[Qemu-devel] Re: [PATCH 1/2] pci: Automatically patch PCI vendor id and device id in PCI ROM

[Gerd Hoffmann]

  Hi,


The i825xx ethernet controller family is a typical example
which is implemented in hw/eepro100.c. It uses at least
3 different device ids, so normally 3 boot roms would be needed.


Does this actually work now with the etherboot roms?

cheers,
  Gerd

[Qemu-devel] [Bug 663713] [NEW] Mouse frozen under an emulated ubuntu

[FredBezies]

Public bug reported:

Qemu 0.13.0

Command line used :

qemu-system-x86_64 --enable-kvm -localtime -soundhw all -k fr -m 1500
-net user -net nic,model=rtl8139 -hda disk.img -cdrom ubuntu-10.10
-desktop-amd64.iso -boot d

When I try to move mouse cursor in qemu, pointer is frozen. Nothing is
moving. Was working perfectly with Qemu 0.12.5.

** Affects: qemu
 Importance: Undecided
 Status: New

-- 
Mouse frozen under an emulated ubuntu
https://bugs.launchpad.net/bugs/663713
You received this bug notification because you are a member of qemu-
devel-ml, which is subscribed to QEMU.

Status in QEMU: New

Bug description:
Qemu 0.13.0

Command line used :

qemu-system-x86_64 --enable-kvm -localtime -soundhw all -k fr -m 1500 -net user 
-net nic,model=rtl8139 -hda disk.img -cdrom ubuntu-10.10-desktop-amd64.iso 
-boot d

When I try to move mouse cursor in qemu, pointer is frozen. Nothing is moving. 
Was working perfectly with Qemu 0.12.5.

Re: [Qemu-devel] [PATCH 1/3] Introduce threadlets

[Stefan Hajnoczi]

On Tue, Oct 19, 2010 at 6:42 PM, Arun R Bharadwaj
 wrote:
> +/**
> + * cancel_threadletwork_on_queue: Cancel a task queued on a Queue.
> + * @queue: The queue containing the task to be cancelled.
> + * @work: Contains the information of the task that needs to be cancelled.
> + *
> + * Returns: 0 if the task is successfully cancelled.
> + *          1 otherwise.

The return value comment doesn't correspond to how I read the code.
If the work was cancelled the code returns 1.  Otherwise it returns 0.

> + */
> +int cancel_threadletwork_on_queue(ThreadletQueue *queue, ThreadletWork *work)
> +{
> +    ThreadletWork *ret_work;
> +    int ret = 0;
> +
> +    qemu_mutex_lock(&(queue->lock));
> +    QTAILQ_FOREACH(ret_work, &(queue->request_list), node) {
> +        if (ret_work == work) {
> +            QTAILQ_REMOVE(&(queue->request_list), ret_work, node);
> +            ret = 1;
> +            break;
> +        }
> +    }
> +    qemu_mutex_unlock(&(queue->lock));
> +
> +    return ret;
> +}

Stefan

[Qemu-devel] [PATCH v6 06/12] x3130: pcie downstream port

[Isaku Yamahata]

Implement TI x3130 pcie downstream port switch.

Signed-off-by: Isaku Yamahata 
---
Changes v5 -> v6:
- compilation adjustment.
- eliminate aer bits.

Changes v4 -> v5:
- use pci_xxx_test_and_xxx_mask().
- removed flr related stuff.

Changes v3 -> v4:
- rename: pcie_downstream -> x3130_downstream
- compilation adjustment.

Changes v2 -> v3:
- compilation adjustment.
---
 Makefile.objs   |2 +-
 hw/xio3130_downstream.c |  190 +++
 hw/xio3130_downstream.h |   11 +++
 3 files changed, 202 insertions(+), 1 deletions(-)
 create mode 100644 hw/xio3130_downstream.c
 create mode 100644 hw/xio3130_downstream.h

diff --git a/Makefile.objs b/Makefile.objs
index b1ef2bb..138e545 100644
--- a/Makefile.objs
+++ b/Makefile.objs
@@ -140,7 +140,7 @@ hw-obj-y =
 hw-obj-y += vl.o loader.o
 hw-obj-y += virtio.o virtio-console.o
 hw-obj-y += fw_cfg.o pci.o pci_host.o pcie_host.o pci_bridge.o
-hw-obj-y += ioh3420.o xio3130_upstream.o
+hw-obj-y += ioh3420.o xio3130_upstream.o xio3130_downstream.o
 hw-obj-y += watchdog.o
 hw-obj-$(CONFIG_ISA_MMIO) += isa_mmio.o
 hw-obj-$(CONFIG_ECC) += ecc.o
diff --git a/hw/xio3130_downstream.c b/hw/xio3130_downstream.c
new file mode 100644
index 000..a44e188
--- /dev/null
+++ b/hw/xio3130_downstream.c
@@ -0,0 +1,190 @@
+/*
+ * x3130_downstream.c
+ * TI X3130 pci express downstream port switch
+ *
+ * Copyright (c) 2010 Isaku Yamahata 
+ *VA Linux Systems Japan K.K.
+ *
+ * This program is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License along
+ * with this program; if not, see .
+ */
+
+#include "pci_ids.h"
+#include "msi.h"
+#include "pcie.h"
+#include "xio3130_downstream.h"
+
+#define PCI_DEVICE_ID_TI_XIO3130D   0x8233  /* downstream port */
+#define XIO3130_REVISION0x1
+#define XIO3130_MSI_OFFSET  0x70
+#define XIO3130_MSI_SUPPORTED_FLAGS PCI_MSI_FLAGS_64BIT
+#define XIO3130_MSI_NR_VECTOR   1
+#define XIO3130_SSVID_OFFSET0x80
+#define XIO3130_SSVID_SVID  0
+#define XIO3130_SSVID_SSID  0
+#define XIO3130_EXP_OFFSET  0x90
+#define XIO3130_AER_OFFSET  0x100
+
+static void xio3130_downstream_write_config(PCIDevice *d, uint32_t address,
+ uint32_t val, int len)
+{
+uint16_t sltctl =
+pci_get_word(d->config + d->exp.exp_cap + PCI_EXP_SLTCTL);
+
+pci_bridge_write_config(d, address, val, len);
+pcie_cap_flr_write_config(d, address, val, len);
+pcie_cap_slot_write_config(d, address, val, len, sltctl);
+msi_write_config(d, address, val, len);
+/* TODO: AER */
+}
+
+static void xio3130_downstream_reset(DeviceState *qdev)
+{
+PCIDevice *d = DO_UPCAST(PCIDevice, qdev, qdev);
+msi_reset(d);
+pcie_cap_deverr_reset(d);
+pcie_cap_slot_reset(d);
+pcie_cap_ari_reset(d);
+pci_bridge_reset(qdev);
+}
+
+static int xio3130_downstream_initfn(PCIDevice *d)
+{
+PCIBridge* br = DO_UPCAST(PCIBridge, dev, d);
+PCIEPort *p = DO_UPCAST(PCIEPort, br, br);
+PCIESlot *s = DO_UPCAST(PCIESlot, port, p);
+int rc;
+
+rc = pci_bridge_initfn(d);
+if (rc < 0) {
+return rc;
+}
+
+pcie_port_init_reg(d);
+pci_config_set_vendor_id(d->config, PCI_VENDOR_ID_TI);
+pci_config_set_device_id(d->config, PCI_DEVICE_ID_TI_XIO3130D);
+d->config[PCI_REVISION_ID] = XIO3130_REVISION;
+
+rc = msi_init(d, XIO3130_MSI_OFFSET, XIO3130_MSI_NR_VECTOR,
+  XIO3130_MSI_SUPPORTED_FLAGS & PCI_MSI_FLAGS_64BIT,
+  XIO3130_MSI_SUPPORTED_FLAGS & PCI_MSI_FLAGS_MASKBIT);
+if (rc < 0) {
+return rc;
+}
+rc = pci_bridge_ssvid_init(d, XIO3130_SSVID_OFFSET,
+   XIO3130_SSVID_SVID, XIO3130_SSVID_SSID);
+if (rc < 0) {
+return rc;
+}
+rc = pcie_cap_init(d, XIO3130_EXP_OFFSET, PCI_EXP_TYPE_DOWNSTREAM,
+   p->port);
+if (rc < 0) {
+return rc;
+}
+pcie_cap_flr_init(d);   /* TODO: implement FLR */
+pcie_cap_deverr_init(d);
+pcie_cap_slot_init(d, s->slot);
+pcie_chassis_create(s->chassis);
+rc = pcie_chassis_add_slot(s);
+if (rc < 0) {
+return rc;
+}
+pcie_cap_ari_init(d);
+/* TODO: AER */
+
+return 0;
+}
+
+static int xio3130_downstream_exitfn(PCIDevice *d)
+{
+/* TODO: AER */
+msi_uninit(d);
+pcie_cap_exit(d);
+re

[Qemu-devel] [PATCH v6 07/12] pcie/hotplug: introduce pushing attention button command

[Isaku Yamahata]

glue pcie_push_attention_button command.

Signed-off-by: Isaku Yamahata 
---
 hw/pcie_port.c  |   82 +++
 qemu-monitor.hx |   14 +
 sysemu.h|4 +++
 3 files changed, 100 insertions(+), 0 deletions(-)

diff --git a/hw/pcie_port.c b/hw/pcie_port.c
index 117de61..f43a1c7 100644
--- a/hw/pcie_port.c
+++ b/hw/pcie_port.c
@@ -18,6 +18,10 @@
  * with this program; if not, see .
  */
 
+#include "qemu-objects.h"
+#include "sysemu.h"
+#include "monitor.h"
+#include "pcie.h"
 #include "pcie_port.h"
 
 void pcie_port_init_reg(PCIDevice *d)
@@ -114,3 +118,81 @@ void pcie_chassis_del_slot(PCIESlot *s)
 {
 QLIST_REMOVE(s, next);
 }
+
+/**
+ * glue for qemu monitor
+ */
+
+/* Parse [.], return -1 on error */
+static int pcie_parse_slot_addr(const char* slot_addr,
+uint8_t *chassisp, uint16_t *slotp)
+{
+const char *p;
+char *e;
+unsigned long val;
+unsigned long chassis = 0;
+unsigned long slot;
+
+p = slot_addr;
+val = strtoul(p, &e, 0);
+if (e == p) {
+return -1;
+}
+if (*e == '.') {
+chassis = val;
+p = e + 1;
+val = strtoul(p, &e, 0);
+if (e == p) {
+return -1;
+}
+}
+slot = val;
+
+if (*e) {
+return -1;
+}
+
+if (chassis > 0xff || slot > 0x) {
+return -1;
+}
+
+*chassisp = chassis;
+*slotp = slot;
+return 0;
+}
+
+void pcie_attention_button_push_print(Monitor *mon, const QObject *data)
+{
+QDict *qdict;
+
+assert(qobject_type(data) == QTYPE_QDICT);
+qdict = qobject_to_qdict(data);
+
+monitor_printf(mon, "OK chassis %d, slot %d\n",
+   (int) qdict_get_int(qdict, "chassis"),
+   (int) qdict_get_int(qdict, "slot"));
+}
+
+int pcie_attention_button_push(Monitor *mon, const QDict *qdict,
+   QObject **ret_data)
+{
+const char* pcie_slot = qdict_get_str(qdict, "pcie_slot");
+uint8_t chassis;
+uint16_t slot;
+PCIESlot *s;
+
+if (pcie_parse_slot_addr(pcie_slot, &chassis, &slot) < 0) {
+monitor_printf(mon, "invalid pcie slot address %s\n", pcie_slot);
+return -1;
+}
+s = pcie_chassis_find_slot(chassis, slot);
+if (!s) {
+monitor_printf(mon, "slot is not found. %s\n", pcie_slot);
+return -1;
+}
+pcie_cap_slot_push_attention_button(&s->port.br.dev);
+*ret_data = qobject_from_jsonf("{ 'chassis': %d, 'slot': %d}",
+   chassis, slot);
+assert(*ret_data);
+return 0;
+}
diff --git a/qemu-monitor.hx b/qemu-monitor.hx
index 2af3de6..965c754 100644
--- a/qemu-monitor.hx
+++ b/qemu-monitor.hx
@@ -1154,6 +1154,20 @@ Hot remove PCI device.
 ETEXI
 
 {
+.name   = "pcie_push_attention_button",
+.args_type  = "pcie_slot:s",
+.params = "[.]",
+.help   = "push pci express attention button",
+.user_print  = pcie_attention_button_push_print,
+.mhandler.cmd_new = pcie_attention_button_push,
+},
+
+STEXI
+...@item pcie_abp
+Push PCI express attention button
+ETEXI
+
+{
 .name   = "host_net_add",
 .args_type  = "device:s,opts:s?",
 .params = "tap|user|socket|vde|dump [options]",
diff --git a/sysemu.h b/sysemu.h
index 9c988bb..cca411d 100644
--- a/sysemu.h
+++ b/sysemu.h
@@ -150,6 +150,10 @@ extern unsigned int nb_prom_envs;
 void pci_device_hot_add(Monitor *mon, const QDict *qdict);
 void drive_hot_add(Monitor *mon, const QDict *qdict);
 void do_pci_device_hot_remove(Monitor *mon, const QDict *qdict);
+/* pcie hotplug */
+void pcie_attention_button_push_print(Monitor *mon, const QObject *data);
+int pcie_attention_button_push(Monitor *mon, const QDict *qdict,
+   QObject **ret_data);
 
 /* serial ports */
 
-- 
1.7.1.1

[Qemu-devel] [PATCH v6 00/12] pcie port switch emulators

[Isaku Yamahata]

This patch series is v6 of the pcie switch emulators.
Now the aer dependency has removed, so the patch 1-7 can be merged.
And I cleaned up pcie_aer_write_config() in the aer patch.

new patches: 1
essentially updated patches: 2, 8

changes v5 -> v6:
- dropped already merged patches.
- add comment on hpev_intx
- updated the bridge fix patch
- update the aer patch.
- reordered the patch series to remove the aer dependency.

change v4 -> v5:
- introduced pci_xxx_test_and_clear/set_mask
- eliminated xxx_notify(msi_trigger, int_level)
- eliminated FLR bits.
  FLR will be addressed at the next phase.

changes v3 -> v4:
- introduced new pci config helper functions.(clear set bit)
- various clean up and some bug fixes.
- dropped pci_shift_xxx().
- dropped function pointerin pcie_aer.h
- dropped pci_exp_cap(), pcie_aer_cap().
- file rename (pcie_{root, upstream, downsatrem} => ioh33420, x3130).

changes v2 -> v3:
- msi: improved commant and simplified shift/ffs dance
- pci w1c config register framework
- split pcie.[ch] into pcie_regs.h, pcie.[ch] and pcie_aer.[ch]
- pcie, aer: many changes by following reviews.

changes v1 -> v2:
- update msi
- dropped already pushed out patches.
- added msix patches.

Isaku Yamahata (12):
  pcie: comment on hpev_intx
  pci/bridge: fix pci_bridge_reset()
  pcie port: define struct PCIEPort/PCIESlot and helper functions
  ioh3420: pcie root port in X58 ioh
  x3130: pcie upstream port
  x3130: pcie downstream port
  pcie/hotplug: introduce pushing attention button command
  pcie/aer: helper functions for pcie aer capability
  pcie/aer: glue aer error injection into qemu monitor
  ioh3420: support aer
  x3130/upstream: support aer
  x3130/downstream: support aer.

 Makefile.objs   |3 +-
 hw/ioh3420.c|  228 +
 hw/ioh3420.h|   10 +
 hw/pci_bridge.c |   48 +++-
 hw/pci_bridge.h |1 +
 hw/pcie.h   |   24 ++-
 hw/pcie_aer.c   |  864 +++
 hw/pcie_aer.h   |  105 ++
 hw/pcie_port.c  |  198 +++
 hw/pcie_port.h  |   51 +++
 hw/xio3130_downstream.c |  195 +++
 hw/xio3130_downstream.h |   11 +
 hw/xio3130_upstream.c   |  179 ++
 hw/xio3130_upstream.h   |   10 +
 qemu-common.h   |5 +
 qemu-monitor.hx |   36 ++
 sysemu.h|9 +
 17 files changed, 1969 insertions(+), 8 deletions(-)
 create mode 100644 hw/ioh3420.c
 create mode 100644 hw/ioh3420.h
 create mode 100644 hw/pcie_aer.c
 create mode 100644 hw/pcie_aer.h
 create mode 100644 hw/pcie_port.c
 create mode 100644 hw/pcie_port.h
 create mode 100644 hw/xio3130_downstream.c
 create mode 100644 hw/xio3130_downstream.h
 create mode 100644 hw/xio3130_upstream.c
 create mode 100644 hw/xio3130_upstream.h

[Qemu-devel] [PATCH v6 03/12] pcie port: define struct PCIEPort/PCIESlot and helper functions

[Isaku Yamahata]

define struct PCIEPort which represents common part
of pci express port.(root, upstream and downstream.)
add a helper function for pcie port which can be used commonly by
root/upstream/downstream port.
define struct PCIESlot which represents common part of
pcie slot.(root and downstream.) and helper functions for it.
helper functions for chassis, slot -> PCIESlot conversion.

Signed-off-by: Isaku Yamahata 
---
Changes v4 -> v5:
- use pci_xxx_test_and_xxx_mask()

Changes v3 -> v4:
- Initialize prefetchable memory base/limit registers correctly.
  They must support 64bit.
- compilation adjustment.

Changes v2 -> v3:
- static'fy chassis.
- compilation adjustment.
---
 Makefile.objs  |2 +-
 hw/pcie_port.c |  116 
 hw/pcie_port.h |   51 
 qemu-common.h  |2 +
 4 files changed, 170 insertions(+), 1 deletions(-)
 create mode 100644 hw/pcie_port.c
 create mode 100644 hw/pcie_port.h

diff --git a/Makefile.objs b/Makefile.objs
index eeb5134..c73d12b 100644
--- a/Makefile.objs
+++ b/Makefile.objs
@@ -186,7 +186,7 @@ hw-obj-$(CONFIG_PIIX4) += piix4.o
 # PCI watchdog devices
 hw-obj-y += wdt_i6300esb.o
 
-hw-obj-y += pcie.o
+hw-obj-y += pcie.o pcie_port.o
 hw-obj-y += msix.o msi.o
 
 # PCI network cards
diff --git a/hw/pcie_port.c b/hw/pcie_port.c
new file mode 100644
index 000..117de61
--- /dev/null
+++ b/hw/pcie_port.c
@@ -0,0 +1,116 @@
+/*
+ * pcie_port.c
+ *
+ * Copyright (c) 2010 Isaku Yamahata 
+ *VA Linux Systems Japan K.K.
+ *
+ * This program is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License along
+ * with this program; if not, see .
+ */
+
+#include "pcie_port.h"
+
+void pcie_port_init_reg(PCIDevice *d)
+{
+/* Unlike pci bridge,
+   66MHz and fast back to back don't apply to pci express port. */
+pci_set_word(d->config + PCI_STATUS, 0);
+pci_set_word(d->config + PCI_SEC_STATUS, 0);
+
+/* 7.5.3.5 Prefetchable Memory Base Limit
+ * The Prefetchable Memory Base and Prefetchable Memory Limit registers
+ * must indicate that 64-bit addresses are supported, as defined in
+ * PCI-to-PCI Bridge Architecture Specification, Revision 1.2.
+ */
+pci_word_test_and_set_mask(d->config + PCI_PREF_MEMORY_BASE,
+   PCI_PREF_RANGE_TYPE_64);
+pci_word_test_and_set_mask(d->config + PCI_PREF_MEMORY_LIMIT,
+   PCI_PREF_RANGE_TYPE_64);
+}
+
+/**
+ * (chassis number, pcie physical slot number) -> pcie slot conversion
+ */
+struct PCIEChassis {
+uint8_t number;
+
+QLIST_HEAD(, PCIESlot) slots;
+QLIST_ENTRY(PCIEChassis) next;
+};
+
+static QLIST_HEAD(, PCIEChassis) chassis = QLIST_HEAD_INITIALIZER(chassis);
+
+static struct PCIEChassis *pcie_chassis_find(uint8_t chassis_number)
+{
+struct PCIEChassis *c;
+QLIST_FOREACH(c, &chassis, next) {
+if (c->number == chassis_number) {
+break;
+}
+}
+return c;
+}
+
+void pcie_chassis_create(uint8_t chassis_number)
+{
+struct PCIEChassis *c;
+c = pcie_chassis_find(chassis_number);
+if (c) {
+return;
+}
+c = qemu_mallocz(sizeof(*c));
+c->number = chassis_number;
+QLIST_INIT(&c->slots);
+QLIST_INSERT_HEAD(&chassis, c, next);
+}
+
+static PCIESlot *pcie_chassis_find_slot_with_chassis(struct PCIEChassis *c,
+ uint8_t slot)
+{
+PCIESlot *s;
+QLIST_FOREACH(s, &c->slots, next) {
+if (s->slot == slot) {
+break;
+}
+}
+return s;
+}
+
+PCIESlot *pcie_chassis_find_slot(uint8_t chassis_number, uint16_t slot)
+{
+struct PCIEChassis *c;
+c = pcie_chassis_find(chassis_number);
+if (!c) {
+return NULL;
+}
+return pcie_chassis_find_slot_with_chassis(c, slot);
+}
+
+int pcie_chassis_add_slot(struct PCIESlot *slot)
+{
+struct PCIEChassis *c;
+c = pcie_chassis_find(slot->chassis);
+if (!c) {
+return -ENODEV;
+}
+if (pcie_chassis_find_slot_with_chassis(c, slot->slot)) {
+return -EBUSY;
+}
+QLIST_INSERT_HEAD(&c->slots, slot, next);
+return 0;
+}
+
+void pcie_chassis_del_slot(PCIESlot *s)
+{
+QLIST_REMOVE(s, next);
+}
diff --git a/hw/pcie_port.h b/hw/pcie_port.h
new file mode 100644
index 000..3709583
--- /dev/null
+++ b/hw/pcie_po

[Qemu-devel] [PATCH v6 04/12] ioh3420: pcie root port in X58 ioh

[Isaku Yamahata]

Implements pcie root port switch in intel X58 ioh
whose device id is 0x3420.

Signed-off-by: Isaku Yamahata 
---
Changes v5 -> v6:
- compilation adjustment.
- eliminated aer bits.

Changes v4 -> v5:
- use pci_xxx_test_and_xxx_mask()

Changes v3 -> v4:
- rename pcie_root -> ioh3420
- compilation adjustment.

Changes v2 -> v3:
- compilation adjustment.
---
 Makefile.objs |1 +
 hw/ioh3420.c  |  188 +
 hw/ioh3420.h  |   10 +++
 3 files changed, 199 insertions(+), 0 deletions(-)
 create mode 100644 hw/ioh3420.c
 create mode 100644 hw/ioh3420.h

diff --git a/Makefile.objs b/Makefile.objs
index c73d12b..3a05322 100644
--- a/Makefile.objs
+++ b/Makefile.objs
@@ -140,6 +140,7 @@ hw-obj-y =
 hw-obj-y += vl.o loader.o
 hw-obj-y += virtio.o virtio-console.o
 hw-obj-y += fw_cfg.o pci.o pci_host.o pcie_host.o pci_bridge.o
+hw-obj-y += ioh3420.o
 hw-obj-y += watchdog.o
 hw-obj-$(CONFIG_ISA_MMIO) += isa_mmio.o
 hw-obj-$(CONFIG_ECC) += ecc.o
diff --git a/hw/ioh3420.c b/hw/ioh3420.c
new file mode 100644
index 000..1f340d3
--- /dev/null
+++ b/hw/ioh3420.c
@@ -0,0 +1,188 @@
+/*
+ * ioh3420.c
+ * Intel X58 north bridge IOH
+ * PCI Express root port device id 3420
+ *
+ * Copyright (c) 2010 Isaku Yamahata 
+ *VA Linux Systems Japan K.K.
+ *
+ * This program is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License along
+ * with this program; if not, see .
+ */
+
+#include "pci_ids.h"
+#include "msi.h"
+#include "pcie.h"
+#include "ioh3420.h"
+
+#define PCI_DEVICE_ID_IOH_EPORT 0x3420  /* D0:F0 express mode */
+#define PCI_DEVICE_ID_IOH_REV   0x2
+#define IOH_EP_SSVID_OFFSET 0x40
+#define IOH_EP_SSVID_SVID   PCI_VENDOR_ID_INTEL
+#define IOH_EP_SSVID_SSID   0
+#define IOH_EP_MSI_OFFSET   0x60
+#define IOH_EP_MSI_SUPPORTED_FLAGS  PCI_MSI_FLAGS_MASKBIT
+#define IOH_EP_MSI_NR_VECTOR2
+#define IOH_EP_EXP_OFFSET   0x90
+#define IOH_EP_AER_OFFSET   0x100
+
+static void ioh3420_write_config(PCIDevice *d,
+   uint32_t address, uint32_t val, int len)
+{
+uint16_t sltctl =
+pci_get_word(d->config + d->exp.exp_cap + PCI_EXP_SLTCTL);
+
+pci_bridge_write_config(d, address, val, len);
+msi_write_config(d, address, val, len);
+pcie_cap_slot_write_config(d, address, val, len, sltctl);
+/* TODO: AER */
+}
+
+static void ioh3420_reset(DeviceState *qdev)
+{
+PCIDevice *d = DO_UPCAST(PCIDevice, qdev, qdev);
+msi_reset(d);
+pcie_cap_root_reset(d);
+pcie_cap_deverr_reset(d);
+pcie_cap_slot_reset(d);
+pci_bridge_reset(qdev);
+pci_bridge_disable_base_limit(d);
+/* TODO: AER */
+}
+
+static int ioh3420_initfn(PCIDevice *d)
+{
+PCIBridge* br = DO_UPCAST(PCIBridge, dev, d);
+PCIEPort *p = DO_UPCAST(PCIEPort, br, br);
+PCIESlot *s = DO_UPCAST(PCIESlot, port, p);
+int rc;
+
+rc = pci_bridge_initfn(d);
+if (rc < 0) {
+return rc;
+}
+
+d->config[PCI_REVISION_ID] = PCI_DEVICE_ID_IOH_REV;
+pcie_port_init_reg(d);
+
+pci_config_set_vendor_id(d->config, PCI_VENDOR_ID_INTEL);
+pci_config_set_device_id(d->config, PCI_DEVICE_ID_IOH_EPORT);
+
+rc = pci_bridge_ssvid_init(d, IOH_EP_SSVID_OFFSET,
+   IOH_EP_SSVID_SVID, IOH_EP_SSVID_SSID);
+if (rc < 0) {
+return rc;
+}
+rc = msi_init(d, IOH_EP_MSI_OFFSET, IOH_EP_MSI_NR_VECTOR,
+  IOH_EP_MSI_SUPPORTED_FLAGS & PCI_MSI_FLAGS_64BIT,
+  IOH_EP_MSI_SUPPORTED_FLAGS & PCI_MSI_FLAGS_MASKBIT);
+if (rc < 0) {
+return rc;
+}
+rc = pcie_cap_init(d, IOH_EP_EXP_OFFSET, PCI_EXP_TYPE_ROOT_PORT, p->port);
+if (rc < 0) {
+return rc;
+}
+pcie_cap_deverr_init(d);
+pcie_cap_slot_init(d, s->slot);
+pcie_chassis_create(s->chassis);
+rc = pcie_chassis_add_slot(s);
+if (rc < 0) {
+return rc;
+}
+pcie_cap_root_init(d);
+/* TODO: AER */
+return 0;
+}
+
+static int ioh3420_exitfn(PCIDevice *d)
+{
+/* TODO: AER */
+msi_uninit(d);
+pcie_cap_exit(d);
+return pci_bridge_exitfn(d);
+}
+
+PCIESlot *ioh3420_init(PCIBus *bus, int devfn, bool multifunction,
+ const char *bus_name, pci_map_irq_fn map_irq,
+ uint8_t port, uint8_t chassis, uint16_t slot)
+{
+PCIDevice *d;
+PCIB

Re: [Qemu-devel] KVM call minutes for Oct 19

[Alexander Graf]

On 20.10.2010, at 10:25, Paolo Bonzini wrote:

> On 10/20/2010 10:21 AM, Alexander Graf wrote:
>> Would it be realistic to declare deprecating the qemu-kvm fork for
>> 0.14 as goal?
> 
> I recall some performance problems with the qemu.git iothread, I'm not sure 
> all of those have been fixed.

Yes, hence "declare as goal". Deprecating doesn't mean to declare it void, but 
to actually work towards eliminating all the shortcomings. Another thing coming 
to mind there is that the default -accel should be moved to kvm,tcg instead of 
only tcg as it stands today.


Alex

Re: [Qemu-devel] KVM call minutes for Oct 19

[Alexander Graf]

On 19.10.2010, at 17:14, Chris Wright wrote:

> 0.13.X -stable
> - Anthony will send note to qemu-devel on this
> - move 0.13.X -stable to a separate tree
> - driven independently of main qemu tree
> - challenge is always in the porting and testing of backported fixes
> - looking for volunteers
> 
> 0.14
> - would like to do this before end of the year
> - 0.13 forked off a while back (~July), 
> - 0.14 features
>  - QMP stabilized
>- 0.13.0 -> 0.14 QMP
>- hard attempt not to break compatibility
>- new commands, rework, async, human monitor passthrough
>- goal getting to libvirt not needing human monitor at all
>- QMP KVM autotest test suite submitted
> - in-kernel apic, tpr patching still outstanding
> - QED coroutine concurrency

Would it be realistic to declare deprecating the qemu-kvm fork for 0.14 as goal?

> Live snapshots
> - merge snapshot?
>  - already supported, question about mgmt of snapshot chain
> - integrate with fsfreeze (and windows alternative)
> 
> Guest Agent
> - have one coming RSN (poke Anthony for details)

Would there be a chance to have a single agent for everyone, so that we 
actually form a Qemu agent instead of a dozen individual ones? I'm mainly 
thinking Spice here.


Alex

[Qemu-devel] [PATCH v6 08/12] pcie/aer: helper functions for pcie aer capability

[Isaku Yamahata]

This patch implements helper functions for pcie aer capability
which will be used later.

Signed-off-by: Isaku Yamahata 
---
Chnages v5 -> v6:
- cleaned up pcie_aer_write_config().
- enum definition.

Changes v4 -> v5:
- use pci_xxx_test_and_xxx_mask()
- rewrote PCIDevice::written bits.
- eliminated pcie_aer_notify()
- introduced PCIExpressDevice::aer_intx

Changes v3 -> v4:
- various naming fixes.
- use pci bit operation helper function
- eliminate errmsg function pointer
- replace pci_shift_xxx() with PCIDevice::written
- uncorrect error status register.
- dropped pcie_aer_cap()

Changes v2 -> v3:
- split out from pcie.[ch] to pcie_aer.[ch] to make the files sorter.
- embeded PCIExpressDevice into PCIDevice.
- CodingStyle fix
---
 Makefile.objs |2 +-
 hw/pcie.h |   14 +
 hw/pcie_aer.c |  780 +
 hw/pcie_aer.h |  105 
 qemu-common.h |3 +
 5 files changed, 903 insertions(+), 1 deletions(-)
 create mode 100644 hw/pcie_aer.c
 create mode 100644 hw/pcie_aer.h

diff --git a/Makefile.objs b/Makefile.objs
index 138e545..48f98f3 100644
--- a/Makefile.objs
+++ b/Makefile.objs
@@ -187,7 +187,7 @@ hw-obj-$(CONFIG_PIIX4) += piix4.o
 # PCI watchdog devices
 hw-obj-y += wdt_i6300esb.o
 
-hw-obj-y += pcie.o pcie_port.o
+hw-obj-y += pcie.o pcie_aer.o pcie_port.o
 hw-obj-y += msix.o msi.o
 
 # PCI network cards
diff --git a/hw/pcie.h b/hw/pcie.h
index 2871e27..415a680 100644
--- a/hw/pcie.h
+++ b/hw/pcie.h
@@ -24,6 +24,7 @@
 #include "hw.h"
 #include "pci_regs.h"
 #include "pcie_regs.h"
+#include "pcie_aer.h"
 
 typedef enum {
 /* for attention and power indicator */
@@ -74,6 +75,19 @@ struct PCIExpressDevice {
  * also initialize it when loaded as
  * appropreately.
  */
+
+/* AER */
+uint16_t aer_cap;
+PCIEAERLog aer_log;
+unsigned int aer_intx;  /* INTx for error reporting
+ * default is 0 = INTA#
+ * If the chip wants to use other interrupt
+ * line, initialize this member with the
+ * desired number.
+ * If the chip dynamically changes this member,
+ * also initialize it when loaded as
+ * appropreately.
+ */
 };
 
 /* PCI express capability helper functions */
diff --git a/hw/pcie_aer.c b/hw/pcie_aer.c
new file mode 100644
index 000..b8cede3
--- /dev/null
+++ b/hw/pcie_aer.c
@@ -0,0 +1,780 @@
+/*
+ * pcie_aer.c
+ *
+ * Copyright (c) 2010 Isaku Yamahata 
+ *VA Linux Systems Japan K.K.
+ *
+ * This program is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License along
+ * with this program; if not, see .
+ */
+
+#include "sysemu.h"
+#include "pci_bridge.h"
+#include "pcie.h"
+#include "msix.h"
+#include "msi.h"
+#include "pci_internals.h"
+#include "pcie_regs.h"
+
+//#define DEBUG_PCIE
+#ifdef DEBUG_PCIE
+# define PCIE_DPRINTF(fmt, ...) \
+fprintf(stderr, "%s:%d " fmt, __func__, __LINE__, ## __VA_ARGS__)
+#else
+# define PCIE_DPRINTF(fmt, ...) do {} while (0)
+#endif
+#define PCIE_DEV_PRINTF(dev, fmt, ...)  \
+PCIE_DPRINTF("%s:%x "fmt, (dev)->name, (dev)->devfn, ## __VA_ARGS__)
+
+static void pcie_aer_clear_error(PCIDevice *dev);
+static uint8_t pcie_aer_root_get_vector(PCIDevice *dev);
+static AERMsgResult
+pcie_aer_msg_alldev(PCIDevice *dev, const PCIEAERMsg *msg);
+static AERMsgResult
+pcie_aer_msg_vbridge(PCIDevice *dev, const PCIEAERMsg *msg);
+static AERMsgResult
+pcie_aer_msg_root_port(PCIDevice *dev, const PCIEAERMsg *msg);
+
+/* From 6.2.7 Error Listing and Rules. Table 6-2, 6-3 and 6-4 */
+static PCIEAERSeverity pcie_aer_uncor_default_severity(uint32_t status)
+{
+switch (status) {
+case PCI_ERR_UNC_INTN:
+case PCI_ERR_UNC_DLP:
+case PCI_ERR_UNC_SDN:
+case PCI_ERR_UNC_RX_OVER:
+case PCI_ERR_UNC_FCP:
+case PCI_ERR_UNC_MALF_TLP:
+return AER_ERR_FATAL;
+case PCI_ERR_UNC_POISON_TLP:
+case PCI_ERR_UNC_ECRC:
+case PCI_ERR_UNC_UNSUP:
+case PCI_ERR_UNC_COMP_TIME:
+case PCI_ERR_UNC_COMP_ABORT:
+case PCI_ERR_UNC_UNX_COMP:
+case PCI_ERR_UNC_ACSV:
+case PCI_ERR_UNC_MCBTLP:
+c

[Qemu-devel] [PATCH v6 05/12] x3130: pcie upstream port

[Isaku Yamahata]

Implement TI x3130 pcie upstream port switch.

Signed-off-by: Isaku Yamahata 
---
Changes v5 -> v6:
- compilation adjustment.
- delete aer bits.

Changes v4 -> v5:
- remove flr related stuff.
  This will be addressed at the next phase.
- use pci_xxx_test_and_xxx_mask().

Chnages v3 -> v4:
- rename pcie_upstream -> x3130_upstream.
- compilation adjustment.

Changes v2 -> v3:
- compilation adjustment.
---
 Makefile.objs |2 +-
 hw/xio3130_upstream.c |  174 +
 hw/xio3130_upstream.h |   10 +++
 3 files changed, 185 insertions(+), 1 deletions(-)
 create mode 100644 hw/xio3130_upstream.c
 create mode 100644 hw/xio3130_upstream.h

diff --git a/Makefile.objs b/Makefile.objs
index 3a05322..b1ef2bb 100644
--- a/Makefile.objs
+++ b/Makefile.objs
@@ -140,7 +140,7 @@ hw-obj-y =
 hw-obj-y += vl.o loader.o
 hw-obj-y += virtio.o virtio-console.o
 hw-obj-y += fw_cfg.o pci.o pci_host.o pcie_host.o pci_bridge.o
-hw-obj-y += ioh3420.o
+hw-obj-y += ioh3420.o xio3130_upstream.o
 hw-obj-y += watchdog.o
 hw-obj-$(CONFIG_ISA_MMIO) += isa_mmio.o
 hw-obj-$(CONFIG_ECC) += ecc.o
diff --git a/hw/xio3130_upstream.c b/hw/xio3130_upstream.c
new file mode 100644
index 000..d9d637f
--- /dev/null
+++ b/hw/xio3130_upstream.c
@@ -0,0 +1,174 @@
+/*
+ * xio3130_upstream.c
+ * TI X3130 pci express upstream port switch
+ *
+ * Copyright (c) 2010 Isaku Yamahata 
+ *VA Linux Systems Japan K.K.
+ *
+ * This program is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License along
+ * with this program; if not, see .
+ */
+
+#include "pci_ids.h"
+#include "msi.h"
+#include "pcie.h"
+#include "xio3130_upstream.h"
+
+#define PCI_DEVICE_ID_TI_XIO3130U   0x8232  /* upstream port */
+#define XIO3130_REVISION0x2
+#define XIO3130_MSI_OFFSET  0x70
+#define XIO3130_MSI_SUPPORTED_FLAGS PCI_MSI_FLAGS_64BIT
+#define XIO3130_MSI_NR_VECTOR   1
+#define XIO3130_SSVID_OFFSET0x80
+#define XIO3130_SSVID_SVID  0
+#define XIO3130_SSVID_SSID  0
+#define XIO3130_EXP_OFFSET  0x90
+#define XIO3130_AER_OFFSET  0x100
+
+static void xio3130_upstream_write_config(PCIDevice *d, uint32_t address,
+  uint32_t val, int len)
+{
+pci_bridge_write_config(d, address, val, len);
+pcie_cap_flr_write_config(d, address, val, len);
+msi_write_config(d, address, val, len);
+/* TODO: AER */
+}
+
+static void xio3130_upstream_reset(DeviceState *qdev)
+{
+PCIDevice *d = DO_UPCAST(PCIDevice, qdev, qdev);
+msi_reset(d);
+pci_bridge_reset(qdev);
+pcie_cap_deverr_reset(d);
+}
+
+static int xio3130_upstream_initfn(PCIDevice *d)
+{
+PCIBridge* br = DO_UPCAST(PCIBridge, dev, d);
+PCIEPort *p = DO_UPCAST(PCIEPort, br, br);
+int rc;
+
+rc = pci_bridge_initfn(d);
+if (rc < 0) {
+return rc;
+}
+
+pcie_port_init_reg(d);
+pci_config_set_vendor_id(d->config, PCI_VENDOR_ID_TI);
+pci_config_set_device_id(d->config, PCI_DEVICE_ID_TI_XIO3130U);
+d->config[PCI_REVISION_ID] = XIO3130_REVISION;
+
+rc = msi_init(d, XIO3130_MSI_OFFSET, XIO3130_MSI_NR_VECTOR,
+  XIO3130_MSI_SUPPORTED_FLAGS & PCI_MSI_FLAGS_64BIT,
+  XIO3130_MSI_SUPPORTED_FLAGS & PCI_MSI_FLAGS_MASKBIT);
+if (rc < 0) {
+return rc;
+}
+rc = pci_bridge_ssvid_init(d, XIO3130_SSVID_OFFSET,
+   XIO3130_SSVID_SVID, XIO3130_SSVID_SSID);
+if (rc < 0) {
+return rc;
+}
+rc = pcie_cap_init(d, XIO3130_EXP_OFFSET, PCI_EXP_TYPE_UPSTREAM,
+   p->port);
+if (rc < 0) {
+return rc;
+}
+
+/* TODO: implement FLR */
+pcie_cap_flr_init(d);
+
+pcie_cap_deverr_init(d);
+/* TODO: AER */
+
+return 0;
+}
+
+static int xio3130_upstream_exitfn(PCIDevice *d)
+{
+/* TODO: AER */
+msi_uninit(d);
+pcie_cap_exit(d);
+return pci_bridge_exitfn(d);
+}
+
+PCIEPort *xio3130_upstream_init(PCIBus *bus, int devfn, bool multifunction,
+ const char *bus_name, pci_map_irq_fn map_irq,
+ uint8_t port)
+{
+PCIDevice *d;
+PCIBridge *br;
+DeviceState *qdev;
+
+d = pci_create_multifunction(bus, devfn, multifunction, "x3130-upstream");
+if (!d) {
+return NULL;
+}
+br = DO_UPCAST(PCIBridge, dev, d);
+
+qdev = &br

[Qemu-devel] [PATCH v6 09/12] pcie/aer: glue aer error injection into qemu monitor

[Isaku Yamahata]

introduce pcie_aer_inject_error command.

Signed-off-by: Isaku Yamahata 
---
Changes v3 -> v4:
- s/PCIE_AER/PCIEAER/g for structure names.
- compilation adjustment.

Changes v2 -> v3:
- compilation adjustment.
---
 hw/pcie_aer.c   |   84 +++
 qemu-monitor.hx |   22 ++
 sysemu.h|5 +++
 3 files changed, 111 insertions(+), 0 deletions(-)

diff --git a/hw/pcie_aer.c b/hw/pcie_aer.c
index b8cede3..459e0d7 100644
--- a/hw/pcie_aer.c
+++ b/hw/pcie_aer.c
@@ -19,6 +19,8 @@
  */
 
 #include "sysemu.h"
+#include "qemu-objects.h"
+#include "monitor.h"
 #include "pci_bridge.h"
 #include "pcie.h"
 #include "msix.h"
@@ -778,3 +780,85 @@ const VMStateDescription vmstate_pcie_aer_log = {
 }
 };
 
+void pcie_aer_inject_error_print(Monitor *mon, const QObject *data)
+{
+QDict *qdict;
+int devfn;
+assert(qobject_type(data) == QTYPE_QDICT);
+qdict = qobject_to_qdict(data);
+
+devfn = (int)qdict_get_int(qdict, "devfn");
+monitor_printf(mon, "OK domain: %x, bus: %x devfn: %x.%x\n",
+   (int) qdict_get_int(qdict, "domain"),
+   (int) qdict_get_int(qdict, "bus"),
+   PCI_SLOT(devfn), PCI_FUNC(devfn));
+}
+
+int do_pcie_aer_inejct_error(Monitor *mon,
+ const QDict *qdict, QObject **ret_data)
+{
+const char *pci_addr = qdict_get_str(qdict, "pci_addr");
+int dom;
+int bus;
+unsigned int slot;
+unsigned int func;
+PCIDevice *dev;
+PCIEAERErr err;
+
+/* Ideally qdev device path should be used.
+ * However at the moment there is no reliable way to determine
+ * wheher a given qdev is pci device or not.
+ * so pci_addr is used.
+ */
+if (pci_parse_devaddr(pci_addr, &dom, &bus, &slot, &func)) {
+monitor_printf(mon, "invalid pci address %s\n", pci_addr);
+return -1;
+}
+dev = pci_find_device(pci_find_root_bus(dom), bus, slot, func);
+if (!dev) {
+monitor_printf(mon, "device is not found. 0x%x:0x%x.0x%x\n",
+   bus, slot, func);
+return -1;
+}
+if (!pci_is_express(dev)) {
+monitor_printf(mon, "the device doesn't support pci express. "
+   "0x%x:0x%x.0x%x\n",
+   bus, slot, func);
+return -1;
+}
+
+err.status = qdict_get_int(qdict, "error_status");
+err.source_id = (pci_bus_num(dev->bus) << 8) | dev->devfn;
+
+err.flags = 0;
+if (qdict_get_int(qdict, "is_correctable")) {
+err.flags |= PCIE_AER_ERR_IS_CORRECTABLE;
+}
+if (qdict_get_int(qdict, "advisory_non_fatal")) {
+err.flags |= PCIE_AER_ERR_MAYBE_ADVISORY;
+}
+if (qdict_haskey(qdict, "tlph0")) {
+err.flags |= PCIE_AER_ERR_HEADER_VALID;
+}
+if (qdict_haskey(qdict, "hpfx0")) {
+err.flags |= PCIE_AER_ERR_TLP_PRESENT;
+}
+
+err.header[0] = qdict_get_try_int(qdict, "tlph0", 0);
+err.header[1] = qdict_get_try_int(qdict, "tlph1", 0);
+err.header[2] = qdict_get_try_int(qdict, "tlph2", 0);
+err.header[3] = qdict_get_try_int(qdict, "tlph3", 0);
+
+err.prefix[0] = qdict_get_try_int(qdict, "hpfx0", 0);
+err.prefix[1] = qdict_get_try_int(qdict, "hpfx1", 0);
+err.prefix[2] = qdict_get_try_int(qdict, "hpfx2", 0);
+err.prefix[3] = qdict_get_try_int(qdict, "hpfx3", 0);
+
+pcie_aer_inject_error(dev, &err);
+*ret_data = qobject_from_jsonf("{ 'domain': %d, 'bus': %d, 'devfn': %d }",
+   pci_find_domain(dev->bus),
+   pci_bus_num(dev->bus), dev->devfn);
+assert(*ret_data);
+
+return 0;
+}
diff --git a/qemu-monitor.hx b/qemu-monitor.hx
index 965c754..ccb3d0e 100644
--- a/qemu-monitor.hx
+++ b/qemu-monitor.hx
@@ -1168,6 +1168,28 @@ Push PCI express attention button
 ETEXI
 
 {
+.name   = "pcie_aer_inject_error",
+.args_type  = "advisory_non_fatal:-a,is_correctable:-c,"
+ "pci_addr:s,error_status:i,"
+ "tlph0:i?,tlph1:i?,tlph2:i?,tlph3:i?,"
+ "hpfx0:i?,hpfx1:i?,hpfx2:i?,hpfx3:i?",
+.params = "[-a] [-c] [[:]:]. "
+ " "
+ "[] "
+ "[]",
+.help   = "inject pcie aer error "
+  "(use -a for advisory non fatal error) "
+  "(use -c for correctrable error)",
+.user_print  = pcie_aer_inject_error_print,
+.mhandler.cmd_new = do_pcie_aer_inejct_error,
+},
+
+STEXI
+...@item pcie_abp
+Push PCI express attention button
+ETEXI
+
+{
 .name   = "host_net_add",
 .args_type  = "device:s,opts:s?",
 .params = "tap|user|socket|vde|dump [options]",
diff --git a/sysemu.h b/sysemu.h
index cca411d..2f7157c 100644
--- a/sysemu.h
+++ b/sysemu.h
@@ -155,6 +155,11 @@ void pcie_attention_button_push_print(Monitor *mon, const 
QObject *data);
 

[Qemu-devel] [PATCH v6 02/12] pci/bridge: fix pci_bridge_reset()

[Isaku Yamahata]

The default value of base/limit registers aren't specified in the spec.
So pci_bridge_reset() shouldn't touch them.
Instead, introduced two functions to reset those registers in a way
of typical implementation. zero base/limit registers or disable forwarding.
They will be used later.

Signed-off-by: Isaku Yamahata 
---
Changes v5 -> v6:
- pci_bridge_disable_base_limit()

Changes v4 -> v5:
- drop the lines in pci_bridge_reset()
- introduced two functions to reset base/limit registers.
---
 hw/pci_bridge.c |   48 ++--
 hw/pci_bridge.h |1 +
 2 files changed, 43 insertions(+), 6 deletions(-)

diff --git a/hw/pci_bridge.c b/hw/pci_bridge.c
index 638e3b3..7e8488a 100644
--- a/hw/pci_bridge.c
+++ b/hw/pci_bridge.c
@@ -151,6 +151,26 @@ void pci_bridge_write_config(PCIDevice *d,
 }
 }
 
+void pci_bridge_disable_base_limit(PCIDevice *dev)
+{
+uint8_t *conf = dev->config;
+
+pci_byte_test_and_set_mask(conf + PCI_IO_BASE,
+   PCI_IO_RANGE_MASK & 0xff);
+pci_byte_test_and_clear_mask(conf + PCI_IO_LIMIT,
+ PCI_IO_RANGE_MASK & 0xff);
+pci_word_test_and_set_mask(conf + PCI_MEMORY_BASE,
+   PCI_MEMORY_RANGE_MASK & 0x);
+pci_word_test_and_clear_mask(conf + PCI_MEMORY_LIMIT,
+ PCI_MEMORY_RANGE_MASK & 0x);
+pci_word_test_and_set_mask(conf + PCI_PREF_MEMORY_BASE,
+   PCI_PREF_RANGE_MASK & 0x);
+pci_word_test_and_clear_mask(conf + PCI_PREF_MEMORY_LIMIT,
+ PCI_PREF_RANGE_MASK & 0x);
+pci_set_word(conf + PCI_PREF_BASE_UPPER32, 0);
+pci_set_word(conf + PCI_PREF_LIMIT_UPPER32, 0);
+}
+
 /* reset bridge specific configuration registers */
 void pci_bridge_reset_reg(PCIDevice *dev)
 {
@@ -161,12 +181,28 @@ void pci_bridge_reset_reg(PCIDevice *dev)
 conf[PCI_SUBORDINATE_BUS] = 0;
 conf[PCI_SEC_LATENCY_TIMER] = 0;
 
-conf[PCI_IO_BASE] = 0;
-conf[PCI_IO_LIMIT] = 0;
-pci_set_word(conf + PCI_MEMORY_BASE, 0);
-pci_set_word(conf + PCI_MEMORY_LIMIT, 0);
-pci_set_word(conf + PCI_PREF_MEMORY_BASE, 0);
-pci_set_word(conf + PCI_PREF_MEMORY_LIMIT, 0);
+/*
+ * the default values for base/limit registers aren't specified
+ * in the PCI-to-PCI-bridge spec. So we don't thouch them here.
+ * Each implementation can override it.
+ * typical implementation does
+ * zero base/limit registers or
+ * disable forwarding: pci_bridge_disable_base_limit()
+ * If disable forwarding is wanted, call pci_bridge_disable_base_limit()
+ * after this function.
+ */
+pci_byte_test_and_clear_mask(conf + PCI_IO_BASE,
+ PCI_IO_RANGE_MASK & 0xff);
+pci_byte_test_and_clear_mask(conf + PCI_IO_LIMIT,
+ PCI_IO_RANGE_MASK & 0xff);
+pci_word_test_and_clear_mask(conf + PCI_MEMORY_BASE,
+ PCI_MEMORY_RANGE_MASK & 0x);
+pci_word_test_and_clear_mask(conf + PCI_MEMORY_LIMIT,
+ PCI_MEMORY_RANGE_MASK & 0x);
+pci_word_test_and_clear_mask(conf + PCI_PREF_MEMORY_BASE,
+ PCI_PREF_RANGE_MASK & 0x);
+pci_word_test_and_clear_mask(conf + PCI_PREF_MEMORY_LIMIT,
+ PCI_PREF_RANGE_MASK & 0x);
 pci_set_word(conf + PCI_PREF_BASE_UPPER32, 0);
 pci_set_word(conf + PCI_PREF_LIMIT_UPPER32, 0);
 
diff --git a/hw/pci_bridge.h b/hw/pci_bridge.h
index f6fade0..84411a6 100644
--- a/hw/pci_bridge.h
+++ b/hw/pci_bridge.h
@@ -39,6 +39,7 @@ pcibus_t pci_bridge_get_limit(const PCIDevice *bridge, 
uint8_t type);
 
 void pci_bridge_write_config(PCIDevice *d,
  uint32_t address, uint32_t val, int len);
+void pci_bridge_disable_base_limit(PCIDevice *dev);
 void pci_bridge_reset_reg(PCIDevice *dev);
 void pci_bridge_reset(DeviceState *qdev);
 
-- 
1.7.1.1

Re: [Qemu-devel] KVM call minutes for Oct 19

[Paolo Bonzini]

On 10/20/2010 10:21 AM, Alexander Graf wrote:

Would it be realistic to declare deprecating the qemu-kvm fork for
0.14 as goal?


I recall some performance problems with the qemu.git iothread, I'm not 
sure all of those have been fixed.


Paolo

[Qemu-devel] [PATCH v6 10/12] ioh3420: support aer

[Isaku Yamahata]

Add aer support.

Signed-off-by: Isaku Yamahata 
---
 hw/ioh3420.c |   52 ++--
 1 files changed, 46 insertions(+), 6 deletions(-)

diff --git a/hw/ioh3420.c b/hw/ioh3420.c
index 1f340d3..09c94f9 100644
--- a/hw/ioh3420.c
+++ b/hw/ioh3420.c
@@ -36,28 +36,63 @@
 #define IOH_EP_EXP_OFFSET   0x90
 #define IOH_EP_AER_OFFSET   0x100
 
+/*
+ * If two MSI vector are allocated, Advanced Error Interrupt Message Number
+ * is 1. otherwise 0.
+ * 17.12.5.10 RPERRSTS,  32:27 bit Advanced Error Interrupt Message Number.
+ */
+static uint8_t ioh3420_aer_vector(const PCIDevice *d)
+{
+switch (msi_nr_vectors_allocated(d)) {
+case 1:
+return 0;
+case 2:
+return 1;
+case 4:
+case 8:
+case 16:
+case 32:
+default:
+break;
+}
+abort();
+return 0;
+}
+
+static void ioh3420_aer_vector_update(PCIDevice *d)
+{
+pcie_aer_root_set_vector(d, ioh3420_aer_vector(d));
+}
+
 static void ioh3420_write_config(PCIDevice *d,
uint32_t address, uint32_t val, int len)
 {
 uint16_t sltctl =
 pci_get_word(d->config + d->exp.exp_cap + PCI_EXP_SLTCTL);
+uint32_t uncorsta =
+pci_get_long(d->config + d->exp.aer_cap + PCI_ERR_UNCOR_STATUS);
+uint32_t root_cmd =
+pci_get_long(d->config + d->exp.aer_cap + PCI_ERR_ROOT_COMMAND);
 
 pci_bridge_write_config(d, address, val, len);
 msi_write_config(d, address, val, len);
+ioh3420_aer_vector_update(d);
 pcie_cap_slot_write_config(d, address, val, len, sltctl);
-/* TODO: AER */
+pcie_aer_write_config(d, address, val, len, uncorsta);
+pcie_aer_root_write_config(d, address, val, len, root_cmd);
 }
 
 static void ioh3420_reset(DeviceState *qdev)
 {
 PCIDevice *d = DO_UPCAST(PCIDevice, qdev, qdev);
 msi_reset(d);
+ioh3420_aer_vector_update(d);
 pcie_cap_root_reset(d);
 pcie_cap_deverr_reset(d);
 pcie_cap_slot_reset(d);
+pcie_aer_root_reset(d);
 pci_bridge_reset(qdev);
 pci_bridge_disable_base_limit(d);
-/* TODO: AER */
 }
 
 static int ioh3420_initfn(PCIDevice *d)
@@ -101,13 +136,15 @@ static int ioh3420_initfn(PCIDevice *d)
 return rc;
 }
 pcie_cap_root_init(d);
-/* TODO: AER */
+pcie_aer_init(d, IOH_EP_AER_OFFSET);
+pcie_aer_root_init(d);
+ioh3420_aer_vector_update(d);
 return 0;
 }
 
 static int ioh3420_exitfn(PCIDevice *d)
 {
-/* TODO: AER */
+pcie_aer_exit(d);
 msi_uninit(d);
 pcie_cap_exit(d);
 return pci_bridge_exitfn(d);
@@ -144,7 +181,8 @@ static const VMStateDescription vmstate_ioh3420 = {
 .minimum_version_id_old = 1,
 .fields = (VMStateField[]) {
 VMSTATE_PCIE_DEVICE(port.br.dev, PCIESlot),
-/* TODO: AER */
+VMSTATE_STRUCT(port.br.dev.exp.aer_log, PCIESlot, 0,
+   vmstate_pcie_aer_log, PCIEAERLog),
 VMSTATE_END_OF_LIST()
 }
 };
@@ -166,7 +204,9 @@ static PCIDeviceInfo ioh3420_info = {
 DEFINE_PROP_UINT8("port", PCIESlot, port.port, 0),
 DEFINE_PROP_UINT8("chassis", PCIESlot, chassis, 0),
 DEFINE_PROP_UINT16("slot", PCIESlot, slot, 0),
-/* TODO: AER */
+DEFINE_PROP_UINT16("aer_log_max", PCIESlot,
+   port.br.dev.exp.aer_log.log_max,
+   PCIE_AER_LOG_MAX_DEFAULT),
 DEFINE_PROP_END_OF_LIST(),
 }
 };
-- 
1.7.1.1

[Qemu-devel] [PATCH v6 12/12] x3130/downstream: support aer.

[Isaku Yamahata]

add aer support.

Signed-off-by: Isaku Yamahata 
---
 hw/xio3130_downstream.c |   15 ++-
 1 files changed, 10 insertions(+), 5 deletions(-)

diff --git a/hw/xio3130_downstream.c b/hw/xio3130_downstream.c
index a44e188..9087c0b 100644
--- a/hw/xio3130_downstream.c
+++ b/hw/xio3130_downstream.c
@@ -40,12 +40,14 @@ static void xio3130_downstream_write_config(PCIDevice *d, 
uint32_t address,
 {
 uint16_t sltctl =
 pci_get_word(d->config + d->exp.exp_cap + PCI_EXP_SLTCTL);
+uint32_t uncorsta =
+pci_get_long(d->config + d->exp.aer_cap + PCI_ERR_UNCOR_STATUS);
 
 pci_bridge_write_config(d, address, val, len);
 pcie_cap_flr_write_config(d, address, val, len);
 pcie_cap_slot_write_config(d, address, val, len, sltctl);
 msi_write_config(d, address, val, len);
-/* TODO: AER */
+pcie_aer_write_config(d, address, val, len, uncorsta);
 }
 
 static void xio3130_downstream_reset(DeviceState *qdev)
@@ -100,14 +102,14 @@ static int xio3130_downstream_initfn(PCIDevice *d)
 return rc;
 }
 pcie_cap_ari_init(d);
-/* TODO: AER */
+pcie_aer_init(d, XIO3130_AER_OFFSET);
 
 return 0;
 }
 
 static int xio3130_downstream_exitfn(PCIDevice *d)
 {
-/* TODO: AER */
+pcie_aer_exit(d);
 msi_uninit(d);
 pcie_cap_exit(d);
 return pci_bridge_exitfn(d);
@@ -146,7 +148,8 @@ static const VMStateDescription vmstate_xio3130_downstream 
= {
 .minimum_version_id_old = 1,
 .fields = (VMStateField[]) {
 VMSTATE_PCIE_DEVICE(port.br.dev, PCIESlot),
-/* TODO: AER */
+VMSTATE_STRUCT(port.br.dev.exp.aer_log, PCIESlot, 0,
+   vmstate_pcie_aer_log, PCIEAERLog),
 VMSTATE_END_OF_LIST()
 }
 };
@@ -168,7 +171,9 @@ static PCIDeviceInfo xio3130_downstream_info = {
 DEFINE_PROP_UINT8("port", PCIESlot, port.port, 0),
 DEFINE_PROP_UINT8("chassis", PCIESlot, chassis, 0),
 DEFINE_PROP_UINT16("slot", PCIESlot, slot, 0),
-/* TODO: AER */
+DEFINE_PROP_UINT16("aer_log_max", PCIESlot,
+   port.br.dev.exp.aer_log.log_max,
+   PCIE_AER_LOG_MAX_DEFAULT),
 DEFINE_PROP_END_OF_LIST(),
 }
 };
-- 
1.7.1.1

[Qemu-devel] Re: [PATCH v6 02/12] pci/bridge: fix pci_bridge_reset()

[Michael S. Tsirkin]

On Wed, Oct 20, 2010 at 05:18:51PM +0900, Isaku Yamahata wrote:
> The default value of base/limit registers aren't specified in the spec.
> So pci_bridge_reset() shouldn't touch them.
> Instead, introduced two functions to reset those registers in a way
> of typical implementation. zero base/limit registers or disable forwarding.
> They will be used later.
> 
> Signed-off-by: Isaku Yamahata 

The commit message seems to be out of date?

> ---
> Changes v5 -> v6:
> - pci_bridge_disable_base_limit()
> 
> Changes v4 -> v5:
> - drop the lines in pci_bridge_reset()
> - introduced two functions to reset base/limit registers.
> ---
>  hw/pci_bridge.c |   48 ++--
>  hw/pci_bridge.h |1 +
>  2 files changed, 43 insertions(+), 6 deletions(-)
> 
> diff --git a/hw/pci_bridge.c b/hw/pci_bridge.c
> index 638e3b3..7e8488a 100644
> --- a/hw/pci_bridge.c
> +++ b/hw/pci_bridge.c
> @@ -151,6 +151,26 @@ void pci_bridge_write_config(PCIDevice *d,
>  }
>  }
>  
> +void pci_bridge_disable_base_limit(PCIDevice *dev)
> +{
> +uint8_t *conf = dev->config;
> +
> +pci_byte_test_and_set_mask(conf + PCI_IO_BASE,
> +   PCI_IO_RANGE_MASK & 0xff);
> +pci_byte_test_and_clear_mask(conf + PCI_IO_LIMIT,
> + PCI_IO_RANGE_MASK & 0xff);
> +pci_word_test_and_set_mask(conf + PCI_MEMORY_BASE,
> +   PCI_MEMORY_RANGE_MASK & 0x);
> +pci_word_test_and_clear_mask(conf + PCI_MEMORY_LIMIT,
> + PCI_MEMORY_RANGE_MASK & 0x);
> +pci_word_test_and_set_mask(conf + PCI_PREF_MEMORY_BASE,
> +   PCI_PREF_RANGE_MASK & 0x);
> +pci_word_test_and_clear_mask(conf + PCI_PREF_MEMORY_LIMIT,
> + PCI_PREF_RANGE_MASK & 0x);
> +pci_set_word(conf + PCI_PREF_BASE_UPPER32, 0);
> +pci_set_word(conf + PCI_PREF_LIMIT_UPPER32, 0);
> +}
> +
>  /* reset bridge specific configuration registers */
>  void pci_bridge_reset_reg(PCIDevice *dev)
>  {
> @@ -161,12 +181,28 @@ void pci_bridge_reset_reg(PCIDevice *dev)
>  conf[PCI_SUBORDINATE_BUS] = 0;
>  conf[PCI_SEC_LATENCY_TIMER] = 0;
>  
> -conf[PCI_IO_BASE] = 0;
> -conf[PCI_IO_LIMIT] = 0;
> -pci_set_word(conf + PCI_MEMORY_BASE, 0);
> -pci_set_word(conf + PCI_MEMORY_LIMIT, 0);
> -pci_set_word(conf + PCI_PREF_MEMORY_BASE, 0);
> -pci_set_word(conf + PCI_PREF_MEMORY_LIMIT, 0);
> +/*
> + * the default values for base/limit registers aren't specified
> + * in the PCI-to-PCI-bridge spec. So we don't thouch them here.
> + * Each implementation can override it.
> + * typical implementation does
> + * zero base/limit registers or
> + * disable forwarding: pci_bridge_disable_base_limit()
> + * If disable forwarding is wanted, call pci_bridge_disable_base_limit()
> + * after this function.
> + */
> +pci_byte_test_and_clear_mask(conf + PCI_IO_BASE,
> + PCI_IO_RANGE_MASK & 0xff);
> +pci_byte_test_and_clear_mask(conf + PCI_IO_LIMIT,
> + PCI_IO_RANGE_MASK & 0xff);
> +pci_word_test_and_clear_mask(conf + PCI_MEMORY_BASE,
> + PCI_MEMORY_RANGE_MASK & 0x);
> +pci_word_test_and_clear_mask(conf + PCI_MEMORY_LIMIT,
> + PCI_MEMORY_RANGE_MASK & 0x);
> +pci_word_test_and_clear_mask(conf + PCI_PREF_MEMORY_BASE,
> + PCI_PREF_RANGE_MASK & 0x);
> +pci_word_test_and_clear_mask(conf + PCI_PREF_MEMORY_LIMIT,
> + PCI_PREF_RANGE_MASK & 0x);
>  pci_set_word(conf + PCI_PREF_BASE_UPPER32, 0);
>  pci_set_word(conf + PCI_PREF_LIMIT_UPPER32, 0);
>  
> diff --git a/hw/pci_bridge.h b/hw/pci_bridge.h
> index f6fade0..84411a6 100644
> --- a/hw/pci_bridge.h
> +++ b/hw/pci_bridge.h
> @@ -39,6 +39,7 @@ pcibus_t pci_bridge_get_limit(const PCIDevice *bridge, 
> uint8_t type);
>  
>  void pci_bridge_write_config(PCIDevice *d,
>   uint32_t address, uint32_t val, int len);
> +void pci_bridge_disable_base_limit(PCIDevice *dev);
>  void pci_bridge_reset_reg(PCIDevice *dev);
>  void pci_bridge_reset(DeviceState *qdev);
>  
> -- 
> 1.7.1.1

[Qemu-devel] [PATCH v6 01/12] pcie: comment on hpev_intx

[Isaku Yamahata]

document hpev_intx.

Signed-off-by: Isaku Yamahata 
---
 hw/pcie.h |   10 +-
 1 files changed, 9 insertions(+), 1 deletions(-)

diff --git a/hw/pcie.h b/hw/pcie.h
index 68327d8..2871e27 100644
--- a/hw/pcie.h
+++ b/hw/pcie.h
@@ -65,7 +65,15 @@ struct PCIExpressDevice {
 /* TODO FLR */
 
 /* SLOT */
-unsigned int hpev_intx; /* INTx for hot plug event */
+unsigned int hpev_intx; /* INTx for hot plug event (0-3:INT[A-D]#)
+ * default is 0 = INTA#
+ * If the chip wants to use other interrupt
+ * line, initialize this member with the
+ * desired number.
+ * If the chip dynamically changes this member,
+ * also initialize it when loaded as
+ * appropreately.
+ */
 };
 
 /* PCI express capability helper functions */
-- 
1.7.1.1

[Qemu-devel] [PATCH v6 11/12] x3130/upstream: support aer

[Isaku Yamahata]

add aer support.

Signed-off-by: Isaku Yamahata 
---
 hw/xio3130_upstream.c |   15 ++-
 1 files changed, 10 insertions(+), 5 deletions(-)

diff --git a/hw/xio3130_upstream.c b/hw/xio3130_upstream.c
index d9d637f..36ed4b1 100644
--- a/hw/xio3130_upstream.c
+++ b/hw/xio3130_upstream.c
@@ -38,10 +38,13 @@
 static void xio3130_upstream_write_config(PCIDevice *d, uint32_t address,
   uint32_t val, int len)
 {
+uint32_t uncorsta =
+pci_get_long(d->config + d->exp.aer_cap + PCI_ERR_UNCOR_STATUS);
+
 pci_bridge_write_config(d, address, val, len);
 pcie_cap_flr_write_config(d, address, val, len);
 msi_write_config(d, address, val, len);
-/* TODO: AER */
+pcie_aer_write_config(d, address, val, len, uncorsta);
 }
 
 static void xio3130_upstream_reset(DeviceState *qdev)
@@ -89,14 +92,14 @@ static int xio3130_upstream_initfn(PCIDevice *d)
 pcie_cap_flr_init(d);
 
 pcie_cap_deverr_init(d);
-/* TODO: AER */
+pcie_aer_init(d, XIO3130_AER_OFFSET);
 
 return 0;
 }
 
 static int xio3130_upstream_exitfn(PCIDevice *d)
 {
-/* TODO: AER */
+pcie_aer_exit(d);
 msi_uninit(d);
 pcie_cap_exit(d);
 return pci_bridge_exitfn(d);
@@ -131,7 +134,8 @@ static const VMStateDescription vmstate_xio3130_upstream = {
 .minimum_version_id_old = 1,
 .fields = (VMStateField[]) {
 VMSTATE_PCIE_DEVICE(br.dev, PCIEPort),
-/* TODO: AER */
+VMSTATE_STRUCT(br.dev.exp.aer_log, PCIEPort, 0, vmstate_pcie_aer_log,
+   PCIEAERLog),
 VMSTATE_END_OF_LIST()
 }
 };
@@ -151,7 +155,8 @@ static PCIDeviceInfo xio3130_upstream_info = {
 
 .qdev.props = (Property[]) {
 DEFINE_PROP_UINT8("port", PCIEPort, port, 0),
-/* TODO: AER */
+DEFINE_PROP_UINT16("aer_log_max", PCIEPort, br.dev.exp.aer_log.log_max,
+   PCIE_AER_LOG_MAX_DEFAULT),
 DEFINE_PROP_END_OF_LIST(),
 }
 };
-- 
1.7.1.1

[Qemu-devel] [Bug 663713] Re: Mouse frozen under an emulated ubuntu

[Michael Tokarev]

Works For Me (tm).

Mouse behavour changed in 0.13 (compared with 0.12) a bit - now, without
the usual in such cases -usbdevice tablet, guest mouse does not follow
host mouse, because they don't match anyway.  You have to switch to
guest (Ctrl+Alt, or hit mouse in guest window) to activate guest mouse.

** Changed in: qemu
   Status: New => Incomplete

-- 
Mouse frozen under an emulated ubuntu
https://bugs.launchpad.net/bugs/663713
You received this bug notification because you are a member of qemu-
devel-ml, which is subscribed to QEMU.

Status in QEMU: Incomplete

Bug description:
Qemu 0.13.0

Command line used :

qemu-system-x86_64 --enable-kvm -localtime -soundhw all -k fr -m 1500 -net user 
-net nic,model=rtl8139 -hda disk.img -cdrom ubuntu-10.10-desktop-amd64.iso 
-boot d

When I try to move mouse cursor in qemu, pointer is frozen. Nothing is moving. 
Was working perfectly with Qemu 0.12.5.

Re: [Qemu-devel] [PATCH 2/3] Make paio subsystem use threadlets

[Kevin Wolf]

Am 19.10.2010 19:43, schrieb Arun R Bharadwaj:
> From: Gautham R Shenoy 
> 
> This patch makes the paio subsystem use the threadlet framework thereby
> decoupling asynchronous threading framework portion out of
> posix-aio-compat.c
> 
> The patch has been tested with fstress.
> 
> Signed-off-by: Gautham R Shenoy 
> Signed-off-by: Sripathi Kodi 
> ---
>  posix-aio-compat.c |  166 
> +---
>  1 files changed, 30 insertions(+), 136 deletions(-)
> 
> diff --git a/posix-aio-compat.c b/posix-aio-compat.c
> index 7b862b5..6977c18 100644
> --- a/posix-aio-compat.c
> +++ b/posix-aio-compat.c
> @@ -29,6 +29,7 @@
>  #include "block_int.h"
>  
>  #include "block/raw-posix-aio.h"
> +#include "qemu-threadlets.h"
>  
>  
>  struct qemu_paiocb {
> @@ -51,6 +52,7 @@ struct qemu_paiocb {
>  struct qemu_paiocb *next;
>  
>  int async_context_id;
> +ThreadletWork work;
>  };
>  
>  typedef struct PosixAioState {
> @@ -59,15 +61,6 @@ typedef struct PosixAioState {
>  } PosixAioState;
>  
>  
> -static pthread_mutex_t lock = PTHREAD_MUTEX_INITIALIZER;
> -static pthread_cond_t cond = PTHREAD_COND_INITIALIZER;
> -static pthread_t thread_id;
> -static pthread_attr_t attr;
> -static int max_threads = 64;
> -static int cur_threads = 0;
> -static int idle_threads = 0;
> -static QTAILQ_HEAD(, qemu_paiocb) request_list;
> -
>  #ifdef CONFIG_PREADV
>  static int preadv_present = 1;
>  #else
> @@ -85,39 +78,6 @@ static void die(const char *what)
>  die2(errno, what);
>  }
>  
> -static void mutex_lock(pthread_mutex_t *mutex)
> -{
> -int ret = pthread_mutex_lock(mutex);
> -if (ret) die2(ret, "pthread_mutex_lock");
> -}
> -
> -static void mutex_unlock(pthread_mutex_t *mutex)
> -{
> -int ret = pthread_mutex_unlock(mutex);
> -if (ret) die2(ret, "pthread_mutex_unlock");
> -}
> -
> -static int cond_timedwait(pthread_cond_t *cond, pthread_mutex_t *mutex,
> -   struct timespec *ts)
> -{
> -int ret = pthread_cond_timedwait(cond, mutex, ts);
> -if (ret && ret != ETIMEDOUT) die2(ret, "pthread_cond_timedwait");
> -return ret;
> -}
> -
> -static void cond_signal(pthread_cond_t *cond)
> -{
> -int ret = pthread_cond_signal(cond);
> -if (ret) die2(ret, "pthread_cond_signal");
> -}
> -
> -static void thread_create(pthread_t *thread, pthread_attr_t *attr,
> -  void *(*start_routine)(void*), void *arg)
> -{
> -int ret = pthread_create(thread, attr, start_routine, arg);
> -if (ret) die2(ret, "pthread_create");
> -}
> -
>  static ssize_t handle_aiocb_ioctl(struct qemu_paiocb *aiocb)
>  {
>  int ret;
> @@ -301,106 +261,51 @@ static ssize_t handle_aiocb_rw(struct qemu_paiocb 
> *aiocb)
>  return nbytes;
>  }
>  
> -static void *aio_thread(void *unused)
> +static void aio_thread(ThreadletWork *work)
>  {
>  pid_t pid;
> +struct qemu_paiocb *aiocb = container_of(work, struct qemu_paiocb, work);
> +ssize_t ret = 0;
>  
>  pid = getpid();
> +aiocb->active = 1;
>  
> -while (1) {
> -struct qemu_paiocb *aiocb;
> -ssize_t ret = 0;
> -qemu_timeval tv;
> -struct timespec ts;
> -
> -qemu_gettimeofday(&tv);
> -ts.tv_sec = tv.tv_sec + 10;
> -ts.tv_nsec = 0;
> -
> -mutex_lock(&lock);
> -
> -while (QTAILQ_EMPTY(&request_list) &&
> -   !(ret == ETIMEDOUT)) {
> -ret = cond_timedwait(&cond, &lock, &ts);
> -}
> -
> -if (QTAILQ_EMPTY(&request_list))
> -break;
> -
> -aiocb = QTAILQ_FIRST(&request_list);
> -QTAILQ_REMOVE(&request_list, aiocb, node);
> -aiocb->active = 1;
> -idle_threads--;
> -mutex_unlock(&lock);
> -
> -switch (aiocb->aio_type & QEMU_AIO_TYPE_MASK) {
> -case QEMU_AIO_READ:
> -case QEMU_AIO_WRITE:
> -ret = handle_aiocb_rw(aiocb);
> -break;
> -case QEMU_AIO_FLUSH:
> -ret = handle_aiocb_flush(aiocb);
> -break;
> -case QEMU_AIO_IOCTL:
> -ret = handle_aiocb_ioctl(aiocb);
> -break;
> -default:
> -fprintf(stderr, "invalid aio request (0x%x)\n", aiocb->aio_type);
> -ret = -EINVAL;
> -break;
> -}
> -
> -mutex_lock(&lock);
> -aiocb->ret = ret;
> -idle_threads++;
> -mutex_unlock(&lock);
> -
> -if (kill(pid, aiocb->ev_signo)) die("kill failed");
> +switch (aiocb->aio_type & QEMU_AIO_TYPE_MASK) {
> +case QEMU_AIO_READ:
> +case QEMU_AIO_WRITE:
> +ret = handle_aiocb_rw(aiocb);
> +break;
> +case QEMU_AIO_FLUSH:
> +ret = handle_aiocb_flush(aiocb);
> +break;
> +case QEMU_AIO_IOCTL:
> +ret = handle_aiocb_ioctl(aiocb);
> +break;
> +default:
> +fprintf(stderr, "invalid aio request (0x%x)\n", aiocb->aio_type);
> +ret = -EINVAL;
> +break;
>  }

Re: [Qemu-devel] [Bug 663713] [NEW] Mouse frozen under an emulated ubuntu

[Gleb Natapov]

On Wed, Oct 20, 2010 at 07:24:23AM -, FredBezies wrote:
> Public bug reported:
> 
> Qemu 0.13.0
> 
> Command line used :
> 
> qemu-system-x86_64 --enable-kvm -localtime -soundhw all -k fr -m 1500
> -net user -net nic,model=rtl8139 -hda disk.img -cdrom ubuntu-10.10
> -desktop-amd64.iso -boot d
> 
> When I try to move mouse cursor in qemu, pointer is frozen. Nothing is
> moving. Was working perfectly with Qemu 0.12.5.
> 
Was working perfectly with Qemu 0.12.5 _and_ same kernel version?

--
Gleb.

[Qemu-devel] [PATCH] monitor: Ignore "." and ".." when completing file name.

[Kusanagi Kouichi]

Signed-off-by: Kusanagi Kouichi 
---
 monitor.c |5 +
 1 files changed, 5 insertions(+), 0 deletions(-)

diff --git a/monitor.c b/monitor.c
index 260cc02..61607c5 100644
--- a/monitor.c
+++ b/monitor.c
@@ -3976,6 +3976,11 @@ static void file_completion(const char *input)
 d = readdir(ffs);
 if (!d)
 break;
+
+if (strcmp(d->d_name, ".") == 0 || strcmp(d->d_name, "..") == 0) {
+continue;
+}
+
 if (strstart(d->d_name, file_prefix, NULL)) {
 memcpy(file, input, input_path_len);
 if (input_path_len < sizeof(file))
-- 
1.7.2.3

[Qemu-devel] Re: [PATCH v6 02/12] pci/bridge: fix pci_bridge_reset()

[Isaku Yamahata]

On Wed, Oct 20, 2010 at 10:49:20AM +0200, Michael S. Tsirkin wrote:
> On Wed, Oct 20, 2010 at 05:18:51PM +0900, Isaku Yamahata wrote:
> > The default value of base/limit registers aren't specified in the spec.
> > So pci_bridge_reset() shouldn't touch them.
> > Instead, introduced two functions to reset those registers in a way
> > of typical implementation. zero base/limit registers or disable forwarding.
> > They will be used later.
> > 
> > Signed-off-by: Isaku Yamahata 
> 
> The commit message seems to be out of date?

Oops. Here's the update one. Only the commit log change.
Should I resend the whole series?

>From a3e0fd4d19879156d40f87228d09c660fc512b16 Mon Sep 17 00:00:00 2001
Message-Id: 

In-Reply-To: 
References: 
From: Isaku Yamahata 
Date: Fri, 15 Oct 2010 19:33:50 +0900
Subject: [PATCH v6 02/12] pci/bridge: fix pci_bridge_reset()

The lower bits of base/limit registers is RO and shouldn't be zero cleared
on reset. This patch fixes it.
In fact, the default value of base/limit registers aren't specified
in the spec. And some bridges disable forwarding on reset instead of
zeroing base/limit registers.
So introduce one function to disable bridge forwarding so that
such bridges can use it. It will be used later.

Signed-off-by: Isaku Yamahata 
---
Changes v5 -> v6:
- pci_bridge_disable_base_limit()

Changes v4 -> v5:
- drop the lines in pci_bridge_reset()
- introduced two functions to reset base/limit registers.
---
 hw/pci_bridge.c |   48 ++--
 hw/pci_bridge.h |1 +
 2 files changed, 43 insertions(+), 6 deletions(-)

diff --git a/hw/pci_bridge.c b/hw/pci_bridge.c
index 638e3b3..7e8488a 100644
--- a/hw/pci_bridge.c
+++ b/hw/pci_bridge.c
@@ -151,6 +151,26 @@ void pci_bridge_write_config(PCIDevice *d,
 }
 }
 
+void pci_bridge_disable_base_limit(PCIDevice *dev)
+{
+uint8_t *conf = dev->config;
+
+pci_byte_test_and_set_mask(conf + PCI_IO_BASE,
+   PCI_IO_RANGE_MASK & 0xff);
+pci_byte_test_and_clear_mask(conf + PCI_IO_LIMIT,
+ PCI_IO_RANGE_MASK & 0xff);
+pci_word_test_and_set_mask(conf + PCI_MEMORY_BASE,
+   PCI_MEMORY_RANGE_MASK & 0x);
+pci_word_test_and_clear_mask(conf + PCI_MEMORY_LIMIT,
+ PCI_MEMORY_RANGE_MASK & 0x);
+pci_word_test_and_set_mask(conf + PCI_PREF_MEMORY_BASE,
+   PCI_PREF_RANGE_MASK & 0x);
+pci_word_test_and_clear_mask(conf + PCI_PREF_MEMORY_LIMIT,
+ PCI_PREF_RANGE_MASK & 0x);
+pci_set_word(conf + PCI_PREF_BASE_UPPER32, 0);
+pci_set_word(conf + PCI_PREF_LIMIT_UPPER32, 0);
+}
+
 /* reset bridge specific configuration registers */
 void pci_bridge_reset_reg(PCIDevice *dev)
 {
@@ -161,12 +181,28 @@ void pci_bridge_reset_reg(PCIDevice *dev)
 conf[PCI_SUBORDINATE_BUS] = 0;
 conf[PCI_SEC_LATENCY_TIMER] = 0;
 
-conf[PCI_IO_BASE] = 0;
-conf[PCI_IO_LIMIT] = 0;
-pci_set_word(conf + PCI_MEMORY_BASE, 0);
-pci_set_word(conf + PCI_MEMORY_LIMIT, 0);
-pci_set_word(conf + PCI_PREF_MEMORY_BASE, 0);
-pci_set_word(conf + PCI_PREF_MEMORY_LIMIT, 0);
+/*
+ * the default values for base/limit registers aren't specified
+ * in the PCI-to-PCI-bridge spec. So we don't thouch them here.
+ * Each implementation can override it.
+ * typical implementation does
+ * zero base/limit registers or
+ * disable forwarding: pci_bridge_disable_base_limit()
+ * If disable forwarding is wanted, call pci_bridge_disable_base_limit()
+ * after this function.
+ */
+pci_byte_test_and_clear_mask(conf + PCI_IO_BASE,
+ PCI_IO_RANGE_MASK & 0xff);
+pci_byte_test_and_clear_mask(conf + PCI_IO_LIMIT,
+ PCI_IO_RANGE_MASK & 0xff);
+pci_word_test_and_clear_mask(conf + PCI_MEMORY_BASE,
+ PCI_MEMORY_RANGE_MASK & 0x);
+pci_word_test_and_clear_mask(conf + PCI_MEMORY_LIMIT,
+ PCI_MEMORY_RANGE_MASK & 0x);
+pci_word_test_and_clear_mask(conf + PCI_PREF_MEMORY_BASE,
+ PCI_PREF_RANGE_MASK & 0x);
+pci_word_test_and_clear_mask(conf + PCI_PREF_MEMORY_LIMIT,
+ PCI_PREF_RANGE_MASK & 0x);
 pci_set_word(conf + PCI_PREF_BASE_UPPER32, 0);
 pci_set_word(conf + PCI_PREF_LIMIT_UPPER32, 0);
 
diff --git a/hw/pci_bridge.h b/hw/pci_bridge.h
index f6fade0..84411a6 100644
--- a/hw/pci_bridge.h
+++ b/hw/pci_bridge.h
@@ -39,6 +39,7 @@ pcibus_t pci_bridge_get_limit(const PCIDevice *bridge, 
uint8_t type);
 
 void pci_bridge_write_config(PCIDevice *d,
  uint32_t address, uint32_t val, int len);
+void pci_bridge_disable_base_limit(PCIDevice *dev);
 void pci_bridge_reset_reg(PCIDevice *dev);
 void pci_bridge_reset(DeviceState *qdev);
 
-- 
1.7.1.1



-- 
yamahata

Re: [Qemu-devel] Re: KVM call agenda for Oct 19

[Kevin Wolf]

Am 19.10.2010 19:09, schrieb Anthony Liguori:
> On 10/19/2010 11:54 AM, Ayal Baron wrote:
>> - "Anthony Liguori"  wrote:
>>
>>
>>> On 10/19/2010 07:48 AM, Dor Laor wrote:
>>>  
 On 10/19/2010 04:11 AM, Chris Wright wrote:

> * Juan Quintela (quint...@redhat.com) wrote:
>  
>> Please send in any agenda items you are interested in covering.
>>
> - 0.13.X -stable handoff
> - 0.14 planning
> - threadlet work
> - virtfs proposals
>
>  
 - Live snapshots
- We were asked to add this feature for external qcow2
  images. Will simple approach of fsync + tracking each requested
  backing file (it can be per vDisk) and re-open the new image

>>> would
>>>  
  be accepted?

>>> I had assumed that this would involve:
>>>
>>> qemu -hda windows.img
>>>
>>> (qemu) snapshot ide0-disk0 snap0.img
>>>
>>> 1) create snap0.img internally by doing the equivalent of `qemu-img
>>> create -f qcow2 -b windows.img snap0.img'
>>> 2) bdrv_flush('ide0-disk0')
>>> 3) bdrv_open(snap0.img)
>>> 4) bdrv_close(windows.img)
>>> 5) rename('windows.img', 'windows.img.tmp')
>>> 6) rename('snap0.img', 'windows.img')
>>> 7) rename('windows.img.tmp', 'snap0.img')
>>>  
>> All the rename logic assumes files, need to take into account devices as 
>> well (namely LVs)
>>
> 
> Sure, just s/rename/lvrename/g.

That would mean that you need to have both backing file and new COW
image on LVs.

> The renaming step can be optional and a management tool can take care of 
> that.  It's really just there for convenience since the user expectation 
> is that when you give a name of a snapshot, that the snapshot is 
> reflected in that name not that the new in-use image is that name.

I think that depends on the terminology you use.

If you call it doing a snapshot, then probably people expect that the
snapshot is a new file and they continue to work on the same file (and
they may not understand that removing the snapshot destroys the "main"
image).

If you call it something like creating a new branch, they will expect
that the old file stays as it is and they create something new on top of
that.

So maybe we shouldn't start doing renames (which we cannot do for
anything but files anyway, consider not only LVs, but also nbd or http
backends), but rather think of a good name for the operation.

Kevin

Re: [Qemu-devel] [PATCH 2/3] Make paio subsystem use threadlets

[Stefan Hajnoczi]

On Tue, Oct 19, 2010 at 6:43 PM, Arun R Bharadwaj
 wrote:
> From: Gautham R Shenoy 
>
> This patch makes the paio subsystem use the threadlet framework thereby
> decoupling asynchronous threading framework portion out of
> posix-aio-compat.c
>
> The patch has been tested with fstress.
>
> Signed-off-by: Gautham R Shenoy 
> Signed-off-by: Sripathi Kodi 
> ---
>  posix-aio-compat.c |  166 
> +---
>  1 files changed, 30 insertions(+), 136 deletions(-)
>
> diff --git a/posix-aio-compat.c b/posix-aio-compat.c
> index 7b862b5..6977c18 100644
> --- a/posix-aio-compat.c
> +++ b/posix-aio-compat.c
> @@ -29,6 +29,7 @@
>  #include "block_int.h"
>
>  #include "block/raw-posix-aio.h"
> +#include "qemu-threadlets.h"
>
>
>  struct qemu_paiocb {
> @@ -51,6 +52,7 @@ struct qemu_paiocb {
>     struct qemu_paiocb *next;
>
>     int async_context_id;
> +    ThreadletWork work;

The QTAILQ_ENTRY(qemu_paiocb) node field is no longer used, please remove it.

>  };
>
>  typedef struct PosixAioState {
> @@ -59,15 +61,6 @@ typedef struct PosixAioState {
>  } PosixAioState;
>
>
> -static pthread_mutex_t lock = PTHREAD_MUTEX_INITIALIZER;
> -static pthread_cond_t cond = PTHREAD_COND_INITIALIZER;
> -static pthread_t thread_id;
> -static pthread_attr_t attr;
> -static int max_threads = 64;
> -static int cur_threads = 0;
> -static int idle_threads = 0;
> -static QTAILQ_HEAD(, qemu_paiocb) request_list;
> -
>  #ifdef CONFIG_PREADV
>  static int preadv_present = 1;
>  #else
> @@ -85,39 +78,6 @@ static void die(const char *what)
>     die2(errno, what);
>  }
>
> -static void mutex_lock(pthread_mutex_t *mutex)
> -{
> -    int ret = pthread_mutex_lock(mutex);
> -    if (ret) die2(ret, "pthread_mutex_lock");
> -}
> -
> -static void mutex_unlock(pthread_mutex_t *mutex)
> -{
> -    int ret = pthread_mutex_unlock(mutex);
> -    if (ret) die2(ret, "pthread_mutex_unlock");
> -}
> -
> -static int cond_timedwait(pthread_cond_t *cond, pthread_mutex_t *mutex,
> -                           struct timespec *ts)
> -{
> -    int ret = pthread_cond_timedwait(cond, mutex, ts);
> -    if (ret && ret != ETIMEDOUT) die2(ret, "pthread_cond_timedwait");
> -    return ret;
> -}
> -
> -static void cond_signal(pthread_cond_t *cond)
> -{
> -    int ret = pthread_cond_signal(cond);
> -    if (ret) die2(ret, "pthread_cond_signal");
> -}
> -
> -static void thread_create(pthread_t *thread, pthread_attr_t *attr,
> -                          void *(*start_routine)(void*), void *arg)
> -{
> -    int ret = pthread_create(thread, attr, start_routine, arg);
> -    if (ret) die2(ret, "pthread_create");
> -}
> -
>  static ssize_t handle_aiocb_ioctl(struct qemu_paiocb *aiocb)
>  {
>     int ret;
> @@ -301,106 +261,51 @@ static ssize_t handle_aiocb_rw(struct qemu_paiocb 
> *aiocb)
>     return nbytes;
>  }
>
> -static void *aio_thread(void *unused)
> +static void aio_thread(ThreadletWork *work)
>  {
>     pid_t pid;
> +    struct qemu_paiocb *aiocb = container_of(work, struct qemu_paiocb, work);
> +    ssize_t ret = 0;
>
>     pid = getpid();
> +    aiocb->active = 1;
>
> -    while (1) {
> -        struct qemu_paiocb *aiocb;
> -        ssize_t ret = 0;
> -        qemu_timeval tv;
> -        struct timespec ts;
> -
> -        qemu_gettimeofday(&tv);
> -        ts.tv_sec = tv.tv_sec + 10;
> -        ts.tv_nsec = 0;
> -
> -        mutex_lock(&lock);
> -
> -        while (QTAILQ_EMPTY(&request_list) &&
> -               !(ret == ETIMEDOUT)) {
> -            ret = cond_timedwait(&cond, &lock, &ts);
> -        }
> -
> -        if (QTAILQ_EMPTY(&request_list))
> -            break;
> -
> -        aiocb = QTAILQ_FIRST(&request_list);
> -        QTAILQ_REMOVE(&request_list, aiocb, node);
> -        aiocb->active = 1;
> -        idle_threads--;
> -        mutex_unlock(&lock);
> -
> -        switch (aiocb->aio_type & QEMU_AIO_TYPE_MASK) {
> -        case QEMU_AIO_READ:
> -        case QEMU_AIO_WRITE:
> -            ret = handle_aiocb_rw(aiocb);
> -            break;
> -        case QEMU_AIO_FLUSH:
> -            ret = handle_aiocb_flush(aiocb);
> -            break;
> -        case QEMU_AIO_IOCTL:
> -            ret = handle_aiocb_ioctl(aiocb);
> -            break;
> -        default:
> -            fprintf(stderr, "invalid aio request (0x%x)\n", aiocb->aio_type);
> -            ret = -EINVAL;
> -            break;
> -        }
> -
> -        mutex_lock(&lock);
> -        aiocb->ret = ret;
> -        idle_threads++;
> -        mutex_unlock(&lock);
> -
> -        if (kill(pid, aiocb->ev_signo)) die("kill failed");
> +    switch (aiocb->aio_type & QEMU_AIO_TYPE_MASK) {
> +    case QEMU_AIO_READ:
> +    case QEMU_AIO_WRITE:
> +        ret = handle_aiocb_rw(aiocb);
> +        break;
> +    case QEMU_AIO_FLUSH:
> +        ret = handle_aiocb_flush(aiocb);
> +        break;
> +    case QEMU_AIO_IOCTL:
> +        ret = handle_aiocb_ioctl(aiocb);
> +        break;
> +    default:
> +        fprintf(stderr, "invalid aio request (0x%x)\n", aiocb->aio_ty

Re: [Qemu-devel] Re: KVM call agenda for Oct 19

[Ayal Baron]

- "Kevin Wolf"  wrote:

> Am 19.10.2010 19:09, schrieb Anthony Liguori:
> > On 10/19/2010 11:54 AM, Ayal Baron wrote:
> >> - "Anthony Liguori"  wrote:
> >>
> >>
> >>> On 10/19/2010 07:48 AM, Dor Laor wrote:
> >>>  
>  On 10/19/2010 04:11 AM, Chris Wright wrote:
> 
> > * Juan Quintela (quint...@redhat.com) wrote:
> >  
> >> Please send in any agenda items you are interested in
> covering.
> >>
> > - 0.13.X -stable handoff
> > - 0.14 planning
> > - threadlet work
> > - virtfs proposals
> >
> >  
>  - Live snapshots
> - We were asked to add this feature for external qcow2
>   images. Will simple approach of fsync + tracking each
> requested
>   backing file (it can be per vDisk) and re-open the new
> image
> 
> >>> would
> >>>  
>   be accepted?
> 
> >>> I had assumed that this would involve:
> >>>
> >>> qemu -hda windows.img
> >>>
> >>> (qemu) snapshot ide0-disk0 snap0.img
> >>>
> >>> 1) create snap0.img internally by doing the equivalent of
> `qemu-img
> >>> create -f qcow2 -b windows.img snap0.img'
> >>> 2) bdrv_flush('ide0-disk0')
> >>> 3) bdrv_open(snap0.img)
> >>> 4) bdrv_close(windows.img)
> >>> 5) rename('windows.img', 'windows.img.tmp')
> >>> 6) rename('snap0.img', 'windows.img')
> >>> 7) rename('windows.img.tmp', 'snap0.img')
> >>>  
> >> All the rename logic assumes files, need to take into account
> devices as well (namely LVs)
> >>
> > 
> > Sure, just s/rename/lvrename/g.
> 
> That would mean that you need to have both backing file and new COW
> image on LVs.

That is indeed the way we work (LVs all the way) and you are correct that qemu 
should not assume this, but as Anthony said, the rename bit should be optional 
(and we would opt to go without) if at all.

> 
> > The renaming step can be optional and a management tool can take
> care of 
> > that.  It's really just there for convenience since the user
> expectation 
> > is that when you give a name of a snapshot, that the snapshot is 
> > reflected in that name not that the new in-use image is that name.
> 
> I think that depends on the terminology you use.
> 
> If you call it doing a snapshot, then probably people expect that the
> snapshot is a new file and they continue to work on the same file
> (and
> they may not understand that removing the snapshot destroys the
> "main"
> image).
> 
> If you call it something like creating a new branch, they will expect
> that the old file stays as it is and they create something new on top
> of
> that.
> 
> So maybe we shouldn't start doing renames (which we cannot do for
> anything but files anyway, consider not only LVs, but also nbd or
> http
> backends), but rather think of a good name for the operation.
> 
> Kevin

[Qemu-devel] Re: [PATCH v6 09/12] pcie/aer: glue aer error injection into qemu monitor

[Michael S. Tsirkin]

On Wed, Oct 20, 2010 at 05:18:58PM +0900, Isaku Yamahata wrote:
> introduce pcie_aer_inject_error command.
> 
> Signed-off-by: Isaku Yamahata 
> ---
> Changes v3 -> v4:
> - s/PCIE_AER/PCIEAER/g for structure names.
> - compilation adjustment.
> 
> Changes v2 -> v3:
> - compilation adjustment.
> ---
>  hw/pcie_aer.c   |   84 
> +++
>  qemu-monitor.hx |   22 ++
>  sysemu.h|5 +++
>  3 files changed, 111 insertions(+), 0 deletions(-)
> 
> diff --git a/hw/pcie_aer.c b/hw/pcie_aer.c
> index b8cede3..459e0d7 100644
> --- a/hw/pcie_aer.c
> +++ b/hw/pcie_aer.c
> @@ -19,6 +19,8 @@
>   */
>  
>  #include "sysemu.h"
> +#include "qemu-objects.h"
> +#include "monitor.h"
>  #include "pci_bridge.h"
>  #include "pcie.h"
>  #include "msix.h"
> @@ -778,3 +780,85 @@ const VMStateDescription vmstate_pcie_aer_log = {
>  }
>  };
>  
> +void pcie_aer_inject_error_print(Monitor *mon, const QObject *data)
> +{
> +QDict *qdict;
> +int devfn;
> +assert(qobject_type(data) == QTYPE_QDICT);
> +qdict = qobject_to_qdict(data);
> +
> +devfn = (int)qdict_get_int(qdict, "devfn");
> +monitor_printf(mon, "OK domain: %x, bus: %x devfn: %x.%x\n",
> +   (int) qdict_get_int(qdict, "domain"),
> +   (int) qdict_get_int(qdict, "bus"),
> +   PCI_SLOT(devfn), PCI_FUNC(devfn));
> +}
> +
> +int do_pcie_aer_inejct_error(Monitor *mon,
> + const QDict *qdict, QObject **ret_data)
> +{
> +const char *pci_addr = qdict_get_str(qdict, "pci_addr");
> +int dom;
> +int bus;
> +unsigned int slot;
> +unsigned int func;
> +PCIDevice *dev;
> +PCIEAERErr err;
> +
> +/* Ideally qdev device path should be used.
> + * However at the moment there is no reliable way to determine
> + * wheher a given qdev is pci device or not.
> + * so pci_addr is used.
> + */
> +if (pci_parse_devaddr(pci_addr, &dom, &bus, &slot, &func)) {
> +monitor_printf(mon, "invalid pci address %s\n", pci_addr);
> +return -1;
> +}
> +dev = pci_find_device(pci_find_root_bus(dom), bus, slot, func);
> +if (!dev) {
> +monitor_printf(mon, "device is not found. 0x%x:0x%x.0x%x\n",
> +   bus, slot, func);
> +return -1;
> +}
> +if (!pci_is_express(dev)) {
> +monitor_printf(mon, "the device doesn't support pci express. "
> +   "0x%x:0x%x.0x%x\n",
> +   bus, slot, func);
> +return -1;
> +}
> +
> +err.status = qdict_get_int(qdict, "error_status");
> +err.source_id = (pci_bus_num(dev->bus) << 8) | dev->devfn;
> +
> +err.flags = 0;
> +if (qdict_get_int(qdict, "is_correctable")) {
> +err.flags |= PCIE_AER_ERR_IS_CORRECTABLE;
> +}
> +if (qdict_get_int(qdict, "advisory_non_fatal")) {
> +err.flags |= PCIE_AER_ERR_MAYBE_ADVISORY;
> +}
> +if (qdict_haskey(qdict, "tlph0")) {
> +err.flags |= PCIE_AER_ERR_HEADER_VALID;
> +}
> +if (qdict_haskey(qdict, "hpfx0")) {
> +err.flags |= PCIE_AER_ERR_TLP_PRESENT;
> +}
> +
> +err.header[0] = qdict_get_try_int(qdict, "tlph0", 0);
> +err.header[1] = qdict_get_try_int(qdict, "tlph1", 0);
> +err.header[2] = qdict_get_try_int(qdict, "tlph2", 0);
> +err.header[3] = qdict_get_try_int(qdict, "tlph3", 0);
> +
> +err.prefix[0] = qdict_get_try_int(qdict, "hpfx0", 0);
> +err.prefix[1] = qdict_get_try_int(qdict, "hpfx1", 0);
> +err.prefix[2] = qdict_get_try_int(qdict, "hpfx2", 0);
> +err.prefix[3] = qdict_get_try_int(qdict, "hpfx3", 0);

Can't we use a list or something? Sticking index in key name in this way
seems ugly.

> +pcie_aer_inject_error(dev, &err);
> +*ret_data = qobject_from_jsonf("{ 'domain': %d, 'bus': %d, 'devfn': %d 
> }",
> +   pci_find_domain(dev->bus),
> +   pci_bus_num(dev->bus), dev->devfn);
> +assert(*ret_data);
> +
> +return 0;
> +}
> diff --git a/qemu-monitor.hx b/qemu-monitor.hx
> index 965c754..ccb3d0e 100644
> --- a/qemu-monitor.hx
> +++ b/qemu-monitor.hx
> @@ -1168,6 +1168,28 @@ Push PCI express attention button
>  ETEXI
>  
>  {
> +.name   = "pcie_aer_inject_error",
> +.args_type  = "advisory_non_fatal:-a,is_correctable:-c,"
> +   "pci_addr:s,error_status:i,"
> +   "tlph0:i?,tlph1:i?,tlph2:i?,tlph3:i?,"
> +   "hpfx0:i?,hpfx1:i?,hpfx2:i?,hpfx3:i?",
> +.params = "[-a] [-c] [[:]:]. "
> +   " "
> +   "[] "
> +   "[]",
> +.help   = "inject pcie aer error "
> +"(use -a for advisory non fatal error) "
> +"(use -c for correctrable error)",
> +.user_print  = pcie_aer_inject_error_print,
> +.mhandler.cmd_new = do_pcie_aer_inejct_error,
> +},

[Qemu-devel] Using libqemu for static analysis?

[Matt Lewis]

Hello qemu-devel,

I'm thinking of using libqemu to translate binaries into a nicer
intermediate representation, in order to do various types of static
analysis, such as data flow analysis & constructing control flow
graphs.  Does this seem like a reasonable thing to do, or is there
some reason why libqemu is likely to be a bad fit that I haven't
spotted yet?

Cheers,
Matt

[Qemu-devel] [Tracing][RFC] QMP interface to toggle state of a trace-event

[Prerna Saxena]

QMP command trace-event to toggle state of a trace-event.
 Illustration :
 -> { "execute": "trace-event", "arguments": { "name": "qemu_malloc", "option": 
true} }
 <- { "return": {} }

Posting this as an RFC for now. I'll post the final version as a part of
 the cumulative QMP patchset for tracing ( including patches for query-* 
commands posted earlier : 
http://lists.gnu.org/archive/html/qemu-devel/2010-10/msg01232.html )

Signed-off-by: Prerna Saxena 
---
 hmp-commands.hx |2 +-
 monitor.c   |   43 +--
 qmp-commands.hx |   32 
 3 files changed, 70 insertions(+), 7 deletions(-)

diff --git a/hmp-commands.hx b/hmp-commands.hx
index 81999aa..76ec2fe 100644
--- a/hmp-commands.hx
+++ b/hmp-commands.hx
@@ -149,7 +149,7 @@ ETEXI
 .args_type  = "name:s,option:b",
 .params = "name on|off",
 .help   = "changes status of a specific trace event",
-.mhandler.cmd = do_change_trace_event_state,
+.mhandler.cmd = do_change_trace_event_state_hmp,
 },
 
 STEXI
diff --git a/monitor.c b/monitor.c
index c7e1f53..0766ed3 100644
--- a/monitor.c
+++ b/monitor.c
@@ -545,17 +545,43 @@ static void do_help_cmd(Monitor *mon, const QDict *qdict)
 }
 
 #ifdef CONFIG_SIMPLE_TRACE
-static void do_change_trace_event_state(Monitor *mon, const QDict *qdict)
+
+/**
+ * HMP handler to change trace event state.
+ *
+ */
+void do_change_trace_event_state_hmp(Monitor *mon, const QDict *qdict)
 {
-const char *tp_name = qdict_get_str(qdict, "name");
-bool new_state = qdict_get_bool(qdict, "option");
-int ret = st_change_trace_event_state(tp_name, new_state);
+if (!do_change_trace_event_state_generic(qdict)) {
+monitor_printf(mon, "unknown event name \"%s\"\n",
+  qdict_get_str(qdict, "name"));
+}
+}
 
-if (!ret) {
-monitor_printf(mon, "unknown event name \"%s\"\n", tp_name);
+/**
+ * QMP handler to change trace event state.
+ *
+ */
+static int do_change_trace_event_state_qmp(Monitor *mon, const QDict *qdict,
+   QObject **ret_data)
+{
+if (!do_change_trace_event_state_generic(qdict)) {
+qerror_report(QERR_INVALID_PARAMETER, qdict_get_str(qdict, "name"));
+return -1;
 }
+return 0;
 }
 
+/**
+ * Generic handler to change trace event state.
+ *
+ */
+static int do_change_trace_event_state_generic(const QDict *qdict)
+{
+const char *tp_name = qdict_get_str(qdict, "name");
+bool new_state = qdict_get_bool(qdict, "option");
+return st_change_trace_event_state(tp_name, new_state);
+}
 static void do_trace_file(Monitor *mon, const QDict *qdict)
 {
 const char *op = qdict_get_try_str(qdict, "op");
@@ -583,6 +609,11 @@ static void do_info_trace_file_to_qmp(Monitor *mon, 
QObject **ret_data)
 {
 *ret_data = st_print_file_to_qobject();
 }
+
+#else
+static int do_change_trace_event_state_qmp(Monitor *mon, const QDict *qdict,
+QObject **ret_data) {}
+
 #endif
 
 static void user_monitor_complete(void *opaque, QObject *ret_data)
diff --git a/qmp-commands.hx b/qmp-commands.hx
index bc79b55..7613d73 100644
--- a/qmp-commands.hx
+++ b/qmp-commands.hx
@@ -761,6 +761,38 @@ Example:
 
 Note: This command must be issued before issuing any other command.
 
+EQMP
+
+{
+.name   = "trace-event",
+.args_type  = "name:s,option:b",
+.params = "name on|off",
+.help   = "changes state of a specific trace event",
+.user_print = monitor_user_noop,
+.mhandler.cmd_new = do_change_trace_event_state_qmp,
+},
+
+SQMP
+trace-event
+---
+
+Change state of a trace-event.
+
+Arguments:
+
+- "name": name of trace-event (json-string)
+- "option": new state for the trace-event (json-bool)
+
+Example:
+
+-> { "execute": "trace-event", "arguments": { "name": "ABC", "option":false } }
+<- { "return": {} }
+
+Notes:
+
+(1) The 'query-trace-events' command should be used to check the new state 
+of the trace-event.
+
 3. Query Commands
 =
 
-- 
1.7.2.3



-- 
Prerna Saxena

Linux Technology Centre,
IBM Systems and Technology Lab,
Bangalore, India

Re: [Qemu-devel] qemu-0.13.0 compiling error on ppc64

[acrux]

On Wed, 20 Oct 2010 03:54:04 +0400 (MSD)
malc  wrote:

> On Wed, 20 Oct 2010, acrux wrote:
> 
> > -BEGIN PGP SIGNED MESSAGE-
> > Hash: SHA1
> > 
> > i've this error only on ppc64 compiling qemu-0.13.0:
> > 
> 
> It was fixed by b1d6d51d958bc98f5b6faa4d1d527c785a9ba7d6 which is 
> apparently not in 0.13.0, you can probably cherry pick it.
> 


hi, thanks a lot for your suggestion. Now tcg builds fine on ppc64 too.

cheers,
-acrux





> > [...]
> >   CCi386-softmmu/virtio-pci.o
> >   CCi386-softmmu/vhost_net.o
> >   CCi386-softmmu/virtio-9p.o
> >   CCi386-softmmu/rwhandler.o
> >   CCi386-softmmu/kvm-stub.o
> >   CCi386-softmmu/usb-ohci.o
> >   CCi386-softmmu/rtl8139.o
> >   CCi386-softmmu/e1000.o
> >   CCi386-softmmu/exec.o
> >   CCi386-softmmu/translate-all.o
> >   CCi386-softmmu/cpu-exec.o
> >   CCi386-softmmu/translate.o
> >   CCi386-softmmu/tcg/tcg.o
> > In file included from 
> > /usr/ports/ppc/opt/qemu/work/src/qemu-0.13.0/tcg/tcg.c:159:
> > /usr/ports/ppc/opt/qemu/work/src/qemu-0.13.0/tcg/ppc64/tcg-target.c: In 
> > function 'tcg_out_qemu_ld':
> > /usr/ports/ppc/opt/qemu/work/src/qemu-0.13.0/tcg/ppc64/tcg-target.c:749: 
> > error: too many arguments to function 'tcg_out_movi32'
> > make[1]: *** [tcg/tcg.o] Error 1
> > make: *** [subdir-i386-softmmu] Error 2
> > 
> > 
> > 
> > 
> > My testing systems are a PowerMac G5 and an IBM POWER4+.
> > CRUX PPC 2.6 (64bit)
> > binutils-2.20, glibc-2.11.2, gcc-4.4.5
> > 
> > cheers,
> > - - -acrux
> > 
> > - -- 
> > GNU/Linux on Power Architecture
> > CRUX PPC - http://cruxppc.org/
> > 

[Qemu-devel] Re: [PATCH v6 08/12] pcie/aer: helper functions for pcie aer capability

[Michael S. Tsirkin]

On Wed, Oct 20, 2010 at 05:18:57PM +0900, Isaku Yamahata wrote:
> This patch implements helper functions for pcie aer capability
> which will be used later.
> 
> Signed-off-by: Isaku Yamahata 

Some style comments and a couple of minor bugs.

> ---
> Chnages v5 -> v6:
> - cleaned up pcie_aer_write_config().
> - enum definition.
> 
> Changes v4 -> v5:
> - use pci_xxx_test_and_xxx_mask()
> - rewrote PCIDevice::written bits.
> - eliminated pcie_aer_notify()
> - introduced PCIExpressDevice::aer_intx
> 
> Changes v3 -> v4:
> - various naming fixes.
> - use pci bit operation helper function
> - eliminate errmsg function pointer
> - replace pci_shift_xxx() with PCIDevice::written
> - uncorrect error status register.
> - dropped pcie_aer_cap()
> 
> Changes v2 -> v3:
> - split out from pcie.[ch] to pcie_aer.[ch] to make the files sorter.
> - embeded PCIExpressDevice into PCIDevice.
> - CodingStyle fix
> ---
>  Makefile.objs |2 +-
>  hw/pcie.h |   14 +
>  hw/pcie_aer.c |  780 
> +
>  hw/pcie_aer.h |  105 
>  qemu-common.h |3 +
>  5 files changed, 903 insertions(+), 1 deletions(-)
>  create mode 100644 hw/pcie_aer.c
>  create mode 100644 hw/pcie_aer.h
> 
> diff --git a/Makefile.objs b/Makefile.objs
> index 138e545..48f98f3 100644
> --- a/Makefile.objs
> +++ b/Makefile.objs
> @@ -187,7 +187,7 @@ hw-obj-$(CONFIG_PIIX4) += piix4.o
>  # PCI watchdog devices
>  hw-obj-y += wdt_i6300esb.o
>  
> -hw-obj-y += pcie.o pcie_port.o
> +hw-obj-y += pcie.o pcie_aer.o pcie_port.o
>  hw-obj-y += msix.o msi.o
>  
>  # PCI network cards
> diff --git a/hw/pcie.h b/hw/pcie.h
> index 2871e27..415a680 100644
> --- a/hw/pcie.h
> +++ b/hw/pcie.h
> @@ -24,6 +24,7 @@
>  #include "hw.h"
>  #include "pci_regs.h"
>  #include "pcie_regs.h"
> +#include "pcie_aer.h"
>  
>  typedef enum {
>  /* for attention and power indicator */
> @@ -74,6 +75,19 @@ struct PCIExpressDevice {
>   * also initialize it when loaded as
>   * appropreately.
>   */
> +
> +/* AER */
> +uint16_t aer_cap;
> +PCIEAERLog aer_log;
> +unsigned int aer_intx;  /* INTx for error reporting
> + * default is 0 = INTA#
> + * If the chip wants to use other interrupt
> + * line, initialize this member with the
> + * desired number.
> + * If the chip dynamically changes this 
> member,
> + * also initialize it when loaded as
> + * appropreately.
> + */
>  };
>  
>  /* PCI express capability helper functions */
> diff --git a/hw/pcie_aer.c b/hw/pcie_aer.c
> new file mode 100644
> index 000..b8cede3
> --- /dev/null
> +++ b/hw/pcie_aer.c
> @@ -0,0 +1,780 @@
> +/*
> + * pcie_aer.c
> + *
> + * Copyright (c) 2010 Isaku Yamahata 
> + *VA Linux Systems Japan K.K.
> + *
> + * This program is free software; you can redistribute it and/or modify
> + * it under the terms of the GNU General Public License as published by
> + * the Free Software Foundation; either version 2 of the License, or
> + * (at your option) any later version.
> + *
> + * This program is distributed in the hope that it will be useful,
> + * but WITHOUT ANY WARRANTY; without even the implied warranty of
> + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
> + * GNU General Public License for more details.
> + *
> + * You should have received a copy of the GNU General Public License along
> + * with this program; if not, see .
> + */
> +
> +#include "sysemu.h"
> +#include "pci_bridge.h"
> +#include "pcie.h"
> +#include "msix.h"
> +#include "msi.h"
> +#include "pci_internals.h"
> +#include "pcie_regs.h"
> +
> +//#define DEBUG_PCIE
> +#ifdef DEBUG_PCIE
> +# define PCIE_DPRINTF(fmt, ...) \
> +fprintf(stderr, "%s:%d " fmt, __func__, __LINE__, ## __VA_ARGS__)
> +#else
> +# define PCIE_DPRINTF(fmt, ...) do {} while (0)
> +#endif
> +#define PCIE_DEV_PRINTF(dev, fmt, ...)  \
> +PCIE_DPRINTF("%s:%x "fmt, (dev)->name, (dev)->devfn, ## __VA_ARGS__)
> +
> +static void pcie_aer_clear_error(PCIDevice *dev);
> +static uint8_t pcie_aer_root_get_vector(PCIDevice *dev);
> +static AERMsgResult
> +pcie_aer_msg_alldev(PCIDevice *dev, const PCIEAERMsg *msg);
> +static AERMsgResult
> +pcie_aer_msg_vbridge(PCIDevice *dev, const PCIEAERMsg *msg);
> +static AERMsgResult
> +pcie_aer_msg_root_port(PCIDevice *dev, const PCIEAERMsg *msg);

Just make the above bool, e.g. true if sent?

Also don't forward declare static functions. Just order them properly in the
file.

> +
> +/* From 6.2.7 Error Listing and Rules. Table 6-2, 6-3 and 6-4 */
> +static PCIEAERSeverity pcie_ae

[Qemu-devel] Re: [PATCH v6 07/12] pcie/hotplug: introduce pushing attention button command

[Michael S. Tsirkin]

On Wed, Oct 20, 2010 at 05:18:56PM +0900, Isaku Yamahata wrote:
> glue pcie_push_attention_button command.
> 
> Signed-off-by: Isaku Yamahata 

So as a high level command, I think we need to
think about how to tie this into pci_add/pci_del.
Right?
As a low level command, this is not really useful unless
there is an event on LED status change and a way
to get info on LED status.
Right?

> ---
>  hw/pcie_port.c  |   82 
> +++
>  qemu-monitor.hx |   14 +
>  sysemu.h|4 +++
>  3 files changed, 100 insertions(+), 0 deletions(-)
> 
> diff --git a/hw/pcie_port.c b/hw/pcie_port.c
> index 117de61..f43a1c7 100644
> --- a/hw/pcie_port.c
> +++ b/hw/pcie_port.c
> @@ -18,6 +18,10 @@
>   * with this program; if not, see .
>   */
>  
> +#include "qemu-objects.h"
> +#include "sysemu.h"
> +#include "monitor.h"
> +#include "pcie.h"
>  #include "pcie_port.h"
>  
>  void pcie_port_init_reg(PCIDevice *d)
> @@ -114,3 +118,81 @@ void pcie_chassis_del_slot(PCIESlot *s)
>  {
>  QLIST_REMOVE(s, next);
>  }
> +
> +/**
> + * glue for qemu monitor
> + */
> +
> +/* Parse [.], return -1 on error */
> +static int pcie_parse_slot_addr(const char* slot_addr,
> +uint8_t *chassisp, uint16_t *slotp)
> +{
> +const char *p;
> +char *e;
> +unsigned long val;
> +unsigned long chassis = 0;
> +unsigned long slot;
> +
> +p = slot_addr;
> +val = strtoul(p, &e, 0);
> +if (e == p) {
> +return -1;
> +}
> +if (*e == '.') {
> +chassis = val;
> +p = e + 1;
> +val = strtoul(p, &e, 0);
> +if (e == p) {
> +return -1;
> +}
> +}
> +slot = val;
> +
> +if (*e) {
> +return -1;
> +}
> +
> +if (chassis > 0xff || slot > 0x) {
> +return -1;
> +}
> +
> +*chassisp = chassis;
> +*slotp = slot;
> +return 0;
> +}
> +
> +void pcie_attention_button_push_print(Monitor *mon, const QObject *data)
> +{
> +QDict *qdict;
> +
> +assert(qobject_type(data) == QTYPE_QDICT);
> +qdict = qobject_to_qdict(data);
> +
> +monitor_printf(mon, "OK chassis %d, slot %d\n",
> +   (int) qdict_get_int(qdict, "chassis"),
> +   (int) qdict_get_int(qdict, "slot"));
> +}
> +
> +int pcie_attention_button_push(Monitor *mon, const QDict *qdict,
> +   QObject **ret_data)
> +{
> +const char* pcie_slot = qdict_get_str(qdict, "pcie_slot");
> +uint8_t chassis;
> +uint16_t slot;
> +PCIESlot *s;
> +
> +if (pcie_parse_slot_addr(pcie_slot, &chassis, &slot) < 0) {
> +monitor_printf(mon, "invalid pcie slot address %s\n", pcie_slot);
> +return -1;
> +}
> +s = pcie_chassis_find_slot(chassis, slot);
> +if (!s) {
> +monitor_printf(mon, "slot is not found. %s\n", pcie_slot);
> +return -1;
> +}
> +pcie_cap_slot_push_attention_button(&s->port.br.dev);
> +*ret_data = qobject_from_jsonf("{ 'chassis': %d, 'slot': %d}",
> +   chassis, slot);
> +assert(*ret_data);
> +return 0;
> +}
> diff --git a/qemu-monitor.hx b/qemu-monitor.hx
> index 2af3de6..965c754 100644
> --- a/qemu-monitor.hx
> +++ b/qemu-monitor.hx
> @@ -1154,6 +1154,20 @@ Hot remove PCI device.
>  ETEXI
>  
>  {
> +.name   = "pcie_push_attention_button",
> +.args_type  = "pcie_slot:s",
> +.params = "[.]",
> +.help   = "push pci express attention button",
> +.user_print  = pcie_attention_button_push_print,
> +.mhandler.cmd_new = pcie_attention_button_push,
> +},
> +
> +STEXI
> +...@item pcie_abp
> +Push PCI express attention button
> +ETEXI
> +
> +{
>  .name   = "host_net_add",
>  .args_type  = "device:s,opts:s?",
>  .params = "tap|user|socket|vde|dump [options]",
> diff --git a/sysemu.h b/sysemu.h
> index 9c988bb..cca411d 100644
> --- a/sysemu.h
> +++ b/sysemu.h
> @@ -150,6 +150,10 @@ extern unsigned int nb_prom_envs;
>  void pci_device_hot_add(Monitor *mon, const QDict *qdict);
>  void drive_hot_add(Monitor *mon, const QDict *qdict);
>  void do_pci_device_hot_remove(Monitor *mon, const QDict *qdict);
> +/* pcie hotplug */
> +void pcie_attention_button_push_print(Monitor *mon, const QObject *data);
> +int pcie_attention_button_push(Monitor *mon, const QDict *qdict,
> +   QObject **ret_data);
>  
>  /* serial ports */
>  
> -- 
> 1.7.1.1

[Qemu-devel] Re: [PATCH v6 02/12] pci/bridge: fix pci_bridge_reset()

[Michael S. Tsirkin]

On Wed, Oct 20, 2010 at 06:04:49PM +0900, Isaku Yamahata wrote:
> On Wed, Oct 20, 2010 at 10:49:20AM +0200, Michael S. Tsirkin wrote:
> > On Wed, Oct 20, 2010 at 05:18:51PM +0900, Isaku Yamahata wrote:
> > > The default value of base/limit registers aren't specified in the spec.
> > > So pci_bridge_reset() shouldn't touch them.
> > > Instead, introduced two functions to reset those registers in a way
> > > of typical implementation. zero base/limit registers or disable 
> > > forwarding.
> > > They will be used later.
> > > 
> > > Signed-off-by: Isaku Yamahata 
> > 
> > The commit message seems to be out of date?
> 
> Oops. Here's the update one. Only the commit log change.
> Should I resend the whole series?

No, I can handle that.

[Qemu-devel] Re: [PATCH v6 00/12] pcie port switch emulators

[Michael S. Tsirkin]

On Wed, Oct 20, 2010 at 05:18:49PM +0900, Isaku Yamahata wrote:
> Isaku Yamahata (12):
>   pcie: comment on hpev_intx
>   pci/bridge: fix pci_bridge_reset()
>   pcie port: define struct PCIEPort/PCIESlot and helper functions
>   ioh3420: pcie root port in X58 ioh
>   x3130: pcie upstream port
>   x3130: pcie downstream port

Applied patched 1-6 on my branch.
I'll give people a chance to comment and then we can merge.

Re: [Qemu-devel] KVM call minutes for Oct 19

[Avi Kivity]

 On 10/20/2010 10:21 AM, Alexander Graf wrote:

On 19.10.2010, at 17:14, Chris Wright wrote:

>  0.13.X -stable
>  - Anthony will send note to qemu-devel on this
>  - move 0.13.X -stable to a separate tree
>  - driven independently of main qemu tree
>  - challenge is always in the porting and testing of backported fixes
>  - looking for volunteers
>
>  0.14
>  - would like to do this before end of the year
>  - 0.13 forked off a while back (~July),
>  - 0.14 features
>   - QMP stabilized
> - 0.13.0 ->  0.14 QMP
> - hard attempt not to break compatibility
> - new commands, rework, async, human monitor passthrough
> - goal getting to libvirt not needing human monitor at all
> - QMP KVM autotest test suite submitted
>  - in-kernel apic, tpr patching still outstanding
>  - QED coroutine concurrency

Would it be realistic to declare deprecating the qemu-kvm fork for 0.14 as goal?


For general use perhaps, device assignment might need another cycle.

--
error compiling committee.c: too many arguments to function

[Qemu-devel] [Bug 654913] Re: Windows XP uses 200% CPU when given 2 VCPUs

[Michael Tokarev]

I think this can safely be closed - it's a known guest (winXP) behavour,
as in, "use right drivers".

** Changed in: qemu
   Status: New => Invalid

-- 
Windows XP uses 200% CPU when given 2 VCPUs
https://bugs.launchpad.net/bugs/654913
You received this bug notification because you are a member of qemu-
devel-ml, which is subscribed to QEMU.

Status in QEMU: Invalid

Bug description:
When using libvirt to give a domain 2 CPUs (2), the Windows XP kvm process will use 200% 
CPU when Windows is idle. Switching the number of CPUs back to 1, the kvm 
process gives normal idle percentages.

Using libvirt 0.8.3-1ubuntu9, tried with the following qemu-kvm packages:

qemu-kvm_0.12.4+noroms-0ubuntu7_amd64.deb
qemu-kvm_0.12.5+noroms-0ubuntu4_amd64.deb

The smp flag being set by libvirt is:

-smp 2,sockets=2,cores=1,threads=1

Re: [Qemu-devel] [PATCH 3/3] Add helper functions for virtio-9p to use threadlets

[Stefan Hajnoczi]

On Tue, Oct 19, 2010 at 6:43 PM, Arun R Bharadwaj
 wrote:
> From: Gautham R Shenoy 
>
> Add helper functions to enable virtio-9p make use of the threadlets
> infrastructure for offloading blocking tasks such as making posix calls on
> to the helper threads and handle the post_posix_operations() from the
> context of the iothread. This frees the vcpu thread to process any other guest
> operations while the processing of v9fs_io is in progress.
>
> Signed-off-by: Gautham R Shenoy 
> Signed-off-by: Sripathi Kodi 
> Signed-off-by: Arun R Bharadwaj 
> ---
>  hw/virtio-9p.c     |  165 
> 
>  posix-aio-compat.c |   33 +++---
>  qemu-threadlets.c  |   21 +++
>  qemu-threadlets.h  |    1
>  vl.c               |    3 +
>  5 files changed, 200 insertions(+), 23 deletions(-)

I wish --enable-io-thread was the default and only model.  The signals
and pipes are ugly and should be hidden behind a QEMU eventfd
abstraction, which would also reduce the code duplication between
posix-aio-compat.c and virtio-9p.  I'm not asking you to do this but I
hope we'll get there eventually.

Does anyone know why non-io-thread still exists and is used by default?

> diff --git a/hw/virtio-9p.c b/hw/virtio-9p.c
> index a871685..174300d 100644
> --- a/hw/virtio-9p.c
> +++ b/hw/virtio-9p.c
> @@ -18,6 +18,7 @@
>  #include "fsdev/qemu-fsdev.h"
>  #include "virtio-9p-debug.h"
>  #include "virtio-9p-xattr.h"
> +#include "qemu-threadlets.h"
>
>  int debug_9p_pdu;
>
> @@ -33,6 +34,146 @@ enum {
>     Oappend = 0x80,
>  };
>
> +struct v9fs_post_op {
> +    QTAILQ_ENTRY(v9fs_post_op) node;
> +    void (*func)(void *arg);
> +    void *arg;
> +};
> +
> +static struct {
> +    int rfd;
> +    int wfd;
> +    QemuMutex lock;
> +    QTAILQ_HEAD(, v9fs_post_op) post_op_list;
> +} v9fs_async_struct;
> +
> +static void die2(int err, const char *what)
> +{
> +    fprintf(stderr, "%s failed: %s\n", what, strerror(err));
> +    abort();
> +}
> +
> +static void die(const char *what)
> +{
> +    die2(errno, what);
> +}
> +
> +#define ASYNC_MAX_PROCESS   5

What does this constant define?  I think it is an arbitrary limit on
the amount of work you want to do per v9fs_process_post_ops() call?

> +
> +/**
> + * v9fs_process_post_ops: Process any pending v9fs_post_posix_operation
> + * @arg: Not used.
> + *
> + * This function serves as a callback to the iothread to be called into 
> whenever
> + * the v9fs_async_struct.wfd is written into. This thread goes through the 
> list
> + * of v9fs_post_posix_operations() and executes them. In the process, it 
> might
> + * queue more job on the asynchronous thread pool.
> + */
> +static void v9fs_process_post_ops(void *arg)
> +{
> +    int count = 0;
> +    struct v9fs_post_op *post_op;
> +    int ret;
> +    char byte;
> +
> +    qemu_mutex_lock(&v9fs_async_struct.lock);
> +    do {
> +        ret = read(v9fs_async_struct.rfd, &byte, sizeof(byte));
> +    } while (ret >= 0 && errno != EAGAIN);

ret >= 0 && errno != EAGAIN looks odd to me.  Should && be ||?

> +
> +    for (count = 0; count < ASYNC_MAX_PROCESS; count++) {
> +        if (QTAILQ_EMPTY(&(v9fs_async_struct.post_op_list))) {
> +           break;
> +        }
> +        post_op = QTAILQ_FIRST(&(v9fs_async_struct.post_op_list));
> +        QTAILQ_REMOVE(&(v9fs_async_struct.post_op_list), post_op, node);
> +
> +        qemu_mutex_unlock(&v9fs_async_struct.lock);
> +        post_op->func(post_op->arg);
> +        qemu_free(post_op);
> +        qemu_mutex_lock(&v9fs_async_struct.lock);
> +    }
> +    qemu_mutex_unlock(&v9fs_async_struct.lock);
> +}
> +
> +/**
> + * v9fs_async_signal: Inform the io-thread of completion of async job.
> + *
> + * This function is used to inform the iothread that a particular
> + * async-operation pertaining to v9fs has been completed and that the io 
> thread
> + * can handle the v9fs_post_posix_operation.
> + *
> + * This is based on the aio_signal_handler
> + */
> +static inline void v9fs_async_signal(void)
> +{
> +    char byte = 0;
> +    ssize_t ret;
> +    int tries = 0;
> +
> +    qemu_mutex_lock(&v9fs_async_struct.lock);
> +    do {
> +        assert(tries != 100);
> +       ret = write(v9fs_async_struct.wfd, &byte, sizeof(byte));
> +        tries++;
> +    } while (ret < 0 && errno == EAGAIN);
> +    qemu_mutex_unlock(&v9fs_async_struct.lock);
> +
> +    if (ret < 0 && errno != EAGAIN)
> +        die("write() in v9fs");
> +
> +    if (kill(getpid(), SIGUSR2)) die("kill failed");
> +}
> +
> +/**
> + * v9fs_async_helper_done: Marks the completion of the v9fs_async job
> + * @func: v9fs_post_posix_func() for post-processing invoked in the context 
> of
> + *        the io-thread
> + * @arg: Argument to func.
> + *
> + * This function is called from the context of one of the asynchronous 
> threads
> + * in the thread pool. This is called when the asynchronous thread has 
> finished
> + * executing a v9fs_posix_operation. It's purpose is to initiate the process 
> of
>

Re: [Qemu-devel] v6: [PATCH 0/3]: Threadlets: A generic task offloading framework

[Amit Shah]

On (Tue) Oct 19 2010 [23:12:20], Arun R Bharadwaj wrote:
> Hi,
> 
> This is the v6 of the patch-series to have a generic asynchronous task
> offloading framework (called threadlets) within qemu.
> 
> Request to consider pulling this series as discussed during the
> Qemu-devel call.

I tried this out with virtio-serial (patch below).  Have a couple of
things to note:

- Guests get a SIGUSR2 on startup sometimes.  This doesn't happen with
  qemu.git, so looks like it's introduced by this patchset.

- After running some tests, I get an abort.  I still have to look at
  what's causing it, but doesn't look like it's related to virtio-serial
  code.

Program received signal SIGABRT, Aborted.
0x003dc76329a5 in raise () from /lib64/libc.so.6
Missing separate debuginfos, use: debuginfo-install
SDL-1.2.14-8.fc13.x86_64 glibc-2.12.1-2.x86_64
libX11-1.3.1-3.fc13.x86_64 libXau-1.0.5-1.fc12.x86_64
libpng-1.2.44-1.fc13.x86_64 libxcb-1.5-1.fc13.x86_64
ncurses-libs-5.7-7.20100130.fc13.x86_64 zlib-1.2.3-23.fc12.x86_64
(gdb) bt
#0  0x003dc76329a5 in raise () from /lib64/libc.so.6
#1  0x003dc7634185 in abort () from /lib64/libc.so.6
#2  0x004bf829 in qemu_get_ram_ptr (addr=)
at /home/amit/src/qemu/exec.c:2936
#3  0x004bf9a7 in lduw_phys (addr=) at
/home/amit/src/qemu/exec.c:3836
#4  0x00557c90 in vring_avail_idx (vq=0x17b9320, idx=1333) at
/home/amit/src/qemu/hw/virtio.c:133
#5  virtqueue_num_heads (vq=0x17b9320, idx=1333) at
/home/amit/src/qemu/hw/virtio.c:252
#6  0x00557e5e in virtqueue_avail_bytes (vq=0x17b9320,
in_bytes=4096, out_bytes=0) at /home/amit/src/qemu/hw/virtio.c:311

- I'm using a threadlet to queue up several work items which are to be
  processed in a fifo order.  There's no cancel function for a threadlet
  that either processes all work and then quits the thread or just
  cancels all pending work and quits.

Amit


diff --git a/hw/virtio-serial-bus.c b/hw/virtio-serial-bus.c
index 74ba5ec..caaafbe 100644
--- a/hw/virtio-serial-bus.c
+++ b/hw/virtio-serial-bus.c
@@ -51,6 +51,14 @@ struct VirtIOSerial {
 struct virtio_console_config config;
 };
 
+typedef struct VirtIOSerialWork {
+ThreadletWork work;
+VirtIOSerialPort *port;
+VirtQueue *vq;
+VirtIODevice *vdev;
+int discard;
+} VirtIOSerialWork;
+
 static VirtIOSerialPort *find_port_by_id(VirtIOSerial *vser, uint32_t id)
 {
 VirtIOSerialPort *port;
@@ -113,10 +121,20 @@ static size_t write_to_port(VirtIOSerialPort *port,
 return offset;
 }
 
-static void do_flush_queued_data(VirtIOSerialPort *port, VirtQueue *vq,
- VirtIODevice *vdev, bool discard)
+static void async_flush_queued_data(ThreadletWork *work)
 {
+VirtIOSerialPort *port;
+VirtIOSerialWork *vs_work;
+VirtQueue *vq;
+VirtIODevice *vdev;
 VirtQueueElement elem;
+int discard;
+
+vs_work = DO_UPCAST(VirtIOSerialWork, work, work);
+port = vs_work->port;
+vq = vs_work->vq;
+vdev = vs_work->vdev;
+discard = vs_work->discard;
 
 assert(port || discard);
 assert(virtio_queue_ready(vq));
@@ -136,6 +154,24 @@ static void do_flush_queued_data(VirtIOSerialPort *port, 
VirtQueue *vq,
 virtqueue_push(vq, &elem, 0);
 }
 virtio_notify(vdev, vq);
+
+qemu_free(vs_work);
+}
+
+static void do_flush_queued_data(VirtIOSerialPort *port, VirtQueue *vq,
+ VirtIODevice *vdev, bool discard)
+{
+VirtIOSerialWork *vs_work;
+
+/* TODO: can just do the needful if discard is true */
+
+vs_work = qemu_malloc(sizeof(*vs_work));
+vs_work->work.func = async_flush_queued_data;
+vs_work->discard = discard;
+vs_work->vdev = vdev;
+vs_work->vq = vq;
+vs_work->port = port;
+submit_threadletwork_to_queue(&port->tqueue, &vs_work->work);
 }
 
 static void flush_queued_data(VirtIOSerialPort *port, bool discard)
@@ -699,6 +735,12 @@ static int virtser_port_qdev_init(DeviceState *qdev, 
DeviceInfo *base)
 port->ivq = port->vser->ivqs[port->id];
 port->ovq = port->vser->ovqs[port->id];
 
+/*
+ * Just one thread to process all the work -- we don't want guest
+ * buffers to be processed out-of-order.
+ */
+threadlet_queue_init(&port->tqueue, 1, 1);
+
 add_port(port->vser, port->id);
 
 /* Send an update to the guest about this new port added */
@@ -717,6 +759,8 @@ static int virtser_port_qdev_exit(DeviceState *qdev)
 
 QTAILQ_REMOVE(&vser->ports, port, next);
 
+/* TODO: Cancel threadlet */
+
 if (port->info->exit)
 port->info->exit(dev);
 
diff --git a/hw/virtio-serial.h b/hw/virtio-serial.h
index ff08c40..15e0982 100644
--- a/hw/virtio-serial.h
+++ b/hw/virtio-serial.h
@@ -15,6 +15,7 @@
 #ifndef _QEMU_VIRTIO_SERIAL_H
 #define _QEMU_VIRTIO_SERIAL_H
 
+#include "qemu-threadlets.h"
 #include "qdev.h"
 #include "virtio.h"
 
@@ -88,6 +89,13 @@ struct VirtIOSerialPort {
 VirtQueue *ivq, *ovq;
 
 /*
+ * Threadlet queue for pro

Re: [Qemu-devel] v6: [PATCH 0/3]: Threadlets: A generic task offloading framework

[Stefan Hajnoczi]

On Wed, Oct 20, 2010 at 12:57 PM, Amit Shah  wrote:
> On (Tue) Oct 19 2010 [23:12:20], Arun R Bharadwaj wrote:
>> Hi,
>>
>> This is the v6 of the patch-series to have a generic asynchronous task
>> offloading framework (called threadlets) within qemu.
>>
>> Request to consider pulling this series as discussed during the
>> Qemu-devel call.
>
> I tried this out with virtio-serial (patch below).  Have a couple of
> things to note:
>
> - Guests get a SIGUSR2 on startup sometimes.  This doesn't happen with
>  qemu.git, so looks like it's introduced by this patchset.
>
> - After running some tests, I get an abort.  I still have to look at
>  what's causing it, but doesn't look like it's related to virtio-serial
>  code.
>
> Program received signal SIGABRT, Aborted.
> 0x003dc76329a5 in raise () from /lib64/libc.so.6
> Missing separate debuginfos, use: debuginfo-install
> SDL-1.2.14-8.fc13.x86_64 glibc-2.12.1-2.x86_64
> libX11-1.3.1-3.fc13.x86_64 libXau-1.0.5-1.fc12.x86_64
> libpng-1.2.44-1.fc13.x86_64 libxcb-1.5-1.fc13.x86_64
> ncurses-libs-5.7-7.20100130.fc13.x86_64 zlib-1.2.3-23.fc12.x86_64
> (gdb) bt
> #0  0x003dc76329a5 in raise () from /lib64/libc.so.6
> #1  0x003dc7634185 in abort () from /lib64/libc.so.6
> #2  0x004bf829 in qemu_get_ram_ptr (addr=)
> at /home/amit/src/qemu/exec.c:2936
> #3  0x004bf9a7 in lduw_phys (addr=) at
> /home/amit/src/qemu/exec.c:3836
> #4  0x00557c90 in vring_avail_idx (vq=0x17b9320, idx=1333) at
> /home/amit/src/qemu/hw/virtio.c:133
> #5  virtqueue_num_heads (vq=0x17b9320, idx=1333) at
> /home/amit/src/qemu/hw/virtio.c:252
> #6  0x00557e5e in virtqueue_avail_bytes (vq=0x17b9320,
> in_bytes=4096, out_bytes=0) at /home/amit/src/qemu/hw/virtio.c:311
>
> - I'm using a threadlet to queue up several work items which are to be
>  processed in a fifo order.  There's no cancel function for a threadlet
>  that either processes all work and then quits the thread or just
>  cancels all pending work and quits.
>
>                Amit
>
>
> diff --git a/hw/virtio-serial-bus.c b/hw/virtio-serial-bus.c
> index 74ba5ec..caaafbe 100644
> --- a/hw/virtio-serial-bus.c
> +++ b/hw/virtio-serial-bus.c
> @@ -51,6 +51,14 @@ struct VirtIOSerial {
>     struct virtio_console_config config;
>  };
>
> +typedef struct VirtIOSerialWork {
> +    ThreadletWork work;
> +    VirtIOSerialPort *port;
> +    VirtQueue *vq;
> +    VirtIODevice *vdev;
> +    int discard;
> +} VirtIOSerialWork;
> +
>  static VirtIOSerialPort *find_port_by_id(VirtIOSerial *vser, uint32_t id)
>  {
>     VirtIOSerialPort *port;
> @@ -113,10 +121,20 @@ static size_t write_to_port(VirtIOSerialPort *port,
>     return offset;
>  }
>
> -static void do_flush_queued_data(VirtIOSerialPort *port, VirtQueue *vq,
> -                                 VirtIODevice *vdev, bool discard)
> +static void async_flush_queued_data(ThreadletWork *work)
>  {
> +    VirtIOSerialPort *port;
> +    VirtIOSerialWork *vs_work;
> +    VirtQueue *vq;
> +    VirtIODevice *vdev;
>     VirtQueueElement elem;
> +    int discard;
> +
> +    vs_work = DO_UPCAST(VirtIOSerialWork, work, work);
> +    port = vs_work->port;
> +    vq = vs_work->vq;
> +    vdev = vs_work->vdev;
> +    discard = vs_work->discard;
>
>     assert(port || discard);
>     assert(virtio_queue_ready(vq));

You cannot access guest memory using QEMU RAM functions (or use the
virtqueue_pop() function which uses them) from a thread without taking
the QEMU global mutex.

The abort stack trace is a result of accessing guest RAM from two
threads simultaneously.

In general it is not safe to use QEMU functions from a thread unless
they are explicitly written to work outside the QEMU global mutex.
Most functions assume the global mutex, which serializes I/O thread
and vcpu changes to global state, is held.

Stefan

[Qemu-devel] [Bug 663713] Re: Mouse frozen under an emulated ubuntu

[FredBezies]

Sorry, your "trick" doesn't work at all for me. I try to switch on / off
mouse capture in order to get it work. Nothing happens.

Any other idea ?

A freshly installed archlinux with gnome added works flawlessly.

-- 
Mouse frozen under an emulated ubuntu
https://bugs.launchpad.net/bugs/663713
You received this bug notification because you are a member of qemu-
devel-ml, which is subscribed to QEMU.

Status in QEMU: Incomplete

Bug description:
Qemu 0.13.0

Command line used :

qemu-system-x86_64 --enable-kvm -localtime -soundhw all -k fr -m 1500 -net user 
-net nic,model=rtl8139 -hda disk.img -cdrom ubuntu-10.10-desktop-amd64.iso 
-boot d

When I try to move mouse cursor in qemu, pointer is frozen. Nothing is moving. 
Was working perfectly with Qemu 0.12.5.

Re: [Qemu-devel] KVM call minutes for Oct 19

[Dor Laor]

On 10/20/2010 10:21 AM, Alexander Graf wrote:


On 19.10.2010, at 17:14, Chris Wright wrote:


0.13.X -stable
- Anthony will send note to qemu-devel on this
- move 0.13.X -stable to a separate tree
- driven independently of main qemu tree
- challenge is always in the porting and testing of backported fixes
- looking for volunteers

0.14
- would like to do this before end of the year
- 0.13 forked off a while back (~July),
- 0.14 features
  - QMP stabilized
- 0.13.0 ->  0.14 QMP
- hard attempt not to break compatibility
- new commands, rework, async, human monitor passthrough
- goal getting to libvirt not needing human monitor at all
- QMP KVM autotest test suite submitted
- in-kernel apic, tpr patching still outstanding
- QED coroutine concurrency


Would it be realistic to declare deprecating the qemu-kvm fork for 0.14 as goal?


Live snapshots
- merge snapshot?
  - already supported, question about mgmt of snapshot chain
- integrate with fsfreeze (and windows alternative)

Guest Agent
- have one coming RSN (poke Anthony for details)


Would there be a chance to have a single agent for everyone, so that we 
actually form a Qemu agent instead of a dozen individual ones? I'm mainly 
thinking Spice here.


More important than the number of instances is the usage of common 
framework. Here is the link to the Matahari project:

https://fedorahosted.org/matahari/wiki/API






Alex

Re: [Qemu-devel] KVM call minutes for Oct 19

[Anthony Liguori]

On 10/20/2010 03:21 AM, Alexander Graf wrote:

Live snapshots
- merge snapshot?
  - already supported, question about mgmt of snapshot chain
- integrate with fsfreeze (and windows alternative)

Guest Agent
- have one coming RSN (poke Anthony for details)
 

Would there be a chance to have a single agent for everyone, so that we 
actually form a Qemu agent instead of a dozen individual ones? I'm mainly 
thinking Spice here.
   


Our main design points are to keep the code simple with few dependencies 
and to provide interfaces that have the maximum amount of flexibility.


Having a single agent (not an agent framework) is important if we want 
these interfaces to be ubiquitous.  This really means that the guest 
agent should be part of the QEMU source tree IMHO so that there is 
always a standard version of the agent.


Regards,

Anthony Liguori


Alex

--
To unsubscribe from this list: send the line "unsubscribe kvm" in
the body of a message to majord...@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
   

Re: [Qemu-devel] [PATCH 1/3] Introduce threadlets

[Balbir Singh]

* Venkateswararao Jujjuri (JV)  [2010-10-19 20:46:35]:

> >> I think this is a lot more fragile.  You're relying on the fact that
> >> signal will not cause the signalled thread to actually awaken until
> >> we release the lock and doing work after signalling that the
> >> signalled thread needs to be completed before it wakes up.
> >>
> >> I think you're a lot more robust in the long term if you treat
> >> condition signalling as a hand off point because it makes the code a
> >> lot more explicit about what's happening.
> >>
> > 
> > OK, here is a situation that can happen
> > 
> > T1  T2
> > --- ---
> > threadlet   submit_threadletwork_to_queue
> > (sees condition as no work) mutex_lock
> > qemu_cond_timedwait add_work
> > ... mutex_unlock
> > 
> > T3
> > --
> > cancel_threadlet_work_on_queue
> > mutex_lock (grabs it) before T1 can
> > cancels the work
> > 
> > 
> > qemu_cond_signal
> > 
> > T1
> > --
> > Grabs mutex_lock (from within cond_timedwait)
> > Now there is no work to do, the condition
> > has changed before the thread wakes up
> 
> So what? It won't find any work and goes back to sleep or exits.
>

Spurious wakeups are not good - they waste CPU cycles, consume energy.
Beyond that if we look at generic design

a. We want the thread condition to not change before it wakes up
(reduce that window at-least)
b. Although we don't care about thread priorities today in threadlet,
if we ever did and by good design you'd want the thread your waking up
to be contending for the mutex as soon the notifier releases the lock,
otherwise a lower priority thread can starve the original sleeper.

The code as posted today, does not have functional issues except for
opening up the window for spurious wakeups.
 
> idle_threads is decremented only in threadlet_worker(). Given that
> we have a threadlet that is not doing anywork the assert should never hit 
> unless
> something horribly wrong .
>
 

-- 
Three Cheers,
Balbir

Re: [Qemu-devel] Re: KVM call agenda for Oct 19

[Anthony Liguori]

On 10/20/2010 04:18 AM, Kevin Wolf wrote:

Am 19.10.2010 19:09, schrieb Anthony Liguori:
   

On 10/19/2010 11:54 AM, Ayal Baron wrote:
 

- "Anthony Liguori"   wrote:


   

On 10/19/2010 07:48 AM, Dor Laor wrote:

 

On 10/19/2010 04:11 AM, Chris Wright wrote:

   

* Juan Quintela (quint...@redhat.com) wrote:

 

Please send in any agenda items you are interested in covering.

   

- 0.13.X -stable handoff
- 0.14 planning
- threadlet work
- virtfs proposals


 

- Live snapshots
- We were asked to add this feature for external qcow2
  images. Will simple approach of fsync + tracking each requested
  backing file (it can be per vDisk) and re-open the new image

   

would

 

  be accepted?

   

I had assumed that this would involve:

qemu -hda windows.img

(qemu) snapshot ide0-disk0 snap0.img

1) create snap0.img internally by doing the equivalent of `qemu-img
create -f qcow2 -b windows.img snap0.img'
2) bdrv_flush('ide0-disk0')
3) bdrv_open(snap0.img)
4) bdrv_close(windows.img)
5) rename('windows.img', 'windows.img.tmp')
6) rename('snap0.img', 'windows.img')
7) rename('windows.img.tmp', 'snap0.img')

 

All the rename logic assumes files, need to take into account devices as well 
(namely LVs)

   

Sure, just s/rename/lvrename/g.
 

That would mean that you need to have both backing file and new COW
image on LVs.
   


Yeah, I guess there are two options.  You could force a user to create 
the new leaf image or you could make the command take a blockdev spec 
excluding the backing_file and automatically insert the backing_file 
attribute into the spec before creating the bs.



The renaming step can be optional and a management tool can take care of
that.  It's really just there for convenience since the user expectation
is that when you give a name of a snapshot, that the snapshot is
reflected in that name not that the new in-use image is that name.
 

I think that depends on the terminology you use.

If you call it doing a snapshot, then probably people expect that the
snapshot is a new file and they continue to work on the same file (and
they may not understand that removing the snapshot destroys the "main"
image).

If you call it something like creating a new branch, they will expect
that the old file stays as it is and they create something new on top of
that.

So maybe we shouldn't start doing renames (which we cannot do for
anything but files anyway, consider not only LVs, but also nbd or http
backends), but rather think of a good name for the operation.
   


Yeah, that's a reasonable point.

Regards,

Anthony Liguori


Kevin
   

Re: [Qemu-devel] [PATCH 1/3] Introduce threadlets

[Anthony Liguori]

On 10/19/2010 09:22 PM, Balbir Singh wrote:


OK, here is a situation that can happen

T1  T2
--- ---
threadlet   submit_threadletwork_to_queue
(sees condition as no work) mutex_lock
qemu_cond_timedwait add_work
... mutex_unlock

T3
--
cancel_threadlet_work_on_queue
mutex_lock (grabs it) before T1 can
cancels the work


 qemu_cond_signal

T1
--
Grabs mutex_lock (from within cond_timedwait)
Now there is no work to do, the condition
has changed before the thread wakes up


The man page also states

"however, if predictable scheduling behavior is required, then that
mutex shall be locked by the thread calling pthread_cond_broadcast()
or pthread_cond_signal()"
   


The scenario you're describing is a spurious wakeup.  Any code that uses 
conditions ought to handle spurious wakeups.  The typical idiom for this is:


while (no_work_available()) {
   pthread_cond_wait(cond, lock);
}

So yes, pthread_cond_timedwait() will return but the while loop 
condition will be checked first.  In the scenario you describe, we'll go 
immediately back to sleep and the assert will not be triggered.


As I mentioned originally, in the absence of performance data, code 
readability trumps premature optimization.  I think the code is a lot 
more readable if the signaling point is outside of the mutex.


Regards,

Anthony Liguori

Re: [Qemu-devel] [PATCH 2/3] Make paio subsystem use threadlets

[Anthony Liguori]

On 10/20/2010 04:30 AM, Stefan Hajnoczi wrote:



 } else if (acb->ret == -EINPROGRESS) {
 active = 1;
 }
-mutex_unlock(&lock);

 if (active) {
 /* fail safe: if the aio could not be canceled, we wait for
 

while (qemu_paio_error(acb) == EINPROGRESS)
 ;

Tight loop with no memory barrier reading a memory location that is
updated by another thread.  We shouldn't communicate between threads
without barriers.
   


We shouldn't use a tight loop period.  A condition should be used if 
signalling is needed.


And we shouldn't rely on atomic assignments to communicate between 
threads.  Just use a mutex and avoid being fancier than we need to be.


Regards,

Anthony Liguori


Stefan

   

Re: [Qemu-devel] [PATCH 3/3] Add helper functions for virtio-9p to use threadlets

[Anthony Liguori]

On 10/20/2010 06:19 AM, Stefan Hajnoczi wrote:

On Tue, Oct 19, 2010 at 6:43 PM, Arun R Bharadwaj
  wrote:
   

From: Gautham R Shenoy

Add helper functions to enable virtio-9p make use of the threadlets
infrastructure for offloading blocking tasks such as making posix calls on
to the helper threads and handle the post_posix_operations() from the
context of the iothread. This frees the vcpu thread to process any other guest
operations while the processing of v9fs_io is in progress.

Signed-off-by: Gautham R Shenoy
Signed-off-by: Sripathi Kodi
Signed-off-by: Arun R Bharadwaj
---
  hw/virtio-9p.c |  165 
  posix-aio-compat.c |   33 +++---
  qemu-threadlets.c  |   21 +++
  qemu-threadlets.h  |1
  vl.c   |3 +
  5 files changed, 200 insertions(+), 23 deletions(-)
 

I wish --enable-io-thread was the default and only model.  The signals
and pipes are ugly and should be hidden behind a QEMU eventfd
abstraction, which would also reduce the code duplication between
posix-aio-compat.c and virtio-9p.  I'm not asking you to do this but I
hope we'll get there eventually.

Does anyone know why non-io-thread still exists and is used by default?
   


There are still issues with --enable-io-thread and TCG.

Regards,

Anthony Liguori

Re: [Qemu-devel] v6: [PATCH 0/3]: Threadlets: A generic task offloading framework

[Anthony Liguori]

On 10/20/2010 07:05 AM, Stefan Hajnoczi wrote:

On Wed, Oct 20, 2010 at 12:57 PM, Amit Shah  wrote:
   

On (Tue) Oct 19 2010 [23:12:20], Arun R Bharadwaj wrote:
 

Hi,

This is the v6 of the patch-series to have a generic asynchronous task
offloading framework (called threadlets) within qemu.

Request to consider pulling this series as discussed during the
Qemu-devel call.
   

I tried this out with virtio-serial (patch below).  Have a couple of
things to note:

- Guests get a SIGUSR2 on startup sometimes.  This doesn't happen with
  qemu.git, so looks like it's introduced by this patchset.

- After running some tests, I get an abort.  I still have to look at
  what's causing it, but doesn't look like it's related to virtio-serial
  code.

Program received signal SIGABRT, Aborted.
0x003dc76329a5 in raise () from /lib64/libc.so.6
Missing separate debuginfos, use: debuginfo-install
SDL-1.2.14-8.fc13.x86_64 glibc-2.12.1-2.x86_64
libX11-1.3.1-3.fc13.x86_64 libXau-1.0.5-1.fc12.x86_64
libpng-1.2.44-1.fc13.x86_64 libxcb-1.5-1.fc13.x86_64
ncurses-libs-5.7-7.20100130.fc13.x86_64 zlib-1.2.3-23.fc12.x86_64
(gdb) bt
#0  0x003dc76329a5 in raise () from /lib64/libc.so.6
#1  0x003dc7634185 in abort () from /lib64/libc.so.6
#2  0x004bf829 in qemu_get_ram_ptr (addr=)
at /home/amit/src/qemu/exec.c:2936
#3  0x004bf9a7 in lduw_phys (addr=) at
/home/amit/src/qemu/exec.c:3836
#4  0x00557c90 in vring_avail_idx (vq=0x17b9320, idx=1333) at
/home/amit/src/qemu/hw/virtio.c:133
#5  virtqueue_num_heads (vq=0x17b9320, idx=1333) at
/home/amit/src/qemu/hw/virtio.c:252
#6  0x00557e5e in virtqueue_avail_bytes (vq=0x17b9320,
in_bytes=4096, out_bytes=0) at /home/amit/src/qemu/hw/virtio.c:311

- I'm using a threadlet to queue up several work items which are to be
  processed in a fifo order.  There's no cancel function for a threadlet
  that either processes all work and then quits the thread or just
  cancels all pending work and quits.

Amit


diff --git a/hw/virtio-serial-bus.c b/hw/virtio-serial-bus.c
index 74ba5ec..caaafbe 100644
--- a/hw/virtio-serial-bus.c
+++ b/hw/virtio-serial-bus.c
@@ -51,6 +51,14 @@ struct VirtIOSerial {
 struct virtio_console_config config;
  };

+typedef struct VirtIOSerialWork {
+ThreadletWork work;
+VirtIOSerialPort *port;
+VirtQueue *vq;
+VirtIODevice *vdev;
+int discard;
+} VirtIOSerialWork;
+
  static VirtIOSerialPort *find_port_by_id(VirtIOSerial *vser, uint32_t id)
  {
 VirtIOSerialPort *port;
@@ -113,10 +121,20 @@ static size_t write_to_port(VirtIOSerialPort *port,
 return offset;
  }

-static void do_flush_queued_data(VirtIOSerialPort *port, VirtQueue *vq,
- VirtIODevice *vdev, bool discard)
+static void async_flush_queued_data(ThreadletWork *work)
  {
+VirtIOSerialPort *port;
+VirtIOSerialWork *vs_work;
+VirtQueue *vq;
+VirtIODevice *vdev;
 VirtQueueElement elem;
+int discard;
+
+vs_work = DO_UPCAST(VirtIOSerialWork, work, work);
+port = vs_work->port;
+vq = vs_work->vq;
+vdev = vs_work->vdev;
+discard = vs_work->discard;

 assert(port || discard);
 assert(virtio_queue_ready(vq));
 

You cannot access guest memory using QEMU RAM functions (or use the
virtqueue_pop() function which uses them) from a thread without taking
the QEMU global mutex.

The abort stack trace is a result of accessing guest RAM from two
threads simultaneously.

In general it is not safe to use QEMU functions from a thread unless
they are explicitly written to work outside the QEMU global mutex.
Most functions assume the global mutex, which serializes I/O thread
and vcpu changes to global state, is held.
   


Yes, threadlets are only meant to be used to make synchronous system 
calls asynchronous.  They are not meant to add parallelism to QEMU (yet).


Regards,

Anthony Liguori


Stefan

   

Re: [Qemu-devel] Git server hung

[Anthony Liguori]

On 10/19/2010 10:38 PM, Michael Crawford wrote:

git clone http://git.qemu.org/qemu.git
   


git clone git://git.qemu.org/qemu.git

The http protocol is not very efficient with git.

Regards,

Anthony Liguori


This initializes a repository in qemu/.git and starts downloading from
the git server.

After 60 or 70 mb - as seen via "du -s" it stops downloading.  The
"git clone" never completes.

How many mb should be in my .git directory?

Thanks,

Mike

   

Re: [Qemu-devel] KVM call minutes for Oct 19

[Daniel P. Berrange]

On Wed, Oct 20, 2010 at 08:02:07AM -0500, Anthony Liguori wrote:
> On 10/20/2010 03:21 AM, Alexander Graf wrote:
> >>Live snapshots
> >>- merge snapshot?
> >>  - already supported, question about mgmt of snapshot chain
> >>- integrate with fsfreeze (and windows alternative)
> >>
> >>Guest Agent
> >>- have one coming RSN (poke Anthony for details)
> >> 
> >Would there be a chance to have a single agent for everyone, so that we 
> >actually form a Qemu agent instead of a dozen individual ones? I'm mainly 
> >thinking Spice here.
> >   
> 
> Our main design points are to keep the code simple with few dependencies 
> and to provide interfaces that have the maximum amount of flexibility.
> 
> Having a single agent (not an agent framework) is important if we want 
> these interfaces to be ubiquitous.  This really means that the guest 
> agent should be part of the QEMU source tree IMHO so that there is 
> always a standard version of the agent.

The thinking with Matahari is that there is significant overlap between
agent requirements for a physical and virtual host, so it aims to provide
an agent that works everywhere, whether virtualized or not. All that need
change is the communication transport (TCP vs VirtIO Serial vs legacy
serial vs some other data channel), and enable/disable certain agent
services according to deployment scenario. Once you go to a more general
purpose agent in this way, then it doesn't make such sense to put it all
in the QEMU tree.

Regards,
Daniel
-- 
|: Red Hat, Engineering, London-o-   http://people.redhat.com/berrange/ :|
|: http://libvirt.org -o- http://virt-manager.org -o- http://deltacloud.org :|
|: http://autobuild.org-o- http://search.cpan.org/~danberr/ :|
|: GnuPG: 7D3B9505  -o-   F3C9 553F A1DA 4AC2 5648 23C1 B3DF F742 7D3B 9505 :|

Re: [Qemu-devel] KVM call minutes for Oct 19

[Anthony Liguori]

On 10/20/2010 08:19 AM, Daniel P. Berrange wrote:

The thinking with Matahari is that there is significant overlap between
agent requirements for a physical and virtual host, so it aims to provide
an agent that works everywhere, whether virtualized or not. All that need
change is the communication transport (TCP vs VirtIO Serial vs legacy
serial vs some other data channel), and enable/disable certain agent
services according to deployment scenario. Once you go to a more general
purpose agent in this way, then it doesn't make such sense to put it all
in the QEMU tree.
   


Actually, I don't think we want to have a common agent for physical and 
virtual systems.


The requirements are actually very different.  The virtual agent exists 
solely to support hypervisor functionality.  Not to provide general 
purpose system management support.


Regards,

Anthony Liguori


Regards,
Daniel
   

Re: [Qemu-devel] [PATCH] Add a DTrace tracing backend targetted for SystemTAP compatability

[Stefan Hajnoczi]

Please also add dtrace to the ./configure --help output:

echo "  --trace-backend=BTrace backend nop simple ust dtrace"

Stefan

[Qemu-devel] [PATCH v2] Add a DTrace tracing backend targetted for SystemTAP compatability

[Daniel P. Berrange]

This introduces a new tracing backend that targets the SystemTAP
implementation of DTrace userspace tracing. The core functionality
should be applicable and standard across any DTrace implementation
on Solaris, OS-X, *BSD, but the Makefile rules will likely need
some small additional changes to cope with OS specific build
requirements.

This backend builds a little differently from the other tracing
backends. Specifically there is no 'trace.c' file, because the
'dtrace' command line tool generates a '.o' file directly from
the dtrace probe definition file. The probe definition is usually
named with a '.d' extension but QEMU uses '.d' files for its
external makefile dependancy tracking, so this uses '.dtrace' as
the extension for the probe definition file.

The 'tracetool' program gains the ability to generate a trace.h
file for DTrace, and also to generate the trace.d file containing
the dtrace probe definition, and finally a qemu.stp file which is
a wrapper around the probe definition providing more convenient
access from SystemTAP scripts.

eg, instead of

  probe process("qemu").mark("qemu_malloc") {
printf("Malloc %d %p\n", $arg1, $arg2);
  }

The addition of qemu.stp to /usr/share/systemtap/tapset/
lets users write

  probe qemu.qemu_malloc {
printf("Malloc %d %p\n", size, ptr);
  }

In v2:

  - Add check for 'dtrace' command in configure
  - Comply with coding standards in generated code
  - Misc fixes to tracetool
  - Add more generated files to make clean target
  - Mention 'dtrace' backend in configure help

Still todo in v3:

  - Change process("qemu") statement so that it applies
to all 'qemu-system-XXX' binaries not just 'qemu'

* .gitignore: Ignore trace-dtrace.*
* Makefile: Extra rules for generating DTrace files
* Makefile.obj: Don't build trace.o for DTrace, use
  trace-dtrace.o generated by 'dtrace' instead
* tracetool: Support for generating DTrace/SystemTAP
  data files

Signed-off-by: Daniel P. Berrange 
---
 .gitignore|3 +
 Makefile  |   32 +++
 Makefile.objs |4 ++
 configure |   12 -
 tracetool |  169 +
 5 files changed, 209 insertions(+), 11 deletions(-)

diff --git a/.gitignore b/.gitignore
index a43e4d1..0d27afd 100644
--- a/.gitignore
+++ b/.gitignore
@@ -4,6 +4,9 @@ config-host.*
 config-target.*
 trace.h
 trace.c
+trace-dtrace.h
+trace-dtrace.dtrace
+qemu.stp
 *-timestamp
 *-softmmu
 *-darwin-user
diff --git a/Makefile b/Makefile
index 252c817..5aa85f6 100644
--- a/Makefile
+++ b/Makefile
@@ -1,6 +1,9 @@
 # Makefile for QEMU.
 
 GENERATED_HEADERS = config-host.h trace.h
+ifeq ($(TRACE_BACKEND),dtrace)
+GENERATED_HEADERS += trace-dtrace.h
+endif
 
 ifneq ($(wildcard config-host.mak),)
 # Put the all: rule here so that config-host.mak can contain dependencies.
@@ -106,7 +109,11 @@ ui/vnc.o: QEMU_CFLAGS += $(VNC_TLS_CFLAGS)
 
 bt-host.o: QEMU_CFLAGS += $(BLUEZ_CFLAGS)
 
+ifeq ($(TRACE_BACKEND),dtrace)
+trace.h: trace.h-timestamp trace-dtrace.h
+else
 trace.h: trace.h-timestamp
+endif
 trace.h-timestamp: $(SRC_PATH)/trace-events config-host.mak
$(call quiet-command,sh $(SRC_PATH)/tracetool --$(TRACE_BACKEND) -h < 
$< > $@,"  GEN   trace.h")
@cmp -s $@ trace.h || cp $@ trace.h
@@ -118,6 +125,23 @@ trace.c-timestamp: $(SRC_PATH)/trace-events config-host.mak
 
 trace.o: trace.c $(GENERATED_HEADERS)
 
+trace-dtrace.h: trace-dtrace.dtrace
+   $(call quiet-command,dtrace -o $@ -h -s $<, "  GEN   trace-dtrace.h")
+
+# Normal practice is to name DTrace probe file with a '.d' extension
+# but that gets picked up by QEMU's Makefile as an external dependancy
+# rule file. So we use '.dtrace' instead
+trace-dtrace.dtrace: trace-dtrace.dtrace-timestamp
+trace-dtrace.dtrace-timestamp: $(SRC_PATH)/trace-events config-host.mak
+   $(call quiet-command,sh $(SRC_PATH)/tracetool --$(TRACE_BACKEND) -d < 
$< > $@,"  GEN   trace-dtrace.dtrace")
+   @cmp -s $@ trace-dtrace.dtrace || cp $@ trace-dtrace.dtrace
+ifdef CONFIG_LINUX
+   $(call quiet-command,sh $(SRC_PATH)/tracetool --$(TRACE_BACKEND) -s < 
$< > qemu.stp,"  GEN   qemu.stp")
+endif
+
+trace-dtrace.o: trace-dtrace.dtrace $(GENERATED_HEADERS)
+   $(call quiet-command,dtrace -o $@ -G -s $<, "  GEN trace-dtrace.o")
+
 simpletrace.o: simpletrace.c $(GENERATED_HEADERS)
 
 version.o: $(SRC_PATH)/version.rc config-host.mak
@@ -154,6 +178,8 @@ clean:
rm -f slirp/*.o slirp/*.d audio/*.o audio/*.d block/*.o block/*.d 
net/*.o net/*.d fsdev/*.o fsdev/*.d ui/*.o ui/*.d
rm -f qemu-img-cmds.h
rm -f trace.c trace.h trace.c-timestamp trace.h-timestamp
+   rm -f trace-dtrace.dtrace trace-dtrace.dtrace-timestamp
+   rm -f trace-dtrace.h trace-dtrace.h-timestamp qemu.stp
$(MAKE) -C tests clean
for d in $(ALL_SUBDIRS) libhw32 libhw64 libuser libdis libdis-user; do \
if test -d $$d; then $(MAKE) -C $$d $@ || exit 1; fi; \
@@ -214,6 +240,12 @@ ifneq ($(BLOBS),)
  

Re: [Qemu-devel] [PATCH] Add a DTrace tracing backend targetted for SystemTAP compatability

[Daniel P. Berrange]

On Wed, Oct 20, 2010 at 02:50:12PM +0100, Stefan Hajnoczi wrote:
> Please also add dtrace to the ./configure --help output:
> 
> echo "  --trace-backend=BTrace backend nop simple ust dtrace"

I've just sent a v2 that should include all your feedback so far.

Regards,
Daniel
-- 
|: Red Hat, Engineering, London-o-   http://people.redhat.com/berrange/ :|
|: http://libvirt.org -o- http://virt-manager.org -o- http://deltacloud.org :|
|: http://autobuild.org-o- http://search.cpan.org/~danberr/ :|
|: GnuPG: 7D3B9505  -o-   F3C9 553F A1DA 4AC2 5648 23C1 B3DF F742 7D3B 9505 :|

[Qemu-devel] [Bug 663713] Re: Mouse frozen under an emulated ubuntu

[Gerd Hoffmann]

http://patchwork.ozlabs.org/patch/67168/

-- 
Mouse frozen under an emulated ubuntu
https://bugs.launchpad.net/bugs/663713
You received this bug notification because you are a member of qemu-
devel-ml, which is subscribed to QEMU.

Status in QEMU: Incomplete

Bug description:
Qemu 0.13.0

Command line used :

qemu-system-x86_64 --enable-kvm -localtime -soundhw all -k fr -m 1500 -net user 
-net nic,model=rtl8139 -hda disk.img -cdrom ubuntu-10.10-desktop-amd64.iso 
-boot d

When I try to move mouse cursor in qemu, pointer is frozen. Nothing is moving. 
Was working perfectly with Qemu 0.12.5.

Re: [Qemu-devel] [PATCH v2] Add a DTrace tracing backend targetted for SystemTAP compatability

[Stefan Hajnoczi]

On Wed, Oct 20, 2010 at 3:09 PM, Daniel P. Berrange  wrote:
> @@ -2175,6 +2175,16 @@ EOF
>     exit 1
>   fi
>  fi
> +
> +##
> +# For 'dtrace' backend, test if 'dtrace' command is present
> +if ! has 'dtrace' ; then
> +  echo
> +  echo "Error: dtrace command is not found in PATH $PATH"
> +  echo
> +  exit 1
> +fi
> +
>  ##
>  # End of CC checks
>  # After here, no more $cc or $ld runs

This doesn't seem to check that [ "$trace_backend" = "dtrace" ] and
will break ./configure on boxes without dtrace even when
--trace-backend=dtrace is not used.

Stefan

[Qemu-devel] [PATCH] virtio-blk: Respect werror option for flushes

[Kevin Wolf]

The werror option now affects not only write requests, but also flush requests.
Previously, it was not possible to stop a VM on a failed flush.

Signed-off-by: Kevin Wolf 
---
 hw/virtio-blk.c |8 +++-
 1 files changed, 7 insertions(+), 1 deletions(-)

diff --git a/hw/virtio-blk.c b/hw/virtio-blk.c
index a1df26d..dbe2070 100644
--- a/hw/virtio-blk.c
+++ b/hw/virtio-blk.c
@@ -106,7 +106,13 @@ static void virtio_blk_flush_complete(void *opaque, int 
ret)
 {
 VirtIOBlockReq *req = opaque;
 
-virtio_blk_req_complete(req, ret ? VIRTIO_BLK_S_IOERR : VIRTIO_BLK_S_OK);
+if (ret) {
+if (virtio_blk_handle_rw_error(req, -ret, 0)) {
+return;
+}
+}
+
+virtio_blk_req_complete(req, VIRTIO_BLK_S_OK);
 }
 
 static VirtIOBlockReq *virtio_blk_alloc_request(VirtIOBlock *s)
-- 
1.7.2.3

Re: [Qemu-devel] Re: [PATCH 1/3] Make kvm64 the default cpu model when kvm_enabled()

[Blue Swirl]

On Mon, Oct 18, 2010 at 2:16 PM, Anthony Liguori
 wrote:
> On 10/18/2010 03:22 AM, Roedel, Joerg wrote:
>>
>> (Sorry for the late reply)
>>
>> On Thu, Oct 07, 2010 at 08:48:06AM -0400, Anthony Liguori wrote:
>>
>>>
>>> On 10/07/2010 03:42 AM, Roedel, Joerg wrote:
>>>

 On Wed, Oct 06, 2010 at 03:24:59PM -0400, Anthony Liguori wrote:


>>>
>>> +    qemu_compat_version = machine->compat_version;
>>> +
>>>        if (display_type == DT_NOGRAPHIC) {
>>>            if (default_parallel)
>>>                add_device_config(DEV_PARALLEL, "null");
>>> --
>>> 1.7.0.4
>>>
>>>
>>>
>>
>> Looks fine to me, given CPUs are not in qdev. Anthony?
>>
>>
>>
>
> The idea is fine, but why not just add the default CPU to the machine
> description?
>
>

 If I remember correctly the reason was that the machine description was
 not accessible in the cpuid initialization path because it is a function
 local variable.

>>>
>>> Not tested at all but I think the attached patch addresses it in a
>>> pretty nice way.
>>>
>>> There's a couple ways you could support your patch on top of this.  You
>>> could add a kvm_cpu_model to the machine structure that gets defaulted
>>> too if kvm_enabled().  You could also introduce a new KVM machine type
>>> that gets defaulted to if no explicit machine is specified.
>>>
>>
>> I had something similar in mind but then I realized that we need at
>> least a cpu_model and a cpu_model_kvm to distinguish between the TCG and
>> the KVM case.
>>
>
> I would think that having different default machines for KVM and TCG would
> be a better solution.
>
>> Further the QEMUMachine data structure is used for all architectures in
>> QEMU and the model-names only make sense for x86.
>
> SPARC uses cpu_model too FWIW.  I believe Blue Swirl has even discussed
> using a feature-format similar to how x86 does it for SPARC CPUs.

Actually I copied Sparc feature support from x86. Generic feature
support would be nice.

Re: [Qemu-devel] [PATCH 3/3] monitor: add usb_attach and usb_detach

[Luiz Capitulino]

On Tue, 19 Oct 2010 15:35:01 +0200
Gerd Hoffmann  wrote:

>Hi,
> 
> > +.help   = "attach USB device 'bus.addr'",
> 
> > +...@item usb_attach @var{devname}
> 
> /me sees a mismatch here.
> 
> There is still the use case question.  Also note that this might have 
> unwanted side effects when drivers automagically attach/detach devices 
> like usb-host.

Alon, did you check this? I hope it doesn't blowup.

> Having this purely for debugging/troubleshooting purposes would be fine 
> with me, but the documentation should clearly say so.

Is this useful in production or only in the development of new devices? If
it's the letter, then I would even prefer enabling them only when DEBUG
is enabled.

[Qemu-devel] Re: [PATCH 1/3] trace: Relax trace-events parsing regex in simpletrace.py

[Blue Swirl]

Thanks, applied all.

On Mon, Oct 18, 2010 at 12:42 PM, Stefan Hajnoczi
 wrote:
> The regular expression to parse trace event definitions assumed the
> format string would be a simple double-quoted string.  However, we now
> use PRI?64 for portability which splits string literals.  The regular
> expression can disregard the format string entirely since simpletrace.py
> never needs to use it.
>
> Signed-off-by: Stefan Hajnoczi 
> ---
>  simpletrace.py |    4 ++--
>  1 files changed, 2 insertions(+), 2 deletions(-)
>
> diff --git a/simpletrace.py b/simpletrace.py
> index c2cf168..553a727 100755
> --- a/simpletrace.py
> +++ b/simpletrace.py
> @@ -19,7 +19,7 @@ header_version  = 0
>
>  trace_fmt = '='
>  trace_len = struct.calcsize(trace_fmt)
> -event_re  = 
> re.compile(r'(disable\s+)?([a-zA-Z0-9_]+)\(([^)]*)\)\s+"([^"]*)"')
> +event_re  = re.compile(r'(disable\s+)?([a-zA-Z0-9_]+)\(([^)]*)\).*')
>
>  def err(msg):
>     sys.stderr.write(msg + '\n')
> @@ -39,7 +39,7 @@ def parse_events(fobj):
>         if m is None:
>             continue
>
> -        disable, name, args, fmt = m.groups()
> +        disable, name, args = m.groups()
>         events[event_num] = (name,) + get_argnames(args)
>         event_num += 1
>     return events
> --
> 1.7.1
>
>

[Qemu-devel] Re: [PATCH] trace: improve info trace output

[Blue Swirl]

Thanks for the Ack, applied.

On Mon, Oct 18, 2010 at 10:27 AM, Stefan Hajnoczi
 wrote:
> On Sun, Oct 17, 2010 at 08:05:45AM +, Blue Swirl wrote:
>> Use PRI*64 to print full 64 bit data even on ILP32 hosts.
>>
>> Print also sixth tracepoint parameter.
>>
>> Cc: Stefan Hajnoczi 
>> Signed-off-by: Blue Swirl 
>> ---
>>  simpletrace.c |    6 --
>>  1 files changed, 4 insertions(+), 2 deletions(-)
>
> Acked-by: Stefan Hajnoczi 
>

[Qemu-devel] [Bug 654913] Re: Windows XP uses 200% CPU when given 2 VCPUs

[.:. brainsik]

Can you tell me what the "right drivers" are? Or do you mean enabling
"ACPI"?

I've just finished a whole slew of benchmarks and I'm going back to no-
acpi with the 200% CPU issue, because the VMs are actually faster that
way. Turning on ACPI is very slow.

Looking throw QEMU bug reports, I found that a single CPU WinXP guest
used to use 100% CPU, but that was fixed. Why is this not considered a
bug as well?

Thank you.


** Changed in: qemu
   Status: Invalid => New

-- 
Windows XP uses 200% CPU when given 2 VCPUs
https://bugs.launchpad.net/bugs/654913
You received this bug notification because you are a member of qemu-
devel-ml, which is subscribed to QEMU.

Status in QEMU: New

Bug description:
When using libvirt to give a domain 2 CPUs (2), the Windows XP kvm process will use 200% 
CPU when Windows is idle. Switching the number of CPUs back to 1, the kvm 
process gives normal idle percentages.

Using libvirt 0.8.3-1ubuntu9, tried with the following qemu-kvm packages:

qemu-kvm_0.12.4+noroms-0ubuntu7_amd64.deb
qemu-kvm_0.12.5+noroms-0ubuntu4_amd64.deb

The smp flag being set by libvirt is:

-smp 2,sockets=2,cores=1,threads=1

[Qemu-devel] [PATCH] Add a DTrace tracing backend targetted for SystemTAP compatability (v3)

[Daniel P. Berrange]

This introduces a new tracing backend that targets the SystemTAP
implementation of DTrace userspace tracing. The core functionality
should be applicable and standard across any DTrace implementation
on Solaris, OS-X, *BSD, but the Makefile rules will likely need
some small additional changes to cope with OS specific build
requirements.

This backend builds a little differently from the other tracing
backends. Specifically there is no 'trace.c' file, because the
'dtrace' command line tool generates a '.o' file directly from
the dtrace probe definition file. The probe definition is usually
named with a '.d' extension but QEMU uses '.d' files for its
external makefile dependancy tracking, so this uses '.dtrace' as
the extension for the probe definition file.

The 'tracetool' program gains the ability to generate a trace.h
file for DTrace, and also to generate the trace.d file containing
the dtrace probe definition, and finally a qemu.stp file which is
a wrapper around the probe definition providing more convenient
access from SystemTAP scripts.

eg, instead of

  probe process("qemu").mark("qemu_malloc") {
printf("Malloc %d %p\n", $arg1, $arg2);
  }

The addition of qemu.stp to /usr/share/systemtap/tapset/
lets users write

  probe qemu.qemu_malloc {
printf("Malloc %d %p\n", size, ptr);
  }

In v2:

  - Add check for 'dtrace' command in configure
  - Comply with coding standards in generated code
  - Misc fixes to tracetool
  - Add more generated files to make clean target
  - Mention 'dtrace' backend in configure help

In v3:

  - Make sure dtrace check in configure only runs
when dtrace backend is selected

Still todo in v4:

  - Change process("qemu") statement so that it applies
to all 'qemu-system-XXX' binaries not just 'qemu'

* .gitignore: Ignore trace-dtrace.*
* Makefile: Extra rules for generating DTrace files
* Makefile.obj: Don't build trace.o for DTrace, use
  trace-dtrace.o generated by 'dtrace' instead
* tracetool: Support for generating DTrace/SystemTAP
  data files

Signed-off-by: Daniel P. Berrange 
---
 .gitignore|3 +
 Makefile  |   32 +++
 Makefile.objs |4 ++
 configure |   14 +-
 tracetool |  169 +
 5 files changed, 211 insertions(+), 11 deletions(-)

diff --git a/.gitignore b/.gitignore
index a43e4d1..0d27afd 100644
--- a/.gitignore
+++ b/.gitignore
@@ -4,6 +4,9 @@ config-host.*
 config-target.*
 trace.h
 trace.c
+trace-dtrace.h
+trace-dtrace.dtrace
+qemu.stp
 *-timestamp
 *-softmmu
 *-darwin-user
diff --git a/Makefile b/Makefile
index 252c817..5aa85f6 100644
--- a/Makefile
+++ b/Makefile
@@ -1,6 +1,9 @@
 # Makefile for QEMU.
 
 GENERATED_HEADERS = config-host.h trace.h
+ifeq ($(TRACE_BACKEND),dtrace)
+GENERATED_HEADERS += trace-dtrace.h
+endif
 
 ifneq ($(wildcard config-host.mak),)
 # Put the all: rule here so that config-host.mak can contain dependencies.
@@ -106,7 +109,11 @@ ui/vnc.o: QEMU_CFLAGS += $(VNC_TLS_CFLAGS)
 
 bt-host.o: QEMU_CFLAGS += $(BLUEZ_CFLAGS)
 
+ifeq ($(TRACE_BACKEND),dtrace)
+trace.h: trace.h-timestamp trace-dtrace.h
+else
 trace.h: trace.h-timestamp
+endif
 trace.h-timestamp: $(SRC_PATH)/trace-events config-host.mak
$(call quiet-command,sh $(SRC_PATH)/tracetool --$(TRACE_BACKEND) -h < 
$< > $@,"  GEN   trace.h")
@cmp -s $@ trace.h || cp $@ trace.h
@@ -118,6 +125,23 @@ trace.c-timestamp: $(SRC_PATH)/trace-events config-host.mak
 
 trace.o: trace.c $(GENERATED_HEADERS)
 
+trace-dtrace.h: trace-dtrace.dtrace
+   $(call quiet-command,dtrace -o $@ -h -s $<, "  GEN   trace-dtrace.h")
+
+# Normal practice is to name DTrace probe file with a '.d' extension
+# but that gets picked up by QEMU's Makefile as an external dependancy
+# rule file. So we use '.dtrace' instead
+trace-dtrace.dtrace: trace-dtrace.dtrace-timestamp
+trace-dtrace.dtrace-timestamp: $(SRC_PATH)/trace-events config-host.mak
+   $(call quiet-command,sh $(SRC_PATH)/tracetool --$(TRACE_BACKEND) -d < 
$< > $@,"  GEN   trace-dtrace.dtrace")
+   @cmp -s $@ trace-dtrace.dtrace || cp $@ trace-dtrace.dtrace
+ifdef CONFIG_LINUX
+   $(call quiet-command,sh $(SRC_PATH)/tracetool --$(TRACE_BACKEND) -s < 
$< > qemu.stp,"  GEN   qemu.stp")
+endif
+
+trace-dtrace.o: trace-dtrace.dtrace $(GENERATED_HEADERS)
+   $(call quiet-command,dtrace -o $@ -G -s $<, "  GEN trace-dtrace.o")
+
 simpletrace.o: simpletrace.c $(GENERATED_HEADERS)
 
 version.o: $(SRC_PATH)/version.rc config-host.mak
@@ -154,6 +178,8 @@ clean:
rm -f slirp/*.o slirp/*.d audio/*.o audio/*.d block/*.o block/*.d 
net/*.o net/*.d fsdev/*.o fsdev/*.d ui/*.o ui/*.d
rm -f qemu-img-cmds.h
rm -f trace.c trace.h trace.c-timestamp trace.h-timestamp
+   rm -f trace-dtrace.dtrace trace-dtrace.dtrace-timestamp
+   rm -f trace-dtrace.h trace-dtrace.h-timestamp qemu.stp
$(MAKE) -C tests clean
for d in $(ALL_SUBDIRS) libhw32 libhw64 libuser libdis libdis-user; do \
if test -d $$

[Qemu-devel] [PATCH 10/10] Fix memory leak in register save load due to xsave support

[Marcelo Tosatti]

From: Avi Kivity 
Signed-off-by: Marcelo Tosatti 
---
 target-i386/kvm.c |   11 ---
 1 files changed, 8 insertions(+), 3 deletions(-)

diff --git a/target-i386/kvm.c b/target-i386/kvm.c
index 1701cb9..2449c2f 100644
--- a/target-i386/kvm.c
+++ b/target-i386/kvm.c
@@ -660,7 +660,7 @@ static int kvm_put_fpu(CPUState *env)
 static int kvm_put_xsave(CPUState *env)
 {
 #ifdef KVM_CAP_XSAVE
-int i;
+int i, r;
 struct kvm_xsave* xsave;
 uint16_t cwd, swd, twd, fop;
 
@@ -685,7 +685,9 @@ static int kvm_put_xsave(CPUState *env)
 *(uint64_t *)&xsave->region[XSAVE_XSTATE_BV] = env->xstate_bv;
 memcpy(&xsave->region[XSAVE_YMMH_SPACE], env->ymmh_regs,
 sizeof env->ymmh_regs);
-return kvm_vcpu_ioctl(env, KVM_SET_XSAVE, xsave);
+r = kvm_vcpu_ioctl(env, KVM_SET_XSAVE, xsave);
+qemu_free(xsave);
+return r;
 #else
 return kvm_put_fpu(env);
 #endif
@@ -850,8 +852,10 @@ static int kvm_get_xsave(CPUState *env)
 
 xsave = qemu_memalign(4096, sizeof(struct kvm_xsave));
 ret = kvm_vcpu_ioctl(env, KVM_GET_XSAVE, xsave);
-if (ret < 0)
+if (ret < 0) {
+qemu_free(xsave);
 return ret;
+}
 
 cwd = (uint16_t)xsave->region[0];
 swd = (uint16_t)(xsave->region[0] >> 16);
@@ -870,6 +874,7 @@ static int kvm_get_xsave(CPUState *env)
 env->xstate_bv = *(uint64_t *)&xsave->region[XSAVE_XSTATE_BV];
 memcpy(env->ymmh_regs, &xsave->region[XSAVE_YMMH_SPACE],
 sizeof env->ymmh_regs);
+qemu_free(xsave);
 return 0;
 #else
 return kvm_get_fpu(env);
-- 
1.7.2.1

[Qemu-devel] [PATCH 00/10] [PULL] qemu-kvm.git uq/master queue

[Marcelo Tosatti]

The following changes since commit 38cc9b607f85017b095793cab6c129bc9844f441:

  issue snd_pcm_start() when capturing audio (2010-10-18 00:39:06 +0400)

are available in the git repository at:
  git://git.kernel.org/pub/scm/virt/kvm/qemu-kvm.git uq/master

Huang Ying (1):
  Add RAM -> physical addr mapping in MCE simulation

Joerg Roedel (2):
  Set cpuid definition to 0 before initializing it
  Add svm cpuid features

Marcelo Tosatti (7):
  signalfd compatibility
  iothread: use signalfd
  kvm: x86: add mce support
  Export qemu_ram_addr_from_host
  MCE: Relay UCR MCE to guest
  Add savevm/loadvm support for MCE
  Fix memory leak in register save load due to xsave support

 Makefile.objs |1 +
 compatfd.c|  117 ++
 compatfd.h|   43 +++
 configure |   18 +++
 cpu-common.h  |3 +-
 cpus.c|  156 ++--
 exec-all.h|2 +-
 exec.c|   26 +++--
 kvm-all.c |   18 +++
 kvm-stub.c|5 +
 kvm.h |9 ++
 target-i386/cpu.h |   32 +-
 target-i386/cpuid.c   |   79 ++---
 target-i386/helper.c  |6 +
 target-i386/kvm.c |  311 -
 target-i386/kvm_x86.h |   22 
 16 files changed, 801 insertions(+), 47 deletions(-)
 create mode 100644 compatfd.c
 create mode 100644 compatfd.h
 create mode 100644 target-i386/kvm_x86.h

[Qemu-devel] [PATCH 03/10] signalfd compatibility

[Marcelo Tosatti]

Port qemu-kvm's signalfd compat code.

commit 5a7fdd0abd7cd24dac205317a4195446ab8748b5
Author: Anthony Liguori 
Date:   Wed May 7 11:55:47 2008 -0500

Use signalfd() in io-thread

This patch reworks the IO thread to use signalfd() instead of sigtimedwait()
This will eliminate the need to use SIGIO everywhere.

Signed-off-by: Marcelo Tosatti 
Signed-off-by: Avi Kivity 
---
 Makefile.objs |1 +
 compatfd.c|  117 +
 compatfd.h|   43 +
 configure |   18 +
 4 files changed, 179 insertions(+), 0 deletions(-)
 create mode 100644 compatfd.c
 create mode 100644 compatfd.h

diff --git a/Makefile.objs b/Makefile.objs
index 816194a..d73002d 100644
--- a/Makefile.objs
+++ b/Makefile.objs
@@ -125,6 +125,7 @@ common-obj-y += $(addprefix ui/, $(ui-obj-y))
 
 common-obj-y += iov.o acl.o
 common-obj-$(CONFIG_THREAD) += qemu-thread.o
+common-obj-$(CONFIG_IOTHREAD) += compatfd.o
 common-obj-y += notify.o event_notifier.o
 common-obj-y += qemu-timer.o
 
diff --git a/compatfd.c b/compatfd.c
new file mode 100644
index 000..a7cebc4
--- /dev/null
+++ b/compatfd.c
@@ -0,0 +1,117 @@
+/*
+ * signalfd/eventfd compatibility
+ *
+ * Copyright IBM, Corp. 2008
+ *
+ * Authors:
+ *  Anthony Liguori   
+ *
+ * This work is licensed under the terms of the GNU GPL, version 2.  See
+ * the COPYING file in the top-level directory.
+ *
+ */
+
+#include "qemu-common.h"
+#include "compatfd.h"
+
+#include 
+#include 
+
+struct sigfd_compat_info
+{
+sigset_t mask;
+int fd;
+};
+
+static void *sigwait_compat(void *opaque)
+{
+struct sigfd_compat_info *info = opaque;
+int err;
+sigset_t all;
+
+sigfillset(&all);
+sigprocmask(SIG_BLOCK, &all, NULL);
+
+do {
+siginfo_t siginfo;
+
+err = sigwaitinfo(&info->mask, &siginfo);
+if (err == -1 && errno == EINTR) {
+err = 0;
+continue;
+}
+
+if (err > 0) {
+char buffer[128];
+size_t offset = 0;
+
+memcpy(buffer, &err, sizeof(err));
+while (offset < sizeof(buffer)) {
+ssize_t len;
+
+len = write(info->fd, buffer + offset,
+sizeof(buffer) - offset);
+if (len == -1 && errno == EINTR)
+continue;
+
+if (len <= 0) {
+err = -1;
+break;
+}
+
+offset += len;
+}
+}
+} while (err >= 0);
+
+return NULL;
+}
+
+static int qemu_signalfd_compat(const sigset_t *mask)
+{
+pthread_attr_t attr;
+pthread_t tid;
+struct sigfd_compat_info *info;
+int fds[2];
+
+info = malloc(sizeof(*info));
+if (info == NULL) {
+errno = ENOMEM;
+return -1;
+}
+
+if (pipe(fds) == -1) {
+free(info);
+return -1;
+}
+
+qemu_set_cloexec(fds[0]);
+qemu_set_cloexec(fds[1]);
+
+memcpy(&info->mask, mask, sizeof(*mask));
+info->fd = fds[1];
+
+pthread_attr_init(&attr);
+pthread_attr_setdetachstate(&attr, PTHREAD_CREATE_DETACHED);
+
+pthread_create(&tid, &attr, sigwait_compat, info);
+
+pthread_attr_destroy(&attr);
+
+return fds[0];
+}
+
+int qemu_signalfd(const sigset_t *mask)
+{
+#if defined(CONFIG_SIGNALFD)
+int ret;
+
+ret = syscall(SYS_signalfd, -1, mask, _NSIG / 8);
+if (ret != -1) {
+qemu_set_cloexec(ret);
+return ret;
+}
+#endif
+
+return qemu_signalfd_compat(mask);
+}
diff --git a/compatfd.h b/compatfd.h
new file mode 100644
index 000..fc37915
--- /dev/null
+++ b/compatfd.h
@@ -0,0 +1,43 @@
+/*
+ * signalfd/eventfd compatibility
+ *
+ * Copyright IBM, Corp. 2008
+ *
+ * Authors:
+ *  Anthony Liguori   
+ *
+ * This work is licensed under the terms of the GNU GPL, version 2.  See
+ * the COPYING file in the top-level directory.
+ *
+ */
+
+#ifndef QEMU_COMPATFD_H
+#define QEMU_COMPATFD_H
+
+#include 
+
+struct qemu_signalfd_siginfo {
+uint32_t ssi_signo;   /* Signal number */
+int32_t  ssi_errno;   /* Error number (unused) */
+int32_t  ssi_code;/* Signal code */
+uint32_t ssi_pid; /* PID of sender */
+uint32_t ssi_uid; /* Real UID of sender */
+int32_t  ssi_fd;  /* File descriptor (SIGIO) */
+uint32_t ssi_tid; /* Kernel timer ID (POSIX timers) */
+uint32_t ssi_band;/* Band event (SIGIO) */
+uint32_t ssi_overrun; /* POSIX timer overrun count */
+uint32_t ssi_trapno;  /* Trap number that caused signal */
+int32_t  ssi_status;  /* Exit status or signal (SIGCHLD) */
+int32_t  ssi_int; /* Integer sent by sigqueue(2) */
+uint64_t ssi_ptr; /* Pointer sent by sigqueue(2) */
+uint64_t ssi_utime;   /* User CPU time consumed (SIGCHLD) */
+uint64_t ssi_stime;   /* System CPU time consumed (SIGCHLD) */
+uint64_t ssi_addr;/* Address that generated signal
+  

[Qemu-devel] [PATCH 06/10] Export qemu_ram_addr_from_host

[Marcelo Tosatti]

To be used by next patches.

Signed-off-by: Marcelo Tosatti 
Signed-off-by: Avi Kivity 
---
 cpu-common.h |3 ++-
 exec-all.h   |2 +-
 exec.c   |   26 +-
 3 files changed, 20 insertions(+), 11 deletions(-)

diff --git a/cpu-common.h b/cpu-common.h
index 0426bc8..a543b5d 100644
--- a/cpu-common.h
+++ b/cpu-common.h
@@ -47,7 +47,8 @@ void qemu_ram_free(ram_addr_t addr);
 /* This should only be used for ram local to a device.  */
 void *qemu_get_ram_ptr(ram_addr_t addr);
 /* This should not be used by devices.  */
-ram_addr_t qemu_ram_addr_from_host(void *ptr);
+int qemu_ram_addr_from_host(void *ptr, ram_addr_t *ram_addr);
+ram_addr_t qemu_ram_addr_from_host_nofail(void *ptr);
 
 int cpu_register_io_memory(CPUReadMemoryFunc * const *mem_read,
CPUWriteMemoryFunc * const *mem_write,
diff --git a/exec-all.h b/exec-all.h
index 3a53fe6..c457058 100644
--- a/exec-all.h
+++ b/exec-all.h
@@ -334,7 +334,7 @@ static inline tb_page_addr_t get_page_addr_code(CPUState 
*env1, target_ulong add
 }
 p = (void *)(unsigned long)addr
 + env1->tlb_table[mmu_idx][page_index].addend;
-return qemu_ram_addr_from_host(p);
+return qemu_ram_addr_from_host_nofail(p);
 }
 #endif
 
diff --git a/exec.c b/exec.c
index 1fbe91c..631d8c5 100644
--- a/exec.c
+++ b/exec.c
@@ -2085,7 +2085,7 @@ static inline void tlb_update_dirty(CPUTLBEntry 
*tlb_entry)
 if ((tlb_entry->addr_write & ~TARGET_PAGE_MASK) == IO_MEM_RAM) {
 p = (void *)(unsigned long)((tlb_entry->addr_write & TARGET_PAGE_MASK)
 + tlb_entry->addend);
-ram_addr = qemu_ram_addr_from_host(p);
+ram_addr = qemu_ram_addr_from_host_nofail(p);
 if (!cpu_physical_memory_is_dirty(ram_addr)) {
 tlb_entry->addr_write |= TLB_NOTDIRTY;
 }
@@ -2938,23 +2938,31 @@ void *qemu_get_ram_ptr(ram_addr_t addr)
 return NULL;
 }
 
-/* Some of the softmmu routines need to translate from a host pointer
-   (typically a TLB entry) back to a ram offset.  */
-ram_addr_t qemu_ram_addr_from_host(void *ptr)
+int qemu_ram_addr_from_host(void *ptr, ram_addr_t *ram_addr)
 {
 RAMBlock *block;
 uint8_t *host = ptr;
 
 QLIST_FOREACH(block, &ram_list.blocks, next) {
 if (host - block->host < block->length) {
-return block->offset + (host - block->host);
+*ram_addr = block->offset + (host - block->host);
+return 0;
 }
 }
+return -1;
+}
 
-fprintf(stderr, "Bad ram pointer %p\n", ptr);
-abort();
+/* Some of the softmmu routines need to translate from a host pointer
+   (typically a TLB entry) back to a ram offset.  */
+ram_addr_t qemu_ram_addr_from_host_nofail(void *ptr)
+{
+ram_addr_t ram_addr;
 
-return 0;
+if (qemu_ram_addr_from_host(ptr, &ram_addr)) {
+fprintf(stderr, "Bad ram pointer %p\n", ptr);
+abort();
+}
+return ram_addr;
 }
 
 static uint32_t unassigned_mem_readb(void *opaque, target_phys_addr_t addr)
@@ -3703,7 +3711,7 @@ void cpu_physical_memory_unmap(void *buffer, 
target_phys_addr_t len,
 {
 if (buffer != bounce.buffer) {
 if (is_write) {
-ram_addr_t addr1 = qemu_ram_addr_from_host(buffer);
+ram_addr_t addr1 = qemu_ram_addr_from_host_nofail(buffer);
 while (access_len) {
 unsigned l;
 l = TARGET_PAGE_SIZE;
-- 
1.7.2.1

[Qemu-devel] [PATCH 01/10] Set cpuid definition to 0 before initializing it

[Marcelo Tosatti]

From: Joerg Roedel 

This patch cleans the (stack-allocated) cpuid definition to
0 before actually initializing it.

Signed-off-by: Joerg Roedel 
Signed-off-by: Avi Kivity 
---
 target-i386/cpuid.c |2 ++
 1 files changed, 2 insertions(+), 0 deletions(-)

diff --git a/target-i386/cpuid.c b/target-i386/cpuid.c
index 04ba8d5..3fcf78f 100644
--- a/target-i386/cpuid.c
+++ b/target-i386/cpuid.c
@@ -788,6 +788,8 @@ int cpu_x86_register (CPUX86State *env, const char 
*cpu_model)
 {
 x86_def_t def1, *def = &def1;
 
+memset(def, 0, sizeof(*def));
+
 if (cpu_x86_find_by_name(def, cpu_model) < 0)
 return -1;
 if (def->vendor1) {
-- 
1.7.2.1

[Qemu-devel] [PATCH 07/10] Add RAM -> physical addr mapping in MCE simulation

[Marcelo Tosatti]

From: Huang Ying 

In QEMU-KVM, physical address != RAM address. While MCE simulation
needs physical address instead of RAM address. So
kvm_physical_memory_addr_from_ram() is implemented to do the
conversion, and it is invoked before being filled in the IA32_MCi_ADDR
MSR.

Reported-by: Dean Nelson 
Signed-off-by: Huang Ying 
Signed-off-by: Marcelo Tosatti 
Signed-off-by: Avi Kivity 
---
 kvm-all.c |   18 ++
 kvm.h |6 ++
 2 files changed, 24 insertions(+), 0 deletions(-)

diff --git a/kvm-all.c b/kvm-all.c
index 1cc696f..37b99c7 100644
--- a/kvm-all.c
+++ b/kvm-all.c
@@ -137,6 +137,24 @@ static KVMSlot *kvm_lookup_overlapping_slot(KVMState *s,
 return found;
 }
 
+int kvm_physical_memory_addr_from_ram(KVMState *s, ram_addr_t ram_addr,
+  target_phys_addr_t *phys_addr)
+{
+int i;
+
+for (i = 0; i < ARRAY_SIZE(s->slots); i++) {
+KVMSlot *mem = &s->slots[i];
+
+if (ram_addr >= mem->phys_offset &&
+ram_addr < mem->phys_offset + mem->memory_size) {
+*phys_addr = mem->start_addr + (ram_addr - mem->phys_offset);
+return 1;
+}
+}
+
+return 0;
+}
+
 static int kvm_set_user_memory_region(KVMState *s, KVMSlot *slot)
 {
 struct kvm_userspace_memory_region mem;
diff --git a/kvm.h b/kvm.h
index 50b6c01..b2fb3af 100644
--- a/kvm.h
+++ b/kvm.h
@@ -174,6 +174,12 @@ static inline void cpu_synchronize_post_init(CPUState *env)
 }
 }
 
+
+#if !defined(CONFIG_USER_ONLY)
+int kvm_physical_memory_addr_from_ram(KVMState *s, ram_addr_t ram_addr,
+  target_phys_addr_t *phys_addr);
+#endif
+
 #endif
 int kvm_set_ioeventfd_mmio_long(int fd, uint32_t adr, uint32_t val, bool 
assign);
 
-- 
1.7.2.1

[Qemu-devel] [PATCH 04/10] iothread: use signalfd

[Marcelo Tosatti]

Block SIGALRM, SIGIO and consume them via signalfd.

Signed-off-by: Marcelo Tosatti 
Signed-off-by: Avi Kivity 
---
 cpus.c |   74 +++
 1 files changed, 69 insertions(+), 5 deletions(-)

diff --git a/cpus.c b/cpus.c
index b09f5e3..3875657 100644
--- a/cpus.c
+++ b/cpus.c
@@ -33,6 +33,7 @@
 #include "exec-all.h"
 
 #include "cpus.h"
+#include "compatfd.h"
 
 #ifdef SIGRTMIN
 #define SIG_IPI (SIGRTMIN+4)
@@ -329,14 +330,75 @@ static QemuCond qemu_work_cond;
 
 static void tcg_init_ipi(void);
 static void kvm_init_ipi(CPUState *env);
-static void unblock_io_signals(void);
+static sigset_t block_io_signals(void);
+
+/* If we have signalfd, we mask out the signals we want to handle and then
+ * use signalfd to listen for them.  We rely on whatever the current signal
+ * handler is to dispatch the signals when we receive them.
+ */
+static void sigfd_handler(void *opaque)
+{
+int fd = (unsigned long) opaque;
+struct qemu_signalfd_siginfo info;
+struct sigaction action;
+ssize_t len;
+
+while (1) {
+do {
+len = read(fd, &info, sizeof(info));
+} while (len == -1 && errno == EINTR);
+
+if (len == -1 && errno == EAGAIN) {
+break;
+}
+
+if (len != sizeof(info)) {
+printf("read from sigfd returned %zd: %m\n", len);
+return;
+}
+
+sigaction(info.ssi_signo, NULL, &action);
+if ((action.sa_flags & SA_SIGINFO) && action.sa_sigaction) {
+action.sa_sigaction(info.ssi_signo,
+(siginfo_t *)&info, NULL);
+} else if (action.sa_handler) {
+action.sa_handler(info.ssi_signo);
+}
+}
+}
+
+static int qemu_signalfd_init(sigset_t mask)
+{
+int sigfd;
+
+sigfd = qemu_signalfd(&mask);
+if (sigfd == -1) {
+fprintf(stderr, "failed to create signalfd\n");
+return -errno;
+}
+
+fcntl_setfl(sigfd, O_NONBLOCK);
+
+qemu_set_fd_handler2(sigfd, NULL, sigfd_handler, NULL,
+ (void *)(unsigned long) sigfd);
+
+return 0;
+}
 
 int qemu_init_main_loop(void)
 {
 int ret;
+sigset_t blocked_signals;
 
 cpu_set_debug_excp_handler(cpu_debug_handler);
 
+blocked_signals = block_io_signals();
+
+ret = qemu_signalfd_init(blocked_signals);
+if (ret)
+return ret;
+
+/* Note eventfd must be drained before signalfd handlers run */
 ret = qemu_event_init();
 if (ret)
 return ret;
@@ -347,7 +409,6 @@ int qemu_init_main_loop(void)
 qemu_mutex_init(&qemu_global_mutex);
 qemu_mutex_lock(&qemu_global_mutex);
 
-unblock_io_signals();
 qemu_thread_self(&io_thread);
 
 return 0;
@@ -586,19 +647,22 @@ static void kvm_init_ipi(CPUState *env)
 }
 }
 
-static void unblock_io_signals(void)
+static sigset_t block_io_signals(void)
 {
 sigset_t set;
 
+/* SIGUSR2 used by posix-aio-compat.c */
 sigemptyset(&set);
 sigaddset(&set, SIGUSR2);
-sigaddset(&set, SIGIO);
-sigaddset(&set, SIGALRM);
 pthread_sigmask(SIG_UNBLOCK, &set, NULL);
 
 sigemptyset(&set);
+sigaddset(&set, SIGIO);
+sigaddset(&set, SIGALRM);
 sigaddset(&set, SIG_IPI);
 pthread_sigmask(SIG_BLOCK, &set, NULL);
+
+return set;
 }
 
 void qemu_mutex_lock_iothread(void)
-- 
1.7.2.1

[Qemu-devel] [PATCH 09/10] Add savevm/loadvm support for MCE

[Marcelo Tosatti]

Port qemu-kvm's

commit 1bab5d11545d8de5facf46c28630085a2f9651ae
Author: Huang Ying 
Date:   Wed Mar 3 16:52:46 2010 +0800

Add savevm/loadvm support for MCE

MCE registers are saved/load into/from CPUState in
kvm_arch_save/load_regs. To simulate the MCG_STATUS clearing upon
reset, MSR_MCG_STATUS is set to 0 for KVM_PUT_RESET_STATE.

Signed-off-by: Marcelo Tosatti 
Signed-off-by: Avi Kivity 
---
 target-i386/kvm.c |   39 ++-
 1 files changed, 38 insertions(+), 1 deletions(-)

diff --git a/target-i386/kvm.c b/target-i386/kvm.c
index 8e26bc4..1701cb9 100644
--- a/target-i386/kvm.c
+++ b/target-i386/kvm.c
@@ -777,7 +777,7 @@ static int kvm_put_msrs(CPUState *env, int level)
 struct kvm_msr_entry entries[100];
 } msr_data;
 struct kvm_msr_entry *msrs = msr_data.entries;
-int n = 0;
+int i, n = 0;
 
 kvm_msr_entry_set(&msrs[n++], MSR_IA32_SYSENTER_CS, env->sysenter_cs);
 kvm_msr_entry_set(&msrs[n++], MSR_IA32_SYSENTER_ESP, env->sysenter_esp);
@@ -797,6 +797,18 @@ static int kvm_put_msrs(CPUState *env, int level)
   env->system_time_msr);
 kvm_msr_entry_set(&msrs[n++], MSR_KVM_WALL_CLOCK, env->wall_clock_msr);
 }
+#ifdef KVM_CAP_MCE
+if (env->mcg_cap) {
+if (level == KVM_PUT_RESET_STATE)
+kvm_msr_entry_set(&msrs[n++], MSR_MCG_STATUS, env->mcg_status);
+else if (level == KVM_PUT_FULL_STATE) {
+kvm_msr_entry_set(&msrs[n++], MSR_MCG_STATUS, env->mcg_status);
+kvm_msr_entry_set(&msrs[n++], MSR_MCG_CTL, env->mcg_ctl);
+for (i = 0; i < (env->mcg_cap & 0xff) * 4; i++)
+kvm_msr_entry_set(&msrs[n++], MSR_MC0_CTL + i, 
env->mce_banks[i]);
+}
+}
+#endif
 
 msr_data.info.nmsrs = n;
 
@@ -1004,6 +1016,15 @@ static int kvm_get_msrs(CPUState *env)
 msrs[n++].index = MSR_KVM_SYSTEM_TIME;
 msrs[n++].index = MSR_KVM_WALL_CLOCK;
 
+#ifdef KVM_CAP_MCE
+if (env->mcg_cap) {
+msrs[n++].index = MSR_MCG_STATUS;
+msrs[n++].index = MSR_MCG_CTL;
+for (i = 0; i < (env->mcg_cap & 0xff) * 4; i++)
+msrs[n++].index = MSR_MC0_CTL + i;
+}
+#endif
+
 msr_data.info.nmsrs = n;
 ret = kvm_vcpu_ioctl(env, KVM_GET_MSRS, &msr_data);
 if (ret < 0)
@@ -1046,6 +1067,22 @@ static int kvm_get_msrs(CPUState *env)
 case MSR_KVM_WALL_CLOCK:
 env->wall_clock_msr = msrs[i].data;
 break;
+#ifdef KVM_CAP_MCE
+case MSR_MCG_STATUS:
+env->mcg_status = msrs[i].data;
+break;
+case MSR_MCG_CTL:
+env->mcg_ctl = msrs[i].data;
+break;
+#endif
+default:
+#ifdef KVM_CAP_MCE
+if (msrs[i].index >= MSR_MC0_CTL &&
+msrs[i].index < MSR_MC0_CTL + (env->mcg_cap & 0xff) * 4) {
+env->mce_banks[msrs[i].index - MSR_MC0_CTL] = msrs[i].data;
+break;
+}
+#endif
 }
 }
 
-- 
1.7.2.1

[Qemu-devel] [PATCH 02/10] Add svm cpuid features

[Marcelo Tosatti]

From: Joerg Roedel 

This patch adds the svm cpuid feature flags to the qemu
intialization path. It also adds the svm features available
on phenom to its cpu-definition and extends the host cpu
type to support all svm features KVM can provide.

Signed-off-by: Joerg Roedel 
Signed-off-by: Avi Kivity 
---
 target-i386/cpu.h   |   12 
 target-i386/cpuid.c |   77 +++---
 target-i386/kvm.c   |3 ++
 3 files changed, 75 insertions(+), 17 deletions(-)

diff --git a/target-i386/cpu.h b/target-i386/cpu.h
index 1144d4e..77eeab1 100644
--- a/target-i386/cpu.h
+++ b/target-i386/cpu.h
@@ -405,6 +405,17 @@
 #define CPUID_EXT3_IBS (1 << 10)
 #define CPUID_EXT3_SKINIT  (1 << 12)
 
+#define CPUID_SVM_NPT  (1 << 0)
+#define CPUID_SVM_LBRV (1 << 1)
+#define CPUID_SVM_SVMLOCK  (1 << 2)
+#define CPUID_SVM_NRIPSAVE (1 << 3)
+#define CPUID_SVM_TSCSCALE (1 << 4)
+#define CPUID_SVM_VMCBCLEAN(1 << 5)
+#define CPUID_SVM_FLUSHASID(1 << 6)
+#define CPUID_SVM_DECODEASSIST (1 << 7)
+#define CPUID_SVM_PAUSEFILTER  (1 << 10)
+#define CPUID_SVM_PFTHRESHOLD  (1 << 12)
+
 #define CPUID_VENDOR_INTEL_1 0x756e6547 /* "Genu" */
 #define CPUID_VENDOR_INTEL_2 0x49656e69 /* "ineI" */
 #define CPUID_VENDOR_INTEL_3 0x6c65746e /* "ntel" */
@@ -702,6 +713,7 @@ typedef struct CPUX86State {
 uint8_t has_error_code;
 uint32_t sipi_vector;
 uint32_t cpuid_kvm_features;
+uint32_t cpuid_svm_features;
 
 /* in order to simplify APIC support, we leave this pointer to the
user */
diff --git a/target-i386/cpuid.c b/target-i386/cpuid.c
index 3fcf78f..0e0bf60 100644
--- a/target-i386/cpuid.c
+++ b/target-i386/cpuid.c
@@ -79,6 +79,17 @@ static const char *kvm_feature_name[] = {
 NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL,
 };
 
+static const char *svm_feature_name[] = {
+"npt", "lbrv", "svm_lock", "nrip_save",
+"tsc_scale", "vmcb_clean",  "flushbyasid", "decodeassists",
+NULL, NULL, "pause_filter", NULL,
+"pfthreshold", NULL, NULL, NULL,
+NULL, NULL, NULL, NULL,
+NULL, NULL, NULL, NULL,
+NULL, NULL, NULL, NULL,
+NULL, NULL, NULL, NULL,
+};
+
 /* collects per-function cpuid data
  */
 typedef struct model_features_t {
@@ -192,13 +203,15 @@ static void add_flagname_to_bitmaps(const char *flagname, 
uint32_t *features,
 uint32_t *ext_features,
 uint32_t *ext2_features,
 uint32_t *ext3_features,
-uint32_t *kvm_features)
+uint32_t *kvm_features,
+uint32_t *svm_features)
 {
 if (!lookup_feature(features, flagname, NULL, feature_name) &&
 !lookup_feature(ext_features, flagname, NULL, ext_feature_name) &&
 !lookup_feature(ext2_features, flagname, NULL, ext2_feature_name) &&
 !lookup_feature(ext3_features, flagname, NULL, ext3_feature_name) &&
-!lookup_feature(kvm_features, flagname, NULL, kvm_feature_name))
+!lookup_feature(kvm_features, flagname, NULL, kvm_feature_name) &&
+!lookup_feature(svm_features, flagname, NULL, svm_feature_name))
 fprintf(stderr, "CPU feature %s not found\n", flagname);
 }
 
@@ -210,7 +223,8 @@ typedef struct x86_def_t {
 int family;
 int model;
 int stepping;
-uint32_t features, ext_features, ext2_features, ext3_features, 
kvm_features;
+uint32_t features, ext_features, ext2_features, ext3_features;
+uint32_t kvm_features, svm_features;
 uint32_t xlevel;
 char model_id[48];
 int vendor_override;
@@ -253,6 +267,7 @@ typedef struct x86_def_t {
   CPUID_EXT2_PDPE1GB */
 #define TCG_EXT3_FEATURES (CPUID_EXT3_LAHF_LM | CPUID_EXT3_SVM | \
   CPUID_EXT3_CR8LEG | CPUID_EXT3_ABM | CPUID_EXT3_SSE4A)
+#define TCG_SVM_FEATURES 0
 
 /* maintains list of cpu model definitions
  */
@@ -305,6 +320,7 @@ static x86_def_t builtin_x86_defs[] = {
 CPUID_EXT3_OSVW, CPUID_EXT3_IBS */
 .ext3_features = CPUID_EXT3_LAHF_LM | CPUID_EXT3_SVM |
 CPUID_EXT3_ABM | CPUID_EXT3_SSE4A,
+.svm_features = CPUID_SVM_NPT | CPUID_SVM_LBRV,
 .xlevel = 0x801A,
 .model_id = "AMD Phenom(tm) 9550 Quad-Core Processor"
 },
@@ -505,6 +521,15 @@ static int cpu_x86_fill_host(x86_def_t *x86_cpu_def)
 cpu_x86_fill_model_id(x86_cpu_def->model_id);
 x86_cpu_def->vendor_override = 0;
 
+
+/*
+ * Every SVM feature requires emulation support in KVM - so we can't just
+ * read the host features here. KVM might even support SVM features not
+ * available on the host hardware. Just set all bits and mask out the
+ * unsupported ones later.
+ */
+x86_cpu_def->svm_features = -1;
+
 return 0;
 }
 
@@ -560,8 +585,14 @@ static int cpu_x86_find_by_name(x86_def_t *x86_cpu_def, 
const char *cpu_model)
 
 char *s

[Qemu-devel] [PATCH 05/10] kvm: x86: add mce support

[Marcelo Tosatti]

Port qemu-kvm's MCE support

commit c68b2374c9048812f488e00ffb95db66c0bc07a7
Author: Huang Ying 
Date:   Mon Jul 20 10:00:53 2009 +0800

Add MCE simulation support to qemu/kvm

KVM ioctls are used to initialize MCE simulation and inject MCE. The
real MCE simulation is implemented in Linux kernel. The Kernel part
has been merged.

Signed-off-by: Marcelo Tosatti 
Signed-off-by: Avi Kivity 
---
 target-i386/helper.c  |6 +++
 target-i386/kvm.c |   84 +
 target-i386/kvm_x86.h |   21 
 3 files changed, 111 insertions(+), 0 deletions(-)
 create mode 100644 target-i386/kvm_x86.h

diff --git a/target-i386/helper.c b/target-i386/helper.c
index e134340..4b430dd 100644
--- a/target-i386/helper.c
+++ b/target-i386/helper.c
@@ -27,6 +27,7 @@
 #include "exec-all.h"
 #include "qemu-common.h"
 #include "kvm.h"
+#include "kvm_x86.h"
 
 //#define DEBUG_MMU
 
@@ -1030,6 +1031,11 @@ void cpu_inject_x86_mce(CPUState *cenv, int bank, 
uint64_t status,
 if (bank >= bank_num || !(status & MCI_STATUS_VAL))
 return;
 
+if (kvm_enabled()) {
+kvm_inject_x86_mce(cenv, bank, status, mcg_status, addr, misc);
+return;
+}
+
 /*
  * if MSR_MCG_CTL is not all 1s, the uncorrected error
  * reporting is disabled
diff --git a/target-i386/kvm.c b/target-i386/kvm.c
index 74e7b4f..343fb02 100644
--- a/target-i386/kvm.c
+++ b/target-i386/kvm.c
@@ -27,6 +27,7 @@
 #include "hw/pc.h"
 #include "hw/apic.h"
 #include "ioport.h"
+#include "kvm_x86.h"
 
 #ifdef CONFIG_KVM_PARA
 #include 
@@ -167,6 +168,67 @@ static int get_para_features(CPUState *env)
 }
 #endif
 
+#ifdef KVM_CAP_MCE
+static int kvm_get_mce_cap_supported(KVMState *s, uint64_t *mce_cap,
+ int *max_banks)
+{
+int r;
+
+r = kvm_ioctl(s, KVM_CHECK_EXTENSION, KVM_CAP_MCE);
+if (r > 0) {
+*max_banks = r;
+return kvm_ioctl(s, KVM_X86_GET_MCE_CAP_SUPPORTED, mce_cap);
+}
+return -ENOSYS;
+}
+
+static int kvm_setup_mce(CPUState *env, uint64_t *mcg_cap)
+{
+return kvm_vcpu_ioctl(env, KVM_X86_SETUP_MCE, mcg_cap);
+}
+
+static int kvm_set_mce(CPUState *env, struct kvm_x86_mce *m)
+{
+return kvm_vcpu_ioctl(env, KVM_X86_SET_MCE, m);
+}
+
+struct kvm_x86_mce_data
+{
+CPUState *env;
+struct kvm_x86_mce *mce;
+};
+
+static void kvm_do_inject_x86_mce(void *_data)
+{
+struct kvm_x86_mce_data *data = _data;
+int r;
+
+r = kvm_set_mce(data->env, data->mce);
+if (r < 0)
+perror("kvm_set_mce FAILED");
+}
+#endif
+
+void kvm_inject_x86_mce(CPUState *cenv, int bank, uint64_t status,
+uint64_t mcg_status, uint64_t addr, uint64_t misc)
+{
+#ifdef KVM_CAP_MCE
+struct kvm_x86_mce mce = {
+.bank = bank,
+.status = status,
+.mcg_status = mcg_status,
+.addr = addr,
+.misc = misc,
+};
+struct kvm_x86_mce_data data = {
+.env = cenv,
+.mce = &mce,
+};
+
+run_on_cpu(cenv, kvm_do_inject_x86_mce, &data);
+#endif
+}
+
 int kvm_arch_init_vcpu(CPUState *env)
 {
 struct {
@@ -277,6 +339,28 @@ int kvm_arch_init_vcpu(CPUState *env)
 
 cpuid_data.cpuid.nent = cpuid_i;
 
+#ifdef KVM_CAP_MCE
+if (((env->cpuid_version >> 8)&0xF) >= 6
+&& (env->cpuid_features&(CPUID_MCE|CPUID_MCA)) == (CPUID_MCE|CPUID_MCA)
+&& kvm_check_extension(env->kvm_state, KVM_CAP_MCE) > 0) {
+uint64_t mcg_cap;
+int banks;
+
+if (kvm_get_mce_cap_supported(env->kvm_state, &mcg_cap, &banks))
+perror("kvm_get_mce_cap_supported FAILED");
+else {
+if (banks > MCE_BANKS_DEF)
+banks = MCE_BANKS_DEF;
+mcg_cap &= MCE_CAP_DEF;
+mcg_cap |= banks;
+if (kvm_setup_mce(env, &mcg_cap))
+perror("kvm_setup_mce FAILED");
+else
+env->mcg_cap = mcg_cap;
+}
+}
+#endif
+
 return kvm_vcpu_ioctl(env, KVM_SET_CPUID2, &cpuid_data);
 }
 
diff --git a/target-i386/kvm_x86.h b/target-i386/kvm_x86.h
new file mode 100644
index 000..c1ebd24
--- /dev/null
+++ b/target-i386/kvm_x86.h
@@ -0,0 +1,21 @@
+/*
+ * QEMU KVM support
+ *
+ * Copyright (C) 2009 Red Hat Inc.
+ * Copyright IBM, Corp. 2008
+ *
+ * Authors:
+ *  Anthony Liguori   
+ *
+ * This work is licensed under the terms of the GNU GPL, version 2 or later.
+ * See the COPYING file in the top-level directory.
+ *
+ */
+
+#ifndef __KVM_X86_H__
+#define __KVM_X86_H__
+
+void kvm_inject_x86_mce(CPUState *cenv, int bank, uint64_t status,
+uint64_t mcg_status, uint64_t addr, uint64_t misc);
+
+#endif
-- 
1.7.2.1

[Qemu-devel] [PATCH 08/10] MCE: Relay UCR MCE to guest

[Marcelo Tosatti]

Port qemu-kvm's

commit 4b62fff1101a7ad77553147717a8bd3bf79df7ef
Author: Huang Ying 
Date:   Mon Sep 21 10:43:25 2009 +0800

MCE: Relay UCR MCE to guest

UCR (uncorrected recovery) MCE is supported in recent Intel CPUs,
where some hardware error such as some memory error can be reported
without PCC (processor context corrupted). To recover from such MCE,
the corresponding memory will be unmapped, and all processes accessing
the memory will be killed via SIGBUS.

For KVM, if QEMU/KVM is killed, all guest processes will be killed
too. So we relay SIGBUS from host OS to guest system via a UCR MCE
injection. Then guest OS can isolate corresponding memory and kill
necessary guest processes only. SIGBUS sent to main thread (not VCPU
threads) will be broadcast to all VCPU threads as UCR MCE.

Signed-off-by: Marcelo Tosatti 
Signed-off-by: Avi Kivity 
---
 cpus.c|   82 --
 kvm-stub.c|5 ++
 kvm.h |3 +
 target-i386/cpu.h |   20 +-
 target-i386/helper.c  |2 +-
 target-i386/kvm.c |  178 -
 target-i386/kvm_x86.h |3 +-
 7 files changed, 279 insertions(+), 14 deletions(-)

diff --git a/cpus.c b/cpus.c
index 3875657..ad58c55 100644
--- a/cpus.c
+++ b/cpus.c
@@ -34,6 +34,10 @@
 
 #include "cpus.h"
 #include "compatfd.h"
+#ifdef CONFIG_LINUX
+#include 
+#include 
+#endif
 
 #ifdef SIGRTMIN
 #define SIG_IPI (SIGRTMIN+4)
@@ -41,6 +45,10 @@
 #define SIG_IPI SIGUSR1
 #endif
 
+#ifndef PR_MCE_KILL
+#define PR_MCE_KILL 33
+#endif
+
 static CPUState *next_cpu;
 
 /***/
@@ -498,28 +506,77 @@ static void qemu_tcg_wait_io_event(void)
 }
 }
 
+static void sigbus_reraise(void)
+{
+sigset_t set;
+struct sigaction action;
+
+memset(&action, 0, sizeof(action));
+action.sa_handler = SIG_DFL;
+if (!sigaction(SIGBUS, &action, NULL)) {
+raise(SIGBUS);
+sigemptyset(&set);
+sigaddset(&set, SIGBUS);
+sigprocmask(SIG_UNBLOCK, &set, NULL);
+}
+perror("Failed to re-raise SIGBUS!\n");
+abort();
+}
+
+static void sigbus_handler(int n, struct qemu_signalfd_siginfo *siginfo,
+   void *ctx)
+{
+#if defined(TARGET_I386)
+if (kvm_on_sigbus(siginfo->ssi_code, (void *)(intptr_t)siginfo->ssi_addr))
+#endif
+sigbus_reraise();
+}
+
 static void qemu_kvm_eat_signal(CPUState *env, int timeout)
 {
 struct timespec ts;
 int r, e;
 siginfo_t siginfo;
 sigset_t waitset;
+sigset_t chkset;
 
 ts.tv_sec = timeout / 1000;
 ts.tv_nsec = (timeout % 1000) * 100;
 
 sigemptyset(&waitset);
 sigaddset(&waitset, SIG_IPI);
+sigaddset(&waitset, SIGBUS);
 
-qemu_mutex_unlock(&qemu_global_mutex);
-r = sigtimedwait(&waitset, &siginfo, &ts);
-e = errno;
-qemu_mutex_lock(&qemu_global_mutex);
+do {
+qemu_mutex_unlock(&qemu_global_mutex);
 
-if (r == -1 && !(e == EAGAIN || e == EINTR)) {
-fprintf(stderr, "sigtimedwait: %s\n", strerror(e));
-exit(1);
-}
+r = sigtimedwait(&waitset, &siginfo, &ts);
+e = errno;
+
+qemu_mutex_lock(&qemu_global_mutex);
+
+if (r == -1 && !(e == EAGAIN || e == EINTR)) {
+fprintf(stderr, "sigtimedwait: %s\n", strerror(e));
+exit(1);
+}
+
+switch (r) {
+case SIGBUS:
+#ifdef TARGET_I386
+if (kvm_on_sigbus_vcpu(env, siginfo.si_code, siginfo.si_addr))
+#endif
+sigbus_reraise();
+break;
+default:
+break;
+}
+
+r = sigpending(&chkset);
+if (r == -1) {
+fprintf(stderr, "sigpending: %s\n", strerror(e));
+exit(1);
+}
+} while (sigismember(&chkset, SIG_IPI) || sigismember(&chkset, SIGBUS));
 }
 
 static void qemu_kvm_wait_io_event(CPUState *env)
@@ -640,6 +697,7 @@ static void kvm_init_ipi(CPUState *env)
 
 pthread_sigmask(SIG_BLOCK, NULL, &set);
 sigdelset(&set, SIG_IPI);
+sigdelset(&set, SIGBUS);
 r = kvm_set_signal_mask(env, &set);
 if (r) {
 fprintf(stderr, "kvm_set_signal_mask: %s\n", strerror(r));
@@ -650,6 +708,7 @@ static void kvm_init_ipi(CPUState *env)
 static sigset_t block_io_signals(void)
 {
 sigset_t set;
+struct sigaction action;
 
 /* SIGUSR2 used by posix-aio-compat.c */
 sigemptyset(&set);
@@ -660,8 +719,15 @@ static sigset_t block_io_signals(void)
 sigaddset(&set, SIGIO);
 sigaddset(&set, SIGALRM);
 sigaddset(&set, SIG_IPI);
+sigaddset(&set, SIGBUS);
 pthread_sigmask(SIG_BLOCK, &set, NULL);
 
+memset(&action, 0, sizeof(action));
+action.sa_flags = SA_SIGINFO;
+action.sa_sigaction = (void (*)(int, siginfo_t*, void*))sigbus_handler;
+sigaction(SIGBUS, &action, NULL);
+prctl(PR_MCE_KILL, 1, 1, 0, 0);
+
 return set;
 }
 
diff --git a/kvm-stub

[Qemu-devel] Can't compile ISA device...

[Brian Wheeler]

I'm trying to write a busmouse driver and I can't get it to compile.  It
seems like there's a header issue of some sort that I can't work out.

Of course, if someone has a working busmouse driver for qemu, that would
be great:  OpenStep won't work with the ps/2 emulation and even after
pounding on it for a few days I can't seem to narrow down why it OS
stops paying attention to it.  The consensus in 2006 was "fix the ps/2
emulation" but apparently nobody has been able to figure out how its
broken and this seems like a reasonable solution. 

My code is based on the pc98 busmouse driver by TAKEDA, toshiya and the
busmouse patches that floated around the list over the last few years.

Anyway, it seems like a typedef is wrong.  Did I miss something obvious?

Thanks
Brian

I'm getting:
==
In file included from /home/bdwheele/Projects/qemu/hw/pc.h:7,
 from /home/bdwheele/Projects/qemu/hw/busmouse.c:30:
/home/bdwheele/Projects/qemu/hw/isa.h:33: error: expected ‘=’, ‘,’, ‘;’, ‘asm’ 
or ‘__attribute__’ before ‘isa_mem_base’
/home/bdwheele/Projects/qemu/hw/isa.h:35: error: expected ‘)’ before ‘base’
In file included from /home/bdwheele/Projects/qemu/hw/pc.h:8,
 from /home/bdwheele/Projects/qemu/hw/busmouse.c:30:
/home/bdwheele/Projects/qemu/hw/fdc.h:11: error: expected declaration 
specifiers or ‘...’ before ‘target_phys_addr_t’
/home/bdwheele/Projects/qemu/hw/fdc.h:12: error: expected declaration 
specifiers or ‘...’ before ‘target_phys_addr_t’
In file included from /home/bdwheele/Projects/qemu/hw/busmouse.c:30:
/home/bdwheele/Projects/qemu/hw/pc.h:15: error: expected ‘)’ before ‘base’
/home/bdwheele/Projects/qemu/hw/pc.h:26: error: expected ‘)’ before ‘base’
/home/bdwheele/Projects/qemu/hw/pc.h:78: error: expected declaration specifiers 
or ‘...’ before ‘target_phys_addr_t’
/home/bdwheele/Projects/qemu/hw/pc.h:78: error: expected declaration specifiers 
or ‘...’ before ‘ram_addr_t’
/home/bdwheele/Projects/qemu/hw/pc.h:79: error: expected declaration specifiers 
or ‘...’ before ‘target_phys_addr_t’
/home/bdwheele/Projects/qemu/hw/pc.h:91: error: expected ‘)’ before ‘ram_size’
/home/bdwheele/Projects/qemu/hw/pc.h:106: error: expected ‘)’ before ‘ram_size’
/home/bdwheele/Projects/qemu/hw/pc.h:141: error: expected declaration 
specifiers or ‘...’ before ‘ram_addr_t’
/home/bdwheele/Projects/qemu/hw/pc.h:159: error: expected ‘)’ before ‘vram_base’
=

I've added it to Makefile.objs:
=
diff --git a/Makefile.objs b/Makefile.objs
index 816194a..908c21f 100644
--- a/Makefile.objs
+++ b/Makefile.objs
@@ -81,7 +81,7 @@ common-obj-y += bt.o bt-host.o bt-vhci.o bt-l2cap.o bt-sdp.o 
bt-hci.o bt-hid.o u
 common-obj-y += bt-hci-csr.o
 common-obj-y += buffered_file.o migration.o migration-tcp.o qemu-sockets.o
 common-obj-y += qemu-char.o savevm.o #aio.o
-common-obj-y += msmouse.o ps2.o
+common-obj-y += msmouse.o ps2.o busmouse.o
 common-obj-y += qdev.o qdev-properties.o
 common-obj-y += block-migration.o
 common-obj-y += pflib.o
==

and here's the source:
=
#include "hw.h"
#include "pc.h"
#include "isa.h"
#include "qdev.h"
#include "console.h"

struct mouse_t {
int button;
int dx, dy;
uint8_t index;
qemu_irq irq;
int irq_pending;
};

typedef struct mouse_isabus_t {
ISADevice busdev;
struct mouse_t state;
} mouse_isabus_t;

typedef struct mouse_t mouse_t;

/* mouse */

static void mouse_event_handler(void *opaque,
int dx, int dy, int dz, int buttons_state)
{
mouse_t *s = opaque;
s->button = buttons_state;
s->dx += dx;
s->dy += dy;
s->irq_pending = 1;
}


static void busmouse_update_irq(mouse_t *s)
{
if (s->irq_pending) {
qemu_set_irq(s->irq, 1);
} else {
qemu_set_irq(s->irq, 0);
}
}


/* pio */

static void busmouse_pio_write(void *opaque, uint32_t addr, uint32_t val)
{
mouse_t *s = opaque;
switch(addr) {
case 0:  //data
break;
case 1: // signature
break;
case 2: // control
s->index = val;
break;
case 3: // config
break;
}


}

static uint32_t busmouse_pio_read(void *opaque, uint32_t addr)
{
mouse_t *s = opaque;
uint32_t val = 0;
static int interrupt_val = 0x01;
s->irq_pending = 0;
switch(addr) {
case 0: // data
s->irq_pending = 0;
val |= (s->button & 1)? 0x80 : 0x00;
val |= (s->button & 2)? 0x40 : 0x00;
val |= (s->button & 4)? 0x20 : 0x00;
val |= ((s->index & 0x40? s->dy : s->dx) >> (s->index & 0x20? 4 : 0)) & 
0x0f;
busmouse_update_irq(s);
break;
case 1: // signature
val = 0xa5; 
busmouse_update_irq(s);
break;
case 2: // control
val = interrupt_val;
interrupt_val = (interrupt_val << 1) && 0xff;
if (interrupt_v

Re: [Qemu-devel] Can't compile ISA device...

[Anthony Liguori]

On 10/20/2010 01:01 PM, Brian Wheeler wrote:

I'm trying to write a busmouse driver and I can't get it to compile.  It
seems like there's a header issue of some sort that I can't work out.

Of course, if someone has a working busmouse driver for qemu, that would
be great:  OpenStep won't work with the ps/2 emulation and even after
pounding on it for a few days I can't seem to narrow down why it OS
stops paying attention to it.  The consensus in 2006 was "fix the ps/2
emulation" but apparently nobody has been able to figure out how its
broken and this seems like a reasonable solution.

My code is based on the pc98 busmouse driver by TAKEDA, toshiya and the
busmouse patches that floated around the list over the last few years.

Anyway, it seems like a typedef is wrong.  Did I miss something obvious?

Thanks
Brian

I'm getting:
==
In file included from /home/bdwheele/Projects/qemu/hw/pc.h:7,
  from /home/bdwheele/Projects/qemu/hw/busmouse.c:30:
/home/bdwheele/Projects/qemu/hw/isa.h:33: error: expected ‘=’, ‘,’, ‘;’, ‘asm’ 
or ‘__attribute__’ before ‘isa_mem_base’
/home/bdwheele/Projects/qemu/hw/isa.h:35: error: expected ‘)’ before ‘base’
In file included from /home/bdwheele/Projects/qemu/hw/pc.h:8,
  from /home/bdwheele/Projects/qemu/hw/busmouse.c:30:
/home/bdwheele/Projects/qemu/hw/fdc.h:11: error: expected declaration 
specifiers or ‘...’ before ‘target_phys_addr_t’
/home/bdwheele/Projects/qemu/hw/fdc.h:12: error: expected declaration 
specifiers or ‘...’ before ‘target_phys_addr_t’
In file included from /home/bdwheele/Projects/qemu/hw/busmouse.c:30:
/home/bdwheele/Projects/qemu/hw/pc.h:15: error: expected ‘)’ before ‘base’
/home/bdwheele/Projects/qemu/hw/pc.h:26: error: expected ‘)’ before ‘base’
/home/bdwheele/Projects/qemu/hw/pc.h:78: error: expected declaration specifiers 
or ‘...’ before ‘target_phys_addr_t’
/home/bdwheele/Projects/qemu/hw/pc.h:78: error: expected declaration specifiers 
or ‘...’ before ‘ram_addr_t’
/home/bdwheele/Projects/qemu/hw/pc.h:79: error: expected declaration specifiers 
or ‘...’ before ‘target_phys_addr_t’
/home/bdwheele/Projects/qemu/hw/pc.h:91: error: expected ‘)’ before ‘ram_size’
/home/bdwheele/Projects/qemu/hw/pc.h:106: error: expected ‘)’ before ‘ram_size’
/home/bdwheele/Projects/qemu/hw/pc.h:141: error: expected declaration 
specifiers or ‘...’ before ‘ram_addr_t’
/home/bdwheele/Projects/qemu/hw/pc.h:159: error: expected ‘)’ before ‘vram_base’
=

I've added it to Makefile.objs:
=
diff --git a/Makefile.objs b/Makefile.objs
index 816194a..908c21f 100644
--- a/Makefile.objs
+++ b/Makefile.objs
@@ -81,7 +81,7 @@ common-obj-y += bt.o bt-host.o bt-vhci.o bt-l2cap.o bt-sdp.o 
bt-hci.o bt-hid.o u
  common-obj-y += bt-hci-csr.o
  common-obj-y += buffered_file.o migration.o migration-tcp.o qemu-sockets.o
  common-obj-y += qemu-char.o savevm.o #aio.o
-common-obj-y += msmouse.o ps2.o
+common-obj-y += msmouse.o ps2.o busmouse.o
  common-obj-y += qdev.o qdev-properties.o
  common-obj-y += block-migration.o
  common-obj-y += pflib.o
==

and here's the source:
=
   


#include "qemu-common.h"

Will probably do the trick.

Regards,

Anthony Liguori


#include "hw.h"
#include "pc.h"
#include "isa.h"
#include "qdev.h"
#include "console.h"

struct mouse_t {
 int button;
 int dx, dy;
 uint8_t index;
 qemu_irq irq;
 int irq_pending;
};

typedef struct mouse_isabus_t {
 ISADevice busdev;
 struct mouse_t state;
} mouse_isabus_t;

typedef struct mouse_t mouse_t;

/* mouse */

static void mouse_event_handler(void *opaque,
 int dx, int dy, int dz, int buttons_state)
{
 mouse_t *s = opaque;
 s->button = buttons_state;
 s->dx += dx;
 s->dy += dy;
 s->irq_pending = 1;
}


static void busmouse_update_irq(mouse_t *s)
{
 if (s->irq_pending) {
qemu_set_irq(s->irq, 1);
 } else {
qemu_set_irq(s->irq, 0);
 }
}


/* pio */

static void busmouse_pio_write(void *opaque, uint32_t addr, uint32_t val)
{
 mouse_t *s = opaque;
 switch(addr) {
 case 0:  //data
break;
 case 1: // signature
break;
 case 2: // control
s->index = val;
break;
 case 3: // config
break;
 }


}

static uint32_t busmouse_pio_read(void *opaque, uint32_t addr)
{
 mouse_t *s = opaque;
 uint32_t val = 0;
 static int interrupt_val = 0x01;
 s->irq_pending = 0;
 switch(addr) {
 case 0: // data
s->irq_pending = 0;
val |= (s->button&  1)? 0x80 : 0x00;
val |= (s->button&  2)? 0x40 : 0x00;
val |= (s->button&  4)? 0x20 : 0x00;
val |= ((s->index&  0x40? s->dy : s->dx)>>  (s->index&  0x20? 4 : 0))&  
0x0f;
busmouse_update_irq(s);
break;
 case 1: // signature
val = 0xa5;

Re: [Qemu-devel] [PATCH] Fix test suite build with tracing enabled

[Luiz Capitulino]

On Tue, 19 Oct 2010 16:03:15 +0200
Jan Kiszka  wrote:

> qemu_malloc instrumentations require linking against the trace objects.
> 
> Signed-off-by: Jan Kiszka 

Applied to the Monitor queue, thanks.

> ---
>  Makefile |   12 ++--
>  1 files changed, 6 insertions(+), 6 deletions(-)
> 
> diff --git a/Makefile b/Makefile
> index 252c817..106a401 100644
> --- a/Makefile
> +++ b/Makefile
> @@ -140,12 +140,12 @@ qemu-img-cmds.h: $(SRC_PATH)/qemu-img-cmds.hx
>  
>  check-qint.o check-qstring.o check-qdict.o check-qlist.o check-qfloat.o 
> check-qjson.o: $(GENERATED_HEADERS)
>  
> -check-qint: check-qint.o qint.o qemu-malloc.o
> -check-qstring: check-qstring.o qstring.o qemu-malloc.o
> -check-qdict: check-qdict.o qdict.o qfloat.o qint.o qstring.o qbool.o 
> qemu-malloc.o qlist.o
> -check-qlist: check-qlist.o qlist.o qint.o qemu-malloc.o
> -check-qfloat: check-qfloat.o qfloat.o qemu-malloc.o
> -check-qjson: check-qjson.o qfloat.o qint.o qdict.o qstring.o qlist.o qbool.o 
> qjson.o json-streamer.o json-lexer.o json-parser.o qemu-malloc.o
> +check-qint: check-qint.o qint.o qemu-malloc.o $(trace-obj-y)
> +check-qstring: check-qstring.o qstring.o qemu-malloc.o $(trace-obj-y)
> +check-qdict: check-qdict.o qdict.o qfloat.o qint.o qstring.o qbool.o 
> qemu-malloc.o qlist.o $(trace-obj-y)
> +check-qlist: check-qlist.o qlist.o qint.o qemu-malloc.o $(trace-obj-y)
> +check-qfloat: check-qfloat.o qfloat.o qemu-malloc.o $(trace-obj-y)
> +check-qjson: check-qjson.o qfloat.o qint.o qdict.o qstring.o qlist.o qbool.o 
> qjson.o json-streamer.o json-lexer.o json-parser.o qemu-malloc.o 
> $(trace-obj-y)
>  
>  clean:
>  # avoid old build problems by removing potentially incorrect old files

Re: [Qemu-devel] [PATCH] monitor: Ignore "." and ".." when completing file name.

[Luiz Capitulino]

On Wed, 20 Oct 2010 18:00:01 +0900
Kusanagi Kouichi  wrote:

> 
> Signed-off-by: Kusanagi Kouichi 

Applied to the Monitor queue, thanks.

> ---
>  monitor.c |5 +
>  1 files changed, 5 insertions(+), 0 deletions(-)
> 
> diff --git a/monitor.c b/monitor.c
> index 260cc02..61607c5 100644
> --- a/monitor.c
> +++ b/monitor.c
> @@ -3976,6 +3976,11 @@ static void file_completion(const char *input)
>  d = readdir(ffs);
>  if (!d)
>  break;
> +
> +if (strcmp(d->d_name, ".") == 0 || strcmp(d->d_name, "..") == 0) {
> +continue;
> +}
> +
>  if (strstart(d->d_name, file_prefix, NULL)) {
>  memcpy(file, input, input_path_len);
>  if (input_path_len < sizeof(file))

[Qemu-devel] Re: [PATCH 00/10] [PULL] qemu-kvm.git uq/master queue

[Anthony Liguori]

On 10/20/2010 12:43 PM, Marcelo Tosatti wrote:

The following changes since commit 38cc9b607f85017b095793cab6c129bc9844f441:

   issue snd_pcm_start() when capturing audio (2010-10-18 00:39:06 +0400)

are available in the git repository at:
   git://git.kernel.org/pub/scm/virt/kvm/qemu-kvm.git uq/master

Huang Ying (1):
   Add RAM ->  physical addr mapping in MCE simulation

Joerg Roedel (2):
   Set cpuid definition to 0 before initializing it
   Add svm cpuid features

Marcelo Tosatti (7):
   signalfd compatibility
   iothread: use signalfd
   kvm: x86: add mce support
   Export qemu_ram_addr_from_host
   MCE: Relay UCR MCE to guest
   Add savevm/loadvm support for MCE
   Fix memory leak in register save load due to xsave support
   


Does this fix the second build issue too is this is just with v2 of hte 
Relay UCR MCE to guest?


Regards,

ANthony Liguori


  Makefile.objs |1 +
  compatfd.c|  117 ++
  compatfd.h|   43 +++
  configure |   18 +++
  cpu-common.h  |3 +-
  cpus.c|  156 ++--
  exec-all.h|2 +-
  exec.c|   26 +++--
  kvm-all.c |   18 +++
  kvm-stub.c|5 +
  kvm.h |9 ++
  target-i386/cpu.h |   32 +-
  target-i386/cpuid.c   |   79 ++---
  target-i386/helper.c  |6 +
  target-i386/kvm.c |  311 -
  target-i386/kvm_x86.h |   22 
  16 files changed, 801 insertions(+), 47 deletions(-)
  create mode 100644 compatfd.c
  create mode 100644 compatfd.h
  create mode 100644 target-i386/kvm_x86.h
--
To unsubscribe from this list: send the line "unsubscribe kvm" in
the body of a message to majord...@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
   

Re: [Qemu-devel] [PULL] virtio-9p patches - Request for pull

[Anthony Liguori]

On 10/18/2010 04:25 PM, Venkateswararao Jujjuri (JV) wrote:

The following changes since commit 38cc9b607f85017b095793cab6c129bc9844f441:
   Jindrich Makovicka (1):
 issue snd_pcm_start() when capturing audio

are available in the git repository at:

   git://repo.or.cz/qemu/aliguori/jvrao.git for-anthony
   


Pulled.  Thanks.

Regards,

Anthony Liguori


Aneesh Kumar K.V (2):
   virtio-9p: Use layered xattr approach
   virtio-9p: Support mapped posix acl

Harsh Prateek Bora (1):
   [virtio-9p] Qemu 9p commandline options validity checks

M. Mohan Kumar (3):
   [virto-9p] Implement TLOCK
   qemu-virtio9p: Implement TGETLOCK
   qemu-virtio-9p: Implement TREADLINK operation for 9p2000.L

Sanchit Garg (1):
   [virtio-9p] Use preadv/pwritev instead of readv/writev

Sripathi Kodi (1):
   [virtio-9p] open should not return EBADF

Venkateswararao Jujjuri (JV) (3):
   [virtio-9p] Introduce server side TFSYNC/RFSYNC for dotl
   [virtio-9p] Ignore O_DIRECT hint from client.
   [virtio-9p] Add support to v9fs_string_alloc_printf() for handling %lu.

  Makefile.objs |3 +-
  fsdev/qemu-fsdev.c|   48 +---
  hw/file-op-9p.h   |   16 ++-
  hw/virtio-9p-debug.c  |   46 +++
  hw/virtio-9p-local.c  |  135 +---
  hw/virtio-9p-posix-acl.c  |  140 
  hw/virtio-9p-xattr-user.c |  109 
  hw/virtio-9p-xattr.c  |  156 ++
  hw/virtio-9p-xattr.h  |  103 +++
  hw/virtio-9p.c|  314 +
  hw/virtio-9p.h|   61 +
  11 files changed, 925 insertions(+), 206 deletions(-)
  create mode 100644 hw/virtio-9p-posix-acl.c
  create mode 100644 hw/virtio-9p-xattr-user.c
  create mode 100644 hw/virtio-9p-xattr.c



   

Re: [Qemu-devel] [PATCH 0/2] mouse fixups

[Anthony Liguori]

On 10/08/2010 05:30 AM, Gerd Hoffmann wrote:

   Hi,

In the 0.13 devel cycle the mouse handler activation code has been
updated, but (at least) two drivers have not been updated accordingly:
vmmouse and usb-wacom.  This patch series updates them so they are
functional again.

IMHO the patches should also be cherry-picked into stable.

The patches are also available in the git repository at:

   git://anongit.freedesktop.org/spice/qemu mouse.1
   


Applied.  Thanks.

Regards,

Anthony Liguori


Gerd Hoffmann (2):
   vmmouse: adapt to mouse handler changes.
   wacom tablet: activate event handlers.

  hw/usb-wacom.c |   13 ++---
  hw/vmmouse.c   |   31 +--
  2 files changed, 31 insertions(+), 13 deletions(-)


   

[Qemu-devel] Re: [PATCH 00/10] [PULL] qemu-kvm.git uq/master queue

[Marcelo Tosatti]

On Wed, Oct 20, 2010 at 02:01:18PM -0500, Anthony Liguori wrote:
> On 10/20/2010 12:43 PM, Marcelo Tosatti wrote:
> >The following changes since commit 38cc9b607f85017b095793cab6c129bc9844f441:
> >
> >   issue snd_pcm_start() when capturing audio (2010-10-18 00:39:06 +0400)
> >
> >are available in the git repository at:
> >   git://git.kernel.org/pub/scm/virt/kvm/qemu-kvm.git uq/master
> >
> >Huang Ying (1):
> >   Add RAM ->  physical addr mapping in MCE simulation
> >
> >Joerg Roedel (2):
> >   Set cpuid definition to 0 before initializing it
> >   Add svm cpuid features
> >
> >Marcelo Tosatti (7):
> >   signalfd compatibility
> >   iothread: use signalfd
> >   kvm: x86: add mce support
> >   Export qemu_ram_addr_from_host
> >   MCE: Relay UCR MCE to guest
> >   Add savevm/loadvm support for MCE
> >   Fix memory leak in register save load due to xsave support
> 
> Does this fix the second build issue too is this is just with v2 of
> hte Relay UCR MCE to guest?

Yes, second and third... 

[Qemu-devel] [PATCH] Remove 16-character limit on process title

[John Morrissey]

qemu uses prctl() to set its process title. I bumped up against prctl()'s
16-character limit recently, when adding process title support to
libvirt[1][2].

The attached patch overwrites argv instead. Linux seems to maintain the
length of the original args, even when the new args are shorter and
NULL-terminated, so the trailing whitespace in ps(1) output is probably
unavoidable. I've seen the same result with other daemons that overwrite
argv.

john

[1] https://www.redhat.com/archives/libvir-list/2010-October/msg00565.html
[2] 
http://libvirt.org/git/?p=libvirt.git;a=commit;h=c08c7b0143b8cdc542e5f4137623d412340c5cf2
-- 
John Morrissey  _o/\   __o
j...@horde.net_-< \_  /  \     <  \,
www.horde.net/__(_)/_(_)/\___(_) /_(_)__
diff --git a/os-posix.c b/os-posix.c
index 6321e99..4d85384 100644
--- a/os-posix.c
+++ b/os-posix.c
@@ -39,10 +39,6 @@
 #include "net/slirp.h"
 #include "qemu-options.h"
 
-#ifdef CONFIG_LINUX
-#include 
-#endif
-
 static struct passwd *user_pwd;
 static const char *chroot_dir;
 static int daemonize;
@@ -145,20 +141,24 @@ char *os_find_datadir(const char *argv0)
 #undef SHARE_SUFFIX
 #undef BUILD_SUFFIX
 
-void os_set_proc_name(const char *s)
+void os_set_proc_name(int argc, char **argv, const char *name)
 {
-#if defined(PR_SET_NAME)
-char name[16];
-if (!s)
+#ifdef CONFIG_LINUX
+char *last_argv_byte, *p;
+int len, i;
+
+if (!name)
 return;
-name[sizeof(name) - 1] = 0;
-strncpy(name, s, sizeof(name));
-/* Could rewrite argv[0] too, but that's a bit more complicated.
-   This simple way is enough for `top'. */
-if (prctl(PR_SET_NAME, name)) {
-perror("unable to change process name");
-exit(1);
-}
+
+last_argv_byte = argv[argc - 1] + strlen(argv[argc - 1]);
+
+len = snprintf(argv[0], last_argv_byte - argv[0], "%s", name);
+
+p = &argv[0][len];
+while (p <= last_argv_byte)
+*p++ = '\0';
+for (i = 1; i < argc; ++i)
+argv[i] = (char *) "";
 #else
 fprintf(stderr, "Change of process name not supported by your OS\n");
 exit(1);
diff --git a/qemu-os-posix.h b/qemu-os-posix.h
index ed5c058..b2e3b6a 100644
--- a/qemu-os-posix.h
+++ b/qemu-os-posix.h
@@ -31,7 +31,7 @@ static inline void os_host_main_loop_wait(int *timeout)
 }
 
 void os_set_line_buffering(void);
-void os_set_proc_name(const char *s);
+void os_set_proc_name(int argc, char **argv, const char *name);
 void os_setup_signal_handling(void);
 void os_daemonize(void);
 void os_setup_post(void);
diff --git a/qemu-os-win32.h b/qemu-os-win32.h
index c63778d..9653992 100644
--- a/qemu-os-win32.h
+++ b/qemu-os-win32.h
@@ -46,7 +46,8 @@ static inline void os_setup_signal_handling(void) {}
 static inline void os_daemonize(void) {}
 static inline void os_setup_post(void) {}
 void os_set_line_buffering(void);
-static inline void os_set_proc_name(const char *dummy) {}
+static inline void os_set_proc_name(int argc, char **argv,
+const char *dummy) {}
 
 #if !defined(EPROTONOSUPPORT)
 # define EPROTONOSUPPORT EINVAL
diff --git a/vl.c b/vl.c
index df414ef..b82b0e8 100644
--- a/vl.c
+++ b/vl.c
@@ -1799,7 +1799,11 @@ static const QEMUOption *lookup_opt(int argc, char **argv,
 optarg = NULL;
 }
 
-*poptarg = optarg;
+if (optarg != NULL) {
+*poptarg = qemu_strdup(optarg);
+} else {
+*poptarg = NULL;
+}
 *poptind = optind;
 
 return popt;
@@ -1827,6 +1831,7 @@ int main(int argc, char **argv, char **envp)
 int tb_size;
 const char *pid_file = NULL;
 const char *incoming = NULL;
+const char *process_name = NULL;
 int show_vnc_port = 0;
 int defconfig = 1;
 
@@ -2528,7 +2533,7 @@ int main(int argc, char **argv, char **envp)
 			exit(1);
 			}
 			p += 8;
-			os_set_proc_name(p);
+			process_name = p;
 		 }	
 		 }	
 break;
@@ -2754,6 +2759,8 @@ int main(int argc, char **argv, char **envp)
 exit(1);
 }
 
+os_set_proc_name(argc, argv, process_name);
+
 if (kvm_allowed) {
 int ret = kvm_init(smp_cpus);
 if (ret < 0) {

[Qemu-devel] Re: [PATCH 00/10] [PULL] qemu-kvm.git uq/master queue

[Anthony Liguori]

On 10/20/2010 02:05 PM, Marcelo Tosatti wrote:

On Wed, Oct 20, 2010 at 02:01:18PM -0500, Anthony Liguori wrote:
   

On 10/20/2010 12:43 PM, Marcelo Tosatti wrote:
 

The following changes since commit 38cc9b607f85017b095793cab6c129bc9844f441:

   issue snd_pcm_start() when capturing audio (2010-10-18 00:39:06 +0400)

are available in the git repository at:
   git://git.kernel.org/pub/scm/virt/kvm/qemu-kvm.git uq/master

Huang Ying (1):
   Add RAM ->   physical addr mapping in MCE simulation

Joerg Roedel (2):
   Set cpuid definition to 0 before initializing it
   Add svm cpuid features

Marcelo Tosatti (7):
   signalfd compatibility
   iothread: use signalfd
   kvm: x86: add mce support
   Export qemu_ram_addr_from_host
   MCE: Relay UCR MCE to guest
   Add savevm/loadvm support for MCE
   Fix memory leak in register save load due to xsave support
   

Does this fix the second build issue too is this is just with v2 of
hte Relay UCR MCE to guest?
 

Yes, second and third...
   


That wasn't enough either.  The types used in this code aren't correct.

I've fixed up the build and pushed http://repo.or.cz/w/qemu/aliguori.git 
qemu-kvm-20101020


Let me test a little bit and look a bit more closely at the code and 
then I'll push to the main tree.


Regards,

Anthony Liguori

[Qemu-devel] Re: [Tracing][v4 PATCH 2/2] Add documentation for QMP interfaces

[Luiz Capitulino]

On Tue, 19 Oct 2010 11:57:50 +0530
Prerna Saxena  wrote:

> [PATCH 2/2] Add documentation for QMP commands:
>  - query-trace
>  - query-trace-events
>  - query-trace-file.

Please, split this. Each command should be in a separate patch.

> 
> 
> Signed-off-by: Prerna Saxena 
> ---
>  qmp-commands.hx |   94 
> +++
>  1 files changed, 94 insertions(+), 0 deletions(-)
> 
> diff --git a/qmp-commands.hx b/qmp-commands.hx
> index 793cf1c..bc79b55 100644
> --- a/qmp-commands.hx
> +++ b/qmp-commands.hx
> @@ -1539,3 +1539,97 @@ Example:
>  
>  EQMP
>  
> +SQMP
> +query-trace
> +-

It's recommended to first send documentation patches when adding new QMP
commands, it can be catastrophic to do both at the same time.

So, I'll ignore the code for now and discuss the interface only.

My main question is: What are the expected use cases for this interface in
the perspective of a QMP client?

I can think of two:

 1. Enabling/Disabling trace points (eg. from a GUI)
 2. Get trace data to generate trace output or do some kind of analysis

If we're only interested in 1, then we don't need query-trace and if we
do need query-trace then we'll have to rethink some things as it can be
automatically flushed.

> +
> +Show contents of trace buffer.
> +
> +Returns a set of json-objects containing the following data:

Looks like you return a json-array of json-objects, is that correct?

> +
> +- "event": Event ID for the trace-event(json-int)

Maybe this should be called event_id or just id.

> +- "timestamp": trace timestamp (json-int)

Unit?

> +- "arg1 .. arg6": Arguments logged by the trace-event (json-int)

Are they positional or named arguments?

If they are positional, you should use a json-array, if we have the
argument name, then we could be nicer and have a json-object of arguments.

> +
> +Example:
> +
> +-> { "execute": "query-trace" }
> +<- {
> +  "return":{
> + "event": 22,
> + "timestamp": 129456235912365,
> + "arg1": 886
> + "arg2": 80,
> + "arg3": 0,
> + "arg4": 0,
> + "arg5": 0,
> + "arg6": 0,
> +   },
> +   {
> + "event": 22,
> + "timestamp": 129456235973407,
> + "arg1": 886,
> + "arg2": 80,
> + "arg3": 0,
> + "arg4": 0,
> + "arg5": 0,
> + "arg6": 0
> +   },
> +   ...
> +   }

The example above is invalid json.

> +
> +EQMP
> +
> +SQMP
> +query-trace-events
> +--
> +
> +Show all available trace-events & their state.
> +
> +Returns a set of json-objects containing the following data:

Again, I believe you want to return a json-array of json-objects.

> +
> +- "name": Name of Trace-event (json-string)
> +- "event-id": Event ID of Trace-event (json-int)

query-trace's key is called event, we should use either event_id or just id
(I think I prefer the former).

> +- "state": State of trace-event [ '0': inactive; '1':active  ] (json-int)

This should be a json-bool.

> +
> +Example:
> +
> +-> { "execute": "query-trace-events" }
> +<- {
> +  "return":{
> + "name": "qemu_malloc",
> + "event-id": 0
> + "state": 0,
> +  },
> +  {
> + "name": "qemu_realloc",
> + "event-id": 1,
> + "state": 0
> +  },
> +  ...
> +   }

This also invalid json.

> +
> +EQMP
> +
> +SQMP
> +query-trace-file
> +
> +
> +Display currently set trace file name and its status.
> +
> +Returns a set of json-objects containing the following data:

This is actually just one json-object.

> +
> +- "trace-file": Name of Trace-file (json-string)

Name or path?

> +- "status": State of trace-event [ '0': disabled; '1':enabled  ] (json-int)

This should be a json bool called 'enabled' or 'disabled', but what happens
when a file is not defined?

> +
> +Example:
> +
> +-> { "execute": "query-trace-file" }
> +<- {
> +  "return":{
> + "trace-file": "trace-26609",
> + "status": 1
> +  }
> +   }
> +
> +EQMP

[Qemu-devel] Re: [Tracing][RFC] QMP interface to toggle state of a trace-event

[Luiz Capitulino]

On Wed, 20 Oct 2010 15:28:49 +0530
Prerna Saxena  wrote:

> QMP command trace-event to toggle state of a trace-event.
>  Illustration :
>  -> { "execute": "trace-event", "arguments": { "name": "qemu_malloc", 
> "option": true} }
>  <- { "return": {} }
> 
> Posting this as an RFC for now. I'll post the final version as a part of
>  the cumulative QMP patchset for tracing ( including patches for query-* 
> commands posted earlier : 
> http://lists.gnu.org/archive/html/qemu-devel/2010-10/msg01232.html )
> 
> Signed-off-by: Prerna Saxena 
> ---
>  hmp-commands.hx |2 +-
>  monitor.c   |   43 +--
>  qmp-commands.hx |   32 
>  3 files changed, 70 insertions(+), 7 deletions(-)
> 
> diff --git a/hmp-commands.hx b/hmp-commands.hx
> index 81999aa..76ec2fe 100644
> --- a/hmp-commands.hx
> +++ b/hmp-commands.hx
> @@ -149,7 +149,7 @@ ETEXI
>  .args_type  = "name:s,option:b",
>  .params = "name on|off",
>  .help   = "changes status of a specific trace event",
> -.mhandler.cmd = do_change_trace_event_state,
> +.mhandler.cmd = do_change_trace_event_state_hmp,
>  },
>  
>  STEXI
> diff --git a/monitor.c b/monitor.c
> index c7e1f53..0766ed3 100644
> --- a/monitor.c
> +++ b/monitor.c
> @@ -545,17 +545,43 @@ static void do_help_cmd(Monitor *mon, const QDict 
> *qdict)
>  }
>  
>  #ifdef CONFIG_SIMPLE_TRACE
> -static void do_change_trace_event_state(Monitor *mon, const QDict *qdict)
> +
> +/**
> + * HMP handler to change trace event state.
> + *
> + */
> +void do_change_trace_event_state_hmp(Monitor *mon, const QDict *qdict)
>  {
> -const char *tp_name = qdict_get_str(qdict, "name");
> -bool new_state = qdict_get_bool(qdict, "option");
> -int ret = st_change_trace_event_state(tp_name, new_state);
> +if (!do_change_trace_event_state_generic(qdict)) {
> +monitor_printf(mon, "unknown event name \"%s\"\n",
> +  qdict_get_str(qdict, "name"));
> +}
> +}
>  
> -if (!ret) {
> -monitor_printf(mon, "unknown event name \"%s\"\n", tp_name);
> +/**
> + * QMP handler to change trace event state.
> + *
> + */
> +static int do_change_trace_event_state_qmp(Monitor *mon, const QDict *qdict,
> +   QObject **ret_data)
> +{
> +if (!do_change_trace_event_state_generic(qdict)) {
> +qerror_report(QERR_INVALID_PARAMETER, qdict_get_str(qdict, "name"));
> +return -1;
>  }
> +return 0;
>  }
>  
> +/**
> + * Generic handler to change trace event state.
> + *
> + */
> +static int do_change_trace_event_state_generic(const QDict *qdict)
> +{
> +const char *tp_name = qdict_get_str(qdict, "name");
> +bool new_state = qdict_get_bool(qdict, "option");
> +return st_change_trace_event_state(tp_name, new_state);
> +}
>  static void do_trace_file(Monitor *mon, const QDict *qdict)
>  {
>  const char *op = qdict_get_try_str(qdict, "op");
> @@ -583,6 +609,11 @@ static void do_info_trace_file_to_qmp(Monitor *mon, 
> QObject **ret_data)
>  {
>  *ret_data = st_print_file_to_qobject();
>  }
> +
> +#else
> +static int do_change_trace_event_state_qmp(Monitor *mon, const QDict *qdict,
> +QObject **ret_data) {}
> +
>  #endif
>  
>  static void user_monitor_complete(void *opaque, QObject *ret_data)
> diff --git a/qmp-commands.hx b/qmp-commands.hx
> index bc79b55..7613d73 100644
> --- a/qmp-commands.hx
> +++ b/qmp-commands.hx
> @@ -761,6 +761,38 @@ Example:
>  
>  Note: This command must be issued before issuing any other command.
>  
> +EQMP
> +
> +{
> +.name   = "trace-event",
> +.args_type  = "name:s,option:b",
> +.params = "name on|off",
> +.help   = "changes state of a specific trace event",
> +.user_print = monitor_user_noop,
> +.mhandler.cmd_new = do_change_trace_event_state_qmp,
> +},
> +
> +SQMP
> +trace-event
> +---
> +
> +Change state of a trace-event.
> +
> +Arguments:
> +
> +- "name": name of trace-event (json-string)
> +- "option": new state for the trace-event (json-bool)

This should be called 'enabled'.

I think you should submit a new series containing only the proposed
interfaces documentation (one patch per interface) and the intro email
should describe the use cases the proposed interfaces are supposed to
address.

> +
> +Example:
> +
> +-> { "execute": "trace-event", "arguments": { "name": "ABC", "option":false 
> } }
> +<- { "return": {} }
> +
> +Notes:
> +
> +(1) The 'query-trace-events' command should be used to check the new state 
> +of the trace-event.
> +
>  3. Query Commands
>  =
>  

[Qemu-devel] Re: [PATCH 08/10] MCE: Relay UCR MCE to guest

[Anthony Liguori]

On 10/20/2010 12:43 PM, Marcelo Tosatti wrote:

Port qemu-kvm's

commit 4b62fff1101a7ad77553147717a8bd3bf79df7ef
Author: Huang Ying
Date:   Mon Sep 21 10:43:25 2009 +0800

 MCE: Relay UCR MCE to guest

 UCR (uncorrected recovery) MCE is supported in recent Intel CPUs,
 where some hardware error such as some memory error can be reported
 without PCC (processor context corrupted). To recover from such MCE,
 the corresponding memory will be unmapped, and all processes accessing
 the memory will be killed via SIGBUS.

 For KVM, if QEMU/KVM is killed, all guest processes will be killed
 too. So we relay SIGBUS from host OS to guest system via a UCR MCE
 injection. Then guest OS can isolate corresponding memory and kill
 necessary guest processes only. SIGBUS sent to main thread (not VCPU
 threads) will be broadcast to all VCPU threads as UCR MCE.

Signed-off-by: Marcelo Tosatti
Signed-off-by: Avi Kivity
---
  cpus.c|   82 --
  kvm-stub.c|5 ++
  kvm.h |3 +
  target-i386/cpu.h |   20 +-
  target-i386/helper.c  |2 +-
  target-i386/kvm.c |  178 -
  target-i386/kvm_x86.h |3 +-
  7 files changed, 279 insertions(+), 14 deletions(-)

diff --git a/cpus.c b/cpus.c
index 3875657..ad58c55 100644
--- a/cpus.c
+++ b/cpus.c
@@ -34,6 +34,10 @@

  #include "cpus.h"
  #include "compatfd.h"
+#ifdef CONFIG_LINUX
+#include
+#include
+#endif
   


signalfd() was introduced in 2.6.22 but this is unconditionally 
included.  This is going to break the build on any old Linux systems.



  #ifdef SIGRTMIN
  #define SIG_IPI (SIGRTMIN+4)
@@ -41,6 +45,10 @@
  #define SIG_IPI SIGUSR1
  #endif

+#ifndef PR_MCE_KILL
+#define PR_MCE_KILL 33
+#endif
+
  static CPUState *next_cpu;

  /***/
@@ -498,28 +506,77 @@ static void qemu_tcg_wait_io_event(void)
  }
  }

+static void sigbus_reraise(void)
+{
+sigset_t set;
+struct sigaction action;
+
+memset(&action, 0, sizeof(action));
+action.sa_handler = SIG_DFL;
+if (!sigaction(SIGBUS,&action, NULL)) {
+raise(SIGBUS);
+sigemptyset(&set);
+sigaddset(&set, SIGBUS);
+sigprocmask(SIG_UNBLOCK,&set, NULL);
+}
+perror("Failed to re-raise SIGBUS!\n");
+abort();
+}
+
+static void sigbus_handler(int n, struct qemu_signalfd_siginfo *siginfo,
+   void *ctx)
+{
+#if defined(TARGET_I386)
+if (kvm_on_sigbus(siginfo->ssi_code, (void *)(intptr_t)siginfo->ssi_addr))
+#endif
+sigbus_reraise();
   


This violates CODING style.  Why not just get rid of the sigbus handler 
when not on TARGET_I386?



+}
+
  static void qemu_kvm_eat_signal(CPUState *env, int timeout)
  {
  struct timespec ts;
  int r, e;
  siginfo_t siginfo;
  sigset_t waitset;
+sigset_t chkset;

  ts.tv_sec = timeout / 1000;
  ts.tv_nsec = (timeout % 1000) * 100;

  sigemptyset(&waitset);
  sigaddset(&waitset, SIG_IPI);
+sigaddset(&waitset, SIGBUS);

-qemu_mutex_unlock(&qemu_global_mutex);
-r = sigtimedwait(&waitset,&siginfo,&ts);
-e = errno;
-qemu_mutex_lock(&qemu_global_mutex);
+do {
+qemu_mutex_unlock(&qemu_global_mutex);

-if (r == -1&&  !(e == EAGAIN || e == EINTR)) {
-fprintf(stderr, "sigtimedwait: %s\n", strerror(e));
-exit(1);
-}
+r = sigtimedwait(&waitset,&siginfo,&ts);
+e = errno;
+
+qemu_mutex_lock(&qemu_global_mutex);
+
+if (r == -1&&  !(e == EAGAIN || e == EINTR)) {
+fprintf(stderr, "sigtimedwait: %s\n", strerror(e));
+exit(1);
+}
+
+switch (r) {
+case SIGBUS:
+#ifdef TARGET_I386
+if (kvm_on_sigbus_vcpu(env, siginfo.si_code, siginfo.si_addr))
+#endif
+sigbus_reraise();
+break;
+default:
+break;
+}
+
+r = sigpending(&chkset);
+if (r == -1) {
+fprintf(stderr, "sigpending: %s\n", strerror(e));
+exit(1);
+}
+} while (sigismember(&chkset, SIG_IPI) || sigismember(&chkset, SIGBUS));
  }
   


I don't understand why this loop is needed but we specifically wait for 
a signal to get delivered that's either SIG_IPI or SIGBUS.  We then 
check whether a SIG_IPI or SIGBUS is pending and loop waiting for 
signals again.


Shouldn't we be looping on just sigismember(SIGBUS)?

BTW, we're no longer respecting timeout because we're not adjusting ts 
after each iteration.



  static void qemu_kvm_wait_io_event(CPUState *env)
@@ -640,6 +697,7 @@ static void kvm_init_ipi(CPUState *env)

  pthread_sigmask(SIG_BLOCK, NULL,&set);
  sigdelset(&set, SIG_IPI);
+sigdelset(&set, SIGBUS);
  r = kvm_set_signal_mask(env,&set);
  if (r) {
  fprintf(stderr, "kvm_set_signal_mask: %s\n", strerror(r));
@@ -650,6 +708,7 @@ sta

[Qemu-devel] Re: [PATCH 00/10] [PULL] qemu-kvm.git uq/master queue

[Anthony Liguori]

On 10/20/2010 12:43 PM, Marcelo Tosatti wrote:

The following changes since commit 38cc9b607f85017b095793cab6c129bc9844f441:

   issue snd_pcm_start() when capturing audio (2010-10-18 00:39:06 +0400)

are available in the git repository at:
   git://git.kernel.org/pub/scm/virt/kvm/qemu-kvm.git uq/master

Huang Ying (1):
   Add RAM ->  physical addr mapping in MCE simulation

Joerg Roedel (2):
   Set cpuid definition to 0 before initializing it
   Add svm cpuid features

Marcelo Tosatti (7):
   signalfd compatibility
   iothread: use signalfd
   kvm: x86: add mce support
   Export qemu_ram_addr_from_host
   MCE: Relay UCR MCE to guest
   Add savevm/loadvm support for MCE
   Fix memory leak in register save load due to xsave support
   


The MCE doesn't look to be ready for prime time yet.

Regards,

Anthony Liguori


  Makefile.objs |1 +
  compatfd.c|  117 ++
  compatfd.h|   43 +++
  configure |   18 +++
  cpu-common.h  |3 +-
  cpus.c|  156 ++--
  exec-all.h|2 +-
  exec.c|   26 +++--
  kvm-all.c |   18 +++
  kvm-stub.c|5 +
  kvm.h |9 ++
  target-i386/cpu.h |   32 +-
  target-i386/cpuid.c   |   79 ++---
  target-i386/helper.c  |6 +
  target-i386/kvm.c |  311 -
  target-i386/kvm_x86.h |   22 
  16 files changed, 801 insertions(+), 47 deletions(-)
  create mode 100644 compatfd.c
  create mode 100644 compatfd.h
  create mode 100644 target-i386/kvm_x86.h
   

[Qemu-devel] Re: [PATCH 09/10] Add savevm/loadvm support for MCE

[Anthony Liguori]

On 10/20/2010 12:43 PM, Marcelo Tosatti wrote:

Port qemu-kvm's

commit 1bab5d11545d8de5facf46c28630085a2f9651ae
Author: Huang Ying
Date:   Wed Mar 3 16:52:46 2010 +0800

 Add savevm/loadvm support for MCE

 MCE registers are saved/load into/from CPUState in
 kvm_arch_save/load_regs. To simulate the MCG_STATUS clearing upon
 reset, MSR_MCG_STATUS is set to 0 for KVM_PUT_RESET_STATE.

Signed-off-by: Marcelo Tosatti
Signed-off-by: Avi Kivity
---
  target-i386/kvm.c |   39 ++-
  1 files changed, 38 insertions(+), 1 deletions(-)

diff --git a/target-i386/kvm.c b/target-i386/kvm.c
index 8e26bc4..1701cb9 100644
--- a/target-i386/kvm.c
+++ b/target-i386/kvm.c
@@ -777,7 +777,7 @@ static int kvm_put_msrs(CPUState *env, int level)
  struct kvm_msr_entry entries[100];
  } msr_data;
  struct kvm_msr_entry *msrs = msr_data.entries;
-int n = 0;
+int i, n = 0;

  kvm_msr_entry_set(&msrs[n++], MSR_IA32_SYSENTER_CS, env->sysenter_cs);
  kvm_msr_entry_set(&msrs[n++], MSR_IA32_SYSENTER_ESP, env->sysenter_esp);
@@ -797,6 +797,18 @@ static int kvm_put_msrs(CPUState *env, int level)
env->system_time_msr);
  kvm_msr_entry_set(&msrs[n++], MSR_KVM_WALL_CLOCK, 
env->wall_clock_msr);
  }
+#ifdef KVM_CAP_MCE
+if (env->mcg_cap) {
+if (level == KVM_PUT_RESET_STATE)
+kvm_msr_entry_set(&msrs[n++], MSR_MCG_STATUS, env->mcg_status);
+else if (level == KVM_PUT_FULL_STATE) {
+kvm_msr_entry_set(&msrs[n++], MSR_MCG_STATUS, env->mcg_status);
+kvm_msr_entry_set(&msrs[n++], MSR_MCG_CTL, env->mcg_ctl);
+for (i = 0; i<  (env->mcg_cap&  0xff) * 4; i++)
+kvm_msr_entry_set(&msrs[n++], MSR_MC0_CTL + i, 
env->mce_banks[i]);
+}
+}
+#endif
   


What happens if we live migration from a kernel with KVM_CAP_MCE to a 
kernel without KVM_CAP_MCE.  Don't we need to bump a version somewhere?



  msr_data.info.nmsrs = n;

@@ -1004,6 +1016,15 @@ static int kvm_get_msrs(CPUState *env)
  msrs[n++].index = MSR_KVM_SYSTEM_TIME;
  msrs[n++].index = MSR_KVM_WALL_CLOCK;

+#ifdef KVM_CAP_MCE
+if (env->mcg_cap) {
+msrs[n++].index = MSR_MCG_STATUS;
+msrs[n++].index = MSR_MCG_CTL;
+for (i = 0; i<  (env->mcg_cap&  0xff) * 4; i++)
+msrs[n++].index = MSR_MC0_CTL + i;
+}
+#endif
+
   


This patch does not respect CODING_STYLE with respect to single line ifs 
at all.


Regards,

Anthony Liguori


  msr_data.info.nmsrs = n;
  ret = kvm_vcpu_ioctl(env, KVM_GET_MSRS,&msr_data);
  if (ret<  0)
@@ -1046,6 +1067,22 @@ static int kvm_get_msrs(CPUState *env)
  case MSR_KVM_WALL_CLOCK:
  env->wall_clock_msr = msrs[i].data;
  break;
+#ifdef KVM_CAP_MCE
+case MSR_MCG_STATUS:
+env->mcg_status = msrs[i].data;
+break;
+case MSR_MCG_CTL:
+env->mcg_ctl = msrs[i].data;
+break;
+#endif
+default:
+#ifdef KVM_CAP_MCE
+if (msrs[i].index>= MSR_MC0_CTL&&
+msrs[i].index<  MSR_MC0_CTL + (env->mcg_cap&  0xff) * 4) {
+env->mce_banks[msrs[i].index - MSR_MC0_CTL] = msrs[i].data;
+break;
+}
+#endif
  }
  }

   

[Qemu-devel] Re: [PATCH 07/10] Add RAM -> physical addr mapping in MCE simulation

[Anthony Liguori]

On 10/20/2010 12:43 PM, Marcelo Tosatti wrote:

From: Huang Ying

In QEMU-KVM, physical address != RAM address. While MCE simulation
needs physical address instead of RAM address. So
kvm_physical_memory_addr_from_ram() is implemented to do the
conversion, and it is invoked before being filled in the IA32_MCi_ADDR
MSR.

Reported-by: Dean Nelson
Signed-off-by: Huang Ying
Signed-off-by: Marcelo Tosatti
Signed-off-by: Avi Kivity
---
  kvm-all.c |   18 ++
  kvm.h |6 ++
  2 files changed, 24 insertions(+), 0 deletions(-)

diff --git a/kvm-all.c b/kvm-all.c
index 1cc696f..37b99c7 100644
--- a/kvm-all.c
+++ b/kvm-all.c
@@ -137,6 +137,24 @@ static KVMSlot *kvm_lookup_overlapping_slot(KVMState *s,
  return found;
  }

+int kvm_physical_memory_addr_from_ram(KVMState *s, ram_addr_t ram_addr,
+  target_phys_addr_t *phys_addr)
+{
+int i;
+
+for (i = 0; i<  ARRAY_SIZE(s->slots); i++) {
+KVMSlot *mem =&s->slots[i];
+
+if (ram_addr>= mem->phys_offset&&
+ram_addr<  mem->phys_offset + mem->memory_size) {
+*phys_addr = mem->start_addr + (ram_addr - mem->phys_offset);
+return 1;
+}
+}
   


This is bogus.

There isn't one mapping from ram_addr_t to target_phys_addr_t.  There 
may be many because or RAM aliasing.


Using KVMSlot is also wrong.  This is a function that belongs in exec.c.

Regards,

Anthony Liguori


+return 0;
+}
+
  static int kvm_set_user_memory_region(KVMState *s, KVMSlot *slot)
  {
  struct kvm_userspace_memory_region mem;
diff --git a/kvm.h b/kvm.h
index 50b6c01..b2fb3af 100644
--- a/kvm.h
+++ b/kvm.h
@@ -174,6 +174,12 @@ static inline void cpu_synchronize_post_init(CPUState *env)
  }
  }

+
+#if !defined(CONFIG_USER_ONLY)
+int kvm_physical_memory_addr_from_ram(KVMState *s, ram_addr_t ram_addr,
+  target_phys_addr_t *phys_addr);
+#endif
+
  #endif
  int kvm_set_ioeventfd_mmio_long(int fd, uint32_t adr, uint32_t val, bool 
assign);

   

[Qemu-devel] Re: [PATCH 05/10] kvm: x86: add mce support

[Anthony Liguori]

On 10/20/2010 12:43 PM, Marcelo Tosatti wrote:

Port qemu-kvm's MCE support

commit c68b2374c9048812f488e00ffb95db66c0bc07a7
Author: Huang Ying
Date:   Mon Jul 20 10:00:53 2009 +0800

 Add MCE simulation support to qemu/kvm

 KVM ioctls are used to initialize MCE simulation and inject MCE. The
 real MCE simulation is implemented in Linux kernel. The Kernel part
 has been merged.

Signed-off-by: Marcelo Tosatti
Signed-off-by: Avi Kivity
---
  target-i386/helper.c  |6 +++
  target-i386/kvm.c |   84 +
  target-i386/kvm_x86.h |   21 
  3 files changed, 111 insertions(+), 0 deletions(-)
  create mode 100644 target-i386/kvm_x86.h

diff --git a/target-i386/helper.c b/target-i386/helper.c
index e134340..4b430dd 100644
--- a/target-i386/helper.c
+++ b/target-i386/helper.c
@@ -27,6 +27,7 @@
  #include "exec-all.h"
  #include "qemu-common.h"
  #include "kvm.h"
+#include "kvm_x86.h"

  //#define DEBUG_MMU

@@ -1030,6 +1031,11 @@ void cpu_inject_x86_mce(CPUState *cenv, int bank, 
uint64_t status,
  if (bank>= bank_num || !(status&  MCI_STATUS_VAL))
  return;

+if (kvm_enabled()) {
+kvm_inject_x86_mce(cenv, bank, status, mcg_status, addr, misc);
+return;
+}
+
  /*
   * if MSR_MCG_CTL is not all 1s, the uncorrected error
   * reporting is disabled
diff --git a/target-i386/kvm.c b/target-i386/kvm.c
index 74e7b4f..343fb02 100644
--- a/target-i386/kvm.c
+++ b/target-i386/kvm.c
@@ -27,6 +27,7 @@
  #include "hw/pc.h"
  #include "hw/apic.h"
  #include "ioport.h"
+#include "kvm_x86.h"

  #ifdef CONFIG_KVM_PARA
  #include
@@ -167,6 +168,67 @@ static int get_para_features(CPUState *env)
  }
  #endif

+#ifdef KVM_CAP_MCE
+static int kvm_get_mce_cap_supported(KVMState *s, uint64_t *mce_cap,
+ int *max_banks)
+{
+int r;
+
+r = kvm_ioctl(s, KVM_CHECK_EXTENSION, KVM_CAP_MCE);
+if (r>  0) {
+*max_banks = r;
+return kvm_ioctl(s, KVM_X86_GET_MCE_CAP_SUPPORTED, mce_cap);
+}
+return -ENOSYS;
+}
+
+static int kvm_setup_mce(CPUState *env, uint64_t *mcg_cap)
+{
+return kvm_vcpu_ioctl(env, KVM_X86_SETUP_MCE, mcg_cap);
+}
+
+static int kvm_set_mce(CPUState *env, struct kvm_x86_mce *m)
+{
+return kvm_vcpu_ioctl(env, KVM_X86_SET_MCE, m);
+}
+
+struct kvm_x86_mce_data
+{
+CPUState *env;
+struct kvm_x86_mce *mce;
+};
   


CODING_STYLE.


+static void kvm_do_inject_x86_mce(void *_data)
+{
+struct kvm_x86_mce_data *data = _data;
+int r;
+
+r = kvm_set_mce(data->env, data->mce);
+if (r<  0)
+perror("kvm_set_mce FAILED");
   


CODING_STYLE.


+}
+#endif
+
+void kvm_inject_x86_mce(CPUState *cenv, int bank, uint64_t status,
+uint64_t mcg_status, uint64_t addr, uint64_t misc)
+{
+#ifdef KVM_CAP_MCE
+struct kvm_x86_mce mce = {
+.bank = bank,
+.status = status,
+.mcg_status = mcg_status,
+.addr = addr,
+.misc = misc,
+};
+struct kvm_x86_mce_data data = {
+.env = cenv,
+.mce =&mce,
+};
+
+run_on_cpu(cenv, kvm_do_inject_x86_mce,&data);
+#endif
+}
+
  int kvm_arch_init_vcpu(CPUState *env)
  {
  struct {
@@ -277,6 +339,28 @@ int kvm_arch_init_vcpu(CPUState *env)

  cpuid_data.cpuid.nent = cpuid_i;

+#ifdef KVM_CAP_MCE
+if (((env->cpuid_version>>  8)&0xF)>= 6
+&&  (env->cpuid_features&(CPUID_MCE|CPUID_MCA)) == (CPUID_MCE|CPUID_MCA)
+&&  kvm_check_extension(env->kvm_state, KVM_CAP_MCE)>  0) {
+uint64_t mcg_cap;
+int banks;
+
+if (kvm_get_mce_cap_supported(env->kvm_state,&mcg_cap,&banks))
+perror("kvm_get_mce_cap_supported FAILED");
+else {
+if (banks>  MCE_BANKS_DEF)
+banks = MCE_BANKS_DEF;
+mcg_cap&= MCE_CAP_DEF;
+mcg_cap |= banks;
+if (kvm_setup_mce(env,&mcg_cap))
+perror("kvm_setup_mce FAILED");
+else
+env->mcg_cap = mcg_cap;
   


CODING_STYLE.


+}
+}
+#endif
+
  return kvm_vcpu_ioctl(env, KVM_SET_CPUID2,&cpuid_data);
  }

diff --git a/target-i386/kvm_x86.h b/target-i386/kvm_x86.h
new file mode 100644
index 000..c1ebd24
--- /dev/null
+++ b/target-i386/kvm_x86.h
@@ -0,0 +1,21 @@
+/*
+ * QEMU KVM support
+ *
+ * Copyright (C) 2009 Red Hat Inc.
+ * Copyright IBM, Corp. 2008
+ *
+ * Authors:
+ *  Anthony Liguori
+ *
+ * This work is licensed under the terms of the GNU GPL, version 2 or later.
+ * See the COPYING file in the top-level directory.
+ *
+ */
+
+#ifndef __KVM_X86_H__
+#define __KVM_X86_H__
+
+void kvm_inject_x86_mce(CPUState *cenv, int bank, uint64_t status,
+uint64_t mcg_status, uint64_t addr, uint64_t misc);
+
+#endif
   

[Qemu-devel] Re: [PATCH 1/2] pci: Automatically patch PCI vendor id and device id in PCI ROM

[Stefan Weil]

Am 20.10.2010 09:19, schrieb Gerd Hoffmann:

  Hi,


The i825xx ethernet controller family is a typical example
which is implemented in hw/eepro100.c. It uses at least
3 different device ids, so normally 3 boot roms would be needed.


Does this actually work now with the etherboot roms?

cheers,
  Gerd



Yes. I tested these two cases:

qemu -L pc-bios -boot n -netdev user,id=internet \
-device i82801,netdev=internet,romfile=gpxe-eepro100-80861209.rom

=> no bootable device

qemu -L pc-bios -boot n -netdev user,id=internet \
-device i82801,netdev=internet

=> device gets ip address via dhcp

The same works with i82559c or other eepro100 variants, too.

Cheers,
Stefan

[Qemu-devel] [Bug 654913] Re: Windows XP uses 200% CPU when given 2 VCPUs

[Michael Tokarev]

What I mean is that ACPI is required nowadays for any sane SMP.  Yes,
enabling ACPI.

Speaking of 200% CPU for "MPS" being faster than ACPI version - maybe
it's your cpufreq code, and switching from 'ondemand' to 'performance'
governer will make ACPI version faster?

I see no difference in speed between ACPI and non-ACPI version of a
_single_-CPU winXP, and my winXP does not boot at all (BSOD) with -smp 2
and -no-acpi.  I never tried to find out why, because felt it's not the
right way anyway (and it shows similar BSOD when wrongly switching
between ACPI and non-ACPI in winXP on many older (PIII etc) - again,
non-smp - boxes).

/mjt

-- 
Windows XP uses 200% CPU when given 2 VCPUs
https://bugs.launchpad.net/bugs/654913
You received this bug notification because you are a member of qemu-
devel-ml, which is subscribed to QEMU.

Status in QEMU: New

Bug description:
When using libvirt to give a domain 2 CPUs (2), the Windows XP kvm process will use 200% 
CPU when Windows is idle. Switching the number of CPUs back to 1, the kvm 
process gives normal idle percentages.

Using libvirt 0.8.3-1ubuntu9, tried with the following qemu-kvm packages:

qemu-kvm_0.12.4+noroms-0ubuntu7_amd64.deb
qemu-kvm_0.12.5+noroms-0ubuntu4_amd64.deb

The smp flag being set by libvirt is:

-smp 2,sockets=2,cores=1,threads=1

[Qemu-devel] Re: [PATCH] configure: Support disabling warnings in $gcc_flags

[Blue Swirl]

Thanks, applied.

On Thu, Oct 14, 2010 at 9:19 AM, Markus Armbruster  wrote:
> -Wall enables a bunch of warnings at once.  configure puts it after
> $gcc_flags.  This makes it impossible to disable warnings enabled by
> -Wall there.  Fix by putting configured flags last.
>
> Signed-off-by: Markus Armbruster 
> ---
>  configure |    5 +++--
>  1 files changed, 3 insertions(+), 2 deletions(-)
>
> diff --git a/configure b/configure
> index d303061..3a12f92 100755
> --- a/configure
> +++ b/configure
> @@ -154,7 +155,7 @@ int main(void) { return 0; }
>  EOF
>  for flag in $gcc_flags; do
>     if compile_prog "-Werror $QEMU_CFLAGS" "-Werror $flag" ; then
> -       QEMU_CFLAGS="$flag $QEMU_CFLAGS"
> +       QEMU_CFLAGS="$QEMU_CFLAGS $flag"
>     fi
>  done
>
> --
> 1.7.2.3
>

[Qemu-devel] Re: [PATCH] tcg: Fix compiler error (comparison of unsigned expression)

[Blue Swirl]

Thanks, applied.

On Fri, Oct 8, 2010 at 8:32 AM, Stefan Weil  wrote:
> When qemu is configured with --enable-debug-tcg,
> gcc throws this warning (or error with -Werror):
>
> tcg/tcg.c:1030: error: comparison of unsigned expression >= 0 is always true
>
> Fix it by removing the >= 0 part.
> The type cast to 'unsigned' catches negative values of op
> (which should never happen).
>
> This is a modification of Hollis Blanchard's patch.
>
> Cc: Hollis Blanchard 
> Cc: Blue Swirl 
> Signed-off-by: Stefan Weil 
> ---
>  tcg/tcg.c |    2 +-
>  1 files changed, 1 insertions(+), 1 deletions(-)
>
> diff --git a/tcg/tcg.c b/tcg/tcg.c
> index e0a9030..0cdef0d 100644
> --- a/tcg/tcg.c
> +++ b/tcg/tcg.c
> @@ -1027,7 +1027,7 @@ void tcg_add_target_add_op_defs(const TCGTargetOpDef 
> *tdefs)
>         if (tdefs->op == (TCGOpcode)-1)
>             break;
>         op = tdefs->op;
> -        assert(op >= 0 && op < NB_OPS);
> +        assert((unsigned)op < NB_OPS);
>         def = &tcg_op_defs[op];
>  #if defined(CONFIG_DEBUG_TCG)
>         /* Duplicate entry in op definitions? */
> --
> 1.7.1
>
>

[Qemu-devel] Re: [PATCH 08/10] MCE: Relay UCR MCE to guest

[Anthony Liguori]

On 10/20/2010 02:51 PM, Anthony Liguori wrote:



+}
+
  static void qemu_kvm_eat_signal(CPUState *env, int timeout)
  {
  struct timespec ts;
  int r, e;
  siginfo_t siginfo;
  sigset_t waitset;
+sigset_t chkset;

  ts.tv_sec = timeout / 1000;
  ts.tv_nsec = (timeout % 1000) * 100;

  sigemptyset(&waitset);
  sigaddset(&waitset, SIG_IPI);
+sigaddset(&waitset, SIGBUS);

-qemu_mutex_unlock(&qemu_global_mutex);
-r = sigtimedwait(&waitset,&siginfo,&ts);
-e = errno;
-qemu_mutex_lock(&qemu_global_mutex);
+do {
+qemu_mutex_unlock(&qemu_global_mutex);

-if (r == -1&&  !(e == EAGAIN || e == EINTR)) {
-fprintf(stderr, "sigtimedwait: %s\n", strerror(e));
-exit(1);
-}
+r = sigtimedwait(&waitset,&siginfo,&ts);
+e = errno;
+
+qemu_mutex_lock(&qemu_global_mutex);
+
+if (r == -1&&  !(e == EAGAIN || e == EINTR)) {
+fprintf(stderr, "sigtimedwait: %s\n", strerror(e));
+exit(1);
+}
+
+switch (r) {
+case SIGBUS:
+#ifdef TARGET_I386
+if (kvm_on_sigbus_vcpu(env, siginfo.si_code, 
siginfo.si_addr))

+#endif
+sigbus_reraise();
+break;
+default:
+break;
+}
+
+r = sigpending(&chkset);
+if (r == -1) {
+fprintf(stderr, "sigpending: %s\n", strerror(e));
+exit(1);
+}
+} while (sigismember(&chkset, SIG_IPI) || sigismember(&chkset, 
SIGBUS));

  }


I don't understand why this loop is needed but we specifically wait 
for a signal to get delivered that's either SIG_IPI or SIGBUS.  We 
then check whether a SIG_IPI or SIGBUS is pending and loop waiting for 
signals again.


Shouldn't we be looping on just sigismember(SIGBUS)?

BTW, we're no longer respecting timeout because we're not adjusting ts 
after each iteration.


I think this is important too.  The last time I went through the code 
and played around here, it wasn't possible to set timeout to a very, 
very large value because there are still things that we poll for (like 
whether shutdown has occurred).   If we loop indefinitely without 
reducing ts, we can potentially recreate an infinite timeout which means 
we won't catch any of the events we poll for.  This would be a very, 
very subtle bug to track down.


Regards,

Anthony Liguori

[Qemu-devel] [Bug 654913] Re: Windows XP uses 200% CPU when given 2 VCPUs

[Michael Tokarev]

WinXP chews 200% CPU when switched in device manager to "MPS computer"
from "ACPI computer" even if there's no -no-acpi on the kvm command line
(after some tries I was able to switch it from ACPI to MPS).  So it is
how windows works, not how kvm works.

** Changed in: qemu
   Status: New => Invalid

-- 
Windows XP uses 200% CPU when given 2 VCPUs
https://bugs.launchpad.net/bugs/654913
You received this bug notification because you are a member of qemu-
devel-ml, which is subscribed to QEMU.

Status in QEMU: Invalid

Bug description:
When using libvirt to give a domain 2 CPUs (2), the Windows XP kvm process will use 200% 
CPU when Windows is idle. Switching the number of CPUs back to 1, the kvm 
process gives normal idle percentages.

Using libvirt 0.8.3-1ubuntu9, tried with the following qemu-kvm packages:

qemu-kvm_0.12.4+noroms-0ubuntu7_amd64.deb
qemu-kvm_0.12.5+noroms-0ubuntu4_amd64.deb

The smp flag being set by libvirt is:

-smp 2,sockets=2,cores=1,threads=1

Re: [Qemu-devel] [PATCH] Add a DTrace tracing backend targetted for SystemTAP compatability (v3)

[Stefan Hajnoczi]

On Wed, Oct 20, 2010 at 6:31 PM, Daniel P. Berrange  wrote:
> This introduces a new tracing backend that targets the SystemTAP
> implementation of DTrace userspace tracing. The core functionality
> should be applicable and standard across any DTrace implementation
> on Solaris, OS-X, *BSD, but the Makefile rules will likely need
> some small additional changes to cope with OS specific build
> requirements.
>
> This backend builds a little differently from the other tracing
> backends. Specifically there is no 'trace.c' file, because the
> 'dtrace' command line tool generates a '.o' file directly from
> the dtrace probe definition file. The probe definition is usually
> named with a '.d' extension but QEMU uses '.d' files for its
> external makefile dependancy tracking, so this uses '.dtrace' as
> the extension for the probe definition file.
>
> The 'tracetool' program gains the ability to generate a trace.h
> file for DTrace, and also to generate the trace.d file containing
> the dtrace probe definition, and finally a qemu.stp file which is
> a wrapper around the probe definition providing more convenient
> access from SystemTAP scripts.
>
> eg, instead of
>
>  probe process("qemu").mark("qemu_malloc") {
>    printf("Malloc %d %p\n", $arg1, $arg2);
>  }
>
> The addition of qemu.stp to /usr/share/systemtap/tapset/
> lets users write
>
>  probe qemu.qemu_malloc {
>    printf("Malloc %d %p\n", size, ptr);
>  }
>
> In v2:
>
>  - Add check for 'dtrace' command in configure
>  - Comply with coding standards in generated code
>  - Misc fixes to tracetool
>  - Add more generated files to make clean target
>  - Mention 'dtrace' backend in configure help
>
> In v3:
>
>  - Make sure dtrace check in configure only runs
>    when dtrace backend is selected
>
> Still todo in v4:
>
>  - Change process("qemu") statement so that it applies
>    to all 'qemu-system-XXX' binaries not just 'qemu'
>
> * .gitignore: Ignore trace-dtrace.*
> * Makefile: Extra rules for generating DTrace files
> * Makefile.obj: Don't build trace.o for DTrace, use
>  trace-dtrace.o generated by 'dtrace' instead
> * tracetool: Support for generating DTrace/SystemTAP
>  data files
>
> Signed-off-by: Daniel P. Berrange 
> ---
>  .gitignore    |    3 +
>  Makefile      |   32 +++
>  Makefile.objs |    4 ++
>  configure     |   14 +-
>  tracetool     |  169 
> +
>  5 files changed, 211 insertions(+), 11 deletions(-)

Tested successfully both for launching QEMU and attaching to a running process.

This looks promising but it's too bad that utrace isn't upstream.  On
my Debian testing development machine I need to rebuild the kernel to
make use of userspace probes with SystemTap.

Acked-by: Stefan Hajnoczi 

Stefan