Re: [Qemu-devel] [PATCH v2 for-4.1 0/2] Fix ohci_die() and move PCI code to separate file

[Thomas Huth]

On 26/04/2019 00.55, Philippe Mathieu-Daudé wrote:
> Hi Thomas,
> 
> On 4/19/19 9:56 AM, Thomas Huth wrote:
>> First patch fixes a problem with ohci_die(), second patch moves PCI code into
>> a separate file, so that the sysbus OHCI device can also be used without
>> the dependency on the PCI code.
>>
>> v2: Split the patch into two patches, one for the ohci_die() fix and one
>> for the PCI code movement.
> 
> Way cleaner. I wonder why you don't use a typedef for the void
> (*ohci_die_fn)(struct OHCIState *) prototype.

It does not work in that case:

typedef struct OHCIState {// <-- struct OHCIState definition
[...]
uint32_t async_td;
bool async_complete;

void (*ohci_die)(struct OHCIState *ohci); // <-- ohci_die definition
} OHCIState; // <-- typedef OHCIState definition

The typedef is defined after the ohci_die entry.

> Anyway to this series:
> Reviewed-by: Philippe Mathieu-Daudé 
> Tested-by: Philippe Mathieu-Daudé 

 Thanks!
  Thomas

Re: [Qemu-devel] [PATCH v2 2/5] linux-user: Add support for the SIOCSPGRP ioctl

[Max Filippov]

On Wed, Apr 24, 2019 at 5:58 AM Aleksandar Markovic
 wrote:
>
> From: Aleksandar Markovic 
>
> Add support for setting the process (or process group) to receive SIGIO
> or SIGURG signals when I/O becomes possible or urgent data is available,
> using SIOCSPGRP ioctl.
>
> The ioctl numeric values for SIOCSPGRP are platform-dependent and are
> determined by following files in Linux kernel source tree:
>
> arch/ia64/include/uapi/asm/sockios.h:#define SIOCSPGRP0x8902
> arch/mips/include/uapi/asm/sockios.h:#define SIOCSPGRP_IOW('s', 8, pid_t)
> arch/parisc/include/uapi/asm/sockios.h:#define SIOCSPGRP  0x8902
> arch/sh/include/uapi/asm/sockios.h:#define SIOCSPGRP  _IOW('s', 8, pid_t)
> arch/xtensa/include/uapi/asm/sockios.h:#define SIOCSPGRP  _IOW('s', 8, pid_t)
> arch/alpha/include/uapi/asm/sockios.h:#define SIOCSPGRP   _IOW('s', 8, pid_t)
> arch/sparc/include/uapi/asm/sockios.h:#define SIOCSPGRP   0x8902
> include/uapi/asm-generic/sockios.h:#define SIOCSPGRP  0x8902
>
> Hence the different definition for alpha, mips, sh4, and extensa.

Typo: xtensa.

> Signed-off-by: Aleksandar Markovic 
> ---
>  linux-user/ioctls.h   | 1 +
>  linux-user/syscall_defs.h | 3 +++
>  2 files changed, 4 insertions(+)

Reviewed-by: Max Filippov 

-- 
Thanks.
-- Max

Re: [Qemu-devel] [PATCH v2 1/5] linux-user: Fix support for the SIOCATMARK and SIOCGPGRP ioctls for eXtensa

[Max Filippov]

On Wed, Apr 24, 2019 at 5:57 AM Aleksandar Markovic
 wrote:
> From: Aleksandar Markovic 
>
> Fix support for the SIOCATMARK and SIOCGPGRP ioctls for eXtensa by

xtensa is the official name of this architecture, please fix the spelling
here...

> correcting corresponding macro definition.
>
> Values for TARGET_SIOCATMARK and TARGET_SIOCGPGRP are determined by
> Linux kernel. Following relevant lines are from kernel source tree:
>
> arch/ia64/include/uapi/asm/sockios.h:#define SIOCATMARK0x8905
> arch/mips/include/uapi/asm/sockios.h:#define SIOCATMARK_IOR('s', 7, int)
> arch/parisc/include/uapi/asm/sockios.h:#define SIOCATMARK  0x8905
> arch/sh/include/uapi/asm/sockios.h:#define SIOCATMARK  _IOR('s', 7, int)
> arch/xtensa/include/uapi/asm/sockios.h:#define SIOCATMARK  _IOR('s', 7, int)
> arch/alpha/include/uapi/asm/sockios.h:#define SIOCATMARK   _IOR('s', 7, int)
> arch/sparc/include/uapi/asm/sockios.h:#define SIOCATMARK   0x8905
> include/uapi/asm-generic/sockios.h:#define SIOCATMARK  0x8905
>
> arch/ia64/include/uapi/asm/sockios.h:#define SIOCGPGRP 0x8904
> arch/mips/include/uapi/asm/sockios.h:#define SIOCGPGRP _IOR('s', 9, pid_t)
> arch/parisc/include/uapi/asm/sockios.h:#define SIOCGPGRP   0x8904
> arch/sh/include/uapi/asm/sockios.h:#define SIOCGPGRP   _IOR('s', 9, pid_t)
> arch/xtensa/include/uapi/asm/sockios.h:#define SIOCGPGRP   _IOR('s', 9, pid_t)
> arch/alpha/include/uapi/asm/sockios.h:#define SIOCGPGRP_IOR('s', 9, pid_t)
> arch/sparc/include/uapi/asm/sockios.h:#define SIOCGPGRP0x8904
> include/uapi/asm-generic/sockios.h:#define SIOCGPGRP   0x8904
>
> It is visible that eXtensa should have the same definitions as

...here, and in the subject line.

> alpha, mips and sh4 already do. This patch brings that to the
> accurate state.
>
> Signed-off-by: Aleksandar Markovic 
> ---
>  linux-user/syscall_defs.h | 3 ++-
>  1 file changed, 2 insertions(+), 1 deletion(-)

Acked-by: Max Filippov 

-- 
Thanks.
-- Max

[Qemu-devel] [PATCH v7 6/6] xfs: disable map_sync for async flush

[Pankaj Gupta]

Dont support 'MAP_SYNC' with non-DAX files and DAX files
with asynchronous dax_device. Virtio pmem provides
asynchronous host page cache flush mechanism. We don't
support 'MAP_SYNC' with virtio pmem and xfs.

Signed-off-by: Pankaj Gupta 
---
 fs/xfs/xfs_file.c | 9 ++---
 1 file changed, 6 insertions(+), 3 deletions(-)

diff --git a/fs/xfs/xfs_file.c b/fs/xfs/xfs_file.c
index a7ceae90110e..f17652cca5ff 100644
--- a/fs/xfs/xfs_file.c
+++ b/fs/xfs/xfs_file.c
@@ -1203,11 +1203,14 @@ xfs_file_mmap(
struct file *filp,
struct vm_area_struct *vma)
 {
+   struct dax_device   *dax_dev;
+
+   dax_dev = xfs_find_daxdev_for_inode(file_inode(filp));
/*
-* We don't support synchronous mappings for non-DAX files. At least
-* until someone comes with a sensible use case.
+* We don't support synchronous mappings for non-DAX files and
+* for DAX files if underneath dax_device is not synchronous.
 */
-   if (!IS_DAX(file_inode(filp)) && (vma->vm_flags & VM_SYNC))
+   if (!daxdev_mapping_supported(vma, dax_dev))
return -EOPNOTSUPP;
 
file_accessed(filp);
-- 
2.20.1

[Qemu-devel] [PATCH v7 4/6] dax: check synchronous mapping is supported

[Pankaj Gupta]

This patch introduces 'daxdev_mapping_supported' helper
which checks if 'MAP_SYNC' is supported with filesystem
mapping. It also checks if corresponding dax_device is
synchronous. Virtio pmem device is asynchronous and
does not not support VM_SYNC. 

Suggested-by: Jan Kara 
Signed-off-by: Pankaj Gupta 
Reviewed-by: Jan Kara 
---
 include/linux/dax.h | 17 +
 1 file changed, 17 insertions(+)

diff --git a/include/linux/dax.h b/include/linux/dax.h
index c97fc0cc7167..41b4a5db6305 100644
--- a/include/linux/dax.h
+++ b/include/linux/dax.h
@@ -41,6 +41,18 @@ void kill_dax(struct dax_device *dax_dev);
 void dax_write_cache(struct dax_device *dax_dev, bool wc);
 bool dax_write_cache_enabled(struct dax_device *dax_dev);
 bool dax_synchronous(struct dax_device *dax_dev);
+/*
+ * Check if given mapping is supported by the file / underlying device.
+ */
+static inline bool daxdev_mapping_supported(struct vm_area_struct *vma,
+   struct dax_device *dax_dev)
+{
+   if (!(vma->vm_flags & VM_SYNC))
+   return true;
+   if (!IS_DAX(file_inode(vma->vm_file)))
+   return false;
+   return dax_synchronous(dax_dev);
+}
 #else
 static inline struct dax_device *dax_get_by_host(const char *host)
 {
@@ -68,6 +80,11 @@ static inline bool dax_write_cache_enabled(struct dax_device 
*dax_dev)
 {
return false;
 }
+static inline bool daxdev_mapping_supported(struct vm_area_struct *vma,
+   struct dax_device *dax_dev)
+{
+   return !(vma->flags & VM_SYNC);
+}
 #endif
 
 struct writeback_control;
-- 
2.20.1

[Qemu-devel] [PATCH v7 2/6] virtio-pmem: Add virtio pmem driver

[Pankaj Gupta]

This patch adds virtio-pmem driver for KVM guest.

Guest reads the persistent memory range information from
Qemu over VIRTIO and registers it on nvdimm_bus. It also
creates a nd_region object with the persistent memory
range information so that existing 'nvdimm/pmem' driver
can reserve this into system memory map. This way
'virtio-pmem' driver uses existing functionality of pmem
driver to register persistent memory compatible for DAX
capable filesystems.

This also provides function to perform guest flush over
VIRTIO from 'pmem' driver when userspace performs flush
on DAX memory range.

Signed-off-by: Pankaj Gupta 
---
 drivers/nvdimm/virtio_pmem.c | 114 +
 drivers/virtio/Kconfig   |  10 +++
 drivers/virtio/Makefile  |   1 +
 drivers/virtio/pmem.c| 118 +++
 include/linux/virtio_pmem.h  |  60 
 include/uapi/linux/virtio_ids.h  |   1 +
 include/uapi/linux/virtio_pmem.h |  10 +++
 7 files changed, 314 insertions(+)
 create mode 100644 drivers/nvdimm/virtio_pmem.c
 create mode 100644 drivers/virtio/pmem.c
 create mode 100644 include/linux/virtio_pmem.h
 create mode 100644 include/uapi/linux/virtio_pmem.h

diff --git a/drivers/nvdimm/virtio_pmem.c b/drivers/nvdimm/virtio_pmem.c
new file mode 100644
index ..66b582f751a3
--- /dev/null
+++ b/drivers/nvdimm/virtio_pmem.c
@@ -0,0 +1,114 @@
+// SPDX-License-Identifier: GPL-2.0
+/*
+ * virtio_pmem.c: Virtio pmem Driver
+ *
+ * Discovers persistent memory range information
+ * from host and provides a virtio based flushing
+ * interface.
+ */
+#include 
+#include "nd.h"
+
+ /* The interrupt handler */
+void host_ack(struct virtqueue *vq)
+{
+   unsigned int len;
+   unsigned long flags;
+   struct virtio_pmem_request *req, *req_buf;
+   struct virtio_pmem *vpmem = vq->vdev->priv;
+
+   spin_lock_irqsave(>pmem_lock, flags);
+   while ((req = virtqueue_get_buf(vq, )) != NULL) {
+   req->done = true;
+   wake_up(>host_acked);
+
+   if (!list_empty(>req_list)) {
+   req_buf = list_first_entry(>req_list,
+   struct virtio_pmem_request, list);
+   list_del(>req_list);
+   req_buf->wq_buf_avail = true;
+   wake_up(_buf->wq_buf);
+   }
+   }
+   spin_unlock_irqrestore(>pmem_lock, flags);
+}
+EXPORT_SYMBOL_GPL(host_ack);
+
+ /* The request submission function */
+int virtio_pmem_flush(struct nd_region *nd_region)
+{
+   int err;
+   unsigned long flags;
+   struct scatterlist *sgs[2], sg, ret;
+   struct virtio_device *vdev = nd_region->provider_data;
+   struct virtio_pmem *vpmem = vdev->priv;
+   struct virtio_pmem_request *req;
+
+   might_sleep();
+   req = kmalloc(sizeof(*req), GFP_KERNEL);
+   if (!req)
+   return -ENOMEM;
+
+   req->done = req->wq_buf_avail = false;
+   strcpy(req->name, "FLUSH");
+   init_waitqueue_head(>host_acked);
+   init_waitqueue_head(>wq_buf);
+   sg_init_one(, req->name, strlen(req->name));
+   sgs[0] = 
+   sg_init_one(, >ret, sizeof(req->ret));
+   sgs[1] = 
+
+   spin_lock_irqsave(>pmem_lock, flags);
+   err = virtqueue_add_sgs(vpmem->req_vq, sgs, 1, 1, req, GFP_ATOMIC);
+   if (err) {
+   dev_err(>dev, "failed to send command to virtio pmem 
device\n");
+
+   list_add_tail(>req_list, >list);
+   spin_unlock_irqrestore(>pmem_lock, flags);
+
+   /* When host has read buffer, this completes via host_ack */
+   wait_event(req->wq_buf, req->wq_buf_avail);
+   spin_lock_irqsave(>pmem_lock, flags);
+   }
+   err = virtqueue_kick(vpmem->req_vq);
+   spin_unlock_irqrestore(>pmem_lock, flags);
+
+   if (!err) {
+   err = -EIO;
+   goto ret;
+   }
+   /* When host has read buffer, this completes via host_ack */
+   wait_event(req->host_acked, req->done);
+   err = req->ret;
+ret:
+   kfree(req);
+   return err;
+};
+
+ /* The asynchronous flush callback function */
+int async_pmem_flush(struct nd_region *nd_region, struct bio *bio)
+{
+   int rc = 0;
+
+   /* Create child bio for asynchronous flush and chain with
+* parent bio. Otherwise directly call nd_region flush.
+*/
+   if (bio && bio->bi_iter.bi_sector != -1) {
+   struct bio *child = bio_alloc(GFP_ATOMIC, 0);
+
+   if (!child)
+   return -ENOMEM;
+   bio_copy_dev(child, bio);
+   child->bi_opf = REQ_PREFLUSH;
+   child->bi_iter.bi_sector = -1;
+   bio_chain(child, bio);
+   submit_bio(child);
+   } else {
+   if (virtio_pmem_flush(nd_region))
+   rc = -EIO;
+   }
+
+   return rc;
+};

[Qemu-devel] [PATCH v7 0/6] virtio pmem driver

[Pankaj Gupta]

 This patch series has implementation for "virtio pmem". 
 "virtio pmem" is fake persistent memory(nvdimm) in guest 
 which allows to bypass the guest page cache. This also
 implements a VIRTIO based asynchronous flush mechanism.  
 
 Sharing guest kernel driver in this patchset with the 
 changes suggested in v4. Tested with Qemu side device 
 emulation [6] for virtio-pmem. Documented the impact of
 possible page cache side channel attacks with suggested
 countermeasures.

 Incorporated all the review suggestions. 
 
 Details of project idea for 'virtio pmem' flushing interface 
 is shared [3] & [4].

 Implementation is divided into two parts:
 New virtio pmem guest driver and qemu code changes for new 
 virtio pmem paravirtualized device.

1. Guest virtio-pmem kernel driver
-
   - Reads persistent memory range from paravirt device and 
 registers with 'nvdimm_bus'.  
   - 'nvdimm/pmem' driver uses this information to allocate 
 persistent memory region and setup filesystem operations 
 to the allocated memory. 
   - virtio pmem driver implements asynchronous flushing 
 interface to flush from guest to host.

2. Qemu virtio-pmem device
-
   - Creates virtio pmem device and exposes a memory range to 
 KVM guest. 
   - At host side this is file backed memory which acts as 
 persistent memory. 
   - Qemu side flush uses aio thread pool API's and virtio 
 for asynchronous guest multi request handling. 

   David Hildenbrand CCed also posted a modified version[7] of 
   qemu virtio-pmem code based on updated Qemu memory device API. 

 Virtio-pmem security implications and countermeasures:
 -

 In previous posting of kernel driver, there was discussion [9]
 on possible implications of page cache side channel attacks with 
 virtio pmem. After thorough analysis of details of known side 
 channel attacks, below are the suggestions:

 - Depends entirely on how host backing image file is mapped 
   into guest address space. 

 - virtio-pmem device emulation, by default shared mapping is used
   to map host backing file. It is recommended to use separate
   backing file at host side for every guest. This will prevent
   any possibility of executing common code from multiple guests
   and any chance of inferring guest local data based based on 
   execution time.

 - If backing file is required to be shared among multiple guests 
   it is recommended to don't support host page cache eviction 
   commands from the guest driver. This will avoid any possibility
   of inferring guest local data or host data from another guest. 

 - Proposed device specification [8] for virtio-pmem device with 
   details of possible security implications and suggested 
   countermeasures for device emulation.

 Virtio-pmem errors handling:
 
  Checked behaviour of virtio-pmem for below types of errors
  Need suggestions on expected behaviour for handling these errors?

  - Hardware Errors: Uncorrectable recoverable Errors: 
  a] virtio-pmem: 
- As per current logic if error page belongs to Qemu process, 
  host MCE handler isolates(hwpoison) that page and send SIGBUS. 
  Qemu SIGBUS handler injects exception to KVM guest. 
- KVM guest then isolates the page and send SIGBUS to guest 
  userspace process which has mapped the page. 
  
  b] Existing implementation for ACPI pmem driver: 
- Handles such errors with MCE notifier and creates a list 
  of bad blocks. Read/direct access DAX operation return EIO 
  if accessed memory page fall in bad block list.
- It also starts backgound scrubbing.  
- Similar functionality can be reused in virtio-pmem with MCE 
  notifier but without scrubbing(no ACPI/ARS)? Need inputs to 
  confirm if this behaviour is ok or needs any change?

Changes from PATCH v6: [1]
 - Corrected comment format in patch 5 & patch 6. [Dave]
 - Changed variable declaration indentation in patch 6 [Darrick]
 - Add Reviewed-by tag by 'Jan Kara' in patch 4 & patch 5

Changes from PATCH v5: [2]
  Changes suggested in by - [Cornelia, Yuval]
- Remove assignment chaining in virtio driver
- Better error message and remove not required free
- Check nd_region before use

  Changes suggested by - [Jan Kara]
- dax_synchronous() for !CONFIG_DAX
- Correct 'daxdev_mapping_supported' comment and non-dax implementation

  Changes suggested by - [Dan Williams]
- Pass meaningful flag 'DAXDEV_F_SYNC' to alloc_dax
- Gate nvdimm_flush instead of additional async parameter
- Move block chaining logic to flush callback than common nvdimm_flush
- Use NULL flush callback for generic flush for better readability [Dan, Jan]

- Use virtio device id 27 from 25(already used) - [MST]

Changes from PATCH v4:
- Factor out MAP_SYNC supported functionality to a common helper
[Dave, Darrick, Jan]
- 

[Qemu-devel] [PATCH v7 04/21] gdbstub: Implement continue (c pkt) with new infra

[Jon Doron]

Signed-off-by: Jon Doron 
---
 gdbstub.c | 25 +++--
 1 file changed, 19 insertions(+), 6 deletions(-)

diff --git a/gdbstub.c b/gdbstub.c
index c47ef7dd9c..89f1ab6524 100644
--- a/gdbstub.c
+++ b/gdbstub.c
@@ -1522,6 +1522,16 @@ static void handle_thread_alive(GdbCmdContext *gdb_ctx, 
void *user_ctx)
 put_packet(gdb_ctx->s, "OK");
 }
 
+static void handle_continue(GdbCmdContext *gdb_ctx, void *user_ctx)
+{
+if (gdb_ctx->num_params) {
+gdb_set_cpu_pc(gdb_ctx->s, gdb_ctx->params[0].val_ull);
+}
+
+gdb_ctx->s->signal = 0;
+gdb_continue(gdb_ctx->s);
+}
+
 static int gdb_handle_packet(GDBState *s, const char *line_buf)
 {
 CPUState *cpu;
@@ -1558,13 +1568,16 @@ static int gdb_handle_packet(GDBState *s, const char 
*line_buf)
 gdb_breakpoint_remove_all();
 break;
 case 'c':
-if (*p != '\0') {
-addr = strtoull(p, (char **), 16);
-gdb_set_cpu_pc(s, addr);
+{
+static const GdbCmdParseEntry continue_cmd_desc = {
+.handler = handle_continue,
+.cmd = "c",
+.cmd_startswith = 1,
+.schema = "L0"
+};
+cmd_parser = _cmd_desc;
 }
-s->signal = 0;
-gdb_continue(s);
-return RS_IDLE;
+break;
 case 'C':
 s->signal = gdb_signal_to_target (strtoul(p, (char **), 16));
 if (s->signal == -1)
-- 
2.20.1

[Qemu-devel] [PATCH v7 5/6] ext4: disable map_sync for async flush

[Pankaj Gupta]

Dont support 'MAP_SYNC' with non-DAX files and DAX files
with asynchronous dax_device. Virtio pmem provides
asynchronous host page cache flush mechanism. We don't
support 'MAP_SYNC' with virtio pmem and ext4.

Signed-off-by: Pankaj Gupta 
Reviewed-by: Jan Kara 
---
 fs/ext4/file.c | 10 ++
 1 file changed, 6 insertions(+), 4 deletions(-)

diff --git a/fs/ext4/file.c b/fs/ext4/file.c
index 98ec11f69cd4..dee549339e13 100644
--- a/fs/ext4/file.c
+++ b/fs/ext4/file.c
@@ -360,15 +360,17 @@ static const struct vm_operations_struct ext4_file_vm_ops 
= {
 static int ext4_file_mmap(struct file *file, struct vm_area_struct *vma)
 {
struct inode *inode = file->f_mapping->host;
+   struct ext4_sb_info *sbi = EXT4_SB(inode->i_sb);
+   struct dax_device *dax_dev = sbi->s_daxdev;
 
-   if (unlikely(ext4_forced_shutdown(EXT4_SB(inode->i_sb
+   if (unlikely(ext4_forced_shutdown(sbi)))
return -EIO;
 
/*
-* We don't support synchronous mappings for non-DAX files. At least
-* until someone comes with a sensible use case.
+* We don't support synchronous mappings for non-DAX files and
+* for DAX files if underneath dax_device is not synchronous.
 */
-   if (!IS_DAX(file_inode(file)) && (vma->vm_flags & VM_SYNC))
+   if (!daxdev_mapping_supported(vma, dax_dev))
return -EOPNOTSUPP;
 
file_accessed(file);
-- 
2.20.1

[Qemu-devel] [PATCH v7 08/21] gdbstub: Implement remove breakpoint (z pkt) with new infra

[Jon Doron]

Signed-off-by: Jon Doron 
---
 gdbstub.c | 49 -
 1 file changed, 32 insertions(+), 17 deletions(-)

diff --git a/gdbstub.c b/gdbstub.c
index 36c7353a22..b42425b24c 100644
--- a/gdbstub.c
+++ b/gdbstub.c
@@ -1611,6 +1611,29 @@ static void handle_insert_bp(GdbCmdContext *gdb_ctx, 
void *user_ctx)
 put_packet(gdb_ctx->s, "E22");
 }
 
+static void handle_remove_bp(GdbCmdContext *gdb_ctx, void *user_ctx)
+{
+int res;
+
+if (gdb_ctx->num_params < 3) {
+put_packet(gdb_ctx->s, "E22");
+return;
+}
+
+res = gdb_breakpoint_remove(gdb_ctx->params[1].val_ull,
+gdb_ctx->params[2].val_ull,
+gdb_ctx->params[0].val_ul);
+if (res >= 0) {
+put_packet(gdb_ctx->s, "OK");
+return;
+} else if (res == -ENOSYS) {
+put_packet(gdb_ctx->s, "");
+return;
+}
+
+put_packet(gdb_ctx->s, "E22");
+}
+
 static int gdb_handle_packet(GDBState *s, const char *line_buf)
 {
 CPUState *cpu;
@@ -1877,23 +1900,15 @@ static int gdb_handle_packet(GDBState *s, const char 
*line_buf)
 }
 break;
 case 'z':
-type = strtoul(p, (char **), 16);
-if (*p == ',')
-p++;
-addr = strtoull(p, (char **), 16);
-if (*p == ',')
-p++;
-len = strtoull(p, (char **), 16);
-if (ch == 'Z')
-res = gdb_breakpoint_insert(addr, len, type);
-else
-res = gdb_breakpoint_remove(addr, len, type);
-if (res >= 0)
- put_packet(s, "OK");
-else if (res == -ENOSYS)
-put_packet(s, "");
-else
-put_packet(s, "E22");
+{
+static const GdbCmdParseEntry remove_bp_cmd_desc = {
+.handler = handle_remove_bp,
+.cmd = "z",
+.cmd_startswith = 1,
+.schema = "l?L?L0"
+};
+cmd_parser = _bp_cmd_desc;
+}
 break;
 case 'H':
 {
-- 
2.20.1

[Qemu-devel] [PATCH v7 3/6] libnvdimm: add dax_dev sync flag

[Pankaj Gupta]

This patch adds 'DAXDEV_SYNC' flag which is set
for nd_region doing synchronous flush. This later
is used to disable MAP_SYNC functionality for
ext4 & xfs filesystem for devices don't support
synchronous flush.

Signed-off-by: Pankaj Gupta 
---
 drivers/dax/bus.c|  2 +-
 drivers/dax/super.c  | 13 -
 drivers/md/dm.c  |  3 ++-
 drivers/nvdimm/pmem.c|  3 ++-
 drivers/nvdimm/region_devs.c |  7 +++
 include/linux/dax.h  |  8 ++--
 include/linux/libnvdimm.h|  1 +
 7 files changed, 31 insertions(+), 6 deletions(-)

diff --git a/drivers/dax/bus.c b/drivers/dax/bus.c
index 2109cfe80219..5f184e751c82 100644
--- a/drivers/dax/bus.c
+++ b/drivers/dax/bus.c
@@ -388,7 +388,7 @@ struct dev_dax *__devm_create_dev_dax(struct dax_region 
*dax_region, int id,
 * No 'host' or dax_operations since there is no access to this
 * device outside of mmap of the resulting character device.
 */
-   dax_dev = alloc_dax(dev_dax, NULL, NULL);
+   dax_dev = alloc_dax(dev_dax, NULL, NULL, DAXDEV_F_SYNC);
if (!dax_dev)
goto err;
 
diff --git a/drivers/dax/super.c b/drivers/dax/super.c
index 0a339b85133e..bd6509308d05 100644
--- a/drivers/dax/super.c
+++ b/drivers/dax/super.c
@@ -186,6 +186,8 @@ enum dax_device_flags {
DAXDEV_ALIVE,
/* gate whether dax_flush() calls the low level flush routine */
DAXDEV_WRITE_CACHE,
+   /* flag to check if device supports synchronous flush */
+   DAXDEV_SYNC,
 };
 
 /**
@@ -354,6 +356,12 @@ bool dax_write_cache_enabled(struct dax_device *dax_dev)
 }
 EXPORT_SYMBOL_GPL(dax_write_cache_enabled);
 
+bool dax_synchronous(struct dax_device *dax_dev)
+{
+   return test_bit(DAXDEV_SYNC, _dev->flags);
+}
+EXPORT_SYMBOL_GPL(dax_synchronous);
+
 bool dax_alive(struct dax_device *dax_dev)
 {
lockdep_assert_held(_srcu);
@@ -511,7 +519,7 @@ static void dax_add_host(struct dax_device *dax_dev, const 
char *host)
 }
 
 struct dax_device *alloc_dax(void *private, const char *__host,
-   const struct dax_operations *ops)
+   const struct dax_operations *ops, bool sync)
 {
struct dax_device *dax_dev;
const char *host;
@@ -534,6 +542,9 @@ struct dax_device *alloc_dax(void *private, const char 
*__host,
dax_add_host(dax_dev, host);
dax_dev->ops = ops;
dax_dev->private = private;
+   if (sync)
+   set_bit(DAXDEV_SYNC, _dev->flags);
+
return dax_dev;
 
  err_dev:
diff --git a/drivers/md/dm.c b/drivers/md/dm.c
index 68d24056d0b1..dd5266fb5471 100644
--- a/drivers/md/dm.c
+++ b/drivers/md/dm.c
@@ -1965,7 +1965,8 @@ static struct mapped_device *alloc_dev(int minor)
sprintf(md->disk->disk_name, "dm-%d", minor);
 
if (IS_ENABLED(CONFIG_DAX_DRIVER)) {
-   dax_dev = alloc_dax(md, md->disk->disk_name, _dax_ops);
+   dax_dev = alloc_dax(md, md->disk->disk_name, _dax_ops,
+   DAXDEV_F_SYNC);
if (!dax_dev)
goto bad;
}
diff --git a/drivers/nvdimm/pmem.c b/drivers/nvdimm/pmem.c
index f719245da170..34fa20381c05 100644
--- a/drivers/nvdimm/pmem.c
+++ b/drivers/nvdimm/pmem.c
@@ -466,7 +466,8 @@ static int pmem_attach_disk(struct device *dev,
nvdimm_badblocks_populate(nd_region, >bb, _res);
disk->bb = >bb;
 
-   dax_dev = alloc_dax(pmem, disk->disk_name, _dax_ops);
+   dax_dev = alloc_dax(pmem, disk->disk_name, _dax_ops,
+   is_nvdimm_sync(nd_region));
if (!dax_dev) {
put_disk(disk);
return -ENOMEM;
diff --git a/drivers/nvdimm/region_devs.c b/drivers/nvdimm/region_devs.c
index e5b59708865e..427cf28380c6 100644
--- a/drivers/nvdimm/region_devs.c
+++ b/drivers/nvdimm/region_devs.c
@@ -1219,6 +1219,13 @@ int nvdimm_has_cache(struct nd_region *nd_region)
 }
 EXPORT_SYMBOL_GPL(nvdimm_has_cache);
 
+bool is_nvdimm_sync(struct nd_region *nd_region)
+{
+   return is_nd_pmem(_region->dev) &&
+   !test_bit(ND_REGION_ASYNC, _region->flags);
+}
+EXPORT_SYMBOL_GPL(is_nvdimm_sync);
+
 struct conflict_context {
struct nd_region *nd_region;
resource_size_t start, size;
diff --git a/include/linux/dax.h b/include/linux/dax.h
index 0dd316a74a29..c97fc0cc7167 100644
--- a/include/linux/dax.h
+++ b/include/linux/dax.h
@@ -7,6 +7,9 @@
 #include 
 #include 
 
+/* Flag for synchronous flush */
+#define DAXDEV_F_SYNC true
+
 typedef unsigned long dax_entry_t;
 
 struct iomap_ops;
@@ -32,18 +35,19 @@ extern struct attribute_group dax_attribute_group;
 #if IS_ENABLED(CONFIG_DAX)
 struct dax_device *dax_get_by_host(const char *host);
 struct dax_device *alloc_dax(void *private, const char *host,
-   const struct dax_operations *ops);
+   const struct dax_operations *ops, bool sync);
 void put_dax(struct dax_device *dax_dev);
 

[Qemu-devel] [PATCH v7 10/21] gdbstub: Implement get register (p pkt) with new infra

[Jon Doron]

Signed-off-by: Jon Doron 
---
 gdbstub.c | 50 ++
 1 file changed, 38 insertions(+), 12 deletions(-)

diff --git a/gdbstub.c b/gdbstub.c
index 10e3f12a68..e9a3d0c2bc 100644
--- a/gdbstub.c
+++ b/gdbstub.c
@@ -1655,6 +1655,36 @@ static void handle_set_reg(GdbCmdContext *gdb_ctx, void 
*user_ctx)
 put_packet(gdb_ctx->s, "OK");
 }
 
+static void handle_get_reg(GdbCmdContext *gdb_ctx, void *user_ctx)
+{
+int reg_size;
+
+/*
+ * Older gdb are really dumb, and don't use 'g' if 'p' is avaialable.
+ * This works, but can be very slow.  Anything new enough to
+ * understand XML also knows how to use this properly.
+ */
+if (!gdb_has_xml) {
+put_packet(gdb_ctx->s, "");
+return;
+}
+
+if (!gdb_ctx->num_params) {
+put_packet(gdb_ctx->s, "E14");
+return;
+}
+
+reg_size = gdb_read_register(gdb_ctx->s->g_cpu, gdb_ctx->mem_buf,
+ gdb_ctx->params[0].val_ull);
+if (!reg_size) {
+put_packet(gdb_ctx->s, "E14");
+return;
+}
+
+memtohex(gdb_ctx->str_buf, gdb_ctx->mem_buf, reg_size);
+put_packet(gdb_ctx->s, gdb_ctx->str_buf);
+}
+
 static int gdb_handle_packet(GDBState *s, const char *line_buf)
 {
 CPUState *cpu;
@@ -1884,18 +1914,14 @@ static int gdb_handle_packet(GDBState *s, const char 
*line_buf)
 }
 break;
 case 'p':
-/* Older gdb are really dumb, and don't use 'g' if 'p' is avaialable.
-   This works, but can be very slow.  Anything new enough to
-   understand XML also knows how to use this properly.  */
-if (!gdb_has_xml)
-goto unknown_command;
-addr = strtoull(p, (char **), 16);
-reg_size = gdb_read_register(s->g_cpu, mem_buf, addr);
-if (reg_size) {
-memtohex(buf, mem_buf, reg_size);
-put_packet(s, buf);
-} else {
-put_packet(s, "E14");
+{
+static const GdbCmdParseEntry get_reg_cmd_desc = {
+.handler = handle_get_reg,
+.cmd = "p",
+.cmd_startswith = 1,
+.schema = "L0"
+};
+cmd_parser = _reg_cmd_desc;
 }
 break;
 case 'P':
-- 
2.20.1

[Qemu-devel] [PATCH v7 1/6] libnvdimm: nd_region flush callback support

[Pankaj Gupta]

This patch adds functionality to perform flush from guest
to host over VIRTIO. We are registering a callback based
on 'nd_region' type. virtio_pmem driver requires this special
flush function. For rest of the region types we are registering
existing flush function. Report error returned by host fsync
failure to userspace.

Signed-off-by: Pankaj Gupta 
---
 drivers/acpi/nfit/core.c |  4 ++--
 drivers/nvdimm/claim.c   |  6 --
 drivers/nvdimm/nd.h  |  1 +
 drivers/nvdimm/pmem.c| 13 -
 drivers/nvdimm/region_devs.c | 26 --
 include/linux/libnvdimm.h|  8 +++-
 6 files changed, 46 insertions(+), 12 deletions(-)

diff --git a/drivers/acpi/nfit/core.c b/drivers/acpi/nfit/core.c
index 5a389a4f4f65..08dde76cf459 100644
--- a/drivers/acpi/nfit/core.c
+++ b/drivers/acpi/nfit/core.c
@@ -2434,7 +2434,7 @@ static void write_blk_ctl(struct nfit_blk *nfit_blk, 
unsigned int bw,
offset = to_interleave_offset(offset, mmio);
 
writeq(cmd, mmio->addr.base + offset);
-   nvdimm_flush(nfit_blk->nd_region);
+   nvdimm_flush(nfit_blk->nd_region, NULL);
 
if (nfit_blk->dimm_flags & NFIT_BLK_DCR_LATCH)
readq(mmio->addr.base + offset);
@@ -2483,7 +2483,7 @@ static int acpi_nfit_blk_single_io(struct nfit_blk 
*nfit_blk,
}
 
if (rw)
-   nvdimm_flush(nfit_blk->nd_region);
+   nvdimm_flush(nfit_blk->nd_region, NULL);
 
rc = read_blk_stat(nfit_blk, lane) ? -EIO : 0;
return rc;
diff --git a/drivers/nvdimm/claim.c b/drivers/nvdimm/claim.c
index fb667bf469c7..13510bae1e6f 100644
--- a/drivers/nvdimm/claim.c
+++ b/drivers/nvdimm/claim.c
@@ -263,7 +263,7 @@ static int nsio_rw_bytes(struct nd_namespace_common *ndns,
struct nd_namespace_io *nsio = to_nd_namespace_io(>dev);
unsigned int sz_align = ALIGN(size + (offset & (512 - 1)), 512);
sector_t sector = offset >> 9;
-   int rc = 0;
+   int rc = 0, ret = 0;
 
if (unlikely(!size))
return 0;
@@ -301,7 +301,9 @@ static int nsio_rw_bytes(struct nd_namespace_common *ndns,
}
 
memcpy_flushcache(nsio->addr + offset, buf, size);
-   nvdimm_flush(to_nd_region(ndns->dev.parent));
+   ret = nvdimm_flush(to_nd_region(ndns->dev.parent), NULL);
+   if (ret)
+   rc = ret;
 
return rc;
 }
diff --git a/drivers/nvdimm/nd.h b/drivers/nvdimm/nd.h
index a5ac3b240293..0c74d2428bd7 100644
--- a/drivers/nvdimm/nd.h
+++ b/drivers/nvdimm/nd.h
@@ -159,6 +159,7 @@ struct nd_region {
struct badblocks bb;
struct nd_interleave_set *nd_set;
struct nd_percpu_lane __percpu *lane;
+   int (*flush)(struct nd_region *nd_region, struct bio *bio);
struct nd_mapping mapping[0];
 };
 
diff --git a/drivers/nvdimm/pmem.c b/drivers/nvdimm/pmem.c
index bc2f700feef8..f719245da170 100644
--- a/drivers/nvdimm/pmem.c
+++ b/drivers/nvdimm/pmem.c
@@ -192,6 +192,7 @@ static blk_status_t pmem_do_bvec(struct pmem_device *pmem, 
struct page *page,
 
 static blk_qc_t pmem_make_request(struct request_queue *q, struct bio *bio)
 {
+   int ret = 0;
blk_status_t rc = 0;
bool do_acct;
unsigned long start;
@@ -201,7 +202,7 @@ static blk_qc_t pmem_make_request(struct request_queue *q, 
struct bio *bio)
struct nd_region *nd_region = to_region(pmem);
 
if (bio->bi_opf & REQ_PREFLUSH)
-   nvdimm_flush(nd_region);
+   ret = nvdimm_flush(nd_region, bio);
 
do_acct = nd_iostat_start(bio, );
bio_for_each_segment(bvec, bio, iter) {
@@ -216,7 +217,10 @@ static blk_qc_t pmem_make_request(struct request_queue *q, 
struct bio *bio)
nd_iostat_end(bio, start);
 
if (bio->bi_opf & REQ_FUA)
-   nvdimm_flush(nd_region);
+   ret = nvdimm_flush(nd_region, bio);
+
+   if (ret)
+   bio->bi_status = errno_to_blk_status(ret);
 
bio_endio(bio);
return BLK_QC_T_NONE;
@@ -469,7 +473,6 @@ static int pmem_attach_disk(struct device *dev,
}
dax_write_cache(dax_dev, nvdimm_has_cache(nd_region));
pmem->dax_dev = dax_dev;
-
gendev = disk_to_dev(disk);
gendev->groups = pmem_attribute_groups;
 
@@ -527,14 +530,14 @@ static int nd_pmem_remove(struct device *dev)
sysfs_put(pmem->bb_state);
pmem->bb_state = NULL;
}
-   nvdimm_flush(to_nd_region(dev->parent));
+   nvdimm_flush(to_nd_region(dev->parent), NULL);
 
return 0;
 }
 
 static void nd_pmem_shutdown(struct device *dev)
 {
-   nvdimm_flush(to_nd_region(dev->parent));
+   nvdimm_flush(to_nd_region(dev->parent), NULL);
 }
 
 static void nd_pmem_notify(struct device *dev, enum nvdimm_event event)
diff --git a/drivers/nvdimm/region_devs.c b/drivers/nvdimm/region_devs.c
index b4ef7d9ff22e..e5b59708865e 100644
--- a/drivers/nvdimm/region_devs.c
+++ 

[Qemu-devel] [PATCH v7 15/21] gdbstub: Implement file io (F pkt) with new infra

[Jon Doron]

Signed-off-by: Jon Doron 
---
 gdbstub.c | 62 +++
 1 file changed, 40 insertions(+), 22 deletions(-)

diff --git a/gdbstub.c b/gdbstub.c
index 3478ac778d..9fe130f30d 100644
--- a/gdbstub.c
+++ b/gdbstub.c
@@ -1772,6 +1772,39 @@ static void handle_read_all_regs(GdbCmdContext *gdb_ctx, 
void *user_ctx)
 put_packet(gdb_ctx->s, gdb_ctx->str_buf);
 }
 
+static void handle_file_io(GdbCmdContext *gdb_ctx, void *user_ctx)
+{
+int num_syscall_params;
+GdbCmdVariant syscall_params[3] = {};
+
+if (!gdb_ctx->num_params) {
+return;
+}
+
+if (cmd_parse_params(gdb_ctx->params[0].data, "L,L,o0", syscall_params,
+ _syscall_params)) {
+return;
+}
+
+if (!num_syscall_params) {
+return;
+}
+
+if (gdb_ctx->s->current_syscall_cb) {
+gdb_ctx->s->current_syscall_cb(gdb_ctx->s->c_cpu,
+   (target_ulong)syscall_params[0].val_ull,
+   
(target_ulong)syscall_params[1].val_ull);
+gdb_ctx->s->current_syscall_cb = NULL;
+}
+
+if (syscall_params[2].opcode == (uint8_t)'C') {
+put_packet(gdb_ctx->s, "T02");
+return;
+}
+
+gdb_continue(gdb_ctx->s);
+}
+
 static int gdb_handle_packet(GDBState *s, const char *line_buf)
 {
 CPUState *cpu;
@@ -1913,28 +1946,13 @@ static int gdb_handle_packet(GDBState *s, const char 
*line_buf)
 return RS_IDLE;
 case 'F':
 {
-target_ulong ret;
-target_ulong err;
-
-ret = strtoull(p, (char **), 16);
-if (*p == ',') {
-p++;
-err = strtoull(p, (char **), 16);
-} else {
-err = 0;
-}
-if (*p == ',')
-p++;
-type = *p;
-if (s->current_syscall_cb) {
-s->current_syscall_cb(s->c_cpu, ret, err);
-s->current_syscall_cb = NULL;
-}
-if (type == 'C') {
-put_packet(s, "T02");
-} else {
-gdb_continue(s);
-}
+static const GdbCmdParseEntry file_io_cmd_desc = {
+.handler = handle_file_io,
+.cmd = "F",
+.cmd_startswith = 1,
+.schema = "s0"
+};
+cmd_parser = _io_cmd_desc;
 }
 break;
 case 'g':
-- 
2.20.1

[Qemu-devel] [PATCH v7 01/21] gdbstub: Add infrastructure to parse cmd packets

[Jon Doron]

Signed-off-by: Jon Doron 
---
 gdbstub.c | 200 ++
 1 file changed, 200 insertions(+)

diff --git a/gdbstub.c b/gdbstub.c
index d54abd17cc..d5e0f3878a 100644
--- a/gdbstub.c
+++ b/gdbstub.c
@@ -1268,6 +1268,206 @@ out:
 return res;
 }
 
+typedef union GdbCmdVariant {
+const char *data;
+uint8_t opcode;
+unsigned long val_ul;
+unsigned long long val_ull;
+struct {
+GDBThreadIdKind kind;
+uint32_t pid;
+uint32_t tid;
+} thread_id;
+} GdbCmdVariant;
+
+static const char *cmd_next_param(const char *param, const char delimiter)
+{
+static const char all_delimiters[] = ",;:=";
+char curr_delimiters[2] = {0};
+const char *delimiters;
+
+if (delimiter == '?') {
+delimiters = all_delimiters;
+} else if (delimiter == '0') {
+return strchr(param, '\0');
+} else if (delimiter == '.' && *param) {
+return param + 1;
+} else {
+curr_delimiters[0] = delimiter;
+delimiters = curr_delimiters;
+}
+
+param += strcspn(param, delimiters);
+if (*param) {
+param++;
+}
+return param;
+}
+
+static int cmd_parse_params(const char *data, const char *schema,
+GdbCmdVariant *params, int *num_params)
+{
+int curr_param;
+const char *curr_schema, *curr_data;
+
+*num_params = 0;
+
+if (!schema) {
+return 0;
+}
+
+curr_schema = schema;
+curr_param = 0;
+curr_data = data;
+while (curr_schema[0] && curr_schema[1] && *curr_data) {
+switch (curr_schema[0]) {
+case 'l':
+if (qemu_strtoul(curr_data, _data, 16,
+ [curr_param].val_ul)) {
+return -EINVAL;
+}
+curr_param++;
+curr_data = cmd_next_param(curr_data, curr_schema[1]);
+break;
+case 'L':
+if (qemu_strtou64(curr_data, _data, 16,
+  (uint64_t *)[curr_param].val_ull)) {
+return -EINVAL;
+}
+curr_param++;
+curr_data = cmd_next_param(curr_data, curr_schema[1]);
+break;
+case 's':
+params[curr_param].data = curr_data;
+curr_param++;
+curr_data = cmd_next_param(curr_data, curr_schema[1]);
+break;
+case 'o':
+params[curr_param].opcode = *(uint8_t *)curr_data;
+curr_param++;
+curr_data = cmd_next_param(curr_data, curr_schema[1]);
+break;
+case 't':
+params[curr_param].thread_id.kind =
+read_thread_id(curr_data, _data,
+   [curr_param].thread_id.pid,
+   [curr_param].thread_id.tid);
+curr_param++;
+curr_data = cmd_next_param(curr_data, curr_schema[1]);
+break;
+case '?':
+curr_data = cmd_next_param(curr_data, curr_schema[1]);
+break;
+default:
+return -EINVAL;
+}
+curr_schema += 2;
+}
+
+*num_params = curr_param;
+return 0;
+}
+
+typedef struct GdbCmdContext {
+GDBState *s;
+GdbCmdVariant *params;
+int num_params;
+uint8_t mem_buf[MAX_PACKET_LENGTH];
+char str_buf[MAX_PACKET_LENGTH + 1];
+} GdbCmdContext;
+
+typedef void (*GdbCmdHandler)(GdbCmdContext *gdb_ctx, void *user_ctx);
+
+/*
+ * cmd_startswith -> cmd is compared using startswith
+ *
+ *
+ * schema definitions:
+ * Each schema parameter entry consists of 2 chars,
+ * the first char represents the parameter type handling
+ * the second char represents the delimiter for the next parameter
+ *
+ * Currently supported schema types:
+ * 'l' -> unsigned long (stored in .val_ul)
+ * 'L' -> unsigned long long (stored in .val_ull)
+ * 's' -> string (stored in .data)
+ * 'o' -> single char (stored in .opcode)
+ * 't' -> thread id (stored in .thread_id)
+ * '?' -> skip according to delimiter
+ *
+ * Currently supported delimiters:
+ * '?' -> Stop at any delimiter (",;:=\0")
+ * '0' -> Stop at "\0"
+ * '.' -> Skip 1 char unless reached "\0"
+ * Any other value is treated as the delimiter value itself
+ */
+typedef struct GdbCmdParseEntry {
+GdbCmdHandler handler;
+const char *cmd;
+union {
+int flags;
+struct {
+int cmd_startswith:1;
+};
+};
+const char *schema;
+} GdbCmdParseEntry;
+
+static inline int startswith(const char *string, const char *pattern)
+{
+  return !strncmp(string, pattern, strlen(pattern));
+}
+
+static int process_string_cmd(
+GDBState *s, void *user_ctx, const char *data,
+const GdbCmdParseEntry *cmds, int num_cmds)
+__attribute__((unused));
+
+static int process_string_cmd(GDBState *s, void *user_ctx, const char *data,
+  const GdbCmdParseEntry *cmds, int num_cmds)
+{
+int i, schema_len, 

[Qemu-devel] [PATCH v7 00/21] gdbstub: Refactor command packets handler

[Jon Doron]

This patch series refactors the old gdbstub command packets handler
with a new infrastructure which should ease extending and adding new
and missing gdb command packets.

version 7 changes:
- Fixed few checkpatch complaints
- Feedback from Alex Bennee

version 4-6 changes:
- mostly feedback from Richard Henderson

version 3 changes
- Split the single patch to many individual patches for easier reviewing

version 2 changes
- Code convention fixes

Jon Doron (21):
  gdbstub: Add infrastructure to parse cmd packets
  gdbstub: Implement deatch (D pkt) with new infra
  gdbstub: Implement thread_alive (T pkt) with new infra
  gdbstub: Implement continue (c pkt) with new infra
  gdbstub: Implement continue with signal (C pkt) with new infra
  gdbstub: Implement set_thread (H pkt) with new infra
  gdbstub: Implement insert breakpoint (Z pkt) with new infra
  gdbstub: Implement remove breakpoint (z pkt) with new infra
  gdbstub: Implement set register (P pkt) with new infra
  gdbstub: Implement get register (p pkt) with new infra
  gdbstub: Implement write memory (M pkt) with new infra
  gdbstub: Implement read memory (m pkt) with new infra
  gdbstub: Implement write all registers (G pkt) with new infra
  gdbstub: Implement read all registers (g pkt) with new infra
  gdbstub: Implement file io (F pkt) with new infra
  gdbstub: Implement step (s pkt) with new infra
  gdbstub: Implement v commands with new infra
  gdbstub: Implement generic query (q pkt) with new infra
  gdbstub: Implement generic set (Q pkt) with new infra
  gdbstub: Implement target halted (? pkt) with new infra
  gdbstub: Clear unused variables in gdb_handle_packet

 gdbstub.c | 1671 +
 1 file changed, 1185 insertions(+), 486 deletions(-)

-- 
2.20.1

[Qemu-devel] [PATCH v7 02/21] gdbstub: Implement deatch (D pkt) with new infra

[Jon Doron]

Signed-off-by: Jon Doron 
---
 gdbstub.c | 90 ++-
 1 file changed, 50 insertions(+), 40 deletions(-)

diff --git a/gdbstub.c b/gdbstub.c
index d5e0f3878a..621d689868 100644
--- a/gdbstub.c
+++ b/gdbstub.c
@@ -1418,11 +1418,6 @@ static inline int startswith(const char *string, const 
char *pattern)
   return !strncmp(string, pattern, strlen(pattern));
 }
 
-static int process_string_cmd(
-GDBState *s, void *user_ctx, const char *data,
-const GdbCmdParseEntry *cmds, int num_cmds)
-__attribute__((unused));
-
 static int process_string_cmd(GDBState *s, void *user_ctx, const char *data,
   const GdbCmdParseEntry *cmds, int num_cmds)
 {
@@ -1468,6 +1463,41 @@ static int process_string_cmd(GDBState *s, void 
*user_ctx, const char *data,
 return -1;
 }
 
+static void handle_detach(GdbCmdContext *gdb_ctx, void *user_ctx)
+{
+GDBProcess *process;
+GDBState *s = gdb_ctx->s;
+uint32_t pid = 1;
+
+if (s->multiprocess) {
+if (!gdb_ctx->num_params) {
+put_packet(s, "E22");
+return;
+}
+
+pid = gdb_ctx->params[0].val_ul;
+}
+
+process = gdb_get_process(s, pid);
+gdb_process_breakpoint_remove_all(s, process);
+process->attached = false;
+
+if (pid == gdb_get_cpu_pid(s, s->c_cpu)) {
+s->c_cpu = gdb_first_attached_cpu(s);
+}
+
+if (pid == gdb_get_cpu_pid(s, s->g_cpu)) {
+s->g_cpu = gdb_first_attached_cpu(s);
+}
+
+if (!s->c_cpu) {
+/* No more process attached */
+gdb_syscall_mode = GDB_SYS_DISABLED;
+gdb_continue(s);
+}
+put_packet(s, "OK");
+}
+
 static int gdb_handle_packet(GDBState *s, const char *line_buf)
 {
 CPUState *cpu;
@@ -1482,6 +1512,7 @@ static int gdb_handle_packet(GDBState *s, const char 
*line_buf)
 uint8_t *registers;
 target_ulong addr, len;
 GDBThreadIdKind thread_kind;
+const GdbCmdParseEntry *cmd_parser = NULL;
 
 trace_gdbstub_io_command(line_buf);
 
@@ -1582,42 +1613,15 @@ static int gdb_handle_packet(GDBState *s, const char 
*line_buf)
 error_report("QEMU: Terminated via GDBstub");
 exit(0);
 case 'D':
-/* Detach packet */
-pid = 1;
-
-if (s->multiprocess) {
-unsigned long lpid;
-if (*p != ';') {
-put_packet(s, "E22");
-break;
-}
-
-if (qemu_strtoul(p + 1, , 16, )) {
-put_packet(s, "E22");
-break;
-}
-
-pid = lpid;
-}
-
-process = gdb_get_process(s, pid);
-gdb_process_breakpoint_remove_all(s, process);
-process->attached = false;
-
-if (pid == gdb_get_cpu_pid(s, s->c_cpu)) {
-s->c_cpu = gdb_first_attached_cpu(s);
-}
-
-if (pid == gdb_get_cpu_pid(s, s->g_cpu)) {
-s->g_cpu = gdb_first_attached_cpu(s);
-}
-
-if (s->c_cpu == NULL) {
-/* No more process attached */
-gdb_syscall_mode = GDB_SYS_DISABLED;
-gdb_continue(s);
+{
+static const GdbCmdParseEntry detach_cmd_desc = {
+.handler = handle_detach,
+.cmd = "D",
+.cmd_startswith = 1,
+.schema = "?.l0"
+};
+cmd_parser = _cmd_desc;
 }
-put_packet(s, "OK");
 break;
 case 's':
 if (*p != '\0') {
@@ -1990,6 +1994,12 @@ static int gdb_handle_packet(GDBState *s, const char 
*line_buf)
 put_packet(s, buf);
 break;
 }
+
+if (cmd_parser &&
+process_string_cmd(s, NULL, line_buf, cmd_parser, 1)) {
+put_packet(s, "");
+}
+
 return RS_IDLE;
 }
 
-- 
2.20.1

[Qemu-devel] [PATCH v7 18/21] gdbstub: Implement generic query (q pkt) with new infra

[Jon Doron]

Signed-off-by: Jon Doron 
---
 gdbstub.c | 327 ++
 1 file changed, 327 insertions(+)

diff --git a/gdbstub.c b/gdbstub.c
index d56d0fd235..83ae8738cc 100644
--- a/gdbstub.c
+++ b/gdbstub.c
@@ -1915,6 +1915,323 @@ static void handle_v_commands(GdbCmdContext *gdb_ctx, 
void *user_ctx)
 }
 }
 
+static void handle_query_qemu_sstepbits(GdbCmdContext *gdb_ctx, void *user_ctx)
+{
+snprintf(gdb_ctx->str_buf, sizeof(gdb_ctx->str_buf),
+ "ENABLE=%x,NOIRQ=%x,NOTIMER=%x", SSTEP_ENABLE,
+ SSTEP_NOIRQ, SSTEP_NOTIMER);
+put_packet(gdb_ctx->s, gdb_ctx->str_buf);
+}
+
+static void handle_set_qemu_sstep(GdbCmdContext *gdb_ctx, void *user_ctx)
+{
+if (!gdb_ctx->num_params) {
+return;
+}
+
+sstep_flags = gdb_ctx->params[0].val_ul;
+put_packet(gdb_ctx->s, "OK");
+}
+
+static void handle_query_qemu_sstep(GdbCmdContext *gdb_ctx, void *user_ctx)
+{
+snprintf(gdb_ctx->str_buf, sizeof(gdb_ctx->str_buf), "0x%x", sstep_flags);
+put_packet(gdb_ctx->s, gdb_ctx->str_buf);
+}
+
+static void handle_query_curr_tid(GdbCmdContext *gdb_ctx, void *user_ctx)
+{
+CPUState *cpu;
+GDBProcess *process;
+char thread_id[16];
+
+/*
+ * "Current thread" remains vague in the spec, so always return
+ * the first thread of the current process (gdb returns the
+ * first thread).
+ */
+process = gdb_get_cpu_process(gdb_ctx->s, gdb_ctx->s->g_cpu);
+cpu = get_first_cpu_in_process(gdb_ctx->s, process);
+gdb_fmt_thread_id(gdb_ctx->s, cpu, thread_id, sizeof(thread_id));
+snprintf(gdb_ctx->str_buf, sizeof(gdb_ctx->str_buf), "QC%s", thread_id);
+put_packet(gdb_ctx->s, gdb_ctx->str_buf);
+}
+
+static void handle_query_threads(GdbCmdContext *gdb_ctx, void *user_ctx)
+{
+char thread_id[16];
+
+if (!gdb_ctx->s->query_cpu) {
+put_packet(gdb_ctx->s, "l");
+return;
+}
+
+gdb_fmt_thread_id(gdb_ctx->s, gdb_ctx->s->query_cpu, thread_id,
+  sizeof(thread_id));
+snprintf(gdb_ctx->str_buf, sizeof(gdb_ctx->str_buf), "m%s", thread_id);
+put_packet(gdb_ctx->s, gdb_ctx->str_buf);
+gdb_ctx->s->query_cpu =
+gdb_next_attached_cpu(gdb_ctx->s, gdb_ctx->s->query_cpu);
+}
+
+static void handle_query_first_threads(GdbCmdContext *gdb_ctx, void *user_ctx)
+{
+gdb_ctx->s->query_cpu = gdb_first_attached_cpu(gdb_ctx->s);
+handle_query_threads(gdb_ctx, user_ctx);
+}
+
+static void handle_query_thread_extra(GdbCmdContext *gdb_ctx, void *user_ctx)
+{
+CPUState *cpu;
+int len;
+
+if (!gdb_ctx->num_params ||
+gdb_ctx->params[0].thread_id.kind == GDB_READ_THREAD_ERR) {
+put_packet(gdb_ctx->s, "E22");
+return;
+}
+
+cpu = gdb_get_cpu(gdb_ctx->s, gdb_ctx->params[0].thread_id.pid,
+  gdb_ctx->params[0].thread_id.tid);
+if (!cpu) {
+return;
+}
+
+cpu_synchronize_state(cpu);
+
+if (gdb_ctx->s->multiprocess && (gdb_ctx->s->process_num > 1)) {
+/* Print the CPU model and name in multiprocess mode */
+ObjectClass *oc = object_get_class(OBJECT(cpu));
+const char *cpu_model = object_class_get_name(oc);
+char *cpu_name = object_get_canonical_path_component(OBJECT(cpu));
+len = snprintf((char *)gdb_ctx->mem_buf, sizeof(gdb_ctx->str_buf) / 2,
+   "%s %s [%s]", cpu_model, cpu_name,
+   cpu->halted ? "halted " : "running");
+g_free(cpu_name);
+} else {
+/* memtohex() doubles the required space */
+len = snprintf((char *)gdb_ctx->mem_buf, sizeof(gdb_ctx->str_buf) / 2,
+"CPU#%d [%s]", cpu->cpu_index,
+cpu->halted ? "halted " : "running");
+}
+trace_gdbstub_op_extra_info((char *)gdb_ctx->mem_buf);
+memtohex(gdb_ctx->str_buf, gdb_ctx->mem_buf, len);
+put_packet(gdb_ctx->s, gdb_ctx->str_buf);
+}
+
+#ifdef CONFIG_USER_ONLY
+static void handle_query_offsets(GdbCmdContext *gdb_ctx, void *user_ctx)
+{
+TaskState *ts;
+
+ts = gdb_ctx->s->c_cpu->opaque;
+snprintf(gdb_ctx->str_buf, sizeof(gdb_ctx->str_buf),
+ "Text=" TARGET_ABI_FMT_lx ";Data=" TARGET_ABI_FMT_lx
+ ";Bss=" TARGET_ABI_FMT_lx,
+ ts->info->code_offset,
+ ts->info->data_offset,
+ ts->info->data_offset);
+put_packet(gdb_ctx->s, gdb_ctx->str_buf);
+}
+#else
+static void handle_query_rcmd(GdbCmdContext *gdb_ctx, void *user_ctx)
+{
+int len;
+
+if (!gdb_ctx->num_params) {
+put_packet(gdb_ctx->s, "E22");
+return;
+}
+
+len = strlen(gdb_ctx->params[0].data);
+if (len % 2) {
+put_packet(gdb_ctx->s, "E01");
+return;
+}
+
+len = len / 2;
+hextomem(gdb_ctx->mem_buf, gdb_ctx->params[0].data, len);
+gdb_ctx->mem_buf[len++] = 0;
+qemu_chr_be_write(gdb_ctx->s->mon_chr, gdb_ctx->mem_buf, len);
+put_packet(gdb_ctx->s, "OK");
+

[Qemu-devel] [PATCH v7 03/21] gdbstub: Implement thread_alive (T pkt) with new infra

[Jon Doron]

Signed-off-by: Jon Doron 
---
 gdbstub.c | 43 ---
 1 file changed, 32 insertions(+), 11 deletions(-)

diff --git a/gdbstub.c b/gdbstub.c
index 621d689868..c47ef7dd9c 100644
--- a/gdbstub.c
+++ b/gdbstub.c
@@ -1498,6 +1498,30 @@ static void handle_detach(GdbCmdContext *gdb_ctx, void 
*user_ctx)
 put_packet(s, "OK");
 }
 
+static void handle_thread_alive(GdbCmdContext *gdb_ctx, void *user_ctx)
+{
+CPUState *cpu;
+
+if (!gdb_ctx->num_params) {
+put_packet(gdb_ctx->s, "E22");
+return;
+}
+
+if (gdb_ctx->params[0].thread_id.kind == GDB_READ_THREAD_ERR) {
+put_packet(gdb_ctx->s, "E22");
+return;
+}
+
+cpu = gdb_get_cpu(gdb_ctx->s, gdb_ctx->params[0].thread_id.pid,
+  gdb_ctx->params[0].thread_id.tid);
+if (!cpu) {
+put_packet(gdb_ctx->s, "E22");
+return;
+}
+
+put_packet(gdb_ctx->s, "OK");
+}
+
 static int gdb_handle_packet(GDBState *s, const char *line_buf)
 {
 CPUState *cpu;
@@ -1798,17 +1822,14 @@ static int gdb_handle_packet(GDBState *s, const char 
*line_buf)
 }
 break;
 case 'T':
-thread_kind = read_thread_id(p, , , );
-if (thread_kind == GDB_READ_THREAD_ERR) {
-put_packet(s, "E22");
-break;
-}
-cpu = gdb_get_cpu(s, pid, tid);
-
-if (cpu != NULL) {
-put_packet(s, "OK");
-} else {
-put_packet(s, "E22");
+{
+static const GdbCmdParseEntry thread_alive_cmd_desc = {
+.handler = handle_thread_alive,
+.cmd = "T",
+.cmd_startswith = 1,
+.schema = "t0"
+};
+cmd_parser = _alive_cmd_desc;
 }
 break;
 case 'q':
-- 
2.20.1

[Qemu-devel] [PATCH v7 07/21] gdbstub: Implement insert breakpoint (Z pkt) with new infra

[Jon Doron]

Signed-off-by: Jon Doron 
---
 gdbstub.c | 33 +
 1 file changed, 33 insertions(+)

diff --git a/gdbstub.c b/gdbstub.c
index 21cdaf4678..36c7353a22 100644
--- a/gdbstub.c
+++ b/gdbstub.c
@@ -1588,6 +1588,29 @@ static void handle_set_thread(GdbCmdContext *gdb_ctx, 
void *user_ctx)
 }
 }
 
+static void handle_insert_bp(GdbCmdContext *gdb_ctx, void *user_ctx)
+{
+int res;
+
+if (gdb_ctx->num_params < 3) {
+put_packet(gdb_ctx->s, "E22");
+return;
+}
+
+res = gdb_breakpoint_insert(gdb_ctx->params[1].val_ull,
+gdb_ctx->params[2].val_ull,
+gdb_ctx->params[0].val_ul);
+if (res >= 0) {
+put_packet(gdb_ctx->s, "OK");
+return;
+} else if (res == -ENOSYS) {
+put_packet(gdb_ctx->s, "");
+return;
+}
+
+put_packet(gdb_ctx->s, "E22");
+}
+
 static int gdb_handle_packet(GDBState *s, const char *line_buf)
 {
 CPUState *cpu;
@@ -1843,6 +1866,16 @@ static int gdb_handle_packet(GDBState *s, const char 
*line_buf)
 put_packet(s, "OK");
 break;
 case 'Z':
+{
+static const GdbCmdParseEntry insert_bp_cmd_desc = {
+.handler = handle_insert_bp,
+.cmd = "Z",
+.cmd_startswith = 1,
+.schema = "l?L?L0"
+};
+cmd_parser = _bp_cmd_desc;
+}
+break;
 case 'z':
 type = strtoul(p, (char **), 16);
 if (*p == ',')
-- 
2.20.1

[Qemu-devel] [PATCH v7 09/21] gdbstub: Implement set register (P pkt) with new infra

[Jon Doron]

Signed-off-by: Jon Doron 
---
 gdbstub.c | 39 ++-
 1 file changed, 30 insertions(+), 9 deletions(-)

diff --git a/gdbstub.c b/gdbstub.c
index b42425b24c..10e3f12a68 100644
--- a/gdbstub.c
+++ b/gdbstub.c
@@ -1634,6 +1634,27 @@ static void handle_remove_bp(GdbCmdContext *gdb_ctx, 
void *user_ctx)
 put_packet(gdb_ctx->s, "E22");
 }
 
+static void handle_set_reg(GdbCmdContext *gdb_ctx, void *user_ctx)
+{
+int reg_size;
+
+if (!gdb_has_xml) {
+put_packet(gdb_ctx->s, "");
+return;
+}
+
+if (gdb_ctx->num_params < 2) {
+put_packet(gdb_ctx->s, "");
+return;
+}
+
+reg_size = strlen(gdb_ctx->params[1].data) / 2;
+hextomem(gdb_ctx->mem_buf, gdb_ctx->params[1].data, reg_size);
+gdb_write_register(gdb_ctx->s->g_cpu, gdb_ctx->mem_buf,
+   gdb_ctx->params[0].val_ull);
+put_packet(gdb_ctx->s, "OK");
+}
+
 static int gdb_handle_packet(GDBState *s, const char *line_buf)
 {
 CPUState *cpu;
@@ -1878,15 +1899,15 @@ static int gdb_handle_packet(GDBState *s, const char 
*line_buf)
 }
 break;
 case 'P':
-if (!gdb_has_xml)
-goto unknown_command;
-addr = strtoull(p, (char **), 16);
-if (*p == '=')
-p++;
-reg_size = strlen(p) / 2;
-hextomem(mem_buf, p, reg_size);
-gdb_write_register(s->g_cpu, mem_buf, addr);
-put_packet(s, "OK");
+{
+static const GdbCmdParseEntry set_reg_cmd_desc = {
+.handler = handle_set_reg,
+.cmd = "P",
+.cmd_startswith = 1,
+.schema = "L?s0"
+};
+cmd_parser = _reg_cmd_desc;
+}
 break;
 case 'Z':
 {
-- 
2.20.1

[Qemu-devel] [PATCH v7 05/21] gdbstub: Implement continue with signal (C pkt) with new infra

[Jon Doron]

Signed-off-by: Jon Doron 
---
 gdbstub.c | 30 +-
 1 file changed, 25 insertions(+), 5 deletions(-)

diff --git a/gdbstub.c b/gdbstub.c
index 89f1ab6524..469aaeb875 100644
--- a/gdbstub.c
+++ b/gdbstub.c
@@ -1532,6 +1532,21 @@ static void handle_continue(GdbCmdContext *gdb_ctx, void 
*user_ctx)
 gdb_continue(gdb_ctx->s);
 }
 
+static void handle_cont_with_sig(GdbCmdContext *gdb_ctx, void *user_ctx)
+{
+unsigned long signal = 0;
+
+if (gdb_ctx->num_params) {
+signal = gdb_ctx->params[0].val_ul;
+}
+
+gdb_ctx->s->signal = gdb_signal_to_target(signal);
+if (gdb_ctx->s->signal == -1) {
+gdb_ctx->s->signal = 0;
+}
+gdb_continue(gdb_ctx->s);
+}
+
 static int gdb_handle_packet(GDBState *s, const char *line_buf)
 {
 CPUState *cpu;
@@ -1579,11 +1594,16 @@ static int gdb_handle_packet(GDBState *s, const char 
*line_buf)
 }
 break;
 case 'C':
-s->signal = gdb_signal_to_target (strtoul(p, (char **), 16));
-if (s->signal == -1)
-s->signal = 0;
-gdb_continue(s);
-return RS_IDLE;
+{
+static const GdbCmdParseEntry cont_with_sig_cmd_desc = {
+.handler = handle_cont_with_sig,
+.cmd = "C",
+.cmd_startswith = 1,
+.schema = "l0"
+};
+cmd_parser = _with_sig_cmd_desc;
+}
+break;
 case 'v':
 if (strncmp(p, "Cont", 4) == 0) {
 p += 4;
-- 
2.20.1

[Qemu-devel] [PATCH v7 11/21] gdbstub: Implement write memory (M pkt) with new infra

[Jon Doron]

Signed-off-by: Jon Doron 
---
 gdbstub.c | 51 +--
 1 file changed, 33 insertions(+), 18 deletions(-)

diff --git a/gdbstub.c b/gdbstub.c
index e9a3d0c2bc..8dc2e1d507 100644
--- a/gdbstub.c
+++ b/gdbstub.c
@@ -1685,6 +1685,31 @@ static void handle_get_reg(GdbCmdContext *gdb_ctx, void 
*user_ctx)
 put_packet(gdb_ctx->s, gdb_ctx->str_buf);
 }
 
+static void handle_write_mem(GdbCmdContext *gdb_ctx, void *user_ctx)
+{
+if (gdb_ctx->num_params < 3) {
+put_packet(gdb_ctx->s, "E22");
+return;
+}
+
+/* hextomem() reads 2*len bytes */
+if (gdb_ctx->params[1].val_ull > strlen(gdb_ctx->params[2].data) / 2) {
+put_packet(gdb_ctx->s, "E22");
+return;
+}
+
+hextomem(gdb_ctx->mem_buf, gdb_ctx->params[2].data,
+ gdb_ctx->params[1].val_ull);
+if (target_memory_rw_debug(gdb_ctx->s->g_cpu, gdb_ctx->params[0].val_ull,
+   gdb_ctx->mem_buf,
+   gdb_ctx->params[1].val_ull, true)) {
+put_packet(gdb_ctx->s, "E14");
+return;
+}
+
+put_packet(gdb_ctx->s, "OK");
+}
+
 static int gdb_handle_packet(GDBState *s, const char *line_buf)
 {
 CPUState *cpu;
@@ -1893,24 +1918,14 @@ static int gdb_handle_packet(GDBState *s, const char 
*line_buf)
 }
 break;
 case 'M':
-addr = strtoull(p, (char **), 16);
-if (*p == ',')
-p++;
-len = strtoull(p, (char **), 16);
-if (*p == ':')
-p++;
-
-/* hextomem() reads 2*len bytes */
-if (len > strlen(p) / 2) {
-put_packet (s, "E22");
-break;
-}
-hextomem(mem_buf, p, len);
-if (target_memory_rw_debug(s->g_cpu, addr, mem_buf, len,
-   true) != 0) {
-put_packet(s, "E14");
-} else {
-put_packet(s, "OK");
+{
+static const GdbCmdParseEntry write_mem_cmd_desc = {
+.handler = handle_write_mem,
+.cmd = "M",
+.cmd_startswith = 1,
+.schema = "L,L:s0"
+};
+cmd_parser = _mem_cmd_desc;
 }
 break;
 case 'p':
-- 
2.20.1

[Qemu-devel] [PATCH v7 19/21] gdbstub: Implement generic set (Q pkt) with new infra

[Jon Doron]

Signed-off-by: Jon Doron 
---
 gdbstub.c | 213 +++---
 1 file changed, 25 insertions(+), 188 deletions(-)

diff --git a/gdbstub.c b/gdbstub.c
index 83ae8738cc..2fd0d66f4d 100644
--- a/gdbstub.c
+++ b/gdbstub.c
@@ -1130,14 +1130,6 @@ static GDBThreadIdKind read_thread_id(const char *buf, 
const char **end_buf,
 return GDB_ONE_THREAD;
 }
 
-static int is_query_packet(const char *p, const char *query, char separator)
-{
-unsigned int query_len = strlen(query);
-
-return strncmp(p, query, query_len) == 0 &&
-(p[query_len] == '\0' || p[query_len] == separator);
-}
-
 /**
  * gdb_handle_vcont - Parses and handles a vCont packet.
  * returns -ENOTSUP if a command is unsupported, -EINVAL or -ERANGE if there is
@@ -2232,18 +2224,28 @@ static void handle_gen_query(GdbCmdContext *gdb_ctx, 
void *user_ctx)
 }
 }
 
+static void handle_gen_set(GdbCmdContext *gdb_ctx, void *user_ctx)
+{
+if (!gdb_ctx->num_params) {
+return;
+}
+
+if (!process_string_cmd(gdb_ctx->s, NULL, gdb_ctx->params[0].data,
+gdb_gen_query_set_common_table,
+ARRAY_SIZE(gdb_gen_query_set_common_table))) {
+return;
+}
+
+put_packet(gdb_ctx->s, "");
+}
+
 static int gdb_handle_packet(GDBState *s, const char *line_buf)
 {
-CPUState *cpu;
-GDBProcess *process;
-CPUClass *cc;
 const char *p;
-uint32_t pid, tid;
-int ch, type;
+int ch;
 uint8_t mem_buf[MAX_PACKET_LENGTH];
 char buf[sizeof(mem_buf) + 1 /* trailing NUL */];
 char thread_id[16];
-target_ulong addr, len;
 const GdbCmdParseEntry *cmd_parser = NULL;
 
 trace_gdbstub_io_command(line_buf);
@@ -2456,182 +2458,17 @@ static int gdb_handle_packet(GDBState *s, const char 
*line_buf)
 }
 break;
 case 'Q':
-/* parse any 'q' packets here */
-if (!strcmp(p,"qemu.sstepbits")) {
-/* Query Breakpoint bit definitions */
-snprintf(buf, sizeof(buf), "ENABLE=%x,NOIRQ=%x,NOTIMER=%x",
- SSTEP_ENABLE,
- SSTEP_NOIRQ,
- SSTEP_NOTIMER);
-put_packet(s, buf);
-break;
-} else if (is_query_packet(p, "qemu.sstep", '=')) {
-/* Display or change the sstep_flags */
-p += 10;
-if (*p != '=') {
-/* Display current setting */
-snprintf(buf, sizeof(buf), "0x%x", sstep_flags);
-put_packet(s, buf);
-break;
-}
-p++;
-type = strtoul(p, (char **), 16);
-sstep_flags = type;
-put_packet(s, "OK");
-break;
-} else if (strcmp(p,"C") == 0) {
-/*
- * "Current thread" remains vague in the spec, so always return
- * the first thread of the current process (gdb returns the
- * first thread).
- */
-cpu = get_first_cpu_in_process(s, gdb_get_cpu_process(s, 
s->g_cpu));
-snprintf(buf, sizeof(buf), "QC%s",
- gdb_fmt_thread_id(s, cpu, thread_id, sizeof(thread_id)));
-put_packet(s, buf);
-break;
-} else if (strcmp(p,"fThreadInfo") == 0) {
-s->query_cpu = gdb_first_attached_cpu(s);
-goto report_cpuinfo;
-} else if (strcmp(p,"sThreadInfo") == 0) {
-report_cpuinfo:
-if (s->query_cpu) {
-snprintf(buf, sizeof(buf), "m%s",
- gdb_fmt_thread_id(s, s->query_cpu,
-   thread_id, sizeof(thread_id)));
-put_packet(s, buf);
-s->query_cpu = gdb_next_attached_cpu(s, s->query_cpu);
-} else
-put_packet(s, "l");
-break;
-} else if (strncmp(p,"ThreadExtraInfo,", 16) == 0) {
-if (read_thread_id(p + 16, , , ) == GDB_READ_THREAD_ERR) 
{
-put_packet(s, "E22");
-break;
-}
-cpu = gdb_get_cpu(s, pid, tid);
-if (cpu != NULL) {
-cpu_synchronize_state(cpu);
-
-if (s->multiprocess && (s->process_num > 1)) {
-/* Print the CPU model and name in multiprocess mode */
-ObjectClass *oc = object_get_class(OBJECT(cpu));
-const char *cpu_model = object_class_get_name(oc);
-char *cpu_name =
-object_get_canonical_path_component(OBJECT(cpu));
-len = snprintf((char *)mem_buf, sizeof(buf) / 2,
-   "%s %s [%s]", cpu_model, cpu_name,
-   cpu->halted ? "halted " : "running");
-g_free(cpu_name);
-} else {
-/* memtohex() doubles the required space */
-len = 

[Qemu-devel] [PATCH v7 21/21] gdbstub: Clear unused variables in gdb_handle_packet

[Jon Doron]

Signed-off-by: Jon Doron 
---
 gdbstub.c | 11 ++-
 1 file changed, 2 insertions(+), 9 deletions(-)

diff --git a/gdbstub.c b/gdbstub.c
index d678191705..8bdfae4b29 100644
--- a/gdbstub.c
+++ b/gdbstub.c
@@ -2259,17 +2259,11 @@ static void handle_target_halt(GdbCmdContext *gdb_ctx, 
void *user_ctx)
 
 static int gdb_handle_packet(GDBState *s, const char *line_buf)
 {
-const char *p;
-int ch;
-uint8_t mem_buf[MAX_PACKET_LENGTH];
-char buf[sizeof(mem_buf) + 1 /* trailing NUL */];
 const GdbCmdParseEntry *cmd_parser = NULL;
 
 trace_gdbstub_io_command(line_buf);
 
-p = line_buf;
-ch = *p++;
-switch(ch) {
+switch (line_buf[0]) {
 case '!':
 put_packet(s, "OK");
 break;
@@ -2486,8 +2480,7 @@ static int gdb_handle_packet(GDBState *s, const char 
*line_buf)
 break;
 default:
 /* put empty packet */
-buf[0] = '\0';
-put_packet(s, buf);
+put_packet(s, "");
 break;
 }
 
-- 
2.20.1

[Qemu-devel] [PATCH v7 13/21] gdbstub: Implement write all registers (G pkt) with new infra

[Jon Doron]

Signed-off-by: Jon Doron 
---
 gdbstub.c | 41 +++--
 1 file changed, 31 insertions(+), 10 deletions(-)

diff --git a/gdbstub.c b/gdbstub.c
index daa602edc3..adfe39b3a3 100644
--- a/gdbstub.c
+++ b/gdbstub.c
@@ -1734,6 +1734,29 @@ static void handle_read_mem(GdbCmdContext *gdb_ctx, void 
*user_ctx)
 put_packet(gdb_ctx->s, gdb_ctx->str_buf);
 }
 
+static void handle_write_all_regs(GdbCmdContext *gdb_ctx, void *user_ctx)
+{
+target_ulong addr, len;
+uint8_t *registers;
+int reg_size;
+
+if (!gdb_ctx->num_params) {
+return;
+}
+
+cpu_synchronize_state(gdb_ctx->s->g_cpu);
+registers = gdb_ctx->mem_buf;
+len = strlen(gdb_ctx->params[0].data) / 2;
+hextomem(registers, gdb_ctx->params[0].data, len);
+for (addr = 0; addr < gdb_ctx->s->g_cpu->gdb_num_g_regs && len > 0;
+ addr++) {
+reg_size = gdb_write_register(gdb_ctx->s->g_cpu, registers, addr);
+len -= reg_size;
+registers += reg_size;
+}
+put_packet(gdb_ctx->s, "OK");
+}
+
 static int gdb_handle_packet(GDBState *s, const char *line_buf)
 {
 CPUState *cpu;
@@ -1745,7 +1768,6 @@ static int gdb_handle_packet(GDBState *s, const char 
*line_buf)
 uint8_t mem_buf[MAX_PACKET_LENGTH];
 char buf[sizeof(mem_buf) + 1 /* trailing NUL */];
 char thread_id[16];
-uint8_t *registers;
 target_ulong addr, len;
 const GdbCmdParseEntry *cmd_parser = NULL;
 
@@ -1911,16 +1933,15 @@ static int gdb_handle_packet(GDBState *s, const char 
*line_buf)
 put_packet(s, buf);
 break;
 case 'G':
-cpu_synchronize_state(s->g_cpu);
-registers = mem_buf;
-len = strlen(p) / 2;
-hextomem((uint8_t *)registers, p, len);
-for (addr = 0; addr < s->g_cpu->gdb_num_g_regs && len > 0; addr++) {
-reg_size = gdb_write_register(s->g_cpu, registers, addr);
-len -= reg_size;
-registers += reg_size;
+{
+static const GdbCmdParseEntry write_all_regs_cmd_desc = {
+.handler = handle_write_all_regs,
+.cmd = "G",
+.cmd_startswith = 1,
+.schema = "s0"
+};
+cmd_parser = _all_regs_cmd_desc;
 }
-put_packet(s, "OK");
 break;
 case 'm':
 {
-- 
2.20.1

[Qemu-devel] [PATCH v7 12/21] gdbstub: Implement read memory (m pkt) with new infra

[Jon Doron]

Signed-off-by: Jon Doron 
---
 gdbstub.c | 48 
 1 file changed, 32 insertions(+), 16 deletions(-)

diff --git a/gdbstub.c b/gdbstub.c
index 8dc2e1d507..daa602edc3 100644
--- a/gdbstub.c
+++ b/gdbstub.c
@@ -1710,6 +1710,30 @@ static void handle_write_mem(GdbCmdContext *gdb_ctx, 
void *user_ctx)
 put_packet(gdb_ctx->s, "OK");
 }
 
+static void handle_read_mem(GdbCmdContext *gdb_ctx, void *user_ctx)
+{
+if (gdb_ctx->num_params < 2) {
+put_packet(gdb_ctx->s, "E22");
+return;
+}
+
+/* memtohex() doubles the required space */
+if (gdb_ctx->params[1].val_ull > MAX_PACKET_LENGTH / 2) {
+put_packet(gdb_ctx->s, "E22");
+return;
+}
+
+if (target_memory_rw_debug(gdb_ctx->s->g_cpu, gdb_ctx->params[0].val_ull,
+   gdb_ctx->mem_buf,
+   gdb_ctx->params[1].val_ull, false)) {
+put_packet(gdb_ctx->s, "E14");
+return;
+}
+
+memtohex(gdb_ctx->str_buf, gdb_ctx->mem_buf, gdb_ctx->params[1].val_ull);
+put_packet(gdb_ctx->s, gdb_ctx->str_buf);
+}
+
 static int gdb_handle_packet(GDBState *s, const char *line_buf)
 {
 CPUState *cpu;
@@ -1899,22 +1923,14 @@ static int gdb_handle_packet(GDBState *s, const char 
*line_buf)
 put_packet(s, "OK");
 break;
 case 'm':
-addr = strtoull(p, (char **), 16);
-if (*p == ',')
-p++;
-len = strtoull(p, NULL, 16);
-
-/* memtohex() doubles the required space */
-if (len > MAX_PACKET_LENGTH / 2) {
-put_packet (s, "E22");
-break;
-}
-
-if (target_memory_rw_debug(s->g_cpu, addr, mem_buf, len, false) != 0) {
-put_packet (s, "E14");
-} else {
-memtohex(buf, mem_buf, len);
-put_packet(s, buf);
+{
+static const GdbCmdParseEntry read_mem_cmd_desc = {
+.handler = handle_read_mem,
+.cmd = "m",
+.cmd_startswith = 1,
+.schema = "L,L0"
+};
+cmd_parser = _mem_cmd_desc;
 }
 break;
 case 'M':
-- 
2.20.1

[Qemu-devel] [PATCH v7 06/21] gdbstub: Implement set_thread (H pkt) with new infra

[Jon Doron]

Signed-off-by: Jon Doron 
---
 gdbstub.c | 79 ++-
 1 file changed, 49 insertions(+), 30 deletions(-)

diff --git a/gdbstub.c b/gdbstub.c
index 469aaeb875..21cdaf4678 100644
--- a/gdbstub.c
+++ b/gdbstub.c
@@ -1547,6 +1547,47 @@ static void handle_cont_with_sig(GdbCmdContext *gdb_ctx, 
void *user_ctx)
 gdb_continue(gdb_ctx->s);
 }
 
+static void handle_set_thread(GdbCmdContext *gdb_ctx, void *user_ctx)
+{
+CPUState *cpu;
+
+if (gdb_ctx->num_params < 2) {
+put_packet(gdb_ctx->s, "E22");
+return;
+}
+
+if (gdb_ctx->params[1].thread_id.kind == GDB_READ_THREAD_ERR) {
+put_packet(gdb_ctx->s, "E22");
+return;
+}
+
+if (gdb_ctx->params[1].thread_id.kind != GDB_ONE_THREAD) {
+put_packet(gdb_ctx->s, "OK");
+return;
+}
+
+cpu = gdb_get_cpu(gdb_ctx->s, gdb_ctx->params[1].thread_id.pid,
+  gdb_ctx->params[1].thread_id.tid);
+if (!cpu) {
+put_packet(gdb_ctx->s, "E22");
+return;
+}
+
+switch (gdb_ctx->params[0].opcode) {
+case 'c':
+gdb_ctx->s->c_cpu = cpu;
+put_packet(gdb_ctx->s, "OK");
+break;
+case 'g':
+gdb_ctx->s->g_cpu = cpu;
+put_packet(gdb_ctx->s, "OK");
+break;
+default:
+put_packet(gdb_ctx->s, "E22");
+break;
+}
+}
+
 static int gdb_handle_packet(GDBState *s, const char *line_buf)
 {
 CPUState *cpu;
@@ -1560,7 +1601,6 @@ static int gdb_handle_packet(GDBState *s, const char 
*line_buf)
 char thread_id[16];
 uint8_t *registers;
 target_ulong addr, len;
-GDBThreadIdKind thread_kind;
 const GdbCmdParseEntry *cmd_parser = NULL;
 
 trace_gdbstub_io_command(line_buf);
@@ -1823,35 +1863,14 @@ static int gdb_handle_packet(GDBState *s, const char 
*line_buf)
 put_packet(s, "E22");
 break;
 case 'H':
-type = *p++;
-
-thread_kind = read_thread_id(p, , , );
-if (thread_kind == GDB_READ_THREAD_ERR) {
-put_packet(s, "E22");
-break;
-}
-
-if (thread_kind != GDB_ONE_THREAD) {
-put_packet(s, "OK");
-break;
-}
-cpu = gdb_get_cpu(s, pid, tid);
-if (cpu == NULL) {
-put_packet(s, "E22");
-break;
-}
-switch (type) {
-case 'c':
-s->c_cpu = cpu;
-put_packet(s, "OK");
-break;
-case 'g':
-s->g_cpu = cpu;
-put_packet(s, "OK");
-break;
-default:
- put_packet(s, "E22");
- break;
+{
+static const GdbCmdParseEntry set_thread_cmd_desc = {
+.handler = handle_set_thread,
+.cmd = "H",
+.cmd_startswith = 1,
+.schema = "o.t0"
+};
+cmd_parser = _thread_cmd_desc;
 }
 break;
 case 'T':
-- 
2.20.1

[Qemu-devel] [PATCH v7 20/21] gdbstub: Implement target halted (? pkt) with new infra

[Jon Doron]

Signed-off-by: Jon Doron 
---
 gdbstub.c | 36 ++--
 1 file changed, 26 insertions(+), 10 deletions(-)

diff --git a/gdbstub.c b/gdbstub.c
index 2fd0d66f4d..d678191705 100644
--- a/gdbstub.c
+++ b/gdbstub.c
@@ -2239,13 +2239,30 @@ static void handle_gen_set(GdbCmdContext *gdb_ctx, void 
*user_ctx)
 put_packet(gdb_ctx->s, "");
 }
 
+static void handle_target_halt(GdbCmdContext *gdb_ctx, void *user_ctx)
+{
+char thread_id[16];
+
+/* TODO: Make this return the correct value for user-mode.  */
+gdb_fmt_thread_id(gdb_ctx->s, gdb_ctx->s->c_cpu, thread_id,
+  sizeof(thread_id));
+snprintf(gdb_ctx->str_buf, sizeof(gdb_ctx->str_buf), "T%02xthread:%s;",
+ GDB_SIGNAL_TRAP, thread_id);
+put_packet(gdb_ctx->s, gdb_ctx->str_buf);
+/*
+ * Remove all the breakpoints when this query is issued,
+ * because gdb is doing and initial connect and the state
+ * should be cleaned up.
+ */
+gdb_breakpoint_remove_all();
+}
+
 static int gdb_handle_packet(GDBState *s, const char *line_buf)
 {
 const char *p;
 int ch;
 uint8_t mem_buf[MAX_PACKET_LENGTH];
 char buf[sizeof(mem_buf) + 1 /* trailing NUL */];
-char thread_id[16];
 const GdbCmdParseEntry *cmd_parser = NULL;
 
 trace_gdbstub_io_command(line_buf);
@@ -2257,15 +2274,14 @@ static int gdb_handle_packet(GDBState *s, const char 
*line_buf)
 put_packet(s, "OK");
 break;
 case '?':
-/* TODO: Make this return the correct value for user-mode.  */
-snprintf(buf, sizeof(buf), "T%02xthread:%s;", GDB_SIGNAL_TRAP,
- gdb_fmt_thread_id(s, s->c_cpu, thread_id, sizeof(thread_id)));
-put_packet(s, buf);
-/* Remove all the breakpoints when this query is issued,
- * because gdb is doing and initial connect and the state
- * should be cleaned up.
- */
-gdb_breakpoint_remove_all();
+{
+static const GdbCmdParseEntry target_halted_cmd_desc = {
+.handler = handle_target_halt,
+.cmd = "?",
+.cmd_startswith = 1
+};
+cmd_parser = _halted_cmd_desc;
+}
 break;
 case 'c':
 {
-- 
2.20.1

[Qemu-devel] [PATCH v7 17/21] gdbstub: Implement v commands with new infra

[Jon Doron]

Signed-off-by: Jon Doron 
---
 gdbstub.c | 170 +++---
 1 file changed, 110 insertions(+), 60 deletions(-)

diff --git a/gdbstub.c b/gdbstub.c
index 9b0556f8be..d56d0fd235 100644
--- a/gdbstub.c
+++ b/gdbstub.c
@@ -1815,6 +1815,106 @@ static void handle_step(GdbCmdContext *gdb_ctx, void 
*user_ctx)
 gdb_continue(gdb_ctx->s);
 }
 
+static void handle_v_cont_query(GdbCmdContext *gdb_ctx, void *user_ctx)
+{
+put_packet(gdb_ctx->s, "vCont;c;C;s;S");
+}
+
+static void handle_v_cont(GdbCmdContext *gdb_ctx, void *user_ctx)
+{
+int res;
+
+if (!gdb_ctx->num_params) {
+return;
+}
+
+res = gdb_handle_vcont(gdb_ctx->s, gdb_ctx->params[0].data);
+if ((res == -EINVAL) || (res == -ERANGE)) {
+put_packet(gdb_ctx->s, "E22");
+} else if (res) {
+put_packet(gdb_ctx->s, "\0");
+}
+}
+
+static void handle_v_attach(GdbCmdContext *gdb_ctx, void *user_ctx)
+{
+GDBProcess *process;
+CPUState *cpu;
+char thread_id[16];
+
+strcpy(gdb_ctx->str_buf, "E22");
+if (!gdb_ctx->num_params) {
+goto cleanup;
+}
+
+process = gdb_get_process(gdb_ctx->s, gdb_ctx->params[0].val_ul);
+if (!process) {
+goto cleanup;
+}
+
+cpu = get_first_cpu_in_process(gdb_ctx->s, process);
+if (!cpu) {
+goto cleanup;
+}
+
+process->attached = true;
+gdb_ctx->s->g_cpu = cpu;
+gdb_ctx->s->c_cpu = cpu;
+
+gdb_fmt_thread_id(gdb_ctx->s, cpu, thread_id, sizeof(thread_id));
+snprintf(gdb_ctx->str_buf, sizeof(gdb_ctx->str_buf), "T%02xthread:%s;",
+ GDB_SIGNAL_TRAP, thread_id);
+cleanup:
+put_packet(gdb_ctx->s, gdb_ctx->str_buf);
+}
+
+static void handle_v_kill(GdbCmdContext *gdb_ctx, void *user_ctx)
+{
+/* Kill the target */
+put_packet(gdb_ctx->s, "OK");
+error_report("QEMU: Terminated via GDBstub");
+exit(0);
+}
+
+static GdbCmdParseEntry gdb_v_commands_table[] = {
+/* Order is important if has same prefix */
+{
+.handler = handle_v_cont_query,
+.cmd = "Cont?",
+.cmd_startswith = 1
+},
+{
+.handler = handle_v_cont,
+.cmd = "Cont",
+.cmd_startswith = 1,
+.schema = "s0"
+},
+{
+.handler = handle_v_attach,
+.cmd = "Attach;",
+.cmd_startswith = 1,
+.schema = "l0"
+},
+{
+.handler = handle_v_kill,
+.cmd = "Kill;",
+.cmd_startswith = 1
+},
+};
+
+static void handle_v_commands(GdbCmdContext *gdb_ctx, void *user_ctx)
+{
+if (!gdb_ctx->num_params) {
+return;
+}
+
+if (process_string_cmd(gdb_ctx->s, NULL, gdb_ctx->params[0].data,
+   gdb_v_commands_table,
+   ARRAY_SIZE(gdb_v_commands_table))) {
+put_packet(gdb_ctx->s, "");
+}
+}
+
 static int gdb_handle_packet(GDBState *s, const char *line_buf)
 {
 CPUState *cpu;
@@ -1822,7 +1922,7 @@ static int gdb_handle_packet(GDBState *s, const char 
*line_buf)
 CPUClass *cc;
 const char *p;
 uint32_t pid, tid;
-int ch, type, res;
+int ch, type;
 uint8_t mem_buf[MAX_PACKET_LENGTH];
 char buf[sizeof(mem_buf) + 1 /* trailing NUL */];
 char thread_id[16];
@@ -1871,66 +1971,16 @@ static int gdb_handle_packet(GDBState *s, const char 
*line_buf)
 }
 break;
 case 'v':
-if (strncmp(p, "Cont", 4) == 0) {
-p += 4;
-if (*p == '?') {
-put_packet(s, "vCont;c;C;s;S");
-break;
-}
-
-res = gdb_handle_vcont(s, p);
-
-if (res) {
-if ((res == -EINVAL) || (res == -ERANGE)) {
-put_packet(s, "E22");
-break;
-}
-goto unknown_command;
-}
-break;
-} else if (strncmp(p, "Attach;", 7) == 0) {
-unsigned long pid;
-
-p += 7;
-
-if (qemu_strtoul(p, , 16, )) {
-put_packet(s, "E22");
-break;
-}
-
-process = gdb_get_process(s, pid);
-
-if (process == NULL) {
-put_packet(s, "E22");
-break;
-}
-
-cpu = get_first_cpu_in_process(s, process);
-
-if (cpu == NULL) {
-/* Refuse to attach an empty process */
-put_packet(s, "E22");
-break;
-}
-
-process->attached = true;
-
-s->g_cpu = cpu;
-s->c_cpu = cpu;
-
-snprintf(buf, sizeof(buf), "T%02xthread:%s;", GDB_SIGNAL_TRAP,
- gdb_fmt_thread_id(s, cpu, thread_id, sizeof(thread_id)));
-
-put_packet(s, buf);
-break;
-} else if (strncmp(p, "Kill;", 5) == 0) {
-/* Kill the target */
-put_packet(s, "OK");
-error_report("QEMU: Terminated via GDBstub");
-   

[Qemu-devel] [PATCH v7 16/21] gdbstub: Implement step (s pkt) with new infra

[Jon Doron]

Signed-off-by: Jon Doron 
---
 gdbstub.c | 25 +++--
 1 file changed, 19 insertions(+), 6 deletions(-)

diff --git a/gdbstub.c b/gdbstub.c
index 9fe130f30d..9b0556f8be 100644
--- a/gdbstub.c
+++ b/gdbstub.c
@@ -1805,6 +1805,16 @@ static void handle_file_io(GdbCmdContext *gdb_ctx, void 
*user_ctx)
 gdb_continue(gdb_ctx->s);
 }
 
+static void handle_step(GdbCmdContext *gdb_ctx, void *user_ctx)
+{
+if (gdb_ctx->num_params) {
+gdb_set_cpu_pc(gdb_ctx->s, (target_ulong)gdb_ctx->params[0].val_ull);
+}
+
+cpu_single_step(gdb_ctx->s->c_cpu, sstep_flags);
+gdb_continue(gdb_ctx->s);
+}
+
 static int gdb_handle_packet(GDBState *s, const char *line_buf)
 {
 CPUState *cpu;
@@ -1937,13 +1947,16 @@ static int gdb_handle_packet(GDBState *s, const char 
*line_buf)
 }
 break;
 case 's':
-if (*p != '\0') {
-addr = strtoull(p, (char **), 16);
-gdb_set_cpu_pc(s, addr);
+{
+static const GdbCmdParseEntry step_cmd_desc = {
+.handler = handle_step,
+.cmd = "s",
+.cmd_startswith = 1,
+.schema = "L0"
+};
+cmd_parser = _cmd_desc;
 }
-cpu_single_step(s->c_cpu, sstep_flags);
-gdb_continue(s);
-return RS_IDLE;
+break;
 case 'F':
 {
 static const GdbCmdParseEntry file_io_cmd_desc = {
-- 
2.20.1

[Qemu-devel] [PATCH v7 14/21] gdbstub: Implement read all registers (g pkt) with new infra

[Jon Doron]

Signed-off-by: Jon Doron 
---
 gdbstub.c | 31 +++
 1 file changed, 23 insertions(+), 8 deletions(-)

diff --git a/gdbstub.c b/gdbstub.c
index adfe39b3a3..3478ac778d 100644
--- a/gdbstub.c
+++ b/gdbstub.c
@@ -1757,6 +1757,21 @@ static void handle_write_all_regs(GdbCmdContext 
*gdb_ctx, void *user_ctx)
 put_packet(gdb_ctx->s, "OK");
 }
 
+static void handle_read_all_regs(GdbCmdContext *gdb_ctx, void *user_ctx)
+{
+target_ulong addr, len;
+
+cpu_synchronize_state(gdb_ctx->s->g_cpu);
+len = 0;
+for (addr = 0; addr < gdb_ctx->s->g_cpu->gdb_num_g_regs; addr++) {
+len += gdb_read_register(gdb_ctx->s->g_cpu, gdb_ctx->mem_buf + len,
+ addr);
+}
+
+memtohex(gdb_ctx->str_buf, gdb_ctx->mem_buf, len);
+put_packet(gdb_ctx->s, gdb_ctx->str_buf);
+}
+
 static int gdb_handle_packet(GDBState *s, const char *line_buf)
 {
 CPUState *cpu;
@@ -1764,7 +1779,7 @@ static int gdb_handle_packet(GDBState *s, const char 
*line_buf)
 CPUClass *cc;
 const char *p;
 uint32_t pid, tid;
-int ch, reg_size, type, res;
+int ch, type, res;
 uint8_t mem_buf[MAX_PACKET_LENGTH];
 char buf[sizeof(mem_buf) + 1 /* trailing NUL */];
 char thread_id[16];
@@ -1923,14 +1938,14 @@ static int gdb_handle_packet(GDBState *s, const char 
*line_buf)
 }
 break;
 case 'g':
-cpu_synchronize_state(s->g_cpu);
-len = 0;
-for (addr = 0; addr < s->g_cpu->gdb_num_g_regs; addr++) {
-reg_size = gdb_read_register(s->g_cpu, mem_buf + len, addr);
-len += reg_size;
+{
+static const GdbCmdParseEntry read_all_regs_cmd_desc = {
+.handler = handle_read_all_regs,
+.cmd = "g",
+.cmd_startswith = 1
+};
+cmd_parser = _all_regs_cmd_desc;
 }
-memtohex(buf, mem_buf, len);
-put_packet(s, buf);
 break;
 case 'G':
 {
-- 
2.20.1

Re: [Qemu-devel] [PATCH v3 01/20] gdbstub: Add infrastructure to parse cmd packets

[Jon Doron]

Hi Alex,

Thank you for your comments I will add a cover-letter and update it
with the review changes, as for what I'm was hoping to add later on is
mostly
custom query commands for KVM perhaps might apply to other
architectures as well here are things i had mind:
1. Get VM nested state, this way you can get the correct VMCS12 if we
are in nested state
2. Read/Write MSR
3. Read/Write Control Registers
4. Read/Write physical memory
5. Search pattern in Physical memory

I did notice there are few custom things already in gdbstub one in
particular that I would have considered that needs to modified a bit
in order to be easier to parse is the 'F' command which is currently
used only for ARM to syscall cb, but that's a different topic

Thanks,
-- Jon.

On Thu, Apr 25, 2019 at 6:00 PM Alex Bennée  wrote:
>
>
> ari...@gmail.com writes:
>
> > From: Jon Doron 
> >
> > Signed-off-by: Jon Doron 
>
> Multi-patch series should have a cover letter:
>
>   
> https://wiki.qemu.org/index.php/Contribute/SubmitAPatch#Include_a_meaningful_cover_letter
>
> Overall this looks like a nice improvement to the parsing code. Please
> CC me on the next revision.
>
> I'm still curious as to what additional commands you plan to implement
> once this is merged?
>
> --
> Alex Bennée

Re: [Qemu-devel] [PATCH v3 01/20] gdbstub: Add infrastructure to parse cmd packets

[Jon Doron]

Thank you Alex I will publish v8 with fixes from your review :) please
see my comments below

On Thu, Apr 25, 2019 at 5:42 PM Alex Bennée  wrote:
>
>
> ari...@gmail.com writes:
>
> > From: Jon Doron 
> >
> > Signed-off-by: Jon Doron 
> > ---
> >  gdbstub.c | 215 ++
> >  1 file changed, 215 insertions(+)
> >
> > diff --git a/gdbstub.c b/gdbstub.c
> > index d54abd17cc..b5bd01b913 100644
> > --- a/gdbstub.c
> > +++ b/gdbstub.c
> > @@ -1268,6 +1268,221 @@ out:
> >  return res;
> >  }
> >
> > +typedef union GdbCmdVariant {
> > +const char *data;
> > +uint8_t opcode;
> > +unsigned long val_ul;
> > +unsigned long long val_ull;
> > +struct {
> > +GDBThreadIdKind kind;
> > +uint32_t pid;
> > +uint32_t tid;
> > +} thread_id;
> > +} GdbCmdVariant;
> > +
> > +static const char *cmd_next_param(const char *param, const char delimiter)
> > +{
> > +const char *delim;
> > +static char all_delimiters[] = ",;:=";
> > +static char no_delimiter[] = "\0";
> > +char curr_delimiters[2] = {0};
> > +const char *delimiters;
> > +
> > +if (delimiter == '?') {
> > +delimiters = all_delimiters;
> > +} else if (delimiter == '0') {
> > +delimiters = no_delimiter;
> > +} else if (delimiter == '.' && *param) {
> > +return param + 1;
> > +} else {
> > +curr_delimiters[0] = delimiter;
> > +delimiters = curr_delimiters;
> > +}
> > +
> > +while (*param) {
> > +delim = delimiters;
> > +while (*delim) {
> > +if (*param == *delim) {
> > +return param + 1;
> > +}
> > +delim++;
> > +}
> > +param++;
> > +}
> > +
> > +return param;
> > +}
> > +
> > +static int cmd_parse_params(const char *data, const char *schema,
> > +GdbCmdVariant *params, int *num_params)
> > +{
> > +int curr_param;
> > +const char *curr_schema, *curr_data;
> > +
> > +*num_params = 0;
> > +
> > +if (!schema) {
> > +return 0;
> > +}
> > +
> > +curr_schema = schema;
> > +curr_param = 0;
> > +curr_data = data;
> > +while (curr_schema[0] && curr_schema[1] && *curr_data) {
> > +switch (curr_schema[0]) {
> > +case 'l':
> > +if (qemu_strtoul(curr_data, _data, 16,
> > + [curr_param].val_ul)) {
> > +return -EINVAL;
> > +}
> > +curr_param++;
> > +curr_data = cmd_next_param(curr_data, curr_schema[1]);
> > +break;
> > +case 'L':
> > +if (qemu_strtou64(curr_data, _data, 16,
> > +  (uint64_t *)[curr_param].val_ull)) {
> > +return -EINVAL;
> > +}
> > +curr_param++;
> > +curr_data = cmd_next_param(curr_data, curr_schema[1]);
> > +break;
> > +case 's':
> > +params[curr_param].data = curr_data;
> > +curr_param++;
> > +curr_data = cmd_next_param(curr_data, curr_schema[1]);
> > +break;
> > +case 'o':
> > +params[curr_param].opcode = *(uint8_t *)curr_data;
> > +curr_param++;
> > +curr_data = cmd_next_param(curr_data, curr_schema[1]);
> > +break;
> > +case 't':
> > +params[curr_param].thread_id.kind =
> > +read_thread_id(curr_data, _data,
> > +   [curr_param].thread_id.pid,
> > +   [curr_param].thread_id.tid);
> > +curr_param++;
> > +curr_data = cmd_next_param(curr_data, curr_schema[1]);
> > +break;
> > +case 'x':
> > +params[curr_param].data = curr_data;
> > +curr_param++;
> > +curr_data = cmd_next_param(curr_data, curr_schema[1]);
> > +break;
> > +case '?':
> > +curr_data = cmd_next_param(curr_data, curr_schema[1]);
> > +break;
> > +default:
> > +return -EINVAL;
> > +}
> > +curr_schema += 2;
> > +}
> > +
> > +*num_params = curr_param;
> > +return 0;
> > +}
> > +
> > +typedef struct GdbCmdContext {
> > +GDBState *s;
> > +GdbCmdVariant *params;
> > +int num_params;
> > +uint8_t mem_buf[MAX_PACKET_LENGTH];
> > +char str_buf[MAX_PACKET_LENGTH + 1];
> > +} GdbCmdContext;
> > +
> > +typedef void (*GdbCmdHandler)(GdbCmdContext *gdb_ctx, void *user_ctx);
> > +
> > +/*
> > + * cmd_startswith -> cmd is compared using startswith
> > + * cmd_full_match -> cmd is compared using strcmp
>
> Doesn't !cmd_full_match imply cmd_startswith?

Done

>
> > + *
> > + *
> > + * schema definitions:
> > + * Each schema parameter entry consists of 2 chars,
> > + * the first char represents the parameter type handling
> > + * the second char represents the delimiter 

[Qemu-devel] [Bug 1826422] Re: Regression: QEMU 4.0 hangs the host (*bisect included*)

[Alex Williamson]

Not just NVIDIA, forcing a NIC to use INTx also fails and it's apparent
from the host that the device is stuck with DisINTx+.  Looks like the
resampling mechanism that allows KVM to unmask the interrupt is broken
with split irqchip.

-- 
You received this bug notification because you are a member of qemu-
devel-ml, which is subscribed to QEMU.
https://bugs.launchpad.net/bugs/1826422

Title:
  Regression: QEMU 4.0 hangs the host (*bisect included*)

Status in QEMU:
  New

Bug description:
  The commit b2fc91db84470a78f8e93f5b5f913c17188792c8 seemingly
  introduced a regression on my system.

  When I start QEMU, the guest and the host hang (I need a hard reset to
  get back to a working system), before anything shows on the guest.

  I use QEMU with GPU passthrough (which worked perfectly until the
  commit above). This is the command I use:

  ```
  /path/to/qemu-system-x86_64
-drive if=pflash,format=raw,readonly,file=/path/to/OVMF_CODE.fd
-drive if=pflash,format=raw,file=/tmp/OVMF_VARS.fd.tmp
-enable-kvm
-machine q35,accel=kvm,mem-merge=off
-cpu 
host,kvm=off,hv_vendor_id=vgaptrocks,hv_relaxed,hv_spinlocks=0x1fff,hv_vapic,hv_time
-smp 4,cores=4,sockets=1,threads=1
-m 10240
-vga none
-rtc base=localtime
-serial none
-parallel none
-usb
-device usb-tablet
-device vfio-pci,host=01:00.0,multifunction=on
-device vfio-pci,host=01:00.1
-device usb-host,vendorid=,productid=
-device usb-host,vendorid=,productid=
-device usb-host,vendorid=,productid=
-device usb-host,vendorid=,productid=
-device usb-host,vendorid=,productid=
-device usb-host,vendorid=,productid=
-device virtio-scsi-pci,id=scsi
-drive file=/path/to/guest.img,id=hdd1,format=qcow2,if=none,cache=writeback
-device scsi-hd,drive=hdd1
-net nic,model=virtio
-net user,smb=/path/to/shared
  ```

  If I run QEMU without GPU passthrough, it runs fine.

  Some details about my system:

  - O/S: Mint 19.1 x86-64 (it's based on Ubuntu 18.04)
  - Kernel: 4.15
  - `configure` options: `--target-list=x86_64-softmmu --enable-gtk 
--enable-spice --audio-drv-list=pa`
  - EDK2 version: 1a734ed85fda71630c795832e6d24ea560caf739 (20/Apr/2019)
  - CPU: i7-6700k
  - Motherboard: ASRock Z170 Gaming-ITX/ac
  - VGA: Gigabyte GTX 960 Mini-ITX

To manage notifications about this bug go to:
https://bugs.launchpad.net/qemu/+bug/1826422/+subscriptions

[Qemu-devel] [PATCH] migration/colo.h: Remove obsolete codes

[Zhang Chen]

From: Zhang Chen 

Signed-off-by: Zhang Chen 
---
 include/migration/colo.h | 2 --
 1 file changed, 2 deletions(-)

diff --git a/include/migration/colo.h b/include/migration/colo.h
index ddebe0ad27..f6fbe23ec9 100644
--- a/include/migration/colo.h
+++ b/include/migration/colo.h
@@ -22,8 +22,6 @@ enum colo_event {
 COLO_EVENT_FAILOVER,
 };
 
-void colo_info_init(void);
-
 void migrate_start_colo_process(MigrationState *s);
 bool migration_in_colo_state(void);
 
-- 
2.17.GIT

[Qemu-devel] [PATCH] migration/colo.c: Remove redundant input parameter

[Zhang Chen]

From: Zhang Chen 

The colo_do_failover no need the input parameter.

Signed-off-by: Zhang Chen 
---
 include/migration/colo.h  | 2 +-
 migration/colo-failover.c | 2 +-
 migration/colo.c  | 2 +-
 3 files changed, 3 insertions(+), 3 deletions(-)

diff --git a/include/migration/colo.h b/include/migration/colo.h
index 99ce17aca7..ddebe0ad27 100644
--- a/include/migration/colo.h
+++ b/include/migration/colo.h
@@ -37,7 +37,7 @@ bool migration_incoming_in_colo_state(void);
 COLOMode get_colo_mode(void);
 
 /* failover */
-void colo_do_failover(MigrationState *s);
+void colo_do_failover(void);
 
 void colo_checkpoint_notify(void *opaque);
 #endif
diff --git a/migration/colo-failover.c b/migration/colo-failover.c
index 4854a96c92..e9ca0b4774 100644
--- a/migration/colo-failover.c
+++ b/migration/colo-failover.c
@@ -39,7 +39,7 @@ static void colo_failover_bh(void *opaque)
 return;
 }
 
-colo_do_failover(NULL);
+colo_do_failover();
 }
 
 void failover_request_active(Error **errp)
diff --git a/migration/colo.c b/migration/colo.c
index 238a6d62c7..8c1644091f 100644
--- a/migration/colo.c
+++ b/migration/colo.c
@@ -193,7 +193,7 @@ COLOMode get_colo_mode(void)
 }
 }
 
-void colo_do_failover(MigrationState *s)
+void colo_do_failover(void)
 {
 /* Make sure VM stopped while failover happened. */
 if (!colo_runstate_is_stopped()) {
-- 
2.17.GIT

[Qemu-devel] [Bug 1826422] Re: Regression: QEMU 4.0 hangs the host (*bisect included*)

[Alex Williamson]

This seems related to INTx (legacy) interrupt mode, which NVIDIA GeForce
will use by default.  Using regedit in a Windows VM or adjusting
nvidia.ko module parameters of a Linux VM can enable the driver to use
MSI, which seems unaffected.  We also have the vfio-pci device option x
-no-kvm-intx=on, which is probably a good compliment to configuring the
driver to use MSI until we get this figured out, as the Windows driver
likes to occasional switch MSI off, which would leave you in a bad
state.  Routing INTx through QEMU would be a performance regression
though, so while a workaround, having it routed through QEMU and not
using MSI, is not a great combination.

-- 
You received this bug notification because you are a member of qemu-
devel-ml, which is subscribed to QEMU.
https://bugs.launchpad.net/bugs/1826422

Title:
  Regression: QEMU 4.0 hangs the host (*bisect included*)

Status in QEMU:
  New

Bug description:
  The commit b2fc91db84470a78f8e93f5b5f913c17188792c8 seemingly
  introduced a regression on my system.

  When I start QEMU, the guest and the host hang (I need a hard reset to
  get back to a working system), before anything shows on the guest.

  I use QEMU with GPU passthrough (which worked perfectly until the
  commit above). This is the command I use:

  ```
  /path/to/qemu-system-x86_64
-drive if=pflash,format=raw,readonly,file=/path/to/OVMF_CODE.fd
-drive if=pflash,format=raw,file=/tmp/OVMF_VARS.fd.tmp
-enable-kvm
-machine q35,accel=kvm,mem-merge=off
-cpu 
host,kvm=off,hv_vendor_id=vgaptrocks,hv_relaxed,hv_spinlocks=0x1fff,hv_vapic,hv_time
-smp 4,cores=4,sockets=1,threads=1
-m 10240
-vga none
-rtc base=localtime
-serial none
-parallel none
-usb
-device usb-tablet
-device vfio-pci,host=01:00.0,multifunction=on
-device vfio-pci,host=01:00.1
-device usb-host,vendorid=,productid=
-device usb-host,vendorid=,productid=
-device usb-host,vendorid=,productid=
-device usb-host,vendorid=,productid=
-device usb-host,vendorid=,productid=
-device usb-host,vendorid=,productid=
-device virtio-scsi-pci,id=scsi
-drive file=/path/to/guest.img,id=hdd1,format=qcow2,if=none,cache=writeback
-device scsi-hd,drive=hdd1
-net nic,model=virtio
-net user,smb=/path/to/shared
  ```

  If I run QEMU without GPU passthrough, it runs fine.

  Some details about my system:

  - O/S: Mint 19.1 x86-64 (it's based on Ubuntu 18.04)
  - Kernel: 4.15
  - `configure` options: `--target-list=x86_64-softmmu --enable-gtk 
--enable-spice --audio-drv-list=pa`
  - EDK2 version: 1a734ed85fda71630c795832e6d24ea560caf739 (20/Apr/2019)
  - CPU: i7-6700k
  - Motherboard: ASRock Z170 Gaming-ITX/ac
  - VGA: Gigabyte GTX 960 Mini-ITX

To manage notifications about this bug go to:
https://bugs.launchpad.net/qemu/+bug/1826422/+subscriptions

[Qemu-devel] [PATCH] memory: correct the comment to DIRTY_MEMORY_MIGRATION

[Wei Yang]

The dirty bit is DIRTY_MEMORY_MIGRATION. Correct the comment.

Signed-off-by: Wei Yang 
---
 memory.c | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/memory.c b/memory.c
index e49369d85d..9d015bfe4c 100644
--- a/memory.c
+++ b/memory.c
@@ -2576,7 +2576,7 @@ void memory_global_dirty_log_start(void)
 
 MEMORY_LISTENER_CALL_GLOBAL(log_global_start, Forward);
 
-/* Refresh DIRTY_LOG_MIGRATION bit.  */
+/* Refresh DIRTY_MEMORY_MIGRATION bit.  */
 memory_region_transaction_begin();
 memory_region_update_pending = true;
 memory_region_transaction_commit();
@@ -2586,7 +2586,7 @@ static void memory_global_dirty_log_do_stop(void)
 {
 global_dirty_log = false;
 
-/* Refresh DIRTY_LOG_MIGRATION bit.  */
+/* Refresh DIRTY_MEMORY_MIGRATION bit.  */
 memory_region_transaction_begin();
 memory_region_update_pending = true;
 memory_region_transaction_commit();
-- 
2.19.1

Re: [Qemu-devel] [PATCH 1/2] vfio/mdev: add version field as mandatory attribute for mdev device

[Yan Zhao]

On Wed, Apr 24, 2019 at 05:10:43PM +0800, Christophe de Dinechin wrote:
> 
> 
> > On 23 Apr 2019, at 12:39, Daniel P. Berrangé  wrote:
> > 
> > On Fri, Apr 19, 2019 at 04:35:04AM -0400, Yan Zhao wrote:
> >> device version attribute in mdev sysfs is used by user space software
> >> (e.g. libvirt) to query device compatibility for live migration of VFIO
> >> mdev devices. This attribute is mandatory if a mdev device supports live
> >> migration.
> >> 
> >> It consists of two parts: common part and vendor proprietary part.
> >> common part: 32 bit. lower 16 bits is vendor id and higher 16 bits
> >> identifies device type. e.g., for pci device, it is
> >> "pci vendor id" | (VFIO_DEVICE_FLAGS_PCI << 16).
> >> vendor proprietary part: this part is varied in length. vendor driver can
> >> specify any string to identify a device.
> >> 
> >> When reading this attribute, it should show device version string of the
> >> device of type . If a device does not support live migration, it
> >> should return errno.
> >> When writing a string to this attribute, it returns errno for
> >> incompatibility or returns written string length in compatibility case.
> >> If a device does not support live migration, it always returns errno.
> >> 
> >> For user space software to use:
> >> 1.
> >> Before starting live migration, user space software first reads source side
> >> mdev device's version. e.g.
> >> "#cat \
> >> /sys/bus/pci/devices/\:00\:02.0/5ac1fb20-2bbf-4842-bb7e-36c58c3be9cd/mdev_type/version"
> >> 00028086-193b-i915-GVTg_V5_4
> >> 
> >> 2.
> >> Then, user space software writes the source side returned version string
> >> to device version attribute in target side, and checks the return value.
> >> If a negative errno is returned in the target side, then mdev devices in
> >> source and target sides are not compatible;
> >> If a positive number is returned and it equals to the length of written
> >> string, then the two mdev devices in source and target side are compatible.
> >> e.g.
> >> (a) compatibility case
> >> "# echo 00028086-193b-i915-GVTg_V5_4 >
> >> /sys/bus/pci/devices/\:00\:02.0/882cc4da-dede-11e7-9180-078a62063ab1/mdev_type/version"
> >> 
> >> (b) incompatibility case
> >> "#echo 00028086-193b-i915-GVTg_V5_1 >
> >> /sys/bus/pci/devices/\:00\:02.0/882cc4da-dede-11e7-9180-078a62063ab1/mdev_type/version"
> >> -bash: echo: write error: Invalid argument
> > 
> > What you have written here seems to imply that each mdev type is able to
> > support many different versions at the same time. Writing a version into
> > this sysfs file then chooses which of the many versions to actually use.
> > 
> > This is good as it allows for live migration across driver software 
> > upgrades.
> > 
> > A mgmt application may well want to know what versions are supported for an
> > mdev type *before* starting a migration. A mgmt app can query all the 100's
> > of hosts it knows and thus figure out which are valid to use as the target
> > of a migration.
> > 
> > IOW, we want to avoid the ever hitting the incompatibility case in the
> > first place, by only choosing to migrate to a host that we know is going
> > to be compatible.
> > 
> > This would need some kind of way to report the full list of supported
> > versions against the mdev supported types on the host.
> > 
> > 
> >> 3. if two mdev devices are compatible, user space software can start
> >> live migration, and vice versa.
> >> 
> >> Note: if a mdev device does not support live migration, it either does
> >> not provide a version attribute, or always returns errno when its version
> >> attribute is read/written.
> >> 
> >> Cc: Alex Williamson 
> >> Cc: Erik Skultety 
> >> Cc: "Dr. David Alan Gilbert" 
> >> Cc: Cornelia Huck 
> >> Cc: "Tian, Kevin" 
> >> Cc: Zhenyu Wang 
> >> Cc: "Wang, Zhi A" 
> >> Cc: Neo Jia 
> >> Cc: Kirti Wankhede 
> >> 
> >> Signed-off-by: Yan Zhao 
> >> ---
> >> Documentation/vfio-mediated-device.txt | 36 ++
> >> samples/vfio-mdev/mbochs.c | 17 
> >> samples/vfio-mdev/mdpy.c   | 16 
> >> samples/vfio-mdev/mtty.c   | 16 
> >> 4 files changed, 85 insertions(+)
> >> 
> >> diff --git a/Documentation/vfio-mediated-device.txt 
> >> b/Documentation/vfio-mediated-device.txt
> >> index c3f69bcaf96e..bc28471c0667 100644
> >> --- a/Documentation/vfio-mediated-device.txt
> >> +++ b/Documentation/vfio-mediated-device.txt
> >> @@ -202,6 +202,7 @@ Directories and files under the sysfs for Each 
> >> Physical Device
> >>   | |   |--- available_instances
> >>   | |   |--- device_api
> >>   | |   |--- description
> >> +  | |   |--- version
> >>   | |   |--- [devices]
> >>   | |--- []
> >>   | |   |--- create
> >> @@ -209,6 +210,7 @@ Directories and files under the sysfs for Each 
> >> Physical Device
> >>   | |   |--- available_instances
> >>   | |   |--- device_api
> >>   | |   |--- 

Re: [Qemu-devel] [PATCH 1/2] vfio/mdev: add version field as mandatory attribute for mdev device

[Yan Zhao]

On Wed, Apr 24, 2019 at 10:14:50PM +0800, Alex Williamson wrote:
> On Tue, 23 Apr 2019 23:39:34 -0400
> Yan Zhao  wrote:
> 
> > On Tue, Apr 23, 2019 at 11:02:56PM +0800, Alex Williamson wrote:
> > > On Tue, 23 Apr 2019 01:41:57 -0400
> > > Yan Zhao  wrote:
> > >   
> > > > On Tue, Apr 23, 2019 at 09:21:00AM +0800, Alex Williamson wrote:  
> > > > > On Mon, 22 Apr 2019 21:01:52 -0400
> > > > > Yan Zhao  wrote:
> > > > >  
> > > > > > On Mon, Apr 22, 2019 at 10:39:50PM +0800, Alex Williamson wrote:  
> > > > > > > On Fri, 19 Apr 2019 04:35:04 -0400
> > > > > > > Yan Zhao  wrote:
> > > > > > >  
> > > > > > > > device version attribute in mdev sysfs is used by user space 
> > > > > > > > software
> > > > > > > > (e.g. libvirt) to query device compatibility for live migration 
> > > > > > > > of VFIO
> > > > > > > > mdev devices. This attribute is mandatory if a mdev device 
> > > > > > > > supports live
> > > > > > > > migration.  
> > > > > > >
> > > > > > > The Subject: doesn't quite match what's being proposed here.
> > > > > > >  
> > > > > > > > It consists of two parts: common part and vendor proprietary 
> > > > > > > > part.
> > > > > > > > common part: 32 bit. lower 16 bits is vendor id and higher 16 
> > > > > > > > bits
> > > > > > > >  identifies device type. e.g., for pci device, it is
> > > > > > > >  "pci vendor id" | (VFIO_DEVICE_FLAGS_PCI << 16).  
> > > > > > >
> > > > > > > What purpose does this serve?  If it's intended as some sort of
> > > > > > > namespace feature, shouldn't we first assume that we can only 
> > > > > > > support
> > > > > > > migration to devices of the same type?  Therefore each type would
> > > > > > > already have its own namespace.  Also that would make the 
> > > > > > > trailing bit
> > > > > > > of the version string listed below in the example redundant.  A 
> > > > > > > vendor
> > > > > > > is still welcome to include this in their version string if they 
> > > > > > > wish,
> > > > > > > but I think the string should be entirely vendor defined.
> > > > > > >  
> > > > > > hi Alex,
> > > > > > This common part is a kind of namespace.
> > > > > > Because if version string is entirely defined by vendors, I'm 
> > > > > > worried about
> > > > > > if there is a case that one vendor's version string happens to 
> > > > > > deceive and
> > > > > > interfere with another vendor's version checking?
> > > > > > e.g.
> > > > > > vendor A has a version string like: vendor id + device id + mdev 
> > > > > > type
> > > > > > vendor B has a version string like: device id + vendor id + mdev 
> > > > > > type
> > > > > > but vendor A's vendor id is 0x8086, device id is 0x1217
> > > > > > vendor B's vendor id is 0x1217, device id is 0x8086.
> > > > > >
> > > > > > In this corner case, the two vendors may regard the two device is
> > > > > > migratable but actually they are not.
> > > > > >
> > > > > > That's the reason for this common part that serve as a kind of 
> > > > > > namespace
> > > > > > that all vendors will comply with to avoid overlap.  
> > > > >
> > > > > If we assume that migration can only occur between matching mdev 
> > > > > types,
> > > > > this is redundant, each type already has their own namespace.
> > > > >  
> > > > hi Alex,
> > > > do you mean user space software like libvirt needs to first check 
> > > > whether
> > > > mdev type is matching and then check whether version is matching?  
> > > 
> > > Yes.
> > >  
> > may I know the drawback of defining the this common part?
> > common part: 32 bit. lower 16 bits is vendor id and higher 16 bits
> >  identifies device type. e.g., for pci device, it is
> >  "pci vendor id" | (VFIO_DEVICE_FLAGS_PCI << 16).
> > By doing so, user space software has no need to first check whether mdev 
> > type
> > is matching.  A confident vendor driver can even allow devices migrating
> > between different mdev types.
> 
> 
> It's not practical to expect userspace to test the version of every
> mdev type in the system to determine a match, let alone across a data
> center.  Additionally, in order to be migration compatible the mdev
> types must be software compatible to the VM, which is the basic
> definition of the differences between mdev types.  Therefore let me
> flip the question around, why would a vendor driver choose to create a
> new mdev type for software compatible devices?  If the vendor wants to
> maintain compatibility, indicate basic compatibility using the same
> mdev type.  The original intention of the version attribute is to be
> entirely opaque to userspace, introducing "common" parts is unnecessary
> as above, degrades the original concept, and only defines a solution for
> PCI devices. Thanks,
> 
ok. Got it. Thanks for explanation.
I'll remove this common part in next revision.


> 
> > > > if user space software only checks version for migration, it means 
> > > > vendor
> > > > driver has to include mdev type in their vendor proprietary part 

Re: [Qemu-devel] Booting from a Bootcamp partition

[Programmingkid]

> On Apr 15, 2019, at 2:35 PM, John Snow  wrote:
> 
> 
> 
> On 4/15/19 6:23 AM, Programmingkid wrote:
>> 
>>> On Apr 15, 2019, at 5:54 AM, Stefan Hajnoczi  wrote:
>>> 
>>> On Sun, Apr 14, 2019 at 07:33:17PM -0400, Programmingkid wrote:
 Hi I was wondering if anyone has been able to boot from a bootcamp 
 partition inside of QEMU. I know this partition can be used in QEMU but my 
 own attempts at booting Windows 7 on my bootcamp partition did not work. I 
 always see "A disk read error occurred". Has anyone else been successful 
 at this? 
>>> 
>>> Hi,
>>> It's difficult to help without more information:
>>> 1. What is your QEMU command-line?
>> 
>> sudo qemu-system-x86_64 -name "Windows 7" -hda "/dev/disk0s4" -boot "c" -m 
>> 3000 
>> 
>>> 2. What is the partition table on the disk?
>> 
>> The bootcamp partition is this: /dev/disk0s4
>> 
> 
> (Are you trying to boot a partition as an entire block device ...?)

I am trying to boot a partition.

> 
>>> General problems with booting Windows are usually caused by a guest
>>> configuration that doesn't match the hardware configuration that Windows
>>> was installed under.  Can you check that the AHCI bus address of the
>>> disk and partition numbering matches what Windows expected?
>> 
>> How would someone do this?
>> 
>>> It may also be useful to enable tracing (see docs/devel/tracing.txt) to
>>> see what the ahci_* trace event log says.  I have CCed John Snow, one of
>>> the few people who can read this log :).
>> 
>> I'm guessing you believe the problem is the partition can't be read in QEMU. 
>> I know for sure it can. I attached this partition to another QEMU VM and was 
>> able to see it on the Desktop. 
>> 
> 
> Well, we don't know what the problem is. From the command line above it
> looks like it'd be using the legacy IDE emulation instead of the newer
> SATA emulation, though. I'd wager that the Windows boot loader here is
> not expecting to use IDE.
> 
> "disk read error" could mean a lot of things from the POV of a guest,
> but having disk emulation tracing would show us what the guest is trying
> to do, at least.

How do I enable this tracing?

> 
>> My guess is the computer is using an EFI firmware and QEMU uses the 
>> traditional BIOS firmware (SeaBIOS).  So I think trying UEFI in QEMU might 
>> work.
>> 
> 
> Try using -M q35 which will engage SATA and AHCI emulation, and try
> using UEFI, yes.

I tried using a OVMF firmware file I found online. It will not work when I use 
"-M accel=hvf --cpu host". The screen just stays small and black instead of a 
screen with the firmware info. This test was done with git revision 
3284aa128153750f14a61e8a96fd085e6f2999b6 of QEMU. 

The only way to make the OVMF work is to not use the accelerator: 
sudo qemu-system-x86_64 -name "Windows 7" -boot "c" -m 4000 -pflash OVMF.fd 

I did have success with booting a Windows 7 HD image file and was able to view 
the bootcamp partition as another drive. I used seaBIOS instead of OVMF. 
Windows 7 did crash a lot. The error was always DRIVER_IRQL_NOT_LESS_OR_EQUAL. 
I also saw this error printed by QEMU: Unimplemented handler (f80002705050) 
for 0 (f c3)

This is the command-line I was using: 
sudo qemu-system-x86_64 -name "Windows 7" -hda "Windows 7 HD.qcow2" -hdb 
"/dev/disk0s4" -boot "c" -netdev user,id=mynet0 -device rtl8139,netdev=mynet0 
-m 4000 -usb -device usb-audio -M accel=hvf --cpu host 

I just realized that the Bootcamp partition is formatted as NTFS. This is 
probably why it does not work with SeaBIOS. Thank you everyone who tried to 
help.

Re: [Qemu-devel] [PATCH] target/riscv: Expose time CSRs when allowed by [m|s]counteren

[Jonathan Behrens]

No, I've still been meaning to send it. After thinking about this some more
I realized that it didn't actually make sense for the CLINT to decide the
timer frequency and that it should instead be a property of the board
itself. I got a bit sidetracked in the process of making those changes, but
I should have a new version out in the next few days.

On Thu, Apr 25, 2019 at 5:44 PM Palmer Dabbelt  wrote:

> On Fri, 19 Apr 2019 16:05:35 PDT (-0700), alistai...@gmail.com wrote:
> > On Mon, Apr 15, 2019 at 5:46 PM Jonathan Behrens 
> wrote:
> >>
> >> For any chip that has a CLINT, we want the frequency of the time
> register and the frequency of the CLINT to match. That frequency,
> SIFIVE_CLINT_TIMEBASE_FREQ (=10MHz) is currently defined in
> hw/riscv/sifive_clint.h and so isn't visible to target/riscv/cpu.c where
> the CPURISCVState is first created. Instead, I first initialize the
> frequency to a reasonable default (1GHz) and then let the CLINT override
> the value if one is attached. Phrased differently, the values produced by
> the `sifive_clint.c: cpu_riscv_read_rtc()` and `csr.c: read_time()` must
> match, and this is one way of doing that.
> >
> > Ah that seems fine. Can you add a comment in the code to indicate that
> > it will be overwritten later?
>
> I don't see a v2, did I miss something?
>
> >
> > Alistair
> >
> >>
> >> I'd be open to other suggestions.
> >>
> >> Jonathan
> >>
> >> On Mon, Apr 15, 2019 at 8:23 PM Alistair Francis 
> wrote:
> >>>
> >>> On Fri, Apr 12, 2019 at 12:04 PM Jonathan Behrens 
> wrote:
> >>> >
> >>> > Currently mcounteren.TM acts as though it is hardwired to zero, even
> though
> >>> > QEMU
> >>> > allows it to be set. This change resolves the issue by allowing
> reads to the
> >>> > time and timeh control registers when running in a privileged mode
> where
> >>> > such
> >>> > accesses are allowed.
> >>> >
> >>> > Signed-off-by: Jonathan Behrens 
> >>> > ---
> >>> >  hw/riscv/sifive_clint.c |  1 +
> >>> >  target/riscv/cpu.c  | 14 ++
> >>> >  target/riscv/cpu.h  |  2 ++
> >>> >  target/riscv/csr.c  | 17 +++--
> >>> >  4 files changed, 28 insertions(+), 6 deletions(-)
> >>> >
> >>> > diff --git a/hw/riscv/sifive_clint.c b/hw/riscv/sifive_clint.c
> >>> > index d4c159e937..3ad4fe6139 100644
> >>> > --- a/hw/riscv/sifive_clint.c
> >>> > +++ b/hw/riscv/sifive_clint.c
> >>> > @@ -237,6 +237,7 @@ DeviceState *sifive_clint_create(hwaddr addr,
> hwaddr
> >>> > size, uint32_t num_harts,
> >>> >  env->timer = timer_new_ns(QEMU_CLOCK_VIRTUAL,
> >>> >_clint_timer_cb, cpu);
> >>> >  env->timecmp = 0;
> >>> > +env->time_freq = SIFIVE_CLINT_TIMEBASE_FREQ;
> >>>
> >>> Why do you need to set this here?
> >>>
> >>> Alistair
> >>>
> >>> >  }
> >>> >
> >>> >  DeviceState *dev = qdev_create(NULL, TYPE_SIFIVE_CLINT);
> >>> > diff --git a/target/riscv/cpu.c b/target/riscv/cpu.c
> >>> > index d61bce6d55..ff17d54691 100644
> >>> > --- a/target/riscv/cpu.c
> >>> > +++ b/target/riscv/cpu.c
> >>> > @@ -103,12 +103,20 @@ static void set_resetvec(CPURISCVState *env,
> int
> >>> > resetvec)
> >>> >  #endif
> >>> >  }
> >>> >
> >>> > +static void set_time_freq(CPURISCVState *env, uint64_t freq)
> >>> > +{
> >>> > +#ifndef CONFIG_USER_ONLY
> >>> > +env->time_freq = freq;
> >>> > +#endif
> >>> > +}
> >>> > +
> >>> >  static void riscv_any_cpu_init(Object *obj)
> >>> >  {
> >>> >  CPURISCVState *env = _CPU(obj)->env;
> >>> >  set_misa(env, RVXLEN | RVI | RVM | RVA | RVF | RVD | RVC | RVU);
> >>> >  set_versions(env, USER_VERSION_2_02_0, PRIV_VERSION_1_10_0);
> >>> >  set_resetvec(env, DEFAULT_RSTVEC);
> >>> > +set_time_freq(env, NANOSECONDS_PER_SECOND);
> >>> >  }
> >>> >
> >>> >  #if defined(TARGET_RISCV32)
> >>> > @@ -121,6 +129,7 @@ static void rv32gcsu_priv1_09_1_cpu_init(Object
> *obj)
> >>> >  set_resetvec(env, DEFAULT_RSTVEC);
> >>> >  set_feature(env, RISCV_FEATURE_MMU);
> >>> >  set_feature(env, RISCV_FEATURE_PMP);
> >>> > +set_time_freq(env, NANOSECONDS_PER_SECOND);
> >>> >  }
> >>> >
> >>> >  static void rv32gcsu_priv1_10_0_cpu_init(Object *obj)
> >>> > @@ -131,6 +140,7 @@ static void rv32gcsu_priv1_10_0_cpu_init(Object
> *obj)
> >>> >  set_resetvec(env, DEFAULT_RSTVEC);
> >>> >  set_feature(env, RISCV_FEATURE_MMU);
> >>> >  set_feature(env, RISCV_FEATURE_PMP);
> >>> > +set_time_freq(env, NANOSECONDS_PER_SECOND);
> >>> >  }
> >>> >
> >>> >  static void rv32imacu_nommu_cpu_init(Object *obj)
> >>> > @@ -140,6 +150,7 @@ static void rv32imacu_nommu_cpu_init(Object *obj)
> >>> >  set_versions(env, USER_VERSION_2_02_0, PRIV_VERSION_1_10_0);
> >>> >  set_resetvec(env, DEFAULT_RSTVEC);
> >>> >  set_feature(env, RISCV_FEATURE_PMP);
> >>> > +set_time_freq(env, NANOSECONDS_PER_SECOND);
> >>> >  }
> >>> >
> >>> >  #elif defined(TARGET_RISCV64)
> >>> > @@ -152,6 +163,7 @@ static void rv64gcsu_priv1_09_1_cpu_init(Object
> *obj)
> >>> > 

Re: [Qemu-devel] [PATCH 2/4] migration/savevm: use migration_is_blocked to validate

[Wei Yang]

On Thu, Apr 25, 2019 at 05:55:15PM -0300, Daniel Henrique Barboza wrote:
>
>
>On 4/23/19 9:46 PM, Wei Yang wrote:
>> migration_is_blocked() is used in migrate_prepare() and
>> save_snapshot(), this is more proper to use this instead of
>> qemu_savevm_state_blocked() in qemu_loadvm_state().
>
>
>migration_is_blocked() does an additional verification:
>
>"if (migration_blockers)"
>
>comparing to what was previously done in qemu_loadvm_state.
>
>I've checked what migration_blockers does and it is a GList used
>for callers to block the migration process. This is used via
>'migration_add_blocker', from migration.c.
>
>'migration_add_blocker' is called all over the place, most notably
>in  _realize() functions  and _open() functions from block.
>
>Thus, I am not sure if this change will impact the use of
>qemu_loadvm_state() from load_snapshot() (i.e. can load_snapshot
>be called with migration_blockers?). It's better to someone
>with a better understanding of this code to comment on that.
>

Well, when you look into the source side of migration:

qmp_migrate
  migrate_prepare
migration_is_blocked

This means if migration_is_blocked fails, the source will not start migration.
And it is the same as save_snapshot.

>From my understanding, when we load a vm, it should check the same
requirement.

-- 
Wei Yang
Help you, Help me

Re: [Qemu-devel] [PATCH 1/4] migration/savevm: remove duplicate check of migration_is_blocked

[Wei Yang]

On Thu, Apr 25, 2019 at 04:20:57PM -0300, Daniel Henrique Barboza wrote:
>
>
>On 4/23/19 9:46 PM, Wei Yang wrote:
>> Current call flow of save_snapshot is:
>> 
>>save_snapshot
>>  migration_is_blocked
>>qemu_savevm_state
>>  migration_is_blocked
>> 
>> Since qemu_savevm_state is only called in save_snapshot, this means
>> migration_is_blocked has been already checked.
>
>I think it would be a nice touch to add a comment in qemu_savevm_state,
>saying that the function must be called with migration_is_blocked()
>context. Just in case someone else in the future ends up re-using the
>function.
>

That's reasonable, let me add a comment for qemu_savevm_state().

>
>Other than that, +1 for less code duplication.
>
>
>Reviewed-by: Daniel Henrique Barboza 
>
>
>
>
>> 
>> Signed-off-by: Wei Yang 
>> ---
>>   migration/savevm.c | 4 
>>   1 file changed, 4 deletions(-)
>> 
>> diff --git a/migration/savevm.c b/migration/savevm.c
>> index 92af2471cd..2eea604624 100644
>> --- a/migration/savevm.c
>> +++ b/migration/savevm.c
>> @@ -1412,10 +1412,6 @@ static int qemu_savevm_state(QEMUFile *f, Error 
>> **errp)
>>   return -EINVAL;
>>   }
>> -if (migration_is_blocked(errp)) {
>> -return -EINVAL;
>> -}
>> -
>>   if (migrate_use_block()) {
>>   error_setg(errp, "Block migration and snapshots are incompatible");
>>   return -EINVAL;

-- 
Wei Yang
Help you, Help me

[Qemu-devel] [PATCH v15 0/2] support MAP_SYNC for memory-backend-file

[Wei Yang]

Linux 4.15 introduces a new mmap flag MAP_SYNC, which can be used to
guarantee the write persistence to mmap'ed files supporting DAX (e.g.,
files on ext4/xfs file system mounted with '-o dax').

A description of MAP_SYNC and MAP_SHARED_VALIDATE can be found at
https://patchwork.kernel.org/patch/10028151/

In order to make sure that the file metadata is in sync after a fault 
while we are writing a shared DAX supporting backend files, this
patch-set enables QEMU to use MAP_SYNC flag for memory-backend-dax-file.

As the DAX vs DMA truncated issue was solved, we refined the code and
send out this feature for the v5 version.

We will pass MAP_SYNC to mmap(2); if MAP_SYNC is supported and
'share=on' & 'pmem=on'. 
Or QEMU will not pass this flag to mmap(2)

Test with below cases:
1. pmem=on is set, shared=on is set, MAP_SYNC supported:
   a: backend is a dax supporting file.
   1) start VM1 with options:
   -object 
memory-backend-file,id=nv_be4,share,mem-path=${DAX_FILE_1},size=${DAX_FILE_SIZE_1},align=128M,pmem=on,share=on
   -device nvdimm,id=nv4,memdev=nv_be4,label-size=2M.
   
   2) start VM2 with options:
   -object 
memory-backend-file,id=nv_be4,share,mem-path=${DAX_FILE_2,size=${DAX_FILE_SIZE_2},align=128M,pmem=on,share=on
   -device nvdimm,id=nv4,memdev=nv_be4,label-size=2M.

   3) live migrate from VM1 to VM2.
   
   4) Suddenly let Host crash or power failure.

   5) check DAX_FILE_1 and DAX_FILE_2, no corrupt.

   b: backend is a regular file.
   1) start with options
   -object 
memory-backend-file,id=nv_be4,share,mem-path=${REG_FILE},size=${REG_FILE_SIZE},align=128M,pmem=on,share=on
   -device nvdimm,id=nv4,memdev=nv_be4,label-size=2M.

   will warning "failed to validate with mapping flags: Operation not supported"
   FILE_1 and FILE_2 random corrupt.

2. Other cases:
   FILE_1 and FILE_2 random corrupt.

Changes in V15:
 * 1/2 fix compile issue on pre-linux 4.15
 * remove silently

Changes in V14:
 * 1/2 rebase on top of current upstream and tested

Changes in V13:
 * 4/5 Micheal: move the inlcude to mmap_alloc.c.
 * 4/5 Micheal: refine the warning message.
 * 5/5 Micheal: refine the Documentations.

Changes in V12:
 * 2/5: Micheal: Update update-linux-headers.sh
 * 3/5: Micheal: Use script update add linux/mman.h
 * 4/5: Pankaj,Micheal: 1) fallback to mmap without
MAP_SYNC & MAP_SHARED_VALIDATE if sync not supported or failed
2) Replace the include with 3/5 added linux/mman.h
 * 5/5: Micheal: Refine the Documentations.

Changes in V11:
 * 1/3: Micheal: Change to just add a bool is_pmem in qemu_ram_mmap.
 * 2/3: Micheal: Fix the compatibility for old kernel.
 * 2/3&3/3: Micheal :Update the behavior below: 
   Waning at no-dax and continue without MAP_SYNC.
   Test if fails again for compatibility, then remove the MAP_VALIDATE and
   silently proceed.

Changes in V10:
 * 4/4: refine the document.
 * 3/4: Reviewed-by: Stefano Garzarella 
 * 2/4: refine the commit message, Added MAP_SHARED_VALIDATE.
 * 2/4: Fix the wrong include header

Changes in V9:
 * 1/6: Reviewed-by: Eduardo Habkost 
 * 2/6: New Added: Micheal: use sparse feature define RAM_FLAG. 
 since I don't have much knowledge about the sparse feature, @Micheal Could you 
 add some documentation/commit message on this patch? Thank you very much.
 * 3/6: from 2/5: Eduardo: updated the commit message. 
 * 4/6: from 3/5: Micheal: don't ignore MAP_SYNC failures silently.
 * 5/6: from 4/5: Eduardo: updated the commit message.
 * 6/6: from 5/5: Micheal: Drop the sync option, document the MAP_SYNC.

Changes in v8:
 * Micheal: 3/5, remove the duplicated define in the os_dep.h
 * Micheal: 2/5, make type define safety.
 * Micheal: 2/5, fixed the incorrect define MAP_SHARE on qemu_anon_ram_alloc.
 * 4/6 removed, we remove the on/off/auto define of sync,  as by now,
   MAP_SYNC only worked with pmem=on.
 * @Micheal, I still reuse the RAM_SYNC flag, it is much straightforward to 
parse 
   all the flags in one parameter.

Changes in v7:
 * Micheal: [3,4,6]/6 limited the "sync" flag only on a nvdimm backend.(pmem=on)

Changes in v6:
 * Pankaj: 3/7 are squashed with 2/7
 * Pankaj: 7/7 update comments to "consistent filesystem metadata".
 * Pankaj, Igor: 1/7 Added Reviewed-by in patch-1/7
 * Stefan, 4/7 move the include header from "/linux/mman.h" to "osdep.h"
 * Stefan, 5/7 Add missing "munmap"
 * Stefan, 2/7 refine the shared/flag.

Changes in v5:
 * Add patch 1 to fix a memory leak issue.
 * Refine the patch 4-6
 * Remove the patch 3 as we already change the parameter from "shared" to
   "flags"

Changes in v4:
 * Add patch 1-3 to switch some functions to a single 'flags'
   parameters. (Michael S. Tsirkin)
 * v3 patch 1-3 become v4 patch 4-6.
 * Patch 4: move definitions of MAP_SYNC and MAP_SHARED_VALIDATE to a
   new header file under include/standard-headers/linux/. (Michael S. Tsirkin)
 * Patch 6: refine the description of the 'sync' option. (Michael S. Tsirkin)

Changes in v3:
 * Patch 1: add MAP_SHARED_VALIDATE in both 

[Qemu-devel] [PATCH v15 1/2] util/mmap-alloc: support MAP_SYNC in qemu_ram_mmap()

[Wei Yang]

From: Zhang Yi 

When a file supporting DAX is used as vNVDIMM backend, mmap it with
MAP_SYNC flag in addition which can ensure file system metadata
synced in each guest writes to the backend file, without other QEMU
actions (e.g., periodic fsync() by QEMU).

Current, We have below different possible use cases:

1. pmem=on is set, shared=on is set, MAP_SYNC supported:
   a: backend is a dax supporting file.
- MAP_SYNC will active.
   b: backend is not a dax supporting file.
- mmap will trigger a warning. then MAP_SYNC flag will be ignored

2. The rest of cases:
   - we will never pass the MAP_SYNC to mmap2

Signed-off-by: Haozhong Zhang 
Signed-off-by: Zhang Yi 
[ehabkost: Rebased patch to latest code on master]
Signed-off-by: Eduardo Habkost 
Signed-off-by: Wei Yang 
Tested-by: Wei Yang 
Reviewed-by: Stefan Hajnoczi 

---
v15: fix compile issue on pre-linux4.15
v14: rebase on top of current upstream
---
 util/mmap-alloc.c | 45 -
 1 file changed, 44 insertions(+), 1 deletion(-)

diff --git a/util/mmap-alloc.c b/util/mmap-alloc.c
index 9713f4b960..b8f94d618a 100644
--- a/util/mmap-alloc.c
+++ b/util/mmap-alloc.c
@@ -10,6 +10,17 @@
  * later.  See the COPYING file in the top-level directory.
  */
 
+#ifdef CONFIG_LINUX
+#include 
+#endif /* CONFIG_LINUX */
+
+#ifndef MAP_SYNC
+#define MAP_SYNC 0
+#endif
+#ifndef MAP_SHARED_VALIDATE
+#define MAP_SHARED_VALIDATE 0
+#endif
+
 #include "qemu/osdep.h"
 #include "qemu/mmap-alloc.h"
 #include "qemu/host-utils.h"
@@ -82,6 +93,7 @@ void *qemu_ram_mmap(int fd,
 bool is_pmem)
 {
 int flags;
+int map_sync_flags = 0;
 int guardfd;
 size_t offset;
 size_t pagesize;
@@ -132,9 +144,40 @@ void *qemu_ram_mmap(int fd,
 flags = MAP_FIXED;
 flags |= fd == -1 ? MAP_ANONYMOUS : 0;
 flags |= shared ? MAP_SHARED : MAP_PRIVATE;
+if (shared && is_pmem) {
+map_sync_flags = MAP_SYNC | MAP_SHARED_VALIDATE;
+}
+
 offset = QEMU_ALIGN_UP((uintptr_t)guardptr, align) - (uintptr_t)guardptr;
 
-ptr = mmap(guardptr + offset, size, PROT_READ | PROT_WRITE, flags, fd, 0);
+ptr = mmap(guardptr + offset, size, PROT_READ | PROT_WRITE,
+   flags | map_sync_flags, fd, 0);
+
+if (ptr == MAP_FAILED && map_sync_flags) {
+if (errno == ENOTSUP) {
+char *proc_link, *file_name;
+int len;
+proc_link = g_strdup_printf("/proc/self/fd/%d", fd);
+file_name = g_malloc0(PATH_MAX);
+len = readlink(proc_link, file_name, PATH_MAX - 1);
+if (len < 0) {
+len = 0;
+}
+file_name[len] = '\0';
+fprintf(stderr, "Warning: requesting persistence across crashes "
+"for backend file %s failed. Proceeding without "
+"persistence, data might become corrupted in case of host "
+"crash.\n", file_name);
+g_free(proc_link);
+g_free(file_name);
+}
+/*
+ * if map failed with MAP_SHARED_VALIDATE | MAP_SYNC,
+ * we will remove these flags to handle compatibility.
+ */
+ptr = mmap(guardptr + offset, size, PROT_READ | PROT_WRITE,
+   flags, fd, 0);
+}
 
 if (ptr == MAP_FAILED) {
 munmap(guardptr, total);
-- 
2.19.1

[Qemu-devel] [PATCH v15 2/2] docs: Added MAP_SYNC documentation

[Wei Yang]

From: Zhang Yi 

Signed-off-by: Zhang Yi 
Signed-off-by: Wei Yang 
Reviewed-by: Stefan Hajnoczi 
Reviewed-by: Pankaj Gupta 
Reviewed-by: Michael S. Tsirkin 
---
 docs/nvdimm.txt | 22 +++---
 qemu-options.hx |  5 +
 2 files changed, 24 insertions(+), 3 deletions(-)

diff --git a/docs/nvdimm.txt b/docs/nvdimm.txt
index 7231c2d78f..b531cacd35 100644
--- a/docs/nvdimm.txt
+++ b/docs/nvdimm.txt
@@ -144,9 +144,25 @@ Guest Data Persistence
 --
 
 Though QEMU supports multiple types of vNVDIMM backends on Linux,
-currently the only one that can guarantee the guest write persistence
-is the device DAX on the real NVDIMM device (e.g., /dev/dax0.0), to
-which all guest access do not involve any host-side kernel cache.
+the only backend that can guarantee the guest write persistence is:
+
+A. DAX device (e.g., /dev/dax0.0, ) or
+B. DAX file(mounted with dax option)
+
+When using B (A file supporting direct mapping of persistent memory)
+as a backend, write persistence is guaranteed if the host kernel has
+support for the MAP_SYNC flag in the mmap system call (available
+since Linux 4.15 and on certain distro kernels) and additionally
+both 'pmem' and 'share' flags are set to 'on' on the backend.
+
+If these conditions are not satisfied i.e. if either 'pmem' or 'share'
+are not set, if the backend file does not support DAX or if MAP_SYNC
+is not supported by the host kernel, write persistence is not
+guaranteed after a system crash. For compatibility reasons, these
+conditions are ignored if not satisfied. Currently, no way is
+provided to test for them.
+For more details, please reference mmap(2) man page:
+http://man7.org/linux/man-pages/man2/mmap.2.html.
 
 When using other types of backends, it's suggested to set 'unarmed'
 option of '-device nvdimm' to 'on', which sets the unarmed flag of the
diff --git a/qemu-options.hx b/qemu-options.hx
index 08749a3391..bdc74c0620 100644
--- a/qemu-options.hx
+++ b/qemu-options.hx
@@ -4233,6 +4233,11 @@ using the SNIA NVM programming model (e.g. Intel NVDIMM).
 If @option{pmem} is set to 'on', QEMU will take necessary operations to
 guarantee the persistence of its own writes to @option{mem-path}
 (e.g. in vNVDIMM label emulation and live migration).
+Also, we will map the backend-file with MAP_SYNC flag, which ensures the
+file metadata is in sync for @option{mem-path} in case of host crash
+or a power failure. MAP_SYNC requires support from both the host kernel
+(since Linux kernel 4.15) and the filesystem of @option{mem-path} mounted
+with DAX option.
 
 @item -object 
memory-backend-ram,id=@var{id},merge=@var{on|off},dump=@var{on|off},share=@var{on|off},prealloc=@var{on|off},size=@var{size},host-nodes=@var{host-nodes},policy=@var{default|preferred|bind|interleave}
 
-- 
2.19.1

Re: [Qemu-devel] [PATCH for-QEMU-4.1 v5 00/29] Kconfig dependencies for ARM machines

[Philippe Mathieu-Daudé]

Hi Thomas,

On 4/18/19 8:00 PM, Thomas Huth wrote:
> This series reworks the default-configs/arm-softmmu.mak and
> default-configs/aarch64-softmmu.mak files to use the new Kconfig-style
> dependencies instead.
> 
> Some of the patches are slightly based on the work by Ákos Kovács:
> 
>  https://lists.nongnu.org/archive/html/qemu-devel/2013-08/msg03730.html
> 
> The other patches have been created by looking at the sources and finding
> out the dependencies the hard way via trial-and-error (i.e. by enabling
> only one machine at a time and checking whether it can be compiled and
> started).
> 
> v5:
>  - Rebased the series to the current master branch
>  - Added "hw/usb/hcd-ohci: Move PCI-related code into a separate file"
>patch and got rid of unneeded dependencies to CONFIG_PCI in the
>ARM machines that do not have a PCI bus
> 
> v4:
>  - Rebased the series to Paolo's latest kconfig tree
> 
> v3:
>  - Addressed review feedback from v2
>  - Included patches to clean up the PCI dependencies of AHCI and SDHCI
>(so CONFIG_AHCI and CONFIG_SDHCI do not depend on CONFIG_PCI anymore)
>  - Added an additional patch for the new "musca" machines
> 
> v2: Adressed review-feedback from v1
>  - CONFIG_SDHCI and CONFIG_AHCI now select CONFIG_PCI
>  - Added switches for MICROBIT and EMCRAFT_SF2
> 
> Thomas Huth (29):
>   hw/pci/pci-stub: Add msi_enabled() and msi_notify() to the pci stubs
>   hw/ide/ahci: Add a Kconfig switch for the AHDI-ICH9 device
>   hw/usb/hcd-ohci: Move PCI-related code into a separate file
>   hw/arm: Express dependencies of the exynos machines with Kconfig
>   hw/arm: Express dependencies of the highbank machines with Kconfig
>   hw/arm: Express dependencies of integratorcp with Kconfig
>   hw/arm: Express dependencies of the fsl-imx31 machine with Kconfig
>   hw/arm: Express dependencies of musicpal with Kconfig
>   hw/arm: Express dependencies of the OMAP machines with Kconfig
>   hw/arm: Express dependencies of stellaris with Kconfig
>   hw/arm: Express dependencies of realview, versatile and vexpress with
> Kconfig
>   hw/arm: Express dependencies of the PXA2xx machines with Kconfig
>   hw/arm: Express dependencies of xilinx-zynq with Kconfig
>   hw/arm: Express dependencies of collie with Kconfig
>   hw/arm: Express dependencies of the aspeed boards with Kconfig
>   hw/arm: Express dependencies of the virt machine with Kconfig
>   hw/arm: Express dependencies of netduino / stm32f2xx with Kconfig
>   hw/arm: Express dependencies of allwinner / cubieboard with Kconfig
>   hw/arm: Express dependencies of the MPS2 boards with Kconfig
>   hw/arm: Express dependencies of the raspi machines with Kconfig
>   hw/arm: Express dependencies of canon-a1100 with Kconfig
>   hw/arm: Express dependencies of sabrelite with Kconfig
>   hw/arm: Express dependencies of the MSF2 / EMCRAFT_SF2 machine with
> Kconfig
>   hw/arm: Express dependencies for remaining IMX boards with Kconfig
>   hw/arm: Express dependencies of the microbit / nrf51 machine with
> Kconfig
>   hw/arm: Express dependencies of the ZynqMP zcu102 machine with Kconfig
>   hw/arm: Express dependencies of the xlnx-versal-virt machine with
> Kconfig
>   hw/arm: Express dependencies of the musca machines with Kconfig
>   hw/arm: Remove hard-enablement of the remaining PCI devices

I tested each machines of your series.
I replaced patch #3 "hw/usb/hcd-ohci: Move PCI-related code into a
separate file" by your more recent series "Fix ohci_die() and move PCI
code to separate file",
https://lists.gnu.org/archive/html/qemu-devel/2019-04/msg03344.html

So for all patches except 3/29:
Tested-by: Philippe Mathieu-Daudé 
(well, I also tested it, but expect you to use the splitted respin)

Regards,

Phil.

Re: [Qemu-devel] [PATCH] ati-vga: Fix check for blt outside vram

[BALATON Zoltan]

On Sun, 14 Apr 2019, BALATON Zoltan wrote:

On Tue, 9 Apr 2019, Philippe Mathieu-Daudé wrote:

This patch looks 4.0 worthwhile.


Now that it seems we'll have another rc, will this get in? Gerd, I think you 
have to send a pull request with it for that.


Ping? This has missed two rc-s. This prevents a crash so you might want to 
queue it for stable as well now.


Regards,
BALATON Zoltan




On 4/9/19 12:56 PM, BALATON Zoltan wrote:

Fix the check preventing calling pixman functions that would access
memory outside allocated vram. The r128 X driver sometimes seem to try
blits that span outside vram, this check prevents crashing QEMU in
that case. (The r128 X driver may have problems even on real hardware
so I'm not sure if it's a client bug or emulation problem but at least
QEMU should survive.)

Signed-off-by: BALATON Zoltan 
Tested-by: Andrew Randrianasulu 
---
 hw/display/ati_2d.c | 12 ++--
 1 file changed, 6 insertions(+), 6 deletions(-)

diff --git a/hw/display/ati_2d.c b/hw/display/ati_2d.c
index bc98ba6eeb..fe3ae14864 100644
--- a/hw/display/ati_2d.c
+++ b/hw/display/ati_2d.c
@@ -79,10 +79,10 @@ void ati_2d_blt(ATIVGAState *s)
 s->regs.dst_width, s->regs.dst_height);
 end = s->vga.vram_ptr + s->vga.vram_size;
 if (src_bits >= end || dst_bits >= end ||
-src_bits + (s->regs.src_y + s->regs.dst_height) * src_stride 
+

-s->regs.src_x >= end ||
-dst_bits + (s->regs.dst_y + s->regs.dst_height) * dst_stride 
+

-s->regs.dst_x >= end) {
+src_bits + s->regs.src_x + (s->regs.src_y + 
s->regs.dst_height) *

+src_stride * sizeof(uint32_t) >= end ||
+dst_bits + s->regs.dst_x + (s->regs.dst_y + 
s->regs.dst_height) *

+dst_stride * sizeof(uint32_t) >= end) {
 qemu_log_mask(LOG_UNIMP, "blt outside vram not 
implemented\n");

 return;
 }
@@ -140,8 +140,8 @@ void ati_2d_blt(ATIVGAState *s)
 filler);
 end = s->vga.vram_ptr + s->vga.vram_size;
 if (dst_bits >= end ||
-dst_bits + (s->regs.dst_y + s->regs.dst_height) * dst_stride 
+

-s->regs.dst_x >= end) {
+dst_bits + s->regs.dst_x + (s->regs.dst_y + 
s->regs.dst_height) *

+dst_stride * sizeof(uint32_t) >= end) {
 qemu_log_mask(LOG_UNIMP, "blt outside vram not 
implemented\n");

 return;
 }

Re: [Qemu-devel] [PATCH v2 for-4.1 0/2] Fix ohci_die() and move PCI code to separate file

[Philippe Mathieu-Daudé]

Hi Thomas,

On 4/19/19 9:56 AM, Thomas Huth wrote:
> First patch fixes a problem with ohci_die(), second patch moves PCI code into
> a separate file, so that the sysbus OHCI device can also be used without
> the dependency on the PCI code.
> 
> v2: Split the patch into two patches, one for the ohci_die() fix and one
> for the PCI code movement.

Way cleaner. I wonder why you don't use a typedef for the void
(*ohci_die_fn)(struct OHCIState *) prototype.
Anyway to this series:
Reviewed-by: Philippe Mathieu-Daudé 
Tested-by: Philippe Mathieu-Daudé 

> 
> Thomas Huth (2):
>   hw/usb/hcd-ohci: Do not use PCI functions with sysbus devices in
> ohci_die()
>   hw/usb/hcd-ohci: Move PCI-related code into a separate file
> 
>  hw/sh4/Kconfig|   2 +-
>  hw/usb/Kconfig|   6 +-
>  hw/usb/Makefile.objs  |   1 +
>  hw/usb/hcd-ohci-pci.c | 163 +++
>  hw/usb/hcd-ohci.c | 219 --
>  hw/usb/hcd-ohci.h | 104 
>  6 files changed, 293 insertions(+), 202 deletions(-)
>  create mode 100644 hw/usb/hcd-ohci-pci.c
>  create mode 100644 hw/usb/hcd-ohci.h
> 

Re: [Qemu-devel] [PATCH for-QEMU-4.1 v5 09/29] hw/arm: Express dependencies of the OMAP machines with Kconfig

[Philippe Mathieu-Daudé]

On 4/18/19 8:00 PM, Thomas Huth wrote:
> Add Kconfig dependencies for the OMAP machines (cheetah, n800, n810,
> sx1 and sx1-v1).
> This patch is slightly based on earlier work by Ákos Kovács (i.e.
> his "hw/arm/Kconfig: Add ARM Kconfig" patch).
> 
> Signed-off-by: Thomas Huth 
> ---
>  default-configs/arm-softmmu.mak | 17 -
>  hw/arm/Kconfig  | 25 +
>  hw/arm/Makefile.objs|  3 ++-
>  3 files changed, 31 insertions(+), 14 deletions(-)
> 
> diff --git a/default-configs/arm-softmmu.mak b/default-configs/arm-softmmu.mak
> index 0a4d293f8a..b7ed3c530b 100644
> --- a/default-configs/arm-softmmu.mak
> +++ b/default-configs/arm-softmmu.mak
> @@ -12,16 +12,16 @@ CONFIG_HIGHBANK=y
>  CONFIG_INTEGRATOR=y
>  CONFIG_FSL_IMX31=y
>  CONFIG_MUSICPAL=y
> +CONFIG_MUSCA=y
> +CONFIG_CHEETAH=y

I can't find a working Cheetah option rom, but could test some asm.

Reviewed-by: Philippe Mathieu-Daudé 

> +CONFIG_SX1=y
> +CONFIG_NSERIES=y
>  
>  CONFIG_VGA=y
>  CONFIG_NAND=y
>  CONFIG_ECC=y
>  CONFIG_SERIAL=y
>  CONFIG_MAX7310=y
> -CONFIG_TWL92230=y
> -CONFIG_TSC2005=y
> -CONFIG_LM832X=y
> -CONFIG_TMP105=y
>  CONFIG_TMP421=y
>  CONFIG_PCA9552=y
>  CONFIG_STELLARIS=y
> @@ -39,9 +39,7 @@ CONFIG_ALLWINNER_EMAC=y
>  CONFIG_IMX_FEC=y
>  CONFIG_FTGMAC100=y
>  CONFIG_DS1338=y
> -CONFIG_PFLASH_CFI01=y
>  CONFIG_MICRODRIVE=y
> -CONFIG_USB_MUSB=y
>  CONFIG_PLATFORM_BUS=y
>  CONFIG_VIRTIO_MMIO=y
>  
> @@ -61,15 +59,8 @@ CONFIG_ZYNQ_DEVCFG=y
>  
>  CONFIG_ARM11SCU=y
>  CONFIG_DIGIC=y
> -CONFIG_OMAP=y
> -CONFIG_TSC210X=y
> -CONFIG_BLIZZARD=y
> -CONFIG_ONENAND=y
> -CONFIG_TUSB6010=y
>  CONFIG_MAINSTONE=y
>  CONFIG_MPS2=y
> -CONFIG_MUSCA=y
> -CONFIG_NSERIES=y
>  CONFIG_RASPI=y
>  CONFIG_REALVIEW=y
>  CONFIG_ZAURUS=y
> diff --git a/hw/arm/Kconfig b/hw/arm/Kconfig
> index b9f3c3c232..71126254ff 100644
> --- a/hw/arm/Kconfig
> +++ b/hw/arm/Kconfig
> @@ -2,6 +2,11 @@ config ARM_VIRT
>  bool
>  imply VFIO_PLATFORM
>  
> +config CHEETAH
> +bool
> +select OMAP
> +select TSC210X
> +
>  config DIGIC
>  bool
>  select PTIMER
> @@ -58,9 +63,25 @@ config NETDUINO2
>  
>  config NSERIES
>  bool
> +select OMAP
> +select TMP105   # tempature sensor
> +select BLIZZARD # LCD/TV controller
> +select ONENAND
> +select TSC210X  # touchscreen/sensors/audio
> +select TSC2005  # touchscreen/sensors/keypad
> +select LM832X   # GPIO keyboard chip
> +select TWL92230 # energy-management
> +select TUSB6010
>  
>  config OMAP
>  bool
> +select FRAMEBUFFER
> +select I2C
> +select ECC
> +select NAND
> +select PFLASH_CFI01
> +select SD
> +select SERIAL
>  
>  config PXA2XX
>  bool
> @@ -74,6 +95,10 @@ config STELLARIS
>  config STRONGARM
>  bool
>  
> +config SX1
> +bool
> +select OMAP
> +
>  config VERSATILE
>  bool
>  
> diff --git a/hw/arm/Makefile.objs b/hw/arm/Makefile.objs
> index fa57c7c770..8302b8df1d 100644
> --- a/hw/arm/Makefile.objs
> +++ b/hw/arm/Makefile.objs
> @@ -9,7 +9,8 @@ obj-$(CONFIG_MAINSTONE) += mainstone.o
>  obj-$(CONFIG_MUSICPAL) += musicpal.o
>  obj-$(CONFIG_NETDUINO2) += netduino2.o
>  obj-$(CONFIG_NSERIES) += nseries.o
> -obj-$(CONFIG_OMAP) += omap_sx1.o palm.o
> +obj-$(CONFIG_SX1) += omap_sx1.o
> +obj-$(CONFIG_CHEETAH) += palm.o
>  obj-$(CONFIG_PXA2XX) += gumstix.o spitz.o tosa.o z2.o
>  obj-$(CONFIG_REALVIEW) += realview.o
>  obj-$(CONFIG_STELLARIS) += stellaris.o
> 

Re: [Qemu-devel] [PATCH v3 11/13] tests: acpi: add simple arm/virt testcase

[x00249684]

Hi Igor,

+static void test_acpi_virt_tcg(void)
+{
+test_data data = {
+.machine = "virt",
+.uefi_fl1 = "pc-bios/edk2-aarch64-code.fd",
+.uefi_fl2 = "pc-bios/edk2-arm-vars.fd",
+.cd = "tests/data/uefi-boot-images/bios-tables-test.aarch64.iso.qcow2",
+.ram_start = 0x4000ULL,
+.scan_len = 128ULL * 1024 * 1024,
+};
+
+test_acpi_one("-cpu cortex-a57 ", );

Replaced the cortex-a57 with host and succesfully tested on the hisilicon arm64 
D05 board. Otherwise it failed with "kvm_init_vcpu failed: Invalid argument".
Is it possilbe to set the cpu type like numa-test.c?
Thanks!

Best Regards,
Wei

Re: [Qemu-devel] [PATCH for-QEMU-4.1 v5 11/29] hw/arm: Express dependencies of realview, versatile and vexpress with Kconfig

[Philippe Mathieu-Daudé]

Hi Thomas,

On 4/18/19 8:00 PM, Thomas Huth wrote:
> This patch is slightly based on earlier work by Ákos Kovács (i.e.
> his "hw/arm/Kconfig: Add ARM Kconfig" patch).
> 
> Signed-off-by: Thomas Huth 
> ---
>  default-configs/arm-softmmu.mak | 24 -
>  hw/arm/Kconfig  | 48 +
>  hw/arm/Makefile.objs|  3 ++-
>  hw/display/Kconfig  |  1 +
>  hw/i2c/Kconfig  |  2 +-
>  5 files changed, 57 insertions(+), 21 deletions(-)
> 
> diff --git a/default-configs/arm-softmmu.mak b/default-configs/arm-softmmu.mak
> index 3f82d635e4..df7d9421e0 100644
> --- a/default-configs/arm-softmmu.mak
> +++ b/default-configs/arm-softmmu.mak
> @@ -3,9 +3,8 @@
>  # TODO: ARM_V7M is currently always required - make this more flexible!
>  CONFIG_ARM_V7M=y
>  
> -CONFIG_PCI=y
> -CONFIG_PCI_DEVICES=y
> -CONFIG_PCI_TESTDEV=y
> +# CONFIG_PCI_DEVICES=n
> +# CONFIG_TEST_DEVICES=n
>  
>  CONFIG_EXYNOS4=y
>  CONFIG_HIGHBANK=y
> @@ -17,6 +16,9 @@ CONFIG_CHEETAH=y
>  CONFIG_SX1=y
>  CONFIG_NSERIES=y
>  CONFIG_STELLARIS=y
> +CONFIG_REALVIEW=y
> +CONFIG_VERSATILE=y
> +CONFIG_VEXPRESS=y
>  
>  CONFIG_VGA=y
>  CONFIG_NAND=y
> @@ -25,8 +27,6 @@ CONFIG_SERIAL=y
>  CONFIG_MAX7310=y
>  CONFIG_TMP421=y
>  CONFIG_PCA9552=y
> -CONFIG_DDC=y
> -CONFIG_SII9022=y
>  CONFIG_ADS7846=y
>  CONFIG_MAX111X=y
>  CONFIG_SSI_M25P80=y
> @@ -38,13 +38,8 @@ CONFIG_MICRODRIVE=y
>  CONFIG_PLATFORM_BUS=y
>  CONFIG_VIRTIO_MMIO=y
>  
> -CONFIG_ARM11MPCORE=y
> -
>  CONFIG_NETDUINO2=y
>  
> -CONFIG_PL041=y
> -CONFIG_PL080=y
> -CONFIG_PL190=y
>  CONFIG_PL330=y
>  CONFIG_CADENCE=y
>  CONFIG_PXA2XX=y
> @@ -52,12 +47,10 @@ CONFIG_FRAMEBUFFER=y
>  CONFIG_XILINX_SPIPS=y
>  CONFIG_ZYNQ_DEVCFG=y
>  
> -CONFIG_ARM11SCU=y
>  CONFIG_DIGIC=y
>  CONFIG_MAINSTONE=y
>  CONFIG_MPS2=y
>  CONFIG_RASPI=y
> -CONFIG_REALVIEW=y
>  CONFIG_ZAURUS=y
>  CONFIG_ZYNQ=y
>  CONFIG_STM32F2XX_TIMER=y
> @@ -86,10 +79,6 @@ CONFIG_IOTKIT_SYSINFO=y
>  CONFIG_ARMSSE_CPUID=y
>  CONFIG_ARMSSE_MHU=y
>  
> -CONFIG_VERSATILE=y
> -CONFIG_VERSATILE_PCI=y
> -CONFIG_VERSATILE_I2C=y
> -
>  CONFIG_PCI_EXPRESS=y
>  CONFIG_PCI_EXPRESS_GENERIC_BRIDGE=y
>  
> @@ -120,6 +109,3 @@ CONFIG_XILINX_AXI=y
>  CONFIG_PCI_EXPRESS_DESIGNWARE=y
>  
>  CONFIG_STRONGARM=y
> -
> -# for realview and versatilepb
> -CONFIG_LSI_SCSI_PCI=y
> diff --git a/hw/arm/Kconfig b/hw/arm/Kconfig
> index b91503f5a6..b786cfc5bd 100644
> --- a/hw/arm/Kconfig
> +++ b/hw/arm/Kconfig
> @@ -88,6 +88,30 @@ config PXA2XX
>  
>  config REALVIEW
>  bool
> +imply PCI_DEVICES
> +imply PCI_TESTDEV
> +select SMC91C111
> +select LAN9118
> +select A9MPCORE
> +select A15MPCORE
> +select ARM11MPCORE
> +select ARM_TIMER
> +select VERSATILE_PCI

REALVIEW selects VERSATILE_PCI/I2C ...

> +select WM8750 # audio codec
> +select LSI_SCSI_PCI
> +select PCI
> +select PL011  # UART
> +select PL031  # RTC
> +select PL041  # audio codec
> +select PL050  # keyboard/mouse
> +select PL061  # GPIO
> +select PL080  # DMA controller
> +select PL110
> +select PL181  # display
> +select PL310  # cache controller
> +select VERSATILE_I2C
> +select DS1338 # I2C RTC+NVRAM
> +select USB_OHCI
>  
>  config STELLARIS
>  bool
> @@ -111,6 +135,29 @@ config SX1
>  
>  config VERSATILE
>  bool
> +select ARM_TIMER # sp804
> +select PFLASH_CFI01
> +select LSI_SCSI_PCI
> +select PL050  # keyboard/mouse
> +select PL080  # DMA controller
> +select PL190  # Vector PIC
> +select REALVIEW

VERSATILE selects REALVIEW...

> +select USB_OHCI
> +
> +config VEXPRESS
> +bool
> +select A9MPCORE
> +select A15MPCORE
> +select ARM_MPTIMER
> +select ARM_TIMER # sp804
> +select LAN9118
> +select PFLASH_CFI01
> +select PL011 # UART
> +select PL041 # audio codec
> +select PL181  # display
> +select REALVIEW

Ditto.

I'd prefer to have a clearer boards/soc separation,
but this works, so we can improve this later:

Reviewed-by: Philippe Mathieu-Daudé 

> +select SII9022
> +select VIRTIO_MMIO
>  
>  config ZYNQ
>  bool
> @@ -183,6 +230,7 @@ config A15MPCORE
>  
>  config ARM11MPCORE
>  bool
> +select ARM11SCU
>  
>  config ARMSSE
>  bool
> diff --git a/hw/arm/Makefile.objs b/hw/arm/Makefile.objs
> index 8302b8df1d..bd0b45a799 100644
> --- a/hw/arm/Makefile.objs
> +++ b/hw/arm/Makefile.objs
> @@ -15,7 +15,8 @@ obj-$(CONFIG_PXA2XX) += gumstix.o spitz.o tosa.o z2.o
>  obj-$(CONFIG_REALVIEW) += realview.o
>  obj-$(CONFIG_STELLARIS) += stellaris.o
>  obj-$(CONFIG_STRONGARM) += collie.o
> -obj-$(CONFIG_VERSATILE) += vexpress.o versatilepb.o
> +obj-$(CONFIG_VERSATILE) += versatilepb.o
> +obj-$(CONFIG_VEXPRESS) += vexpress.o
>  obj-$(CONFIG_ZYNQ) += xilinx_zynq.o
>  
>  obj-$(CONFIG_ARM_V7M) += armv7m.o
> diff --git a/hw/display/Kconfig b/hw/display/Kconfig
> index a11815c9af..0577e68c8e 100644
> --- a/hw/display/Kconfig
> +++ 

Re: [Qemu-devel] [PATCH for-QEMU-4.1 v5 19/29] hw/arm: Express dependencies of the MPS2 boards with Kconfig

[Philippe Mathieu-Daudé]

On 4/18/19 8:00 PM, Thomas Huth wrote:
> Add Kconfig dependencies for the mps2-an* machines.
> 
> Signed-off-by: Thomas Huth 
> ---
>  default-configs/arm-softmmu.mak | 20 +---
>  hw/arm/Kconfig  | 18 ++
>  2 files changed, 19 insertions(+), 19 deletions(-)
> 
> diff --git a/default-configs/arm-softmmu.mak b/default-configs/arm-softmmu.mak
> index a0b9016e3a..31d31d3f4a 100644
> --- a/default-configs/arm-softmmu.mak
> +++ b/default-configs/arm-softmmu.mak
> @@ -30,6 +30,7 @@ CONFIG_Z2=y
>  CONFIG_COLLIE=y
>  CONFIG_ASPEED_SOC=y
>  CONFIG_NETDUINO2=y
> +CONFIG_MPS2=y
>  
>  CONFIG_VGA=y
>  CONFIG_SSI_M25P80=y
> @@ -38,28 +39,9 @@ CONFIG_IMX_FEC=y
>  CONFIG_FRAMEBUFFER=y
>  
>  CONFIG_DIGIC=y
> -CONFIG_MPS2=y
>  CONFIG_RASPI=y
>  CONFIG_NRF51_SOC=y
>  
> -CONFIG_CMSDK_APB_TIMER=y
> -CONFIG_CMSDK_APB_DUALTIMER=y
> -CONFIG_CMSDK_APB_UART=y
> -CONFIG_CMSDK_APB_WATCHDOG=y
> -
> -CONFIG_MPS2_FPGAIO=y
> -CONFIG_MPS2_SCC=y
> -
> -CONFIG_TZ_MPC=y
> -CONFIG_TZ_MSC=y
> -CONFIG_TZ_PPC=y
> -CONFIG_ARMSSE=y
> -CONFIG_IOTKIT_SECCTL=y
> -CONFIG_IOTKIT_SYSCTL=y
> -CONFIG_IOTKIT_SYSINFO=y
> -CONFIG_ARMSSE_CPUID=y
> -CONFIG_ARMSSE_MHU=y
> -
>  CONFIG_FSL_IMX6=y
>  CONFIG_FSL_IMX25=y
>  CONFIG_FSL_IMX7=y
> diff --git a/hw/arm/Kconfig b/hw/arm/Kconfig
> index 2ef5696900..466b143fdf 100644
> --- a/hw/arm/Kconfig
> +++ b/hw/arm/Kconfig
> @@ -301,6 +301,12 @@ config ASPEED_SOC
>  
>  config MPS2
>  bool
> +select ARMSSE
> +select LAN9118
> +select MPS2_FPGAIO
> +select MPS2_SCC
> +select PL022# Serial port
> +select PL080# DMA controller
>  
>  config FSL_IMX7
>  bool
> @@ -340,6 +346,18 @@ config ARM11MPCORE
>  
>  config ARMSSE
>  bool
> +select ARMSSE_CPUID
> +select ARMSSE_MHU
> +select CMSDK_APB_TIMER
> +select CMSDK_APB_DUALTIMER
> +select CMSDK_APB_UART
> +select CMSDK_APB_WATCHDOG
> +select IOTKIT_SECCTL
> +select IOTKIT_SYSCTL
> +select IOTKIT_SYSINFO
> +select TZ_MPC
> +select TZ_MSC
> +select TZ_PPC
>  
>  config ARMSSE_CPUID
>  bool
> 

Reviewed-by: Philippe Mathieu-Daudé 

Re: [Qemu-devel] [PATCH 4/4] migration/savevm: wrap into qemu_loadvm_state_header()

[Daniel Henrique Barboza]

On 4/23/19 9:47 PM, Wei Yang wrote:

On source side, we have qemu_savevm_state_header() to send related data,
while on the receiving side those steps are scattered in
qemu_loadvm_state().

This patch wrap those related steps into qemu_loadvm_state_header() to
make it friendly to read.

Signed-off-by: Wei Yang 



Reviewed-by: Daniel Henrique Barboza 



---
  migration/savevm.c | 69 +++---
  1 file changed, 40 insertions(+), 29 deletions(-)

diff --git a/migration/savevm.c b/migration/savevm.c
index a80ae83663..64d23682c6 100644
--- a/migration/savevm.c
+++ b/migration/savevm.c
@@ -2256,6 +2256,43 @@ qemu_loadvm_section_part_end(QEMUFile *f, 
MigrationIncomingState *mis)
  return 0;
  }
  
+static int qemu_loadvm_state_header(QEMUFile *f)

+{
+unsigned int v;
+int ret;
+
+v = qemu_get_be32(f);
+if (v != QEMU_VM_FILE_MAGIC) {
+error_report("Not a migration stream");
+return -EINVAL;
+}
+
+v = qemu_get_be32(f);
+if (v == QEMU_VM_FILE_VERSION_COMPAT) {
+error_report("SaveVM v2 format is obsolete and don't work anymore");
+return -ENOTSUP;
+}
+if (v != QEMU_VM_FILE_VERSION) {
+error_report("Unsupported migration stream version");
+return -ENOTSUP;
+}
+
+if (migrate_get_current()->send_configuration) {
+if (qemu_get_byte(f) != QEMU_VM_CONFIGURATION) {
+error_report("Configuration section missing");
+qemu_loadvm_state_cleanup();
+return -EINVAL;
+}
+ret = vmstate_load_state(f, _configuration, _state, 0);
+
+if (ret) {
+qemu_loadvm_state_cleanup();
+return ret;
+}
+}
+return 0;
+}
+
  static int qemu_loadvm_state_setup(QEMUFile *f)
  {
  SaveStateEntry *se;
@@ -2403,7 +2440,6 @@ int qemu_loadvm_state(QEMUFile *f)
  {
  MigrationIncomingState *mis = migration_incoming_get_current();
  Error *local_err = NULL;
-unsigned int v;
  int ret;
  
  if (migration_is_blocked(_err)) {

@@ -2411,34 +2447,9 @@ int qemu_loadvm_state(QEMUFile *f)
  return -EINVAL;
  }
  
-v = qemu_get_be32(f);

-if (v != QEMU_VM_FILE_MAGIC) {
-error_report("Not a migration stream");
-return -EINVAL;
-}
-
-v = qemu_get_be32(f);
-if (v == QEMU_VM_FILE_VERSION_COMPAT) {
-error_report("SaveVM v2 format is obsolete and don't work anymore");
-return -ENOTSUP;
-}
-if (v != QEMU_VM_FILE_VERSION) {
-error_report("Unsupported migration stream version");
-return -ENOTSUP;
-}
-
-if (migrate_get_current()->send_configuration) {
-if (qemu_get_byte(f) != QEMU_VM_CONFIGURATION) {
-error_report("Configuration section missing");
-qemu_loadvm_state_cleanup();
-return -EINVAL;
-}
-ret = vmstate_load_state(f, _configuration, _state, 0);
-
-if (ret) {
-qemu_loadvm_state_cleanup();
-return ret;
-}
+ret = qemu_loadvm_state_header(f);
+if (ret) {
+return ret;
  }
  
  if (qemu_loadvm_state_setup(f) != 0) {

[Qemu-devel] [Bug 1701835] Re: floating-point operation bugs in qemu-alpha

[Stefan Ring]

There seems to be more confusion of the sort. This fixes it for me:

--- a/linux-user/syscall.c
+++ b/linux-user/syscall.c
@@ -10226,7 +10226,7 @@ static abi_long do_syscall1(void *cpu_env, int num, 
abi_long arg1,
 return -TARGET_EFAULT;
 }
 orig_fpcr = cpu_alpha_load_fpcr(cpu_env);
-fpcr = orig_fpcr & FPCR_DYN_MASK;
+fpcr = orig_fpcr & ((uint64_t) FPCR_DYN_MASK << 32);

 /* Copied from linux ieee_swcr_to_fpcr.  */
 fpcr |= (swcr & SWCR_STATUS_MASK) << 35;

But I would consider this a workaround at best. Having a right-shifted
mask in the first place seems rather unhelpful to me.

-- 
You received this bug notification because you are a member of qemu-
devel-ml, which is subscribed to QEMU.
https://bugs.launchpad.net/bugs/1701835

Title:
  floating-point operation bugs in qemu-alpha

Status in QEMU:
  New

Bug description:
  When running the gnulib testsuite, I'm seeing test failures in the tests for 
libm functions
cbrt
cbrtf
ceil
ceilf
coshf
exp2
exp2f
floor
floorf
fma
fmaf
fmal
frexp
frexpf
hypot
hypotf
hypotl
ilogb
ilogbf
isfinite
isinf
isnan
isnand
isnanf
ldexp
ldexpf
ldexpl
log1p
log1pf
log2
log2f
logb
logbf
logbl
rint
rintf
rintl
signbit
sqrt
sqrtf
strtod
  that I don't see when running the same (statically linked) executables in a 
VM, through qemu-system-alpha.

  How to reproduce:
  - Using gnulib, run ./gnulib-tool --create-testdir --dir=../testdir-math 
--single-configure cbrt cbrtf ceil ceilf coshf exp2 exp2f float floor floorf 
fma fmaf fmal frexp frexpf hypot hypotf hypotl ilogb ilogbf isfinite isinf 
isnan isnand isnanf ldexp ldexpf ldexpl log1p log1pf log2 log2f logb logbf 
logbl math printf-frexp rint rintf rintl round roundf signbit sqrt sqrtf strtod 
trunc truncf
  - Copy the resulting directory to a VM running Linux 2.6.26 with 
qemu-system-alpha.
  - There, configure and build the package:
mkdir build-native-static; cd build-native-static; ../configure 
CPPFLAGS="-Wall" LDFLAGS="-static"; make; make check
Only 4 tests fail.
  - Copy the resulting binaries back to the original x86_64 machine.
  - Set environment variables for using qemu-alpha.
  - Here, 50 tests fail that did not fail originally:

  $ ~/inst-qemu/2.9.0/bin/qemu-alpha test-cbrt
  ../../gltests/test-cbrt.h:39: assertion 'err > - L_(4.0) * L_(16.0) / 
TWO_MANT_DIG && err < L_(4.0) * L_(16.0) / TWO_MANT_DIG' failed
  Aborted (core dumped)
  $ ~/inst-qemu/2.9.0/bin/qemu-alpha test-ceil1
  Floating point exception (core dumped)
  $ ~/inst-qemu/2.9.0/bin/qemu-alpha test-ceil2
  Floating point exception (core dumped)
  $ ~/inst-qemu/2.9.0/bin/qemu-alpha test-ceilf1
  Floating point exception (core dumped)
  $ ~/inst-qemu/2.9.0/bin/qemu-alpha test-ceilf2
  Floating point exception (core dumped)
  $ ~/inst-qemu/2.9.0/bin/qemu-alpha test-coshf 
  ../../gltests/test-coshf.c:37: assertion 'y >= 1.1854652f && y <= 1.1854653f' 
failed
  Aborted (core dumped)
  $ ~/inst-qemu/2.9.0/bin/qemu-alpha test-float
  Floating point exception (core dumped)
  $ ~/inst-qemu/2.9.0/bin/qemu-alpha test-floor1
  Floating point exception (core dumped)
  $ ~/inst-qemu/2.9.0/bin/qemu-alpha test-floor2
  Floating point exception (core dumped)
  $ ~/inst-qemu/2.9.0/bin/qemu-alpha test-floorf1
  Floating point exception (core dumped)
  $ ~/inst-qemu/2.9.0/bin/qemu-alpha test-floorf2
  Floating point exception (core dumped)
  $ ~/inst-qemu/2.9.0/bin/qemu-alpha test-fma1   
  Floating point exception (core dumped)
  $ ~/inst-qemu/2.9.0/bin/qemu-alpha test-fma2
  ../../gltests/test-fma2.h:116: assertion 'result == expected' failed
  Aborted (core dumped)
  $ ~/inst-qemu/2.9.0/bin/qemu-alpha test-fmaf1
  Floating point exception (core dumped)
  $ ~/inst-qemu/2.9.0/bin/qemu-alpha test-fmaf2
  ../../gltests/test-fma2.h:116: assertion 'result == expected' failed
  Aborted (core dumped)
  $ ~/inst-qemu/2.9.0/bin/qemu-alpha test-fmal2
  ../../gltests/test-fma2.h:116: assertion 'result == expected' failed
  Aborted (core dumped)
  $ ~/inst-qemu/2.9.0/bin/qemu-alpha test-frexp
  Floating point exception (core dumped)
  $ ~/inst-qemu/2.9.0/bin/qemu-alpha test-frexpf
  Floating point exception (core dumped)
  $ ~/inst-qemu/2.9.0/bin/qemu-alpha test-hypot 
  Floating point exception (core dumped)
  $ ~/inst-qemu/2.9.0/bin/qemu-alpha test-hypotf
  Floating point exception (core dumped)
  $ ~/inst-qemu/2.9.0/bin/qemu-alpha test-hypotl
  ../../gltests/test-hypot.h:41: assertion 'z == HUGEVAL' failed
  Aborted (core dumped)
  $ ~/inst-qemu/2.9.0/bin/qemu-alpha test-ilogb 
  Floating point exception (core dumped)
  $ ~/inst-qemu/2.9.0/bin/qemu-alpha test-ilogbf
  Floating point exception (core dumped)
  $ ~/inst-qemu/2.9.0/bin/qemu-alpha test-isfinite
  Floating point exception (core 

Re: [Qemu-devel] [PATCH for-QEMU-4.1 v5 28/29] hw/arm: Express dependencies of the musca machines with Kconfig

[Philippe Mathieu-Daudé]

On 4/18/19 8:00 PM, Thomas Huth wrote:
> Dependencies have been determined with trial-and-error and by
> looking at the musca.c source file.
> 
> Signed-off-by: Thomas Huth 

Reviewed-by: Philippe Mathieu-Daudé 

> ---
>  hw/arm/Kconfig | 9 ++---
>  1 file changed, 6 insertions(+), 3 deletions(-)
> 
> diff --git a/hw/arm/Kconfig b/hw/arm/Kconfig
> index 22be1e1231..eca8387050 100644
> --- a/hw/arm/Kconfig
> +++ b/hw/arm/Kconfig
> @@ -75,6 +75,12 @@ config MAINSTONE
>  select PFLASH_CFI01
>  select SMC91C111
>  
> +config MUSCA
> +bool
> +select ARMSSE
> +select PL011
> +select PL031
> +
>  config MUSICPAL
>  bool
>  select BITBANG_I2C
> @@ -423,6 +429,3 @@ config ARMSSE_CPUID
>  
>  config ARMSSE_MHU
>  bool
> -
> -config MUSCA
> -bool
> 

Re: [Qemu-devel] [PATCH] Revert "armv7m: Guard against no -kernel argument"

[Philippe Mathieu-Daudé]

On 4/25/19 8:07 PM, Philippe Mathieu-Daudé wrote:
> Hi Peter, Stefan,
> 
> On 1/4/19 4:16 PM, Peter Maydell wrote:
>> On Thu, 3 Jan 2019 at 14:41, Stefan Hajnoczi  wrote:
>>>
>>> This reverts commit 01fd41ab3fb69971c24a69ed49cde96086d81278.
>>>
>>> The generic loader device (-device loader,file=kernel.bin) can be used
>>> to load a kernel instead of the -kernel option.  Some boards have flash
>>> memory (pflash) that is set via the -pflash or -drive options.
>>>
>>> Allow starting QEMU without the -kernel option to accommodate these
>>> scenarios.
>>>
>>> Suggested-by: Peter Maydell 
>>> Signed-off-by: Stefan Hajnoczi 
> 
> Previous to this commit (v3.1), we have:
> 
> $ qemu-system-aarch64 -M netduino2
> qemu-system-aarch64: Guest image must be specified (using -kernel)
> 
> Now (v4.0) we get:
> 
> $ qemu-system-aarch64 -M netduino2
> qemu: fatal: Lockup: can't escalate 3 to HardFault (current priority -1)
> 
> R00= R01= R02= R03=
> R04= R05= R06= R07=
> R08= R09= R10= R11=
> R12= R13=ffe0 R14=fff9 R15=
> XPSR=4003 -Z-- A handler
> FPSCR: 
> Aborted (core dumped)

(gdb) bt
#0  0x7fd14f39457f in raise () at /lib64/libc.so.6
#1  0x7fd14f37e895 in abort () at /lib64/libc.so.6
#2  0x56286da2695c in cpu_abort (cpu=0x5628705c43c0,
fmt=0x56286dfdc450 "Lockup: can't escalate %d to HardFault (current
priority %d)\n") at /source/qemu/exec.c:1282
#3  0x56286dada4ea in do_armv7m_nvic_set_pending
(opaque=0x5628705a5030, irq=3, secure=false, derived=false) at
/source/qemu/hw/intc/armv7m_nvic.c:632
#4  0x56286dada568 in armv7m_nvic_set_pending
(opaque=0x5628705a5030, irq=6, secure=false) at
/source/qemu/hw/intc/armv7m_nvic.c:650
#5  0x56286db3ae1b in arm_v7m_cpu_do_interrupt (cs=0x5628705c43c0)
at /source/qemu/target/arm/helper.c:8822
#6  0x56286dad2e9e in cpu_handle_exception (cpu=0x5628705c43c0,
ret=0x7fd13d9fbe2c) at /source/qemu/accel/tcg/cpu-exec.c:504
#7  0x56286dad350a in cpu_exec (cpu=0x5628705c43c0) at
/source/qemu/accel/tcg/cpu-exec.c:709
#8  0x56286da77497 in tcg_cpu_exec (cpu=0x5628705c43c0) at
/source/qemu/cpus.c:1431
#9  0x56286da77caf in qemu_tcg_cpu_thread_fn (arg=0x5628705c43c0) at
/source/qemu/cpus.c:1735
#10 0x56286deb5dce in qemu_thread_start (args=0x5628705ea850) at
/source/qemu/util/qemu-thread-posix.c:502
#11 0x7fd14f52a58e in start_thread () at /lib64/libpthread.so.0
#12 0x7fd14f459683 in clone () at /lib64/libc.so.6

Running with -d in_asm,int:

IN:
0x:    andeqr0, r0, r0

Taking exception 18 [v7M INVSTATE UsageFault]
...BusFault with BFSR.STKERR
...taking pending nonsecure exception 3

IN:
0x:    andeqr0, r0, r0

Taking exception 18 [v7M INVSTATE UsageFault]
qemu: fatal: Lockup: can't escalate 3 to HardFault (current priority -1)

Since I didn't provided anything to bootstrap the guest, the bootvector
in flash is obviously empty.

> 
> This is confusing.
> 
> (same happens with emcraft-sf2, microbit, musca-*)
> 
> Regards,
> 
> Phil.
> 

Re: [Qemu-devel] [PATCH] target/riscv: Expose time CSRs when allowed by [m|s]counteren

[Palmer Dabbelt]

On Fri, 19 Apr 2019 16:05:35 PDT (-0700), alistai...@gmail.com wrote:

On Mon, Apr 15, 2019 at 5:46 PM Jonathan Behrens  wrote:


For any chip that has a CLINT, we want the frequency of the time register and 
the frequency of the CLINT to match. That frequency, SIFIVE_CLINT_TIMEBASE_FREQ 
(=10MHz) is currently defined in hw/riscv/sifive_clint.h and so isn't visible 
to target/riscv/cpu.c where the CPURISCVState is first created. Instead, I 
first initialize the frequency to a reasonable default (1GHz) and then let the 
CLINT override the value if one is attached. Phrased differently, the values 
produced by the `sifive_clint.c: cpu_riscv_read_rtc()` and `csr.c: read_time()` 
must match, and this is one way of doing that.


Ah that seems fine. Can you add a comment in the code to indicate that
it will be overwritten later?


I don't see a v2, did I miss something?



Alistair



I'd be open to other suggestions.

Jonathan

On Mon, Apr 15, 2019 at 8:23 PM Alistair Francis  wrote:


On Fri, Apr 12, 2019 at 12:04 PM Jonathan Behrens  wrote:
>
> Currently mcounteren.TM acts as though it is hardwired to zero, even though
> QEMU
> allows it to be set. This change resolves the issue by allowing reads to the
> time and timeh control registers when running in a privileged mode where
> such
> accesses are allowed.
>
> Signed-off-by: Jonathan Behrens 
> ---
>  hw/riscv/sifive_clint.c |  1 +
>  target/riscv/cpu.c  | 14 ++
>  target/riscv/cpu.h  |  2 ++
>  target/riscv/csr.c  | 17 +++--
>  4 files changed, 28 insertions(+), 6 deletions(-)
>
> diff --git a/hw/riscv/sifive_clint.c b/hw/riscv/sifive_clint.c
> index d4c159e937..3ad4fe6139 100644
> --- a/hw/riscv/sifive_clint.c
> +++ b/hw/riscv/sifive_clint.c
> @@ -237,6 +237,7 @@ DeviceState *sifive_clint_create(hwaddr addr, hwaddr
> size, uint32_t num_harts,
>  env->timer = timer_new_ns(QEMU_CLOCK_VIRTUAL,
>_clint_timer_cb, cpu);
>  env->timecmp = 0;
> +env->time_freq = SIFIVE_CLINT_TIMEBASE_FREQ;

Why do you need to set this here?

Alistair

>  }
>
>  DeviceState *dev = qdev_create(NULL, TYPE_SIFIVE_CLINT);
> diff --git a/target/riscv/cpu.c b/target/riscv/cpu.c
> index d61bce6d55..ff17d54691 100644
> --- a/target/riscv/cpu.c
> +++ b/target/riscv/cpu.c
> @@ -103,12 +103,20 @@ static void set_resetvec(CPURISCVState *env, int
> resetvec)
>  #endif
>  }
>
> +static void set_time_freq(CPURISCVState *env, uint64_t freq)
> +{
> +#ifndef CONFIG_USER_ONLY
> +env->time_freq = freq;
> +#endif
> +}
> +
>  static void riscv_any_cpu_init(Object *obj)
>  {
>  CPURISCVState *env = _CPU(obj)->env;
>  set_misa(env, RVXLEN | RVI | RVM | RVA | RVF | RVD | RVC | RVU);
>  set_versions(env, USER_VERSION_2_02_0, PRIV_VERSION_1_10_0);
>  set_resetvec(env, DEFAULT_RSTVEC);
> +set_time_freq(env, NANOSECONDS_PER_SECOND);
>  }
>
>  #if defined(TARGET_RISCV32)
> @@ -121,6 +129,7 @@ static void rv32gcsu_priv1_09_1_cpu_init(Object *obj)
>  set_resetvec(env, DEFAULT_RSTVEC);
>  set_feature(env, RISCV_FEATURE_MMU);
>  set_feature(env, RISCV_FEATURE_PMP);
> +set_time_freq(env, NANOSECONDS_PER_SECOND);
>  }
>
>  static void rv32gcsu_priv1_10_0_cpu_init(Object *obj)
> @@ -131,6 +140,7 @@ static void rv32gcsu_priv1_10_0_cpu_init(Object *obj)
>  set_resetvec(env, DEFAULT_RSTVEC);
>  set_feature(env, RISCV_FEATURE_MMU);
>  set_feature(env, RISCV_FEATURE_PMP);
> +set_time_freq(env, NANOSECONDS_PER_SECOND);
>  }
>
>  static void rv32imacu_nommu_cpu_init(Object *obj)
> @@ -140,6 +150,7 @@ static void rv32imacu_nommu_cpu_init(Object *obj)
>  set_versions(env, USER_VERSION_2_02_0, PRIV_VERSION_1_10_0);
>  set_resetvec(env, DEFAULT_RSTVEC);
>  set_feature(env, RISCV_FEATURE_PMP);
> +set_time_freq(env, NANOSECONDS_PER_SECOND);
>  }
>
>  #elif defined(TARGET_RISCV64)
> @@ -152,6 +163,7 @@ static void rv64gcsu_priv1_09_1_cpu_init(Object *obj)
>  set_resetvec(env, DEFAULT_RSTVEC);
>  set_feature(env, RISCV_FEATURE_MMU);
>  set_feature(env, RISCV_FEATURE_PMP);
> +set_time_freq(env, NANOSECONDS_PER_SECOND);
>  }
>
>  static void rv64gcsu_priv1_10_0_cpu_init(Object *obj)
> @@ -162,6 +174,7 @@ static void rv64gcsu_priv1_10_0_cpu_init(Object *obj)
>  set_resetvec(env, DEFAULT_RSTVEC);
>  set_feature(env, RISCV_FEATURE_MMU);
>  set_feature(env, RISCV_FEATURE_PMP);
> +set_time_freq(env, NANOSECONDS_PER_SECOND);
>  }
>
>  static void rv64imacu_nommu_cpu_init(Object *obj)
> @@ -171,6 +184,7 @@ static void rv64imacu_nommu_cpu_init(Object *obj)
>  set_versions(env, USER_VERSION_2_02_0, PRIV_VERSION_1_10_0);
>  set_resetvec(env, DEFAULT_RSTVEC);
>  set_feature(env, RISCV_FEATURE_PMP);
> +set_time_freq(env, NANOSECONDS_PER_SECOND);
>  }
>
>  #endif
> diff --git a/target/riscv/cpu.h b/target/riscv/cpu.h
> index 20bce8742e..67b1769ad3 100644
> --- a/target/riscv/cpu.h
> +++ b/target/riscv/cpu.h
> @@ -173,7 +173,9 

Re: [Qemu-devel] [PATCH for-QEMU-4.1 v5 10/29] hw/arm: Express dependencies of stellaris with Kconfig

[Philippe Mathieu-Daudé]

Hi Thomas,

On 4/18/19 8:00 PM, Thomas Huth wrote:
> This patch is slightly based on earlier work by Ákos Kovács (i.e.
> his "hw/arm/Kconfig: Add ARM Kconfig" patch).
> 
> Signed-off-by: Thomas Huth 
> ---
>  default-configs/arm-softmmu.mak |  7 +--
>  hw/arm/Kconfig  | 10 ++
>  2 files changed, 11 insertions(+), 6 deletions(-)
> 
> diff --git a/default-configs/arm-softmmu.mak b/default-configs/arm-softmmu.mak
> index b7ed3c530b..3f82d635e4 100644
> --- a/default-configs/arm-softmmu.mak
> +++ b/default-configs/arm-softmmu.mak
> @@ -16,6 +16,7 @@ CONFIG_MUSCA=y
>  CONFIG_CHEETAH=y
>  CONFIG_SX1=y
>  CONFIG_NSERIES=y
> +CONFIG_STELLARIS=y
>  
>  CONFIG_VGA=y
>  CONFIG_NAND=y
> @@ -24,16 +25,10 @@ CONFIG_SERIAL=y
>  CONFIG_MAX7310=y
>  CONFIG_TMP421=y
>  CONFIG_PCA9552=y
> -CONFIG_STELLARIS=y
> -CONFIG_STELLARIS_INPUT=y
> -CONFIG_STELLARIS_ENET=y
> -CONFIG_SSD0303=y
> -CONFIG_SSD0323=y
>  CONFIG_DDC=y
>  CONFIG_SII9022=y
>  CONFIG_ADS7846=y
>  CONFIG_MAX111X=y
> -CONFIG_SSI_SD=y
>  CONFIG_SSI_M25P80=y
>  CONFIG_ALLWINNER_EMAC=y
>  CONFIG_IMX_FEC=y
> diff --git a/hw/arm/Kconfig b/hw/arm/Kconfig
> index 71126254ff..b91503f5a6 100644
> --- a/hw/arm/Kconfig
> +++ b/hw/arm/Kconfig
> @@ -91,6 +91,16 @@ config REALVIEW
>  
>  config STELLARIS
>  bool
> +select ARM_V7M
> +select I2C
> +select PL011 # UART
> +select PL022 # Serial port
> +select PL061 # GPIO
> +select SSD0303 # OLED display
> +select SSD0323 # OLED display
> +select SSI_SD
> +select STELLARIS_INPUT
> +select STELLARIS_ENET # ethernet

This one misses CMSDK_APB_WATCHDOG:

$ qemu-system-aarch64 -M lm3s811evb
qemu-system-aarch64: Unknown device 'luminary-watchdog' for default sysbus
Aborted (core dumped)

(gdb) bt
#1  0x7fbee955d895 in abort () at /lib64/libc.so.6
#2  0x560905068f6a in qdev_create (bus=0x0, name=0x5609053b9e5a
"luminary-watchdog") at /source/qemu/hw/core/qdev.c:131
#3  0x560904ec1afc in stellaris_init (ms=0x560906d82c00,
board=0x5609056e79e0 ) at
/source/qemu/hw/arm/stellaris.c:1344
#4  0x560904ec22ff in lm3s811evb_init (machine=0x560906d82c00) at
/source/qemu/hw/arm/stellaris.c:1468
#5  0x56090507326a in machine_run_board_init
(machine=0x560906d82c00) at /source/qemu/hw/core/machine.c:1030

It works with the following snippet:
-- >8 --
diff --git a/hw/arm/Kconfig b/hw/arm/Kconfig
@@ -200,6 +200,7 @@ config STELLARIS
 select SSI_SD
 select STELLARIS_INPUT
 select STELLARIS_ENET # ethernet
+select CMSDK_APB_WATCHDOG # Luminary
---

>  
>  config STRONGARM
>  bool
> 

Re: [Qemu-devel] [PATCH for-QEMU-4.1 v5 25/29] hw/arm: Express dependencies of the microbit / nrf51 machine with Kconfig

[Philippe Mathieu-Daudé]

On 4/18/19 8:00 PM, Thomas Huth wrote:
> Add Kconfig dependencies for the NRF51 / microbit machine.
> 
> Signed-off-by: Thomas Huth 

Reviewed-by: Philippe Mathieu-Daudé 

> ---
>  default-configs/arm-softmmu.mak | 3 +--
>  hw/arm/Kconfig  | 6 ++
>  hw/arm/Makefile.objs| 3 ++-
>  3 files changed, 9 insertions(+), 3 deletions(-)
> 
> diff --git a/default-configs/arm-softmmu.mak b/default-configs/arm-softmmu.mak
> index 6dc388c43e..233937f394 100644
> --- a/default-configs/arm-softmmu.mak
> +++ b/default-configs/arm-softmmu.mak
> @@ -35,11 +35,10 @@ CONFIG_RASPI=y
>  CONFIG_DIGIC=y
>  CONFIG_SABRELITE=y
>  CONFIG_EMCRAFT_SF2=y
> +CONFIG_MICROBIT=y
>  
>  CONFIG_VGA=y
>  
> -CONFIG_NRF51_SOC=y
> -
>  CONFIG_FSL_IMX25=y
>  CONFIG_FSL_IMX7=y
>  CONFIG_FSL_IMX6UL=y
> diff --git a/hw/arm/Kconfig b/hw/arm/Kconfig
> index 58439c492a..708eae19e5 100644
> --- a/hw/arm/Kconfig
> +++ b/hw/arm/Kconfig
> @@ -347,8 +347,14 @@ config FSL_IMX6UL
>  select IMX_I2C
>  select SDHCI
>  
> +config MICROBIT
> +bool
> +select NRF51_SOC
> +
>  config NRF51_SOC
>  bool
> +select I2C
> +select ARM_V7M
>  
>  config EMCRAFT_SF2
>  bool
> diff --git a/hw/arm/Makefile.objs b/hw/arm/Makefile.objs
> index eae9f6c442..994e67dd0d 100644
> --- a/hw/arm/Makefile.objs
> +++ b/hw/arm/Makefile.objs
> @@ -8,6 +8,7 @@ obj-$(CONFIG_EMCRAFT_SF2) += msf2-som.o
>  obj-$(CONFIG_HIGHBANK) += highbank.o
>  obj-$(CONFIG_INTEGRATOR) += integratorcp.o
>  obj-$(CONFIG_MAINSTONE) += mainstone.o
> +obj-$(CONFIG_MICROBIT) += microbit.o
>  obj-$(CONFIG_MUSICPAL) += musicpal.o
>  obj-$(CONFIG_NETDUINO2) += netduino2.o
>  obj-$(CONFIG_NSERIES) += nseries.o
> @@ -48,4 +49,4 @@ obj-$(CONFIG_ARMSSE) += armsse.o
>  obj-$(CONFIG_FSL_IMX7) += fsl-imx7.o mcimx7d-sabre.o
>  obj-$(CONFIG_ARM_SMMUV3) += smmu-common.o smmuv3.o
>  obj-$(CONFIG_FSL_IMX6UL) += fsl-imx6ul.o mcimx6ul-evk.o
> -obj-$(CONFIG_NRF51_SOC) += nrf51_soc.o microbit.o
> +obj-$(CONFIG_NRF51_SOC) += nrf51_soc.o
> 

Re: [Qemu-devel] [PATCH for-QEMU-4.1 v5 17/29] hw/arm: Express dependencies of netduino / stm32f2xx with Kconfig

[Philippe Mathieu-Daudé]

On 4/18/19 8:00 PM, Thomas Huth wrote:
> Netduino only depends on the stm32f205 SoC which in turn depends on
> its components.
> 
> Reviewed-by: Alistair Francis 
> Signed-off-by: Thomas Huth 

Reviewed-by: Philippe Mathieu-Daudé 

> ---
>  default-configs/arm-softmmu.mak | 9 +
>  hw/arm/Kconfig  | 7 +++
>  2 files changed, 8 insertions(+), 8 deletions(-)
> 
> diff --git a/default-configs/arm-softmmu.mak b/default-configs/arm-softmmu.mak
> index f440a2b1cd..c86a9f5427 100644
> --- a/default-configs/arm-softmmu.mak
> +++ b/default-configs/arm-softmmu.mak
> @@ -28,25 +28,18 @@ CONFIG_TOSA=y
>  CONFIG_Z2=y
>  CONFIG_COLLIE=y
>  CONFIG_ASPEED_SOC=y
> +CONFIG_NETDUINO2=y
>  
>  CONFIG_VGA=y
>  CONFIG_SSI_M25P80=y
>  CONFIG_ALLWINNER_EMAC=y
>  CONFIG_IMX_FEC=y
>  
> -CONFIG_NETDUINO2=y
> -
>  CONFIG_FRAMEBUFFER=y
>  
>  CONFIG_DIGIC=y
>  CONFIG_MPS2=y
>  CONFIG_RASPI=y
> -CONFIG_STM32F2XX_TIMER=y
> -CONFIG_STM32F2XX_USART=y
> -CONFIG_STM32F2XX_SYSCFG=y
> -CONFIG_STM32F2XX_ADC=y
> -CONFIG_STM32F2XX_SPI=y
> -CONFIG_STM32F205_SOC=y
>  CONFIG_NRF51_SOC=y
>  
>  CONFIG_CMSDK_APB_TIMER=y
> diff --git a/hw/arm/Kconfig b/hw/arm/Kconfig
> index 4d0febf644..49306d6419 100644
> --- a/hw/arm/Kconfig
> +++ b/hw/arm/Kconfig
> @@ -81,6 +81,7 @@ config MUSICPAL
>  
>  config NETDUINO2
>  bool
> +select STM32F205_SOC
>  
>  config NSERIES
>  bool
> @@ -250,6 +251,12 @@ config RASPI
>  
>  config STM32F205_SOC
>  bool
> +select ARM_V7M
> +select STM32F2XX_TIMER
> +select STM32F2XX_USART
> +select STM32F2XX_SYSCFG
> +select STM32F2XX_ADC
> +select STM32F2XX_SPI
>  
>  config XLNX_ZYNQMP_ARM
>  bool
> 

Re: [Qemu-devel] [PATCH 2/4] migration/savevm: use migration_is_blocked to validate

[Daniel Henrique Barboza]

On 4/23/19 9:46 PM, Wei Yang wrote:

migration_is_blocked() is used in migrate_prepare() and
save_snapshot(), this is more proper to use this instead of
qemu_savevm_state_blocked() in qemu_loadvm_state().



migration_is_blocked() does an additional verification:

"if (migration_blockers)"

comparing to what was previously done in qemu_loadvm_state.

I've checked what migration_blockers does and it is a GList used
for callers to block the migration process. This is used via
'migration_add_blocker', from migration.c.

'migration_add_blocker' is called all over the place, most notably
in  _realize() functions  and _open() functions from block.

Thus, I am not sure if this change will impact the use of
qemu_loadvm_state() from load_snapshot() (i.e. can load_snapshot
be called with migration_blockers?). It's better to someone
with a better understanding of this code to comment on that.


DHB




Signed-off-by: Wei Yang 
---
  migration/savevm.c | 2 +-
  1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/migration/savevm.c b/migration/savevm.c
index 2eea604624..6c61056cde 100644
--- a/migration/savevm.c
+++ b/migration/savevm.c
@@ -2406,7 +2406,7 @@ int qemu_loadvm_state(QEMUFile *f)
  unsigned int v;
  int ret;
  
-if (qemu_savevm_state_blocked(_err)) {

+if (migration_is_blocked(_err)) {
  error_report_err(local_err);
  return -EINVAL;
  }

Re: [Qemu-devel] [PATCH 1/2] fixup! target/riscv: Name the argument sets for all of insn32 formats

[Alistair Francis]

On Thu, Apr 25, 2019 at 10:28 AM Richard Henderson
 wrote:
>
> ---
>  target/riscv/translate.c | 13 ++---
>  1 file changed, 10 insertions(+), 3 deletions(-)

Not sure how this will work with a fixup, but still:
Reviewed-by: Alistair Francis 

Alistair

>
> diff --git a/target/riscv/translate.c b/target/riscv/translate.c
> index d1f599a92d..009c146e8f 100644
> --- a/target/riscv/translate.c
> +++ b/target/riscv/translate.c
> @@ -713,12 +713,19 @@ static bool gen_shift(DisasContext *ctx, arg_r *a,
>   * initially declared by the 32-bit decoder, which results in duplicate
>   * declaration warnings.  Suppress them.
>   */
> -#pragma GCC diagnostic push
> -#pragma GCC diagnostic ignored "-Wredundant-decls"
> +#ifdef CONFIG_PRAGMA_DIAGNOSTIC_AVAILABLE
> +# pragma GCC diagnostic push
> +# pragma GCC diagnostic ignored "-Wredundant-decls"
> +# ifdef __clang__
> +#  pragma GCC diagnostic ignored "-Wtypedef-redefinition"
> +# endif
> +#endif
>
>  #include "decode_insn16.inc.c"
>
> -#pragma GCC diagnostic pop
> +#ifdef CONFIG_PRAGMA_DIAGNOSTIC_AVAILABLE
> +# pragma GCC diagnostic pop
> +#endif
>
>  static void decode_opc(DisasContext *ctx)
>  {
> --
> 2.17.1
>
>

[Qemu-devel] [Bug 1826422] Re: Regression: QEMU 4.0 hangs the host (*bisect included*)

[Saverio Miroddi]

> Does adding "kernel_irqchip=on" to the comma separated list of options
for -machine resolve it?

Yes, that solved it, thanks!

-- 
You received this bug notification because you are a member of qemu-
devel-ml, which is subscribed to QEMU.
https://bugs.launchpad.net/bugs/1826422

Title:
  Regression: QEMU 4.0 hangs the host (*bisect included*)

Status in QEMU:
  New

Bug description:
  The commit b2fc91db84470a78f8e93f5b5f913c17188792c8 seemingly
  introduced a regression on my system.

  When I start QEMU, the guest and the host hang (I need a hard reset to
  get back to a working system), before anything shows on the guest.

  I use QEMU with GPU passthrough (which worked perfectly until the
  commit above). This is the command I use:

  ```
  /path/to/qemu-system-x86_64
-drive if=pflash,format=raw,readonly,file=/path/to/OVMF_CODE.fd
-drive if=pflash,format=raw,file=/tmp/OVMF_VARS.fd.tmp
-enable-kvm
-machine q35,accel=kvm,mem-merge=off
-cpu 
host,kvm=off,hv_vendor_id=vgaptrocks,hv_relaxed,hv_spinlocks=0x1fff,hv_vapic,hv_time
-smp 4,cores=4,sockets=1,threads=1
-m 10240
-vga none
-rtc base=localtime
-serial none
-parallel none
-usb
-device usb-tablet
-device vfio-pci,host=01:00.0,multifunction=on
-device vfio-pci,host=01:00.1
-device usb-host,vendorid=,productid=
-device usb-host,vendorid=,productid=
-device usb-host,vendorid=,productid=
-device usb-host,vendorid=,productid=
-device usb-host,vendorid=,productid=
-device usb-host,vendorid=,productid=
-device virtio-scsi-pci,id=scsi
-drive file=/path/to/guest.img,id=hdd1,format=qcow2,if=none,cache=writeback
-device scsi-hd,drive=hdd1
-net nic,model=virtio
-net user,smb=/path/to/shared
  ```

  If I run QEMU without GPU passthrough, it runs fine.

  Some details about my system:

  - O/S: Mint 19.1 x86-64 (it's based on Ubuntu 18.04)
  - Kernel: 4.15
  - `configure` options: `--target-list=x86_64-softmmu --enable-gtk 
--enable-spice --audio-drv-list=pa`
  - EDK2 version: 1a734ed85fda71630c795832e6d24ea560caf739 (20/Apr/2019)
  - CPU: i7-6700k
  - Motherboard: ASRock Z170 Gaming-ITX/ac
  - VGA: Gigabyte GTX 960 Mini-ITX

To manage notifications about this bug go to:
https://bugs.launchpad.net/qemu/+bug/1826422/+subscriptions

Re: [Qemu-devel] [PATCH 0/4] Remove some qdev_get_machine() calls from CONFIG_USER_ONLY

[no-reply]

Patchew URL: 
https://patchew.org/QEMU/20190425200051.19906-1-ehabk...@redhat.com/



Hi,

This series seems to have some coding style problems. See output below for
more information:

Type: series
Message-id: 20190425200051.19906-1-ehabk...@redhat.com
Subject: [Qemu-devel] [PATCH 0/4] Remove some qdev_get_machine() calls from 
CONFIG_USER_ONLY

=== TEST SCRIPT BEGIN ===
#!/bin/bash
git rev-parse base > /dev/null || exit 0
git config --local diff.renamelimit 0
git config --local diff.renames True
git config --local diff.algorithm histogram
./scripts/checkpatch.pl --mailback base..
=== TEST SCRIPT END ===

Updating 3c8cf5a9c21ff8782164d1def7f44bd888713384
From https://github.com/patchew-project/qemu
 t [tag update]
patchew/20190424004700.12766-1-richardw.y...@linux.intel.com -> 
patchew/20190424004700.12766-1-richardw.y...@linux.intel.com
 * [new tag]   patchew/20190425200051.19906-1-ehabk...@redhat.com 
-> patchew/20190425200051.19906-1-ehabk...@redhat.com
Switched to a new branch 'test'
c5c77ea2cc qdev-hotplug: Don't check type of qdev_get_machine()
854ded711d qdev: Don't compile hotplug code in user-mode emulation
1bd33307be move qdev hotplug code to qdev-hotplug.c
02b1f5db6f machine: Move gpio code to hw/core/gpio.c

=== OUTPUT BEGIN ===
1/4 Checking commit 02b1f5db6fcd (machine: Move gpio code to hw/core/gpio.c)
WARNING: added, moved or deleted file(s), does MAINTAINERS need updating?
#26: 
new file mode 100644

WARNING: Block comments use a leading /* on a separate line
#60: FILE: hw/core/gpio.c:30:
+/* NULL is a valid and matchable name, otherwise do a normal

WARNING: Block comments use a leading /* on a separate line
#156: FILE: hw/core/gpio.c:126:
+/* We need a name for object_property_set_link to work.  If the

ERROR: "foo * bar" should be "foo *bar"
#205: FILE: hw/core/gpio.c:175:
+void qdev_connect_gpio_out(DeviceState * dev, int n, qemu_irq pin)

total: 1 errors, 3 warnings, 403 lines checked

Patch 1/4 has style problems, please review.  If any of these errors
are false positives report them to the maintainer, see
CHECKPATCH in MAINTAINERS.

2/4 Checking commit 1bd33307be11 (move qdev hotplug code to qdev-hotplug.c)
WARNING: added, moved or deleted file(s), does MAINTAINERS need updating?
#49: 
new file mode 100644

total: 0 errors, 1 warnings, 134 lines checked

Patch 2/4 has style problems, please review.  If any of these errors
are false positives report them to the maintainer, see
CHECKPATCH in MAINTAINERS.
3/4 Checking commit 854ded711daa (qdev: Don't compile hotplug code in user-mode 
emulation)
WARNING: added, moved or deleted file(s), does MAINTAINERS need updating?
#48: 
new file mode 100644

total: 0 errors, 1 warnings, 77 lines checked

Patch 3/4 has style problems, please review.  If any of these errors
are false positives report them to the maintainer, see
CHECKPATCH in MAINTAINERS.
4/4 Checking commit c5c77ea2ccde (qdev-hotplug: Don't check type of 
qdev_get_machine())
=== OUTPUT END ===

Test command exited with code: 1


The full log is available at
http://patchew.org/logs/20190425200051.19906-1-ehabk...@redhat.com/testing.checkpatch/?type=message.
---
Email generated automatically by Patchew [https://patchew.org/].
Please send your feedback to patchew-de...@redhat.com

[Qemu-devel] [PATCH 0/4] Remove some qdev_get_machine() calls from CONFIG_USER_ONLY

[Eduardo Habkost]

This series moves some qdev code outside qdev.o, so it can be
compiled only in CONFIG_SOFTMMU.

The code being moved includes two qdev_get_machine() calls, so
this will make it easier to move qdev_get_machine() to
CONFIG_SOFTMMU later.

After this series, there's one remaining qdev_get_machine() call
that seems more difficult to remove:

static void device_set_realized(Object *obj, bool value, Error **errp)
{
/* [...] */
if (!obj->parent) {
gchar *name = g_strdup_printf("device[%d]", unattached_count++);

object_property_add_child(container_get(qdev_get_machine(),
"/unattached"),
  name, obj, _abort);
unattached_parent = true;
g_free(name);
}
/* [...] */
}

This one is tricky because on system emulation mode it needs
"/machine" to already exist, but in user-only mode it needs to
implicitly create a "/machine" container.

Eduardo Habkost (4):
  machine: Move gpio code to hw/core/gpio.c
  move qdev hotplug code to qdev-hotplug.c
  qdev: Don't compile hotplug code in user-mode emulation
  qdev-hotplug: Don't check type of qdev_get_machine()

 hw/core/bus.c|  11 --
 hw/core/gpio.c   | 206 
 hw/core/qdev-hotplug-stubs.c |  44 +++
 hw/core/qdev-hotplug.c   |  64 ++
 hw/core/qdev.c   | 219 ---
 hw/core/Makefile.objs|   5 +-
 tests/Makefile.include   |   3 +-
 7 files changed, 320 insertions(+), 232 deletions(-)
 create mode 100644 hw/core/gpio.c
 create mode 100644 hw/core/qdev-hotplug-stubs.c
 create mode 100644 hw/core/qdev-hotplug.c

-- 
2.18.0.rc1.1.g3f1ff2140

[Qemu-devel] [PATCH 2/4] move qdev hotplug code to qdev-hotplug.c

[Eduardo Habkost]

The qdev hotplug code is used only in softmmu mode, so move it to
a separate file so we can eventually avoid compiling it in
user-only mode.

Signed-off-by: Eduardo Habkost 
---
 hw/core/bus.c  | 11 ---
 hw/core/qdev-hotplug.c | 69 ++
 hw/core/qdev.c | 35 -
 hw/core/Makefile.objs  |  2 +-
 4 files changed, 70 insertions(+), 47 deletions(-)
 create mode 100644 hw/core/qdev-hotplug.c

diff --git a/hw/core/bus.c b/hw/core/bus.c
index e09843f6ab..35e042416c 100644
--- a/hw/core/bus.c
+++ b/hw/core/bus.c
@@ -22,17 +22,6 @@
 #include "hw/qdev.h"
 #include "qapi/error.h"
 
-void qbus_set_hotplug_handler(BusState *bus, Object *handler, Error **errp)
-{
-object_property_set_link(OBJECT(bus), OBJECT(handler),
- QDEV_HOTPLUG_HANDLER_PROPERTY, errp);
-}
-
-void qbus_set_bus_hotplug_handler(BusState *bus, Error **errp)
-{
-qbus_set_hotplug_handler(bus, OBJECT(bus), errp);
-}
-
 int qbus_walk_children(BusState *bus,
qdev_walkerfn *pre_devfn, qbus_walkerfn *pre_busfn,
qdev_walkerfn *post_devfn, qbus_walkerfn *post_busfn,
diff --git a/hw/core/qdev-hotplug.c b/hw/core/qdev-hotplug.c
new file mode 100644
index 00..8ab31043a7
--- /dev/null
+++ b/hw/core/qdev-hotplug.c
@@ -0,0 +1,69 @@
+/*
+ * qdev and qbus hotplug helpers
+ *
+ *  Copyright (c) 2009 CodeSourcery
+ *
+ * This library is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public
+ * License as published by the Free Software Foundation; either
+ * version 2 of the License, or (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this library; if not, see .
+ */
+
+#include "qemu/osdep.h"
+#include "hw/qdev.h"
+#include "sysemu/sysemu.h"
+#include "hw/boards.h"
+
+void qbus_set_hotplug_handler(BusState *bus, Object *handler, Error **errp)
+{
+object_property_set_link(OBJECT(bus), OBJECT(handler),
+ QDEV_HOTPLUG_HANDLER_PROPERTY, errp);
+}
+
+void qbus_set_bus_hotplug_handler(BusState *bus, Error **errp)
+{
+qbus_set_hotplug_handler(bus, OBJECT(bus), errp);
+}
+
+HotplugHandler *qdev_get_machine_hotplug_handler(DeviceState *dev)
+{
+MachineState *machine;
+MachineClass *mc;
+Object *m_obj = qdev_get_machine();
+
+if (object_dynamic_cast(m_obj, TYPE_MACHINE)) {
+machine = MACHINE(m_obj);
+mc = MACHINE_GET_CLASS(machine);
+if (mc->get_hotplug_handler) {
+return mc->get_hotplug_handler(machine, dev);
+}
+}
+
+return NULL;
+}
+
+HotplugHandler *qdev_get_bus_hotplug_handler(DeviceState *dev)
+{
+if (dev->parent_bus) {
+return dev->parent_bus->hotplug_handler;
+}
+return NULL;
+}
+
+HotplugHandler *qdev_get_hotplug_handler(DeviceState *dev)
+{
+HotplugHandler *hotplug_ctrl = qdev_get_machine_hotplug_handler(dev);
+
+if (hotplug_ctrl == NULL && dev->parent_bus) {
+hotplug_ctrl = qdev_get_bus_hotplug_handler(dev);
+}
+return hotplug_ctrl;
+}
diff --git a/hw/core/qdev.c b/hw/core/qdev.c
index f73e7ded1a..3015da0ac9 100644
--- a/hw/core/qdev.c
+++ b/hw/core/qdev.c
@@ -219,41 +219,6 @@ void qdev_set_legacy_instance_id(DeviceState *dev, int 
alias_id,
 dev->alias_required_for_version = required_for_version;
 }
 
-HotplugHandler *qdev_get_machine_hotplug_handler(DeviceState *dev)
-{
-MachineState *machine;
-MachineClass *mc;
-Object *m_obj = qdev_get_machine();
-
-if (object_dynamic_cast(m_obj, TYPE_MACHINE)) {
-machine = MACHINE(m_obj);
-mc = MACHINE_GET_CLASS(machine);
-if (mc->get_hotplug_handler) {
-return mc->get_hotplug_handler(machine, dev);
-}
-}
-
-return NULL;
-}
-
-HotplugHandler *qdev_get_bus_hotplug_handler(DeviceState *dev)
-{
-if (dev->parent_bus) {
-return dev->parent_bus->hotplug_handler;
-}
-return NULL;
-}
-
-HotplugHandler *qdev_get_hotplug_handler(DeviceState *dev)
-{
-HotplugHandler *hotplug_ctrl = qdev_get_machine_hotplug_handler(dev);
-
-if (hotplug_ctrl == NULL && dev->parent_bus) {
-hotplug_ctrl = qdev_get_bus_hotplug_handler(dev);
-}
-return hotplug_ctrl;
-}
-
 static int qdev_reset_one(DeviceState *dev, void *opaque)
 {
 device_reset(dev);
diff --git a/hw/core/Makefile.objs b/hw/core/Makefile.objs
index 6789154807..9c4f953716 100644
--- a/hw/core/Makefile.objs
+++ b/hw/core/Makefile.objs
@@ -1,6 +1,6 @@
 # core qdev-related obj files, also used by *-user:
 common-obj-y += qdev.o qdev-properties.o

[Qemu-devel] [PATCH 4/4] qdev-hotplug: Don't check type of qdev_get_machine()

[Eduardo Habkost]

Now that qdev_get_machine_hotplug_handler() is only compiled in
softmmu mode, we don't need to check if qdev_gt_machine() is
really of type TYPE_MACHINE.

Signed-off-by: Eduardo Habkost 
---
 hw/core/qdev-hotplug.c | 13 -
 1 file changed, 4 insertions(+), 9 deletions(-)

diff --git a/hw/core/qdev-hotplug.c b/hw/core/qdev-hotplug.c
index 8ab31043a7..017500c1e1 100644
--- a/hw/core/qdev-hotplug.c
+++ b/hw/core/qdev-hotplug.c
@@ -35,16 +35,11 @@ void qbus_set_bus_hotplug_handler(BusState *bus, Error 
**errp)
 
 HotplugHandler *qdev_get_machine_hotplug_handler(DeviceState *dev)
 {
-MachineState *machine;
-MachineClass *mc;
-Object *m_obj = qdev_get_machine();
+MachineState *machine = MACHINE(qdev_get_machine());
+MachineClass *mc = MACHINE_GET_CLASS(machine);
 
-if (object_dynamic_cast(m_obj, TYPE_MACHINE)) {
-machine = MACHINE(m_obj);
-mc = MACHINE_GET_CLASS(machine);
-if (mc->get_hotplug_handler) {
-return mc->get_hotplug_handler(machine, dev);
-}
+if (mc->get_hotplug_handler) {
+return mc->get_hotplug_handler(machine, dev);
 }
 
 return NULL;
-- 
2.18.0.rc1.1.g3f1ff2140

[Qemu-devel] [PATCH 3/4] qdev: Don't compile hotplug code in user-mode emulation

[Eduardo Habkost]

Move qdev-hotplug.o and hotplug.o to CONFIG_SOFTMMU because the
code is not necessary for *-user.

Provide a few stubs in qdev-hotplug-stubs.c to replace
initialization functions that are called from qdev.c.

Signed-off-by: Eduardo Habkost 
---
 hw/core/qdev-hotplug-stubs.c | 44 
 hw/core/Makefile.objs|  6 +++--
 tests/Makefile.include   |  3 ++-
 3 files changed, 50 insertions(+), 3 deletions(-)
 create mode 100644 hw/core/qdev-hotplug-stubs.c

diff --git a/hw/core/qdev-hotplug-stubs.c b/hw/core/qdev-hotplug-stubs.c
new file mode 100644
index 00..c710f23388
--- /dev/null
+++ b/hw/core/qdev-hotplug-stubs.c
@@ -0,0 +1,44 @@
+/*
+ * qdev hotplug handler stubs (for user-mode emulation and unit tests)
+ *
+ *  Copyright (c) 2019 Red Hat Inc
+ *
+ * Authors:
+ *  Eduardo Habkost 
+ *
+ * This library is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public
+ * License as published by the Free Software Foundation; either
+ * version 2 of the License, or (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this library; if not, see .
+ */
+
+#include "qemu/osdep.h"
+#include "hw/qdev-core.h"
+#include "hw/hotplug.h"
+
+HotplugHandler *qdev_get_hotplug_handler(DeviceState *dev)
+{
+return NULL;
+}
+
+void hotplug_handler_pre_plug(HotplugHandler *plug_handler,
+  DeviceState *plugged_dev,
+  Error **errp)
+{
+assert(plug_handler == NULL);
+}
+
+void hotplug_handler_plug(HotplugHandler *plug_handler,
+  DeviceState *plugged_dev,
+  Error **errp)
+{
+assert(plug_handler == NULL);
+}
diff --git a/hw/core/Makefile.objs b/hw/core/Makefile.objs
index 9c4f953716..284fc306c5 100644
--- a/hw/core/Makefile.objs
+++ b/hw/core/Makefile.objs
@@ -1,11 +1,10 @@
 # core qdev-related obj files, also used by *-user:
 common-obj-y += qdev.o qdev-properties.o
-common-obj-y += bus.o reset.o qdev-hotplug.o
+common-obj-y += bus.o reset.o
 common-obj-$(CONFIG_SOFTMMU) += qdev-fw.o
 common-obj-$(CONFIG_SOFTMMU) += fw-path-provider.o
 # irq.o needed for qdev GPIO handling:
 common-obj-y += irq.o
-common-obj-y += hotplug.o
 common-obj-$(CONFIG_SOFTMMU) += nmi.o
 
 common-obj-$(CONFIG_EMPTY_SLOT) += empty_slot.o
@@ -13,6 +12,7 @@ common-obj-$(CONFIG_XILINX_AXI) += stream.o
 common-obj-$(CONFIG_PTIMER) += ptimer.o
 common-obj-$(CONFIG_SOFTMMU) += sysbus.o
 common-obj-$(CONFIG_SOFTMMU) += machine.o
+common-obj-$(CONFIG_SOFTMMU) += hotplug.o qdev-hotplug.o
 common-obj-$(CONFIG_SOFTMMU) += gpio.o
 common-obj-$(CONFIG_SOFTMMU) += loader.o
 common-obj-$(CONFIG_FITLOADER) += loader-fit.o
@@ -23,3 +23,5 @@ common-obj-$(CONFIG_SOFTMMU) += split-irq.o
 common-obj-$(CONFIG_PLATFORM_BUS) += platform-bus.o
 common-obj-$(CONFIG_SOFTMMU) += generic-loader.o
 common-obj-$(CONFIG_SOFTMMU) += null-machine.o
+
+common-obj-$(CONFIG_USER_ONLY) += qdev-hotplug-stubs.o
diff --git a/tests/Makefile.include b/tests/Makefile.include
index e2432d5e77..fd5e7e0c77 100644
--- a/tests/Makefile.include
+++ b/tests/Makefile.include
@@ -568,7 +568,8 @@ tests/fp/%:
$(MAKE) -C $(dir $@) $(notdir $@)
 
 tests/test-qdev-global-props$(EXESUF): tests/test-qdev-global-props.o \
-   hw/core/qdev.o hw/core/qdev-properties.o hw/core/hotplug.o\
+   hw/core/qdev.o hw/core/qdev-properties.o \
+   hw/core/qdev-hotplug-stubs.o \
hw/core/bus.o \
hw/core/irq.o \
hw/core/fw-path-provider.o \
-- 
2.18.0.rc1.1.g3f1ff2140

[Qemu-devel] [PATCH 1/4] machine: Move gpio code to hw/core/gpio.c

[Eduardo Habkost]

Only softmmu code uses gpio, so move gpio code from qdev.c to
gpio.c and compile it only on softmmu mode.

Signed-off-by: Eduardo Habkost 
---
 hw/core/gpio.c| 206 ++
 hw/core/qdev.c| 184 -
 hw/core/Makefile.objs |   1 +
 3 files changed, 207 insertions(+), 184 deletions(-)
 create mode 100644 hw/core/gpio.c

diff --git a/hw/core/gpio.c b/hw/core/gpio.c
new file mode 100644
index 00..2724b4d7e7
--- /dev/null
+++ b/hw/core/gpio.c
@@ -0,0 +1,206 @@
+/*
+ * qdev GPIO helpers
+ *
+ *  Copyright (c) 2009 CodeSourcery
+ *
+ * This library is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public
+ * License as published by the Free Software Foundation; either
+ * version 2 of the License, or (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this library; if not, see .
+ */
+
+#include "qemu/osdep.h"
+#include "hw/qdev.h"
+#include "qapi/error.h"
+
+static NamedGPIOList *qdev_get_named_gpio_list(DeviceState *dev,
+   const char *name)
+{
+NamedGPIOList *ngl;
+
+QLIST_FOREACH(ngl, >gpios, node) {
+/* NULL is a valid and matchable name, otherwise do a normal
+ * strcmp match.
+ */
+if ((!ngl->name && !name) ||
+(name && ngl->name && strcmp(name, ngl->name) == 0)) {
+return ngl;
+}
+}
+
+ngl = g_malloc0(sizeof(*ngl));
+ngl->name = g_strdup(name);
+QLIST_INSERT_HEAD(>gpios, ngl, node);
+return ngl;
+}
+
+void qdev_init_gpio_in_named_with_opaque(DeviceState *dev,
+ qemu_irq_handler handler,
+ void *opaque,
+ const char *name, int n)
+{
+int i;
+NamedGPIOList *gpio_list = qdev_get_named_gpio_list(dev, name);
+
+assert(gpio_list->num_out == 0 || !name);
+gpio_list->in = qemu_extend_irqs(gpio_list->in, gpio_list->num_in, handler,
+ opaque, n);
+
+if (!name) {
+name = "unnamed-gpio-in";
+}
+for (i = gpio_list->num_in; i < gpio_list->num_in + n; i++) {
+gchar *propname = g_strdup_printf("%s[%u]", name, i);
+
+object_property_add_child(OBJECT(dev), propname,
+  OBJECT(gpio_list->in[i]), _abort);
+g_free(propname);
+}
+
+gpio_list->num_in += n;
+}
+
+void qdev_init_gpio_in(DeviceState *dev, qemu_irq_handler handler, int n)
+{
+qdev_init_gpio_in_named(dev, handler, NULL, n);
+}
+
+void qdev_init_gpio_out_named(DeviceState *dev, qemu_irq *pins,
+  const char *name, int n)
+{
+int i;
+NamedGPIOList *gpio_list = qdev_get_named_gpio_list(dev, name);
+
+assert(gpio_list->num_in == 0 || !name);
+
+if (!name) {
+name = "unnamed-gpio-out";
+}
+memset(pins, 0, sizeof(*pins) * n);
+for (i = 0; i < n; ++i) {
+gchar *propname = g_strdup_printf("%s[%u]", name,
+  gpio_list->num_out + i);
+
+object_property_add_link(OBJECT(dev), propname, TYPE_IRQ,
+ (Object **)[i],
+ object_property_allow_set_link,
+ OBJ_PROP_LINK_STRONG,
+ _abort);
+g_free(propname);
+}
+gpio_list->num_out += n;
+}
+
+void qdev_init_gpio_out(DeviceState *dev, qemu_irq *pins, int n)
+{
+qdev_init_gpio_out_named(dev, pins, NULL, n);
+}
+
+qemu_irq qdev_get_gpio_in_named(DeviceState *dev, const char *name, int n)
+{
+NamedGPIOList *gpio_list = qdev_get_named_gpio_list(dev, name);
+
+assert(n >= 0 && n < gpio_list->num_in);
+return gpio_list->in[n];
+}
+
+qemu_irq qdev_get_gpio_in(DeviceState *dev, int n)
+{
+return qdev_get_gpio_in_named(dev, NULL, n);
+}
+
+void qdev_connect_gpio_out_named(DeviceState *dev, const char *name, int n,
+ qemu_irq pin)
+{
+char *propname = g_strdup_printf("%s[%d]",
+ name ? name : "unnamed-gpio-out", n);
+if (pin) {
+/* We need a name for object_property_set_link to work.  If the
+ * object has a parent, object_property_add_child will come back
+ * with an error without doing anything.  If it has none, it will
+ * never fail.  So we can just call it with a NULL Error pointer.
+ */
+

Re: [Qemu-devel] [PATCH 1/4] migration/savevm: remove duplicate check of migration_is_blocked

[Daniel Henrique Barboza]

On 4/23/19 9:46 PM, Wei Yang wrote:

Current call flow of save_snapshot is:

   save_snapshot
 migration_is_blocked
   qemu_savevm_state
 migration_is_blocked

Since qemu_savevm_state is only called in save_snapshot, this means
migration_is_blocked has been already checked.


I think it would be a nice touch to add a comment in qemu_savevm_state,
saying that the function must be called with migration_is_blocked()
context. Just in case someone else in the future ends up re-using the
function.


Other than that, +1 for less code duplication.


Reviewed-by: Daniel Henrique Barboza 






Signed-off-by: Wei Yang 
---
  migration/savevm.c | 4 
  1 file changed, 4 deletions(-)

diff --git a/migration/savevm.c b/migration/savevm.c
index 92af2471cd..2eea604624 100644
--- a/migration/savevm.c
+++ b/migration/savevm.c
@@ -1412,10 +1412,6 @@ static int qemu_savevm_state(QEMUFile *f, Error **errp)
  return -EINVAL;
  }
  
-if (migration_is_blocked(errp)) {

-return -EINVAL;
-}
-
  if (migrate_use_block()) {
  error_setg(errp, "Block migration and snapshots are incompatible");
  return -EINVAL;

Re: [Qemu-devel] [PATCH] target/riscv: Remove unused include of riscv_htif.h for virt board

[Palmer Dabbelt]

On Wed, 10 Apr 2019 09:29:11 PDT (-0700), finte...@gmail.com wrote:

Unless I'm missing something, the virt board doesn't support HTIF and
should not be including this header.

Jonathan

Signed-off-by: Jonathan Behrens 
---
 hw/riscv/virt.c | 1 -
 1 file changed, 1 deletion(-)

diff --git a/hw/riscv/virt.c b/hw/riscv/virt.c
index fc4c6b306e..3526463034 100644
--- a/hw/riscv/virt.c
+++ b/hw/riscv/virt.c
@@ -29,7 +29,6 @@
 #include "hw/sysbus.h"
 #include "hw/char/serial.h"
 #include "target/riscv/cpu.h"
-#include "hw/riscv/riscv_htif.h"
 #include "hw/riscv/riscv_hart.h"
 #include "hw/riscv/sifive_plic.h"
 #include "hw/riscv/sifive_clint.h"


Thanks!

[Qemu-devel] [PULL 3/4] Categorize devices: iommu

[Eduardo Habkost]

From: Ernest Esene 

Set category and description for iommu devices.

Signed-off-by: Ernest Esene 
Message-Id: <20190327170518.GA16887@erokenlabserver>
Reviewed-by: Eduardo Habkost 
[ehabkost: edited commit message]
Signed-off-by: Eduardo Habkost 
---
 hw/i386/amd_iommu.c   | 2 ++
 hw/i386/intel_iommu.c | 2 ++
 2 files changed, 4 insertions(+)

diff --git a/hw/i386/amd_iommu.c b/hw/i386/amd_iommu.c
index 6eabdf9917..4a4e2c7fd4 100644
--- a/hw/i386/amd_iommu.c
+++ b/hw/i386/amd_iommu.c
@@ -1601,6 +1601,8 @@ static void amdvi_class_init(ObjectClass *klass, void* 
data)
 dc_class->int_remap = amdvi_int_remap;
 /* Supported by the pc-q35-* machine types */
 dc->user_creatable = true;
+set_bit(DEVICE_CATEGORY_MISC, dc->categories);
+dc->desc = "AMD IOMMU (AMD-Vi) DMA Remapping device";
 }
 
 static const TypeInfo amdvi = {
diff --git a/hw/i386/intel_iommu.c b/hw/i386/intel_iommu.c
index 2558f48fe6..44b1231157 100644
--- a/hw/i386/intel_iommu.c
+++ b/hw/i386/intel_iommu.c
@@ -3741,6 +3741,8 @@ static void vtd_class_init(ObjectClass *klass, void *data)
 x86_class->int_remap = vtd_int_remap;
 /* Supported by the pc-q35-* machine types */
 dc->user_creatable = true;
+set_bit(DEVICE_CATEGORY_MISC, dc->categories);
+dc->desc = "Intel IOMMU (VT-d) DMA Remapping device";
 }
 
 static const TypeInfo vtd_info = {
-- 
2.18.0.rc1.1.g3f1ff2140

[Qemu-devel] [PULL 1/4] i386: Add new Hygon 'Dhyana' CPU model

[Eduardo Habkost]

From: Pu Wen 

Add a new base CPU model called 'Dhyana' to model processors from Hygon
Dhyana(family 18h), which derived from AMD EPYC(family 17h).

The following features bits have been removed compare to AMD EPYC:
aes, pclmulqdq, sha_ni

The Hygon Dhyana support to KVM in Linux is already accepted upstream[1].
So add Hygon Dhyana support to Qemu is necessary to create Hygon's own
CPU model.

Reference:
[1] https://git.kernel.org/tip/fec98069fb72fb656304a3e52265e0c2fc9adf87

Signed-off-by: Pu Wen 
Message-Id: <1555416373-28690-1-git-send-email-pu...@hygon.cn>
Reviewed-by: Daniel P. Berrangé 
Signed-off-by: Eduardo Habkost 
---
 target/i386/cpu.h |  2 ++
 target/i386/cpu.c | 50 +++
 2 files changed, 52 insertions(+)

diff --git a/target/i386/cpu.h b/target/i386/cpu.h
index 828067bd1c..0128910661 100644
--- a/target/i386/cpu.h
+++ b/target/i386/cpu.h
@@ -726,6 +726,8 @@ typedef uint32_t FeatureWordArray[FEATURE_WORDS];
 
 #define CPUID_VENDOR_VIA   "CentaurHauls"
 
+#define CPUID_VENDOR_HYGON"HygonGenuine"
+
 #define CPUID_MWAIT_IBE (1U << 1) /* Interrupts can exit capability */
 #define CPUID_MWAIT_EMX (1U << 0) /* enumeration supported */
 
diff --git a/target/i386/cpu.c b/target/i386/cpu.c
index e1687f7547..d92b0f6fcc 100644
--- a/target/i386/cpu.c
+++ b/target/i386/cpu.c
@@ -2935,6 +2935,56 @@ static X86CPUDefinition builtin_x86_defs[] = {
 .model_id = "AMD EPYC Processor (with IBPB)",
 .cache_info = _cache_info,
 },
+{
+.name = "Dhyana",
+.level = 0xd,
+.vendor = CPUID_VENDOR_HYGON,
+.family = 24,
+.model = 0,
+.stepping = 1,
+.features[FEAT_1_EDX] =
+CPUID_SSE2 | CPUID_SSE | CPUID_FXSR | CPUID_MMX | CPUID_CLFLUSH |
+CPUID_PSE36 | CPUID_PAT | CPUID_CMOV | CPUID_MCA | CPUID_PGE |
+CPUID_MTRR | CPUID_SEP | CPUID_APIC | CPUID_CX8 | CPUID_MCE |
+CPUID_PAE | CPUID_MSR | CPUID_TSC | CPUID_PSE | CPUID_DE |
+CPUID_VME | CPUID_FP87,
+.features[FEAT_1_ECX] =
+CPUID_EXT_RDRAND | CPUID_EXT_F16C | CPUID_EXT_AVX |
+CPUID_EXT_XSAVE | CPUID_EXT_POPCNT |
+CPUID_EXT_MOVBE | CPUID_EXT_SSE42 | CPUID_EXT_SSE41 |
+CPUID_EXT_CX16 | CPUID_EXT_FMA | CPUID_EXT_SSSE3 |
+CPUID_EXT_MONITOR | CPUID_EXT_SSE3,
+.features[FEAT_8000_0001_EDX] =
+CPUID_EXT2_LM | CPUID_EXT2_RDTSCP | CPUID_EXT2_PDPE1GB |
+CPUID_EXT2_FFXSR | CPUID_EXT2_MMXEXT | CPUID_EXT2_NX |
+CPUID_EXT2_SYSCALL,
+.features[FEAT_8000_0001_ECX] =
+CPUID_EXT3_OSVW | CPUID_EXT3_3DNOWPREFETCH |
+CPUID_EXT3_MISALIGNSSE | CPUID_EXT3_SSE4A | CPUID_EXT3_ABM |
+CPUID_EXT3_CR8LEG | CPUID_EXT3_SVM | CPUID_EXT3_LAHF_LM |
+CPUID_EXT3_TOPOEXT,
+.features[FEAT_8000_0008_EBX] =
+CPUID_8000_0008_EBX_IBPB,
+.features[FEAT_7_0_EBX] =
+CPUID_7_0_EBX_FSGSBASE | CPUID_7_0_EBX_BMI1 | CPUID_7_0_EBX_AVX2 |
+CPUID_7_0_EBX_SMEP | CPUID_7_0_EBX_BMI2 | CPUID_7_0_EBX_RDSEED |
+CPUID_7_0_EBX_ADX | CPUID_7_0_EBX_SMAP | CPUID_7_0_EBX_CLFLUSHOPT,
+/*
+ * Missing: XSAVES (not supported by some Linux versions,
+ * including v4.1 to v4.12).
+ * KVM doesn't yet expose any XSAVES state save component.
+ */
+.features[FEAT_XSAVE] =
+CPUID_XSAVE_XSAVEOPT | CPUID_XSAVE_XSAVEC |
+CPUID_XSAVE_XGETBV1,
+.features[FEAT_6_EAX] =
+CPUID_6_EAX_ARAT,
+.features[FEAT_SVM] =
+CPUID_SVM_NPT | CPUID_SVM_NRIPSAVE,
+.xlevel = 0x801E,
+.model_id = "Hygon Dhyana Processor",
+.cache_info = _cache_info,
+},
 };
 
 typedef struct PropValue {
-- 
2.18.0.rc1.1.g3f1ff2140

[Qemu-devel] [PULL 2/4] Categorize devices: IGD passthrough ISA bridge

[Eduardo Habkost]

From: Ernest Esene 

Set category for the device.

Signed-off-by: Ernest Esene 
Message-Id: <20190327133714.GA9329@erokenlabserver>
Reviewed-by: Eduardo Habkost 
[ehabkost: edited commit message]
Signed-off-by: Eduardo Habkost 
---
 hw/i386/pc_piix.c | 1 +
 1 file changed, 1 insertion(+)

diff --git a/hw/i386/pc_piix.c b/hw/i386/pc_piix.c
index 8ad8e885c6..03a9cb8af3 100644
--- a/hw/i386/pc_piix.c
+++ b/hw/i386/pc_piix.c
@@ -911,6 +911,7 @@ static void isa_bridge_class_init(ObjectClass *klass, void 
*data)
 PCIDeviceClass *k = PCI_DEVICE_CLASS(klass);
 
 dc->desc= "ISA bridge faked to support IGD PT";
+set_bit(DEVICE_CATEGORY_BRIDGE, dc->categories);
 k->vendor_id= PCI_VENDOR_ID_INTEL;
 k->class_id = PCI_CLASS_BRIDGE_ISA;
 };
-- 
2.18.0.rc1.1.g3f1ff2140

[Qemu-devel] [PULL 4/4] Pass through cache information for TOPOEXT CPUs

[Eduardo Habkost]

From: Stanislav Lanci 

Signed-off-by: Stanislav Lanci 
Message-Id: <20190416123833.60649-1-p...@polepetko.eu>
[ehabkost: removed redundant comment line]
Signed-off-by: Eduardo Habkost 
---
 target/i386/cpu.c | 4 
 1 file changed, 4 insertions(+)

diff --git a/target/i386/cpu.c b/target/i386/cpu.c
index d92b0f6fcc..722c5514d4 100644
--- a/target/i386/cpu.c
+++ b/target/i386/cpu.c
@@ -4591,6 +4591,10 @@ void cpu_x86_cpuid(CPUX86State *env, uint32_t index, 
uint32_t count,
 break;
 case 0x801D:
 *eax = 0;
+if (cpu->cache_info_passthrough) {
+host_cpuid(index, count, eax, ebx, ecx, edx);
+break;
+}
 switch (count) {
 case 0: /* L1 dcache info */
 encode_cache_cpuid801d(env->cache_info_amd.l1d_cache, cs,
-- 
2.18.0.rc1.1.g3f1ff2140

[Qemu-devel] [PULL 0/4] x86 queue, 2019-04-25

[Eduardo Habkost]

The following changes since commit 3284aa128153750f14a61e8a96fd085e6f2999b6:

  Merge remote-tracking branch 'remotes/lersek/tags/edk2-pull-2019-04-22' into 
staging (2019-04-24 13:19:41 +0100)

are available in the Git repository at:

  git://github.com/ehabkost/qemu.git tags/x86-next-pull-request

for you to fetch changes up to a4e0b436f44a4bb47ed4a75b0c05d2547cf12b1c:

  Pass through cache information for TOPOEXT CPUs (2019-04-25 14:52:28 -0300)


x86 queue, 2019-04-25

* Hygon Dhyana CPU model (Pu Wen)
* Categorize a few devices in hw/i386 (Ernest Esene)
* Support host-cache-info on TOPOEXT CPUID leaf (Stanislav Lanci)



Ernest Esene (2):
  Categorize devices: IGD passthrough ISA bridge
  Categorize devices: iommu

Pu Wen (1):
  i386: Add new Hygon 'Dhyana' CPU model

Stanislav Lanci (1):
  Pass through cache information for TOPOEXT CPUs

 target/i386/cpu.h |  2 ++
 hw/i386/amd_iommu.c   |  2 ++
 hw/i386/intel_iommu.c |  2 ++
 hw/i386/pc_piix.c |  1 +
 target/i386/cpu.c | 54 +++
 5 files changed, 61 insertions(+)

-- 
2.18.0.rc1.1.g3f1ff2140

Re: [Qemu-devel] [PATCH 0/5] tests/vm: Python 3, improve image caching, and misc

[Wainer dos Santos Moschetta]

Hi Laszlo,


On 04/24/2019 06:07 AM, Laszlo Ersek wrote:

Hello Wainer,

(answering because I dislike ignoring emails without giving any feedback:)


I appreciated that! thanks!



On 04/23/19 21:28, Wainer dos Santos Moschetta wrote:

Ping. More reviews needed.

I've already got Philippe's reviewed-by, thanks!

I'm going to skip this one. According to "scripts/get_maintainer.pl", an
ACK from either Alex or Fam should suffice. (They could also decide to
queue your set with Phil's R-b, who's a designated reviewer on this topic.)


Yes, that's ok.

I'm CC'ing you because the fix on patch 3/5 has origin on a discussion 
on your series ...


[PATCH for-4.1 v3 00/12] bundle edk2 platform firmware with QEMU

... see at https://www.mail-archive.com/qemu-devel@nongnu.org/msg606796.html

Sorry, failed to explain the context when I sent this series.

Thanks!

- Wainer



Thanks
Laszlo


On 03/29/2019 06:07 PM, Wainer dos Santos Moschetta wrote:

Hi all!

This series bundles the support to Python3, improvement to image
caching, and miscellaneous changes for the vm-test (`make vm-build-*`).

Git tree: http://github.com/wainersm/qemu
Branch: vm_test_python3_and_misc
Travis: https://travis-ci.org/wainersm/qemu/builds/513220300

Below you can find some general comments.

Patch 01:
Uses python configured at build, although vm-test can be executed from
the code tree (see docs/devel/testing.rst) too. In this case $(PYTHON)
will be empty and it picks python pointed by the script's shebang, as
a result failing on Python 3 only Linux distros.

Patch 02:
Ported based.py to work with Python 3 (kept Python 2 compatibility).
Fixed the follow errors:
    - Raising "TypeError: Unicode-objects must be encoded before
hashing" exception by hashlib.sha1().
    - get_default_jobs() is used to set the vm cpus, but it was
returning an invalid float number.
    - On check_sha256sum(), subprocess.check_output() returns bytes so
that string comparison was failing.

Patch 03:
Implemented a simple mechanism to detect the image file changed on
http://download.patchew.org, as discussed in
https://www.mail-archive.com/qemu-devel@nongnu.org/msg607839.html. I
didn't implement the '--force' option that Paolo suggested, because it
would require a major refactoring (technically the vm implementation
decides whether use the cache or not). My intention is to keep the
script as simple as possible, so IMO, if the image file changed on the
server then it should equally be updated the checksum on QEMU's side.

Patch 04:
Default network (NETWORK=1) backend is enough to have the docker-based
tests run properly. Note: `make docker-test-block@centos7` is broken
inside the CentOS VM and apparently on my host (Fedora 29 x86_64) too.

Wainer dos Santos Moschetta (5):
    tests/vm: Use python configured on build
    tests/vm: Port basevm to Python 3
    tests/vm: Detect the image changed on server
    tests/vm: Fix build-centos docker-based tests run
    tests/vm: Add missing variables on help

   tests/vm/Makefile.include | 12 
   tests/vm/basevm.py    | 39 ++-
   tests/vm/centos   |  6 +++---
   3 files changed, 45 insertions(+), 12 deletions(-)

[Qemu-devel] [PULL 08/11] util/mmap-alloc: Add a 'is_pmem' parameter to qemu_ram_mmap

[Eduardo Habkost]

From: Zhang Yi 

besides the existing 'shared' flags, we are going to add
'is_pmem' to qemu_ram_mmap(), which indicated the memory backend
file is a persist memory.

Signed-off-by: Haozhong Zhang 
Signed-off-by: Zhang Yi 
Reviewed-by: Pankaj Gupta 
Message-Id: 
<786c46862cfeb253ee0ea2f44d62ffe76edb7fa4.154921.git.yi.z.zh...@linux.intel.com>
Reviewed-by: Michael S. Tsirkin 
Reviewed-by: Pankaj Gupta 
Signed-off-by: Eduardo Habkost 
---
 include/qemu/mmap-alloc.h | 21 -
 exec.c|  2 +-
 util/mmap-alloc.c |  6 +-
 util/oslib-posix.c|  2 +-
 4 files changed, 27 insertions(+), 4 deletions(-)

diff --git a/include/qemu/mmap-alloc.h b/include/qemu/mmap-alloc.h
index ef04f0ed5b..eec98d82c1 100644
--- a/include/qemu/mmap-alloc.h
+++ b/include/qemu/mmap-alloc.h
@@ -7,7 +7,26 @@ size_t qemu_fd_getpagesize(int fd);
 
 size_t qemu_mempath_getpagesize(const char *mem_path);
 
-void *qemu_ram_mmap(int fd, size_t size, size_t align, bool shared);
+/**
+ * qemu_ram_mmap: mmap the specified file or device.
+ *
+ * Parameters:
+ *  @fd: the file or the device to mmap
+ *  @size: the number of bytes to be mmaped
+ *  @align: if not zero, specify the alignment of the starting mapping address;
+ *  otherwise, the alignment in use will be determined by QEMU.
+ *  @shared: map has RAM_SHARED flag.
+ *  @is_pmem: map has RAM_PMEM flag.
+ *
+ * Return:
+ *  On success, return a pointer to the mapped area.
+ *  On failure, return MAP_FAILED.
+ */
+void *qemu_ram_mmap(int fd,
+size_t size,
+size_t align,
+bool shared,
+bool is_pmem);
 
 void qemu_ram_munmap(int fd, void *ptr, size_t size);
 
diff --git a/exec.c b/exec.c
index f7f3cdbf4a..aa07432929 100644
--- a/exec.c
+++ b/exec.c
@@ -1883,7 +1883,7 @@ static void *file_ram_alloc(RAMBlock *block,
 }
 
 area = qemu_ram_mmap(fd, memory, block->mr->align,
- block->flags & RAM_SHARED);
+ block->flags & RAM_SHARED, block->flags & RAM_PMEM);
 if (area == MAP_FAILED) {
 error_setg_errno(errp, errno,
  "unable to map backing store for guest RAM");
diff --git a/util/mmap-alloc.c b/util/mmap-alloc.c
index 8565885420..9713f4b960 100644
--- a/util/mmap-alloc.c
+++ b/util/mmap-alloc.c
@@ -75,7 +75,11 @@ size_t qemu_mempath_getpagesize(const char *mem_path)
 return getpagesize();
 }
 
-void *qemu_ram_mmap(int fd, size_t size, size_t align, bool shared)
+void *qemu_ram_mmap(int fd,
+size_t size,
+size_t align,
+bool shared,
+bool is_pmem)
 {
 int flags;
 int guardfd;
diff --git a/util/oslib-posix.c b/util/oslib-posix.c
index 88dda9cd39..d97b1717d5 100644
--- a/util/oslib-posix.c
+++ b/util/oslib-posix.c
@@ -203,7 +203,7 @@ void *qemu_memalign(size_t alignment, size_t size)
 void *qemu_anon_ram_alloc(size_t size, uint64_t *alignment, bool shared)
 {
 size_t align = QEMU_VMALLOC_ALIGN;
-void *ptr = qemu_ram_mmap(-1, size, align, shared);
+void *ptr = qemu_ram_mmap(-1, size, align, shared, false);
 
 if (ptr == MAP_FAILED) {
 return NULL;
-- 
2.18.0.rc1.1.g3f1ff2140

Re: [Qemu-devel] [PATCH] Revert "armv7m: Guard against no -kernel argument"

[Philippe Mathieu-Daudé]

Hi Peter, Stefan,

On 1/4/19 4:16 PM, Peter Maydell wrote:
> On Thu, 3 Jan 2019 at 14:41, Stefan Hajnoczi  wrote:
>>
>> This reverts commit 01fd41ab3fb69971c24a69ed49cde96086d81278.
>>
>> The generic loader device (-device loader,file=kernel.bin) can be used
>> to load a kernel instead of the -kernel option.  Some boards have flash
>> memory (pflash) that is set via the -pflash or -drive options.
>>
>> Allow starting QEMU without the -kernel option to accommodate these
>> scenarios.
>>
>> Suggested-by: Peter Maydell 
>> Signed-off-by: Stefan Hajnoczi 

Previous to this commit (v3.1), we have:

$ qemu-system-aarch64 -M netduino2
qemu-system-aarch64: Guest image must be specified (using -kernel)

Now (v4.0) we get:

$ qemu-system-aarch64 -M netduino2
qemu: fatal: Lockup: can't escalate 3 to HardFault (current priority -1)

R00= R01= R02= R03=
R04= R05= R06= R07=
R08= R09= R10= R11=
R12= R13=ffe0 R14=fff9 R15=
XPSR=4003 -Z-- A handler
FPSCR: 
Aborted (core dumped)

This is confusing.

(same happens with emcraft-sf2, microbit, musca-*)

Regards,

Phil.

[Qemu-devel] [PULL 06/11] cpu: Rename parse_cpu_model() to parse_cpu_option()

[Eduardo Habkost]

The "model[,option...]" string parsed by the function is not just
a CPU model.  Rename the function and its argument to indicate it
expects the full "-cpu" option to be provided.

Signed-off-by: Eduardo Habkost 
Message-Id: <20190417025944.16154-2-ehabk...@redhat.com>
Reviewed-by: David Gibson 
Reviewed-by: Markus Armbruster 
Reviewed-by: Igor Mammedov 
Signed-off-by: Eduardo Habkost 
---
 include/qom/cpu.h |  6 +++---
 bsd-user/main.c   |  2 +-
 exec.c|  4 ++--
 linux-user/main.c |  2 +-
 vl.c  | 18 +-
 5 files changed, 16 insertions(+), 16 deletions(-)

diff --git a/include/qom/cpu.h b/include/qom/cpu.h
index e9bec3a5bc..08abcbd3fe 100644
--- a/include/qom/cpu.h
+++ b/include/qom/cpu.h
@@ -681,15 +681,15 @@ ObjectClass *cpu_class_by_name(const char *typename, 
const char *cpu_model);
 CPUState *cpu_create(const char *typename);
 
 /**
- * parse_cpu_model:
- * @cpu_model: The model string including optional parameters.
+ * parse_cpu_option:
+ * @cpu_option: The -cpu option including optional parameters.
  *
  * processes optional parameters and registers them as global properties
  *
  * Returns: type of CPU to create or prints error and terminates process
  *  if an error occurred.
  */
-const char *parse_cpu_model(const char *cpu_model);
+const char *parse_cpu_option(const char *cpu_option);
 
 /**
  * cpu_has_work:
diff --git a/bsd-user/main.c b/bsd-user/main.c
index a8c807e8df..6192e9d91e 100644
--- a/bsd-user/main.c
+++ b/bsd-user/main.c
@@ -905,7 +905,7 @@ int main(int argc, char **argv)
 /* init tcg before creating CPUs and to get qemu_host_page_size */
 tcg_exec_init(0);
 
-cpu_type = parse_cpu_model(cpu_model);
+cpu_type = parse_cpu_option(cpu_model);
 cpu = cpu_create(cpu_type);
 env = cpu->env_ptr;
 #if defined(TARGET_SPARC) || defined(TARGET_PPC)
diff --git a/exec.c b/exec.c
index 2646207661..08f6cafcbc 100644
--- a/exec.c
+++ b/exec.c
@@ -983,14 +983,14 @@ void cpu_exec_realizefn(CPUState *cpu, Error **errp)
 #endif
 }
 
-const char *parse_cpu_model(const char *cpu_model)
+const char *parse_cpu_option(const char *cpu_option)
 {
 ObjectClass *oc;
 CPUClass *cc;
 gchar **model_pieces;
 const char *cpu_type;
 
-model_pieces = g_strsplit(cpu_model, ",", 2);
+model_pieces = g_strsplit(cpu_option, ",", 2);
 
 oc = cpu_class_by_name(CPU_RESOLVING_TYPE, model_pieces[0]);
 if (oc == NULL) {
diff --git a/linux-user/main.c b/linux-user/main.c
index 17387166ab..3d2230320b 100644
--- a/linux-user/main.c
+++ b/linux-user/main.c
@@ -662,7 +662,7 @@ int main(int argc, char **argv, char **envp)
 if (cpu_model == NULL) {
 cpu_model = cpu_get_model(get_elf_eflags(execfd));
 }
-cpu_type = parse_cpu_model(cpu_model);
+cpu_type = parse_cpu_option(cpu_model);
 
 /* init tcg before creating CPUs and to get qemu_host_page_size */
 tcg_exec_init(0);
diff --git a/vl.c b/vl.c
index 4c794f2bf6..4019a4387d 100644
--- a/vl.c
+++ b/vl.c
@@ -2989,7 +2989,7 @@ int main(int argc, char **argv, char **envp)
 const char *optarg;
 const char *loadvm = NULL;
 MachineClass *machine_class;
-const char *cpu_model;
+const char *cpu_option;
 const char *vga_model = NULL;
 const char *qtest_chrdev = NULL;
 const char *qtest_log = NULL;
@@ -3068,7 +3068,7 @@ int main(int argc, char **argv, char **envp)
 QLIST_INIT (_change_state_head);
 os_setup_early_signal_handling();
 
-cpu_model = NULL;
+cpu_option = NULL;
 snapshot = 0;
 
 nb_nics = 0;
@@ -3120,7 +3120,7 @@ int main(int argc, char **argv, char **envp)
 switch(popt->index) {
 case QEMU_OPTION_cpu:
 /* hw initialization will check this */
-cpu_model = optarg;
+cpu_option = optarg;
 break;
 case QEMU_OPTION_hda:
 case QEMU_OPTION_hdb:
@@ -4037,8 +4037,8 @@ int main(int argc, char **argv, char **envp)
 qemu_set_hw_version(machine_class->hw_version);
 }
 
-if (cpu_model && is_help_option(cpu_model)) {
-list_cpus(cpu_model);
+if (cpu_option && is_help_option(cpu_option)) {
+list_cpus(cpu_option);
 exit(0);
 }
 
@@ -4286,9 +4286,9 @@ int main(int argc, char **argv, char **envp)
  * Global properties get set up by qdev_prop_register_global(),
  * called from user_register_global_props(), and certain option
  * desugaring.  Also in CPU feature desugaring (buried in
- * parse_cpu_model()), which happens below this point, but may
+ * parse_cpu_option()), which happens below this point, but may
  * only target the CPU type, which can only be created after
- * parse_cpu_model() returned the type.
+ * parse_cpu_option() returned the type.
  *
  * Machine compat properties: object_set_machine_compat_props().
  * Accelerator compat props: object_set_accelerator_compat_props(),
@@ -4452,8 +4452,8 @@ int 

[Qemu-devel] [PULL 10/11] linux-headers: add linux/mman.h.

[Eduardo Habkost]

From: Zhang Yi 

Update it to 4.20-rc1

Signed-off-by: Zhang Yi 
Message-Id: 

Signed-off-by: Eduardo Habkost 
---
 linux-headers/asm-arm/mman.h   |   4 +
 linux-headers/asm-arm64/mman.h |   1 +
 linux-headers/asm-generic/hugetlb_encode.h |  36 +++
 linux-headers/asm-generic/mman-common.h|  77 +++
 linux-headers/asm-generic/mman.h   |  24 +
 linux-headers/asm-mips/mman.h  | 108 +
 linux-headers/asm-powerpc/mman.h   |  39 
 linux-headers/asm-s390/mman.h  |   1 +
 linux-headers/asm-x86/mman.h   |  31 ++
 linux-headers/linux/mman.h |  38 
 10 files changed, 359 insertions(+)
 create mode 100644 linux-headers/asm-arm/mman.h
 create mode 100644 linux-headers/asm-arm64/mman.h
 create mode 100644 linux-headers/asm-generic/hugetlb_encode.h
 create mode 100644 linux-headers/asm-generic/mman-common.h
 create mode 100644 linux-headers/asm-generic/mman.h
 create mode 100644 linux-headers/asm-mips/mman.h
 create mode 100644 linux-headers/asm-powerpc/mman.h
 create mode 100644 linux-headers/asm-s390/mman.h
 create mode 100644 linux-headers/asm-x86/mman.h
 create mode 100644 linux-headers/linux/mman.h

diff --git a/linux-headers/asm-arm/mman.h b/linux-headers/asm-arm/mman.h
new file mode 100644
index 00..41f99c573b
--- /dev/null
+++ b/linux-headers/asm-arm/mman.h
@@ -0,0 +1,4 @@
+#include 
+
+#define arch_mmap_check(addr, len, flags) \
+   (((flags) & MAP_FIXED && (addr) < FIRST_USER_ADDRESS) ? -EINVAL : 0)
diff --git a/linux-headers/asm-arm64/mman.h b/linux-headers/asm-arm64/mman.h
new file mode 100644
index 00..8eebf89f5a
--- /dev/null
+++ b/linux-headers/asm-arm64/mman.h
@@ -0,0 +1 @@
+#include 
diff --git a/linux-headers/asm-generic/hugetlb_encode.h 
b/linux-headers/asm-generic/hugetlb_encode.h
new file mode 100644
index 00..b0f8e87235
--- /dev/null
+++ b/linux-headers/asm-generic/hugetlb_encode.h
@@ -0,0 +1,36 @@
+#ifndef _ASM_GENERIC_HUGETLB_ENCODE_H_
+#define _ASM_GENERIC_HUGETLB_ENCODE_H_
+
+/*
+ * Several system calls take a flag to request "hugetlb" huge pages.
+ * Without further specification, these system calls will use the
+ * system's default huge page size.  If a system supports multiple
+ * huge page sizes, the desired huge page size can be specified in
+ * bits [26:31] of the flag arguments.  The value in these 6 bits
+ * will encode the log2 of the huge page size.
+ *
+ * The following definitions are associated with this huge page size
+ * encoding in flag arguments.  System call specific header files
+ * that use this encoding should include this file.  They can then
+ * provide definitions based on these with their own specific prefix.
+ * for example:
+ * #define MAP_HUGE_SHIFT HUGETLB_FLAG_ENCODE_SHIFT
+ */
+
+#define HUGETLB_FLAG_ENCODE_SHIFT  26
+#define HUGETLB_FLAG_ENCODE_MASK   0x3f
+
+#define HUGETLB_FLAG_ENCODE_64KB   (16 << HUGETLB_FLAG_ENCODE_SHIFT)
+#define HUGETLB_FLAG_ENCODE_512KB  (19 << HUGETLB_FLAG_ENCODE_SHIFT)
+#define HUGETLB_FLAG_ENCODE_1MB(20 << 
HUGETLB_FLAG_ENCODE_SHIFT)
+#define HUGETLB_FLAG_ENCODE_2MB(21 << 
HUGETLB_FLAG_ENCODE_SHIFT)
+#define HUGETLB_FLAG_ENCODE_8MB(23 << 
HUGETLB_FLAG_ENCODE_SHIFT)
+#define HUGETLB_FLAG_ENCODE_16MB   (24 << HUGETLB_FLAG_ENCODE_SHIFT)
+#define HUGETLB_FLAG_ENCODE_32MB   (25 << HUGETLB_FLAG_ENCODE_SHIFT)
+#define HUGETLB_FLAG_ENCODE_256MB  (28 << HUGETLB_FLAG_ENCODE_SHIFT)
+#define HUGETLB_FLAG_ENCODE_512MB  (29 << HUGETLB_FLAG_ENCODE_SHIFT)
+#define HUGETLB_FLAG_ENCODE_1GB(30 << 
HUGETLB_FLAG_ENCODE_SHIFT)
+#define HUGETLB_FLAG_ENCODE_2GB(31 << 
HUGETLB_FLAG_ENCODE_SHIFT)
+#define HUGETLB_FLAG_ENCODE_16GB   (34 << HUGETLB_FLAG_ENCODE_SHIFT)
+
+#endif /* _ASM_GENERIC_HUGETLB_ENCODE_H_ */
diff --git a/linux-headers/asm-generic/mman-common.h 
b/linux-headers/asm-generic/mman-common.h
new file mode 100644
index 00..e7ee32861d
--- /dev/null
+++ b/linux-headers/asm-generic/mman-common.h
@@ -0,0 +1,77 @@
+/* SPDX-License-Identifier: GPL-2.0 WITH Linux-syscall-note */
+#ifndef __ASM_GENERIC_MMAN_COMMON_H
+#define __ASM_GENERIC_MMAN_COMMON_H
+
+/*
+ Author: Michael S. Tsirkin , Mellanox Technologies Ltd.
+ Based on: asm-xxx/mman.h
+*/
+
+#define PROT_READ  0x1 /* page can be read */
+#define PROT_WRITE 0x2 /* page can be written */
+#define PROT_EXEC  0x4 /* page can be executed */
+#define PROT_SEM   0x8 /* page may be used for atomic ops */
+#define PROT_NONE  0x0 /* page can not be accessed */
+#define PROT_GROWSDOWN 0x0100  /* mprotect flag: extend change to 
start of growsdown vma */
+#define PROT_GROWSUP   0x0200  /* mprotect flag: extend change to end 
of growsup vma */
+
+#define MAP_SHARED 0x01/* Share changes */
+#define 

[Qemu-devel] [PULL 11/11] util/mmap-alloc: support MAP_SYNC in qemu_ram_mmap()

[Eduardo Habkost]

From: Zhang Yi 

When a file supporting DAX is used as vNVDIMM backend, mmap it with
MAP_SYNC flag in addition which can ensure file system metadata
synced in each guest writes to the backend file, without other QEMU
actions (e.g., periodic fsync() by QEMU).

Current, We have below different possible use cases:

1. pmem=on is set, shared=on is set, MAP_SYNC supported:
   a: backend is a dax supporting file.
- MAP_SYNC will active.
   b: backend is not a dax supporting file.
- mmap will trigger a warning. then MAP_SYNC flag will be ignored

2. The rest of cases:
   - we will never pass the MAP_SYNC to mmap2

Signed-off-by: Haozhong Zhang 
Signed-off-by: Zhang Yi 
[ehabkost: Rebased patch to latest code on master]
Signed-off-by: Eduardo Habkost 
Signed-off-by: Wei Yang 
Tested-by: Wei Yang 
Message-Id: <20190422004849.26463-2-richardw.y...@linux.intel.com>
[ehabkost: squashed documentation patch]
Message-Id: <20190422004849.26463-3-richardw.y...@linux.intel.com>
[ehabkost: documentation fixup]
Reviewed-by: Michael S. Tsirkin 
Reviewed-by: Pankaj Gupta 
Reviewed-by: Stefan Hajnoczi 
Signed-off-by: Eduardo Habkost 
---
 docs/nvdimm.txt   | 22 +++---
 util/mmap-alloc.c | 41 -
 qemu-options.hx   |  5 +
 3 files changed, 64 insertions(+), 4 deletions(-)

diff --git a/docs/nvdimm.txt b/docs/nvdimm.txt
index 7231c2d78f..b531cacd35 100644
--- a/docs/nvdimm.txt
+++ b/docs/nvdimm.txt
@@ -144,9 +144,25 @@ Guest Data Persistence
 --
 
 Though QEMU supports multiple types of vNVDIMM backends on Linux,
-currently the only one that can guarantee the guest write persistence
-is the device DAX on the real NVDIMM device (e.g., /dev/dax0.0), to
-which all guest access do not involve any host-side kernel cache.
+the only backend that can guarantee the guest write persistence is:
+
+A. DAX device (e.g., /dev/dax0.0, ) or
+B. DAX file(mounted with dax option)
+
+When using B (A file supporting direct mapping of persistent memory)
+as a backend, write persistence is guaranteed if the host kernel has
+support for the MAP_SYNC flag in the mmap system call (available
+since Linux 4.15 and on certain distro kernels) and additionally
+both 'pmem' and 'share' flags are set to 'on' on the backend.
+
+If these conditions are not satisfied i.e. if either 'pmem' or 'share'
+are not set, if the backend file does not support DAX or if MAP_SYNC
+is not supported by the host kernel, write persistence is not
+guaranteed after a system crash. For compatibility reasons, these
+conditions are ignored if not satisfied. Currently, no way is
+provided to test for them.
+For more details, please reference mmap(2) man page:
+http://man7.org/linux/man-pages/man2/mmap.2.html.
 
 When using other types of backends, it's suggested to set 'unarmed'
 option of '-device nvdimm' to 'on', which sets the unarmed flag of the
diff --git a/util/mmap-alloc.c b/util/mmap-alloc.c
index 9713f4b960..f7f177d0ea 100644
--- a/util/mmap-alloc.c
+++ b/util/mmap-alloc.c
@@ -10,6 +10,13 @@
  * later.  See the COPYING file in the top-level directory.
  */
 
+#ifdef CONFIG_LINUX
+#include 
+#else  /* !CONFIG_LINUX */
+#define MAP_SYNC  0x0
+#define MAP_SHARED_VALIDATE   0x0
+#endif /* CONFIG_LINUX */
+
 #include "qemu/osdep.h"
 #include "qemu/mmap-alloc.h"
 #include "qemu/host-utils.h"
@@ -82,6 +89,7 @@ void *qemu_ram_mmap(int fd,
 bool is_pmem)
 {
 int flags;
+int map_sync_flags = 0;
 int guardfd;
 size_t offset;
 size_t pagesize;
@@ -132,9 +140,40 @@ void *qemu_ram_mmap(int fd,
 flags = MAP_FIXED;
 flags |= fd == -1 ? MAP_ANONYMOUS : 0;
 flags |= shared ? MAP_SHARED : MAP_PRIVATE;
+if (shared && is_pmem) {
+map_sync_flags = MAP_SYNC | MAP_SHARED_VALIDATE;
+}
+
 offset = QEMU_ALIGN_UP((uintptr_t)guardptr, align) - (uintptr_t)guardptr;
 
-ptr = mmap(guardptr + offset, size, PROT_READ | PROT_WRITE, flags, fd, 0);
+ptr = mmap(guardptr + offset, size, PROT_READ | PROT_WRITE,
+   flags | map_sync_flags, fd, 0);
+
+if (ptr == MAP_FAILED && map_sync_flags) {
+if (errno == ENOTSUP) {
+char *proc_link, *file_name;
+int len;
+proc_link = g_strdup_printf("/proc/self/fd/%d", fd);
+file_name = g_malloc0(PATH_MAX);
+len = readlink(proc_link, file_name, PATH_MAX - 1);
+if (len < 0) {
+len = 0;
+}
+file_name[len] = '\0';
+fprintf(stderr, "Warning: requesting persistence across crashes "
+"for backend file %s failed. Proceeding without "
+"persistence, data might become corrupted in case of host "
+"crash.\n", file_name);
+g_free(proc_link);
+g_free(file_name);
+}
+/*
+ * if map failed with MAP_SHARED_VALIDATE | MAP_SYNC,
+ * we will remove these flags to 

[Qemu-devel] [PULL 05/11] vl: Simplify machine_parse()

[Eduardo Habkost]

From: Markus Armbruster 

Exploit that argument @name is nerver null.  Check is_help_option()
first, because that's what we do elsewhere.  If we (foolishly!)
defined a machine named "help", -machine help would now print help
instead of selecting the machine named "help".

Signed-off-by: Markus Armbruster 
Reviewed-by: Wei Yang 
Message-Id: <20190405064121.23662-5-richardw.y...@linux.intel.com>
Signed-off-by: Eduardo Habkost 
---
 vl.c | 22 ++
 1 file changed, 10 insertions(+), 12 deletions(-)

diff --git a/vl.c b/vl.c
index 69c530a920..4c794f2bf6 100644
--- a/vl.c
+++ b/vl.c
@@ -2576,19 +2576,10 @@ static gint machine_class_cmp(gconstpointer a, 
gconstpointer b)
 
 static MachineClass *machine_parse(const char *name, GSList *machines)
 {
-MachineClass *mc = NULL;
+MachineClass *mc;
 GSList *el;
 
-if (name) {
-mc = find_machine(name, machines);
-}
-if (mc) {
-return mc;
-}
-if (name && !is_help_option(name)) {
-error_report("unsupported machine type");
-error_printf("Use -machine help to list supported machines\n");
-} else {
+if (is_help_option(name)) {
 printf("Supported machines are:\n");
 machines = g_slist_sort(machines, machine_class_cmp);
 for (el = machines; el; el = el->next) {
@@ -2600,9 +2591,16 @@ static MachineClass *machine_parse(const char *name, 
GSList *machines)
mc->is_default ? " (default)" : "",
mc->deprecation_reason ? " (deprecated)" : "");
 }
+exit(0);
 }
 
-exit(!name || !is_help_option(name));
+mc = find_machine(name, machines);
+if (!mc) {
+error_report("unsupported machine type");
+error_printf("Use -machine help to list supported machines\n");
+exit(1);
+}
+return mc;
 }
 
 void qemu_add_exit_notifier(Notifier *notify)
-- 
2.18.0.rc1.1.g3f1ff2140

[Qemu-devel] [PULL 04/11] vl: Clean up after previous commit

[Eduardo Habkost]

From: Markus Armbruster 

Since the previous commit, find_machine() and find_default_machine()
don't have to deallocate on return.  This permits further
simplifications.

Signed-off-by: Markus Armbruster 
Reviewed-by: Wei Yang 
Message-Id: <20190405064121.23662-4-richardw.y...@linux.intel.com>
Signed-off-by: Eduardo Habkost 
---
 vl.c | 25 -
 1 file changed, 8 insertions(+), 17 deletions(-)

diff --git a/vl.c b/vl.c
index fb8c8eda2a..69c530a920 100644
--- a/vl.c
+++ b/vl.c
@@ -1468,40 +1468,31 @@ MachineState *current_machine;
 static MachineClass *find_machine(const char *name, GSList *machines)
 {
 GSList *el;
-MachineClass *mc = NULL;
 
 for (el = machines; el; el = el->next) {
-MachineClass *temp = el->data;
+MachineClass *mc = el->data;
 
-if (!strcmp(temp->name, name)) {
-mc = temp;
-break;
-}
-if (temp->alias &&
-!strcmp(temp->alias, name)) {
-mc = temp;
-break;
+if (!strcmp(mc->name, name) || !g_strcmp0(mc->alias, name)) {
+return mc;
 }
 }
 
-return mc;
+return NULL;
 }
 
 static MachineClass *find_default_machine(GSList *machines)
 {
 GSList *el;
-MachineClass *mc = NULL;
 
 for (el = machines; el; el = el->next) {
-MachineClass *temp = el->data;
+MachineClass *mc = el->data;
 
-if (temp->is_default) {
-mc = temp;
-break;
+if (mc->is_default) {
+return mc;
 }
 }
 
-return mc;
+return NULL;
 }
 
 MachineInfoList *qmp_query_machines(Error **errp)
-- 
2.18.0.rc1.1.g3f1ff2140

[Qemu-devel] [PULL 03/11] vl.c: allocate TYPE_MACHINE list once during bootup

[Eduardo Habkost]

From: Wei Yang 

Now all the functions used to select machine is local and the call flow
looks like below:

select_machine()
find_default_machine()
machine_parse()
find_machine()

All these related function will need a GSList for TYPE_MACHINE.
Currently we allocate this list each time we use it, while this is not
necessary to do so because we don't need to modify this.

This patch make the TYPE_MACHINE list allocation in select_machine and
pass this to its child for use.

Signed-off-by: Wei Yang 
Reviewed-by: Markus Armbruster 
Message-Id: <20190405064121.23662-3-richardw.y...@linux.intel.com>
Signed-off-by: Eduardo Habkost 
---
 vl.c | 24 +++-
 1 file changed, 11 insertions(+), 13 deletions(-)

diff --git a/vl.c b/vl.c
index c237c9a0ac..fb8c8eda2a 100644
--- a/vl.c
+++ b/vl.c
@@ -1465,9 +1465,9 @@ static int usb_parse(const char *cmdline)
 
 MachineState *current_machine;
 
-static MachineClass *find_machine(const char *name)
+static MachineClass *find_machine(const char *name, GSList *machines)
 {
-GSList *el, *machines = object_class_get_list(TYPE_MACHINE, false);
+GSList *el;
 MachineClass *mc = NULL;
 
 for (el = machines; el; el = el->next) {
@@ -1484,13 +1484,12 @@ static MachineClass *find_machine(const char *name)
 }
 }
 
-g_slist_free(machines);
 return mc;
 }
 
-static MachineClass *find_default_machine(void)
+static MachineClass *find_default_machine(GSList *machines)
 {
-GSList *el, *machines = object_class_get_list(TYPE_MACHINE, false);
+GSList *el;
 MachineClass *mc = NULL;
 
 for (el = machines; el; el = el->next) {
@@ -1502,7 +1501,6 @@ static MachineClass *find_default_machine(void)
 }
 }
 
-g_slist_free(machines);
 return mc;
 }
 
@@ -2585,16 +2583,15 @@ static gint machine_class_cmp(gconstpointer a, 
gconstpointer b)
   object_class_get_name(OBJECT_CLASS(mc1)));
 }
 
- static MachineClass *machine_parse(const char *name)
+static MachineClass *machine_parse(const char *name, GSList *machines)
 {
 MachineClass *mc = NULL;
-GSList *el, *machines = object_class_get_list(TYPE_MACHINE, false);
+GSList *el;
 
 if (name) {
-mc = find_machine(name);
+mc = find_machine(name, machines);
 }
 if (mc) {
-g_slist_free(machines);
 return mc;
 }
 if (name && !is_help_option(name)) {
@@ -2614,7 +2611,6 @@ static gint machine_class_cmp(gconstpointer a, 
gconstpointer b)
 }
 }
 
-g_slist_free(machines);
 exit(!name || !is_help_option(name));
 }
 
@@ -2706,7 +2702,8 @@ static const QEMUOption *lookup_opt(int argc, char **argv,
 
 static MachineClass *select_machine(void)
 {
-MachineClass *machine_class = find_default_machine();
+GSList *machines = object_class_get_list(TYPE_MACHINE, false);
+MachineClass *machine_class = find_default_machine(machines);
 const char *optarg;
 QemuOpts *opts;
 Location loc;
@@ -2718,7 +2715,7 @@ static MachineClass *select_machine(void)
 
 optarg = qemu_opt_get(opts, "type");
 if (optarg) {
-machine_class = machine_parse(optarg);
+machine_class = machine_parse(optarg, machines);
 }
 
 if (!machine_class) {
@@ -2728,6 +2725,7 @@ static MachineClass *select_machine(void)
 }
 
 loc_pop();
+g_slist_free(machines);
 return machine_class;
 }
 
-- 
2.18.0.rc1.1.g3f1ff2140

[Qemu-devel] [PULL 07/11] cpu: Fix crash with empty -cpu option

[Eduardo Habkost]

Fix the following crash:

  $ qemu-system-x86_64 -cpu ''
  qemu-system-x86_64: qom/cpu.c:291: cpu_class_by_name: \
  Assertion `cpu_model && cc->class_by_name' failed.

Regression test script included.

Fixes: 99193d8f2ef5 ("cpu: drop unnecessary NULL check and 
cpu_common_class_by_name()")
Signed-off-by: Eduardo Habkost 
Message-Id: <20190418034501.5038-1-ehabk...@redhat.com>
Reviewed-by: Stefano Garzarella 
Tested-by: Stefano Garzarella 
Signed-off-by: Eduardo Habkost 
---
 exec.c  |  4 
 tests/acceptance/empty_cpu_model.py | 19 +++
 2 files changed, 23 insertions(+)
 create mode 100644 tests/acceptance/empty_cpu_model.py

diff --git a/exec.c b/exec.c
index 08f6cafcbc..f7f3cdbf4a 100644
--- a/exec.c
+++ b/exec.c
@@ -991,6 +991,10 @@ const char *parse_cpu_option(const char *cpu_option)
 const char *cpu_type;
 
 model_pieces = g_strsplit(cpu_option, ",", 2);
+if (!model_pieces[0]) {
+error_report("-cpu option cannot be empty");
+exit(1);
+}
 
 oc = cpu_class_by_name(CPU_RESOLVING_TYPE, model_pieces[0]);
 if (oc == NULL) {
diff --git a/tests/acceptance/empty_cpu_model.py 
b/tests/acceptance/empty_cpu_model.py
new file mode 100644
index 00..3f4f663582
--- /dev/null
+++ b/tests/acceptance/empty_cpu_model.py
@@ -0,0 +1,19 @@
+# Check for crash when using empty -cpu option
+#
+# Copyright (c) 2019 Red Hat, Inc.
+#
+# Author:
+#  Eduardo Habkost 
+#
+# This work is licensed under the terms of the GNU GPL, version 2 or
+# later.  See the COPYING file in the top-level directory.
+import subprocess
+from avocado_qemu import Test
+
+class EmptyCPUModel(Test):
+def test(self):
+cmd = [self.qemu_bin, '-S', '-display', 'none', '-machine', 'none', 
'-cpu', '']
+r = subprocess.run(cmd, stderr=subprocess.PIPE, stdout=subprocess.PIPE)
+self.assertEquals(r.returncode, 1, "QEMU exit code should be 1")
+self.assertEquals(r.stdout, b'', "QEMU stdout should be empty")
+self.assertNotEquals(r.stderr, b'', "QEMU stderr shouldn't be empty")
-- 
2.18.0.rc1.1.g3f1ff2140

[Qemu-devel] [PULL 09/11] scripts/update-linux-headers: add linux/mman.h

[Eduardo Habkost]

From: Zhang Yi 

Add linux/mman.h,asm/mman.h,asm/mman-common.h to linux-headers,
So we can use more mmap2 flags.

Signed-off-by: Zhang Yi 
Message-Id: 

Signed-off-by: Eduardo Habkost 
---
 scripts/update-linux-headers.sh | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/scripts/update-linux-headers.sh b/scripts/update-linux-headers.sh
index a310a9072b..c3819d2b98 100755
--- a/scripts/update-linux-headers.sh
+++ b/scripts/update-linux-headers.sh
@@ -95,7 +95,7 @@ for arch in $ARCHLIST; do
 
 rm -rf "$output/linux-headers/asm-$arch"
 mkdir -p "$output/linux-headers/asm-$arch"
-for header in kvm.h unistd.h bitsperlong.h; do
+for header in kvm.h unistd.h bitsperlong.h mman.h; do
 cp "$tmpdir/include/asm/$header" "$output/linux-headers/asm-$arch"
 done
 
@@ -139,13 +139,13 @@ done
 rm -rf "$output/linux-headers/linux"
 mkdir -p "$output/linux-headers/linux"
 for header in kvm.h vfio.h vfio_ccw.h vhost.h \
-  psci.h psp-sev.h userfaultfd.h; do
+  psci.h psp-sev.h userfaultfd.h mman.h; do
 cp "$tmpdir/include/linux/$header" "$output/linux-headers/linux"
 done
 
 rm -rf "$output/linux-headers/asm-generic"
 mkdir -p "$output/linux-headers/asm-generic"
-for header in unistd.h bitsperlong.h; do
+for header in unistd.h bitsperlong.h mman-common.h mman.h hugetlb_encode.h; do
 cp "$tmpdir/include/asm-generic/$header" 
"$output/linux-headers/asm-generic"
 done
 
-- 
2.18.0.rc1.1.g3f1ff2140

[Qemu-devel] [PULL 01/11] hw: add compat machines for 4.1

[Eduardo Habkost]

From: Cornelia Huck 

Add 4.1 machine types for arm/i440fx/q35/s390x/spapr.

Signed-off-by: Cornelia Huck 
Message-Id: <20190411102025.22559-1-coh...@redhat.com>
Acked-by: Greg Kurz 
Acked-by: David Gibson 
Signed-off-by: Eduardo Habkost 
---
 include/hw/boards.h|  3 +++
 include/hw/i386/pc.h   |  3 +++
 hw/arm/virt.c  |  9 -
 hw/core/machine.c  |  3 +++
 hw/i386/pc.c   |  3 +++
 hw/i386/pc_piix.c  | 14 +-
 hw/i386/pc_q35.c   | 13 -
 hw/ppc/spapr.c | 15 +--
 hw/s390x/s390-virtio-ccw.c | 14 +-
 9 files changed, 71 insertions(+), 6 deletions(-)

diff --git a/include/hw/boards.h b/include/hw/boards.h
index e231860666..fe1885cbff 100644
--- a/include/hw/boards.h
+++ b/include/hw/boards.h
@@ -293,6 +293,9 @@ struct MachineState {
 } \
 type_init(machine_initfn##_register_types)
 
+extern GlobalProperty hw_compat_4_0[];
+extern const size_t hw_compat_4_0_len;
+
 extern GlobalProperty hw_compat_3_1[];
 extern const size_t hw_compat_3_1_len;
 
diff --git a/include/hw/i386/pc.h b/include/hw/i386/pc.h
index ca65ef18af..43df7230a2 100644
--- a/include/hw/i386/pc.h
+++ b/include/hw/i386/pc.h
@@ -293,6 +293,9 @@ int e820_add_entry(uint64_t, uint64_t, uint32_t);
 int e820_get_num_entries(void);
 bool e820_get_entry(int, uint32_t, uint64_t *, uint64_t *);
 
+extern GlobalProperty pc_compat_4_0[];
+extern const size_t pc_compat_4_0_len;
+
 extern GlobalProperty pc_compat_3_1[];
 extern const size_t pc_compat_3_1_len;
 
diff --git a/hw/arm/virt.c b/hw/arm/virt.c
index ce2664a30b..16ba67f7a7 100644
--- a/hw/arm/virt.c
+++ b/hw/arm/virt.c
@@ -1978,10 +1978,17 @@ static void machvirt_machine_init(void)
 }
 type_init(machvirt_machine_init);
 
+static void virt_machine_4_1_options(MachineClass *mc)
+{
+}
+DEFINE_VIRT_MACHINE_AS_LATEST(4, 1)
+
 static void virt_machine_4_0_options(MachineClass *mc)
 {
+virt_machine_4_1_options(mc);
+compat_props_add(mc->compat_props, hw_compat_4_0, hw_compat_4_0_len);
 }
-DEFINE_VIRT_MACHINE_AS_LATEST(4, 0)
+DEFINE_VIRT_MACHINE(4, 0)
 
 static void virt_machine_3_1_options(MachineClass *mc)
 {
diff --git a/hw/core/machine.c b/hw/core/machine.c
index 743fef2898..5d046a43e3 100644
--- a/hw/core/machine.c
+++ b/hw/core/machine.c
@@ -24,6 +24,9 @@
 #include "hw/pci/pci.h"
 #include "hw/mem/nvdimm.h"
 
+GlobalProperty hw_compat_4_0[] = {};
+const size_t hw_compat_4_0_len = G_N_ELEMENTS(hw_compat_4_0);
+
 GlobalProperty hw_compat_3_1[] = {
 { "pcie-root-port", "x-speed", "2_5" },
 { "pcie-root-port", "x-width", "1" },
diff --git a/hw/i386/pc.c b/hw/i386/pc.c
index f2c15bf1f2..d98b737b8f 100644
--- a/hw/i386/pc.c
+++ b/hw/i386/pc.c
@@ -115,6 +115,9 @@ struct hpet_fw_config hpet_cfg = {.count = UINT8_MAX};
 /* Physical Address of PVH entry point read from kernel ELF NOTE */
 static size_t pvh_start_addr;
 
+GlobalProperty pc_compat_4_0[] = {};
+const size_t pc_compat_4_0_len = G_N_ELEMENTS(pc_compat_4_0);
+
 GlobalProperty pc_compat_3_1[] = {
 { "intel-iommu", "dma-drain", "off" },
 { "Opteron_G3" "-" TYPE_X86_CPU, "rdtscp", "off" },
diff --git a/hw/i386/pc_piix.c b/hw/i386/pc_piix.c
index 8ad8e885c6..2a7700b564 100644
--- a/hw/i386/pc_piix.c
+++ b/hw/i386/pc_piix.c
@@ -428,13 +428,25 @@ static void pc_i440fx_machine_options(MachineClass *m)
 machine_class_allow_dynamic_sysbus_dev(m, TYPE_RAMFB_DEVICE);
 }
 
-static void pc_i440fx_4_0_machine_options(MachineClass *m)
+static void pc_i440fx_4_1_machine_options(MachineClass *m)
 {
 pc_i440fx_machine_options(m);
 m->alias = "pc";
 m->is_default = 1;
 }
 
+DEFINE_I440FX_MACHINE(v4_1, "pc-i440fx-4.1", NULL,
+  pc_i440fx_4_1_machine_options);
+
+static void pc_i440fx_4_0_machine_options(MachineClass *m)
+{
+pc_i440fx_4_1_machine_options(m);
+m->alias = NULL;
+m->is_default = 0;
+compat_props_add(m->compat_props, hw_compat_4_0, hw_compat_4_0_len);
+compat_props_add(m->compat_props, pc_compat_4_0, pc_compat_4_0_len);
+}
+
 DEFINE_I440FX_MACHINE(v4_0, "pc-i440fx-4.0", NULL,
   pc_i440fx_4_0_machine_options);
 
diff --git a/hw/i386/pc_q35.c b/hw/i386/pc_q35.c
index 372c6b73be..37dd350511 100644
--- a/hw/i386/pc_q35.c
+++ b/hw/i386/pc_q35.c
@@ -365,12 +365,23 @@ static void pc_q35_machine_options(MachineClass *m)
 m->max_cpus = 288;
 }
 
-static void pc_q35_4_0_machine_options(MachineClass *m)
+static void pc_q35_4_1_machine_options(MachineClass *m)
 {
 pc_q35_machine_options(m);
 m->alias = "q35";
 }
 
+DEFINE_Q35_MACHINE(v4_1, "pc-q35-4.1", NULL,
+   pc_q35_4_1_machine_options);
+
+static void pc_q35_4_0_machine_options(MachineClass *m)
+{
+pc_q35_4_1_machine_options(m);
+m->alias = NULL;
+compat_props_add(m->compat_props, hw_compat_4_0, hw_compat_4_0_len);
+compat_props_add(m->compat_props, pc_compat_4_0, pc_compat_4_0_len);
+}
+
 DEFINE_Q35_MACHINE(v4_0, "pc-q35-4.0", NULL,
   

[Qemu-devel] [PULL 02/11] vl.c: make find_default_machine() local

[Eduardo Habkost]

From: Wei Yang 

Function find_default_machine() is introduced by commit 2c8cffa599b7
"vl: make find_default_machine externally visible", and it was used
outside of vl.c until commit a904410af5f1 "pc_sysfw: remove the rom_only
property".

Commit a904410af5f1 "pc_sysfw: remove the rom_only property" removed the
only user of find_default_machine() outside vl.c, but neglected to make
it static. Do that now.

Signed-off-by: Wei Yang 

Message-Id: <20190405064121.23662-2-richardw.y...@linux.intel.com>
Reviewed-by: Markus Armbruster 
Signed-off-by: Eduardo Habkost 
---
 include/hw/boards.h | 1 -
 vl.c| 2 +-
 2 files changed, 1 insertion(+), 2 deletions(-)

diff --git a/include/hw/boards.h b/include/hw/boards.h
index fe1885cbff..6f7916f88f 100644
--- a/include/hw/boards.h
+++ b/include/hw/boards.h
@@ -57,7 +57,6 @@ void memory_region_allocate_system_memory(MemoryRegion *mr, 
Object *owner,
 #define MACHINE_CLASS(klass) \
 OBJECT_CLASS_CHECK(MachineClass, (klass), TYPE_MACHINE)
 
-MachineClass *find_default_machine(void);
 extern MachineState *current_machine;
 
 void machine_run_board_init(MachineState *machine);
diff --git a/vl.c b/vl.c
index ff5dfb6fbc..c237c9a0ac 100644
--- a/vl.c
+++ b/vl.c
@@ -1488,7 +1488,7 @@ static MachineClass *find_machine(const char *name)
 return mc;
 }
 
-MachineClass *find_default_machine(void)
+static MachineClass *find_default_machine(void)
 {
 GSList *el, *machines = object_class_get_list(TYPE_MACHINE, false);
 MachineClass *mc = NULL;
-- 
2.18.0.rc1.1.g3f1ff2140

[Qemu-devel] [PULL 00/11] Machine queue, 2019-04-25

[Eduardo Habkost]

The following changes since commit 3284aa128153750f14a61e8a96fd085e6f2999b6:

  Merge remote-tracking branch 'remotes/lersek/tags/edk2-pull-2019-04-22' into 
staging (2019-04-24 13:19:41 +0100)

are available in the Git repository at:

  git://github.com/ehabkost/qemu.git tags/machine-next-pull-request

for you to fetch changes up to 119906afa5ca610adb87c55ab0d8e53c9104bfc3:

  util/mmap-alloc: support MAP_SYNC in qemu_ram_mmap() (2019-04-25 14:17:36 
-0300)


Machine queue, 2019-04-25

* 4.1 machine-types (Cornelia Huck)
* Support MAP_SYNC on pmem memory backends (Zhang Yi)
* -cpu parsing fixes and cleanups (Eduardo Habkost)
* machine initialization cleanups (Wei Yang, Markus Armbruster)



Queue for Machine Core patches


Cornelia Huck (1):
  hw: add compat machines for 4.1

Eduardo Habkost (2):
  cpu: Rename parse_cpu_model() to parse_cpu_option()
  cpu: Fix crash with empty -cpu option

Markus Armbruster (2):
  vl: Clean up after previous commit
  vl: Simplify machine_parse()

Wei Yang (2):
  vl.c: make find_default_machine() local
  vl.c: allocate TYPE_MACHINE list once during bootup

Zhang Yi (4):
  util/mmap-alloc: Add a 'is_pmem' parameter to qemu_ram_mmap
  scripts/update-linux-headers: add linux/mman.h
  linux-headers: add linux/mman.h.
  util/mmap-alloc: support MAP_SYNC in qemu_ram_mmap()

 docs/nvdimm.txt|  22 -
 include/hw/boards.h|   4 +-
 include/hw/i386/pc.h   |   3 +
 include/qemu/mmap-alloc.h  |  21 +++-
 include/qom/cpu.h  |   6 +-
 linux-headers/asm-arm/mman.h   |   4 +
 linux-headers/asm-arm64/mman.h |   1 +
 linux-headers/asm-generic/hugetlb_encode.h |  36 +++
 linux-headers/asm-generic/mman-common.h|  77 +++
 linux-headers/asm-generic/mman.h   |  24 +
 linux-headers/asm-mips/mman.h  | 108 +
 linux-headers/asm-powerpc/mman.h   |  39 
 linux-headers/asm-s390/mman.h  |   1 +
 linux-headers/asm-x86/mman.h   |  31 ++
 linux-headers/linux/mman.h |  38 
 bsd-user/main.c|   2 +-
 exec.c |  10 +-
 hw/arm/virt.c  |   9 +-
 hw/core/machine.c  |   3 +
 hw/i386/pc.c   |   3 +
 hw/i386/pc_piix.c  |  14 ++-
 hw/i386/pc_q35.c   |  13 ++-
 hw/ppc/spapr.c |  15 ++-
 hw/s390x/s390-virtio-ccw.c |  14 ++-
 linux-user/main.c  |   2 +-
 util/mmap-alloc.c  |  47 -
 util/oslib-posix.c |   2 +-
 vl.c   |  87 +++--
 qemu-options.hx|   5 +
 scripts/update-linux-headers.sh|   6 +-
 tests/acceptance/empty_cpu_model.py|  19 
 31 files changed, 591 insertions(+), 75 deletions(-)
 create mode 100644 linux-headers/asm-arm/mman.h
 create mode 100644 linux-headers/asm-arm64/mman.h
 create mode 100644 linux-headers/asm-generic/hugetlb_encode.h
 create mode 100644 linux-headers/asm-generic/mman-common.h
 create mode 100644 linux-headers/asm-generic/mman.h
 create mode 100644 linux-headers/asm-mips/mman.h
 create mode 100644 linux-headers/asm-powerpc/mman.h
 create mode 100644 linux-headers/asm-s390/mman.h
 create mode 100644 linux-headers/asm-x86/mman.h
 create mode 100644 linux-headers/linux/mman.h
 create mode 100644 tests/acceptance/empty_cpu_model.py

-- 
2.18.0.rc1.1.g3f1ff2140

Re: [Qemu-devel] [PATCH v2 0/3] vhost-scsi: Support migration

[Michael S. Tsirkin]

On Thu, Apr 25, 2019 at 09:38:19AM +0100, Stefan Hajnoczi wrote:
> On Wed, Apr 24, 2019 at 07:38:57PM +0300, Liran Alon wrote:
> > 
> > 
> > > On 18 Apr 2019, at 12:41, Stefan Hajnoczi  wrote:
> > > 
> > > On Tue, Apr 16, 2019 at 03:59:09PM +0300, Liran Alon wrote:
> > >> Hi,
> > >> 
> > >> This patch series aims to add supprot to migrate a VM with a vhost-scsi 
> > >> device.
> > >> 
> > >> The 1st patch fixes a bug of mistakenly not stopping vhost-scsi backend 
> > >> when a
> > >> VM is stopped (As happens on migratino pre-copy completion).
> > >> 
> > >> The 2nd patch adds ability to save/load vhost-scsi device state in 
> > >> VMState.
> > >> 
> > >> The 3rd and final paqtch adds a flag to vhost-scsi which allows admin to 
> > >> specify
> > >> it's setup supports vhost-scsi migratino. For more detailed information 
> > >> on why
> > >> this is valid, see commit message of specific patch.
> > >> 
> > >> Regards,
> > >> -Liran
> > > 
> > > Looks fine for vhost_scsi.ko.  I have not checked how this interacts
> > > with vhost-user-scsi.
> > > 
> > > Reviewed-by: Stefan Hajnoczi 
> > 
> > Gentle Ping.
> 
> This should go either through Michael's virtio/vhost tree or Paolo's
> SCSI tree.
> 
> Stefan

OK I'll queue it.

Re: [Qemu-devel] [PATCH v3 2/2] core/qdev: refactor qdev_get_machine() with type assertion

[Eduardo Habkost]

On Thu, Apr 25, 2019 at 11:12:29AM +0800, Like Xu wrote:
> On 2019/4/25 1:21, Eduardo Habkost wrote:
[...]
> > 
> > I think we all agree that qdev_get_machine() should eventually be
> > available in softmmu only.
> 
> I think we need to make it happen to avoid calling qdev_get_machine()
> in user-only mode.

Agreed.  My point is that we we shouldn't need a
qdev_get_machine_unchecked() function at all if we first get rid
of all user-only qdev_get_machine() calls.

> > 
> > But I don't think we agree when it would be appropriate to call
> > qdev_get_machine_unchecked() instead of qdev_get_machine().
> > 
> > On both examples in your patch, the code checks for TYPE_MACHINE
> > immediately after calling qdev_get_machine_unchecked().  If that
> > code is only useful in softmmu mode, when would anybody want to
> > call qdev_get_machine_unchecked() in user-only mode?
> > 
> > 

-- 
Eduardo

Re: [Qemu-devel] [PATCH 3/3] qmp: Add deprecation information to query-machines

[Eduardo Habkost]

On Thu, Apr 25, 2019 at 11:54:34AM -0300, Wainer dos Santos Moschetta wrote:
> Hi Eduardo,
> 
> On 04/23/2019 06:22 PM, Eduardo Habkost wrote:
[...]
> > +class QueryMachines(Test):
> > +def test(self):
> 
> I suggest to use a meaning test case name as it will be displayed with
> Avocado output. Something like 'test_status_information'.

This is a generic test case for query-machines, and I don't
expect it to be specific for validating support-status.

> 
> > +self.vm.launch()
> > +machines = self.vm.command('query-machines')
> 
> Also I suggest to assert you got at least on machine, so ensure
> 'query-machines' returning nothing doesn't pass unnoticed.

Good idea.  I will send this in v2 or as a follow up patch.
Thanks!

-- 
Eduardo

Re: [Qemu-devel] [PATCH 1/3] qapi: SupportStatusInfo struct

[Eduardo Habkost]

On Thu, Apr 25, 2019 at 11:20:58AM -0300, Wainer dos Santos Moschetta wrote:
> Hi Eduardo,
> 
> 
> On 04/23/2019 06:22 PM, Eduardo Habkost wrote:
> > This struct will be used to represent support and deprecation
> > status of QEMU features.
> > 
> > Signed-off-by: Eduardo Habkost 
> > ---
> >   qapi/common.json | 24 
> >   1 file changed, 24 insertions(+)
> > 
> > diff --git a/qapi/common.json b/qapi/common.json
> > index 99d313ef3b..b59d0dc66b 100644
> > --- a/qapi/common.json
> > +++ b/qapi/common.json
> > @@ -193,3 +193,27 @@
> >'ppc64', 'riscv32', 'riscv64', 's390x', 'sh4',
> >'sh4eb', 'sparc', 'sparc64', 'tricore', 'unicore32',
> >'x86_64', 'xtensa', 'xtensaeb' ] }
> > +
> > +##
> > +# @SupportStatusInfo:
> > +#
> > +# Information on support status of a given feature
> > +# (e.g. machine type)
> > +#
> > +# @deprecated: if true, the given feature is deprecated and may be removed
> > +#  in future versions of QEMU according to the QEMU deprecation
> > +#  policy.
> 
> Eventually management software will need the know the QEMU version the
> feature is planed for removal. So makes sense to include a field to capture
> that information as well or do you expect it to be added (as a good
> practice) in the 'status-message'?

If we really want to provide extra information like version
numbers, adding a separate field sounds better than using
status-message.

But I'm not sure we really want to include this amount of detail
in the API.  Mentioning explicit version numbers could make
things more complex for downstream distributions of QEMU that
include backports and/or have a different deprecation policy.

I'd like to hear opinions from others.

-- 
Eduardo

Re: [Qemu-devel] [PATCH 2/2] target/riscv: Add checks for several RVC reserved operands

[Richard Henderson]

On 4/25/19 10:26 AM, Richard Henderson wrote:
>  {
> +  illegal 011 0  -  0 01 # c.addi16sp, RES nzimm=0
>addi011 .  00010  . 01 @c_addi16sp
>lui 011 .  .  . 01 @c_lui
>  }

Bah.  I just realized the comment should be more like

  # c.addi16sp and c.lui, RES nzimm=0

Otherwise one is led to believe that rd=2 is missing
from the illegal pattern.


r~

[Qemu-devel] [PATCH 1/2] fixup! target/riscv: Name the argument sets for all of insn32 formats

[Richard Henderson]

---
 target/riscv/translate.c | 13 ++---
 1 file changed, 10 insertions(+), 3 deletions(-)

diff --git a/target/riscv/translate.c b/target/riscv/translate.c
index d1f599a92d..009c146e8f 100644
--- a/target/riscv/translate.c
+++ b/target/riscv/translate.c
@@ -713,12 +713,19 @@ static bool gen_shift(DisasContext *ctx, arg_r *a,
  * initially declared by the 32-bit decoder, which results in duplicate
  * declaration warnings.  Suppress them.
  */
-#pragma GCC diagnostic push
-#pragma GCC diagnostic ignored "-Wredundant-decls"
+#ifdef CONFIG_PRAGMA_DIAGNOSTIC_AVAILABLE
+# pragma GCC diagnostic push
+# pragma GCC diagnostic ignored "-Wredundant-decls"
+# ifdef __clang__
+#  pragma GCC diagnostic ignored "-Wtypedef-redefinition"
+# endif
+#endif
 
 #include "decode_insn16.inc.c"
 
-#pragma GCC diagnostic pop
+#ifdef CONFIG_PRAGMA_DIAGNOSTIC_AVAILABLE
+# pragma GCC diagnostic pop
+#endif
 
 static void decode_opc(DisasContext *ctx)
 {
-- 
2.17.1

[Qemu-devel] [PATCH 2/2] target/riscv: Add checks for several RVC reserved operands

[Richard Henderson]

C.ADDI16SP, C.LWSP, C.JR, C.ADDIW, C.LDSP all have reserved
operands that were not diagnosed.

Signed-off-by: Richard Henderson 
---
 target/riscv/insn16-64.decode | 10 --
 target/riscv/insn16.decode|  7 ++-
 2 files changed, 14 insertions(+), 3 deletions(-)

diff --git a/target/riscv/insn16-64.decode b/target/riscv/insn16-64.decode
index 055859d29f..672e1e916f 100644
--- a/target/riscv/insn16-64.decode
+++ b/target/riscv/insn16-64.decode
@@ -21,10 +21,16 @@ ld011  ... ... .. ... 00 @cl_d
 sd111  ... ... .. ... 00 @cs_d
 
 # *** RV64C Standard Extension (Quadrant 1) ***
-addiw 001 .  .  . 01 @ci
+{
+  illegal 001 -  0  - 01 # c.addiw, RES rd=0
+  addiw   001 .  .  . 01 @ci
+}
 subw  100 1 11 ... 00 ... 01 @cs_2
 addw  100 1 11 ... 01 ... 01 @cs_2
 
 # *** RV64C Standard Extension (Quadrant 2) ***
-ld011 .  .  . 10 @c_ldsp
+{
+  illegal 011 -  0  - 10 # c.ldsp, RES rd=0
+  ld  011 .  .  . 10 @c_ldsp
+}
 sd111 .  .  . 10 @c_sdsp
diff --git a/target/riscv/insn16.decode b/target/riscv/insn16.decode
index 433c0e8c68..c06073ee72 100644
--- a/target/riscv/insn16.decode
+++ b/target/riscv/insn16.decode
@@ -96,6 +96,7 @@ sw110  ... ... .. ... 00 @cs_w
 addi  000 .  .  . 01 @ci
 addi  010 .  .  . 01 @c_li
 {
+  illegal 011 0  -  0 01 # c.addi16sp, RES nzimm=0
   addi011 .  00010  . 01 @c_addi16sp
   lui 011 .  .  . 01 @c_lui
 }
@@ -113,8 +114,12 @@ bne   111  ... ...  . 01 @cb_z
 # *** RV32/64C Standard Extension (Quadrant 2) ***
 slli  000 .  .  . 10 @c_shift2
 fld   001 .  .  . 10 @c_ldsp
-lw010 .  .  . 10 @c_lwsp
 {
+  illegal 010 -  0  - 10 # c.lwsp, RES rd=0
+  lw  010 .  .  . 10 @c_lwsp
+}
+{
+  illegal 100 0  0  0 10 # c.jr, RES rs1=0
   jalr100 0  .  0 10 @c_jalr rd=0  # C.JR
   addi100 0  .  . 10 @c_mv
 }
-- 
2.17.1