CLASS(OBJECT(dev));
> >  CPUCore *cc = CPU_CORE(OBJECT(dev));
> > @@ -237,6 +238,16 @@ static void spapr_cpu_core_realize(DeviceState *dev, 
> > Error **errp)
> >  cs = CPU(obj);
> >  cpu = POWERPC_CPU(cs);
> >  cs->cpu_index = cc->core_id + i;
> > +cpu->vcpu_id = (cc->core_id * spapr->vsmt / smp_threads) + i;
> 
> According to what we currently have in the generic code, this should be:
> 
> ((cc->core_id + i) / smp_threads) * spapr->vsmt + ((cc->core_id + i) % 
> smp_threads)
> 
> but since cc->core_id is a multiple of smp_threads and i < cc->nr_threads <= 
> smp_threads,
> then we can indeed simplify the computation as you did. :)
> 
> \o/
> 
> Reviewed-by: Greg Kurz 

Thanks for the review, and the nice simplification was David's idea :-)

> > +if (kvm_enabled() && !kvm_vcpu_id_is_valid(cpu->vcpu_id)) {
> > +error_setg(&local_err, "Can't create CPU with id %d in KVM",
> > +   cpu->vcpu_id);
> > +error_append_hint(&local_err, "Adjust the number of cpus to %d 
> > "
> > +  "or try to raise the number of threads per 
> > core\n",
> > +  cpu->vcpu_id * smp_threads / spapr->vsmt);
> > +goto err;
> > +}
> > +
> >  
> >  /* Set NUMA node for the threads belonged to core  */
> >  cpu->node_id = sc->node_id;
> > diff --git a/target/ppc/translate_init.c b/target/ppc/translate_init.c
> > index 7f6a349e43..1f7286c893 100644
> > --- a/target/ppc/translate_init.c
> > +++ b/target/ppc/translate_init.c
> > @@ -9903,28 +9903,15 @@ static void ppc_cpu_realizefn(DeviceState *dev, 
> > Error **errp)
> >  PowerPCCPU *cpu = POWERPC_CPU(dev);
> >  PowerPCCPUClass *pcc = POWERPC_CPU_GET_CLASS(cpu);
> >  Error *local_err = NULL;
> > -#if !defined(CONFIG_USER_ONLY)
> > -int max_smt = kvmppc_smt_threads();
> > -#endif
> >  
> >  cpu_exec_realizefn(cs, &local_err);
> >  if (local_err != NULL) {
> >  error_propagate(errp, local_err);
> >  return;
> >  }
> > -
> > -#if !defined(CONFIG_USER_ONLY)
> > -cpu->vcpu_id = (cs->cpu_index / smp_threads) * max_smt
> > -+ (cs->cpu_index % smp_threads);
> > -
> > -if (kvm_enabled() && !kvm_vcpu_id_is_valid(cpu->vcpu_id)) {
> > -error_setg(errp, "Can't create CPU with id %d in KVM", 
> > cpu->vcpu_id);
> > -error_append_hint(errp, "Adjust the number of cpus to %d "
> > -  "or try to raise the number of threads per 
> > core\n",
> > -  cpu->vcpu_id * smp_threads / max_smt);
> > -goto unrealize;
> > +if (cpu->vcpu_id == UNASSIGNED_CPU_INDEX) {
> > +cpu->vcpu_id = cs->cpu_index;
> >  }
> > -#endif
> >  
> >  if (tcg_enabled()) {
> >  if (ppc_fixup_cpu(cpu) != 0) {
> > @@ -10625,6 +10612,7 @@ static void ppc_cpu_initfn(Object *obj)
> >  CPUPPCState *env = &cpu->env;
> >  
> >  cs->env_ptr = env;
> > +cpu->vcpu_id = UNASSIGNED_CPU_INDEX;
> >  
> >  env->msr_mask = pcc->msr_mask;
> >  env->mmu_model = pcc->mmu_model;
> 

Re: [Qemu-devel] [PATCH v2] usb-mtp: Add fallback definition of NAME_MAX

[Kamil Rytarowski]

On 04.09.2017 19:50, Peter Maydell wrote:
> On 4 September 2017 at 18:25, Kamil Rytarowski  wrote:
>> This fixes build on SmartOS (Joyent).
>>
>> Patch cherry-picked from pkgsrc by jperkin (Joyent).
>>
>> Signed-off-by: Kamil Rytarowski 
>> Reviewed-by: Philippe Mathieu-Daudé 
>> ---
>>  include/qemu/osdep.h | 5 +
>>  1 file changed, 5 insertions(+)
>>
>> diff --git a/include/qemu/osdep.h b/include/qemu/osdep.h
>> index 6855b94bbf..5d3860f80e 100644
>> --- a/include/qemu/osdep.h
>> +++ b/include/qemu/osdep.h
>> @@ -306,6 +306,11 @@ void qemu_anon_ram_free(void *ptr, size_t size);
>>  #endif
>>  #endif
>>
>> +/* Required by SmartOS (SunOS) */
>> +#ifndef NAME_MAX
>> +#define NAME_MAX 255
>> +#endif
> 
> So in hw/usb/dev-mtp.c we're using NAME_MAX in
> char buf[sizeof(struct inotify_event) + NAME_MAX + 1];
> 
> because the Linux implementation of inotify documents in inotify(7)
> that this is guaranteed to be sufficient to read at least one event:
>   http://man7.org/linux/man-pages/man7/inotify.7.html
> Looking at the SmartOS manpage
>   https://smartos.org/man/5/inotify
> there doesn't seem to be any equivalent language.
> 
> What is the SmartOS requirement on the buffer size to be
> guaranteed to read at least one complete event ?
> Defining NAME_MAX to 255 seems like it shuts up the compiler
> error but does it give us the correct behaviour?
> 
According to my understanding SmartOS has the same logic. It tries to
read at least one element, and NAME_MAX guarantees that it will be
available.

https://github.com/joyent/illumos-joyent/blob/master/usr/src/uts/common/io/inotify.c#L1193

I've gathered some overall details about the patches.

1. The inotify linux-compat interface is only SmartOS specific, it
hasn't been upstreamed so far to other Illumos distributions.

2. Upstream Illumos implemented NAME_MAX
https://github.com/illumos/illumos-gate/commit/9c0752ac0dc05794d2f8a8b4521d55e2b3f63247

It's not available in SmartOS.

3. Proprietary Solaris is out of scope of this work.

Looking at their userland we can assume no qemu support:

https://github.com/oracle/solaris-userland

https://github.com/oracle/solaris-userland/commit/9c78c7b45a5d3dbd64afb455d278d2ca277e2b95#diff-94df904ebca88ee0ff038eaedb063ad6R61

++if platform.system() == 'SunOS':
++# No QEMU support on Solaris now.
++qemu_img = False

We can stop pretending to support it now.

4. SmartOS forked qemu for its hypervisor part and uses qemu-kvm with
the Linux kvm interface (yes, there is Linux kernel kvm port to SmartOS)
- upstreaming the hypervisor's fork is out of scope.

https://github.com/joyent/illumos-kvm-cmd

5. SmartOS ships with virtual machine guests, they host pkgsrc and qemu
from pkgsrc.

6. Jonathan mentioned that preparing a SmartOS tutorial and image will
be tricky, as SmartOS is a hypervisor. I will focus on upstreaming
SmartOS-guest support for qemu, where there is pkgsrc. There is an
option to prepare another Illumos distribution tutorial and testbot,
hopefully it will be fully compatible with SmartOS patches.

> thanks
> -- PMM
> 




signature.asc
Description: OpenPGP digital signature

[Qemu-devel] [PATCH 4/4] ppc: kvm: update HPT pointer in KVM PR after migration

[Greg Kurz]

When running with KVM PR, a pseries machine needs to allocate an HPT in
userspace and pass its address to KVM. This is done by hijacking the SDR1
slot.

It is very likely that the destination QEMU will allocate the HPT at
a different address, ie, the SDR1 value we get from the migration
stream is wrong and the guest ends up badly broken.

Let's fix this by re-computing the appropriate value for SDR1 and pushing
it to KVM at CPU post load. This is achieved by extending the PPC virtual
hypervisor interface.

Signed-off-by: Greg Kurz 
---
 hw/ppc/spapr.c   |6 ++
 target/ppc/cpu.h |1 +
 target/ppc/machine.c |7 +++
 3 files changed, 14 insertions(+)

diff --git a/hw/ppc/spapr.c b/hw/ppc/spapr.c
index bf24c26b756d..11c65563bb6e 100644
--- a/hw/ppc/spapr.c
+++ b/hw/ppc/spapr.c
@@ -1299,6 +1299,11 @@ target_ulong spapr_get_hpt_pointer(sPAPRMachineState 
*spapr)
 return (target_ulong)(uintptr_t)spapr->htab | (spapr->htab_shift - 18);
 }
 
+static target_ulong get_spapr_hpt_pointer(PPCVirtualHypervisor *vhyp)
+{
+return spapr_get_hpt_pointer(SPAPR_MACHINE(vhyp));
+}
+
 int spapr_hpt_shift_for_ramsize(uint64_t ramsize)
 {
 int shift;
@@ -3613,6 +3618,7 @@ static void spapr_machine_class_init(ObjectClass *oc, 
void *data)
 vhc->unmap_hptes = spapr_unmap_hptes;
 vhc->store_hpte = spapr_store_hpte;
 vhc->get_patbe = spapr_get_patbe;
+vhc->get_hpt_pointer = get_spapr_hpt_pointer;
 xic->ics_get = spapr_ics_get;
 xic->ics_resend = spapr_ics_resend;
 xic->icp_get = spapr_icp_get;
diff --git a/target/ppc/cpu.h b/target/ppc/cpu.h
index c9d3ffa89bcb..bb1d61c9358c 100644
--- a/target/ppc/cpu.h
+++ b/target/ppc/cpu.h
@@ -1243,6 +1243,7 @@ struct PPCVirtualHypervisorClass {
 void (*store_hpte)(PPCVirtualHypervisor *vhyp, hwaddr ptex,
uint64_t pte0, uint64_t pte1);
 uint64_t (*get_patbe)(PPCVirtualHypervisor *vhyp);
+target_ulong (*get_hpt_pointer)(PPCVirtualHypervisor *vhyp);
 };
 
 #define TYPE_PPC_VIRTUAL_HYPERVISOR "ppc-virtual-hypervisor"
diff --git a/target/ppc/machine.c b/target/ppc/machine.c
index e36b7100cb66..6ec4b3214a2d 100644
--- a/target/ppc/machine.c
+++ b/target/ppc/machine.c
@@ -294,6 +294,13 @@ static int cpu_post_load(void *opaque, int version_id)
 
 if (!cpu->vhyp) {
 ppc_store_sdr1(env, env->spr[SPR_SDR1]);
+} else if (kvm_enabled()) {
+PPCVirtualHypervisorClass *vhc =
+PPC_VIRTUAL_HYPERVISOR_GET_CLASS(cpu->vhyp);
+target_ulong sdr1 = vhc->get_hpt_pointer(cpu->vhyp);
+if (sdr1) {
+kvmppc_update_sdr1(cpu, sdr1);
+}
 }
 
 /* Invalidate all msr bits except MSR_TGPR/MSR_HVB before restoring */

[Qemu-devel] [PATCH 1/4] spapr: only update SDR1 once per-cpu during CAS

[Greg Kurz]

Commit b55d295e3ec9 added the possibility to support HPT resizing with KVM.
In the case of PR, we need to pass the userspace address of the HPT to KVM
using the SDR1 slot.
This is handled by kvmppc_update_sdr1() which uses CPU_FOREACH() to update
all CPUs. It is hence not needed to call kvmppc_update_sdr1() for each CPU.

Signed-off-by: Greg Kurz 
---
 hw/ppc/spapr_hcall.c |   14 +-
 1 file changed, 5 insertions(+), 9 deletions(-)

diff --git a/hw/ppc/spapr_hcall.c b/hw/ppc/spapr_hcall.c
index 8b3c0e17e75c..6ab8c188f381 100644
--- a/hw/ppc/spapr_hcall.c
+++ b/hw/ppc/spapr_hcall.c
@@ -1559,20 +1559,16 @@ static target_ulong 
h_client_architecture_support(PowerPCCPU *cpu,
 }
 
 if (spapr->htab_shift < maxshift) {
-CPUState *cs;
-
 /* Guest doesn't know about HPT resizing, so we
  * pre-emptively resize for the maximum permitted RAM.  At
  * the point this is called, nothing should have been
  * entered into the existing HPT */
 spapr_reallocate_hpt(spapr, maxshift, &error_fatal);
-CPU_FOREACH(cs) {
-if (kvm_enabled()) {
-/* For KVM PR, update the HPT pointer */
-target_ulong sdr1 = (target_ulong)(uintptr_t)spapr->htab
-| (spapr->htab_shift - 18);
-kvmppc_update_sdr1(sdr1);
-}
+if (kvm_enabled()) {
+/* For KVM PR, update the HPT pointer */
+target_ulong sdr1 = (target_ulong)(uintptr_t)spapr->htab
+| (spapr->htab_shift - 18);
+kvmppc_update_sdr1(sdr1);
 }
 }
 }

[Qemu-devel] [PATCH 3/4] ppc: kvm: introduce a helper to update SDR1 for a single CPU

[Greg Kurz]

When running with KVM PR, we hijack the SDR1 slot to pass the address of
the HPT allocated by QEMU to KVM.  On pseries virtual machines, we have to
do this when the guest calls the KVMPPC_H_CAS or the H_RESIZE_HPT_COMMIT
hypercalls. This is currently handled by kvmppc_update_sdr1() which updates
SDR1 for all CPUs. But we also need to update SDR1 at machine reset, and
this is currently open-coded in spapr_cpu_reset() on a per-CPU basis.

This patch renames kvmppc_update_sdr1() to kvmppc_update_sdr1_all() and
reuses the kvmppc_update_sdr1() function name to update a single CPU,
like we already do with in the CPU compat mode code.

It finally converts the sPAPR code to use the all CPUs or single CPU helpers
where appropriate.

Signed-off-by: Greg Kurz 
---
 hw/ppc/spapr_cpu_core.c |6 +-
 hw/ppc/spapr_hcall.c|4 ++--
 target/ppc/kvm.c|   12 
 target/ppc/kvm_ppc.h|3 ++-
 4 files changed, 13 insertions(+), 12 deletions(-)

diff --git a/hw/ppc/spapr_cpu_core.c b/hw/ppc/spapr_cpu_core.c
index 581eb4d92de9..da81688b0f4d 100644
--- a/hw/ppc/spapr_cpu_core.c
+++ b/hw/ppc/spapr_cpu_core.c
@@ -95,11 +95,7 @@ static void spapr_cpu_reset(void *opaque)
 if (kvm_enabled()) {
 target_ulong sdr1 = spapr_get_hpt_pointer(spapr);
 if (sdr1) {
-env->spr[SPR_SDR1] = sdr1;
-if (kvmppc_put_books_sregs(cpu) < 0) {
-error_report("Unable to update SDR1 in KVM");
-exit(1);
-}
+kvmppc_update_sdr1(cpu, sdr1);
 }
 }
 }
diff --git a/hw/ppc/spapr_hcall.c b/hw/ppc/spapr_hcall.c
index 06059b44ab40..e090b69efe7f 100644
--- a/hw/ppc/spapr_hcall.c
+++ b/hw/ppc/spapr_hcall.c
@@ -737,7 +737,7 @@ static target_ulong h_resize_hpt_commit(PowerPCCPU *cpu,
 /* For KVM PR, update the HPT pointer */
 target_ulong sdr1 = spapr_get_hpt_pointer(spapr);
 if (sdr1) {
-kvmppc_update_sdr1(sdr1);
+kvmppc_update_sdr1_all(sdr1);
 }
 }
 
@@ -1569,7 +1569,7 @@ static target_ulong 
h_client_architecture_support(PowerPCCPU *cpu,
 /* For KVM PR, update the HPT pointer */
 target_ulong sdr1 = spapr_get_hpt_pointer(spapr);
 if (sdr1) {
-kvmppc_update_sdr1(sdr1);
+kvmppc_update_sdr1_all(sdr1);
 }
 }
 }
diff --git a/target/ppc/kvm.c b/target/ppc/kvm.c
index 6442dfcb95b3..e69366968f15 100644
--- a/target/ppc/kvm.c
+++ b/target/ppc/kvm.c
@@ -2806,10 +2806,9 @@ int kvmppc_resize_hpt_commit(PowerPCCPU *cpu, 
target_ulong flags, int shift)
 return kvm_vm_ioctl(cs->kvm_state, KVM_PPC_RESIZE_HPT_COMMIT, &rhpt);
 }
 
-static void kvmppc_pivot_hpt_cpu(CPUState *cs, run_on_cpu_data arg)
+void kvmppc_update_sdr1(PowerPCCPU *cpu, target_ulong sdr1)
 {
-target_ulong sdr1 = arg.target_ptr;
-PowerPCCPU *cpu = POWERPC_CPU(cs);
+CPUState *cs = CPU(cpu);
 CPUPPCState *env = &cpu->env;
 
 /* This is just for the benefit of PR KVM */
@@ -2821,7 +2820,12 @@ static void kvmppc_pivot_hpt_cpu(CPUState *cs, 
run_on_cpu_data arg)
 }
 }
 
-void kvmppc_update_sdr1(target_ulong sdr1)
+static void kvmppc_pivot_hpt_cpu(CPUState *cs, run_on_cpu_data arg)
+{
+kvmppc_update_sdr1(POWERPC_CPU(cs), arg.target_ptr);
+}
+
+void kvmppc_update_sdr1_all(target_ulong sdr1)
 {
 CPUState *cs;
 
diff --git a/target/ppc/kvm_ppc.h b/target/ppc/kvm_ppc.h
index f780e6ec7b72..9524a7a0c21c 100644
--- a/target/ppc/kvm_ppc.h
+++ b/target/ppc/kvm_ppc.h
@@ -68,7 +68,8 @@ PowerPCCPUClass *kvm_ppc_get_host_cpu_class(void);
 void kvmppc_check_papr_resize_hpt(Error **errp);
 int kvmppc_resize_hpt_prepare(PowerPCCPU *cpu, target_ulong flags, int shift);
 int kvmppc_resize_hpt_commit(PowerPCCPU *cpu, target_ulong flags, int shift);
-void kvmppc_update_sdr1(target_ulong sdr1);
+void kvmppc_update_sdr1(PowerPCCPU *cpu, target_ulong sdr1);
+void kvmppc_update_sdr1_all(target_ulong sdr1);
 bool kvmppc_pvr_workaround_required(PowerPCCPU *cpu);
 
 bool kvmppc_is_mem_backend_page_size_ok(const char *obj_path);

[Qemu-devel] [PATCH 2/4] spapr: introduce a helper to compute the address of the HPT

[Greg Kurz]

The formula used to compute the address of the HPT allocated by QEMU is
open-coded in several places. This patch moves the magic to a dedicated
helper. While here, we also patch the callers to only pass the address
to KVM if we indeed have a userland HPT (ie, KVM PR).

Signed-off-by: Greg Kurz 
---
 hw/ppc/spapr.c  |9 +
 hw/ppc/spapr_cpu_core.c |   12 +++-
 hw/ppc/spapr_hcall.c|   14 --
 include/hw/ppc/spapr.h  |1 +
 4 files changed, 25 insertions(+), 11 deletions(-)

diff --git a/hw/ppc/spapr.c b/hw/ppc/spapr.c
index caffa1276328..bf24c26b756d 100644
--- a/hw/ppc/spapr.c
+++ b/hw/ppc/spapr.c
@@ -1290,6 +1290,15 @@ static void spapr_store_hpte(PPCVirtualHypervisor *vhyp, 
hwaddr ptex,
 }
 }
 
+target_ulong spapr_get_hpt_pointer(sPAPRMachineState *spapr)
+{
+if (!spapr->htab) {
+return 0;
+}
+
+return (target_ulong)(uintptr_t)spapr->htab | (spapr->htab_shift - 18);
+}
+
 int spapr_hpt_shift_for_ramsize(uint64_t ramsize)
 {
 int shift;
diff --git a/hw/ppc/spapr_cpu_core.c b/hw/ppc/spapr_cpu_core.c
index 85037ef71e27..581eb4d92de9 100644
--- a/hw/ppc/spapr_cpu_core.c
+++ b/hw/ppc/spapr_cpu_core.c
@@ -93,11 +93,13 @@ static void spapr_cpu_reset(void *opaque)
  * HPT
  */
 if (kvm_enabled()) {
-env->spr[SPR_SDR1] = (target_ulong)(uintptr_t)spapr->htab
-| (spapr->htab_shift - 18);
-if (kvmppc_put_books_sregs(cpu) < 0) {
-error_report("Unable to update SDR1 in KVM");
-exit(1);
+target_ulong sdr1 = spapr_get_hpt_pointer(spapr);
+if (sdr1) {
+env->spr[SPR_SDR1] = sdr1;
+if (kvmppc_put_books_sregs(cpu) < 0) {
+error_report("Unable to update SDR1 in KVM");
+exit(1);
+}
 }
 }
 }
diff --git a/hw/ppc/spapr_hcall.c b/hw/ppc/spapr_hcall.c
index 6ab8c188f381..06059b44ab40 100644
--- a/hw/ppc/spapr_hcall.c
+++ b/hw/ppc/spapr_hcall.c
@@ -735,9 +735,10 @@ static target_ulong h_resize_hpt_commit(PowerPCCPU *cpu,
 
 if (kvm_enabled()) {
 /* For KVM PR, update the HPT pointer */
-target_ulong sdr1 = (target_ulong)(uintptr_t)spapr->htab
-| (spapr->htab_shift - 18);
-kvmppc_update_sdr1(sdr1);
+target_ulong sdr1 = spapr_get_hpt_pointer(spapr);
+if (sdr1) {
+kvmppc_update_sdr1(sdr1);
+}
 }
 
 pending->hpt = NULL; /* so it's not free()d */
@@ -1566,9 +1567,10 @@ static target_ulong 
h_client_architecture_support(PowerPCCPU *cpu,
 spapr_reallocate_hpt(spapr, maxshift, &error_fatal);
 if (kvm_enabled()) {
 /* For KVM PR, update the HPT pointer */
-target_ulong sdr1 = (target_ulong)(uintptr_t)spapr->htab
-| (spapr->htab_shift - 18);
-kvmppc_update_sdr1(sdr1);
+target_ulong sdr1 = spapr_get_hpt_pointer(spapr);
+if (sdr1) {
+kvmppc_update_sdr1(sdr1);
+}
 }
 }
 }
diff --git a/include/hw/ppc/spapr.h b/include/hw/ppc/spapr.h
index c1b365f56431..a1f5edc15018 100644
--- a/include/hw/ppc/spapr.h
+++ b/include/hw/ppc/spapr.h
@@ -709,4 +709,5 @@ void spapr_do_system_reset_on_cpu(CPUState *cs, 
run_on_cpu_data arg);
 int spapr_vcpu_id(PowerPCCPU *cpu);
 PowerPCCPU *spapr_find_cpu(int vcpu_id);
 
+target_ulong spapr_get_hpt_pointer(sPAPRMachineState *spapr);
 #endif /* HW_SPAPR_H */

[Qemu-devel] [PATCH 0/4] ppc: fix migration with KVM PR (nested)

[Greg Kurz]

A guest running with KVM PR ends up irresponsive after migration most of the
time. This happens because the HPT allocated by QEMU is likely to have a
different address on the destination than it had on the source, but we push
the source address to KVM.

This series does a little cleanup and fixes the issue. I could successfully
test it with a nested setup (KVM PR running in KVM HV).

However, this isn't enough to fix migration when using KVM PR on baremetal...
CPUs seem to end up looping on H_CEDE in the guest. I can't figure out what's
happening... Any suggestion would be appreciated.

Cheers,

--
Greg

---

Greg Kurz (4):
  spapr: only update SDR1 once per-cpu during CAS
  spapr: introduce a helper to compute the address of the HPT
  ppc: kvm: introduce a helper to update SDR1 for a single CPU
  ppc: kvm: update HPT pointer in KVM PR after migration


 hw/ppc/spapr.c  |   15 +++
 hw/ppc/spapr_cpu_core.c |8 +++-
 hw/ppc/spapr_hcall.c|   20 +---
 include/hw/ppc/spapr.h  |1 +
 target/ppc/cpu.h|1 +
 target/ppc/kvm.c|   12 
 target/ppc/kvm_ppc.h|3 ++-
 target/ppc/machine.c|7 +++
 8 files changed, 46 insertions(+), 21 deletions(-)

Re: [Qemu-devel] [PATCH v4] target/m68k: Switch fpu_rom from make_floatx80() to make_floatx80_init()

[Laurent Vivier]

Le 04/09/2017 à 23:23, Kamil Rytarowski a écrit :
> GCC 4.7.2 on SunOS reports that the values assigned to array members are not
> real constants:
> 
> target/m68k/fpu_helper.c:32:5: error: initializer element is not constant
> target/m68k/fpu_helper.c:32:5: error: (near initialization for 'fpu_rom[0]')
> rules.mak:66: recipe for target 'target/m68k/fpu_helper.o' failed
> 
> Convert the array to make_floatx80_init() to fix it.
> Replace floatx80_pi-like constants with make_floatx80_init() as they are
> defined as make_floatx80().
> 
> This fixes build on SmartOS (Joyent).
> 
> Signed-off-by: Kamil Rytarowski 
> Reviewed-by: Philippe Mathieu-Daudé 
> ---
>  target/m68k/fpu_helper.c | 44 ++--
>  1 file changed, 22 insertions(+), 22 deletions(-)
> 

Applied to my branch m68k-for-2.11

Thanks,
Laurent

Re: [Qemu-devel] [PATCH v3] target/m68k: Switch fpu_rom from make_floatx80() to make_floatx80_init()

[Kamil Rytarowski]

On 04.09.2017 21:02, Laurent Vivier wrote:
> 
> I don't want to be picky, but you should use "ULL" instead of "LL" for
> the new values.
> 

I was wondering why the integer is shorter.. should be fixed in v4.




signature.asc
Description: OpenPGP digital signature

[Qemu-devel] [PATCH v4] target/m68k: Switch fpu_rom from make_floatx80() to make_floatx80_init()

[Kamil Rytarowski]

GCC 4.7.2 on SunOS reports that the values assigned to array members are not
real constants:

target/m68k/fpu_helper.c:32:5: error: initializer element is not constant
target/m68k/fpu_helper.c:32:5: error: (near initialization for 'fpu_rom[0]')
rules.mak:66: recipe for target 'target/m68k/fpu_helper.o' failed

Convert the array to make_floatx80_init() to fix it.
Replace floatx80_pi-like constants with make_floatx80_init() as they are
defined as make_floatx80().

This fixes build on SmartOS (Joyent).

Signed-off-by: Kamil Rytarowski 
Reviewed-by: Philippe Mathieu-Daudé 
---
 target/m68k/fpu_helper.c | 44 ++--
 1 file changed, 22 insertions(+), 22 deletions(-)

diff --git a/target/m68k/fpu_helper.c b/target/m68k/fpu_helper.c
index bdfc537c68..665e7609af 100644
--- a/target/m68k/fpu_helper.c
+++ b/target/m68k/fpu_helper.c
@@ -29,28 +29,28 @@
  */
 
 static const floatx80 fpu_rom[128] = {
-[0x00] = floatx80_pi,   /* Pi */
-[0x0b] = make_floatx80(0x3ffd, 0x9a209a84fbcff798ULL),  /* Log10(2) */
-[0x0c] = make_floatx80(0x4000, 0xadf85458a2bb4a9aULL),  /* e*/
-[0x0d] = make_floatx80(0x3fff, 0xb8aa3b295c17f0bcULL),  /* Log2(e)  */
-[0x0e] = make_floatx80(0x3ffd, 0xde5bd8a937287195ULL),  /* Log10(e) */
-[0x0f] = floatx80_zero, /* Zero */
-[0x30] = floatx80_ln2,  /* ln(2)*/
-[0x31] = make_floatx80(0x4000, 0x935d8dddaaa8ac17ULL),  /* ln(10)   */
-[0x32] = floatx80_one,  /* 10^0 */
-[0x33] = make_floatx80(0x4002, 0xa000ULL),  /* 10^1 */
-[0x34] = make_floatx80(0x4005, 0xc800ULL),  /* 10^2 */
-[0x35] = make_floatx80(0x400c, 0x9c40ULL),  /* 10^4 */
-[0x36] = make_floatx80(0x4019, 0xbebc2000ULL),  /* 10^8 */
-[0x37] = make_floatx80(0x4034, 0x8e1bc9bf0400ULL),  /* 10^16*/
-[0x38] = make_floatx80(0x4069, 0x9dc5ada82b70b59eULL),  /* 10^32*/
-[0x39] = make_floatx80(0x40d3, 0xc2781f49ffcfa6d5ULL),  /* 10^64*/
-[0x3a] = make_floatx80(0x41a8, 0x93ba47c980e98ce0ULL),  /* 10^128   */
-[0x3b] = make_floatx80(0x4351, 0xaa7eebfb9df9de8eULL),  /* 10^256   */
-[0x3c] = make_floatx80(0x46a3, 0xe319a0aea60e91c7ULL),  /* 10^512   */
-[0x3d] = make_floatx80(0x4d48, 0xc976758681750c17ULL),  /* 10^1024  */
-[0x3e] = make_floatx80(0x5a92, 0x9e8b3b5dc53d5de5ULL),  /* 10^2048  */
-[0x3f] = make_floatx80(0x7525, 0xc46052028a20979bULL),  /* 10^4096  */
+[0x00] = make_floatx80_init(0x4000, 0xc90fdaa22168c235ULL),  /* Pi   */
+[0x0b] = make_floatx80_init(0x3ffd, 0x9a209a84fbcff798ULL),  /* Log10(2) */
+[0x0c] = make_floatx80_init(0x4000, 0xadf85458a2bb4a9aULL),  /* e*/
+[0x0d] = make_floatx80_init(0x3fff, 0xb8aa3b295c17f0bcULL),  /* Log2(e)  */
+[0x0e] = make_floatx80_init(0x3ffd, 0xde5bd8a937287195ULL),  /* Log10(e) */
+[0x0f] = make_floatx80_init(0x, 0xULL),  /* Zero */
+[0x30] = make_floatx80_init(0x3ffe, 0xb17217f7d1cf79acULL),  /* ln(2)*/
+[0x31] = make_floatx80_init(0x4000, 0x935d8dddaaa8ac17ULL),  /* ln(10)   */
+[0x32] = make_floatx80_init(0x3fff, 0x8000ULL),  /* 10^0 */
+[0x33] = make_floatx80_init(0x4002, 0xa000ULL),  /* 10^1 */
+[0x34] = make_floatx80_init(0x4005, 0xc800ULL),  /* 10^2 */
+[0x35] = make_floatx80_init(0x400c, 0x9c40ULL),  /* 10^4 */
+[0x36] = make_floatx80_init(0x4019, 0xbebc2000ULL),  /* 10^8 */
+[0x37] = make_floatx80_init(0x4034, 0x8e1bc9bf0400ULL),  /* 10^16*/
+[0x38] = make_floatx80_init(0x4069, 0x9dc5ada82b70b59eULL),  /* 10^32*/
+[0x39] = make_floatx80_init(0x40d3, 0xc2781f49ffcfa6d5ULL),  /* 10^64*/
+[0x3a] = make_floatx80_init(0x41a8, 0x93ba47c980e98ce0ULL),  /* 10^128   */
+[0x3b] = make_floatx80_init(0x4351, 0xaa7eebfb9df9de8eULL),  /* 10^256   */
+[0x3c] = make_floatx80_init(0x46a3, 0xe319a0aea60e91c7ULL),  /* 10^512   */
+[0x3d] = make_floatx80_init(0x4d48, 0xc976758681750c17ULL),  /* 10^1024  */
+[0x3e] = make_floatx80_init(0x5a92, 0x9e8b3b5dc53d5de5ULL),  /* 10^2048  */
+[0x3f] = make_floatx80_init(0x7525, 0xc46052028a20979bULL),  /* 10^4096  */
 };
 
 int32_t HELPER(reds32)(CPUM68KState *env, FPReg *val)
-- 
2.14.1

Re: [Qemu-devel] [PATCH] configure: Drop AIX host support

[Kamil Rytarowski]

On 04.09.2017 19:19, Peter Maydell wrote:
> Nobody has mentioned AIX host support on the mailing list for years,
> and we have no test systems for it so it is most likely broken.
> We've advertised in configure for two releases now that we plan
> to drop support for this host OS, and have had no complaints.
> Drop the AIX host support code.
> 

There is AIX support in pkgsrc, but the activity is minimal. It
certainly does not pass perl and the amount of buildable packages is tiny.

> We can also drop the now-unused AIX version of sys_cache_info().
> 
> Note that the _CALL_AIX define used in the PPC tcg backend is
> also used for Linux PPC64, and so that code should not be removed.
> 
> Signed-off-by: Peter Maydell 
> ---
>  configure| 13 +
>  util/cacheinfo.c | 11 +--
>  2 files changed, 2 insertions(+), 22 deletions(-)
> 
> diff --git a/configure b/configure
> index fb7e34a..931b3ba 100755
> --- a/configure
> +++ b/configure
> @@ -350,7 +350,6 @@ cocoa="no"
>  softmmu="yes"
>  linux_user="no"
>  bsd_user="no"
> -aix="no"
>  blobs="yes"
>  pkgversion=""
>  pie=""
> @@ -554,8 +553,6 @@ elif check_define __NetBSD__; then
>targetos='NetBSD'
>  elif check_define __APPLE__; then
>targetos='Darwin'
> -elif check_define _AIX; then
> -  targetos='AIX'
>  else
># This is a fatal error, but don't report it yet, because we
># might be going to just print the --help text, or it might
> @@ -767,10 +764,6 @@ SunOS)
>LIBS="$solarisnetlibs $LIBS"
>libs_qga="$solarisnetlibs $libs_qga"
>  ;;
> -AIX)
> -  aix="yes"
> -  make="${MAKE-gmake}"
> -;;
>  Haiku)
>haiku="yes"
>QEMU_CFLAGS="-DB_USE_POSITIVE_POSIX_ERRORS $QEMU_CFLAGS"
> @@ -4214,7 +4207,7 @@ elif compile_prog "" "$pthread_lib -lrt" ; then
>  fi
>  
>  if test "$darwin" != "yes" -a "$mingw32" != "yes" -a "$solaris" != yes -a \
> -"$aix" != "yes" -a "$haiku" != "yes" ; then
> +"$haiku" != "yes" ; then
>  libs_softmmu="-lutil $libs_softmmu"
>  fi
>  
> @@ -5523,10 +5516,6 @@ if test "$darwin" = "yes" ; then
>echo "CONFIG_DARWIN=y" >> $config_host_mak
>  fi
>  
> -if test "$aix" = "yes" ; then
> -  echo "CONFIG_AIX=y" >> $config_host_mak
> -fi
> -
>  if test "$solaris" = "yes" ; then
>echo "CONFIG_SOLARIS=y" >> $config_host_mak
>  fi
> diff --git a/util/cacheinfo.c b/util/cacheinfo.c
> index 593940f..db5172d 100644
> --- a/util/cacheinfo.c
> +++ b/util/cacheinfo.c
> @@ -15,16 +15,7 @@ int qemu_dcache_linesize = 0;
>   * Operating system specific detection mechanisms.
>   */
>  
> -#if defined(_AIX)
> -# include 
> -
> -static void sys_cache_info(int *isize, int *dsize)
> -{
> -*isize = _system_configuration.icache_line;
> -*dsize = _system_configuration.dcache_line;
> -}
> -
> -#elif defined(_WIN32)
> +#if defined(_WIN32)
>  
>  static void sys_cache_info(int *isize, int *dsize)
>  {
> 




signature.asc
Description: OpenPGP digital signature

Re: [Qemu-devel] qdev_get_machine() can return something non-NULL but not TYPE_MACHINE

[Igor Mammedov]

On Mon, 4 Sep 2017 17:36:59 +0100
Peter Maydell  wrote:

> I just got bitten by qdev_get_machine()'s behaviour on the user-only
> emulators, where it can return something that isn't NULL and isn't
> an instance of TYPE_MACHINE either.
user-only shouldn't get to qdev_get_machine() at all,
issue probably in container_get().
I'd try to fix wrong user if possible and maybe add ifdef build failure
to qdev_get_machine() so it would not build in user mode.
 
> It looks like maybe this can happen in some cases in softmmu too,
> judging by the way that qdev_get_hotplug_handler() does an
> object_dynamic_cast() check that it really got back a TYPE_MACHINE.
As I recall only bus or machine provide hotplug_handler currently,
but it's possible to extend to other objects if we find use-case.

We could do static cast to machine instead dynamic there but
in hotplug case it will abort QEMU if error happens,
hence dynamic check to avoid be more resilient during hotplug.
(well, if qdev_get_machine() returns not machine during startup
we would be screwed anyways, but that should break much earlier)

> Is this intentional? Does anything rely on qdev_get_machine()
> returning something odd like this?
> 
> In the code I have which ran into this I can just make it do an
> object_dynamic_cast() check like the hotplug_handler code does,
> but if the current implementation is intentional we should
> probably document that this is what you're supposed to do.
> 
> thanks
> -- PMM

Re: [Qemu-devel] [PATCH] .dir-locals.el: Explicitly set indentation level

[Thiago Jung Bauermann]

Thiago Jung Bauermann  writes:

> At least in some configurations, setting c-file-style is not enough to
> conform to the QEMU coding style, so explicitly set c-basic-offset as well.
>
> Signed-off-by: Thiago Jung Bauermann 
> ---
>
> My emacs was using indentation level of 8 spaces and this patch convinced
> it to use the correct value.
>
> I set c-basic-offset set to tab-width in my ~/.spacemacs which perhaps
> isn't the wisest thing to do, but since there's a .dir-locals.el we can
> make the editor always do the right thing.
>
>  .dir-locals.el | 3 ++-
>  1 file changed, 2 insertions(+), 1 deletion(-)
>
> diff --git a/.dir-locals.el b/.dir-locals.el
> index 3ac0cfc6f0d6..8e47418c5996 100644
> --- a/.dir-locals.el
> +++ b/.dir-locals.el
> @@ -1,2 +1,3 @@
>  ((c-mode . ((c-file-style . "stroustrup")
> - (indent-tabs-mode . nil
> + (indent-tabs-mode . nil)
> + (c-basic-offset . 4

Ping?

-- 
Thiago Jung Bauermann
IBM Linux Technology Center

Re: [Qemu-devel] [PATCH 3/6] cpu: rename cpu_parse_features() to cpu_parse_cpu_model()

[Igor Mammedov]

On Mon, 4 Sep 2017 12:03:09 -0300
Philippe Mathieu-Daudé  wrote:

> Hi Igor,
> 
> On 09/04/2017 11:00 AM, Igor Mammedov wrote:
> > function not just parses features but also converts CPU model
> > name to CPU type, rename it to reflect what it actualy does.
> 
> Why not squash this with your 1st patch "split cpu_generic_init()"?
there I went with current/exiting way to call that part of code,
and here I'm renaming it to show what it does exactly.

But I don't have any preference here, so I can squash this patch
into 1/6 on respin, if you prefer.

> 
> > 
> > Signed-off-by: Igor Mammedov 
> > ---
> >   include/qom/cpu.h | 4 ++--
> >   qom/cpu.c | 4 ++--
> >   2 files changed, 4 insertions(+), 4 deletions(-)
> > 
> > diff --git a/include/qom/cpu.h b/include/qom/cpu.h
> > index 392ae75..a718daf 100644
> > --- a/include/qom/cpu.h
> > +++ b/include/qom/cpu.h
> > @@ -643,7 +643,7 @@ ObjectClass *cpu_class_by_name(const char *typename, 
> > const char *cpu_model);
> >   CPUState *cpu_create(const char *typename);
> >   
> >   /**
> > - * cpu_parse_features:
> > + * cpu_parse_cpu_model:
> >* @typename: The CPU base type or CPU type.
> >* @cpu_model: The model string including optional parameters.
> >*
> > @@ -652,7 +652,7 @@ CPUState *cpu_create(const char *typename);
> >* Returns: type of CPU to create or prints error and terminates process
> >*  if an error occurred.
> >*/
> > -const char *cpu_parse_features(const char *typename, const char 
> > *cpu_model);
> > +const char *cpu_parse_cpu_model(const char *typename, const char 
> > *cpu_model);
> >   
> >   /**
> >* cpu_generic_init:
> > diff --git a/qom/cpu.c b/qom/cpu.c
> > index 307d638..199ad57 100644
> > --- a/qom/cpu.c
> > +++ b/qom/cpu.c
> > @@ -66,7 +66,7 @@ CPUState *cpu_create(const char *typename)
> >   return cpu;
> >   }
> >   
> > -const char *cpu_parse_features(const char *typename, const char *cpu_model)
> > +const char *cpu_parse_cpu_model(const char *typename, const char 
> > *cpu_model)
> >   {
> >   ObjectClass *oc;
> >   CPUClass *cc;
> > @@ -99,7 +99,7 @@ CPUState *cpu_generic_init(const char *typename, const 
> > char *cpu_model)
> >   /* TODO: all callers of cpu_generic_init() need to be converted to
> >* call cpu_parse_features() only once, before calling 
> > cpu_generic_init().
> >*/
> > -const char *cpu_type = cpu_parse_features(typename, cpu_model);
> > +const char *cpu_type = cpu_parse_cpu_model(typename, cpu_model);
> >   
> >   assert(cpu_type);
> >   return cpu_create(cpu_type);
> > 

Re: [Qemu-devel] [PATCH v3] target/m68k: Switch fpu_rom from make_floatx80() to make_floatx80_init()

[Laurent Vivier]

Le 04/09/2017 à 19:32, Kamil Rytarowski a écrit :
> GCC 4.7.2 on SunOS reports that the values assigned to array members are not
> real constants:
> 
> target/m68k/fpu_helper.c:32:5: error: initializer element is not constant
> target/m68k/fpu_helper.c:32:5: error: (near initialization for 'fpu_rom[0]')
> rules.mak:66: recipe for target 'target/m68k/fpu_helper.o' failed
> 
> Convert the array to make_floatx80_init() to fix it.
> Replace floatx80_pi-like constants with make_floatx80_init() as they are
> defined as make_floatx80().
> 
> This fixes build on SmartOS (Joyent).
> 
> Signed-off-by: Kamil Rytarowski 
> Reviewed-by: Philippe Mathieu-Daudé 
> ---
>  target/m68k/fpu_helper.c | 44 ++--
>  1 file changed, 22 insertions(+), 22 deletions(-)
> 
> diff --git a/target/m68k/fpu_helper.c b/target/m68k/fpu_helper.c
> index bdfc537c68..b3d50d1e01 100644
> --- a/target/m68k/fpu_helper.c
> +++ b/target/m68k/fpu_helper.c
> @@ -29,28 +29,28 @@
>   */
>  
>  static const floatx80 fpu_rom[128] = {
> -[0x00] = floatx80_pi,   /* Pi */
> -[0x0b] = make_floatx80(0x3ffd, 0x9a209a84fbcff798ULL),  /* Log10(2) */
> -[0x0c] = make_floatx80(0x4000, 0xadf85458a2bb4a9aULL),  /* e*/
> -[0x0d] = make_floatx80(0x3fff, 0xb8aa3b295c17f0bcULL),  /* Log2(e)  */
> -[0x0e] = make_floatx80(0x3ffd, 0xde5bd8a937287195ULL),  /* Log10(e) */
> -[0x0f] = floatx80_zero, /* Zero */
> -[0x30] = floatx80_ln2,  /* ln(2)*/
> -[0x31] = make_floatx80(0x4000, 0x935d8dddaaa8ac17ULL),  /* ln(10)   */
> -[0x32] = floatx80_one,  /* 10^0 */
> -[0x33] = make_floatx80(0x4002, 0xa000ULL),  /* 10^1 */
> -[0x34] = make_floatx80(0x4005, 0xc800ULL),  /* 10^2 */
> -[0x35] = make_floatx80(0x400c, 0x9c40ULL),  /* 10^4 */
> -[0x36] = make_floatx80(0x4019, 0xbebc2000ULL),  /* 10^8 */
> -[0x37] = make_floatx80(0x4034, 0x8e1bc9bf0400ULL),  /* 10^16*/
> -[0x38] = make_floatx80(0x4069, 0x9dc5ada82b70b59eULL),  /* 10^32*/
> -[0x39] = make_floatx80(0x40d3, 0xc2781f49ffcfa6d5ULL),  /* 10^64*/
> -[0x3a] = make_floatx80(0x41a8, 0x93ba47c980e98ce0ULL),  /* 10^128   */
> -[0x3b] = make_floatx80(0x4351, 0xaa7eebfb9df9de8eULL),  /* 10^256   */
> -[0x3c] = make_floatx80(0x46a3, 0xe319a0aea60e91c7ULL),  /* 10^512   */
> -[0x3d] = make_floatx80(0x4d48, 0xc976758681750c17ULL),  /* 10^1024  */
> -[0x3e] = make_floatx80(0x5a92, 0x9e8b3b5dc53d5de5ULL),  /* 10^2048  */
> -[0x3f] = make_floatx80(0x7525, 0xc46052028a20979bULL),  /* 10^4096  */
> +[0x00] = make_floatx80_init(0x4000, 0xc90fdaa22168c235LL),   /* Pi   
> */
> +[0x0b] = make_floatx80_init(0x3ffd, 0x9a209a84fbcff798ULL),  /* Log10(2) 
> */
> +[0x0c] = make_floatx80_init(0x4000, 0xadf85458a2bb4a9aULL),  /* e
> */
> +[0x0d] = make_floatx80_init(0x3fff, 0xb8aa3b295c17f0bcULL),  /* Log2(e)  
> */
> +[0x0e] = make_floatx80_init(0x3ffd, 0xde5bd8a937287195ULL),  /* Log10(e) 
> */
> +[0x0f] = make_floatx80_init(0x, 0xLL),   /* Zero 
> */
> +[0x30] = make_floatx80_init(0x3ffe, 0xb17217f7d1cf79acLL),   /* ln(2)
> */
> +[0x31] = make_floatx80_init(0x4000, 0x935d8dddaaa8ac17ULL),  /* ln(10)   
> */
> +[0x32] = make_floatx80_init(0x3fff, 0x8000LL),   /* 10^0 
> */
> +[0x33] = make_floatx80_init(0x4002, 0xa000ULL),  /* 10^1 
> */
> +[0x34] = make_floatx80_init(0x4005, 0xc800ULL),  /* 10^2 
> */
> +[0x35] = make_floatx80_init(0x400c, 0x9c40ULL),  /* 10^4 
> */
> +[0x36] = make_floatx80_init(0x4019, 0xbebc2000ULL),  /* 10^8 
> */
> +[0x37] = make_floatx80_init(0x4034, 0x8e1bc9bf0400ULL),  /* 10^16
> */
> +[0x38] = make_floatx80_init(0x4069, 0x9dc5ada82b70b59eULL),  /* 10^32
> */
> +[0x39] = make_floatx80_init(0x40d3, 0xc2781f49ffcfa6d5ULL),  /* 10^64
> */
> +[0x3a] = make_floatx80_init(0x41a8, 0x93ba47c980e98ce0ULL),  /* 10^128   
> */
> +[0x3b] = make_floatx80_init(0x4351, 0xaa7eebfb9df9de8eULL),  /* 10^256   
> */
> +[0x3c] = make_floatx80_init(0x46a3, 0xe319a0aea60e91c7ULL),  /* 10^512   
> */
> +[0x3d] = make_floatx80_init(0x4d48, 0xc976758681750c17ULL),  /* 10^1024  
> */
> +[0x3e] = make_floatx80_init(0x5a92, 0x9e8b3b5dc53d5de5ULL),  /* 10^2048  
> */
> +[0x3f] = make_floatx80_init(0x7525, 0xc46052028a20979bULL),  /* 10^4096  
> */
>  };
>  
>  int32_t HELPER(reds32)(CPUM68KState *env, FPReg *val)
> 

I don't want to be picky, but you should use "ULL" instead of "LL" for
the new values.

Thanks,
Laurent

Re: [Qemu-devel] [PATCH] configure: Drop AIX host support

[Laurent Vivier]

Le 04/09/2017 à 19:19, Peter Maydell a écrit :
> Nobody has mentioned AIX host support on the mailing list for years,
> and we have no test systems for it so it is most likely broken.
> We've advertised in configure for two releases now that we plan
> to drop support for this host OS, and have had no complaints.
> Drop the AIX host support code.
> 
> We can also drop the now-unused AIX version of sys_cache_info().
> 
> Note that the _CALL_AIX define used in the PPC tcg backend is
> also used for Linux PPC64, and so that code should not be removed.
> 
> Signed-off-by: Peter Maydell 

Reviewed-by: Laurent Vivier 

> ---
>  configure| 13 +
>  util/cacheinfo.c | 11 +--
>  2 files changed, 2 insertions(+), 22 deletions(-)
> 
> diff --git a/configure b/configure
> index fb7e34a..931b3ba 100755
> --- a/configure
> +++ b/configure
> @@ -350,7 +350,6 @@ cocoa="no"
>  softmmu="yes"
>  linux_user="no"
>  bsd_user="no"
> -aix="no"
>  blobs="yes"
>  pkgversion=""
>  pie=""
> @@ -554,8 +553,6 @@ elif check_define __NetBSD__; then
>targetos='NetBSD'
>  elif check_define __APPLE__; then
>targetos='Darwin'
> -elif check_define _AIX; then
> -  targetos='AIX'
>  else
># This is a fatal error, but don't report it yet, because we
># might be going to just print the --help text, or it might
> @@ -767,10 +764,6 @@ SunOS)
>LIBS="$solarisnetlibs $LIBS"
>libs_qga="$solarisnetlibs $libs_qga"
>  ;;
> -AIX)
> -  aix="yes"
> -  make="${MAKE-gmake}"
> -;;
>  Haiku)
>haiku="yes"
>QEMU_CFLAGS="-DB_USE_POSITIVE_POSIX_ERRORS $QEMU_CFLAGS"
> @@ -4214,7 +4207,7 @@ elif compile_prog "" "$pthread_lib -lrt" ; then
>  fi
>  
>  if test "$darwin" != "yes" -a "$mingw32" != "yes" -a "$solaris" != yes -a \
> -"$aix" != "yes" -a "$haiku" != "yes" ; then
> +"$haiku" != "yes" ; then
>  libs_softmmu="-lutil $libs_softmmu"
>  fi
>  
> @@ -5523,10 +5516,6 @@ if test "$darwin" = "yes" ; then
>echo "CONFIG_DARWIN=y" >> $config_host_mak
>  fi
>  
> -if test "$aix" = "yes" ; then
> -  echo "CONFIG_AIX=y" >> $config_host_mak
> -fi
> -
>  if test "$solaris" = "yes" ; then
>echo "CONFIG_SOLARIS=y" >> $config_host_mak
>  fi
> diff --git a/util/cacheinfo.c b/util/cacheinfo.c
> index 593940f..db5172d 100644
> --- a/util/cacheinfo.c
> +++ b/util/cacheinfo.c
> @@ -15,16 +15,7 @@ int qemu_dcache_linesize = 0;
>   * Operating system specific detection mechanisms.
>   */
>  
> -#if defined(_AIX)
> -# include 
> -
> -static void sys_cache_info(int *isize, int *dsize)
> -{
> -*isize = _system_configuration.icache_line;
> -*dsize = _system_configuration.dcache_line;
> -}
> -
> -#elif defined(_WIN32)
> +#if defined(_WIN32)
>  
>  static void sys_cache_info(int *isize, int *dsize)
>  {
> 

[Qemu-devel] [PATCH] i386: Use designated initializers on feat_names arrays

[Eduardo Habkost]

Using designated initializers for feat_names allows us to omit
NULL entries, and makes mistakes easier to spot (especially when
cherry-picking or merging commits).

Arrays that have very few entries were changed to have a
designator for every element.  Arrays that have almost every item
present were changed to have one designator every 4 entries.
Arrays that had only NULL entries had the initializers completely
removed.

Signed-off-by: Eduardo Habkost 
---
 target/i386/cpu.c | 215 ++
 1 file changed, 73 insertions(+), 142 deletions(-)

diff --git a/target/i386/cpu.c b/target/i386/cpu.c
index 69676e13e1..9da5915dde 100644
--- a/target/i386/cpu.c
+++ b/target/i386/cpu.c
@@ -268,28 +268,28 @@ typedef struct FeatureWordInfo {
 static FeatureWordInfo feature_word_info[FEATURE_WORDS] = {
 [FEAT_1_EDX] = {
 .feat_names = {
-"fpu", "vme", "de", "pse",
-"tsc", "msr", "pae", "mce",
-"cx8", "apic", NULL, "sep",
-"mtrr", "pge", "mca", "cmov",
-"pat", "pse36", "pn" /* Intel psn */, "clflush" /* Intel clfsh */,
-NULL, "ds" /* Intel dts */, "acpi", "mmx",
-"fxsr", "sse", "sse2", "ss",
-"ht" /* Intel htt */, "tm", "ia64", "pbe",
+[0] = "fpu", "vme", "de", "pse",
+[4] = "tsc", "msr", "pae", "mce",
+[8] = "cx8", "apic", NULL, "sep",
+[12] = "mtrr", "pge", "mca", "cmov",
+[16] = "pat", "pse36", "pn", "clflush",
+[20] = NULL, "ds" /* Intel dts */, "acpi", "mmx",
+[24] = "fxsr", "sse", "sse2", "ss",
+[28] = "ht", "tm", "ia64", "pbe",
 },
 .cpuid_eax = 1, .cpuid_reg = R_EDX,
 .tcg_features = TCG_FEATURES,
 },
 [FEAT_1_ECX] = {
 .feat_names = {
-"pni" /* Intel,AMD sse3 */, "pclmulqdq", "dtes64", "monitor",
-"ds-cpl", "vmx", "smx", "est",
-"tm2", "ssse3", "cid", NULL,
-"fma", "cx16", "xtpr", "pdcm",
-NULL, "pcid", "dca", "sse4.1",
-"sse4.2", "x2apic", "movbe", "popcnt",
-"tsc-deadline", "aes", "xsave", "osxsave",
-"avx", "f16c", "rdrand", "hypervisor",
+[0] = "pni" /* Intel,AMD sse3 */, "pclmulqdq", "dtes64", "monitor",
+[4] = "ds-cpl", "vmx", "smx", "est",
+[8] = "tm2", "ssse3", "cid", NULL,
+[12] = "fma", "cx16", "xtpr", "pdcm",
+[16] = NULL, "pcid", "dca", "sse4.1",
+[20] = "sse4.2", "x2apic", "movbe", "popcnt",
+[24] = "tsc-deadline", "aes", "xsave", "osxsave",
+[28] = "avx", "f16c", "rdrand", "hypervisor",
 },
 .cpuid_eax = 1, .cpuid_reg = R_ECX,
 .tcg_features = TCG_EXT_FEATURES,
@@ -301,131 +301,87 @@ static FeatureWordInfo feature_word_info[FEATURE_WORDS] 
= {
  */
 [FEAT_8000_0001_EDX] = {
 .feat_names = {
-NULL /* fpu */, NULL /* vme */, NULL /* de */, NULL /* pse */,
-NULL /* tsc */, NULL /* msr */, NULL /* pae */, NULL /* mce */,
-NULL /* cx8 */, NULL /* apic */, NULL, "syscall",
-NULL /* mtrr */, NULL /* pge */, NULL /* mca */, NULL /* cmov */,
-NULL /* pat */, NULL /* pse36 */, NULL, NULL /* Linux mp */,
-"nx", NULL, "mmxext", NULL /* mmx */,
-NULL /* fxsr */, "fxsr-opt", "pdpe1gb", "rdtscp",
-NULL, "lm", "3dnowext", "3dnow",
+[11] = "syscall",
+[20] = "nx",
+[22] = "mmxext",
+[25] = "fxsr-opt",
+[26] = "pdpe1gb",
+[27] = "rdtscp",
+[29] = "lm",
+[30] = "3dnowext",
+[31] = "3dnow",
 },
 .cpuid_eax = 0x8001, .cpuid_reg = R_EDX,
 .tcg_features = TCG_EXT2_FEATURES,
 },
 [FEAT_8000_0001_ECX] = {
 .feat_names = {
-"lahf-lm", "cmp-legacy", "svm", "extapic",
-"cr8legacy", "abm", "sse4a", "misalignsse",
-"3dnowprefetch", "osvw", "ibs", "xop",
-"skinit", "wdt", NULL, "lwp",
-"fma4", "tce", NULL, "nodeid-msr",
-NULL, "tbm", "topoext", "perfctr-core",
-"perfctr-nb", NULL, NULL, NULL,
-NULL, NULL, NULL, NULL,
+[0] = "lahf-lm", "cmp-legacy", "svm", "extapic",
+[4] = "cr8legacy", "abm", "sse4a", "misalignsse",
+[8] = "3dnowprefetch", "osvw", "ibs", "xop",
+[12] = "skinit", "wdt", NULL, "lwp",
+[16] = "fma4", "tce", NULL, "nodeid-msr",
+[20] = NULL, "tbm", "topoext", "perfctr-core",
+[24] = "perfctr-nb", NULL, NULL, NULL,
 },
 .cpuid_eax = 0x8001, .cpuid_reg = R_ECX,
 .tcg_features = TCG_EXT3_FEATURES,
 },
 [FEAT_C000_0001_EDX] = {
 .feat_names = {
-NULL, NULL, "xstore", "xstore-en",
-NULL, NULL, "xcrypt", "xcrypt-en",
-  

[Qemu-devel] [PATCH 1/1] net: Add SunGEM device emulation as found on Apple UniNorth

[Mark Cave-Ayland]

From: Benjamin Herrenschmidt 

This adds a simplistic emulation of the Sun GEM ethernet controller
found in Apple ASICs.

Currently we only support the Apple UniNorth 1.x variant, but the
other Apple or Sun variants should mostly be a matter of adding
PCI IDs options.

We have a very primitive emulation of a single Broadcom 5201 PHY
which is supported by the MacOS driver.

This model brings out-of-the-box networking to MacOS 9, and all
versions of OS X I tried with the mac99 platform.

Further improvements from Mark:
- Remove sungem.h file, moving constants into sungem.c as required
- Switch to using tracepoints for debugging
- Split register blocks into separate memory regions
- Use arrays in SunGEMState to hold register values
- Add state-saving support

Signed-off-by: Benjamin Herrenschmidt 
Signed-off-by: Mark Cave-Ayland 
---
 default-configs/ppc-softmmu.mak |1 +
 hw/net/Makefile.objs|1 +
 hw/net/sungem.c | 1447 +++
 hw/net/trace-events |   44 ++
 hw/pci/pci.c|2 +
 include/hw/pci/pci_ids.h|1 +
 6 files changed, 1496 insertions(+)
 create mode 100644 hw/net/sungem.c

diff --git a/default-configs/ppc-softmmu.mak b/default-configs/ppc-softmmu.mak
index 1f1cd85..c12ba9e 100644
--- a/default-configs/ppc-softmmu.mak
+++ b/default-configs/ppc-softmmu.mak
@@ -17,6 +17,7 @@ CONFIG_PREP_PCI=y
 CONFIG_I82378=y
 CONFIG_PC87312=y
 CONFIG_MACIO=y
+CONFIG_SUNGEM=y
 CONFIG_PCSPK=y
 CONFIG_CS4231A=y
 CONFIG_CUDA=y
diff --git a/hw/net/Makefile.objs b/hw/net/Makefile.objs
index 5ddaffe..7e87d01 100644
--- a/hw/net/Makefile.objs
+++ b/hw/net/Makefile.objs
@@ -27,6 +27,7 @@ common-obj-$(CONFIG_CADENCE) += cadence_gem.o
 common-obj-$(CONFIG_STELLARIS_ENET) += stellaris_enet.o
 common-obj-$(CONFIG_LANCE) += lance.o
 common-obj-$(CONFIG_FTGMAC100) += ftgmac100.o
+common-obj-$(CONFIG_SUNGEM) += sungem.o
 
 obj-$(CONFIG_ETRAXFS) += etraxfs_eth.o
 obj-$(CONFIG_COLDFIRE) += mcf_fec.o
diff --git a/hw/net/sungem.c b/hw/net/sungem.c
new file mode 100644
index 000..8c2ca4a
--- /dev/null
+++ b/hw/net/sungem.c
@@ -0,0 +1,1447 @@
+/*
+ * QEMU model of SUN GEM ethernet controller
+ *
+ * As found in Apple ASICs among others
+ *
+ * Copyright 2016 Ben Herrenschmidt
+ * Copyright 2017 Mark Cave-Ayland
+ */
+
+#include "qemu/osdep.h"
+#include "hw/pci/pci.h"
+#include "qemu/log.h"
+#include "net/net.h"
+#include "net/checksum.h"
+#include "hw/net/mii.h"
+#include "sysemu/sysemu.h"
+#include "trace.h"
+/* For crc32 */
+#include 
+
+#define TYPE_SUNGEM "sungem"
+
+#define SUNGEM(obj) OBJECT_CHECK(SunGEMState, (obj), TYPE_SUNGEM)
+
+#define MAX_PACKET_SIZE 9016
+
+#define SUNGEM_MMIO_SIZE0x20
+
+/* Global registers */
+#define SUNGEM_MMIO_GREG_SIZE   0x2000
+
+#define GREG_SEBSTATE 0xUL/* SEB State Register */
+
+#define GREG_STAT 0x000CUL/* Status Register */
+#define GREG_STAT_TXINTME 0x0001/* TX INTME frame transferred */
+#define GREG_STAT_TXALL   0x0002/* All TX frames transferred */
+#define GREG_STAT_TXDONE  0x0004/* One TX frame transferred */
+#define GREG_STAT_RXDONE  0x0010/* One RX frame arrived */
+#define GREG_STAT_RXNOBUF 0x0020/* No free RX buffers available */
+#define GREG_STAT_RXTAGERR0x0040/* RX tag framing is corrupt */
+#define GREG_STAT_TXMAC   0x4000/* TX MAC signalled interrupt */
+#define GREG_STAT_RXMAC   0x8000/* RX MAC signalled interrupt */
+#define GREG_STAT_MAC 0x0001/* MAC Control signalled irq */
+#define GREG_STAT_TXNR0xfff8/* == TXDMA_TXDONE reg val */
+#define GREG_STAT_TXNR_SHIFT  19
+
+/* These interrupts are edge latches in the status register,
+ * reading it (or writing the corresponding bit in IACK) will
+ * clear them
+ */
+#define GREG_STAT_LATCH   (GREG_STAT_TXALL  | GREG_STAT_TXINTME | \
+   GREG_STAT_RXDONE | GREG_STAT_RXDONE |  \
+   GREG_STAT_RXNOBUF | GREG_STAT_RXTAGERR)
+
+#define GREG_IMASK0x0010UL/* Interrupt Mask Register */
+#define GREG_IACK 0x0014UL/* Interrupt ACK Register */
+#define GREG_STAT20x001CUL/* Alias of GREG_STAT */
+#define GREG_PCIESTAT 0x1000UL/* PCI Error Status Register */
+#define GREG_PCIEMASK 0x1004UL/* PCI Error Mask Register */
+
+#define GREG_SWRST0x1010UL/* Software Reset Register */
+#define GREG_SWRST_TXRST  0x0001/* TX Software Reset */
+#define GREG_SWRST_RXRST  0x0002/* RX Software Reset */
+#define GREG_SWRST_RSTOUT 0x0004/* Force RST# pin active */
+
+/* TX DMA Registers */
+#define SUNGEM_MMIO_TXDMA_SIZE   0x1000
+
+#define TXDMA_KICK0xUL/* TX Kick Register */
+
+#define TXDMA_CFG 0x0004UL/* TX Configuration Register */
+#define TXDMA_CFG_ENABLE  0x0001/* Enable TX DMA channel

[Qemu-devel] [PATCH 0/1] net: Add SunGEM device emulation as found on Apple UniNorth

[Mark Cave-Ayland]

This is a reworking of Ben's original implementation of the SunGEM device
from last year: 
https://lists.gnu.org/archive/html/qemu-devel/2016-08/msg02571.html.

The reason for implenting this device is that it allows out-of-the-box
networking for most MacOS 9 and MacOS X OSs running under qemu-system-ppc 
without
having to obtain any external vendor drivers.

The main changes I've made to Ben's original patch are listed below:
- Remove sungem.h file, moving constants into sungem.c as required
- Switch to using tracepoints for debugging
- Split register blocks into separate memory regions
- Use arrays in SunGEMState to hold register values
- Add state-saving support

Signed-off-by: Mark Cave-Ayland 


Benjamin Herrenschmidt (1):
  net: Add SunGEM device emulation as found on Apple UniNorth

 default-configs/ppc-softmmu.mak |1 +
 hw/net/Makefile.objs|1 +
 hw/net/sungem.c | 1447 +++
 hw/net/trace-events |   44 ++
 hw/pci/pci.c|2 +
 include/hw/pci/pci_ids.h|1 +
 6 files changed, 1496 insertions(+)
 create mode 100644 hw/net/sungem.c

-- 
1.7.10.4

Re: [Qemu-devel] [PATCH] wm8750: add record buffer underrun check

[P J P]

+-- On Fri, 1 Sep 2017, Gerd Hoffmann wrote --+
| diff --git a/hw/audio/wm8750.c b/hw/audio/wm8750.c
| index f8b5bebfc2..d2bf2e1da1 100644
| --- a/hw/audio/wm8750.c
| +++ b/hw/audio/wm8750.c
| @@ -680,8 +680,12 @@ uint32_t wm8750_adc_dat(void *opaque)
|  WM8750State *s = (WM8750State *) opaque;
|  uint32_t *data;
|  
| -if (s->idx_in >= sizeof(s->data_in))
| +if (s->idx_in >= sizeof(s->data_in)) {
|  wm8750_in_load(s);
| +if (s->idx_in >= sizeof(s->data_in)) {
| +return 0x80008000; /* silence in AUD_FMT_S16 sample format */
| +}
| +}
|  
|  data = (uint32_t *) &s->data_in[s->idx_in];
|  s->req_in -= 4;

Ack, looks good. Thank you.
--
Prasad J Pandit / Red Hat Product Security Team
47AF CE69 3A90 54AA 9045 1053 DD13 3D32 FE5B 041F

Re: [Qemu-devel] [PATCH] configure: Drop AIX host support

[Peter Maydell]

On 4 September 2017 at 19:09, Thomas Huth  wrote:
> On 04.09.2017 19:19, Peter Maydell wrote:
>> Nobody has mentioned AIX host support on the mailing list for years,
>> and we have no test systems for it so it is most likely broken.
>> We've advertised in configure for two releases now that we plan
>> to drop support for this host OS, and have had no complaints.
>
> We just added this some weeks ago to our qemu-doc.texi:
>
> "Prior to the 2.10.0 release there was no official policy on how long
> features would be deprecated prior to their removal, nor any documented
> list of which features were deprecated. Thus any features deprecated
> prior to 2.10.0 will be treated as if they were first deprecated in the
> 2.10.0 release."

We pretty clearly say in the configure message
echo "The QEMU project intends to remove support for this host OS in"
echo "a future release if nobody volunteers to maintain it and to"
echo "provide a build host for our continuous integration setup."

and my intention when I wrote that was absolutely to dump old
OSes in a couple of releases... The amount of code removed here
isn't great so I guess waiting a little longer doesn't hurt,
but I feel like somebody's moved the goalposts in adding that
language and not listing the deprecated host OSes and CPUs
in the list of deprecated features in 2.10 :-(

thanks
-- PMM

Re: [Qemu-devel] [PATCH] configure: Drop AIX host support

[Thomas Huth]

On 04.09.2017 19:19, Peter Maydell wrote:
> Nobody has mentioned AIX host support on the mailing list for years,
> and we have no test systems for it so it is most likely broken.
> We've advertised in configure for two releases now that we plan
> to drop support for this host OS, and have had no complaints.

We just added this some weeks ago to our qemu-doc.texi:

"Prior to the 2.10.0 release there was no official policy on how long
features would be deprecated prior to their removal, nor any documented
list of which features were deprecated. Thus any features deprecated
prior to 2.10.0 will be treated as if they were first deprecated in the
2.10.0 release."

Should we maybe wait two more releases (for version 3.0 ;-)) 'till we
remove it?

Anyway, the patch looks fine to me, so:

Reviewed-by: Thomas Huth